1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include "qemu/osdep.h"
29#include "qapi/error.h"
30#include "qemu/cutils.h"
31
32#include "block/block_int.h"
33#include "block/qcow2.h"
34
35
36
37
38
39
40#define BME_MAX_TABLE_SIZE 0x8000000
41#define BME_MAX_PHYS_SIZE 0x20000000
42#define BME_MAX_GRANULARITY_BITS 31
43#define BME_MIN_GRANULARITY_BITS 9
44#define BME_MAX_NAME_SIZE 1023
45
46#if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX
47#error In the code bitmap table physical size assumed to fit into int
48#endif
49
50
51#define BME_RESERVED_FLAGS 0xfffffffcU
52#define BME_FLAG_IN_USE (1U << 0)
53#define BME_FLAG_AUTO (1U << 1)
54
55
56#define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL
57#define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL
58#define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0)
59
60typedef struct QEMU_PACKED Qcow2BitmapDirEntry {
61
62 uint64_t bitmap_table_offset;
63
64 uint32_t bitmap_table_size;
65 uint32_t flags;
66
67 uint8_t type;
68 uint8_t granularity_bits;
69 uint16_t name_size;
70 uint32_t extra_data_size;
71
72
73} Qcow2BitmapDirEntry;
74
75typedef struct Qcow2BitmapTable {
76 uint64_t offset;
77 uint32_t size;
78 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry;
79} Qcow2BitmapTable;
80typedef QSIMPLEQ_HEAD(Qcow2BitmapTableList, Qcow2BitmapTable)
81 Qcow2BitmapTableList;
82
83typedef struct Qcow2Bitmap {
84 Qcow2BitmapTable table;
85 uint32_t flags;
86 uint8_t granularity_bits;
87 char *name;
88
89 BdrvDirtyBitmap *dirty_bitmap;
90
91 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry;
92} Qcow2Bitmap;
93typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList;
94
95typedef enum BitmapType {
96 BT_DIRTY_TRACKING_BITMAP = 1
97} BitmapType;
98
99static inline bool can_write(BlockDriverState *bs)
100{
101 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
102}
103
104static int update_header_sync(BlockDriverState *bs)
105{
106 int ret;
107
108 ret = qcow2_update_header(bs);
109 if (ret < 0) {
110 return ret;
111 }
112
113 return bdrv_flush(bs);
114}
115
116static inline void bitmap_table_to_be(uint64_t *bitmap_table, size_t size)
117{
118 size_t i;
119
120 for (i = 0; i < size; ++i) {
121 cpu_to_be64s(&bitmap_table[i]);
122 }
123}
124
125static int check_table_entry(uint64_t entry, int cluster_size)
126{
127 uint64_t offset;
128
129 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) {
130 return -EINVAL;
131 }
132
133 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
134 if (offset != 0) {
135
136 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) {
137 return -EINVAL;
138 }
139
140 if (offset % cluster_size != 0) {
141 return -EINVAL;
142 }
143 }
144
145 return 0;
146}
147
148static int check_constraints_on_bitmap(BlockDriverState *bs,
149 const char *name,
150 uint32_t granularity,
151 Error **errp)
152{
153 BDRVQcow2State *s = bs->opaque;
154 int granularity_bits = ctz32(granularity);
155 int64_t len = bdrv_getlength(bs);
156
157 assert(granularity > 0);
158 assert((granularity & (granularity - 1)) == 0);
159
160 if (len < 0) {
161 error_setg_errno(errp, -len, "Failed to get size of '%s'",
162 bdrv_get_device_or_node_name(bs));
163 return len;
164 }
165
166 if (granularity_bits > BME_MAX_GRANULARITY_BITS) {
167 error_setg(errp, "Granularity exceeds maximum (%llu bytes)",
168 1ULL << BME_MAX_GRANULARITY_BITS);
169 return -EINVAL;
170 }
171 if (granularity_bits < BME_MIN_GRANULARITY_BITS) {
172 error_setg(errp, "Granularity is under minimum (%llu bytes)",
173 1ULL << BME_MIN_GRANULARITY_BITS);
174 return -EINVAL;
175 }
176
177 if ((len > (uint64_t)BME_MAX_PHYS_SIZE << granularity_bits) ||
178 (len > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size <<
179 granularity_bits))
180 {
181 error_setg(errp, "Too much space will be occupied by the bitmap. "
182 "Use larger granularity");
183 return -EINVAL;
184 }
185
186 if (strlen(name) > BME_MAX_NAME_SIZE) {
187 error_setg(errp, "Name length exceeds maximum (%u characters)",
188 BME_MAX_NAME_SIZE);
189 return -EINVAL;
190 }
191
192 return 0;
193}
194
195static void clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table,
196 uint32_t bitmap_table_size)
197{
198 BDRVQcow2State *s = bs->opaque;
199 int i;
200
201 for (i = 0; i < bitmap_table_size; ++i) {
202 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK;
203 if (!addr) {
204 continue;
205 }
206
207 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_OTHER);
208 bitmap_table[i] = 0;
209 }
210}
211
212static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb,
213 uint64_t **bitmap_table)
214{
215 int ret;
216 BDRVQcow2State *s = bs->opaque;
217 uint32_t i;
218 uint64_t *table;
219
220 assert(tb->size != 0);
221 table = g_try_new(uint64_t, tb->size);
222 if (table == NULL) {
223 return -ENOMEM;
224 }
225
226 assert(tb->size <= BME_MAX_TABLE_SIZE);
227 ret = bdrv_pread(bs->file, tb->offset,
228 table, tb->size * sizeof(uint64_t));
229 if (ret < 0) {
230 goto fail;
231 }
232
233 for (i = 0; i < tb->size; ++i) {
234 be64_to_cpus(&table[i]);
235 ret = check_table_entry(table[i], s->cluster_size);
236 if (ret < 0) {
237 goto fail;
238 }
239 }
240
241 *bitmap_table = table;
242 return 0;
243
244fail:
245 g_free(table);
246
247 return ret;
248}
249
250static int free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb)
251{
252 int ret;
253 uint64_t *bitmap_table;
254
255 ret = bitmap_table_load(bs, tb, &bitmap_table);
256 if (ret < 0) {
257 assert(bitmap_table == NULL);
258 return ret;
259 }
260
261 clear_bitmap_table(bs, bitmap_table, tb->size);
262 qcow2_free_clusters(bs, tb->offset, tb->size * sizeof(uint64_t),
263 QCOW2_DISCARD_OTHER);
264 g_free(bitmap_table);
265
266 tb->offset = 0;
267 tb->size = 0;
268
269 return 0;
270}
271
272
273
274static uint64_t sectors_covered_by_bitmap_cluster(const BDRVQcow2State *s,
275 const BdrvDirtyBitmap *bitmap)
276{
277 uint32_t sector_granularity =
278 bdrv_dirty_bitmap_granularity(bitmap) >> BDRV_SECTOR_BITS;
279
280 return (uint64_t)sector_granularity * (s->cluster_size << 3);
281}
282
283
284
285
286static int load_bitmap_data(BlockDriverState *bs,
287 const uint64_t *bitmap_table,
288 uint32_t bitmap_table_size,
289 BdrvDirtyBitmap *bitmap)
290{
291 int ret = 0;
292 BDRVQcow2State *s = bs->opaque;
293 uint64_t sector, sbc;
294 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap);
295 uint8_t *buf = NULL;
296 uint64_t i, tab_size =
297 size_to_clusters(s,
298 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size));
299
300 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) {
301 return -EINVAL;
302 }
303
304 buf = g_malloc(s->cluster_size);
305 sbc = sectors_covered_by_bitmap_cluster(s, bitmap);
306 for (i = 0, sector = 0; i < tab_size; ++i, sector += sbc) {
307 uint64_t count = MIN(bm_size - sector, sbc);
308 uint64_t entry = bitmap_table[i];
309 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
310
311 assert(check_table_entry(entry, s->cluster_size) == 0);
312
313 if (offset == 0) {
314 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) {
315 bdrv_dirty_bitmap_deserialize_ones(bitmap, sector, count,
316 false);
317 } else {
318
319
320 }
321 } else {
322 ret = bdrv_pread(bs->file, offset, buf, s->cluster_size);
323 if (ret < 0) {
324 goto finish;
325 }
326 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, sector, count,
327 false);
328 }
329 }
330 ret = 0;
331
332 bdrv_dirty_bitmap_deserialize_finish(bitmap);
333
334finish:
335 g_free(buf);
336
337 return ret;
338}
339
340static BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs,
341 Qcow2Bitmap *bm, Error **errp)
342{
343 int ret;
344 uint64_t *bitmap_table = NULL;
345 uint32_t granularity;
346 BdrvDirtyBitmap *bitmap = NULL;
347
348 if (bm->flags & BME_FLAG_IN_USE) {
349 error_setg(errp, "Bitmap '%s' is in use", bm->name);
350 goto fail;
351 }
352
353 ret = bitmap_table_load(bs, &bm->table, &bitmap_table);
354 if (ret < 0) {
355 error_setg_errno(errp, -ret,
356 "Could not read bitmap_table table from image for "
357 "bitmap '%s'", bm->name);
358 goto fail;
359 }
360
361 granularity = 1U << bm->granularity_bits;
362 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp);
363 if (bitmap == NULL) {
364 goto fail;
365 }
366
367 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap);
368 if (ret < 0) {
369 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image",
370 bm->name);
371 goto fail;
372 }
373
374 g_free(bitmap_table);
375 return bitmap;
376
377fail:
378 g_free(bitmap_table);
379 if (bitmap != NULL) {
380 bdrv_release_dirty_bitmap(bs, bitmap);
381 }
382
383 return NULL;
384}
385
386
387
388
389
390
391
392
393
394
395static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry)
396{
397 be64_to_cpus(&entry->bitmap_table_offset);
398 be32_to_cpus(&entry->bitmap_table_size);
399 be32_to_cpus(&entry->flags);
400 be16_to_cpus(&entry->name_size);
401 be32_to_cpus(&entry->extra_data_size);
402}
403
404static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry)
405{
406 cpu_to_be64s(&entry->bitmap_table_offset);
407 cpu_to_be32s(&entry->bitmap_table_size);
408 cpu_to_be32s(&entry->flags);
409 cpu_to_be16s(&entry->name_size);
410 cpu_to_be32s(&entry->extra_data_size);
411}
412
413static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size)
414{
415 return align_offset(sizeof(Qcow2BitmapDirEntry) +
416 name_size + extra_data_size, 8);
417}
418
419static inline int dir_entry_size(Qcow2BitmapDirEntry *entry)
420{
421 return calc_dir_entry_size(entry->name_size, entry->extra_data_size);
422}
423
424static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry)
425{
426 return (const char *)(entry + 1) + entry->extra_data_size;
427}
428
429static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry)
430{
431 const char *name_field = dir_entry_name_field(entry);
432 return g_strndup(name_field, entry->name_size);
433}
434
435static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry)
436{
437 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry));
438}
439
440static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry)
441{
442 BDRVQcow2State *s = bs->opaque;
443 uint64_t phys_bitmap_bytes;
444 int64_t len;
445
446 bool fail = (entry->bitmap_table_size == 0) ||
447 (entry->bitmap_table_offset == 0) ||
448 (entry->bitmap_table_offset % s->cluster_size) ||
449 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) ||
450 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) ||
451 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) ||
452 (entry->flags & BME_RESERVED_FLAGS) ||
453 (entry->name_size > BME_MAX_NAME_SIZE) ||
454 (entry->type != BT_DIRTY_TRACKING_BITMAP);
455
456 if (fail) {
457 return -EINVAL;
458 }
459
460 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size;
461 len = bdrv_getlength(bs);
462
463 if (len < 0) {
464 return len;
465 }
466
467 fail = (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) ||
468 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits));
469
470 return fail ? -EINVAL : 0;
471}
472
473static inline void bitmap_directory_to_be(uint8_t *dir, size_t size)
474{
475 uint8_t *end = dir + size;
476 while (dir < end) {
477 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir;
478 dir += dir_entry_size(e);
479
480 bitmap_dir_entry_to_be(e);
481 }
482}
483
484
485
486
487
488static void bitmap_free(Qcow2Bitmap *bm)
489{
490 if (bm == NULL) {
491 return;
492 }
493
494 g_free(bm->name);
495 g_free(bm);
496}
497
498static void bitmap_list_free(Qcow2BitmapList *bm_list)
499{
500 Qcow2Bitmap *bm;
501
502 if (bm_list == NULL) {
503 return;
504 }
505
506 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) {
507 QSIMPLEQ_REMOVE_HEAD(bm_list, entry);
508 bitmap_free(bm);
509 }
510
511 g_free(bm_list);
512}
513
514static Qcow2BitmapList *bitmap_list_new(void)
515{
516 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1);
517 QSIMPLEQ_INIT(bm_list);
518
519 return bm_list;
520}
521
522static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list)
523{
524 Qcow2Bitmap *bm;
525 uint32_t nb_bitmaps = 0;
526
527 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
528 nb_bitmaps++;
529 }
530
531 return nb_bitmaps;
532}
533
534
535
536
537
538static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset,
539 uint64_t size, Error **errp)
540{
541 int ret;
542 BDRVQcow2State *s = bs->opaque;
543 uint8_t *dir, *dir_end;
544 Qcow2BitmapDirEntry *e;
545 uint32_t nb_dir_entries = 0;
546 Qcow2BitmapList *bm_list = NULL;
547
548 if (size == 0) {
549 error_setg(errp, "Requested bitmap directory size is zero");
550 return NULL;
551 }
552
553 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
554 error_setg(errp, "Requested bitmap directory size is too big");
555 return NULL;
556 }
557
558 dir = g_try_malloc(size);
559 if (dir == NULL) {
560 error_setg(errp, "Failed to allocate space for bitmap directory");
561 return NULL;
562 }
563 dir_end = dir + size;
564
565 ret = bdrv_pread(bs->file, offset, dir, size);
566 if (ret < 0) {
567 error_setg_errno(errp, -ret, "Failed to read bitmap directory");
568 goto fail;
569 }
570
571 bm_list = bitmap_list_new();
572 for (e = (Qcow2BitmapDirEntry *)dir;
573 e < (Qcow2BitmapDirEntry *)dir_end;
574 e = next_dir_entry(e))
575 {
576 Qcow2Bitmap *bm;
577
578 if ((uint8_t *)(e + 1) > dir_end) {
579 goto broken_dir;
580 }
581
582 if (++nb_dir_entries > s->nb_bitmaps) {
583 error_setg(errp, "More bitmaps found than specified in header"
584 " extension");
585 goto fail;
586 }
587 bitmap_dir_entry_to_cpu(e);
588
589 if ((uint8_t *)next_dir_entry(e) > dir_end) {
590 goto broken_dir;
591 }
592
593 if (e->extra_data_size != 0) {
594 error_setg(errp, "Bitmap extra data is not supported");
595 goto fail;
596 }
597
598 ret = check_dir_entry(bs, e);
599 if (ret < 0) {
600 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints",
601 e->name_size, dir_entry_name_field(e));
602 goto fail;
603 }
604
605 bm = g_new(Qcow2Bitmap, 1);
606 bm->table.offset = e->bitmap_table_offset;
607 bm->table.size = e->bitmap_table_size;
608 bm->flags = e->flags;
609 bm->granularity_bits = e->granularity_bits;
610 bm->name = dir_entry_copy_name(e);
611 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry);
612 }
613
614 if (nb_dir_entries != s->nb_bitmaps) {
615 error_setg(errp, "Less bitmaps found than specified in header"
616 " extension");
617 goto fail;
618 }
619
620 if ((uint8_t *)e != dir_end) {
621 goto broken_dir;
622 }
623
624 g_free(dir);
625 return bm_list;
626
627broken_dir:
628 ret = -EINVAL;
629 error_setg(errp, "Broken bitmap directory");
630
631fail:
632 g_free(dir);
633 bitmap_list_free(bm_list);
634
635 return NULL;
636}
637
638int qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res,
639 void **refcount_table,
640 int64_t *refcount_table_size)
641{
642 int ret;
643 BDRVQcow2State *s = bs->opaque;
644 Qcow2BitmapList *bm_list;
645 Qcow2Bitmap *bm;
646
647 if (s->nb_bitmaps == 0) {
648 return 0;
649 }
650
651 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size,
652 s->bitmap_directory_offset,
653 s->bitmap_directory_size);
654 if (ret < 0) {
655 return ret;
656 }
657
658 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
659 s->bitmap_directory_size, NULL);
660 if (bm_list == NULL) {
661 res->corruptions++;
662 return -EINVAL;
663 }
664
665 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
666 uint64_t *bitmap_table = NULL;
667 int i;
668
669 ret = qcow2_inc_refcounts_imrt(bs, res,
670 refcount_table, refcount_table_size,
671 bm->table.offset,
672 bm->table.size * sizeof(uint64_t));
673 if (ret < 0) {
674 goto out;
675 }
676
677 ret = bitmap_table_load(bs, &bm->table, &bitmap_table);
678 if (ret < 0) {
679 res->corruptions++;
680 goto out;
681 }
682
683 for (i = 0; i < bm->table.size; ++i) {
684 uint64_t entry = bitmap_table[i];
685 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
686
687 if (check_table_entry(entry, s->cluster_size) < 0) {
688 res->corruptions++;
689 continue;
690 }
691
692 if (offset == 0) {
693 continue;
694 }
695
696 ret = qcow2_inc_refcounts_imrt(bs, res,
697 refcount_table, refcount_table_size,
698 offset, s->cluster_size);
699 if (ret < 0) {
700 g_free(bitmap_table);
701 goto out;
702 }
703 }
704
705 g_free(bitmap_table);
706 }
707
708out:
709 bitmap_list_free(bm_list);
710
711 return ret;
712}
713
714
715
716
717
718static int bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list,
719 uint64_t *offset, uint64_t *size, bool in_place)
720{
721 int ret;
722 uint8_t *dir;
723 int64_t dir_offset = 0;
724 uint64_t dir_size = 0;
725 Qcow2Bitmap *bm;
726 Qcow2BitmapDirEntry *e;
727
728 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
729 dir_size += calc_dir_entry_size(strlen(bm->name), 0);
730 }
731
732 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
733 return -EINVAL;
734 }
735
736 if (in_place) {
737 if (*size != dir_size || *offset == 0) {
738 return -EINVAL;
739 }
740
741 dir_offset = *offset;
742 }
743
744 dir = g_try_malloc(dir_size);
745 if (dir == NULL) {
746 return -ENOMEM;
747 }
748
749 e = (Qcow2BitmapDirEntry *)dir;
750 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
751 e->bitmap_table_offset = bm->table.offset;
752 e->bitmap_table_size = bm->table.size;
753 e->flags = bm->flags;
754 e->type = BT_DIRTY_TRACKING_BITMAP;
755 e->granularity_bits = bm->granularity_bits;
756 e->name_size = strlen(bm->name);
757 e->extra_data_size = 0;
758 memcpy(e + 1, bm->name, e->name_size);
759
760 if (check_dir_entry(bs, e) < 0) {
761 ret = -EINVAL;
762 goto fail;
763 }
764
765 e = next_dir_entry(e);
766 }
767
768 bitmap_directory_to_be(dir, dir_size);
769
770 if (!in_place) {
771 dir_offset = qcow2_alloc_clusters(bs, dir_size);
772 if (dir_offset < 0) {
773 ret = dir_offset;
774 goto fail;
775 }
776 }
777
778 ret = qcow2_pre_write_overlap_check(bs, 0, dir_offset, dir_size);
779 if (ret < 0) {
780 goto fail;
781 }
782
783 ret = bdrv_pwrite(bs->file, dir_offset, dir, dir_size);
784 if (ret < 0) {
785 goto fail;
786 }
787
788 g_free(dir);
789
790 if (!in_place) {
791 *size = dir_size;
792 *offset = dir_offset;
793 }
794
795 return 0;
796
797fail:
798 g_free(dir);
799
800 if (!in_place && dir_offset > 0) {
801 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER);
802 }
803
804 return ret;
805}
806
807
808
809
810
811static int update_ext_header_and_dir_in_place(BlockDriverState *bs,
812 Qcow2BitmapList *bm_list)
813{
814 BDRVQcow2State *s = bs->opaque;
815 int ret;
816
817 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) ||
818 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) ||
819 bitmap_list_count(bm_list) != s->nb_bitmaps)
820 {
821 return -EINVAL;
822 }
823
824 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS;
825 ret = update_header_sync(bs);
826 if (ret < 0) {
827
828
829
830
831 return ret;
832 }
833
834
835
836 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset,
837 &s->bitmap_directory_size, true);
838 if (ret < 0) {
839
840
841 return ret;
842 }
843
844 ret = update_header_sync(bs);
845 if (ret < 0) {
846
847
848 return ret;
849 }
850
851 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS;
852 return update_header_sync(bs);
853
854
855
856
857}
858
859static int update_ext_header_and_dir(BlockDriverState *bs,
860 Qcow2BitmapList *bm_list)
861{
862 BDRVQcow2State *s = bs->opaque;
863 int ret;
864 uint64_t new_offset = 0;
865 uint64_t new_size = 0;
866 uint32_t new_nb_bitmaps = 0;
867 uint64_t old_offset = s->bitmap_directory_offset;
868 uint64_t old_size = s->bitmap_directory_size;
869 uint32_t old_nb_bitmaps = s->nb_bitmaps;
870 uint64_t old_autocl = s->autoclear_features;
871
872 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) {
873 new_nb_bitmaps = bitmap_list_count(bm_list);
874
875 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) {
876 return -EINVAL;
877 }
878
879 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false);
880 if (ret < 0) {
881 return ret;
882 }
883
884 ret = bdrv_flush(bs->file->bs);
885 if (ret < 0) {
886 goto fail;
887 }
888
889 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS;
890 } else {
891 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS;
892 }
893
894 s->bitmap_directory_offset = new_offset;
895 s->bitmap_directory_size = new_size;
896 s->nb_bitmaps = new_nb_bitmaps;
897
898 ret = update_header_sync(bs);
899 if (ret < 0) {
900 goto fail;
901 }
902
903 if (old_size > 0) {
904 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER);
905 }
906
907 return 0;
908
909fail:
910 if (new_offset > 0) {
911 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER);
912 }
913
914 s->bitmap_directory_offset = old_offset;
915 s->bitmap_directory_size = old_size;
916 s->nb_bitmaps = old_nb_bitmaps;
917 s->autoclear_features = old_autocl;
918
919 return ret;
920}
921
922
923static void release_dirty_bitmap_helper(gpointer bitmap,
924 gpointer bs)
925{
926 bdrv_release_dirty_bitmap(bs, bitmap);
927}
928
929
930static void set_readonly_helper(gpointer bitmap, gpointer value)
931{
932 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value);
933}
934
935
936
937
938
939
940
941
942bool qcow2_load_autoloading_dirty_bitmaps(BlockDriverState *bs, Error **errp)
943{
944 BDRVQcow2State *s = bs->opaque;
945 Qcow2BitmapList *bm_list;
946 Qcow2Bitmap *bm;
947 GSList *created_dirty_bitmaps = NULL;
948 bool header_updated = false;
949
950 if (s->nb_bitmaps == 0) {
951
952 return false;
953 }
954
955 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
956 s->bitmap_directory_size, errp);
957 if (bm_list == NULL) {
958 return false;
959 }
960
961 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
962 if ((bm->flags & BME_FLAG_AUTO) && !(bm->flags & BME_FLAG_IN_USE)) {
963 BdrvDirtyBitmap *bitmap = load_bitmap(bs, bm, errp);
964 if (bitmap == NULL) {
965 goto fail;
966 }
967
968 bdrv_dirty_bitmap_set_persistance(bitmap, true);
969 bdrv_dirty_bitmap_set_autoload(bitmap, true);
970 bm->flags |= BME_FLAG_IN_USE;
971 created_dirty_bitmaps =
972 g_slist_append(created_dirty_bitmaps, bitmap);
973 }
974 }
975
976 if (created_dirty_bitmaps != NULL) {
977 if (can_write(bs)) {
978
979 int ret = update_ext_header_and_dir_in_place(bs, bm_list);
980 if (ret < 0) {
981 error_setg_errno(errp, -ret, "Can't update bitmap directory");
982 goto fail;
983 }
984 header_updated = true;
985 } else {
986 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper,
987 (gpointer)true);
988 }
989 }
990
991 g_slist_free(created_dirty_bitmaps);
992 bitmap_list_free(bm_list);
993
994 return header_updated;
995
996fail:
997 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs);
998 g_slist_free(created_dirty_bitmaps);
999 bitmap_list_free(bm_list);
1000
1001 return false;
1002}
1003
1004int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp)
1005{
1006 BDRVQcow2State *s = bs->opaque;
1007 Qcow2BitmapList *bm_list;
1008 Qcow2Bitmap *bm;
1009 GSList *ro_dirty_bitmaps = NULL;
1010 int ret = 0;
1011
1012 if (s->nb_bitmaps == 0) {
1013
1014 return 0;
1015 }
1016
1017 if (!can_write(bs)) {
1018 error_setg(errp, "Can't write to the image on reopening bitmaps rw");
1019 return -EINVAL;
1020 }
1021
1022 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1023 s->bitmap_directory_size, errp);
1024 if (bm_list == NULL) {
1025 return -EINVAL;
1026 }
1027
1028 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1029 if (!(bm->flags & BME_FLAG_IN_USE)) {
1030 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name);
1031 if (bitmap == NULL) {
1032 continue;
1033 }
1034
1035 if (!bdrv_dirty_bitmap_readonly(bitmap)) {
1036 error_setg(errp, "Bitmap %s is not readonly but not marked"
1037 "'IN_USE' in the image. Something went wrong,"
1038 "all the bitmaps may be corrupted", bm->name);
1039 ret = -EINVAL;
1040 goto out;
1041 }
1042
1043 bm->flags |= BME_FLAG_IN_USE;
1044 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap);
1045 }
1046 }
1047
1048 if (ro_dirty_bitmaps != NULL) {
1049
1050 ret = update_ext_header_and_dir_in_place(bs, bm_list);
1051 if (ret < 0) {
1052 error_setg_errno(errp, -ret, "Can't update bitmap directory");
1053 goto out;
1054 }
1055 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, false);
1056 }
1057
1058out:
1059 g_slist_free(ro_dirty_bitmaps);
1060 bitmap_list_free(bm_list);
1061
1062 return ret;
1063}
1064
1065
1066
1067
1068static uint64_t *store_bitmap_data(BlockDriverState *bs,
1069 BdrvDirtyBitmap *bitmap,
1070 uint32_t *bitmap_table_size, Error **errp)
1071{
1072 int ret;
1073 BDRVQcow2State *s = bs->opaque;
1074 int64_t sector;
1075 uint64_t sbc;
1076 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap);
1077 const char *bm_name = bdrv_dirty_bitmap_name(bitmap);
1078 uint8_t *buf = NULL;
1079 BdrvDirtyBitmapIter *dbi;
1080 uint64_t *tb;
1081 uint64_t tb_size =
1082 size_to_clusters(s,
1083 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size));
1084
1085 if (tb_size > BME_MAX_TABLE_SIZE ||
1086 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE)
1087 {
1088 error_setg(errp, "Bitmap '%s' is too big", bm_name);
1089 return NULL;
1090 }
1091
1092 tb = g_try_new0(uint64_t, tb_size);
1093 if (tb == NULL) {
1094 error_setg(errp, "No memory");
1095 return NULL;
1096 }
1097
1098 dbi = bdrv_dirty_iter_new(bitmap, 0);
1099 buf = g_malloc(s->cluster_size);
1100 sbc = sectors_covered_by_bitmap_cluster(s, bitmap);
1101 assert(DIV_ROUND_UP(bm_size, sbc) == tb_size);
1102
1103 while ((sector = bdrv_dirty_iter_next(dbi)) != -1) {
1104 uint64_t cluster = sector / sbc;
1105 uint64_t end, write_size;
1106 int64_t off;
1107
1108 sector = cluster * sbc;
1109 end = MIN(bm_size, sector + sbc);
1110 write_size =
1111 bdrv_dirty_bitmap_serialization_size(bitmap, sector, end - sector);
1112 assert(write_size <= s->cluster_size);
1113
1114 off = qcow2_alloc_clusters(bs, s->cluster_size);
1115 if (off < 0) {
1116 error_setg_errno(errp, -off,
1117 "Failed to allocate clusters for bitmap '%s'",
1118 bm_name);
1119 goto fail;
1120 }
1121 tb[cluster] = off;
1122
1123 bdrv_dirty_bitmap_serialize_part(bitmap, buf, sector, end - sector);
1124 if (write_size < s->cluster_size) {
1125 memset(buf + write_size, 0, s->cluster_size - write_size);
1126 }
1127
1128 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size);
1129 if (ret < 0) {
1130 error_setg_errno(errp, -ret, "Qcow2 overlap check failed");
1131 goto fail;
1132 }
1133
1134 ret = bdrv_pwrite(bs->file, off, buf, s->cluster_size);
1135 if (ret < 0) {
1136 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file",
1137 bm_name);
1138 goto fail;
1139 }
1140
1141 if (end >= bm_size) {
1142 break;
1143 }
1144
1145 bdrv_set_dirty_iter(dbi, end);
1146 }
1147
1148 *bitmap_table_size = tb_size;
1149 g_free(buf);
1150 bdrv_dirty_iter_free(dbi);
1151
1152 return tb;
1153
1154fail:
1155 clear_bitmap_table(bs, tb, tb_size);
1156 g_free(buf);
1157 bdrv_dirty_iter_free(dbi);
1158 g_free(tb);
1159
1160 return NULL;
1161}
1162
1163
1164
1165
1166
1167static int store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp)
1168{
1169 int ret;
1170 uint64_t *tb;
1171 int64_t tb_offset;
1172 uint32_t tb_size;
1173 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap;
1174 const char *bm_name;
1175
1176 assert(bitmap != NULL);
1177
1178 bm_name = bdrv_dirty_bitmap_name(bitmap);
1179
1180 tb = store_bitmap_data(bs, bitmap, &tb_size, errp);
1181 if (tb == NULL) {
1182 return -EINVAL;
1183 }
1184
1185 assert(tb_size <= BME_MAX_TABLE_SIZE);
1186 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0]));
1187 if (tb_offset < 0) {
1188 error_setg_errno(errp, -tb_offset,
1189 "Failed to allocate clusters for bitmap '%s'",
1190 bm_name);
1191 ret = tb_offset;
1192 goto fail;
1193 }
1194
1195 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset,
1196 tb_size * sizeof(tb[0]));
1197 if (ret < 0) {
1198 error_setg_errno(errp, -ret, "Qcow2 overlap check failed");
1199 goto fail;
1200 }
1201
1202 bitmap_table_to_be(tb, tb_size);
1203 ret = bdrv_pwrite(bs->file, tb_offset, tb, tb_size * sizeof(tb[0]));
1204 if (ret < 0) {
1205 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file",
1206 bm_name);
1207 goto fail;
1208 }
1209
1210 g_free(tb);
1211
1212 bm->table.offset = tb_offset;
1213 bm->table.size = tb_size;
1214
1215 return 0;
1216
1217fail:
1218 clear_bitmap_table(bs, tb, tb_size);
1219
1220 if (tb_offset > 0) {
1221 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]),
1222 QCOW2_DISCARD_OTHER);
1223 }
1224
1225 g_free(tb);
1226
1227 return ret;
1228}
1229
1230static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list,
1231 const char *name)
1232{
1233 Qcow2Bitmap *bm;
1234
1235 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1236 if (strcmp(name, bm->name) == 0) {
1237 return bm;
1238 }
1239 }
1240
1241 return NULL;
1242}
1243
1244void qcow2_remove_persistent_dirty_bitmap(BlockDriverState *bs,
1245 const char *name,
1246 Error **errp)
1247{
1248 int ret;
1249 BDRVQcow2State *s = bs->opaque;
1250 Qcow2Bitmap *bm;
1251 Qcow2BitmapList *bm_list;
1252
1253 if (s->nb_bitmaps == 0) {
1254
1255
1256 return;
1257 }
1258
1259 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1260 s->bitmap_directory_size, errp);
1261 if (bm_list == NULL) {
1262 return;
1263 }
1264
1265 bm = find_bitmap_by_name(bm_list, name);
1266 if (bm == NULL) {
1267 goto fail;
1268 }
1269
1270 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry);
1271
1272 ret = update_ext_header_and_dir(bs, bm_list);
1273 if (ret < 0) {
1274 error_setg_errno(errp, -ret, "Failed to update bitmap extension");
1275 goto fail;
1276 }
1277
1278 free_bitmap_clusters(bs, &bm->table);
1279
1280fail:
1281 bitmap_free(bm);
1282 bitmap_list_free(bm_list);
1283}
1284
1285void qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, Error **errp)
1286{
1287 BdrvDirtyBitmap *bitmap;
1288 BDRVQcow2State *s = bs->opaque;
1289 uint32_t new_nb_bitmaps = s->nb_bitmaps;
1290 uint64_t new_dir_size = s->bitmap_directory_size;
1291 int ret;
1292 Qcow2BitmapList *bm_list;
1293 Qcow2Bitmap *bm;
1294 Qcow2BitmapTableList drop_tables;
1295 Qcow2BitmapTable *tb, *tb_next;
1296
1297 if (!bdrv_has_changed_persistent_bitmaps(bs)) {
1298
1299 return;
1300 }
1301
1302 if (!can_write(bs)) {
1303 error_setg(errp, "No write access");
1304 return;
1305 }
1306
1307 QSIMPLEQ_INIT(&drop_tables);
1308
1309 if (s->nb_bitmaps == 0) {
1310 bm_list = bitmap_list_new();
1311 } else {
1312 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1313 s->bitmap_directory_size, errp);
1314 if (bm_list == NULL) {
1315 return;
1316 }
1317 }
1318
1319
1320 for (bitmap = bdrv_dirty_bitmap_next(bs, NULL); bitmap != NULL;
1321 bitmap = bdrv_dirty_bitmap_next(bs, bitmap))
1322 {
1323 const char *name = bdrv_dirty_bitmap_name(bitmap);
1324 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap);
1325 Qcow2Bitmap *bm;
1326
1327 if (!bdrv_dirty_bitmap_get_persistance(bitmap) ||
1328 bdrv_dirty_bitmap_readonly(bitmap))
1329 {
1330 continue;
1331 }
1332
1333 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) {
1334 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ",
1335 name);
1336 goto fail;
1337 }
1338
1339 bm = find_bitmap_by_name(bm_list, name);
1340 if (bm == NULL) {
1341 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) {
1342 error_setg(errp, "Too many persistent bitmaps");
1343 goto fail;
1344 }
1345
1346 new_dir_size += calc_dir_entry_size(strlen(name), 0);
1347 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
1348 error_setg(errp, "Bitmap directory is too large");
1349 goto fail;
1350 }
1351
1352 bm = g_new0(Qcow2Bitmap, 1);
1353 bm->name = g_strdup(name);
1354 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry);
1355 } else {
1356 if (!(bm->flags & BME_FLAG_IN_USE)) {
1357 error_setg(errp, "Bitmap '%s' already exists in the image",
1358 name);
1359 goto fail;
1360 }
1361 tb = g_memdup(&bm->table, sizeof(bm->table));
1362 bm->table.offset = 0;
1363 bm->table.size = 0;
1364 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry);
1365 }
1366 bm->flags = bdrv_dirty_bitmap_get_autoload(bitmap) ? BME_FLAG_AUTO : 0;
1367 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap));
1368 bm->dirty_bitmap = bitmap;
1369 }
1370
1371
1372 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1373 if (bm->dirty_bitmap == NULL) {
1374 continue;
1375 }
1376
1377 ret = store_bitmap(bs, bm, errp);
1378 if (ret < 0) {
1379 goto fail;
1380 }
1381 }
1382
1383 ret = update_ext_header_and_dir(bs, bm_list);
1384 if (ret < 0) {
1385 error_setg_errno(errp, -ret, "Failed to update bitmap extension");
1386 goto fail;
1387 }
1388
1389
1390
1391 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) {
1392 free_bitmap_clusters(bs, tb);
1393 g_free(tb);
1394 }
1395
1396 bitmap_list_free(bm_list);
1397 return;
1398
1399fail:
1400 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1401 if (bm->dirty_bitmap == NULL || bm->table.offset == 0) {
1402 continue;
1403 }
1404
1405 free_bitmap_clusters(bs, &bm->table);
1406 }
1407
1408 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) {
1409 g_free(tb);
1410 }
1411
1412 bitmap_list_free(bm_list);
1413}
1414
1415int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp)
1416{
1417 BdrvDirtyBitmap *bitmap;
1418 Error *local_err = NULL;
1419
1420 qcow2_store_persistent_dirty_bitmaps(bs, &local_err);
1421 if (local_err != NULL) {
1422 error_propagate(errp, local_err);
1423 return -EINVAL;
1424 }
1425
1426 for (bitmap = bdrv_dirty_bitmap_next(bs, NULL); bitmap != NULL;
1427 bitmap = bdrv_dirty_bitmap_next(bs, bitmap))
1428 {
1429 if (bdrv_dirty_bitmap_get_persistance(bitmap)) {
1430 bdrv_dirty_bitmap_set_readonly(bitmap, true);
1431 }
1432 }
1433
1434 return 0;
1435}
1436
1437bool qcow2_can_store_new_dirty_bitmap(BlockDriverState *bs,
1438 const char *name,
1439 uint32_t granularity,
1440 Error **errp)
1441{
1442 BDRVQcow2State *s = bs->opaque;
1443 bool found;
1444 Qcow2BitmapList *bm_list;
1445
1446 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) {
1447 goto fail;
1448 }
1449
1450 if (s->nb_bitmaps == 0) {
1451 return true;
1452 }
1453
1454 if (s->nb_bitmaps >= QCOW2_MAX_BITMAPS) {
1455 error_setg(errp,
1456 "Maximum number of persistent bitmaps is already reached");
1457 goto fail;
1458 }
1459
1460 if (s->bitmap_directory_size + calc_dir_entry_size(strlen(name), 0) >
1461 QCOW2_MAX_BITMAP_DIRECTORY_SIZE)
1462 {
1463 error_setg(errp, "Not enough space in the bitmap directory");
1464 goto fail;
1465 }
1466
1467 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1468 s->bitmap_directory_size, errp);
1469 if (bm_list == NULL) {
1470 goto fail;
1471 }
1472
1473 found = find_bitmap_by_name(bm_list, name);
1474 bitmap_list_free(bm_list);
1475 if (found) {
1476 error_setg(errp, "Bitmap with the same name is already stored");
1477 goto fail;
1478 }
1479
1480 return true;
1481
1482fail:
1483 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ",
1484 name, bdrv_get_device_or_node_name(bs));
1485 return false;
1486}
1487
