1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28#include "qemu/osdep.h"
29#include "qapi/error.h"
30#include "qemu/cutils.h"
31
32#include "block/block_int.h"
33#include "block/qcow2.h"
34
35
36
37
38
39
40#define BME_MAX_TABLE_SIZE 0x8000000
41#define BME_MAX_PHYS_SIZE 0x20000000
42#define BME_MAX_GRANULARITY_BITS 31
43#define BME_MIN_GRANULARITY_BITS 9
44#define BME_MAX_NAME_SIZE 1023
45
46#if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX
47#error In the code bitmap table physical size assumed to fit into int
48#endif
49
50
51#define BME_RESERVED_FLAGS 0xfffffffcU
52#define BME_FLAG_IN_USE (1U << 0)
53#define BME_FLAG_AUTO (1U << 1)
54
55
56#define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL
57#define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL
58#define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0)
59
60typedef struct QEMU_PACKED Qcow2BitmapDirEntry {
61
62 uint64_t bitmap_table_offset;
63
64 uint32_t bitmap_table_size;
65 uint32_t flags;
66
67 uint8_t type;
68 uint8_t granularity_bits;
69 uint16_t name_size;
70 uint32_t extra_data_size;
71
72
73} Qcow2BitmapDirEntry;
74
75typedef struct Qcow2BitmapTable {
76 uint64_t offset;
77 uint32_t size;
78 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry;
79} Qcow2BitmapTable;
80typedef QSIMPLEQ_HEAD(Qcow2BitmapTableList, Qcow2BitmapTable)
81 Qcow2BitmapTableList;
82
83typedef struct Qcow2Bitmap {
84 Qcow2BitmapTable table;
85 uint32_t flags;
86 uint8_t granularity_bits;
87 char *name;
88
89 BdrvDirtyBitmap *dirty_bitmap;
90
91 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry;
92} Qcow2Bitmap;
93typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList;
94
95typedef enum BitmapType {
96 BT_DIRTY_TRACKING_BITMAP = 1
97} BitmapType;
98
99static inline bool can_write(BlockDriverState *bs)
100{
101 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE);
102}
103
104static int update_header_sync(BlockDriverState *bs)
105{
106 int ret;
107
108 ret = qcow2_update_header(bs);
109 if (ret < 0) {
110 return ret;
111 }
112
113 return bdrv_flush(bs->file->bs);
114}
115
116static inline void bitmap_table_to_be(uint64_t *bitmap_table, size_t size)
117{
118 size_t i;
119
120 for (i = 0; i < size; ++i) {
121 cpu_to_be64s(&bitmap_table[i]);
122 }
123}
124
125static int check_table_entry(uint64_t entry, int cluster_size)
126{
127 uint64_t offset;
128
129 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) {
130 return -EINVAL;
131 }
132
133 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
134 if (offset != 0) {
135
136 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) {
137 return -EINVAL;
138 }
139
140 if (offset % cluster_size != 0) {
141 return -EINVAL;
142 }
143 }
144
145 return 0;
146}
147
148static int check_constraints_on_bitmap(BlockDriverState *bs,
149 const char *name,
150 uint32_t granularity,
151 Error **errp)
152{
153 BDRVQcow2State *s = bs->opaque;
154 int granularity_bits = ctz32(granularity);
155 int64_t len = bdrv_getlength(bs);
156
157 assert(granularity > 0);
158 assert((granularity & (granularity - 1)) == 0);
159
160 if (len < 0) {
161 error_setg_errno(errp, -len, "Failed to get size of '%s'",
162 bdrv_get_device_or_node_name(bs));
163 return len;
164 }
165
166 if (granularity_bits > BME_MAX_GRANULARITY_BITS) {
167 error_setg(errp, "Granularity exceeds maximum (%llu bytes)",
168 1ULL << BME_MAX_GRANULARITY_BITS);
169 return -EINVAL;
170 }
171 if (granularity_bits < BME_MIN_GRANULARITY_BITS) {
172 error_setg(errp, "Granularity is under minimum (%llu bytes)",
173 1ULL << BME_MIN_GRANULARITY_BITS);
174 return -EINVAL;
175 }
176
177 if ((len > (uint64_t)BME_MAX_PHYS_SIZE << granularity_bits) ||
178 (len > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size <<
179 granularity_bits))
180 {
181 error_setg(errp, "Too much space will be occupied by the bitmap. "
182 "Use larger granularity");
183 return -EINVAL;
184 }
185
186 if (strlen(name) > BME_MAX_NAME_SIZE) {
187 error_setg(errp, "Name length exceeds maximum (%u characters)",
188 BME_MAX_NAME_SIZE);
189 return -EINVAL;
190 }
191
192 return 0;
193}
194
195static void clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table,
196 uint32_t bitmap_table_size)
197{
198 BDRVQcow2State *s = bs->opaque;
199 int i;
200
201 for (i = 0; i < bitmap_table_size; ++i) {
202 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK;
203 if (!addr) {
204 continue;
205 }
206
207 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_OTHER);
208 bitmap_table[i] = 0;
209 }
210}
211
212static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb,
213 uint64_t **bitmap_table)
214{
215 int ret;
216 BDRVQcow2State *s = bs->opaque;
217 uint32_t i;
218 uint64_t *table;
219
220 assert(tb->size != 0);
221 table = g_try_new(uint64_t, tb->size);
222 if (table == NULL) {
223 return -ENOMEM;
224 }
225
226 assert(tb->size <= BME_MAX_TABLE_SIZE);
227 ret = bdrv_pread(bs->file, tb->offset,
228 table, tb->size * sizeof(uint64_t));
229 if (ret < 0) {
230 goto fail;
231 }
232
233 for (i = 0; i < tb->size; ++i) {
234 be64_to_cpus(&table[i]);
235 ret = check_table_entry(table[i], s->cluster_size);
236 if (ret < 0) {
237 goto fail;
238 }
239 }
240
241 *bitmap_table = table;
242 return 0;
243
244fail:
245 g_free(table);
246
247 return ret;
248}
249
250static int free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb)
251{
252 int ret;
253 uint64_t *bitmap_table;
254
255 ret = bitmap_table_load(bs, tb, &bitmap_table);
256 if (ret < 0) {
257 assert(bitmap_table == NULL);
258 return ret;
259 }
260
261 clear_bitmap_table(bs, bitmap_table, tb->size);
262 qcow2_free_clusters(bs, tb->offset, tb->size * sizeof(uint64_t),
263 QCOW2_DISCARD_OTHER);
264 g_free(bitmap_table);
265
266 tb->offset = 0;
267 tb->size = 0;
268
269 return 0;
270}
271
272
273static uint64_t bytes_covered_by_bitmap_cluster(const BDRVQcow2State *s,
274 const BdrvDirtyBitmap *bitmap)
275{
276 uint64_t granularity = bdrv_dirty_bitmap_granularity(bitmap);
277 uint64_t limit = granularity * (s->cluster_size << 3);
278
279 assert(QEMU_IS_ALIGNED(limit,
280 bdrv_dirty_bitmap_serialization_align(bitmap)));
281 return limit;
282}
283
284
285
286
287static int load_bitmap_data(BlockDriverState *bs,
288 const uint64_t *bitmap_table,
289 uint32_t bitmap_table_size,
290 BdrvDirtyBitmap *bitmap)
291{
292 int ret = 0;
293 BDRVQcow2State *s = bs->opaque;
294 uint64_t offset, limit;
295 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap);
296 uint8_t *buf = NULL;
297 uint64_t i, tab_size =
298 size_to_clusters(s,
299 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size));
300
301 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) {
302 return -EINVAL;
303 }
304
305 buf = g_malloc(s->cluster_size);
306 limit = bytes_covered_by_bitmap_cluster(s, bitmap);
307 for (i = 0, offset = 0; i < tab_size; ++i, offset += limit) {
308 uint64_t count = MIN(bm_size - offset, limit);
309 uint64_t entry = bitmap_table[i];
310 uint64_t data_offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
311
312 assert(check_table_entry(entry, s->cluster_size) == 0);
313
314 if (data_offset == 0) {
315 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) {
316 bdrv_dirty_bitmap_deserialize_ones(bitmap, offset, count,
317 false);
318 } else {
319
320
321 }
322 } else {
323 ret = bdrv_pread(bs->file, data_offset, buf, s->cluster_size);
324 if (ret < 0) {
325 goto finish;
326 }
327 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, offset, count,
328 false);
329 }
330 }
331 ret = 0;
332
333 bdrv_dirty_bitmap_deserialize_finish(bitmap);
334
335finish:
336 g_free(buf);
337
338 return ret;
339}
340
341static BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs,
342 Qcow2Bitmap *bm, Error **errp)
343{
344 int ret;
345 uint64_t *bitmap_table = NULL;
346 uint32_t granularity;
347 BdrvDirtyBitmap *bitmap = NULL;
348
349 if (bm->flags & BME_FLAG_IN_USE) {
350 error_setg(errp, "Bitmap '%s' is in use", bm->name);
351 goto fail;
352 }
353
354 ret = bitmap_table_load(bs, &bm->table, &bitmap_table);
355 if (ret < 0) {
356 error_setg_errno(errp, -ret,
357 "Could not read bitmap_table table from image for "
358 "bitmap '%s'", bm->name);
359 goto fail;
360 }
361
362 granularity = 1U << bm->granularity_bits;
363 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp);
364 if (bitmap == NULL) {
365 goto fail;
366 }
367
368 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap);
369 if (ret < 0) {
370 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image",
371 bm->name);
372 goto fail;
373 }
374
375 g_free(bitmap_table);
376 return bitmap;
377
378fail:
379 g_free(bitmap_table);
380 if (bitmap != NULL) {
381 bdrv_release_dirty_bitmap(bs, bitmap);
382 }
383
384 return NULL;
385}
386
387
388
389
390
391
392
393
394
395
396static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry)
397{
398 be64_to_cpus(&entry->bitmap_table_offset);
399 be32_to_cpus(&entry->bitmap_table_size);
400 be32_to_cpus(&entry->flags);
401 be16_to_cpus(&entry->name_size);
402 be32_to_cpus(&entry->extra_data_size);
403}
404
405static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry)
406{
407 cpu_to_be64s(&entry->bitmap_table_offset);
408 cpu_to_be32s(&entry->bitmap_table_size);
409 cpu_to_be32s(&entry->flags);
410 cpu_to_be16s(&entry->name_size);
411 cpu_to_be32s(&entry->extra_data_size);
412}
413
414static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size)
415{
416 int size = sizeof(Qcow2BitmapDirEntry) + name_size + extra_data_size;
417 return ROUND_UP(size, 8);
418}
419
420static inline int dir_entry_size(Qcow2BitmapDirEntry *entry)
421{
422 return calc_dir_entry_size(entry->name_size, entry->extra_data_size);
423}
424
425static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry)
426{
427 return (const char *)(entry + 1) + entry->extra_data_size;
428}
429
430static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry)
431{
432 const char *name_field = dir_entry_name_field(entry);
433 return g_strndup(name_field, entry->name_size);
434}
435
436static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry)
437{
438 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry));
439}
440
441static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry)
442{
443 BDRVQcow2State *s = bs->opaque;
444 uint64_t phys_bitmap_bytes;
445 int64_t len;
446
447 bool fail = (entry->bitmap_table_size == 0) ||
448 (entry->bitmap_table_offset == 0) ||
449 (entry->bitmap_table_offset % s->cluster_size) ||
450 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) ||
451 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) ||
452 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) ||
453 (entry->flags & BME_RESERVED_FLAGS) ||
454 (entry->name_size > BME_MAX_NAME_SIZE) ||
455 (entry->type != BT_DIRTY_TRACKING_BITMAP);
456
457 if (fail) {
458 return -EINVAL;
459 }
460
461 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size;
462 len = bdrv_getlength(bs);
463
464 if (len < 0) {
465 return len;
466 }
467
468 fail = (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) ||
469 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits));
470
471 return fail ? -EINVAL : 0;
472}
473
474static inline void bitmap_directory_to_be(uint8_t *dir, size_t size)
475{
476 uint8_t *end = dir + size;
477 while (dir < end) {
478 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir;
479 dir += dir_entry_size(e);
480
481 bitmap_dir_entry_to_be(e);
482 }
483}
484
485
486
487
488
489static void bitmap_free(Qcow2Bitmap *bm)
490{
491 if (bm == NULL) {
492 return;
493 }
494
495 g_free(bm->name);
496 g_free(bm);
497}
498
499static void bitmap_list_free(Qcow2BitmapList *bm_list)
500{
501 Qcow2Bitmap *bm;
502
503 if (bm_list == NULL) {
504 return;
505 }
506
507 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) {
508 QSIMPLEQ_REMOVE_HEAD(bm_list, entry);
509 bitmap_free(bm);
510 }
511
512 g_free(bm_list);
513}
514
515static Qcow2BitmapList *bitmap_list_new(void)
516{
517 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1);
518 QSIMPLEQ_INIT(bm_list);
519
520 return bm_list;
521}
522
523static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list)
524{
525 Qcow2Bitmap *bm;
526 uint32_t nb_bitmaps = 0;
527
528 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
529 nb_bitmaps++;
530 }
531
532 return nb_bitmaps;
533}
534
535
536
537
538
539static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset,
540 uint64_t size, Error **errp)
541{
542 int ret;
543 BDRVQcow2State *s = bs->opaque;
544 uint8_t *dir, *dir_end;
545 Qcow2BitmapDirEntry *e;
546 uint32_t nb_dir_entries = 0;
547 Qcow2BitmapList *bm_list = NULL;
548
549 if (size == 0) {
550 error_setg(errp, "Requested bitmap directory size is zero");
551 return NULL;
552 }
553
554 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
555 error_setg(errp, "Requested bitmap directory size is too big");
556 return NULL;
557 }
558
559 dir = g_try_malloc(size);
560 if (dir == NULL) {
561 error_setg(errp, "Failed to allocate space for bitmap directory");
562 return NULL;
563 }
564 dir_end = dir + size;
565
566 ret = bdrv_pread(bs->file, offset, dir, size);
567 if (ret < 0) {
568 error_setg_errno(errp, -ret, "Failed to read bitmap directory");
569 goto fail;
570 }
571
572 bm_list = bitmap_list_new();
573 for (e = (Qcow2BitmapDirEntry *)dir;
574 e < (Qcow2BitmapDirEntry *)dir_end;
575 e = next_dir_entry(e))
576 {
577 Qcow2Bitmap *bm;
578
579 if ((uint8_t *)(e + 1) > dir_end) {
580 goto broken_dir;
581 }
582
583 if (++nb_dir_entries > s->nb_bitmaps) {
584 error_setg(errp, "More bitmaps found than specified in header"
585 " extension");
586 goto fail;
587 }
588 bitmap_dir_entry_to_cpu(e);
589
590 if ((uint8_t *)next_dir_entry(e) > dir_end) {
591 goto broken_dir;
592 }
593
594 if (e->extra_data_size != 0) {
595 error_setg(errp, "Bitmap extra data is not supported");
596 goto fail;
597 }
598
599 ret = check_dir_entry(bs, e);
600 if (ret < 0) {
601 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints",
602 e->name_size, dir_entry_name_field(e));
603 goto fail;
604 }
605
606 bm = g_new0(Qcow2Bitmap, 1);
607 bm->table.offset = e->bitmap_table_offset;
608 bm->table.size = e->bitmap_table_size;
609 bm->flags = e->flags;
610 bm->granularity_bits = e->granularity_bits;
611 bm->name = dir_entry_copy_name(e);
612 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry);
613 }
614
615 if (nb_dir_entries != s->nb_bitmaps) {
616 error_setg(errp, "Less bitmaps found than specified in header"
617 " extension");
618 goto fail;
619 }
620
621 if ((uint8_t *)e != dir_end) {
622 goto broken_dir;
623 }
624
625 g_free(dir);
626 return bm_list;
627
628broken_dir:
629 ret = -EINVAL;
630 error_setg(errp, "Broken bitmap directory");
631
632fail:
633 g_free(dir);
634 bitmap_list_free(bm_list);
635
636 return NULL;
637}
638
639int qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res,
640 void **refcount_table,
641 int64_t *refcount_table_size)
642{
643 int ret;
644 BDRVQcow2State *s = bs->opaque;
645 Qcow2BitmapList *bm_list;
646 Qcow2Bitmap *bm;
647
648 if (s->nb_bitmaps == 0) {
649 return 0;
650 }
651
652 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size,
653 s->bitmap_directory_offset,
654 s->bitmap_directory_size);
655 if (ret < 0) {
656 return ret;
657 }
658
659 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
660 s->bitmap_directory_size, NULL);
661 if (bm_list == NULL) {
662 res->corruptions++;
663 return -EINVAL;
664 }
665
666 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
667 uint64_t *bitmap_table = NULL;
668 int i;
669
670 ret = qcow2_inc_refcounts_imrt(bs, res,
671 refcount_table, refcount_table_size,
672 bm->table.offset,
673 bm->table.size * sizeof(uint64_t));
674 if (ret < 0) {
675 goto out;
676 }
677
678 ret = bitmap_table_load(bs, &bm->table, &bitmap_table);
679 if (ret < 0) {
680 res->corruptions++;
681 goto out;
682 }
683
684 for (i = 0; i < bm->table.size; ++i) {
685 uint64_t entry = bitmap_table[i];
686 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK;
687
688 if (check_table_entry(entry, s->cluster_size) < 0) {
689 res->corruptions++;
690 continue;
691 }
692
693 if (offset == 0) {
694 continue;
695 }
696
697 ret = qcow2_inc_refcounts_imrt(bs, res,
698 refcount_table, refcount_table_size,
699 offset, s->cluster_size);
700 if (ret < 0) {
701 g_free(bitmap_table);
702 goto out;
703 }
704 }
705
706 g_free(bitmap_table);
707 }
708
709out:
710 bitmap_list_free(bm_list);
711
712 return ret;
713}
714
715
716
717
718
719static int bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list,
720 uint64_t *offset, uint64_t *size, bool in_place)
721{
722 int ret;
723 uint8_t *dir;
724 int64_t dir_offset = 0;
725 uint64_t dir_size = 0;
726 Qcow2Bitmap *bm;
727 Qcow2BitmapDirEntry *e;
728
729 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
730 dir_size += calc_dir_entry_size(strlen(bm->name), 0);
731 }
732
733 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
734 return -EINVAL;
735 }
736
737 if (in_place) {
738 if (*size != dir_size || *offset == 0) {
739 return -EINVAL;
740 }
741
742 dir_offset = *offset;
743 }
744
745 dir = g_try_malloc(dir_size);
746 if (dir == NULL) {
747 return -ENOMEM;
748 }
749
750 e = (Qcow2BitmapDirEntry *)dir;
751 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
752 e->bitmap_table_offset = bm->table.offset;
753 e->bitmap_table_size = bm->table.size;
754 e->flags = bm->flags;
755 e->type = BT_DIRTY_TRACKING_BITMAP;
756 e->granularity_bits = bm->granularity_bits;
757 e->name_size = strlen(bm->name);
758 e->extra_data_size = 0;
759 memcpy(e + 1, bm->name, e->name_size);
760
761 if (check_dir_entry(bs, e) < 0) {
762 ret = -EINVAL;
763 goto fail;
764 }
765
766 e = next_dir_entry(e);
767 }
768
769 bitmap_directory_to_be(dir, dir_size);
770
771 if (!in_place) {
772 dir_offset = qcow2_alloc_clusters(bs, dir_size);
773 if (dir_offset < 0) {
774 ret = dir_offset;
775 goto fail;
776 }
777 }
778
779 ret = qcow2_pre_write_overlap_check(bs, 0, dir_offset, dir_size);
780 if (ret < 0) {
781 goto fail;
782 }
783
784 ret = bdrv_pwrite(bs->file, dir_offset, dir, dir_size);
785 if (ret < 0) {
786 goto fail;
787 }
788
789 g_free(dir);
790
791 if (!in_place) {
792 *size = dir_size;
793 *offset = dir_offset;
794 }
795
796 return 0;
797
798fail:
799 g_free(dir);
800
801 if (!in_place && dir_offset > 0) {
802 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER);
803 }
804
805 return ret;
806}
807
808
809
810
811
812static int update_ext_header_and_dir_in_place(BlockDriverState *bs,
813 Qcow2BitmapList *bm_list)
814{
815 BDRVQcow2State *s = bs->opaque;
816 int ret;
817
818 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) ||
819 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) ||
820 bitmap_list_count(bm_list) != s->nb_bitmaps)
821 {
822 return -EINVAL;
823 }
824
825 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS;
826 ret = update_header_sync(bs);
827 if (ret < 0) {
828
829
830
831
832 return ret;
833 }
834
835
836
837 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset,
838 &s->bitmap_directory_size, true);
839 if (ret < 0) {
840
841
842 return ret;
843 }
844
845 ret = update_header_sync(bs);
846 if (ret < 0) {
847
848
849 return ret;
850 }
851
852 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS;
853 return update_header_sync(bs);
854
855
856
857
858}
859
860static int update_ext_header_and_dir(BlockDriverState *bs,
861 Qcow2BitmapList *bm_list)
862{
863 BDRVQcow2State *s = bs->opaque;
864 int ret;
865 uint64_t new_offset = 0;
866 uint64_t new_size = 0;
867 uint32_t new_nb_bitmaps = 0;
868 uint64_t old_offset = s->bitmap_directory_offset;
869 uint64_t old_size = s->bitmap_directory_size;
870 uint32_t old_nb_bitmaps = s->nb_bitmaps;
871 uint64_t old_autocl = s->autoclear_features;
872
873 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) {
874 new_nb_bitmaps = bitmap_list_count(bm_list);
875
876 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) {
877 return -EINVAL;
878 }
879
880 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false);
881 if (ret < 0) {
882 return ret;
883 }
884
885 ret = qcow2_flush_caches(bs);
886 if (ret < 0) {
887 goto fail;
888 }
889
890 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS;
891 } else {
892 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS;
893 }
894
895 s->bitmap_directory_offset = new_offset;
896 s->bitmap_directory_size = new_size;
897 s->nb_bitmaps = new_nb_bitmaps;
898
899 ret = update_header_sync(bs);
900 if (ret < 0) {
901 goto fail;
902 }
903
904 if (old_size > 0) {
905 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER);
906 }
907
908 return 0;
909
910fail:
911 if (new_offset > 0) {
912 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER);
913 }
914
915 s->bitmap_directory_offset = old_offset;
916 s->bitmap_directory_size = old_size;
917 s->nb_bitmaps = old_nb_bitmaps;
918 s->autoclear_features = old_autocl;
919
920 return ret;
921}
922
923
924static void release_dirty_bitmap_helper(gpointer bitmap,
925 gpointer bs)
926{
927 bdrv_release_dirty_bitmap(bs, bitmap);
928}
929
930
931static void set_readonly_helper(gpointer bitmap, gpointer value)
932{
933 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value);
934}
935
936
937
938
939
940
941
942
943bool qcow2_load_dirty_bitmaps(BlockDriverState *bs, Error **errp)
944{
945 BDRVQcow2State *s = bs->opaque;
946 Qcow2BitmapList *bm_list;
947 Qcow2Bitmap *bm;
948 GSList *created_dirty_bitmaps = NULL;
949 bool header_updated = false;
950
951 if (s->nb_bitmaps == 0) {
952
953 return false;
954 }
955
956 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
957 s->bitmap_directory_size, errp);
958 if (bm_list == NULL) {
959 return false;
960 }
961
962 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
963 if (!(bm->flags & BME_FLAG_IN_USE)) {
964 BdrvDirtyBitmap *bitmap = load_bitmap(bs, bm, errp);
965 if (bitmap == NULL) {
966 goto fail;
967 }
968
969 if (!(bm->flags & BME_FLAG_AUTO)) {
970 bdrv_disable_dirty_bitmap(bitmap);
971 }
972 bdrv_dirty_bitmap_set_persistance(bitmap, true);
973 bm->flags |= BME_FLAG_IN_USE;
974 created_dirty_bitmaps =
975 g_slist_append(created_dirty_bitmaps, bitmap);
976 }
977 }
978
979 if (created_dirty_bitmaps != NULL) {
980 if (can_write(bs)) {
981
982 int ret = update_ext_header_and_dir_in_place(bs, bm_list);
983 if (ret < 0) {
984 error_setg_errno(errp, -ret, "Can't update bitmap directory");
985 goto fail;
986 }
987 header_updated = true;
988 } else {
989 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper,
990 (gpointer)true);
991 }
992 }
993
994 g_slist_free(created_dirty_bitmaps);
995 bitmap_list_free(bm_list);
996
997 return header_updated;
998
999fail:
1000 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs);
1001 g_slist_free(created_dirty_bitmaps);
1002 bitmap_list_free(bm_list);
1003
1004 return false;
1005}
1006
1007int qcow2_reopen_bitmaps_rw_hint(BlockDriverState *bs, bool *header_updated,
1008 Error **errp)
1009{
1010 BDRVQcow2State *s = bs->opaque;
1011 Qcow2BitmapList *bm_list;
1012 Qcow2Bitmap *bm;
1013 GSList *ro_dirty_bitmaps = NULL;
1014 int ret = 0;
1015
1016 if (header_updated != NULL) {
1017 *header_updated = false;
1018 }
1019
1020 if (s->nb_bitmaps == 0) {
1021
1022 return 0;
1023 }
1024
1025 if (!can_write(bs)) {
1026 error_setg(errp, "Can't write to the image on reopening bitmaps rw");
1027 return -EINVAL;
1028 }
1029
1030 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1031 s->bitmap_directory_size, errp);
1032 if (bm_list == NULL) {
1033 return -EINVAL;
1034 }
1035
1036 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1037 if (!(bm->flags & BME_FLAG_IN_USE)) {
1038 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name);
1039 if (bitmap == NULL) {
1040 continue;
1041 }
1042
1043 if (!bdrv_dirty_bitmap_readonly(bitmap)) {
1044 error_setg(errp, "Bitmap %s is not readonly but not marked"
1045 "'IN_USE' in the image. Something went wrong,"
1046 "all the bitmaps may be corrupted", bm->name);
1047 ret = -EINVAL;
1048 goto out;
1049 }
1050
1051 bm->flags |= BME_FLAG_IN_USE;
1052 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap);
1053 }
1054 }
1055
1056 if (ro_dirty_bitmaps != NULL) {
1057
1058 ret = update_ext_header_and_dir_in_place(bs, bm_list);
1059 if (ret < 0) {
1060 error_setg_errno(errp, -ret, "Can't update bitmap directory");
1061 goto out;
1062 }
1063 if (header_updated != NULL) {
1064 *header_updated = true;
1065 }
1066 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, false);
1067 }
1068
1069out:
1070 g_slist_free(ro_dirty_bitmaps);
1071 bitmap_list_free(bm_list);
1072
1073 return ret;
1074}
1075
1076int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp)
1077{
1078 return qcow2_reopen_bitmaps_rw_hint(bs, NULL, errp);
1079}
1080
1081
1082
1083
1084static uint64_t *store_bitmap_data(BlockDriverState *bs,
1085 BdrvDirtyBitmap *bitmap,
1086 uint32_t *bitmap_table_size, Error **errp)
1087{
1088 int ret;
1089 BDRVQcow2State *s = bs->opaque;
1090 int64_t offset;
1091 uint64_t limit;
1092 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap);
1093 const char *bm_name = bdrv_dirty_bitmap_name(bitmap);
1094 uint8_t *buf = NULL;
1095 BdrvDirtyBitmapIter *dbi;
1096 uint64_t *tb;
1097 uint64_t tb_size =
1098 size_to_clusters(s,
1099 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size));
1100
1101 if (tb_size > BME_MAX_TABLE_SIZE ||
1102 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE)
1103 {
1104 error_setg(errp, "Bitmap '%s' is too big", bm_name);
1105 return NULL;
1106 }
1107
1108 tb = g_try_new0(uint64_t, tb_size);
1109 if (tb == NULL) {
1110 error_setg(errp, "No memory");
1111 return NULL;
1112 }
1113
1114 dbi = bdrv_dirty_iter_new(bitmap);
1115 buf = g_malloc(s->cluster_size);
1116 limit = bytes_covered_by_bitmap_cluster(s, bitmap);
1117 assert(DIV_ROUND_UP(bm_size, limit) == tb_size);
1118
1119 while ((offset = bdrv_dirty_iter_next(dbi)) >= 0) {
1120 uint64_t cluster = offset / limit;
1121 uint64_t end, write_size;
1122 int64_t off;
1123
1124
1125
1126
1127
1128
1129 offset = QEMU_ALIGN_DOWN(offset, limit);
1130 end = MIN(bm_size, offset + limit);
1131 write_size = bdrv_dirty_bitmap_serialization_size(bitmap, offset,
1132 end - offset);
1133 assert(write_size <= s->cluster_size);
1134
1135 off = qcow2_alloc_clusters(bs, s->cluster_size);
1136 if (off < 0) {
1137 error_setg_errno(errp, -off,
1138 "Failed to allocate clusters for bitmap '%s'",
1139 bm_name);
1140 goto fail;
1141 }
1142 tb[cluster] = off;
1143
1144 bdrv_dirty_bitmap_serialize_part(bitmap, buf, offset, end - offset);
1145 if (write_size < s->cluster_size) {
1146 memset(buf + write_size, 0, s->cluster_size - write_size);
1147 }
1148
1149 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size);
1150 if (ret < 0) {
1151 error_setg_errno(errp, -ret, "Qcow2 overlap check failed");
1152 goto fail;
1153 }
1154
1155 ret = bdrv_pwrite(bs->file, off, buf, s->cluster_size);
1156 if (ret < 0) {
1157 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file",
1158 bm_name);
1159 goto fail;
1160 }
1161
1162 if (end >= bm_size) {
1163 break;
1164 }
1165
1166 bdrv_set_dirty_iter(dbi, end);
1167 }
1168
1169 *bitmap_table_size = tb_size;
1170 g_free(buf);
1171 bdrv_dirty_iter_free(dbi);
1172
1173 return tb;
1174
1175fail:
1176 clear_bitmap_table(bs, tb, tb_size);
1177 g_free(buf);
1178 bdrv_dirty_iter_free(dbi);
1179 g_free(tb);
1180
1181 return NULL;
1182}
1183
1184
1185
1186
1187
1188static int store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp)
1189{
1190 int ret;
1191 uint64_t *tb;
1192 int64_t tb_offset;
1193 uint32_t tb_size;
1194 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap;
1195 const char *bm_name;
1196
1197 assert(bitmap != NULL);
1198
1199 bm_name = bdrv_dirty_bitmap_name(bitmap);
1200
1201 tb = store_bitmap_data(bs, bitmap, &tb_size, errp);
1202 if (tb == NULL) {
1203 return -EINVAL;
1204 }
1205
1206 assert(tb_size <= BME_MAX_TABLE_SIZE);
1207 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0]));
1208 if (tb_offset < 0) {
1209 error_setg_errno(errp, -tb_offset,
1210 "Failed to allocate clusters for bitmap '%s'",
1211 bm_name);
1212 ret = tb_offset;
1213 goto fail;
1214 }
1215
1216 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset,
1217 tb_size * sizeof(tb[0]));
1218 if (ret < 0) {
1219 error_setg_errno(errp, -ret, "Qcow2 overlap check failed");
1220 goto fail;
1221 }
1222
1223 bitmap_table_to_be(tb, tb_size);
1224 ret = bdrv_pwrite(bs->file, tb_offset, tb, tb_size * sizeof(tb[0]));
1225 if (ret < 0) {
1226 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file",
1227 bm_name);
1228 goto fail;
1229 }
1230
1231 g_free(tb);
1232
1233 bm->table.offset = tb_offset;
1234 bm->table.size = tb_size;
1235
1236 return 0;
1237
1238fail:
1239 clear_bitmap_table(bs, tb, tb_size);
1240
1241 if (tb_offset > 0) {
1242 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]),
1243 QCOW2_DISCARD_OTHER);
1244 }
1245
1246 g_free(tb);
1247
1248 return ret;
1249}
1250
1251static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list,
1252 const char *name)
1253{
1254 Qcow2Bitmap *bm;
1255
1256 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1257 if (strcmp(name, bm->name) == 0) {
1258 return bm;
1259 }
1260 }
1261
1262 return NULL;
1263}
1264
1265void qcow2_remove_persistent_dirty_bitmap(BlockDriverState *bs,
1266 const char *name,
1267 Error **errp)
1268{
1269 int ret;
1270 BDRVQcow2State *s = bs->opaque;
1271 Qcow2Bitmap *bm;
1272 Qcow2BitmapList *bm_list;
1273
1274 if (s->nb_bitmaps == 0) {
1275
1276
1277 return;
1278 }
1279
1280 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1281 s->bitmap_directory_size, errp);
1282 if (bm_list == NULL) {
1283 return;
1284 }
1285
1286 bm = find_bitmap_by_name(bm_list, name);
1287 if (bm == NULL) {
1288 goto fail;
1289 }
1290
1291 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry);
1292
1293 ret = update_ext_header_and_dir(bs, bm_list);
1294 if (ret < 0) {
1295 error_setg_errno(errp, -ret, "Failed to update bitmap extension");
1296 goto fail;
1297 }
1298
1299 free_bitmap_clusters(bs, &bm->table);
1300
1301fail:
1302 bitmap_free(bm);
1303 bitmap_list_free(bm_list);
1304}
1305
1306void qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, Error **errp)
1307{
1308 BdrvDirtyBitmap *bitmap;
1309 BDRVQcow2State *s = bs->opaque;
1310 uint32_t new_nb_bitmaps = s->nb_bitmaps;
1311 uint64_t new_dir_size = s->bitmap_directory_size;
1312 int ret;
1313 Qcow2BitmapList *bm_list;
1314 Qcow2Bitmap *bm;
1315 Qcow2BitmapTableList drop_tables;
1316 Qcow2BitmapTable *tb, *tb_next;
1317
1318 if (!bdrv_has_changed_persistent_bitmaps(bs)) {
1319
1320 return;
1321 }
1322
1323 if (!can_write(bs)) {
1324 error_setg(errp, "No write access");
1325 return;
1326 }
1327
1328 QSIMPLEQ_INIT(&drop_tables);
1329
1330 if (s->nb_bitmaps == 0) {
1331 bm_list = bitmap_list_new();
1332 } else {
1333 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1334 s->bitmap_directory_size, errp);
1335 if (bm_list == NULL) {
1336 return;
1337 }
1338 }
1339
1340
1341 for (bitmap = bdrv_dirty_bitmap_next(bs, NULL); bitmap != NULL;
1342 bitmap = bdrv_dirty_bitmap_next(bs, bitmap))
1343 {
1344 const char *name = bdrv_dirty_bitmap_name(bitmap);
1345 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap);
1346 Qcow2Bitmap *bm;
1347
1348 if (!bdrv_dirty_bitmap_get_persistance(bitmap) ||
1349 bdrv_dirty_bitmap_readonly(bitmap))
1350 {
1351 continue;
1352 }
1353
1354 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) {
1355 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ",
1356 name);
1357 goto fail;
1358 }
1359
1360 bm = find_bitmap_by_name(bm_list, name);
1361 if (bm == NULL) {
1362 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) {
1363 error_setg(errp, "Too many persistent bitmaps");
1364 goto fail;
1365 }
1366
1367 new_dir_size += calc_dir_entry_size(strlen(name), 0);
1368 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) {
1369 error_setg(errp, "Bitmap directory is too large");
1370 goto fail;
1371 }
1372
1373 bm = g_new0(Qcow2Bitmap, 1);
1374 bm->name = g_strdup(name);
1375 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry);
1376 } else {
1377 if (!(bm->flags & BME_FLAG_IN_USE)) {
1378 error_setg(errp, "Bitmap '%s' already exists in the image",
1379 name);
1380 goto fail;
1381 }
1382 tb = g_memdup(&bm->table, sizeof(bm->table));
1383 bm->table.offset = 0;
1384 bm->table.size = 0;
1385 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry);
1386 }
1387 bm->flags = bdrv_dirty_bitmap_enabled(bitmap) ? BME_FLAG_AUTO : 0;
1388 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap));
1389 bm->dirty_bitmap = bitmap;
1390 }
1391
1392
1393 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1394 if (bm->dirty_bitmap == NULL) {
1395 continue;
1396 }
1397
1398 ret = store_bitmap(bs, bm, errp);
1399 if (ret < 0) {
1400 goto fail;
1401 }
1402 }
1403
1404 ret = update_ext_header_and_dir(bs, bm_list);
1405 if (ret < 0) {
1406 error_setg_errno(errp, -ret, "Failed to update bitmap extension");
1407 goto fail;
1408 }
1409
1410
1411
1412 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) {
1413 free_bitmap_clusters(bs, tb);
1414 g_free(tb);
1415 }
1416
1417 bitmap_list_free(bm_list);
1418 return;
1419
1420fail:
1421 QSIMPLEQ_FOREACH(bm, bm_list, entry) {
1422 if (bm->dirty_bitmap == NULL || bm->table.offset == 0) {
1423 continue;
1424 }
1425
1426 free_bitmap_clusters(bs, &bm->table);
1427 }
1428
1429 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) {
1430 g_free(tb);
1431 }
1432
1433 bitmap_list_free(bm_list);
1434}
1435
1436int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp)
1437{
1438 BdrvDirtyBitmap *bitmap;
1439 Error *local_err = NULL;
1440
1441 qcow2_store_persistent_dirty_bitmaps(bs, &local_err);
1442 if (local_err != NULL) {
1443 error_propagate(errp, local_err);
1444 return -EINVAL;
1445 }
1446
1447 for (bitmap = bdrv_dirty_bitmap_next(bs, NULL); bitmap != NULL;
1448 bitmap = bdrv_dirty_bitmap_next(bs, bitmap))
1449 {
1450 if (bdrv_dirty_bitmap_get_persistance(bitmap)) {
1451 bdrv_dirty_bitmap_set_readonly(bitmap, true);
1452 }
1453 }
1454
1455 return 0;
1456}
1457
1458bool qcow2_can_store_new_dirty_bitmap(BlockDriverState *bs,
1459 const char *name,
1460 uint32_t granularity,
1461 Error **errp)
1462{
1463 BDRVQcow2State *s = bs->opaque;
1464 bool found;
1465 Qcow2BitmapList *bm_list;
1466
1467 if (s->qcow_version < 3) {
1468
1469
1470
1471
1472
1473 error_setg(errp, "Cannot store dirty bitmaps in qcow2 v2 files");
1474 goto fail;
1475 }
1476
1477 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) {
1478 goto fail;
1479 }
1480
1481 if (s->nb_bitmaps == 0) {
1482 return true;
1483 }
1484
1485 if (s->nb_bitmaps >= QCOW2_MAX_BITMAPS) {
1486 error_setg(errp,
1487 "Maximum number of persistent bitmaps is already reached");
1488 goto fail;
1489 }
1490
1491 if (s->bitmap_directory_size + calc_dir_entry_size(strlen(name), 0) >
1492 QCOW2_MAX_BITMAP_DIRECTORY_SIZE)
1493 {
1494 error_setg(errp, "Not enough space in the bitmap directory");
1495 goto fail;
1496 }
1497
1498 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
1499 s->bitmap_directory_size, errp);
1500 if (bm_list == NULL) {
1501 goto fail;
1502 }
1503
1504 found = find_bitmap_by_name(bm_list, name);
1505 bitmap_list_free(bm_list);
1506 if (found) {
1507 error_setg(errp, "Bitmap with the same name is already stored");
1508 goto fail;
1509 }
1510
1511 return true;
1512
1513fail:
1514 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ",
1515 name, bdrv_get_device_or_node_name(bs));
1516 return false;
1517}
1518
