1 /* 2 * Block driver for the QCOW version 2 format 3 * 4 * Copyright (c) 2004-2006 Fabrice Bellard 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25 #ifndef BLOCK_QCOW2_H 26 #define BLOCK_QCOW2_H 27 28 #ifdef __cplusplus 29 extern "C" { 30 #endif 31 32 #include "qemu_dep.h" 33 34 //#define DEBUG_ALLOC 35 //#define DEBUG_ALLOC2 36 //#define DEBUG_EXT 37 38 #define QCOW_MAGIC (('Q' << 24) | ('F' << 16) | ('I' << 8) | 0xfb) 39 40 #define QCOW_CRYPT_NONE 0 41 #define QCOW_CRYPT_AES 1 42 #define QCOW_CRYPT_LUKS 2 43 44 #define QCOW_MAX_CRYPT_CLUSTERS 32 45 #define QCOW_MAX_SNAPSHOTS 65536 46 47 /* Field widths in qcow2 mean normal cluster offsets cannot reach 48 * 64PB; depending on cluster size, compressed clusters can have a 49 * smaller limit (64PB for up to 16k clusters, then ramps down to 50 * 512TB for 2M clusters). */ 51 #define QCOW_MAX_CLUSTER_OFFSET ((1ULL << 56) - 1) 52 53 /* 8 MB refcount table is enough for 2 PB images at 64k cluster size 54 * (128 GB for 512 byte clusters, 2 EB for 2 MB clusters) */ 55 #define QCOW_MAX_REFTABLE_SIZE (8 * MiB) 56 57 /* 32 MB L1 table is enough for 2 PB images at 64k cluster size 58 * (128 GB for 512 byte clusters, 2 EB for 2 MB clusters) */ 59 #define QCOW_MAX_L1_SIZE (32 * MiB) 60 61 /* Allow for an average of 1k per snapshot table entry, should be plenty of 62 * space for snapshot names and IDs */ 63 #define QCOW_MAX_SNAPSHOTS_SIZE (1024 * QCOW_MAX_SNAPSHOTS) 64 65 /* Maximum amount of extra data per snapshot table entry to accept */ 66 #define QCOW_MAX_SNAPSHOT_EXTRA_DATA 1024 67 68 /* Bitmap header extension constraints */ 69 #define QCOW2_MAX_BITMAPS 65535 70 #define QCOW2_MAX_BITMAP_DIRECTORY_SIZE (1024 * QCOW2_MAX_BITMAPS) 71 72 /* indicate that the refcount of the referenced cluster is exactly one. */ 73 #define QCOW_OFLAG_COPIED (1ULL << 63) 74 /* indicate that the cluster is compressed (they never have the copied flag) */ 75 #define QCOW_OFLAG_COMPRESSED (1ULL << 62) 76 /* The cluster reads as all zeros */ 77 #define QCOW_OFLAG_ZERO (1ULL << 0) 78 79 #define QCOW_EXTL2_SUBCLUSTERS_PER_CLUSTER 32 80 81 /* The subcluster X [0..31] is allocated */ 82 #define QCOW_OFLAG_SUB_ALLOC(X) (1ULL << (X)) 83 /* The subcluster X [0..31] reads as zeroes */ 84 #define QCOW_OFLAG_SUB_ZERO(X) (QCOW_OFLAG_SUB_ALLOC(X) << 32) 85 /* Subclusters [X, Y) (0 <= X <= Y <= 32) are allocated */ 86 #define QCOW_OFLAG_SUB_ALLOC_RANGE(X, Y) \ 87 (QCOW_OFLAG_SUB_ALLOC(Y) - QCOW_OFLAG_SUB_ALLOC(X)) 88 /* Subclusters [X, Y) (0 <= X <= Y <= 32) read as zeroes */ 89 #define QCOW_OFLAG_SUB_ZERO_RANGE(X, Y) \ 90 (QCOW_OFLAG_SUB_ALLOC_RANGE(X, Y) << 32) 91 /* L2 entry bitmap with all allocation bits set */ 92 #define QCOW_L2_BITMAP_ALL_ALLOC (QCOW_OFLAG_SUB_ALLOC_RANGE(0, 32)) 93 /* L2 entry bitmap with all "read as zeroes" bits set */ 94 #define QCOW_L2_BITMAP_ALL_ZEROES (QCOW_OFLAG_SUB_ZERO_RANGE(0, 32)) 95 96 /* Size of normal and extended L2 entries */ 97 #define L2E_SIZE_NORMAL (sizeof(uint64_t)) 98 #define L2E_SIZE_EXTENDED (sizeof(uint64_t) * 2) 99 100 /* Size of L1 table entries */ 101 #define L1E_SIZE (sizeof(uint64_t)) 102 103 /* Size of reftable entries */ 104 #define REFTABLE_ENTRY_SIZE (sizeof(uint64_t)) 105 106 #define MIN_CLUSTER_BITS 9 107 #define MAX_CLUSTER_BITS 21 108 109 /* Defined in the qcow2 spec (compressed cluster descriptor) */ 110 #define QCOW2_COMPRESSED_SECTOR_SIZE 512U 111 112 /* Must be at least 2 to cover COW */ 113 #define MIN_L2_CACHE_SIZE 2 /* cache entries */ 114 115 /* Must be at least 4 to cover all cases of refcount table growth */ 116 #define MIN_REFCOUNT_CACHE_SIZE 4 /* clusters */ 117 118 #define DEFAULT_L2_CACHE_MAX_SIZE (32 * MiB) 119 #define DEFAULT_CACHE_CLEAN_INTERVAL 600 /* seconds */ 120 121 #define DEFAULT_CLUSTER_SIZE 65536 122 123 #define QCOW2_OPT_DATA_FILE "data-file" 124 #define QCOW2_OPT_LAZY_REFCOUNTS "lazy-refcounts" 125 #define QCOW2_OPT_DISCARD_REQUEST "pass-discard-request" 126 #define QCOW2_OPT_DISCARD_SNAPSHOT "pass-discard-snapshot" 127 #define QCOW2_OPT_DISCARD_OTHER "pass-discard-other" 128 #define QCOW2_OPT_OVERLAP "overlap-check" 129 #define QCOW2_OPT_OVERLAP_TEMPLATE "overlap-check.template" 130 #define QCOW2_OPT_OVERLAP_MAIN_HEADER "overlap-check.main-header" 131 #define QCOW2_OPT_OVERLAP_ACTIVE_L1 "overlap-check.active-l1" 132 #define QCOW2_OPT_OVERLAP_ACTIVE_L2 "overlap-check.active-l2" 133 #define QCOW2_OPT_OVERLAP_REFCOUNT_TABLE "overlap-check.refcount-table" 134 #define QCOW2_OPT_OVERLAP_REFCOUNT_BLOCK "overlap-check.refcount-block" 135 #define QCOW2_OPT_OVERLAP_SNAPSHOT_TABLE "overlap-check.snapshot-table" 136 #define QCOW2_OPT_OVERLAP_INACTIVE_L1 "overlap-check.inactive-l1" 137 #define QCOW2_OPT_OVERLAP_INACTIVE_L2 "overlap-check.inactive-l2" 138 #define QCOW2_OPT_OVERLAP_BITMAP_DIRECTORY "overlap-check.bitmap-directory" 139 #define QCOW2_OPT_CACHE_SIZE "cache-size" 140 #define QCOW2_OPT_L2_CACHE_SIZE "l2-cache-size" 141 #define QCOW2_OPT_L2_CACHE_ENTRY_SIZE "l2-cache-entry-size" 142 #define QCOW2_OPT_REFCOUNT_CACHE_SIZE "refcount-cache-size" 143 #define QCOW2_OPT_CACHE_CLEAN_INTERVAL "cache-clean-interval" 144 145 typedef struct QCowHeader { 146 uint32_t magic; 147 uint32_t version; 148 uint64_t backing_file_offset; 149 uint32_t backing_file_size; 150 uint32_t cluster_bits; 151 uint64_t size; /* in bytes */ 152 uint32_t crypt_method; 153 uint32_t l1_size; /* XXX: save number of clusters instead ? */ 154 uint64_t l1_table_offset; 155 uint64_t refcount_table_offset; 156 uint32_t refcount_table_clusters; 157 uint32_t nb_snapshots; 158 uint64_t snapshots_offset; 159 160 /* The following fields are only valid for version >= 3 */ 161 uint64_t incompatible_features; 162 uint64_t compatible_features; 163 uint64_t autoclear_features; 164 165 uint32_t refcount_order; 166 uint32_t header_length; 167 168 /* Additional fields */ 169 uint8_t compression_type; 170 171 /* header must be a multiple of 8 */ 172 uint8_t padding[7]; 173 } QEMU_PACKED QCowHeader; 174 175 //QEMU_BUILD_BUG_ON(!QEMU_IS_ALIGNED(sizeof(QCowHeader), 8)); 176 177 typedef struct QEMU_PACKED QCowSnapshotHeader { 178 /* header is 8 byte aligned */ 179 uint64_t l1_table_offset; 180 181 uint32_t l1_size; 182 uint16_t id_str_size; 183 uint16_t name_size; 184 185 uint32_t date_sec; 186 uint32_t date_nsec; 187 188 uint64_t vm_clock_nsec; 189 190 uint32_t vm_state_size; 191 uint32_t extra_data_size; /* for extension */ 192 /* extra data follows */ 193 /* id_str follows */ 194 /* name follows */ 195 } QCowSnapshotHeader; 196 197 typedef struct QEMU_PACKED QCowSnapshotExtraData { 198 uint64_t vm_state_size_large; 199 uint64_t disk_size; 200 uint64_t icount; 201 } QCowSnapshotExtraData; 202 203 204 typedef struct Qcow2CryptoHeaderExtension { 205 uint64_t offset; 206 uint64_t length; 207 } QEMU_PACKED Qcow2CryptoHeaderExtension; 208 209 enum { 210 QCOW2_FEAT_TYPE_INCOMPATIBLE = 0, 211 QCOW2_FEAT_TYPE_COMPATIBLE = 1, 212 QCOW2_FEAT_TYPE_AUTOCLEAR = 2, 213 }; 214 215 /* Incompatible feature bits */ 216 enum { 217 QCOW2_INCOMPAT_DIRTY_BITNR = 0, 218 QCOW2_INCOMPAT_CORRUPT_BITNR = 1, 219 QCOW2_INCOMPAT_DATA_FILE_BITNR = 2, 220 QCOW2_INCOMPAT_COMPRESSION_BITNR = 3, 221 QCOW2_INCOMPAT_EXTL2_BITNR = 4, 222 QCOW2_INCOMPAT_DIRTY = 1 << QCOW2_INCOMPAT_DIRTY_BITNR, 223 QCOW2_INCOMPAT_CORRUPT = 1 << QCOW2_INCOMPAT_CORRUPT_BITNR, 224 QCOW2_INCOMPAT_DATA_FILE = 1 << QCOW2_INCOMPAT_DATA_FILE_BITNR, 225 QCOW2_INCOMPAT_COMPRESSION = 1 << QCOW2_INCOMPAT_COMPRESSION_BITNR, 226 QCOW2_INCOMPAT_EXTL2 = 1 << QCOW2_INCOMPAT_EXTL2_BITNR, 227 228 QCOW2_INCOMPAT_MASK = QCOW2_INCOMPAT_DIRTY 229 | QCOW2_INCOMPAT_CORRUPT 230 | QCOW2_INCOMPAT_DATA_FILE 231 | QCOW2_INCOMPAT_COMPRESSION 232 | QCOW2_INCOMPAT_EXTL2, 233 }; 234 235 /* Compatible feature bits */ 236 enum { 237 QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR = 0, 238 QCOW2_COMPAT_LAZY_REFCOUNTS = 1 << QCOW2_COMPAT_LAZY_REFCOUNTS_BITNR, 239 240 QCOW2_COMPAT_FEAT_MASK = QCOW2_COMPAT_LAZY_REFCOUNTS, 241 }; 242 243 /* Autoclear feature bits */ 244 enum { 245 QCOW2_AUTOCLEAR_BITMAPS_BITNR = 0, 246 QCOW2_AUTOCLEAR_DATA_FILE_RAW_BITNR = 1, 247 QCOW2_AUTOCLEAR_BITMAPS = 1 << QCOW2_AUTOCLEAR_BITMAPS_BITNR, 248 QCOW2_AUTOCLEAR_DATA_FILE_RAW = 1 << QCOW2_AUTOCLEAR_DATA_FILE_RAW_BITNR, 249 250 QCOW2_AUTOCLEAR_MASK = QCOW2_AUTOCLEAR_BITMAPS 251 | QCOW2_AUTOCLEAR_DATA_FILE_RAW, 252 }; 253 254 enum qcow2_discard_type { 255 QCOW2_DISCARD_NEVER = 0, 256 QCOW2_DISCARD_ALWAYS, 257 QCOW2_DISCARD_REQUEST, 258 QCOW2_DISCARD_SNAPSHOT, 259 QCOW2_DISCARD_OTHER, 260 QCOW2_DISCARD_MAX 261 }; 262 263 typedef struct Qcow2Feature { 264 uint8_t type; 265 uint8_t bit; 266 char name[46]; 267 } QEMU_PACKED Qcow2Feature; 268 269 270 typedef struct Qcow2BitmapHeaderExt { 271 uint32_t nb_bitmaps; 272 uint32_t reserved32; 273 uint64_t bitmap_directory_size; 274 uint64_t bitmap_directory_offset; 275 } QEMU_PACKED Qcow2BitmapHeaderExt; 276 277 278 /* 279 * In images with standard L2 entries all clusters are treated as if 280 * they had one subcluster so QCow2ClusterType and QCow2SubclusterType 281 * can be mapped to each other and have the exact same meaning 282 * (QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC cannot happen in these images). 283 * 284 * In images with extended L2 entries QCow2ClusterType refers to the 285 * complete cluster and QCow2SubclusterType to each of the individual 286 * subclusters, so there are several possible combinations: 287 * 288 * |--------------+---------------------------| 289 * | Cluster type | Possible subcluster types | 290 * |--------------+---------------------------| 291 * | UNALLOCATED | UNALLOCATED_PLAIN | 292 * | | ZERO_PLAIN | 293 * |--------------+---------------------------| 294 * | NORMAL | UNALLOCATED_ALLOC | 295 * | | ZERO_ALLOC | 296 * | | NORMAL | 297 * |--------------+---------------------------| 298 * | COMPRESSED | COMPRESSED | 299 * |--------------+---------------------------| 300 * 301 * QCOW2_SUBCLUSTER_INVALID means that the L2 entry is incorrect and 302 * the image should be marked corrupt. 303 */ 304 305 typedef enum QCow2ClusterType { 306 QCOW2_CLUSTER_UNALLOCATED, 307 QCOW2_CLUSTER_ZERO_PLAIN, 308 QCOW2_CLUSTER_ZERO_ALLOC, 309 QCOW2_CLUSTER_NORMAL, 310 QCOW2_CLUSTER_COMPRESSED, 311 } QCow2ClusterType; 312 313 typedef enum QCow2SubclusterType { 314 QCOW2_SUBCLUSTER_UNALLOCATED_PLAIN, 315 QCOW2_SUBCLUSTER_UNALLOCATED_ALLOC, 316 QCOW2_SUBCLUSTER_ZERO_PLAIN, 317 QCOW2_SUBCLUSTER_ZERO_ALLOC, 318 QCOW2_SUBCLUSTER_NORMAL, 319 QCOW2_SUBCLUSTER_COMPRESSED, 320 QCOW2_SUBCLUSTER_INVALID, 321 } QCow2SubclusterType; 322 323 typedef enum QCow2MetadataOverlap { 324 QCOW2_OL_MAIN_HEADER_BITNR = 0, 325 QCOW2_OL_ACTIVE_L1_BITNR = 1, 326 QCOW2_OL_ACTIVE_L2_BITNR = 2, 327 QCOW2_OL_REFCOUNT_TABLE_BITNR = 3, 328 QCOW2_OL_REFCOUNT_BLOCK_BITNR = 4, 329 QCOW2_OL_SNAPSHOT_TABLE_BITNR = 5, 330 QCOW2_OL_INACTIVE_L1_BITNR = 6, 331 QCOW2_OL_INACTIVE_L2_BITNR = 7, 332 QCOW2_OL_BITMAP_DIRECTORY_BITNR = 8, 333 334 QCOW2_OL_MAX_BITNR = 9, 335 336 QCOW2_OL_NONE = 0, 337 QCOW2_OL_MAIN_HEADER = (1 << QCOW2_OL_MAIN_HEADER_BITNR), 338 QCOW2_OL_ACTIVE_L1 = (1 << QCOW2_OL_ACTIVE_L1_BITNR), 339 QCOW2_OL_ACTIVE_L2 = (1 << QCOW2_OL_ACTIVE_L2_BITNR), 340 QCOW2_OL_REFCOUNT_TABLE = (1 << QCOW2_OL_REFCOUNT_TABLE_BITNR), 341 QCOW2_OL_REFCOUNT_BLOCK = (1 << QCOW2_OL_REFCOUNT_BLOCK_BITNR), 342 QCOW2_OL_SNAPSHOT_TABLE = (1 << QCOW2_OL_SNAPSHOT_TABLE_BITNR), 343 QCOW2_OL_INACTIVE_L1 = (1 << QCOW2_OL_INACTIVE_L1_BITNR), 344 /* NOTE: Checking overlaps with inactive L2 tables will result in bdrv 345 * reads. */ 346 QCOW2_OL_INACTIVE_L2 = (1 << QCOW2_OL_INACTIVE_L2_BITNR), 347 QCOW2_OL_BITMAP_DIRECTORY = (1 << QCOW2_OL_BITMAP_DIRECTORY_BITNR), 348 } QCow2MetadataOverlap; 349 350 /* Perform all overlap checks which can be done in constant time */ 351 #define QCOW2_OL_CONSTANT \ 352 (QCOW2_OL_MAIN_HEADER | QCOW2_OL_ACTIVE_L1 | QCOW2_OL_REFCOUNT_TABLE | \ 353 QCOW2_OL_SNAPSHOT_TABLE | QCOW2_OL_BITMAP_DIRECTORY) 354 355 /* Perform all overlap checks which don't require disk access */ 356 #define QCOW2_OL_CACHED \ 357 (QCOW2_OL_CONSTANT | QCOW2_OL_ACTIVE_L2 | QCOW2_OL_REFCOUNT_BLOCK | \ 358 QCOW2_OL_INACTIVE_L1) 359 360 /* Perform all overlap checks */ 361 #define QCOW2_OL_ALL \ 362 (QCOW2_OL_CACHED | QCOW2_OL_INACTIVE_L2) 363 364 #define L1E_OFFSET_MASK 0x00fffffffffffe00ULL 365 #define L1E_RESERVED_MASK 0x7f000000000001ffULL 366 #define L2E_OFFSET_MASK 0x00fffffffffffe00ULL 367 #define L2E_STD_RESERVED_MASK 0x3f000000000001feULL 368 369 #define REFT_OFFSET_MASK 0xfffffffffffffe00ULL 370 #define REFT_RESERVED_MASK 0x1ffULL 371 372 #define INV_OFFSET (-1ULL) 373 374 #ifdef __cplusplus 375 } 376 #endif 377 378 #endif 379