Series comparison

-[Qemu-devel] [PULL 0/7] Block patches
+[PULL 0/3] Block patches
-The following changes since commit 0ab4537f08e09b13788db67efd760592fb7db769:
+The following changes since commit 7208429223963c405c62fa2611398f1aa8033593:
-  Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2018-03-07-1' into staging (2018-03-08 12:56:39 +0000)
+  Merge tag 'mem-2022-10-28' of https://github.com/davidhildenbrand/qemu into staging (2022-10-30 18:31:59 -0400)
 are available in the Git repository at:
-  git://github.com/stefanha/qemu.git tags/block-pull-request
+  https://gitlab.com/stefanha/qemu.git tags/block-pull-request
-for you to fetch changes up to 4486e89c219c0d1b9bd8dfa0b1dd5b0d51ff2268:
+for you to fetch changes up to 6c32fc0df9cd901add75618c831fb26a9eb742cb:
-  vl: introduce vm_shutdown() (2018-03-08 17:38:51 +0000)
+  block/blkio: Make driver nvme-io_uring take a "path" instead of a "filename" (2022-10-31 14:35:14 -0400)
 ----------------------------------------------------------------
 Pull request
 Note that we're still discussing "block/blkio: Make driver nvme-io_uring take a
 "path" instead of a "filename"". I have sent the pull request now so everything
 is ready for the soft freeze tomorrow if we decide to go ahead with the patch.
 ----------------------------------------------------------------
-----------------------------------------------------------------
+Alberto Faria (3):
   block/blkio: Add virtio-blk-vfio-pci BlockDriver
   block/blkio: Tolerate device size changes
   block/blkio: Make driver nvme-io_uring take a "path" instead of a
     "filename"
-Deepa Srinivasan (1):
+ qapi/block-core.json | 22 +++++++++++++++++++--
-  block: Fix qemu crash when using scsi-block
+ block/blkio.c        | 47 ++++++++++++++++++++++++++++++++++++++++----
+files changed, 63 insertions(+), 6 deletions(-)
 Fam Zheng (1):
   README: Fix typo 'git-publish'
 Sergio Lopez (1):
   virtio-blk: dataplane: Don't batch notifications if EVENT_IDX is
     present
 Stefan Hajnoczi (4):
   block: add aio_wait_bh_oneshot()
   virtio-blk: fix race between .ioeventfd_stop() and vq handler
   virtio-scsi: fix race between .ioeventfd_stop() and vq handler
   vl: introduce vm_shutdown()
  include/block/aio-wait.h        | 13 +++++++++++
  include/sysemu/iothread.h       |  1 -
  include/sysemu/sysemu.h         |  1 +
  block/block-backend.c           | 51 ++++++++++++++++++++---------------------
  cpus.c                          | 16 ++++++++++---
  hw/block/dataplane/virtio-blk.c | 39 +++++++++++++++++++++++--------
  hw/scsi/virtio-scsi-dataplane.c |  9 ++++----
  iothread.c                      | 31 -------------------------
  util/aio-wait.c                 | 31 +++++++++++++++++++++++++
  vl.c                            | 13 +++--------
  README                          |  2 +-
 files changed, 122 insertions(+), 85 deletions(-)
 --
-.14.3
+.38.1

-[Qemu-devel] [PULL 1/7] block: Fix qemu crash when using scsi-block
+Deleted patch
-From: Deepa Srinivasan <deepa.srinivasan@oracle.com>
-Starting qemu with the following arguments causes qemu to segfault:
-... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
-iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1
-This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
-blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
-details about the bug follow.
-blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
-coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().
-When blk_aio_ioctl() is executed from within a coroutine context (e.g.
-iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
-the current coroutine's wakeup queue. blk_aio_ioctl() then returns.
-When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
-....
-    BlkRwCo *rwco = &acb->rwco;
-    rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
-                             rwco->qiov->iov[0].iov_base);  <--- qiov is
-                                                                 invalid here
-...
-In the case when blk_aio_ioctl() is called from a non-coroutine context,
-blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
-qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
-execution is complete, control returns to blk_aio_ioctl_entry() after the call
-to blk_co_ioctl(). There is no invalid reference after this point, but the
-function is still holding on to invalid pointers.
-The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
-rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
-coroutine function casts it to QEMUIOVector or uses the void pointer directly.
-Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
-Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
-Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
----
- block/block-backend.c | 51 +++++++++++++++++++++++++--------------------------
-file changed, 25 insertions(+), 26 deletions(-)
-diff --git a/block/block-backend.c b/block/block-backend.c
-index XXXXXXX..XXXXXXX 100644
---- a/block/block-backend.c
-+++ b/block/block-backend.c
-@@ -XXX,XX +XXX,XX @@ int coroutine_fn blk_co_pwritev(BlockBackend *blk, int64_t offset,
- typedef struct BlkRwCo {
-     BlockBackend *blk;
-     int64_t offset;
--    QEMUIOVector *qiov;
-+    void *iobuf;
-     int ret;
-     BdrvRequestFlags flags;
- } BlkRwCo;
-@@ -XXX,XX +XXX,XX @@ typedef struct BlkRwCo {
- static void blk_read_entry(void *opaque)
- {
-     BlkRwCo *rwco = opaque;
-+    QEMUIOVector *qiov = rwco->iobuf;
--    rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, rwco->qiov->size,
--                              rwco->qiov, rwco->flags);
-+    rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, qiov->size,
-+                              qiov, rwco->flags);
- }
- static void blk_write_entry(void *opaque)
- {
-     BlkRwCo *rwco = opaque;
-+    QEMUIOVector *qiov = rwco->iobuf;
--    rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, rwco->qiov->size,
--                               rwco->qiov, rwco->flags);
-+    rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, qiov->size,
-+                               qiov, rwco->flags);
- }
- static int blk_prw(BlockBackend *blk, int64_t offset, uint8_t *buf,
-@@ -XXX,XX +XXX,XX @@ static int blk_prw(BlockBackend *blk, int64_t offset, uint8_t *buf,
-     rwco = (BlkRwCo) {
-         .blk    = blk,
-         .offset = offset,
--        .qiov   = &qiov,
-+        .iobuf  = &qiov,
-         .flags  = flags,
-         .ret    = NOT_DONE,
-     };
-@@ -XXX,XX +XXX,XX @@ static void blk_aio_complete_bh(void *opaque)
- }
- static BlockAIOCB *blk_aio_prwv(BlockBackend *blk, int64_t offset, int bytes,
--                                QEMUIOVector *qiov, CoroutineEntry co_entry,
-+                                void *iobuf, CoroutineEntry co_entry,
-                                 BdrvRequestFlags flags,
-                                 BlockCompletionFunc *cb, void *opaque)
- {
-@@ -XXX,XX +XXX,XX @@ static BlockAIOCB *blk_aio_prwv(BlockBackend *blk, int64_t offset, int bytes,
-     acb->rwco = (BlkRwCo) {
-         .blk    = blk,
-         .offset = offset,
--        .qiov   = qiov,
-+        .iobuf  = iobuf,
-         .flags  = flags,
-         .ret    = NOT_DONE,
-     };
-@@ -XXX,XX +XXX,XX @@ static void blk_aio_read_entry(void *opaque)
- {
-     BlkAioEmAIOCB *acb = opaque;
-     BlkRwCo *rwco = &acb->rwco;
-+    QEMUIOVector *qiov = rwco->iobuf;
--    assert(rwco->qiov->size == acb->bytes);
-+    assert(qiov->size == acb->bytes);
-     rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, acb->bytes,
--                              rwco->qiov, rwco->flags);
-+                              qiov, rwco->flags);
-     blk_aio_complete(acb);
- }
-@@ -XXX,XX +XXX,XX @@ static void blk_aio_write_entry(void *opaque)
- {
-     BlkAioEmAIOCB *acb = opaque;
-     BlkRwCo *rwco = &acb->rwco;
-+    QEMUIOVector *qiov = rwco->iobuf;
--    assert(!rwco->qiov || rwco->qiov->size == acb->bytes);
-+    assert(!qiov || qiov->size == acb->bytes);
-     rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, acb->bytes,
--                               rwco->qiov, rwco->flags);
-+                               qiov, rwco->flags);
-     blk_aio_complete(acb);
- }
-@@ -XXX,XX +XXX,XX @@ int blk_co_ioctl(BlockBackend *blk, unsigned long int req, void *buf)
- static void blk_ioctl_entry(void *opaque)
- {
-     BlkRwCo *rwco = opaque;
-+    QEMUIOVector *qiov = rwco->iobuf;
-+
-     rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
--                             rwco->qiov->iov[0].iov_base);
-+                             qiov->iov[0].iov_base);
- }
- int blk_ioctl(BlockBackend *blk, unsigned long int req, void *buf)
-@@ -XXX,XX +XXX,XX @@ static void blk_aio_ioctl_entry(void *opaque)
-     BlkAioEmAIOCB *acb = opaque;
-     BlkRwCo *rwco = &acb->rwco;
--    rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
--                             rwco->qiov->iov[0].iov_base);
-+    rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset, rwco->iobuf);
-+
-     blk_aio_complete(acb);
- }
- BlockAIOCB *blk_aio_ioctl(BlockBackend *blk, unsigned long int req, void *buf,
-                           BlockCompletionFunc *cb, void *opaque)
- {
--    QEMUIOVector qiov;
--    struct iovec iov;
--
--    iov = (struct iovec) {
--        .iov_base = buf,
--        .iov_len = 0,
--    };
--    qemu_iovec_init_external(&qiov, &iov, 1);
--
--    return blk_aio_prwv(blk, req, 0, &qiov, blk_aio_ioctl_entry, 0, cb, opaque);
-+    return blk_aio_prwv(blk, req, 0, buf, blk_aio_ioctl_entry, 0, cb, opaque);
- }
- int blk_co_pdiscard(BlockBackend *blk, int64_t offset, int bytes)
-@@ -XXX,XX +XXX,XX @@ int blk_truncate(BlockBackend *blk, int64_t offset, PreallocMode prealloc,
- static void blk_pdiscard_entry(void *opaque)
- {
-     BlkRwCo *rwco = opaque;
--    rwco->ret = blk_co_pdiscard(rwco->blk, rwco->offset, rwco->qiov->size);
-+    QEMUIOVector *qiov = rwco->iobuf;
-+
-+    rwco->ret = blk_co_pdiscard(rwco->blk, rwco->offset, qiov->size);
- }
- int blk_pdiscard(BlockBackend *blk, int64_t offset, int bytes)
---
-.14.3

-[Qemu-devel] [PULL 2/7] README: Fix typo 'git-publish'
+Deleted patch
-From: Fam Zheng <famz@redhat.com>
-Reported-by: Alberto Garcia <berto@igalia.com>
-Signed-off-by: Fam Zheng <famz@redhat.com>
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
-Message-id: 20180306024328.19195-1-famz@redhat.com
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
----
- README | 2 +-
-file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/README b/README
-index XXXXXXX..XXXXXXX 100644
---- a/README
-+++ b/README
-@@ -XXX,XX +XXX,XX @@ The QEMU website is also maintained under source control.
-   git clone git://git.qemu.org/qemu-web.git
-   https://www.qemu.org/2017/02/04/the-new-qemu-website-is-up/
--A 'git-profile' utility was created to make above process less
-+A 'git-publish' utility was created to make above process less
- cumbersome, and is highly recommended for making regular contributions,
- or even just for sending consecutive patch series revisions. It also
- requires a working 'git send-email' setup, and by default doesn't
---
-.14.3

-[Qemu-devel] [PULL 7/7] vl: introduce vm_shutdown()
+[PULL 1/3] block/blkio: Add virtio-blk-vfio-pci BlockDriver
-Commit 00d09fdbbae5f7864ce754913efc84c12fdf9f1a ("vl: pause vcpus before
+From: Alberto Faria <afaria@redhat.com>
 stopping iothreads") and commit dce8921b2baaf95974af8176406881872067adfa
 ("iothread: Stop threads before main() quits") tried to work around the
 fact that emulation was still active during termination by stopping
 iothreads.  They suffer from race conditions:
 . virtio_scsi_handle_cmd_vq() racing with iothread_stop_all() hits the
    virtio_scsi_ctx_check() assertion failure because the BDS AioContext
    has been modified by iothread_stop_all().
 . Guest vq kick racing with main loop termination leaves a readable
    ioeventfd that is handled by the next aio_poll() when external
    clients are enabled again, resulting in unwanted emulation activity.
-This patch obsoletes those commits by fully disabling emulation activity
+libblkio 1.1.0 [1] introduces a virtio-blk-vfio-pci driver, which
-when vcpus are stopped.
+accesses a virtio-blk PCI device using VFIO. Add a corresponding
 BlockDriver.
-Use the new vm_shutdown() function instead of pause_all_vcpus() so that
+[1] https://gitlab.com/libblkio/libblkio/-/tree/v1.1.0
 vm change state handlers are invoked too.  Virtio devices will now stop
 their ioeventfds, preventing further emulation activity after vm_stop().
-Note that vm_stop(RUN_STATE_SHUTDOWN) cannot be used because it emits a
+Signed-off-by: Alberto Faria <afaria@redhat.com>
-QMP STOP event that may affect existing clients.
+Message-id: 20221028131635.710267-1-afaria@redhat.com
 It is no longer necessary to call replay_disable_events() directly since
 vm_shutdown() does so already.
 Drop iothread_stop_all() since it is no longer used.
 Cc: Fam Zheng <famz@redhat.com>
 Cc: Kevin Wolf <kwolf@redhat.com>
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 Reviewed-by: Fam Zheng <famz@redhat.com>
 Acked-by: Paolo Bonzini <pbonzini@redhat.com>
 Message-id: 20180307144205.20619-5-stefanha@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- include/sysemu/iothread.h |  1 -
+ qapi/block-core.json | 18 ++++++++++++++++++
- include/sysemu/sysemu.h   |  1 +
+ block/blkio.c        |  8 ++++++++
- cpus.c                    | 16 +++++++++++++---
+files changed, 26 insertions(+)
  iothread.c                | 31 -------------------------------
  vl.c                      | 13 +++----------
 files changed, 17 insertions(+), 45 deletions(-)
-diff --git a/include/sysemu/iothread.h b/include/sysemu/iothread.h
+diff --git a/qapi/block-core.json b/qapi/block-core.json
 index XXXXXXX..XXXXXXX 100644
---- a/include/sysemu/iothread.h
+--- a/qapi/block-core.json
-+++ b/include/sysemu/iothread.h
++++ b/qapi/block-core.json
-@@ -XXX,XX +XXX,XX @@ typedef struct {
+@@ -XXX,XX +XXX,XX @@
- char *iothread_get_id(IOThread *iothread);
+             'raw', 'rbd',
- IOThread *iothread_by_id(const char *id);
+             { 'name': 'replication', 'if': 'CONFIG_REPLICATION' },
- AioContext *iothread_get_aio_context(IOThread *iothread);
+             'ssh', 'throttle', 'vdi', 'vhdx',
--void iothread_stop_all(void);
++            { 'name': 'virtio-blk-vfio-pci', 'if': 'CONFIG_BLKIO' },
- GMainContext *iothread_get_g_main_context(IOThread *iothread);
+             { 'name': 'virtio-blk-vhost-user', 'if': 'CONFIG_BLKIO' },
+             { 'name': 'virtio-blk-vhost-vdpa', 'if': 'CONFIG_BLKIO' },
- /*
+             'vmdk', 'vpc', 'vvfat' ] }
-diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
+@@ -XXX,XX +XXX,XX @@
    'data': { 'filename': 'str' },
    'if': 'CONFIG_BLKIO' }
 +##
 +# @BlockdevOptionsVirtioBlkVfioPci:
 +#
 +# Driver specific block device options for the virtio-blk-vfio-pci backend.
 +#
 +# @path: path to the PCI device's sysfs directory (e.g.
 +#        /sys/bus/pci/devices/0000:00:01.0).
 +#
 +# Since: 7.2
 +##
 +{ 'struct': 'BlockdevOptionsVirtioBlkVfioPci',
 +  'data': { 'path': 'str' },
 +  'if': 'CONFIG_BLKIO' }
 +
  ##
  # @BlockdevOptionsVirtioBlkVhostUser:
  #
@@ -XXX,XX +XXX,XX @@
        'throttle':   'BlockdevOptionsThrottle',
        'vdi':        'BlockdevOptionsGenericFormat',
        'vhdx':       'BlockdevOptionsGenericFormat',
 +      'virtio-blk-vfio-pci':
 +                    { 'type': 'BlockdevOptionsVirtioBlkVfioPci',
 +                      'if': 'CONFIG_BLKIO' },
        'virtio-blk-vhost-user':
                      { 'type': 'BlockdevOptionsVirtioBlkVhostUser',
                        'if': 'CONFIG_BLKIO' },
 diff --git a/block/blkio.c b/block/blkio.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/sysemu/sysemu.h
+--- a/block/blkio.c
-+++ b/include/sysemu/sysemu.h
++++ b/block/blkio.c
-@@ -XXX,XX +XXX,XX @@ void vm_start(void);
+@@ -XXX,XX +XXX,XX @@
- int vm_prepare_start(void);
+  */
- int vm_stop(RunState state);
+ #define DRIVER_IO_URING "io_uring"
- int vm_stop_force_state(RunState state);
+ #define DRIVER_NVME_IO_URING "nvme-io_uring"
-+int vm_shutdown(void);
++#define DRIVER_VIRTIO_BLK_VFIO_PCI "virtio-blk-vfio-pci"
+ #define DRIVER_VIRTIO_BLK_VHOST_USER "virtio-blk-vhost-user"
- typedef enum WakeupReason {
+ #define DRIVER_VIRTIO_BLK_VHOST_VDPA "virtio-blk-vhost-vdpa"
-     /* Always keep QEMU_WAKEUP_REASON_NONE = 0 */
-diff --git a/cpus.c b/cpus.c
+@@ -XXX,XX +XXX,XX @@ static int blkio_file_open(BlockDriverState *bs, QDict *options, int flags,
-index XXXXXXX..XXXXXXX 100644
+         ret = blkio_io_uring_open(bs, options, flags, errp);
---- a/cpus.c
+     } else if (strcmp(blkio_driver, DRIVER_NVME_IO_URING) == 0) {
-+++ b/cpus.c
+         ret = blkio_nvme_io_uring(bs, options, flags, errp);
-@@ -XXX,XX +XXX,XX @@ void cpu_synchronize_all_pre_loadvm(void)
++    } else if (strcmp(blkio_driver, DRIVER_VIRTIO_BLK_VFIO_PCI) == 0) {
-     }
++        ret = blkio_virtio_blk_common_open(bs, options, flags, errp);
      } else if (strcmp(blkio_driver, DRIVER_VIRTIO_BLK_VHOST_USER) == 0) {
          ret = blkio_virtio_blk_common_open(bs, options, flags, errp);
      } else if (strcmp(blkio_driver, DRIVER_VIRTIO_BLK_VHOST_VDPA) == 0) {
@@ -XXX,XX +XXX,XX @@ static BlockDriver bdrv_nvme_io_uring = BLKIO_DRIVER(
      .bdrv_needs_filename = true,
  );
 +static BlockDriver bdrv_virtio_blk_vfio_pci = BLKIO_DRIVER(
 +    DRIVER_VIRTIO_BLK_VFIO_PCI
 +);
 +
  static BlockDriver bdrv_virtio_blk_vhost_user = BLKIO_DRIVER(
      DRIVER_VIRTIO_BLK_VHOST_USER
  );
@@ -XXX,XX +XXX,XX @@ static void bdrv_blkio_init(void)
  {
      bdrv_register(&bdrv_io_uring);
      bdrv_register(&bdrv_nvme_io_uring);
 +    bdrv_register(&bdrv_virtio_blk_vfio_pci);
      bdrv_register(&bdrv_virtio_blk_vhost_user);
      bdrv_register(&bdrv_virtio_blk_vhost_vdpa);
  }
--static int do_vm_stop(RunState state)
-+static int do_vm_stop(RunState state, bool send_stop)
- {
-     int ret = 0;
-@@ -XXX,XX +XXX,XX @@ static int do_vm_stop(RunState state)
-         pause_all_vcpus();
-         runstate_set(state);
-         vm_state_notify(0, state);
--        qapi_event_send_stop(&error_abort);
-+        if (send_stop) {
-+            qapi_event_send_stop(&error_abort);
-+        }
-     }
-     bdrv_drain_all();
-@@ -XXX,XX +XXX,XX @@ static int do_vm_stop(RunState state)
-     return ret;
- }
-+/* Special vm_stop() variant for terminating the process.  Historically clients
-+ * did not expect a QMP STOP event and so we need to retain compatibility.
-+ */
-+int vm_shutdown(void)
-+{
-+    return do_vm_stop(RUN_STATE_SHUTDOWN, false);
-+}
-+
- static bool cpu_can_run(CPUState *cpu)
- {
-     if (cpu->stop) {
-@@ -XXX,XX +XXX,XX @@ int vm_stop(RunState state)
-         return 0;
-     }
--    return do_vm_stop(state);
-+    return do_vm_stop(state, true);
- }
- /**
-diff --git a/iothread.c b/iothread.c
-index XXXXXXX..XXXXXXX 100644
---- a/iothread.c
-+++ b/iothread.c
-@@ -XXX,XX +XXX,XX @@ void iothread_stop(IOThread *iothread)
-     qemu_thread_join(&iothread->thread);
- }
--static int iothread_stop_iter(Object *object, void *opaque)
--{
--    IOThread *iothread;
--
--    iothread = (IOThread *)object_dynamic_cast(object, TYPE_IOTHREAD);
--    if (!iothread) {
--        return 0;
--    }
--    iothread_stop(iothread);
--    return 0;
--}
--
- static void iothread_instance_init(Object *obj)
- {
-     IOThread *iothread = IOTHREAD(obj);
-@@ -XXX,XX +XXX,XX @@ IOThreadInfoList *qmp_query_iothreads(Error **errp)
-     return head;
- }
--void iothread_stop_all(void)
--{
--    Object *container = object_get_objects_root();
--    BlockDriverState *bs;
--    BdrvNextIterator it;
--
--    for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
--        AioContext *ctx = bdrv_get_aio_context(bs);
--        if (ctx == qemu_get_aio_context()) {
--            continue;
--        }
--        aio_context_acquire(ctx);
--        bdrv_set_aio_context(bs, qemu_get_aio_context());
--        aio_context_release(ctx);
--    }
--
--    object_child_foreach(container, iothread_stop_iter, NULL);
--}
--
- static gpointer iothread_g_main_context_init(gpointer opaque)
- {
-     AioContext *ctx;
-diff --git a/vl.c b/vl.c
-index XXXXXXX..XXXXXXX 100644
---- a/vl.c
-+++ b/vl.c
-@@ -XXX,XX +XXX,XX @@ int main(int argc, char **argv, char **envp)
-     os_setup_post();
-     main_loop();
--    replay_disable_events();
--    /* The ordering of the following is delicate.  Stop vcpus to prevent new
--     * I/O requests being queued by the guest.  Then stop IOThreads (this
--     * includes a drain operation and completes all request processing).  At
--     * this point emulated devices are still associated with their IOThreads
--     * (if any) but no longer have any work to do.  Only then can we close
--     * block devices safely because we know there is no more I/O coming.
--     */
--    pause_all_vcpus();
--    iothread_stop_all();
-+    /* No more vcpu or device emulation activity beyond this point */
-+    vm_shutdown();
-+
-     bdrv_close_all();
-     res_free();
 --
-.14.3
+.38.1

-[Qemu-devel] [PULL 5/7] virtio-blk: fix race between .ioeventfd_stop() and vq handler
+[PULL 2/3] block/blkio: Tolerate device size changes
-If the main loop thread invokes .ioeventfd_stop() just as the vq handler
+From: Alberto Faria <afaria@redhat.com>
 function begins in the IOThread then the handler may lose the race for
 the AioContext lock.  By the time the vq handler is able to acquire the
 AioContext lock the ioeventfd has already been removed and the handler
 isn't supposed to run anymore!
-Use the new aio_wait_bh_oneshot() function to perform ioeventfd removal
+Some libblkio drivers may be able to work with regular files (e.g.,
-from within the IOThread.  This way no races with the vq handler are
+io_uring) or otherwise resizable devices. Conservatively set
-possible.
+BlockDriver::has_variable_length to true to ensure bdrv_nb_sectors()
 always gives up-to-date results.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+Also implement BlockDriver::bdrv_co_truncate for the case where no
-Reviewed-by: Fam Zheng <famz@redhat.com>
+preallocation is needed and the device already has a size compatible
-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
+with what was requested.
-Message-id: 20180307144205.20619-3-stefanha@redhat.com
 Signed-off-by: Alberto Faria <afaria@redhat.com>
 Message-id: 20221029122031.975273-1-afaria@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- hw/block/dataplane/virtio-blk.c | 24 +++++++++++++++++-------
+ block/blkio.c | 27 +++++++++++++++++++++++++++
-file changed, 17 insertions(+), 7 deletions(-)
+file changed, 27 insertions(+)
-diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
+diff --git a/block/blkio.c b/block/blkio.c
 index XXXXXXX..XXXXXXX 100644
---- a/hw/block/dataplane/virtio-blk.c
+--- a/block/blkio.c
-+++ b/hw/block/dataplane/virtio-blk.c
++++ b/block/blkio.c
-@@ -XXX,XX +XXX,XX @@ int virtio_blk_data_plane_start(VirtIODevice *vdev)
+@@ -XXX,XX +XXX,XX @@ static int64_t blkio_getlength(BlockDriverState *bs)
-     return -ENOSYS;
+     return capacity;
  }
-+/* Stop notifications for new requests from guest.
++static int coroutine_fn blkio_truncate(BlockDriverState *bs, int64_t offset,
-+ *
++                                       bool exact, PreallocMode prealloc,
-+ * Context: BH in IOThread
++                                       BdrvRequestFlags flags, Error **errp)
 + */
 +static void virtio_blk_data_plane_stop_bh(void *opaque)
 +{
-+    VirtIOBlockDataPlane *s = opaque;
++    int64_t current_length;
 +    unsigned i;
 +
-+    for (i = 0; i < s->conf->num_queues; i++) {
++    if (prealloc != PREALLOC_MODE_OFF) {
-+        VirtQueue *vq = virtio_get_queue(s->vdev, i);
++        error_setg(errp, "Unsupported preallocation mode '%s'",
 +                   PreallocMode_str(prealloc));
 +        return -ENOTSUP;
 +    }
 +
-+        virtio_queue_aio_set_host_notifier_handler(vq, s->ctx, NULL);
++    current_length = blkio_getlength(bs);
 +
 +    if (offset > current_length) {
 +        error_setg(errp, "Cannot grow device");
 +        return -EINVAL;
 +    } else if (exact && offset != current_length) {
 +        error_setg(errp, "Cannot resize device");
 +        return -ENOTSUP;
 +    }
++
++    return 0;
 +}
 +
- /* Context: QEMU global mutex held */
+ static int blkio_get_info(BlockDriverState *bs, BlockDriverInfo *bdi)
  void virtio_blk_data_plane_stop(VirtIODevice *vdev)
  {
-@@ -XXX,XX +XXX,XX @@ void virtio_blk_data_plane_stop(VirtIODevice *vdev)
+     return 0;
-     trace_virtio_blk_data_plane_stop(s);
+@@ -XXX,XX +XXX,XX @@ static void blkio_refresh_limits(BlockDriverState *bs, Error **errp)
+     { \
-     aio_context_acquire(s->ctx);
+         .format_name             = name, \
--
+         .protocol_name           = name, \
--    /* Stop notifications for new requests from guest */
++        .has_variable_length     = true, \
--    for (i = 0; i < nvqs; i++) {
+         .instance_size           = sizeof(BDRVBlkioState), \
--        VirtQueue *vq = virtio_get_queue(s->vdev, i);
+         .bdrv_file_open          = blkio_file_open, \
--
+         .bdrv_close              = blkio_close, \
--        virtio_queue_aio_set_host_notifier_handler(vq, s->ctx, NULL);
+         .bdrv_getlength          = blkio_getlength, \
--    }
++        .bdrv_co_truncate        = blkio_truncate, \
-+    aio_wait_bh_oneshot(s->ctx, virtio_blk_data_plane_stop_bh, s);
+         .bdrv_get_info           = blkio_get_info, \
+         .bdrv_attach_aio_context = blkio_attach_aio_context, \
-     /* Drain and switch bs back to the QEMU main loop */
+         .bdrv_detach_aio_context = blkio_detach_aio_context, \
      blk_set_aio_context(s->conf->conf.blk, qemu_get_aio_context());
 --
-.14.3
+.38.1

-[Qemu-devel] [PULL 3/7] virtio-blk: dataplane: Don't batch notifications if EVENT_IDX is present
+[PULL 3/3] block/blkio: Make driver nvme-io_uring take a "path" instead of a "filename"
-From: Sergio Lopez <slp@redhat.com>
+From: Alberto Faria <afaria@redhat.com>
-Commit 5b2ffbe4d99843fd8305c573a100047a8c962327 ("virtio-blk: dataplane:
+The nvme-io_uring driver expects a character special file such as
-notify guest as a batch") deferred guest notification to a BH in order
+/dev/ng0n1. Follow the convention of having a "filename" option when a
-batch notifications, with purpose of avoiding flooding the guest with
+regular file is expected, and a "path" option otherwise.
 interruptions.
-This optimization came with a cost. The average latency perceived in the
+This makes io_uring the only libblkio-based driver with a "filename"
-guest is increased by a few microseconds, but also when multiple IO
+option, as it accepts a regular file (even though it can also take a
-operations finish at the same time, the guest won't be notified until
+block special file).
 all completions from each operation has been run. On the contrary,
 virtio-scsi issues the notification at the end of each completion.
-On the other hand, nowadays we have the EVENT_IDX feature that allows a
+Signed-off-by: Alberto Faria <afaria@redhat.com>
-better coordination between QEMU and the Guest OS to avoid sending
+Message-id: 20221028233854.839933-1-afaria@redhat.com
 unnecessary interruptions.
 With this change, virtio-blk/dataplane only batches notifications if the
 EVENT_IDX feature is not present.
 Some numbers obtained with fio (ioengine=sync, iodepth=1, direct=1):
  - Test specs:
    * fio-3.4 (ioengine=sync, iodepth=1, direct=1)
    * qemu master
    * virtio-blk with a dedicated iothread (default poll-max-ns)
    * backend: null_blk nr_devices=1 irqmode=2 completion_nsec=280000
    * 8 vCPUs pinned to isolated physical cores
    * Emulator and iothread also pinned to separate isolated cores
    * variance between runs < 1%
  - Not patched
    * numjobs=1:  lat_avg=327.32  irqs=29998
    * numjobs=4:  lat_avg=337.89  irqs=29073
    * numjobs=8:  lat_avg=342.98  irqs=28643
  - Patched:
    * numjobs=1:  lat_avg=323.92  irqs=30262
    * numjobs=4:  lat_avg=332.65  irqs=29520
    * numjobs=8:  lat_avg=335.54  irqs=29323
 Signed-off-by: Sergio Lopez <slp@redhat.com>
 Message-id: 20180307114459.26636-1-slp@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- hw/block/dataplane/virtio-blk.c | 15 +++++++++++++--
+ qapi/block-core.json |  4 ++--
-file changed, 13 insertions(+), 2 deletions(-)
+ block/blkio.c        | 12 ++++++++----
 files changed, 10 insertions(+), 6 deletions(-)
-diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
+diff --git a/qapi/block-core.json b/qapi/block-core.json
 index XXXXXXX..XXXXXXX 100644
---- a/hw/block/dataplane/virtio-blk.c
+--- a/qapi/block-core.json
-+++ b/hw/block/dataplane/virtio-blk.c
++++ b/qapi/block-core.json
-@@ -XXX,XX +XXX,XX @@ struct VirtIOBlockDataPlane {
+@@ -XXX,XX +XXX,XX @@
-     VirtIODevice *vdev;
+ #
-     QEMUBH *bh;                     /* bh for guest notification */
+ # Driver specific block device options for the nvme-io_uring backend.
-     unsigned long *batch_notify_vqs;
+ #
-+    bool batch_notifications;
+-# @filename: path to the image file
++# @path: path to the image file
-     /* Note that these EventNotifiers are assigned by value.  This is
+ #
-      * fine as long as you do not call event_notifier_cleanup on them
+ # Since: 7.2
-@@ -XXX,XX +XXX,XX @@ struct VirtIOBlockDataPlane {
+ ##
- /* Raise an interrupt to signal guest, if necessary */
+ { 'struct': 'BlockdevOptionsNvmeIoUring',
- void virtio_blk_data_plane_notify(VirtIOBlockDataPlane *s, VirtQueue *vq)
+-  'data': { 'filename': 'str' },
 +  'data': { 'path': 'str' },
    'if': 'CONFIG_BLKIO' }
  ##
 diff --git a/block/blkio.c b/block/blkio.c
 index XXXXXXX..XXXXXXX 100644
 --- a/block/blkio.c
 +++ b/block/blkio.c
@@ -XXX,XX +XXX,XX @@ static int blkio_io_uring_open(BlockDriverState *bs, QDict *options, int flags,
  static int blkio_nvme_io_uring(BlockDriverState *bs, QDict *options, int flags,
                                 Error **errp)
  {
--    set_bit(virtio_get_queue_index(vq), s->batch_notify_vqs);
+-    const char *filename = qdict_get_str(options, "filename");
--    qemu_bh_schedule(s->bh);
++    const char *path = qdict_get_try_str(options, "path");
-+    if (s->batch_notifications) {
+     BDRVBlkioState *s = bs->opaque;
-+        set_bit(virtio_get_queue_index(vq), s->batch_notify_vqs);
+     int ret;
-+        qemu_bh_schedule(s->bh);
-+    } else {
+-    ret = blkio_set_str(s->blkio, "path", filename);
-+        virtio_notify_irqfd(s->vdev, vq);
+-    qdict_del(options, "filename");
-+    }
++    if (!path) {
- }
++        error_setg(errp, "missing 'path' option");
++        return -EINVAL;
  static void notify_guest_bh(void *opaque)
@@ -XXX,XX +XXX,XX @@ int virtio_blk_data_plane_start(VirtIODevice *vdev)
      s->starting = true;
 +    if (!virtio_vdev_has_feature(vdev, VIRTIO_RING_F_EVENT_IDX)) {
 +        s->batch_notifications = true;
 +    } else {
 +        s->batch_notifications = false;
 +    }
 +
-     /* Set up guest notifier (irq) */
++    ret = blkio_set_str(s->blkio, "path", path);
-     r = k->set_guest_notifiers(qbus->parent, nvqs, true);
++    qdict_del(options, "path");
-     if (r != 0) {
+     if (ret < 0) {
          error_setg_errno(errp, -ret, "failed to set path: %s",
                           blkio_get_error_msg());
@@ -XXX,XX +XXX,XX @@ static BlockDriver bdrv_io_uring = BLKIO_DRIVER(
  static BlockDriver bdrv_nvme_io_uring = BLKIO_DRIVER(
      DRIVER_NVME_IO_URING,
 -    .bdrv_needs_filename = true,
  );
  static BlockDriver bdrv_virtio_blk_vfio_pci = BLKIO_DRIVER(
 --
-.14.3
+.38.1

-[Qemu-devel] [PULL 4/7] block: add aio_wait_bh_oneshot()
+Deleted patch
-Sometimes it's necessary for the main loop thread to run a BH in an
-IOThread and wait for its completion.  This primitive is useful during
-startup/shutdown to synchronize and avoid race conditions.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-Reviewed-by: Fam Zheng <famz@redhat.com>
-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
-Message-id: 20180307144205.20619-2-stefanha@redhat.com
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
----
- include/block/aio-wait.h | 13 +++++++++++++
- util/aio-wait.c          | 31 +++++++++++++++++++++++++++++++
-files changed, 44 insertions(+)
-diff --git a/include/block/aio-wait.h b/include/block/aio-wait.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/block/aio-wait.h
-+++ b/include/block/aio-wait.h
-@@ -XXX,XX +XXX,XX @@ typedef struct {
-  */
- void aio_wait_kick(AioWait *wait);
-+/**
-+ * aio_wait_bh_oneshot:
-+ * @ctx: the aio context
-+ * @cb: the BH callback function
-+ * @opaque: user data for the BH callback function
-+ *
-+ * Run a BH in @ctx and wait for it to complete.
-+ *
-+ * Must be called from the main loop thread with @ctx acquired exactly once.
-+ * Note that main loop event processing may occur.
-+ */
-+void aio_wait_bh_oneshot(AioContext *ctx, QEMUBHFunc *cb, void *opaque);
-+
- #endif /* QEMU_AIO_WAIT */
-diff --git a/util/aio-wait.c b/util/aio-wait.c
-index XXXXXXX..XXXXXXX 100644
---- a/util/aio-wait.c
-+++ b/util/aio-wait.c
-@@ -XXX,XX +XXX,XX @@ void aio_wait_kick(AioWait *wait)
-         aio_bh_schedule_oneshot(qemu_get_aio_context(), dummy_bh_cb, NULL);
-     }
- }
-+
-+typedef struct {
-+    AioWait wait;
-+    bool done;
-+    QEMUBHFunc *cb;
-+    void *opaque;
-+} AioWaitBHData;
-+
-+/* Context: BH in IOThread */
-+static void aio_wait_bh(void *opaque)
-+{
-+    AioWaitBHData *data = opaque;
-+
-+    data->cb(data->opaque);
-+
-+    data->done = true;
-+    aio_wait_kick(&data->wait);
-+}
-+
-+void aio_wait_bh_oneshot(AioContext *ctx, QEMUBHFunc *cb, void *opaque)
-+{
-+    AioWaitBHData data = {
-+        .cb = cb,
-+        .opaque = opaque,
-+    };
-+
-+    assert(qemu_get_current_aio_context() == qemu_get_aio_context());
-+
-+    aio_bh_schedule_oneshot(ctx, aio_wait_bh, &data);
-+    AIO_WAIT_WHILE(&data.wait, ctx, !data.done);
-+}
---
-.14.3

-[Qemu-devel] [PULL 6/7] virtio-scsi: fix race between .ioeventfd_stop() and vq handler
+Deleted patch
-If the main loop thread invokes .ioeventfd_stop() just as the vq handler
-function begins in the IOThread then the handler may lose the race for
-the AioContext lock.  By the time the vq handler is able to acquire the
-AioContext lock the ioeventfd has already been removed and the handler
-isn't supposed to run anymore!
-Use the new aio_wait_bh_oneshot() function to perform ioeventfd removal
-from within the IOThread.  This way no races with the vq handler are
-possible.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-Reviewed-by: Fam Zheng <famz@redhat.com>
-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
-Message-id: 20180307144205.20619-4-stefanha@redhat.com
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
----
- hw/scsi/virtio-scsi-dataplane.c | 9 +++++----
-file changed, 5 insertions(+), 4 deletions(-)
-diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
-index XXXXXXX..XXXXXXX 100644
---- a/hw/scsi/virtio-scsi-dataplane.c
-+++ b/hw/scsi/virtio-scsi-dataplane.c
-@@ -XXX,XX +XXX,XX @@ static int virtio_scsi_vring_init(VirtIOSCSI *s, VirtQueue *vq, int n,
-     return 0;
- }
--/* assumes s->ctx held */
--static void virtio_scsi_clear_aio(VirtIOSCSI *s)
-+/* Context: BH in IOThread */
-+static void virtio_scsi_dataplane_stop_bh(void *opaque)
- {
-+    VirtIOSCSI *s = opaque;
-     VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
-     int i;
-@@ -XXX,XX +XXX,XX @@ int virtio_scsi_dataplane_start(VirtIODevice *vdev)
-     return 0;
- fail_vrings:
--    virtio_scsi_clear_aio(s);
-+    aio_wait_bh_oneshot(s->ctx, virtio_scsi_dataplane_stop_bh, s);
-     aio_context_release(s->ctx);
-     for (i = 0; i < vs->conf.num_queues + 2; i++) {
-         virtio_bus_set_host_notifier(VIRTIO_BUS(qbus), i, false);
-@@ -XXX,XX +XXX,XX @@ void virtio_scsi_dataplane_stop(VirtIODevice *vdev)
-     s->dataplane_stopping = true;
-     aio_context_acquire(s->ctx);
--    virtio_scsi_clear_aio(s);
-+    aio_wait_bh_oneshot(s->ctx, virtio_scsi_dataplane_stop_bh, s);
-     aio_context_release(s->ctx);
-     blk_drain_all(); /* ensure there are no in-flight requests */
---
-.14.3

The following changes since commit 0ab4537f08e09b13788db67efd760592fb7db769:

Merge remote-tracking branch 'remotes/stefanberger/tags/pull-tpm-2018-03-07-1' into staging (2018-03-08 12:56:39 +0000)

are available in the Git repository at:

git://github.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to 4486e89c219c0d1b9bd8dfa0b1dd5b0d51ff2268:

vl: introduce vm_shutdown() (2018-03-08 17:38:51 +0000)

----------------------------------------------------------------

Deepa Srinivasan (1):
  block: Fix qemu crash when using scsi-block

Fam Zheng (1):
  README: Fix typo 'git-publish'

Sergio Lopez (1):
  virtio-blk: dataplane: Don't batch notifications if EVENT_IDX is
    present

Stefan Hajnoczi (4):
  block: add aio_wait_bh_oneshot()
  virtio-blk: fix race between .ioeventfd_stop() and vq handler
  virtio-scsi: fix race between .ioeventfd_stop() and vq handler
  vl: introduce vm_shutdown()

-- 
2.14.3

From: Deepa Srinivasan <deepa.srinivasan@oracle.com>

Starting qemu with the following arguments causes qemu to segfault:
... -device lsi,id=lsi0 -drive file=iscsi:<...>,format=raw,if=none,node-name=
iscsi1 -device scsi-block,bus=lsi0.0,id=<...>,drive=iscsi1

This patch fixes blk_aio_ioctl() so it does not pass stack addresses to
blk_aio_ioctl_entry() which may be invoked after blk_aio_ioctl() returns. More
details about the bug follow.

blk_aio_ioctl() invokes blk_aio_prwv() with blk_aio_ioctl_entry as the
coroutine parameter. blk_aio_prwv() ultimately calls aio_co_enter().

When blk_aio_ioctl() is executed from within a coroutine context (e.g.
iscsi_bh_cb()), aio_co_enter() adds the coroutine (blk_aio_ioctl_entry) to
the current coroutine's wakeup queue. blk_aio_ioctl() then returns.

When blk_aio_ioctl_entry() executes later, it accesses an invalid pointer:
....
    BlkRwCo *rwco = &acb->rwco;

rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
                             rwco->qiov->iov[0].iov_base);  <--- qiov is
                                                                 invalid here
...

In the case when blk_aio_ioctl() is called from a non-coroutine context,
blk_aio_ioctl_entry() executes immediately. But if bdrv_co_ioctl() calls
qemu_coroutine_yield(), blk_aio_ioctl() will return. When the coroutine
execution is complete, control returns to blk_aio_ioctl_entry() after the call
to blk_co_ioctl(). There is no invalid reference after this point, but the
function is still holding on to invalid pointers.

The fix is to change blk_aio_prwv() to accept a void pointer for the IO buffer
rather than a QEMUIOVector. blk_aio_prwv() passes this through in BlkRwCo and the
coroutine function casts it to QEMUIOVector or uses the void pointer directly.

Signed-off-by: Deepa Srinivasan <deepa.srinivasan@oracle.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Mark Kanda <mark.kanda@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/block-backend.c | 51 +++++++++++++++++++++++++--------------------------
 1 file changed, 25 insertions(+), 26 deletions(-)

diff --git a/block/block-backend.c b/block/block-backend.c
index XXXXXXX..XXXXXXX 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -XXX,XX +XXX,XX @@ int coroutine_fn blk_co_pwritev(BlockBackend *blk, int64_t offset,
 typedef struct BlkRwCo {
     BlockBackend *blk;
     int64_t offset;
-    QEMUIOVector *qiov;
+    void *iobuf;
     int ret;
     BdrvRequestFlags flags;
 } BlkRwCo;
@@ -XXX,XX +XXX,XX @@ typedef struct BlkRwCo {
 static void blk_read_entry(void *opaque)
 {
     BlkRwCo *rwco = opaque;
+    QEMUIOVector *qiov = rwco->iobuf;
 
-    rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, rwco->qiov->size,
-                              rwco->qiov, rwco->flags);
+    rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, qiov->size,
+                              qiov, rwco->flags);
 }
 
 static void blk_write_entry(void *opaque)
 {
     BlkRwCo *rwco = opaque;
+    QEMUIOVector *qiov = rwco->iobuf;
 
-    rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, rwco->qiov->size,
-                               rwco->qiov, rwco->flags);
+    rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, qiov->size,
+                               qiov, rwco->flags);
 }
 
 static int blk_prw(BlockBackend *blk, int64_t offset, uint8_t *buf,
@@ -XXX,XX +XXX,XX @@ static int blk_prw(BlockBackend *blk, int64_t offset, uint8_t *buf,
     rwco = (BlkRwCo) {
         .blk    = blk,
         .offset = offset,
-        .qiov   = &qiov,
+        .iobuf  = &qiov,
         .flags  = flags,
         .ret    = NOT_DONE,
     };
@@ -XXX,XX +XXX,XX @@ static void blk_aio_complete_bh(void *opaque)
 }
 
 static BlockAIOCB *blk_aio_prwv(BlockBackend *blk, int64_t offset, int bytes,
-                                QEMUIOVector *qiov, CoroutineEntry co_entry,
+                                void *iobuf, CoroutineEntry co_entry,
                                 BdrvRequestFlags flags,
                                 BlockCompletionFunc *cb, void *opaque)
 {
@@ -XXX,XX +XXX,XX @@ static BlockAIOCB *blk_aio_prwv(BlockBackend *blk, int64_t offset, int bytes,
     acb->rwco = (BlkRwCo) {
         .blk    = blk,
         .offset = offset,
-        .qiov   = qiov,
+        .iobuf  = iobuf,
         .flags  = flags,
         .ret    = NOT_DONE,
     };
@@ -XXX,XX +XXX,XX @@ static void blk_aio_read_entry(void *opaque)
 {
     BlkAioEmAIOCB *acb = opaque;
     BlkRwCo *rwco = &acb->rwco;
+    QEMUIOVector *qiov = rwco->iobuf;
 
-    assert(rwco->qiov->size == acb->bytes);
+    assert(qiov->size == acb->bytes);
     rwco->ret = blk_co_preadv(rwco->blk, rwco->offset, acb->bytes,
-                              rwco->qiov, rwco->flags);
+                              qiov, rwco->flags);
     blk_aio_complete(acb);
 }
 
@@ -XXX,XX +XXX,XX @@ static void blk_aio_write_entry(void *opaque)
 {
     BlkAioEmAIOCB *acb = opaque;
     BlkRwCo *rwco = &acb->rwco;
+    QEMUIOVector *qiov = rwco->iobuf;
 
-    assert(!rwco->qiov || rwco->qiov->size == acb->bytes);
+    assert(!qiov || qiov->size == acb->bytes);
     rwco->ret = blk_co_pwritev(rwco->blk, rwco->offset, acb->bytes,
-                               rwco->qiov, rwco->flags);
+                               qiov, rwco->flags);
     blk_aio_complete(acb);
 }
 
@@ -XXX,XX +XXX,XX @@ int blk_co_ioctl(BlockBackend *blk, unsigned long int req, void *buf)
 static void blk_ioctl_entry(void *opaque)
 {
     BlkRwCo *rwco = opaque;
+    QEMUIOVector *qiov = rwco->iobuf;
+
     rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
-                             rwco->qiov->iov[0].iov_base);
+                             qiov->iov[0].iov_base);
 }
 
 int blk_ioctl(BlockBackend *blk, unsigned long int req, void *buf)
@@ -XXX,XX +XXX,XX @@ static void blk_aio_ioctl_entry(void *opaque)
     BlkAioEmAIOCB *acb = opaque;
     BlkRwCo *rwco = &acb->rwco;
 
-    rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset,
-                             rwco->qiov->iov[0].iov_base);
+    rwco->ret = blk_co_ioctl(rwco->blk, rwco->offset, rwco->iobuf);
+
     blk_aio_complete(acb);
 }
 
 BlockAIOCB *blk_aio_ioctl(BlockBackend *blk, unsigned long int req, void *buf,
                           BlockCompletionFunc *cb, void *opaque)
 {
-    QEMUIOVector qiov;
-    struct iovec iov;
-
-    iov = (struct iovec) {
-        .iov_base = buf,
-        .iov_len = 0,
-    };
-    qemu_iovec_init_external(&qiov, &iov, 1);
-
-    return blk_aio_prwv(blk, req, 0, &qiov, blk_aio_ioctl_entry, 0, cb, opaque);
+    return blk_aio_prwv(blk, req, 0, buf, blk_aio_ioctl_entry, 0, cb, opaque);
 }
 
 int blk_co_pdiscard(BlockBackend *blk, int64_t offset, int bytes)
@@ -XXX,XX +XXX,XX @@ int blk_truncate(BlockBackend *blk, int64_t offset, PreallocMode prealloc,
 static void blk_pdiscard_entry(void *opaque)
 {
     BlkRwCo *rwco = opaque;
-    rwco->ret = blk_co_pdiscard(rwco->blk, rwco->offset, rwco->qiov->size);
+    QEMUIOVector *qiov = rwco->iobuf;
+
+    rwco->ret = blk_co_pdiscard(rwco->blk, rwco->offset, qiov->size);
 }
 
 int blk_pdiscard(BlockBackend *blk, int64_t offset, int bytes)
-- 
2.14.3

From: Sergio Lopez <slp@redhat.com>

Commit 5b2ffbe4d99843fd8305c573a100047a8c962327 ("virtio-blk: dataplane:
notify guest as a batch") deferred guest notification to a BH in order
batch notifications, with purpose of avoiding flooding the guest with
interruptions.

This optimization came with a cost. The average latency perceived in the
guest is increased by a few microseconds, but also when multiple IO
operations finish at the same time, the guest won't be notified until
all completions from each operation has been run. On the contrary,
virtio-scsi issues the notification at the end of each completion.

On the other hand, nowadays we have the EVENT_IDX feature that allows a
better coordination between QEMU and the Guest OS to avoid sending
unnecessary interruptions.

With this change, virtio-blk/dataplane only batches notifications if the
EVENT_IDX feature is not present.

Some numbers obtained with fio (ioengine=sync, iodepth=1, direct=1):
 - Test specs:
   * fio-3.4 (ioengine=sync, iodepth=1, direct=1)
   * qemu master
   * virtio-blk with a dedicated iothread (default poll-max-ns)
   * backend: null_blk nr_devices=1 irqmode=2 completion_nsec=280000
   * 8 vCPUs pinned to isolated physical cores
   * Emulator and iothread also pinned to separate isolated cores
   * variance between runs < 1%

- Not patched
   * numjobs=1:  lat_avg=327.32  irqs=29998
   * numjobs=4:  lat_avg=337.89  irqs=29073
   * numjobs=8:  lat_avg=342.98  irqs=28643

- Patched:
   * numjobs=1:  lat_avg=323.92  irqs=30262
   * numjobs=4:  lat_avg=332.65  irqs=29520
   * numjobs=8:  lat_avg=335.54  irqs=29323

Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-id: 20180307114459.26636-1-slp@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 hw/block/dataplane/virtio-blk.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/block/dataplane/virtio-blk.c
+++ b/hw/block/dataplane/virtio-blk.c
@@ -XXX,XX +XXX,XX @@ struct VirtIOBlockDataPlane {
     VirtIODevice *vdev;
     QEMUBH *bh;                     /* bh for guest notification */
     unsigned long *batch_notify_vqs;
+    bool batch_notifications;
 
     /* Note that these EventNotifiers are assigned by value.  This is
      * fine as long as you do not call event_notifier_cleanup on them
@@ -XXX,XX +XXX,XX @@ struct VirtIOBlockDataPlane {
 /* Raise an interrupt to signal guest, if necessary */
 void virtio_blk_data_plane_notify(VirtIOBlockDataPlane *s, VirtQueue *vq)
 {
-    set_bit(virtio_get_queue_index(vq), s->batch_notify_vqs);
-    qemu_bh_schedule(s->bh);
+    if (s->batch_notifications) {
+        set_bit(virtio_get_queue_index(vq), s->batch_notify_vqs);
+        qemu_bh_schedule(s->bh);
+    } else {
+        virtio_notify_irqfd(s->vdev, vq);
+    }
 }
 
 static void notify_guest_bh(void *opaque)
@@ -XXX,XX +XXX,XX @@ int virtio_blk_data_plane_start(VirtIODevice *vdev)
 
     s->starting = true;
 
+    if (!virtio_vdev_has_feature(vdev, VIRTIO_RING_F_EVENT_IDX)) {
+        s->batch_notifications = true;
+    } else {
+        s->batch_notifications = false;
+    }
+
     /* Set up guest notifier (irq) */
     r = k->set_guest_notifiers(qbus->parent, nvqs, true);
     if (r != 0) {
-- 
2.14.3

Sometimes it's necessary for the main loop thread to run a BH in an
IOThread and wait for its completion.  This primitive is useful during
startup/shutdown to synchronize and avoid race conditions.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180307144205.20619-2-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 include/block/aio-wait.h | 13 +++++++++++++
 util/aio-wait.c          | 31 +++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)

diff --git a/include/block/aio-wait.h b/include/block/aio-wait.h
index XXXXXXX..XXXXXXX 100644
--- a/include/block/aio-wait.h
+++ b/include/block/aio-wait.h
@@ -XXX,XX +XXX,XX @@ typedef struct {
  */
 void aio_wait_kick(AioWait *wait);
 
+/**
+ * aio_wait_bh_oneshot:
+ * @ctx: the aio context
+ * @cb: the BH callback function
+ * @opaque: user data for the BH callback function
+ *
+ * Run a BH in @ctx and wait for it to complete.
+ *
+ * Must be called from the main loop thread with @ctx acquired exactly once.
+ * Note that main loop event processing may occur.
+ */
+void aio_wait_bh_oneshot(AioContext *ctx, QEMUBHFunc *cb, void *opaque);
+
 #endif /* QEMU_AIO_WAIT */
diff --git a/util/aio-wait.c b/util/aio-wait.c
index XXXXXXX..XXXXXXX 100644
--- a/util/aio-wait.c
+++ b/util/aio-wait.c
@@ -XXX,XX +XXX,XX @@ void aio_wait_kick(AioWait *wait)
         aio_bh_schedule_oneshot(qemu_get_aio_context(), dummy_bh_cb, NULL);
     }
 }
+
+typedef struct {
+    AioWait wait;
+    bool done;
+    QEMUBHFunc *cb;
+    void *opaque;
+} AioWaitBHData;
+
+/* Context: BH in IOThread */
+static void aio_wait_bh(void *opaque)
+{
+    AioWaitBHData *data = opaque;
+
+    data->cb(data->opaque);
+
+    data->done = true;
+    aio_wait_kick(&data->wait);
+}
+
+void aio_wait_bh_oneshot(AioContext *ctx, QEMUBHFunc *cb, void *opaque)
+{
+    AioWaitBHData data = {
+        .cb = cb,
+        .opaque = opaque,
+    };
+
+    assert(qemu_get_current_aio_context() == qemu_get_aio_context());
+
+    aio_bh_schedule_oneshot(ctx, aio_wait_bh, &data);
+    AIO_WAIT_WHILE(&data.wait, ctx, !data.done);
+}
-- 
2.14.3

If the main loop thread invokes .ioeventfd_stop() just as the vq handler
function begins in the IOThread then the handler may lose the race for
the AioContext lock.  By the time the vq handler is able to acquire the
AioContext lock the ioeventfd has already been removed and the handler
isn't supposed to run anymore!

Use the new aio_wait_bh_oneshot() function to perform ioeventfd removal
from within the IOThread.  This way no races with the vq handler are
possible.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180307144205.20619-3-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 hw/block/dataplane/virtio-blk.c | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/block/dataplane/virtio-blk.c
+++ b/hw/block/dataplane/virtio-blk.c
@@ -XXX,XX +XXX,XX @@ int virtio_blk_data_plane_start(VirtIODevice *vdev)
     return -ENOSYS;
 }
 
+/* Stop notifications for new requests from guest.
+ *
+ * Context: BH in IOThread
+ */
+static void virtio_blk_data_plane_stop_bh(void *opaque)
+{
+    VirtIOBlockDataPlane *s = opaque;
+    unsigned i;
+
+    for (i = 0; i < s->conf->num_queues; i++) {
+        VirtQueue *vq = virtio_get_queue(s->vdev, i);
+
+        virtio_queue_aio_set_host_notifier_handler(vq, s->ctx, NULL);
+    }
+}
+
 /* Context: QEMU global mutex held */
 void virtio_blk_data_plane_stop(VirtIODevice *vdev)
 {
@@ -XXX,XX +XXX,XX @@ void virtio_blk_data_plane_stop(VirtIODevice *vdev)
     trace_virtio_blk_data_plane_stop(s);
 
     aio_context_acquire(s->ctx);
-
-    /* Stop notifications for new requests from guest */
-    for (i = 0; i < nvqs; i++) {
-        VirtQueue *vq = virtio_get_queue(s->vdev, i);
-
-        virtio_queue_aio_set_host_notifier_handler(vq, s->ctx, NULL);
-    }
+    aio_wait_bh_oneshot(s->ctx, virtio_blk_data_plane_stop_bh, s);
 
     /* Drain and switch bs back to the QEMU main loop */
     blk_set_aio_context(s->conf->conf.blk, qemu_get_aio_context());
-- 
2.14.3

Use the new aio_wait_bh_oneshot() function to perform ioeventfd removal
from within the IOThread.  This way no races with the vq handler are
possible.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180307144205.20619-4-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 hw/scsi/virtio-scsi-dataplane.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/hw/scsi/virtio-scsi-dataplane.c b/hw/scsi/virtio-scsi-dataplane.c
index XXXXXXX..XXXXXXX 100644
--- a/hw/scsi/virtio-scsi-dataplane.c
+++ b/hw/scsi/virtio-scsi-dataplane.c
@@ -XXX,XX +XXX,XX @@ static int virtio_scsi_vring_init(VirtIOSCSI *s, VirtQueue *vq, int n,
     return 0;
 }
 
-/* assumes s->ctx held */
-static void virtio_scsi_clear_aio(VirtIOSCSI *s)
+/* Context: BH in IOThread */
+static void virtio_scsi_dataplane_stop_bh(void *opaque)
 {
+    VirtIOSCSI *s = opaque;
     VirtIOSCSICommon *vs = VIRTIO_SCSI_COMMON(s);
     int i;
 
@@ -XXX,XX +XXX,XX @@ int virtio_scsi_dataplane_start(VirtIODevice *vdev)
     return 0;
 
 fail_vrings:
-    virtio_scsi_clear_aio(s);
+    aio_wait_bh_oneshot(s->ctx, virtio_scsi_dataplane_stop_bh, s);
     aio_context_release(s->ctx);
     for (i = 0; i < vs->conf.num_queues + 2; i++) {
         virtio_bus_set_host_notifier(VIRTIO_BUS(qbus), i, false);
@@ -XXX,XX +XXX,XX @@ void virtio_scsi_dataplane_stop(VirtIODevice *vdev)
     s->dataplane_stopping = true;
 
     aio_context_acquire(s->ctx);
-    virtio_scsi_clear_aio(s);
+    aio_wait_bh_oneshot(s->ctx, virtio_scsi_dataplane_stop_bh, s);
     aio_context_release(s->ctx);
 
     blk_drain_all(); /* ensure there are no in-flight requests */
-- 
2.14.3

Commit 00d09fdbbae5f7864ce754913efc84c12fdf9f1a ("vl: pause vcpus before
stopping iothreads") and commit dce8921b2baaf95974af8176406881872067adfa
("iothread: Stop threads before main() quits") tried to work around the
fact that emulation was still active during termination by stopping
iothreads.  They suffer from race conditions:
1. virtio_scsi_handle_cmd_vq() racing with iothread_stop_all() hits the
   virtio_scsi_ctx_check() assertion failure because the BDS AioContext
   has been modified by iothread_stop_all().
2. Guest vq kick racing with main loop termination leaves a readable
   ioeventfd that is handled by the next aio_poll() when external
   clients are enabled again, resulting in unwanted emulation activity.

This patch obsoletes those commits by fully disabling emulation activity
when vcpus are stopped.

Use the new vm_shutdown() function instead of pause_all_vcpus() so that
vm change state handlers are invoked too.  Virtio devices will now stop
their ioeventfds, preventing further emulation activity after vm_stop().

Note that vm_stop(RUN_STATE_SHUTDOWN) cannot be used because it emits a
QMP STOP event that may affect existing clients.

It is no longer necessary to call replay_disable_events() directly since
vm_shutdown() does so already.

Drop iothread_stop_all() since it is no longer used.

Cc: Fam Zheng <famz@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Fam Zheng <famz@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180307144205.20619-5-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 include/sysemu/iothread.h |  1 -
 include/sysemu/sysemu.h   |  1 +
 cpus.c                    | 16 +++++++++++++---
 iothread.c                | 31 -------------------------------
 vl.c                      | 13 +++----------
 5 files changed, 17 insertions(+), 45 deletions(-)

diff --git a/include/sysemu/iothread.h b/include/sysemu/iothread.h
index XXXXXXX..XXXXXXX 100644
--- a/include/sysemu/iothread.h
+++ b/include/sysemu/iothread.h
@@ -XXX,XX +XXX,XX @@ typedef struct {
 char *iothread_get_id(IOThread *iothread);
 IOThread *iothread_by_id(const char *id);
 AioContext *iothread_get_aio_context(IOThread *iothread);
-void iothread_stop_all(void);
 GMainContext *iothread_get_g_main_context(IOThread *iothread);
 
 /*
diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
index XXXXXXX..XXXXXXX 100644
--- a/include/sysemu/sysemu.h
+++ b/include/sysemu/sysemu.h
@@ -XXX,XX +XXX,XX @@ void vm_start(void);
 int vm_prepare_start(void);
 int vm_stop(RunState state);
 int vm_stop_force_state(RunState state);
+int vm_shutdown(void);
 
 typedef enum WakeupReason {
     /* Always keep QEMU_WAKEUP_REASON_NONE = 0 */
diff --git a/cpus.c b/cpus.c
index XXXXXXX..XXXXXXX 100644
--- a/cpus.c
+++ b/cpus.c
@@ -XXX,XX +XXX,XX @@ void cpu_synchronize_all_pre_loadvm(void)
     }
 }
 
-static int do_vm_stop(RunState state)
+static int do_vm_stop(RunState state, bool send_stop)
 {
     int ret = 0;
 
@@ -XXX,XX +XXX,XX @@ static int do_vm_stop(RunState state)
         pause_all_vcpus();
         runstate_set(state);
         vm_state_notify(0, state);
-        qapi_event_send_stop(&error_abort);
+        if (send_stop) {
+            qapi_event_send_stop(&error_abort);
+        }
     }
 
     bdrv_drain_all();
@@ -XXX,XX +XXX,XX @@ static int do_vm_stop(RunState state)
     return ret;
 }
 
+/* Special vm_stop() variant for terminating the process.  Historically clients
+ * did not expect a QMP STOP event and so we need to retain compatibility.
+ */
+int vm_shutdown(void)
+{
+    return do_vm_stop(RUN_STATE_SHUTDOWN, false);
+}
+
 static bool cpu_can_run(CPUState *cpu)
 {
     if (cpu->stop) {
@@ -XXX,XX +XXX,XX @@ int vm_stop(RunState state)
         return 0;
     }
 
-    return do_vm_stop(state);
+    return do_vm_stop(state, true);
 }
 
 /**
diff --git a/iothread.c b/iothread.c
index XXXXXXX..XXXXXXX 100644
--- a/iothread.c
+++ b/iothread.c
@@ -XXX,XX +XXX,XX @@ void iothread_stop(IOThread *iothread)
     qemu_thread_join(&iothread->thread);
 }
 
-static int iothread_stop_iter(Object *object, void *opaque)
-{
-    IOThread *iothread;
-
-    iothread = (IOThread *)object_dynamic_cast(object, TYPE_IOTHREAD);
-    if (!iothread) {
-        return 0;
-    }
-    iothread_stop(iothread);
-    return 0;
-}
-
 static void iothread_instance_init(Object *obj)
 {
     IOThread *iothread = IOTHREAD(obj);
@@ -XXX,XX +XXX,XX @@ IOThreadInfoList *qmp_query_iothreads(Error **errp)
     return head;
 }
 
-void iothread_stop_all(void)
-{
-    Object *container = object_get_objects_root();
-    BlockDriverState *bs;
-    BdrvNextIterator it;
-
-    for (bs = bdrv_first(&it); bs; bs = bdrv_next(&it)) {
-        AioContext *ctx = bdrv_get_aio_context(bs);
-        if (ctx == qemu_get_aio_context()) {
-            continue;
-        }
-        aio_context_acquire(ctx);
-        bdrv_set_aio_context(bs, qemu_get_aio_context());
-        aio_context_release(ctx);
-    }
-
-    object_child_foreach(container, iothread_stop_iter, NULL);
-}
-
 static gpointer iothread_g_main_context_init(gpointer opaque)
 {
     AioContext *ctx;
diff --git a/vl.c b/vl.c
index XXXXXXX..XXXXXXX 100644
--- a/vl.c
+++ b/vl.c
@@ -XXX,XX +XXX,XX @@ int main(int argc, char **argv, char **envp)
     os_setup_post();
 
     main_loop();
-    replay_disable_events();
 
-    /* The ordering of the following is delicate.  Stop vcpus to prevent new
-     * I/O requests being queued by the guest.  Then stop IOThreads (this
-     * includes a drain operation and completes all request processing).  At
-     * this point emulated devices are still associated with their IOThreads
-     * (if any) but no longer have any work to do.  Only then can we close
-     * block devices safely because we know there is no more I/O coming.
-     */
-    pause_all_vcpus();
-    iothread_stop_all();
+    /* No more vcpu or device emulation activity beyond this point */
+    vm_shutdown();
+
     bdrv_close_all();
 
     res_free();
-- 
2.14.3

The following changes since commit 7208429223963c405c62fa2611398f1aa8033593:

Merge tag 'mem-2022-10-28' of https://github.com/davidhildenbrand/qemu into staging (2022-10-30 18:31:59 -0400)

are available in the Git repository at:

https://gitlab.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to 6c32fc0df9cd901add75618c831fb26a9eb742cb:

block/blkio: Make driver nvme-io_uring take a "path" instead of a "filename" (2022-10-31 14:35:14 -0400)

----------------------------------------------------------------
Pull request

Note that we're still discussing "block/blkio: Make driver nvme-io_uring take a
"path" instead of a "filename"". I have sent the pull request now so everything
is ready for the soft freeze tomorrow if we decide to go ahead with the patch.

----------------------------------------------------------------

Alberto Faria (3):
  block/blkio: Add virtio-blk-vfio-pci BlockDriver
  block/blkio: Tolerate device size changes
  block/blkio: Make driver nvme-io_uring take a "path" instead of a
    "filename"

qapi/block-core.json | 22 +++++++++++++++++++--
 block/blkio.c        | 47 ++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 63 insertions(+), 6 deletions(-)

-- 
2.38.1

From: Alberto Faria <afaria@redhat.com>

libblkio 1.1.0 [1] introduces a virtio-blk-vfio-pci driver, which
accesses a virtio-blk PCI device using VFIO. Add a corresponding
BlockDriver.

[1] https://gitlab.com/libblkio/libblkio/-/tree/v1.1.0

Signed-off-by: Alberto Faria <afaria@redhat.com>
Message-id: 20221028131635.710267-1-afaria@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 qapi/block-core.json | 18 ++++++++++++++++++
 block/blkio.c        |  8 ++++++++
 2 files changed, 26 insertions(+)

diff --git a/qapi/block-core.json b/qapi/block-core.json
index XXXXXXX..XXXXXXX 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -XXX,XX +XXX,XX @@
             'raw', 'rbd',
             { 'name': 'replication', 'if': 'CONFIG_REPLICATION' },
             'ssh', 'throttle', 'vdi', 'vhdx',
+            { 'name': 'virtio-blk-vfio-pci', 'if': 'CONFIG_BLKIO' },
             { 'name': 'virtio-blk-vhost-user', 'if': 'CONFIG_BLKIO' },
             { 'name': 'virtio-blk-vhost-vdpa', 'if': 'CONFIG_BLKIO' },
             'vmdk', 'vpc', 'vvfat' ] }
@@ -XXX,XX +XXX,XX @@
   'data': { 'filename': 'str' },
   'if': 'CONFIG_BLKIO' }
 
+##
+# @BlockdevOptionsVirtioBlkVfioPci:
+#
+# Driver specific block device options for the virtio-blk-vfio-pci backend.
+#
+# @path: path to the PCI device's sysfs directory (e.g.
+#        /sys/bus/pci/devices/0000:00:01.0).
+#
+# Since: 7.2
+##
+{ 'struct': 'BlockdevOptionsVirtioBlkVfioPci',
+  'data': { 'path': 'str' },
+  'if': 'CONFIG_BLKIO' }
+
 ##
 # @BlockdevOptionsVirtioBlkVhostUser:
 #
@@ -XXX,XX +XXX,XX @@
       'throttle':   'BlockdevOptionsThrottle',
       'vdi':        'BlockdevOptionsGenericFormat',
       'vhdx':       'BlockdevOptionsGenericFormat',
+      'virtio-blk-vfio-pci':
+                    { 'type': 'BlockdevOptionsVirtioBlkVfioPci',
+                      'if': 'CONFIG_BLKIO' },
       'virtio-blk-vhost-user':
                     { 'type': 'BlockdevOptionsVirtioBlkVhostUser',
                       'if': 'CONFIG_BLKIO' },
diff --git a/block/blkio.c b/block/blkio.c
index XXXXXXX..XXXXXXX 100644
--- a/block/blkio.c
+++ b/block/blkio.c
@@ -XXX,XX +XXX,XX @@
  */
 #define DRIVER_IO_URING "io_uring"
 #define DRIVER_NVME_IO_URING "nvme-io_uring"
+#define DRIVER_VIRTIO_BLK_VFIO_PCI "virtio-blk-vfio-pci"
 #define DRIVER_VIRTIO_BLK_VHOST_USER "virtio-blk-vhost-user"
 #define DRIVER_VIRTIO_BLK_VHOST_VDPA "virtio-blk-vhost-vdpa"
 
@@ -XXX,XX +XXX,XX @@ static int blkio_file_open(BlockDriverState *bs, QDict *options, int flags,
         ret = blkio_io_uring_open(bs, options, flags, errp);
     } else if (strcmp(blkio_driver, DRIVER_NVME_IO_URING) == 0) {
         ret = blkio_nvme_io_uring(bs, options, flags, errp);
+    } else if (strcmp(blkio_driver, DRIVER_VIRTIO_BLK_VFIO_PCI) == 0) {
+        ret = blkio_virtio_blk_common_open(bs, options, flags, errp);
     } else if (strcmp(blkio_driver, DRIVER_VIRTIO_BLK_VHOST_USER) == 0) {
         ret = blkio_virtio_blk_common_open(bs, options, flags, errp);
     } else if (strcmp(blkio_driver, DRIVER_VIRTIO_BLK_VHOST_VDPA) == 0) {
@@ -XXX,XX +XXX,XX @@ static BlockDriver bdrv_nvme_io_uring = BLKIO_DRIVER(
     .bdrv_needs_filename = true,
 );
 
+static BlockDriver bdrv_virtio_blk_vfio_pci = BLKIO_DRIVER(
+    DRIVER_VIRTIO_BLK_VFIO_PCI
+);
+
 static BlockDriver bdrv_virtio_blk_vhost_user = BLKIO_DRIVER(
     DRIVER_VIRTIO_BLK_VHOST_USER
 );
@@ -XXX,XX +XXX,XX @@ static void bdrv_blkio_init(void)
 {
     bdrv_register(&bdrv_io_uring);
     bdrv_register(&bdrv_nvme_io_uring);
+    bdrv_register(&bdrv_virtio_blk_vfio_pci);
     bdrv_register(&bdrv_virtio_blk_vhost_user);
     bdrv_register(&bdrv_virtio_blk_vhost_vdpa);
 }
-- 
2.38.1

From: Alberto Faria <afaria@redhat.com>

Some libblkio drivers may be able to work with regular files (e.g.,
io_uring) or otherwise resizable devices. Conservatively set
BlockDriver::has_variable_length to true to ensure bdrv_nb_sectors()
always gives up-to-date results.

Also implement BlockDriver::bdrv_co_truncate for the case where no
preallocation is needed and the device already has a size compatible
with what was requested.

Signed-off-by: Alberto Faria <afaria@redhat.com>
Message-id: 20221029122031.975273-1-afaria@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/blkio.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/block/blkio.c b/block/blkio.c
index XXXXXXX..XXXXXXX 100644
--- a/block/blkio.c
+++ b/block/blkio.c
@@ -XXX,XX +XXX,XX @@ static int64_t blkio_getlength(BlockDriverState *bs)
     return capacity;
 }
 
+static int coroutine_fn blkio_truncate(BlockDriverState *bs, int64_t offset,
+                                       bool exact, PreallocMode prealloc,
+                                       BdrvRequestFlags flags, Error **errp)
+{
+    int64_t current_length;
+
+    if (prealloc != PREALLOC_MODE_OFF) {
+        error_setg(errp, "Unsupported preallocation mode '%s'",
+                   PreallocMode_str(prealloc));
+        return -ENOTSUP;
+    }
+
+    current_length = blkio_getlength(bs);
+
+    if (offset > current_length) {
+        error_setg(errp, "Cannot grow device");
+        return -EINVAL;
+    } else if (exact && offset != current_length) {
+        error_setg(errp, "Cannot resize device");
+        return -ENOTSUP;
+    }
+
+    return 0;
+}
+
 static int blkio_get_info(BlockDriverState *bs, BlockDriverInfo *bdi)
 {
     return 0;
@@ -XXX,XX +XXX,XX @@ static void blkio_refresh_limits(BlockDriverState *bs, Error **errp)
     { \
         .format_name             = name, \
         .protocol_name           = name, \
+        .has_variable_length     = true, \
         .instance_size           = sizeof(BDRVBlkioState), \
         .bdrv_file_open          = blkio_file_open, \
         .bdrv_close              = blkio_close, \
         .bdrv_getlength          = blkio_getlength, \
+        .bdrv_co_truncate        = blkio_truncate, \
         .bdrv_get_info           = blkio_get_info, \
         .bdrv_attach_aio_context = blkio_attach_aio_context, \
         .bdrv_detach_aio_context = blkio_detach_aio_context, \
-- 
2.38.1

From: Alberto Faria <afaria@redhat.com>

The nvme-io_uring driver expects a character special file such as
/dev/ng0n1. Follow the convention of having a "filename" option when a
regular file is expected, and a "path" option otherwise.

This makes io_uring the only libblkio-based driver with a "filename"
option, as it accepts a regular file (even though it can also take a
block special file).

Signed-off-by: Alberto Faria <afaria@redhat.com>
Message-id: 20221028233854.839933-1-afaria@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 qapi/block-core.json |  4 ++--
 block/blkio.c        | 12 ++++++++----
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/qapi/block-core.json b/qapi/block-core.json
index XXXXXXX..XXXXXXX 100644
--- a/qapi/block-core.json
+++ b/qapi/block-core.json
@@ -XXX,XX +XXX,XX @@
 #
 # Driver specific block device options for the nvme-io_uring backend.
 #
-# @filename: path to the image file
+# @path: path to the image file
 #
 # Since: 7.2
 ##
 { 'struct': 'BlockdevOptionsNvmeIoUring',
-  'data': { 'filename': 'str' },
+  'data': { 'path': 'str' },
   'if': 'CONFIG_BLKIO' }
 
 ##
diff --git a/block/blkio.c b/block/blkio.c
index XXXXXXX..XXXXXXX 100644
--- a/block/blkio.c
+++ b/block/blkio.c
@@ -XXX,XX +XXX,XX @@ static int blkio_io_uring_open(BlockDriverState *bs, QDict *options, int flags,
 static int blkio_nvme_io_uring(BlockDriverState *bs, QDict *options, int flags,
                                Error **errp)
 {
-    const char *filename = qdict_get_str(options, "filename");
+    const char *path = qdict_get_try_str(options, "path");
     BDRVBlkioState *s = bs->opaque;
     int ret;
 
-    ret = blkio_set_str(s->blkio, "path", filename);
-    qdict_del(options, "filename");
+    if (!path) {
+        error_setg(errp, "missing 'path' option");
+        return -EINVAL;
+    }
+
+    ret = blkio_set_str(s->blkio, "path", path);
+    qdict_del(options, "path");
     if (ret < 0) {
         error_setg_errno(errp, -ret, "failed to set path: %s",
                          blkio_get_error_msg());
@@ -XXX,XX +XXX,XX @@ static BlockDriver bdrv_io_uring = BLKIO_DRIVER(
 
 static BlockDriver bdrv_nvme_io_uring = BLKIO_DRIVER(
     DRIVER_NVME_IO_URING,
-    .bdrv_needs_filename = true,
 );
 
 static BlockDriver bdrv_virtio_blk_vfio_pci = BLKIO_DRIVER(
-- 
2.38.1