]>
Commit | Line | Data |
---|---|---|
56e2f1d8 VSO |
1 | /* |
2 | * Threaded data processing for Qcow2: compression, encryption | |
3 | * | |
4 | * Copyright (c) 2004-2006 Fabrice Bellard | |
5 | * Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved. | |
6 | * | |
7 | * Permission is hereby granted, free of charge, to any person obtaining a copy | |
8 | * of this software and associated documentation files (the "Software"), to deal | |
9 | * in the Software without restriction, including without limitation the rights | |
10 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
11 | * copies of the Software, and to permit persons to whom the Software is | |
12 | * furnished to do so, subject to the following conditions: | |
13 | * | |
14 | * The above copyright notice and this permission notice shall be included in | |
15 | * all copies or substantial portions of the Software. | |
16 | * | |
17 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
18 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
19 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL | |
20 | * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
21 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
22 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |
23 | * THE SOFTWARE. | |
24 | */ | |
25 | ||
26 | #include "qemu/osdep.h" | |
27 | ||
28 | #define ZLIB_CONST | |
29 | #include <zlib.h> | |
30 | ||
d298ac10 DP |
31 | #ifdef CONFIG_ZSTD |
32 | #include <zstd.h> | |
33 | #include <zstd_errors.h> | |
34 | #endif | |
35 | ||
56e2f1d8 | 36 | #include "qcow2.h" |
e2c1c34f | 37 | #include "block/block-io.h" |
56e2f1d8 | 38 | #include "block/thread-pool.h" |
8ac0f15f | 39 | #include "crypto.h" |
6f13a316 VSO |
40 | |
41 | static int coroutine_fn | |
42 | qcow2_co_process(BlockDriverState *bs, ThreadPoolFunc *func, void *arg) | |
43 | { | |
44 | int ret; | |
45 | BDRVQcow2State *s = bs->opaque; | |
46 | ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs)); | |
47 | ||
48 | qemu_co_mutex_lock(&s->lock); | |
49 | while (s->nb_threads >= QCOW2_MAX_THREADS) { | |
50 | qemu_co_queue_wait(&s->thread_task_queue, &s->lock); | |
51 | } | |
52 | s->nb_threads++; | |
53 | qemu_co_mutex_unlock(&s->lock); | |
54 | ||
55 | ret = thread_pool_submit_co(pool, func, arg); | |
56 | ||
57 | qemu_co_mutex_lock(&s->lock); | |
58 | s->nb_threads--; | |
59 | qemu_co_queue_next(&s->thread_task_queue); | |
60 | qemu_co_mutex_unlock(&s->lock); | |
61 | ||
62 | return ret; | |
63 | } | |
64 | ||
65 | ||
66 | /* | |
67 | * Compression | |
68 | */ | |
56e2f1d8 VSO |
69 | |
70 | typedef ssize_t (*Qcow2CompressFunc)(void *dest, size_t dest_size, | |
71 | const void *src, size_t src_size); | |
72 | typedef struct Qcow2CompressData { | |
73 | void *dest; | |
74 | size_t dest_size; | |
75 | const void *src; | |
76 | size_t src_size; | |
77 | ssize_t ret; | |
78 | ||
79 | Qcow2CompressFunc func; | |
80 | } Qcow2CompressData; | |
81 | ||
82 | /* | |
25dd077d DP |
83 | * qcow2_zlib_compress() |
84 | * | |
85 | * Compress @src_size bytes of data using zlib compression method | |
56e2f1d8 VSO |
86 | * |
87 | * @dest - destination buffer, @dest_size bytes | |
88 | * @src - source buffer, @src_size bytes | |
89 | * | |
90 | * Returns: compressed size on success | |
91 | * -ENOMEM destination buffer is not enough to store compressed data | |
92 | * -EIO on any other error | |
93 | */ | |
25dd077d DP |
94 | static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size, |
95 | const void *src, size_t src_size) | |
56e2f1d8 VSO |
96 | { |
97 | ssize_t ret; | |
98 | z_stream strm; | |
99 | ||
100 | /* best compression, small window, no zlib header */ | |
101 | memset(&strm, 0, sizeof(strm)); | |
102 | ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED, | |
103 | -12, 9, Z_DEFAULT_STRATEGY); | |
104 | if (ret != Z_OK) { | |
105 | return -EIO; | |
106 | } | |
107 | ||
108 | /* | |
109 | * strm.next_in is not const in old zlib versions, such as those used on | |
110 | * OpenBSD/NetBSD, so cast the const away | |
111 | */ | |
112 | strm.avail_in = src_size; | |
113 | strm.next_in = (void *) src; | |
114 | strm.avail_out = dest_size; | |
115 | strm.next_out = dest; | |
116 | ||
117 | ret = deflate(&strm, Z_FINISH); | |
118 | if (ret == Z_STREAM_END) { | |
119 | ret = dest_size - strm.avail_out; | |
120 | } else { | |
121 | ret = (ret == Z_OK ? -ENOMEM : -EIO); | |
122 | } | |
123 | ||
124 | deflateEnd(&strm); | |
125 | ||
126 | return ret; | |
127 | } | |
128 | ||
129 | /* | |
25dd077d | 130 | * qcow2_zlib_decompress() |
56e2f1d8 VSO |
131 | * |
132 | * Decompress some data (not more than @src_size bytes) to produce exactly | |
25dd077d | 133 | * @dest_size bytes using zlib compression method |
56e2f1d8 VSO |
134 | * |
135 | * @dest - destination buffer, @dest_size bytes | |
136 | * @src - source buffer, @src_size bytes | |
137 | * | |
138 | * Returns: 0 on success | |
e7266570 | 139 | * -EIO on fail |
56e2f1d8 | 140 | */ |
25dd077d DP |
141 | static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size, |
142 | const void *src, size_t src_size) | |
56e2f1d8 | 143 | { |
e7266570 | 144 | int ret; |
56e2f1d8 VSO |
145 | z_stream strm; |
146 | ||
147 | memset(&strm, 0, sizeof(strm)); | |
148 | strm.avail_in = src_size; | |
149 | strm.next_in = (void *) src; | |
150 | strm.avail_out = dest_size; | |
151 | strm.next_out = dest; | |
152 | ||
153 | ret = inflateInit2(&strm, -12); | |
154 | if (ret != Z_OK) { | |
e7266570 | 155 | return -EIO; |
56e2f1d8 VSO |
156 | } |
157 | ||
158 | ret = inflate(&strm, Z_FINISH); | |
e7266570 | 159 | if ((ret == Z_STREAM_END || ret == Z_BUF_ERROR) && strm.avail_out == 0) { |
56e2f1d8 VSO |
160 | /* |
161 | * We approve Z_BUF_ERROR because we need @dest buffer to be filled, but | |
162 | * @src buffer may be processed partly (because in qcow2 we know size of | |
163 | * compressed data with precision of one sector) | |
164 | */ | |
e7266570 VSO |
165 | ret = 0; |
166 | } else { | |
167 | ret = -EIO; | |
56e2f1d8 VSO |
168 | } |
169 | ||
170 | inflateEnd(&strm); | |
171 | ||
172 | return ret; | |
173 | } | |
174 | ||
d298ac10 DP |
175 | #ifdef CONFIG_ZSTD |
176 | ||
177 | /* | |
178 | * qcow2_zstd_compress() | |
179 | * | |
180 | * Compress @src_size bytes of data using zstd compression method | |
181 | * | |
182 | * @dest - destination buffer, @dest_size bytes | |
183 | * @src - source buffer, @src_size bytes | |
184 | * | |
185 | * Returns: compressed size on success | |
186 | * -ENOMEM destination buffer is not enough to store compressed data | |
187 | * -EIO on any other error | |
188 | */ | |
189 | static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size, | |
190 | const void *src, size_t src_size) | |
191 | { | |
192 | ssize_t ret; | |
193 | size_t zstd_ret; | |
194 | ZSTD_outBuffer output = { | |
195 | .dst = dest, | |
196 | .size = dest_size, | |
197 | .pos = 0 | |
198 | }; | |
199 | ZSTD_inBuffer input = { | |
200 | .src = src, | |
201 | .size = src_size, | |
202 | .pos = 0 | |
203 | }; | |
204 | ZSTD_CCtx *cctx = ZSTD_createCCtx(); | |
205 | ||
206 | if (!cctx) { | |
207 | return -EIO; | |
208 | } | |
209 | /* | |
210 | * Use the zstd streamed interface for symmetry with decompression, | |
211 | * where streaming is essential since we don't record the exact | |
212 | * compressed size. | |
213 | * | |
214 | * ZSTD_compressStream2() tries to compress everything it could | |
215 | * with a single call. Although, ZSTD docs says that: | |
216 | * "You must continue calling ZSTD_compressStream2() with ZSTD_e_end | |
217 | * until it returns 0, at which point you are free to start a new frame", | |
218 | * in out tests we saw the only case when it returned with >0 - | |
219 | * when the output buffer was too small. In that case, | |
220 | * ZSTD_compressStream2() expects a bigger buffer on the next call. | |
221 | * We can't provide a bigger buffer because we are limited with dest_size | |
222 | * which we pass to the ZSTD_compressStream2() at once. | |
223 | * So, we don't need any loops and just abort the compression when we | |
224 | * don't get 0 result on the first call. | |
225 | */ | |
226 | zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end); | |
227 | ||
228 | if (zstd_ret) { | |
229 | if (zstd_ret > output.size - output.pos) { | |
230 | ret = -ENOMEM; | |
231 | } else { | |
232 | ret = -EIO; | |
233 | } | |
234 | goto out; | |
235 | } | |
236 | ||
237 | /* make sure that zstd didn't overflow the dest buffer */ | |
238 | assert(output.pos <= dest_size); | |
239 | ret = output.pos; | |
240 | out: | |
241 | ZSTD_freeCCtx(cctx); | |
242 | return ret; | |
243 | } | |
244 | ||
245 | /* | |
246 | * qcow2_zstd_decompress() | |
247 | * | |
248 | * Decompress some data (not more than @src_size bytes) to produce exactly | |
249 | * @dest_size bytes using zstd compression method | |
250 | * | |
251 | * @dest - destination buffer, @dest_size bytes | |
252 | * @src - source buffer, @src_size bytes | |
253 | * | |
254 | * Returns: 0 on success | |
255 | * -EIO on any error | |
256 | */ | |
257 | static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size, | |
258 | const void *src, size_t src_size) | |
259 | { | |
260 | size_t zstd_ret = 0; | |
261 | ssize_t ret = 0; | |
262 | ZSTD_outBuffer output = { | |
263 | .dst = dest, | |
264 | .size = dest_size, | |
265 | .pos = 0 | |
266 | }; | |
267 | ZSTD_inBuffer input = { | |
268 | .src = src, | |
269 | .size = src_size, | |
270 | .pos = 0 | |
271 | }; | |
272 | ZSTD_DCtx *dctx = ZSTD_createDCtx(); | |
273 | ||
274 | if (!dctx) { | |
275 | return -EIO; | |
276 | } | |
277 | ||
278 | /* | |
279 | * The compressed stream from the input buffer may consist of more | |
280 | * than one zstd frame. So we iterate until we get a fully | |
281 | * uncompressed cluster. | |
282 | * From zstd docs related to ZSTD_decompressStream: | |
283 | * "return : 0 when a frame is completely decoded and fully flushed" | |
284 | * We suppose that this means: each time ZSTD_decompressStream reads | |
285 | * only ONE full frame and returns 0 if and only if that frame | |
286 | * is completely decoded and flushed. Only after returning 0, | |
287 | * ZSTD_decompressStream reads another ONE full frame. | |
288 | */ | |
289 | while (output.pos < output.size) { | |
290 | size_t last_in_pos = input.pos; | |
291 | size_t last_out_pos = output.pos; | |
292 | zstd_ret = ZSTD_decompressStream(dctx, &output, &input); | |
293 | ||
294 | if (ZSTD_isError(zstd_ret)) { | |
295 | ret = -EIO; | |
296 | break; | |
297 | } | |
298 | ||
299 | /* | |
300 | * The ZSTD manual is vague about what to do if it reads | |
301 | * the buffer partially, and we don't want to get stuck | |
302 | * in an infinite loop where ZSTD_decompressStream | |
303 | * returns > 0 waiting for another input chunk. So, we add | |
304 | * a check which ensures that the loop makes some progress | |
305 | * on each step. | |
306 | */ | |
307 | if (last_in_pos >= input.pos && | |
308 | last_out_pos >= output.pos) { | |
309 | ret = -EIO; | |
310 | break; | |
311 | } | |
312 | } | |
313 | /* | |
314 | * Make sure that we have the frame fully flushed here | |
315 | * if not, we somehow managed to get uncompressed cluster | |
316 | * greater then the cluster size, possibly because of its | |
317 | * damage. | |
318 | */ | |
319 | if (zstd_ret > 0) { | |
320 | ret = -EIO; | |
321 | } | |
322 | ||
323 | ZSTD_freeDCtx(dctx); | |
324 | assert(ret == 0 || ret == -EIO); | |
325 | return ret; | |
326 | } | |
327 | #endif | |
328 | ||
56e2f1d8 VSO |
329 | static int qcow2_compress_pool_func(void *opaque) |
330 | { | |
331 | Qcow2CompressData *data = opaque; | |
332 | ||
333 | data->ret = data->func(data->dest, data->dest_size, | |
334 | data->src, data->src_size); | |
335 | ||
336 | return 0; | |
337 | } | |
338 | ||
56e2f1d8 VSO |
339 | static ssize_t coroutine_fn |
340 | qcow2_co_do_compress(BlockDriverState *bs, void *dest, size_t dest_size, | |
341 | const void *src, size_t src_size, Qcow2CompressFunc func) | |
342 | { | |
56e2f1d8 VSO |
343 | Qcow2CompressData arg = { |
344 | .dest = dest, | |
345 | .dest_size = dest_size, | |
346 | .src = src, | |
347 | .src_size = src_size, | |
348 | .func = func, | |
349 | }; | |
350 | ||
6f13a316 | 351 | qcow2_co_process(bs, qcow2_compress_pool_func, &arg); |
56e2f1d8 VSO |
352 | |
353 | return arg.ret; | |
354 | } | |
355 | ||
25dd077d DP |
356 | /* |
357 | * qcow2_co_compress() | |
358 | * | |
359 | * Compress @src_size bytes of data using the compression | |
360 | * method defined by the image compression type | |
361 | * | |
362 | * @dest - destination buffer, @dest_size bytes | |
363 | * @src - source buffer, @src_size bytes | |
364 | * | |
365 | * Returns: compressed size on success | |
366 | * a negative error code on failure | |
367 | */ | |
56e2f1d8 VSO |
368 | ssize_t coroutine_fn |
369 | qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size, | |
370 | const void *src, size_t src_size) | |
371 | { | |
25dd077d DP |
372 | BDRVQcow2State *s = bs->opaque; |
373 | Qcow2CompressFunc fn; | |
374 | ||
375 | switch (s->compression_type) { | |
376 | case QCOW2_COMPRESSION_TYPE_ZLIB: | |
377 | fn = qcow2_zlib_compress; | |
378 | break; | |
379 | ||
d298ac10 DP |
380 | #ifdef CONFIG_ZSTD |
381 | case QCOW2_COMPRESSION_TYPE_ZSTD: | |
382 | fn = qcow2_zstd_compress; | |
383 | break; | |
384 | #endif | |
25dd077d DP |
385 | default: |
386 | abort(); | |
387 | } | |
388 | ||
389 | return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn); | |
56e2f1d8 VSO |
390 | } |
391 | ||
25dd077d DP |
392 | /* |
393 | * qcow2_co_decompress() | |
394 | * | |
395 | * Decompress some data (not more than @src_size bytes) to produce exactly | |
396 | * @dest_size bytes using the compression method defined by the image | |
397 | * compression type | |
398 | * | |
399 | * @dest - destination buffer, @dest_size bytes | |
400 | * @src - source buffer, @src_size bytes | |
401 | * | |
402 | * Returns: 0 on success | |
403 | * a negative error code on failure | |
404 | */ | |
56e2f1d8 VSO |
405 | ssize_t coroutine_fn |
406 | qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size, | |
407 | const void *src, size_t src_size) | |
408 | { | |
25dd077d DP |
409 | BDRVQcow2State *s = bs->opaque; |
410 | Qcow2CompressFunc fn; | |
411 | ||
412 | switch (s->compression_type) { | |
413 | case QCOW2_COMPRESSION_TYPE_ZLIB: | |
414 | fn = qcow2_zlib_decompress; | |
415 | break; | |
416 | ||
d298ac10 DP |
417 | #ifdef CONFIG_ZSTD |
418 | case QCOW2_COMPRESSION_TYPE_ZSTD: | |
419 | fn = qcow2_zstd_decompress; | |
420 | break; | |
421 | #endif | |
25dd077d DP |
422 | default: |
423 | abort(); | |
424 | } | |
425 | ||
426 | return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn); | |
56e2f1d8 | 427 | } |
8ac0f15f VSO |
428 | |
429 | ||
430 | /* | |
431 | * Cryptography | |
432 | */ | |
433 | ||
434 | /* | |
435 | * Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and | |
436 | * qcrypto_block_decrypt() functions. | |
437 | */ | |
438 | typedef int (*Qcow2EncDecFunc)(QCryptoBlock *block, uint64_t offset, | |
439 | uint8_t *buf, size_t len, Error **errp); | |
440 | ||
441 | typedef struct Qcow2EncDecData { | |
442 | QCryptoBlock *block; | |
443 | uint64_t offset; | |
444 | uint8_t *buf; | |
445 | size_t len; | |
446 | ||
447 | Qcow2EncDecFunc func; | |
448 | } Qcow2EncDecData; | |
449 | ||
450 | static int qcow2_encdec_pool_func(void *opaque) | |
451 | { | |
452 | Qcow2EncDecData *data = opaque; | |
453 | ||
454 | return data->func(data->block, data->offset, data->buf, data->len, NULL); | |
455 | } | |
456 | ||
457 | static int coroutine_fn | |
603fbd07 ML |
458 | qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset, |
459 | uint64_t guest_offset, void *buf, size_t len, | |
460 | Qcow2EncDecFunc func) | |
8ac0f15f VSO |
461 | { |
462 | BDRVQcow2State *s = bs->opaque; | |
463 | Qcow2EncDecData arg = { | |
464 | .block = s->crypto, | |
603fbd07 | 465 | .offset = s->crypt_physical_offset ? host_offset : guest_offset, |
8ac0f15f VSO |
466 | .buf = buf, |
467 | .len = len, | |
468 | .func = func, | |
469 | }; | |
2d4b5256 | 470 | uint64_t sector_size; |
8ac0f15f | 471 | |
603fbd07 ML |
472 | assert(s->crypto); |
473 | ||
2d4b5256 AG |
474 | sector_size = qcrypto_block_get_sector_size(s->crypto); |
475 | assert(QEMU_IS_ALIGNED(guest_offset, sector_size)); | |
476 | assert(QEMU_IS_ALIGNED(host_offset, sector_size)); | |
477 | assert(QEMU_IS_ALIGNED(len, sector_size)); | |
478 | ||
603fbd07 | 479 | return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg); |
8ac0f15f VSO |
480 | } |
481 | ||
603fbd07 ML |
482 | /* |
483 | * qcow2_co_encrypt() | |
484 | * | |
485 | * Encrypts one or more contiguous aligned sectors | |
486 | * | |
487 | * @host_offset - underlying storage offset of the first sector of the | |
488 | * data to be encrypted | |
489 | * | |
490 | * @guest_offset - guest (virtual) offset of the first sector of the | |
491 | * data to be encrypted | |
492 | * | |
493 | * @buf - buffer with the data to encrypt, that after encryption | |
494 | * will be written to the underlying storage device at | |
495 | * @host_offset | |
496 | * | |
2d4b5256 AG |
497 | * @len - length of the buffer (must be a multiple of the encryption |
498 | * sector size) | |
603fbd07 ML |
499 | * |
500 | * Depending on the encryption method, @host_offset and/or @guest_offset | |
501 | * may be used for generating the initialization vector for | |
502 | * encryption. | |
503 | * | |
504 | * Note that while the whole range must be aligned on sectors, it | |
505 | * does not have to be aligned on clusters and can also cross cluster | |
506 | * boundaries | |
507 | */ | |
8ac0f15f | 508 | int coroutine_fn |
603fbd07 ML |
509 | qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset, |
510 | uint64_t guest_offset, void *buf, size_t len) | |
8ac0f15f | 511 | { |
603fbd07 ML |
512 | return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len, |
513 | qcrypto_block_encrypt); | |
8ac0f15f VSO |
514 | } |
515 | ||
603fbd07 ML |
516 | /* |
517 | * qcow2_co_decrypt() | |
518 | * | |
519 | * Decrypts one or more contiguous aligned sectors | |
520 | * Similar to qcow2_co_encrypt | |
521 | */ | |
8ac0f15f | 522 | int coroutine_fn |
603fbd07 ML |
523 | qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset, |
524 | uint64_t guest_offset, void *buf, size_t len) | |
8ac0f15f | 525 | { |
603fbd07 ML |
526 | return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len, |
527 | qcrypto_block_decrypt); | |
8ac0f15f | 528 | } |