1 /* 2 * Bitmaps for the QCOW version 2 format 3 * 4 * Copyright (c) 2014-2017 Vladimir Sementsov-Ogievskiy 5 * 6 * This file is derived from qcow2-snapshot.c, original copyright: 7 * Copyright (c) 2004-2006 Fabrice Bellard 8 * 9 * Permission is hereby granted, free of charge, to any person obtaining a copy 10 * of this software and associated documentation files (the "Software"), to deal 11 * in the Software without restriction, including without limitation the rights 12 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 13 * copies of the Software, and to permit persons to whom the Software is 14 * furnished to do so, subject to the following conditions: 15 * 16 * The above copyright notice and this permission notice shall be included in 17 * all copies or substantial portions of the Software. 18 * 19 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 20 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 21 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 22 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 23 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 24 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 25 * THE SOFTWARE. 26 */ 27 28 #include "qemu/osdep.h" 29 #include "block/block-io.h" 30 #include "block/dirty-bitmap.h" 31 #include "qapi/error.h" 32 #include "qemu/cutils.h" 33 34 #include "qcow2.h" 35 36 /* NOTICE: BME here means Bitmaps Extension and used as a namespace for 37 * _internal_ constants. Please do not use this _internal_ abbreviation for 38 * other needs and/or outside of this file. */ 39 40 /* Bitmap directory entry constraints */ 41 #define BME_MAX_TABLE_SIZE 0x8000000 42 #define BME_MAX_PHYS_SIZE 0x20000000 /* restrict BdrvDirtyBitmap size in RAM */ 43 #define BME_MAX_GRANULARITY_BITS 31 44 #define BME_MIN_GRANULARITY_BITS 9 45 #define BME_MAX_NAME_SIZE 1023 46 47 /* Size of bitmap table entries */ 48 #define BME_TABLE_ENTRY_SIZE (sizeof(uint64_t)) 49 50 QEMU_BUILD_BUG_ON(BME_MAX_NAME_SIZE != BDRV_BITMAP_MAX_NAME_SIZE); 51 52 #if BME_MAX_TABLE_SIZE * 8ULL > INT_MAX 53 #error In the code bitmap table physical size assumed to fit into int 54 #endif 55 56 /* Bitmap directory entry flags */ 57 #define BME_RESERVED_FLAGS 0xfffffffcU 58 #define BME_FLAG_IN_USE (1U << 0) 59 #define BME_FLAG_AUTO (1U << 1) 60 61 /* bits [1, 8] U [56, 63] are reserved */ 62 #define BME_TABLE_ENTRY_RESERVED_MASK 0xff000000000001feULL 63 #define BME_TABLE_ENTRY_OFFSET_MASK 0x00fffffffffffe00ULL 64 #define BME_TABLE_ENTRY_FLAG_ALL_ONES (1ULL << 0) 65 66 typedef struct QEMU_PACKED Qcow2BitmapDirEntry { 67 /* header is 8 byte aligned */ 68 uint64_t bitmap_table_offset; 69 70 uint32_t bitmap_table_size; 71 uint32_t flags; 72 73 uint8_t type; 74 uint8_t granularity_bits; 75 uint16_t name_size; 76 uint32_t extra_data_size; 77 /* extra data follows */ 78 /* name follows */ 79 } Qcow2BitmapDirEntry; 80 81 typedef struct Qcow2BitmapTable { 82 uint64_t offset; 83 uint32_t size; /* number of 64bit entries */ 84 QSIMPLEQ_ENTRY(Qcow2BitmapTable) entry; 85 } Qcow2BitmapTable; 86 87 typedef struct Qcow2Bitmap { 88 Qcow2BitmapTable table; 89 uint32_t flags; 90 uint8_t granularity_bits; 91 char *name; 92 93 BdrvDirtyBitmap *dirty_bitmap; 94 95 QSIMPLEQ_ENTRY(Qcow2Bitmap) entry; 96 } Qcow2Bitmap; 97 typedef QSIMPLEQ_HEAD(Qcow2BitmapList, Qcow2Bitmap) Qcow2BitmapList; 98 99 typedef enum BitmapType { 100 BT_DIRTY_TRACKING_BITMAP = 1 101 } BitmapType; 102 103 static inline bool can_write(BlockDriverState *bs) 104 { 105 return !bdrv_is_read_only(bs) && !(bdrv_get_flags(bs) & BDRV_O_INACTIVE); 106 } 107 108 static int update_header_sync(BlockDriverState *bs) 109 { 110 int ret; 111 112 ret = qcow2_update_header(bs); 113 if (ret < 0) { 114 return ret; 115 } 116 117 return bdrv_flush(bs->file->bs); 118 } 119 120 static inline void bitmap_table_bswap_be(uint64_t *bitmap_table, size_t size) 121 { 122 size_t i; 123 124 for (i = 0; i < size; ++i) { 125 bitmap_table[i] = cpu_to_be64(bitmap_table[i]); 126 } 127 } 128 129 static int check_table_entry(uint64_t entry, int cluster_size) 130 { 131 uint64_t offset; 132 133 if (entry & BME_TABLE_ENTRY_RESERVED_MASK) { 134 return -EINVAL; 135 } 136 137 offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 138 if (offset != 0) { 139 /* if offset specified, bit 0 is reserved */ 140 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 141 return -EINVAL; 142 } 143 144 if (offset % cluster_size != 0) { 145 return -EINVAL; 146 } 147 } 148 149 return 0; 150 } 151 152 static int64_t get_bitmap_bytes_needed(int64_t len, uint32_t granularity) 153 { 154 int64_t num_bits = DIV_ROUND_UP(len, granularity); 155 156 return DIV_ROUND_UP(num_bits, 8); 157 } 158 159 static int check_constraints_on_bitmap(BlockDriverState *bs, 160 const char *name, 161 uint32_t granularity, 162 Error **errp) 163 { 164 BDRVQcow2State *s = bs->opaque; 165 int granularity_bits = ctz32(granularity); 166 int64_t len = bdrv_getlength(bs); 167 int64_t bitmap_bytes; 168 169 assert(granularity > 0); 170 assert((granularity & (granularity - 1)) == 0); 171 172 if (len < 0) { 173 error_setg_errno(errp, -len, "Failed to get size of '%s'", 174 bdrv_get_device_or_node_name(bs)); 175 return len; 176 } 177 178 if (granularity_bits > BME_MAX_GRANULARITY_BITS) { 179 error_setg(errp, "Granularity exceeds maximum (%llu bytes)", 180 1ULL << BME_MAX_GRANULARITY_BITS); 181 return -EINVAL; 182 } 183 if (granularity_bits < BME_MIN_GRANULARITY_BITS) { 184 error_setg(errp, "Granularity is under minimum (%llu bytes)", 185 1ULL << BME_MIN_GRANULARITY_BITS); 186 return -EINVAL; 187 } 188 189 bitmap_bytes = get_bitmap_bytes_needed(len, granularity); 190 if ((bitmap_bytes > (uint64_t)BME_MAX_PHYS_SIZE) || 191 (bitmap_bytes > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size)) 192 { 193 error_setg(errp, "Too much space will be occupied by the bitmap. " 194 "Use larger granularity"); 195 return -EINVAL; 196 } 197 198 if (strlen(name) > BME_MAX_NAME_SIZE) { 199 error_setg(errp, "Name length exceeds maximum (%u characters)", 200 BME_MAX_NAME_SIZE); 201 return -EINVAL; 202 } 203 204 return 0; 205 } 206 207 static void clear_bitmap_table(BlockDriverState *bs, uint64_t *bitmap_table, 208 uint32_t bitmap_table_size) 209 { 210 BDRVQcow2State *s = bs->opaque; 211 int i; 212 213 for (i = 0; i < bitmap_table_size; ++i) { 214 uint64_t addr = bitmap_table[i] & BME_TABLE_ENTRY_OFFSET_MASK; 215 if (!addr) { 216 continue; 217 } 218 219 qcow2_free_clusters(bs, addr, s->cluster_size, QCOW2_DISCARD_ALWAYS); 220 bitmap_table[i] = 0; 221 } 222 } 223 224 static int bitmap_table_load(BlockDriverState *bs, Qcow2BitmapTable *tb, 225 uint64_t **bitmap_table) 226 { 227 int ret; 228 BDRVQcow2State *s = bs->opaque; 229 uint32_t i; 230 uint64_t *table; 231 232 assert(tb->size != 0); 233 table = g_try_new(uint64_t, tb->size); 234 if (table == NULL) { 235 return -ENOMEM; 236 } 237 238 assert(tb->size <= BME_MAX_TABLE_SIZE); 239 ret = bdrv_pread(bs->file, tb->offset, tb->size * BME_TABLE_ENTRY_SIZE, 240 table, 0); 241 if (ret < 0) { 242 goto fail; 243 } 244 245 for (i = 0; i < tb->size; ++i) { 246 table[i] = be64_to_cpu(table[i]); 247 ret = check_table_entry(table[i], s->cluster_size); 248 if (ret < 0) { 249 goto fail; 250 } 251 } 252 253 *bitmap_table = table; 254 return 0; 255 256 fail: 257 g_free(table); 258 259 return ret; 260 } 261 262 static int free_bitmap_clusters(BlockDriverState *bs, Qcow2BitmapTable *tb) 263 { 264 int ret; 265 uint64_t *bitmap_table; 266 267 ret = bitmap_table_load(bs, tb, &bitmap_table); 268 if (ret < 0) { 269 return ret; 270 } 271 272 clear_bitmap_table(bs, bitmap_table, tb->size); 273 qcow2_free_clusters(bs, tb->offset, tb->size * BME_TABLE_ENTRY_SIZE, 274 QCOW2_DISCARD_OTHER); 275 g_free(bitmap_table); 276 277 tb->offset = 0; 278 tb->size = 0; 279 280 return 0; 281 } 282 283 /* load_bitmap_data 284 * @bitmap_table entries must satisfy specification constraints. 285 * @bitmap must be cleared */ 286 static int coroutine_fn GRAPH_RDLOCK 287 load_bitmap_data(BlockDriverState *bs, const uint64_t *bitmap_table, 288 uint32_t bitmap_table_size, BdrvDirtyBitmap *bitmap) 289 { 290 int ret = 0; 291 BDRVQcow2State *s = bs->opaque; 292 uint64_t offset, limit; 293 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 294 uint8_t *buf = NULL; 295 uint64_t i, tab_size = 296 size_to_clusters(s, 297 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 298 299 if (tab_size != bitmap_table_size || tab_size > BME_MAX_TABLE_SIZE) { 300 return -EINVAL; 301 } 302 303 buf = g_malloc(s->cluster_size); 304 limit = bdrv_dirty_bitmap_serialization_coverage(s->cluster_size, bitmap); 305 for (i = 0, offset = 0; i < tab_size; ++i, offset += limit) { 306 uint64_t count = MIN(bm_size - offset, limit); 307 uint64_t entry = bitmap_table[i]; 308 uint64_t data_offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 309 310 assert(check_table_entry(entry, s->cluster_size) == 0); 311 312 if (data_offset == 0) { 313 if (entry & BME_TABLE_ENTRY_FLAG_ALL_ONES) { 314 bdrv_dirty_bitmap_deserialize_ones(bitmap, offset, count, 315 false); 316 } else { 317 /* No need to deserialize zeros because the dirty bitmap is 318 * already cleared */ 319 } 320 } else { 321 ret = bdrv_co_pread(bs->file, data_offset, s->cluster_size, buf, 0); 322 if (ret < 0) { 323 goto finish; 324 } 325 bdrv_dirty_bitmap_deserialize_part(bitmap, buf, offset, count, 326 false); 327 } 328 } 329 ret = 0; 330 331 bdrv_dirty_bitmap_deserialize_finish(bitmap); 332 333 finish: 334 g_free(buf); 335 336 return ret; 337 } 338 339 static coroutine_fn GRAPH_RDLOCK 340 BdrvDirtyBitmap *load_bitmap(BlockDriverState *bs, 341 Qcow2Bitmap *bm, Error **errp) 342 { 343 int ret; 344 uint64_t *bitmap_table = NULL; 345 uint32_t granularity; 346 BdrvDirtyBitmap *bitmap = NULL; 347 348 granularity = 1U << bm->granularity_bits; 349 bitmap = bdrv_create_dirty_bitmap(bs, granularity, bm->name, errp); 350 if (bitmap == NULL) { 351 goto fail; 352 } 353 354 if (bm->flags & BME_FLAG_IN_USE) { 355 /* Data is unusable, skip loading it */ 356 return bitmap; 357 } 358 359 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 360 if (ret < 0) { 361 error_setg_errno(errp, -ret, 362 "Could not read bitmap_table table from image for " 363 "bitmap '%s'", bm->name); 364 goto fail; 365 } 366 367 ret = load_bitmap_data(bs, bitmap_table, bm->table.size, bitmap); 368 if (ret < 0) { 369 error_setg_errno(errp, -ret, "Could not read bitmap '%s' from image", 370 bm->name); 371 goto fail; 372 } 373 374 g_free(bitmap_table); 375 return bitmap; 376 377 fail: 378 g_free(bitmap_table); 379 if (bitmap != NULL) { 380 bdrv_release_dirty_bitmap(bitmap); 381 } 382 383 return NULL; 384 } 385 386 /* 387 * Bitmap List 388 */ 389 390 /* 391 * Bitmap List private functions 392 * Only Bitmap List knows about bitmap directory structure in Qcow2. 393 */ 394 395 static inline void bitmap_dir_entry_to_cpu(Qcow2BitmapDirEntry *entry) 396 { 397 entry->bitmap_table_offset = be64_to_cpu(entry->bitmap_table_offset); 398 entry->bitmap_table_size = be32_to_cpu(entry->bitmap_table_size); 399 entry->flags = be32_to_cpu(entry->flags); 400 entry->name_size = be16_to_cpu(entry->name_size); 401 entry->extra_data_size = be32_to_cpu(entry->extra_data_size); 402 } 403 404 static inline void bitmap_dir_entry_to_be(Qcow2BitmapDirEntry *entry) 405 { 406 entry->bitmap_table_offset = cpu_to_be64(entry->bitmap_table_offset); 407 entry->bitmap_table_size = cpu_to_be32(entry->bitmap_table_size); 408 entry->flags = cpu_to_be32(entry->flags); 409 entry->name_size = cpu_to_be16(entry->name_size); 410 entry->extra_data_size = cpu_to_be32(entry->extra_data_size); 411 } 412 413 static inline int calc_dir_entry_size(size_t name_size, size_t extra_data_size) 414 { 415 int size = sizeof(Qcow2BitmapDirEntry) + name_size + extra_data_size; 416 return ROUND_UP(size, 8); 417 } 418 419 static inline int dir_entry_size(Qcow2BitmapDirEntry *entry) 420 { 421 return calc_dir_entry_size(entry->name_size, entry->extra_data_size); 422 } 423 424 static inline const char *dir_entry_name_field(Qcow2BitmapDirEntry *entry) 425 { 426 return (const char *)(entry + 1) + entry->extra_data_size; 427 } 428 429 static inline char *dir_entry_copy_name(Qcow2BitmapDirEntry *entry) 430 { 431 const char *name_field = dir_entry_name_field(entry); 432 return g_strndup(name_field, entry->name_size); 433 } 434 435 static inline Qcow2BitmapDirEntry *next_dir_entry(Qcow2BitmapDirEntry *entry) 436 { 437 return (Qcow2BitmapDirEntry *)((uint8_t *)entry + dir_entry_size(entry)); 438 } 439 440 static int check_dir_entry(BlockDriverState *bs, Qcow2BitmapDirEntry *entry) 441 { 442 BDRVQcow2State *s = bs->opaque; 443 uint64_t phys_bitmap_bytes; 444 int64_t len; 445 446 bool fail = (entry->bitmap_table_size == 0) || 447 (entry->bitmap_table_offset == 0) || 448 (entry->bitmap_table_offset % s->cluster_size) || 449 (entry->bitmap_table_size > BME_MAX_TABLE_SIZE) || 450 (entry->granularity_bits > BME_MAX_GRANULARITY_BITS) || 451 (entry->granularity_bits < BME_MIN_GRANULARITY_BITS) || 452 (entry->flags & BME_RESERVED_FLAGS) || 453 (entry->name_size > BME_MAX_NAME_SIZE) || 454 (entry->type != BT_DIRTY_TRACKING_BITMAP); 455 456 if (fail) { 457 return -EINVAL; 458 } 459 460 phys_bitmap_bytes = (uint64_t)entry->bitmap_table_size * s->cluster_size; 461 len = bdrv_getlength(bs); 462 463 if (len < 0) { 464 return len; 465 } 466 467 if (phys_bitmap_bytes > BME_MAX_PHYS_SIZE) { 468 return -EINVAL; 469 } 470 471 if (!(entry->flags & BME_FLAG_IN_USE) && 472 (len > ((phys_bitmap_bytes * 8) << entry->granularity_bits))) 473 { 474 /* 475 * We've loaded a valid bitmap (IN_USE not set) or we are going to 476 * store a valid bitmap, but the allocated bitmap table size is not 477 * enough to store this bitmap. 478 * 479 * Note, that it's OK to have an invalid bitmap with invalid size due 480 * to a bitmap that was not correctly saved after image resize. 481 */ 482 return -EINVAL; 483 } 484 485 return 0; 486 } 487 488 static inline void bitmap_directory_to_be(uint8_t *dir, size_t size) 489 { 490 uint8_t *end = dir + size; 491 while (dir < end) { 492 Qcow2BitmapDirEntry *e = (Qcow2BitmapDirEntry *)dir; 493 dir += dir_entry_size(e); 494 495 bitmap_dir_entry_to_be(e); 496 } 497 } 498 499 /* 500 * Bitmap List public functions 501 */ 502 503 static void bitmap_free(Qcow2Bitmap *bm) 504 { 505 if (bm == NULL) { 506 return; 507 } 508 509 g_free(bm->name); 510 g_free(bm); 511 } 512 513 static void bitmap_list_free(Qcow2BitmapList *bm_list) 514 { 515 Qcow2Bitmap *bm; 516 517 if (bm_list == NULL) { 518 return; 519 } 520 521 while ((bm = QSIMPLEQ_FIRST(bm_list)) != NULL) { 522 QSIMPLEQ_REMOVE_HEAD(bm_list, entry); 523 bitmap_free(bm); 524 } 525 526 g_free(bm_list); 527 } 528 529 static Qcow2BitmapList *bitmap_list_new(void) 530 { 531 Qcow2BitmapList *bm_list = g_new(Qcow2BitmapList, 1); 532 QSIMPLEQ_INIT(bm_list); 533 534 return bm_list; 535 } 536 537 static uint32_t bitmap_list_count(Qcow2BitmapList *bm_list) 538 { 539 Qcow2Bitmap *bm; 540 uint32_t nb_bitmaps = 0; 541 542 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 543 nb_bitmaps++; 544 } 545 546 return nb_bitmaps; 547 } 548 549 /* bitmap_list_load 550 * Get bitmap list from qcow2 image. Actually reads bitmap directory, 551 * checks it and convert to bitmap list. 552 */ 553 static Qcow2BitmapList *bitmap_list_load(BlockDriverState *bs, uint64_t offset, 554 uint64_t size, Error **errp) 555 { 556 int ret; 557 BDRVQcow2State *s = bs->opaque; 558 uint8_t *dir, *dir_end; 559 Qcow2BitmapDirEntry *e; 560 uint32_t nb_dir_entries = 0; 561 Qcow2BitmapList *bm_list = NULL; 562 563 if (size == 0) { 564 error_setg(errp, "Requested bitmap directory size is zero"); 565 return NULL; 566 } 567 568 if (size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 569 error_setg(errp, "Requested bitmap directory size is too big"); 570 return NULL; 571 } 572 573 dir = g_try_malloc(size); 574 if (dir == NULL) { 575 error_setg(errp, "Failed to allocate space for bitmap directory"); 576 return NULL; 577 } 578 dir_end = dir + size; 579 580 ret = bdrv_pread(bs->file, offset, size, dir, 0); 581 if (ret < 0) { 582 error_setg_errno(errp, -ret, "Failed to read bitmap directory"); 583 goto fail; 584 } 585 586 bm_list = bitmap_list_new(); 587 for (e = (Qcow2BitmapDirEntry *)dir; 588 e < (Qcow2BitmapDirEntry *)dir_end; 589 e = next_dir_entry(e)) 590 { 591 Qcow2Bitmap *bm; 592 593 if ((uint8_t *)(e + 1) > dir_end) { 594 goto broken_dir; 595 } 596 597 if (++nb_dir_entries > s->nb_bitmaps) { 598 error_setg(errp, "More bitmaps found than specified in header" 599 " extension"); 600 goto fail; 601 } 602 bitmap_dir_entry_to_cpu(e); 603 604 if ((uint8_t *)next_dir_entry(e) > dir_end) { 605 goto broken_dir; 606 } 607 608 if (e->extra_data_size != 0) { 609 error_setg(errp, "Bitmap extra data is not supported"); 610 goto fail; 611 } 612 613 ret = check_dir_entry(bs, e); 614 if (ret < 0) { 615 error_setg(errp, "Bitmap '%.*s' doesn't satisfy the constraints", 616 e->name_size, dir_entry_name_field(e)); 617 goto fail; 618 } 619 620 bm = g_new0(Qcow2Bitmap, 1); 621 bm->table.offset = e->bitmap_table_offset; 622 bm->table.size = e->bitmap_table_size; 623 bm->flags = e->flags; 624 bm->granularity_bits = e->granularity_bits; 625 bm->name = dir_entry_copy_name(e); 626 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 627 } 628 629 if (nb_dir_entries != s->nb_bitmaps) { 630 error_setg(errp, "Less bitmaps found than specified in header" 631 " extension"); 632 goto fail; 633 } 634 635 if ((uint8_t *)e != dir_end) { 636 goto broken_dir; 637 } 638 639 g_free(dir); 640 return bm_list; 641 642 broken_dir: 643 error_setg(errp, "Broken bitmap directory"); 644 645 fail: 646 g_free(dir); 647 bitmap_list_free(bm_list); 648 649 return NULL; 650 } 651 652 int coroutine_fn 653 qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res, 654 void **refcount_table, 655 int64_t *refcount_table_size) 656 { 657 int ret; 658 BDRVQcow2State *s = bs->opaque; 659 Qcow2BitmapList *bm_list; 660 Qcow2Bitmap *bm; 661 662 if (s->nb_bitmaps == 0) { 663 return 0; 664 } 665 666 ret = qcow2_inc_refcounts_imrt(bs, res, refcount_table, refcount_table_size, 667 s->bitmap_directory_offset, 668 s->bitmap_directory_size); 669 if (ret < 0) { 670 return ret; 671 } 672 673 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 674 s->bitmap_directory_size, NULL); 675 if (bm_list == NULL) { 676 res->corruptions++; 677 return -EINVAL; 678 } 679 680 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 681 uint64_t *bitmap_table = NULL; 682 int i; 683 684 ret = qcow2_inc_refcounts_imrt(bs, res, 685 refcount_table, refcount_table_size, 686 bm->table.offset, 687 bm->table.size * BME_TABLE_ENTRY_SIZE); 688 if (ret < 0) { 689 goto out; 690 } 691 692 ret = bitmap_table_load(bs, &bm->table, &bitmap_table); 693 if (ret < 0) { 694 res->corruptions++; 695 goto out; 696 } 697 698 for (i = 0; i < bm->table.size; ++i) { 699 uint64_t entry = bitmap_table[i]; 700 uint64_t offset = entry & BME_TABLE_ENTRY_OFFSET_MASK; 701 702 if (check_table_entry(entry, s->cluster_size) < 0) { 703 res->corruptions++; 704 continue; 705 } 706 707 if (offset == 0) { 708 continue; 709 } 710 711 ret = qcow2_inc_refcounts_imrt(bs, res, 712 refcount_table, refcount_table_size, 713 offset, s->cluster_size); 714 if (ret < 0) { 715 g_free(bitmap_table); 716 goto out; 717 } 718 } 719 720 g_free(bitmap_table); 721 } 722 723 out: 724 bitmap_list_free(bm_list); 725 726 return ret; 727 } 728 729 /* bitmap_list_store 730 * Store bitmap list to qcow2 image as a bitmap directory. 731 * Everything is checked. 732 */ 733 static int bitmap_list_store(BlockDriverState *bs, Qcow2BitmapList *bm_list, 734 uint64_t *offset, uint64_t *size, bool in_place) 735 { 736 int ret; 737 uint8_t *dir; 738 int64_t dir_offset = 0; 739 uint64_t dir_size = 0; 740 Qcow2Bitmap *bm; 741 Qcow2BitmapDirEntry *e; 742 743 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 744 dir_size += calc_dir_entry_size(strlen(bm->name), 0); 745 } 746 747 if (dir_size == 0 || dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 748 return -EINVAL; 749 } 750 751 if (in_place) { 752 if (*size != dir_size || *offset == 0) { 753 return -EINVAL; 754 } 755 756 dir_offset = *offset; 757 } 758 759 dir = g_try_malloc0(dir_size); 760 if (dir == NULL) { 761 return -ENOMEM; 762 } 763 764 e = (Qcow2BitmapDirEntry *)dir; 765 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 766 e->bitmap_table_offset = bm->table.offset; 767 e->bitmap_table_size = bm->table.size; 768 e->flags = bm->flags; 769 e->type = BT_DIRTY_TRACKING_BITMAP; 770 e->granularity_bits = bm->granularity_bits; 771 e->name_size = strlen(bm->name); 772 e->extra_data_size = 0; 773 memcpy(e + 1, bm->name, e->name_size); 774 775 if (check_dir_entry(bs, e) < 0) { 776 ret = -EINVAL; 777 goto fail; 778 } 779 780 e = next_dir_entry(e); 781 } 782 783 bitmap_directory_to_be(dir, dir_size); 784 785 if (!in_place) { 786 dir_offset = qcow2_alloc_clusters(bs, dir_size); 787 if (dir_offset < 0) { 788 ret = dir_offset; 789 goto fail; 790 } 791 } 792 793 /* Actually, even in the in-place case ignoring QCOW2_OL_BITMAP_DIRECTORY 794 * is not necessary, because we drop QCOW2_AUTOCLEAR_BITMAPS when updating 795 * bitmap directory in-place (actually, turn-off the extension), which is 796 * checked in qcow2_check_metadata_overlap() */ 797 ret = qcow2_pre_write_overlap_check( 798 bs, in_place ? QCOW2_OL_BITMAP_DIRECTORY : 0, dir_offset, dir_size, 799 false); 800 if (ret < 0) { 801 goto fail; 802 } 803 804 ret = bdrv_pwrite(bs->file, dir_offset, dir_size, dir, 0); 805 if (ret < 0) { 806 goto fail; 807 } 808 809 g_free(dir); 810 811 if (!in_place) { 812 *size = dir_size; 813 *offset = dir_offset; 814 } 815 816 return 0; 817 818 fail: 819 g_free(dir); 820 821 if (!in_place && dir_offset > 0) { 822 qcow2_free_clusters(bs, dir_offset, dir_size, QCOW2_DISCARD_OTHER); 823 } 824 825 return ret; 826 } 827 828 /* 829 * Bitmap List end 830 */ 831 832 static int update_ext_header_and_dir_in_place(BlockDriverState *bs, 833 Qcow2BitmapList *bm_list) 834 { 835 BDRVQcow2State *s = bs->opaque; 836 int ret; 837 838 if (!(s->autoclear_features & QCOW2_AUTOCLEAR_BITMAPS) || 839 bm_list == NULL || QSIMPLEQ_EMPTY(bm_list) || 840 bitmap_list_count(bm_list) != s->nb_bitmaps) 841 { 842 return -EINVAL; 843 } 844 845 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 846 ret = update_header_sync(bs); 847 if (ret < 0) { 848 /* Two variants are possible here: 849 * 1. Autoclear flag is dropped, all bitmaps will be lost. 850 * 2. Autoclear flag is not dropped, old state is left. 851 */ 852 return ret; 853 } 854 855 /* autoclear bit is not set, so we can safely update bitmap directory */ 856 857 ret = bitmap_list_store(bs, bm_list, &s->bitmap_directory_offset, 858 &s->bitmap_directory_size, true); 859 if (ret < 0) { 860 /* autoclear bit is cleared, so all leaked clusters would be removed on 861 * qemu-img check */ 862 return ret; 863 } 864 865 ret = update_header_sync(bs); 866 if (ret < 0) { 867 /* autoclear bit is cleared, so all leaked clusters would be removed on 868 * qemu-img check */ 869 return ret; 870 } 871 872 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 873 return update_header_sync(bs); 874 /* If final update_header_sync() fails, two variants are possible: 875 * 1. Autoclear flag is not set, all bitmaps will be lost. 876 * 2. Autoclear flag is set, header and directory are successfully updated. 877 */ 878 } 879 880 static int update_ext_header_and_dir(BlockDriverState *bs, 881 Qcow2BitmapList *bm_list) 882 { 883 BDRVQcow2State *s = bs->opaque; 884 int ret; 885 uint64_t new_offset = 0; 886 uint64_t new_size = 0; 887 uint32_t new_nb_bitmaps = 0; 888 uint64_t old_offset = s->bitmap_directory_offset; 889 uint64_t old_size = s->bitmap_directory_size; 890 uint32_t old_nb_bitmaps = s->nb_bitmaps; 891 uint64_t old_autocl = s->autoclear_features; 892 893 if (bm_list != NULL && !QSIMPLEQ_EMPTY(bm_list)) { 894 new_nb_bitmaps = bitmap_list_count(bm_list); 895 896 if (new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 897 return -EINVAL; 898 } 899 900 ret = bitmap_list_store(bs, bm_list, &new_offset, &new_size, false); 901 if (ret < 0) { 902 return ret; 903 } 904 905 ret = qcow2_flush_caches(bs); 906 if (ret < 0) { 907 goto fail; 908 } 909 910 s->autoclear_features |= QCOW2_AUTOCLEAR_BITMAPS; 911 } else { 912 s->autoclear_features &= ~(uint64_t)QCOW2_AUTOCLEAR_BITMAPS; 913 } 914 915 s->bitmap_directory_offset = new_offset; 916 s->bitmap_directory_size = new_size; 917 s->nb_bitmaps = new_nb_bitmaps; 918 919 ret = update_header_sync(bs); 920 if (ret < 0) { 921 goto fail; 922 } 923 924 if (old_size > 0) { 925 qcow2_free_clusters(bs, old_offset, old_size, QCOW2_DISCARD_OTHER); 926 } 927 928 return 0; 929 930 fail: 931 if (new_offset > 0) { 932 qcow2_free_clusters(bs, new_offset, new_size, QCOW2_DISCARD_OTHER); 933 } 934 935 s->bitmap_directory_offset = old_offset; 936 s->bitmap_directory_size = old_size; 937 s->nb_bitmaps = old_nb_bitmaps; 938 s->autoclear_features = old_autocl; 939 940 return ret; 941 } 942 943 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 944 static void release_dirty_bitmap_helper(gpointer bitmap, 945 gpointer bs) 946 { 947 bdrv_release_dirty_bitmap(bitmap); 948 } 949 950 /* for g_slist_foreach for GSList of BdrvDirtyBitmap* elements */ 951 static void set_readonly_helper(gpointer bitmap, gpointer value) 952 { 953 bdrv_dirty_bitmap_set_readonly(bitmap, (bool)value); 954 } 955 956 /* 957 * Return true on success, false on failure. 958 * If header_updated is not NULL then it is set appropriately regardless of 959 * the return value. 960 */ 961 bool coroutine_fn GRAPH_RDLOCK 962 qcow2_load_dirty_bitmaps(BlockDriverState *bs, 963 bool *header_updated, Error **errp) 964 { 965 BDRVQcow2State *s = bs->opaque; 966 Qcow2BitmapList *bm_list; 967 Qcow2Bitmap *bm; 968 GSList *created_dirty_bitmaps = NULL; 969 bool needs_update = false; 970 971 if (header_updated) { 972 *header_updated = false; 973 } 974 975 if (s->nb_bitmaps == 0) { 976 /* No bitmaps - nothing to do */ 977 return true; 978 } 979 980 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 981 s->bitmap_directory_size, errp); 982 if (bm_list == NULL) { 983 return false; 984 } 985 986 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 987 BdrvDirtyBitmap *bitmap; 988 989 if ((bm->flags & BME_FLAG_IN_USE) && 990 bdrv_find_dirty_bitmap(bs, bm->name)) 991 { 992 /* 993 * We already have corresponding BdrvDirtyBitmap, and bitmap in the 994 * image is marked IN_USE. Firstly, this state is valid, no reason 995 * to consider existing BdrvDirtyBitmap to be bad. Secondly it's 996 * absolutely possible, when we do migration with shared storage 997 * with dirty-bitmaps capability enabled: if the bitmap was loaded 998 * from this storage before migration start, the storage will 999 * of-course contain IN_USE outdated version of the bitmap, and we 1000 * should not load it on migration target, as we already have this 1001 * bitmap, being migrated. 1002 */ 1003 continue; 1004 } 1005 1006 bitmap = load_bitmap(bs, bm, errp); 1007 if (bitmap == NULL) { 1008 goto fail; 1009 } 1010 1011 bdrv_dirty_bitmap_set_persistence(bitmap, true); 1012 if (bm->flags & BME_FLAG_IN_USE) { 1013 bdrv_dirty_bitmap_set_inconsistent(bitmap); 1014 } else { 1015 /* NB: updated flags only get written if can_write(bs) is true. */ 1016 bm->flags |= BME_FLAG_IN_USE; 1017 needs_update = true; 1018 } 1019 if (!(bm->flags & BME_FLAG_AUTO)) { 1020 bdrv_disable_dirty_bitmap(bitmap); 1021 } 1022 created_dirty_bitmaps = 1023 g_slist_append(created_dirty_bitmaps, bitmap); 1024 } 1025 1026 if (needs_update && can_write(bs)) { 1027 /* in_use flags must be updated */ 1028 int ret = update_ext_header_and_dir_in_place(bs, bm_list); 1029 if (ret < 0) { 1030 error_setg_errno(errp, -ret, "Can't update bitmap directory"); 1031 goto fail; 1032 } 1033 if (header_updated) { 1034 *header_updated = true; 1035 } 1036 } 1037 1038 if (!can_write(bs)) { 1039 g_slist_foreach(created_dirty_bitmaps, set_readonly_helper, 1040 (gpointer)true); 1041 } 1042 1043 g_slist_free(created_dirty_bitmaps); 1044 bitmap_list_free(bm_list); 1045 1046 return true; 1047 1048 fail: 1049 g_slist_foreach(created_dirty_bitmaps, release_dirty_bitmap_helper, bs); 1050 g_slist_free(created_dirty_bitmaps); 1051 bitmap_list_free(bm_list); 1052 1053 return false; 1054 } 1055 1056 1057 static Qcow2BitmapInfoFlagsList *get_bitmap_info_flags(uint32_t flags) 1058 { 1059 Qcow2BitmapInfoFlagsList *list = NULL; 1060 Qcow2BitmapInfoFlagsList **tail = &list; 1061 int i; 1062 1063 static const struct { 1064 int bme; /* Bitmap directory entry flags */ 1065 int info; /* The flags to report to the user */ 1066 } map[] = { 1067 { BME_FLAG_IN_USE, QCOW2_BITMAP_INFO_FLAGS_IN_USE }, 1068 { BME_FLAG_AUTO, QCOW2_BITMAP_INFO_FLAGS_AUTO }, 1069 }; 1070 1071 int map_size = ARRAY_SIZE(map); 1072 1073 for (i = 0; i < map_size; ++i) { 1074 if (flags & map[i].bme) { 1075 QAPI_LIST_APPEND(tail, map[i].info); 1076 flags &= ~map[i].bme; 1077 } 1078 } 1079 /* Check if the BME_* mapping above is complete */ 1080 assert(!flags); 1081 1082 return list; 1083 } 1084 1085 /* 1086 * qcow2_get_bitmap_info_list() 1087 * Returns a list of QCOW2 bitmap details. 1088 * On success return true with info_list set (note, that if there are no 1089 * bitmaps, info_list is set to NULL). 1090 * On failure return false with errp set. 1091 */ 1092 bool qcow2_get_bitmap_info_list(BlockDriverState *bs, 1093 Qcow2BitmapInfoList **info_list, Error **errp) 1094 { 1095 BDRVQcow2State *s = bs->opaque; 1096 Qcow2BitmapList *bm_list; 1097 Qcow2Bitmap *bm; 1098 Qcow2BitmapInfoList **tail; 1099 1100 if (s->nb_bitmaps == 0) { 1101 *info_list = NULL; 1102 return true; 1103 } 1104 1105 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1106 s->bitmap_directory_size, errp); 1107 if (!bm_list) { 1108 return false; 1109 } 1110 1111 *info_list = NULL; 1112 tail = info_list; 1113 1114 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1115 Qcow2BitmapInfo *info = g_new0(Qcow2BitmapInfo, 1); 1116 info->granularity = 1U << bm->granularity_bits; 1117 info->name = g_strdup(bm->name); 1118 info->flags = get_bitmap_info_flags(bm->flags & ~BME_RESERVED_FLAGS); 1119 QAPI_LIST_APPEND(tail, info); 1120 } 1121 1122 bitmap_list_free(bm_list); 1123 1124 return true; 1125 } 1126 1127 int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp) 1128 { 1129 BDRVQcow2State *s = bs->opaque; 1130 Qcow2BitmapList *bm_list; 1131 Qcow2Bitmap *bm; 1132 GSList *ro_dirty_bitmaps = NULL; 1133 int ret = -EINVAL; 1134 bool need_header_update = false; 1135 1136 if (s->nb_bitmaps == 0) { 1137 /* No bitmaps - nothing to do */ 1138 return 0; 1139 } 1140 1141 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1142 s->bitmap_directory_size, errp); 1143 if (bm_list == NULL) { 1144 return -EINVAL; 1145 } 1146 1147 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1148 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1149 1150 if (!bitmap) { 1151 error_setg(errp, "Unexpected bitmap '%s' in image '%s'", 1152 bm->name, bs->filename); 1153 goto out; 1154 } 1155 1156 if (!(bm->flags & BME_FLAG_IN_USE)) { 1157 if (!bdrv_dirty_bitmap_readonly(bitmap)) { 1158 error_setg(errp, "Corruption: bitmap '%s' is not marked IN_USE " 1159 "in the image '%s' and not marked readonly in RAM", 1160 bm->name, bs->filename); 1161 goto out; 1162 } 1163 if (bdrv_dirty_bitmap_inconsistent(bitmap)) { 1164 error_setg(errp, "Corruption: bitmap '%s' is inconsistent but " 1165 "is not marked IN_USE in the image '%s'", bm->name, 1166 bs->filename); 1167 goto out; 1168 } 1169 1170 bm->flags |= BME_FLAG_IN_USE; 1171 need_header_update = true; 1172 } else { 1173 /* 1174 * What if flags already has BME_FLAG_IN_USE ? 1175 * 1176 * 1. if we are reopening RW -> RW it's OK, of course. 1177 * 2. if we are reopening RO -> RW: 1178 * 2.1 if @bitmap is inconsistent, it's OK. It means that it was 1179 * inconsistent (IN_USE) when we loaded it 1180 * 2.2 if @bitmap is not inconsistent. This seems to be impossible 1181 * and implies third party interaction. Let's error-out for 1182 * safety. 1183 */ 1184 if (bdrv_dirty_bitmap_readonly(bitmap) && 1185 !bdrv_dirty_bitmap_inconsistent(bitmap)) 1186 { 1187 error_setg(errp, "Corruption: bitmap '%s' is marked IN_USE " 1188 "in the image '%s' but it is readonly and " 1189 "consistent in RAM", 1190 bm->name, bs->filename); 1191 goto out; 1192 } 1193 } 1194 1195 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1196 ro_dirty_bitmaps = g_slist_append(ro_dirty_bitmaps, bitmap); 1197 } 1198 } 1199 1200 if (need_header_update) { 1201 if (!can_write(bs->file->bs) || !(bs->file->perm & BLK_PERM_WRITE)) { 1202 error_setg(errp, "Failed to reopen bitmaps rw: no write access " 1203 "the protocol file"); 1204 goto out; 1205 } 1206 1207 /* in_use flags must be updated */ 1208 ret = update_ext_header_and_dir_in_place(bs, bm_list); 1209 if (ret < 0) { 1210 error_setg_errno(errp, -ret, "Cannot update bitmap directory"); 1211 goto out; 1212 } 1213 } 1214 1215 g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, (gpointer)false); 1216 ret = 0; 1217 1218 out: 1219 g_slist_free(ro_dirty_bitmaps); 1220 bitmap_list_free(bm_list); 1221 1222 return ret; 1223 } 1224 1225 /* Checks to see if it's safe to resize bitmaps */ 1226 int coroutine_fn qcow2_truncate_bitmaps_check(BlockDriverState *bs, Error **errp) 1227 { 1228 BDRVQcow2State *s = bs->opaque; 1229 Qcow2BitmapList *bm_list; 1230 Qcow2Bitmap *bm; 1231 int ret = 0; 1232 1233 if (s->nb_bitmaps == 0) { 1234 return 0; 1235 } 1236 1237 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1238 s->bitmap_directory_size, errp); 1239 if (bm_list == NULL) { 1240 return -EINVAL; 1241 } 1242 1243 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1244 BdrvDirtyBitmap *bitmap = bdrv_find_dirty_bitmap(bs, bm->name); 1245 if (bitmap == NULL) { 1246 /* 1247 * We rely on all bitmaps being in-memory to be able to resize them, 1248 * Otherwise, we'd need to resize them on disk explicitly 1249 */ 1250 error_setg(errp, "Cannot resize qcow2 with persistent bitmaps that " 1251 "were not loaded into memory"); 1252 ret = -ENOTSUP; 1253 goto out; 1254 } 1255 1256 /* 1257 * The checks against readonly and busy are redundant, but certainly 1258 * do no harm. checks against inconsistent are crucial: 1259 */ 1260 if (bdrv_dirty_bitmap_check(bitmap, BDRV_BITMAP_DEFAULT, errp)) { 1261 ret = -ENOTSUP; 1262 goto out; 1263 } 1264 } 1265 1266 out: 1267 bitmap_list_free(bm_list); 1268 return ret; 1269 } 1270 1271 /* store_bitmap_data() 1272 * Store bitmap to image, filling bitmap table accordingly. 1273 */ 1274 static uint64_t *store_bitmap_data(BlockDriverState *bs, 1275 BdrvDirtyBitmap *bitmap, 1276 uint32_t *bitmap_table_size, Error **errp) 1277 { 1278 int ret; 1279 BDRVQcow2State *s = bs->opaque; 1280 int64_t offset; 1281 uint64_t limit; 1282 uint64_t bm_size = bdrv_dirty_bitmap_size(bitmap); 1283 const char *bm_name = bdrv_dirty_bitmap_name(bitmap); 1284 uint8_t *buf = NULL; 1285 uint64_t *tb; 1286 uint64_t tb_size = 1287 size_to_clusters(s, 1288 bdrv_dirty_bitmap_serialization_size(bitmap, 0, bm_size)); 1289 1290 if (tb_size > BME_MAX_TABLE_SIZE || 1291 tb_size * s->cluster_size > BME_MAX_PHYS_SIZE) 1292 { 1293 error_setg(errp, "Bitmap '%s' is too big", bm_name); 1294 return NULL; 1295 } 1296 1297 tb = g_try_new0(uint64_t, tb_size); 1298 if (tb == NULL) { 1299 error_setg(errp, "No memory"); 1300 return NULL; 1301 } 1302 1303 buf = g_malloc(s->cluster_size); 1304 limit = bdrv_dirty_bitmap_serialization_coverage(s->cluster_size, bitmap); 1305 assert(DIV_ROUND_UP(bm_size, limit) == tb_size); 1306 1307 offset = 0; 1308 while ((offset = bdrv_dirty_bitmap_next_dirty(bitmap, offset, INT64_MAX)) 1309 >= 0) 1310 { 1311 uint64_t cluster = offset / limit; 1312 uint64_t end, write_size; 1313 int64_t off; 1314 1315 /* 1316 * We found the first dirty offset, but want to write out the 1317 * entire cluster of the bitmap that includes that offset, 1318 * including any leading zero bits. 1319 */ 1320 offset = QEMU_ALIGN_DOWN(offset, limit); 1321 end = MIN(bm_size, offset + limit); 1322 write_size = bdrv_dirty_bitmap_serialization_size(bitmap, offset, 1323 end - offset); 1324 assert(write_size <= s->cluster_size); 1325 1326 off = qcow2_alloc_clusters(bs, s->cluster_size); 1327 if (off < 0) { 1328 error_setg_errno(errp, -off, 1329 "Failed to allocate clusters for bitmap '%s'", 1330 bm_name); 1331 goto fail; 1332 } 1333 tb[cluster] = off; 1334 1335 bdrv_dirty_bitmap_serialize_part(bitmap, buf, offset, end - offset); 1336 if (write_size < s->cluster_size) { 1337 memset(buf + write_size, 0, s->cluster_size - write_size); 1338 } 1339 1340 ret = qcow2_pre_write_overlap_check(bs, 0, off, s->cluster_size, false); 1341 if (ret < 0) { 1342 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1343 goto fail; 1344 } 1345 1346 ret = bdrv_pwrite(bs->file, off, s->cluster_size, buf, 0); 1347 if (ret < 0) { 1348 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1349 bm_name); 1350 goto fail; 1351 } 1352 1353 offset = end; 1354 } 1355 1356 *bitmap_table_size = tb_size; 1357 g_free(buf); 1358 1359 return tb; 1360 1361 fail: 1362 clear_bitmap_table(bs, tb, tb_size); 1363 g_free(buf); 1364 g_free(tb); 1365 1366 return NULL; 1367 } 1368 1369 /* store_bitmap() 1370 * Store bm->dirty_bitmap to qcow2. 1371 * Set bm->table_offset and bm->table_size accordingly. 1372 */ 1373 static int store_bitmap(BlockDriverState *bs, Qcow2Bitmap *bm, Error **errp) 1374 { 1375 int ret; 1376 uint64_t *tb; 1377 int64_t tb_offset; 1378 uint32_t tb_size; 1379 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap; 1380 const char *bm_name; 1381 1382 assert(bitmap != NULL); 1383 1384 bm_name = bdrv_dirty_bitmap_name(bitmap); 1385 1386 tb = store_bitmap_data(bs, bitmap, &tb_size, errp); 1387 if (tb == NULL) { 1388 return -EINVAL; 1389 } 1390 1391 assert(tb_size <= BME_MAX_TABLE_SIZE); 1392 tb_offset = qcow2_alloc_clusters(bs, tb_size * sizeof(tb[0])); 1393 if (tb_offset < 0) { 1394 error_setg_errno(errp, -tb_offset, 1395 "Failed to allocate clusters for bitmap '%s'", 1396 bm_name); 1397 ret = tb_offset; 1398 goto fail; 1399 } 1400 1401 ret = qcow2_pre_write_overlap_check(bs, 0, tb_offset, 1402 tb_size * sizeof(tb[0]), false); 1403 if (ret < 0) { 1404 error_setg_errno(errp, -ret, "Qcow2 overlap check failed"); 1405 goto fail; 1406 } 1407 1408 bitmap_table_bswap_be(tb, tb_size); 1409 ret = bdrv_pwrite(bs->file, tb_offset, tb_size * sizeof(tb[0]), tb, 0); 1410 if (ret < 0) { 1411 bitmap_table_bswap_be(tb, tb_size); 1412 error_setg_errno(errp, -ret, "Failed to write bitmap '%s' to file", 1413 bm_name); 1414 goto fail; 1415 } 1416 1417 g_free(tb); 1418 1419 bm->table.offset = tb_offset; 1420 bm->table.size = tb_size; 1421 1422 return 0; 1423 1424 fail: 1425 clear_bitmap_table(bs, tb, tb_size); 1426 1427 if (tb_offset > 0) { 1428 qcow2_free_clusters(bs, tb_offset, tb_size * sizeof(tb[0]), 1429 QCOW2_DISCARD_OTHER); 1430 } 1431 1432 g_free(tb); 1433 1434 return ret; 1435 } 1436 1437 static Qcow2Bitmap *find_bitmap_by_name(Qcow2BitmapList *bm_list, 1438 const char *name) 1439 { 1440 Qcow2Bitmap *bm; 1441 1442 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1443 if (strcmp(name, bm->name) == 0) { 1444 return bm; 1445 } 1446 } 1447 1448 return NULL; 1449 } 1450 1451 int coroutine_fn qcow2_co_remove_persistent_dirty_bitmap(BlockDriverState *bs, 1452 const char *name, 1453 Error **errp) 1454 { 1455 int ret; 1456 BDRVQcow2State *s = bs->opaque; 1457 Qcow2Bitmap *bm = NULL; 1458 Qcow2BitmapList *bm_list; 1459 1460 if (s->nb_bitmaps == 0) { 1461 /* 1462 * Absence of the bitmap is not an error: see explanation above 1463 * bdrv_co_remove_persistent_dirty_bitmap() definition. 1464 */ 1465 return 0; 1466 } 1467 1468 qemu_co_mutex_lock(&s->lock); 1469 1470 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1471 s->bitmap_directory_size, errp); 1472 if (bm_list == NULL) { 1473 ret = -EIO; 1474 goto out; 1475 } 1476 1477 bm = find_bitmap_by_name(bm_list, name); 1478 if (bm == NULL) { 1479 /* Absence of the bitmap is not an error, see above. */ 1480 ret = 0; 1481 goto out; 1482 } 1483 1484 QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry); 1485 1486 ret = update_ext_header_and_dir(bs, bm_list); 1487 if (ret < 0) { 1488 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1489 goto out; 1490 } 1491 1492 free_bitmap_clusters(bs, &bm->table); 1493 1494 out: 1495 qemu_co_mutex_unlock(&s->lock); 1496 1497 bitmap_free(bm); 1498 bitmap_list_free(bm_list); 1499 1500 return ret; 1501 } 1502 1503 /* 1504 * qcow2_store_persistent_dirty_bitmaps 1505 * 1506 * Stores persistent BdrvDirtyBitmap objects. 1507 * 1508 * @release_stored: if true, release BdrvDirtyBitmap's after storing to the 1509 * image. This is used in two cases, both via qcow2_inactivate: 1510 * 1. bdrv_close: It's correct to remove bitmaps on close. 1511 * 2. migration: If bitmaps are migrated through migration channel via 1512 * 'dirty-bitmaps' migration capability they are not handled by this code. 1513 * Otherwise, it's OK to drop BdrvDirtyBitmap's and reload them on 1514 * invalidation. 1515 * 1516 * Anyway, it's correct to remove BdrvDirtyBitmap's on inactivation, as 1517 * inactivation means that we lose control on disk, and therefore on bitmaps, 1518 * we should sync them and do not touch more. 1519 * 1520 * Contrariwise, we don't want to release any bitmaps on just reopen-to-ro, 1521 * when we need to store them, as image is still under our control, and it's 1522 * good to keep all the bitmaps in read-only mode. Moreover, keeping them 1523 * read-only is correct because this is what would happen if we opened the node 1524 * readonly to begin with, and whether we opened directly or reopened to that 1525 * state shouldn't matter for the state we get afterward. 1526 */ 1527 bool qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, 1528 bool release_stored, Error **errp) 1529 { 1530 ERRP_GUARD(); 1531 BdrvDirtyBitmap *bitmap; 1532 BDRVQcow2State *s = bs->opaque; 1533 uint32_t new_nb_bitmaps = s->nb_bitmaps; 1534 uint64_t new_dir_size = s->bitmap_directory_size; 1535 int ret; 1536 Qcow2BitmapList *bm_list; 1537 Qcow2Bitmap *bm; 1538 QSIMPLEQ_HEAD(, Qcow2BitmapTable) drop_tables; 1539 Qcow2BitmapTable *tb, *tb_next; 1540 bool need_write = false; 1541 1542 QSIMPLEQ_INIT(&drop_tables); 1543 1544 if (s->nb_bitmaps == 0) { 1545 bm_list = bitmap_list_new(); 1546 } else { 1547 bm_list = bitmap_list_load(bs, s->bitmap_directory_offset, 1548 s->bitmap_directory_size, errp); 1549 if (bm_list == NULL) { 1550 return false; 1551 } 1552 } 1553 1554 /* check constraints and names */ 1555 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1556 const char *name = bdrv_dirty_bitmap_name(bitmap); 1557 uint32_t granularity = bdrv_dirty_bitmap_granularity(bitmap); 1558 Qcow2Bitmap *bm; 1559 1560 if (!bdrv_dirty_bitmap_get_persistence(bitmap) || 1561 bdrv_dirty_bitmap_inconsistent(bitmap)) { 1562 continue; 1563 } 1564 1565 if (bdrv_dirty_bitmap_readonly(bitmap)) { 1566 /* 1567 * Store the bitmap in the associated Qcow2Bitmap so it 1568 * can be released later 1569 */ 1570 bm = find_bitmap_by_name(bm_list, name); 1571 if (bm) { 1572 bm->dirty_bitmap = bitmap; 1573 } 1574 continue; 1575 } 1576 1577 need_write = true; 1578 1579 if (check_constraints_on_bitmap(bs, name, granularity, errp) < 0) { 1580 error_prepend(errp, "Bitmap '%s' doesn't satisfy the constraints: ", 1581 name); 1582 goto fail; 1583 } 1584 1585 bm = find_bitmap_by_name(bm_list, name); 1586 if (bm == NULL) { 1587 if (++new_nb_bitmaps > QCOW2_MAX_BITMAPS) { 1588 error_setg(errp, "Too many persistent bitmaps"); 1589 goto fail; 1590 } 1591 1592 new_dir_size += calc_dir_entry_size(strlen(name), 0); 1593 if (new_dir_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1594 error_setg(errp, "Bitmap directory is too large"); 1595 goto fail; 1596 } 1597 1598 bm = g_new0(Qcow2Bitmap, 1); 1599 bm->name = g_strdup(name); 1600 QSIMPLEQ_INSERT_TAIL(bm_list, bm, entry); 1601 } else { 1602 if (!(bm->flags & BME_FLAG_IN_USE)) { 1603 error_setg(errp, "Bitmap '%s' already exists in the image", 1604 name); 1605 goto fail; 1606 } 1607 tb = g_memdup(&bm->table, sizeof(bm->table)); 1608 bm->table.offset = 0; 1609 bm->table.size = 0; 1610 QSIMPLEQ_INSERT_TAIL(&drop_tables, tb, entry); 1611 } 1612 bm->flags = bdrv_dirty_bitmap_enabled(bitmap) ? BME_FLAG_AUTO : 0; 1613 bm->granularity_bits = ctz32(bdrv_dirty_bitmap_granularity(bitmap)); 1614 bm->dirty_bitmap = bitmap; 1615 } 1616 1617 if (!need_write) { 1618 goto success; 1619 } 1620 1621 if (!can_write(bs)) { 1622 error_setg(errp, "No write access"); 1623 goto fail; 1624 } 1625 1626 /* allocate clusters and store bitmaps */ 1627 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1628 BdrvDirtyBitmap *bitmap = bm->dirty_bitmap; 1629 1630 if (bitmap == NULL || bdrv_dirty_bitmap_readonly(bitmap)) { 1631 continue; 1632 } 1633 1634 ret = store_bitmap(bs, bm, errp); 1635 if (ret < 0) { 1636 goto fail; 1637 } 1638 } 1639 1640 ret = update_ext_header_and_dir(bs, bm_list); 1641 if (ret < 0) { 1642 error_setg_errno(errp, -ret, "Failed to update bitmap extension"); 1643 goto fail; 1644 } 1645 1646 /* Bitmap directory was successfully updated, so, old data can be dropped. 1647 * TODO it is better to reuse these clusters */ 1648 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1649 free_bitmap_clusters(bs, tb); 1650 g_free(tb); 1651 } 1652 1653 success: 1654 if (release_stored) { 1655 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1656 if (bm->dirty_bitmap == NULL) { 1657 continue; 1658 } 1659 1660 bdrv_release_dirty_bitmap(bm->dirty_bitmap); 1661 } 1662 } 1663 1664 bitmap_list_free(bm_list); 1665 return true; 1666 1667 fail: 1668 QSIMPLEQ_FOREACH(bm, bm_list, entry) { 1669 if (bm->dirty_bitmap == NULL || bm->table.offset == 0 || 1670 bdrv_dirty_bitmap_readonly(bm->dirty_bitmap)) 1671 { 1672 continue; 1673 } 1674 1675 free_bitmap_clusters(bs, &bm->table); 1676 } 1677 1678 QSIMPLEQ_FOREACH_SAFE(tb, &drop_tables, entry, tb_next) { 1679 g_free(tb); 1680 } 1681 1682 bitmap_list_free(bm_list); 1683 return false; 1684 } 1685 1686 int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp) 1687 { 1688 BdrvDirtyBitmap *bitmap; 1689 1690 if (!qcow2_store_persistent_dirty_bitmaps(bs, false, errp)) { 1691 return -EINVAL; 1692 } 1693 1694 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1695 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1696 bdrv_dirty_bitmap_set_readonly(bitmap, true); 1697 } 1698 } 1699 1700 return 0; 1701 } 1702 1703 bool coroutine_fn qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, 1704 const char *name, 1705 uint32_t granularity, 1706 Error **errp) 1707 { 1708 BDRVQcow2State *s = bs->opaque; 1709 BdrvDirtyBitmap *bitmap; 1710 uint64_t bitmap_directory_size = 0; 1711 uint32_t nb_bitmaps = 0; 1712 1713 if (bdrv_find_dirty_bitmap(bs, name)) { 1714 error_setg(errp, "Bitmap already exists: %s", name); 1715 return false; 1716 } 1717 1718 if (s->qcow_version < 3) { 1719 /* Without autoclear_features, we would always have to assume 1720 * that a program without persistent dirty bitmap support has 1721 * accessed this qcow2 file when opening it, and would thus 1722 * have to drop all dirty bitmaps (defeating their purpose). 1723 */ 1724 error_setg(errp, "Cannot store dirty bitmaps in qcow2 v2 files"); 1725 goto fail; 1726 } 1727 1728 if (check_constraints_on_bitmap(bs, name, granularity, errp) != 0) { 1729 goto fail; 1730 } 1731 1732 FOR_EACH_DIRTY_BITMAP(bs, bitmap) { 1733 if (bdrv_dirty_bitmap_get_persistence(bitmap)) { 1734 nb_bitmaps++; 1735 bitmap_directory_size += 1736 calc_dir_entry_size(strlen(bdrv_dirty_bitmap_name(bitmap)), 0); 1737 } 1738 } 1739 nb_bitmaps++; 1740 bitmap_directory_size += calc_dir_entry_size(strlen(name), 0); 1741 1742 if (nb_bitmaps > QCOW2_MAX_BITMAPS) { 1743 error_setg(errp, 1744 "Maximum number of persistent bitmaps is already reached"); 1745 goto fail; 1746 } 1747 1748 if (bitmap_directory_size > QCOW2_MAX_BITMAP_DIRECTORY_SIZE) { 1749 error_setg(errp, "Not enough space in the bitmap directory"); 1750 goto fail; 1751 } 1752 1753 return true; 1754 1755 fail: 1756 error_prepend(errp, "Can't make bitmap '%s' persistent in '%s': ", 1757 name, bdrv_get_device_or_node_name(bs)); 1758 return false; 1759 } 1760 1761 bool qcow2_supports_persistent_dirty_bitmap(BlockDriverState *bs) 1762 { 1763 BDRVQcow2State *s = bs->opaque; 1764 1765 return s->qcow_version >= 3; 1766 } 1767 1768 /* 1769 * Compute the space required to copy bitmaps from @in_bs. 1770 * 1771 * The computation is based as if copying to a new image with the 1772 * given @cluster_size, which may differ from the cluster size in 1773 * @in_bs; in fact, @in_bs might be something other than qcow2. 1774 */ 1775 uint64_t qcow2_get_persistent_dirty_bitmap_size(BlockDriverState *in_bs, 1776 uint32_t cluster_size) 1777 { 1778 uint64_t bitmaps_size = 0; 1779 BdrvDirtyBitmap *bm; 1780 size_t bitmap_dir_size = 0; 1781 1782 FOR_EACH_DIRTY_BITMAP(in_bs, bm) { 1783 if (bdrv_dirty_bitmap_get_persistence(bm)) { 1784 const char *name = bdrv_dirty_bitmap_name(bm); 1785 uint32_t granularity = bdrv_dirty_bitmap_granularity(bm); 1786 uint64_t bmbytes = 1787 get_bitmap_bytes_needed(bdrv_dirty_bitmap_size(bm), 1788 granularity); 1789 uint64_t bmclusters = DIV_ROUND_UP(bmbytes, cluster_size); 1790 1791 /* Assume the entire bitmap is allocated */ 1792 bitmaps_size += bmclusters * cluster_size; 1793 /* Also reserve space for the bitmap table entries */ 1794 bitmaps_size += ROUND_UP(bmclusters * BME_TABLE_ENTRY_SIZE, 1795 cluster_size); 1796 /* And space for contribution to bitmap directory size */ 1797 bitmap_dir_size += calc_dir_entry_size(strlen(name), 0); 1798 } 1799 } 1800 bitmaps_size += ROUND_UP(bitmap_dir_size, cluster_size); 1801 1802 return bitmaps_size; 1803 } 1804