Print this page
4986 receiving replication stream fails if any snapshot exceeds refquota
Reviewed by: John Kennedy <john.kennedy@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Approved by: Gordon Ross <gordon.ross@nexenta.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/zfs/zfs_ioctl.c
+++ new/usr/src/uts/common/fs/zfs/zfs_ioctl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Portions Copyright 2011 Martin Matuska
25 25 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
26 + * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
26 27 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
27 28 * Copyright (c) 2011, 2014 by Delphix. All rights reserved.
28 29 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
29 30 * Copyright (c) 2013 Steven Hartland. All rights reserved.
30 31 * Copyright (c) 2014, Nexenta Systems, Inc. All rights reserved.
31 32 */
32 33
33 34 /*
34 35 * ZFS ioctls.
35 36 *
36 37 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
37 38 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
38 39 *
39 40 * There are two ways that we handle ioctls: the legacy way where almost
40 41 * all of the logic is in the ioctl callback, and the new way where most
41 42 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
42 43 *
43 44 * Non-legacy ioctls should be registered by calling
44 45 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
45 46 * from userland by lzc_ioctl().
46 47 *
47 48 * The registration arguments are as follows:
48 49 *
49 50 * const char *name
50 51 * The name of the ioctl. This is used for history logging. If the
51 52 * ioctl returns successfully (the callback returns 0), and allow_log
52 53 * is true, then a history log entry will be recorded with the input &
53 54 * output nvlists. The log entry can be printed with "zpool history -i".
54 55 *
55 56 * zfs_ioc_t ioc
56 57 * The ioctl request number, which userland will pass to ioctl(2).
57 58 * The ioctl numbers can change from release to release, because
58 59 * the caller (libzfs) must be matched to the kernel.
59 60 *
60 61 * zfs_secpolicy_func_t *secpolicy
61 62 * This function will be called before the zfs_ioc_func_t, to
62 63 * determine if this operation is permitted. It should return EPERM
63 64 * on failure, and 0 on success. Checks include determining if the
64 65 * dataset is visible in this zone, and if the user has either all
65 66 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
66 67 * to do this operation on this dataset with "zfs allow".
67 68 *
68 69 * zfs_ioc_namecheck_t namecheck
69 70 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
70 71 * name, a dataset name, or nothing. If the name is not well-formed,
71 72 * the ioctl will fail and the callback will not be called.
72 73 * Therefore, the callback can assume that the name is well-formed
73 74 * (e.g. is null-terminated, doesn't have more than one '@' character,
74 75 * doesn't have invalid characters).
75 76 *
76 77 * zfs_ioc_poolcheck_t pool_check
77 78 * This specifies requirements on the pool state. If the pool does
78 79 * not meet them (is suspended or is readonly), the ioctl will fail
79 80 * and the callback will not be called. If any checks are specified
80 81 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
81 82 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
82 83 * POOL_CHECK_READONLY).
83 84 *
84 85 * boolean_t smush_outnvlist
85 86 * If smush_outnvlist is true, then the output is presumed to be a
86 87 * list of errors, and it will be "smushed" down to fit into the
87 88 * caller's buffer, by removing some entries and replacing them with a
88 89 * single "N_MORE_ERRORS" entry indicating how many were removed. See
89 90 * nvlist_smush() for details. If smush_outnvlist is false, and the
90 91 * outnvlist does not fit into the userland-provided buffer, then the
91 92 * ioctl will fail with ENOMEM.
92 93 *
93 94 * zfs_ioc_func_t *func
94 95 * The callback function that will perform the operation.
95 96 *
96 97 * The callback should return 0 on success, or an error number on
97 98 * failure. If the function fails, the userland ioctl will return -1,
98 99 * and errno will be set to the callback's return value. The callback
99 100 * will be called with the following arguments:
100 101 *
101 102 * const char *name
102 103 * The name of the pool or dataset to operate on, from
103 104 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
104 105 * expected type (pool, dataset, or none).
105 106 *
106 107 * nvlist_t *innvl
107 108 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
108 109 * NULL if no input nvlist was provided. Changes to this nvlist are
109 110 * ignored. If the input nvlist could not be deserialized, the
110 111 * ioctl will fail and the callback will not be called.
111 112 *
112 113 * nvlist_t *outnvl
113 114 * The output nvlist, initially empty. The callback can fill it in,
114 115 * and it will be returned to userland by serializing it into
115 116 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
116 117 * fails (e.g. because the caller didn't supply a large enough
117 118 * buffer), then the overall ioctl will fail. See the
118 119 * 'smush_nvlist' argument above for additional behaviors.
119 120 *
120 121 * There are two typical uses of the output nvlist:
121 122 * - To return state, e.g. property values. In this case,
122 123 * smush_outnvlist should be false. If the buffer was not large
123 124 * enough, the caller will reallocate a larger buffer and try
124 125 * the ioctl again.
125 126 *
126 127 * - To return multiple errors from an ioctl which makes on-disk
127 128 * changes. In this case, smush_outnvlist should be true.
128 129 * Ioctls which make on-disk modifications should generally not
129 130 * use the outnvl if they succeed, because the caller can not
130 131 * distinguish between the operation failing, and
131 132 * deserialization failing.
132 133 */
133 134
134 135 #include <sys/types.h>
135 136 #include <sys/param.h>
136 137 #include <sys/errno.h>
137 138 #include <sys/uio.h>
138 139 #include <sys/buf.h>
139 140 #include <sys/modctl.h>
140 141 #include <sys/open.h>
141 142 #include <sys/file.h>
142 143 #include <sys/kmem.h>
143 144 #include <sys/conf.h>
144 145 #include <sys/cmn_err.h>
145 146 #include <sys/stat.h>
146 147 #include <sys/zfs_ioctl.h>
147 148 #include <sys/zfs_vfsops.h>
148 149 #include <sys/zfs_znode.h>
149 150 #include <sys/zap.h>
150 151 #include <sys/spa.h>
151 152 #include <sys/spa_impl.h>
152 153 #include <sys/vdev.h>
153 154 #include <sys/priv_impl.h>
154 155 #include <sys/dmu.h>
155 156 #include <sys/dsl_dir.h>
156 157 #include <sys/dsl_dataset.h>
157 158 #include <sys/dsl_prop.h>
158 159 #include <sys/dsl_deleg.h>
159 160 #include <sys/dmu_objset.h>
160 161 #include <sys/dmu_impl.h>
161 162 #include <sys/dmu_tx.h>
162 163 #include <sys/ddi.h>
163 164 #include <sys/sunddi.h>
164 165 #include <sys/sunldi.h>
165 166 #include <sys/policy.h>
166 167 #include <sys/zone.h>
167 168 #include <sys/nvpair.h>
168 169 #include <sys/pathname.h>
169 170 #include <sys/mount.h>
170 171 #include <sys/sdt.h>
171 172 #include <sys/fs/zfs.h>
172 173 #include <sys/zfs_ctldir.h>
173 174 #include <sys/zfs_dir.h>
174 175 #include <sys/zfs_onexit.h>
175 176 #include <sys/zvol.h>
176 177 #include <sys/dsl_scan.h>
177 178 #include <sharefs/share.h>
178 179 #include <sys/dmu_objset.h>
179 180 #include <sys/dmu_send.h>
180 181 #include <sys/dsl_destroy.h>
181 182 #include <sys/dsl_bookmark.h>
182 183 #include <sys/dsl_userhold.h>
183 184 #include <sys/zfeature.h>
184 185
185 186 #include "zfs_namecheck.h"
186 187 #include "zfs_prop.h"
187 188 #include "zfs_deleg.h"
188 189 #include "zfs_comutil.h"
189 190
190 191 extern struct modlfs zfs_modlfs;
191 192
192 193 extern void zfs_init(void);
193 194 extern void zfs_fini(void);
194 195
195 196 ldi_ident_t zfs_li = NULL;
196 197 dev_info_t *zfs_dip;
197 198
198 199 uint_t zfs_fsyncer_key;
199 200 extern uint_t rrw_tsd_key;
200 201 static uint_t zfs_allow_log_key;
201 202
202 203 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
203 204 typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
204 205 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
205 206
206 207 typedef enum {
207 208 NO_NAME,
208 209 POOL_NAME,
209 210 DATASET_NAME
210 211 } zfs_ioc_namecheck_t;
211 212
212 213 typedef enum {
213 214 POOL_CHECK_NONE = 1 << 0,
214 215 POOL_CHECK_SUSPENDED = 1 << 1,
215 216 POOL_CHECK_READONLY = 1 << 2,
216 217 } zfs_ioc_poolcheck_t;
217 218
218 219 typedef struct zfs_ioc_vec {
219 220 zfs_ioc_legacy_func_t *zvec_legacy_func;
220 221 zfs_ioc_func_t *zvec_func;
221 222 zfs_secpolicy_func_t *zvec_secpolicy;
222 223 zfs_ioc_namecheck_t zvec_namecheck;
223 224 boolean_t zvec_allow_log;
224 225 zfs_ioc_poolcheck_t zvec_pool_check;
225 226 boolean_t zvec_smush_outnvlist;
226 227 const char *zvec_name;
227 228 } zfs_ioc_vec_t;
228 229
229 230 /* This array is indexed by zfs_userquota_prop_t */
230 231 static const char *userquota_perms[] = {
231 232 ZFS_DELEG_PERM_USERUSED,
232 233 ZFS_DELEG_PERM_USERQUOTA,
233 234 ZFS_DELEG_PERM_GROUPUSED,
234 235 ZFS_DELEG_PERM_GROUPQUOTA,
235 236 };
236 237
237 238 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
238 239 static int zfs_check_settable(const char *name, nvpair_t *property,
239 240 cred_t *cr);
240 241 static int zfs_check_clearable(char *dataset, nvlist_t *props,
241 242 nvlist_t **errors);
242 243 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
243 244 boolean_t *);
244 245 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
245 246 static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
246 247
247 248 static int zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature);
248 249
249 250 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
250 251 void
251 252 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
252 253 {
253 254 const char *newfile;
254 255 char buf[512];
255 256 va_list adx;
256 257
257 258 /*
258 259 * Get rid of annoying "../common/" prefix to filename.
259 260 */
260 261 newfile = strrchr(file, '/');
261 262 if (newfile != NULL) {
262 263 newfile = newfile + 1; /* Get rid of leading / */
263 264 } else {
264 265 newfile = file;
265 266 }
266 267
267 268 va_start(adx, fmt);
268 269 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
269 270 va_end(adx);
270 271
271 272 /*
272 273 * To get this data, use the zfs-dprintf probe as so:
273 274 * dtrace -q -n 'zfs-dprintf \
274 275 * /stringof(arg0) == "dbuf.c"/ \
275 276 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
276 277 * arg0 = file name
277 278 * arg1 = function name
278 279 * arg2 = line number
279 280 * arg3 = message
280 281 */
281 282 DTRACE_PROBE4(zfs__dprintf,
282 283 char *, newfile, char *, func, int, line, char *, buf);
283 284 }
284 285
285 286 static void
286 287 history_str_free(char *buf)
287 288 {
288 289 kmem_free(buf, HIS_MAX_RECORD_LEN);
289 290 }
290 291
291 292 static char *
292 293 history_str_get(zfs_cmd_t *zc)
293 294 {
294 295 char *buf;
295 296
296 297 if (zc->zc_history == NULL)
297 298 return (NULL);
298 299
299 300 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
300 301 if (copyinstr((void *)(uintptr_t)zc->zc_history,
301 302 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
302 303 history_str_free(buf);
303 304 return (NULL);
304 305 }
305 306
306 307 buf[HIS_MAX_RECORD_LEN -1] = '\0';
307 308
308 309 return (buf);
309 310 }
310 311
311 312 /*
312 313 * Check to see if the named dataset is currently defined as bootable
313 314 */
314 315 static boolean_t
315 316 zfs_is_bootfs(const char *name)
316 317 {
317 318 objset_t *os;
318 319
319 320 if (dmu_objset_hold(name, FTAG, &os) == 0) {
320 321 boolean_t ret;
321 322 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
322 323 dmu_objset_rele(os, FTAG);
323 324 return (ret);
324 325 }
325 326 return (B_FALSE);
326 327 }
327 328
328 329 /*
329 330 * Return non-zero if the spa version is less than requested version.
330 331 */
331 332 static int
332 333 zfs_earlier_version(const char *name, int version)
333 334 {
334 335 spa_t *spa;
335 336
336 337 if (spa_open(name, &spa, FTAG) == 0) {
337 338 if (spa_version(spa) < version) {
338 339 spa_close(spa, FTAG);
339 340 return (1);
340 341 }
341 342 spa_close(spa, FTAG);
342 343 }
343 344 return (0);
344 345 }
345 346
346 347 /*
347 348 * Return TRUE if the ZPL version is less than requested version.
348 349 */
349 350 static boolean_t
350 351 zpl_earlier_version(const char *name, int version)
351 352 {
352 353 objset_t *os;
353 354 boolean_t rc = B_TRUE;
354 355
355 356 if (dmu_objset_hold(name, FTAG, &os) == 0) {
356 357 uint64_t zplversion;
357 358
358 359 if (dmu_objset_type(os) != DMU_OST_ZFS) {
359 360 dmu_objset_rele(os, FTAG);
360 361 return (B_TRUE);
361 362 }
362 363 /* XXX reading from non-owned objset */
363 364 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
364 365 rc = zplversion < version;
365 366 dmu_objset_rele(os, FTAG);
366 367 }
367 368 return (rc);
368 369 }
369 370
370 371 static void
371 372 zfs_log_history(zfs_cmd_t *zc)
372 373 {
373 374 spa_t *spa;
374 375 char *buf;
375 376
376 377 if ((buf = history_str_get(zc)) == NULL)
377 378 return;
378 379
379 380 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
380 381 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
381 382 (void) spa_history_log(spa, buf);
382 383 spa_close(spa, FTAG);
383 384 }
384 385 history_str_free(buf);
385 386 }
386 387
387 388 /*
388 389 * Policy for top-level read operations (list pools). Requires no privileges,
389 390 * and can be used in the local zone, as there is no associated dataset.
390 391 */
391 392 /* ARGSUSED */
392 393 static int
393 394 zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
394 395 {
395 396 return (0);
396 397 }
397 398
398 399 /*
399 400 * Policy for dataset read operations (list children, get statistics). Requires
400 401 * no privileges, but must be visible in the local zone.
401 402 */
402 403 /* ARGSUSED */
403 404 static int
404 405 zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
405 406 {
406 407 if (INGLOBALZONE(curproc) ||
407 408 zone_dataset_visible(zc->zc_name, NULL))
408 409 return (0);
409 410
410 411 return (SET_ERROR(ENOENT));
411 412 }
412 413
413 414 static int
414 415 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
415 416 {
416 417 int writable = 1;
417 418
418 419 /*
419 420 * The dataset must be visible by this zone -- check this first
420 421 * so they don't see EPERM on something they shouldn't know about.
421 422 */
422 423 if (!INGLOBALZONE(curproc) &&
423 424 !zone_dataset_visible(dataset, &writable))
424 425 return (SET_ERROR(ENOENT));
425 426
426 427 if (INGLOBALZONE(curproc)) {
427 428 /*
428 429 * If the fs is zoned, only root can access it from the
429 430 * global zone.
430 431 */
431 432 if (secpolicy_zfs(cr) && zoned)
432 433 return (SET_ERROR(EPERM));
433 434 } else {
434 435 /*
435 436 * If we are in a local zone, the 'zoned' property must be set.
436 437 */
437 438 if (!zoned)
438 439 return (SET_ERROR(EPERM));
439 440
440 441 /* must be writable by this zone */
441 442 if (!writable)
442 443 return (SET_ERROR(EPERM));
443 444 }
444 445 return (0);
445 446 }
446 447
447 448 static int
448 449 zfs_dozonecheck(const char *dataset, cred_t *cr)
449 450 {
450 451 uint64_t zoned;
451 452
452 453 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
453 454 return (SET_ERROR(ENOENT));
454 455
455 456 return (zfs_dozonecheck_impl(dataset, zoned, cr));
456 457 }
457 458
458 459 static int
459 460 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
460 461 {
461 462 uint64_t zoned;
462 463
463 464 if (dsl_prop_get_int_ds(ds, "zoned", &zoned))
464 465 return (SET_ERROR(ENOENT));
465 466
466 467 return (zfs_dozonecheck_impl(dataset, zoned, cr));
467 468 }
468 469
469 470 static int
470 471 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
471 472 const char *perm, cred_t *cr)
472 473 {
473 474 int error;
474 475
475 476 error = zfs_dozonecheck_ds(name, ds, cr);
476 477 if (error == 0) {
477 478 error = secpolicy_zfs(cr);
478 479 if (error != 0)
479 480 error = dsl_deleg_access_impl(ds, perm, cr);
480 481 }
481 482 return (error);
482 483 }
483 484
484 485 static int
485 486 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
486 487 {
487 488 int error;
488 489 dsl_dataset_t *ds;
489 490 dsl_pool_t *dp;
490 491
491 492 error = dsl_pool_hold(name, FTAG, &dp);
492 493 if (error != 0)
493 494 return (error);
494 495
495 496 error = dsl_dataset_hold(dp, name, FTAG, &ds);
496 497 if (error != 0) {
497 498 dsl_pool_rele(dp, FTAG);
498 499 return (error);
499 500 }
500 501
501 502 error = zfs_secpolicy_write_perms_ds(name, ds, perm, cr);
502 503
503 504 dsl_dataset_rele(ds, FTAG);
504 505 dsl_pool_rele(dp, FTAG);
505 506 return (error);
506 507 }
507 508
508 509 /*
509 510 * Policy for setting the security label property.
510 511 *
511 512 * Returns 0 for success, non-zero for access and other errors.
512 513 */
513 514 static int
514 515 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
515 516 {
516 517 char ds_hexsl[MAXNAMELEN];
517 518 bslabel_t ds_sl, new_sl;
518 519 boolean_t new_default = FALSE;
519 520 uint64_t zoned;
520 521 int needed_priv = -1;
521 522 int error;
522 523
523 524 /* First get the existing dataset label. */
524 525 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
525 526 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
526 527 if (error != 0)
527 528 return (SET_ERROR(EPERM));
528 529
529 530 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
530 531 new_default = TRUE;
531 532
532 533 /* The label must be translatable */
533 534 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
534 535 return (SET_ERROR(EINVAL));
535 536
536 537 /*
537 538 * In a non-global zone, disallow attempts to set a label that
538 539 * doesn't match that of the zone; otherwise no other checks
539 540 * are needed.
540 541 */
541 542 if (!INGLOBALZONE(curproc)) {
542 543 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
543 544 return (SET_ERROR(EPERM));
544 545 return (0);
545 546 }
546 547
547 548 /*
548 549 * For global-zone datasets (i.e., those whose zoned property is
549 550 * "off", verify that the specified new label is valid for the
550 551 * global zone.
551 552 */
552 553 if (dsl_prop_get_integer(name,
553 554 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
554 555 return (SET_ERROR(EPERM));
555 556 if (!zoned) {
556 557 if (zfs_check_global_label(name, strval) != 0)
557 558 return (SET_ERROR(EPERM));
558 559 }
559 560
560 561 /*
561 562 * If the existing dataset label is nondefault, check if the
562 563 * dataset is mounted (label cannot be changed while mounted).
563 564 * Get the zfsvfs; if there isn't one, then the dataset isn't
564 565 * mounted (or isn't a dataset, doesn't exist, ...).
565 566 */
566 567 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
567 568 objset_t *os;
568 569 static char *setsl_tag = "setsl_tag";
569 570
570 571 /*
571 572 * Try to own the dataset; abort if there is any error,
572 573 * (e.g., already mounted, in use, or other error).
573 574 */
574 575 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
575 576 setsl_tag, &os);
576 577 if (error != 0)
577 578 return (SET_ERROR(EPERM));
578 579
579 580 dmu_objset_disown(os, setsl_tag);
580 581
581 582 if (new_default) {
582 583 needed_priv = PRIV_FILE_DOWNGRADE_SL;
583 584 goto out_check;
584 585 }
585 586
586 587 if (hexstr_to_label(strval, &new_sl) != 0)
587 588 return (SET_ERROR(EPERM));
588 589
589 590 if (blstrictdom(&ds_sl, &new_sl))
590 591 needed_priv = PRIV_FILE_DOWNGRADE_SL;
591 592 else if (blstrictdom(&new_sl, &ds_sl))
592 593 needed_priv = PRIV_FILE_UPGRADE_SL;
593 594 } else {
594 595 /* dataset currently has a default label */
595 596 if (!new_default)
596 597 needed_priv = PRIV_FILE_UPGRADE_SL;
597 598 }
598 599
599 600 out_check:
600 601 if (needed_priv != -1)
601 602 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
602 603 return (0);
603 604 }
604 605
605 606 static int
606 607 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
607 608 cred_t *cr)
608 609 {
609 610 char *strval;
610 611
611 612 /*
612 613 * Check permissions for special properties.
613 614 */
614 615 switch (prop) {
615 616 case ZFS_PROP_ZONED:
616 617 /*
617 618 * Disallow setting of 'zoned' from within a local zone.
618 619 */
619 620 if (!INGLOBALZONE(curproc))
620 621 return (SET_ERROR(EPERM));
621 622 break;
622 623
623 624 case ZFS_PROP_QUOTA:
624 625 case ZFS_PROP_FILESYSTEM_LIMIT:
625 626 case ZFS_PROP_SNAPSHOT_LIMIT:
626 627 if (!INGLOBALZONE(curproc)) {
627 628 uint64_t zoned;
628 629 char setpoint[MAXNAMELEN];
629 630 /*
630 631 * Unprivileged users are allowed to modify the
631 632 * limit on things *under* (ie. contained by)
632 633 * the thing they own.
633 634 */
634 635 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
635 636 setpoint))
636 637 return (SET_ERROR(EPERM));
637 638 if (!zoned || strlen(dsname) <= strlen(setpoint))
638 639 return (SET_ERROR(EPERM));
639 640 }
640 641 break;
641 642
642 643 case ZFS_PROP_MLSLABEL:
643 644 if (!is_system_labeled())
644 645 return (SET_ERROR(EPERM));
645 646
646 647 if (nvpair_value_string(propval, &strval) == 0) {
647 648 int err;
648 649
649 650 err = zfs_set_slabel_policy(dsname, strval, CRED());
650 651 if (err != 0)
651 652 return (err);
652 653 }
653 654 break;
654 655 }
655 656
656 657 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
657 658 }
658 659
659 660 /* ARGSUSED */
660 661 static int
661 662 zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
662 663 {
663 664 int error;
664 665
665 666 error = zfs_dozonecheck(zc->zc_name, cr);
666 667 if (error != 0)
667 668 return (error);
668 669
669 670 /*
670 671 * permission to set permissions will be evaluated later in
671 672 * dsl_deleg_can_allow()
672 673 */
673 674 return (0);
674 675 }
675 676
676 677 /* ARGSUSED */
677 678 static int
678 679 zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
679 680 {
680 681 return (zfs_secpolicy_write_perms(zc->zc_name,
681 682 ZFS_DELEG_PERM_ROLLBACK, cr));
682 683 }
683 684
684 685 /* ARGSUSED */
685 686 static int
686 687 zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
687 688 {
688 689 dsl_pool_t *dp;
689 690 dsl_dataset_t *ds;
690 691 char *cp;
691 692 int error;
692 693
693 694 /*
694 695 * Generate the current snapshot name from the given objsetid, then
695 696 * use that name for the secpolicy/zone checks.
696 697 */
697 698 cp = strchr(zc->zc_name, '@');
698 699 if (cp == NULL)
699 700 return (SET_ERROR(EINVAL));
700 701 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
701 702 if (error != 0)
702 703 return (error);
703 704
704 705 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
705 706 if (error != 0) {
706 707 dsl_pool_rele(dp, FTAG);
707 708 return (error);
708 709 }
709 710
710 711 dsl_dataset_name(ds, zc->zc_name);
711 712
712 713 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
713 714 ZFS_DELEG_PERM_SEND, cr);
714 715 dsl_dataset_rele(ds, FTAG);
715 716 dsl_pool_rele(dp, FTAG);
716 717
717 718 return (error);
718 719 }
719 720
720 721 /* ARGSUSED */
721 722 static int
722 723 zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
723 724 {
724 725 return (zfs_secpolicy_write_perms(zc->zc_name,
725 726 ZFS_DELEG_PERM_SEND, cr));
726 727 }
727 728
728 729 /* ARGSUSED */
729 730 static int
730 731 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
731 732 {
732 733 vnode_t *vp;
733 734 int error;
734 735
735 736 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
736 737 NO_FOLLOW, NULL, &vp)) != 0)
737 738 return (error);
738 739
739 740 /* Now make sure mntpnt and dataset are ZFS */
740 741
741 742 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
742 743 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
743 744 zc->zc_name) != 0)) {
744 745 VN_RELE(vp);
745 746 return (SET_ERROR(EPERM));
746 747 }
747 748
748 749 VN_RELE(vp);
749 750 return (dsl_deleg_access(zc->zc_name,
750 751 ZFS_DELEG_PERM_SHARE, cr));
751 752 }
752 753
753 754 int
754 755 zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
755 756 {
756 757 if (!INGLOBALZONE(curproc))
757 758 return (SET_ERROR(EPERM));
758 759
759 760 if (secpolicy_nfs(cr) == 0) {
760 761 return (0);
761 762 } else {
762 763 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
763 764 }
764 765 }
765 766
766 767 int
767 768 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
768 769 {
769 770 if (!INGLOBALZONE(curproc))
770 771 return (SET_ERROR(EPERM));
771 772
772 773 if (secpolicy_smb(cr) == 0) {
773 774 return (0);
774 775 } else {
775 776 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
776 777 }
777 778 }
778 779
779 780 static int
780 781 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
781 782 {
782 783 char *cp;
783 784
784 785 /*
785 786 * Remove the @bla or /bla from the end of the name to get the parent.
786 787 */
787 788 (void) strncpy(parent, datasetname, parentsize);
788 789 cp = strrchr(parent, '@');
789 790 if (cp != NULL) {
790 791 cp[0] = '\0';
791 792 } else {
792 793 cp = strrchr(parent, '/');
793 794 if (cp == NULL)
794 795 return (SET_ERROR(ENOENT));
795 796 cp[0] = '\0';
796 797 }
797 798
798 799 return (0);
799 800 }
800 801
801 802 int
802 803 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
803 804 {
804 805 int error;
805 806
806 807 if ((error = zfs_secpolicy_write_perms(name,
807 808 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
808 809 return (error);
809 810
810 811 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
811 812 }
812 813
813 814 /* ARGSUSED */
814 815 static int
815 816 zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
816 817 {
817 818 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
818 819 }
819 820
820 821 /*
821 822 * Destroying snapshots with delegated permissions requires
822 823 * descendant mount and destroy permissions.
823 824 */
824 825 /* ARGSUSED */
825 826 static int
826 827 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
827 828 {
828 829 nvlist_t *snaps;
829 830 nvpair_t *pair, *nextpair;
830 831 int error = 0;
831 832
832 833 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
833 834 return (SET_ERROR(EINVAL));
834 835 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
835 836 pair = nextpair) {
836 837 nextpair = nvlist_next_nvpair(snaps, pair);
837 838 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
838 839 if (error == ENOENT) {
839 840 /*
840 841 * Ignore any snapshots that don't exist (we consider
841 842 * them "already destroyed"). Remove the name from the
842 843 * nvl here in case the snapshot is created between
843 844 * now and when we try to destroy it (in which case
844 845 * we don't want to destroy it since we haven't
845 846 * checked for permission).
846 847 */
847 848 fnvlist_remove_nvpair(snaps, pair);
848 849 error = 0;
849 850 }
850 851 if (error != 0)
851 852 break;
852 853 }
853 854
854 855 return (error);
855 856 }
856 857
857 858 int
858 859 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
859 860 {
860 861 char parentname[MAXNAMELEN];
861 862 int error;
862 863
863 864 if ((error = zfs_secpolicy_write_perms(from,
864 865 ZFS_DELEG_PERM_RENAME, cr)) != 0)
865 866 return (error);
866 867
867 868 if ((error = zfs_secpolicy_write_perms(from,
868 869 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
869 870 return (error);
870 871
871 872 if ((error = zfs_get_parent(to, parentname,
872 873 sizeof (parentname))) != 0)
873 874 return (error);
874 875
875 876 if ((error = zfs_secpolicy_write_perms(parentname,
876 877 ZFS_DELEG_PERM_CREATE, cr)) != 0)
877 878 return (error);
878 879
879 880 if ((error = zfs_secpolicy_write_perms(parentname,
880 881 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
881 882 return (error);
882 883
883 884 return (error);
884 885 }
885 886
886 887 /* ARGSUSED */
887 888 static int
888 889 zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
889 890 {
890 891 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
891 892 }
892 893
893 894 /* ARGSUSED */
894 895 static int
895 896 zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
896 897 {
897 898 dsl_pool_t *dp;
898 899 dsl_dataset_t *clone;
899 900 int error;
900 901
901 902 error = zfs_secpolicy_write_perms(zc->zc_name,
902 903 ZFS_DELEG_PERM_PROMOTE, cr);
903 904 if (error != 0)
904 905 return (error);
905 906
906 907 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
907 908 if (error != 0)
908 909 return (error);
909 910
910 911 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &clone);
911 912
912 913 if (error == 0) {
913 914 char parentname[MAXNAMELEN];
914 915 dsl_dataset_t *origin = NULL;
915 916 dsl_dir_t *dd;
916 917 dd = clone->ds_dir;
917 918
918 919 error = dsl_dataset_hold_obj(dd->dd_pool,
919 920 dsl_dir_phys(dd)->dd_origin_obj, FTAG, &origin);
920 921 if (error != 0) {
921 922 dsl_dataset_rele(clone, FTAG);
922 923 dsl_pool_rele(dp, FTAG);
923 924 return (error);
924 925 }
925 926
926 927 error = zfs_secpolicy_write_perms_ds(zc->zc_name, clone,
927 928 ZFS_DELEG_PERM_MOUNT, cr);
928 929
929 930 dsl_dataset_name(origin, parentname);
930 931 if (error == 0) {
931 932 error = zfs_secpolicy_write_perms_ds(parentname, origin,
932 933 ZFS_DELEG_PERM_PROMOTE, cr);
933 934 }
934 935 dsl_dataset_rele(clone, FTAG);
935 936 dsl_dataset_rele(origin, FTAG);
936 937 }
937 938 dsl_pool_rele(dp, FTAG);
938 939 return (error);
939 940 }
940 941
941 942 /* ARGSUSED */
942 943 static int
943 944 zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
944 945 {
945 946 int error;
946 947
947 948 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
948 949 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
949 950 return (error);
950 951
951 952 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
952 953 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
953 954 return (error);
954 955
955 956 return (zfs_secpolicy_write_perms(zc->zc_name,
956 957 ZFS_DELEG_PERM_CREATE, cr));
957 958 }
958 959
959 960 int
960 961 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
961 962 {
962 963 return (zfs_secpolicy_write_perms(name,
963 964 ZFS_DELEG_PERM_SNAPSHOT, cr));
964 965 }
965 966
966 967 /*
967 968 * Check for permission to create each snapshot in the nvlist.
968 969 */
969 970 /* ARGSUSED */
970 971 static int
971 972 zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
972 973 {
973 974 nvlist_t *snaps;
974 975 int error = 0;
975 976 nvpair_t *pair;
976 977
977 978 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
978 979 return (SET_ERROR(EINVAL));
979 980 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
980 981 pair = nvlist_next_nvpair(snaps, pair)) {
981 982 char *name = nvpair_name(pair);
982 983 char *atp = strchr(name, '@');
983 984
984 985 if (atp == NULL) {
985 986 error = SET_ERROR(EINVAL);
986 987 break;
987 988 }
988 989 *atp = '\0';
989 990 error = zfs_secpolicy_snapshot_perms(name, cr);
990 991 *atp = '@';
991 992 if (error != 0)
992 993 break;
993 994 }
994 995 return (error);
995 996 }
996 997
997 998 /*
998 999 * Check for permission to create each snapshot in the nvlist.
999 1000 */
1000 1001 /* ARGSUSED */
1001 1002 static int
1002 1003 zfs_secpolicy_bookmark(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1003 1004 {
1004 1005 int error = 0;
1005 1006
1006 1007 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
1007 1008 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
1008 1009 char *name = nvpair_name(pair);
1009 1010 char *hashp = strchr(name, '#');
1010 1011
1011 1012 if (hashp == NULL) {
1012 1013 error = SET_ERROR(EINVAL);
1013 1014 break;
1014 1015 }
1015 1016 *hashp = '\0';
1016 1017 error = zfs_secpolicy_write_perms(name,
1017 1018 ZFS_DELEG_PERM_BOOKMARK, cr);
1018 1019 *hashp = '#';
1019 1020 if (error != 0)
1020 1021 break;
1021 1022 }
1022 1023 return (error);
1023 1024 }
1024 1025
1025 1026 /* ARGSUSED */
1026 1027 static int
1027 1028 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1028 1029 {
1029 1030 nvpair_t *pair, *nextpair;
1030 1031 int error = 0;
1031 1032
1032 1033 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1033 1034 pair = nextpair) {
1034 1035 char *name = nvpair_name(pair);
1035 1036 char *hashp = strchr(name, '#');
1036 1037 nextpair = nvlist_next_nvpair(innvl, pair);
1037 1038
1038 1039 if (hashp == NULL) {
1039 1040 error = SET_ERROR(EINVAL);
1040 1041 break;
1041 1042 }
1042 1043
1043 1044 *hashp = '\0';
1044 1045 error = zfs_secpolicy_write_perms(name,
1045 1046 ZFS_DELEG_PERM_DESTROY, cr);
1046 1047 *hashp = '#';
1047 1048 if (error == ENOENT) {
1048 1049 /*
1049 1050 * Ignore any filesystems that don't exist (we consider
1050 1051 * their bookmarks "already destroyed"). Remove
1051 1052 * the name from the nvl here in case the filesystem
1052 1053 * is created between now and when we try to destroy
1053 1054 * the bookmark (in which case we don't want to
1054 1055 * destroy it since we haven't checked for permission).
1055 1056 */
1056 1057 fnvlist_remove_nvpair(innvl, pair);
1057 1058 error = 0;
1058 1059 }
1059 1060 if (error != 0)
1060 1061 break;
1061 1062 }
1062 1063
1063 1064 return (error);
1064 1065 }
1065 1066
1066 1067 /* ARGSUSED */
1067 1068 static int
1068 1069 zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1069 1070 {
1070 1071 /*
1071 1072 * Even root must have a proper TSD so that we know what pool
1072 1073 * to log to.
1073 1074 */
1074 1075 if (tsd_get(zfs_allow_log_key) == NULL)
1075 1076 return (SET_ERROR(EPERM));
1076 1077 return (0);
1077 1078 }
1078 1079
1079 1080 static int
1080 1081 zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1081 1082 {
1082 1083 char parentname[MAXNAMELEN];
1083 1084 int error;
1084 1085 char *origin;
1085 1086
1086 1087 if ((error = zfs_get_parent(zc->zc_name, parentname,
1087 1088 sizeof (parentname))) != 0)
1088 1089 return (error);
1089 1090
1090 1091 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1091 1092 (error = zfs_secpolicy_write_perms(origin,
1092 1093 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1093 1094 return (error);
1094 1095
1095 1096 if ((error = zfs_secpolicy_write_perms(parentname,
1096 1097 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1097 1098 return (error);
1098 1099
1099 1100 return (zfs_secpolicy_write_perms(parentname,
1100 1101 ZFS_DELEG_PERM_MOUNT, cr));
1101 1102 }
1102 1103
1103 1104 /*
1104 1105 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1105 1106 * SYS_CONFIG privilege, which is not available in a local zone.
1106 1107 */
1107 1108 /* ARGSUSED */
1108 1109 static int
1109 1110 zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1110 1111 {
1111 1112 if (secpolicy_sys_config(cr, B_FALSE) != 0)
1112 1113 return (SET_ERROR(EPERM));
1113 1114
1114 1115 return (0);
1115 1116 }
1116 1117
1117 1118 /*
1118 1119 * Policy for object to name lookups.
1119 1120 */
1120 1121 /* ARGSUSED */
1121 1122 static int
1122 1123 zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1123 1124 {
1124 1125 int error;
1125 1126
1126 1127 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1127 1128 return (0);
1128 1129
1129 1130 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1130 1131 return (error);
1131 1132 }
1132 1133
1133 1134 /*
1134 1135 * Policy for fault injection. Requires all privileges.
1135 1136 */
1136 1137 /* ARGSUSED */
1137 1138 static int
1138 1139 zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1139 1140 {
1140 1141 return (secpolicy_zinject(cr));
1141 1142 }
1142 1143
1143 1144 /* ARGSUSED */
1144 1145 static int
1145 1146 zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1146 1147 {
1147 1148 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1148 1149
1149 1150 if (prop == ZPROP_INVAL) {
1150 1151 if (!zfs_prop_user(zc->zc_value))
1151 1152 return (SET_ERROR(EINVAL));
1152 1153 return (zfs_secpolicy_write_perms(zc->zc_name,
1153 1154 ZFS_DELEG_PERM_USERPROP, cr));
1154 1155 } else {
1155 1156 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1156 1157 NULL, cr));
1157 1158 }
1158 1159 }
1159 1160
1160 1161 static int
1161 1162 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1162 1163 {
1163 1164 int err = zfs_secpolicy_read(zc, innvl, cr);
1164 1165 if (err)
1165 1166 return (err);
1166 1167
1167 1168 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1168 1169 return (SET_ERROR(EINVAL));
1169 1170
1170 1171 if (zc->zc_value[0] == 0) {
1171 1172 /*
1172 1173 * They are asking about a posix uid/gid. If it's
1173 1174 * themself, allow it.
1174 1175 */
1175 1176 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1176 1177 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
1177 1178 if (zc->zc_guid == crgetuid(cr))
1178 1179 return (0);
1179 1180 } else {
1180 1181 if (groupmember(zc->zc_guid, cr))
1181 1182 return (0);
1182 1183 }
1183 1184 }
1184 1185
1185 1186 return (zfs_secpolicy_write_perms(zc->zc_name,
1186 1187 userquota_perms[zc->zc_objset_type], cr));
1187 1188 }
1188 1189
1189 1190 static int
1190 1191 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1191 1192 {
1192 1193 int err = zfs_secpolicy_read(zc, innvl, cr);
1193 1194 if (err)
1194 1195 return (err);
1195 1196
1196 1197 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1197 1198 return (SET_ERROR(EINVAL));
1198 1199
1199 1200 return (zfs_secpolicy_write_perms(zc->zc_name,
1200 1201 userquota_perms[zc->zc_objset_type], cr));
1201 1202 }
1202 1203
1203 1204 /* ARGSUSED */
1204 1205 static int
1205 1206 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1206 1207 {
1207 1208 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1208 1209 NULL, cr));
1209 1210 }
1210 1211
1211 1212 /* ARGSUSED */
1212 1213 static int
1213 1214 zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1214 1215 {
1215 1216 nvpair_t *pair;
1216 1217 nvlist_t *holds;
1217 1218 int error;
1218 1219
1219 1220 error = nvlist_lookup_nvlist(innvl, "holds", &holds);
1220 1221 if (error != 0)
1221 1222 return (SET_ERROR(EINVAL));
1222 1223
1223 1224 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
1224 1225 pair = nvlist_next_nvpair(holds, pair)) {
1225 1226 char fsname[MAXNAMELEN];
1226 1227 error = dmu_fsname(nvpair_name(pair), fsname);
1227 1228 if (error != 0)
1228 1229 return (error);
1229 1230 error = zfs_secpolicy_write_perms(fsname,
1230 1231 ZFS_DELEG_PERM_HOLD, cr);
1231 1232 if (error != 0)
1232 1233 return (error);
1233 1234 }
1234 1235 return (0);
1235 1236 }
1236 1237
1237 1238 /* ARGSUSED */
1238 1239 static int
1239 1240 zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1240 1241 {
1241 1242 nvpair_t *pair;
1242 1243 int error;
1243 1244
1244 1245 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1245 1246 pair = nvlist_next_nvpair(innvl, pair)) {
1246 1247 char fsname[MAXNAMELEN];
1247 1248 error = dmu_fsname(nvpair_name(pair), fsname);
1248 1249 if (error != 0)
1249 1250 return (error);
1250 1251 error = zfs_secpolicy_write_perms(fsname,
1251 1252 ZFS_DELEG_PERM_RELEASE, cr);
1252 1253 if (error != 0)
1253 1254 return (error);
1254 1255 }
1255 1256 return (0);
1256 1257 }
1257 1258
1258 1259 /*
1259 1260 * Policy for allowing temporary snapshots to be taken or released
1260 1261 */
1261 1262 static int
1262 1263 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1263 1264 {
1264 1265 /*
1265 1266 * A temporary snapshot is the same as a snapshot,
1266 1267 * hold, destroy and release all rolled into one.
1267 1268 * Delegated diff alone is sufficient that we allow this.
1268 1269 */
1269 1270 int error;
1270 1271
1271 1272 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1272 1273 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1273 1274 return (0);
1274 1275
1275 1276 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
1276 1277 if (error == 0)
1277 1278 error = zfs_secpolicy_hold(zc, innvl, cr);
1278 1279 if (error == 0)
1279 1280 error = zfs_secpolicy_release(zc, innvl, cr);
1280 1281 if (error == 0)
1281 1282 error = zfs_secpolicy_destroy(zc, innvl, cr);
1282 1283 return (error);
1283 1284 }
1284 1285
1285 1286 /*
1286 1287 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1287 1288 */
1288 1289 static int
1289 1290 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1290 1291 {
1291 1292 char *packed;
1292 1293 int error;
1293 1294 nvlist_t *list = NULL;
1294 1295
1295 1296 /*
1296 1297 * Read in and unpack the user-supplied nvlist.
1297 1298 */
1298 1299 if (size == 0)
1299 1300 return (SET_ERROR(EINVAL));
1300 1301
1301 1302 packed = kmem_alloc(size, KM_SLEEP);
1302 1303
1303 1304 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1304 1305 iflag)) != 0) {
1305 1306 kmem_free(packed, size);
1306 1307 return (error);
1307 1308 }
1308 1309
1309 1310 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1310 1311 kmem_free(packed, size);
1311 1312 return (error);
1312 1313 }
1313 1314
1314 1315 kmem_free(packed, size);
1315 1316
1316 1317 *nvp = list;
1317 1318 return (0);
1318 1319 }
1319 1320
1320 1321 /*
1321 1322 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1322 1323 * Entries will be removed from the end of the nvlist, and one int32 entry
1323 1324 * named "N_MORE_ERRORS" will be added indicating how many entries were
1324 1325 * removed.
1325 1326 */
1326 1327 static int
1327 1328 nvlist_smush(nvlist_t *errors, size_t max)
1328 1329 {
1329 1330 size_t size;
1330 1331
1331 1332 size = fnvlist_size(errors);
1332 1333
1333 1334 if (size > max) {
1334 1335 nvpair_t *more_errors;
1335 1336 int n = 0;
1336 1337
1337 1338 if (max < 1024)
1338 1339 return (SET_ERROR(ENOMEM));
1339 1340
1340 1341 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1341 1342 more_errors = nvlist_prev_nvpair(errors, NULL);
1342 1343
1343 1344 do {
1344 1345 nvpair_t *pair = nvlist_prev_nvpair(errors,
1345 1346 more_errors);
1346 1347 fnvlist_remove_nvpair(errors, pair);
1347 1348 n++;
1348 1349 size = fnvlist_size(errors);
1349 1350 } while (size > max);
1350 1351
1351 1352 fnvlist_remove_nvpair(errors, more_errors);
1352 1353 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1353 1354 ASSERT3U(fnvlist_size(errors), <=, max);
1354 1355 }
1355 1356
1356 1357 return (0);
1357 1358 }
1358 1359
1359 1360 static int
1360 1361 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1361 1362 {
1362 1363 char *packed = NULL;
1363 1364 int error = 0;
1364 1365 size_t size;
1365 1366
1366 1367 size = fnvlist_size(nvl);
1367 1368
1368 1369 if (size > zc->zc_nvlist_dst_size) {
1369 1370 error = SET_ERROR(ENOMEM);
1370 1371 } else {
1371 1372 packed = fnvlist_pack(nvl, &size);
1372 1373 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1373 1374 size, zc->zc_iflags) != 0)
1374 1375 error = SET_ERROR(EFAULT);
1375 1376 fnvlist_pack_free(packed, size);
1376 1377 }
1377 1378
1378 1379 zc->zc_nvlist_dst_size = size;
1379 1380 zc->zc_nvlist_dst_filled = B_TRUE;
1380 1381 return (error);
1381 1382 }
1382 1383
1383 1384 static int
1384 1385 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1385 1386 {
1386 1387 objset_t *os;
1387 1388 int error;
1388 1389
1389 1390 error = dmu_objset_hold(dsname, FTAG, &os);
1390 1391 if (error != 0)
1391 1392 return (error);
1392 1393 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1393 1394 dmu_objset_rele(os, FTAG);
1394 1395 return (SET_ERROR(EINVAL));
1395 1396 }
1396 1397
1397 1398 mutex_enter(&os->os_user_ptr_lock);
1398 1399 *zfvp = dmu_objset_get_user(os);
1399 1400 if (*zfvp) {
1400 1401 VFS_HOLD((*zfvp)->z_vfs);
1401 1402 } else {
1402 1403 error = SET_ERROR(ESRCH);
1403 1404 }
1404 1405 mutex_exit(&os->os_user_ptr_lock);
1405 1406 dmu_objset_rele(os, FTAG);
1406 1407 return (error);
1407 1408 }
1408 1409
1409 1410 /*
1410 1411 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1411 1412 * case its z_vfs will be NULL, and it will be opened as the owner.
1412 1413 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1413 1414 * which prevents all vnode ops from running.
1414 1415 */
1415 1416 static int
1416 1417 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1417 1418 {
1418 1419 int error = 0;
1419 1420
1420 1421 if (getzfsvfs(name, zfvp) != 0)
1421 1422 error = zfsvfs_create(name, zfvp);
1422 1423 if (error == 0) {
1423 1424 rrm_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1424 1425 RW_READER, tag);
1425 1426 if ((*zfvp)->z_unmounted) {
1426 1427 /*
1427 1428 * XXX we could probably try again, since the unmounting
1428 1429 * thread should be just about to disassociate the
1429 1430 * objset from the zfsvfs.
1430 1431 */
1431 1432 rrm_exit(&(*zfvp)->z_teardown_lock, tag);
1432 1433 return (SET_ERROR(EBUSY));
1433 1434 }
1434 1435 }
1435 1436 return (error);
1436 1437 }
1437 1438
1438 1439 static void
1439 1440 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1440 1441 {
1441 1442 rrm_exit(&zfsvfs->z_teardown_lock, tag);
1442 1443
1443 1444 if (zfsvfs->z_vfs) {
1444 1445 VFS_RELE(zfsvfs->z_vfs);
1445 1446 } else {
1446 1447 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1447 1448 zfsvfs_free(zfsvfs);
1448 1449 }
1449 1450 }
1450 1451
1451 1452 static int
1452 1453 zfs_ioc_pool_create(zfs_cmd_t *zc)
1453 1454 {
1454 1455 int error;
1455 1456 nvlist_t *config, *props = NULL;
1456 1457 nvlist_t *rootprops = NULL;
1457 1458 nvlist_t *zplprops = NULL;
1458 1459
1459 1460 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1460 1461 zc->zc_iflags, &config))
1461 1462 return (error);
1462 1463
1463 1464 if (zc->zc_nvlist_src_size != 0 && (error =
1464 1465 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1465 1466 zc->zc_iflags, &props))) {
1466 1467 nvlist_free(config);
1467 1468 return (error);
1468 1469 }
1469 1470
1470 1471 if (props) {
1471 1472 nvlist_t *nvl = NULL;
1472 1473 uint64_t version = SPA_VERSION;
1473 1474
1474 1475 (void) nvlist_lookup_uint64(props,
1475 1476 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1476 1477 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1477 1478 error = SET_ERROR(EINVAL);
1478 1479 goto pool_props_bad;
1479 1480 }
1480 1481 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1481 1482 if (nvl) {
1482 1483 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1483 1484 if (error != 0) {
1484 1485 nvlist_free(config);
1485 1486 nvlist_free(props);
1486 1487 return (error);
1487 1488 }
1488 1489 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1489 1490 }
1490 1491 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1491 1492 error = zfs_fill_zplprops_root(version, rootprops,
1492 1493 zplprops, NULL);
1493 1494 if (error != 0)
1494 1495 goto pool_props_bad;
1495 1496 }
1496 1497
1497 1498 error = spa_create(zc->zc_name, config, props, zplprops);
1498 1499
1499 1500 /*
1500 1501 * Set the remaining root properties
1501 1502 */
1502 1503 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1503 1504 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1504 1505 (void) spa_destroy(zc->zc_name);
1505 1506
1506 1507 pool_props_bad:
1507 1508 nvlist_free(rootprops);
1508 1509 nvlist_free(zplprops);
1509 1510 nvlist_free(config);
1510 1511 nvlist_free(props);
1511 1512
1512 1513 return (error);
1513 1514 }
1514 1515
1515 1516 static int
1516 1517 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1517 1518 {
1518 1519 int error;
1519 1520 zfs_log_history(zc);
1520 1521 error = spa_destroy(zc->zc_name);
1521 1522 if (error == 0)
1522 1523 zvol_remove_minors(zc->zc_name);
1523 1524 return (error);
1524 1525 }
1525 1526
1526 1527 static int
1527 1528 zfs_ioc_pool_import(zfs_cmd_t *zc)
1528 1529 {
1529 1530 nvlist_t *config, *props = NULL;
1530 1531 uint64_t guid;
1531 1532 int error;
1532 1533
1533 1534 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1534 1535 zc->zc_iflags, &config)) != 0)
1535 1536 return (error);
1536 1537
1537 1538 if (zc->zc_nvlist_src_size != 0 && (error =
1538 1539 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1539 1540 zc->zc_iflags, &props))) {
1540 1541 nvlist_free(config);
1541 1542 return (error);
1542 1543 }
1543 1544
1544 1545 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1545 1546 guid != zc->zc_guid)
1546 1547 error = SET_ERROR(EINVAL);
1547 1548 else
1548 1549 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1549 1550
1550 1551 if (zc->zc_nvlist_dst != 0) {
1551 1552 int err;
1552 1553
1553 1554 if ((err = put_nvlist(zc, config)) != 0)
1554 1555 error = err;
1555 1556 }
1556 1557
1557 1558 nvlist_free(config);
1558 1559
1559 1560 if (props)
1560 1561 nvlist_free(props);
1561 1562
1562 1563 return (error);
1563 1564 }
1564 1565
1565 1566 static int
1566 1567 zfs_ioc_pool_export(zfs_cmd_t *zc)
1567 1568 {
1568 1569 int error;
1569 1570 boolean_t force = (boolean_t)zc->zc_cookie;
1570 1571 boolean_t hardforce = (boolean_t)zc->zc_guid;
1571 1572
1572 1573 zfs_log_history(zc);
1573 1574 error = spa_export(zc->zc_name, NULL, force, hardforce);
1574 1575 if (error == 0)
1575 1576 zvol_remove_minors(zc->zc_name);
1576 1577 return (error);
1577 1578 }
1578 1579
1579 1580 static int
1580 1581 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1581 1582 {
1582 1583 nvlist_t *configs;
1583 1584 int error;
1584 1585
1585 1586 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1586 1587 return (SET_ERROR(EEXIST));
1587 1588
1588 1589 error = put_nvlist(zc, configs);
1589 1590
1590 1591 nvlist_free(configs);
1591 1592
1592 1593 return (error);
1593 1594 }
1594 1595
1595 1596 /*
1596 1597 * inputs:
1597 1598 * zc_name name of the pool
1598 1599 *
1599 1600 * outputs:
1600 1601 * zc_cookie real errno
1601 1602 * zc_nvlist_dst config nvlist
1602 1603 * zc_nvlist_dst_size size of config nvlist
1603 1604 */
1604 1605 static int
1605 1606 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1606 1607 {
1607 1608 nvlist_t *config;
1608 1609 int error;
1609 1610 int ret = 0;
1610 1611
1611 1612 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1612 1613 sizeof (zc->zc_value));
1613 1614
1614 1615 if (config != NULL) {
1615 1616 ret = put_nvlist(zc, config);
1616 1617 nvlist_free(config);
1617 1618
1618 1619 /*
1619 1620 * The config may be present even if 'error' is non-zero.
1620 1621 * In this case we return success, and preserve the real errno
1621 1622 * in 'zc_cookie'.
1622 1623 */
1623 1624 zc->zc_cookie = error;
1624 1625 } else {
1625 1626 ret = error;
1626 1627 }
1627 1628
1628 1629 return (ret);
1629 1630 }
1630 1631
1631 1632 /*
1632 1633 * Try to import the given pool, returning pool stats as appropriate so that
1633 1634 * user land knows which devices are available and overall pool health.
1634 1635 */
1635 1636 static int
1636 1637 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1637 1638 {
1638 1639 nvlist_t *tryconfig, *config;
1639 1640 int error;
1640 1641
1641 1642 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1642 1643 zc->zc_iflags, &tryconfig)) != 0)
1643 1644 return (error);
1644 1645
1645 1646 config = spa_tryimport(tryconfig);
1646 1647
1647 1648 nvlist_free(tryconfig);
1648 1649
1649 1650 if (config == NULL)
1650 1651 return (SET_ERROR(EINVAL));
1651 1652
1652 1653 error = put_nvlist(zc, config);
1653 1654 nvlist_free(config);
1654 1655
1655 1656 return (error);
1656 1657 }
1657 1658
1658 1659 /*
1659 1660 * inputs:
1660 1661 * zc_name name of the pool
1661 1662 * zc_cookie scan func (pool_scan_func_t)
1662 1663 */
1663 1664 static int
1664 1665 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1665 1666 {
1666 1667 spa_t *spa;
1667 1668 int error;
1668 1669
1669 1670 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1670 1671 return (error);
1671 1672
1672 1673 if (zc->zc_cookie == POOL_SCAN_NONE)
1673 1674 error = spa_scan_stop(spa);
1674 1675 else
1675 1676 error = spa_scan(spa, zc->zc_cookie);
1676 1677
1677 1678 spa_close(spa, FTAG);
1678 1679
1679 1680 return (error);
1680 1681 }
1681 1682
1682 1683 static int
1683 1684 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1684 1685 {
1685 1686 spa_t *spa;
1686 1687 int error;
1687 1688
1688 1689 error = spa_open(zc->zc_name, &spa, FTAG);
1689 1690 if (error == 0) {
1690 1691 spa_freeze(spa);
1691 1692 spa_close(spa, FTAG);
1692 1693 }
1693 1694 return (error);
1694 1695 }
1695 1696
1696 1697 static int
1697 1698 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1698 1699 {
1699 1700 spa_t *spa;
1700 1701 int error;
1701 1702
1702 1703 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1703 1704 return (error);
1704 1705
1705 1706 if (zc->zc_cookie < spa_version(spa) ||
1706 1707 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1707 1708 spa_close(spa, FTAG);
1708 1709 return (SET_ERROR(EINVAL));
1709 1710 }
1710 1711
1711 1712 spa_upgrade(spa, zc->zc_cookie);
1712 1713 spa_close(spa, FTAG);
1713 1714
1714 1715 return (error);
1715 1716 }
1716 1717
1717 1718 static int
1718 1719 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1719 1720 {
1720 1721 spa_t *spa;
1721 1722 char *hist_buf;
1722 1723 uint64_t size;
1723 1724 int error;
1724 1725
1725 1726 if ((size = zc->zc_history_len) == 0)
1726 1727 return (SET_ERROR(EINVAL));
1727 1728
1728 1729 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1729 1730 return (error);
1730 1731
1731 1732 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1732 1733 spa_close(spa, FTAG);
1733 1734 return (SET_ERROR(ENOTSUP));
1734 1735 }
1735 1736
1736 1737 hist_buf = kmem_alloc(size, KM_SLEEP);
1737 1738 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1738 1739 &zc->zc_history_len, hist_buf)) == 0) {
1739 1740 error = ddi_copyout(hist_buf,
1740 1741 (void *)(uintptr_t)zc->zc_history,
1741 1742 zc->zc_history_len, zc->zc_iflags);
1742 1743 }
1743 1744
1744 1745 spa_close(spa, FTAG);
1745 1746 kmem_free(hist_buf, size);
1746 1747 return (error);
1747 1748 }
1748 1749
1749 1750 static int
1750 1751 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1751 1752 {
1752 1753 spa_t *spa;
1753 1754 int error;
1754 1755
1755 1756 error = spa_open(zc->zc_name, &spa, FTAG);
1756 1757 if (error == 0) {
1757 1758 error = spa_change_guid(spa);
1758 1759 spa_close(spa, FTAG);
1759 1760 }
1760 1761 return (error);
1761 1762 }
1762 1763
1763 1764 static int
1764 1765 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1765 1766 {
1766 1767 return (dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value));
1767 1768 }
1768 1769
1769 1770 /*
1770 1771 * inputs:
1771 1772 * zc_name name of filesystem
1772 1773 * zc_obj object to find
1773 1774 *
1774 1775 * outputs:
1775 1776 * zc_value name of object
1776 1777 */
1777 1778 static int
1778 1779 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1779 1780 {
1780 1781 objset_t *os;
1781 1782 int error;
1782 1783
1783 1784 /* XXX reading from objset not owned */
1784 1785 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1785 1786 return (error);
1786 1787 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1787 1788 dmu_objset_rele(os, FTAG);
1788 1789 return (SET_ERROR(EINVAL));
1789 1790 }
1790 1791 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1791 1792 sizeof (zc->zc_value));
1792 1793 dmu_objset_rele(os, FTAG);
1793 1794
1794 1795 return (error);
1795 1796 }
1796 1797
1797 1798 /*
1798 1799 * inputs:
1799 1800 * zc_name name of filesystem
1800 1801 * zc_obj object to find
1801 1802 *
1802 1803 * outputs:
1803 1804 * zc_stat stats on object
1804 1805 * zc_value path to object
1805 1806 */
1806 1807 static int
1807 1808 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1808 1809 {
1809 1810 objset_t *os;
1810 1811 int error;
1811 1812
1812 1813 /* XXX reading from objset not owned */
1813 1814 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1814 1815 return (error);
1815 1816 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1816 1817 dmu_objset_rele(os, FTAG);
1817 1818 return (SET_ERROR(EINVAL));
1818 1819 }
1819 1820 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1820 1821 sizeof (zc->zc_value));
1821 1822 dmu_objset_rele(os, FTAG);
1822 1823
1823 1824 return (error);
1824 1825 }
1825 1826
1826 1827 static int
1827 1828 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1828 1829 {
1829 1830 spa_t *spa;
1830 1831 int error;
1831 1832 nvlist_t *config, **l2cache, **spares;
1832 1833 uint_t nl2cache = 0, nspares = 0;
1833 1834
1834 1835 error = spa_open(zc->zc_name, &spa, FTAG);
1835 1836 if (error != 0)
1836 1837 return (error);
1837 1838
1838 1839 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1839 1840 zc->zc_iflags, &config);
1840 1841 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1841 1842 &l2cache, &nl2cache);
1842 1843
1843 1844 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1844 1845 &spares, &nspares);
1845 1846
1846 1847 /*
1847 1848 * A root pool with concatenated devices is not supported.
1848 1849 * Thus, can not add a device to a root pool.
1849 1850 *
1850 1851 * Intent log device can not be added to a rootpool because
1851 1852 * during mountroot, zil is replayed, a seperated log device
1852 1853 * can not be accessed during the mountroot time.
1853 1854 *
1854 1855 * l2cache and spare devices are ok to be added to a rootpool.
1855 1856 */
1856 1857 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1857 1858 nvlist_free(config);
1858 1859 spa_close(spa, FTAG);
1859 1860 return (SET_ERROR(EDOM));
1860 1861 }
1861 1862
1862 1863 if (error == 0) {
1863 1864 error = spa_vdev_add(spa, config);
1864 1865 nvlist_free(config);
1865 1866 }
1866 1867 spa_close(spa, FTAG);
1867 1868 return (error);
1868 1869 }
1869 1870
1870 1871 /*
1871 1872 * inputs:
1872 1873 * zc_name name of the pool
1873 1874 * zc_nvlist_conf nvlist of devices to remove
1874 1875 * zc_cookie to stop the remove?
1875 1876 */
1876 1877 static int
1877 1878 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1878 1879 {
1879 1880 spa_t *spa;
1880 1881 int error;
1881 1882
1882 1883 error = spa_open(zc->zc_name, &spa, FTAG);
1883 1884 if (error != 0)
1884 1885 return (error);
1885 1886 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1886 1887 spa_close(spa, FTAG);
1887 1888 return (error);
1888 1889 }
1889 1890
1890 1891 static int
1891 1892 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1892 1893 {
1893 1894 spa_t *spa;
1894 1895 int error;
1895 1896 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1896 1897
1897 1898 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1898 1899 return (error);
1899 1900 switch (zc->zc_cookie) {
1900 1901 case VDEV_STATE_ONLINE:
1901 1902 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1902 1903 break;
1903 1904
1904 1905 case VDEV_STATE_OFFLINE:
1905 1906 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1906 1907 break;
1907 1908
1908 1909 case VDEV_STATE_FAULTED:
1909 1910 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1910 1911 zc->zc_obj != VDEV_AUX_EXTERNAL)
1911 1912 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1912 1913
1913 1914 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1914 1915 break;
1915 1916
1916 1917 case VDEV_STATE_DEGRADED:
1917 1918 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1918 1919 zc->zc_obj != VDEV_AUX_EXTERNAL)
1919 1920 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1920 1921
1921 1922 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1922 1923 break;
1923 1924
1924 1925 default:
1925 1926 error = SET_ERROR(EINVAL);
1926 1927 }
1927 1928 zc->zc_cookie = newstate;
1928 1929 spa_close(spa, FTAG);
1929 1930 return (error);
1930 1931 }
1931 1932
1932 1933 static int
1933 1934 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1934 1935 {
1935 1936 spa_t *spa;
1936 1937 int replacing = zc->zc_cookie;
1937 1938 nvlist_t *config;
1938 1939 int error;
1939 1940
1940 1941 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1941 1942 return (error);
1942 1943
1943 1944 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1944 1945 zc->zc_iflags, &config)) == 0) {
1945 1946 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1946 1947 nvlist_free(config);
1947 1948 }
1948 1949
1949 1950 spa_close(spa, FTAG);
1950 1951 return (error);
1951 1952 }
1952 1953
1953 1954 static int
1954 1955 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1955 1956 {
1956 1957 spa_t *spa;
1957 1958 int error;
1958 1959
1959 1960 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1960 1961 return (error);
1961 1962
1962 1963 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1963 1964
1964 1965 spa_close(spa, FTAG);
1965 1966 return (error);
1966 1967 }
1967 1968
1968 1969 static int
1969 1970 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1970 1971 {
1971 1972 spa_t *spa;
1972 1973 nvlist_t *config, *props = NULL;
1973 1974 int error;
1974 1975 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1975 1976
1976 1977 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1977 1978 return (error);
1978 1979
1979 1980 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1980 1981 zc->zc_iflags, &config)) {
1981 1982 spa_close(spa, FTAG);
1982 1983 return (error);
1983 1984 }
1984 1985
1985 1986 if (zc->zc_nvlist_src_size != 0 && (error =
1986 1987 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1987 1988 zc->zc_iflags, &props))) {
1988 1989 spa_close(spa, FTAG);
1989 1990 nvlist_free(config);
1990 1991 return (error);
1991 1992 }
1992 1993
1993 1994 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1994 1995
1995 1996 spa_close(spa, FTAG);
1996 1997
1997 1998 nvlist_free(config);
1998 1999 nvlist_free(props);
1999 2000
2000 2001 return (error);
2001 2002 }
2002 2003
2003 2004 static int
2004 2005 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
2005 2006 {
2006 2007 spa_t *spa;
2007 2008 char *path = zc->zc_value;
2008 2009 uint64_t guid = zc->zc_guid;
2009 2010 int error;
2010 2011
2011 2012 error = spa_open(zc->zc_name, &spa, FTAG);
2012 2013 if (error != 0)
2013 2014 return (error);
2014 2015
2015 2016 error = spa_vdev_setpath(spa, guid, path);
2016 2017 spa_close(spa, FTAG);
2017 2018 return (error);
2018 2019 }
2019 2020
2020 2021 static int
2021 2022 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
2022 2023 {
2023 2024 spa_t *spa;
2024 2025 char *fru = zc->zc_value;
2025 2026 uint64_t guid = zc->zc_guid;
2026 2027 int error;
2027 2028
2028 2029 error = spa_open(zc->zc_name, &spa, FTAG);
2029 2030 if (error != 0)
2030 2031 return (error);
2031 2032
2032 2033 error = spa_vdev_setfru(spa, guid, fru);
2033 2034 spa_close(spa, FTAG);
2034 2035 return (error);
2035 2036 }
2036 2037
2037 2038 static int
2038 2039 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
2039 2040 {
2040 2041 int error = 0;
2041 2042 nvlist_t *nv;
2042 2043
2043 2044 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2044 2045
2045 2046 if (zc->zc_nvlist_dst != 0 &&
2046 2047 (error = dsl_prop_get_all(os, &nv)) == 0) {
2047 2048 dmu_objset_stats(os, nv);
2048 2049 /*
2049 2050 * NB: zvol_get_stats() will read the objset contents,
2050 2051 * which we aren't supposed to do with a
2051 2052 * DS_MODE_USER hold, because it could be
2052 2053 * inconsistent. So this is a bit of a workaround...
2053 2054 * XXX reading with out owning
2054 2055 */
2055 2056 if (!zc->zc_objset_stats.dds_inconsistent &&
2056 2057 dmu_objset_type(os) == DMU_OST_ZVOL) {
2057 2058 error = zvol_get_stats(os, nv);
2058 2059 if (error == EIO)
2059 2060 return (error);
2060 2061 VERIFY0(error);
2061 2062 }
2062 2063 error = put_nvlist(zc, nv);
2063 2064 nvlist_free(nv);
2064 2065 }
2065 2066
2066 2067 return (error);
2067 2068 }
2068 2069
2069 2070 /*
2070 2071 * inputs:
2071 2072 * zc_name name of filesystem
2072 2073 * zc_nvlist_dst_size size of buffer for property nvlist
2073 2074 *
2074 2075 * outputs:
2075 2076 * zc_objset_stats stats
2076 2077 * zc_nvlist_dst property nvlist
2077 2078 * zc_nvlist_dst_size size of property nvlist
2078 2079 */
2079 2080 static int
2080 2081 zfs_ioc_objset_stats(zfs_cmd_t *zc)
2081 2082 {
2082 2083 objset_t *os;
2083 2084 int error;
2084 2085
2085 2086 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2086 2087 if (error == 0) {
2087 2088 error = zfs_ioc_objset_stats_impl(zc, os);
2088 2089 dmu_objset_rele(os, FTAG);
2089 2090 }
2090 2091
2091 2092 return (error);
2092 2093 }
2093 2094
2094 2095 /*
2095 2096 * inputs:
2096 2097 * zc_name name of filesystem
2097 2098 * zc_nvlist_dst_size size of buffer for property nvlist
2098 2099 *
2099 2100 * outputs:
2100 2101 * zc_nvlist_dst received property nvlist
2101 2102 * zc_nvlist_dst_size size of received property nvlist
2102 2103 *
2103 2104 * Gets received properties (distinct from local properties on or after
2104 2105 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2105 2106 * local property values.
2106 2107 */
2107 2108 static int
2108 2109 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
2109 2110 {
2110 2111 int error = 0;
2111 2112 nvlist_t *nv;
2112 2113
2113 2114 /*
2114 2115 * Without this check, we would return local property values if the
2115 2116 * caller has not already received properties on or after
2116 2117 * SPA_VERSION_RECVD_PROPS.
2117 2118 */
2118 2119 if (!dsl_prop_get_hasrecvd(zc->zc_name))
2119 2120 return (SET_ERROR(ENOTSUP));
2120 2121
2121 2122 if (zc->zc_nvlist_dst != 0 &&
2122 2123 (error = dsl_prop_get_received(zc->zc_name, &nv)) == 0) {
2123 2124 error = put_nvlist(zc, nv);
2124 2125 nvlist_free(nv);
2125 2126 }
2126 2127
2127 2128 return (error);
2128 2129 }
2129 2130
2130 2131 static int
2131 2132 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2132 2133 {
2133 2134 uint64_t value;
2134 2135 int error;
2135 2136
2136 2137 /*
2137 2138 * zfs_get_zplprop() will either find a value or give us
2138 2139 * the default value (if there is one).
2139 2140 */
2140 2141 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2141 2142 return (error);
2142 2143 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2143 2144 return (0);
2144 2145 }
2145 2146
2146 2147 /*
2147 2148 * inputs:
2148 2149 * zc_name name of filesystem
2149 2150 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2150 2151 *
2151 2152 * outputs:
2152 2153 * zc_nvlist_dst zpl property nvlist
2153 2154 * zc_nvlist_dst_size size of zpl property nvlist
2154 2155 */
2155 2156 static int
2156 2157 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2157 2158 {
2158 2159 objset_t *os;
2159 2160 int err;
2160 2161
2161 2162 /* XXX reading without owning */
2162 2163 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
2163 2164 return (err);
2164 2165
2165 2166 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2166 2167
2167 2168 /*
2168 2169 * NB: nvl_add_zplprop() will read the objset contents,
2169 2170 * which we aren't supposed to do with a DS_MODE_USER
2170 2171 * hold, because it could be inconsistent.
2171 2172 */
2172 2173 if (zc->zc_nvlist_dst != NULL &&
2173 2174 !zc->zc_objset_stats.dds_inconsistent &&
2174 2175 dmu_objset_type(os) == DMU_OST_ZFS) {
2175 2176 nvlist_t *nv;
2176 2177
2177 2178 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2178 2179 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2179 2180 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2180 2181 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2181 2182 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2182 2183 err = put_nvlist(zc, nv);
2183 2184 nvlist_free(nv);
2184 2185 } else {
2185 2186 err = SET_ERROR(ENOENT);
2186 2187 }
2187 2188 dmu_objset_rele(os, FTAG);
2188 2189 return (err);
2189 2190 }
2190 2191
2191 2192 static boolean_t
2192 2193 dataset_name_hidden(const char *name)
2193 2194 {
2194 2195 /*
2195 2196 * Skip over datasets that are not visible in this zone,
2196 2197 * internal datasets (which have a $ in their name), and
2197 2198 * temporary datasets (which have a % in their name).
2198 2199 */
2199 2200 if (strchr(name, '$') != NULL)
2200 2201 return (B_TRUE);
2201 2202 if (strchr(name, '%') != NULL)
2202 2203 return (B_TRUE);
2203 2204 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
2204 2205 return (B_TRUE);
2205 2206 return (B_FALSE);
2206 2207 }
2207 2208
2208 2209 /*
2209 2210 * inputs:
2210 2211 * zc_name name of filesystem
2211 2212 * zc_cookie zap cursor
2212 2213 * zc_nvlist_dst_size size of buffer for property nvlist
2213 2214 *
2214 2215 * outputs:
2215 2216 * zc_name name of next filesystem
2216 2217 * zc_cookie zap cursor
2217 2218 * zc_objset_stats stats
2218 2219 * zc_nvlist_dst property nvlist
2219 2220 * zc_nvlist_dst_size size of property nvlist
2220 2221 */
2221 2222 static int
2222 2223 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2223 2224 {
2224 2225 objset_t *os;
2225 2226 int error;
2226 2227 char *p;
2227 2228 size_t orig_len = strlen(zc->zc_name);
2228 2229
2229 2230 top:
2230 2231 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2231 2232 if (error == ENOENT)
2232 2233 error = SET_ERROR(ESRCH);
2233 2234 return (error);
2234 2235 }
2235 2236
2236 2237 p = strrchr(zc->zc_name, '/');
2237 2238 if (p == NULL || p[1] != '\0')
2238 2239 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2239 2240 p = zc->zc_name + strlen(zc->zc_name);
2240 2241
2241 2242 do {
2242 2243 error = dmu_dir_list_next(os,
2243 2244 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2244 2245 NULL, &zc->zc_cookie);
2245 2246 if (error == ENOENT)
2246 2247 error = SET_ERROR(ESRCH);
2247 2248 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2248 2249 dmu_objset_rele(os, FTAG);
2249 2250
2250 2251 /*
2251 2252 * If it's an internal dataset (ie. with a '$' in its name),
2252 2253 * don't try to get stats for it, otherwise we'll return ENOENT.
2253 2254 */
2254 2255 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2255 2256 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2256 2257 if (error == ENOENT) {
2257 2258 /* We lost a race with destroy, get the next one. */
2258 2259 zc->zc_name[orig_len] = '\0';
2259 2260 goto top;
2260 2261 }
2261 2262 }
2262 2263 return (error);
2263 2264 }
2264 2265
2265 2266 /*
2266 2267 * inputs:
2267 2268 * zc_name name of filesystem
2268 2269 * zc_cookie zap cursor
2269 2270 * zc_nvlist_dst_size size of buffer for property nvlist
2270 2271 *
2271 2272 * outputs:
2272 2273 * zc_name name of next snapshot
2273 2274 * zc_objset_stats stats
2274 2275 * zc_nvlist_dst property nvlist
2275 2276 * zc_nvlist_dst_size size of property nvlist
2276 2277 */
2277 2278 static int
2278 2279 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2279 2280 {
2280 2281 objset_t *os;
2281 2282 int error;
2282 2283
2283 2284 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2284 2285 if (error != 0) {
2285 2286 return (error == ENOENT ? ESRCH : error);
2286 2287 }
2287 2288
2288 2289 /*
2289 2290 * A dataset name of maximum length cannot have any snapshots,
2290 2291 * so exit immediately.
2291 2292 */
2292 2293 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2293 2294 dmu_objset_rele(os, FTAG);
2294 2295 return (SET_ERROR(ESRCH));
2295 2296 }
2296 2297
2297 2298 error = dmu_snapshot_list_next(os,
2298 2299 sizeof (zc->zc_name) - strlen(zc->zc_name),
2299 2300 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2300 2301 NULL);
2301 2302
2302 2303 if (error == 0) {
2303 2304 dsl_dataset_t *ds;
2304 2305 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2305 2306
2306 2307 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2307 2308 if (error == 0) {
2308 2309 objset_t *ossnap;
2309 2310
2310 2311 error = dmu_objset_from_ds(ds, &ossnap);
2311 2312 if (error == 0)
2312 2313 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2313 2314 dsl_dataset_rele(ds, FTAG);
2314 2315 }
2315 2316 } else if (error == ENOENT) {
2316 2317 error = SET_ERROR(ESRCH);
2317 2318 }
2318 2319
2319 2320 dmu_objset_rele(os, FTAG);
2320 2321 /* if we failed, undo the @ that we tacked on to zc_name */
2321 2322 if (error != 0)
2322 2323 *strchr(zc->zc_name, '@') = '\0';
2323 2324 return (error);
2324 2325 }
2325 2326
2326 2327 static int
2327 2328 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2328 2329 {
2329 2330 const char *propname = nvpair_name(pair);
2330 2331 uint64_t *valary;
2331 2332 unsigned int vallen;
2332 2333 const char *domain;
2333 2334 char *dash;
2334 2335 zfs_userquota_prop_t type;
2335 2336 uint64_t rid;
2336 2337 uint64_t quota;
2337 2338 zfsvfs_t *zfsvfs;
2338 2339 int err;
2339 2340
2340 2341 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2341 2342 nvlist_t *attrs;
2342 2343 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2343 2344 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2344 2345 &pair) != 0)
2345 2346 return (SET_ERROR(EINVAL));
2346 2347 }
2347 2348
2348 2349 /*
2349 2350 * A correctly constructed propname is encoded as
2350 2351 * userquota@<rid>-<domain>.
2351 2352 */
2352 2353 if ((dash = strchr(propname, '-')) == NULL ||
2353 2354 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2354 2355 vallen != 3)
2355 2356 return (SET_ERROR(EINVAL));
2356 2357
2357 2358 domain = dash + 1;
2358 2359 type = valary[0];
2359 2360 rid = valary[1];
2360 2361 quota = valary[2];
2361 2362
2362 2363 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2363 2364 if (err == 0) {
2364 2365 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2365 2366 zfsvfs_rele(zfsvfs, FTAG);
2366 2367 }
2367 2368
2368 2369 return (err);
2369 2370 }
2370 2371
2371 2372 /*
2372 2373 * If the named property is one that has a special function to set its value,
2373 2374 * return 0 on success and a positive error code on failure; otherwise if it is
2374 2375 * not one of the special properties handled by this function, return -1.
2375 2376 *
2376 2377 * XXX: It would be better for callers of the property interface if we handled
2377 2378 * these special cases in dsl_prop.c (in the dsl layer).
2378 2379 */
2379 2380 static int
2380 2381 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2381 2382 nvpair_t *pair)
2382 2383 {
2383 2384 const char *propname = nvpair_name(pair);
2384 2385 zfs_prop_t prop = zfs_name_to_prop(propname);
2385 2386 uint64_t intval;
2386 2387 int err = -1;
2387 2388
2388 2389 if (prop == ZPROP_INVAL) {
2389 2390 if (zfs_prop_userquota(propname))
2390 2391 return (zfs_prop_set_userquota(dsname, pair));
2391 2392 return (-1);
2392 2393 }
2393 2394
2394 2395 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2395 2396 nvlist_t *attrs;
2396 2397 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2397 2398 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2398 2399 &pair) == 0);
2399 2400 }
2400 2401
2401 2402 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2402 2403 return (-1);
2403 2404
2404 2405 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2405 2406
2406 2407 switch (prop) {
2407 2408 case ZFS_PROP_QUOTA:
2408 2409 err = dsl_dir_set_quota(dsname, source, intval);
2409 2410 break;
2410 2411 case ZFS_PROP_REFQUOTA:
2411 2412 err = dsl_dataset_set_refquota(dsname, source, intval);
2412 2413 break;
2413 2414 case ZFS_PROP_FILESYSTEM_LIMIT:
2414 2415 case ZFS_PROP_SNAPSHOT_LIMIT:
2415 2416 if (intval == UINT64_MAX) {
2416 2417 /* clearing the limit, just do it */
2417 2418 err = 0;
2418 2419 } else {
2419 2420 err = dsl_dir_activate_fs_ss_limit(dsname);
2420 2421 }
2421 2422 /*
2422 2423 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2423 2424 * default path to set the value in the nvlist.
2424 2425 */
2425 2426 if (err == 0)
2426 2427 err = -1;
2427 2428 break;
2428 2429 case ZFS_PROP_RESERVATION:
2429 2430 err = dsl_dir_set_reservation(dsname, source, intval);
2430 2431 break;
2431 2432 case ZFS_PROP_REFRESERVATION:
2432 2433 err = dsl_dataset_set_refreservation(dsname, source, intval);
2433 2434 break;
2434 2435 case ZFS_PROP_VOLSIZE:
2435 2436 err = zvol_set_volsize(dsname, intval);
2436 2437 break;
2437 2438 case ZFS_PROP_VERSION:
2438 2439 {
2439 2440 zfsvfs_t *zfsvfs;
2440 2441
2441 2442 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2442 2443 break;
2443 2444
2444 2445 err = zfs_set_version(zfsvfs, intval);
2445 2446 zfsvfs_rele(zfsvfs, FTAG);
2446 2447
2447 2448 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2448 2449 zfs_cmd_t *zc;
2449 2450
2450 2451 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2451 2452 (void) strcpy(zc->zc_name, dsname);
2452 2453 (void) zfs_ioc_userspace_upgrade(zc);
2453 2454 kmem_free(zc, sizeof (zfs_cmd_t));
2454 2455 }
2455 2456 break;
2456 2457 }
2457 2458 default:
2458 2459 err = -1;
2459 2460 }
2460 2461
2461 2462 return (err);
2462 2463 }
2463 2464
2464 2465 /*
2465 2466 * This function is best effort. If it fails to set any of the given properties,
2466 2467 * it continues to set as many as it can and returns the last error
2467 2468 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2468 2469 * with the list of names of all the properties that failed along with the
2469 2470 * corresponding error numbers.
2470 2471 *
2471 2472 * If every property is set successfully, zero is returned and errlist is not
2472 2473 * modified.
2473 2474 */
2474 2475 int
2475 2476 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2476 2477 nvlist_t *errlist)
2477 2478 {
2478 2479 nvpair_t *pair;
2479 2480 nvpair_t *propval;
2480 2481 int rv = 0;
2481 2482 uint64_t intval;
2482 2483 char *strval;
2483 2484 nvlist_t *genericnvl = fnvlist_alloc();
2484 2485 nvlist_t *retrynvl = fnvlist_alloc();
2485 2486
2486 2487 retry:
2487 2488 pair = NULL;
2488 2489 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2489 2490 const char *propname = nvpair_name(pair);
2490 2491 zfs_prop_t prop = zfs_name_to_prop(propname);
2491 2492 int err = 0;
2492 2493
2493 2494 /* decode the property value */
2494 2495 propval = pair;
2495 2496 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2496 2497 nvlist_t *attrs;
2497 2498 attrs = fnvpair_value_nvlist(pair);
2498 2499 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2499 2500 &propval) != 0)
2500 2501 err = SET_ERROR(EINVAL);
2501 2502 }
2502 2503
2503 2504 /* Validate value type */
2504 2505 if (err == 0 && prop == ZPROP_INVAL) {
2505 2506 if (zfs_prop_user(propname)) {
2506 2507 if (nvpair_type(propval) != DATA_TYPE_STRING)
2507 2508 err = SET_ERROR(EINVAL);
2508 2509 } else if (zfs_prop_userquota(propname)) {
2509 2510 if (nvpair_type(propval) !=
2510 2511 DATA_TYPE_UINT64_ARRAY)
2511 2512 err = SET_ERROR(EINVAL);
2512 2513 } else {
2513 2514 err = SET_ERROR(EINVAL);
2514 2515 }
2515 2516 } else if (err == 0) {
2516 2517 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2517 2518 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2518 2519 err = SET_ERROR(EINVAL);
2519 2520 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2520 2521 const char *unused;
2521 2522
2522 2523 intval = fnvpair_value_uint64(propval);
2523 2524
2524 2525 switch (zfs_prop_get_type(prop)) {
2525 2526 case PROP_TYPE_NUMBER:
2526 2527 break;
2527 2528 case PROP_TYPE_STRING:
2528 2529 err = SET_ERROR(EINVAL);
2529 2530 break;
2530 2531 case PROP_TYPE_INDEX:
2531 2532 if (zfs_prop_index_to_string(prop,
2532 2533 intval, &unused) != 0)
2533 2534 err = SET_ERROR(EINVAL);
2534 2535 break;
2535 2536 default:
2536 2537 cmn_err(CE_PANIC,
2537 2538 "unknown property type");
2538 2539 }
2539 2540 } else {
2540 2541 err = SET_ERROR(EINVAL);
2541 2542 }
2542 2543 }
2543 2544
2544 2545 /* Validate permissions */
2545 2546 if (err == 0)
2546 2547 err = zfs_check_settable(dsname, pair, CRED());
2547 2548
2548 2549 if (err == 0) {
2549 2550 err = zfs_prop_set_special(dsname, source, pair);
2550 2551 if (err == -1) {
2551 2552 /*
2552 2553 * For better performance we build up a list of
2553 2554 * properties to set in a single transaction.
2554 2555 */
2555 2556 err = nvlist_add_nvpair(genericnvl, pair);
2556 2557 } else if (err != 0 && nvl != retrynvl) {
2557 2558 /*
2558 2559 * This may be a spurious error caused by
2559 2560 * receiving quota and reservation out of order.
2560 2561 * Try again in a second pass.
2561 2562 */
2562 2563 err = nvlist_add_nvpair(retrynvl, pair);
2563 2564 }
2564 2565 }
2565 2566
2566 2567 if (err != 0) {
2567 2568 if (errlist != NULL)
2568 2569 fnvlist_add_int32(errlist, propname, err);
2569 2570 rv = err;
2570 2571 }
2571 2572 }
2572 2573
2573 2574 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2574 2575 nvl = retrynvl;
2575 2576 goto retry;
2576 2577 }
2577 2578
2578 2579 if (!nvlist_empty(genericnvl) &&
2579 2580 dsl_props_set(dsname, source, genericnvl) != 0) {
2580 2581 /*
2581 2582 * If this fails, we still want to set as many properties as we
2582 2583 * can, so try setting them individually.
2583 2584 */
2584 2585 pair = NULL;
2585 2586 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2586 2587 const char *propname = nvpair_name(pair);
2587 2588 int err = 0;
2588 2589
2589 2590 propval = pair;
2590 2591 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2591 2592 nvlist_t *attrs;
2592 2593 attrs = fnvpair_value_nvlist(pair);
2593 2594 propval = fnvlist_lookup_nvpair(attrs,
2594 2595 ZPROP_VALUE);
2595 2596 }
2596 2597
2597 2598 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2598 2599 strval = fnvpair_value_string(propval);
2599 2600 err = dsl_prop_set_string(dsname, propname,
2600 2601 source, strval);
2601 2602 } else {
2602 2603 intval = fnvpair_value_uint64(propval);
2603 2604 err = dsl_prop_set_int(dsname, propname, source,
2604 2605 intval);
2605 2606 }
2606 2607
2607 2608 if (err != 0) {
2608 2609 if (errlist != NULL) {
2609 2610 fnvlist_add_int32(errlist, propname,
2610 2611 err);
2611 2612 }
2612 2613 rv = err;
2613 2614 }
2614 2615 }
2615 2616 }
2616 2617 nvlist_free(genericnvl);
2617 2618 nvlist_free(retrynvl);
2618 2619
2619 2620 return (rv);
2620 2621 }
2621 2622
2622 2623 /*
2623 2624 * Check that all the properties are valid user properties.
2624 2625 */
2625 2626 static int
2626 2627 zfs_check_userprops(const char *fsname, nvlist_t *nvl)
2627 2628 {
2628 2629 nvpair_t *pair = NULL;
2629 2630 int error = 0;
2630 2631
2631 2632 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2632 2633 const char *propname = nvpair_name(pair);
2633 2634
2634 2635 if (!zfs_prop_user(propname) ||
2635 2636 nvpair_type(pair) != DATA_TYPE_STRING)
2636 2637 return (SET_ERROR(EINVAL));
2637 2638
2638 2639 if (error = zfs_secpolicy_write_perms(fsname,
2639 2640 ZFS_DELEG_PERM_USERPROP, CRED()))
2640 2641 return (error);
2641 2642
2642 2643 if (strlen(propname) >= ZAP_MAXNAMELEN)
2643 2644 return (SET_ERROR(ENAMETOOLONG));
2644 2645
2645 2646 if (strlen(fnvpair_value_string(pair)) >= ZAP_MAXVALUELEN)
2646 2647 return (E2BIG);
2647 2648 }
2648 2649 return (0);
2649 2650 }
2650 2651
2651 2652 static void
2652 2653 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2653 2654 {
2654 2655 nvpair_t *pair;
2655 2656
2656 2657 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2657 2658
2658 2659 pair = NULL;
2659 2660 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2660 2661 if (nvlist_exists(skipped, nvpair_name(pair)))
2661 2662 continue;
2662 2663
2663 2664 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2664 2665 }
2665 2666 }
2666 2667
2667 2668 static int
2668 2669 clear_received_props(const char *dsname, nvlist_t *props,
2669 2670 nvlist_t *skipped)
2670 2671 {
2671 2672 int err = 0;
2672 2673 nvlist_t *cleared_props = NULL;
2673 2674 props_skip(props, skipped, &cleared_props);
2674 2675 if (!nvlist_empty(cleared_props)) {
2675 2676 /*
2676 2677 * Acts on local properties until the dataset has received
2677 2678 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2678 2679 */
2679 2680 zprop_source_t flags = (ZPROP_SRC_NONE |
2680 2681 (dsl_prop_get_hasrecvd(dsname) ? ZPROP_SRC_RECEIVED : 0));
2681 2682 err = zfs_set_prop_nvlist(dsname, flags, cleared_props, NULL);
2682 2683 }
2683 2684 nvlist_free(cleared_props);
2684 2685 return (err);
2685 2686 }
2686 2687
2687 2688 /*
2688 2689 * inputs:
2689 2690 * zc_name name of filesystem
2690 2691 * zc_value name of property to set
2691 2692 * zc_nvlist_src{_size} nvlist of properties to apply
2692 2693 * zc_cookie received properties flag
2693 2694 *
2694 2695 * outputs:
2695 2696 * zc_nvlist_dst{_size} error for each unapplied received property
2696 2697 */
2697 2698 static int
2698 2699 zfs_ioc_set_prop(zfs_cmd_t *zc)
2699 2700 {
2700 2701 nvlist_t *nvl;
2701 2702 boolean_t received = zc->zc_cookie;
2702 2703 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2703 2704 ZPROP_SRC_LOCAL);
2704 2705 nvlist_t *errors;
2705 2706 int error;
2706 2707
2707 2708 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2708 2709 zc->zc_iflags, &nvl)) != 0)
2709 2710 return (error);
2710 2711
2711 2712 if (received) {
2712 2713 nvlist_t *origprops;
2713 2714
2714 2715 if (dsl_prop_get_received(zc->zc_name, &origprops) == 0) {
2715 2716 (void) clear_received_props(zc->zc_name,
2716 2717 origprops, nvl);
2717 2718 nvlist_free(origprops);
2718 2719 }
2719 2720
2720 2721 error = dsl_prop_set_hasrecvd(zc->zc_name);
2721 2722 }
2722 2723
2723 2724 errors = fnvlist_alloc();
2724 2725 if (error == 0)
2725 2726 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
2726 2727
2727 2728 if (zc->zc_nvlist_dst != NULL && errors != NULL) {
2728 2729 (void) put_nvlist(zc, errors);
2729 2730 }
2730 2731
2731 2732 nvlist_free(errors);
2732 2733 nvlist_free(nvl);
2733 2734 return (error);
2734 2735 }
2735 2736
2736 2737 /*
2737 2738 * inputs:
2738 2739 * zc_name name of filesystem
2739 2740 * zc_value name of property to inherit
2740 2741 * zc_cookie revert to received value if TRUE
2741 2742 *
2742 2743 * outputs: none
2743 2744 */
2744 2745 static int
2745 2746 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2746 2747 {
2747 2748 const char *propname = zc->zc_value;
2748 2749 zfs_prop_t prop = zfs_name_to_prop(propname);
2749 2750 boolean_t received = zc->zc_cookie;
2750 2751 zprop_source_t source = (received
2751 2752 ? ZPROP_SRC_NONE /* revert to received value, if any */
2752 2753 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2753 2754
2754 2755 if (received) {
2755 2756 nvlist_t *dummy;
2756 2757 nvpair_t *pair;
2757 2758 zprop_type_t type;
2758 2759 int err;
2759 2760
2760 2761 /*
2761 2762 * zfs_prop_set_special() expects properties in the form of an
2762 2763 * nvpair with type info.
2763 2764 */
2764 2765 if (prop == ZPROP_INVAL) {
2765 2766 if (!zfs_prop_user(propname))
2766 2767 return (SET_ERROR(EINVAL));
2767 2768
2768 2769 type = PROP_TYPE_STRING;
2769 2770 } else if (prop == ZFS_PROP_VOLSIZE ||
2770 2771 prop == ZFS_PROP_VERSION) {
2771 2772 return (SET_ERROR(EINVAL));
2772 2773 } else {
2773 2774 type = zfs_prop_get_type(prop);
2774 2775 }
2775 2776
2776 2777 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2777 2778
2778 2779 switch (type) {
2779 2780 case PROP_TYPE_STRING:
2780 2781 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2781 2782 break;
2782 2783 case PROP_TYPE_NUMBER:
2783 2784 case PROP_TYPE_INDEX:
2784 2785 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2785 2786 break;
2786 2787 default:
2787 2788 nvlist_free(dummy);
2788 2789 return (SET_ERROR(EINVAL));
2789 2790 }
2790 2791
2791 2792 pair = nvlist_next_nvpair(dummy, NULL);
2792 2793 err = zfs_prop_set_special(zc->zc_name, source, pair);
2793 2794 nvlist_free(dummy);
2794 2795 if (err != -1)
2795 2796 return (err); /* special property already handled */
2796 2797 } else {
2797 2798 /*
2798 2799 * Only check this in the non-received case. We want to allow
2799 2800 * 'inherit -S' to revert non-inheritable properties like quota
2800 2801 * and reservation to the received or default values even though
2801 2802 * they are not considered inheritable.
2802 2803 */
2803 2804 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2804 2805 return (SET_ERROR(EINVAL));
2805 2806 }
2806 2807
2807 2808 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2808 2809 return (dsl_prop_inherit(zc->zc_name, zc->zc_value, source));
2809 2810 }
2810 2811
2811 2812 static int
2812 2813 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2813 2814 {
2814 2815 nvlist_t *props;
2815 2816 spa_t *spa;
2816 2817 int error;
2817 2818 nvpair_t *pair;
2818 2819
2819 2820 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2820 2821 zc->zc_iflags, &props))
2821 2822 return (error);
2822 2823
2823 2824 /*
2824 2825 * If the only property is the configfile, then just do a spa_lookup()
2825 2826 * to handle the faulted case.
2826 2827 */
2827 2828 pair = nvlist_next_nvpair(props, NULL);
2828 2829 if (pair != NULL && strcmp(nvpair_name(pair),
2829 2830 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2830 2831 nvlist_next_nvpair(props, pair) == NULL) {
2831 2832 mutex_enter(&spa_namespace_lock);
2832 2833 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2833 2834 spa_configfile_set(spa, props, B_FALSE);
2834 2835 spa_config_sync(spa, B_FALSE, B_TRUE);
2835 2836 }
2836 2837 mutex_exit(&spa_namespace_lock);
2837 2838 if (spa != NULL) {
2838 2839 nvlist_free(props);
2839 2840 return (0);
2840 2841 }
2841 2842 }
2842 2843
2843 2844 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2844 2845 nvlist_free(props);
2845 2846 return (error);
2846 2847 }
2847 2848
2848 2849 error = spa_prop_set(spa, props);
2849 2850
2850 2851 nvlist_free(props);
2851 2852 spa_close(spa, FTAG);
2852 2853
2853 2854 return (error);
2854 2855 }
2855 2856
2856 2857 static int
2857 2858 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2858 2859 {
2859 2860 spa_t *spa;
2860 2861 int error;
2861 2862 nvlist_t *nvp = NULL;
2862 2863
2863 2864 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2864 2865 /*
2865 2866 * If the pool is faulted, there may be properties we can still
2866 2867 * get (such as altroot and cachefile), so attempt to get them
2867 2868 * anyway.
2868 2869 */
2869 2870 mutex_enter(&spa_namespace_lock);
2870 2871 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2871 2872 error = spa_prop_get(spa, &nvp);
2872 2873 mutex_exit(&spa_namespace_lock);
2873 2874 } else {
2874 2875 error = spa_prop_get(spa, &nvp);
2875 2876 spa_close(spa, FTAG);
2876 2877 }
2877 2878
2878 2879 if (error == 0 && zc->zc_nvlist_dst != NULL)
2879 2880 error = put_nvlist(zc, nvp);
2880 2881 else
2881 2882 error = SET_ERROR(EFAULT);
2882 2883
2883 2884 nvlist_free(nvp);
2884 2885 return (error);
2885 2886 }
2886 2887
2887 2888 /*
2888 2889 * inputs:
2889 2890 * zc_name name of filesystem
2890 2891 * zc_nvlist_src{_size} nvlist of delegated permissions
2891 2892 * zc_perm_action allow/unallow flag
2892 2893 *
2893 2894 * outputs: none
2894 2895 */
2895 2896 static int
2896 2897 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2897 2898 {
2898 2899 int error;
2899 2900 nvlist_t *fsaclnv = NULL;
2900 2901
2901 2902 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2902 2903 zc->zc_iflags, &fsaclnv)) != 0)
2903 2904 return (error);
2904 2905
2905 2906 /*
2906 2907 * Verify nvlist is constructed correctly
2907 2908 */
2908 2909 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2909 2910 nvlist_free(fsaclnv);
2910 2911 return (SET_ERROR(EINVAL));
2911 2912 }
2912 2913
2913 2914 /*
2914 2915 * If we don't have PRIV_SYS_MOUNT, then validate
2915 2916 * that user is allowed to hand out each permission in
2916 2917 * the nvlist(s)
2917 2918 */
2918 2919
2919 2920 error = secpolicy_zfs(CRED());
2920 2921 if (error != 0) {
2921 2922 if (zc->zc_perm_action == B_FALSE) {
2922 2923 error = dsl_deleg_can_allow(zc->zc_name,
2923 2924 fsaclnv, CRED());
2924 2925 } else {
2925 2926 error = dsl_deleg_can_unallow(zc->zc_name,
2926 2927 fsaclnv, CRED());
2927 2928 }
2928 2929 }
2929 2930
2930 2931 if (error == 0)
2931 2932 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2932 2933
2933 2934 nvlist_free(fsaclnv);
2934 2935 return (error);
2935 2936 }
2936 2937
2937 2938 /*
2938 2939 * inputs:
2939 2940 * zc_name name of filesystem
2940 2941 *
2941 2942 * outputs:
2942 2943 * zc_nvlist_src{_size} nvlist of delegated permissions
2943 2944 */
2944 2945 static int
2945 2946 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2946 2947 {
2947 2948 nvlist_t *nvp;
2948 2949 int error;
2949 2950
2950 2951 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2951 2952 error = put_nvlist(zc, nvp);
2952 2953 nvlist_free(nvp);
2953 2954 }
2954 2955
2955 2956 return (error);
2956 2957 }
2957 2958
2958 2959 /*
2959 2960 * Search the vfs list for a specified resource. Returns a pointer to it
2960 2961 * or NULL if no suitable entry is found. The caller of this routine
2961 2962 * is responsible for releasing the returned vfs pointer.
2962 2963 */
2963 2964 static vfs_t *
2964 2965 zfs_get_vfs(const char *resource)
2965 2966 {
2966 2967 struct vfs *vfsp;
2967 2968 struct vfs *vfs_found = NULL;
2968 2969
2969 2970 vfs_list_read_lock();
2970 2971 vfsp = rootvfs;
2971 2972 do {
2972 2973 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2973 2974 VFS_HOLD(vfsp);
2974 2975 vfs_found = vfsp;
2975 2976 break;
2976 2977 }
2977 2978 vfsp = vfsp->vfs_next;
2978 2979 } while (vfsp != rootvfs);
2979 2980 vfs_list_unlock();
2980 2981 return (vfs_found);
2981 2982 }
2982 2983
2983 2984 /* ARGSUSED */
2984 2985 static void
2985 2986 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2986 2987 {
2987 2988 zfs_creat_t *zct = arg;
2988 2989
2989 2990 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2990 2991 }
2991 2992
2992 2993 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2993 2994
2994 2995 /*
2995 2996 * inputs:
2996 2997 * os parent objset pointer (NULL if root fs)
2997 2998 * fuids_ok fuids allowed in this version of the spa?
2998 2999 * sa_ok SAs allowed in this version of the spa?
2999 3000 * createprops list of properties requested by creator
3000 3001 *
3001 3002 * outputs:
3002 3003 * zplprops values for the zplprops we attach to the master node object
3003 3004 * is_ci true if requested file system will be purely case-insensitive
3004 3005 *
3005 3006 * Determine the settings for utf8only, normalization and
3006 3007 * casesensitivity. Specific values may have been requested by the
3007 3008 * creator and/or we can inherit values from the parent dataset. If
3008 3009 * the file system is of too early a vintage, a creator can not
3009 3010 * request settings for these properties, even if the requested
3010 3011 * setting is the default value. We don't actually want to create dsl
3011 3012 * properties for these, so remove them from the source nvlist after
3012 3013 * processing.
3013 3014 */
3014 3015 static int
3015 3016 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
3016 3017 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
3017 3018 nvlist_t *zplprops, boolean_t *is_ci)
3018 3019 {
3019 3020 uint64_t sense = ZFS_PROP_UNDEFINED;
3020 3021 uint64_t norm = ZFS_PROP_UNDEFINED;
3021 3022 uint64_t u8 = ZFS_PROP_UNDEFINED;
3022 3023
3023 3024 ASSERT(zplprops != NULL);
3024 3025
3025 3026 /*
3026 3027 * Pull out creator prop choices, if any.
3027 3028 */
3028 3029 if (createprops) {
3029 3030 (void) nvlist_lookup_uint64(createprops,
3030 3031 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
3031 3032 (void) nvlist_lookup_uint64(createprops,
3032 3033 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
3033 3034 (void) nvlist_remove_all(createprops,
3034 3035 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
3035 3036 (void) nvlist_lookup_uint64(createprops,
3036 3037 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
3037 3038 (void) nvlist_remove_all(createprops,
3038 3039 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
3039 3040 (void) nvlist_lookup_uint64(createprops,
3040 3041 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
3041 3042 (void) nvlist_remove_all(createprops,
3042 3043 zfs_prop_to_name(ZFS_PROP_CASE));
3043 3044 }
3044 3045
3045 3046 /*
3046 3047 * If the zpl version requested is whacky or the file system
3047 3048 * or pool is version is too "young" to support normalization
3048 3049 * and the creator tried to set a value for one of the props,
3049 3050 * error out.
3050 3051 */
3051 3052 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
3052 3053 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
3053 3054 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
3054 3055 (zplver < ZPL_VERSION_NORMALIZATION &&
3055 3056 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
3056 3057 sense != ZFS_PROP_UNDEFINED)))
3057 3058 return (SET_ERROR(ENOTSUP));
3058 3059
3059 3060 /*
3060 3061 * Put the version in the zplprops
3061 3062 */
3062 3063 VERIFY(nvlist_add_uint64(zplprops,
3063 3064 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
3064 3065
3065 3066 if (norm == ZFS_PROP_UNDEFINED)
3066 3067 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
3067 3068 VERIFY(nvlist_add_uint64(zplprops,
3068 3069 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3069 3070
3070 3071 /*
3071 3072 * If we're normalizing, names must always be valid UTF-8 strings.
3072 3073 */
3073 3074 if (norm)
3074 3075 u8 = 1;
3075 3076 if (u8 == ZFS_PROP_UNDEFINED)
3076 3077 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
3077 3078 VERIFY(nvlist_add_uint64(zplprops,
3078 3079 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3079 3080
3080 3081 if (sense == ZFS_PROP_UNDEFINED)
3081 3082 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
3082 3083 VERIFY(nvlist_add_uint64(zplprops,
3083 3084 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3084 3085
3085 3086 if (is_ci)
3086 3087 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3087 3088
3088 3089 return (0);
3089 3090 }
3090 3091
3091 3092 static int
3092 3093 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3093 3094 nvlist_t *zplprops, boolean_t *is_ci)
3094 3095 {
3095 3096 boolean_t fuids_ok, sa_ok;
3096 3097 uint64_t zplver = ZPL_VERSION;
3097 3098 objset_t *os = NULL;
3098 3099 char parentname[MAXNAMELEN];
3099 3100 char *cp;
3100 3101 spa_t *spa;
3101 3102 uint64_t spa_vers;
3102 3103 int error;
3103 3104
3104 3105 (void) strlcpy(parentname, dataset, sizeof (parentname));
3105 3106 cp = strrchr(parentname, '/');
3106 3107 ASSERT(cp != NULL);
3107 3108 cp[0] = '\0';
3108 3109
3109 3110 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3110 3111 return (error);
3111 3112
3112 3113 spa_vers = spa_version(spa);
3113 3114 spa_close(spa, FTAG);
3114 3115
3115 3116 zplver = zfs_zpl_version_map(spa_vers);
3116 3117 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3117 3118 sa_ok = (zplver >= ZPL_VERSION_SA);
3118 3119
3119 3120 /*
3120 3121 * Open parent object set so we can inherit zplprop values.
3121 3122 */
3122 3123 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
3123 3124 return (error);
3124 3125
3125 3126 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
3126 3127 zplprops, is_ci);
3127 3128 dmu_objset_rele(os, FTAG);
3128 3129 return (error);
3129 3130 }
3130 3131
3131 3132 static int
3132 3133 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3133 3134 nvlist_t *zplprops, boolean_t *is_ci)
3134 3135 {
3135 3136 boolean_t fuids_ok;
3136 3137 boolean_t sa_ok;
3137 3138 uint64_t zplver = ZPL_VERSION;
3138 3139 int error;
3139 3140
3140 3141 zplver = zfs_zpl_version_map(spa_vers);
3141 3142 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3142 3143 sa_ok = (zplver >= ZPL_VERSION_SA);
3143 3144
3144 3145 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3145 3146 createprops, zplprops, is_ci);
3146 3147 return (error);
3147 3148 }
3148 3149
3149 3150 /*
3150 3151 * innvl: {
3151 3152 * "type" -> dmu_objset_type_t (int32)
3152 3153 * (optional) "props" -> { prop -> value }
3153 3154 * }
3154 3155 *
3155 3156 * outnvl: propname -> error code (int32)
3156 3157 */
3157 3158 static int
3158 3159 zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3159 3160 {
3160 3161 int error = 0;
3161 3162 zfs_creat_t zct = { 0 };
3162 3163 nvlist_t *nvprops = NULL;
3163 3164 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3164 3165 int32_t type32;
3165 3166 dmu_objset_type_t type;
3166 3167 boolean_t is_insensitive = B_FALSE;
3167 3168
3168 3169 if (nvlist_lookup_int32(innvl, "type", &type32) != 0)
3169 3170 return (SET_ERROR(EINVAL));
3170 3171 type = type32;
3171 3172 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3172 3173
3173 3174 switch (type) {
3174 3175 case DMU_OST_ZFS:
3175 3176 cbfunc = zfs_create_cb;
3176 3177 break;
3177 3178
3178 3179 case DMU_OST_ZVOL:
3179 3180 cbfunc = zvol_create_cb;
3180 3181 break;
3181 3182
3182 3183 default:
3183 3184 cbfunc = NULL;
3184 3185 break;
3185 3186 }
3186 3187 if (strchr(fsname, '@') ||
3187 3188 strchr(fsname, '%'))
3188 3189 return (SET_ERROR(EINVAL));
3189 3190
3190 3191 zct.zct_props = nvprops;
3191 3192
3192 3193 if (cbfunc == NULL)
3193 3194 return (SET_ERROR(EINVAL));
3194 3195
3195 3196 if (type == DMU_OST_ZVOL) {
3196 3197 uint64_t volsize, volblocksize;
3197 3198
3198 3199 if (nvprops == NULL)
3199 3200 return (SET_ERROR(EINVAL));
3200 3201 if (nvlist_lookup_uint64(nvprops,
3201 3202 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
3202 3203 return (SET_ERROR(EINVAL));
3203 3204
3204 3205 if ((error = nvlist_lookup_uint64(nvprops,
3205 3206 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3206 3207 &volblocksize)) != 0 && error != ENOENT)
3207 3208 return (SET_ERROR(EINVAL));
3208 3209
3209 3210 if (error != 0)
3210 3211 volblocksize = zfs_prop_default_numeric(
3211 3212 ZFS_PROP_VOLBLOCKSIZE);
3212 3213
3213 3214 if ((error = zvol_check_volblocksize(
3214 3215 volblocksize)) != 0 ||
3215 3216 (error = zvol_check_volsize(volsize,
3216 3217 volblocksize)) != 0)
3217 3218 return (error);
3218 3219 } else if (type == DMU_OST_ZFS) {
3219 3220 int error;
3220 3221
3221 3222 /*
3222 3223 * We have to have normalization and
3223 3224 * case-folding flags correct when we do the
3224 3225 * file system creation, so go figure them out
3225 3226 * now.
3226 3227 */
3227 3228 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3228 3229 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3229 3230 error = zfs_fill_zplprops(fsname, nvprops,
3230 3231 zct.zct_zplprops, &is_insensitive);
3231 3232 if (error != 0) {
3232 3233 nvlist_free(zct.zct_zplprops);
3233 3234 return (error);
3234 3235 }
3235 3236 }
3236 3237
3237 3238 error = dmu_objset_create(fsname, type,
3238 3239 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3239 3240 nvlist_free(zct.zct_zplprops);
3240 3241
3241 3242 /*
3242 3243 * It would be nice to do this atomically.
3243 3244 */
3244 3245 if (error == 0) {
3245 3246 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3246 3247 nvprops, outnvl);
3247 3248 if (error != 0)
3248 3249 (void) dsl_destroy_head(fsname);
3249 3250 }
3250 3251 return (error);
3251 3252 }
3252 3253
3253 3254 /*
3254 3255 * innvl: {
3255 3256 * "origin" -> name of origin snapshot
3256 3257 * (optional) "props" -> { prop -> value }
3257 3258 * }
3258 3259 *
3259 3260 * outnvl: propname -> error code (int32)
3260 3261 */
3261 3262 static int
3262 3263 zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3263 3264 {
3264 3265 int error = 0;
3265 3266 nvlist_t *nvprops = NULL;
3266 3267 char *origin_name;
3267 3268
3268 3269 if (nvlist_lookup_string(innvl, "origin", &origin_name) != 0)
3269 3270 return (SET_ERROR(EINVAL));
3270 3271 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3271 3272
3272 3273 if (strchr(fsname, '@') ||
3273 3274 strchr(fsname, '%'))
3274 3275 return (SET_ERROR(EINVAL));
3275 3276
3276 3277 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
3277 3278 return (SET_ERROR(EINVAL));
3278 3279 error = dmu_objset_clone(fsname, origin_name);
3279 3280 if (error != 0)
3280 3281 return (error);
3281 3282
3282 3283 /*
3283 3284 * It would be nice to do this atomically.
3284 3285 */
3285 3286 if (error == 0) {
3286 3287 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3287 3288 nvprops, outnvl);
3288 3289 if (error != 0)
3289 3290 (void) dsl_destroy_head(fsname);
3290 3291 }
3291 3292 return (error);
3292 3293 }
3293 3294
3294 3295 /*
3295 3296 * innvl: {
3296 3297 * "snaps" -> { snapshot1, snapshot2 }
3297 3298 * (optional) "props" -> { prop -> value (string) }
3298 3299 * }
3299 3300 *
3300 3301 * outnvl: snapshot -> error code (int32)
3301 3302 */
3302 3303 static int
3303 3304 zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3304 3305 {
3305 3306 nvlist_t *snaps;
3306 3307 nvlist_t *props = NULL;
3307 3308 int error, poollen;
3308 3309 nvpair_t *pair;
3309 3310
3310 3311 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3311 3312 if ((error = zfs_check_userprops(poolname, props)) != 0)
3312 3313 return (error);
3313 3314
3314 3315 if (!nvlist_empty(props) &&
3315 3316 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
3316 3317 return (SET_ERROR(ENOTSUP));
3317 3318
3318 3319 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3319 3320 return (SET_ERROR(EINVAL));
3320 3321 poollen = strlen(poolname);
3321 3322 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3322 3323 pair = nvlist_next_nvpair(snaps, pair)) {
3323 3324 const char *name = nvpair_name(pair);
3324 3325 const char *cp = strchr(name, '@');
3325 3326
3326 3327 /*
3327 3328 * The snap name must contain an @, and the part after it must
3328 3329 * contain only valid characters.
3329 3330 */
3330 3331 if (cp == NULL ||
3331 3332 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3332 3333 return (SET_ERROR(EINVAL));
3333 3334
3334 3335 /*
3335 3336 * The snap must be in the specified pool.
3336 3337 */
3337 3338 if (strncmp(name, poolname, poollen) != 0 ||
3338 3339 (name[poollen] != '/' && name[poollen] != '@'))
3339 3340 return (SET_ERROR(EXDEV));
3340 3341
3341 3342 /* This must be the only snap of this fs. */
3342 3343 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
3343 3344 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3344 3345 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3345 3346 == 0) {
3346 3347 return (SET_ERROR(EXDEV));
3347 3348 }
3348 3349 }
3349 3350 }
3350 3351
3351 3352 error = dsl_dataset_snapshot(snaps, props, outnvl);
3352 3353 return (error);
3353 3354 }
3354 3355
3355 3356 /*
3356 3357 * innvl: "message" -> string
3357 3358 */
3358 3359 /* ARGSUSED */
3359 3360 static int
3360 3361 zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3361 3362 {
3362 3363 char *message;
3363 3364 spa_t *spa;
3364 3365 int error;
3365 3366 char *poolname;
3366 3367
3367 3368 /*
3368 3369 * The poolname in the ioctl is not set, we get it from the TSD,
3369 3370 * which was set at the end of the last successful ioctl that allows
3370 3371 * logging. The secpolicy func already checked that it is set.
3371 3372 * Only one log ioctl is allowed after each successful ioctl, so
3372 3373 * we clear the TSD here.
3373 3374 */
3374 3375 poolname = tsd_get(zfs_allow_log_key);
3375 3376 (void) tsd_set(zfs_allow_log_key, NULL);
3376 3377 error = spa_open(poolname, &spa, FTAG);
3377 3378 strfree(poolname);
3378 3379 if (error != 0)
3379 3380 return (error);
3380 3381
3381 3382 if (nvlist_lookup_string(innvl, "message", &message) != 0) {
3382 3383 spa_close(spa, FTAG);
3383 3384 return (SET_ERROR(EINVAL));
3384 3385 }
3385 3386
3386 3387 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3387 3388 spa_close(spa, FTAG);
3388 3389 return (SET_ERROR(ENOTSUP));
3389 3390 }
3390 3391
3391 3392 error = spa_history_log(spa, message);
3392 3393 spa_close(spa, FTAG);
3393 3394 return (error);
3394 3395 }
3395 3396
3396 3397 /*
3397 3398 * The dp_config_rwlock must not be held when calling this, because the
3398 3399 * unmount may need to write out data.
3399 3400 *
3400 3401 * This function is best-effort. Callers must deal gracefully if it
3401 3402 * remains mounted (or is remounted after this call).
3402 3403 *
3403 3404 * Returns 0 if the argument is not a snapshot, or it is not currently a
3404 3405 * filesystem, or we were able to unmount it. Returns error code otherwise.
3405 3406 */
3406 3407 int
3407 3408 zfs_unmount_snap(const char *snapname)
3408 3409 {
3409 3410 vfs_t *vfsp;
3410 3411 zfsvfs_t *zfsvfs;
3411 3412 int err;
3412 3413
3413 3414 if (strchr(snapname, '@') == NULL)
3414 3415 return (0);
3415 3416
3416 3417 vfsp = zfs_get_vfs(snapname);
3417 3418 if (vfsp == NULL)
3418 3419 return (0);
3419 3420
3420 3421 zfsvfs = vfsp->vfs_data;
3421 3422 ASSERT(!dsl_pool_config_held(dmu_objset_pool(zfsvfs->z_os)));
3422 3423
3423 3424 err = vn_vfswlock(vfsp->vfs_vnodecovered);
3424 3425 VFS_RELE(vfsp);
3425 3426 if (err != 0)
3426 3427 return (SET_ERROR(err));
3427 3428
3428 3429 /*
3429 3430 * Always force the unmount for snapshots.
3430 3431 */
3431 3432 (void) dounmount(vfsp, MS_FORCE, kcred);
3432 3433 return (0);
3433 3434 }
3434 3435
3435 3436 /* ARGSUSED */
3436 3437 static int
3437 3438 zfs_unmount_snap_cb(const char *snapname, void *arg)
3438 3439 {
3439 3440 return (zfs_unmount_snap(snapname));
3440 3441 }
3441 3442
3442 3443 /*
3443 3444 * When a clone is destroyed, its origin may also need to be destroyed,
3444 3445 * in which case it must be unmounted. This routine will do that unmount
3445 3446 * if necessary.
3446 3447 */
3447 3448 void
3448 3449 zfs_destroy_unmount_origin(const char *fsname)
3449 3450 {
3450 3451 int error;
3451 3452 objset_t *os;
3452 3453 dsl_dataset_t *ds;
3453 3454
3454 3455 error = dmu_objset_hold(fsname, FTAG, &os);
3455 3456 if (error != 0)
3456 3457 return;
3457 3458 ds = dmu_objset_ds(os);
3458 3459 if (dsl_dir_is_clone(ds->ds_dir) && DS_IS_DEFER_DESTROY(ds->ds_prev)) {
3459 3460 char originname[MAXNAMELEN];
3460 3461 dsl_dataset_name(ds->ds_prev, originname);
3461 3462 dmu_objset_rele(os, FTAG);
3462 3463 (void) zfs_unmount_snap(originname);
3463 3464 } else {
3464 3465 dmu_objset_rele(os, FTAG);
3465 3466 }
3466 3467 }
3467 3468
3468 3469 /*
3469 3470 * innvl: {
3470 3471 * "snaps" -> { snapshot1, snapshot2 }
3471 3472 * (optional boolean) "defer"
3472 3473 * }
3473 3474 *
3474 3475 * outnvl: snapshot -> error code (int32)
3475 3476 *
3476 3477 */
3477 3478 /* ARGSUSED */
3478 3479 static int
3479 3480 zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3480 3481 {
3481 3482 nvlist_t *snaps;
3482 3483 nvpair_t *pair;
3483 3484 boolean_t defer;
3484 3485
3485 3486 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3486 3487 return (SET_ERROR(EINVAL));
3487 3488 defer = nvlist_exists(innvl, "defer");
3488 3489
3489 3490 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3490 3491 pair = nvlist_next_nvpair(snaps, pair)) {
3491 3492 (void) zfs_unmount_snap(nvpair_name(pair));
3492 3493 }
3493 3494
3494 3495 return (dsl_destroy_snapshots_nvl(snaps, defer, outnvl));
3495 3496 }
3496 3497
3497 3498 /*
3498 3499 * Create bookmarks. Bookmark names are of the form <fs>#<bmark>.
3499 3500 * All bookmarks must be in the same pool.
3500 3501 *
3501 3502 * innvl: {
3502 3503 * bookmark1 -> snapshot1, bookmark2 -> snapshot2
3503 3504 * }
3504 3505 *
3505 3506 * outnvl: bookmark -> error code (int32)
3506 3507 *
3507 3508 */
3508 3509 /* ARGSUSED */
3509 3510 static int
3510 3511 zfs_ioc_bookmark(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3511 3512 {
3512 3513 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3513 3514 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3514 3515 char *snap_name;
3515 3516
3516 3517 /*
3517 3518 * Verify the snapshot argument.
3518 3519 */
3519 3520 if (nvpair_value_string(pair, &snap_name) != 0)
3520 3521 return (SET_ERROR(EINVAL));
3521 3522
3522 3523
3523 3524 /* Verify that the keys (bookmarks) are unique */
3524 3525 for (nvpair_t *pair2 = nvlist_next_nvpair(innvl, pair);
3525 3526 pair2 != NULL; pair2 = nvlist_next_nvpair(innvl, pair2)) {
3526 3527 if (strcmp(nvpair_name(pair), nvpair_name(pair2)) == 0)
3527 3528 return (SET_ERROR(EINVAL));
3528 3529 }
3529 3530 }
3530 3531
3531 3532 return (dsl_bookmark_create(innvl, outnvl));
3532 3533 }
3533 3534
3534 3535 /*
3535 3536 * innvl: {
3536 3537 * property 1, property 2, ...
3537 3538 * }
3538 3539 *
3539 3540 * outnvl: {
3540 3541 * bookmark name 1 -> { property 1, property 2, ... },
3541 3542 * bookmark name 2 -> { property 1, property 2, ... }
3542 3543 * }
3543 3544 *
3544 3545 */
3545 3546 static int
3546 3547 zfs_ioc_get_bookmarks(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3547 3548 {
3548 3549 return (dsl_get_bookmarks(fsname, innvl, outnvl));
3549 3550 }
3550 3551
3551 3552 /*
3552 3553 * innvl: {
3553 3554 * bookmark name 1, bookmark name 2
3554 3555 * }
3555 3556 *
3556 3557 * outnvl: bookmark -> error code (int32)
3557 3558 *
3558 3559 */
3559 3560 static int
3560 3561 zfs_ioc_destroy_bookmarks(const char *poolname, nvlist_t *innvl,
3561 3562 nvlist_t *outnvl)
3562 3563 {
3563 3564 int error, poollen;
3564 3565
3565 3566 poollen = strlen(poolname);
3566 3567 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3567 3568 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3568 3569 const char *name = nvpair_name(pair);
3569 3570 const char *cp = strchr(name, '#');
3570 3571
3571 3572 /*
3572 3573 * The bookmark name must contain an #, and the part after it
3573 3574 * must contain only valid characters.
3574 3575 */
3575 3576 if (cp == NULL ||
3576 3577 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3577 3578 return (SET_ERROR(EINVAL));
3578 3579
3579 3580 /*
3580 3581 * The bookmark must be in the specified pool.
3581 3582 */
3582 3583 if (strncmp(name, poolname, poollen) != 0 ||
3583 3584 (name[poollen] != '/' && name[poollen] != '#'))
3584 3585 return (SET_ERROR(EXDEV));
3585 3586 }
3586 3587
3587 3588 error = dsl_bookmark_destroy(innvl, outnvl);
3588 3589 return (error);
3589 3590 }
3590 3591
3591 3592 /*
3592 3593 * inputs:
3593 3594 * zc_name name of dataset to destroy
3594 3595 * zc_objset_type type of objset
3595 3596 * zc_defer_destroy mark for deferred destroy
3596 3597 *
3597 3598 * outputs: none
3598 3599 */
3599 3600 static int
3600 3601 zfs_ioc_destroy(zfs_cmd_t *zc)
3601 3602 {
3602 3603 int err;
3603 3604
3604 3605 if (zc->zc_objset_type == DMU_OST_ZFS) {
3605 3606 err = zfs_unmount_snap(zc->zc_name);
3606 3607 if (err != 0)
3607 3608 return (err);
3608 3609 }
3609 3610
3610 3611 if (strchr(zc->zc_name, '@'))
3611 3612 err = dsl_destroy_snapshot(zc->zc_name, zc->zc_defer_destroy);
3612 3613 else
3613 3614 err = dsl_destroy_head(zc->zc_name);
3614 3615 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3615 3616 (void) zvol_remove_minor(zc->zc_name);
3616 3617 return (err);
3617 3618 }
3618 3619
3619 3620 /*
3620 3621 * fsname is name of dataset to rollback (to most recent snapshot)
3621 3622 *
3622 3623 * innvl is not used.
3623 3624 *
3624 3625 * outnvl: "target" -> name of most recent snapshot
3625 3626 * }
3626 3627 */
3627 3628 /* ARGSUSED */
3628 3629 static int
3629 3630 zfs_ioc_rollback(const char *fsname, nvlist_t *args, nvlist_t *outnvl)
3630 3631 {
3631 3632 zfsvfs_t *zfsvfs;
3632 3633 int error;
3633 3634
3634 3635 if (getzfsvfs(fsname, &zfsvfs) == 0) {
3635 3636 error = zfs_suspend_fs(zfsvfs);
3636 3637 if (error == 0) {
3637 3638 int resume_err;
3638 3639
3639 3640 error = dsl_dataset_rollback(fsname, zfsvfs, outnvl);
3640 3641 resume_err = zfs_resume_fs(zfsvfs, fsname);
3641 3642 error = error ? error : resume_err;
3642 3643 }
3643 3644 VFS_RELE(zfsvfs->z_vfs);
3644 3645 } else {
3645 3646 error = dsl_dataset_rollback(fsname, NULL, outnvl);
3646 3647 }
3647 3648 return (error);
3648 3649 }
3649 3650
3650 3651 static int
3651 3652 recursive_unmount(const char *fsname, void *arg)
3652 3653 {
3653 3654 const char *snapname = arg;
3654 3655 char fullname[MAXNAMELEN];
3655 3656
3656 3657 (void) snprintf(fullname, sizeof (fullname), "%s@%s", fsname, snapname);
3657 3658 return (zfs_unmount_snap(fullname));
3658 3659 }
3659 3660
3660 3661 /*
3661 3662 * inputs:
3662 3663 * zc_name old name of dataset
3663 3664 * zc_value new name of dataset
3664 3665 * zc_cookie recursive flag (only valid for snapshots)
3665 3666 *
3666 3667 * outputs: none
3667 3668 */
3668 3669 static int
3669 3670 zfs_ioc_rename(zfs_cmd_t *zc)
3670 3671 {
3671 3672 boolean_t recursive = zc->zc_cookie & 1;
3672 3673 char *at;
3673 3674
3674 3675 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3675 3676 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3676 3677 strchr(zc->zc_value, '%'))
3677 3678 return (SET_ERROR(EINVAL));
3678 3679
3679 3680 at = strchr(zc->zc_name, '@');
3680 3681 if (at != NULL) {
3681 3682 /* snaps must be in same fs */
3682 3683 int error;
3683 3684
3684 3685 if (strncmp(zc->zc_name, zc->zc_value, at - zc->zc_name + 1))
3685 3686 return (SET_ERROR(EXDEV));
3686 3687 *at = '\0';
3687 3688 if (zc->zc_objset_type == DMU_OST_ZFS) {
3688 3689 error = dmu_objset_find(zc->zc_name,
3689 3690 recursive_unmount, at + 1,
3690 3691 recursive ? DS_FIND_CHILDREN : 0);
3691 3692 if (error != 0) {
3692 3693 *at = '@';
3693 3694 return (error);
3694 3695 }
3695 3696 }
3696 3697 error = dsl_dataset_rename_snapshot(zc->zc_name,
3697 3698 at + 1, strchr(zc->zc_value, '@') + 1, recursive);
3698 3699 *at = '@';
3699 3700
3700 3701 return (error);
3701 3702 } else {
3702 3703 if (zc->zc_objset_type == DMU_OST_ZVOL)
3703 3704 (void) zvol_remove_minor(zc->zc_name);
3704 3705 return (dsl_dir_rename(zc->zc_name, zc->zc_value));
3705 3706 }
3706 3707 }
3707 3708
3708 3709 static int
3709 3710 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3710 3711 {
3711 3712 const char *propname = nvpair_name(pair);
3712 3713 boolean_t issnap = (strchr(dsname, '@') != NULL);
3713 3714 zfs_prop_t prop = zfs_name_to_prop(propname);
3714 3715 uint64_t intval;
3715 3716 int err;
3716 3717
3717 3718 if (prop == ZPROP_INVAL) {
3718 3719 if (zfs_prop_user(propname)) {
3719 3720 if (err = zfs_secpolicy_write_perms(dsname,
3720 3721 ZFS_DELEG_PERM_USERPROP, cr))
3721 3722 return (err);
3722 3723 return (0);
3723 3724 }
3724 3725
3725 3726 if (!issnap && zfs_prop_userquota(propname)) {
3726 3727 const char *perm = NULL;
3727 3728 const char *uq_prefix =
3728 3729 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3729 3730 const char *gq_prefix =
3730 3731 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3731 3732
3732 3733 if (strncmp(propname, uq_prefix,
3733 3734 strlen(uq_prefix)) == 0) {
3734 3735 perm = ZFS_DELEG_PERM_USERQUOTA;
3735 3736 } else if (strncmp(propname, gq_prefix,
3736 3737 strlen(gq_prefix)) == 0) {
3737 3738 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3738 3739 } else {
3739 3740 /* USERUSED and GROUPUSED are read-only */
3740 3741 return (SET_ERROR(EINVAL));
3741 3742 }
3742 3743
3743 3744 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3744 3745 return (err);
3745 3746 return (0);
3746 3747 }
3747 3748
3748 3749 return (SET_ERROR(EINVAL));
3749 3750 }
3750 3751
3751 3752 if (issnap)
3752 3753 return (SET_ERROR(EINVAL));
3753 3754
3754 3755 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3755 3756 /*
3756 3757 * dsl_prop_get_all_impl() returns properties in this
3757 3758 * format.
3758 3759 */
3759 3760 nvlist_t *attrs;
3760 3761 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3761 3762 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3762 3763 &pair) == 0);
3763 3764 }
3764 3765
3765 3766 /*
3766 3767 * Check that this value is valid for this pool version
3767 3768 */
3768 3769 switch (prop) {
3769 3770 case ZFS_PROP_COMPRESSION:
3770 3771 /*
3771 3772 * If the user specified gzip compression, make sure
3772 3773 * the SPA supports it. We ignore any errors here since
3773 3774 * we'll catch them later.
3774 3775 */
3775 3776 if (nvpair_value_uint64(pair, &intval) == 0) {
3776 3777 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3777 3778 intval <= ZIO_COMPRESS_GZIP_9 &&
3778 3779 zfs_earlier_version(dsname,
3779 3780 SPA_VERSION_GZIP_COMPRESSION)) {
3780 3781 return (SET_ERROR(ENOTSUP));
3781 3782 }
3782 3783
3783 3784 if (intval == ZIO_COMPRESS_ZLE &&
3784 3785 zfs_earlier_version(dsname,
3785 3786 SPA_VERSION_ZLE_COMPRESSION))
3786 3787 return (SET_ERROR(ENOTSUP));
3787 3788
3788 3789 if (intval == ZIO_COMPRESS_LZ4) {
3789 3790 spa_t *spa;
3790 3791
3791 3792 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3792 3793 return (err);
3793 3794
3794 3795 if (!spa_feature_is_enabled(spa,
3795 3796 SPA_FEATURE_LZ4_COMPRESS)) {
3796 3797 spa_close(spa, FTAG);
3797 3798 return (SET_ERROR(ENOTSUP));
3798 3799 }
3799 3800 spa_close(spa, FTAG);
3800 3801 }
3801 3802
3802 3803 /*
3803 3804 * If this is a bootable dataset then
3804 3805 * verify that the compression algorithm
3805 3806 * is supported for booting. We must return
3806 3807 * something other than ENOTSUP since it
3807 3808 * implies a downrev pool version.
3808 3809 */
3809 3810 if (zfs_is_bootfs(dsname) &&
3810 3811 !BOOTFS_COMPRESS_VALID(intval)) {
3811 3812 return (SET_ERROR(ERANGE));
3812 3813 }
3813 3814 }
3814 3815 break;
3815 3816
3816 3817 case ZFS_PROP_COPIES:
3817 3818 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3818 3819 return (SET_ERROR(ENOTSUP));
3819 3820 break;
3820 3821
3821 3822 case ZFS_PROP_DEDUP:
3822 3823 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3823 3824 return (SET_ERROR(ENOTSUP));
3824 3825 break;
3825 3826
3826 3827 case ZFS_PROP_RECORDSIZE:
3827 3828 /* Record sizes above 128k need the feature to be enabled */
3828 3829 if (nvpair_value_uint64(pair, &intval) == 0 &&
3829 3830 intval > SPA_OLD_MAXBLOCKSIZE) {
3830 3831 spa_t *spa;
3831 3832
3832 3833 /*
3833 3834 * If this is a bootable dataset then
3834 3835 * the we don't allow large (>128K) blocks,
3835 3836 * because GRUB doesn't support them.
3836 3837 */
3837 3838 if (zfs_is_bootfs(dsname) &&
3838 3839 intval > SPA_OLD_MAXBLOCKSIZE) {
3839 3840 return (SET_ERROR(EDOM));
3840 3841 }
3841 3842
3842 3843 /*
3843 3844 * We don't allow setting the property above 1MB,
3844 3845 * unless the tunable has been changed.
3845 3846 */
3846 3847 if (intval > zfs_max_recordsize ||
3847 3848 intval > SPA_MAXBLOCKSIZE)
3848 3849 return (SET_ERROR(EDOM));
3849 3850
3850 3851 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3851 3852 return (err);
3852 3853
3853 3854 if (!spa_feature_is_enabled(spa,
3854 3855 SPA_FEATURE_LARGE_BLOCKS)) {
3855 3856 spa_close(spa, FTAG);
3856 3857 return (SET_ERROR(ENOTSUP));
3857 3858 }
3858 3859 spa_close(spa, FTAG);
3859 3860 }
3860 3861 break;
3861 3862
3862 3863 case ZFS_PROP_SHARESMB:
3863 3864 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3864 3865 return (SET_ERROR(ENOTSUP));
3865 3866 break;
3866 3867
3867 3868 case ZFS_PROP_ACLINHERIT:
3868 3869 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3869 3870 nvpair_value_uint64(pair, &intval) == 0) {
3870 3871 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3871 3872 zfs_earlier_version(dsname,
3872 3873 SPA_VERSION_PASSTHROUGH_X))
3873 3874 return (SET_ERROR(ENOTSUP));
3874 3875 }
3875 3876 break;
3876 3877 }
3877 3878
3878 3879 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3879 3880 }
3880 3881
3881 3882 /*
3882 3883 * Checks for a race condition to make sure we don't increment a feature flag
3883 3884 * multiple times.
3884 3885 */
3885 3886 static int
3886 3887 zfs_prop_activate_feature_check(void *arg, dmu_tx_t *tx)
3887 3888 {
3888 3889 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3889 3890 spa_feature_t *featurep = arg;
3890 3891
3891 3892 if (!spa_feature_is_active(spa, *featurep))
3892 3893 return (0);
3893 3894 else
3894 3895 return (SET_ERROR(EBUSY));
3895 3896 }
3896 3897
3897 3898 /*
3898 3899 * The callback invoked on feature activation in the sync task caused by
3899 3900 * zfs_prop_activate_feature.
3900 3901 */
3901 3902 static void
3902 3903 zfs_prop_activate_feature_sync(void *arg, dmu_tx_t *tx)
3903 3904 {
3904 3905 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3905 3906 spa_feature_t *featurep = arg;
3906 3907
3907 3908 spa_feature_incr(spa, *featurep, tx);
3908 3909 }
3909 3910
3910 3911 /*
3911 3912 * Activates a feature on a pool in response to a property setting. This
3912 3913 * creates a new sync task which modifies the pool to reflect the feature
3913 3914 * as being active.
3914 3915 */
3915 3916 static int
3916 3917 zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature)
3917 3918 {
3918 3919 int err;
3919 3920
3920 3921 /* EBUSY here indicates that the feature is already active */
3921 3922 err = dsl_sync_task(spa_name(spa),
3922 3923 zfs_prop_activate_feature_check, zfs_prop_activate_feature_sync,
3923 3924 &feature, 2, ZFS_SPACE_CHECK_RESERVED);
3924 3925
3925 3926 if (err != 0 && err != EBUSY)
3926 3927 return (err);
3927 3928 else
3928 3929 return (0);
3929 3930 }
3930 3931
3931 3932 /*
3932 3933 * Removes properties from the given props list that fail permission checks
3933 3934 * needed to clear them and to restore them in case of a receive error. For each
3934 3935 * property, make sure we have both set and inherit permissions.
3935 3936 *
3936 3937 * Returns the first error encountered if any permission checks fail. If the
3937 3938 * caller provides a non-NULL errlist, it also gives the complete list of names
3938 3939 * of all the properties that failed a permission check along with the
3939 3940 * corresponding error numbers. The caller is responsible for freeing the
3940 3941 * returned errlist.
3941 3942 *
3942 3943 * If every property checks out successfully, zero is returned and the list
3943 3944 * pointed at by errlist is NULL.
3944 3945 */
3945 3946 static int
3946 3947 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3947 3948 {
3948 3949 zfs_cmd_t *zc;
3949 3950 nvpair_t *pair, *next_pair;
3950 3951 nvlist_t *errors;
3951 3952 int err, rv = 0;
3952 3953
3953 3954 if (props == NULL)
3954 3955 return (0);
3955 3956
3956 3957 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3957 3958
3958 3959 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3959 3960 (void) strcpy(zc->zc_name, dataset);
3960 3961 pair = nvlist_next_nvpair(props, NULL);
3961 3962 while (pair != NULL) {
3962 3963 next_pair = nvlist_next_nvpair(props, pair);
3963 3964
3964 3965 (void) strcpy(zc->zc_value, nvpair_name(pair));
3965 3966 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3966 3967 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
3967 3968 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3968 3969 VERIFY(nvlist_add_int32(errors,
3969 3970 zc->zc_value, err) == 0);
3970 3971 }
3971 3972 pair = next_pair;
3972 3973 }
3973 3974 kmem_free(zc, sizeof (zfs_cmd_t));
3974 3975
3975 3976 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3976 3977 nvlist_free(errors);
3977 3978 errors = NULL;
3978 3979 } else {
3979 3980 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3980 3981 }
3981 3982
3982 3983 if (errlist == NULL)
3983 3984 nvlist_free(errors);
3984 3985 else
3985 3986 *errlist = errors;
3986 3987
3987 3988 return (rv);
3988 3989 }
3989 3990
3990 3991 static boolean_t
3991 3992 propval_equals(nvpair_t *p1, nvpair_t *p2)
3992 3993 {
3993 3994 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3994 3995 /* dsl_prop_get_all_impl() format */
3995 3996 nvlist_t *attrs;
3996 3997 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3997 3998 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3998 3999 &p1) == 0);
3999 4000 }
4000 4001
4001 4002 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
4002 4003 nvlist_t *attrs;
4003 4004 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
4004 4005 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4005 4006 &p2) == 0);
4006 4007 }
4007 4008
4008 4009 if (nvpair_type(p1) != nvpair_type(p2))
4009 4010 return (B_FALSE);
4010 4011
4011 4012 if (nvpair_type(p1) == DATA_TYPE_STRING) {
4012 4013 char *valstr1, *valstr2;
4013 4014
4014 4015 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
4015 4016 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
4016 4017 return (strcmp(valstr1, valstr2) == 0);
4017 4018 } else {
4018 4019 uint64_t intval1, intval2;
4019 4020
4020 4021 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
4021 4022 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
4022 4023 return (intval1 == intval2);
4023 4024 }
4024 4025 }
4025 4026
4026 4027 /*
4027 4028 * Remove properties from props if they are not going to change (as determined
4028 4029 * by comparison with origprops). Remove them from origprops as well, since we
4029 4030 * do not need to clear or restore properties that won't change.
4030 4031 */
4031 4032 static void
4032 4033 props_reduce(nvlist_t *props, nvlist_t *origprops)
4033 4034 {
4034 4035 nvpair_t *pair, *next_pair;
4035 4036
4036 4037 if (origprops == NULL)
4037 4038 return; /* all props need to be received */
4038 4039
4039 4040 pair = nvlist_next_nvpair(props, NULL);
4040 4041 while (pair != NULL) {
4041 4042 const char *propname = nvpair_name(pair);
4042 4043 nvpair_t *match;
4043 4044
4044 4045 next_pair = nvlist_next_nvpair(props, pair);
4045 4046
4046 4047 if ((nvlist_lookup_nvpair(origprops, propname,
4047 4048 &match) != 0) || !propval_equals(pair, match))
4048 4049 goto next; /* need to set received value */
|
↓ open down ↓ |
4013 lines elided |
↑ open up ↑ |
4049 4050
4050 4051 /* don't clear the existing received value */
4051 4052 (void) nvlist_remove_nvpair(origprops, match);
4052 4053 /* don't bother receiving the property */
4053 4054 (void) nvlist_remove_nvpair(props, pair);
4054 4055 next:
4055 4056 pair = next_pair;
4056 4057 }
4057 4058 }
4058 4059
4060 +/*
4061 + * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4062 + * For example, refquota cannot be set until after the receipt of a dataset,
4063 + * because in replication streams, an older/earlier snapshot may exceed the
4064 + * refquota. We want to receive the older/earlier snapshot, but setting
4065 + * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4066 + * the older/earlier snapshot from being received (with EDQUOT).
4067 + *
4068 + * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4069 + *
4070 + * libzfs will need to be judicious handling errors encountered by props
4071 + * extracted by this function.
4072 + */
4073 +static nvlist_t *
4074 +extract_delay_props(nvlist_t *props)
4075 +{
4076 + nvlist_t *delayprops;
4077 + nvpair_t *nvp, *tmp;
4078 + static const zfs_prop_t delayable[] = { ZFS_PROP_REFQUOTA, 0 };
4079 + int i;
4080 +
4081 + VERIFY(nvlist_alloc(&delayprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4082 +
4083 + for (nvp = nvlist_next_nvpair(props, NULL); nvp != NULL;
4084 + nvp = nvlist_next_nvpair(props, nvp)) {
4085 + /*
4086 + * strcmp() is safe because zfs_prop_to_name() always returns
4087 + * a bounded string.
4088 + */
4089 + for (i = 0; delayable[i] != 0; i++) {
4090 + if (strcmp(zfs_prop_to_name(delayable[i]),
4091 + nvpair_name(nvp)) == 0) {
4092 + break;
4093 + }
4094 + }
4095 + if (delayable[i] != 0) {
4096 + tmp = nvlist_prev_nvpair(props, nvp);
4097 + VERIFY(nvlist_add_nvpair(delayprops, nvp) == 0);
4098 + VERIFY(nvlist_remove_nvpair(props, nvp) == 0);
4099 + nvp = tmp;
4100 + }
4101 + }
4102 +
4103 + if (nvlist_empty(delayprops)) {
4104 + nvlist_free(delayprops);
4105 + delayprops = NULL;
4106 + }
4107 + return (delayprops);
4108 +}
4109 +
4059 4110 #ifdef DEBUG
4060 4111 static boolean_t zfs_ioc_recv_inject_err;
4061 4112 #endif
4062 4113
4063 4114 /*
4064 4115 * inputs:
4065 4116 * zc_name name of containing filesystem
4066 4117 * zc_nvlist_src{_size} nvlist of properties to apply
4067 4118 * zc_value name of snapshot to create
4068 4119 * zc_string name of clone origin (if DRR_FLAG_CLONE)
4069 4120 * zc_cookie file descriptor to recv from
4070 4121 * zc_begin_record the BEGIN record of the stream (not byteswapped)
4071 4122 * zc_guid force flag
4072 4123 * zc_cleanup_fd cleanup-on-exit file descriptor
4073 4124 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
4074 4125 *
4075 4126 * outputs:
4076 4127 * zc_cookie number of bytes read
4077 4128 * zc_nvlist_dst{_size} error for each unapplied received property
4078 4129 * zc_obj zprop_errflags_t
4079 4130 * zc_action_handle handle for this guid/ds mapping
4080 4131 */
4081 4132 static int
4082 4133 zfs_ioc_recv(zfs_cmd_t *zc)
4083 4134 {
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
4084 4135 file_t *fp;
4085 4136 dmu_recv_cookie_t drc;
4086 4137 boolean_t force = (boolean_t)zc->zc_guid;
4087 4138 int fd;
4088 4139 int error = 0;
4089 4140 int props_error = 0;
4090 4141 nvlist_t *errors;
4091 4142 offset_t off;
4092 4143 nvlist_t *props = NULL; /* sent properties */
4093 4144 nvlist_t *origprops = NULL; /* existing properties */
4145 + nvlist_t *delayprops = NULL; /* sent properties applied post-receive */
4094 4146 char *origin = NULL;
4095 4147 char *tosnap;
4096 4148 char tofs[ZFS_MAXNAMELEN];
4097 4149 boolean_t first_recvd_props = B_FALSE;
4098 4150
4099 4151 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
4100 4152 strchr(zc->zc_value, '@') == NULL ||
4101 4153 strchr(zc->zc_value, '%'))
4102 4154 return (SET_ERROR(EINVAL));
4103 4155
4104 4156 (void) strcpy(tofs, zc->zc_value);
4105 4157 tosnap = strchr(tofs, '@');
4106 4158 *tosnap++ = '\0';
4107 4159
4108 4160 if (zc->zc_nvlist_src != NULL &&
4109 4161 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
4110 4162 zc->zc_iflags, &props)) != 0)
4111 4163 return (error);
4112 4164
4113 4165 fd = zc->zc_cookie;
4114 4166 fp = getf(fd);
4115 4167 if (fp == NULL) {
4116 4168 nvlist_free(props);
4117 4169 return (SET_ERROR(EBADF));
4118 4170 }
4119 4171
4120 4172 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4121 4173
4122 4174 if (zc->zc_string[0])
4123 4175 origin = zc->zc_string;
4124 4176
4125 4177 error = dmu_recv_begin(tofs, tosnap,
4126 4178 &zc->zc_begin_record, force, origin, &drc);
4127 4179 if (error != 0)
4128 4180 goto out;
4129 4181
4130 4182 /*
4131 4183 * Set properties before we receive the stream so that they are applied
4132 4184 * to the new data. Note that we must call dmu_recv_stream() if
4133 4185 * dmu_recv_begin() succeeds.
4134 4186 */
4135 4187 if (props != NULL && !drc.drc_newfs) {
4136 4188 if (spa_version(dsl_dataset_get_spa(drc.drc_ds)) >=
4137 4189 SPA_VERSION_RECVD_PROPS &&
4138 4190 !dsl_prop_get_hasrecvd(tofs))
4139 4191 first_recvd_props = B_TRUE;
4140 4192
4141 4193 /*
4142 4194 * If new received properties are supplied, they are to
4143 4195 * completely replace the existing received properties, so stash
4144 4196 * away the existing ones.
4145 4197 */
4146 4198 if (dsl_prop_get_received(tofs, &origprops) == 0) {
4147 4199 nvlist_t *errlist = NULL;
4148 4200 /*
4149 4201 * Don't bother writing a property if its value won't
4150 4202 * change (and avoid the unnecessary security checks).
4151 4203 *
4152 4204 * The first receive after SPA_VERSION_RECVD_PROPS is a
4153 4205 * special case where we blow away all local properties
4154 4206 * regardless.
4155 4207 */
4156 4208 if (!first_recvd_props)
4157 4209 props_reduce(props, origprops);
4158 4210 if (zfs_check_clearable(tofs, origprops, &errlist) != 0)
4159 4211 (void) nvlist_merge(errors, errlist, 0);
4160 4212 nvlist_free(errlist);
4161 4213
4162 4214 if (clear_received_props(tofs, origprops,
4163 4215 first_recvd_props ? NULL : props) != 0)
|
↓ open down ↓ |
60 lines elided |
↑ open up ↑ |
4164 4216 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4165 4217 } else {
4166 4218 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4167 4219 }
4168 4220 }
4169 4221
4170 4222 if (props != NULL) {
4171 4223 props_error = dsl_prop_set_hasrecvd(tofs);
4172 4224
4173 4225 if (props_error == 0) {
4226 + delayprops = extract_delay_props(props);
4174 4227 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4175 4228 props, errors);
4176 4229 }
4177 4230 }
4178 4231
4179 - if (zc->zc_nvlist_dst_size != 0 &&
4180 - (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4181 - put_nvlist(zc, errors) != 0)) {
4182 - /*
4183 - * Caller made zc->zc_nvlist_dst less than the minimum expected
4184 - * size or supplied an invalid address.
4185 - */
4186 - props_error = SET_ERROR(EINVAL);
4187 - }
4188 -
4189 4232 off = fp->f_offset;
4190 4233 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
4191 4234 &zc->zc_action_handle);
4192 4235
4193 4236 if (error == 0) {
4194 4237 zfsvfs_t *zfsvfs = NULL;
4195 4238
4196 4239 if (getzfsvfs(tofs, &zfsvfs) == 0) {
4197 4240 /* online recv */
4198 4241 int end_err;
4199 4242
4200 4243 error = zfs_suspend_fs(zfsvfs);
4201 4244 /*
4202 4245 * If the suspend fails, then the recv_end will
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
4203 4246 * likely also fail, and clean up after itself.
4204 4247 */
4205 4248 end_err = dmu_recv_end(&drc, zfsvfs);
4206 4249 if (error == 0)
4207 4250 error = zfs_resume_fs(zfsvfs, tofs);
4208 4251 error = error ? error : end_err;
4209 4252 VFS_RELE(zfsvfs->z_vfs);
4210 4253 } else {
4211 4254 error = dmu_recv_end(&drc, NULL);
4212 4255 }
4256 +
4257 + /* Set delayed properties now, after we're done receiving. */
4258 + if (delayprops != NULL && error == 0) {
4259 + (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4260 + delayprops, errors);
4261 + }
4213 4262 }
4214 4263
4264 + if (delayprops != NULL) {
4265 + /*
4266 + * Merge delayed props back in with initial props, in case
4267 + * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
4268 + * we have to make sure clear_received_props() includes
4269 + * the delayed properties).
4270 + *
4271 + * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
4272 + * using ASSERT() will be just like a VERIFY.
4273 + */
4274 + ASSERT(nvlist_merge(props, delayprops, 0) == 0);
4275 + nvlist_free(delayprops);
4276 + }
4277 +
4278 + /*
4279 + * Now that all props, initial and delayed, are set, report the prop
4280 + * errors to the caller.
4281 + */
4282 + if (zc->zc_nvlist_dst_size != 0 &&
4283 + (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4284 + put_nvlist(zc, errors) != 0)) {
4285 + /*
4286 + * Caller made zc->zc_nvlist_dst less than the minimum expected
4287 + * size or supplied an invalid address.
4288 + */
4289 + props_error = SET_ERROR(EINVAL);
4290 + }
4291 +
4215 4292 zc->zc_cookie = off - fp->f_offset;
4216 4293 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4217 4294 fp->f_offset = off;
4218 4295
4219 4296 #ifdef DEBUG
4220 4297 if (zfs_ioc_recv_inject_err) {
4221 4298 zfs_ioc_recv_inject_err = B_FALSE;
4222 4299 error = 1;
4223 4300 }
4224 4301 #endif
4225 4302 /*
4226 4303 * On error, restore the original props.
4227 4304 */
4228 4305 if (error != 0 && props != NULL && !drc.drc_newfs) {
4229 4306 if (clear_received_props(tofs, props, NULL) != 0) {
4230 4307 /*
4231 4308 * We failed to clear the received properties.
4232 4309 * Since we may have left a $recvd value on the
4233 4310 * system, we can't clear the $hasrecvd flag.
4234 4311 */
4235 4312 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4236 4313 } else if (first_recvd_props) {
4237 4314 dsl_prop_unset_hasrecvd(tofs);
4238 4315 }
4239 4316
4240 4317 if (origprops == NULL && !drc.drc_newfs) {
4241 4318 /* We failed to stash the original properties. */
4242 4319 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4243 4320 }
4244 4321
4245 4322 /*
4246 4323 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4247 4324 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4248 4325 * explictly if we're restoring local properties cleared in the
4249 4326 * first new-style receive.
4250 4327 */
4251 4328 if (origprops != NULL &&
4252 4329 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4253 4330 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
4254 4331 origprops, NULL) != 0) {
4255 4332 /*
4256 4333 * We stashed the original properties but failed to
4257 4334 * restore them.
4258 4335 */
4259 4336 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4260 4337 }
4261 4338 }
4262 4339 out:
4263 4340 nvlist_free(props);
4264 4341 nvlist_free(origprops);
4265 4342 nvlist_free(errors);
4266 4343 releasef(fd);
4267 4344
4268 4345 if (error == 0)
4269 4346 error = props_error;
4270 4347
4271 4348 return (error);
4272 4349 }
4273 4350
4274 4351 /*
4275 4352 * inputs:
4276 4353 * zc_name name of snapshot to send
4277 4354 * zc_cookie file descriptor to send stream to
4278 4355 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4279 4356 * zc_sendobj objsetid of snapshot to send
4280 4357 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4281 4358 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4282 4359 * output size in zc_objset_type.
4283 4360 * zc_flags lzc_send_flags
4284 4361 *
4285 4362 * outputs:
4286 4363 * zc_objset_type estimated size, if zc_guid is set
4287 4364 */
4288 4365 static int
4289 4366 zfs_ioc_send(zfs_cmd_t *zc)
4290 4367 {
4291 4368 int error;
4292 4369 offset_t off;
4293 4370 boolean_t estimate = (zc->zc_guid != 0);
4294 4371 boolean_t embedok = (zc->zc_flags & 0x1);
4295 4372 boolean_t large_block_ok = (zc->zc_flags & 0x2);
4296 4373
4297 4374 if (zc->zc_obj != 0) {
4298 4375 dsl_pool_t *dp;
4299 4376 dsl_dataset_t *tosnap;
4300 4377
4301 4378 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4302 4379 if (error != 0)
4303 4380 return (error);
4304 4381
4305 4382 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4306 4383 if (error != 0) {
4307 4384 dsl_pool_rele(dp, FTAG);
4308 4385 return (error);
4309 4386 }
4310 4387
4311 4388 if (dsl_dir_is_clone(tosnap->ds_dir))
4312 4389 zc->zc_fromobj =
4313 4390 dsl_dir_phys(tosnap->ds_dir)->dd_origin_obj;
4314 4391 dsl_dataset_rele(tosnap, FTAG);
4315 4392 dsl_pool_rele(dp, FTAG);
4316 4393 }
4317 4394
4318 4395 if (estimate) {
4319 4396 dsl_pool_t *dp;
4320 4397 dsl_dataset_t *tosnap;
4321 4398 dsl_dataset_t *fromsnap = NULL;
4322 4399
4323 4400 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4324 4401 if (error != 0)
4325 4402 return (error);
4326 4403
4327 4404 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4328 4405 if (error != 0) {
4329 4406 dsl_pool_rele(dp, FTAG);
4330 4407 return (error);
4331 4408 }
4332 4409
4333 4410 if (zc->zc_fromobj != 0) {
4334 4411 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj,
4335 4412 FTAG, &fromsnap);
4336 4413 if (error != 0) {
4337 4414 dsl_dataset_rele(tosnap, FTAG);
4338 4415 dsl_pool_rele(dp, FTAG);
4339 4416 return (error);
4340 4417 }
4341 4418 }
4342 4419
4343 4420 error = dmu_send_estimate(tosnap, fromsnap,
4344 4421 &zc->zc_objset_type);
4345 4422
4346 4423 if (fromsnap != NULL)
4347 4424 dsl_dataset_rele(fromsnap, FTAG);
4348 4425 dsl_dataset_rele(tosnap, FTAG);
4349 4426 dsl_pool_rele(dp, FTAG);
4350 4427 } else {
4351 4428 file_t *fp = getf(zc->zc_cookie);
4352 4429 if (fp == NULL)
4353 4430 return (SET_ERROR(EBADF));
4354 4431
4355 4432 off = fp->f_offset;
4356 4433 error = dmu_send_obj(zc->zc_name, zc->zc_sendobj,
4357 4434 zc->zc_fromobj, embedok, large_block_ok,
4358 4435 zc->zc_cookie, fp->f_vnode, &off);
4359 4436
4360 4437 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4361 4438 fp->f_offset = off;
4362 4439 releasef(zc->zc_cookie);
4363 4440 }
4364 4441 return (error);
4365 4442 }
4366 4443
4367 4444 /*
4368 4445 * inputs:
4369 4446 * zc_name name of snapshot on which to report progress
4370 4447 * zc_cookie file descriptor of send stream
4371 4448 *
4372 4449 * outputs:
4373 4450 * zc_cookie number of bytes written in send stream thus far
4374 4451 */
4375 4452 static int
4376 4453 zfs_ioc_send_progress(zfs_cmd_t *zc)
4377 4454 {
4378 4455 dsl_pool_t *dp;
4379 4456 dsl_dataset_t *ds;
4380 4457 dmu_sendarg_t *dsp = NULL;
4381 4458 int error;
4382 4459
4383 4460 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4384 4461 if (error != 0)
4385 4462 return (error);
4386 4463
4387 4464 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &ds);
4388 4465 if (error != 0) {
4389 4466 dsl_pool_rele(dp, FTAG);
4390 4467 return (error);
4391 4468 }
4392 4469
4393 4470 mutex_enter(&ds->ds_sendstream_lock);
4394 4471
4395 4472 /*
4396 4473 * Iterate over all the send streams currently active on this dataset.
4397 4474 * If there's one which matches the specified file descriptor _and_ the
4398 4475 * stream was started by the current process, return the progress of
4399 4476 * that stream.
4400 4477 */
4401 4478 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4402 4479 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4403 4480 if (dsp->dsa_outfd == zc->zc_cookie &&
4404 4481 dsp->dsa_proc == curproc)
4405 4482 break;
4406 4483 }
4407 4484
4408 4485 if (dsp != NULL)
4409 4486 zc->zc_cookie = *(dsp->dsa_off);
4410 4487 else
4411 4488 error = SET_ERROR(ENOENT);
4412 4489
4413 4490 mutex_exit(&ds->ds_sendstream_lock);
4414 4491 dsl_dataset_rele(ds, FTAG);
4415 4492 dsl_pool_rele(dp, FTAG);
4416 4493 return (error);
4417 4494 }
4418 4495
4419 4496 static int
4420 4497 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4421 4498 {
4422 4499 int id, error;
4423 4500
4424 4501 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4425 4502 &zc->zc_inject_record);
4426 4503
4427 4504 if (error == 0)
4428 4505 zc->zc_guid = (uint64_t)id;
4429 4506
4430 4507 return (error);
4431 4508 }
4432 4509
4433 4510 static int
4434 4511 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4435 4512 {
4436 4513 return (zio_clear_fault((int)zc->zc_guid));
4437 4514 }
4438 4515
4439 4516 static int
4440 4517 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4441 4518 {
4442 4519 int id = (int)zc->zc_guid;
4443 4520 int error;
4444 4521
4445 4522 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4446 4523 &zc->zc_inject_record);
4447 4524
4448 4525 zc->zc_guid = id;
4449 4526
4450 4527 return (error);
4451 4528 }
4452 4529
4453 4530 static int
4454 4531 zfs_ioc_error_log(zfs_cmd_t *zc)
4455 4532 {
4456 4533 spa_t *spa;
4457 4534 int error;
4458 4535 size_t count = (size_t)zc->zc_nvlist_dst_size;
4459 4536
4460 4537 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4461 4538 return (error);
4462 4539
4463 4540 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4464 4541 &count);
4465 4542 if (error == 0)
4466 4543 zc->zc_nvlist_dst_size = count;
4467 4544 else
4468 4545 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4469 4546
4470 4547 spa_close(spa, FTAG);
4471 4548
4472 4549 return (error);
4473 4550 }
4474 4551
4475 4552 static int
4476 4553 zfs_ioc_clear(zfs_cmd_t *zc)
4477 4554 {
4478 4555 spa_t *spa;
4479 4556 vdev_t *vd;
4480 4557 int error;
4481 4558
4482 4559 /*
4483 4560 * On zpool clear we also fix up missing slogs
4484 4561 */
4485 4562 mutex_enter(&spa_namespace_lock);
4486 4563 spa = spa_lookup(zc->zc_name);
4487 4564 if (spa == NULL) {
4488 4565 mutex_exit(&spa_namespace_lock);
4489 4566 return (SET_ERROR(EIO));
4490 4567 }
4491 4568 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4492 4569 /* we need to let spa_open/spa_load clear the chains */
4493 4570 spa_set_log_state(spa, SPA_LOG_CLEAR);
4494 4571 }
4495 4572 spa->spa_last_open_failed = 0;
4496 4573 mutex_exit(&spa_namespace_lock);
4497 4574
4498 4575 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4499 4576 error = spa_open(zc->zc_name, &spa, FTAG);
4500 4577 } else {
4501 4578 nvlist_t *policy;
4502 4579 nvlist_t *config = NULL;
4503 4580
4504 4581 if (zc->zc_nvlist_src == NULL)
4505 4582 return (SET_ERROR(EINVAL));
4506 4583
4507 4584 if ((error = get_nvlist(zc->zc_nvlist_src,
4508 4585 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4509 4586 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4510 4587 policy, &config);
4511 4588 if (config != NULL) {
4512 4589 int err;
4513 4590
4514 4591 if ((err = put_nvlist(zc, config)) != 0)
4515 4592 error = err;
4516 4593 nvlist_free(config);
4517 4594 }
4518 4595 nvlist_free(policy);
4519 4596 }
4520 4597 }
4521 4598
4522 4599 if (error != 0)
4523 4600 return (error);
4524 4601
4525 4602 spa_vdev_state_enter(spa, SCL_NONE);
4526 4603
4527 4604 if (zc->zc_guid == 0) {
4528 4605 vd = NULL;
4529 4606 } else {
4530 4607 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4531 4608 if (vd == NULL) {
4532 4609 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4533 4610 spa_close(spa, FTAG);
4534 4611 return (SET_ERROR(ENODEV));
4535 4612 }
4536 4613 }
4537 4614
4538 4615 vdev_clear(spa, vd);
4539 4616
4540 4617 (void) spa_vdev_state_exit(spa, NULL, 0);
4541 4618
4542 4619 /*
4543 4620 * Resume any suspended I/Os.
4544 4621 */
4545 4622 if (zio_resume(spa) != 0)
4546 4623 error = SET_ERROR(EIO);
4547 4624
4548 4625 spa_close(spa, FTAG);
4549 4626
4550 4627 return (error);
4551 4628 }
4552 4629
4553 4630 static int
4554 4631 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4555 4632 {
4556 4633 spa_t *spa;
4557 4634 int error;
4558 4635
4559 4636 error = spa_open(zc->zc_name, &spa, FTAG);
4560 4637 if (error != 0)
4561 4638 return (error);
4562 4639
4563 4640 spa_vdev_state_enter(spa, SCL_NONE);
4564 4641
4565 4642 /*
4566 4643 * If a resilver is already in progress then set the
4567 4644 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4568 4645 * the scan as a side effect of the reopen. Otherwise, let
4569 4646 * vdev_open() decided if a resilver is required.
4570 4647 */
4571 4648 spa->spa_scrub_reopen = dsl_scan_resilvering(spa->spa_dsl_pool);
4572 4649 vdev_reopen(spa->spa_root_vdev);
4573 4650 spa->spa_scrub_reopen = B_FALSE;
4574 4651
4575 4652 (void) spa_vdev_state_exit(spa, NULL, 0);
4576 4653 spa_close(spa, FTAG);
4577 4654 return (0);
4578 4655 }
4579 4656 /*
4580 4657 * inputs:
4581 4658 * zc_name name of filesystem
4582 4659 * zc_value name of origin snapshot
4583 4660 *
4584 4661 * outputs:
4585 4662 * zc_string name of conflicting snapshot, if there is one
4586 4663 */
4587 4664 static int
4588 4665 zfs_ioc_promote(zfs_cmd_t *zc)
4589 4666 {
4590 4667 char *cp;
4591 4668
4592 4669 /*
4593 4670 * We don't need to unmount *all* the origin fs's snapshots, but
4594 4671 * it's easier.
4595 4672 */
4596 4673 cp = strchr(zc->zc_value, '@');
4597 4674 if (cp)
4598 4675 *cp = '\0';
4599 4676 (void) dmu_objset_find(zc->zc_value,
4600 4677 zfs_unmount_snap_cb, NULL, DS_FIND_SNAPSHOTS);
4601 4678 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4602 4679 }
4603 4680
4604 4681 /*
4605 4682 * Retrieve a single {user|group}{used|quota}@... property.
4606 4683 *
4607 4684 * inputs:
4608 4685 * zc_name name of filesystem
4609 4686 * zc_objset_type zfs_userquota_prop_t
4610 4687 * zc_value domain name (eg. "S-1-234-567-89")
4611 4688 * zc_guid RID/UID/GID
4612 4689 *
4613 4690 * outputs:
4614 4691 * zc_cookie property value
4615 4692 */
4616 4693 static int
4617 4694 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4618 4695 {
4619 4696 zfsvfs_t *zfsvfs;
4620 4697 int error;
4621 4698
4622 4699 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4623 4700 return (SET_ERROR(EINVAL));
4624 4701
4625 4702 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4626 4703 if (error != 0)
4627 4704 return (error);
4628 4705
4629 4706 error = zfs_userspace_one(zfsvfs,
4630 4707 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4631 4708 zfsvfs_rele(zfsvfs, FTAG);
4632 4709
4633 4710 return (error);
4634 4711 }
4635 4712
4636 4713 /*
4637 4714 * inputs:
4638 4715 * zc_name name of filesystem
4639 4716 * zc_cookie zap cursor
4640 4717 * zc_objset_type zfs_userquota_prop_t
4641 4718 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4642 4719 *
4643 4720 * outputs:
4644 4721 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4645 4722 * zc_cookie zap cursor
4646 4723 */
4647 4724 static int
4648 4725 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4649 4726 {
4650 4727 zfsvfs_t *zfsvfs;
4651 4728 int bufsize = zc->zc_nvlist_dst_size;
4652 4729
4653 4730 if (bufsize <= 0)
4654 4731 return (SET_ERROR(ENOMEM));
4655 4732
4656 4733 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4657 4734 if (error != 0)
4658 4735 return (error);
4659 4736
4660 4737 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4661 4738
4662 4739 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4663 4740 buf, &zc->zc_nvlist_dst_size);
4664 4741
4665 4742 if (error == 0) {
4666 4743 error = xcopyout(buf,
4667 4744 (void *)(uintptr_t)zc->zc_nvlist_dst,
4668 4745 zc->zc_nvlist_dst_size);
4669 4746 }
4670 4747 kmem_free(buf, bufsize);
4671 4748 zfsvfs_rele(zfsvfs, FTAG);
4672 4749
4673 4750 return (error);
4674 4751 }
4675 4752
4676 4753 /*
4677 4754 * inputs:
4678 4755 * zc_name name of filesystem
4679 4756 *
4680 4757 * outputs:
4681 4758 * none
4682 4759 */
4683 4760 static int
4684 4761 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4685 4762 {
4686 4763 objset_t *os;
4687 4764 int error = 0;
4688 4765 zfsvfs_t *zfsvfs;
4689 4766
4690 4767 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4691 4768 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4692 4769 /*
4693 4770 * If userused is not enabled, it may be because the
4694 4771 * objset needs to be closed & reopened (to grow the
4695 4772 * objset_phys_t). Suspend/resume the fs will do that.
4696 4773 */
4697 4774 error = zfs_suspend_fs(zfsvfs);
4698 4775 if (error == 0) {
4699 4776 dmu_objset_refresh_ownership(zfsvfs->z_os,
4700 4777 zfsvfs);
4701 4778 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4702 4779 }
4703 4780 }
4704 4781 if (error == 0)
4705 4782 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4706 4783 VFS_RELE(zfsvfs->z_vfs);
4707 4784 } else {
4708 4785 /* XXX kind of reading contents without owning */
4709 4786 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4710 4787 if (error != 0)
4711 4788 return (error);
4712 4789
4713 4790 error = dmu_objset_userspace_upgrade(os);
4714 4791 dmu_objset_rele(os, FTAG);
4715 4792 }
4716 4793
4717 4794 return (error);
4718 4795 }
4719 4796
4720 4797 /*
4721 4798 * We don't want to have a hard dependency
4722 4799 * against some special symbols in sharefs
4723 4800 * nfs, and smbsrv. Determine them if needed when
4724 4801 * the first file system is shared.
4725 4802 * Neither sharefs, nfs or smbsrv are unloadable modules.
4726 4803 */
4727 4804 int (*znfsexport_fs)(void *arg);
4728 4805 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4729 4806 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4730 4807
4731 4808 int zfs_nfsshare_inited;
4732 4809 int zfs_smbshare_inited;
4733 4810
4734 4811 ddi_modhandle_t nfs_mod;
4735 4812 ddi_modhandle_t sharefs_mod;
4736 4813 ddi_modhandle_t smbsrv_mod;
4737 4814 kmutex_t zfs_share_lock;
4738 4815
4739 4816 static int
4740 4817 zfs_init_sharefs()
4741 4818 {
4742 4819 int error;
4743 4820
4744 4821 ASSERT(MUTEX_HELD(&zfs_share_lock));
4745 4822 /* Both NFS and SMB shares also require sharetab support. */
4746 4823 if (sharefs_mod == NULL && ((sharefs_mod =
4747 4824 ddi_modopen("fs/sharefs",
4748 4825 KRTLD_MODE_FIRST, &error)) == NULL)) {
4749 4826 return (SET_ERROR(ENOSYS));
4750 4827 }
4751 4828 if (zshare_fs == NULL && ((zshare_fs =
4752 4829 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4753 4830 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4754 4831 return (SET_ERROR(ENOSYS));
4755 4832 }
4756 4833 return (0);
4757 4834 }
4758 4835
4759 4836 static int
4760 4837 zfs_ioc_share(zfs_cmd_t *zc)
4761 4838 {
4762 4839 int error;
4763 4840 int opcode;
4764 4841
4765 4842 switch (zc->zc_share.z_sharetype) {
4766 4843 case ZFS_SHARE_NFS:
4767 4844 case ZFS_UNSHARE_NFS:
4768 4845 if (zfs_nfsshare_inited == 0) {
4769 4846 mutex_enter(&zfs_share_lock);
4770 4847 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4771 4848 KRTLD_MODE_FIRST, &error)) == NULL)) {
4772 4849 mutex_exit(&zfs_share_lock);
4773 4850 return (SET_ERROR(ENOSYS));
4774 4851 }
4775 4852 if (znfsexport_fs == NULL &&
4776 4853 ((znfsexport_fs = (int (*)(void *))
4777 4854 ddi_modsym(nfs_mod,
4778 4855 "nfs_export", &error)) == NULL)) {
4779 4856 mutex_exit(&zfs_share_lock);
4780 4857 return (SET_ERROR(ENOSYS));
4781 4858 }
4782 4859 error = zfs_init_sharefs();
4783 4860 if (error != 0) {
4784 4861 mutex_exit(&zfs_share_lock);
4785 4862 return (SET_ERROR(ENOSYS));
4786 4863 }
4787 4864 zfs_nfsshare_inited = 1;
4788 4865 mutex_exit(&zfs_share_lock);
4789 4866 }
4790 4867 break;
4791 4868 case ZFS_SHARE_SMB:
4792 4869 case ZFS_UNSHARE_SMB:
4793 4870 if (zfs_smbshare_inited == 0) {
4794 4871 mutex_enter(&zfs_share_lock);
4795 4872 if (smbsrv_mod == NULL && ((smbsrv_mod =
4796 4873 ddi_modopen("drv/smbsrv",
4797 4874 KRTLD_MODE_FIRST, &error)) == NULL)) {
4798 4875 mutex_exit(&zfs_share_lock);
4799 4876 return (SET_ERROR(ENOSYS));
4800 4877 }
4801 4878 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4802 4879 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4803 4880 "smb_server_share", &error)) == NULL)) {
4804 4881 mutex_exit(&zfs_share_lock);
4805 4882 return (SET_ERROR(ENOSYS));
4806 4883 }
4807 4884 error = zfs_init_sharefs();
4808 4885 if (error != 0) {
4809 4886 mutex_exit(&zfs_share_lock);
4810 4887 return (SET_ERROR(ENOSYS));
4811 4888 }
4812 4889 zfs_smbshare_inited = 1;
4813 4890 mutex_exit(&zfs_share_lock);
4814 4891 }
4815 4892 break;
4816 4893 default:
4817 4894 return (SET_ERROR(EINVAL));
4818 4895 }
4819 4896
4820 4897 switch (zc->zc_share.z_sharetype) {
4821 4898 case ZFS_SHARE_NFS:
4822 4899 case ZFS_UNSHARE_NFS:
4823 4900 if (error =
4824 4901 znfsexport_fs((void *)
4825 4902 (uintptr_t)zc->zc_share.z_exportdata))
4826 4903 return (error);
4827 4904 break;
4828 4905 case ZFS_SHARE_SMB:
4829 4906 case ZFS_UNSHARE_SMB:
4830 4907 if (error = zsmbexport_fs((void *)
4831 4908 (uintptr_t)zc->zc_share.z_exportdata,
4832 4909 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4833 4910 B_TRUE: B_FALSE)) {
4834 4911 return (error);
4835 4912 }
4836 4913 break;
4837 4914 }
4838 4915
4839 4916 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4840 4917 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4841 4918 SHAREFS_ADD : SHAREFS_REMOVE;
4842 4919
4843 4920 /*
4844 4921 * Add or remove share from sharetab
4845 4922 */
4846 4923 error = zshare_fs(opcode,
4847 4924 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4848 4925 zc->zc_share.z_sharemax);
4849 4926
4850 4927 return (error);
4851 4928
4852 4929 }
4853 4930
4854 4931 ace_t full_access[] = {
4855 4932 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4856 4933 };
4857 4934
4858 4935 /*
4859 4936 * inputs:
4860 4937 * zc_name name of containing filesystem
4861 4938 * zc_obj object # beyond which we want next in-use object #
4862 4939 *
4863 4940 * outputs:
4864 4941 * zc_obj next in-use object #
4865 4942 */
4866 4943 static int
4867 4944 zfs_ioc_next_obj(zfs_cmd_t *zc)
4868 4945 {
4869 4946 objset_t *os = NULL;
4870 4947 int error;
4871 4948
4872 4949 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4873 4950 if (error != 0)
4874 4951 return (error);
4875 4952
4876 4953 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4877 4954 dsl_dataset_phys(os->os_dsl_dataset)->ds_prev_snap_txg);
4878 4955
4879 4956 dmu_objset_rele(os, FTAG);
4880 4957 return (error);
4881 4958 }
4882 4959
4883 4960 /*
4884 4961 * inputs:
4885 4962 * zc_name name of filesystem
4886 4963 * zc_value prefix name for snapshot
4887 4964 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4888 4965 *
4889 4966 * outputs:
4890 4967 * zc_value short name of new snapshot
4891 4968 */
4892 4969 static int
4893 4970 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4894 4971 {
4895 4972 char *snap_name;
4896 4973 char *hold_name;
4897 4974 int error;
4898 4975 minor_t minor;
4899 4976
4900 4977 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4901 4978 if (error != 0)
4902 4979 return (error);
4903 4980
4904 4981 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4905 4982 (u_longlong_t)ddi_get_lbolt64());
4906 4983 hold_name = kmem_asprintf("%%%s", zc->zc_value);
4907 4984
4908 4985 error = dsl_dataset_snapshot_tmp(zc->zc_name, snap_name, minor,
4909 4986 hold_name);
4910 4987 if (error == 0)
4911 4988 (void) strcpy(zc->zc_value, snap_name);
4912 4989 strfree(snap_name);
4913 4990 strfree(hold_name);
4914 4991 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4915 4992 return (error);
4916 4993 }
4917 4994
4918 4995 /*
4919 4996 * inputs:
4920 4997 * zc_name name of "to" snapshot
4921 4998 * zc_value name of "from" snapshot
4922 4999 * zc_cookie file descriptor to write diff data on
4923 5000 *
4924 5001 * outputs:
4925 5002 * dmu_diff_record_t's to the file descriptor
4926 5003 */
4927 5004 static int
4928 5005 zfs_ioc_diff(zfs_cmd_t *zc)
4929 5006 {
4930 5007 file_t *fp;
4931 5008 offset_t off;
4932 5009 int error;
4933 5010
4934 5011 fp = getf(zc->zc_cookie);
4935 5012 if (fp == NULL)
4936 5013 return (SET_ERROR(EBADF));
4937 5014
4938 5015 off = fp->f_offset;
4939 5016
4940 5017 error = dmu_diff(zc->zc_name, zc->zc_value, fp->f_vnode, &off);
4941 5018
4942 5019 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4943 5020 fp->f_offset = off;
4944 5021 releasef(zc->zc_cookie);
4945 5022
4946 5023 return (error);
4947 5024 }
4948 5025
4949 5026 /*
4950 5027 * Remove all ACL files in shares dir
4951 5028 */
4952 5029 static int
4953 5030 zfs_smb_acl_purge(znode_t *dzp)
4954 5031 {
4955 5032 zap_cursor_t zc;
4956 5033 zap_attribute_t zap;
4957 5034 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4958 5035 int error;
4959 5036
4960 5037 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4961 5038 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4962 5039 zap_cursor_advance(&zc)) {
4963 5040 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4964 5041 NULL, 0)) != 0)
4965 5042 break;
4966 5043 }
4967 5044 zap_cursor_fini(&zc);
4968 5045 return (error);
4969 5046 }
4970 5047
4971 5048 static int
4972 5049 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4973 5050 {
4974 5051 vnode_t *vp;
4975 5052 znode_t *dzp;
4976 5053 vnode_t *resourcevp = NULL;
4977 5054 znode_t *sharedir;
4978 5055 zfsvfs_t *zfsvfs;
4979 5056 nvlist_t *nvlist;
4980 5057 char *src, *target;
4981 5058 vattr_t vattr;
4982 5059 vsecattr_t vsec;
4983 5060 int error = 0;
4984 5061
4985 5062 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4986 5063 NO_FOLLOW, NULL, &vp)) != 0)
4987 5064 return (error);
4988 5065
4989 5066 /* Now make sure mntpnt and dataset are ZFS */
4990 5067
4991 5068 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
4992 5069 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4993 5070 zc->zc_name) != 0)) {
4994 5071 VN_RELE(vp);
4995 5072 return (SET_ERROR(EINVAL));
4996 5073 }
4997 5074
4998 5075 dzp = VTOZ(vp);
4999 5076 zfsvfs = dzp->z_zfsvfs;
5000 5077 ZFS_ENTER(zfsvfs);
5001 5078
5002 5079 /*
5003 5080 * Create share dir if its missing.
5004 5081 */
5005 5082 mutex_enter(&zfsvfs->z_lock);
5006 5083 if (zfsvfs->z_shares_dir == 0) {
5007 5084 dmu_tx_t *tx;
5008 5085
5009 5086 tx = dmu_tx_create(zfsvfs->z_os);
5010 5087 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
5011 5088 ZFS_SHARES_DIR);
5012 5089 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
5013 5090 error = dmu_tx_assign(tx, TXG_WAIT);
5014 5091 if (error != 0) {
5015 5092 dmu_tx_abort(tx);
5016 5093 } else {
5017 5094 error = zfs_create_share_dir(zfsvfs, tx);
5018 5095 dmu_tx_commit(tx);
5019 5096 }
5020 5097 if (error != 0) {
5021 5098 mutex_exit(&zfsvfs->z_lock);
5022 5099 VN_RELE(vp);
5023 5100 ZFS_EXIT(zfsvfs);
5024 5101 return (error);
5025 5102 }
5026 5103 }
5027 5104 mutex_exit(&zfsvfs->z_lock);
5028 5105
5029 5106 ASSERT(zfsvfs->z_shares_dir);
5030 5107 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
5031 5108 VN_RELE(vp);
5032 5109 ZFS_EXIT(zfsvfs);
5033 5110 return (error);
5034 5111 }
5035 5112
5036 5113 switch (zc->zc_cookie) {
5037 5114 case ZFS_SMB_ACL_ADD:
5038 5115 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
5039 5116 vattr.va_type = VREG;
5040 5117 vattr.va_mode = S_IFREG|0777;
5041 5118 vattr.va_uid = 0;
5042 5119 vattr.va_gid = 0;
5043 5120
5044 5121 vsec.vsa_mask = VSA_ACE;
5045 5122 vsec.vsa_aclentp = &full_access;
5046 5123 vsec.vsa_aclentsz = sizeof (full_access);
5047 5124 vsec.vsa_aclcnt = 1;
5048 5125
5049 5126 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
5050 5127 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
5051 5128 if (resourcevp)
5052 5129 VN_RELE(resourcevp);
5053 5130 break;
5054 5131
5055 5132 case ZFS_SMB_ACL_REMOVE:
5056 5133 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
5057 5134 NULL, 0);
5058 5135 break;
5059 5136
5060 5137 case ZFS_SMB_ACL_RENAME:
5061 5138 if ((error = get_nvlist(zc->zc_nvlist_src,
5062 5139 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
5063 5140 VN_RELE(vp);
5064 5141 VN_RELE(ZTOV(sharedir));
5065 5142 ZFS_EXIT(zfsvfs);
5066 5143 return (error);
5067 5144 }
5068 5145 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
5069 5146 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
5070 5147 &target)) {
5071 5148 VN_RELE(vp);
5072 5149 VN_RELE(ZTOV(sharedir));
5073 5150 ZFS_EXIT(zfsvfs);
5074 5151 nvlist_free(nvlist);
5075 5152 return (error);
5076 5153 }
5077 5154 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
5078 5155 kcred, NULL, 0);
5079 5156 nvlist_free(nvlist);
5080 5157 break;
5081 5158
5082 5159 case ZFS_SMB_ACL_PURGE:
5083 5160 error = zfs_smb_acl_purge(sharedir);
5084 5161 break;
5085 5162
5086 5163 default:
5087 5164 error = SET_ERROR(EINVAL);
5088 5165 break;
5089 5166 }
5090 5167
5091 5168 VN_RELE(vp);
5092 5169 VN_RELE(ZTOV(sharedir));
5093 5170
5094 5171 ZFS_EXIT(zfsvfs);
5095 5172
5096 5173 return (error);
5097 5174 }
5098 5175
5099 5176 /*
5100 5177 * innvl: {
5101 5178 * "holds" -> { snapname -> holdname (string), ... }
5102 5179 * (optional) "cleanup_fd" -> fd (int32)
5103 5180 * }
5104 5181 *
5105 5182 * outnvl: {
5106 5183 * snapname -> error value (int32)
5107 5184 * ...
5108 5185 * }
5109 5186 */
5110 5187 /* ARGSUSED */
5111 5188 static int
5112 5189 zfs_ioc_hold(const char *pool, nvlist_t *args, nvlist_t *errlist)
5113 5190 {
5114 5191 nvlist_t *holds;
5115 5192 int cleanup_fd = -1;
5116 5193 int error;
5117 5194 minor_t minor = 0;
5118 5195
5119 5196 error = nvlist_lookup_nvlist(args, "holds", &holds);
5120 5197 if (error != 0)
5121 5198 return (SET_ERROR(EINVAL));
5122 5199
5123 5200 if (nvlist_lookup_int32(args, "cleanup_fd", &cleanup_fd) == 0) {
5124 5201 error = zfs_onexit_fd_hold(cleanup_fd, &minor);
5125 5202 if (error != 0)
5126 5203 return (error);
5127 5204 }
5128 5205
5129 5206 error = dsl_dataset_user_hold(holds, minor, errlist);
5130 5207 if (minor != 0)
5131 5208 zfs_onexit_fd_rele(cleanup_fd);
5132 5209 return (error);
5133 5210 }
5134 5211
5135 5212 /*
5136 5213 * innvl is not used.
5137 5214 *
5138 5215 * outnvl: {
5139 5216 * holdname -> time added (uint64 seconds since epoch)
5140 5217 * ...
5141 5218 * }
5142 5219 */
5143 5220 /* ARGSUSED */
5144 5221 static int
5145 5222 zfs_ioc_get_holds(const char *snapname, nvlist_t *args, nvlist_t *outnvl)
5146 5223 {
5147 5224 return (dsl_dataset_get_holds(snapname, outnvl));
5148 5225 }
5149 5226
5150 5227 /*
5151 5228 * innvl: {
5152 5229 * snapname -> { holdname, ... }
5153 5230 * ...
5154 5231 * }
5155 5232 *
5156 5233 * outnvl: {
5157 5234 * snapname -> error value (int32)
5158 5235 * ...
5159 5236 * }
5160 5237 */
5161 5238 /* ARGSUSED */
5162 5239 static int
5163 5240 zfs_ioc_release(const char *pool, nvlist_t *holds, nvlist_t *errlist)
5164 5241 {
5165 5242 return (dsl_dataset_user_release(holds, errlist));
5166 5243 }
5167 5244
5168 5245 /*
5169 5246 * inputs:
5170 5247 * zc_name name of new filesystem or snapshot
5171 5248 * zc_value full name of old snapshot
5172 5249 *
5173 5250 * outputs:
5174 5251 * zc_cookie space in bytes
5175 5252 * zc_objset_type compressed space in bytes
5176 5253 * zc_perm_action uncompressed space in bytes
5177 5254 */
5178 5255 static int
5179 5256 zfs_ioc_space_written(zfs_cmd_t *zc)
5180 5257 {
5181 5258 int error;
5182 5259 dsl_pool_t *dp;
5183 5260 dsl_dataset_t *new, *old;
5184 5261
5185 5262 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5186 5263 if (error != 0)
5187 5264 return (error);
5188 5265 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &new);
5189 5266 if (error != 0) {
5190 5267 dsl_pool_rele(dp, FTAG);
5191 5268 return (error);
5192 5269 }
5193 5270 error = dsl_dataset_hold(dp, zc->zc_value, FTAG, &old);
5194 5271 if (error != 0) {
5195 5272 dsl_dataset_rele(new, FTAG);
5196 5273 dsl_pool_rele(dp, FTAG);
5197 5274 return (error);
5198 5275 }
5199 5276
5200 5277 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5201 5278 &zc->zc_objset_type, &zc->zc_perm_action);
5202 5279 dsl_dataset_rele(old, FTAG);
5203 5280 dsl_dataset_rele(new, FTAG);
5204 5281 dsl_pool_rele(dp, FTAG);
5205 5282 return (error);
5206 5283 }
5207 5284
5208 5285 /*
5209 5286 * innvl: {
5210 5287 * "firstsnap" -> snapshot name
5211 5288 * }
5212 5289 *
5213 5290 * outnvl: {
5214 5291 * "used" -> space in bytes
5215 5292 * "compressed" -> compressed space in bytes
5216 5293 * "uncompressed" -> uncompressed space in bytes
5217 5294 * }
5218 5295 */
5219 5296 static int
5220 5297 zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
5221 5298 {
5222 5299 int error;
5223 5300 dsl_pool_t *dp;
5224 5301 dsl_dataset_t *new, *old;
5225 5302 char *firstsnap;
5226 5303 uint64_t used, comp, uncomp;
5227 5304
5228 5305 if (nvlist_lookup_string(innvl, "firstsnap", &firstsnap) != 0)
5229 5306 return (SET_ERROR(EINVAL));
5230 5307
5231 5308 error = dsl_pool_hold(lastsnap, FTAG, &dp);
5232 5309 if (error != 0)
5233 5310 return (error);
5234 5311
5235 5312 error = dsl_dataset_hold(dp, lastsnap, FTAG, &new);
5236 5313 if (error != 0) {
5237 5314 dsl_pool_rele(dp, FTAG);
5238 5315 return (error);
5239 5316 }
5240 5317 error = dsl_dataset_hold(dp, firstsnap, FTAG, &old);
5241 5318 if (error != 0) {
5242 5319 dsl_dataset_rele(new, FTAG);
5243 5320 dsl_pool_rele(dp, FTAG);
5244 5321 return (error);
5245 5322 }
5246 5323
5247 5324 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
5248 5325 dsl_dataset_rele(old, FTAG);
5249 5326 dsl_dataset_rele(new, FTAG);
5250 5327 dsl_pool_rele(dp, FTAG);
5251 5328 fnvlist_add_uint64(outnvl, "used", used);
5252 5329 fnvlist_add_uint64(outnvl, "compressed", comp);
5253 5330 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
5254 5331 return (error);
5255 5332 }
5256 5333
5257 5334 /*
5258 5335 * innvl: {
5259 5336 * "fd" -> file descriptor to write stream to (int32)
5260 5337 * (optional) "fromsnap" -> full snap name to send an incremental from
5261 5338 * (optional) "largeblockok" -> (value ignored)
5262 5339 * indicates that blocks > 128KB are permitted
5263 5340 * (optional) "embedok" -> (value ignored)
5264 5341 * presence indicates DRR_WRITE_EMBEDDED records are permitted
5265 5342 * }
5266 5343 *
5267 5344 * outnvl is unused
5268 5345 */
5269 5346 /* ARGSUSED */
5270 5347 static int
5271 5348 zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5272 5349 {
5273 5350 int error;
5274 5351 offset_t off;
5275 5352 char *fromname = NULL;
5276 5353 int fd;
5277 5354 boolean_t largeblockok;
5278 5355 boolean_t embedok;
5279 5356
5280 5357 error = nvlist_lookup_int32(innvl, "fd", &fd);
5281 5358 if (error != 0)
5282 5359 return (SET_ERROR(EINVAL));
5283 5360
5284 5361 (void) nvlist_lookup_string(innvl, "fromsnap", &fromname);
5285 5362
5286 5363 largeblockok = nvlist_exists(innvl, "largeblockok");
5287 5364 embedok = nvlist_exists(innvl, "embedok");
5288 5365
5289 5366 file_t *fp = getf(fd);
5290 5367 if (fp == NULL)
5291 5368 return (SET_ERROR(EBADF));
5292 5369
5293 5370 off = fp->f_offset;
5294 5371 error = dmu_send(snapname, fromname, embedok, largeblockok,
5295 5372 fd, fp->f_vnode, &off);
5296 5373
5297 5374 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5298 5375 fp->f_offset = off;
5299 5376 releasef(fd);
5300 5377 return (error);
5301 5378 }
5302 5379
5303 5380 /*
5304 5381 * Determine approximately how large a zfs send stream will be -- the number
5305 5382 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5306 5383 *
5307 5384 * innvl: {
5308 5385 * (optional) "from" -> full snap or bookmark name to send an incremental
5309 5386 * from
5310 5387 * }
5311 5388 *
5312 5389 * outnvl: {
5313 5390 * "space" -> bytes of space (uint64)
5314 5391 * }
5315 5392 */
5316 5393 static int
5317 5394 zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5318 5395 {
5319 5396 dsl_pool_t *dp;
5320 5397 dsl_dataset_t *tosnap;
5321 5398 int error;
5322 5399 char *fromname;
5323 5400 uint64_t space;
5324 5401
5325 5402 error = dsl_pool_hold(snapname, FTAG, &dp);
5326 5403 if (error != 0)
5327 5404 return (error);
5328 5405
5329 5406 error = dsl_dataset_hold(dp, snapname, FTAG, &tosnap);
5330 5407 if (error != 0) {
5331 5408 dsl_pool_rele(dp, FTAG);
5332 5409 return (error);
5333 5410 }
5334 5411
5335 5412 error = nvlist_lookup_string(innvl, "from", &fromname);
5336 5413 if (error == 0) {
5337 5414 if (strchr(fromname, '@') != NULL) {
5338 5415 /*
5339 5416 * If from is a snapshot, hold it and use the more
5340 5417 * efficient dmu_send_estimate to estimate send space
5341 5418 * size using deadlists.
5342 5419 */
5343 5420 dsl_dataset_t *fromsnap;
5344 5421 error = dsl_dataset_hold(dp, fromname, FTAG, &fromsnap);
5345 5422 if (error != 0)
5346 5423 goto out;
5347 5424 error = dmu_send_estimate(tosnap, fromsnap, &space);
5348 5425 dsl_dataset_rele(fromsnap, FTAG);
5349 5426 } else if (strchr(fromname, '#') != NULL) {
5350 5427 /*
5351 5428 * If from is a bookmark, fetch the creation TXG of the
5352 5429 * snapshot it was created from and use that to find
5353 5430 * blocks that were born after it.
5354 5431 */
5355 5432 zfs_bookmark_phys_t frombm;
5356 5433
5357 5434 error = dsl_bookmark_lookup(dp, fromname, tosnap,
5358 5435 &frombm);
5359 5436 if (error != 0)
5360 5437 goto out;
5361 5438 error = dmu_send_estimate_from_txg(tosnap,
5362 5439 frombm.zbm_creation_txg, &space);
5363 5440 } else {
5364 5441 /*
5365 5442 * from is not properly formatted as a snapshot or
5366 5443 * bookmark
5367 5444 */
5368 5445 error = SET_ERROR(EINVAL);
5369 5446 goto out;
5370 5447 }
5371 5448 } else {
5372 5449 // If estimating the size of a full send, use dmu_send_estimate
5373 5450 error = dmu_send_estimate(tosnap, NULL, &space);
5374 5451 }
5375 5452
5376 5453 fnvlist_add_uint64(outnvl, "space", space);
5377 5454
5378 5455 out:
5379 5456 dsl_dataset_rele(tosnap, FTAG);
5380 5457 dsl_pool_rele(dp, FTAG);
5381 5458 return (error);
5382 5459 }
5383 5460
5384 5461 static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
5385 5462
5386 5463 static void
5387 5464 zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5388 5465 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5389 5466 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
5390 5467 {
5391 5468 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5392 5469
5393 5470 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5394 5471 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5395 5472 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5396 5473 ASSERT3P(vec->zvec_func, ==, NULL);
5397 5474
5398 5475 vec->zvec_legacy_func = func;
5399 5476 vec->zvec_secpolicy = secpolicy;
5400 5477 vec->zvec_namecheck = namecheck;
5401 5478 vec->zvec_allow_log = log_history;
5402 5479 vec->zvec_pool_check = pool_check;
5403 5480 }
5404 5481
5405 5482 /*
5406 5483 * See the block comment at the beginning of this file for details on
5407 5484 * each argument to this function.
5408 5485 */
5409 5486 static void
5410 5487 zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
5411 5488 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5412 5489 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
5413 5490 boolean_t allow_log)
5414 5491 {
5415 5492 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5416 5493
5417 5494 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5418 5495 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5419 5496 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5420 5497 ASSERT3P(vec->zvec_func, ==, NULL);
5421 5498
5422 5499 /* if we are logging, the name must be valid */
5423 5500 ASSERT(!allow_log || namecheck != NO_NAME);
5424 5501
5425 5502 vec->zvec_name = name;
5426 5503 vec->zvec_func = func;
5427 5504 vec->zvec_secpolicy = secpolicy;
5428 5505 vec->zvec_namecheck = namecheck;
5429 5506 vec->zvec_pool_check = pool_check;
5430 5507 vec->zvec_smush_outnvlist = smush_outnvlist;
5431 5508 vec->zvec_allow_log = allow_log;
5432 5509 }
5433 5510
5434 5511 static void
5435 5512 zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5436 5513 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
5437 5514 zfs_ioc_poolcheck_t pool_check)
5438 5515 {
5439 5516 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5440 5517 POOL_NAME, log_history, pool_check);
5441 5518 }
5442 5519
5443 5520 static void
5444 5521 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5445 5522 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
5446 5523 {
5447 5524 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5448 5525 DATASET_NAME, B_FALSE, pool_check);
5449 5526 }
5450 5527
5451 5528 static void
5452 5529 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5453 5530 {
5454 5531 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
5455 5532 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5456 5533 }
5457 5534
5458 5535 static void
5459 5536 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5460 5537 zfs_secpolicy_func_t *secpolicy)
5461 5538 {
5462 5539 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5463 5540 NO_NAME, B_FALSE, POOL_CHECK_NONE);
5464 5541 }
5465 5542
5466 5543 static void
5467 5544 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
5468 5545 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
5469 5546 {
5470 5547 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5471 5548 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
5472 5549 }
5473 5550
5474 5551 static void
5475 5552 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5476 5553 {
5477 5554 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
5478 5555 zfs_secpolicy_read);
5479 5556 }
5480 5557
5481 5558 static void
5482 5559 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5483 5560 zfs_secpolicy_func_t *secpolicy)
5484 5561 {
5485 5562 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5486 5563 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5487 5564 }
5488 5565
5489 5566 static void
5490 5567 zfs_ioctl_init(void)
5491 5568 {
5492 5569 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
5493 5570 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
5494 5571 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5495 5572
5496 5573 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
5497 5574 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
5498 5575 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE);
5499 5576
5500 5577 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
5501 5578 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
5502 5579 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5503 5580
5504 5581 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
5505 5582 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
5506 5583 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5507 5584
5508 5585 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
5509 5586 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
5510 5587 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5511 5588
5512 5589 zfs_ioctl_register("create", ZFS_IOC_CREATE,
5513 5590 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
5514 5591 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5515 5592
5516 5593 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
5517 5594 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
5518 5595 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5519 5596
5520 5597 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
5521 5598 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
5522 5599 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5523 5600
5524 5601 zfs_ioctl_register("hold", ZFS_IOC_HOLD,
5525 5602 zfs_ioc_hold, zfs_secpolicy_hold, POOL_NAME,
5526 5603 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5527 5604 zfs_ioctl_register("release", ZFS_IOC_RELEASE,
5528 5605 zfs_ioc_release, zfs_secpolicy_release, POOL_NAME,
5529 5606 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5530 5607
5531 5608 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS,
5532 5609 zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME,
5533 5610 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5534 5611
5535 5612 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK,
5536 5613 zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME,
5537 5614 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_TRUE);
5538 5615
5539 5616 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK,
5540 5617 zfs_ioc_bookmark, zfs_secpolicy_bookmark, POOL_NAME,
5541 5618 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5542 5619
5543 5620 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS,
5544 5621 zfs_ioc_get_bookmarks, zfs_secpolicy_read, DATASET_NAME,
5545 5622 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5546 5623
5547 5624 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS,
5548 5625 zfs_ioc_destroy_bookmarks, zfs_secpolicy_destroy_bookmarks,
5549 5626 POOL_NAME,
5550 5627 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5551 5628
5552 5629 /* IOCTLS that use the legacy function signature */
5553 5630
5554 5631 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
5555 5632 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
5556 5633
5557 5634 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
5558 5635 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5559 5636 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
5560 5637 zfs_ioc_pool_scan);
5561 5638 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
5562 5639 zfs_ioc_pool_upgrade);
5563 5640 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
5564 5641 zfs_ioc_vdev_add);
5565 5642 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
5566 5643 zfs_ioc_vdev_remove);
5567 5644 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
5568 5645 zfs_ioc_vdev_set_state);
5569 5646 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
5570 5647 zfs_ioc_vdev_attach);
5571 5648 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
5572 5649 zfs_ioc_vdev_detach);
5573 5650 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
5574 5651 zfs_ioc_vdev_setpath);
5575 5652 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
5576 5653 zfs_ioc_vdev_setfru);
5577 5654 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
5578 5655 zfs_ioc_pool_set_props);
5579 5656 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
5580 5657 zfs_ioc_vdev_split);
5581 5658 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
5582 5659 zfs_ioc_pool_reguid);
5583 5660
5584 5661 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
5585 5662 zfs_ioc_pool_configs, zfs_secpolicy_none);
5586 5663 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
5587 5664 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
5588 5665 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
5589 5666 zfs_ioc_inject_fault, zfs_secpolicy_inject);
5590 5667 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
5591 5668 zfs_ioc_clear_fault, zfs_secpolicy_inject);
5592 5669 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
5593 5670 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
5594 5671
5595 5672 /*
5596 5673 * pool destroy, and export don't log the history as part of
5597 5674 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5598 5675 * does the logging of those commands.
5599 5676 */
5600 5677 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
5601 5678 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5602 5679 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
5603 5680 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5604 5681
5605 5682 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
5606 5683 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5607 5684 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
5608 5685 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5609 5686
5610 5687 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
5611 5688 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
5612 5689 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
5613 5690 zfs_ioc_dsobj_to_dsname,
5614 5691 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
5615 5692 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
5616 5693 zfs_ioc_pool_get_history,
5617 5694 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
5618 5695
5619 5696 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
5620 5697 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5621 5698
5622 5699 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
5623 5700 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5624 5701 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
5625 5702 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5626 5703
5627 5704 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
5628 5705 zfs_ioc_space_written);
5629 5706 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
5630 5707 zfs_ioc_objset_recvd_props);
5631 5708 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
5632 5709 zfs_ioc_next_obj);
5633 5710 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
5634 5711 zfs_ioc_get_fsacl);
5635 5712 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
5636 5713 zfs_ioc_objset_stats);
5637 5714 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
5638 5715 zfs_ioc_objset_zplprops);
5639 5716 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
5640 5717 zfs_ioc_dataset_list_next);
5641 5718 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
5642 5719 zfs_ioc_snapshot_list_next);
5643 5720 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
5644 5721 zfs_ioc_send_progress);
5645 5722
5646 5723 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
5647 5724 zfs_ioc_diff, zfs_secpolicy_diff);
5648 5725 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
5649 5726 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
5650 5727 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
5651 5728 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
5652 5729 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
5653 5730 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
5654 5731 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
5655 5732 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
5656 5733 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
5657 5734 zfs_ioc_send, zfs_secpolicy_send);
5658 5735
5659 5736 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
5660 5737 zfs_secpolicy_none);
5661 5738 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
5662 5739 zfs_secpolicy_destroy);
5663 5740 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
5664 5741 zfs_secpolicy_rename);
5665 5742 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
5666 5743 zfs_secpolicy_recv);
5667 5744 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
5668 5745 zfs_secpolicy_promote);
5669 5746 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
5670 5747 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
5671 5748 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
5672 5749 zfs_secpolicy_set_fsacl);
5673 5750
5674 5751 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
5675 5752 zfs_secpolicy_share, POOL_CHECK_NONE);
5676 5753 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
5677 5754 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
5678 5755 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
5679 5756 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5680 5757 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5681 5758 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
5682 5759 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
5683 5760 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5684 5761 }
5685 5762
5686 5763 int
5687 5764 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5688 5765 zfs_ioc_poolcheck_t check)
5689 5766 {
5690 5767 spa_t *spa;
5691 5768 int error;
5692 5769
5693 5770 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5694 5771
5695 5772 if (check & POOL_CHECK_NONE)
5696 5773 return (0);
5697 5774
5698 5775 error = spa_open(name, &spa, FTAG);
5699 5776 if (error == 0) {
5700 5777 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5701 5778 error = SET_ERROR(EAGAIN);
5702 5779 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5703 5780 error = SET_ERROR(EROFS);
5704 5781 spa_close(spa, FTAG);
5705 5782 }
5706 5783 return (error);
5707 5784 }
5708 5785
5709 5786 /*
5710 5787 * Find a free minor number.
5711 5788 */
5712 5789 minor_t
5713 5790 zfsdev_minor_alloc(void)
5714 5791 {
5715 5792 static minor_t last_minor;
5716 5793 minor_t m;
5717 5794
5718 5795 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5719 5796
5720 5797 for (m = last_minor + 1; m != last_minor; m++) {
5721 5798 if (m > ZFSDEV_MAX_MINOR)
5722 5799 m = 1;
5723 5800 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5724 5801 last_minor = m;
5725 5802 return (m);
5726 5803 }
5727 5804 }
5728 5805
5729 5806 return (0);
5730 5807 }
5731 5808
5732 5809 static int
5733 5810 zfs_ctldev_init(dev_t *devp)
5734 5811 {
5735 5812 minor_t minor;
5736 5813 zfs_soft_state_t *zs;
5737 5814
5738 5815 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5739 5816 ASSERT(getminor(*devp) == 0);
5740 5817
5741 5818 minor = zfsdev_minor_alloc();
5742 5819 if (minor == 0)
5743 5820 return (SET_ERROR(ENXIO));
5744 5821
5745 5822 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5746 5823 return (SET_ERROR(EAGAIN));
5747 5824
5748 5825 *devp = makedevice(getemajor(*devp), minor);
5749 5826
5750 5827 zs = ddi_get_soft_state(zfsdev_state, minor);
5751 5828 zs->zss_type = ZSST_CTLDEV;
5752 5829 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5753 5830
5754 5831 return (0);
5755 5832 }
5756 5833
5757 5834 static void
5758 5835 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5759 5836 {
5760 5837 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5761 5838
5762 5839 zfs_onexit_destroy(zo);
5763 5840 ddi_soft_state_free(zfsdev_state, minor);
5764 5841 }
5765 5842
5766 5843 void *
5767 5844 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5768 5845 {
5769 5846 zfs_soft_state_t *zp;
5770 5847
5771 5848 zp = ddi_get_soft_state(zfsdev_state, minor);
5772 5849 if (zp == NULL || zp->zss_type != which)
5773 5850 return (NULL);
5774 5851
5775 5852 return (zp->zss_data);
5776 5853 }
5777 5854
5778 5855 static int
5779 5856 zfsdev_open(dev_t *devp, int flag, int otyp, cred_t *cr)
5780 5857 {
5781 5858 int error = 0;
5782 5859
5783 5860 if (getminor(*devp) != 0)
5784 5861 return (zvol_open(devp, flag, otyp, cr));
5785 5862
5786 5863 /* This is the control device. Allocate a new minor if requested. */
5787 5864 if (flag & FEXCL) {
5788 5865 mutex_enter(&zfsdev_state_lock);
5789 5866 error = zfs_ctldev_init(devp);
5790 5867 mutex_exit(&zfsdev_state_lock);
5791 5868 }
5792 5869
5793 5870 return (error);
5794 5871 }
5795 5872
5796 5873 static int
5797 5874 zfsdev_close(dev_t dev, int flag, int otyp, cred_t *cr)
5798 5875 {
5799 5876 zfs_onexit_t *zo;
5800 5877 minor_t minor = getminor(dev);
5801 5878
5802 5879 if (minor == 0)
5803 5880 return (0);
5804 5881
5805 5882 mutex_enter(&zfsdev_state_lock);
5806 5883 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5807 5884 if (zo == NULL) {
5808 5885 mutex_exit(&zfsdev_state_lock);
5809 5886 return (zvol_close(dev, flag, otyp, cr));
5810 5887 }
5811 5888 zfs_ctldev_destroy(zo, minor);
5812 5889 mutex_exit(&zfsdev_state_lock);
5813 5890
5814 5891 return (0);
5815 5892 }
5816 5893
5817 5894 static int
5818 5895 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp)
5819 5896 {
5820 5897 zfs_cmd_t *zc;
5821 5898 uint_t vecnum;
5822 5899 int error, rc, len;
5823 5900 minor_t minor = getminor(dev);
5824 5901 const zfs_ioc_vec_t *vec;
5825 5902 char *saved_poolname = NULL;
5826 5903 nvlist_t *innvl = NULL;
5827 5904
5828 5905 if (minor != 0 &&
5829 5906 zfsdev_get_soft_state(minor, ZSST_CTLDEV) == NULL)
5830 5907 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp));
5831 5908
5832 5909 vecnum = cmd - ZFS_IOC_FIRST;
5833 5910 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip));
5834 5911
5835 5912 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5836 5913 return (SET_ERROR(EINVAL));
5837 5914 vec = &zfs_ioc_vec[vecnum];
5838 5915
5839 5916 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
5840 5917
5841 5918 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5842 5919 if (error != 0) {
5843 5920 error = SET_ERROR(EFAULT);
5844 5921 goto out;
5845 5922 }
5846 5923
5847 5924 zc->zc_iflags = flag & FKIOCTL;
5848 5925 if (zc->zc_nvlist_src_size != 0) {
5849 5926 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
5850 5927 zc->zc_iflags, &innvl);
5851 5928 if (error != 0)
5852 5929 goto out;
5853 5930 }
5854 5931
5855 5932 /*
5856 5933 * Ensure that all pool/dataset names are valid before we pass down to
5857 5934 * the lower layers.
5858 5935 */
5859 5936 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5860 5937 switch (vec->zvec_namecheck) {
5861 5938 case POOL_NAME:
5862 5939 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5863 5940 error = SET_ERROR(EINVAL);
5864 5941 else
5865 5942 error = pool_status_check(zc->zc_name,
5866 5943 vec->zvec_namecheck, vec->zvec_pool_check);
5867 5944 break;
5868 5945
5869 5946 case DATASET_NAME:
5870 5947 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5871 5948 error = SET_ERROR(EINVAL);
5872 5949 else
5873 5950 error = pool_status_check(zc->zc_name,
5874 5951 vec->zvec_namecheck, vec->zvec_pool_check);
5875 5952 break;
5876 5953
5877 5954 case NO_NAME:
5878 5955 break;
5879 5956 }
5880 5957
5881 5958
5882 5959 if (error == 0 && !(flag & FKIOCTL))
5883 5960 error = vec->zvec_secpolicy(zc, innvl, cr);
5884 5961
5885 5962 if (error != 0)
5886 5963 goto out;
5887 5964
5888 5965 /* legacy ioctls can modify zc_name */
5889 5966 len = strcspn(zc->zc_name, "/@#") + 1;
5890 5967 saved_poolname = kmem_alloc(len, KM_SLEEP);
5891 5968 (void) strlcpy(saved_poolname, zc->zc_name, len);
5892 5969
5893 5970 if (vec->zvec_func != NULL) {
5894 5971 nvlist_t *outnvl;
5895 5972 int puterror = 0;
5896 5973 spa_t *spa;
5897 5974 nvlist_t *lognv = NULL;
5898 5975
5899 5976 ASSERT(vec->zvec_legacy_func == NULL);
5900 5977
5901 5978 /*
5902 5979 * Add the innvl to the lognv before calling the func,
5903 5980 * in case the func changes the innvl.
5904 5981 */
5905 5982 if (vec->zvec_allow_log) {
5906 5983 lognv = fnvlist_alloc();
5907 5984 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
5908 5985 vec->zvec_name);
5909 5986 if (!nvlist_empty(innvl)) {
5910 5987 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
5911 5988 innvl);
5912 5989 }
5913 5990 }
5914 5991
5915 5992 outnvl = fnvlist_alloc();
5916 5993 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
5917 5994
5918 5995 if (error == 0 && vec->zvec_allow_log &&
5919 5996 spa_open(zc->zc_name, &spa, FTAG) == 0) {
5920 5997 if (!nvlist_empty(outnvl)) {
5921 5998 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
5922 5999 outnvl);
5923 6000 }
5924 6001 (void) spa_history_log_nvl(spa, lognv);
5925 6002 spa_close(spa, FTAG);
5926 6003 }
5927 6004 fnvlist_free(lognv);
5928 6005
5929 6006 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
5930 6007 int smusherror = 0;
5931 6008 if (vec->zvec_smush_outnvlist) {
5932 6009 smusherror = nvlist_smush(outnvl,
5933 6010 zc->zc_nvlist_dst_size);
5934 6011 }
5935 6012 if (smusherror == 0)
5936 6013 puterror = put_nvlist(zc, outnvl);
5937 6014 }
5938 6015
5939 6016 if (puterror != 0)
5940 6017 error = puterror;
5941 6018
5942 6019 nvlist_free(outnvl);
5943 6020 } else {
5944 6021 error = vec->zvec_legacy_func(zc);
5945 6022 }
5946 6023
5947 6024 out:
5948 6025 nvlist_free(innvl);
5949 6026 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
5950 6027 if (error == 0 && rc != 0)
5951 6028 error = SET_ERROR(EFAULT);
5952 6029 if (error == 0 && vec->zvec_allow_log) {
5953 6030 char *s = tsd_get(zfs_allow_log_key);
5954 6031 if (s != NULL)
5955 6032 strfree(s);
5956 6033 (void) tsd_set(zfs_allow_log_key, saved_poolname);
5957 6034 } else {
5958 6035 if (saved_poolname != NULL)
5959 6036 strfree(saved_poolname);
5960 6037 }
5961 6038
5962 6039 kmem_free(zc, sizeof (zfs_cmd_t));
5963 6040 return (error);
5964 6041 }
5965 6042
5966 6043 static int
5967 6044 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
5968 6045 {
5969 6046 if (cmd != DDI_ATTACH)
5970 6047 return (DDI_FAILURE);
5971 6048
5972 6049 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
5973 6050 DDI_PSEUDO, 0) == DDI_FAILURE)
5974 6051 return (DDI_FAILURE);
5975 6052
5976 6053 zfs_dip = dip;
5977 6054
5978 6055 ddi_report_dev(dip);
5979 6056
5980 6057 return (DDI_SUCCESS);
5981 6058 }
5982 6059
5983 6060 static int
5984 6061 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5985 6062 {
5986 6063 if (spa_busy() || zfs_busy() || zvol_busy())
5987 6064 return (DDI_FAILURE);
5988 6065
5989 6066 if (cmd != DDI_DETACH)
5990 6067 return (DDI_FAILURE);
5991 6068
5992 6069 zfs_dip = NULL;
5993 6070
5994 6071 ddi_prop_remove_all(dip);
5995 6072 ddi_remove_minor_node(dip, NULL);
5996 6073
5997 6074 return (DDI_SUCCESS);
5998 6075 }
5999 6076
6000 6077 /*ARGSUSED*/
6001 6078 static int
6002 6079 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
6003 6080 {
6004 6081 switch (infocmd) {
6005 6082 case DDI_INFO_DEVT2DEVINFO:
6006 6083 *result = zfs_dip;
6007 6084 return (DDI_SUCCESS);
6008 6085
6009 6086 case DDI_INFO_DEVT2INSTANCE:
6010 6087 *result = (void *)0;
6011 6088 return (DDI_SUCCESS);
6012 6089 }
6013 6090
6014 6091 return (DDI_FAILURE);
6015 6092 }
6016 6093
6017 6094 /*
6018 6095 * OK, so this is a little weird.
6019 6096 *
6020 6097 * /dev/zfs is the control node, i.e. minor 0.
6021 6098 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
6022 6099 *
6023 6100 * /dev/zfs has basically nothing to do except serve up ioctls,
6024 6101 * so most of the standard driver entry points are in zvol.c.
6025 6102 */
6026 6103 static struct cb_ops zfs_cb_ops = {
6027 6104 zfsdev_open, /* open */
6028 6105 zfsdev_close, /* close */
6029 6106 zvol_strategy, /* strategy */
6030 6107 nodev, /* print */
6031 6108 zvol_dump, /* dump */
6032 6109 zvol_read, /* read */
6033 6110 zvol_write, /* write */
6034 6111 zfsdev_ioctl, /* ioctl */
6035 6112 nodev, /* devmap */
6036 6113 nodev, /* mmap */
6037 6114 nodev, /* segmap */
6038 6115 nochpoll, /* poll */
6039 6116 ddi_prop_op, /* prop_op */
6040 6117 NULL, /* streamtab */
6041 6118 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
6042 6119 CB_REV, /* version */
6043 6120 nodev, /* async read */
6044 6121 nodev, /* async write */
6045 6122 };
6046 6123
6047 6124 static struct dev_ops zfs_dev_ops = {
6048 6125 DEVO_REV, /* version */
6049 6126 0, /* refcnt */
6050 6127 zfs_info, /* info */
6051 6128 nulldev, /* identify */
6052 6129 nulldev, /* probe */
6053 6130 zfs_attach, /* attach */
6054 6131 zfs_detach, /* detach */
6055 6132 nodev, /* reset */
6056 6133 &zfs_cb_ops, /* driver operations */
6057 6134 NULL, /* no bus operations */
6058 6135 NULL, /* power */
6059 6136 ddi_quiesce_not_needed, /* quiesce */
6060 6137 };
6061 6138
6062 6139 static struct modldrv zfs_modldrv = {
6063 6140 &mod_driverops,
6064 6141 "ZFS storage pool",
6065 6142 &zfs_dev_ops
6066 6143 };
6067 6144
6068 6145 static struct modlinkage modlinkage = {
6069 6146 MODREV_1,
6070 6147 (void *)&zfs_modlfs,
6071 6148 (void *)&zfs_modldrv,
6072 6149 NULL
6073 6150 };
6074 6151
6075 6152 static void
6076 6153 zfs_allow_log_destroy(void *arg)
6077 6154 {
6078 6155 char *poolname = arg;
6079 6156 strfree(poolname);
6080 6157 }
6081 6158
6082 6159 int
6083 6160 _init(void)
6084 6161 {
6085 6162 int error;
6086 6163
6087 6164 spa_init(FREAD | FWRITE);
6088 6165 zfs_init();
6089 6166 zvol_init();
6090 6167 zfs_ioctl_init();
6091 6168
6092 6169 if ((error = mod_install(&modlinkage)) != 0) {
6093 6170 zvol_fini();
6094 6171 zfs_fini();
6095 6172 spa_fini();
6096 6173 return (error);
6097 6174 }
6098 6175
6099 6176 tsd_create(&zfs_fsyncer_key, NULL);
6100 6177 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
6101 6178 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
6102 6179
6103 6180 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
6104 6181 ASSERT(error == 0);
6105 6182 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
6106 6183
6107 6184 return (0);
6108 6185 }
6109 6186
6110 6187 int
6111 6188 _fini(void)
6112 6189 {
6113 6190 int error;
6114 6191
6115 6192 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
6116 6193 return (SET_ERROR(EBUSY));
6117 6194
6118 6195 if ((error = mod_remove(&modlinkage)) != 0)
6119 6196 return (error);
6120 6197
6121 6198 zvol_fini();
6122 6199 zfs_fini();
6123 6200 spa_fini();
6124 6201 if (zfs_nfsshare_inited)
6125 6202 (void) ddi_modclose(nfs_mod);
6126 6203 if (zfs_smbshare_inited)
6127 6204 (void) ddi_modclose(smbsrv_mod);
6128 6205 if (zfs_nfsshare_inited || zfs_smbshare_inited)
6129 6206 (void) ddi_modclose(sharefs_mod);
6130 6207
6131 6208 tsd_destroy(&zfs_fsyncer_key);
6132 6209 ldi_ident_release(zfs_li);
6133 6210 zfs_li = NULL;
6134 6211 mutex_destroy(&zfs_share_lock);
6135 6212
6136 6213 return (error);
6137 6214 }
6138 6215
6139 6216 int
6140 6217 _info(struct modinfo *modinfop)
6141 6218 {
6142 6219 return (mod_info(&modlinkage, modinfop));
6143 6220 }
|
↓ open down ↓ |
1919 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX