On some image chains, QEMU may not always be able to resolve the filenames properly, when updating the backing file of an image after a block commit.
For instance, certain relative pathnames may fail, or drives may have been specified originally by file descriptor (e.g. /dev/fd/???), or a relative protocol pathname may have been used. In these instances, QEMU may lack the information to be able to make the correct choice, but the user or management layer most likely does have that knowledge. With this extension to the block-commit api, the user is able to change the backing file of the overlay image as part of the block-commit operation. This allows the change to be 'safe', in the sense that if the attempt to write the overlay image metadata fails, then the block-commit operation returns failure, without disrupting the guest. If the commit top is the active layer, then specifying the backing file string will be treated as an error (there is no overlay image to modify in that case). If a backing file string is not specified in the command, the backing file string to use is determined in the same manner as it was previously. Reviewed-by: Eric Blake <ebl...@redhat.com> Signed-off-by: Jeff Cody <jc...@redhat.com> --- block.c | 8 ++++++-- block/commit.c | 9 ++++++--- blockdev.c | 8 +++++++- include/block/block.h | 3 ++- include/block/block_int.h | 3 ++- qapi-schema.json | 23 +++++++++++++++++++++-- qmp-commands.hx | 19 ++++++++++++++++++- 7 files changed, 62 insertions(+), 11 deletions(-) diff --git a/block.c b/block.c index 96b90d9..5e5a621 100644 --- a/block.c +++ b/block.c @@ -2630,12 +2630,15 @@ typedef struct BlkIntermediateStates { * * base <- active * + * If backing_file_str is non-NULL, it will be used when modifying top's + * overlay image metadata. + * * Error conditions: * if active == top, that is considered an error * */ int bdrv_drop_intermediate(BlockDriverState *active, BlockDriverState *top, - BlockDriverState *base) + BlockDriverState *base, const char *backing_file_str) { BlockDriverState *intermediate; BlockDriverState *base_bs = NULL; @@ -2687,7 +2690,8 @@ int bdrv_drop_intermediate(BlockDriverState *active, BlockDriverState *top, } /* success - we can delete the intermediate states, and link top->base */ - ret = bdrv_change_backing_file(new_top_bs, base_bs->filename, + backing_file_str = backing_file_str ? backing_file_str : base_bs->filename; + ret = bdrv_change_backing_file(new_top_bs, backing_file_str, base_bs->drv ? base_bs->drv->format_name : ""); if (ret) { goto exit; diff --git a/block/commit.c b/block/commit.c index 5c09f44..91517d3 100644 --- a/block/commit.c +++ b/block/commit.c @@ -37,6 +37,7 @@ typedef struct CommitBlockJob { BlockdevOnError on_error; int base_flags; int orig_overlay_flags; + char *backing_file_str; } CommitBlockJob; static int coroutine_fn commit_populate(BlockDriverState *bs, @@ -141,7 +142,7 @@ wait: if (!block_job_is_cancelled(&s->common) && sector_num == end) { /* success */ - ret = bdrv_drop_intermediate(active, top, base); + ret = bdrv_drop_intermediate(active, top, base, s->backing_file_str); } exit_free_buf: @@ -158,7 +159,7 @@ exit_restore_reopen: if (overlay_bs && s->orig_overlay_flags != bdrv_get_flags(overlay_bs)) { bdrv_reopen(overlay_bs, s->orig_overlay_flags, NULL); } - + g_free(s->backing_file_str); block_job_completed(&s->common, ret); } @@ -182,7 +183,7 @@ static const BlockJobDriver commit_job_driver = { void commit_start(BlockDriverState *bs, BlockDriverState *base, BlockDriverState *top, int64_t speed, BlockdevOnError on_error, BlockDriverCompletionFunc *cb, - void *opaque, Error **errp) + void *opaque, const char *backing_file_str, Error **errp) { CommitBlockJob *s; BlockReopenQueue *reopen_queue = NULL; @@ -244,6 +245,8 @@ void commit_start(BlockDriverState *bs, BlockDriverState *base, s->base_flags = orig_base_flags; s->orig_overlay_flags = orig_overlay_flags; + s->backing_file_str = g_strdup(backing_file_str); + s->on_error = on_error; s->common.co = qemu_coroutine_create(commit_run); diff --git a/blockdev.c b/blockdev.c index 4399cb5..381698d 100644 --- a/blockdev.c +++ b/blockdev.c @@ -1915,6 +1915,7 @@ void qmp_block_commit(bool has_device, const char *device, bool has_base_node_name, const char *base_node_name, bool has_top, const char *top, bool has_top_node_name, const char *top_node_name, + bool has_backing_file, const char *backing_file, bool has_speed, int64_t speed, Error **errp) { @@ -2030,11 +2031,16 @@ void qmp_block_commit(bool has_device, const char *device, } if (top_bs == bs) { + if (has_backing_file) { + error_setg(errp, "'backing-file' specified," + " but 'top' is the active layer"); + return; + } commit_active_start(bs, base_bs, speed, on_error, block_job_cb, bs, &local_err); } else { commit_start(bs, base_bs, top_bs, speed, on_error, block_job_cb, bs, - &local_err); + has_backing_file ? backing_file : NULL, &local_err); } if (local_err != NULL) { error_propagate(errp, local_err); diff --git a/include/block/block.h b/include/block/block.h index c82d89a..1c0025f 100644 --- a/include/block/block.h +++ b/include/block/block.h @@ -290,7 +290,8 @@ int bdrv_change_backing_file(BlockDriverState *bs, const char *backing_file, const char *backing_fmt); void bdrv_register(BlockDriver *bdrv); int bdrv_drop_intermediate(BlockDriverState *active, BlockDriverState *top, - BlockDriverState *base); + BlockDriverState *base, + const char *backing_file_str); BlockDriverState *bdrv_find_overlay(BlockDriverState *active, BlockDriverState *bs); BlockDriverState *bdrv_find_base(BlockDriverState *bs); diff --git a/include/block/block_int.h b/include/block/block_int.h index c0fe90b..f5809ff 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -437,13 +437,14 @@ void stream_start(BlockDriverState *bs, BlockDriverState *base, * @on_error: The action to take upon error. * @cb: Completion function for the job. * @opaque: Opaque pointer value passed to @cb. + * @backing_file_str: String to use as the backing file in @top's overlay * @errp: Error object. * */ void commit_start(BlockDriverState *bs, BlockDriverState *base, BlockDriverState *top, int64_t speed, BlockdevOnError on_error, BlockDriverCompletionFunc *cb, - void *opaque, Error **errp); + void *opaque, const char *backing_file_str, Error **errp); /** * commit_active_start: * @bs: Active block device to be committed. diff --git a/qapi-schema.json b/qapi-schema.json index 2858155..899beec 100644 --- a/qapi-schema.json +++ b/qapi-schema.json @@ -2122,6 +2122,23 @@ # topmost data to be committed down. # (Since 2.1) # +# @backing-file: #optional The backing file string to write into the overlay +# image of 'top'. If 'top' is the active layer, +# specifying a backing file string is an error. This +# filename is not validated. +# +# If a pathname string is such that it cannot be +# resolved by QEMU, that means that subsequent QMP or +# HMP commands must use node-names for the image in +# question, as filename lookup methods will fail. +# +# If not specified, QEMU will automatically determine +# the backing file string to use, or error out if +# there is no obvious choice. Care should be taken +# when specifying the string, to specify a valid +# filename or protocol. +# (Since 2.1) +# # If top == base, that is an error. # If top == active, the job will not be completed by itself, # user needs to complete the job with the block-job-complete @@ -2134,7 +2151,6 @@ # size of the smaller top, you can safely truncate it # yourself once the commit operation successfully completes. # -# # @speed: #optional the maximum speed, in bytes per second # # Returns: Nothing on success @@ -2145,13 +2161,16 @@ # If @speed is invalid, InvalidParameter # If both @base and @base-node-name are specified, GenericError # If both @top and @top-node-name are specified, GenericError +# If @top or @top-node-name is the active layer, and @backing-file is +# specified, GenericError # # Since: 1.3 # ## { 'command': 'block-commit', 'data': { '*device': 'str', '*base': 'str', '*base-node-name': 'str', - '*top': 'str', '*top-node-name': 'str', '*speed': 'int' } } + '*top': 'str', '*top-node-name': 'str', '*backing-file': 'str', + '*speed': 'int' } } ## # @drive-backup diff --git a/qmp-commands.hx b/qmp-commands.hx index e0b6916..c10391c 100644 --- a/qmp-commands.hx +++ b/qmp-commands.hx @@ -985,7 +985,7 @@ EQMP { .name = "block-commit", - .args_type = "device:B?,base:s?,base-node-name:s?,top:s?,top-node-name:s?,speed:o?", + .args_type = "device:B?,base:s?,base-node-name:s?,top:s?,top-node-name:s?,backing-file:s?,speed:o?", .mhandler.cmd_new = qmp_marshal_input_block_commit, }, @@ -1023,6 +1023,23 @@ neither is specified, this is the active layer topmost data to be committed down. (json-string, optional) (Since 2.1) +- backing-file: The backing file string to write into the overlay + image of 'top'. If 'top' is the active layer, + specifying a backing file string is an error. This + filename is not validated. + + If a pathname string is such that it cannot be + resolved by QEMU, that means that subsequent QMP or + HMP commands must use node-names for the image in + question, as filename lookup methods will fail. + + If not specified, QEMU will automatically determine + the backing file string to use, or error out if + there is no obvious choice. Care should be taken + when specifying the string, to specify a valid + filename or protocol. + (json-string, optional) (Since 2.1) + If top == base, that is an error. If top == active, the job will not be completed by itself, user needs to complete the job with the block-job-complete -- 1.8.3.1