Message ID | 20230831125702.11263-6-avihaih@nvidia.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | vfio/migration: Block VFIO migration with postcopy and background snapshot | expand |
On Thu, Aug 31, 2023 at 03:57:02PM +0300, Avihai Horon wrote: > Background snapshot allows creating a snapshot of the VM while it's > running and keeping it small by not including dirty RAM pages. > > The way it works is by first stopping the VM, saving the non-iterable > devices' state and then starting the VM and saving the RAM while write > protecting it with UFFD. The resulting snapshot represents the VM state > at snapshot start. > > VFIO migration is not compatible with background snapshot. > First of all, VFIO device state is not even saved in background snapshot > because only non-iterable device state is saved. But even if it was > saved, after starting the VM, a VFIO device could dirty pages without it > being detected by UFFD write protection. This would corrupt the > snapshot, as the RAM in it would not represent the RAM at snapshot > start. > > To prevent this, block VFIO migration with background snapshot. > > Signed-off-by: Avihai Horon <avihaih@nvidia.com> Reviewed-by: Peter Xu <peterx@redhat.com>
diff --git a/hw/vfio/migration.c b/hw/vfio/migration.c index 20994dc1d6..da43dcd2fe 100644 --- a/hw/vfio/migration.c +++ b/hw/vfio/migration.c @@ -340,7 +340,8 @@ static int vfio_save_prepare(void *opaque, Error **errp) VFIODevice *vbasedev = opaque; /* - * Snapshot doesn't use postcopy, so allow snapshot even if postcopy is on. + * Snapshot doesn't use postcopy nor background snapshot, so allow snapshot + * even if they are on. */ if (runstate_check(RUN_STATE_SAVE_VM)) { return 0; @@ -353,6 +354,14 @@ static int vfio_save_prepare(void *opaque, Error **errp) return -EOPNOTSUPP; } + if (migrate_background_snapshot()) { + error_setg( + errp, + "%s: VFIO migration is not supported with background snapshot", + vbasedev->name); + return -EOPNOTSUPP; + } + return 0; }
Background snapshot allows creating a snapshot of the VM while it's running and keeping it small by not including dirty RAM pages. The way it works is by first stopping the VM, saving the non-iterable devices' state and then starting the VM and saving the RAM while write protecting it with UFFD. The resulting snapshot represents the VM state at snapshot start. VFIO migration is not compatible with background snapshot. First of all, VFIO device state is not even saved in background snapshot because only non-iterable device state is saved. But even if it was saved, after starting the VM, a VFIO device could dirty pages without it being detected by UFFD write protection. This would corrupt the snapshot, as the RAM in it would not represent the RAM at snapshot start. To prevent this, block VFIO migration with background snapshot. Signed-off-by: Avihai Horon <avihaih@nvidia.com> --- hw/vfio/migration.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)