[Qemu-devel] Op Blockers on child nodes (was Re: [PATCH v6 for 2.1 00/10] Modify block jobs to use) node-names

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Jeff Cody <jcody@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: kwolf@redhat.com, benoit.canet@irqsave.net, pkrempa@redhat.com,
	famz@redhat.com, Stefan Hajnoczi <stefanha@gmail.com>,
	qemu-devel@nongnu.org, stefanha@redhat.com
Subject: [Qemu-devel] Op Blockers on child nodes (was Re: [PATCH v6 for 2.1 00/10] Modify block jobs to use) node-names
Date: Thu, 19 Jun 2014 14:22:37 -0400	[thread overview]
Message-ID: <20140619182237.GA19631@localhost.localdomain> (raw)
In-Reply-To: <53A314B0.9030508@redhat.com>

On Thu, Jun 19, 2014 at 10:49:52AM -0600, Eric Blake wrote:
> On 06/19/2014 10:26 AM, Jeff Cody wrote:

<snip> Breaking the reply into two parts, for easier discussion

> > 
> > Long term thoughts:
> > 
> > So if I think of operations that are done on block devices from a
> > block job, and chuck them into categories, I think we have:
> > 
> > 1) Read of guest-visible data
> > 2) Write of guest-visible data
> > 3) Read of host-visible data (e.g. image file metadata)
> > 4) Write of host-visible data (e.g. image file metadata, such as
> > the backing-file)
> > 5) Block chain manipulations (e.g. movement of a BDS, change to r/w
> > instead of r/o, etc..)
> > 6) I/O attribute changes (e.g. throttling, etc..)
> > 
> > Does this make sense, and did I miss any (likely so)?  It seems like
> > we should issue blockers not based on specific commands (e.g.
> > BLOCK_OP_TYPE_COMMIT), but rather based on what specific category of
> > interaction on a BDS we want to prohibit / allow.
> 
> Yes, I like that train of thought - it's not the operation that we are
> blocking, but the access category(ies) required by that operation.
> 
> > 
> > I don't think specific command blockers provide enough granularity,
> > and doesn't necessarily scale well as new commands are added. It
> > forces a new block job author to go through the specific
> > implementation of the other block job commands, and interpret what
> > operations to prohibit based on what other jobs do.  Whereas if each
> > command issues blockers based on the operation category, it takes care
> > of itself, and I just issue blockers based on my block job behavior.
> > 
> > Each command would then issue appropriate operational blockers to each
> > BDS affected by an operation.  For instance, at first blush, I think
> > block-commit would want (at the very least) to block (and check) the
> > following, in this example chain:
> > 
> > 
> >      [base] <-- [int1] <--  [int2] <-- [int3] <-- [top] <-- [overlay]
> > 
> >      becomes:
> > 
> >      [base] <-- [overlay]
> > 
> > 
> > Blocked operations per image:
> > 
> > * 'base' image
> > 
> > Operation       |  Blocked
> > -----------------------------
> > GUEST READ      |   Y
> > GUEST WRITE     |   Y
> > HOST READ       |    
> > HOST WRITE      |    
> > CHAIN           |   Y
> > I/O ATTRIBUTE   |
> 
> Makes sense:
> 
> blocking guest read because we are actively modifying the contents; if
> any other operation branches off of base, they will see data that is not
> consistent with what the guest sees through overlay.
> 
> blocking guest write because it is a backing chain, and overlay still
> depends on base image for sectors that have not yet been commited..
> 
> blocking chain manipulations because we are going to do a chain
> manipulation once our command completes.
> 
> Maybe you also want to block HOST_WRITE (our chain manipulation is done
> by writing host metadata; so if someone else writes that under our feet,
> we may have races on what gets written).
>

Hmm, you are right, we should block HOST_WRITE in addition to CHAIN.
The one host-level change we make to 'base' during a commit is
changing it from r/o to r/w, and we wouldn't want anyone else to undo
that.  Other than that, the other thing we might do is a
bdrv_truncate(), but I would consider that a GUEST_WRITE.

(I think I listed r/w flag changes under chain instead of host-write;
this is a mistake, that would be a host-write example)

> > 
> > 
> > * Intermediate images between 'base' up to and including 'top':
> > 
> > Operation       |  Blocked
> > -----------------------------
> > GUEST READ      |   
> > GUEST WRITE     |   Y
> > HOST READ       |
> > HOST WRITE      |   Y
> > CHAIN           |   Y
> > I/O ATTRIBUTE   |
> > 
> 
> This needs to also block GUEST_READ - as soon as the commit starts
> modifying base, ALL intermediate images are invalid (they no longer
> represent a state of memory as was seen by the guest).  Once you start a
> commit, you MUST NOT allow a fleecing operation on any of the
> intermediate operations.
>

Yes, you are right, I should have GUEST_READ in there as well.  

We could even get more granular; only apply the GUEST_READ blocker
once a layer above that BDS pushes data down into 'base' (e.g. 'int1'
data going into 'base' doesn't invalidate 'int2', but 'int3' or higher
data would).  Up until that point, that BDS is still OK.  That level
of granularity is probably not needed, and overly complex, however.
But it would be an interesting piece of framework to have in place.

> > 
> > * The overlay of 'top', if it exists:
> > 
> > Operation       |  Blocked
> > -----------------------------
> > GUEST READ      |   
> > GUEST WRITE     |    
> > HOST READ       |
> > HOST WRITE      |   Y
> > CHAIN           |   Y
> > I/O ATTRIBUTE   |
> > 
> > 
> > 
>

next prev parent reply	other threads:[~2014-06-19 18:23 UTC|newest]

Thread overview: 49+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-06-17 21:53 [Qemu-devel] [PATCH v6 for 2.1 00/10] Modify block jobs to use node-names Jeff Cody
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 01/10] block: Auto-generate node_names for each BDS entry Jeff Cody
2014-06-18 12:53   ` Benoît Canet
2014-06-18 13:13     ` Jeff Cody
2014-06-18 13:31       ` Benoît Canet
2014-06-19  8:55   ` Stefan Hajnoczi
2014-06-19 12:30     ` Jeff Cody
2014-06-19 17:03       ` Eric Blake
2014-06-20  4:24       ` Stefan Hajnoczi
2014-06-23 12:41       ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 02/10] block: add helper function to determine if a BDS is in a chain Jeff Cody
2014-06-19  6:27   ` Stefan Hajnoczi
2014-06-23 10:24   ` Benoît Canet
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 03/10] block: simplify bdrv_find_base() and bdrv_find_overlay() Jeff Cody
2014-06-19  6:31   ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 04/10] block: make 'top' argument to block-commit optional Jeff Cody
2014-06-17 22:25   ` Eric Blake
2014-06-19 16:56     ` Eric Blake
2014-06-19  6:40   ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 05/10] block: Accept node-name arguments for block-commit Jeff Cody
2014-06-18 12:58   ` Benoît Canet
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 06/10] block: extend block-commit to accept a string for the backing file Jeff Cody
2014-06-19  7:49   ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 07/10] block: add ability for block-stream to use node-name Jeff Cody
2014-06-18 13:06   ` Benoît Canet
2014-06-19  8:01   ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 08/10] block: add backing-file option to block-stream Jeff Cody
2014-06-19  8:04   ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 09/10] block: Add QMP documentation for block-stream Jeff Cody
2014-06-19  8:06   ` Stefan Hajnoczi
2014-06-17 21:53 ` [Qemu-devel] [PATCH v6 for 2.1 10/10] block: add QAPI command to allow live backing file change Jeff Cody
2014-06-18 13:15   ` Benoît Canet
2014-06-19  8:37     ` Stefan Hajnoczi
2014-06-19 19:08       ` Jeff Cody
2014-06-19  8:37   ` Stefan Hajnoczi
2014-06-19  9:17 ` [Qemu-devel] [PATCH v6 for 2.1 00/10] Modify block jobs to use node-names Stefan Hajnoczi
2014-06-19 16:26   ` Jeff Cody
2014-06-19 16:49     ` Eric Blake
2014-06-19 16:54       ` Eric Blake
2014-06-19 18:22       ` Jeff Cody [this message]
2014-06-24 12:55       ` Kevin Wolf
2014-06-23 13:08     ` Stefan Hajnoczi
2014-06-23 14:17       ` Benoît Canet
2014-06-24  2:48       ` Fam Zheng
2014-06-24 13:32         ` Jeff Cody
2014-06-24 14:08           ` Kevin Wolf
2014-06-24 15:30             ` Benoît Canet
2014-06-19 17:49   ` Benoît Canet
2014-06-24 17:08   ` Jeff Cody

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140619182237.GA19631@localhost.localdomain \
    --to=jcody@redhat.com \
    --cc=benoit.canet@irqsave.net \
    --cc=eblake@redhat.com \
    --cc=famz@redhat.com \
    --cc=kwolf@redhat.com \
    --cc=pkrempa@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanha@gmail.com \
    --cc=stefanha@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).