xref: /openbmc/qemu/block/linux-aio.c (revision d43624c400597aec18dff917c1424b807bbb473d)
1 /*
2  * Linux native AIO support.
3  *
4  * Copyright (C) 2009 IBM, Corp.
5  * Copyright (C) 2009 Red Hat, Inc.
6  *
7  * This work is licensed under the terms of the GNU GPL, version 2 or later.
8  * See the COPYING file in the top-level directory.
9  */
10 #include "qemu/osdep.h"
11 #include "block/aio.h"
12 #include "qemu/queue.h"
13 #include "block/block.h"
14 #include "block/raw-aio.h"
15 #include "qemu/event_notifier.h"
16 #include "qemu/coroutine.h"
17 #include "qapi/error.h"
18 
19 #include <libaio.h>
20 
21 /*
22  * Queue size (per-device).
23  *
24  * XXX: eventually we need to communicate this to the guest and/or make it
25  *      tunable by the guest.  If we get more outstanding requests at a time
26  *      than this we will get EAGAIN from io_submit which is communicated to
27  *      the guest as an I/O error.
28  */
29 #define MAX_EVENTS 1024
30 
31 struct qemu_laiocb {
32     Coroutine *co;
33     LinuxAioState *ctx;
34     struct iocb iocb;
35     ssize_t ret;
36     size_t nbytes;
37     QEMUIOVector *qiov;
38     bool is_read;
39     QSIMPLEQ_ENTRY(qemu_laiocb) next;
40 };
41 
42 typedef struct {
43     int plugged;
44     unsigned int in_queue;
45     unsigned int in_flight;
46     bool blocked;
47     QSIMPLEQ_HEAD(, qemu_laiocb) pending;
48 } LaioQueue;
49 
50 struct LinuxAioState {
51     AioContext *aio_context;
52 
53     io_context_t ctx;
54     EventNotifier e;
55 
56     /* io queue for submit at batch.  Protected by AioContext lock. */
57     LaioQueue io_q;
58 
59     /* I/O completion processing.  Only runs in I/O thread.  */
60     QEMUBH *completion_bh;
61     int event_idx;
62     int event_max;
63 };
64 
65 static void ioq_submit(LinuxAioState *s);
66 
67 static inline ssize_t io_event_ret(struct io_event *ev)
68 {
69     return (ssize_t)(((uint64_t)ev->res2 << 32) | ev->res);
70 }
71 
72 /*
73  * Completes an AIO request.
74  */
75 static void qemu_laio_process_completion(struct qemu_laiocb *laiocb)
76 {
77     int ret;
78 
79     ret = laiocb->ret;
80     if (ret != -ECANCELED) {
81         if (ret == laiocb->nbytes) {
82             ret = 0;
83         } else if (ret >= 0) {
84             /* Short reads mean EOF, pad with zeros. */
85             if (laiocb->is_read) {
86                 qemu_iovec_memset(laiocb->qiov, ret, 0,
87                     laiocb->qiov->size - ret);
88             } else {
89                 ret = -ENOSPC;
90             }
91         }
92     }
93 
94     laiocb->ret = ret;
95 
96     /*
97      * If the coroutine is already entered it must be in ioq_submit() and
98      * will notice laio->ret has been filled in when it eventually runs
99      * later.  Coroutines cannot be entered recursively so avoid doing
100      * that!
101      */
102     if (!qemu_coroutine_entered(laiocb->co)) {
103         aio_co_wake(laiocb->co);
104     }
105 }
106 
107 /**
108  * aio_ring buffer which is shared between userspace and kernel.
109  *
110  * This copied from linux/fs/aio.c, common header does not exist
111  * but AIO exists for ages so we assume ABI is stable.
112  */
113 struct aio_ring {
114     unsigned    id;    /* kernel internal index number */
115     unsigned    nr;    /* number of io_events */
116     unsigned    head;  /* Written to by userland or by kernel. */
117     unsigned    tail;
118 
119     unsigned    magic;
120     unsigned    compat_features;
121     unsigned    incompat_features;
122     unsigned    header_length;  /* size of aio_ring */
123 
124     struct io_event io_events[];
125 };
126 
127 /**
128  * io_getevents_peek:
129  * @ctx: AIO context
130  * @events: pointer on events array, output value
131 
132  * Returns the number of completed events and sets a pointer
133  * on events array.  This function does not update the internal
134  * ring buffer, only reads head and tail.  When @events has been
135  * processed io_getevents_commit() must be called.
136  */
137 static inline unsigned int io_getevents_peek(io_context_t ctx,
138                                              struct io_event **events)
139 {
140     struct aio_ring *ring = (struct aio_ring *)ctx;
141     unsigned int head = ring->head, tail = ring->tail;
142     unsigned int nr;
143 
144     nr = tail >= head ? tail - head : ring->nr - head;
145     *events = ring->io_events + head;
146     /* To avoid speculative loads of s->events[i] before observing tail.
147        Paired with smp_wmb() inside linux/fs/aio.c: aio_complete(). */
148     smp_rmb();
149 
150     return nr;
151 }
152 
153 /**
154  * io_getevents_commit:
155  * @ctx: AIO context
156  * @nr: the number of events on which head should be advanced
157  *
158  * Advances head of a ring buffer.
159  */
160 static inline void io_getevents_commit(io_context_t ctx, unsigned int nr)
161 {
162     struct aio_ring *ring = (struct aio_ring *)ctx;
163 
164     if (nr) {
165         ring->head = (ring->head + nr) % ring->nr;
166     }
167 }
168 
169 /**
170  * io_getevents_advance_and_peek:
171  * @ctx: AIO context
172  * @events: pointer on events array, output value
173  * @nr: the number of events on which head should be advanced
174  *
175  * Advances head of a ring buffer and returns number of elements left.
176  */
177 static inline unsigned int
178 io_getevents_advance_and_peek(io_context_t ctx,
179                               struct io_event **events,
180                               unsigned int nr)
181 {
182     io_getevents_commit(ctx, nr);
183     return io_getevents_peek(ctx, events);
184 }
185 
186 /**
187  * qemu_laio_process_completions:
188  * @s: AIO state
189  *
190  * Fetches completed I/O requests and invokes their callbacks.
191  *
192  * The function is somewhat tricky because it supports nested event loops, for
193  * example when a request callback invokes aio_poll().  In order to do this,
194  * indices are kept in LinuxAioState.  Function schedules BH completion so it
195  * can be called again in a nested event loop.  When there are no events left
196  * to complete the BH is being canceled.
197  */
198 static void qemu_laio_process_completions(LinuxAioState *s)
199 {
200     struct io_event *events;
201 
202     /* Reschedule so nested event loops see currently pending completions */
203     qemu_bh_schedule(s->completion_bh);
204 
205     while ((s->event_max = io_getevents_advance_and_peek(s->ctx, &events,
206                                                          s->event_idx))) {
207         for (s->event_idx = 0; s->event_idx < s->event_max; ) {
208             struct iocb *iocb = events[s->event_idx].obj;
209             struct qemu_laiocb *laiocb =
210                 container_of(iocb, struct qemu_laiocb, iocb);
211 
212             laiocb->ret = io_event_ret(&events[s->event_idx]);
213 
214             /* Change counters one-by-one because we can be nested. */
215             s->io_q.in_flight--;
216             s->event_idx++;
217             qemu_laio_process_completion(laiocb);
218         }
219     }
220 
221     qemu_bh_cancel(s->completion_bh);
222 
223     /* If we are nested we have to notify the level above that we are done
224      * by setting event_max to zero, upper level will then jump out of it's
225      * own `for` loop.  If we are the last all counters droped to zero. */
226     s->event_max = 0;
227     s->event_idx = 0;
228 }
229 
230 static void qemu_laio_process_completions_and_submit(LinuxAioState *s)
231 {
232     aio_context_acquire(s->aio_context);
233     qemu_laio_process_completions(s);
234 
235     if (!s->io_q.plugged && !QSIMPLEQ_EMPTY(&s->io_q.pending)) {
236         ioq_submit(s);
237     }
238     aio_context_release(s->aio_context);
239 }
240 
241 static void qemu_laio_completion_bh(void *opaque)
242 {
243     LinuxAioState *s = opaque;
244 
245     qemu_laio_process_completions_and_submit(s);
246 }
247 
248 static void qemu_laio_completion_cb(EventNotifier *e)
249 {
250     LinuxAioState *s = container_of(e, LinuxAioState, e);
251 
252     if (event_notifier_test_and_clear(&s->e)) {
253         qemu_laio_process_completions_and_submit(s);
254     }
255 }
256 
257 static bool qemu_laio_poll_cb(void *opaque)
258 {
259     EventNotifier *e = opaque;
260     LinuxAioState *s = container_of(e, LinuxAioState, e);
261     struct io_event *events;
262 
263     if (!io_getevents_peek(s->ctx, &events)) {
264         return false;
265     }
266 
267     qemu_laio_process_completions_and_submit(s);
268     return true;
269 }
270 
271 static void ioq_init(LaioQueue *io_q)
272 {
273     QSIMPLEQ_INIT(&io_q->pending);
274     io_q->plugged = 0;
275     io_q->in_queue = 0;
276     io_q->in_flight = 0;
277     io_q->blocked = false;
278 }
279 
280 static void ioq_submit(LinuxAioState *s)
281 {
282     int ret, len;
283     struct qemu_laiocb *aiocb;
284     struct iocb *iocbs[MAX_EVENTS];
285     QSIMPLEQ_HEAD(, qemu_laiocb) completed;
286 
287     do {
288         if (s->io_q.in_flight >= MAX_EVENTS) {
289             break;
290         }
291         len = 0;
292         QSIMPLEQ_FOREACH(aiocb, &s->io_q.pending, next) {
293             iocbs[len++] = &aiocb->iocb;
294             if (s->io_q.in_flight + len >= MAX_EVENTS) {
295                 break;
296             }
297         }
298 
299         ret = io_submit(s->ctx, len, iocbs);
300         if (ret == -EAGAIN) {
301             break;
302         }
303         if (ret < 0) {
304             /* Fail the first request, retry the rest */
305             aiocb = QSIMPLEQ_FIRST(&s->io_q.pending);
306             QSIMPLEQ_REMOVE_HEAD(&s->io_q.pending, next);
307             s->io_q.in_queue--;
308             aiocb->ret = ret;
309             qemu_laio_process_completion(aiocb);
310             continue;
311         }
312 
313         s->io_q.in_flight += ret;
314         s->io_q.in_queue  -= ret;
315         aiocb = container_of(iocbs[ret - 1], struct qemu_laiocb, iocb);
316         QSIMPLEQ_SPLIT_AFTER(&s->io_q.pending, aiocb, next, &completed);
317     } while (ret == len && !QSIMPLEQ_EMPTY(&s->io_q.pending));
318     s->io_q.blocked = (s->io_q.in_queue > 0);
319 
320     if (s->io_q.in_flight) {
321         /* We can try to complete something just right away if there are
322          * still requests in-flight. */
323         qemu_laio_process_completions(s);
324         /*
325          * Even we have completed everything (in_flight == 0), the queue can
326          * have still pended requests (in_queue > 0).  We do not attempt to
327          * repeat submission to avoid IO hang.  The reason is simple: s->e is
328          * still set and completion callback will be called shortly and all
329          * pended requests will be submitted from there.
330          */
331     }
332 }
333 
334 void laio_io_plug(BlockDriverState *bs, LinuxAioState *s)
335 {
336     s->io_q.plugged++;
337 }
338 
339 void laio_io_unplug(BlockDriverState *bs, LinuxAioState *s)
340 {
341     assert(s->io_q.plugged);
342     if (--s->io_q.plugged == 0 &&
343         !s->io_q.blocked && !QSIMPLEQ_EMPTY(&s->io_q.pending)) {
344         ioq_submit(s);
345     }
346 }
347 
348 static int laio_do_submit(int fd, struct qemu_laiocb *laiocb, off_t offset,
349                           int type)
350 {
351     LinuxAioState *s = laiocb->ctx;
352     struct iocb *iocbs = &laiocb->iocb;
353     QEMUIOVector *qiov = laiocb->qiov;
354 
355     switch (type) {
356     case QEMU_AIO_WRITE:
357         io_prep_pwritev(iocbs, fd, qiov->iov, qiov->niov, offset);
358         break;
359     case QEMU_AIO_READ:
360         io_prep_preadv(iocbs, fd, qiov->iov, qiov->niov, offset);
361         break;
362     /* Currently Linux kernel does not support other operations */
363     default:
364         fprintf(stderr, "%s: invalid AIO request type 0x%x.\n",
365                         __func__, type);
366         return -EIO;
367     }
368     io_set_eventfd(&laiocb->iocb, event_notifier_get_fd(&s->e));
369 
370     QSIMPLEQ_INSERT_TAIL(&s->io_q.pending, laiocb, next);
371     s->io_q.in_queue++;
372     if (!s->io_q.blocked &&
373         (!s->io_q.plugged ||
374          s->io_q.in_flight + s->io_q.in_queue >= MAX_EVENTS)) {
375         ioq_submit(s);
376     }
377 
378     return 0;
379 }
380 
381 int coroutine_fn laio_co_submit(BlockDriverState *bs, LinuxAioState *s, int fd,
382                                 uint64_t offset, QEMUIOVector *qiov, int type)
383 {
384     int ret;
385     struct qemu_laiocb laiocb = {
386         .co         = qemu_coroutine_self(),
387         .nbytes     = qiov->size,
388         .ctx        = s,
389         .ret        = -EINPROGRESS,
390         .is_read    = (type == QEMU_AIO_READ),
391         .qiov       = qiov,
392     };
393 
394     ret = laio_do_submit(fd, &laiocb, offset, type);
395     if (ret < 0) {
396         return ret;
397     }
398 
399     if (laiocb.ret == -EINPROGRESS) {
400         qemu_coroutine_yield();
401     }
402     return laiocb.ret;
403 }
404 
405 void laio_detach_aio_context(LinuxAioState *s, AioContext *old_context)
406 {
407     aio_set_event_notifier(old_context, &s->e, false, NULL, NULL);
408     qemu_bh_delete(s->completion_bh);
409     s->aio_context = NULL;
410 }
411 
412 void laio_attach_aio_context(LinuxAioState *s, AioContext *new_context)
413 {
414     s->aio_context = new_context;
415     s->completion_bh = aio_bh_new(new_context, qemu_laio_completion_bh, s);
416     aio_set_event_notifier(new_context, &s->e, false,
417                            qemu_laio_completion_cb,
418                            qemu_laio_poll_cb);
419 }
420 
421 LinuxAioState *laio_init(Error **errp)
422 {
423     int rc;
424     LinuxAioState *s;
425 
426     s = g_malloc0(sizeof(*s));
427     rc = event_notifier_init(&s->e, false);
428     if (rc < 0) {
429         error_setg_errno(errp, -rc, "failed to to initialize event notifier");
430         goto out_free_state;
431     }
432 
433     rc = io_setup(MAX_EVENTS, &s->ctx);
434     if (rc < 0) {
435         error_setg_errno(errp, -rc, "failed to create linux AIO context");
436         goto out_close_efd;
437     }
438 
439     ioq_init(&s->io_q);
440 
441     return s;
442 
443 out_close_efd:
444     event_notifier_cleanup(&s->e);
445 out_free_state:
446     g_free(s);
447     return NULL;
448 }
449 
450 void laio_cleanup(LinuxAioState *s)
451 {
452     event_notifier_cleanup(&s->e);
453 
454     if (io_destroy(s->ctx) != 0) {
455         fprintf(stderr, "%s: destroy AIO context %p failed\n",
456                         __func__, &s->ctx);
457     }
458     g_free(s);
459 }
460