2013-06-24 15:13:11 +00:00
|
|
|
/*
|
|
|
|
|
* QEMU backup
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2013 Proxmox Server Solutions
|
|
|
|
|
*
|
|
|
|
|
* Authors:
|
|
|
|
|
* Dietmar Maurer (dietmar@proxmox.com)
|
|
|
|
|
*
|
|
|
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or later.
|
|
|
|
|
* See the COPYING file in the top-level directory.
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
|
2016-01-18 18:01:42 +00:00
|
|
|
#include "qemu/osdep.h"
|
2013-06-24 15:13:11 +00:00
|
|
|
|
|
|
|
|
#include "trace.h"
|
|
|
|
|
#include "block/block.h"
|
|
|
|
|
#include "block/block_int.h"
|
2016-10-27 16:07:00 +00:00
|
|
|
#include "block/blockjob_int.h"
|
2016-07-27 07:01:43 +00:00
|
|
|
#include "block/block_backup.h"
|
include/qemu/osdep.h: Don't include qapi/error.h
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the
Error typedef. Since then, we've moved to include qemu/osdep.h
everywhere. Its file comment explains: "To avoid getting into
possible circular include dependencies, this file should not include
any other QEMU headers, with the exceptions of config-host.h,
compiler.h, os-posix.h and os-win32.h, all of which are doing a
similar job to this file and are under similar constraints."
qapi/error.h doesn't do a similar job, and it doesn't adhere to
similar constraints: it includes qapi-types.h. That's in excess of
100KiB of crap most .c files don't actually need.
Add the typedef to qemu/typedefs.h, and include that instead of
qapi/error.h. Include qapi/error.h in .c files that need it and don't
get it now. Include qapi-types.h in qom/object.h for uint16List.
Update scripts/clean-includes accordingly. Update it further to match
reality: replace config.h by config-target.h, add sysemu/os-posix.h,
sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h
comment quoted above similarly.
This reduces the number of objects depending on qapi/error.h from "all
of them" to less than a third. Unfortunately, the number depending on
qapi-types.h shrinks only a little. More work is needed for that one.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
[Fix compilation without the spice devel packages. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-14 08:01:28 +00:00
|
|
|
#include "qapi/error.h"
|
2015-03-17 16:22:46 +00:00
|
|
|
#include "qapi/qmp/qerror.h"
|
2013-06-24 15:13:11 +00:00
|
|
|
#include "qemu/ratelimit.h"
|
2016-03-20 17:16:19 +00:00
|
|
|
#include "qemu/cutils.h"
|
2015-10-19 15:53:22 +00:00
|
|
|
#include "sysemu/block-backend.h"
|
2016-03-08 04:44:52 +00:00
|
|
|
#include "qemu/bitmap.h"
|
2017-02-28 19:33:40 +00:00
|
|
|
#include "qemu/error-report.h"
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2016-02-25 20:58:29 +00:00
|
|
|
#define BACKUP_CLUSTER_SIZE_DEFAULT (1 << 16)
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2018-09-19 12:43:43 +00:00
|
|
|
typedef struct CowRequest {
|
|
|
|
|
int64_t start_byte;
|
|
|
|
|
int64_t end_byte;
|
|
|
|
|
QLIST_ENTRY(CowRequest) list;
|
|
|
|
|
CoQueue wait_queue; /* coroutines blocked on this request */
|
|
|
|
|
} CowRequest;
|
|
|
|
|
|
2013-06-24 15:13:11 +00:00
|
|
|
typedef struct BackupBlockJob {
|
|
|
|
|
BlockJob common;
|
2016-04-14 11:09:53 +00:00
|
|
|
BlockBackend *target;
|
2019-07-29 20:35:53 +00:00
|
|
|
|
2015-04-17 23:49:58 +00:00
|
|
|
BdrvDirtyBitmap *sync_bitmap;
|
2019-07-29 20:35:53 +00:00
|
|
|
BdrvDirtyBitmap *copy_bitmap;
|
|
|
|
|
|
2013-07-26 18:39:04 +00:00
|
|
|
MirrorSyncMode sync_mode;
|
2019-07-29 20:35:52 +00:00
|
|
|
BitmapSyncMode bitmap_mode;
|
2013-06-24 15:13:11 +00:00
|
|
|
BlockdevOnError on_source_error;
|
|
|
|
|
BlockdevOnError on_target_error;
|
|
|
|
|
CoRwlock flush_rwlock;
|
2018-01-18 17:08:22 +00:00
|
|
|
uint64_t len;
|
2017-07-07 12:44:53 +00:00
|
|
|
uint64_t bytes_read;
|
2016-02-25 20:58:29 +00:00
|
|
|
int64_t cluster_size;
|
2016-01-26 23:54:58 +00:00
|
|
|
NotifierWithReturn before_write;
|
2013-06-24 15:13:11 +00:00
|
|
|
QLIST_HEAD(, CowRequest) inflight_reqs;
|
2017-10-12 13:53:10 +00:00
|
|
|
|
2018-07-03 02:37:58 +00:00
|
|
|
bool use_copy_range;
|
|
|
|
|
int64_t copy_range_size;
|
block/backup: fix fleecing scheme: use serialized writes
Fleecing scheme works as follows: we want a kind of temporary snapshot
of active drive A. We create temporary image B, with B->backing = A.
Then we start backup(sync=none) from A to B. From this point, B reads
as point-in-time snapshot of A (A continues to be active drive,
accepting guest IO).
This scheme needs some additional synchronization between reads from B
and backup COW operations, otherwise, the following situation is
theoretically possible:
(assume B is qcow2, client is NBD client, reading from B)
1. client starts reading and take qcow2 mutex in qcow2_co_preadv, and
goes up to l2 table loading (assume cache miss)
2) guest write => backup COW => qcow2 write =>
try to take qcow2 mutex => waiting
3. l2 table loaded, we see that cluster is UNALLOCATED, go to
"case QCOW2_CLUSTER_UNALLOCATED" and unlock mutex before
bdrv_co_preadv(bs->backing, ...)
4) aha, mutex unlocked, backup COW continues, and we finally finish
guest write and change cluster in our active disk A
5. actually, do bdrv_co_preadv(bs->backing, ...) and read
_new updated_ data.
To avoid this, let's make backup writes serializing, to not intersect
with reads from B.
Note: we expand range of handled cases from (sync=none and
B->backing = A) to just (A in backing chain of B), to finally allow
safe reading from B during backup for all cases when A in backing chain
of B, i.e. B formally looks like point-in-time snapshot of A.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-09 16:37:19 +00:00
|
|
|
|
2019-07-30 16:32:51 +00:00
|
|
|
BdrvRequestFlags write_flags;
|
2019-07-29 20:35:55 +00:00
|
|
|
bool initializing_bitmap;
|
2013-06-24 15:13:11 +00:00
|
|
|
} BackupBlockJob;
|
|
|
|
|
|
2018-01-19 14:54:40 +00:00
|
|
|
static const BlockJobDriver backup_job_driver;
|
|
|
|
|
|
2013-06-24 15:13:11 +00:00
|
|
|
/* See if in-flight requests overlap and wait for them to complete */
|
|
|
|
|
static void coroutine_fn wait_for_overlapping_requests(BackupBlockJob *job,
|
|
|
|
|
int64_t start,
|
|
|
|
|
int64_t end)
|
|
|
|
|
{
|
|
|
|
|
CowRequest *req;
|
|
|
|
|
bool retry;
|
|
|
|
|
|
|
|
|
|
do {
|
|
|
|
|
retry = false;
|
|
|
|
|
QLIST_FOREACH(req, &job->inflight_reqs, list) {
|
2017-07-07 12:44:54 +00:00
|
|
|
if (end > req->start_byte && start < req->end_byte) {
|
2017-02-13 18:12:43 +00:00
|
|
|
qemu_co_queue_wait(&req->wait_queue, NULL);
|
2013-06-24 15:13:11 +00:00
|
|
|
retry = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} while (retry);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Keep track of an in-flight request */
|
|
|
|
|
static void cow_request_begin(CowRequest *req, BackupBlockJob *job,
|
2017-07-07 12:44:54 +00:00
|
|
|
int64_t start, int64_t end)
|
2013-06-24 15:13:11 +00:00
|
|
|
{
|
2017-07-07 12:44:54 +00:00
|
|
|
req->start_byte = start;
|
|
|
|
|
req->end_byte = end;
|
2013-06-24 15:13:11 +00:00
|
|
|
qemu_co_queue_init(&req->wait_queue);
|
|
|
|
|
QLIST_INSERT_HEAD(&job->inflight_reqs, req, list);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Forget about a completed request */
|
|
|
|
|
static void cow_request_end(CowRequest *req)
|
|
|
|
|
{
|
|
|
|
|
QLIST_REMOVE(req, list);
|
|
|
|
|
qemu_co_queue_restart_all(&req->wait_queue);
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-03 02:37:58 +00:00
|
|
|
/* Copy range to target with a bounce buffer and return the bytes copied. If
|
2018-07-12 19:51:20 +00:00
|
|
|
* error occurred, return a negative error number */
|
2018-07-03 02:37:58 +00:00
|
|
|
static int coroutine_fn backup_cow_with_bounce_buffer(BackupBlockJob *job,
|
|
|
|
|
int64_t start,
|
|
|
|
|
int64_t end,
|
|
|
|
|
bool is_write_notifier,
|
|
|
|
|
bool *error_is_read,
|
|
|
|
|
void **bounce_buffer)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
BlockBackend *blk = job->common.blk;
|
|
|
|
|
int nbytes;
|
block/backup: fix fleecing scheme: use serialized writes
Fleecing scheme works as follows: we want a kind of temporary snapshot
of active drive A. We create temporary image B, with B->backing = A.
Then we start backup(sync=none) from A to B. From this point, B reads
as point-in-time snapshot of A (A continues to be active drive,
accepting guest IO).
This scheme needs some additional synchronization between reads from B
and backup COW operations, otherwise, the following situation is
theoretically possible:
(assume B is qcow2, client is NBD client, reading from B)
1. client starts reading and take qcow2 mutex in qcow2_co_preadv, and
goes up to l2 table loading (assume cache miss)
2) guest write => backup COW => qcow2 write =>
try to take qcow2 mutex => waiting
3. l2 table loaded, we see that cluster is UNALLOCATED, go to
"case QCOW2_CLUSTER_UNALLOCATED" and unlock mutex before
bdrv_co_preadv(bs->backing, ...)
4) aha, mutex unlocked, backup COW continues, and we finally finish
guest write and change cluster in our active disk A
5. actually, do bdrv_co_preadv(bs->backing, ...) and read
_new updated_ data.
To avoid this, let's make backup writes serializing, to not intersect
with reads from B.
Note: we expand range of handled cases from (sync=none and
B->backing = A) to just (A in backing chain of B), to finally allow
safe reading from B during backup for all cases when A in backing chain
of B, i.e. B formally looks like point-in-time snapshot of A.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-09 16:37:19 +00:00
|
|
|
int read_flags = is_write_notifier ? BDRV_REQ_NO_SERIALISING : 0;
|
2018-07-03 02:37:58 +00:00
|
|
|
|
2019-04-29 09:08:39 +00:00
|
|
|
assert(QEMU_IS_ALIGNED(start, job->cluster_size));
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_reset_dirty_bitmap(job->copy_bitmap, start, job->cluster_size);
|
2018-07-03 02:37:58 +00:00
|
|
|
nbytes = MIN(job->cluster_size, job->len - start);
|
|
|
|
|
if (!*bounce_buffer) {
|
|
|
|
|
*bounce_buffer = blk_blockalign(blk, job->cluster_size);
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-22 14:58:35 +00:00
|
|
|
ret = blk_co_pread(blk, start, nbytes, *bounce_buffer, read_flags);
|
2018-07-03 02:37:58 +00:00
|
|
|
if (ret < 0) {
|
|
|
|
|
trace_backup_do_cow_read_fail(job, start, ret);
|
|
|
|
|
if (error_is_read) {
|
|
|
|
|
*error_is_read = true;
|
|
|
|
|
}
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-30 16:32:49 +00:00
|
|
|
ret = blk_co_pwrite(job->target, start, nbytes, *bounce_buffer,
|
2019-07-30 16:32:51 +00:00
|
|
|
job->write_flags);
|
2018-07-03 02:37:58 +00:00
|
|
|
if (ret < 0) {
|
|
|
|
|
trace_backup_do_cow_write_fail(job, start, ret);
|
|
|
|
|
if (error_is_read) {
|
|
|
|
|
*error_is_read = false;
|
|
|
|
|
}
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nbytes;
|
|
|
|
|
fail:
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_set_dirty_bitmap(job->copy_bitmap, start, job->cluster_size);
|
2018-07-03 02:37:58 +00:00
|
|
|
return ret;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-12 19:51:20 +00:00
|
|
|
/* Copy range to target and return the bytes copied. If error occurred, return a
|
2018-07-03 02:37:58 +00:00
|
|
|
* negative error number. */
|
|
|
|
|
static int coroutine_fn backup_cow_with_offload(BackupBlockJob *job,
|
|
|
|
|
int64_t start,
|
|
|
|
|
int64_t end,
|
|
|
|
|
bool is_write_notifier)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
int nr_clusters;
|
|
|
|
|
BlockBackend *blk = job->common.blk;
|
|
|
|
|
int nbytes;
|
block/backup: fix fleecing scheme: use serialized writes
Fleecing scheme works as follows: we want a kind of temporary snapshot
of active drive A. We create temporary image B, with B->backing = A.
Then we start backup(sync=none) from A to B. From this point, B reads
as point-in-time snapshot of A (A continues to be active drive,
accepting guest IO).
This scheme needs some additional synchronization between reads from B
and backup COW operations, otherwise, the following situation is
theoretically possible:
(assume B is qcow2, client is NBD client, reading from B)
1. client starts reading and take qcow2 mutex in qcow2_co_preadv, and
goes up to l2 table loading (assume cache miss)
2) guest write => backup COW => qcow2 write =>
try to take qcow2 mutex => waiting
3. l2 table loaded, we see that cluster is UNALLOCATED, go to
"case QCOW2_CLUSTER_UNALLOCATED" and unlock mutex before
bdrv_co_preadv(bs->backing, ...)
4) aha, mutex unlocked, backup COW continues, and we finally finish
guest write and change cluster in our active disk A
5. actually, do bdrv_co_preadv(bs->backing, ...) and read
_new updated_ data.
To avoid this, let's make backup writes serializing, to not intersect
with reads from B.
Note: we expand range of handled cases from (sync=none and
B->backing = A) to just (A in backing chain of B), to finally allow
safe reading from B during backup for all cases when A in backing chain
of B, i.e. B formally looks like point-in-time snapshot of A.
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-07-09 16:37:19 +00:00
|
|
|
int read_flags = is_write_notifier ? BDRV_REQ_NO_SERIALISING : 0;
|
2018-07-03 02:37:58 +00:00
|
|
|
|
|
|
|
|
assert(QEMU_IS_ALIGNED(job->copy_range_size, job->cluster_size));
|
2019-04-29 09:08:39 +00:00
|
|
|
assert(QEMU_IS_ALIGNED(start, job->cluster_size));
|
2019-09-20 14:20:43 +00:00
|
|
|
nbytes = MIN(job->copy_range_size, MIN(end, job->len) - start);
|
2018-07-03 02:37:58 +00:00
|
|
|
nr_clusters = DIV_ROUND_UP(nbytes, job->cluster_size);
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_reset_dirty_bitmap(job->copy_bitmap, start,
|
|
|
|
|
job->cluster_size * nr_clusters);
|
2018-07-03 02:37:58 +00:00
|
|
|
ret = blk_co_copy_range(blk, start, job->target, start, nbytes,
|
2019-07-30 16:32:51 +00:00
|
|
|
read_flags, job->write_flags);
|
2018-07-03 02:37:58 +00:00
|
|
|
if (ret < 0) {
|
|
|
|
|
trace_backup_do_cow_copy_range_fail(job, start, ret);
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_set_dirty_bitmap(job->copy_bitmap, start,
|
|
|
|
|
job->cluster_size * nr_clusters);
|
2018-07-03 02:37:58 +00:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nbytes;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
/*
|
|
|
|
|
* Check if the cluster starting at offset is allocated or not.
|
|
|
|
|
* return via pnum the number of contiguous clusters sharing this allocation.
|
|
|
|
|
*/
|
|
|
|
|
static int backup_is_cluster_allocated(BackupBlockJob *s, int64_t offset,
|
|
|
|
|
int64_t *pnum)
|
|
|
|
|
{
|
|
|
|
|
BlockDriverState *bs = blk_bs(s->common.blk);
|
|
|
|
|
int64_t count, total_count = 0;
|
|
|
|
|
int64_t bytes = s->len - offset;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
assert(QEMU_IS_ALIGNED(offset, s->cluster_size));
|
|
|
|
|
|
|
|
|
|
while (true) {
|
|
|
|
|
ret = bdrv_is_allocated(bs, offset, bytes, &count);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
total_count += count;
|
|
|
|
|
|
|
|
|
|
if (ret || count == 0) {
|
|
|
|
|
/*
|
|
|
|
|
* ret: partial segment(s) are considered allocated.
|
|
|
|
|
* otherwise: unallocated tail is treated as an entire segment.
|
|
|
|
|
*/
|
|
|
|
|
*pnum = DIV_ROUND_UP(total_count, s->cluster_size);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Unallocated segment(s) with uncertain following segment(s) */
|
|
|
|
|
if (total_count >= s->cluster_size) {
|
|
|
|
|
*pnum = total_count / s->cluster_size;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
offset += count;
|
|
|
|
|
bytes -= count;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
/**
|
|
|
|
|
* Reset bits in copy_bitmap starting at offset if they represent unallocated
|
|
|
|
|
* data in the image. May reset subsequent contiguous bits.
|
|
|
|
|
* @return 0 when the cluster at @offset was unallocated,
|
|
|
|
|
* 1 otherwise, and -ret on error.
|
|
|
|
|
*/
|
|
|
|
|
static int64_t backup_bitmap_reset_unallocated(BackupBlockJob *s,
|
|
|
|
|
int64_t offset, int64_t *count)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
int64_t clusters, bytes, estimate;
|
|
|
|
|
|
|
|
|
|
ret = backup_is_cluster_allocated(s, offset, &clusters);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bytes = clusters * s->cluster_size;
|
|
|
|
|
|
|
|
|
|
if (!ret) {
|
|
|
|
|
bdrv_reset_dirty_bitmap(s->copy_bitmap, offset, bytes);
|
|
|
|
|
estimate = bdrv_get_dirty_count(s->copy_bitmap);
|
|
|
|
|
job_progress_set_remaining(&s->common.job, estimate);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*count = bytes;
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-20 14:20:44 +00:00
|
|
|
static int coroutine_fn backup_do_copy(BackupBlockJob *job,
|
|
|
|
|
int64_t start, uint64_t bytes,
|
|
|
|
|
bool *error_is_read,
|
|
|
|
|
bool is_write_notifier)
|
2013-06-24 15:13:11 +00:00
|
|
|
{
|
|
|
|
|
int ret = 0;
|
2019-09-20 14:20:44 +00:00
|
|
|
int64_t end = bytes + start; /* bytes */
|
2018-07-03 02:37:58 +00:00
|
|
|
void *bounce_buffer = NULL;
|
2019-07-29 20:35:55 +00:00
|
|
|
int64_t status_bytes;
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2019-09-20 14:20:44 +00:00
|
|
|
assert(QEMU_IS_ALIGNED(start, job->cluster_size));
|
|
|
|
|
assert(QEMU_IS_ALIGNED(end, job->cluster_size));
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2018-07-03 02:37:58 +00:00
|
|
|
while (start < end) {
|
2019-08-01 17:38:59 +00:00
|
|
|
int64_t dirty_end;
|
|
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
if (!bdrv_dirty_bitmap_get(job->copy_bitmap, start)) {
|
2017-07-07 12:44:55 +00:00
|
|
|
trace_backup_do_cow_skip(job, start);
|
2018-07-03 02:37:58 +00:00
|
|
|
start += job->cluster_size;
|
2013-06-24 15:13:11 +00:00
|
|
|
continue; /* already copied */
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
dirty_end = bdrv_dirty_bitmap_next_zero(job->copy_bitmap, start,
|
|
|
|
|
(end - start));
|
2019-08-01 17:38:59 +00:00
|
|
|
if (dirty_end < 0) {
|
|
|
|
|
dirty_end = end;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
if (job->initializing_bitmap) {
|
|
|
|
|
ret = backup_bitmap_reset_unallocated(job, start, &status_bytes);
|
|
|
|
|
if (ret == 0) {
|
|
|
|
|
trace_backup_do_cow_skip_range(job, start, status_bytes);
|
|
|
|
|
start += status_bytes;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
/* Clamp to known allocated region */
|
|
|
|
|
dirty_end = MIN(dirty_end, start + status_bytes);
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-07 12:44:55 +00:00
|
|
|
trace_backup_do_cow_process(job, start);
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2018-07-03 02:37:58 +00:00
|
|
|
if (job->use_copy_range) {
|
2019-08-01 17:38:59 +00:00
|
|
|
ret = backup_cow_with_offload(job, start, dirty_end,
|
|
|
|
|
is_write_notifier);
|
2018-07-03 02:37:58 +00:00
|
|
|
if (ret < 0) {
|
|
|
|
|
job->use_copy_range = false;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
}
|
2018-07-03 02:37:58 +00:00
|
|
|
if (!job->use_copy_range) {
|
2019-08-01 17:38:59 +00:00
|
|
|
ret = backup_cow_with_bounce_buffer(job, start, dirty_end,
|
|
|
|
|
is_write_notifier,
|
2018-07-03 02:37:58 +00:00
|
|
|
error_is_read, &bounce_buffer);
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
if (ret < 0) {
|
2018-07-03 02:37:58 +00:00
|
|
|
break;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Publish progress, guest I/O counts as progress too. Note that the
|
|
|
|
|
* offset field is an opaque progress value, it is not a disk offset.
|
|
|
|
|
*/
|
2018-07-03 02:37:58 +00:00
|
|
|
start += ret;
|
|
|
|
|
job->bytes_read += ret;
|
|
|
|
|
job_progress_update(&job->common.job, ret);
|
|
|
|
|
ret = 0;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (bounce_buffer) {
|
|
|
|
|
qemu_vfree(bounce_buffer);
|
|
|
|
|
}
|
|
|
|
|
|
2019-09-20 14:20:44 +00:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int coroutine_fn backup_do_cow(BackupBlockJob *job,
|
|
|
|
|
int64_t offset, uint64_t bytes,
|
|
|
|
|
bool *error_is_read,
|
|
|
|
|
bool is_write_notifier)
|
|
|
|
|
{
|
|
|
|
|
CowRequest cow_request;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
int64_t start, end; /* bytes */
|
|
|
|
|
|
|
|
|
|
qemu_co_rwlock_rdlock(&job->flush_rwlock);
|
|
|
|
|
|
|
|
|
|
start = QEMU_ALIGN_DOWN(offset, job->cluster_size);
|
|
|
|
|
end = QEMU_ALIGN_UP(bytes + offset, job->cluster_size);
|
|
|
|
|
|
|
|
|
|
trace_backup_do_cow_enter(job, start, offset, bytes);
|
|
|
|
|
|
|
|
|
|
wait_for_overlapping_requests(job, start, end);
|
|
|
|
|
cow_request_begin(&cow_request, job, start, end);
|
|
|
|
|
|
|
|
|
|
ret = backup_do_copy(job, start, end - start, error_is_read,
|
|
|
|
|
is_write_notifier);
|
|
|
|
|
|
2013-06-24 15:13:11 +00:00
|
|
|
cow_request_end(&cow_request);
|
|
|
|
|
|
2017-07-07 12:44:55 +00:00
|
|
|
trace_backup_do_cow_return(job, offset, bytes, ret);
|
2013-06-24 15:13:11 +00:00
|
|
|
|
|
|
|
|
qemu_co_rwlock_unlock(&job->flush_rwlock);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int coroutine_fn backup_before_write_notify(
|
|
|
|
|
NotifierWithReturn *notifier,
|
|
|
|
|
void *opaque)
|
|
|
|
|
{
|
2016-01-26 23:54:58 +00:00
|
|
|
BackupBlockJob *job = container_of(notifier, BackupBlockJob, before_write);
|
2013-06-24 15:13:11 +00:00
|
|
|
BdrvTrackedRequest *req = opaque;
|
|
|
|
|
|
2016-04-14 11:09:53 +00:00
|
|
|
assert(req->bs == blk_bs(job->common.blk));
|
2017-07-07 12:44:55 +00:00
|
|
|
assert(QEMU_IS_ALIGNED(req->offset, BDRV_SECTOR_SIZE));
|
|
|
|
|
assert(QEMU_IS_ALIGNED(req->bytes, BDRV_SECTOR_SIZE));
|
2013-12-03 14:31:25 +00:00
|
|
|
|
2017-07-07 12:44:55 +00:00
|
|
|
return backup_do_cow(job, req->offset, req->bytes, NULL, true);
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2015-11-05 23:13:10 +00:00
|
|
|
static void backup_cleanup_sync_bitmap(BackupBlockJob *job, int ret)
|
|
|
|
|
{
|
|
|
|
|
BdrvDirtyBitmap *bm;
|
2016-04-14 11:09:53 +00:00
|
|
|
BlockDriverState *bs = blk_bs(job->common.blk);
|
2019-07-29 20:35:53 +00:00
|
|
|
bool sync = (((ret == 0) || (job->bitmap_mode == BITMAP_SYNC_MODE_ALWAYS)) \
|
|
|
|
|
&& (job->bitmap_mode != BITMAP_SYNC_MODE_NEVER));
|
2015-11-05 23:13:10 +00:00
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
if (sync) {
|
2019-07-29 20:35:53 +00:00
|
|
|
/*
|
2019-07-29 20:35:53 +00:00
|
|
|
* We succeeded, or we always intended to sync the bitmap.
|
|
|
|
|
* Delete this bitmap and install the child.
|
2019-07-29 20:35:53 +00:00
|
|
|
*/
|
2015-11-05 23:13:10 +00:00
|
|
|
bm = bdrv_dirty_bitmap_abdicate(bs, job->sync_bitmap, NULL);
|
2019-07-29 20:35:53 +00:00
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
* We failed, or we never intended to sync the bitmap anyway.
|
|
|
|
|
* Merge the successor back into the parent, keeping all data.
|
|
|
|
|
*/
|
|
|
|
|
bm = bdrv_reclaim_dirty_bitmap(bs, job->sync_bitmap, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
assert(bm);
|
|
|
|
|
|
|
|
|
|
if (ret < 0 && job->bitmap_mode == BITMAP_SYNC_MODE_ALWAYS) {
|
|
|
|
|
/* If we failed and synced, merge in the bits we didn't copy: */
|
|
|
|
|
bdrv_dirty_bitmap_merge_internal(bm, job->copy_bitmap,
|
|
|
|
|
NULL, true);
|
2015-11-05 23:13:10 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-19 15:30:16 +00:00
|
|
|
static void backup_commit(Job *job)
|
2015-11-05 23:13:16 +00:00
|
|
|
{
|
2018-04-19 15:30:16 +00:00
|
|
|
BackupBlockJob *s = container_of(job, BackupBlockJob, common.job);
|
2015-11-05 23:13:16 +00:00
|
|
|
if (s->sync_bitmap) {
|
|
|
|
|
backup_cleanup_sync_bitmap(s, 0);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-19 15:30:16 +00:00
|
|
|
static void backup_abort(Job *job)
|
2015-11-05 23:13:16 +00:00
|
|
|
{
|
2018-04-19 15:30:16 +00:00
|
|
|
BackupBlockJob *s = container_of(job, BackupBlockJob, common.job);
|
2015-11-05 23:13:16 +00:00
|
|
|
if (s->sync_bitmap) {
|
|
|
|
|
backup_cleanup_sync_bitmap(s, -1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-19 15:30:16 +00:00
|
|
|
static void backup_clean(Job *job)
|
blockjob: add .clean property
Cleaning up after we have deferred to the main thread but before the
transaction has converged can be dangerous and result in deadlocks
if the job cleanup invokes any BH polling loops.
A job may attempt to begin cleaning up, but may induce another job to
enter its cleanup routine. The second job, part of our same transaction,
will block waiting for the first job to finish, so neither job may now
make progress.
To rectify this, allow jobs to register a cleanup operation that will
always run regardless of if the job was in a transaction or not, and
if the transaction job group completed successfully or not.
Move sensitive cleanup to this callback instead which is guaranteed to
be run only after the transaction has converged, which removes sensitive
timing constraints from said cleanup.
Furthermore, in future patches these cleanup operations will be performed
regardless of whether or not we actually started the job. Therefore,
cleanup callbacks should essentially confine themselves to undoing create
operations, e.g. setup actions taken in what is now backup_start.
Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1478587839-9834-3-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-11-08 06:50:35 +00:00
|
|
|
{
|
2018-04-19 15:30:16 +00:00
|
|
|
BackupBlockJob *s = container_of(job, BackupBlockJob, common.job);
|
2019-07-29 20:35:53 +00:00
|
|
|
BlockDriverState *bs = blk_bs(s->common.blk);
|
2019-04-29 09:08:39 +00:00
|
|
|
|
|
|
|
|
if (s->copy_bitmap) {
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_release_dirty_bitmap(bs, s->copy_bitmap);
|
2019-04-29 09:08:39 +00:00
|
|
|
s->copy_bitmap = NULL;
|
|
|
|
|
}
|
2019-07-29 20:35:53 +00:00
|
|
|
|
|
|
|
|
assert(s->target);
|
|
|
|
|
blk_unref(s->target);
|
|
|
|
|
s->target = NULL;
|
blockjob: add .clean property
Cleaning up after we have deferred to the main thread but before the
transaction has converged can be dangerous and result in deadlocks
if the job cleanup invokes any BH polling loops.
A job may attempt to begin cleaning up, but may induce another job to
enter its cleanup routine. The second job, part of our same transaction,
will block waiting for the first job to finish, so neither job may now
make progress.
To rectify this, allow jobs to register a cleanup operation that will
always run regardless of if the job was in a transaction or not, and
if the transaction job group completed successfully or not.
Move sensitive cleanup to this callback instead which is guaranteed to
be run only after the transaction has converged, which removes sensitive
timing constraints from said cleanup.
Furthermore, in future patches these cleanup operations will be performed
regardless of whether or not we actually started the job. Therefore,
cleanup callbacks should essentially confine themselves to undoing create
operations, e.g. setup actions taken in what is now backup_start.
Reported-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-id: 1478587839-9834-3-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-11-08 06:50:35 +00:00
|
|
|
}
|
|
|
|
|
|
2016-07-27 07:01:43 +00:00
|
|
|
void backup_do_checkpoint(BlockJob *job, Error **errp)
|
|
|
|
|
{
|
|
|
|
|
BackupBlockJob *backup_job = container_of(job, BackupBlockJob, common);
|
|
|
|
|
|
2018-01-19 14:54:40 +00:00
|
|
|
assert(block_job_driver(job) == &backup_job_driver);
|
2016-07-27 07:01:43 +00:00
|
|
|
|
|
|
|
|
if (backup_job->sync_mode != MIRROR_SYNC_MODE_NONE) {
|
|
|
|
|
error_setg(errp, "The backup job only supports block checkpoint in"
|
|
|
|
|
" sync=none mode");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_set_dirty_bitmap(backup_job->copy_bitmap, 0, backup_job->len);
|
2016-07-27 07:01:43 +00:00
|
|
|
}
|
|
|
|
|
|
2013-06-24 15:13:11 +00:00
|
|
|
static BlockErrorAction backup_error_action(BackupBlockJob *job,
|
|
|
|
|
bool read, int error)
|
|
|
|
|
{
|
|
|
|
|
if (read) {
|
2016-04-18 09:36:38 +00:00
|
|
|
return block_job_error_action(&job->common, job->on_source_error,
|
|
|
|
|
true, error);
|
2013-06-24 15:13:11 +00:00
|
|
|
} else {
|
2016-04-18 09:36:38 +00:00
|
|
|
return block_job_error_action(&job->common, job->on_target_error,
|
|
|
|
|
false, error);
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-17 23:49:58 +00:00
|
|
|
static bool coroutine_fn yield_and_check(BackupBlockJob *job)
|
|
|
|
|
{
|
2018-01-18 20:19:38 +00:00
|
|
|
uint64_t delay_ns;
|
|
|
|
|
|
2018-04-17 10:56:07 +00:00
|
|
|
if (job_is_cancelled(&job->common.job)) {
|
2015-04-17 23:49:58 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-18 20:19:38 +00:00
|
|
|
/* We need to yield even for delay_ns = 0 so that bdrv_drain_all() can
|
|
|
|
|
* return. Without a yield, the VM would not reboot. */
|
|
|
|
|
delay_ns = block_job_ratelimit_get_delay(&job->common, job->bytes_read);
|
|
|
|
|
job->bytes_read = 0;
|
2018-04-18 14:32:20 +00:00
|
|
|
job_sleep_ns(&job->common.job, delay_ns);
|
2015-04-17 23:49:58 +00:00
|
|
|
|
2018-04-17 10:56:07 +00:00
|
|
|
if (job_is_cancelled(&job->common.job)) {
|
2015-04-17 23:49:58 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-29 09:08:41 +00:00
|
|
|
static int coroutine_fn backup_loop(BackupBlockJob *job)
|
2015-04-17 23:49:58 +00:00
|
|
|
{
|
|
|
|
|
bool error_is_read;
|
2019-04-29 09:08:39 +00:00
|
|
|
int64_t offset;
|
2019-07-29 20:35:53 +00:00
|
|
|
BdrvDirtyBitmapIter *bdbi;
|
|
|
|
|
int ret = 0;
|
2015-04-17 23:49:58 +00:00
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
bdbi = bdrv_dirty_iter_new(job->copy_bitmap);
|
|
|
|
|
while ((offset = bdrv_dirty_iter_next(bdbi)) != -1) {
|
2017-10-12 13:53:13 +00:00
|
|
|
do {
|
|
|
|
|
if (yield_and_check(job)) {
|
2019-07-29 20:35:53 +00:00
|
|
|
goto out;
|
2017-10-12 13:53:13 +00:00
|
|
|
}
|
2019-04-29 09:08:39 +00:00
|
|
|
ret = backup_do_cow(job, offset,
|
2017-10-12 13:53:13 +00:00
|
|
|
job->cluster_size, &error_is_read, false);
|
|
|
|
|
if (ret < 0 && backup_error_action(job, error_is_read, -ret) ==
|
|
|
|
|
BLOCK_ERROR_ACTION_REPORT)
|
|
|
|
|
{
|
2019-07-29 20:35:53 +00:00
|
|
|
goto out;
|
2017-10-12 13:53:13 +00:00
|
|
|
}
|
|
|
|
|
} while (ret < 0);
|
2015-04-17 23:49:58 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
out:
|
|
|
|
|
bdrv_dirty_iter_free(bdbi);
|
|
|
|
|
return ret;
|
2015-04-17 23:49:58 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
static void backup_init_copy_bitmap(BackupBlockJob *job)
|
2017-10-12 13:53:11 +00:00
|
|
|
{
|
2019-07-29 20:35:55 +00:00
|
|
|
bool ret;
|
|
|
|
|
uint64_t estimate;
|
|
|
|
|
|
|
|
|
|
if (job->sync_mode == MIRROR_SYNC_MODE_BITMAP) {
|
|
|
|
|
ret = bdrv_dirty_bitmap_merge_internal(job->copy_bitmap,
|
|
|
|
|
job->sync_bitmap,
|
|
|
|
|
NULL, true);
|
|
|
|
|
assert(ret);
|
|
|
|
|
} else {
|
2019-07-29 20:35:55 +00:00
|
|
|
if (job->sync_mode == MIRROR_SYNC_MODE_TOP) {
|
|
|
|
|
/*
|
|
|
|
|
* We can't hog the coroutine to initialize this thoroughly.
|
|
|
|
|
* Set a flag and resume work when we are able to yield safely.
|
|
|
|
|
*/
|
|
|
|
|
job->initializing_bitmap = true;
|
|
|
|
|
}
|
2019-07-29 20:35:55 +00:00
|
|
|
bdrv_set_dirty_bitmap(job->copy_bitmap, 0, job->len);
|
|
|
|
|
}
|
2017-10-12 13:53:11 +00:00
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
estimate = bdrv_get_dirty_count(job->copy_bitmap);
|
|
|
|
|
job_progress_set_remaining(&job->common.job, estimate);
|
2017-10-12 13:53:11 +00:00
|
|
|
}
|
|
|
|
|
|
2018-08-30 01:57:32 +00:00
|
|
|
static int coroutine_fn backup_run(Job *job, Error **errp)
|
2013-06-24 15:13:11 +00:00
|
|
|
{
|
2018-08-30 01:57:32 +00:00
|
|
|
BackupBlockJob *s = container_of(job, BackupBlockJob, common.job);
|
|
|
|
|
BlockDriverState *bs = blk_bs(s->common.blk);
|
2013-06-24 15:13:11 +00:00
|
|
|
int ret = 0;
|
|
|
|
|
|
2018-08-30 01:57:32 +00:00
|
|
|
QLIST_INIT(&s->inflight_reqs);
|
|
|
|
|
qemu_co_rwlock_init(&s->flush_rwlock);
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
backup_init_copy_bitmap(s);
|
2017-10-12 13:53:11 +00:00
|
|
|
|
2018-08-30 01:57:32 +00:00
|
|
|
s->before_write.notify = backup_before_write_notify;
|
|
|
|
|
bdrv_add_before_write_notifier(bs, &s->before_write);
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
if (s->sync_mode == MIRROR_SYNC_MODE_TOP) {
|
|
|
|
|
int64_t offset = 0;
|
|
|
|
|
int64_t count;
|
|
|
|
|
|
|
|
|
|
for (offset = 0; offset < s->len; ) {
|
|
|
|
|
if (yield_and_check(s)) {
|
|
|
|
|
ret = -ECANCELED;
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = backup_bitmap_reset_unallocated(s, offset, &count);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
offset += count;
|
|
|
|
|
}
|
|
|
|
|
s->initializing_bitmap = false;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-30 01:57:32 +00:00
|
|
|
if (s->sync_mode == MIRROR_SYNC_MODE_NONE) {
|
2017-10-12 13:53:10 +00:00
|
|
|
/* All bits are set in copy_bitmap to allow any cluster to be copied.
|
|
|
|
|
* This does not actually require them to be copied. */
|
2018-08-30 01:57:32 +00:00
|
|
|
while (!job_is_cancelled(job)) {
|
2013-07-26 18:39:04 +00:00
|
|
|
/* Yield until the job is cancelled. We just let our before_write
|
|
|
|
|
* notify callback service CoW requests. */
|
2018-08-30 01:57:32 +00:00
|
|
|
job_yield(job);
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
2013-07-26 18:39:04 +00:00
|
|
|
} else {
|
2019-04-29 09:08:41 +00:00
|
|
|
ret = backup_loop(s);
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
out:
|
2018-08-30 01:57:32 +00:00
|
|
|
notifier_with_return_remove(&s->before_write);
|
2013-06-24 15:13:11 +00:00
|
|
|
|
|
|
|
|
/* wait until pending backup_do_cow() calls have completed */
|
2018-08-30 01:57:32 +00:00
|
|
|
qemu_co_rwlock_wrlock(&s->flush_rwlock);
|
|
|
|
|
qemu_co_rwlock_unlock(&s->flush_rwlock);
|
2013-06-24 15:13:11 +00:00
|
|
|
|
2018-08-30 01:57:26 +00:00
|
|
|
return ret;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2016-11-08 06:50:36 +00:00
|
|
|
static const BlockJobDriver backup_job_driver = {
|
2018-04-12 15:29:59 +00:00
|
|
|
.job_driver = {
|
|
|
|
|
.instance_size = sizeof(BackupBlockJob),
|
2018-04-12 15:57:08 +00:00
|
|
|
.job_type = JOB_TYPE_BACKUP,
|
2018-04-13 16:50:05 +00:00
|
|
|
.free = block_job_free,
|
2018-04-18 15:10:26 +00:00
|
|
|
.user_resume = block_job_user_resume,
|
2018-08-30 01:57:26 +00:00
|
|
|
.run = backup_run,
|
2018-04-19 15:30:16 +00:00
|
|
|
.commit = backup_commit,
|
|
|
|
|
.abort = backup_abort,
|
|
|
|
|
.clean = backup_clean,
|
2019-08-29 09:09:53 +00:00
|
|
|
}
|
2016-11-08 06:50:36 +00:00
|
|
|
};
|
|
|
|
|
|
2019-04-29 09:08:42 +00:00
|
|
|
static int64_t backup_calculate_cluster_size(BlockDriverState *target,
|
|
|
|
|
Error **errp)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
BlockDriverInfo bdi;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If there is no backing file on the target, we cannot rely on COW if our
|
|
|
|
|
* backup cluster size is smaller than the target cluster size. Even for
|
|
|
|
|
* targets with a backing file, try to avoid COW if possible.
|
|
|
|
|
*/
|
|
|
|
|
ret = bdrv_get_info(target, &bdi);
|
|
|
|
|
if (ret == -ENOTSUP && !target->backing) {
|
|
|
|
|
/* Cluster size is not defined */
|
|
|
|
|
warn_report("The target block device doesn't provide "
|
|
|
|
|
"information about the block size and it doesn't have a "
|
|
|
|
|
"backing file. The default block size of %u bytes is "
|
|
|
|
|
"used. If the actual block size of the target exceeds "
|
|
|
|
|
"this default, the backup may be unusable",
|
|
|
|
|
BACKUP_CLUSTER_SIZE_DEFAULT);
|
|
|
|
|
return BACKUP_CLUSTER_SIZE_DEFAULT;
|
|
|
|
|
} else if (ret < 0 && !target->backing) {
|
|
|
|
|
error_setg_errno(errp, -ret,
|
|
|
|
|
"Couldn't determine the cluster size of the target image, "
|
|
|
|
|
"which has no backing file");
|
|
|
|
|
error_append_hint(errp,
|
|
|
|
|
"Aborting, since this may create an unusable destination image\n");
|
|
|
|
|
return ret;
|
|
|
|
|
} else if (ret < 0 && target->backing) {
|
|
|
|
|
/* Not fatal; just trudge on ahead. */
|
|
|
|
|
return BACKUP_CLUSTER_SIZE_DEFAULT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return MAX(BACKUP_CLUSTER_SIZE_DEFAULT, bdi.cluster_size);
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-08 06:50:38 +00:00
|
|
|
BlockJob *backup_job_create(const char *job_id, BlockDriverState *bs,
|
2016-07-05 14:28:58 +00:00
|
|
|
BlockDriverState *target, int64_t speed,
|
|
|
|
|
MirrorSyncMode sync_mode, BdrvDirtyBitmap *sync_bitmap,
|
2019-07-29 20:35:52 +00:00
|
|
|
BitmapSyncMode bitmap_mode,
|
2016-07-22 08:17:52 +00:00
|
|
|
bool compress,
|
2013-06-24 15:13:11 +00:00
|
|
|
BlockdevOnError on_source_error,
|
|
|
|
|
BlockdevOnError on_target_error,
|
2016-10-27 16:06:57 +00:00
|
|
|
int creation_flags,
|
2014-10-07 11:59:15 +00:00
|
|
|
BlockCompletionFunc *cb, void *opaque,
|
2018-04-19 14:09:52 +00:00
|
|
|
JobTxn *txn, Error **errp)
|
2013-06-24 15:13:11 +00:00
|
|
|
{
|
|
|
|
|
int64_t len;
|
2016-04-14 10:59:55 +00:00
|
|
|
BackupBlockJob *job = NULL;
|
block/backup: avoid copying less than full target clusters
During incremental backups, if the target has a cluster size that is
larger than the backup cluster size and we are backing up to a target
that cannot (for whichever reason) pull clusters up from a backing image,
we may inadvertantly create unusable incremental backup images.
For example:
If the bitmap tracks changes at a 64KB granularity and we transmit 64KB
of data at a time but the target uses a 128KB cluster size, it is
possible that only half of a target cluster will be recognized as dirty
by the backup block job. When the cluster is allocated on the target
image but only half populated with data, we lose the ability to
distinguish between zero padding and uninitialized data.
This does not happen if the target image has a backing file that points
to the last known good backup.
Even if we have a backing file, though, it's likely going to be faster
to just buffer the redundant data ourselves from the live image than
fetching it from the backing file, so let's just always round up to the
target granularity.
The same logic applies to backup modes top, none, and full. Copying
fractional clusters without the guarantee of COW is dangerous, but even
if we can rely on COW, it's likely better to just re-copy the data.
Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1456433911-24718-3-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-02-25 20:58:30 +00:00
|
|
|
int ret;
|
2019-04-29 09:08:42 +00:00
|
|
|
int64_t cluster_size;
|
2019-07-29 20:35:53 +00:00
|
|
|
BdrvDirtyBitmap *copy_bitmap = NULL;
|
2013-06-24 15:13:11 +00:00
|
|
|
|
|
|
|
|
assert(bs);
|
|
|
|
|
assert(target);
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
/* QMP interface protects us from these cases */
|
|
|
|
|
assert(sync_mode != MIRROR_SYNC_MODE_INCREMENTAL);
|
|
|
|
|
assert(sync_bitmap || sync_mode != MIRROR_SYNC_MODE_BITMAP);
|
|
|
|
|
|
2014-12-18 10:37:05 +00:00
|
|
|
if (bs == target) {
|
|
|
|
|
error_setg(errp, "Source and target cannot be the same");
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2014-12-18 10:37:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!bdrv_is_inserted(bs)) {
|
|
|
|
|
error_setg(errp, "Device is not inserted: %s",
|
|
|
|
|
bdrv_get_device_name(bs));
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2014-12-18 10:37:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!bdrv_is_inserted(target)) {
|
|
|
|
|
error_setg(errp, "Device is not inserted: %s",
|
|
|
|
|
bdrv_get_device_name(target));
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2014-12-18 10:37:05 +00:00
|
|
|
}
|
|
|
|
|
|
2019-06-04 16:15:06 +00:00
|
|
|
if (compress && !block_driver_can_compress(target->drv)) {
|
2016-07-22 08:17:52 +00:00
|
|
|
error_setg(errp, "Compression is not supported for this drive %s",
|
|
|
|
|
bdrv_get_device_name(target));
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2016-07-22 08:17:52 +00:00
|
|
|
}
|
|
|
|
|
|
2014-12-18 10:37:05 +00:00
|
|
|
if (bdrv_op_is_blocked(bs, BLOCK_OP_TYPE_BACKUP_SOURCE, errp)) {
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2014-12-18 10:37:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (bdrv_op_is_blocked(target, BLOCK_OP_TYPE_BACKUP_TARGET, errp)) {
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2014-12-18 10:37:05 +00:00
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:55 +00:00
|
|
|
if (sync_bitmap) {
|
2019-07-29 20:35:54 +00:00
|
|
|
/* If we need to write to this bitmap, check that we can: */
|
|
|
|
|
if (bitmap_mode != BITMAP_SYNC_MODE_NEVER &&
|
|
|
|
|
bdrv_dirty_bitmap_check(sync_bitmap, BDRV_BITMAP_DEFAULT, errp)) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2015-04-17 23:49:58 +00:00
|
|
|
/* Create a new bitmap, and freeze/disable this one. */
|
|
|
|
|
if (bdrv_dirty_bitmap_create_successor(bs, sync_bitmap, errp) < 0) {
|
2016-11-08 06:50:38 +00:00
|
|
|
return NULL;
|
2015-04-17 23:49:58 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-24 15:13:11 +00:00
|
|
|
len = bdrv_getlength(bs);
|
|
|
|
|
if (len < 0) {
|
|
|
|
|
error_setg_errno(errp, -len, "unable to get length for '%s'",
|
|
|
|
|
bdrv_get_device_name(bs));
|
2015-04-17 23:49:58 +00:00
|
|
|
goto error;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2019-04-29 09:08:42 +00:00
|
|
|
cluster_size = backup_calculate_cluster_size(target, errp);
|
|
|
|
|
if (cluster_size < 0) {
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-29 20:35:53 +00:00
|
|
|
copy_bitmap = bdrv_create_dirty_bitmap(bs, cluster_size, NULL, errp);
|
|
|
|
|
if (!copy_bitmap) {
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
bdrv_disable_dirty_bitmap(copy_bitmap);
|
2019-04-29 09:08:42 +00:00
|
|
|
|
2018-01-18 17:08:22 +00:00
|
|
|
/* job->len is fixed, so we can't allow resize */
|
2018-03-10 08:27:27 +00:00
|
|
|
job = block_job_create(job_id, &backup_job_driver, txn, bs,
|
2017-01-25 10:39:04 +00:00
|
|
|
BLK_PERM_CONSISTENT_READ,
|
|
|
|
|
BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE |
|
|
|
|
|
BLK_PERM_WRITE_UNCHANGED | BLK_PERM_GRAPH_MOD,
|
2017-01-16 16:18:09 +00:00
|
|
|
speed, creation_flags, cb, opaque, errp);
|
2013-06-24 15:13:11 +00:00
|
|
|
if (!job) {
|
2015-04-17 23:49:58 +00:00
|
|
|
goto error;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|
|
|
|
|
|
2017-01-25 10:39:04 +00:00
|
|
|
/* The target must match the source in size, so no resize here either */
|
2019-04-25 12:25:10 +00:00
|
|
|
job->target = blk_new(job->common.job.aio_context,
|
|
|
|
|
BLK_PERM_WRITE,
|
2017-01-25 10:39:04 +00:00
|
|
|
BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE |
|
|
|
|
|
BLK_PERM_WRITE_UNCHANGED | BLK_PERM_GRAPH_MOD);
|
2017-01-13 18:02:32 +00:00
|
|
|
ret = blk_insert_bs(job->target, target, errp);
|
|
|
|
|
if (ret < 0) {
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
block-backend: Queue requests while drained
This fixes devices like IDE that can still start new requests from I/O
handlers in the CPU thread while the block backend is drained.
The basic assumption is that in a drain section, no new requests should
be allowed through a BlockBackend (blk_drained_begin/end don't exist,
we get drain sections only on the node level). However, there are two
special cases where requests should not be queued:
1. Block jobs: We already make sure that block jobs are paused in a
drain section, so they won't start new requests. However, if the
drain_begin is called on the job's BlockBackend first, it can happen
that we deadlock because the job stays busy until it reaches a pause
point - which it can't if its requests aren't processed any more.
The proper solution here would be to make all requests through the
job's filter node instead of using a BlockBackend. For now, just
disabling request queuing on the job BlockBackend is simpler.
2. In test cases where making requests through bdrv_* would be
cumbersome because we'd need a BdrvChild. As we already got the
functionality to disable request queuing from 1., use it in tests,
too, for convenience.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
2019-07-22 15:46:23 +00:00
|
|
|
blk_set_disable_request_queuing(job->target, true);
|
2016-04-14 11:09:53 +00:00
|
|
|
|
2013-06-24 15:13:11 +00:00
|
|
|
job->on_source_error = on_source_error;
|
|
|
|
|
job->on_target_error = on_target_error;
|
2013-07-26 18:39:04 +00:00
|
|
|
job->sync_mode = sync_mode;
|
2019-07-29 20:35:52 +00:00
|
|
|
job->sync_bitmap = sync_bitmap;
|
|
|
|
|
job->bitmap_mode = bitmap_mode;
|
block/backup: avoid copying less than full target clusters
During incremental backups, if the target has a cluster size that is
larger than the backup cluster size and we are backing up to a target
that cannot (for whichever reason) pull clusters up from a backing image,
we may inadvertantly create unusable incremental backup images.
For example:
If the bitmap tracks changes at a 64KB granularity and we transmit 64KB
of data at a time but the target uses a 128KB cluster size, it is
possible that only half of a target cluster will be recognized as dirty
by the backup block job. When the cluster is allocated on the target
image but only half populated with data, we lose the ability to
distinguish between zero padding and uninitialized data.
This does not happen if the target image has a backing file that points
to the last known good backup.
Even if we have a backing file, though, it's likely going to be faster
to just buffer the redundant data ourselves from the live image than
fetching it from the backing file, so let's just always round up to the
target granularity.
The same logic applies to backup modes top, none, and full. Copying
fractional clusters without the guarantee of COW is dangerous, but even
if we can rely on COW, it's likely better to just re-copy the data.
Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1456433911-24718-3-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-02-25 20:58:30 +00:00
|
|
|
|
2019-07-30 16:32:51 +00:00
|
|
|
/*
|
2019-09-20 14:20:45 +00:00
|
|
|
* If source is in backing chain of target assume that target is going to be
|
|
|
|
|
* used for "image fleecing", i.e. it should represent a kind of snapshot of
|
|
|
|
|
* source at backup-start point in time. And target is going to be read by
|
|
|
|
|
* somebody (for example, used as NBD export) during backup job.
|
|
|
|
|
*
|
|
|
|
|
* In this case, we need to add BDRV_REQ_SERIALISING write flag to avoid
|
|
|
|
|
* intersection of backup writes and third party reads from target,
|
|
|
|
|
* otherwise reading from target we may occasionally read already updated by
|
|
|
|
|
* guest data.
|
|
|
|
|
*
|
|
|
|
|
* For more information see commit f8d59dfb40bb and test
|
|
|
|
|
* tests/qemu-iotests/222
|
2019-07-30 16:32:51 +00:00
|
|
|
*/
|
|
|
|
|
job->write_flags =
|
|
|
|
|
(bdrv_chain_contains(target, bs) ? BDRV_REQ_SERIALISING : 0) |
|
|
|
|
|
(compress ? BDRV_REQ_WRITE_COMPRESSED : 0);
|
|
|
|
|
|
2019-04-29 09:08:42 +00:00
|
|
|
job->cluster_size = cluster_size;
|
|
|
|
|
job->copy_bitmap = copy_bitmap;
|
|
|
|
|
copy_bitmap = NULL;
|
2018-07-03 02:37:58 +00:00
|
|
|
job->copy_range_size = MIN_NON_ZERO(blk_get_max_transfer(job->common.blk),
|
|
|
|
|
blk_get_max_transfer(job->target));
|
2019-09-20 14:20:42 +00:00
|
|
|
job->copy_range_size = QEMU_ALIGN_DOWN(job->copy_range_size,
|
|
|
|
|
job->cluster_size);
|
|
|
|
|
/*
|
|
|
|
|
* Set use_copy_range, consider the following:
|
|
|
|
|
* 1. Compression is not supported for copy_range.
|
|
|
|
|
* 2. copy_range does not respect max_transfer (it's a TODO), so we factor
|
|
|
|
|
* that in here. If max_transfer is smaller than the job->cluster_size,
|
|
|
|
|
* we do not use copy_range (in that case it's zero after aligning down
|
|
|
|
|
* above).
|
|
|
|
|
*/
|
|
|
|
|
job->use_copy_range = !compress && job->copy_range_size > 0;
|
block/backup: avoid copying less than full target clusters
During incremental backups, if the target has a cluster size that is
larger than the backup cluster size and we are backing up to a target
that cannot (for whichever reason) pull clusters up from a backing image,
we may inadvertantly create unusable incremental backup images.
For example:
If the bitmap tracks changes at a 64KB granularity and we transmit 64KB
of data at a time but the target uses a 128KB cluster size, it is
possible that only half of a target cluster will be recognized as dirty
by the backup block job. When the cluster is allocated on the target
image but only half populated with data, we lose the ability to
distinguish between zero padding and uninitialized data.
This does not happen if the target image has a backing file that points
to the last known good backup.
Even if we have a backing file, though, it's likely going to be faster
to just buffer the redundant data ourselves from the live image than
fetching it from the backing file, so let's just always round up to the
target granularity.
The same logic applies to backup modes top, none, and full. Copying
fractional clusters without the guarantee of COW is dangerous, but even
if we can rely on COW, it's likely better to just re-copy the data.
Reported-by: Fam Zheng <famz@redhat.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Message-id: 1456433911-24718-3-git-send-email-jsnow@redhat.com
Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-02-25 20:58:30 +00:00
|
|
|
|
2017-01-25 10:39:04 +00:00
|
|
|
/* Required permissions are already taken with target's blk_new() */
|
2017-01-17 10:56:42 +00:00
|
|
|
block_job_add_bdrv(&job->common, "target", target, 0, BLK_PERM_ALL,
|
|
|
|
|
&error_abort);
|
2018-01-18 17:08:22 +00:00
|
|
|
job->len = len;
|
2016-11-08 06:50:38 +00:00
|
|
|
|
|
|
|
|
return &job->common;
|
2015-04-17 23:49:58 +00:00
|
|
|
|
|
|
|
|
error:
|
2019-04-29 09:08:42 +00:00
|
|
|
if (copy_bitmap) {
|
|
|
|
|
assert(!job || !job->copy_bitmap);
|
2019-07-29 20:35:53 +00:00
|
|
|
bdrv_release_dirty_bitmap(bs, copy_bitmap);
|
2019-04-29 09:08:42 +00:00
|
|
|
}
|
2015-04-17 23:49:58 +00:00
|
|
|
if (sync_bitmap) {
|
|
|
|
|
bdrv_reclaim_dirty_bitmap(bs, sync_bitmap, NULL);
|
|
|
|
|
}
|
2016-04-14 10:59:55 +00:00
|
|
|
if (job) {
|
2018-04-19 15:30:16 +00:00
|
|
|
backup_clean(&job->common.job);
|
|
|
|
|
job_early_fail(&job->common.job);
|
2016-04-14 10:59:55 +00:00
|
|
|
}
|
2016-11-08 06:50:38 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
2013-06-24 15:13:11 +00:00
|
|
|
}
|