usb/redir: avoid dynamic stack allocation (CVE-2021-3527)
[qemu/kevin.git] / blockjob.c
blob2fe1d788ba3334deae317039910562582913b9a4
1 /*
2 * QEMU System Emulator block driver
4 * Copyright (c) 2011 IBM Corp.
5 * Copyright (c) 2012 Red Hat, Inc.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
26 #include "qemu/osdep.h"
27 #include "block/block.h"
28 #include "block/blockjob_int.h"
29 #include "block/block_int.h"
30 #include "block/trace.h"
31 #include "sysemu/block-backend.h"
32 #include "qapi/error.h"
33 #include "qapi/qapi-events-block-core.h"
34 #include "qapi/qmp/qerror.h"
35 #include "qemu/coroutine.h"
36 #include "qemu/main-loop.h"
37 #include "qemu/timer.h"
40 * The block job API is composed of two categories of functions.
42 * The first includes functions used by the monitor. The monitor is
43 * peculiar in that it accesses the block job list with block_job_get, and
44 * therefore needs consistency across block_job_get and the actual operation
45 * (e.g. block_job_set_speed). The consistency is achieved with
46 * aio_context_acquire/release. These functions are declared in blockjob.h.
48 * The second includes functions used by the block job drivers and sometimes
49 * by the core block layer. These do not care about locking, because the
50 * whole coroutine runs under the AioContext lock, and are declared in
51 * blockjob_int.h.
54 static bool is_block_job(Job *job)
56 return job_type(job) == JOB_TYPE_BACKUP ||
57 job_type(job) == JOB_TYPE_COMMIT ||
58 job_type(job) == JOB_TYPE_MIRROR ||
59 job_type(job) == JOB_TYPE_STREAM;
62 BlockJob *block_job_next(BlockJob *bjob)
64 Job *job = bjob ? &bjob->job : NULL;
66 do {
67 job = job_next(job);
68 } while (job && !is_block_job(job));
70 return job ? container_of(job, BlockJob, job) : NULL;
73 BlockJob *block_job_get(const char *id)
75 Job *job = job_get(id);
77 if (job && is_block_job(job)) {
78 return container_of(job, BlockJob, job);
79 } else {
80 return NULL;
84 void block_job_free(Job *job)
86 BlockJob *bjob = container_of(job, BlockJob, job);
88 block_job_remove_all_bdrv(bjob);
89 blk_unref(bjob->blk);
90 error_free(bjob->blocker);
93 static char *child_job_get_parent_desc(BdrvChild *c)
95 BlockJob *job = c->opaque;
96 return g_strdup_printf("%s job '%s'", job_type_str(&job->job), job->job.id);
99 static void child_job_drained_begin(BdrvChild *c)
101 BlockJob *job = c->opaque;
102 job_pause(&job->job);
105 static bool child_job_drained_poll(BdrvChild *c)
107 BlockJob *bjob = c->opaque;
108 Job *job = &bjob->job;
109 const BlockJobDriver *drv = block_job_driver(bjob);
111 /* An inactive or completed job doesn't have any pending requests. Jobs
112 * with !job->busy are either already paused or have a pause point after
113 * being reentered, so no job driver code will run before they pause. */
114 if (!job->busy || job_is_completed(job)) {
115 return false;
118 /* Otherwise, assume that it isn't fully stopped yet, but allow the job to
119 * override this assumption. */
120 if (drv->drained_poll) {
121 return drv->drained_poll(bjob);
122 } else {
123 return true;
127 static void child_job_drained_end(BdrvChild *c, int *drained_end_counter)
129 BlockJob *job = c->opaque;
130 job_resume(&job->job);
133 static bool child_job_can_set_aio_ctx(BdrvChild *c, AioContext *ctx,
134 GSList **ignore, Error **errp)
136 BlockJob *job = c->opaque;
137 GSList *l;
139 for (l = job->nodes; l; l = l->next) {
140 BdrvChild *sibling = l->data;
141 if (!bdrv_child_can_set_aio_context(sibling, ctx, ignore, errp)) {
142 return false;
145 return true;
148 static void child_job_set_aio_ctx(BdrvChild *c, AioContext *ctx,
149 GSList **ignore)
151 BlockJob *job = c->opaque;
152 GSList *l;
154 for (l = job->nodes; l; l = l->next) {
155 BdrvChild *sibling = l->data;
156 if (g_slist_find(*ignore, sibling)) {
157 continue;
159 *ignore = g_slist_prepend(*ignore, sibling);
160 bdrv_set_aio_context_ignore(sibling->bs, ctx, ignore);
163 job->job.aio_context = ctx;
166 static AioContext *child_job_get_parent_aio_context(BdrvChild *c)
168 BlockJob *job = c->opaque;
170 return job->job.aio_context;
173 static const BdrvChildClass child_job = {
174 .get_parent_desc = child_job_get_parent_desc,
175 .drained_begin = child_job_drained_begin,
176 .drained_poll = child_job_drained_poll,
177 .drained_end = child_job_drained_end,
178 .can_set_aio_ctx = child_job_can_set_aio_ctx,
179 .set_aio_ctx = child_job_set_aio_ctx,
180 .stay_at_node = true,
181 .get_parent_aio_context = child_job_get_parent_aio_context,
184 void block_job_remove_all_bdrv(BlockJob *job)
187 * bdrv_root_unref_child() may reach child_job_[can_]set_aio_ctx(),
188 * which will also traverse job->nodes, so consume the list one by
189 * one to make sure that such a concurrent access does not attempt
190 * to process an already freed BdrvChild.
192 while (job->nodes) {
193 GSList *l = job->nodes;
194 BdrvChild *c = l->data;
196 job->nodes = l->next;
198 bdrv_op_unblock_all(c->bs, job->blocker);
199 bdrv_root_unref_child(c);
201 g_slist_free_1(l);
205 bool block_job_has_bdrv(BlockJob *job, BlockDriverState *bs)
207 GSList *el;
209 for (el = job->nodes; el; el = el->next) {
210 BdrvChild *c = el->data;
211 if (c->bs == bs) {
212 return true;
216 return false;
219 int block_job_add_bdrv(BlockJob *job, const char *name, BlockDriverState *bs,
220 uint64_t perm, uint64_t shared_perm, Error **errp)
222 BdrvChild *c;
223 bool need_context_ops;
225 bdrv_ref(bs);
227 need_context_ops = bdrv_get_aio_context(bs) != job->job.aio_context;
229 if (need_context_ops && job->job.aio_context != qemu_get_aio_context()) {
230 aio_context_release(job->job.aio_context);
232 c = bdrv_root_attach_child(bs, name, &child_job, 0, perm, shared_perm, job,
233 errp);
234 if (need_context_ops && job->job.aio_context != qemu_get_aio_context()) {
235 aio_context_acquire(job->job.aio_context);
237 if (c == NULL) {
238 return -EPERM;
241 job->nodes = g_slist_prepend(job->nodes, c);
242 bdrv_op_block_all(bs, job->blocker);
244 return 0;
247 static void block_job_on_idle(Notifier *n, void *opaque)
249 aio_wait_kick();
252 bool block_job_is_internal(BlockJob *job)
254 return (job->job.id == NULL);
257 const BlockJobDriver *block_job_driver(BlockJob *job)
259 return container_of(job->job.driver, BlockJobDriver, job_driver);
262 /* Assumes the job_mutex is held */
263 static bool job_timer_pending(Job *job)
265 return timer_pending(&job->sleep_timer);
268 bool block_job_set_speed(BlockJob *job, int64_t speed, Error **errp)
270 const BlockJobDriver *drv = block_job_driver(job);
271 int64_t old_speed = job->speed;
273 if (job_apply_verb(&job->job, JOB_VERB_SET_SPEED, errp) < 0) {
274 return false;
276 if (speed < 0) {
277 error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "speed",
278 "a non-negative value");
279 return false;
282 ratelimit_set_speed(&job->limit, speed, BLOCK_JOB_SLICE_TIME);
284 job->speed = speed;
286 if (drv->set_speed) {
287 drv->set_speed(job, speed);
290 if (speed && speed <= old_speed) {
291 return true;
294 /* kick only if a timer is pending */
295 job_enter_cond(&job->job, job_timer_pending);
297 return true;
300 int64_t block_job_ratelimit_get_delay(BlockJob *job, uint64_t n)
302 if (!job->speed) {
303 return 0;
306 return ratelimit_calculate_delay(&job->limit, n);
309 BlockJobInfo *block_job_query(BlockJob *job, Error **errp)
311 BlockJobInfo *info;
313 if (block_job_is_internal(job)) {
314 error_setg(errp, "Cannot query QEMU internal jobs");
315 return NULL;
317 info = g_new0(BlockJobInfo, 1);
318 info->type = g_strdup(job_type_str(&job->job));
319 info->device = g_strdup(job->job.id);
320 info->busy = qatomic_read(&job->job.busy);
321 info->paused = job->job.pause_count > 0;
322 info->offset = job->job.progress.current;
323 info->len = job->job.progress.total;
324 info->speed = job->speed;
325 info->io_status = job->iostatus;
326 info->ready = job_is_ready(&job->job),
327 info->status = job->job.status;
328 info->auto_finalize = job->job.auto_finalize;
329 info->auto_dismiss = job->job.auto_dismiss;
330 if (job->job.ret) {
331 info->has_error = true;
332 info->error = job->job.err ?
333 g_strdup(error_get_pretty(job->job.err)) :
334 g_strdup(strerror(-job->job.ret));
336 return info;
339 static void block_job_iostatus_set_err(BlockJob *job, int error)
341 if (job->iostatus == BLOCK_DEVICE_IO_STATUS_OK) {
342 job->iostatus = error == ENOSPC ? BLOCK_DEVICE_IO_STATUS_NOSPACE :
343 BLOCK_DEVICE_IO_STATUS_FAILED;
347 static void block_job_event_cancelled(Notifier *n, void *opaque)
349 BlockJob *job = opaque;
351 if (block_job_is_internal(job)) {
352 return;
355 qapi_event_send_block_job_cancelled(job_type(&job->job),
356 job->job.id,
357 job->job.progress.total,
358 job->job.progress.current,
359 job->speed);
362 static void block_job_event_completed(Notifier *n, void *opaque)
364 BlockJob *job = opaque;
365 const char *msg = NULL;
367 if (block_job_is_internal(job)) {
368 return;
371 if (job->job.ret < 0) {
372 msg = error_get_pretty(job->job.err);
375 qapi_event_send_block_job_completed(job_type(&job->job),
376 job->job.id,
377 job->job.progress.total,
378 job->job.progress.current,
379 job->speed,
380 !!msg,
381 msg);
384 static void block_job_event_pending(Notifier *n, void *opaque)
386 BlockJob *job = opaque;
388 if (block_job_is_internal(job)) {
389 return;
392 qapi_event_send_block_job_pending(job_type(&job->job),
393 job->job.id);
396 static void block_job_event_ready(Notifier *n, void *opaque)
398 BlockJob *job = opaque;
400 if (block_job_is_internal(job)) {
401 return;
404 qapi_event_send_block_job_ready(job_type(&job->job),
405 job->job.id,
406 job->job.progress.total,
407 job->job.progress.current,
408 job->speed);
413 * API for block job drivers and the block layer. These functions are
414 * declared in blockjob_int.h.
417 void *block_job_create(const char *job_id, const BlockJobDriver *driver,
418 JobTxn *txn, BlockDriverState *bs, uint64_t perm,
419 uint64_t shared_perm, int64_t speed, int flags,
420 BlockCompletionFunc *cb, void *opaque, Error **errp)
422 BlockBackend *blk;
423 BlockJob *job;
425 if (job_id == NULL && !(flags & JOB_INTERNAL)) {
426 job_id = bdrv_get_device_name(bs);
429 blk = blk_new_with_bs(bs, perm, shared_perm, errp);
430 if (!blk) {
431 return NULL;
434 job = job_create(job_id, &driver->job_driver, txn, blk_get_aio_context(blk),
435 flags, cb, opaque, errp);
436 if (job == NULL) {
437 blk_unref(blk);
438 return NULL;
441 assert(is_block_job(&job->job));
442 assert(job->job.driver->free == &block_job_free);
443 assert(job->job.driver->user_resume == &block_job_user_resume);
445 job->blk = blk;
447 job->finalize_cancelled_notifier.notify = block_job_event_cancelled;
448 job->finalize_completed_notifier.notify = block_job_event_completed;
449 job->pending_notifier.notify = block_job_event_pending;
450 job->ready_notifier.notify = block_job_event_ready;
451 job->idle_notifier.notify = block_job_on_idle;
453 notifier_list_add(&job->job.on_finalize_cancelled,
454 &job->finalize_cancelled_notifier);
455 notifier_list_add(&job->job.on_finalize_completed,
456 &job->finalize_completed_notifier);
457 notifier_list_add(&job->job.on_pending, &job->pending_notifier);
458 notifier_list_add(&job->job.on_ready, &job->ready_notifier);
459 notifier_list_add(&job->job.on_idle, &job->idle_notifier);
461 error_setg(&job->blocker, "block device is in use by block job: %s",
462 job_type_str(&job->job));
463 block_job_add_bdrv(job, "main node", bs, 0, BLK_PERM_ALL, &error_abort);
465 bdrv_op_unblock(bs, BLOCK_OP_TYPE_DATAPLANE, job->blocker);
467 /* Disable request queuing in the BlockBackend to avoid deadlocks on drain:
468 * The job reports that it's busy until it reaches a pause point. */
469 blk_set_disable_request_queuing(blk, true);
470 blk_set_allow_aio_context_change(blk, true);
472 /* Only set speed when necessary to avoid NotSupported error */
473 if (speed != 0) {
474 if (!block_job_set_speed(job, speed, errp)) {
475 job_early_fail(&job->job);
476 return NULL;
480 return job;
483 void block_job_iostatus_reset(BlockJob *job)
485 if (job->iostatus == BLOCK_DEVICE_IO_STATUS_OK) {
486 return;
488 assert(job->job.user_paused && job->job.pause_count > 0);
489 job->iostatus = BLOCK_DEVICE_IO_STATUS_OK;
492 void block_job_user_resume(Job *job)
494 BlockJob *bjob = container_of(job, BlockJob, job);
495 block_job_iostatus_reset(bjob);
498 BlockErrorAction block_job_error_action(BlockJob *job, BlockdevOnError on_err,
499 int is_read, int error)
501 BlockErrorAction action;
503 switch (on_err) {
504 case BLOCKDEV_ON_ERROR_ENOSPC:
505 case BLOCKDEV_ON_ERROR_AUTO:
506 action = (error == ENOSPC) ?
507 BLOCK_ERROR_ACTION_STOP : BLOCK_ERROR_ACTION_REPORT;
508 break;
509 case BLOCKDEV_ON_ERROR_STOP:
510 action = BLOCK_ERROR_ACTION_STOP;
511 break;
512 case BLOCKDEV_ON_ERROR_REPORT:
513 action = BLOCK_ERROR_ACTION_REPORT;
514 break;
515 case BLOCKDEV_ON_ERROR_IGNORE:
516 action = BLOCK_ERROR_ACTION_IGNORE;
517 break;
518 default:
519 abort();
521 if (!block_job_is_internal(job)) {
522 qapi_event_send_block_job_error(job->job.id,
523 is_read ? IO_OPERATION_TYPE_READ :
524 IO_OPERATION_TYPE_WRITE,
525 action);
527 if (action == BLOCK_ERROR_ACTION_STOP) {
528 if (!job->job.user_paused) {
529 job_pause(&job->job);
530 /* make the pause user visible, which will be resumed from QMP. */
531 job->job.user_paused = true;
533 block_job_iostatus_set_err(job, error);
535 return action;