2013-05-25 11:09:43 +08:00
|
|
|
/*
|
|
|
|
* Block layer snapshot related functions
|
|
|
|
*
|
|
|
|
* Copyright (c) 2003-2008 Fabrice Bellard
|
|
|
|
*
|
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
|
|
* in the Software without restriction, including without limitation the rights
|
|
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
|
|
* furnished to do so, subject to the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice shall be included in
|
|
|
|
* all copies or substantial portions of the Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
|
|
* THE SOFTWARE.
|
|
|
|
*/
|
|
|
|
|
2016-01-18 18:01:42 +00:00
|
|
|
#include "qemu/osdep.h"
|
2013-05-25 11:09:43 +08:00
|
|
|
#include "block/snapshot.h"
|
|
|
|
#include "block/block_int.h"
|
2018-06-14 21:14:28 +02:00
|
|
|
#include "block/qdict.h"
|
include/qemu/osdep.h: Don't include qapi/error.h
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the
Error typedef. Since then, we've moved to include qemu/osdep.h
everywhere. Its file comment explains: "To avoid getting into
possible circular include dependencies, this file should not include
any other QEMU headers, with the exceptions of config-host.h,
compiler.h, os-posix.h and os-win32.h, all of which are doing a
similar job to this file and are under similar constraints."
qapi/error.h doesn't do a similar job, and it doesn't adhere to
similar constraints: it includes qapi-types.h. That's in excess of
100KiB of crap most .c files don't actually need.
Add the typedef to qemu/typedefs.h, and include that instead of
qapi/error.h. Include qapi/error.h in .c files that need it and don't
get it now. Include qapi-types.h in qom/object.h for uint16List.
Update scripts/clean-includes accordingly. Update it further to match
reality: replace config.h by config-target.h, add sysemu/os-posix.h,
sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h
comment quoted above similarly.
This reduces the number of objects depending on qapi/error.h from "all
of them" to less than a third. Unfortunately, the number depending on
qapi-types.h shrinks only a little. More work is needed for that one.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
[Fix compilation without the spice devel packages. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-14 09:01:28 +01:00
|
|
|
#include "qapi/error.h"
|
2018-02-01 12:18:39 +01:00
|
|
|
#include "qapi/qmp/qdict.h"
|
2015-03-17 17:22:46 +01:00
|
|
|
#include "qapi/qmp/qerror.h"
|
2017-04-05 11:19:09 +02:00
|
|
|
#include "qapi/qmp/qstring.h"
|
2018-02-01 12:18:46 +01:00
|
|
|
#include "qemu/option.h"
|
2013-05-25 11:09:43 +08:00
|
|
|
|
2013-12-04 17:10:55 +08:00
|
|
|
QemuOptsList internal_snapshot_opts = {
|
|
|
|
.name = "snapshot",
|
|
|
|
.head = QTAILQ_HEAD_INITIALIZER(internal_snapshot_opts.head),
|
|
|
|
.desc = {
|
|
|
|
{
|
|
|
|
.name = SNAPSHOT_OPT_ID,
|
|
|
|
.type = QEMU_OPT_STRING,
|
|
|
|
.help = "snapshot id"
|
|
|
|
},{
|
|
|
|
.name = SNAPSHOT_OPT_NAME,
|
|
|
|
.type = QEMU_OPT_STRING,
|
|
|
|
.help = "snapshot name"
|
|
|
|
},{
|
|
|
|
/* end of list */
|
|
|
|
}
|
|
|
|
},
|
|
|
|
};
|
|
|
|
|
2013-05-25 11:09:43 +08:00
|
|
|
int bdrv_snapshot_find(BlockDriverState *bs, QEMUSnapshotInfo *sn_info,
|
|
|
|
const char *name)
|
|
|
|
{
|
|
|
|
QEMUSnapshotInfo *sn_tab, *sn;
|
|
|
|
int nb_sns, i, ret;
|
|
|
|
|
|
|
|
ret = -ENOENT;
|
|
|
|
nb_sns = bdrv_snapshot_list(bs, &sn_tab);
|
|
|
|
if (nb_sns < 0) {
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
for (i = 0; i < nb_sns; i++) {
|
|
|
|
sn = &sn_tab[i];
|
block/snapshot.c: eliminate use of ID input in snapshot operations
At this moment, QEMU attempts to create/load/delete snapshots
by using either an ID (id_str) or a name. The problem is that the code
isn't consistent of whether the entered argument is an ID or a name,
causing unexpected behaviors.
For example, when creating snapshots via savevm <arg>, what happens is that
"arg" is treated as both name and id_str. In a guest without snapshots, create
a single snapshot via savevm:
(qemu) savevm 0
(qemu) info snapshots
List of snapshots present on all disks:
ID TAG VM SIZE DATE VM CLOCK
-- 0 741M 2018-07-31 13:39:56 00:41:25.313
A snapshot with name "0" is created. ID is hidden from the user, but the
ID is a non-zero integer that starts at "1". Thus, this snapshot has
id_str=1, TAG="0". Creating a second snapshot with arg = 1, the first one
is deleted:
(qemu) savevm 1
(qemu) info snapshots
List of snapshots present on all disks:
ID TAG VM SIZE DATE VM CLOCK
-- 1 741M 2018-07-31 13:42:14 00:41:55.252
What happened?
- when creating the second snapshot, a verification is done inside
bdrv_all_delete_snapshot to delete any existing snapshots that matches an
string argument. Here, the code calls bdrv_all_delete_snapshot("1", ...);
- bdrv_all_delete_snapshot calls bdrv_snapshot_find(..., "1") for each
BlockDriverState of the guest. And this is where things goes tilting:
bdrv_snapshot_find does a search by both id_str and name. It finds
out that there is a snapshot that has id_str = 1, stores a reference
to the snapshot in the sn_info pointer and then returns match found;
- since a match was found, a call to bdrv_snapshot_delete_by_id_or_name() is
made. This function ignores the pointer written by bdrv_snapshot_find. Instead,
it deletes the snapshot using bdrv_snapshot_delete() calling it first with
id_str = 1. If it fails to delete, then it calls it again with name = 1.
- after all that, QEMU creates the new snapshot, that has id_str = 1 and
name = 1. The user is left wondering that happened with the first snapshot
created. Similar bugs can be triggered when using loadvm and delvm.
Before contemplating discarding the use of ID input in these operations,
I've searched the code of what would be the implications. My findings
are:
- the RBD and Sheepdog drivers don't care. Both uses the 'name' field as
key in their logic, making id_str = name when appropriate.
replay-snapshot.c does not make any special use of id_str;
- qcow2 uses id_str as an unique identifier but it is automatically
calculated, not being influenced by user input. Other than that, there are
no distinguish operations made only with id_str;
- in blockdev.c, the delete operation uses a match of both id_str AND
name. Given that id_str is either a copy of 'name' or auto-generated,
we're fine here.
This gives motivation to not consider ID as a valid user input in HMP
commands - sticking with 'name' input only is more consistent. To
accomplish that, the following changes were made in this patch:
- bdrv_snapshot_find() does not match for id_str anymore, only 'name'. The
function is called in save_snapshot(), load_snapshot(), bdrv_all_delete_snapshot()
and bdrv_all_find_snapshot(). This change makes the search function more
predictable and does not change the behavior of any underlying code that uses
these affected functions, which are related to HMP (which is fine) and the
main loop inside vl.c (which doesn't care about it anyways);
- bdrv_all_delete_snapshot() does not call bdrv_snapshot_delete_by_id_or_name
anymore. Instead, it uses the pointer returned by bdrv_snapshot_find to
erase the snapshot with the exact match of id_str an name. This function
is called in save_snapshot and hmp_delvm, thus this change produces the
intended effect;
- documentation changes to reflect the new behavior. I consider this to
be an API fix instead of an API change - the user was already creating
snapshots using 'name', but now he/she will also enjoy a consistent
behavior.
Ideally we would get rid of the id_str field entirely, but this would have
repercussions on existing snapshots. Another day perhaps.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-07 11:09:58 -02:00
|
|
|
if (!strcmp(sn->name, name)) {
|
2013-05-25 11:09:43 +08:00
|
|
|
*sn_info = *sn;
|
|
|
|
ret = 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
g_free(sn_tab);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-09-11 14:04:32 +08:00
|
|
|
/**
|
|
|
|
* Look up an internal snapshot by @id and @name.
|
|
|
|
* @bs: block device to search
|
|
|
|
* @id: unique snapshot ID, or NULL
|
|
|
|
* @name: snapshot name, or NULL
|
|
|
|
* @sn_info: location to store information on the snapshot found
|
|
|
|
* @errp: location to store error, will be set only for exception
|
|
|
|
*
|
|
|
|
* This function will traverse snapshot list in @bs to search the matching
|
|
|
|
* one, @id and @name are the matching condition:
|
|
|
|
* If both @id and @name are specified, find the first one with id @id and
|
|
|
|
* name @name.
|
|
|
|
* If only @id is specified, find the first one with id @id.
|
|
|
|
* If only @name is specified, find the first one with name @name.
|
|
|
|
* if none is specified, abort().
|
|
|
|
*
|
|
|
|
* Returns: true when a snapshot is found and @sn_info will be filled, false
|
|
|
|
* when error or not found. If all operation succeed but no matching one is
|
|
|
|
* found, @errp will NOT be set.
|
|
|
|
*/
|
|
|
|
bool bdrv_snapshot_find_by_id_and_name(BlockDriverState *bs,
|
|
|
|
const char *id,
|
|
|
|
const char *name,
|
|
|
|
QEMUSnapshotInfo *sn_info,
|
|
|
|
Error **errp)
|
|
|
|
{
|
|
|
|
QEMUSnapshotInfo *sn_tab, *sn;
|
|
|
|
int nb_sns, i;
|
|
|
|
bool ret = false;
|
|
|
|
|
|
|
|
assert(id || name);
|
|
|
|
|
|
|
|
nb_sns = bdrv_snapshot_list(bs, &sn_tab);
|
|
|
|
if (nb_sns < 0) {
|
|
|
|
error_setg_errno(errp, -nb_sns, "Failed to get a snapshot list");
|
|
|
|
return false;
|
|
|
|
} else if (nb_sns == 0) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (id && name) {
|
|
|
|
for (i = 0; i < nb_sns; i++) {
|
|
|
|
sn = &sn_tab[i];
|
|
|
|
if (!strcmp(sn->id_str, id) && !strcmp(sn->name, name)) {
|
|
|
|
*sn_info = *sn;
|
|
|
|
ret = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else if (id) {
|
|
|
|
for (i = 0; i < nb_sns; i++) {
|
|
|
|
sn = &sn_tab[i];
|
|
|
|
if (!strcmp(sn->id_str, id)) {
|
|
|
|
*sn_info = *sn;
|
|
|
|
ret = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else if (name) {
|
|
|
|
for (i = 0; i < nb_sns; i++) {
|
|
|
|
sn = &sn_tab[i];
|
|
|
|
if (!strcmp(sn->name, name)) {
|
|
|
|
*sn_info = *sn;
|
|
|
|
ret = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
g_free(sn_tab);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2013-05-25 11:09:43 +08:00
|
|
|
int bdrv_can_snapshot(BlockDriverState *bs)
|
|
|
|
{
|
|
|
|
BlockDriver *drv = bs->drv;
|
|
|
|
if (!drv || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs)) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!drv->bdrv_snapshot_create) {
|
|
|
|
if (bs->file != NULL) {
|
2015-06-16 14:19:22 +02:00
|
|
|
return bdrv_can_snapshot(bs->file->bs);
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
int bdrv_snapshot_create(BlockDriverState *bs,
|
|
|
|
QEMUSnapshotInfo *sn_info)
|
|
|
|
{
|
|
|
|
BlockDriver *drv = bs->drv;
|
|
|
|
if (!drv) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
if (drv->bdrv_snapshot_create) {
|
|
|
|
return drv->bdrv_snapshot_create(bs, sn_info);
|
|
|
|
}
|
|
|
|
if (bs->file) {
|
2015-06-16 14:19:22 +02:00
|
|
|
return bdrv_snapshot_create(bs->file->bs, sn_info);
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
|
|
|
return -ENOTSUP;
|
|
|
|
}
|
|
|
|
|
|
|
|
int bdrv_snapshot_goto(BlockDriverState *bs,
|
2017-11-20 15:28:41 +01:00
|
|
|
const char *snapshot_id,
|
|
|
|
Error **errp)
|
2013-05-25 11:09:43 +08:00
|
|
|
{
|
|
|
|
BlockDriver *drv = bs->drv;
|
|
|
|
int ret, open_ret;
|
|
|
|
|
|
|
|
if (!drv) {
|
2017-11-20 15:28:41 +01:00
|
|
|
error_setg(errp, "Block driver is closed");
|
2013-05-25 11:09:43 +08:00
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
2017-10-23 12:29:45 +03:00
|
|
|
|
2017-11-20 15:41:31 +01:00
|
|
|
if (!QLIST_EMPTY(&bs->dirty_bitmaps)) {
|
|
|
|
error_setg(errp, "Device has active dirty bitmaps");
|
|
|
|
return -EBUSY;
|
2017-10-23 12:29:45 +03:00
|
|
|
}
|
|
|
|
|
2013-05-25 11:09:43 +08:00
|
|
|
if (drv->bdrv_snapshot_goto) {
|
2017-11-20 15:28:41 +01:00
|
|
|
ret = drv->bdrv_snapshot_goto(bs, snapshot_id);
|
|
|
|
if (ret < 0) {
|
|
|
|
error_setg_errno(errp, -ret, "Failed to load snapshot");
|
|
|
|
}
|
|
|
|
return ret;
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if (bs->file) {
|
2017-04-05 11:19:09 +02:00
|
|
|
BlockDriverState *file;
|
|
|
|
QDict *options = qdict_clone_shallow(bs->options);
|
|
|
|
QDict *file_options;
|
2017-11-20 15:28:41 +01:00
|
|
|
Error *local_err = NULL;
|
2017-04-05 11:19:09 +02:00
|
|
|
|
|
|
|
file = bs->file->bs;
|
|
|
|
/* Prevent it from getting deleted when detached from bs */
|
|
|
|
bdrv_ref(file);
|
|
|
|
|
|
|
|
qdict_extract_subqdict(options, &file_options, "file.");
|
2018-04-19 17:01:43 +02:00
|
|
|
qobject_unref(file_options);
|
2017-04-27 16:58:17 -05:00
|
|
|
qdict_put_str(options, "file", bdrv_get_node_name(file));
|
2017-04-05 11:19:09 +02:00
|
|
|
|
2018-08-14 15:43:19 +03:00
|
|
|
if (drv->bdrv_close) {
|
|
|
|
drv->bdrv_close(bs);
|
|
|
|
}
|
2017-04-05 11:19:09 +02:00
|
|
|
bdrv_unref_child(bs, bs->file);
|
|
|
|
bs->file = NULL;
|
|
|
|
|
2017-11-20 15:28:41 +01:00
|
|
|
ret = bdrv_snapshot_goto(file, snapshot_id, errp);
|
|
|
|
open_ret = drv->bdrv_open(bs, options, bs->open_flags, &local_err);
|
2018-04-19 17:01:43 +02:00
|
|
|
qobject_unref(options);
|
2013-05-25 11:09:43 +08:00
|
|
|
if (open_ret < 0) {
|
2017-04-05 11:19:09 +02:00
|
|
|
bdrv_unref(file);
|
2013-05-25 11:09:43 +08:00
|
|
|
bs->drv = NULL;
|
2017-11-20 15:28:41 +01:00
|
|
|
/* A bdrv_snapshot_goto() error takes precedence */
|
|
|
|
error_propagate(errp, local_err);
|
|
|
|
return ret < 0 ? ret : open_ret;
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
2017-04-05 11:19:09 +02:00
|
|
|
|
|
|
|
assert(bs->file->bs == file);
|
|
|
|
bdrv_unref(file);
|
2013-05-25 11:09:43 +08:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2017-11-20 15:28:41 +01:00
|
|
|
error_setg(errp, "Block driver does not support snapshots");
|
2013-05-25 11:09:43 +08:00
|
|
|
return -ENOTSUP;
|
|
|
|
}
|
|
|
|
|
snapshot: distinguish id and name in snapshot delete
Snapshot creation actually already distinguish id and name since it take
a structured parameter *sn, but delete can't. Later an accurate delete
is needed in qmp_transaction abort and blockdev-snapshot-delete-sync,
so change its prototype. Also *errp is added to tip error, but return
value is kepted to let caller check what kind of error happens. Existing
caller for it are savevm, delvm and qemu-img, they are not impacted by
introducing a new function bdrv_snapshot_delete_by_id_or_name(), which
check the return value and do the operation again.
Before this patch:
For qcow2, it search id first then name to find the one to delete.
For rbd, it search name.
For sheepdog, it does nothing.
After this patch:
For qcow2, logic is the same by call it twice in caller.
For rbd, it always fails in delete with id, but still search for name
in second try, no change to user.
Some code for *errp is based on Pavel's patch.
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-09-11 14:04:33 +08:00
|
|
|
/**
|
|
|
|
* Delete an internal snapshot by @snapshot_id and @name.
|
|
|
|
* @bs: block device used in the operation
|
|
|
|
* @snapshot_id: unique snapshot ID, or NULL
|
|
|
|
* @name: snapshot name, or NULL
|
|
|
|
* @errp: location to store error
|
|
|
|
*
|
|
|
|
* If both @snapshot_id and @name are specified, delete the first one with
|
|
|
|
* id @snapshot_id and name @name.
|
|
|
|
* If only @snapshot_id is specified, delete the first one with id
|
|
|
|
* @snapshot_id.
|
|
|
|
* If only @name is specified, delete the first one with name @name.
|
2013-12-04 17:10:54 +08:00
|
|
|
* if none is specified, return -EINVAL.
|
snapshot: distinguish id and name in snapshot delete
Snapshot creation actually already distinguish id and name since it take
a structured parameter *sn, but delete can't. Later an accurate delete
is needed in qmp_transaction abort and blockdev-snapshot-delete-sync,
so change its prototype. Also *errp is added to tip error, but return
value is kepted to let caller check what kind of error happens. Existing
caller for it are savevm, delvm and qemu-img, they are not impacted by
introducing a new function bdrv_snapshot_delete_by_id_or_name(), which
check the return value and do the operation again.
Before this patch:
For qcow2, it search id first then name to find the one to delete.
For rbd, it search name.
For sheepdog, it does nothing.
After this patch:
For qcow2, logic is the same by call it twice in caller.
For rbd, it always fails in delete with id, but still search for name
in second try, no change to user.
Some code for *errp is based on Pavel's patch.
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-09-11 14:04:33 +08:00
|
|
|
*
|
|
|
|
* Returns: 0 on success, -errno on failure. If @bs is not inserted, return
|
|
|
|
* -ENOMEDIUM. If @snapshot_id and @name are both NULL, return -EINVAL. If @bs
|
|
|
|
* does not support internal snapshot deletion, return -ENOTSUP. If @bs does
|
|
|
|
* not support parameter @snapshot_id or @name, or one of them is not correctly
|
|
|
|
* specified, return -EINVAL. If @bs can't find one matching @id and @name,
|
|
|
|
* return -ENOENT. If @errp != NULL, it will always be filled with error
|
|
|
|
* message on failure.
|
|
|
|
*/
|
|
|
|
int bdrv_snapshot_delete(BlockDriverState *bs,
|
|
|
|
const char *snapshot_id,
|
|
|
|
const char *name,
|
|
|
|
Error **errp)
|
2013-05-25 11:09:43 +08:00
|
|
|
{
|
|
|
|
BlockDriver *drv = bs->drv;
|
2015-12-16 19:33:45 +01:00
|
|
|
int ret;
|
|
|
|
|
2013-05-25 11:09:43 +08:00
|
|
|
if (!drv) {
|
2015-03-17 11:54:50 +01:00
|
|
|
error_setg(errp, QERR_DEVICE_HAS_NO_MEDIUM, bdrv_get_device_name(bs));
|
2013-05-25 11:09:43 +08:00
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
snapshot: distinguish id and name in snapshot delete
Snapshot creation actually already distinguish id and name since it take
a structured parameter *sn, but delete can't. Later an accurate delete
is needed in qmp_transaction abort and blockdev-snapshot-delete-sync,
so change its prototype. Also *errp is added to tip error, but return
value is kepted to let caller check what kind of error happens. Existing
caller for it are savevm, delvm and qemu-img, they are not impacted by
introducing a new function bdrv_snapshot_delete_by_id_or_name(), which
check the return value and do the operation again.
Before this patch:
For qcow2, it search id first then name to find the one to delete.
For rbd, it search name.
For sheepdog, it does nothing.
After this patch:
For qcow2, logic is the same by call it twice in caller.
For rbd, it always fails in delete with id, but still search for name
in second try, no change to user.
Some code for *errp is based on Pavel's patch.
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-09-11 14:04:33 +08:00
|
|
|
if (!snapshot_id && !name) {
|
|
|
|
error_setg(errp, "snapshot_id and name are both NULL");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
2014-10-21 16:38:01 +08:00
|
|
|
|
|
|
|
/* drain all pending i/o before deleting snapshot */
|
2015-12-16 19:33:45 +01:00
|
|
|
bdrv_drained_begin(bs);
|
2014-10-21 16:38:01 +08:00
|
|
|
|
2013-05-25 11:09:43 +08:00
|
|
|
if (drv->bdrv_snapshot_delete) {
|
2015-12-16 19:33:45 +01:00
|
|
|
ret = drv->bdrv_snapshot_delete(bs, snapshot_id, name, errp);
|
|
|
|
} else if (bs->file) {
|
|
|
|
ret = bdrv_snapshot_delete(bs->file->bs, snapshot_id, name, errp);
|
|
|
|
} else {
|
|
|
|
error_setg(errp, "Block format '%s' used by device '%s' "
|
|
|
|
"does not support internal snapshot deletion",
|
|
|
|
drv->format_name, bdrv_get_device_name(bs));
|
|
|
|
ret = -ENOTSUP;
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
2015-12-16 19:33:45 +01:00
|
|
|
|
|
|
|
bdrv_drained_end(bs);
|
|
|
|
return ret;
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
int bdrv_snapshot_list(BlockDriverState *bs,
|
|
|
|
QEMUSnapshotInfo **psn_info)
|
|
|
|
{
|
|
|
|
BlockDriver *drv = bs->drv;
|
|
|
|
if (!drv) {
|
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
|
|
|
if (drv->bdrv_snapshot_list) {
|
|
|
|
return drv->bdrv_snapshot_list(bs, psn_info);
|
|
|
|
}
|
|
|
|
if (bs->file) {
|
2015-06-16 14:19:22 +02:00
|
|
|
return bdrv_snapshot_list(bs->file->bs, psn_info);
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
|
|
|
return -ENOTSUP;
|
|
|
|
}
|
|
|
|
|
2013-12-04 17:10:54 +08:00
|
|
|
/**
|
|
|
|
* Temporarily load an internal snapshot by @snapshot_id and @name.
|
|
|
|
* @bs: block device used in the operation
|
|
|
|
* @snapshot_id: unique snapshot ID, or NULL
|
|
|
|
* @name: snapshot name, or NULL
|
|
|
|
* @errp: location to store error
|
|
|
|
*
|
|
|
|
* If both @snapshot_id and @name are specified, load the first one with
|
|
|
|
* id @snapshot_id and name @name.
|
|
|
|
* If only @snapshot_id is specified, load the first one with id
|
|
|
|
* @snapshot_id.
|
|
|
|
* If only @name is specified, load the first one with name @name.
|
|
|
|
* if none is specified, return -EINVAL.
|
|
|
|
*
|
|
|
|
* Returns: 0 on success, -errno on fail. If @bs is not inserted, return
|
|
|
|
* -ENOMEDIUM. If @bs is not readonly, return -EINVAL. If @bs did not support
|
|
|
|
* internal snapshot, return -ENOTSUP. If qemu can't find a matching @id and
|
|
|
|
* @name, return -ENOENT. If @errp != NULL, it will always be filled on
|
|
|
|
* failure.
|
|
|
|
*/
|
2013-05-25 11:09:43 +08:00
|
|
|
int bdrv_snapshot_load_tmp(BlockDriverState *bs,
|
2013-12-04 17:10:54 +08:00
|
|
|
const char *snapshot_id,
|
|
|
|
const char *name,
|
|
|
|
Error **errp)
|
2013-05-25 11:09:43 +08:00
|
|
|
{
|
|
|
|
BlockDriver *drv = bs->drv;
|
2013-12-04 17:10:54 +08:00
|
|
|
|
2013-05-25 11:09:43 +08:00
|
|
|
if (!drv) {
|
2015-03-17 11:54:50 +01:00
|
|
|
error_setg(errp, QERR_DEVICE_HAS_NO_MEDIUM, bdrv_get_device_name(bs));
|
2013-05-25 11:09:43 +08:00
|
|
|
return -ENOMEDIUM;
|
|
|
|
}
|
2013-12-04 17:10:54 +08:00
|
|
|
if (!snapshot_id && !name) {
|
|
|
|
error_setg(errp, "snapshot_id and name are both NULL");
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
2013-05-25 11:09:43 +08:00
|
|
|
if (!bs->read_only) {
|
2013-12-04 17:10:54 +08:00
|
|
|
error_setg(errp, "Device is not readonly");
|
2013-05-25 11:09:43 +08:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
if (drv->bdrv_snapshot_load_tmp) {
|
2013-12-04 17:10:54 +08:00
|
|
|
return drv->bdrv_snapshot_load_tmp(bs, snapshot_id, name, errp);
|
2013-05-25 11:09:43 +08:00
|
|
|
}
|
2015-04-08 12:29:19 +03:00
|
|
|
error_setg(errp, "Block format '%s' used by device '%s' "
|
|
|
|
"does not support temporarily loading internal snapshots",
|
|
|
|
drv->format_name, bdrv_get_device_name(bs));
|
2013-05-25 11:09:43 +08:00
|
|
|
return -ENOTSUP;
|
|
|
|
}
|
2013-12-04 17:10:54 +08:00
|
|
|
|
|
|
|
int bdrv_snapshot_load_tmp_by_id_or_name(BlockDriverState *bs,
|
|
|
|
const char *id_or_name,
|
|
|
|
Error **errp)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
Error *local_err = NULL;
|
|
|
|
|
|
|
|
ret = bdrv_snapshot_load_tmp(bs, id_or_name, NULL, &local_err);
|
|
|
|
if (ret == -ENOENT || ret == -EINVAL) {
|
|
|
|
error_free(local_err);
|
|
|
|
local_err = NULL;
|
|
|
|
ret = bdrv_snapshot_load_tmp(bs, NULL, id_or_name, &local_err);
|
|
|
|
}
|
|
|
|
|
2016-06-13 18:57:56 -03:00
|
|
|
error_propagate(errp, local_err);
|
2013-12-04 17:10:54 +08:00
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
2015-11-19 09:42:01 +03:00
|
|
|
|
|
|
|
|
|
|
|
/* Group operations. All block drivers are involved.
|
|
|
|
* These functions will properly handle dataplane (take aio_context_acquire
|
|
|
|
* when appropriate for appropriate block drivers) */
|
|
|
|
|
|
|
|
bool bdrv_all_can_snapshot(BlockDriverState **first_bad_bs)
|
|
|
|
{
|
|
|
|
bool ok = true;
|
2016-03-22 18:58:50 +01:00
|
|
|
BlockDriverState *bs;
|
2016-05-20 18:49:07 +02:00
|
|
|
BdrvNextIterator it;
|
2015-11-19 09:42:01 +03:00
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
|
2015-11-19 09:42:01 +03:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
|
|
|
if (bdrv_is_inserted(bs) && !bdrv_is_read_only(bs)) {
|
|
|
|
ok = bdrv_can_snapshot(bs);
|
|
|
|
}
|
|
|
|
aio_context_release(ctx);
|
2016-05-20 18:49:07 +02:00
|
|
|
if (!ok) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_next_cleanup(&it);
|
2016-05-20 18:49:07 +02:00
|
|
|
goto fail;
|
|
|
|
}
|
2015-11-19 09:42:01 +03:00
|
|
|
}
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
fail:
|
2015-11-19 09:42:01 +03:00
|
|
|
*first_bad_bs = bs;
|
|
|
|
return ok;
|
|
|
|
}
|
2015-11-19 09:42:03 +03:00
|
|
|
|
|
|
|
int bdrv_all_delete_snapshot(const char *name, BlockDriverState **first_bad_bs,
|
|
|
|
Error **err)
|
|
|
|
{
|
|
|
|
int ret = 0;
|
2016-03-22 18:58:50 +01:00
|
|
|
BlockDriverState *bs;
|
2016-05-20 18:49:07 +02:00
|
|
|
BdrvNextIterator it;
|
2015-11-19 09:42:03 +03:00
|
|
|
QEMUSnapshotInfo sn1, *snapshot = &sn1;
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
|
2015-11-19 09:42:03 +03:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
|
|
|
if (bdrv_can_snapshot(bs) &&
|
|
|
|
bdrv_snapshot_find(bs, snapshot, name) >= 0) {
|
block/snapshot.c: eliminate use of ID input in snapshot operations
At this moment, QEMU attempts to create/load/delete snapshots
by using either an ID (id_str) or a name. The problem is that the code
isn't consistent of whether the entered argument is an ID or a name,
causing unexpected behaviors.
For example, when creating snapshots via savevm <arg>, what happens is that
"arg" is treated as both name and id_str. In a guest without snapshots, create
a single snapshot via savevm:
(qemu) savevm 0
(qemu) info snapshots
List of snapshots present on all disks:
ID TAG VM SIZE DATE VM CLOCK
-- 0 741M 2018-07-31 13:39:56 00:41:25.313
A snapshot with name "0" is created. ID is hidden from the user, but the
ID is a non-zero integer that starts at "1". Thus, this snapshot has
id_str=1, TAG="0". Creating a second snapshot with arg = 1, the first one
is deleted:
(qemu) savevm 1
(qemu) info snapshots
List of snapshots present on all disks:
ID TAG VM SIZE DATE VM CLOCK
-- 1 741M 2018-07-31 13:42:14 00:41:55.252
What happened?
- when creating the second snapshot, a verification is done inside
bdrv_all_delete_snapshot to delete any existing snapshots that matches an
string argument. Here, the code calls bdrv_all_delete_snapshot("1", ...);
- bdrv_all_delete_snapshot calls bdrv_snapshot_find(..., "1") for each
BlockDriverState of the guest. And this is where things goes tilting:
bdrv_snapshot_find does a search by both id_str and name. It finds
out that there is a snapshot that has id_str = 1, stores a reference
to the snapshot in the sn_info pointer and then returns match found;
- since a match was found, a call to bdrv_snapshot_delete_by_id_or_name() is
made. This function ignores the pointer written by bdrv_snapshot_find. Instead,
it deletes the snapshot using bdrv_snapshot_delete() calling it first with
id_str = 1. If it fails to delete, then it calls it again with name = 1.
- after all that, QEMU creates the new snapshot, that has id_str = 1 and
name = 1. The user is left wondering that happened with the first snapshot
created. Similar bugs can be triggered when using loadvm and delvm.
Before contemplating discarding the use of ID input in these operations,
I've searched the code of what would be the implications. My findings
are:
- the RBD and Sheepdog drivers don't care. Both uses the 'name' field as
key in their logic, making id_str = name when appropriate.
replay-snapshot.c does not make any special use of id_str;
- qcow2 uses id_str as an unique identifier but it is automatically
calculated, not being influenced by user input. Other than that, there are
no distinguish operations made only with id_str;
- in blockdev.c, the delete operation uses a match of both id_str AND
name. Given that id_str is either a copy of 'name' or auto-generated,
we're fine here.
This gives motivation to not consider ID as a valid user input in HMP
commands - sticking with 'name' input only is more consistent. To
accomplish that, the following changes were made in this patch:
- bdrv_snapshot_find() does not match for id_str anymore, only 'name'. The
function is called in save_snapshot(), load_snapshot(), bdrv_all_delete_snapshot()
and bdrv_all_find_snapshot(). This change makes the search function more
predictable and does not change the behavior of any underlying code that uses
these affected functions, which are related to HMP (which is fine) and the
main loop inside vl.c (which doesn't care about it anyways);
- bdrv_all_delete_snapshot() does not call bdrv_snapshot_delete_by_id_or_name
anymore. Instead, it uses the pointer returned by bdrv_snapshot_find to
erase the snapshot with the exact match of id_str an name. This function
is called in save_snapshot and hmp_delvm, thus this change produces the
intended effect;
- documentation changes to reflect the new behavior. I consider this to
be an API fix instead of an API change - the user was already creating
snapshots using 'name', but now he/she will also enjoy a consistent
behavior.
Ideally we would get rid of the id_str field entirely, but this would have
repercussions on existing snapshots. Another day perhaps.
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2018-11-07 11:09:58 -02:00
|
|
|
ret = bdrv_snapshot_delete(bs, snapshot->id_str,
|
|
|
|
snapshot->name, err);
|
2015-11-19 09:42:03 +03:00
|
|
|
}
|
|
|
|
aio_context_release(ctx);
|
2016-05-20 18:49:07 +02:00
|
|
|
if (ret < 0) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_next_cleanup(&it);
|
2016-05-20 18:49:07 +02:00
|
|
|
goto fail;
|
|
|
|
}
|
2015-11-19 09:42:03 +03:00
|
|
|
}
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
fail:
|
2015-11-19 09:42:03 +03:00
|
|
|
*first_bad_bs = bs;
|
|
|
|
return ret;
|
|
|
|
}
|
2015-11-19 09:42:04 +03:00
|
|
|
|
|
|
|
|
2017-11-20 15:36:48 +01:00
|
|
|
int bdrv_all_goto_snapshot(const char *name, BlockDriverState **first_bad_bs,
|
|
|
|
Error **errp)
|
2015-11-19 09:42:04 +03:00
|
|
|
{
|
2017-11-20 15:36:48 +01:00
|
|
|
int ret = 0;
|
2016-03-22 18:58:50 +01:00
|
|
|
BlockDriverState *bs;
|
2016-05-20 18:49:07 +02:00
|
|
|
BdrvNextIterator it;
|
2015-11-19 09:42:04 +03:00
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
|
2015-11-19 09:42:04 +03:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
|
|
|
if (bdrv_can_snapshot(bs)) {
|
2017-11-20 15:36:48 +01:00
|
|
|
ret = bdrv_snapshot_goto(bs, name, errp);
|
2015-11-19 09:42:04 +03:00
|
|
|
}
|
|
|
|
aio_context_release(ctx);
|
2017-11-20 15:36:48 +01:00
|
|
|
if (ret < 0) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_next_cleanup(&it);
|
2016-05-20 18:49:07 +02:00
|
|
|
goto fail;
|
|
|
|
}
|
2015-11-19 09:42:04 +03:00
|
|
|
}
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
fail:
|
2015-11-19 09:42:04 +03:00
|
|
|
*first_bad_bs = bs;
|
2017-11-20 15:36:48 +01:00
|
|
|
return ret;
|
2015-11-19 09:42:04 +03:00
|
|
|
}
|
2015-11-19 09:42:06 +03:00
|
|
|
|
|
|
|
int bdrv_all_find_snapshot(const char *name, BlockDriverState **first_bad_bs)
|
|
|
|
{
|
|
|
|
QEMUSnapshotInfo sn;
|
|
|
|
int err = 0;
|
2016-03-22 18:58:50 +01:00
|
|
|
BlockDriverState *bs;
|
2016-05-20 18:49:07 +02:00
|
|
|
BdrvNextIterator it;
|
2015-11-19 09:42:06 +03:00
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
|
2015-11-19 09:42:06 +03:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
|
|
|
if (bdrv_can_snapshot(bs)) {
|
|
|
|
err = bdrv_snapshot_find(bs, &sn, name);
|
|
|
|
}
|
|
|
|
aio_context_release(ctx);
|
2016-05-20 18:49:07 +02:00
|
|
|
if (err < 0) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_next_cleanup(&it);
|
2016-05-20 18:49:07 +02:00
|
|
|
goto fail;
|
|
|
|
}
|
2015-11-19 09:42:06 +03:00
|
|
|
}
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
fail:
|
2015-11-19 09:42:06 +03:00
|
|
|
*first_bad_bs = bs;
|
|
|
|
return err;
|
|
|
|
}
|
2015-11-19 09:42:08 +03:00
|
|
|
|
|
|
|
int bdrv_all_create_snapshot(QEMUSnapshotInfo *sn,
|
|
|
|
BlockDriverState *vm_state_bs,
|
|
|
|
uint64_t vm_state_size,
|
|
|
|
BlockDriverState **first_bad_bs)
|
|
|
|
{
|
|
|
|
int err = 0;
|
2016-03-22 18:58:50 +01:00
|
|
|
BlockDriverState *bs;
|
2016-05-20 18:49:07 +02:00
|
|
|
BdrvNextIterator it;
|
2015-11-19 09:42:08 +03:00
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
|
2015-11-19 09:42:08 +03:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
|
|
|
if (bs == vm_state_bs) {
|
|
|
|
sn->vm_state_size = vm_state_size;
|
|
|
|
err = bdrv_snapshot_create(bs, sn);
|
|
|
|
} else if (bdrv_can_snapshot(bs)) {
|
|
|
|
sn->vm_state_size = 0;
|
|
|
|
err = bdrv_snapshot_create(bs, sn);
|
|
|
|
}
|
|
|
|
aio_context_release(ctx);
|
2016-05-20 18:49:07 +02:00
|
|
|
if (err < 0) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_next_cleanup(&it);
|
2016-05-20 18:49:07 +02:00
|
|
|
goto fail;
|
|
|
|
}
|
2015-11-19 09:42:08 +03:00
|
|
|
}
|
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
fail:
|
2015-11-19 09:42:08 +03:00
|
|
|
*first_bad_bs = bs;
|
|
|
|
return err;
|
|
|
|
}
|
2015-11-19 09:42:10 +03:00
|
|
|
|
|
|
|
BlockDriverState *bdrv_all_find_vmstate_bs(void)
|
|
|
|
{
|
2016-03-22 18:58:50 +01:00
|
|
|
BlockDriverState *bs;
|
2016-05-20 18:49:07 +02:00
|
|
|
BdrvNextIterator it;
|
2015-11-19 09:42:10 +03:00
|
|
|
|
2016-05-20 18:49:07 +02:00
|
|
|
for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
|
2015-11-19 09:42:10 +03:00
|
|
|
AioContext *ctx = bdrv_get_aio_context(bs);
|
2016-05-20 18:49:07 +02:00
|
|
|
bool found;
|
2015-11-19 09:42:10 +03:00
|
|
|
|
|
|
|
aio_context_acquire(ctx);
|
2016-05-20 18:49:07 +02:00
|
|
|
found = bdrv_can_snapshot(bs);
|
2015-11-19 09:42:10 +03:00
|
|
|
aio_context_release(ctx);
|
2016-05-20 18:49:07 +02:00
|
|
|
|
|
|
|
if (found) {
|
2017-11-10 18:25:45 +01:00
|
|
|
bdrv_next_cleanup(&it);
|
2016-05-20 18:49:07 +02:00
|
|
|
break;
|
|
|
|
}
|
2015-11-19 09:42:10 +03:00
|
|
|
}
|
|
|
|
return bs;
|
|
|
|
}
|