block/qcow2-threads.c

   1 /*
   2  * Threaded data processing for Qcow2: compression, encryption
   3  *
   4  * Copyright (c) 2004-2006 Fabrice Bellard
   5  * Copyright (c) 2018 Virtuozzo International GmbH. All rights reserved.
   6  *
   7  * Permission is hereby granted, free of charge, to any person obtaining a copy
   8  * of this software and associated documentation files (the "Software"), to deal
   9  * in the Software without restriction, including without limitation the rights
  10  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  11  * copies of the Software, and to permit persons to whom the Software is
  12  * furnished to do so, subject to the following conditions:
  13  *
  14  * The above copyright notice and this permission notice shall be included in
  15  * all copies or substantial portions of the Software.
  16  *
  17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  23  * THE SOFTWARE.
  24  */
  25
  26 #include "qemu/osdep.h"
  27
  28 #define ZLIB_CONST
  29 #include <zlib.h>
  30
  31 #ifdef CONFIG_ZSTD
  32 #include <zstd.h>
  33 #include <zstd_errors.h>
  34 #endif
  35
  36 #include "qcow2.h"
  37 #include "block/thread-pool.h"
  38 #include "crypto.h"
  39
  40 static int coroutine_fn
  41 qcow2_co_process(BlockDriverState *bs, ThreadPoolFunc *func, void *arg)
  42 {
  43     int ret;
  44     BDRVQcow2State *s = bs->opaque;
  45     ThreadPool *pool = aio_get_thread_pool(bdrv_get_aio_context(bs));
  46
  47     qemu_co_mutex_lock(&s->lock);
  48     while (s->nb_threads >= QCOW2_MAX_THREADS) {
  49         qemu_co_queue_wait(&s->thread_task_queue, &s->lock);
  50     }
  51     s->nb_threads++;
  52     qemu_co_mutex_unlock(&s->lock);
  53
  54     ret = thread_pool_submit_co(pool, func, arg);
  55
  56     qemu_co_mutex_lock(&s->lock);
  57     s->nb_threads--;
  58     qemu_co_queue_next(&s->thread_task_queue);
  59     qemu_co_mutex_unlock(&s->lock);
  60
  61     return ret;
  62 }
  63
  64
  65 /*
  66  * Compression
  67  */
  68
  69 typedef ssize_t (*Qcow2CompressFunc)(void *dest, size_t dest_size,
  70                                      const void *src, size_t src_size);
  71 typedef struct Qcow2CompressData {
  72     void *dest;
  73     size_t dest_size;
  74     const void *src;
  75     size_t src_size;
  76     ssize_t ret;
  77
  78     Qcow2CompressFunc func;
  79 } Qcow2CompressData;
  80
  81 /*
  82  * qcow2_zlib_compress()
  83  *
  84  * Compress @src_size bytes of data using zlib compression method
  85  *
  86  * @dest - destination buffer, @dest_size bytes
  87  * @src - source buffer, @src_size bytes
  88  *
  89  * Returns: compressed size on success
  90  *          -ENOMEM destination buffer is not enough to store compressed data
  91  *          -EIO    on any other error
  92  */
  93 static ssize_t qcow2_zlib_compress(void *dest, size_t dest_size,
  94                                    const void *src, size_t src_size)
  95 {
  96     ssize_t ret;
  97     z_stream strm;
  98
  99     /* best compression, small window, no zlib header */
 100     memset(&strm, 0, sizeof(strm));
 101     ret = deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
 102                        -12, 9, Z_DEFAULT_STRATEGY);
 103     if (ret != Z_OK) {
 104         return -EIO;
 105     }
 106
 107     /*
 108      * strm.next_in is not const in old zlib versions, such as those used on
 109      * OpenBSD/NetBSD, so cast the const away
 110      */
 111     strm.avail_in = src_size;
 112     strm.next_in = (void *) src;
 113     strm.avail_out = dest_size;
 114     strm.next_out = dest;
 115
 116     ret = deflate(&strm, Z_FINISH);
 117     if (ret == Z_STREAM_END) {
 118         ret = dest_size - strm.avail_out;
 119     } else {
 120         ret = (ret == Z_OK ? -ENOMEM : -EIO);
 121     }
 122
 123     deflateEnd(&strm);
 124
 125     return ret;
 126 }
 127
 128 /*
 129  * qcow2_zlib_decompress()
 130  *
 131  * Decompress some data (not more than @src_size bytes) to produce exactly
 132  * @dest_size bytes using zlib compression method
 133  *
 134  * @dest - destination buffer, @dest_size bytes
 135  * @src - source buffer, @src_size bytes
 136  *
 137  * Returns: 0 on success
 138  *          -EIO on fail
 139  */
 140 static ssize_t qcow2_zlib_decompress(void *dest, size_t dest_size,
 141                                      const void *src, size_t src_size)
 142 {
 143     int ret;
 144     z_stream strm;
 145
 146     memset(&strm, 0, sizeof(strm));
 147     strm.avail_in = src_size;
 148     strm.next_in = (void *) src;
 149     strm.avail_out = dest_size;
 150     strm.next_out = dest;
 151
 152     ret = inflateInit2(&strm, -12);
 153     if (ret != Z_OK) {
 154         return -EIO;
 155     }
 156
 157     ret = inflate(&strm, Z_FINISH);
 158     if ((ret == Z_STREAM_END || ret == Z_BUF_ERROR) && strm.avail_out == 0) {
 159         /*
 160          * We approve Z_BUF_ERROR because we need @dest buffer to be filled, but
 161          * @src buffer may be processed partly (because in qcow2 we know size of
 162          * compressed data with precision of one sector)
 163          */
 164         ret = 0;
 165     } else {
 166         ret = -EIO;
 167     }
 168
 169     inflateEnd(&strm);
 170
 171     return ret;
 172 }
 173
 174 #ifdef CONFIG_ZSTD
 175
 176 /*
 177  * qcow2_zstd_compress()
 178  *
 179  * Compress @src_size bytes of data using zstd compression method
 180  *
 181  * @dest - destination buffer, @dest_size bytes
 182  * @src - source buffer, @src_size bytes
 183  *
 184  * Returns: compressed size on success
 185  *          -ENOMEM destination buffer is not enough to store compressed data
 186  *          -EIO    on any other error
 187  */
 188 static ssize_t qcow2_zstd_compress(void *dest, size_t dest_size,
 189                                    const void *src, size_t src_size)
 190 {
 191     ssize_t ret;
 192     size_t zstd_ret;
 193     ZSTD_outBuffer output = {
 194         .dst = dest,
 195         .size = dest_size,
 196         .pos = 0
 197     };
 198     ZSTD_inBuffer input = {
 199         .src = src,
 200         .size = src_size,
 201         .pos = 0
 202     };
 203     ZSTD_CCtx *cctx = ZSTD_createCCtx();
 204
 205     if (!cctx) {
 206         return -EIO;
 207     }
 208     /*
 209      * Use the zstd streamed interface for symmetry with decompression,
 210      * where streaming is essential since we don't record the exact
 211      * compressed size.
 212      *
 213      * ZSTD_compressStream2() tries to compress everything it could
 214      * with a single call. Although, ZSTD docs says that:
 215      * "You must continue calling ZSTD_compressStream2() with ZSTD_e_end
 216      * until it returns 0, at which point you are free to start a new frame",
 217      * in out tests we saw the only case when it returned with >0 -
 218      * when the output buffer was too small. In that case,
 219      * ZSTD_compressStream2() expects a bigger buffer on the next call.
 220      * We can't provide a bigger buffer because we are limited with dest_size
 221      * which we pass to the ZSTD_compressStream2() at once.
 222      * So, we don't need any loops and just abort the compression when we
 223      * don't get 0 result on the first call.
 224      */
 225     zstd_ret = ZSTD_compressStream2(cctx, &output, &input, ZSTD_e_end);
 226
 227     if (zstd_ret) {
 228         if (zstd_ret > output.size - output.pos) {
 229             ret = -ENOMEM;
 230         } else {
 231             ret = -EIO;
 232         }
 233         goto out;
 234     }
 235
 236     /* make sure that zstd didn't overflow the dest buffer */
 237     assert(output.pos <= dest_size);
 238     ret = output.pos;
 239 out:
 240     ZSTD_freeCCtx(cctx);
 241     return ret;
 242 }
 243
 244 /*
 245  * qcow2_zstd_decompress()
 246  *
 247  * Decompress some data (not more than @src_size bytes) to produce exactly
 248  * @dest_size bytes using zstd compression method
 249  *
 250  * @dest - destination buffer, @dest_size bytes
 251  * @src - source buffer, @src_size bytes
 252  *
 253  * Returns: 0 on success
 254  *          -EIO on any error
 255  */
 256 static ssize_t qcow2_zstd_decompress(void *dest, size_t dest_size,
 257                                      const void *src, size_t src_size)
 258 {
 259     size_t zstd_ret = 0;
 260     ssize_t ret = 0;
 261     ZSTD_outBuffer output = {
 262         .dst = dest,
 263         .size = dest_size,
 264         .pos = 0
 265     };
 266     ZSTD_inBuffer input = {
 267         .src = src,
 268         .size = src_size,
 269         .pos = 0
 270     };
 271     ZSTD_DCtx *dctx = ZSTD_createDCtx();
 272
 273     if (!dctx) {
 274         return -EIO;
 275     }
 276
 277     /*
 278      * The compressed stream from the input buffer may consist of more
 279      * than one zstd frame. So we iterate until we get a fully
 280      * uncompressed cluster.
 281      * From zstd docs related to ZSTD_decompressStream:
 282      * "return : 0 when a frame is completely decoded and fully flushed"
 283      * We suppose that this means: each time ZSTD_decompressStream reads
 284      * only ONE full frame and returns 0 if and only if that frame
 285      * is completely decoded and flushed. Only after returning 0,
 286      * ZSTD_decompressStream reads another ONE full frame.
 287      */
 288     while (output.pos < output.size) {
 289         size_t last_in_pos = input.pos;
 290         size_t last_out_pos = output.pos;
 291         zstd_ret = ZSTD_decompressStream(dctx, &output, &input);
 292
 293         if (ZSTD_isError(zstd_ret)) {
 294             ret = -EIO;
 295             break;
 296         }
 297
 298         /*
 299          * The ZSTD manual is vague about what to do if it reads
 300          * the buffer partially, and we don't want to get stuck
 301          * in an infinite loop where ZSTD_decompressStream
 302          * returns > 0 waiting for another input chunk. So, we add
 303          * a check which ensures that the loop makes some progress
 304          * on each step.
 305          */
 306         if (last_in_pos >= input.pos &&
 307             last_out_pos >= output.pos) {
 308             ret = -EIO;
 309             break;
 310         }
 311     }
 312     /*
 313      * Make sure that we have the frame fully flushed here
 314      * if not, we somehow managed to get uncompressed cluster
 315      * greater then the cluster size, possibly because of its
 316      * damage.
 317      */
 318     if (zstd_ret > 0) {
 319         ret = -EIO;
 320     }
 321
 322     ZSTD_freeDCtx(dctx);
 323     assert(ret == 0 || ret == -EIO);
 324     return ret;
 325 }
 326 #endif
 327
 328 static int qcow2_compress_pool_func(void *opaque)
 329 {
 330     Qcow2CompressData *data = opaque;
 331
 332     data->ret = data->func(data->dest, data->dest_size,
 333                            data->src, data->src_size);
 334
 335     return 0;
 336 }
 337
 338 static ssize_t coroutine_fn
 339 qcow2_co_do_compress(BlockDriverState *bs, void *dest, size_t dest_size,
 340                      const void *src, size_t src_size, Qcow2CompressFunc func)
 341 {
 342     Qcow2CompressData arg = {
 343         .dest = dest,
 344         .dest_size = dest_size,
 345         .src = src,
 346         .src_size = src_size,
 347         .func = func,
 348     };
 349
 350     qcow2_co_process(bs, qcow2_compress_pool_func, &arg);
 351
 352     return arg.ret;
 353 }
 354
 355 /*
 356  * qcow2_co_compress()
 357  *
 358  * Compress @src_size bytes of data using the compression
 359  * method defined by the image compression type
 360  *
 361  * @dest - destination buffer, @dest_size bytes
 362  * @src - source buffer, @src_size bytes
 363  *
 364  * Returns: compressed size on success
 365  *          a negative error code on failure
 366  */
 367 ssize_t coroutine_fn
 368 qcow2_co_compress(BlockDriverState *bs, void *dest, size_t dest_size,
 369                   const void *src, size_t src_size)
 370 {
 371     BDRVQcow2State *s = bs->opaque;
 372     Qcow2CompressFunc fn;
 373
 374     switch (s->compression_type) {
 375     case QCOW2_COMPRESSION_TYPE_ZLIB:
 376         fn = qcow2_zlib_compress;
 377         break;
 378
 379 #ifdef CONFIG_ZSTD
 380     case QCOW2_COMPRESSION_TYPE_ZSTD:
 381         fn = qcow2_zstd_compress;
 382         break;
 383 #endif
 384     default:
 385         abort();
 386     }
 387
 388     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
 389 }
 390
 391 /*
 392  * qcow2_co_decompress()
 393  *
 394  * Decompress some data (not more than @src_size bytes) to produce exactly
 395  * @dest_size bytes using the compression method defined by the image
 396  * compression type
 397  *
 398  * @dest - destination buffer, @dest_size bytes
 399  * @src - source buffer, @src_size bytes
 400  *
 401  * Returns: 0 on success
 402  *          a negative error code on failure
 403  */
 404 ssize_t coroutine_fn
 405 qcow2_co_decompress(BlockDriverState *bs, void *dest, size_t dest_size,
 406                     const void *src, size_t src_size)
 407 {
 408     BDRVQcow2State *s = bs->opaque;
 409     Qcow2CompressFunc fn;
 410
 411     switch (s->compression_type) {
 412     case QCOW2_COMPRESSION_TYPE_ZLIB:
 413         fn = qcow2_zlib_decompress;
 414         break;
 415
 416 #ifdef CONFIG_ZSTD
 417     case QCOW2_COMPRESSION_TYPE_ZSTD:
 418         fn = qcow2_zstd_decompress;
 419         break;
 420 #endif
 421     default:
 422         abort();
 423     }
 424
 425     return qcow2_co_do_compress(bs, dest, dest_size, src, src_size, fn);
 426 }
 427
 428
 429 /*
 430  * Cryptography
 431  */
 432
 433 /*
 434  * Qcow2EncDecFunc: common prototype of qcrypto_block_encrypt() and
 435  * qcrypto_block_decrypt() functions.
 436  */
 437 typedef int (*Qcow2EncDecFunc)(QCryptoBlock *block, uint64_t offset,
 438                                uint8_t *buf, size_t len, Error **errp);
 439
 440 typedef struct Qcow2EncDecData {
 441     QCryptoBlock *block;
 442     uint64_t offset;
 443     uint8_t *buf;
 444     size_t len;
 445
 446     Qcow2EncDecFunc func;
 447 } Qcow2EncDecData;
 448
 449 static int qcow2_encdec_pool_func(void *opaque)
 450 {
 451     Qcow2EncDecData *data = opaque;
 452
 453     return data->func(data->block, data->offset, data->buf, data->len, NULL);
 454 }
 455
 456 static int coroutine_fn
 457 qcow2_co_encdec(BlockDriverState *bs, uint64_t host_offset,
 458                 uint64_t guest_offset, void *buf, size_t len,
 459                 Qcow2EncDecFunc func)
 460 {
 461     BDRVQcow2State *s = bs->opaque;
 462     Qcow2EncDecData arg = {
 463         .block = s->crypto,
 464         .offset = s->crypt_physical_offset ? host_offset : guest_offset,
 465         .buf = buf,
 466         .len = len,
 467         .func = func,
 468     };
 469     uint64_t sector_size;
 470
 471     assert(s->crypto);
 472
 473     sector_size = qcrypto_block_get_sector_size(s->crypto);
 474     assert(QEMU_IS_ALIGNED(guest_offset, sector_size));
 475     assert(QEMU_IS_ALIGNED(host_offset, sector_size));
 476     assert(QEMU_IS_ALIGNED(len, sector_size));
 477
 478     return len == 0 ? 0 : qcow2_co_process(bs, qcow2_encdec_pool_func, &arg);
 479 }
 480
 481 /*
 482  * qcow2_co_encrypt()
 483  *
 484  * Encrypts one or more contiguous aligned sectors
 485  *
 486  * @host_offset - underlying storage offset of the first sector of the
 487  * data to be encrypted
 488  *
 489  * @guest_offset - guest (virtual) offset of the first sector of the
 490  * data to be encrypted
 491  *
 492  * @buf - buffer with the data to encrypt, that after encryption
 493  *        will be written to the underlying storage device at
 494  *        @host_offset
 495  *
 496  * @len - length of the buffer (must be a multiple of the encryption
 497  *        sector size)
 498  *
 499  * Depending on the encryption method, @host_offset and/or @guest_offset
 500  * may be used for generating the initialization vector for
 501  * encryption.
 502  *
 503  * Note that while the whole range must be aligned on sectors, it
 504  * does not have to be aligned on clusters and can also cross cluster
 505  * boundaries
 506  */
 507 int coroutine_fn
 508 qcow2_co_encrypt(BlockDriverState *bs, uint64_t host_offset,
 509                  uint64_t guest_offset, void *buf, size_t len)
 510 {
 511     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
 512                            qcrypto_block_encrypt);
 513 }
 514
 515 /*
 516  * qcow2_co_decrypt()
 517  *
 518  * Decrypts one or more contiguous aligned sectors
 519  * Similar to qcow2_co_encrypt
 520  */
 521 int coroutine_fn
 522 qcow2_co_decrypt(BlockDriverState *bs, uint64_t host_offset,
 523                  uint64_t guest_offset, void *buf, size_t len)
 524 {
 525     return qcow2_co_encdec(bs, host_offset, guest_offset, buf, len,
 526                            qcrypto_block_decrypt);
 527 }