aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2015-12-22Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into ↵Peter Maydell11-31/+272
staging # gpg: Signature made Tue 22 Dec 2015 08:52:55 GMT using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" * remotes/stefanha/tags/block-pull-request: sdhci: add optional quirk property to disable card insertion/removal interrupts sdhci: don't raise a command index error for an unexpected response sd: sdhci: Delete over-zealous power check scripts/gdb: Fix a python exception in mtree.py parallels: add format spec block/mirror: replace IOV_MAX with blk_get_max_iov() block: replace IOV_MAX with BlockLimits.max_iov block-backend: add blk_get_max_iov() block: add BlockLimits.max_iov field virtio-blk: trivial code optimization Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-22sdhci: add optional quirk property to disable card insertion/removal interruptsAndrew Baumann2-1/+5
This is needed for a quirk of the Raspberry Pi (bcm2835/6) MMC controller, where the card insert bit is documented as unimplemented (always reads zero, doesn't generate interrupts) but is in fact observed on hardware as set at power on, but is cleared (and remains clear) on subsequent controller resets. Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Message-id: 1450738069-18664-4-git-send-email-Andrew.Baumann@microsoft.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22sdhci: don't raise a command index error for an unexpected responseAndrew Baumann1-3/+0
This deletes a block of code that raised a command index error if a command returned response data, but the guest did not set the appropriate bits in the response register to handle such a response. I cannot find any documentation that suggests the controller should behave in this way, the error code doesn't make sense (command index error is defined for the case where the index in a response does not match that of the issued command), and in at least one case (CMD23 issued by UEFI on Raspberry Pi 2), actual hardware does not do this. Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Message-id: 1450738069-18664-3-git-send-email-Andrew.Baumann@microsoft.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22sd: sdhci: Delete over-zealous power checkPeter Crosthwaite1-1/+1
This check was conditionalising SD card operation on the card being powered by the SDHCI host controller. It is however possible (particularly in embedded systems) for the power control of the SD card to be managed outside of SDHCI. This can be as trivial as hard-wiring the SD slot VCC to a constant power-rail. This means the guest SDHCI can validly opt-out of the SDHCI power control feature while still using the card. So delete this check to allow operation of the card with SDHCI power control. This is needed for at least Xilinx Zynq and Raspberry Pi, and also makes Freescale i.MX25 work for me. The digilent Zybo board has a public schematic which shows SD VCC hardwiring: http://digilentinc.com/Data/Products/ZYBO/ZYBO_sch_VB.3.pdf bottom of page 3. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Reviewed-by: Sai Pavan Boddu <saipava@xilinx.com> Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1450738069-18664-2-git-send-email-Andrew.Baumann@microsoft.com [AB: Add Pi to list of devices fixed in commit message] Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22scripts/gdb: Fix a python exception in mtree.pyYang Wei1-5/+5
The following exception is threw: Python Exception <class 'NameError'> name 'long' is not defined: Error occurred in Python command: name 'long' is not defined Python 2.4+, int()/long() have been unified, so replace long with int. Signed-off-by: Yang Wei <w90p710@gmail.com> Message-id: 1449316340-4030-1-git-send-email-w90p710@gmail.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22parallels: add format specVladimir Sementsov-Ogievskiy2-0/+229
This specifies Parallels image format as implemented in Parallels Cloud Server 6.10 Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Message-id: 1448626806-17591-1-git-send-email-den@openvz.org CC: Eric Blake <eblake@redhat.com> CC: John Snow <jsnow@redhat.com> CC: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22block/mirror: replace IOV_MAX with blk_get_max_iov()Stefan Hajnoczi1-2/+4
Use blk_get_max_iov() instead of hardcoding IOV_MAX, which may not apply to all BlockDrivers. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22block: replace IOV_MAX with BlockLimits.max_iovStefan Hajnoczi2-2/+3
Request merging must not result in a huge request that exceeds the maximum number of iovec elements. Use BlockLimits.max_iov instead of hardcoding IOV_MAX. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22block-backend: add blk_get_max_iov()Stefan Hajnoczi2-0/+6
Add a function to query BlockLimits.max_iov. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22block: add BlockLimits.max_iov fieldStefan Hajnoczi2-0/+10
The maximum number of struct iovec elements depends on the BlockDriverState. The raw-posix and iSCSI protocols have a maximum of IOV_MAX but others could have different values. Cc: Peter Lieven <pl@kamp.de> Suggested-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-22virtio-blk: trivial code optimizationGonglei1-18/+10
1. avoid possible superflous checking 2. make code more robustness ["make code more robustness" refers to avoiding integer underflows/overflows. --Stefan] Signed-off-by: Gonglei <arei.gonglei@huawei.com> Message-id: 1447207166-12612-1-git-send-email-arei.gonglei@huawei.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-18Merge remote-tracking branch 'remotes/ehabkost/tags/numa-pull-request' into ↵Peter Maydell1-49/+10
staging NUMA queue, 2015-12-18 # gpg: Signature made Fri 18 Dec 2015 17:53:48 GMT using RSA key ID 984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" * remotes/ehabkost/tags/numa-pull-request: numa: Clean up query-memdev error handling Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18numa: Clean up query-memdev error handlingMarkus Armbruster1-49/+10
qmp_query_memdev() has two error paths: * When object_get_objects_root() returns null. It never does, so simply drop the useless error handling. * When query_memdev() fails. It leaks err then. But any failure there is actually a programming error. Switch it to &error_abort, and drop the useless error handling. Messed up in commit 76b5d85 "qmp: add query-memdev". Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2015-12-18Merge remote-tracking branch ↵Peter Maydell20-11/+1533
'remotes/berrange/tags/pull-qcrypto-secrets-base-2015-12-18-1' into staging Merge QCryptoSecret object support # gpg: Signature made Fri 18 Dec 2015 16:51:21 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" * remotes/berrange/tags/pull-qcrypto-secrets-base-2015-12-18-1: crypto: add support for loading encrypted x509 keys crypto: add QCryptoSecret object class for password/key handling qga: convert to use error checked base64 decode qemu-char: convert to use error checked base64 decode util: add base64 decoding function Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into stagingPeter Maydell38-466/+3326
Block layer patches # gpg: Signature made Fri 18 Dec 2015 13:41:03 GMT using RSA key ID C88F2FD6 # gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" * remotes/kevin/tags/for-upstream: (48 commits) block/qapi: allow best-effort query qemu-img: abort when full_backing_filename not present block/qapi: explicitly warn if !has_full_backing_filename block/qapi: always report full_backing_filename block/qapi: do not redundantly print "actual path" qemu-iotests: s390x: fix test 068 qemu-iotests: s390x: fix test 051 qemu-iotests: refine common.config block: fix bdrv_ioctl called from coroutine block: use drained section around bdrv_snapshot_delete iotests: Update comments for bdrv_swap() in 094 block: Remove prototype of bdrv_swap from header raw-posix: Make aio=native option binding qcow2: insert assert into qcow2_get_specific_info() iotests: Extend test 112 for qemu-img amend qcow2: Point to amend function in check qcow2: Invoke refcount order amendment function qcow2: Add function for refcount order amendment qcow2: Use intermediate helper CB for amend qcow2: Split upgrade/downgrade paths for amend ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18crypto: add support for loading encrypted x509 keysDaniel P. Berrange3-1/+56
Make use of the QCryptoSecret object to support loading of encrypted x509 keys. The optional 'passwordid' parameter to the tls-creds-x509 object type, provides the ID of a secret object instance that holds the decryption password for the PEM file. # printf "123456" > mypasswd.txt # $QEMU \ -object secret,id=sec0,filename=mypasswd.txt \ -object tls-creds-x509,passwordid=sec0,id=creds0,\ dir=/home/berrange/.pki/qemu,endpoint=server \ -vnc :1,tls-creds=creds0 This requires QEMU to be linked to GNUTLS >= 3.1.11. If GNUTLS is too old an error will be reported if an attempt is made to pass a decryption password. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18crypto: add QCryptoSecret object class for password/key handlingDaniel P. Berrange8-0/+1208
Introduce a new QCryptoSecret object class which will be used for providing passwords and keys to other objects which need sensitive credentials. The new object can provide secret values directly as properties, or indirectly via a file. The latter includes support for file descriptor passing syntax on UNIX platforms. Ordinarily passing secret values directly as properties is insecure, since they are visible in process listings, or in log files showing the CLI args / QMP commands. It is possible to use AES-256-CBC to encrypt the secret values though, in which case all that is visible is the ciphertext. For ad hoc developer testing though, it is fine to provide the secrets directly without encryption so this is not explicitly forbidden. The anticipated scenario is that libvirtd will create a random master key per QEMU instance (eg /var/run/libvirt/qemu/$VMNAME.key) and will use that key to encrypt all passwords it provides to QEMU via '-object secret,....'. This avoids the need for libvirt (or other mgmt apps) to worry about file descriptor passing. It also makes life easier for people who are scripting the management of QEMU, for whom FD passing is significantly more complex. Providing data inline (insecure, only for ad hoc dev testing) $QEMU -object secret,id=sec0,data=letmein Providing data indirectly in raw format printf "letmein" > mypasswd.txt $QEMU -object secret,id=sec0,file=mypasswd.txt Providing data indirectly in base64 format $QEMU -object secret,id=sec0,file=mykey.b64,format=base64 Providing data with encryption $QEMU -object secret,id=master0,file=mykey.b64,format=base64 \ -object secret,id=sec0,data=[base64 ciphertext],\ keyid=master0,iv=[base64 IV],format=base64 Note that 'format' here refers to the format of the ciphertext data. The decrypted data must always be in raw byte format. More examples are shown in the updated docs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18qga: convert to use error checked base64 decodeDaniel P. Berrange3-5/+30
Switch from using g_base64_decode over to qbase64_decode in order to get error checking of the base64 input data. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18qemu-char: convert to use error checked base64 decodeDaniel P. Berrange3-5/+7
Switch from using g_base64_decode over to qbase64_decode in order to get error checking of the base64 input data. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18util: add base64 decoding functionDaniel P. Berrange6-0/+232
The standard glib provided g_base64_decode doesn't provide any kind of sensible error checking on its input. Add a QEMU custom wrapper qbase64_decode which can be used with untrustworthy input that can contain invalid base64 characters, embedded NUL characters, or not be NUL terminated at all. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18Merge remote-tracking branch ↵Peter Maydell7-832/+448
'remotes/berrange/tags/pull-io-channel-vnc-2015-12-18-1' into staging Merge VNC conversion to I/O channels # gpg: Signature made Fri 18 Dec 2015 15:44:30 GMT using RSA key ID 15104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" * remotes/berrange/tags/pull-io-channel-vnc-2015-12-18-1: ui: convert VNC server to use QIOChannelWebsock ui: convert VNC server to use QIOChannelTLS ui: convert VNC server to use QIOChannelSocket Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18Merge remote-tracking branch 'remotes/sstabellini/tags/xsa155' into stagingPeter Maydell2-8/+14
XSA-155 fixes # gpg: Signature made Fri 18 Dec 2015 15:16:18 GMT using RSA key ID 70E1AE90 # gpg: Good signature from "Stefano Stabellini <stefano.stabellini@eu.citrix.com>" * remotes/sstabellini/tags/xsa155: xenfb: avoid reading twice the same fields from the shared page xen/blkif: Avoid double access to src->nr_segments Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-18xenfb: avoid reading twice the same fields from the shared pageStefano Stabellini1-4/+6
Reading twice the same field could give the guest an attack of opportunity. In the case of event->type, gcc could compile the switch statement into a jump table, effectively ending up reading the type field multiple times. This is part of XSA-155. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-12-18xen/blkif: Avoid double access to src->nr_segmentsStefano Stabellini1-4/+8
src is stored in shared memory and src->nr_segments is dereferenced twice at the end of the function. If a compiler decides to compile this into two separate memory accesses then the size limitation could be bypassed. Fix it by removing the double access to src->nr_segments. This is part of XSA-155. Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
2015-12-18ui: convert VNC server to use QIOChannelWebsockDaniel P. Berrange4-392/+30
Remove custom websock handling code from the VNC server and use the QIOChannelWebsock class instead. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18ui: convert VNC server to use QIOChannelTLSDaniel P. Berrange4-202/+73
Switch VNC server over to using the QIOChannelTLS object for the TLS session. This removes all remaining VNC specific code for dealing with TLS handshakes. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18ui: convert VNC server to use QIOChannelSocketDaniel P. Berrange7-326/+433
The minimal first step conversion to use QIOChannelSocket classes instead of directly using POSIX sockets API. This will later be extended to also cover the TLS, SASL and websockets code. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2015-12-18Merge remote-tracking branch 'mreitz/tags/pull-block-for-kevin-2015-12-18' ↵Kevin Wolf9-146/+607
into queue-block block-next patches from before the 2.5.0 release. # gpg: Signature made Fri Dec 18 14:38:44 2015 CET using RSA key ID E838ACAD # gpg: Good signature from "Max Reitz <mreitz@redhat.com>" * mreitz/tags/pull-block-for-kevin-2015-12-18: block/qapi: allow best-effort query qemu-img: abort when full_backing_filename not present block/qapi: explicitly warn if !has_full_backing_filename block/qapi: always report full_backing_filename block/qapi: do not redundantly print "actual path" qemu-iotests: s390x: fix test 068 qemu-iotests: s390x: fix test 051 qemu-iotests: refine common.config Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18block/qapi: allow best-effort queryJohn Snow2-4/+8
For more complex BDS trees that can be created under normal circumstances, we lose the ability to issue query commands because of our inability to re-construct the absolute filename. Instead, omit this field when it is a problem and present as much information as we can. This will change the expected output in iotest 110, where we will now see a json filename and the lack of an absolute filename instead of an error. Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1450122916-4706-6-git-send-email-jsnow@redhat.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18qemu-img: abort when full_backing_filename not presentJohn Snow1-1/+4
...But only if we have the backing_filename. It means something Scary happened and we can't really be quite exactly sure if we can trust the backing_filename. Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450122916-4706-5-git-send-email-jsnow@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18block/qapi: explicitly warn if !has_full_backing_filenameJohn Snow1-3/+4
Disambiguate "Backing filename and full backing filename are equivalent" from "full backing filename could not be determined." Signed-off-by: John Snow <jsnow@redhat.com> Message-id: 1450122916-4706-4-git-send-email-jsnow@redhat.com Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18block/qapi: always report full_backing_filenameJohn Snow2-3/+6
Always report full_backing_filename, even if it's the same as backing_filename. In the next patch, full_backing_filename may be omitted if it cannot be generated instead of allowing e.g. drive_query to abort if it runs into this scenario. The presence or absence of the "full" field becomes useful information. Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450122916-4706-3-git-send-email-jsnow@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18block/qapi: do not redundantly print "actual path"John Snow1-1/+3
If it happens to match the backing path, that was the actual path. Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1450122916-4706-2-git-send-email-jsnow@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18qemu-iotests: s390x: fix test 068Bo Tu1-2/+12
Now, s390-virtio-ccw is default machine and s390-ccw.img is default boot loader. If the s390-virtio-ccw machine finds no device to load from and errors out, then emits a panic and exits the vm. This breaks test cases 068 for s390x. Adding the parameter of "-no-shutdown" for s390-ccw-virtio will pause VM before shutdown. Acked-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Sascha Silbe <silbe@linux.vnet.ibm.com> Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com> Message-id: 1449136891-26850-4-git-send-email-tubo@linux.vnet.ibm.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18qemu-iotests: s390x: fix test 051Bo Tu3-130/+569
The tests for ide device should only be tested for the pc platform. Set device_id to "drive0", and replace every "-drive file..." by "-drive file=...,if=none,id=$device_id", then x86 and s390x can get the common output in the test of "Snapshot mode". Warning message expected for s390x when drive without device. A x86 platform specific output file is also needed. Reviewed-by: Sascha Silbe <silbe@linux.vnet.ibm.com> Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com> Message-id: 1449136891-26850-3-git-send-email-tubo@linux.vnet.ibm.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18qemu-iotests: refine common.configBo Tu1-5/+4
Replacing awk with sed, then it's easier to read. Replacing "[ ! -z "$default_alias_machine" ]" with "[[ $default_alias_machine ]]", then it's slightly shorter. Reviewed-by: Max Reitz <mreitz@redhat.com> Suggested-By: Sascha Silbe <silbe@linux.vnet.ibm.com> Reviewed-by: Sascha Silbe <silbe@linux.vnet.ibm.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Bo Tu <tubo@linux.vnet.ibm.com> Message-id: 1449136891-26850-2-git-send-email-tubo@linux.vnet.ibm.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2015-12-18block: fix bdrv_ioctl called from coroutinePaolo Bonzini1-3/+4
When called from a coroutine, bdrv_ioctl must be asynchronous just like e.g. bdrv_flush. The code was incorrectly making it synchronous, fix it. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18block: use drained section around bdrv_snapshot_deletePaolo Bonzini1-9/+14
Do not use bdrv_drain, since by itself it does not guarantee anything. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18iotests: Update comments for bdrv_swap() in 094Fam Zheng1-3/+5
Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18block: Remove prototype of bdrv_swap from headerFam Zheng1-1/+0
The function has gone. Signed-off-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18raw-posix: Make aio=native option bindingKevin Wolf1-12/+8
Traditionally, aio=native was treated as an advice that could simply be ignored if an error occurs while initialising Linux AIO or the feature wasn't compiled in. This behaviour was deprecated in commit 96518254 (qemu 2.3; error during init) and commit 1501ecc1 (qemu 2.5; not compiled in). This patch changes raw-posix to error out in these cases instead of printing a deprecation warning. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-12-18qcow2: insert assert into qcow2_get_specific_info()Denis V. Lunev1-0/+4
s->qcow_version is always set to 2 or 3. Let's assert if this is wrong. Signed-off-by: Denis V. Lunev <den@openvz.org> CC: Roman Kagan <rkagan@virtuozzo.com> CC: Max Reitz <mreitz@redhat.com> CC: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18iotests: Extend test 112 for qemu-img amendMax Reitz2-0/+180
Add tests for conversion between different refcount widths. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Point to amend function in checkMax Reitz1-0/+3
If a reference count is not representable with the current refcount order, the image check should point to qemu-img amend for increasing the refcount order. However, qemu-img amend needs write access to the image which cannot be provided if the image is marked corrupt; and the image check will not mark the image consistent unless everything actually is consistent. Therefore, if an image is marked corrupt and the image check encounters a reference count overflow, it cannot be fixed by using qemu-img amend to increase the refcount order. Instead, one has to use qemu-img convert to create a completely new copy of the image in this case. Alternatively, we may want to give the user a way of manually removing the corrupt flag, maybe through qemu-img amend, but this is not part of this patch. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Invoke refcount order amendment functionMax Reitz1-9/+35
Make use of qcow2_change_refcount_order() to support changing the refcount order with qemu-img amend. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Add function for refcount order amendmentMax Reitz2-0/+451
Add a function qcow2_change_refcount_order() which allows changing the refcount order of a qcow2 image. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Use intermediate helper CB for amendMax Reitz1-1/+79
If there is more than one time-consuming operation to be performed for qcow2_amend_options(), we need an intermediate CB which coordinates the progress of the individual operations and passes the result to the original status callback. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Split upgrade/downgrade paths for amendMax Reitz1-15/+16
If the image version should be upgraded, that is the first we should do; if it should be downgraded, that is the last we should do. So split the version change block into an upgrade part at the start and a downgrade part at the end. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Use abort() instead of assert(false)Max Reitz1-2/+2
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-12-18qcow2: Use error_report() in qcow2_amend_options()Max Reitz2-15/+13
Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>