]> git.proxmox.com Git - mirror_qemu.git/blame - block/qcow2-snapshot.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'for-upstream' of https://repo.or.cz/qemu/kevin into staging
[mirror_qemu.git] / block / qcow2-snapshot.c
CommitLineData
c142442b
KW		 1/*
2 * Block driver for the QCOW version 2 format
3 *
4 * Copyright (c) 2004-2006 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24
80c71a24 25#include "qemu/osdep.h"
7fa140ab 26#include "sysemu/block-backend.h"
da34e65c 27#include "qapi/error.h"
0d8c41da 28#include "qcow2.h"
58369e22 29#include "qemu/bswap.h"
d49b6836 30#include "qemu/error-report.h"
f348b6d1 31#include "qemu/cutils.h"
5df022cf 32#include "qemu/memalign.h"
c142442b 33
099febf3
HR		 34static void qcow2_free_single_snapshot(BlockDriverState *bs, int i)
35{
36 BDRVQcow2State *s = bs->opaque;
37
38 assert(i >= 0 && i < s->nb_snapshots);
39 g_free(s->snapshots[i].name);
40 g_free(s->snapshots[i].id_str);
41 g_free(s->snapshots[i].unknown_extra_data);
42 memset(&s->snapshots[i], 0, sizeof(s->snapshots[i]));
43}
44
ed6ccf0f 45void qcow2_free_snapshots(BlockDriverState *bs)
c142442b 46{
ff99129a 47 BDRVQcow2State *s = bs->opaque;
c142442b
KW		 48 int i;
49
50 for(i = 0; i < s->nb_snapshots; i++) {
099febf3 51 qcow2_free_single_snapshot(bs, i);
c142442b 52 }
7267c094 53 g_free(s->snapshots);
c142442b
KW		 54 s->snapshots = NULL;
55 s->nb_snapshots = 0;
56}
57
f91f1f15
HR		 58/*
59 * If @repair is true, try to repair a broken snapshot table instead
60 * of just returning an error:
61 *
099febf3
HR		 62 * - If the snapshot table was too long, set *nb_clusters_reduced to
63 * the number of snapshots removed off the end.
64 * The caller will update the on-disk nb_snapshots accordingly;
65 * this leaks clusters, but is safe.
66 * (The on-disk information must be updated before
67 * qcow2_check_refcounts(), because that function relies on
68 * s->nb_snapshots to reflect the on-disk value.)
69 *
f91f1f15
HR		 70 * - If there were snapshots with too much extra metadata, increment
71 * *extra_data_dropped for each.
72 * This requires the caller to eventually rewrite the whole snapshot
73 * table, which requires cluster allocation. Therefore, this should
74 * be done only after qcow2_check_refcounts() made sure the refcount
75 * structures are valid.
76 * (In the meantime, the image is still valid because
77 * qcow2_check_refcounts() does not do anything with snapshots'
78 * extra data.)
79 */
a39bae4e
PB		 80static coroutine_fn GRAPH_RDLOCK
81int qcow2_do_read_snapshots(BlockDriverState *bs, bool repair,
82 int *nb_clusters_reduced,
83 int *extra_data_dropped,
84 Error **errp)
c142442b 85{
ff99129a 86 BDRVQcow2State *s = bs->opaque;
c142442b 87 QCowSnapshotHeader h;
c2c9a466 88 QCowSnapshotExtraData extra;
c142442b
KW		 89 QCowSnapshot *sn;
90 int i, id_str_size, name_size;
099febf3 91 int64_t offset, pre_sn_offset;
62414335 92 uint64_t table_length = 0;
42deb29f 93 int ret;
c142442b
KW		 94
95 if (!s->nb_snapshots) {
96 s->snapshots = NULL;
97 s->snapshots_size = 0;
98 return 0;
99 }
100
101 offset = s->snapshots_offset;
5839e53b 102 s->snapshots = g_new0(QCowSnapshot, s->nb_snapshots);
42deb29f 103
c142442b 104 for(i = 0; i < s->nb_snapshots; i++) {
f91f1f15
HR		 105 bool truncate_unknown_extra_data = false;
106
099febf3 107 pre_sn_offset = offset;
62414335
HR		 108 table_length = ROUND_UP(table_length, 8);
109
42deb29f 110 /* Read statically sized part of the snapshot header */
9e029689 111 offset = ROUND_UP(offset, 8);
a39bae4e 112 ret = bdrv_co_pread(bs->file, offset, sizeof(h), &h, 0);
42deb29f 113 if (ret < 0) {
ecf6c7c0 114 error_setg_errno(errp, -ret, "Failed to read snapshot table");
c142442b 115 goto fail;
42deb29f
KW		 116 }
117
c142442b
KW		 118 offset += sizeof(h);
119 sn = s->snapshots + i;
120 sn->l1_table_offset = be64_to_cpu(h.l1_table_offset);
121 sn->l1_size = be32_to_cpu(h.l1_size);
122 sn->vm_state_size = be32_to_cpu(h.vm_state_size);
123 sn->date_sec = be32_to_cpu(h.date_sec);
124 sn->date_nsec = be32_to_cpu(h.date_nsec);
125 sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec);
fcf9a6b7 126 sn->extra_data_size = be32_to_cpu(h.extra_data_size);
c142442b
KW		 127
128 id_str_size = be16_to_cpu(h.id_str_size);
129 name_size = be16_to_cpu(h.name_size);
130
fcf9a6b7 131 if (sn->extra_data_size > QCOW_MAX_SNAPSHOT_EXTRA_DATA) {
f91f1f15
HR		 132 if (!repair) {
133 ret = -EFBIG;
134 error_setg(errp, "Too much extra metadata in snapshot table "
135 "entry %i", i);
136 error_append_hint(errp, "You can force-remove this extra "
137 "metadata with qemu-img check -r all\n");
138 goto fail;
139 }
140
141 fprintf(stderr, "Discarding too much extra metadata in snapshot "
142 "table entry %i (%" PRIu32 " > %u)\n",
143 i, sn->extra_data_size, QCOW_MAX_SNAPSHOT_EXTRA_DATA);
144
145 (*extra_data_dropped)++;
146 truncate_unknown_extra_data = true;
fcf9a6b7
HR		 147 }
148
149 /* Read known extra data */
a39bae4e
PB		 150 ret = bdrv_co_pread(bs->file, offset,
151 MIN(sizeof(extra), sn->extra_data_size), &extra, 0);
c2c9a466 152 if (ret < 0) {
ecf6c7c0 153 error_setg_errno(errp, -ret, "Failed to read snapshot table");
c2c9a466
KW		 154 goto fail;
155 }
fcf9a6b7 156 offset += MIN(sizeof(extra), sn->extra_data_size);
c142442b 157
fcf9a6b7
HR		 158 if (sn->extra_data_size >= endof(QCowSnapshotExtraData,
159 vm_state_size_large)) {
c2c9a466
KW		 160 sn->vm_state_size = be64_to_cpu(extra.vm_state_size_large);
161 }
162
fcf9a6b7 163 if (sn->extra_data_size >= endof(QCowSnapshotExtraData, disk_size)) {
90b27759
KW		 164 sn->disk_size = be64_to_cpu(extra.disk_size);
165 } else {
166 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE;
167 }
168
bbacffc5
PD		 169 if (sn->extra_data_size >= endof(QCowSnapshotExtraData, icount)) {
170 sn->icount = be64_to_cpu(extra.icount);
171 } else {
172 sn->icount = -1ULL;
173 }
174
fcf9a6b7 175 if (sn->extra_data_size > sizeof(extra)) {
f91f1f15
HR		 176 uint64_t extra_data_end;
177 size_t unknown_extra_data_size;
178
179 extra_data_end = offset + sn->extra_data_size - sizeof(extra);
fcf9a6b7 180
f91f1f15
HR		 181 if (truncate_unknown_extra_data) {
182 sn->extra_data_size = QCOW_MAX_SNAPSHOT_EXTRA_DATA;
183 }
184
185 /* Store unknown extra data */
186 unknown_extra_data_size = sn->extra_data_size - sizeof(extra);
fcf9a6b7 187 sn->unknown_extra_data = g_malloc(unknown_extra_data_size);
a39bae4e
PB		 188 ret = bdrv_co_pread(bs->file, offset, unknown_extra_data_size,
189 sn->unknown_extra_data, 0);
fcf9a6b7 190 if (ret < 0) {
f91f1f15
HR		 191 error_setg_errno(errp, -ret,
192 "Failed to read snapshot table");
fcf9a6b7
HR		 193 goto fail;
194 }
f91f1f15 195 offset = extra_data_end;
fcf9a6b7
HR		 196 }
197
42deb29f 198 /* Read snapshot ID */
7267c094 199 sn->id_str = g_malloc(id_str_size + 1);
a39bae4e 200 ret = bdrv_co_pread(bs->file, offset, id_str_size, sn->id_str, 0);
42deb29f 201 if (ret < 0) {
ecf6c7c0 202 error_setg_errno(errp, -ret, "Failed to read snapshot table");
c142442b 203 goto fail;
42deb29f 204 }
c142442b
KW		 205 offset += id_str_size;
206 sn->id_str[id_str_size] = '\0';
207
42deb29f 208 /* Read snapshot name */
7267c094 209 sn->name = g_malloc(name_size + 1);
a39bae4e 210 ret = bdrv_co_pread(bs->file, offset, name_size, sn->name, 0);
42deb29f 211 if (ret < 0) {
ecf6c7c0 212 error_setg_errno(errp, -ret, "Failed to read snapshot table");
c142442b 213 goto fail;
42deb29f 214 }
c142442b
KW		 215 offset += name_size;
216 sn->name[name_size] = '\0';
5dae6e30 217
62414335
HR		 218 /* Note that the extra data may have been truncated */
219 table_length += sizeof(h) + sn->extra_data_size + id_str_size +
220 name_size;
221 if (!repair) {
222 assert(table_length == offset - s->snapshots_offset);
223 }
224
225 if (table_length > QCOW_MAX_SNAPSHOTS_SIZE ||
226 offset - s->snapshots_offset > INT_MAX)
227 {
099febf3
HR		 228 if (!repair) {
229 ret = -EFBIG;
230 error_setg(errp, "Snapshot table is too big");
231 error_append_hint(errp, "You can force-remove all %u "
232 "overhanging snapshots with qemu-img check "
233 "-r all\n", s->nb_snapshots - i);
234 goto fail;
235 }
236
237 fprintf(stderr, "Discarding %u overhanging snapshots (snapshot "
238 "table is too big)\n", s->nb_snapshots - i);
239
240 *nb_clusters_reduced += (s->nb_snapshots - i);
241
242 /* Discard current snapshot also */
243 qcow2_free_single_snapshot(bs, i);
244
245 /*
246 * This leaks all the rest of the snapshot table and the
247 * snapshots' clusters, but we run in check -r all mode,
248 * so qcow2_check_refcounts() will take care of it.
249 */
250 s->nb_snapshots = i;
251 offset = pre_sn_offset;
252 break;
5dae6e30 253 }
c142442b 254 }
42deb29f 255
5dae6e30 256 assert(offset - s->snapshots_offset <= INT_MAX);
c142442b
KW		 257 s->snapshots_size = offset - s->snapshots_offset;
258 return 0;
42deb29f
KW		 259
260fail:
ed6ccf0f 261 qcow2_free_snapshots(bs);
42deb29f 262 return ret;
c142442b
KW		 263}
264
a39bae4e 265int coroutine_fn qcow2_read_snapshots(BlockDriverState *bs, Error **errp)
f91f1f15 266{
099febf3 267 return qcow2_do_read_snapshots(bs, false, NULL, NULL, errp);
f91f1f15
HR		 268}
269
c142442b 270/* add at the end of the file a new list of snapshots */
e0314b56 271int qcow2_write_snapshots(BlockDriverState *bs)
c142442b 272{
ff99129a 273 BDRVQcow2State *s = bs->opaque;
c142442b
KW		 274 QCowSnapshot *sn;
275 QCowSnapshotHeader h;
c2c9a466 276 QCowSnapshotExtraData extra;
c142442b 277 int i, name_size, id_str_size, snapshots_size;
d69969c4
KW		 278 struct {
279 uint32_t nb_snapshots;
280 uint64_t snapshots_offset;
281 } QEMU_PACKED header_data;
5dae6e30 282 int64_t offset, snapshots_offset = 0;
07fd8779 283 int ret;
c142442b
KW		 284
285 /* compute the size of the snapshots */
286 offset = 0;
287 for(i = 0; i < s->nb_snapshots; i++) {
288 sn = s->snapshots + i;
9e029689 289 offset = ROUND_UP(offset, 8);
c142442b 290 offset += sizeof(h);
fcf9a6b7 291 offset += MAX(sizeof(extra), sn->extra_data_size);
c142442b
KW		 292 offset += strlen(sn->id_str);
293 offset += strlen(sn->name);
5dae6e30
KW		 294
295 if (offset > QCOW_MAX_SNAPSHOTS_SIZE) {
296 ret = -EFBIG;
297 goto fail;
298 }
c142442b 299 }
5dae6e30
KW		 300
301 assert(offset <= INT_MAX);
c142442b
KW		 302 snapshots_size = offset;
303
07fd8779 304 /* Allocate space for the new snapshot list */
ed6ccf0f 305 snapshots_offset = qcow2_alloc_clusters(bs, snapshots_size);
c142442b 306 offset = snapshots_offset;
5d757b56 307 if (offset < 0) {
37d41f0a
HR		 308 ret = offset;
309 goto fail;
5d757b56 310 }
f6977f15
SH		 311 ret = bdrv_flush(bs);
312 if (ret < 0) {
37d41f0a 313 goto fail;
f6977f15 314 }
c142442b 315
cf93980e
HR		 316 /* The snapshot list position has not yet been updated, so these clusters
317 * must indeed be completely free */
966b000f 318 ret = qcow2_pre_write_overlap_check(bs, 0, offset, snapshots_size, false);
cf93980e 319 if (ret < 0) {
37d41f0a 320 goto fail;
cf93980e
HR		 321 }
322
323
07fd8779 324 /* Write all snapshots to the new list */
c142442b
KW		 325 for(i = 0; i < s->nb_snapshots; i++) {
326 sn = s->snapshots + i;
327 memset(&h, 0, sizeof(h));
328 h.l1_table_offset = cpu_to_be64(sn->l1_table_offset);
329 h.l1_size = cpu_to_be32(sn->l1_size);
c2c9a466
KW		 330 /* If it doesn't fit in 32 bit, older implementations should treat it
331 * as a disk-only snapshot rather than truncate the VM state */
332 if (sn->vm_state_size <= 0xffffffff) {
333 h.vm_state_size = cpu_to_be32(sn->vm_state_size);
334 }
c142442b
KW		 335 h.date_sec = cpu_to_be32(sn->date_sec);
336 h.date_nsec = cpu_to_be32(sn->date_nsec);
337 h.vm_clock_nsec = cpu_to_be64(sn->vm_clock_nsec);
fcf9a6b7
HR		 338 h.extra_data_size = cpu_to_be32(MAX(sizeof(extra),
339 sn->extra_data_size));
c2c9a466
KW		 340
341 memset(&extra, 0, sizeof(extra));
342 extra.vm_state_size_large = cpu_to_be64(sn->vm_state_size);
90b27759 343 extra.disk_size = cpu_to_be64(sn->disk_size);
bbacffc5 344 extra.icount = cpu_to_be64(sn->icount);
c142442b
KW		 345
346 id_str_size = strlen(sn->id_str);
347 name_size = strlen(sn->name);
88fb1535 348 assert(id_str_size <= UINT16_MAX && name_size <= UINT16_MAX);
c142442b
KW		 349 h.id_str_size = cpu_to_be16(id_str_size);
350 h.name_size = cpu_to_be16(name_size);
9e029689 351 offset = ROUND_UP(offset, 8);
07fd8779 352
32cc71de 353 ret = bdrv_pwrite(bs->file, offset, sizeof(h), &h, 0);
07fd8779 354 if (ret < 0) {
c142442b 355 goto fail;
07fd8779 356 }
c142442b 357 offset += sizeof(h);
07fd8779 358
32cc71de 359 ret = bdrv_pwrite(bs->file, offset, sizeof(extra), &extra, 0);
c2c9a466
KW		 360 if (ret < 0) {
361 goto fail;
362 }
363 offset += sizeof(extra);
364
fcf9a6b7
HR		 365 if (sn->extra_data_size > sizeof(extra)) {
366 size_t unknown_extra_data_size =
367 sn->extra_data_size - sizeof(extra);
368
369 /* qcow2_read_snapshots() ensures no unbounded allocation */
370 assert(unknown_extra_data_size <= BDRV_REQUEST_MAX_BYTES);
371 assert(sn->unknown_extra_data);
372
32cc71de
AF		 373 ret = bdrv_pwrite(bs->file, offset, unknown_extra_data_size,
374 sn->unknown_extra_data, 0);
fcf9a6b7
HR		 375 if (ret < 0) {
376 goto fail;
377 }
378 offset += unknown_extra_data_size;
379 }
380
32cc71de 381 ret = bdrv_pwrite(bs->file, offset, id_str_size, sn->id_str, 0);
07fd8779 382 if (ret < 0) {
c142442b 383 goto fail;
07fd8779 384 }
c142442b 385 offset += id_str_size;
07fd8779 386
32cc71de 387 ret = bdrv_pwrite(bs->file, offset, name_size, sn->name, 0);
07fd8779 388 if (ret < 0) {
c142442b 389 goto fail;
07fd8779 390 }
c142442b
KW		 391 offset += name_size;
392 }
393
07fd8779
KW		 394 /*
395 * Update the header to point to the new snapshot table. This requires the
396 * new table and its refcounts to be stable on disk.
07fd8779
KW		 397 */
398 ret = bdrv_flush(bs);
399 if (ret < 0) {
400 goto fail;
401 }
402
d69969c4 403 QEMU_BUILD_BUG_ON(offsetof(QCowHeader, snapshots_offset) !=
d8fa8442 404 endof(QCowHeader, nb_snapshots));
d69969c4
KW		 405
406 header_data.nb_snapshots = cpu_to_be32(s->nb_snapshots);
407 header_data.snapshots_offset = cpu_to_be64(snapshots_offset);
07fd8779 408
d9ca2ea2 409 ret = bdrv_pwrite_sync(bs->file, offsetof(QCowHeader, nb_snapshots),
32cc71de 410 sizeof(header_data), &header_data, 0);
07fd8779 411 if (ret < 0) {
c142442b 412 goto fail;
07fd8779 413 }
c142442b
KW		 414
415 /* free the old snapshot table */
6cfcb9b8
KW		 416 qcow2_free_clusters(bs, s->snapshots_offset, s->snapshots_size,
417 QCOW2_DISCARD_SNAPSHOT);
c142442b
KW		 418 s->snapshots_offset = snapshots_offset;
419 s->snapshots_size = snapshots_size;
420 return 0;
07fd8779
KW		 421
422fail:
9186ad96
HR		 423 if (snapshots_offset > 0) {
424 qcow2_free_clusters(bs, snapshots_offset, snapshots_size,
425 QCOW2_DISCARD_ALWAYS);
426 }
07fd8779 427 return ret;
c142442b
KW		 428}
429
8bc584fe
HR		 430int coroutine_fn qcow2_check_read_snapshot_table(BlockDriverState *bs,
431 BdrvCheckResult *result,
432 BdrvCheckMode fix)
433{
434 BDRVQcow2State *s = bs->opaque;
435 Error *local_err = NULL;
099febf3 436 int nb_clusters_reduced = 0;
f91f1f15 437 int extra_data_dropped = 0;
8bc584fe
HR		 438 int ret;
439 struct {
440 uint32_t nb_snapshots;
441 uint64_t snapshots_offset;
442 } QEMU_PACKED snapshot_table_pointer;
443
444 /* qcow2_do_open() discards this information in check mode */
38505e2a
AF		 445 ret = bdrv_co_pread(bs->file, offsetof(QCowHeader, nb_snapshots),
446 sizeof(snapshot_table_pointer), &snapshot_table_pointer,
447 0);
8bc584fe
HR		 448 if (ret < 0) {
449 result->check_errors++;
450 fprintf(stderr, "ERROR failed to read the snapshot table pointer from "
451 "the image header: %s\n", strerror(-ret));
452 return ret;
453 }
454
455 s->snapshots_offset = be64_to_cpu(snapshot_table_pointer.snapshots_offset);
456 s->nb_snapshots = be32_to_cpu(snapshot_table_pointer.nb_snapshots);
457
d2b1d1ec
HR		 458 if (s->nb_snapshots > QCOW_MAX_SNAPSHOTS && (fix & BDRV_FIX_ERRORS)) {
459 fprintf(stderr, "Discarding %u overhanging snapshots\n",
460 s->nb_snapshots - QCOW_MAX_SNAPSHOTS);
461
462 nb_clusters_reduced += s->nb_snapshots - QCOW_MAX_SNAPSHOTS;
463 s->nb_snapshots = QCOW_MAX_SNAPSHOTS;
464 }
465
8bc584fe
HR		 466 ret = qcow2_validate_table(bs, s->snapshots_offset, s->nb_snapshots,
467 sizeof(QCowSnapshotHeader),
468 sizeof(QCowSnapshotHeader) * QCOW_MAX_SNAPSHOTS,
469 "snapshot table", &local_err);
470 if (ret < 0) {
471 result->check_errors++;
472 error_reportf_err(local_err, "ERROR ");
473
d2b1d1ec
HR		 474 if (s->nb_snapshots > QCOW_MAX_SNAPSHOTS) {
475 fprintf(stderr, "You can force-remove all %u overhanging snapshots "
476 "with qemu-img check -r all\n",
477 s->nb_snapshots - QCOW_MAX_SNAPSHOTS);
478 }
479
8bc584fe
HR		 480 /* We did not read the snapshot table, so invalidate this information */
481 s->snapshots_offset = 0;
482 s->nb_snapshots = 0;
483
484 return ret;
485 }
486
487 qemu_co_mutex_unlock(&s->lock);
f91f1f15 488 ret = qcow2_do_read_snapshots(bs, fix & BDRV_FIX_ERRORS,
099febf3
HR		 489 &nb_clusters_reduced, &extra_data_dropped,
490 &local_err);
8bc584fe
HR		 491 qemu_co_mutex_lock(&s->lock);
492 if (ret < 0) {
493 result->check_errors++;
494 error_reportf_err(local_err,
495 "ERROR failed to read the snapshot table: ");
496
497 /* We did not read the snapshot table, so invalidate this information */
498 s->snapshots_offset = 0;
499 s->nb_snapshots = 0;
500
501 return ret;
502 }
099febf3
HR		 503 result->corruptions += nb_clusters_reduced + extra_data_dropped;
504
505 if (nb_clusters_reduced) {
506 /*
507 * Update image header now, because:
508 * (1) qcow2_check_refcounts() relies on s->nb_snapshots to be
509 * the same as what the image header says,
510 * (2) this leaks clusters, but qcow2_check_refcounts() will
511 * fix that.
512 */
513 assert(fix & BDRV_FIX_ERRORS);
514
515 snapshot_table_pointer.nb_snapshots = cpu_to_be32(s->nb_snapshots);
a8f0e83c
AF		 516 ret = bdrv_co_pwrite_sync(bs->file, offsetof(QCowHeader, nb_snapshots),
517 sizeof(snapshot_table_pointer.nb_snapshots),
518 &snapshot_table_pointer.nb_snapshots, 0);
099febf3
HR		 519 if (ret < 0) {
520 result->check_errors++;
521 fprintf(stderr, "ERROR failed to update the snapshot count in the "
522 "image header: %s\n", strerror(-ret));
523 return ret;
524 }
525
526 result->corruptions_fixed += nb_clusters_reduced;
527 result->corruptions -= nb_clusters_reduced;
528 }
8bc584fe 529
e40e6e88
HR		 530 /*
531 * All of v3 images' snapshot table entries need to have at least
532 * 16 bytes of extra data.
533 */
534 if (s->qcow_version >= 3) {
535 int i;
536 for (i = 0; i < s->nb_snapshots; i++) {
537 if (s->snapshots[i].extra_data_size <
538 sizeof_field(QCowSnapshotExtraData, vm_state_size_large) +
539 sizeof_field(QCowSnapshotExtraData, disk_size))
540 {
541 result->corruptions++;
542 fprintf(stderr, "%s snapshot table entry %i is incomplete\n",
543 fix & BDRV_FIX_ERRORS ? "Repairing" : "ERROR", i);
544 }
545 }
546 }
547
8bc584fe
HR		 548 return 0;
549}
550
fe446b5d
HR		 551int coroutine_fn qcow2_check_fix_snapshot_table(BlockDriverState *bs,
552 BdrvCheckResult *result,
553 BdrvCheckMode fix)
554{
555 BDRVQcow2State *s = bs->opaque;
556 int ret;
557
558 if (result->corruptions && (fix & BDRV_FIX_ERRORS)) {
559 qemu_co_mutex_unlock(&s->lock);
560 ret = qcow2_write_snapshots(bs);
561 qemu_co_mutex_lock(&s->lock);
562 if (ret < 0) {
563 result->check_errors++;
564 fprintf(stderr, "ERROR failed to update snapshot table: %s\n",
565 strerror(-ret));
566 return ret;
567 }
568
569 result->corruptions_fixed += result->corruptions;
570 result->corruptions = 0;
571 }
572
573 return 0;
574}
575
c142442b
KW		 576static void find_new_snapshot_id(BlockDriverState *bs,
577 char *id_str, int id_str_size)
578{
ff99129a 579 BDRVQcow2State *s = bs->opaque;
c142442b 580 QCowSnapshot *sn;
00c49b21
HR		 581 int i;
582 unsigned long id, id_max = 0;
c142442b
KW		 583
584 for(i = 0; i < s->nb_snapshots; i++) {
585 sn = s->snapshots + i;
586 id = strtoul(sn->id_str, NULL, 10);
587 if (id > id_max)
588 id_max = id;
589 }
00c49b21 590 snprintf(id_str, id_str_size, "%lu", id_max + 1);
c142442b
KW		 591}
592
a89d89d3
WX		 593static int find_snapshot_by_id_and_name(BlockDriverState *bs,
594 const char *id,
595 const char *name)
c142442b 596{
ff99129a 597 BDRVQcow2State *s = bs->opaque;
c142442b
KW		 598 int i;
599
a89d89d3
WX		 600 if (id && name) {
601 for (i = 0; i < s->nb_snapshots; i++) {
602 if (!strcmp(s->snapshots[i].id_str, id) &&
603 !strcmp(s->snapshots[i].name, name)) {
604 return i;
605 }
606 }
607 } else if (id) {
608 for (i = 0; i < s->nb_snapshots; i++) {
609 if (!strcmp(s->snapshots[i].id_str, id)) {
610 return i;
611 }
612 }
613 } else if (name) {
614 for (i = 0; i < s->nb_snapshots; i++) {
615 if (!strcmp(s->snapshots[i].name, name)) {
616 return i;
617 }
618 }
c142442b 619 }
a89d89d3 620
c142442b
KW		 621 return -1;
622}
623
a89d89d3
WX		 624static int find_snapshot_by_id_or_name(BlockDriverState *bs,
625 const char *id_or_name)
c142442b 626{
a89d89d3 627 int ret;
c142442b 628
a89d89d3
WX		 629 ret = find_snapshot_by_id_and_name(bs, id_or_name, NULL);
630 if (ret >= 0) {
c142442b 631 return ret;
c142442b 632 }
a89d89d3 633 return find_snapshot_by_id_and_name(bs, NULL, id_or_name);
c142442b
KW		 634}
635
636/* if no id is provided, a new one is constructed */
ed6ccf0f 637int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info)
c142442b 638{
ff99129a 639 BDRVQcow2State *s = bs->opaque;
d1ea98d5
KW		 640 QCowSnapshot *new_snapshot_list = NULL;
641 QCowSnapshot *old_snapshot_list = NULL;
642 QCowSnapshot sn1, *sn = &sn1;
c142442b
KW		 643 int i, ret;
644 uint64_t *l1_table = NULL;
5d757b56 645 int64_t l1_table_offset;
c142442b 646
ce48f2f4
KW		 647 if (s->nb_snapshots >= QCOW_MAX_SNAPSHOTS) {
648 return -EFBIG;
649 }
650
aa8b34c1
KW		 651 if (has_data_file(bs)) {
652 return -ENOTSUP;
653 }
654
c142442b
KW		 655 memset(sn, 0, sizeof(*sn));
656
407bc150
YW		 657 /* Generate an ID */
658 find_new_snapshot_id(bs, sn_info->id_str, sizeof(sn_info->id_str));
c142442b 659
03343166 660 /* Populate sn with passed data */
7267c094 661 sn->id_str = g_strdup(sn_info->id_str);
7267c094 662 sn->name = g_strdup(sn_info->name);
03343166 663
90b27759 664 sn->disk_size = bs->total_sectors * BDRV_SECTOR_SIZE;
c142442b
KW		 665 sn->vm_state_size = sn_info->vm_state_size;
666 sn->date_sec = sn_info->date_sec;
667 sn->date_nsec = sn_info->date_nsec;
668 sn->vm_clock_nsec = sn_info->vm_clock_nsec;
b39847a5 669 sn->icount = sn_info->icount;
fcf9a6b7 670 sn->extra_data_size = sizeof(QCowSnapshotExtraData);
c142442b 671
03343166 672 /* Allocate the L1 table of the snapshot and copy the current one there. */
02b1ecfa 673 l1_table_offset = qcow2_alloc_clusters(bs, s->l1_size * L1E_SIZE);
5d757b56 674 if (l1_table_offset < 0) {
d1ea98d5 675 ret = l1_table_offset;
5d757b56
KW		 676 goto fail;
677 }
678
679 sn->l1_table_offset = l1_table_offset;
c142442b
KW		 680 sn->l1_size = s->l1_size;
681
5839e53b 682 l1_table = g_try_new(uint64_t, s->l1_size);
de82815d
KW		 683 if (s->l1_size && l1_table == NULL) {
684 ret = -ENOMEM;
685 goto fail;
686 }
687
c142442b
KW		 688 for(i = 0; i < s->l1_size; i++) {
689 l1_table[i] = cpu_to_be64(s->l1_table[i]);
690 }
d1ea98d5 691
231bb267 692 ret = qcow2_pre_write_overlap_check(bs, 0, sn->l1_table_offset,
02b1ecfa 693 s->l1_size * L1E_SIZE, false);
cf93980e
HR		 694 if (ret < 0) {
695 goto fail;
696 }
697
32cc71de
AF		 698 ret = bdrv_pwrite(bs->file, sn->l1_table_offset, s->l1_size * L1E_SIZE,
699 l1_table, 0);
d1ea98d5 700 if (ret < 0) {
c142442b 701 goto fail;
d1ea98d5
KW		 702 }
703
7267c094 704 g_free(l1_table);
c142442b
KW		 705 l1_table = NULL;
706
d1ea98d5
KW		 707 /*
708 * Increase the refcounts of all clusters and make sure everything is
709 * stable on disk before updating the snapshot table to contain a pointer
710 * to the new L1 table.
711 */
712 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 1);
713 if (ret < 0) {
714 goto fail;
715 }
716
d1ea98d5 717 /* Append the new snapshot to the snapshot list */
5839e53b 718 new_snapshot_list = g_new(QCowSnapshot, s->nb_snapshots + 1);
c142442b 719 if (s->snapshots) {
d1ea98d5
KW		 720 memcpy(new_snapshot_list, s->snapshots,
721 s->nb_snapshots * sizeof(QCowSnapshot));
722 old_snapshot_list = s->snapshots;
c142442b 723 }
d1ea98d5 724 s->snapshots = new_snapshot_list;
c142442b
KW		 725 s->snapshots[s->nb_snapshots++] = *sn;
726
d1ea98d5
KW		 727 ret = qcow2_write_snapshots(bs);
728 if (ret < 0) {
729 g_free(s->snapshots);
730 s->snapshots = old_snapshot_list;
84757f7e 731 s->nb_snapshots--;
c142442b 732 goto fail;
d1ea98d5
KW		 733 }
734
735 g_free(old_snapshot_list);
736
1ebf561c
KW		 737 /* The VM state isn't needed any more in the active L1 table; in fact, it
738 * hurts by causing expensive COW for the next snapshot. */
d2cb36af 739 qcow2_cluster_discard(bs, qcow2_vm_state_offset(s),
9e029689 740 ROUND_UP(sn->vm_state_size, s->cluster_size),
d2cb36af 741 QCOW2_DISCARD_NEVER, false);
1ebf561c 742
c142442b 743#ifdef DEBUG_ALLOC
6cbc3031
PH		 744 {
745 BdrvCheckResult result = {0};
b35278f7 746 qcow2_check_refcounts(bs, &result, 0);
6cbc3031 747 }
c142442b
KW		 748#endif
749 return 0;
03343166
KW		 750
751fail:
752 g_free(sn->id_str);
7267c094
AL		 753 g_free(sn->name);
754 g_free(l1_table);
d1ea98d5
KW		 755
756 return ret;
c142442b
KW		 757}
758
759/* copy the snapshot 'snapshot_name' into the current disk image */
ed6ccf0f 760int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id)
c142442b 761{
ff99129a 762 BDRVQcow2State *s = bs->opaque;
c142442b 763 QCowSnapshot *sn;
a8475d75 764 Error *local_err = NULL;
35d7ace7
KW		 765 int i, snapshot_index;
766 int cur_l1_bytes, sn_l1_bytes;
589f284b 767 int ret;
43a0cac4 768 uint64_t *sn_l1_table = NULL;
c142442b 769
aa8b34c1
KW		 770 if (has_data_file(bs)) {
771 return -ENOTSUP;
772 }
773
589f284b 774 /* Search the snapshot */
c142442b 775 snapshot_index = find_snapshot_by_id_or_name(bs, snapshot_id);
589f284b 776 if (snapshot_index < 0) {
c142442b 777 return -ENOENT;
589f284b 778 }
c142442b
KW		 779 sn = &s->snapshots[snapshot_index];
780
a8475d75 781 ret = qcow2_validate_table(bs, sn->l1_table_offset, sn->l1_size,
02b1ecfa 782 L1E_SIZE, QCOW_MAX_L1_SIZE,
a8475d75
AG		 783 "Snapshot L1 table", &local_err);
784 if (ret < 0) {
785 error_report_err(local_err);
786 goto fail;
787 }
788
90b27759 789 if (sn->disk_size != bs->total_sectors * BDRV_SECTOR_SIZE) {
7fa140ab
EB		 790 BlockBackend *blk = blk_new_with_bs(bs, BLK_PERM_RESIZE, BLK_PERM_ALL,
791 &local_err);
792 if (!blk) {
793 error_report_err(local_err);
794 ret = -ENOTSUP;
795 goto fail;
796 }
797
798 ret = blk_truncate(blk, sn->disk_size, true, PREALLOC_MODE_OFF, 0,
799 &local_err);
800 blk_unref(blk);
801 if (ret < 0) {
802 error_report_err(local_err);
803 goto fail;
804 }
90b27759
KW		 805 }
806
589f284b
KW		 807 /*
808 * Make sure that the current L1 table is big enough to contain the whole
809 * L1 table of the snapshot. If the snapshot L1 table is smaller, the
810 * current one must be padded with zeros.
811 */
812 ret = qcow2_grow_l1_table(bs, sn->l1_size, true);
813 if (ret < 0) {
c142442b 814 goto fail;
589f284b 815 }
c142442b 816
02b1ecfa
AG		 817 cur_l1_bytes = s->l1_size * L1E_SIZE;
818 sn_l1_bytes = sn->l1_size * L1E_SIZE;
35d7ace7 819
589f284b
KW		 820 /*
821 * Copy the snapshot L1 table to the current L1 table.
822 *
823 * Before overwriting the old current L1 table on disk, make sure to
824 * increase all refcounts for the clusters referenced by the new one.
43a0cac4
KW		 825 * Decrease the refcount referenced by the old one only when the L1
826 * table is overwritten.
589f284b 827 */
de82815d
KW		 828 sn_l1_table = g_try_malloc0(cur_l1_bytes);
829 if (cur_l1_bytes && sn_l1_table == NULL) {
830 ret = -ENOMEM;
831 goto fail;
832 }
43a0cac4 833
32cc71de 834 ret = bdrv_pread(bs->file, sn->l1_table_offset, sn_l1_bytes, sn_l1_table,
53fb7844 835 0);
43a0cac4
KW		 836 if (ret < 0) {
837 goto fail;
838 }
839
840 ret = qcow2_update_snapshot_refcount(bs, sn->l1_table_offset,
841 sn->l1_size, 1);
589f284b 842 if (ret < 0) {
c142442b 843 goto fail;
589f284b
KW		 844 }
845
231bb267 846 ret = qcow2_pre_write_overlap_check(bs, QCOW2_OL_ACTIVE_L1,
966b000f
KW		 847 s->l1_table_offset, cur_l1_bytes,
848 false);
cf93980e
HR		 849 if (ret < 0) {
850 goto fail;
851 }
852
32cc71de
AF		 853 ret = bdrv_pwrite_sync(bs->file, s->l1_table_offset, cur_l1_bytes,
854 sn_l1_table, 0);
589f284b 855 if (ret < 0) {
c142442b 856 goto fail;
589f284b
KW		 857 }
858
43a0cac4
KW		 859 /*
860 * Decrease refcount of clusters of current L1 table.
861 *
862 * At this point, the in-memory s->l1_table points to the old L1 table,
863 * whereas on disk we already have the new one.
864 *
865 * qcow2_update_snapshot_refcount special cases the current L1 table to use
866 * the in-memory data instead of really using the offset to load a new one,
867 * which is why this works.
868 */
869 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset,
870 s->l1_size, -1);
871
872 /*
873 * Now update the in-memory L1 table to be in sync with the on-disk one. We
874 * need to do this even if updating refcounts failed.
875 */
c142442b 876 for(i = 0;i < s->l1_size; i++) {
43a0cac4 877 s->l1_table[i] = be64_to_cpu(sn_l1_table[i]);
c142442b
KW		 878 }
879
43a0cac4
KW		 880 if (ret < 0) {
881 goto fail;
882 }
883
884 g_free(sn_l1_table);
885 sn_l1_table = NULL;
886
887 /*
888 * Update QCOW_OFLAG_COPIED in the active L1 table (it may have changed
889 * when we decreased the refcount of the old snapshot.
890 */
891 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0);
589f284b 892 if (ret < 0) {
c142442b 893 goto fail;
589f284b 894 }
c142442b
KW		 895
896#ifdef DEBUG_ALLOC
6cbc3031
PH		 897 {
898 BdrvCheckResult result = {0};
b35278f7 899 qcow2_check_refcounts(bs, &result, 0);
6cbc3031 900 }
c142442b
KW		 901#endif
902 return 0;
589f284b
KW		 903
904fail:
43a0cac4 905 g_free(sn_l1_table);
589f284b 906 return ret;
c142442b
KW		 907}
908
a89d89d3
WX		 909int qcow2_snapshot_delete(BlockDriverState *bs,
910 const char *snapshot_id,
911 const char *name,
912 Error **errp)
c142442b 913{
ff99129a 914 BDRVQcow2State *s = bs->opaque;
9a476780 915 QCowSnapshot sn;
c142442b
KW		 916 int snapshot_index, ret;
917
aa8b34c1
KW		 918 if (has_data_file(bs)) {
919 return -ENOTSUP;
920 }
921
9a476780 922 /* Search the snapshot */
a89d89d3 923 snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name);
9a476780 924 if (snapshot_index < 0) {
a89d89d3 925 error_setg(errp, "Can't find the snapshot");
c142442b 926 return -ENOENT;
9a476780
KW		 927 }
928 sn = s->snapshots[snapshot_index];
c142442b 929
db5794f1 930 ret = qcow2_validate_table(bs, sn.l1_table_offset, sn.l1_size,
02b1ecfa 931 L1E_SIZE, QCOW_MAX_L1_SIZE,
db5794f1
AG		 932 "Snapshot L1 table", errp);
933 if (ret < 0) {
934 return ret;
935 }
936
9a476780
KW		 937 /* Remove it from the snapshot list */
938 memmove(s->snapshots + snapshot_index,
939 s->snapshots + snapshot_index + 1,
940 (s->nb_snapshots - snapshot_index - 1) * sizeof(sn));
941 s->nb_snapshots--;
942 ret = qcow2_write_snapshots(bs);
943 if (ret < 0) {
39a611a3
JC		 944 error_setg_errno(errp, -ret,
945 "Failed to remove snapshot from snapshot list");
c142442b 946 return ret;
9a476780
KW		 947 }
948
949 /*
950 * The snapshot is now unused, clean up. If we fail after this point, we
951 * won't recover but just leak clusters.
952 */
fcf9a6b7 953 g_free(sn.unknown_extra_data);
9a476780
KW		 954 g_free(sn.id_str);
955 g_free(sn.name);
956
957 /*
958 * Now decrease the refcounts of clusters referenced by the snapshot and
959 * free the L1 table.
960 */
961 ret = qcow2_update_snapshot_refcount(bs, sn.l1_table_offset,
962 sn.l1_size, -1);
963 if (ret < 0) {
39a611a3 964 error_setg_errno(errp, -ret, "Failed to free the cluster and L1 table");
c142442b 965 return ret;
9a476780 966 }
02b1ecfa 967 qcow2_free_clusters(bs, sn.l1_table_offset, sn.l1_size * L1E_SIZE,
6cfcb9b8 968 QCOW2_DISCARD_SNAPSHOT);
c142442b 969
9a476780
KW		 970 /* must update the copied flag on the current cluster offsets */
971 ret = qcow2_update_snapshot_refcount(bs, s->l1_table_offset, s->l1_size, 0);
c142442b 972 if (ret < 0) {
39a611a3
JC		 973 error_setg_errno(errp, -ret,
974 "Failed to update snapshot status in disk");
c142442b
KW		 975 return ret;
976 }
9a476780 977
c142442b 978#ifdef DEBUG_ALLOC
6cbc3031
PH		 979 {
980 BdrvCheckResult result = {0};
b35278f7 981 qcow2_check_refcounts(bs, &result, 0);
6cbc3031 982 }
c142442b
KW		 983#endif
984 return 0;
985}
986
ed6ccf0f 987int qcow2_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab)
c142442b 988{
ff99129a 989 BDRVQcow2State *s = bs->opaque;
c142442b
KW		 990 QEMUSnapshotInfo *sn_tab, *sn_info;
991 QCowSnapshot *sn;
992 int i;
993
aa8b34c1
KW		 994 if (has_data_file(bs)) {
995 return -ENOTSUP;
996 }
c142442b
KW		 997 if (!s->nb_snapshots) {
998 *psn_tab = NULL;
999 return s->nb_snapshots;
1000 }
1001
5839e53b 1002 sn_tab = g_new0(QEMUSnapshotInfo, s->nb_snapshots);
c142442b
KW		 1003 for(i = 0; i < s->nb_snapshots; i++) {
1004 sn_info = sn_tab + i;
1005 sn = s->snapshots + i;
1006 pstrcpy(sn_info->id_str, sizeof(sn_info->id_str),
1007 sn->id_str);
1008 pstrcpy(sn_info->name, sizeof(sn_info->name),
1009 sn->name);
1010 sn_info->vm_state_size = sn->vm_state_size;
1011 sn_info->date_sec = sn->date_sec;
1012 sn_info->date_nsec = sn->date_nsec;
1013 sn_info->vm_clock_nsec = sn->vm_clock_nsec;
b39847a5 1014 sn_info->icount = sn->icount;
c142442b
KW		 1015 }
1016 *psn_tab = sn_tab;
1017 return s->nb_snapshots;
1018}
1019
7b4c4781
WX		 1020int qcow2_snapshot_load_tmp(BlockDriverState *bs,
1021 const char *snapshot_id,
1022 const char *name,
1023 Error **errp)
51ef6727 1024{
e3f652b3 1025 int i, snapshot_index;
ff99129a 1026 BDRVQcow2State *s = bs->opaque;
51ef6727 1027 QCowSnapshot *sn;
e3f652b3
KW		 1028 uint64_t *new_l1_table;
1029 int new_l1_bytes;
1030 int ret;
51ef6727 1031
307261b2 1032 assert(bdrv_is_read_only(bs));
e3f652b3
KW		 1033
1034 /* Search the snapshot */
7b4c4781 1035 snapshot_index = find_snapshot_by_id_and_name(bs, snapshot_id, name);
51ef6727 1036 if (snapshot_index < 0) {
7b4c4781
WX		 1037 error_setg(errp,
1038 "Can't find snapshot");
51ef6727 1039 return -ENOENT;
1040 }
51ef6727 1041 sn = &s->snapshots[snapshot_index];
51ef6727 1042
e3f652b3 1043 /* Allocate and read in the snapshot's L1 table */
314e8d39 1044 ret = qcow2_validate_table(bs, sn->l1_table_offset, sn->l1_size,
02b1ecfa 1045 L1E_SIZE, QCOW_MAX_L1_SIZE,
314e8d39
AG		 1046 "Snapshot L1 table", errp);
1047 if (ret < 0) {
1048 return ret;
6a83f8b5 1049 }
02b1ecfa 1050 new_l1_bytes = sn->l1_size * L1E_SIZE;
ef97d608 1051 new_l1_table = qemu_try_blockalign(bs->file->bs, new_l1_bytes);
de82815d
KW		 1052 if (new_l1_table == NULL) {
1053 return -ENOMEM;
1054 }
51ef6727 1055
32cc71de
AF		 1056 ret = bdrv_pread(bs->file, sn->l1_table_offset, new_l1_bytes,
1057 new_l1_table, 0);
e3f652b3 1058 if (ret < 0) {
7b4c4781 1059 error_setg(errp, "Failed to read l1 table for snapshot");
de82815d 1060 qemu_vfree(new_l1_table);
e3f652b3 1061 return ret;
51ef6727 1062 }
1063
e3f652b3 1064 /* Switch the L1 table */
de82815d 1065 qemu_vfree(s->l1_table);
e3f652b3
KW		 1066
1067 s->l1_size = sn->l1_size;
1068 s->l1_table_offset = sn->l1_table_offset;
1069 s->l1_table = new_l1_table;
1070
51ef6727 1071 for(i = 0;i < s->l1_size; i++) {
1072 be64_to_cpus(&s->l1_table[i]);
1073 }
e3f652b3 1074
51ef6727 1075 return 0;
1076}
QEMU mirror