1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include "qemu/osdep.h"
29#include "qapi/error.h"
30#include "qemu/cutils.h"
31
32#include "block/block_int.h"
33#include "block/qcow2.h"
34
35
36
37
38
39
40#define BME_MAX_TABLE_SIZE 0x8000000
41#define BME_MAX_PHYS_SIZE 0x20000000
42#define BME_MAX_GRANULARITY_BITS 31
43#define BME_MIN_GRANULARITY_BITS 9
44#define BME_MAX_NAME_SIZE 1023
45
46#if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX
47#error In the code bitmap table physical size assumed to fit into int
48#endif
49
50
51#define BME_RESERVED_FLAGS 0xfffffffcU
52#define BME_FLAG_IN_USE (1U << 0)
53#define BME_FLAG_AUTO (1U << 1)
54
55
56#define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL
57#define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL
58#define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0)
59
60typedef struct QEMU_PACKED Qcow2BitmapDirEntry {
61
62 uint64_t bitmap_table_offset;
63
64 uint32_t bitmap_table_size;
65 uint32_t flags;
66
67 uint8_t type;
68 uint8_t granularity_bits;
69 uint16_t name_size;
70 uint32_t extra_data_size;
71
72
73} Qcow2BitmapDirEntry;
74
75typedef struct Qcow2BitmapTable {
76 uint64_t offset;
77 uint32_t size;
78 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry;
79} Qcow2BitmapTable;
80typedef QSIMPLEQ_HEAD(Qcow2BitmapTableList, Qcow2BitmapTable)
81 Qcow2BitmapTableList;
82
83typedef struct Qcow2Bitmap {
84 Qcow2BitmapTable table;
85 uint32_t flags;
86 uint8_t granularity_bits;
87 char *name;
88
89 BdrvDirtyBitmap *dirty_bitmap;
90
91 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry;
92} Qcow2Bitmap;
93typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList;
94
95typedef enum BitmapType {
96 BT_DIRTY_TRACKING_BITMAP = 1
97} BitmapType;
98
99static inline bool can_write(BlockDriverState *bs)
100{
101 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
102}
103
104static int update_header_sync(BlockDriverState *bs)
105{
106 int ret;
107
108 ret = qcow2_update_header(bs);
109 if (ret < 0) {
110 return ret;
111 }
112
113 return bdrv_flush(bs);
114}
115
116static inline void bitmap_table_to_be(uint64_t *bitmap_table, size_t size)
117{
118 size_t i;
119
120 for (i = 0; i < size; ++i) {
121 cpu_to_be64s(&bitmap_table[i]);
122 }
123}
124
125static int check_table_entry(uint64_t entry, int cluster_size)
126{
127 uint64_t offset;
128
129 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) {
130 return -EINVAL;
131 }
132
133 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
134 if (offset != 0) {
135
136 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) {
137 return -EINVAL;
138 }
139
140 if (offset % cluster_size != 0) {
141 return -EINVAL;
142 }
143 }
144
145 return 0;
146}
147
148static int check_constraints_on_bitmap(BlockDriverState *bs,
149 const char *name,
150 uint32_t granularity,
151 Error **errp)
152{
153 BDRVQcow2State *s = bs->opaque;
154 int granularity_bits = ctz32(granularity);
155 int64_t len = bdrv_getlength(bs);
156
157 assert(granularity > 0);
158 assert((granularity & (granularity - 1)) == 0);
159
160 if (len < 0) {
161 error_setg_errno(errp, -len, "Failed to get size of '%s'",
162 bdrv_get_device_or_node_name(bs));
163 return len;
164 }
165
166 if (granularity_bits > BME_MAX_GRANULARITY_BITS) {
167 error_setg(errp, "Granularity exceeds maximum (%llu bytes)",
168 1ULL << BME_MAX_GRANULARITY_BITS);
169 return -EINVAL;
170 }
171 if (granularity_bits < BME_MIN_GRANULARITY_BITS) {
172 error_setg(errp, "Granularity is under minimum (%llu bytes)",
173 1ULL << BME_MIN_GRANULARITY_BITS);
174 return -EINVAL;
175 }
176
177 if ((len > (uint64_t)BME_MAX_PHYS_SIZE << granularity_bits) ||
178 (len > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size <<
179 granularity_bits))
180 {
181 error_setg(errp, "Too much space will be occupied by the bitmap. "
182 "Use larger granularity");
183 return -EINVAL;
184 }
185
186 if (strlen(name) > BME_MAX_NAME_SIZE) {
187 error_setg(errp, "Name length exceeds maximum (%u characters)",
188 BME_MAX_NAME_SIZE);
189 return -EINVAL;
190 }
191
192 return 0;
193}
194
195static void clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table,
196 uint32_t bitmap_table_size)
197{
198 BDRVQcow2State *s = bs->opaque;
199 int i;
200
201 for (i = 0; i < bitmap_table_size; ++i) {
202 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK;
203 if (!addr) {
204 continue;
205 }
206
207 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_OTHER);
208 bitmap_table[i] = 0;
209 }
210}
211
212static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb,
213 uint64_t **bitmap_table)
214{
215 int ret;
216 BDRVQcow2State *s = bs->opaque;
217 uint32_t i;
218 uint64_t *table;
219
220 assert(tb->size != 0);
221 table = g_try_new(uint64_t, tb->size);
222 if (table == NULL) {
223 return -ENOMEM;
224 }
225
226 assert(tb->size <= BME_MAX_TABLE_SIZE);
227 ret = bdrv_pread(bs->file, tb->offset,
228 table, tb->size * sizeof(uint64_t));
229 if (ret < 0) {
230 goto fail;
231 }
232
233 for (i = 0; i < tb->size; ++i) {
234 be64_to_cpus(&table[i]);
235 ret = check_table_entry(table[i], s->cluster_size);
236 if (ret < 0) {
237 goto fail;
238 }
239 }
240
241 *bitmap_table = table;
242 return 0;
243
244fail:
245 g_free(table);
246
247 return ret;
248}
249
250static int free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb)
251{
252 int ret;
253 uint64_t *bitmap_table;
254
255 ret = bitmap_table_load(bs, tb, &bitmap_table);
256 if (ret < 0) {
257 assert(bitmap_table == NULL);
258 return ret;
259 }
260
261 clear_bitmap_table(bs, bitmap_table, tb->size);
262 qcow2_free_clusters(bs, tb->offset, tb->size * sizeof(uint64_t),
263 QCOW2_DISCARD_OTHER);
264 g_free(bitmap_table);
265
266 tb->offset = 0;
267 tb->size = 0;
268
269 return 0;
270}
271
272
273static uint64_t bytes_covered_by_bitmap_cluster(const BDRVQcow2State *s,
274 const BdrvDirtyBitmap *bitmap)
275{
276 uint64_t granularity = bdrv_dirty_bitmap_granularity(bitmap);
277 uint64_t limit = granularity * (s->cluster_size << 3);
278
279 assert(QEMU_IS_ALIGNED(limit,
280 bdrv_dirty_bitmap_serialization_align(bitmap)));
281 return limit;
282}
283
284
285
286
287static int load_bitmap_data(BlockDriverState *bs,
288 const uint64_t *bitmap_table,
289 uint32_t bitmap_table_size,
290 BdrvDirtyBitmap *bitmap)
291{
292 int ret = 0;
293 BDRVQcow2State *s = bs->opaque;
294 uint64_t offset, limit;
295 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap);
296 uint8_t *buf = NULL;
297 uint64_t i, tab_size =
298 size_to_clusters(s,
299 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size));
300
301 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) {
302 return -EINVAL;
303 }
304
305 buf = g_malloc(s->cluster_size);
306 limit = bytes_covered_by_bitmap_cluster(s, bitmap);
307 for (i = 0, offset = 0; i < tab_size; ++i, offset += limit) {
308 uint64_t count = MIN(bm_size - offset, limit);
309 uint64_t entry = bitmap_table[i];
310 uint64_t data_offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
311
312 assert(check_table_entry(entry, s->cluster_size) == 0);
313
314 if (data_offset == 0) {
315 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) {
316 bdrv_dirty_bitmap_deserialize_ones(bitmap, offset, count,
317 false);
318 } else {
319
320
321 }
322 } else {
323 ret = bdrv_pread(bs->file, data_offset, buf, s->cluster_size);
324 if (ret < 0) {
325 goto finish;
326 }
327 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, offset, count,
328 false);
329 }
330 }
331 ret = 0;
332
333 bdrv_dirty_bitmap_deserialize_finish(bitmap);
334
335finish:
336 g_free(buf);
337
338 return ret;
339}
340
341static BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs,
342 Qcow2Bitmap *bm, Error **errp)
343{
344 int ret;
345 uint64_t *bitmap_table = NULL;
346 uint32_t granularity;
347 BdrvDirtyBitmap *bitmap = NULL;
348
349 if (bm->flags & BME_FLAG_IN_USE) {
350 error_setg(errp, "Bitmap '%s' is in use", bm->name);
351 goto fail;
352 }
353
354 ret = bitmap_table_load(bs, &bm->table, &bitmap_table);
355 if (ret < 0) {
356 error_setg_errno(errp, -ret,
357 "Could not read bitmap_table table from image for "
358 "bitmap '%s'", bm->name);
359 goto fail;
360 }
361
362 granularity = 1U << bm->granularity_bits;
363 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp);
364 if (bitmap == NULL) {
365 goto fail;
366 }
367
368 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap);
369 if (ret < 0) {
370 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image",
371 bm->name);
372 goto fail;
373 }
374
375 g_free(bitmap_table);
376 return bitmap;
377
378fail:
379 g_free(bitmap_table);
380 if (bitmap != NULL) {
381 bdrv_release_dirty_bitmap(bs, bitmap);
382 }
383
384 return NULL;
385}
386
387
388
389
390
391
392
393
394
395
396static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry)
397{
398 be64_to_cpus(&entry->bitmap_table_offset);
399 be32_to_cpus(&entry->bitmap_table_size);
400 be32_to_cpus(&entry->flags);
401 be16_to_cpus(&entry->name_size);
402 be32_to_cpus(&entry->extra_data_size);
403}
404
405static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry)
406{
407 cpu_to_be64s(&entry->bitmap_table_offset);
408 cpu_to_be32s(&entry->bitmap_table_size);
409 cpu_to_be32s(&entry->flags);
410 cpu_to_be16s(&entry->name_size);
411 cpu_to_be32s(&entry->extra_data_size);
412}
413
414static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size)
415{
416 return align_offset(sizeof(Qcow2BitmapDirEntry) +
417 name_size + extra_data_size, 8);
418}
419
420static inline int dir_entry_size(Qcow2BitmapDirEntry *entry)
421{
422 return calc_dir_entry_size(entry->name_size, entry->extra_data_size);
423}
424
425static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry)
426{
427 return (const char *)(entry + 1) + entry->extra_data_size;
428}
429
430static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry)
431{
432 const char *name_field = dir_entry_name_field(entry);
433 return g_strndup(name_field, entry->name_size);
434}
435
436static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry)
437{
438 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry));
439}
440
441static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry)
442{
443 BDRVQcow2State *s = bs->opaque;
444 uint64_t phys_bitmap_bytes;
445 int64_t len;
446
447 bool fail = (entry->bitmap_table_size == 0) ||
448 (entry->bitmap_table_offset == 0) ||
449 (entry->bitmap_table_offset % s->cluster_size) ||
450 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) ||
451 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) ||
452 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) ||
453 (entry->flags & BME_RESERVED_FLAGS) ||
454 (entry->name_size > BME_MAX_NAME_SIZE) ||
455 (entry->type != BT_DIRTY_TRACKING_BITMAP);
456
457 if (fail) {
458 return -EINVAL;
459 }
460
461 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size;
462 len = bdrv_getlength(bs);
463
464 if (len < 0) {
465 return len;
466 }
467
468 fail = (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) ||
469 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits));
470
471 return fail ? -EINVAL : 0;
472}
473
474static inline void bitmap_directory_to_be(uint8_t *dir, size_t size)
475{
476 uint8_t *end = dir + size;
477 while (dir < end) {
478 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir;
479 dir += dir_entry_size(e);
480
481 bitmap_dir_entry_to_be(e);
482 }
483}
484
485
486
487
488
489static void bitmap_free(Qcow2Bitmap *bm)
490{
491 if (bm == NULL) {
492 return;
493 }
494
495 g_free(bm->name);
496 g_free(bm);
497}
498
499static void bitmap_list_free(Qcow2BitmapList *bm_list)
500{
501 Qcow2Bitmap *bm;
502
503 if (bm_list == NULL) {
504 return;
505 }
506
507 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) {
508 QSIMPLEQ_REMOVE_HEAD(bm_list, entry);
509 bitmap_free(bm);
510 }
511
512 g_free(bm_list);
513}
514
515static Qcow2BitmapList *bitmap_list_new(void)
516{
517 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1);
518 QSIMPLEQ_INIT(bm_list);
519
520 return bm_list;
521}
522
523static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list)
524{
525 Qcow2Bitmap *bm;
526 uint32_t nb_bitmaps = 0;
527
528 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
529 nb_bitmaps++;
530 }
531
532 return nb_bitmaps;
533}
534
535
536
537
538
539static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset,
540 uint64_t size, Error **errp)
541{
542 int ret;
543 BDRVQcow2State *s = bs->opaque;
544 uint8_t *dir, *dir_end;
545 Qcow2BitmapDirEntry *e;
546 uint32_t nb_dir_entries = 0;
547 Qcow2BitmapList *bm_list = NULL;
548
549 if (size == 0) {
550 error_setg(errp, "Requested bitmap directory size is zero");
551 return NULL;
552 }
553
554 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
555 error_setg(errp, "Requested bitmap directory size is too big");
556 return NULL;
557 }
558
559 dir = g_try_malloc(size);
560 if (dir == NULL) {
561 error_setg(errp, "Failed to allocate space for bitmap directory");
562 return NULL;
563 }
564 dir_end = dir + size;
565
566 ret = bdrv_pread(bs->file, offset, dir, size);
567 if (ret < 0) {
568 error_setg_errno(errp, -ret, "Failed to read bitmap directory");
569 goto fail;
570 }
571
572 bm_list = bitmap_list_new();
573 for (e = (Qcow2BitmapDirEntry *)dir;
574 e < (Qcow2BitmapDirEntry *)dir_end;
575 e = next_dir_entry(e))
576 {
577 Qcow2Bitmap *bm;
578
579 if ((uint8_t *)(e + 1) > dir_end) {
580 goto broken_dir;
581 }
582
583 if (++nb_dir_entries > s->nb_bitmaps) {
584 error_setg(errp, "More bitmaps found than specified in header"
585 " extension");
586 goto fail;
587 }
588 bitmap_dir_entry_to_cpu(e);
589
590 if ((uint8_t *)next_dir_entry(e) > dir_end) {
591 goto broken_dir;
592 }
593
594 if (e->extra_data_size != 0) {
595 error_setg(errp, "Bitmap extra data is not supported");
596 goto fail;
597 }
598
599 ret = check_dir_entry(bs, e);
600 if (ret < 0) {
601 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints",
602 e->name_size, dir_entry_name_field(e));
603 goto fail;
604 }
605
606 bm = g_new0(Qcow2Bitmap, 1);
607 bm->table.offset = e->bitmap_table_offset;
608 bm->table.size = e->bitmap_table_size;
609 bm->flags = e->flags;
610 bm->granularity_bits = e->granularity_bits;
611 bm->name = dir_entry_copy_name(e);
612 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry);
613 }
614
615 if (nb_dir_entries != s->nb_bitmaps) {
616 error_setg(errp, "Less bitmaps found than specified in header"
617 " extension");
618 goto fail;
619 }
620
621 if ((uint8_t *)e != dir_end) {
622 goto broken_dir;
623 }
624
625 g_free(dir);
626 return bm_list;
627
628broken_dir:
629 ret = -EINVAL;
630 error_setg(errp, "Broken bitmap directory");
631
632fail:
633 g_free(dir);
634 bitmap_list_free(bm_list);
635
636 return NULL;
637}
638
639int qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res,
640 void **refcount_table,
641 int64_t *refcount_table_size)
642{
643 int ret;
644 BDRVQcow2State *s = bs->opaque;
645 Qcow2BitmapList *bm_list;
646 Qcow2Bitmap *bm;
647
648 if (s->nb_bitmaps == 0) {
649 return 0;
650 }
651
652 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size,
653 s->bitmap_directory_offset,
654 s->bitmap_directory_size);
655 if (ret < 0) {
656 return ret;
657 }
658
659 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
660 s->bitmap_directory_size, NULL);
661 if (bm_list == NULL) {
662 res->corruptions++;
663 return -EINVAL;
664 }
665
666 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
667 uint64_t *bitmap_table = NULL;
668 int i;
669
670 ret = qcow2_inc_refcounts_imrt(bs, res,
671 refcount_table, refcount_table_size,
672 bm->table.offset,
673 bm->table.size * sizeof(uint64_t));
674 if (ret < 0) {
675 goto out;
676 }
677
678 ret = bitmap_table_load(bs, &bm->table, &bitmap_table);
679 if (ret < 0) {
680 res->corruptions++;
681 goto out;
682 }
683
684 for (i = 0; i < bm->table.size; ++i) {
685 uint64_t entry = bitmap_table[i];
686 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
687
688 if (check_table_entry(entry, s->cluster_size) < 0) {
689 res->corruptions++;
690 continue;
691 }
692
693 if (offset == 0) {
694 continue;
695 }
696
697 ret = qcow2_inc_refcounts_imrt(bs, res,
698 refcount_table, refcount_table_size,
699 offset, s->cluster_size);
700 if (ret < 0) {
701 g_free(bitmap_table);
702 goto out;
703 }
704 }
705
706 g_free(bitmap_table);
707 }
708
709out:
710 bitmap_list_free(bm_list);
711
712 return ret;
713}
714
715
716
717
718
719static int bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list,
720 uint64_t *offset, uint64_t *size, bool in_place)
721{
722 int ret;
723 uint8_t *dir;
724 int64_t dir_offset = 0;
725 uint64_t dir_size = 0;
726 Qcow2Bitmap *bm;
727 Qcow2BitmapDirEntry *e;
728
729 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
730 dir_size += calc_dir_entry_size(strlen(bm->name), 0);
731 }
732
733 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
734 return -EINVAL;
735 }
736
737 if (in_place) {
738 if (*size != dir_size || *offset == 0) {
739 return -EINVAL;
740 }
741
742 dir_offset = *offset;
743 }
744
745 dir = g_try_malloc(dir_size);
746 if (dir == NULL) {
747 return -ENOMEM;
748 }
749
750 e = (Qcow2BitmapDirEntry *)dir;
751 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
752 e->bitmap_table_offset = bm->table.offset;
753 e->bitmap_table_size = bm->table.size;
754 e->flags = bm->flags;
755 e->type = BT_DIRTY_TRACKING_BITMAP;
756 e->granularity_bits = bm->granularity_bits;
757 e->name_size = strlen(bm->name);
758 e->extra_data_size = 0;
759 memcpy(e + 1, bm->name, e->name_size);
760
761 if (check_dir_entry(bs, e) < 0) {
762 ret = -EINVAL;
763 goto fail;
764 }
765
766 e = next_dir_entry(e);
767 }
768
769 bitmap_directory_to_be(dir, dir_size);
770
771 if (!in_place) {
772 dir_offset = qcow2_alloc_clusters(bs, dir_size);
773 if (dir_offset < 0) {
774 ret = dir_offset;
775 goto fail;
776 }
777 }
778
779 ret = qcow2_pre_write_overlap_check(bs, 0, dir_offset, dir_size);
780 if (ret < 0) {
781 goto fail;
782 }
783
784 ret = bdrv_pwrite(bs->file, dir_offset, dir, dir_size);
785 if (ret < 0) {
786 goto fail;
787 }
788
789 g_free(dir);
790
791 if (!in_place) {
792 *size = dir_size;
793 *offset = dir_offset;
794 }
795
796 return 0;
797
798fail:
799 g_free(dir);
800
801 if (!in_place && dir_offset > 0) {
802 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER);
803 }
804
805 return ret;
806}
807
808
809
810
811
812static int update_ext_header_and_dir_in_place(BlockDriverState *bs,
813 Qcow2BitmapList *bm_list)
814{
815 BDRVQcow2State *s = bs->opaque;
816 int ret;
817
818 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) ||
819 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) ||
820 bitmap_list_count(bm_list) != s->nb_bitmaps)
821 {
822 return -EINVAL;
823 }
824
825 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS;
826 ret = update_header_sync(bs);
827 if (ret < 0) {
828
829
830
831
832 return ret;
833 }
834
835
836
837 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset,
838 &s->bitmap_directory_size, true);
839 if (ret < 0) {
840
841
842 return ret;
843 }
844
845 ret = update_header_sync(bs);
846 if (ret < 0) {
847
848
849 return ret;
850 }
851
852 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS;
853 return update_header_sync(bs);
854
855
856
857
858}
859
860static int update_ext_header_and_dir(BlockDriverState *bs,
861 Qcow2BitmapList *bm_list)
862{
863 BDRVQcow2State *s = bs->opaque;
864 int ret;
865 uint64_t new_offset = 0;
866 uint64_t new_size = 0;
867 uint32_t new_nb_bitmaps = 0;
868 uint64_t old_offset = s->bitmap_directory_offset;
869 uint64_t old_size = s->bitmap_directory_size;
870 uint32_t old_nb_bitmaps = s->nb_bitmaps;
871 uint64_t old_autocl = s->autoclear_features;
872
873 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) {
874 new_nb_bitmaps = bitmap_list_count(bm_list);
875
876 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) {
877 return -EINVAL;
878 }
879
880 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false);
881 if (ret < 0) {
882 return ret;
883 }
884
885 ret = bdrv_flush(bs->file->bs);
886 if (ret < 0) {
887 goto fail;
888 }
889
890 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS;
891 } else {
892 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS;
893 }
894
895 s->bitmap_directory_offset = new_offset;
896 s->bitmap_directory_size = new_size;
897 s->nb_bitmaps = new_nb_bitmaps;
898
899 ret = update_header_sync(bs);
900 if (ret < 0) {
901 goto fail;
902 }
903
904 if (old_size > 0) {
905 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER);
906 }
907
908 return 0;
909
910fail:
911 if (new_offset > 0) {
912 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER);
913 }
914
915 s->bitmap_directory_offset = old_offset;
916 s->bitmap_directory_size = old_size;
917 s->nb_bitmaps = old_nb_bitmaps;
918 s->autoclear_features = old_autocl;
919
920 return ret;
921}
922
923
924static void release_dirty_bitmap_helper(gpointer bitmap,
925 gpointer bs)
926{
927 bdrv_release_dirty_bitmap(bs, bitmap);
928}
929
930
931static void set_readonly_helper(gpointer bitmap, gpointer value)
932{
933 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value);
934}
935
936
937
938
939
940
941
942
943bool qcow2_load_autoloading_dirty_bitmaps(BlockDriverState *bs, Error **errp)
944{
945 BDRVQcow2State *s = bs->opaque;
946 Qcow2BitmapList *bm_list;
947 Qcow2Bitmap *bm;
948 GSList *created_dirty_bitmaps = NULL;
949 bool header_updated = false;
950
951 if (s->nb_bitmaps == 0) {
952
953 return false;
954 }
955
956 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
957 s->bitmap_directory_size, errp);
958 if (bm_list == NULL) {
959 return false;
960 }
961
962 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
963 if ((bm->flags & BME_FLAG_AUTO) && !(bm->flags & BME_FLAG_IN_USE)) {
964 BdrvDirtyBitmap *bitmap = load_bitmap(bs, bm, errp);
965 if (bitmap == NULL) {
966 goto fail;
967 }
968
969 bdrv_dirty_bitmap_set_persistance(bitmap, true);
970 bdrv_dirty_bitmap_set_autoload(bitmap, true);
971 bm->flags |= BME_FLAG_IN_USE;
972 created_dirty_bitmaps =
973 g_slist_append(created_dirty_bitmaps, bitmap);
974 }
975 }
976
977 if (created_dirty_bitmaps != NULL) {
978 if (can_write(bs)) {
979
980 int ret = update_ext_header_and_dir_in_place(bs, bm_list);
981 if (ret < 0) {
982 error_setg_errno(errp, -ret, "Can't update bitmap directory");
983 goto fail;
984 }
985 header_updated = true;
986 } else {
987 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper,
988 (gpointer)true);
989 }
990 }
991
992 g_slist_free(created_dirty_bitmaps);
993 bitmap_list_free(bm_list);
994
995 return header_updated;
996
997fail:
998 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs);
999 g_slist_free(created_dirty_bitmaps);
1000 bitmap_list_free(bm_list);
1001
1002 return false;
1003}
1004
1005int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp)
1006{
1007 BDRVQcow2State *s = bs->opaque;
1008 Qcow2BitmapList *bm_list;
1009 Qcow2Bitmap *bm;
1010 GSList *ro_dirty_bitmaps = NULL;
1011 int ret = 0;
1012
1013 if (s->nb_bitmaps == 0) {
1014
1015 return 0;
1016 }
1017
1018 if (!can_write(bs)) {
1019 error_setg(errp, "Can't write to the image on reopening bitmaps rw");
1020 return -EINVAL;
1021 }
1022
1023 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1024 s->bitmap_directory_size, errp);
1025 if (bm_list == NULL) {
1026 return -EINVAL;
1027 }
1028
1029 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1030 if (!(bm->flags & BME_FLAG_IN_USE)) {
1031 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name);
1032 if (bitmap == NULL) {
1033 continue;
1034 }
1035
1036 if (!bdrv_dirty_bitmap_readonly(bitmap)) {
1037 error_setg(errp, "Bitmap %s is not readonly but not marked"
1038 "'IN_USE' in the image. Something went wrong,"
1039 "all the bitmaps may be corrupted", bm->name);
1040 ret = -EINVAL;
1041 goto out;
1042 }
1043
1044 bm->flags |= BME_FLAG_IN_USE;
1045 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap);
1046 }
1047 }
1048
1049 if (ro_dirty_bitmaps != NULL) {
1050
1051 ret = update_ext_header_and_dir_in_place(bs, bm_list);
1052 if (ret < 0) {
1053 error_setg_errno(errp, -ret, "Can't update bitmap directory");
1054 goto out;
1055 }
1056 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, false);
1057 }
1058
1059out:
1060 g_slist_free(ro_dirty_bitmaps);
1061 bitmap_list_free(bm_list);
1062
1063 return ret;
1064}
1065
1066
1067
1068
1069static uint64_t *store_bitmap_data(BlockDriverState *bs,
1070 BdrvDirtyBitmap *bitmap,
1071 uint32_t *bitmap_table_size, Error **errp)
1072{
1073 int ret;
1074 BDRVQcow2State *s = bs->opaque;
1075 int64_t offset;
1076 uint64_t limit;
1077 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap);
1078 const char *bm_name = bdrv_dirty_bitmap_name(bitmap);
1079 uint8_t *buf = NULL;
1080 BdrvDirtyBitmapIter *dbi;
1081 uint64_t *tb;
1082 uint64_t tb_size =
1083 size_to_clusters(s,
1084 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size));
1085
1086 if (tb_size > BME_MAX_TABLE_SIZE ||
1087 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE)
1088 {
1089 error_setg(errp, "Bitmap '%s' is too big", bm_name);
1090 return NULL;
1091 }
1092
1093 tb = g_try_new0(uint64_t, tb_size);
1094 if (tb == NULL) {
1095 error_setg(errp, "No memory");
1096 return NULL;
1097 }
1098
1099 dbi = bdrv_dirty_iter_new(bitmap);
1100 buf = g_malloc(s->cluster_size);
1101 limit = bytes_covered_by_bitmap_cluster(s, bitmap);
1102 assert(DIV_ROUND_UP(bm_size, limit) == tb_size);
1103
1104 while ((offset = bdrv_dirty_iter_next(dbi)) >= 0) {
1105 uint64_t cluster = offset / limit;
1106 uint64_t end, write_size;
1107 int64_t off;
1108
1109
1110
1111
1112
1113
1114 offset = QEMU_ALIGN_DOWN(offset, limit);
1115 end = MIN(bm_size, offset + limit);
1116 write_size = bdrv_dirty_bitmap_serialization_size(bitmap, offset,
1117 end - offset);
1118 assert(write_size <= s->cluster_size);
1119
1120 off = qcow2_alloc_clusters(bs, s->cluster_size);
1121 if (off < 0) {
1122 error_setg_errno(errp, -off,
1123 "Failed to allocate clusters for bitmap '%s'",
1124 bm_name);
1125 goto fail;
1126 }
1127 tb[cluster] = off;
1128
1129 bdrv_dirty_bitmap_serialize_part(bitmap, buf, offset, end - offset);
1130 if (write_size < s->cluster_size) {
1131 memset(buf + write_size, 0, s->cluster_size - write_size);
1132 }
1133
1134 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size);
1135 if (ret < 0) {
1136 error_setg_errno(errp, -ret, "Qcow2 overlap check failed");
1137 goto fail;
1138 }
1139
1140 ret = bdrv_pwrite(bs->file, off, buf, s->cluster_size);
1141 if (ret < 0) {
1142 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file",
1143 bm_name);
1144 goto fail;
1145 }
1146
1147 if (end >= bm_size) {
1148 break;
1149 }
1150
1151 bdrv_set_dirty_iter(dbi, end);
1152 }
1153
1154 *bitmap_table_size = tb_size;
1155 g_free(buf);
1156 bdrv_dirty_iter_free(dbi);
1157
1158 return tb;
1159
1160fail:
1161 clear_bitmap_table(bs, tb, tb_size);
1162 g_free(buf);
1163 bdrv_dirty_iter_free(dbi);
1164 g_free(tb);
1165
1166 return NULL;
1167}
1168
1169
1170
1171
1172
1173static int store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp)
1174{
1175 int ret;
1176 uint64_t *tb;
1177 int64_t tb_offset;
1178 uint32_t tb_size;
1179 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap;
1180 const char *bm_name;
1181
1182 assert(bitmap != NULL);
1183
1184 bm_name = bdrv_dirty_bitmap_name(bitmap);
1185
1186 tb = store_bitmap_data(bs, bitmap, &tb_size, errp);
1187 if (tb == NULL) {
1188 return -EINVAL;
1189 }
1190
1191 assert(tb_size <= BME_MAX_TABLE_SIZE);
1192 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0]));
1193 if (tb_offset < 0) {
1194 error_setg_errno(errp, -tb_offset,
1195 "Failed to allocate clusters for bitmap '%s'",
1196 bm_name);
1197 ret = tb_offset;
1198 goto fail;
1199 }
1200
1201 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset,
1202 tb_size * sizeof(tb[0]));
1203 if (ret < 0) {
1204 error_setg_errno(errp, -ret, "Qcow2 overlap check failed");
1205 goto fail;
1206 }
1207
1208 bitmap_table_to_be(tb, tb_size);
1209 ret = bdrv_pwrite(bs->file, tb_offset, tb, tb_size * sizeof(tb[0]));
1210 if (ret < 0) {
1211 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file",
1212 bm_name);
1213 goto fail;
1214 }
1215
1216 g_free(tb);
1217
1218 bm->table.offset = tb_offset;
1219 bm->table.size = tb_size;
1220
1221 return 0;
1222
1223fail:
1224 clear_bitmap_table(bs, tb, tb_size);
1225
1226 if (tb_offset > 0) {
1227 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]),
1228 QCOW2_DISCARD_OTHER);
1229 }
1230
1231 g_free(tb);
1232
1233 return ret;
1234}
1235
1236static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list,
1237 const char *name)
1238{
1239 Qcow2Bitmap *bm;
1240
1241 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1242 if (strcmp(name, bm->name) == 0) {
1243 return bm;
1244 }
1245 }
1246
1247 return NULL;
1248}
1249
1250void qcow2_remove_persistent_dirty_bitmap(BlockDriverState *bs,
1251 const char *name,
1252 Error **errp)
1253{
1254 int ret;
1255 BDRVQcow2State *s = bs->opaque;
1256 Qcow2Bitmap *bm;
1257 Qcow2BitmapList *bm_list;
1258
1259 if (s->nb_bitmaps == 0) {
1260
1261
1262 return;
1263 }
1264
1265 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1266 s->bitmap_directory_size, errp);
1267 if (bm_list == NULL) {
1268 return;
1269 }
1270
1271 bm = find_bitmap_by_name(bm_list, name);
1272 if (bm == NULL) {
1273 goto fail;
1274 }
1275
1276 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry);
1277
1278 ret = update_ext_header_and_dir(bs, bm_list);
1279 if (ret < 0) {
1280 error_setg_errno(errp, -ret, "Failed to update bitmap extension");
1281 goto fail;
1282 }
1283
1284 free_bitmap_clusters(bs, &bm->table);
1285
1286fail:
1287 bitmap_free(bm);
1288 bitmap_list_free(bm_list);
1289}
1290
1291void qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, Error **errp)
1292{
1293 BdrvDirtyBitmap *bitmap;
1294 BDRVQcow2State *s = bs->opaque;
1295 uint32_t new_nb_bitmaps = s->nb_bitmaps;
1296 uint64_t new_dir_size = s->bitmap_directory_size;
1297 int ret;
1298 Qcow2BitmapList *bm_list;
1299 Qcow2Bitmap *bm;
1300 Qcow2BitmapTableList drop_tables;
1301 Qcow2BitmapTable *tb, *tb_next;
1302
1303 if (!bdrv_has_changed_persistent_bitmaps(bs)) {
1304
1305 return;
1306 }
1307
1308 if (!can_write(bs)) {
1309 error_setg(errp, "No write access");
1310 return;
1311 }
1312
1313 QSIMPLEQ_INIT(&drop_tables);
1314
1315 if (s->nb_bitmaps == 0) {
1316 bm_list = bitmap_list_new();
1317 } else {
1318 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1319 s->bitmap_directory_size, errp);
1320 if (bm_list == NULL) {
1321 return;
1322 }
1323 }
1324
1325
1326 for (bitmap = bdrv_dirty_bitmap_next(bs, NULL); bitmap != NULL;
1327 bitmap = bdrv_dirty_bitmap_next(bs, bitmap))
1328 {
1329 const char *name = bdrv_dirty_bitmap_name(bitmap);
1330 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap);
1331 Qcow2Bitmap *bm;
1332
1333 if (!bdrv_dirty_bitmap_get_persistance(bitmap) ||
1334 bdrv_dirty_bitmap_readonly(bitmap))
1335 {
1336 continue;
1337 }
1338
1339 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) {
1340 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ",
1341 name);
1342 goto fail;
1343 }
1344
1345 bm = find_bitmap_by_name(bm_list, name);
1346 if (bm == NULL) {
1347 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) {
1348 error_setg(errp, "Too many persistent bitmaps");
1349 goto fail;
1350 }
1351
1352 new_dir_size += calc_dir_entry_size(strlen(name), 0);
1353 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
1354 error_setg(errp, "Bitmap directory is too large");
1355 goto fail;
1356 }
1357
1358 bm = g_new0(Qcow2Bitmap, 1);
1359 bm->name = g_strdup(name);
1360 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry);
1361 } else {
1362 if (!(bm->flags & BME_FLAG_IN_USE)) {
1363 error_setg(errp, "Bitmap '%s' already exists in the image",
1364 name);
1365 goto fail;
1366 }
1367 tb = g_memdup(&bm->table, sizeof(bm->table));
1368 bm->table.offset = 0;
1369 bm->table.size = 0;
1370 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry);
1371 }
1372 bm->flags = bdrv_dirty_bitmap_get_autoload(bitmap) ? BME_FLAG_AUTO : 0;
1373 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap));
1374 bm->dirty_bitmap = bitmap;
1375 }
1376
1377
1378 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1379 if (bm->dirty_bitmap == NULL) {
1380 continue;
1381 }
1382
1383 ret = store_bitmap(bs, bm, errp);
1384 if (ret < 0) {
1385 goto fail;
1386 }
1387 }
1388
1389 ret = update_ext_header_and_dir(bs, bm_list);
1390 if (ret < 0) {
1391 error_setg_errno(errp, -ret, "Failed to update bitmap extension");
1392 goto fail;
1393 }
1394
1395
1396
1397 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) {
1398 free_bitmap_clusters(bs, tb);
1399 g_free(tb);
1400 }
1401
1402 bitmap_list_free(bm_list);
1403 return;
1404
1405fail:
1406 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1407 if (bm->dirty_bitmap == NULL || bm->table.offset == 0) {
1408 continue;
1409 }
1410
1411 free_bitmap_clusters(bs, &bm->table);
1412 }
1413
1414 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) {
1415 g_free(tb);
1416 }
1417
1418 bitmap_list_free(bm_list);
1419}
1420
1421int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp)
1422{
1423 BdrvDirtyBitmap *bitmap;
1424 Error *local_err = NULL;
1425
1426 qcow2_store_persistent_dirty_bitmaps(bs, &local_err);
1427 if (local_err != NULL) {
1428 error_propagate(errp, local_err);
1429 return -EINVAL;
1430 }
1431
1432 for (bitmap = bdrv_dirty_bitmap_next(bs, NULL); bitmap != NULL;
1433 bitmap = bdrv_dirty_bitmap_next(bs, bitmap))
1434 {
1435 if (bdrv_dirty_bitmap_get_persistance(bitmap)) {
1436 bdrv_dirty_bitmap_set_readonly(bitmap, true);
1437 }
1438 }
1439
1440 return 0;
1441}
1442
1443bool qcow2_can_store_new_dirty_bitmap(BlockDriverState *bs,
1444 const char *name,
1445 uint32_t granularity,
1446 Error **errp)
1447{
1448 BDRVQcow2State *s = bs->opaque;
1449 bool found;
1450 Qcow2BitmapList *bm_list;
1451
1452 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) {
1453 goto fail;
1454 }
1455
1456 if (s->nb_bitmaps == 0) {
1457 return true;
1458 }
1459
1460 if (s->nb_bitmaps >= QCOW2_MAX_BITMAPS) {
1461 error_setg(errp,
1462 "Maximum number of persistent bitmaps is already reached");
1463 goto fail;
1464 }
1465
1466 if (s->bitmap_directory_size + calc_dir_entry_size(strlen(name), 0) >
1467 QCOW2_MAX_BITMAP_DIRECTORY_SIZE)
1468 {
1469 error_setg(errp, "Not enough space in the bitmap directory");
1470 goto fail;
1471 }
1472
1473 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1474 s->bitmap_directory_size, errp);
1475 if (bm_list == NULL) {
1476 goto fail;
1477 }
1478
1479 found = find_bitmap_by_name(bm_list, name);
1480 bitmap_list_free(bm_list);
1481 if (found) {
1482 error_setg(errp, "Bitmap with the same name is already stored");
1483 goto fail;
1484 }
1485
1486 return true;
1487
1488fail:
1489 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ",
1490 name, bdrv_get_device_or_node_name(bs));
1491 return false;
1492}
1493
