CVE-2015-1779: limit size of HTTP headers from websockets clients
[qemu/ar7.git] / block / mirror.c
blob405616422b1dc864ab20c49c7b89bc8776c15041
1 /*
2 * Image mirroring
4 * Copyright Red Hat, Inc. 2012
6 * Authors:
7 * Paolo Bonzini <pbonzini@redhat.com>
9 * This work is licensed under the terms of the GNU LGPL, version 2 or later.
10 * See the COPYING.LIB file in the top-level directory.
14 #include "trace.h"
15 #include "block/blockjob.h"
16 #include "block/block_int.h"
17 #include "qemu/ratelimit.h"
18 #include "qemu/bitmap.h"
20 #define SLICE_TIME 100000000ULL /* ns */
21 #define MAX_IN_FLIGHT 16
23 /* The mirroring buffer is a list of granularity-sized chunks.
24 * Free chunks are organized in a list.
26 typedef struct MirrorBuffer {
27 QSIMPLEQ_ENTRY(MirrorBuffer) next;
28 } MirrorBuffer;
30 typedef struct MirrorBlockJob {
31 BlockJob common;
32 RateLimit limit;
33 BlockDriverState *target;
34 BlockDriverState *base;
35 /* The name of the graph node to replace */
36 char *replaces;
37 /* The BDS to replace */
38 BlockDriverState *to_replace;
39 /* Used to block operations on the drive-mirror-replace target */
40 Error *replace_blocker;
41 bool is_none_mode;
42 BlockdevOnError on_source_error, on_target_error;
43 bool synced;
44 bool should_complete;
45 int64_t sector_num;
46 int64_t granularity;
47 size_t buf_size;
48 int64_t bdev_length;
49 unsigned long *cow_bitmap;
50 BdrvDirtyBitmap *dirty_bitmap;
51 HBitmapIter hbi;
52 uint8_t *buf;
53 QSIMPLEQ_HEAD(, MirrorBuffer) buf_free;
54 int buf_free_count;
56 unsigned long *in_flight_bitmap;
57 int in_flight;
58 int sectors_in_flight;
59 int ret;
60 } MirrorBlockJob;
62 typedef struct MirrorOp {
63 MirrorBlockJob *s;
64 QEMUIOVector qiov;
65 int64_t sector_num;
66 int nb_sectors;
67 } MirrorOp;
69 static BlockErrorAction mirror_error_action(MirrorBlockJob *s, bool read,
70 int error)
72 s->synced = false;
73 if (read) {
74 return block_job_error_action(&s->common, s->common.bs,
75 s->on_source_error, true, error);
76 } else {
77 return block_job_error_action(&s->common, s->target,
78 s->on_target_error, false, error);
82 static void mirror_iteration_done(MirrorOp *op, int ret)
84 MirrorBlockJob *s = op->s;
85 struct iovec *iov;
86 int64_t chunk_num;
87 int i, nb_chunks, sectors_per_chunk;
89 trace_mirror_iteration_done(s, op->sector_num, op->nb_sectors, ret);
91 s->in_flight--;
92 s->sectors_in_flight -= op->nb_sectors;
93 iov = op->qiov.iov;
94 for (i = 0; i < op->qiov.niov; i++) {
95 MirrorBuffer *buf = (MirrorBuffer *) iov[i].iov_base;
96 QSIMPLEQ_INSERT_TAIL(&s->buf_free, buf, next);
97 s->buf_free_count++;
100 sectors_per_chunk = s->granularity >> BDRV_SECTOR_BITS;
101 chunk_num = op->sector_num / sectors_per_chunk;
102 nb_chunks = op->nb_sectors / sectors_per_chunk;
103 bitmap_clear(s->in_flight_bitmap, chunk_num, nb_chunks);
104 if (ret >= 0) {
105 if (s->cow_bitmap) {
106 bitmap_set(s->cow_bitmap, chunk_num, nb_chunks);
108 s->common.offset += (uint64_t)op->nb_sectors * BDRV_SECTOR_SIZE;
111 qemu_iovec_destroy(&op->qiov);
112 g_slice_free(MirrorOp, op);
114 /* Enter coroutine when it is not sleeping. The coroutine sleeps to
115 * rate-limit itself. The coroutine will eventually resume since there is
116 * a sleep timeout so don't wake it early.
118 if (s->common.busy) {
119 qemu_coroutine_enter(s->common.co, NULL);
123 static void mirror_write_complete(void *opaque, int ret)
125 MirrorOp *op = opaque;
126 MirrorBlockJob *s = op->s;
127 if (ret < 0) {
128 BlockDriverState *source = s->common.bs;
129 BlockErrorAction action;
131 bdrv_set_dirty_bitmap(source, s->dirty_bitmap, op->sector_num,
132 op->nb_sectors);
133 action = mirror_error_action(s, false, -ret);
134 if (action == BLOCK_ERROR_ACTION_REPORT && s->ret >= 0) {
135 s->ret = ret;
138 mirror_iteration_done(op, ret);
141 static void mirror_read_complete(void *opaque, int ret)
143 MirrorOp *op = opaque;
144 MirrorBlockJob *s = op->s;
145 if (ret < 0) {
146 BlockDriverState *source = s->common.bs;
147 BlockErrorAction action;
149 bdrv_set_dirty_bitmap(source, s->dirty_bitmap, op->sector_num,
150 op->nb_sectors);
151 action = mirror_error_action(s, true, -ret);
152 if (action == BLOCK_ERROR_ACTION_REPORT && s->ret >= 0) {
153 s->ret = ret;
156 mirror_iteration_done(op, ret);
157 return;
159 bdrv_aio_writev(s->target, op->sector_num, &op->qiov, op->nb_sectors,
160 mirror_write_complete, op);
163 static uint64_t coroutine_fn mirror_iteration(MirrorBlockJob *s)
165 BlockDriverState *source = s->common.bs;
166 int nb_sectors, sectors_per_chunk, nb_chunks;
167 int64_t end, sector_num, next_chunk, next_sector, hbitmap_next_sector;
168 uint64_t delay_ns = 0;
169 MirrorOp *op;
171 s->sector_num = hbitmap_iter_next(&s->hbi);
172 if (s->sector_num < 0) {
173 bdrv_dirty_iter_init(source, s->dirty_bitmap, &s->hbi);
174 s->sector_num = hbitmap_iter_next(&s->hbi);
175 trace_mirror_restart_iter(s,
176 bdrv_get_dirty_count(source, s->dirty_bitmap));
177 assert(s->sector_num >= 0);
180 hbitmap_next_sector = s->sector_num;
181 sector_num = s->sector_num;
182 sectors_per_chunk = s->granularity >> BDRV_SECTOR_BITS;
183 end = s->bdev_length / BDRV_SECTOR_SIZE;
185 /* Extend the QEMUIOVector to include all adjacent blocks that will
186 * be copied in this operation.
188 * We have to do this if we have no backing file yet in the destination,
189 * and the cluster size is very large. Then we need to do COW ourselves.
190 * The first time a cluster is copied, copy it entirely. Note that,
191 * because both the granularity and the cluster size are powers of two,
192 * the number of sectors to copy cannot exceed one cluster.
194 * We also want to extend the QEMUIOVector to include more adjacent
195 * dirty blocks if possible, to limit the number of I/O operations and
196 * run efficiently even with a small granularity.
198 nb_chunks = 0;
199 nb_sectors = 0;
200 next_sector = sector_num;
201 next_chunk = sector_num / sectors_per_chunk;
203 /* Wait for I/O to this cluster (from a previous iteration) to be done. */
204 while (test_bit(next_chunk, s->in_flight_bitmap)) {
205 trace_mirror_yield_in_flight(s, sector_num, s->in_flight);
206 qemu_coroutine_yield();
209 do {
210 int added_sectors, added_chunks;
212 if (!bdrv_get_dirty(source, s->dirty_bitmap, next_sector) ||
213 test_bit(next_chunk, s->in_flight_bitmap)) {
214 assert(nb_sectors > 0);
215 break;
218 added_sectors = sectors_per_chunk;
219 if (s->cow_bitmap && !test_bit(next_chunk, s->cow_bitmap)) {
220 bdrv_round_to_clusters(s->target,
221 next_sector, added_sectors,
222 &next_sector, &added_sectors);
224 /* On the first iteration, the rounding may make us copy
225 * sectors before the first dirty one.
227 if (next_sector < sector_num) {
228 assert(nb_sectors == 0);
229 sector_num = next_sector;
230 next_chunk = next_sector / sectors_per_chunk;
234 added_sectors = MIN(added_sectors, end - (sector_num + nb_sectors));
235 added_chunks = (added_sectors + sectors_per_chunk - 1) / sectors_per_chunk;
237 /* When doing COW, it may happen that there is not enough space for
238 * a full cluster. Wait if that is the case.
240 while (nb_chunks == 0 && s->buf_free_count < added_chunks) {
241 trace_mirror_yield_buf_busy(s, nb_chunks, s->in_flight);
242 qemu_coroutine_yield();
244 if (s->buf_free_count < nb_chunks + added_chunks) {
245 trace_mirror_break_buf_busy(s, nb_chunks, s->in_flight);
246 break;
249 /* We have enough free space to copy these sectors. */
250 bitmap_set(s->in_flight_bitmap, next_chunk, added_chunks);
252 nb_sectors += added_sectors;
253 nb_chunks += added_chunks;
254 next_sector += added_sectors;
255 next_chunk += added_chunks;
256 if (!s->synced && s->common.speed) {
257 delay_ns = ratelimit_calculate_delay(&s->limit, added_sectors);
259 } while (delay_ns == 0 && next_sector < end);
261 /* Allocate a MirrorOp that is used as an AIO callback. */
262 op = g_slice_new(MirrorOp);
263 op->s = s;
264 op->sector_num = sector_num;
265 op->nb_sectors = nb_sectors;
267 /* Now make a QEMUIOVector taking enough granularity-sized chunks
268 * from s->buf_free.
270 qemu_iovec_init(&op->qiov, nb_chunks);
271 next_sector = sector_num;
272 while (nb_chunks-- > 0) {
273 MirrorBuffer *buf = QSIMPLEQ_FIRST(&s->buf_free);
274 size_t remaining = (nb_sectors * BDRV_SECTOR_SIZE) - op->qiov.size;
276 QSIMPLEQ_REMOVE_HEAD(&s->buf_free, next);
277 s->buf_free_count--;
278 qemu_iovec_add(&op->qiov, buf, MIN(s->granularity, remaining));
280 /* Advance the HBitmapIter in parallel, so that we do not examine
281 * the same sector twice.
283 if (next_sector > hbitmap_next_sector
284 && bdrv_get_dirty(source, s->dirty_bitmap, next_sector)) {
285 hbitmap_next_sector = hbitmap_iter_next(&s->hbi);
288 next_sector += sectors_per_chunk;
291 bdrv_reset_dirty_bitmap(source, s->dirty_bitmap, sector_num,
292 nb_sectors);
294 /* Copy the dirty cluster. */
295 s->in_flight++;
296 s->sectors_in_flight += nb_sectors;
297 trace_mirror_one_iteration(s, sector_num, nb_sectors);
298 bdrv_aio_readv(source, sector_num, &op->qiov, nb_sectors,
299 mirror_read_complete, op);
300 return delay_ns;
303 static void mirror_free_init(MirrorBlockJob *s)
305 int granularity = s->granularity;
306 size_t buf_size = s->buf_size;
307 uint8_t *buf = s->buf;
309 assert(s->buf_free_count == 0);
310 QSIMPLEQ_INIT(&s->buf_free);
311 while (buf_size != 0) {
312 MirrorBuffer *cur = (MirrorBuffer *)buf;
313 QSIMPLEQ_INSERT_TAIL(&s->buf_free, cur, next);
314 s->buf_free_count++;
315 buf_size -= granularity;
316 buf += granularity;
320 static void mirror_drain(MirrorBlockJob *s)
322 while (s->in_flight > 0) {
323 qemu_coroutine_yield();
327 typedef struct {
328 int ret;
329 } MirrorExitData;
331 static void mirror_exit(BlockJob *job, void *opaque)
333 MirrorBlockJob *s = container_of(job, MirrorBlockJob, common);
334 MirrorExitData *data = opaque;
335 AioContext *replace_aio_context = NULL;
337 if (s->to_replace) {
338 replace_aio_context = bdrv_get_aio_context(s->to_replace);
339 aio_context_acquire(replace_aio_context);
342 if (s->should_complete && data->ret == 0) {
343 BlockDriverState *to_replace = s->common.bs;
344 if (s->to_replace) {
345 to_replace = s->to_replace;
347 if (bdrv_get_flags(s->target) != bdrv_get_flags(to_replace)) {
348 bdrv_reopen(s->target, bdrv_get_flags(to_replace), NULL);
350 bdrv_swap(s->target, to_replace);
351 if (s->common.driver->job_type == BLOCK_JOB_TYPE_COMMIT) {
352 /* drop the bs loop chain formed by the swap: break the loop then
353 * trigger the unref from the top one */
354 BlockDriverState *p = s->base->backing_hd;
355 bdrv_set_backing_hd(s->base, NULL);
356 bdrv_unref(p);
359 if (s->to_replace) {
360 bdrv_op_unblock_all(s->to_replace, s->replace_blocker);
361 error_free(s->replace_blocker);
362 bdrv_unref(s->to_replace);
364 if (replace_aio_context) {
365 aio_context_release(replace_aio_context);
367 g_free(s->replaces);
368 bdrv_unref(s->target);
369 block_job_completed(&s->common, data->ret);
370 g_free(data);
373 static void coroutine_fn mirror_run(void *opaque)
375 MirrorBlockJob *s = opaque;
376 MirrorExitData *data;
377 BlockDriverState *bs = s->common.bs;
378 int64_t sector_num, end, sectors_per_chunk, length;
379 uint64_t last_pause_ns;
380 BlockDriverInfo bdi;
381 char backing_filename[2]; /* we only need 2 characters because we are only
382 checking for a NULL string */
383 int ret = 0;
384 int n;
386 if (block_job_is_cancelled(&s->common)) {
387 goto immediate_exit;
390 s->bdev_length = bdrv_getlength(bs);
391 if (s->bdev_length < 0) {
392 ret = s->bdev_length;
393 goto immediate_exit;
394 } else if (s->bdev_length == 0) {
395 /* Report BLOCK_JOB_READY and wait for complete. */
396 block_job_event_ready(&s->common);
397 s->synced = true;
398 while (!block_job_is_cancelled(&s->common) && !s->should_complete) {
399 block_job_yield(&s->common);
401 s->common.cancelled = false;
402 goto immediate_exit;
405 length = DIV_ROUND_UP(s->bdev_length, s->granularity);
406 s->in_flight_bitmap = bitmap_new(length);
408 /* If we have no backing file yet in the destination, we cannot let
409 * the destination do COW. Instead, we copy sectors around the
410 * dirty data if needed. We need a bitmap to do that.
412 bdrv_get_backing_filename(s->target, backing_filename,
413 sizeof(backing_filename));
414 if (backing_filename[0] && !s->target->backing_hd) {
415 ret = bdrv_get_info(s->target, &bdi);
416 if (ret < 0) {
417 goto immediate_exit;
419 if (s->granularity < bdi.cluster_size) {
420 s->buf_size = MAX(s->buf_size, bdi.cluster_size);
421 s->cow_bitmap = bitmap_new(length);
425 end = s->bdev_length / BDRV_SECTOR_SIZE;
426 s->buf = qemu_try_blockalign(bs, s->buf_size);
427 if (s->buf == NULL) {
428 ret = -ENOMEM;
429 goto immediate_exit;
432 sectors_per_chunk = s->granularity >> BDRV_SECTOR_BITS;
433 mirror_free_init(s);
435 if (!s->is_none_mode) {
436 /* First part, loop on the sectors and initialize the dirty bitmap. */
437 BlockDriverState *base = s->base;
438 for (sector_num = 0; sector_num < end; ) {
439 int64_t next = (sector_num | (sectors_per_chunk - 1)) + 1;
440 ret = bdrv_is_allocated_above(bs, base,
441 sector_num, next - sector_num, &n);
443 if (ret < 0) {
444 goto immediate_exit;
447 assert(n > 0);
448 if (ret == 1) {
449 bdrv_set_dirty_bitmap(bs, s->dirty_bitmap, sector_num, n);
450 sector_num = next;
451 } else {
452 sector_num += n;
457 bdrv_dirty_iter_init(bs, s->dirty_bitmap, &s->hbi);
458 last_pause_ns = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
459 for (;;) {
460 uint64_t delay_ns = 0;
461 int64_t cnt;
462 bool should_complete;
464 if (s->ret < 0) {
465 ret = s->ret;
466 goto immediate_exit;
469 cnt = bdrv_get_dirty_count(bs, s->dirty_bitmap);
470 /* s->common.offset contains the number of bytes already processed so
471 * far, cnt is the number of dirty sectors remaining and
472 * s->sectors_in_flight is the number of sectors currently being
473 * processed; together those are the current total operation length */
474 s->common.len = s->common.offset +
475 (cnt + s->sectors_in_flight) * BDRV_SECTOR_SIZE;
477 /* Note that even when no rate limit is applied we need to yield
478 * periodically with no pending I/O so that qemu_aio_flush() returns.
479 * We do so every SLICE_TIME nanoseconds, or when there is an error,
480 * or when the source is clean, whichever comes first.
482 if (qemu_clock_get_ns(QEMU_CLOCK_REALTIME) - last_pause_ns < SLICE_TIME &&
483 s->common.iostatus == BLOCK_DEVICE_IO_STATUS_OK) {
484 if (s->in_flight == MAX_IN_FLIGHT || s->buf_free_count == 0 ||
485 (cnt == 0 && s->in_flight > 0)) {
486 trace_mirror_yield(s, s->in_flight, s->buf_free_count, cnt);
487 qemu_coroutine_yield();
488 continue;
489 } else if (cnt != 0) {
490 delay_ns = mirror_iteration(s);
491 if (delay_ns == 0) {
492 continue;
497 should_complete = false;
498 if (s->in_flight == 0 && cnt == 0) {
499 trace_mirror_before_flush(s);
500 ret = bdrv_flush(s->target);
501 if (ret < 0) {
502 if (mirror_error_action(s, false, -ret) ==
503 BLOCK_ERROR_ACTION_REPORT) {
504 goto immediate_exit;
506 } else {
507 /* We're out of the streaming phase. From now on, if the job
508 * is cancelled we will actually complete all pending I/O and
509 * report completion. This way, block-job-cancel will leave
510 * the target in a consistent state.
512 if (!s->synced) {
513 block_job_event_ready(&s->common);
514 s->synced = true;
517 should_complete = s->should_complete ||
518 block_job_is_cancelled(&s->common);
519 cnt = bdrv_get_dirty_count(bs, s->dirty_bitmap);
523 if (cnt == 0 && should_complete) {
524 /* The dirty bitmap is not updated while operations are pending.
525 * If we're about to exit, wait for pending operations before
526 * calling bdrv_get_dirty_count(bs), or we may exit while the
527 * source has dirty data to copy!
529 * Note that I/O can be submitted by the guest while
530 * mirror_populate runs.
532 trace_mirror_before_drain(s, cnt);
533 bdrv_drain(bs);
534 cnt = bdrv_get_dirty_count(bs, s->dirty_bitmap);
537 ret = 0;
538 trace_mirror_before_sleep(s, cnt, s->synced, delay_ns);
539 if (!s->synced) {
540 block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);
541 if (block_job_is_cancelled(&s->common)) {
542 break;
544 } else if (!should_complete) {
545 delay_ns = (s->in_flight == 0 && cnt == 0 ? SLICE_TIME : 0);
546 block_job_sleep_ns(&s->common, QEMU_CLOCK_REALTIME, delay_ns);
547 } else if (cnt == 0) {
548 /* The two disks are in sync. Exit and report successful
549 * completion.
551 assert(QLIST_EMPTY(&bs->tracked_requests));
552 s->common.cancelled = false;
553 break;
555 last_pause_ns = qemu_clock_get_ns(QEMU_CLOCK_REALTIME);
558 immediate_exit:
559 if (s->in_flight > 0) {
560 /* We get here only if something went wrong. Either the job failed,
561 * or it was cancelled prematurely so that we do not guarantee that
562 * the target is a copy of the source.
564 assert(ret < 0 || (!s->synced && block_job_is_cancelled(&s->common)));
565 mirror_drain(s);
568 assert(s->in_flight == 0);
569 qemu_vfree(s->buf);
570 g_free(s->cow_bitmap);
571 g_free(s->in_flight_bitmap);
572 bdrv_release_dirty_bitmap(bs, s->dirty_bitmap);
573 bdrv_iostatus_disable(s->target);
575 data = g_malloc(sizeof(*data));
576 data->ret = ret;
577 block_job_defer_to_main_loop(&s->common, mirror_exit, data);
580 static void mirror_set_speed(BlockJob *job, int64_t speed, Error **errp)
582 MirrorBlockJob *s = container_of(job, MirrorBlockJob, common);
584 if (speed < 0) {
585 error_set(errp, QERR_INVALID_PARAMETER, "speed");
586 return;
588 ratelimit_set_speed(&s->limit, speed / BDRV_SECTOR_SIZE, SLICE_TIME);
591 static void mirror_iostatus_reset(BlockJob *job)
593 MirrorBlockJob *s = container_of(job, MirrorBlockJob, common);
595 bdrv_iostatus_reset(s->target);
598 static void mirror_complete(BlockJob *job, Error **errp)
600 MirrorBlockJob *s = container_of(job, MirrorBlockJob, common);
601 Error *local_err = NULL;
602 int ret;
604 ret = bdrv_open_backing_file(s->target, NULL, &local_err);
605 if (ret < 0) {
606 error_propagate(errp, local_err);
607 return;
609 if (!s->synced) {
610 error_set(errp, QERR_BLOCK_JOB_NOT_READY,
611 bdrv_get_device_name(job->bs));
612 return;
615 /* check the target bs is not blocked and block all operations on it */
616 if (s->replaces) {
617 AioContext *replace_aio_context;
619 s->to_replace = check_to_replace_node(s->replaces, &local_err);
620 if (!s->to_replace) {
621 error_propagate(errp, local_err);
622 return;
625 replace_aio_context = bdrv_get_aio_context(s->to_replace);
626 aio_context_acquire(replace_aio_context);
628 error_setg(&s->replace_blocker,
629 "block device is in use by block-job-complete");
630 bdrv_op_block_all(s->to_replace, s->replace_blocker);
631 bdrv_ref(s->to_replace);
633 aio_context_release(replace_aio_context);
636 s->should_complete = true;
637 block_job_resume(job);
640 static const BlockJobDriver mirror_job_driver = {
641 .instance_size = sizeof(MirrorBlockJob),
642 .job_type = BLOCK_JOB_TYPE_MIRROR,
643 .set_speed = mirror_set_speed,
644 .iostatus_reset= mirror_iostatus_reset,
645 .complete = mirror_complete,
648 static const BlockJobDriver commit_active_job_driver = {
649 .instance_size = sizeof(MirrorBlockJob),
650 .job_type = BLOCK_JOB_TYPE_COMMIT,
651 .set_speed = mirror_set_speed,
652 .iostatus_reset
653 = mirror_iostatus_reset,
654 .complete = mirror_complete,
657 static void mirror_start_job(BlockDriverState *bs, BlockDriverState *target,
658 const char *replaces,
659 int64_t speed, int64_t granularity,
660 int64_t buf_size,
661 BlockdevOnError on_source_error,
662 BlockdevOnError on_target_error,
663 BlockCompletionFunc *cb,
664 void *opaque, Error **errp,
665 const BlockJobDriver *driver,
666 bool is_none_mode, BlockDriverState *base)
668 MirrorBlockJob *s;
670 if (granularity == 0) {
671 /* Choose the default granularity based on the target file's cluster
672 * size, clamped between 4k and 64k. */
673 BlockDriverInfo bdi;
674 if (bdrv_get_info(target, &bdi) >= 0 && bdi.cluster_size != 0) {
675 granularity = MAX(4096, bdi.cluster_size);
676 granularity = MIN(65536, granularity);
677 } else {
678 granularity = 65536;
682 assert ((granularity & (granularity - 1)) == 0);
684 if ((on_source_error == BLOCKDEV_ON_ERROR_STOP ||
685 on_source_error == BLOCKDEV_ON_ERROR_ENOSPC) &&
686 !bdrv_iostatus_is_enabled(bs)) {
687 error_set(errp, QERR_INVALID_PARAMETER, "on-source-error");
688 return;
692 s = block_job_create(driver, bs, speed, cb, opaque, errp);
693 if (!s) {
694 return;
697 s->replaces = g_strdup(replaces);
698 s->on_source_error = on_source_error;
699 s->on_target_error = on_target_error;
700 s->target = target;
701 s->is_none_mode = is_none_mode;
702 s->base = base;
703 s->granularity = granularity;
704 s->buf_size = MAX(buf_size, granularity);
706 s->dirty_bitmap = bdrv_create_dirty_bitmap(bs, granularity, errp);
707 if (!s->dirty_bitmap) {
708 return;
710 bdrv_set_enable_write_cache(s->target, true);
711 bdrv_set_on_error(s->target, on_target_error, on_target_error);
712 bdrv_iostatus_enable(s->target);
713 s->common.co = qemu_coroutine_create(mirror_run);
714 trace_mirror_start(bs, s, s->common.co, opaque);
715 qemu_coroutine_enter(s->common.co, s);
718 void mirror_start(BlockDriverState *bs, BlockDriverState *target,
719 const char *replaces,
720 int64_t speed, int64_t granularity, int64_t buf_size,
721 MirrorSyncMode mode, BlockdevOnError on_source_error,
722 BlockdevOnError on_target_error,
723 BlockCompletionFunc *cb,
724 void *opaque, Error **errp)
726 bool is_none_mode;
727 BlockDriverState *base;
729 is_none_mode = mode == MIRROR_SYNC_MODE_NONE;
730 base = mode == MIRROR_SYNC_MODE_TOP ? bs->backing_hd : NULL;
731 mirror_start_job(bs, target, replaces,
732 speed, granularity, buf_size,
733 on_source_error, on_target_error, cb, opaque, errp,
734 &mirror_job_driver, is_none_mode, base);
737 void commit_active_start(BlockDriverState *bs, BlockDriverState *base,
738 int64_t speed,
739 BlockdevOnError on_error,
740 BlockCompletionFunc *cb,
741 void *opaque, Error **errp)
743 int64_t length, base_length;
744 int orig_base_flags;
745 int ret;
746 Error *local_err = NULL;
748 orig_base_flags = bdrv_get_flags(base);
750 if (bdrv_reopen(base, bs->open_flags, errp)) {
751 return;
754 length = bdrv_getlength(bs);
755 if (length < 0) {
756 error_setg_errno(errp, -length,
757 "Unable to determine length of %s", bs->filename);
758 goto error_restore_flags;
761 base_length = bdrv_getlength(base);
762 if (base_length < 0) {
763 error_setg_errno(errp, -base_length,
764 "Unable to determine length of %s", base->filename);
765 goto error_restore_flags;
768 if (length > base_length) {
769 ret = bdrv_truncate(base, length);
770 if (ret < 0) {
771 error_setg_errno(errp, -ret,
772 "Top image %s is larger than base image %s, and "
773 "resize of base image failed",
774 bs->filename, base->filename);
775 goto error_restore_flags;
779 bdrv_ref(base);
780 mirror_start_job(bs, base, NULL, speed, 0, 0,
781 on_error, on_error, cb, opaque, &local_err,
782 &commit_active_job_driver, false, base);
783 if (local_err) {
784 error_propagate(errp, local_err);
785 goto error_restore_flags;
788 return;
790 error_restore_flags:
791 /* ignore error and errp for bdrv_reopen, because we want to propagate
792 * the original error */
793 bdrv_reopen(base, orig_base_flags, NULL);
794 return;