Print this page
5513 KM_NORMALPRI should be documented in kmem_alloc(9f) and kmem_cache_create(9f) man pages
14465 Present KM_NOSLEEP_LAZY as documented interface
Change-Id: I002ec28ddf390650f1fcba1ca94f6abfdb241439
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/zfs/zcp.c
+++ new/usr/src/uts/common/fs/zfs/zcp.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * This file and its contents are supplied under the terms of the
5 5 * Common Development and Distribution License ("CDDL"), version 1.0.
6 6 * You may only use this file in accordance with the terms of version
7 7 * 1.0 of the CDDL.
8 8 *
9 9 * A full copy of the text of the CDDL should have accompanied this
10 10 * source. A copy of the CDDL is also available via the Internet at
11 11 * http://www.illumos.org/license/CDDL.
12 12 *
13 13 * CDDL HEADER END
14 14 */
15 15
16 16 /*
17 17 * Copyright (c) 2016, 2017 by Delphix. All rights reserved.
18 18 */
19 19
20 20 /*
21 21 * ZFS Channel Programs (ZCP)
22 22 *
23 23 * The ZCP interface allows various ZFS commands and operations ZFS
24 24 * administrative operations (e.g. creating and destroying snapshots, typically
25 25 * performed via an ioctl to /dev/zfs by the zfs(1M) command and
26 26 * libzfs/libzfs_core) to be run * programmatically as a Lua script. A ZCP
27 27 * script is run as a dsl_sync_task and fully executed during one transaction
28 28 * group sync. This ensures that no other changes can be written concurrently
29 29 * with a running Lua script. Combining multiple calls to the exposed ZFS
30 30 * functions into one script gives a number of benefits:
31 31 *
32 32 * 1. Atomicity. For some compound or iterative operations, it's useful to be
33 33 * able to guarantee that the state of a pool has not changed between calls to
34 34 * ZFS.
35 35 *
36 36 * 2. Performance. If a large number of changes need to be made (e.g. deleting
37 37 * many filesystems), there can be a significant performance penalty as a
38 38 * result of the need to wait for a transaction group sync to pass for every
39 39 * single operation. When expressed as a single ZCP script, all these changes
40 40 * can be performed at once in one txg sync.
41 41 *
42 42 * A modified version of the Lua 5.2 interpreter is used to run channel program
43 43 * scripts. The Lua 5.2 manual can be found at:
44 44 *
45 45 * http://www.lua.org/manual/5.2/
46 46 *
47 47 * If being run by a user (via an ioctl syscall), executing a ZCP script
48 48 * requires root privileges in the global zone.
49 49 *
50 50 * Scripts are passed to zcp_eval() as a string, then run in a synctask by
51 51 * zcp_eval_sync(). Arguments can be passed into the Lua script as an nvlist,
52 52 * which will be converted to a Lua table. Similarly, values returned from
53 53 * a ZCP script will be converted to an nvlist. See zcp_lua_to_nvlist_impl()
54 54 * for details on exact allowed types and conversion.
55 55 *
56 56 * ZFS functionality is exposed to a ZCP script as a library of function calls.
57 57 * These calls are sorted into submodules, such as zfs.list and zfs.sync, for
58 58 * iterators and synctasks, respectively. Each of these submodules resides in
59 59 * its own source file, with a zcp_*_info structure describing each library
60 60 * call in the submodule.
61 61 *
62 62 * Error handling in ZCP scripts is handled by a number of different methods
63 63 * based on severity:
64 64 *
65 65 * 1. Memory and time limits are in place to prevent a channel program from
66 66 * consuming excessive system or running forever. If one of these limits is
67 67 * hit, the channel program will be stopped immediately and return from
68 68 * zcp_eval() with an error code. No attempt will be made to roll back or undo
69 69 * any changes made by the channel program before the error occured.
70 70 * Consumers invoking zcp_eval() from elsewhere in the kernel may pass a time
71 71 * limit of 0, disabling the time limit.
72 72 *
73 73 * 2. Internal Lua errors can occur as a result of a syntax error, calling a
74 74 * library function with incorrect arguments, invoking the error() function,
75 75 * failing an assert(), or other runtime errors. In these cases the channel
76 76 * program will stop executing and return from zcp_eval() with an error code.
77 77 * In place of a return value, an error message will also be returned in the
78 78 * 'result' nvlist containing information about the error. No attempt will be
79 79 * made to roll back or undo any changes made by the channel program before the
80 80 * error occured.
81 81 *
82 82 * 3. If an error occurs inside a ZFS library call which returns an error code,
83 83 * the error is returned to the Lua script to be handled as desired.
84 84 *
85 85 * In the first two cases, Lua's error-throwing mechanism is used, which
86 86 * longjumps out of the script execution with luaL_error() and returns with the
87 87 * error.
88 88 *
89 89 * See zfs-program(1M) for more information on high level usage.
90 90 */
91 91
92 92 #include "lua.h"
93 93 #include "lualib.h"
94 94 #include "lauxlib.h"
95 95
96 96 #include <sys/dsl_prop.h>
97 97 #include <sys/dsl_synctask.h>
98 98 #include <sys/dsl_dataset.h>
99 99 #include <sys/zcp.h>
100 100 #include <sys/zcp_iter.h>
101 101 #include <sys/zcp_prop.h>
102 102 #include <sys/zcp_global.h>
103 103 #include <util/sscanf.h>
104 104
105 105 #define ZCP_NVLIST_MAX_DEPTH 20
106 106
107 107 uint64_t zfs_lua_check_instrlimit_interval = 100;
108 108 uint64_t zfs_lua_max_instrlimit = ZCP_MAX_INSTRLIMIT;
109 109 uint64_t zfs_lua_max_memlimit = ZCP_MAX_MEMLIMIT;
110 110
111 111 /*
112 112 * Forward declarations for mutually recursive functions
113 113 */
114 114 static int zcp_nvpair_value_to_lua(lua_State *, nvpair_t *, char *, int);
115 115 static int zcp_lua_to_nvlist_impl(lua_State *, int, nvlist_t *, const char *,
116 116 int);
117 117
118 118 /*
119 119 * The outer-most error callback handler for use with lua_pcall(). On
120 120 * error Lua will call this callback with a single argument that
121 121 * represents the error value. In most cases this will be a string
122 122 * containing an error message, but channel programs can use Lua's
123 123 * error() function to return arbitrary objects as errors. This callback
124 124 * returns (on the Lua stack) the original error object along with a traceback.
125 125 *
126 126 * Fatal Lua errors can occur while resources are held, so we also call any
127 127 * registered cleanup function here.
128 128 */
129 129 static int
130 130 zcp_error_handler(lua_State *state)
131 131 {
132 132 const char *msg;
133 133
134 134 zcp_cleanup(state);
135 135
136 136 VERIFY3U(1, ==, lua_gettop(state));
137 137 msg = lua_tostring(state, 1);
138 138 luaL_traceback(state, state, msg, 1);
139 139 return (1);
140 140 }
141 141
142 142 int
143 143 zcp_argerror(lua_State *state, int narg, const char *msg, ...)
144 144 {
145 145 va_list alist;
146 146
147 147 va_start(alist, msg);
148 148 const char *buf = lua_pushvfstring(state, msg, alist);
149 149 va_end(alist);
150 150
151 151 return (luaL_argerror(state, narg, buf));
152 152 }
153 153
154 154 /*
155 155 * Install a new cleanup function, which will be invoked with the given
156 156 * opaque argument if a fatal error causes the Lua interpreter to longjump out
157 157 * of a function call.
158 158 *
159 159 * If an error occurs, the cleanup function will be invoked exactly once and
160 160 * then unreigstered.
161 161 *
162 162 * Returns the registered cleanup handler so the caller can deregister it
163 163 * if no error occurs.
164 164 */
165 165 zcp_cleanup_handler_t *
166 166 zcp_register_cleanup(lua_State *state, zcp_cleanup_t cleanfunc, void *cleanarg)
167 167 {
168 168 zcp_run_info_t *ri = zcp_run_info(state);
169 169
170 170 zcp_cleanup_handler_t *zch = kmem_alloc(sizeof (*zch), KM_SLEEP);
171 171 zch->zch_cleanup_func = cleanfunc;
172 172 zch->zch_cleanup_arg = cleanarg;
173 173 list_insert_head(&ri->zri_cleanup_handlers, zch);
174 174
175 175 return (zch);
176 176 }
177 177
178 178 void
179 179 zcp_deregister_cleanup(lua_State *state, zcp_cleanup_handler_t *zch)
180 180 {
181 181 zcp_run_info_t *ri = zcp_run_info(state);
182 182 list_remove(&ri->zri_cleanup_handlers, zch);
183 183 kmem_free(zch, sizeof (*zch));
184 184 }
185 185
186 186 /*
187 187 * Execute the currently registered cleanup handlers then free them and
188 188 * destroy the handler list.
189 189 */
190 190 void
191 191 zcp_cleanup(lua_State *state)
192 192 {
193 193 zcp_run_info_t *ri = zcp_run_info(state);
194 194
195 195 for (zcp_cleanup_handler_t *zch =
196 196 list_remove_head(&ri->zri_cleanup_handlers); zch != NULL;
197 197 zch = list_remove_head(&ri->zri_cleanup_handlers)) {
198 198 zch->zch_cleanup_func(zch->zch_cleanup_arg);
199 199 kmem_free(zch, sizeof (*zch));
200 200 }
201 201 }
202 202
203 203 /*
204 204 * Convert the lua table at the given index on the Lua stack to an nvlist
205 205 * and return it.
206 206 *
207 207 * If the table can not be converted for any reason, NULL is returned and
208 208 * an error message is pushed onto the Lua stack.
209 209 */
210 210 static nvlist_t *
211 211 zcp_table_to_nvlist(lua_State *state, int index, int depth)
212 212 {
213 213 nvlist_t *nvl;
214 214 /*
215 215 * Converting a Lua table to an nvlist with key uniqueness checking is
216 216 * O(n^2) in the number of keys in the nvlist, which can take a long
217 217 * time when we return a large table from a channel program.
218 218 * Furthermore, Lua's table interface *almost* guarantees unique keys
219 219 * on its own (details below). Therefore, we don't use fnvlist_alloc()
220 220 * here to avoid the built-in uniqueness checking.
221 221 *
222 222 * The *almost* is because it's possible to have key collisions between
223 223 * e.g. the string "1" and the number 1, or the string "true" and the
224 224 * boolean true, so we explicitly check that when we're looking at a
225 225 * key which is an integer / boolean or a string that can be parsed as
226 226 * one of those types. In the worst case this could still devolve into
227 227 * O(n^2), so we only start doing these checks on boolean/integer keys
228 228 * once we've seen a string key which fits this weird usage pattern.
229 229 *
230 230 * Ultimately, we still want callers to know that the keys in this
231 231 * nvlist are unique, so before we return this we set the nvlist's
232 232 * flags to reflect that.
233 233 */
234 234 VERIFY0(nvlist_alloc(&nvl, 0, KM_SLEEP));
235 235
236 236 /*
237 237 * Push an empty stack slot where lua_next() will store each
238 238 * table key.
239 239 */
240 240 lua_pushnil(state);
241 241 boolean_t saw_str_could_collide = B_FALSE;
242 242 while (lua_next(state, index) != 0) {
243 243 /*
244 244 * The next key-value pair from the table at index is
245 245 * now on the stack, with the key at stack slot -2 and
246 246 * the value at slot -1.
247 247 */
248 248 int err = 0;
249 249 char buf[32];
250 250 const char *key = NULL;
251 251 boolean_t key_could_collide = B_FALSE;
252 252
253 253 switch (lua_type(state, -2)) {
254 254 case LUA_TSTRING:
255 255 key = lua_tostring(state, -2);
256 256
257 257 /* check if this could collide with a number or bool */
258 258 long long tmp;
259 259 int parselen;
260 260 if ((sscanf(key, "%lld%n", &tmp, &parselen) > 0 &&
261 261 parselen == strlen(key)) ||
262 262 strcmp(key, "true") == 0 ||
263 263 strcmp(key, "false") == 0) {
264 264 key_could_collide = B_TRUE;
265 265 saw_str_could_collide = B_TRUE;
266 266 }
267 267 break;
268 268 case LUA_TBOOLEAN:
269 269 key = (lua_toboolean(state, -2) == B_TRUE ?
270 270 "true" : "false");
271 271 if (saw_str_could_collide) {
272 272 key_could_collide = B_TRUE;
273 273 }
274 274 break;
275 275 case LUA_TNUMBER:
276 276 VERIFY3U(sizeof (buf), >,
277 277 snprintf(buf, sizeof (buf), "%lld",
278 278 (longlong_t)lua_tonumber(state, -2)));
279 279 key = buf;
280 280 if (saw_str_could_collide) {
281 281 key_could_collide = B_TRUE;
282 282 }
283 283 break;
284 284 default:
285 285 fnvlist_free(nvl);
286 286 (void) lua_pushfstring(state, "Invalid key "
287 287 "type '%s' in table",
288 288 lua_typename(state, lua_type(state, -2)));
289 289 return (NULL);
290 290 }
291 291 /*
292 292 * Check for type-mismatched key collisions, and throw an error.
293 293 */
294 294 if (key_could_collide && nvlist_exists(nvl, key)) {
295 295 fnvlist_free(nvl);
296 296 (void) lua_pushfstring(state, "Collision of "
297 297 "key '%s' in table", key);
298 298 return (NULL);
299 299 }
300 300 /*
301 301 * Recursively convert the table value and insert into
302 302 * the new nvlist with the parsed key. To prevent
303 303 * stack overflow on circular or heavily nested tables,
304 304 * we track the current nvlist depth.
305 305 */
306 306 if (depth >= ZCP_NVLIST_MAX_DEPTH) {
307 307 fnvlist_free(nvl);
308 308 (void) lua_pushfstring(state, "Maximum table "
309 309 "depth (%d) exceeded for table",
310 310 ZCP_NVLIST_MAX_DEPTH);
311 311 return (NULL);
312 312 }
313 313 err = zcp_lua_to_nvlist_impl(state, -1, nvl, key,
314 314 depth + 1);
315 315 if (err != 0) {
316 316 fnvlist_free(nvl);
317 317 /*
318 318 * Error message has been pushed to the lua
319 319 * stack by the recursive call.
320 320 */
321 321 return (NULL);
322 322 }
323 323 /*
324 324 * Pop the value pushed by lua_next().
325 325 */
326 326 lua_pop(state, 1);
327 327 }
328 328
329 329 /*
330 330 * Mark the nvlist as having unique keys. This is a little ugly, but we
331 331 * ensured above that there are no duplicate keys in the nvlist.
332 332 */
333 333 nvl->nvl_nvflag |= NV_UNIQUE_NAME;
334 334
335 335 return (nvl);
336 336 }
337 337
338 338 /*
339 339 * Convert a value from the given index into the lua stack to an nvpair, adding
340 340 * it to an nvlist with the given key.
341 341 *
342 342 * Values are converted as follows:
343 343 *
344 344 * string -> string
345 345 * number -> int64
346 346 * boolean -> boolean
347 347 * nil -> boolean (no value)
348 348 *
349 349 * Lua tables are converted to nvlists and then inserted. The table's keys
350 350 * are converted to strings then used as keys in the nvlist to store each table
351 351 * element. Keys are converted as follows:
352 352 *
353 353 * string -> no change
354 354 * number -> "%lld"
355 355 * boolean -> "true" | "false"
356 356 * nil -> error
357 357 *
358 358 * In the case of a key collision, an error is thrown.
359 359 *
360 360 * If an error is encountered, a nonzero error code is returned, and an error
361 361 * string will be pushed onto the Lua stack.
362 362 */
363 363 static int
364 364 zcp_lua_to_nvlist_impl(lua_State *state, int index, nvlist_t *nvl,
365 365 const char *key, int depth)
366 366 {
367 367 /*
368 368 * Verify that we have enough remaining space in the lua stack to parse
369 369 * a key-value pair and push an error.
370 370 */
371 371 if (!lua_checkstack(state, 3)) {
372 372 (void) lua_pushstring(state, "Lua stack overflow");
373 373 return (1);
374 374 }
375 375
376 376 index = lua_absindex(state, index);
377 377
378 378 switch (lua_type(state, index)) {
379 379 case LUA_TNIL:
380 380 fnvlist_add_boolean(nvl, key);
381 381 break;
382 382 case LUA_TBOOLEAN:
383 383 fnvlist_add_boolean_value(nvl, key,
384 384 lua_toboolean(state, index));
385 385 break;
386 386 case LUA_TNUMBER:
387 387 fnvlist_add_int64(nvl, key, lua_tonumber(state, index));
388 388 break;
389 389 case LUA_TSTRING:
390 390 fnvlist_add_string(nvl, key, lua_tostring(state, index));
391 391 break;
392 392 case LUA_TTABLE: {
393 393 nvlist_t *value_nvl = zcp_table_to_nvlist(state, index, depth);
394 394 if (value_nvl == NULL)
395 395 return (EINVAL);
396 396
397 397 fnvlist_add_nvlist(nvl, key, value_nvl);
398 398 fnvlist_free(value_nvl);
399 399 break;
400 400 }
401 401 default:
402 402 (void) lua_pushfstring(state,
403 403 "Invalid value type '%s' for key '%s'",
404 404 lua_typename(state, lua_type(state, index)), key);
405 405 return (EINVAL);
406 406 }
407 407
408 408 return (0);
409 409 }
410 410
411 411 /*
412 412 * Convert a lua value to an nvpair, adding it to an nvlist with the given key.
413 413 */
414 414 static void
415 415 zcp_lua_to_nvlist(lua_State *state, int index, nvlist_t *nvl, const char *key)
416 416 {
417 417 /*
418 418 * On error, zcp_lua_to_nvlist_impl pushes an error string onto the Lua
419 419 * stack before returning with a nonzero error code. If an error is
420 420 * returned, throw a fatal lua error with the given string.
421 421 */
422 422 if (zcp_lua_to_nvlist_impl(state, index, nvl, key, 0) != 0)
423 423 (void) lua_error(state);
424 424 }
425 425
426 426 static int
427 427 zcp_lua_to_nvlist_helper(lua_State *state)
428 428 {
429 429 nvlist_t *nv = (nvlist_t *)lua_touserdata(state, 2);
430 430 const char *key = (const char *)lua_touserdata(state, 1);
431 431 zcp_lua_to_nvlist(state, 3, nv, key);
432 432 return (0);
433 433 }
434 434
435 435 static void
436 436 zcp_convert_return_values(lua_State *state, nvlist_t *nvl,
437 437 const char *key, int *result)
438 438 {
439 439 int err;
440 440 VERIFY3U(1, ==, lua_gettop(state));
441 441 lua_pushcfunction(state, zcp_lua_to_nvlist_helper);
442 442 lua_pushlightuserdata(state, (char *)key);
443 443 lua_pushlightuserdata(state, nvl);
444 444 lua_pushvalue(state, 1);
445 445 lua_remove(state, 1);
446 446 err = lua_pcall(state, 3, 0, 0); /* zcp_lua_to_nvlist_helper */
447 447 if (err != 0) {
448 448 zcp_lua_to_nvlist(state, 1, nvl, ZCP_RET_ERROR);
449 449 *result = SET_ERROR(ECHRNG);
450 450 }
451 451 }
452 452
453 453 /*
454 454 * Push a Lua table representing nvl onto the stack. If it can't be
455 455 * converted, return EINVAL, fill in errbuf, and push nothing. errbuf may
456 456 * be specified as NULL, in which case no error string will be output.
457 457 *
458 458 * Most nvlists are converted as simple key->value Lua tables, but we make
459 459 * an exception for the case where all nvlist entries are BOOLEANs (a string
460 460 * key without a value). In Lua, a table key pointing to a value of Nil
461 461 * (no value) is equivalent to the key not existing, so a BOOLEAN nvlist
462 462 * entry can't be directly converted to a Lua table entry. Nvlists of entirely
463 463 * BOOLEAN entries are frequently used to pass around lists of datasets, so for
464 464 * convenience we check for this case, and convert it to a simple Lua array of
465 465 * strings.
466 466 */
467 467 int
468 468 zcp_nvlist_to_lua(lua_State *state, nvlist_t *nvl,
469 469 char *errbuf, int errbuf_len)
470 470 {
471 471 nvpair_t *pair;
472 472 lua_newtable(state);
473 473 boolean_t has_values = B_FALSE;
474 474 /*
475 475 * If the list doesn't have any values, just convert it to a string
476 476 * array.
477 477 */
478 478 for (pair = nvlist_next_nvpair(nvl, NULL);
479 479 pair != NULL; pair = nvlist_next_nvpair(nvl, pair)) {
480 480 if (nvpair_type(pair) != DATA_TYPE_BOOLEAN) {
481 481 has_values = B_TRUE;
482 482 break;
483 483 }
484 484 }
485 485 if (!has_values) {
486 486 int i = 1;
487 487 for (pair = nvlist_next_nvpair(nvl, NULL);
488 488 pair != NULL; pair = nvlist_next_nvpair(nvl, pair)) {
489 489 (void) lua_pushinteger(state, i);
490 490 (void) lua_pushstring(state, nvpair_name(pair));
491 491 (void) lua_settable(state, -3);
492 492 i++;
493 493 }
494 494 } else {
495 495 for (pair = nvlist_next_nvpair(nvl, NULL);
496 496 pair != NULL; pair = nvlist_next_nvpair(nvl, pair)) {
497 497 int err = zcp_nvpair_value_to_lua(state, pair,
498 498 errbuf, errbuf_len);
499 499 if (err != 0) {
500 500 lua_pop(state, 1);
501 501 return (err);
502 502 }
503 503 (void) lua_setfield(state, -2, nvpair_name(pair));
504 504 }
505 505 }
506 506 return (0);
507 507 }
508 508
509 509 /*
510 510 * Push a Lua object representing the value of "pair" onto the stack.
511 511 *
512 512 * Only understands boolean_value, string, int64, nvlist,
513 513 * string_array, and int64_array type values. For other
514 514 * types, returns EINVAL, fills in errbuf, and pushes nothing.
515 515 */
516 516 static int
517 517 zcp_nvpair_value_to_lua(lua_State *state, nvpair_t *pair,
518 518 char *errbuf, int errbuf_len)
519 519 {
520 520 int err = 0;
521 521
522 522 if (pair == NULL) {
523 523 lua_pushnil(state);
524 524 return (0);
525 525 }
526 526
527 527 switch (nvpair_type(pair)) {
528 528 case DATA_TYPE_BOOLEAN_VALUE:
529 529 (void) lua_pushboolean(state,
530 530 fnvpair_value_boolean_value(pair));
531 531 break;
532 532 case DATA_TYPE_STRING:
533 533 (void) lua_pushstring(state, fnvpair_value_string(pair));
534 534 break;
535 535 case DATA_TYPE_INT64:
536 536 (void) lua_pushinteger(state, fnvpair_value_int64(pair));
537 537 break;
538 538 case DATA_TYPE_NVLIST:
539 539 err = zcp_nvlist_to_lua(state,
540 540 fnvpair_value_nvlist(pair), errbuf, errbuf_len);
541 541 break;
542 542 case DATA_TYPE_STRING_ARRAY: {
543 543 char **strarr;
544 544 uint_t nelem;
545 545 (void) nvpair_value_string_array(pair, &strarr, &nelem);
546 546 lua_newtable(state);
547 547 for (int i = 0; i < nelem; i++) {
548 548 (void) lua_pushinteger(state, i + 1);
549 549 (void) lua_pushstring(state, strarr[i]);
550 550 (void) lua_settable(state, -3);
551 551 }
552 552 break;
553 553 }
554 554 case DATA_TYPE_UINT64_ARRAY: {
555 555 uint64_t *intarr;
556 556 uint_t nelem;
557 557 (void) nvpair_value_uint64_array(pair, &intarr, &nelem);
558 558 lua_newtable(state);
559 559 for (int i = 0; i < nelem; i++) {
560 560 (void) lua_pushinteger(state, i + 1);
561 561 (void) lua_pushinteger(state, intarr[i]);
562 562 (void) lua_settable(state, -3);
563 563 }
564 564 break;
565 565 }
566 566 case DATA_TYPE_INT64_ARRAY: {
567 567 int64_t *intarr;
568 568 uint_t nelem;
569 569 (void) nvpair_value_int64_array(pair, &intarr, &nelem);
570 570 lua_newtable(state);
571 571 for (int i = 0; i < nelem; i++) {
572 572 (void) lua_pushinteger(state, i + 1);
573 573 (void) lua_pushinteger(state, intarr[i]);
574 574 (void) lua_settable(state, -3);
575 575 }
576 576 break;
577 577 }
578 578 default: {
579 579 if (errbuf != NULL) {
580 580 (void) snprintf(errbuf, errbuf_len,
581 581 "Unhandled nvpair type %d for key '%s'",
582 582 nvpair_type(pair), nvpair_name(pair));
583 583 }
584 584 return (EINVAL);
585 585 }
586 586 }
587 587 return (err);
588 588 }
589 589
590 590 int
591 591 zcp_dataset_hold_error(lua_State *state, dsl_pool_t *dp, const char *dsname,
592 592 int error)
593 593 {
594 594 if (error == ENOENT) {
595 595 (void) zcp_argerror(state, 1, "no such dataset '%s'", dsname);
596 596 return (0); /* not reached; zcp_argerror will longjmp */
597 597 } else if (error == EXDEV) {
598 598 (void) zcp_argerror(state, 1,
599 599 "dataset '%s' is not in the target pool '%s'",
600 600 dsname, spa_name(dp->dp_spa));
601 601 return (0); /* not reached; zcp_argerror will longjmp */
602 602 } else if (error == EIO) {
603 603 (void) luaL_error(state,
604 604 "I/O error while accessing dataset '%s'", dsname);
605 605 return (0); /* not reached; luaL_error will longjmp */
606 606 } else if (error != 0) {
607 607 (void) luaL_error(state,
608 608 "unexpected error %d while accessing dataset '%s'",
609 609 error, dsname);
610 610 return (0); /* not reached; luaL_error will longjmp */
611 611 }
612 612 return (0);
613 613 }
614 614
615 615 /*
616 616 * Note: will longjmp (via lua_error()) on error.
617 617 * Assumes that the dsname is argument #1 (for error reporting purposes).
618 618 */
619 619 dsl_dataset_t *
620 620 zcp_dataset_hold(lua_State *state, dsl_pool_t *dp, const char *dsname,
621 621 void *tag)
622 622 {
623 623 dsl_dataset_t *ds;
624 624 int error = dsl_dataset_hold(dp, dsname, tag, &ds);
625 625 (void) zcp_dataset_hold_error(state, dp, dsname, error);
626 626 return (ds);
627 627 }
628 628
629 629 static int zcp_debug(lua_State *);
630 630 static zcp_lib_info_t zcp_debug_info = {
631 631 .name = "debug",
632 632 .func = zcp_debug,
633 633 .pargs = {
634 634 { .za_name = "debug string", .za_lua_type = LUA_TSTRING},
635 635 {NULL, 0}
636 636 },
637 637 .kwargs = {
638 638 {NULL, 0}
639 639 }
640 640 };
641 641
642 642 static int
643 643 zcp_debug(lua_State *state)
644 644 {
645 645 const char *dbgstring;
646 646 zcp_run_info_t *ri = zcp_run_info(state);
647 647 zcp_lib_info_t *libinfo = &zcp_debug_info;
648 648
649 649 zcp_parse_args(state, libinfo->name, libinfo->pargs, libinfo->kwargs);
650 650
651 651 dbgstring = lua_tostring(state, 1);
652 652
653 653 zfs_dbgmsg("txg %lld ZCP: %s", ri->zri_tx->tx_txg, dbgstring);
654 654
655 655 return (0);
656 656 }
657 657
658 658 static int zcp_exists(lua_State *);
659 659 static zcp_lib_info_t zcp_exists_info = {
660 660 .name = "exists",
661 661 .func = zcp_exists,
662 662 .pargs = {
663 663 { .za_name = "dataset", .za_lua_type = LUA_TSTRING},
664 664 {NULL, 0}
665 665 },
666 666 .kwargs = {
667 667 {NULL, 0}
668 668 }
669 669 };
670 670
671 671 static int
672 672 zcp_exists(lua_State *state)
673 673 {
674 674 zcp_run_info_t *ri = zcp_run_info(state);
675 675 dsl_pool_t *dp = ri->zri_pool;
676 676 zcp_lib_info_t *libinfo = &zcp_exists_info;
677 677
678 678 zcp_parse_args(state, libinfo->name, libinfo->pargs, libinfo->kwargs);
679 679
680 680 const char *dsname = lua_tostring(state, 1);
681 681
682 682 dsl_dataset_t *ds;
683 683 int error = dsl_dataset_hold(dp, dsname, FTAG, &ds);
684 684 if (error == 0) {
685 685 dsl_dataset_rele(ds, FTAG);
686 686 lua_pushboolean(state, B_TRUE);
687 687 } else if (error == ENOENT) {
688 688 lua_pushboolean(state, B_FALSE);
689 689 } else if (error == EXDEV) {
690 690 return (luaL_error(state, "dataset '%s' is not in the "
691 691 "target pool", dsname));
692 692 } else if (error == EIO) {
693 693 return (luaL_error(state, "I/O error opening dataset '%s'",
694 694 dsname));
695 695 } else if (error != 0) {
696 696 return (luaL_error(state, "unexpected error %d", error));
697 697 }
698 698
699 699 return (1);
700 700 }
701 701
702 702 /*
703 703 * Allocate/realloc/free a buffer for the lua interpreter.
704 704 *
705 705 * When nsize is 0, behaves as free() and returns NULL.
706 706 *
707 707 * If ptr is NULL, behaves as malloc() and returns an allocated buffer of size
708 708 * at least nsize.
709 709 *
710 710 * Otherwise, behaves as realloc(), changing the allocation from osize to nsize.
|
↓ open down ↓ |
710 lines elided |
↑ open up ↑ |
711 711 * Shrinking the buffer size never fails.
712 712 *
713 713 * The original allocated buffer size is stored as a uint64 at the beginning of
714 714 * the buffer to avoid actually reallocating when shrinking a buffer, since lua
715 715 * requires that this operation never fail.
716 716 */
717 717 static void *
718 718 zcp_lua_alloc(void *ud, void *ptr, size_t osize, size_t nsize)
719 719 {
720 720 zcp_alloc_arg_t *allocargs = ud;
721 - int flags = (allocargs->aa_must_succeed) ?
722 - KM_SLEEP : (KM_NOSLEEP | KM_NORMALPRI);
721 + int flags = (allocargs->aa_must_succeed) ? KM_SLEEP : KM_NOSLEEP_LAZY;
723 722
724 723 if (nsize == 0) {
725 724 if (ptr != NULL) {
726 725 int64_t *allocbuf = (int64_t *)ptr - 1;
727 726 int64_t allocsize = *allocbuf;
728 727 ASSERT3S(allocsize, >, 0);
729 728 ASSERT3S(allocargs->aa_alloc_remaining + allocsize, <=,
730 729 allocargs->aa_alloc_limit);
731 730 allocargs->aa_alloc_remaining += allocsize;
732 731 kmem_free(allocbuf, allocsize);
733 732 }
734 733 return (NULL);
735 734 } else if (ptr == NULL) {
736 735 int64_t *allocbuf;
737 736 int64_t allocsize = nsize + sizeof (int64_t);
738 737
739 738 if (!allocargs->aa_must_succeed &&
740 739 (allocsize <= 0 ||
741 740 allocsize > allocargs->aa_alloc_remaining)) {
742 741 return (NULL);
743 742 }
744 743
745 744 allocbuf = kmem_alloc(allocsize, flags);
746 745 if (allocbuf == NULL) {
747 746 return (NULL);
748 747 }
749 748 allocargs->aa_alloc_remaining -= allocsize;
750 749
751 750 *allocbuf = allocsize;
752 751 return (allocbuf + 1);
753 752 } else if (nsize <= osize) {
754 753 /*
755 754 * If shrinking the buffer, lua requires that the reallocation
756 755 * never fail.
757 756 */
758 757 return (ptr);
759 758 } else {
760 759 ASSERT3U(nsize, >, osize);
761 760
762 761 uint64_t *luabuf = zcp_lua_alloc(ud, NULL, 0, nsize);
763 762 if (luabuf == NULL) {
764 763 return (NULL);
765 764 }
766 765 (void) memcpy(luabuf, ptr, osize);
767 766 VERIFY3P(zcp_lua_alloc(ud, ptr, osize, 0), ==, NULL);
768 767 return (luabuf);
769 768 }
770 769 }
771 770
772 771 /* ARGSUSED */
773 772 static void
774 773 zcp_lua_counthook(lua_State *state, lua_Debug *ar)
775 774 {
776 775 lua_getfield(state, LUA_REGISTRYINDEX, ZCP_RUN_INFO_KEY);
777 776 zcp_run_info_t *ri = lua_touserdata(state, -1);
778 777
779 778 /*
780 779 * Check if we were canceled while waiting for the
781 780 * txg to sync or from our open context thread
782 781 */
783 782 if (ri->zri_canceled ||
784 783 (!ri->zri_sync && issig(JUSTLOOKING) && issig(FORREAL))) {
785 784 ri->zri_canceled = B_TRUE;
786 785 (void) lua_pushstring(state, "Channel program was canceled.");
787 786 (void) lua_error(state);
788 787 }
789 788
790 789 /*
791 790 * Check how many instructions the channel program has
792 791 * executed so far, and compare against the limit.
793 792 */
794 793 ri->zri_curinstrs += zfs_lua_check_instrlimit_interval;
795 794 if (ri->zri_maxinstrs != 0 && ri->zri_curinstrs > ri->zri_maxinstrs) {
796 795 ri->zri_timed_out = B_TRUE;
797 796 (void) lua_pushstring(state,
798 797 "Channel program timed out.");
799 798 (void) lua_error(state);
800 799 }
801 800 }
802 801
803 802 static int
804 803 zcp_panic_cb(lua_State *state)
805 804 {
806 805 panic("unprotected error in call to Lua API (%s)\n",
807 806 lua_tostring(state, -1));
808 807 return (0);
809 808 }
810 809
811 810 static void
812 811 zcp_eval_impl(dmu_tx_t *tx, zcp_run_info_t *ri)
813 812 {
814 813 int err;
815 814 lua_State *state = ri->zri_state;
816 815
817 816 VERIFY3U(3, ==, lua_gettop(state));
818 817
819 818 /* finish initializing our runtime state */
820 819 ri->zri_pool = dmu_tx_pool(tx);
821 820 ri->zri_tx = tx;
822 821 list_create(&ri->zri_cleanup_handlers, sizeof (zcp_cleanup_handler_t),
823 822 offsetof(zcp_cleanup_handler_t, zch_node));
824 823
825 824 /*
826 825 * Store the zcp_run_info_t struct for this run in the Lua registry.
827 826 * Registry entries are not directly accessible by the Lua scripts but
828 827 * can be accessed by our callbacks.
829 828 */
830 829 lua_pushlightuserdata(state, ri);
831 830 lua_setfield(state, LUA_REGISTRYINDEX, ZCP_RUN_INFO_KEY);
832 831 VERIFY3U(3, ==, lua_gettop(state));
833 832
834 833 /*
835 834 * Tell the Lua interpreter to call our handler every count
836 835 * instructions. Channel programs that execute too many instructions
837 836 * should die with ETIME.
838 837 */
839 838 (void) lua_sethook(state, zcp_lua_counthook, LUA_MASKCOUNT,
840 839 zfs_lua_check_instrlimit_interval);
841 840
842 841 /*
843 842 * Tell the Lua memory allocator to stop using KM_SLEEP before handing
844 843 * off control to the channel program. Channel programs that use too
845 844 * much memory should die with ENOSPC.
846 845 */
847 846 ri->zri_allocargs->aa_must_succeed = B_FALSE;
848 847
849 848 /*
850 849 * Call the Lua function that open-context passed us. This pops the
851 850 * function and its input from the stack and pushes any return
852 851 * or error values.
853 852 */
854 853 err = lua_pcall(state, 1, LUA_MULTRET, 1);
855 854
856 855 /*
857 856 * Let Lua use KM_SLEEP while we interpret the return values.
858 857 */
859 858 ri->zri_allocargs->aa_must_succeed = B_TRUE;
860 859
861 860 /*
862 861 * Remove the error handler callback from the stack. At this point,
863 862 * there shouldn't be any cleanup handler registered in the handler
864 863 * list (zri_cleanup_handlers), regardless of whether it ran or not.
865 864 */
866 865 list_destroy(&ri->zri_cleanup_handlers);
867 866 lua_remove(state, 1);
868 867
869 868 switch (err) {
870 869 case LUA_OK: {
871 870 /*
872 871 * Lua supports returning multiple values in a single return
873 872 * statement. Return values will have been pushed onto the
874 873 * stack:
875 874 * 1: Return value 1
876 875 * 2: Return value 2
877 876 * 3: etc...
878 877 * To simplify the process of retrieving a return value from a
879 878 * channel program, we disallow returning more than one value
880 879 * to ZFS from the Lua script, yielding a singleton return
881 880 * nvlist of the form { "return": Return value 1 }.
882 881 */
883 882 int return_count = lua_gettop(state);
884 883
885 884 if (return_count == 1) {
886 885 ri->zri_result = 0;
887 886 zcp_convert_return_values(state, ri->zri_outnvl,
888 887 ZCP_RET_RETURN, &ri->zri_result);
889 888 } else if (return_count > 1) {
890 889 ri->zri_result = SET_ERROR(ECHRNG);
891 890 lua_settop(state, 0);
892 891 (void) lua_pushfstring(state, "Multiple return "
893 892 "values not supported");
894 893 zcp_convert_return_values(state, ri->zri_outnvl,
895 894 ZCP_RET_ERROR, &ri->zri_result);
896 895 }
897 896 break;
898 897 }
899 898 case LUA_ERRRUN:
900 899 case LUA_ERRGCMM: {
901 900 /*
902 901 * The channel program encountered a fatal error within the
903 902 * script, such as failing an assertion, or calling a function
904 903 * with incompatible arguments. The error value and the
905 904 * traceback generated by zcp_error_handler() should be on the
906 905 * stack.
907 906 */
908 907 VERIFY3U(1, ==, lua_gettop(state));
909 908 if (ri->zri_timed_out) {
910 909 ri->zri_result = SET_ERROR(ETIME);
911 910 } else if (ri->zri_canceled) {
912 911 ri->zri_result = SET_ERROR(EINTR);
913 912 } else {
914 913 ri->zri_result = SET_ERROR(ECHRNG);
915 914 }
916 915
917 916 zcp_convert_return_values(state, ri->zri_outnvl,
918 917 ZCP_RET_ERROR, &ri->zri_result);
919 918 break;
920 919 }
921 920 case LUA_ERRERR: {
922 921 /*
923 922 * The channel program encountered a fatal error within the
924 923 * script, and we encountered another error while trying to
925 924 * compute the traceback in zcp_error_handler(). We can only
926 925 * return the error message.
927 926 */
928 927 VERIFY3U(1, ==, lua_gettop(state));
929 928 if (ri->zri_timed_out) {
930 929 ri->zri_result = SET_ERROR(ETIME);
931 930 } else if (ri->zri_canceled) {
932 931 ri->zri_result = SET_ERROR(EINTR);
933 932 } else {
934 933 ri->zri_result = SET_ERROR(ECHRNG);
935 934 }
936 935
937 936 zcp_convert_return_values(state, ri->zri_outnvl,
938 937 ZCP_RET_ERROR, &ri->zri_result);
939 938 break;
940 939 }
941 940 case LUA_ERRMEM:
942 941 /*
943 942 * Lua ran out of memory while running the channel program.
944 943 * There's not much we can do.
945 944 */
946 945 ri->zri_result = SET_ERROR(ENOSPC);
947 946 break;
948 947 default:
949 948 VERIFY0(err);
950 949 }
951 950 }
952 951
953 952 static void
954 953 zcp_pool_error(zcp_run_info_t *ri, const char *poolname)
955 954 {
956 955 ri->zri_result = SET_ERROR(ECHRNG);
957 956 lua_settop(ri->zri_state, 0);
958 957 (void) lua_pushfstring(ri->zri_state, "Could not open pool: %s",
959 958 poolname);
960 959 zcp_convert_return_values(ri->zri_state, ri->zri_outnvl,
961 960 ZCP_RET_ERROR, &ri->zri_result);
962 961
963 962 }
964 963
965 964 /*
966 965 * This callback is called when txg_wait_synced_sig encountered a signal.
967 966 * The txg_wait_synced_sig will continue to wait for the txg to complete
968 967 * after calling this callback.
969 968 */
970 969 /* ARGSUSED */
971 970 static void
972 971 zcp_eval_sig(void *arg, dmu_tx_t *tx)
973 972 {
974 973 zcp_run_info_t *ri = arg;
975 974
976 975 ri->zri_canceled = B_TRUE;
977 976 }
978 977
979 978 static void
980 979 zcp_eval_sync(void *arg, dmu_tx_t *tx)
981 980 {
982 981 zcp_run_info_t *ri = arg;
983 982
984 983 /*
985 984 * Open context should have setup the stack to contain:
986 985 * 1: Error handler callback
987 986 * 2: Script to run (converted to a Lua function)
988 987 * 3: nvlist input to function (converted to Lua table or nil)
989 988 */
990 989 VERIFY3U(3, ==, lua_gettop(ri->zri_state));
991 990
992 991 zcp_eval_impl(tx, ri);
993 992 }
994 993
995 994 static void
996 995 zcp_eval_open(zcp_run_info_t *ri, const char *poolname)
997 996 {
998 997 int error;
999 998 dsl_pool_t *dp;
1000 999 dmu_tx_t *tx;
1001 1000
1002 1001 /*
1003 1002 * See comment from the same assertion in zcp_eval_sync().
1004 1003 */
1005 1004 VERIFY3U(3, ==, lua_gettop(ri->zri_state));
1006 1005
1007 1006 error = dsl_pool_hold(poolname, FTAG, &dp);
1008 1007 if (error != 0) {
1009 1008 zcp_pool_error(ri, poolname);
1010 1009 return;
1011 1010 }
1012 1011
1013 1012 /*
1014 1013 * As we are running in open-context, we have no transaction associated
1015 1014 * with the channel program. At the same time, functions from the
1016 1015 * zfs.check submodule need to be associated with a transaction as
1017 1016 * they are basically dry-runs of their counterparts in the zfs.sync
1018 1017 * submodule. These functions should be able to run in open-context.
1019 1018 * Therefore we create a new transaction that we later abort once
1020 1019 * the channel program has been evaluated.
1021 1020 */
1022 1021 tx = dmu_tx_create_dd(dp->dp_mos_dir);
1023 1022
1024 1023 zcp_eval_impl(tx, ri);
1025 1024
1026 1025 dmu_tx_abort(tx);
1027 1026
1028 1027 dsl_pool_rele(dp, FTAG);
1029 1028 }
1030 1029
1031 1030 int
1032 1031 zcp_eval(const char *poolname, const char *program, boolean_t sync,
1033 1032 uint64_t instrlimit, uint64_t memlimit, nvpair_t *nvarg, nvlist_t *outnvl)
1034 1033 {
1035 1034 int err;
1036 1035 lua_State *state;
1037 1036 zcp_run_info_t runinfo;
1038 1037
1039 1038 if (instrlimit > zfs_lua_max_instrlimit)
1040 1039 return (SET_ERROR(EINVAL));
1041 1040 if (memlimit == 0 || memlimit > zfs_lua_max_memlimit)
1042 1041 return (SET_ERROR(EINVAL));
1043 1042
1044 1043 zcp_alloc_arg_t allocargs = {
1045 1044 .aa_must_succeed = B_TRUE,
1046 1045 .aa_alloc_remaining = (int64_t)memlimit,
1047 1046 .aa_alloc_limit = (int64_t)memlimit,
1048 1047 };
1049 1048
1050 1049 /*
1051 1050 * Creates a Lua state with a memory allocator that uses KM_SLEEP.
1052 1051 * This should never fail.
1053 1052 */
1054 1053 state = lua_newstate(zcp_lua_alloc, &allocargs);
1055 1054 VERIFY(state != NULL);
1056 1055 (void) lua_atpanic(state, zcp_panic_cb);
1057 1056
1058 1057 /*
1059 1058 * Load core Lua libraries we want access to.
1060 1059 */
1061 1060 VERIFY3U(1, ==, luaopen_base(state));
1062 1061 lua_pop(state, 1);
1063 1062 VERIFY3U(1, ==, luaopen_coroutine(state));
1064 1063 lua_setglobal(state, LUA_COLIBNAME);
1065 1064 VERIFY0(lua_gettop(state));
1066 1065 VERIFY3U(1, ==, luaopen_string(state));
1067 1066 lua_setglobal(state, LUA_STRLIBNAME);
1068 1067 VERIFY0(lua_gettop(state));
1069 1068 VERIFY3U(1, ==, luaopen_table(state));
1070 1069 lua_setglobal(state, LUA_TABLIBNAME);
1071 1070 VERIFY0(lua_gettop(state));
1072 1071
1073 1072 /*
1074 1073 * Load globally visible variables such as errno aliases.
1075 1074 */
1076 1075 zcp_load_globals(state);
1077 1076 VERIFY0(lua_gettop(state));
1078 1077
1079 1078 /*
1080 1079 * Load ZFS-specific modules.
1081 1080 */
1082 1081 lua_newtable(state);
1083 1082 VERIFY3U(1, ==, zcp_load_list_lib(state));
1084 1083 lua_setfield(state, -2, "list");
1085 1084 VERIFY3U(1, ==, zcp_load_synctask_lib(state, B_FALSE));
1086 1085 lua_setfield(state, -2, "check");
1087 1086 VERIFY3U(1, ==, zcp_load_synctask_lib(state, B_TRUE));
1088 1087 lua_setfield(state, -2, "sync");
1089 1088 VERIFY3U(1, ==, zcp_load_get_lib(state));
1090 1089 lua_pushcclosure(state, zcp_debug_info.func, 0);
1091 1090 lua_setfield(state, -2, zcp_debug_info.name);
1092 1091 lua_pushcclosure(state, zcp_exists_info.func, 0);
1093 1092 lua_setfield(state, -2, zcp_exists_info.name);
1094 1093 lua_setglobal(state, "zfs");
1095 1094 VERIFY0(lua_gettop(state));
1096 1095
1097 1096 /*
1098 1097 * Push the error-callback that calculates Lua stack traces on
1099 1098 * unexpected failures.
1100 1099 */
1101 1100 lua_pushcfunction(state, zcp_error_handler);
1102 1101 VERIFY3U(1, ==, lua_gettop(state));
1103 1102
1104 1103 /*
1105 1104 * Load the actual script as a function onto the stack as text ("t").
1106 1105 * The only valid error condition is a syntax error in the script.
1107 1106 * ERRMEM should not be possible because our allocator is using
1108 1107 * KM_SLEEP. ERRGCMM should not be possible because we have not added
1109 1108 * any objects with __gc metamethods to the interpreter that could
1110 1109 * fail.
1111 1110 */
1112 1111 err = luaL_loadbufferx(state, program, strlen(program),
1113 1112 "channel program", "t");
1114 1113 if (err == LUA_ERRSYNTAX) {
1115 1114 fnvlist_add_string(outnvl, ZCP_RET_ERROR,
1116 1115 lua_tostring(state, -1));
1117 1116 lua_close(state);
1118 1117 return (SET_ERROR(EINVAL));
1119 1118 }
1120 1119 VERIFY0(err);
1121 1120 VERIFY3U(2, ==, lua_gettop(state));
1122 1121
1123 1122 /*
1124 1123 * Convert the input nvlist to a Lua object and put it on top of the
1125 1124 * stack.
1126 1125 */
1127 1126 char errmsg[128];
1128 1127 err = zcp_nvpair_value_to_lua(state, nvarg,
1129 1128 errmsg, sizeof (errmsg));
1130 1129 if (err != 0) {
1131 1130 fnvlist_add_string(outnvl, ZCP_RET_ERROR, errmsg);
1132 1131 lua_close(state);
1133 1132 return (SET_ERROR(EINVAL));
1134 1133 }
1135 1134 VERIFY3U(3, ==, lua_gettop(state));
1136 1135
1137 1136 runinfo.zri_state = state;
1138 1137 runinfo.zri_allocargs = &allocargs;
1139 1138 runinfo.zri_outnvl = outnvl;
1140 1139 runinfo.zri_result = 0;
1141 1140 runinfo.zri_cred = CRED();
1142 1141 runinfo.zri_timed_out = B_FALSE;
1143 1142 runinfo.zri_canceled = B_FALSE;
1144 1143 runinfo.zri_sync = sync;
1145 1144 runinfo.zri_space_used = 0;
1146 1145 runinfo.zri_curinstrs = 0;
1147 1146 runinfo.zri_maxinstrs = instrlimit;
1148 1147
1149 1148 if (sync) {
1150 1149 err = dsl_sync_task_sig(poolname, NULL, zcp_eval_sync,
1151 1150 zcp_eval_sig, &runinfo, 0, ZFS_SPACE_CHECK_ZCP_EVAL);
1152 1151 if (err != 0)
1153 1152 zcp_pool_error(&runinfo, poolname);
1154 1153 } else {
1155 1154 zcp_eval_open(&runinfo, poolname);
1156 1155 }
1157 1156 lua_close(state);
1158 1157
1159 1158 return (runinfo.zri_result);
1160 1159 }
1161 1160
1162 1161 /*
1163 1162 * Retrieve metadata about the currently running channel program.
1164 1163 */
1165 1164 zcp_run_info_t *
1166 1165 zcp_run_info(lua_State *state)
1167 1166 {
1168 1167 zcp_run_info_t *ri;
1169 1168
1170 1169 lua_getfield(state, LUA_REGISTRYINDEX, ZCP_RUN_INFO_KEY);
1171 1170 ri = lua_touserdata(state, -1);
1172 1171 lua_pop(state, 1);
1173 1172 return (ri);
1174 1173 }
1175 1174
1176 1175 /*
1177 1176 * Argument Parsing
1178 1177 * ================
1179 1178 *
1180 1179 * The Lua language allows methods to be called with any number
1181 1180 * of arguments of any type. When calling back into ZFS we need to sanitize
1182 1181 * arguments from channel programs to make sure unexpected arguments or
1183 1182 * arguments of the wrong type result in clear error messages. To do this
1184 1183 * in a uniform way all callbacks from channel programs should use the
1185 1184 * zcp_parse_args() function to interpret inputs.
1186 1185 *
1187 1186 * Positional vs Keyword Arguments
1188 1187 * ===============================
1189 1188 *
1190 1189 * Every callback function takes a fixed set of required positional arguments
1191 1190 * and optional keyword arguments. For example, the destroy function takes
1192 1191 * a single positional string argument (the name of the dataset to destroy)
1193 1192 * and an optional "defer" keyword boolean argument. When calling lua functions
1194 1193 * with parentheses, only positional arguments can be used:
1195 1194 *
1196 1195 * zfs.sync.snapshot("rpool@snap")
1197 1196 *
1198 1197 * To use keyword arguments functions should be called with a single argument
1199 1198 * that is a lua table containing mappings of integer -> positional arguments
1200 1199 * and string -> keyword arguments:
1201 1200 *
1202 1201 * zfs.sync.snapshot({1="rpool@snap", defer=true})
1203 1202 *
1204 1203 * The lua language allows curly braces to be used in place of parenthesis as
1205 1204 * syntactic sugar for this calling convention:
1206 1205 *
1207 1206 * zfs.sync.snapshot{"rpool@snap", defer=true}
1208 1207 */
1209 1208
1210 1209 /*
1211 1210 * Throw an error and print the given arguments. If there are too many
1212 1211 * arguments to fit in the output buffer, only the error format string is
1213 1212 * output.
1214 1213 */
1215 1214 static void
1216 1215 zcp_args_error(lua_State *state, const char *fname, const zcp_arg_t *pargs,
1217 1216 const zcp_arg_t *kwargs, const char *fmt, ...)
1218 1217 {
1219 1218 int i;
1220 1219 char errmsg[512];
1221 1220 size_t len = sizeof (errmsg);
1222 1221 size_t msglen = 0;
1223 1222 va_list argp;
1224 1223
1225 1224 va_start(argp, fmt);
1226 1225 VERIFY3U(len, >, vsnprintf(errmsg, len, fmt, argp));
1227 1226 va_end(argp);
1228 1227
1229 1228 /*
1230 1229 * Calculate the total length of the final string, including extra
1231 1230 * formatting characters. If the argument dump would be too large,
1232 1231 * only print the error string.
1233 1232 */
1234 1233 msglen = strlen(errmsg);
1235 1234 msglen += strlen(fname) + 4; /* : + {} + null terminator */
1236 1235 for (i = 0; pargs[i].za_name != NULL; i++) {
1237 1236 msglen += strlen(pargs[i].za_name);
1238 1237 msglen += strlen(lua_typename(state, pargs[i].za_lua_type));
1239 1238 if (pargs[i + 1].za_name != NULL || kwargs[0].za_name != NULL)
1240 1239 msglen += 5; /* < + ( + )> + , */
1241 1240 else
1242 1241 msglen += 4; /* < + ( + )> */
1243 1242 }
1244 1243 for (i = 0; kwargs[i].za_name != NULL; i++) {
1245 1244 msglen += strlen(kwargs[i].za_name);
1246 1245 msglen += strlen(lua_typename(state, kwargs[i].za_lua_type));
1247 1246 if (kwargs[i + 1].za_name != NULL)
1248 1247 msglen += 4; /* =( + ) + , */
1249 1248 else
1250 1249 msglen += 3; /* =( + ) */
1251 1250 }
1252 1251
1253 1252 if (msglen >= len)
1254 1253 (void) luaL_error(state, errmsg);
1255 1254
1256 1255 VERIFY3U(len, >, strlcat(errmsg, ": ", len));
1257 1256 VERIFY3U(len, >, strlcat(errmsg, fname, len));
1258 1257 VERIFY3U(len, >, strlcat(errmsg, "{", len));
1259 1258 for (i = 0; pargs[i].za_name != NULL; i++) {
1260 1259 VERIFY3U(len, >, strlcat(errmsg, "<", len));
1261 1260 VERIFY3U(len, >, strlcat(errmsg, pargs[i].za_name, len));
1262 1261 VERIFY3U(len, >, strlcat(errmsg, "(", len));
1263 1262 VERIFY3U(len, >, strlcat(errmsg,
1264 1263 lua_typename(state, pargs[i].za_lua_type), len));
1265 1264 VERIFY3U(len, >, strlcat(errmsg, ")>", len));
1266 1265 if (pargs[i + 1].za_name != NULL || kwargs[0].za_name != NULL) {
1267 1266 VERIFY3U(len, >, strlcat(errmsg, ", ", len));
1268 1267 }
1269 1268 }
1270 1269 for (i = 0; kwargs[i].za_name != NULL; i++) {
1271 1270 VERIFY3U(len, >, strlcat(errmsg, kwargs[i].za_name, len));
1272 1271 VERIFY3U(len, >, strlcat(errmsg, "=(", len));
1273 1272 VERIFY3U(len, >, strlcat(errmsg,
1274 1273 lua_typename(state, kwargs[i].za_lua_type), len));
1275 1274 VERIFY3U(len, >, strlcat(errmsg, ")", len));
1276 1275 if (kwargs[i + 1].za_name != NULL) {
1277 1276 VERIFY3U(len, >, strlcat(errmsg, ", ", len));
1278 1277 }
1279 1278 }
1280 1279 VERIFY3U(len, >, strlcat(errmsg, "}", len));
1281 1280
1282 1281 (void) luaL_error(state, errmsg);
1283 1282 panic("unreachable code");
1284 1283 }
1285 1284
1286 1285 static void
1287 1286 zcp_parse_table_args(lua_State *state, const char *fname,
1288 1287 const zcp_arg_t *pargs, const zcp_arg_t *kwargs)
1289 1288 {
1290 1289 int i;
1291 1290 int type;
1292 1291
1293 1292 for (i = 0; pargs[i].za_name != NULL; i++) {
1294 1293 /*
1295 1294 * Check the table for this positional argument, leaving it
1296 1295 * on the top of the stack once we finish validating it.
1297 1296 */
1298 1297 lua_pushinteger(state, i + 1);
1299 1298 lua_gettable(state, 1);
1300 1299
1301 1300 type = lua_type(state, -1);
1302 1301 if (type == LUA_TNIL) {
1303 1302 zcp_args_error(state, fname, pargs, kwargs,
1304 1303 "too few arguments");
1305 1304 panic("unreachable code");
1306 1305 } else if (type != pargs[i].za_lua_type) {
1307 1306 zcp_args_error(state, fname, pargs, kwargs,
1308 1307 "arg %d wrong type (is '%s', expected '%s')",
1309 1308 i + 1, lua_typename(state, type),
1310 1309 lua_typename(state, pargs[i].za_lua_type));
1311 1310 panic("unreachable code");
1312 1311 }
1313 1312
1314 1313 /*
1315 1314 * Remove the positional argument from the table.
1316 1315 */
1317 1316 lua_pushinteger(state, i + 1);
1318 1317 lua_pushnil(state);
1319 1318 lua_settable(state, 1);
1320 1319 }
1321 1320
1322 1321 for (i = 0; kwargs[i].za_name != NULL; i++) {
1323 1322 /*
1324 1323 * Check the table for this keyword argument, which may be
1325 1324 * nil if it was omitted. Leave the value on the top of
1326 1325 * the stack after validating it.
1327 1326 */
1328 1327 lua_getfield(state, 1, kwargs[i].za_name);
1329 1328
1330 1329 type = lua_type(state, -1);
1331 1330 if (type != LUA_TNIL && type != kwargs[i].za_lua_type) {
1332 1331 zcp_args_error(state, fname, pargs, kwargs,
1333 1332 "kwarg '%s' wrong type (is '%s', expected '%s')",
1334 1333 kwargs[i].za_name, lua_typename(state, type),
1335 1334 lua_typename(state, kwargs[i].za_lua_type));
1336 1335 panic("unreachable code");
1337 1336 }
1338 1337
1339 1338 /*
1340 1339 * Remove the keyword argument from the table.
1341 1340 */
1342 1341 lua_pushnil(state);
1343 1342 lua_setfield(state, 1, kwargs[i].za_name);
1344 1343 }
1345 1344
1346 1345 /*
1347 1346 * Any entries remaining in the table are invalid inputs, print
1348 1347 * an error message based on what the entry is.
1349 1348 */
1350 1349 lua_pushnil(state);
1351 1350 if (lua_next(state, 1)) {
1352 1351 if (lua_isnumber(state, -2) && lua_tointeger(state, -2) > 0) {
1353 1352 zcp_args_error(state, fname, pargs, kwargs,
1354 1353 "too many positional arguments");
1355 1354 } else if (lua_isstring(state, -2)) {
1356 1355 zcp_args_error(state, fname, pargs, kwargs,
1357 1356 "invalid kwarg '%s'", lua_tostring(state, -2));
1358 1357 } else {
1359 1358 zcp_args_error(state, fname, pargs, kwargs,
1360 1359 "kwarg keys must be strings");
1361 1360 }
1362 1361 panic("unreachable code");
1363 1362 }
1364 1363
1365 1364 lua_remove(state, 1);
1366 1365 }
1367 1366
1368 1367 static void
1369 1368 zcp_parse_pos_args(lua_State *state, const char *fname, const zcp_arg_t *pargs,
1370 1369 const zcp_arg_t *kwargs)
1371 1370 {
1372 1371 int i;
1373 1372 int type;
1374 1373
1375 1374 for (i = 0; pargs[i].za_name != NULL; i++) {
1376 1375 type = lua_type(state, i + 1);
1377 1376 if (type == LUA_TNONE) {
1378 1377 zcp_args_error(state, fname, pargs, kwargs,
1379 1378 "too few arguments");
1380 1379 panic("unreachable code");
1381 1380 } else if (type != pargs[i].za_lua_type) {
1382 1381 zcp_args_error(state, fname, pargs, kwargs,
1383 1382 "arg %d wrong type (is '%s', expected '%s')",
1384 1383 i + 1, lua_typename(state, type),
1385 1384 lua_typename(state, pargs[i].za_lua_type));
1386 1385 panic("unreachable code");
1387 1386 }
1388 1387 }
1389 1388 if (lua_gettop(state) != i) {
1390 1389 zcp_args_error(state, fname, pargs, kwargs,
1391 1390 "too many positional arguments");
1392 1391 panic("unreachable code");
1393 1392 }
1394 1393
1395 1394 for (i = 0; kwargs[i].za_name != NULL; i++) {
1396 1395 lua_pushnil(state);
1397 1396 }
1398 1397 }
1399 1398
1400 1399 /*
1401 1400 * Checks the current Lua stack against an expected set of positional and
1402 1401 * keyword arguments. If the stack does not match the expected arguments
1403 1402 * aborts the current channel program with a useful error message, otherwise
1404 1403 * it re-arranges the stack so that it contains the positional arguments
1405 1404 * followed by the keyword argument values in declaration order. Any missing
1406 1405 * keyword argument will be represented by a nil value on the stack.
1407 1406 *
1408 1407 * If the stack contains exactly one argument of type LUA_TTABLE the curly
1409 1408 * braces calling convention is assumed, otherwise the stack is parsed for
1410 1409 * positional arguments only.
1411 1410 *
1412 1411 * This function should be used by every function callback. It should be called
1413 1412 * before the callback manipulates the Lua stack as it assumes the stack
1414 1413 * represents the function arguments.
1415 1414 */
1416 1415 void
1417 1416 zcp_parse_args(lua_State *state, const char *fname, const zcp_arg_t *pargs,
1418 1417 const zcp_arg_t *kwargs)
1419 1418 {
1420 1419 if (lua_gettop(state) == 1 && lua_istable(state, 1)) {
1421 1420 zcp_parse_table_args(state, fname, pargs, kwargs);
1422 1421 } else {
1423 1422 zcp_parse_pos_args(state, fname, pargs, kwargs);
1424 1423 }
1425 1424 }
|
↓ open down ↓ |
693 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX