aboutsummaryrefslogtreecommitdiff
path: root/block/vhdx.c
AgeCommit message (Collapse)Author
2017-01-24migration: disallow migrate_add_blocker during migrationAshijeet Acharya
If a migration is already in progress and somebody attempts to add a migration blocker, this should rightly fail. Add an errp parameter and a retcode return value to migrate_add_blocker. Signed-off-by: John Snow <jsnow@redhat.com> Signed-off-by: Ashijeet Acharya <ashijeetacharya@gmail.com> Message-Id: <1484566314-3987-5-git-send-email-ashijeetacharya@gmail.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Acked-by: Greg Kurz <groug@kaod.org> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Merged with recent 'Allow invtsc migration' change
2016-09-23vhdx: Use QEMU UUID APIFam Zheng
This removes our dependency to libuuid, so that the driver can always be built. Similar to how we handled data plane configure options, --enable-vhdx and --disable-vhdx are also changed to a nop with a message saying it's obsolete. Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Message-Id: <1474432046-325-4-git-send-email-famz@redhat.com>
2016-07-05block: Convert bdrv_pwrite(v/_sync) to BdrvChildKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-07-05block: Convert bdrv_pread(v) to BdrvChildKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-07-05block: Convert bdrv_co_writev() to BdrvChildKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-07-05block: Convert bdrv_co_readv() to BdrvChildKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-07-05vhdx: Some more BlockBackend use in vhdx_create()Kevin Wolf
This does some easy conversions from bdrv_* to blk_* functions in vhdx_create(). We should avoid bypassing the BlockBackend layer whenever possible. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-07all: Remove unnecessary glib.h includesPeter Maydell
Remove glib.h includes, as it is provided by osdep.h. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-05-19qemu-common: stop including qemu/bswap.h from qemu-common.hPaolo Bonzini
Move it to the actual users. There are still a few includes of qemu/bswap.h in headers; removing them is left for future work. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-12block: Allow BDRV_REQ_FUA through blk_pwrite()Eric Blake
We have several block drivers that understand BDRV_REQ_FUA, and emulate it in the block layer for the rest by a full flush. But without a way to actually request BDRV_REQ_FUA during a pass-through blk_pwrite(), FUA-aware block drivers like NBD are forced to repeat the emulation logic of a full flush regardless of whether the backend they are writing to could do it more efficiently. This patch just wires up a flags argument; followup patches will actually make use of it in the NBD driver and in qemu-io. Signed-off-by: Eric Blake <eblake@redhat.com> Acked-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-03-30block: Always set writeback mode in blk_new_open()Kevin Wolf
All callers of blk_new_open() either don't rely on the WCE bit set after blk_new_open() because they explicitly set it anyway, or they pass BDRV_O_CACHE_WB unconditionally. This patch changes blk_new_open() so that it always enables writeback mode and asserts that BDRV_O_CACHE_WB is clear. For those callers that used to pass BDRV_O_CACHE_WB unconditionally, the flag is removed now. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com>
2016-03-22include/qemu/osdep.h: Don't include qapi/error.hMarkus Armbruster
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the Error typedef. Since then, we've moved to include qemu/osdep.h everywhere. Its file comment explains: "To avoid getting into possible circular include dependencies, this file should not include any other QEMU headers, with the exceptions of config-host.h, compiler.h, os-posix.h and os-win32.h, all of which are doing a similar job to this file and are under similar constraints." qapi/error.h doesn't do a similar job, and it doesn't adhere to similar constraints: it includes qapi-types.h. That's in excess of 100KiB of crap most .c files don't actually need. Add the typedef to qemu/typedefs.h, and include that instead of qapi/error.h. Include qapi/error.h in .c files that need it and don't get it now. Include qapi-types.h in qom/object.h for uint16List. Update scripts/clean-includes accordingly. Update it further to match reality: replace config.h by config-target.h, add sysemu/os-posix.h, sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h comment quoted above similarly. This reduces the number of objects depending on qapi/error.h from "all of them" to less than a third. Unfortunately, the number depending on qapi-types.h shrinks only a little. More work is needed for that one. Signed-off-by: Markus Armbruster <armbru@redhat.com> [Fix compilation without the spice devel packages. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-17blockdev: Split monitor reference from BB creationMax Reitz
Before this patch, blk_new() automatically assigned a name to the new BlockBackend and considered it referenced by the monitor. This patch removes the implicit monitor_add_blk() call from blk_new() (and consequently the monitor_remove_blk() call from blk_delete(), too) and thus blk_new() (and related functions) no longer take a BB name argument. In fact, there is only a single point where blk_new()/blk_new_open() is called and the new BB is monitor-owned, and that is in blockdev_init(). Besides thus relieving us from having to invent names for all of the BBs we use in qemu-img, this fixes a bug where qemu cannot create a new image if there already is a monitor-owned BB named "image". If a BB and its BDS tree are created in a single operation, as of this patch the BDS tree will be created before the BB is given a name (whereas it was the other way around before). This results in minor change to the output of iotest 087, whose reference output is amended accordingly. Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-03-14vhdx: Use BB functions in .bdrv_create()Kevin Wolf
All users of the block layers are supposed to go through a BlockBackend. The .bdrv_create() implementation is one such user, so this patch converts it. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-03-14block: Use writeback in .bdrv_create() implementationsKevin Wolf
There's no reason to use a writethrough cache mode while creating an image. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2016-02-29vhdx: Simplify vhdx_set_shift_bits()Max Reitz
For values which are powers of two (and we do assume all of these to be), sizeof(x) * 8 - 1 - clz(x) == ctz(x). Therefore, use ctz(). Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 1450451066-13335-3-git-send-email-mreitz@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-02-29vhdx: DIV_ROUND_UP() in vhdx_calc_bat_entries()Max Reitz
We have DIV_ROUND_UP(), so we can use it to produce more easily readable code. It may be slower than the bit shifting currently performed (because it actually performs a division), but since vhdx_calc_bat_entries() is never used in a hot path, this is completely fine. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 1450451066-13335-2-git-send-email-mreitz@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2016-01-20block: Clean up includesPeter Maydell
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-10-16block: Convert bs->file to BdrvChildKevin Wolf
This patch removes the temporary duplication between bs->file and bs->file_child by converting everything to BdrvChild. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-09-14block: Drop drv parameter from bdrv_open()Max Reitz
Now that this parameter is effectively unused, we can drop it and just pass NULL on to bdrv_open_inherit(). Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-09-11maint: remove double semicolons in many filesDaniel P. Berrange
A number of source files have statements accidentally terminated by a double semicolon - eg 'foo = bar;;'. This is harmless but a mistake none the less. The tcg/ia64/tcg-target.c file is whitelisted because it has valid use of ';;' in a comment containing assembly code. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2015-04-28block: use bdrv_get_device_or_node_name() in error messagesAlberto Garcia
There are several error messages that identify a BlockDriverState by its device name. However those errors can be produced in nodes that don't have a device name associated. In those cases we should use bdrv_get_device_or_node_name() to fall back to the node name and produce a more meaningful message. The messages are also updated to use the more generic term 'node' instead of 'device'. Signed-off-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 9823a1f0514fdb0692e92868661c38a9e00a12d6.1428485266.git.berto@igalia.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2015-04-28vhdx: Fix zero-fill iov lengthKevin Wolf
Fix the length of the zero-fill for the back, which was accidentally using the same value as for the front. This is caught by qemu-iotests 033. For consistency, change the code for the front as well to use the length stored in the iov (it is the same value, copied four lines above). Signed-off-by: Kevin Wolf <kwolf@redhat.com> Acked-by: Jeff Cody <jcody@redhat.com>
2015-01-23block: vhdx - force FileOffsetMB field to '0' for certain block statesJeff Cody
The v1.0.0 spec calls out PAYLOAD_BLOCK_ZERO FileOffsetMB field as being 'reserved'. In practice, this means that Hyper-V will fail to read a disk image with PAYLOAD_BLOCK_ZERO block states with a FileOffsetMB value other than 0. The other states that indicate a block that is not there (PAYLOAD_BLOCK_UNDEFINED, PAYLOAD_BLOCK_NOT_PRESENT, PAYLOAD_BLOCK_UNMAPPED) have multiple options for what FileOffsetMB may be set to, and '0' is explicitly called out as an option. For all the above states, we will also just set the FileOffsetMB value to 0. Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: a9fe92f53f07e6ab1693811e4312c0d1e958500b.1421787566.git.jcody@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
2014-12-12block: vhdx - set .bdrv_has_zero_init to bdrv_has_zero_init_1Jeff Cody
Now that new VHDX images will default to BAT block states of PAYLOAD_BLOCK_ZERO, we can indicate that VHDX has zero init. Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 5e582703e36450b9ca939e2e5c9fa3930030f7fe.1418018421.git.jcody@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-12-12block: vhdx - change .vhdx_create default block state to ZEROJeff Cody
The VHDX spec specifies that the default new block state is PAYLOAD_BLOCK_NOT_PRESENT for a dynamic VHDX image, and PAYLOAD_BLOCK_FULLY_PRESENT for a fixed VHDX image. However, in order to create space-efficient VHDX images with qemu-img convert, it is desirable to be able to set has_zero_init to true for VHDX. There is currently an option when creating VHDX images, to use block state ZERO for new blocks. However, this currently defaults to 'off'. In order to be able to eventually set has_zero_init to true for VHDX, this needs to default to 'on'. This patch changes the default to 'on', and provides some help information to warn against setting it to 'off' when using qemu-img convert. [Max Reitz pointed out that a full stop was missing at the end of the VHDX_BLOCK_OPT_ZERO option help text. I have added it. --Stefan] Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 85164899eacc86e150c3ceba793cf93b398dedd7.1418018421.git.jcody@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-12-12block: vhdx - update PAYLOAD_BLOCK_UNMAPPED value to match 1.00 specJeff Cody
The 0.95 VHDX spec defined PAYLOAD_BLOCK_UNMAPPED to be 5. The 1.00 VHDX spec redefines PAYLOAD_BLOCK_UNMAPPED to be 3 instead. The original value of 5 is now an undefined state in the spec, but it should be safe to treat it the same and return zeros for data read. This way, we can maintain compatibility with any images out in the wild that may have been created in accordance to the 0.95 spec. Reported-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 8a4d2da73a8dbc04cde62bea782fc09ff84b1cf1.1418018421.git.jcody@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-12-12block: vhdx - remove redundant commentsJeff Cody
Minor cleanup. Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: e8718ae3fd3e40a527e46a00e394973fbaab4d53.1418018421.git.jcody@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-10-20block: Eliminate BlockDriverState member device_name[]Markus Armbruster
device_name[] can become non-empty only in bdrv_new_root() and bdrv_move_feature_fields(). The latter is used only to undo damage done by bdrv_swap(). The former is called only by blk_new_with_bs(). Therefore, when a BlockDriverState's device_name[] is non-empty, then it's been created with a BlockBackend, and vice versa. Furthermore, blk_new_with_bs() keeps the two names equal. Therefore, device_name[] is redundant. Eliminate it. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-09-23Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into ↵Peter Maydell
staging # gpg: Signature made Mon 22 Sep 2014 12:41:59 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" * remotes/stefanha/tags/block-pull-request: (59 commits) block: Always compile virtio-blk dataplane vring: Better error handling if num is too large virtio: Import virtio_vring.h async: aio_context_new(): Handle event_notifier_init failure block: vhdx - fix reading beyond pointer during image creation block: delete cow block driver block/archipelago: Fix typo in qemu_archipelago_truncate() ahci: Add test_identify case to ahci-test. ahci: Add test_hba_enable to ahci-test. ahci: Add test_hba_spec to ahci-test. ahci: properly shadow the TFD register ahci: add test_pci_enable to ahci-test. ahci: Add test_pci_spec to ahci-test. ahci: MSI capability should be at 0x80, not 0x50. ahci: Adding basic functionality qtest. layout: Add generators for refcount table and blocks fuzz: Add fuzzing functions for entries of refcount table and blocks docs: List all image elements currently supported by the fuzzer qapi/block-core: Add "new" qcow2 options qcow2: Add overlap-check.template option ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-09-22block: vhdx - fix reading beyond pointer during image creationJeff Cody
In vhdx_create_metadata(), we allocate 40 bytes to entry_buffer for the various metadata table entries. However, we write out 64kB from that buffer into the new file. Only write out the correct 40 bytes. Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-22block/vhdx.c: Mark parent_vhdx_guid variable as unusedPeter Maydell
The parent_vhdx_guid variable is defined but never used, which provokes complaints from newer versions of clang. Since the variable definition is here acting as documentation of the image format, mark it with the 'unused' attribute to keep the compiler happy rather than simply deleting it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Fam Zheng <famz@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-09-22block: allow creation of fixed vhdx imagesAdelina Tuvenie
When trying to create a fixed vhd image qemu-img will return the following error: qemu-img: test.vhdx: Could not create image: Cannot allocate memory This happens because of a incorrect check in vhdx.c. Specifficaly, in vhdx_create_bat(), after allocating memory for the BAT entry, there is a check to determine if the allocation was unsuccsessful. The error comes from the fact that it checks if s->bat isn't NULL, which is true in case of succsessful allocation, and exits with error ENOMEM. Signed-off-by: Adelina Tuvenie <atuvenie@cloudbasesolutions.com> Acked-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-09-12block: round up file size to nearest sectorHu Tao
Currently the file size requested by user is rounded down to nearest sector, causing the actual file size could be a bit less than the size user requested. Since some formats (like qcow2) record virtual disk size in bytes, this can make the last few bytes cannot be accessed. This patch fixes it by rounding up file size to nearest sector so that the actual file size is no less than the requested file size. Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-20block: Use g_new() & friends where that makes obvious senseMarkus Armbruster
g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. Patch created with Coccinelle, with two manual changes on top: * Add const to bdrv_iterate_format() to keep the types straight * Convert the allocation in bdrv_drop_intermediate(), which Coccinelle inexplicably misses Coccinelle semantic patch: @@ type T; @@ -g_malloc(sizeof(T)) +g_new(T, 1) @@ type T; @@ -g_try_malloc(sizeof(T)) +g_try_new(T, 1) @@ type T; @@ -g_malloc0(sizeof(T)) +g_new0(T, 1) @@ type T; @@ -g_try_malloc0(sizeof(T)) +g_try_new0(T, 1) @@ type T; expression n; @@ -g_malloc(sizeof(T) * (n)) +g_new(T, n) @@ type T; expression n; @@ -g_try_malloc(sizeof(T) * (n)) +g_try_new(T, n) @@ type T; expression n; @@ -g_malloc0(sizeof(T) * (n)) +g_new0(T, n) @@ type T; expression n; @@ -g_try_malloc0(sizeof(T) * (n)) +g_try_new0(T, n) @@ type T; expression p, n; @@ -g_realloc(p, sizeof(T) * (n)) +g_renew(T, p, n) @@ type T; expression p, n; @@ -g_try_realloc(p, sizeof(T) * (n)) +g_try_renew(T, p, n) Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-08-15vhdx: Handle failure for potentially large allocationsKevin Wolf
Some code in the block layer makes potentially huge allocations. Failure is not completely unexpected there, so avoid aborting qemu and handle out-of-memory situations gracefully. This patch addresses the allocations in the vhdx block driver. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net>
2014-08-15block: VHDX endian fixesJeff Cody
This patch contains several changes for endian conversion fixes for VHDX, particularly for big-endian machines (multibyte values in VHDX are all on disk in LE format). Tests were done with existing qemu-iotests on an IBM POWER7 (8406-71Y). This includes sample images created by Hyper-V, both with dirty logs and without. In addition, VHDX image files created (and written to) on a BE machine were tested on a LE machine, and vice-versa. Reported-by: Markus Armburster <armbru@redhat.com> Reported-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Jeff Cody <jcody@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-06-16cleanup QEMUOptionParameterChunyan Liu
Now that all backend drivers are using QemuOpts, remove all QEMUOptionParameter related codes. Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com> Signed-off-by: Chunyan Liu <cyliu@suse.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-06-16vhdx.c: replace QEMUOptionParameter with QemuOptsChunyan Liu
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com> Signed-off-by: Chunyan Liu <cyliu@suse.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-06-16change block layer to support both QemuOpts and QEMUOptionParamterChunyan Liu
Change block layer to support both QemuOpts and QEMUOptionParameter. After this patch, it will change backend drivers one by one. At the end, QEMUOptionParameter will be removed and only QemuOpts is kept. Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com> Signed-off-by: Chunyan Liu <cyliu@suse.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-05-19block: vhdx - account for identical header sectionsJeff Cody
The VHDX spec v1.00 declares that "a header is current if it is the only valid header or if it is valid and its SequenceNumber field is greater than the other header’s SequenceNumber field. The parser must only use data from the current header. If there is no current header, then the VHDX file is corrupt." However, the Disk2VHD tool from Microsoft creates a VHDX image file that has 2 identical headers, including matching checksums and matching sequence numbers. Likely, as a shortcut the tool is just writing the header twice, for the active and inactive headers, during the image creation. Technically, this should be considered a corrupt VHDX file (at least per the 1.00 spec, and that is how we currently treat it). But in order to accomodate images created with Disk2VHD, we can safely create an exception for this case. If we find identical sequence numbers, then we check the VHDXHeader-sized chunks of each 64KB header sections (we won't rely just on the crc32c to indicate the headers are the same). If they are identical, then we go ahead and use the first one. Reported-by: Nerijus Baliūnas <nerijus@users.sourceforge.net> Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-04-01vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148)Jeff Cody
Other variables (e.g. sectors_per_block) are calculated using these variables, and if not range-checked illegal values could be obtained causing infinite loops and other potential issues when calculating BAT entries. The 1.00 VHDX spec requires BlockSize to be min 1MB, max 256MB. LogicalSectorSize is required to be either 512 or 4096 bytes. Reported-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-02-21vhdx: correctly propagate errorsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-02-21block: Make bdrv_file_open() staticMax Reitz
Add the bdrv_open() option BDRV_O_PROTOCOL which results in passing the call to bdrv_file_open(). Additionally, make bdrv_file_open() static and therefore bdrv_open() the only way to call it. Consequently, all existing calls to bdrv_file_open() have to be adjusted to use bdrv_open() with the BDRV_O_PROTOCOL flag instead. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Benoit Canet <benoit@irqsave.net> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-01-31block/vhdx: Error checking fixesMarkus Armbruster
Errors are inadvertently ignored in a few places. Has always been broken. Spotted by Coverity. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-01-22block: Allow reference for bdrv_file_open()Max Reitz
Allow specifying a reference to an existing block device (by name) for bdrv_file_open() instead of a filename and/or options. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-12-20block: vhdx - improve error message, and .bdrv_check implementationJeff Cody
If there is a dirty log file to be replayed in a VHDX image, it is replayed in .vhdx_open(). However, if the file is opened read-only, then a somewhat cryptic error message results. This adds a more helpful error message for the user. If an image file contains a log to be replayed, and is opened read-only, the user is instructed to run 'qemu-img check -r all' on the image file. Running qemu-img check -r all will cause the image file to be opened r/w, which will replay the log file. If a log file replay is detected, this is flagged, and bdrv_check will increase the corruptions_fixed count for the image. [Fixed typo in error message that was pointed out by Eric Blake <eblake@redhat.com>. --Stefan] Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-12-03block drivers: add discard/write_zeroes properties to bdrv_get_info ↵Paolo Bonzini
implementation Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-12-03vpc, vhdx: add get_infoPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Peter Lieven <pl@kamp.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2013-11-07block: vhdx - add .bdrv_create() supportJeff Cody
This adds support for VHDX image creation, for images of type "Fixed" and "Dynamic". "Differencing" types (i.e., VHDX images with backing files) are currently not supported. Options for image creation include: * log size: The size of the journaling log for VHDX. Minimum is 1MB, and it must be a multiple of 1MB. Invalid log sizes will be silently fixed by rounding up to the nearest MB. Default is 1MB. * block size: This is the size of a payload block. The range is 1MB to 256MB, inclusive, and must be a multiple of 1MB as well. Invalid sizes and multiples will be silently fixed. If '0' is passed, then a sane size is chosen (depending on virtual image size). Default is 0 (Auto-select). * subformat: - "dynamic" An image without data pre-allocated. - "fixed" An image with data pre-allocated. Default is "dynamic" When creating the image file, the lettered sections are created: -----------------------------------------------------------------. | (A) | (B) | (C) | (D) | (E) | File ID | Header1 | Header 2 | Region Tbl 1 | Region Tbl 2 | | | | | .-----------------------------------------------------------------. 0 64KB 128KB 192KB 256KB 320KB .---- ~ ----------- ~ ------------ ~ ---------------- ~ -----------. | (F) | (G) | (H) | | Journal Log | BAT / Bitmap | Metadata | .... data ...... | | | | .---- ~ ----------- ~ ------------ ~ ---------------- ~ -----------. 1MB (var.) (var.) (var.) Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>