From 8dc0a5e7a06c059683f9c379c0a4b0bbc20d5c74 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Wed, 18 Apr 2012 16:18:14 +0200 Subject: qcow2: Fix error handling in qcow2_alloc_cluster_offset If do_alloc_cluster_offset() fails, the error handling code tried to remove the request from the in-flight queue, to which it wasn't added yet, resulting in a NULL pointer dereference. m->nb_clusters really only becomes != 0 when the request is in the list. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index cbd224dc46..dcf70a24d3 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -931,7 +931,7 @@ again: fail: qcow2_cache_put(bs, s->l2_table_cache, (void**) &l2_table); fail_put: - if (nb_clusters > 0) { + if (m->nb_clusters > 0) { QLIST_REMOVE(m, next_in_flight); } return ret; -- cgit v1.2.1 From 68d000a39074fe3888680491444a7fde2354cd84 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Wed, 14 Mar 2012 19:15:03 +0100 Subject: qcow2: Ignore reserved bits in get_cluster_offset With this change, reading from a qcow2 image ignores all reserved bits that are set in an L1 or L2 table entry. Now get_cluster_offset() assigns *cluster_offset only the offset without any other flags. The cluster type is not longer encoded in the offset, but a positive return value in case of success. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 41 +++++++++++++++++++++++++---------------- 1 file changed, 25 insertions(+), 16 deletions(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index dcf70a24d3..c8c85d224a 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -367,11 +367,9 @@ out: * * on exit, *num is the number of contiguous sectors we can read. * - * Return 0, if the offset is found - * Return -errno, otherwise. - * + * Returns the cluster type (QCOW2_CLUSTER_*) on success, -errno in error + * cases. */ - int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset, int *num, uint64_t *cluster_offset) { @@ -407,19 +405,19 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset, /* seek the the l2 offset in the l1 table */ l1_index = offset >> l1_bits; - if (l1_index >= s->l1_size) + if (l1_index >= s->l1_size) { + ret = QCOW2_CLUSTER_UNALLOCATED; goto out; + } - l2_offset = s->l1_table[l1_index]; - - /* seek the l2 table of the given l2 offset */ - - if (!l2_offset) + l2_offset = s->l1_table[l1_index] & L1E_OFFSET_MASK; + if (!l2_offset) { + ret = QCOW2_CLUSTER_UNALLOCATED; goto out; + } /* load the l2 table in memory */ - l2_offset &= ~QCOW_OFLAG_COPIED; ret = l2_load(bs, l2_offset, &l2_table); if (ret < 0) { return ret; @@ -431,26 +429,37 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset, *cluster_offset = be64_to_cpu(l2_table[l2_index]); nb_clusters = size_to_clusters(s, nb_needed << 9); - if (!*cluster_offset) { + ret = qcow2_get_cluster_type(*cluster_offset); + switch (ret) { + case QCOW2_CLUSTER_COMPRESSED: + /* Compressed clusters can only be processed one by one */ + c = 1; + *cluster_offset &= L2E_COMPRESSED_OFFSET_SIZE_MASK; + break; + case QCOW2_CLUSTER_UNALLOCATED: /* how many empty clusters ? */ c = count_contiguous_free_clusters(nb_clusters, &l2_table[l2_index]); - } else { + *cluster_offset = 0; + break; + case QCOW2_CLUSTER_NORMAL: /* how many allocated clusters ? */ c = count_contiguous_clusters(nb_clusters, s->cluster_size, &l2_table[l2_index], 0, QCOW_OFLAG_COPIED); + *cluster_offset &= L2E_OFFSET_MASK; + break; } qcow2_cache_put(bs, s->l2_table_cache, (void**) &l2_table); - nb_available = (c * s->cluster_sectors); + nb_available = (c * s->cluster_sectors); + out: if (nb_available > nb_needed) nb_available = nb_needed; *num = nb_available - index_in_cluster; - *cluster_offset &=~QCOW_OFLAG_COPIED; - return 0; + return ret; } /* -- cgit v1.2.1 From 2bfcc4a0a0b5120b6518e1c823c18cf0e8b963cb Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Thu, 15 Mar 2012 16:37:40 +0100 Subject: qcow2: Ignore reserved bits in count_contiguous_clusters() Until now, count_contiguous_clusters() has an argument that allowed to specify flags that should be ignored in the comparison, i.e. that are allowed to change between contiguous clusters. This patch changes the function so that it ignores all flags by default now and you need to pass the flags on which it should stop. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 38 ++++++++++++++++++++++++++++---------- 1 file changed, 28 insertions(+), 10 deletions(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index c8c85d224a..7b059908a0 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -246,28 +246,44 @@ fail: return ret; } +/* + * Checks how many clusters in a given L2 table are contiguous in the image + * file. As soon as one of the flags in the bitmask stop_flags changes compared + * to the first cluster, the search is stopped and the cluster is not counted + * as contiguous. (This allows it, for example, to stop at the first compressed + * cluster which may require a different handling) + */ static int count_contiguous_clusters(uint64_t nb_clusters, int cluster_size, - uint64_t *l2_table, uint64_t start, uint64_t mask) + uint64_t *l2_table, uint64_t start, uint64_t stop_flags) { int i; - uint64_t offset = be64_to_cpu(l2_table[0]) & ~mask; + uint64_t mask = stop_flags | L2E_OFFSET_MASK; + uint64_t offset = be64_to_cpu(l2_table[0]) & mask; if (!offset) return 0; - for (i = start; i < start + nb_clusters; i++) - if (offset + (uint64_t) i * cluster_size != (be64_to_cpu(l2_table[i]) & ~mask)) + for (i = start; i < start + nb_clusters; i++) { + uint64_t l2_entry = be64_to_cpu(l2_table[i]) & mask; + if (offset + (uint64_t) i * cluster_size != l2_entry) { break; + } + } return (i - start); } static int count_contiguous_free_clusters(uint64_t nb_clusters, uint64_t *l2_table) { - int i = 0; + int i; - while(nb_clusters-- && l2_table[i] == 0) - i++; + for (i = 0; i < nb_clusters; i++) { + int type = qcow2_get_cluster_type(be64_to_cpu(l2_table[i])); + + if (type != QCOW2_CLUSTER_UNALLOCATED) { + break; + } + } return i; } @@ -444,7 +460,7 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset, case QCOW2_CLUSTER_NORMAL: /* how many allocated clusters ? */ c = count_contiguous_clusters(nb_clusters, s->cluster_size, - &l2_table[l2_index], 0, QCOW_OFLAG_COPIED); + &l2_table[l2_index], 0, QCOW_OFLAG_COMPRESSED); *cluster_offset &= L2E_OFFSET_MASK; break; } @@ -696,7 +712,8 @@ static int count_cow_clusters(BDRVQcowState *s, int nb_clusters, while (i < nb_clusters) { i += count_contiguous_clusters(nb_clusters - i, s->cluster_size, - &l2_table[l2_index], i, 0); + &l2_table[l2_index], i, + QCOW_OFLAG_COPIED | QCOW_OFLAG_COMPRESSED); if ((i >= nb_clusters) || be64_to_cpu(l2_table[l2_index + i])) { break; } @@ -854,7 +871,8 @@ again: if (cluster_offset & QCOW_OFLAG_COPIED) { /* We keep all QCOW_OFLAG_COPIED clusters */ keep_clusters = count_contiguous_clusters(nb_clusters, s->cluster_size, - &l2_table[l2_index], 0, 0); + &l2_table[l2_index], 0, + QCOW_OFLAG_COPIED); assert(keep_clusters <= nb_clusters); nb_clusters -= keep_clusters; } else { -- cgit v1.2.1 From b0b6862e5e1a1394e0ab3d5da94ba8b0da8664e2 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Thu, 15 Mar 2012 17:20:11 +0100 Subject: qcow2: Fail write_compressed when overwriting data qcow2_alloc_compressed_cluster_offset() already fails if the copied flag is set, because qcow2_write_compressed() doesn't perform COW as it would have to do to allow this. However, what we really want to check here is whether the cluster is allocated or not. With internal snapshots the copied flag may not be set on allocated clusters. Check the cluster offset instead. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index 7b059908a0..dff782fc21 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -571,15 +571,14 @@ uint64_t qcow2_alloc_compressed_cluster_offset(BlockDriverState *bs, return 0; } + /* Compression can't overwrite anything. Fail if the cluster was already + * allocated. */ cluster_offset = be64_to_cpu(l2_table[l2_index]); - if (cluster_offset & QCOW_OFLAG_COPIED) { + if (cluster_offset & L2E_OFFSET_MASK) { qcow2_cache_put(bs, s->l2_table_cache, (void**) &l2_table); return 0; } - if (cluster_offset) - qcow2_free_any_clusters(bs, cluster_offset, 1); - cluster_offset = qcow2_alloc_bytes(bs, compressed_size); if (cluster_offset < 0) { qcow2_cache_put(bs, s->l2_table_cache, (void**) &l2_table); -- cgit v1.2.1 From 8e37f681d58bbe166c20559e77fd55b1cb8e6e4b Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Thu, 23 Feb 2012 15:40:55 +0100 Subject: qcow2: Ignore reserved bits in L1/L2 entries This changes the still existing places that assume that the only flags are QCOW_OFLAG_COPIED and QCOW_OFLAG_COMPRESSED to properly mask out reserved bits. It does not convert bdrv_check yet. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index dff782fc21..d1602d4bdd 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -195,7 +195,7 @@ static int l2_allocate(BlockDriverState *bs, int l1_index, uint64_t **table) l2_table = *table; - if (old_l2_offset == 0) { + if ((old_l2_offset & L1E_OFFSET_MASK) == 0) { /* if there was no old l2 table, clear the new table */ memset(l2_table, 0, s->l2_size * sizeof(uint64_t)); } else { @@ -203,7 +203,8 @@ static int l2_allocate(BlockDriverState *bs, int l1_index, uint64_t **table) /* if there was an old l2 table, read it from the disk */ BLKDBG_EVENT(bs->file, BLKDBG_L2_ALLOC_COW_READ); - ret = qcow2_cache_get(bs, s->l2_table_cache, old_l2_offset, + ret = qcow2_cache_get(bs, s->l2_table_cache, + old_l2_offset & L1E_OFFSET_MASK, (void**) &old_table); if (ret < 0) { goto fail; @@ -508,13 +509,13 @@ static int get_cluster_table(BlockDriverState *bs, uint64_t offset, return ret; } } - l2_offset = s->l1_table[l1_index]; + + l2_offset = s->l1_table[l1_index] & L1E_OFFSET_MASK; /* seek the l2 table of the given l2 offset */ - if (l2_offset & QCOW_OFLAG_COPIED) { + if (s->l1_table[l1_index] & QCOW_OFLAG_COPIED) { /* load the l2 table in memory */ - l2_offset &= ~QCOW_OFLAG_COPIED; ret = l2_load(bs, l2_offset, &l2_table); if (ret < 0) { return ret; @@ -530,7 +531,7 @@ static int get_cluster_table(BlockDriverState *bs, uint64_t offset, if (l2_offset) { qcow2_free_clusters(bs, l2_offset, s->l2_size * sizeof(uint64_t)); } - l2_offset = s->l1_table[l1_index] & ~QCOW_OFLAG_COPIED; + l2_offset = s->l1_table[l1_index] & L1E_OFFSET_MASK; } /* find the cluster offset for the given disk offset */ @@ -687,8 +688,7 @@ int qcow2_alloc_cluster_link_l2(BlockDriverState *bs, QCowL2Meta *m) */ if (j != 0) { for (i = 0; i < j; i++) { - qcow2_free_any_clusters(bs, - be64_to_cpu(old_cluster[i]) & ~QCOW_OFLAG_COPIED, 1); + qcow2_free_any_clusters(bs, be64_to_cpu(old_cluster[i]), 1); } } @@ -867,7 +867,9 @@ again: * Check how many clusters are already allocated and don't need COW, and how * many need a new allocation. */ - if (cluster_offset & QCOW_OFLAG_COPIED) { + if (qcow2_get_cluster_type(cluster_offset) == QCOW2_CLUSTER_NORMAL + && (cluster_offset & QCOW_OFLAG_COPIED)) + { /* We keep all QCOW_OFLAG_COPIED clusters */ keep_clusters = count_contiguous_clusters(nb_clusters, s->cluster_size, &l2_table[l2_index], 0, @@ -886,7 +888,7 @@ again: cluster_offset = 0; } - cluster_offset &= ~QCOW_OFLAG_COPIED; + cluster_offset &= L2E_OFFSET_MASK; /* If there is something left to allocate, do that now */ *m = (QCowL2Meta) { @@ -1041,9 +1043,7 @@ static int discard_single_l2(BlockDriverState *bs, uint64_t offset, uint64_t old_offset; old_offset = be64_to_cpu(l2_table[l2_index + i]); - old_offset &= ~QCOW_OFLAG_COPIED; - - if (old_offset == 0) { + if ((old_offset & L2E_OFFSET_MASK) == 0) { continue; } -- cgit v1.2.1 From 143550a83ef4eef86a847d00023d148e1f59f743 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Tue, 27 Mar 2012 13:17:22 +0200 Subject: qcow2: Simplify count_cow_clusters count_cow_clusters() tries to reuse existing functions, and all it achieves is to make things much more complicated than they really are: Everything needs COW, unless it's a normal cluster with refcount 1. This patch implements the obvious way of doing this, and by using qcow2_get_cluster_type() it gets rid of all flag magic. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 33 +++++++++++++++------------------ 1 file changed, 15 insertions(+), 18 deletions(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index d1602d4bdd..b8836ba009 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -706,30 +706,27 @@ err: static int count_cow_clusters(BDRVQcowState *s, int nb_clusters, uint64_t *l2_table, int l2_index) { - int i = 0; - uint64_t cluster_offset; + int i; - while (i < nb_clusters) { - i += count_contiguous_clusters(nb_clusters - i, s->cluster_size, - &l2_table[l2_index], i, - QCOW_OFLAG_COPIED | QCOW_OFLAG_COMPRESSED); - if ((i >= nb_clusters) || be64_to_cpu(l2_table[l2_index + i])) { - break; - } + for (i = 0; i < nb_clusters; i++) { + uint64_t l2_entry = be64_to_cpu(l2_table[l2_index + i]); + int cluster_type = qcow2_get_cluster_type(l2_entry); - i += count_contiguous_free_clusters(nb_clusters - i, - &l2_table[l2_index + i]); - if (i >= nb_clusters) { + switch(cluster_type) { + case QCOW2_CLUSTER_NORMAL: + if (l2_entry & QCOW_OFLAG_COPIED) { + goto out; + } break; - } - - cluster_offset = be64_to_cpu(l2_table[l2_index + i]); - - if ((cluster_offset & QCOW_OFLAG_COPIED) || - (cluster_offset & QCOW_OFLAG_COMPRESSED)) + case QCOW2_CLUSTER_UNALLOCATED: + case QCOW2_CLUSTER_COMPRESSED: break; + default: + abort(); + } } +out: assert(i <= nb_clusters); return i; } -- cgit v1.2.1 From 6377af48b0445e7ee50db6e0bd73a3a70098f5f4 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Fri, 16 Mar 2012 15:02:38 +0100 Subject: qcow2: Support reading zero clusters This adds support for reading zero clusters in version 3 images. Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index b8836ba009..5e5f5cf9ad 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -453,6 +453,12 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset, c = 1; *cluster_offset &= L2E_COMPRESSED_OFFSET_SIZE_MASK; break; + case QCOW2_CLUSTER_ZERO: + c = count_contiguous_clusters(nb_clusters, s->cluster_size, + &l2_table[l2_index], 0, + QCOW_OFLAG_COMPRESSED | QCOW_OFLAG_ZERO); + *cluster_offset = 0; + break; case QCOW2_CLUSTER_UNALLOCATED: /* how many empty clusters ? */ c = count_contiguous_free_clusters(nb_clusters, &l2_table[l2_index]); @@ -461,7 +467,8 @@ int qcow2_get_cluster_offset(BlockDriverState *bs, uint64_t offset, case QCOW2_CLUSTER_NORMAL: /* how many allocated clusters ? */ c = count_contiguous_clusters(nb_clusters, s->cluster_size, - &l2_table[l2_index], 0, QCOW_OFLAG_COMPRESSED); + &l2_table[l2_index], 0, + QCOW_OFLAG_COMPRESSED | QCOW_OFLAG_ZERO); *cluster_offset &= L2E_OFFSET_MASK; break; } @@ -720,6 +727,7 @@ static int count_cow_clusters(BDRVQcowState *s, int nb_clusters, break; case QCOW2_CLUSTER_UNALLOCATED: case QCOW2_CLUSTER_COMPRESSED: + case QCOW2_CLUSTER_ZERO: break; default: abort(); @@ -868,9 +876,10 @@ again: && (cluster_offset & QCOW_OFLAG_COPIED)) { /* We keep all QCOW_OFLAG_COPIED clusters */ - keep_clusters = count_contiguous_clusters(nb_clusters, s->cluster_size, - &l2_table[l2_index], 0, - QCOW_OFLAG_COPIED); + keep_clusters = + count_contiguous_clusters(nb_clusters, s->cluster_size, + &l2_table[l2_index], 0, + QCOW_OFLAG_COPIED | QCOW_OFLAG_ZERO); assert(keep_clusters <= nb_clusters); nb_clusters -= keep_clusters; } else { -- cgit v1.2.1 From 621f058940ea9f1ef3d8774ef3203544f1228df1 Mon Sep 17 00:00:00 2001 From: Kevin Wolf Date: Tue, 20 Mar 2012 15:12:58 +0100 Subject: qcow2: Zero write support Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) (limited to 'block/qcow2-cluster.c') diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index 5e5f5cf9ad..a747a88e13 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -1102,3 +1102,75 @@ int qcow2_discard_clusters(BlockDriverState *bs, uint64_t offset, return 0; } + +/* + * This zeroes as many clusters of nb_clusters as possible at once (i.e. + * all clusters in the same L2 table) and returns the number of zeroed + * clusters. + */ +static int zero_single_l2(BlockDriverState *bs, uint64_t offset, + unsigned int nb_clusters) +{ + BDRVQcowState *s = bs->opaque; + uint64_t *l2_table; + int l2_index; + int ret; + int i; + + ret = get_cluster_table(bs, offset, &l2_table, &l2_index); + if (ret < 0) { + return ret; + } + + /* Limit nb_clusters to one L2 table */ + nb_clusters = MIN(nb_clusters, s->l2_size - l2_index); + + for (i = 0; i < nb_clusters; i++) { + uint64_t old_offset; + + old_offset = be64_to_cpu(l2_table[l2_index + i]); + + /* Update L2 entries */ + qcow2_cache_entry_mark_dirty(s->l2_table_cache, l2_table); + if (old_offset & QCOW_OFLAG_COMPRESSED) { + l2_table[l2_index + i] = cpu_to_be64(QCOW_OFLAG_ZERO); + qcow2_free_any_clusters(bs, old_offset, 1); + } else { + l2_table[l2_index + i] |= cpu_to_be64(QCOW_OFLAG_ZERO); + } + } + + ret = qcow2_cache_put(bs, s->l2_table_cache, (void**) &l2_table); + if (ret < 0) { + return ret; + } + + return nb_clusters; +} + +int qcow2_zero_clusters(BlockDriverState *bs, uint64_t offset, int nb_sectors) +{ + BDRVQcowState *s = bs->opaque; + unsigned int nb_clusters; + int ret; + + /* The zero flag is only supported by version 3 and newer */ + if (s->qcow_version < 3) { + return -ENOTSUP; + } + + /* Each L2 table is handled by its own loop iteration */ + nb_clusters = size_to_clusters(s, nb_sectors << BDRV_SECTOR_BITS); + + while (nb_clusters > 0) { + ret = zero_single_l2(bs, offset, nb_clusters); + if (ret < 0) { + return ret; + } + + nb_clusters -= ret; + offset += (ret * s->cluster_size); + } + + return 0; +} -- cgit v1.2.1