1 /* BlockDriver implementation for "raw" format driver 2 * 3 * Copyright (C) 2010-2016 Red Hat, Inc. 4 * Copyright (C) 2010, Blue Swirl <blauwirbel@gmail.com> 5 * Copyright (C) 2009, Anthony Liguori <aliguori@us.ibm.com> 6 * 7 * Author: 8 * Laszlo Ersek <lersek@redhat.com> 9 * 10 * Permission is hereby granted, free of charge, to any person obtaining a copy 11 * of this software and associated documentation files (the "Software"), to 12 * deal in the Software without restriction, including without limitation the 13 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 14 * sell copies of the Software, and to permit persons to whom the Software is 15 * furnished to do so, subject to the following conditions: 16 * 17 * The above copyright notice and this permission notice shall be included in 18 * all copies or substantial portions of the Software. 19 * 20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 21 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 23 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 24 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 25 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 26 * IN THE SOFTWARE. 27 */ 28 29 #include "qemu/osdep.h" 30 #include "block/block_int.h" 31 #include "qapi/error.h" 32 #include "qemu/module.h" 33 #include "qemu/option.h" 34 35 typedef struct BDRVRawState { 36 uint64_t offset; 37 uint64_t size; 38 bool has_size; 39 } BDRVRawState; 40 41 static const char *const mutable_opts[] = { "offset", "size", NULL }; 42 43 static QemuOptsList raw_runtime_opts = { 44 .name = "raw", 45 .head = QTAILQ_HEAD_INITIALIZER(raw_runtime_opts.head), 46 .desc = { 47 { 48 .name = "offset", 49 .type = QEMU_OPT_SIZE, 50 .help = "offset in the disk where the image starts", 51 }, 52 { 53 .name = "size", 54 .type = QEMU_OPT_SIZE, 55 .help = "virtual disk size", 56 }, 57 { /* end of list */ } 58 }, 59 }; 60 61 static QemuOptsList raw_create_opts = { 62 .name = "raw-create-opts", 63 .head = QTAILQ_HEAD_INITIALIZER(raw_create_opts.head), 64 .desc = { 65 { 66 .name = BLOCK_OPT_SIZE, 67 .type = QEMU_OPT_SIZE, 68 .help = "Virtual disk size" 69 }, 70 { /* end of list */ } 71 } 72 }; 73 74 static int raw_read_options(QDict *options, uint64_t *offset, bool *has_size, 75 uint64_t *size, Error **errp) 76 { 77 Error *local_err = NULL; 78 QemuOpts *opts = NULL; 79 int ret; 80 81 opts = qemu_opts_create(&raw_runtime_opts, NULL, 0, &error_abort); 82 qemu_opts_absorb_qdict(opts, options, &local_err); 83 if (local_err) { 84 error_propagate(errp, local_err); 85 ret = -EINVAL; 86 goto end; 87 } 88 89 *offset = qemu_opt_get_size(opts, "offset", 0); 90 *has_size = qemu_opt_find(opts, "size"); 91 *size = qemu_opt_get_size(opts, "size", 0); 92 93 ret = 0; 94 end: 95 qemu_opts_del(opts); 96 return ret; 97 } 98 99 static int raw_apply_options(BlockDriverState *bs, BDRVRawState *s, 100 uint64_t offset, bool has_size, uint64_t size, 101 Error **errp) 102 { 103 int64_t real_size = 0; 104 105 real_size = bdrv_getlength(bs->file->bs); 106 if (real_size < 0) { 107 error_setg_errno(errp, -real_size, "Could not get image size"); 108 return real_size; 109 } 110 111 /* Check size and offset */ 112 if (offset > real_size) { 113 error_setg(errp, "Offset (%" PRIu64 ") cannot be greater than " 114 "size of the containing file (%" PRId64 ")", 115 s->offset, real_size); 116 return -EINVAL; 117 } 118 119 if (has_size && (real_size - offset) < size) { 120 error_setg(errp, "The sum of offset (%" PRIu64 ") and size " 121 "(%" PRIu64 ") has to be smaller or equal to the " 122 " actual size of the containing file (%" PRId64 ")", 123 s->offset, s->size, real_size); 124 return -EINVAL; 125 } 126 127 /* Make sure size is multiple of BDRV_SECTOR_SIZE to prevent rounding 128 * up and leaking out of the specified area. */ 129 if (has_size && !QEMU_IS_ALIGNED(size, BDRV_SECTOR_SIZE)) { 130 error_setg(errp, "Specified size is not multiple of %llu", 131 BDRV_SECTOR_SIZE); 132 return -EINVAL; 133 } 134 135 s->offset = offset; 136 s->has_size = has_size; 137 s->size = has_size ? size : real_size - offset; 138 139 return 0; 140 } 141 142 static int raw_reopen_prepare(BDRVReopenState *reopen_state, 143 BlockReopenQueue *queue, Error **errp) 144 { 145 bool has_size; 146 uint64_t offset, size; 147 int ret; 148 149 assert(reopen_state != NULL); 150 assert(reopen_state->bs != NULL); 151 152 reopen_state->opaque = g_new0(BDRVRawState, 1); 153 154 ret = raw_read_options(reopen_state->options, &offset, &has_size, &size, 155 errp); 156 if (ret < 0) { 157 return ret; 158 } 159 160 ret = raw_apply_options(reopen_state->bs, reopen_state->opaque, 161 offset, has_size, size, errp); 162 if (ret < 0) { 163 return ret; 164 } 165 166 return 0; 167 } 168 169 static void raw_reopen_commit(BDRVReopenState *state) 170 { 171 BDRVRawState *new_s = state->opaque; 172 BDRVRawState *s = state->bs->opaque; 173 174 memcpy(s, new_s, sizeof(BDRVRawState)); 175 176 g_free(state->opaque); 177 state->opaque = NULL; 178 } 179 180 static void raw_reopen_abort(BDRVReopenState *state) 181 { 182 g_free(state->opaque); 183 state->opaque = NULL; 184 } 185 186 /* Check and adjust the offset, against 'offset' and 'size' options. */ 187 static inline int raw_adjust_offset(BlockDriverState *bs, uint64_t *offset, 188 uint64_t bytes, bool is_write) 189 { 190 BDRVRawState *s = bs->opaque; 191 192 if (s->has_size && (*offset > s->size || bytes > (s->size - *offset))) { 193 /* There's not enough space for the write, or the read request is 194 * out-of-range. Don't read/write anything to prevent leaking out of 195 * the size specified in options. */ 196 return is_write ? -ENOSPC : -EINVAL; 197 } 198 199 if (*offset > INT64_MAX - s->offset) { 200 return -EINVAL; 201 } 202 *offset += s->offset; 203 204 return 0; 205 } 206 207 static int coroutine_fn raw_co_preadv(BlockDriverState *bs, uint64_t offset, 208 uint64_t bytes, QEMUIOVector *qiov, 209 int flags) 210 { 211 int ret; 212 213 ret = raw_adjust_offset(bs, &offset, bytes, false); 214 if (ret) { 215 return ret; 216 } 217 218 BLKDBG_EVENT(bs->file, BLKDBG_READ_AIO); 219 return bdrv_co_preadv(bs->file, offset, bytes, qiov, flags); 220 } 221 222 static int coroutine_fn raw_co_pwritev(BlockDriverState *bs, uint64_t offset, 223 uint64_t bytes, QEMUIOVector *qiov, 224 int flags) 225 { 226 void *buf = NULL; 227 BlockDriver *drv; 228 QEMUIOVector local_qiov; 229 int ret; 230 231 if (bs->probed && offset < BLOCK_PROBE_BUF_SIZE && bytes) { 232 /* Handling partial writes would be a pain - so we just 233 * require that guests have 512-byte request alignment if 234 * probing occurred */ 235 QEMU_BUILD_BUG_ON(BLOCK_PROBE_BUF_SIZE != 512); 236 QEMU_BUILD_BUG_ON(BDRV_SECTOR_SIZE != 512); 237 assert(offset == 0 && bytes >= BLOCK_PROBE_BUF_SIZE); 238 239 buf = qemu_try_blockalign(bs->file->bs, 512); 240 if (!buf) { 241 ret = -ENOMEM; 242 goto fail; 243 } 244 245 ret = qemu_iovec_to_buf(qiov, 0, buf, 512); 246 if (ret != 512) { 247 ret = -EINVAL; 248 goto fail; 249 } 250 251 drv = bdrv_probe_all(buf, 512, NULL); 252 if (drv != bs->drv) { 253 ret = -EPERM; 254 goto fail; 255 } 256 257 /* Use the checked buffer, a malicious guest might be overwriting its 258 * original buffer in the background. */ 259 qemu_iovec_init(&local_qiov, qiov->niov + 1); 260 qemu_iovec_add(&local_qiov, buf, 512); 261 qemu_iovec_concat(&local_qiov, qiov, 512, qiov->size - 512); 262 qiov = &local_qiov; 263 } 264 265 ret = raw_adjust_offset(bs, &offset, bytes, true); 266 if (ret) { 267 goto fail; 268 } 269 270 BLKDBG_EVENT(bs->file, BLKDBG_WRITE_AIO); 271 ret = bdrv_co_pwritev(bs->file, offset, bytes, qiov, flags); 272 273 fail: 274 if (qiov == &local_qiov) { 275 qemu_iovec_destroy(&local_qiov); 276 } 277 qemu_vfree(buf); 278 return ret; 279 } 280 281 static int coroutine_fn raw_co_block_status(BlockDriverState *bs, 282 bool want_zero, int64_t offset, 283 int64_t bytes, int64_t *pnum, 284 int64_t *map, 285 BlockDriverState **file) 286 { 287 BDRVRawState *s = bs->opaque; 288 *pnum = bytes; 289 *file = bs->file->bs; 290 *map = offset + s->offset; 291 return BDRV_BLOCK_RAW | BDRV_BLOCK_OFFSET_VALID; 292 } 293 294 static int coroutine_fn raw_co_pwrite_zeroes(BlockDriverState *bs, 295 int64_t offset, int bytes, 296 BdrvRequestFlags flags) 297 { 298 int ret; 299 300 ret = raw_adjust_offset(bs, (uint64_t *)&offset, bytes, true); 301 if (ret) { 302 return ret; 303 } 304 return bdrv_co_pwrite_zeroes(bs->file, offset, bytes, flags); 305 } 306 307 static int coroutine_fn raw_co_pdiscard(BlockDriverState *bs, 308 int64_t offset, int bytes) 309 { 310 int ret; 311 312 ret = raw_adjust_offset(bs, (uint64_t *)&offset, bytes, true); 313 if (ret) { 314 return ret; 315 } 316 return bdrv_co_pdiscard(bs->file, offset, bytes); 317 } 318 319 static int64_t raw_getlength(BlockDriverState *bs) 320 { 321 int64_t len; 322 BDRVRawState *s = bs->opaque; 323 324 /* Update size. It should not change unless the file was externally 325 * modified. */ 326 len = bdrv_getlength(bs->file->bs); 327 if (len < 0) { 328 return len; 329 } 330 331 if (len < s->offset) { 332 s->size = 0; 333 } else { 334 if (s->has_size) { 335 /* Try to honour the size */ 336 s->size = MIN(s->size, len - s->offset); 337 } else { 338 s->size = len - s->offset; 339 } 340 } 341 342 return s->size; 343 } 344 345 static BlockMeasureInfo *raw_measure(QemuOpts *opts, BlockDriverState *in_bs, 346 Error **errp) 347 { 348 BlockMeasureInfo *info; 349 int64_t required; 350 351 if (in_bs) { 352 required = bdrv_getlength(in_bs); 353 if (required < 0) { 354 error_setg_errno(errp, -required, "Unable to get image size"); 355 return NULL; 356 } 357 } else { 358 required = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_SIZE, 0), 359 BDRV_SECTOR_SIZE); 360 } 361 362 info = g_new0(BlockMeasureInfo, 1); 363 info->required = required; 364 365 /* Unallocated sectors count towards the file size in raw images */ 366 info->fully_allocated = info->required; 367 return info; 368 } 369 370 static int raw_get_info(BlockDriverState *bs, BlockDriverInfo *bdi) 371 { 372 return bdrv_get_info(bs->file->bs, bdi); 373 } 374 375 static void raw_refresh_limits(BlockDriverState *bs, Error **errp) 376 { 377 if (bs->probed) { 378 /* To make it easier to protect the first sector, any probed 379 * image is restricted to read-modify-write on sub-sector 380 * operations. */ 381 bs->bl.request_alignment = BDRV_SECTOR_SIZE; 382 } 383 } 384 385 static int coroutine_fn raw_co_truncate(BlockDriverState *bs, int64_t offset, 386 bool exact, PreallocMode prealloc, 387 BdrvRequestFlags flags, Error **errp) 388 { 389 BDRVRawState *s = bs->opaque; 390 391 if (s->has_size) { 392 error_setg(errp, "Cannot resize fixed-size raw disks"); 393 return -ENOTSUP; 394 } 395 396 if (INT64_MAX - offset < s->offset) { 397 error_setg(errp, "Disk size too large for the chosen offset"); 398 return -EINVAL; 399 } 400 401 s->size = offset; 402 offset += s->offset; 403 return bdrv_co_truncate(bs->file, offset, exact, prealloc, flags, errp); 404 } 405 406 static void raw_eject(BlockDriverState *bs, bool eject_flag) 407 { 408 bdrv_eject(bs->file->bs, eject_flag); 409 } 410 411 static void raw_lock_medium(BlockDriverState *bs, bool locked) 412 { 413 bdrv_lock_medium(bs->file->bs, locked); 414 } 415 416 static int raw_co_ioctl(BlockDriverState *bs, unsigned long int req, void *buf) 417 { 418 BDRVRawState *s = bs->opaque; 419 if (s->offset || s->has_size) { 420 return -ENOTSUP; 421 } 422 return bdrv_co_ioctl(bs->file->bs, req, buf); 423 } 424 425 static int raw_has_zero_init(BlockDriverState *bs) 426 { 427 return bdrv_has_zero_init(bs->file->bs); 428 } 429 430 static int coroutine_fn raw_co_create_opts(BlockDriver *drv, 431 const char *filename, 432 QemuOpts *opts, 433 Error **errp) 434 { 435 return bdrv_create_file(filename, opts, errp); 436 } 437 438 static int raw_open(BlockDriverState *bs, QDict *options, int flags, 439 Error **errp) 440 { 441 BDRVRawState *s = bs->opaque; 442 bool has_size; 443 uint64_t offset, size; 444 BdrvChildRole file_role; 445 int ret; 446 447 ret = raw_read_options(options, &offset, &has_size, &size, errp); 448 if (ret < 0) { 449 return ret; 450 } 451 452 /* 453 * Without offset and a size limit, this driver behaves very much 454 * like a filter. With any such limit, it does not. 455 */ 456 if (offset || has_size) { 457 file_role = BDRV_CHILD_DATA | BDRV_CHILD_PRIMARY; 458 } else { 459 file_role = BDRV_CHILD_FILTERED | BDRV_CHILD_PRIMARY; 460 } 461 462 bs->file = bdrv_open_child(NULL, options, "file", bs, &child_of_bds, 463 file_role, false, errp); 464 if (!bs->file) { 465 return -EINVAL; 466 } 467 468 bs->sg = bs->file->bs->sg; 469 bs->supported_write_flags = BDRV_REQ_WRITE_UNCHANGED | 470 (BDRV_REQ_FUA & bs->file->bs->supported_write_flags); 471 bs->supported_zero_flags = BDRV_REQ_WRITE_UNCHANGED | 472 ((BDRV_REQ_FUA | BDRV_REQ_MAY_UNMAP | BDRV_REQ_NO_FALLBACK) & 473 bs->file->bs->supported_zero_flags); 474 bs->supported_truncate_flags = bs->file->bs->supported_truncate_flags & 475 BDRV_REQ_ZERO_WRITE; 476 477 if (bs->probed && !bdrv_is_read_only(bs)) { 478 bdrv_refresh_filename(bs->file->bs); 479 fprintf(stderr, 480 "WARNING: Image format was not specified for '%s' and probing " 481 "guessed raw.\n" 482 " Automatically detecting the format is dangerous for " 483 "raw images, write operations on block 0 will be restricted.\n" 484 " Specify the 'raw' format explicitly to remove the " 485 "restrictions.\n", 486 bs->file->bs->filename); 487 } 488 489 ret = raw_apply_options(bs, s, offset, has_size, size, errp); 490 if (ret < 0) { 491 return ret; 492 } 493 494 if (bs->sg && (s->offset || s->has_size)) { 495 error_setg(errp, "Cannot use offset/size with SCSI generic devices"); 496 return -EINVAL; 497 } 498 499 return 0; 500 } 501 502 static int raw_probe(const uint8_t *buf, int buf_size, const char *filename) 503 { 504 /* smallest possible positive score so that raw is used if and only if no 505 * other block driver works 506 */ 507 return 1; 508 } 509 510 static int raw_probe_blocksizes(BlockDriverState *bs, BlockSizes *bsz) 511 { 512 BDRVRawState *s = bs->opaque; 513 int ret; 514 515 ret = bdrv_probe_blocksizes(bs->file->bs, bsz); 516 if (ret < 0) { 517 return ret; 518 } 519 520 if (!QEMU_IS_ALIGNED(s->offset, MAX(bsz->log, bsz->phys))) { 521 return -ENOTSUP; 522 } 523 524 return 0; 525 } 526 527 static int raw_probe_geometry(BlockDriverState *bs, HDGeometry *geo) 528 { 529 BDRVRawState *s = bs->opaque; 530 if (s->offset || s->has_size) { 531 return -ENOTSUP; 532 } 533 return bdrv_probe_geometry(bs->file->bs, geo); 534 } 535 536 static int coroutine_fn raw_co_copy_range_from(BlockDriverState *bs, 537 BdrvChild *src, 538 uint64_t src_offset, 539 BdrvChild *dst, 540 uint64_t dst_offset, 541 uint64_t bytes, 542 BdrvRequestFlags read_flags, 543 BdrvRequestFlags write_flags) 544 { 545 int ret; 546 547 ret = raw_adjust_offset(bs, &src_offset, bytes, false); 548 if (ret) { 549 return ret; 550 } 551 return bdrv_co_copy_range_from(bs->file, src_offset, dst, dst_offset, 552 bytes, read_flags, write_flags); 553 } 554 555 static int coroutine_fn raw_co_copy_range_to(BlockDriverState *bs, 556 BdrvChild *src, 557 uint64_t src_offset, 558 BdrvChild *dst, 559 uint64_t dst_offset, 560 uint64_t bytes, 561 BdrvRequestFlags read_flags, 562 BdrvRequestFlags write_flags) 563 { 564 int ret; 565 566 ret = raw_adjust_offset(bs, &dst_offset, bytes, true); 567 if (ret) { 568 return ret; 569 } 570 return bdrv_co_copy_range_to(src, src_offset, bs->file, dst_offset, bytes, 571 read_flags, write_flags); 572 } 573 574 static const char *const raw_strong_runtime_opts[] = { 575 "offset", 576 "size", 577 578 NULL 579 }; 580 581 BlockDriver bdrv_raw = { 582 .format_name = "raw", 583 .instance_size = sizeof(BDRVRawState), 584 .bdrv_probe = &raw_probe, 585 .bdrv_reopen_prepare = &raw_reopen_prepare, 586 .bdrv_reopen_commit = &raw_reopen_commit, 587 .bdrv_reopen_abort = &raw_reopen_abort, 588 .bdrv_open = &raw_open, 589 .bdrv_child_perm = bdrv_default_perms, 590 .bdrv_co_create_opts = &raw_co_create_opts, 591 .bdrv_co_preadv = &raw_co_preadv, 592 .bdrv_co_pwritev = &raw_co_pwritev, 593 .bdrv_co_pwrite_zeroes = &raw_co_pwrite_zeroes, 594 .bdrv_co_pdiscard = &raw_co_pdiscard, 595 .bdrv_co_block_status = &raw_co_block_status, 596 .bdrv_co_copy_range_from = &raw_co_copy_range_from, 597 .bdrv_co_copy_range_to = &raw_co_copy_range_to, 598 .bdrv_co_truncate = &raw_co_truncate, 599 .bdrv_getlength = &raw_getlength, 600 .is_format = true, 601 .has_variable_length = true, 602 .bdrv_measure = &raw_measure, 603 .bdrv_get_info = &raw_get_info, 604 .bdrv_refresh_limits = &raw_refresh_limits, 605 .bdrv_probe_blocksizes = &raw_probe_blocksizes, 606 .bdrv_probe_geometry = &raw_probe_geometry, 607 .bdrv_eject = &raw_eject, 608 .bdrv_lock_medium = &raw_lock_medium, 609 .bdrv_co_ioctl = &raw_co_ioctl, 610 .create_opts = &raw_create_opts, 611 .bdrv_has_zero_init = &raw_has_zero_init, 612 .strong_runtime_opts = raw_strong_runtime_opts, 613 .mutable_opts = mutable_opts, 614 }; 615 616 static void bdrv_raw_init(void) 617 { 618 bdrv_register(&bdrv_raw); 619 } 620 621 block_init(bdrv_raw_init); 622