On Thu, Mar 1, 2012 at 2:56 AM, Dong Xu Wang <wdon...@linux.vnet.ibm.com> wrote:
> diff --git a/block/add-cow-cache.c b/block/add-cow-cache.c
> new file mode 100644
> index 0000000..6be02ff
> --- /dev/null
> +++ b/block/add-cow-cache.c
> @@ -0,0 +1,171 @@
> +/*
> + * Cache For QEMU ADD-COW Disk Format
> + *
> + * Copyright IBM, Corp. 2012
> + *
> + * Authors:
> + * Dong Xu Wang <wdon...@linux.vnet.ibm.com>
> + * This work is licensed under the terms of the GNU LGPL, version 2 or later.
> + * See the COPYING.LIB file in the top-level directory.
> + *
> + */
> +
> +#include "block_int.h"
> +#include "qemu-common.h"
> +#include "add-cow.h"
This patch is missing add-cow.h.
> diff --git a/block/add-cow.c b/block/add-cow.c
> new file mode 100644
> index 0000000..6897a52
> --- /dev/null
> +++ b/block/add-cow.c
> @@ -0,0 +1,402 @@
> +/*
> + * QEMU ADD-COW Disk Format
> + *
> + * Copyright IBM, Corp. 2012
> + *
> + * Authors:
> + * Dong Xu Wang <wdon...@linux.vnet.ibm.com>
> + * This work is licensed under the terms of the GNU LGPL, version 2 or later.
> + * See the COPYING.LIB file in the top-level directory.
> + *
> + */
> +
> +#include "qemu-common.h"
> +#include "block_int.h"
> +#include "module.h"
> +#include "add-cow.h"
> +
> +static int add_cow_probe(const uint8_t *buf, int buf_size, const char
> *filename)
> +{
> + const AddCowHeader *header = (const void *)buf;
Minor coding style comment: please cast to const AddCowHeader* instead of void.
> +
> + if (be64_to_cpu(header->magic) == ADD_COW_MAGIC &&
> + be32_to_cpu(header->version) == ADD_COW_VERSION) {
> + return 100;
> + } else {
> + return 0;
> + }
> +}
> +
> +static int add_cow_open(BlockDriverState *bs, int flags)
> +{
> + AddCowHeader header;
> + char image_filename[ADD_COW_FILE_LEN];
> + BlockDriver *image_drv = NULL;
> + int ret;
> + BDRVAddCowState *s = bs->opaque;
> +
> + ret = bdrv_pread(bs->file, 0, &header, sizeof(header));
> + if (ret != sizeof(header)) {
> + goto fail;
> + }
> +
> + if (be64_to_cpu(header.magic) != ADD_COW_MAGIC) {
> + ret = -EINVAL;
> + goto fail;
> + }
> + if (be32_to_cpu(header.version) != ADD_COW_VERSION) {
> + char version[64];
> + snprintf(version, sizeof(version), "ADD-COW version %d",
> header.version);
be32_to_cpu(header.version)
> + qerror_report(QERR_UNKNOWN_BLOCK_FORMAT_FEATURE,
> + bs->device_name, "add-cow", version);
> + ret = -ENOTSUP;
> + goto fail;
> + }
> +
> + QEMU_BUILD_BUG_ON(sizeof(bs->backing_file) !=
> sizeof(header.backing_file));
> + strncpy(bs->backing_file, header.backing_file,
> + sizeof(bs->backing_file));
Please use pstrcpy() - it always NUL-terminates the string. strncpy()
only stores a '\0' when the source string is *shorter than* max
length, so a max length string results in bs->backing_file missing the
'\0'.
> +
> + if (header.image_file[0] == '\0') {
> + ret = -ENOENT;
> + goto fail;
> + }
> + s->image_hd = bdrv_new("");
> + if (path_has_protocol(header.image_file)) {
Please safely copy in header.image_file before treating it as a
NUL-terminated string.
> + strncpy(image_filename, header.image_file, sizeof(image_filename));
> + } else {
> + path_combine(image_filename, sizeof(image_filename),
> + bs->filename, header.image_file);
> + }
> +
> + image_drv = bdrv_find_format("raw");
> + ret = bdrv_open(s->image_hd, image_filename, flags, image_drv);
> + if (ret < 0) {
> + bdrv_delete(s->image_hd);
> + goto fail;
> + }
> + bs->total_sectors = s->image_hd->total_sectors;
> + s->cluster_size = ADD_COW_CLUSTER_SIZE;
> + s->bitmap_cache = add_cow_cache_create(bs, ADD_COW_CACHE_SIZE);
> + qemu_co_mutex_init(&s->lock);
> + return 0;
> + fail:
> + return ret;
> +}
> +
> +static inline bool is_bit_set(BlockDriverState *bs, int64_t bitnum)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + uint64_t offset = bitnum >> 3;
> + uint8_t *bitmap;
> + int ret = add_cow_cache_get(bs, s->bitmap_cache,
> + offset & ~(ADD_COW_CLUSTER_SIZE - 1), (void **)&bitmap);
(void **) should not be necessary.
> + if (ret < 0) {
> + abort();
> + }
> +
> + return *(bitmap + (offset & (ADD_COW_CLUSTER_SIZE - 1))) & (1 << (bitnum
> % 8));
The cluster concept confuses me. Normally the point of a cluster is
to reduce metadata size, so you would not index using bitnum % 8.
> +}
> +
> +static coroutine_fn int add_cow_is_allocated(BlockDriverState *bs,
> + int64_t sector_num, int nb_sectors, int *num_same)
> +{
> + int changed;
> +
> + if (nb_sectors == 0) {
> + *num_same = nb_sectors;
> + return 0;
> + }
> +
> + changed = is_bit_set(bs, sector_num);
> + for (*num_same = 1; *num_same < nb_sectors; (*num_same)++) {
> + if (is_bit_set(bs, sector_num + *num_same) != changed) {
> + break;
> + }
> + }
> +
> + return changed;
> +}
> +
> +static int add_cow_update_bitmap(BlockDriverState *bs, int64_t sector_num,
> + int nb_sectors)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + uint8_t *bitmap;
> +
> + int i, ret = 0;
> + for (i = 0; i < nb_sectors; i++) {
> + int ret = add_cow_cache_get(bs, s->bitmap_cache,
> + (sector_num + i) / 8 & ~(ADD_COW_CLUSTER_SIZE - 1), (void
> **)&bitmap);
> + if (ret < 0) {
> + abort();
> + }
> + *(bitmap + ((sector_num + i) / 8 & (ADD_COW_CLUSTER_SIZE - 1))) |=
> + (1 << ((sector_num + i) % 8));
> + add_cow_cache_entry_mark_dirty(s->bitmap_cache, bitmap);
> +
> + }
> + ret = add_cow_cache_flush(bs, s->bitmap_cache);
Data must be flushed to the cow file before writing metadata updates,
otherwise a crash in between could result in zero sectors instead of
backing file sectors.
> +static int add_cow_backing_read(BlockDriverState *bs, QEMUIOVector *qiov,
> + int64_t sector_num, int nb_sectors)
This function name is confusing because we don't actually perform a read here.
I'm also not sure why we need to handle the case where a request spans
the end of the device. bdrv_check_byte_request, called from
bdrv_co_do_readv() should prevent such requests?
> +{
> + int n1;
> + if ((sector_num + nb_sectors) <= bs->total_sectors) {
> + return nb_sectors;
> + }
> + if (sector_num >= bs->total_sectors) {
> + n1 = 0;
> + } else {
> + n1 = bs->total_sectors - sector_num;
> + }
> +
> + qemu_iovec_memset_skip(qiov, 0, BDRV_SECTOR_SIZE * (nb_sectors - n1),
> + BDRV_SECTOR_SIZE * n1);
> + return n1;
> +}
> +
> +static coroutine_fn int add_cow_co_readv(BlockDriverState *bs, int64_t
> sector_num,
> + int remaining_sectors, QEMUIOVector *qiov)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + int cur_nr_sectors;
> + uint64_t bytes_done = 0;
> + QEMUIOVector hd_qiov;
> + int n, n1, ret = 0;
> +
> + qemu_iovec_init(&hd_qiov, qiov->niov);
> + qemu_co_mutex_lock(&s->lock);
> + while (remaining_sectors != 0) {
> + cur_nr_sectors = remaining_sectors;
> + if (add_cow_is_allocated(bs, sector_num, cur_nr_sectors, &n)) {
> + cur_nr_sectors = n;
> + qemu_iovec_reset(&hd_qiov);
> + qemu_iovec_copy(&hd_qiov, qiov, bytes_done,
> + cur_nr_sectors * BDRV_SECTOR_SIZE);
> + ret = bdrv_co_readv(s->image_hd, sector_num, n, &hd_qiov);
During the read it seems safe to unlock s->lock. We need to acquire
it again immediately afterwards, but it allows other requests to
access the cow cache in the meantime.
> + if (ret < 0) {
> + goto fail;
> + }
> + } else {
> + cur_nr_sectors = n;
> + if (bs->backing_hd) {
> + n1 = add_cow_backing_read(bs->backing_hd, &hd_qiov,
> + sector_num, cur_nr_sectors);
> + if (n1 > 0) {
> + qemu_iovec_reset(&hd_qiov);
> + qemu_iovec_copy(&hd_qiov, qiov, bytes_done,
> + cur_nr_sectors * BDRV_SECTOR_SIZE);
> + ret = bdrv_co_readv(bs->backing_hd, sector_num,
> + n, &hd_qiov);
> + if (ret < 0) {
> + goto fail;
> + }
> + }
> + } else {
> + qemu_iovec_reset(&hd_qiov);
We need to zero bytes, otherwise qiov will contain uninitialized bytes
instead of zeroes read when there is no backing file.
> + }
> + }
> + remaining_sectors -= cur_nr_sectors;
> + sector_num += cur_nr_sectors;
> + bytes_done += cur_nr_sectors * BDRV_SECTOR_SIZE;
> + }
> +fail:
> + qemu_co_mutex_unlock(&s->lock);
> + qemu_iovec_destroy(&hd_qiov);
> + return ret;
> +}
> +
> +static coroutine_fn int add_cow_co_writev(BlockDriverState *bs, int64_t
> sector_num,
> + int remaining_sectors, QEMUIOVector *qiov)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + int ret = 0;
> + QEMUIOVector hd_qiov;
> + qemu_iovec_init(&hd_qiov, qiov->niov);
> + qemu_co_mutex_lock(&s->lock);
> + qemu_iovec_reset(&hd_qiov);
> + qemu_iovec_copy(&hd_qiov, qiov, 0, remaining_sectors * BDRV_SECTOR_SIZE);
Why use hd_qiov? It should be possible to use qiov directly, I think.
> + ret = bdrv_co_writev(s->image_hd,
> + sector_num,
> + remaining_sectors, &hd_qiov);
> + if (ret < 0) {
> + goto fail;
> + }
> +
> + ret = add_cow_update_bitmap(bs, sector_num, remaining_sectors);
> + if (ret < 0) {
> + goto fail;
> + }
> +fail:
> + qemu_co_mutex_unlock(&s->lock);
> + qemu_iovec_destroy(&hd_qiov);
> + return ret;
> +}
> +
> +static int bdrv_add_cow_truncate(BlockDriverState *bs, int64_t offset)
> +{
> + int ret = 0;
> + int64_t image_sectors = offset / BDRV_SECTOR_SIZE;
> + BDRVAddCowState *s = bs->opaque;
> + int64_t old_image_sector = s->image_hd->total_sectors;
> +
> + ret = bdrv_truncate(bs->file, sizeof(AddCowHeader) + ((image_sectors +
> 7) >> 3));
> + if (ret < 0) {
> + bdrv_truncate(s->image_hd, old_image_sector * BDRV_SECTOR_SIZE);
> + return ret;
> + }
> + return ret;
> +}
I'm surprised that we truncate the image file...but only in the error case.
Also, do we need to resize the cow cache?
> +
> +static coroutine_fn int add_cow_co_flush(BlockDriverState *bs)
> +{
> + BDRVAddCowState *s = bs->opaque;
> + int ret = bdrv_co_flush(s->image_hd);
> + if (ret < 0) {
> + return ret;
> + }
> +
> + qemu_co_mutex_lock(&s->lock);
> + ret = add_cow_cache_flush(bs, s->bitmap_cache);
I suggest moving qemu_co_mutex_unlock(&s->lock) here so you don't need
to duplicate it in the success and error cases.
> + if (ret < 0) {
> + qemu_co_mutex_unlock(&s->lock);
> + return ret;
> + }
> + qemu_co_mutex_unlock(&s->lock);
> + return bdrv_co_flush(bs->file);
> +}
> +
> +static QEMUOptionParameter add_cow_create_options[] = {
> + {
> + .name = BLOCK_OPT_SIZE,
> + .type = OPT_SIZE,
> + .help = "Virtual disk size"
> + },
> + {
> + .name = BLOCK_OPT_BACKING_FILE,
> + .type = OPT_STRING,
> + .help = "File name of a base image"
> + },
> + {
> + .name = BLOCK_OPT_IMAGE_FILE,
> + .type = OPT_STRING,
> + .help = "File name of a image file"
> + },
> + {
> + .name = BLOCK_OPT_BACKING_FMT,
> + .type = OPT_STRING,
> + .help = "Image format of the base image"
> + },
> + { NULL }
> +};
> +
> +static BlockDriver bdrv_add_cow = {
> + .format_name = "add-cow",
> + .instance_size = sizeof(BDRVAddCowState),
> + .bdrv_probe = add_cow_probe,
> + .bdrv_open = add_cow_open,
> + .bdrv_close = add_cow_close,
> + .bdrv_create = add_cow_create,
> + .bdrv_co_is_allocated = add_cow_is_allocated,
> +
> + .bdrv_co_readv = add_cow_co_readv,
> + .bdrv_co_writev = add_cow_co_writev,
> + .bdrv_truncate = bdrv_add_cow_truncate,
> +
> + .create_options = add_cow_create_options,
> + .bdrv_co_flush_to_disk = add_cow_co_flush,
> +};
> +
> +static void bdrv_add_cow_init(void)
> +{
> + bdrv_register(&bdrv_add_cow);
> +}
> +
> +block_init(bdrv_add_cow_init);
> diff --git a/block_int.h b/block_int.h
> index b460c36..8126f27 100644
> --- a/block_int.h
> +++ b/block_int.h
> @@ -50,6 +50,7 @@
> #define BLOCK_OPT_TABLE_SIZE "table_size"
> #define BLOCK_OPT_PREALLOC "preallocation"
> #define BLOCK_OPT_SUBFMT "subformat"
> +#define BLOCK_OPT_IMAGE_FILE "image_file"
>
> typedef struct BdrvTrackedRequest BdrvTrackedRequest;
>
> diff --git a/docs/specs/add-cow.txt b/docs/specs/add-cow.txt
> new file mode 100644
> index 0000000..db992a4
> --- /dev/null
> +++ b/docs/specs/add-cow.txt
> @@ -0,0 +1,68 @@
> +== General ==
> +
> +Raw file format does not support backing_file and copy on write feature.
> +The add-cow image format makes it possible to use backing files with raw
> +image by keeping a separate .add-cow metadata file. Once all sectors
> +have been written to in the raw image it is safe to discard the .add-cow
> +and backing files and instead use the raw image directly.
> +
> +When using add-cow, procedures may like this:
> +(ubuntu.img is a disk image which has been installed OS.)
> + 1) Create a raw image with the same size of ubuntu.img
> + qemu-img create -f raw test.raw 8G
> + 2) Create a add-cow image which will store dirty bitmap
> + qemu-img create -f add-cow test.add-cow -o
> backing_file=ubuntu.img,image_file=test.raw
> + 3) Run qemu with add-cow image
> + qemu -drive if=virtio,file=test.add-cow
> +
> +=Specification=
> +
> +The file format looks like this:
> +
> + +---------------+--------------------------+
> + | Header | Data |
> + +---------------+--------------------------+
> +
> +All numbers in add-cow are stored in Big Endian byte order.
> +
> +== Header ==
> +
> +The Header is included in the first bytes:
> +
> + Byte 0 - 7: magic
> + add-cow magic string ("ADD_COW\xff")
> +
> + 8 - 11: version
> + Version number (only valid value is 1 now)
> +
> + 12 - 1035: backing_file
> + backing_file file name related to add-cow file. All
> + unused bytes are padded with zeros. Must not be
> longer
> + than 1023 bytes.
> +
> + 1036 - 2059: image_file
> + image_file is a raw file. All unused bytes are padded
> + with zeros. Must not be longer than 1023 bytes.
> +
> + 2060 - 2559: The Reserved field is used to make sure Data field
> starts
> + at the multiple of 512, not used currently. All
> bytes are
> + filled with 0.
> +
> +== Data ==
> +
> +The Data field starts at the 2560th byte, stores a bitmap related to
> backing_file
> +and image_file. The bitmap will track whether the sector in backing_file is
> dirty
> +or not.
Cluster size is not mentioned and not documented in the add-cow header
structure.
I didn't look closely at how the cache and clusters are supposed to
work but I think they don't really work. What I would expect is:
1. The bitmap operates at ADD_COW_CLUSTER_SIZE granularity. This
means the bits in the add-cow file actually represent
ADD_COW_CLUSTER_SIZE sectors of data allocation, not just 1 sector.
2. Code that accesses the bitmap first divides by ADD_COW_CLUSTER_SIZE
to operate on an entire cluster. Right now the lookup code seems to
do it *during* the bitmap lookup instead of before.
Sorry, this isn't a good explanation but I've run out of time to
really understand how this works in your patch. I suggest looking
carefully at the is_allocated lookup and the cache to see if you're
really maintaining the bitmap at cluster granularity.
Stefan
