vga: make sure vga register setup for vbe stays intact (CVE-2016-3712).
[qemu.git] / blockjob.c
blob9fc37ca96577bcaf931ce6f9b3512d24983d95dc
1 /*
2 * QEMU System Emulator block driver
4 * Copyright (c) 2011 IBM Corp.
5 * Copyright (c) 2012 Red Hat, Inc.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "trace.h"
29 #include "block/block.h"
30 #include "block/blockjob.h"
31 #include "block/block_int.h"
32 #include "sysemu/block-backend.h"
33 #include "qapi/qmp/qerror.h"
34 #include "qapi/qmp/qjson.h"
35 #include "qemu/coroutine.h"
36 #include "qmp-commands.h"
37 #include "qemu/timer.h"
38 #include "qapi-event.h"
40 /* Transactional group of block jobs */
41 struct BlockJobTxn {
43 /* Is this txn being cancelled? */
44 bool aborting;
46 /* List of jobs */
47 QLIST_HEAD(, BlockJob) jobs;
49 /* Reference count */
50 int refcnt;
53 void *block_job_create(const BlockJobDriver *driver, BlockDriverState *bs,
54 int64_t speed, BlockCompletionFunc *cb,
55 void *opaque, Error **errp)
57 BlockJob *job;
59 if (bs->job) {
60 error_setg(errp, QERR_DEVICE_IN_USE, bdrv_get_device_name(bs));
61 return NULL;
63 bdrv_ref(bs);
64 job = g_malloc0(driver->instance_size);
65 error_setg(&job->blocker, "block device is in use by block job: %s",
66 BlockJobType_lookup[driver->job_type]);
67 bdrv_op_block_all(bs, job->blocker);
68 bdrv_op_unblock(bs, BLOCK_OP_TYPE_DATAPLANE, job->blocker);
70 job->driver = driver;
71 job->id = g_strdup(bdrv_get_device_name(bs));
72 job->bs = bs;
73 job->cb = cb;
74 job->opaque = opaque;
75 job->busy = true;
76 job->refcnt = 1;
77 bs->job = job;
79 /* Only set speed when necessary to avoid NotSupported error */
80 if (speed != 0) {
81 Error *local_err = NULL;
83 block_job_set_speed(job, speed, &local_err);
84 if (local_err) {
85 block_job_unref(job);
86 error_propagate(errp, local_err);
87 return NULL;
90 return job;
93 void block_job_ref(BlockJob *job)
95 ++job->refcnt;
98 void block_job_unref(BlockJob *job)
100 if (--job->refcnt == 0) {
101 job->bs->job = NULL;
102 bdrv_op_unblock_all(job->bs, job->blocker);
103 bdrv_unref(job->bs);
104 error_free(job->blocker);
105 g_free(job->id);
106 g_free(job);
110 static void block_job_completed_single(BlockJob *job)
112 if (!job->ret) {
113 if (job->driver->commit) {
114 job->driver->commit(job);
116 } else {
117 if (job->driver->abort) {
118 job->driver->abort(job);
121 job->cb(job->opaque, job->ret);
122 if (job->txn) {
123 block_job_txn_unref(job->txn);
125 block_job_unref(job);
128 static void block_job_completed_txn_abort(BlockJob *job)
130 AioContext *ctx;
131 BlockJobTxn *txn = job->txn;
132 BlockJob *other_job, *next;
134 if (txn->aborting) {
136 * We are cancelled by another job, which will handle everything.
138 return;
140 txn->aborting = true;
141 /* We are the first failed job. Cancel other jobs. */
142 QLIST_FOREACH(other_job, &txn->jobs, txn_list) {
143 ctx = bdrv_get_aio_context(other_job->bs);
144 aio_context_acquire(ctx);
146 QLIST_FOREACH(other_job, &txn->jobs, txn_list) {
147 if (other_job == job || other_job->completed) {
148 /* Other jobs are "effectively" cancelled by us, set the status for
149 * them; this job, however, may or may not be cancelled, depending
150 * on the caller, so leave it. */
151 if (other_job != job) {
152 other_job->cancelled = true;
154 continue;
156 block_job_cancel_sync(other_job);
157 assert(other_job->completed);
159 QLIST_FOREACH_SAFE(other_job, &txn->jobs, txn_list, next) {
160 ctx = bdrv_get_aio_context(other_job->bs);
161 block_job_completed_single(other_job);
162 aio_context_release(ctx);
166 static void block_job_completed_txn_success(BlockJob *job)
168 AioContext *ctx;
169 BlockJobTxn *txn = job->txn;
170 BlockJob *other_job, *next;
172 * Successful completion, see if there are other running jobs in this
173 * txn.
175 QLIST_FOREACH(other_job, &txn->jobs, txn_list) {
176 if (!other_job->completed) {
177 return;
180 /* We are the last completed job, commit the transaction. */
181 QLIST_FOREACH_SAFE(other_job, &txn->jobs, txn_list, next) {
182 ctx = bdrv_get_aio_context(other_job->bs);
183 aio_context_acquire(ctx);
184 assert(other_job->ret == 0);
185 block_job_completed_single(other_job);
186 aio_context_release(ctx);
190 void block_job_completed(BlockJob *job, int ret)
192 BlockDriverState *bs = job->bs;
194 assert(bs->job == job);
195 assert(!job->completed);
196 job->completed = true;
197 job->ret = ret;
198 if (!job->txn) {
199 block_job_completed_single(job);
200 } else if (ret < 0 || block_job_is_cancelled(job)) {
201 block_job_completed_txn_abort(job);
202 } else {
203 block_job_completed_txn_success(job);
207 void block_job_set_speed(BlockJob *job, int64_t speed, Error **errp)
209 Error *local_err = NULL;
211 if (!job->driver->set_speed) {
212 error_setg(errp, QERR_UNSUPPORTED);
213 return;
215 job->driver->set_speed(job, speed, &local_err);
216 if (local_err) {
217 error_propagate(errp, local_err);
218 return;
221 job->speed = speed;
224 void block_job_complete(BlockJob *job, Error **errp)
226 if (job->pause_count || job->cancelled || !job->driver->complete) {
227 error_setg(errp, QERR_BLOCK_JOB_NOT_READY, job->id);
228 return;
231 job->driver->complete(job, errp);
234 void block_job_pause(BlockJob *job)
236 job->pause_count++;
239 bool block_job_is_paused(BlockJob *job)
241 return job->pause_count > 0;
244 void block_job_resume(BlockJob *job)
246 assert(job->pause_count > 0);
247 job->pause_count--;
248 if (job->pause_count) {
249 return;
251 block_job_enter(job);
254 void block_job_enter(BlockJob *job)
256 block_job_iostatus_reset(job);
257 if (job->co && !job->busy) {
258 qemu_coroutine_enter(job->co, NULL);
262 void block_job_cancel(BlockJob *job)
264 job->cancelled = true;
265 block_job_enter(job);
268 bool block_job_is_cancelled(BlockJob *job)
270 return job->cancelled;
273 void block_job_iostatus_reset(BlockJob *job)
275 job->iostatus = BLOCK_DEVICE_IO_STATUS_OK;
276 if (job->driver->iostatus_reset) {
277 job->driver->iostatus_reset(job);
281 static int block_job_finish_sync(BlockJob *job,
282 void (*finish)(BlockJob *, Error **errp),
283 Error **errp)
285 BlockDriverState *bs = job->bs;
286 Error *local_err = NULL;
287 int ret;
289 assert(bs->job == job);
291 block_job_ref(job);
292 finish(job, &local_err);
293 if (local_err) {
294 error_propagate(errp, local_err);
295 block_job_unref(job);
296 return -EBUSY;
298 while (!job->completed) {
299 aio_poll(job->deferred_to_main_loop ? qemu_get_aio_context() :
300 bdrv_get_aio_context(bs),
301 true);
303 ret = (job->cancelled && job->ret == 0) ? -ECANCELED : job->ret;
304 block_job_unref(job);
305 return ret;
308 /* A wrapper around block_job_cancel() taking an Error ** parameter so it may be
309 * used with block_job_finish_sync() without the need for (rather nasty)
310 * function pointer casts there. */
311 static void block_job_cancel_err(BlockJob *job, Error **errp)
313 block_job_cancel(job);
316 int block_job_cancel_sync(BlockJob *job)
318 return block_job_finish_sync(job, &block_job_cancel_err, NULL);
321 int block_job_complete_sync(BlockJob *job, Error **errp)
323 return block_job_finish_sync(job, &block_job_complete, errp);
326 void block_job_sleep_ns(BlockJob *job, QEMUClockType type, int64_t ns)
328 assert(job->busy);
330 /* Check cancellation *before* setting busy = false, too! */
331 if (block_job_is_cancelled(job)) {
332 return;
335 job->busy = false;
336 if (block_job_is_paused(job)) {
337 qemu_coroutine_yield();
338 } else {
339 co_aio_sleep_ns(bdrv_get_aio_context(job->bs), type, ns);
341 job->busy = true;
344 void block_job_yield(BlockJob *job)
346 assert(job->busy);
348 /* Check cancellation *before* setting busy = false, too! */
349 if (block_job_is_cancelled(job)) {
350 return;
353 job->busy = false;
354 qemu_coroutine_yield();
355 job->busy = true;
358 BlockJobInfo *block_job_query(BlockJob *job)
360 BlockJobInfo *info = g_new0(BlockJobInfo, 1);
361 info->type = g_strdup(BlockJobType_lookup[job->driver->job_type]);
362 info->device = g_strdup(job->id);
363 info->len = job->len;
364 info->busy = job->busy;
365 info->paused = job->pause_count > 0;
366 info->offset = job->offset;
367 info->speed = job->speed;
368 info->io_status = job->iostatus;
369 info->ready = job->ready;
370 return info;
373 static void block_job_iostatus_set_err(BlockJob *job, int error)
375 if (job->iostatus == BLOCK_DEVICE_IO_STATUS_OK) {
376 job->iostatus = error == ENOSPC ? BLOCK_DEVICE_IO_STATUS_NOSPACE :
377 BLOCK_DEVICE_IO_STATUS_FAILED;
381 void block_job_event_cancelled(BlockJob *job)
383 qapi_event_send_block_job_cancelled(job->driver->job_type,
384 job->id,
385 job->len,
386 job->offset,
387 job->speed,
388 &error_abort);
391 void block_job_event_completed(BlockJob *job, const char *msg)
393 qapi_event_send_block_job_completed(job->driver->job_type,
394 job->id,
395 job->len,
396 job->offset,
397 job->speed,
398 !!msg,
399 msg,
400 &error_abort);
403 void block_job_event_ready(BlockJob *job)
405 job->ready = true;
407 qapi_event_send_block_job_ready(job->driver->job_type,
408 job->id,
409 job->len,
410 job->offset,
411 job->speed, &error_abort);
414 BlockErrorAction block_job_error_action(BlockJob *job, BlockDriverState *bs,
415 BlockdevOnError on_err,
416 int is_read, int error)
418 BlockErrorAction action;
420 switch (on_err) {
421 case BLOCKDEV_ON_ERROR_ENOSPC:
422 action = (error == ENOSPC) ?
423 BLOCK_ERROR_ACTION_STOP : BLOCK_ERROR_ACTION_REPORT;
424 break;
425 case BLOCKDEV_ON_ERROR_STOP:
426 action = BLOCK_ERROR_ACTION_STOP;
427 break;
428 case BLOCKDEV_ON_ERROR_REPORT:
429 action = BLOCK_ERROR_ACTION_REPORT;
430 break;
431 case BLOCKDEV_ON_ERROR_IGNORE:
432 action = BLOCK_ERROR_ACTION_IGNORE;
433 break;
434 default:
435 abort();
437 qapi_event_send_block_job_error(job->id,
438 is_read ? IO_OPERATION_TYPE_READ :
439 IO_OPERATION_TYPE_WRITE,
440 action, &error_abort);
441 if (action == BLOCK_ERROR_ACTION_STOP) {
442 /* make the pause user visible, which will be resumed from QMP. */
443 job->user_paused = true;
444 block_job_pause(job);
445 block_job_iostatus_set_err(job, error);
446 if (bs->blk && bs != job->bs) {
447 blk_iostatus_set_err(bs->blk, error);
450 return action;
453 typedef struct {
454 BlockJob *job;
455 QEMUBH *bh;
456 AioContext *aio_context;
457 BlockJobDeferToMainLoopFn *fn;
458 void *opaque;
459 } BlockJobDeferToMainLoopData;
461 static void block_job_defer_to_main_loop_bh(void *opaque)
463 BlockJobDeferToMainLoopData *data = opaque;
464 AioContext *aio_context;
466 qemu_bh_delete(data->bh);
468 /* Prevent race with block_job_defer_to_main_loop() */
469 aio_context_acquire(data->aio_context);
471 /* Fetch BDS AioContext again, in case it has changed */
472 aio_context = bdrv_get_aio_context(data->job->bs);
473 aio_context_acquire(aio_context);
475 data->job->deferred_to_main_loop = false;
476 data->fn(data->job, data->opaque);
478 aio_context_release(aio_context);
480 aio_context_release(data->aio_context);
482 g_free(data);
485 void block_job_defer_to_main_loop(BlockJob *job,
486 BlockJobDeferToMainLoopFn *fn,
487 void *opaque)
489 BlockJobDeferToMainLoopData *data = g_malloc(sizeof(*data));
490 data->job = job;
491 data->bh = qemu_bh_new(block_job_defer_to_main_loop_bh, data);
492 data->aio_context = bdrv_get_aio_context(job->bs);
493 data->fn = fn;
494 data->opaque = opaque;
495 job->deferred_to_main_loop = true;
497 qemu_bh_schedule(data->bh);
500 BlockJobTxn *block_job_txn_new(void)
502 BlockJobTxn *txn = g_new0(BlockJobTxn, 1);
503 QLIST_INIT(&txn->jobs);
504 txn->refcnt = 1;
505 return txn;
508 static void block_job_txn_ref(BlockJobTxn *txn)
510 txn->refcnt++;
513 void block_job_txn_unref(BlockJobTxn *txn)
515 if (txn && --txn->refcnt == 0) {
516 g_free(txn);
520 void block_job_txn_add_job(BlockJobTxn *txn, BlockJob *job)
522 if (!txn) {
523 return;
526 assert(!job->txn);
527 job->txn = txn;
529 QLIST_INSERT_HEAD(&txn->jobs, job, txn_list);
530 block_job_txn_ref(txn);