* Oleinik, Alexander (alx...@bu.edu) wrote:
Actually, we've already got a RAM backed QEMU File setup.
You create a 'qio_channel_buffer' and use qemu_fopen_channel_* on it;
see migration/savevm.c:loadvm_handle_cmd_packaged where we load into
one of these buffersa(bioc) and then open it as a QEMUFile (packf)
And see migration/migration.c postcopy_start where we create one
(again the channel buffer is bioc, the file is 'fb')
Dave
> Signed-off-by: Alexander Oleinik <alx...@bu.edu>
> ---
> migration/qemu-file.c | 84 +++++++++++++++++++++++++++++++++++++++++++
> migration/qemu-file.h | 11 ++++++
> 2 files changed, 95 insertions(+)
>
> diff --git a/migration/qemu-file.c b/migration/qemu-file.c
> index 0431585502..453e2897d5 100644
> --- a/migration/qemu-file.c
> +++ b/migration/qemu-file.c
> @@ -786,3 +786,87 @@ void qemu_file_set_blocking(QEMUFile *f, bool block)
> f->ops->set_blocking(f->opaque, block);
> }
> }
> +
> +#ifdef CONFIG_FUZZ
> +#define INCREMENT 10240
> +static ssize_t ram_writev_buffer(void *opaque, struct iovec *iov, int iovcnt,
> + int64_t pos)
> +{
> + ram_disk *rd = (ram_disk *)opaque;
> + gsize newsize;
> + ssize_t total_size = 0;
> + int i;
> + if (!rd->base) {
> + rd->base = g_malloc(INCREMENT);
> + rd->len = INCREMENT;
> + }
> + for (i = 0; i < iovcnt; i++) {
> + if (pos + iov[i].iov_len >= rd->len) {
> + newsize = ((pos + iov[i].iov_len) / INCREMENT + 1) * INCREMENT;
> + rd->base = g_realloc(rd->base, newsize);
> + rd->len = newsize;
> + }
> + memcpy(rd->base + pos, iov[i].iov_base, iov[i].iov_len);
> + pos += iov[i].iov_len;
> + total_size += iov[i].iov_len;
> + }
> + return total_size;
> +}
> +
> +static ssize_t ram_get_buffer(void *opaque, uint8_t *buf, int64_t pos,
> + size_t size)
> +{
> + ram_disk *rd = (ram_disk *)opaque;
> + if (pos + size > rd->len) {
> + if (rd->len - pos >= 0) {
> + memcpy(buf, rd->base + pos, rd->len - pos);
> + size = rd->len - pos;
> + }
> + } else {
> + memcpy(buf, rd->base + pos, size);
> + }
> + return size;
> +}
> +
> +static int ram_fclose(void *opaque)
> +{
> + return 0;
> +}
> +
> +static const QEMUFileOps ram_read_ops = {
> + .get_buffer = ram_get_buffer,
> + .close = ram_fclose
> +};
> +
> +static const QEMUFileOps ram_write_ops = {
> + .writev_buffer = ram_writev_buffer,
> + .close = ram_fclose
> +};
> +
> +QEMUFile *qemu_fopen_ram(ram_disk **return_rd)
> +{
> + ram_disk *rd = g_new0(ram_disk, 1);
> + *return_rd = rd;
> + return qemu_fopen_ops(rd, &ram_write_ops);
> +}
> +
> +QEMUFile *qemu_fopen_ro_ram(ram_disk* rd)
> +{
> + return qemu_fopen_ops(rd, &ram_read_ops);
> +}
> +
> +void qemu_freopen_ro_ram(QEMUFile *f)
> +{
> + void *rd = f->opaque;
> + f->bytes_xfer = 0;
> + f->xfer_limit = 0;
> + f->last_error = 0;
> + f->iovcnt = 0;
> + f->buf_index = 0;
> + f->buf_size = 0;
> + f->pos = 0;
> + f->ops = &ram_read_ops;
> + f->opaque = rd;
> + return;
> +}
> +#endif
> diff --git a/migration/qemu-file.h b/migration/qemu-file.h
> index 13baf896bd..7048674f1b 100644
> --- a/migration/qemu-file.h
> +++ b/migration/qemu-file.h
> @@ -177,4 +177,15 @@ size_t ram_control_save_page(QEMUFile *f, ram_addr_t
> block_offset,
>
> void qemu_put_counted_string(QEMUFile *f, const char *name);
>
> +#ifdef CONFIG_FUZZ
> +typedef struct ram_disk {
> + void *base;
> + gsize len;
> +} ram_disk;
> +
> +QEMUFile *qemu_fopen_ram(ram_disk **rd);
> +QEMUFile *qemu_fopen_ro_ram(ram_disk* rd);
> +void qemu_freopen_ro_ram(QEMUFile *f);
> +#endif
> +
> #endif
> --
> 2.20.1
>
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
