xref: /openbmc/qemu/block/replication.c (revision 701bff24)
1 /*
2  * Replication Block filter
3  *
4  * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
5  * Copyright (c) 2016 Intel Corporation
6  * Copyright (c) 2016 FUJITSU LIMITED
7  *
8  * Author:
9  *   Wen Congyang <wency@cn.fujitsu.com>
10  *
11  * This work is licensed under the terms of the GNU GPL, version 2 or later.
12  * See the COPYING file in the top-level directory.
13  */
14 
15 #include "qemu/osdep.h"
16 #include "qemu/module.h"
17 #include "qemu/option.h"
18 #include "block/nbd.h"
19 #include "block/blockjob.h"
20 #include "block/block_int.h"
21 #include "block/block_backup.h"
22 #include "sysemu/block-backend.h"
23 #include "qapi/error.h"
24 #include "qapi/qmp/qdict.h"
25 #include "block/replication.h"
26 
27 typedef enum {
28     BLOCK_REPLICATION_NONE,             /* block replication is not started */
29     BLOCK_REPLICATION_RUNNING,          /* block replication is running */
30     BLOCK_REPLICATION_FAILOVER,         /* failover is running in background */
31     BLOCK_REPLICATION_FAILOVER_FAILED,  /* failover failed */
32     BLOCK_REPLICATION_DONE,             /* block replication is done */
33 } ReplicationStage;
34 
35 typedef struct BDRVReplicationState {
36     ReplicationMode mode;
37     ReplicationStage stage;
38     BlockJob *commit_job;
39     BdrvChild *hidden_disk;
40     BdrvChild *secondary_disk;
41     BlockJob *backup_job;
42     char *top_id;
43     ReplicationState *rs;
44     Error *blocker;
45     bool orig_hidden_read_only;
46     bool orig_secondary_read_only;
47     int error;
48 } BDRVReplicationState;
49 
50 static void replication_start(ReplicationState *rs, ReplicationMode mode,
51                               Error **errp);
52 static void replication_do_checkpoint(ReplicationState *rs, Error **errp);
53 static void replication_get_error(ReplicationState *rs, Error **errp);
54 static void replication_stop(ReplicationState *rs, bool failover,
55                              Error **errp);
56 
57 #define REPLICATION_MODE        "mode"
58 #define REPLICATION_TOP_ID      "top-id"
59 static QemuOptsList replication_runtime_opts = {
60     .name = "replication",
61     .head = QTAILQ_HEAD_INITIALIZER(replication_runtime_opts.head),
62     .desc = {
63         {
64             .name = REPLICATION_MODE,
65             .type = QEMU_OPT_STRING,
66         },
67         {
68             .name = REPLICATION_TOP_ID,
69             .type = QEMU_OPT_STRING,
70         },
71         { /* end of list */ }
72     },
73 };
74 
75 static ReplicationOps replication_ops = {
76     .start = replication_start,
77     .checkpoint = replication_do_checkpoint,
78     .get_error = replication_get_error,
79     .stop = replication_stop,
80 };
81 
82 static int replication_open(BlockDriverState *bs, QDict *options,
83                             int flags, Error **errp)
84 {
85     int ret;
86     BDRVReplicationState *s = bs->opaque;
87     QemuOpts *opts = NULL;
88     const char *mode;
89     const char *top_id;
90 
91     bs->file = bdrv_open_child(NULL, options, "file", bs, &child_of_bds,
92                                BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY,
93                                false, errp);
94     if (!bs->file) {
95         return -EINVAL;
96     }
97 
98     ret = -EINVAL;
99     opts = qemu_opts_create(&replication_runtime_opts, NULL, 0, &error_abort);
100     if (!qemu_opts_absorb_qdict(opts, options, errp)) {
101         goto fail;
102     }
103 
104     mode = qemu_opt_get(opts, REPLICATION_MODE);
105     if (!mode) {
106         error_setg(errp, "Missing the option mode");
107         goto fail;
108     }
109 
110     if (!strcmp(mode, "primary")) {
111         s->mode = REPLICATION_MODE_PRIMARY;
112         top_id = qemu_opt_get(opts, REPLICATION_TOP_ID);
113         if (top_id) {
114             error_setg(errp,
115                        "The primary side does not support option top-id");
116             goto fail;
117         }
118     } else if (!strcmp(mode, "secondary")) {
119         s->mode = REPLICATION_MODE_SECONDARY;
120         top_id = qemu_opt_get(opts, REPLICATION_TOP_ID);
121         s->top_id = g_strdup(top_id);
122         if (!s->top_id) {
123             error_setg(errp, "Missing the option top-id");
124             goto fail;
125         }
126     } else {
127         error_setg(errp,
128                    "The option mode's value should be primary or secondary");
129         goto fail;
130     }
131 
132     s->rs = replication_new(bs, &replication_ops);
133 
134     ret = 0;
135 
136 fail:
137     qemu_opts_del(opts);
138     return ret;
139 }
140 
141 static void replication_close(BlockDriverState *bs)
142 {
143     BDRVReplicationState *s = bs->opaque;
144     Job *commit_job;
145     GLOBAL_STATE_CODE();
146 
147     if (s->stage == BLOCK_REPLICATION_RUNNING) {
148         replication_stop(s->rs, false, NULL);
149     }
150     if (s->stage == BLOCK_REPLICATION_FAILOVER) {
151         commit_job = &s->commit_job->job;
152         assert(commit_job->aio_context == qemu_get_current_aio_context());
153         job_cancel_sync(commit_job, false);
154     }
155 
156     if (s->mode == REPLICATION_MODE_SECONDARY) {
157         g_free(s->top_id);
158     }
159 
160     replication_remove(s->rs);
161 }
162 
163 static void replication_child_perm(BlockDriverState *bs, BdrvChild *c,
164                                    BdrvChildRole role,
165                                    BlockReopenQueue *reopen_queue,
166                                    uint64_t perm, uint64_t shared,
167                                    uint64_t *nperm, uint64_t *nshared)
168 {
169     if (role & BDRV_CHILD_PRIMARY) {
170         *nperm = BLK_PERM_CONSISTENT_READ;
171     } else {
172         *nperm = 0;
173     }
174 
175     if ((bs->open_flags & (BDRV_O_INACTIVE | BDRV_O_RDWR)) == BDRV_O_RDWR) {
176         *nperm |= BLK_PERM_WRITE;
177     }
178     *nshared = BLK_PERM_CONSISTENT_READ
179                | BLK_PERM_WRITE
180                | BLK_PERM_WRITE_UNCHANGED;
181     return;
182 }
183 
184 static int64_t replication_getlength(BlockDriverState *bs)
185 {
186     return bdrv_getlength(bs->file->bs);
187 }
188 
189 static int replication_get_io_status(BDRVReplicationState *s)
190 {
191     switch (s->stage) {
192     case BLOCK_REPLICATION_NONE:
193         return -EIO;
194     case BLOCK_REPLICATION_RUNNING:
195         return 0;
196     case BLOCK_REPLICATION_FAILOVER:
197         return s->mode == REPLICATION_MODE_PRIMARY ? -EIO : 0;
198     case BLOCK_REPLICATION_FAILOVER_FAILED:
199         return s->mode == REPLICATION_MODE_PRIMARY ? -EIO : 1;
200     case BLOCK_REPLICATION_DONE:
201         /*
202          * active commit job completes, and active disk and secondary_disk
203          * is swapped, so we can operate bs->file directly
204          */
205         return s->mode == REPLICATION_MODE_PRIMARY ? -EIO : 0;
206     default:
207         abort();
208     }
209 }
210 
211 static int replication_return_value(BDRVReplicationState *s, int ret)
212 {
213     if (s->mode == REPLICATION_MODE_SECONDARY) {
214         return ret;
215     }
216 
217     if (ret < 0) {
218         s->error = ret;
219         ret = 0;
220     }
221 
222     return ret;
223 }
224 
225 static coroutine_fn int replication_co_readv(BlockDriverState *bs,
226                                              int64_t sector_num,
227                                              int remaining_sectors,
228                                              QEMUIOVector *qiov)
229 {
230     BDRVReplicationState *s = bs->opaque;
231     int ret;
232 
233     if (s->mode == REPLICATION_MODE_PRIMARY) {
234         /* We only use it to forward primary write requests */
235         return -EIO;
236     }
237 
238     ret = replication_get_io_status(s);
239     if (ret < 0) {
240         return ret;
241     }
242 
243     ret = bdrv_co_preadv(bs->file, sector_num * BDRV_SECTOR_SIZE,
244                          remaining_sectors * BDRV_SECTOR_SIZE, qiov, 0);
245 
246     return replication_return_value(s, ret);
247 }
248 
249 static coroutine_fn int replication_co_writev(BlockDriverState *bs,
250                                               int64_t sector_num,
251                                               int remaining_sectors,
252                                               QEMUIOVector *qiov,
253                                               int flags)
254 {
255     BDRVReplicationState *s = bs->opaque;
256     QEMUIOVector hd_qiov;
257     uint64_t bytes_done = 0;
258     BdrvChild *top = bs->file;
259     BdrvChild *base = s->secondary_disk;
260     BdrvChild *target;
261     int ret;
262     int64_t n;
263 
264     ret = replication_get_io_status(s);
265     if (ret < 0) {
266         goto out;
267     }
268 
269     if (ret == 0) {
270         ret = bdrv_co_pwritev(top, sector_num * BDRV_SECTOR_SIZE,
271                               remaining_sectors * BDRV_SECTOR_SIZE, qiov, 0);
272         return replication_return_value(s, ret);
273     }
274 
275     /*
276      * Failover failed, only write to active disk if the sectors
277      * have already been allocated in active disk/hidden disk.
278      */
279     qemu_iovec_init(&hd_qiov, qiov->niov);
280     while (remaining_sectors > 0) {
281         int64_t count;
282 
283         ret = bdrv_is_allocated_above(top->bs, base->bs, false,
284                                       sector_num * BDRV_SECTOR_SIZE,
285                                       remaining_sectors * BDRV_SECTOR_SIZE,
286                                       &count);
287         if (ret < 0) {
288             goto out1;
289         }
290 
291         assert(QEMU_IS_ALIGNED(count, BDRV_SECTOR_SIZE));
292         n = count >> BDRV_SECTOR_BITS;
293         qemu_iovec_reset(&hd_qiov);
294         qemu_iovec_concat(&hd_qiov, qiov, bytes_done, count);
295 
296         target = ret ? top : base;
297         ret = bdrv_co_pwritev(target, sector_num * BDRV_SECTOR_SIZE,
298                               n * BDRV_SECTOR_SIZE, &hd_qiov, 0);
299         if (ret < 0) {
300             goto out1;
301         }
302 
303         remaining_sectors -= n;
304         sector_num += n;
305         bytes_done += count;
306     }
307 
308 out1:
309     qemu_iovec_destroy(&hd_qiov);
310 out:
311     return ret;
312 }
313 
314 static void secondary_do_checkpoint(BlockDriverState *bs, Error **errp)
315 {
316     BDRVReplicationState *s = bs->opaque;
317     BdrvChild *active_disk = bs->file;
318     Error *local_err = NULL;
319     int ret;
320 
321     if (!s->backup_job) {
322         error_setg(errp, "Backup job was cancelled unexpectedly");
323         return;
324     }
325 
326     backup_do_checkpoint(s->backup_job, &local_err);
327     if (local_err) {
328         error_propagate(errp, local_err);
329         return;
330     }
331 
332     if (!active_disk->bs->drv) {
333         error_setg(errp, "Active disk %s is ejected",
334                    active_disk->bs->node_name);
335         return;
336     }
337 
338     ret = bdrv_make_empty(active_disk, errp);
339     if (ret < 0) {
340         return;
341     }
342 
343     if (!s->hidden_disk->bs->drv) {
344         error_setg(errp, "Hidden disk %s is ejected",
345                    s->hidden_disk->bs->node_name);
346         return;
347     }
348 
349     ret = bdrv_make_empty(s->hidden_disk, errp);
350     if (ret < 0) {
351         return;
352     }
353 }
354 
355 /* This function is supposed to be called twice:
356  * first with writable = true, then with writable = false.
357  * The first call puts s->hidden_disk and s->secondary_disk in
358  * r/w mode, and the second puts them back in their original state.
359  */
360 static void reopen_backing_file(BlockDriverState *bs, bool writable,
361                                 Error **errp)
362 {
363     BDRVReplicationState *s = bs->opaque;
364     BdrvChild *hidden_disk, *secondary_disk;
365     BlockReopenQueue *reopen_queue = NULL;
366 
367     /*
368      * s->hidden_disk and s->secondary_disk may not be set yet, as they will
369      * only be set after the children are writable.
370      */
371     hidden_disk = bs->file->bs->backing;
372     secondary_disk = hidden_disk->bs->backing;
373 
374     if (writable) {
375         s->orig_hidden_read_only = bdrv_is_read_only(hidden_disk->bs);
376         s->orig_secondary_read_only = bdrv_is_read_only(secondary_disk->bs);
377     }
378 
379     bdrv_subtree_drained_begin(hidden_disk->bs);
380     bdrv_subtree_drained_begin(secondary_disk->bs);
381 
382     if (s->orig_hidden_read_only) {
383         QDict *opts = qdict_new();
384         qdict_put_bool(opts, BDRV_OPT_READ_ONLY, !writable);
385         reopen_queue = bdrv_reopen_queue(reopen_queue, hidden_disk->bs,
386                                          opts, true);
387     }
388 
389     if (s->orig_secondary_read_only) {
390         QDict *opts = qdict_new();
391         qdict_put_bool(opts, BDRV_OPT_READ_ONLY, !writable);
392         reopen_queue = bdrv_reopen_queue(reopen_queue, secondary_disk->bs,
393                                          opts, true);
394     }
395 
396     if (reopen_queue) {
397         AioContext *ctx = bdrv_get_aio_context(bs);
398         if (ctx != qemu_get_aio_context()) {
399             aio_context_release(ctx);
400         }
401         bdrv_reopen_multiple(reopen_queue, errp);
402         if (ctx != qemu_get_aio_context()) {
403             aio_context_acquire(ctx);
404         }
405     }
406 
407     bdrv_subtree_drained_end(hidden_disk->bs);
408     bdrv_subtree_drained_end(secondary_disk->bs);
409 }
410 
411 static void backup_job_cleanup(BlockDriverState *bs)
412 {
413     BDRVReplicationState *s = bs->opaque;
414     BlockDriverState *top_bs;
415 
416     s->backup_job = NULL;
417 
418     top_bs = bdrv_lookup_bs(s->top_id, s->top_id, NULL);
419     if (!top_bs) {
420         return;
421     }
422     bdrv_op_unblock_all(top_bs, s->blocker);
423     error_free(s->blocker);
424     reopen_backing_file(bs, false, NULL);
425 }
426 
427 static void backup_job_completed(void *opaque, int ret)
428 {
429     BlockDriverState *bs = opaque;
430     BDRVReplicationState *s = bs->opaque;
431 
432     if (s->stage != BLOCK_REPLICATION_FAILOVER) {
433         /* The backup job is cancelled unexpectedly */
434         s->error = -EIO;
435     }
436 
437     backup_job_cleanup(bs);
438 }
439 
440 static bool check_top_bs(BlockDriverState *top_bs, BlockDriverState *bs)
441 {
442     BdrvChild *child;
443 
444     /* The bs itself is the top_bs */
445     if (top_bs == bs) {
446         return true;
447     }
448 
449     /* Iterate over top_bs's children */
450     QLIST_FOREACH(child, &top_bs->children, next) {
451         if (child->bs == bs || check_top_bs(child->bs, bs)) {
452             return true;
453         }
454     }
455 
456     return false;
457 }
458 
459 static void replication_start(ReplicationState *rs, ReplicationMode mode,
460                               Error **errp)
461 {
462     BlockDriverState *bs = rs->opaque;
463     BDRVReplicationState *s;
464     BlockDriverState *top_bs;
465     BdrvChild *active_disk, *hidden_disk, *secondary_disk;
466     int64_t active_length, hidden_length, disk_length;
467     AioContext *aio_context;
468     Error *local_err = NULL;
469     BackupPerf perf = { .use_copy_range = true, .max_workers = 1 };
470 
471     aio_context = bdrv_get_aio_context(bs);
472     aio_context_acquire(aio_context);
473     s = bs->opaque;
474 
475     if (s->stage == BLOCK_REPLICATION_DONE ||
476         s->stage == BLOCK_REPLICATION_FAILOVER) {
477         /*
478          * This case happens when a secondary is promoted to primary.
479          * Ignore the request because the secondary side of replication
480          * doesn't have to do anything anymore.
481          */
482         aio_context_release(aio_context);
483         return;
484     }
485 
486     if (s->stage != BLOCK_REPLICATION_NONE) {
487         error_setg(errp, "Block replication is running or done");
488         aio_context_release(aio_context);
489         return;
490     }
491 
492     if (s->mode != mode) {
493         error_setg(errp, "The parameter mode's value is invalid, needs %d,"
494                    " but got %d", s->mode, mode);
495         aio_context_release(aio_context);
496         return;
497     }
498 
499     switch (s->mode) {
500     case REPLICATION_MODE_PRIMARY:
501         break;
502     case REPLICATION_MODE_SECONDARY:
503         active_disk = bs->file;
504         if (!active_disk || !active_disk->bs || !active_disk->bs->backing) {
505             error_setg(errp, "Active disk doesn't have backing file");
506             aio_context_release(aio_context);
507             return;
508         }
509 
510         hidden_disk = active_disk->bs->backing;
511         if (!hidden_disk->bs || !hidden_disk->bs->backing) {
512             error_setg(errp, "Hidden disk doesn't have backing file");
513             aio_context_release(aio_context);
514             return;
515         }
516 
517         secondary_disk = hidden_disk->bs->backing;
518         if (!secondary_disk->bs || !bdrv_has_blk(secondary_disk->bs)) {
519             error_setg(errp, "The secondary disk doesn't have block backend");
520             aio_context_release(aio_context);
521             return;
522         }
523 
524         /* verify the length */
525         active_length = bdrv_getlength(active_disk->bs);
526         hidden_length = bdrv_getlength(hidden_disk->bs);
527         disk_length = bdrv_getlength(secondary_disk->bs);
528         if (active_length < 0 || hidden_length < 0 || disk_length < 0 ||
529             active_length != hidden_length || hidden_length != disk_length) {
530             error_setg(errp, "Active disk, hidden disk, secondary disk's length"
531                        " are not the same");
532             aio_context_release(aio_context);
533             return;
534         }
535 
536         /* Must be true, or the bdrv_getlength() calls would have failed */
537         assert(active_disk->bs->drv && hidden_disk->bs->drv);
538 
539         if (!active_disk->bs->drv->bdrv_make_empty ||
540             !hidden_disk->bs->drv->bdrv_make_empty) {
541             error_setg(errp,
542                        "Active disk or hidden disk doesn't support make_empty");
543             aio_context_release(aio_context);
544             return;
545         }
546 
547         /* reopen the backing file in r/w mode */
548         reopen_backing_file(bs, true, &local_err);
549         if (local_err) {
550             error_propagate(errp, local_err);
551             aio_context_release(aio_context);
552             return;
553         }
554 
555         bdrv_ref(hidden_disk->bs);
556         s->hidden_disk = bdrv_attach_child(bs, hidden_disk->bs, "hidden disk",
557                                            &child_of_bds, BDRV_CHILD_DATA,
558                                            &local_err);
559         if (local_err) {
560             error_propagate(errp, local_err);
561             aio_context_release(aio_context);
562             return;
563         }
564 
565         bdrv_ref(secondary_disk->bs);
566         s->secondary_disk = bdrv_attach_child(bs, secondary_disk->bs,
567                                               "secondary disk", &child_of_bds,
568                                               BDRV_CHILD_DATA, &local_err);
569         if (local_err) {
570             error_propagate(errp, local_err);
571             aio_context_release(aio_context);
572             return;
573         }
574 
575         /* start backup job now */
576         error_setg(&s->blocker,
577                    "Block device is in use by internal backup job");
578 
579         top_bs = bdrv_lookup_bs(s->top_id, s->top_id, NULL);
580         if (!top_bs || !bdrv_is_root_node(top_bs) ||
581             !check_top_bs(top_bs, bs)) {
582             error_setg(errp, "No top_bs or it is invalid");
583             reopen_backing_file(bs, false, NULL);
584             aio_context_release(aio_context);
585             return;
586         }
587         bdrv_op_block_all(top_bs, s->blocker);
588         bdrv_op_unblock(top_bs, BLOCK_OP_TYPE_DATAPLANE, s->blocker);
589 
590         s->backup_job = backup_job_create(
591                                 NULL, s->secondary_disk->bs, s->hidden_disk->bs,
592                                 0, MIRROR_SYNC_MODE_NONE, NULL, 0, false, NULL,
593                                 &perf,
594                                 BLOCKDEV_ON_ERROR_REPORT,
595                                 BLOCKDEV_ON_ERROR_REPORT, JOB_INTERNAL,
596                                 backup_job_completed, bs, NULL, &local_err);
597         if (local_err) {
598             error_propagate(errp, local_err);
599             backup_job_cleanup(bs);
600             aio_context_release(aio_context);
601             return;
602         }
603         job_start(&s->backup_job->job);
604         break;
605     default:
606         aio_context_release(aio_context);
607         abort();
608     }
609 
610     s->stage = BLOCK_REPLICATION_RUNNING;
611 
612     if (s->mode == REPLICATION_MODE_SECONDARY) {
613         secondary_do_checkpoint(bs, errp);
614     }
615 
616     s->error = 0;
617     aio_context_release(aio_context);
618 }
619 
620 static void replication_do_checkpoint(ReplicationState *rs, Error **errp)
621 {
622     BlockDriverState *bs = rs->opaque;
623     BDRVReplicationState *s;
624     AioContext *aio_context;
625 
626     aio_context = bdrv_get_aio_context(bs);
627     aio_context_acquire(aio_context);
628     s = bs->opaque;
629 
630     if (s->stage == BLOCK_REPLICATION_DONE ||
631         s->stage == BLOCK_REPLICATION_FAILOVER) {
632         /*
633          * This case happens when a secondary was promoted to primary.
634          * Ignore the request because the secondary side of replication
635          * doesn't have to do anything anymore.
636          */
637         aio_context_release(aio_context);
638         return;
639     }
640 
641     if (s->mode == REPLICATION_MODE_SECONDARY) {
642         secondary_do_checkpoint(bs, errp);
643     }
644     aio_context_release(aio_context);
645 }
646 
647 static void replication_get_error(ReplicationState *rs, Error **errp)
648 {
649     BlockDriverState *bs = rs->opaque;
650     BDRVReplicationState *s;
651     AioContext *aio_context;
652 
653     aio_context = bdrv_get_aio_context(bs);
654     aio_context_acquire(aio_context);
655     s = bs->opaque;
656 
657     if (s->stage == BLOCK_REPLICATION_NONE) {
658         error_setg(errp, "Block replication is not running");
659         aio_context_release(aio_context);
660         return;
661     }
662 
663     if (s->error) {
664         error_setg(errp, "I/O error occurred");
665         aio_context_release(aio_context);
666         return;
667     }
668     aio_context_release(aio_context);
669 }
670 
671 static void replication_done(void *opaque, int ret)
672 {
673     BlockDriverState *bs = opaque;
674     BDRVReplicationState *s = bs->opaque;
675 
676     if (ret == 0) {
677         s->stage = BLOCK_REPLICATION_DONE;
678 
679         bdrv_unref_child(bs, s->secondary_disk);
680         s->secondary_disk = NULL;
681         bdrv_unref_child(bs, s->hidden_disk);
682         s->hidden_disk = NULL;
683         s->error = 0;
684     } else {
685         s->stage = BLOCK_REPLICATION_FAILOVER_FAILED;
686         s->error = -EIO;
687     }
688 }
689 
690 static void replication_stop(ReplicationState *rs, bool failover, Error **errp)
691 {
692     BlockDriverState *bs = rs->opaque;
693     BDRVReplicationState *s;
694     AioContext *aio_context;
695 
696     aio_context = bdrv_get_aio_context(bs);
697     aio_context_acquire(aio_context);
698     s = bs->opaque;
699 
700     if (s->stage == BLOCK_REPLICATION_DONE ||
701         s->stage == BLOCK_REPLICATION_FAILOVER) {
702         /*
703          * This case happens when a secondary was promoted to primary.
704          * Ignore the request because the secondary side of replication
705          * doesn't have to do anything anymore.
706          */
707         aio_context_release(aio_context);
708         return;
709     }
710 
711     if (s->stage != BLOCK_REPLICATION_RUNNING) {
712         error_setg(errp, "Block replication is not running");
713         aio_context_release(aio_context);
714         return;
715     }
716 
717     switch (s->mode) {
718     case REPLICATION_MODE_PRIMARY:
719         s->stage = BLOCK_REPLICATION_DONE;
720         s->error = 0;
721         break;
722     case REPLICATION_MODE_SECONDARY:
723         /*
724          * This BDS will be closed, and the job should be completed
725          * before the BDS is closed, because we will access hidden
726          * disk, secondary disk in backup_job_completed().
727          */
728         if (s->backup_job) {
729             aio_context_release(aio_context);
730             job_cancel_sync(&s->backup_job->job, true);
731             aio_context_acquire(aio_context);
732         }
733 
734         if (!failover) {
735             secondary_do_checkpoint(bs, errp);
736             s->stage = BLOCK_REPLICATION_DONE;
737             aio_context_release(aio_context);
738             return;
739         }
740 
741         s->stage = BLOCK_REPLICATION_FAILOVER;
742         s->commit_job = commit_active_start(
743                             NULL, bs->file->bs, s->secondary_disk->bs,
744                             JOB_INTERNAL, 0, BLOCKDEV_ON_ERROR_REPORT,
745                             NULL, replication_done, bs, true, errp);
746         break;
747     default:
748         aio_context_release(aio_context);
749         abort();
750     }
751     aio_context_release(aio_context);
752 }
753 
754 static const char *const replication_strong_runtime_opts[] = {
755     REPLICATION_MODE,
756     REPLICATION_TOP_ID,
757 
758     NULL
759 };
760 
761 static BlockDriver bdrv_replication = {
762     .format_name                = "replication",
763     .instance_size              = sizeof(BDRVReplicationState),
764 
765     .bdrv_open                  = replication_open,
766     .bdrv_close                 = replication_close,
767     .bdrv_child_perm            = replication_child_perm,
768 
769     .bdrv_getlength             = replication_getlength,
770     .bdrv_co_readv              = replication_co_readv,
771     .bdrv_co_writev             = replication_co_writev,
772 
773     .is_filter                  = true,
774 
775     .has_variable_length        = true,
776     .strong_runtime_opts        = replication_strong_runtime_opts,
777 };
778 
779 static void bdrv_replication_init(void)
780 {
781     bdrv_register(&bdrv_replication);
782 }
783 
784 block_init(bdrv_replication_init);
785