1 /* 2 * Bitmaps for the QCOW version 2 format 3 * 4 * Copyright (c) 2014-2017 Vladimir Sementsov-Ogievskiy 5 * 6 * This file is derived from qcow2-snapshot.c, original copyright: 7 * Copyright (c) 2004-2006 Fabrice Bellard 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu/osdep.h" 29 #include "qapi/error.h" 30 #include "qemu/cutils.h" 31 32 #include "qcow2.h" 33 34 /* NOTICE: BME here means Bitmaps Extension and used as a namespace for 35 * _internal_ constants. Please do not use this _internal_ abbreviation for 36 * other needs and/or outside of this file. */ 37 38 /* Bitmap directory entry constraints */ 39 #define BME_MAX_TABLE_SIZE 0x8000000 40 #define BME_MAX_PHYS_SIZE 0x20000000 /* restrict BdrvDirtyBitmap size in RAM */ 41 #define BME_MAX_GRANULARITY_BITS 31 42 #define BME_MIN_GRANULARITY_BITS 9 43 #define BME_MAX_NAME_SIZE 1023 44 45 QEMU_BUILD_BUG_ON(BME_MAX_NAME_SIZE != BDRV_BITMAP_MAX_NAME_SIZE); 46 47 #if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX 48 #error In the code bitmap table physical size assumed to fit into int 49 #endif 50 51 /* Bitmap directory entry flags */ 52 #define BME_RESERVED_FLAGS 0xfffffffcU 53 #define BME_FLAG_IN_USE (1U << 0) 54 #define BME_FLAG_AUTO (1U << 1) 55 56 /* bits [1, 8] U [56, 63] are reserved */ 57 #define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL 58 #define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL 59 #define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0) 60 61 typedef struct QEMU_PACKED Qcow2BitmapDirEntry { 62 /* header is 8 byte aligned */ 63 uint64_t bitmap_table_offset; 64 65 uint32_t bitmap_table_size; 66 uint32_t flags; 67 68 uint8_t type; 69 uint8_t granularity_bits; 70 uint16_t name_size; 71 uint32_t extra_data_size; 72 /* extra data follows */ 73 /* name follows */ 74 } Qcow2BitmapDirEntry; 75 76 typedef struct Qcow2BitmapTable { 77 uint64_t offset; 78 uint32_t size; /* number of 64bit entries */ 79 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry; 80 } Qcow2BitmapTable; 81 82 typedef struct Qcow2Bitmap { 83 Qcow2BitmapTable table; 84 uint32_t flags; 85 uint8_t granularity_bits; 86 char *name; 87 88 BdrvDirtyBitmap *dirty_bitmap; 89 90 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry; 91 } Qcow2Bitmap; 92 typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList; 93 94 typedef enum BitmapType { 95 BT_DIRTY_TRACKING_BITMAP = 1 96 } BitmapType; 97 98 static inline bool can_write(BlockDriverState *bs) 99 { 100 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 101 } 102 103 static int update_header_sync(BlockDriverState *bs) 104 { 105 int ret; 106 107 ret = qcow2_update_header(bs); 108 if (ret < 0) { 109 return ret; 110 } 111 112 return bdrv_flush(bs->file->bs); 113 } 114 115 static inline void bitmap_table_to_be(uint64_t *bitmap_table, size_t size) 116 { 117 size_t i; 118 119 for (i = 0; i < size; ++i) { 120 bitmap_table[i] = cpu_to_be64(bitmap_table[i]); 121 } 122 } 123 124 static int check_table_entry(uint64_t entry, int cluster_size) 125 { 126 uint64_t offset; 127 128 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) { 129 return -EINVAL; 130 } 131 132 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 133 if (offset != 0) { 134 /* if offset specified, bit 0 is reserved */ 135 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 136 return -EINVAL; 137 } 138 139 if (offset % cluster_size != 0) { 140 return -EINVAL; 141 } 142 } 143 144 return 0; 145 } 146 147 static int64_t get_bitmap_bytes_needed(int64_t len, uint32_t granularity) 148 { 149 int64_t num_bits = DIV_ROUND_UP(len, granularity); 150 151 return DIV_ROUND_UP(num_bits, 8); 152 } 153 154 static int check_constraints_on_bitmap(BlockDriverState *bs, 155 const char *name, 156 uint32_t granularity, 157 Error **errp) 158 { 159 BDRVQcow2State *s = bs->opaque; 160 int granularity_bits = ctz32(granularity); 161 int64_t len = bdrv_getlength(bs); 162 int64_t bitmap_bytes; 163 164 assert(granularity > 0); 165 assert((granularity & (granularity - 1)) == 0); 166 167 if (len < 0) { 168 error_setg_errno(errp, -len, "Failed to get size of '%s'", 169 bdrv_get_device_or_node_name(bs)); 170 return len; 171 } 172 173 if (granularity_bits > BME_MAX_GRANULARITY_BITS) { 174 error_setg(errp, "Granularity exceeds maximum (%llu bytes)", 175 1ULL << BME_MAX_GRANULARITY_BITS); 176 return -EINVAL; 177 } 178 if (granularity_bits < BME_MIN_GRANULARITY_BITS) { 179 error_setg(errp, "Granularity is under minimum (%llu bytes)", 180 1ULL << BME_MIN_GRANULARITY_BITS); 181 return -EINVAL; 182 } 183 184 bitmap_bytes = get_bitmap_bytes_needed(len, granularity); 185 if ((bitmap_bytes > (uint64_t)BME_MAX_PHYS_SIZE) || 186 (bitmap_bytes > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size)) 187 { 188 error_setg(errp, "Too much space will be occupied by the bitmap. " 189 "Use larger granularity"); 190 return -EINVAL; 191 } 192 193 if (strlen(name) > BME_MAX_NAME_SIZE) { 194 error_setg(errp, "Name length exceeds maximum (%u characters)", 195 BME_MAX_NAME_SIZE); 196 return -EINVAL; 197 } 198 199 return 0; 200 } 201 202 static void clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table, 203 uint32_t bitmap_table_size) 204 { 205 BDRVQcow2State *s = bs->opaque; 206 int i; 207 208 for (i = 0; i < bitmap_table_size; ++i) { 209 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK; 210 if (!addr) { 211 continue; 212 } 213 214 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_ALWAYS); 215 bitmap_table[i] = 0; 216 } 217 } 218 219 static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb, 220 uint64_t **bitmap_table) 221 { 222 int ret; 223 BDRVQcow2State *s = bs->opaque; 224 uint32_t i; 225 uint64_t *table; 226 227 assert(tb->size != 0); 228 table = g_try_new(uint64_t, tb->size); 229 if (table == NULL) { 230 return -ENOMEM; 231 } 232 233 assert(tb->size <= BME_MAX_TABLE_SIZE); 234 ret = bdrv_pread(bs->file, tb->offset, 235 table, tb->size * sizeof(uint64_t)); 236 if (ret < 0) { 237 goto fail; 238 } 239 240 for (i = 0; i < tb->size; ++i) { 241 table[i] = be64_to_cpu(table[i]); 242 ret = check_table_entry(table[i], s->cluster_size); 243 if (ret < 0) { 244 goto fail; 245 } 246 } 247 248 *bitmap_table = table; 249 return 0; 250 251 fail: 252 g_free(table); 253 254 return ret; 255 } 256 257 static int free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb) 258 { 259 int ret; 260 uint64_t *bitmap_table; 261 262 ret = bitmap_table_load(bs, tb, &bitmap_table); 263 if (ret < 0) { 264 return ret; 265 } 266 267 clear_bitmap_table(bs, bitmap_table, tb->size); 268 qcow2_free_clusters(bs, tb->offset, tb->size * sizeof(uint64_t), 269 QCOW2_DISCARD_OTHER); 270 g_free(bitmap_table); 271 272 tb->offset = 0; 273 tb->size = 0; 274 275 return 0; 276 } 277 278 /* Return the disk size covered by a single qcow2 cluster of bitmap data. */ 279 static uint64_t bytes_covered_by_bitmap_cluster(const BDRVQcow2State *s, 280 const BdrvDirtyBitmap *bitmap) 281 { 282 uint64_t granularity = bdrv_dirty_bitmap_granularity(bitmap); 283 uint64_t limit = granularity * (s->cluster_size << 3); 284 285 assert(QEMU_IS_ALIGNED(limit, 286 bdrv_dirty_bitmap_serialization_align(bitmap))); 287 return limit; 288 } 289 290 /* load_bitmap_data 291 * @bitmap_table entries must satisfy specification constraints. 292 * @bitmap must be cleared */ 293 static int load_bitmap_data(BlockDriverState *bs, 294 const uint64_t *bitmap_table, 295 uint32_t bitmap_table_size, 296 BdrvDirtyBitmap *bitmap) 297 { 298 int ret = 0; 299 BDRVQcow2State *s = bs->opaque; 300 uint64_t offset, limit; 301 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 302 uint8_t *buf = NULL; 303 uint64_t i, tab_size = 304 size_to_clusters(s, 305 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 306 307 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) { 308 return -EINVAL; 309 } 310 311 buf = g_malloc(s->cluster_size); 312 limit = bytes_covered_by_bitmap_cluster(s, bitmap); 313 for (i = 0, offset = 0; i < tab_size; ++i, offset += limit) { 314 uint64_t count = MIN(bm_size - offset, limit); 315 uint64_t entry = bitmap_table[i]; 316 uint64_t data_offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 317 318 assert(check_table_entry(entry, s->cluster_size) == 0); 319 320 if (data_offset == 0) { 321 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 322 bdrv_dirty_bitmap_deserialize_ones(bitmap, offset, count, 323 false); 324 } else { 325 /* No need to deserialize zeros because the dirty bitmap is 326 * already cleared */ 327 } 328 } else { 329 ret = bdrv_pread(bs->file, data_offset, buf, s->cluster_size); 330 if (ret < 0) { 331 goto finish; 332 } 333 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, offset, count, 334 false); 335 } 336 } 337 ret = 0; 338 339 bdrv_dirty_bitmap_deserialize_finish(bitmap); 340 341 finish: 342 g_free(buf); 343 344 return ret; 345 } 346 347 static BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs, 348 Qcow2Bitmap *bm, Error **errp) 349 { 350 int ret; 351 uint64_t *bitmap_table = NULL; 352 uint32_t granularity; 353 BdrvDirtyBitmap *bitmap = NULL; 354 355 granularity = 1U << bm->granularity_bits; 356 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp); 357 if (bitmap == NULL) { 358 goto fail; 359 } 360 361 if (bm->flags & BME_FLAG_IN_USE) { 362 /* Data is unusable, skip loading it */ 363 return bitmap; 364 } 365 366 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 367 if (ret < 0) { 368 error_setg_errno(errp, -ret, 369 "Could not read bitmap_table table from image for " 370 "bitmap '%s'", bm->name); 371 goto fail; 372 } 373 374 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap); 375 if (ret < 0) { 376 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image", 377 bm->name); 378 goto fail; 379 } 380 381 g_free(bitmap_table); 382 return bitmap; 383 384 fail: 385 g_free(bitmap_table); 386 if (bitmap != NULL) { 387 bdrv_release_dirty_bitmap(bitmap); 388 } 389 390 return NULL; 391 } 392 393 /* 394 * Bitmap List 395 */ 396 397 /* 398 * Bitmap List private functions 399 * Only Bitmap List knows about bitmap directory structure in Qcow2. 400 */ 401 402 static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry) 403 { 404 entry->bitmap_table_offset = be64_to_cpu(entry->bitmap_table_offset); 405 entry->bitmap_table_size = be32_to_cpu(entry->bitmap_table_size); 406 entry->flags = be32_to_cpu(entry->flags); 407 entry->name_size = be16_to_cpu(entry->name_size); 408 entry->extra_data_size = be32_to_cpu(entry->extra_data_size); 409 } 410 411 static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry) 412 { 413 entry->bitmap_table_offset = cpu_to_be64(entry->bitmap_table_offset); 414 entry->bitmap_table_size = cpu_to_be32(entry->bitmap_table_size); 415 entry->flags = cpu_to_be32(entry->flags); 416 entry->name_size = cpu_to_be16(entry->name_size); 417 entry->extra_data_size = cpu_to_be32(entry->extra_data_size); 418 } 419 420 static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size) 421 { 422 int size = sizeof(Qcow2BitmapDirEntry) + name_size + extra_data_size; 423 return ROUND_UP(size, 8); 424 } 425 426 static inline int dir_entry_size(Qcow2BitmapDirEntry *entry) 427 { 428 return calc_dir_entry_size(entry->name_size, entry->extra_data_size); 429 } 430 431 static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry) 432 { 433 return (const char *)(entry + 1) + entry->extra_data_size; 434 } 435 436 static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry) 437 { 438 const char *name_field = dir_entry_name_field(entry); 439 return g_strndup(name_field, entry->name_size); 440 } 441 442 static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry) 443 { 444 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry)); 445 } 446 447 static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry) 448 { 449 BDRVQcow2State *s = bs->opaque; 450 uint64_t phys_bitmap_bytes; 451 int64_t len; 452 453 bool fail = (entry->bitmap_table_size == 0) || 454 (entry->bitmap_table_offset == 0) || 455 (entry->bitmap_table_offset % s->cluster_size) || 456 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) || 457 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) || 458 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) || 459 (entry->flags & BME_RESERVED_FLAGS) || 460 (entry->name_size > BME_MAX_NAME_SIZE) || 461 (entry->type != BT_DIRTY_TRACKING_BITMAP); 462 463 if (fail) { 464 return -EINVAL; 465 } 466 467 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size; 468 len = bdrv_getlength(bs); 469 470 if (len < 0) { 471 return len; 472 } 473 474 if (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) { 475 return -EINVAL; 476 } 477 478 if (!(entry->flags & BME_FLAG_IN_USE) && 479 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits))) 480 { 481 /* 482 * We've loaded a valid bitmap (IN_USE not set) or we are going to 483 * store a valid bitmap, but the allocated bitmap table size is not 484 * enough to store this bitmap. 485 * 486 * Note, that it's OK to have an invalid bitmap with invalid size due 487 * to a bitmap that was not correctly saved after image resize. 488 */ 489 return -EINVAL; 490 } 491 492 return 0; 493 } 494 495 static inline void bitmap_directory_to_be(uint8_t *dir, size_t size) 496 { 497 uint8_t *end = dir + size; 498 while (dir < end) { 499 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir; 500 dir += dir_entry_size(e); 501 502 bitmap_dir_entry_to_be(e); 503 } 504 } 505 506 /* 507 * Bitmap List public functions 508 */ 509 510 static void bitmap_free(Qcow2Bitmap *bm) 511 { 512 if (bm == NULL) { 513 return; 514 } 515 516 g_free(bm->name); 517 g_free(bm); 518 } 519 520 static void bitmap_list_free(Qcow2BitmapList *bm_list) 521 { 522 Qcow2Bitmap *bm; 523 524 if (bm_list == NULL) { 525 return; 526 } 527 528 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) { 529 QSIMPLEQ_REMOVE_HEAD(bm_list, entry); 530 bitmap_free(bm); 531 } 532 533 g_free(bm_list); 534 } 535 536 static Qcow2BitmapList *bitmap_list_new(void) 537 { 538 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1); 539 QSIMPLEQ_INIT(bm_list); 540 541 return bm_list; 542 } 543 544 static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list) 545 { 546 Qcow2Bitmap *bm; 547 uint32_t nb_bitmaps = 0; 548 549 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 550 nb_bitmaps++; 551 } 552 553 return nb_bitmaps; 554 } 555 556 /* bitmap_list_load 557 * Get bitmap list from qcow2 image. Actually reads bitmap directory, 558 * checks it and convert to bitmap list. 559 */ 560 static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset, 561 uint64_t size, Error **errp) 562 { 563 int ret; 564 BDRVQcow2State *s = bs->opaque; 565 uint8_t *dir, *dir_end; 566 Qcow2BitmapDirEntry *e; 567 uint32_t nb_dir_entries = 0; 568 Qcow2BitmapList *bm_list = NULL; 569 570 if (size == 0) { 571 error_setg(errp, "Requested bitmap directory size is zero"); 572 return NULL; 573 } 574 575 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 576 error_setg(errp, "Requested bitmap directory size is too big"); 577 return NULL; 578 } 579 580 dir = g_try_malloc(size); 581 if (dir == NULL) { 582 error_setg(errp, "Failed to allocate space for bitmap directory"); 583 return NULL; 584 } 585 dir_end = dir + size; 586 587 ret = bdrv_pread(bs->file, offset, dir, size); 588 if (ret < 0) { 589 error_setg_errno(errp, -ret, "Failed to read bitmap directory"); 590 goto fail; 591 } 592 593 bm_list = bitmap_list_new(); 594 for (e = (Qcow2BitmapDirEntry *)dir; 595 e < (Qcow2BitmapDirEntry *)dir_end; 596 e = next_dir_entry(e)) 597 { 598 Qcow2Bitmap *bm; 599 600 if ((uint8_t *)(e + 1) > dir_end) { 601 goto broken_dir; 602 } 603 604 if (++nb_dir_entries > s->nb_bitmaps) { 605 error_setg(errp, "More bitmaps found than specified in header" 606 " extension"); 607 goto fail; 608 } 609 bitmap_dir_entry_to_cpu(e); 610 611 if ((uint8_t *)next_dir_entry(e) > dir_end) { 612 goto broken_dir; 613 } 614 615 if (e->extra_data_size != 0) { 616 error_setg(errp, "Bitmap extra data is not supported"); 617 goto fail; 618 } 619 620 ret = check_dir_entry(bs, e); 621 if (ret < 0) { 622 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints", 623 e->name_size, dir_entry_name_field(e)); 624 goto fail; 625 } 626 627 bm = g_new0(Qcow2Bitmap, 1); 628 bm->table.offset = e->bitmap_table_offset; 629 bm->table.size = e->bitmap_table_size; 630 bm->flags = e->flags; 631 bm->granularity_bits = e->granularity_bits; 632 bm->name = dir_entry_copy_name(e); 633 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 634 } 635 636 if (nb_dir_entries != s->nb_bitmaps) { 637 error_setg(errp, "Less bitmaps found than specified in header" 638 " extension"); 639 goto fail; 640 } 641 642 if ((uint8_t *)e != dir_end) { 643 goto broken_dir; 644 } 645 646 g_free(dir); 647 return bm_list; 648 649 broken_dir: 650 ret = -EINVAL; 651 error_setg(errp, "Broken bitmap directory"); 652 653 fail: 654 g_free(dir); 655 bitmap_list_free(bm_list); 656 657 return NULL; 658 } 659 660 int qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res, 661 void **refcount_table, 662 int64_t *refcount_table_size) 663 { 664 int ret; 665 BDRVQcow2State *s = bs->opaque; 666 Qcow2BitmapList *bm_list; 667 Qcow2Bitmap *bm; 668 669 if (s->nb_bitmaps == 0) { 670 return 0; 671 } 672 673 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size, 674 s->bitmap_directory_offset, 675 s->bitmap_directory_size); 676 if (ret < 0) { 677 return ret; 678 } 679 680 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 681 s->bitmap_directory_size, NULL); 682 if (bm_list == NULL) { 683 res->corruptions++; 684 return -EINVAL; 685 } 686 687 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 688 uint64_t *bitmap_table = NULL; 689 int i; 690 691 ret = qcow2_inc_refcounts_imrt(bs, res, 692 refcount_table, refcount_table_size, 693 bm->table.offset, 694 bm->table.size * sizeof(uint64_t)); 695 if (ret < 0) { 696 goto out; 697 } 698 699 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 700 if (ret < 0) { 701 res->corruptions++; 702 goto out; 703 } 704 705 for (i = 0; i < bm->table.size; ++i) { 706 uint64_t entry = bitmap_table[i]; 707 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 708 709 if (check_table_entry(entry, s->cluster_size) < 0) { 710 res->corruptions++; 711 continue; 712 } 713 714 if (offset == 0) { 715 continue; 716 } 717 718 ret = qcow2_inc_refcounts_imrt(bs, res, 719 refcount_table, refcount_table_size, 720 offset, s->cluster_size); 721 if (ret < 0) { 722 g_free(bitmap_table); 723 goto out; 724 } 725 } 726 727 g_free(bitmap_table); 728 } 729 730 out: 731 bitmap_list_free(bm_list); 732 733 return ret; 734 } 735 736 /* bitmap_list_store 737 * Store bitmap list to qcow2 image as a bitmap directory. 738 * Everything is checked. 739 */ 740 static int bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list, 741 uint64_t *offset, uint64_t *size, bool in_place) 742 { 743 int ret; 744 uint8_t *dir; 745 int64_t dir_offset = 0; 746 uint64_t dir_size = 0; 747 Qcow2Bitmap *bm; 748 Qcow2BitmapDirEntry *e; 749 750 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 751 dir_size += calc_dir_entry_size(strlen(bm->name), 0); 752 } 753 754 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 755 return -EINVAL; 756 } 757 758 if (in_place) { 759 if (*size != dir_size || *offset == 0) { 760 return -EINVAL; 761 } 762 763 dir_offset = *offset; 764 } 765 766 dir = g_try_malloc0(dir_size); 767 if (dir == NULL) { 768 return -ENOMEM; 769 } 770 771 e = (Qcow2BitmapDirEntry *)dir; 772 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 773 e->bitmap_table_offset = bm->table.offset; 774 e->bitmap_table_size = bm->table.size; 775 e->flags = bm->flags; 776 e->type = BT_DIRTY_TRACKING_BITMAP; 777 e->granularity_bits = bm->granularity_bits; 778 e->name_size = strlen(bm->name); 779 e->extra_data_size = 0; 780 memcpy(e + 1, bm->name, e->name_size); 781 782 if (check_dir_entry(bs, e) < 0) { 783 ret = -EINVAL; 784 goto fail; 785 } 786 787 e = next_dir_entry(e); 788 } 789 790 bitmap_directory_to_be(dir, dir_size); 791 792 if (!in_place) { 793 dir_offset = qcow2_alloc_clusters(bs, dir_size); 794 if (dir_offset < 0) { 795 ret = dir_offset; 796 goto fail; 797 } 798 } 799 800 /* Actually, even in in-place case ignoring QCOW2_OL_BITMAP_DIRECTORY is not 801 * necessary, because we drop QCOW2_AUTOCLEAR_BITMAPS when updating bitmap 802 * directory in-place (actually, turn-off the extension), which is checked 803 * in qcow2_check_metadata_overlap() */ 804 ret = qcow2_pre_write_overlap_check( 805 bs, in_place ? QCOW2_OL_BITMAP_DIRECTORY : 0, dir_offset, dir_size, 806 false); 807 if (ret < 0) { 808 goto fail; 809 } 810 811 ret = bdrv_pwrite(bs->file, dir_offset, dir, dir_size); 812 if (ret < 0) { 813 goto fail; 814 } 815 816 g_free(dir); 817 818 if (!in_place) { 819 *size = dir_size; 820 *offset = dir_offset; 821 } 822 823 return 0; 824 825 fail: 826 g_free(dir); 827 828 if (!in_place && dir_offset > 0) { 829 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER); 830 } 831 832 return ret; 833 } 834 835 /* 836 * Bitmap List end 837 */ 838 839 static int update_ext_header_and_dir_in_place(BlockDriverState *bs, 840 Qcow2BitmapList *bm_list) 841 { 842 BDRVQcow2State *s = bs->opaque; 843 int ret; 844 845 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) || 846 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) || 847 bitmap_list_count(bm_list) != s->nb_bitmaps) 848 { 849 return -EINVAL; 850 } 851 852 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 853 ret = update_header_sync(bs); 854 if (ret < 0) { 855 /* Two variants are possible here: 856 * 1. Autoclear flag is dropped, all bitmaps will be lost. 857 * 2. Autoclear flag is not dropped, old state is left. 858 */ 859 return ret; 860 } 861 862 /* autoclear bit is not set, so we can safely update bitmap directory */ 863 864 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset, 865 &s->bitmap_directory_size, true); 866 if (ret < 0) { 867 /* autoclear bit is cleared, so all leaked clusters would be removed on 868 * qemu-img check */ 869 return ret; 870 } 871 872 ret = update_header_sync(bs); 873 if (ret < 0) { 874 /* autoclear bit is cleared, so all leaked clusters would be removed on 875 * qemu-img check */ 876 return ret; 877 } 878 879 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 880 return update_header_sync(bs); 881 /* If final update_header_sync() fails, two variants are possible: 882 * 1. Autoclear flag is not set, all bitmaps will be lost. 883 * 2. Autoclear flag is set, header and directory are successfully updated. 884 */ 885 } 886 887 static int update_ext_header_and_dir(BlockDriverState *bs, 888 Qcow2BitmapList *bm_list) 889 { 890 BDRVQcow2State *s = bs->opaque; 891 int ret; 892 uint64_t new_offset = 0; 893 uint64_t new_size = 0; 894 uint32_t new_nb_bitmaps = 0; 895 uint64_t old_offset = s->bitmap_directory_offset; 896 uint64_t old_size = s->bitmap_directory_size; 897 uint32_t old_nb_bitmaps = s->nb_bitmaps; 898 uint64_t old_autocl = s->autoclear_features; 899 900 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) { 901 new_nb_bitmaps = bitmap_list_count(bm_list); 902 903 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 904 return -EINVAL; 905 } 906 907 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false); 908 if (ret < 0) { 909 return ret; 910 } 911 912 ret = qcow2_flush_caches(bs); 913 if (ret < 0) { 914 goto fail; 915 } 916 917 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 918 } else { 919 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 920 } 921 922 s->bitmap_directory_offset = new_offset; 923 s->bitmap_directory_size = new_size; 924 s->nb_bitmaps = new_nb_bitmaps; 925 926 ret = update_header_sync(bs); 927 if (ret < 0) { 928 goto fail; 929 } 930 931 if (old_size > 0) { 932 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER); 933 } 934 935 return 0; 936 937 fail: 938 if (new_offset > 0) { 939 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER); 940 } 941 942 s->bitmap_directory_offset = old_offset; 943 s->bitmap_directory_size = old_size; 944 s->nb_bitmaps = old_nb_bitmaps; 945 s->autoclear_features = old_autocl; 946 947 return ret; 948 } 949 950 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 951 static void release_dirty_bitmap_helper(gpointer bitmap, 952 gpointer bs) 953 { 954 bdrv_release_dirty_bitmap(bitmap); 955 } 956 957 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 958 static void set_readonly_helper(gpointer bitmap, gpointer value) 959 { 960 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value); 961 } 962 963 /* qcow2_load_dirty_bitmaps() 964 * Return value is a hint for caller: true means that the Qcow2 header was 965 * updated. (false doesn't mean that the header should be updated by the 966 * caller, it just means that updating was not needed or the image cannot be 967 * written to). 968 * On failure the function returns false. 969 */ 970 bool qcow2_load_dirty_bitmaps(BlockDriverState *bs, Error **errp) 971 { 972 BDRVQcow2State *s = bs->opaque; 973 Qcow2BitmapList *bm_list; 974 Qcow2Bitmap *bm; 975 GSList *created_dirty_bitmaps = NULL; 976 bool header_updated = false; 977 bool needs_update = false; 978 979 if (s->nb_bitmaps == 0) { 980 /* No bitmaps - nothing to do */ 981 return false; 982 } 983 984 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 985 s->bitmap_directory_size, errp); 986 if (bm_list == NULL) { 987 return false; 988 } 989 990 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 991 BdrvDirtyBitmap *bitmap; 992 993 if ((bm->flags & BME_FLAG_IN_USE) && 994 bdrv_find_dirty_bitmap(bs, bm->name)) 995 { 996 /* 997 * We already have corresponding BdrvDirtyBitmap, and bitmap in the 998 * image is marked IN_USE. Firstly, this state is valid, no reason 999 * to consider existing BdrvDirtyBitmap to be bad. Secondly it's 1000 * absolutely possible, when we do migration with shared storage 1001 * with dirty-bitmaps capability enabled: if the bitmap was loaded 1002 * from this storage before migration start, the storage will 1003 * of-course contain IN_USE outdated version of the bitmap, and we 1004 * should not load it on migration target, as we already have this 1005 * bitmap, being migrated. 1006 */ 1007 continue; 1008 } 1009 1010 bitmap = load_bitmap(bs, bm, errp); 1011 if (bitmap == NULL) { 1012 goto fail; 1013 } 1014 1015 bdrv_dirty_bitmap_set_persistence(bitmap, true); 1016 if (bm->flags & BME_FLAG_IN_USE) { 1017 bdrv_dirty_bitmap_set_inconsistent(bitmap); 1018 } else { 1019 /* NB: updated flags only get written if can_write(bs) is true. */ 1020 bm->flags |= BME_FLAG_IN_USE; 1021 needs_update = true; 1022 } 1023 if (!(bm->flags & BME_FLAG_AUTO)) { 1024 bdrv_disable_dirty_bitmap(bitmap); 1025 } 1026 created_dirty_bitmaps = 1027 g_slist_append(created_dirty_bitmaps, bitmap); 1028 } 1029 1030 if (needs_update && can_write(bs)) { 1031 /* in_use flags must be updated */ 1032 int ret = update_ext_header_and_dir_in_place(bs, bm_list); 1033 if (ret < 0) { 1034 error_setg_errno(errp, -ret, "Can't update bitmap directory"); 1035 goto fail; 1036 } 1037 header_updated = true; 1038 } 1039 1040 if (!can_write(bs)) { 1041 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper, 1042 (gpointer)true); 1043 } 1044 1045 g_slist_free(created_dirty_bitmaps); 1046 bitmap_list_free(bm_list); 1047 1048 return header_updated; 1049 1050 fail: 1051 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs); 1052 g_slist_free(created_dirty_bitmaps); 1053 bitmap_list_free(bm_list); 1054 1055 return false; 1056 } 1057 1058 1059 static Qcow2BitmapInfoFlagsList *get_bitmap_info_flags(uint32_t flags) 1060 { 1061 Qcow2BitmapInfoFlagsList *list = NULL; 1062 Qcow2BitmapInfoFlagsList **plist = &list; 1063 int i; 1064 1065 static const struct { 1066 int bme; /* Bitmap directory entry flags */ 1067 int info; /* The flags to report to the user */ 1068 } map[] = { 1069 { BME_FLAG_IN_USE, QCOW2_BITMAP_INFO_FLAGS_IN_USE }, 1070 { BME_FLAG_AUTO, QCOW2_BITMAP_INFO_FLAGS_AUTO }, 1071 }; 1072 1073 int map_size = ARRAY_SIZE(map); 1074 1075 for (i = 0; i < map_size; ++i) { 1076 if (flags & map[i].bme) { 1077 Qcow2BitmapInfoFlagsList *entry = 1078 g_new0(Qcow2BitmapInfoFlagsList, 1); 1079 entry->value = map[i].info; 1080 *plist = entry; 1081 plist = &entry->next; 1082 flags &= ~map[i].bme; 1083 } 1084 } 1085 /* Check if the BME_* mapping above is complete */ 1086 assert(!flags); 1087 1088 return list; 1089 } 1090 1091 /* 1092 * qcow2_get_bitmap_info_list() 1093 * Returns a list of QCOW2 bitmap details. 1094 * In case of no bitmaps, the function returns NULL and 1095 * the @errp parameter is not set. 1096 * When bitmap information can not be obtained, the function returns 1097 * NULL and the @errp parameter is set. 1098 */ 1099 Qcow2BitmapInfoList *qcow2_get_bitmap_info_list(BlockDriverState *bs, 1100 Error **errp) 1101 { 1102 BDRVQcow2State *s = bs->opaque; 1103 Qcow2BitmapList *bm_list; 1104 Qcow2Bitmap *bm; 1105 Qcow2BitmapInfoList *list = NULL; 1106 Qcow2BitmapInfoList **plist = &list; 1107 1108 if (s->nb_bitmaps == 0) { 1109 return NULL; 1110 } 1111 1112 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1113 s->bitmap_directory_size, errp); 1114 if (bm_list == NULL) { 1115 return NULL; 1116 } 1117 1118 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1119 Qcow2BitmapInfo *info = g_new0(Qcow2BitmapInfo, 1); 1120 Qcow2BitmapInfoList *obj = g_new0(Qcow2BitmapInfoList, 1); 1121 info->granularity = 1U << bm->granularity_bits; 1122 info->name = g_strdup(bm->name); 1123 info->flags = get_bitmap_info_flags(bm->flags & ~BME_RESERVED_FLAGS); 1124 obj->value = info; 1125 *plist = obj; 1126 plist = &obj->next; 1127 } 1128 1129 bitmap_list_free(bm_list); 1130 1131 return list; 1132 } 1133 1134 int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp) 1135 { 1136 BDRVQcow2State *s = bs->opaque; 1137 Qcow2BitmapList *bm_list; 1138 Qcow2Bitmap *bm; 1139 GSList *ro_dirty_bitmaps = NULL; 1140 int ret = -EINVAL; 1141 bool need_header_update = false; 1142 1143 if (s->nb_bitmaps == 0) { 1144 /* No bitmaps - nothing to do */ 1145 return 0; 1146 } 1147 1148 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1149 s->bitmap_directory_size, errp); 1150 if (bm_list == NULL) { 1151 return -EINVAL; 1152 } 1153 1154 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1155 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1156 1157 if (!bitmap) { 1158 error_setg(errp, "Unexpected bitmap '%s' in image '%s'", 1159 bm->name, bs->filename); 1160 goto out; 1161 } 1162 1163 if (!(bm->flags & BME_FLAG_IN_USE)) { 1164 if (!bdrv_dirty_bitmap_readonly(bitmap)) { 1165 error_setg(errp, "Corruption: bitmap '%s' is not marked IN_USE " 1166 "in the image '%s' and not marked readonly in RAM", 1167 bm->name, bs->filename); 1168 goto out; 1169 } 1170 if (bdrv_dirty_bitmap_inconsistent(bitmap)) { 1171 error_setg(errp, "Corruption: bitmap '%s' is inconsistent but " 1172 "is not marked IN_USE in the image '%s'", bm->name, 1173 bs->filename); 1174 goto out; 1175 } 1176 1177 bm->flags |= BME_FLAG_IN_USE; 1178 need_header_update = true; 1179 } else { 1180 /* 1181 * What if flags already has BME_FLAG_IN_USE ? 1182 * 1183 * 1. if we are reopening RW -> RW it's OK, of course. 1184 * 2. if we are reopening RO -> RW: 1185 * 2.1 if @bitmap is inconsistent, it's OK. It means that it was 1186 * inconsistent (IN_USE) when we loaded it 1187 * 2.2 if @bitmap is not inconsistent. This seems to be impossible 1188 * and implies third party interaction. Let's error-out for 1189 * safety. 1190 */ 1191 if (bdrv_dirty_bitmap_readonly(bitmap) && 1192 !bdrv_dirty_bitmap_inconsistent(bitmap)) 1193 { 1194 error_setg(errp, "Corruption: bitmap '%s' is marked IN_USE " 1195 "in the image '%s' but it is readonly and " 1196 "consistent in RAM", 1197 bm->name, bs->filename); 1198 goto out; 1199 } 1200 } 1201 1202 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1203 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap); 1204 } 1205 } 1206 1207 if (need_header_update) { 1208 if (!can_write(bs->file->bs) || !(bs->file->perm & BLK_PERM_WRITE)) { 1209 error_setg(errp, "Failed to reopen bitmaps rw: no write access " 1210 "the protocol file"); 1211 goto out; 1212 } 1213 1214 /* in_use flags must be updated */ 1215 ret = update_ext_header_and_dir_in_place(bs, bm_list); 1216 if (ret < 0) { 1217 error_setg_errno(errp, -ret, "Cannot update bitmap directory"); 1218 goto out; 1219 } 1220 } 1221 1222 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, false); 1223 ret = 0; 1224 1225 out: 1226 g_slist_free(ro_dirty_bitmaps); 1227 bitmap_list_free(bm_list); 1228 1229 return ret; 1230 } 1231 1232 /* Checks to see if it's safe to resize bitmaps */ 1233 int qcow2_truncate_bitmaps_check(BlockDriverState *bs, Error **errp) 1234 { 1235 BDRVQcow2State *s = bs->opaque; 1236 Qcow2BitmapList *bm_list; 1237 Qcow2Bitmap *bm; 1238 int ret = 0; 1239 1240 if (s->nb_bitmaps == 0) { 1241 return 0; 1242 } 1243 1244 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1245 s->bitmap_directory_size, errp); 1246 if (bm_list == NULL) { 1247 return -EINVAL; 1248 } 1249 1250 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1251 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1252 if (bitmap == NULL) { 1253 /* 1254 * We rely on all bitmaps being in-memory to be able to resize them, 1255 * Otherwise, we'd need to resize them on disk explicitly 1256 */ 1257 error_setg(errp, "Cannot resize qcow2 with persistent bitmaps that " 1258 "were not loaded into memory"); 1259 ret = -ENOTSUP; 1260 goto out; 1261 } 1262 1263 /* 1264 * The checks against readonly and busy are redundant, but certainly 1265 * do no harm. checks against inconsistent are crucial: 1266 */ 1267 if (bdrv_dirty_bitmap_check(bitmap, BDRV_BITMAP_DEFAULT, errp)) { 1268 ret = -ENOTSUP; 1269 goto out; 1270 } 1271 } 1272 1273 out: 1274 bitmap_list_free(bm_list); 1275 return ret; 1276 } 1277 1278 /* store_bitmap_data() 1279 * Store bitmap to image, filling bitmap table accordingly. 1280 */ 1281 static uint64_t *store_bitmap_data(BlockDriverState *bs, 1282 BdrvDirtyBitmap *bitmap, 1283 uint32_t *bitmap_table_size, Error **errp) 1284 { 1285 int ret; 1286 BDRVQcow2State *s = bs->opaque; 1287 int64_t offset; 1288 uint64_t limit; 1289 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 1290 const char *bm_name = bdrv_dirty_bitmap_name(bitmap); 1291 uint8_t *buf = NULL; 1292 BdrvDirtyBitmapIter *dbi; 1293 uint64_t *tb; 1294 uint64_t tb_size = 1295 size_to_clusters(s, 1296 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 1297 1298 if (tb_size > BME_MAX_TABLE_SIZE || 1299 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE) 1300 { 1301 error_setg(errp, "Bitmap '%s' is too big", bm_name); 1302 return NULL; 1303 } 1304 1305 tb = g_try_new0(uint64_t, tb_size); 1306 if (tb == NULL) { 1307 error_setg(errp, "No memory"); 1308 return NULL; 1309 } 1310 1311 dbi = bdrv_dirty_iter_new(bitmap); 1312 buf = g_malloc(s->cluster_size); 1313 limit = bytes_covered_by_bitmap_cluster(s, bitmap); 1314 assert(DIV_ROUND_UP(bm_size, limit) == tb_size); 1315 1316 while ((offset = bdrv_dirty_iter_next(dbi)) >= 0) { 1317 uint64_t cluster = offset / limit; 1318 uint64_t end, write_size; 1319 int64_t off; 1320 1321 /* 1322 * We found the first dirty offset, but want to write out the 1323 * entire cluster of the bitmap that includes that offset, 1324 * including any leading zero bits. 1325 */ 1326 offset = QEMU_ALIGN_DOWN(offset, limit); 1327 end = MIN(bm_size, offset + limit); 1328 write_size = bdrv_dirty_bitmap_serialization_size(bitmap, offset, 1329 end - offset); 1330 assert(write_size <= s->cluster_size); 1331 1332 off = qcow2_alloc_clusters(bs, s->cluster_size); 1333 if (off < 0) { 1334 error_setg_errno(errp, -off, 1335 "Failed to allocate clusters for bitmap '%s'", 1336 bm_name); 1337 goto fail; 1338 } 1339 tb[cluster] = off; 1340 1341 bdrv_dirty_bitmap_serialize_part(bitmap, buf, offset, end - offset); 1342 if (write_size < s->cluster_size) { 1343 memset(buf + write_size, 0, s->cluster_size - write_size); 1344 } 1345 1346 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size, false); 1347 if (ret < 0) { 1348 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1349 goto fail; 1350 } 1351 1352 ret = bdrv_pwrite(bs->file, off, buf, s->cluster_size); 1353 if (ret < 0) { 1354 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1355 bm_name); 1356 goto fail; 1357 } 1358 1359 if (end >= bm_size) { 1360 break; 1361 } 1362 1363 bdrv_set_dirty_iter(dbi, end); 1364 } 1365 1366 *bitmap_table_size = tb_size; 1367 g_free(buf); 1368 bdrv_dirty_iter_free(dbi); 1369 1370 return tb; 1371 1372 fail: 1373 clear_bitmap_table(bs, tb, tb_size); 1374 g_free(buf); 1375 bdrv_dirty_iter_free(dbi); 1376 g_free(tb); 1377 1378 return NULL; 1379 } 1380 1381 /* store_bitmap() 1382 * Store bm->dirty_bitmap to qcow2. 1383 * Set bm->table_offset and bm->table_size accordingly. 1384 */ 1385 static int store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp) 1386 { 1387 int ret; 1388 uint64_t *tb; 1389 int64_t tb_offset; 1390 uint32_t tb_size; 1391 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap; 1392 const char *bm_name; 1393 1394 assert(bitmap != NULL); 1395 1396 bm_name = bdrv_dirty_bitmap_name(bitmap); 1397 1398 tb = store_bitmap_data(bs, bitmap, &tb_size, errp); 1399 if (tb == NULL) { 1400 return -EINVAL; 1401 } 1402 1403 assert(tb_size <= BME_MAX_TABLE_SIZE); 1404 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0])); 1405 if (tb_offset < 0) { 1406 error_setg_errno(errp, -tb_offset, 1407 "Failed to allocate clusters for bitmap '%s'", 1408 bm_name); 1409 ret = tb_offset; 1410 goto fail; 1411 } 1412 1413 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset, 1414 tb_size * sizeof(tb[0]), false); 1415 if (ret < 0) { 1416 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1417 goto fail; 1418 } 1419 1420 bitmap_table_to_be(tb, tb_size); 1421 ret = bdrv_pwrite(bs->file, tb_offset, tb, tb_size * sizeof(tb[0])); 1422 if (ret < 0) { 1423 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1424 bm_name); 1425 goto fail; 1426 } 1427 1428 g_free(tb); 1429 1430 bm->table.offset = tb_offset; 1431 bm->table.size = tb_size; 1432 1433 return 0; 1434 1435 fail: 1436 clear_bitmap_table(bs, tb, tb_size); 1437 1438 if (tb_offset > 0) { 1439 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]), 1440 QCOW2_DISCARD_OTHER); 1441 } 1442 1443 g_free(tb); 1444 1445 return ret; 1446 } 1447 1448 static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list, 1449 const char *name) 1450 { 1451 Qcow2Bitmap *bm; 1452 1453 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1454 if (strcmp(name, bm->name) == 0) { 1455 return bm; 1456 } 1457 } 1458 1459 return NULL; 1460 } 1461 1462 int coroutine_fn qcow2_co_remove_persistent_dirty_bitmap(BlockDriverState *bs, 1463 const char *name, 1464 Error **errp) 1465 { 1466 int ret; 1467 BDRVQcow2State *s = bs->opaque; 1468 Qcow2Bitmap *bm = NULL; 1469 Qcow2BitmapList *bm_list; 1470 1471 if (s->nb_bitmaps == 0) { 1472 /* 1473 * Absence of the bitmap is not an error: see explanation above 1474 * bdrv_co_remove_persistent_dirty_bitmap() definition. 1475 */ 1476 return 0; 1477 } 1478 1479 qemu_co_mutex_lock(&s->lock); 1480 1481 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1482 s->bitmap_directory_size, errp); 1483 if (bm_list == NULL) { 1484 ret = -EIO; 1485 goto out; 1486 } 1487 1488 bm = find_bitmap_by_name(bm_list, name); 1489 if (bm == NULL) { 1490 /* Absence of the bitmap is not an error, see above. */ 1491 ret = 0; 1492 goto out; 1493 } 1494 1495 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry); 1496 1497 ret = update_ext_header_and_dir(bs, bm_list); 1498 if (ret < 0) { 1499 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1500 goto out; 1501 } 1502 1503 free_bitmap_clusters(bs, &bm->table); 1504 1505 out: 1506 qemu_co_mutex_unlock(&s->lock); 1507 1508 bitmap_free(bm); 1509 bitmap_list_free(bm_list); 1510 1511 return ret; 1512 } 1513 1514 /* 1515 * qcow2_store_persistent_dirty_bitmaps 1516 * 1517 * Stores persistent BdrvDirtyBitmap objects. 1518 * 1519 * @release_stored: if true, release BdrvDirtyBitmap's after storing to the 1520 * image. This is used in two cases, both via qcow2_inactivate: 1521 * 1. bdrv_close: It's correct to remove bitmaps on close. 1522 * 2. migration: If bitmaps are migrated through migration channel via 1523 * 'dirty-bitmaps' migration capability they are not handled by this code. 1524 * Otherwise, it's OK to drop BdrvDirtyBitmap's and reload them on 1525 * invalidation. 1526 * 1527 * Anyway, it's correct to remove BdrvDirtyBitmap's on inactivation, as 1528 * inactivation means that we lose control on disk, and therefore on bitmaps, 1529 * we should sync them and do not touch more. 1530 * 1531 * Contrariwise, we don't want to release any bitmaps on just reopen-to-ro, 1532 * when we need to store them, as image is still under our control, and it's 1533 * good to keep all the bitmaps in read-only mode. Moreover, keeping them 1534 * read-only is correct because this is what would happen if we opened the node 1535 * readonly to begin with, and whether we opened directly or reopened to that 1536 * state shouldn't matter for the state we get afterward. 1537 */ 1538 void qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, 1539 bool release_stored, Error **errp) 1540 { 1541 BdrvDirtyBitmap *bitmap; 1542 BDRVQcow2State *s = bs->opaque; 1543 uint32_t new_nb_bitmaps = s->nb_bitmaps; 1544 uint64_t new_dir_size = s->bitmap_directory_size; 1545 int ret; 1546 Qcow2BitmapList *bm_list; 1547 Qcow2Bitmap *bm; 1548 QSIMPLEQ_HEAD(, Qcow2BitmapTable) drop_tables; 1549 Qcow2BitmapTable *tb, *tb_next; 1550 bool need_write = false; 1551 1552 QSIMPLEQ_INIT(&drop_tables); 1553 1554 if (s->nb_bitmaps == 0) { 1555 bm_list = bitmap_list_new(); 1556 } else { 1557 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1558 s->bitmap_directory_size, errp); 1559 if (bm_list == NULL) { 1560 return; 1561 } 1562 } 1563 1564 /* check constraints and names */ 1565 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1566 const char *name = bdrv_dirty_bitmap_name(bitmap); 1567 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap); 1568 Qcow2Bitmap *bm; 1569 1570 if (!bdrv_dirty_bitmap_get_persistence(bitmap) || 1571 bdrv_dirty_bitmap_readonly(bitmap) || 1572 bdrv_dirty_bitmap_inconsistent(bitmap)) { 1573 continue; 1574 } 1575 1576 need_write = true; 1577 1578 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) { 1579 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ", 1580 name); 1581 goto fail; 1582 } 1583 1584 bm = find_bitmap_by_name(bm_list, name); 1585 if (bm == NULL) { 1586 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 1587 error_setg(errp, "Too many persistent bitmaps"); 1588 goto fail; 1589 } 1590 1591 new_dir_size += calc_dir_entry_size(strlen(name), 0); 1592 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1593 error_setg(errp, "Bitmap directory is too large"); 1594 goto fail; 1595 } 1596 1597 bm = g_new0(Qcow2Bitmap, 1); 1598 bm->name = g_strdup(name); 1599 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 1600 } else { 1601 if (!(bm->flags & BME_FLAG_IN_USE)) { 1602 error_setg(errp, "Bitmap '%s' already exists in the image", 1603 name); 1604 goto fail; 1605 } 1606 tb = g_memdup(&bm->table, sizeof(bm->table)); 1607 bm->table.offset = 0; 1608 bm->table.size = 0; 1609 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry); 1610 } 1611 bm->flags = bdrv_dirty_bitmap_enabled(bitmap) ? BME_FLAG_AUTO : 0; 1612 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap)); 1613 bm->dirty_bitmap = bitmap; 1614 } 1615 1616 if (!need_write) { 1617 goto success; 1618 } 1619 1620 if (!can_write(bs)) { 1621 error_setg(errp, "No write access"); 1622 goto fail; 1623 } 1624 1625 /* allocate clusters and store bitmaps */ 1626 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1627 if (bm->dirty_bitmap == NULL) { 1628 continue; 1629 } 1630 1631 ret = store_bitmap(bs, bm, errp); 1632 if (ret < 0) { 1633 goto fail; 1634 } 1635 } 1636 1637 ret = update_ext_header_and_dir(bs, bm_list); 1638 if (ret < 0) { 1639 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1640 goto fail; 1641 } 1642 1643 /* Bitmap directory was successfully updated, so, old data can be dropped. 1644 * TODO it is better to reuse these clusters */ 1645 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1646 free_bitmap_clusters(bs, tb); 1647 g_free(tb); 1648 } 1649 1650 if (release_stored) { 1651 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1652 if (bm->dirty_bitmap == NULL) { 1653 continue; 1654 } 1655 1656 bdrv_release_dirty_bitmap(bm->dirty_bitmap); 1657 } 1658 } 1659 1660 success: 1661 bitmap_list_free(bm_list); 1662 return; 1663 1664 fail: 1665 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1666 if (bm->dirty_bitmap == NULL || bm->table.offset == 0) { 1667 continue; 1668 } 1669 1670 free_bitmap_clusters(bs, &bm->table); 1671 } 1672 1673 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1674 g_free(tb); 1675 } 1676 1677 bitmap_list_free(bm_list); 1678 } 1679 1680 int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp) 1681 { 1682 BdrvDirtyBitmap *bitmap; 1683 Error *local_err = NULL; 1684 1685 qcow2_store_persistent_dirty_bitmaps(bs, false, &local_err); 1686 if (local_err != NULL) { 1687 error_propagate(errp, local_err); 1688 return -EINVAL; 1689 } 1690 1691 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1692 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1693 bdrv_dirty_bitmap_set_readonly(bitmap, true); 1694 } 1695 } 1696 1697 return 0; 1698 } 1699 1700 bool coroutine_fn qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, 1701 const char *name, 1702 uint32_t granularity, 1703 Error **errp) 1704 { 1705 BDRVQcow2State *s = bs->opaque; 1706 BdrvDirtyBitmap *bitmap; 1707 uint64_t bitmap_directory_size = 0; 1708 uint32_t nb_bitmaps = 0; 1709 1710 if (bdrv_find_dirty_bitmap(bs, name)) { 1711 error_setg(errp, "Bitmap already exists: %s", name); 1712 return false; 1713 } 1714 1715 if (s->qcow_version < 3) { 1716 /* Without autoclear_features, we would always have to assume 1717 * that a program without persistent dirty bitmap support has 1718 * accessed this qcow2 file when opening it, and would thus 1719 * have to drop all dirty bitmaps (defeating their purpose). 1720 */ 1721 error_setg(errp, "Cannot store dirty bitmaps in qcow2 v2 files"); 1722 goto fail; 1723 } 1724 1725 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) { 1726 goto fail; 1727 } 1728 1729 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1730 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1731 nb_bitmaps++; 1732 bitmap_directory_size += 1733 calc_dir_entry_size(strlen(bdrv_dirty_bitmap_name(bitmap)), 0); 1734 } 1735 } 1736 nb_bitmaps++; 1737 bitmap_directory_size += calc_dir_entry_size(strlen(name), 0); 1738 1739 if (nb_bitmaps > QCOW2_MAX_BITMAPS) { 1740 error_setg(errp, 1741 "Maximum number of persistent bitmaps is already reached"); 1742 goto fail; 1743 } 1744 1745 if (bitmap_directory_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1746 error_setg(errp, "Not enough space in the bitmap directory"); 1747 goto fail; 1748 } 1749 1750 return true; 1751 1752 fail: 1753 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ", 1754 name, bdrv_get_device_or_node_name(bs)); 1755 return false; 1756 } 1757