1 /* 2 * QEMU System Emulator block driver 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu/osdep.h" 26 #include "block/trace.h" 27 #include "block/block_int.h" 28 #include "block/blockjob.h" 29 #include "block/nbd.h" 30 #include "block/qdict.h" 31 #include "qemu/error-report.h" 32 #include "module_block.h" 33 #include "qemu/module.h" 34 #include "qapi/error.h" 35 #include "qapi/qmp/qdict.h" 36 #include "qapi/qmp/qjson.h" 37 #include "qapi/qmp/qnull.h" 38 #include "qapi/qmp/qstring.h" 39 #include "qapi/qobject-output-visitor.h" 40 #include "qapi/qapi-visit-block-core.h" 41 #include "sysemu/block-backend.h" 42 #include "sysemu/sysemu.h" 43 #include "qemu/notify.h" 44 #include "qemu/option.h" 45 #include "qemu/coroutine.h" 46 #include "block/qapi.h" 47 #include "qemu/timer.h" 48 #include "qemu/cutils.h" 49 #include "qemu/id.h" 50 51 #ifdef CONFIG_BSD 52 #include <sys/ioctl.h> 53 #include <sys/queue.h> 54 #ifndef __DragonFly__ 55 #include <sys/disk.h> 56 #endif 57 #endif 58 59 #ifdef _WIN32 60 #include <windows.h> 61 #endif 62 63 #define NOT_DONE 0x7fffffff /* used while emulated sync operation in progress */ 64 65 static QTAILQ_HEAD(, BlockDriverState) graph_bdrv_states = 66 QTAILQ_HEAD_INITIALIZER(graph_bdrv_states); 67 68 static QTAILQ_HEAD(, BlockDriverState) all_bdrv_states = 69 QTAILQ_HEAD_INITIALIZER(all_bdrv_states); 70 71 static QLIST_HEAD(, BlockDriver) bdrv_drivers = 72 QLIST_HEAD_INITIALIZER(bdrv_drivers); 73 74 static BlockDriverState *bdrv_open_inherit(const char *filename, 75 const char *reference, 76 QDict *options, int flags, 77 BlockDriverState *parent, 78 const BdrvChildRole *child_role, 79 Error **errp); 80 81 /* If non-zero, use only whitelisted block drivers */ 82 static int use_bdrv_whitelist; 83 84 #ifdef _WIN32 85 static int is_windows_drive_prefix(const char *filename) 86 { 87 return (((filename[0] >= 'a' && filename[0] <= 'z') || 88 (filename[0] >= 'A' && filename[0] <= 'Z')) && 89 filename[1] == ':'); 90 } 91 92 int is_windows_drive(const char *filename) 93 { 94 if (is_windows_drive_prefix(filename) && 95 filename[2] == '\0') 96 return 1; 97 if (strstart(filename, "\\\\.\\", NULL) || 98 strstart(filename, "//./", NULL)) 99 return 1; 100 return 0; 101 } 102 #endif 103 104 size_t bdrv_opt_mem_align(BlockDriverState *bs) 105 { 106 if (!bs || !bs->drv) { 107 /* page size or 4k (hdd sector size) should be on the safe side */ 108 return MAX(4096, getpagesize()); 109 } 110 111 return bs->bl.opt_mem_alignment; 112 } 113 114 size_t bdrv_min_mem_align(BlockDriverState *bs) 115 { 116 if (!bs || !bs->drv) { 117 /* page size or 4k (hdd sector size) should be on the safe side */ 118 return MAX(4096, getpagesize()); 119 } 120 121 return bs->bl.min_mem_alignment; 122 } 123 124 /* check if the path starts with "<protocol>:" */ 125 int path_has_protocol(const char *path) 126 { 127 const char *p; 128 129 #ifdef _WIN32 130 if (is_windows_drive(path) || 131 is_windows_drive_prefix(path)) { 132 return 0; 133 } 134 p = path + strcspn(path, ":/\\"); 135 #else 136 p = path + strcspn(path, ":/"); 137 #endif 138 139 return *p == ':'; 140 } 141 142 int path_is_absolute(const char *path) 143 { 144 #ifdef _WIN32 145 /* specific case for names like: "\\.\d:" */ 146 if (is_windows_drive(path) || is_windows_drive_prefix(path)) { 147 return 1; 148 } 149 return (*path == '/' || *path == '\\'); 150 #else 151 return (*path == '/'); 152 #endif 153 } 154 155 /* if filename is absolute, just copy it to dest. Otherwise, build a 156 path to it by considering it is relative to base_path. URL are 157 supported. */ 158 void path_combine(char *dest, int dest_size, 159 const char *base_path, 160 const char *filename) 161 { 162 const char *p, *p1; 163 int len; 164 165 if (dest_size <= 0) 166 return; 167 if (path_is_absolute(filename)) { 168 pstrcpy(dest, dest_size, filename); 169 } else { 170 const char *protocol_stripped = NULL; 171 172 if (path_has_protocol(base_path)) { 173 protocol_stripped = strchr(base_path, ':'); 174 if (protocol_stripped) { 175 protocol_stripped++; 176 } 177 } 178 p = protocol_stripped ?: base_path; 179 180 p1 = strrchr(base_path, '/'); 181 #ifdef _WIN32 182 { 183 const char *p2; 184 p2 = strrchr(base_path, '\\'); 185 if (!p1 || p2 > p1) 186 p1 = p2; 187 } 188 #endif 189 if (p1) 190 p1++; 191 else 192 p1 = base_path; 193 if (p1 > p) 194 p = p1; 195 len = p - base_path; 196 if (len > dest_size - 1) 197 len = dest_size - 1; 198 memcpy(dest, base_path, len); 199 dest[len] = '\0'; 200 pstrcat(dest, dest_size, filename); 201 } 202 } 203 204 /* 205 * Helper function for bdrv_parse_filename() implementations to remove optional 206 * protocol prefixes (especially "file:") from a filename and for putting the 207 * stripped filename into the options QDict if there is such a prefix. 208 */ 209 void bdrv_parse_filename_strip_prefix(const char *filename, const char *prefix, 210 QDict *options) 211 { 212 if (strstart(filename, prefix, &filename)) { 213 /* Stripping the explicit protocol prefix may result in a protocol 214 * prefix being (wrongly) detected (if the filename contains a colon) */ 215 if (path_has_protocol(filename)) { 216 QString *fat_filename; 217 218 /* This means there is some colon before the first slash; therefore, 219 * this cannot be an absolute path */ 220 assert(!path_is_absolute(filename)); 221 222 /* And we can thus fix the protocol detection issue by prefixing it 223 * by "./" */ 224 fat_filename = qstring_from_str("./"); 225 qstring_append(fat_filename, filename); 226 227 assert(!path_has_protocol(qstring_get_str(fat_filename))); 228 229 qdict_put(options, "filename", fat_filename); 230 } else { 231 /* If no protocol prefix was detected, we can use the shortened 232 * filename as-is */ 233 qdict_put_str(options, "filename", filename); 234 } 235 } 236 } 237 238 239 /* Returns whether the image file is opened as read-only. Note that this can 240 * return false and writing to the image file is still not possible because the 241 * image is inactivated. */ 242 bool bdrv_is_read_only(BlockDriverState *bs) 243 { 244 return bs->read_only; 245 } 246 247 int bdrv_can_set_read_only(BlockDriverState *bs, bool read_only, 248 bool ignore_allow_rdw, Error **errp) 249 { 250 /* Do not set read_only if copy_on_read is enabled */ 251 if (bs->copy_on_read && read_only) { 252 error_setg(errp, "Can't set node '%s' to r/o with copy-on-read enabled", 253 bdrv_get_device_or_node_name(bs)); 254 return -EINVAL; 255 } 256 257 /* Do not clear read_only if it is prohibited */ 258 if (!read_only && !(bs->open_flags & BDRV_O_ALLOW_RDWR) && 259 !ignore_allow_rdw) 260 { 261 error_setg(errp, "Node '%s' is read only", 262 bdrv_get_device_or_node_name(bs)); 263 return -EPERM; 264 } 265 266 return 0; 267 } 268 269 /* 270 * Called by a driver that can only provide a read-only image. 271 * 272 * Returns 0 if the node is already read-only or it could switch the node to 273 * read-only because BDRV_O_AUTO_RDONLY is set. 274 * 275 * Returns -EACCES if the node is read-write and BDRV_O_AUTO_RDONLY is not set 276 * or bdrv_can_set_read_only() forbids making the node read-only. If @errmsg 277 * is not NULL, it is used as the error message for the Error object. 278 */ 279 int bdrv_apply_auto_read_only(BlockDriverState *bs, const char *errmsg, 280 Error **errp) 281 { 282 int ret = 0; 283 284 if (!(bs->open_flags & BDRV_O_RDWR)) { 285 return 0; 286 } 287 if (!(bs->open_flags & BDRV_O_AUTO_RDONLY)) { 288 goto fail; 289 } 290 291 ret = bdrv_can_set_read_only(bs, true, false, NULL); 292 if (ret < 0) { 293 goto fail; 294 } 295 296 bs->read_only = true; 297 bs->open_flags &= ~BDRV_O_RDWR; 298 299 return 0; 300 301 fail: 302 error_setg(errp, "%s", errmsg ?: "Image is read-only"); 303 return -EACCES; 304 } 305 306 void bdrv_get_full_backing_filename_from_filename(const char *backed, 307 const char *backing, 308 char *dest, size_t sz, 309 Error **errp) 310 { 311 if (backing[0] == '\0' || path_has_protocol(backing) || 312 path_is_absolute(backing)) 313 { 314 pstrcpy(dest, sz, backing); 315 } else if (backed[0] == '\0' || strstart(backed, "json:", NULL)) { 316 error_setg(errp, "Cannot use relative backing file names for '%s'", 317 backed); 318 } else { 319 path_combine(dest, sz, backed, backing); 320 } 321 } 322 323 void bdrv_get_full_backing_filename(BlockDriverState *bs, char *dest, size_t sz, 324 Error **errp) 325 { 326 char *backed = bs->exact_filename[0] ? bs->exact_filename : bs->filename; 327 328 bdrv_get_full_backing_filename_from_filename(backed, bs->backing_file, 329 dest, sz, errp); 330 } 331 332 void bdrv_register(BlockDriver *bdrv) 333 { 334 QLIST_INSERT_HEAD(&bdrv_drivers, bdrv, list); 335 } 336 337 BlockDriverState *bdrv_new(void) 338 { 339 BlockDriverState *bs; 340 int i; 341 342 bs = g_new0(BlockDriverState, 1); 343 QLIST_INIT(&bs->dirty_bitmaps); 344 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 345 QLIST_INIT(&bs->op_blockers[i]); 346 } 347 notifier_with_return_list_init(&bs->before_write_notifiers); 348 qemu_co_mutex_init(&bs->reqs_lock); 349 qemu_mutex_init(&bs->dirty_bitmap_mutex); 350 bs->refcnt = 1; 351 bs->aio_context = qemu_get_aio_context(); 352 353 qemu_co_queue_init(&bs->flush_queue); 354 355 for (i = 0; i < bdrv_drain_all_count; i++) { 356 bdrv_drained_begin(bs); 357 } 358 359 QTAILQ_INSERT_TAIL(&all_bdrv_states, bs, bs_list); 360 361 return bs; 362 } 363 364 static BlockDriver *bdrv_do_find_format(const char *format_name) 365 { 366 BlockDriver *drv1; 367 368 QLIST_FOREACH(drv1, &bdrv_drivers, list) { 369 if (!strcmp(drv1->format_name, format_name)) { 370 return drv1; 371 } 372 } 373 374 return NULL; 375 } 376 377 BlockDriver *bdrv_find_format(const char *format_name) 378 { 379 BlockDriver *drv1; 380 int i; 381 382 drv1 = bdrv_do_find_format(format_name); 383 if (drv1) { 384 return drv1; 385 } 386 387 /* The driver isn't registered, maybe we need to load a module */ 388 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); ++i) { 389 if (!strcmp(block_driver_modules[i].format_name, format_name)) { 390 block_module_load_one(block_driver_modules[i].library_name); 391 break; 392 } 393 } 394 395 return bdrv_do_find_format(format_name); 396 } 397 398 int bdrv_is_whitelisted(BlockDriver *drv, bool read_only) 399 { 400 static const char *whitelist_rw[] = { 401 CONFIG_BDRV_RW_WHITELIST 402 }; 403 static const char *whitelist_ro[] = { 404 CONFIG_BDRV_RO_WHITELIST 405 }; 406 const char **p; 407 408 if (!whitelist_rw[0] && !whitelist_ro[0]) { 409 return 1; /* no whitelist, anything goes */ 410 } 411 412 for (p = whitelist_rw; *p; p++) { 413 if (!strcmp(drv->format_name, *p)) { 414 return 1; 415 } 416 } 417 if (read_only) { 418 for (p = whitelist_ro; *p; p++) { 419 if (!strcmp(drv->format_name, *p)) { 420 return 1; 421 } 422 } 423 } 424 return 0; 425 } 426 427 bool bdrv_uses_whitelist(void) 428 { 429 return use_bdrv_whitelist; 430 } 431 432 typedef struct CreateCo { 433 BlockDriver *drv; 434 char *filename; 435 QemuOpts *opts; 436 int ret; 437 Error *err; 438 } CreateCo; 439 440 static void coroutine_fn bdrv_create_co_entry(void *opaque) 441 { 442 Error *local_err = NULL; 443 int ret; 444 445 CreateCo *cco = opaque; 446 assert(cco->drv); 447 448 ret = cco->drv->bdrv_co_create_opts(cco->filename, cco->opts, &local_err); 449 error_propagate(&cco->err, local_err); 450 cco->ret = ret; 451 } 452 453 int bdrv_create(BlockDriver *drv, const char* filename, 454 QemuOpts *opts, Error **errp) 455 { 456 int ret; 457 458 Coroutine *co; 459 CreateCo cco = { 460 .drv = drv, 461 .filename = g_strdup(filename), 462 .opts = opts, 463 .ret = NOT_DONE, 464 .err = NULL, 465 }; 466 467 if (!drv->bdrv_co_create_opts) { 468 error_setg(errp, "Driver '%s' does not support image creation", drv->format_name); 469 ret = -ENOTSUP; 470 goto out; 471 } 472 473 if (qemu_in_coroutine()) { 474 /* Fast-path if already in coroutine context */ 475 bdrv_create_co_entry(&cco); 476 } else { 477 co = qemu_coroutine_create(bdrv_create_co_entry, &cco); 478 qemu_coroutine_enter(co); 479 while (cco.ret == NOT_DONE) { 480 aio_poll(qemu_get_aio_context(), true); 481 } 482 } 483 484 ret = cco.ret; 485 if (ret < 0) { 486 if (cco.err) { 487 error_propagate(errp, cco.err); 488 } else { 489 error_setg_errno(errp, -ret, "Could not create image"); 490 } 491 } 492 493 out: 494 g_free(cco.filename); 495 return ret; 496 } 497 498 int bdrv_create_file(const char *filename, QemuOpts *opts, Error **errp) 499 { 500 BlockDriver *drv; 501 Error *local_err = NULL; 502 int ret; 503 504 drv = bdrv_find_protocol(filename, true, errp); 505 if (drv == NULL) { 506 return -ENOENT; 507 } 508 509 ret = bdrv_create(drv, filename, opts, &local_err); 510 error_propagate(errp, local_err); 511 return ret; 512 } 513 514 /** 515 * Try to get @bs's logical and physical block size. 516 * On success, store them in @bsz struct and return 0. 517 * On failure return -errno. 518 * @bs must not be empty. 519 */ 520 int bdrv_probe_blocksizes(BlockDriverState *bs, BlockSizes *bsz) 521 { 522 BlockDriver *drv = bs->drv; 523 524 if (drv && drv->bdrv_probe_blocksizes) { 525 return drv->bdrv_probe_blocksizes(bs, bsz); 526 } else if (drv && drv->is_filter && bs->file) { 527 return bdrv_probe_blocksizes(bs->file->bs, bsz); 528 } 529 530 return -ENOTSUP; 531 } 532 533 /** 534 * Try to get @bs's geometry (cyls, heads, sectors). 535 * On success, store them in @geo struct and return 0. 536 * On failure return -errno. 537 * @bs must not be empty. 538 */ 539 int bdrv_probe_geometry(BlockDriverState *bs, HDGeometry *geo) 540 { 541 BlockDriver *drv = bs->drv; 542 543 if (drv && drv->bdrv_probe_geometry) { 544 return drv->bdrv_probe_geometry(bs, geo); 545 } else if (drv && drv->is_filter && bs->file) { 546 return bdrv_probe_geometry(bs->file->bs, geo); 547 } 548 549 return -ENOTSUP; 550 } 551 552 /* 553 * Create a uniquely-named empty temporary file. 554 * Return 0 upon success, otherwise a negative errno value. 555 */ 556 int get_tmp_filename(char *filename, int size) 557 { 558 #ifdef _WIN32 559 char temp_dir[MAX_PATH]; 560 /* GetTempFileName requires that its output buffer (4th param) 561 have length MAX_PATH or greater. */ 562 assert(size >= MAX_PATH); 563 return (GetTempPath(MAX_PATH, temp_dir) 564 && GetTempFileName(temp_dir, "qem", 0, filename) 565 ? 0 : -GetLastError()); 566 #else 567 int fd; 568 const char *tmpdir; 569 tmpdir = getenv("TMPDIR"); 570 if (!tmpdir) { 571 tmpdir = "/var/tmp"; 572 } 573 if (snprintf(filename, size, "%s/vl.XXXXXX", tmpdir) >= size) { 574 return -EOVERFLOW; 575 } 576 fd = mkstemp(filename); 577 if (fd < 0) { 578 return -errno; 579 } 580 if (close(fd) != 0) { 581 unlink(filename); 582 return -errno; 583 } 584 return 0; 585 #endif 586 } 587 588 /* 589 * Detect host devices. By convention, /dev/cdrom[N] is always 590 * recognized as a host CDROM. 591 */ 592 static BlockDriver *find_hdev_driver(const char *filename) 593 { 594 int score_max = 0, score; 595 BlockDriver *drv = NULL, *d; 596 597 QLIST_FOREACH(d, &bdrv_drivers, list) { 598 if (d->bdrv_probe_device) { 599 score = d->bdrv_probe_device(filename); 600 if (score > score_max) { 601 score_max = score; 602 drv = d; 603 } 604 } 605 } 606 607 return drv; 608 } 609 610 static BlockDriver *bdrv_do_find_protocol(const char *protocol) 611 { 612 BlockDriver *drv1; 613 614 QLIST_FOREACH(drv1, &bdrv_drivers, list) { 615 if (drv1->protocol_name && !strcmp(drv1->protocol_name, protocol)) { 616 return drv1; 617 } 618 } 619 620 return NULL; 621 } 622 623 BlockDriver *bdrv_find_protocol(const char *filename, 624 bool allow_protocol_prefix, 625 Error **errp) 626 { 627 BlockDriver *drv1; 628 char protocol[128]; 629 int len; 630 const char *p; 631 int i; 632 633 /* TODO Drivers without bdrv_file_open must be specified explicitly */ 634 635 /* 636 * XXX(hch): we really should not let host device detection 637 * override an explicit protocol specification, but moving this 638 * later breaks access to device names with colons in them. 639 * Thanks to the brain-dead persistent naming schemes on udev- 640 * based Linux systems those actually are quite common. 641 */ 642 drv1 = find_hdev_driver(filename); 643 if (drv1) { 644 return drv1; 645 } 646 647 if (!path_has_protocol(filename) || !allow_protocol_prefix) { 648 return &bdrv_file; 649 } 650 651 p = strchr(filename, ':'); 652 assert(p != NULL); 653 len = p - filename; 654 if (len > sizeof(protocol) - 1) 655 len = sizeof(protocol) - 1; 656 memcpy(protocol, filename, len); 657 protocol[len] = '\0'; 658 659 drv1 = bdrv_do_find_protocol(protocol); 660 if (drv1) { 661 return drv1; 662 } 663 664 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); ++i) { 665 if (block_driver_modules[i].protocol_name && 666 !strcmp(block_driver_modules[i].protocol_name, protocol)) { 667 block_module_load_one(block_driver_modules[i].library_name); 668 break; 669 } 670 } 671 672 drv1 = bdrv_do_find_protocol(protocol); 673 if (!drv1) { 674 error_setg(errp, "Unknown protocol '%s'", protocol); 675 } 676 return drv1; 677 } 678 679 /* 680 * Guess image format by probing its contents. 681 * This is not a good idea when your image is raw (CVE-2008-2004), but 682 * we do it anyway for backward compatibility. 683 * 684 * @buf contains the image's first @buf_size bytes. 685 * @buf_size is the buffer size in bytes (generally BLOCK_PROBE_BUF_SIZE, 686 * but can be smaller if the image file is smaller) 687 * @filename is its filename. 688 * 689 * For all block drivers, call the bdrv_probe() method to get its 690 * probing score. 691 * Return the first block driver with the highest probing score. 692 */ 693 BlockDriver *bdrv_probe_all(const uint8_t *buf, int buf_size, 694 const char *filename) 695 { 696 int score_max = 0, score; 697 BlockDriver *drv = NULL, *d; 698 699 QLIST_FOREACH(d, &bdrv_drivers, list) { 700 if (d->bdrv_probe) { 701 score = d->bdrv_probe(buf, buf_size, filename); 702 if (score > score_max) { 703 score_max = score; 704 drv = d; 705 } 706 } 707 } 708 709 return drv; 710 } 711 712 static int find_image_format(BlockBackend *file, const char *filename, 713 BlockDriver **pdrv, Error **errp) 714 { 715 BlockDriver *drv; 716 uint8_t buf[BLOCK_PROBE_BUF_SIZE]; 717 int ret = 0; 718 719 /* Return the raw BlockDriver * to scsi-generic devices or empty drives */ 720 if (blk_is_sg(file) || !blk_is_inserted(file) || blk_getlength(file) == 0) { 721 *pdrv = &bdrv_raw; 722 return ret; 723 } 724 725 ret = blk_pread(file, 0, buf, sizeof(buf)); 726 if (ret < 0) { 727 error_setg_errno(errp, -ret, "Could not read image for determining its " 728 "format"); 729 *pdrv = NULL; 730 return ret; 731 } 732 733 drv = bdrv_probe_all(buf, ret, filename); 734 if (!drv) { 735 error_setg(errp, "Could not determine image format: No compatible " 736 "driver found"); 737 ret = -ENOENT; 738 } 739 *pdrv = drv; 740 return ret; 741 } 742 743 /** 744 * Set the current 'total_sectors' value 745 * Return 0 on success, -errno on error. 746 */ 747 int refresh_total_sectors(BlockDriverState *bs, int64_t hint) 748 { 749 BlockDriver *drv = bs->drv; 750 751 if (!drv) { 752 return -ENOMEDIUM; 753 } 754 755 /* Do not attempt drv->bdrv_getlength() on scsi-generic devices */ 756 if (bdrv_is_sg(bs)) 757 return 0; 758 759 /* query actual device if possible, otherwise just trust the hint */ 760 if (drv->bdrv_getlength) { 761 int64_t length = drv->bdrv_getlength(bs); 762 if (length < 0) { 763 return length; 764 } 765 hint = DIV_ROUND_UP(length, BDRV_SECTOR_SIZE); 766 } 767 768 bs->total_sectors = hint; 769 return 0; 770 } 771 772 /** 773 * Combines a QDict of new block driver @options with any missing options taken 774 * from @old_options, so that leaving out an option defaults to its old value. 775 */ 776 static void bdrv_join_options(BlockDriverState *bs, QDict *options, 777 QDict *old_options) 778 { 779 if (bs->drv && bs->drv->bdrv_join_options) { 780 bs->drv->bdrv_join_options(options, old_options); 781 } else { 782 qdict_join(options, old_options, false); 783 } 784 } 785 786 static BlockdevDetectZeroesOptions bdrv_parse_detect_zeroes(QemuOpts *opts, 787 int open_flags, 788 Error **errp) 789 { 790 Error *local_err = NULL; 791 char *value = qemu_opt_get_del(opts, "detect-zeroes"); 792 BlockdevDetectZeroesOptions detect_zeroes = 793 qapi_enum_parse(&BlockdevDetectZeroesOptions_lookup, value, 794 BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF, &local_err); 795 g_free(value); 796 if (local_err) { 797 error_propagate(errp, local_err); 798 return detect_zeroes; 799 } 800 801 if (detect_zeroes == BLOCKDEV_DETECT_ZEROES_OPTIONS_UNMAP && 802 !(open_flags & BDRV_O_UNMAP)) 803 { 804 error_setg(errp, "setting detect-zeroes to unmap is not allowed " 805 "without setting discard operation to unmap"); 806 } 807 808 return detect_zeroes; 809 } 810 811 /** 812 * Set open flags for a given discard mode 813 * 814 * Return 0 on success, -1 if the discard mode was invalid. 815 */ 816 int bdrv_parse_discard_flags(const char *mode, int *flags) 817 { 818 *flags &= ~BDRV_O_UNMAP; 819 820 if (!strcmp(mode, "off") || !strcmp(mode, "ignore")) { 821 /* do nothing */ 822 } else if (!strcmp(mode, "on") || !strcmp(mode, "unmap")) { 823 *flags |= BDRV_O_UNMAP; 824 } else { 825 return -1; 826 } 827 828 return 0; 829 } 830 831 /** 832 * Set open flags for a given cache mode 833 * 834 * Return 0 on success, -1 if the cache mode was invalid. 835 */ 836 int bdrv_parse_cache_mode(const char *mode, int *flags, bool *writethrough) 837 { 838 *flags &= ~BDRV_O_CACHE_MASK; 839 840 if (!strcmp(mode, "off") || !strcmp(mode, "none")) { 841 *writethrough = false; 842 *flags |= BDRV_O_NOCACHE; 843 } else if (!strcmp(mode, "directsync")) { 844 *writethrough = true; 845 *flags |= BDRV_O_NOCACHE; 846 } else if (!strcmp(mode, "writeback")) { 847 *writethrough = false; 848 } else if (!strcmp(mode, "unsafe")) { 849 *writethrough = false; 850 *flags |= BDRV_O_NO_FLUSH; 851 } else if (!strcmp(mode, "writethrough")) { 852 *writethrough = true; 853 } else { 854 return -1; 855 } 856 857 return 0; 858 } 859 860 static char *bdrv_child_get_parent_desc(BdrvChild *c) 861 { 862 BlockDriverState *parent = c->opaque; 863 return g_strdup(bdrv_get_device_or_node_name(parent)); 864 } 865 866 static void bdrv_child_cb_drained_begin(BdrvChild *child) 867 { 868 BlockDriverState *bs = child->opaque; 869 bdrv_do_drained_begin_quiesce(bs, NULL, false); 870 } 871 872 static bool bdrv_child_cb_drained_poll(BdrvChild *child) 873 { 874 BlockDriverState *bs = child->opaque; 875 return bdrv_drain_poll(bs, false, NULL, false); 876 } 877 878 static void bdrv_child_cb_drained_end(BdrvChild *child) 879 { 880 BlockDriverState *bs = child->opaque; 881 bdrv_drained_end(bs); 882 } 883 884 static void bdrv_child_cb_attach(BdrvChild *child) 885 { 886 BlockDriverState *bs = child->opaque; 887 bdrv_apply_subtree_drain(child, bs); 888 } 889 890 static void bdrv_child_cb_detach(BdrvChild *child) 891 { 892 BlockDriverState *bs = child->opaque; 893 bdrv_unapply_subtree_drain(child, bs); 894 } 895 896 static int bdrv_child_cb_inactivate(BdrvChild *child) 897 { 898 BlockDriverState *bs = child->opaque; 899 assert(bs->open_flags & BDRV_O_INACTIVE); 900 return 0; 901 } 902 903 /* 904 * Returns the options and flags that a temporary snapshot should get, based on 905 * the originally requested flags (the originally requested image will have 906 * flags like a backing file) 907 */ 908 static void bdrv_temp_snapshot_options(int *child_flags, QDict *child_options, 909 int parent_flags, QDict *parent_options) 910 { 911 *child_flags = (parent_flags & ~BDRV_O_SNAPSHOT) | BDRV_O_TEMPORARY; 912 913 /* For temporary files, unconditional cache=unsafe is fine */ 914 qdict_set_default_str(child_options, BDRV_OPT_CACHE_DIRECT, "off"); 915 qdict_set_default_str(child_options, BDRV_OPT_CACHE_NO_FLUSH, "on"); 916 917 /* Copy the read-only option from the parent */ 918 qdict_copy_default(child_options, parent_options, BDRV_OPT_READ_ONLY); 919 920 /* aio=native doesn't work for cache.direct=off, so disable it for the 921 * temporary snapshot */ 922 *child_flags &= ~BDRV_O_NATIVE_AIO; 923 } 924 925 /* 926 * Returns the options and flags that bs->file should get if a protocol driver 927 * is expected, based on the given options and flags for the parent BDS 928 */ 929 static void bdrv_inherited_options(int *child_flags, QDict *child_options, 930 int parent_flags, QDict *parent_options) 931 { 932 int flags = parent_flags; 933 934 /* Enable protocol handling, disable format probing for bs->file */ 935 flags |= BDRV_O_PROTOCOL; 936 937 /* If the cache mode isn't explicitly set, inherit direct and no-flush from 938 * the parent. */ 939 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_DIRECT); 940 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_NO_FLUSH); 941 qdict_copy_default(child_options, parent_options, BDRV_OPT_FORCE_SHARE); 942 943 /* Inherit the read-only option from the parent if it's not set */ 944 qdict_copy_default(child_options, parent_options, BDRV_OPT_READ_ONLY); 945 qdict_copy_default(child_options, parent_options, BDRV_OPT_AUTO_READ_ONLY); 946 947 /* Our block drivers take care to send flushes and respect unmap policy, 948 * so we can default to enable both on lower layers regardless of the 949 * corresponding parent options. */ 950 qdict_set_default_str(child_options, BDRV_OPT_DISCARD, "unmap"); 951 952 /* Clear flags that only apply to the top layer */ 953 flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING | BDRV_O_COPY_ON_READ | 954 BDRV_O_NO_IO); 955 956 *child_flags = flags; 957 } 958 959 const BdrvChildRole child_file = { 960 .parent_is_bds = true, 961 .get_parent_desc = bdrv_child_get_parent_desc, 962 .inherit_options = bdrv_inherited_options, 963 .drained_begin = bdrv_child_cb_drained_begin, 964 .drained_poll = bdrv_child_cb_drained_poll, 965 .drained_end = bdrv_child_cb_drained_end, 966 .attach = bdrv_child_cb_attach, 967 .detach = bdrv_child_cb_detach, 968 .inactivate = bdrv_child_cb_inactivate, 969 }; 970 971 /* 972 * Returns the options and flags that bs->file should get if the use of formats 973 * (and not only protocols) is permitted for it, based on the given options and 974 * flags for the parent BDS 975 */ 976 static void bdrv_inherited_fmt_options(int *child_flags, QDict *child_options, 977 int parent_flags, QDict *parent_options) 978 { 979 child_file.inherit_options(child_flags, child_options, 980 parent_flags, parent_options); 981 982 *child_flags &= ~(BDRV_O_PROTOCOL | BDRV_O_NO_IO); 983 } 984 985 const BdrvChildRole child_format = { 986 .parent_is_bds = true, 987 .get_parent_desc = bdrv_child_get_parent_desc, 988 .inherit_options = bdrv_inherited_fmt_options, 989 .drained_begin = bdrv_child_cb_drained_begin, 990 .drained_poll = bdrv_child_cb_drained_poll, 991 .drained_end = bdrv_child_cb_drained_end, 992 .attach = bdrv_child_cb_attach, 993 .detach = bdrv_child_cb_detach, 994 .inactivate = bdrv_child_cb_inactivate, 995 }; 996 997 static void bdrv_backing_attach(BdrvChild *c) 998 { 999 BlockDriverState *parent = c->opaque; 1000 BlockDriverState *backing_hd = c->bs; 1001 1002 assert(!parent->backing_blocker); 1003 error_setg(&parent->backing_blocker, 1004 "node is used as backing hd of '%s'", 1005 bdrv_get_device_or_node_name(parent)); 1006 1007 parent->open_flags &= ~BDRV_O_NO_BACKING; 1008 pstrcpy(parent->backing_file, sizeof(parent->backing_file), 1009 backing_hd->filename); 1010 pstrcpy(parent->backing_format, sizeof(parent->backing_format), 1011 backing_hd->drv ? backing_hd->drv->format_name : ""); 1012 1013 bdrv_op_block_all(backing_hd, parent->backing_blocker); 1014 /* Otherwise we won't be able to commit or stream */ 1015 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_COMMIT_TARGET, 1016 parent->backing_blocker); 1017 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_STREAM, 1018 parent->backing_blocker); 1019 /* 1020 * We do backup in 3 ways: 1021 * 1. drive backup 1022 * The target bs is new opened, and the source is top BDS 1023 * 2. blockdev backup 1024 * Both the source and the target are top BDSes. 1025 * 3. internal backup(used for block replication) 1026 * Both the source and the target are backing file 1027 * 1028 * In case 1 and 2, neither the source nor the target is the backing file. 1029 * In case 3, we will block the top BDS, so there is only one block job 1030 * for the top BDS and its backing chain. 1031 */ 1032 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE, 1033 parent->backing_blocker); 1034 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_TARGET, 1035 parent->backing_blocker); 1036 1037 bdrv_child_cb_attach(c); 1038 } 1039 1040 static void bdrv_backing_detach(BdrvChild *c) 1041 { 1042 BlockDriverState *parent = c->opaque; 1043 1044 assert(parent->backing_blocker); 1045 bdrv_op_unblock_all(c->bs, parent->backing_blocker); 1046 error_free(parent->backing_blocker); 1047 parent->backing_blocker = NULL; 1048 1049 bdrv_child_cb_detach(c); 1050 } 1051 1052 /* 1053 * Returns the options and flags that bs->backing should get, based on the 1054 * given options and flags for the parent BDS 1055 */ 1056 static void bdrv_backing_options(int *child_flags, QDict *child_options, 1057 int parent_flags, QDict *parent_options) 1058 { 1059 int flags = parent_flags; 1060 1061 /* The cache mode is inherited unmodified for backing files; except WCE, 1062 * which is only applied on the top level (BlockBackend) */ 1063 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_DIRECT); 1064 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_NO_FLUSH); 1065 qdict_copy_default(child_options, parent_options, BDRV_OPT_FORCE_SHARE); 1066 1067 /* backing files always opened read-only */ 1068 qdict_set_default_str(child_options, BDRV_OPT_READ_ONLY, "on"); 1069 qdict_set_default_str(child_options, BDRV_OPT_AUTO_READ_ONLY, "off"); 1070 flags &= ~BDRV_O_COPY_ON_READ; 1071 1072 /* snapshot=on is handled on the top layer */ 1073 flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_TEMPORARY); 1074 1075 *child_flags = flags; 1076 } 1077 1078 static int bdrv_backing_update_filename(BdrvChild *c, BlockDriverState *base, 1079 const char *filename, Error **errp) 1080 { 1081 BlockDriverState *parent = c->opaque; 1082 int orig_flags = bdrv_get_flags(parent); 1083 int ret; 1084 1085 if (!(orig_flags & BDRV_O_RDWR)) { 1086 ret = bdrv_reopen(parent, orig_flags | BDRV_O_RDWR, errp); 1087 if (ret < 0) { 1088 return ret; 1089 } 1090 } 1091 1092 ret = bdrv_change_backing_file(parent, filename, 1093 base->drv ? base->drv->format_name : ""); 1094 if (ret < 0) { 1095 error_setg_errno(errp, -ret, "Could not update backing file link"); 1096 } 1097 1098 if (!(orig_flags & BDRV_O_RDWR)) { 1099 bdrv_reopen(parent, orig_flags, NULL); 1100 } 1101 1102 return ret; 1103 } 1104 1105 const BdrvChildRole child_backing = { 1106 .parent_is_bds = true, 1107 .get_parent_desc = bdrv_child_get_parent_desc, 1108 .attach = bdrv_backing_attach, 1109 .detach = bdrv_backing_detach, 1110 .inherit_options = bdrv_backing_options, 1111 .drained_begin = bdrv_child_cb_drained_begin, 1112 .drained_poll = bdrv_child_cb_drained_poll, 1113 .drained_end = bdrv_child_cb_drained_end, 1114 .inactivate = bdrv_child_cb_inactivate, 1115 .update_filename = bdrv_backing_update_filename, 1116 }; 1117 1118 static int bdrv_open_flags(BlockDriverState *bs, int flags) 1119 { 1120 int open_flags = flags; 1121 1122 /* 1123 * Clear flags that are internal to the block layer before opening the 1124 * image. 1125 */ 1126 open_flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING | BDRV_O_PROTOCOL); 1127 1128 /* 1129 * Snapshots should be writable. 1130 */ 1131 if (flags & BDRV_O_TEMPORARY) { 1132 open_flags |= BDRV_O_RDWR; 1133 } 1134 1135 return open_flags; 1136 } 1137 1138 static void update_flags_from_options(int *flags, QemuOpts *opts) 1139 { 1140 *flags &= ~BDRV_O_CACHE_MASK; 1141 1142 assert(qemu_opt_find(opts, BDRV_OPT_CACHE_NO_FLUSH)); 1143 if (qemu_opt_get_bool_del(opts, BDRV_OPT_CACHE_NO_FLUSH, false)) { 1144 *flags |= BDRV_O_NO_FLUSH; 1145 } 1146 1147 assert(qemu_opt_find(opts, BDRV_OPT_CACHE_DIRECT)); 1148 if (qemu_opt_get_bool_del(opts, BDRV_OPT_CACHE_DIRECT, false)) { 1149 *flags |= BDRV_O_NOCACHE; 1150 } 1151 1152 *flags &= ~BDRV_O_RDWR; 1153 1154 assert(qemu_opt_find(opts, BDRV_OPT_READ_ONLY)); 1155 if (!qemu_opt_get_bool_del(opts, BDRV_OPT_READ_ONLY, false)) { 1156 *flags |= BDRV_O_RDWR; 1157 } 1158 1159 assert(qemu_opt_find(opts, BDRV_OPT_AUTO_READ_ONLY)); 1160 if (qemu_opt_get_bool_del(opts, BDRV_OPT_AUTO_READ_ONLY, false)) { 1161 *flags |= BDRV_O_AUTO_RDONLY; 1162 } 1163 } 1164 1165 static void update_options_from_flags(QDict *options, int flags) 1166 { 1167 if (!qdict_haskey(options, BDRV_OPT_CACHE_DIRECT)) { 1168 qdict_put_bool(options, BDRV_OPT_CACHE_DIRECT, flags & BDRV_O_NOCACHE); 1169 } 1170 if (!qdict_haskey(options, BDRV_OPT_CACHE_NO_FLUSH)) { 1171 qdict_put_bool(options, BDRV_OPT_CACHE_NO_FLUSH, 1172 flags & BDRV_O_NO_FLUSH); 1173 } 1174 if (!qdict_haskey(options, BDRV_OPT_READ_ONLY)) { 1175 qdict_put_bool(options, BDRV_OPT_READ_ONLY, !(flags & BDRV_O_RDWR)); 1176 } 1177 if (!qdict_haskey(options, BDRV_OPT_AUTO_READ_ONLY)) { 1178 qdict_put_bool(options, BDRV_OPT_AUTO_READ_ONLY, 1179 flags & BDRV_O_AUTO_RDONLY); 1180 } 1181 } 1182 1183 static void bdrv_assign_node_name(BlockDriverState *bs, 1184 const char *node_name, 1185 Error **errp) 1186 { 1187 char *gen_node_name = NULL; 1188 1189 if (!node_name) { 1190 node_name = gen_node_name = id_generate(ID_BLOCK); 1191 } else if (!id_wellformed(node_name)) { 1192 /* 1193 * Check for empty string or invalid characters, but not if it is 1194 * generated (generated names use characters not available to the user) 1195 */ 1196 error_setg(errp, "Invalid node name"); 1197 return; 1198 } 1199 1200 /* takes care of avoiding namespaces collisions */ 1201 if (blk_by_name(node_name)) { 1202 error_setg(errp, "node-name=%s is conflicting with a device id", 1203 node_name); 1204 goto out; 1205 } 1206 1207 /* takes care of avoiding duplicates node names */ 1208 if (bdrv_find_node(node_name)) { 1209 error_setg(errp, "Duplicate node name"); 1210 goto out; 1211 } 1212 1213 /* Make sure that the node name isn't truncated */ 1214 if (strlen(node_name) >= sizeof(bs->node_name)) { 1215 error_setg(errp, "Node name too long"); 1216 goto out; 1217 } 1218 1219 /* copy node name into the bs and insert it into the graph list */ 1220 pstrcpy(bs->node_name, sizeof(bs->node_name), node_name); 1221 QTAILQ_INSERT_TAIL(&graph_bdrv_states, bs, node_list); 1222 out: 1223 g_free(gen_node_name); 1224 } 1225 1226 static int bdrv_open_driver(BlockDriverState *bs, BlockDriver *drv, 1227 const char *node_name, QDict *options, 1228 int open_flags, Error **errp) 1229 { 1230 Error *local_err = NULL; 1231 int i, ret; 1232 1233 bdrv_assign_node_name(bs, node_name, &local_err); 1234 if (local_err) { 1235 error_propagate(errp, local_err); 1236 return -EINVAL; 1237 } 1238 1239 bs->drv = drv; 1240 bs->read_only = !(bs->open_flags & BDRV_O_RDWR); 1241 bs->opaque = g_malloc0(drv->instance_size); 1242 1243 if (drv->bdrv_file_open) { 1244 assert(!drv->bdrv_needs_filename || bs->filename[0]); 1245 ret = drv->bdrv_file_open(bs, options, open_flags, &local_err); 1246 } else if (drv->bdrv_open) { 1247 ret = drv->bdrv_open(bs, options, open_flags, &local_err); 1248 } else { 1249 ret = 0; 1250 } 1251 1252 if (ret < 0) { 1253 if (local_err) { 1254 error_propagate(errp, local_err); 1255 } else if (bs->filename[0]) { 1256 error_setg_errno(errp, -ret, "Could not open '%s'", bs->filename); 1257 } else { 1258 error_setg_errno(errp, -ret, "Could not open image"); 1259 } 1260 goto open_failed; 1261 } 1262 1263 ret = refresh_total_sectors(bs, bs->total_sectors); 1264 if (ret < 0) { 1265 error_setg_errno(errp, -ret, "Could not refresh total sector count"); 1266 return ret; 1267 } 1268 1269 bdrv_refresh_limits(bs, &local_err); 1270 if (local_err) { 1271 error_propagate(errp, local_err); 1272 return -EINVAL; 1273 } 1274 1275 assert(bdrv_opt_mem_align(bs) != 0); 1276 assert(bdrv_min_mem_align(bs) != 0); 1277 assert(is_power_of_2(bs->bl.request_alignment)); 1278 1279 for (i = 0; i < bs->quiesce_counter; i++) { 1280 if (drv->bdrv_co_drain_begin) { 1281 drv->bdrv_co_drain_begin(bs); 1282 } 1283 } 1284 1285 return 0; 1286 open_failed: 1287 bs->drv = NULL; 1288 if (bs->file != NULL) { 1289 bdrv_unref_child(bs, bs->file); 1290 bs->file = NULL; 1291 } 1292 g_free(bs->opaque); 1293 bs->opaque = NULL; 1294 return ret; 1295 } 1296 1297 BlockDriverState *bdrv_new_open_driver(BlockDriver *drv, const char *node_name, 1298 int flags, Error **errp) 1299 { 1300 BlockDriverState *bs; 1301 int ret; 1302 1303 bs = bdrv_new(); 1304 bs->open_flags = flags; 1305 bs->explicit_options = qdict_new(); 1306 bs->options = qdict_new(); 1307 bs->opaque = NULL; 1308 1309 update_options_from_flags(bs->options, flags); 1310 1311 ret = bdrv_open_driver(bs, drv, node_name, bs->options, flags, errp); 1312 if (ret < 0) { 1313 qobject_unref(bs->explicit_options); 1314 bs->explicit_options = NULL; 1315 qobject_unref(bs->options); 1316 bs->options = NULL; 1317 bdrv_unref(bs); 1318 return NULL; 1319 } 1320 1321 return bs; 1322 } 1323 1324 QemuOptsList bdrv_runtime_opts = { 1325 .name = "bdrv_common", 1326 .head = QTAILQ_HEAD_INITIALIZER(bdrv_runtime_opts.head), 1327 .desc = { 1328 { 1329 .name = "node-name", 1330 .type = QEMU_OPT_STRING, 1331 .help = "Node name of the block device node", 1332 }, 1333 { 1334 .name = "driver", 1335 .type = QEMU_OPT_STRING, 1336 .help = "Block driver to use for the node", 1337 }, 1338 { 1339 .name = BDRV_OPT_CACHE_DIRECT, 1340 .type = QEMU_OPT_BOOL, 1341 .help = "Bypass software writeback cache on the host", 1342 }, 1343 { 1344 .name = BDRV_OPT_CACHE_NO_FLUSH, 1345 .type = QEMU_OPT_BOOL, 1346 .help = "Ignore flush requests", 1347 }, 1348 { 1349 .name = BDRV_OPT_READ_ONLY, 1350 .type = QEMU_OPT_BOOL, 1351 .help = "Node is opened in read-only mode", 1352 }, 1353 { 1354 .name = BDRV_OPT_AUTO_READ_ONLY, 1355 .type = QEMU_OPT_BOOL, 1356 .help = "Node can become read-only if opening read-write fails", 1357 }, 1358 { 1359 .name = "detect-zeroes", 1360 .type = QEMU_OPT_STRING, 1361 .help = "try to optimize zero writes (off, on, unmap)", 1362 }, 1363 { 1364 .name = BDRV_OPT_DISCARD, 1365 .type = QEMU_OPT_STRING, 1366 .help = "discard operation (ignore/off, unmap/on)", 1367 }, 1368 { 1369 .name = BDRV_OPT_FORCE_SHARE, 1370 .type = QEMU_OPT_BOOL, 1371 .help = "always accept other writers (default: off)", 1372 }, 1373 { /* end of list */ } 1374 }, 1375 }; 1376 1377 /* 1378 * Common part for opening disk images and files 1379 * 1380 * Removes all processed options from *options. 1381 */ 1382 static int bdrv_open_common(BlockDriverState *bs, BlockBackend *file, 1383 QDict *options, Error **errp) 1384 { 1385 int ret, open_flags; 1386 const char *filename; 1387 const char *driver_name = NULL; 1388 const char *node_name = NULL; 1389 const char *discard; 1390 QemuOpts *opts; 1391 BlockDriver *drv; 1392 Error *local_err = NULL; 1393 1394 assert(bs->file == NULL); 1395 assert(options != NULL && bs->options != options); 1396 1397 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort); 1398 qemu_opts_absorb_qdict(opts, options, &local_err); 1399 if (local_err) { 1400 error_propagate(errp, local_err); 1401 ret = -EINVAL; 1402 goto fail_opts; 1403 } 1404 1405 update_flags_from_options(&bs->open_flags, opts); 1406 1407 driver_name = qemu_opt_get(opts, "driver"); 1408 drv = bdrv_find_format(driver_name); 1409 assert(drv != NULL); 1410 1411 bs->force_share = qemu_opt_get_bool(opts, BDRV_OPT_FORCE_SHARE, false); 1412 1413 if (bs->force_share && (bs->open_flags & BDRV_O_RDWR)) { 1414 error_setg(errp, 1415 BDRV_OPT_FORCE_SHARE 1416 "=on can only be used with read-only images"); 1417 ret = -EINVAL; 1418 goto fail_opts; 1419 } 1420 1421 if (file != NULL) { 1422 filename = blk_bs(file)->filename; 1423 } else { 1424 /* 1425 * Caution: while qdict_get_try_str() is fine, getting 1426 * non-string types would require more care. When @options 1427 * come from -blockdev or blockdev_add, its members are typed 1428 * according to the QAPI schema, but when they come from 1429 * -drive, they're all QString. 1430 */ 1431 filename = qdict_get_try_str(options, "filename"); 1432 } 1433 1434 if (drv->bdrv_needs_filename && (!filename || !filename[0])) { 1435 error_setg(errp, "The '%s' block driver requires a file name", 1436 drv->format_name); 1437 ret = -EINVAL; 1438 goto fail_opts; 1439 } 1440 1441 trace_bdrv_open_common(bs, filename ?: "", bs->open_flags, 1442 drv->format_name); 1443 1444 bs->read_only = !(bs->open_flags & BDRV_O_RDWR); 1445 1446 if (use_bdrv_whitelist && !bdrv_is_whitelisted(drv, bs->read_only)) { 1447 error_setg(errp, 1448 !bs->read_only && bdrv_is_whitelisted(drv, true) 1449 ? "Driver '%s' can only be used for read-only devices" 1450 : "Driver '%s' is not whitelisted", 1451 drv->format_name); 1452 ret = -ENOTSUP; 1453 goto fail_opts; 1454 } 1455 1456 /* bdrv_new() and bdrv_close() make it so */ 1457 assert(atomic_read(&bs->copy_on_read) == 0); 1458 1459 if (bs->open_flags & BDRV_O_COPY_ON_READ) { 1460 if (!bs->read_only) { 1461 bdrv_enable_copy_on_read(bs); 1462 } else { 1463 error_setg(errp, "Can't use copy-on-read on read-only device"); 1464 ret = -EINVAL; 1465 goto fail_opts; 1466 } 1467 } 1468 1469 discard = qemu_opt_get(opts, BDRV_OPT_DISCARD); 1470 if (discard != NULL) { 1471 if (bdrv_parse_discard_flags(discard, &bs->open_flags) != 0) { 1472 error_setg(errp, "Invalid discard option"); 1473 ret = -EINVAL; 1474 goto fail_opts; 1475 } 1476 } 1477 1478 bs->detect_zeroes = 1479 bdrv_parse_detect_zeroes(opts, bs->open_flags, &local_err); 1480 if (local_err) { 1481 error_propagate(errp, local_err); 1482 ret = -EINVAL; 1483 goto fail_opts; 1484 } 1485 1486 if (filename != NULL) { 1487 pstrcpy(bs->filename, sizeof(bs->filename), filename); 1488 } else { 1489 bs->filename[0] = '\0'; 1490 } 1491 pstrcpy(bs->exact_filename, sizeof(bs->exact_filename), bs->filename); 1492 1493 /* Open the image, either directly or using a protocol */ 1494 open_flags = bdrv_open_flags(bs, bs->open_flags); 1495 node_name = qemu_opt_get(opts, "node-name"); 1496 1497 assert(!drv->bdrv_file_open || file == NULL); 1498 ret = bdrv_open_driver(bs, drv, node_name, options, open_flags, errp); 1499 if (ret < 0) { 1500 goto fail_opts; 1501 } 1502 1503 qemu_opts_del(opts); 1504 return 0; 1505 1506 fail_opts: 1507 qemu_opts_del(opts); 1508 return ret; 1509 } 1510 1511 static QDict *parse_json_filename(const char *filename, Error **errp) 1512 { 1513 QObject *options_obj; 1514 QDict *options; 1515 int ret; 1516 1517 ret = strstart(filename, "json:", &filename); 1518 assert(ret); 1519 1520 options_obj = qobject_from_json(filename, errp); 1521 if (!options_obj) { 1522 error_prepend(errp, "Could not parse the JSON options: "); 1523 return NULL; 1524 } 1525 1526 options = qobject_to(QDict, options_obj); 1527 if (!options) { 1528 qobject_unref(options_obj); 1529 error_setg(errp, "Invalid JSON object given"); 1530 return NULL; 1531 } 1532 1533 qdict_flatten(options); 1534 1535 return options; 1536 } 1537 1538 static void parse_json_protocol(QDict *options, const char **pfilename, 1539 Error **errp) 1540 { 1541 QDict *json_options; 1542 Error *local_err = NULL; 1543 1544 /* Parse json: pseudo-protocol */ 1545 if (!*pfilename || !g_str_has_prefix(*pfilename, "json:")) { 1546 return; 1547 } 1548 1549 json_options = parse_json_filename(*pfilename, &local_err); 1550 if (local_err) { 1551 error_propagate(errp, local_err); 1552 return; 1553 } 1554 1555 /* Options given in the filename have lower priority than options 1556 * specified directly */ 1557 qdict_join(options, json_options, false); 1558 qobject_unref(json_options); 1559 *pfilename = NULL; 1560 } 1561 1562 /* 1563 * Fills in default options for opening images and converts the legacy 1564 * filename/flags pair to option QDict entries. 1565 * The BDRV_O_PROTOCOL flag in *flags will be set or cleared accordingly if a 1566 * block driver has been specified explicitly. 1567 */ 1568 static int bdrv_fill_options(QDict **options, const char *filename, 1569 int *flags, Error **errp) 1570 { 1571 const char *drvname; 1572 bool protocol = *flags & BDRV_O_PROTOCOL; 1573 bool parse_filename = false; 1574 BlockDriver *drv = NULL; 1575 Error *local_err = NULL; 1576 1577 /* 1578 * Caution: while qdict_get_try_str() is fine, getting non-string 1579 * types would require more care. When @options come from 1580 * -blockdev or blockdev_add, its members are typed according to 1581 * the QAPI schema, but when they come from -drive, they're all 1582 * QString. 1583 */ 1584 drvname = qdict_get_try_str(*options, "driver"); 1585 if (drvname) { 1586 drv = bdrv_find_format(drvname); 1587 if (!drv) { 1588 error_setg(errp, "Unknown driver '%s'", drvname); 1589 return -ENOENT; 1590 } 1591 /* If the user has explicitly specified the driver, this choice should 1592 * override the BDRV_O_PROTOCOL flag */ 1593 protocol = drv->bdrv_file_open; 1594 } 1595 1596 if (protocol) { 1597 *flags |= BDRV_O_PROTOCOL; 1598 } else { 1599 *flags &= ~BDRV_O_PROTOCOL; 1600 } 1601 1602 /* Translate cache options from flags into options */ 1603 update_options_from_flags(*options, *flags); 1604 1605 /* Fetch the file name from the options QDict if necessary */ 1606 if (protocol && filename) { 1607 if (!qdict_haskey(*options, "filename")) { 1608 qdict_put_str(*options, "filename", filename); 1609 parse_filename = true; 1610 } else { 1611 error_setg(errp, "Can't specify 'file' and 'filename' options at " 1612 "the same time"); 1613 return -EINVAL; 1614 } 1615 } 1616 1617 /* Find the right block driver */ 1618 /* See cautionary note on accessing @options above */ 1619 filename = qdict_get_try_str(*options, "filename"); 1620 1621 if (!drvname && protocol) { 1622 if (filename) { 1623 drv = bdrv_find_protocol(filename, parse_filename, errp); 1624 if (!drv) { 1625 return -EINVAL; 1626 } 1627 1628 drvname = drv->format_name; 1629 qdict_put_str(*options, "driver", drvname); 1630 } else { 1631 error_setg(errp, "Must specify either driver or file"); 1632 return -EINVAL; 1633 } 1634 } 1635 1636 assert(drv || !protocol); 1637 1638 /* Driver-specific filename parsing */ 1639 if (drv && drv->bdrv_parse_filename && parse_filename) { 1640 drv->bdrv_parse_filename(filename, *options, &local_err); 1641 if (local_err) { 1642 error_propagate(errp, local_err); 1643 return -EINVAL; 1644 } 1645 1646 if (!drv->bdrv_needs_filename) { 1647 qdict_del(*options, "filename"); 1648 } 1649 } 1650 1651 return 0; 1652 } 1653 1654 static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q, 1655 uint64_t perm, uint64_t shared, 1656 GSList *ignore_children, Error **errp); 1657 static void bdrv_child_abort_perm_update(BdrvChild *c); 1658 static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared); 1659 1660 typedef struct BlockReopenQueueEntry { 1661 bool prepared; 1662 BDRVReopenState state; 1663 QSIMPLEQ_ENTRY(BlockReopenQueueEntry) entry; 1664 } BlockReopenQueueEntry; 1665 1666 /* 1667 * Return the flags that @bs will have after the reopens in @q have 1668 * successfully completed. If @q is NULL (or @bs is not contained in @q), 1669 * return the current flags. 1670 */ 1671 static int bdrv_reopen_get_flags(BlockReopenQueue *q, BlockDriverState *bs) 1672 { 1673 BlockReopenQueueEntry *entry; 1674 1675 if (q != NULL) { 1676 QSIMPLEQ_FOREACH(entry, q, entry) { 1677 if (entry->state.bs == bs) { 1678 return entry->state.flags; 1679 } 1680 } 1681 } 1682 1683 return bs->open_flags; 1684 } 1685 1686 /* Returns whether the image file can be written to after the reopen queue @q 1687 * has been successfully applied, or right now if @q is NULL. */ 1688 static bool bdrv_is_writable_after_reopen(BlockDriverState *bs, 1689 BlockReopenQueue *q) 1690 { 1691 int flags = bdrv_reopen_get_flags(q, bs); 1692 1693 return (flags & (BDRV_O_RDWR | BDRV_O_INACTIVE)) == BDRV_O_RDWR; 1694 } 1695 1696 /* 1697 * Return whether the BDS can be written to. This is not necessarily 1698 * the same as !bdrv_is_read_only(bs), as inactivated images may not 1699 * be written to but do not count as read-only images. 1700 */ 1701 bool bdrv_is_writable(BlockDriverState *bs) 1702 { 1703 return bdrv_is_writable_after_reopen(bs, NULL); 1704 } 1705 1706 static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs, 1707 BdrvChild *c, const BdrvChildRole *role, 1708 BlockReopenQueue *reopen_queue, 1709 uint64_t parent_perm, uint64_t parent_shared, 1710 uint64_t *nperm, uint64_t *nshared) 1711 { 1712 if (bs->drv && bs->drv->bdrv_child_perm) { 1713 bs->drv->bdrv_child_perm(bs, c, role, reopen_queue, 1714 parent_perm, parent_shared, 1715 nperm, nshared); 1716 } 1717 /* TODO Take force_share from reopen_queue */ 1718 if (child_bs && child_bs->force_share) { 1719 *nshared = BLK_PERM_ALL; 1720 } 1721 } 1722 1723 /* 1724 * Check whether permissions on this node can be changed in a way that 1725 * @cumulative_perms and @cumulative_shared_perms are the new cumulative 1726 * permissions of all its parents. This involves checking whether all necessary 1727 * permission changes to child nodes can be performed. 1728 * 1729 * A call to this function must always be followed by a call to bdrv_set_perm() 1730 * or bdrv_abort_perm_update(). 1731 */ 1732 static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q, 1733 uint64_t cumulative_perms, 1734 uint64_t cumulative_shared_perms, 1735 GSList *ignore_children, Error **errp) 1736 { 1737 BlockDriver *drv = bs->drv; 1738 BdrvChild *c; 1739 int ret; 1740 1741 /* Write permissions never work with read-only images */ 1742 if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) && 1743 !bdrv_is_writable_after_reopen(bs, q)) 1744 { 1745 error_setg(errp, "Block node is read-only"); 1746 return -EPERM; 1747 } 1748 1749 /* Check this node */ 1750 if (!drv) { 1751 return 0; 1752 } 1753 1754 if (drv->bdrv_check_perm) { 1755 return drv->bdrv_check_perm(bs, cumulative_perms, 1756 cumulative_shared_perms, errp); 1757 } 1758 1759 /* Drivers that never have children can omit .bdrv_child_perm() */ 1760 if (!drv->bdrv_child_perm) { 1761 assert(QLIST_EMPTY(&bs->children)); 1762 return 0; 1763 } 1764 1765 /* Check all children */ 1766 QLIST_FOREACH(c, &bs->children, next) { 1767 uint64_t cur_perm, cur_shared; 1768 bdrv_child_perm(bs, c->bs, c, c->role, q, 1769 cumulative_perms, cumulative_shared_perms, 1770 &cur_perm, &cur_shared); 1771 ret = bdrv_child_check_perm(c, q, cur_perm, cur_shared, 1772 ignore_children, errp); 1773 if (ret < 0) { 1774 return ret; 1775 } 1776 } 1777 1778 return 0; 1779 } 1780 1781 /* 1782 * Notifies drivers that after a previous bdrv_check_perm() call, the 1783 * permission update is not performed and any preparations made for it (e.g. 1784 * taken file locks) need to be undone. 1785 * 1786 * This function recursively notifies all child nodes. 1787 */ 1788 static void bdrv_abort_perm_update(BlockDriverState *bs) 1789 { 1790 BlockDriver *drv = bs->drv; 1791 BdrvChild *c; 1792 1793 if (!drv) { 1794 return; 1795 } 1796 1797 if (drv->bdrv_abort_perm_update) { 1798 drv->bdrv_abort_perm_update(bs); 1799 } 1800 1801 QLIST_FOREACH(c, &bs->children, next) { 1802 bdrv_child_abort_perm_update(c); 1803 } 1804 } 1805 1806 static void bdrv_set_perm(BlockDriverState *bs, uint64_t cumulative_perms, 1807 uint64_t cumulative_shared_perms) 1808 { 1809 BlockDriver *drv = bs->drv; 1810 BdrvChild *c; 1811 1812 if (!drv) { 1813 return; 1814 } 1815 1816 /* Update this node */ 1817 if (drv->bdrv_set_perm) { 1818 drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms); 1819 } 1820 1821 /* Drivers that never have children can omit .bdrv_child_perm() */ 1822 if (!drv->bdrv_child_perm) { 1823 assert(QLIST_EMPTY(&bs->children)); 1824 return; 1825 } 1826 1827 /* Update all children */ 1828 QLIST_FOREACH(c, &bs->children, next) { 1829 uint64_t cur_perm, cur_shared; 1830 bdrv_child_perm(bs, c->bs, c, c->role, NULL, 1831 cumulative_perms, cumulative_shared_perms, 1832 &cur_perm, &cur_shared); 1833 bdrv_child_set_perm(c, cur_perm, cur_shared); 1834 } 1835 } 1836 1837 static void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm, 1838 uint64_t *shared_perm) 1839 { 1840 BdrvChild *c; 1841 uint64_t cumulative_perms = 0; 1842 uint64_t cumulative_shared_perms = BLK_PERM_ALL; 1843 1844 QLIST_FOREACH(c, &bs->parents, next_parent) { 1845 cumulative_perms |= c->perm; 1846 cumulative_shared_perms &= c->shared_perm; 1847 } 1848 1849 *perm = cumulative_perms; 1850 *shared_perm = cumulative_shared_perms; 1851 } 1852 1853 static char *bdrv_child_user_desc(BdrvChild *c) 1854 { 1855 if (c->role->get_parent_desc) { 1856 return c->role->get_parent_desc(c); 1857 } 1858 1859 return g_strdup("another user"); 1860 } 1861 1862 char *bdrv_perm_names(uint64_t perm) 1863 { 1864 struct perm_name { 1865 uint64_t perm; 1866 const char *name; 1867 } permissions[] = { 1868 { BLK_PERM_CONSISTENT_READ, "consistent read" }, 1869 { BLK_PERM_WRITE, "write" }, 1870 { BLK_PERM_WRITE_UNCHANGED, "write unchanged" }, 1871 { BLK_PERM_RESIZE, "resize" }, 1872 { BLK_PERM_GRAPH_MOD, "change children" }, 1873 { 0, NULL } 1874 }; 1875 1876 char *result = g_strdup(""); 1877 struct perm_name *p; 1878 1879 for (p = permissions; p->name; p++) { 1880 if (perm & p->perm) { 1881 char *old = result; 1882 result = g_strdup_printf("%s%s%s", old, *old ? ", " : "", p->name); 1883 g_free(old); 1884 } 1885 } 1886 1887 return result; 1888 } 1889 1890 /* 1891 * Checks whether a new reference to @bs can be added if the new user requires 1892 * @new_used_perm/@new_shared_perm as its permissions. If @ignore_children is 1893 * set, the BdrvChild objects in this list are ignored in the calculations; 1894 * this allows checking permission updates for an existing reference. 1895 * 1896 * Needs to be followed by a call to either bdrv_set_perm() or 1897 * bdrv_abort_perm_update(). */ 1898 static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q, 1899 uint64_t new_used_perm, 1900 uint64_t new_shared_perm, 1901 GSList *ignore_children, Error **errp) 1902 { 1903 BdrvChild *c; 1904 uint64_t cumulative_perms = new_used_perm; 1905 uint64_t cumulative_shared_perms = new_shared_perm; 1906 1907 /* There is no reason why anyone couldn't tolerate write_unchanged */ 1908 assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED); 1909 1910 QLIST_FOREACH(c, &bs->parents, next_parent) { 1911 if (g_slist_find(ignore_children, c)) { 1912 continue; 1913 } 1914 1915 if ((new_used_perm & c->shared_perm) != new_used_perm) { 1916 char *user = bdrv_child_user_desc(c); 1917 char *perm_names = bdrv_perm_names(new_used_perm & ~c->shared_perm); 1918 error_setg(errp, "Conflicts with use by %s as '%s', which does not " 1919 "allow '%s' on %s", 1920 user, c->name, perm_names, bdrv_get_node_name(c->bs)); 1921 g_free(user); 1922 g_free(perm_names); 1923 return -EPERM; 1924 } 1925 1926 if ((c->perm & new_shared_perm) != c->perm) { 1927 char *user = bdrv_child_user_desc(c); 1928 char *perm_names = bdrv_perm_names(c->perm & ~new_shared_perm); 1929 error_setg(errp, "Conflicts with use by %s as '%s', which uses " 1930 "'%s' on %s", 1931 user, c->name, perm_names, bdrv_get_node_name(c->bs)); 1932 g_free(user); 1933 g_free(perm_names); 1934 return -EPERM; 1935 } 1936 1937 cumulative_perms |= c->perm; 1938 cumulative_shared_perms &= c->shared_perm; 1939 } 1940 1941 return bdrv_check_perm(bs, q, cumulative_perms, cumulative_shared_perms, 1942 ignore_children, errp); 1943 } 1944 1945 /* Needs to be followed by a call to either bdrv_child_set_perm() or 1946 * bdrv_child_abort_perm_update(). */ 1947 static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q, 1948 uint64_t perm, uint64_t shared, 1949 GSList *ignore_children, Error **errp) 1950 { 1951 int ret; 1952 1953 ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c); 1954 ret = bdrv_check_update_perm(c->bs, q, perm, shared, ignore_children, errp); 1955 g_slist_free(ignore_children); 1956 1957 return ret; 1958 } 1959 1960 static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared) 1961 { 1962 uint64_t cumulative_perms, cumulative_shared_perms; 1963 1964 c->perm = perm; 1965 c->shared_perm = shared; 1966 1967 bdrv_get_cumulative_perm(c->bs, &cumulative_perms, 1968 &cumulative_shared_perms); 1969 bdrv_set_perm(c->bs, cumulative_perms, cumulative_shared_perms); 1970 } 1971 1972 static void bdrv_child_abort_perm_update(BdrvChild *c) 1973 { 1974 bdrv_abort_perm_update(c->bs); 1975 } 1976 1977 int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared, 1978 Error **errp) 1979 { 1980 int ret; 1981 1982 ret = bdrv_child_check_perm(c, NULL, perm, shared, NULL, errp); 1983 if (ret < 0) { 1984 bdrv_child_abort_perm_update(c); 1985 return ret; 1986 } 1987 1988 bdrv_child_set_perm(c, perm, shared); 1989 1990 return 0; 1991 } 1992 1993 void bdrv_filter_default_perms(BlockDriverState *bs, BdrvChild *c, 1994 const BdrvChildRole *role, 1995 BlockReopenQueue *reopen_queue, 1996 uint64_t perm, uint64_t shared, 1997 uint64_t *nperm, uint64_t *nshared) 1998 { 1999 if (c == NULL) { 2000 *nperm = perm & DEFAULT_PERM_PASSTHROUGH; 2001 *nshared = (shared & DEFAULT_PERM_PASSTHROUGH) | DEFAULT_PERM_UNCHANGED; 2002 return; 2003 } 2004 2005 *nperm = (perm & DEFAULT_PERM_PASSTHROUGH) | 2006 (c->perm & DEFAULT_PERM_UNCHANGED); 2007 *nshared = (shared & DEFAULT_PERM_PASSTHROUGH) | 2008 (c->shared_perm & DEFAULT_PERM_UNCHANGED); 2009 } 2010 2011 void bdrv_format_default_perms(BlockDriverState *bs, BdrvChild *c, 2012 const BdrvChildRole *role, 2013 BlockReopenQueue *reopen_queue, 2014 uint64_t perm, uint64_t shared, 2015 uint64_t *nperm, uint64_t *nshared) 2016 { 2017 bool backing = (role == &child_backing); 2018 assert(role == &child_backing || role == &child_file); 2019 2020 if (!backing) { 2021 int flags = bdrv_reopen_get_flags(reopen_queue, bs); 2022 2023 /* Apart from the modifications below, the same permissions are 2024 * forwarded and left alone as for filters */ 2025 bdrv_filter_default_perms(bs, c, role, reopen_queue, perm, shared, 2026 &perm, &shared); 2027 2028 /* Format drivers may touch metadata even if the guest doesn't write */ 2029 if (bdrv_is_writable_after_reopen(bs, reopen_queue)) { 2030 perm |= BLK_PERM_WRITE | BLK_PERM_RESIZE; 2031 } 2032 2033 /* bs->file always needs to be consistent because of the metadata. We 2034 * can never allow other users to resize or write to it. */ 2035 if (!(flags & BDRV_O_NO_IO)) { 2036 perm |= BLK_PERM_CONSISTENT_READ; 2037 } 2038 shared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE); 2039 } else { 2040 /* We want consistent read from backing files if the parent needs it. 2041 * No other operations are performed on backing files. */ 2042 perm &= BLK_PERM_CONSISTENT_READ; 2043 2044 /* If the parent can deal with changing data, we're okay with a 2045 * writable and resizable backing file. */ 2046 /* TODO Require !(perm & BLK_PERM_CONSISTENT_READ), too? */ 2047 if (shared & BLK_PERM_WRITE) { 2048 shared = BLK_PERM_WRITE | BLK_PERM_RESIZE; 2049 } else { 2050 shared = 0; 2051 } 2052 2053 shared |= BLK_PERM_CONSISTENT_READ | BLK_PERM_GRAPH_MOD | 2054 BLK_PERM_WRITE_UNCHANGED; 2055 } 2056 2057 if (bs->open_flags & BDRV_O_INACTIVE) { 2058 shared |= BLK_PERM_WRITE | BLK_PERM_RESIZE; 2059 } 2060 2061 *nperm = perm; 2062 *nshared = shared; 2063 } 2064 2065 static void bdrv_replace_child_noperm(BdrvChild *child, 2066 BlockDriverState *new_bs) 2067 { 2068 BlockDriverState *old_bs = child->bs; 2069 int i; 2070 2071 if (old_bs && new_bs) { 2072 assert(bdrv_get_aio_context(old_bs) == bdrv_get_aio_context(new_bs)); 2073 } 2074 if (old_bs) { 2075 /* Detach first so that the recursive drain sections coming from @child 2076 * are already gone and we only end the drain sections that came from 2077 * elsewhere. */ 2078 if (child->role->detach) { 2079 child->role->detach(child); 2080 } 2081 if (old_bs->quiesce_counter && child->role->drained_end) { 2082 int num = old_bs->quiesce_counter; 2083 if (child->role->parent_is_bds) { 2084 num -= bdrv_drain_all_count; 2085 } 2086 assert(num >= 0); 2087 for (i = 0; i < num; i++) { 2088 child->role->drained_end(child); 2089 } 2090 } 2091 QLIST_REMOVE(child, next_parent); 2092 } 2093 2094 child->bs = new_bs; 2095 2096 if (new_bs) { 2097 QLIST_INSERT_HEAD(&new_bs->parents, child, next_parent); 2098 if (new_bs->quiesce_counter && child->role->drained_begin) { 2099 int num = new_bs->quiesce_counter; 2100 if (child->role->parent_is_bds) { 2101 num -= bdrv_drain_all_count; 2102 } 2103 assert(num >= 0); 2104 for (i = 0; i < num; i++) { 2105 bdrv_parent_drained_begin_single(child, true); 2106 } 2107 } 2108 2109 /* Attach only after starting new drained sections, so that recursive 2110 * drain sections coming from @child don't get an extra .drained_begin 2111 * callback. */ 2112 if (child->role->attach) { 2113 child->role->attach(child); 2114 } 2115 } 2116 } 2117 2118 /* 2119 * Updates @child to change its reference to point to @new_bs, including 2120 * checking and applying the necessary permisson updates both to the old node 2121 * and to @new_bs. 2122 * 2123 * NULL is passed as @new_bs for removing the reference before freeing @child. 2124 * 2125 * If @new_bs is not NULL, bdrv_check_perm() must be called beforehand, as this 2126 * function uses bdrv_set_perm() to update the permissions according to the new 2127 * reference that @new_bs gets. 2128 */ 2129 static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs) 2130 { 2131 BlockDriverState *old_bs = child->bs; 2132 uint64_t perm, shared_perm; 2133 2134 bdrv_replace_child_noperm(child, new_bs); 2135 2136 if (old_bs) { 2137 /* Update permissions for old node. This is guaranteed to succeed 2138 * because we're just taking a parent away, so we're loosening 2139 * restrictions. */ 2140 bdrv_get_cumulative_perm(old_bs, &perm, &shared_perm); 2141 bdrv_check_perm(old_bs, NULL, perm, shared_perm, NULL, &error_abort); 2142 bdrv_set_perm(old_bs, perm, shared_perm); 2143 } 2144 2145 if (new_bs) { 2146 bdrv_get_cumulative_perm(new_bs, &perm, &shared_perm); 2147 bdrv_set_perm(new_bs, perm, shared_perm); 2148 } 2149 } 2150 2151 BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs, 2152 const char *child_name, 2153 const BdrvChildRole *child_role, 2154 uint64_t perm, uint64_t shared_perm, 2155 void *opaque, Error **errp) 2156 { 2157 BdrvChild *child; 2158 int ret; 2159 2160 ret = bdrv_check_update_perm(child_bs, NULL, perm, shared_perm, NULL, errp); 2161 if (ret < 0) { 2162 bdrv_abort_perm_update(child_bs); 2163 return NULL; 2164 } 2165 2166 child = g_new(BdrvChild, 1); 2167 *child = (BdrvChild) { 2168 .bs = NULL, 2169 .name = g_strdup(child_name), 2170 .role = child_role, 2171 .perm = perm, 2172 .shared_perm = shared_perm, 2173 .opaque = opaque, 2174 }; 2175 2176 /* This performs the matching bdrv_set_perm() for the above check. */ 2177 bdrv_replace_child(child, child_bs); 2178 2179 return child; 2180 } 2181 2182 BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs, 2183 BlockDriverState *child_bs, 2184 const char *child_name, 2185 const BdrvChildRole *child_role, 2186 Error **errp) 2187 { 2188 BdrvChild *child; 2189 uint64_t perm, shared_perm; 2190 2191 bdrv_get_cumulative_perm(parent_bs, &perm, &shared_perm); 2192 2193 assert(parent_bs->drv); 2194 assert(bdrv_get_aio_context(parent_bs) == bdrv_get_aio_context(child_bs)); 2195 bdrv_child_perm(parent_bs, child_bs, NULL, child_role, NULL, 2196 perm, shared_perm, &perm, &shared_perm); 2197 2198 child = bdrv_root_attach_child(child_bs, child_name, child_role, 2199 perm, shared_perm, parent_bs, errp); 2200 if (child == NULL) { 2201 return NULL; 2202 } 2203 2204 QLIST_INSERT_HEAD(&parent_bs->children, child, next); 2205 return child; 2206 } 2207 2208 static void bdrv_detach_child(BdrvChild *child) 2209 { 2210 if (child->next.le_prev) { 2211 QLIST_REMOVE(child, next); 2212 child->next.le_prev = NULL; 2213 } 2214 2215 bdrv_replace_child(child, NULL); 2216 2217 g_free(child->name); 2218 g_free(child); 2219 } 2220 2221 void bdrv_root_unref_child(BdrvChild *child) 2222 { 2223 BlockDriverState *child_bs; 2224 2225 child_bs = child->bs; 2226 bdrv_detach_child(child); 2227 bdrv_unref(child_bs); 2228 } 2229 2230 void bdrv_unref_child(BlockDriverState *parent, BdrvChild *child) 2231 { 2232 if (child == NULL) { 2233 return; 2234 } 2235 2236 if (child->bs->inherits_from == parent) { 2237 BdrvChild *c; 2238 2239 /* Remove inherits_from only when the last reference between parent and 2240 * child->bs goes away. */ 2241 QLIST_FOREACH(c, &parent->children, next) { 2242 if (c != child && c->bs == child->bs) { 2243 break; 2244 } 2245 } 2246 if (c == NULL) { 2247 child->bs->inherits_from = NULL; 2248 } 2249 } 2250 2251 bdrv_root_unref_child(child); 2252 } 2253 2254 2255 static void bdrv_parent_cb_change_media(BlockDriverState *bs, bool load) 2256 { 2257 BdrvChild *c; 2258 QLIST_FOREACH(c, &bs->parents, next_parent) { 2259 if (c->role->change_media) { 2260 c->role->change_media(c, load); 2261 } 2262 } 2263 } 2264 2265 /* 2266 * Sets the backing file link of a BDS. A new reference is created; callers 2267 * which don't need their own reference any more must call bdrv_unref(). 2268 */ 2269 void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd, 2270 Error **errp) 2271 { 2272 if (backing_hd) { 2273 bdrv_ref(backing_hd); 2274 } 2275 2276 if (bs->backing) { 2277 bdrv_unref_child(bs, bs->backing); 2278 } 2279 2280 if (!backing_hd) { 2281 bs->backing = NULL; 2282 goto out; 2283 } 2284 2285 bs->backing = bdrv_attach_child(bs, backing_hd, "backing", &child_backing, 2286 errp); 2287 if (!bs->backing) { 2288 bdrv_unref(backing_hd); 2289 } 2290 2291 bdrv_refresh_filename(bs); 2292 2293 out: 2294 bdrv_refresh_limits(bs, NULL); 2295 } 2296 2297 /* 2298 * Opens the backing file for a BlockDriverState if not yet open 2299 * 2300 * bdref_key specifies the key for the image's BlockdevRef in the options QDict. 2301 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict 2302 * itself, all options starting with "${bdref_key}." are considered part of the 2303 * BlockdevRef. 2304 * 2305 * TODO Can this be unified with bdrv_open_image()? 2306 */ 2307 int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options, 2308 const char *bdref_key, Error **errp) 2309 { 2310 char *backing_filename = g_malloc0(PATH_MAX); 2311 char *bdref_key_dot; 2312 const char *reference = NULL; 2313 int ret = 0; 2314 BlockDriverState *backing_hd; 2315 QDict *options; 2316 QDict *tmp_parent_options = NULL; 2317 Error *local_err = NULL; 2318 2319 if (bs->backing != NULL) { 2320 goto free_exit; 2321 } 2322 2323 /* NULL means an empty set of options */ 2324 if (parent_options == NULL) { 2325 tmp_parent_options = qdict_new(); 2326 parent_options = tmp_parent_options; 2327 } 2328 2329 bs->open_flags &= ~BDRV_O_NO_BACKING; 2330 2331 bdref_key_dot = g_strdup_printf("%s.", bdref_key); 2332 qdict_extract_subqdict(parent_options, &options, bdref_key_dot); 2333 g_free(bdref_key_dot); 2334 2335 /* 2336 * Caution: while qdict_get_try_str() is fine, getting non-string 2337 * types would require more care. When @parent_options come from 2338 * -blockdev or blockdev_add, its members are typed according to 2339 * the QAPI schema, but when they come from -drive, they're all 2340 * QString. 2341 */ 2342 reference = qdict_get_try_str(parent_options, bdref_key); 2343 if (reference || qdict_haskey(options, "file.filename")) { 2344 backing_filename[0] = '\0'; 2345 } else if (bs->backing_file[0] == '\0' && qdict_size(options) == 0) { 2346 qobject_unref(options); 2347 goto free_exit; 2348 } else { 2349 bdrv_get_full_backing_filename(bs, backing_filename, PATH_MAX, 2350 &local_err); 2351 if (local_err) { 2352 ret = -EINVAL; 2353 error_propagate(errp, local_err); 2354 qobject_unref(options); 2355 goto free_exit; 2356 } 2357 } 2358 2359 if (!bs->drv || !bs->drv->supports_backing) { 2360 ret = -EINVAL; 2361 error_setg(errp, "Driver doesn't support backing files"); 2362 qobject_unref(options); 2363 goto free_exit; 2364 } 2365 2366 if (!reference && 2367 bs->backing_format[0] != '\0' && !qdict_haskey(options, "driver")) { 2368 qdict_put_str(options, "driver", bs->backing_format); 2369 } 2370 2371 backing_hd = bdrv_open_inherit(*backing_filename ? backing_filename : NULL, 2372 reference, options, 0, bs, &child_backing, 2373 errp); 2374 if (!backing_hd) { 2375 bs->open_flags |= BDRV_O_NO_BACKING; 2376 error_prepend(errp, "Could not open backing file: "); 2377 ret = -EINVAL; 2378 goto free_exit; 2379 } 2380 bdrv_set_aio_context(backing_hd, bdrv_get_aio_context(bs)); 2381 2382 /* Hook up the backing file link; drop our reference, bs owns the 2383 * backing_hd reference now */ 2384 bdrv_set_backing_hd(bs, backing_hd, &local_err); 2385 bdrv_unref(backing_hd); 2386 if (local_err) { 2387 error_propagate(errp, local_err); 2388 ret = -EINVAL; 2389 goto free_exit; 2390 } 2391 2392 qdict_del(parent_options, bdref_key); 2393 2394 free_exit: 2395 g_free(backing_filename); 2396 qobject_unref(tmp_parent_options); 2397 return ret; 2398 } 2399 2400 static BlockDriverState * 2401 bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key, 2402 BlockDriverState *parent, const BdrvChildRole *child_role, 2403 bool allow_none, Error **errp) 2404 { 2405 BlockDriverState *bs = NULL; 2406 QDict *image_options; 2407 char *bdref_key_dot; 2408 const char *reference; 2409 2410 assert(child_role != NULL); 2411 2412 bdref_key_dot = g_strdup_printf("%s.", bdref_key); 2413 qdict_extract_subqdict(options, &image_options, bdref_key_dot); 2414 g_free(bdref_key_dot); 2415 2416 /* 2417 * Caution: while qdict_get_try_str() is fine, getting non-string 2418 * types would require more care. When @options come from 2419 * -blockdev or blockdev_add, its members are typed according to 2420 * the QAPI schema, but when they come from -drive, they're all 2421 * QString. 2422 */ 2423 reference = qdict_get_try_str(options, bdref_key); 2424 if (!filename && !reference && !qdict_size(image_options)) { 2425 if (!allow_none) { 2426 error_setg(errp, "A block device must be specified for \"%s\"", 2427 bdref_key); 2428 } 2429 qobject_unref(image_options); 2430 goto done; 2431 } 2432 2433 bs = bdrv_open_inherit(filename, reference, image_options, 0, 2434 parent, child_role, errp); 2435 if (!bs) { 2436 goto done; 2437 } 2438 2439 done: 2440 qdict_del(options, bdref_key); 2441 return bs; 2442 } 2443 2444 /* 2445 * Opens a disk image whose options are given as BlockdevRef in another block 2446 * device's options. 2447 * 2448 * If allow_none is true, no image will be opened if filename is false and no 2449 * BlockdevRef is given. NULL will be returned, but errp remains unset. 2450 * 2451 * bdrev_key specifies the key for the image's BlockdevRef in the options QDict. 2452 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict 2453 * itself, all options starting with "${bdref_key}." are considered part of the 2454 * BlockdevRef. 2455 * 2456 * The BlockdevRef will be removed from the options QDict. 2457 */ 2458 BdrvChild *bdrv_open_child(const char *filename, 2459 QDict *options, const char *bdref_key, 2460 BlockDriverState *parent, 2461 const BdrvChildRole *child_role, 2462 bool allow_none, Error **errp) 2463 { 2464 BdrvChild *c; 2465 BlockDriverState *bs; 2466 2467 bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_role, 2468 allow_none, errp); 2469 if (bs == NULL) { 2470 return NULL; 2471 } 2472 2473 c = bdrv_attach_child(parent, bs, bdref_key, child_role, errp); 2474 if (!c) { 2475 bdrv_unref(bs); 2476 return NULL; 2477 } 2478 2479 return c; 2480 } 2481 2482 /* TODO Future callers may need to specify parent/child_role in order for 2483 * option inheritance to work. Existing callers use it for the root node. */ 2484 BlockDriverState *bdrv_open_blockdev_ref(BlockdevRef *ref, Error **errp) 2485 { 2486 BlockDriverState *bs = NULL; 2487 Error *local_err = NULL; 2488 QObject *obj = NULL; 2489 QDict *qdict = NULL; 2490 const char *reference = NULL; 2491 Visitor *v = NULL; 2492 2493 if (ref->type == QTYPE_QSTRING) { 2494 reference = ref->u.reference; 2495 } else { 2496 BlockdevOptions *options = &ref->u.definition; 2497 assert(ref->type == QTYPE_QDICT); 2498 2499 v = qobject_output_visitor_new(&obj); 2500 visit_type_BlockdevOptions(v, NULL, &options, &local_err); 2501 if (local_err) { 2502 error_propagate(errp, local_err); 2503 goto fail; 2504 } 2505 visit_complete(v, &obj); 2506 2507 qdict = qobject_to(QDict, obj); 2508 qdict_flatten(qdict); 2509 2510 /* bdrv_open_inherit() defaults to the values in bdrv_flags (for 2511 * compatibility with other callers) rather than what we want as the 2512 * real defaults. Apply the defaults here instead. */ 2513 qdict_set_default_str(qdict, BDRV_OPT_CACHE_DIRECT, "off"); 2514 qdict_set_default_str(qdict, BDRV_OPT_CACHE_NO_FLUSH, "off"); 2515 qdict_set_default_str(qdict, BDRV_OPT_READ_ONLY, "off"); 2516 qdict_set_default_str(qdict, BDRV_OPT_AUTO_READ_ONLY, "off"); 2517 2518 } 2519 2520 bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, errp); 2521 obj = NULL; 2522 2523 fail: 2524 qobject_unref(obj); 2525 visit_free(v); 2526 return bs; 2527 } 2528 2529 static BlockDriverState *bdrv_append_temp_snapshot(BlockDriverState *bs, 2530 int flags, 2531 QDict *snapshot_options, 2532 Error **errp) 2533 { 2534 /* TODO: extra byte is a hack to ensure MAX_PATH space on Windows. */ 2535 char *tmp_filename = g_malloc0(PATH_MAX + 1); 2536 int64_t total_size; 2537 QemuOpts *opts = NULL; 2538 BlockDriverState *bs_snapshot = NULL; 2539 Error *local_err = NULL; 2540 int ret; 2541 2542 /* if snapshot, we create a temporary backing file and open it 2543 instead of opening 'filename' directly */ 2544 2545 /* Get the required size from the image */ 2546 total_size = bdrv_getlength(bs); 2547 if (total_size < 0) { 2548 error_setg_errno(errp, -total_size, "Could not get image size"); 2549 goto out; 2550 } 2551 2552 /* Create the temporary image */ 2553 ret = get_tmp_filename(tmp_filename, PATH_MAX + 1); 2554 if (ret < 0) { 2555 error_setg_errno(errp, -ret, "Could not get temporary filename"); 2556 goto out; 2557 } 2558 2559 opts = qemu_opts_create(bdrv_qcow2.create_opts, NULL, 0, 2560 &error_abort); 2561 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size, &error_abort); 2562 ret = bdrv_create(&bdrv_qcow2, tmp_filename, opts, errp); 2563 qemu_opts_del(opts); 2564 if (ret < 0) { 2565 error_prepend(errp, "Could not create temporary overlay '%s': ", 2566 tmp_filename); 2567 goto out; 2568 } 2569 2570 /* Prepare options QDict for the temporary file */ 2571 qdict_put_str(snapshot_options, "file.driver", "file"); 2572 qdict_put_str(snapshot_options, "file.filename", tmp_filename); 2573 qdict_put_str(snapshot_options, "driver", "qcow2"); 2574 2575 bs_snapshot = bdrv_open(NULL, NULL, snapshot_options, flags, errp); 2576 snapshot_options = NULL; 2577 if (!bs_snapshot) { 2578 goto out; 2579 } 2580 2581 /* bdrv_append() consumes a strong reference to bs_snapshot 2582 * (i.e. it will call bdrv_unref() on it) even on error, so in 2583 * order to be able to return one, we have to increase 2584 * bs_snapshot's refcount here */ 2585 bdrv_ref(bs_snapshot); 2586 bdrv_append(bs_snapshot, bs, &local_err); 2587 if (local_err) { 2588 error_propagate(errp, local_err); 2589 bs_snapshot = NULL; 2590 goto out; 2591 } 2592 2593 out: 2594 qobject_unref(snapshot_options); 2595 g_free(tmp_filename); 2596 return bs_snapshot; 2597 } 2598 2599 /* 2600 * Opens a disk image (raw, qcow2, vmdk, ...) 2601 * 2602 * options is a QDict of options to pass to the block drivers, or NULL for an 2603 * empty set of options. The reference to the QDict belongs to the block layer 2604 * after the call (even on failure), so if the caller intends to reuse the 2605 * dictionary, it needs to use qobject_ref() before calling bdrv_open. 2606 * 2607 * If *pbs is NULL, a new BDS will be created with a pointer to it stored there. 2608 * If it is not NULL, the referenced BDS will be reused. 2609 * 2610 * The reference parameter may be used to specify an existing block device which 2611 * should be opened. If specified, neither options nor a filename may be given, 2612 * nor can an existing BDS be reused (that is, *pbs has to be NULL). 2613 */ 2614 static BlockDriverState *bdrv_open_inherit(const char *filename, 2615 const char *reference, 2616 QDict *options, int flags, 2617 BlockDriverState *parent, 2618 const BdrvChildRole *child_role, 2619 Error **errp) 2620 { 2621 int ret; 2622 BlockBackend *file = NULL; 2623 BlockDriverState *bs; 2624 BlockDriver *drv = NULL; 2625 BdrvChild *child; 2626 const char *drvname; 2627 const char *backing; 2628 Error *local_err = NULL; 2629 QDict *snapshot_options = NULL; 2630 int snapshot_flags = 0; 2631 2632 assert(!child_role || !flags); 2633 assert(!child_role == !parent); 2634 2635 if (reference) { 2636 bool options_non_empty = options ? qdict_size(options) : false; 2637 qobject_unref(options); 2638 2639 if (filename || options_non_empty) { 2640 error_setg(errp, "Cannot reference an existing block device with " 2641 "additional options or a new filename"); 2642 return NULL; 2643 } 2644 2645 bs = bdrv_lookup_bs(reference, reference, errp); 2646 if (!bs) { 2647 return NULL; 2648 } 2649 2650 bdrv_ref(bs); 2651 return bs; 2652 } 2653 2654 bs = bdrv_new(); 2655 2656 /* NULL means an empty set of options */ 2657 if (options == NULL) { 2658 options = qdict_new(); 2659 } 2660 2661 /* json: syntax counts as explicit options, as if in the QDict */ 2662 parse_json_protocol(options, &filename, &local_err); 2663 if (local_err) { 2664 goto fail; 2665 } 2666 2667 bs->explicit_options = qdict_clone_shallow(options); 2668 2669 if (child_role) { 2670 bs->inherits_from = parent; 2671 child_role->inherit_options(&flags, options, 2672 parent->open_flags, parent->options); 2673 } 2674 2675 ret = bdrv_fill_options(&options, filename, &flags, &local_err); 2676 if (local_err) { 2677 goto fail; 2678 } 2679 2680 /* 2681 * Set the BDRV_O_RDWR and BDRV_O_ALLOW_RDWR flags. 2682 * Caution: getting a boolean member of @options requires care. 2683 * When @options come from -blockdev or blockdev_add, members are 2684 * typed according to the QAPI schema, but when they come from 2685 * -drive, they're all QString. 2686 */ 2687 if (g_strcmp0(qdict_get_try_str(options, BDRV_OPT_READ_ONLY), "on") && 2688 !qdict_get_try_bool(options, BDRV_OPT_READ_ONLY, false)) { 2689 flags |= (BDRV_O_RDWR | BDRV_O_ALLOW_RDWR); 2690 } else { 2691 flags &= ~BDRV_O_RDWR; 2692 } 2693 2694 if (flags & BDRV_O_SNAPSHOT) { 2695 snapshot_options = qdict_new(); 2696 bdrv_temp_snapshot_options(&snapshot_flags, snapshot_options, 2697 flags, options); 2698 /* Let bdrv_backing_options() override "read-only" */ 2699 qdict_del(options, BDRV_OPT_READ_ONLY); 2700 bdrv_backing_options(&flags, options, flags, options); 2701 } 2702 2703 bs->open_flags = flags; 2704 bs->options = options; 2705 options = qdict_clone_shallow(options); 2706 2707 /* Find the right image format driver */ 2708 /* See cautionary note on accessing @options above */ 2709 drvname = qdict_get_try_str(options, "driver"); 2710 if (drvname) { 2711 drv = bdrv_find_format(drvname); 2712 if (!drv) { 2713 error_setg(errp, "Unknown driver: '%s'", drvname); 2714 goto fail; 2715 } 2716 } 2717 2718 assert(drvname || !(flags & BDRV_O_PROTOCOL)); 2719 2720 /* See cautionary note on accessing @options above */ 2721 backing = qdict_get_try_str(options, "backing"); 2722 if (qobject_to(QNull, qdict_get(options, "backing")) != NULL || 2723 (backing && *backing == '\0')) 2724 { 2725 if (backing) { 2726 warn_report("Use of \"backing\": \"\" is deprecated; " 2727 "use \"backing\": null instead"); 2728 } 2729 flags |= BDRV_O_NO_BACKING; 2730 qdict_del(options, "backing"); 2731 } 2732 2733 /* Open image file without format layer. This BlockBackend is only used for 2734 * probing, the block drivers will do their own bdrv_open_child() for the 2735 * same BDS, which is why we put the node name back into options. */ 2736 if ((flags & BDRV_O_PROTOCOL) == 0) { 2737 BlockDriverState *file_bs; 2738 2739 file_bs = bdrv_open_child_bs(filename, options, "file", bs, 2740 &child_file, true, &local_err); 2741 if (local_err) { 2742 goto fail; 2743 } 2744 if (file_bs != NULL) { 2745 /* Not requesting BLK_PERM_CONSISTENT_READ because we're only 2746 * looking at the header to guess the image format. This works even 2747 * in cases where a guest would not see a consistent state. */ 2748 file = blk_new(0, BLK_PERM_ALL); 2749 blk_insert_bs(file, file_bs, &local_err); 2750 bdrv_unref(file_bs); 2751 if (local_err) { 2752 goto fail; 2753 } 2754 2755 qdict_put_str(options, "file", bdrv_get_node_name(file_bs)); 2756 } 2757 } 2758 2759 /* Image format probing */ 2760 bs->probed = !drv; 2761 if (!drv && file) { 2762 ret = find_image_format(file, filename, &drv, &local_err); 2763 if (ret < 0) { 2764 goto fail; 2765 } 2766 /* 2767 * This option update would logically belong in bdrv_fill_options(), 2768 * but we first need to open bs->file for the probing to work, while 2769 * opening bs->file already requires the (mostly) final set of options 2770 * so that cache mode etc. can be inherited. 2771 * 2772 * Adding the driver later is somewhat ugly, but it's not an option 2773 * that would ever be inherited, so it's correct. We just need to make 2774 * sure to update both bs->options (which has the full effective 2775 * options for bs) and options (which has file.* already removed). 2776 */ 2777 qdict_put_str(bs->options, "driver", drv->format_name); 2778 qdict_put_str(options, "driver", drv->format_name); 2779 } else if (!drv) { 2780 error_setg(errp, "Must specify either driver or file"); 2781 goto fail; 2782 } 2783 2784 /* BDRV_O_PROTOCOL must be set iff a protocol BDS is about to be created */ 2785 assert(!!(flags & BDRV_O_PROTOCOL) == !!drv->bdrv_file_open); 2786 /* file must be NULL if a protocol BDS is about to be created 2787 * (the inverse results in an error message from bdrv_open_common()) */ 2788 assert(!(flags & BDRV_O_PROTOCOL) || !file); 2789 2790 /* Open the image */ 2791 ret = bdrv_open_common(bs, file, options, &local_err); 2792 if (ret < 0) { 2793 goto fail; 2794 } 2795 2796 if (file) { 2797 blk_unref(file); 2798 file = NULL; 2799 } 2800 2801 /* If there is a backing file, use it */ 2802 if ((flags & BDRV_O_NO_BACKING) == 0) { 2803 ret = bdrv_open_backing_file(bs, options, "backing", &local_err); 2804 if (ret < 0) { 2805 goto close_and_fail; 2806 } 2807 } 2808 2809 /* Remove all children options and references 2810 * from bs->options and bs->explicit_options */ 2811 QLIST_FOREACH(child, &bs->children, next) { 2812 char *child_key_dot; 2813 child_key_dot = g_strdup_printf("%s.", child->name); 2814 qdict_extract_subqdict(bs->explicit_options, NULL, child_key_dot); 2815 qdict_extract_subqdict(bs->options, NULL, child_key_dot); 2816 qdict_del(bs->explicit_options, child->name); 2817 qdict_del(bs->options, child->name); 2818 g_free(child_key_dot); 2819 } 2820 2821 bdrv_refresh_filename(bs); 2822 2823 /* Check if any unknown options were used */ 2824 if (qdict_size(options) != 0) { 2825 const QDictEntry *entry = qdict_first(options); 2826 if (flags & BDRV_O_PROTOCOL) { 2827 error_setg(errp, "Block protocol '%s' doesn't support the option " 2828 "'%s'", drv->format_name, entry->key); 2829 } else { 2830 error_setg(errp, 2831 "Block format '%s' does not support the option '%s'", 2832 drv->format_name, entry->key); 2833 } 2834 2835 goto close_and_fail; 2836 } 2837 2838 bdrv_parent_cb_change_media(bs, true); 2839 2840 qobject_unref(options); 2841 options = NULL; 2842 2843 /* For snapshot=on, create a temporary qcow2 overlay. bs points to the 2844 * temporary snapshot afterwards. */ 2845 if (snapshot_flags) { 2846 BlockDriverState *snapshot_bs; 2847 snapshot_bs = bdrv_append_temp_snapshot(bs, snapshot_flags, 2848 snapshot_options, &local_err); 2849 snapshot_options = NULL; 2850 if (local_err) { 2851 goto close_and_fail; 2852 } 2853 /* We are not going to return bs but the overlay on top of it 2854 * (snapshot_bs); thus, we have to drop the strong reference to bs 2855 * (which we obtained by calling bdrv_new()). bs will not be deleted, 2856 * though, because the overlay still has a reference to it. */ 2857 bdrv_unref(bs); 2858 bs = snapshot_bs; 2859 } 2860 2861 return bs; 2862 2863 fail: 2864 blk_unref(file); 2865 qobject_unref(snapshot_options); 2866 qobject_unref(bs->explicit_options); 2867 qobject_unref(bs->options); 2868 qobject_unref(options); 2869 bs->options = NULL; 2870 bs->explicit_options = NULL; 2871 bdrv_unref(bs); 2872 error_propagate(errp, local_err); 2873 return NULL; 2874 2875 close_and_fail: 2876 bdrv_unref(bs); 2877 qobject_unref(snapshot_options); 2878 qobject_unref(options); 2879 error_propagate(errp, local_err); 2880 return NULL; 2881 } 2882 2883 BlockDriverState *bdrv_open(const char *filename, const char *reference, 2884 QDict *options, int flags, Error **errp) 2885 { 2886 return bdrv_open_inherit(filename, reference, options, flags, NULL, 2887 NULL, errp); 2888 } 2889 2890 /* 2891 * Adds a BlockDriverState to a simple queue for an atomic, transactional 2892 * reopen of multiple devices. 2893 * 2894 * bs_queue can either be an existing BlockReopenQueue that has had QSIMPLE_INIT 2895 * already performed, or alternatively may be NULL a new BlockReopenQueue will 2896 * be created and initialized. This newly created BlockReopenQueue should be 2897 * passed back in for subsequent calls that are intended to be of the same 2898 * atomic 'set'. 2899 * 2900 * bs is the BlockDriverState to add to the reopen queue. 2901 * 2902 * options contains the changed options for the associated bs 2903 * (the BlockReopenQueue takes ownership) 2904 * 2905 * flags contains the open flags for the associated bs 2906 * 2907 * returns a pointer to bs_queue, which is either the newly allocated 2908 * bs_queue, or the existing bs_queue being used. 2909 * 2910 * bs must be drained between bdrv_reopen_queue() and bdrv_reopen_multiple(). 2911 */ 2912 static BlockReopenQueue *bdrv_reopen_queue_child(BlockReopenQueue *bs_queue, 2913 BlockDriverState *bs, 2914 QDict *options, 2915 int flags, 2916 const BdrvChildRole *role, 2917 QDict *parent_options, 2918 int parent_flags) 2919 { 2920 assert(bs != NULL); 2921 2922 BlockReopenQueueEntry *bs_entry; 2923 BdrvChild *child; 2924 QDict *old_options, *explicit_options; 2925 2926 /* Make sure that the caller remembered to use a drained section. This is 2927 * important to avoid graph changes between the recursive queuing here and 2928 * bdrv_reopen_multiple(). */ 2929 assert(bs->quiesce_counter > 0); 2930 2931 if (bs_queue == NULL) { 2932 bs_queue = g_new0(BlockReopenQueue, 1); 2933 QSIMPLEQ_INIT(bs_queue); 2934 } 2935 2936 if (!options) { 2937 options = qdict_new(); 2938 } 2939 2940 /* Check if this BlockDriverState is already in the queue */ 2941 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) { 2942 if (bs == bs_entry->state.bs) { 2943 break; 2944 } 2945 } 2946 2947 /* 2948 * Precedence of options: 2949 * 1. Explicitly passed in options (highest) 2950 * 2. Set in flags (only for top level) 2951 * 3. Retained from explicitly set options of bs 2952 * 4. Inherited from parent node 2953 * 5. Retained from effective options of bs 2954 */ 2955 2956 if (!parent_options) { 2957 /* 2958 * Any setting represented by flags is always updated. If the 2959 * corresponding QDict option is set, it takes precedence. Otherwise 2960 * the flag is translated into a QDict option. The old setting of bs is 2961 * not considered. 2962 */ 2963 update_options_from_flags(options, flags); 2964 } 2965 2966 /* Old explicitly set values (don't overwrite by inherited value) */ 2967 if (bs_entry) { 2968 old_options = qdict_clone_shallow(bs_entry->state.explicit_options); 2969 } else { 2970 old_options = qdict_clone_shallow(bs->explicit_options); 2971 } 2972 bdrv_join_options(bs, options, old_options); 2973 qobject_unref(old_options); 2974 2975 explicit_options = qdict_clone_shallow(options); 2976 2977 /* Inherit from parent node */ 2978 if (parent_options) { 2979 QemuOpts *opts; 2980 QDict *options_copy; 2981 assert(!flags); 2982 role->inherit_options(&flags, options, parent_flags, parent_options); 2983 options_copy = qdict_clone_shallow(options); 2984 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort); 2985 qemu_opts_absorb_qdict(opts, options_copy, NULL); 2986 update_flags_from_options(&flags, opts); 2987 qemu_opts_del(opts); 2988 qobject_unref(options_copy); 2989 } 2990 2991 /* Old values are used for options that aren't set yet */ 2992 old_options = qdict_clone_shallow(bs->options); 2993 bdrv_join_options(bs, options, old_options); 2994 qobject_unref(old_options); 2995 2996 /* bdrv_open_inherit() sets and clears some additional flags internally */ 2997 flags &= ~BDRV_O_PROTOCOL; 2998 if (flags & BDRV_O_RDWR) { 2999 flags |= BDRV_O_ALLOW_RDWR; 3000 } 3001 3002 if (!bs_entry) { 3003 bs_entry = g_new0(BlockReopenQueueEntry, 1); 3004 QSIMPLEQ_INSERT_TAIL(bs_queue, bs_entry, entry); 3005 } else { 3006 qobject_unref(bs_entry->state.options); 3007 qobject_unref(bs_entry->state.explicit_options); 3008 } 3009 3010 bs_entry->state.bs = bs; 3011 bs_entry->state.options = options; 3012 bs_entry->state.explicit_options = explicit_options; 3013 bs_entry->state.flags = flags; 3014 3015 /* This needs to be overwritten in bdrv_reopen_prepare() */ 3016 bs_entry->state.perm = UINT64_MAX; 3017 bs_entry->state.shared_perm = 0; 3018 3019 QLIST_FOREACH(child, &bs->children, next) { 3020 QDict *new_child_options; 3021 char *child_key_dot; 3022 3023 /* reopen can only change the options of block devices that were 3024 * implicitly created and inherited options. For other (referenced) 3025 * block devices, a syntax like "backing.foo" results in an error. */ 3026 if (child->bs->inherits_from != bs) { 3027 continue; 3028 } 3029 3030 child_key_dot = g_strdup_printf("%s.", child->name); 3031 qdict_extract_subqdict(explicit_options, NULL, child_key_dot); 3032 qdict_extract_subqdict(options, &new_child_options, child_key_dot); 3033 g_free(child_key_dot); 3034 3035 bdrv_reopen_queue_child(bs_queue, child->bs, new_child_options, 0, 3036 child->role, options, flags); 3037 } 3038 3039 return bs_queue; 3040 } 3041 3042 BlockReopenQueue *bdrv_reopen_queue(BlockReopenQueue *bs_queue, 3043 BlockDriverState *bs, 3044 QDict *options, int flags) 3045 { 3046 return bdrv_reopen_queue_child(bs_queue, bs, options, flags, 3047 NULL, NULL, 0); 3048 } 3049 3050 /* 3051 * Reopen multiple BlockDriverStates atomically & transactionally. 3052 * 3053 * The queue passed in (bs_queue) must have been built up previous 3054 * via bdrv_reopen_queue(). 3055 * 3056 * Reopens all BDS specified in the queue, with the appropriate 3057 * flags. All devices are prepared for reopen, and failure of any 3058 * device will cause all device changes to be abandoned, and intermediate 3059 * data cleaned up. 3060 * 3061 * If all devices prepare successfully, then the changes are committed 3062 * to all devices. 3063 * 3064 * All affected nodes must be drained between bdrv_reopen_queue() and 3065 * bdrv_reopen_multiple(). 3066 */ 3067 int bdrv_reopen_multiple(AioContext *ctx, BlockReopenQueue *bs_queue, Error **errp) 3068 { 3069 int ret = -1; 3070 BlockReopenQueueEntry *bs_entry, *next; 3071 Error *local_err = NULL; 3072 3073 assert(bs_queue != NULL); 3074 3075 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) { 3076 assert(bs_entry->state.bs->quiesce_counter > 0); 3077 if (bdrv_reopen_prepare(&bs_entry->state, bs_queue, &local_err)) { 3078 error_propagate(errp, local_err); 3079 goto cleanup; 3080 } 3081 bs_entry->prepared = true; 3082 } 3083 3084 /* If we reach this point, we have success and just need to apply the 3085 * changes 3086 */ 3087 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) { 3088 bdrv_reopen_commit(&bs_entry->state); 3089 } 3090 3091 ret = 0; 3092 3093 cleanup: 3094 QSIMPLEQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) { 3095 if (ret) { 3096 if (bs_entry->prepared) { 3097 bdrv_reopen_abort(&bs_entry->state); 3098 } 3099 qobject_unref(bs_entry->state.explicit_options); 3100 qobject_unref(bs_entry->state.options); 3101 } 3102 g_free(bs_entry); 3103 } 3104 g_free(bs_queue); 3105 3106 return ret; 3107 } 3108 3109 3110 /* Reopen a single BlockDriverState with the specified flags. */ 3111 int bdrv_reopen(BlockDriverState *bs, int bdrv_flags, Error **errp) 3112 { 3113 int ret = -1; 3114 Error *local_err = NULL; 3115 BlockReopenQueue *queue; 3116 3117 bdrv_subtree_drained_begin(bs); 3118 3119 queue = bdrv_reopen_queue(NULL, bs, NULL, bdrv_flags); 3120 ret = bdrv_reopen_multiple(bdrv_get_aio_context(bs), queue, &local_err); 3121 if (local_err != NULL) { 3122 error_propagate(errp, local_err); 3123 } 3124 3125 bdrv_subtree_drained_end(bs); 3126 3127 return ret; 3128 } 3129 3130 static BlockReopenQueueEntry *find_parent_in_reopen_queue(BlockReopenQueue *q, 3131 BdrvChild *c) 3132 { 3133 BlockReopenQueueEntry *entry; 3134 3135 QSIMPLEQ_FOREACH(entry, q, entry) { 3136 BlockDriverState *bs = entry->state.bs; 3137 BdrvChild *child; 3138 3139 QLIST_FOREACH(child, &bs->children, next) { 3140 if (child == c) { 3141 return entry; 3142 } 3143 } 3144 } 3145 3146 return NULL; 3147 } 3148 3149 static void bdrv_reopen_perm(BlockReopenQueue *q, BlockDriverState *bs, 3150 uint64_t *perm, uint64_t *shared) 3151 { 3152 BdrvChild *c; 3153 BlockReopenQueueEntry *parent; 3154 uint64_t cumulative_perms = 0; 3155 uint64_t cumulative_shared_perms = BLK_PERM_ALL; 3156 3157 QLIST_FOREACH(c, &bs->parents, next_parent) { 3158 parent = find_parent_in_reopen_queue(q, c); 3159 if (!parent) { 3160 cumulative_perms |= c->perm; 3161 cumulative_shared_perms &= c->shared_perm; 3162 } else { 3163 uint64_t nperm, nshared; 3164 3165 bdrv_child_perm(parent->state.bs, bs, c, c->role, q, 3166 parent->state.perm, parent->state.shared_perm, 3167 &nperm, &nshared); 3168 3169 cumulative_perms |= nperm; 3170 cumulative_shared_perms &= nshared; 3171 } 3172 } 3173 *perm = cumulative_perms; 3174 *shared = cumulative_shared_perms; 3175 } 3176 3177 /* 3178 * Prepares a BlockDriverState for reopen. All changes are staged in the 3179 * 'opaque' field of the BDRVReopenState, which is used and allocated by 3180 * the block driver layer .bdrv_reopen_prepare() 3181 * 3182 * bs is the BlockDriverState to reopen 3183 * flags are the new open flags 3184 * queue is the reopen queue 3185 * 3186 * Returns 0 on success, non-zero on error. On error errp will be set 3187 * as well. 3188 * 3189 * On failure, bdrv_reopen_abort() will be called to clean up any data. 3190 * It is the responsibility of the caller to then call the abort() or 3191 * commit() for any other BDS that have been left in a prepare() state 3192 * 3193 */ 3194 int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue, 3195 Error **errp) 3196 { 3197 int ret = -1; 3198 Error *local_err = NULL; 3199 BlockDriver *drv; 3200 QemuOpts *opts; 3201 QDict *orig_reopen_opts; 3202 char *discard = NULL; 3203 bool read_only; 3204 3205 assert(reopen_state != NULL); 3206 assert(reopen_state->bs->drv != NULL); 3207 drv = reopen_state->bs->drv; 3208 3209 /* This function and each driver's bdrv_reopen_prepare() remove 3210 * entries from reopen_state->options as they are processed, so 3211 * we need to make a copy of the original QDict. */ 3212 orig_reopen_opts = qdict_clone_shallow(reopen_state->options); 3213 3214 /* Process generic block layer options */ 3215 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort); 3216 qemu_opts_absorb_qdict(opts, reopen_state->options, &local_err); 3217 if (local_err) { 3218 error_propagate(errp, local_err); 3219 ret = -EINVAL; 3220 goto error; 3221 } 3222 3223 update_flags_from_options(&reopen_state->flags, opts); 3224 3225 discard = qemu_opt_get_del(opts, BDRV_OPT_DISCARD); 3226 if (discard != NULL) { 3227 if (bdrv_parse_discard_flags(discard, &reopen_state->flags) != 0) { 3228 error_setg(errp, "Invalid discard option"); 3229 ret = -EINVAL; 3230 goto error; 3231 } 3232 } 3233 3234 reopen_state->detect_zeroes = 3235 bdrv_parse_detect_zeroes(opts, reopen_state->flags, &local_err); 3236 if (local_err) { 3237 error_propagate(errp, local_err); 3238 ret = -EINVAL; 3239 goto error; 3240 } 3241 3242 /* All other options (including node-name and driver) must be unchanged. 3243 * Put them back into the QDict, so that they are checked at the end 3244 * of this function. */ 3245 qemu_opts_to_qdict(opts, reopen_state->options); 3246 3247 /* If we are to stay read-only, do not allow permission change 3248 * to r/w. Attempting to set to r/w may fail if either BDRV_O_ALLOW_RDWR is 3249 * not set, or if the BDS still has copy_on_read enabled */ 3250 read_only = !(reopen_state->flags & BDRV_O_RDWR); 3251 ret = bdrv_can_set_read_only(reopen_state->bs, read_only, true, &local_err); 3252 if (local_err) { 3253 error_propagate(errp, local_err); 3254 goto error; 3255 } 3256 3257 /* Calculate required permissions after reopening */ 3258 bdrv_reopen_perm(queue, reopen_state->bs, 3259 &reopen_state->perm, &reopen_state->shared_perm); 3260 3261 ret = bdrv_flush(reopen_state->bs); 3262 if (ret) { 3263 error_setg_errno(errp, -ret, "Error flushing drive"); 3264 goto error; 3265 } 3266 3267 if (drv->bdrv_reopen_prepare) { 3268 ret = drv->bdrv_reopen_prepare(reopen_state, queue, &local_err); 3269 if (ret) { 3270 if (local_err != NULL) { 3271 error_propagate(errp, local_err); 3272 } else { 3273 error_setg(errp, "failed while preparing to reopen image '%s'", 3274 reopen_state->bs->filename); 3275 } 3276 goto error; 3277 } 3278 } else { 3279 /* It is currently mandatory to have a bdrv_reopen_prepare() 3280 * handler for each supported drv. */ 3281 error_setg(errp, "Block format '%s' used by node '%s' " 3282 "does not support reopening files", drv->format_name, 3283 bdrv_get_device_or_node_name(reopen_state->bs)); 3284 ret = -1; 3285 goto error; 3286 } 3287 3288 /* Options that are not handled are only okay if they are unchanged 3289 * compared to the old state. It is expected that some options are only 3290 * used for the initial open, but not reopen (e.g. filename) */ 3291 if (qdict_size(reopen_state->options)) { 3292 const QDictEntry *entry = qdict_first(reopen_state->options); 3293 3294 do { 3295 QObject *new = entry->value; 3296 QObject *old = qdict_get(reopen_state->bs->options, entry->key); 3297 3298 /* Allow child references (child_name=node_name) as long as they 3299 * point to the current child (i.e. everything stays the same). */ 3300 if (qobject_type(new) == QTYPE_QSTRING) { 3301 BdrvChild *child; 3302 QLIST_FOREACH(child, &reopen_state->bs->children, next) { 3303 if (!strcmp(child->name, entry->key)) { 3304 break; 3305 } 3306 } 3307 3308 if (child) { 3309 const char *str = qobject_get_try_str(new); 3310 if (!strcmp(child->bs->node_name, str)) { 3311 continue; /* Found child with this name, skip option */ 3312 } 3313 } 3314 } 3315 3316 /* 3317 * TODO: When using -drive to specify blockdev options, all values 3318 * will be strings; however, when using -blockdev, blockdev-add or 3319 * filenames using the json:{} pseudo-protocol, they will be 3320 * correctly typed. 3321 * In contrast, reopening options are (currently) always strings 3322 * (because you can only specify them through qemu-io; all other 3323 * callers do not specify any options). 3324 * Therefore, when using anything other than -drive to create a BDS, 3325 * this cannot detect non-string options as unchanged, because 3326 * qobject_is_equal() always returns false for objects of different 3327 * type. In the future, this should be remedied by correctly typing 3328 * all options. For now, this is not too big of an issue because 3329 * the user can simply omit options which cannot be changed anyway, 3330 * so they will stay unchanged. 3331 */ 3332 if (!qobject_is_equal(new, old)) { 3333 error_setg(errp, "Cannot change the option '%s'", entry->key); 3334 ret = -EINVAL; 3335 goto error; 3336 } 3337 } while ((entry = qdict_next(reopen_state->options, entry))); 3338 } 3339 3340 ret = bdrv_check_perm(reopen_state->bs, queue, reopen_state->perm, 3341 reopen_state->shared_perm, NULL, errp); 3342 if (ret < 0) { 3343 goto error; 3344 } 3345 3346 ret = 0; 3347 3348 /* Restore the original reopen_state->options QDict */ 3349 qobject_unref(reopen_state->options); 3350 reopen_state->options = qobject_ref(orig_reopen_opts); 3351 3352 error: 3353 qemu_opts_del(opts); 3354 qobject_unref(orig_reopen_opts); 3355 g_free(discard); 3356 return ret; 3357 } 3358 3359 /* 3360 * Takes the staged changes for the reopen from bdrv_reopen_prepare(), and 3361 * makes them final by swapping the staging BlockDriverState contents into 3362 * the active BlockDriverState contents. 3363 */ 3364 void bdrv_reopen_commit(BDRVReopenState *reopen_state) 3365 { 3366 BlockDriver *drv; 3367 BlockDriverState *bs; 3368 BdrvChild *child; 3369 bool old_can_write, new_can_write; 3370 3371 assert(reopen_state != NULL); 3372 bs = reopen_state->bs; 3373 drv = bs->drv; 3374 assert(drv != NULL); 3375 3376 old_can_write = 3377 !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 3378 3379 /* If there are any driver level actions to take */ 3380 if (drv->bdrv_reopen_commit) { 3381 drv->bdrv_reopen_commit(reopen_state); 3382 } 3383 3384 /* set BDS specific flags now */ 3385 qobject_unref(bs->explicit_options); 3386 qobject_unref(bs->options); 3387 3388 bs->explicit_options = reopen_state->explicit_options; 3389 bs->options = reopen_state->options; 3390 bs->open_flags = reopen_state->flags; 3391 bs->read_only = !(reopen_state->flags & BDRV_O_RDWR); 3392 bs->detect_zeroes = reopen_state->detect_zeroes; 3393 3394 /* Remove child references from bs->options and bs->explicit_options. 3395 * Child options were already removed in bdrv_reopen_queue_child() */ 3396 QLIST_FOREACH(child, &bs->children, next) { 3397 qdict_del(bs->explicit_options, child->name); 3398 qdict_del(bs->options, child->name); 3399 } 3400 3401 bdrv_refresh_limits(bs, NULL); 3402 3403 bdrv_set_perm(reopen_state->bs, reopen_state->perm, 3404 reopen_state->shared_perm); 3405 3406 new_can_write = 3407 !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 3408 if (!old_can_write && new_can_write && drv->bdrv_reopen_bitmaps_rw) { 3409 Error *local_err = NULL; 3410 if (drv->bdrv_reopen_bitmaps_rw(bs, &local_err) < 0) { 3411 /* This is not fatal, bitmaps just left read-only, so all following 3412 * writes will fail. User can remove read-only bitmaps to unblock 3413 * writes. 3414 */ 3415 error_reportf_err(local_err, 3416 "%s: Failed to make dirty bitmaps writable: ", 3417 bdrv_get_node_name(bs)); 3418 } 3419 } 3420 } 3421 3422 /* 3423 * Abort the reopen, and delete and free the staged changes in 3424 * reopen_state 3425 */ 3426 void bdrv_reopen_abort(BDRVReopenState *reopen_state) 3427 { 3428 BlockDriver *drv; 3429 3430 assert(reopen_state != NULL); 3431 drv = reopen_state->bs->drv; 3432 assert(drv != NULL); 3433 3434 if (drv->bdrv_reopen_abort) { 3435 drv->bdrv_reopen_abort(reopen_state); 3436 } 3437 3438 bdrv_abort_perm_update(reopen_state->bs); 3439 } 3440 3441 3442 static void bdrv_close(BlockDriverState *bs) 3443 { 3444 BdrvAioNotifier *ban, *ban_next; 3445 BdrvChild *child, *next; 3446 3447 assert(!bs->job); 3448 assert(!bs->refcnt); 3449 3450 bdrv_drained_begin(bs); /* complete I/O */ 3451 bdrv_flush(bs); 3452 bdrv_drain(bs); /* in case flush left pending I/O */ 3453 3454 if (bs->drv) { 3455 if (bs->drv->bdrv_close) { 3456 bs->drv->bdrv_close(bs); 3457 } 3458 bs->drv = NULL; 3459 } 3460 3461 bdrv_set_backing_hd(bs, NULL, &error_abort); 3462 3463 if (bs->file != NULL) { 3464 bdrv_unref_child(bs, bs->file); 3465 bs->file = NULL; 3466 } 3467 3468 QLIST_FOREACH_SAFE(child, &bs->children, next, next) { 3469 /* TODO Remove bdrv_unref() from drivers' close function and use 3470 * bdrv_unref_child() here */ 3471 if (child->bs->inherits_from == bs) { 3472 child->bs->inherits_from = NULL; 3473 } 3474 bdrv_detach_child(child); 3475 } 3476 3477 g_free(bs->opaque); 3478 bs->opaque = NULL; 3479 atomic_set(&bs->copy_on_read, 0); 3480 bs->backing_file[0] = '\0'; 3481 bs->backing_format[0] = '\0'; 3482 bs->total_sectors = 0; 3483 bs->encrypted = false; 3484 bs->sg = false; 3485 qobject_unref(bs->options); 3486 qobject_unref(bs->explicit_options); 3487 bs->options = NULL; 3488 bs->explicit_options = NULL; 3489 qobject_unref(bs->full_open_options); 3490 bs->full_open_options = NULL; 3491 3492 bdrv_release_named_dirty_bitmaps(bs); 3493 assert(QLIST_EMPTY(&bs->dirty_bitmaps)); 3494 3495 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_next) { 3496 g_free(ban); 3497 } 3498 QLIST_INIT(&bs->aio_notifiers); 3499 bdrv_drained_end(bs); 3500 } 3501 3502 void bdrv_close_all(void) 3503 { 3504 assert(job_next(NULL) == NULL); 3505 nbd_export_close_all(); 3506 3507 /* Drop references from requests still in flight, such as canceled block 3508 * jobs whose AIO context has not been polled yet */ 3509 bdrv_drain_all(); 3510 3511 blk_remove_all_bs(); 3512 blockdev_close_all_bdrv_states(); 3513 3514 assert(QTAILQ_EMPTY(&all_bdrv_states)); 3515 } 3516 3517 static bool should_update_child(BdrvChild *c, BlockDriverState *to) 3518 { 3519 BdrvChild *to_c; 3520 3521 if (c->role->stay_at_node) { 3522 return false; 3523 } 3524 3525 /* If the child @c belongs to the BDS @to, replacing the current 3526 * c->bs by @to would mean to create a loop. 3527 * 3528 * Such a case occurs when appending a BDS to a backing chain. 3529 * For instance, imagine the following chain: 3530 * 3531 * guest device -> node A -> further backing chain... 3532 * 3533 * Now we create a new BDS B which we want to put on top of this 3534 * chain, so we first attach A as its backing node: 3535 * 3536 * node B 3537 * | 3538 * v 3539 * guest device -> node A -> further backing chain... 3540 * 3541 * Finally we want to replace A by B. When doing that, we want to 3542 * replace all pointers to A by pointers to B -- except for the 3543 * pointer from B because (1) that would create a loop, and (2) 3544 * that pointer should simply stay intact: 3545 * 3546 * guest device -> node B 3547 * | 3548 * v 3549 * node A -> further backing chain... 3550 * 3551 * In general, when replacing a node A (c->bs) by a node B (@to), 3552 * if A is a child of B, that means we cannot replace A by B there 3553 * because that would create a loop. Silently detaching A from B 3554 * is also not really an option. So overall just leaving A in 3555 * place there is the most sensible choice. */ 3556 QLIST_FOREACH(to_c, &to->children, next) { 3557 if (to_c == c) { 3558 return false; 3559 } 3560 } 3561 3562 return true; 3563 } 3564 3565 void bdrv_replace_node(BlockDriverState *from, BlockDriverState *to, 3566 Error **errp) 3567 { 3568 BdrvChild *c, *next; 3569 GSList *list = NULL, *p; 3570 uint64_t old_perm, old_shared; 3571 uint64_t perm = 0, shared = BLK_PERM_ALL; 3572 int ret; 3573 3574 assert(!atomic_read(&from->in_flight)); 3575 assert(!atomic_read(&to->in_flight)); 3576 3577 /* Make sure that @from doesn't go away until we have successfully attached 3578 * all of its parents to @to. */ 3579 bdrv_ref(from); 3580 3581 /* Put all parents into @list and calculate their cumulative permissions */ 3582 QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) { 3583 assert(c->bs == from); 3584 if (!should_update_child(c, to)) { 3585 continue; 3586 } 3587 list = g_slist_prepend(list, c); 3588 perm |= c->perm; 3589 shared &= c->shared_perm; 3590 } 3591 3592 /* Check whether the required permissions can be granted on @to, ignoring 3593 * all BdrvChild in @list so that they can't block themselves. */ 3594 ret = bdrv_check_update_perm(to, NULL, perm, shared, list, errp); 3595 if (ret < 0) { 3596 bdrv_abort_perm_update(to); 3597 goto out; 3598 } 3599 3600 /* Now actually perform the change. We performed the permission check for 3601 * all elements of @list at once, so set the permissions all at once at the 3602 * very end. */ 3603 for (p = list; p != NULL; p = p->next) { 3604 c = p->data; 3605 3606 bdrv_ref(to); 3607 bdrv_replace_child_noperm(c, to); 3608 bdrv_unref(from); 3609 } 3610 3611 bdrv_get_cumulative_perm(to, &old_perm, &old_shared); 3612 bdrv_set_perm(to, old_perm | perm, old_shared | shared); 3613 3614 out: 3615 g_slist_free(list); 3616 bdrv_unref(from); 3617 } 3618 3619 /* 3620 * Add new bs contents at the top of an image chain while the chain is 3621 * live, while keeping required fields on the top layer. 3622 * 3623 * This will modify the BlockDriverState fields, and swap contents 3624 * between bs_new and bs_top. Both bs_new and bs_top are modified. 3625 * 3626 * bs_new must not be attached to a BlockBackend. 3627 * 3628 * This function does not create any image files. 3629 * 3630 * bdrv_append() takes ownership of a bs_new reference and unrefs it because 3631 * that's what the callers commonly need. bs_new will be referenced by the old 3632 * parents of bs_top after bdrv_append() returns. If the caller needs to keep a 3633 * reference of its own, it must call bdrv_ref(). 3634 */ 3635 void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top, 3636 Error **errp) 3637 { 3638 Error *local_err = NULL; 3639 3640 bdrv_set_backing_hd(bs_new, bs_top, &local_err); 3641 if (local_err) { 3642 error_propagate(errp, local_err); 3643 goto out; 3644 } 3645 3646 bdrv_replace_node(bs_top, bs_new, &local_err); 3647 if (local_err) { 3648 error_propagate(errp, local_err); 3649 bdrv_set_backing_hd(bs_new, NULL, &error_abort); 3650 goto out; 3651 } 3652 3653 /* bs_new is now referenced by its new parents, we don't need the 3654 * additional reference any more. */ 3655 out: 3656 bdrv_unref(bs_new); 3657 } 3658 3659 static void bdrv_delete(BlockDriverState *bs) 3660 { 3661 assert(!bs->job); 3662 assert(bdrv_op_blocker_is_empty(bs)); 3663 assert(!bs->refcnt); 3664 3665 bdrv_close(bs); 3666 3667 /* remove from list, if necessary */ 3668 if (bs->node_name[0] != '\0') { 3669 QTAILQ_REMOVE(&graph_bdrv_states, bs, node_list); 3670 } 3671 QTAILQ_REMOVE(&all_bdrv_states, bs, bs_list); 3672 3673 g_free(bs); 3674 } 3675 3676 /* 3677 * Run consistency checks on an image 3678 * 3679 * Returns 0 if the check could be completed (it doesn't mean that the image is 3680 * free of errors) or -errno when an internal error occurred. The results of the 3681 * check are stored in res. 3682 */ 3683 static int coroutine_fn bdrv_co_check(BlockDriverState *bs, 3684 BdrvCheckResult *res, BdrvCheckMode fix) 3685 { 3686 if (bs->drv == NULL) { 3687 return -ENOMEDIUM; 3688 } 3689 if (bs->drv->bdrv_co_check == NULL) { 3690 return -ENOTSUP; 3691 } 3692 3693 memset(res, 0, sizeof(*res)); 3694 return bs->drv->bdrv_co_check(bs, res, fix); 3695 } 3696 3697 typedef struct CheckCo { 3698 BlockDriverState *bs; 3699 BdrvCheckResult *res; 3700 BdrvCheckMode fix; 3701 int ret; 3702 } CheckCo; 3703 3704 static void bdrv_check_co_entry(void *opaque) 3705 { 3706 CheckCo *cco = opaque; 3707 cco->ret = bdrv_co_check(cco->bs, cco->res, cco->fix); 3708 } 3709 3710 int bdrv_check(BlockDriverState *bs, 3711 BdrvCheckResult *res, BdrvCheckMode fix) 3712 { 3713 Coroutine *co; 3714 CheckCo cco = { 3715 .bs = bs, 3716 .res = res, 3717 .ret = -EINPROGRESS, 3718 .fix = fix, 3719 }; 3720 3721 if (qemu_in_coroutine()) { 3722 /* Fast-path if already in coroutine context */ 3723 bdrv_check_co_entry(&cco); 3724 } else { 3725 co = qemu_coroutine_create(bdrv_check_co_entry, &cco); 3726 qemu_coroutine_enter(co); 3727 BDRV_POLL_WHILE(bs, cco.ret == -EINPROGRESS); 3728 } 3729 3730 return cco.ret; 3731 } 3732 3733 /* 3734 * Return values: 3735 * 0 - success 3736 * -EINVAL - backing format specified, but no file 3737 * -ENOSPC - can't update the backing file because no space is left in the 3738 * image file header 3739 * -ENOTSUP - format driver doesn't support changing the backing file 3740 */ 3741 int bdrv_change_backing_file(BlockDriverState *bs, 3742 const char *backing_file, const char *backing_fmt) 3743 { 3744 BlockDriver *drv = bs->drv; 3745 int ret; 3746 3747 if (!drv) { 3748 return -ENOMEDIUM; 3749 } 3750 3751 /* Backing file format doesn't make sense without a backing file */ 3752 if (backing_fmt && !backing_file) { 3753 return -EINVAL; 3754 } 3755 3756 if (drv->bdrv_change_backing_file != NULL) { 3757 ret = drv->bdrv_change_backing_file(bs, backing_file, backing_fmt); 3758 } else { 3759 ret = -ENOTSUP; 3760 } 3761 3762 if (ret == 0) { 3763 pstrcpy(bs->backing_file, sizeof(bs->backing_file), backing_file ?: ""); 3764 pstrcpy(bs->backing_format, sizeof(bs->backing_format), backing_fmt ?: ""); 3765 } 3766 return ret; 3767 } 3768 3769 /* 3770 * Finds the image layer in the chain that has 'bs' as its backing file. 3771 * 3772 * active is the current topmost image. 3773 * 3774 * Returns NULL if bs is not found in active's image chain, 3775 * or if active == bs. 3776 * 3777 * Returns the bottommost base image if bs == NULL. 3778 */ 3779 BlockDriverState *bdrv_find_overlay(BlockDriverState *active, 3780 BlockDriverState *bs) 3781 { 3782 while (active && bs != backing_bs(active)) { 3783 active = backing_bs(active); 3784 } 3785 3786 return active; 3787 } 3788 3789 /* Given a BDS, searches for the base layer. */ 3790 BlockDriverState *bdrv_find_base(BlockDriverState *bs) 3791 { 3792 return bdrv_find_overlay(bs, NULL); 3793 } 3794 3795 /* 3796 * Drops images above 'base' up to and including 'top', and sets the image 3797 * above 'top' to have base as its backing file. 3798 * 3799 * Requires that the overlay to 'top' is opened r/w, so that the backing file 3800 * information in 'bs' can be properly updated. 3801 * 3802 * E.g., this will convert the following chain: 3803 * bottom <- base <- intermediate <- top <- active 3804 * 3805 * to 3806 * 3807 * bottom <- base <- active 3808 * 3809 * It is allowed for bottom==base, in which case it converts: 3810 * 3811 * base <- intermediate <- top <- active 3812 * 3813 * to 3814 * 3815 * base <- active 3816 * 3817 * If backing_file_str is non-NULL, it will be used when modifying top's 3818 * overlay image metadata. 3819 * 3820 * Error conditions: 3821 * if active == top, that is considered an error 3822 * 3823 */ 3824 int bdrv_drop_intermediate(BlockDriverState *top, BlockDriverState *base, 3825 const char *backing_file_str) 3826 { 3827 BdrvChild *c, *next; 3828 Error *local_err = NULL; 3829 int ret = -EIO; 3830 3831 bdrv_ref(top); 3832 3833 if (!top->drv || !base->drv) { 3834 goto exit; 3835 } 3836 3837 /* Make sure that base is in the backing chain of top */ 3838 if (!bdrv_chain_contains(top, base)) { 3839 goto exit; 3840 } 3841 3842 /* success - we can delete the intermediate states, and link top->base */ 3843 /* TODO Check graph modification op blockers (BLK_PERM_GRAPH_MOD) once 3844 * we've figured out how they should work. */ 3845 backing_file_str = backing_file_str ? backing_file_str : base->filename; 3846 3847 QLIST_FOREACH_SAFE(c, &top->parents, next_parent, next) { 3848 /* Check whether we are allowed to switch c from top to base */ 3849 GSList *ignore_children = g_slist_prepend(NULL, c); 3850 bdrv_check_update_perm(base, NULL, c->perm, c->shared_perm, 3851 ignore_children, &local_err); 3852 g_slist_free(ignore_children); 3853 if (local_err) { 3854 ret = -EPERM; 3855 error_report_err(local_err); 3856 goto exit; 3857 } 3858 3859 /* If so, update the backing file path in the image file */ 3860 if (c->role->update_filename) { 3861 ret = c->role->update_filename(c, base, backing_file_str, 3862 &local_err); 3863 if (ret < 0) { 3864 bdrv_abort_perm_update(base); 3865 error_report_err(local_err); 3866 goto exit; 3867 } 3868 } 3869 3870 /* Do the actual switch in the in-memory graph. 3871 * Completes bdrv_check_update_perm() transaction internally. */ 3872 bdrv_ref(base); 3873 bdrv_replace_child(c, base); 3874 bdrv_unref(top); 3875 } 3876 3877 ret = 0; 3878 exit: 3879 bdrv_unref(top); 3880 return ret; 3881 } 3882 3883 /** 3884 * Length of a allocated file in bytes. Sparse files are counted by actual 3885 * allocated space. Return < 0 if error or unknown. 3886 */ 3887 int64_t bdrv_get_allocated_file_size(BlockDriverState *bs) 3888 { 3889 BlockDriver *drv = bs->drv; 3890 if (!drv) { 3891 return -ENOMEDIUM; 3892 } 3893 if (drv->bdrv_get_allocated_file_size) { 3894 return drv->bdrv_get_allocated_file_size(bs); 3895 } 3896 if (bs->file) { 3897 return bdrv_get_allocated_file_size(bs->file->bs); 3898 } 3899 return -ENOTSUP; 3900 } 3901 3902 /* 3903 * bdrv_measure: 3904 * @drv: Format driver 3905 * @opts: Creation options for new image 3906 * @in_bs: Existing image containing data for new image (may be NULL) 3907 * @errp: Error object 3908 * Returns: A #BlockMeasureInfo (free using qapi_free_BlockMeasureInfo()) 3909 * or NULL on error 3910 * 3911 * Calculate file size required to create a new image. 3912 * 3913 * If @in_bs is given then space for allocated clusters and zero clusters 3914 * from that image are included in the calculation. If @opts contains a 3915 * backing file that is shared by @in_bs then backing clusters may be omitted 3916 * from the calculation. 3917 * 3918 * If @in_bs is NULL then the calculation includes no allocated clusters 3919 * unless a preallocation option is given in @opts. 3920 * 3921 * Note that @in_bs may use a different BlockDriver from @drv. 3922 * 3923 * If an error occurs the @errp pointer is set. 3924 */ 3925 BlockMeasureInfo *bdrv_measure(BlockDriver *drv, QemuOpts *opts, 3926 BlockDriverState *in_bs, Error **errp) 3927 { 3928 if (!drv->bdrv_measure) { 3929 error_setg(errp, "Block driver '%s' does not support size measurement", 3930 drv->format_name); 3931 return NULL; 3932 } 3933 3934 return drv->bdrv_measure(opts, in_bs, errp); 3935 } 3936 3937 /** 3938 * Return number of sectors on success, -errno on error. 3939 */ 3940 int64_t bdrv_nb_sectors(BlockDriverState *bs) 3941 { 3942 BlockDriver *drv = bs->drv; 3943 3944 if (!drv) 3945 return -ENOMEDIUM; 3946 3947 if (drv->has_variable_length) { 3948 int ret = refresh_total_sectors(bs, bs->total_sectors); 3949 if (ret < 0) { 3950 return ret; 3951 } 3952 } 3953 return bs->total_sectors; 3954 } 3955 3956 /** 3957 * Return length in bytes on success, -errno on error. 3958 * The length is always a multiple of BDRV_SECTOR_SIZE. 3959 */ 3960 int64_t bdrv_getlength(BlockDriverState *bs) 3961 { 3962 int64_t ret = bdrv_nb_sectors(bs); 3963 3964 ret = ret > INT64_MAX / BDRV_SECTOR_SIZE ? -EFBIG : ret; 3965 return ret < 0 ? ret : ret * BDRV_SECTOR_SIZE; 3966 } 3967 3968 /* return 0 as number of sectors if no device present or error */ 3969 void bdrv_get_geometry(BlockDriverState *bs, uint64_t *nb_sectors_ptr) 3970 { 3971 int64_t nb_sectors = bdrv_nb_sectors(bs); 3972 3973 *nb_sectors_ptr = nb_sectors < 0 ? 0 : nb_sectors; 3974 } 3975 3976 bool bdrv_is_sg(BlockDriverState *bs) 3977 { 3978 return bs->sg; 3979 } 3980 3981 bool bdrv_is_encrypted(BlockDriverState *bs) 3982 { 3983 if (bs->backing && bs->backing->bs->encrypted) { 3984 return true; 3985 } 3986 return bs->encrypted; 3987 } 3988 3989 const char *bdrv_get_format_name(BlockDriverState *bs) 3990 { 3991 return bs->drv ? bs->drv->format_name : NULL; 3992 } 3993 3994 static int qsort_strcmp(const void *a, const void *b) 3995 { 3996 return strcmp(*(char *const *)a, *(char *const *)b); 3997 } 3998 3999 void bdrv_iterate_format(void (*it)(void *opaque, const char *name), 4000 void *opaque) 4001 { 4002 BlockDriver *drv; 4003 int count = 0; 4004 int i; 4005 const char **formats = NULL; 4006 4007 QLIST_FOREACH(drv, &bdrv_drivers, list) { 4008 if (drv->format_name) { 4009 bool found = false; 4010 int i = count; 4011 while (formats && i && !found) { 4012 found = !strcmp(formats[--i], drv->format_name); 4013 } 4014 4015 if (!found) { 4016 formats = g_renew(const char *, formats, count + 1); 4017 formats[count++] = drv->format_name; 4018 } 4019 } 4020 } 4021 4022 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); i++) { 4023 const char *format_name = block_driver_modules[i].format_name; 4024 4025 if (format_name) { 4026 bool found = false; 4027 int j = count; 4028 4029 while (formats && j && !found) { 4030 found = !strcmp(formats[--j], format_name); 4031 } 4032 4033 if (!found) { 4034 formats = g_renew(const char *, formats, count + 1); 4035 formats[count++] = format_name; 4036 } 4037 } 4038 } 4039 4040 qsort(formats, count, sizeof(formats[0]), qsort_strcmp); 4041 4042 for (i = 0; i < count; i++) { 4043 it(opaque, formats[i]); 4044 } 4045 4046 g_free(formats); 4047 } 4048 4049 /* This function is to find a node in the bs graph */ 4050 BlockDriverState *bdrv_find_node(const char *node_name) 4051 { 4052 BlockDriverState *bs; 4053 4054 assert(node_name); 4055 4056 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) { 4057 if (!strcmp(node_name, bs->node_name)) { 4058 return bs; 4059 } 4060 } 4061 return NULL; 4062 } 4063 4064 /* Put this QMP function here so it can access the static graph_bdrv_states. */ 4065 BlockDeviceInfoList *bdrv_named_nodes_list(Error **errp) 4066 { 4067 BlockDeviceInfoList *list, *entry; 4068 BlockDriverState *bs; 4069 4070 list = NULL; 4071 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) { 4072 BlockDeviceInfo *info = bdrv_block_device_info(NULL, bs, errp); 4073 if (!info) { 4074 qapi_free_BlockDeviceInfoList(list); 4075 return NULL; 4076 } 4077 entry = g_malloc0(sizeof(*entry)); 4078 entry->value = info; 4079 entry->next = list; 4080 list = entry; 4081 } 4082 4083 return list; 4084 } 4085 4086 BlockDriverState *bdrv_lookup_bs(const char *device, 4087 const char *node_name, 4088 Error **errp) 4089 { 4090 BlockBackend *blk; 4091 BlockDriverState *bs; 4092 4093 if (device) { 4094 blk = blk_by_name(device); 4095 4096 if (blk) { 4097 bs = blk_bs(blk); 4098 if (!bs) { 4099 error_setg(errp, "Device '%s' has no medium", device); 4100 } 4101 4102 return bs; 4103 } 4104 } 4105 4106 if (node_name) { 4107 bs = bdrv_find_node(node_name); 4108 4109 if (bs) { 4110 return bs; 4111 } 4112 } 4113 4114 error_setg(errp, "Cannot find device=%s nor node_name=%s", 4115 device ? device : "", 4116 node_name ? node_name : ""); 4117 return NULL; 4118 } 4119 4120 /* If 'base' is in the same chain as 'top', return true. Otherwise, 4121 * return false. If either argument is NULL, return false. */ 4122 bool bdrv_chain_contains(BlockDriverState *top, BlockDriverState *base) 4123 { 4124 while (top && top != base) { 4125 top = backing_bs(top); 4126 } 4127 4128 return top != NULL; 4129 } 4130 4131 BlockDriverState *bdrv_next_node(BlockDriverState *bs) 4132 { 4133 if (!bs) { 4134 return QTAILQ_FIRST(&graph_bdrv_states); 4135 } 4136 return QTAILQ_NEXT(bs, node_list); 4137 } 4138 4139 BlockDriverState *bdrv_next_all_states(BlockDriverState *bs) 4140 { 4141 if (!bs) { 4142 return QTAILQ_FIRST(&all_bdrv_states); 4143 } 4144 return QTAILQ_NEXT(bs, bs_list); 4145 } 4146 4147 const char *bdrv_get_node_name(const BlockDriverState *bs) 4148 { 4149 return bs->node_name; 4150 } 4151 4152 const char *bdrv_get_parent_name(const BlockDriverState *bs) 4153 { 4154 BdrvChild *c; 4155 const char *name; 4156 4157 /* If multiple parents have a name, just pick the first one. */ 4158 QLIST_FOREACH(c, &bs->parents, next_parent) { 4159 if (c->role->get_name) { 4160 name = c->role->get_name(c); 4161 if (name && *name) { 4162 return name; 4163 } 4164 } 4165 } 4166 4167 return NULL; 4168 } 4169 4170 /* TODO check what callers really want: bs->node_name or blk_name() */ 4171 const char *bdrv_get_device_name(const BlockDriverState *bs) 4172 { 4173 return bdrv_get_parent_name(bs) ?: ""; 4174 } 4175 4176 /* This can be used to identify nodes that might not have a device 4177 * name associated. Since node and device names live in the same 4178 * namespace, the result is unambiguous. The exception is if both are 4179 * absent, then this returns an empty (non-null) string. */ 4180 const char *bdrv_get_device_or_node_name(const BlockDriverState *bs) 4181 { 4182 return bdrv_get_parent_name(bs) ?: bs->node_name; 4183 } 4184 4185 int bdrv_get_flags(BlockDriverState *bs) 4186 { 4187 return bs->open_flags; 4188 } 4189 4190 int bdrv_has_zero_init_1(BlockDriverState *bs) 4191 { 4192 return 1; 4193 } 4194 4195 int bdrv_has_zero_init(BlockDriverState *bs) 4196 { 4197 if (!bs->drv) { 4198 return 0; 4199 } 4200 4201 /* If BS is a copy on write image, it is initialized to 4202 the contents of the base image, which may not be zeroes. */ 4203 if (bs->backing) { 4204 return 0; 4205 } 4206 if (bs->drv->bdrv_has_zero_init) { 4207 return bs->drv->bdrv_has_zero_init(bs); 4208 } 4209 if (bs->file && bs->drv->is_filter) { 4210 return bdrv_has_zero_init(bs->file->bs); 4211 } 4212 4213 /* safe default */ 4214 return 0; 4215 } 4216 4217 bool bdrv_unallocated_blocks_are_zero(BlockDriverState *bs) 4218 { 4219 BlockDriverInfo bdi; 4220 4221 if (bs->backing) { 4222 return false; 4223 } 4224 4225 if (bdrv_get_info(bs, &bdi) == 0) { 4226 return bdi.unallocated_blocks_are_zero; 4227 } 4228 4229 return false; 4230 } 4231 4232 bool bdrv_can_write_zeroes_with_unmap(BlockDriverState *bs) 4233 { 4234 if (!(bs->open_flags & BDRV_O_UNMAP)) { 4235 return false; 4236 } 4237 4238 return bs->supported_zero_flags & BDRV_REQ_MAY_UNMAP; 4239 } 4240 4241 const char *bdrv_get_encrypted_filename(BlockDriverState *bs) 4242 { 4243 if (bs->backing && bs->backing->bs->encrypted) 4244 return bs->backing_file; 4245 else if (bs->encrypted) 4246 return bs->filename; 4247 else 4248 return NULL; 4249 } 4250 4251 void bdrv_get_backing_filename(BlockDriverState *bs, 4252 char *filename, int filename_size) 4253 { 4254 pstrcpy(filename, filename_size, bs->backing_file); 4255 } 4256 4257 int bdrv_get_info(BlockDriverState *bs, BlockDriverInfo *bdi) 4258 { 4259 BlockDriver *drv = bs->drv; 4260 /* if bs->drv == NULL, bs is closed, so there's nothing to do here */ 4261 if (!drv) { 4262 return -ENOMEDIUM; 4263 } 4264 if (!drv->bdrv_get_info) { 4265 if (bs->file && drv->is_filter) { 4266 return bdrv_get_info(bs->file->bs, bdi); 4267 } 4268 return -ENOTSUP; 4269 } 4270 memset(bdi, 0, sizeof(*bdi)); 4271 return drv->bdrv_get_info(bs, bdi); 4272 } 4273 4274 ImageInfoSpecific *bdrv_get_specific_info(BlockDriverState *bs) 4275 { 4276 BlockDriver *drv = bs->drv; 4277 if (drv && drv->bdrv_get_specific_info) { 4278 return drv->bdrv_get_specific_info(bs); 4279 } 4280 return NULL; 4281 } 4282 4283 void bdrv_debug_event(BlockDriverState *bs, BlkdebugEvent event) 4284 { 4285 if (!bs || !bs->drv || !bs->drv->bdrv_debug_event) { 4286 return; 4287 } 4288 4289 bs->drv->bdrv_debug_event(bs, event); 4290 } 4291 4292 int bdrv_debug_breakpoint(BlockDriverState *bs, const char *event, 4293 const char *tag) 4294 { 4295 while (bs && bs->drv && !bs->drv->bdrv_debug_breakpoint) { 4296 bs = bs->file ? bs->file->bs : NULL; 4297 } 4298 4299 if (bs && bs->drv && bs->drv->bdrv_debug_breakpoint) { 4300 return bs->drv->bdrv_debug_breakpoint(bs, event, tag); 4301 } 4302 4303 return -ENOTSUP; 4304 } 4305 4306 int bdrv_debug_remove_breakpoint(BlockDriverState *bs, const char *tag) 4307 { 4308 while (bs && bs->drv && !bs->drv->bdrv_debug_remove_breakpoint) { 4309 bs = bs->file ? bs->file->bs : NULL; 4310 } 4311 4312 if (bs && bs->drv && bs->drv->bdrv_debug_remove_breakpoint) { 4313 return bs->drv->bdrv_debug_remove_breakpoint(bs, tag); 4314 } 4315 4316 return -ENOTSUP; 4317 } 4318 4319 int bdrv_debug_resume(BlockDriverState *bs, const char *tag) 4320 { 4321 while (bs && (!bs->drv || !bs->drv->bdrv_debug_resume)) { 4322 bs = bs->file ? bs->file->bs : NULL; 4323 } 4324 4325 if (bs && bs->drv && bs->drv->bdrv_debug_resume) { 4326 return bs->drv->bdrv_debug_resume(bs, tag); 4327 } 4328 4329 return -ENOTSUP; 4330 } 4331 4332 bool bdrv_debug_is_suspended(BlockDriverState *bs, const char *tag) 4333 { 4334 while (bs && bs->drv && !bs->drv->bdrv_debug_is_suspended) { 4335 bs = bs->file ? bs->file->bs : NULL; 4336 } 4337 4338 if (bs && bs->drv && bs->drv->bdrv_debug_is_suspended) { 4339 return bs->drv->bdrv_debug_is_suspended(bs, tag); 4340 } 4341 4342 return false; 4343 } 4344 4345 /* backing_file can either be relative, or absolute, or a protocol. If it is 4346 * relative, it must be relative to the chain. So, passing in bs->filename 4347 * from a BDS as backing_file should not be done, as that may be relative to 4348 * the CWD rather than the chain. */ 4349 BlockDriverState *bdrv_find_backing_image(BlockDriverState *bs, 4350 const char *backing_file) 4351 { 4352 char *filename_full = NULL; 4353 char *backing_file_full = NULL; 4354 char *filename_tmp = NULL; 4355 int is_protocol = 0; 4356 BlockDriverState *curr_bs = NULL; 4357 BlockDriverState *retval = NULL; 4358 Error *local_error = NULL; 4359 4360 if (!bs || !bs->drv || !backing_file) { 4361 return NULL; 4362 } 4363 4364 filename_full = g_malloc(PATH_MAX); 4365 backing_file_full = g_malloc(PATH_MAX); 4366 filename_tmp = g_malloc(PATH_MAX); 4367 4368 is_protocol = path_has_protocol(backing_file); 4369 4370 for (curr_bs = bs; curr_bs->backing; curr_bs = curr_bs->backing->bs) { 4371 4372 /* If either of the filename paths is actually a protocol, then 4373 * compare unmodified paths; otherwise make paths relative */ 4374 if (is_protocol || path_has_protocol(curr_bs->backing_file)) { 4375 if (strcmp(backing_file, curr_bs->backing_file) == 0) { 4376 retval = curr_bs->backing->bs; 4377 break; 4378 } 4379 /* Also check against the full backing filename for the image */ 4380 bdrv_get_full_backing_filename(curr_bs, backing_file_full, PATH_MAX, 4381 &local_error); 4382 if (local_error == NULL) { 4383 if (strcmp(backing_file, backing_file_full) == 0) { 4384 retval = curr_bs->backing->bs; 4385 break; 4386 } 4387 } else { 4388 error_free(local_error); 4389 local_error = NULL; 4390 } 4391 } else { 4392 /* If not an absolute filename path, make it relative to the current 4393 * image's filename path */ 4394 path_combine(filename_tmp, PATH_MAX, curr_bs->filename, 4395 backing_file); 4396 4397 /* We are going to compare absolute pathnames */ 4398 if (!realpath(filename_tmp, filename_full)) { 4399 continue; 4400 } 4401 4402 /* We need to make sure the backing filename we are comparing against 4403 * is relative to the current image filename (or absolute) */ 4404 path_combine(filename_tmp, PATH_MAX, curr_bs->filename, 4405 curr_bs->backing_file); 4406 4407 if (!realpath(filename_tmp, backing_file_full)) { 4408 continue; 4409 } 4410 4411 if (strcmp(backing_file_full, filename_full) == 0) { 4412 retval = curr_bs->backing->bs; 4413 break; 4414 } 4415 } 4416 } 4417 4418 g_free(filename_full); 4419 g_free(backing_file_full); 4420 g_free(filename_tmp); 4421 return retval; 4422 } 4423 4424 void bdrv_init(void) 4425 { 4426 module_call_init(MODULE_INIT_BLOCK); 4427 } 4428 4429 void bdrv_init_with_whitelist(void) 4430 { 4431 use_bdrv_whitelist = 1; 4432 bdrv_init(); 4433 } 4434 4435 static void coroutine_fn bdrv_co_invalidate_cache(BlockDriverState *bs, 4436 Error **errp) 4437 { 4438 BdrvChild *child, *parent; 4439 uint64_t perm, shared_perm; 4440 Error *local_err = NULL; 4441 int ret; 4442 BdrvDirtyBitmap *bm; 4443 4444 if (!bs->drv) { 4445 return; 4446 } 4447 4448 if (!(bs->open_flags & BDRV_O_INACTIVE)) { 4449 return; 4450 } 4451 4452 QLIST_FOREACH(child, &bs->children, next) { 4453 bdrv_co_invalidate_cache(child->bs, &local_err); 4454 if (local_err) { 4455 error_propagate(errp, local_err); 4456 return; 4457 } 4458 } 4459 4460 /* 4461 * Update permissions, they may differ for inactive nodes. 4462 * 4463 * Note that the required permissions of inactive images are always a 4464 * subset of the permissions required after activating the image. This 4465 * allows us to just get the permissions upfront without restricting 4466 * drv->bdrv_invalidate_cache(). 4467 * 4468 * It also means that in error cases, we don't have to try and revert to 4469 * the old permissions (which is an operation that could fail, too). We can 4470 * just keep the extended permissions for the next time that an activation 4471 * of the image is tried. 4472 */ 4473 bs->open_flags &= ~BDRV_O_INACTIVE; 4474 bdrv_get_cumulative_perm(bs, &perm, &shared_perm); 4475 ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &local_err); 4476 if (ret < 0) { 4477 bs->open_flags |= BDRV_O_INACTIVE; 4478 error_propagate(errp, local_err); 4479 return; 4480 } 4481 bdrv_set_perm(bs, perm, shared_perm); 4482 4483 if (bs->drv->bdrv_co_invalidate_cache) { 4484 bs->drv->bdrv_co_invalidate_cache(bs, &local_err); 4485 if (local_err) { 4486 bs->open_flags |= BDRV_O_INACTIVE; 4487 error_propagate(errp, local_err); 4488 return; 4489 } 4490 } 4491 4492 for (bm = bdrv_dirty_bitmap_next(bs, NULL); bm; 4493 bm = bdrv_dirty_bitmap_next(bs, bm)) 4494 { 4495 bdrv_dirty_bitmap_set_migration(bm, false); 4496 } 4497 4498 ret = refresh_total_sectors(bs, bs->total_sectors); 4499 if (ret < 0) { 4500 bs->open_flags |= BDRV_O_INACTIVE; 4501 error_setg_errno(errp, -ret, "Could not refresh total sector count"); 4502 return; 4503 } 4504 4505 QLIST_FOREACH(parent, &bs->parents, next_parent) { 4506 if (parent->role->activate) { 4507 parent->role->activate(parent, &local_err); 4508 if (local_err) { 4509 error_propagate(errp, local_err); 4510 return; 4511 } 4512 } 4513 } 4514 } 4515 4516 typedef struct InvalidateCacheCo { 4517 BlockDriverState *bs; 4518 Error **errp; 4519 bool done; 4520 } InvalidateCacheCo; 4521 4522 static void coroutine_fn bdrv_invalidate_cache_co_entry(void *opaque) 4523 { 4524 InvalidateCacheCo *ico = opaque; 4525 bdrv_co_invalidate_cache(ico->bs, ico->errp); 4526 ico->done = true; 4527 } 4528 4529 void bdrv_invalidate_cache(BlockDriverState *bs, Error **errp) 4530 { 4531 Coroutine *co; 4532 InvalidateCacheCo ico = { 4533 .bs = bs, 4534 .done = false, 4535 .errp = errp 4536 }; 4537 4538 if (qemu_in_coroutine()) { 4539 /* Fast-path if already in coroutine context */ 4540 bdrv_invalidate_cache_co_entry(&ico); 4541 } else { 4542 co = qemu_coroutine_create(bdrv_invalidate_cache_co_entry, &ico); 4543 qemu_coroutine_enter(co); 4544 BDRV_POLL_WHILE(bs, !ico.done); 4545 } 4546 } 4547 4548 void bdrv_invalidate_cache_all(Error **errp) 4549 { 4550 BlockDriverState *bs; 4551 Error *local_err = NULL; 4552 BdrvNextIterator it; 4553 4554 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 4555 AioContext *aio_context = bdrv_get_aio_context(bs); 4556 4557 aio_context_acquire(aio_context); 4558 bdrv_invalidate_cache(bs, &local_err); 4559 aio_context_release(aio_context); 4560 if (local_err) { 4561 error_propagate(errp, local_err); 4562 bdrv_next_cleanup(&it); 4563 return; 4564 } 4565 } 4566 } 4567 4568 static int bdrv_inactivate_recurse(BlockDriverState *bs, 4569 bool setting_flag) 4570 { 4571 BdrvChild *child, *parent; 4572 int ret; 4573 4574 if (!bs->drv) { 4575 return -ENOMEDIUM; 4576 } 4577 4578 if (!setting_flag && bs->drv->bdrv_inactivate) { 4579 ret = bs->drv->bdrv_inactivate(bs); 4580 if (ret < 0) { 4581 return ret; 4582 } 4583 } 4584 4585 if (setting_flag && !(bs->open_flags & BDRV_O_INACTIVE)) { 4586 uint64_t perm, shared_perm; 4587 4588 QLIST_FOREACH(parent, &bs->parents, next_parent) { 4589 if (parent->role->inactivate) { 4590 ret = parent->role->inactivate(parent); 4591 if (ret < 0) { 4592 return ret; 4593 } 4594 } 4595 } 4596 4597 bs->open_flags |= BDRV_O_INACTIVE; 4598 4599 /* Update permissions, they may differ for inactive nodes */ 4600 bdrv_get_cumulative_perm(bs, &perm, &shared_perm); 4601 bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &error_abort); 4602 bdrv_set_perm(bs, perm, shared_perm); 4603 } 4604 4605 QLIST_FOREACH(child, &bs->children, next) { 4606 ret = bdrv_inactivate_recurse(child->bs, setting_flag); 4607 if (ret < 0) { 4608 return ret; 4609 } 4610 } 4611 4612 return 0; 4613 } 4614 4615 int bdrv_inactivate_all(void) 4616 { 4617 BlockDriverState *bs = NULL; 4618 BdrvNextIterator it; 4619 int ret = 0; 4620 int pass; 4621 GSList *aio_ctxs = NULL, *ctx; 4622 4623 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 4624 AioContext *aio_context = bdrv_get_aio_context(bs); 4625 4626 if (!g_slist_find(aio_ctxs, aio_context)) { 4627 aio_ctxs = g_slist_prepend(aio_ctxs, aio_context); 4628 aio_context_acquire(aio_context); 4629 } 4630 } 4631 4632 /* We do two passes of inactivation. The first pass calls to drivers' 4633 * .bdrv_inactivate callbacks recursively so all cache is flushed to disk; 4634 * the second pass sets the BDRV_O_INACTIVE flag so that no further write 4635 * is allowed. */ 4636 for (pass = 0; pass < 2; pass++) { 4637 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 4638 ret = bdrv_inactivate_recurse(bs, pass); 4639 if (ret < 0) { 4640 bdrv_next_cleanup(&it); 4641 goto out; 4642 } 4643 } 4644 } 4645 4646 out: 4647 for (ctx = aio_ctxs; ctx != NULL; ctx = ctx->next) { 4648 AioContext *aio_context = ctx->data; 4649 aio_context_release(aio_context); 4650 } 4651 g_slist_free(aio_ctxs); 4652 4653 return ret; 4654 } 4655 4656 /**************************************************************/ 4657 /* removable device support */ 4658 4659 /** 4660 * Return TRUE if the media is present 4661 */ 4662 bool bdrv_is_inserted(BlockDriverState *bs) 4663 { 4664 BlockDriver *drv = bs->drv; 4665 BdrvChild *child; 4666 4667 if (!drv) { 4668 return false; 4669 } 4670 if (drv->bdrv_is_inserted) { 4671 return drv->bdrv_is_inserted(bs); 4672 } 4673 QLIST_FOREACH(child, &bs->children, next) { 4674 if (!bdrv_is_inserted(child->bs)) { 4675 return false; 4676 } 4677 } 4678 return true; 4679 } 4680 4681 /** 4682 * If eject_flag is TRUE, eject the media. Otherwise, close the tray 4683 */ 4684 void bdrv_eject(BlockDriverState *bs, bool eject_flag) 4685 { 4686 BlockDriver *drv = bs->drv; 4687 4688 if (drv && drv->bdrv_eject) { 4689 drv->bdrv_eject(bs, eject_flag); 4690 } 4691 } 4692 4693 /** 4694 * Lock or unlock the media (if it is locked, the user won't be able 4695 * to eject it manually). 4696 */ 4697 void bdrv_lock_medium(BlockDriverState *bs, bool locked) 4698 { 4699 BlockDriver *drv = bs->drv; 4700 4701 trace_bdrv_lock_medium(bs, locked); 4702 4703 if (drv && drv->bdrv_lock_medium) { 4704 drv->bdrv_lock_medium(bs, locked); 4705 } 4706 } 4707 4708 /* Get a reference to bs */ 4709 void bdrv_ref(BlockDriverState *bs) 4710 { 4711 bs->refcnt++; 4712 } 4713 4714 /* Release a previously grabbed reference to bs. 4715 * If after releasing, reference count is zero, the BlockDriverState is 4716 * deleted. */ 4717 void bdrv_unref(BlockDriverState *bs) 4718 { 4719 if (!bs) { 4720 return; 4721 } 4722 assert(bs->refcnt > 0); 4723 if (--bs->refcnt == 0) { 4724 bdrv_delete(bs); 4725 } 4726 } 4727 4728 struct BdrvOpBlocker { 4729 Error *reason; 4730 QLIST_ENTRY(BdrvOpBlocker) list; 4731 }; 4732 4733 bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType op, Error **errp) 4734 { 4735 BdrvOpBlocker *blocker; 4736 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX); 4737 if (!QLIST_EMPTY(&bs->op_blockers[op])) { 4738 blocker = QLIST_FIRST(&bs->op_blockers[op]); 4739 error_propagate_prepend(errp, error_copy(blocker->reason), 4740 "Node '%s' is busy: ", 4741 bdrv_get_device_or_node_name(bs)); 4742 return true; 4743 } 4744 return false; 4745 } 4746 4747 void bdrv_op_block(BlockDriverState *bs, BlockOpType op, Error *reason) 4748 { 4749 BdrvOpBlocker *blocker; 4750 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX); 4751 4752 blocker = g_new0(BdrvOpBlocker, 1); 4753 blocker->reason = reason; 4754 QLIST_INSERT_HEAD(&bs->op_blockers[op], blocker, list); 4755 } 4756 4757 void bdrv_op_unblock(BlockDriverState *bs, BlockOpType op, Error *reason) 4758 { 4759 BdrvOpBlocker *blocker, *next; 4760 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX); 4761 QLIST_FOREACH_SAFE(blocker, &bs->op_blockers[op], list, next) { 4762 if (blocker->reason == reason) { 4763 QLIST_REMOVE(blocker, list); 4764 g_free(blocker); 4765 } 4766 } 4767 } 4768 4769 void bdrv_op_block_all(BlockDriverState *bs, Error *reason) 4770 { 4771 int i; 4772 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 4773 bdrv_op_block(bs, i, reason); 4774 } 4775 } 4776 4777 void bdrv_op_unblock_all(BlockDriverState *bs, Error *reason) 4778 { 4779 int i; 4780 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 4781 bdrv_op_unblock(bs, i, reason); 4782 } 4783 } 4784 4785 bool bdrv_op_blocker_is_empty(BlockDriverState *bs) 4786 { 4787 int i; 4788 4789 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) { 4790 if (!QLIST_EMPTY(&bs->op_blockers[i])) { 4791 return false; 4792 } 4793 } 4794 return true; 4795 } 4796 4797 void bdrv_img_create(const char *filename, const char *fmt, 4798 const char *base_filename, const char *base_fmt, 4799 char *options, uint64_t img_size, int flags, bool quiet, 4800 Error **errp) 4801 { 4802 QemuOptsList *create_opts = NULL; 4803 QemuOpts *opts = NULL; 4804 const char *backing_fmt, *backing_file; 4805 int64_t size; 4806 BlockDriver *drv, *proto_drv; 4807 Error *local_err = NULL; 4808 int ret = 0; 4809 4810 /* Find driver and parse its options */ 4811 drv = bdrv_find_format(fmt); 4812 if (!drv) { 4813 error_setg(errp, "Unknown file format '%s'", fmt); 4814 return; 4815 } 4816 4817 proto_drv = bdrv_find_protocol(filename, true, errp); 4818 if (!proto_drv) { 4819 return; 4820 } 4821 4822 if (!drv->create_opts) { 4823 error_setg(errp, "Format driver '%s' does not support image creation", 4824 drv->format_name); 4825 return; 4826 } 4827 4828 if (!proto_drv->create_opts) { 4829 error_setg(errp, "Protocol driver '%s' does not support image creation", 4830 proto_drv->format_name); 4831 return; 4832 } 4833 4834 create_opts = qemu_opts_append(create_opts, drv->create_opts); 4835 create_opts = qemu_opts_append(create_opts, proto_drv->create_opts); 4836 4837 /* Create parameter list with default values */ 4838 opts = qemu_opts_create(create_opts, NULL, 0, &error_abort); 4839 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, img_size, &error_abort); 4840 4841 /* Parse -o options */ 4842 if (options) { 4843 qemu_opts_do_parse(opts, options, NULL, &local_err); 4844 if (local_err) { 4845 goto out; 4846 } 4847 } 4848 4849 if (base_filename) { 4850 qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, base_filename, &local_err); 4851 if (local_err) { 4852 error_setg(errp, "Backing file not supported for file format '%s'", 4853 fmt); 4854 goto out; 4855 } 4856 } 4857 4858 if (base_fmt) { 4859 qemu_opt_set(opts, BLOCK_OPT_BACKING_FMT, base_fmt, &local_err); 4860 if (local_err) { 4861 error_setg(errp, "Backing file format not supported for file " 4862 "format '%s'", fmt); 4863 goto out; 4864 } 4865 } 4866 4867 backing_file = qemu_opt_get(opts, BLOCK_OPT_BACKING_FILE); 4868 if (backing_file) { 4869 if (!strcmp(filename, backing_file)) { 4870 error_setg(errp, "Error: Trying to create an image with the " 4871 "same filename as the backing file"); 4872 goto out; 4873 } 4874 } 4875 4876 backing_fmt = qemu_opt_get(opts, BLOCK_OPT_BACKING_FMT); 4877 4878 /* The size for the image must always be specified, unless we have a backing 4879 * file and we have not been forbidden from opening it. */ 4880 size = qemu_opt_get_size(opts, BLOCK_OPT_SIZE, img_size); 4881 if (backing_file && !(flags & BDRV_O_NO_BACKING)) { 4882 BlockDriverState *bs; 4883 char *full_backing = g_new0(char, PATH_MAX); 4884 int back_flags; 4885 QDict *backing_options = NULL; 4886 4887 bdrv_get_full_backing_filename_from_filename(filename, backing_file, 4888 full_backing, PATH_MAX, 4889 &local_err); 4890 if (local_err) { 4891 g_free(full_backing); 4892 goto out; 4893 } 4894 4895 /* backing files always opened read-only */ 4896 back_flags = flags; 4897 back_flags &= ~(BDRV_O_RDWR | BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING); 4898 4899 backing_options = qdict_new(); 4900 if (backing_fmt) { 4901 qdict_put_str(backing_options, "driver", backing_fmt); 4902 } 4903 qdict_put_bool(backing_options, BDRV_OPT_FORCE_SHARE, true); 4904 4905 bs = bdrv_open(full_backing, NULL, backing_options, back_flags, 4906 &local_err); 4907 g_free(full_backing); 4908 if (!bs && size != -1) { 4909 /* Couldn't open BS, but we have a size, so it's nonfatal */ 4910 warn_reportf_err(local_err, 4911 "Could not verify backing image. " 4912 "This may become an error in future versions.\n"); 4913 local_err = NULL; 4914 } else if (!bs) { 4915 /* Couldn't open bs, do not have size */ 4916 error_append_hint(&local_err, 4917 "Could not open backing image to determine size.\n"); 4918 goto out; 4919 } else { 4920 if (size == -1) { 4921 /* Opened BS, have no size */ 4922 size = bdrv_getlength(bs); 4923 if (size < 0) { 4924 error_setg_errno(errp, -size, "Could not get size of '%s'", 4925 backing_file); 4926 bdrv_unref(bs); 4927 goto out; 4928 } 4929 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, &error_abort); 4930 } 4931 bdrv_unref(bs); 4932 } 4933 } /* (backing_file && !(flags & BDRV_O_NO_BACKING)) */ 4934 4935 if (size == -1) { 4936 error_setg(errp, "Image creation needs a size parameter"); 4937 goto out; 4938 } 4939 4940 if (!quiet) { 4941 printf("Formatting '%s', fmt=%s ", filename, fmt); 4942 qemu_opts_print(opts, " "); 4943 puts(""); 4944 } 4945 4946 ret = bdrv_create(drv, filename, opts, &local_err); 4947 4948 if (ret == -EFBIG) { 4949 /* This is generally a better message than whatever the driver would 4950 * deliver (especially because of the cluster_size_hint), since that 4951 * is most probably not much different from "image too large". */ 4952 const char *cluster_size_hint = ""; 4953 if (qemu_opt_get_size(opts, BLOCK_OPT_CLUSTER_SIZE, 0)) { 4954 cluster_size_hint = " (try using a larger cluster size)"; 4955 } 4956 error_setg(errp, "The image size is too large for file format '%s'" 4957 "%s", fmt, cluster_size_hint); 4958 error_free(local_err); 4959 local_err = NULL; 4960 } 4961 4962 out: 4963 qemu_opts_del(opts); 4964 qemu_opts_free(create_opts); 4965 error_propagate(errp, local_err); 4966 } 4967 4968 AioContext *bdrv_get_aio_context(BlockDriverState *bs) 4969 { 4970 return bs ? bs->aio_context : qemu_get_aio_context(); 4971 } 4972 4973 void bdrv_coroutine_enter(BlockDriverState *bs, Coroutine *co) 4974 { 4975 aio_co_enter(bdrv_get_aio_context(bs), co); 4976 } 4977 4978 static void bdrv_do_remove_aio_context_notifier(BdrvAioNotifier *ban) 4979 { 4980 QLIST_REMOVE(ban, list); 4981 g_free(ban); 4982 } 4983 4984 void bdrv_detach_aio_context(BlockDriverState *bs) 4985 { 4986 BdrvAioNotifier *baf, *baf_tmp; 4987 BdrvChild *child; 4988 4989 if (!bs->drv) { 4990 return; 4991 } 4992 4993 assert(!bs->walking_aio_notifiers); 4994 bs->walking_aio_notifiers = true; 4995 QLIST_FOREACH_SAFE(baf, &bs->aio_notifiers, list, baf_tmp) { 4996 if (baf->deleted) { 4997 bdrv_do_remove_aio_context_notifier(baf); 4998 } else { 4999 baf->detach_aio_context(baf->opaque); 5000 } 5001 } 5002 /* Never mind iterating again to check for ->deleted. bdrv_close() will 5003 * remove remaining aio notifiers if we aren't called again. 5004 */ 5005 bs->walking_aio_notifiers = false; 5006 5007 if (bs->drv->bdrv_detach_aio_context) { 5008 bs->drv->bdrv_detach_aio_context(bs); 5009 } 5010 QLIST_FOREACH(child, &bs->children, next) { 5011 bdrv_detach_aio_context(child->bs); 5012 } 5013 5014 bs->aio_context = NULL; 5015 } 5016 5017 void bdrv_attach_aio_context(BlockDriverState *bs, 5018 AioContext *new_context) 5019 { 5020 BdrvAioNotifier *ban, *ban_tmp; 5021 BdrvChild *child; 5022 5023 if (!bs->drv) { 5024 return; 5025 } 5026 5027 bs->aio_context = new_context; 5028 5029 QLIST_FOREACH(child, &bs->children, next) { 5030 bdrv_attach_aio_context(child->bs, new_context); 5031 } 5032 if (bs->drv->bdrv_attach_aio_context) { 5033 bs->drv->bdrv_attach_aio_context(bs, new_context); 5034 } 5035 5036 assert(!bs->walking_aio_notifiers); 5037 bs->walking_aio_notifiers = true; 5038 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_tmp) { 5039 if (ban->deleted) { 5040 bdrv_do_remove_aio_context_notifier(ban); 5041 } else { 5042 ban->attached_aio_context(new_context, ban->opaque); 5043 } 5044 } 5045 bs->walking_aio_notifiers = false; 5046 } 5047 5048 void bdrv_set_aio_context(BlockDriverState *bs, AioContext *new_context) 5049 { 5050 AioContext *ctx = bdrv_get_aio_context(bs); 5051 5052 aio_disable_external(ctx); 5053 bdrv_parent_drained_begin(bs, NULL, false); 5054 bdrv_drain(bs); /* ensure there are no in-flight requests */ 5055 5056 while (aio_poll(ctx, false)) { 5057 /* wait for all bottom halves to execute */ 5058 } 5059 5060 bdrv_detach_aio_context(bs); 5061 5062 /* This function executes in the old AioContext so acquire the new one in 5063 * case it runs in a different thread. 5064 */ 5065 aio_context_acquire(new_context); 5066 bdrv_attach_aio_context(bs, new_context); 5067 bdrv_parent_drained_end(bs, NULL, false); 5068 aio_enable_external(ctx); 5069 aio_context_release(new_context); 5070 } 5071 5072 void bdrv_add_aio_context_notifier(BlockDriverState *bs, 5073 void (*attached_aio_context)(AioContext *new_context, void *opaque), 5074 void (*detach_aio_context)(void *opaque), void *opaque) 5075 { 5076 BdrvAioNotifier *ban = g_new(BdrvAioNotifier, 1); 5077 *ban = (BdrvAioNotifier){ 5078 .attached_aio_context = attached_aio_context, 5079 .detach_aio_context = detach_aio_context, 5080 .opaque = opaque 5081 }; 5082 5083 QLIST_INSERT_HEAD(&bs->aio_notifiers, ban, list); 5084 } 5085 5086 void bdrv_remove_aio_context_notifier(BlockDriverState *bs, 5087 void (*attached_aio_context)(AioContext *, 5088 void *), 5089 void (*detach_aio_context)(void *), 5090 void *opaque) 5091 { 5092 BdrvAioNotifier *ban, *ban_next; 5093 5094 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_next) { 5095 if (ban->attached_aio_context == attached_aio_context && 5096 ban->detach_aio_context == detach_aio_context && 5097 ban->opaque == opaque && 5098 ban->deleted == false) 5099 { 5100 if (bs->walking_aio_notifiers) { 5101 ban->deleted = true; 5102 } else { 5103 bdrv_do_remove_aio_context_notifier(ban); 5104 } 5105 return; 5106 } 5107 } 5108 5109 abort(); 5110 } 5111 5112 int bdrv_amend_options(BlockDriverState *bs, QemuOpts *opts, 5113 BlockDriverAmendStatusCB *status_cb, void *cb_opaque, 5114 Error **errp) 5115 { 5116 if (!bs->drv) { 5117 error_setg(errp, "Node is ejected"); 5118 return -ENOMEDIUM; 5119 } 5120 if (!bs->drv->bdrv_amend_options) { 5121 error_setg(errp, "Block driver '%s' does not support option amendment", 5122 bs->drv->format_name); 5123 return -ENOTSUP; 5124 } 5125 return bs->drv->bdrv_amend_options(bs, opts, status_cb, cb_opaque, errp); 5126 } 5127 5128 /* This function will be called by the bdrv_recurse_is_first_non_filter method 5129 * of block filter and by bdrv_is_first_non_filter. 5130 * It is used to test if the given bs is the candidate or recurse more in the 5131 * node graph. 5132 */ 5133 bool bdrv_recurse_is_first_non_filter(BlockDriverState *bs, 5134 BlockDriverState *candidate) 5135 { 5136 /* return false if basic checks fails */ 5137 if (!bs || !bs->drv) { 5138 return false; 5139 } 5140 5141 /* the code reached a non block filter driver -> check if the bs is 5142 * the same as the candidate. It's the recursion termination condition. 5143 */ 5144 if (!bs->drv->is_filter) { 5145 return bs == candidate; 5146 } 5147 /* Down this path the driver is a block filter driver */ 5148 5149 /* If the block filter recursion method is defined use it to recurse down 5150 * the node graph. 5151 */ 5152 if (bs->drv->bdrv_recurse_is_first_non_filter) { 5153 return bs->drv->bdrv_recurse_is_first_non_filter(bs, candidate); 5154 } 5155 5156 /* the driver is a block filter but don't allow to recurse -> return false 5157 */ 5158 return false; 5159 } 5160 5161 /* This function checks if the candidate is the first non filter bs down it's 5162 * bs chain. Since we don't have pointers to parents it explore all bs chains 5163 * from the top. Some filters can choose not to pass down the recursion. 5164 */ 5165 bool bdrv_is_first_non_filter(BlockDriverState *candidate) 5166 { 5167 BlockDriverState *bs; 5168 BdrvNextIterator it; 5169 5170 /* walk down the bs forest recursively */ 5171 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) { 5172 bool perm; 5173 5174 /* try to recurse in this top level bs */ 5175 perm = bdrv_recurse_is_first_non_filter(bs, candidate); 5176 5177 /* candidate is the first non filter */ 5178 if (perm) { 5179 bdrv_next_cleanup(&it); 5180 return true; 5181 } 5182 } 5183 5184 return false; 5185 } 5186 5187 BlockDriverState *check_to_replace_node(BlockDriverState *parent_bs, 5188 const char *node_name, Error **errp) 5189 { 5190 BlockDriverState *to_replace_bs = bdrv_find_node(node_name); 5191 AioContext *aio_context; 5192 5193 if (!to_replace_bs) { 5194 error_setg(errp, "Node name '%s' not found", node_name); 5195 return NULL; 5196 } 5197 5198 aio_context = bdrv_get_aio_context(to_replace_bs); 5199 aio_context_acquire(aio_context); 5200 5201 if (bdrv_op_is_blocked(to_replace_bs, BLOCK_OP_TYPE_REPLACE, errp)) { 5202 to_replace_bs = NULL; 5203 goto out; 5204 } 5205 5206 /* We don't want arbitrary node of the BDS chain to be replaced only the top 5207 * most non filter in order to prevent data corruption. 5208 * Another benefit is that this tests exclude backing files which are 5209 * blocked by the backing blockers. 5210 */ 5211 if (!bdrv_recurse_is_first_non_filter(parent_bs, to_replace_bs)) { 5212 error_setg(errp, "Only top most non filter can be replaced"); 5213 to_replace_bs = NULL; 5214 goto out; 5215 } 5216 5217 out: 5218 aio_context_release(aio_context); 5219 return to_replace_bs; 5220 } 5221 5222 static bool append_open_options(QDict *d, BlockDriverState *bs) 5223 { 5224 const QDictEntry *entry; 5225 QemuOptDesc *desc; 5226 bool found_any = false; 5227 5228 for (entry = qdict_first(bs->options); entry; 5229 entry = qdict_next(bs->options, entry)) 5230 { 5231 /* Exclude all non-driver-specific options */ 5232 for (desc = bdrv_runtime_opts.desc; desc->name; desc++) { 5233 if (!strcmp(qdict_entry_key(entry), desc->name)) { 5234 break; 5235 } 5236 } 5237 if (desc->name) { 5238 continue; 5239 } 5240 5241 qdict_put_obj(d, qdict_entry_key(entry), 5242 qobject_ref(qdict_entry_value(entry))); 5243 found_any = true; 5244 } 5245 5246 return found_any; 5247 } 5248 5249 /* Updates the following BDS fields: 5250 * - exact_filename: A filename which may be used for opening a block device 5251 * which (mostly) equals the given BDS (even without any 5252 * other options; so reading and writing must return the same 5253 * results, but caching etc. may be different) 5254 * - full_open_options: Options which, when given when opening a block device 5255 * (without a filename), result in a BDS (mostly) 5256 * equalling the given one 5257 * - filename: If exact_filename is set, it is copied here. Otherwise, 5258 * full_open_options is converted to a JSON object, prefixed with 5259 * "json:" (for use through the JSON pseudo protocol) and put here. 5260 */ 5261 void bdrv_refresh_filename(BlockDriverState *bs) 5262 { 5263 BlockDriver *drv = bs->drv; 5264 QDict *opts; 5265 5266 if (!drv) { 5267 return; 5268 } 5269 5270 /* This BDS's file name will most probably depend on its file's name, so 5271 * refresh that first */ 5272 if (bs->file) { 5273 bdrv_refresh_filename(bs->file->bs); 5274 } 5275 5276 if (drv->bdrv_refresh_filename) { 5277 /* Obsolete information is of no use here, so drop the old file name 5278 * information before refreshing it */ 5279 bs->exact_filename[0] = '\0'; 5280 if (bs->full_open_options) { 5281 qobject_unref(bs->full_open_options); 5282 bs->full_open_options = NULL; 5283 } 5284 5285 opts = qdict_new(); 5286 append_open_options(opts, bs); 5287 drv->bdrv_refresh_filename(bs, opts); 5288 qobject_unref(opts); 5289 } else if (bs->file) { 5290 /* Try to reconstruct valid information from the underlying file */ 5291 bool has_open_options; 5292 5293 bs->exact_filename[0] = '\0'; 5294 if (bs->full_open_options) { 5295 qobject_unref(bs->full_open_options); 5296 bs->full_open_options = NULL; 5297 } 5298 5299 opts = qdict_new(); 5300 has_open_options = append_open_options(opts, bs); 5301 5302 /* If no specific options have been given for this BDS, the filename of 5303 * the underlying file should suffice for this one as well */ 5304 if (bs->file->bs->exact_filename[0] && !has_open_options) { 5305 strcpy(bs->exact_filename, bs->file->bs->exact_filename); 5306 } 5307 /* Reconstructing the full options QDict is simple for most format block 5308 * drivers, as long as the full options are known for the underlying 5309 * file BDS. The full options QDict of that file BDS should somehow 5310 * contain a representation of the filename, therefore the following 5311 * suffices without querying the (exact_)filename of this BDS. */ 5312 if (bs->file->bs->full_open_options) { 5313 qdict_put_str(opts, "driver", drv->format_name); 5314 qdict_put(opts, "file", 5315 qobject_ref(bs->file->bs->full_open_options)); 5316 5317 bs->full_open_options = opts; 5318 } else { 5319 qobject_unref(opts); 5320 } 5321 } else if (!bs->full_open_options && qdict_size(bs->options)) { 5322 /* There is no underlying file BDS (at least referenced by BDS.file), 5323 * so the full options QDict should be equal to the options given 5324 * specifically for this block device when it was opened (plus the 5325 * driver specification). 5326 * Because those options don't change, there is no need to update 5327 * full_open_options when it's already set. */ 5328 5329 opts = qdict_new(); 5330 append_open_options(opts, bs); 5331 qdict_put_str(opts, "driver", drv->format_name); 5332 5333 if (bs->exact_filename[0]) { 5334 /* This may not work for all block protocol drivers (some may 5335 * require this filename to be parsed), but we have to find some 5336 * default solution here, so just include it. If some block driver 5337 * does not support pure options without any filename at all or 5338 * needs some special format of the options QDict, it needs to 5339 * implement the driver-specific bdrv_refresh_filename() function. 5340 */ 5341 qdict_put_str(opts, "filename", bs->exact_filename); 5342 } 5343 5344 bs->full_open_options = opts; 5345 } 5346 5347 if (bs->exact_filename[0]) { 5348 pstrcpy(bs->filename, sizeof(bs->filename), bs->exact_filename); 5349 } else if (bs->full_open_options) { 5350 QString *json = qobject_to_json(QOBJECT(bs->full_open_options)); 5351 snprintf(bs->filename, sizeof(bs->filename), "json:%s", 5352 qstring_get_str(json)); 5353 qobject_unref(json); 5354 } 5355 } 5356 5357 /* 5358 * Hot add/remove a BDS's child. So the user can take a child offline when 5359 * it is broken and take a new child online 5360 */ 5361 void bdrv_add_child(BlockDriverState *parent_bs, BlockDriverState *child_bs, 5362 Error **errp) 5363 { 5364 5365 if (!parent_bs->drv || !parent_bs->drv->bdrv_add_child) { 5366 error_setg(errp, "The node %s does not support adding a child", 5367 bdrv_get_device_or_node_name(parent_bs)); 5368 return; 5369 } 5370 5371 if (!QLIST_EMPTY(&child_bs->parents)) { 5372 error_setg(errp, "The node %s already has a parent", 5373 child_bs->node_name); 5374 return; 5375 } 5376 5377 parent_bs->drv->bdrv_add_child(parent_bs, child_bs, errp); 5378 } 5379 5380 void bdrv_del_child(BlockDriverState *parent_bs, BdrvChild *child, Error **errp) 5381 { 5382 BdrvChild *tmp; 5383 5384 if (!parent_bs->drv || !parent_bs->drv->bdrv_del_child) { 5385 error_setg(errp, "The node %s does not support removing a child", 5386 bdrv_get_device_or_node_name(parent_bs)); 5387 return; 5388 } 5389 5390 QLIST_FOREACH(tmp, &parent_bs->children, next) { 5391 if (tmp == child) { 5392 break; 5393 } 5394 } 5395 5396 if (!tmp) { 5397 error_setg(errp, "The node %s does not have a child named %s", 5398 bdrv_get_device_or_node_name(parent_bs), 5399 bdrv_get_device_or_node_name(child->bs)); 5400 return; 5401 } 5402 5403 parent_bs->drv->bdrv_del_child(parent_bs, child, errp); 5404 } 5405 5406 bool bdrv_can_store_new_dirty_bitmap(BlockDriverState *bs, const char *name, 5407 uint32_t granularity, Error **errp) 5408 { 5409 BlockDriver *drv = bs->drv; 5410 5411 if (!drv) { 5412 error_setg_errno(errp, ENOMEDIUM, 5413 "Can't store persistent bitmaps to %s", 5414 bdrv_get_device_or_node_name(bs)); 5415 return false; 5416 } 5417 5418 if (!drv->bdrv_can_store_new_dirty_bitmap) { 5419 error_setg_errno(errp, ENOTSUP, 5420 "Can't store persistent bitmaps to %s", 5421 bdrv_get_device_or_node_name(bs)); 5422 return false; 5423 } 5424 5425 return drv->bdrv_can_store_new_dirty_bitmap(bs, name, granularity, errp); 5426 } 5427