qcow2.h (37072B)
1/* 2 * Block driver for the QCOW version 2 format 3 * 4 * Copyright (c) 2004-2006 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25#ifndef BLOCK_QCOW2_H 26#define BLOCK_QCOW2_H 27 28#include "crypto/block.h" 29#include "qemu/coroutine.h" 30#include "qemu/units.h" 31#include "block/block_int.h" 32 33//#define DEBUG_ALLOC 34//#define DEBUG_ALLOC2 35//#define DEBUG_EXT 36 37#define QCOW_MAGIC (('Q' << 24) | ('F' << 16) | ('I' << 8) | 0xfb) 38 39#define QCOW_CRYPT_NONE 0 40#define QCOW_CRYPT_AES 1 41#define QCOW_CRYPT_LUKS 2 42 43#define QCOW_MAX_CRYPT_CLUSTERS 32 44#define QCOW_MAX_SNAPSHOTS 65536 45 46/* Field widths in qcow2 mean normal cluster offsets cannot reach 47 * 64PB; depending on cluster size, compressed clusters can have a 48 * smaller limit (64PB for up to 16k clusters, then ramps down to 49 * 512TB for 2M clusters). */ 50#define QCOW_MAX_CLUSTER_OFFSET ((1ULL << 56) - 1) 51 52/* 8 MB refcount table is enough for 2 PB images at 64k cluster size 53 * (128 GB for 512 byte clusters, 2 EB for 2 MB clusters) */ 54#define QCOW_MAX_REFTABLE_SIZE (8 * MiB) 55 56/* 32 MB L1 table is enough for 2 PB images at 64k cluster size 57 * (128 GB for 512 byte clusters, 2 EB for 2 MB clusters) */ 58#define QCOW_MAX_L1_SIZE (32 * MiB) 59 60/* Allow for an average of 1k per snapshot table entry, should be plenty of 61 * space for snapshot names and IDs */ 62#define QCOW_MAX_SNAPSHOTS_SIZE (1024 * QCOW_MAX_SNAPSHOTS) 63 64/* Maximum amount of extra data per snapshot table entry to accept */ 65#define QCOW_MAX_SNAPSHOT_EXTRA_DATA 1024 66 67/* Bitmap header extension constraints */ 68#define QCOW2_MAX_BITMAPS 65535 69#define QCOW2_MAX_BITMAP_DIRECTORY_SIZE (1024 * QCOW2_MAX_BITMAPS) 70 71/* Maximum of parallel sub-request per guest request */ 72#define QCOW2_MAX_WORKERS 8 73 74/* indicate that the refcount of the referenced cluster is exactly one. */ 75#define QCOW_OFLAG_COPIED (1ULL << 63) 76/* indicate that the cluster is compressed (they never have the copied flag) */ 77#define QCOW_OFLAG_COMPRESSED (1ULL << 62) 78/* The cluster reads as all zeros */ 79#define QCOW_OFLAG_ZERO (1ULL << 0) 80 81#define QCOW_EXTL2_SUBCLUSTERS_PER_CLUSTER 32 82 83/* The subcluster X [0..31] is allocated */ 84#define QCOW_OFLAG_SUB_ALLOC(X) (1ULL << (X)) 85/* The subcluster X [0..31] reads as zeroes */ 86#define QCOW_OFLAG_SUB_ZERO(X) (QCOW_OFLAG_SUB_ALLOC(X) << 32) 87/* Subclusters [X, Y) (0 <= X <= Y <= 32) are allocated */ 88#define QCOW_OFLAG_SUB_ALLOC_RANGE(X, Y) \ 89 (QCOW_OFLAG_SUB_ALLOC(Y) - QCOW_OFLAG_SUB_ALLOC(X)) 90/* Subclusters [X, Y) (0 <= X <= Y <= 32) read as zeroes */ 91#define QCOW_OFLAG_SUB_ZERO_RANGE(X, Y) \ 92 (QCOW_OFLAG_SUB_ALLOC_RANGE(X, Y) << 32) 93/* L2 entry bitmap with all allocation bits set */ 94#define QCOW_L2_BITMAP_ALL_ALLOC (QCOW_OFLAG_SUB_ALLOC_RANGE(0, 32)) 95/* L2 entry bitmap with all "read as zeroes" bits set */ 96#define QCOW_L2_BITMAP_ALL_ZEROES (QCOW_OFLAG_SUB_ZERO_RANGE(0, 32)) 97 98/* Size of normal and extended L2 entries */ 99#define L2E_SIZE_NORMAL (sizeof(uint64_t)) 100#define L2E_SIZE_EXTENDED (sizeof(uint64_t) * 2) 101 102/* Size of L1 table entries */ 103#define L1E_SIZE (sizeof(uint64_t)) 104 105/* Size of reftable entries */ 106#define REFTABLE_ENTRY_SIZE (sizeof(uint64_t)) 107 108#define MIN_CLUSTER_BITS 9 109#define MAX_CLUSTER_BITS 21 110 111/* Defined in the qcow2 spec (compressed cluster descriptor) */ 112#define QCOW2_COMPRESSED_SECTOR_SIZE 512U 113 114/* Must be at least 2 to cover COW */ 115#define MIN_L2_CACHE_SIZE 2 /* cache entries */ 116 117/* Must be at least 4 to cover all cases of refcount table growth */ 118#define MIN_REFCOUNT_CACHE_SIZE 4 /* clusters */ 119 120#ifdef CONFIG_LINUX 121#define DEFAULT_L2_CACHE_MAX_SIZE (32 * MiB) 122#define DEFAULT_CACHE_CLEAN_INTERVAL 600 /* seconds */ 123#else 124#define DEFAULT_L2_CACHE_MAX_SIZE (8 * MiB) 125/* Cache clean interval is currently available only on Linux, so must be 0 */ 126#define DEFAULT_CACHE_CLEAN_INTERVAL 0 127#endif 128 129#define DEFAULT_CLUSTER_SIZE 65536 130 131#define QCOW2_OPT_DATA_FILE "data-file" 132#define QCOW2_OPT_LAZY_REFCOUNTS "lazy-refcounts" 133#define QCOW2_OPT_DISCARD_REQUEST "pass-discard-request" 134#define QCOW2_OPT_DISCARD_SNAPSHOT "pass-discard-snapshot" 135#define QCOW2_OPT_DISCARD_OTHER "pass-discard-other" 136#define QCOW2_OPT_OVERLAP "overlap-check" 137#define QCOW2_OPT_OVERLAP_TEMPLATE "overlap-check.template" 138#define QCOW2_OPT_OVERLAP_MAIN_HEADER "overlap-check.main-header" 139#define QCOW2_OPT_OVERLAP_ACTIVE_L1 "overlap-check.active-l1" 140#define QCOW2_OPT_OVERLAP_ACTIVE_L2 "overlap-check.active-l2" 141#define QCOW2_OPT_OVERLAP_REFCOUNT_TABLE "overlap-check.refcount-table" 142#define QCOW2_OPT_OVERLAP_REFCOUNT_BLOCK "overlap-check.refcount-block" 143#define QCOW2_OPT_OVERLAP_SNAPSHOT_TABLE "overlap-check.snapshot-table" 144#define QCOW2_OPT_OVERLAP_INACTIVE_L1 "overlap-check.inactive-l1" 145#define QCOW2_OPT_OVERLAP_INACTIVE_L2 "overlap-check.inactive-l2" 146#define QCOW2_OPT_OVERLAP_BITMAP_DIRECTORY "overlap-check.bitmap-directory" 147#define QCOW2_OPT_CACHE_SIZE "cache-size" 148#define QCOW2_OPT_L2_CACHE_SIZE "l2-cache-size" 149#define QCOW2_OPT_L2_CACHE_ENTRY_SIZE "l2-cache-entry-size" 150#define QCOW2_OPT_REFCOUNT_CACHE_SIZE "refcount-cache-size" 151#define QCOW2_OPT_CACHE_CLEAN_INTERVAL "cache-clean-interval" 152 153typedef struct QCowHeader { 154 uint32_t magic; 155 uint32_t version; 156 uint64_t backing_file_offset; 157 uint32_t backing_file_size; 158 uint32_t cluster_bits; 159 uint64_t size; /* in bytes */ 160 uint32_t crypt_method; 161 uint32_t l1_size; /* XXX: save number of clusters instead ? */ 162 uint64_t l1_table_offset; 163 uint64_t refcount_table_offset; 164 uint32_t refcount_table_clusters; 165 uint32_t nb_snapshots; 166 uint64_t snapshots_offset; 167 168 /* The following fields are only valid for version >= 3 */ 169 uint64_t incompatible_features; 170 uint64_t compatible_features; 171 uint64_t autoclear_features; 172 173 uint32_t refcount_order; 174 uint32_t header_length; 175 176 /* Additional fields */ 177 uint8_t compression_type; 178 179 /* header must be a multiple of 8 */ 180 uint8_t padding[7]; 181} QEMU_PACKED QCowHeader; 182 183QEMU_BUILD_BUG_ON(!QEMU_IS_ALIGNED(sizeof(QCowHeader), 8)); 184 185typedef struct QEMU_PACKED QCowSnapshotHeader { 186 /* header is 8 byte aligned */ 187 uint64_t l1_table_offset; 188 189 uint32_t l1_size; 190 uint16_t id_str_size; 191 uint16_t name_size; 192 193 uint32_t date_sec; 194 uint32_t date_nsec; 195 196 uint64_t vm_clock_nsec; 197 198 uint32_t vm_state_size; 199 uint32_t extra_data_size; /* for extension */ 200 /* extra data follows */ 201 /* id_str follows */ 202 /* name follows */ 203} QCowSnapshotHeader; 204 205typedef struct QEMU_PACKED QCowSnapshotExtraData { 206 uint64_t vm_state_size_large; 207 uint64_t disk_size; 208 uint64_t icount; 209} QCowSnapshotExtraData; 210 211 212typedef struct QCowSnapshot { 213 uint64_t l1_table_offset; 214 uint32_t l1_size; 215 char *id_str; 216 char *name; 217 uint64_t disk_size; 218 uint64_t vm_state_size; 219 uint32_t date_sec; 220 uint32_t date_nsec; 221 uint64_t vm_clock_nsec; 222 /* icount value for the moment when snapshot was taken */ 223 uint64_t icount; 224 /* Size of all extra data, including QCowSnapshotExtraData if available */ 225 uint32_t extra_data_size; 226 /* Data beyond QCowSnapshotExtraData, if any */ 227 void *unknown_extra_data; 228} QCowSnapshot; 229 230struct Qcow2Cache; 231typedef struct Qcow2Cache Qcow2Cache; 232 233typedef struct Qcow2CryptoHeaderExtension { 234 uint64_t offset; 235 uint64_t length; 236} QEMU_PACKED Qcow2CryptoHeaderExtension; 237 238typedef struct Qcow2UnknownHeaderExtension { 239 uint32_t magic; 240 uint32_t len; 241 QLIST_ENTRY(Qcow2UnknownHeaderExtension) next; 242 uint8_t data[]; 243} Qcow2UnknownHeaderExtension; 244 245enum { 246 QCOW2_FEAT_TYPE_INCOMPATIBLE = 0, 247 QCOW2_FEAT_TYPE_COMPATIBLE = 1, 248 QCOW2_FEAT_TYPE_AUTOCLEAR = 2, 249}; 250 251/* Incompatible feature bits */ 252enum { 253 QCOW2_INCOMPAT_DIRTY_BITNR = 0, 254 QCOW2_INCOMPAT_CORRUPT_BITNR = 1, 255 QCOW2_INCOMPAT_DATA_FILE_BITNR = 2, 256 QCOW2_INCOMPAT_COMPRESSION_BITNR = 3, 257 QCOW2_INCOMPAT_EXTL2_BITNR = 4, 258 QCOW2_INCOMPAT_DIRTY = 1 << QCOW2_INCOMPAT_DIRTY_BITNR, 259 QCOW2_INCOMPAT_CORRUPT = 1 << QCOW2_INCOMPAT_CORRUPT_BITNR, 260 QCOW2_INCOMPAT_DATA_FILE = 1 << QCOW2_INCOMPAT_DATA_FILE_BITNR, 261 QCOW2_INCOMPAT_COMPRESSION = 1 << QCOW2_INCOMPAT_COMPRESSION_BITNR, 262 QCOW2_INCOMPAT_EXTL2 = 1 << QCOW2_INCOMPAT_EXTL2_BITNR, 263 264 QCOW2_INCOMPAT_MASK = QCOW2_INCOMPAT_DIRTY 265 | QCOW2_INCOMPAT_CORRUPT 266 | QCOW2_INCOMPAT_DATA_FILE 267 | QCOW2_INCOMPAT_COMPRESSION 268 | QCOW2_INCOMPAT_EXTL2, 269}; 270 271/* Compatible feature bits */ 272enum { 273 QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR = 0, 274 QCOW2_COMPAT_LAZY_REFCOUNTS = 1 << QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR, 275 276 QCOW2_COMPAT_FEAT_MASK = QCOW2_COMPAT_LAZY_REFCOUNTS, 277}; 278 279/* Autoclear feature bits */ 280enum { 281 QCOW2_AUTOCLEAR_BITMAPS_BITNR = 0, 282 QCOW2_AUTOCLEAR_DATA_FILE_RAW_BITNR = 1, 283 QCOW2_AUTOCLEAR_BITMAPS = 1 << QCOW2_AUTOCLEAR_BITMAPS_BITNR, 284 QCOW2_AUTOCLEAR_DATA_FILE_RAW = 1 << QCOW2_AUTOCLEAR_DATA_FILE_RAW_BITNR, 285 286 QCOW2_AUTOCLEAR_MASK = QCOW2_AUTOCLEAR_BITMAPS 287 | QCOW2_AUTOCLEAR_DATA_FILE_RAW, 288}; 289 290enum qcow2_discard_type { 291 QCOW2_DISCARD_NEVER = 0, 292 QCOW2_DISCARD_ALWAYS, 293 QCOW2_DISCARD_REQUEST, 294 QCOW2_DISCARD_SNAPSHOT, 295 QCOW2_DISCARD_OTHER, 296 QCOW2_DISCARD_MAX 297}; 298 299typedef struct Qcow2Feature { 300 uint8_t type; 301 uint8_t bit; 302 char name[46]; 303} QEMU_PACKED Qcow2Feature; 304 305typedef struct Qcow2DiscardRegion { 306 BlockDriverState *bs; 307 uint64_t offset; 308 uint64_t bytes; 309 QTAILQ_ENTRY(Qcow2DiscardRegion) next; 310} Qcow2DiscardRegion; 311 312typedef uint64_t Qcow2GetRefcountFunc(const void *refcount_array, 313 uint64_t index); 314typedef void Qcow2SetRefcountFunc(void *refcount_array, 315 uint64_t index, uint64_t value); 316 317typedef struct Qcow2BitmapHeaderExt { 318 uint32_t nb_bitmaps; 319 uint32_t reserved32; 320 uint64_t bitmap_directory_size; 321 uint64_t bitmap_directory_offset; 322} QEMU_PACKED Qcow2BitmapHeaderExt; 323 324#define QCOW2_MAX_THREADS 4 325 326typedef struct BDRVQcow2State { 327 int cluster_bits; 328 int cluster_size; 329 int l2_slice_size; 330 int subcluster_bits; 331 int subcluster_size; 332 int subclusters_per_cluster; 333 int l2_bits; 334 int l2_size; 335 int l1_size; 336 int l1_vm_state_index; 337 int refcount_block_bits; 338 int refcount_block_size; 339 int csize_shift; 340 int csize_mask; 341 uint64_t cluster_offset_mask; 342 uint64_t l1_table_offset; 343 uint64_t *l1_table; 344 345 Qcow2Cache *l2_table_cache; 346 Qcow2Cache *refcount_block_cache; 347 QEMUTimer *cache_clean_timer; 348 unsigned cache_clean_interval; 349 350 QLIST_HEAD(, QCowL2Meta) cluster_allocs; 351 352 uint64_t *refcount_table; 353 uint64_t refcount_table_offset; 354 uint32_t refcount_table_size; 355 uint32_t max_refcount_table_index; /* Last used entry in refcount_table */ 356 uint64_t free_cluster_index; 357 uint64_t free_byte_offset; 358 359 CoMutex lock; 360 361 Qcow2CryptoHeaderExtension crypto_header; /* QCow2 header extension */ 362 QCryptoBlockOpenOptions *crypto_opts; /* Disk encryption runtime options */ 363 QCryptoBlock *crypto; /* Disk encryption format driver */ 364 bool crypt_physical_offset; /* Whether to use virtual or physical offset 365 for encryption initialization vector tweak */ 366 uint32_t crypt_method_header; 367 uint64_t snapshots_offset; 368 int snapshots_size; 369 unsigned int nb_snapshots; 370 QCowSnapshot *snapshots; 371 372 uint32_t nb_bitmaps; 373 uint64_t bitmap_directory_size; 374 uint64_t bitmap_directory_offset; 375 376 int flags; 377 int qcow_version; 378 bool use_lazy_refcounts; 379 int refcount_order; 380 int refcount_bits; 381 uint64_t refcount_max; 382 383 Qcow2GetRefcountFunc *get_refcount; 384 Qcow2SetRefcountFunc *set_refcount; 385 386 bool discard_passthrough[QCOW2_DISCARD_MAX]; 387 388 int overlap_check; /* bitmask of Qcow2MetadataOverlap values */ 389 bool signaled_corruption; 390 391 uint64_t incompatible_features; 392 uint64_t compatible_features; 393 uint64_t autoclear_features; 394 395 size_t unknown_header_fields_size; 396 void *unknown_header_fields; 397 QLIST_HEAD(, Qcow2UnknownHeaderExtension) unknown_header_ext; 398 QTAILQ_HEAD (, Qcow2DiscardRegion) discards; 399 bool cache_discards; 400 401 /* Backing file path and format as stored in the image (this is not the 402 * effective path/format, which may be the result of a runtime option 403 * override) */ 404 char *image_backing_file; 405 char *image_backing_format; 406 char *image_data_file; 407 408 CoQueue thread_task_queue; 409 int nb_threads; 410 411 BdrvChild *data_file; 412 413 bool metadata_preallocation_checked; 414 bool metadata_preallocation; 415 /* 416 * Compression type used for the image. Default: 0 - ZLIB 417 * The image compression type is set on image creation. 418 * For now, the only way to change the compression type 419 * is to convert the image with the desired compression type set. 420 */ 421 Qcow2CompressionType compression_type; 422} BDRVQcow2State; 423 424typedef struct Qcow2COWRegion { 425 /** 426 * Offset of the COW region in bytes from the start of the first cluster 427 * touched by the request. 428 */ 429 unsigned offset; 430 431 /** Number of bytes to copy */ 432 unsigned nb_bytes; 433} Qcow2COWRegion; 434 435/** 436 * Describes an in-flight (part of a) write request that writes to clusters 437 * that need to have their L2 table entries updated (because they are 438 * newly allocated or need changes in their L2 bitmaps) 439 */ 440typedef struct QCowL2Meta 441{ 442 /** Guest offset of the first updated cluster */ 443 uint64_t offset; 444 445 /** Host offset of the first updated cluster */ 446 uint64_t alloc_offset; 447 448 /** Number of updated clusters */ 449 int nb_clusters; 450 451 /** Do not free the old clusters */ 452 bool keep_old_clusters; 453 454 /** 455 * Requests that overlap with this allocation and wait to be restarted 456 * when the allocating request has completed. 457 */ 458 CoQueue dependent_requests; 459 460 /** 461 * The COW Region immediately before the area the guest actually 462 * writes to. This (part of the) write request starts at 463 * cow_start.offset + cow_start.nb_bytes. 464 */ 465 Qcow2COWRegion cow_start; 466 467 /** 468 * The COW Region immediately after the area the guest actually 469 * writes to. This (part of the) write request ends at cow_end.offset 470 * (which must always be set even when cow_end.nb_bytes is 0). 471 */ 472 Qcow2COWRegion cow_end; 473 474 /* 475 * Indicates that COW regions are already handled and do not require 476 * any more processing. 477 */ 478 bool skip_cow; 479 480 /** 481 * Indicates that this is not a normal write request but a preallocation. 482 * If the image has extended L2 entries this means that no new individual 483 * subclusters will be marked as allocated in the L2 bitmap (but any 484 * existing contents of that bitmap will be kept). 485 */ 486 bool prealloc; 487 488 /** 489 * The I/O vector with the data from the actual guest write request. 490 * If non-NULL, this is meant to be merged together with the data 491 * from @cow_start and @cow_end into one single write operation. 492 */ 493 QEMUIOVector *data_qiov; 494 size_t data_qiov_offset; 495 496 /** Pointer to next L2Meta of the same write request */ 497 struct QCowL2Meta *next; 498 499 QLIST_ENTRY(QCowL2Meta) next_in_flight; 500} QCowL2Meta; 501 502/* 503 * In images with standard L2 entries all clusters are treated as if 504 * they had one subcluster so QCow2ClusterType and QCow2SubclusterType 505 * can be mapped to each other and have the exact same meaning 506 * (QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC cannot happen in these images). 507 * 508 * In images with extended L2 entries QCow2ClusterType refers to the 509 * complete cluster and QCow2SubclusterType to each of the individual 510 * subclusters, so there are several possible combinations: 511 * 512 * |--------------+---------------------------| 513 * | Cluster type | Possible subcluster types | 514 * |--------------+---------------------------| 515 * | UNALLOCATED | UNALLOCATED_PLAIN | 516 * | | ZERO_PLAIN | 517 * |--------------+---------------------------| 518 * | NORMAL | UNALLOCATED_ALLOC | 519 * | | ZERO_ALLOC | 520 * | | NORMAL | 521 * |--------------+---------------------------| 522 * | COMPRESSED | COMPRESSED | 523 * |--------------+---------------------------| 524 * 525 * QCOW2_SUBCLUSTER_INVALID means that the L2 entry is incorrect and 526 * the image should be marked corrupt. 527 */ 528 529typedef enum QCow2ClusterType { 530 QCOW2_CLUSTER_UNALLOCATED, 531 QCOW2_CLUSTER_ZERO_PLAIN, 532 QCOW2_CLUSTER_ZERO_ALLOC, 533 QCOW2_CLUSTER_NORMAL, 534 QCOW2_CLUSTER_COMPRESSED, 535} QCow2ClusterType; 536 537typedef enum QCow2SubclusterType { 538 QCOW2_SUBCLUSTER_UNALLOCATED_PLAIN, 539 QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC, 540 QCOW2_SUBCLUSTER_ZERO_PLAIN, 541 QCOW2_SUBCLUSTER_ZERO_ALLOC, 542 QCOW2_SUBCLUSTER_NORMAL, 543 QCOW2_SUBCLUSTER_COMPRESSED, 544 QCOW2_SUBCLUSTER_INVALID, 545} QCow2SubclusterType; 546 547typedef enum QCow2MetadataOverlap { 548 QCOW2_OL_MAIN_HEADER_BITNR = 0, 549 QCOW2_OL_ACTIVE_L1_BITNR = 1, 550 QCOW2_OL_ACTIVE_L2_BITNR = 2, 551 QCOW2_OL_REFCOUNT_TABLE_BITNR = 3, 552 QCOW2_OL_REFCOUNT_BLOCK_BITNR = 4, 553 QCOW2_OL_SNAPSHOT_TABLE_BITNR = 5, 554 QCOW2_OL_INACTIVE_L1_BITNR = 6, 555 QCOW2_OL_INACTIVE_L2_BITNR = 7, 556 QCOW2_OL_BITMAP_DIRECTORY_BITNR = 8, 557 558 QCOW2_OL_MAX_BITNR = 9, 559 560 QCOW2_OL_NONE = 0, 561 QCOW2_OL_MAIN_HEADER = (1 << QCOW2_OL_MAIN_HEADER_BITNR), 562 QCOW2_OL_ACTIVE_L1 = (1 << QCOW2_OL_ACTIVE_L1_BITNR), 563 QCOW2_OL_ACTIVE_L2 = (1 << QCOW2_OL_ACTIVE_L2_BITNR), 564 QCOW2_OL_REFCOUNT_TABLE = (1 << QCOW2_OL_REFCOUNT_TABLE_BITNR), 565 QCOW2_OL_REFCOUNT_BLOCK = (1 << QCOW2_OL_REFCOUNT_BLOCK_BITNR), 566 QCOW2_OL_SNAPSHOT_TABLE = (1 << QCOW2_OL_SNAPSHOT_TABLE_BITNR), 567 QCOW2_OL_INACTIVE_L1 = (1 << QCOW2_OL_INACTIVE_L1_BITNR), 568 /* NOTE: Checking overlaps with inactive L2 tables will result in bdrv 569 * reads. */ 570 QCOW2_OL_INACTIVE_L2 = (1 << QCOW2_OL_INACTIVE_L2_BITNR), 571 QCOW2_OL_BITMAP_DIRECTORY = (1 << QCOW2_OL_BITMAP_DIRECTORY_BITNR), 572} QCow2MetadataOverlap; 573 574/* Perform all overlap checks which can be done in constant time */ 575#define QCOW2_OL_CONSTANT \ 576 (QCOW2_OL_MAIN_HEADER | QCOW2_OL_ACTIVE_L1 | QCOW2_OL_REFCOUNT_TABLE | \ 577 QCOW2_OL_SNAPSHOT_TABLE | QCOW2_OL_BITMAP_DIRECTORY) 578 579/* Perform all overlap checks which don't require disk access */ 580#define QCOW2_OL_CACHED \ 581 (QCOW2_OL_CONSTANT | QCOW2_OL_ACTIVE_L2 | QCOW2_OL_REFCOUNT_BLOCK | \ 582 QCOW2_OL_INACTIVE_L1) 583 584/* Perform all overlap checks */ 585#define QCOW2_OL_ALL \ 586 (QCOW2_OL_CACHED | QCOW2_OL_INACTIVE_L2) 587 588#define L1E_OFFSET_MASK 0x00fffffffffffe00ULL 589#define L1E_RESERVED_MASK 0x7f000000000001ffULL 590#define L2E_OFFSET_MASK 0x00fffffffffffe00ULL 591#define L2E_STD_RESERVED_MASK 0x3f000000000001feULL 592 593#define REFT_OFFSET_MASK 0xfffffffffffffe00ULL 594#define REFT_RESERVED_MASK 0x1ffULL 595 596#define INV_OFFSET (-1ULL) 597 598static inline bool has_subclusters(BDRVQcow2State *s) 599{ 600 return s->incompatible_features & QCOW2_INCOMPAT_EXTL2; 601} 602 603static inline size_t l2_entry_size(BDRVQcow2State *s) 604{ 605 return has_subclusters(s) ? L2E_SIZE_EXTENDED : L2E_SIZE_NORMAL; 606} 607 608static inline uint64_t get_l2_entry(BDRVQcow2State *s, uint64_t *l2_slice, 609 int idx) 610{ 611 idx *= l2_entry_size(s) / sizeof(uint64_t); 612 return be64_to_cpu(l2_slice[idx]); 613} 614 615static inline uint64_t get_l2_bitmap(BDRVQcow2State *s, uint64_t *l2_slice, 616 int idx) 617{ 618 if (has_subclusters(s)) { 619 idx *= l2_entry_size(s) / sizeof(uint64_t); 620 return be64_to_cpu(l2_slice[idx + 1]); 621 } else { 622 return 0; /* For convenience only; this value has no meaning. */ 623 } 624} 625 626static inline void set_l2_entry(BDRVQcow2State *s, uint64_t *l2_slice, 627 int idx, uint64_t entry) 628{ 629 idx *= l2_entry_size(s) / sizeof(uint64_t); 630 l2_slice[idx] = cpu_to_be64(entry); 631} 632 633static inline void set_l2_bitmap(BDRVQcow2State *s, uint64_t *l2_slice, 634 int idx, uint64_t bitmap) 635{ 636 assert(has_subclusters(s)); 637 idx *= l2_entry_size(s) / sizeof(uint64_t); 638 l2_slice[idx + 1] = cpu_to_be64(bitmap); 639} 640 641static inline bool has_data_file(BlockDriverState *bs) 642{ 643 BDRVQcow2State *s = bs->opaque; 644 return (s->data_file != bs->file); 645} 646 647static inline bool data_file_is_raw(BlockDriverState *bs) 648{ 649 BDRVQcow2State *s = bs->opaque; 650 return !!(s->autoclear_features & QCOW2_AUTOCLEAR_DATA_FILE_RAW); 651} 652 653static inline int64_t start_of_cluster(BDRVQcow2State *s, int64_t offset) 654{ 655 return offset & ~(s->cluster_size - 1); 656} 657 658static inline int64_t offset_into_cluster(BDRVQcow2State *s, int64_t offset) 659{ 660 return offset & (s->cluster_size - 1); 661} 662 663static inline int64_t offset_into_subcluster(BDRVQcow2State *s, int64_t offset) 664{ 665 return offset & (s->subcluster_size - 1); 666} 667 668static inline uint64_t size_to_clusters(BDRVQcow2State *s, uint64_t size) 669{ 670 return (size + (s->cluster_size - 1)) >> s->cluster_bits; 671} 672 673static inline uint64_t size_to_subclusters(BDRVQcow2State *s, uint64_t size) 674{ 675 return (size + (s->subcluster_size - 1)) >> s->subcluster_bits; 676} 677 678static inline int64_t size_to_l1(BDRVQcow2State *s, int64_t size) 679{ 680 int shift = s->cluster_bits + s->l2_bits; 681 return (size + (1ULL << shift) - 1) >> shift; 682} 683 684static inline int offset_to_l1_index(BDRVQcow2State *s, uint64_t offset) 685{ 686 return offset >> (s->l2_bits + s->cluster_bits); 687} 688 689static inline int offset_to_l2_index(BDRVQcow2State *s, int64_t offset) 690{ 691 return (offset >> s->cluster_bits) & (s->l2_size - 1); 692} 693 694static inline int offset_to_l2_slice_index(BDRVQcow2State *s, int64_t offset) 695{ 696 return (offset >> s->cluster_bits) & (s->l2_slice_size - 1); 697} 698 699static inline int offset_to_sc_index(BDRVQcow2State *s, int64_t offset) 700{ 701 return (offset >> s->subcluster_bits) & (s->subclusters_per_cluster - 1); 702} 703 704static inline int64_t qcow2_vm_state_offset(BDRVQcow2State *s) 705{ 706 return (int64_t)s->l1_vm_state_index << (s->cluster_bits + s->l2_bits); 707} 708 709static inline QCow2ClusterType qcow2_get_cluster_type(BlockDriverState *bs, 710 uint64_t l2_entry) 711{ 712 BDRVQcow2State *s = bs->opaque; 713 714 if (l2_entry & QCOW_OFLAG_COMPRESSED) { 715 return QCOW2_CLUSTER_COMPRESSED; 716 } else if ((l2_entry & QCOW_OFLAG_ZERO) && !has_subclusters(s)) { 717 if (l2_entry & L2E_OFFSET_MASK) { 718 return QCOW2_CLUSTER_ZERO_ALLOC; 719 } 720 return QCOW2_CLUSTER_ZERO_PLAIN; 721 } else if (!(l2_entry & L2E_OFFSET_MASK)) { 722 /* Offset 0 generally means unallocated, but it is ambiguous with 723 * external data files because 0 is a valid offset there. However, all 724 * clusters in external data files always have refcount 1, so we can 725 * rely on QCOW_OFLAG_COPIED to disambiguate. */ 726 if (has_data_file(bs) && (l2_entry & QCOW_OFLAG_COPIED)) { 727 return QCOW2_CLUSTER_NORMAL; 728 } else { 729 return QCOW2_CLUSTER_UNALLOCATED; 730 } 731 } else { 732 return QCOW2_CLUSTER_NORMAL; 733 } 734} 735 736/* 737 * In an image without subsclusters @l2_bitmap is ignored and 738 * @sc_index must be 0. 739 * Return QCOW2_SUBCLUSTER_INVALID if an invalid l2 entry is detected 740 * (this checks the whole entry and bitmap, not only the bits related 741 * to subcluster @sc_index). 742 */ 743static inline 744QCow2SubclusterType qcow2_get_subcluster_type(BlockDriverState *bs, 745 uint64_t l2_entry, 746 uint64_t l2_bitmap, 747 unsigned sc_index) 748{ 749 BDRVQcow2State *s = bs->opaque; 750 QCow2ClusterType type = qcow2_get_cluster_type(bs, l2_entry); 751 assert(sc_index < s->subclusters_per_cluster); 752 753 if (has_subclusters(s)) { 754 switch (type) { 755 case QCOW2_CLUSTER_COMPRESSED: 756 return QCOW2_SUBCLUSTER_COMPRESSED; 757 case QCOW2_CLUSTER_NORMAL: 758 if ((l2_bitmap >> 32) & l2_bitmap) { 759 return QCOW2_SUBCLUSTER_INVALID; 760 } else if (l2_bitmap & QCOW_OFLAG_SUB_ZERO(sc_index)) { 761 return QCOW2_SUBCLUSTER_ZERO_ALLOC; 762 } else if (l2_bitmap & QCOW_OFLAG_SUB_ALLOC(sc_index)) { 763 return QCOW2_SUBCLUSTER_NORMAL; 764 } else { 765 return QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC; 766 } 767 case QCOW2_CLUSTER_UNALLOCATED: 768 if (l2_bitmap & QCOW_L2_BITMAP_ALL_ALLOC) { 769 return QCOW2_SUBCLUSTER_INVALID; 770 } else if (l2_bitmap & QCOW_OFLAG_SUB_ZERO(sc_index)) { 771 return QCOW2_SUBCLUSTER_ZERO_PLAIN; 772 } else { 773 return QCOW2_SUBCLUSTER_UNALLOCATED_PLAIN; 774 } 775 default: 776 g_assert_not_reached(); 777 } 778 } else { 779 switch (type) { 780 case QCOW2_CLUSTER_COMPRESSED: 781 return QCOW2_SUBCLUSTER_COMPRESSED; 782 case QCOW2_CLUSTER_ZERO_PLAIN: 783 return QCOW2_SUBCLUSTER_ZERO_PLAIN; 784 case QCOW2_CLUSTER_ZERO_ALLOC: 785 return QCOW2_SUBCLUSTER_ZERO_ALLOC; 786 case QCOW2_CLUSTER_NORMAL: 787 return QCOW2_SUBCLUSTER_NORMAL; 788 case QCOW2_CLUSTER_UNALLOCATED: 789 return QCOW2_SUBCLUSTER_UNALLOCATED_PLAIN; 790 default: 791 g_assert_not_reached(); 792 } 793 } 794} 795 796static inline bool qcow2_cluster_is_allocated(QCow2ClusterType type) 797{ 798 return (type == QCOW2_CLUSTER_COMPRESSED || type == QCOW2_CLUSTER_NORMAL || 799 type == QCOW2_CLUSTER_ZERO_ALLOC); 800} 801 802/* Check whether refcounts are eager or lazy */ 803static inline bool qcow2_need_accurate_refcounts(BDRVQcow2State *s) 804{ 805 return !(s->incompatible_features & QCOW2_INCOMPAT_DIRTY); 806} 807 808static inline uint64_t l2meta_cow_start(QCowL2Meta *m) 809{ 810 return m->offset + m->cow_start.offset; 811} 812 813static inline uint64_t l2meta_cow_end(QCowL2Meta *m) 814{ 815 return m->offset + m->cow_end.offset + m->cow_end.nb_bytes; 816} 817 818static inline uint64_t refcount_diff(uint64_t r1, uint64_t r2) 819{ 820 return r1 > r2 ? r1 - r2 : r2 - r1; 821} 822 823static inline 824uint32_t offset_to_reftable_index(BDRVQcow2State *s, uint64_t offset) 825{ 826 return offset >> (s->refcount_block_bits + s->cluster_bits); 827} 828 829/* qcow2.c functions */ 830int64_t qcow2_refcount_metadata_size(int64_t clusters, size_t cluster_size, 831 int refcount_order, bool generous_increase, 832 uint64_t *refblock_count); 833 834int qcow2_mark_dirty(BlockDriverState *bs); 835int qcow2_mark_corrupt(BlockDriverState *bs); 836int qcow2_mark_consistent(BlockDriverState *bs); 837int qcow2_update_header(BlockDriverState *bs); 838 839void qcow2_signal_corruption(BlockDriverState *bs, bool fatal, int64_t offset, 840 int64_t size, const char *message_format, ...) 841 GCC_FMT_ATTR(5, 6); 842 843int qcow2_validate_table(BlockDriverState *bs, uint64_t offset, 844 uint64_t entries, size_t entry_len, 845 int64_t max_size_bytes, const char *table_name, 846 Error **errp); 847 848/* qcow2-refcount.c functions */ 849int qcow2_refcount_init(BlockDriverState *bs); 850void qcow2_refcount_close(BlockDriverState *bs); 851 852int qcow2_get_refcount(BlockDriverState *bs, int64_t cluster_index, 853 uint64_t *refcount); 854 855int qcow2_update_cluster_refcount(BlockDriverState *bs, int64_t cluster_index, 856 uint64_t addend, bool decrease, 857 enum qcow2_discard_type type); 858 859int64_t qcow2_refcount_area(BlockDriverState *bs, uint64_t offset, 860 uint64_t additional_clusters, bool exact_size, 861 int new_refblock_index, 862 uint64_t new_refblock_offset); 863 864int64_t qcow2_alloc_clusters(BlockDriverState *bs, uint64_t size); 865int64_t qcow2_alloc_clusters_at(BlockDriverState *bs, uint64_t offset, 866 int64_t nb_clusters); 867int64_t qcow2_alloc_bytes(BlockDriverState *bs, int size); 868void qcow2_free_clusters(BlockDriverState *bs, 869 int64_t offset, int64_t size, 870 enum qcow2_discard_type type); 871void qcow2_free_any_cluster(BlockDriverState *bs, uint64_t l2_entry, 872 enum qcow2_discard_type type); 873 874int qcow2_update_snapshot_refcount(BlockDriverState *bs, 875 int64_t l1_table_offset, int l1_size, int addend); 876 877int coroutine_fn qcow2_flush_caches(BlockDriverState *bs); 878int coroutine_fn qcow2_write_caches(BlockDriverState *bs); 879int qcow2_check_refcounts(BlockDriverState *bs, BdrvCheckResult *res, 880 BdrvCheckMode fix); 881 882void qcow2_process_discards(BlockDriverState *bs, int ret); 883 884int qcow2_check_metadata_overlap(BlockDriverState *bs, int ign, int64_t offset, 885 int64_t size); 886int qcow2_pre_write_overlap_check(BlockDriverState *bs, int ign, int64_t offset, 887 int64_t size, bool data_file); 888int qcow2_inc_refcounts_imrt(BlockDriverState *bs, BdrvCheckResult *res, 889 void **refcount_table, 890 int64_t *refcount_table_size, 891 int64_t offset, int64_t size); 892 893int qcow2_change_refcount_order(BlockDriverState *bs, int refcount_order, 894 BlockDriverAmendStatusCB *status_cb, 895 void *cb_opaque, Error **errp); 896int qcow2_shrink_reftable(BlockDriverState *bs); 897int64_t qcow2_get_last_cluster(BlockDriverState *bs, int64_t size); 898int qcow2_detect_metadata_preallocation(BlockDriverState *bs); 899 900/* qcow2-cluster.c functions */ 901int qcow2_grow_l1_table(BlockDriverState *bs, uint64_t min_size, 902 bool exact_size); 903int qcow2_shrink_l1_table(BlockDriverState *bs, uint64_t max_size); 904int qcow2_write_l1_entry(BlockDriverState *bs, int l1_index); 905int qcow2_encrypt_sectors(BDRVQcow2State *s, int64_t sector_num, 906 uint8_t *buf, int nb_sectors, bool enc, Error **errp); 907 908int qcow2_get_host_offset(BlockDriverState *bs, uint64_t offset, 909 unsigned int *bytes, uint64_t *host_offset, 910 QCow2SubclusterType *subcluster_type); 911int qcow2_alloc_host_offset(BlockDriverState *bs, uint64_t offset, 912 unsigned int *bytes, uint64_t *host_offset, 913 QCowL2Meta **m); 914int qcow2_alloc_compressed_cluster_offset(BlockDriverState *bs, 915 uint64_t offset, 916 int compressed_size, 917 uint64_t *host_offset); 918void qcow2_parse_compressed_l2_entry(BlockDriverState *bs, uint64_t l2_entry, 919 uint64_t *coffset, int *csize); 920 921int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, QCowL2Meta *m); 922void qcow2_alloc_cluster_abort(BlockDriverState *bs, QCowL2Meta *m); 923int qcow2_cluster_discard(BlockDriverState *bs, uint64_t offset, 924 uint64_t bytes, enum qcow2_discard_type type, 925 bool full_discard); 926int qcow2_subcluster_zeroize(BlockDriverState *bs, uint64_t offset, 927 uint64_t bytes, int flags); 928 929int qcow2_expand_zero_clusters(BlockDriverState *bs, 930 BlockDriverAmendStatusCB *status_cb, 931 void *cb_opaque); 932 933/* qcow2-snapshot.c functions */ 934int qcow2_snapshot_create(BlockDriverState *bs, QEMUSnapshotInfo *sn_info); 935int qcow2_snapshot_goto(BlockDriverState *bs, const char *snapshot_id); 936int qcow2_snapshot_delete(BlockDriverState *bs, 937 const char *snapshot_id, 938 const char *name, 939 Error **errp); 940int qcow2_snapshot_list(BlockDriverState *bs, QEMUSnapshotInfo **psn_tab); 941int qcow2_snapshot_load_tmp(BlockDriverState *bs, 942 const char *snapshot_id, 943 const char *name, 944 Error **errp); 945 946void qcow2_free_snapshots(BlockDriverState *bs); 947int qcow2_read_snapshots(BlockDriverState *bs, Error **errp); 948int qcow2_write_snapshots(BlockDriverState *bs); 949 950int coroutine_fn qcow2_check_read_snapshot_table(BlockDriverState *bs, 951 BdrvCheckResult *result, 952 BdrvCheckMode fix); 953int coroutine_fn qcow2_check_fix_snapshot_table(BlockDriverState *bs, 954 BdrvCheckResult *result, 955 BdrvCheckMode fix); 956 957/* qcow2-cache.c functions */ 958Qcow2Cache *qcow2_cache_create(BlockDriverState *bs, int num_tables, 959 unsigned table_size); 960int qcow2_cache_destroy(Qcow2Cache *c); 961 962void qcow2_cache_entry_mark_dirty(Qcow2Cache *c, void *table); 963int qcow2_cache_flush(BlockDriverState *bs, Qcow2Cache *c); 964int qcow2_cache_write(BlockDriverState *bs, Qcow2Cache *c); 965int qcow2_cache_set_dependency(BlockDriverState *bs, Qcow2Cache *c, 966 Qcow2Cache *dependency); 967void qcow2_cache_depends_on_flush(Qcow2Cache *c); 968 969void qcow2_cache_clean_unused(Qcow2Cache *c); 970int qcow2_cache_empty(BlockDriverState *bs, Qcow2Cache *c); 971 972int qcow2_cache_get(BlockDriverState *bs, Qcow2Cache *c, uint64_t offset, 973 void **table); 974int qcow2_cache_get_empty(BlockDriverState *bs, Qcow2Cache *c, uint64_t offset, 975 void **table); 976void qcow2_cache_put(Qcow2Cache *c, void **table); 977void *qcow2_cache_is_table_offset(Qcow2Cache *c, uint64_t offset); 978void qcow2_cache_discard(Qcow2Cache *c, void *table); 979 980/* qcow2-bitmap.c functions */ 981int qcow2_check_bitmaps_refcounts(BlockDriverState *bs, BdrvCheckResult *res, 982 void **refcount_table, 983 int64_t *refcount_table_size); 984bool qcow2_load_dirty_bitmaps(BlockDriverState *bs, bool *header_updated, 985 Error **errp); 986bool qcow2_get_bitmap_info_list(BlockDriverState *bs, 987 Qcow2BitmapInfoList **info_list, Error **errp); 988int qcow2_reopen_bitmaps_rw(BlockDriverState *bs, Error **errp); 989int qcow2_truncate_bitmaps_check(BlockDriverState *bs, Error **errp); 990bool qcow2_store_persistent_dirty_bitmaps(BlockDriverState *bs, 991 bool release_stored, Error **errp); 992int qcow2_reopen_bitmaps_ro(BlockDriverState *bs, Error **errp); 993bool qcow2_co_can_store_new_dirty_bitmap(BlockDriverState *bs, 994 const char *name, 995 uint32_t granularity, 996 Error **errp); 997int qcow2_co_remove_persistent_dirty_bitmap(BlockDriverState *bs, 998 const char *name, 999 Error **errp); 1000bool qcow2_supports_persistent_dirty_bitmap(BlockDriverState *bs); 1001uint64_t qcow2_get_persistent_dirty_bitmap_size(BlockDriverState *bs, 1002 uint32_t cluster_size); 1003 1004ssize_t coroutine_fn 1005qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size, 1006 const void *src, size_t src_size); 1007ssize_t coroutine_fn 1008qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size, 1009 const void *src, size_t src_size); 1010int coroutine_fn 1011qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset, 1012 uint64_t guest_offset, void *buf, size_t len); 1013int coroutine_fn 1014qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset, 1015 uint64_t guest_offset, void *buf, size_t len); 1016 1017#endif