]> git.proxmox.com Git - mirror_qemu.git/blob - block/qcow2-cluster.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
qcow2: Update l2_load() to support L2 slices
[mirror_qemu.git] / block / qcow2-cluster.c
1 /*
2 * Block driver for the QCOW version 2 format
3 *
4 * Copyright (c) 2004-2006 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
25 #include "qemu/osdep.h"
26 #include <zlib.h>
27
28 #include "qemu-common.h"
29 #include "block/block_int.h"
30 #include "block/qcow2.h"
31 #include "qemu/bswap.h"
32 #include "trace.h"
33
34 int qcow2_shrink_l1_table(BlockDriverState *bs, uint64_t exact_size)
35 {
36 BDRVQcow2State *s = bs->opaque;
37 int new_l1_size, i, ret;
38
39 if (exact_size >= s->l1_size) {
40 return 0;
41 }
42
43 new_l1_size = exact_size;
44
45 #ifdef DEBUG_ALLOC2
46 fprintf(stderr, "shrink l1_table from %d to %d\n", s->l1_size, new_l1_size);
47 #endif
48
49 BLKDBG_EVENT(bs->file, BLKDBG_L1_SHRINK_WRITE_TABLE);
50 ret = bdrv_pwrite_zeroes(bs->file, s->l1_table_offset +
51 new_l1_size * sizeof(uint64_t),
52 (s->l1_size - new_l1_size) * sizeof(uint64_t), 0);
53 if (ret < 0) {
54 goto fail;
55 }
56
57 ret = bdrv_flush(bs->file->bs);
58 if (ret < 0) {
59 goto fail;
60 }
61
62 BLKDBG_EVENT(bs->file, BLKDBG_L1_SHRINK_FREE_L2_CLUSTERS);
63 for (i = s->l1_size - 1; i > new_l1_size - 1; i--) {
64 if ((s->l1_table[i] & L1E_OFFSET_MASK) == 0) {
65 continue;
66 }
67 qcow2_free_clusters(bs, s->l1_table[i] & L1E_OFFSET_MASK,
68 s->cluster_size, QCOW2_DISCARD_ALWAYS);
69 s->l1_table[i] = 0;
70 }
71 return 0;
72
73 fail:
74 /*
75 * If the write in the l1_table failed the image may contain a partially
76 * overwritten l1_table. In this case it would be better to clear the
77 * l1_table in memory to avoid possible image corruption.
78 */
79 memset(s->l1_table + new_l1_size, 0,
80 (s->l1_size - new_l1_size) * sizeof(uint64_t));
81 return ret;
82 }
83
84 int qcow2_grow_l1_table(BlockDriverState *bs, uint64_t min_size,
85 bool exact_size)
86 {
87 BDRVQcow2State *s = bs->opaque;
88 int new_l1_size2, ret, i;
89 uint64_t *new_l1_table;
90 int64_t old_l1_table_offset, old_l1_size;
91 int64_t new_l1_table_offset, new_l1_size;
92 uint8_t data[12];
93
94 if (min_size <= s->l1_size)
95 return 0;
96
97 /* Do a sanity check on min_size before trying to calculate new_l1_size
98 * (this prevents overflows during the while loop for the calculation of
99 * new_l1_size) */
100 if (min_size > INT_MAX / sizeof(uint64_t)) {
101 return -EFBIG;
102 }
103
104 if (exact_size) {
105 new_l1_size = min_size;
106 } else {
107 /* Bump size up to reduce the number of times we have to grow */
108 new_l1_size = s->l1_size;
109 if (new_l1_size == 0) {
110 new_l1_size = 1;
111 }
112 while (min_size > new_l1_size) {
113 new_l1_size = DIV_ROUND_UP(new_l1_size * 3, 2);
114 }
115 }
116
117 QEMU_BUILD_BUG_ON(QCOW_MAX_L1_SIZE > INT_MAX);
118 if (new_l1_size > QCOW_MAX_L1_SIZE / sizeof(uint64_t)) {
119 return -EFBIG;
120 }
121
122 #ifdef DEBUG_ALLOC2
123 fprintf(stderr, "grow l1_table from %d to %" PRId64 "\n",
124 s->l1_size, new_l1_size);
125 #endif
126
127 new_l1_size2 = sizeof(uint64_t) * new_l1_size;
128 new_l1_table = qemu_try_blockalign(bs->file->bs,
129 align_offset(new_l1_size2, 512));
130 if (new_l1_table == NULL) {
131 return -ENOMEM;
132 }
133 memset(new_l1_table, 0, align_offset(new_l1_size2, 512));
134
135 if (s->l1_size) {
136 memcpy(new_l1_table, s->l1_table, s->l1_size * sizeof(uint64_t));
137 }
138
139 /* write new table (align to cluster) */
140 BLKDBG_EVENT(bs->file, BLKDBG_L1_GROW_ALLOC_TABLE);
141 new_l1_table_offset = qcow2_alloc_clusters(bs, new_l1_size2);
142 if (new_l1_table_offset < 0) {
143 qemu_vfree(new_l1_table);
144 return new_l1_table_offset;
145 }
146
147 ret = qcow2_cache_flush(bs, s->refcount_block_cache);
148 if (ret < 0) {
149 goto fail;
150 }
151
152 /* the L1 position has not yet been updated, so these clusters must
153 * indeed be completely free */
154 ret = qcow2_pre_write_overlap_check(bs, 0, new_l1_table_offset,
155 new_l1_size2);
156 if (ret < 0) {
157 goto fail;
158 }
159
160 BLKDBG_EVENT(bs->file, BLKDBG_L1_GROW_WRITE_TABLE);
161 for(i = 0; i < s->l1_size; i++)
162 new_l1_table[i] = cpu_to_be64(new_l1_table[i]);
163 ret = bdrv_pwrite_sync(bs->file, new_l1_table_offset,
164 new_l1_table, new_l1_size2);
165 if (ret < 0)
166 goto fail;
167 for(i = 0; i < s->l1_size; i++)
168 new_l1_table[i] = be64_to_cpu(new_l1_table[i]);
169
170 /* set new table */
171 BLKDBG_EVENT(bs->file, BLKDBG_L1_GROW_ACTIVATE_TABLE);
172 stl_be_p(data, new_l1_size);
173 stq_be_p(data + 4, new_l1_table_offset);
174 ret = bdrv_pwrite_sync(bs->file, offsetof(QCowHeader, l1_size),
175 data, sizeof(data));
176 if (ret < 0) {
177 goto fail;
178 }
179 qemu_vfree(s->l1_table);
180 old_l1_table_offset = s->l1_table_offset;
181 s->l1_table_offset = new_l1_table_offset;
182 s->l1_table = new_l1_table;
183 old_l1_size = s->l1_size;
184 s->l1_size = new_l1_size;
185 qcow2_free_clusters(bs, old_l1_table_offset, old_l1_size * sizeof(uint64_t),
186 QCOW2_DISCARD_OTHER);
187 return 0;
188 fail:
189 qemu_vfree(new_l1_table);
190 qcow2_free_clusters(bs, new_l1_table_offset, new_l1_size2,
191 QCOW2_DISCARD_OTHER);
192 return ret;
193 }
194
195 /*
196 * l2_load
197 *
198 * @bs: The BlockDriverState
199 * @offset: A guest offset, used to calculate what slice of the L2
200 * table to load.
201 * @l2_offset: Offset to the L2 table in the image file.
202 * @l2_slice: Location to store the pointer to the L2 slice.
203 *
204 * Loads a L2 slice into memory (L2 slices are the parts of L2 tables
205 * that are loaded by the qcow2 cache). If the slice is in the cache,
206 * the cache is used; otherwise the L2 slice is loaded from the image
207 * file.
208 */
209 static int l2_load(BlockDriverState *bs, uint64_t offset,
210 uint64_t l2_offset, uint64_t **l2_slice)
211 {
212 BDRVQcow2State *s = bs->opaque;
213 int start_of_slice = sizeof(uint64_t) *
214 (offset_to_l2_index(s, offset) - offset_to_l2_slice_index(s, offset));
215
216 return qcow2_cache_get(bs, s->l2_table_cache, l2_offset + start_of_slice,
217 (void **)l2_slice);
218 }
219
220 /*
221 * Writes one sector of the L1 table to the disk (can't update single entries
222 * and we really don't want bdrv_pread to perform a read-modify-write)
223 */
224 #define L1_ENTRIES_PER_SECTOR (512 / 8)
225 int qcow2_write_l1_entry(BlockDriverState *bs, int l1_index)
226 {
227 BDRVQcow2State *s = bs->opaque;
228 uint64_t buf[L1_ENTRIES_PER_SECTOR] = { 0 };
229 int l1_start_index;
230 int i, ret;
231
232 l1_start_index = l1_index & ~(L1_ENTRIES_PER_SECTOR - 1);
233 for (i = 0; i < L1_ENTRIES_PER_SECTOR && l1_start_index + i < s->l1_size;
234 i++)
235 {
236 buf[i] = cpu_to_be64(s->l1_table[l1_start_index + i]);
237 }
238
239 ret = qcow2_pre_write_overlap_check(bs, QCOW2_OL_ACTIVE_L1,
240 s->l1_table_offset + 8 * l1_start_index, sizeof(buf));
241 if (ret < 0) {
242 return ret;
243 }
244
245 BLKDBG_EVENT(bs->file, BLKDBG_L1_UPDATE);
246 ret = bdrv_pwrite_sync(bs->file,
247 s->l1_table_offset + 8 * l1_start_index,
248 buf, sizeof(buf));
249 if (ret < 0) {
250 return ret;
251 }
252
253 return 0;
254 }
255
256 /*
257 * l2_allocate
258 *
259 * Allocate a new l2 entry in the file. If l1_index points to an already
260 * used entry in the L2 table (i.e. we are doing a copy on write for the L2
261 * table) copy the contents of the old L2 table into the newly allocated one.
262 * Otherwise the new table is initialized with zeros.
263 *
264 */
265
266 static int l2_allocate(BlockDriverState *bs, int l1_index, uint64_t **table)
267 {
268 BDRVQcow2State *s = bs->opaque;
269 uint64_t old_l2_offset;
270 uint64_t *l2_table = NULL;
271 int64_t l2_offset;
272 int ret;
273
274 old_l2_offset = s->l1_table[l1_index];
275
276 trace_qcow2_l2_allocate(bs, l1_index);
277
278 /* allocate a new l2 entry */
279
280 l2_offset = qcow2_alloc_clusters(bs, s->l2_size * sizeof(uint64_t));
281 if (l2_offset < 0) {
282 ret = l2_offset;
283 goto fail;
284 }
285
286 /* If we're allocating the table at offset 0 then something is wrong */
287 if (l2_offset == 0) {
288 qcow2_signal_corruption(bs, true, -1, -1, "Preventing invalid "
289 "allocation of L2 table at offset 0");
290 ret = -EIO;
291 goto fail;
292 }
293
294 ret = qcow2_cache_flush(bs, s->refcount_block_cache);
295 if (ret < 0) {
296 goto fail;
297 }
298
299 /* allocate a new entry in the l2 cache */
300
301 trace_qcow2_l2_allocate_get_empty(bs, l1_index);
302 ret = qcow2_cache_get_empty(bs, s->l2_table_cache, l2_offset, (void**) table);
303 if (ret < 0) {
304 goto fail;
305 }
306
307 l2_table = *table;
308
309 if ((old_l2_offset & L1E_OFFSET_MASK) == 0) {
310 /* if there was no old l2 table, clear the new table */
311 memset(l2_table, 0, s->l2_size * sizeof(uint64_t));
312 } else {
313 uint64_t* old_table;
314
315 /* if there was an old l2 table, read it from the disk */
316 BLKDBG_EVENT(bs->file, BLKDBG_L2_ALLOC_COW_READ);
317 ret = qcow2_cache_get(bs, s->l2_table_cache,
318 old_l2_offset & L1E_OFFSET_MASK,
319 (void**) &old_table);
320 if (ret < 0) {
321 goto fail;
322 }
323
324 memcpy(l2_table, old_table, s->cluster_size);
325
326 qcow2_cache_put(s->l2_table_cache, (void **) &old_table);
327 }
328
329 /* write the l2 table to the file */
330 BLKDBG_EVENT(bs->file, BLKDBG_L2_ALLOC_WRITE);
331
332 trace_qcow2_l2_allocate_write_l2(bs, l1_index);
333 qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table);
334 ret = qcow2_cache_flush(bs, s->l2_table_cache);
335 if (ret < 0) {
336 goto fail;
337 }
338
339 /* update the L1 entry */
340 trace_qcow2_l2_allocate_write_l1(bs, l1_index);
341 s->l1_table[l1_index] = l2_offset | QCOW_OFLAG_COPIED;
342 ret = qcow2_write_l1_entry(bs, l1_index);
343 if (ret < 0) {
344 goto fail;
345 }
346
347 *table = l2_table;
348 trace_qcow2_l2_allocate_done(bs, l1_index, 0);
349 return 0;
350
351 fail:
352 trace_qcow2_l2_allocate_done(bs, l1_index, ret);
353 if (l2_table != NULL) {
354 qcow2_cache_put(s->l2_table_cache, (void **) table);
355 }
356 s->l1_table[l1_index] = old_l2_offset;
357 if (l2_offset > 0) {
358 qcow2_free_clusters(bs, l2_offset, s->l2_size * sizeof(uint64_t),
359 QCOW2_DISCARD_ALWAYS);
360 }
361 return ret;
362 }
363
364 /*
365 * Checks how many clusters in a given L2 table are contiguous in the image
366 * file. As soon as one of the flags in the bitmask stop_flags changes compared
367 * to the first cluster, the search is stopped and the cluster is not counted
368 * as contiguous. (This allows it, for example, to stop at the first compressed
369 * cluster which may require a different handling)
370 */
371 static int count_contiguous_clusters(int nb_clusters, int cluster_size,
372 uint64_t *l2_table, uint64_t stop_flags)
373 {
374 int i;
375 QCow2ClusterType first_cluster_type;
376 uint64_t mask = stop_flags | L2E_OFFSET_MASK | QCOW_OFLAG_COMPRESSED;
377 uint64_t first_entry = be64_to_cpu(l2_table[0]);
378 uint64_t offset = first_entry & mask;
379
380 if (!offset) {
381 return 0;
382 }
383
384 /* must be allocated */
385 first_cluster_type = qcow2_get_cluster_type(first_entry);
386 assert(first_cluster_type == QCOW2_CLUSTER_NORMAL ||
387 first_cluster_type == QCOW2_CLUSTER_ZERO_ALLOC);
388
389 for (i = 0; i < nb_clusters; i++) {
390 uint64_t l2_entry = be64_to_cpu(l2_table[i]) & mask;
391 if (offset + (uint64_t) i * cluster_size != l2_entry) {
392 break;
393 }
394 }
395
396 return i;
397 }
398
399 /*
400 * Checks how many consecutive unallocated clusters in a given L2
401 * table have the same cluster type.
402 */
403 static int count_contiguous_clusters_unallocated(int nb_clusters,
404 uint64_t *l2_table,
405 QCow2ClusterType wanted_type)
406 {
407 int i;
408
409 assert(wanted_type == QCOW2_CLUSTER_ZERO_PLAIN ||
410 wanted_type == QCOW2_CLUSTER_UNALLOCATED);
411 for (i = 0; i < nb_clusters; i++) {
412 uint64_t entry = be64_to_cpu(l2_table[i]);
413 QCow2ClusterType type = qcow2_get_cluster_type(entry);
414
415 if (type != wanted_type) {
416 break;
417 }
418 }
419
420 return i;
421 }
422
423 static int coroutine_fn do_perform_cow_read(BlockDriverState *bs,
424 uint64_t src_cluster_offset,
425 unsigned offset_in_cluster,
426 QEMUIOVector *qiov)
427 {
428 int ret;
429
430 if (qiov->size == 0) {
431 return 0;
432 }
433
434 BLKDBG_EVENT(bs->file, BLKDBG_COW_READ);
435
436 if (!bs->drv) {
437 return -ENOMEDIUM;
438 }
439
440 /* Call .bdrv_co_readv() directly instead of using the public block-layer
441 * interface. This avoids double I/O throttling and request tracking,
442 * which can lead to deadlock when block layer copy-on-read is enabled.
443 */
444 ret = bs->drv->bdrv_co_preadv(bs, src_cluster_offset + offset_in_cluster,
445 qiov->size, qiov, 0);
446 if (ret < 0) {
447 return ret;
448 }
449
450 return 0;
451 }
452
453 static bool coroutine_fn do_perform_cow_encrypt(BlockDriverState *bs,
454 uint64_t src_cluster_offset,
455 uint64_t cluster_offset,
456 unsigned offset_in_cluster,
457 uint8_t *buffer,
458 unsigned bytes)
459 {
460 if (bytes && bs->encrypted) {
461 BDRVQcow2State *s = bs->opaque;
462 int64_t offset = (s->crypt_physical_offset ?
463 (cluster_offset + offset_in_cluster) :
464 (src_cluster_offset + offset_in_cluster));
465 assert((offset_in_cluster & ~BDRV_SECTOR_MASK) == 0);
466 assert((bytes & ~BDRV_SECTOR_MASK) == 0);
467 assert(s->crypto);
468 if (qcrypto_block_encrypt(s->crypto, offset, buffer, bytes, NULL) < 0) {
469 return false;
470 }
471 }
472 return true;
473 }
474
475 static int coroutine_fn do_perform_cow_write(BlockDriverState *bs,
476 uint64_t cluster_offset,
477 unsigned offset_in_cluster,
478 QEMUIOVector *qiov)
479 {
480 int ret;
481
482 if (qiov->size == 0) {
483 return 0;
484 }
485
486 ret = qcow2_pre_write_overlap_check(bs, 0,
487 cluster_offset + offset_in_cluster, qiov->size);
488 if (ret < 0) {
489 return ret;
490 }
491
492 BLKDBG_EVENT(bs->file, BLKDBG_COW_WRITE);
493 ret = bdrv_co_pwritev(bs->file, cluster_offset + offset_in_cluster,
494 qiov->size, qiov, 0);
495 if (ret < 0) {
496 return ret;
497 }
498
499 return 0;
500 }
501
502
503 /*
504 * get_cluster_offset
505 *
506 * For a given offset of the virtual disk, find the cluster type and offset in
507 * the qcow2 file. The offset is stored in *cluster_offset.
508 *
509 * On entry, *bytes is the maximum number of contiguous bytes starting at
510 * offset that we are interested in.
511 *
512 * On exit, *bytes is the number of bytes starting at offset that have the same
513 * cluster type and (if applicable) are stored contiguously in the image file.
514 * Compressed clusters are always returned one by one.
515 *
516 * Returns the cluster type (QCOW2_CLUSTER_*) on success, -errno in error
517 * cases.
518 */
519 int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset,
520 unsigned int *bytes, uint64_t *cluster_offset)
521 {
522 BDRVQcow2State *s = bs->opaque;
523 unsigned int l2_index;
524 uint64_t l1_index, l2_offset, *l2_table;
525 int l1_bits, c;
526 unsigned int offset_in_cluster;
527 uint64_t bytes_available, bytes_needed, nb_clusters;
528 QCow2ClusterType type;
529 int ret;
530
531 offset_in_cluster = offset_into_cluster(s, offset);
532 bytes_needed = (uint64_t) *bytes + offset_in_cluster;
533
534 l1_bits = s->l2_bits + s->cluster_bits;
535
536 /* compute how many bytes there are between the start of the cluster
537 * containing offset and the end of the l1 entry */
538 bytes_available = (1ULL << l1_bits) - (offset & ((1ULL << l1_bits) - 1))
539 + offset_in_cluster;
540
541 if (bytes_needed > bytes_available) {
542 bytes_needed = bytes_available;
543 }
544
545 *cluster_offset = 0;
546
547 /* seek to the l2 offset in the l1 table */
548
549 l1_index = offset_to_l1_index(s, offset);
550 if (l1_index >= s->l1_size) {
551 type = QCOW2_CLUSTER_UNALLOCATED;
552 goto out;
553 }
554
555 l2_offset = s->l1_table[l1_index] & L1E_OFFSET_MASK;
556 if (!l2_offset) {
557 type = QCOW2_CLUSTER_UNALLOCATED;
558 goto out;
559 }
560
561 if (offset_into_cluster(s, l2_offset)) {
562 qcow2_signal_corruption(bs, true, -1, -1, "L2 table offset %#" PRIx64
563 " unaligned (L1 index: %#" PRIx64 ")",
564 l2_offset, l1_index);
565 return -EIO;
566 }
567
568 /* load the l2 table in memory */
569
570 ret = l2_load(bs, offset, l2_offset, &l2_table);
571 if (ret < 0) {
572 return ret;
573 }
574
575 /* find the cluster offset for the given disk offset */
576
577 l2_index = offset_to_l2_index(s, offset);
578 *cluster_offset = be64_to_cpu(l2_table[l2_index]);
579
580 nb_clusters = size_to_clusters(s, bytes_needed);
581 /* bytes_needed <= *bytes + offset_in_cluster, both of which are unsigned
582 * integers; the minimum cluster size is 512, so this assertion is always
583 * true */
584 assert(nb_clusters <= INT_MAX);
585
586 type = qcow2_get_cluster_type(*cluster_offset);
587 if (s->qcow_version < 3 && (type == QCOW2_CLUSTER_ZERO_PLAIN ||
588 type == QCOW2_CLUSTER_ZERO_ALLOC)) {
589 qcow2_signal_corruption(bs, true, -1, -1, "Zero cluster entry found"
590 " in pre-v3 image (L2 offset: %#" PRIx64
591 ", L2 index: %#x)", l2_offset, l2_index);
592 ret = -EIO;
593 goto fail;
594 }
595 switch (type) {
596 case QCOW2_CLUSTER_COMPRESSED:
597 /* Compressed clusters can only be processed one by one */
598 c = 1;
599 *cluster_offset &= L2E_COMPRESSED_OFFSET_SIZE_MASK;
600 break;
601 case QCOW2_CLUSTER_ZERO_PLAIN:
602 case QCOW2_CLUSTER_UNALLOCATED:
603 /* how many empty clusters ? */
604 c = count_contiguous_clusters_unallocated(nb_clusters,
605 &l2_table[l2_index], type);
606 *cluster_offset = 0;
607 break;
608 case QCOW2_CLUSTER_ZERO_ALLOC:
609 case QCOW2_CLUSTER_NORMAL:
610 /* how many allocated clusters ? */
611 c = count_contiguous_clusters(nb_clusters, s->cluster_size,
612 &l2_table[l2_index], QCOW_OFLAG_ZERO);
613 *cluster_offset &= L2E_OFFSET_MASK;
614 if (offset_into_cluster(s, *cluster_offset)) {
615 qcow2_signal_corruption(bs, true, -1, -1,
616 "Cluster allocation offset %#"
617 PRIx64 " unaligned (L2 offset: %#" PRIx64
618 ", L2 index: %#x)", *cluster_offset,
619 l2_offset, l2_index);
620 ret = -EIO;
621 goto fail;
622 }
623 break;
624 default:
625 abort();
626 }
627
628 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
629
630 bytes_available = (int64_t)c * s->cluster_size;
631
632 out:
633 if (bytes_available > bytes_needed) {
634 bytes_available = bytes_needed;
635 }
636
637 /* bytes_available <= bytes_needed <= *bytes + offset_in_cluster;
638 * subtracting offset_in_cluster will therefore definitely yield something
639 * not exceeding UINT_MAX */
640 assert(bytes_available - offset_in_cluster <= UINT_MAX);
641 *bytes = bytes_available - offset_in_cluster;
642
643 return type;
644
645 fail:
646 qcow2_cache_put(s->l2_table_cache, (void **)&l2_table);
647 return ret;
648 }
649
650 /*
651 * get_cluster_table
652 *
653 * for a given disk offset, load (and allocate if needed)
654 * the l2 table.
655 *
656 * the cluster index in the l2 table is given to the caller.
657 *
658 * Returns 0 on success, -errno in failure case
659 */
660 static int get_cluster_table(BlockDriverState *bs, uint64_t offset,
661 uint64_t **new_l2_table,
662 int *new_l2_index)
663 {
664 BDRVQcow2State *s = bs->opaque;
665 unsigned int l2_index;
666 uint64_t l1_index, l2_offset;
667 uint64_t *l2_table = NULL;
668 int ret;
669
670 /* seek to the l2 offset in the l1 table */
671
672 l1_index = offset_to_l1_index(s, offset);
673 if (l1_index >= s->l1_size) {
674 ret = qcow2_grow_l1_table(bs, l1_index + 1, false);
675 if (ret < 0) {
676 return ret;
677 }
678 }
679
680 assert(l1_index < s->l1_size);
681 l2_offset = s->l1_table[l1_index] & L1E_OFFSET_MASK;
682 if (offset_into_cluster(s, l2_offset)) {
683 qcow2_signal_corruption(bs, true, -1, -1, "L2 table offset %#" PRIx64
684 " unaligned (L1 index: %#" PRIx64 ")",
685 l2_offset, l1_index);
686 return -EIO;
687 }
688
689 /* seek the l2 table of the given l2 offset */
690
691 if (s->l1_table[l1_index] & QCOW_OFLAG_COPIED) {
692 /* load the l2 table in memory */
693 ret = l2_load(bs, offset, l2_offset, &l2_table);
694 if (ret < 0) {
695 return ret;
696 }
697 } else {
698 /* First allocate a new L2 table (and do COW if needed) */
699 ret = l2_allocate(bs, l1_index, &l2_table);
700 if (ret < 0) {
701 return ret;
702 }
703
704 /* Then decrease the refcount of the old table */
705 if (l2_offset) {
706 qcow2_free_clusters(bs, l2_offset, s->l2_size * sizeof(uint64_t),
707 QCOW2_DISCARD_OTHER);
708 }
709 }
710
711 /* find the cluster offset for the given disk offset */
712
713 l2_index = offset_to_l2_index(s, offset);
714
715 *new_l2_table = l2_table;
716 *new_l2_index = l2_index;
717
718 return 0;
719 }
720
721 /*
722 * alloc_compressed_cluster_offset
723 *
724 * For a given offset of the disk image, return cluster offset in
725 * qcow2 file.
726 *
727 * If the offset is not found, allocate a new compressed cluster.
728 *
729 * Return the cluster offset if successful,
730 * Return 0, otherwise.
731 *
732 */
733
734 uint64_t qcow2_alloc_compressed_cluster_offset(BlockDriverState *bs,
735 uint64_t offset,
736 int compressed_size)
737 {
738 BDRVQcow2State *s = bs->opaque;
739 int l2_index, ret;
740 uint64_t *l2_table;
741 int64_t cluster_offset;
742 int nb_csectors;
743
744 ret = get_cluster_table(bs, offset, &l2_table, &l2_index);
745 if (ret < 0) {
746 return 0;
747 }
748
749 /* Compression can't overwrite anything. Fail if the cluster was already
750 * allocated. */
751 cluster_offset = be64_to_cpu(l2_table[l2_index]);
752 if (cluster_offset & L2E_OFFSET_MASK) {
753 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
754 return 0;
755 }
756
757 cluster_offset = qcow2_alloc_bytes(bs, compressed_size);
758 if (cluster_offset < 0) {
759 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
760 return 0;
761 }
762
763 nb_csectors = ((cluster_offset + compressed_size - 1) >> 9) -
764 (cluster_offset >> 9);
765
766 cluster_offset |= QCOW_OFLAG_COMPRESSED |
767 ((uint64_t)nb_csectors << s->csize_shift);
768
769 /* update L2 table */
770
771 /* compressed clusters never have the copied flag */
772
773 BLKDBG_EVENT(bs->file, BLKDBG_L2_UPDATE_COMPRESSED);
774 qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table);
775 l2_table[l2_index] = cpu_to_be64(cluster_offset);
776 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
777
778 return cluster_offset;
779 }
780
781 static int perform_cow(BlockDriverState *bs, QCowL2Meta *m)
782 {
783 BDRVQcow2State *s = bs->opaque;
784 Qcow2COWRegion *start = &m->cow_start;
785 Qcow2COWRegion *end = &m->cow_end;
786 unsigned buffer_size;
787 unsigned data_bytes = end->offset - (start->offset + start->nb_bytes);
788 bool merge_reads;
789 uint8_t *start_buffer, *end_buffer;
790 QEMUIOVector qiov;
791 int ret;
792
793 assert(start->nb_bytes <= UINT_MAX - end->nb_bytes);
794 assert(start->nb_bytes + end->nb_bytes <= UINT_MAX - data_bytes);
795 assert(start->offset + start->nb_bytes <= end->offset);
796 assert(!m->data_qiov || m->data_qiov->size == data_bytes);
797
798 if (start->nb_bytes == 0 && end->nb_bytes == 0) {
799 return 0;
800 }
801
802 /* If we have to read both the start and end COW regions and the
803 * middle region is not too large then perform just one read
804 * operation */
805 merge_reads = start->nb_bytes && end->nb_bytes && data_bytes <= 16384;
806 if (merge_reads) {
807 buffer_size = start->nb_bytes + data_bytes + end->nb_bytes;
808 } else {
809 /* If we have to do two reads, add some padding in the middle
810 * if necessary to make sure that the end region is optimally
811 * aligned. */
812 size_t align = bdrv_opt_mem_align(bs);
813 assert(align > 0 && align <= UINT_MAX);
814 assert(QEMU_ALIGN_UP(start->nb_bytes, align) <=
815 UINT_MAX - end->nb_bytes);
816 buffer_size = QEMU_ALIGN_UP(start->nb_bytes, align) + end->nb_bytes;
817 }
818
819 /* Reserve a buffer large enough to store all the data that we're
820 * going to read */
821 start_buffer = qemu_try_blockalign(bs, buffer_size);
822 if (start_buffer == NULL) {
823 return -ENOMEM;
824 }
825 /* The part of the buffer where the end region is located */
826 end_buffer = start_buffer + buffer_size - end->nb_bytes;
827
828 qemu_iovec_init(&qiov, 2 + (m->data_qiov ? m->data_qiov->niov : 0));
829
830 qemu_co_mutex_unlock(&s->lock);
831 /* First we read the existing data from both COW regions. We
832 * either read the whole region in one go, or the start and end
833 * regions separately. */
834 if (merge_reads) {
835 qemu_iovec_add(&qiov, start_buffer, buffer_size);
836 ret = do_perform_cow_read(bs, m->offset, start->offset, &qiov);
837 } else {
838 qemu_iovec_add(&qiov, start_buffer, start->nb_bytes);
839 ret = do_perform_cow_read(bs, m->offset, start->offset, &qiov);
840 if (ret < 0) {
841 goto fail;
842 }
843
844 qemu_iovec_reset(&qiov);
845 qemu_iovec_add(&qiov, end_buffer, end->nb_bytes);
846 ret = do_perform_cow_read(bs, m->offset, end->offset, &qiov);
847 }
848 if (ret < 0) {
849 goto fail;
850 }
851
852 /* Encrypt the data if necessary before writing it */
853 if (bs->encrypted) {
854 if (!do_perform_cow_encrypt(bs, m->offset, m->alloc_offset,
855 start->offset, start_buffer,
856 start->nb_bytes) ||
857 !do_perform_cow_encrypt(bs, m->offset, m->alloc_offset,
858 end->offset, end_buffer, end->nb_bytes)) {
859 ret = -EIO;
860 goto fail;
861 }
862 }
863
864 /* And now we can write everything. If we have the guest data we
865 * can write everything in one single operation */
866 if (m->data_qiov) {
867 qemu_iovec_reset(&qiov);
868 if (start->nb_bytes) {
869 qemu_iovec_add(&qiov, start_buffer, start->nb_bytes);
870 }
871 qemu_iovec_concat(&qiov, m->data_qiov, 0, data_bytes);
872 if (end->nb_bytes) {
873 qemu_iovec_add(&qiov, end_buffer, end->nb_bytes);
874 }
875 /* NOTE: we have a write_aio blkdebug event here followed by
876 * a cow_write one in do_perform_cow_write(), but there's only
877 * one single I/O operation */
878 BLKDBG_EVENT(bs->file, BLKDBG_WRITE_AIO);
879 ret = do_perform_cow_write(bs, m->alloc_offset, start->offset, &qiov);
880 } else {
881 /* If there's no guest data then write both COW regions separately */
882 qemu_iovec_reset(&qiov);
883 qemu_iovec_add(&qiov, start_buffer, start->nb_bytes);
884 ret = do_perform_cow_write(bs, m->alloc_offset, start->offset, &qiov);
885 if (ret < 0) {
886 goto fail;
887 }
888
889 qemu_iovec_reset(&qiov);
890 qemu_iovec_add(&qiov, end_buffer, end->nb_bytes);
891 ret = do_perform_cow_write(bs, m->alloc_offset, end->offset, &qiov);
892 }
893
894 fail:
895 qemu_co_mutex_lock(&s->lock);
896
897 /*
898 * Before we update the L2 table to actually point to the new cluster, we
899 * need to be sure that the refcounts have been increased and COW was
900 * handled.
901 */
902 if (ret == 0) {
903 qcow2_cache_depends_on_flush(s->l2_table_cache);
904 }
905
906 qemu_vfree(start_buffer);
907 qemu_iovec_destroy(&qiov);
908 return ret;
909 }
910
911 int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, QCowL2Meta *m)
912 {
913 BDRVQcow2State *s = bs->opaque;
914 int i, j = 0, l2_index, ret;
915 uint64_t *old_cluster, *l2_table;
916 uint64_t cluster_offset = m->alloc_offset;
917
918 trace_qcow2_cluster_link_l2(qemu_coroutine_self(), m->nb_clusters);
919 assert(m->nb_clusters > 0);
920
921 old_cluster = g_try_new(uint64_t, m->nb_clusters);
922 if (old_cluster == NULL) {
923 ret = -ENOMEM;
924 goto err;
925 }
926
927 /* copy content of unmodified sectors */
928 ret = perform_cow(bs, m);
929 if (ret < 0) {
930 goto err;
931 }
932
933 /* Update L2 table. */
934 if (s->use_lazy_refcounts) {
935 qcow2_mark_dirty(bs);
936 }
937 if (qcow2_need_accurate_refcounts(s)) {
938 qcow2_cache_set_dependency(bs, s->l2_table_cache,
939 s->refcount_block_cache);
940 }
941
942 ret = get_cluster_table(bs, m->offset, &l2_table, &l2_index);
943 if (ret < 0) {
944 goto err;
945 }
946 qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table);
947
948 assert(l2_index + m->nb_clusters <= s->l2_size);
949 for (i = 0; i < m->nb_clusters; i++) {
950 /* if two concurrent writes happen to the same unallocated cluster
951 * each write allocates separate cluster and writes data concurrently.
952 * The first one to complete updates l2 table with pointer to its
953 * cluster the second one has to do RMW (which is done above by
954 * perform_cow()), update l2 table with its cluster pointer and free
955 * old cluster. This is what this loop does */
956 if (l2_table[l2_index + i] != 0) {
957 old_cluster[j++] = l2_table[l2_index + i];
958 }
959
960 l2_table[l2_index + i] = cpu_to_be64((cluster_offset +
961 (i << s->cluster_bits)) | QCOW_OFLAG_COPIED);
962 }
963
964
965 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
966
967 /*
968 * If this was a COW, we need to decrease the refcount of the old cluster.
969 *
970 * Don't discard clusters that reach a refcount of 0 (e.g. compressed
971 * clusters), the next write will reuse them anyway.
972 */
973 if (!m->keep_old_clusters && j != 0) {
974 for (i = 0; i < j; i++) {
975 qcow2_free_any_clusters(bs, be64_to_cpu(old_cluster[i]), 1,
976 QCOW2_DISCARD_NEVER);
977 }
978 }
979
980 ret = 0;
981 err:
982 g_free(old_cluster);
983 return ret;
984 }
985
986 /*
987 * Returns the number of contiguous clusters that can be used for an allocating
988 * write, but require COW to be performed (this includes yet unallocated space,
989 * which must copy from the backing file)
990 */
991 static int count_cow_clusters(BDRVQcow2State *s, int nb_clusters,
992 uint64_t *l2_table, int l2_index)
993 {
994 int i;
995
996 for (i = 0; i < nb_clusters; i++) {
997 uint64_t l2_entry = be64_to_cpu(l2_table[l2_index + i]);
998 QCow2ClusterType cluster_type = qcow2_get_cluster_type(l2_entry);
999
1000 switch(cluster_type) {
1001 case QCOW2_CLUSTER_NORMAL:
1002 if (l2_entry & QCOW_OFLAG_COPIED) {
1003 goto out;
1004 }
1005 break;
1006 case QCOW2_CLUSTER_UNALLOCATED:
1007 case QCOW2_CLUSTER_COMPRESSED:
1008 case QCOW2_CLUSTER_ZERO_PLAIN:
1009 case QCOW2_CLUSTER_ZERO_ALLOC:
1010 break;
1011 default:
1012 abort();
1013 }
1014 }
1015
1016 out:
1017 assert(i <= nb_clusters);
1018 return i;
1019 }
1020
1021 /*
1022 * Check if there already is an AIO write request in flight which allocates
1023 * the same cluster. In this case we need to wait until the previous
1024 * request has completed and updated the L2 table accordingly.
1025 *
1026 * Returns:
1027 * 0 if there was no dependency. *cur_bytes indicates the number of
1028 * bytes from guest_offset that can be read before the next
1029 * dependency must be processed (or the request is complete)
1030 *
1031 * -EAGAIN if we had to wait for another request, previously gathered
1032 * information on cluster allocation may be invalid now. The caller
1033 * must start over anyway, so consider *cur_bytes undefined.
1034 */
1035 static int handle_dependencies(BlockDriverState *bs, uint64_t guest_offset,
1036 uint64_t *cur_bytes, QCowL2Meta **m)
1037 {
1038 BDRVQcow2State *s = bs->opaque;
1039 QCowL2Meta *old_alloc;
1040 uint64_t bytes = *cur_bytes;
1041
1042 QLIST_FOREACH(old_alloc, &s->cluster_allocs, next_in_flight) {
1043
1044 uint64_t start = guest_offset;
1045 uint64_t end = start + bytes;
1046 uint64_t old_start = l2meta_cow_start(old_alloc);
1047 uint64_t old_end = l2meta_cow_end(old_alloc);
1048
1049 if (end <= old_start || start >= old_end) {
1050 /* No intersection */
1051 } else {
1052 if (start < old_start) {
1053 /* Stop at the start of a running allocation */
1054 bytes = old_start - start;
1055 } else {
1056 bytes = 0;
1057 }
1058
1059 /* Stop if already an l2meta exists. After yielding, it wouldn't
1060 * be valid any more, so we'd have to clean up the old L2Metas
1061 * and deal with requests depending on them before starting to
1062 * gather new ones. Not worth the trouble. */
1063 if (bytes == 0 && *m) {
1064 *cur_bytes = 0;
1065 return 0;
1066 }
1067
1068 if (bytes == 0) {
1069 /* Wait for the dependency to complete. We need to recheck
1070 * the free/allocated clusters when we continue. */
1071 qemu_co_queue_wait(&old_alloc->dependent_requests, &s->lock);
1072 return -EAGAIN;
1073 }
1074 }
1075 }
1076
1077 /* Make sure that existing clusters and new allocations are only used up to
1078 * the next dependency if we shortened the request above */
1079 *cur_bytes = bytes;
1080
1081 return 0;
1082 }
1083
1084 /*
1085 * Checks how many already allocated clusters that don't require a copy on
1086 * write there are at the given guest_offset (up to *bytes). If
1087 * *host_offset is not zero, only physically contiguous clusters beginning at
1088 * this host offset are counted.
1089 *
1090 * Note that guest_offset may not be cluster aligned. In this case, the
1091 * returned *host_offset points to exact byte referenced by guest_offset and
1092 * therefore isn't cluster aligned as well.
1093 *
1094 * Returns:
1095 * 0: if no allocated clusters are available at the given offset.
1096 * *bytes is normally unchanged. It is set to 0 if the cluster
1097 * is allocated and doesn't need COW, but doesn't have the right
1098 * physical offset.
1099 *
1100 * 1: if allocated clusters that don't require a COW are available at
1101 * the requested offset. *bytes may have decreased and describes
1102 * the length of the area that can be written to.
1103 *
1104 * -errno: in error cases
1105 */
1106 static int handle_copied(BlockDriverState *bs, uint64_t guest_offset,
1107 uint64_t *host_offset, uint64_t *bytes, QCowL2Meta **m)
1108 {
1109 BDRVQcow2State *s = bs->opaque;
1110 int l2_index;
1111 uint64_t cluster_offset;
1112 uint64_t *l2_table;
1113 uint64_t nb_clusters;
1114 unsigned int keep_clusters;
1115 int ret;
1116
1117 trace_qcow2_handle_copied(qemu_coroutine_self(), guest_offset, *host_offset,
1118 *bytes);
1119
1120 assert(*host_offset == 0 || offset_into_cluster(s, guest_offset)
1121 == offset_into_cluster(s, *host_offset));
1122
1123 /*
1124 * Calculate the number of clusters to look for. We stop at L2 table
1125 * boundaries to keep things simple.
1126 */
1127 nb_clusters =
1128 size_to_clusters(s, offset_into_cluster(s, guest_offset) + *bytes);
1129
1130 l2_index = offset_to_l2_index(s, guest_offset);
1131 nb_clusters = MIN(nb_clusters, s->l2_size - l2_index);
1132 assert(nb_clusters <= INT_MAX);
1133
1134 /* Find L2 entry for the first involved cluster */
1135 ret = get_cluster_table(bs, guest_offset, &l2_table, &l2_index);
1136 if (ret < 0) {
1137 return ret;
1138 }
1139
1140 cluster_offset = be64_to_cpu(l2_table[l2_index]);
1141
1142 /* Check how many clusters are already allocated and don't need COW */
1143 if (qcow2_get_cluster_type(cluster_offset) == QCOW2_CLUSTER_NORMAL
1144 && (cluster_offset & QCOW_OFLAG_COPIED))
1145 {
1146 /* If a specific host_offset is required, check it */
1147 bool offset_matches =
1148 (cluster_offset & L2E_OFFSET_MASK) == *host_offset;
1149
1150 if (offset_into_cluster(s, cluster_offset & L2E_OFFSET_MASK)) {
1151 qcow2_signal_corruption(bs, true, -1, -1, "Data cluster offset "
1152 "%#llx unaligned (guest offset: %#" PRIx64
1153 ")", cluster_offset & L2E_OFFSET_MASK,
1154 guest_offset);
1155 ret = -EIO;
1156 goto out;
1157 }
1158
1159 if (*host_offset != 0 && !offset_matches) {
1160 *bytes = 0;
1161 ret = 0;
1162 goto out;
1163 }
1164
1165 /* We keep all QCOW_OFLAG_COPIED clusters */
1166 keep_clusters =
1167 count_contiguous_clusters(nb_clusters, s->cluster_size,
1168 &l2_table[l2_index],
1169 QCOW_OFLAG_COPIED | QCOW_OFLAG_ZERO);
1170 assert(keep_clusters <= nb_clusters);
1171
1172 *bytes = MIN(*bytes,
1173 keep_clusters * s->cluster_size
1174 - offset_into_cluster(s, guest_offset));
1175
1176 ret = 1;
1177 } else {
1178 ret = 0;
1179 }
1180
1181 /* Cleanup */
1182 out:
1183 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
1184
1185 /* Only return a host offset if we actually made progress. Otherwise we
1186 * would make requirements for handle_alloc() that it can't fulfill */
1187 if (ret > 0) {
1188 *host_offset = (cluster_offset & L2E_OFFSET_MASK)
1189 + offset_into_cluster(s, guest_offset);
1190 }
1191
1192 return ret;
1193 }
1194
1195 /*
1196 * Allocates new clusters for the given guest_offset.
1197 *
1198 * At most *nb_clusters are allocated, and on return *nb_clusters is updated to
1199 * contain the number of clusters that have been allocated and are contiguous
1200 * in the image file.
1201 *
1202 * If *host_offset is non-zero, it specifies the offset in the image file at
1203 * which the new clusters must start. *nb_clusters can be 0 on return in this
1204 * case if the cluster at host_offset is already in use. If *host_offset is
1205 * zero, the clusters can be allocated anywhere in the image file.
1206 *
1207 * *host_offset is updated to contain the offset into the image file at which
1208 * the first allocated cluster starts.
1209 *
1210 * Return 0 on success and -errno in error cases. -EAGAIN means that the
1211 * function has been waiting for another request and the allocation must be
1212 * restarted, but the whole request should not be failed.
1213 */
1214 static int do_alloc_cluster_offset(BlockDriverState *bs, uint64_t guest_offset,
1215 uint64_t *host_offset, uint64_t *nb_clusters)
1216 {
1217 BDRVQcow2State *s = bs->opaque;
1218
1219 trace_qcow2_do_alloc_clusters_offset(qemu_coroutine_self(), guest_offset,
1220 *host_offset, *nb_clusters);
1221
1222 /* Allocate new clusters */
1223 trace_qcow2_cluster_alloc_phys(qemu_coroutine_self());
1224 if (*host_offset == 0) {
1225 int64_t cluster_offset =
1226 qcow2_alloc_clusters(bs, *nb_clusters * s->cluster_size);
1227 if (cluster_offset < 0) {
1228 return cluster_offset;
1229 }
1230 *host_offset = cluster_offset;
1231 return 0;
1232 } else {
1233 int64_t ret = qcow2_alloc_clusters_at(bs, *host_offset, *nb_clusters);
1234 if (ret < 0) {
1235 return ret;
1236 }
1237 *nb_clusters = ret;
1238 return 0;
1239 }
1240 }
1241
1242 /*
1243 * Allocates new clusters for an area that either is yet unallocated or needs a
1244 * copy on write. If *host_offset is non-zero, clusters are only allocated if
1245 * the new allocation can match the specified host offset.
1246 *
1247 * Note that guest_offset may not be cluster aligned. In this case, the
1248 * returned *host_offset points to exact byte referenced by guest_offset and
1249 * therefore isn't cluster aligned as well.
1250 *
1251 * Returns:
1252 * 0: if no clusters could be allocated. *bytes is set to 0,
1253 * *host_offset is left unchanged.
1254 *
1255 * 1: if new clusters were allocated. *bytes may be decreased if the
1256 * new allocation doesn't cover all of the requested area.
1257 * *host_offset is updated to contain the host offset of the first
1258 * newly allocated cluster.
1259 *
1260 * -errno: in error cases
1261 */
1262 static int handle_alloc(BlockDriverState *bs, uint64_t guest_offset,
1263 uint64_t *host_offset, uint64_t *bytes, QCowL2Meta **m)
1264 {
1265 BDRVQcow2State *s = bs->opaque;
1266 int l2_index;
1267 uint64_t *l2_table;
1268 uint64_t entry;
1269 uint64_t nb_clusters;
1270 int ret;
1271 bool keep_old_clusters = false;
1272
1273 uint64_t alloc_cluster_offset = 0;
1274
1275 trace_qcow2_handle_alloc(qemu_coroutine_self(), guest_offset, *host_offset,
1276 *bytes);
1277 assert(*bytes > 0);
1278
1279 /*
1280 * Calculate the number of clusters to look for. We stop at L2 table
1281 * boundaries to keep things simple.
1282 */
1283 nb_clusters =
1284 size_to_clusters(s, offset_into_cluster(s, guest_offset) + *bytes);
1285
1286 l2_index = offset_to_l2_index(s, guest_offset);
1287 nb_clusters = MIN(nb_clusters, s->l2_size - l2_index);
1288 assert(nb_clusters <= INT_MAX);
1289
1290 /* Find L2 entry for the first involved cluster */
1291 ret = get_cluster_table(bs, guest_offset, &l2_table, &l2_index);
1292 if (ret < 0) {
1293 return ret;
1294 }
1295
1296 entry = be64_to_cpu(l2_table[l2_index]);
1297
1298 /* For the moment, overwrite compressed clusters one by one */
1299 if (entry & QCOW_OFLAG_COMPRESSED) {
1300 nb_clusters = 1;
1301 } else {
1302 nb_clusters = count_cow_clusters(s, nb_clusters, l2_table, l2_index);
1303 }
1304
1305 /* This function is only called when there were no non-COW clusters, so if
1306 * we can't find any unallocated or COW clusters either, something is
1307 * wrong with our code. */
1308 assert(nb_clusters > 0);
1309
1310 if (qcow2_get_cluster_type(entry) == QCOW2_CLUSTER_ZERO_ALLOC &&
1311 (entry & QCOW_OFLAG_COPIED) &&
1312 (!*host_offset ||
1313 start_of_cluster(s, *host_offset) == (entry & L2E_OFFSET_MASK)))
1314 {
1315 int preallocated_nb_clusters;
1316
1317 if (offset_into_cluster(s, entry & L2E_OFFSET_MASK)) {
1318 qcow2_signal_corruption(bs, true, -1, -1, "Preallocated zero "
1319 "cluster offset %#llx unaligned (guest "
1320 "offset: %#" PRIx64 ")",
1321 entry & L2E_OFFSET_MASK, guest_offset);
1322 ret = -EIO;
1323 goto fail;
1324 }
1325
1326 /* Try to reuse preallocated zero clusters; contiguous normal clusters
1327 * would be fine, too, but count_cow_clusters() above has limited
1328 * nb_clusters already to a range of COW clusters */
1329 preallocated_nb_clusters =
1330 count_contiguous_clusters(nb_clusters, s->cluster_size,
1331 &l2_table[l2_index], QCOW_OFLAG_COPIED);
1332 assert(preallocated_nb_clusters > 0);
1333
1334 nb_clusters = preallocated_nb_clusters;
1335 alloc_cluster_offset = entry & L2E_OFFSET_MASK;
1336
1337 /* We want to reuse these clusters, so qcow2_alloc_cluster_link_l2()
1338 * should not free them. */
1339 keep_old_clusters = true;
1340 }
1341
1342 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
1343
1344 if (!alloc_cluster_offset) {
1345 /* Allocate, if necessary at a given offset in the image file */
1346 alloc_cluster_offset = start_of_cluster(s, *host_offset);
1347 ret = do_alloc_cluster_offset(bs, guest_offset, &alloc_cluster_offset,
1348 &nb_clusters);
1349 if (ret < 0) {
1350 goto fail;
1351 }
1352
1353 /* Can't extend contiguous allocation */
1354 if (nb_clusters == 0) {
1355 *bytes = 0;
1356 return 0;
1357 }
1358
1359 /* !*host_offset would overwrite the image header and is reserved for
1360 * "no host offset preferred". If 0 was a valid host offset, it'd
1361 * trigger the following overlap check; do that now to avoid having an
1362 * invalid value in *host_offset. */
1363 if (!alloc_cluster_offset) {
1364 ret = qcow2_pre_write_overlap_check(bs, 0, alloc_cluster_offset,
1365 nb_clusters * s->cluster_size);
1366 assert(ret < 0);
1367 goto fail;
1368 }
1369 }
1370
1371 /*
1372 * Save info needed for meta data update.
1373 *
1374 * requested_bytes: Number of bytes from the start of the first
1375 * newly allocated cluster to the end of the (possibly shortened
1376 * before) write request.
1377 *
1378 * avail_bytes: Number of bytes from the start of the first
1379 * newly allocated to the end of the last newly allocated cluster.
1380 *
1381 * nb_bytes: The number of bytes from the start of the first
1382 * newly allocated cluster to the end of the area that the write
1383 * request actually writes to (excluding COW at the end)
1384 */
1385 uint64_t requested_bytes = *bytes + offset_into_cluster(s, guest_offset);
1386 int avail_bytes = MIN(INT_MAX, nb_clusters << s->cluster_bits);
1387 int nb_bytes = MIN(requested_bytes, avail_bytes);
1388 QCowL2Meta *old_m = *m;
1389
1390 *m = g_malloc0(sizeof(**m));
1391
1392 **m = (QCowL2Meta) {
1393 .next = old_m,
1394
1395 .alloc_offset = alloc_cluster_offset,
1396 .offset = start_of_cluster(s, guest_offset),
1397 .nb_clusters = nb_clusters,
1398
1399 .keep_old_clusters = keep_old_clusters,
1400
1401 .cow_start = {
1402 .offset = 0,
1403 .nb_bytes = offset_into_cluster(s, guest_offset),
1404 },
1405 .cow_end = {
1406 .offset = nb_bytes,
1407 .nb_bytes = avail_bytes - nb_bytes,
1408 },
1409 };
1410 qemu_co_queue_init(&(*m)->dependent_requests);
1411 QLIST_INSERT_HEAD(&s->cluster_allocs, *m, next_in_flight);
1412
1413 *host_offset = alloc_cluster_offset + offset_into_cluster(s, guest_offset);
1414 *bytes = MIN(*bytes, nb_bytes - offset_into_cluster(s, guest_offset));
1415 assert(*bytes != 0);
1416
1417 return 1;
1418
1419 fail:
1420 if (*m && (*m)->nb_clusters > 0) {
1421 QLIST_REMOVE(*m, next_in_flight);
1422 }
1423 return ret;
1424 }
1425
1426 /*
1427 * alloc_cluster_offset
1428 *
1429 * For a given offset on the virtual disk, find the cluster offset in qcow2
1430 * file. If the offset is not found, allocate a new cluster.
1431 *
1432 * If the cluster was already allocated, m->nb_clusters is set to 0 and
1433 * other fields in m are meaningless.
1434 *
1435 * If the cluster is newly allocated, m->nb_clusters is set to the number of
1436 * contiguous clusters that have been allocated. In this case, the other
1437 * fields of m are valid and contain information about the first allocated
1438 * cluster.
1439 *
1440 * If the request conflicts with another write request in flight, the coroutine
1441 * is queued and will be reentered when the dependency has completed.
1442 *
1443 * Return 0 on success and -errno in error cases
1444 */
1445 int qcow2_alloc_cluster_offset(BlockDriverState *bs, uint64_t offset,
1446 unsigned int *bytes, uint64_t *host_offset,
1447 QCowL2Meta **m)
1448 {
1449 BDRVQcow2State *s = bs->opaque;
1450 uint64_t start, remaining;
1451 uint64_t cluster_offset;
1452 uint64_t cur_bytes;
1453 int ret;
1454
1455 trace_qcow2_alloc_clusters_offset(qemu_coroutine_self(), offset, *bytes);
1456
1457 again:
1458 start = offset;
1459 remaining = *bytes;
1460 cluster_offset = 0;
1461 *host_offset = 0;
1462 cur_bytes = 0;
1463 *m = NULL;
1464
1465 while (true) {
1466
1467 if (!*host_offset) {
1468 *host_offset = start_of_cluster(s, cluster_offset);
1469 }
1470
1471 assert(remaining >= cur_bytes);
1472
1473 start += cur_bytes;
1474 remaining -= cur_bytes;
1475 cluster_offset += cur_bytes;
1476
1477 if (remaining == 0) {
1478 break;
1479 }
1480
1481 cur_bytes = remaining;
1482
1483 /*
1484 * Now start gathering as many contiguous clusters as possible:
1485 *
1486 * 1. Check for overlaps with in-flight allocations
1487 *
1488 * a) Overlap not in the first cluster -> shorten this request and
1489 * let the caller handle the rest in its next loop iteration.
1490 *
1491 * b) Real overlaps of two requests. Yield and restart the search
1492 * for contiguous clusters (the situation could have changed
1493 * while we were sleeping)
1494 *
1495 * c) TODO: Request starts in the same cluster as the in-flight
1496 * allocation ends. Shorten the COW of the in-fight allocation,
1497 * set cluster_offset to write to the same cluster and set up
1498 * the right synchronisation between the in-flight request and
1499 * the new one.
1500 */
1501 ret = handle_dependencies(bs, start, &cur_bytes, m);
1502 if (ret == -EAGAIN) {
1503 /* Currently handle_dependencies() doesn't yield if we already had
1504 * an allocation. If it did, we would have to clean up the L2Meta
1505 * structs before starting over. */
1506 assert(*m == NULL);
1507 goto again;
1508 } else if (ret < 0) {
1509 return ret;
1510 } else if (cur_bytes == 0) {
1511 break;
1512 } else {
1513 /* handle_dependencies() may have decreased cur_bytes (shortened
1514 * the allocations below) so that the next dependency is processed
1515 * correctly during the next loop iteration. */
1516 }
1517
1518 /*
1519 * 2. Count contiguous COPIED clusters.
1520 */
1521 ret = handle_copied(bs, start, &cluster_offset, &cur_bytes, m);
1522 if (ret < 0) {
1523 return ret;
1524 } else if (ret) {
1525 continue;
1526 } else if (cur_bytes == 0) {
1527 break;
1528 }
1529
1530 /*
1531 * 3. If the request still hasn't completed, allocate new clusters,
1532 * considering any cluster_offset of steps 1c or 2.
1533 */
1534 ret = handle_alloc(bs, start, &cluster_offset, &cur_bytes, m);
1535 if (ret < 0) {
1536 return ret;
1537 } else if (ret) {
1538 continue;
1539 } else {
1540 assert(cur_bytes == 0);
1541 break;
1542 }
1543 }
1544
1545 *bytes -= remaining;
1546 assert(*bytes > 0);
1547 assert(*host_offset != 0);
1548
1549 return 0;
1550 }
1551
1552 static int decompress_buffer(uint8_t *out_buf, int out_buf_size,
1553 const uint8_t *buf, int buf_size)
1554 {
1555 z_stream strm1, *strm = &strm1;
1556 int ret, out_len;
1557
1558 memset(strm, 0, sizeof(*strm));
1559
1560 strm->next_in = (uint8_t *)buf;
1561 strm->avail_in = buf_size;
1562 strm->next_out = out_buf;
1563 strm->avail_out = out_buf_size;
1564
1565 ret = inflateInit2(strm, -12);
1566 if (ret != Z_OK)
1567 return -1;
1568 ret = inflate(strm, Z_FINISH);
1569 out_len = strm->next_out - out_buf;
1570 if ((ret != Z_STREAM_END && ret != Z_BUF_ERROR) ||
1571 out_len != out_buf_size) {
1572 inflateEnd(strm);
1573 return -1;
1574 }
1575 inflateEnd(strm);
1576 return 0;
1577 }
1578
1579 int qcow2_decompress_cluster(BlockDriverState *bs, uint64_t cluster_offset)
1580 {
1581 BDRVQcow2State *s = bs->opaque;
1582 int ret, csize, nb_csectors, sector_offset;
1583 uint64_t coffset;
1584
1585 coffset = cluster_offset & s->cluster_offset_mask;
1586 if (s->cluster_cache_offset != coffset) {
1587 nb_csectors = ((cluster_offset >> s->csize_shift) & s->csize_mask) + 1;
1588 sector_offset = coffset & 511;
1589 csize = nb_csectors * 512 - sector_offset;
1590
1591 /* Allocate buffers on first decompress operation, most images are
1592 * uncompressed and the memory overhead can be avoided. The buffers
1593 * are freed in .bdrv_close().
1594 */
1595 if (!s->cluster_data) {
1596 /* one more sector for decompressed data alignment */
1597 s->cluster_data = qemu_try_blockalign(bs->file->bs,
1598 QCOW_MAX_CRYPT_CLUSTERS * s->cluster_size + 512);
1599 if (!s->cluster_data) {
1600 return -ENOMEM;
1601 }
1602 }
1603 if (!s->cluster_cache) {
1604 s->cluster_cache = g_malloc(s->cluster_size);
1605 }
1606
1607 BLKDBG_EVENT(bs->file, BLKDBG_READ_COMPRESSED);
1608 ret = bdrv_read(bs->file, coffset >> 9, s->cluster_data,
1609 nb_csectors);
1610 if (ret < 0) {
1611 return ret;
1612 }
1613 if (decompress_buffer(s->cluster_cache, s->cluster_size,
1614 s->cluster_data + sector_offset, csize) < 0) {
1615 return -EIO;
1616 }
1617 s->cluster_cache_offset = coffset;
1618 }
1619 return 0;
1620 }
1621
1622 /*
1623 * This discards as many clusters of nb_clusters as possible at once (i.e.
1624 * all clusters in the same L2 table) and returns the number of discarded
1625 * clusters.
1626 */
1627 static int discard_single_l2(BlockDriverState *bs, uint64_t offset,
1628 uint64_t nb_clusters, enum qcow2_discard_type type,
1629 bool full_discard)
1630 {
1631 BDRVQcow2State *s = bs->opaque;
1632 uint64_t *l2_table;
1633 int l2_index;
1634 int ret;
1635 int i;
1636
1637 ret = get_cluster_table(bs, offset, &l2_table, &l2_index);
1638 if (ret < 0) {
1639 return ret;
1640 }
1641
1642 /* Limit nb_clusters to one L2 table */
1643 nb_clusters = MIN(nb_clusters, s->l2_size - l2_index);
1644 assert(nb_clusters <= INT_MAX);
1645
1646 for (i = 0; i < nb_clusters; i++) {
1647 uint64_t old_l2_entry;
1648
1649 old_l2_entry = be64_to_cpu(l2_table[l2_index + i]);
1650
1651 /*
1652 * If full_discard is false, make sure that a discarded area reads back
1653 * as zeroes for v3 images (we cannot do it for v2 without actually
1654 * writing a zero-filled buffer). We can skip the operation if the
1655 * cluster is already marked as zero, or if it's unallocated and we
1656 * don't have a backing file.
1657 *
1658 * TODO We might want to use bdrv_block_status(bs) here, but we're
1659 * holding s->lock, so that doesn't work today.
1660 *
1661 * If full_discard is true, the sector should not read back as zeroes,
1662 * but rather fall through to the backing file.
1663 */
1664 switch (qcow2_get_cluster_type(old_l2_entry)) {
1665 case QCOW2_CLUSTER_UNALLOCATED:
1666 if (full_discard || !bs->backing) {
1667 continue;
1668 }
1669 break;
1670
1671 case QCOW2_CLUSTER_ZERO_PLAIN:
1672 if (!full_discard) {
1673 continue;
1674 }
1675 break;
1676
1677 case QCOW2_CLUSTER_ZERO_ALLOC:
1678 case QCOW2_CLUSTER_NORMAL:
1679 case QCOW2_CLUSTER_COMPRESSED:
1680 break;
1681
1682 default:
1683 abort();
1684 }
1685
1686 /* First remove L2 entries */
1687 qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table);
1688 if (!full_discard && s->qcow_version >= 3) {
1689 l2_table[l2_index + i] = cpu_to_be64(QCOW_OFLAG_ZERO);
1690 } else {
1691 l2_table[l2_index + i] = cpu_to_be64(0);
1692 }
1693
1694 /* Then decrease the refcount */
1695 qcow2_free_any_clusters(bs, old_l2_entry, 1, type);
1696 }
1697
1698 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
1699
1700 return nb_clusters;
1701 }
1702
1703 int qcow2_cluster_discard(BlockDriverState *bs, uint64_t offset,
1704 uint64_t bytes, enum qcow2_discard_type type,
1705 bool full_discard)
1706 {
1707 BDRVQcow2State *s = bs->opaque;
1708 uint64_t end_offset = offset + bytes;
1709 uint64_t nb_clusters;
1710 int64_t cleared;
1711 int ret;
1712
1713 /* Caller must pass aligned values, except at image end */
1714 assert(QEMU_IS_ALIGNED(offset, s->cluster_size));
1715 assert(QEMU_IS_ALIGNED(end_offset, s->cluster_size) ||
1716 end_offset == bs->total_sectors << BDRV_SECTOR_BITS);
1717
1718 nb_clusters = size_to_clusters(s, bytes);
1719
1720 s->cache_discards = true;
1721
1722 /* Each L2 table is handled by its own loop iteration */
1723 while (nb_clusters > 0) {
1724 cleared = discard_single_l2(bs, offset, nb_clusters, type,
1725 full_discard);
1726 if (cleared < 0) {
1727 ret = cleared;
1728 goto fail;
1729 }
1730
1731 nb_clusters -= cleared;
1732 offset += (cleared * s->cluster_size);
1733 }
1734
1735 ret = 0;
1736 fail:
1737 s->cache_discards = false;
1738 qcow2_process_discards(bs, ret);
1739
1740 return ret;
1741 }
1742
1743 /*
1744 * This zeroes as many clusters of nb_clusters as possible at once (i.e.
1745 * all clusters in the same L2 table) and returns the number of zeroed
1746 * clusters.
1747 */
1748 static int zero_single_l2(BlockDriverState *bs, uint64_t offset,
1749 uint64_t nb_clusters, int flags)
1750 {
1751 BDRVQcow2State *s = bs->opaque;
1752 uint64_t *l2_table;
1753 int l2_index;
1754 int ret;
1755 int i;
1756 bool unmap = !!(flags & BDRV_REQ_MAY_UNMAP);
1757
1758 ret = get_cluster_table(bs, offset, &l2_table, &l2_index);
1759 if (ret < 0) {
1760 return ret;
1761 }
1762
1763 /* Limit nb_clusters to one L2 table */
1764 nb_clusters = MIN(nb_clusters, s->l2_size - l2_index);
1765 assert(nb_clusters <= INT_MAX);
1766
1767 for (i = 0; i < nb_clusters; i++) {
1768 uint64_t old_offset;
1769 QCow2ClusterType cluster_type;
1770
1771 old_offset = be64_to_cpu(l2_table[l2_index + i]);
1772
1773 /*
1774 * Minimize L2 changes if the cluster already reads back as
1775 * zeroes with correct allocation.
1776 */
1777 cluster_type = qcow2_get_cluster_type(old_offset);
1778 if (cluster_type == QCOW2_CLUSTER_ZERO_PLAIN ||
1779 (cluster_type == QCOW2_CLUSTER_ZERO_ALLOC && !unmap)) {
1780 continue;
1781 }
1782
1783 qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table);
1784 if (cluster_type == QCOW2_CLUSTER_COMPRESSED || unmap) {
1785 l2_table[l2_index + i] = cpu_to_be64(QCOW_OFLAG_ZERO);
1786 qcow2_free_any_clusters(bs, old_offset, 1, QCOW2_DISCARD_REQUEST);
1787 } else {
1788 l2_table[l2_index + i] |= cpu_to_be64(QCOW_OFLAG_ZERO);
1789 }
1790 }
1791
1792 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
1793
1794 return nb_clusters;
1795 }
1796
1797 int qcow2_cluster_zeroize(BlockDriverState *bs, uint64_t offset,
1798 uint64_t bytes, int flags)
1799 {
1800 BDRVQcow2State *s = bs->opaque;
1801 uint64_t end_offset = offset + bytes;
1802 uint64_t nb_clusters;
1803 int64_t cleared;
1804 int ret;
1805
1806 /* Caller must pass aligned values, except at image end */
1807 assert(QEMU_IS_ALIGNED(offset, s->cluster_size));
1808 assert(QEMU_IS_ALIGNED(end_offset, s->cluster_size) ||
1809 end_offset == bs->total_sectors << BDRV_SECTOR_BITS);
1810
1811 /* The zero flag is only supported by version 3 and newer */
1812 if (s->qcow_version < 3) {
1813 return -ENOTSUP;
1814 }
1815
1816 /* Each L2 table is handled by its own loop iteration */
1817 nb_clusters = size_to_clusters(s, bytes);
1818
1819 s->cache_discards = true;
1820
1821 while (nb_clusters > 0) {
1822 cleared = zero_single_l2(bs, offset, nb_clusters, flags);
1823 if (cleared < 0) {
1824 ret = cleared;
1825 goto fail;
1826 }
1827
1828 nb_clusters -= cleared;
1829 offset += (cleared * s->cluster_size);
1830 }
1831
1832 ret = 0;
1833 fail:
1834 s->cache_discards = false;
1835 qcow2_process_discards(bs, ret);
1836
1837 return ret;
1838 }
1839
1840 /*
1841 * Expands all zero clusters in a specific L1 table (or deallocates them, for
1842 * non-backed non-pre-allocated zero clusters).
1843 *
1844 * l1_entries and *visited_l1_entries are used to keep track of progress for
1845 * status_cb(). l1_entries contains the total number of L1 entries and
1846 * *visited_l1_entries counts all visited L1 entries.
1847 */
1848 static int expand_zero_clusters_in_l1(BlockDriverState *bs, uint64_t *l1_table,
1849 int l1_size, int64_t *visited_l1_entries,
1850 int64_t l1_entries,
1851 BlockDriverAmendStatusCB *status_cb,
1852 void *cb_opaque)
1853 {
1854 BDRVQcow2State *s = bs->opaque;
1855 bool is_active_l1 = (l1_table == s->l1_table);
1856 uint64_t *l2_table = NULL;
1857 int ret;
1858 int i, j;
1859
1860 if (!is_active_l1) {
1861 /* inactive L2 tables require a buffer to be stored in when loading
1862 * them from disk */
1863 l2_table = qemu_try_blockalign(bs->file->bs, s->cluster_size);
1864 if (l2_table == NULL) {
1865 return -ENOMEM;
1866 }
1867 }
1868
1869 for (i = 0; i < l1_size; i++) {
1870 uint64_t l2_offset = l1_table[i] & L1E_OFFSET_MASK;
1871 bool l2_dirty = false;
1872 uint64_t l2_refcount;
1873
1874 if (!l2_offset) {
1875 /* unallocated */
1876 (*visited_l1_entries)++;
1877 if (status_cb) {
1878 status_cb(bs, *visited_l1_entries, l1_entries, cb_opaque);
1879 }
1880 continue;
1881 }
1882
1883 if (offset_into_cluster(s, l2_offset)) {
1884 qcow2_signal_corruption(bs, true, -1, -1, "L2 table offset %#"
1885 PRIx64 " unaligned (L1 index: %#x)",
1886 l2_offset, i);
1887 ret = -EIO;
1888 goto fail;
1889 }
1890
1891 if (is_active_l1) {
1892 /* get active L2 tables from cache */
1893 ret = qcow2_cache_get(bs, s->l2_table_cache, l2_offset,
1894 (void **)&l2_table);
1895 } else {
1896 /* load inactive L2 tables from disk */
1897 ret = bdrv_read(bs->file, l2_offset / BDRV_SECTOR_SIZE,
1898 (void *)l2_table, s->cluster_sectors);
1899 }
1900 if (ret < 0) {
1901 goto fail;
1902 }
1903
1904 ret = qcow2_get_refcount(bs, l2_offset >> s->cluster_bits,
1905 &l2_refcount);
1906 if (ret < 0) {
1907 goto fail;
1908 }
1909
1910 for (j = 0; j < s->l2_size; j++) {
1911 uint64_t l2_entry = be64_to_cpu(l2_table[j]);
1912 int64_t offset = l2_entry & L2E_OFFSET_MASK;
1913 QCow2ClusterType cluster_type = qcow2_get_cluster_type(l2_entry);
1914
1915 if (cluster_type != QCOW2_CLUSTER_ZERO_PLAIN &&
1916 cluster_type != QCOW2_CLUSTER_ZERO_ALLOC) {
1917 continue;
1918 }
1919
1920 if (cluster_type == QCOW2_CLUSTER_ZERO_PLAIN) {
1921 if (!bs->backing) {
1922 /* not backed; therefore we can simply deallocate the
1923 * cluster */
1924 l2_table[j] = 0;
1925 l2_dirty = true;
1926 continue;
1927 }
1928
1929 offset = qcow2_alloc_clusters(bs, s->cluster_size);
1930 if (offset < 0) {
1931 ret = offset;
1932 goto fail;
1933 }
1934
1935 if (l2_refcount > 1) {
1936 /* For shared L2 tables, set the refcount accordingly (it is
1937 * already 1 and needs to be l2_refcount) */
1938 ret = qcow2_update_cluster_refcount(bs,
1939 offset >> s->cluster_bits,
1940 refcount_diff(1, l2_refcount), false,
1941 QCOW2_DISCARD_OTHER);
1942 if (ret < 0) {
1943 qcow2_free_clusters(bs, offset, s->cluster_size,
1944 QCOW2_DISCARD_OTHER);
1945 goto fail;
1946 }
1947 }
1948 }
1949
1950 if (offset_into_cluster(s, offset)) {
1951 qcow2_signal_corruption(bs, true, -1, -1,
1952 "Cluster allocation offset "
1953 "%#" PRIx64 " unaligned (L2 offset: %#"
1954 PRIx64 ", L2 index: %#x)", offset,
1955 l2_offset, j);
1956 if (cluster_type == QCOW2_CLUSTER_ZERO_PLAIN) {
1957 qcow2_free_clusters(bs, offset, s->cluster_size,
1958 QCOW2_DISCARD_ALWAYS);
1959 }
1960 ret = -EIO;
1961 goto fail;
1962 }
1963
1964 ret = qcow2_pre_write_overlap_check(bs, 0, offset, s->cluster_size);
1965 if (ret < 0) {
1966 if (cluster_type == QCOW2_CLUSTER_ZERO_PLAIN) {
1967 qcow2_free_clusters(bs, offset, s->cluster_size,
1968 QCOW2_DISCARD_ALWAYS);
1969 }
1970 goto fail;
1971 }
1972
1973 ret = bdrv_pwrite_zeroes(bs->file, offset, s->cluster_size, 0);
1974 if (ret < 0) {
1975 if (cluster_type == QCOW2_CLUSTER_ZERO_PLAIN) {
1976 qcow2_free_clusters(bs, offset, s->cluster_size,
1977 QCOW2_DISCARD_ALWAYS);
1978 }
1979 goto fail;
1980 }
1981
1982 if (l2_refcount == 1) {
1983 l2_table[j] = cpu_to_be64(offset | QCOW_OFLAG_COPIED);
1984 } else {
1985 l2_table[j] = cpu_to_be64(offset);
1986 }
1987 l2_dirty = true;
1988 }
1989
1990 if (is_active_l1) {
1991 if (l2_dirty) {
1992 qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table);
1993 qcow2_cache_depends_on_flush(s->l2_table_cache);
1994 }
1995 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
1996 } else {
1997 if (l2_dirty) {
1998 ret = qcow2_pre_write_overlap_check(bs,
1999 QCOW2_OL_INACTIVE_L2 | QCOW2_OL_ACTIVE_L2, l2_offset,
2000 s->cluster_size);
2001 if (ret < 0) {
2002 goto fail;
2003 }
2004
2005 ret = bdrv_write(bs->file, l2_offset / BDRV_SECTOR_SIZE,
2006 (void *)l2_table, s->cluster_sectors);
2007 if (ret < 0) {
2008 goto fail;
2009 }
2010 }
2011 }
2012
2013 (*visited_l1_entries)++;
2014 if (status_cb) {
2015 status_cb(bs, *visited_l1_entries, l1_entries, cb_opaque);
2016 }
2017 }
2018
2019 ret = 0;
2020
2021 fail:
2022 if (l2_table) {
2023 if (!is_active_l1) {
2024 qemu_vfree(l2_table);
2025 } else {
2026 qcow2_cache_put(s->l2_table_cache, (void **) &l2_table);
2027 }
2028 }
2029 return ret;
2030 }
2031
2032 /*
2033 * For backed images, expands all zero clusters on the image. For non-backed
2034 * images, deallocates all non-pre-allocated zero clusters (and claims the
2035 * allocation for pre-allocated ones). This is important for downgrading to a
2036 * qcow2 version which doesn't yet support metadata zero clusters.
2037 */
2038 int qcow2_expand_zero_clusters(BlockDriverState *bs,
2039 BlockDriverAmendStatusCB *status_cb,
2040 void *cb_opaque)
2041 {
2042 BDRVQcow2State *s = bs->opaque;
2043 uint64_t *l1_table = NULL;
2044 int64_t l1_entries = 0, visited_l1_entries = 0;
2045 int ret;
2046 int i, j;
2047
2048 if (status_cb) {
2049 l1_entries = s->l1_size;
2050 for (i = 0; i < s->nb_snapshots; i++) {
2051 l1_entries += s->snapshots[i].l1_size;
2052 }
2053 }
2054
2055 ret = expand_zero_clusters_in_l1(bs, s->l1_table, s->l1_size,
2056 &visited_l1_entries, l1_entries,
2057 status_cb, cb_opaque);
2058 if (ret < 0) {
2059 goto fail;
2060 }
2061
2062 /* Inactive L1 tables may point to active L2 tables - therefore it is
2063 * necessary to flush the L2 table cache before trying to access the L2
2064 * tables pointed to by inactive L1 entries (else we might try to expand
2065 * zero clusters that have already been expanded); furthermore, it is also
2066 * necessary to empty the L2 table cache, since it may contain tables which
2067 * are now going to be modified directly on disk, bypassing the cache.
2068 * qcow2_cache_empty() does both for us. */
2069 ret = qcow2_cache_empty(bs, s->l2_table_cache);
2070 if (ret < 0) {
2071 goto fail;
2072 }
2073
2074 for (i = 0; i < s->nb_snapshots; i++) {
2075 int l1_sectors = DIV_ROUND_UP(s->snapshots[i].l1_size *
2076 sizeof(uint64_t), BDRV_SECTOR_SIZE);
2077
2078 uint64_t *new_l1_table =
2079 g_try_realloc(l1_table, l1_sectors * BDRV_SECTOR_SIZE);
2080
2081 if (!new_l1_table) {
2082 ret = -ENOMEM;
2083 goto fail;
2084 }
2085
2086 l1_table = new_l1_table;
2087
2088 ret = bdrv_read(bs->file,
2089 s->snapshots[i].l1_table_offset / BDRV_SECTOR_SIZE,
2090 (void *)l1_table, l1_sectors);
2091 if (ret < 0) {
2092 goto fail;
2093 }
2094
2095 for (j = 0; j < s->snapshots[i].l1_size; j++) {
2096 be64_to_cpus(&l1_table[j]);
2097 }
2098
2099 ret = expand_zero_clusters_in_l1(bs, l1_table, s->snapshots[i].l1_size,
2100 &visited_l1_entries, l1_entries,
2101 status_cb, cb_opaque);
2102 if (ret < 0) {
2103 goto fail;
2104 }
2105 }
2106
2107 ret = 0;
2108
2109 fail:
2110 g_free(l1_table);
2111 return ret;
2112 }
QEMU mirror