[mirror_qemu.git] / block / qcow2-threads.c

/*
 * Threaded data processing for Qcow2: compression, encryption
 *
 * Copyright (c) 2004-2006 Fabrice Bellard
 * Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved.
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */

#include "qemu/osdep.h"

#define ZLIB_CONST
#include <zlib.h>

#ifdef CONFIG_ZSTD
#include <zstd.h>
#include <zstd_errors.h>
#endif

#include "qcow2.h"
#include "block/block-io.h"
#include "block/thread-pool.h"
#include "crypto.h"

static int coroutine_fn
qcow2_co_process(BlockDriverState *bs, ThreadPoolFunc *func, void *arg)
{
    int ret;
    BDRVQcow2State *s = bs->opaque;
    ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs));

    qemu_co_mutex_lock(&s->lock);
    while (s->nb_threads >= QCOW2_MAX_THREADS) {
        qemu_co_queue_wait(&s->thread_task_queue, &s->lock);
    }
    s->nb_threads++;
    qemu_co_mutex_unlock(&s->lock);

    ret = thread_pool_submit_co(pool, func, arg);

    qemu_co_mutex_lock(&s->lock);
    s->nb_threads--;
    qemu_co_queue_next(&s->thread_task_queue);
    qemu_co_mutex_unlock(&s->lock);

    return ret;
}


/*
 * Compression
 */

typedef ssize_t (*Qcow2CompressFunc)(void *dest, size_t dest_size,
                                     const void *src, size_t src_size);
typedef struct Qcow2CompressData {
    void *dest;
    size_t dest_size;
    const void *src;
    size_t src_size;
    ssize_t ret;

    Qcow2CompressFunc func;
} Qcow2CompressData;

/*
 * qcow2_zlib_compress()
 *
 * Compress @src_size bytes of data using zlib compression method
 *
 * @dest - destination buffer, @dest_size bytes
 * @src - source buffer, @src_size bytes
 *
 * Returns: compressed size on success
 *          -ENOMEM destination buffer is not enough to store compressed data
 *          -EIO    on any other error
 */
static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size,
                                   const void *src, size_t src_size)
{
    ssize_t ret;
    z_stream strm;

    /* best compression, small window, no zlib header */
    memset(&strm, 0, sizeof(strm));
    ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
                       -12, 9, Z_DEFAULT_STRATEGY);
    if (ret != Z_OK) {
        return -EIO;
    }

    /*
     * strm.next_in is not const in old zlib versions, such as those used on
     * OpenBSD/NetBSD, so cast the const away
     */
    strm.avail_in = src_size;
    strm.next_in = (void *) src;
    strm.avail_out = dest_size;
    strm.next_out = dest;

    ret = deflate(&strm, Z_FINISH);
    if (ret == Z_STREAM_END) {
        ret = dest_size - strm.avail_out;
    } else {
        ret = (ret == Z_OK ? -ENOMEM : -EIO);
    }

    deflateEnd(&strm);

    return ret;
}

/*
 * qcow2_zlib_decompress()
 *
 * Decompress some data (not more than @src_size bytes) to produce exactly
 * @dest_size bytes using zlib compression method
 *
 * @dest - destination buffer, @dest_size bytes
 * @src - source buffer, @src_size bytes
 *
 * Returns: 0 on success
 *          -EIO on fail
 */
static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size,
                                     const void *src, size_t src_size)
{
    int ret;
    z_stream strm;

    memset(&strm, 0, sizeof(strm));
    strm.avail_in = src_size;
    strm.next_in = (void *) src;
    strm.avail_out = dest_size;
    strm.next_out = dest;

    ret = inflateInit2(&strm, -12);
    if (ret != Z_OK) {
        return -EIO;
    }

    ret = inflate(&strm, Z_FINISH);
    if ((ret == Z_STREAM_END || ret == Z_BUF_ERROR) && strm.avail_out == 0) {
        /*
         * We approve Z_BUF_ERROR because we need @dest buffer to be filled, but
         * @src buffer may be processed partly (because in qcow2 we know size of
         * compressed data with precision of one sector)
         */
        ret = 0;
    } else {
        ret = -EIO;
    }

    inflateEnd(&strm);

    return ret;
}

#ifdef CONFIG_ZSTD

/*
 * qcow2_zstd_compress()
 *
 * Compress @src_size bytes of data using zstd compression method
 *
 * @dest - destination buffer, @dest_size bytes
 * @src - source buffer, @src_size bytes
 *
 * Returns: compressed size on success
 *          -ENOMEM destination buffer is not enough to store compressed data
 *          -EIO    on any other error
 */
static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size,
                                   const void *src, size_t src_size)
{
    ssize_t ret;
    size_t zstd_ret;
    ZSTD_outBuffer output = {
        .dst = dest,
        .size = dest_size,
        .pos = 0
    };
    ZSTD_inBuffer input = {
        .src = src,
        .size = src_size,
        .pos = 0
    };
    ZSTD_CCtx *cctx = ZSTD_createCCtx();

    if (!cctx) {
        return -EIO;
    }
    /*
     * Use the zstd streamed interface for symmetry with decompression,
     * where streaming is essential since we don't record the exact
     * compressed size.
     *
     * ZSTD_compressStream2() tries to compress everything it could
     * with a single call. Although, ZSTD docs says that:
     * "You must continue calling ZSTD_compressStream2() with ZSTD_e_end
     * until it returns 0, at which point you are free to start a new frame",
     * in out tests we saw the only case when it returned with >0 -
     * when the output buffer was too small. In that case,
     * ZSTD_compressStream2() expects a bigger buffer on the next call.
     * We can't provide a bigger buffer because we are limited with dest_size
     * which we pass to the ZSTD_compressStream2() at once.
     * So, we don't need any loops and just abort the compression when we
     * don't get 0 result on the first call.
     */
    zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end);

    if (zstd_ret) {
        if (zstd_ret > output.size - output.pos) {
            ret = -ENOMEM;
        } else {
            ret = -EIO;
        }
        goto out;
    }

    /* make sure that zstd didn't overflow the dest buffer */
    assert(output.pos <= dest_size);
    ret = output.pos;
out:
    ZSTD_freeCCtx(cctx);
    return ret;
}

/*
 * qcow2_zstd_decompress()
 *
 * Decompress some data (not more than @src_size bytes) to produce exactly
 * @dest_size bytes using zstd compression method
 *
 * @dest - destination buffer, @dest_size bytes
 * @src - source buffer, @src_size bytes
 *
 * Returns: 0 on success
 *          -EIO on any error
 */
static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size,
                                     const void *src, size_t src_size)
{
    size_t zstd_ret = 0;
    ssize_t ret = 0;
    ZSTD_outBuffer output = {
        .dst = dest,
        .size = dest_size,
        .pos = 0
    };
    ZSTD_inBuffer input = {
        .src = src,
        .size = src_size,
        .pos = 0
    };
    ZSTD_DCtx *dctx = ZSTD_createDCtx();

    if (!dctx) {
        return -EIO;
    }

    /*
     * The compressed stream from the input buffer may consist of more
     * than one zstd frame. So we iterate until we get a fully
     * uncompressed cluster.
     * From zstd docs related to ZSTD_decompressStream:
     * "return : 0 when a frame is completely decoded and fully flushed"
     * We suppose that this means: each time ZSTD_decompressStream reads
     * only ONE full frame and returns 0 if and only if that frame
     * is completely decoded and flushed. Only after returning 0,
     * ZSTD_decompressStream reads another ONE full frame.
     */
    while (output.pos < output.size) {
        size_t last_in_pos = input.pos;
        size_t last_out_pos = output.pos;
        zstd_ret = ZSTD_decompressStream(dctx, &output, &input);

        if (ZSTD_isError(zstd_ret)) {
            ret = -EIO;
            break;
        }

        /*
         * The ZSTD manual is vague about what to do if it reads
         * the buffer partially, and we don't want to get stuck
         * in an infinite loop where ZSTD_decompressStream
         * returns > 0 waiting for another input chunk. So, we add
         * a check which ensures that the loop makes some progress
         * on each step.
         */
        if (last_in_pos >= input.pos &&
            last_out_pos >= output.pos) {
            ret = -EIO;
            break;
        }
    }
    /*
     * Make sure that we have the frame fully flushed here
     * if not, we somehow managed to get uncompressed cluster
     * greater then the cluster size, possibly because of its
     * damage.
     */
    if (zstd_ret > 0) {
        ret = -EIO;
    }

    ZSTD_freeDCtx(dctx);
    assert(ret == 0 || ret == -EIO);
    return ret;
}
#endif

static int qcow2_compress_pool_func(void *opaque)
{
    Qcow2CompressData *data = opaque;

    data->ret = data->func(data->dest, data->dest_size,
                           data->src, data->src_size);

    return 0;
}

static ssize_t coroutine_fn
qcow2_co_do_compress(BlockDriverState *bs, void *dest, size_t dest_size,
                     const void *src, size_t src_size, Qcow2CompressFunc func)
{
    Qcow2CompressData arg = {
        .dest = dest,
        .dest_size = dest_size,
        .src = src,
        .src_size = src_size,
        .func = func,
    };

    qcow2_co_process(bs, qcow2_compress_pool_func, &arg);

    return arg.ret;
}

/*
 * qcow2_co_compress()
 *
 * Compress @src_size bytes of data using the compression
 * method defined by the image compression type
 *
 * @dest - destination buffer, @dest_size bytes
 * @src - source buffer, @src_size bytes
 *
 * Returns: compressed size on success
 *          a negative error code on failure
 */
ssize_t coroutine_fn
qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size,
                  const void *src, size_t src_size)
{
    BDRVQcow2State *s = bs->opaque;
    Qcow2CompressFunc fn;

    switch (s->compression_type) {
    case QCOW2_COMPRESSION_TYPE_ZLIB:
        fn = qcow2_zlib_compress;
        break;

#ifdef CONFIG_ZSTD
    case QCOW2_COMPRESSION_TYPE_ZSTD:
        fn = qcow2_zstd_compress;
        break;
#endif
    default:
        abort();
    }

    return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
}

/*
 * qcow2_co_decompress()
 *
 * Decompress some data (not more than @src_size bytes) to produce exactly
 * @dest_size bytes using the compression method defined by the image
 * compression type
 *
 * @dest - destination buffer, @dest_size bytes
 * @src - source buffer, @src_size bytes
 *
 * Returns: 0 on success
 *          a negative error code on failure
 */
ssize_t coroutine_fn
qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size,
                    const void *src, size_t src_size)
{
    BDRVQcow2State *s = bs->opaque;
    Qcow2CompressFunc fn;

    switch (s->compression_type) {
    case QCOW2_COMPRESSION_TYPE_ZLIB:
        fn = qcow2_zlib_decompress;
        break;

#ifdef CONFIG_ZSTD
    case QCOW2_COMPRESSION_TYPE_ZSTD:
        fn = qcow2_zstd_decompress;
        break;
#endif
    default:
        abort();
    }

    return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
}


/*
 * Cryptography
 */

/*
 * Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and
 * qcrypto_block_decrypt() functions.
 */
typedef int (*Qcow2EncDecFunc)(QCryptoBlock *block, uint64_t offset,
                               uint8_t *buf, size_t len, Error **errp);

typedef struct Qcow2EncDecData {
    QCryptoBlock *block;
    uint64_t offset;
    uint8_t *buf;
    size_t len;

    Qcow2EncDecFunc func;
} Qcow2EncDecData;

static int qcow2_encdec_pool_func(void *opaque)
{
    Qcow2EncDecData *data = opaque;

    return data->func(data->block, data->offset, data->buf, data->len, NULL);
}

static int coroutine_fn
qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
                uint64_t guest_offset, void *buf, size_t len,
                Qcow2EncDecFunc func)
{
    BDRVQcow2State *s = bs->opaque;
    Qcow2EncDecData arg = {
        .block = s->crypto,
        .offset = s->crypt_physical_offset ? host_offset : guest_offset,
        .buf = buf,
        .len = len,
        .func = func,
    };
    uint64_t sector_size;

    assert(s->crypto);

    sector_size = qcrypto_block_get_sector_size(s->crypto);
    assert(QEMU_IS_ALIGNED(guest_offset, sector_size));
    assert(QEMU_IS_ALIGNED(host_offset, sector_size));
    assert(QEMU_IS_ALIGNED(len, sector_size));

    return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
}

/*
 * qcow2_co_encrypt()
 *
 * Encrypts one or more contiguous aligned sectors
 *
 * @host_offset - underlying storage offset of the first sector of the
 * data to be encrypted
 *
 * @guest_offset - guest (virtual) offset of the first sector of the
 * data to be encrypted
 *
 * @buf - buffer with the data to encrypt, that after encryption
 *        will be written to the underlying storage device at
 *        @host_offset
 *
 * @len - length of the buffer (must be a multiple of the encryption
 *        sector size)
 *
 * Depending on the encryption method, @host_offset and/or @guest_offset
 * may be used for generating the initialization vector for
 * encryption.
 *
 * Note that while the whole range must be aligned on sectors, it
 * does not have to be aligned on clusters and can also cross cluster
 * boundaries
 */
int coroutine_fn
qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
                 uint64_t guest_offset, void *buf, size_t len)
{
    return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
                           qcrypto_block_encrypt);
}

/*
 * qcow2_co_decrypt()
 *
 * Decrypts one or more contiguous aligned sectors
 * Similar to qcow2_co_encrypt
 */
int coroutine_fn
qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
                 uint64_t guest_offset, void *buf, size_t len)
{
    return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
                           qcrypto_block_decrypt);
}
Commit	Line	Data
56e2f1d8 VSO	1	/*
	2	* Threaded data processing for Qcow2: compression, encryption
	3	*
	4	* Copyright (c) 2004-2006 Fabrice Bellard
	5	* Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved.
	6	*
	7	* Permission is hereby granted, free of charge, to any person obtaining a copy
	8	* of this software and associated documentation files (the "Software"), to deal
	9	* in the Software without restriction, including without limitation the rights
	10	* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
	11	* copies of the Software, and to permit persons to whom the Software is
	12	* furnished to do so, subject to the following conditions:
	13	*
	14	* The above copyright notice and this permission notice shall be included in
	15	* all copies or substantial portions of the Software.
	16	*
	17	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
	18	* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	19	* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
	20	* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
	21	* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
	22	* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
	23	* THE SOFTWARE.
	24	*/
	25
	26	#include "qemu/osdep.h"
	27
	28	#define ZLIB_CONST
	29	#include <zlib.h>
	30
d298ac10 DP	31	#ifdef CONFIG_ZSTD
	32	#include <zstd.h>
	33	#include <zstd_errors.h>
	34	#endif
	35
56e2f1d8	36	#include "qcow2.h"
e2c1c34f	37	#include "block/block-io.h"
56e2f1d8	38	#include "block/thread-pool.h"
8ac0f15f	39	#include "crypto.h"
6f13a316 VSO	40
	41	static int coroutine_fn
	42	qcow2_co_process(BlockDriverState bs, ThreadPoolFunc func, void *arg)
	43	{
	44	int ret;
	45	BDRVQcow2State *s = bs->opaque;
	46	ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
	47
	48	qemu_co_mutex_lock(&s->lock);
	49	while (s->nb_threads >= QCOW2_MAX_THREADS) {
	50	qemu_co_queue_wait(&s->thread_task_queue, &s->lock);
	51	}
	52	s->nb_threads++;
	53	qemu_co_mutex_unlock(&s->lock);
	54
	55	ret = thread_pool_submit_co(pool, func, arg);
	56
	57	qemu_co_mutex_lock(&s->lock);
	58	s->nb_threads--;
	59	qemu_co_queue_next(&s->thread_task_queue);
	60	qemu_co_mutex_unlock(&s->lock);
	61
	62	return ret;
	63	}
	64
	65
	66	/*
	67	* Compression
	68	*/
56e2f1d8 VSO	69
	70	typedef ssize_t (Qcow2CompressFunc)(void dest, size_t dest_size,
	71	const void *src, size_t src_size);
	72	typedef struct Qcow2CompressData {
	73	void *dest;
	74	size_t dest_size;
	75	const void *src;
	76	size_t src_size;
	77	ssize_t ret;
	78
	79	Qcow2CompressFunc func;
	80	} Qcow2CompressData;
	81
	82	/*
25dd077d DP	83	* qcow2_zlib_compress()
	84	*
	85	* Compress @src_size bytes of data using zlib compression method
56e2f1d8 VSO	86	*
	87	* @dest - destination buffer, @dest_size bytes
	88	* @src - source buffer, @src_size bytes
	89	*
	90	* Returns: compressed size on success
	91	* -ENOMEM destination buffer is not enough to store compressed data
	92	* -EIO on any other error
	93	*/
25dd077d DP	94	static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size,
25dd077d DP	95	const void *src, size_t src_size)
56e2f1d8 VSO	96	{
	97	ssize_t ret;
	98	z_stream strm;
	99
	100	/* best compression, small window, no zlib header */
	101	memset(&strm, 0, sizeof(strm));
	102	ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
	103	-12, 9, Z_DEFAULT_STRATEGY);
	104	if (ret != Z_OK) {
	105	return -EIO;
	106	}
	107
	108	/*
	109	* strm.next_in is not const in old zlib versions, such as those used on
	110	* OpenBSD/NetBSD, so cast the const away
	111	*/
	112	strm.avail_in = src_size;
	113	strm.next_in = (void *) src;
	114	strm.avail_out = dest_size;
	115	strm.next_out = dest;
	116
	117	ret = deflate(&strm, Z_FINISH);
	118	if (ret == Z_STREAM_END) {
	119	ret = dest_size - strm.avail_out;
	120	} else {
	121	ret = (ret == Z_OK ? -ENOMEM : -EIO);
	122	}
	123
	124	deflateEnd(&strm);
	125
	126	return ret;
	127	}
	128
	129	/*
25dd077d	130	* qcow2_zlib_decompress()
56e2f1d8 VSO	131	*
56e2f1d8 VSO	132	* Decompress some data (not more than @src_size bytes) to produce exactly
25dd077d	133	* @dest_size bytes using zlib compression method
56e2f1d8 VSO	134	*
	135	* @dest - destination buffer, @dest_size bytes
	136	* @src - source buffer, @src_size bytes
	137	*
	138	* Returns: 0 on success
e7266570	139	* -EIO on fail
56e2f1d8	140	*/
25dd077d DP	141	static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size,
25dd077d DP	142	const void *src, size_t src_size)
56e2f1d8	143	{
e7266570	144	int ret;
56e2f1d8 VSO	145	z_stream strm;
	146
	147	memset(&strm, 0, sizeof(strm));
	148	strm.avail_in = src_size;
	149	strm.next_in = (void *) src;
	150	strm.avail_out = dest_size;
	151	strm.next_out = dest;
	152
	153	ret = inflateInit2(&strm, -12);
	154	if (ret != Z_OK) {
e7266570	155	return -EIO;
56e2f1d8 VSO	156	}
	157
	158	ret = inflate(&strm, Z_FINISH);
e7266570	159	if ((ret == Z_STREAM_END \|\| ret == Z_BUF_ERROR) && strm.avail_out == 0) {
56e2f1d8 VSO	160	/*
	161	* We approve Z_BUF_ERROR because we need @dest buffer to be filled, but
	162	* @src buffer may be processed partly (because in qcow2 we know size of
	163	* compressed data with precision of one sector)
	164	*/
e7266570 VSO	165	ret = 0;
	166	} else {
	167	ret = -EIO;
56e2f1d8 VSO	168	}
	169
	170	inflateEnd(&strm);
	171
	172	return ret;
	173	}
	174
d298ac10 DP	175	#ifdef CONFIG_ZSTD
	176
	177	/*
	178	* qcow2_zstd_compress()
	179	*
	180	* Compress @src_size bytes of data using zstd compression method
	181	*
	182	* @dest - destination buffer, @dest_size bytes
	183	* @src - source buffer, @src_size bytes
	184	*
	185	* Returns: compressed size on success
	186	* -ENOMEM destination buffer is not enough to store compressed data
	187	* -EIO on any other error
	188	*/
	189	static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size,
	190	const void *src, size_t src_size)
	191	{
	192	ssize_t ret;
	193	size_t zstd_ret;
	194	ZSTD_outBuffer output = {
	195	.dst = dest,
	196	.size = dest_size,
	197	.pos = 0
	198	};
	199	ZSTD_inBuffer input = {
	200	.src = src,
	201	.size = src_size,
	202	.pos = 0
	203	};
	204	ZSTD_CCtx *cctx = ZSTD_createCCtx();
	205
	206	if (!cctx) {
	207	return -EIO;
	208	}
	209	/*
	210	* Use the zstd streamed interface for symmetry with decompression,
	211	* where streaming is essential since we don't record the exact
	212	* compressed size.
	213	*
	214	* ZSTD_compressStream2() tries to compress everything it could
	215	* with a single call. Although, ZSTD docs says that:
	216	* "You must continue calling ZSTD_compressStream2() with ZSTD_e_end
	217	* until it returns 0, at which point you are free to start a new frame",
	218	* in out tests we saw the only case when it returned with >0 -
	219	* when the output buffer was too small. In that case,
	220	* ZSTD_compressStream2() expects a bigger buffer on the next call.
	221	* We can't provide a bigger buffer because we are limited with dest_size
	222	* which we pass to the ZSTD_compressStream2() at once.
	223	* So, we don't need any loops and just abort the compression when we
	224	* don't get 0 result on the first call.
	225	*/
	226	zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end);
	227
	228	if (zstd_ret) {
	229	if (zstd_ret > output.size - output.pos) {
	230	ret = -ENOMEM;
	231	} else {
	232	ret = -EIO;
	233	}
	234	goto out;
	235	}
	236
	237	/* make sure that zstd didn't overflow the dest buffer */
	238	assert(output.pos <= dest_size);
239	ret = output.pos;
240	out:
241	ZSTD_freeCCtx(cctx);
242	return ret;
243	}
244
245	/*
246	* qcow2_zstd_decompress()
247	*
248	* Decompress some data (not more than @src_size bytes) to produce exactly
249	* @dest_size bytes using zstd compression method
250	*
251	* @dest - destination buffer, @dest_size bytes
252	* @src - source buffer, @src_size bytes
253	*
254	* Returns: 0 on success
255	* -EIO on any error
256	*/
257	static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size,
258	const void *src, size_t src_size)
259	{
260	size_t zstd_ret = 0;
261	ssize_t ret = 0;
262	ZSTD_outBuffer output = {
263	.dst = dest,
264	.size = dest_size,
265	.pos = 0
266	};
267	ZSTD_inBuffer input = {
268	.src = src,
269	.size = src_size,
270	.pos = 0
271	};
272	ZSTD_DCtx *dctx = ZSTD_createDCtx();
273
274	if (!dctx) {
275	return -EIO;
276	}
277
278	/*
279	* The compressed stream from the input buffer may consist of more
280	* than one zstd frame. So we iterate until we get a fully
281	* uncompressed cluster.
282	* From zstd docs related to ZSTD_decompressStream:
283	* "return : 0 when a frame is completely decoded and fully flushed"
284	* We suppose that this means: each time ZSTD_decompressStream reads
285	* only ONE full frame and returns 0 if and only if that frame
286	* is completely decoded and flushed. Only after returning 0,
287	* ZSTD_decompressStream reads another ONE full frame.
288	*/
289	while (output.pos < output.size) {
290	size_t last_in_pos = input.pos;
291	size_t last_out_pos = output.pos;
292	zstd_ret = ZSTD_decompressStream(dctx, &output, &input);
293
294	if (ZSTD_isError(zstd_ret)) {
295	ret = -EIO;
296	break;
297	}
298
299	/*
300	* The ZSTD manual is vague about what to do if it reads
301	* the buffer partially, and we don't want to get stuck
302	* in an infinite loop where ZSTD_decompressStream
303	* returns > 0 waiting for another input chunk. So, we add
304	* a check which ensures that the loop makes some progress
305	* on each step.
306	*/
307	if (last_in_pos >= input.pos &&
308	last_out_pos >= output.pos) {
309	ret = -EIO;
310	break;
311	}
312	}
313	/*
314	* Make sure that we have the frame fully flushed here
315	* if not, we somehow managed to get uncompressed cluster
316	* greater then the cluster size, possibly because of its
317	* damage.
318	*/
319	if (zstd_ret > 0) {
320	ret = -EIO;
321	}
322
323	ZSTD_freeDCtx(dctx);
324	assert(ret == 0 \|\| ret == -EIO);
325	return ret;
326	}
327	#endif
328
56e2f1d8 VSO	329	static int qcow2_compress_pool_func(void *opaque)
	330	{
	331	Qcow2CompressData *data = opaque;
	332
	333	data->ret = data->func(data->dest, data->dest_size,
	334	data->src, data->src_size);
	335
	336	return 0;
	337	}
	338
56e2f1d8 VSO	339	static ssize_t coroutine_fn
	340	qcow2_co_do_compress(BlockDriverState bs, void dest, size_t dest_size,
	341	const void *src, size_t src_size, Qcow2CompressFunc func)
	342	{
56e2f1d8 VSO	343	Qcow2CompressData arg = {
	344	.dest = dest,
	345	.dest_size = dest_size,
	346	.src = src,
	347	.src_size = src_size,
	348	.func = func,
	349	};
	350
6f13a316	351	qcow2_co_process(bs, qcow2_compress_pool_func, &arg);
56e2f1d8 VSO	352
	353	return arg.ret;
	354	}
	355
25dd077d DP	356	/*
	357	* qcow2_co_compress()
	358	*
	359	* Compress @src_size bytes of data using the compression
	360	* method defined by the image compression type
	361	*
	362	* @dest - destination buffer, @dest_size bytes
	363	* @src - source buffer, @src_size bytes
	364	*
	365	* Returns: compressed size on success
	366	* a negative error code on failure
	367	*/
56e2f1d8 VSO	368	ssize_t coroutine_fn
	369	qcow2_co_compress(BlockDriverState bs, void dest, size_t dest_size,
	370	const void *src, size_t src_size)
	371	{
25dd077d DP	372	BDRVQcow2State *s = bs->opaque;
	373	Qcow2CompressFunc fn;
	374
	375	switch (s->compression_type) {
	376	case QCOW2_COMPRESSION_TYPE_ZLIB:
	377	fn = qcow2_zlib_compress;
	378	break;
	379
d298ac10 DP	380	#ifdef CONFIG_ZSTD
	381	case QCOW2_COMPRESSION_TYPE_ZSTD:
	382	fn = qcow2_zstd_compress;
	383	break;
	384	#endif
25dd077d DP	385	default:
	386	abort();
	387	}
	388
	389	return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
56e2f1d8 VSO	390	}
56e2f1d8 VSO	391
25dd077d DP	392	/*
	393	* qcow2_co_decompress()
	394	*
	395	* Decompress some data (not more than @src_size bytes) to produce exactly
	396	* @dest_size bytes using the compression method defined by the image
	397	* compression type
	398	*
	399	* @dest - destination buffer, @dest_size bytes
	400	* @src - source buffer, @src_size bytes
	401	*
	402	* Returns: 0 on success
	403	* a negative error code on failure
	404	*/
56e2f1d8 VSO	405	ssize_t coroutine_fn
	406	qcow2_co_decompress(BlockDriverState bs, void dest, size_t dest_size,
	407	const void *src, size_t src_size)
	408	{
25dd077d DP	409	BDRVQcow2State *s = bs->opaque;
	410	Qcow2CompressFunc fn;
	411
	412	switch (s->compression_type) {
	413	case QCOW2_COMPRESSION_TYPE_ZLIB:
	414	fn = qcow2_zlib_decompress;
	415	break;
	416
d298ac10 DP	417	#ifdef CONFIG_ZSTD
	418	case QCOW2_COMPRESSION_TYPE_ZSTD:
	419	fn = qcow2_zstd_decompress;
	420	break;
	421	#endif
25dd077d DP	422	default:
	423	abort();
	424	}
	425
	426	return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
56e2f1d8	427	}
8ac0f15f VSO	428
	429
	430	/*
	431	* Cryptography
	432	*/
	433
	434	/*
	435	* Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and
	436	* qcrypto_block_decrypt() functions.
	437	*/
	438	typedef int (Qcow2EncDecFunc)(QCryptoBlock block, uint64_t offset,
	439	uint8_t buf, size_t len, Error *errp);
	440
	441	typedef struct Qcow2EncDecData {
	442	QCryptoBlock *block;
	443	uint64_t offset;
	444	uint8_t *buf;
	445	size_t len;
	446
	447	Qcow2EncDecFunc func;
	448	} Qcow2EncDecData;
	449
	450	static int qcow2_encdec_pool_func(void *opaque)
	451	{
	452	Qcow2EncDecData *data = opaque;
	453
	454	return data->func(data->block, data->offset, data->buf, data->len, NULL);
	455	}
	456
	457	static int coroutine_fn
603fbd07 ML	458	qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
	459	uint64_t guest_offset, void *buf, size_t len,
	460	Qcow2EncDecFunc func)
8ac0f15f VSO	461	{
	462	BDRVQcow2State *s = bs->opaque;
	463	Qcow2EncDecData arg = {
	464	.block = s->crypto,
603fbd07	465	.offset = s->crypt_physical_offset ? host_offset : guest_offset,
8ac0f15f VSO	466	.buf = buf,
	467	.len = len,
	468	.func = func,
	469	};
2d4b5256	470	uint64_t sector_size;
8ac0f15f	471
603fbd07 ML	472	assert(s->crypto);
603fbd07 ML	473
2d4b5256 AG	474	sector_size = qcrypto_block_get_sector_size(s->crypto);
	475	assert(QEMU_IS_ALIGNED(guest_offset, sector_size));
	476	assert(QEMU_IS_ALIGNED(host_offset, sector_size));
	477	assert(QEMU_IS_ALIGNED(len, sector_size));
	478
603fbd07	479	return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
8ac0f15f VSO	480	}
8ac0f15f VSO	481
603fbd07 ML	482	/*
	483	* qcow2_co_encrypt()
	484	*
	485	* Encrypts one or more contiguous aligned sectors
	486	*
	487	* @host_offset - underlying storage offset of the first sector of the
	488	* data to be encrypted
	489	*
	490	* @guest_offset - guest (virtual) offset of the first sector of the
	491	* data to be encrypted
	492	*
	493	* @buf - buffer with the data to encrypt, that after encryption
	494	* will be written to the underlying storage device at
	495	* @host_offset
	496	*
2d4b5256 AG	497	* @len - length of the buffer (must be a multiple of the encryption
2d4b5256 AG	498	* sector size)
603fbd07 ML	499	*
	500	* Depending on the encryption method, @host_offset and/or @guest_offset
	501	* may be used for generating the initialization vector for
	502	* encryption.
	503	*
	504	* Note that while the whole range must be aligned on sectors, it
	505	* does not have to be aligned on clusters and can also cross cluster
	506	* boundaries
	507	*/
8ac0f15f	508	int coroutine_fn
603fbd07 ML	509	qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
603fbd07 ML	510	uint64_t guest_offset, void *buf, size_t len)
8ac0f15f	511	{
603fbd07 ML	512	return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
603fbd07 ML	513	qcrypto_block_encrypt);
8ac0f15f VSO	514	}
8ac0f15f VSO	515
603fbd07 ML	516	/*
	517	* qcow2_co_decrypt()
	518	*
	519	* Decrypts one or more contiguous aligned sectors
	520	* Similar to qcow2_co_encrypt
	521	*/
8ac0f15f	522	int coroutine_fn
603fbd07 ML	523	qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
603fbd07 ML	524	uint64_t guest_offset, void *buf, size_t len)
8ac0f15f	525	{
603fbd07 ML	526	return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
603fbd07 ML	527	qcrypto_block_decrypt);
8ac0f15f	528	}