xref: /openbmc/qemu/block/copy-before-write.c (revision d1c637ec)
1 /*
2  * copy-before-write filter driver
3  *
4  * The driver performs Copy-Before-Write (CBW) operation: it is injected above
5  * some node, and before each write it copies _old_ data to the target node.
6  *
7  * Copyright (c) 2018-2021 Virtuozzo International GmbH.
8  *
9  * Author:
10  *  Sementsov-Ogievskiy Vladimir <vsementsov@virtuozzo.com>
11  *
12  * This program is free software; you can redistribute it and/or modify
13  * it under the terms of the GNU General Public License as published by
14  * the Free Software Foundation; either version 2 of the License, or
15  * (at your option) any later version.
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
20  * GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with this program. If not, see <http://www.gnu.org/licenses/>.
24  */
25 
26 #include "qemu/osdep.h"
27 #include "qapi/qmp/qjson.h"
28 
29 #include "sysemu/block-backend.h"
30 #include "qemu/cutils.h"
31 #include "qapi/error.h"
32 #include "block/block_int.h"
33 #include "block/qdict.h"
34 #include "block/block-copy.h"
35 
36 #include "block/copy-before-write.h"
37 #include "block/reqlist.h"
38 
39 #include "qapi/qapi-visit-block-core.h"
40 
41 typedef struct BDRVCopyBeforeWriteState {
42     BlockCopyState *bcs;
43     BdrvChild *target;
44     OnCbwError on_cbw_error;
45     uint32_t cbw_timeout_ns;
46 
47     /*
48      * @lock: protects access to @access_bitmap, @done_bitmap and
49      * @frozen_read_reqs
50      */
51     CoMutex lock;
52 
53     /*
54      * @access_bitmap: represents areas allowed for reading by fleecing user.
55      * Reading from non-dirty areas leads to -EACCES.
56      */
57     BdrvDirtyBitmap *access_bitmap;
58 
59     /*
60      * @done_bitmap: represents areas that was successfully copied to @target by
61      * copy-before-write operations.
62      */
63     BdrvDirtyBitmap *done_bitmap;
64 
65     /*
66      * @frozen_read_reqs: current read requests for fleecing user in bs->file
67      * node. These areas must not be rewritten by guest.
68      */
69     BlockReqList frozen_read_reqs;
70 
71     /*
72      * @snapshot_error is normally zero. But on first copy-before-write failure
73      * when @on_cbw_error == ON_CBW_ERROR_BREAK_SNAPSHOT, @snapshot_error takes
74      * value of this error (<0). After that all in-flight and further
75      * snapshot-API requests will fail with that error.
76      */
77     int snapshot_error;
78 } BDRVCopyBeforeWriteState;
79 
80 static coroutine_fn int cbw_co_preadv(
81         BlockDriverState *bs, int64_t offset, int64_t bytes,
82         QEMUIOVector *qiov, BdrvRequestFlags flags)
83 {
84     return bdrv_co_preadv(bs->file, offset, bytes, qiov, flags);
85 }
86 
87 static void block_copy_cb(void *opaque)
88 {
89     BlockDriverState *bs = opaque;
90 
91     bdrv_dec_in_flight(bs);
92 }
93 
94 /*
95  * Do copy-before-write operation.
96  *
97  * On failure guest request must be failed too.
98  *
99  * On success, we also wait for all in-flight fleecing read requests in source
100  * node, and it's guaranteed that after cbw_do_copy_before_write() successful
101  * return there are no such requests and they will never appear.
102  */
103 static coroutine_fn int cbw_do_copy_before_write(BlockDriverState *bs,
104         uint64_t offset, uint64_t bytes, BdrvRequestFlags flags)
105 {
106     BDRVCopyBeforeWriteState *s = bs->opaque;
107     int ret;
108     uint64_t off, end;
109     int64_t cluster_size = block_copy_cluster_size(s->bcs);
110 
111     if (flags & BDRV_REQ_WRITE_UNCHANGED) {
112         return 0;
113     }
114 
115     if (s->snapshot_error) {
116         return 0;
117     }
118 
119     off = QEMU_ALIGN_DOWN(offset, cluster_size);
120     end = QEMU_ALIGN_UP(offset + bytes, cluster_size);
121 
122     /*
123      * Increase in_flight, so that in case of timed-out block-copy, the
124      * remaining background block_copy() request (which can't be immediately
125      * cancelled by timeout) is presented in bs->in_flight. This way we are
126      * sure that on bs close() we'll previously wait for all timed-out but yet
127      * running block_copy calls.
128      */
129     bdrv_inc_in_flight(bs);
130     ret = block_copy(s->bcs, off, end - off, true, s->cbw_timeout_ns,
131                      block_copy_cb, bs);
132     if (ret < 0 && s->on_cbw_error == ON_CBW_ERROR_BREAK_GUEST_WRITE) {
133         return ret;
134     }
135 
136     WITH_QEMU_LOCK_GUARD(&s->lock) {
137         if (ret < 0) {
138             assert(s->on_cbw_error == ON_CBW_ERROR_BREAK_SNAPSHOT);
139             if (!s->snapshot_error) {
140                 s->snapshot_error = ret;
141             }
142         } else {
143             bdrv_set_dirty_bitmap(s->done_bitmap, off, end - off);
144         }
145         reqlist_wait_all(&s->frozen_read_reqs, off, end - off, &s->lock);
146     }
147 
148     return 0;
149 }
150 
151 static int coroutine_fn cbw_co_pdiscard(BlockDriverState *bs,
152                                         int64_t offset, int64_t bytes)
153 {
154     int ret = cbw_do_copy_before_write(bs, offset, bytes, 0);
155     if (ret < 0) {
156         return ret;
157     }
158 
159     return bdrv_co_pdiscard(bs->file, offset, bytes);
160 }
161 
162 static int coroutine_fn cbw_co_pwrite_zeroes(BlockDriverState *bs,
163         int64_t offset, int64_t bytes, BdrvRequestFlags flags)
164 {
165     int ret = cbw_do_copy_before_write(bs, offset, bytes, flags);
166     if (ret < 0) {
167         return ret;
168     }
169 
170     return bdrv_co_pwrite_zeroes(bs->file, offset, bytes, flags);
171 }
172 
173 static coroutine_fn int cbw_co_pwritev(BlockDriverState *bs,
174                                        int64_t offset,
175                                        int64_t bytes,
176                                        QEMUIOVector *qiov,
177                                        BdrvRequestFlags flags)
178 {
179     int ret = cbw_do_copy_before_write(bs, offset, bytes, flags);
180     if (ret < 0) {
181         return ret;
182     }
183 
184     return bdrv_co_pwritev(bs->file, offset, bytes, qiov, flags);
185 }
186 
187 static int coroutine_fn cbw_co_flush(BlockDriverState *bs)
188 {
189     if (!bs->file) {
190         return 0;
191     }
192 
193     return bdrv_co_flush(bs->file->bs);
194 }
195 
196 /*
197  * If @offset not accessible - return NULL.
198  *
199  * Otherwise, set @pnum to some bytes that accessible from @file (@file is set
200  * to bs->file or to s->target). Return newly allocated BlockReq object that
201  * should be than passed to cbw_snapshot_read_unlock().
202  *
203  * It's guaranteed that guest writes will not interact in the region until
204  * cbw_snapshot_read_unlock() called.
205  */
206 static BlockReq *cbw_snapshot_read_lock(BlockDriverState *bs,
207                                         int64_t offset, int64_t bytes,
208                                         int64_t *pnum, BdrvChild **file)
209 {
210     BDRVCopyBeforeWriteState *s = bs->opaque;
211     BlockReq *req = g_new(BlockReq, 1);
212     bool done;
213 
214     QEMU_LOCK_GUARD(&s->lock);
215 
216     if (s->snapshot_error) {
217         g_free(req);
218         return NULL;
219     }
220 
221     if (bdrv_dirty_bitmap_next_zero(s->access_bitmap, offset, bytes) != -1) {
222         g_free(req);
223         return NULL;
224     }
225 
226     done = bdrv_dirty_bitmap_status(s->done_bitmap, offset, bytes, pnum);
227     if (done) {
228         /*
229          * Special invalid BlockReq, that is handled in
230          * cbw_snapshot_read_unlock(). We don't need to lock something to read
231          * from s->target.
232          */
233         *req = (BlockReq) {.offset = -1, .bytes = -1};
234         *file = s->target;
235     } else {
236         reqlist_init_req(&s->frozen_read_reqs, req, offset, bytes);
237         *file = bs->file;
238     }
239 
240     return req;
241 }
242 
243 static void cbw_snapshot_read_unlock(BlockDriverState *bs, BlockReq *req)
244 {
245     BDRVCopyBeforeWriteState *s = bs->opaque;
246 
247     if (req->offset == -1 && req->bytes == -1) {
248         g_free(req);
249         return;
250     }
251 
252     QEMU_LOCK_GUARD(&s->lock);
253 
254     reqlist_remove_req(req);
255     g_free(req);
256 }
257 
258 static coroutine_fn int
259 cbw_co_preadv_snapshot(BlockDriverState *bs, int64_t offset, int64_t bytes,
260                        QEMUIOVector *qiov, size_t qiov_offset)
261 {
262     BlockReq *req;
263     BdrvChild *file;
264     int ret;
265 
266     /* TODO: upgrade to async loop using AioTask */
267     while (bytes) {
268         int64_t cur_bytes;
269 
270         req = cbw_snapshot_read_lock(bs, offset, bytes, &cur_bytes, &file);
271         if (!req) {
272             return -EACCES;
273         }
274 
275         ret = bdrv_co_preadv_part(file, offset, cur_bytes,
276                                   qiov, qiov_offset, 0);
277         cbw_snapshot_read_unlock(bs, req);
278         if (ret < 0) {
279             return ret;
280         }
281 
282         bytes -= cur_bytes;
283         offset += cur_bytes;
284         qiov_offset += cur_bytes;
285     }
286 
287     return 0;
288 }
289 
290 static int coroutine_fn
291 cbw_co_snapshot_block_status(BlockDriverState *bs,
292                              bool want_zero, int64_t offset, int64_t bytes,
293                              int64_t *pnum, int64_t *map,
294                              BlockDriverState **file)
295 {
296     BDRVCopyBeforeWriteState *s = bs->opaque;
297     BlockReq *req;
298     int ret;
299     int64_t cur_bytes;
300     BdrvChild *child;
301 
302     req = cbw_snapshot_read_lock(bs, offset, bytes, &cur_bytes, &child);
303     if (!req) {
304         return -EACCES;
305     }
306 
307     ret = bdrv_block_status(child->bs, offset, cur_bytes, pnum, map, file);
308     if (child == s->target) {
309         /*
310          * We refer to s->target only for areas that we've written to it.
311          * And we can not report unallocated blocks in s->target: this will
312          * break generic block-status-above logic, that will go to
313          * copy-before-write filtered child in this case.
314          */
315         assert(ret & BDRV_BLOCK_ALLOCATED);
316     }
317 
318     cbw_snapshot_read_unlock(bs, req);
319 
320     return ret;
321 }
322 
323 static int coroutine_fn cbw_co_pdiscard_snapshot(BlockDriverState *bs,
324                                                  int64_t offset, int64_t bytes)
325 {
326     BDRVCopyBeforeWriteState *s = bs->opaque;
327 
328     WITH_QEMU_LOCK_GUARD(&s->lock) {
329         bdrv_reset_dirty_bitmap(s->access_bitmap, offset, bytes);
330     }
331 
332     block_copy_reset(s->bcs, offset, bytes);
333 
334     return bdrv_co_pdiscard(s->target, offset, bytes);
335 }
336 
337 static void cbw_refresh_filename(BlockDriverState *bs)
338 {
339     pstrcpy(bs->exact_filename, sizeof(bs->exact_filename),
340             bs->file->bs->filename);
341 }
342 
343 static void cbw_child_perm(BlockDriverState *bs, BdrvChild *c,
344                            BdrvChildRole role,
345                            BlockReopenQueue *reopen_queue,
346                            uint64_t perm, uint64_t shared,
347                            uint64_t *nperm, uint64_t *nshared)
348 {
349     if (!(role & BDRV_CHILD_FILTERED)) {
350         /*
351          * Target child
352          *
353          * Share write to target (child_file), to not interfere
354          * with guest writes to its disk which may be in target backing chain.
355          * Can't resize during a backup block job because we check the size
356          * only upfront.
357          */
358         *nshared = BLK_PERM_ALL & ~BLK_PERM_RESIZE;
359         *nperm = BLK_PERM_WRITE;
360     } else {
361         /* Source child */
362         bdrv_default_perms(bs, c, role, reopen_queue,
363                            perm, shared, nperm, nshared);
364 
365         if (!QLIST_EMPTY(&bs->parents)) {
366             if (perm & BLK_PERM_WRITE) {
367                 *nperm = *nperm | BLK_PERM_CONSISTENT_READ;
368             }
369             *nshared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
370         }
371     }
372 }
373 
374 static BlockdevOptions *cbw_parse_options(QDict *options, Error **errp)
375 {
376     BlockdevOptions *opts = NULL;
377     Visitor *v = NULL;
378 
379     qdict_put_str(options, "driver", "copy-before-write");
380 
381     v = qobject_input_visitor_new_flat_confused(options, errp);
382     if (!v) {
383         goto out;
384     }
385 
386     visit_type_BlockdevOptions(v, NULL, &opts, errp);
387     if (!opts) {
388         goto out;
389     }
390 
391     /*
392      * Delete options which we are going to parse through BlockdevOptions
393      * object for original options.
394      */
395     qdict_extract_subqdict(options, NULL, "bitmap");
396     qdict_del(options, "on-cbw-error");
397     qdict_del(options, "cbw-timeout");
398 
399 out:
400     visit_free(v);
401     qdict_del(options, "driver");
402 
403     return opts;
404 }
405 
406 static int cbw_open(BlockDriverState *bs, QDict *options, int flags,
407                     Error **errp)
408 {
409     BDRVCopyBeforeWriteState *s = bs->opaque;
410     BdrvDirtyBitmap *bitmap = NULL;
411     int64_t cluster_size;
412     g_autoptr(BlockdevOptions) full_opts = NULL;
413     BlockdevOptionsCbw *opts;
414 
415     full_opts = cbw_parse_options(options, errp);
416     if (!full_opts) {
417         return -EINVAL;
418     }
419     assert(full_opts->driver == BLOCKDEV_DRIVER_COPY_BEFORE_WRITE);
420     opts = &full_opts->u.copy_before_write;
421 
422     bs->file = bdrv_open_child(NULL, options, "file", bs, &child_of_bds,
423                                BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY,
424                                false, errp);
425     if (!bs->file) {
426         return -EINVAL;
427     }
428 
429     s->target = bdrv_open_child(NULL, options, "target", bs, &child_of_bds,
430                                 BDRV_CHILD_DATA, false, errp);
431     if (!s->target) {
432         return -EINVAL;
433     }
434 
435     if (opts->has_bitmap) {
436         bitmap = block_dirty_bitmap_lookup(opts->bitmap->node,
437                                            opts->bitmap->name, NULL, errp);
438         if (!bitmap) {
439             return -EINVAL;
440         }
441     }
442     s->on_cbw_error = opts->has_on_cbw_error ? opts->on_cbw_error :
443             ON_CBW_ERROR_BREAK_GUEST_WRITE;
444     s->cbw_timeout_ns = opts->has_cbw_timeout ?
445         opts->cbw_timeout * NANOSECONDS_PER_SECOND : 0;
446 
447     bs->total_sectors = bs->file->bs->total_sectors;
448     bs->supported_write_flags = BDRV_REQ_WRITE_UNCHANGED |
449             (BDRV_REQ_FUA & bs->file->bs->supported_write_flags);
450     bs->supported_zero_flags = BDRV_REQ_WRITE_UNCHANGED |
451             ((BDRV_REQ_FUA | BDRV_REQ_MAY_UNMAP | BDRV_REQ_NO_FALLBACK) &
452              bs->file->bs->supported_zero_flags);
453 
454     s->bcs = block_copy_state_new(bs->file, s->target, bitmap, errp);
455     if (!s->bcs) {
456         error_prepend(errp, "Cannot create block-copy-state: ");
457         return -EINVAL;
458     }
459 
460     cluster_size = block_copy_cluster_size(s->bcs);
461 
462     s->done_bitmap = bdrv_create_dirty_bitmap(bs, cluster_size, NULL, errp);
463     if (!s->done_bitmap) {
464         return -EINVAL;
465     }
466     bdrv_disable_dirty_bitmap(s->done_bitmap);
467 
468     /* s->access_bitmap starts equal to bcs bitmap */
469     s->access_bitmap = bdrv_create_dirty_bitmap(bs, cluster_size, NULL, errp);
470     if (!s->access_bitmap) {
471         return -EINVAL;
472     }
473     bdrv_disable_dirty_bitmap(s->access_bitmap);
474     bdrv_dirty_bitmap_merge_internal(s->access_bitmap,
475                                      block_copy_dirty_bitmap(s->bcs), NULL,
476                                      true);
477 
478     qemu_co_mutex_init(&s->lock);
479     QLIST_INIT(&s->frozen_read_reqs);
480 
481     return 0;
482 }
483 
484 static void cbw_close(BlockDriverState *bs)
485 {
486     BDRVCopyBeforeWriteState *s = bs->opaque;
487 
488     bdrv_release_dirty_bitmap(s->access_bitmap);
489     bdrv_release_dirty_bitmap(s->done_bitmap);
490 
491     block_copy_state_free(s->bcs);
492     s->bcs = NULL;
493 }
494 
495 BlockDriver bdrv_cbw_filter = {
496     .format_name = "copy-before-write",
497     .instance_size = sizeof(BDRVCopyBeforeWriteState),
498 
499     .bdrv_open                  = cbw_open,
500     .bdrv_close                 = cbw_close,
501 
502     .bdrv_co_preadv             = cbw_co_preadv,
503     .bdrv_co_pwritev            = cbw_co_pwritev,
504     .bdrv_co_pwrite_zeroes      = cbw_co_pwrite_zeroes,
505     .bdrv_co_pdiscard           = cbw_co_pdiscard,
506     .bdrv_co_flush              = cbw_co_flush,
507 
508     .bdrv_co_preadv_snapshot       = cbw_co_preadv_snapshot,
509     .bdrv_co_pdiscard_snapshot     = cbw_co_pdiscard_snapshot,
510     .bdrv_co_snapshot_block_status = cbw_co_snapshot_block_status,
511 
512     .bdrv_refresh_filename      = cbw_refresh_filename,
513 
514     .bdrv_child_perm            = cbw_child_perm,
515 
516     .is_filter = true,
517 };
518 
519 BlockDriverState *bdrv_cbw_append(BlockDriverState *source,
520                                   BlockDriverState *target,
521                                   const char *filter_node_name,
522                                   BlockCopyState **bcs,
523                                   Error **errp)
524 {
525     ERRP_GUARD();
526     BDRVCopyBeforeWriteState *state;
527     BlockDriverState *top;
528     QDict *opts;
529 
530     assert(source->total_sectors == target->total_sectors);
531     GLOBAL_STATE_CODE();
532 
533     opts = qdict_new();
534     qdict_put_str(opts, "driver", "copy-before-write");
535     if (filter_node_name) {
536         qdict_put_str(opts, "node-name", filter_node_name);
537     }
538     qdict_put_str(opts, "file", bdrv_get_node_name(source));
539     qdict_put_str(opts, "target", bdrv_get_node_name(target));
540 
541     top = bdrv_insert_node(source, opts, BDRV_O_RDWR, errp);
542     if (!top) {
543         return NULL;
544     }
545 
546     state = top->opaque;
547     *bcs = state->bcs;
548 
549     return top;
550 }
551 
552 void bdrv_cbw_drop(BlockDriverState *bs)
553 {
554     GLOBAL_STATE_CODE();
555     bdrv_drop_filter(bs, &error_abort);
556     bdrv_unref(bs);
557 }
558 
559 static void cbw_init(void)
560 {
561     bdrv_register(&bdrv_cbw_filter);
562 }
563 
564 block_init(cbw_init);
565