1 /* 2 * Block driver for the QCOW version 2 format 3 * 4 * Copyright (c) 2004-2006 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu-common.h" 26 #include "block/block_int.h" 27 #include "block/qcow2.h" 28 29 void qcow2_free_snapshots(BlockDriverState *bs) 30 { 31 BDRVQcowState *s = bs->opaque; 32 int i; 33 34 for(i = 0; i < s->nb_snapshots; i++) { 35 g_free(s->snapshots[i].name); 36 g_free(s->snapshots[i].id_str); 37 } 38 g_free(s->snapshots); 39 s->snapshots = NULL; 40 s->nb_snapshots = 0; 41 } 42 43 int qcow2_read_snapshots(BlockDriverState *bs) 44 { 45 BDRVQcowState *s = bs->opaque; 46 QCowSnapshotHeader h; 47 QCowSnapshotExtraData extra; 48 QCowSnapshot *sn; 49 int i, id_str_size, name_size; 50 int64_t offset; 51 uint32_t extra_data_size; 52 int ret; 53 54 if (!s->nb_snapshots) { 55 s->snapshots = NULL; 56 s->snapshots_size = 0; 57 return 0; 58 } 59 60 offset = s->snapshots_offset; 61 s->snapshots = g_new0(QCowSnapshot, s->nb_snapshots); 62 63 for(i = 0; i < s->nb_snapshots; i++) { 64 /* Read statically sized part of the snapshot header */ 65 offset = align_offset(offset, 8); 66 ret = bdrv_pread(bs->file, offset, &h, sizeof(h)); 67 if (ret < 0) { 68 goto fail; 69 } 70 71 offset += sizeof(h); 72 sn = s->snapshots + i; 73 sn->l1_table_offset = be64_to_cpu(h.l1_table_offset); 74 sn->l1_size = be32_to_cpu(h.l1_size); 75 sn->vm_state_size = be32_to_cpu(h.vm_state_size); 76 sn->date_sec = be32_to_cpu(h.date_sec); 77 sn->date_nsec = be32_to_cpu(h.date_nsec); 78 sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec); 79 extra_data_size = be32_to_cpu(h.extra_data_size); 80 81 id_str_size = be16_to_cpu(h.id_str_size); 82 name_size = be16_to_cpu(h.name_size); 83 84 /* Read extra data */ 85 ret = bdrv_pread(bs->file, offset, &extra, 86 MIN(sizeof(extra), extra_data_size)); 87 if (ret < 0) { 88 goto fail; 89 } 90 offset += extra_data_size; 91 92 if (extra_data_size >= 8) { 93 sn->vm_state_size = be64_to_cpu(extra.vm_state_size_large); 94 } 95 96 if (extra_data_size >= 16) { 97 sn->disk_size = be64_to_cpu(extra.disk_size); 98 } else { 99 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE; 100 } 101 102 /* Read snapshot ID */ 103 sn->id_str = g_malloc(id_str_size + 1); 104 ret = bdrv_pread(bs->file, offset, sn->id_str, id_str_size); 105 if (ret < 0) { 106 goto fail; 107 } 108 offset += id_str_size; 109 sn->id_str[id_str_size] = '\0'; 110 111 /* Read snapshot name */ 112 sn->name = g_malloc(name_size + 1); 113 ret = bdrv_pread(bs->file, offset, sn->name, name_size); 114 if (ret < 0) { 115 goto fail; 116 } 117 offset += name_size; 118 sn->name[name_size] = '\0'; 119 120 if (offset - s->snapshots_offset > QCOW_MAX_SNAPSHOTS_SIZE) { 121 ret = -EFBIG; 122 goto fail; 123 } 124 } 125 126 assert(offset - s->snapshots_offset <= INT_MAX); 127 s->snapshots_size = offset - s->snapshots_offset; 128 return 0; 129 130 fail: 131 qcow2_free_snapshots(bs); 132 return ret; 133 } 134 135 /* add at the end of the file a new list of snapshots */ 136 static int qcow2_write_snapshots(BlockDriverState *bs) 137 { 138 BDRVQcowState *s = bs->opaque; 139 QCowSnapshot *sn; 140 QCowSnapshotHeader h; 141 QCowSnapshotExtraData extra; 142 int i, name_size, id_str_size, snapshots_size; 143 struct { 144 uint32_t nb_snapshots; 145 uint64_t snapshots_offset; 146 } QEMU_PACKED header_data; 147 int64_t offset, snapshots_offset = 0; 148 int ret; 149 150 /* compute the size of the snapshots */ 151 offset = 0; 152 for(i = 0; i < s->nb_snapshots; i++) { 153 sn = s->snapshots + i; 154 offset = align_offset(offset, 8); 155 offset += sizeof(h); 156 offset += sizeof(extra); 157 offset += strlen(sn->id_str); 158 offset += strlen(sn->name); 159 160 if (offset > QCOW_MAX_SNAPSHOTS_SIZE) { 161 ret = -EFBIG; 162 goto fail; 163 } 164 } 165 166 assert(offset <= INT_MAX); 167 snapshots_size = offset; 168 169 /* Allocate space for the new snapshot list */ 170 snapshots_offset = qcow2_alloc_clusters(bs, snapshots_size); 171 offset = snapshots_offset; 172 if (offset < 0) { 173 ret = offset; 174 goto fail; 175 } 176 ret = bdrv_flush(bs); 177 if (ret < 0) { 178 goto fail; 179 } 180 181 /* The snapshot list position has not yet been updated, so these clusters 182 * must indeed be completely free */ 183 ret = qcow2_pre_write_overlap_check(bs, 0, offset, snapshots_size); 184 if (ret < 0) { 185 goto fail; 186 } 187 188 189 /* Write all snapshots to the new list */ 190 for(i = 0; i < s->nb_snapshots; i++) { 191 sn = s->snapshots + i; 192 memset(&h, 0, sizeof(h)); 193 h.l1_table_offset = cpu_to_be64(sn->l1_table_offset); 194 h.l1_size = cpu_to_be32(sn->l1_size); 195 /* If it doesn't fit in 32 bit, older implementations should treat it 196 * as a disk-only snapshot rather than truncate the VM state */ 197 if (sn->vm_state_size <= 0xffffffff) { 198 h.vm_state_size = cpu_to_be32(sn->vm_state_size); 199 } 200 h.date_sec = cpu_to_be32(sn->date_sec); 201 h.date_nsec = cpu_to_be32(sn->date_nsec); 202 h.vm_clock_nsec = cpu_to_be64(sn->vm_clock_nsec); 203 h.extra_data_size = cpu_to_be32(sizeof(extra)); 204 205 memset(&extra, 0, sizeof(extra)); 206 extra.vm_state_size_large = cpu_to_be64(sn->vm_state_size); 207 extra.disk_size = cpu_to_be64(sn->disk_size); 208 209 id_str_size = strlen(sn->id_str); 210 name_size = strlen(sn->name); 211 assert(id_str_size <= UINT16_MAX && name_size <= UINT16_MAX); 212 h.id_str_size = cpu_to_be16(id_str_size); 213 h.name_size = cpu_to_be16(name_size); 214 offset = align_offset(offset, 8); 215 216 ret = bdrv_pwrite(bs->file, offset, &h, sizeof(h)); 217 if (ret < 0) { 218 goto fail; 219 } 220 offset += sizeof(h); 221 222 ret = bdrv_pwrite(bs->file, offset, &extra, sizeof(extra)); 223 if (ret < 0) { 224 goto fail; 225 } 226 offset += sizeof(extra); 227 228 ret = bdrv_pwrite(bs->file, offset, sn->id_str, id_str_size); 229 if (ret < 0) { 230 goto fail; 231 } 232 offset += id_str_size; 233 234 ret = bdrv_pwrite(bs->file, offset, sn->name, name_size); 235 if (ret < 0) { 236 goto fail; 237 } 238 offset += name_size; 239 } 240 241 /* 242 * Update the header to point to the new snapshot table. This requires the 243 * new table and its refcounts to be stable on disk. 244 */ 245 ret = bdrv_flush(bs); 246 if (ret < 0) { 247 goto fail; 248 } 249 250 QEMU_BUILD_BUG_ON(offsetof(QCowHeader, snapshots_offset) != 251 offsetof(QCowHeader, nb_snapshots) + sizeof(header_data.nb_snapshots)); 252 253 header_data.nb_snapshots = cpu_to_be32(s->nb_snapshots); 254 header_data.snapshots_offset = cpu_to_be64(snapshots_offset); 255 256 ret = bdrv_pwrite_sync(bs->file, offsetof(QCowHeader, nb_snapshots), 257 &header_data, sizeof(header_data)); 258 if (ret < 0) { 259 goto fail; 260 } 261 262 /* free the old snapshot table */ 263 qcow2_free_clusters(bs, s->snapshots_offset, s->snapshots_size, 264 QCOW2_DISCARD_SNAPSHOT); 265 s->snapshots_offset = snapshots_offset; 266 s->snapshots_size = snapshots_size; 267 return 0; 268 269 fail: 270 if (snapshots_offset > 0) { 271 qcow2_free_clusters(bs, snapshots_offset, snapshots_size, 272 QCOW2_DISCARD_ALWAYS); 273 } 274 return ret; 275 } 276 277 static void find_new_snapshot_id(BlockDriverState *bs, 278 char *id_str, int id_str_size) 279 { 280 BDRVQcowState *s = bs->opaque; 281 QCowSnapshot *sn; 282 int i; 283 unsigned long id, id_max = 0; 284 285 for(i = 0; i < s->nb_snapshots; i++) { 286 sn = s->snapshots + i; 287 id = strtoul(sn->id_str, NULL, 10); 288 if (id > id_max) 289 id_max = id; 290 } 291 snprintf(id_str, id_str_size, "%lu", id_max + 1); 292 } 293 294 static int find_snapshot_by_id_and_name(BlockDriverState *bs, 295 const char *id, 296 const char *name) 297 { 298 BDRVQcowState *s = bs->opaque; 299 int i; 300 301 if (id && name) { 302 for (i = 0; i < s->nb_snapshots; i++) { 303 if (!strcmp(s->snapshots[i].id_str, id) && 304 !strcmp(s->snapshots[i].name, name)) { 305 return i; 306 } 307 } 308 } else if (id) { 309 for (i = 0; i < s->nb_snapshots; i++) { 310 if (!strcmp(s->snapshots[i].id_str, id)) { 311 return i; 312 } 313 } 314 } else if (name) { 315 for (i = 0; i < s->nb_snapshots; i++) { 316 if (!strcmp(s->snapshots[i].name, name)) { 317 return i; 318 } 319 } 320 } 321 322 return -1; 323 } 324 325 static int find_snapshot_by_id_or_name(BlockDriverState *bs, 326 const char *id_or_name) 327 { 328 int ret; 329 330 ret = find_snapshot_by_id_and_name(bs, id_or_name, NULL); 331 if (ret >= 0) { 332 return ret; 333 } 334 return find_snapshot_by_id_and_name(bs, NULL, id_or_name); 335 } 336 337 /* if no id is provided, a new one is constructed */ 338 int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info) 339 { 340 BDRVQcowState *s = bs->opaque; 341 QCowSnapshot *new_snapshot_list = NULL; 342 QCowSnapshot *old_snapshot_list = NULL; 343 QCowSnapshot sn1, *sn = &sn1; 344 int i, ret; 345 uint64_t *l1_table = NULL; 346 int64_t l1_table_offset; 347 348 if (s->nb_snapshots >= QCOW_MAX_SNAPSHOTS) { 349 return -EFBIG; 350 } 351 352 memset(sn, 0, sizeof(*sn)); 353 354 /* Generate an ID if it wasn't passed */ 355 if (sn_info->id_str[0] == '\0') { 356 find_new_snapshot_id(bs, sn_info->id_str, sizeof(sn_info->id_str)); 357 } 358 359 /* Check that the ID is unique */ 360 if (find_snapshot_by_id_and_name(bs, sn_info->id_str, NULL) >= 0) { 361 return -EEXIST; 362 } 363 364 /* Populate sn with passed data */ 365 sn->id_str = g_strdup(sn_info->id_str); 366 sn->name = g_strdup(sn_info->name); 367 368 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE; 369 sn->vm_state_size = sn_info->vm_state_size; 370 sn->date_sec = sn_info->date_sec; 371 sn->date_nsec = sn_info->date_nsec; 372 sn->vm_clock_nsec = sn_info->vm_clock_nsec; 373 374 /* Allocate the L1 table of the snapshot and copy the current one there. */ 375 l1_table_offset = qcow2_alloc_clusters(bs, s->l1_size * sizeof(uint64_t)); 376 if (l1_table_offset < 0) { 377 ret = l1_table_offset; 378 goto fail; 379 } 380 381 sn->l1_table_offset = l1_table_offset; 382 sn->l1_size = s->l1_size; 383 384 l1_table = g_try_new(uint64_t, s->l1_size); 385 if (s->l1_size && l1_table == NULL) { 386 ret = -ENOMEM; 387 goto fail; 388 } 389 390 for(i = 0; i < s->l1_size; i++) { 391 l1_table[i] = cpu_to_be64(s->l1_table[i]); 392 } 393 394 ret = qcow2_pre_write_overlap_check(bs, 0, sn->l1_table_offset, 395 s->l1_size * sizeof(uint64_t)); 396 if (ret < 0) { 397 goto fail; 398 } 399 400 ret = bdrv_pwrite(bs->file, sn->l1_table_offset, l1_table, 401 s->l1_size * sizeof(uint64_t)); 402 if (ret < 0) { 403 goto fail; 404 } 405 406 g_free(l1_table); 407 l1_table = NULL; 408 409 /* 410 * Increase the refcounts of all clusters and make sure everything is 411 * stable on disk before updating the snapshot table to contain a pointer 412 * to the new L1 table. 413 */ 414 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 1); 415 if (ret < 0) { 416 goto fail; 417 } 418 419 /* Append the new snapshot to the snapshot list */ 420 new_snapshot_list = g_new(QCowSnapshot, s->nb_snapshots + 1); 421 if (s->snapshots) { 422 memcpy(new_snapshot_list, s->snapshots, 423 s->nb_snapshots * sizeof(QCowSnapshot)); 424 old_snapshot_list = s->snapshots; 425 } 426 s->snapshots = new_snapshot_list; 427 s->snapshots[s->nb_snapshots++] = *sn; 428 429 ret = qcow2_write_snapshots(bs); 430 if (ret < 0) { 431 g_free(s->snapshots); 432 s->snapshots = old_snapshot_list; 433 s->nb_snapshots--; 434 goto fail; 435 } 436 437 g_free(old_snapshot_list); 438 439 /* The VM state isn't needed any more in the active L1 table; in fact, it 440 * hurts by causing expensive COW for the next snapshot. */ 441 qcow2_discard_clusters(bs, qcow2_vm_state_offset(s), 442 align_offset(sn->vm_state_size, s->cluster_size) 443 >> BDRV_SECTOR_BITS, 444 QCOW2_DISCARD_NEVER); 445 446 #ifdef DEBUG_ALLOC 447 { 448 BdrvCheckResult result = {0}; 449 qcow2_check_refcounts(bs, &result, 0); 450 } 451 #endif 452 return 0; 453 454 fail: 455 g_free(sn->id_str); 456 g_free(sn->name); 457 g_free(l1_table); 458 459 return ret; 460 } 461 462 /* copy the snapshot 'snapshot_name' into the current disk image */ 463 int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id) 464 { 465 BDRVQcowState *s = bs->opaque; 466 QCowSnapshot *sn; 467 int i, snapshot_index; 468 int cur_l1_bytes, sn_l1_bytes; 469 int ret; 470 uint64_t *sn_l1_table = NULL; 471 472 /* Search the snapshot */ 473 snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id); 474 if (snapshot_index < 0) { 475 return -ENOENT; 476 } 477 sn = &s->snapshots[snapshot_index]; 478 479 if (sn->disk_size != bs->total_sectors * BDRV_SECTOR_SIZE) { 480 error_report("qcow2: Loading snapshots with different disk " 481 "size is not implemented"); 482 ret = -ENOTSUP; 483 goto fail; 484 } 485 486 /* 487 * Make sure that the current L1 table is big enough to contain the whole 488 * L1 table of the snapshot. If the snapshot L1 table is smaller, the 489 * current one must be padded with zeros. 490 */ 491 ret = qcow2_grow_l1_table(bs, sn->l1_size, true); 492 if (ret < 0) { 493 goto fail; 494 } 495 496 cur_l1_bytes = s->l1_size * sizeof(uint64_t); 497 sn_l1_bytes = sn->l1_size * sizeof(uint64_t); 498 499 /* 500 * Copy the snapshot L1 table to the current L1 table. 501 * 502 * Before overwriting the old current L1 table on disk, make sure to 503 * increase all refcounts for the clusters referenced by the new one. 504 * Decrease the refcount referenced by the old one only when the L1 505 * table is overwritten. 506 */ 507 sn_l1_table = g_try_malloc0(cur_l1_bytes); 508 if (cur_l1_bytes && sn_l1_table == NULL) { 509 ret = -ENOMEM; 510 goto fail; 511 } 512 513 ret = bdrv_pread(bs->file, sn->l1_table_offset, sn_l1_table, sn_l1_bytes); 514 if (ret < 0) { 515 goto fail; 516 } 517 518 ret = qcow2_update_snapshot_refcount(bs, sn->l1_table_offset, 519 sn->l1_size, 1); 520 if (ret < 0) { 521 goto fail; 522 } 523 524 ret = qcow2_pre_write_overlap_check(bs, QCOW2_OL_ACTIVE_L1, 525 s->l1_table_offset, cur_l1_bytes); 526 if (ret < 0) { 527 goto fail; 528 } 529 530 ret = bdrv_pwrite_sync(bs->file, s->l1_table_offset, sn_l1_table, 531 cur_l1_bytes); 532 if (ret < 0) { 533 goto fail; 534 } 535 536 /* 537 * Decrease refcount of clusters of current L1 table. 538 * 539 * At this point, the in-memory s->l1_table points to the old L1 table, 540 * whereas on disk we already have the new one. 541 * 542 * qcow2_update_snapshot_refcount special cases the current L1 table to use 543 * the in-memory data instead of really using the offset to load a new one, 544 * which is why this works. 545 */ 546 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, 547 s->l1_size, -1); 548 549 /* 550 * Now update the in-memory L1 table to be in sync with the on-disk one. We 551 * need to do this even if updating refcounts failed. 552 */ 553 for(i = 0;i < s->l1_size; i++) { 554 s->l1_table[i] = be64_to_cpu(sn_l1_table[i]); 555 } 556 557 if (ret < 0) { 558 goto fail; 559 } 560 561 g_free(sn_l1_table); 562 sn_l1_table = NULL; 563 564 /* 565 * Update QCOW_OFLAG_COPIED in the active L1 table (it may have changed 566 * when we decreased the refcount of the old snapshot. 567 */ 568 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); 569 if (ret < 0) { 570 goto fail; 571 } 572 573 #ifdef DEBUG_ALLOC 574 { 575 BdrvCheckResult result = {0}; 576 qcow2_check_refcounts(bs, &result, 0); 577 } 578 #endif 579 return 0; 580 581 fail: 582 g_free(sn_l1_table); 583 return ret; 584 } 585 586 int qcow2_snapshot_delete(BlockDriverState *bs, 587 const char *snapshot_id, 588 const char *name, 589 Error **errp) 590 { 591 BDRVQcowState *s = bs->opaque; 592 QCowSnapshot sn; 593 int snapshot_index, ret; 594 595 /* Search the snapshot */ 596 snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name); 597 if (snapshot_index < 0) { 598 error_setg(errp, "Can't find the snapshot"); 599 return -ENOENT; 600 } 601 sn = s->snapshots[snapshot_index]; 602 603 /* Remove it from the snapshot list */ 604 memmove(s->snapshots + snapshot_index, 605 s->snapshots + snapshot_index + 1, 606 (s->nb_snapshots - snapshot_index - 1) * sizeof(sn)); 607 s->nb_snapshots--; 608 ret = qcow2_write_snapshots(bs); 609 if (ret < 0) { 610 error_setg_errno(errp, -ret, 611 "Failed to remove snapshot from snapshot list"); 612 return ret; 613 } 614 615 /* 616 * The snapshot is now unused, clean up. If we fail after this point, we 617 * won't recover but just leak clusters. 618 */ 619 g_free(sn.id_str); 620 g_free(sn.name); 621 622 /* 623 * Now decrease the refcounts of clusters referenced by the snapshot and 624 * free the L1 table. 625 */ 626 ret = qcow2_update_snapshot_refcount(bs, sn.l1_table_offset, 627 sn.l1_size, -1); 628 if (ret < 0) { 629 error_setg_errno(errp, -ret, "Failed to free the cluster and L1 table"); 630 return ret; 631 } 632 qcow2_free_clusters(bs, sn.l1_table_offset, sn.l1_size * sizeof(uint64_t), 633 QCOW2_DISCARD_SNAPSHOT); 634 635 /* must update the copied flag on the current cluster offsets */ 636 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); 637 if (ret < 0) { 638 error_setg_errno(errp, -ret, 639 "Failed to update snapshot status in disk"); 640 return ret; 641 } 642 643 #ifdef DEBUG_ALLOC 644 { 645 BdrvCheckResult result = {0}; 646 qcow2_check_refcounts(bs, &result, 0); 647 } 648 #endif 649 return 0; 650 } 651 652 int qcow2_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab) 653 { 654 BDRVQcowState *s = bs->opaque; 655 QEMUSnapshotInfo *sn_tab, *sn_info; 656 QCowSnapshot *sn; 657 int i; 658 659 if (!s->nb_snapshots) { 660 *psn_tab = NULL; 661 return s->nb_snapshots; 662 } 663 664 sn_tab = g_new0(QEMUSnapshotInfo, s->nb_snapshots); 665 for(i = 0; i < s->nb_snapshots; i++) { 666 sn_info = sn_tab + i; 667 sn = s->snapshots + i; 668 pstrcpy(sn_info->id_str, sizeof(sn_info->id_str), 669 sn->id_str); 670 pstrcpy(sn_info->name, sizeof(sn_info->name), 671 sn->name); 672 sn_info->vm_state_size = sn->vm_state_size; 673 sn_info->date_sec = sn->date_sec; 674 sn_info->date_nsec = sn->date_nsec; 675 sn_info->vm_clock_nsec = sn->vm_clock_nsec; 676 } 677 *psn_tab = sn_tab; 678 return s->nb_snapshots; 679 } 680 681 int qcow2_snapshot_load_tmp(BlockDriverState *bs, 682 const char *snapshot_id, 683 const char *name, 684 Error **errp) 685 { 686 int i, snapshot_index; 687 BDRVQcowState *s = bs->opaque; 688 QCowSnapshot *sn; 689 uint64_t *new_l1_table; 690 int new_l1_bytes; 691 int ret; 692 693 assert(bs->read_only); 694 695 /* Search the snapshot */ 696 snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name); 697 if (snapshot_index < 0) { 698 error_setg(errp, 699 "Can't find snapshot"); 700 return -ENOENT; 701 } 702 sn = &s->snapshots[snapshot_index]; 703 704 /* Allocate and read in the snapshot's L1 table */ 705 if (sn->l1_size > QCOW_MAX_L1_SIZE) { 706 error_setg(errp, "Snapshot L1 table too large"); 707 return -EFBIG; 708 } 709 new_l1_bytes = sn->l1_size * sizeof(uint64_t); 710 new_l1_table = qemu_try_blockalign(bs->file, 711 align_offset(new_l1_bytes, 512)); 712 if (new_l1_table == NULL) { 713 return -ENOMEM; 714 } 715 716 ret = bdrv_pread(bs->file, sn->l1_table_offset, new_l1_table, new_l1_bytes); 717 if (ret < 0) { 718 error_setg(errp, "Failed to read l1 table for snapshot"); 719 qemu_vfree(new_l1_table); 720 return ret; 721 } 722 723 /* Switch the L1 table */ 724 qemu_vfree(s->l1_table); 725 726 s->l1_size = sn->l1_size; 727 s->l1_table_offset = sn->l1_table_offset; 728 s->l1_table = new_l1_table; 729 730 for(i = 0;i < s->l1_size; i++) { 731 be64_to_cpus(&s->l1_table[i]); 732 } 733 734 return 0; 735 } 736