1 /* 2 * QEMU backup 3 * 4 * Copyright (C) 2013 Proxmox Server Solutions 5 * Copyright (c) 2019 Virtuozzo International GmbH. 6 * 7 * Authors: 8 * Dietmar Maurer (dietmar@proxmox.com) 9 * 10 * This work is licensed under the terms of the GNU GPL, version 2 or later. 11 * See the COPYING file in the top-level directory. 12 * 13 */ 14 15 #include "qemu/osdep.h" 16 17 #include "trace.h" 18 #include "block/block.h" 19 #include "block/block_int.h" 20 #include "block/blockjob_int.h" 21 #include "block/block_backup.h" 22 #include "block/block-copy.h" 23 #include "qapi/error.h" 24 #include "qapi/qmp/qerror.h" 25 #include "qemu/ratelimit.h" 26 #include "qemu/cutils.h" 27 #include "sysemu/block-backend.h" 28 #include "qemu/bitmap.h" 29 #include "qemu/error-report.h" 30 31 #include "block/backup-top.h" 32 33 #define BACKUP_CLUSTER_SIZE_DEFAULT (1 << 16) 34 35 typedef struct BackupBlockJob { 36 BlockJob common; 37 BlockDriverState *backup_top; 38 BlockDriverState *source_bs; 39 40 BdrvDirtyBitmap *sync_bitmap; 41 42 MirrorSyncMode sync_mode; 43 BitmapSyncMode bitmap_mode; 44 BlockdevOnError on_source_error; 45 BlockdevOnError on_target_error; 46 uint64_t len; 47 uint64_t bytes_read; 48 int64_t cluster_size; 49 50 BlockCopyState *bcs; 51 } BackupBlockJob; 52 53 static const BlockJobDriver backup_job_driver; 54 55 static void backup_progress_bytes_callback(int64_t bytes, void *opaque) 56 { 57 BackupBlockJob *s = opaque; 58 59 s->bytes_read += bytes; 60 } 61 62 static int coroutine_fn backup_do_cow(BackupBlockJob *job, 63 int64_t offset, uint64_t bytes, 64 bool *error_is_read) 65 { 66 int ret = 0; 67 int64_t start, end; /* bytes */ 68 69 start = QEMU_ALIGN_DOWN(offset, job->cluster_size); 70 end = QEMU_ALIGN_UP(bytes + offset, job->cluster_size); 71 72 trace_backup_do_cow_enter(job, start, offset, bytes); 73 74 ret = block_copy(job->bcs, start, end - start, error_is_read); 75 76 trace_backup_do_cow_return(job, offset, bytes, ret); 77 78 return ret; 79 } 80 81 static void backup_cleanup_sync_bitmap(BackupBlockJob *job, int ret) 82 { 83 BdrvDirtyBitmap *bm; 84 bool sync = (((ret == 0) || (job->bitmap_mode == BITMAP_SYNC_MODE_ALWAYS)) \ 85 && (job->bitmap_mode != BITMAP_SYNC_MODE_NEVER)); 86 87 if (sync) { 88 /* 89 * We succeeded, or we always intended to sync the bitmap. 90 * Delete this bitmap and install the child. 91 */ 92 bm = bdrv_dirty_bitmap_abdicate(job->sync_bitmap, NULL); 93 } else { 94 /* 95 * We failed, or we never intended to sync the bitmap anyway. 96 * Merge the successor back into the parent, keeping all data. 97 */ 98 bm = bdrv_reclaim_dirty_bitmap(job->sync_bitmap, NULL); 99 } 100 101 assert(bm); 102 103 if (ret < 0 && job->bitmap_mode == BITMAP_SYNC_MODE_ALWAYS) { 104 /* If we failed and synced, merge in the bits we didn't copy: */ 105 bdrv_dirty_bitmap_merge_internal(bm, block_copy_dirty_bitmap(job->bcs), 106 NULL, true); 107 } 108 } 109 110 static void backup_commit(Job *job) 111 { 112 BackupBlockJob *s = container_of(job, BackupBlockJob, common.job); 113 if (s->sync_bitmap) { 114 backup_cleanup_sync_bitmap(s, 0); 115 } 116 } 117 118 static void backup_abort(Job *job) 119 { 120 BackupBlockJob *s = container_of(job, BackupBlockJob, common.job); 121 if (s->sync_bitmap) { 122 backup_cleanup_sync_bitmap(s, -1); 123 } 124 } 125 126 static void backup_clean(Job *job) 127 { 128 BackupBlockJob *s = container_of(job, BackupBlockJob, common.job); 129 bdrv_backup_top_drop(s->backup_top); 130 } 131 132 void backup_do_checkpoint(BlockJob *job, Error **errp) 133 { 134 BackupBlockJob *backup_job = container_of(job, BackupBlockJob, common); 135 136 assert(block_job_driver(job) == &backup_job_driver); 137 138 if (backup_job->sync_mode != MIRROR_SYNC_MODE_NONE) { 139 error_setg(errp, "The backup job only supports block checkpoint in" 140 " sync=none mode"); 141 return; 142 } 143 144 bdrv_set_dirty_bitmap(block_copy_dirty_bitmap(backup_job->bcs), 0, 145 backup_job->len); 146 } 147 148 static BlockErrorAction backup_error_action(BackupBlockJob *job, 149 bool read, int error) 150 { 151 if (read) { 152 return block_job_error_action(&job->common, job->on_source_error, 153 true, error); 154 } else { 155 return block_job_error_action(&job->common, job->on_target_error, 156 false, error); 157 } 158 } 159 160 static bool coroutine_fn yield_and_check(BackupBlockJob *job) 161 { 162 uint64_t delay_ns; 163 164 if (job_is_cancelled(&job->common.job)) { 165 return true; 166 } 167 168 /* 169 * We need to yield even for delay_ns = 0 so that bdrv_drain_all() can 170 * return. Without a yield, the VM would not reboot. 171 */ 172 delay_ns = block_job_ratelimit_get_delay(&job->common, job->bytes_read); 173 job->bytes_read = 0; 174 job_sleep_ns(&job->common.job, delay_ns); 175 176 if (job_is_cancelled(&job->common.job)) { 177 return true; 178 } 179 180 return false; 181 } 182 183 static int coroutine_fn backup_loop(BackupBlockJob *job) 184 { 185 bool error_is_read; 186 int64_t offset; 187 BdrvDirtyBitmapIter *bdbi; 188 int ret = 0; 189 190 bdbi = bdrv_dirty_iter_new(block_copy_dirty_bitmap(job->bcs)); 191 while ((offset = bdrv_dirty_iter_next(bdbi)) != -1) { 192 do { 193 if (yield_and_check(job)) { 194 goto out; 195 } 196 ret = backup_do_cow(job, offset, job->cluster_size, &error_is_read); 197 if (ret < 0 && backup_error_action(job, error_is_read, -ret) == 198 BLOCK_ERROR_ACTION_REPORT) 199 { 200 goto out; 201 } 202 } while (ret < 0); 203 } 204 205 out: 206 bdrv_dirty_iter_free(bdbi); 207 return ret; 208 } 209 210 static void backup_init_bcs_bitmap(BackupBlockJob *job) 211 { 212 bool ret; 213 uint64_t estimate; 214 BdrvDirtyBitmap *bcs_bitmap = block_copy_dirty_bitmap(job->bcs); 215 216 if (job->sync_mode == MIRROR_SYNC_MODE_BITMAP) { 217 ret = bdrv_dirty_bitmap_merge_internal(bcs_bitmap, job->sync_bitmap, 218 NULL, true); 219 assert(ret); 220 } else { 221 if (job->sync_mode == MIRROR_SYNC_MODE_TOP) { 222 /* 223 * We can't hog the coroutine to initialize this thoroughly. 224 * Set a flag and resume work when we are able to yield safely. 225 */ 226 block_copy_set_skip_unallocated(job->bcs, true); 227 } 228 bdrv_set_dirty_bitmap(bcs_bitmap, 0, job->len); 229 } 230 231 estimate = bdrv_get_dirty_count(bcs_bitmap); 232 job_progress_set_remaining(&job->common.job, estimate); 233 } 234 235 static int coroutine_fn backup_run(Job *job, Error **errp) 236 { 237 BackupBlockJob *s = container_of(job, BackupBlockJob, common.job); 238 int ret = 0; 239 240 backup_init_bcs_bitmap(s); 241 242 if (s->sync_mode == MIRROR_SYNC_MODE_TOP) { 243 int64_t offset = 0; 244 int64_t count; 245 246 for (offset = 0; offset < s->len; ) { 247 if (yield_and_check(s)) { 248 ret = -ECANCELED; 249 goto out; 250 } 251 252 ret = block_copy_reset_unallocated(s->bcs, offset, &count); 253 if (ret < 0) { 254 goto out; 255 } 256 257 offset += count; 258 } 259 block_copy_set_skip_unallocated(s->bcs, false); 260 } 261 262 if (s->sync_mode == MIRROR_SYNC_MODE_NONE) { 263 /* 264 * All bits are set in bcs bitmap to allow any cluster to be copied. 265 * This does not actually require them to be copied. 266 */ 267 while (!job_is_cancelled(job)) { 268 /* 269 * Yield until the job is cancelled. We just let our before_write 270 * notify callback service CoW requests. 271 */ 272 job_yield(job); 273 } 274 } else { 275 ret = backup_loop(s); 276 } 277 278 out: 279 return ret; 280 } 281 282 static const BlockJobDriver backup_job_driver = { 283 .job_driver = { 284 .instance_size = sizeof(BackupBlockJob), 285 .job_type = JOB_TYPE_BACKUP, 286 .free = block_job_free, 287 .user_resume = block_job_user_resume, 288 .run = backup_run, 289 .commit = backup_commit, 290 .abort = backup_abort, 291 .clean = backup_clean, 292 } 293 }; 294 295 static int64_t backup_calculate_cluster_size(BlockDriverState *target, 296 Error **errp) 297 { 298 int ret; 299 BlockDriverInfo bdi; 300 bool target_does_cow = bdrv_backing_chain_next(target); 301 302 /* 303 * If there is no backing file on the target, we cannot rely on COW if our 304 * backup cluster size is smaller than the target cluster size. Even for 305 * targets with a backing file, try to avoid COW if possible. 306 */ 307 ret = bdrv_get_info(target, &bdi); 308 if (ret == -ENOTSUP && !target_does_cow) { 309 /* Cluster size is not defined */ 310 warn_report("The target block device doesn't provide " 311 "information about the block size and it doesn't have a " 312 "backing file. The default block size of %u bytes is " 313 "used. If the actual block size of the target exceeds " 314 "this default, the backup may be unusable", 315 BACKUP_CLUSTER_SIZE_DEFAULT); 316 return BACKUP_CLUSTER_SIZE_DEFAULT; 317 } else if (ret < 0 && !target_does_cow) { 318 error_setg_errno(errp, -ret, 319 "Couldn't determine the cluster size of the target image, " 320 "which has no backing file"); 321 error_append_hint(errp, 322 "Aborting, since this may create an unusable destination image\n"); 323 return ret; 324 } else if (ret < 0 && target_does_cow) { 325 /* Not fatal; just trudge on ahead. */ 326 return BACKUP_CLUSTER_SIZE_DEFAULT; 327 } 328 329 return MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster_size); 330 } 331 332 BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs, 333 BlockDriverState *target, int64_t speed, 334 MirrorSyncMode sync_mode, BdrvDirtyBitmap *sync_bitmap, 335 BitmapSyncMode bitmap_mode, 336 bool compress, 337 const char *filter_node_name, 338 BlockdevOnError on_source_error, 339 BlockdevOnError on_target_error, 340 int creation_flags, 341 BlockCompletionFunc *cb, void *opaque, 342 JobTxn *txn, Error **errp) 343 { 344 int64_t len, target_len; 345 BackupBlockJob *job = NULL; 346 int64_t cluster_size; 347 BdrvRequestFlags write_flags; 348 BlockDriverState *backup_top = NULL; 349 BlockCopyState *bcs = NULL; 350 351 assert(bs); 352 assert(target); 353 354 /* QMP interface protects us from these cases */ 355 assert(sync_mode != MIRROR_SYNC_MODE_INCREMENTAL); 356 assert(sync_bitmap || sync_mode != MIRROR_SYNC_MODE_BITMAP); 357 358 if (bs == target) { 359 error_setg(errp, "Source and target cannot be the same"); 360 return NULL; 361 } 362 363 if (!bdrv_is_inserted(bs)) { 364 error_setg(errp, "Device is not inserted: %s", 365 bdrv_get_device_name(bs)); 366 return NULL; 367 } 368 369 if (!bdrv_is_inserted(target)) { 370 error_setg(errp, "Device is not inserted: %s", 371 bdrv_get_device_name(target)); 372 return NULL; 373 } 374 375 if (compress && !bdrv_supports_compressed_writes(target)) { 376 error_setg(errp, "Compression is not supported for this drive %s", 377 bdrv_get_device_name(target)); 378 return NULL; 379 } 380 381 if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) { 382 return NULL; 383 } 384 385 if (bdrv_op_is_blocked(target, BLOCK_OP_TYPE_BACKUP_TARGET, errp)) { 386 return NULL; 387 } 388 389 if (sync_bitmap) { 390 /* If we need to write to this bitmap, check that we can: */ 391 if (bitmap_mode != BITMAP_SYNC_MODE_NEVER && 392 bdrv_dirty_bitmap_check(sync_bitmap, BDRV_BITMAP_DEFAULT, errp)) { 393 return NULL; 394 } 395 396 /* Create a new bitmap, and freeze/disable this one. */ 397 if (bdrv_dirty_bitmap_create_successor(sync_bitmap, errp) < 0) { 398 return NULL; 399 } 400 } 401 402 len = bdrv_getlength(bs); 403 if (len < 0) { 404 error_setg_errno(errp, -len, "Unable to get length for '%s'", 405 bdrv_get_device_or_node_name(bs)); 406 goto error; 407 } 408 409 target_len = bdrv_getlength(target); 410 if (target_len < 0) { 411 error_setg_errno(errp, -target_len, "Unable to get length for '%s'", 412 bdrv_get_device_or_node_name(bs)); 413 goto error; 414 } 415 416 if (target_len != len) { 417 error_setg(errp, "Source and target image have different sizes"); 418 goto error; 419 } 420 421 cluster_size = backup_calculate_cluster_size(target, errp); 422 if (cluster_size < 0) { 423 goto error; 424 } 425 426 /* 427 * If source is in backing chain of target assume that target is going to be 428 * used for "image fleecing", i.e. it should represent a kind of snapshot of 429 * source at backup-start point in time. And target is going to be read by 430 * somebody (for example, used as NBD export) during backup job. 431 * 432 * In this case, we need to add BDRV_REQ_SERIALISING write flag to avoid 433 * intersection of backup writes and third party reads from target, 434 * otherwise reading from target we may occasionally read already updated by 435 * guest data. 436 * 437 * For more information see commit f8d59dfb40bb and test 438 * tests/qemu-iotests/222 439 */ 440 write_flags = (bdrv_chain_contains(target, bs) ? BDRV_REQ_SERIALISING : 0) | 441 (compress ? BDRV_REQ_WRITE_COMPRESSED : 0), 442 443 backup_top = bdrv_backup_top_append(bs, target, filter_node_name, 444 cluster_size, write_flags, &bcs, errp); 445 if (!backup_top) { 446 goto error; 447 } 448 449 /* job->len is fixed, so we can't allow resize */ 450 job = block_job_create(job_id, &backup_job_driver, txn, backup_top, 451 0, BLK_PERM_ALL, 452 speed, creation_flags, cb, opaque, errp); 453 if (!job) { 454 goto error; 455 } 456 457 job->backup_top = backup_top; 458 job->source_bs = bs; 459 job->on_source_error = on_source_error; 460 job->on_target_error = on_target_error; 461 job->sync_mode = sync_mode; 462 job->sync_bitmap = sync_bitmap; 463 job->bitmap_mode = bitmap_mode; 464 job->bcs = bcs; 465 job->cluster_size = cluster_size; 466 job->len = len; 467 468 block_copy_set_progress_callback(bcs, backup_progress_bytes_callback, job); 469 block_copy_set_progress_meter(bcs, &job->common.job.progress); 470 471 /* Required permissions are already taken by backup-top target */ 472 block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL, 473 &error_abort); 474 475 return &job->common; 476 477 error: 478 if (sync_bitmap) { 479 bdrv_reclaim_dirty_bitmap(sync_bitmap, NULL); 480 } 481 if (backup_top) { 482 bdrv_backup_top_drop(backup_top); 483 } 484 485 return NULL; 486 } 487