xref: /openbmc/qemu/block/linux-aio.c (revision bb6cf6f0168efadb95cf3e41963ec295ad28a941)
1 /*
2  * Linux native AIO support.
3  *
4  * Copyright (C) 2009 IBM, Corp.
5  * Copyright (C) 2009 Red Hat, Inc.
6  *
7  * This work is licensed under the terms of the GNU GPL, version 2 or later.
8  * See the COPYING file in the top-level directory.
9  */
10 #include "qemu/osdep.h"
11 #include "block/aio.h"
12 #include "qemu/queue.h"
13 #include "block/block.h"
14 #include "block/raw-aio.h"
15 #include "qemu/event_notifier.h"
16 #include "qemu/coroutine.h"
17 #include "qemu/defer-call.h"
18 #include "qapi/error.h"
19 #include "sysemu/block-backend.h"
20 
21 /* Only used for assertions.  */
22 #include "qemu/coroutine_int.h"
23 
24 #include <libaio.h>
25 
26 /*
27  * Queue size (per-device).
28  *
29  * XXX: eventually we need to communicate this to the guest and/or make it
30  *      tunable by the guest.  If we get more outstanding requests at a time
31  *      than this we will get EAGAIN from io_submit which is communicated to
32  *      the guest as an I/O error.
33  */
34 #define MAX_EVENTS 1024
35 
36 /* Maximum number of requests in a batch. (default value) */
37 #define DEFAULT_MAX_BATCH 32
38 
39 struct qemu_laiocb {
40     Coroutine *co;
41     LinuxAioState *ctx;
42     struct iocb iocb;
43     ssize_t ret;
44     size_t nbytes;
45     QEMUIOVector *qiov;
46     bool is_read;
47     QSIMPLEQ_ENTRY(qemu_laiocb) next;
48 };
49 
50 typedef struct {
51     unsigned int in_queue;
52     unsigned int in_flight;
53     bool blocked;
54     QSIMPLEQ_HEAD(, qemu_laiocb) pending;
55 } LaioQueue;
56 
57 struct LinuxAioState {
58     AioContext *aio_context;
59 
60     io_context_t ctx;
61     EventNotifier e;
62 
63     /* No locking required, only accessed from AioContext home thread */
64     LaioQueue io_q;
65     QEMUBH *completion_bh;
66     int event_idx;
67     int event_max;
68 };
69 
70 static void ioq_submit(LinuxAioState *s);
71 
72 static inline ssize_t io_event_ret(struct io_event *ev)
73 {
74     return (ssize_t)(((uint64_t)ev->res2 << 32) | ev->res);
75 }
76 
77 /*
78  * Completes an AIO request.
79  */
80 static void qemu_laio_process_completion(struct qemu_laiocb *laiocb)
81 {
82     int ret;
83 
84     ret = laiocb->ret;
85     if (ret != -ECANCELED) {
86         if (ret == laiocb->nbytes) {
87             ret = 0;
88         } else if (ret >= 0) {
89             /* Short reads mean EOF, pad with zeros. */
90             if (laiocb->is_read) {
91                 qemu_iovec_memset(laiocb->qiov, ret, 0,
92                     laiocb->qiov->size - ret);
93             } else {
94                 ret = -ENOSPC;
95             }
96         }
97     }
98 
99     laiocb->ret = ret;
100 
101     /*
102      * If the coroutine is already entered it must be in ioq_submit() and
103      * will notice laio->ret has been filled in when it eventually runs
104      * later.  Coroutines cannot be entered recursively so avoid doing
105      * that!
106      */
107     assert(laiocb->co->ctx == laiocb->ctx->aio_context);
108     if (!qemu_coroutine_entered(laiocb->co)) {
109         aio_co_wake(laiocb->co);
110     }
111 }
112 
113 /**
114  * aio_ring buffer which is shared between userspace and kernel.
115  *
116  * This copied from linux/fs/aio.c, common header does not exist
117  * but AIO exists for ages so we assume ABI is stable.
118  */
119 struct aio_ring {
120     unsigned    id;    /* kernel internal index number */
121     unsigned    nr;    /* number of io_events */
122     unsigned    head;  /* Written to by userland or by kernel. */
123     unsigned    tail;
124 
125     unsigned    magic;
126     unsigned    compat_features;
127     unsigned    incompat_features;
128     unsigned    header_length;  /* size of aio_ring */
129 
130     struct io_event io_events[];
131 };
132 
133 /**
134  * io_getevents_peek:
135  * @ctx: AIO context
136  * @events: pointer on events array, output value
137 
138  * Returns the number of completed events and sets a pointer
139  * on events array.  This function does not update the internal
140  * ring buffer, only reads head and tail.  When @events has been
141  * processed io_getevents_commit() must be called.
142  */
143 static inline unsigned int io_getevents_peek(io_context_t ctx,
144                                              struct io_event **events)
145 {
146     struct aio_ring *ring = (struct aio_ring *)ctx;
147     unsigned int head = ring->head, tail = ring->tail;
148     unsigned int nr;
149 
150     nr = tail >= head ? tail - head : ring->nr - head;
151     *events = ring->io_events + head;
152     /* To avoid speculative loads of s->events[i] before observing tail.
153        Paired with smp_wmb() inside linux/fs/aio.c: aio_complete(). */
154     smp_rmb();
155 
156     return nr;
157 }
158 
159 /**
160  * io_getevents_commit:
161  * @ctx: AIO context
162  * @nr: the number of events on which head should be advanced
163  *
164  * Advances head of a ring buffer.
165  */
166 static inline void io_getevents_commit(io_context_t ctx, unsigned int nr)
167 {
168     struct aio_ring *ring = (struct aio_ring *)ctx;
169 
170     if (nr) {
171         ring->head = (ring->head + nr) % ring->nr;
172     }
173 }
174 
175 /**
176  * io_getevents_advance_and_peek:
177  * @ctx: AIO context
178  * @events: pointer on events array, output value
179  * @nr: the number of events on which head should be advanced
180  *
181  * Advances head of a ring buffer and returns number of elements left.
182  */
183 static inline unsigned int
184 io_getevents_advance_and_peek(io_context_t ctx,
185                               struct io_event **events,
186                               unsigned int nr)
187 {
188     io_getevents_commit(ctx, nr);
189     return io_getevents_peek(ctx, events);
190 }
191 
192 /**
193  * qemu_laio_process_completions:
194  * @s: AIO state
195  *
196  * Fetches completed I/O requests and invokes their callbacks.
197  *
198  * The function is somewhat tricky because it supports nested event loops, for
199  * example when a request callback invokes aio_poll().  In order to do this,
200  * indices are kept in LinuxAioState.  Function schedules BH completion so it
201  * can be called again in a nested event loop.  When there are no events left
202  * to complete the BH is being canceled.
203  */
204 static void qemu_laio_process_completions(LinuxAioState *s)
205 {
206     struct io_event *events;
207 
208     defer_call_begin();
209 
210     /* Reschedule so nested event loops see currently pending completions */
211     qemu_bh_schedule(s->completion_bh);
212 
213     while ((s->event_max = io_getevents_advance_and_peek(s->ctx, &events,
214                                                          s->event_idx))) {
215         for (s->event_idx = 0; s->event_idx < s->event_max; ) {
216             struct iocb *iocb = events[s->event_idx].obj;
217             struct qemu_laiocb *laiocb =
218                 container_of(iocb, struct qemu_laiocb, iocb);
219 
220             laiocb->ret = io_event_ret(&events[s->event_idx]);
221 
222             /* Change counters one-by-one because we can be nested. */
223             s->io_q.in_flight--;
224             s->event_idx++;
225             qemu_laio_process_completion(laiocb);
226         }
227     }
228 
229     qemu_bh_cancel(s->completion_bh);
230 
231     /* If we are nested we have to notify the level above that we are done
232      * by setting event_max to zero, upper level will then jump out of it's
233      * own `for` loop.  If we are the last all counters dropped to zero. */
234     s->event_max = 0;
235     s->event_idx = 0;
236 
237     defer_call_end();
238 }
239 
240 static void qemu_laio_process_completions_and_submit(LinuxAioState *s)
241 {
242     qemu_laio_process_completions(s);
243 
244     if (!QSIMPLEQ_EMPTY(&s->io_q.pending)) {
245         ioq_submit(s);
246     }
247 }
248 
249 static void qemu_laio_completion_bh(void *opaque)
250 {
251     LinuxAioState *s = opaque;
252 
253     qemu_laio_process_completions_and_submit(s);
254 }
255 
256 static void qemu_laio_completion_cb(EventNotifier *e)
257 {
258     LinuxAioState *s = container_of(e, LinuxAioState, e);
259 
260     if (event_notifier_test_and_clear(&s->e)) {
261         qemu_laio_process_completions_and_submit(s);
262     }
263 }
264 
265 static bool qemu_laio_poll_cb(void *opaque)
266 {
267     EventNotifier *e = opaque;
268     LinuxAioState *s = container_of(e, LinuxAioState, e);
269     struct io_event *events;
270 
271     return io_getevents_peek(s->ctx, &events);
272 }
273 
274 static void qemu_laio_poll_ready(EventNotifier *opaque)
275 {
276     EventNotifier *e = opaque;
277     LinuxAioState *s = container_of(e, LinuxAioState, e);
278 
279     qemu_laio_process_completions_and_submit(s);
280 }
281 
282 static void ioq_init(LaioQueue *io_q)
283 {
284     QSIMPLEQ_INIT(&io_q->pending);
285     io_q->in_queue = 0;
286     io_q->in_flight = 0;
287     io_q->blocked = false;
288 }
289 
290 static void ioq_submit(LinuxAioState *s)
291 {
292     int ret, len;
293     struct qemu_laiocb *aiocb;
294     struct iocb *iocbs[MAX_EVENTS];
295     QSIMPLEQ_HEAD(, qemu_laiocb) completed;
296 
297     do {
298         if (s->io_q.in_flight >= MAX_EVENTS) {
299             break;
300         }
301         len = 0;
302         QSIMPLEQ_FOREACH(aiocb, &s->io_q.pending, next) {
303             iocbs[len++] = &aiocb->iocb;
304             if (s->io_q.in_flight + len >= MAX_EVENTS) {
305                 break;
306             }
307         }
308 
309         ret = io_submit(s->ctx, len, iocbs);
310         if (ret == -EAGAIN) {
311             break;
312         }
313         if (ret < 0) {
314             /* Fail the first request, retry the rest */
315             aiocb = QSIMPLEQ_FIRST(&s->io_q.pending);
316             QSIMPLEQ_REMOVE_HEAD(&s->io_q.pending, next);
317             s->io_q.in_queue--;
318             aiocb->ret = ret;
319             qemu_laio_process_completion(aiocb);
320             continue;
321         }
322 
323         s->io_q.in_flight += ret;
324         s->io_q.in_queue  -= ret;
325         aiocb = container_of(iocbs[ret - 1], struct qemu_laiocb, iocb);
326         QSIMPLEQ_SPLIT_AFTER(&s->io_q.pending, aiocb, next, &completed);
327     } while (ret == len && !QSIMPLEQ_EMPTY(&s->io_q.pending));
328     s->io_q.blocked = (s->io_q.in_queue > 0);
329 
330     if (s->io_q.in_flight) {
331         /* We can try to complete something just right away if there are
332          * still requests in-flight. */
333         qemu_laio_process_completions(s);
334         /*
335          * Even we have completed everything (in_flight == 0), the queue can
336          * have still pended requests (in_queue > 0).  We do not attempt to
337          * repeat submission to avoid IO hang.  The reason is simple: s->e is
338          * still set and completion callback will be called shortly and all
339          * pended requests will be submitted from there.
340          */
341     }
342 }
343 
344 static uint64_t laio_max_batch(LinuxAioState *s, uint64_t dev_max_batch)
345 {
346     uint64_t max_batch = s->aio_context->aio_max_batch ?: DEFAULT_MAX_BATCH;
347 
348     /*
349      * AIO context can be shared between multiple block devices, so
350      * `dev_max_batch` allows reducing the batch size for latency-sensitive
351      * devices.
352      */
353     max_batch = MIN_NON_ZERO(dev_max_batch, max_batch);
354 
355     /* limit the batch with the number of available events */
356     max_batch = MIN_NON_ZERO(MAX_EVENTS - s->io_q.in_flight, max_batch);
357 
358     return max_batch;
359 }
360 
361 static void laio_deferred_fn(void *opaque)
362 {
363     LinuxAioState *s = opaque;
364 
365     if (!s->io_q.blocked && !QSIMPLEQ_EMPTY(&s->io_q.pending)) {
366         ioq_submit(s);
367     }
368 }
369 
370 static int laio_do_submit(int fd, struct qemu_laiocb *laiocb, off_t offset,
371                           int type, uint64_t dev_max_batch)
372 {
373     LinuxAioState *s = laiocb->ctx;
374     struct iocb *iocbs = &laiocb->iocb;
375     QEMUIOVector *qiov = laiocb->qiov;
376 
377     switch (type) {
378     case QEMU_AIO_WRITE:
379         io_prep_pwritev(iocbs, fd, qiov->iov, qiov->niov, offset);
380         break;
381     case QEMU_AIO_ZONE_APPEND:
382         io_prep_pwritev(iocbs, fd, qiov->iov, qiov->niov, offset);
383         break;
384     case QEMU_AIO_READ:
385         io_prep_preadv(iocbs, fd, qiov->iov, qiov->niov, offset);
386         break;
387     /* Currently Linux kernel does not support other operations */
388     default:
389         fprintf(stderr, "%s: invalid AIO request type 0x%x.\n",
390                         __func__, type);
391         return -EIO;
392     }
393     io_set_eventfd(&laiocb->iocb, event_notifier_get_fd(&s->e));
394 
395     QSIMPLEQ_INSERT_TAIL(&s->io_q.pending, laiocb, next);
396     s->io_q.in_queue++;
397     if (!s->io_q.blocked) {
398         if (s->io_q.in_queue >= laio_max_batch(s, dev_max_batch)) {
399             ioq_submit(s);
400         } else {
401             defer_call(laio_deferred_fn, s);
402         }
403     }
404 
405     return 0;
406 }
407 
408 int coroutine_fn laio_co_submit(int fd, uint64_t offset, QEMUIOVector *qiov,
409                                 int type, uint64_t dev_max_batch)
410 {
411     int ret;
412     AioContext *ctx = qemu_get_current_aio_context();
413     struct qemu_laiocb laiocb = {
414         .co         = qemu_coroutine_self(),
415         .nbytes     = qiov->size,
416         .ctx        = aio_get_linux_aio(ctx),
417         .ret        = -EINPROGRESS,
418         .is_read    = (type == QEMU_AIO_READ),
419         .qiov       = qiov,
420     };
421 
422     ret = laio_do_submit(fd, &laiocb, offset, type, dev_max_batch);
423     if (ret < 0) {
424         return ret;
425     }
426 
427     if (laiocb.ret == -EINPROGRESS) {
428         qemu_coroutine_yield();
429     }
430     return laiocb.ret;
431 }
432 
433 void laio_detach_aio_context(LinuxAioState *s, AioContext *old_context)
434 {
435     aio_set_event_notifier(old_context, &s->e, NULL, NULL, NULL);
436     qemu_bh_delete(s->completion_bh);
437     s->aio_context = NULL;
438 }
439 
440 void laio_attach_aio_context(LinuxAioState *s, AioContext *new_context)
441 {
442     s->aio_context = new_context;
443     s->completion_bh = aio_bh_new(new_context, qemu_laio_completion_bh, s);
444     aio_set_event_notifier(new_context, &s->e,
445                            qemu_laio_completion_cb,
446                            qemu_laio_poll_cb,
447                            qemu_laio_poll_ready);
448 }
449 
450 LinuxAioState *laio_init(Error **errp)
451 {
452     int rc;
453     LinuxAioState *s;
454 
455     s = g_malloc0(sizeof(*s));
456     rc = event_notifier_init(&s->e, false);
457     if (rc < 0) {
458         error_setg_errno(errp, -rc, "failed to initialize event notifier");
459         goto out_free_state;
460     }
461 
462     rc = io_setup(MAX_EVENTS, &s->ctx);
463     if (rc < 0) {
464         error_setg_errno(errp, -rc, "failed to create linux AIO context");
465         goto out_close_efd;
466     }
467 
468     ioq_init(&s->io_q);
469 
470     return s;
471 
472 out_close_efd:
473     event_notifier_cleanup(&s->e);
474 out_free_state:
475     g_free(s);
476     return NULL;
477 }
478 
479 void laio_cleanup(LinuxAioState *s)
480 {
481     event_notifier_cleanup(&s->e);
482 
483     if (io_destroy(s->ctx) != 0) {
484         fprintf(stderr, "%s: destroy AIO context %p failed\n",
485                         __func__, &s->ctx);
486     }
487     g_free(s);
488 }
489