1 /* 2 * Block driver for the QCOW version 2 format 3 * 4 * Copyright (c) 2004-2006 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #include "qemu-common.h" 26 #include "block/block_int.h" 27 #include "block/qcow2.h" 28 #include "qemu/error-report.h" 29 30 void qcow2_free_snapshots(BlockDriverState *bs) 31 { 32 BDRVQcow2State *s = bs->opaque; 33 int i; 34 35 for(i = 0; i < s->nb_snapshots; i++) { 36 g_free(s->snapshots[i].name); 37 g_free(s->snapshots[i].id_str); 38 } 39 g_free(s->snapshots); 40 s->snapshots = NULL; 41 s->nb_snapshots = 0; 42 } 43 44 int qcow2_read_snapshots(BlockDriverState *bs) 45 { 46 BDRVQcow2State *s = bs->opaque; 47 QCowSnapshotHeader h; 48 QCowSnapshotExtraData extra; 49 QCowSnapshot *sn; 50 int i, id_str_size, name_size; 51 int64_t offset; 52 uint32_t extra_data_size; 53 int ret; 54 55 if (!s->nb_snapshots) { 56 s->snapshots = NULL; 57 s->snapshots_size = 0; 58 return 0; 59 } 60 61 offset = s->snapshots_offset; 62 s->snapshots = g_new0(QCowSnapshot, s->nb_snapshots); 63 64 for(i = 0; i < s->nb_snapshots; i++) { 65 /* Read statically sized part of the snapshot header */ 66 offset = align_offset(offset, 8); 67 ret = bdrv_pread(bs->file->bs, offset, &h, sizeof(h)); 68 if (ret < 0) { 69 goto fail; 70 } 71 72 offset += sizeof(h); 73 sn = s->snapshots + i; 74 sn->l1_table_offset = be64_to_cpu(h.l1_table_offset); 75 sn->l1_size = be32_to_cpu(h.l1_size); 76 sn->vm_state_size = be32_to_cpu(h.vm_state_size); 77 sn->date_sec = be32_to_cpu(h.date_sec); 78 sn->date_nsec = be32_to_cpu(h.date_nsec); 79 sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec); 80 extra_data_size = be32_to_cpu(h.extra_data_size); 81 82 id_str_size = be16_to_cpu(h.id_str_size); 83 name_size = be16_to_cpu(h.name_size); 84 85 /* Read extra data */ 86 ret = bdrv_pread(bs->file->bs, offset, &extra, 87 MIN(sizeof(extra), extra_data_size)); 88 if (ret < 0) { 89 goto fail; 90 } 91 offset += extra_data_size; 92 93 if (extra_data_size >= 8) { 94 sn->vm_state_size = be64_to_cpu(extra.vm_state_size_large); 95 } 96 97 if (extra_data_size >= 16) { 98 sn->disk_size = be64_to_cpu(extra.disk_size); 99 } else { 100 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE; 101 } 102 103 /* Read snapshot ID */ 104 sn->id_str = g_malloc(id_str_size + 1); 105 ret = bdrv_pread(bs->file->bs, offset, sn->id_str, id_str_size); 106 if (ret < 0) { 107 goto fail; 108 } 109 offset += id_str_size; 110 sn->id_str[id_str_size] = '\0'; 111 112 /* Read snapshot name */ 113 sn->name = g_malloc(name_size + 1); 114 ret = bdrv_pread(bs->file->bs, offset, sn->name, name_size); 115 if (ret < 0) { 116 goto fail; 117 } 118 offset += name_size; 119 sn->name[name_size] = '\0'; 120 121 if (offset - s->snapshots_offset > QCOW_MAX_SNAPSHOTS_SIZE) { 122 ret = -EFBIG; 123 goto fail; 124 } 125 } 126 127 assert(offset - s->snapshots_offset <= INT_MAX); 128 s->snapshots_size = offset - s->snapshots_offset; 129 return 0; 130 131 fail: 132 qcow2_free_snapshots(bs); 133 return ret; 134 } 135 136 /* add at the end of the file a new list of snapshots */ 137 static int qcow2_write_snapshots(BlockDriverState *bs) 138 { 139 BDRVQcow2State *s = bs->opaque; 140 QCowSnapshot *sn; 141 QCowSnapshotHeader h; 142 QCowSnapshotExtraData extra; 143 int i, name_size, id_str_size, snapshots_size; 144 struct { 145 uint32_t nb_snapshots; 146 uint64_t snapshots_offset; 147 } QEMU_PACKED header_data; 148 int64_t offset, snapshots_offset = 0; 149 int ret; 150 151 /* compute the size of the snapshots */ 152 offset = 0; 153 for(i = 0; i < s->nb_snapshots; i++) { 154 sn = s->snapshots + i; 155 offset = align_offset(offset, 8); 156 offset += sizeof(h); 157 offset += sizeof(extra); 158 offset += strlen(sn->id_str); 159 offset += strlen(sn->name); 160 161 if (offset > QCOW_MAX_SNAPSHOTS_SIZE) { 162 ret = -EFBIG; 163 goto fail; 164 } 165 } 166 167 assert(offset <= INT_MAX); 168 snapshots_size = offset; 169 170 /* Allocate space for the new snapshot list */ 171 snapshots_offset = qcow2_alloc_clusters(bs, snapshots_size); 172 offset = snapshots_offset; 173 if (offset < 0) { 174 ret = offset; 175 goto fail; 176 } 177 ret = bdrv_flush(bs); 178 if (ret < 0) { 179 goto fail; 180 } 181 182 /* The snapshot list position has not yet been updated, so these clusters 183 * must indeed be completely free */ 184 ret = qcow2_pre_write_overlap_check(bs, 0, offset, snapshots_size); 185 if (ret < 0) { 186 goto fail; 187 } 188 189 190 /* Write all snapshots to the new list */ 191 for(i = 0; i < s->nb_snapshots; i++) { 192 sn = s->snapshots + i; 193 memset(&h, 0, sizeof(h)); 194 h.l1_table_offset = cpu_to_be64(sn->l1_table_offset); 195 h.l1_size = cpu_to_be32(sn->l1_size); 196 /* If it doesn't fit in 32 bit, older implementations should treat it 197 * as a disk-only snapshot rather than truncate the VM state */ 198 if (sn->vm_state_size <= 0xffffffff) { 199 h.vm_state_size = cpu_to_be32(sn->vm_state_size); 200 } 201 h.date_sec = cpu_to_be32(sn->date_sec); 202 h.date_nsec = cpu_to_be32(sn->date_nsec); 203 h.vm_clock_nsec = cpu_to_be64(sn->vm_clock_nsec); 204 h.extra_data_size = cpu_to_be32(sizeof(extra)); 205 206 memset(&extra, 0, sizeof(extra)); 207 extra.vm_state_size_large = cpu_to_be64(sn->vm_state_size); 208 extra.disk_size = cpu_to_be64(sn->disk_size); 209 210 id_str_size = strlen(sn->id_str); 211 name_size = strlen(sn->name); 212 assert(id_str_size <= UINT16_MAX && name_size <= UINT16_MAX); 213 h.id_str_size = cpu_to_be16(id_str_size); 214 h.name_size = cpu_to_be16(name_size); 215 offset = align_offset(offset, 8); 216 217 ret = bdrv_pwrite(bs->file->bs, offset, &h, sizeof(h)); 218 if (ret < 0) { 219 goto fail; 220 } 221 offset += sizeof(h); 222 223 ret = bdrv_pwrite(bs->file->bs, offset, &extra, sizeof(extra)); 224 if (ret < 0) { 225 goto fail; 226 } 227 offset += sizeof(extra); 228 229 ret = bdrv_pwrite(bs->file->bs, offset, sn->id_str, id_str_size); 230 if (ret < 0) { 231 goto fail; 232 } 233 offset += id_str_size; 234 235 ret = bdrv_pwrite(bs->file->bs, offset, sn->name, name_size); 236 if (ret < 0) { 237 goto fail; 238 } 239 offset += name_size; 240 } 241 242 /* 243 * Update the header to point to the new snapshot table. This requires the 244 * new table and its refcounts to be stable on disk. 245 */ 246 ret = bdrv_flush(bs); 247 if (ret < 0) { 248 goto fail; 249 } 250 251 QEMU_BUILD_BUG_ON(offsetof(QCowHeader, snapshots_offset) != 252 offsetof(QCowHeader, nb_snapshots) + sizeof(header_data.nb_snapshots)); 253 254 header_data.nb_snapshots = cpu_to_be32(s->nb_snapshots); 255 header_data.snapshots_offset = cpu_to_be64(snapshots_offset); 256 257 ret = bdrv_pwrite_sync(bs->file->bs, offsetof(QCowHeader, nb_snapshots), 258 &header_data, sizeof(header_data)); 259 if (ret < 0) { 260 goto fail; 261 } 262 263 /* free the old snapshot table */ 264 qcow2_free_clusters(bs, s->snapshots_offset, s->snapshots_size, 265 QCOW2_DISCARD_SNAPSHOT); 266 s->snapshots_offset = snapshots_offset; 267 s->snapshots_size = snapshots_size; 268 return 0; 269 270 fail: 271 if (snapshots_offset > 0) { 272 qcow2_free_clusters(bs, snapshots_offset, snapshots_size, 273 QCOW2_DISCARD_ALWAYS); 274 } 275 return ret; 276 } 277 278 static void find_new_snapshot_id(BlockDriverState *bs, 279 char *id_str, int id_str_size) 280 { 281 BDRVQcow2State *s = bs->opaque; 282 QCowSnapshot *sn; 283 int i; 284 unsigned long id, id_max = 0; 285 286 for(i = 0; i < s->nb_snapshots; i++) { 287 sn = s->snapshots + i; 288 id = strtoul(sn->id_str, NULL, 10); 289 if (id > id_max) 290 id_max = id; 291 } 292 snprintf(id_str, id_str_size, "%lu", id_max + 1); 293 } 294 295 static int find_snapshot_by_id_and_name(BlockDriverState *bs, 296 const char *id, 297 const char *name) 298 { 299 BDRVQcow2State *s = bs->opaque; 300 int i; 301 302 if (id && name) { 303 for (i = 0; i < s->nb_snapshots; i++) { 304 if (!strcmp(s->snapshots[i].id_str, id) && 305 !strcmp(s->snapshots[i].name, name)) { 306 return i; 307 } 308 } 309 } else if (id) { 310 for (i = 0; i < s->nb_snapshots; i++) { 311 if (!strcmp(s->snapshots[i].id_str, id)) { 312 return i; 313 } 314 } 315 } else if (name) { 316 for (i = 0; i < s->nb_snapshots; i++) { 317 if (!strcmp(s->snapshots[i].name, name)) { 318 return i; 319 } 320 } 321 } 322 323 return -1; 324 } 325 326 static int find_snapshot_by_id_or_name(BlockDriverState *bs, 327 const char *id_or_name) 328 { 329 int ret; 330 331 ret = find_snapshot_by_id_and_name(bs, id_or_name, NULL); 332 if (ret >= 0) { 333 return ret; 334 } 335 return find_snapshot_by_id_and_name(bs, NULL, id_or_name); 336 } 337 338 /* if no id is provided, a new one is constructed */ 339 int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info) 340 { 341 BDRVQcow2State *s = bs->opaque; 342 QCowSnapshot *new_snapshot_list = NULL; 343 QCowSnapshot *old_snapshot_list = NULL; 344 QCowSnapshot sn1, *sn = &sn1; 345 int i, ret; 346 uint64_t *l1_table = NULL; 347 int64_t l1_table_offset; 348 349 if (s->nb_snapshots >= QCOW_MAX_SNAPSHOTS) { 350 return -EFBIG; 351 } 352 353 memset(sn, 0, sizeof(*sn)); 354 355 /* Generate an ID */ 356 find_new_snapshot_id(bs, sn_info->id_str, sizeof(sn_info->id_str)); 357 358 /* Check that the ID is unique */ 359 if (find_snapshot_by_id_and_name(bs, sn_info->id_str, NULL) >= 0) { 360 return -EEXIST; 361 } 362 363 /* Populate sn with passed data */ 364 sn->id_str = g_strdup(sn_info->id_str); 365 sn->name = g_strdup(sn_info->name); 366 367 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE; 368 sn->vm_state_size = sn_info->vm_state_size; 369 sn->date_sec = sn_info->date_sec; 370 sn->date_nsec = sn_info->date_nsec; 371 sn->vm_clock_nsec = sn_info->vm_clock_nsec; 372 373 /* Allocate the L1 table of the snapshot and copy the current one there. */ 374 l1_table_offset = qcow2_alloc_clusters(bs, s->l1_size * sizeof(uint64_t)); 375 if (l1_table_offset < 0) { 376 ret = l1_table_offset; 377 goto fail; 378 } 379 380 sn->l1_table_offset = l1_table_offset; 381 sn->l1_size = s->l1_size; 382 383 l1_table = g_try_new(uint64_t, s->l1_size); 384 if (s->l1_size && l1_table == NULL) { 385 ret = -ENOMEM; 386 goto fail; 387 } 388 389 for(i = 0; i < s->l1_size; i++) { 390 l1_table[i] = cpu_to_be64(s->l1_table[i]); 391 } 392 393 ret = qcow2_pre_write_overlap_check(bs, 0, sn->l1_table_offset, 394 s->l1_size * sizeof(uint64_t)); 395 if (ret < 0) { 396 goto fail; 397 } 398 399 ret = bdrv_pwrite(bs->file->bs, sn->l1_table_offset, l1_table, 400 s->l1_size * sizeof(uint64_t)); 401 if (ret < 0) { 402 goto fail; 403 } 404 405 g_free(l1_table); 406 l1_table = NULL; 407 408 /* 409 * Increase the refcounts of all clusters and make sure everything is 410 * stable on disk before updating the snapshot table to contain a pointer 411 * to the new L1 table. 412 */ 413 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 1); 414 if (ret < 0) { 415 goto fail; 416 } 417 418 /* Append the new snapshot to the snapshot list */ 419 new_snapshot_list = g_new(QCowSnapshot, s->nb_snapshots + 1); 420 if (s->snapshots) { 421 memcpy(new_snapshot_list, s->snapshots, 422 s->nb_snapshots * sizeof(QCowSnapshot)); 423 old_snapshot_list = s->snapshots; 424 } 425 s->snapshots = new_snapshot_list; 426 s->snapshots[s->nb_snapshots++] = *sn; 427 428 ret = qcow2_write_snapshots(bs); 429 if (ret < 0) { 430 g_free(s->snapshots); 431 s->snapshots = old_snapshot_list; 432 s->nb_snapshots--; 433 goto fail; 434 } 435 436 g_free(old_snapshot_list); 437 438 /* The VM state isn't needed any more in the active L1 table; in fact, it 439 * hurts by causing expensive COW for the next snapshot. */ 440 qcow2_discard_clusters(bs, qcow2_vm_state_offset(s), 441 align_offset(sn->vm_state_size, s->cluster_size) 442 >> BDRV_SECTOR_BITS, 443 QCOW2_DISCARD_NEVER, false); 444 445 #ifdef DEBUG_ALLOC 446 { 447 BdrvCheckResult result = {0}; 448 qcow2_check_refcounts(bs, &result, 0); 449 } 450 #endif 451 return 0; 452 453 fail: 454 g_free(sn->id_str); 455 g_free(sn->name); 456 g_free(l1_table); 457 458 return ret; 459 } 460 461 /* copy the snapshot 'snapshot_name' into the current disk image */ 462 int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id) 463 { 464 BDRVQcow2State *s = bs->opaque; 465 QCowSnapshot *sn; 466 int i, snapshot_index; 467 int cur_l1_bytes, sn_l1_bytes; 468 int ret; 469 uint64_t *sn_l1_table = NULL; 470 471 /* Search the snapshot */ 472 snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id); 473 if (snapshot_index < 0) { 474 return -ENOENT; 475 } 476 sn = &s->snapshots[snapshot_index]; 477 478 if (sn->disk_size != bs->total_sectors * BDRV_SECTOR_SIZE) { 479 error_report("qcow2: Loading snapshots with different disk " 480 "size is not implemented"); 481 ret = -ENOTSUP; 482 goto fail; 483 } 484 485 /* 486 * Make sure that the current L1 table is big enough to contain the whole 487 * L1 table of the snapshot. If the snapshot L1 table is smaller, the 488 * current one must be padded with zeros. 489 */ 490 ret = qcow2_grow_l1_table(bs, sn->l1_size, true); 491 if (ret < 0) { 492 goto fail; 493 } 494 495 cur_l1_bytes = s->l1_size * sizeof(uint64_t); 496 sn_l1_bytes = sn->l1_size * sizeof(uint64_t); 497 498 /* 499 * Copy the snapshot L1 table to the current L1 table. 500 * 501 * Before overwriting the old current L1 table on disk, make sure to 502 * increase all refcounts for the clusters referenced by the new one. 503 * Decrease the refcount referenced by the old one only when the L1 504 * table is overwritten. 505 */ 506 sn_l1_table = g_try_malloc0(cur_l1_bytes); 507 if (cur_l1_bytes && sn_l1_table == NULL) { 508 ret = -ENOMEM; 509 goto fail; 510 } 511 512 ret = bdrv_pread(bs->file->bs, sn->l1_table_offset, 513 sn_l1_table, sn_l1_bytes); 514 if (ret < 0) { 515 goto fail; 516 } 517 518 ret = qcow2_update_snapshot_refcount(bs, sn->l1_table_offset, 519 sn->l1_size, 1); 520 if (ret < 0) { 521 goto fail; 522 } 523 524 ret = qcow2_pre_write_overlap_check(bs, QCOW2_OL_ACTIVE_L1, 525 s->l1_table_offset, cur_l1_bytes); 526 if (ret < 0) { 527 goto fail; 528 } 529 530 ret = bdrv_pwrite_sync(bs->file->bs, s->l1_table_offset, sn_l1_table, 531 cur_l1_bytes); 532 if (ret < 0) { 533 goto fail; 534 } 535 536 /* 537 * Decrease refcount of clusters of current L1 table. 538 * 539 * At this point, the in-memory s->l1_table points to the old L1 table, 540 * whereas on disk we already have the new one. 541 * 542 * qcow2_update_snapshot_refcount special cases the current L1 table to use 543 * the in-memory data instead of really using the offset to load a new one, 544 * which is why this works. 545 */ 546 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, 547 s->l1_size, -1); 548 549 /* 550 * Now update the in-memory L1 table to be in sync with the on-disk one. We 551 * need to do this even if updating refcounts failed. 552 */ 553 for(i = 0;i < s->l1_size; i++) { 554 s->l1_table[i] = be64_to_cpu(sn_l1_table[i]); 555 } 556 557 if (ret < 0) { 558 goto fail; 559 } 560 561 g_free(sn_l1_table); 562 sn_l1_table = NULL; 563 564 /* 565 * Update QCOW_OFLAG_COPIED in the active L1 table (it may have changed 566 * when we decreased the refcount of the old snapshot. 567 */ 568 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); 569 if (ret < 0) { 570 goto fail; 571 } 572 573 #ifdef DEBUG_ALLOC 574 { 575 BdrvCheckResult result = {0}; 576 qcow2_check_refcounts(bs, &result, 0); 577 } 578 #endif 579 return 0; 580 581 fail: 582 g_free(sn_l1_table); 583 return ret; 584 } 585 586 int qcow2_snapshot_delete(BlockDriverState *bs, 587 const char *snapshot_id, 588 const char *name, 589 Error **errp) 590 { 591 BDRVQcow2State *s = bs->opaque; 592 QCowSnapshot sn; 593 int snapshot_index, ret; 594 595 /* Search the snapshot */ 596 snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name); 597 if (snapshot_index < 0) { 598 error_setg(errp, "Can't find the snapshot"); 599 return -ENOENT; 600 } 601 sn = s->snapshots[snapshot_index]; 602 603 /* Remove it from the snapshot list */ 604 memmove(s->snapshots + snapshot_index, 605 s->snapshots + snapshot_index + 1, 606 (s->nb_snapshots - snapshot_index - 1) * sizeof(sn)); 607 s->nb_snapshots--; 608 ret = qcow2_write_snapshots(bs); 609 if (ret < 0) { 610 error_setg_errno(errp, -ret, 611 "Failed to remove snapshot from snapshot list"); 612 return ret; 613 } 614 615 /* 616 * The snapshot is now unused, clean up. If we fail after this point, we 617 * won't recover but just leak clusters. 618 */ 619 g_free(sn.id_str); 620 g_free(sn.name); 621 622 /* 623 * Now decrease the refcounts of clusters referenced by the snapshot and 624 * free the L1 table. 625 */ 626 ret = qcow2_update_snapshot_refcount(bs, sn.l1_table_offset, 627 sn.l1_size, -1); 628 if (ret < 0) { 629 error_setg_errno(errp, -ret, "Failed to free the cluster and L1 table"); 630 return ret; 631 } 632 qcow2_free_clusters(bs, sn.l1_table_offset, sn.l1_size * sizeof(uint64_t), 633 QCOW2_DISCARD_SNAPSHOT); 634 635 /* must update the copied flag on the current cluster offsets */ 636 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0); 637 if (ret < 0) { 638 error_setg_errno(errp, -ret, 639 "Failed to update snapshot status in disk"); 640 return ret; 641 } 642 643 #ifdef DEBUG_ALLOC 644 { 645 BdrvCheckResult result = {0}; 646 qcow2_check_refcounts(bs, &result, 0); 647 } 648 #endif 649 return 0; 650 } 651 652 int qcow2_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab) 653 { 654 BDRVQcow2State *s = bs->opaque; 655 QEMUSnapshotInfo *sn_tab, *sn_info; 656 QCowSnapshot *sn; 657 int i; 658 659 if (!s->nb_snapshots) { 660 *psn_tab = NULL; 661 return s->nb_snapshots; 662 } 663 664 sn_tab = g_new0(QEMUSnapshotInfo, s->nb_snapshots); 665 for(i = 0; i < s->nb_snapshots; i++) { 666 sn_info = sn_tab + i; 667 sn = s->snapshots + i; 668 pstrcpy(sn_info->id_str, sizeof(sn_info->id_str), 669 sn->id_str); 670 pstrcpy(sn_info->name, sizeof(sn_info->name), 671 sn->name); 672 sn_info->vm_state_size = sn->vm_state_size; 673 sn_info->date_sec = sn->date_sec; 674 sn_info->date_nsec = sn->date_nsec; 675 sn_info->vm_clock_nsec = sn->vm_clock_nsec; 676 } 677 *psn_tab = sn_tab; 678 return s->nb_snapshots; 679 } 680 681 int qcow2_snapshot_load_tmp(BlockDriverState *bs, 682 const char *snapshot_id, 683 const char *name, 684 Error **errp) 685 { 686 int i, snapshot_index; 687 BDRVQcow2State *s = bs->opaque; 688 QCowSnapshot *sn; 689 uint64_t *new_l1_table; 690 int new_l1_bytes; 691 int ret; 692 693 assert(bs->read_only); 694 695 /* Search the snapshot */ 696 snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name); 697 if (snapshot_index < 0) { 698 error_setg(errp, 699 "Can't find snapshot"); 700 return -ENOENT; 701 } 702 sn = &s->snapshots[snapshot_index]; 703 704 /* Allocate and read in the snapshot's L1 table */ 705 if (sn->l1_size > QCOW_MAX_L1_SIZE / sizeof(uint64_t)) { 706 error_setg(errp, "Snapshot L1 table too large"); 707 return -EFBIG; 708 } 709 new_l1_bytes = sn->l1_size * sizeof(uint64_t); 710 new_l1_table = qemu_try_blockalign(bs->file->bs, 711 align_offset(new_l1_bytes, 512)); 712 if (new_l1_table == NULL) { 713 return -ENOMEM; 714 } 715 716 ret = bdrv_pread(bs->file->bs, sn->l1_table_offset, 717 new_l1_table, new_l1_bytes); 718 if (ret < 0) { 719 error_setg(errp, "Failed to read l1 table for snapshot"); 720 qemu_vfree(new_l1_table); 721 return ret; 722 } 723 724 /* Switch the L1 table */ 725 qemu_vfree(s->l1_table); 726 727 s->l1_size = sn->l1_size; 728 s->l1_table_offset = sn->l1_table_offset; 729 s->l1_table = new_l1_table; 730 731 for(i = 0;i < s->l1_size; i++) { 732 be64_to_cpus(&s->l1_table[i]); 733 } 734 735 return 0; 736 } 737