xref: /openbmc/qemu/blockdev.c (revision 35d08458)
1 /*
2  * QEMU host block devices
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  * This work is licensed under the terms of the GNU GPL, version 2 or
7  * later.  See the COPYING file in the top-level directory.
8  *
9  * This file incorporates work covered by the following copyright and
10  * permission notice:
11  *
12  * Copyright (c) 2003-2008 Fabrice Bellard
13  *
14  * Permission is hereby granted, free of charge, to any person obtaining a copy
15  * of this software and associated documentation files (the "Software"), to deal
16  * in the Software without restriction, including without limitation the rights
17  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
18  * copies of the Software, and to permit persons to whom the Software is
19  * furnished to do so, subject to the following conditions:
20  *
21  * The above copyright notice and this permission notice shall be included in
22  * all copies or substantial portions of the Software.
23  *
24  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
25  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
26  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
27  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
28  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
29  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
30  * THE SOFTWARE.
31  */
32 
33 #include "sysemu/blockdev.h"
34 #include "hw/block/block.h"
35 #include "block/blockjob.h"
36 #include "monitor/monitor.h"
37 #include "qapi/qmp/qerror.h"
38 #include "qemu/option.h"
39 #include "qemu/config-file.h"
40 #include "qapi/qmp/types.h"
41 #include "qapi-visit.h"
42 #include "qapi/qmp-output-visitor.h"
43 #include "sysemu/sysemu.h"
44 #include "block/block_int.h"
45 #include "qmp-commands.h"
46 #include "trace.h"
47 #include "sysemu/arch_init.h"
48 
49 static QTAILQ_HEAD(drivelist, DriveInfo) drives = QTAILQ_HEAD_INITIALIZER(drives);
50 
51 static const char *const if_name[IF_COUNT] = {
52     [IF_NONE] = "none",
53     [IF_IDE] = "ide",
54     [IF_SCSI] = "scsi",
55     [IF_FLOPPY] = "floppy",
56     [IF_PFLASH] = "pflash",
57     [IF_MTD] = "mtd",
58     [IF_SD] = "sd",
59     [IF_VIRTIO] = "virtio",
60     [IF_XEN] = "xen",
61 };
62 
63 static const int if_max_devs[IF_COUNT] = {
64     /*
65      * Do not change these numbers!  They govern how drive option
66      * index maps to unit and bus.  That mapping is ABI.
67      *
68      * All controllers used to imlement if=T drives need to support
69      * if_max_devs[T] units, for any T with if_max_devs[T] != 0.
70      * Otherwise, some index values map to "impossible" bus, unit
71      * values.
72      *
73      * For instance, if you change [IF_SCSI] to 255, -drive
74      * if=scsi,index=12 no longer means bus=1,unit=5, but
75      * bus=0,unit=12.  With an lsi53c895a controller (7 units max),
76      * the drive can't be set up.  Regression.
77      */
78     [IF_IDE] = 2,
79     [IF_SCSI] = 7,
80 };
81 
82 /*
83  * We automatically delete the drive when a device using it gets
84  * unplugged.  Questionable feature, but we can't just drop it.
85  * Device models call blockdev_mark_auto_del() to schedule the
86  * automatic deletion, and generic qdev code calls blockdev_auto_del()
87  * when deletion is actually safe.
88  */
89 void blockdev_mark_auto_del(BlockDriverState *bs)
90 {
91     DriveInfo *dinfo = drive_get_by_blockdev(bs);
92 
93     if (dinfo && !dinfo->enable_auto_del) {
94         return;
95     }
96 
97     if (bs->job) {
98         block_job_cancel(bs->job);
99     }
100     if (dinfo) {
101         dinfo->auto_del = 1;
102     }
103 }
104 
105 void blockdev_auto_del(BlockDriverState *bs)
106 {
107     DriveInfo *dinfo = drive_get_by_blockdev(bs);
108 
109     if (dinfo && dinfo->auto_del) {
110         drive_put_ref(dinfo);
111     }
112 }
113 
114 static int drive_index_to_bus_id(BlockInterfaceType type, int index)
115 {
116     int max_devs = if_max_devs[type];
117     return max_devs ? index / max_devs : 0;
118 }
119 
120 static int drive_index_to_unit_id(BlockInterfaceType type, int index)
121 {
122     int max_devs = if_max_devs[type];
123     return max_devs ? index % max_devs : index;
124 }
125 
126 QemuOpts *drive_def(const char *optstr)
127 {
128     return qemu_opts_parse(qemu_find_opts("drive"), optstr, 0);
129 }
130 
131 QemuOpts *drive_add(BlockInterfaceType type, int index, const char *file,
132                     const char *optstr)
133 {
134     QemuOpts *opts;
135     char buf[32];
136 
137     opts = drive_def(optstr);
138     if (!opts) {
139         return NULL;
140     }
141     if (type != IF_DEFAULT) {
142         qemu_opt_set(opts, "if", if_name[type]);
143     }
144     if (index >= 0) {
145         snprintf(buf, sizeof(buf), "%d", index);
146         qemu_opt_set(opts, "index", buf);
147     }
148     if (file)
149         qemu_opt_set(opts, "file", file);
150     return opts;
151 }
152 
153 DriveInfo *drive_get(BlockInterfaceType type, int bus, int unit)
154 {
155     DriveInfo *dinfo;
156 
157     /* seek interface, bus and unit */
158 
159     QTAILQ_FOREACH(dinfo, &drives, next) {
160         if (dinfo->type == type &&
161 	    dinfo->bus == bus &&
162 	    dinfo->unit == unit)
163             return dinfo;
164     }
165 
166     return NULL;
167 }
168 
169 DriveInfo *drive_get_by_index(BlockInterfaceType type, int index)
170 {
171     return drive_get(type,
172                      drive_index_to_bus_id(type, index),
173                      drive_index_to_unit_id(type, index));
174 }
175 
176 int drive_get_max_bus(BlockInterfaceType type)
177 {
178     int max_bus;
179     DriveInfo *dinfo;
180 
181     max_bus = -1;
182     QTAILQ_FOREACH(dinfo, &drives, next) {
183         if(dinfo->type == type &&
184            dinfo->bus > max_bus)
185             max_bus = dinfo->bus;
186     }
187     return max_bus;
188 }
189 
190 /* Get a block device.  This should only be used for single-drive devices
191    (e.g. SD/Floppy/MTD).  Multi-disk devices (scsi/ide) should use the
192    appropriate bus.  */
193 DriveInfo *drive_get_next(BlockInterfaceType type)
194 {
195     static int next_block_unit[IF_COUNT];
196 
197     return drive_get(type, 0, next_block_unit[type]++);
198 }
199 
200 DriveInfo *drive_get_by_blockdev(BlockDriverState *bs)
201 {
202     DriveInfo *dinfo;
203 
204     QTAILQ_FOREACH(dinfo, &drives, next) {
205         if (dinfo->bdrv == bs) {
206             return dinfo;
207         }
208     }
209     return NULL;
210 }
211 
212 static void bdrv_format_print(void *opaque, const char *name)
213 {
214     error_printf(" %s", name);
215 }
216 
217 static void drive_uninit(DriveInfo *dinfo)
218 {
219     if (dinfo->opts) {
220         qemu_opts_del(dinfo->opts);
221     }
222 
223     bdrv_unref(dinfo->bdrv);
224     g_free(dinfo->id);
225     QTAILQ_REMOVE(&drives, dinfo, next);
226     g_free(dinfo->serial);
227     g_free(dinfo);
228 }
229 
230 void drive_put_ref(DriveInfo *dinfo)
231 {
232     assert(dinfo->refcount);
233     if (--dinfo->refcount == 0) {
234         drive_uninit(dinfo);
235     }
236 }
237 
238 void drive_get_ref(DriveInfo *dinfo)
239 {
240     dinfo->refcount++;
241 }
242 
243 typedef struct {
244     QEMUBH *bh;
245     BlockDriverState *bs;
246 } BDRVPutRefBH;
247 
248 static void bdrv_put_ref_bh(void *opaque)
249 {
250     BDRVPutRefBH *s = opaque;
251 
252     bdrv_unref(s->bs);
253     qemu_bh_delete(s->bh);
254     g_free(s);
255 }
256 
257 /*
258  * Release a BDS reference in a BH
259  *
260  * It is not safe to use bdrv_unref() from a callback function when the callers
261  * still need the BlockDriverState.  In such cases we schedule a BH to release
262  * the reference.
263  */
264 static void bdrv_put_ref_bh_schedule(BlockDriverState *bs)
265 {
266     BDRVPutRefBH *s;
267 
268     s = g_new(BDRVPutRefBH, 1);
269     s->bh = qemu_bh_new(bdrv_put_ref_bh, s);
270     s->bs = bs;
271     qemu_bh_schedule(s->bh);
272 }
273 
274 static int parse_block_error_action(const char *buf, bool is_read, Error **errp)
275 {
276     if (!strcmp(buf, "ignore")) {
277         return BLOCKDEV_ON_ERROR_IGNORE;
278     } else if (!is_read && !strcmp(buf, "enospc")) {
279         return BLOCKDEV_ON_ERROR_ENOSPC;
280     } else if (!strcmp(buf, "stop")) {
281         return BLOCKDEV_ON_ERROR_STOP;
282     } else if (!strcmp(buf, "report")) {
283         return BLOCKDEV_ON_ERROR_REPORT;
284     } else {
285         error_setg(errp, "'%s' invalid %s error action",
286                    buf, is_read ? "read" : "write");
287         return -1;
288     }
289 }
290 
291 static bool check_throttle_config(ThrottleConfig *cfg, Error **errp)
292 {
293     if (throttle_conflicting(cfg)) {
294         error_setg(errp, "bps/iops/max total values and read/write values"
295                          " cannot be used at the same time");
296         return false;
297     }
298 
299     if (!throttle_is_valid(cfg)) {
300         error_setg(errp, "bps/iops/maxs values must be 0 or greater");
301         return false;
302     }
303 
304     return true;
305 }
306 
307 typedef enum { MEDIA_DISK, MEDIA_CDROM } DriveMediaType;
308 
309 /* Takes the ownership of bs_opts */
310 static DriveInfo *blockdev_init(const char *file, QDict *bs_opts,
311                                 Error **errp)
312 {
313     const char *buf;
314     const char *serial;
315     int ro = 0;
316     int bdrv_flags = 0;
317     int on_read_error, on_write_error;
318     DriveInfo *dinfo;
319     ThrottleConfig cfg;
320     int snapshot = 0;
321     bool copy_on_read;
322     int ret;
323     Error *error = NULL;
324     QemuOpts *opts;
325     const char *id;
326     bool has_driver_specific_opts;
327     BlockDriver *drv = NULL;
328 
329     /* Check common options by copying from bs_opts to opts, all other options
330      * stay in bs_opts for processing by bdrv_open(). */
331     id = qdict_get_try_str(bs_opts, "id");
332     opts = qemu_opts_create(&qemu_common_drive_opts, id, 1, &error);
333     if (error) {
334         error_propagate(errp, error);
335         return NULL;
336     }
337 
338     qemu_opts_absorb_qdict(opts, bs_opts, &error);
339     if (error) {
340         error_propagate(errp, error);
341         goto early_err;
342     }
343 
344     if (id) {
345         qdict_del(bs_opts, "id");
346     }
347 
348     has_driver_specific_opts = !!qdict_size(bs_opts);
349 
350     /* extract parameters */
351     snapshot = qemu_opt_get_bool(opts, "snapshot", 0);
352     ro = qemu_opt_get_bool(opts, "read-only", 0);
353     copy_on_read = qemu_opt_get_bool(opts, "copy-on-read", false);
354 
355     serial = qemu_opt_get(opts, "serial");
356 
357     if ((buf = qemu_opt_get(opts, "discard")) != NULL) {
358         if (bdrv_parse_discard_flags(buf, &bdrv_flags) != 0) {
359             error_setg(errp, "invalid discard option");
360             goto early_err;
361         }
362     }
363 
364     if (qemu_opt_get_bool(opts, "cache.writeback", true)) {
365         bdrv_flags |= BDRV_O_CACHE_WB;
366     }
367     if (qemu_opt_get_bool(opts, "cache.direct", false)) {
368         bdrv_flags |= BDRV_O_NOCACHE;
369     }
370     if (qemu_opt_get_bool(opts, "cache.no-flush", false)) {
371         bdrv_flags |= BDRV_O_NO_FLUSH;
372     }
373 
374 #ifdef CONFIG_LINUX_AIO
375     if ((buf = qemu_opt_get(opts, "aio")) != NULL) {
376         if (!strcmp(buf, "native")) {
377             bdrv_flags |= BDRV_O_NATIVE_AIO;
378         } else if (!strcmp(buf, "threads")) {
379             /* this is the default */
380         } else {
381            error_setg(errp, "invalid aio option");
382            goto early_err;
383         }
384     }
385 #endif
386 
387     if ((buf = qemu_opt_get(opts, "format")) != NULL) {
388         if (is_help_option(buf)) {
389             error_printf("Supported formats:");
390             bdrv_iterate_format(bdrv_format_print, NULL);
391             error_printf("\n");
392             goto early_err;
393         }
394 
395         drv = bdrv_find_format(buf);
396         if (!drv) {
397             error_setg(errp, "'%s' invalid format", buf);
398             goto early_err;
399         }
400     }
401 
402     /* disk I/O throttling */
403     memset(&cfg, 0, sizeof(cfg));
404     cfg.buckets[THROTTLE_BPS_TOTAL].avg =
405         qemu_opt_get_number(opts, "throttling.bps-total", 0);
406     cfg.buckets[THROTTLE_BPS_READ].avg  =
407         qemu_opt_get_number(opts, "throttling.bps-read", 0);
408     cfg.buckets[THROTTLE_BPS_WRITE].avg =
409         qemu_opt_get_number(opts, "throttling.bps-write", 0);
410     cfg.buckets[THROTTLE_OPS_TOTAL].avg =
411         qemu_opt_get_number(opts, "throttling.iops-total", 0);
412     cfg.buckets[THROTTLE_OPS_READ].avg =
413         qemu_opt_get_number(opts, "throttling.iops-read", 0);
414     cfg.buckets[THROTTLE_OPS_WRITE].avg =
415         qemu_opt_get_number(opts, "throttling.iops-write", 0);
416 
417     cfg.buckets[THROTTLE_BPS_TOTAL].max =
418         qemu_opt_get_number(opts, "throttling.bps-total-max", 0);
419     cfg.buckets[THROTTLE_BPS_READ].max  =
420         qemu_opt_get_number(opts, "throttling.bps-read-max", 0);
421     cfg.buckets[THROTTLE_BPS_WRITE].max =
422         qemu_opt_get_number(opts, "throttling.bps-write-max", 0);
423     cfg.buckets[THROTTLE_OPS_TOTAL].max =
424         qemu_opt_get_number(opts, "throttling.iops-total-max", 0);
425     cfg.buckets[THROTTLE_OPS_READ].max =
426         qemu_opt_get_number(opts, "throttling.iops-read-max", 0);
427     cfg.buckets[THROTTLE_OPS_WRITE].max =
428         qemu_opt_get_number(opts, "throttling.iops-write-max", 0);
429 
430     cfg.op_size = qemu_opt_get_number(opts, "throttling.iops-size", 0);
431 
432     if (!check_throttle_config(&cfg, &error)) {
433         error_propagate(errp, error);
434         goto early_err;
435     }
436 
437     on_write_error = BLOCKDEV_ON_ERROR_ENOSPC;
438     if ((buf = qemu_opt_get(opts, "werror")) != NULL) {
439         on_write_error = parse_block_error_action(buf, 0, &error);
440         if (error) {
441             error_propagate(errp, error);
442             goto early_err;
443         }
444     }
445 
446     on_read_error = BLOCKDEV_ON_ERROR_REPORT;
447     if ((buf = qemu_opt_get(opts, "rerror")) != NULL) {
448         on_read_error = parse_block_error_action(buf, 1, &error);
449         if (error) {
450             error_propagate(errp, error);
451             goto early_err;
452         }
453     }
454 
455     /* init */
456     dinfo = g_malloc0(sizeof(*dinfo));
457     dinfo->id = g_strdup(qemu_opts_id(opts));
458     dinfo->bdrv = bdrv_new(dinfo->id, &error);
459     if (error) {
460         error_propagate(errp, error);
461         goto bdrv_new_err;
462     }
463     dinfo->bdrv->open_flags = snapshot ? BDRV_O_SNAPSHOT : 0;
464     dinfo->bdrv->read_only = ro;
465     dinfo->refcount = 1;
466     if (serial != NULL) {
467         dinfo->serial = g_strdup(serial);
468     }
469     QTAILQ_INSERT_TAIL(&drives, dinfo, next);
470 
471     bdrv_set_on_error(dinfo->bdrv, on_read_error, on_write_error);
472 
473     /* disk I/O throttling */
474     if (throttle_enabled(&cfg)) {
475         bdrv_io_limits_enable(dinfo->bdrv);
476         bdrv_set_io_limits(dinfo->bdrv, &cfg);
477     }
478 
479     if (!file || !*file) {
480         if (has_driver_specific_opts) {
481             file = NULL;
482         } else {
483             QDECREF(bs_opts);
484             qemu_opts_del(opts);
485             return dinfo;
486         }
487     }
488     if (snapshot) {
489         /* always use cache=unsafe with snapshot */
490         bdrv_flags &= ~BDRV_O_CACHE_MASK;
491         bdrv_flags |= (BDRV_O_SNAPSHOT|BDRV_O_CACHE_WB|BDRV_O_NO_FLUSH);
492     }
493 
494     if (copy_on_read) {
495         bdrv_flags |= BDRV_O_COPY_ON_READ;
496     }
497 
498     if (runstate_check(RUN_STATE_INMIGRATE)) {
499         bdrv_flags |= BDRV_O_INCOMING;
500     }
501 
502     bdrv_flags |= ro ? 0 : BDRV_O_RDWR;
503 
504     QINCREF(bs_opts);
505     ret = bdrv_open(&dinfo->bdrv, file, NULL, bs_opts, bdrv_flags, drv, &error);
506 
507     if (ret < 0) {
508         error_setg(errp, "could not open disk image %s: %s",
509                    file ?: dinfo->id, error_get_pretty(error));
510         error_free(error);
511         goto err;
512     }
513 
514     if (bdrv_key_required(dinfo->bdrv))
515         autostart = 0;
516 
517     QDECREF(bs_opts);
518     qemu_opts_del(opts);
519 
520     return dinfo;
521 
522 err:
523     bdrv_unref(dinfo->bdrv);
524     QTAILQ_REMOVE(&drives, dinfo, next);
525 bdrv_new_err:
526     g_free(dinfo->id);
527     g_free(dinfo);
528 early_err:
529     QDECREF(bs_opts);
530     qemu_opts_del(opts);
531     return NULL;
532 }
533 
534 static void qemu_opt_rename(QemuOpts *opts, const char *from, const char *to)
535 {
536     const char *value;
537 
538     value = qemu_opt_get(opts, from);
539     if (value) {
540         qemu_opt_set(opts, to, value);
541         qemu_opt_unset(opts, from);
542     }
543 }
544 
545 QemuOptsList qemu_legacy_drive_opts = {
546     .name = "drive",
547     .head = QTAILQ_HEAD_INITIALIZER(qemu_legacy_drive_opts.head),
548     .desc = {
549         {
550             .name = "bus",
551             .type = QEMU_OPT_NUMBER,
552             .help = "bus number",
553         },{
554             .name = "unit",
555             .type = QEMU_OPT_NUMBER,
556             .help = "unit number (i.e. lun for scsi)",
557         },{
558             .name = "index",
559             .type = QEMU_OPT_NUMBER,
560             .help = "index number",
561         },{
562             .name = "media",
563             .type = QEMU_OPT_STRING,
564             .help = "media type (disk, cdrom)",
565         },{
566             .name = "if",
567             .type = QEMU_OPT_STRING,
568             .help = "interface (ide, scsi, sd, mtd, floppy, pflash, virtio)",
569         },{
570             .name = "cyls",
571             .type = QEMU_OPT_NUMBER,
572             .help = "number of cylinders (ide disk geometry)",
573         },{
574             .name = "heads",
575             .type = QEMU_OPT_NUMBER,
576             .help = "number of heads (ide disk geometry)",
577         },{
578             .name = "secs",
579             .type = QEMU_OPT_NUMBER,
580             .help = "number of sectors (ide disk geometry)",
581         },{
582             .name = "trans",
583             .type = QEMU_OPT_STRING,
584             .help = "chs translation (auto, lba, none)",
585         },{
586             .name = "boot",
587             .type = QEMU_OPT_BOOL,
588             .help = "(deprecated, ignored)",
589         },{
590             .name = "addr",
591             .type = QEMU_OPT_STRING,
592             .help = "pci address (virtio only)",
593         },{
594             .name = "file",
595             .type = QEMU_OPT_STRING,
596             .help = "file name",
597         },
598 
599         /* Options that are passed on, but have special semantics with -drive */
600         {
601             .name = "read-only",
602             .type = QEMU_OPT_BOOL,
603             .help = "open drive file as read-only",
604         },{
605             .name = "rerror",
606             .type = QEMU_OPT_STRING,
607             .help = "read error action",
608         },{
609             .name = "werror",
610             .type = QEMU_OPT_STRING,
611             .help = "write error action",
612         },{
613             .name = "copy-on-read",
614             .type = QEMU_OPT_BOOL,
615             .help = "copy read data from backing file into image file",
616         },
617 
618         { /* end of list */ }
619     },
620 };
621 
622 DriveInfo *drive_init(QemuOpts *all_opts, BlockInterfaceType block_default_type)
623 {
624     const char *value;
625     DriveInfo *dinfo = NULL;
626     QDict *bs_opts;
627     QemuOpts *legacy_opts;
628     DriveMediaType media = MEDIA_DISK;
629     BlockInterfaceType type;
630     int cyls, heads, secs, translation;
631     int max_devs, bus_id, unit_id, index;
632     const char *devaddr;
633     const char *werror, *rerror;
634     bool read_only = false;
635     bool copy_on_read;
636     const char *filename;
637     Error *local_err = NULL;
638 
639     /* Change legacy command line options into QMP ones */
640     qemu_opt_rename(all_opts, "iops", "throttling.iops-total");
641     qemu_opt_rename(all_opts, "iops_rd", "throttling.iops-read");
642     qemu_opt_rename(all_opts, "iops_wr", "throttling.iops-write");
643 
644     qemu_opt_rename(all_opts, "bps", "throttling.bps-total");
645     qemu_opt_rename(all_opts, "bps_rd", "throttling.bps-read");
646     qemu_opt_rename(all_opts, "bps_wr", "throttling.bps-write");
647 
648     qemu_opt_rename(all_opts, "iops_max", "throttling.iops-total-max");
649     qemu_opt_rename(all_opts, "iops_rd_max", "throttling.iops-read-max");
650     qemu_opt_rename(all_opts, "iops_wr_max", "throttling.iops-write-max");
651 
652     qemu_opt_rename(all_opts, "bps_max", "throttling.bps-total-max");
653     qemu_opt_rename(all_opts, "bps_rd_max", "throttling.bps-read-max");
654     qemu_opt_rename(all_opts, "bps_wr_max", "throttling.bps-write-max");
655 
656     qemu_opt_rename(all_opts,
657                     "iops_size", "throttling.iops-size");
658 
659     qemu_opt_rename(all_opts, "readonly", "read-only");
660 
661     value = qemu_opt_get(all_opts, "cache");
662     if (value) {
663         int flags = 0;
664 
665         if (bdrv_parse_cache_flags(value, &flags) != 0) {
666             error_report("invalid cache option");
667             return NULL;
668         }
669 
670         /* Specific options take precedence */
671         if (!qemu_opt_get(all_opts, "cache.writeback")) {
672             qemu_opt_set_bool(all_opts, "cache.writeback",
673                               !!(flags & BDRV_O_CACHE_WB));
674         }
675         if (!qemu_opt_get(all_opts, "cache.direct")) {
676             qemu_opt_set_bool(all_opts, "cache.direct",
677                               !!(flags & BDRV_O_NOCACHE));
678         }
679         if (!qemu_opt_get(all_opts, "cache.no-flush")) {
680             qemu_opt_set_bool(all_opts, "cache.no-flush",
681                               !!(flags & BDRV_O_NO_FLUSH));
682         }
683         qemu_opt_unset(all_opts, "cache");
684     }
685 
686     /* Get a QDict for processing the options */
687     bs_opts = qdict_new();
688     qemu_opts_to_qdict(all_opts, bs_opts);
689 
690     legacy_opts = qemu_opts_create(&qemu_legacy_drive_opts, NULL, 0,
691                                    &error_abort);
692     qemu_opts_absorb_qdict(legacy_opts, bs_opts, &local_err);
693     if (local_err) {
694         qerror_report_err(local_err);
695         error_free(local_err);
696         goto fail;
697     }
698 
699     /* Deprecated option boot=[on|off] */
700     if (qemu_opt_get(legacy_opts, "boot") != NULL) {
701         fprintf(stderr, "qemu-kvm: boot=on|off is deprecated and will be "
702                 "ignored. Future versions will reject this parameter. Please "
703                 "update your scripts.\n");
704     }
705 
706     /* Media type */
707     value = qemu_opt_get(legacy_opts, "media");
708     if (value) {
709         if (!strcmp(value, "disk")) {
710             media = MEDIA_DISK;
711         } else if (!strcmp(value, "cdrom")) {
712             media = MEDIA_CDROM;
713             read_only = true;
714         } else {
715             error_report("'%s' invalid media", value);
716             goto fail;
717         }
718     }
719 
720     /* copy-on-read is disabled with a warning for read-only devices */
721     read_only |= qemu_opt_get_bool(legacy_opts, "read-only", false);
722     copy_on_read = qemu_opt_get_bool(legacy_opts, "copy-on-read", false);
723 
724     if (read_only && copy_on_read) {
725         error_report("warning: disabling copy-on-read on read-only drive");
726         copy_on_read = false;
727     }
728 
729     qdict_put(bs_opts, "read-only",
730               qstring_from_str(read_only ? "on" : "off"));
731     qdict_put(bs_opts, "copy-on-read",
732               qstring_from_str(copy_on_read ? "on" :"off"));
733 
734     /* Controller type */
735     value = qemu_opt_get(legacy_opts, "if");
736     if (value) {
737         for (type = 0;
738              type < IF_COUNT && strcmp(value, if_name[type]);
739              type++) {
740         }
741         if (type == IF_COUNT) {
742             error_report("unsupported bus type '%s'", value);
743             goto fail;
744         }
745     } else {
746         type = block_default_type;
747     }
748 
749     /* Geometry */
750     cyls  = qemu_opt_get_number(legacy_opts, "cyls", 0);
751     heads = qemu_opt_get_number(legacy_opts, "heads", 0);
752     secs  = qemu_opt_get_number(legacy_opts, "secs", 0);
753 
754     if (cyls || heads || secs) {
755         if (cyls < 1) {
756             error_report("invalid physical cyls number");
757             goto fail;
758         }
759         if (heads < 1) {
760             error_report("invalid physical heads number");
761             goto fail;
762         }
763         if (secs < 1) {
764             error_report("invalid physical secs number");
765             goto fail;
766         }
767     }
768 
769     translation = BIOS_ATA_TRANSLATION_AUTO;
770     value = qemu_opt_get(legacy_opts, "trans");
771     if (value != NULL) {
772         if (!cyls) {
773             error_report("'%s' trans must be used with cyls, heads and secs",
774                          value);
775             goto fail;
776         }
777         if (!strcmp(value, "none")) {
778             translation = BIOS_ATA_TRANSLATION_NONE;
779         } else if (!strcmp(value, "lba")) {
780             translation = BIOS_ATA_TRANSLATION_LBA;
781         } else if (!strcmp(value, "large")) {
782             translation = BIOS_ATA_TRANSLATION_LARGE;
783         } else if (!strcmp(value, "rechs")) {
784             translation = BIOS_ATA_TRANSLATION_RECHS;
785         } else if (!strcmp(value, "auto")) {
786             translation = BIOS_ATA_TRANSLATION_AUTO;
787         } else {
788             error_report("'%s' invalid translation type", value);
789             goto fail;
790         }
791     }
792 
793     if (media == MEDIA_CDROM) {
794         if (cyls || secs || heads) {
795             error_report("CHS can't be set with media=cdrom");
796             goto fail;
797         }
798     }
799 
800     /* Device address specified by bus/unit or index.
801      * If none was specified, try to find the first free one. */
802     bus_id  = qemu_opt_get_number(legacy_opts, "bus", 0);
803     unit_id = qemu_opt_get_number(legacy_opts, "unit", -1);
804     index   = qemu_opt_get_number(legacy_opts, "index", -1);
805 
806     max_devs = if_max_devs[type];
807 
808     if (index != -1) {
809         if (bus_id != 0 || unit_id != -1) {
810             error_report("index cannot be used with bus and unit");
811             goto fail;
812         }
813         bus_id = drive_index_to_bus_id(type, index);
814         unit_id = drive_index_to_unit_id(type, index);
815     }
816 
817     if (unit_id == -1) {
818        unit_id = 0;
819        while (drive_get(type, bus_id, unit_id) != NULL) {
820            unit_id++;
821            if (max_devs && unit_id >= max_devs) {
822                unit_id -= max_devs;
823                bus_id++;
824            }
825        }
826     }
827 
828     if (max_devs && unit_id >= max_devs) {
829         error_report("unit %d too big (max is %d)", unit_id, max_devs - 1);
830         goto fail;
831     }
832 
833     if (drive_get(type, bus_id, unit_id) != NULL) {
834         error_report("drive with bus=%d, unit=%d (index=%d) exists",
835                      bus_id, unit_id, index);
836         goto fail;
837     }
838 
839     /* no id supplied -> create one */
840     if (qemu_opts_id(all_opts) == NULL) {
841         char *new_id;
842         const char *mediastr = "";
843         if (type == IF_IDE || type == IF_SCSI) {
844             mediastr = (media == MEDIA_CDROM) ? "-cd" : "-hd";
845         }
846         if (max_devs) {
847             new_id = g_strdup_printf("%s%i%s%i", if_name[type], bus_id,
848                                      mediastr, unit_id);
849         } else {
850             new_id = g_strdup_printf("%s%s%i", if_name[type],
851                                      mediastr, unit_id);
852         }
853         qdict_put(bs_opts, "id", qstring_from_str(new_id));
854         g_free(new_id);
855     }
856 
857     /* Add virtio block device */
858     devaddr = qemu_opt_get(legacy_opts, "addr");
859     if (devaddr && type != IF_VIRTIO) {
860         error_report("addr is not supported by this bus type");
861         goto fail;
862     }
863 
864     if (type == IF_VIRTIO) {
865         QemuOpts *devopts;
866         devopts = qemu_opts_create(qemu_find_opts("device"), NULL, 0,
867                                    &error_abort);
868         if (arch_type == QEMU_ARCH_S390X) {
869             qemu_opt_set(devopts, "driver", "virtio-blk-s390");
870         } else {
871             qemu_opt_set(devopts, "driver", "virtio-blk-pci");
872         }
873         qemu_opt_set(devopts, "drive", qdict_get_str(bs_opts, "id"));
874         if (devaddr) {
875             qemu_opt_set(devopts, "addr", devaddr);
876         }
877     }
878 
879     filename = qemu_opt_get(legacy_opts, "file");
880 
881     /* Check werror/rerror compatibility with if=... */
882     werror = qemu_opt_get(legacy_opts, "werror");
883     if (werror != NULL) {
884         if (type != IF_IDE && type != IF_SCSI && type != IF_VIRTIO &&
885             type != IF_NONE) {
886             error_report("werror is not supported by this bus type");
887             goto fail;
888         }
889         qdict_put(bs_opts, "werror", qstring_from_str(werror));
890     }
891 
892     rerror = qemu_opt_get(legacy_opts, "rerror");
893     if (rerror != NULL) {
894         if (type != IF_IDE && type != IF_VIRTIO && type != IF_SCSI &&
895             type != IF_NONE) {
896             error_report("rerror is not supported by this bus type");
897             goto fail;
898         }
899         qdict_put(bs_opts, "rerror", qstring_from_str(rerror));
900     }
901 
902     /* Actual block device init: Functionality shared with blockdev-add */
903     dinfo = blockdev_init(filename, bs_opts, &local_err);
904     if (dinfo == NULL) {
905         if (local_err) {
906             qerror_report_err(local_err);
907             error_free(local_err);
908         }
909         goto fail;
910     } else {
911         assert(!local_err);
912     }
913 
914     /* Set legacy DriveInfo fields */
915     dinfo->enable_auto_del = true;
916     dinfo->opts = all_opts;
917 
918     dinfo->cyls = cyls;
919     dinfo->heads = heads;
920     dinfo->secs = secs;
921     dinfo->trans = translation;
922 
923     dinfo->type = type;
924     dinfo->bus = bus_id;
925     dinfo->unit = unit_id;
926     dinfo->devaddr = devaddr;
927 
928     switch(type) {
929     case IF_IDE:
930     case IF_SCSI:
931     case IF_XEN:
932     case IF_NONE:
933         dinfo->media_cd = media == MEDIA_CDROM;
934         break;
935     default:
936         break;
937     }
938 
939 fail:
940     qemu_opts_del(legacy_opts);
941     return dinfo;
942 }
943 
944 void do_commit(Monitor *mon, const QDict *qdict)
945 {
946     const char *device = qdict_get_str(qdict, "device");
947     BlockDriverState *bs;
948     int ret;
949 
950     if (!strcmp(device, "all")) {
951         ret = bdrv_commit_all();
952     } else {
953         bs = bdrv_find(device);
954         if (!bs) {
955             monitor_printf(mon, "Device '%s' not found\n", device);
956             return;
957         }
958         ret = bdrv_commit(bs);
959     }
960     if (ret < 0) {
961         monitor_printf(mon, "'commit' error for '%s': %s\n", device,
962                        strerror(-ret));
963     }
964 }
965 
966 static void blockdev_do_action(int kind, void *data, Error **errp)
967 {
968     TransactionAction action;
969     TransactionActionList list;
970 
971     action.kind = kind;
972     action.data = data;
973     list.value = &action;
974     list.next = NULL;
975     qmp_transaction(&list, errp);
976 }
977 
978 void qmp_blockdev_snapshot_sync(bool has_device, const char *device,
979                                 bool has_node_name, const char *node_name,
980                                 const char *snapshot_file,
981                                 bool has_snapshot_node_name,
982                                 const char *snapshot_node_name,
983                                 bool has_format, const char *format,
984                                 bool has_mode, NewImageMode mode, Error **errp)
985 {
986     BlockdevSnapshot snapshot = {
987         .has_device = has_device,
988         .device = (char *) device,
989         .has_node_name = has_node_name,
990         .node_name = (char *) node_name,
991         .snapshot_file = (char *) snapshot_file,
992         .has_snapshot_node_name = has_snapshot_node_name,
993         .snapshot_node_name = (char *) snapshot_node_name,
994         .has_format = has_format,
995         .format = (char *) format,
996         .has_mode = has_mode,
997         .mode = mode,
998     };
999     blockdev_do_action(TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_SYNC,
1000                        &snapshot, errp);
1001 }
1002 
1003 void qmp_blockdev_snapshot_internal_sync(const char *device,
1004                                          const char *name,
1005                                          Error **errp)
1006 {
1007     BlockdevSnapshotInternal snapshot = {
1008         .device = (char *) device,
1009         .name = (char *) name
1010     };
1011 
1012     blockdev_do_action(TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_INTERNAL_SYNC,
1013                        &snapshot, errp);
1014 }
1015 
1016 SnapshotInfo *qmp_blockdev_snapshot_delete_internal_sync(const char *device,
1017                                                          bool has_id,
1018                                                          const char *id,
1019                                                          bool has_name,
1020                                                          const char *name,
1021                                                          Error **errp)
1022 {
1023     BlockDriverState *bs = bdrv_find(device);
1024     QEMUSnapshotInfo sn;
1025     Error *local_err = NULL;
1026     SnapshotInfo *info = NULL;
1027     int ret;
1028 
1029     if (!bs) {
1030         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1031         return NULL;
1032     }
1033 
1034     if (!has_id) {
1035         id = NULL;
1036     }
1037 
1038     if (!has_name) {
1039         name = NULL;
1040     }
1041 
1042     if (!id && !name) {
1043         error_setg(errp, "Name or id must be provided");
1044         return NULL;
1045     }
1046 
1047     ret = bdrv_snapshot_find_by_id_and_name(bs, id, name, &sn, &local_err);
1048     if (local_err) {
1049         error_propagate(errp, local_err);
1050         return NULL;
1051     }
1052     if (!ret) {
1053         error_setg(errp,
1054                    "Snapshot with id '%s' and name '%s' does not exist on "
1055                    "device '%s'",
1056                    STR_OR_NULL(id), STR_OR_NULL(name), device);
1057         return NULL;
1058     }
1059 
1060     bdrv_snapshot_delete(bs, id, name, &local_err);
1061     if (local_err) {
1062         error_propagate(errp, local_err);
1063         return NULL;
1064     }
1065 
1066     info = g_malloc0(sizeof(SnapshotInfo));
1067     info->id = g_strdup(sn.id_str);
1068     info->name = g_strdup(sn.name);
1069     info->date_nsec = sn.date_nsec;
1070     info->date_sec = sn.date_sec;
1071     info->vm_state_size = sn.vm_state_size;
1072     info->vm_clock_nsec = sn.vm_clock_nsec % 1000000000;
1073     info->vm_clock_sec = sn.vm_clock_nsec / 1000000000;
1074 
1075     return info;
1076 }
1077 
1078 /* New and old BlockDriverState structs for group snapshots */
1079 
1080 typedef struct BlkTransactionState BlkTransactionState;
1081 
1082 /* Only prepare() may fail. In a single transaction, only one of commit() or
1083    abort() will be called, clean() will always be called if it present. */
1084 typedef struct BdrvActionOps {
1085     /* Size of state struct, in bytes. */
1086     size_t instance_size;
1087     /* Prepare the work, must NOT be NULL. */
1088     void (*prepare)(BlkTransactionState *common, Error **errp);
1089     /* Commit the changes, can be NULL. */
1090     void (*commit)(BlkTransactionState *common);
1091     /* Abort the changes on fail, can be NULL. */
1092     void (*abort)(BlkTransactionState *common);
1093     /* Clean up resource in the end, can be NULL. */
1094     void (*clean)(BlkTransactionState *common);
1095 } BdrvActionOps;
1096 
1097 /*
1098  * This structure must be arranged as first member in child type, assuming
1099  * that compiler will also arrange it to the same address with parent instance.
1100  * Later it will be used in free().
1101  */
1102 struct BlkTransactionState {
1103     TransactionAction *action;
1104     const BdrvActionOps *ops;
1105     QSIMPLEQ_ENTRY(BlkTransactionState) entry;
1106 };
1107 
1108 /* internal snapshot private data */
1109 typedef struct InternalSnapshotState {
1110     BlkTransactionState common;
1111     BlockDriverState *bs;
1112     QEMUSnapshotInfo sn;
1113 } InternalSnapshotState;
1114 
1115 static void internal_snapshot_prepare(BlkTransactionState *common,
1116                                       Error **errp)
1117 {
1118     Error *local_err = NULL;
1119     const char *device;
1120     const char *name;
1121     BlockDriverState *bs;
1122     QEMUSnapshotInfo old_sn, *sn;
1123     bool ret;
1124     qemu_timeval tv;
1125     BlockdevSnapshotInternal *internal;
1126     InternalSnapshotState *state;
1127     int ret1;
1128 
1129     g_assert(common->action->kind ==
1130              TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_INTERNAL_SYNC);
1131     internal = common->action->blockdev_snapshot_internal_sync;
1132     state = DO_UPCAST(InternalSnapshotState, common, common);
1133 
1134     /* 1. parse input */
1135     device = internal->device;
1136     name = internal->name;
1137 
1138     /* 2. check for validation */
1139     bs = bdrv_find(device);
1140     if (!bs) {
1141         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1142         return;
1143     }
1144 
1145     if (!bdrv_is_inserted(bs)) {
1146         error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
1147         return;
1148     }
1149 
1150     if (bdrv_is_read_only(bs)) {
1151         error_set(errp, QERR_DEVICE_IS_READ_ONLY, device);
1152         return;
1153     }
1154 
1155     if (!bdrv_can_snapshot(bs)) {
1156         error_set(errp, QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTED,
1157                   bs->drv->format_name, device, "internal snapshot");
1158         return;
1159     }
1160 
1161     if (!strlen(name)) {
1162         error_setg(errp, "Name is empty");
1163         return;
1164     }
1165 
1166     /* check whether a snapshot with name exist */
1167     ret = bdrv_snapshot_find_by_id_and_name(bs, NULL, name, &old_sn,
1168                                             &local_err);
1169     if (local_err) {
1170         error_propagate(errp, local_err);
1171         return;
1172     } else if (ret) {
1173         error_setg(errp,
1174                    "Snapshot with name '%s' already exists on device '%s'",
1175                    name, device);
1176         return;
1177     }
1178 
1179     /* 3. take the snapshot */
1180     sn = &state->sn;
1181     pstrcpy(sn->name, sizeof(sn->name), name);
1182     qemu_gettimeofday(&tv);
1183     sn->date_sec = tv.tv_sec;
1184     sn->date_nsec = tv.tv_usec * 1000;
1185     sn->vm_clock_nsec = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
1186 
1187     ret1 = bdrv_snapshot_create(bs, sn);
1188     if (ret1 < 0) {
1189         error_setg_errno(errp, -ret1,
1190                          "Failed to create snapshot '%s' on device '%s'",
1191                          name, device);
1192         return;
1193     }
1194 
1195     /* 4. succeed, mark a snapshot is created */
1196     state->bs = bs;
1197 }
1198 
1199 static void internal_snapshot_abort(BlkTransactionState *common)
1200 {
1201     InternalSnapshotState *state =
1202                              DO_UPCAST(InternalSnapshotState, common, common);
1203     BlockDriverState *bs = state->bs;
1204     QEMUSnapshotInfo *sn = &state->sn;
1205     Error *local_error = NULL;
1206 
1207     if (!bs) {
1208         return;
1209     }
1210 
1211     if (bdrv_snapshot_delete(bs, sn->id_str, sn->name, &local_error) < 0) {
1212         error_report("Failed to delete snapshot with id '%s' and name '%s' on "
1213                      "device '%s' in abort: %s",
1214                      sn->id_str,
1215                      sn->name,
1216                      bdrv_get_device_name(bs),
1217                      error_get_pretty(local_error));
1218         error_free(local_error);
1219     }
1220 }
1221 
1222 /* external snapshot private data */
1223 typedef struct ExternalSnapshotState {
1224     BlkTransactionState common;
1225     BlockDriverState *old_bs;
1226     BlockDriverState *new_bs;
1227 } ExternalSnapshotState;
1228 
1229 static void external_snapshot_prepare(BlkTransactionState *common,
1230                                       Error **errp)
1231 {
1232     BlockDriver *drv;
1233     int flags, ret;
1234     QDict *options = NULL;
1235     Error *local_err = NULL;
1236     bool has_device = false;
1237     const char *device;
1238     bool has_node_name = false;
1239     const char *node_name;
1240     bool has_snapshot_node_name = false;
1241     const char *snapshot_node_name;
1242     const char *new_image_file;
1243     const char *format = "qcow2";
1244     enum NewImageMode mode = NEW_IMAGE_MODE_ABSOLUTE_PATHS;
1245     ExternalSnapshotState *state =
1246                              DO_UPCAST(ExternalSnapshotState, common, common);
1247     TransactionAction *action = common->action;
1248 
1249     /* get parameters */
1250     g_assert(action->kind == TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_SYNC);
1251 
1252     has_device = action->blockdev_snapshot_sync->has_device;
1253     device = action->blockdev_snapshot_sync->device;
1254     has_node_name = action->blockdev_snapshot_sync->has_node_name;
1255     node_name = action->blockdev_snapshot_sync->node_name;
1256     has_snapshot_node_name =
1257         action->blockdev_snapshot_sync->has_snapshot_node_name;
1258     snapshot_node_name = action->blockdev_snapshot_sync->snapshot_node_name;
1259 
1260     new_image_file = action->blockdev_snapshot_sync->snapshot_file;
1261     if (action->blockdev_snapshot_sync->has_format) {
1262         format = action->blockdev_snapshot_sync->format;
1263     }
1264     if (action->blockdev_snapshot_sync->has_mode) {
1265         mode = action->blockdev_snapshot_sync->mode;
1266     }
1267 
1268     /* start processing */
1269     drv = bdrv_find_format(format);
1270     if (!drv) {
1271         error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
1272         return;
1273     }
1274 
1275     state->old_bs = bdrv_lookup_bs(has_device ? device : NULL,
1276                                    has_node_name ? node_name : NULL,
1277                                    &local_err);
1278     if (local_err) {
1279         error_propagate(errp, local_err);
1280         return;
1281     }
1282 
1283     if (has_node_name && !has_snapshot_node_name) {
1284         error_setg(errp, "New snapshot node name missing");
1285         return;
1286     }
1287 
1288     if (has_snapshot_node_name && bdrv_find_node(snapshot_node_name)) {
1289         error_setg(errp, "New snapshot node name already existing");
1290         return;
1291     }
1292 
1293     if (!bdrv_is_inserted(state->old_bs)) {
1294         error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
1295         return;
1296     }
1297 
1298     if (bdrv_in_use(state->old_bs)) {
1299         error_set(errp, QERR_DEVICE_IN_USE, device);
1300         return;
1301     }
1302 
1303     if (!bdrv_is_read_only(state->old_bs)) {
1304         if (bdrv_flush(state->old_bs)) {
1305             error_set(errp, QERR_IO_ERROR);
1306             return;
1307         }
1308     }
1309 
1310     if (!bdrv_is_first_non_filter(state->old_bs)) {
1311         error_set(errp, QERR_FEATURE_DISABLED, "snapshot");
1312         return;
1313     }
1314 
1315     flags = state->old_bs->open_flags;
1316 
1317     /* create new image w/backing file */
1318     if (mode != NEW_IMAGE_MODE_EXISTING) {
1319         bdrv_img_create(new_image_file, format,
1320                         state->old_bs->filename,
1321                         state->old_bs->drv->format_name,
1322                         NULL, -1, flags, &local_err, false);
1323         if (local_err) {
1324             error_propagate(errp, local_err);
1325             return;
1326         }
1327     }
1328 
1329     if (has_snapshot_node_name) {
1330         options = qdict_new();
1331         qdict_put(options, "node-name",
1332                   qstring_from_str(snapshot_node_name));
1333     }
1334 
1335     /* TODO Inherit bs->options or only take explicit options with an
1336      * extended QMP command? */
1337     assert(state->new_bs == NULL);
1338     ret = bdrv_open(&state->new_bs, new_image_file, NULL, options,
1339                     flags | BDRV_O_NO_BACKING, drv, &local_err);
1340     /* We will manually add the backing_hd field to the bs later */
1341     if (ret != 0) {
1342         error_propagate(errp, local_err);
1343     }
1344 }
1345 
1346 static void external_snapshot_commit(BlkTransactionState *common)
1347 {
1348     ExternalSnapshotState *state =
1349                              DO_UPCAST(ExternalSnapshotState, common, common);
1350 
1351     /* This removes our old bs and adds the new bs */
1352     bdrv_append(state->new_bs, state->old_bs);
1353     /* We don't need (or want) to use the transactional
1354      * bdrv_reopen_multiple() across all the entries at once, because we
1355      * don't want to abort all of them if one of them fails the reopen */
1356     bdrv_reopen(state->new_bs, state->new_bs->open_flags & ~BDRV_O_RDWR,
1357                 NULL);
1358 }
1359 
1360 static void external_snapshot_abort(BlkTransactionState *common)
1361 {
1362     ExternalSnapshotState *state =
1363                              DO_UPCAST(ExternalSnapshotState, common, common);
1364     if (state->new_bs) {
1365         bdrv_unref(state->new_bs);
1366     }
1367 }
1368 
1369 typedef struct DriveBackupState {
1370     BlkTransactionState common;
1371     BlockDriverState *bs;
1372     BlockJob *job;
1373 } DriveBackupState;
1374 
1375 static void drive_backup_prepare(BlkTransactionState *common, Error **errp)
1376 {
1377     DriveBackupState *state = DO_UPCAST(DriveBackupState, common, common);
1378     DriveBackup *backup;
1379     Error *local_err = NULL;
1380 
1381     assert(common->action->kind == TRANSACTION_ACTION_KIND_DRIVE_BACKUP);
1382     backup = common->action->drive_backup;
1383 
1384     qmp_drive_backup(backup->device, backup->target,
1385                      backup->has_format, backup->format,
1386                      backup->sync,
1387                      backup->has_mode, backup->mode,
1388                      backup->has_speed, backup->speed,
1389                      backup->has_on_source_error, backup->on_source_error,
1390                      backup->has_on_target_error, backup->on_target_error,
1391                      &local_err);
1392     if (local_err) {
1393         error_propagate(errp, local_err);
1394         state->bs = NULL;
1395         state->job = NULL;
1396         return;
1397     }
1398 
1399     state->bs = bdrv_find(backup->device);
1400     state->job = state->bs->job;
1401 }
1402 
1403 static void drive_backup_abort(BlkTransactionState *common)
1404 {
1405     DriveBackupState *state = DO_UPCAST(DriveBackupState, common, common);
1406     BlockDriverState *bs = state->bs;
1407 
1408     /* Only cancel if it's the job we started */
1409     if (bs && bs->job && bs->job == state->job) {
1410         block_job_cancel_sync(bs->job);
1411     }
1412 }
1413 
1414 static void abort_prepare(BlkTransactionState *common, Error **errp)
1415 {
1416     error_setg(errp, "Transaction aborted using Abort action");
1417 }
1418 
1419 static void abort_commit(BlkTransactionState *common)
1420 {
1421     g_assert_not_reached(); /* this action never succeeds */
1422 }
1423 
1424 static const BdrvActionOps actions[] = {
1425     [TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_SYNC] = {
1426         .instance_size = sizeof(ExternalSnapshotState),
1427         .prepare  = external_snapshot_prepare,
1428         .commit   = external_snapshot_commit,
1429         .abort = external_snapshot_abort,
1430     },
1431     [TRANSACTION_ACTION_KIND_DRIVE_BACKUP] = {
1432         .instance_size = sizeof(DriveBackupState),
1433         .prepare = drive_backup_prepare,
1434         .abort = drive_backup_abort,
1435     },
1436     [TRANSACTION_ACTION_KIND_ABORT] = {
1437         .instance_size = sizeof(BlkTransactionState),
1438         .prepare = abort_prepare,
1439         .commit = abort_commit,
1440     },
1441     [TRANSACTION_ACTION_KIND_BLOCKDEV_SNAPSHOT_INTERNAL_SYNC] = {
1442         .instance_size = sizeof(InternalSnapshotState),
1443         .prepare  = internal_snapshot_prepare,
1444         .abort = internal_snapshot_abort,
1445     },
1446 };
1447 
1448 /*
1449  * 'Atomic' group snapshots.  The snapshots are taken as a set, and if any fail
1450  *  then we do not pivot any of the devices in the group, and abandon the
1451  *  snapshots
1452  */
1453 void qmp_transaction(TransactionActionList *dev_list, Error **errp)
1454 {
1455     TransactionActionList *dev_entry = dev_list;
1456     BlkTransactionState *state, *next;
1457     Error *local_err = NULL;
1458 
1459     QSIMPLEQ_HEAD(snap_bdrv_states, BlkTransactionState) snap_bdrv_states;
1460     QSIMPLEQ_INIT(&snap_bdrv_states);
1461 
1462     /* drain all i/o before any snapshots */
1463     bdrv_drain_all();
1464 
1465     /* We don't do anything in this loop that commits us to the snapshot */
1466     while (NULL != dev_entry) {
1467         TransactionAction *dev_info = NULL;
1468         const BdrvActionOps *ops;
1469 
1470         dev_info = dev_entry->value;
1471         dev_entry = dev_entry->next;
1472 
1473         assert(dev_info->kind < ARRAY_SIZE(actions));
1474 
1475         ops = &actions[dev_info->kind];
1476         assert(ops->instance_size > 0);
1477 
1478         state = g_malloc0(ops->instance_size);
1479         state->ops = ops;
1480         state->action = dev_info;
1481         QSIMPLEQ_INSERT_TAIL(&snap_bdrv_states, state, entry);
1482 
1483         state->ops->prepare(state, &local_err);
1484         if (local_err) {
1485             error_propagate(errp, local_err);
1486             goto delete_and_fail;
1487         }
1488     }
1489 
1490     QSIMPLEQ_FOREACH(state, &snap_bdrv_states, entry) {
1491         if (state->ops->commit) {
1492             state->ops->commit(state);
1493         }
1494     }
1495 
1496     /* success */
1497     goto exit;
1498 
1499 delete_and_fail:
1500     /*
1501     * failure, and it is all-or-none; abandon each new bs, and keep using
1502     * the original bs for all images
1503     */
1504     QSIMPLEQ_FOREACH(state, &snap_bdrv_states, entry) {
1505         if (state->ops->abort) {
1506             state->ops->abort(state);
1507         }
1508     }
1509 exit:
1510     QSIMPLEQ_FOREACH_SAFE(state, &snap_bdrv_states, entry, next) {
1511         if (state->ops->clean) {
1512             state->ops->clean(state);
1513         }
1514         g_free(state);
1515     }
1516 }
1517 
1518 
1519 static void eject_device(BlockDriverState *bs, int force, Error **errp)
1520 {
1521     if (bdrv_in_use(bs)) {
1522         error_set(errp, QERR_DEVICE_IN_USE, bdrv_get_device_name(bs));
1523         return;
1524     }
1525     if (!bdrv_dev_has_removable_media(bs)) {
1526         error_setg(errp, "Device '%s' is not removable",
1527                    bdrv_get_device_name(bs));
1528         return;
1529     }
1530 
1531     if (bdrv_dev_is_medium_locked(bs) && !bdrv_dev_is_tray_open(bs)) {
1532         bdrv_dev_eject_request(bs, force);
1533         if (!force) {
1534             error_setg(errp, "Device '%s' is locked",
1535                        bdrv_get_device_name(bs));
1536             return;
1537         }
1538     }
1539 
1540     bdrv_close(bs);
1541 }
1542 
1543 void qmp_eject(const char *device, bool has_force, bool force, Error **errp)
1544 {
1545     BlockDriverState *bs;
1546 
1547     bs = bdrv_find(device);
1548     if (!bs) {
1549         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1550         return;
1551     }
1552 
1553     eject_device(bs, force, errp);
1554 }
1555 
1556 void qmp_block_passwd(bool has_device, const char *device,
1557                       bool has_node_name, const char *node_name,
1558                       const char *password, Error **errp)
1559 {
1560     Error *local_err = NULL;
1561     BlockDriverState *bs;
1562     int err;
1563 
1564     bs = bdrv_lookup_bs(has_device ? device : NULL,
1565                         has_node_name ? node_name : NULL,
1566                         &local_err);
1567     if (local_err) {
1568         error_propagate(errp, local_err);
1569         return;
1570     }
1571 
1572     err = bdrv_set_key(bs, password);
1573     if (err == -EINVAL) {
1574         error_set(errp, QERR_DEVICE_NOT_ENCRYPTED, bdrv_get_device_name(bs));
1575         return;
1576     } else if (err < 0) {
1577         error_set(errp, QERR_INVALID_PASSWORD);
1578         return;
1579     }
1580 }
1581 
1582 static void qmp_bdrv_open_encrypted(BlockDriverState *bs, const char *filename,
1583                                     int bdrv_flags, BlockDriver *drv,
1584                                     const char *password, Error **errp)
1585 {
1586     Error *local_err = NULL;
1587     int ret;
1588 
1589     ret = bdrv_open(&bs, filename, NULL, NULL, bdrv_flags, drv, &local_err);
1590     if (ret < 0) {
1591         error_propagate(errp, local_err);
1592         return;
1593     }
1594 
1595     if (bdrv_key_required(bs)) {
1596         if (password) {
1597             if (bdrv_set_key(bs, password) < 0) {
1598                 error_set(errp, QERR_INVALID_PASSWORD);
1599             }
1600         } else {
1601             error_set(errp, QERR_DEVICE_ENCRYPTED, bdrv_get_device_name(bs),
1602                       bdrv_get_encrypted_filename(bs));
1603         }
1604     } else if (password) {
1605         error_set(errp, QERR_DEVICE_NOT_ENCRYPTED, bdrv_get_device_name(bs));
1606     }
1607 }
1608 
1609 void qmp_change_blockdev(const char *device, const char *filename,
1610                          const char *format, Error **errp)
1611 {
1612     BlockDriverState *bs;
1613     BlockDriver *drv = NULL;
1614     int bdrv_flags;
1615     Error *err = NULL;
1616 
1617     bs = bdrv_find(device);
1618     if (!bs) {
1619         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1620         return;
1621     }
1622 
1623     if (format) {
1624         drv = bdrv_find_whitelisted_format(format, bs->read_only);
1625         if (!drv) {
1626             error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
1627             return;
1628         }
1629     }
1630 
1631     eject_device(bs, 0, &err);
1632     if (err) {
1633         error_propagate(errp, err);
1634         return;
1635     }
1636 
1637     bdrv_flags = bdrv_is_read_only(bs) ? 0 : BDRV_O_RDWR;
1638     bdrv_flags |= bdrv_is_snapshot(bs) ? BDRV_O_SNAPSHOT : 0;
1639 
1640     qmp_bdrv_open_encrypted(bs, filename, bdrv_flags, drv, NULL, errp);
1641 }
1642 
1643 /* throttling disk I/O limits */
1644 void qmp_block_set_io_throttle(const char *device, int64_t bps, int64_t bps_rd,
1645                                int64_t bps_wr,
1646                                int64_t iops,
1647                                int64_t iops_rd,
1648                                int64_t iops_wr,
1649                                bool has_bps_max,
1650                                int64_t bps_max,
1651                                bool has_bps_rd_max,
1652                                int64_t bps_rd_max,
1653                                bool has_bps_wr_max,
1654                                int64_t bps_wr_max,
1655                                bool has_iops_max,
1656                                int64_t iops_max,
1657                                bool has_iops_rd_max,
1658                                int64_t iops_rd_max,
1659                                bool has_iops_wr_max,
1660                                int64_t iops_wr_max,
1661                                bool has_iops_size,
1662                                int64_t iops_size, Error **errp)
1663 {
1664     ThrottleConfig cfg;
1665     BlockDriverState *bs;
1666 
1667     bs = bdrv_find(device);
1668     if (!bs) {
1669         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1670         return;
1671     }
1672 
1673     memset(&cfg, 0, sizeof(cfg));
1674     cfg.buckets[THROTTLE_BPS_TOTAL].avg = bps;
1675     cfg.buckets[THROTTLE_BPS_READ].avg  = bps_rd;
1676     cfg.buckets[THROTTLE_BPS_WRITE].avg = bps_wr;
1677 
1678     cfg.buckets[THROTTLE_OPS_TOTAL].avg = iops;
1679     cfg.buckets[THROTTLE_OPS_READ].avg  = iops_rd;
1680     cfg.buckets[THROTTLE_OPS_WRITE].avg = iops_wr;
1681 
1682     if (has_bps_max) {
1683         cfg.buckets[THROTTLE_BPS_TOTAL].max = bps_max;
1684     }
1685     if (has_bps_rd_max) {
1686         cfg.buckets[THROTTLE_BPS_READ].max = bps_rd_max;
1687     }
1688     if (has_bps_wr_max) {
1689         cfg.buckets[THROTTLE_BPS_WRITE].max = bps_wr_max;
1690     }
1691     if (has_iops_max) {
1692         cfg.buckets[THROTTLE_OPS_TOTAL].max = iops_max;
1693     }
1694     if (has_iops_rd_max) {
1695         cfg.buckets[THROTTLE_OPS_READ].max = iops_rd_max;
1696     }
1697     if (has_iops_wr_max) {
1698         cfg.buckets[THROTTLE_OPS_WRITE].max = iops_wr_max;
1699     }
1700 
1701     if (has_iops_size) {
1702         cfg.op_size = iops_size;
1703     }
1704 
1705     if (!check_throttle_config(&cfg, errp)) {
1706         return;
1707     }
1708 
1709     if (!bs->io_limits_enabled && throttle_enabled(&cfg)) {
1710         bdrv_io_limits_enable(bs);
1711     } else if (bs->io_limits_enabled && !throttle_enabled(&cfg)) {
1712         bdrv_io_limits_disable(bs);
1713     }
1714 
1715     if (bs->io_limits_enabled) {
1716         bdrv_set_io_limits(bs, &cfg);
1717     }
1718 }
1719 
1720 int do_drive_del(Monitor *mon, const QDict *qdict, QObject **ret_data)
1721 {
1722     const char *id = qdict_get_str(qdict, "id");
1723     BlockDriverState *bs;
1724 
1725     bs = bdrv_find(id);
1726     if (!bs) {
1727         qerror_report(QERR_DEVICE_NOT_FOUND, id);
1728         return -1;
1729     }
1730     if (bdrv_in_use(bs)) {
1731         qerror_report(QERR_DEVICE_IN_USE, id);
1732         return -1;
1733     }
1734 
1735     /* quiesce block driver; prevent further io */
1736     bdrv_drain_all();
1737     bdrv_flush(bs);
1738     bdrv_close(bs);
1739 
1740     /* if we have a device attached to this BlockDriverState
1741      * then we need to make the drive anonymous until the device
1742      * can be removed.  If this is a drive with no device backing
1743      * then we can just get rid of the block driver state right here.
1744      */
1745     if (bdrv_get_attached_dev(bs)) {
1746         bdrv_make_anon(bs);
1747 
1748         /* Further I/O must not pause the guest */
1749         bdrv_set_on_error(bs, BLOCKDEV_ON_ERROR_REPORT,
1750                           BLOCKDEV_ON_ERROR_REPORT);
1751     } else {
1752         drive_uninit(drive_get_by_blockdev(bs));
1753     }
1754 
1755     return 0;
1756 }
1757 
1758 void qmp_block_resize(bool has_device, const char *device,
1759                       bool has_node_name, const char *node_name,
1760                       int64_t size, Error **errp)
1761 {
1762     Error *local_err = NULL;
1763     BlockDriverState *bs;
1764     int ret;
1765 
1766     bs = bdrv_lookup_bs(has_device ? device : NULL,
1767                         has_node_name ? node_name : NULL,
1768                         &local_err);
1769     if (local_err) {
1770         error_propagate(errp, local_err);
1771         return;
1772     }
1773 
1774     if (!bdrv_is_first_non_filter(bs)) {
1775         error_set(errp, QERR_FEATURE_DISABLED, "resize");
1776         return;
1777     }
1778 
1779     if (size < 0) {
1780         error_set(errp, QERR_INVALID_PARAMETER_VALUE, "size", "a >0 size");
1781         return;
1782     }
1783 
1784     /* complete all in-flight operations before resizing the device */
1785     bdrv_drain_all();
1786 
1787     ret = bdrv_truncate(bs, size);
1788     switch (ret) {
1789     case 0:
1790         break;
1791     case -ENOMEDIUM:
1792         error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
1793         break;
1794     case -ENOTSUP:
1795         error_set(errp, QERR_UNSUPPORTED);
1796         break;
1797     case -EACCES:
1798         error_set(errp, QERR_DEVICE_IS_READ_ONLY, device);
1799         break;
1800     case -EBUSY:
1801         error_set(errp, QERR_DEVICE_IN_USE, device);
1802         break;
1803     default:
1804         error_setg_errno(errp, -ret, "Could not resize");
1805         break;
1806     }
1807 }
1808 
1809 static void block_job_cb(void *opaque, int ret)
1810 {
1811     BlockDriverState *bs = opaque;
1812     QObject *obj;
1813 
1814     trace_block_job_cb(bs, bs->job, ret);
1815 
1816     assert(bs->job);
1817     obj = qobject_from_block_job(bs->job);
1818     if (ret < 0) {
1819         QDict *dict = qobject_to_qdict(obj);
1820         qdict_put(dict, "error", qstring_from_str(strerror(-ret)));
1821     }
1822 
1823     if (block_job_is_cancelled(bs->job)) {
1824         monitor_protocol_event(QEVENT_BLOCK_JOB_CANCELLED, obj);
1825     } else {
1826         monitor_protocol_event(QEVENT_BLOCK_JOB_COMPLETED, obj);
1827     }
1828     qobject_decref(obj);
1829 
1830     bdrv_put_ref_bh_schedule(bs);
1831 }
1832 
1833 void qmp_block_stream(const char *device, bool has_base,
1834                       const char *base, bool has_speed, int64_t speed,
1835                       bool has_on_error, BlockdevOnError on_error,
1836                       Error **errp)
1837 {
1838     BlockDriverState *bs;
1839     BlockDriverState *base_bs = NULL;
1840     Error *local_err = NULL;
1841 
1842     if (!has_on_error) {
1843         on_error = BLOCKDEV_ON_ERROR_REPORT;
1844     }
1845 
1846     bs = bdrv_find(device);
1847     if (!bs) {
1848         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1849         return;
1850     }
1851 
1852     if (base) {
1853         base_bs = bdrv_find_backing_image(bs, base);
1854         if (base_bs == NULL) {
1855             error_set(errp, QERR_BASE_NOT_FOUND, base);
1856             return;
1857         }
1858     }
1859 
1860     stream_start(bs, base_bs, base, has_speed ? speed : 0,
1861                  on_error, block_job_cb, bs, &local_err);
1862     if (local_err) {
1863         error_propagate(errp, local_err);
1864         return;
1865     }
1866 
1867     trace_qmp_block_stream(bs, bs->job);
1868 }
1869 
1870 void qmp_block_commit(const char *device,
1871                       bool has_base, const char *base, const char *top,
1872                       bool has_speed, int64_t speed,
1873                       Error **errp)
1874 {
1875     BlockDriverState *bs;
1876     BlockDriverState *base_bs, *top_bs;
1877     Error *local_err = NULL;
1878     /* This will be part of the QMP command, if/when the
1879      * BlockdevOnError change for blkmirror makes it in
1880      */
1881     BlockdevOnError on_error = BLOCKDEV_ON_ERROR_REPORT;
1882 
1883     if (!has_speed) {
1884         speed = 0;
1885     }
1886 
1887     /* drain all i/o before commits */
1888     bdrv_drain_all();
1889 
1890     bs = bdrv_find(device);
1891     if (!bs) {
1892         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1893         return;
1894     }
1895 
1896     /* default top_bs is the active layer */
1897     top_bs = bs;
1898 
1899     if (top) {
1900         if (strcmp(bs->filename, top) != 0) {
1901             top_bs = bdrv_find_backing_image(bs, top);
1902         }
1903     }
1904 
1905     if (top_bs == NULL) {
1906         error_setg(errp, "Top image file %s not found", top ? top : "NULL");
1907         return;
1908     }
1909 
1910     if (has_base && base) {
1911         base_bs = bdrv_find_backing_image(top_bs, base);
1912     } else {
1913         base_bs = bdrv_find_base(top_bs);
1914     }
1915 
1916     if (base_bs == NULL) {
1917         error_set(errp, QERR_BASE_NOT_FOUND, base ? base : "NULL");
1918         return;
1919     }
1920 
1921     if (top_bs == bs) {
1922         commit_active_start(bs, base_bs, speed, on_error, block_job_cb,
1923                             bs, &local_err);
1924     } else {
1925         commit_start(bs, base_bs, top_bs, speed, on_error, block_job_cb, bs,
1926                     &local_err);
1927     }
1928     if (local_err != NULL) {
1929         error_propagate(errp, local_err);
1930         return;
1931     }
1932 }
1933 
1934 void qmp_drive_backup(const char *device, const char *target,
1935                       bool has_format, const char *format,
1936                       enum MirrorSyncMode sync,
1937                       bool has_mode, enum NewImageMode mode,
1938                       bool has_speed, int64_t speed,
1939                       bool has_on_source_error, BlockdevOnError on_source_error,
1940                       bool has_on_target_error, BlockdevOnError on_target_error,
1941                       Error **errp)
1942 {
1943     BlockDriverState *bs;
1944     BlockDriverState *target_bs;
1945     BlockDriverState *source = NULL;
1946     BlockDriver *drv = NULL;
1947     Error *local_err = NULL;
1948     int flags;
1949     int64_t size;
1950     int ret;
1951 
1952     if (!has_speed) {
1953         speed = 0;
1954     }
1955     if (!has_on_source_error) {
1956         on_source_error = BLOCKDEV_ON_ERROR_REPORT;
1957     }
1958     if (!has_on_target_error) {
1959         on_target_error = BLOCKDEV_ON_ERROR_REPORT;
1960     }
1961     if (!has_mode) {
1962         mode = NEW_IMAGE_MODE_ABSOLUTE_PATHS;
1963     }
1964 
1965     bs = bdrv_find(device);
1966     if (!bs) {
1967         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
1968         return;
1969     }
1970 
1971     if (!bdrv_is_inserted(bs)) {
1972         error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
1973         return;
1974     }
1975 
1976     if (!has_format) {
1977         format = mode == NEW_IMAGE_MODE_EXISTING ? NULL : bs->drv->format_name;
1978     }
1979     if (format) {
1980         drv = bdrv_find_format(format);
1981         if (!drv) {
1982             error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
1983             return;
1984         }
1985     }
1986 
1987     if (bdrv_in_use(bs)) {
1988         error_set(errp, QERR_DEVICE_IN_USE, device);
1989         return;
1990     }
1991 
1992     flags = bs->open_flags | BDRV_O_RDWR;
1993 
1994     /* See if we have a backing HD we can use to create our new image
1995      * on top of. */
1996     if (sync == MIRROR_SYNC_MODE_TOP) {
1997         source = bs->backing_hd;
1998         if (!source) {
1999             sync = MIRROR_SYNC_MODE_FULL;
2000         }
2001     }
2002     if (sync == MIRROR_SYNC_MODE_NONE) {
2003         source = bs;
2004     }
2005 
2006     size = bdrv_getlength(bs);
2007     if (size < 0) {
2008         error_setg_errno(errp, -size, "bdrv_getlength failed");
2009         return;
2010     }
2011 
2012     if (mode != NEW_IMAGE_MODE_EXISTING) {
2013         assert(format && drv);
2014         if (source) {
2015             bdrv_img_create(target, format, source->filename,
2016                             source->drv->format_name, NULL,
2017                             size, flags, &local_err, false);
2018         } else {
2019             bdrv_img_create(target, format, NULL, NULL, NULL,
2020                             size, flags, &local_err, false);
2021         }
2022     }
2023 
2024     if (local_err) {
2025         error_propagate(errp, local_err);
2026         return;
2027     }
2028 
2029     target_bs = NULL;
2030     ret = bdrv_open(&target_bs, target, NULL, NULL, flags, drv, &local_err);
2031     if (ret < 0) {
2032         error_propagate(errp, local_err);
2033         return;
2034     }
2035 
2036     backup_start(bs, target_bs, speed, sync, on_source_error, on_target_error,
2037                  block_job_cb, bs, &local_err);
2038     if (local_err != NULL) {
2039         bdrv_unref(target_bs);
2040         error_propagate(errp, local_err);
2041         return;
2042     }
2043 }
2044 
2045 BlockDeviceInfoList *qmp_query_named_block_nodes(Error **errp)
2046 {
2047     return bdrv_named_nodes_list();
2048 }
2049 
2050 #define DEFAULT_MIRROR_BUF_SIZE   (10 << 20)
2051 
2052 void qmp_drive_mirror(const char *device, const char *target,
2053                       bool has_format, const char *format,
2054                       enum MirrorSyncMode sync,
2055                       bool has_mode, enum NewImageMode mode,
2056                       bool has_speed, int64_t speed,
2057                       bool has_granularity, uint32_t granularity,
2058                       bool has_buf_size, int64_t buf_size,
2059                       bool has_on_source_error, BlockdevOnError on_source_error,
2060                       bool has_on_target_error, BlockdevOnError on_target_error,
2061                       Error **errp)
2062 {
2063     BlockDriverState *bs;
2064     BlockDriverState *source, *target_bs;
2065     BlockDriver *drv = NULL;
2066     Error *local_err = NULL;
2067     int flags;
2068     int64_t size;
2069     int ret;
2070 
2071     if (!has_speed) {
2072         speed = 0;
2073     }
2074     if (!has_on_source_error) {
2075         on_source_error = BLOCKDEV_ON_ERROR_REPORT;
2076     }
2077     if (!has_on_target_error) {
2078         on_target_error = BLOCKDEV_ON_ERROR_REPORT;
2079     }
2080     if (!has_mode) {
2081         mode = NEW_IMAGE_MODE_ABSOLUTE_PATHS;
2082     }
2083     if (!has_granularity) {
2084         granularity = 0;
2085     }
2086     if (!has_buf_size) {
2087         buf_size = DEFAULT_MIRROR_BUF_SIZE;
2088     }
2089 
2090     if (granularity != 0 && (granularity < 512 || granularity > 1048576 * 64)) {
2091         error_set(errp, QERR_INVALID_PARAMETER, device);
2092         return;
2093     }
2094     if (granularity & (granularity - 1)) {
2095         error_set(errp, QERR_INVALID_PARAMETER, device);
2096         return;
2097     }
2098 
2099     bs = bdrv_find(device);
2100     if (!bs) {
2101         error_set(errp, QERR_DEVICE_NOT_FOUND, device);
2102         return;
2103     }
2104 
2105     if (!bdrv_is_inserted(bs)) {
2106         error_set(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
2107         return;
2108     }
2109 
2110     if (!has_format) {
2111         format = mode == NEW_IMAGE_MODE_EXISTING ? NULL : bs->drv->format_name;
2112     }
2113     if (format) {
2114         drv = bdrv_find_format(format);
2115         if (!drv) {
2116             error_set(errp, QERR_INVALID_BLOCK_FORMAT, format);
2117             return;
2118         }
2119     }
2120 
2121     if (bdrv_in_use(bs)) {
2122         error_set(errp, QERR_DEVICE_IN_USE, device);
2123         return;
2124     }
2125 
2126     flags = bs->open_flags | BDRV_O_RDWR;
2127     source = bs->backing_hd;
2128     if (!source && sync == MIRROR_SYNC_MODE_TOP) {
2129         sync = MIRROR_SYNC_MODE_FULL;
2130     }
2131     if (sync == MIRROR_SYNC_MODE_NONE) {
2132         source = bs;
2133     }
2134 
2135     size = bdrv_getlength(bs);
2136     if (size < 0) {
2137         error_setg_errno(errp, -size, "bdrv_getlength failed");
2138         return;
2139     }
2140 
2141     if ((sync == MIRROR_SYNC_MODE_FULL || !source)
2142         && mode != NEW_IMAGE_MODE_EXISTING)
2143     {
2144         /* create new image w/o backing file */
2145         assert(format && drv);
2146         bdrv_img_create(target, format,
2147                         NULL, NULL, NULL, size, flags, &local_err, false);
2148     } else {
2149         switch (mode) {
2150         case NEW_IMAGE_MODE_EXISTING:
2151             break;
2152         case NEW_IMAGE_MODE_ABSOLUTE_PATHS:
2153             /* create new image with backing file */
2154             bdrv_img_create(target, format,
2155                             source->filename,
2156                             source->drv->format_name,
2157                             NULL, size, flags, &local_err, false);
2158             break;
2159         default:
2160             abort();
2161         }
2162     }
2163 
2164     if (local_err) {
2165         error_propagate(errp, local_err);
2166         return;
2167     }
2168 
2169     /* Mirroring takes care of copy-on-write using the source's backing
2170      * file.
2171      */
2172     target_bs = NULL;
2173     ret = bdrv_open(&target_bs, target, NULL, NULL, flags | BDRV_O_NO_BACKING,
2174                     drv, &local_err);
2175     if (ret < 0) {
2176         error_propagate(errp, local_err);
2177         return;
2178     }
2179 
2180     mirror_start(bs, target_bs, speed, granularity, buf_size, sync,
2181                  on_source_error, on_target_error,
2182                  block_job_cb, bs, &local_err);
2183     if (local_err != NULL) {
2184         bdrv_unref(target_bs);
2185         error_propagate(errp, local_err);
2186         return;
2187     }
2188 }
2189 
2190 static BlockJob *find_block_job(const char *device)
2191 {
2192     BlockDriverState *bs;
2193 
2194     bs = bdrv_find(device);
2195     if (!bs || !bs->job) {
2196         return NULL;
2197     }
2198     return bs->job;
2199 }
2200 
2201 void qmp_block_job_set_speed(const char *device, int64_t speed, Error **errp)
2202 {
2203     BlockJob *job = find_block_job(device);
2204 
2205     if (!job) {
2206         error_set(errp, QERR_BLOCK_JOB_NOT_ACTIVE, device);
2207         return;
2208     }
2209 
2210     block_job_set_speed(job, speed, errp);
2211 }
2212 
2213 void qmp_block_job_cancel(const char *device,
2214                           bool has_force, bool force, Error **errp)
2215 {
2216     BlockJob *job = find_block_job(device);
2217 
2218     if (!has_force) {
2219         force = false;
2220     }
2221 
2222     if (!job) {
2223         error_set(errp, QERR_BLOCK_JOB_NOT_ACTIVE, device);
2224         return;
2225     }
2226     if (job->paused && !force) {
2227         error_setg(errp, "The block job for device '%s' is currently paused",
2228                    device);
2229         return;
2230     }
2231 
2232     trace_qmp_block_job_cancel(job);
2233     block_job_cancel(job);
2234 }
2235 
2236 void qmp_block_job_pause(const char *device, Error **errp)
2237 {
2238     BlockJob *job = find_block_job(device);
2239 
2240     if (!job) {
2241         error_set(errp, QERR_BLOCK_JOB_NOT_ACTIVE, device);
2242         return;
2243     }
2244 
2245     trace_qmp_block_job_pause(job);
2246     block_job_pause(job);
2247 }
2248 
2249 void qmp_block_job_resume(const char *device, Error **errp)
2250 {
2251     BlockJob *job = find_block_job(device);
2252 
2253     if (!job) {
2254         error_set(errp, QERR_BLOCK_JOB_NOT_ACTIVE, device);
2255         return;
2256     }
2257 
2258     trace_qmp_block_job_resume(job);
2259     block_job_resume(job);
2260 }
2261 
2262 void qmp_block_job_complete(const char *device, Error **errp)
2263 {
2264     BlockJob *job = find_block_job(device);
2265 
2266     if (!job) {
2267         error_set(errp, QERR_BLOCK_JOB_NOT_ACTIVE, device);
2268         return;
2269     }
2270 
2271     trace_qmp_block_job_complete(job);
2272     block_job_complete(job, errp);
2273 }
2274 
2275 void qmp_blockdev_add(BlockdevOptions *options, Error **errp)
2276 {
2277     QmpOutputVisitor *ov = qmp_output_visitor_new();
2278     DriveInfo *dinfo;
2279     QObject *obj;
2280     QDict *qdict;
2281     Error *local_err = NULL;
2282 
2283     /* Require an ID in the top level */
2284     if (!options->has_id) {
2285         error_setg(errp, "Block device needs an ID");
2286         goto fail;
2287     }
2288 
2289     /* TODO Sort it out in raw-posix and drive_init: Reject aio=native with
2290      * cache.direct=false instead of silently switching to aio=threads, except
2291      * if called from drive_init.
2292      *
2293      * For now, simply forbidding the combination for all drivers will do. */
2294     if (options->has_aio && options->aio == BLOCKDEV_AIO_OPTIONS_NATIVE) {
2295         bool direct = options->has_cache &&
2296                       options->cache->has_direct &&
2297                       options->cache->direct;
2298         if (!direct) {
2299             error_setg(errp, "aio=native requires cache.direct=true");
2300             goto fail;
2301         }
2302     }
2303 
2304     visit_type_BlockdevOptions(qmp_output_get_visitor(ov),
2305                                &options, NULL, &local_err);
2306     if (local_err) {
2307         error_propagate(errp, local_err);
2308         goto fail;
2309     }
2310 
2311     obj = qmp_output_get_qobject(ov);
2312     qdict = qobject_to_qdict(obj);
2313 
2314     qdict_flatten(qdict);
2315 
2316     dinfo = blockdev_init(NULL, qdict, &local_err);
2317     if (local_err) {
2318         error_propagate(errp, local_err);
2319         goto fail;
2320     }
2321 
2322     if (bdrv_key_required(dinfo->bdrv)) {
2323         drive_uninit(dinfo);
2324         error_setg(errp, "blockdev-add doesn't support encrypted devices");
2325         goto fail;
2326     }
2327 
2328 fail:
2329     qmp_output_visitor_cleanup(ov);
2330 }
2331 
2332 static void do_qmp_query_block_jobs_one(void *opaque, BlockDriverState *bs)
2333 {
2334     BlockJobInfoList **prev = opaque;
2335     BlockJob *job = bs->job;
2336 
2337     if (job) {
2338         BlockJobInfoList *elem = g_new0(BlockJobInfoList, 1);
2339         elem->value = block_job_query(bs->job);
2340         (*prev)->next = elem;
2341         *prev = elem;
2342     }
2343 }
2344 
2345 BlockJobInfoList *qmp_query_block_jobs(Error **errp)
2346 {
2347     /* Dummy is a fake list element for holding the head pointer */
2348     BlockJobInfoList dummy = {};
2349     BlockJobInfoList *prev = &dummy;
2350     bdrv_iterate(do_qmp_query_block_jobs_one, &prev);
2351     return dummy.next;
2352 }
2353 
2354 QemuOptsList qemu_common_drive_opts = {
2355     .name = "drive",
2356     .head = QTAILQ_HEAD_INITIALIZER(qemu_common_drive_opts.head),
2357     .desc = {
2358         {
2359             .name = "snapshot",
2360             .type = QEMU_OPT_BOOL,
2361             .help = "enable/disable snapshot mode",
2362         },{
2363             .name = "discard",
2364             .type = QEMU_OPT_STRING,
2365             .help = "discard operation (ignore/off, unmap/on)",
2366         },{
2367             .name = "cache.writeback",
2368             .type = QEMU_OPT_BOOL,
2369             .help = "enables writeback mode for any caches",
2370         },{
2371             .name = "cache.direct",
2372             .type = QEMU_OPT_BOOL,
2373             .help = "enables use of O_DIRECT (bypass the host page cache)",
2374         },{
2375             .name = "cache.no-flush",
2376             .type = QEMU_OPT_BOOL,
2377             .help = "ignore any flush requests for the device",
2378         },{
2379             .name = "aio",
2380             .type = QEMU_OPT_STRING,
2381             .help = "host AIO implementation (threads, native)",
2382         },{
2383             .name = "format",
2384             .type = QEMU_OPT_STRING,
2385             .help = "disk format (raw, qcow2, ...)",
2386         },{
2387             .name = "serial",
2388             .type = QEMU_OPT_STRING,
2389             .help = "disk serial number",
2390         },{
2391             .name = "rerror",
2392             .type = QEMU_OPT_STRING,
2393             .help = "read error action",
2394         },{
2395             .name = "werror",
2396             .type = QEMU_OPT_STRING,
2397             .help = "write error action",
2398         },{
2399             .name = "read-only",
2400             .type = QEMU_OPT_BOOL,
2401             .help = "open drive file as read-only",
2402         },{
2403             .name = "throttling.iops-total",
2404             .type = QEMU_OPT_NUMBER,
2405             .help = "limit total I/O operations per second",
2406         },{
2407             .name = "throttling.iops-read",
2408             .type = QEMU_OPT_NUMBER,
2409             .help = "limit read operations per second",
2410         },{
2411             .name = "throttling.iops-write",
2412             .type = QEMU_OPT_NUMBER,
2413             .help = "limit write operations per second",
2414         },{
2415             .name = "throttling.bps-total",
2416             .type = QEMU_OPT_NUMBER,
2417             .help = "limit total bytes per second",
2418         },{
2419             .name = "throttling.bps-read",
2420             .type = QEMU_OPT_NUMBER,
2421             .help = "limit read bytes per second",
2422         },{
2423             .name = "throttling.bps-write",
2424             .type = QEMU_OPT_NUMBER,
2425             .help = "limit write bytes per second",
2426         },{
2427             .name = "throttling.iops-total-max",
2428             .type = QEMU_OPT_NUMBER,
2429             .help = "I/O operations burst",
2430         },{
2431             .name = "throttling.iops-read-max",
2432             .type = QEMU_OPT_NUMBER,
2433             .help = "I/O operations read burst",
2434         },{
2435             .name = "throttling.iops-write-max",
2436             .type = QEMU_OPT_NUMBER,
2437             .help = "I/O operations write burst",
2438         },{
2439             .name = "throttling.bps-total-max",
2440             .type = QEMU_OPT_NUMBER,
2441             .help = "total bytes burst",
2442         },{
2443             .name = "throttling.bps-read-max",
2444             .type = QEMU_OPT_NUMBER,
2445             .help = "total bytes read burst",
2446         },{
2447             .name = "throttling.bps-write-max",
2448             .type = QEMU_OPT_NUMBER,
2449             .help = "total bytes write burst",
2450         },{
2451             .name = "throttling.iops-size",
2452             .type = QEMU_OPT_NUMBER,
2453             .help = "when limiting by iops max size of an I/O in bytes",
2454         },{
2455             .name = "copy-on-read",
2456             .type = QEMU_OPT_BOOL,
2457             .help = "copy read data from backing file into image file",
2458         },
2459         { /* end of list */ }
2460     },
2461 };
2462 
2463 QemuOptsList qemu_drive_opts = {
2464     .name = "drive",
2465     .head = QTAILQ_HEAD_INITIALIZER(qemu_drive_opts.head),
2466     .desc = {
2467         /*
2468          * no elements => accept any params
2469          * validation will happen later
2470          */
2471         { /* end of list */ }
2472     },
2473 };
2474