1 /* 2 * Bitmaps for the QCOW version 2 format 3 * 4 * Copyright (c) 2014-2017 Vladimir Sementsov-Ogievskiy 5 * 6 * This file is derived from qcow2-snapshot.c, original copyright: 7 * Copyright (c) 2004-2006 Fabrice Bellard 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu/osdep.h" 29 #include "qapi/error.h" 30 #include "qemu/cutils.h" 31 32 #include "qcow2.h" 33 34 /* NOTICE: BME here means Bitmaps Extension and used as a namespace for 35 * _internal_ constants. Please do not use this _internal_ abbreviation for 36 * other needs and/or outside of this file. */ 37 38 /* Bitmap directory entry constraints */ 39 #define BME_MAX_TABLE_SIZE 0x8000000 40 #define BME_MAX_PHYS_SIZE 0x20000000 /* restrict BdrvDirtyBitmap size in RAM */ 41 #define BME_MAX_GRANULARITY_BITS 31 42 #define BME_MIN_GRANULARITY_BITS 9 43 #define BME_MAX_NAME_SIZE 1023 44 45 /* Size of bitmap table entries */ 46 #define BME_TABLE_ENTRY_SIZE (sizeof(uint64_t)) 47 48 QEMU_BUILD_BUG_ON(BME_MAX_NAME_SIZE != BDRV_BITMAP_MAX_NAME_SIZE); 49 50 #if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX 51 #error In the code bitmap table physical size assumed to fit into int 52 #endif 53 54 /* Bitmap directory entry flags */ 55 #define BME_RESERVED_FLAGS 0xfffffffcU 56 #define BME_FLAG_IN_USE (1U << 0) 57 #define BME_FLAG_AUTO (1U << 1) 58 59 /* bits [1, 8] U [56, 63] are reserved */ 60 #define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL 61 #define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL 62 #define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0) 63 64 typedef struct QEMU_PACKED Qcow2BitmapDirEntry { 65 /* header is 8 byte aligned */ 66 uint64_t bitmap_table_offset; 67 68 uint32_t bitmap_table_size; 69 uint32_t flags; 70 71 uint8_t type; 72 uint8_t granularity_bits; 73 uint16_t name_size; 74 uint32_t extra_data_size; 75 /* extra data follows */ 76 /* name follows */ 77 } Qcow2BitmapDirEntry; 78 79 typedef struct Qcow2BitmapTable { 80 uint64_t offset; 81 uint32_t size; /* number of 64bit entries */ 82 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry; 83 } Qcow2BitmapTable; 84 85 typedef struct Qcow2Bitmap { 86 Qcow2BitmapTable table; 87 uint32_t flags; 88 uint8_t granularity_bits; 89 char *name; 90 91 BdrvDirtyBitmap *dirty_bitmap; 92 93 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry; 94 } Qcow2Bitmap; 95 typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList; 96 97 typedef enum BitmapType { 98 BT_DIRTY_TRACKING_BITMAP = 1 99 } BitmapType; 100 101 static inline bool can_write(BlockDriverState *bs) 102 { 103 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 104 } 105 106 static int update_header_sync(BlockDriverState *bs) 107 { 108 int ret; 109 110 ret = qcow2_update_header(bs); 111 if (ret < 0) { 112 return ret; 113 } 114 115 return bdrv_flush(bs->file->bs); 116 } 117 118 static inline void bitmap_table_to_be(uint64_t *bitmap_table, size_t size) 119 { 120 size_t i; 121 122 for (i = 0; i < size; ++i) { 123 bitmap_table[i] = cpu_to_be64(bitmap_table[i]); 124 } 125 } 126 127 static int check_table_entry(uint64_t entry, int cluster_size) 128 { 129 uint64_t offset; 130 131 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) { 132 return -EINVAL; 133 } 134 135 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 136 if (offset != 0) { 137 /* if offset specified, bit 0 is reserved */ 138 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 139 return -EINVAL; 140 } 141 142 if (offset % cluster_size != 0) { 143 return -EINVAL; 144 } 145 } 146 147 return 0; 148 } 149 150 static int64_t get_bitmap_bytes_needed(int64_t len, uint32_t granularity) 151 { 152 int64_t num_bits = DIV_ROUND_UP(len, granularity); 153 154 return DIV_ROUND_UP(num_bits, 8); 155 } 156 157 static int check_constraints_on_bitmap(BlockDriverState *bs, 158 const char *name, 159 uint32_t granularity, 160 Error **errp) 161 { 162 BDRVQcow2State *s = bs->opaque; 163 int granularity_bits = ctz32(granularity); 164 int64_t len = bdrv_getlength(bs); 165 int64_t bitmap_bytes; 166 167 assert(granularity > 0); 168 assert((granularity & (granularity - 1)) == 0); 169 170 if (len < 0) { 171 error_setg_errno(errp, -len, "Failed to get size of '%s'", 172 bdrv_get_device_or_node_name(bs)); 173 return len; 174 } 175 176 if (granularity_bits > BME_MAX_GRANULARITY_BITS) { 177 error_setg(errp, "Granularity exceeds maximum (%llu bytes)", 178 1ULL << BME_MAX_GRANULARITY_BITS); 179 return -EINVAL; 180 } 181 if (granularity_bits < BME_MIN_GRANULARITY_BITS) { 182 error_setg(errp, "Granularity is under minimum (%llu bytes)", 183 1ULL << BME_MIN_GRANULARITY_BITS); 184 return -EINVAL; 185 } 186 187 bitmap_bytes = get_bitmap_bytes_needed(len, granularity); 188 if ((bitmap_bytes > (uint64_t)BME_MAX_PHYS_SIZE) || 189 (bitmap_bytes > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size)) 190 { 191 error_setg(errp, "Too much space will be occupied by the bitmap. " 192 "Use larger granularity"); 193 return -EINVAL; 194 } 195 196 if (strlen(name) > BME_MAX_NAME_SIZE) { 197 error_setg(errp, "Name length exceeds maximum (%u characters)", 198 BME_MAX_NAME_SIZE); 199 return -EINVAL; 200 } 201 202 return 0; 203 } 204 205 static void clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table, 206 uint32_t bitmap_table_size) 207 { 208 BDRVQcow2State *s = bs->opaque; 209 int i; 210 211 for (i = 0; i < bitmap_table_size; ++i) { 212 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK; 213 if (!addr) { 214 continue; 215 } 216 217 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_ALWAYS); 218 bitmap_table[i] = 0; 219 } 220 } 221 222 static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb, 223 uint64_t **bitmap_table) 224 { 225 int ret; 226 BDRVQcow2State *s = bs->opaque; 227 uint32_t i; 228 uint64_t *table; 229 230 assert(tb->size != 0); 231 table = g_try_new(uint64_t, tb->size); 232 if (table == NULL) { 233 return -ENOMEM; 234 } 235 236 assert(tb->size <= BME_MAX_TABLE_SIZE); 237 ret = bdrv_pread(bs->file, tb->offset, 238 table, tb->size * BME_TABLE_ENTRY_SIZE); 239 if (ret < 0) { 240 goto fail; 241 } 242 243 for (i = 0; i < tb->size; ++i) { 244 table[i] = be64_to_cpu(table[i]); 245 ret = check_table_entry(table[i], s->cluster_size); 246 if (ret < 0) { 247 goto fail; 248 } 249 } 250 251 *bitmap_table = table; 252 return 0; 253 254 fail: 255 g_free(table); 256 257 return ret; 258 } 259 260 static int free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb) 261 { 262 int ret; 263 uint64_t *bitmap_table; 264 265 ret = bitmap_table_load(bs, tb, &bitmap_table); 266 if (ret < 0) { 267 return ret; 268 } 269 270 clear_bitmap_table(bs, bitmap_table, tb->size); 271 qcow2_free_clusters(bs, tb->offset, tb->size * BME_TABLE_ENTRY_SIZE, 272 QCOW2_DISCARD_OTHER); 273 g_free(bitmap_table); 274 275 tb->offset = 0; 276 tb->size = 0; 277 278 return 0; 279 } 280 281 /* load_bitmap_data 282 * @bitmap_table entries must satisfy specification constraints. 283 * @bitmap must be cleared */ 284 static int load_bitmap_data(BlockDriverState *bs, 285 const uint64_t *bitmap_table, 286 uint32_t bitmap_table_size, 287 BdrvDirtyBitmap *bitmap) 288 { 289 int ret = 0; 290 BDRVQcow2State *s = bs->opaque; 291 uint64_t offset, limit; 292 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 293 uint8_t *buf = NULL; 294 uint64_t i, tab_size = 295 size_to_clusters(s, 296 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 297 298 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) { 299 return -EINVAL; 300 } 301 302 buf = g_malloc(s->cluster_size); 303 limit = bdrv_dirty_bitmap_serialization_coverage(s->cluster_size, bitmap); 304 for (i = 0, offset = 0; i < tab_size; ++i, offset += limit) { 305 uint64_t count = MIN(bm_size - offset, limit); 306 uint64_t entry = bitmap_table[i]; 307 uint64_t data_offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 308 309 assert(check_table_entry(entry, s->cluster_size) == 0); 310 311 if (data_offset == 0) { 312 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 313 bdrv_dirty_bitmap_deserialize_ones(bitmap, offset, count, 314 false); 315 } else { 316 /* No need to deserialize zeros because the dirty bitmap is 317 * already cleared */ 318 } 319 } else { 320 ret = bdrv_pread(bs->file, data_offset, buf, s->cluster_size); 321 if (ret < 0) { 322 goto finish; 323 } 324 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, offset, count, 325 false); 326 } 327 } 328 ret = 0; 329 330 bdrv_dirty_bitmap_deserialize_finish(bitmap); 331 332 finish: 333 g_free(buf); 334 335 return ret; 336 } 337 338 static BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs, 339 Qcow2Bitmap *bm, Error **errp) 340 { 341 int ret; 342 uint64_t *bitmap_table = NULL; 343 uint32_t granularity; 344 BdrvDirtyBitmap *bitmap = NULL; 345 346 granularity = 1U << bm->granularity_bits; 347 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp); 348 if (bitmap == NULL) { 349 goto fail; 350 } 351 352 if (bm->flags & BME_FLAG_IN_USE) { 353 /* Data is unusable, skip loading it */ 354 return bitmap; 355 } 356 357 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 358 if (ret < 0) { 359 error_setg_errno(errp, -ret, 360 "Could not read bitmap_table table from image for " 361 "bitmap '%s'", bm->name); 362 goto fail; 363 } 364 365 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap); 366 if (ret < 0) { 367 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image", 368 bm->name); 369 goto fail; 370 } 371 372 g_free(bitmap_table); 373 return bitmap; 374 375 fail: 376 g_free(bitmap_table); 377 if (bitmap != NULL) { 378 bdrv_release_dirty_bitmap(bitmap); 379 } 380 381 return NULL; 382 } 383 384 /* 385 * Bitmap List 386 */ 387 388 /* 389 * Bitmap List private functions 390 * Only Bitmap List knows about bitmap directory structure in Qcow2. 391 */ 392 393 static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry) 394 { 395 entry->bitmap_table_offset = be64_to_cpu(entry->bitmap_table_offset); 396 entry->bitmap_table_size = be32_to_cpu(entry->bitmap_table_size); 397 entry->flags = be32_to_cpu(entry->flags); 398 entry->name_size = be16_to_cpu(entry->name_size); 399 entry->extra_data_size = be32_to_cpu(entry->extra_data_size); 400 } 401 402 static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry) 403 { 404 entry->bitmap_table_offset = cpu_to_be64(entry->bitmap_table_offset); 405 entry->bitmap_table_size = cpu_to_be32(entry->bitmap_table_size); 406 entry->flags = cpu_to_be32(entry->flags); 407 entry->name_size = cpu_to_be16(entry->name_size); 408 entry->extra_data_size = cpu_to_be32(entry->extra_data_size); 409 } 410 411 static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size) 412 { 413 int size = sizeof(Qcow2BitmapDirEntry) + name_size + extra_data_size; 414 return ROUND_UP(size, 8); 415 } 416 417 static inline int dir_entry_size(Qcow2BitmapDirEntry *entry) 418 { 419 return calc_dir_entry_size(entry->name_size, entry->extra_data_size); 420 } 421 422 static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry) 423 { 424 return (const char *)(entry + 1) + entry->extra_data_size; 425 } 426 427 static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry) 428 { 429 const char *name_field = dir_entry_name_field(entry); 430 return g_strndup(name_field, entry->name_size); 431 } 432 433 static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry) 434 { 435 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry)); 436 } 437 438 static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry) 439 { 440 BDRVQcow2State *s = bs->opaque; 441 uint64_t phys_bitmap_bytes; 442 int64_t len; 443 444 bool fail = (entry->bitmap_table_size == 0) || 445 (entry->bitmap_table_offset == 0) || 446 (entry->bitmap_table_offset % s->cluster_size) || 447 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) || 448 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) || 449 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) || 450 (entry->flags & BME_RESERVED_FLAGS) || 451 (entry->name_size > BME_MAX_NAME_SIZE) || 452 (entry->type != BT_DIRTY_TRACKING_BITMAP); 453 454 if (fail) { 455 return -EINVAL; 456 } 457 458 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size; 459 len = bdrv_getlength(bs); 460 461 if (len < 0) { 462 return len; 463 } 464 465 if (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) { 466 return -EINVAL; 467 } 468 469 if (!(entry->flags & BME_FLAG_IN_USE) && 470 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits))) 471 { 472 /* 473 * We've loaded a valid bitmap (IN_USE not set) or we are going to 474 * store a valid bitmap, but the allocated bitmap table size is not 475 * enough to store this bitmap. 476 * 477 * Note, that it's OK to have an invalid bitmap with invalid size due 478 * to a bitmap that was not correctly saved after image resize. 479 */ 480 return -EINVAL; 481 } 482 483 return 0; 484 } 485 486 static inline void bitmap_directory_to_be(uint8_t *dir, size_t size) 487 { 488 uint8_t *end = dir + size; 489 while (dir < end) { 490 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir; 491 dir += dir_entry_size(e); 492 493 bitmap_dir_entry_to_be(e); 494 } 495 } 496 497 /* 498 * Bitmap List public functions 499 */ 500 501 static void bitmap_free(Qcow2Bitmap *bm) 502 { 503 if (bm == NULL) { 504 return; 505 } 506 507 g_free(bm->name); 508 g_free(bm); 509 } 510 511 static void bitmap_list_free(Qcow2BitmapList *bm_list) 512 { 513 Qcow2Bitmap *bm; 514 515 if (bm_list == NULL) { 516 return; 517 } 518 519 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) { 520 QSIMPLEQ_REMOVE_HEAD(bm_list, entry); 521 bitmap_free(bm); 522 } 523 524 g_free(bm_list); 525 } 526 527 static Qcow2BitmapList *bitmap_list_new(void) 528 { 529 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1); 530 QSIMPLEQ_INIT(bm_list); 531 532 return bm_list; 533 } 534 535 static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list) 536 { 537 Qcow2Bitmap *bm; 538 uint32_t nb_bitmaps = 0; 539 540 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 541 nb_bitmaps++; 542 } 543 544 return nb_bitmaps; 545 } 546 547 /* bitmap_list_load 548 * Get bitmap list from qcow2 image. Actually reads bitmap directory, 549 * checks it and convert to bitmap list. 550 */ 551 static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset, 552 uint64_t size, Error **errp) 553 { 554 int ret; 555 BDRVQcow2State *s = bs->opaque; 556 uint8_t *dir, *dir_end; 557 Qcow2BitmapDirEntry *e; 558 uint32_t nb_dir_entries = 0; 559 Qcow2BitmapList *bm_list = NULL; 560 561 if (size == 0) { 562 error_setg(errp, "Requested bitmap directory size is zero"); 563 return NULL; 564 } 565 566 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 567 error_setg(errp, "Requested bitmap directory size is too big"); 568 return NULL; 569 } 570 571 dir = g_try_malloc(size); 572 if (dir == NULL) { 573 error_setg(errp, "Failed to allocate space for bitmap directory"); 574 return NULL; 575 } 576 dir_end = dir + size; 577 578 ret = bdrv_pread(bs->file, offset, dir, size); 579 if (ret < 0) { 580 error_setg_errno(errp, -ret, "Failed to read bitmap directory"); 581 goto fail; 582 } 583 584 bm_list = bitmap_list_new(); 585 for (e = (Qcow2BitmapDirEntry *)dir; 586 e < (Qcow2BitmapDirEntry *)dir_end; 587 e = next_dir_entry(e)) 588 { 589 Qcow2Bitmap *bm; 590 591 if ((uint8_t *)(e + 1) > dir_end) { 592 goto broken_dir; 593 } 594 595 if (++nb_dir_entries > s->nb_bitmaps) { 596 error_setg(errp, "More bitmaps found than specified in header" 597 " extension"); 598 goto fail; 599 } 600 bitmap_dir_entry_to_cpu(e); 601 602 if ((uint8_t *)next_dir_entry(e) > dir_end) { 603 goto broken_dir; 604 } 605 606 if (e->extra_data_size != 0) { 607 error_setg(errp, "Bitmap extra data is not supported"); 608 goto fail; 609 } 610 611 ret = check_dir_entry(bs, e); 612 if (ret < 0) { 613 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints", 614 e->name_size, dir_entry_name_field(e)); 615 goto fail; 616 } 617 618 bm = g_new0(Qcow2Bitmap, 1); 619 bm->table.offset = e->bitmap_table_offset; 620 bm->table.size = e->bitmap_table_size; 621 bm->flags = e->flags; 622 bm->granularity_bits = e->granularity_bits; 623 bm->name = dir_entry_copy_name(e); 624 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 625 } 626 627 if (nb_dir_entries != s->nb_bitmaps) { 628 error_setg(errp, "Less bitmaps found than specified in header" 629 " extension"); 630 goto fail; 631 } 632 633 if ((uint8_t *)e != dir_end) { 634 goto broken_dir; 635 } 636 637 g_free(dir); 638 return bm_list; 639 640 broken_dir: 641 error_setg(errp, "Broken bitmap directory"); 642 643 fail: 644 g_free(dir); 645 bitmap_list_free(bm_list); 646 647 return NULL; 648 } 649 650 int qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res, 651 void **refcount_table, 652 int64_t *refcount_table_size) 653 { 654 int ret; 655 BDRVQcow2State *s = bs->opaque; 656 Qcow2BitmapList *bm_list; 657 Qcow2Bitmap *bm; 658 659 if (s->nb_bitmaps == 0) { 660 return 0; 661 } 662 663 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size, 664 s->bitmap_directory_offset, 665 s->bitmap_directory_size); 666 if (ret < 0) { 667 return ret; 668 } 669 670 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 671 s->bitmap_directory_size, NULL); 672 if (bm_list == NULL) { 673 res->corruptions++; 674 return -EINVAL; 675 } 676 677 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 678 uint64_t *bitmap_table = NULL; 679 int i; 680 681 ret = qcow2_inc_refcounts_imrt(bs, res, 682 refcount_table, refcount_table_size, 683 bm->table.offset, 684 bm->table.size * BME_TABLE_ENTRY_SIZE); 685 if (ret < 0) { 686 goto out; 687 } 688 689 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 690 if (ret < 0) { 691 res->corruptions++; 692 goto out; 693 } 694 695 for (i = 0; i < bm->table.size; ++i) { 696 uint64_t entry = bitmap_table[i]; 697 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 698 699 if (check_table_entry(entry, s->cluster_size) < 0) { 700 res->corruptions++; 701 continue; 702 } 703 704 if (offset == 0) { 705 continue; 706 } 707 708 ret = qcow2_inc_refcounts_imrt(bs, res, 709 refcount_table, refcount_table_size, 710 offset, s->cluster_size); 711 if (ret < 0) { 712 g_free(bitmap_table); 713 goto out; 714 } 715 } 716 717 g_free(bitmap_table); 718 } 719 720 out: 721 bitmap_list_free(bm_list); 722 723 return ret; 724 } 725 726 /* bitmap_list_store 727 * Store bitmap list to qcow2 image as a bitmap directory. 728 * Everything is checked. 729 */ 730 static int bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list, 731 uint64_t *offset, uint64_t *size, bool in_place) 732 { 733 int ret; 734 uint8_t *dir; 735 int64_t dir_offset = 0; 736 uint64_t dir_size = 0; 737 Qcow2Bitmap *bm; 738 Qcow2BitmapDirEntry *e; 739 740 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 741 dir_size += calc_dir_entry_size(strlen(bm->name), 0); 742 } 743 744 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 745 return -EINVAL; 746 } 747 748 if (in_place) { 749 if (*size != dir_size || *offset == 0) { 750 return -EINVAL; 751 } 752 753 dir_offset = *offset; 754 } 755 756 dir = g_try_malloc0(dir_size); 757 if (dir == NULL) { 758 return -ENOMEM; 759 } 760 761 e = (Qcow2BitmapDirEntry *)dir; 762 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 763 e->bitmap_table_offset = bm->table.offset; 764 e->bitmap_table_size = bm->table.size; 765 e->flags = bm->flags; 766 e->type = BT_DIRTY_TRACKING_BITMAP; 767 e->granularity_bits = bm->granularity_bits; 768 e->name_size = strlen(bm->name); 769 e->extra_data_size = 0; 770 memcpy(e + 1, bm->name, e->name_size); 771 772 if (check_dir_entry(bs, e) < 0) { 773 ret = -EINVAL; 774 goto fail; 775 } 776 777 e = next_dir_entry(e); 778 } 779 780 bitmap_directory_to_be(dir, dir_size); 781 782 if (!in_place) { 783 dir_offset = qcow2_alloc_clusters(bs, dir_size); 784 if (dir_offset < 0) { 785 ret = dir_offset; 786 goto fail; 787 } 788 } 789 790 /* Actually, even in in-place case ignoring QCOW2_OL_BITMAP_DIRECTORY is not 791 * necessary, because we drop QCOW2_AUTOCLEAR_BITMAPS when updating bitmap 792 * directory in-place (actually, turn-off the extension), which is checked 793 * in qcow2_check_metadata_overlap() */ 794 ret = qcow2_pre_write_overlap_check( 795 bs, in_place ? QCOW2_OL_BITMAP_DIRECTORY : 0, dir_offset, dir_size, 796 false); 797 if (ret < 0) { 798 goto fail; 799 } 800 801 ret = bdrv_pwrite(bs->file, dir_offset, dir, dir_size); 802 if (ret < 0) { 803 goto fail; 804 } 805 806 g_free(dir); 807 808 if (!in_place) { 809 *size = dir_size; 810 *offset = dir_offset; 811 } 812 813 return 0; 814 815 fail: 816 g_free(dir); 817 818 if (!in_place && dir_offset > 0) { 819 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER); 820 } 821 822 return ret; 823 } 824 825 /* 826 * Bitmap List end 827 */ 828 829 static int update_ext_header_and_dir_in_place(BlockDriverState *bs, 830 Qcow2BitmapList *bm_list) 831 { 832 BDRVQcow2State *s = bs->opaque; 833 int ret; 834 835 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) || 836 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) || 837 bitmap_list_count(bm_list) != s->nb_bitmaps) 838 { 839 return -EINVAL; 840 } 841 842 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 843 ret = update_header_sync(bs); 844 if (ret < 0) { 845 /* Two variants are possible here: 846 * 1. Autoclear flag is dropped, all bitmaps will be lost. 847 * 2. Autoclear flag is not dropped, old state is left. 848 */ 849 return ret; 850 } 851 852 /* autoclear bit is not set, so we can safely update bitmap directory */ 853 854 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset, 855 &s->bitmap_directory_size, true); 856 if (ret < 0) { 857 /* autoclear bit is cleared, so all leaked clusters would be removed on 858 * qemu-img check */ 859 return ret; 860 } 861 862 ret = update_header_sync(bs); 863 if (ret < 0) { 864 /* autoclear bit is cleared, so all leaked clusters would be removed on 865 * qemu-img check */ 866 return ret; 867 } 868 869 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 870 return update_header_sync(bs); 871 /* If final update_header_sync() fails, two variants are possible: 872 * 1. Autoclear flag is not set, all bitmaps will be lost. 873 * 2. Autoclear flag is set, header and directory are successfully updated. 874 */ 875 } 876 877 static int update_ext_header_and_dir(BlockDriverState *bs, 878 Qcow2BitmapList *bm_list) 879 { 880 BDRVQcow2State *s = bs->opaque; 881 int ret; 882 uint64_t new_offset = 0; 883 uint64_t new_size = 0; 884 uint32_t new_nb_bitmaps = 0; 885 uint64_t old_offset = s->bitmap_directory_offset; 886 uint64_t old_size = s->bitmap_directory_size; 887 uint32_t old_nb_bitmaps = s->nb_bitmaps; 888 uint64_t old_autocl = s->autoclear_features; 889 890 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) { 891 new_nb_bitmaps = bitmap_list_count(bm_list); 892 893 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 894 return -EINVAL; 895 } 896 897 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false); 898 if (ret < 0) { 899 return ret; 900 } 901 902 ret = qcow2_flush_caches(bs); 903 if (ret < 0) { 904 goto fail; 905 } 906 907 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 908 } else { 909 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 910 } 911 912 s->bitmap_directory_offset = new_offset; 913 s->bitmap_directory_size = new_size; 914 s->nb_bitmaps = new_nb_bitmaps; 915 916 ret = update_header_sync(bs); 917 if (ret < 0) { 918 goto fail; 919 } 920 921 if (old_size > 0) { 922 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER); 923 } 924 925 return 0; 926 927 fail: 928 if (new_offset > 0) { 929 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER); 930 } 931 932 s->bitmap_directory_offset = old_offset; 933 s->bitmap_directory_size = old_size; 934 s->nb_bitmaps = old_nb_bitmaps; 935 s->autoclear_features = old_autocl; 936 937 return ret; 938 } 939 940 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 941 static void release_dirty_bitmap_helper(gpointer bitmap, 942 gpointer bs) 943 { 944 bdrv_release_dirty_bitmap(bitmap); 945 } 946 947 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 948 static void set_readonly_helper(gpointer bitmap, gpointer value) 949 { 950 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value); 951 } 952 953 /* 954 * Return true on success, false on failure. 955 * If header_updated is not NULL then it is set appropriately regardless of 956 * the return value. 957 */ 958 bool qcow2_load_dirty_bitmaps(BlockDriverState *bs, bool *header_updated, 959 Error **errp) 960 { 961 BDRVQcow2State *s = bs->opaque; 962 Qcow2BitmapList *bm_list; 963 Qcow2Bitmap *bm; 964 GSList *created_dirty_bitmaps = NULL; 965 bool needs_update = false; 966 967 if (header_updated) { 968 *header_updated = false; 969 } 970 971 if (s->nb_bitmaps == 0) { 972 /* No bitmaps - nothing to do */ 973 return true; 974 } 975 976 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 977 s->bitmap_directory_size, errp); 978 if (bm_list == NULL) { 979 return false; 980 } 981 982 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 983 BdrvDirtyBitmap *bitmap; 984 985 if ((bm->flags & BME_FLAG_IN_USE) && 986 bdrv_find_dirty_bitmap(bs, bm->name)) 987 { 988 /* 989 * We already have corresponding BdrvDirtyBitmap, and bitmap in the 990 * image is marked IN_USE. Firstly, this state is valid, no reason 991 * to consider existing BdrvDirtyBitmap to be bad. Secondly it's 992 * absolutely possible, when we do migration with shared storage 993 * with dirty-bitmaps capability enabled: if the bitmap was loaded 994 * from this storage before migration start, the storage will 995 * of-course contain IN_USE outdated version of the bitmap, and we 996 * should not load it on migration target, as we already have this 997 * bitmap, being migrated. 998 */ 999 continue; 1000 } 1001 1002 bitmap = load_bitmap(bs, bm, errp); 1003 if (bitmap == NULL) { 1004 goto fail; 1005 } 1006 1007 bdrv_dirty_bitmap_set_persistence(bitmap, true); 1008 if (bm->flags & BME_FLAG_IN_USE) { 1009 bdrv_dirty_bitmap_set_inconsistent(bitmap); 1010 } else { 1011 /* NB: updated flags only get written if can_write(bs) is true. */ 1012 bm->flags |= BME_FLAG_IN_USE; 1013 needs_update = true; 1014 } 1015 if (!(bm->flags & BME_FLAG_AUTO)) { 1016 bdrv_disable_dirty_bitmap(bitmap); 1017 } 1018 created_dirty_bitmaps = 1019 g_slist_append(created_dirty_bitmaps, bitmap); 1020 } 1021 1022 if (needs_update && can_write(bs)) { 1023 /* in_use flags must be updated */ 1024 int ret = update_ext_header_and_dir_in_place(bs, bm_list); 1025 if (ret < 0) { 1026 error_setg_errno(errp, -ret, "Can't update bitmap directory"); 1027 goto fail; 1028 } 1029 if (header_updated) { 1030 *header_updated = true; 1031 } 1032 } 1033 1034 if (!can_write(bs)) { 1035 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper, 1036 (gpointer)true); 1037 } 1038 1039 g_slist_free(created_dirty_bitmaps); 1040 bitmap_list_free(bm_list); 1041 1042 return true; 1043 1044 fail: 1045 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs); 1046 g_slist_free(created_dirty_bitmaps); 1047 bitmap_list_free(bm_list); 1048 1049 return false; 1050 } 1051 1052 1053 static Qcow2BitmapInfoFlagsList *get_bitmap_info_flags(uint32_t flags) 1054 { 1055 Qcow2BitmapInfoFlagsList *list = NULL; 1056 Qcow2BitmapInfoFlagsList **tail = &list; 1057 int i; 1058 1059 static const struct { 1060 int bme; /* Bitmap directory entry flags */ 1061 int info; /* The flags to report to the user */ 1062 } map[] = { 1063 { BME_FLAG_IN_USE, QCOW2_BITMAP_INFO_FLAGS_IN_USE }, 1064 { BME_FLAG_AUTO, QCOW2_BITMAP_INFO_FLAGS_AUTO }, 1065 }; 1066 1067 int map_size = ARRAY_SIZE(map); 1068 1069 for (i = 0; i < map_size; ++i) { 1070 if (flags & map[i].bme) { 1071 QAPI_LIST_APPEND(tail, map[i].info); 1072 flags &= ~map[i].bme; 1073 } 1074 } 1075 /* Check if the BME_* mapping above is complete */ 1076 assert(!flags); 1077 1078 return list; 1079 } 1080 1081 /* 1082 * qcow2_get_bitmap_info_list() 1083 * Returns a list of QCOW2 bitmap details. 1084 * On success return true with info_list set (note, that if there are no 1085 * bitmaps, info_list is set to NULL). 1086 * On failure return false with errp set. 1087 */ 1088 bool qcow2_get_bitmap_info_list(BlockDriverState *bs, 1089 Qcow2BitmapInfoList **info_list, Error **errp) 1090 { 1091 BDRVQcow2State *s = bs->opaque; 1092 Qcow2BitmapList *bm_list; 1093 Qcow2Bitmap *bm; 1094 Qcow2BitmapInfoList **tail; 1095 1096 if (s->nb_bitmaps == 0) { 1097 *info_list = NULL; 1098 return true; 1099 } 1100 1101 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1102 s->bitmap_directory_size, errp); 1103 if (!bm_list) { 1104 return false; 1105 } 1106 1107 *info_list = NULL; 1108 tail = info_list; 1109 1110 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1111 Qcow2BitmapInfo *info = g_new0(Qcow2BitmapInfo, 1); 1112 info->granularity = 1U << bm->granularity_bits; 1113 info->name = g_strdup(bm->name); 1114 info->flags = get_bitmap_info_flags(bm->flags & ~BME_RESERVED_FLAGS); 1115 QAPI_LIST_APPEND(tail, info); 1116 } 1117 1118 bitmap_list_free(bm_list); 1119 1120 return true; 1121 } 1122 1123 int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp) 1124 { 1125 BDRVQcow2State *s = bs->opaque; 1126 Qcow2BitmapList *bm_list; 1127 Qcow2Bitmap *bm; 1128 GSList *ro_dirty_bitmaps = NULL; 1129 int ret = -EINVAL; 1130 bool need_header_update = false; 1131 1132 if (s->nb_bitmaps == 0) { 1133 /* No bitmaps - nothing to do */ 1134 return 0; 1135 } 1136 1137 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1138 s->bitmap_directory_size, errp); 1139 if (bm_list == NULL) { 1140 return -EINVAL; 1141 } 1142 1143 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1144 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1145 1146 if (!bitmap) { 1147 error_setg(errp, "Unexpected bitmap '%s' in image '%s'", 1148 bm->name, bs->filename); 1149 goto out; 1150 } 1151 1152 if (!(bm->flags & BME_FLAG_IN_USE)) { 1153 if (!bdrv_dirty_bitmap_readonly(bitmap)) { 1154 error_setg(errp, "Corruption: bitmap '%s' is not marked IN_USE " 1155 "in the image '%s' and not marked readonly in RAM", 1156 bm->name, bs->filename); 1157 goto out; 1158 } 1159 if (bdrv_dirty_bitmap_inconsistent(bitmap)) { 1160 error_setg(errp, "Corruption: bitmap '%s' is inconsistent but " 1161 "is not marked IN_USE in the image '%s'", bm->name, 1162 bs->filename); 1163 goto out; 1164 } 1165 1166 bm->flags |= BME_FLAG_IN_USE; 1167 need_header_update = true; 1168 } else { 1169 /* 1170 * What if flags already has BME_FLAG_IN_USE ? 1171 * 1172 * 1. if we are reopening RW -> RW it's OK, of course. 1173 * 2. if we are reopening RO -> RW: 1174 * 2.1 if @bitmap is inconsistent, it's OK. It means that it was 1175 * inconsistent (IN_USE) when we loaded it 1176 * 2.2 if @bitmap is not inconsistent. This seems to be impossible 1177 * and implies third party interaction. Let's error-out for 1178 * safety. 1179 */ 1180 if (bdrv_dirty_bitmap_readonly(bitmap) && 1181 !bdrv_dirty_bitmap_inconsistent(bitmap)) 1182 { 1183 error_setg(errp, "Corruption: bitmap '%s' is marked IN_USE " 1184 "in the image '%s' but it is readonly and " 1185 "consistent in RAM", 1186 bm->name, bs->filename); 1187 goto out; 1188 } 1189 } 1190 1191 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1192 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap); 1193 } 1194 } 1195 1196 if (need_header_update) { 1197 if (!can_write(bs->file->bs) || !(bs->file->perm & BLK_PERM_WRITE)) { 1198 error_setg(errp, "Failed to reopen bitmaps rw: no write access " 1199 "the protocol file"); 1200 goto out; 1201 } 1202 1203 /* in_use flags must be updated */ 1204 ret = update_ext_header_and_dir_in_place(bs, bm_list); 1205 if (ret < 0) { 1206 error_setg_errno(errp, -ret, "Cannot update bitmap directory"); 1207 goto out; 1208 } 1209 } 1210 1211 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, false); 1212 ret = 0; 1213 1214 out: 1215 g_slist_free(ro_dirty_bitmaps); 1216 bitmap_list_free(bm_list); 1217 1218 return ret; 1219 } 1220 1221 /* Checks to see if it's safe to resize bitmaps */ 1222 int qcow2_truncate_bitmaps_check(BlockDriverState *bs, Error **errp) 1223 { 1224 BDRVQcow2State *s = bs->opaque; 1225 Qcow2BitmapList *bm_list; 1226 Qcow2Bitmap *bm; 1227 int ret = 0; 1228 1229 if (s->nb_bitmaps == 0) { 1230 return 0; 1231 } 1232 1233 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1234 s->bitmap_directory_size, errp); 1235 if (bm_list == NULL) { 1236 return -EINVAL; 1237 } 1238 1239 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1240 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1241 if (bitmap == NULL) { 1242 /* 1243 * We rely on all bitmaps being in-memory to be able to resize them, 1244 * Otherwise, we'd need to resize them on disk explicitly 1245 */ 1246 error_setg(errp, "Cannot resize qcow2 with persistent bitmaps that " 1247 "were not loaded into memory"); 1248 ret = -ENOTSUP; 1249 goto out; 1250 } 1251 1252 /* 1253 * The checks against readonly and busy are redundant, but certainly 1254 * do no harm. checks against inconsistent are crucial: 1255 */ 1256 if (bdrv_dirty_bitmap_check(bitmap, BDRV_BITMAP_DEFAULT, errp)) { 1257 ret = -ENOTSUP; 1258 goto out; 1259 } 1260 } 1261 1262 out: 1263 bitmap_list_free(bm_list); 1264 return ret; 1265 } 1266 1267 /* store_bitmap_data() 1268 * Store bitmap to image, filling bitmap table accordingly. 1269 */ 1270 static uint64_t *store_bitmap_data(BlockDriverState *bs, 1271 BdrvDirtyBitmap *bitmap, 1272 uint32_t *bitmap_table_size, Error **errp) 1273 { 1274 int ret; 1275 BDRVQcow2State *s = bs->opaque; 1276 int64_t offset; 1277 uint64_t limit; 1278 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 1279 const char *bm_name = bdrv_dirty_bitmap_name(bitmap); 1280 uint8_t *buf = NULL; 1281 uint64_t *tb; 1282 uint64_t tb_size = 1283 size_to_clusters(s, 1284 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 1285 1286 if (tb_size > BME_MAX_TABLE_SIZE || 1287 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE) 1288 { 1289 error_setg(errp, "Bitmap '%s' is too big", bm_name); 1290 return NULL; 1291 } 1292 1293 tb = g_try_new0(uint64_t, tb_size); 1294 if (tb == NULL) { 1295 error_setg(errp, "No memory"); 1296 return NULL; 1297 } 1298 1299 buf = g_malloc(s->cluster_size); 1300 limit = bdrv_dirty_bitmap_serialization_coverage(s->cluster_size, bitmap); 1301 assert(DIV_ROUND_UP(bm_size, limit) == tb_size); 1302 1303 offset = 0; 1304 while ((offset = bdrv_dirty_bitmap_next_dirty(bitmap, offset, INT64_MAX)) 1305 >= 0) 1306 { 1307 uint64_t cluster = offset / limit; 1308 uint64_t end, write_size; 1309 int64_t off; 1310 1311 /* 1312 * We found the first dirty offset, but want to write out the 1313 * entire cluster of the bitmap that includes that offset, 1314 * including any leading zero bits. 1315 */ 1316 offset = QEMU_ALIGN_DOWN(offset, limit); 1317 end = MIN(bm_size, offset + limit); 1318 write_size = bdrv_dirty_bitmap_serialization_size(bitmap, offset, 1319 end - offset); 1320 assert(write_size <= s->cluster_size); 1321 1322 off = qcow2_alloc_clusters(bs, s->cluster_size); 1323 if (off < 0) { 1324 error_setg_errno(errp, -off, 1325 "Failed to allocate clusters for bitmap '%s'", 1326 bm_name); 1327 goto fail; 1328 } 1329 tb[cluster] = off; 1330 1331 bdrv_dirty_bitmap_serialize_part(bitmap, buf, offset, end - offset); 1332 if (write_size < s->cluster_size) { 1333 memset(buf + write_size, 0, s->cluster_size - write_size); 1334 } 1335 1336 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size, false); 1337 if (ret < 0) { 1338 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1339 goto fail; 1340 } 1341 1342 ret = bdrv_pwrite(bs->file, off, buf, s->cluster_size); 1343 if (ret < 0) { 1344 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1345 bm_name); 1346 goto fail; 1347 } 1348 1349 offset = end; 1350 } 1351 1352 *bitmap_table_size = tb_size; 1353 g_free(buf); 1354 1355 return tb; 1356 1357 fail: 1358 clear_bitmap_table(bs, tb, tb_size); 1359 g_free(buf); 1360 g_free(tb); 1361 1362 return NULL; 1363 } 1364 1365 /* store_bitmap() 1366 * Store bm->dirty_bitmap to qcow2. 1367 * Set bm->table_offset and bm->table_size accordingly. 1368 */ 1369 static int store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp) 1370 { 1371 int ret; 1372 uint64_t *tb; 1373 int64_t tb_offset; 1374 uint32_t tb_size; 1375 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap; 1376 const char *bm_name; 1377 1378 assert(bitmap != NULL); 1379 1380 bm_name = bdrv_dirty_bitmap_name(bitmap); 1381 1382 tb = store_bitmap_data(bs, bitmap, &tb_size, errp); 1383 if (tb == NULL) { 1384 return -EINVAL; 1385 } 1386 1387 assert(tb_size <= BME_MAX_TABLE_SIZE); 1388 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0])); 1389 if (tb_offset < 0) { 1390 error_setg_errno(errp, -tb_offset, 1391 "Failed to allocate clusters for bitmap '%s'", 1392 bm_name); 1393 ret = tb_offset; 1394 goto fail; 1395 } 1396 1397 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset, 1398 tb_size * sizeof(tb[0]), false); 1399 if (ret < 0) { 1400 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1401 goto fail; 1402 } 1403 1404 bitmap_table_to_be(tb, tb_size); 1405 ret = bdrv_pwrite(bs->file, tb_offset, tb, tb_size * sizeof(tb[0])); 1406 if (ret < 0) { 1407 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1408 bm_name); 1409 goto fail; 1410 } 1411 1412 g_free(tb); 1413 1414 bm->table.offset = tb_offset; 1415 bm->table.size = tb_size; 1416 1417 return 0; 1418 1419 fail: 1420 clear_bitmap_table(bs, tb, tb_size); 1421 1422 if (tb_offset > 0) { 1423 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]), 1424 QCOW2_DISCARD_OTHER); 1425 } 1426 1427 g_free(tb); 1428 1429 return ret; 1430 } 1431 1432 static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list, 1433 const char *name) 1434 { 1435 Qcow2Bitmap *bm; 1436 1437 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1438 if (strcmp(name, bm->name) == 0) { 1439 return bm; 1440 } 1441 } 1442 1443 return NULL; 1444 } 1445 1446 int coroutine_fn qcow2_co_remove_persistent_dirty_bitmap(BlockDriverState *bs, 1447 const char *name, 1448 Error **errp) 1449 { 1450 int ret; 1451 BDRVQcow2State *s = bs->opaque; 1452 Qcow2Bitmap *bm = NULL; 1453 Qcow2BitmapList *bm_list; 1454 1455 if (s->nb_bitmaps == 0) { 1456 /* 1457 * Absence of the bitmap is not an error: see explanation above 1458 * bdrv_co_remove_persistent_dirty_bitmap() definition. 1459 */ 1460 return 0; 1461 } 1462 1463 qemu_co_mutex_lock(&s->lock); 1464 1465 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1466 s->bitmap_directory_size, errp); 1467 if (bm_list == NULL) { 1468 ret = -EIO; 1469 goto out; 1470 } 1471 1472 bm = find_bitmap_by_name(bm_list, name); 1473 if (bm == NULL) { 1474 /* Absence of the bitmap is not an error, see above. */ 1475 ret = 0; 1476 goto out; 1477 } 1478 1479 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry); 1480 1481 ret = update_ext_header_and_dir(bs, bm_list); 1482 if (ret < 0) { 1483 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1484 goto out; 1485 } 1486 1487 free_bitmap_clusters(bs, &bm->table); 1488 1489 out: 1490 qemu_co_mutex_unlock(&s->lock); 1491 1492 bitmap_free(bm); 1493 bitmap_list_free(bm_list); 1494 1495 return ret; 1496 } 1497 1498 /* 1499 * qcow2_store_persistent_dirty_bitmaps 1500 * 1501 * Stores persistent BdrvDirtyBitmap objects. 1502 * 1503 * @release_stored: if true, release BdrvDirtyBitmap's after storing to the 1504 * image. This is used in two cases, both via qcow2_inactivate: 1505 * 1. bdrv_close: It's correct to remove bitmaps on close. 1506 * 2. migration: If bitmaps are migrated through migration channel via 1507 * 'dirty-bitmaps' migration capability they are not handled by this code. 1508 * Otherwise, it's OK to drop BdrvDirtyBitmap's and reload them on 1509 * invalidation. 1510 * 1511 * Anyway, it's correct to remove BdrvDirtyBitmap's on inactivation, as 1512 * inactivation means that we lose control on disk, and therefore on bitmaps, 1513 * we should sync them and do not touch more. 1514 * 1515 * Contrariwise, we don't want to release any bitmaps on just reopen-to-ro, 1516 * when we need to store them, as image is still under our control, and it's 1517 * good to keep all the bitmaps in read-only mode. Moreover, keeping them 1518 * read-only is correct because this is what would happen if we opened the node 1519 * readonly to begin with, and whether we opened directly or reopened to that 1520 * state shouldn't matter for the state we get afterward. 1521 */ 1522 bool qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, 1523 bool release_stored, Error **errp) 1524 { 1525 ERRP_GUARD(); 1526 BdrvDirtyBitmap *bitmap; 1527 BDRVQcow2State *s = bs->opaque; 1528 uint32_t new_nb_bitmaps = s->nb_bitmaps; 1529 uint64_t new_dir_size = s->bitmap_directory_size; 1530 int ret; 1531 Qcow2BitmapList *bm_list; 1532 Qcow2Bitmap *bm; 1533 QSIMPLEQ_HEAD(, Qcow2BitmapTable) drop_tables; 1534 Qcow2BitmapTable *tb, *tb_next; 1535 bool need_write = false; 1536 1537 QSIMPLEQ_INIT(&drop_tables); 1538 1539 if (s->nb_bitmaps == 0) { 1540 bm_list = bitmap_list_new(); 1541 } else { 1542 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1543 s->bitmap_directory_size, errp); 1544 if (bm_list == NULL) { 1545 return false; 1546 } 1547 } 1548 1549 /* check constraints and names */ 1550 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1551 const char *name = bdrv_dirty_bitmap_name(bitmap); 1552 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap); 1553 Qcow2Bitmap *bm; 1554 1555 if (!bdrv_dirty_bitmap_get_persistence(bitmap) || 1556 bdrv_dirty_bitmap_inconsistent(bitmap)) { 1557 continue; 1558 } 1559 1560 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1561 /* 1562 * Store the bitmap in the associated Qcow2Bitmap so it 1563 * can be released later 1564 */ 1565 bm = find_bitmap_by_name(bm_list, name); 1566 if (bm) { 1567 bm->dirty_bitmap = bitmap; 1568 } 1569 continue; 1570 } 1571 1572 need_write = true; 1573 1574 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) { 1575 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ", 1576 name); 1577 goto fail; 1578 } 1579 1580 bm = find_bitmap_by_name(bm_list, name); 1581 if (bm == NULL) { 1582 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 1583 error_setg(errp, "Too many persistent bitmaps"); 1584 goto fail; 1585 } 1586 1587 new_dir_size += calc_dir_entry_size(strlen(name), 0); 1588 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1589 error_setg(errp, "Bitmap directory is too large"); 1590 goto fail; 1591 } 1592 1593 bm = g_new0(Qcow2Bitmap, 1); 1594 bm->name = g_strdup(name); 1595 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 1596 } else { 1597 if (!(bm->flags & BME_FLAG_IN_USE)) { 1598 error_setg(errp, "Bitmap '%s' already exists in the image", 1599 name); 1600 goto fail; 1601 } 1602 tb = g_memdup(&bm->table, sizeof(bm->table)); 1603 bm->table.offset = 0; 1604 bm->table.size = 0; 1605 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry); 1606 } 1607 bm->flags = bdrv_dirty_bitmap_enabled(bitmap) ? BME_FLAG_AUTO : 0; 1608 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap)); 1609 bm->dirty_bitmap = bitmap; 1610 } 1611 1612 if (!need_write) { 1613 goto success; 1614 } 1615 1616 if (!can_write(bs)) { 1617 error_setg(errp, "No write access"); 1618 goto fail; 1619 } 1620 1621 /* allocate clusters and store bitmaps */ 1622 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1623 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap; 1624 1625 if (bitmap == NULL || bdrv_dirty_bitmap_readonly(bitmap)) { 1626 continue; 1627 } 1628 1629 ret = store_bitmap(bs, bm, errp); 1630 if (ret < 0) { 1631 goto fail; 1632 } 1633 } 1634 1635 ret = update_ext_header_and_dir(bs, bm_list); 1636 if (ret < 0) { 1637 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1638 goto fail; 1639 } 1640 1641 /* Bitmap directory was successfully updated, so, old data can be dropped. 1642 * TODO it is better to reuse these clusters */ 1643 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1644 free_bitmap_clusters(bs, tb); 1645 g_free(tb); 1646 } 1647 1648 success: 1649 if (release_stored) { 1650 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1651 if (bm->dirty_bitmap == NULL) { 1652 continue; 1653 } 1654 1655 bdrv_release_dirty_bitmap(bm->dirty_bitmap); 1656 } 1657 } 1658 1659 bitmap_list_free(bm_list); 1660 return true; 1661 1662 fail: 1663 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1664 if (bm->dirty_bitmap == NULL || bm->table.offset == 0 || 1665 bdrv_dirty_bitmap_readonly(bm->dirty_bitmap)) 1666 { 1667 continue; 1668 } 1669 1670 free_bitmap_clusters(bs, &bm->table); 1671 } 1672 1673 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1674 g_free(tb); 1675 } 1676 1677 bitmap_list_free(bm_list); 1678 return false; 1679 } 1680 1681 int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp) 1682 { 1683 BdrvDirtyBitmap *bitmap; 1684 1685 if (!qcow2_store_persistent_dirty_bitmaps(bs, false, errp)) { 1686 return -EINVAL; 1687 } 1688 1689 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1690 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1691 bdrv_dirty_bitmap_set_readonly(bitmap, true); 1692 } 1693 } 1694 1695 return 0; 1696 } 1697 1698 bool coroutine_fn qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, 1699 const char *name, 1700 uint32_t granularity, 1701 Error **errp) 1702 { 1703 BDRVQcow2State *s = bs->opaque; 1704 BdrvDirtyBitmap *bitmap; 1705 uint64_t bitmap_directory_size = 0; 1706 uint32_t nb_bitmaps = 0; 1707 1708 if (bdrv_find_dirty_bitmap(bs, name)) { 1709 error_setg(errp, "Bitmap already exists: %s", name); 1710 return false; 1711 } 1712 1713 if (s->qcow_version < 3) { 1714 /* Without autoclear_features, we would always have to assume 1715 * that a program without persistent dirty bitmap support has 1716 * accessed this qcow2 file when opening it, and would thus 1717 * have to drop all dirty bitmaps (defeating their purpose). 1718 */ 1719 error_setg(errp, "Cannot store dirty bitmaps in qcow2 v2 files"); 1720 goto fail; 1721 } 1722 1723 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) { 1724 goto fail; 1725 } 1726 1727 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1728 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1729 nb_bitmaps++; 1730 bitmap_directory_size += 1731 calc_dir_entry_size(strlen(bdrv_dirty_bitmap_name(bitmap)), 0); 1732 } 1733 } 1734 nb_bitmaps++; 1735 bitmap_directory_size += calc_dir_entry_size(strlen(name), 0); 1736 1737 if (nb_bitmaps > QCOW2_MAX_BITMAPS) { 1738 error_setg(errp, 1739 "Maximum number of persistent bitmaps is already reached"); 1740 goto fail; 1741 } 1742 1743 if (bitmap_directory_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1744 error_setg(errp, "Not enough space in the bitmap directory"); 1745 goto fail; 1746 } 1747 1748 return true; 1749 1750 fail: 1751 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ", 1752 name, bdrv_get_device_or_node_name(bs)); 1753 return false; 1754 } 1755 1756 bool qcow2_supports_persistent_dirty_bitmap(BlockDriverState *bs) 1757 { 1758 BDRVQcow2State *s = bs->opaque; 1759 1760 return s->qcow_version >= 3; 1761 } 1762 1763 /* 1764 * Compute the space required to copy bitmaps from @in_bs. 1765 * 1766 * The computation is based as if copying to a new image with the 1767 * given @cluster_size, which may differ from the cluster size in 1768 * @in_bs; in fact, @in_bs might be something other than qcow2. 1769 */ 1770 uint64_t qcow2_get_persistent_dirty_bitmap_size(BlockDriverState *in_bs, 1771 uint32_t cluster_size) 1772 { 1773 uint64_t bitmaps_size = 0; 1774 BdrvDirtyBitmap *bm; 1775 size_t bitmap_dir_size = 0; 1776 1777 FOR_EACH_DIRTY_BITMAP(in_bs, bm) { 1778 if (bdrv_dirty_bitmap_get_persistence(bm)) { 1779 const char *name = bdrv_dirty_bitmap_name(bm); 1780 uint32_t granularity = bdrv_dirty_bitmap_granularity(bm); 1781 uint64_t bmbytes = 1782 get_bitmap_bytes_needed(bdrv_dirty_bitmap_size(bm), 1783 granularity); 1784 uint64_t bmclusters = DIV_ROUND_UP(bmbytes, cluster_size); 1785 1786 /* Assume the entire bitmap is allocated */ 1787 bitmaps_size += bmclusters * cluster_size; 1788 /* Also reserve space for the bitmap table entries */ 1789 bitmaps_size += ROUND_UP(bmclusters * BME_TABLE_ENTRY_SIZE, 1790 cluster_size); 1791 /* And space for contribution to bitmap directory size */ 1792 bitmap_dir_size += calc_dir_entry_size(strlen(name), 0); 1793 } 1794 } 1795 bitmaps_size += ROUND_UP(bitmap_dir_size, cluster_size); 1796 1797 return bitmaps_size; 1798 } 1799