Print this page
4986 receiving replication stream fails if any snapshot exceeds refquota
Reviewed by: John Kennedy <john.kennedy@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/zfs/zfs_ioctl.c
+++ new/usr/src/uts/common/fs/zfs/zfs_ioctl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Portions Copyright 2011 Martin Matuska
25 + * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
25 26 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
26 27 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
27 28 * Copyright (c) 2011, 2015 by Delphix. All rights reserved.
28 29 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
29 30 * Copyright (c) 2013 Steven Hartland. All rights reserved.
30 31 */
31 32
32 33 /*
33 34 * ZFS ioctls.
34 35 *
35 36 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
36 37 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
37 38 *
38 39 * There are two ways that we handle ioctls: the legacy way where almost
39 40 * all of the logic is in the ioctl callback, and the new way where most
40 41 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
41 42 *
42 43 * Non-legacy ioctls should be registered by calling
43 44 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
44 45 * from userland by lzc_ioctl().
45 46 *
46 47 * The registration arguments are as follows:
47 48 *
48 49 * const char *name
49 50 * The name of the ioctl. This is used for history logging. If the
50 51 * ioctl returns successfully (the callback returns 0), and allow_log
51 52 * is true, then a history log entry will be recorded with the input &
52 53 * output nvlists. The log entry can be printed with "zpool history -i".
53 54 *
54 55 * zfs_ioc_t ioc
55 56 * The ioctl request number, which userland will pass to ioctl(2).
56 57 * The ioctl numbers can change from release to release, because
57 58 * the caller (libzfs) must be matched to the kernel.
58 59 *
59 60 * zfs_secpolicy_func_t *secpolicy
60 61 * This function will be called before the zfs_ioc_func_t, to
61 62 * determine if this operation is permitted. It should return EPERM
62 63 * on failure, and 0 on success. Checks include determining if the
63 64 * dataset is visible in this zone, and if the user has either all
64 65 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
65 66 * to do this operation on this dataset with "zfs allow".
66 67 *
67 68 * zfs_ioc_namecheck_t namecheck
68 69 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
69 70 * name, a dataset name, or nothing. If the name is not well-formed,
70 71 * the ioctl will fail and the callback will not be called.
71 72 * Therefore, the callback can assume that the name is well-formed
72 73 * (e.g. is null-terminated, doesn't have more than one '@' character,
73 74 * doesn't have invalid characters).
74 75 *
75 76 * zfs_ioc_poolcheck_t pool_check
76 77 * This specifies requirements on the pool state. If the pool does
77 78 * not meet them (is suspended or is readonly), the ioctl will fail
78 79 * and the callback will not be called. If any checks are specified
79 80 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
80 81 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
81 82 * POOL_CHECK_READONLY).
82 83 *
83 84 * boolean_t smush_outnvlist
84 85 * If smush_outnvlist is true, then the output is presumed to be a
85 86 * list of errors, and it will be "smushed" down to fit into the
86 87 * caller's buffer, by removing some entries and replacing them with a
87 88 * single "N_MORE_ERRORS" entry indicating how many were removed. See
88 89 * nvlist_smush() for details. If smush_outnvlist is false, and the
89 90 * outnvlist does not fit into the userland-provided buffer, then the
90 91 * ioctl will fail with ENOMEM.
91 92 *
92 93 * zfs_ioc_func_t *func
93 94 * The callback function that will perform the operation.
94 95 *
95 96 * The callback should return 0 on success, or an error number on
96 97 * failure. If the function fails, the userland ioctl will return -1,
97 98 * and errno will be set to the callback's return value. The callback
98 99 * will be called with the following arguments:
99 100 *
100 101 * const char *name
101 102 * The name of the pool or dataset to operate on, from
102 103 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
103 104 * expected type (pool, dataset, or none).
104 105 *
105 106 * nvlist_t *innvl
106 107 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
107 108 * NULL if no input nvlist was provided. Changes to this nvlist are
108 109 * ignored. If the input nvlist could not be deserialized, the
109 110 * ioctl will fail and the callback will not be called.
110 111 *
111 112 * nvlist_t *outnvl
112 113 * The output nvlist, initially empty. The callback can fill it in,
113 114 * and it will be returned to userland by serializing it into
114 115 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
115 116 * fails (e.g. because the caller didn't supply a large enough
116 117 * buffer), then the overall ioctl will fail. See the
117 118 * 'smush_nvlist' argument above for additional behaviors.
118 119 *
119 120 * There are two typical uses of the output nvlist:
120 121 * - To return state, e.g. property values. In this case,
121 122 * smush_outnvlist should be false. If the buffer was not large
122 123 * enough, the caller will reallocate a larger buffer and try
123 124 * the ioctl again.
124 125 *
125 126 * - To return multiple errors from an ioctl which makes on-disk
126 127 * changes. In this case, smush_outnvlist should be true.
127 128 * Ioctls which make on-disk modifications should generally not
128 129 * use the outnvl if they succeed, because the caller can not
129 130 * distinguish between the operation failing, and
130 131 * deserialization failing.
131 132 */
132 133
133 134 #include <sys/types.h>
134 135 #include <sys/param.h>
135 136 #include <sys/errno.h>
136 137 #include <sys/uio.h>
137 138 #include <sys/buf.h>
138 139 #include <sys/modctl.h>
139 140 #include <sys/open.h>
140 141 #include <sys/file.h>
141 142 #include <sys/kmem.h>
142 143 #include <sys/conf.h>
143 144 #include <sys/cmn_err.h>
144 145 #include <sys/stat.h>
145 146 #include <sys/zfs_ioctl.h>
146 147 #include <sys/zfs_vfsops.h>
147 148 #include <sys/zfs_znode.h>
148 149 #include <sys/zap.h>
149 150 #include <sys/spa.h>
150 151 #include <sys/spa_impl.h>
151 152 #include <sys/vdev.h>
152 153 #include <sys/priv_impl.h>
153 154 #include <sys/dmu.h>
154 155 #include <sys/dsl_dir.h>
155 156 #include <sys/dsl_dataset.h>
156 157 #include <sys/dsl_prop.h>
157 158 #include <sys/dsl_deleg.h>
158 159 #include <sys/dmu_objset.h>
159 160 #include <sys/dmu_impl.h>
160 161 #include <sys/dmu_tx.h>
161 162 #include <sys/ddi.h>
162 163 #include <sys/sunddi.h>
163 164 #include <sys/sunldi.h>
164 165 #include <sys/policy.h>
165 166 #include <sys/zone.h>
166 167 #include <sys/nvpair.h>
167 168 #include <sys/pathname.h>
168 169 #include <sys/mount.h>
169 170 #include <sys/sdt.h>
170 171 #include <sys/fs/zfs.h>
171 172 #include <sys/zfs_ctldir.h>
172 173 #include <sys/zfs_dir.h>
173 174 #include <sys/zfs_onexit.h>
174 175 #include <sys/zvol.h>
175 176 #include <sys/dsl_scan.h>
176 177 #include <sharefs/share.h>
177 178 #include <sys/dmu_objset.h>
178 179 #include <sys/dmu_send.h>
179 180 #include <sys/dsl_destroy.h>
180 181 #include <sys/dsl_bookmark.h>
181 182 #include <sys/dsl_userhold.h>
182 183 #include <sys/zfeature.h>
183 184 #include <sys/zio_checksum.h>
184 185
185 186 #include "zfs_namecheck.h"
186 187 #include "zfs_prop.h"
187 188 #include "zfs_deleg.h"
188 189 #include "zfs_comutil.h"
189 190
190 191 extern struct modlfs zfs_modlfs;
191 192
192 193 extern void zfs_init(void);
193 194 extern void zfs_fini(void);
194 195
195 196 ldi_ident_t zfs_li = NULL;
196 197 dev_info_t *zfs_dip;
197 198
198 199 uint_t zfs_fsyncer_key;
199 200 extern uint_t rrw_tsd_key;
200 201 static uint_t zfs_allow_log_key;
201 202
202 203 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
203 204 typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
204 205 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
205 206
206 207 typedef enum {
207 208 NO_NAME,
208 209 POOL_NAME,
209 210 DATASET_NAME
210 211 } zfs_ioc_namecheck_t;
211 212
212 213 typedef enum {
213 214 POOL_CHECK_NONE = 1 << 0,
214 215 POOL_CHECK_SUSPENDED = 1 << 1,
215 216 POOL_CHECK_READONLY = 1 << 2,
216 217 } zfs_ioc_poolcheck_t;
217 218
218 219 typedef struct zfs_ioc_vec {
219 220 zfs_ioc_legacy_func_t *zvec_legacy_func;
220 221 zfs_ioc_func_t *zvec_func;
221 222 zfs_secpolicy_func_t *zvec_secpolicy;
222 223 zfs_ioc_namecheck_t zvec_namecheck;
223 224 boolean_t zvec_allow_log;
224 225 zfs_ioc_poolcheck_t zvec_pool_check;
225 226 boolean_t zvec_smush_outnvlist;
226 227 const char *zvec_name;
227 228 } zfs_ioc_vec_t;
228 229
229 230 /* This array is indexed by zfs_userquota_prop_t */
230 231 static const char *userquota_perms[] = {
231 232 ZFS_DELEG_PERM_USERUSED,
232 233 ZFS_DELEG_PERM_USERQUOTA,
233 234 ZFS_DELEG_PERM_GROUPUSED,
234 235 ZFS_DELEG_PERM_GROUPQUOTA,
235 236 };
236 237
237 238 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
238 239 static int zfs_check_settable(const char *name, nvpair_t *property,
239 240 cred_t *cr);
240 241 static int zfs_check_clearable(char *dataset, nvlist_t *props,
241 242 nvlist_t **errors);
242 243 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
243 244 boolean_t *);
244 245 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
245 246 static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
246 247
247 248 static int zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature);
248 249
249 250 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
250 251 void
251 252 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
252 253 {
253 254 const char *newfile;
254 255 char buf[512];
255 256 va_list adx;
256 257
257 258 /*
258 259 * Get rid of annoying "../common/" prefix to filename.
259 260 */
260 261 newfile = strrchr(file, '/');
261 262 if (newfile != NULL) {
262 263 newfile = newfile + 1; /* Get rid of leading / */
263 264 } else {
264 265 newfile = file;
265 266 }
266 267
267 268 va_start(adx, fmt);
268 269 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
269 270 va_end(adx);
270 271
271 272 /*
272 273 * To get this data, use the zfs-dprintf probe as so:
273 274 * dtrace -q -n 'zfs-dprintf \
274 275 * /stringof(arg0) == "dbuf.c"/ \
275 276 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
276 277 * arg0 = file name
277 278 * arg1 = function name
278 279 * arg2 = line number
279 280 * arg3 = message
280 281 */
281 282 DTRACE_PROBE4(zfs__dprintf,
282 283 char *, newfile, char *, func, int, line, char *, buf);
283 284 }
284 285
285 286 static void
286 287 history_str_free(char *buf)
287 288 {
288 289 kmem_free(buf, HIS_MAX_RECORD_LEN);
289 290 }
290 291
291 292 static char *
292 293 history_str_get(zfs_cmd_t *zc)
293 294 {
294 295 char *buf;
295 296
296 297 if (zc->zc_history == NULL)
297 298 return (NULL);
298 299
299 300 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
300 301 if (copyinstr((void *)(uintptr_t)zc->zc_history,
301 302 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
302 303 history_str_free(buf);
303 304 return (NULL);
304 305 }
305 306
306 307 buf[HIS_MAX_RECORD_LEN -1] = '\0';
307 308
308 309 return (buf);
309 310 }
310 311
311 312 /*
312 313 * Check to see if the named dataset is currently defined as bootable
313 314 */
314 315 static boolean_t
315 316 zfs_is_bootfs(const char *name)
316 317 {
317 318 objset_t *os;
318 319
319 320 if (dmu_objset_hold(name, FTAG, &os) == 0) {
320 321 boolean_t ret;
321 322 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
322 323 dmu_objset_rele(os, FTAG);
323 324 return (ret);
324 325 }
325 326 return (B_FALSE);
326 327 }
327 328
328 329 /*
329 330 * Return non-zero if the spa version is less than requested version.
330 331 */
331 332 static int
332 333 zfs_earlier_version(const char *name, int version)
333 334 {
334 335 spa_t *spa;
335 336
336 337 if (spa_open(name, &spa, FTAG) == 0) {
337 338 if (spa_version(spa) < version) {
338 339 spa_close(spa, FTAG);
339 340 return (1);
340 341 }
341 342 spa_close(spa, FTAG);
342 343 }
343 344 return (0);
344 345 }
345 346
346 347 /*
347 348 * Return TRUE if the ZPL version is less than requested version.
348 349 */
349 350 static boolean_t
350 351 zpl_earlier_version(const char *name, int version)
351 352 {
352 353 objset_t *os;
353 354 boolean_t rc = B_TRUE;
354 355
355 356 if (dmu_objset_hold(name, FTAG, &os) == 0) {
356 357 uint64_t zplversion;
357 358
358 359 if (dmu_objset_type(os) != DMU_OST_ZFS) {
359 360 dmu_objset_rele(os, FTAG);
360 361 return (B_TRUE);
361 362 }
362 363 /* XXX reading from non-owned objset */
363 364 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
364 365 rc = zplversion < version;
365 366 dmu_objset_rele(os, FTAG);
366 367 }
367 368 return (rc);
368 369 }
369 370
370 371 static void
371 372 zfs_log_history(zfs_cmd_t *zc)
372 373 {
373 374 spa_t *spa;
374 375 char *buf;
375 376
376 377 if ((buf = history_str_get(zc)) == NULL)
377 378 return;
378 379
379 380 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
380 381 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
381 382 (void) spa_history_log(spa, buf);
382 383 spa_close(spa, FTAG);
383 384 }
384 385 history_str_free(buf);
385 386 }
386 387
387 388 /*
388 389 * Policy for top-level read operations (list pools). Requires no privileges,
389 390 * and can be used in the local zone, as there is no associated dataset.
390 391 */
391 392 /* ARGSUSED */
392 393 static int
393 394 zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
394 395 {
395 396 return (0);
396 397 }
397 398
398 399 /*
399 400 * Policy for dataset read operations (list children, get statistics). Requires
400 401 * no privileges, but must be visible in the local zone.
401 402 */
402 403 /* ARGSUSED */
403 404 static int
404 405 zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
405 406 {
406 407 if (INGLOBALZONE(curproc) ||
407 408 zone_dataset_visible(zc->zc_name, NULL))
408 409 return (0);
409 410
410 411 return (SET_ERROR(ENOENT));
411 412 }
412 413
413 414 static int
414 415 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
415 416 {
416 417 int writable = 1;
417 418
418 419 /*
419 420 * The dataset must be visible by this zone -- check this first
420 421 * so they don't see EPERM on something they shouldn't know about.
421 422 */
422 423 if (!INGLOBALZONE(curproc) &&
423 424 !zone_dataset_visible(dataset, &writable))
424 425 return (SET_ERROR(ENOENT));
425 426
426 427 if (INGLOBALZONE(curproc)) {
427 428 /*
428 429 * If the fs is zoned, only root can access it from the
429 430 * global zone.
430 431 */
431 432 if (secpolicy_zfs(cr) && zoned)
432 433 return (SET_ERROR(EPERM));
433 434 } else {
434 435 /*
435 436 * If we are in a local zone, the 'zoned' property must be set.
436 437 */
437 438 if (!zoned)
438 439 return (SET_ERROR(EPERM));
439 440
440 441 /* must be writable by this zone */
441 442 if (!writable)
442 443 return (SET_ERROR(EPERM));
443 444 }
444 445 return (0);
445 446 }
446 447
447 448 static int
448 449 zfs_dozonecheck(const char *dataset, cred_t *cr)
449 450 {
450 451 uint64_t zoned;
451 452
452 453 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
453 454 return (SET_ERROR(ENOENT));
454 455
455 456 return (zfs_dozonecheck_impl(dataset, zoned, cr));
456 457 }
457 458
458 459 static int
459 460 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
460 461 {
461 462 uint64_t zoned;
462 463
463 464 if (dsl_prop_get_int_ds(ds, "zoned", &zoned))
464 465 return (SET_ERROR(ENOENT));
465 466
466 467 return (zfs_dozonecheck_impl(dataset, zoned, cr));
467 468 }
468 469
469 470 static int
470 471 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
471 472 const char *perm, cred_t *cr)
472 473 {
473 474 int error;
474 475
475 476 error = zfs_dozonecheck_ds(name, ds, cr);
476 477 if (error == 0) {
477 478 error = secpolicy_zfs(cr);
478 479 if (error != 0)
479 480 error = dsl_deleg_access_impl(ds, perm, cr);
480 481 }
481 482 return (error);
482 483 }
483 484
484 485 static int
485 486 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
486 487 {
487 488 int error;
488 489 dsl_dataset_t *ds;
489 490 dsl_pool_t *dp;
490 491
491 492 error = dsl_pool_hold(name, FTAG, &dp);
492 493 if (error != 0)
493 494 return (error);
494 495
495 496 error = dsl_dataset_hold(dp, name, FTAG, &ds);
496 497 if (error != 0) {
497 498 dsl_pool_rele(dp, FTAG);
498 499 return (error);
499 500 }
500 501
501 502 error = zfs_secpolicy_write_perms_ds(name, ds, perm, cr);
502 503
503 504 dsl_dataset_rele(ds, FTAG);
504 505 dsl_pool_rele(dp, FTAG);
505 506 return (error);
506 507 }
507 508
508 509 /*
509 510 * Policy for setting the security label property.
510 511 *
511 512 * Returns 0 for success, non-zero for access and other errors.
512 513 */
513 514 static int
514 515 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
515 516 {
516 517 char ds_hexsl[MAXNAMELEN];
517 518 bslabel_t ds_sl, new_sl;
518 519 boolean_t new_default = FALSE;
519 520 uint64_t zoned;
520 521 int needed_priv = -1;
521 522 int error;
522 523
523 524 /* First get the existing dataset label. */
524 525 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
525 526 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
526 527 if (error != 0)
527 528 return (SET_ERROR(EPERM));
528 529
529 530 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
530 531 new_default = TRUE;
531 532
532 533 /* The label must be translatable */
533 534 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
534 535 return (SET_ERROR(EINVAL));
535 536
536 537 /*
537 538 * In a non-global zone, disallow attempts to set a label that
538 539 * doesn't match that of the zone; otherwise no other checks
539 540 * are needed.
540 541 */
541 542 if (!INGLOBALZONE(curproc)) {
542 543 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
543 544 return (SET_ERROR(EPERM));
544 545 return (0);
545 546 }
546 547
547 548 /*
548 549 * For global-zone datasets (i.e., those whose zoned property is
549 550 * "off", verify that the specified new label is valid for the
550 551 * global zone.
551 552 */
552 553 if (dsl_prop_get_integer(name,
553 554 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
554 555 return (SET_ERROR(EPERM));
555 556 if (!zoned) {
556 557 if (zfs_check_global_label(name, strval) != 0)
557 558 return (SET_ERROR(EPERM));
558 559 }
559 560
560 561 /*
561 562 * If the existing dataset label is nondefault, check if the
562 563 * dataset is mounted (label cannot be changed while mounted).
563 564 * Get the zfsvfs; if there isn't one, then the dataset isn't
564 565 * mounted (or isn't a dataset, doesn't exist, ...).
565 566 */
566 567 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
567 568 objset_t *os;
568 569 static char *setsl_tag = "setsl_tag";
569 570
570 571 /*
571 572 * Try to own the dataset; abort if there is any error,
572 573 * (e.g., already mounted, in use, or other error).
573 574 */
574 575 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
575 576 setsl_tag, &os);
576 577 if (error != 0)
577 578 return (SET_ERROR(EPERM));
578 579
579 580 dmu_objset_disown(os, setsl_tag);
580 581
581 582 if (new_default) {
582 583 needed_priv = PRIV_FILE_DOWNGRADE_SL;
583 584 goto out_check;
584 585 }
585 586
586 587 if (hexstr_to_label(strval, &new_sl) != 0)
587 588 return (SET_ERROR(EPERM));
588 589
589 590 if (blstrictdom(&ds_sl, &new_sl))
590 591 needed_priv = PRIV_FILE_DOWNGRADE_SL;
591 592 else if (blstrictdom(&new_sl, &ds_sl))
592 593 needed_priv = PRIV_FILE_UPGRADE_SL;
593 594 } else {
594 595 /* dataset currently has a default label */
595 596 if (!new_default)
596 597 needed_priv = PRIV_FILE_UPGRADE_SL;
597 598 }
598 599
599 600 out_check:
600 601 if (needed_priv != -1)
601 602 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
602 603 return (0);
603 604 }
604 605
605 606 static int
606 607 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
607 608 cred_t *cr)
608 609 {
609 610 char *strval;
610 611
611 612 /*
612 613 * Check permissions for special properties.
613 614 */
614 615 switch (prop) {
615 616 case ZFS_PROP_ZONED:
616 617 /*
617 618 * Disallow setting of 'zoned' from within a local zone.
618 619 */
619 620 if (!INGLOBALZONE(curproc))
620 621 return (SET_ERROR(EPERM));
621 622 break;
622 623
623 624 case ZFS_PROP_QUOTA:
624 625 case ZFS_PROP_FILESYSTEM_LIMIT:
625 626 case ZFS_PROP_SNAPSHOT_LIMIT:
626 627 if (!INGLOBALZONE(curproc)) {
627 628 uint64_t zoned;
628 629 char setpoint[MAXNAMELEN];
629 630 /*
630 631 * Unprivileged users are allowed to modify the
631 632 * limit on things *under* (ie. contained by)
632 633 * the thing they own.
633 634 */
634 635 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
635 636 setpoint))
636 637 return (SET_ERROR(EPERM));
637 638 if (!zoned || strlen(dsname) <= strlen(setpoint))
638 639 return (SET_ERROR(EPERM));
639 640 }
640 641 break;
641 642
642 643 case ZFS_PROP_MLSLABEL:
643 644 if (!is_system_labeled())
644 645 return (SET_ERROR(EPERM));
645 646
646 647 if (nvpair_value_string(propval, &strval) == 0) {
647 648 int err;
648 649
649 650 err = zfs_set_slabel_policy(dsname, strval, CRED());
650 651 if (err != 0)
651 652 return (err);
652 653 }
653 654 break;
654 655 }
655 656
656 657 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
657 658 }
658 659
659 660 /* ARGSUSED */
660 661 static int
661 662 zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
662 663 {
663 664 int error;
664 665
665 666 error = zfs_dozonecheck(zc->zc_name, cr);
666 667 if (error != 0)
667 668 return (error);
668 669
669 670 /*
670 671 * permission to set permissions will be evaluated later in
671 672 * dsl_deleg_can_allow()
672 673 */
673 674 return (0);
674 675 }
675 676
676 677 /* ARGSUSED */
677 678 static int
678 679 zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
679 680 {
680 681 return (zfs_secpolicy_write_perms(zc->zc_name,
681 682 ZFS_DELEG_PERM_ROLLBACK, cr));
682 683 }
683 684
684 685 /* ARGSUSED */
685 686 static int
686 687 zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
687 688 {
688 689 dsl_pool_t *dp;
689 690 dsl_dataset_t *ds;
690 691 char *cp;
691 692 int error;
692 693
693 694 /*
694 695 * Generate the current snapshot name from the given objsetid, then
695 696 * use that name for the secpolicy/zone checks.
696 697 */
697 698 cp = strchr(zc->zc_name, '@');
698 699 if (cp == NULL)
699 700 return (SET_ERROR(EINVAL));
700 701 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
701 702 if (error != 0)
702 703 return (error);
703 704
704 705 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
705 706 if (error != 0) {
706 707 dsl_pool_rele(dp, FTAG);
707 708 return (error);
708 709 }
709 710
710 711 dsl_dataset_name(ds, zc->zc_name);
711 712
712 713 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
713 714 ZFS_DELEG_PERM_SEND, cr);
714 715 dsl_dataset_rele(ds, FTAG);
715 716 dsl_pool_rele(dp, FTAG);
716 717
717 718 return (error);
718 719 }
719 720
720 721 /* ARGSUSED */
721 722 static int
722 723 zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
723 724 {
724 725 return (zfs_secpolicy_write_perms(zc->zc_name,
725 726 ZFS_DELEG_PERM_SEND, cr));
726 727 }
727 728
728 729 /* ARGSUSED */
729 730 static int
730 731 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
731 732 {
732 733 vnode_t *vp;
733 734 int error;
734 735
735 736 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
736 737 NO_FOLLOW, NULL, &vp)) != 0)
737 738 return (error);
738 739
739 740 /* Now make sure mntpnt and dataset are ZFS */
740 741
741 742 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
742 743 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
743 744 zc->zc_name) != 0)) {
744 745 VN_RELE(vp);
745 746 return (SET_ERROR(EPERM));
746 747 }
747 748
748 749 VN_RELE(vp);
749 750 return (dsl_deleg_access(zc->zc_name,
750 751 ZFS_DELEG_PERM_SHARE, cr));
751 752 }
752 753
753 754 int
754 755 zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
755 756 {
756 757 if (!INGLOBALZONE(curproc))
757 758 return (SET_ERROR(EPERM));
758 759
759 760 if (secpolicy_nfs(cr) == 0) {
760 761 return (0);
761 762 } else {
762 763 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
763 764 }
764 765 }
765 766
766 767 int
767 768 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
768 769 {
769 770 if (!INGLOBALZONE(curproc))
770 771 return (SET_ERROR(EPERM));
771 772
772 773 if (secpolicy_smb(cr) == 0) {
773 774 return (0);
774 775 } else {
775 776 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
776 777 }
777 778 }
778 779
779 780 static int
780 781 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
781 782 {
782 783 char *cp;
783 784
784 785 /*
785 786 * Remove the @bla or /bla from the end of the name to get the parent.
786 787 */
787 788 (void) strncpy(parent, datasetname, parentsize);
788 789 cp = strrchr(parent, '@');
789 790 if (cp != NULL) {
790 791 cp[0] = '\0';
791 792 } else {
792 793 cp = strrchr(parent, '/');
793 794 if (cp == NULL)
794 795 return (SET_ERROR(ENOENT));
795 796 cp[0] = '\0';
796 797 }
797 798
798 799 return (0);
799 800 }
800 801
801 802 int
802 803 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
803 804 {
804 805 int error;
805 806
806 807 if ((error = zfs_secpolicy_write_perms(name,
807 808 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
808 809 return (error);
809 810
810 811 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
811 812 }
812 813
813 814 /* ARGSUSED */
814 815 static int
815 816 zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
816 817 {
817 818 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
818 819 }
819 820
820 821 /*
821 822 * Destroying snapshots with delegated permissions requires
822 823 * descendant mount and destroy permissions.
823 824 */
824 825 /* ARGSUSED */
825 826 static int
826 827 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
827 828 {
828 829 nvlist_t *snaps;
829 830 nvpair_t *pair, *nextpair;
830 831 int error = 0;
831 832
832 833 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
833 834 return (SET_ERROR(EINVAL));
834 835 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
835 836 pair = nextpair) {
836 837 nextpair = nvlist_next_nvpair(snaps, pair);
837 838 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
838 839 if (error == ENOENT) {
839 840 /*
840 841 * Ignore any snapshots that don't exist (we consider
841 842 * them "already destroyed"). Remove the name from the
842 843 * nvl here in case the snapshot is created between
843 844 * now and when we try to destroy it (in which case
844 845 * we don't want to destroy it since we haven't
845 846 * checked for permission).
846 847 */
847 848 fnvlist_remove_nvpair(snaps, pair);
848 849 error = 0;
849 850 }
850 851 if (error != 0)
851 852 break;
852 853 }
853 854
854 855 return (error);
855 856 }
856 857
857 858 int
858 859 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
859 860 {
860 861 char parentname[MAXNAMELEN];
861 862 int error;
862 863
863 864 if ((error = zfs_secpolicy_write_perms(from,
864 865 ZFS_DELEG_PERM_RENAME, cr)) != 0)
865 866 return (error);
866 867
867 868 if ((error = zfs_secpolicy_write_perms(from,
868 869 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
869 870 return (error);
870 871
871 872 if ((error = zfs_get_parent(to, parentname,
872 873 sizeof (parentname))) != 0)
873 874 return (error);
874 875
875 876 if ((error = zfs_secpolicy_write_perms(parentname,
876 877 ZFS_DELEG_PERM_CREATE, cr)) != 0)
877 878 return (error);
878 879
879 880 if ((error = zfs_secpolicy_write_perms(parentname,
880 881 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
881 882 return (error);
882 883
883 884 return (error);
884 885 }
885 886
886 887 /* ARGSUSED */
887 888 static int
888 889 zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
889 890 {
890 891 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
891 892 }
892 893
893 894 /* ARGSUSED */
894 895 static int
895 896 zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
896 897 {
897 898 dsl_pool_t *dp;
898 899 dsl_dataset_t *clone;
899 900 int error;
900 901
901 902 error = zfs_secpolicy_write_perms(zc->zc_name,
902 903 ZFS_DELEG_PERM_PROMOTE, cr);
903 904 if (error != 0)
904 905 return (error);
905 906
906 907 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
907 908 if (error != 0)
908 909 return (error);
909 910
910 911 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &clone);
911 912
912 913 if (error == 0) {
913 914 char parentname[MAXNAMELEN];
914 915 dsl_dataset_t *origin = NULL;
915 916 dsl_dir_t *dd;
916 917 dd = clone->ds_dir;
917 918
918 919 error = dsl_dataset_hold_obj(dd->dd_pool,
919 920 dsl_dir_phys(dd)->dd_origin_obj, FTAG, &origin);
920 921 if (error != 0) {
921 922 dsl_dataset_rele(clone, FTAG);
922 923 dsl_pool_rele(dp, FTAG);
923 924 return (error);
924 925 }
925 926
926 927 error = zfs_secpolicy_write_perms_ds(zc->zc_name, clone,
927 928 ZFS_DELEG_PERM_MOUNT, cr);
928 929
929 930 dsl_dataset_name(origin, parentname);
930 931 if (error == 0) {
931 932 error = zfs_secpolicy_write_perms_ds(parentname, origin,
932 933 ZFS_DELEG_PERM_PROMOTE, cr);
933 934 }
934 935 dsl_dataset_rele(clone, FTAG);
935 936 dsl_dataset_rele(origin, FTAG);
936 937 }
937 938 dsl_pool_rele(dp, FTAG);
938 939 return (error);
939 940 }
940 941
941 942 /* ARGSUSED */
942 943 static int
943 944 zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
944 945 {
945 946 int error;
946 947
947 948 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
948 949 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
949 950 return (error);
950 951
951 952 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
952 953 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
953 954 return (error);
954 955
955 956 return (zfs_secpolicy_write_perms(zc->zc_name,
956 957 ZFS_DELEG_PERM_CREATE, cr));
957 958 }
958 959
959 960 int
960 961 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
961 962 {
962 963 return (zfs_secpolicy_write_perms(name,
963 964 ZFS_DELEG_PERM_SNAPSHOT, cr));
964 965 }
965 966
966 967 /*
967 968 * Check for permission to create each snapshot in the nvlist.
968 969 */
969 970 /* ARGSUSED */
970 971 static int
971 972 zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
972 973 {
973 974 nvlist_t *snaps;
974 975 int error = 0;
975 976 nvpair_t *pair;
976 977
977 978 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
978 979 return (SET_ERROR(EINVAL));
979 980 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
980 981 pair = nvlist_next_nvpair(snaps, pair)) {
981 982 char *name = nvpair_name(pair);
982 983 char *atp = strchr(name, '@');
983 984
984 985 if (atp == NULL) {
985 986 error = SET_ERROR(EINVAL);
986 987 break;
987 988 }
988 989 *atp = '\0';
989 990 error = zfs_secpolicy_snapshot_perms(name, cr);
990 991 *atp = '@';
991 992 if (error != 0)
992 993 break;
993 994 }
994 995 return (error);
995 996 }
996 997
997 998 /*
998 999 * Check for permission to create each snapshot in the nvlist.
999 1000 */
1000 1001 /* ARGSUSED */
1001 1002 static int
1002 1003 zfs_secpolicy_bookmark(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1003 1004 {
1004 1005 int error = 0;
1005 1006
1006 1007 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
1007 1008 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
1008 1009 char *name = nvpair_name(pair);
1009 1010 char *hashp = strchr(name, '#');
1010 1011
1011 1012 if (hashp == NULL) {
1012 1013 error = SET_ERROR(EINVAL);
1013 1014 break;
1014 1015 }
1015 1016 *hashp = '\0';
1016 1017 error = zfs_secpolicy_write_perms(name,
1017 1018 ZFS_DELEG_PERM_BOOKMARK, cr);
1018 1019 *hashp = '#';
1019 1020 if (error != 0)
1020 1021 break;
1021 1022 }
1022 1023 return (error);
1023 1024 }
1024 1025
1025 1026 /* ARGSUSED */
1026 1027 static int
1027 1028 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1028 1029 {
1029 1030 nvpair_t *pair, *nextpair;
1030 1031 int error = 0;
1031 1032
1032 1033 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1033 1034 pair = nextpair) {
1034 1035 char *name = nvpair_name(pair);
1035 1036 char *hashp = strchr(name, '#');
1036 1037 nextpair = nvlist_next_nvpair(innvl, pair);
1037 1038
1038 1039 if (hashp == NULL) {
1039 1040 error = SET_ERROR(EINVAL);
1040 1041 break;
1041 1042 }
1042 1043
1043 1044 *hashp = '\0';
1044 1045 error = zfs_secpolicy_write_perms(name,
1045 1046 ZFS_DELEG_PERM_DESTROY, cr);
1046 1047 *hashp = '#';
1047 1048 if (error == ENOENT) {
1048 1049 /*
1049 1050 * Ignore any filesystems that don't exist (we consider
1050 1051 * their bookmarks "already destroyed"). Remove
1051 1052 * the name from the nvl here in case the filesystem
1052 1053 * is created between now and when we try to destroy
1053 1054 * the bookmark (in which case we don't want to
1054 1055 * destroy it since we haven't checked for permission).
1055 1056 */
1056 1057 fnvlist_remove_nvpair(innvl, pair);
1057 1058 error = 0;
1058 1059 }
1059 1060 if (error != 0)
1060 1061 break;
1061 1062 }
1062 1063
1063 1064 return (error);
1064 1065 }
1065 1066
1066 1067 /* ARGSUSED */
1067 1068 static int
1068 1069 zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1069 1070 {
1070 1071 /*
1071 1072 * Even root must have a proper TSD so that we know what pool
1072 1073 * to log to.
1073 1074 */
1074 1075 if (tsd_get(zfs_allow_log_key) == NULL)
1075 1076 return (SET_ERROR(EPERM));
1076 1077 return (0);
1077 1078 }
1078 1079
1079 1080 static int
1080 1081 zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1081 1082 {
1082 1083 char parentname[MAXNAMELEN];
1083 1084 int error;
1084 1085 char *origin;
1085 1086
1086 1087 if ((error = zfs_get_parent(zc->zc_name, parentname,
1087 1088 sizeof (parentname))) != 0)
1088 1089 return (error);
1089 1090
1090 1091 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1091 1092 (error = zfs_secpolicy_write_perms(origin,
1092 1093 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1093 1094 return (error);
1094 1095
1095 1096 if ((error = zfs_secpolicy_write_perms(parentname,
1096 1097 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1097 1098 return (error);
1098 1099
1099 1100 return (zfs_secpolicy_write_perms(parentname,
1100 1101 ZFS_DELEG_PERM_MOUNT, cr));
1101 1102 }
1102 1103
1103 1104 /*
1104 1105 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1105 1106 * SYS_CONFIG privilege, which is not available in a local zone.
1106 1107 */
1107 1108 /* ARGSUSED */
1108 1109 static int
1109 1110 zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1110 1111 {
1111 1112 if (secpolicy_sys_config(cr, B_FALSE) != 0)
1112 1113 return (SET_ERROR(EPERM));
1113 1114
1114 1115 return (0);
1115 1116 }
1116 1117
1117 1118 /*
1118 1119 * Policy for object to name lookups.
1119 1120 */
1120 1121 /* ARGSUSED */
1121 1122 static int
1122 1123 zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1123 1124 {
1124 1125 int error;
1125 1126
1126 1127 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1127 1128 return (0);
1128 1129
1129 1130 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1130 1131 return (error);
1131 1132 }
1132 1133
1133 1134 /*
1134 1135 * Policy for fault injection. Requires all privileges.
1135 1136 */
1136 1137 /* ARGSUSED */
1137 1138 static int
1138 1139 zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1139 1140 {
1140 1141 return (secpolicy_zinject(cr));
1141 1142 }
1142 1143
1143 1144 /* ARGSUSED */
1144 1145 static int
1145 1146 zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1146 1147 {
1147 1148 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1148 1149
1149 1150 if (prop == ZPROP_INVAL) {
1150 1151 if (!zfs_prop_user(zc->zc_value))
1151 1152 return (SET_ERROR(EINVAL));
1152 1153 return (zfs_secpolicy_write_perms(zc->zc_name,
1153 1154 ZFS_DELEG_PERM_USERPROP, cr));
1154 1155 } else {
1155 1156 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1156 1157 NULL, cr));
1157 1158 }
1158 1159 }
1159 1160
1160 1161 static int
1161 1162 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1162 1163 {
1163 1164 int err = zfs_secpolicy_read(zc, innvl, cr);
1164 1165 if (err)
1165 1166 return (err);
1166 1167
1167 1168 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1168 1169 return (SET_ERROR(EINVAL));
1169 1170
1170 1171 if (zc->zc_value[0] == 0) {
1171 1172 /*
1172 1173 * They are asking about a posix uid/gid. If it's
1173 1174 * themself, allow it.
1174 1175 */
1175 1176 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1176 1177 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
1177 1178 if (zc->zc_guid == crgetuid(cr))
1178 1179 return (0);
1179 1180 } else {
1180 1181 if (groupmember(zc->zc_guid, cr))
1181 1182 return (0);
1182 1183 }
1183 1184 }
1184 1185
1185 1186 return (zfs_secpolicy_write_perms(zc->zc_name,
1186 1187 userquota_perms[zc->zc_objset_type], cr));
1187 1188 }
1188 1189
1189 1190 static int
1190 1191 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1191 1192 {
1192 1193 int err = zfs_secpolicy_read(zc, innvl, cr);
1193 1194 if (err)
1194 1195 return (err);
1195 1196
1196 1197 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1197 1198 return (SET_ERROR(EINVAL));
1198 1199
1199 1200 return (zfs_secpolicy_write_perms(zc->zc_name,
1200 1201 userquota_perms[zc->zc_objset_type], cr));
1201 1202 }
1202 1203
1203 1204 /* ARGSUSED */
1204 1205 static int
1205 1206 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1206 1207 {
1207 1208 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1208 1209 NULL, cr));
1209 1210 }
1210 1211
1211 1212 /* ARGSUSED */
1212 1213 static int
1213 1214 zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1214 1215 {
1215 1216 nvpair_t *pair;
1216 1217 nvlist_t *holds;
1217 1218 int error;
1218 1219
1219 1220 error = nvlist_lookup_nvlist(innvl, "holds", &holds);
1220 1221 if (error != 0)
1221 1222 return (SET_ERROR(EINVAL));
1222 1223
1223 1224 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
1224 1225 pair = nvlist_next_nvpair(holds, pair)) {
1225 1226 char fsname[MAXNAMELEN];
1226 1227 error = dmu_fsname(nvpair_name(pair), fsname);
1227 1228 if (error != 0)
1228 1229 return (error);
1229 1230 error = zfs_secpolicy_write_perms(fsname,
1230 1231 ZFS_DELEG_PERM_HOLD, cr);
1231 1232 if (error != 0)
1232 1233 return (error);
1233 1234 }
1234 1235 return (0);
1235 1236 }
1236 1237
1237 1238 /* ARGSUSED */
1238 1239 static int
1239 1240 zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1240 1241 {
1241 1242 nvpair_t *pair;
1242 1243 int error;
1243 1244
1244 1245 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1245 1246 pair = nvlist_next_nvpair(innvl, pair)) {
1246 1247 char fsname[MAXNAMELEN];
1247 1248 error = dmu_fsname(nvpair_name(pair), fsname);
1248 1249 if (error != 0)
1249 1250 return (error);
1250 1251 error = zfs_secpolicy_write_perms(fsname,
1251 1252 ZFS_DELEG_PERM_RELEASE, cr);
1252 1253 if (error != 0)
1253 1254 return (error);
1254 1255 }
1255 1256 return (0);
1256 1257 }
1257 1258
1258 1259 /*
1259 1260 * Policy for allowing temporary snapshots to be taken or released
1260 1261 */
1261 1262 static int
1262 1263 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1263 1264 {
1264 1265 /*
1265 1266 * A temporary snapshot is the same as a snapshot,
1266 1267 * hold, destroy and release all rolled into one.
1267 1268 * Delegated diff alone is sufficient that we allow this.
1268 1269 */
1269 1270 int error;
1270 1271
1271 1272 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1272 1273 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1273 1274 return (0);
1274 1275
1275 1276 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
1276 1277 if (error == 0)
1277 1278 error = zfs_secpolicy_hold(zc, innvl, cr);
1278 1279 if (error == 0)
1279 1280 error = zfs_secpolicy_release(zc, innvl, cr);
1280 1281 if (error == 0)
1281 1282 error = zfs_secpolicy_destroy(zc, innvl, cr);
1282 1283 return (error);
1283 1284 }
1284 1285
1285 1286 /*
1286 1287 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1287 1288 */
1288 1289 static int
1289 1290 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1290 1291 {
1291 1292 char *packed;
1292 1293 int error;
1293 1294 nvlist_t *list = NULL;
1294 1295
1295 1296 /*
1296 1297 * Read in and unpack the user-supplied nvlist.
1297 1298 */
1298 1299 if (size == 0)
1299 1300 return (SET_ERROR(EINVAL));
1300 1301
1301 1302 packed = kmem_alloc(size, KM_SLEEP);
1302 1303
1303 1304 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1304 1305 iflag)) != 0) {
1305 1306 kmem_free(packed, size);
1306 1307 return (SET_ERROR(EFAULT));
1307 1308 }
1308 1309
1309 1310 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1310 1311 kmem_free(packed, size);
1311 1312 return (error);
1312 1313 }
1313 1314
1314 1315 kmem_free(packed, size);
1315 1316
1316 1317 *nvp = list;
1317 1318 return (0);
1318 1319 }
1319 1320
1320 1321 /*
1321 1322 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1322 1323 * Entries will be removed from the end of the nvlist, and one int32 entry
1323 1324 * named "N_MORE_ERRORS" will be added indicating how many entries were
1324 1325 * removed.
1325 1326 */
1326 1327 static int
1327 1328 nvlist_smush(nvlist_t *errors, size_t max)
1328 1329 {
1329 1330 size_t size;
1330 1331
1331 1332 size = fnvlist_size(errors);
1332 1333
1333 1334 if (size > max) {
1334 1335 nvpair_t *more_errors;
1335 1336 int n = 0;
1336 1337
1337 1338 if (max < 1024)
1338 1339 return (SET_ERROR(ENOMEM));
1339 1340
1340 1341 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1341 1342 more_errors = nvlist_prev_nvpair(errors, NULL);
1342 1343
1343 1344 do {
1344 1345 nvpair_t *pair = nvlist_prev_nvpair(errors,
1345 1346 more_errors);
1346 1347 fnvlist_remove_nvpair(errors, pair);
1347 1348 n++;
1348 1349 size = fnvlist_size(errors);
1349 1350 } while (size > max);
1350 1351
1351 1352 fnvlist_remove_nvpair(errors, more_errors);
1352 1353 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1353 1354 ASSERT3U(fnvlist_size(errors), <=, max);
1354 1355 }
1355 1356
1356 1357 return (0);
1357 1358 }
1358 1359
1359 1360 static int
1360 1361 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1361 1362 {
1362 1363 char *packed = NULL;
1363 1364 int error = 0;
1364 1365 size_t size;
1365 1366
1366 1367 size = fnvlist_size(nvl);
1367 1368
1368 1369 if (size > zc->zc_nvlist_dst_size) {
1369 1370 error = SET_ERROR(ENOMEM);
1370 1371 } else {
1371 1372 packed = fnvlist_pack(nvl, &size);
1372 1373 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1373 1374 size, zc->zc_iflags) != 0)
1374 1375 error = SET_ERROR(EFAULT);
1375 1376 fnvlist_pack_free(packed, size);
1376 1377 }
1377 1378
1378 1379 zc->zc_nvlist_dst_size = size;
1379 1380 zc->zc_nvlist_dst_filled = B_TRUE;
1380 1381 return (error);
1381 1382 }
1382 1383
1383 1384 static int
1384 1385 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1385 1386 {
1386 1387 objset_t *os;
1387 1388 int error;
1388 1389
1389 1390 error = dmu_objset_hold(dsname, FTAG, &os);
1390 1391 if (error != 0)
1391 1392 return (error);
1392 1393 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1393 1394 dmu_objset_rele(os, FTAG);
1394 1395 return (SET_ERROR(EINVAL));
1395 1396 }
1396 1397
1397 1398 mutex_enter(&os->os_user_ptr_lock);
1398 1399 *zfvp = dmu_objset_get_user(os);
1399 1400 if (*zfvp) {
1400 1401 VFS_HOLD((*zfvp)->z_vfs);
1401 1402 } else {
1402 1403 error = SET_ERROR(ESRCH);
1403 1404 }
1404 1405 mutex_exit(&os->os_user_ptr_lock);
1405 1406 dmu_objset_rele(os, FTAG);
1406 1407 return (error);
1407 1408 }
1408 1409
1409 1410 /*
1410 1411 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1411 1412 * case its z_vfs will be NULL, and it will be opened as the owner.
1412 1413 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1413 1414 * which prevents all vnode ops from running.
1414 1415 */
1415 1416 static int
1416 1417 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1417 1418 {
1418 1419 int error = 0;
1419 1420
1420 1421 if (getzfsvfs(name, zfvp) != 0)
1421 1422 error = zfsvfs_create(name, zfvp);
1422 1423 if (error == 0) {
1423 1424 rrm_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1424 1425 RW_READER, tag);
1425 1426 if ((*zfvp)->z_unmounted) {
1426 1427 /*
1427 1428 * XXX we could probably try again, since the unmounting
1428 1429 * thread should be just about to disassociate the
1429 1430 * objset from the zfsvfs.
1430 1431 */
1431 1432 rrm_exit(&(*zfvp)->z_teardown_lock, tag);
1432 1433 return (SET_ERROR(EBUSY));
1433 1434 }
1434 1435 }
1435 1436 return (error);
1436 1437 }
1437 1438
1438 1439 static void
1439 1440 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1440 1441 {
1441 1442 rrm_exit(&zfsvfs->z_teardown_lock, tag);
1442 1443
1443 1444 if (zfsvfs->z_vfs) {
1444 1445 VFS_RELE(zfsvfs->z_vfs);
1445 1446 } else {
1446 1447 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1447 1448 zfsvfs_free(zfsvfs);
1448 1449 }
1449 1450 }
1450 1451
1451 1452 static int
1452 1453 zfs_ioc_pool_create(zfs_cmd_t *zc)
1453 1454 {
1454 1455 int error;
1455 1456 nvlist_t *config, *props = NULL;
1456 1457 nvlist_t *rootprops = NULL;
1457 1458 nvlist_t *zplprops = NULL;
1458 1459
1459 1460 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1460 1461 zc->zc_iflags, &config))
1461 1462 return (error);
1462 1463
1463 1464 if (zc->zc_nvlist_src_size != 0 && (error =
1464 1465 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1465 1466 zc->zc_iflags, &props))) {
1466 1467 nvlist_free(config);
1467 1468 return (error);
1468 1469 }
1469 1470
1470 1471 if (props) {
1471 1472 nvlist_t *nvl = NULL;
1472 1473 uint64_t version = SPA_VERSION;
1473 1474
1474 1475 (void) nvlist_lookup_uint64(props,
1475 1476 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1476 1477 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1477 1478 error = SET_ERROR(EINVAL);
1478 1479 goto pool_props_bad;
1479 1480 }
1480 1481 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1481 1482 if (nvl) {
1482 1483 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1483 1484 if (error != 0) {
1484 1485 nvlist_free(config);
1485 1486 nvlist_free(props);
1486 1487 return (error);
1487 1488 }
1488 1489 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1489 1490 }
1490 1491 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1491 1492 error = zfs_fill_zplprops_root(version, rootprops,
1492 1493 zplprops, NULL);
1493 1494 if (error != 0)
1494 1495 goto pool_props_bad;
1495 1496 }
1496 1497
1497 1498 error = spa_create(zc->zc_name, config, props, zplprops);
1498 1499
1499 1500 /*
1500 1501 * Set the remaining root properties
1501 1502 */
1502 1503 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1503 1504 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1504 1505 (void) spa_destroy(zc->zc_name);
1505 1506
1506 1507 pool_props_bad:
1507 1508 nvlist_free(rootprops);
1508 1509 nvlist_free(zplprops);
1509 1510 nvlist_free(config);
1510 1511 nvlist_free(props);
1511 1512
1512 1513 return (error);
1513 1514 }
1514 1515
1515 1516 static int
1516 1517 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1517 1518 {
1518 1519 int error;
1519 1520 zfs_log_history(zc);
1520 1521 error = spa_destroy(zc->zc_name);
1521 1522 if (error == 0)
1522 1523 zvol_remove_minors(zc->zc_name);
1523 1524 return (error);
1524 1525 }
1525 1526
1526 1527 static int
1527 1528 zfs_ioc_pool_import(zfs_cmd_t *zc)
1528 1529 {
1529 1530 nvlist_t *config, *props = NULL;
1530 1531 uint64_t guid;
1531 1532 int error;
1532 1533
1533 1534 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1534 1535 zc->zc_iflags, &config)) != 0)
1535 1536 return (error);
1536 1537
1537 1538 if (zc->zc_nvlist_src_size != 0 && (error =
1538 1539 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1539 1540 zc->zc_iflags, &props))) {
1540 1541 nvlist_free(config);
1541 1542 return (error);
1542 1543 }
1543 1544
1544 1545 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1545 1546 guid != zc->zc_guid)
1546 1547 error = SET_ERROR(EINVAL);
1547 1548 else
1548 1549 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1549 1550
1550 1551 if (zc->zc_nvlist_dst != 0) {
1551 1552 int err;
1552 1553
1553 1554 if ((err = put_nvlist(zc, config)) != 0)
1554 1555 error = err;
1555 1556 }
1556 1557
1557 1558 nvlist_free(config);
1558 1559
1559 1560 if (props)
1560 1561 nvlist_free(props);
1561 1562
1562 1563 return (error);
1563 1564 }
1564 1565
1565 1566 static int
1566 1567 zfs_ioc_pool_export(zfs_cmd_t *zc)
1567 1568 {
1568 1569 int error;
1569 1570 boolean_t force = (boolean_t)zc->zc_cookie;
1570 1571 boolean_t hardforce = (boolean_t)zc->zc_guid;
1571 1572
1572 1573 zfs_log_history(zc);
1573 1574 error = spa_export(zc->zc_name, NULL, force, hardforce);
1574 1575 if (error == 0)
1575 1576 zvol_remove_minors(zc->zc_name);
1576 1577 return (error);
1577 1578 }
1578 1579
1579 1580 static int
1580 1581 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1581 1582 {
1582 1583 nvlist_t *configs;
1583 1584 int error;
1584 1585
1585 1586 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1586 1587 return (SET_ERROR(EEXIST));
1587 1588
1588 1589 error = put_nvlist(zc, configs);
1589 1590
1590 1591 nvlist_free(configs);
1591 1592
1592 1593 return (error);
1593 1594 }
1594 1595
1595 1596 /*
1596 1597 * inputs:
1597 1598 * zc_name name of the pool
1598 1599 *
1599 1600 * outputs:
1600 1601 * zc_cookie real errno
1601 1602 * zc_nvlist_dst config nvlist
1602 1603 * zc_nvlist_dst_size size of config nvlist
1603 1604 */
1604 1605 static int
1605 1606 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1606 1607 {
1607 1608 nvlist_t *config;
1608 1609 int error;
1609 1610 int ret = 0;
1610 1611
1611 1612 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1612 1613 sizeof (zc->zc_value));
1613 1614
1614 1615 if (config != NULL) {
1615 1616 ret = put_nvlist(zc, config);
1616 1617 nvlist_free(config);
1617 1618
1618 1619 /*
1619 1620 * The config may be present even if 'error' is non-zero.
1620 1621 * In this case we return success, and preserve the real errno
1621 1622 * in 'zc_cookie'.
1622 1623 */
1623 1624 zc->zc_cookie = error;
1624 1625 } else {
1625 1626 ret = error;
1626 1627 }
1627 1628
1628 1629 return (ret);
1629 1630 }
1630 1631
1631 1632 /*
1632 1633 * Try to import the given pool, returning pool stats as appropriate so that
1633 1634 * user land knows which devices are available and overall pool health.
1634 1635 */
1635 1636 static int
1636 1637 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1637 1638 {
1638 1639 nvlist_t *tryconfig, *config;
1639 1640 int error;
1640 1641
1641 1642 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1642 1643 zc->zc_iflags, &tryconfig)) != 0)
1643 1644 return (error);
1644 1645
1645 1646 config = spa_tryimport(tryconfig);
1646 1647
1647 1648 nvlist_free(tryconfig);
1648 1649
1649 1650 if (config == NULL)
1650 1651 return (SET_ERROR(EINVAL));
1651 1652
1652 1653 error = put_nvlist(zc, config);
1653 1654 nvlist_free(config);
1654 1655
1655 1656 return (error);
1656 1657 }
1657 1658
1658 1659 /*
1659 1660 * inputs:
1660 1661 * zc_name name of the pool
1661 1662 * zc_cookie scan func (pool_scan_func_t)
1662 1663 */
1663 1664 static int
1664 1665 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1665 1666 {
1666 1667 spa_t *spa;
1667 1668 int error;
1668 1669
1669 1670 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1670 1671 return (error);
1671 1672
1672 1673 if (zc->zc_cookie == POOL_SCAN_NONE)
1673 1674 error = spa_scan_stop(spa);
1674 1675 else
1675 1676 error = spa_scan(spa, zc->zc_cookie);
1676 1677
1677 1678 spa_close(spa, FTAG);
1678 1679
1679 1680 return (error);
1680 1681 }
1681 1682
1682 1683 static int
1683 1684 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1684 1685 {
1685 1686 spa_t *spa;
1686 1687 int error;
1687 1688
1688 1689 error = spa_open(zc->zc_name, &spa, FTAG);
1689 1690 if (error == 0) {
1690 1691 spa_freeze(spa);
1691 1692 spa_close(spa, FTAG);
1692 1693 }
1693 1694 return (error);
1694 1695 }
1695 1696
1696 1697 static int
1697 1698 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1698 1699 {
1699 1700 spa_t *spa;
1700 1701 int error;
1701 1702
1702 1703 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1703 1704 return (error);
1704 1705
1705 1706 if (zc->zc_cookie < spa_version(spa) ||
1706 1707 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1707 1708 spa_close(spa, FTAG);
1708 1709 return (SET_ERROR(EINVAL));
1709 1710 }
1710 1711
1711 1712 spa_upgrade(spa, zc->zc_cookie);
1712 1713 spa_close(spa, FTAG);
1713 1714
1714 1715 return (error);
1715 1716 }
1716 1717
1717 1718 static int
1718 1719 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1719 1720 {
1720 1721 spa_t *spa;
1721 1722 char *hist_buf;
1722 1723 uint64_t size;
1723 1724 int error;
1724 1725
1725 1726 if ((size = zc->zc_history_len) == 0)
1726 1727 return (SET_ERROR(EINVAL));
1727 1728
1728 1729 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1729 1730 return (error);
1730 1731
1731 1732 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1732 1733 spa_close(spa, FTAG);
1733 1734 return (SET_ERROR(ENOTSUP));
1734 1735 }
1735 1736
1736 1737 hist_buf = kmem_alloc(size, KM_SLEEP);
1737 1738 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1738 1739 &zc->zc_history_len, hist_buf)) == 0) {
1739 1740 error = ddi_copyout(hist_buf,
1740 1741 (void *)(uintptr_t)zc->zc_history,
1741 1742 zc->zc_history_len, zc->zc_iflags);
1742 1743 }
1743 1744
1744 1745 spa_close(spa, FTAG);
1745 1746 kmem_free(hist_buf, size);
1746 1747 return (error);
1747 1748 }
1748 1749
1749 1750 static int
1750 1751 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1751 1752 {
1752 1753 spa_t *spa;
1753 1754 int error;
1754 1755
1755 1756 error = spa_open(zc->zc_name, &spa, FTAG);
1756 1757 if (error == 0) {
1757 1758 error = spa_change_guid(spa);
1758 1759 spa_close(spa, FTAG);
1759 1760 }
1760 1761 return (error);
1761 1762 }
1762 1763
1763 1764 static int
1764 1765 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1765 1766 {
1766 1767 return (dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value));
1767 1768 }
1768 1769
1769 1770 /*
1770 1771 * inputs:
1771 1772 * zc_name name of filesystem
1772 1773 * zc_obj object to find
1773 1774 *
1774 1775 * outputs:
1775 1776 * zc_value name of object
1776 1777 */
1777 1778 static int
1778 1779 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1779 1780 {
1780 1781 objset_t *os;
1781 1782 int error;
1782 1783
1783 1784 /* XXX reading from objset not owned */
1784 1785 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1785 1786 return (error);
1786 1787 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1787 1788 dmu_objset_rele(os, FTAG);
1788 1789 return (SET_ERROR(EINVAL));
1789 1790 }
1790 1791 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1791 1792 sizeof (zc->zc_value));
1792 1793 dmu_objset_rele(os, FTAG);
1793 1794
1794 1795 return (error);
1795 1796 }
1796 1797
1797 1798 /*
1798 1799 * inputs:
1799 1800 * zc_name name of filesystem
1800 1801 * zc_obj object to find
1801 1802 *
1802 1803 * outputs:
1803 1804 * zc_stat stats on object
1804 1805 * zc_value path to object
1805 1806 */
1806 1807 static int
1807 1808 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1808 1809 {
1809 1810 objset_t *os;
1810 1811 int error;
1811 1812
1812 1813 /* XXX reading from objset not owned */
1813 1814 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1814 1815 return (error);
1815 1816 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1816 1817 dmu_objset_rele(os, FTAG);
1817 1818 return (SET_ERROR(EINVAL));
1818 1819 }
1819 1820 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1820 1821 sizeof (zc->zc_value));
1821 1822 dmu_objset_rele(os, FTAG);
1822 1823
1823 1824 return (error);
1824 1825 }
1825 1826
1826 1827 static int
1827 1828 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1828 1829 {
1829 1830 spa_t *spa;
1830 1831 int error;
1831 1832 nvlist_t *config, **l2cache, **spares;
1832 1833 uint_t nl2cache = 0, nspares = 0;
1833 1834
1834 1835 error = spa_open(zc->zc_name, &spa, FTAG);
1835 1836 if (error != 0)
1836 1837 return (error);
1837 1838
1838 1839 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1839 1840 zc->zc_iflags, &config);
1840 1841 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1841 1842 &l2cache, &nl2cache);
1842 1843
1843 1844 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1844 1845 &spares, &nspares);
1845 1846
1846 1847 /*
1847 1848 * A root pool with concatenated devices is not supported.
1848 1849 * Thus, can not add a device to a root pool.
1849 1850 *
1850 1851 * Intent log device can not be added to a rootpool because
1851 1852 * during mountroot, zil is replayed, a seperated log device
1852 1853 * can not be accessed during the mountroot time.
1853 1854 *
1854 1855 * l2cache and spare devices are ok to be added to a rootpool.
1855 1856 */
1856 1857 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1857 1858 nvlist_free(config);
1858 1859 spa_close(spa, FTAG);
1859 1860 return (SET_ERROR(EDOM));
1860 1861 }
1861 1862
1862 1863 if (error == 0) {
1863 1864 error = spa_vdev_add(spa, config);
1864 1865 nvlist_free(config);
1865 1866 }
1866 1867 spa_close(spa, FTAG);
1867 1868 return (error);
1868 1869 }
1869 1870
1870 1871 /*
1871 1872 * inputs:
1872 1873 * zc_name name of the pool
1873 1874 * zc_nvlist_conf nvlist of devices to remove
1874 1875 * zc_cookie to stop the remove?
1875 1876 */
1876 1877 static int
1877 1878 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1878 1879 {
1879 1880 spa_t *spa;
1880 1881 int error;
1881 1882
1882 1883 error = spa_open(zc->zc_name, &spa, FTAG);
1883 1884 if (error != 0)
1884 1885 return (error);
1885 1886 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1886 1887 spa_close(spa, FTAG);
1887 1888 return (error);
1888 1889 }
1889 1890
1890 1891 static int
1891 1892 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1892 1893 {
1893 1894 spa_t *spa;
1894 1895 int error;
1895 1896 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1896 1897
1897 1898 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1898 1899 return (error);
1899 1900 switch (zc->zc_cookie) {
1900 1901 case VDEV_STATE_ONLINE:
1901 1902 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1902 1903 break;
1903 1904
1904 1905 case VDEV_STATE_OFFLINE:
1905 1906 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1906 1907 break;
1907 1908
1908 1909 case VDEV_STATE_FAULTED:
1909 1910 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1910 1911 zc->zc_obj != VDEV_AUX_EXTERNAL)
1911 1912 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1912 1913
1913 1914 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1914 1915 break;
1915 1916
1916 1917 case VDEV_STATE_DEGRADED:
1917 1918 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1918 1919 zc->zc_obj != VDEV_AUX_EXTERNAL)
1919 1920 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1920 1921
1921 1922 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1922 1923 break;
1923 1924
1924 1925 default:
1925 1926 error = SET_ERROR(EINVAL);
1926 1927 }
1927 1928 zc->zc_cookie = newstate;
1928 1929 spa_close(spa, FTAG);
1929 1930 return (error);
1930 1931 }
1931 1932
1932 1933 static int
1933 1934 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1934 1935 {
1935 1936 spa_t *spa;
1936 1937 int replacing = zc->zc_cookie;
1937 1938 nvlist_t *config;
1938 1939 int error;
1939 1940
1940 1941 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1941 1942 return (error);
1942 1943
1943 1944 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1944 1945 zc->zc_iflags, &config)) == 0) {
1945 1946 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1946 1947 nvlist_free(config);
1947 1948 }
1948 1949
1949 1950 spa_close(spa, FTAG);
1950 1951 return (error);
1951 1952 }
1952 1953
1953 1954 static int
1954 1955 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1955 1956 {
1956 1957 spa_t *spa;
1957 1958 int error;
1958 1959
1959 1960 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1960 1961 return (error);
1961 1962
1962 1963 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1963 1964
1964 1965 spa_close(spa, FTAG);
1965 1966 return (error);
1966 1967 }
1967 1968
1968 1969 static int
1969 1970 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1970 1971 {
1971 1972 spa_t *spa;
1972 1973 nvlist_t *config, *props = NULL;
1973 1974 int error;
1974 1975 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1975 1976
1976 1977 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1977 1978 return (error);
1978 1979
1979 1980 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1980 1981 zc->zc_iflags, &config)) {
1981 1982 spa_close(spa, FTAG);
1982 1983 return (error);
1983 1984 }
1984 1985
1985 1986 if (zc->zc_nvlist_src_size != 0 && (error =
1986 1987 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1987 1988 zc->zc_iflags, &props))) {
1988 1989 spa_close(spa, FTAG);
1989 1990 nvlist_free(config);
1990 1991 return (error);
1991 1992 }
1992 1993
1993 1994 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1994 1995
1995 1996 spa_close(spa, FTAG);
1996 1997
1997 1998 nvlist_free(config);
1998 1999 nvlist_free(props);
1999 2000
2000 2001 return (error);
2001 2002 }
2002 2003
2003 2004 static int
2004 2005 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
2005 2006 {
2006 2007 spa_t *spa;
2007 2008 char *path = zc->zc_value;
2008 2009 uint64_t guid = zc->zc_guid;
2009 2010 int error;
2010 2011
2011 2012 error = spa_open(zc->zc_name, &spa, FTAG);
2012 2013 if (error != 0)
2013 2014 return (error);
2014 2015
2015 2016 error = spa_vdev_setpath(spa, guid, path);
2016 2017 spa_close(spa, FTAG);
2017 2018 return (error);
2018 2019 }
2019 2020
2020 2021 static int
2021 2022 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
2022 2023 {
2023 2024 spa_t *spa;
2024 2025 char *fru = zc->zc_value;
2025 2026 uint64_t guid = zc->zc_guid;
2026 2027 int error;
2027 2028
2028 2029 error = spa_open(zc->zc_name, &spa, FTAG);
2029 2030 if (error != 0)
2030 2031 return (error);
2031 2032
2032 2033 error = spa_vdev_setfru(spa, guid, fru);
2033 2034 spa_close(spa, FTAG);
2034 2035 return (error);
2035 2036 }
2036 2037
2037 2038 static int
2038 2039 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
2039 2040 {
2040 2041 int error = 0;
2041 2042 nvlist_t *nv;
2042 2043
2043 2044 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2044 2045
2045 2046 if (zc->zc_nvlist_dst != 0 &&
2046 2047 (error = dsl_prop_get_all(os, &nv)) == 0) {
2047 2048 dmu_objset_stats(os, nv);
2048 2049 /*
2049 2050 * NB: zvol_get_stats() will read the objset contents,
2050 2051 * which we aren't supposed to do with a
2051 2052 * DS_MODE_USER hold, because it could be
2052 2053 * inconsistent. So this is a bit of a workaround...
2053 2054 * XXX reading with out owning
2054 2055 */
2055 2056 if (!zc->zc_objset_stats.dds_inconsistent &&
2056 2057 dmu_objset_type(os) == DMU_OST_ZVOL) {
2057 2058 error = zvol_get_stats(os, nv);
2058 2059 if (error == EIO)
2059 2060 return (error);
2060 2061 VERIFY0(error);
2061 2062 }
2062 2063 error = put_nvlist(zc, nv);
2063 2064 nvlist_free(nv);
2064 2065 }
2065 2066
2066 2067 return (error);
2067 2068 }
2068 2069
2069 2070 /*
2070 2071 * inputs:
2071 2072 * zc_name name of filesystem
2072 2073 * zc_nvlist_dst_size size of buffer for property nvlist
2073 2074 *
2074 2075 * outputs:
2075 2076 * zc_objset_stats stats
2076 2077 * zc_nvlist_dst property nvlist
2077 2078 * zc_nvlist_dst_size size of property nvlist
2078 2079 */
2079 2080 static int
2080 2081 zfs_ioc_objset_stats(zfs_cmd_t *zc)
2081 2082 {
2082 2083 objset_t *os;
2083 2084 int error;
2084 2085
2085 2086 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2086 2087 if (error == 0) {
2087 2088 error = zfs_ioc_objset_stats_impl(zc, os);
2088 2089 dmu_objset_rele(os, FTAG);
2089 2090 }
2090 2091
2091 2092 return (error);
2092 2093 }
2093 2094
2094 2095 /*
2095 2096 * inputs:
2096 2097 * zc_name name of filesystem
2097 2098 * zc_nvlist_dst_size size of buffer for property nvlist
2098 2099 *
2099 2100 * outputs:
2100 2101 * zc_nvlist_dst received property nvlist
2101 2102 * zc_nvlist_dst_size size of received property nvlist
2102 2103 *
2103 2104 * Gets received properties (distinct from local properties on or after
2104 2105 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2105 2106 * local property values.
2106 2107 */
2107 2108 static int
2108 2109 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
2109 2110 {
2110 2111 int error = 0;
2111 2112 nvlist_t *nv;
2112 2113
2113 2114 /*
2114 2115 * Without this check, we would return local property values if the
2115 2116 * caller has not already received properties on or after
2116 2117 * SPA_VERSION_RECVD_PROPS.
2117 2118 */
2118 2119 if (!dsl_prop_get_hasrecvd(zc->zc_name))
2119 2120 return (SET_ERROR(ENOTSUP));
2120 2121
2121 2122 if (zc->zc_nvlist_dst != 0 &&
2122 2123 (error = dsl_prop_get_received(zc->zc_name, &nv)) == 0) {
2123 2124 error = put_nvlist(zc, nv);
2124 2125 nvlist_free(nv);
2125 2126 }
2126 2127
2127 2128 return (error);
2128 2129 }
2129 2130
2130 2131 static int
2131 2132 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2132 2133 {
2133 2134 uint64_t value;
2134 2135 int error;
2135 2136
2136 2137 /*
2137 2138 * zfs_get_zplprop() will either find a value or give us
2138 2139 * the default value (if there is one).
2139 2140 */
2140 2141 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2141 2142 return (error);
2142 2143 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2143 2144 return (0);
2144 2145 }
2145 2146
2146 2147 /*
2147 2148 * inputs:
2148 2149 * zc_name name of filesystem
2149 2150 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2150 2151 *
2151 2152 * outputs:
2152 2153 * zc_nvlist_dst zpl property nvlist
2153 2154 * zc_nvlist_dst_size size of zpl property nvlist
2154 2155 */
2155 2156 static int
2156 2157 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2157 2158 {
2158 2159 objset_t *os;
2159 2160 int err;
2160 2161
2161 2162 /* XXX reading without owning */
2162 2163 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
2163 2164 return (err);
2164 2165
2165 2166 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2166 2167
2167 2168 /*
2168 2169 * NB: nvl_add_zplprop() will read the objset contents,
2169 2170 * which we aren't supposed to do with a DS_MODE_USER
2170 2171 * hold, because it could be inconsistent.
2171 2172 */
2172 2173 if (zc->zc_nvlist_dst != NULL &&
2173 2174 !zc->zc_objset_stats.dds_inconsistent &&
2174 2175 dmu_objset_type(os) == DMU_OST_ZFS) {
2175 2176 nvlist_t *nv;
2176 2177
2177 2178 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2178 2179 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2179 2180 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2180 2181 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2181 2182 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2182 2183 err = put_nvlist(zc, nv);
2183 2184 nvlist_free(nv);
2184 2185 } else {
2185 2186 err = SET_ERROR(ENOENT);
2186 2187 }
2187 2188 dmu_objset_rele(os, FTAG);
2188 2189 return (err);
2189 2190 }
2190 2191
2191 2192 static boolean_t
2192 2193 dataset_name_hidden(const char *name)
2193 2194 {
2194 2195 /*
2195 2196 * Skip over datasets that are not visible in this zone,
2196 2197 * internal datasets (which have a $ in their name), and
2197 2198 * temporary datasets (which have a % in their name).
2198 2199 */
2199 2200 if (strchr(name, '$') != NULL)
2200 2201 return (B_TRUE);
2201 2202 if (strchr(name, '%') != NULL)
2202 2203 return (B_TRUE);
2203 2204 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
2204 2205 return (B_TRUE);
2205 2206 return (B_FALSE);
2206 2207 }
2207 2208
2208 2209 /*
2209 2210 * inputs:
2210 2211 * zc_name name of filesystem
2211 2212 * zc_cookie zap cursor
2212 2213 * zc_nvlist_dst_size size of buffer for property nvlist
2213 2214 *
2214 2215 * outputs:
2215 2216 * zc_name name of next filesystem
2216 2217 * zc_cookie zap cursor
2217 2218 * zc_objset_stats stats
2218 2219 * zc_nvlist_dst property nvlist
2219 2220 * zc_nvlist_dst_size size of property nvlist
2220 2221 */
2221 2222 static int
2222 2223 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2223 2224 {
2224 2225 objset_t *os;
2225 2226 int error;
2226 2227 char *p;
2227 2228 size_t orig_len = strlen(zc->zc_name);
2228 2229
2229 2230 top:
2230 2231 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2231 2232 if (error == ENOENT)
2232 2233 error = SET_ERROR(ESRCH);
2233 2234 return (error);
2234 2235 }
2235 2236
2236 2237 p = strrchr(zc->zc_name, '/');
2237 2238 if (p == NULL || p[1] != '\0')
2238 2239 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2239 2240 p = zc->zc_name + strlen(zc->zc_name);
2240 2241
2241 2242 do {
2242 2243 error = dmu_dir_list_next(os,
2243 2244 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2244 2245 NULL, &zc->zc_cookie);
2245 2246 if (error == ENOENT)
2246 2247 error = SET_ERROR(ESRCH);
2247 2248 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2248 2249 dmu_objset_rele(os, FTAG);
2249 2250
2250 2251 /*
2251 2252 * If it's an internal dataset (ie. with a '$' in its name),
2252 2253 * don't try to get stats for it, otherwise we'll return ENOENT.
2253 2254 */
2254 2255 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2255 2256 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2256 2257 if (error == ENOENT) {
2257 2258 /* We lost a race with destroy, get the next one. */
2258 2259 zc->zc_name[orig_len] = '\0';
2259 2260 goto top;
2260 2261 }
2261 2262 }
2262 2263 return (error);
2263 2264 }
2264 2265
2265 2266 /*
2266 2267 * inputs:
2267 2268 * zc_name name of filesystem
2268 2269 * zc_cookie zap cursor
2269 2270 * zc_nvlist_dst_size size of buffer for property nvlist
2270 2271 *
2271 2272 * outputs:
2272 2273 * zc_name name of next snapshot
2273 2274 * zc_objset_stats stats
2274 2275 * zc_nvlist_dst property nvlist
2275 2276 * zc_nvlist_dst_size size of property nvlist
2276 2277 */
2277 2278 static int
2278 2279 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2279 2280 {
2280 2281 objset_t *os;
2281 2282 int error;
2282 2283
2283 2284 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2284 2285 if (error != 0) {
2285 2286 return (error == ENOENT ? ESRCH : error);
2286 2287 }
2287 2288
2288 2289 /*
2289 2290 * A dataset name of maximum length cannot have any snapshots,
2290 2291 * so exit immediately.
2291 2292 */
2292 2293 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2293 2294 dmu_objset_rele(os, FTAG);
2294 2295 return (SET_ERROR(ESRCH));
2295 2296 }
2296 2297
2297 2298 error = dmu_snapshot_list_next(os,
2298 2299 sizeof (zc->zc_name) - strlen(zc->zc_name),
2299 2300 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2300 2301 NULL);
2301 2302
2302 2303 if (error == 0) {
2303 2304 dsl_dataset_t *ds;
2304 2305 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2305 2306
2306 2307 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2307 2308 if (error == 0) {
2308 2309 objset_t *ossnap;
2309 2310
2310 2311 error = dmu_objset_from_ds(ds, &ossnap);
2311 2312 if (error == 0)
2312 2313 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2313 2314 dsl_dataset_rele(ds, FTAG);
2314 2315 }
2315 2316 } else if (error == ENOENT) {
2316 2317 error = SET_ERROR(ESRCH);
2317 2318 }
2318 2319
2319 2320 dmu_objset_rele(os, FTAG);
2320 2321 /* if we failed, undo the @ that we tacked on to zc_name */
2321 2322 if (error != 0)
2322 2323 *strchr(zc->zc_name, '@') = '\0';
2323 2324 return (error);
2324 2325 }
2325 2326
2326 2327 static int
2327 2328 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2328 2329 {
2329 2330 const char *propname = nvpair_name(pair);
2330 2331 uint64_t *valary;
2331 2332 unsigned int vallen;
2332 2333 const char *domain;
2333 2334 char *dash;
2334 2335 zfs_userquota_prop_t type;
2335 2336 uint64_t rid;
2336 2337 uint64_t quota;
2337 2338 zfsvfs_t *zfsvfs;
2338 2339 int err;
2339 2340
2340 2341 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2341 2342 nvlist_t *attrs;
2342 2343 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2343 2344 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2344 2345 &pair) != 0)
2345 2346 return (SET_ERROR(EINVAL));
2346 2347 }
2347 2348
2348 2349 /*
2349 2350 * A correctly constructed propname is encoded as
2350 2351 * userquota@<rid>-<domain>.
2351 2352 */
2352 2353 if ((dash = strchr(propname, '-')) == NULL ||
2353 2354 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2354 2355 vallen != 3)
2355 2356 return (SET_ERROR(EINVAL));
2356 2357
2357 2358 domain = dash + 1;
2358 2359 type = valary[0];
2359 2360 rid = valary[1];
2360 2361 quota = valary[2];
2361 2362
2362 2363 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2363 2364 if (err == 0) {
2364 2365 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2365 2366 zfsvfs_rele(zfsvfs, FTAG);
2366 2367 }
2367 2368
2368 2369 return (err);
2369 2370 }
2370 2371
2371 2372 /*
2372 2373 * If the named property is one that has a special function to set its value,
2373 2374 * return 0 on success and a positive error code on failure; otherwise if it is
2374 2375 * not one of the special properties handled by this function, return -1.
2375 2376 *
2376 2377 * XXX: It would be better for callers of the property interface if we handled
2377 2378 * these special cases in dsl_prop.c (in the dsl layer).
2378 2379 */
2379 2380 static int
2380 2381 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2381 2382 nvpair_t *pair)
2382 2383 {
2383 2384 const char *propname = nvpair_name(pair);
2384 2385 zfs_prop_t prop = zfs_name_to_prop(propname);
2385 2386 uint64_t intval;
2386 2387 int err = -1;
2387 2388
2388 2389 if (prop == ZPROP_INVAL) {
2389 2390 if (zfs_prop_userquota(propname))
2390 2391 return (zfs_prop_set_userquota(dsname, pair));
2391 2392 return (-1);
2392 2393 }
2393 2394
2394 2395 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2395 2396 nvlist_t *attrs;
2396 2397 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2397 2398 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2398 2399 &pair) == 0);
2399 2400 }
2400 2401
2401 2402 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2402 2403 return (-1);
2403 2404
2404 2405 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2405 2406
2406 2407 switch (prop) {
2407 2408 case ZFS_PROP_QUOTA:
2408 2409 err = dsl_dir_set_quota(dsname, source, intval);
2409 2410 break;
2410 2411 case ZFS_PROP_REFQUOTA:
2411 2412 err = dsl_dataset_set_refquota(dsname, source, intval);
2412 2413 break;
2413 2414 case ZFS_PROP_FILESYSTEM_LIMIT:
2414 2415 case ZFS_PROP_SNAPSHOT_LIMIT:
2415 2416 if (intval == UINT64_MAX) {
2416 2417 /* clearing the limit, just do it */
2417 2418 err = 0;
2418 2419 } else {
2419 2420 err = dsl_dir_activate_fs_ss_limit(dsname);
2420 2421 }
2421 2422 /*
2422 2423 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2423 2424 * default path to set the value in the nvlist.
2424 2425 */
2425 2426 if (err == 0)
2426 2427 err = -1;
2427 2428 break;
2428 2429 case ZFS_PROP_RESERVATION:
2429 2430 err = dsl_dir_set_reservation(dsname, source, intval);
2430 2431 break;
2431 2432 case ZFS_PROP_REFRESERVATION:
2432 2433 err = dsl_dataset_set_refreservation(dsname, source, intval);
2433 2434 break;
2434 2435 case ZFS_PROP_VOLSIZE:
2435 2436 err = zvol_set_volsize(dsname, intval);
2436 2437 break;
2437 2438 case ZFS_PROP_VERSION:
2438 2439 {
2439 2440 zfsvfs_t *zfsvfs;
2440 2441
2441 2442 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2442 2443 break;
2443 2444
2444 2445 err = zfs_set_version(zfsvfs, intval);
2445 2446 zfsvfs_rele(zfsvfs, FTAG);
2446 2447
2447 2448 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2448 2449 zfs_cmd_t *zc;
2449 2450
2450 2451 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2451 2452 (void) strcpy(zc->zc_name, dsname);
2452 2453 (void) zfs_ioc_userspace_upgrade(zc);
2453 2454 kmem_free(zc, sizeof (zfs_cmd_t));
2454 2455 }
2455 2456 break;
2456 2457 }
2457 2458 default:
2458 2459 err = -1;
2459 2460 }
2460 2461
2461 2462 return (err);
2462 2463 }
2463 2464
2464 2465 /*
2465 2466 * This function is best effort. If it fails to set any of the given properties,
2466 2467 * it continues to set as many as it can and returns the last error
2467 2468 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2468 2469 * with the list of names of all the properties that failed along with the
2469 2470 * corresponding error numbers.
2470 2471 *
2471 2472 * If every property is set successfully, zero is returned and errlist is not
2472 2473 * modified.
2473 2474 */
2474 2475 int
2475 2476 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2476 2477 nvlist_t *errlist)
2477 2478 {
2478 2479 nvpair_t *pair;
2479 2480 nvpair_t *propval;
2480 2481 int rv = 0;
2481 2482 uint64_t intval;
2482 2483 char *strval;
2483 2484 nvlist_t *genericnvl = fnvlist_alloc();
2484 2485 nvlist_t *retrynvl = fnvlist_alloc();
2485 2486
2486 2487 retry:
2487 2488 pair = NULL;
2488 2489 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2489 2490 const char *propname = nvpair_name(pair);
2490 2491 zfs_prop_t prop = zfs_name_to_prop(propname);
2491 2492 int err = 0;
2492 2493
2493 2494 /* decode the property value */
2494 2495 propval = pair;
2495 2496 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2496 2497 nvlist_t *attrs;
2497 2498 attrs = fnvpair_value_nvlist(pair);
2498 2499 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2499 2500 &propval) != 0)
2500 2501 err = SET_ERROR(EINVAL);
2501 2502 }
2502 2503
2503 2504 /* Validate value type */
2504 2505 if (err == 0 && prop == ZPROP_INVAL) {
2505 2506 if (zfs_prop_user(propname)) {
2506 2507 if (nvpair_type(propval) != DATA_TYPE_STRING)
2507 2508 err = SET_ERROR(EINVAL);
2508 2509 } else if (zfs_prop_userquota(propname)) {
2509 2510 if (nvpair_type(propval) !=
2510 2511 DATA_TYPE_UINT64_ARRAY)
2511 2512 err = SET_ERROR(EINVAL);
2512 2513 } else {
2513 2514 err = SET_ERROR(EINVAL);
2514 2515 }
2515 2516 } else if (err == 0) {
2516 2517 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2517 2518 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2518 2519 err = SET_ERROR(EINVAL);
2519 2520 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2520 2521 const char *unused;
2521 2522
2522 2523 intval = fnvpair_value_uint64(propval);
2523 2524
2524 2525 switch (zfs_prop_get_type(prop)) {
2525 2526 case PROP_TYPE_NUMBER:
2526 2527 break;
2527 2528 case PROP_TYPE_STRING:
2528 2529 err = SET_ERROR(EINVAL);
2529 2530 break;
2530 2531 case PROP_TYPE_INDEX:
2531 2532 if (zfs_prop_index_to_string(prop,
2532 2533 intval, &unused) != 0)
2533 2534 err = SET_ERROR(EINVAL);
2534 2535 break;
2535 2536 default:
2536 2537 cmn_err(CE_PANIC,
2537 2538 "unknown property type");
2538 2539 }
2539 2540 } else {
2540 2541 err = SET_ERROR(EINVAL);
2541 2542 }
2542 2543 }
2543 2544
2544 2545 /* Validate permissions */
2545 2546 if (err == 0)
2546 2547 err = zfs_check_settable(dsname, pair, CRED());
2547 2548
2548 2549 if (err == 0) {
2549 2550 err = zfs_prop_set_special(dsname, source, pair);
2550 2551 if (err == -1) {
2551 2552 /*
2552 2553 * For better performance we build up a list of
2553 2554 * properties to set in a single transaction.
2554 2555 */
2555 2556 err = nvlist_add_nvpair(genericnvl, pair);
2556 2557 } else if (err != 0 && nvl != retrynvl) {
2557 2558 /*
2558 2559 * This may be a spurious error caused by
2559 2560 * receiving quota and reservation out of order.
2560 2561 * Try again in a second pass.
2561 2562 */
2562 2563 err = nvlist_add_nvpair(retrynvl, pair);
2563 2564 }
2564 2565 }
2565 2566
2566 2567 if (err != 0) {
2567 2568 if (errlist != NULL)
2568 2569 fnvlist_add_int32(errlist, propname, err);
2569 2570 rv = err;
2570 2571 }
2571 2572 }
2572 2573
2573 2574 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2574 2575 nvl = retrynvl;
2575 2576 goto retry;
2576 2577 }
2577 2578
2578 2579 if (!nvlist_empty(genericnvl) &&
2579 2580 dsl_props_set(dsname, source, genericnvl) != 0) {
2580 2581 /*
2581 2582 * If this fails, we still want to set as many properties as we
2582 2583 * can, so try setting them individually.
2583 2584 */
2584 2585 pair = NULL;
2585 2586 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2586 2587 const char *propname = nvpair_name(pair);
2587 2588 int err = 0;
2588 2589
2589 2590 propval = pair;
2590 2591 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2591 2592 nvlist_t *attrs;
2592 2593 attrs = fnvpair_value_nvlist(pair);
2593 2594 propval = fnvlist_lookup_nvpair(attrs,
2594 2595 ZPROP_VALUE);
2595 2596 }
2596 2597
2597 2598 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2598 2599 strval = fnvpair_value_string(propval);
2599 2600 err = dsl_prop_set_string(dsname, propname,
2600 2601 source, strval);
2601 2602 } else {
2602 2603 intval = fnvpair_value_uint64(propval);
2603 2604 err = dsl_prop_set_int(dsname, propname, source,
2604 2605 intval);
2605 2606 }
2606 2607
2607 2608 if (err != 0) {
2608 2609 if (errlist != NULL) {
2609 2610 fnvlist_add_int32(errlist, propname,
2610 2611 err);
2611 2612 }
2612 2613 rv = err;
2613 2614 }
2614 2615 }
2615 2616 }
2616 2617 nvlist_free(genericnvl);
2617 2618 nvlist_free(retrynvl);
2618 2619
2619 2620 return (rv);
2620 2621 }
2621 2622
2622 2623 /*
2623 2624 * Check that all the properties are valid user properties.
2624 2625 */
2625 2626 static int
2626 2627 zfs_check_userprops(const char *fsname, nvlist_t *nvl)
2627 2628 {
2628 2629 nvpair_t *pair = NULL;
2629 2630 int error = 0;
2630 2631
2631 2632 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2632 2633 const char *propname = nvpair_name(pair);
2633 2634
2634 2635 if (!zfs_prop_user(propname) ||
2635 2636 nvpair_type(pair) != DATA_TYPE_STRING)
2636 2637 return (SET_ERROR(EINVAL));
2637 2638
2638 2639 if (error = zfs_secpolicy_write_perms(fsname,
2639 2640 ZFS_DELEG_PERM_USERPROP, CRED()))
2640 2641 return (error);
2641 2642
2642 2643 if (strlen(propname) >= ZAP_MAXNAMELEN)
2643 2644 return (SET_ERROR(ENAMETOOLONG));
2644 2645
2645 2646 if (strlen(fnvpair_value_string(pair)) >= ZAP_MAXVALUELEN)
2646 2647 return (E2BIG);
2647 2648 }
2648 2649 return (0);
2649 2650 }
2650 2651
2651 2652 static void
2652 2653 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2653 2654 {
2654 2655 nvpair_t *pair;
2655 2656
2656 2657 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2657 2658
2658 2659 pair = NULL;
2659 2660 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2660 2661 if (nvlist_exists(skipped, nvpair_name(pair)))
2661 2662 continue;
2662 2663
2663 2664 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2664 2665 }
2665 2666 }
2666 2667
2667 2668 static int
2668 2669 clear_received_props(const char *dsname, nvlist_t *props,
2669 2670 nvlist_t *skipped)
2670 2671 {
2671 2672 int err = 0;
2672 2673 nvlist_t *cleared_props = NULL;
2673 2674 props_skip(props, skipped, &cleared_props);
2674 2675 if (!nvlist_empty(cleared_props)) {
2675 2676 /*
2676 2677 * Acts on local properties until the dataset has received
2677 2678 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2678 2679 */
2679 2680 zprop_source_t flags = (ZPROP_SRC_NONE |
2680 2681 (dsl_prop_get_hasrecvd(dsname) ? ZPROP_SRC_RECEIVED : 0));
2681 2682 err = zfs_set_prop_nvlist(dsname, flags, cleared_props, NULL);
2682 2683 }
2683 2684 nvlist_free(cleared_props);
2684 2685 return (err);
2685 2686 }
2686 2687
2687 2688 /*
2688 2689 * inputs:
2689 2690 * zc_name name of filesystem
2690 2691 * zc_value name of property to set
2691 2692 * zc_nvlist_src{_size} nvlist of properties to apply
2692 2693 * zc_cookie received properties flag
2693 2694 *
2694 2695 * outputs:
2695 2696 * zc_nvlist_dst{_size} error for each unapplied received property
2696 2697 */
2697 2698 static int
2698 2699 zfs_ioc_set_prop(zfs_cmd_t *zc)
2699 2700 {
2700 2701 nvlist_t *nvl;
2701 2702 boolean_t received = zc->zc_cookie;
2702 2703 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2703 2704 ZPROP_SRC_LOCAL);
2704 2705 nvlist_t *errors;
2705 2706 int error;
2706 2707
2707 2708 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2708 2709 zc->zc_iflags, &nvl)) != 0)
2709 2710 return (error);
2710 2711
2711 2712 if (received) {
2712 2713 nvlist_t *origprops;
2713 2714
2714 2715 if (dsl_prop_get_received(zc->zc_name, &origprops) == 0) {
2715 2716 (void) clear_received_props(zc->zc_name,
2716 2717 origprops, nvl);
2717 2718 nvlist_free(origprops);
2718 2719 }
2719 2720
2720 2721 error = dsl_prop_set_hasrecvd(zc->zc_name);
2721 2722 }
2722 2723
2723 2724 errors = fnvlist_alloc();
2724 2725 if (error == 0)
2725 2726 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
2726 2727
2727 2728 if (zc->zc_nvlist_dst != NULL && errors != NULL) {
2728 2729 (void) put_nvlist(zc, errors);
2729 2730 }
2730 2731
2731 2732 nvlist_free(errors);
2732 2733 nvlist_free(nvl);
2733 2734 return (error);
2734 2735 }
2735 2736
2736 2737 /*
2737 2738 * inputs:
2738 2739 * zc_name name of filesystem
2739 2740 * zc_value name of property to inherit
2740 2741 * zc_cookie revert to received value if TRUE
2741 2742 *
2742 2743 * outputs: none
2743 2744 */
2744 2745 static int
2745 2746 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2746 2747 {
2747 2748 const char *propname = zc->zc_value;
2748 2749 zfs_prop_t prop = zfs_name_to_prop(propname);
2749 2750 boolean_t received = zc->zc_cookie;
2750 2751 zprop_source_t source = (received
2751 2752 ? ZPROP_SRC_NONE /* revert to received value, if any */
2752 2753 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2753 2754
2754 2755 if (received) {
2755 2756 nvlist_t *dummy;
2756 2757 nvpair_t *pair;
2757 2758 zprop_type_t type;
2758 2759 int err;
2759 2760
2760 2761 /*
2761 2762 * zfs_prop_set_special() expects properties in the form of an
2762 2763 * nvpair with type info.
2763 2764 */
2764 2765 if (prop == ZPROP_INVAL) {
2765 2766 if (!zfs_prop_user(propname))
2766 2767 return (SET_ERROR(EINVAL));
2767 2768
2768 2769 type = PROP_TYPE_STRING;
2769 2770 } else if (prop == ZFS_PROP_VOLSIZE ||
2770 2771 prop == ZFS_PROP_VERSION) {
2771 2772 return (SET_ERROR(EINVAL));
2772 2773 } else {
2773 2774 type = zfs_prop_get_type(prop);
2774 2775 }
2775 2776
2776 2777 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2777 2778
2778 2779 switch (type) {
2779 2780 case PROP_TYPE_STRING:
2780 2781 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2781 2782 break;
2782 2783 case PROP_TYPE_NUMBER:
2783 2784 case PROP_TYPE_INDEX:
2784 2785 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2785 2786 break;
2786 2787 default:
2787 2788 nvlist_free(dummy);
2788 2789 return (SET_ERROR(EINVAL));
2789 2790 }
2790 2791
2791 2792 pair = nvlist_next_nvpair(dummy, NULL);
2792 2793 err = zfs_prop_set_special(zc->zc_name, source, pair);
2793 2794 nvlist_free(dummy);
2794 2795 if (err != -1)
2795 2796 return (err); /* special property already handled */
2796 2797 } else {
2797 2798 /*
2798 2799 * Only check this in the non-received case. We want to allow
2799 2800 * 'inherit -S' to revert non-inheritable properties like quota
2800 2801 * and reservation to the received or default values even though
2801 2802 * they are not considered inheritable.
2802 2803 */
2803 2804 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2804 2805 return (SET_ERROR(EINVAL));
2805 2806 }
2806 2807
2807 2808 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2808 2809 return (dsl_prop_inherit(zc->zc_name, zc->zc_value, source));
2809 2810 }
2810 2811
2811 2812 static int
2812 2813 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2813 2814 {
2814 2815 nvlist_t *props;
2815 2816 spa_t *spa;
2816 2817 int error;
2817 2818 nvpair_t *pair;
2818 2819
2819 2820 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2820 2821 zc->zc_iflags, &props))
2821 2822 return (error);
2822 2823
2823 2824 /*
2824 2825 * If the only property is the configfile, then just do a spa_lookup()
2825 2826 * to handle the faulted case.
2826 2827 */
2827 2828 pair = nvlist_next_nvpair(props, NULL);
2828 2829 if (pair != NULL && strcmp(nvpair_name(pair),
2829 2830 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2830 2831 nvlist_next_nvpair(props, pair) == NULL) {
2831 2832 mutex_enter(&spa_namespace_lock);
2832 2833 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2833 2834 spa_configfile_set(spa, props, B_FALSE);
2834 2835 spa_config_sync(spa, B_FALSE, B_TRUE);
2835 2836 }
2836 2837 mutex_exit(&spa_namespace_lock);
2837 2838 if (spa != NULL) {
2838 2839 nvlist_free(props);
2839 2840 return (0);
2840 2841 }
2841 2842 }
2842 2843
2843 2844 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2844 2845 nvlist_free(props);
2845 2846 return (error);
2846 2847 }
2847 2848
2848 2849 error = spa_prop_set(spa, props);
2849 2850
2850 2851 nvlist_free(props);
2851 2852 spa_close(spa, FTAG);
2852 2853
2853 2854 return (error);
2854 2855 }
2855 2856
2856 2857 static int
2857 2858 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2858 2859 {
2859 2860 spa_t *spa;
2860 2861 int error;
2861 2862 nvlist_t *nvp = NULL;
2862 2863
2863 2864 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2864 2865 /*
2865 2866 * If the pool is faulted, there may be properties we can still
2866 2867 * get (such as altroot and cachefile), so attempt to get them
2867 2868 * anyway.
2868 2869 */
2869 2870 mutex_enter(&spa_namespace_lock);
2870 2871 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2871 2872 error = spa_prop_get(spa, &nvp);
2872 2873 mutex_exit(&spa_namespace_lock);
2873 2874 } else {
2874 2875 error = spa_prop_get(spa, &nvp);
2875 2876 spa_close(spa, FTAG);
2876 2877 }
2877 2878
2878 2879 if (error == 0 && zc->zc_nvlist_dst != NULL)
2879 2880 error = put_nvlist(zc, nvp);
2880 2881 else
2881 2882 error = SET_ERROR(EFAULT);
2882 2883
2883 2884 nvlist_free(nvp);
2884 2885 return (error);
2885 2886 }
2886 2887
2887 2888 /*
2888 2889 * inputs:
2889 2890 * zc_name name of filesystem
2890 2891 * zc_nvlist_src{_size} nvlist of delegated permissions
2891 2892 * zc_perm_action allow/unallow flag
2892 2893 *
2893 2894 * outputs: none
2894 2895 */
2895 2896 static int
2896 2897 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2897 2898 {
2898 2899 int error;
2899 2900 nvlist_t *fsaclnv = NULL;
2900 2901
2901 2902 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2902 2903 zc->zc_iflags, &fsaclnv)) != 0)
2903 2904 return (error);
2904 2905
2905 2906 /*
2906 2907 * Verify nvlist is constructed correctly
2907 2908 */
2908 2909 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2909 2910 nvlist_free(fsaclnv);
2910 2911 return (SET_ERROR(EINVAL));
2911 2912 }
2912 2913
2913 2914 /*
2914 2915 * If we don't have PRIV_SYS_MOUNT, then validate
2915 2916 * that user is allowed to hand out each permission in
2916 2917 * the nvlist(s)
2917 2918 */
2918 2919
2919 2920 error = secpolicy_zfs(CRED());
2920 2921 if (error != 0) {
2921 2922 if (zc->zc_perm_action == B_FALSE) {
2922 2923 error = dsl_deleg_can_allow(zc->zc_name,
2923 2924 fsaclnv, CRED());
2924 2925 } else {
2925 2926 error = dsl_deleg_can_unallow(zc->zc_name,
2926 2927 fsaclnv, CRED());
2927 2928 }
2928 2929 }
2929 2930
2930 2931 if (error == 0)
2931 2932 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2932 2933
2933 2934 nvlist_free(fsaclnv);
2934 2935 return (error);
2935 2936 }
2936 2937
2937 2938 /*
2938 2939 * inputs:
2939 2940 * zc_name name of filesystem
2940 2941 *
2941 2942 * outputs:
2942 2943 * zc_nvlist_src{_size} nvlist of delegated permissions
2943 2944 */
2944 2945 static int
2945 2946 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2946 2947 {
2947 2948 nvlist_t *nvp;
2948 2949 int error;
2949 2950
2950 2951 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2951 2952 error = put_nvlist(zc, nvp);
2952 2953 nvlist_free(nvp);
2953 2954 }
2954 2955
2955 2956 return (error);
2956 2957 }
2957 2958
2958 2959 /*
2959 2960 * Search the vfs list for a specified resource. Returns a pointer to it
2960 2961 * or NULL if no suitable entry is found. The caller of this routine
2961 2962 * is responsible for releasing the returned vfs pointer.
2962 2963 */
2963 2964 static vfs_t *
2964 2965 zfs_get_vfs(const char *resource)
2965 2966 {
2966 2967 struct vfs *vfsp;
2967 2968 struct vfs *vfs_found = NULL;
2968 2969
2969 2970 vfs_list_read_lock();
2970 2971 vfsp = rootvfs;
2971 2972 do {
2972 2973 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2973 2974 VFS_HOLD(vfsp);
2974 2975 vfs_found = vfsp;
2975 2976 break;
2976 2977 }
2977 2978 vfsp = vfsp->vfs_next;
2978 2979 } while (vfsp != rootvfs);
2979 2980 vfs_list_unlock();
2980 2981 return (vfs_found);
2981 2982 }
2982 2983
2983 2984 /* ARGSUSED */
2984 2985 static void
2985 2986 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2986 2987 {
2987 2988 zfs_creat_t *zct = arg;
2988 2989
2989 2990 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2990 2991 }
2991 2992
2992 2993 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2993 2994
2994 2995 /*
2995 2996 * inputs:
2996 2997 * os parent objset pointer (NULL if root fs)
2997 2998 * fuids_ok fuids allowed in this version of the spa?
2998 2999 * sa_ok SAs allowed in this version of the spa?
2999 3000 * createprops list of properties requested by creator
3000 3001 *
3001 3002 * outputs:
3002 3003 * zplprops values for the zplprops we attach to the master node object
3003 3004 * is_ci true if requested file system will be purely case-insensitive
3004 3005 *
3005 3006 * Determine the settings for utf8only, normalization and
3006 3007 * casesensitivity. Specific values may have been requested by the
3007 3008 * creator and/or we can inherit values from the parent dataset. If
3008 3009 * the file system is of too early a vintage, a creator can not
3009 3010 * request settings for these properties, even if the requested
3010 3011 * setting is the default value. We don't actually want to create dsl
3011 3012 * properties for these, so remove them from the source nvlist after
3012 3013 * processing.
3013 3014 */
3014 3015 static int
3015 3016 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
3016 3017 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
3017 3018 nvlist_t *zplprops, boolean_t *is_ci)
3018 3019 {
3019 3020 uint64_t sense = ZFS_PROP_UNDEFINED;
3020 3021 uint64_t norm = ZFS_PROP_UNDEFINED;
3021 3022 uint64_t u8 = ZFS_PROP_UNDEFINED;
3022 3023
3023 3024 ASSERT(zplprops != NULL);
3024 3025
3025 3026 /*
3026 3027 * Pull out creator prop choices, if any.
3027 3028 */
3028 3029 if (createprops) {
3029 3030 (void) nvlist_lookup_uint64(createprops,
3030 3031 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
3031 3032 (void) nvlist_lookup_uint64(createprops,
3032 3033 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
3033 3034 (void) nvlist_remove_all(createprops,
3034 3035 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
3035 3036 (void) nvlist_lookup_uint64(createprops,
3036 3037 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
3037 3038 (void) nvlist_remove_all(createprops,
3038 3039 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
3039 3040 (void) nvlist_lookup_uint64(createprops,
3040 3041 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
3041 3042 (void) nvlist_remove_all(createprops,
3042 3043 zfs_prop_to_name(ZFS_PROP_CASE));
3043 3044 }
3044 3045
3045 3046 /*
3046 3047 * If the zpl version requested is whacky or the file system
3047 3048 * or pool is version is too "young" to support normalization
3048 3049 * and the creator tried to set a value for one of the props,
3049 3050 * error out.
3050 3051 */
3051 3052 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
3052 3053 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
3053 3054 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
3054 3055 (zplver < ZPL_VERSION_NORMALIZATION &&
3055 3056 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
3056 3057 sense != ZFS_PROP_UNDEFINED)))
3057 3058 return (SET_ERROR(ENOTSUP));
3058 3059
3059 3060 /*
3060 3061 * Put the version in the zplprops
3061 3062 */
3062 3063 VERIFY(nvlist_add_uint64(zplprops,
3063 3064 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
3064 3065
3065 3066 if (norm == ZFS_PROP_UNDEFINED)
3066 3067 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
3067 3068 VERIFY(nvlist_add_uint64(zplprops,
3068 3069 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3069 3070
3070 3071 /*
3071 3072 * If we're normalizing, names must always be valid UTF-8 strings.
3072 3073 */
3073 3074 if (norm)
3074 3075 u8 = 1;
3075 3076 if (u8 == ZFS_PROP_UNDEFINED)
3076 3077 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
3077 3078 VERIFY(nvlist_add_uint64(zplprops,
3078 3079 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3079 3080
3080 3081 if (sense == ZFS_PROP_UNDEFINED)
3081 3082 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
3082 3083 VERIFY(nvlist_add_uint64(zplprops,
3083 3084 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3084 3085
3085 3086 if (is_ci)
3086 3087 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3087 3088
3088 3089 return (0);
3089 3090 }
3090 3091
3091 3092 static int
3092 3093 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3093 3094 nvlist_t *zplprops, boolean_t *is_ci)
3094 3095 {
3095 3096 boolean_t fuids_ok, sa_ok;
3096 3097 uint64_t zplver = ZPL_VERSION;
3097 3098 objset_t *os = NULL;
3098 3099 char parentname[MAXNAMELEN];
3099 3100 char *cp;
3100 3101 spa_t *spa;
3101 3102 uint64_t spa_vers;
3102 3103 int error;
3103 3104
3104 3105 (void) strlcpy(parentname, dataset, sizeof (parentname));
3105 3106 cp = strrchr(parentname, '/');
3106 3107 ASSERT(cp != NULL);
3107 3108 cp[0] = '\0';
3108 3109
3109 3110 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3110 3111 return (error);
3111 3112
3112 3113 spa_vers = spa_version(spa);
3113 3114 spa_close(spa, FTAG);
3114 3115
3115 3116 zplver = zfs_zpl_version_map(spa_vers);
3116 3117 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3117 3118 sa_ok = (zplver >= ZPL_VERSION_SA);
3118 3119
3119 3120 /*
3120 3121 * Open parent object set so we can inherit zplprop values.
3121 3122 */
3122 3123 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
3123 3124 return (error);
3124 3125
3125 3126 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
3126 3127 zplprops, is_ci);
3127 3128 dmu_objset_rele(os, FTAG);
3128 3129 return (error);
3129 3130 }
3130 3131
3131 3132 static int
3132 3133 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3133 3134 nvlist_t *zplprops, boolean_t *is_ci)
3134 3135 {
3135 3136 boolean_t fuids_ok;
3136 3137 boolean_t sa_ok;
3137 3138 uint64_t zplver = ZPL_VERSION;
3138 3139 int error;
3139 3140
3140 3141 zplver = zfs_zpl_version_map(spa_vers);
3141 3142 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3142 3143 sa_ok = (zplver >= ZPL_VERSION_SA);
3143 3144
3144 3145 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3145 3146 createprops, zplprops, is_ci);
3146 3147 return (error);
3147 3148 }
3148 3149
3149 3150 /*
3150 3151 * innvl: {
3151 3152 * "type" -> dmu_objset_type_t (int32)
3152 3153 * (optional) "props" -> { prop -> value }
3153 3154 * }
3154 3155 *
3155 3156 * outnvl: propname -> error code (int32)
3156 3157 */
3157 3158 static int
3158 3159 zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3159 3160 {
3160 3161 int error = 0;
3161 3162 zfs_creat_t zct = { 0 };
3162 3163 nvlist_t *nvprops = NULL;
3163 3164 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3164 3165 int32_t type32;
3165 3166 dmu_objset_type_t type;
3166 3167 boolean_t is_insensitive = B_FALSE;
3167 3168
3168 3169 if (nvlist_lookup_int32(innvl, "type", &type32) != 0)
3169 3170 return (SET_ERROR(EINVAL));
3170 3171 type = type32;
3171 3172 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3172 3173
3173 3174 switch (type) {
3174 3175 case DMU_OST_ZFS:
3175 3176 cbfunc = zfs_create_cb;
3176 3177 break;
3177 3178
3178 3179 case DMU_OST_ZVOL:
3179 3180 cbfunc = zvol_create_cb;
3180 3181 break;
3181 3182
3182 3183 default:
3183 3184 cbfunc = NULL;
3184 3185 break;
3185 3186 }
3186 3187 if (strchr(fsname, '@') ||
3187 3188 strchr(fsname, '%'))
3188 3189 return (SET_ERROR(EINVAL));
3189 3190
3190 3191 zct.zct_props = nvprops;
3191 3192
3192 3193 if (cbfunc == NULL)
3193 3194 return (SET_ERROR(EINVAL));
3194 3195
3195 3196 if (type == DMU_OST_ZVOL) {
3196 3197 uint64_t volsize, volblocksize;
3197 3198
3198 3199 if (nvprops == NULL)
3199 3200 return (SET_ERROR(EINVAL));
3200 3201 if (nvlist_lookup_uint64(nvprops,
3201 3202 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
3202 3203 return (SET_ERROR(EINVAL));
3203 3204
3204 3205 if ((error = nvlist_lookup_uint64(nvprops,
3205 3206 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3206 3207 &volblocksize)) != 0 && error != ENOENT)
3207 3208 return (SET_ERROR(EINVAL));
3208 3209
3209 3210 if (error != 0)
3210 3211 volblocksize = zfs_prop_default_numeric(
3211 3212 ZFS_PROP_VOLBLOCKSIZE);
3212 3213
3213 3214 if ((error = zvol_check_volblocksize(
3214 3215 volblocksize)) != 0 ||
3215 3216 (error = zvol_check_volsize(volsize,
3216 3217 volblocksize)) != 0)
3217 3218 return (error);
3218 3219 } else if (type == DMU_OST_ZFS) {
3219 3220 int error;
3220 3221
3221 3222 /*
3222 3223 * We have to have normalization and
3223 3224 * case-folding flags correct when we do the
3224 3225 * file system creation, so go figure them out
3225 3226 * now.
3226 3227 */
3227 3228 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3228 3229 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3229 3230 error = zfs_fill_zplprops(fsname, nvprops,
3230 3231 zct.zct_zplprops, &is_insensitive);
3231 3232 if (error != 0) {
3232 3233 nvlist_free(zct.zct_zplprops);
3233 3234 return (error);
3234 3235 }
3235 3236 }
3236 3237
3237 3238 error = dmu_objset_create(fsname, type,
3238 3239 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3239 3240 nvlist_free(zct.zct_zplprops);
3240 3241
3241 3242 /*
3242 3243 * It would be nice to do this atomically.
3243 3244 */
3244 3245 if (error == 0) {
3245 3246 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3246 3247 nvprops, outnvl);
3247 3248 if (error != 0)
3248 3249 (void) dsl_destroy_head(fsname);
3249 3250 }
3250 3251 return (error);
3251 3252 }
3252 3253
3253 3254 /*
3254 3255 * innvl: {
3255 3256 * "origin" -> name of origin snapshot
3256 3257 * (optional) "props" -> { prop -> value }
3257 3258 * }
3258 3259 *
3259 3260 * outnvl: propname -> error code (int32)
3260 3261 */
3261 3262 static int
3262 3263 zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3263 3264 {
3264 3265 int error = 0;
3265 3266 nvlist_t *nvprops = NULL;
3266 3267 char *origin_name;
3267 3268
3268 3269 if (nvlist_lookup_string(innvl, "origin", &origin_name) != 0)
3269 3270 return (SET_ERROR(EINVAL));
3270 3271 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3271 3272
3272 3273 if (strchr(fsname, '@') ||
3273 3274 strchr(fsname, '%'))
3274 3275 return (SET_ERROR(EINVAL));
3275 3276
3276 3277 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
3277 3278 return (SET_ERROR(EINVAL));
3278 3279 error = dmu_objset_clone(fsname, origin_name);
3279 3280 if (error != 0)
3280 3281 return (error);
3281 3282
3282 3283 /*
3283 3284 * It would be nice to do this atomically.
3284 3285 */
3285 3286 if (error == 0) {
3286 3287 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3287 3288 nvprops, outnvl);
3288 3289 if (error != 0)
3289 3290 (void) dsl_destroy_head(fsname);
3290 3291 }
3291 3292 return (error);
3292 3293 }
3293 3294
3294 3295 /*
3295 3296 * innvl: {
3296 3297 * "snaps" -> { snapshot1, snapshot2 }
3297 3298 * (optional) "props" -> { prop -> value (string) }
3298 3299 * }
3299 3300 *
3300 3301 * outnvl: snapshot -> error code (int32)
3301 3302 */
3302 3303 static int
3303 3304 zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3304 3305 {
3305 3306 nvlist_t *snaps;
3306 3307 nvlist_t *props = NULL;
3307 3308 int error, poollen;
3308 3309 nvpair_t *pair;
3309 3310
3310 3311 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3311 3312 if ((error = zfs_check_userprops(poolname, props)) != 0)
3312 3313 return (error);
3313 3314
3314 3315 if (!nvlist_empty(props) &&
3315 3316 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
3316 3317 return (SET_ERROR(ENOTSUP));
3317 3318
3318 3319 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3319 3320 return (SET_ERROR(EINVAL));
3320 3321 poollen = strlen(poolname);
3321 3322 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3322 3323 pair = nvlist_next_nvpair(snaps, pair)) {
3323 3324 const char *name = nvpair_name(pair);
3324 3325 const char *cp = strchr(name, '@');
3325 3326
3326 3327 /*
3327 3328 * The snap name must contain an @, and the part after it must
3328 3329 * contain only valid characters.
3329 3330 */
3330 3331 if (cp == NULL ||
3331 3332 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3332 3333 return (SET_ERROR(EINVAL));
3333 3334
3334 3335 /*
3335 3336 * The snap must be in the specified pool.
3336 3337 */
3337 3338 if (strncmp(name, poolname, poollen) != 0 ||
3338 3339 (name[poollen] != '/' && name[poollen] != '@'))
3339 3340 return (SET_ERROR(EXDEV));
3340 3341
3341 3342 /* This must be the only snap of this fs. */
3342 3343 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
3343 3344 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3344 3345 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3345 3346 == 0) {
3346 3347 return (SET_ERROR(EXDEV));
3347 3348 }
3348 3349 }
3349 3350 }
3350 3351
3351 3352 error = dsl_dataset_snapshot(snaps, props, outnvl);
3352 3353 return (error);
3353 3354 }
3354 3355
3355 3356 /*
3356 3357 * innvl: "message" -> string
3357 3358 */
3358 3359 /* ARGSUSED */
3359 3360 static int
3360 3361 zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3361 3362 {
3362 3363 char *message;
3363 3364 spa_t *spa;
3364 3365 int error;
3365 3366 char *poolname;
3366 3367
3367 3368 /*
3368 3369 * The poolname in the ioctl is not set, we get it from the TSD,
3369 3370 * which was set at the end of the last successful ioctl that allows
3370 3371 * logging. The secpolicy func already checked that it is set.
3371 3372 * Only one log ioctl is allowed after each successful ioctl, so
3372 3373 * we clear the TSD here.
3373 3374 */
3374 3375 poolname = tsd_get(zfs_allow_log_key);
3375 3376 (void) tsd_set(zfs_allow_log_key, NULL);
3376 3377 error = spa_open(poolname, &spa, FTAG);
3377 3378 strfree(poolname);
3378 3379 if (error != 0)
3379 3380 return (error);
3380 3381
3381 3382 if (nvlist_lookup_string(innvl, "message", &message) != 0) {
3382 3383 spa_close(spa, FTAG);
3383 3384 return (SET_ERROR(EINVAL));
3384 3385 }
3385 3386
3386 3387 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3387 3388 spa_close(spa, FTAG);
3388 3389 return (SET_ERROR(ENOTSUP));
3389 3390 }
3390 3391
3391 3392 error = spa_history_log(spa, message);
3392 3393 spa_close(spa, FTAG);
3393 3394 return (error);
3394 3395 }
3395 3396
3396 3397 /*
3397 3398 * The dp_config_rwlock must not be held when calling this, because the
3398 3399 * unmount may need to write out data.
3399 3400 *
3400 3401 * This function is best-effort. Callers must deal gracefully if it
3401 3402 * remains mounted (or is remounted after this call).
3402 3403 *
3403 3404 * Returns 0 if the argument is not a snapshot, or it is not currently a
3404 3405 * filesystem, or we were able to unmount it. Returns error code otherwise.
3405 3406 */
3406 3407 int
3407 3408 zfs_unmount_snap(const char *snapname)
3408 3409 {
3409 3410 vfs_t *vfsp;
3410 3411 zfsvfs_t *zfsvfs;
3411 3412 int err;
3412 3413
3413 3414 if (strchr(snapname, '@') == NULL)
3414 3415 return (0);
3415 3416
3416 3417 vfsp = zfs_get_vfs(snapname);
3417 3418 if (vfsp == NULL)
3418 3419 return (0);
3419 3420
3420 3421 zfsvfs = vfsp->vfs_data;
3421 3422 ASSERT(!dsl_pool_config_held(dmu_objset_pool(zfsvfs->z_os)));
3422 3423
3423 3424 err = vn_vfswlock(vfsp->vfs_vnodecovered);
3424 3425 VFS_RELE(vfsp);
3425 3426 if (err != 0)
3426 3427 return (SET_ERROR(err));
3427 3428
3428 3429 /*
3429 3430 * Always force the unmount for snapshots.
3430 3431 */
3431 3432 (void) dounmount(vfsp, MS_FORCE, kcred);
3432 3433 return (0);
3433 3434 }
3434 3435
3435 3436 /* ARGSUSED */
3436 3437 static int
3437 3438 zfs_unmount_snap_cb(const char *snapname, void *arg)
3438 3439 {
3439 3440 return (zfs_unmount_snap(snapname));
3440 3441 }
3441 3442
3442 3443 /*
3443 3444 * When a clone is destroyed, its origin may also need to be destroyed,
3444 3445 * in which case it must be unmounted. This routine will do that unmount
3445 3446 * if necessary.
3446 3447 */
3447 3448 void
3448 3449 zfs_destroy_unmount_origin(const char *fsname)
3449 3450 {
3450 3451 int error;
3451 3452 objset_t *os;
3452 3453 dsl_dataset_t *ds;
3453 3454
3454 3455 error = dmu_objset_hold(fsname, FTAG, &os);
3455 3456 if (error != 0)
3456 3457 return;
3457 3458 ds = dmu_objset_ds(os);
3458 3459 if (dsl_dir_is_clone(ds->ds_dir) && DS_IS_DEFER_DESTROY(ds->ds_prev)) {
3459 3460 char originname[MAXNAMELEN];
3460 3461 dsl_dataset_name(ds->ds_prev, originname);
3461 3462 dmu_objset_rele(os, FTAG);
3462 3463 (void) zfs_unmount_snap(originname);
3463 3464 } else {
3464 3465 dmu_objset_rele(os, FTAG);
3465 3466 }
3466 3467 }
3467 3468
3468 3469 /*
3469 3470 * innvl: {
3470 3471 * "snaps" -> { snapshot1, snapshot2 }
3471 3472 * (optional boolean) "defer"
3472 3473 * }
3473 3474 *
3474 3475 * outnvl: snapshot -> error code (int32)
3475 3476 *
3476 3477 */
3477 3478 /* ARGSUSED */
3478 3479 static int
3479 3480 zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3480 3481 {
3481 3482 nvlist_t *snaps;
3482 3483 nvpair_t *pair;
3483 3484 boolean_t defer;
3484 3485
3485 3486 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3486 3487 return (SET_ERROR(EINVAL));
3487 3488 defer = nvlist_exists(innvl, "defer");
3488 3489
3489 3490 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3490 3491 pair = nvlist_next_nvpair(snaps, pair)) {
3491 3492 (void) zfs_unmount_snap(nvpair_name(pair));
3492 3493 }
3493 3494
3494 3495 return (dsl_destroy_snapshots_nvl(snaps, defer, outnvl));
3495 3496 }
3496 3497
3497 3498 /*
3498 3499 * Create bookmarks. Bookmark names are of the form <fs>#<bmark>.
3499 3500 * All bookmarks must be in the same pool.
3500 3501 *
3501 3502 * innvl: {
3502 3503 * bookmark1 -> snapshot1, bookmark2 -> snapshot2
3503 3504 * }
3504 3505 *
3505 3506 * outnvl: bookmark -> error code (int32)
3506 3507 *
3507 3508 */
3508 3509 /* ARGSUSED */
3509 3510 static int
3510 3511 zfs_ioc_bookmark(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3511 3512 {
3512 3513 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3513 3514 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3514 3515 char *snap_name;
3515 3516
3516 3517 /*
3517 3518 * Verify the snapshot argument.
3518 3519 */
3519 3520 if (nvpair_value_string(pair, &snap_name) != 0)
3520 3521 return (SET_ERROR(EINVAL));
3521 3522
3522 3523
3523 3524 /* Verify that the keys (bookmarks) are unique */
3524 3525 for (nvpair_t *pair2 = nvlist_next_nvpair(innvl, pair);
3525 3526 pair2 != NULL; pair2 = nvlist_next_nvpair(innvl, pair2)) {
3526 3527 if (strcmp(nvpair_name(pair), nvpair_name(pair2)) == 0)
3527 3528 return (SET_ERROR(EINVAL));
3528 3529 }
3529 3530 }
3530 3531
3531 3532 return (dsl_bookmark_create(innvl, outnvl));
3532 3533 }
3533 3534
3534 3535 /*
3535 3536 * innvl: {
3536 3537 * property 1, property 2, ...
3537 3538 * }
3538 3539 *
3539 3540 * outnvl: {
3540 3541 * bookmark name 1 -> { property 1, property 2, ... },
3541 3542 * bookmark name 2 -> { property 1, property 2, ... }
3542 3543 * }
3543 3544 *
3544 3545 */
3545 3546 static int
3546 3547 zfs_ioc_get_bookmarks(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3547 3548 {
3548 3549 return (dsl_get_bookmarks(fsname, innvl, outnvl));
3549 3550 }
3550 3551
3551 3552 /*
3552 3553 * innvl: {
3553 3554 * bookmark name 1, bookmark name 2
3554 3555 * }
3555 3556 *
3556 3557 * outnvl: bookmark -> error code (int32)
3557 3558 *
3558 3559 */
3559 3560 static int
3560 3561 zfs_ioc_destroy_bookmarks(const char *poolname, nvlist_t *innvl,
3561 3562 nvlist_t *outnvl)
3562 3563 {
3563 3564 int error, poollen;
3564 3565
3565 3566 poollen = strlen(poolname);
3566 3567 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3567 3568 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3568 3569 const char *name = nvpair_name(pair);
3569 3570 const char *cp = strchr(name, '#');
3570 3571
3571 3572 /*
3572 3573 * The bookmark name must contain an #, and the part after it
3573 3574 * must contain only valid characters.
3574 3575 */
3575 3576 if (cp == NULL ||
3576 3577 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3577 3578 return (SET_ERROR(EINVAL));
3578 3579
3579 3580 /*
3580 3581 * The bookmark must be in the specified pool.
3581 3582 */
3582 3583 if (strncmp(name, poolname, poollen) != 0 ||
3583 3584 (name[poollen] != '/' && name[poollen] != '#'))
3584 3585 return (SET_ERROR(EXDEV));
3585 3586 }
3586 3587
3587 3588 error = dsl_bookmark_destroy(innvl, outnvl);
3588 3589 return (error);
3589 3590 }
3590 3591
3591 3592 /*
3592 3593 * inputs:
3593 3594 * zc_name name of dataset to destroy
3594 3595 * zc_objset_type type of objset
3595 3596 * zc_defer_destroy mark for deferred destroy
3596 3597 *
3597 3598 * outputs: none
3598 3599 */
3599 3600 static int
3600 3601 zfs_ioc_destroy(zfs_cmd_t *zc)
3601 3602 {
3602 3603 int err;
3603 3604
3604 3605 if (zc->zc_objset_type == DMU_OST_ZFS) {
3605 3606 err = zfs_unmount_snap(zc->zc_name);
3606 3607 if (err != 0)
3607 3608 return (err);
3608 3609 }
3609 3610
3610 3611 if (strchr(zc->zc_name, '@'))
3611 3612 err = dsl_destroy_snapshot(zc->zc_name, zc->zc_defer_destroy);
3612 3613 else
3613 3614 err = dsl_destroy_head(zc->zc_name);
3614 3615 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3615 3616 (void) zvol_remove_minor(zc->zc_name);
3616 3617 return (err);
3617 3618 }
3618 3619
3619 3620 /*
3620 3621 * fsname is name of dataset to rollback (to most recent snapshot)
3621 3622 *
3622 3623 * innvl is not used.
3623 3624 *
3624 3625 * outnvl: "target" -> name of most recent snapshot
3625 3626 * }
3626 3627 */
3627 3628 /* ARGSUSED */
3628 3629 static int
3629 3630 zfs_ioc_rollback(const char *fsname, nvlist_t *args, nvlist_t *outnvl)
3630 3631 {
3631 3632 zfsvfs_t *zfsvfs;
3632 3633 int error;
3633 3634
3634 3635 if (getzfsvfs(fsname, &zfsvfs) == 0) {
3635 3636 error = zfs_suspend_fs(zfsvfs);
3636 3637 if (error == 0) {
3637 3638 int resume_err;
3638 3639
3639 3640 error = dsl_dataset_rollback(fsname, zfsvfs, outnvl);
3640 3641 resume_err = zfs_resume_fs(zfsvfs, fsname);
3641 3642 error = error ? error : resume_err;
3642 3643 }
3643 3644 VFS_RELE(zfsvfs->z_vfs);
3644 3645 } else {
3645 3646 error = dsl_dataset_rollback(fsname, NULL, outnvl);
3646 3647 }
3647 3648 return (error);
3648 3649 }
3649 3650
3650 3651 static int
3651 3652 recursive_unmount(const char *fsname, void *arg)
3652 3653 {
3653 3654 const char *snapname = arg;
3654 3655 char fullname[MAXNAMELEN];
3655 3656
3656 3657 (void) snprintf(fullname, sizeof (fullname), "%s@%s", fsname, snapname);
3657 3658 return (zfs_unmount_snap(fullname));
3658 3659 }
3659 3660
3660 3661 /*
3661 3662 * inputs:
3662 3663 * zc_name old name of dataset
3663 3664 * zc_value new name of dataset
3664 3665 * zc_cookie recursive flag (only valid for snapshots)
3665 3666 *
3666 3667 * outputs: none
3667 3668 */
3668 3669 static int
3669 3670 zfs_ioc_rename(zfs_cmd_t *zc)
3670 3671 {
3671 3672 boolean_t recursive = zc->zc_cookie & 1;
3672 3673 char *at;
3673 3674
3674 3675 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3675 3676 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3676 3677 strchr(zc->zc_value, '%'))
3677 3678 return (SET_ERROR(EINVAL));
3678 3679
3679 3680 at = strchr(zc->zc_name, '@');
3680 3681 if (at != NULL) {
3681 3682 /* snaps must be in same fs */
3682 3683 int error;
3683 3684
3684 3685 if (strncmp(zc->zc_name, zc->zc_value, at - zc->zc_name + 1))
3685 3686 return (SET_ERROR(EXDEV));
3686 3687 *at = '\0';
3687 3688 if (zc->zc_objset_type == DMU_OST_ZFS) {
3688 3689 error = dmu_objset_find(zc->zc_name,
3689 3690 recursive_unmount, at + 1,
3690 3691 recursive ? DS_FIND_CHILDREN : 0);
3691 3692 if (error != 0) {
3692 3693 *at = '@';
3693 3694 return (error);
3694 3695 }
3695 3696 }
3696 3697 error = dsl_dataset_rename_snapshot(zc->zc_name,
3697 3698 at + 1, strchr(zc->zc_value, '@') + 1, recursive);
3698 3699 *at = '@';
3699 3700
3700 3701 return (error);
3701 3702 } else {
3702 3703 if (zc->zc_objset_type == DMU_OST_ZVOL)
3703 3704 (void) zvol_remove_minor(zc->zc_name);
3704 3705 return (dsl_dir_rename(zc->zc_name, zc->zc_value));
3705 3706 }
3706 3707 }
3707 3708
3708 3709 static int
3709 3710 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3710 3711 {
3711 3712 const char *propname = nvpair_name(pair);
3712 3713 boolean_t issnap = (strchr(dsname, '@') != NULL);
3713 3714 zfs_prop_t prop = zfs_name_to_prop(propname);
3714 3715 uint64_t intval;
3715 3716 int err;
3716 3717
3717 3718 if (prop == ZPROP_INVAL) {
3718 3719 if (zfs_prop_user(propname)) {
3719 3720 if (err = zfs_secpolicy_write_perms(dsname,
3720 3721 ZFS_DELEG_PERM_USERPROP, cr))
3721 3722 return (err);
3722 3723 return (0);
3723 3724 }
3724 3725
3725 3726 if (!issnap && zfs_prop_userquota(propname)) {
3726 3727 const char *perm = NULL;
3727 3728 const char *uq_prefix =
3728 3729 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3729 3730 const char *gq_prefix =
3730 3731 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3731 3732
3732 3733 if (strncmp(propname, uq_prefix,
3733 3734 strlen(uq_prefix)) == 0) {
3734 3735 perm = ZFS_DELEG_PERM_USERQUOTA;
3735 3736 } else if (strncmp(propname, gq_prefix,
3736 3737 strlen(gq_prefix)) == 0) {
3737 3738 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3738 3739 } else {
3739 3740 /* USERUSED and GROUPUSED are read-only */
3740 3741 return (SET_ERROR(EINVAL));
3741 3742 }
3742 3743
3743 3744 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3744 3745 return (err);
3745 3746 return (0);
3746 3747 }
3747 3748
3748 3749 return (SET_ERROR(EINVAL));
3749 3750 }
3750 3751
3751 3752 if (issnap)
3752 3753 return (SET_ERROR(EINVAL));
3753 3754
3754 3755 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3755 3756 /*
3756 3757 * dsl_prop_get_all_impl() returns properties in this
3757 3758 * format.
3758 3759 */
3759 3760 nvlist_t *attrs;
3760 3761 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3761 3762 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3762 3763 &pair) == 0);
3763 3764 }
3764 3765
3765 3766 /*
3766 3767 * Check that this value is valid for this pool version
3767 3768 */
3768 3769 switch (prop) {
3769 3770 case ZFS_PROP_COMPRESSION:
3770 3771 /*
3771 3772 * If the user specified gzip compression, make sure
3772 3773 * the SPA supports it. We ignore any errors here since
3773 3774 * we'll catch them later.
3774 3775 */
3775 3776 if (nvpair_value_uint64(pair, &intval) == 0) {
3776 3777 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3777 3778 intval <= ZIO_COMPRESS_GZIP_9 &&
3778 3779 zfs_earlier_version(dsname,
3779 3780 SPA_VERSION_GZIP_COMPRESSION)) {
3780 3781 return (SET_ERROR(ENOTSUP));
3781 3782 }
3782 3783
3783 3784 if (intval == ZIO_COMPRESS_ZLE &&
3784 3785 zfs_earlier_version(dsname,
3785 3786 SPA_VERSION_ZLE_COMPRESSION))
3786 3787 return (SET_ERROR(ENOTSUP));
3787 3788
3788 3789 if (intval == ZIO_COMPRESS_LZ4) {
3789 3790 spa_t *spa;
3790 3791
3791 3792 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3792 3793 return (err);
3793 3794
3794 3795 if (!spa_feature_is_enabled(spa,
3795 3796 SPA_FEATURE_LZ4_COMPRESS)) {
3796 3797 spa_close(spa, FTAG);
3797 3798 return (SET_ERROR(ENOTSUP));
3798 3799 }
3799 3800 spa_close(spa, FTAG);
3800 3801 }
3801 3802
3802 3803 /*
3803 3804 * If this is a bootable dataset then
3804 3805 * verify that the compression algorithm
3805 3806 * is supported for booting. We must return
3806 3807 * something other than ENOTSUP since it
3807 3808 * implies a downrev pool version.
3808 3809 */
3809 3810 if (zfs_is_bootfs(dsname) &&
3810 3811 !BOOTFS_COMPRESS_VALID(intval)) {
3811 3812 return (SET_ERROR(ERANGE));
3812 3813 }
3813 3814 }
3814 3815 break;
3815 3816
3816 3817 case ZFS_PROP_COPIES:
3817 3818 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3818 3819 return (SET_ERROR(ENOTSUP));
3819 3820 break;
3820 3821
3821 3822 case ZFS_PROP_RECORDSIZE:
3822 3823 /* Record sizes above 128k need the feature to be enabled */
3823 3824 if (nvpair_value_uint64(pair, &intval) == 0 &&
3824 3825 intval > SPA_OLD_MAXBLOCKSIZE) {
3825 3826 spa_t *spa;
3826 3827
3827 3828 /*
3828 3829 * If this is a bootable dataset then
3829 3830 * the we don't allow large (>128K) blocks,
3830 3831 * because GRUB doesn't support them.
3831 3832 */
3832 3833 if (zfs_is_bootfs(dsname) &&
3833 3834 intval > SPA_OLD_MAXBLOCKSIZE) {
3834 3835 return (SET_ERROR(ERANGE));
3835 3836 }
3836 3837
3837 3838 /*
3838 3839 * We don't allow setting the property above 1MB,
3839 3840 * unless the tunable has been changed.
3840 3841 */
3841 3842 if (intval > zfs_max_recordsize ||
3842 3843 intval > SPA_MAXBLOCKSIZE)
3843 3844 return (SET_ERROR(ERANGE));
3844 3845
3845 3846 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3846 3847 return (err);
3847 3848
3848 3849 if (!spa_feature_is_enabled(spa,
3849 3850 SPA_FEATURE_LARGE_BLOCKS)) {
3850 3851 spa_close(spa, FTAG);
3851 3852 return (SET_ERROR(ENOTSUP));
3852 3853 }
3853 3854 spa_close(spa, FTAG);
3854 3855 }
3855 3856 break;
3856 3857
3857 3858 case ZFS_PROP_SHARESMB:
3858 3859 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3859 3860 return (SET_ERROR(ENOTSUP));
3860 3861 break;
3861 3862
3862 3863 case ZFS_PROP_ACLINHERIT:
3863 3864 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3864 3865 nvpair_value_uint64(pair, &intval) == 0) {
3865 3866 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3866 3867 zfs_earlier_version(dsname,
3867 3868 SPA_VERSION_PASSTHROUGH_X))
3868 3869 return (SET_ERROR(ENOTSUP));
3869 3870 }
3870 3871 break;
3871 3872
3872 3873 case ZFS_PROP_CHECKSUM:
3873 3874 case ZFS_PROP_DEDUP:
3874 3875 {
3875 3876 spa_feature_t feature;
3876 3877 spa_t *spa;
3877 3878
3878 3879 /* dedup feature version checks */
3879 3880 if (prop == ZFS_PROP_DEDUP &&
3880 3881 zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3881 3882 return (SET_ERROR(ENOTSUP));
3882 3883
3883 3884 if (nvpair_value_uint64(pair, &intval) != 0)
3884 3885 return (SET_ERROR(EINVAL));
3885 3886
3886 3887 /* check prop value is enabled in features */
3887 3888 feature = zio_checksum_to_feature(intval);
3888 3889 if (feature == SPA_FEATURE_NONE)
3889 3890 break;
3890 3891
3891 3892 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3892 3893 return (err);
3893 3894 /*
3894 3895 * Salted checksums are not supported on root pools.
3895 3896 */
3896 3897 if (spa_bootfs(spa) != 0 &&
3897 3898 intval < ZIO_CHECKSUM_FUNCTIONS &&
3898 3899 (zio_checksum_table[intval].ci_flags &
3899 3900 ZCHECKSUM_FLAG_SALTED)) {
3900 3901 spa_close(spa, FTAG);
3901 3902 return (SET_ERROR(ERANGE));
3902 3903 }
3903 3904 if (!spa_feature_is_enabled(spa, feature)) {
3904 3905 spa_close(spa, FTAG);
3905 3906 return (SET_ERROR(ENOTSUP));
3906 3907 }
3907 3908 spa_close(spa, FTAG);
3908 3909 break;
3909 3910 }
3910 3911 }
3911 3912
3912 3913 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3913 3914 }
3914 3915
3915 3916 /*
3916 3917 * Checks for a race condition to make sure we don't increment a feature flag
3917 3918 * multiple times.
3918 3919 */
3919 3920 static int
3920 3921 zfs_prop_activate_feature_check(void *arg, dmu_tx_t *tx)
3921 3922 {
3922 3923 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3923 3924 spa_feature_t *featurep = arg;
3924 3925
3925 3926 if (!spa_feature_is_active(spa, *featurep))
3926 3927 return (0);
3927 3928 else
3928 3929 return (SET_ERROR(EBUSY));
3929 3930 }
3930 3931
3931 3932 /*
3932 3933 * The callback invoked on feature activation in the sync task caused by
3933 3934 * zfs_prop_activate_feature.
3934 3935 */
3935 3936 static void
3936 3937 zfs_prop_activate_feature_sync(void *arg, dmu_tx_t *tx)
3937 3938 {
3938 3939 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3939 3940 spa_feature_t *featurep = arg;
3940 3941
3941 3942 spa_feature_incr(spa, *featurep, tx);
3942 3943 }
3943 3944
3944 3945 /*
3945 3946 * Activates a feature on a pool in response to a property setting. This
3946 3947 * creates a new sync task which modifies the pool to reflect the feature
3947 3948 * as being active.
3948 3949 */
3949 3950 static int
3950 3951 zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature)
3951 3952 {
3952 3953 int err;
3953 3954
3954 3955 /* EBUSY here indicates that the feature is already active */
3955 3956 err = dsl_sync_task(spa_name(spa),
3956 3957 zfs_prop_activate_feature_check, zfs_prop_activate_feature_sync,
3957 3958 &feature, 2, ZFS_SPACE_CHECK_RESERVED);
3958 3959
3959 3960 if (err != 0 && err != EBUSY)
3960 3961 return (err);
3961 3962 else
3962 3963 return (0);
3963 3964 }
3964 3965
3965 3966 /*
3966 3967 * Removes properties from the given props list that fail permission checks
3967 3968 * needed to clear them and to restore them in case of a receive error. For each
3968 3969 * property, make sure we have both set and inherit permissions.
3969 3970 *
3970 3971 * Returns the first error encountered if any permission checks fail. If the
3971 3972 * caller provides a non-NULL errlist, it also gives the complete list of names
3972 3973 * of all the properties that failed a permission check along with the
3973 3974 * corresponding error numbers. The caller is responsible for freeing the
3974 3975 * returned errlist.
3975 3976 *
3976 3977 * If every property checks out successfully, zero is returned and the list
3977 3978 * pointed at by errlist is NULL.
3978 3979 */
3979 3980 static int
3980 3981 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3981 3982 {
3982 3983 zfs_cmd_t *zc;
3983 3984 nvpair_t *pair, *next_pair;
3984 3985 nvlist_t *errors;
3985 3986 int err, rv = 0;
3986 3987
3987 3988 if (props == NULL)
3988 3989 return (0);
3989 3990
3990 3991 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3991 3992
3992 3993 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3993 3994 (void) strcpy(zc->zc_name, dataset);
3994 3995 pair = nvlist_next_nvpair(props, NULL);
3995 3996 while (pair != NULL) {
3996 3997 next_pair = nvlist_next_nvpair(props, pair);
3997 3998
3998 3999 (void) strcpy(zc->zc_value, nvpair_name(pair));
3999 4000 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
4000 4001 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
4001 4002 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
4002 4003 VERIFY(nvlist_add_int32(errors,
4003 4004 zc->zc_value, err) == 0);
4004 4005 }
4005 4006 pair = next_pair;
4006 4007 }
4007 4008 kmem_free(zc, sizeof (zfs_cmd_t));
4008 4009
4009 4010 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
4010 4011 nvlist_free(errors);
4011 4012 errors = NULL;
4012 4013 } else {
4013 4014 VERIFY(nvpair_value_int32(pair, &rv) == 0);
4014 4015 }
4015 4016
4016 4017 if (errlist == NULL)
4017 4018 nvlist_free(errors);
4018 4019 else
4019 4020 *errlist = errors;
4020 4021
4021 4022 return (rv);
4022 4023 }
4023 4024
4024 4025 static boolean_t
4025 4026 propval_equals(nvpair_t *p1, nvpair_t *p2)
4026 4027 {
4027 4028 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
4028 4029 /* dsl_prop_get_all_impl() format */
4029 4030 nvlist_t *attrs;
4030 4031 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
4031 4032 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4032 4033 &p1) == 0);
4033 4034 }
4034 4035
4035 4036 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
4036 4037 nvlist_t *attrs;
4037 4038 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
4038 4039 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4039 4040 &p2) == 0);
4040 4041 }
4041 4042
4042 4043 if (nvpair_type(p1) != nvpair_type(p2))
4043 4044 return (B_FALSE);
4044 4045
4045 4046 if (nvpair_type(p1) == DATA_TYPE_STRING) {
4046 4047 char *valstr1, *valstr2;
4047 4048
4048 4049 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
4049 4050 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
4050 4051 return (strcmp(valstr1, valstr2) == 0);
4051 4052 } else {
4052 4053 uint64_t intval1, intval2;
4053 4054
4054 4055 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
4055 4056 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
4056 4057 return (intval1 == intval2);
4057 4058 }
4058 4059 }
4059 4060
4060 4061 /*
4061 4062 * Remove properties from props if they are not going to change (as determined
4062 4063 * by comparison with origprops). Remove them from origprops as well, since we
4063 4064 * do not need to clear or restore properties that won't change.
4064 4065 */
4065 4066 static void
4066 4067 props_reduce(nvlist_t *props, nvlist_t *origprops)
4067 4068 {
4068 4069 nvpair_t *pair, *next_pair;
4069 4070
4070 4071 if (origprops == NULL)
4071 4072 return; /* all props need to be received */
4072 4073
4073 4074 pair = nvlist_next_nvpair(props, NULL);
4074 4075 while (pair != NULL) {
4075 4076 const char *propname = nvpair_name(pair);
4076 4077 nvpair_t *match;
4077 4078
4078 4079 next_pair = nvlist_next_nvpair(props, pair);
4079 4080
4080 4081 if ((nvlist_lookup_nvpair(origprops, propname,
4081 4082 &match) != 0) || !propval_equals(pair, match))
4082 4083 goto next; /* need to set received value */
|
↓ open down ↓ |
4048 lines elided |
↑ open up ↑ |
4083 4084
4084 4085 /* don't clear the existing received value */
4085 4086 (void) nvlist_remove_nvpair(origprops, match);
4086 4087 /* don't bother receiving the property */
4087 4088 (void) nvlist_remove_nvpair(props, pair);
4088 4089 next:
4089 4090 pair = next_pair;
4090 4091 }
4091 4092 }
4092 4093
4094 +/*
4095 + * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4096 + * For example, refquota cannot be set until after the receipt of a dataset,
4097 + * because in replication streams, an older/earlier snapshot may exceed the
4098 + * refquota. We want to receive the older/earlier snapshot, but setting
4099 + * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4100 + * the older/earlier snapshot from being received (with EDQUOT).
4101 + *
4102 + * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4103 + *
4104 + * libzfs will need to be judicious handling errors encountered by props
4105 + * extracted by this function.
4106 + */
4107 +static nvlist_t *
4108 +extract_delay_props(nvlist_t *props)
4109 +{
4110 + nvlist_t *delayprops;
4111 + nvpair_t *nvp, *tmp;
4112 + static const zfs_prop_t delayable[] = { ZFS_PROP_REFQUOTA, 0 };
4113 + int i;
4114 +
4115 + VERIFY(nvlist_alloc(&delayprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4116 +
4117 + for (nvp = nvlist_next_nvpair(props, NULL); nvp != NULL;
4118 + nvp = nvlist_next_nvpair(props, nvp)) {
4119 + /*
4120 + * strcmp() is safe because zfs_prop_to_name() always returns
4121 + * a bounded string.
4122 + */
4123 + for (i = 0; delayable[i] != 0; i++) {
4124 + if (strcmp(zfs_prop_to_name(delayable[i]),
4125 + nvpair_name(nvp)) == 0) {
4126 + break;
4127 + }
4128 + }
4129 + if (delayable[i] != 0) {
4130 + tmp = nvlist_prev_nvpair(props, nvp);
4131 + VERIFY(nvlist_add_nvpair(delayprops, nvp) == 0);
4132 + VERIFY(nvlist_remove_nvpair(props, nvp) == 0);
4133 + nvp = tmp;
4134 + }
4135 + }
4136 +
4137 + if (nvlist_empty(delayprops)) {
4138 + nvlist_free(delayprops);
4139 + delayprops = NULL;
4140 + }
4141 + return (delayprops);
4142 +}
4143 +
4093 4144 #ifdef DEBUG
4094 4145 static boolean_t zfs_ioc_recv_inject_err;
4095 4146 #endif
4096 4147
4097 4148 /*
4098 4149 * inputs:
4099 4150 * zc_name name of containing filesystem
4100 4151 * zc_nvlist_src{_size} nvlist of properties to apply
4101 4152 * zc_value name of snapshot to create
4102 4153 * zc_string name of clone origin (if DRR_FLAG_CLONE)
4103 4154 * zc_cookie file descriptor to recv from
4104 4155 * zc_begin_record the BEGIN record of the stream (not byteswapped)
4105 4156 * zc_guid force flag
4106 4157 * zc_cleanup_fd cleanup-on-exit file descriptor
4107 4158 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
4108 4159 * zc_resumable if data is incomplete assume sender will resume
4109 4160 *
4110 4161 * outputs:
4111 4162 * zc_cookie number of bytes read
4112 4163 * zc_nvlist_dst{_size} error for each unapplied received property
4113 4164 * zc_obj zprop_errflags_t
4114 4165 * zc_action_handle handle for this guid/ds mapping
4115 4166 */
4116 4167 static int
4117 4168 zfs_ioc_recv(zfs_cmd_t *zc)
4118 4169 {
|
↓ open down ↓ |
16 lines elided |
↑ open up ↑ |
4119 4170 file_t *fp;
4120 4171 dmu_recv_cookie_t drc;
4121 4172 boolean_t force = (boolean_t)zc->zc_guid;
4122 4173 int fd;
4123 4174 int error = 0;
4124 4175 int props_error = 0;
4125 4176 nvlist_t *errors;
4126 4177 offset_t off;
4127 4178 nvlist_t *props = NULL; /* sent properties */
4128 4179 nvlist_t *origprops = NULL; /* existing properties */
4180 + nvlist_t *delayprops = NULL; /* sent properties applied post-receive */
4129 4181 char *origin = NULL;
4130 4182 char *tosnap;
4131 4183 char tofs[ZFS_MAXNAMELEN];
4132 4184 boolean_t first_recvd_props = B_FALSE;
4133 4185
4134 4186 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
4135 4187 strchr(zc->zc_value, '@') == NULL ||
4136 4188 strchr(zc->zc_value, '%'))
4137 4189 return (SET_ERROR(EINVAL));
4138 4190
4139 4191 (void) strcpy(tofs, zc->zc_value);
4140 4192 tosnap = strchr(tofs, '@');
4141 4193 *tosnap++ = '\0';
4142 4194
4143 4195 if (zc->zc_nvlist_src != NULL &&
4144 4196 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
4145 4197 zc->zc_iflags, &props)) != 0)
4146 4198 return (error);
4147 4199
4148 4200 fd = zc->zc_cookie;
4149 4201 fp = getf(fd);
4150 4202 if (fp == NULL) {
4151 4203 nvlist_free(props);
4152 4204 return (SET_ERROR(EBADF));
4153 4205 }
4154 4206
4155 4207 errors = fnvlist_alloc();
4156 4208
4157 4209 if (zc->zc_string[0])
4158 4210 origin = zc->zc_string;
4159 4211
4160 4212 error = dmu_recv_begin(tofs, tosnap,
4161 4213 &zc->zc_begin_record, force, zc->zc_resumable, origin, &drc);
4162 4214 if (error != 0)
4163 4215 goto out;
4164 4216
4165 4217 /*
4166 4218 * Set properties before we receive the stream so that they are applied
4167 4219 * to the new data. Note that we must call dmu_recv_stream() if
4168 4220 * dmu_recv_begin() succeeds.
4169 4221 */
4170 4222 if (props != NULL && !drc.drc_newfs) {
4171 4223 if (spa_version(dsl_dataset_get_spa(drc.drc_ds)) >=
4172 4224 SPA_VERSION_RECVD_PROPS &&
4173 4225 !dsl_prop_get_hasrecvd(tofs))
4174 4226 first_recvd_props = B_TRUE;
4175 4227
4176 4228 /*
4177 4229 * If new received properties are supplied, they are to
4178 4230 * completely replace the existing received properties, so stash
4179 4231 * away the existing ones.
4180 4232 */
4181 4233 if (dsl_prop_get_received(tofs, &origprops) == 0) {
4182 4234 nvlist_t *errlist = NULL;
4183 4235 /*
4184 4236 * Don't bother writing a property if its value won't
4185 4237 * change (and avoid the unnecessary security checks).
4186 4238 *
4187 4239 * The first receive after SPA_VERSION_RECVD_PROPS is a
4188 4240 * special case where we blow away all local properties
4189 4241 * regardless.
4190 4242 */
4191 4243 if (!first_recvd_props)
4192 4244 props_reduce(props, origprops);
4193 4245 if (zfs_check_clearable(tofs, origprops, &errlist) != 0)
4194 4246 (void) nvlist_merge(errors, errlist, 0);
4195 4247 nvlist_free(errlist);
4196 4248
4197 4249 if (clear_received_props(tofs, origprops,
4198 4250 first_recvd_props ? NULL : props) != 0)
|
↓ open down ↓ |
60 lines elided |
↑ open up ↑ |
4199 4251 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4200 4252 } else {
4201 4253 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4202 4254 }
4203 4255 }
4204 4256
4205 4257 if (props != NULL) {
4206 4258 props_error = dsl_prop_set_hasrecvd(tofs);
4207 4259
4208 4260 if (props_error == 0) {
4261 + delayprops = extract_delay_props(props);
4209 4262 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4210 4263 props, errors);
4211 4264 }
4212 4265 }
4213 4266
4214 - if (zc->zc_nvlist_dst_size != 0 &&
4215 - (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4216 - put_nvlist(zc, errors) != 0)) {
4217 - /*
4218 - * Caller made zc->zc_nvlist_dst less than the minimum expected
4219 - * size or supplied an invalid address.
4220 - */
4221 - props_error = SET_ERROR(EINVAL);
4222 - }
4223 -
4224 4267 off = fp->f_offset;
4225 4268 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
4226 4269 &zc->zc_action_handle);
4227 4270
4228 4271 if (error == 0) {
4229 4272 zfsvfs_t *zfsvfs = NULL;
4230 4273
4231 4274 if (getzfsvfs(tofs, &zfsvfs) == 0) {
4232 4275 /* online recv */
4233 4276 int end_err;
4234 4277
4235 4278 error = zfs_suspend_fs(zfsvfs);
4236 4279 /*
4237 4280 * If the suspend fails, then the recv_end will
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
4238 4281 * likely also fail, and clean up after itself.
4239 4282 */
4240 4283 end_err = dmu_recv_end(&drc, zfsvfs);
4241 4284 if (error == 0)
4242 4285 error = zfs_resume_fs(zfsvfs, tofs);
4243 4286 error = error ? error : end_err;
4244 4287 VFS_RELE(zfsvfs->z_vfs);
4245 4288 } else {
4246 4289 error = dmu_recv_end(&drc, NULL);
4247 4290 }
4291 +
4292 + /* Set delayed properties now, after we're done receiving. */
4293 + if (delayprops != NULL && error == 0) {
4294 + (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4295 + delayprops, errors);
4296 + }
4248 4297 }
4249 4298
4299 + if (delayprops != NULL) {
4300 + /*
4301 + * Merge delayed props back in with initial props, in case
4302 + * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
4303 + * we have to make sure clear_received_props() includes
4304 + * the delayed properties).
4305 + *
4306 + * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
4307 + * using ASSERT() will be just like a VERIFY.
4308 + */
4309 + ASSERT(nvlist_merge(props, delayprops, 0) == 0);
4310 + nvlist_free(delayprops);
4311 + }
4312 +
4313 + /*
4314 + * Now that all props, initial and delayed, are set, report the prop
4315 + * errors to the caller.
4316 + */
4317 + if (zc->zc_nvlist_dst_size != 0 &&
4318 + (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4319 + put_nvlist(zc, errors) != 0)) {
4320 + /*
4321 + * Caller made zc->zc_nvlist_dst less than the minimum expected
4322 + * size or supplied an invalid address.
4323 + */
4324 + props_error = SET_ERROR(EINVAL);
4325 + }
4326 +
4250 4327 zc->zc_cookie = off - fp->f_offset;
4251 4328 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4252 4329 fp->f_offset = off;
4253 4330
4254 4331 #ifdef DEBUG
4255 4332 if (zfs_ioc_recv_inject_err) {
4256 4333 zfs_ioc_recv_inject_err = B_FALSE;
4257 4334 error = 1;
4258 4335 }
4259 4336 #endif
4260 4337 /*
4261 4338 * On error, restore the original props.
4262 4339 */
4263 4340 if (error != 0 && props != NULL && !drc.drc_newfs) {
4264 4341 if (clear_received_props(tofs, props, NULL) != 0) {
4265 4342 /*
4266 4343 * We failed to clear the received properties.
4267 4344 * Since we may have left a $recvd value on the
4268 4345 * system, we can't clear the $hasrecvd flag.
4269 4346 */
4270 4347 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4271 4348 } else if (first_recvd_props) {
4272 4349 dsl_prop_unset_hasrecvd(tofs);
4273 4350 }
4274 4351
4275 4352 if (origprops == NULL && !drc.drc_newfs) {
4276 4353 /* We failed to stash the original properties. */
4277 4354 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4278 4355 }
4279 4356
4280 4357 /*
4281 4358 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4282 4359 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4283 4360 * explictly if we're restoring local properties cleared in the
4284 4361 * first new-style receive.
4285 4362 */
4286 4363 if (origprops != NULL &&
4287 4364 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4288 4365 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
4289 4366 origprops, NULL) != 0) {
4290 4367 /*
4291 4368 * We stashed the original properties but failed to
4292 4369 * restore them.
4293 4370 */
4294 4371 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4295 4372 }
4296 4373 }
4297 4374 out:
4298 4375 nvlist_free(props);
4299 4376 nvlist_free(origprops);
4300 4377 nvlist_free(errors);
4301 4378 releasef(fd);
4302 4379
4303 4380 if (error == 0)
4304 4381 error = props_error;
4305 4382
4306 4383 return (error);
4307 4384 }
4308 4385
4309 4386 /*
4310 4387 * inputs:
4311 4388 * zc_name name of snapshot to send
4312 4389 * zc_cookie file descriptor to send stream to
4313 4390 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4314 4391 * zc_sendobj objsetid of snapshot to send
4315 4392 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4316 4393 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4317 4394 * output size in zc_objset_type.
4318 4395 * zc_flags lzc_send_flags
4319 4396 *
4320 4397 * outputs:
4321 4398 * zc_objset_type estimated size, if zc_guid is set
4322 4399 */
4323 4400 static int
4324 4401 zfs_ioc_send(zfs_cmd_t *zc)
4325 4402 {
4326 4403 int error;
4327 4404 offset_t off;
4328 4405 boolean_t estimate = (zc->zc_guid != 0);
4329 4406 boolean_t embedok = (zc->zc_flags & 0x1);
4330 4407 boolean_t large_block_ok = (zc->zc_flags & 0x2);
4331 4408
4332 4409 if (zc->zc_obj != 0) {
4333 4410 dsl_pool_t *dp;
4334 4411 dsl_dataset_t *tosnap;
4335 4412
4336 4413 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4337 4414 if (error != 0)
4338 4415 return (error);
4339 4416
4340 4417 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4341 4418 if (error != 0) {
4342 4419 dsl_pool_rele(dp, FTAG);
4343 4420 return (error);
4344 4421 }
4345 4422
4346 4423 if (dsl_dir_is_clone(tosnap->ds_dir))
4347 4424 zc->zc_fromobj =
4348 4425 dsl_dir_phys(tosnap->ds_dir)->dd_origin_obj;
4349 4426 dsl_dataset_rele(tosnap, FTAG);
4350 4427 dsl_pool_rele(dp, FTAG);
4351 4428 }
4352 4429
4353 4430 if (estimate) {
4354 4431 dsl_pool_t *dp;
4355 4432 dsl_dataset_t *tosnap;
4356 4433 dsl_dataset_t *fromsnap = NULL;
4357 4434
4358 4435 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4359 4436 if (error != 0)
4360 4437 return (error);
4361 4438
4362 4439 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4363 4440 if (error != 0) {
4364 4441 dsl_pool_rele(dp, FTAG);
4365 4442 return (error);
4366 4443 }
4367 4444
4368 4445 if (zc->zc_fromobj != 0) {
4369 4446 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj,
4370 4447 FTAG, &fromsnap);
4371 4448 if (error != 0) {
4372 4449 dsl_dataset_rele(tosnap, FTAG);
4373 4450 dsl_pool_rele(dp, FTAG);
4374 4451 return (error);
4375 4452 }
4376 4453 }
4377 4454
4378 4455 error = dmu_send_estimate(tosnap, fromsnap,
4379 4456 &zc->zc_objset_type);
4380 4457
4381 4458 if (fromsnap != NULL)
4382 4459 dsl_dataset_rele(fromsnap, FTAG);
4383 4460 dsl_dataset_rele(tosnap, FTAG);
4384 4461 dsl_pool_rele(dp, FTAG);
4385 4462 } else {
4386 4463 file_t *fp = getf(zc->zc_cookie);
4387 4464 if (fp == NULL)
4388 4465 return (SET_ERROR(EBADF));
4389 4466
4390 4467 off = fp->f_offset;
4391 4468 error = dmu_send_obj(zc->zc_name, zc->zc_sendobj,
4392 4469 zc->zc_fromobj, embedok, large_block_ok,
4393 4470 zc->zc_cookie, fp->f_vnode, &off);
4394 4471
4395 4472 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4396 4473 fp->f_offset = off;
4397 4474 releasef(zc->zc_cookie);
4398 4475 }
4399 4476 return (error);
4400 4477 }
4401 4478
4402 4479 /*
4403 4480 * inputs:
4404 4481 * zc_name name of snapshot on which to report progress
4405 4482 * zc_cookie file descriptor of send stream
4406 4483 *
4407 4484 * outputs:
4408 4485 * zc_cookie number of bytes written in send stream thus far
4409 4486 */
4410 4487 static int
4411 4488 zfs_ioc_send_progress(zfs_cmd_t *zc)
4412 4489 {
4413 4490 dsl_pool_t *dp;
4414 4491 dsl_dataset_t *ds;
4415 4492 dmu_sendarg_t *dsp = NULL;
4416 4493 int error;
4417 4494
4418 4495 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4419 4496 if (error != 0)
4420 4497 return (error);
4421 4498
4422 4499 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &ds);
4423 4500 if (error != 0) {
4424 4501 dsl_pool_rele(dp, FTAG);
4425 4502 return (error);
4426 4503 }
4427 4504
4428 4505 mutex_enter(&ds->ds_sendstream_lock);
4429 4506
4430 4507 /*
4431 4508 * Iterate over all the send streams currently active on this dataset.
4432 4509 * If there's one which matches the specified file descriptor _and_ the
4433 4510 * stream was started by the current process, return the progress of
4434 4511 * that stream.
4435 4512 */
4436 4513 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4437 4514 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4438 4515 if (dsp->dsa_outfd == zc->zc_cookie &&
4439 4516 dsp->dsa_proc == curproc)
4440 4517 break;
4441 4518 }
4442 4519
4443 4520 if (dsp != NULL)
4444 4521 zc->zc_cookie = *(dsp->dsa_off);
4445 4522 else
4446 4523 error = SET_ERROR(ENOENT);
4447 4524
4448 4525 mutex_exit(&ds->ds_sendstream_lock);
4449 4526 dsl_dataset_rele(ds, FTAG);
4450 4527 dsl_pool_rele(dp, FTAG);
4451 4528 return (error);
4452 4529 }
4453 4530
4454 4531 static int
4455 4532 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4456 4533 {
4457 4534 int id, error;
4458 4535
4459 4536 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4460 4537 &zc->zc_inject_record);
4461 4538
4462 4539 if (error == 0)
4463 4540 zc->zc_guid = (uint64_t)id;
4464 4541
4465 4542 return (error);
4466 4543 }
4467 4544
4468 4545 static int
4469 4546 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4470 4547 {
4471 4548 return (zio_clear_fault((int)zc->zc_guid));
4472 4549 }
4473 4550
4474 4551 static int
4475 4552 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4476 4553 {
4477 4554 int id = (int)zc->zc_guid;
4478 4555 int error;
4479 4556
4480 4557 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4481 4558 &zc->zc_inject_record);
4482 4559
4483 4560 zc->zc_guid = id;
4484 4561
4485 4562 return (error);
4486 4563 }
4487 4564
4488 4565 static int
4489 4566 zfs_ioc_error_log(zfs_cmd_t *zc)
4490 4567 {
4491 4568 spa_t *spa;
4492 4569 int error;
4493 4570 size_t count = (size_t)zc->zc_nvlist_dst_size;
4494 4571
4495 4572 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4496 4573 return (error);
4497 4574
4498 4575 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4499 4576 &count);
4500 4577 if (error == 0)
4501 4578 zc->zc_nvlist_dst_size = count;
4502 4579 else
4503 4580 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4504 4581
4505 4582 spa_close(spa, FTAG);
4506 4583
4507 4584 return (error);
4508 4585 }
4509 4586
4510 4587 static int
4511 4588 zfs_ioc_clear(zfs_cmd_t *zc)
4512 4589 {
4513 4590 spa_t *spa;
4514 4591 vdev_t *vd;
4515 4592 int error;
4516 4593
4517 4594 /*
4518 4595 * On zpool clear we also fix up missing slogs
4519 4596 */
4520 4597 mutex_enter(&spa_namespace_lock);
4521 4598 spa = spa_lookup(zc->zc_name);
4522 4599 if (spa == NULL) {
4523 4600 mutex_exit(&spa_namespace_lock);
4524 4601 return (SET_ERROR(EIO));
4525 4602 }
4526 4603 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4527 4604 /* we need to let spa_open/spa_load clear the chains */
4528 4605 spa_set_log_state(spa, SPA_LOG_CLEAR);
4529 4606 }
4530 4607 spa->spa_last_open_failed = 0;
4531 4608 mutex_exit(&spa_namespace_lock);
4532 4609
4533 4610 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4534 4611 error = spa_open(zc->zc_name, &spa, FTAG);
4535 4612 } else {
4536 4613 nvlist_t *policy;
4537 4614 nvlist_t *config = NULL;
4538 4615
4539 4616 if (zc->zc_nvlist_src == NULL)
4540 4617 return (SET_ERROR(EINVAL));
4541 4618
4542 4619 if ((error = get_nvlist(zc->zc_nvlist_src,
4543 4620 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4544 4621 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4545 4622 policy, &config);
4546 4623 if (config != NULL) {
4547 4624 int err;
4548 4625
4549 4626 if ((err = put_nvlist(zc, config)) != 0)
4550 4627 error = err;
4551 4628 nvlist_free(config);
4552 4629 }
4553 4630 nvlist_free(policy);
4554 4631 }
4555 4632 }
4556 4633
4557 4634 if (error != 0)
4558 4635 return (error);
4559 4636
4560 4637 spa_vdev_state_enter(spa, SCL_NONE);
4561 4638
4562 4639 if (zc->zc_guid == 0) {
4563 4640 vd = NULL;
4564 4641 } else {
4565 4642 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4566 4643 if (vd == NULL) {
4567 4644 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4568 4645 spa_close(spa, FTAG);
4569 4646 return (SET_ERROR(ENODEV));
4570 4647 }
4571 4648 }
4572 4649
4573 4650 vdev_clear(spa, vd);
4574 4651
4575 4652 (void) spa_vdev_state_exit(spa, NULL, 0);
4576 4653
4577 4654 /*
4578 4655 * Resume any suspended I/Os.
4579 4656 */
4580 4657 if (zio_resume(spa) != 0)
4581 4658 error = SET_ERROR(EIO);
4582 4659
4583 4660 spa_close(spa, FTAG);
4584 4661
4585 4662 return (error);
4586 4663 }
4587 4664
4588 4665 static int
4589 4666 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4590 4667 {
4591 4668 spa_t *spa;
4592 4669 int error;
4593 4670
4594 4671 error = spa_open(zc->zc_name, &spa, FTAG);
4595 4672 if (error != 0)
4596 4673 return (error);
4597 4674
4598 4675 spa_vdev_state_enter(spa, SCL_NONE);
4599 4676
4600 4677 /*
4601 4678 * If a resilver is already in progress then set the
4602 4679 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4603 4680 * the scan as a side effect of the reopen. Otherwise, let
4604 4681 * vdev_open() decided if a resilver is required.
4605 4682 */
4606 4683 spa->spa_scrub_reopen = dsl_scan_resilvering(spa->spa_dsl_pool);
4607 4684 vdev_reopen(spa->spa_root_vdev);
4608 4685 spa->spa_scrub_reopen = B_FALSE;
4609 4686
4610 4687 (void) spa_vdev_state_exit(spa, NULL, 0);
4611 4688 spa_close(spa, FTAG);
4612 4689 return (0);
4613 4690 }
4614 4691 /*
4615 4692 * inputs:
4616 4693 * zc_name name of filesystem
4617 4694 * zc_value name of origin snapshot
4618 4695 *
4619 4696 * outputs:
4620 4697 * zc_string name of conflicting snapshot, if there is one
4621 4698 */
4622 4699 static int
4623 4700 zfs_ioc_promote(zfs_cmd_t *zc)
4624 4701 {
4625 4702 char *cp;
4626 4703
4627 4704 /*
4628 4705 * We don't need to unmount *all* the origin fs's snapshots, but
4629 4706 * it's easier.
4630 4707 */
4631 4708 cp = strchr(zc->zc_value, '@');
4632 4709 if (cp)
4633 4710 *cp = '\0';
4634 4711 (void) dmu_objset_find(zc->zc_value,
4635 4712 zfs_unmount_snap_cb, NULL, DS_FIND_SNAPSHOTS);
4636 4713 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4637 4714 }
4638 4715
4639 4716 /*
4640 4717 * Retrieve a single {user|group}{used|quota}@... property.
4641 4718 *
4642 4719 * inputs:
4643 4720 * zc_name name of filesystem
4644 4721 * zc_objset_type zfs_userquota_prop_t
4645 4722 * zc_value domain name (eg. "S-1-234-567-89")
4646 4723 * zc_guid RID/UID/GID
4647 4724 *
4648 4725 * outputs:
4649 4726 * zc_cookie property value
4650 4727 */
4651 4728 static int
4652 4729 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4653 4730 {
4654 4731 zfsvfs_t *zfsvfs;
4655 4732 int error;
4656 4733
4657 4734 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4658 4735 return (SET_ERROR(EINVAL));
4659 4736
4660 4737 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4661 4738 if (error != 0)
4662 4739 return (error);
4663 4740
4664 4741 error = zfs_userspace_one(zfsvfs,
4665 4742 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4666 4743 zfsvfs_rele(zfsvfs, FTAG);
4667 4744
4668 4745 return (error);
4669 4746 }
4670 4747
4671 4748 /*
4672 4749 * inputs:
4673 4750 * zc_name name of filesystem
4674 4751 * zc_cookie zap cursor
4675 4752 * zc_objset_type zfs_userquota_prop_t
4676 4753 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4677 4754 *
4678 4755 * outputs:
4679 4756 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4680 4757 * zc_cookie zap cursor
4681 4758 */
4682 4759 static int
4683 4760 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4684 4761 {
4685 4762 zfsvfs_t *zfsvfs;
4686 4763 int bufsize = zc->zc_nvlist_dst_size;
4687 4764
4688 4765 if (bufsize <= 0)
4689 4766 return (SET_ERROR(ENOMEM));
4690 4767
4691 4768 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4692 4769 if (error != 0)
4693 4770 return (error);
4694 4771
4695 4772 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4696 4773
4697 4774 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4698 4775 buf, &zc->zc_nvlist_dst_size);
4699 4776
4700 4777 if (error == 0) {
4701 4778 error = xcopyout(buf,
4702 4779 (void *)(uintptr_t)zc->zc_nvlist_dst,
4703 4780 zc->zc_nvlist_dst_size);
4704 4781 }
4705 4782 kmem_free(buf, bufsize);
4706 4783 zfsvfs_rele(zfsvfs, FTAG);
4707 4784
4708 4785 return (error);
4709 4786 }
4710 4787
4711 4788 /*
4712 4789 * inputs:
4713 4790 * zc_name name of filesystem
4714 4791 *
4715 4792 * outputs:
4716 4793 * none
4717 4794 */
4718 4795 static int
4719 4796 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4720 4797 {
4721 4798 objset_t *os;
4722 4799 int error = 0;
4723 4800 zfsvfs_t *zfsvfs;
4724 4801
4725 4802 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4726 4803 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4727 4804 /*
4728 4805 * If userused is not enabled, it may be because the
4729 4806 * objset needs to be closed & reopened (to grow the
4730 4807 * objset_phys_t). Suspend/resume the fs will do that.
4731 4808 */
4732 4809 error = zfs_suspend_fs(zfsvfs);
4733 4810 if (error == 0) {
4734 4811 dmu_objset_refresh_ownership(zfsvfs->z_os,
4735 4812 zfsvfs);
4736 4813 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4737 4814 }
4738 4815 }
4739 4816 if (error == 0)
4740 4817 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4741 4818 VFS_RELE(zfsvfs->z_vfs);
4742 4819 } else {
4743 4820 /* XXX kind of reading contents without owning */
4744 4821 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4745 4822 if (error != 0)
4746 4823 return (error);
4747 4824
4748 4825 error = dmu_objset_userspace_upgrade(os);
4749 4826 dmu_objset_rele(os, FTAG);
4750 4827 }
4751 4828
4752 4829 return (error);
4753 4830 }
4754 4831
4755 4832 /*
4756 4833 * We don't want to have a hard dependency
4757 4834 * against some special symbols in sharefs
4758 4835 * nfs, and smbsrv. Determine them if needed when
4759 4836 * the first file system is shared.
4760 4837 * Neither sharefs, nfs or smbsrv are unloadable modules.
4761 4838 */
4762 4839 int (*znfsexport_fs)(void *arg);
4763 4840 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4764 4841 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4765 4842
4766 4843 int zfs_nfsshare_inited;
4767 4844 int zfs_smbshare_inited;
4768 4845
4769 4846 ddi_modhandle_t nfs_mod;
4770 4847 ddi_modhandle_t sharefs_mod;
4771 4848 ddi_modhandle_t smbsrv_mod;
4772 4849 kmutex_t zfs_share_lock;
4773 4850
4774 4851 static int
4775 4852 zfs_init_sharefs()
4776 4853 {
4777 4854 int error;
4778 4855
4779 4856 ASSERT(MUTEX_HELD(&zfs_share_lock));
4780 4857 /* Both NFS and SMB shares also require sharetab support. */
4781 4858 if (sharefs_mod == NULL && ((sharefs_mod =
4782 4859 ddi_modopen("fs/sharefs",
4783 4860 KRTLD_MODE_FIRST, &error)) == NULL)) {
4784 4861 return (SET_ERROR(ENOSYS));
4785 4862 }
4786 4863 if (zshare_fs == NULL && ((zshare_fs =
4787 4864 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4788 4865 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4789 4866 return (SET_ERROR(ENOSYS));
4790 4867 }
4791 4868 return (0);
4792 4869 }
4793 4870
4794 4871 static int
4795 4872 zfs_ioc_share(zfs_cmd_t *zc)
4796 4873 {
4797 4874 int error;
4798 4875 int opcode;
4799 4876
4800 4877 switch (zc->zc_share.z_sharetype) {
4801 4878 case ZFS_SHARE_NFS:
4802 4879 case ZFS_UNSHARE_NFS:
4803 4880 if (zfs_nfsshare_inited == 0) {
4804 4881 mutex_enter(&zfs_share_lock);
4805 4882 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4806 4883 KRTLD_MODE_FIRST, &error)) == NULL)) {
4807 4884 mutex_exit(&zfs_share_lock);
4808 4885 return (SET_ERROR(ENOSYS));
4809 4886 }
4810 4887 if (znfsexport_fs == NULL &&
4811 4888 ((znfsexport_fs = (int (*)(void *))
4812 4889 ddi_modsym(nfs_mod,
4813 4890 "nfs_export", &error)) == NULL)) {
4814 4891 mutex_exit(&zfs_share_lock);
4815 4892 return (SET_ERROR(ENOSYS));
4816 4893 }
4817 4894 error = zfs_init_sharefs();
4818 4895 if (error != 0) {
4819 4896 mutex_exit(&zfs_share_lock);
4820 4897 return (SET_ERROR(ENOSYS));
4821 4898 }
4822 4899 zfs_nfsshare_inited = 1;
4823 4900 mutex_exit(&zfs_share_lock);
4824 4901 }
4825 4902 break;
4826 4903 case ZFS_SHARE_SMB:
4827 4904 case ZFS_UNSHARE_SMB:
4828 4905 if (zfs_smbshare_inited == 0) {
4829 4906 mutex_enter(&zfs_share_lock);
4830 4907 if (smbsrv_mod == NULL && ((smbsrv_mod =
4831 4908 ddi_modopen("drv/smbsrv",
4832 4909 KRTLD_MODE_FIRST, &error)) == NULL)) {
4833 4910 mutex_exit(&zfs_share_lock);
4834 4911 return (SET_ERROR(ENOSYS));
4835 4912 }
4836 4913 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4837 4914 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4838 4915 "smb_server_share", &error)) == NULL)) {
4839 4916 mutex_exit(&zfs_share_lock);
4840 4917 return (SET_ERROR(ENOSYS));
4841 4918 }
4842 4919 error = zfs_init_sharefs();
4843 4920 if (error != 0) {
4844 4921 mutex_exit(&zfs_share_lock);
4845 4922 return (SET_ERROR(ENOSYS));
4846 4923 }
4847 4924 zfs_smbshare_inited = 1;
4848 4925 mutex_exit(&zfs_share_lock);
4849 4926 }
4850 4927 break;
4851 4928 default:
4852 4929 return (SET_ERROR(EINVAL));
4853 4930 }
4854 4931
4855 4932 switch (zc->zc_share.z_sharetype) {
4856 4933 case ZFS_SHARE_NFS:
4857 4934 case ZFS_UNSHARE_NFS:
4858 4935 if (error =
4859 4936 znfsexport_fs((void *)
4860 4937 (uintptr_t)zc->zc_share.z_exportdata))
4861 4938 return (error);
4862 4939 break;
4863 4940 case ZFS_SHARE_SMB:
4864 4941 case ZFS_UNSHARE_SMB:
4865 4942 if (error = zsmbexport_fs((void *)
4866 4943 (uintptr_t)zc->zc_share.z_exportdata,
4867 4944 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4868 4945 B_TRUE: B_FALSE)) {
4869 4946 return (error);
4870 4947 }
4871 4948 break;
4872 4949 }
4873 4950
4874 4951 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4875 4952 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4876 4953 SHAREFS_ADD : SHAREFS_REMOVE;
4877 4954
4878 4955 /*
4879 4956 * Add or remove share from sharetab
4880 4957 */
4881 4958 error = zshare_fs(opcode,
4882 4959 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4883 4960 zc->zc_share.z_sharemax);
4884 4961
4885 4962 return (error);
4886 4963
4887 4964 }
4888 4965
4889 4966 ace_t full_access[] = {
4890 4967 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4891 4968 };
4892 4969
4893 4970 /*
4894 4971 * inputs:
4895 4972 * zc_name name of containing filesystem
4896 4973 * zc_obj object # beyond which we want next in-use object #
4897 4974 *
4898 4975 * outputs:
4899 4976 * zc_obj next in-use object #
4900 4977 */
4901 4978 static int
4902 4979 zfs_ioc_next_obj(zfs_cmd_t *zc)
4903 4980 {
4904 4981 objset_t *os = NULL;
4905 4982 int error;
4906 4983
4907 4984 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4908 4985 if (error != 0)
4909 4986 return (error);
4910 4987
4911 4988 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4912 4989 dsl_dataset_phys(os->os_dsl_dataset)->ds_prev_snap_txg);
4913 4990
4914 4991 dmu_objset_rele(os, FTAG);
4915 4992 return (error);
4916 4993 }
4917 4994
4918 4995 /*
4919 4996 * inputs:
4920 4997 * zc_name name of filesystem
4921 4998 * zc_value prefix name for snapshot
4922 4999 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4923 5000 *
4924 5001 * outputs:
4925 5002 * zc_value short name of new snapshot
4926 5003 */
4927 5004 static int
4928 5005 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4929 5006 {
4930 5007 char *snap_name;
4931 5008 char *hold_name;
4932 5009 int error;
4933 5010 minor_t minor;
4934 5011
4935 5012 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4936 5013 if (error != 0)
4937 5014 return (error);
4938 5015
4939 5016 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4940 5017 (u_longlong_t)ddi_get_lbolt64());
4941 5018 hold_name = kmem_asprintf("%%%s", zc->zc_value);
4942 5019
4943 5020 error = dsl_dataset_snapshot_tmp(zc->zc_name, snap_name, minor,
4944 5021 hold_name);
4945 5022 if (error == 0)
4946 5023 (void) strcpy(zc->zc_value, snap_name);
4947 5024 strfree(snap_name);
4948 5025 strfree(hold_name);
4949 5026 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4950 5027 return (error);
4951 5028 }
4952 5029
4953 5030 /*
4954 5031 * inputs:
4955 5032 * zc_name name of "to" snapshot
4956 5033 * zc_value name of "from" snapshot
4957 5034 * zc_cookie file descriptor to write diff data on
4958 5035 *
4959 5036 * outputs:
4960 5037 * dmu_diff_record_t's to the file descriptor
4961 5038 */
4962 5039 static int
4963 5040 zfs_ioc_diff(zfs_cmd_t *zc)
4964 5041 {
4965 5042 file_t *fp;
4966 5043 offset_t off;
4967 5044 int error;
4968 5045
4969 5046 fp = getf(zc->zc_cookie);
4970 5047 if (fp == NULL)
4971 5048 return (SET_ERROR(EBADF));
4972 5049
4973 5050 off = fp->f_offset;
4974 5051
4975 5052 error = dmu_diff(zc->zc_name, zc->zc_value, fp->f_vnode, &off);
4976 5053
4977 5054 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4978 5055 fp->f_offset = off;
4979 5056 releasef(zc->zc_cookie);
4980 5057
4981 5058 return (error);
4982 5059 }
4983 5060
4984 5061 /*
4985 5062 * Remove all ACL files in shares dir
4986 5063 */
4987 5064 static int
4988 5065 zfs_smb_acl_purge(znode_t *dzp)
4989 5066 {
4990 5067 zap_cursor_t zc;
4991 5068 zap_attribute_t zap;
4992 5069 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4993 5070 int error;
4994 5071
4995 5072 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4996 5073 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4997 5074 zap_cursor_advance(&zc)) {
4998 5075 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4999 5076 NULL, 0)) != 0)
5000 5077 break;
5001 5078 }
5002 5079 zap_cursor_fini(&zc);
5003 5080 return (error);
5004 5081 }
5005 5082
5006 5083 static int
5007 5084 zfs_ioc_smb_acl(zfs_cmd_t *zc)
5008 5085 {
5009 5086 vnode_t *vp;
5010 5087 znode_t *dzp;
5011 5088 vnode_t *resourcevp = NULL;
5012 5089 znode_t *sharedir;
5013 5090 zfsvfs_t *zfsvfs;
5014 5091 nvlist_t *nvlist;
5015 5092 char *src, *target;
5016 5093 vattr_t vattr;
5017 5094 vsecattr_t vsec;
5018 5095 int error = 0;
5019 5096
5020 5097 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
5021 5098 NO_FOLLOW, NULL, &vp)) != 0)
5022 5099 return (error);
5023 5100
5024 5101 /* Now make sure mntpnt and dataset are ZFS */
5025 5102
5026 5103 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
5027 5104 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
5028 5105 zc->zc_name) != 0)) {
5029 5106 VN_RELE(vp);
5030 5107 return (SET_ERROR(EINVAL));
5031 5108 }
5032 5109
5033 5110 dzp = VTOZ(vp);
5034 5111 zfsvfs = dzp->z_zfsvfs;
5035 5112 ZFS_ENTER(zfsvfs);
5036 5113
5037 5114 /*
5038 5115 * Create share dir if its missing.
5039 5116 */
5040 5117 mutex_enter(&zfsvfs->z_lock);
5041 5118 if (zfsvfs->z_shares_dir == 0) {
5042 5119 dmu_tx_t *tx;
5043 5120
5044 5121 tx = dmu_tx_create(zfsvfs->z_os);
5045 5122 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
5046 5123 ZFS_SHARES_DIR);
5047 5124 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
5048 5125 error = dmu_tx_assign(tx, TXG_WAIT);
5049 5126 if (error != 0) {
5050 5127 dmu_tx_abort(tx);
5051 5128 } else {
5052 5129 error = zfs_create_share_dir(zfsvfs, tx);
5053 5130 dmu_tx_commit(tx);
5054 5131 }
5055 5132 if (error != 0) {
5056 5133 mutex_exit(&zfsvfs->z_lock);
5057 5134 VN_RELE(vp);
5058 5135 ZFS_EXIT(zfsvfs);
5059 5136 return (error);
5060 5137 }
5061 5138 }
5062 5139 mutex_exit(&zfsvfs->z_lock);
5063 5140
5064 5141 ASSERT(zfsvfs->z_shares_dir);
5065 5142 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
5066 5143 VN_RELE(vp);
5067 5144 ZFS_EXIT(zfsvfs);
5068 5145 return (error);
5069 5146 }
5070 5147
5071 5148 switch (zc->zc_cookie) {
5072 5149 case ZFS_SMB_ACL_ADD:
5073 5150 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
5074 5151 vattr.va_type = VREG;
5075 5152 vattr.va_mode = S_IFREG|0777;
5076 5153 vattr.va_uid = 0;
5077 5154 vattr.va_gid = 0;
5078 5155
5079 5156 vsec.vsa_mask = VSA_ACE;
5080 5157 vsec.vsa_aclentp = &full_access;
5081 5158 vsec.vsa_aclentsz = sizeof (full_access);
5082 5159 vsec.vsa_aclcnt = 1;
5083 5160
5084 5161 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
5085 5162 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
5086 5163 if (resourcevp)
5087 5164 VN_RELE(resourcevp);
5088 5165 break;
5089 5166
5090 5167 case ZFS_SMB_ACL_REMOVE:
5091 5168 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
5092 5169 NULL, 0);
5093 5170 break;
5094 5171
5095 5172 case ZFS_SMB_ACL_RENAME:
5096 5173 if ((error = get_nvlist(zc->zc_nvlist_src,
5097 5174 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
5098 5175 VN_RELE(vp);
5099 5176 VN_RELE(ZTOV(sharedir));
5100 5177 ZFS_EXIT(zfsvfs);
5101 5178 return (error);
5102 5179 }
5103 5180 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
5104 5181 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
5105 5182 &target)) {
5106 5183 VN_RELE(vp);
5107 5184 VN_RELE(ZTOV(sharedir));
5108 5185 ZFS_EXIT(zfsvfs);
5109 5186 nvlist_free(nvlist);
5110 5187 return (error);
5111 5188 }
5112 5189 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
5113 5190 kcred, NULL, 0);
5114 5191 nvlist_free(nvlist);
5115 5192 break;
5116 5193
5117 5194 case ZFS_SMB_ACL_PURGE:
5118 5195 error = zfs_smb_acl_purge(sharedir);
5119 5196 break;
5120 5197
5121 5198 default:
5122 5199 error = SET_ERROR(EINVAL);
5123 5200 break;
5124 5201 }
5125 5202
5126 5203 VN_RELE(vp);
5127 5204 VN_RELE(ZTOV(sharedir));
5128 5205
5129 5206 ZFS_EXIT(zfsvfs);
5130 5207
5131 5208 return (error);
5132 5209 }
5133 5210
5134 5211 /*
5135 5212 * innvl: {
5136 5213 * "holds" -> { snapname -> holdname (string), ... }
5137 5214 * (optional) "cleanup_fd" -> fd (int32)
5138 5215 * }
5139 5216 *
5140 5217 * outnvl: {
5141 5218 * snapname -> error value (int32)
5142 5219 * ...
5143 5220 * }
5144 5221 */
5145 5222 /* ARGSUSED */
5146 5223 static int
5147 5224 zfs_ioc_hold(const char *pool, nvlist_t *args, nvlist_t *errlist)
5148 5225 {
5149 5226 nvpair_t *pair;
5150 5227 nvlist_t *holds;
5151 5228 int cleanup_fd = -1;
5152 5229 int error;
5153 5230 minor_t minor = 0;
5154 5231
5155 5232 error = nvlist_lookup_nvlist(args, "holds", &holds);
5156 5233 if (error != 0)
5157 5234 return (SET_ERROR(EINVAL));
5158 5235
5159 5236 /* make sure the user didn't pass us any invalid (empty) tags */
5160 5237 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
5161 5238 pair = nvlist_next_nvpair(holds, pair)) {
5162 5239 char *htag;
5163 5240
5164 5241 error = nvpair_value_string(pair, &htag);
5165 5242 if (error != 0)
5166 5243 return (SET_ERROR(error));
5167 5244
5168 5245 if (strlen(htag) == 0)
5169 5246 return (SET_ERROR(EINVAL));
5170 5247 }
5171 5248
5172 5249 if (nvlist_lookup_int32(args, "cleanup_fd", &cleanup_fd) == 0) {
5173 5250 error = zfs_onexit_fd_hold(cleanup_fd, &minor);
5174 5251 if (error != 0)
5175 5252 return (error);
5176 5253 }
5177 5254
5178 5255 error = dsl_dataset_user_hold(holds, minor, errlist);
5179 5256 if (minor != 0)
5180 5257 zfs_onexit_fd_rele(cleanup_fd);
5181 5258 return (error);
5182 5259 }
5183 5260
5184 5261 /*
5185 5262 * innvl is not used.
5186 5263 *
5187 5264 * outnvl: {
5188 5265 * holdname -> time added (uint64 seconds since epoch)
5189 5266 * ...
5190 5267 * }
5191 5268 */
5192 5269 /* ARGSUSED */
5193 5270 static int
5194 5271 zfs_ioc_get_holds(const char *snapname, nvlist_t *args, nvlist_t *outnvl)
5195 5272 {
5196 5273 return (dsl_dataset_get_holds(snapname, outnvl));
5197 5274 }
5198 5275
5199 5276 /*
5200 5277 * innvl: {
5201 5278 * snapname -> { holdname, ... }
5202 5279 * ...
5203 5280 * }
5204 5281 *
5205 5282 * outnvl: {
5206 5283 * snapname -> error value (int32)
5207 5284 * ...
5208 5285 * }
5209 5286 */
5210 5287 /* ARGSUSED */
5211 5288 static int
5212 5289 zfs_ioc_release(const char *pool, nvlist_t *holds, nvlist_t *errlist)
5213 5290 {
5214 5291 return (dsl_dataset_user_release(holds, errlist));
5215 5292 }
5216 5293
5217 5294 /*
5218 5295 * inputs:
5219 5296 * zc_name name of new filesystem or snapshot
5220 5297 * zc_value full name of old snapshot
5221 5298 *
5222 5299 * outputs:
5223 5300 * zc_cookie space in bytes
5224 5301 * zc_objset_type compressed space in bytes
5225 5302 * zc_perm_action uncompressed space in bytes
5226 5303 */
5227 5304 static int
5228 5305 zfs_ioc_space_written(zfs_cmd_t *zc)
5229 5306 {
5230 5307 int error;
5231 5308 dsl_pool_t *dp;
5232 5309 dsl_dataset_t *new, *old;
5233 5310
5234 5311 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5235 5312 if (error != 0)
5236 5313 return (error);
5237 5314 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &new);
5238 5315 if (error != 0) {
5239 5316 dsl_pool_rele(dp, FTAG);
5240 5317 return (error);
5241 5318 }
5242 5319 error = dsl_dataset_hold(dp, zc->zc_value, FTAG, &old);
5243 5320 if (error != 0) {
5244 5321 dsl_dataset_rele(new, FTAG);
5245 5322 dsl_pool_rele(dp, FTAG);
5246 5323 return (error);
5247 5324 }
5248 5325
5249 5326 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5250 5327 &zc->zc_objset_type, &zc->zc_perm_action);
5251 5328 dsl_dataset_rele(old, FTAG);
5252 5329 dsl_dataset_rele(new, FTAG);
5253 5330 dsl_pool_rele(dp, FTAG);
5254 5331 return (error);
5255 5332 }
5256 5333
5257 5334 /*
5258 5335 * innvl: {
5259 5336 * "firstsnap" -> snapshot name
5260 5337 * }
5261 5338 *
5262 5339 * outnvl: {
5263 5340 * "used" -> space in bytes
5264 5341 * "compressed" -> compressed space in bytes
5265 5342 * "uncompressed" -> uncompressed space in bytes
5266 5343 * }
5267 5344 */
5268 5345 static int
5269 5346 zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
5270 5347 {
5271 5348 int error;
5272 5349 dsl_pool_t *dp;
5273 5350 dsl_dataset_t *new, *old;
5274 5351 char *firstsnap;
5275 5352 uint64_t used, comp, uncomp;
5276 5353
5277 5354 if (nvlist_lookup_string(innvl, "firstsnap", &firstsnap) != 0)
5278 5355 return (SET_ERROR(EINVAL));
5279 5356
5280 5357 error = dsl_pool_hold(lastsnap, FTAG, &dp);
5281 5358 if (error != 0)
5282 5359 return (error);
5283 5360
5284 5361 error = dsl_dataset_hold(dp, lastsnap, FTAG, &new);
5285 5362 if (error == 0 && !new->ds_is_snapshot) {
5286 5363 dsl_dataset_rele(new, FTAG);
5287 5364 error = SET_ERROR(EINVAL);
5288 5365 }
5289 5366 if (error != 0) {
5290 5367 dsl_pool_rele(dp, FTAG);
5291 5368 return (error);
5292 5369 }
5293 5370 error = dsl_dataset_hold(dp, firstsnap, FTAG, &old);
5294 5371 if (error == 0 && !old->ds_is_snapshot) {
5295 5372 dsl_dataset_rele(old, FTAG);
5296 5373 error = SET_ERROR(EINVAL);
5297 5374 }
5298 5375 if (error != 0) {
5299 5376 dsl_dataset_rele(new, FTAG);
5300 5377 dsl_pool_rele(dp, FTAG);
5301 5378 return (error);
5302 5379 }
5303 5380
5304 5381 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
5305 5382 dsl_dataset_rele(old, FTAG);
5306 5383 dsl_dataset_rele(new, FTAG);
5307 5384 dsl_pool_rele(dp, FTAG);
5308 5385 fnvlist_add_uint64(outnvl, "used", used);
5309 5386 fnvlist_add_uint64(outnvl, "compressed", comp);
5310 5387 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
5311 5388 return (error);
5312 5389 }
5313 5390
5314 5391 /*
5315 5392 * innvl: {
5316 5393 * "fd" -> file descriptor to write stream to (int32)
5317 5394 * (optional) "fromsnap" -> full snap name to send an incremental from
5318 5395 * (optional) "largeblockok" -> (value ignored)
5319 5396 * indicates that blocks > 128KB are permitted
5320 5397 * (optional) "embedok" -> (value ignored)
5321 5398 * presence indicates DRR_WRITE_EMBEDDED records are permitted
5322 5399 * (optional) "resume_object" and "resume_offset" -> (uint64)
5323 5400 * if present, resume send stream from specified object and offset.
5324 5401 * }
5325 5402 *
5326 5403 * outnvl is unused
5327 5404 */
5328 5405 /* ARGSUSED */
5329 5406 static int
5330 5407 zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5331 5408 {
5332 5409 int error;
5333 5410 offset_t off;
5334 5411 char *fromname = NULL;
5335 5412 int fd;
5336 5413 boolean_t largeblockok;
5337 5414 boolean_t embedok;
5338 5415 uint64_t resumeobj = 0;
5339 5416 uint64_t resumeoff = 0;
5340 5417
5341 5418 error = nvlist_lookup_int32(innvl, "fd", &fd);
5342 5419 if (error != 0)
5343 5420 return (SET_ERROR(EINVAL));
5344 5421
5345 5422 (void) nvlist_lookup_string(innvl, "fromsnap", &fromname);
5346 5423
5347 5424 largeblockok = nvlist_exists(innvl, "largeblockok");
5348 5425 embedok = nvlist_exists(innvl, "embedok");
5349 5426
5350 5427 (void) nvlist_lookup_uint64(innvl, "resume_object", &resumeobj);
5351 5428 (void) nvlist_lookup_uint64(innvl, "resume_offset", &resumeoff);
5352 5429
5353 5430 file_t *fp = getf(fd);
5354 5431 if (fp == NULL)
5355 5432 return (SET_ERROR(EBADF));
5356 5433
5357 5434 off = fp->f_offset;
5358 5435 error = dmu_send(snapname, fromname, embedok, largeblockok, fd,
5359 5436 resumeobj, resumeoff, fp->f_vnode, &off);
5360 5437
5361 5438 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5362 5439 fp->f_offset = off;
5363 5440 releasef(fd);
5364 5441 return (error);
5365 5442 }
5366 5443
5367 5444 /*
5368 5445 * Determine approximately how large a zfs send stream will be -- the number
5369 5446 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5370 5447 *
5371 5448 * innvl: {
5372 5449 * (optional) "from" -> full snap or bookmark name to send an incremental
5373 5450 * from
5374 5451 * }
5375 5452 *
5376 5453 * outnvl: {
5377 5454 * "space" -> bytes of space (uint64)
5378 5455 * }
5379 5456 */
5380 5457 static int
5381 5458 zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5382 5459 {
5383 5460 dsl_pool_t *dp;
5384 5461 dsl_dataset_t *tosnap;
5385 5462 int error;
5386 5463 char *fromname;
5387 5464 uint64_t space;
5388 5465
5389 5466 error = dsl_pool_hold(snapname, FTAG, &dp);
5390 5467 if (error != 0)
5391 5468 return (error);
5392 5469
5393 5470 error = dsl_dataset_hold(dp, snapname, FTAG, &tosnap);
5394 5471 if (error != 0) {
5395 5472 dsl_pool_rele(dp, FTAG);
5396 5473 return (error);
5397 5474 }
5398 5475
5399 5476 error = nvlist_lookup_string(innvl, "from", &fromname);
5400 5477 if (error == 0) {
5401 5478 if (strchr(fromname, '@') != NULL) {
5402 5479 /*
5403 5480 * If from is a snapshot, hold it and use the more
5404 5481 * efficient dmu_send_estimate to estimate send space
5405 5482 * size using deadlists.
5406 5483 */
5407 5484 dsl_dataset_t *fromsnap;
5408 5485 error = dsl_dataset_hold(dp, fromname, FTAG, &fromsnap);
5409 5486 if (error != 0)
5410 5487 goto out;
5411 5488 error = dmu_send_estimate(tosnap, fromsnap, &space);
5412 5489 dsl_dataset_rele(fromsnap, FTAG);
5413 5490 } else if (strchr(fromname, '#') != NULL) {
5414 5491 /*
5415 5492 * If from is a bookmark, fetch the creation TXG of the
5416 5493 * snapshot it was created from and use that to find
5417 5494 * blocks that were born after it.
5418 5495 */
5419 5496 zfs_bookmark_phys_t frombm;
5420 5497
5421 5498 error = dsl_bookmark_lookup(dp, fromname, tosnap,
5422 5499 &frombm);
5423 5500 if (error != 0)
5424 5501 goto out;
5425 5502 error = dmu_send_estimate_from_txg(tosnap,
5426 5503 frombm.zbm_creation_txg, &space);
5427 5504 } else {
5428 5505 /*
5429 5506 * from is not properly formatted as a snapshot or
5430 5507 * bookmark
5431 5508 */
5432 5509 error = SET_ERROR(EINVAL);
5433 5510 goto out;
5434 5511 }
5435 5512 } else {
5436 5513 // If estimating the size of a full send, use dmu_send_estimate
5437 5514 error = dmu_send_estimate(tosnap, NULL, &space);
5438 5515 }
5439 5516
5440 5517 fnvlist_add_uint64(outnvl, "space", space);
5441 5518
5442 5519 out:
5443 5520 dsl_dataset_rele(tosnap, FTAG);
5444 5521 dsl_pool_rele(dp, FTAG);
5445 5522 return (error);
5446 5523 }
5447 5524
5448 5525 static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
5449 5526
5450 5527 static void
5451 5528 zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5452 5529 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5453 5530 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
5454 5531 {
5455 5532 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5456 5533
5457 5534 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5458 5535 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5459 5536 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5460 5537 ASSERT3P(vec->zvec_func, ==, NULL);
5461 5538
5462 5539 vec->zvec_legacy_func = func;
5463 5540 vec->zvec_secpolicy = secpolicy;
5464 5541 vec->zvec_namecheck = namecheck;
5465 5542 vec->zvec_allow_log = log_history;
5466 5543 vec->zvec_pool_check = pool_check;
5467 5544 }
5468 5545
5469 5546 /*
5470 5547 * See the block comment at the beginning of this file for details on
5471 5548 * each argument to this function.
5472 5549 */
5473 5550 static void
5474 5551 zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
5475 5552 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5476 5553 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
5477 5554 boolean_t allow_log)
5478 5555 {
5479 5556 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5480 5557
5481 5558 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5482 5559 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5483 5560 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5484 5561 ASSERT3P(vec->zvec_func, ==, NULL);
5485 5562
5486 5563 /* if we are logging, the name must be valid */
5487 5564 ASSERT(!allow_log || namecheck != NO_NAME);
5488 5565
5489 5566 vec->zvec_name = name;
5490 5567 vec->zvec_func = func;
5491 5568 vec->zvec_secpolicy = secpolicy;
5492 5569 vec->zvec_namecheck = namecheck;
5493 5570 vec->zvec_pool_check = pool_check;
5494 5571 vec->zvec_smush_outnvlist = smush_outnvlist;
5495 5572 vec->zvec_allow_log = allow_log;
5496 5573 }
5497 5574
5498 5575 static void
5499 5576 zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5500 5577 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
5501 5578 zfs_ioc_poolcheck_t pool_check)
5502 5579 {
5503 5580 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5504 5581 POOL_NAME, log_history, pool_check);
5505 5582 }
5506 5583
5507 5584 static void
5508 5585 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5509 5586 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
5510 5587 {
5511 5588 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5512 5589 DATASET_NAME, B_FALSE, pool_check);
5513 5590 }
5514 5591
5515 5592 static void
5516 5593 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5517 5594 {
5518 5595 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
5519 5596 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5520 5597 }
5521 5598
5522 5599 static void
5523 5600 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5524 5601 zfs_secpolicy_func_t *secpolicy)
5525 5602 {
5526 5603 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5527 5604 NO_NAME, B_FALSE, POOL_CHECK_NONE);
5528 5605 }
5529 5606
5530 5607 static void
5531 5608 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
5532 5609 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
5533 5610 {
5534 5611 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5535 5612 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
5536 5613 }
5537 5614
5538 5615 static void
5539 5616 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5540 5617 {
5541 5618 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
5542 5619 zfs_secpolicy_read);
5543 5620 }
5544 5621
5545 5622 static void
5546 5623 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5547 5624 zfs_secpolicy_func_t *secpolicy)
5548 5625 {
5549 5626 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5550 5627 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5551 5628 }
5552 5629
5553 5630 static void
5554 5631 zfs_ioctl_init(void)
5555 5632 {
5556 5633 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
5557 5634 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
5558 5635 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5559 5636
5560 5637 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
5561 5638 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
5562 5639 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE);
5563 5640
5564 5641 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
5565 5642 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
5566 5643 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5567 5644
5568 5645 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
5569 5646 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
5570 5647 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5571 5648
5572 5649 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
5573 5650 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
5574 5651 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5575 5652
5576 5653 zfs_ioctl_register("create", ZFS_IOC_CREATE,
5577 5654 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
5578 5655 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5579 5656
5580 5657 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
5581 5658 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
5582 5659 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5583 5660
5584 5661 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
5585 5662 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
5586 5663 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5587 5664
5588 5665 zfs_ioctl_register("hold", ZFS_IOC_HOLD,
5589 5666 zfs_ioc_hold, zfs_secpolicy_hold, POOL_NAME,
5590 5667 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5591 5668 zfs_ioctl_register("release", ZFS_IOC_RELEASE,
5592 5669 zfs_ioc_release, zfs_secpolicy_release, POOL_NAME,
5593 5670 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5594 5671
5595 5672 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS,
5596 5673 zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME,
5597 5674 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5598 5675
5599 5676 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK,
5600 5677 zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME,
5601 5678 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_TRUE);
5602 5679
5603 5680 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK,
5604 5681 zfs_ioc_bookmark, zfs_secpolicy_bookmark, POOL_NAME,
5605 5682 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5606 5683
5607 5684 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS,
5608 5685 zfs_ioc_get_bookmarks, zfs_secpolicy_read, DATASET_NAME,
5609 5686 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5610 5687
5611 5688 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS,
5612 5689 zfs_ioc_destroy_bookmarks, zfs_secpolicy_destroy_bookmarks,
5613 5690 POOL_NAME,
5614 5691 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5615 5692
5616 5693 /* IOCTLS that use the legacy function signature */
5617 5694
5618 5695 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
5619 5696 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
5620 5697
5621 5698 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
5622 5699 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5623 5700 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
5624 5701 zfs_ioc_pool_scan);
5625 5702 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
5626 5703 zfs_ioc_pool_upgrade);
5627 5704 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
5628 5705 zfs_ioc_vdev_add);
5629 5706 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
5630 5707 zfs_ioc_vdev_remove);
5631 5708 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
5632 5709 zfs_ioc_vdev_set_state);
5633 5710 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
5634 5711 zfs_ioc_vdev_attach);
5635 5712 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
5636 5713 zfs_ioc_vdev_detach);
5637 5714 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
5638 5715 zfs_ioc_vdev_setpath);
5639 5716 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
5640 5717 zfs_ioc_vdev_setfru);
5641 5718 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
5642 5719 zfs_ioc_pool_set_props);
5643 5720 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
5644 5721 zfs_ioc_vdev_split);
5645 5722 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
5646 5723 zfs_ioc_pool_reguid);
5647 5724
5648 5725 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
5649 5726 zfs_ioc_pool_configs, zfs_secpolicy_none);
5650 5727 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
5651 5728 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
5652 5729 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
5653 5730 zfs_ioc_inject_fault, zfs_secpolicy_inject);
5654 5731 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
5655 5732 zfs_ioc_clear_fault, zfs_secpolicy_inject);
5656 5733 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
5657 5734 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
5658 5735
5659 5736 /*
5660 5737 * pool destroy, and export don't log the history as part of
5661 5738 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5662 5739 * does the logging of those commands.
5663 5740 */
5664 5741 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
5665 5742 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5666 5743 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
5667 5744 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5668 5745
5669 5746 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
5670 5747 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5671 5748 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
5672 5749 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5673 5750
5674 5751 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
5675 5752 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
5676 5753 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
5677 5754 zfs_ioc_dsobj_to_dsname,
5678 5755 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
5679 5756 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
5680 5757 zfs_ioc_pool_get_history,
5681 5758 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
5682 5759
5683 5760 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
5684 5761 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5685 5762
5686 5763 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
5687 5764 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5688 5765 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
5689 5766 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5690 5767
5691 5768 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
5692 5769 zfs_ioc_space_written);
5693 5770 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
5694 5771 zfs_ioc_objset_recvd_props);
5695 5772 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
5696 5773 zfs_ioc_next_obj);
5697 5774 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
5698 5775 zfs_ioc_get_fsacl);
5699 5776 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
5700 5777 zfs_ioc_objset_stats);
5701 5778 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
5702 5779 zfs_ioc_objset_zplprops);
5703 5780 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
5704 5781 zfs_ioc_dataset_list_next);
5705 5782 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
5706 5783 zfs_ioc_snapshot_list_next);
5707 5784 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
5708 5785 zfs_ioc_send_progress);
5709 5786
5710 5787 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
5711 5788 zfs_ioc_diff, zfs_secpolicy_diff);
5712 5789 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
5713 5790 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
5714 5791 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
5715 5792 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
5716 5793 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
5717 5794 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
5718 5795 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
5719 5796 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
5720 5797 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
5721 5798 zfs_ioc_send, zfs_secpolicy_send);
5722 5799
5723 5800 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
5724 5801 zfs_secpolicy_none);
5725 5802 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
5726 5803 zfs_secpolicy_destroy);
5727 5804 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
5728 5805 zfs_secpolicy_rename);
5729 5806 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
5730 5807 zfs_secpolicy_recv);
5731 5808 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
5732 5809 zfs_secpolicy_promote);
5733 5810 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
5734 5811 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
5735 5812 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
5736 5813 zfs_secpolicy_set_fsacl);
5737 5814
5738 5815 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
5739 5816 zfs_secpolicy_share, POOL_CHECK_NONE);
5740 5817 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
5741 5818 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
5742 5819 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
5743 5820 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5744 5821 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5745 5822 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
5746 5823 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
5747 5824 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5748 5825 }
5749 5826
5750 5827 int
5751 5828 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5752 5829 zfs_ioc_poolcheck_t check)
5753 5830 {
5754 5831 spa_t *spa;
5755 5832 int error;
5756 5833
5757 5834 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5758 5835
5759 5836 if (check & POOL_CHECK_NONE)
5760 5837 return (0);
5761 5838
5762 5839 error = spa_open(name, &spa, FTAG);
5763 5840 if (error == 0) {
5764 5841 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5765 5842 error = SET_ERROR(EAGAIN);
5766 5843 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5767 5844 error = SET_ERROR(EROFS);
5768 5845 spa_close(spa, FTAG);
5769 5846 }
5770 5847 return (error);
5771 5848 }
5772 5849
5773 5850 /*
5774 5851 * Find a free minor number.
5775 5852 */
5776 5853 minor_t
5777 5854 zfsdev_minor_alloc(void)
5778 5855 {
5779 5856 static minor_t last_minor;
5780 5857 minor_t m;
5781 5858
5782 5859 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5783 5860
5784 5861 for (m = last_minor + 1; m != last_minor; m++) {
5785 5862 if (m > ZFSDEV_MAX_MINOR)
5786 5863 m = 1;
5787 5864 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5788 5865 last_minor = m;
5789 5866 return (m);
5790 5867 }
5791 5868 }
5792 5869
5793 5870 return (0);
5794 5871 }
5795 5872
5796 5873 static int
5797 5874 zfs_ctldev_init(dev_t *devp)
5798 5875 {
5799 5876 minor_t minor;
5800 5877 zfs_soft_state_t *zs;
5801 5878
5802 5879 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5803 5880 ASSERT(getminor(*devp) == 0);
5804 5881
5805 5882 minor = zfsdev_minor_alloc();
5806 5883 if (minor == 0)
5807 5884 return (SET_ERROR(ENXIO));
5808 5885
5809 5886 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5810 5887 return (SET_ERROR(EAGAIN));
5811 5888
5812 5889 *devp = makedevice(getemajor(*devp), minor);
5813 5890
5814 5891 zs = ddi_get_soft_state(zfsdev_state, minor);
5815 5892 zs->zss_type = ZSST_CTLDEV;
5816 5893 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5817 5894
5818 5895 return (0);
5819 5896 }
5820 5897
5821 5898 static void
5822 5899 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5823 5900 {
5824 5901 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5825 5902
5826 5903 zfs_onexit_destroy(zo);
5827 5904 ddi_soft_state_free(zfsdev_state, minor);
5828 5905 }
5829 5906
5830 5907 void *
5831 5908 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5832 5909 {
5833 5910 zfs_soft_state_t *zp;
5834 5911
5835 5912 zp = ddi_get_soft_state(zfsdev_state, minor);
5836 5913 if (zp == NULL || zp->zss_type != which)
5837 5914 return (NULL);
5838 5915
5839 5916 return (zp->zss_data);
5840 5917 }
5841 5918
5842 5919 static int
5843 5920 zfsdev_open(dev_t *devp, int flag, int otyp, cred_t *cr)
5844 5921 {
5845 5922 int error = 0;
5846 5923
5847 5924 if (getminor(*devp) != 0)
5848 5925 return (zvol_open(devp, flag, otyp, cr));
5849 5926
5850 5927 /* This is the control device. Allocate a new minor if requested. */
5851 5928 if (flag & FEXCL) {
5852 5929 mutex_enter(&zfsdev_state_lock);
5853 5930 error = zfs_ctldev_init(devp);
5854 5931 mutex_exit(&zfsdev_state_lock);
5855 5932 }
5856 5933
5857 5934 return (error);
5858 5935 }
5859 5936
5860 5937 static int
5861 5938 zfsdev_close(dev_t dev, int flag, int otyp, cred_t *cr)
5862 5939 {
5863 5940 zfs_onexit_t *zo;
5864 5941 minor_t minor = getminor(dev);
5865 5942
5866 5943 if (minor == 0)
5867 5944 return (0);
5868 5945
5869 5946 mutex_enter(&zfsdev_state_lock);
5870 5947 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5871 5948 if (zo == NULL) {
5872 5949 mutex_exit(&zfsdev_state_lock);
5873 5950 return (zvol_close(dev, flag, otyp, cr));
5874 5951 }
5875 5952 zfs_ctldev_destroy(zo, minor);
5876 5953 mutex_exit(&zfsdev_state_lock);
5877 5954
5878 5955 return (0);
5879 5956 }
5880 5957
5881 5958 static int
5882 5959 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp)
5883 5960 {
5884 5961 zfs_cmd_t *zc;
5885 5962 uint_t vecnum;
5886 5963 int error, rc, len;
5887 5964 minor_t minor = getminor(dev);
5888 5965 const zfs_ioc_vec_t *vec;
5889 5966 char *saved_poolname = NULL;
5890 5967 nvlist_t *innvl = NULL;
5891 5968
5892 5969 if (minor != 0 &&
5893 5970 zfsdev_get_soft_state(minor, ZSST_CTLDEV) == NULL)
5894 5971 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp));
5895 5972
5896 5973 vecnum = cmd - ZFS_IOC_FIRST;
5897 5974 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip));
5898 5975
5899 5976 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5900 5977 return (SET_ERROR(EINVAL));
5901 5978 vec = &zfs_ioc_vec[vecnum];
5902 5979
5903 5980 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
5904 5981
5905 5982 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5906 5983 if (error != 0) {
5907 5984 error = SET_ERROR(EFAULT);
5908 5985 goto out;
5909 5986 }
5910 5987
5911 5988 zc->zc_iflags = flag & FKIOCTL;
5912 5989 if (zc->zc_nvlist_src_size != 0) {
5913 5990 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
5914 5991 zc->zc_iflags, &innvl);
5915 5992 if (error != 0)
5916 5993 goto out;
5917 5994 }
5918 5995
5919 5996 /*
5920 5997 * Ensure that all pool/dataset names are valid before we pass down to
5921 5998 * the lower layers.
5922 5999 */
5923 6000 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5924 6001 switch (vec->zvec_namecheck) {
5925 6002 case POOL_NAME:
5926 6003 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5927 6004 error = SET_ERROR(EINVAL);
5928 6005 else
5929 6006 error = pool_status_check(zc->zc_name,
5930 6007 vec->zvec_namecheck, vec->zvec_pool_check);
5931 6008 break;
5932 6009
5933 6010 case DATASET_NAME:
5934 6011 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5935 6012 error = SET_ERROR(EINVAL);
5936 6013 else
5937 6014 error = pool_status_check(zc->zc_name,
5938 6015 vec->zvec_namecheck, vec->zvec_pool_check);
5939 6016 break;
5940 6017
5941 6018 case NO_NAME:
5942 6019 break;
5943 6020 }
5944 6021
5945 6022
5946 6023 if (error == 0 && !(flag & FKIOCTL))
5947 6024 error = vec->zvec_secpolicy(zc, innvl, cr);
5948 6025
5949 6026 if (error != 0)
5950 6027 goto out;
5951 6028
5952 6029 /* legacy ioctls can modify zc_name */
5953 6030 len = strcspn(zc->zc_name, "/@#") + 1;
5954 6031 saved_poolname = kmem_alloc(len, KM_SLEEP);
5955 6032 (void) strlcpy(saved_poolname, zc->zc_name, len);
5956 6033
5957 6034 if (vec->zvec_func != NULL) {
5958 6035 nvlist_t *outnvl;
5959 6036 int puterror = 0;
5960 6037 spa_t *spa;
5961 6038 nvlist_t *lognv = NULL;
5962 6039
5963 6040 ASSERT(vec->zvec_legacy_func == NULL);
5964 6041
5965 6042 /*
5966 6043 * Add the innvl to the lognv before calling the func,
5967 6044 * in case the func changes the innvl.
5968 6045 */
5969 6046 if (vec->zvec_allow_log) {
5970 6047 lognv = fnvlist_alloc();
5971 6048 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
5972 6049 vec->zvec_name);
5973 6050 if (!nvlist_empty(innvl)) {
5974 6051 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
5975 6052 innvl);
5976 6053 }
5977 6054 }
5978 6055
5979 6056 outnvl = fnvlist_alloc();
5980 6057 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
5981 6058
5982 6059 if (error == 0 && vec->zvec_allow_log &&
5983 6060 spa_open(zc->zc_name, &spa, FTAG) == 0) {
5984 6061 if (!nvlist_empty(outnvl)) {
5985 6062 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
5986 6063 outnvl);
5987 6064 }
5988 6065 (void) spa_history_log_nvl(spa, lognv);
5989 6066 spa_close(spa, FTAG);
5990 6067 }
5991 6068 fnvlist_free(lognv);
5992 6069
5993 6070 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
5994 6071 int smusherror = 0;
5995 6072 if (vec->zvec_smush_outnvlist) {
5996 6073 smusherror = nvlist_smush(outnvl,
5997 6074 zc->zc_nvlist_dst_size);
5998 6075 }
5999 6076 if (smusherror == 0)
6000 6077 puterror = put_nvlist(zc, outnvl);
6001 6078 }
6002 6079
6003 6080 if (puterror != 0)
6004 6081 error = puterror;
6005 6082
6006 6083 nvlist_free(outnvl);
6007 6084 } else {
6008 6085 error = vec->zvec_legacy_func(zc);
6009 6086 }
6010 6087
6011 6088 out:
6012 6089 nvlist_free(innvl);
6013 6090 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
6014 6091 if (error == 0 && rc != 0)
6015 6092 error = SET_ERROR(EFAULT);
6016 6093 if (error == 0 && vec->zvec_allow_log) {
6017 6094 char *s = tsd_get(zfs_allow_log_key);
6018 6095 if (s != NULL)
6019 6096 strfree(s);
6020 6097 (void) tsd_set(zfs_allow_log_key, saved_poolname);
6021 6098 } else {
6022 6099 if (saved_poolname != NULL)
6023 6100 strfree(saved_poolname);
6024 6101 }
6025 6102
6026 6103 kmem_free(zc, sizeof (zfs_cmd_t));
6027 6104 return (error);
6028 6105 }
6029 6106
6030 6107 static int
6031 6108 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
6032 6109 {
6033 6110 if (cmd != DDI_ATTACH)
6034 6111 return (DDI_FAILURE);
6035 6112
6036 6113 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
6037 6114 DDI_PSEUDO, 0) == DDI_FAILURE)
6038 6115 return (DDI_FAILURE);
6039 6116
6040 6117 zfs_dip = dip;
6041 6118
6042 6119 ddi_report_dev(dip);
6043 6120
6044 6121 return (DDI_SUCCESS);
6045 6122 }
6046 6123
6047 6124 static int
6048 6125 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
6049 6126 {
6050 6127 if (spa_busy() || zfs_busy() || zvol_busy())
6051 6128 return (DDI_FAILURE);
6052 6129
6053 6130 if (cmd != DDI_DETACH)
6054 6131 return (DDI_FAILURE);
6055 6132
6056 6133 zfs_dip = NULL;
6057 6134
6058 6135 ddi_prop_remove_all(dip);
6059 6136 ddi_remove_minor_node(dip, NULL);
6060 6137
6061 6138 return (DDI_SUCCESS);
6062 6139 }
6063 6140
6064 6141 /*ARGSUSED*/
6065 6142 static int
6066 6143 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
6067 6144 {
6068 6145 switch (infocmd) {
6069 6146 case DDI_INFO_DEVT2DEVINFO:
6070 6147 *result = zfs_dip;
6071 6148 return (DDI_SUCCESS);
6072 6149
6073 6150 case DDI_INFO_DEVT2INSTANCE:
6074 6151 *result = (void *)0;
6075 6152 return (DDI_SUCCESS);
6076 6153 }
6077 6154
6078 6155 return (DDI_FAILURE);
6079 6156 }
6080 6157
6081 6158 /*
6082 6159 * OK, so this is a little weird.
6083 6160 *
6084 6161 * /dev/zfs is the control node, i.e. minor 0.
6085 6162 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
6086 6163 *
6087 6164 * /dev/zfs has basically nothing to do except serve up ioctls,
6088 6165 * so most of the standard driver entry points are in zvol.c.
6089 6166 */
6090 6167 static struct cb_ops zfs_cb_ops = {
6091 6168 zfsdev_open, /* open */
6092 6169 zfsdev_close, /* close */
6093 6170 zvol_strategy, /* strategy */
6094 6171 nodev, /* print */
6095 6172 zvol_dump, /* dump */
6096 6173 zvol_read, /* read */
6097 6174 zvol_write, /* write */
6098 6175 zfsdev_ioctl, /* ioctl */
6099 6176 nodev, /* devmap */
6100 6177 nodev, /* mmap */
6101 6178 nodev, /* segmap */
6102 6179 nochpoll, /* poll */
6103 6180 ddi_prop_op, /* prop_op */
6104 6181 NULL, /* streamtab */
6105 6182 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
6106 6183 CB_REV, /* version */
6107 6184 nodev, /* async read */
6108 6185 nodev, /* async write */
6109 6186 };
6110 6187
6111 6188 static struct dev_ops zfs_dev_ops = {
6112 6189 DEVO_REV, /* version */
6113 6190 0, /* refcnt */
6114 6191 zfs_info, /* info */
6115 6192 nulldev, /* identify */
6116 6193 nulldev, /* probe */
6117 6194 zfs_attach, /* attach */
6118 6195 zfs_detach, /* detach */
6119 6196 nodev, /* reset */
6120 6197 &zfs_cb_ops, /* driver operations */
6121 6198 NULL, /* no bus operations */
6122 6199 NULL, /* power */
6123 6200 ddi_quiesce_not_needed, /* quiesce */
6124 6201 };
6125 6202
6126 6203 static struct modldrv zfs_modldrv = {
6127 6204 &mod_driverops,
6128 6205 "ZFS storage pool",
6129 6206 &zfs_dev_ops
6130 6207 };
6131 6208
6132 6209 static struct modlinkage modlinkage = {
6133 6210 MODREV_1,
6134 6211 (void *)&zfs_modlfs,
6135 6212 (void *)&zfs_modldrv,
6136 6213 NULL
6137 6214 };
6138 6215
6139 6216 static void
6140 6217 zfs_allow_log_destroy(void *arg)
6141 6218 {
6142 6219 char *poolname = arg;
6143 6220 strfree(poolname);
6144 6221 }
6145 6222
6146 6223 int
6147 6224 _init(void)
6148 6225 {
6149 6226 int error;
6150 6227
6151 6228 spa_init(FREAD | FWRITE);
6152 6229 zfs_init();
6153 6230 zvol_init();
6154 6231 zfs_ioctl_init();
6155 6232
6156 6233 if ((error = mod_install(&modlinkage)) != 0) {
6157 6234 zvol_fini();
6158 6235 zfs_fini();
6159 6236 spa_fini();
6160 6237 return (error);
6161 6238 }
6162 6239
6163 6240 tsd_create(&zfs_fsyncer_key, NULL);
6164 6241 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
6165 6242 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
6166 6243
6167 6244 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
6168 6245 ASSERT(error == 0);
6169 6246 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
6170 6247
6171 6248 return (0);
6172 6249 }
6173 6250
6174 6251 int
6175 6252 _fini(void)
6176 6253 {
6177 6254 int error;
6178 6255
6179 6256 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
6180 6257 return (SET_ERROR(EBUSY));
6181 6258
6182 6259 if ((error = mod_remove(&modlinkage)) != 0)
6183 6260 return (error);
6184 6261
6185 6262 zvol_fini();
6186 6263 zfs_fini();
6187 6264 spa_fini();
6188 6265 if (zfs_nfsshare_inited)
6189 6266 (void) ddi_modclose(nfs_mod);
6190 6267 if (zfs_smbshare_inited)
6191 6268 (void) ddi_modclose(smbsrv_mod);
6192 6269 if (zfs_nfsshare_inited || zfs_smbshare_inited)
6193 6270 (void) ddi_modclose(sharefs_mod);
6194 6271
6195 6272 tsd_destroy(&zfs_fsyncer_key);
6196 6273 ldi_ident_release(zfs_li);
6197 6274 zfs_li = NULL;
6198 6275 mutex_destroy(&zfs_share_lock);
6199 6276
6200 6277 return (error);
6201 6278 }
6202 6279
6203 6280 int
6204 6281 _info(struct modinfo *modinfop)
6205 6282 {
6206 6283 return (mod_info(&modlinkage, modinfop));
6207 6284 }
|
↓ open down ↓ |
1948 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX