1 /* 2 * Block driver for the QCOW version 2 format 3 * 4 * Copyright (c) 2004-2006 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu-common.h" 26 #include "block/block_int.h" 27 #include "block/qcow2.h" 28 29 typedef struct QEMU_PACKED QCowSnapshotHeader { 30 /* header is 8 byte aligned */ 31 uint64_t l1_table_offset; 32 33 uint32_t l1_size; 34 uint16_t id_str_size; 35 uint16_t name_size; 36 37 uint32_t date_sec; 38 uint32_t date_nsec; 39 40 uint64_t vm_clock_nsec; 41 42 uint32_t vm_state_size; 43 uint32_t extra_data_size; /* for extension */ 44 /* extra data follows */ 45 /* id_str follows */ 46 /* name follows */ 47 } QCowSnapshotHeader; 48 49 typedef struct QEMU_PACKED QCowSnapshotExtraData { 50 uint64_t vm_state_size_large; 51 uint64_t disk_size; 52 } QCowSnapshotExtraData; 53 54 void qcow2_free_snapshots(BlockDriverState *bs) 55 { 56 BDRVQcowState *s = bs->opaque; 57 int i; 58 59 for(i = 0; i < s->nb_snapshots; i++) { 60 g_free(s->snapshots[i].name); 61 g_free(s->snapshots[i].id_str); 62 } 63 g_free(s->snapshots); 64 s->snapshots = NULL; 65 s->nb_snapshots = 0; 66 } 67 68 int qcow2_read_snapshots(BlockDriverState *bs) 69 { 70 BDRVQcowState *s = bs->opaque; 71 QCowSnapshotHeader h; 72 QCowSnapshotExtraData extra; 73 QCowSnapshot *sn; 74 int i, id_str_size, name_size; 75 int64_t offset; 76 uint32_t extra_data_size; 77 int ret; 78 79 if (!s->nb_snapshots) { 80 s->snapshots = NULL; 81 s->snapshots_size = 0; 82 return 0; 83 } 84 85 offset = s->snapshots_offset; 86 s->snapshots = g_malloc0(s->nb_snapshots * sizeof(QCowSnapshot)); 87 88 for(i = 0; i < s->nb_snapshots; i++) { 89 /* Read statically sized part of the snapshot header */ 90 offset = align_offset(offset, 8); 91 ret = bdrv_pread(bs->file, offset, &h, sizeof(h)); 92 if (ret < 0) { 93 goto fail; 94 } 95 96 offset += sizeof(h); 97 sn = s->snapshots + i; 98 sn->l1_table_offset = be64_to_cpu(h.l1_table_offset); 99 sn->l1_size = be32_to_cpu(h.l1_size); 100 sn->vm_state_size = be32_to_cpu(h.vm_state_size); 101 sn->date_sec = be32_to_cpu(h.date_sec); 102 sn->date_nsec = be32_to_cpu(h.date_nsec); 103 sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec); 104 extra_data_size = be32_to_cpu(h.extra_data_size); 105 106 id_str_size = be16_to_cpu(h.id_str_size); 107 name_size = be16_to_cpu(h.name_size); 108 109 /* Read extra data */ 110 ret = bdrv_pread(bs->file, offset, &extra, 111 MIN(sizeof(extra), extra_data_size)); 112 if (ret < 0) { 113 goto fail; 114 } 115 offset += extra_data_size; 116 117 if (extra_data_size >= 8) { 118 sn->vm_state_size = be64_to_cpu(extra.vm_state_size_large); 119 } 120 121 if (extra_data_size >= 16) { 122 sn->disk_size = be64_to_cpu(extra.disk_size); 123 } else { 124 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE; 125 } 126 127 /* Read snapshot ID */ 128 sn->id_str = g_malloc(id_str_size + 1); 129 ret = bdrv_pread(bs->file, offset, sn->id_str, id_str_size); 130 if (ret < 0) { 131 goto fail; 132 } 133 offset += id_str_size; 134 sn->id_str[id_str_size] = '\0'; 135 136 /* Read snapshot name */ 137 sn->name = g_malloc(name_size + 1); 138 ret = bdrv_pread(bs->file, offset, sn->name, name_size); 139 if (ret < 0) { 140 goto fail; 141 } 142 offset += name_size; 143 sn->name[name_size] = '\0'; 144 } 145 146 s->snapshots_size = offset - s->snapshots_offset; 147 return 0; 148 149 fail: 150 qcow2_free_snapshots(bs); 151 return ret; 152 } 153 154 /* add at the end of the file a new list of snapshots */ 155 static int qcow2_write_snapshots(BlockDriverState *bs) 156 { 157 BDRVQcowState *s = bs->opaque; 158 QCowSnapshot *sn; 159 QCowSnapshotHeader h; 160 QCowSnapshotExtraData extra; 161 int i, name_size, id_str_size, snapshots_size; 162 struct { 163 uint32_t nb_snapshots; 164 uint64_t snapshots_offset; 165 } QEMU_PACKED header_data; 166 int64_t offset, snapshots_offset; 167 int ret; 168 169 /* compute the size of the snapshots */ 170 offset = 0; 171 for(i = 0; i < s->nb_snapshots; i++) { 172 sn = s->snapshots + i; 173 offset = align_offset(offset, 8); 174 offset += sizeof(h); 175 offset += sizeof(extra); 176 offset += strlen(sn->id_str); 177 offset += strlen(sn->name); 178 } 179 snapshots_size = offset; 180 181 /* Allocate space for the new snapshot list */ 182 snapshots_offset = qcow2_alloc_clusters(bs, snapshots_size); 183 offset = snapshots_offset; 184 if (offset < 0) { 185 return offset; 186 } 187 ret = bdrv_flush(bs); 188 if (ret < 0) { 189 return ret; 190 } 191 192 /* Write all snapshots to the new list */ 193 for(i = 0; i < s->nb_snapshots; i++) { 194 sn = s->snapshots + i; 195 memset(&h, 0, sizeof(h)); 196 h.l1_table_offset = cpu_to_be64(sn->l1_table_offset); 197 h.l1_size = cpu_to_be32(sn->l1_size); 198 /* If it doesn't fit in 32 bit, older implementations should treat it 199 * as a disk-only snapshot rather than truncate the VM state */ 200 if (sn->vm_state_size <= 0xffffffff) { 201 h.vm_state_size = cpu_to_be32(sn->vm_state_size); 202 } 203 h.date_sec = cpu_to_be32(sn->date_sec); 204 h.date_nsec = cpu_to_be32(sn->date_nsec); 205 h.vm_clock_nsec = cpu_to_be64(sn->vm_clock_nsec); 206 h.extra_data_size = cpu_to_be32(sizeof(extra)); 207 208 memset(&extra, 0, sizeof(extra)); 209 extra.vm_state_size_large = cpu_to_be64(sn->vm_state_size); 210 extra.disk_size = cpu_to_be64(sn->disk_size); 211 212 id_str_size = strlen(sn->id_str); 213 name_size = strlen(sn->name); 214 h.id_str_size = cpu_to_be16(id_str_size); 215 h.name_size = cpu_to_be16(name_size); 216 offset = align_offset(offset, 8); 217 218 ret = bdrv_pwrite(bs->file, offset, &h, sizeof(h)); 219 if (ret < 0) { 220 goto fail; 221 } 222 offset += sizeof(h); 223 224 ret = bdrv_pwrite(bs->file, offset, &extra, sizeof(extra)); 225 if (ret < 0) { 226 goto fail; 227 } 228 offset += sizeof(extra); 229 230 ret = bdrv_pwrite(bs->file, offset, sn->id_str, id_str_size); 231 if (ret < 0) { 232 goto fail; 233 } 234 offset += id_str_size; 235 236 ret = bdrv_pwrite(bs->file, offset, sn->name, name_size); 237 if (ret < 0) { 238 goto fail; 239 } 240 offset += name_size; 241 } 242 243 /* 244 * Update the header to point to the new snapshot table. This requires the 245 * new table and its refcounts to be stable on disk. 246 */ 247 ret = bdrv_flush(bs); 248 if (ret < 0) { 249 goto fail; 250 } 251 252 QEMU_BUILD_BUG_ON(offsetof(QCowHeader, snapshots_offset) != 253 offsetof(QCowHeader, nb_snapshots) + sizeof(header_data.nb_snapshots)); 254 255 header_data.nb_snapshots = cpu_to_be32(s->nb_snapshots); 256 header_data.snapshots_offset = cpu_to_be64(snapshots_offset); 257 258 ret = bdrv_pwrite_sync(bs->file, offsetof(QCowHeader, nb_snapshots), 259 &header_data, sizeof(header_data)); 260 if (ret < 0) { 261 goto fail; 262 } 263 264 /* free the old snapshot table */ 265 qcow2_free_clusters(bs, s->snapshots_offset, s->snapshots_size, 266 QCOW2_DISCARD_SNAPSHOT); 267 s->snapshots_offset = snapshots_offset; 268 s->snapshots_size = snapshots_size; 269 return 0; 270 271 fail: 272 return ret; 273 } 274 275 static void find_new_snapshot_id(BlockDriverState *bs, 276 char *id_str, int id_str_size) 277 { 278 BDRVQcowState *s = bs->opaque; 279 QCowSnapshot *sn; 280 int i, id, id_max = 0; 281 282 for(i = 0; i < s->nb_snapshots; i++) { 283 sn = s->snapshots + i; 284 id = strtoul(sn->id_str, NULL, 10); 285 if (id > id_max) 286 id_max = id; 287 } 288 snprintf(id_str, id_str_size, "%d", id_max + 1); 289 } 290 291 static int find_snapshot_by_id(BlockDriverState *bs, const char *id_str) 292 { 293 BDRVQcowState *s = bs->opaque; 294 int i; 295 296 for(i = 0; i < s->nb_snapshots; i++) { 297 if (!strcmp(s->snapshots[i].id_str, id_str)) 298 return i; 299 } 300 return -1; 301 } 302 303 static int find_snapshot_by_id_or_name(BlockDriverState *bs, const char *name) 304 { 305 BDRVQcowState *s = bs->opaque; 306 int i, ret; 307 308 ret = find_snapshot_by_id(bs, name); 309 if (ret >= 0) 310 return ret; 311 for(i = 0; i < s->nb_snapshots; i++) { 312 if (!strcmp(s->snapshots[i].name, name)) 313 return i; 314 } 315 return -1; 316 } 317 318 /* if no id is provided, a new one is constructed */ 319 int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info) 320 { 321 BDRVQcowState *s = bs->opaque; 322 QCowSnapshot *new_snapshot_list = NULL; 323 QCowSnapshot *old_snapshot_list = NULL; 324 QCowSnapshot sn1, *sn = &sn1; 325 int i, ret; 326 uint64_t *l1_table = NULL; 327 int64_t l1_table_offset; 328 329 memset(sn, 0, sizeof(*sn)); 330 331 /* Generate an ID if it wasn't passed */ 332 if (sn_info->id_str[0] == '\0') { 333 find_new_snapshot_id(bs, sn_info->id_str, sizeof(sn_info->id_str)); 334 } 335 336 /* Check that the ID is unique */ 337 if (find_snapshot_by_id(bs, sn_info->id_str) >= 0) { 338 return -EEXIST; 339 } 340 341 /* Populate sn with passed data */ 342 sn->id_str = g_strdup(sn_info->id_str); 343 sn->name = g_strdup(sn_info->name); 344 345 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE; 346 sn->vm_state_size = sn_info->vm_state_size; 347 sn->date_sec = sn_info->date_sec; 348 sn->date_nsec = sn_info->date_nsec; 349 sn->vm_clock_nsec = sn_info->vm_clock_nsec; 350 351 /* Allocate the L1 table of the snapshot and copy the current one there. */ 352 l1_table_offset = qcow2_alloc_clusters(bs, s->l1_size * sizeof(uint64_t)); 353 if (l1_table_offset < 0) { 354 ret = l1_table_offset; 355 goto fail; 356 } 357 358 sn->l1_table_offset = l1_table_offset; 359 sn->l1_size = s->l1_size; 360 361 l1_table = g_malloc(s->l1_size * sizeof(uint64_t)); 362 for(i = 0; i < s->l1_size; i++) { 363 l1_table[i] = cpu_to_be64(s->l1_table[i]); 364 } 365 366 ret = bdrv_pwrite(bs->file, sn->l1_table_offset, l1_table, 367 s->l1_size * sizeof(uint64_t)); 368 if (ret < 0) { 369 goto fail; 370 } 371 372 g_free(l1_table); 373 l1_table = NULL; 374 375 /* 376 * Increase the refcounts of all clusters and make sure everything is 377 * stable on disk before updating the snapshot table to contain a pointer 378 * to the new L1 table. 379 */ 380 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 1); 381 if (ret < 0) { 382 goto fail; 383 } 384 385 /* Append the new snapshot to the snapshot list */ 386 new_snapshot_list = g_malloc((s->nb_snapshots + 1) * sizeof(QCowSnapshot)); 387 if (s->snapshots) { 388 memcpy(new_snapshot_list, s->snapshots, 389 s->nb_snapshots * sizeof(QCowSnapshot)); 390 old_snapshot_list = s->snapshots; 391 } 392 s->snapshots = new_snapshot_list; 393 s->snapshots[s->nb_snapshots++] = *sn; 394 395 ret = qcow2_write_snapshots(bs); 396 if (ret < 0) { 397 g_free(s->snapshots); 398 s->snapshots = old_snapshot_list; 399 goto fail; 400 } 401 402 g_free(old_snapshot_list); 403 404 #ifdef DEBUG_ALLOC 405 { 406 BdrvCheckResult result = {0}; 407 qcow2_check_refcounts(bs, &result, 0); 408 } 409 #endif 410 return 0; 411 412 fail: 413 g_free(sn->id_str); 414 g_free(sn->name); 415 g_free(l1_table); 416 417 return ret; 418 } 419 420 /* copy the snapshot 'snapshot_name' into the current disk image */ 421 int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id) 422 { 423 BDRVQcowState *s = bs->opaque; 424 QCowSnapshot *sn; 425 int i, snapshot_index; 426 int cur_l1_bytes, sn_l1_bytes; 427 int ret; 428 uint64_t *sn_l1_table = NULL; 429 430 /* Search the snapshot */ 431 snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id); 432 if (snapshot_index < 0) { 433 return -ENOENT; 434 } 435 sn = &s->snapshots[snapshot_index]; 436 437 if (sn->disk_size != bs->total_sectors * BDRV_SECTOR_SIZE) { 438 error_report("qcow2: Loading snapshots with different disk " 439 "size is not implemented"); 440 ret = -ENOTSUP; 441 goto fail; 442 } 443 444 /* 445 * Make sure that the current L1 table is big enough to contain the whole 446 * L1 table of the snapshot. If the snapshot L1 table is smaller, the 447 * current one must be padded with zeros. 448 */ 449 ret = qcow2_grow_l1_table(bs, sn->l1_size, true); 450 if (ret < 0) { 451 goto fail; 452 } 453 454 cur_l1_bytes = s->l1_size * sizeof(uint64_t); 455 sn_l1_bytes = sn->l1_size * sizeof(uint64_t); 456 457 /* 458 * Copy the snapshot L1 table to the current L1 table. 459 * 460 * Before overwriting the old current L1 table on disk, make sure to 461 * increase all refcounts for the clusters referenced by the new one. 462 * Decrease the refcount referenced by the old one only when the L1 463 * table is overwritten. 464 */ 465 sn_l1_table = g_malloc0(cur_l1_bytes); 466 467 ret = bdrv_pread(bs->file, sn->l1_table_offset, sn_l1_table, sn_l1_bytes); 468 if (ret < 0) { 469 goto fail; 470 } 471 472 ret = qcow2_update_snapshot_refcount(bs, sn->l1_table_offset, 473 sn->l1_size, 1); 474 if (ret < 0) { 475 goto fail; 476 } 477 478 ret = bdrv_pwrite_sync(bs->file, s->l1_table_offset, sn_l1_table, 479 cur_l1_bytes); 480 if (ret < 0) { 481 goto fail; 482 } 483 484 /* 485 * Decrease refcount of clusters of current L1 table. 486 * 487 * At this point, the in-memory s->l1_table points to the old L1 table, 488 * whereas on disk we already have the new one. 489 * 490 * qcow2_update_snapshot_refcount special cases the current L1 table to use 491 * the in-memory data instead of really using the offset to load a new one, 492 * which is why this works. 493 */ 494 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, 495 s->l1_size, -1); 496 497 /* 498 * Now update the in-memory L1 table to be in sync with the on-disk one. We 499 * need to do this even if updating refcounts failed. 500 */ 501 for(i = 0;i < s->l1_size; i++) { 502 s->l1_table[i] = be64_to_cpu(sn_l1_table[i]); 503 } 504 505 if (ret < 0) { 506 goto fail; 507 } 508 509 g_free(sn_l1_table); 510 sn_l1_table = NULL; 511 512 /* 513 * Update QCOW_OFLAG_COPIED in the active L1 table (it may have changed 514 * when we decreased the refcount of the old snapshot. 515 */ 516 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); 517 if (ret < 0) { 518 goto fail; 519 } 520 521 #ifdef DEBUG_ALLOC 522 { 523 BdrvCheckResult result = {0}; 524 qcow2_check_refcounts(bs, &result, 0); 525 } 526 #endif 527 return 0; 528 529 fail: 530 g_free(sn_l1_table); 531 return ret; 532 } 533 534 int qcow2_snapshot_delete(BlockDriverState *bs, const char *snapshot_id) 535 { 536 BDRVQcowState *s = bs->opaque; 537 QCowSnapshot sn; 538 int snapshot_index, ret; 539 540 /* Search the snapshot */ 541 snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id); 542 if (snapshot_index < 0) { 543 return -ENOENT; 544 } 545 sn = s->snapshots[snapshot_index]; 546 547 /* Remove it from the snapshot list */ 548 memmove(s->snapshots + snapshot_index, 549 s->snapshots + snapshot_index + 1, 550 (s->nb_snapshots - snapshot_index - 1) * sizeof(sn)); 551 s->nb_snapshots--; 552 ret = qcow2_write_snapshots(bs); 553 if (ret < 0) { 554 return ret; 555 } 556 557 /* 558 * The snapshot is now unused, clean up. If we fail after this point, we 559 * won't recover but just leak clusters. 560 */ 561 g_free(sn.id_str); 562 g_free(sn.name); 563 564 /* 565 * Now decrease the refcounts of clusters referenced by the snapshot and 566 * free the L1 table. 567 */ 568 ret = qcow2_update_snapshot_refcount(bs, sn.l1_table_offset, 569 sn.l1_size, -1); 570 if (ret < 0) { 571 return ret; 572 } 573 qcow2_free_clusters(bs, sn.l1_table_offset, sn.l1_size * sizeof(uint64_t), 574 QCOW2_DISCARD_SNAPSHOT); 575 576 /* must update the copied flag on the current cluster offsets */ 577 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); 578 if (ret < 0) { 579 return ret; 580 } 581 582 #ifdef DEBUG_ALLOC 583 { 584 BdrvCheckResult result = {0}; 585 qcow2_check_refcounts(bs, &result, 0); 586 } 587 #endif 588 return 0; 589 } 590 591 int qcow2_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab) 592 { 593 BDRVQcowState *s = bs->opaque; 594 QEMUSnapshotInfo *sn_tab, *sn_info; 595 QCowSnapshot *sn; 596 int i; 597 598 if (!s->nb_snapshots) { 599 *psn_tab = NULL; 600 return s->nb_snapshots; 601 } 602 603 sn_tab = g_malloc0(s->nb_snapshots * sizeof(QEMUSnapshotInfo)); 604 for(i = 0; i < s->nb_snapshots; i++) { 605 sn_info = sn_tab + i; 606 sn = s->snapshots + i; 607 pstrcpy(sn_info->id_str, sizeof(sn_info->id_str), 608 sn->id_str); 609 pstrcpy(sn_info->name, sizeof(sn_info->name), 610 sn->name); 611 sn_info->vm_state_size = sn->vm_state_size; 612 sn_info->date_sec = sn->date_sec; 613 sn_info->date_nsec = sn->date_nsec; 614 sn_info->vm_clock_nsec = sn->vm_clock_nsec; 615 } 616 *psn_tab = sn_tab; 617 return s->nb_snapshots; 618 } 619 620 int qcow2_snapshot_load_tmp(BlockDriverState *bs, const char *snapshot_name) 621 { 622 int i, snapshot_index; 623 BDRVQcowState *s = bs->opaque; 624 QCowSnapshot *sn; 625 uint64_t *new_l1_table; 626 int new_l1_bytes; 627 int ret; 628 629 assert(bs->read_only); 630 631 /* Search the snapshot */ 632 snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_name); 633 if (snapshot_index < 0) { 634 return -ENOENT; 635 } 636 sn = &s->snapshots[snapshot_index]; 637 638 /* Allocate and read in the snapshot's L1 table */ 639 new_l1_bytes = s->l1_size * sizeof(uint64_t); 640 new_l1_table = g_malloc0(align_offset(new_l1_bytes, 512)); 641 642 ret = bdrv_pread(bs->file, sn->l1_table_offset, new_l1_table, new_l1_bytes); 643 if (ret < 0) { 644 g_free(new_l1_table); 645 return ret; 646 } 647 648 /* Switch the L1 table */ 649 g_free(s->l1_table); 650 651 s->l1_size = sn->l1_size; 652 s->l1_table_offset = sn->l1_table_offset; 653 s->l1_table = new_l1_table; 654 655 for(i = 0;i < s->l1_size; i++) { 656 be64_to_cpus(&s->l1_table[i]); 657 } 658 659 return 0; 660 } 661