2 * QEMU System Emulator block driver
4 * Copyright (c) 2003 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
25 #include "qemu/osdep.h"
26 #include "block/trace.h"
27 #include "block/block_int.h"
28 #include "block/blockjob.h"
29 #include "block/nbd.h"
30 #include "qemu/error-report.h"
31 #include "module_block.h"
32 #include "qemu/module.h"
33 #include "qapi/error.h"
34 #include "qapi/qmp/qdict.h"
35 #include "qapi/qmp/qjson.h"
36 #include "qapi/qmp/qnull.h"
37 #include "qapi/qmp/qstring.h"
38 #include "qapi/qobject-output-visitor.h"
39 #include "qapi/qapi-visit-block-core.h"
40 #include "sysemu/block-backend.h"
41 #include "sysemu/sysemu.h"
42 #include "qemu/notify.h"
43 #include "qemu/option.h"
44 #include "qemu/coroutine.h"
45 #include "block/qapi.h"
46 #include "qemu/timer.h"
47 #include "qemu/cutils.h"
51 #include <sys/ioctl.h>
52 #include <sys/queue.h>
62 #define NOT_DONE 0x7fffffff /* used while emulated sync operation in progress */
64 static QTAILQ_HEAD(, BlockDriverState) graph_bdrv_states =
65 QTAILQ_HEAD_INITIALIZER(graph_bdrv_states);
67 static QTAILQ_HEAD(, BlockDriverState) all_bdrv_states =
68 QTAILQ_HEAD_INITIALIZER(all_bdrv_states);
70 static QLIST_HEAD(, BlockDriver) bdrv_drivers =
71 QLIST_HEAD_INITIALIZER(bdrv_drivers);
73 static BlockDriverState *bdrv_open_inherit(const char *filename,
74 const char *reference,
75 QDict *options, int flags,
76 BlockDriverState *parent,
77 const BdrvChildRole *child_role,
80 /* If non-zero, use only whitelisted block drivers */
81 static int use_bdrv_whitelist;
84 static int is_windows_drive_prefix(const char *filename)
86 return (((filename[0] >= 'a' && filename[0] <= 'z') ||
87 (filename[0] >= 'A' && filename[0] <= 'Z')) &&
91 int is_windows_drive(const char *filename)
93 if (is_windows_drive_prefix(filename) &&
96 if (strstart(filename, "\\\\.\\", NULL) ||
97 strstart(filename, "//./", NULL))
103 size_t bdrv_opt_mem_align(BlockDriverState *bs)
105 if (!bs || !bs->drv) {
106 /* page size or 4k (hdd sector size) should be on the safe side */
107 return MAX(4096, getpagesize());
110 return bs->bl.opt_mem_alignment;
113 size_t bdrv_min_mem_align(BlockDriverState *bs)
115 if (!bs || !bs->drv) {
116 /* page size or 4k (hdd sector size) should be on the safe side */
117 return MAX(4096, getpagesize());
120 return bs->bl.min_mem_alignment;
123 /* check if the path starts with "<protocol>:" */
124 int path_has_protocol(const char *path)
129 if (is_windows_drive(path) ||
130 is_windows_drive_prefix(path)) {
133 p = path + strcspn(path, ":/\\");
135 p = path + strcspn(path, ":/");
141 int path_is_absolute(const char *path)
144 /* specific case for names like: "\\.\d:" */
145 if (is_windows_drive(path) || is_windows_drive_prefix(path)) {
148 return (*path == '/' || *path == '\\');
150 return (*path == '/');
154 /* if filename is absolute, just copy it to dest. Otherwise, build a
155 path to it by considering it is relative to base_path. URL are
157 void path_combine(char *dest, int dest_size,
158 const char *base_path,
159 const char *filename)
166 if (path_is_absolute(filename)) {
167 pstrcpy(dest, dest_size, filename);
169 const char *protocol_stripped = NULL;
171 if (path_has_protocol(base_path)) {
172 protocol_stripped = strchr(base_path, ':');
173 if (protocol_stripped) {
177 p = protocol_stripped ?: base_path;
179 p1 = strrchr(base_path, '/');
183 p2 = strrchr(base_path, '\\');
195 if (len > dest_size - 1)
197 memcpy(dest, base_path, len);
199 pstrcat(dest, dest_size, filename);
204 * Helper function for bdrv_parse_filename() implementations to remove optional
205 * protocol prefixes (especially "file:") from a filename and for putting the
206 * stripped filename into the options QDict if there is such a prefix.
208 void bdrv_parse_filename_strip_prefix(const char *filename, const char *prefix,
211 if (strstart(filename, prefix, &filename)) {
212 /* Stripping the explicit protocol prefix may result in a protocol
213 * prefix being (wrongly) detected (if the filename contains a colon) */
214 if (path_has_protocol(filename)) {
215 QString *fat_filename;
217 /* This means there is some colon before the first slash; therefore,
218 * this cannot be an absolute path */
219 assert(!path_is_absolute(filename));
221 /* And we can thus fix the protocol detection issue by prefixing it
223 fat_filename = qstring_from_str("./");
224 qstring_append(fat_filename, filename);
226 assert(!path_has_protocol(qstring_get_str(fat_filename)));
228 qdict_put(options, "filename", fat_filename);
230 /* If no protocol prefix was detected, we can use the shortened
232 qdict_put_str(options, "filename", filename);
238 /* Returns whether the image file is opened as read-only. Note that this can
239 * return false and writing to the image file is still not possible because the
240 * image is inactivated. */
241 bool bdrv_is_read_only(BlockDriverState *bs)
243 return bs->read_only;
246 int bdrv_can_set_read_only(BlockDriverState *bs, bool read_only,
247 bool ignore_allow_rdw, Error **errp)
249 /* Do not set read_only if copy_on_read is enabled */
250 if (bs->copy_on_read && read_only) {
251 error_setg(errp, "Can't set node '%s' to r/o with copy-on-read enabled",
252 bdrv_get_device_or_node_name(bs));
256 /* Do not clear read_only if it is prohibited */
257 if (!read_only && !(bs->open_flags & BDRV_O_ALLOW_RDWR) &&
260 error_setg(errp, "Node '%s' is read only",
261 bdrv_get_device_or_node_name(bs));
268 /* TODO Remove (deprecated since 2.11)
269 * Block drivers are not supposed to automatically change bs->read_only.
270 * Instead, they should just check whether they can provide what the user
271 * explicitly requested and error out if read-write is requested, but they can
272 * only provide read-only access. */
273 int bdrv_set_read_only(BlockDriverState *bs, bool read_only, Error **errp)
277 ret = bdrv_can_set_read_only(bs, read_only, false, errp);
282 bs->read_only = read_only;
286 void bdrv_get_full_backing_filename_from_filename(const char *backed,
288 char *dest, size_t sz,
291 if (backing[0] == '\0' || path_has_protocol(backing) ||
292 path_is_absolute(backing))
294 pstrcpy(dest, sz, backing);
295 } else if (backed[0] == '\0' || strstart(backed, "json:", NULL)) {
296 error_setg(errp, "Cannot use relative backing file names for '%s'",
299 path_combine(dest, sz, backed, backing);
303 void bdrv_get_full_backing_filename(BlockDriverState *bs, char *dest, size_t sz,
306 char *backed = bs->exact_filename[0] ? bs->exact_filename : bs->filename;
308 bdrv_get_full_backing_filename_from_filename(backed, bs->backing_file,
312 void bdrv_register(BlockDriver *bdrv)
314 QLIST_INSERT_HEAD(&bdrv_drivers, bdrv, list);
317 BlockDriverState *bdrv_new(void)
319 BlockDriverState *bs;
322 bs = g_new0(BlockDriverState, 1);
323 QLIST_INIT(&bs->dirty_bitmaps);
324 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) {
325 QLIST_INIT(&bs->op_blockers[i]);
327 notifier_with_return_list_init(&bs->before_write_notifiers);
328 qemu_co_mutex_init(&bs->reqs_lock);
329 qemu_mutex_init(&bs->dirty_bitmap_mutex);
331 bs->aio_context = qemu_get_aio_context();
333 qemu_co_queue_init(&bs->flush_queue);
335 QTAILQ_INSERT_TAIL(&all_bdrv_states, bs, bs_list);
340 static BlockDriver *bdrv_do_find_format(const char *format_name)
344 QLIST_FOREACH(drv1, &bdrv_drivers, list) {
345 if (!strcmp(drv1->format_name, format_name)) {
353 BlockDriver *bdrv_find_format(const char *format_name)
358 drv1 = bdrv_do_find_format(format_name);
363 /* The driver isn't registered, maybe we need to load a module */
364 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); ++i) {
365 if (!strcmp(block_driver_modules[i].format_name, format_name)) {
366 block_module_load_one(block_driver_modules[i].library_name);
371 return bdrv_do_find_format(format_name);
374 int bdrv_is_whitelisted(BlockDriver *drv, bool read_only)
376 static const char *whitelist_rw[] = {
377 CONFIG_BDRV_RW_WHITELIST
379 static const char *whitelist_ro[] = {
380 CONFIG_BDRV_RO_WHITELIST
384 if (!whitelist_rw[0] && !whitelist_ro[0]) {
385 return 1; /* no whitelist, anything goes */
388 for (p = whitelist_rw; *p; p++) {
389 if (!strcmp(drv->format_name, *p)) {
394 for (p = whitelist_ro; *p; p++) {
395 if (!strcmp(drv->format_name, *p)) {
403 bool bdrv_uses_whitelist(void)
405 return use_bdrv_whitelist;
408 typedef struct CreateCo {
416 static void coroutine_fn bdrv_create_co_entry(void *opaque)
418 Error *local_err = NULL;
421 CreateCo *cco = opaque;
424 ret = cco->drv->bdrv_co_create_opts(cco->filename, cco->opts, &local_err);
425 error_propagate(&cco->err, local_err);
429 int bdrv_create(BlockDriver *drv, const char* filename,
430 QemuOpts *opts, Error **errp)
437 .filename = g_strdup(filename),
443 if (!drv->bdrv_co_create_opts) {
444 error_setg(errp, "Driver '%s' does not support image creation", drv->format_name);
449 if (qemu_in_coroutine()) {
450 /* Fast-path if already in coroutine context */
451 bdrv_create_co_entry(&cco);
453 co = qemu_coroutine_create(bdrv_create_co_entry, &cco);
454 qemu_coroutine_enter(co);
455 while (cco.ret == NOT_DONE) {
456 aio_poll(qemu_get_aio_context(), true);
463 error_propagate(errp, cco.err);
465 error_setg_errno(errp, -ret, "Could not create image");
470 g_free(cco.filename);
474 int bdrv_create_file(const char *filename, QemuOpts *opts, Error **errp)
477 Error *local_err = NULL;
480 drv = bdrv_find_protocol(filename, true, errp);
485 ret = bdrv_create(drv, filename, opts, &local_err);
486 error_propagate(errp, local_err);
491 * Try to get @bs's logical and physical block size.
492 * On success, store them in @bsz struct and return 0.
493 * On failure return -errno.
494 * @bs must not be empty.
496 int bdrv_probe_blocksizes(BlockDriverState *bs, BlockSizes *bsz)
498 BlockDriver *drv = bs->drv;
500 if (drv && drv->bdrv_probe_blocksizes) {
501 return drv->bdrv_probe_blocksizes(bs, bsz);
502 } else if (drv && drv->is_filter && bs->file) {
503 return bdrv_probe_blocksizes(bs->file->bs, bsz);
510 * Try to get @bs's geometry (cyls, heads, sectors).
511 * On success, store them in @geo struct and return 0.
512 * On failure return -errno.
513 * @bs must not be empty.
515 int bdrv_probe_geometry(BlockDriverState *bs, HDGeometry *geo)
517 BlockDriver *drv = bs->drv;
519 if (drv && drv->bdrv_probe_geometry) {
520 return drv->bdrv_probe_geometry(bs, geo);
521 } else if (drv && drv->is_filter && bs->file) {
522 return bdrv_probe_geometry(bs->file->bs, geo);
529 * Create a uniquely-named empty temporary file.
530 * Return 0 upon success, otherwise a negative errno value.
532 int get_tmp_filename(char *filename, int size)
535 char temp_dir[MAX_PATH];
536 /* GetTempFileName requires that its output buffer (4th param)
537 have length MAX_PATH or greater. */
538 assert(size >= MAX_PATH);
539 return (GetTempPath(MAX_PATH, temp_dir)
540 && GetTempFileName(temp_dir, "qem", 0, filename)
541 ? 0 : -GetLastError());
545 tmpdir = getenv("TMPDIR");
549 if (snprintf(filename, size, "%s/vl.XXXXXX", tmpdir) >= size) {
552 fd = mkstemp(filename);
556 if (close(fd) != 0) {
565 * Detect host devices. By convention, /dev/cdrom[N] is always
566 * recognized as a host CDROM.
568 static BlockDriver *find_hdev_driver(const char *filename)
570 int score_max = 0, score;
571 BlockDriver *drv = NULL, *d;
573 QLIST_FOREACH(d, &bdrv_drivers, list) {
574 if (d->bdrv_probe_device) {
575 score = d->bdrv_probe_device(filename);
576 if (score > score_max) {
586 static BlockDriver *bdrv_do_find_protocol(const char *protocol)
590 QLIST_FOREACH(drv1, &bdrv_drivers, list) {
591 if (drv1->protocol_name && !strcmp(drv1->protocol_name, protocol)) {
599 BlockDriver *bdrv_find_protocol(const char *filename,
600 bool allow_protocol_prefix,
609 /* TODO Drivers without bdrv_file_open must be specified explicitly */
612 * XXX(hch): we really should not let host device detection
613 * override an explicit protocol specification, but moving this
614 * later breaks access to device names with colons in them.
615 * Thanks to the brain-dead persistent naming schemes on udev-
616 * based Linux systems those actually are quite common.
618 drv1 = find_hdev_driver(filename);
623 if (!path_has_protocol(filename) || !allow_protocol_prefix) {
627 p = strchr(filename, ':');
630 if (len > sizeof(protocol) - 1)
631 len = sizeof(protocol) - 1;
632 memcpy(protocol, filename, len);
633 protocol[len] = '\0';
635 drv1 = bdrv_do_find_protocol(protocol);
640 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); ++i) {
641 if (block_driver_modules[i].protocol_name &&
642 !strcmp(block_driver_modules[i].protocol_name, protocol)) {
643 block_module_load_one(block_driver_modules[i].library_name);
648 drv1 = bdrv_do_find_protocol(protocol);
650 error_setg(errp, "Unknown protocol '%s'", protocol);
656 * Guess image format by probing its contents.
657 * This is not a good idea when your image is raw (CVE-2008-2004), but
658 * we do it anyway for backward compatibility.
660 * @buf contains the image's first @buf_size bytes.
661 * @buf_size is the buffer size in bytes (generally BLOCK_PROBE_BUF_SIZE,
662 * but can be smaller if the image file is smaller)
663 * @filename is its filename.
665 * For all block drivers, call the bdrv_probe() method to get its
667 * Return the first block driver with the highest probing score.
669 BlockDriver *bdrv_probe_all(const uint8_t *buf, int buf_size,
670 const char *filename)
672 int score_max = 0, score;
673 BlockDriver *drv = NULL, *d;
675 QLIST_FOREACH(d, &bdrv_drivers, list) {
677 score = d->bdrv_probe(buf, buf_size, filename);
678 if (score > score_max) {
688 static int find_image_format(BlockBackend *file, const char *filename,
689 BlockDriver **pdrv, Error **errp)
692 uint8_t buf[BLOCK_PROBE_BUF_SIZE];
695 /* Return the raw BlockDriver * to scsi-generic devices or empty drives */
696 if (blk_is_sg(file) || !blk_is_inserted(file) || blk_getlength(file) == 0) {
701 ret = blk_pread(file, 0, buf, sizeof(buf));
703 error_setg_errno(errp, -ret, "Could not read image for determining its "
709 drv = bdrv_probe_all(buf, ret, filename);
711 error_setg(errp, "Could not determine image format: No compatible "
720 * Set the current 'total_sectors' value
721 * Return 0 on success, -errno on error.
723 static int refresh_total_sectors(BlockDriverState *bs, int64_t hint)
725 BlockDriver *drv = bs->drv;
731 /* Do not attempt drv->bdrv_getlength() on scsi-generic devices */
735 /* query actual device if possible, otherwise just trust the hint */
736 if (drv->bdrv_getlength) {
737 int64_t length = drv->bdrv_getlength(bs);
741 hint = DIV_ROUND_UP(length, BDRV_SECTOR_SIZE);
744 bs->total_sectors = hint;
749 * Combines a QDict of new block driver @options with any missing options taken
750 * from @old_options, so that leaving out an option defaults to its old value.
752 static void bdrv_join_options(BlockDriverState *bs, QDict *options,
755 if (bs->drv && bs->drv->bdrv_join_options) {
756 bs->drv->bdrv_join_options(options, old_options);
758 qdict_join(options, old_options, false);
763 * Set open flags for a given discard mode
765 * Return 0 on success, -1 if the discard mode was invalid.
767 int bdrv_parse_discard_flags(const char *mode, int *flags)
769 *flags &= ~BDRV_O_UNMAP;
771 if (!strcmp(mode, "off") || !strcmp(mode, "ignore")) {
773 } else if (!strcmp(mode, "on") || !strcmp(mode, "unmap")) {
774 *flags |= BDRV_O_UNMAP;
783 * Set open flags for a given cache mode
785 * Return 0 on success, -1 if the cache mode was invalid.
787 int bdrv_parse_cache_mode(const char *mode, int *flags, bool *writethrough)
789 *flags &= ~BDRV_O_CACHE_MASK;
791 if (!strcmp(mode, "off") || !strcmp(mode, "none")) {
792 *writethrough = false;
793 *flags |= BDRV_O_NOCACHE;
794 } else if (!strcmp(mode, "directsync")) {
795 *writethrough = true;
796 *flags |= BDRV_O_NOCACHE;
797 } else if (!strcmp(mode, "writeback")) {
798 *writethrough = false;
799 } else if (!strcmp(mode, "unsafe")) {
800 *writethrough = false;
801 *flags |= BDRV_O_NO_FLUSH;
802 } else if (!strcmp(mode, "writethrough")) {
803 *writethrough = true;
811 static char *bdrv_child_get_parent_desc(BdrvChild *c)
813 BlockDriverState *parent = c->opaque;
814 return g_strdup(bdrv_get_device_or_node_name(parent));
817 static void bdrv_child_cb_drained_begin(BdrvChild *child)
819 BlockDriverState *bs = child->opaque;
820 bdrv_drained_begin(bs);
823 static void bdrv_child_cb_drained_end(BdrvChild *child)
825 BlockDriverState *bs = child->opaque;
826 bdrv_drained_end(bs);
829 static void bdrv_child_cb_attach(BdrvChild *child)
831 BlockDriverState *bs = child->opaque;
832 bdrv_apply_subtree_drain(child, bs);
835 static void bdrv_child_cb_detach(BdrvChild *child)
837 BlockDriverState *bs = child->opaque;
838 bdrv_unapply_subtree_drain(child, bs);
841 static int bdrv_child_cb_inactivate(BdrvChild *child)
843 BlockDriverState *bs = child->opaque;
844 assert(bs->open_flags & BDRV_O_INACTIVE);
849 * Returns the options and flags that a temporary snapshot should get, based on
850 * the originally requested flags (the originally requested image will have
851 * flags like a backing file)
853 static void bdrv_temp_snapshot_options(int *child_flags, QDict *child_options,
854 int parent_flags, QDict *parent_options)
856 *child_flags = (parent_flags & ~BDRV_O_SNAPSHOT) | BDRV_O_TEMPORARY;
858 /* For temporary files, unconditional cache=unsafe is fine */
859 qdict_set_default_str(child_options, BDRV_OPT_CACHE_DIRECT, "off");
860 qdict_set_default_str(child_options, BDRV_OPT_CACHE_NO_FLUSH, "on");
862 /* Copy the read-only option from the parent */
863 qdict_copy_default(child_options, parent_options, BDRV_OPT_READ_ONLY);
865 /* aio=native doesn't work for cache.direct=off, so disable it for the
866 * temporary snapshot */
867 *child_flags &= ~BDRV_O_NATIVE_AIO;
871 * Returns the options and flags that bs->file should get if a protocol driver
872 * is expected, based on the given options and flags for the parent BDS
874 static void bdrv_inherited_options(int *child_flags, QDict *child_options,
875 int parent_flags, QDict *parent_options)
877 int flags = parent_flags;
879 /* Enable protocol handling, disable format probing for bs->file */
880 flags |= BDRV_O_PROTOCOL;
882 /* If the cache mode isn't explicitly set, inherit direct and no-flush from
884 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_DIRECT);
885 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_NO_FLUSH);
886 qdict_copy_default(child_options, parent_options, BDRV_OPT_FORCE_SHARE);
888 /* Inherit the read-only option from the parent if it's not set */
889 qdict_copy_default(child_options, parent_options, BDRV_OPT_READ_ONLY);
891 /* Our block drivers take care to send flushes and respect unmap policy,
892 * so we can default to enable both on lower layers regardless of the
893 * corresponding parent options. */
894 qdict_set_default_str(child_options, BDRV_OPT_DISCARD, "unmap");
896 /* Clear flags that only apply to the top layer */
897 flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING | BDRV_O_COPY_ON_READ |
900 *child_flags = flags;
903 const BdrvChildRole child_file = {
904 .get_parent_desc = bdrv_child_get_parent_desc,
905 .inherit_options = bdrv_inherited_options,
906 .drained_begin = bdrv_child_cb_drained_begin,
907 .drained_end = bdrv_child_cb_drained_end,
908 .attach = bdrv_child_cb_attach,
909 .detach = bdrv_child_cb_detach,
910 .inactivate = bdrv_child_cb_inactivate,
914 * Returns the options and flags that bs->file should get if the use of formats
915 * (and not only protocols) is permitted for it, based on the given options and
916 * flags for the parent BDS
918 static void bdrv_inherited_fmt_options(int *child_flags, QDict *child_options,
919 int parent_flags, QDict *parent_options)
921 child_file.inherit_options(child_flags, child_options,
922 parent_flags, parent_options);
924 *child_flags &= ~(BDRV_O_PROTOCOL | BDRV_O_NO_IO);
927 const BdrvChildRole child_format = {
928 .get_parent_desc = bdrv_child_get_parent_desc,
929 .inherit_options = bdrv_inherited_fmt_options,
930 .drained_begin = bdrv_child_cb_drained_begin,
931 .drained_end = bdrv_child_cb_drained_end,
932 .attach = bdrv_child_cb_attach,
933 .detach = bdrv_child_cb_detach,
934 .inactivate = bdrv_child_cb_inactivate,
937 static void bdrv_backing_attach(BdrvChild *c)
939 BlockDriverState *parent = c->opaque;
940 BlockDriverState *backing_hd = c->bs;
942 assert(!parent->backing_blocker);
943 error_setg(&parent->backing_blocker,
944 "node is used as backing hd of '%s'",
945 bdrv_get_device_or_node_name(parent));
947 parent->open_flags &= ~BDRV_O_NO_BACKING;
948 pstrcpy(parent->backing_file, sizeof(parent->backing_file),
949 backing_hd->filename);
950 pstrcpy(parent->backing_format, sizeof(parent->backing_format),
951 backing_hd->drv ? backing_hd->drv->format_name : "");
953 bdrv_op_block_all(backing_hd, parent->backing_blocker);
954 /* Otherwise we won't be able to commit or stream */
955 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_COMMIT_TARGET,
956 parent->backing_blocker);
957 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_STREAM,
958 parent->backing_blocker);
960 * We do backup in 3 ways:
962 * The target bs is new opened, and the source is top BDS
964 * Both the source and the target are top BDSes.
965 * 3. internal backup(used for block replication)
966 * Both the source and the target are backing file
968 * In case 1 and 2, neither the source nor the target is the backing file.
969 * In case 3, we will block the top BDS, so there is only one block job
970 * for the top BDS and its backing chain.
972 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_SOURCE,
973 parent->backing_blocker);
974 bdrv_op_unblock(backing_hd, BLOCK_OP_TYPE_BACKUP_TARGET,
975 parent->backing_blocker);
977 bdrv_child_cb_attach(c);
980 static void bdrv_backing_detach(BdrvChild *c)
982 BlockDriverState *parent = c->opaque;
984 assert(parent->backing_blocker);
985 bdrv_op_unblock_all(c->bs, parent->backing_blocker);
986 error_free(parent->backing_blocker);
987 parent->backing_blocker = NULL;
989 bdrv_child_cb_detach(c);
993 * Returns the options and flags that bs->backing should get, based on the
994 * given options and flags for the parent BDS
996 static void bdrv_backing_options(int *child_flags, QDict *child_options,
997 int parent_flags, QDict *parent_options)
999 int flags = parent_flags;
1001 /* The cache mode is inherited unmodified for backing files; except WCE,
1002 * which is only applied on the top level (BlockBackend) */
1003 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_DIRECT);
1004 qdict_copy_default(child_options, parent_options, BDRV_OPT_CACHE_NO_FLUSH);
1005 qdict_copy_default(child_options, parent_options, BDRV_OPT_FORCE_SHARE);
1007 /* backing files always opened read-only */
1008 qdict_set_default_str(child_options, BDRV_OPT_READ_ONLY, "on");
1009 flags &= ~BDRV_O_COPY_ON_READ;
1011 /* snapshot=on is handled on the top layer */
1012 flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_TEMPORARY);
1014 *child_flags = flags;
1017 static int bdrv_backing_update_filename(BdrvChild *c, BlockDriverState *base,
1018 const char *filename, Error **errp)
1020 BlockDriverState *parent = c->opaque;
1021 int orig_flags = bdrv_get_flags(parent);
1024 if (!(orig_flags & BDRV_O_RDWR)) {
1025 ret = bdrv_reopen(parent, orig_flags | BDRV_O_RDWR, errp);
1031 ret = bdrv_change_backing_file(parent, filename,
1032 base->drv ? base->drv->format_name : "");
1034 error_setg_errno(errp, -ret, "Could not update backing file link");
1037 if (!(orig_flags & BDRV_O_RDWR)) {
1038 bdrv_reopen(parent, orig_flags, NULL);
1044 const BdrvChildRole child_backing = {
1045 .get_parent_desc = bdrv_child_get_parent_desc,
1046 .attach = bdrv_backing_attach,
1047 .detach = bdrv_backing_detach,
1048 .inherit_options = bdrv_backing_options,
1049 .drained_begin = bdrv_child_cb_drained_begin,
1050 .drained_end = bdrv_child_cb_drained_end,
1051 .inactivate = bdrv_child_cb_inactivate,
1052 .update_filename = bdrv_backing_update_filename,
1055 static int bdrv_open_flags(BlockDriverState *bs, int flags)
1057 int open_flags = flags;
1060 * Clear flags that are internal to the block layer before opening the
1063 open_flags &= ~(BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING | BDRV_O_PROTOCOL);
1066 * Snapshots should be writable.
1068 if (flags & BDRV_O_TEMPORARY) {
1069 open_flags |= BDRV_O_RDWR;
1075 static void update_flags_from_options(int *flags, QemuOpts *opts)
1077 *flags &= ~BDRV_O_CACHE_MASK;
1079 assert(qemu_opt_find(opts, BDRV_OPT_CACHE_NO_FLUSH));
1080 if (qemu_opt_get_bool(opts, BDRV_OPT_CACHE_NO_FLUSH, false)) {
1081 *flags |= BDRV_O_NO_FLUSH;
1084 assert(qemu_opt_find(opts, BDRV_OPT_CACHE_DIRECT));
1085 if (qemu_opt_get_bool(opts, BDRV_OPT_CACHE_DIRECT, false)) {
1086 *flags |= BDRV_O_NOCACHE;
1089 *flags &= ~BDRV_O_RDWR;
1091 assert(qemu_opt_find(opts, BDRV_OPT_READ_ONLY));
1092 if (!qemu_opt_get_bool(opts, BDRV_OPT_READ_ONLY, false)) {
1093 *flags |= BDRV_O_RDWR;
1098 static void update_options_from_flags(QDict *options, int flags)
1100 if (!qdict_haskey(options, BDRV_OPT_CACHE_DIRECT)) {
1101 qdict_put_bool(options, BDRV_OPT_CACHE_DIRECT, flags & BDRV_O_NOCACHE);
1103 if (!qdict_haskey(options, BDRV_OPT_CACHE_NO_FLUSH)) {
1104 qdict_put_bool(options, BDRV_OPT_CACHE_NO_FLUSH,
1105 flags & BDRV_O_NO_FLUSH);
1107 if (!qdict_haskey(options, BDRV_OPT_READ_ONLY)) {
1108 qdict_put_bool(options, BDRV_OPT_READ_ONLY, !(flags & BDRV_O_RDWR));
1112 static void bdrv_assign_node_name(BlockDriverState *bs,
1113 const char *node_name,
1116 char *gen_node_name = NULL;
1119 node_name = gen_node_name = id_generate(ID_BLOCK);
1120 } else if (!id_wellformed(node_name)) {
1122 * Check for empty string or invalid characters, but not if it is
1123 * generated (generated names use characters not available to the user)
1125 error_setg(errp, "Invalid node name");
1129 /* takes care of avoiding namespaces collisions */
1130 if (blk_by_name(node_name)) {
1131 error_setg(errp, "node-name=%s is conflicting with a device id",
1136 /* takes care of avoiding duplicates node names */
1137 if (bdrv_find_node(node_name)) {
1138 error_setg(errp, "Duplicate node name");
1142 /* copy node name into the bs and insert it into the graph list */
1143 pstrcpy(bs->node_name, sizeof(bs->node_name), node_name);
1144 QTAILQ_INSERT_TAIL(&graph_bdrv_states, bs, node_list);
1146 g_free(gen_node_name);
1149 static int bdrv_open_driver(BlockDriverState *bs, BlockDriver *drv,
1150 const char *node_name, QDict *options,
1151 int open_flags, Error **errp)
1153 Error *local_err = NULL;
1156 bdrv_assign_node_name(bs, node_name, &local_err);
1158 error_propagate(errp, local_err);
1163 bs->read_only = !(bs->open_flags & BDRV_O_RDWR);
1164 bs->opaque = g_malloc0(drv->instance_size);
1166 if (drv->bdrv_file_open) {
1167 assert(!drv->bdrv_needs_filename || bs->filename[0]);
1168 ret = drv->bdrv_file_open(bs, options, open_flags, &local_err);
1169 } else if (drv->bdrv_open) {
1170 ret = drv->bdrv_open(bs, options, open_flags, &local_err);
1177 error_propagate(errp, local_err);
1178 } else if (bs->filename[0]) {
1179 error_setg_errno(errp, -ret, "Could not open '%s'", bs->filename);
1181 error_setg_errno(errp, -ret, "Could not open image");
1186 ret = refresh_total_sectors(bs, bs->total_sectors);
1188 error_setg_errno(errp, -ret, "Could not refresh total sector count");
1192 bdrv_refresh_limits(bs, &local_err);
1194 error_propagate(errp, local_err);
1198 assert(bdrv_opt_mem_align(bs) != 0);
1199 assert(bdrv_min_mem_align(bs) != 0);
1200 assert(is_power_of_2(bs->bl.request_alignment));
1205 if (bs->file != NULL) {
1206 bdrv_unref_child(bs, bs->file);
1214 BlockDriverState *bdrv_new_open_driver(BlockDriver *drv, const char *node_name,
1215 int flags, Error **errp)
1217 BlockDriverState *bs;
1221 bs->open_flags = flags;
1222 bs->explicit_options = qdict_new();
1223 bs->options = qdict_new();
1226 update_options_from_flags(bs->options, flags);
1228 ret = bdrv_open_driver(bs, drv, node_name, bs->options, flags, errp);
1230 qobject_unref(bs->explicit_options);
1231 bs->explicit_options = NULL;
1232 qobject_unref(bs->options);
1241 QemuOptsList bdrv_runtime_opts = {
1242 .name = "bdrv_common",
1243 .head = QTAILQ_HEAD_INITIALIZER(bdrv_runtime_opts.head),
1246 .name = "node-name",
1247 .type = QEMU_OPT_STRING,
1248 .help = "Node name of the block device node",
1252 .type = QEMU_OPT_STRING,
1253 .help = "Block driver to use for the node",
1256 .name = BDRV_OPT_CACHE_DIRECT,
1257 .type = QEMU_OPT_BOOL,
1258 .help = "Bypass software writeback cache on the host",
1261 .name = BDRV_OPT_CACHE_NO_FLUSH,
1262 .type = QEMU_OPT_BOOL,
1263 .help = "Ignore flush requests",
1266 .name = BDRV_OPT_READ_ONLY,
1267 .type = QEMU_OPT_BOOL,
1268 .help = "Node is opened in read-only mode",
1271 .name = "detect-zeroes",
1272 .type = QEMU_OPT_STRING,
1273 .help = "try to optimize zero writes (off, on, unmap)",
1277 .type = QEMU_OPT_STRING,
1278 .help = "discard operation (ignore/off, unmap/on)",
1281 .name = BDRV_OPT_FORCE_SHARE,
1282 .type = QEMU_OPT_BOOL,
1283 .help = "always accept other writers (default: off)",
1285 { /* end of list */ }
1290 * Common part for opening disk images and files
1292 * Removes all processed options from *options.
1294 static int bdrv_open_common(BlockDriverState *bs, BlockBackend *file,
1295 QDict *options, Error **errp)
1297 int ret, open_flags;
1298 const char *filename;
1299 const char *driver_name = NULL;
1300 const char *node_name = NULL;
1301 const char *discard;
1302 const char *detect_zeroes;
1305 Error *local_err = NULL;
1307 assert(bs->file == NULL);
1308 assert(options != NULL && bs->options != options);
1310 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort);
1311 qemu_opts_absorb_qdict(opts, options, &local_err);
1313 error_propagate(errp, local_err);
1318 update_flags_from_options(&bs->open_flags, opts);
1320 driver_name = qemu_opt_get(opts, "driver");
1321 drv = bdrv_find_format(driver_name);
1322 assert(drv != NULL);
1324 bs->force_share = qemu_opt_get_bool(opts, BDRV_OPT_FORCE_SHARE, false);
1326 if (bs->force_share && (bs->open_flags & BDRV_O_RDWR)) {
1328 BDRV_OPT_FORCE_SHARE
1329 "=on can only be used with read-only images");
1335 filename = blk_bs(file)->filename;
1338 * Caution: while qdict_get_try_str() is fine, getting
1339 * non-string types would require more care. When @options
1340 * come from -blockdev or blockdev_add, its members are typed
1341 * according to the QAPI schema, but when they come from
1342 * -drive, they're all QString.
1344 filename = qdict_get_try_str(options, "filename");
1347 if (drv->bdrv_needs_filename && (!filename || !filename[0])) {
1348 error_setg(errp, "The '%s' block driver requires a file name",
1354 trace_bdrv_open_common(bs, filename ?: "", bs->open_flags,
1357 bs->read_only = !(bs->open_flags & BDRV_O_RDWR);
1359 if (use_bdrv_whitelist && !bdrv_is_whitelisted(drv, bs->read_only)) {
1361 !bs->read_only && bdrv_is_whitelisted(drv, true)
1362 ? "Driver '%s' can only be used for read-only devices"
1363 : "Driver '%s' is not whitelisted",
1369 /* bdrv_new() and bdrv_close() make it so */
1370 assert(atomic_read(&bs->copy_on_read) == 0);
1372 if (bs->open_flags & BDRV_O_COPY_ON_READ) {
1373 if (!bs->read_only) {
1374 bdrv_enable_copy_on_read(bs);
1376 error_setg(errp, "Can't use copy-on-read on read-only device");
1382 discard = qemu_opt_get(opts, "discard");
1383 if (discard != NULL) {
1384 if (bdrv_parse_discard_flags(discard, &bs->open_flags) != 0) {
1385 error_setg(errp, "Invalid discard option");
1391 detect_zeroes = qemu_opt_get(opts, "detect-zeroes");
1392 if (detect_zeroes) {
1393 BlockdevDetectZeroesOptions value =
1394 qapi_enum_parse(&BlockdevDetectZeroesOptions_lookup,
1396 BLOCKDEV_DETECT_ZEROES_OPTIONS_OFF,
1399 error_propagate(errp, local_err);
1404 if (value == BLOCKDEV_DETECT_ZEROES_OPTIONS_UNMAP &&
1405 !(bs->open_flags & BDRV_O_UNMAP))
1407 error_setg(errp, "setting detect-zeroes to unmap is not allowed "
1408 "without setting discard operation to unmap");
1413 bs->detect_zeroes = value;
1416 if (filename != NULL) {
1417 pstrcpy(bs->filename, sizeof(bs->filename), filename);
1419 bs->filename[0] = '\0';
1421 pstrcpy(bs->exact_filename, sizeof(bs->exact_filename), bs->filename);
1423 /* Open the image, either directly or using a protocol */
1424 open_flags = bdrv_open_flags(bs, bs->open_flags);
1425 node_name = qemu_opt_get(opts, "node-name");
1427 assert(!drv->bdrv_file_open || file == NULL);
1428 ret = bdrv_open_driver(bs, drv, node_name, options, open_flags, errp);
1433 qemu_opts_del(opts);
1437 qemu_opts_del(opts);
1441 static QDict *parse_json_filename(const char *filename, Error **errp)
1443 QObject *options_obj;
1447 ret = strstart(filename, "json:", &filename);
1450 options_obj = qobject_from_json(filename, errp);
1452 /* Work around qobject_from_json() lossage TODO fix that */
1453 if (errp && !*errp) {
1454 error_setg(errp, "Could not parse the JSON options");
1457 error_prepend(errp, "Could not parse the JSON options: ");
1461 options = qobject_to(QDict, options_obj);
1463 qobject_unref(options_obj);
1464 error_setg(errp, "Invalid JSON object given");
1468 qdict_flatten(options);
1473 static void parse_json_protocol(QDict *options, const char **pfilename,
1476 QDict *json_options;
1477 Error *local_err = NULL;
1479 /* Parse json: pseudo-protocol */
1480 if (!*pfilename || !g_str_has_prefix(*pfilename, "json:")) {
1484 json_options = parse_json_filename(*pfilename, &local_err);
1486 error_propagate(errp, local_err);
1490 /* Options given in the filename have lower priority than options
1491 * specified directly */
1492 qdict_join(options, json_options, false);
1493 qobject_unref(json_options);
1498 * Fills in default options for opening images and converts the legacy
1499 * filename/flags pair to option QDict entries.
1500 * The BDRV_O_PROTOCOL flag in *flags will be set or cleared accordingly if a
1501 * block driver has been specified explicitly.
1503 static int bdrv_fill_options(QDict **options, const char *filename,
1504 int *flags, Error **errp)
1506 const char *drvname;
1507 bool protocol = *flags & BDRV_O_PROTOCOL;
1508 bool parse_filename = false;
1509 BlockDriver *drv = NULL;
1510 Error *local_err = NULL;
1513 * Caution: while qdict_get_try_str() is fine, getting non-string
1514 * types would require more care. When @options come from
1515 * -blockdev or blockdev_add, its members are typed according to
1516 * the QAPI schema, but when they come from -drive, they're all
1519 drvname = qdict_get_try_str(*options, "driver");
1521 drv = bdrv_find_format(drvname);
1523 error_setg(errp, "Unknown driver '%s'", drvname);
1526 /* If the user has explicitly specified the driver, this choice should
1527 * override the BDRV_O_PROTOCOL flag */
1528 protocol = drv->bdrv_file_open;
1532 *flags |= BDRV_O_PROTOCOL;
1534 *flags &= ~BDRV_O_PROTOCOL;
1537 /* Translate cache options from flags into options */
1538 update_options_from_flags(*options, *flags);
1540 /* Fetch the file name from the options QDict if necessary */
1541 if (protocol && filename) {
1542 if (!qdict_haskey(*options, "filename")) {
1543 qdict_put_str(*options, "filename", filename);
1544 parse_filename = true;
1546 error_setg(errp, "Can't specify 'file' and 'filename' options at "
1552 /* Find the right block driver */
1553 /* See cautionary note on accessing @options above */
1554 filename = qdict_get_try_str(*options, "filename");
1556 if (!drvname && protocol) {
1558 drv = bdrv_find_protocol(filename, parse_filename, errp);
1563 drvname = drv->format_name;
1564 qdict_put_str(*options, "driver", drvname);
1566 error_setg(errp, "Must specify either driver or file");
1571 assert(drv || !protocol);
1573 /* Driver-specific filename parsing */
1574 if (drv && drv->bdrv_parse_filename && parse_filename) {
1575 drv->bdrv_parse_filename(filename, *options, &local_err);
1577 error_propagate(errp, local_err);
1581 if (!drv->bdrv_needs_filename) {
1582 qdict_del(*options, "filename");
1589 static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q,
1590 uint64_t perm, uint64_t shared,
1591 GSList *ignore_children, Error **errp);
1592 static void bdrv_child_abort_perm_update(BdrvChild *c);
1593 static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared);
1595 typedef struct BlockReopenQueueEntry {
1597 BDRVReopenState state;
1598 QSIMPLEQ_ENTRY(BlockReopenQueueEntry) entry;
1599 } BlockReopenQueueEntry;
1602 * Return the flags that @bs will have after the reopens in @q have
1603 * successfully completed. If @q is NULL (or @bs is not contained in @q),
1604 * return the current flags.
1606 static int bdrv_reopen_get_flags(BlockReopenQueue *q, BlockDriverState *bs)
1608 BlockReopenQueueEntry *entry;
1611 QSIMPLEQ_FOREACH(entry, q, entry) {
1612 if (entry->state.bs == bs) {
1613 return entry->state.flags;
1618 return bs->open_flags;
1621 /* Returns whether the image file can be written to after the reopen queue @q
1622 * has been successfully applied, or right now if @q is NULL. */
1623 static bool bdrv_is_writable_after_reopen(BlockDriverState *bs,
1624 BlockReopenQueue *q)
1626 int flags = bdrv_reopen_get_flags(q, bs);
1628 return (flags & (BDRV_O_RDWR | BDRV_O_INACTIVE)) == BDRV_O_RDWR;
1632 * Return whether the BDS can be written to. This is not necessarily
1633 * the same as !bdrv_is_read_only(bs), as inactivated images may not
1634 * be written to but do not count as read-only images.
1636 bool bdrv_is_writable(BlockDriverState *bs)
1638 return bdrv_is_writable_after_reopen(bs, NULL);
1641 static void bdrv_child_perm(BlockDriverState *bs, BlockDriverState *child_bs,
1642 BdrvChild *c, const BdrvChildRole *role,
1643 BlockReopenQueue *reopen_queue,
1644 uint64_t parent_perm, uint64_t parent_shared,
1645 uint64_t *nperm, uint64_t *nshared)
1647 if (bs->drv && bs->drv->bdrv_child_perm) {
1648 bs->drv->bdrv_child_perm(bs, c, role, reopen_queue,
1649 parent_perm, parent_shared,
1652 /* TODO Take force_share from reopen_queue */
1653 if (child_bs && child_bs->force_share) {
1654 *nshared = BLK_PERM_ALL;
1659 * Check whether permissions on this node can be changed in a way that
1660 * @cumulative_perms and @cumulative_shared_perms are the new cumulative
1661 * permissions of all its parents. This involves checking whether all necessary
1662 * permission changes to child nodes can be performed.
1664 * A call to this function must always be followed by a call to bdrv_set_perm()
1665 * or bdrv_abort_perm_update().
1667 static int bdrv_check_perm(BlockDriverState *bs, BlockReopenQueue *q,
1668 uint64_t cumulative_perms,
1669 uint64_t cumulative_shared_perms,
1670 GSList *ignore_children, Error **errp)
1672 BlockDriver *drv = bs->drv;
1676 /* Write permissions never work with read-only images */
1677 if ((cumulative_perms & (BLK_PERM_WRITE | BLK_PERM_WRITE_UNCHANGED)) &&
1678 !bdrv_is_writable_after_reopen(bs, q))
1680 error_setg(errp, "Block node is read-only");
1684 /* Check this node */
1689 if (drv->bdrv_check_perm) {
1690 return drv->bdrv_check_perm(bs, cumulative_perms,
1691 cumulative_shared_perms, errp);
1694 /* Drivers that never have children can omit .bdrv_child_perm() */
1695 if (!drv->bdrv_child_perm) {
1696 assert(QLIST_EMPTY(&bs->children));
1700 /* Check all children */
1701 QLIST_FOREACH(c, &bs->children, next) {
1702 uint64_t cur_perm, cur_shared;
1703 bdrv_child_perm(bs, c->bs, c, c->role, q,
1704 cumulative_perms, cumulative_shared_perms,
1705 &cur_perm, &cur_shared);
1706 ret = bdrv_child_check_perm(c, q, cur_perm, cur_shared,
1707 ignore_children, errp);
1717 * Notifies drivers that after a previous bdrv_check_perm() call, the
1718 * permission update is not performed and any preparations made for it (e.g.
1719 * taken file locks) need to be undone.
1721 * This function recursively notifies all child nodes.
1723 static void bdrv_abort_perm_update(BlockDriverState *bs)
1725 BlockDriver *drv = bs->drv;
1732 if (drv->bdrv_abort_perm_update) {
1733 drv->bdrv_abort_perm_update(bs);
1736 QLIST_FOREACH(c, &bs->children, next) {
1737 bdrv_child_abort_perm_update(c);
1741 static void bdrv_set_perm(BlockDriverState *bs, uint64_t cumulative_perms,
1742 uint64_t cumulative_shared_perms)
1744 BlockDriver *drv = bs->drv;
1751 /* Update this node */
1752 if (drv->bdrv_set_perm) {
1753 drv->bdrv_set_perm(bs, cumulative_perms, cumulative_shared_perms);
1756 /* Drivers that never have children can omit .bdrv_child_perm() */
1757 if (!drv->bdrv_child_perm) {
1758 assert(QLIST_EMPTY(&bs->children));
1762 /* Update all children */
1763 QLIST_FOREACH(c, &bs->children, next) {
1764 uint64_t cur_perm, cur_shared;
1765 bdrv_child_perm(bs, c->bs, c, c->role, NULL,
1766 cumulative_perms, cumulative_shared_perms,
1767 &cur_perm, &cur_shared);
1768 bdrv_child_set_perm(c, cur_perm, cur_shared);
1772 static void bdrv_get_cumulative_perm(BlockDriverState *bs, uint64_t *perm,
1773 uint64_t *shared_perm)
1776 uint64_t cumulative_perms = 0;
1777 uint64_t cumulative_shared_perms = BLK_PERM_ALL;
1779 QLIST_FOREACH(c, &bs->parents, next_parent) {
1780 cumulative_perms |= c->perm;
1781 cumulative_shared_perms &= c->shared_perm;
1784 *perm = cumulative_perms;
1785 *shared_perm = cumulative_shared_perms;
1788 static char *bdrv_child_user_desc(BdrvChild *c)
1790 if (c->role->get_parent_desc) {
1791 return c->role->get_parent_desc(c);
1794 return g_strdup("another user");
1797 char *bdrv_perm_names(uint64_t perm)
1803 { BLK_PERM_CONSISTENT_READ, "consistent read" },
1804 { BLK_PERM_WRITE, "write" },
1805 { BLK_PERM_WRITE_UNCHANGED, "write unchanged" },
1806 { BLK_PERM_RESIZE, "resize" },
1807 { BLK_PERM_GRAPH_MOD, "change children" },
1811 char *result = g_strdup("");
1812 struct perm_name *p;
1814 for (p = permissions; p->name; p++) {
1815 if (perm & p->perm) {
1817 result = g_strdup_printf("%s%s%s", old, *old ? ", " : "", p->name);
1826 * Checks whether a new reference to @bs can be added if the new user requires
1827 * @new_used_perm/@new_shared_perm as its permissions. If @ignore_children is
1828 * set, the BdrvChild objects in this list are ignored in the calculations;
1829 * this allows checking permission updates for an existing reference.
1831 * Needs to be followed by a call to either bdrv_set_perm() or
1832 * bdrv_abort_perm_update(). */
1833 static int bdrv_check_update_perm(BlockDriverState *bs, BlockReopenQueue *q,
1834 uint64_t new_used_perm,
1835 uint64_t new_shared_perm,
1836 GSList *ignore_children, Error **errp)
1839 uint64_t cumulative_perms = new_used_perm;
1840 uint64_t cumulative_shared_perms = new_shared_perm;
1842 /* There is no reason why anyone couldn't tolerate write_unchanged */
1843 assert(new_shared_perm & BLK_PERM_WRITE_UNCHANGED);
1845 QLIST_FOREACH(c, &bs->parents, next_parent) {
1846 if (g_slist_find(ignore_children, c)) {
1850 if ((new_used_perm & c->shared_perm) != new_used_perm) {
1851 char *user = bdrv_child_user_desc(c);
1852 char *perm_names = bdrv_perm_names(new_used_perm & ~c->shared_perm);
1853 error_setg(errp, "Conflicts with use by %s as '%s', which does not "
1855 user, c->name, perm_names, bdrv_get_node_name(c->bs));
1861 if ((c->perm & new_shared_perm) != c->perm) {
1862 char *user = bdrv_child_user_desc(c);
1863 char *perm_names = bdrv_perm_names(c->perm & ~new_shared_perm);
1864 error_setg(errp, "Conflicts with use by %s as '%s', which uses "
1866 user, c->name, perm_names, bdrv_get_node_name(c->bs));
1872 cumulative_perms |= c->perm;
1873 cumulative_shared_perms &= c->shared_perm;
1876 return bdrv_check_perm(bs, q, cumulative_perms, cumulative_shared_perms,
1877 ignore_children, errp);
1880 /* Needs to be followed by a call to either bdrv_child_set_perm() or
1881 * bdrv_child_abort_perm_update(). */
1882 static int bdrv_child_check_perm(BdrvChild *c, BlockReopenQueue *q,
1883 uint64_t perm, uint64_t shared,
1884 GSList *ignore_children, Error **errp)
1888 ignore_children = g_slist_prepend(g_slist_copy(ignore_children), c);
1889 ret = bdrv_check_update_perm(c->bs, q, perm, shared, ignore_children, errp);
1890 g_slist_free(ignore_children);
1895 static void bdrv_child_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared)
1897 uint64_t cumulative_perms, cumulative_shared_perms;
1900 c->shared_perm = shared;
1902 bdrv_get_cumulative_perm(c->bs, &cumulative_perms,
1903 &cumulative_shared_perms);
1904 bdrv_set_perm(c->bs, cumulative_perms, cumulative_shared_perms);
1907 static void bdrv_child_abort_perm_update(BdrvChild *c)
1909 bdrv_abort_perm_update(c->bs);
1912 int bdrv_child_try_set_perm(BdrvChild *c, uint64_t perm, uint64_t shared,
1917 ret = bdrv_child_check_perm(c, NULL, perm, shared, NULL, errp);
1919 bdrv_child_abort_perm_update(c);
1923 bdrv_child_set_perm(c, perm, shared);
1928 #define DEFAULT_PERM_PASSTHROUGH (BLK_PERM_CONSISTENT_READ \
1930 | BLK_PERM_WRITE_UNCHANGED \
1932 #define DEFAULT_PERM_UNCHANGED (BLK_PERM_ALL & ~DEFAULT_PERM_PASSTHROUGH)
1934 void bdrv_filter_default_perms(BlockDriverState *bs, BdrvChild *c,
1935 const BdrvChildRole *role,
1936 BlockReopenQueue *reopen_queue,
1937 uint64_t perm, uint64_t shared,
1938 uint64_t *nperm, uint64_t *nshared)
1941 *nperm = perm & DEFAULT_PERM_PASSTHROUGH;
1942 *nshared = (shared & DEFAULT_PERM_PASSTHROUGH) | DEFAULT_PERM_UNCHANGED;
1946 *nperm = (perm & DEFAULT_PERM_PASSTHROUGH) |
1947 (c->perm & DEFAULT_PERM_UNCHANGED);
1948 *nshared = (shared & DEFAULT_PERM_PASSTHROUGH) |
1949 (c->shared_perm & DEFAULT_PERM_UNCHANGED);
1952 void bdrv_format_default_perms(BlockDriverState *bs, BdrvChild *c,
1953 const BdrvChildRole *role,
1954 BlockReopenQueue *reopen_queue,
1955 uint64_t perm, uint64_t shared,
1956 uint64_t *nperm, uint64_t *nshared)
1958 bool backing = (role == &child_backing);
1959 assert(role == &child_backing || role == &child_file);
1962 int flags = bdrv_reopen_get_flags(reopen_queue, bs);
1964 /* Apart from the modifications below, the same permissions are
1965 * forwarded and left alone as for filters */
1966 bdrv_filter_default_perms(bs, c, role, reopen_queue, perm, shared,
1969 /* Format drivers may touch metadata even if the guest doesn't write */
1970 if (bdrv_is_writable_after_reopen(bs, reopen_queue)) {
1971 perm |= BLK_PERM_WRITE | BLK_PERM_RESIZE;
1974 /* bs->file always needs to be consistent because of the metadata. We
1975 * can never allow other users to resize or write to it. */
1976 if (!(flags & BDRV_O_NO_IO)) {
1977 perm |= BLK_PERM_CONSISTENT_READ;
1979 shared &= ~(BLK_PERM_WRITE | BLK_PERM_RESIZE);
1981 /* We want consistent read from backing files if the parent needs it.
1982 * No other operations are performed on backing files. */
1983 perm &= BLK_PERM_CONSISTENT_READ;
1985 /* If the parent can deal with changing data, we're okay with a
1986 * writable and resizable backing file. */
1987 /* TODO Require !(perm & BLK_PERM_CONSISTENT_READ), too? */
1988 if (shared & BLK_PERM_WRITE) {
1989 shared = BLK_PERM_WRITE | BLK_PERM_RESIZE;
1994 shared |= BLK_PERM_CONSISTENT_READ | BLK_PERM_GRAPH_MOD |
1995 BLK_PERM_WRITE_UNCHANGED;
1998 if (bs->open_flags & BDRV_O_INACTIVE) {
1999 shared |= BLK_PERM_WRITE | BLK_PERM_RESIZE;
2006 static void bdrv_replace_child_noperm(BdrvChild *child,
2007 BlockDriverState *new_bs)
2009 BlockDriverState *old_bs = child->bs;
2012 if (old_bs && new_bs) {
2013 assert(bdrv_get_aio_context(old_bs) == bdrv_get_aio_context(new_bs));
2016 /* Detach first so that the recursive drain sections coming from @child
2017 * are already gone and we only end the drain sections that came from
2019 if (child->role->detach) {
2020 child->role->detach(child);
2022 if (old_bs->quiesce_counter && child->role->drained_end) {
2023 for (i = 0; i < old_bs->quiesce_counter; i++) {
2024 child->role->drained_end(child);
2027 QLIST_REMOVE(child, next_parent);
2033 QLIST_INSERT_HEAD(&new_bs->parents, child, next_parent);
2034 if (new_bs->quiesce_counter && child->role->drained_begin) {
2035 for (i = 0; i < new_bs->quiesce_counter; i++) {
2036 child->role->drained_begin(child);
2040 /* Attach only after starting new drained sections, so that recursive
2041 * drain sections coming from @child don't get an extra .drained_begin
2043 if (child->role->attach) {
2044 child->role->attach(child);
2050 * Updates @child to change its reference to point to @new_bs, including
2051 * checking and applying the necessary permisson updates both to the old node
2054 * NULL is passed as @new_bs for removing the reference before freeing @child.
2056 * If @new_bs is not NULL, bdrv_check_perm() must be called beforehand, as this
2057 * function uses bdrv_set_perm() to update the permissions according to the new
2058 * reference that @new_bs gets.
2060 static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs)
2062 BlockDriverState *old_bs = child->bs;
2063 uint64_t perm, shared_perm;
2065 bdrv_replace_child_noperm(child, new_bs);
2068 /* Update permissions for old node. This is guaranteed to succeed
2069 * because we're just taking a parent away, so we're loosening
2071 bdrv_get_cumulative_perm(old_bs, &perm, &shared_perm);
2072 bdrv_check_perm(old_bs, NULL, perm, shared_perm, NULL, &error_abort);
2073 bdrv_set_perm(old_bs, perm, shared_perm);
2077 bdrv_get_cumulative_perm(new_bs, &perm, &shared_perm);
2078 bdrv_set_perm(new_bs, perm, shared_perm);
2082 BdrvChild *bdrv_root_attach_child(BlockDriverState *child_bs,
2083 const char *child_name,
2084 const BdrvChildRole *child_role,
2085 uint64_t perm, uint64_t shared_perm,
2086 void *opaque, Error **errp)
2091 ret = bdrv_check_update_perm(child_bs, NULL, perm, shared_perm, NULL, errp);
2093 bdrv_abort_perm_update(child_bs);
2097 child = g_new(BdrvChild, 1);
2098 *child = (BdrvChild) {
2100 .name = g_strdup(child_name),
2103 .shared_perm = shared_perm,
2107 /* This performs the matching bdrv_set_perm() for the above check. */
2108 bdrv_replace_child(child, child_bs);
2113 BdrvChild *bdrv_attach_child(BlockDriverState *parent_bs,
2114 BlockDriverState *child_bs,
2115 const char *child_name,
2116 const BdrvChildRole *child_role,
2120 uint64_t perm, shared_perm;
2122 bdrv_get_cumulative_perm(parent_bs, &perm, &shared_perm);
2124 assert(parent_bs->drv);
2125 assert(bdrv_get_aio_context(parent_bs) == bdrv_get_aio_context(child_bs));
2126 bdrv_child_perm(parent_bs, child_bs, NULL, child_role, NULL,
2127 perm, shared_perm, &perm, &shared_perm);
2129 child = bdrv_root_attach_child(child_bs, child_name, child_role,
2130 perm, shared_perm, parent_bs, errp);
2131 if (child == NULL) {
2135 QLIST_INSERT_HEAD(&parent_bs->children, child, next);
2139 static void bdrv_detach_child(BdrvChild *child)
2141 if (child->next.le_prev) {
2142 QLIST_REMOVE(child, next);
2143 child->next.le_prev = NULL;
2146 bdrv_replace_child(child, NULL);
2148 g_free(child->name);
2152 void bdrv_root_unref_child(BdrvChild *child)
2154 BlockDriverState *child_bs;
2156 child_bs = child->bs;
2157 bdrv_detach_child(child);
2158 bdrv_unref(child_bs);
2161 void bdrv_unref_child(BlockDriverState *parent, BdrvChild *child)
2163 if (child == NULL) {
2167 if (child->bs->inherits_from == parent) {
2170 /* Remove inherits_from only when the last reference between parent and
2171 * child->bs goes away. */
2172 QLIST_FOREACH(c, &parent->children, next) {
2173 if (c != child && c->bs == child->bs) {
2178 child->bs->inherits_from = NULL;
2182 bdrv_root_unref_child(child);
2186 static void bdrv_parent_cb_change_media(BlockDriverState *bs, bool load)
2189 QLIST_FOREACH(c, &bs->parents, next_parent) {
2190 if (c->role->change_media) {
2191 c->role->change_media(c, load);
2196 static void bdrv_parent_cb_resize(BlockDriverState *bs)
2199 QLIST_FOREACH(c, &bs->parents, next_parent) {
2200 if (c->role->resize) {
2207 * Sets the backing file link of a BDS. A new reference is created; callers
2208 * which don't need their own reference any more must call bdrv_unref().
2210 void bdrv_set_backing_hd(BlockDriverState *bs, BlockDriverState *backing_hd,
2214 bdrv_ref(backing_hd);
2218 bdrv_unref_child(bs, bs->backing);
2226 bs->backing = bdrv_attach_child(bs, backing_hd, "backing", &child_backing,
2229 bdrv_unref(backing_hd);
2232 bdrv_refresh_filename(bs);
2235 bdrv_refresh_limits(bs, NULL);
2239 * Opens the backing file for a BlockDriverState if not yet open
2241 * bdref_key specifies the key for the image's BlockdevRef in the options QDict.
2242 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict
2243 * itself, all options starting with "${bdref_key}." are considered part of the
2246 * TODO Can this be unified with bdrv_open_image()?
2248 int bdrv_open_backing_file(BlockDriverState *bs, QDict *parent_options,
2249 const char *bdref_key, Error **errp)
2251 char *backing_filename = g_malloc0(PATH_MAX);
2252 char *bdref_key_dot;
2253 const char *reference = NULL;
2255 BlockDriverState *backing_hd;
2257 QDict *tmp_parent_options = NULL;
2258 Error *local_err = NULL;
2260 if (bs->backing != NULL) {
2264 /* NULL means an empty set of options */
2265 if (parent_options == NULL) {
2266 tmp_parent_options = qdict_new();
2267 parent_options = tmp_parent_options;
2270 bs->open_flags &= ~BDRV_O_NO_BACKING;
2272 bdref_key_dot = g_strdup_printf("%s.", bdref_key);
2273 qdict_extract_subqdict(parent_options, &options, bdref_key_dot);
2274 g_free(bdref_key_dot);
2277 * Caution: while qdict_get_try_str() is fine, getting non-string
2278 * types would require more care. When @parent_options come from
2279 * -blockdev or blockdev_add, its members are typed according to
2280 * the QAPI schema, but when they come from -drive, they're all
2283 reference = qdict_get_try_str(parent_options, bdref_key);
2284 if (reference || qdict_haskey(options, "file.filename")) {
2285 backing_filename[0] = '\0';
2286 } else if (bs->backing_file[0] == '\0' && qdict_size(options) == 0) {
2287 qobject_unref(options);
2290 bdrv_get_full_backing_filename(bs, backing_filename, PATH_MAX,
2294 error_propagate(errp, local_err);
2295 qobject_unref(options);
2300 if (!bs->drv || !bs->drv->supports_backing) {
2302 error_setg(errp, "Driver doesn't support backing files");
2303 qobject_unref(options);
2308 bs->backing_format[0] != '\0' && !qdict_haskey(options, "driver")) {
2309 qdict_put_str(options, "driver", bs->backing_format);
2312 backing_hd = bdrv_open_inherit(*backing_filename ? backing_filename : NULL,
2313 reference, options, 0, bs, &child_backing,
2316 bs->open_flags |= BDRV_O_NO_BACKING;
2317 error_prepend(errp, "Could not open backing file: ");
2321 bdrv_set_aio_context(backing_hd, bdrv_get_aio_context(bs));
2323 /* Hook up the backing file link; drop our reference, bs owns the
2324 * backing_hd reference now */
2325 bdrv_set_backing_hd(bs, backing_hd, &local_err);
2326 bdrv_unref(backing_hd);
2328 error_propagate(errp, local_err);
2333 qdict_del(parent_options, bdref_key);
2336 g_free(backing_filename);
2337 qobject_unref(tmp_parent_options);
2341 static BlockDriverState *
2342 bdrv_open_child_bs(const char *filename, QDict *options, const char *bdref_key,
2343 BlockDriverState *parent, const BdrvChildRole *child_role,
2344 bool allow_none, Error **errp)
2346 BlockDriverState *bs = NULL;
2347 QDict *image_options;
2348 char *bdref_key_dot;
2349 const char *reference;
2351 assert(child_role != NULL);
2353 bdref_key_dot = g_strdup_printf("%s.", bdref_key);
2354 qdict_extract_subqdict(options, &image_options, bdref_key_dot);
2355 g_free(bdref_key_dot);
2358 * Caution: while qdict_get_try_str() is fine, getting non-string
2359 * types would require more care. When @options come from
2360 * -blockdev or blockdev_add, its members are typed according to
2361 * the QAPI schema, but when they come from -drive, they're all
2364 reference = qdict_get_try_str(options, bdref_key);
2365 if (!filename && !reference && !qdict_size(image_options)) {
2367 error_setg(errp, "A block device must be specified for \"%s\"",
2370 qobject_unref(image_options);
2374 bs = bdrv_open_inherit(filename, reference, image_options, 0,
2375 parent, child_role, errp);
2381 qdict_del(options, bdref_key);
2386 * Opens a disk image whose options are given as BlockdevRef in another block
2389 * If allow_none is true, no image will be opened if filename is false and no
2390 * BlockdevRef is given. NULL will be returned, but errp remains unset.
2392 * bdrev_key specifies the key for the image's BlockdevRef in the options QDict.
2393 * That QDict has to be flattened; therefore, if the BlockdevRef is a QDict
2394 * itself, all options starting with "${bdref_key}." are considered part of the
2397 * The BlockdevRef will be removed from the options QDict.
2399 BdrvChild *bdrv_open_child(const char *filename,
2400 QDict *options, const char *bdref_key,
2401 BlockDriverState *parent,
2402 const BdrvChildRole *child_role,
2403 bool allow_none, Error **errp)
2406 BlockDriverState *bs;
2408 bs = bdrv_open_child_bs(filename, options, bdref_key, parent, child_role,
2414 c = bdrv_attach_child(parent, bs, bdref_key, child_role, errp);
2423 /* TODO Future callers may need to specify parent/child_role in order for
2424 * option inheritance to work. Existing callers use it for the root node. */
2425 BlockDriverState *bdrv_open_blockdev_ref(BlockdevRef *ref, Error **errp)
2427 BlockDriverState *bs = NULL;
2428 Error *local_err = NULL;
2429 QObject *obj = NULL;
2430 QDict *qdict = NULL;
2431 const char *reference = NULL;
2434 if (ref->type == QTYPE_QSTRING) {
2435 reference = ref->u.reference;
2437 BlockdevOptions *options = &ref->u.definition;
2438 assert(ref->type == QTYPE_QDICT);
2440 v = qobject_output_visitor_new(&obj);
2441 visit_type_BlockdevOptions(v, NULL, &options, &local_err);
2443 error_propagate(errp, local_err);
2446 visit_complete(v, &obj);
2448 qdict = qobject_to(QDict, obj);
2449 qdict_flatten(qdict);
2451 /* bdrv_open_inherit() defaults to the values in bdrv_flags (for
2452 * compatibility with other callers) rather than what we want as the
2453 * real defaults. Apply the defaults here instead. */
2454 qdict_set_default_str(qdict, BDRV_OPT_CACHE_DIRECT, "off");
2455 qdict_set_default_str(qdict, BDRV_OPT_CACHE_NO_FLUSH, "off");
2456 qdict_set_default_str(qdict, BDRV_OPT_READ_ONLY, "off");
2459 bs = bdrv_open_inherit(NULL, reference, qdict, 0, NULL, NULL, errp);
2468 static BlockDriverState *bdrv_append_temp_snapshot(BlockDriverState *bs,
2470 QDict *snapshot_options,
2473 /* TODO: extra byte is a hack to ensure MAX_PATH space on Windows. */
2474 char *tmp_filename = g_malloc0(PATH_MAX + 1);
2476 QemuOpts *opts = NULL;
2477 BlockDriverState *bs_snapshot = NULL;
2478 Error *local_err = NULL;
2481 /* if snapshot, we create a temporary backing file and open it
2482 instead of opening 'filename' directly */
2484 /* Get the required size from the image */
2485 total_size = bdrv_getlength(bs);
2486 if (total_size < 0) {
2487 error_setg_errno(errp, -total_size, "Could not get image size");
2491 /* Create the temporary image */
2492 ret = get_tmp_filename(tmp_filename, PATH_MAX + 1);
2494 error_setg_errno(errp, -ret, "Could not get temporary filename");
2498 opts = qemu_opts_create(bdrv_qcow2.create_opts, NULL, 0,
2500 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, total_size, &error_abort);
2501 ret = bdrv_create(&bdrv_qcow2, tmp_filename, opts, errp);
2502 qemu_opts_del(opts);
2504 error_prepend(errp, "Could not create temporary overlay '%s': ",
2509 /* Prepare options QDict for the temporary file */
2510 qdict_put_str(snapshot_options, "file.driver", "file");
2511 qdict_put_str(snapshot_options, "file.filename", tmp_filename);
2512 qdict_put_str(snapshot_options, "driver", "qcow2");
2514 bs_snapshot = bdrv_open(NULL, NULL, snapshot_options, flags, errp);
2515 snapshot_options = NULL;
2520 /* bdrv_append() consumes a strong reference to bs_snapshot
2521 * (i.e. it will call bdrv_unref() on it) even on error, so in
2522 * order to be able to return one, we have to increase
2523 * bs_snapshot's refcount here */
2524 bdrv_ref(bs_snapshot);
2525 bdrv_append(bs_snapshot, bs, &local_err);
2527 error_propagate(errp, local_err);
2533 qobject_unref(snapshot_options);
2534 g_free(tmp_filename);
2539 * Opens a disk image (raw, qcow2, vmdk, ...)
2541 * options is a QDict of options to pass to the block drivers, or NULL for an
2542 * empty set of options. The reference to the QDict belongs to the block layer
2543 * after the call (even on failure), so if the caller intends to reuse the
2544 * dictionary, it needs to use qobject_ref() before calling bdrv_open.
2546 * If *pbs is NULL, a new BDS will be created with a pointer to it stored there.
2547 * If it is not NULL, the referenced BDS will be reused.
2549 * The reference parameter may be used to specify an existing block device which
2550 * should be opened. If specified, neither options nor a filename may be given,
2551 * nor can an existing BDS be reused (that is, *pbs has to be NULL).
2553 static BlockDriverState *bdrv_open_inherit(const char *filename,
2554 const char *reference,
2555 QDict *options, int flags,
2556 BlockDriverState *parent,
2557 const BdrvChildRole *child_role,
2561 BlockBackend *file = NULL;
2562 BlockDriverState *bs;
2563 BlockDriver *drv = NULL;
2564 const char *drvname;
2565 const char *backing;
2566 Error *local_err = NULL;
2567 QDict *snapshot_options = NULL;
2568 int snapshot_flags = 0;
2570 assert(!child_role || !flags);
2571 assert(!child_role == !parent);
2574 bool options_non_empty = options ? qdict_size(options) : false;
2575 qobject_unref(options);
2577 if (filename || options_non_empty) {
2578 error_setg(errp, "Cannot reference an existing block device with "
2579 "additional options or a new filename");
2583 bs = bdrv_lookup_bs(reference, reference, errp);
2594 /* NULL means an empty set of options */
2595 if (options == NULL) {
2596 options = qdict_new();
2599 /* json: syntax counts as explicit options, as if in the QDict */
2600 parse_json_protocol(options, &filename, &local_err);
2605 bs->explicit_options = qdict_clone_shallow(options);
2608 bs->inherits_from = parent;
2609 child_role->inherit_options(&flags, options,
2610 parent->open_flags, parent->options);
2613 ret = bdrv_fill_options(&options, filename, &flags, &local_err);
2619 * Set the BDRV_O_RDWR and BDRV_O_ALLOW_RDWR flags.
2620 * Caution: getting a boolean member of @options requires care.
2621 * When @options come from -blockdev or blockdev_add, members are
2622 * typed according to the QAPI schema, but when they come from
2623 * -drive, they're all QString.
2625 if (g_strcmp0(qdict_get_try_str(options, BDRV_OPT_READ_ONLY), "on") &&
2626 !qdict_get_try_bool(options, BDRV_OPT_READ_ONLY, false)) {
2627 flags |= (BDRV_O_RDWR | BDRV_O_ALLOW_RDWR);
2629 flags &= ~BDRV_O_RDWR;
2632 if (flags & BDRV_O_SNAPSHOT) {
2633 snapshot_options = qdict_new();
2634 bdrv_temp_snapshot_options(&snapshot_flags, snapshot_options,
2636 /* Let bdrv_backing_options() override "read-only" */
2637 qdict_del(options, BDRV_OPT_READ_ONLY);
2638 bdrv_backing_options(&flags, options, flags, options);
2641 bs->open_flags = flags;
2642 bs->options = options;
2643 options = qdict_clone_shallow(options);
2645 /* Find the right image format driver */
2646 /* See cautionary note on accessing @options above */
2647 drvname = qdict_get_try_str(options, "driver");
2649 drv = bdrv_find_format(drvname);
2651 error_setg(errp, "Unknown driver: '%s'", drvname);
2656 assert(drvname || !(flags & BDRV_O_PROTOCOL));
2658 /* See cautionary note on accessing @options above */
2659 backing = qdict_get_try_str(options, "backing");
2660 if (qobject_to(QNull, qdict_get(options, "backing")) != NULL ||
2661 (backing && *backing == '\0'))
2664 warn_report("Use of \"backing\": \"\" is deprecated; "
2665 "use \"backing\": null instead");
2667 flags |= BDRV_O_NO_BACKING;
2668 qdict_del(options, "backing");
2671 /* Open image file without format layer. This BlockBackend is only used for
2672 * probing, the block drivers will do their own bdrv_open_child() for the
2673 * same BDS, which is why we put the node name back into options. */
2674 if ((flags & BDRV_O_PROTOCOL) == 0) {
2675 BlockDriverState *file_bs;
2677 file_bs = bdrv_open_child_bs(filename, options, "file", bs,
2678 &child_file, true, &local_err);
2682 if (file_bs != NULL) {
2683 /* Not requesting BLK_PERM_CONSISTENT_READ because we're only
2684 * looking at the header to guess the image format. This works even
2685 * in cases where a guest would not see a consistent state. */
2686 file = blk_new(0, BLK_PERM_ALL);
2687 blk_insert_bs(file, file_bs, &local_err);
2688 bdrv_unref(file_bs);
2693 qdict_put_str(options, "file", bdrv_get_node_name(file_bs));
2697 /* Image format probing */
2700 ret = find_image_format(file, filename, &drv, &local_err);
2705 * This option update would logically belong in bdrv_fill_options(),
2706 * but we first need to open bs->file for the probing to work, while
2707 * opening bs->file already requires the (mostly) final set of options
2708 * so that cache mode etc. can be inherited.
2710 * Adding the driver later is somewhat ugly, but it's not an option
2711 * that would ever be inherited, so it's correct. We just need to make
2712 * sure to update both bs->options (which has the full effective
2713 * options for bs) and options (which has file.* already removed).
2715 qdict_put_str(bs->options, "driver", drv->format_name);
2716 qdict_put_str(options, "driver", drv->format_name);
2718 error_setg(errp, "Must specify either driver or file");
2722 /* BDRV_O_PROTOCOL must be set iff a protocol BDS is about to be created */
2723 assert(!!(flags & BDRV_O_PROTOCOL) == !!drv->bdrv_file_open);
2724 /* file must be NULL if a protocol BDS is about to be created
2725 * (the inverse results in an error message from bdrv_open_common()) */
2726 assert(!(flags & BDRV_O_PROTOCOL) || !file);
2728 /* Open the image */
2729 ret = bdrv_open_common(bs, file, options, &local_err);
2739 /* If there is a backing file, use it */
2740 if ((flags & BDRV_O_NO_BACKING) == 0) {
2741 ret = bdrv_open_backing_file(bs, options, "backing", &local_err);
2743 goto close_and_fail;
2747 bdrv_refresh_filename(bs);
2749 /* Check if any unknown options were used */
2750 if (qdict_size(options) != 0) {
2751 const QDictEntry *entry = qdict_first(options);
2752 if (flags & BDRV_O_PROTOCOL) {
2753 error_setg(errp, "Block protocol '%s' doesn't support the option "
2754 "'%s'", drv->format_name, entry->key);
2757 "Block format '%s' does not support the option '%s'",
2758 drv->format_name, entry->key);
2761 goto close_and_fail;
2764 bdrv_parent_cb_change_media(bs, true);
2766 qobject_unref(options);
2768 /* For snapshot=on, create a temporary qcow2 overlay. bs points to the
2769 * temporary snapshot afterwards. */
2770 if (snapshot_flags) {
2771 BlockDriverState *snapshot_bs;
2772 snapshot_bs = bdrv_append_temp_snapshot(bs, snapshot_flags,
2773 snapshot_options, &local_err);
2774 snapshot_options = NULL;
2776 goto close_and_fail;
2778 /* We are not going to return bs but the overlay on top of it
2779 * (snapshot_bs); thus, we have to drop the strong reference to bs
2780 * (which we obtained by calling bdrv_new()). bs will not be deleted,
2781 * though, because the overlay still has a reference to it. */
2790 qobject_unref(snapshot_options);
2791 qobject_unref(bs->explicit_options);
2792 qobject_unref(bs->options);
2793 qobject_unref(options);
2795 bs->explicit_options = NULL;
2797 error_propagate(errp, local_err);
2802 qobject_unref(snapshot_options);
2803 qobject_unref(options);
2804 error_propagate(errp, local_err);
2808 BlockDriverState *bdrv_open(const char *filename, const char *reference,
2809 QDict *options, int flags, Error **errp)
2811 return bdrv_open_inherit(filename, reference, options, flags, NULL,
2816 * Adds a BlockDriverState to a simple queue for an atomic, transactional
2817 * reopen of multiple devices.
2819 * bs_queue can either be an existing BlockReopenQueue that has had QSIMPLE_INIT
2820 * already performed, or alternatively may be NULL a new BlockReopenQueue will
2821 * be created and initialized. This newly created BlockReopenQueue should be
2822 * passed back in for subsequent calls that are intended to be of the same
2825 * bs is the BlockDriverState to add to the reopen queue.
2827 * options contains the changed options for the associated bs
2828 * (the BlockReopenQueue takes ownership)
2830 * flags contains the open flags for the associated bs
2832 * returns a pointer to bs_queue, which is either the newly allocated
2833 * bs_queue, or the existing bs_queue being used.
2835 * bs must be drained between bdrv_reopen_queue() and bdrv_reopen_multiple().
2837 static BlockReopenQueue *bdrv_reopen_queue_child(BlockReopenQueue *bs_queue,
2838 BlockDriverState *bs,
2841 const BdrvChildRole *role,
2842 QDict *parent_options,
2847 BlockReopenQueueEntry *bs_entry;
2849 QDict *old_options, *explicit_options;
2851 /* Make sure that the caller remembered to use a drained section. This is
2852 * important to avoid graph changes between the recursive queuing here and
2853 * bdrv_reopen_multiple(). */
2854 assert(bs->quiesce_counter > 0);
2856 if (bs_queue == NULL) {
2857 bs_queue = g_new0(BlockReopenQueue, 1);
2858 QSIMPLEQ_INIT(bs_queue);
2862 options = qdict_new();
2865 /* Check if this BlockDriverState is already in the queue */
2866 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) {
2867 if (bs == bs_entry->state.bs) {
2873 * Precedence of options:
2874 * 1. Explicitly passed in options (highest)
2875 * 2. Set in flags (only for top level)
2876 * 3. Retained from explicitly set options of bs
2877 * 4. Inherited from parent node
2878 * 5. Retained from effective options of bs
2881 if (!parent_options) {
2883 * Any setting represented by flags is always updated. If the
2884 * corresponding QDict option is set, it takes precedence. Otherwise
2885 * the flag is translated into a QDict option. The old setting of bs is
2888 update_options_from_flags(options, flags);
2891 /* Old explicitly set values (don't overwrite by inherited value) */
2893 old_options = qdict_clone_shallow(bs_entry->state.explicit_options);
2895 old_options = qdict_clone_shallow(bs->explicit_options);
2897 bdrv_join_options(bs, options, old_options);
2898 qobject_unref(old_options);
2900 explicit_options = qdict_clone_shallow(options);
2902 /* Inherit from parent node */
2903 if (parent_options) {
2905 QDict *options_copy;
2907 role->inherit_options(&flags, options, parent_flags, parent_options);
2908 options_copy = qdict_clone_shallow(options);
2909 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort);
2910 qemu_opts_absorb_qdict(opts, options_copy, NULL);
2911 update_flags_from_options(&flags, opts);
2912 qemu_opts_del(opts);
2913 qobject_unref(options_copy);
2916 /* Old values are used for options that aren't set yet */
2917 old_options = qdict_clone_shallow(bs->options);
2918 bdrv_join_options(bs, options, old_options);
2919 qobject_unref(old_options);
2921 /* bdrv_open_inherit() sets and clears some additional flags internally */
2922 flags &= ~BDRV_O_PROTOCOL;
2923 if (flags & BDRV_O_RDWR) {
2924 flags |= BDRV_O_ALLOW_RDWR;
2928 bs_entry = g_new0(BlockReopenQueueEntry, 1);
2929 QSIMPLEQ_INSERT_TAIL(bs_queue, bs_entry, entry);
2931 qobject_unref(bs_entry->state.options);
2932 qobject_unref(bs_entry->state.explicit_options);
2935 bs_entry->state.bs = bs;
2936 bs_entry->state.options = options;
2937 bs_entry->state.explicit_options = explicit_options;
2938 bs_entry->state.flags = flags;
2940 /* This needs to be overwritten in bdrv_reopen_prepare() */
2941 bs_entry->state.perm = UINT64_MAX;
2942 bs_entry->state.shared_perm = 0;
2944 QLIST_FOREACH(child, &bs->children, next) {
2945 QDict *new_child_options;
2946 char *child_key_dot;
2948 /* reopen can only change the options of block devices that were
2949 * implicitly created and inherited options. For other (referenced)
2950 * block devices, a syntax like "backing.foo" results in an error. */
2951 if (child->bs->inherits_from != bs) {
2955 child_key_dot = g_strdup_printf("%s.", child->name);
2956 qdict_extract_subqdict(options, &new_child_options, child_key_dot);
2957 g_free(child_key_dot);
2959 bdrv_reopen_queue_child(bs_queue, child->bs, new_child_options, 0,
2960 child->role, options, flags);
2966 BlockReopenQueue *bdrv_reopen_queue(BlockReopenQueue *bs_queue,
2967 BlockDriverState *bs,
2968 QDict *options, int flags)
2970 return bdrv_reopen_queue_child(bs_queue, bs, options, flags,
2975 * Reopen multiple BlockDriverStates atomically & transactionally.
2977 * The queue passed in (bs_queue) must have been built up previous
2978 * via bdrv_reopen_queue().
2980 * Reopens all BDS specified in the queue, with the appropriate
2981 * flags. All devices are prepared for reopen, and failure of any
2982 * device will cause all device changes to be abandonded, and intermediate
2985 * If all devices prepare successfully, then the changes are committed
2988 * All affected nodes must be drained between bdrv_reopen_queue() and
2989 * bdrv_reopen_multiple().
2991 int bdrv_reopen_multiple(AioContext *ctx, BlockReopenQueue *bs_queue, Error **errp)
2994 BlockReopenQueueEntry *bs_entry, *next;
2995 Error *local_err = NULL;
2997 assert(bs_queue != NULL);
2999 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) {
3000 assert(bs_entry->state.bs->quiesce_counter > 0);
3001 if (bdrv_reopen_prepare(&bs_entry->state, bs_queue, &local_err)) {
3002 error_propagate(errp, local_err);
3005 bs_entry->prepared = true;
3008 /* If we reach this point, we have success and just need to apply the
3011 QSIMPLEQ_FOREACH(bs_entry, bs_queue, entry) {
3012 bdrv_reopen_commit(&bs_entry->state);
3018 QSIMPLEQ_FOREACH_SAFE(bs_entry, bs_queue, entry, next) {
3019 if (ret && bs_entry->prepared) {
3020 bdrv_reopen_abort(&bs_entry->state);
3022 qobject_unref(bs_entry->state.explicit_options);
3024 qobject_unref(bs_entry->state.options);
3033 /* Reopen a single BlockDriverState with the specified flags. */
3034 int bdrv_reopen(BlockDriverState *bs, int bdrv_flags, Error **errp)
3037 Error *local_err = NULL;
3038 BlockReopenQueue *queue;
3040 bdrv_subtree_drained_begin(bs);
3042 queue = bdrv_reopen_queue(NULL, bs, NULL, bdrv_flags);
3043 ret = bdrv_reopen_multiple(bdrv_get_aio_context(bs), queue, &local_err);
3044 if (local_err != NULL) {
3045 error_propagate(errp, local_err);
3048 bdrv_subtree_drained_end(bs);
3053 static BlockReopenQueueEntry *find_parent_in_reopen_queue(BlockReopenQueue *q,
3056 BlockReopenQueueEntry *entry;
3058 QSIMPLEQ_FOREACH(entry, q, entry) {
3059 BlockDriverState *bs = entry->state.bs;
3062 QLIST_FOREACH(child, &bs->children, next) {
3072 static void bdrv_reopen_perm(BlockReopenQueue *q, BlockDriverState *bs,
3073 uint64_t *perm, uint64_t *shared)
3076 BlockReopenQueueEntry *parent;
3077 uint64_t cumulative_perms = 0;
3078 uint64_t cumulative_shared_perms = BLK_PERM_ALL;
3080 QLIST_FOREACH(c, &bs->parents, next_parent) {
3081 parent = find_parent_in_reopen_queue(q, c);
3083 cumulative_perms |= c->perm;
3084 cumulative_shared_perms &= c->shared_perm;
3086 uint64_t nperm, nshared;
3088 bdrv_child_perm(parent->state.bs, bs, c, c->role, q,
3089 parent->state.perm, parent->state.shared_perm,
3092 cumulative_perms |= nperm;
3093 cumulative_shared_perms &= nshared;
3096 *perm = cumulative_perms;
3097 *shared = cumulative_shared_perms;
3101 * Prepares a BlockDriverState for reopen. All changes are staged in the
3102 * 'opaque' field of the BDRVReopenState, which is used and allocated by
3103 * the block driver layer .bdrv_reopen_prepare()
3105 * bs is the BlockDriverState to reopen
3106 * flags are the new open flags
3107 * queue is the reopen queue
3109 * Returns 0 on success, non-zero on error. On error errp will be set
3112 * On failure, bdrv_reopen_abort() will be called to clean up any data.
3113 * It is the responsibility of the caller to then call the abort() or
3114 * commit() for any other BDS that have been left in a prepare() state
3117 int bdrv_reopen_prepare(BDRVReopenState *reopen_state, BlockReopenQueue *queue,
3121 Error *local_err = NULL;
3127 assert(reopen_state != NULL);
3128 assert(reopen_state->bs->drv != NULL);
3129 drv = reopen_state->bs->drv;
3131 /* Process generic block layer options */
3132 opts = qemu_opts_create(&bdrv_runtime_opts, NULL, 0, &error_abort);
3133 qemu_opts_absorb_qdict(opts, reopen_state->options, &local_err);
3135 error_propagate(errp, local_err);
3140 update_flags_from_options(&reopen_state->flags, opts);
3142 /* node-name and driver must be unchanged. Put them back into the QDict, so
3143 * that they are checked at the end of this function. */
3144 value = qemu_opt_get(opts, "node-name");
3146 qdict_put_str(reopen_state->options, "node-name", value);
3149 value = qemu_opt_get(opts, "driver");
3151 qdict_put_str(reopen_state->options, "driver", value);
3154 /* If we are to stay read-only, do not allow permission change
3155 * to r/w. Attempting to set to r/w may fail if either BDRV_O_ALLOW_RDWR is
3156 * not set, or if the BDS still has copy_on_read enabled */
3157 read_only = !(reopen_state->flags & BDRV_O_RDWR);
3158 ret = bdrv_can_set_read_only(reopen_state->bs, read_only, true, &local_err);
3160 error_propagate(errp, local_err);
3164 /* Calculate required permissions after reopening */
3165 bdrv_reopen_perm(queue, reopen_state->bs,
3166 &reopen_state->perm, &reopen_state->shared_perm);
3168 ret = bdrv_flush(reopen_state->bs);
3170 error_setg_errno(errp, -ret, "Error flushing drive");
3174 if (drv->bdrv_reopen_prepare) {
3175 ret = drv->bdrv_reopen_prepare(reopen_state, queue, &local_err);
3177 if (local_err != NULL) {
3178 error_propagate(errp, local_err);
3180 error_setg(errp, "failed while preparing to reopen image '%s'",
3181 reopen_state->bs->filename);
3186 /* It is currently mandatory to have a bdrv_reopen_prepare()
3187 * handler for each supported drv. */
3188 error_setg(errp, "Block format '%s' used by node '%s' "
3189 "does not support reopening files", drv->format_name,
3190 bdrv_get_device_or_node_name(reopen_state->bs));
3195 /* Options that are not handled are only okay if they are unchanged
3196 * compared to the old state. It is expected that some options are only
3197 * used for the initial open, but not reopen (e.g. filename) */
3198 if (qdict_size(reopen_state->options)) {
3199 const QDictEntry *entry = qdict_first(reopen_state->options);
3202 QObject *new = entry->value;
3203 QObject *old = qdict_get(reopen_state->bs->options, entry->key);
3206 * TODO: When using -drive to specify blockdev options, all values
3207 * will be strings; however, when using -blockdev, blockdev-add or
3208 * filenames using the json:{} pseudo-protocol, they will be
3210 * In contrast, reopening options are (currently) always strings
3211 * (because you can only specify them through qemu-io; all other
3212 * callers do not specify any options).
3213 * Therefore, when using anything other than -drive to create a BDS,
3214 * this cannot detect non-string options as unchanged, because
3215 * qobject_is_equal() always returns false for objects of different
3216 * type. In the future, this should be remedied by correctly typing
3217 * all options. For now, this is not too big of an issue because
3218 * the user can simply omit options which cannot be changed anyway,
3219 * so they will stay unchanged.
3221 if (!qobject_is_equal(new, old)) {
3222 error_setg(errp, "Cannot change the option '%s'", entry->key);
3226 } while ((entry = qdict_next(reopen_state->options, entry)));
3229 ret = bdrv_check_perm(reopen_state->bs, queue, reopen_state->perm,
3230 reopen_state->shared_perm, NULL, errp);
3238 qemu_opts_del(opts);
3243 * Takes the staged changes for the reopen from bdrv_reopen_prepare(), and
3244 * makes them final by swapping the staging BlockDriverState contents into
3245 * the active BlockDriverState contents.
3247 void bdrv_reopen_commit(BDRVReopenState *reopen_state)
3250 BlockDriverState *bs;
3251 bool old_can_write, new_can_write;
3253 assert(reopen_state != NULL);
3254 bs = reopen_state->bs;
3256 assert(drv != NULL);
3259 !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
3261 /* If there are any driver level actions to take */
3262 if (drv->bdrv_reopen_commit) {
3263 drv->bdrv_reopen_commit(reopen_state);
3266 /* set BDS specific flags now */
3267 qobject_unref(bs->explicit_options);
3269 bs->explicit_options = reopen_state->explicit_options;
3270 bs->open_flags = reopen_state->flags;
3271 bs->read_only = !(reopen_state->flags & BDRV_O_RDWR);
3273 bdrv_refresh_limits(bs, NULL);
3275 bdrv_set_perm(reopen_state->bs, reopen_state->perm,
3276 reopen_state->shared_perm);
3279 !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
3280 if (!old_can_write && new_can_write && drv->bdrv_reopen_bitmaps_rw) {
3281 Error *local_err = NULL;
3282 if (drv->bdrv_reopen_bitmaps_rw(bs, &local_err) < 0) {
3283 /* This is not fatal, bitmaps just left read-only, so all following
3284 * writes will fail. User can remove read-only bitmaps to unblock
3287 error_reportf_err(local_err,
3288 "%s: Failed to make dirty bitmaps writable: ",
3289 bdrv_get_node_name(bs));
3295 * Abort the reopen, and delete and free the staged changes in
3298 void bdrv_reopen_abort(BDRVReopenState *reopen_state)
3302 assert(reopen_state != NULL);
3303 drv = reopen_state->bs->drv;
3304 assert(drv != NULL);
3306 if (drv->bdrv_reopen_abort) {
3307 drv->bdrv_reopen_abort(reopen_state);
3310 qobject_unref(reopen_state->explicit_options);
3312 bdrv_abort_perm_update(reopen_state->bs);
3316 static void bdrv_close(BlockDriverState *bs)
3318 BdrvAioNotifier *ban, *ban_next;
3319 BdrvChild *child, *next;
3322 assert(!bs->refcnt);
3324 bdrv_drained_begin(bs); /* complete I/O */
3326 bdrv_drain(bs); /* in case flush left pending I/O */
3329 bs->drv->bdrv_close(bs);
3333 bdrv_set_backing_hd(bs, NULL, &error_abort);
3335 if (bs->file != NULL) {
3336 bdrv_unref_child(bs, bs->file);
3340 QLIST_FOREACH_SAFE(child, &bs->children, next, next) {
3341 /* TODO Remove bdrv_unref() from drivers' close function and use
3342 * bdrv_unref_child() here */
3343 if (child->bs->inherits_from == bs) {
3344 child->bs->inherits_from = NULL;
3346 bdrv_detach_child(child);
3351 atomic_set(&bs->copy_on_read, 0);
3352 bs->backing_file[0] = '\0';
3353 bs->backing_format[0] = '\0';
3354 bs->total_sectors = 0;
3355 bs->encrypted = false;
3357 qobject_unref(bs->options);
3358 qobject_unref(bs->explicit_options);
3360 bs->explicit_options = NULL;
3361 qobject_unref(bs->full_open_options);
3362 bs->full_open_options = NULL;
3364 bdrv_release_named_dirty_bitmaps(bs);
3365 assert(QLIST_EMPTY(&bs->dirty_bitmaps));
3367 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_next) {
3370 QLIST_INIT(&bs->aio_notifiers);
3371 bdrv_drained_end(bs);
3374 void bdrv_close_all(void)
3376 assert(job_next(NULL) == NULL);
3377 nbd_export_close_all();
3379 /* Drop references from requests still in flight, such as canceled block
3380 * jobs whose AIO context has not been polled yet */
3383 blk_remove_all_bs();
3384 blockdev_close_all_bdrv_states();
3386 assert(QTAILQ_EMPTY(&all_bdrv_states));
3389 static bool should_update_child(BdrvChild *c, BlockDriverState *to)
3393 if (c->role->stay_at_node) {
3397 if (c->role == &child_backing) {
3398 /* If @from is a backing file of @to, ignore the child to avoid
3399 * creating a loop. We only want to change the pointer of other
3401 QLIST_FOREACH(to_c, &to->children, next) {
3414 void bdrv_replace_node(BlockDriverState *from, BlockDriverState *to,
3417 BdrvChild *c, *next;
3418 GSList *list = NULL, *p;
3419 uint64_t old_perm, old_shared;
3420 uint64_t perm = 0, shared = BLK_PERM_ALL;
3423 assert(!atomic_read(&from->in_flight));
3424 assert(!atomic_read(&to->in_flight));
3426 /* Make sure that @from doesn't go away until we have successfully attached
3427 * all of its parents to @to. */
3430 /* Put all parents into @list and calculate their cumulative permissions */
3431 QLIST_FOREACH_SAFE(c, &from->parents, next_parent, next) {
3432 if (!should_update_child(c, to)) {
3435 list = g_slist_prepend(list, c);
3437 shared &= c->shared_perm;
3440 /* Check whether the required permissions can be granted on @to, ignoring
3441 * all BdrvChild in @list so that they can't block themselves. */
3442 ret = bdrv_check_update_perm(to, NULL, perm, shared, list, errp);
3444 bdrv_abort_perm_update(to);
3448 /* Now actually perform the change. We performed the permission check for
3449 * all elements of @list at once, so set the permissions all at once at the
3451 for (p = list; p != NULL; p = p->next) {
3455 bdrv_replace_child_noperm(c, to);
3459 bdrv_get_cumulative_perm(to, &old_perm, &old_shared);
3460 bdrv_set_perm(to, old_perm | perm, old_shared | shared);
3468 * Add new bs contents at the top of an image chain while the chain is
3469 * live, while keeping required fields on the top layer.
3471 * This will modify the BlockDriverState fields, and swap contents
3472 * between bs_new and bs_top. Both bs_new and bs_top are modified.
3474 * bs_new must not be attached to a BlockBackend.
3476 * This function does not create any image files.
3478 * bdrv_append() takes ownership of a bs_new reference and unrefs it because
3479 * that's what the callers commonly need. bs_new will be referenced by the old
3480 * parents of bs_top after bdrv_append() returns. If the caller needs to keep a
3481 * reference of its own, it must call bdrv_ref().
3483 void bdrv_append(BlockDriverState *bs_new, BlockDriverState *bs_top,
3486 Error *local_err = NULL;
3488 bdrv_set_backing_hd(bs_new, bs_top, &local_err);
3490 error_propagate(errp, local_err);
3494 bdrv_replace_node(bs_top, bs_new, &local_err);
3496 error_propagate(errp, local_err);
3497 bdrv_set_backing_hd(bs_new, NULL, &error_abort);
3501 /* bs_new is now referenced by its new parents, we don't need the
3502 * additional reference any more. */
3507 static void bdrv_delete(BlockDriverState *bs)
3510 assert(bdrv_op_blocker_is_empty(bs));
3511 assert(!bs->refcnt);
3515 /* remove from list, if necessary */
3516 if (bs->node_name[0] != '\0') {
3517 QTAILQ_REMOVE(&graph_bdrv_states, bs, node_list);
3519 QTAILQ_REMOVE(&all_bdrv_states, bs, bs_list);
3525 * Run consistency checks on an image
3527 * Returns 0 if the check could be completed (it doesn't mean that the image is
3528 * free of errors) or -errno when an internal error occurred. The results of the
3529 * check are stored in res.
3531 static int coroutine_fn bdrv_co_check(BlockDriverState *bs,
3532 BdrvCheckResult *res, BdrvCheckMode fix)
3534 if (bs->drv == NULL) {
3537 if (bs->drv->bdrv_co_check == NULL) {
3541 memset(res, 0, sizeof(*res));
3542 return bs->drv->bdrv_co_check(bs, res, fix);
3545 typedef struct CheckCo {
3546 BlockDriverState *bs;
3547 BdrvCheckResult *res;
3552 static void bdrv_check_co_entry(void *opaque)
3554 CheckCo *cco = opaque;
3555 cco->ret = bdrv_co_check(cco->bs, cco->res, cco->fix);
3558 int bdrv_check(BlockDriverState *bs,
3559 BdrvCheckResult *res, BdrvCheckMode fix)
3565 .ret = -EINPROGRESS,
3569 if (qemu_in_coroutine()) {
3570 /* Fast-path if already in coroutine context */
3571 bdrv_check_co_entry(&cco);
3573 co = qemu_coroutine_create(bdrv_check_co_entry, &cco);
3574 qemu_coroutine_enter(co);
3575 BDRV_POLL_WHILE(bs, cco.ret == -EINPROGRESS);
3584 * -EINVAL - backing format specified, but no file
3585 * -ENOSPC - can't update the backing file because no space is left in the
3587 * -ENOTSUP - format driver doesn't support changing the backing file
3589 int bdrv_change_backing_file(BlockDriverState *bs,
3590 const char *backing_file, const char *backing_fmt)
3592 BlockDriver *drv = bs->drv;
3599 /* Backing file format doesn't make sense without a backing file */
3600 if (backing_fmt && !backing_file) {
3604 if (drv->bdrv_change_backing_file != NULL) {
3605 ret = drv->bdrv_change_backing_file(bs, backing_file, backing_fmt);
3611 pstrcpy(bs->backing_file, sizeof(bs->backing_file), backing_file ?: "");
3612 pstrcpy(bs->backing_format, sizeof(bs->backing_format), backing_fmt ?: "");
3618 * Finds the image layer in the chain that has 'bs' as its backing file.
3620 * active is the current topmost image.
3622 * Returns NULL if bs is not found in active's image chain,
3623 * or if active == bs.
3625 * Returns the bottommost base image if bs == NULL.
3627 BlockDriverState *bdrv_find_overlay(BlockDriverState *active,
3628 BlockDriverState *bs)
3630 while (active && bs != backing_bs(active)) {
3631 active = backing_bs(active);
3637 /* Given a BDS, searches for the base layer. */
3638 BlockDriverState *bdrv_find_base(BlockDriverState *bs)
3640 return bdrv_find_overlay(bs, NULL);
3644 * Drops images above 'base' up to and including 'top', and sets the image
3645 * above 'top' to have base as its backing file.
3647 * Requires that the overlay to 'top' is opened r/w, so that the backing file
3648 * information in 'bs' can be properly updated.
3650 * E.g., this will convert the following chain:
3651 * bottom <- base <- intermediate <- top <- active
3655 * bottom <- base <- active
3657 * It is allowed for bottom==base, in which case it converts:
3659 * base <- intermediate <- top <- active
3665 * If backing_file_str is non-NULL, it will be used when modifying top's
3666 * overlay image metadata.
3669 * if active == top, that is considered an error
3672 int bdrv_drop_intermediate(BlockDriverState *top, BlockDriverState *base,
3673 const char *backing_file_str)
3675 BdrvChild *c, *next;
3676 Error *local_err = NULL;
3681 if (!top->drv || !base->drv) {
3685 /* Make sure that base is in the backing chain of top */
3686 if (!bdrv_chain_contains(top, base)) {
3690 /* success - we can delete the intermediate states, and link top->base */
3691 /* TODO Check graph modification op blockers (BLK_PERM_GRAPH_MOD) once
3692 * we've figured out how they should work. */
3693 backing_file_str = backing_file_str ? backing_file_str : base->filename;
3695 QLIST_FOREACH_SAFE(c, &top->parents, next_parent, next) {
3696 /* Check whether we are allowed to switch c from top to base */
3697 GSList *ignore_children = g_slist_prepend(NULL, c);
3698 bdrv_check_update_perm(base, NULL, c->perm, c->shared_perm,
3699 ignore_children, &local_err);
3700 g_slist_free(ignore_children);
3703 error_report_err(local_err);
3707 /* If so, update the backing file path in the image file */
3708 if (c->role->update_filename) {
3709 ret = c->role->update_filename(c, base, backing_file_str,
3712 bdrv_abort_perm_update(base);
3713 error_report_err(local_err);
3718 /* Do the actual switch in the in-memory graph.
3719 * Completes bdrv_check_update_perm() transaction internally. */
3721 bdrv_replace_child(c, base);
3732 * Truncate file to 'offset' bytes (needed only for file protocols)
3734 int bdrv_truncate(BdrvChild *child, int64_t offset, PreallocMode prealloc,
3737 BlockDriverState *bs = child->bs;
3738 BlockDriver *drv = bs->drv;
3741 assert(child->perm & BLK_PERM_RESIZE);
3743 /* if bs->drv == NULL, bs is closed, so there's nothing to do here */
3745 error_setg(errp, "No medium inserted");
3749 error_setg(errp, "Image size cannot be negative");
3753 if (!drv->bdrv_truncate) {
3754 if (bs->file && drv->is_filter) {
3755 return bdrv_truncate(bs->file, offset, prealloc, errp);
3757 error_setg(errp, "Image format driver does not support resize");
3760 if (bs->read_only) {
3761 error_setg(errp, "Image is read-only");
3765 assert(!(bs->open_flags & BDRV_O_INACTIVE));
3767 ret = drv->bdrv_truncate(bs, offset, prealloc, errp);
3771 ret = refresh_total_sectors(bs, offset >> BDRV_SECTOR_BITS);
3773 error_setg_errno(errp, -ret, "Could not refresh total sector count");
3775 offset = bs->total_sectors * BDRV_SECTOR_SIZE;
3777 bdrv_dirty_bitmap_truncate(bs, offset);
3778 bdrv_parent_cb_resize(bs);
3779 atomic_inc(&bs->write_gen);
3784 * Length of a allocated file in bytes. Sparse files are counted by actual
3785 * allocated space. Return < 0 if error or unknown.
3787 int64_t bdrv_get_allocated_file_size(BlockDriverState *bs)
3789 BlockDriver *drv = bs->drv;
3793 if (drv->bdrv_get_allocated_file_size) {
3794 return drv->bdrv_get_allocated_file_size(bs);
3797 return bdrv_get_allocated_file_size(bs->file->bs);
3804 * @drv: Format driver
3805 * @opts: Creation options for new image
3806 * @in_bs: Existing image containing data for new image (may be NULL)
3807 * @errp: Error object
3808 * Returns: A #BlockMeasureInfo (free using qapi_free_BlockMeasureInfo())
3811 * Calculate file size required to create a new image.
3813 * If @in_bs is given then space for allocated clusters and zero clusters
3814 * from that image are included in the calculation. If @opts contains a
3815 * backing file that is shared by @in_bs then backing clusters may be omitted
3816 * from the calculation.
3818 * If @in_bs is NULL then the calculation includes no allocated clusters
3819 * unless a preallocation option is given in @opts.
3821 * Note that @in_bs may use a different BlockDriver from @drv.
3823 * If an error occurs the @errp pointer is set.
3825 BlockMeasureInfo *bdrv_measure(BlockDriver *drv, QemuOpts *opts,
3826 BlockDriverState *in_bs, Error **errp)
3828 if (!drv->bdrv_measure) {
3829 error_setg(errp, "Block driver '%s' does not support size measurement",
3834 return drv->bdrv_measure(opts, in_bs, errp);
3838 * Return number of sectors on success, -errno on error.
3840 int64_t bdrv_nb_sectors(BlockDriverState *bs)
3842 BlockDriver *drv = bs->drv;
3847 if (drv->has_variable_length) {
3848 int ret = refresh_total_sectors(bs, bs->total_sectors);
3853 return bs->total_sectors;
3857 * Return length in bytes on success, -errno on error.
3858 * The length is always a multiple of BDRV_SECTOR_SIZE.
3860 int64_t bdrv_getlength(BlockDriverState *bs)
3862 int64_t ret = bdrv_nb_sectors(bs);
3864 ret = ret > INT64_MAX / BDRV_SECTOR_SIZE ? -EFBIG : ret;
3865 return ret < 0 ? ret : ret * BDRV_SECTOR_SIZE;
3868 /* return 0 as number of sectors if no device present or error */
3869 void bdrv_get_geometry(BlockDriverState *bs, uint64_t *nb_sectors_ptr)
3871 int64_t nb_sectors = bdrv_nb_sectors(bs);
3873 *nb_sectors_ptr = nb_sectors < 0 ? 0 : nb_sectors;
3876 bool bdrv_is_sg(BlockDriverState *bs)
3881 bool bdrv_is_encrypted(BlockDriverState *bs)
3883 if (bs->backing && bs->backing->bs->encrypted) {
3886 return bs->encrypted;
3889 const char *bdrv_get_format_name(BlockDriverState *bs)
3891 return bs->drv ? bs->drv->format_name : NULL;
3894 static int qsort_strcmp(const void *a, const void *b)
3896 return strcmp(*(char *const *)a, *(char *const *)b);
3899 void bdrv_iterate_format(void (*it)(void *opaque, const char *name),
3905 const char **formats = NULL;
3907 QLIST_FOREACH(drv, &bdrv_drivers, list) {
3908 if (drv->format_name) {
3911 while (formats && i && !found) {
3912 found = !strcmp(formats[--i], drv->format_name);
3916 formats = g_renew(const char *, formats, count + 1);
3917 formats[count++] = drv->format_name;
3922 for (i = 0; i < (int)ARRAY_SIZE(block_driver_modules); i++) {
3923 const char *format_name = block_driver_modules[i].format_name;
3929 while (formats && j && !found) {
3930 found = !strcmp(formats[--j], format_name);
3934 formats = g_renew(const char *, formats, count + 1);
3935 formats[count++] = format_name;
3940 qsort(formats, count, sizeof(formats[0]), qsort_strcmp);
3942 for (i = 0; i < count; i++) {
3943 it(opaque, formats[i]);
3949 /* This function is to find a node in the bs graph */
3950 BlockDriverState *bdrv_find_node(const char *node_name)
3952 BlockDriverState *bs;
3956 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) {
3957 if (!strcmp(node_name, bs->node_name)) {
3964 /* Put this QMP function here so it can access the static graph_bdrv_states. */
3965 BlockDeviceInfoList *bdrv_named_nodes_list(Error **errp)
3967 BlockDeviceInfoList *list, *entry;
3968 BlockDriverState *bs;
3971 QTAILQ_FOREACH(bs, &graph_bdrv_states, node_list) {
3972 BlockDeviceInfo *info = bdrv_block_device_info(NULL, bs, errp);
3974 qapi_free_BlockDeviceInfoList(list);
3977 entry = g_malloc0(sizeof(*entry));
3978 entry->value = info;
3986 BlockDriverState *bdrv_lookup_bs(const char *device,
3987 const char *node_name,
3991 BlockDriverState *bs;
3994 blk = blk_by_name(device);
3999 error_setg(errp, "Device '%s' has no medium", device);
4007 bs = bdrv_find_node(node_name);
4014 error_setg(errp, "Cannot find device=%s nor node_name=%s",
4015 device ? device : "",
4016 node_name ? node_name : "");
4020 /* If 'base' is in the same chain as 'top', return true. Otherwise,
4021 * return false. If either argument is NULL, return false. */
4022 bool bdrv_chain_contains(BlockDriverState *top, BlockDriverState *base)
4024 while (top && top != base) {
4025 top = backing_bs(top);
4031 BlockDriverState *bdrv_next_node(BlockDriverState *bs)
4034 return QTAILQ_FIRST(&graph_bdrv_states);
4036 return QTAILQ_NEXT(bs, node_list);
4039 const char *bdrv_get_node_name(const BlockDriverState *bs)
4041 return bs->node_name;
4044 const char *bdrv_get_parent_name(const BlockDriverState *bs)
4049 /* If multiple parents have a name, just pick the first one. */
4050 QLIST_FOREACH(c, &bs->parents, next_parent) {
4051 if (c->role->get_name) {
4052 name = c->role->get_name(c);
4053 if (name && *name) {
4062 /* TODO check what callers really want: bs->node_name or blk_name() */
4063 const char *bdrv_get_device_name(const BlockDriverState *bs)
4065 return bdrv_get_parent_name(bs) ?: "";
4068 /* This can be used to identify nodes that might not have a device
4069 * name associated. Since node and device names live in the same
4070 * namespace, the result is unambiguous. The exception is if both are
4071 * absent, then this returns an empty (non-null) string. */
4072 const char *bdrv_get_device_or_node_name(const BlockDriverState *bs)
4074 return bdrv_get_parent_name(bs) ?: bs->node_name;
4077 int bdrv_get_flags(BlockDriverState *bs)
4079 return bs->open_flags;
4082 int bdrv_has_zero_init_1(BlockDriverState *bs)
4087 int bdrv_has_zero_init(BlockDriverState *bs)
4093 /* If BS is a copy on write image, it is initialized to
4094 the contents of the base image, which may not be zeroes. */
4098 if (bs->drv->bdrv_has_zero_init) {
4099 return bs->drv->bdrv_has_zero_init(bs);
4101 if (bs->file && bs->drv->is_filter) {
4102 return bdrv_has_zero_init(bs->file->bs);
4109 bool bdrv_unallocated_blocks_are_zero(BlockDriverState *bs)
4111 BlockDriverInfo bdi;
4117 if (bdrv_get_info(bs, &bdi) == 0) {
4118 return bdi.unallocated_blocks_are_zero;
4124 bool bdrv_can_write_zeroes_with_unmap(BlockDriverState *bs)
4126 if (!(bs->open_flags & BDRV_O_UNMAP)) {
4130 return bs->supported_zero_flags & BDRV_REQ_MAY_UNMAP;
4133 const char *bdrv_get_encrypted_filename(BlockDriverState *bs)
4135 if (bs->backing && bs->backing->bs->encrypted)
4136 return bs->backing_file;
4137 else if (bs->encrypted)
4138 return bs->filename;
4143 void bdrv_get_backing_filename(BlockDriverState *bs,
4144 char *filename, int filename_size)
4146 pstrcpy(filename, filename_size, bs->backing_file);
4149 int bdrv_get_info(BlockDriverState *bs, BlockDriverInfo *bdi)
4151 BlockDriver *drv = bs->drv;
4152 /* if bs->drv == NULL, bs is closed, so there's nothing to do here */
4156 if (!drv->bdrv_get_info) {
4157 if (bs->file && drv->is_filter) {
4158 return bdrv_get_info(bs->file->bs, bdi);
4162 memset(bdi, 0, sizeof(*bdi));
4163 return drv->bdrv_get_info(bs, bdi);
4166 ImageInfoSpecific *bdrv_get_specific_info(BlockDriverState *bs)
4168 BlockDriver *drv = bs->drv;
4169 if (drv && drv->bdrv_get_specific_info) {
4170 return drv->bdrv_get_specific_info(bs);
4175 void bdrv_debug_event(BlockDriverState *bs, BlkdebugEvent event)
4177 if (!bs || !bs->drv || !bs->drv->bdrv_debug_event) {
4181 bs->drv->bdrv_debug_event(bs, event);
4184 int bdrv_debug_breakpoint(BlockDriverState *bs, const char *event,
4187 while (bs && bs->drv && !bs->drv->bdrv_debug_breakpoint) {
4188 bs = bs->file ? bs->file->bs : NULL;
4191 if (bs && bs->drv && bs->drv->bdrv_debug_breakpoint) {
4192 return bs->drv->bdrv_debug_breakpoint(bs, event, tag);
4198 int bdrv_debug_remove_breakpoint(BlockDriverState *bs, const char *tag)
4200 while (bs && bs->drv && !bs->drv->bdrv_debug_remove_breakpoint) {
4201 bs = bs->file ? bs->file->bs : NULL;
4204 if (bs && bs->drv && bs->drv->bdrv_debug_remove_breakpoint) {
4205 return bs->drv->bdrv_debug_remove_breakpoint(bs, tag);
4211 int bdrv_debug_resume(BlockDriverState *bs, const char *tag)
4213 while (bs && (!bs->drv || !bs->drv->bdrv_debug_resume)) {
4214 bs = bs->file ? bs->file->bs : NULL;
4217 if (bs && bs->drv && bs->drv->bdrv_debug_resume) {
4218 return bs->drv->bdrv_debug_resume(bs, tag);
4224 bool bdrv_debug_is_suspended(BlockDriverState *bs, const char *tag)
4226 while (bs && bs->drv && !bs->drv->bdrv_debug_is_suspended) {
4227 bs = bs->file ? bs->file->bs : NULL;
4230 if (bs && bs->drv && bs->drv->bdrv_debug_is_suspended) {
4231 return bs->drv->bdrv_debug_is_suspended(bs, tag);
4237 /* backing_file can either be relative, or absolute, or a protocol. If it is
4238 * relative, it must be relative to the chain. So, passing in bs->filename
4239 * from a BDS as backing_file should not be done, as that may be relative to
4240 * the CWD rather than the chain. */
4241 BlockDriverState *bdrv_find_backing_image(BlockDriverState *bs,
4242 const char *backing_file)
4244 char *filename_full = NULL;
4245 char *backing_file_full = NULL;
4246 char *filename_tmp = NULL;
4247 int is_protocol = 0;
4248 BlockDriverState *curr_bs = NULL;
4249 BlockDriverState *retval = NULL;
4250 Error *local_error = NULL;
4252 if (!bs || !bs->drv || !backing_file) {
4256 filename_full = g_malloc(PATH_MAX);
4257 backing_file_full = g_malloc(PATH_MAX);
4258 filename_tmp = g_malloc(PATH_MAX);
4260 is_protocol = path_has_protocol(backing_file);
4262 for (curr_bs = bs; curr_bs->backing; curr_bs = curr_bs->backing->bs) {
4264 /* If either of the filename paths is actually a protocol, then
4265 * compare unmodified paths; otherwise make paths relative */
4266 if (is_protocol || path_has_protocol(curr_bs->backing_file)) {
4267 if (strcmp(backing_file, curr_bs->backing_file) == 0) {
4268 retval = curr_bs->backing->bs;
4271 /* Also check against the full backing filename for the image */
4272 bdrv_get_full_backing_filename(curr_bs, backing_file_full, PATH_MAX,
4274 if (local_error == NULL) {
4275 if (strcmp(backing_file, backing_file_full) == 0) {
4276 retval = curr_bs->backing->bs;
4280 error_free(local_error);
4284 /* If not an absolute filename path, make it relative to the current
4285 * image's filename path */
4286 path_combine(filename_tmp, PATH_MAX, curr_bs->filename,
4289 /* We are going to compare absolute pathnames */
4290 if (!realpath(filename_tmp, filename_full)) {
4294 /* We need to make sure the backing filename we are comparing against
4295 * is relative to the current image filename (or absolute) */
4296 path_combine(filename_tmp, PATH_MAX, curr_bs->filename,
4297 curr_bs->backing_file);
4299 if (!realpath(filename_tmp, backing_file_full)) {
4303 if (strcmp(backing_file_full, filename_full) == 0) {
4304 retval = curr_bs->backing->bs;
4310 g_free(filename_full);
4311 g_free(backing_file_full);
4312 g_free(filename_tmp);
4316 void bdrv_init(void)
4318 module_call_init(MODULE_INIT_BLOCK);
4321 void bdrv_init_with_whitelist(void)
4323 use_bdrv_whitelist = 1;
4327 static void coroutine_fn bdrv_co_invalidate_cache(BlockDriverState *bs,
4330 BdrvChild *child, *parent;
4331 uint64_t perm, shared_perm;
4332 Error *local_err = NULL;
4339 if (!(bs->open_flags & BDRV_O_INACTIVE)) {
4343 QLIST_FOREACH(child, &bs->children, next) {
4344 bdrv_co_invalidate_cache(child->bs, &local_err);
4346 error_propagate(errp, local_err);
4352 * Update permissions, they may differ for inactive nodes.
4354 * Note that the required permissions of inactive images are always a
4355 * subset of the permissions required after activating the image. This
4356 * allows us to just get the permissions upfront without restricting
4357 * drv->bdrv_invalidate_cache().
4359 * It also means that in error cases, we don't have to try and revert to
4360 * the old permissions (which is an operation that could fail, too). We can
4361 * just keep the extended permissions for the next time that an activation
4362 * of the image is tried.
4364 bs->open_flags &= ~BDRV_O_INACTIVE;
4365 bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
4366 ret = bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &local_err);
4368 bs->open_flags |= BDRV_O_INACTIVE;
4369 error_propagate(errp, local_err);
4372 bdrv_set_perm(bs, perm, shared_perm);
4374 if (bs->drv->bdrv_co_invalidate_cache) {
4375 bs->drv->bdrv_co_invalidate_cache(bs, &local_err);
4377 bs->open_flags |= BDRV_O_INACTIVE;
4378 error_propagate(errp, local_err);
4383 ret = refresh_total_sectors(bs, bs->total_sectors);
4385 bs->open_flags |= BDRV_O_INACTIVE;
4386 error_setg_errno(errp, -ret, "Could not refresh total sector count");
4390 QLIST_FOREACH(parent, &bs->parents, next_parent) {
4391 if (parent->role->activate) {
4392 parent->role->activate(parent, &local_err);
4394 error_propagate(errp, local_err);
4401 typedef struct InvalidateCacheCo {
4402 BlockDriverState *bs;
4405 } InvalidateCacheCo;
4407 static void coroutine_fn bdrv_invalidate_cache_co_entry(void *opaque)
4409 InvalidateCacheCo *ico = opaque;
4410 bdrv_co_invalidate_cache(ico->bs, ico->errp);
4414 void bdrv_invalidate_cache(BlockDriverState *bs, Error **errp)
4417 InvalidateCacheCo ico = {
4423 if (qemu_in_coroutine()) {
4424 /* Fast-path if already in coroutine context */
4425 bdrv_invalidate_cache_co_entry(&ico);
4427 co = qemu_coroutine_create(bdrv_invalidate_cache_co_entry, &ico);
4428 qemu_coroutine_enter(co);
4429 BDRV_POLL_WHILE(bs, !ico.done);
4433 void bdrv_invalidate_cache_all(Error **errp)
4435 BlockDriverState *bs;
4436 Error *local_err = NULL;
4437 BdrvNextIterator it;
4439 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
4440 AioContext *aio_context = bdrv_get_aio_context(bs);
4442 aio_context_acquire(aio_context);
4443 bdrv_invalidate_cache(bs, &local_err);
4444 aio_context_release(aio_context);
4446 error_propagate(errp, local_err);
4447 bdrv_next_cleanup(&it);
4453 static int bdrv_inactivate_recurse(BlockDriverState *bs,
4456 BdrvChild *child, *parent;
4463 if (!setting_flag && bs->drv->bdrv_inactivate) {
4464 ret = bs->drv->bdrv_inactivate(bs);
4470 if (setting_flag && !(bs->open_flags & BDRV_O_INACTIVE)) {
4471 uint64_t perm, shared_perm;
4473 QLIST_FOREACH(parent, &bs->parents, next_parent) {
4474 if (parent->role->inactivate) {
4475 ret = parent->role->inactivate(parent);
4482 bs->open_flags |= BDRV_O_INACTIVE;
4484 /* Update permissions, they may differ for inactive nodes */
4485 bdrv_get_cumulative_perm(bs, &perm, &shared_perm);
4486 bdrv_check_perm(bs, NULL, perm, shared_perm, NULL, &error_abort);
4487 bdrv_set_perm(bs, perm, shared_perm);
4490 QLIST_FOREACH(child, &bs->children, next) {
4491 ret = bdrv_inactivate_recurse(child->bs, setting_flag);
4497 /* At this point persistent bitmaps should be already stored by the format
4499 bdrv_release_persistent_dirty_bitmaps(bs);
4504 int bdrv_inactivate_all(void)
4506 BlockDriverState *bs = NULL;
4507 BdrvNextIterator it;
4510 GSList *aio_ctxs = NULL, *ctx;
4512 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
4513 AioContext *aio_context = bdrv_get_aio_context(bs);
4515 if (!g_slist_find(aio_ctxs, aio_context)) {
4516 aio_ctxs = g_slist_prepend(aio_ctxs, aio_context);
4517 aio_context_acquire(aio_context);
4521 /* We do two passes of inactivation. The first pass calls to drivers'
4522 * .bdrv_inactivate callbacks recursively so all cache is flushed to disk;
4523 * the second pass sets the BDRV_O_INACTIVE flag so that no further write
4525 for (pass = 0; pass < 2; pass++) {
4526 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
4527 ret = bdrv_inactivate_recurse(bs, pass);
4529 bdrv_next_cleanup(&it);
4536 for (ctx = aio_ctxs; ctx != NULL; ctx = ctx->next) {
4537 AioContext *aio_context = ctx->data;
4538 aio_context_release(aio_context);
4540 g_slist_free(aio_ctxs);
4545 /**************************************************************/
4546 /* removable device support */
4549 * Return TRUE if the media is present
4551 bool bdrv_is_inserted(BlockDriverState *bs)
4553 BlockDriver *drv = bs->drv;
4559 if (drv->bdrv_is_inserted) {
4560 return drv->bdrv_is_inserted(bs);
4562 QLIST_FOREACH(child, &bs->children, next) {
4563 if (!bdrv_is_inserted(child->bs)) {
4571 * If eject_flag is TRUE, eject the media. Otherwise, close the tray
4573 void bdrv_eject(BlockDriverState *bs, bool eject_flag)
4575 BlockDriver *drv = bs->drv;
4577 if (drv && drv->bdrv_eject) {
4578 drv->bdrv_eject(bs, eject_flag);
4583 * Lock or unlock the media (if it is locked, the user won't be able
4584 * to eject it manually).
4586 void bdrv_lock_medium(BlockDriverState *bs, bool locked)
4588 BlockDriver *drv = bs->drv;
4590 trace_bdrv_lock_medium(bs, locked);
4592 if (drv && drv->bdrv_lock_medium) {
4593 drv->bdrv_lock_medium(bs, locked);
4597 /* Get a reference to bs */
4598 void bdrv_ref(BlockDriverState *bs)
4603 /* Release a previously grabbed reference to bs.
4604 * If after releasing, reference count is zero, the BlockDriverState is
4606 void bdrv_unref(BlockDriverState *bs)
4611 assert(bs->refcnt > 0);
4612 if (--bs->refcnt == 0) {
4617 struct BdrvOpBlocker {
4619 QLIST_ENTRY(BdrvOpBlocker) list;
4622 bool bdrv_op_is_blocked(BlockDriverState *bs, BlockOpType op, Error **errp)
4624 BdrvOpBlocker *blocker;
4625 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX);
4626 if (!QLIST_EMPTY(&bs->op_blockers[op])) {
4627 blocker = QLIST_FIRST(&bs->op_blockers[op]);
4628 error_propagate(errp, error_copy(blocker->reason));
4629 error_prepend(errp, "Node '%s' is busy: ",
4630 bdrv_get_device_or_node_name(bs));
4636 void bdrv_op_block(BlockDriverState *bs, BlockOpType op, Error *reason)
4638 BdrvOpBlocker *blocker;
4639 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX);
4641 blocker = g_new0(BdrvOpBlocker, 1);
4642 blocker->reason = reason;
4643 QLIST_INSERT_HEAD(&bs->op_blockers[op], blocker, list);
4646 void bdrv_op_unblock(BlockDriverState *bs, BlockOpType op, Error *reason)
4648 BdrvOpBlocker *blocker, *next;
4649 assert((int) op >= 0 && op < BLOCK_OP_TYPE_MAX);
4650 QLIST_FOREACH_SAFE(blocker, &bs->op_blockers[op], list, next) {
4651 if (blocker->reason == reason) {
4652 QLIST_REMOVE(blocker, list);
4658 void bdrv_op_block_all(BlockDriverState *bs, Error *reason)
4661 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) {
4662 bdrv_op_block(bs, i, reason);
4666 void bdrv_op_unblock_all(BlockDriverState *bs, Error *reason)
4669 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) {
4670 bdrv_op_unblock(bs, i, reason);
4674 bool bdrv_op_blocker_is_empty(BlockDriverState *bs)
4678 for (i = 0; i < BLOCK_OP_TYPE_MAX; i++) {
4679 if (!QLIST_EMPTY(&bs->op_blockers[i])) {
4686 void bdrv_img_create(const char *filename, const char *fmt,
4687 const char *base_filename, const char *base_fmt,
4688 char *options, uint64_t img_size, int flags, bool quiet,
4691 QemuOptsList *create_opts = NULL;
4692 QemuOpts *opts = NULL;
4693 const char *backing_fmt, *backing_file;
4695 BlockDriver *drv, *proto_drv;
4696 Error *local_err = NULL;
4699 /* Find driver and parse its options */
4700 drv = bdrv_find_format(fmt);
4702 error_setg(errp, "Unknown file format '%s'", fmt);
4706 proto_drv = bdrv_find_protocol(filename, true, errp);
4711 if (!drv->create_opts) {
4712 error_setg(errp, "Format driver '%s' does not support image creation",
4717 if (!proto_drv->create_opts) {
4718 error_setg(errp, "Protocol driver '%s' does not support image creation",
4719 proto_drv->format_name);
4723 create_opts = qemu_opts_append(create_opts, drv->create_opts);
4724 create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
4726 /* Create parameter list with default values */
4727 opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
4728 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, img_size, &error_abort);
4730 /* Parse -o options */
4732 qemu_opts_do_parse(opts, options, NULL, &local_err);
4734 error_report_err(local_err);
4736 error_setg(errp, "Invalid options for file format '%s'", fmt);
4741 if (base_filename) {
4742 qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, base_filename, &local_err);
4744 error_setg(errp, "Backing file not supported for file format '%s'",
4751 qemu_opt_set(opts, BLOCK_OPT_BACKING_FMT, base_fmt, &local_err);
4753 error_setg(errp, "Backing file format not supported for file "
4754 "format '%s'", fmt);
4759 backing_file = qemu_opt_get(opts, BLOCK_OPT_BACKING_FILE);
4761 if (!strcmp(filename, backing_file)) {
4762 error_setg(errp, "Error: Trying to create an image with the "
4763 "same filename as the backing file");
4768 backing_fmt = qemu_opt_get(opts, BLOCK_OPT_BACKING_FMT);
4770 /* The size for the image must always be specified, unless we have a backing
4771 * file and we have not been forbidden from opening it. */
4772 size = qemu_opt_get_size(opts, BLOCK_OPT_SIZE, img_size);
4773 if (backing_file && !(flags & BDRV_O_NO_BACKING)) {
4774 BlockDriverState *bs;
4775 char *full_backing = g_new0(char, PATH_MAX);
4777 QDict *backing_options = NULL;
4779 bdrv_get_full_backing_filename_from_filename(filename, backing_file,
4780 full_backing, PATH_MAX,
4783 g_free(full_backing);
4787 /* backing files always opened read-only */
4789 back_flags &= ~(BDRV_O_RDWR | BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING);
4791 backing_options = qdict_new();
4793 qdict_put_str(backing_options, "driver", backing_fmt);
4795 qdict_put_bool(backing_options, BDRV_OPT_FORCE_SHARE, true);
4797 bs = bdrv_open(full_backing, NULL, backing_options, back_flags,
4799 g_free(full_backing);
4800 if (!bs && size != -1) {
4801 /* Couldn't open BS, but we have a size, so it's nonfatal */
4802 warn_reportf_err(local_err,
4803 "Could not verify backing image. "
4804 "This may become an error in future versions.\n");
4807 /* Couldn't open bs, do not have size */
4808 error_append_hint(&local_err,
4809 "Could not open backing image to determine size.\n");
4813 /* Opened BS, have no size */
4814 size = bdrv_getlength(bs);
4816 error_setg_errno(errp, -size, "Could not get size of '%s'",
4821 qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, &error_abort);
4825 } /* (backing_file && !(flags & BDRV_O_NO_BACKING)) */
4828 error_setg(errp, "Image creation needs a size parameter");
4833 printf("Formatting '%s', fmt=%s ", filename, fmt);
4834 qemu_opts_print(opts, " ");
4838 ret = bdrv_create(drv, filename, opts, &local_err);
4840 if (ret == -EFBIG) {
4841 /* This is generally a better message than whatever the driver would
4842 * deliver (especially because of the cluster_size_hint), since that
4843 * is most probably not much different from "image too large". */
4844 const char *cluster_size_hint = "";
4845 if (qemu_opt_get_size(opts, BLOCK_OPT_CLUSTER_SIZE, 0)) {
4846 cluster_size_hint = " (try using a larger cluster size)";
4848 error_setg(errp, "The image size is too large for file format '%s'"
4849 "%s", fmt, cluster_size_hint);
4850 error_free(local_err);
4855 qemu_opts_del(opts);
4856 qemu_opts_free(create_opts);
4857 error_propagate(errp, local_err);
4860 AioContext *bdrv_get_aio_context(BlockDriverState *bs)
4862 return bs ? bs->aio_context : qemu_get_aio_context();
4865 AioWait *bdrv_get_aio_wait(BlockDriverState *bs)
4867 return bs ? &bs->wait : NULL;
4870 void bdrv_coroutine_enter(BlockDriverState *bs, Coroutine *co)
4872 aio_co_enter(bdrv_get_aio_context(bs), co);
4875 static void bdrv_do_remove_aio_context_notifier(BdrvAioNotifier *ban)
4877 QLIST_REMOVE(ban, list);
4881 void bdrv_detach_aio_context(BlockDriverState *bs)
4883 BdrvAioNotifier *baf, *baf_tmp;
4890 assert(!bs->walking_aio_notifiers);
4891 bs->walking_aio_notifiers = true;
4892 QLIST_FOREACH_SAFE(baf, &bs->aio_notifiers, list, baf_tmp) {
4894 bdrv_do_remove_aio_context_notifier(baf);
4896 baf->detach_aio_context(baf->opaque);
4899 /* Never mind iterating again to check for ->deleted. bdrv_close() will
4900 * remove remaining aio notifiers if we aren't called again.
4902 bs->walking_aio_notifiers = false;
4904 if (bs->drv->bdrv_detach_aio_context) {
4905 bs->drv->bdrv_detach_aio_context(bs);
4907 QLIST_FOREACH(child, &bs->children, next) {
4908 bdrv_detach_aio_context(child->bs);
4911 bs->aio_context = NULL;
4914 void bdrv_attach_aio_context(BlockDriverState *bs,
4915 AioContext *new_context)
4917 BdrvAioNotifier *ban, *ban_tmp;
4924 bs->aio_context = new_context;
4926 QLIST_FOREACH(child, &bs->children, next) {
4927 bdrv_attach_aio_context(child->bs, new_context);
4929 if (bs->drv->bdrv_attach_aio_context) {
4930 bs->drv->bdrv_attach_aio_context(bs, new_context);
4933 assert(!bs->walking_aio_notifiers);
4934 bs->walking_aio_notifiers = true;
4935 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_tmp) {
4937 bdrv_do_remove_aio_context_notifier(ban);
4939 ban->attached_aio_context(new_context, ban->opaque);
4942 bs->walking_aio_notifiers = false;
4945 void bdrv_set_aio_context(BlockDriverState *bs, AioContext *new_context)
4947 AioContext *ctx = bdrv_get_aio_context(bs);
4949 aio_disable_external(ctx);
4950 bdrv_parent_drained_begin(bs, NULL);
4951 bdrv_drain(bs); /* ensure there are no in-flight requests */
4953 while (aio_poll(ctx, false)) {
4954 /* wait for all bottom halves to execute */
4957 bdrv_detach_aio_context(bs);
4959 /* This function executes in the old AioContext so acquire the new one in
4960 * case it runs in a different thread.
4962 aio_context_acquire(new_context);
4963 bdrv_attach_aio_context(bs, new_context);
4964 bdrv_parent_drained_end(bs, NULL);
4965 aio_enable_external(ctx);
4966 aio_context_release(new_context);
4969 void bdrv_add_aio_context_notifier(BlockDriverState *bs,
4970 void (*attached_aio_context)(AioContext *new_context, void *opaque),
4971 void (*detach_aio_context)(void *opaque), void *opaque)
4973 BdrvAioNotifier *ban = g_new(BdrvAioNotifier, 1);
4974 *ban = (BdrvAioNotifier){
4975 .attached_aio_context = attached_aio_context,
4976 .detach_aio_context = detach_aio_context,
4980 QLIST_INSERT_HEAD(&bs->aio_notifiers, ban, list);
4983 void bdrv_remove_aio_context_notifier(BlockDriverState *bs,
4984 void (*attached_aio_context)(AioContext *,
4986 void (*detach_aio_context)(void *),
4989 BdrvAioNotifier *ban, *ban_next;
4991 QLIST_FOREACH_SAFE(ban, &bs->aio_notifiers, list, ban_next) {
4992 if (ban->attached_aio_context == attached_aio_context &&
4993 ban->detach_aio_context == detach_aio_context &&
4994 ban->opaque == opaque &&
4995 ban->deleted == false)
4997 if (bs->walking_aio_notifiers) {
4998 ban->deleted = true;
5000 bdrv_do_remove_aio_context_notifier(ban);
5009 int bdrv_amend_options(BlockDriverState *bs, QemuOpts *opts,
5010 BlockDriverAmendStatusCB *status_cb, void *cb_opaque,
5014 error_setg(errp, "Node is ejected");
5017 if (!bs->drv->bdrv_amend_options) {
5018 error_setg(errp, "Block driver '%s' does not support option amendment",
5019 bs->drv->format_name);
5022 return bs->drv->bdrv_amend_options(bs, opts, status_cb, cb_opaque, errp);
5025 /* This function will be called by the bdrv_recurse_is_first_non_filter method
5026 * of block filter and by bdrv_is_first_non_filter.
5027 * It is used to test if the given bs is the candidate or recurse more in the
5030 bool bdrv_recurse_is_first_non_filter(BlockDriverState *bs,
5031 BlockDriverState *candidate)
5033 /* return false if basic checks fails */
5034 if (!bs || !bs->drv) {
5038 /* the code reached a non block filter driver -> check if the bs is
5039 * the same as the candidate. It's the recursion termination condition.
5041 if (!bs->drv->is_filter) {
5042 return bs == candidate;
5044 /* Down this path the driver is a block filter driver */
5046 /* If the block filter recursion method is defined use it to recurse down
5049 if (bs->drv->bdrv_recurse_is_first_non_filter) {
5050 return bs->drv->bdrv_recurse_is_first_non_filter(bs, candidate);
5053 /* the driver is a block filter but don't allow to recurse -> return false
5058 /* This function checks if the candidate is the first non filter bs down it's
5059 * bs chain. Since we don't have pointers to parents it explore all bs chains
5060 * from the top. Some filters can choose not to pass down the recursion.
5062 bool bdrv_is_first_non_filter(BlockDriverState *candidate)
5064 BlockDriverState *bs;
5065 BdrvNextIterator it;
5067 /* walk down the bs forest recursively */
5068 for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
5071 /* try to recurse in this top level bs */
5072 perm = bdrv_recurse_is_first_non_filter(bs, candidate);
5074 /* candidate is the first non filter */
5076 bdrv_next_cleanup(&it);
5084 BlockDriverState *check_to_replace_node(BlockDriverState *parent_bs,
5085 const char *node_name, Error **errp)
5087 BlockDriverState *to_replace_bs = bdrv_find_node(node_name);
5088 AioContext *aio_context;
5090 if (!to_replace_bs) {
5091 error_setg(errp, "Node name '%s' not found", node_name);
5095 aio_context = bdrv_get_aio_context(to_replace_bs);
5096 aio_context_acquire(aio_context);
5098 if (bdrv_op_is_blocked(to_replace_bs, BLOCK_OP_TYPE_REPLACE, errp)) {
5099 to_replace_bs = NULL;
5103 /* We don't want arbitrary node of the BDS chain to be replaced only the top
5104 * most non filter in order to prevent data corruption.
5105 * Another benefit is that this tests exclude backing files which are
5106 * blocked by the backing blockers.
5108 if (!bdrv_recurse_is_first_non_filter(parent_bs, to_replace_bs)) {
5109 error_setg(errp, "Only top most non filter can be replaced");
5110 to_replace_bs = NULL;
5115 aio_context_release(aio_context);
5116 return to_replace_bs;
5119 static bool append_open_options(QDict *d, BlockDriverState *bs)
5121 const QDictEntry *entry;
5124 bool found_any = false;
5127 for (entry = qdict_first(bs->options); entry;
5128 entry = qdict_next(bs->options, entry))
5130 /* Exclude options for children */
5131 QLIST_FOREACH(child, &bs->children, next) {
5132 if (strstart(qdict_entry_key(entry), child->name, &p)
5133 && (!*p || *p == '.'))
5142 /* And exclude all non-driver-specific options */
5143 for (desc = bdrv_runtime_opts.desc; desc->name; desc++) {
5144 if (!strcmp(qdict_entry_key(entry), desc->name)) {
5152 qdict_put_obj(d, qdict_entry_key(entry),
5153 qobject_ref(qdict_entry_value(entry)));
5160 /* Updates the following BDS fields:
5161 * - exact_filename: A filename which may be used for opening a block device
5162 * which (mostly) equals the given BDS (even without any
5163 * other options; so reading and writing must return the same
5164 * results, but caching etc. may be different)
5165 * - full_open_options: Options which, when given when opening a block device
5166 * (without a filename), result in a BDS (mostly)
5167 * equalling the given one
5168 * - filename: If exact_filename is set, it is copied here. Otherwise,
5169 * full_open_options is converted to a JSON object, prefixed with
5170 * "json:" (for use through the JSON pseudo protocol) and put here.
5172 void bdrv_refresh_filename(BlockDriverState *bs)
5174 BlockDriver *drv = bs->drv;
5181 /* This BDS's file name will most probably depend on its file's name, so
5182 * refresh that first */
5184 bdrv_refresh_filename(bs->file->bs);
5187 if (drv->bdrv_refresh_filename) {
5188 /* Obsolete information is of no use here, so drop the old file name
5189 * information before refreshing it */
5190 bs->exact_filename[0] = '\0';
5191 if (bs->full_open_options) {
5192 qobject_unref(bs->full_open_options);
5193 bs->full_open_options = NULL;
5197 append_open_options(opts, bs);
5198 drv->bdrv_refresh_filename(bs, opts);
5199 qobject_unref(opts);
5200 } else if (bs->file) {
5201 /* Try to reconstruct valid information from the underlying file */
5202 bool has_open_options;
5204 bs->exact_filename[0] = '\0';
5205 if (bs->full_open_options) {
5206 qobject_unref(bs->full_open_options);
5207 bs->full_open_options = NULL;
5211 has_open_options = append_open_options(opts, bs);
5213 /* If no specific options have been given for this BDS, the filename of
5214 * the underlying file should suffice for this one as well */
5215 if (bs->file->bs->exact_filename[0] && !has_open_options) {
5216 strcpy(bs->exact_filename, bs->file->bs->exact_filename);
5218 /* Reconstructing the full options QDict is simple for most format block
5219 * drivers, as long as the full options are known for the underlying
5220 * file BDS. The full options QDict of that file BDS should somehow
5221 * contain a representation of the filename, therefore the following
5222 * suffices without querying the (exact_)filename of this BDS. */
5223 if (bs->file->bs->full_open_options) {
5224 qdict_put_str(opts, "driver", drv->format_name);
5225 qdict_put(opts, "file",
5226 qobject_ref(bs->file->bs->full_open_options));
5228 bs->full_open_options = opts;
5230 qobject_unref(opts);
5232 } else if (!bs->full_open_options && qdict_size(bs->options)) {
5233 /* There is no underlying file BDS (at least referenced by BDS.file),
5234 * so the full options QDict should be equal to the options given
5235 * specifically for this block device when it was opened (plus the
5236 * driver specification).
5237 * Because those options don't change, there is no need to update
5238 * full_open_options when it's already set. */
5241 append_open_options(opts, bs);
5242 qdict_put_str(opts, "driver", drv->format_name);
5244 if (bs->exact_filename[0]) {
5245 /* This may not work for all block protocol drivers (some may
5246 * require this filename to be parsed), but we have to find some
5247 * default solution here, so just include it. If some block driver
5248 * does not support pure options without any filename at all or
5249 * needs some special format of the options QDict, it needs to
5250 * implement the driver-specific bdrv_refresh_filename() function.
5252 qdict_put_str(opts, "filename", bs->exact_filename);
5255 bs->full_open_options = opts;
5258 if (bs->exact_filename[0]) {
5259 pstrcpy(bs->filename, sizeof(bs->filename), bs->exact_filename);
5260 } else if (bs->full_open_options) {
5261 QString *json = qobject_to_json(QOBJECT(bs->full_open_options));
5262 snprintf(bs->filename, sizeof(bs->filename), "json:%s",
5263 qstring_get_str(json));
5264 qobject_unref(json);
5269 * Hot add/remove a BDS's child. So the user can take a child offline when
5270 * it is broken and take a new child online
5272 void bdrv_add_child(BlockDriverState *parent_bs, BlockDriverState *child_bs,
5276 if (!parent_bs->drv || !parent_bs->drv->bdrv_add_child) {
5277 error_setg(errp, "The node %s does not support adding a child",
5278 bdrv_get_device_or_node_name(parent_bs));
5282 if (!QLIST_EMPTY(&child_bs->parents)) {
5283 error_setg(errp, "The node %s already has a parent",
5284 child_bs->node_name);
5288 parent_bs->drv->bdrv_add_child(parent_bs, child_bs, errp);
5291 void bdrv_del_child(BlockDriverState *parent_bs, BdrvChild *child, Error **errp)
5295 if (!parent_bs->drv || !parent_bs->drv->bdrv_del_child) {
5296 error_setg(errp, "The node %s does not support removing a child",
5297 bdrv_get_device_or_node_name(parent_bs));
5301 QLIST_FOREACH(tmp, &parent_bs->children, next) {
5308 error_setg(errp, "The node %s does not have a child named %s",
5309 bdrv_get_device_or_node_name(parent_bs),
5310 bdrv_get_device_or_node_name(child->bs));
5314 parent_bs->drv->bdrv_del_child(parent_bs, child, errp);
5317 bool bdrv_can_store_new_dirty_bitmap(BlockDriverState *bs, const char *name,
5318 uint32_t granularity, Error **errp)
5320 BlockDriver *drv = bs->drv;
5323 error_setg_errno(errp, ENOMEDIUM,
5324 "Can't store persistent bitmaps to %s",
5325 bdrv_get_device_or_node_name(bs));
5329 if (!drv->bdrv_can_store_new_dirty_bitmap) {
5330 error_setg_errno(errp, ENOTSUP,
5331 "Can't store persistent bitmaps to %s",
5332 bdrv_get_device_or_node_name(bs));
5336 return drv->bdrv_can_store_new_dirty_bitmap(bs, name, granularity, errp);
projects / qemu.git / blob