block/qcow2-threads.c

   1 /*
   2  * Threaded data processing for Qcow2: compression, encryption
   3  *
   4  * Copyright (c) 2004-2006 Fabrice Bellard
   5  * Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved.
   6  *
   7  * Permission is hereby granted, free of charge, to any person obtaining a copy
   8  * of this software and associated documentation files (the "Software"), to deal
   9  * in the Software without restriction, including without limitation the rights
  10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  11  * copies of the Software, and to permit persons to whom the Software is
  12  * furnished to do so, subject to the following conditions:
  13  *
  14  * The above copyright notice and this permission notice shall be included in
  15  * all copies or substantial portions of the Software.
  16  *
  17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  23  * THE SOFTWARE.
  24  */
  25
  26 #include "qemu/osdep.h"
  27
  28 #define ZLIB_CONST
  29 #include <zlib.h>
  30
  31 #ifdef CONFIG_ZSTD
  32 #include <zstd.h>
  33 #include <zstd_errors.h>
  34 #endif
  35
  36 #include "qcow2.h"
  37 #include "block/block-io.h"
  38 #include "block/thread-pool.h"
  39 #include "crypto.h"
  40
  41 static int coroutine_fn
  42 qcow2_co_process(BlockDriverState *bs, ThreadPoolFunc *func, void *arg)
  43 {
  44     int ret;
  45     BDRVQcow2State *s = bs->opaque;
  46     ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
  47
  48     qemu_co_mutex_lock(&s->lock);
  49     while (s->nb_threads >= QCOW2_MAX_THREADS) {
  50         qemu_co_queue_wait(&s->thread_task_queue, &s->lock);
  51     }
  52     s->nb_threads++;
  53     qemu_co_mutex_unlock(&s->lock);
  54
  55     ret = thread_pool_submit_co(pool, func, arg);
  56
  57     qemu_co_mutex_lock(&s->lock);
  58     s->nb_threads--;
  59     qemu_co_queue_next(&s->thread_task_queue);
  60     qemu_co_mutex_unlock(&s->lock);
  61
  62     return ret;
  63 }
  64
  65
  66 /*
  67  * Compression
  68  */
  69
  70 typedef ssize_t (*Qcow2CompressFunc)(void *dest, size_t dest_size,
  71                                      const void *src, size_t src_size);
  72 typedef struct Qcow2CompressData {
  73     void *dest;
  74     size_t dest_size;
  75     const void *src;
  76     size_t src_size;
  77     ssize_t ret;
  78
  79     Qcow2CompressFunc func;
  80 } Qcow2CompressData;
  81
  82 /*
  83  * qcow2_zlib_compress()
  84  *
  85  * Compress @src_size bytes of data using zlib compression method
  86  *
  87  * @dest - destination buffer, @dest_size bytes
  88  * @src - source buffer, @src_size bytes
  89  *
  90  * Returns: compressed size on success
  91  *          -ENOMEM destination buffer is not enough to store compressed data
  92  *          -EIO    on any other error
  93  */
  94 static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size,
  95                                    const void *src, size_t src_size)
  96 {
  97     ssize_t ret;
  98     z_stream strm;
  99
 100     /* best compression, small window, no zlib header */
 101     memset(&strm, 0, sizeof(strm));
 102     ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
 103                        -12, 9, Z_DEFAULT_STRATEGY);
 104     if (ret != Z_OK) {
 105         return -EIO;
 106     }
 107
 108     /*
 109      * strm.next_in is not const in old zlib versions, such as those used on
 110      * OpenBSD/NetBSD, so cast the const away
 111      */
 112     strm.avail_in = src_size;
 113     strm.next_in = (void *) src;
 114     strm.avail_out = dest_size;
 115     strm.next_out = dest;
 116
 117     ret = deflate(&strm, Z_FINISH);
 118     if (ret == Z_STREAM_END) {
 119         ret = dest_size - strm.avail_out;
 120     } else {
 121         ret = (ret == Z_OK ? -ENOMEM : -EIO);
 122     }
 123
 124     deflateEnd(&strm);
 125
 126     return ret;
 127 }
 128
 129 /*
 130  * qcow2_zlib_decompress()
 131  *
 132  * Decompress some data (not more than @src_size bytes) to produce exactly
 133  * @dest_size bytes using zlib compression method
 134  *
 135  * @dest - destination buffer, @dest_size bytes
 136  * @src - source buffer, @src_size bytes
 137  *
 138  * Returns: 0 on success
 139  *          -EIO on fail
 140  */
 141 static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size,
 142                                      const void *src, size_t src_size)
 143 {
 144     int ret;
 145     z_stream strm;
 146
 147     memset(&strm, 0, sizeof(strm));
 148     strm.avail_in = src_size;
 149     strm.next_in = (void *) src;
 150     strm.avail_out = dest_size;
 151     strm.next_out = dest;
 152
 153     ret = inflateInit2(&strm, -12);
 154     if (ret != Z_OK) {
 155         return -EIO;
 156     }
 157
 158     ret = inflate(&strm, Z_FINISH);
 159     if ((ret == Z_STREAM_END || ret == Z_BUF_ERROR) && strm.avail_out == 0) {
 160         /*
 161          * We approve Z_BUF_ERROR because we need @dest buffer to be filled, but
 162          * @src buffer may be processed partly (because in qcow2 we know size of
 163          * compressed data with precision of one sector)
 164          */
 165         ret = 0;
 166     } else {
 167         ret = -EIO;
 168     }
 169
 170     inflateEnd(&strm);
 171
 172     return ret;
 173 }
 174
 175 #ifdef CONFIG_ZSTD
 176
 177 /*
 178  * qcow2_zstd_compress()
 179  *
 180  * Compress @src_size bytes of data using zstd compression method
 181  *
 182  * @dest - destination buffer, @dest_size bytes
 183  * @src - source buffer, @src_size bytes
 184  *
 185  * Returns: compressed size on success
 186  *          -ENOMEM destination buffer is not enough to store compressed data
 187  *          -EIO    on any other error
 188  */
 189 static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size,
 190                                    const void *src, size_t src_size)
 191 {
 192     ssize_t ret;
 193     size_t zstd_ret;
 194     ZSTD_outBuffer output = {
 195         .dst = dest,
 196         .size = dest_size,
 197         .pos = 0
 198     };
 199     ZSTD_inBuffer input = {
 200         .src = src,
 201         .size = src_size,
 202         .pos = 0
 203     };
 204     ZSTD_CCtx *cctx = ZSTD_createCCtx();
 205
 206     if (!cctx) {
 207         return -EIO;
 208     }
 209     /*
 210      * Use the zstd streamed interface for symmetry with decompression,
 211      * where streaming is essential since we don't record the exact
 212      * compressed size.
 213      *
 214      * ZSTD_compressStream2() tries to compress everything it could
 215      * with a single call. Although, ZSTD docs says that:
 216      * "You must continue calling ZSTD_compressStream2() with ZSTD_e_end
 217      * until it returns 0, at which point you are free to start a new frame",
 218      * in out tests we saw the only case when it returned with >0 -
 219      * when the output buffer was too small. In that case,
 220      * ZSTD_compressStream2() expects a bigger buffer on the next call.
 221      * We can't provide a bigger buffer because we are limited with dest_size
 222      * which we pass to the ZSTD_compressStream2() at once.
 223      * So, we don't need any loops and just abort the compression when we
 224      * don't get 0 result on the first call.
 225      */
 226     zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end);
 227
 228     if (zstd_ret) {
 229         if (zstd_ret > output.size - output.pos) {
 230             ret = -ENOMEM;
 231         } else {
 232             ret = -EIO;
 233         }
 234         goto out;
 235     }
 236
 237     /* make sure that zstd didn't overflow the dest buffer */
 238     assert(output.pos <= dest_size);
 239     ret = output.pos;
 240 out:
 241     ZSTD_freeCCtx(cctx);
 242     return ret;
 243 }
 244
 245 /*
 246  * qcow2_zstd_decompress()
 247  *
 248  * Decompress some data (not more than @src_size bytes) to produce exactly
 249  * @dest_size bytes using zstd compression method
 250  *
 251  * @dest - destination buffer, @dest_size bytes
 252  * @src - source buffer, @src_size bytes
 253  *
 254  * Returns: 0 on success
 255  *          -EIO on any error
 256  */
 257 static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size,
 258                                      const void *src, size_t src_size)
 259 {
 260     size_t zstd_ret = 0;
 261     ssize_t ret = 0;
 262     ZSTD_outBuffer output = {
 263         .dst = dest,
 264         .size = dest_size,
 265         .pos = 0
 266     };
 267     ZSTD_inBuffer input = {
 268         .src = src,
 269         .size = src_size,
 270         .pos = 0
 271     };
 272     ZSTD_DCtx *dctx = ZSTD_createDCtx();
 273
 274     if (!dctx) {
 275         return -EIO;
 276     }
 277
 278     /*
 279      * The compressed stream from the input buffer may consist of more
 280      * than one zstd frame. So we iterate until we get a fully
 281      * uncompressed cluster.
 282      * From zstd docs related to ZSTD_decompressStream:
 283      * "return : 0 when a frame is completely decoded and fully flushed"
 284      * We suppose that this means: each time ZSTD_decompressStream reads
 285      * only ONE full frame and returns 0 if and only if that frame
 286      * is completely decoded and flushed. Only after returning 0,
 287      * ZSTD_decompressStream reads another ONE full frame.
 288      */
 289     while (output.pos < output.size) {
 290         size_t last_in_pos = input.pos;
 291         size_t last_out_pos = output.pos;
 292         zstd_ret = ZSTD_decompressStream(dctx, &output, &input);
 293
 294         if (ZSTD_isError(zstd_ret)) {
 295             ret = -EIO;
 296             break;
 297         }
 298
 299         /*
 300          * The ZSTD manual is vague about what to do if it reads
 301          * the buffer partially, and we don't want to get stuck
 302          * in an infinite loop where ZSTD_decompressStream
 303          * returns > 0 waiting for another input chunk. So, we add
 304          * a check which ensures that the loop makes some progress
 305          * on each step.
 306          */
 307         if (last_in_pos >= input.pos &&
 308             last_out_pos >= output.pos) {
 309             ret = -EIO;
 310             break;
 311         }
 312     }
 313     /*
 314      * Make sure that we have the frame fully flushed here
 315      * if not, we somehow managed to get uncompressed cluster
 316      * greater then the cluster size, possibly because of its
 317      * damage.
 318      */
 319     if (zstd_ret > 0) {
 320         ret = -EIO;
 321     }
 322
 323     ZSTD_freeDCtx(dctx);
 324     assert(ret == 0 || ret == -EIO);
 325     return ret;
 326 }
 327 #endif
 328
 329 static int qcow2_compress_pool_func(void *opaque)
 330 {
 331     Qcow2CompressData *data = opaque;
 332
 333     data->ret = data->func(data->dest, data->dest_size,
 334                            data->src, data->src_size);
 335
 336     return 0;
 337 }
 338
 339 static ssize_t coroutine_fn
 340 qcow2_co_do_compress(BlockDriverState *bs, void *dest, size_t dest_size,
 341                      const void *src, size_t src_size, Qcow2CompressFunc func)
 342 {
 343     Qcow2CompressData arg = {
 344         .dest = dest,
 345         .dest_size = dest_size,
 346         .src = src,
 347         .src_size = src_size,
 348         .func = func,
 349     };
 350
 351     qcow2_co_process(bs, qcow2_compress_pool_func, &arg);
 352
 353     return arg.ret;
 354 }
 355
 356 /*
 357  * qcow2_co_compress()
 358  *
 359  * Compress @src_size bytes of data using the compression
 360  * method defined by the image compression type
 361  *
 362  * @dest - destination buffer, @dest_size bytes
 363  * @src - source buffer, @src_size bytes
 364  *
 365  * Returns: compressed size on success
 366  *          a negative error code on failure
 367  */
 368 ssize_t coroutine_fn
 369 qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size,
 370                   const void *src, size_t src_size)
 371 {
 372     BDRVQcow2State *s = bs->opaque;
 373     Qcow2CompressFunc fn;
 374
 375     switch (s->compression_type) {
 376     case QCOW2_COMPRESSION_TYPE_ZLIB:
 377         fn = qcow2_zlib_compress;
 378         break;
 379
 380 #ifdef CONFIG_ZSTD
 381     case QCOW2_COMPRESSION_TYPE_ZSTD:
 382         fn = qcow2_zstd_compress;
 383         break;
 384 #endif
 385     default:
 386         abort();
 387     }
 388
 389     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
 390 }
 391
 392 /*
 393  * qcow2_co_decompress()
 394  *
 395  * Decompress some data (not more than @src_size bytes) to produce exactly
 396  * @dest_size bytes using the compression method defined by the image
 397  * compression type
 398  *
 399  * @dest - destination buffer, @dest_size bytes
 400  * @src - source buffer, @src_size bytes
 401  *
 402  * Returns: 0 on success
 403  *          a negative error code on failure
 404  */
 405 ssize_t coroutine_fn
 406 qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size,
 407                     const void *src, size_t src_size)
 408 {
 409     BDRVQcow2State *s = bs->opaque;
 410     Qcow2CompressFunc fn;
 411
 412     switch (s->compression_type) {
 413     case QCOW2_COMPRESSION_TYPE_ZLIB:
 414         fn = qcow2_zlib_decompress;
 415         break;
 416
 417 #ifdef CONFIG_ZSTD
 418     case QCOW2_COMPRESSION_TYPE_ZSTD:
 419         fn = qcow2_zstd_decompress;
 420         break;
 421 #endif
 422     default:
 423         abort();
 424     }
 425
 426     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
 427 }
 428
 429
 430 /*
 431  * Cryptography
 432  */
 433
 434 /*
 435  * Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and
 436  * qcrypto_block_decrypt() functions.
 437  */
 438 typedef int (*Qcow2EncDecFunc)(QCryptoBlock *block, uint64_t offset,
 439                                uint8_t *buf, size_t len, Error **errp);
 440
 441 typedef struct Qcow2EncDecData {
 442     QCryptoBlock *block;
 443     uint64_t offset;
 444     uint8_t *buf;
 445     size_t len;
 446
 447     Qcow2EncDecFunc func;
 448 } Qcow2EncDecData;
 449
 450 static int qcow2_encdec_pool_func(void *opaque)
 451 {
 452     Qcow2EncDecData *data = opaque;
 453
 454     return data->func(data->block, data->offset, data->buf, data->len, NULL);
 455 }
 456
 457 static int coroutine_fn
 458 qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
 459                 uint64_t guest_offset, void *buf, size_t len,
 460                 Qcow2EncDecFunc func)
 461 {
 462     BDRVQcow2State *s = bs->opaque;
 463     Qcow2EncDecData arg = {
 464         .block = s->crypto,
 465         .offset = s->crypt_physical_offset ? host_offset : guest_offset,
 466         .buf = buf,
 467         .len = len,
 468         .func = func,
 469     };
 470     uint64_t sector_size;
 471
 472     assert(s->crypto);
 473
 474     sector_size = qcrypto_block_get_sector_size(s->crypto);
 475     assert(QEMU_IS_ALIGNED(guest_offset, sector_size));
 476     assert(QEMU_IS_ALIGNED(host_offset, sector_size));
 477     assert(QEMU_IS_ALIGNED(len, sector_size));
 478
 479     return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
 480 }
 481
 482 /*
 483  * qcow2_co_encrypt()
 484  *
 485  * Encrypts one or more contiguous aligned sectors
 486  *
 487  * @host_offset - underlying storage offset of the first sector of the
 488  * data to be encrypted
 489  *
 490  * @guest_offset - guest (virtual) offset of the first sector of the
 491  * data to be encrypted
 492  *
 493  * @buf - buffer with the data to encrypt, that after encryption
 494  *        will be written to the underlying storage device at
 495  *        @host_offset
 496  *
 497  * @len - length of the buffer (must be a multiple of the encryption
 498  *        sector size)
 499  *
 500  * Depending on the encryption method, @host_offset and/or @guest_offset
 501  * may be used for generating the initialization vector for
 502  * encryption.
 503  *
 504  * Note that while the whole range must be aligned on sectors, it
 505  * does not have to be aligned on clusters and can also cross cluster
 506  * boundaries
 507  */
 508 int coroutine_fn
 509 qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
 510                  uint64_t guest_offset, void *buf, size_t len)
 511 {
 512     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
 513                            qcrypto_block_encrypt);
 514 }
 515
 516 /*
 517  * qcow2_co_decrypt()
 518  *
 519  * Decrypts one or more contiguous aligned sectors
 520  * Similar to qcow2_co_encrypt
 521  */
 522 int coroutine_fn
 523 qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
 524                  uint64_t guest_offset, void *buf, size_t len)
 525 {
 526     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
 527                            qcrypto_block_decrypt);
 528 }