xref: /openbmc/qemu/block/qcow2-threads.c (revision 8c6631e66e323bc92e0ea5d235e7059b30fb86ee)
1 /*
2  * Threaded data processing for Qcow2: compression, encryption
3  *
4  * Copyright (c) 2004-2006 Fabrice Bellard
5  * Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "qemu/osdep.h"
27 
28 #define ZLIB_CONST
29 #include <zlib.h>
30 
31 #ifdef CONFIG_ZSTD
32 #include <zstd.h>
33 #include <zstd_errors.h>
34 #endif
35 
36 #include "qcow2.h"
37 #include "block/block-io.h"
38 #include "block/thread-pool.h"
39 #include "crypto.h"
40 
41 static int coroutine_fn
42 qcow2_co_process(BlockDriverState *bs, ThreadPoolFunc *func, void *arg)
43 {
44     int ret;
45     BDRVQcow2State *s = bs->opaque;
46     ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
47 
48     qemu_co_mutex_lock(&s->lock);
49     while (s->nb_threads >= QCOW2_MAX_THREADS) {
50         qemu_co_queue_wait(&s->thread_task_queue, &s->lock);
51     }
52     s->nb_threads++;
53     qemu_co_mutex_unlock(&s->lock);
54 
55     ret = thread_pool_submit_co(pool, func, arg);
56 
57     qemu_co_mutex_lock(&s->lock);
58     s->nb_threads--;
59     qemu_co_queue_next(&s->thread_task_queue);
60     qemu_co_mutex_unlock(&s->lock);
61 
62     return ret;
63 }
64 
65 
66 /*
67  * Compression
68  */
69 
70 typedef ssize_t (*Qcow2CompressFunc)(void *dest, size_t dest_size,
71                                      const void *src, size_t src_size);
72 typedef struct Qcow2CompressData {
73     void *dest;
74     size_t dest_size;
75     const void *src;
76     size_t src_size;
77     ssize_t ret;
78 
79     Qcow2CompressFunc func;
80 } Qcow2CompressData;
81 
82 /*
83  * qcow2_zlib_compress()
84  *
85  * Compress @src_size bytes of data using zlib compression method
86  *
87  * @dest - destination buffer, @dest_size bytes
88  * @src - source buffer, @src_size bytes
89  *
90  * Returns: compressed size on success
91  *          -ENOMEM destination buffer is not enough to store compressed data
92  *          -EIO    on any other error
93  */
94 static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size,
95                                    const void *src, size_t src_size)
96 {
97     ssize_t ret;
98     z_stream strm;
99 
100     /* best compression, small window, no zlib header */
101     memset(&strm, 0, sizeof(strm));
102     ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
103                        -12, 9, Z_DEFAULT_STRATEGY);
104     if (ret != Z_OK) {
105         return -EIO;
106     }
107 
108     /*
109      * strm.next_in is not const in old zlib versions, such as those used on
110      * OpenBSD/NetBSD, so cast the const away
111      */
112     strm.avail_in = src_size;
113     strm.next_in = (void *) src;
114     strm.avail_out = dest_size;
115     strm.next_out = dest;
116 
117     ret = deflate(&strm, Z_FINISH);
118     if (ret == Z_STREAM_END) {
119         ret = dest_size - strm.avail_out;
120     } else {
121         ret = (ret == Z_OK ? -ENOMEM : -EIO);
122     }
123 
124     deflateEnd(&strm);
125 
126     return ret;
127 }
128 
129 /*
130  * qcow2_zlib_decompress()
131  *
132  * Decompress some data (not more than @src_size bytes) to produce exactly
133  * @dest_size bytes using zlib compression method
134  *
135  * @dest - destination buffer, @dest_size bytes
136  * @src - source buffer, @src_size bytes
137  *
138  * Returns: 0 on success
139  *          -EIO on fail
140  */
141 static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size,
142                                      const void *src, size_t src_size)
143 {
144     int ret;
145     z_stream strm;
146 
147     memset(&strm, 0, sizeof(strm));
148     strm.avail_in = src_size;
149     strm.next_in = (void *) src;
150     strm.avail_out = dest_size;
151     strm.next_out = dest;
152 
153     ret = inflateInit2(&strm, -12);
154     if (ret != Z_OK) {
155         return -EIO;
156     }
157 
158     ret = inflate(&strm, Z_FINISH);
159     if ((ret == Z_STREAM_END || ret == Z_BUF_ERROR) && strm.avail_out == 0) {
160         /*
161          * We approve Z_BUF_ERROR because we need @dest buffer to be filled, but
162          * @src buffer may be processed partly (because in qcow2 we know size of
163          * compressed data with precision of one sector)
164          */
165         ret = 0;
166     } else {
167         ret = -EIO;
168     }
169 
170     inflateEnd(&strm);
171 
172     return ret;
173 }
174 
175 #ifdef CONFIG_ZSTD
176 
177 /*
178  * qcow2_zstd_compress()
179  *
180  * Compress @src_size bytes of data using zstd compression method
181  *
182  * @dest - destination buffer, @dest_size bytes
183  * @src - source buffer, @src_size bytes
184  *
185  * Returns: compressed size on success
186  *          -ENOMEM destination buffer is not enough to store compressed data
187  *          -EIO    on any other error
188  */
189 static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size,
190                                    const void *src, size_t src_size)
191 {
192     ssize_t ret;
193     size_t zstd_ret;
194     ZSTD_outBuffer output = {
195         .dst = dest,
196         .size = dest_size,
197         .pos = 0
198     };
199     ZSTD_inBuffer input = {
200         .src = src,
201         .size = src_size,
202         .pos = 0
203     };
204     ZSTD_CCtx *cctx = ZSTD_createCCtx();
205 
206     if (!cctx) {
207         return -EIO;
208     }
209     /*
210      * Use the zstd streamed interface for symmetry with decompression,
211      * where streaming is essential since we don't record the exact
212      * compressed size.
213      *
214      * ZSTD_compressStream2() tries to compress everything it could
215      * with a single call. Although, ZSTD docs says that:
216      * "You must continue calling ZSTD_compressStream2() with ZSTD_e_end
217      * until it returns 0, at which point you are free to start a new frame",
218      * in out tests we saw the only case when it returned with >0 -
219      * when the output buffer was too small. In that case,
220      * ZSTD_compressStream2() expects a bigger buffer on the next call.
221      * We can't provide a bigger buffer because we are limited with dest_size
222      * which we pass to the ZSTD_compressStream2() at once.
223      * So, we don't need any loops and just abort the compression when we
224      * don't get 0 result on the first call.
225      */
226     zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end);
227 
228     if (zstd_ret) {
229         if (zstd_ret > output.size - output.pos) {
230             ret = -ENOMEM;
231         } else {
232             ret = -EIO;
233         }
234         goto out;
235     }
236 
237     /* make sure that zstd didn't overflow the dest buffer */
238     assert(output.pos <= dest_size);
239     ret = output.pos;
240 out:
241     ZSTD_freeCCtx(cctx);
242     return ret;
243 }
244 
245 /*
246  * qcow2_zstd_decompress()
247  *
248  * Decompress some data (not more than @src_size bytes) to produce exactly
249  * @dest_size bytes using zstd compression method
250  *
251  * @dest - destination buffer, @dest_size bytes
252  * @src - source buffer, @src_size bytes
253  *
254  * Returns: 0 on success
255  *          -EIO on any error
256  */
257 static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size,
258                                      const void *src, size_t src_size)
259 {
260     size_t zstd_ret = 0;
261     ssize_t ret = 0;
262     ZSTD_outBuffer output = {
263         .dst = dest,
264         .size = dest_size,
265         .pos = 0
266     };
267     ZSTD_inBuffer input = {
268         .src = src,
269         .size = src_size,
270         .pos = 0
271     };
272     ZSTD_DCtx *dctx = ZSTD_createDCtx();
273 
274     if (!dctx) {
275         return -EIO;
276     }
277 
278     /*
279      * The compressed stream from the input buffer may consist of more
280      * than one zstd frame. So we iterate until we get a fully
281      * uncompressed cluster.
282      * From zstd docs related to ZSTD_decompressStream:
283      * "return : 0 when a frame is completely decoded and fully flushed"
284      * We suppose that this means: each time ZSTD_decompressStream reads
285      * only ONE full frame and returns 0 if and only if that frame
286      * is completely decoded and flushed. Only after returning 0,
287      * ZSTD_decompressStream reads another ONE full frame.
288      */
289     while (output.pos < output.size) {
290         size_t last_in_pos = input.pos;
291         size_t last_out_pos = output.pos;
292         zstd_ret = ZSTD_decompressStream(dctx, &output, &input);
293 
294         if (ZSTD_isError(zstd_ret)) {
295             ret = -EIO;
296             break;
297         }
298 
299         /*
300          * The ZSTD manual is vague about what to do if it reads
301          * the buffer partially, and we don't want to get stuck
302          * in an infinite loop where ZSTD_decompressStream
303          * returns > 0 waiting for another input chunk. So, we add
304          * a check which ensures that the loop makes some progress
305          * on each step.
306          */
307         if (last_in_pos >= input.pos &&
308             last_out_pos >= output.pos) {
309             ret = -EIO;
310             break;
311         }
312     }
313     /*
314      * Make sure that we have the frame fully flushed here
315      * if not, we somehow managed to get uncompressed cluster
316      * greater then the cluster size, possibly because of its
317      * damage.
318      */
319     if (zstd_ret > 0) {
320         ret = -EIO;
321     }
322 
323     ZSTD_freeDCtx(dctx);
324     assert(ret == 0 || ret == -EIO);
325     return ret;
326 }
327 #endif
328 
329 static int qcow2_compress_pool_func(void *opaque)
330 {
331     Qcow2CompressData *data = opaque;
332 
333     data->ret = data->func(data->dest, data->dest_size,
334                            data->src, data->src_size);
335 
336     return 0;
337 }
338 
339 static ssize_t coroutine_fn
340 qcow2_co_do_compress(BlockDriverState *bs, void *dest, size_t dest_size,
341                      const void *src, size_t src_size, Qcow2CompressFunc func)
342 {
343     Qcow2CompressData arg = {
344         .dest = dest,
345         .dest_size = dest_size,
346         .src = src,
347         .src_size = src_size,
348         .func = func,
349     };
350 
351     qcow2_co_process(bs, qcow2_compress_pool_func, &arg);
352 
353     return arg.ret;
354 }
355 
356 /*
357  * qcow2_co_compress()
358  *
359  * Compress @src_size bytes of data using the compression
360  * method defined by the image compression type
361  *
362  * @dest - destination buffer, @dest_size bytes
363  * @src - source buffer, @src_size bytes
364  *
365  * Returns: compressed size on success
366  *          a negative error code on failure
367  */
368 ssize_t coroutine_fn
369 qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size,
370                   const void *src, size_t src_size)
371 {
372     BDRVQcow2State *s = bs->opaque;
373     Qcow2CompressFunc fn;
374 
375     switch (s->compression_type) {
376     case QCOW2_COMPRESSION_TYPE_ZLIB:
377         fn = qcow2_zlib_compress;
378         break;
379 
380 #ifdef CONFIG_ZSTD
381     case QCOW2_COMPRESSION_TYPE_ZSTD:
382         fn = qcow2_zstd_compress;
383         break;
384 #endif
385     default:
386         abort();
387     }
388 
389     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
390 }
391 
392 /*
393  * qcow2_co_decompress()
394  *
395  * Decompress some data (not more than @src_size bytes) to produce exactly
396  * @dest_size bytes using the compression method defined by the image
397  * compression type
398  *
399  * @dest - destination buffer, @dest_size bytes
400  * @src - source buffer, @src_size bytes
401  *
402  * Returns: 0 on success
403  *          a negative error code on failure
404  */
405 ssize_t coroutine_fn
406 qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size,
407                     const void *src, size_t src_size)
408 {
409     BDRVQcow2State *s = bs->opaque;
410     Qcow2CompressFunc fn;
411 
412     switch (s->compression_type) {
413     case QCOW2_COMPRESSION_TYPE_ZLIB:
414         fn = qcow2_zlib_decompress;
415         break;
416 
417 #ifdef CONFIG_ZSTD
418     case QCOW2_COMPRESSION_TYPE_ZSTD:
419         fn = qcow2_zstd_decompress;
420         break;
421 #endif
422     default:
423         abort();
424     }
425 
426     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
427 }
428 
429 
430 /*
431  * Cryptography
432  */
433 
434 /*
435  * Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and
436  * qcrypto_block_decrypt() functions.
437  */
438 typedef int (*Qcow2EncDecFunc)(QCryptoBlock *block, uint64_t offset,
439                                uint8_t *buf, size_t len, Error **errp);
440 
441 typedef struct Qcow2EncDecData {
442     QCryptoBlock *block;
443     uint64_t offset;
444     uint8_t *buf;
445     size_t len;
446 
447     Qcow2EncDecFunc func;
448 } Qcow2EncDecData;
449 
450 static int qcow2_encdec_pool_func(void *opaque)
451 {
452     Qcow2EncDecData *data = opaque;
453 
454     return data->func(data->block, data->offset, data->buf, data->len, NULL);
455 }
456 
457 static int coroutine_fn
458 qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
459                 uint64_t guest_offset, void *buf, size_t len,
460                 Qcow2EncDecFunc func)
461 {
462     BDRVQcow2State *s = bs->opaque;
463     Qcow2EncDecData arg = {
464         .block = s->crypto,
465         .offset = s->crypt_physical_offset ? host_offset : guest_offset,
466         .buf = buf,
467         .len = len,
468         .func = func,
469     };
470     uint64_t sector_size;
471 
472     assert(s->crypto);
473 
474     sector_size = qcrypto_block_get_sector_size(s->crypto);
475     assert(QEMU_IS_ALIGNED(guest_offset, sector_size));
476     assert(QEMU_IS_ALIGNED(host_offset, sector_size));
477     assert(QEMU_IS_ALIGNED(len, sector_size));
478 
479     return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
480 }
481 
482 /*
483  * qcow2_co_encrypt()
484  *
485  * Encrypts one or more contiguous aligned sectors
486  *
487  * @host_offset - underlying storage offset of the first sector of the
488  * data to be encrypted
489  *
490  * @guest_offset - guest (virtual) offset of the first sector of the
491  * data to be encrypted
492  *
493  * @buf - buffer with the data to encrypt, that after encryption
494  *        will be written to the underlying storage device at
495  *        @host_offset
496  *
497  * @len - length of the buffer (must be a multiple of the encryption
498  *        sector size)
499  *
500  * Depending on the encryption method, @host_offset and/or @guest_offset
501  * may be used for generating the initialization vector for
502  * encryption.
503  *
504  * Note that while the whole range must be aligned on sectors, it
505  * does not have to be aligned on clusters and can also cross cluster
506  * boundaries
507  */
508 int coroutine_fn
509 qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
510                  uint64_t guest_offset, void *buf, size_t len)
511 {
512     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
513                            qcrypto_block_encrypt);
514 }
515 
516 /*
517  * qcow2_co_decrypt()
518  *
519  * Decrypts one or more contiguous aligned sectors
520  * Similar to qcow2_co_encrypt
521  */
522 int coroutine_fn
523 qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
524                  uint64_t guest_offset, void *buf, size_t len)
525 {
526     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
527                            qcrypto_block_decrypt);
528 }
529