/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c

Bug Summary

File:	block/vhdx.c
Location:	line 1671, column 5
Description:	Value stored to 'ret' is never read

Annotated Source Code

1	/*
2	* Block driver for Hyper-V VHDX Images
3	*
4	* Copyright (c) 2013 Red Hat, Inc.,
5	*
6	* Authors:
7	* Jeff Cody <jcody@redhat.com>
8	*
9	* This is based on the "VHDX Format Specification v1.00", published 8/25/2012
10	* by Microsoft:
11	* https://www.microsoft.com/en-us/download/details.aspx?id=34750
12	*
13	* This work is licensed under the terms of the GNU LGPL, version 2 or later.
14	* See the COPYING.LIB file in the top-level directory.
15	*
16	*/
17
18	#include "qemu-common.h"
19	#include "block/block_int.h"
20	#include "qemu/module.h"
21	#include "qemu/crc32c.h"
22	#include "block/vhdx.h"
23	#include "migration/migration.h"
24
25	#include <uuid/uuid.h>
26	#include <glib.h>
27
28	/* Options for VHDX creation */
29
30	#define VHDX_BLOCK_OPT_LOG_SIZE"log_size" "log_size"
31	#define VHDX_BLOCK_OPT_BLOCK_SIZE"block_size" "block_size"
32	#define VHDX_BLOCK_OPT_ZERO"block_state_zero" "block_state_zero"
33
34	typedef enum VHDXImageType {
35	VHDX_TYPE_DYNAMIC = 0,
36	VHDX_TYPE_FIXED,
37	VHDX_TYPE_DIFFERENCING, /* Currently unsupported */
38	} VHDXImageType;
39
40	/* Several metadata and region table data entries are identified by
41	* guids in a MS-specific GUID format. */
42
43
44	/* ------- Known Region Table GUIDs ---------------------- */
45	static const MSGUID bat_guid = { .data1 = 0x2dc27766,
46	.data2 = 0xf623,
47	.data3 = 0x4200,
48	.data4 = { 0x9d, 0x64, 0x11, 0x5e,
49	0x9b, 0xfd, 0x4a, 0x08} };
50
51	static const MSGUID metadata_guid = { .data1 = 0x8b7ca206,
52	.data2 = 0x4790,
53	.data3 = 0x4b9a,
54	.data4 = { 0xb8, 0xfe, 0x57, 0x5f,
55	0x05, 0x0f, 0x88, 0x6e} };
56
57
58
59	/* ------- Known Metadata Entry GUIDs ---------------------- */
60	static const MSGUID file_param_guid = { .data1 = 0xcaa16737,
61	.data2 = 0xfa36,
62	.data3 = 0x4d43,
63	.data4 = { 0xb3, 0xb6, 0x33, 0xf0,
64	0xaa, 0x44, 0xe7, 0x6b} };
65
66	static const MSGUID virtual_size_guid = { .data1 = 0x2FA54224,
67	.data2 = 0xcd1b,
68	.data3 = 0x4876,
69	.data4 = { 0xb2, 0x11, 0x5d, 0xbe,
70	0xd8, 0x3b, 0xf4, 0xb8} };
71
72	static const MSGUID page83_guid = { .data1 = 0xbeca12ab,
73	.data2 = 0xb2e6,
74	.data3 = 0x4523,
75	.data4 = { 0x93, 0xef, 0xc3, 0x09,
76	0xe0, 0x00, 0xc7, 0x46} };
77
78
79	static const MSGUID phys_sector_guid = { .data1 = 0xcda348c7,
80	.data2 = 0x445d,
81	.data3 = 0x4471,
82	.data4 = { 0x9c, 0xc9, 0xe9, 0x88,
83	0x52, 0x51, 0xc5, 0x56} };
84
85	static const MSGUID parent_locator_guid = { .data1 = 0xa8d35f2d,
86	.data2 = 0xb30b,
87	.data3 = 0x454d,
88	.data4 = { 0xab, 0xf7, 0xd3,
89	0xd8, 0x48, 0x34,
90	0xab, 0x0c} };
91
92	static const MSGUID logical_sector_guid = { .data1 = 0x8141bf1d,
93	.data2 = 0xa96f,
94	.data3 = 0x4709,
95	.data4 = { 0xba, 0x47, 0xf2,
96	0x33, 0xa8, 0xfa,
97	0xab, 0x5f} };
98
99	/* Each parent type must have a valid GUID; this is for parent images
100	* of type 'VHDX'. If we were to allow e.g. a QCOW2 parent, we would
101	* need to make up our own QCOW2 GUID type */
102	static const MSGUID parent_vhdx_guid = { .data1 = 0xb04aefb7,
103	.data2 = 0xd19e,
104	.data3 = 0x4a81,
105	.data4 = { 0xb7, 0x89, 0x25, 0xb8,
106	0xe9, 0x44, 0x59, 0x13} };
107
108
109	#define META_FILE_PARAMETER_PRESENT0x01 0x01
110	#define META_VIRTUAL_DISK_SIZE_PRESENT0x02 0x02
111	#define META_PAGE_83_PRESENT0x04 0x04
112	#define META_LOGICAL_SECTOR_SIZE_PRESENT0x08 0x08
113	#define META_PHYS_SECTOR_SIZE_PRESENT0x10 0x10
114	#define META_PARENT_LOCATOR_PRESENT0x20 0x20
115
116	#define META_ALL_PRESENT(0x01 \| 0x02 \| 0x04 \| 0x08 \| 0x10) \
117	(META_FILE_PARAMETER_PRESENT0x01 \| META_VIRTUAL_DISK_SIZE_PRESENT0x02 \| \
118	META_PAGE_83_PRESENT0x04 \| META_LOGICAL_SECTOR_SIZE_PRESENT0x08 \| \
119	META_PHYS_SECTOR_SIZE_PRESENT0x10)
120
121
122	typedef struct VHDXSectorInfo {
123	uint32_t bat_idx; /* BAT entry index */
124	uint32_t sectors_avail; /* sectors available in payload block */
125	uint32_t bytes_left; /* bytes left in the block after data to r/w */
126	uint32_t bytes_avail; /* bytes available in payload block */
127	uint64_t file_offset; /* absolute offset in bytes, in file */
128	uint64_t block_offset; /* block offset, in bytes */
129	} VHDXSectorInfo;
130
131	/* Calculates new checksum.
132	*
133	* Zero is substituted during crc calculation for the original crc field
134	* crc_offset: byte offset in buf of the buffer crc
135	* buf: buffer pointer
136	* size: size of buffer (must be > crc_offset+4)
137	*
138	* Note: The resulting checksum is in the CPU endianness, not necessarily
139	* in the file format endianness (LE). Any header export to disk should
140	* make sure that vhdx_header_le_export() is used to convert to the
141	* correct endianness
142	*/
143	uint32_t vhdx_update_checksum(uint8_t *buf, size_t size, int crc_offset)
144	{
145	uint32_t crc;
146
147	assert(buf != NULL)((buf != ((void)0)) ? (void) (0) : __assert_fail ("buf != ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 147, __PRETTY_FUNCTION__ ));
148	assert(size > (crc_offset + sizeof(crc)))((size > (crc_offset + sizeof(crc))) ? (void) (0) : __assert_fail ("size > (crc_offset + sizeof(crc))", "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c" , 148, __PRETTY_FUNCTION__));
149
150	memset(buf + crc_offset, 0, sizeof(crc));
151	crc = crc32c(0xffffffff, buf, size);
152	memcpy(buf + crc_offset, &crc, sizeof(crc));
153
154	return crc;
155	}
156
157	uint32_t vhdx_checksum_calc(uint32_t crc, uint8_t *buf, size_t size,
158	int crc_offset)
159	{
160	uint32_t crc_new;
161	uint32_t crc_orig;
162	assert(buf != NULL)((buf != ((void)0)) ? (void) (0) : __assert_fail ("buf != ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 162, __PRETTY_FUNCTION__ ));
163
164	if (crc_offset > 0) {
165	memcpy(&crc_orig, buf + crc_offset, sizeof(crc_orig));
166	memset(buf + crc_offset, 0, sizeof(crc_orig));
167	}
168
169	crc_new = crc32c(crc, buf, size);
170	if (crc_offset > 0) {
171	memcpy(buf + crc_offset, &crc_orig, sizeof(crc_orig));
172	}
173
174	return crc_new;
175	}
176
177	/* Validates the checksum of the buffer, with an in-place CRC.
178	*
179	* Zero is substituted during crc calculation for the original crc field,
180	* and the crc field is restored afterwards. But the buffer will be modifed
181	* during the calculation, so this may not be not suitable for multi-threaded
182	* use.
183	*
184	* crc_offset: byte offset in buf of the buffer crc
185	* buf: buffer pointer
186	* size: size of buffer (must be > crc_offset+4)
187	*
188	* returns true if checksum is valid, false otherwise
189	*/
190	bool_Bool vhdx_checksum_is_valid(uint8_t *buf, size_t size, int crc_offset)
191	{
192	uint32_t crc_orig;
193	uint32_t crc;
194
195	assert(buf != NULL)((buf != ((void)0)) ? (void) (0) : __assert_fail ("buf != ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 195, __PRETTY_FUNCTION__ ));
196	assert(size > (crc_offset + 4))((size > (crc_offset + 4)) ? (void) (0) : __assert_fail ("size > (crc_offset + 4)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 196, __PRETTY_FUNCTION__ ));
197
198	memcpy(&crc_orig, buf + crc_offset, sizeof(crc_orig));
199	crc_orig = le32_to_cpu(crc_orig);
200
201	crc = vhdx_checksum_calc(0xffffffff, buf, size, crc_offset);
202
203	return crc == crc_orig;
204	}
205
206
207	/*
208	* This generates a UUID that is compliant with the MS GUIDs used
209	* in the VHDX spec (and elsewhere).
210	*/
211	void vhdx_guid_generate(MSGUID *guid)
212	{
213	uuid_t uuid;
214	assert(guid != NULL)((guid != ((void)0)) ? (void) (0) : __assert_fail ("guid != ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 214, __PRETTY_FUNCTION__ ));
215
216	uuid_generate(uuid);
217	memcpy(guid, uuid, sizeof(MSGUID));
218	}
219
220	/* Check for region overlaps inside the VHDX image */
221	static int vhdx_region_check(BDRVVHDXState *s, uint64_t start, uint64_t length)
222	{
223	int ret = 0;
224	uint64_t end;
225	VHDXRegionEntry *r;
226
227	end = start + length;
228	QLIST_FOREACH(r, &s->regions, entries)for ((r) = ((&s->regions)->lh_first); (r); (r) = (( r)->entries.le_next)) {
229	if (!((start >= r->end) \|\| (end <= r->start))) {
230	ret = -EINVAL22;
231	goto exit;
232	}
233	}
234
235	exit:
236	return ret;
237	}
238
239	/* Register a region for future checks */
240	static void vhdx_region_register(BDRVVHDXState *s,
241	uint64_t start, uint64_t length)
242	{
243	VHDXRegionEntry *r;
244
245	r = g_malloc0(sizeof(*r));
246
247	r->start = start;
248	r->end = start + length;
249
250	QLIST_INSERT_HEAD(&s->regions, r, entries)do { if (((r)->entries.le_next = (&s->regions)-> lh_first) != ((void*)0)) (&s->regions)->lh_first-> entries.le_prev = &(r)->entries.le_next; (&s->regions )->lh_first = (r); (r)->entries.le_prev = &(&s-> regions)->lh_first; } while ( 0);
251	}
252
253	/* Free all registered regions */
254	static void vhdx_region_unregister_all(BDRVVHDXState *s)
255	{
256	VHDXRegionEntry r, r_next;
257
258	QLIST_FOREACH_SAFE(r, &s->regions, entries, r_next)for ((r) = ((&s->regions)->lh_first); (r) && ((r_next) = ((r)->entries.le_next), 1); (r) = (r_next)) {
259	QLIST_REMOVE(r, entries)do { if ((r)->entries.le_next != ((void)0)) (r)->entries .le_next->entries.le_prev = (r)->entries.le_prev; (r)-> entries.le_prev = (r)->entries.le_next; } while ( 0);
260	g_free(r);
261	}
262	}
263
264	static void vhdx_set_shift_bits(BDRVVHDXState *s)
265	{
266	s->logical_sector_size_bits = 31 - clz32(s->logical_sector_size);
267	s->sectors_per_block_bits = 31 - clz32(s->sectors_per_block);
268	s->chunk_ratio_bits = 63 - clz64(s->chunk_ratio);
269	s->block_size_bits = 31 - clz32(s->block_size);
270	}
271
272	/*
273	* Per the MS VHDX Specification, for every VHDX file:
274	* - The header section is fixed size - 1 MB
275	* - The header section is always the first "object"
276	* - The first 64KB of the header is the File Identifier
277	* - The first uint64 (8 bytes) is the VHDX Signature ("vhdxfile")
278	* - The following 512 bytes constitute a UTF-16 string identifiying the
279	* software that created the file, and is optional and diagnostic only.
280	*
281	* Therefore, we probe by looking for the vhdxfile signature "vhdxfile"
282	*/
283	static int vhdx_probe(const uint8_t buf, int buf_size, const char filename)
284	{
285	if (buf_size >= 8 && !memcmp(buf, "vhdxfile", 8)) {
286	return 100;
287	}
288	return 0;
289	}
290
291	/*
292	* Writes the header to the specified offset.
293	*
294	* This will optionally read in buffer data from disk (otherwise zero-fill),
295	* and then update the header checksum. Header is converted to proper
296	* endianness before being written to the specified file offset
297	*/
298	static int vhdx_write_header(BlockDriverState bs_file, VHDXHeader hdr,
299	uint64_t offset, bool_Bool read)
300	{
301	uint8_t buffer = NULL((void)0);
302	int ret;
303	VHDXHeader header_le;
304
305	assert(bs_file != NULL)((bs_file != ((void)0)) ? (void) (0) : __assert_fail ("bs_file != ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 305, __PRETTY_FUNCTION__ ));
306	assert(hdr != NULL)((hdr != ((void)0)) ? (void) (0) : __assert_fail ("hdr != ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 306, __PRETTY_FUNCTION__ ));
307
308	/* the header checksum is not over just the packed size of VHDXHeader,
309	* but rather over the entire 'reserved' range for the header, which is
310	* 4KB (VHDX_HEADER_SIZE). */
311
312	buffer = qemu_blockalign(bs_file, VHDX_HEADER_SIZE(4 * 1024));
313	if (read) {
314	/* if true, we can't assume the extra reserved bytes are 0 */
315	ret = bdrv_pread(bs_file, offset, buffer, VHDX_HEADER_SIZE(4 * 1024));
316	if (ret < 0) {
317	goto exit;
318	}
319	} else {
320	memset(buffer, 0, VHDX_HEADER_SIZE(4 * 1024));
321	}
322
323	/* overwrite the actual VHDXHeader portion */
324	memcpy(buffer, hdr, sizeof(VHDXHeader));
325	hdr->checksum = vhdx_update_checksum(buffer, VHDX_HEADER_SIZE(4 * 1024),
326	offsetof(VHDXHeader, checksum)__builtin_offsetof(VHDXHeader, checksum));
327	vhdx_header_le_export(hdr, &header_le);
328	ret = bdrv_pwrite_sync(bs_file, offset, &header_le, sizeof(VHDXHeader));
329
330	exit:
331	qemu_vfree(buffer);
332	return ret;
333	}
334
335	/* Update the VHDX headers
336	*
337	* This follows the VHDX spec procedures for header updates.
338	*
339	* - non-current header is updated with largest sequence number
340	*/
341	static int vhdx_update_header(BlockDriverState bs, BDRVVHDXState s,
342	bool_Bool generate_data_write_guid, MSGUID *log_guid)
343	{
344	int ret = 0;
345	int hdr_idx = 0;
346	uint64_t header_offset = VHDX_HEADER1_OFFSET((64 * 1024) * 1);
347
348	VHDXHeader *active_header;
349	VHDXHeader *inactive_header;
350
351	/* operate on the non-current header */
352	if (s->curr_header == 0) {
353	hdr_idx = 1;
354	header_offset = VHDX_HEADER2_OFFSET((64 * 1024) * 2);
355	}
356
357	active_header = s->headers[s->curr_header];
358	inactive_header = s->headers[hdr_idx];
359
360	inactive_header->sequence_number = active_header->sequence_number + 1;
361
362	/* a new file guid must be generated before any file write, including
363	* headers */
364	inactive_header->file_write_guid = s->session_guid;
365
366	/* a new data guid only needs to be generated before any guest-visible
367	* writes (i.e. something observable via virtual disk read) */
368	if (generate_data_write_guid) {
369	vhdx_guid_generate(&inactive_header->data_write_guid);
370	}
371
372	/* update the log guid if present */
373	if (log_guid) {
374	inactive_header->log_guid = *log_guid;
375	}
376
377	vhdx_write_header(bs->file, inactive_header, header_offset, true1);
378	if (ret < 0) {
379	goto exit;
380	}
381	s->curr_header = hdr_idx;
382
383	exit:
384	return ret;
385	}
386
387	/*
388	* The VHDX spec calls for header updates to be performed twice, so that both
389	* the current and non-current header have valid info
390	*/
391	int vhdx_update_headers(BlockDriverState bs, BDRVVHDXState s,
392	bool_Bool generate_data_write_guid, MSGUID *log_guid)
393	{
394	int ret;
395
396	ret = vhdx_update_header(bs, s, generate_data_write_guid, log_guid);
397	if (ret < 0) {
398	return ret;
399	}
400	ret = vhdx_update_header(bs, s, generate_data_write_guid, log_guid);
401	return ret;
402	}
403
404	/* opens the specified header block from the VHDX file header section */
405	static int vhdx_parse_header(BlockDriverState bs, BDRVVHDXState s)
406	{
407	int ret = 0;
408	VHDXHeader *header1;
409	VHDXHeader *header2;
410	bool_Bool h1_valid = false0;
411	bool_Bool h2_valid = false0;
412	uint64_t h1_seq = 0;
413	uint64_t h2_seq = 0;
414	uint8_t *buffer;
415
416	/* header1 & header2 are freed in vhdx_close() */
417	header1 = qemu_blockalign(bs, sizeof(VHDXHeader));
418	header2 = qemu_blockalign(bs, sizeof(VHDXHeader));
419
420	buffer = qemu_blockalign(bs, VHDX_HEADER_SIZE(4 * 1024));
421
422	s->headers[0] = header1;
423	s->headers[1] = header2;
424
425	/* We have to read the whole VHDX_HEADER_SIZE instead of
426	* sizeof(VHDXHeader), because the checksum is over the whole
427	* region */
428	ret = bdrv_pread(bs->file, VHDX_HEADER1_OFFSET((64 * 1024) * 1), buffer, VHDX_HEADER_SIZE(4 * 1024));
429	if (ret < 0) {
430	goto fail;
431	}
432	/* copy over just the relevant portion that we need */
433	memcpy(header1, buffer, sizeof(VHDXHeader));
434	vhdx_header_le_import(header1);
435
436	if (vhdx_checksum_is_valid(buffer, VHDX_HEADER_SIZE(4 * 1024), 4) &&
437	!memcmp(&header1->signature, "head", 4) &&
438	header1->version == 1) {
439	h1_seq = header1->sequence_number;
440	h1_valid = true1;
441	}
442
443	ret = bdrv_pread(bs->file, VHDX_HEADER2_OFFSET((64 * 1024) * 2), buffer, VHDX_HEADER_SIZE(4 * 1024));
444	if (ret < 0) {
445	goto fail;
446	}
447	/* copy over just the relevant portion that we need */
448	memcpy(header2, buffer, sizeof(VHDXHeader));
449	vhdx_header_le_import(header2);
450
451	if (vhdx_checksum_is_valid(buffer, VHDX_HEADER_SIZE(4 * 1024), 4) &&
452	!memcmp(&header2->signature, "head", 4) &&
453	header2->version == 1) {
454	h2_seq = header2->sequence_number;
455	h2_valid = true1;
456	}
457
458	/* If there is only 1 valid header (or no valid headers), we
459	* don't care what the sequence numbers are */
460	if (h1_valid && !h2_valid) {
461	s->curr_header = 0;
462	} else if (!h1_valid && h2_valid) {
463	s->curr_header = 1;
464	} else if (!h1_valid && !h2_valid) {
465	ret = -EINVAL22;
466	goto fail;
467	} else {
468	/* If both headers are valid, then we choose the active one by the
469	* highest sequence number. If the sequence numbers are equal, that is
470	* invalid */
471	if (h1_seq > h2_seq) {
472	s->curr_header = 0;
473	} else if (h2_seq > h1_seq) {
474	s->curr_header = 1;
475	} else {
476	ret = -EINVAL22;
477	goto fail;
478	}
479	}
480
481	vhdx_region_register(s, s->headers[s->curr_header]->log_offset,
482	s->headers[s->curr_header]->log_length);
483
484	ret = 0;
485
486	goto exit;
487
488	fail:
489	qerror_report(ERROR_CLASS_GENERIC_ERROR, "No valid VHDX header found");
490	qemu_vfree(header1);
491	qemu_vfree(header2);
492	s->headers[0] = NULL((void*)0);
493	s->headers[1] = NULL((void*)0);
494	exit:
495	qemu_vfree(buffer);
496	return ret;
497	}
498
499
500	static int vhdx_open_region_tables(BlockDriverState bs, BDRVVHDXState s)
501	{
502	int ret = 0;
503	uint8_t *buffer;
504	int offset = 0;
505	VHDXRegionTableEntry rt_entry;
506	uint32_t i;
507	bool_Bool bat_rt_found = false0;
508	bool_Bool metadata_rt_found = false0;
509
510	/* We have to read the whole 64KB block, because the crc32 is over the
511	* whole block */
512	buffer = qemu_blockalign(bs, VHDX_HEADER_BLOCK_SIZE(64 * 1024));
513
514	ret = bdrv_pread(bs->file, VHDX_REGION_TABLE_OFFSET((64 * 1024) * 3), buffer,
515	VHDX_HEADER_BLOCK_SIZE(64 * 1024));
516	if (ret < 0) {
517	goto fail;
518	}
519	memcpy(&s->rt, buffer, sizeof(s->rt));
520	vhdx_region_header_le_import(&s->rt);
521	offset += sizeof(s->rt);
522
523	if (!vhdx_checksum_is_valid(buffer, VHDX_HEADER_BLOCK_SIZE(64 * 1024), 4) \|\|
524	memcmp(&s->rt.signature, "regi", 4)) {
525	ret = -EINVAL22;
526	goto fail;
527	}
528
529	/* Per spec, maximum region table entry count is 2047 */
530	if (s->rt.entry_count > 2047) {
531	ret = -EINVAL22;
532	goto fail;
533	}
534
535	for (i = 0; i < s->rt.entry_count; i++) {
536	memcpy(&rt_entry, buffer + offset, sizeof(rt_entry));
537	offset += sizeof(rt_entry);
538
539	vhdx_region_entry_le_import(&rt_entry);
540
541	/* check for region overlap between these entries, and any
542	* other memory regions in the file */
543	ret = vhdx_region_check(s, rt_entry.file_offset, rt_entry.length);
544	if (ret < 0) {
545	goto fail;
546	}
547
548	vhdx_region_register(s, rt_entry.file_offset, rt_entry.length);
549
550	/* see if we recognize the entry */
551	if (guid_eq(rt_entry.guid, bat_guid)(memcmp(&(rt_entry.guid), &(bat_guid), sizeof(MSGUID) ) == 0)) {
552	/* must be unique; if we have already found it this is invalid */
553	if (bat_rt_found) {
554	ret = -EINVAL22;
555	goto fail;
556	}
557	bat_rt_found = true1;
558	s->bat_rt = rt_entry;
559	continue;
560	}
561
562	if (guid_eq(rt_entry.guid, metadata_guid)(memcmp(&(rt_entry.guid), &(metadata_guid), sizeof(MSGUID )) == 0)) {
563	/* must be unique; if we have already found it this is invalid */
564	if (metadata_rt_found) {
565	ret = -EINVAL22;
566	goto fail;
567	}
568	metadata_rt_found = true1;
569	s->metadata_rt = rt_entry;
570	continue;
571	}
572
573	if (rt_entry.data_bits & VHDX_REGION_ENTRY_REQUIRED0x01) {
574	/* cannot read vhdx file - required region table entry that
575	* we do not understand. per spec, we must fail to open */
576	ret = -ENOTSUP95;
577	goto fail;
578	}
579	}
580
581	if (!bat_rt_found \|\| !metadata_rt_found) {
582	ret = -EINVAL22;
583	goto fail;
584	}
585
586	ret = 0;
587
588	fail:
589	qemu_vfree(buffer);
590	return ret;
591	}
592
593
594
595	/* Metadata initial parser
596	*
597	* This loads all the metadata entry fields. This may cause additional
598	* fields to be processed (e.g. parent locator, etc..).
599	*
600	* There are 5 Metadata items that are always required:
601	* - File Parameters (block size, has a parent)
602	* - Virtual Disk Size (size, in bytes, of the virtual drive)
603	* - Page 83 Data (scsi page 83 guid)
604	* - Logical Sector Size (logical sector size in bytes, either 512 or
605	* 4096. We only support 512 currently)
606	* - Physical Sector Size (512 or 4096)
607	*
608	* Also, if the File Parameters indicate this is a differencing file,
609	* we must also look for the Parent Locator metadata item.
610	*/
611	static int vhdx_parse_metadata(BlockDriverState bs, BDRVVHDXState s)
612	{
613	int ret = 0;
614	uint8_t *buffer;
615	int offset = 0;
616	uint32_t i = 0;
617	VHDXMetadataTableEntry md_entry;
618
619	buffer = qemu_blockalign(bs, VHDX_METADATA_TABLE_MAX_SIZE(32 * (2047 +1)));
620
621	ret = bdrv_pread(bs->file, s->metadata_rt.file_offset, buffer,
622	VHDX_METADATA_TABLE_MAX_SIZE(32 * (2047 +1)));
623	if (ret < 0) {
624	goto exit;
625	}
626	memcpy(&s->metadata_hdr, buffer, sizeof(s->metadata_hdr));
627	offset += sizeof(s->metadata_hdr);
628
629	vhdx_metadata_header_le_import(&s->metadata_hdr);
630
631	if (memcmp(&s->metadata_hdr.signature, "metadata", 8)) {
632	ret = -EINVAL22;
633	goto exit;
634	}
635
636	s->metadata_entries.present = 0;
637
638	if ((s->metadata_hdr.entry_count * sizeof(md_entry)) >
639	(VHDX_METADATA_TABLE_MAX_SIZE(32 * (2047 +1)) - offset)) {
640	ret = -EINVAL22;
641	goto exit;
642	}
643
644	for (i = 0; i < s->metadata_hdr.entry_count; i++) {
645	memcpy(&md_entry, buffer + offset, sizeof(md_entry));
646	offset += sizeof(md_entry);
647
648	vhdx_metadata_entry_le_import(&md_entry);
649
650	if (guid_eq(md_entry.item_id, file_param_guid)(memcmp(&(md_entry.item_id), &(file_param_guid), sizeof (MSGUID)) == 0)) {
651	if (s->metadata_entries.present & META_FILE_PARAMETER_PRESENT0x01) {
652	ret = -EINVAL22;
653	goto exit;
654	}
655	s->metadata_entries.file_parameters_entry = md_entry;
656	s->metadata_entries.present \|= META_FILE_PARAMETER_PRESENT0x01;
657	continue;
658	}
659
660	if (guid_eq(md_entry.item_id, virtual_size_guid)(memcmp(&(md_entry.item_id), &(virtual_size_guid), sizeof (MSGUID)) == 0)) {
661	if (s->metadata_entries.present & META_VIRTUAL_DISK_SIZE_PRESENT0x02) {
662	ret = -EINVAL22;
663	goto exit;
664	}
665	s->metadata_entries.virtual_disk_size_entry = md_entry;
666	s->metadata_entries.present \|= META_VIRTUAL_DISK_SIZE_PRESENT0x02;
667	continue;
668	}
669
670	if (guid_eq(md_entry.item_id, page83_guid)(memcmp(&(md_entry.item_id), &(page83_guid), sizeof(MSGUID )) == 0)) {
671	if (s->metadata_entries.present & META_PAGE_83_PRESENT0x04) {
672	ret = -EINVAL22;
673	goto exit;
674	}
675	s->metadata_entries.page83_data_entry = md_entry;
676	s->metadata_entries.present \|= META_PAGE_83_PRESENT0x04;
677	continue;
678	}
679
680	if (guid_eq(md_entry.item_id, logical_sector_guid)(memcmp(&(md_entry.item_id), &(logical_sector_guid), sizeof (MSGUID)) == 0)) {
681	if (s->metadata_entries.present &
682	META_LOGICAL_SECTOR_SIZE_PRESENT0x08) {
683	ret = -EINVAL22;
684	goto exit;
685	}
686	s->metadata_entries.logical_sector_size_entry = md_entry;
687	s->metadata_entries.present \|= META_LOGICAL_SECTOR_SIZE_PRESENT0x08;
688	continue;
689	}
690
691	if (guid_eq(md_entry.item_id, phys_sector_guid)(memcmp(&(md_entry.item_id), &(phys_sector_guid), sizeof (MSGUID)) == 0)) {
692	if (s->metadata_entries.present & META_PHYS_SECTOR_SIZE_PRESENT0x10) {
693	ret = -EINVAL22;
694	goto exit;
695	}
696	s->metadata_entries.phys_sector_size_entry = md_entry;
697	s->metadata_entries.present \|= META_PHYS_SECTOR_SIZE_PRESENT0x10;
698	continue;
699	}
700
701	if (guid_eq(md_entry.item_id, parent_locator_guid)(memcmp(&(md_entry.item_id), &(parent_locator_guid), sizeof (MSGUID)) == 0)) {
702	if (s->metadata_entries.present & META_PARENT_LOCATOR_PRESENT0x20) {
703	ret = -EINVAL22;
704	goto exit;
705	}
706	s->metadata_entries.parent_locator_entry = md_entry;
707	s->metadata_entries.present \|= META_PARENT_LOCATOR_PRESENT0x20;
708	continue;
709	}
710
711	if (md_entry.data_bits & VHDX_META_FLAGS_IS_REQUIRED0x04) {
712	/* cannot read vhdx file - required region table entry that
713	* we do not understand. per spec, we must fail to open */
714	ret = -ENOTSUP95;
715	goto exit;
716	}
717	}
718
719	if (s->metadata_entries.present != META_ALL_PRESENT(0x01 \| 0x02 \| 0x04 \| 0x08 \| 0x10)) {
720	ret = -ENOTSUP95;
721	goto exit;
722	}
723
724	ret = bdrv_pread(bs->file,
725	s->metadata_entries.file_parameters_entry.offset
726	+ s->metadata_rt.file_offset,
727	&s->params,
728	sizeof(s->params));
729
730	if (ret < 0) {
731	goto exit;
732	}
733
734	le32_to_cpus(&s->params.block_size);
735	le32_to_cpus(&s->params.data_bits);
736
737
738	/* We now have the file parameters, so we can tell if this is a
739	* differencing file (i.e.. has_parent), is dynamic or fixed
740	* sized (leave_blocks_allocated), and the block size */
741
742	/* The parent locator required iff the file parameters has_parent set */
743	if (s->params.data_bits & VHDX_PARAMS_HAS_PARENT0x02) {
744	if (s->metadata_entries.present & META_PARENT_LOCATOR_PRESENT0x20) {
745	/* TODO: parse parent locator fields */
746	ret = -ENOTSUP95; /* temp, until differencing files are supported */
747	goto exit;
748	} else {
749	/* if has_parent is set, but there is not parent locator present,
750	* then that is an invalid combination */
751	ret = -EINVAL22;
752	goto exit;
753	}
754	}
755
756	/* determine virtual disk size, logical sector size,
757	* and phys sector size */
758
759	ret = bdrv_pread(bs->file,
760	s->metadata_entries.virtual_disk_size_entry.offset
761	+ s->metadata_rt.file_offset,
762	&s->virtual_disk_size,
763	sizeof(uint64_t));
764	if (ret < 0) {
765	goto exit;
766	}
767	ret = bdrv_pread(bs->file,
768	s->metadata_entries.logical_sector_size_entry.offset
769	+ s->metadata_rt.file_offset,
770	&s->logical_sector_size,
771	sizeof(uint32_t));
772	if (ret < 0) {
773	goto exit;
774	}
775	ret = bdrv_pread(bs->file,
776	s->metadata_entries.phys_sector_size_entry.offset
777	+ s->metadata_rt.file_offset,
778	&s->physical_sector_size,
779	sizeof(uint32_t));
780	if (ret < 0) {
781	goto exit;
782	}
783
784	le64_to_cpus(&s->virtual_disk_size);
785	le32_to_cpus(&s->logical_sector_size);
786	le32_to_cpus(&s->physical_sector_size);
787
788	if (s->logical_sector_size == 0 \|\| s->params.block_size == 0) {
789	ret = -EINVAL22;
790	goto exit;
791	}
792
793	/* both block_size and sector_size are guaranteed powers of 2 */
794	s->sectors_per_block = s->params.block_size / s->logical_sector_size;
795	s->chunk_ratio = (VHDX_MAX_SECTORS_PER_BLOCK(1 << 23)) *
796	(uint64_t)s->logical_sector_size /
797	(uint64_t)s->params.block_size;
798
799	/* These values are ones we will want to use for division / multiplication
800	* later on, and they are all guaranteed (per the spec) to be powers of 2,
801	* so we can take advantage of that for shift operations during
802	* reads/writes */
803	if (s->logical_sector_size & (s->logical_sector_size - 1)) {
804	ret = -EINVAL22;
805	goto exit;
806	}
807	if (s->sectors_per_block & (s->sectors_per_block - 1)) {
808	ret = -EINVAL22;
809	goto exit;
810	}
811	if (s->chunk_ratio & (s->chunk_ratio - 1)) {
812	ret = -EINVAL22;
813	goto exit;
814	}
815	s->block_size = s->params.block_size;
816	if (s->block_size & (s->block_size - 1)) {
817	ret = -EINVAL22;
818	goto exit;
819	}
820
821	vhdx_set_shift_bits(s);
822
823	ret = 0;
824
825	exit:
826	qemu_vfree(buffer);
827	return ret;
828	}
829
830	/*
831	* Calculate the number of BAT entries, including sector
832	* bitmap entries.
833	*/
834	static void vhdx_calc_bat_entries(BDRVVHDXState *s)
835	{
836	uint32_t data_blocks_cnt, bitmap_blocks_cnt;
837
838	data_blocks_cnt = s->virtual_disk_size >> s->block_size_bits;
839	if (s->virtual_disk_size - (data_blocks_cnt << s->block_size_bits)) {
840	data_blocks_cnt++;
841	}
842	bitmap_blocks_cnt = data_blocks_cnt >> s->chunk_ratio_bits;
843	if (data_blocks_cnt - (bitmap_blocks_cnt << s->chunk_ratio_bits)) {
844	bitmap_blocks_cnt++;
845	}
846
847	if (s->parent_entries) {
848	s->bat_entries = bitmap_blocks_cnt * (s->chunk_ratio + 1);
849	} else {
850	s->bat_entries = data_blocks_cnt +
851	((data_blocks_cnt - 1) >> s->chunk_ratio_bits);
852	}
853
854	}
855
856	static void vhdx_close(BlockDriverState *bs)
857	{
858	BDRVVHDXState *s = bs->opaque;
859	qemu_vfree(s->headers[0]);
860	s->headers[0] = NULL((void*)0);
861	qemu_vfree(s->headers[1]);
862	s->headers[1] = NULL((void*)0);
863	qemu_vfree(s->bat);
864	s->bat = NULL((void*)0);
865	qemu_vfree(s->parent_entries);
866	s->parent_entries = NULL((void*)0);
867	migrate_del_blocker(s->migration_blocker);
868	error_free(s->migration_blocker);
869	qemu_vfree(s->log.hdr);
870	s->log.hdr = NULL((void*)0);
871	vhdx_region_unregister_all(s);
872	}
873
874	static int vhdx_open(BlockDriverState bs, QDict options, int flags,
875	Error **errp)
876	{
877	BDRVVHDXState *s = bs->opaque;
878	int ret = 0;
879	uint32_t i;
880	uint64_t signature;
881
882
883	s->bat = NULL((void*)0);
884	s->first_visible_write = true1;
885
886	qemu_co_mutex_init(&s->lock);
887	QLIST_INIT(&s->regions)do { (&s->regions)->lh_first = ((void*)0); } while ( 0);
888
889	/* validate the file signature */
890	ret = bdrv_pread(bs->file, 0, &signature, sizeof(uint64_t));
891	if (ret < 0) {
892	goto fail;
893	}
894	if (memcmp(&signature, "vhdxfile", 8)) {
895	ret = -EINVAL22;
896	goto fail;
897	}
898
899	/* This is used for any header updates, for the file_write_guid.
900	* The spec dictates that a new value should be used for the first
901	* header update */
902	vhdx_guid_generate(&s->session_guid);
903
904	ret = vhdx_parse_header(bs, s);
905	if (ret < 0) {
906	goto fail;
907	}
908
909	ret = vhdx_parse_log(bs, s, &s->log_replayed_on_open, errp);
910	if (ret < 0) {
911	goto fail;
912	}
913
914	ret = vhdx_open_region_tables(bs, s);
915	if (ret < 0) {
916	goto fail;
917	}
918
919	ret = vhdx_parse_metadata(bs, s);
920	if (ret < 0) {
921	goto fail;
922	}
923
924	s->block_size = s->params.block_size;
925
926	/* the VHDX spec dictates that virtual_disk_size is always a multiple of
927	* logical_sector_size */
928	bs->total_sectors = s->virtual_disk_size >> s->logical_sector_size_bits;
929
930	vhdx_calc_bat_entries(s);
931
932	s->bat_offset = s->bat_rt.file_offset;
933
934	if (s->bat_entries > s->bat_rt.length / sizeof(VHDXBatEntry)) {
935	/* BAT allocation is not large enough for all entries */
936	ret = -EINVAL22;
937	goto fail;
938	}
939
940	/* s->bat is freed in vhdx_close() */
941	s->bat = qemu_blockalign(bs, s->bat_rt.length);
942
943	ret = bdrv_pread(bs->file, s->bat_offset, s->bat, s->bat_rt.length);
944	if (ret < 0) {
945	goto fail;
946	}
947
948	uint64_t payblocks = s->chunk_ratio;
949	/* endian convert, and verify populated BAT field file offsets against
950	* region table and log entries */
951	for (i = 0; i < s->bat_entries; i++) {
952	le64_to_cpus(&s->bat[i]);
953	if (payblocks--) {
954	/* payload bat entries */
955	if ((s->bat[i] & VHDX_BAT_STATE_BIT_MASK0x07) ==
956	PAYLOAD_BLOCK_FULLY_PRESENT6) {
957	ret = vhdx_region_check(s, s->bat[i] & VHDX_BAT_FILE_OFF_MASK0xFFFFFFFFFFF00000,
958	s->block_size);
959	if (ret < 0) {
960	goto fail;
961	}
962	}
963	} else {
964	payblocks = s->chunk_ratio;
965	/* Once differencing files are supported, verify sector bitmap
966	* blocks here */
967	}
968	}
969
970	if (flags & BDRV_O_RDWR0x0002) {
971	ret = vhdx_update_headers(bs, s, false0, NULL((void*)0));
972	if (ret < 0) {
973	goto fail;
974	}
975	}
976
977	/* TODO: differencing files */
978
979	/* Disable migration when VHDX images are used */
980	error_set(&s->migration_blocker,
981	QERR_BLOCK_FORMAT_FEATURE_NOT_SUPPORTEDERROR_CLASS_GENERIC_ERROR, "Block format '%s' used by device '%s' does not support feature '%s'",
982	"vhdx", bs->device_name, "live migration");
983	migrate_add_blocker(s->migration_blocker);
984
985	return 0;
986	fail:
987	vhdx_close(bs);
988	return ret;
989	}
990
991	static int vhdx_reopen_prepare(BDRVReopenState *state,
992	BlockReopenQueue queue, Error *errp)
993	{
994	return 0;
995	}
996
997
998	/*
999	* Perform sector to block offset translations, to get various
1000	* sector and file offsets into the image. See VHDXSectorInfo
1001	*/
1002	static void vhdx_block_translate(BDRVVHDXState *s, int64_t sector_num,
1003	int nb_sectors, VHDXSectorInfo *sinfo)
1004	{
1005	uint32_t block_offset;
1006
1007	sinfo->bat_idx = sector_num >> s->sectors_per_block_bits;
1008	/* effectively a modulo - this gives us the offset into the block
1009	* (in sector sizes) for our sector number */
1010	block_offset = sector_num - (sinfo->bat_idx << s->sectors_per_block_bits);
1011	/* the chunk ratio gives us the interleaving of the sector
1012	* bitmaps, so we need to advance our page block index by the
1013	* sector bitmaps entry number */
1014	sinfo->bat_idx += sinfo->bat_idx >> s->chunk_ratio_bits;
1015
1016	/* the number of sectors we can read/write in this cycle */
1017	sinfo->sectors_avail = s->sectors_per_block - block_offset;
1018
1019	sinfo->bytes_left = sinfo->sectors_avail << s->logical_sector_size_bits;
1020
1021	if (sinfo->sectors_avail > nb_sectors) {
1022	sinfo->sectors_avail = nb_sectors;
1023	}
1024
1025	sinfo->bytes_avail = sinfo->sectors_avail << s->logical_sector_size_bits;
1026
1027	sinfo->file_offset = s->bat[sinfo->bat_idx] & VHDX_BAT_FILE_OFF_MASK0xFFFFFFFFFFF00000;
1028
1029	sinfo->block_offset = block_offset << s->logical_sector_size_bits;
1030
1031	/* The file offset must be past the header section, so must be > 0 */
1032	if (sinfo->file_offset == 0) {
1033	return;
1034	}
1035
1036	/* block offset is the offset in vhdx logical sectors, in
1037	* the payload data block. Convert that to a byte offset
1038	* in the block, and add in the payload data block offset
1039	* in the file, in bytes, to get the final read address */
1040
1041	sinfo->file_offset += sinfo->block_offset;
1042	}
1043
1044
1045	static int vhdx_get_info(BlockDriverState bs, BlockDriverInfo bdi)
1046	{
1047	BDRVVHDXState *s = bs->opaque;
1048
1049	bdi->cluster_size = s->block_size;
1050
1051	bdi->unallocated_blocks_are_zero =
1052	(s->params.data_bits & VHDX_PARAMS_HAS_PARENT0x02) == 0;
1053
1054	return 0;
1055	}
1056
1057
1058	static coroutine_fn int vhdx_co_readv(BlockDriverState *bs, int64_t sector_num,
1059	int nb_sectors, QEMUIOVector *qiov)
1060	{
1061	BDRVVHDXState *s = bs->opaque;
1062	int ret = 0;
1063	VHDXSectorInfo sinfo;
1064	uint64_t bytes_done = 0;
1065	QEMUIOVector hd_qiov;
1066
1067	qemu_iovec_init(&hd_qiov, qiov->niov);
1068
1069	qemu_co_mutex_lock(&s->lock);
1070
1071	while (nb_sectors > 0) {
1072	/* We are a differencing file, so we need to inspect the sector bitmap
1073	* to see if we have the data or not */
1074	if (s->params.data_bits & VHDX_PARAMS_HAS_PARENT0x02) {
1075	/* not supported yet */
1076	ret = -ENOTSUP95;
1077	goto exit;
1078	} else {
1079	vhdx_block_translate(s, sector_num, nb_sectors, &sinfo);
1080
1081	qemu_iovec_reset(&hd_qiov);
1082	qemu_iovec_concat(&hd_qiov, qiov, bytes_done, sinfo.bytes_avail);
1083
1084	/* check the payload block state */
1085	switch (s->bat[sinfo.bat_idx] & VHDX_BAT_STATE_BIT_MASK0x07) {
1086	case PAYLOAD_BLOCK_NOT_PRESENT0: /* fall through */
1087	case PAYLOAD_BLOCK_UNDEFINED1: /* fall through */
1088	case PAYLOAD_BLOCK_UNMAPPED5: /* fall through */
1089	case PAYLOAD_BLOCK_ZERO2:
1090	/* return zero */
1091	qemu_iovec_memset(&hd_qiov, 0, 0, sinfo.bytes_avail);
1092	break;
1093	case PAYLOAD_BLOCK_FULLY_PRESENT6:
1094	qemu_co_mutex_unlock(&s->lock);
1095	ret = bdrv_co_readv(bs->file,
1096	sinfo.file_offset >> BDRV_SECTOR_BITS9,
1097	sinfo.sectors_avail, &hd_qiov);
1098	qemu_co_mutex_lock(&s->lock);
1099	if (ret < 0) {
1100	goto exit;
1101	}
1102	break;
1103	case PAYLOAD_BLOCK_PARTIALLY_PRESENT7:
1104	/* we don't yet support difference files, fall through
1105	* to error */
1106	default:
1107	ret = -EIO5;
1108	goto exit;
1109	break;
1110	}
1111	nb_sectors -= sinfo.sectors_avail;
1112	sector_num += sinfo.sectors_avail;
1113	bytes_done += sinfo.bytes_avail;
1114	}
1115	}
1116	ret = 0;
1117	exit:
1118	qemu_co_mutex_unlock(&s->lock);
1119	qemu_iovec_destroy(&hd_qiov);
1120	return ret;
1121	}
1122
1123	/*
1124	* Allocate a new payload block at the end of the file.
1125	*
1126	* Allocation will happen at 1MB alignment inside the file
1127	*
1128	* Returns the file offset start of the new payload block
1129	*/
1130	static int vhdx_allocate_block(BlockDriverState bs, BDRVVHDXState s,
1131	uint64_t *new_offset)
1132	{
1133	*new_offset = bdrv_getlength(bs->file);
1134
1135	/* per the spec, the address for a block is in units of 1MB */
1136	new_offset = ROUND_UP(new_offset, 1024 * 1024)(((new_offset) + (1024 1024) - 1) & -(1024 * 1024));
1137
1138	return bdrv_truncate(bs->file, *new_offset + s->block_size);
1139	}
1140
1141	/*
1142	* Update the BAT table entry with the new file offset, and the new entry
1143	* state */
1144	static void vhdx_update_bat_table_entry(BlockDriverState bs, BDRVVHDXState s,
1145	VHDXSectorInfo *sinfo,
1146	uint64_t *bat_entry_le,
1147	uint64_t *bat_offset, int state)
1148	{
1149	/* The BAT entry is a uint64, with 44 bits for the file offset in units of
1150	* 1MB, and 3 bits for the block state. */
1151	s->bat[sinfo->bat_idx] = sinfo->file_offset;
1152
1153	s->bat[sinfo->bat_idx] \|= state & VHDX_BAT_STATE_BIT_MASK0x07;
1154
1155	*bat_entry_le = cpu_to_le64(s->bat[sinfo->bat_idx]);
1156	bat_offset = s->bat_offset + sinfo->bat_idx sizeof(VHDXBatEntry);
1157
1158	}
1159
1160	/* Per the spec, on the first write of guest-visible data to the file the
1161	* data write guid must be updated in the header */
1162	int vhdx_user_visible_write(BlockDriverState bs, BDRVVHDXState s)
1163	{
1164	int ret = 0;
1165	if (s->first_visible_write) {
1166	s->first_visible_write = false0;
1167	ret = vhdx_update_headers(bs, s, true1, NULL((void*)0));
1168	}
1169	return ret;
1170	}
1171
1172	static coroutine_fn int vhdx_co_writev(BlockDriverState *bs, int64_t sector_num,
1173	int nb_sectors, QEMUIOVector *qiov)
1174	{
1175	int ret = -ENOTSUP95;
1176	BDRVVHDXState *s = bs->opaque;
1177	VHDXSectorInfo sinfo;
1178	uint64_t bytes_done = 0;
1179	uint64_t bat_entry = 0;
1180	uint64_t bat_entry_offset = 0;
1181	QEMUIOVector hd_qiov;
1182	struct iovec iov1 = { 0 };
1183	struct iovec iov2 = { 0 };
1184	int sectors_to_write;
1185	int bat_state;
1186	uint64_t bat_prior_offset = 0;
1187	bool_Bool bat_update = false0;
1188
1189	qemu_iovec_init(&hd_qiov, qiov->niov);
1190
1191	qemu_co_mutex_lock(&s->lock);
1192
1193	ret = vhdx_user_visible_write(bs, s);
1194	if (ret < 0) {
1195	goto exit;
1196	}
1197
1198	while (nb_sectors > 0) {
1199	bool_Bool use_zero_buffers = false0;
1200	bat_update = false0;
1201	if (s->params.data_bits & VHDX_PARAMS_HAS_PARENT0x02) {
1202	/* not supported yet */
1203	ret = -ENOTSUP95;
1204	goto exit;
1205	} else {
1206	vhdx_block_translate(s, sector_num, nb_sectors, &sinfo);
1207	sectors_to_write = sinfo.sectors_avail;
1208
1209	qemu_iovec_reset(&hd_qiov);
1210	/* check the payload block state */
1211	bat_state = s->bat[sinfo.bat_idx] & VHDX_BAT_STATE_BIT_MASK0x07;
1212	switch (bat_state) {
1213	case PAYLOAD_BLOCK_ZERO2:
1214	/* in this case, we need to preserve zero writes for
1215	* data that is not part of this write, so we must pad
1216	* the rest of the buffer to zeroes */
1217
1218	/* if we are on a posix system with ftruncate() that extends
1219	* a file, then it is zero-filled for us. On Win32, the raw
1220	* layer uses SetFilePointer and SetFileEnd, which does not
1221	* zero fill AFAIK */
1222
1223	/* Queue another write of zero buffers if the underlying file
1224	* does not zero-fill on file extension */
1225
1226	if (bdrv_has_zero_init(bs->file) == 0) {
1227	use_zero_buffers = true1;
1228
1229	/* zero fill the front, if any */
1230	if (sinfo.block_offset) {
1231	iov1.iov_len = sinfo.block_offset;
1232	iov1.iov_base = qemu_blockalign(bs, iov1.iov_len);
1233	memset(iov1.iov_base, 0, iov1.iov_len);
1234	qemu_iovec_concat_iov(&hd_qiov, &iov1, 1, 0,
1235	sinfo.block_offset);
1236	sectors_to_write += iov1.iov_len >> BDRV_SECTOR_BITS9;
1237	}
1238
1239	/* our actual data */
1240	qemu_iovec_concat(&hd_qiov, qiov, bytes_done,
1241	sinfo.bytes_avail);
1242
1243	/* zero fill the back, if any */
1244	if ((sinfo.bytes_avail - sinfo.block_offset) <
1245	s->block_size) {
1246	iov2.iov_len = s->block_size -
1247	(sinfo.bytes_avail + sinfo.block_offset);
1248	iov2.iov_base = qemu_blockalign(bs, iov2.iov_len);
1249	memset(iov2.iov_base, 0, iov2.iov_len);
1250	qemu_iovec_concat_iov(&hd_qiov, &iov2, 1, 0,
1251	sinfo.block_offset);
1252	sectors_to_write += iov2.iov_len >> BDRV_SECTOR_BITS9;
1253	}
1254	}
1255
1256	/* fall through */
1257	case PAYLOAD_BLOCK_NOT_PRESENT0: /* fall through */
1258	case PAYLOAD_BLOCK_UNMAPPED5: /* fall through */
1259	case PAYLOAD_BLOCK_UNDEFINED1: /* fall through */
1260	bat_prior_offset = sinfo.file_offset;
1261	ret = vhdx_allocate_block(bs, s, &sinfo.file_offset);
1262	if (ret < 0) {
1263	goto exit;
1264	}
1265	/* once we support differencing files, this may also be
1266	* partially present */
1267	/* update block state to the newly specified state */
1268	vhdx_update_bat_table_entry(bs, s, &sinfo, &bat_entry,
1269	&bat_entry_offset,
1270	PAYLOAD_BLOCK_FULLY_PRESENT6);
1271	bat_update = true1;
1272	/* since we just allocated a block, file_offset is the
1273	* beginning of the payload block. It needs to be the
1274	* write address, which includes the offset into the block */
1275	if (!use_zero_buffers) {
1276	sinfo.file_offset += sinfo.block_offset;
1277	}
1278	/* fall through */
1279	case PAYLOAD_BLOCK_FULLY_PRESENT6:
1280	/* if the file offset address is in the header zone,
1281	* there is a problem */
1282	if (sinfo.file_offset < (1024 * 1024)) {
1283	ret = -EFAULT14;
1284	goto error_bat_restore;
1285	}
1286
1287	if (!use_zero_buffers) {
1288	qemu_iovec_concat(&hd_qiov, qiov, bytes_done,
1289	sinfo.bytes_avail);
1290	}
1291	/* block exists, so we can just overwrite it */
1292	qemu_co_mutex_unlock(&s->lock);
1293	ret = bdrv_co_writev(bs->file,
1294	sinfo.file_offset >> BDRV_SECTOR_BITS9,
1295	sectors_to_write, &hd_qiov);
1296	qemu_co_mutex_lock(&s->lock);
1297	if (ret < 0) {
1298	goto error_bat_restore;
1299	}
1300	break;
1301	case PAYLOAD_BLOCK_PARTIALLY_PRESENT7:
1302	/* we don't yet support difference files, fall through
1303	* to error */
1304	default:
1305	ret = -EIO5;
1306	goto exit;
1307	break;
1308	}
1309
1310	if (bat_update) {
1311	/* this will update the BAT entry into the log journal, and
1312	* then flush the log journal out to disk */
1313	ret = vhdx_log_write_and_flush(bs, s, &bat_entry,
1314	sizeof(VHDXBatEntry),
1315	bat_entry_offset);
1316	if (ret < 0) {
1317	goto exit;
1318	}
1319	}
1320
1321	nb_sectors -= sinfo.sectors_avail;
1322	sector_num += sinfo.sectors_avail;
1323	bytes_done += sinfo.bytes_avail;
1324
1325	}
1326	}
1327
1328	goto exit;
1329
1330	error_bat_restore:
1331	if (bat_update) {
1332	/* keep metadata in sync, and restore the bat entry state
1333	* if error. */
1334	sinfo.file_offset = bat_prior_offset;
1335	vhdx_update_bat_table_entry(bs, s, &sinfo, &bat_entry,
1336	&bat_entry_offset, bat_state);
1337	}
1338	exit:
1339	qemu_vfree(iov1.iov_base);
1340	qemu_vfree(iov2.iov_base);
1341	qemu_co_mutex_unlock(&s->lock);
1342	qemu_iovec_destroy(&hd_qiov);
1343	return ret;
1344	}
1345
1346
1347
1348	/*
1349	* Create VHDX Headers
1350	*
1351	* There are 2 headers, and the highest sequence number will represent
1352	* the active header
1353	*/
1354	static int vhdx_create_new_headers(BlockDriverState *bs, uint64_t image_size,
1355	uint32_t log_size)
1356	{
1357	int ret = 0;
1358	VHDXHeader hdr = NULL((void)0);
1359
1360	hdr = g_malloc0(sizeof(VHDXHeader));
1361
1362	hdr->signature = VHDX_HEADER_SIGNATURE0x64616568;
1363	hdr->sequence_number = g_random_int();
1364	hdr->log_version = 0;
1365	hdr->version = 1;
1366	hdr->log_length = log_size;
1367	hdr->log_offset = VHDX_HEADER_SECTION_END(1 * ((1 * 1024) * 1024));
1368	vhdx_guid_generate(&hdr->file_write_guid);
1369	vhdx_guid_generate(&hdr->data_write_guid);
1370
1371	ret = vhdx_write_header(bs, hdr, VHDX_HEADER1_OFFSET((64 * 1024) * 1), false0);
1372	if (ret < 0) {
1373	goto exit;
1374	}
1375	hdr->sequence_number++;
1376	ret = vhdx_write_header(bs, hdr, VHDX_HEADER2_OFFSET((64 * 1024) * 2), false0);
1377	if (ret < 0) {
1378	goto exit;
1379	}
1380
1381	exit:
1382	g_free(hdr);
1383	return ret;
1384	}
1385
1386
1387	/*
1388	* Create the Metadata entries.
1389	*
1390	* For more details on the entries, see section 3.5 (pg 29) in the
1391	* VHDX 1.00 specification.
1392	*
1393	* We support 5 metadata entries (all required by spec):
1394	* File Parameters,
1395	* Virtual Disk Size,
1396	* Page 83 Data,
1397	* Logical Sector Size,
1398	* Physical Sector Size
1399	*
1400	* The first 64KB of the Metadata section is reserved for the metadata
1401	* header and entries; beyond that, the metadata items themselves reside.
1402	*/
1403	static int vhdx_create_new_metadata(BlockDriverState *bs,
1404	uint64_t image_size,
1405	uint32_t block_size,
1406	uint32_t sector_size,
1407	uint64_t metadata_offset,
1408	VHDXImageType type)
1409	{
1410	int ret = 0;
1411	uint32_t offset = 0;
1412	void buffer = NULL((void)0);
1413	void *entry_buffer;
1414	VHDXMetadataTableHeader *md_table;;
1415	VHDXMetadataTableEntry *md_table_entry;
1416
1417	/* Metadata entries */
1418	VHDXFileParameters *mt_file_params;
1419	VHDXVirtualDiskSize *mt_virtual_size;
1420	VHDXPage83Data *mt_page83;
1421	VHDXVirtualDiskLogicalSectorSize *mt_log_sector_size;
1422	VHDXVirtualDiskPhysicalSectorSize *mt_phys_sector_size;
1423
1424	entry_buffer = g_malloc0(sizeof(VHDXFileParameters) +
1425	sizeof(VHDXVirtualDiskSize) +
1426	sizeof(VHDXPage83Data) +
1427	sizeof(VHDXVirtualDiskLogicalSectorSize) +
1428	sizeof(VHDXVirtualDiskPhysicalSectorSize));
1429
1430	mt_file_params = entry_buffer;
1431	offset += sizeof(VHDXFileParameters);
1432	mt_virtual_size = entry_buffer + offset;
1433	offset += sizeof(VHDXVirtualDiskSize);
1434	mt_page83 = entry_buffer + offset;
1435	offset += sizeof(VHDXPage83Data);
1436	mt_log_sector_size = entry_buffer + offset;
1437	offset += sizeof(VHDXVirtualDiskLogicalSectorSize);
1438	mt_phys_sector_size = entry_buffer + offset;
1439
1440	mt_file_params->block_size = cpu_to_le32(block_size);
1441	if (type == VHDX_TYPE_FIXED) {
1442	mt_file_params->data_bits \|= VHDX_PARAMS_LEAVE_BLOCKS_ALLOCED0x01;
1443	cpu_to_le32s(&mt_file_params->data_bits);
1444	}
1445
1446	vhdx_guid_generate(&mt_page83->page_83_data);
1447	cpu_to_leguids(&mt_page83->page_83_data);
1448	mt_virtual_size->virtual_disk_size = cpu_to_le64(image_size);
1449	mt_log_sector_size->logical_sector_size = cpu_to_le32(sector_size);
1450	mt_phys_sector_size->physical_sector_size = cpu_to_le32(sector_size);
1451
1452	buffer = g_malloc0(VHDX_HEADER_BLOCK_SIZE(64 * 1024));
1453	md_table = buffer;
1454
1455	md_table->signature = VHDX_METADATA_SIGNATURE0x617461646174656D;
1456	md_table->entry_count = 5;
1457	vhdx_metadata_header_le_export(md_table);
1458
1459
1460	/* This will reference beyond the reserved table portion */
1461	offset = 64 * KiB(1 * 1024);
1462
1463	md_table_entry = buffer + sizeof(VHDXMetadataTableHeader);
1464
1465	md_table_entry[0].item_id = file_param_guid;
1466	md_table_entry[0].offset = offset;
1467	md_table_entry[0].length = sizeof(VHDXFileParameters);
1468	md_table_entry[0].data_bits \|= VHDX_META_FLAGS_IS_REQUIRED0x04;
1469	offset += md_table_entry[0].length;
1470	vhdx_metadata_entry_le_export(&md_table_entry[0]);
1471
1472	md_table_entry[1].item_id = virtual_size_guid;
1473	md_table_entry[1].offset = offset;
1474	md_table_entry[1].length = sizeof(VHDXVirtualDiskSize);
1475	md_table_entry[1].data_bits \|= VHDX_META_FLAGS_IS_REQUIRED0x04 \|
1476	VHDX_META_FLAGS_IS_VIRTUAL_DISK0x02;
1477	offset += md_table_entry[1].length;
1478	vhdx_metadata_entry_le_export(&md_table_entry[1]);
1479
1480	md_table_entry[2].item_id = page83_guid;
1481	md_table_entry[2].offset = offset;
1482	md_table_entry[2].length = sizeof(VHDXPage83Data);
1483	md_table_entry[2].data_bits \|= VHDX_META_FLAGS_IS_REQUIRED0x04 \|
1484	VHDX_META_FLAGS_IS_VIRTUAL_DISK0x02;
1485	offset += md_table_entry[2].length;
1486	vhdx_metadata_entry_le_export(&md_table_entry[2]);
1487
1488	md_table_entry[3].item_id = logical_sector_guid;
1489	md_table_entry[3].offset = offset;
1490	md_table_entry[3].length = sizeof(VHDXVirtualDiskLogicalSectorSize);
1491	md_table_entry[3].data_bits \|= VHDX_META_FLAGS_IS_REQUIRED0x04 \|
1492	VHDX_META_FLAGS_IS_VIRTUAL_DISK0x02;
1493	offset += md_table_entry[3].length;
1494	vhdx_metadata_entry_le_export(&md_table_entry[3]);
1495
1496	md_table_entry[4].item_id = phys_sector_guid;
1497	md_table_entry[4].offset = offset;
1498	md_table_entry[4].length = sizeof(VHDXVirtualDiskPhysicalSectorSize);
1499	md_table_entry[4].data_bits \|= VHDX_META_FLAGS_IS_REQUIRED0x04 \|
1500	VHDX_META_FLAGS_IS_VIRTUAL_DISK0x02;
1501	vhdx_metadata_entry_le_export(&md_table_entry[4]);
1502
1503	ret = bdrv_pwrite(bs, metadata_offset, buffer, VHDX_HEADER_BLOCK_SIZE(64 * 1024));
1504	if (ret < 0) {
1505	goto exit;
1506	}
1507
1508	ret = bdrv_pwrite(bs, metadata_offset + (64 * KiB(1 * 1024)), entry_buffer,
1509	VHDX_HEADER_BLOCK_SIZE(64 * 1024));
1510	if (ret < 0) {
1511	goto exit;
1512	}
1513
1514
1515	exit:
1516	g_free(buffer);
1517	g_free(entry_buffer);
1518	return ret;
1519	}
1520
1521	/* This create the actual BAT itself. We currently only support
1522	* 'Dynamic' and 'Fixed' image types.
1523	*
1524	* Dynamic images: default state of the BAT is all zeroes.
1525	*
1526	* Fixed images: default state of the BAT is fully populated, with
1527	* file offsets and state PAYLOAD_BLOCK_FULLY_PRESENT.
1528	*/
1529	static int vhdx_create_bat(BlockDriverState bs, BDRVVHDXState s,
1530	uint64_t image_size, VHDXImageType type,
1531	bool_Bool use_zero_blocks, VHDXRegionTableEntry *rt_bat)
1532	{
1533	int ret = 0;
1534	uint64_t data_file_offset;
1535	uint64_t total_sectors = 0;
1536	uint64_t sector_num = 0;
1537	uint64_t unused;
1538	int block_state;
1539	VHDXSectorInfo sinfo;
1540
1541	assert(s->bat == NULL)((s->bat == ((void)0)) ? (void) (0) : __assert_fail ("s->bat == ((void)0)" , "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c", 1541, __PRETTY_FUNCTION__ ));
1542
1543	/* this gives a data start after BAT/bitmap entries, and well
1544	* past any metadata entries (with a 4 MB buffer for future
1545	* expansion */
1546	data_file_offset = rt_bat->file_offset + rt_bat->length + 5 * MiB((1 * 1024) * 1024);
1547	total_sectors = image_size >> s->logical_sector_size_bits;
1548
1549	if (type == VHDX_TYPE_DYNAMIC) {
1550	/* All zeroes, so we can just extend the file - the end of the BAT
1551	* is the furthest thing we have written yet */
1552	ret = bdrv_truncate(bs, data_file_offset);
1553	if (ret < 0) {
1554	goto exit;
1555	}
1556	} else if (type == VHDX_TYPE_FIXED) {
1557	ret = bdrv_truncate(bs, data_file_offset + image_size);
1558	if (ret < 0) {
1559	goto exit;
1560	}
1561	} else {
1562	ret = -ENOTSUP95;
1563	goto exit;
1564	}
1565
1566	if (type == VHDX_TYPE_FIXED \|\|
1567	use_zero_blocks \|\|
1568	bdrv_has_zero_init(bs) == 0) {
1569	/* for a fixed file, the default BAT entry is not zero */
1570	s->bat = g_malloc0(rt_bat->length);
1571	block_state = type == VHDX_TYPE_FIXED ? PAYLOAD_BLOCK_FULLY_PRESENT6 :
1572	PAYLOAD_BLOCK_NOT_PRESENT0;
1573	block_state = use_zero_blocks ? PAYLOAD_BLOCK_ZERO2 : block_state;
1574	/* fill the BAT by emulating sector writes of sectors_per_block size */
1575	while (sector_num < total_sectors) {
1576	vhdx_block_translate(s, sector_num, s->sectors_per_block, &sinfo);
1577	sinfo.file_offset = data_file_offset +
1578	(sector_num << s->logical_sector_size_bits);
1579	sinfo.file_offset = ROUND_UP(sinfo.file_offset, MiB)(((sinfo.file_offset) + (((1 * 1024) * 1024)) - 1) & -((( 1 * 1024) * 1024)));
1580	vhdx_update_bat_table_entry(bs, s, &sinfo, &unused, &unused,
1581	block_state);
1582	cpu_to_le64s(&s->bat[sinfo.bat_idx]);
1583	sector_num += s->sectors_per_block;
1584	}
1585	ret = bdrv_pwrite(bs, rt_bat->file_offset, s->bat, rt_bat->length);
1586	if (ret < 0) {
1587	goto exit;
1588	}
1589	}
1590
1591
1592
1593	exit:
1594	g_free(s->bat);
1595	return ret;
1596	}
1597
1598	/* Creates the region table header, and region table entries.
1599	* There are 2 supported region table entries: BAT, and Metadata/
1600	*
1601	* As the calculations for the BAT region table are also needed
1602	* to create the BAT itself, we will also cause the BAT to be
1603	* created.
1604	*/
1605	static int vhdx_create_new_region_table(BlockDriverState *bs,
1606	uint64_t image_size,
1607	uint32_t block_size,
1608	uint32_t sector_size,
1609	uint32_t log_size,
1610	bool_Bool use_zero_blocks,
1611	VHDXImageType type,
1612	uint64_t *metadata_offset)
1613	{
1614	int ret = 0;
1615	uint32_t offset = 0;
1616	void buffer = NULL((void)0);
1617	BDRVVHDXState s = NULL((void)0);
1618	VHDXRegionTableHeader *region_table;
1619	VHDXRegionTableEntry *rt_bat;
1620	VHDXRegionTableEntry *rt_metadata;
1621
1622	assert(metadata_offset != NULL)((metadata_offset != ((void)0)) ? (void) (0) : __assert_fail ("metadata_offset != ((void)0)", "/home/stefan/src/qemu/qemu.org/qemu/block/vhdx.c" , 1622, __PRETTY_FUNCTION__));
1623
1624	/* Populate enough of the BDRVVHDXState to be able to use the
1625	* pre-existing BAT calculation, translation, and update functions */
1626	s = g_malloc0(sizeof(BDRVVHDXState));
1627
1628	s->chunk_ratio = (VHDX_MAX_SECTORS_PER_BLOCK(1 << 23)) *
1629	(uint64_t) sector_size / (uint64_t) block_size;
1630
1631	s->sectors_per_block = block_size / sector_size;
1632	s->virtual_disk_size = image_size;
1633	s->block_size = block_size;
1634	s->logical_sector_size = sector_size;
1635
1636	vhdx_set_shift_bits(s);
1637
1638	vhdx_calc_bat_entries(s);
1639
1640	/* At this point the VHDX state is populated enough for creation */
1641
1642	/* a single buffer is used so we can calculate the checksum over the
1643	* entire 64KB block */
1644	buffer = g_malloc0(VHDX_HEADER_BLOCK_SIZE(64 * 1024));
1645	region_table = buffer;
1646	offset += sizeof(VHDXRegionTableHeader);
1647	rt_bat = buffer + offset;
1648	offset += sizeof(VHDXRegionTableEntry);
1649	rt_metadata = buffer + offset;
1650
1651	region_table->signature = VHDX_REGION_SIGNATURE0x69676572;
1652	region_table->entry_count = 2; /* BAT and Metadata */
1653
1654	rt_bat->guid = bat_guid;
1655	rt_bat->length = ROUND_UP(s->bat_entries * sizeof(VHDXBatEntry), MiB)(((s->bat_entries * sizeof(VHDXBatEntry)) + (((1 * 1024) * 1024)) - 1) & -(((1 * 1024) * 1024)));
1656	rt_bat->file_offset = ROUND_UP(VHDX_HEADER_SECTION_END + log_size, MiB)((((1 * ((1 * 1024) * 1024)) + log_size) + (((1 * 1024) * 1024 )) - 1) & -(((1 * 1024) * 1024)));
1657	s->bat_offset = rt_bat->file_offset;
1658
1659	rt_metadata->guid = metadata_guid;
1660	rt_metadata->file_offset = ROUND_UP(rt_bat->file_offset + rt_bat->length,(((rt_bat->file_offset + rt_bat->length) + (((1 * 1024) * 1024)) - 1) & -(((1 * 1024) * 1024)))
1661	MiB)(((rt_bat->file_offset + rt_bat->length) + (((1 * 1024) * 1024)) - 1) & -(((1 * 1024) * 1024)));
1662	rt_metadata->length = 1 * MiB((1 * 1024) * 1024); /* min size, and more than enough */
1663	*metadata_offset = rt_metadata->file_offset;
1664
1665	vhdx_update_checksum(buffer, VHDX_HEADER_BLOCK_SIZE(64 * 1024),
1666	offsetof(VHDXRegionTableHeader, checksum)__builtin_offsetof(VHDXRegionTableHeader, checksum));
1667
1668
1669	/* The region table gives us the data we need to create the BAT,
1670	* so do that now */
1671	ret = vhdx_create_bat(bs, s, image_size, type, use_zero_blocks, rt_bat);
	Value stored to 'ret' is never read
1672
1673	/* Now write out the region headers to disk */
1674	vhdx_region_header_le_export(region_table);
1675	vhdx_region_entry_le_export(rt_bat);
1676	vhdx_region_entry_le_export(rt_metadata);
1677
1678	ret = bdrv_pwrite(bs, VHDX_REGION_TABLE_OFFSET((64 * 1024) * 3), buffer,
1679	VHDX_HEADER_BLOCK_SIZE(64 * 1024));
1680	if (ret < 0) {
1681	goto exit;
1682	}
1683
1684	ret = bdrv_pwrite(bs, VHDX_REGION_TABLE2_OFFSET((64 * 1024) * 4), buffer,
1685	VHDX_HEADER_BLOCK_SIZE(64 * 1024));
1686	if (ret < 0) {
1687	goto exit;
1688	}
1689
1690
1691	exit:
1692	g_free(s);
1693	g_free(buffer);
1694	return ret;
1695	}
1696
1697	/* We need to create the following elements:
1698	*
1699	* .-----------------------------------------------------------------.
1700	* \| (A) \| (B) \| (C) \| (D) \| (E) \|
1701	* \| File ID \| Header1 \| Header 2 \| Region Tbl 1 \| Region Tbl 2 \|
1702	* \| \| \| \| \| \|
1703	* .-----------------------------------------------------------------.
1704	* 0 64KB 128KB 192KB 256KB 320KB
1705	*
1706	*
1707	* .---- ~ ----------- ~ ------------ ~ ---------------- ~ -----------.
1708	* \| (F) \| (G) \| (H) \| \|
1709	* \| Journal Log \| BAT / Bitmap \| Metadata \| .... data ...... \|
1710	* \| \| \| \| \|
1711	* .---- ~ ----------- ~ ------------ ~ ---------------- ~ -----------.
1712	* 1MB
1713	*/
1714	static int vhdx_create(const char filename, QEMUOptionParameter options,
1715	Error **errp)
1716	{
1717	int ret = 0;
1718	uint64_t image_size = (uint64_t) 2 * GiB(((1 * 1024) * 1024) * 1024);
1719	uint32_t log_size = 1 * MiB((1 * 1024) * 1024);
1720	uint32_t block_size = 0;
1721	uint64_t signature;
1722	uint64_t metadata_offset;
1723	bool_Bool use_zero_blocks = false0;
1724
1725	gunichar2 creator = NULL((void)0);
1726	glong creator_items;
1727	BlockDriverState *bs;
1728	const char type = NULL((void)0);
1729	VHDXImageType image_type;
1730	Error local_err = NULL((void)0);
1731
1732	while (options && options->name) {
1733	if (!strcmp(options->name, BLOCK_OPT_SIZE"size")) {
1734	image_size = options->value.n;
1735	} else if (!strcmp(options->name, VHDX_BLOCK_OPT_LOG_SIZE"log_size")) {
1736	log_size = options->value.n;
1737	} else if (!strcmp(options->name, VHDX_BLOCK_OPT_BLOCK_SIZE"block_size")) {
1738	block_size = options->value.n;
1739	} else if (!strcmp(options->name, BLOCK_OPT_SUBFMT"subformat")) {
1740	type = options->value.s;
1741	} else if (!strcmp(options->name, VHDX_BLOCK_OPT_ZERO"block_state_zero")) {
1742	use_zero_blocks = options->value.n != 0;
1743	}
1744	options++;
1745	}
1746
1747	if (image_size > VHDX_MAX_IMAGE_SIZE((uint64_t) 64 * ((uint64_t) (((1 * 1024) * 1024) * 1024) * 1024 ))) {
1748	error_setg_errno(errp, EINVAL, "Image size too large; max of 64TB")error_set_errno(errp, 22, ERROR_CLASS_GENERIC_ERROR, "Image size too large; max of 64TB" );
1749	ret = -EINVAL22;
1750	goto exit;
1751	}
1752
1753	if (type == NULL((void*)0)) {
1754	type = "dynamic";
1755	}
1756
1757	if (!strcmp(type, "dynamic")) {
1758	image_type = VHDX_TYPE_DYNAMIC;
1759	} else if (!strcmp(type, "fixed")) {
1760	image_type = VHDX_TYPE_FIXED;
1761	} else if (!strcmp(type, "differencing")) {
1762	error_setg_errno(errp, ENOTSUP,error_set_errno(errp, 95, ERROR_CLASS_GENERIC_ERROR, "Differencing files not yet supported" )
1763	"Differencing files not yet supported")error_set_errno(errp, 95, ERROR_CLASS_GENERIC_ERROR, "Differencing files not yet supported" );
1764	ret = -ENOTSUP95;
1765	goto exit;
1766	} else {
1767	ret = -EINVAL22;
1768	goto exit;
1769	}
1770
1771	/* These are pretty arbitrary, and mainly designed to keep the BAT
1772	* size reasonable to load into RAM */
1773	if (block_size == 0) {
1774	if (image_size > 32 * TiB((uint64_t) (((1 * 1024) * 1024) * 1024) * 1024)) {
1775	block_size = 64 * MiB((1 * 1024) * 1024);
1776	} else if (image_size > (uint64_t) 100 * GiB(((1 * 1024) * 1024) * 1024)) {
1777	block_size = 32 * MiB((1 * 1024) * 1024);
1778	} else if (image_size > 1 * GiB(((1 * 1024) * 1024) * 1024)) {
1779	block_size = 16 * MiB((1 * 1024) * 1024);
1780	} else {
1781	block_size = 8 * MiB((1 * 1024) * 1024);
1782	}
1783	}
1784
1785
1786	/* make the log size close to what was specified, but must be
1787	* min 1MB, and multiple of 1MB */
1788	log_size = ROUND_UP(log_size, MiB)(((log_size) + (((1 * 1024) * 1024)) - 1) & -(((1 * 1024) * 1024)));
1789
1790	block_size = ROUND_UP(block_size, MiB)(((block_size) + (((1 * 1024) * 1024)) - 1) & -(((1 * 1024 ) * 1024)));
1791	block_size = block_size > VHDX_BLOCK_SIZE_MAX(256 * ((1 * 1024) * 1024)) ? VHDX_BLOCK_SIZE_MAX(256 * ((1 * 1024) * 1024)) :
1792	block_size;
1793
1794	ret = bdrv_create_file(filename, options, &local_err);
1795	if (ret < 0) {
1796	error_propagate(errp, local_err);
1797	goto exit;
1798	}
1799
1800	ret = bdrv_file_open(&bs, filename, NULL((void*)0), BDRV_O_RDWR0x0002, &local_err);
1801	if (ret < 0) {
1802	error_propagate(errp, local_err);
1803	goto exit;
1804	}
1805
1806	/* Create (A) */
1807
1808	/* The creator field is optional, but may be useful for
1809	* debugging / diagnostics */
1810	creator = g_utf8_to_utf16("QEMU v" QEMU_VERSION"1.7.50", -1, NULL((void*)0),
1811	&creator_items, NULL((void*)0));
1812	signature = cpu_to_le64(VHDX_FILE_SIGNATURE0x656C696678646876);
1813	bdrv_pwrite(bs, VHDX_FILE_ID_OFFSET0, &signature, sizeof(signature));
1814	if (ret < 0) {
1815	goto delete_and_exit;
1816	}
1817	if (creator) {
1818	bdrv_pwrite(bs, VHDX_FILE_ID_OFFSET0 + sizeof(signature), creator,
1819	creator_items * sizeof(gunichar2));
1820	if (ret < 0) {
1821	goto delete_and_exit;
1822	}
1823	}
1824
1825
1826	/* Creates (B),(C) */
1827	ret = vhdx_create_new_headers(bs, image_size, log_size);
1828	if (ret < 0) {
1829	goto delete_and_exit;
1830	}
1831
1832	/* Creates (D),(E),(G) explicitly. (F) created as by-product */
1833	ret = vhdx_create_new_region_table(bs, image_size, block_size, 512,
1834	log_size, use_zero_blocks, image_type,
1835	&metadata_offset);
1836	if (ret < 0) {
1837	goto delete_and_exit;
1838	}
1839
1840	/* Creates (H) */
1841	ret = vhdx_create_new_metadata(bs, image_size, block_size, 512,
1842	metadata_offset, image_type);
1843	if (ret < 0) {
1844	goto delete_and_exit;
1845	}
1846
1847
1848
1849	delete_and_exit:
1850	bdrv_unref(bs);
1851	exit:
1852	g_free(creator);
1853	return ret;
1854	}
1855
1856	/* If opened r/w, the VHDX driver will automatically replay the log,
1857	* if one is present, inside the vhdx_open() call.
1858	*
1859	* If qemu-img check -r all is called, the image is automatically opened
1860	* r/w and any log has already been replayed, so there is nothing (currently)
1861	* for us to do here
1862	*/
1863	static int vhdx_check(BlockDriverState bs, BdrvCheckResult result,
1864	BdrvCheckMode fix)
1865	{
1866	BDRVVHDXState *s = bs->opaque;
1867
1868	if (s->log_replayed_on_open) {
1869	result->corruptions_fixed++;
1870	}
1871	return 0;
1872	}
1873
1874	static QEMUOptionParameter vhdx_create_options[] = {
1875	{
1876	.name = BLOCK_OPT_SIZE"size",
1877	.type = OPT_SIZE,
1878	.help = "Virtual disk size; max of 64TB."
1879	},
1880	{
1881	.name = VHDX_BLOCK_OPT_LOG_SIZE"log_size",
1882	.type = OPT_SIZE,
1883	.value.n = 1 * MiB((1 * 1024) * 1024),
1884	.help = "Log size; min 1MB."
1885	},
1886	{
1887	.name = VHDX_BLOCK_OPT_BLOCK_SIZE"block_size",
1888	.type = OPT_SIZE,
1889	.value.n = 0,
1890	.help = "Block Size; min 1MB, max 256MB. " \
1891	"0 means auto-calculate based on image size."
1892	},
1893	{
1894	.name = BLOCK_OPT_SUBFMT"subformat",
1895	.type = OPT_STRING,
1896	.help = "VHDX format type, can be either 'dynamic' or 'fixed'. "\
1897	"Default is 'dynamic'."
1898	},
1899	{
1900	.name = VHDX_BLOCK_OPT_ZERO"block_state_zero",
1901	.type = OPT_FLAG,
1902	.help = "Force use of payload blocks of type 'ZERO'. Non-standard."
1903	},
1904	{ NULL((void*)0) }
1905	};
1906
1907	static BlockDriver bdrv_vhdx = {
1908	.format_name = "vhdx",
1909	.instance_size = sizeof(BDRVVHDXState),
1910	.bdrv_probe = vhdx_probe,
1911	.bdrv_open = vhdx_open,
1912	.bdrv_close = vhdx_close,
1913	.bdrv_reopen_prepare = vhdx_reopen_prepare,
1914	.bdrv_co_readv = vhdx_co_readv,
1915	.bdrv_co_writev = vhdx_co_writev,
1916	.bdrv_create = vhdx_create,
1917	.bdrv_get_info = vhdx_get_info,
1918	.bdrv_check = vhdx_check,
1919
1920	.create_options = vhdx_create_options,
1921	};
1922
1923	static void bdrv_vhdx_init(void)
1924	{
1925	bdrv_register(&bdrv_vhdx);
1926	}
1927
1928	block_init(bdrv_vhdx_init)static void __attribute__((constructor)) do_qemu_init_bdrv_vhdx_init (void) { register_module_init(bdrv_vhdx_init, MODULE_INIT_BLOCK ); };