xref: /openbmc/qemu/block/qcow2-threads.c (revision bac35bf5175fb16470a73492c23161e80361eeeb)
1 /*
2  * Threaded data processing for Qcow2: compression, encryption
3  *
4  * Copyright (c) 2004-2006 Fabrice Bellard
5  * Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved.
6  *
7  * Permission is hereby granted, free of charge, to any person obtaining a copy
8  * of this software and associated documentation files (the "Software"), to deal
9  * in the Software without restriction, including without limitation the rights
10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11  * copies of the Software, and to permit persons to whom the Software is
12  * furnished to do so, subject to the following conditions:
13  *
14  * The above copyright notice and this permission notice shall be included in
15  * all copies or substantial portions of the Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23  * THE SOFTWARE.
24  */
25 
26 #include "qemu/osdep.h"
27 
28 #define ZLIB_CONST
29 #include <zlib.h>
30 
31 #ifdef CONFIG_ZSTD
32 #include <zstd.h>
33 #include <zstd_errors.h>
34 #endif
35 
36 #include "qcow2.h"
37 #include "block/thread-pool.h"
38 #include "crypto.h"
39 
40 static int coroutine_fn
41 qcow2_co_process(BlockDriverState *bs, ThreadPoolFunc *func, void *arg)
42 {
43     int ret;
44     BDRVQcow2State *s = bs->opaque;
45     ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
46 
47     qemu_co_mutex_lock(&s->lock);
48     while (s->nb_threads >= QCOW2_MAX_THREADS) {
49         qemu_co_queue_wait(&s->thread_task_queue, &s->lock);
50     }
51     s->nb_threads++;
52     qemu_co_mutex_unlock(&s->lock);
53 
54     ret = thread_pool_submit_co(pool, func, arg);
55 
56     qemu_co_mutex_lock(&s->lock);
57     s->nb_threads--;
58     qemu_co_queue_next(&s->thread_task_queue);
59     qemu_co_mutex_unlock(&s->lock);
60 
61     return ret;
62 }
63 
64 
65 /*
66  * Compression
67  */
68 
69 typedef ssize_t (*Qcow2CompressFunc)(void *dest, size_t dest_size,
70                                      const void *src, size_t src_size);
71 typedef struct Qcow2CompressData {
72     void *dest;
73     size_t dest_size;
74     const void *src;
75     size_t src_size;
76     ssize_t ret;
77 
78     Qcow2CompressFunc func;
79 } Qcow2CompressData;
80 
81 /*
82  * qcow2_zlib_compress()
83  *
84  * Compress @src_size bytes of data using zlib compression method
85  *
86  * @dest - destination buffer, @dest_size bytes
87  * @src - source buffer, @src_size bytes
88  *
89  * Returns: compressed size on success
90  *          -ENOMEM destination buffer is not enough to store compressed data
91  *          -EIO    on any other error
92  */
93 static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size,
94                                    const void *src, size_t src_size)
95 {
96     ssize_t ret;
97     z_stream strm;
98 
99     /* best compression, small window, no zlib header */
100     memset(&strm, 0, sizeof(strm));
101     ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
102                        -12, 9, Z_DEFAULT_STRATEGY);
103     if (ret != Z_OK) {
104         return -EIO;
105     }
106 
107     /*
108      * strm.next_in is not const in old zlib versions, such as those used on
109      * OpenBSD/NetBSD, so cast the const away
110      */
111     strm.avail_in = src_size;
112     strm.next_in = (void *) src;
113     strm.avail_out = dest_size;
114     strm.next_out = dest;
115 
116     ret = deflate(&strm, Z_FINISH);
117     if (ret == Z_STREAM_END) {
118         ret = dest_size - strm.avail_out;
119     } else {
120         ret = (ret == Z_OK ? -ENOMEM : -EIO);
121     }
122 
123     deflateEnd(&strm);
124 
125     return ret;
126 }
127 
128 /*
129  * qcow2_zlib_decompress()
130  *
131  * Decompress some data (not more than @src_size bytes) to produce exactly
132  * @dest_size bytes using zlib compression method
133  *
134  * @dest - destination buffer, @dest_size bytes
135  * @src - source buffer, @src_size bytes
136  *
137  * Returns: 0 on success
138  *          -EIO on fail
139  */
140 static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size,
141                                      const void *src, size_t src_size)
142 {
143     int ret;
144     z_stream strm;
145 
146     memset(&strm, 0, sizeof(strm));
147     strm.avail_in = src_size;
148     strm.next_in = (void *) src;
149     strm.avail_out = dest_size;
150     strm.next_out = dest;
151 
152     ret = inflateInit2(&strm, -12);
153     if (ret != Z_OK) {
154         return -EIO;
155     }
156 
157     ret = inflate(&strm, Z_FINISH);
158     if ((ret == Z_STREAM_END || ret == Z_BUF_ERROR) && strm.avail_out == 0) {
159         /*
160          * We approve Z_BUF_ERROR because we need @dest buffer to be filled, but
161          * @src buffer may be processed partly (because in qcow2 we know size of
162          * compressed data with precision of one sector)
163          */
164         ret = 0;
165     } else {
166         ret = -EIO;
167     }
168 
169     inflateEnd(&strm);
170 
171     return ret;
172 }
173 
174 #ifdef CONFIG_ZSTD
175 
176 /*
177  * qcow2_zstd_compress()
178  *
179  * Compress @src_size bytes of data using zstd compression method
180  *
181  * @dest - destination buffer, @dest_size bytes
182  * @src - source buffer, @src_size bytes
183  *
184  * Returns: compressed size on success
185  *          -ENOMEM destination buffer is not enough to store compressed data
186  *          -EIO    on any other error
187  */
188 static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size,
189                                    const void *src, size_t src_size)
190 {
191     ssize_t ret;
192     size_t zstd_ret;
193     ZSTD_outBuffer output = {
194         .dst = dest,
195         .size = dest_size,
196         .pos = 0
197     };
198     ZSTD_inBuffer input = {
199         .src = src,
200         .size = src_size,
201         .pos = 0
202     };
203     ZSTD_CCtx *cctx = ZSTD_createCCtx();
204 
205     if (!cctx) {
206         return -EIO;
207     }
208     /*
209      * Use the zstd streamed interface for symmetry with decompression,
210      * where streaming is essential since we don't record the exact
211      * compressed size.
212      *
213      * ZSTD_compressStream2() tries to compress everything it could
214      * with a single call. Although, ZSTD docs says that:
215      * "You must continue calling ZSTD_compressStream2() with ZSTD_e_end
216      * until it returns 0, at which point you are free to start a new frame",
217      * in out tests we saw the only case when it returned with >0 -
218      * when the output buffer was too small. In that case,
219      * ZSTD_compressStream2() expects a bigger buffer on the next call.
220      * We can't provide a bigger buffer because we are limited with dest_size
221      * which we pass to the ZSTD_compressStream2() at once.
222      * So, we don't need any loops and just abort the compression when we
223      * don't get 0 result on the first call.
224      */
225     zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end);
226 
227     if (zstd_ret) {
228         if (zstd_ret > output.size - output.pos) {
229             ret = -ENOMEM;
230         } else {
231             ret = -EIO;
232         }
233         goto out;
234     }
235 
236     /* make sure that zstd didn't overflow the dest buffer */
237     assert(output.pos <= dest_size);
238     ret = output.pos;
239 out:
240     ZSTD_freeCCtx(cctx);
241     return ret;
242 }
243 
244 /*
245  * qcow2_zstd_decompress()
246  *
247  * Decompress some data (not more than @src_size bytes) to produce exactly
248  * @dest_size bytes using zstd compression method
249  *
250  * @dest - destination buffer, @dest_size bytes
251  * @src - source buffer, @src_size bytes
252  *
253  * Returns: 0 on success
254  *          -EIO on any error
255  */
256 static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size,
257                                      const void *src, size_t src_size)
258 {
259     size_t zstd_ret = 0;
260     ssize_t ret = 0;
261     ZSTD_outBuffer output = {
262         .dst = dest,
263         .size = dest_size,
264         .pos = 0
265     };
266     ZSTD_inBuffer input = {
267         .src = src,
268         .size = src_size,
269         .pos = 0
270     };
271     ZSTD_DCtx *dctx = ZSTD_createDCtx();
272 
273     if (!dctx) {
274         return -EIO;
275     }
276 
277     /*
278      * The compressed stream from the input buffer may consist of more
279      * than one zstd frame. So we iterate until we get a fully
280      * uncompressed cluster.
281      * From zstd docs related to ZSTD_decompressStream:
282      * "return : 0 when a frame is completely decoded and fully flushed"
283      * We suppose that this means: each time ZSTD_decompressStream reads
284      * only ONE full frame and returns 0 if and only if that frame
285      * is completely decoded and flushed. Only after returning 0,
286      * ZSTD_decompressStream reads another ONE full frame.
287      */
288     while (output.pos < output.size) {
289         size_t last_in_pos = input.pos;
290         size_t last_out_pos = output.pos;
291         zstd_ret = ZSTD_decompressStream(dctx, &output, &input);
292 
293         if (ZSTD_isError(zstd_ret)) {
294             ret = -EIO;
295             break;
296         }
297 
298         /*
299          * The ZSTD manual is vague about what to do if it reads
300          * the buffer partially, and we don't want to get stuck
301          * in an infinite loop where ZSTD_decompressStream
302          * returns > 0 waiting for another input chunk. So, we add
303          * a check which ensures that the loop makes some progress
304          * on each step.
305          */
306         if (last_in_pos >= input.pos &&
307             last_out_pos >= output.pos) {
308             ret = -EIO;
309             break;
310         }
311     }
312     /*
313      * Make sure that we have the frame fully flushed here
314      * if not, we somehow managed to get uncompressed cluster
315      * greater then the cluster size, possibly because of its
316      * damage.
317      */
318     if (zstd_ret > 0) {
319         ret = -EIO;
320     }
321 
322     ZSTD_freeDCtx(dctx);
323     assert(ret == 0 || ret == -EIO);
324     return ret;
325 }
326 #endif
327 
328 static int qcow2_compress_pool_func(void *opaque)
329 {
330     Qcow2CompressData *data = opaque;
331 
332     data->ret = data->func(data->dest, data->dest_size,
333                            data->src, data->src_size);
334 
335     return 0;
336 }
337 
338 static ssize_t coroutine_fn
339 qcow2_co_do_compress(BlockDriverState *bs, void *dest, size_t dest_size,
340                      const void *src, size_t src_size, Qcow2CompressFunc func)
341 {
342     Qcow2CompressData arg = {
343         .dest = dest,
344         .dest_size = dest_size,
345         .src = src,
346         .src_size = src_size,
347         .func = func,
348     };
349 
350     qcow2_co_process(bs, qcow2_compress_pool_func, &arg);
351 
352     return arg.ret;
353 }
354 
355 /*
356  * qcow2_co_compress()
357  *
358  * Compress @src_size bytes of data using the compression
359  * method defined by the image compression type
360  *
361  * @dest - destination buffer, @dest_size bytes
362  * @src - source buffer, @src_size bytes
363  *
364  * Returns: compressed size on success
365  *          a negative error code on failure
366  */
367 ssize_t coroutine_fn
368 qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size,
369                   const void *src, size_t src_size)
370 {
371     BDRVQcow2State *s = bs->opaque;
372     Qcow2CompressFunc fn;
373 
374     switch (s->compression_type) {
375     case QCOW2_COMPRESSION_TYPE_ZLIB:
376         fn = qcow2_zlib_compress;
377         break;
378 
379 #ifdef CONFIG_ZSTD
380     case QCOW2_COMPRESSION_TYPE_ZSTD:
381         fn = qcow2_zstd_compress;
382         break;
383 #endif
384     default:
385         abort();
386     }
387 
388     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
389 }
390 
391 /*
392  * qcow2_co_decompress()
393  *
394  * Decompress some data (not more than @src_size bytes) to produce exactly
395  * @dest_size bytes using the compression method defined by the image
396  * compression type
397  *
398  * @dest - destination buffer, @dest_size bytes
399  * @src - source buffer, @src_size bytes
400  *
401  * Returns: 0 on success
402  *          a negative error code on failure
403  */
404 ssize_t coroutine_fn
405 qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size,
406                     const void *src, size_t src_size)
407 {
408     BDRVQcow2State *s = bs->opaque;
409     Qcow2CompressFunc fn;
410 
411     switch (s->compression_type) {
412     case QCOW2_COMPRESSION_TYPE_ZLIB:
413         fn = qcow2_zlib_decompress;
414         break;
415 
416 #ifdef CONFIG_ZSTD
417     case QCOW2_COMPRESSION_TYPE_ZSTD:
418         fn = qcow2_zstd_decompress;
419         break;
420 #endif
421     default:
422         abort();
423     }
424 
425     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
426 }
427 
428 
429 /*
430  * Cryptography
431  */
432 
433 /*
434  * Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and
435  * qcrypto_block_decrypt() functions.
436  */
437 typedef int (*Qcow2EncDecFunc)(QCryptoBlock *block, uint64_t offset,
438                                uint8_t *buf, size_t len, Error **errp);
439 
440 typedef struct Qcow2EncDecData {
441     QCryptoBlock *block;
442     uint64_t offset;
443     uint8_t *buf;
444     size_t len;
445 
446     Qcow2EncDecFunc func;
447 } Qcow2EncDecData;
448 
449 static int qcow2_encdec_pool_func(void *opaque)
450 {
451     Qcow2EncDecData *data = opaque;
452 
453     return data->func(data->block, data->offset, data->buf, data->len, NULL);
454 }
455 
456 static int coroutine_fn
457 qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
458                 uint64_t guest_offset, void *buf, size_t len,
459                 Qcow2EncDecFunc func)
460 {
461     BDRVQcow2State *s = bs->opaque;
462     Qcow2EncDecData arg = {
463         .block = s->crypto,
464         .offset = s->crypt_physical_offset ? host_offset : guest_offset,
465         .buf = buf,
466         .len = len,
467         .func = func,
468     };
469     uint64_t sector_size;
470 
471     assert(s->crypto);
472 
473     sector_size = qcrypto_block_get_sector_size(s->crypto);
474     assert(QEMU_IS_ALIGNED(guest_offset, sector_size));
475     assert(QEMU_IS_ALIGNED(host_offset, sector_size));
476     assert(QEMU_IS_ALIGNED(len, sector_size));
477 
478     return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
479 }
480 
481 /*
482  * qcow2_co_encrypt()
483  *
484  * Encrypts one or more contiguous aligned sectors
485  *
486  * @host_offset - underlying storage offset of the first sector of the
487  * data to be encrypted
488  *
489  * @guest_offset - guest (virtual) offset of the first sector of the
490  * data to be encrypted
491  *
492  * @buf - buffer with the data to encrypt, that after encryption
493  *        will be written to the underlying storage device at
494  *        @host_offset
495  *
496  * @len - length of the buffer (must be a multiple of the encryption
497  *        sector size)
498  *
499  * Depending on the encryption method, @host_offset and/or @guest_offset
500  * may be used for generating the initialization vector for
501  * encryption.
502  *
503  * Note that while the whole range must be aligned on sectors, it
504  * does not have to be aligned on clusters and can also cross cluster
505  * boundaries
506  */
507 int coroutine_fn
508 qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
509                  uint64_t guest_offset, void *buf, size_t len)
510 {
511     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
512                            qcrypto_block_encrypt);
513 }
514 
515 /*
516  * qcow2_co_decrypt()
517  *
518  * Decrypts one or more contiguous aligned sectors
519  * Similar to qcow2_co_encrypt
520  */
521 int coroutine_fn
522 qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
523                  uint64_t guest_offset, void *buf, size_t len)
524 {
525     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
526                            qcrypto_block_decrypt);
527 }
528