1 /* 2 * Bitmaps for the QCOW version 2 format 3 * 4 * Copyright (c) 2014-2017 Vladimir Sementsov-Ogievskiy 5 * 6 * This file is derived from qcow2-snapshot.c, original copyright: 7 * Copyright (c) 2004-2006 Fabrice Bellard 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu/osdep.h" 29 #include "block/block-io.h" 30 #include "block/dirty-bitmap.h" 31 #include "qapi/error.h" 32 #include "qemu/cutils.h" 33 34 #include "qcow2.h" 35 36 /* NOTICE: BME here means Bitmaps Extension and used as a namespace for 37 * _internal_ constants. Please do not use this _internal_ abbreviation for 38 * other needs and/or outside of this file. */ 39 40 /* Bitmap directory entry constraints */ 41 #define BME_MAX_TABLE_SIZE 0x8000000 42 #define BME_MAX_PHYS_SIZE 0x20000000 /* restrict BdrvDirtyBitmap size in RAM */ 43 #define BME_MAX_GRANULARITY_BITS 31 44 #define BME_MIN_GRANULARITY_BITS 9 45 #define BME_MAX_NAME_SIZE 1023 46 47 /* Size of bitmap table entries */ 48 #define BME_TABLE_ENTRY_SIZE (sizeof(uint64_t)) 49 50 QEMU_BUILD_BUG_ON(BME_MAX_NAME_SIZE != BDRV_BITMAP_MAX_NAME_SIZE); 51 52 #if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX 53 #error In the code bitmap table physical size assumed to fit into int 54 #endif 55 56 /* Bitmap directory entry flags */ 57 #define BME_RESERVED_FLAGS 0xfffffffcU 58 #define BME_FLAG_IN_USE (1U << 0) 59 #define BME_FLAG_AUTO (1U << 1) 60 61 /* bits [1, 8] U [56, 63] are reserved */ 62 #define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL 63 #define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL 64 #define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0) 65 66 typedef struct QEMU_PACKED Qcow2BitmapDirEntry { 67 /* header is 8 byte aligned */ 68 uint64_t bitmap_table_offset; 69 70 uint32_t bitmap_table_size; 71 uint32_t flags; 72 73 uint8_t type; 74 uint8_t granularity_bits; 75 uint16_t name_size; 76 uint32_t extra_data_size; 77 /* extra data follows */ 78 /* name follows */ 79 } Qcow2BitmapDirEntry; 80 81 typedef struct Qcow2BitmapTable { 82 uint64_t offset; 83 uint32_t size; /* number of 64bit entries */ 84 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry; 85 } Qcow2BitmapTable; 86 87 typedef struct Qcow2Bitmap { 88 Qcow2BitmapTable table; 89 uint32_t flags; 90 uint8_t granularity_bits; 91 char *name; 92 93 BdrvDirtyBitmap *dirty_bitmap; 94 95 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry; 96 } Qcow2Bitmap; 97 typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList; 98 99 typedef enum BitmapType { 100 BT_DIRTY_TRACKING_BITMAP = 1 101 } BitmapType; 102 103 static inline bool can_write(BlockDriverState *bs) 104 { 105 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 106 } 107 108 static int update_header_sync(BlockDriverState *bs) 109 { 110 int ret; 111 112 ret = qcow2_update_header(bs); 113 if (ret < 0) { 114 return ret; 115 } 116 117 return bdrv_flush(bs->file->bs); 118 } 119 120 static inline void bitmap_table_bswap_be(uint64_t *bitmap_table, size_t size) 121 { 122 size_t i; 123 124 for (i = 0; i < size; ++i) { 125 bitmap_table[i] = cpu_to_be64(bitmap_table[i]); 126 } 127 } 128 129 static int check_table_entry(uint64_t entry, int cluster_size) 130 { 131 uint64_t offset; 132 133 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) { 134 return -EINVAL; 135 } 136 137 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 138 if (offset != 0) { 139 /* if offset specified, bit 0 is reserved */ 140 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 141 return -EINVAL; 142 } 143 144 if (offset % cluster_size != 0) { 145 return -EINVAL; 146 } 147 } 148 149 return 0; 150 } 151 152 static int64_t get_bitmap_bytes_needed(int64_t len, uint32_t granularity) 153 { 154 int64_t num_bits = DIV_ROUND_UP(len, granularity); 155 156 return DIV_ROUND_UP(num_bits, 8); 157 } 158 159 static int GRAPH_RDLOCK 160 check_constraints_on_bitmap(BlockDriverState *bs, const char *name, 161 uint32_t granularity, Error **errp) 162 { 163 BDRVQcow2State *s = bs->opaque; 164 int granularity_bits = ctz32(granularity); 165 int64_t len = bdrv_getlength(bs); 166 int64_t bitmap_bytes; 167 168 assert(granularity > 0); 169 assert((granularity & (granularity - 1)) == 0); 170 171 if (len < 0) { 172 error_setg_errno(errp, -len, "Failed to get size of '%s'", 173 bdrv_get_device_or_node_name(bs)); 174 return len; 175 } 176 177 if (granularity_bits > BME_MAX_GRANULARITY_BITS) { 178 error_setg(errp, "Granularity exceeds maximum (%llu bytes)", 179 1ULL << BME_MAX_GRANULARITY_BITS); 180 return -EINVAL; 181 } 182 if (granularity_bits < BME_MIN_GRANULARITY_BITS) { 183 error_setg(errp, "Granularity is under minimum (%llu bytes)", 184 1ULL << BME_MIN_GRANULARITY_BITS); 185 return -EINVAL; 186 } 187 188 bitmap_bytes = get_bitmap_bytes_needed(len, granularity); 189 if ((bitmap_bytes > (uint64_t)BME_MAX_PHYS_SIZE) || 190 (bitmap_bytes > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size)) 191 { 192 error_setg(errp, "Too much space will be occupied by the bitmap. " 193 "Use larger granularity"); 194 return -EINVAL; 195 } 196 197 if (strlen(name) > BME_MAX_NAME_SIZE) { 198 error_setg(errp, "Name length exceeds maximum (%u characters)", 199 BME_MAX_NAME_SIZE); 200 return -EINVAL; 201 } 202 203 return 0; 204 } 205 206 static void GRAPH_RDLOCK 207 clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table, 208 uint32_t bitmap_table_size) 209 { 210 BDRVQcow2State *s = bs->opaque; 211 int i; 212 213 for (i = 0; i < bitmap_table_size; ++i) { 214 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK; 215 if (!addr) { 216 continue; 217 } 218 219 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_ALWAYS); 220 bitmap_table[i] = 0; 221 } 222 } 223 224 static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb, 225 uint64_t **bitmap_table) 226 { 227 int ret; 228 BDRVQcow2State *s = bs->opaque; 229 uint32_t i; 230 uint64_t *table; 231 232 assert(tb->size != 0); 233 table = g_try_new(uint64_t, tb->size); 234 if (table == NULL) { 235 return -ENOMEM; 236 } 237 238 assert(tb->size <= BME_MAX_TABLE_SIZE); 239 ret = bdrv_pread(bs->file, tb->offset, tb->size * BME_TABLE_ENTRY_SIZE, 240 table, 0); 241 if (ret < 0) { 242 goto fail; 243 } 244 245 for (i = 0; i < tb->size; ++i) { 246 table[i] = be64_to_cpu(table[i]); 247 ret = check_table_entry(table[i], s->cluster_size); 248 if (ret < 0) { 249 goto fail; 250 } 251 } 252 253 *bitmap_table = table; 254 return 0; 255 256 fail: 257 g_free(table); 258 259 return ret; 260 } 261 262 static int GRAPH_RDLOCK 263 free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb) 264 { 265 int ret; 266 uint64_t *bitmap_table; 267 268 ret = bitmap_table_load(bs, tb, &bitmap_table); 269 if (ret < 0) { 270 return ret; 271 } 272 273 clear_bitmap_table(bs, bitmap_table, tb->size); 274 qcow2_free_clusters(bs, tb->offset, tb->size * BME_TABLE_ENTRY_SIZE, 275 QCOW2_DISCARD_OTHER); 276 g_free(bitmap_table); 277 278 tb->offset = 0; 279 tb->size = 0; 280 281 return 0; 282 } 283 284 /* load_bitmap_data 285 * @bitmap_table entries must satisfy specification constraints. 286 * @bitmap must be cleared */ 287 static int coroutine_fn GRAPH_RDLOCK 288 load_bitmap_data(BlockDriverState *bs, const uint64_t *bitmap_table, 289 uint32_t bitmap_table_size, BdrvDirtyBitmap *bitmap) 290 { 291 int ret = 0; 292 BDRVQcow2State *s = bs->opaque; 293 uint64_t offset, limit; 294 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 295 uint8_t *buf = NULL; 296 uint64_t i, tab_size = 297 size_to_clusters(s, 298 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 299 300 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) { 301 return -EINVAL; 302 } 303 304 buf = g_malloc(s->cluster_size); 305 limit = bdrv_dirty_bitmap_serialization_coverage(s->cluster_size, bitmap); 306 for (i = 0, offset = 0; i < tab_size; ++i, offset += limit) { 307 uint64_t count = MIN(bm_size - offset, limit); 308 uint64_t entry = bitmap_table[i]; 309 uint64_t data_offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 310 311 assert(check_table_entry(entry, s->cluster_size) == 0); 312 313 if (data_offset == 0) { 314 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 315 bdrv_dirty_bitmap_deserialize_ones(bitmap, offset, count, 316 false); 317 } else { 318 /* No need to deserialize zeros because the dirty bitmap is 319 * already cleared */ 320 } 321 } else { 322 ret = bdrv_co_pread(bs->file, data_offset, s->cluster_size, buf, 0); 323 if (ret < 0) { 324 goto finish; 325 } 326 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, offset, count, 327 false); 328 } 329 } 330 ret = 0; 331 332 bdrv_dirty_bitmap_deserialize_finish(bitmap); 333 334 finish: 335 g_free(buf); 336 337 return ret; 338 } 339 340 static coroutine_fn GRAPH_RDLOCK 341 BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs, 342 Qcow2Bitmap *bm, Error **errp) 343 { 344 int ret; 345 uint64_t *bitmap_table = NULL; 346 uint32_t granularity; 347 BdrvDirtyBitmap *bitmap = NULL; 348 349 granularity = 1U << bm->granularity_bits; 350 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp); 351 if (bitmap == NULL) { 352 goto fail; 353 } 354 355 if (bm->flags & BME_FLAG_IN_USE) { 356 /* Data is unusable, skip loading it */ 357 return bitmap; 358 } 359 360 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 361 if (ret < 0) { 362 error_setg_errno(errp, -ret, 363 "Could not read bitmap_table table from image for " 364 "bitmap '%s'", bm->name); 365 goto fail; 366 } 367 368 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap); 369 if (ret < 0) { 370 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image", 371 bm->name); 372 goto fail; 373 } 374 375 g_free(bitmap_table); 376 return bitmap; 377 378 fail: 379 g_free(bitmap_table); 380 if (bitmap != NULL) { 381 bdrv_release_dirty_bitmap(bitmap); 382 } 383 384 return NULL; 385 } 386 387 /* 388 * Bitmap List 389 */ 390 391 /* 392 * Bitmap List private functions 393 * Only Bitmap List knows about bitmap directory structure in Qcow2. 394 */ 395 396 static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry) 397 { 398 entry->bitmap_table_offset = be64_to_cpu(entry->bitmap_table_offset); 399 entry->bitmap_table_size = be32_to_cpu(entry->bitmap_table_size); 400 entry->flags = be32_to_cpu(entry->flags); 401 entry->name_size = be16_to_cpu(entry->name_size); 402 entry->extra_data_size = be32_to_cpu(entry->extra_data_size); 403 } 404 405 static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry) 406 { 407 entry->bitmap_table_offset = cpu_to_be64(entry->bitmap_table_offset); 408 entry->bitmap_table_size = cpu_to_be32(entry->bitmap_table_size); 409 entry->flags = cpu_to_be32(entry->flags); 410 entry->name_size = cpu_to_be16(entry->name_size); 411 entry->extra_data_size = cpu_to_be32(entry->extra_data_size); 412 } 413 414 static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size) 415 { 416 int size = sizeof(Qcow2BitmapDirEntry) + name_size + extra_data_size; 417 return ROUND_UP(size, 8); 418 } 419 420 static inline int dir_entry_size(Qcow2BitmapDirEntry *entry) 421 { 422 return calc_dir_entry_size(entry->name_size, entry->extra_data_size); 423 } 424 425 static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry) 426 { 427 return (const char *)(entry + 1) + entry->extra_data_size; 428 } 429 430 static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry) 431 { 432 const char *name_field = dir_entry_name_field(entry); 433 return g_strndup(name_field, entry->name_size); 434 } 435 436 static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry) 437 { 438 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry)); 439 } 440 441 static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry) 442 { 443 BDRVQcow2State *s = bs->opaque; 444 uint64_t phys_bitmap_bytes; 445 int64_t len; 446 447 bool fail = (entry->bitmap_table_size == 0) || 448 (entry->bitmap_table_offset == 0) || 449 (entry->bitmap_table_offset % s->cluster_size) || 450 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) || 451 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) || 452 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) || 453 (entry->flags & BME_RESERVED_FLAGS) || 454 (entry->name_size > BME_MAX_NAME_SIZE) || 455 (entry->type != BT_DIRTY_TRACKING_BITMAP); 456 457 if (fail) { 458 return -EINVAL; 459 } 460 461 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size; 462 len = bdrv_getlength(bs); 463 464 if (len < 0) { 465 return len; 466 } 467 468 if (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) { 469 return -EINVAL; 470 } 471 472 if (!(entry->flags & BME_FLAG_IN_USE) && 473 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits))) 474 { 475 /* 476 * We've loaded a valid bitmap (IN_USE not set) or we are going to 477 * store a valid bitmap, but the allocated bitmap table size is not 478 * enough to store this bitmap. 479 * 480 * Note, that it's OK to have an invalid bitmap with invalid size due 481 * to a bitmap that was not correctly saved after image resize. 482 */ 483 return -EINVAL; 484 } 485 486 return 0; 487 } 488 489 static inline void bitmap_directory_to_be(uint8_t *dir, size_t size) 490 { 491 uint8_t *end = dir + size; 492 while (dir < end) { 493 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir; 494 dir += dir_entry_size(e); 495 496 bitmap_dir_entry_to_be(e); 497 } 498 } 499 500 /* 501 * Bitmap List public functions 502 */ 503 504 static void bitmap_free(Qcow2Bitmap *bm) 505 { 506 if (bm == NULL) { 507 return; 508 } 509 510 g_free(bm->name); 511 g_free(bm); 512 } 513 514 static void bitmap_list_free(Qcow2BitmapList *bm_list) 515 { 516 Qcow2Bitmap *bm; 517 518 if (bm_list == NULL) { 519 return; 520 } 521 522 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) { 523 QSIMPLEQ_REMOVE_HEAD(bm_list, entry); 524 bitmap_free(bm); 525 } 526 527 g_free(bm_list); 528 } 529 530 static Qcow2BitmapList *bitmap_list_new(void) 531 { 532 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1); 533 QSIMPLEQ_INIT(bm_list); 534 535 return bm_list; 536 } 537 538 static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list) 539 { 540 Qcow2Bitmap *bm; 541 uint32_t nb_bitmaps = 0; 542 543 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 544 nb_bitmaps++; 545 } 546 547 return nb_bitmaps; 548 } 549 550 /* bitmap_list_load 551 * Get bitmap list from qcow2 image. Actually reads bitmap directory, 552 * checks it and convert to bitmap list. 553 */ 554 static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset, 555 uint64_t size, Error **errp) 556 { 557 int ret; 558 BDRVQcow2State *s = bs->opaque; 559 uint8_t *dir, *dir_end; 560 Qcow2BitmapDirEntry *e; 561 uint32_t nb_dir_entries = 0; 562 Qcow2BitmapList *bm_list = NULL; 563 564 if (size == 0) { 565 error_setg(errp, "Requested bitmap directory size is zero"); 566 return NULL; 567 } 568 569 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 570 error_setg(errp, "Requested bitmap directory size is too big"); 571 return NULL; 572 } 573 574 dir = g_try_malloc(size); 575 if (dir == NULL) { 576 error_setg(errp, "Failed to allocate space for bitmap directory"); 577 return NULL; 578 } 579 dir_end = dir + size; 580 581 ret = bdrv_pread(bs->file, offset, size, dir, 0); 582 if (ret < 0) { 583 error_setg_errno(errp, -ret, "Failed to read bitmap directory"); 584 goto fail; 585 } 586 587 bm_list = bitmap_list_new(); 588 for (e = (Qcow2BitmapDirEntry *)dir; 589 e < (Qcow2BitmapDirEntry *)dir_end; 590 e = next_dir_entry(e)) 591 { 592 Qcow2Bitmap *bm; 593 594 if ((uint8_t *)(e + 1) > dir_end) { 595 goto broken_dir; 596 } 597 598 if (++nb_dir_entries > s->nb_bitmaps) { 599 error_setg(errp, "More bitmaps found than specified in header" 600 " extension"); 601 goto fail; 602 } 603 bitmap_dir_entry_to_cpu(e); 604 605 if ((uint8_t *)next_dir_entry(e) > dir_end) { 606 goto broken_dir; 607 } 608 609 if (e->extra_data_size != 0) { 610 error_setg(errp, "Bitmap extra data is not supported"); 611 goto fail; 612 } 613 614 ret = check_dir_entry(bs, e); 615 if (ret < 0) { 616 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints", 617 e->name_size, dir_entry_name_field(e)); 618 goto fail; 619 } 620 621 bm = g_new0(Qcow2Bitmap, 1); 622 bm->table.offset = e->bitmap_table_offset; 623 bm->table.size = e->bitmap_table_size; 624 bm->flags = e->flags; 625 bm->granularity_bits = e->granularity_bits; 626 bm->name = dir_entry_copy_name(e); 627 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 628 } 629 630 if (nb_dir_entries != s->nb_bitmaps) { 631 error_setg(errp, "Less bitmaps found than specified in header" 632 " extension"); 633 goto fail; 634 } 635 636 if ((uint8_t *)e != dir_end) { 637 goto broken_dir; 638 } 639 640 g_free(dir); 641 return bm_list; 642 643 broken_dir: 644 error_setg(errp, "Broken bitmap directory"); 645 646 fail: 647 g_free(dir); 648 bitmap_list_free(bm_list); 649 650 return NULL; 651 } 652 653 int coroutine_fn 654 qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res, 655 void **refcount_table, 656 int64_t *refcount_table_size) 657 { 658 int ret; 659 BDRVQcow2State *s = bs->opaque; 660 Qcow2BitmapList *bm_list; 661 Qcow2Bitmap *bm; 662 663 if (s->nb_bitmaps == 0) { 664 return 0; 665 } 666 667 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size, 668 s->bitmap_directory_offset, 669 s->bitmap_directory_size); 670 if (ret < 0) { 671 return ret; 672 } 673 674 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 675 s->bitmap_directory_size, NULL); 676 if (bm_list == NULL) { 677 res->corruptions++; 678 return -EINVAL; 679 } 680 681 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 682 uint64_t *bitmap_table = NULL; 683 int i; 684 685 ret = qcow2_inc_refcounts_imrt(bs, res, 686 refcount_table, refcount_table_size, 687 bm->table.offset, 688 bm->table.size * BME_TABLE_ENTRY_SIZE); 689 if (ret < 0) { 690 goto out; 691 } 692 693 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 694 if (ret < 0) { 695 res->corruptions++; 696 goto out; 697 } 698 699 for (i = 0; i < bm->table.size; ++i) { 700 uint64_t entry = bitmap_table[i]; 701 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 702 703 if (check_table_entry(entry, s->cluster_size) < 0) { 704 res->corruptions++; 705 continue; 706 } 707 708 if (offset == 0) { 709 continue; 710 } 711 712 ret = qcow2_inc_refcounts_imrt(bs, res, 713 refcount_table, refcount_table_size, 714 offset, s->cluster_size); 715 if (ret < 0) { 716 g_free(bitmap_table); 717 goto out; 718 } 719 } 720 721 g_free(bitmap_table); 722 } 723 724 out: 725 bitmap_list_free(bm_list); 726 727 return ret; 728 } 729 730 /* bitmap_list_store 731 * Store bitmap list to qcow2 image as a bitmap directory. 732 * Everything is checked. 733 */ 734 static int GRAPH_RDLOCK 735 bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list, 736 uint64_t *offset, uint64_t *size, bool in_place) 737 { 738 int ret; 739 uint8_t *dir; 740 int64_t dir_offset = 0; 741 uint64_t dir_size = 0; 742 Qcow2Bitmap *bm; 743 Qcow2BitmapDirEntry *e; 744 745 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 746 dir_size += calc_dir_entry_size(strlen(bm->name), 0); 747 } 748 749 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 750 return -EINVAL; 751 } 752 753 if (in_place) { 754 if (*size != dir_size || *offset == 0) { 755 return -EINVAL; 756 } 757 758 dir_offset = *offset; 759 } 760 761 dir = g_try_malloc0(dir_size); 762 if (dir == NULL) { 763 return -ENOMEM; 764 } 765 766 e = (Qcow2BitmapDirEntry *)dir; 767 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 768 e->bitmap_table_offset = bm->table.offset; 769 e->bitmap_table_size = bm->table.size; 770 e->flags = bm->flags; 771 e->type = BT_DIRTY_TRACKING_BITMAP; 772 e->granularity_bits = bm->granularity_bits; 773 e->name_size = strlen(bm->name); 774 e->extra_data_size = 0; 775 memcpy(e + 1, bm->name, e->name_size); 776 777 if (check_dir_entry(bs, e) < 0) { 778 ret = -EINVAL; 779 goto fail; 780 } 781 782 e = next_dir_entry(e); 783 } 784 785 bitmap_directory_to_be(dir, dir_size); 786 787 if (!in_place) { 788 dir_offset = qcow2_alloc_clusters(bs, dir_size); 789 if (dir_offset < 0) { 790 ret = dir_offset; 791 goto fail; 792 } 793 } 794 795 /* Actually, even in the in-place case ignoring QCOW2_OL_BITMAP_DIRECTORY 796 * is not necessary, because we drop QCOW2_AUTOCLEAR_BITMAPS when updating 797 * bitmap directory in-place (actually, turn-off the extension), which is 798 * checked in qcow2_check_metadata_overlap() */ 799 ret = qcow2_pre_write_overlap_check( 800 bs, in_place ? QCOW2_OL_BITMAP_DIRECTORY : 0, dir_offset, dir_size, 801 false); 802 if (ret < 0) { 803 goto fail; 804 } 805 806 ret = bdrv_pwrite(bs->file, dir_offset, dir_size, dir, 0); 807 if (ret < 0) { 808 goto fail; 809 } 810 811 g_free(dir); 812 813 if (!in_place) { 814 *size = dir_size; 815 *offset = dir_offset; 816 } 817 818 return 0; 819 820 fail: 821 g_free(dir); 822 823 if (!in_place && dir_offset > 0) { 824 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER); 825 } 826 827 return ret; 828 } 829 830 /* 831 * Bitmap List end 832 */ 833 834 static int GRAPH_RDLOCK 835 update_ext_header_and_dir_in_place(BlockDriverState *bs, 836 Qcow2BitmapList *bm_list) 837 { 838 BDRVQcow2State *s = bs->opaque; 839 int ret; 840 841 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) || 842 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) || 843 bitmap_list_count(bm_list) != s->nb_bitmaps) 844 { 845 return -EINVAL; 846 } 847 848 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 849 ret = update_header_sync(bs); 850 if (ret < 0) { 851 /* Two variants are possible here: 852 * 1. Autoclear flag is dropped, all bitmaps will be lost. 853 * 2. Autoclear flag is not dropped, old state is left. 854 */ 855 return ret; 856 } 857 858 /* autoclear bit is not set, so we can safely update bitmap directory */ 859 860 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset, 861 &s->bitmap_directory_size, true); 862 if (ret < 0) { 863 /* autoclear bit is cleared, so all leaked clusters would be removed on 864 * qemu-img check */ 865 return ret; 866 } 867 868 ret = update_header_sync(bs); 869 if (ret < 0) { 870 /* autoclear bit is cleared, so all leaked clusters would be removed on 871 * qemu-img check */ 872 return ret; 873 } 874 875 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 876 return update_header_sync(bs); 877 /* If final update_header_sync() fails, two variants are possible: 878 * 1. Autoclear flag is not set, all bitmaps will be lost. 879 * 2. Autoclear flag is set, header and directory are successfully updated. 880 */ 881 } 882 883 static int GRAPH_RDLOCK 884 update_ext_header_and_dir(BlockDriverState *bs, Qcow2BitmapList *bm_list) 885 { 886 BDRVQcow2State *s = bs->opaque; 887 int ret; 888 uint64_t new_offset = 0; 889 uint64_t new_size = 0; 890 uint32_t new_nb_bitmaps = 0; 891 uint64_t old_offset = s->bitmap_directory_offset; 892 uint64_t old_size = s->bitmap_directory_size; 893 uint32_t old_nb_bitmaps = s->nb_bitmaps; 894 uint64_t old_autocl = s->autoclear_features; 895 896 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) { 897 new_nb_bitmaps = bitmap_list_count(bm_list); 898 899 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 900 return -EINVAL; 901 } 902 903 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false); 904 if (ret < 0) { 905 return ret; 906 } 907 908 ret = qcow2_flush_caches(bs); 909 if (ret < 0) { 910 goto fail; 911 } 912 913 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 914 } else { 915 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 916 } 917 918 s->bitmap_directory_offset = new_offset; 919 s->bitmap_directory_size = new_size; 920 s->nb_bitmaps = new_nb_bitmaps; 921 922 ret = update_header_sync(bs); 923 if (ret < 0) { 924 goto fail; 925 } 926 927 if (old_size > 0) { 928 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER); 929 } 930 931 return 0; 932 933 fail: 934 if (new_offset > 0) { 935 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER); 936 } 937 938 s->bitmap_directory_offset = old_offset; 939 s->bitmap_directory_size = old_size; 940 s->nb_bitmaps = old_nb_bitmaps; 941 s->autoclear_features = old_autocl; 942 943 return ret; 944 } 945 946 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 947 static void release_dirty_bitmap_helper(gpointer bitmap, 948 gpointer bs) 949 { 950 bdrv_release_dirty_bitmap(bitmap); 951 } 952 953 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 954 static void set_readonly_helper(gpointer bitmap, gpointer value) 955 { 956 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value); 957 } 958 959 /* 960 * Return true on success, false on failure. 961 * If header_updated is not NULL then it is set appropriately regardless of 962 * the return value. 963 */ 964 bool coroutine_fn GRAPH_RDLOCK 965 qcow2_load_dirty_bitmaps(BlockDriverState *bs, 966 bool *header_updated, Error **errp) 967 { 968 BDRVQcow2State *s = bs->opaque; 969 Qcow2BitmapList *bm_list; 970 Qcow2Bitmap *bm; 971 GSList *created_dirty_bitmaps = NULL; 972 bool needs_update = false; 973 974 if (header_updated) { 975 *header_updated = false; 976 } 977 978 if (s->nb_bitmaps == 0) { 979 /* No bitmaps - nothing to do */ 980 return true; 981 } 982 983 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 984 s->bitmap_directory_size, errp); 985 if (bm_list == NULL) { 986 return false; 987 } 988 989 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 990 BdrvDirtyBitmap *bitmap; 991 992 if ((bm->flags & BME_FLAG_IN_USE) && 993 bdrv_find_dirty_bitmap(bs, bm->name)) 994 { 995 /* 996 * We already have corresponding BdrvDirtyBitmap, and bitmap in the 997 * image is marked IN_USE. Firstly, this state is valid, no reason 998 * to consider existing BdrvDirtyBitmap to be bad. Secondly it's 999 * absolutely possible, when we do migration with shared storage 1000 * with dirty-bitmaps capability enabled: if the bitmap was loaded 1001 * from this storage before migration start, the storage will 1002 * of-course contain IN_USE outdated version of the bitmap, and we 1003 * should not load it on migration target, as we already have this 1004 * bitmap, being migrated. 1005 */ 1006 continue; 1007 } 1008 1009 bitmap = load_bitmap(bs, bm, errp); 1010 if (bitmap == NULL) { 1011 goto fail; 1012 } 1013 1014 bdrv_dirty_bitmap_set_persistence(bitmap, true); 1015 if (bm->flags & BME_FLAG_IN_USE) { 1016 bdrv_dirty_bitmap_set_inconsistent(bitmap); 1017 } else { 1018 /* NB: updated flags only get written if can_write(bs) is true. */ 1019 bm->flags |= BME_FLAG_IN_USE; 1020 needs_update = true; 1021 } 1022 if (!(bm->flags & BME_FLAG_AUTO)) { 1023 bdrv_disable_dirty_bitmap(bitmap); 1024 } 1025 created_dirty_bitmaps = 1026 g_slist_append(created_dirty_bitmaps, bitmap); 1027 } 1028 1029 if (needs_update && can_write(bs)) { 1030 /* in_use flags must be updated */ 1031 int ret = update_ext_header_and_dir_in_place(bs, bm_list); 1032 if (ret < 0) { 1033 error_setg_errno(errp, -ret, "Can't update bitmap directory"); 1034 goto fail; 1035 } 1036 if (header_updated) { 1037 *header_updated = true; 1038 } 1039 } 1040 1041 if (!can_write(bs)) { 1042 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper, 1043 (gpointer)true); 1044 } 1045 1046 g_slist_free(created_dirty_bitmaps); 1047 bitmap_list_free(bm_list); 1048 1049 return true; 1050 1051 fail: 1052 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs); 1053 g_slist_free(created_dirty_bitmaps); 1054 bitmap_list_free(bm_list); 1055 1056 return false; 1057 } 1058 1059 1060 static Qcow2BitmapInfoFlagsList *get_bitmap_info_flags(uint32_t flags) 1061 { 1062 Qcow2BitmapInfoFlagsList *list = NULL; 1063 Qcow2BitmapInfoFlagsList **tail = &list; 1064 int i; 1065 1066 static const struct { 1067 int bme; /* Bitmap directory entry flags */ 1068 int info; /* The flags to report to the user */ 1069 } map[] = { 1070 { BME_FLAG_IN_USE, QCOW2_BITMAP_INFO_FLAGS_IN_USE }, 1071 { BME_FLAG_AUTO, QCOW2_BITMAP_INFO_FLAGS_AUTO }, 1072 }; 1073 1074 int map_size = ARRAY_SIZE(map); 1075 1076 for (i = 0; i < map_size; ++i) { 1077 if (flags & map[i].bme) { 1078 QAPI_LIST_APPEND(tail, map[i].info); 1079 flags &= ~map[i].bme; 1080 } 1081 } 1082 /* Check if the BME_* mapping above is complete */ 1083 assert(!flags); 1084 1085 return list; 1086 } 1087 1088 /* 1089 * qcow2_get_bitmap_info_list() 1090 * Returns a list of QCOW2 bitmap details. 1091 * On success return true with info_list set (note, that if there are no 1092 * bitmaps, info_list is set to NULL). 1093 * On failure return false with errp set. 1094 */ 1095 bool qcow2_get_bitmap_info_list(BlockDriverState *bs, 1096 Qcow2BitmapInfoList **info_list, Error **errp) 1097 { 1098 BDRVQcow2State *s = bs->opaque; 1099 Qcow2BitmapList *bm_list; 1100 Qcow2Bitmap *bm; 1101 Qcow2BitmapInfoList **tail; 1102 1103 if (s->nb_bitmaps == 0) { 1104 *info_list = NULL; 1105 return true; 1106 } 1107 1108 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1109 s->bitmap_directory_size, errp); 1110 if (!bm_list) { 1111 return false; 1112 } 1113 1114 *info_list = NULL; 1115 tail = info_list; 1116 1117 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1118 Qcow2BitmapInfo *info = g_new0(Qcow2BitmapInfo, 1); 1119 info->granularity = 1U << bm->granularity_bits; 1120 info->name = g_strdup(bm->name); 1121 info->flags = get_bitmap_info_flags(bm->flags & ~BME_RESERVED_FLAGS); 1122 QAPI_LIST_APPEND(tail, info); 1123 } 1124 1125 bitmap_list_free(bm_list); 1126 1127 return true; 1128 } 1129 1130 int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp) 1131 { 1132 BDRVQcow2State *s = bs->opaque; 1133 Qcow2BitmapList *bm_list; 1134 Qcow2Bitmap *bm; 1135 GSList *ro_dirty_bitmaps = NULL; 1136 int ret = -EINVAL; 1137 bool need_header_update = false; 1138 1139 if (s->nb_bitmaps == 0) { 1140 /* No bitmaps - nothing to do */ 1141 return 0; 1142 } 1143 1144 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1145 s->bitmap_directory_size, errp); 1146 if (bm_list == NULL) { 1147 return -EINVAL; 1148 } 1149 1150 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1151 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1152 1153 if (!bitmap) { 1154 error_setg(errp, "Unexpected bitmap '%s' in image '%s'", 1155 bm->name, bs->filename); 1156 goto out; 1157 } 1158 1159 if (!(bm->flags & BME_FLAG_IN_USE)) { 1160 if (!bdrv_dirty_bitmap_readonly(bitmap)) { 1161 error_setg(errp, "Corruption: bitmap '%s' is not marked IN_USE " 1162 "in the image '%s' and not marked readonly in RAM", 1163 bm->name, bs->filename); 1164 goto out; 1165 } 1166 if (bdrv_dirty_bitmap_inconsistent(bitmap)) { 1167 error_setg(errp, "Corruption: bitmap '%s' is inconsistent but " 1168 "is not marked IN_USE in the image '%s'", bm->name, 1169 bs->filename); 1170 goto out; 1171 } 1172 1173 bm->flags |= BME_FLAG_IN_USE; 1174 need_header_update = true; 1175 } else { 1176 /* 1177 * What if flags already has BME_FLAG_IN_USE ? 1178 * 1179 * 1. if we are reopening RW -> RW it's OK, of course. 1180 * 2. if we are reopening RO -> RW: 1181 * 2.1 if @bitmap is inconsistent, it's OK. It means that it was 1182 * inconsistent (IN_USE) when we loaded it 1183 * 2.2 if @bitmap is not inconsistent. This seems to be impossible 1184 * and implies third party interaction. Let's error-out for 1185 * safety. 1186 */ 1187 if (bdrv_dirty_bitmap_readonly(bitmap) && 1188 !bdrv_dirty_bitmap_inconsistent(bitmap)) 1189 { 1190 error_setg(errp, "Corruption: bitmap '%s' is marked IN_USE " 1191 "in the image '%s' but it is readonly and " 1192 "consistent in RAM", 1193 bm->name, bs->filename); 1194 goto out; 1195 } 1196 } 1197 1198 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1199 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap); 1200 } 1201 } 1202 1203 if (need_header_update) { 1204 if (!can_write(bs->file->bs) || !(bs->file->perm & BLK_PERM_WRITE)) { 1205 error_setg(errp, "Failed to reopen bitmaps rw: no write access " 1206 "the protocol file"); 1207 goto out; 1208 } 1209 1210 /* in_use flags must be updated */ 1211 ret = update_ext_header_and_dir_in_place(bs, bm_list); 1212 if (ret < 0) { 1213 error_setg_errno(errp, -ret, "Cannot update bitmap directory"); 1214 goto out; 1215 } 1216 } 1217 1218 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, (gpointer)false); 1219 ret = 0; 1220 1221 out: 1222 g_slist_free(ro_dirty_bitmaps); 1223 bitmap_list_free(bm_list); 1224 1225 return ret; 1226 } 1227 1228 /* Checks to see if it's safe to resize bitmaps */ 1229 int coroutine_fn qcow2_truncate_bitmaps_check(BlockDriverState *bs, Error **errp) 1230 { 1231 BDRVQcow2State *s = bs->opaque; 1232 Qcow2BitmapList *bm_list; 1233 Qcow2Bitmap *bm; 1234 int ret = 0; 1235 1236 if (s->nb_bitmaps == 0) { 1237 return 0; 1238 } 1239 1240 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1241 s->bitmap_directory_size, errp); 1242 if (bm_list == NULL) { 1243 return -EINVAL; 1244 } 1245 1246 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1247 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1248 if (bitmap == NULL) { 1249 /* 1250 * We rely on all bitmaps being in-memory to be able to resize them, 1251 * Otherwise, we'd need to resize them on disk explicitly 1252 */ 1253 error_setg(errp, "Cannot resize qcow2 with persistent bitmaps that " 1254 "were not loaded into memory"); 1255 ret = -ENOTSUP; 1256 goto out; 1257 } 1258 1259 /* 1260 * The checks against readonly and busy are redundant, but certainly 1261 * do no harm. checks against inconsistent are crucial: 1262 */ 1263 if (bdrv_dirty_bitmap_check(bitmap, BDRV_BITMAP_DEFAULT, errp)) { 1264 ret = -ENOTSUP; 1265 goto out; 1266 } 1267 } 1268 1269 out: 1270 bitmap_list_free(bm_list); 1271 return ret; 1272 } 1273 1274 /* store_bitmap_data() 1275 * Store bitmap to image, filling bitmap table accordingly. 1276 */ 1277 static uint64_t * GRAPH_RDLOCK 1278 store_bitmap_data(BlockDriverState *bs, BdrvDirtyBitmap *bitmap, 1279 uint32_t *bitmap_table_size, Error **errp) 1280 { 1281 int ret; 1282 BDRVQcow2State *s = bs->opaque; 1283 int64_t offset; 1284 uint64_t limit; 1285 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 1286 const char *bm_name = bdrv_dirty_bitmap_name(bitmap); 1287 uint8_t *buf = NULL; 1288 uint64_t *tb; 1289 uint64_t tb_size = 1290 size_to_clusters(s, 1291 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 1292 1293 if (tb_size > BME_MAX_TABLE_SIZE || 1294 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE) 1295 { 1296 error_setg(errp, "Bitmap '%s' is too big", bm_name); 1297 return NULL; 1298 } 1299 1300 tb = g_try_new0(uint64_t, tb_size); 1301 if (tb == NULL) { 1302 error_setg(errp, "No memory"); 1303 return NULL; 1304 } 1305 1306 buf = g_malloc(s->cluster_size); 1307 limit = bdrv_dirty_bitmap_serialization_coverage(s->cluster_size, bitmap); 1308 assert(DIV_ROUND_UP(bm_size, limit) == tb_size); 1309 1310 offset = 0; 1311 while ((offset = bdrv_dirty_bitmap_next_dirty(bitmap, offset, INT64_MAX)) 1312 >= 0) 1313 { 1314 uint64_t cluster = offset / limit; 1315 uint64_t end, write_size; 1316 int64_t off; 1317 1318 /* 1319 * We found the first dirty offset, but want to write out the 1320 * entire cluster of the bitmap that includes that offset, 1321 * including any leading zero bits. 1322 */ 1323 offset = QEMU_ALIGN_DOWN(offset, limit); 1324 end = MIN(bm_size, offset + limit); 1325 write_size = bdrv_dirty_bitmap_serialization_size(bitmap, offset, 1326 end - offset); 1327 assert(write_size <= s->cluster_size); 1328 1329 off = qcow2_alloc_clusters(bs, s->cluster_size); 1330 if (off < 0) { 1331 error_setg_errno(errp, -off, 1332 "Failed to allocate clusters for bitmap '%s'", 1333 bm_name); 1334 goto fail; 1335 } 1336 tb[cluster] = off; 1337 1338 bdrv_dirty_bitmap_serialize_part(bitmap, buf, offset, end - offset); 1339 if (write_size < s->cluster_size) { 1340 memset(buf + write_size, 0, s->cluster_size - write_size); 1341 } 1342 1343 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size, false); 1344 if (ret < 0) { 1345 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1346 goto fail; 1347 } 1348 1349 ret = bdrv_pwrite(bs->file, off, s->cluster_size, buf, 0); 1350 if (ret < 0) { 1351 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1352 bm_name); 1353 goto fail; 1354 } 1355 1356 offset = end; 1357 } 1358 1359 *bitmap_table_size = tb_size; 1360 g_free(buf); 1361 1362 return tb; 1363 1364 fail: 1365 clear_bitmap_table(bs, tb, tb_size); 1366 g_free(buf); 1367 g_free(tb); 1368 1369 return NULL; 1370 } 1371 1372 /* store_bitmap() 1373 * Store bm->dirty_bitmap to qcow2. 1374 * Set bm->table_offset and bm->table_size accordingly. 1375 */ 1376 static int GRAPH_RDLOCK 1377 store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp) 1378 { 1379 int ret; 1380 uint64_t *tb; 1381 int64_t tb_offset; 1382 uint32_t tb_size; 1383 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap; 1384 const char *bm_name; 1385 1386 assert(bitmap != NULL); 1387 1388 bm_name = bdrv_dirty_bitmap_name(bitmap); 1389 1390 tb = store_bitmap_data(bs, bitmap, &tb_size, errp); 1391 if (tb == NULL) { 1392 return -EINVAL; 1393 } 1394 1395 assert(tb_size <= BME_MAX_TABLE_SIZE); 1396 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0])); 1397 if (tb_offset < 0) { 1398 error_setg_errno(errp, -tb_offset, 1399 "Failed to allocate clusters for bitmap '%s'", 1400 bm_name); 1401 ret = tb_offset; 1402 goto fail; 1403 } 1404 1405 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset, 1406 tb_size * sizeof(tb[0]), false); 1407 if (ret < 0) { 1408 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1409 goto fail; 1410 } 1411 1412 bitmap_table_bswap_be(tb, tb_size); 1413 ret = bdrv_pwrite(bs->file, tb_offset, tb_size * sizeof(tb[0]), tb, 0); 1414 if (ret < 0) { 1415 bitmap_table_bswap_be(tb, tb_size); 1416 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1417 bm_name); 1418 goto fail; 1419 } 1420 1421 g_free(tb); 1422 1423 bm->table.offset = tb_offset; 1424 bm->table.size = tb_size; 1425 1426 return 0; 1427 1428 fail: 1429 clear_bitmap_table(bs, tb, tb_size); 1430 1431 if (tb_offset > 0) { 1432 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]), 1433 QCOW2_DISCARD_OTHER); 1434 } 1435 1436 g_free(tb); 1437 1438 return ret; 1439 } 1440 1441 static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list, 1442 const char *name) 1443 { 1444 Qcow2Bitmap *bm; 1445 1446 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1447 if (strcmp(name, bm->name) == 0) { 1448 return bm; 1449 } 1450 } 1451 1452 return NULL; 1453 } 1454 1455 int coroutine_fn qcow2_co_remove_persistent_dirty_bitmap(BlockDriverState *bs, 1456 const char *name, 1457 Error **errp) 1458 { 1459 int ret; 1460 BDRVQcow2State *s = bs->opaque; 1461 Qcow2Bitmap *bm = NULL; 1462 Qcow2BitmapList *bm_list; 1463 1464 if (s->nb_bitmaps == 0) { 1465 /* 1466 * Absence of the bitmap is not an error: see explanation above 1467 * bdrv_co_remove_persistent_dirty_bitmap() definition. 1468 */ 1469 return 0; 1470 } 1471 1472 qemu_co_mutex_lock(&s->lock); 1473 1474 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1475 s->bitmap_directory_size, errp); 1476 if (bm_list == NULL) { 1477 ret = -EIO; 1478 goto out; 1479 } 1480 1481 bm = find_bitmap_by_name(bm_list, name); 1482 if (bm == NULL) { 1483 /* Absence of the bitmap is not an error, see above. */ 1484 ret = 0; 1485 goto out; 1486 } 1487 1488 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry); 1489 1490 ret = update_ext_header_and_dir(bs, bm_list); 1491 if (ret < 0) { 1492 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1493 goto out; 1494 } 1495 1496 free_bitmap_clusters(bs, &bm->table); 1497 1498 out: 1499 qemu_co_mutex_unlock(&s->lock); 1500 1501 bitmap_free(bm); 1502 bitmap_list_free(bm_list); 1503 1504 return ret; 1505 } 1506 1507 /* 1508 * qcow2_store_persistent_dirty_bitmaps 1509 * 1510 * Stores persistent BdrvDirtyBitmap objects. 1511 * 1512 * @release_stored: if true, release BdrvDirtyBitmap's after storing to the 1513 * image. This is used in two cases, both via qcow2_inactivate: 1514 * 1. bdrv_close: It's correct to remove bitmaps on close. 1515 * 2. migration: If bitmaps are migrated through migration channel via 1516 * 'dirty-bitmaps' migration capability they are not handled by this code. 1517 * Otherwise, it's OK to drop BdrvDirtyBitmap's and reload them on 1518 * invalidation. 1519 * 1520 * Anyway, it's correct to remove BdrvDirtyBitmap's on inactivation, as 1521 * inactivation means that we lose control on disk, and therefore on bitmaps, 1522 * we should sync them and do not touch more. 1523 * 1524 * Contrariwise, we don't want to release any bitmaps on just reopen-to-ro, 1525 * when we need to store them, as image is still under our control, and it's 1526 * good to keep all the bitmaps in read-only mode. Moreover, keeping them 1527 * read-only is correct because this is what would happen if we opened the node 1528 * readonly to begin with, and whether we opened directly or reopened to that 1529 * state shouldn't matter for the state we get afterward. 1530 */ 1531 bool qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, 1532 bool release_stored, Error **errp) 1533 { 1534 ERRP_GUARD(); 1535 BdrvDirtyBitmap *bitmap; 1536 BDRVQcow2State *s = bs->opaque; 1537 uint32_t new_nb_bitmaps = s->nb_bitmaps; 1538 uint64_t new_dir_size = s->bitmap_directory_size; 1539 int ret; 1540 Qcow2BitmapList *bm_list; 1541 Qcow2Bitmap *bm; 1542 QSIMPLEQ_HEAD(, Qcow2BitmapTable) drop_tables; 1543 Qcow2BitmapTable *tb, *tb_next; 1544 bool need_write = false; 1545 1546 QSIMPLEQ_INIT(&drop_tables); 1547 1548 if (s->nb_bitmaps == 0) { 1549 bm_list = bitmap_list_new(); 1550 } else { 1551 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1552 s->bitmap_directory_size, errp); 1553 if (bm_list == NULL) { 1554 return false; 1555 } 1556 } 1557 1558 /* check constraints and names */ 1559 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1560 const char *name = bdrv_dirty_bitmap_name(bitmap); 1561 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap); 1562 1563 if (!bdrv_dirty_bitmap_get_persistence(bitmap) || 1564 bdrv_dirty_bitmap_inconsistent(bitmap)) { 1565 continue; 1566 } 1567 1568 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1569 /* 1570 * Store the bitmap in the associated Qcow2Bitmap so it 1571 * can be released later 1572 */ 1573 bm = find_bitmap_by_name(bm_list, name); 1574 if (bm) { 1575 bm->dirty_bitmap = bitmap; 1576 } 1577 continue; 1578 } 1579 1580 need_write = true; 1581 1582 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) { 1583 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ", 1584 name); 1585 goto fail; 1586 } 1587 1588 bm = find_bitmap_by_name(bm_list, name); 1589 if (bm == NULL) { 1590 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 1591 error_setg(errp, "Too many persistent bitmaps"); 1592 goto fail; 1593 } 1594 1595 new_dir_size += calc_dir_entry_size(strlen(name), 0); 1596 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1597 error_setg(errp, "Bitmap directory is too large"); 1598 goto fail; 1599 } 1600 1601 bm = g_new0(Qcow2Bitmap, 1); 1602 bm->name = g_strdup(name); 1603 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 1604 } else { 1605 if (!(bm->flags & BME_FLAG_IN_USE)) { 1606 error_setg(errp, "Bitmap '%s' already exists in the image", 1607 name); 1608 goto fail; 1609 } 1610 tb = g_memdup(&bm->table, sizeof(bm->table)); 1611 bm->table.offset = 0; 1612 bm->table.size = 0; 1613 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry); 1614 } 1615 bm->flags = bdrv_dirty_bitmap_enabled(bitmap) ? BME_FLAG_AUTO : 0; 1616 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap)); 1617 bm->dirty_bitmap = bitmap; 1618 } 1619 1620 if (!need_write) { 1621 goto success; 1622 } 1623 1624 if (!can_write(bs)) { 1625 error_setg(errp, "No write access"); 1626 goto fail; 1627 } 1628 1629 /* allocate clusters and store bitmaps */ 1630 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1631 bitmap = bm->dirty_bitmap; 1632 1633 if (bitmap == NULL || bdrv_dirty_bitmap_readonly(bitmap)) { 1634 continue; 1635 } 1636 1637 ret = store_bitmap(bs, bm, errp); 1638 if (ret < 0) { 1639 goto fail; 1640 } 1641 } 1642 1643 ret = update_ext_header_and_dir(bs, bm_list); 1644 if (ret < 0) { 1645 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1646 goto fail; 1647 } 1648 1649 /* Bitmap directory was successfully updated, so, old data can be dropped. 1650 * TODO it is better to reuse these clusters */ 1651 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1652 free_bitmap_clusters(bs, tb); 1653 g_free(tb); 1654 } 1655 1656 success: 1657 if (release_stored) { 1658 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1659 if (bm->dirty_bitmap == NULL) { 1660 continue; 1661 } 1662 1663 bdrv_release_dirty_bitmap(bm->dirty_bitmap); 1664 } 1665 } 1666 1667 bitmap_list_free(bm_list); 1668 return true; 1669 1670 fail: 1671 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1672 if (bm->dirty_bitmap == NULL || bm->table.offset == 0 || 1673 bdrv_dirty_bitmap_readonly(bm->dirty_bitmap)) 1674 { 1675 continue; 1676 } 1677 1678 free_bitmap_clusters(bs, &bm->table); 1679 } 1680 1681 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1682 g_free(tb); 1683 } 1684 1685 bitmap_list_free(bm_list); 1686 return false; 1687 } 1688 1689 int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp) 1690 { 1691 BdrvDirtyBitmap *bitmap; 1692 1693 if (!qcow2_store_persistent_dirty_bitmaps(bs, false, errp)) { 1694 return -EINVAL; 1695 } 1696 1697 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1698 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1699 bdrv_dirty_bitmap_set_readonly(bitmap, true); 1700 } 1701 } 1702 1703 return 0; 1704 } 1705 1706 bool coroutine_fn qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, 1707 const char *name, 1708 uint32_t granularity, 1709 Error **errp) 1710 { 1711 BDRVQcow2State *s = bs->opaque; 1712 BdrvDirtyBitmap *bitmap; 1713 uint64_t bitmap_directory_size = 0; 1714 uint32_t nb_bitmaps = 0; 1715 1716 if (bdrv_find_dirty_bitmap(bs, name)) { 1717 error_setg(errp, "Bitmap already exists: %s", name); 1718 return false; 1719 } 1720 1721 if (s->qcow_version < 3) { 1722 /* Without autoclear_features, we would always have to assume 1723 * that a program without persistent dirty bitmap support has 1724 * accessed this qcow2 file when opening it, and would thus 1725 * have to drop all dirty bitmaps (defeating their purpose). 1726 */ 1727 error_setg(errp, "Cannot store dirty bitmaps in qcow2 v2 files"); 1728 goto fail; 1729 } 1730 1731 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) { 1732 goto fail; 1733 } 1734 1735 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1736 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1737 nb_bitmaps++; 1738 bitmap_directory_size += 1739 calc_dir_entry_size(strlen(bdrv_dirty_bitmap_name(bitmap)), 0); 1740 } 1741 } 1742 nb_bitmaps++; 1743 bitmap_directory_size += calc_dir_entry_size(strlen(name), 0); 1744 1745 if (nb_bitmaps > QCOW2_MAX_BITMAPS) { 1746 error_setg(errp, 1747 "Maximum number of persistent bitmaps is already reached"); 1748 goto fail; 1749 } 1750 1751 if (bitmap_directory_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1752 error_setg(errp, "Not enough space in the bitmap directory"); 1753 goto fail; 1754 } 1755 1756 return true; 1757 1758 fail: 1759 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ", 1760 name, bdrv_get_device_or_node_name(bs)); 1761 return false; 1762 } 1763 1764 bool qcow2_supports_persistent_dirty_bitmap(BlockDriverState *bs) 1765 { 1766 BDRVQcow2State *s = bs->opaque; 1767 1768 return s->qcow_version >= 3; 1769 } 1770 1771 /* 1772 * Compute the space required to copy bitmaps from @in_bs. 1773 * 1774 * The computation is based as if copying to a new image with the 1775 * given @cluster_size, which may differ from the cluster size in 1776 * @in_bs; in fact, @in_bs might be something other than qcow2. 1777 */ 1778 uint64_t qcow2_get_persistent_dirty_bitmap_size(BlockDriverState *in_bs, 1779 uint32_t cluster_size) 1780 { 1781 uint64_t bitmaps_size = 0; 1782 BdrvDirtyBitmap *bm; 1783 size_t bitmap_dir_size = 0; 1784 1785 FOR_EACH_DIRTY_BITMAP(in_bs, bm) { 1786 if (bdrv_dirty_bitmap_get_persistence(bm)) { 1787 const char *name = bdrv_dirty_bitmap_name(bm); 1788 uint32_t granularity = bdrv_dirty_bitmap_granularity(bm); 1789 uint64_t bmbytes = 1790 get_bitmap_bytes_needed(bdrv_dirty_bitmap_size(bm), 1791 granularity); 1792 uint64_t bmclusters = DIV_ROUND_UP(bmbytes, cluster_size); 1793 1794 /* Assume the entire bitmap is allocated */ 1795 bitmaps_size += bmclusters * cluster_size; 1796 /* Also reserve space for the bitmap table entries */ 1797 bitmaps_size += ROUND_UP(bmclusters * BME_TABLE_ENTRY_SIZE, 1798 cluster_size); 1799 /* And space for contribution to bitmap directory size */ 1800 bitmap_dir_size += calc_dir_entry_size(strlen(name), 0); 1801 } 1802 } 1803 bitmaps_size += ROUND_UP(bitmap_dir_size, cluster_size); 1804 1805 return bitmaps_size; 1806 } 1807