Print this page
zero-errno cleanup
Cleanup nvlist_merge case.
Matt's code review fixes
Code review fixes
4986 receiving replication stream fails if any snapshot exceeds refquota
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/zfs/zfs_ioctl.c
+++ new/usr/src/uts/common/fs/zfs/zfs_ioctl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Portions Copyright 2011 Martin Matuska
25 25 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
26 26 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
27 27 * Copyright (c) 2011, 2015 by Delphix. All rights reserved.
28 28 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
29 29 * Copyright (c) 2013 Steven Hartland. All rights reserved.
30 30 */
31 31
32 32 /*
33 33 * ZFS ioctls.
34 34 *
35 35 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
36 36 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
37 37 *
38 38 * There are two ways that we handle ioctls: the legacy way where almost
39 39 * all of the logic is in the ioctl callback, and the new way where most
40 40 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
41 41 *
42 42 * Non-legacy ioctls should be registered by calling
43 43 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
44 44 * from userland by lzc_ioctl().
45 45 *
46 46 * The registration arguments are as follows:
47 47 *
48 48 * const char *name
49 49 * The name of the ioctl. This is used for history logging. If the
50 50 * ioctl returns successfully (the callback returns 0), and allow_log
51 51 * is true, then a history log entry will be recorded with the input &
52 52 * output nvlists. The log entry can be printed with "zpool history -i".
53 53 *
54 54 * zfs_ioc_t ioc
55 55 * The ioctl request number, which userland will pass to ioctl(2).
56 56 * The ioctl numbers can change from release to release, because
57 57 * the caller (libzfs) must be matched to the kernel.
58 58 *
59 59 * zfs_secpolicy_func_t *secpolicy
60 60 * This function will be called before the zfs_ioc_func_t, to
61 61 * determine if this operation is permitted. It should return EPERM
62 62 * on failure, and 0 on success. Checks include determining if the
63 63 * dataset is visible in this zone, and if the user has either all
64 64 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
65 65 * to do this operation on this dataset with "zfs allow".
66 66 *
67 67 * zfs_ioc_namecheck_t namecheck
68 68 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
69 69 * name, a dataset name, or nothing. If the name is not well-formed,
70 70 * the ioctl will fail and the callback will not be called.
71 71 * Therefore, the callback can assume that the name is well-formed
72 72 * (e.g. is null-terminated, doesn't have more than one '@' character,
73 73 * doesn't have invalid characters).
74 74 *
75 75 * zfs_ioc_poolcheck_t pool_check
76 76 * This specifies requirements on the pool state. If the pool does
77 77 * not meet them (is suspended or is readonly), the ioctl will fail
78 78 * and the callback will not be called. If any checks are specified
79 79 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
80 80 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
81 81 * POOL_CHECK_READONLY).
82 82 *
83 83 * boolean_t smush_outnvlist
84 84 * If smush_outnvlist is true, then the output is presumed to be a
85 85 * list of errors, and it will be "smushed" down to fit into the
86 86 * caller's buffer, by removing some entries and replacing them with a
87 87 * single "N_MORE_ERRORS" entry indicating how many were removed. See
88 88 * nvlist_smush() for details. If smush_outnvlist is false, and the
89 89 * outnvlist does not fit into the userland-provided buffer, then the
90 90 * ioctl will fail with ENOMEM.
91 91 *
92 92 * zfs_ioc_func_t *func
93 93 * The callback function that will perform the operation.
94 94 *
95 95 * The callback should return 0 on success, or an error number on
96 96 * failure. If the function fails, the userland ioctl will return -1,
97 97 * and errno will be set to the callback's return value. The callback
98 98 * will be called with the following arguments:
99 99 *
100 100 * const char *name
101 101 * The name of the pool or dataset to operate on, from
102 102 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
103 103 * expected type (pool, dataset, or none).
104 104 *
105 105 * nvlist_t *innvl
106 106 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
107 107 * NULL if no input nvlist was provided. Changes to this nvlist are
108 108 * ignored. If the input nvlist could not be deserialized, the
109 109 * ioctl will fail and the callback will not be called.
110 110 *
111 111 * nvlist_t *outnvl
112 112 * The output nvlist, initially empty. The callback can fill it in,
113 113 * and it will be returned to userland by serializing it into
114 114 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
115 115 * fails (e.g. because the caller didn't supply a large enough
116 116 * buffer), then the overall ioctl will fail. See the
117 117 * 'smush_nvlist' argument above for additional behaviors.
118 118 *
119 119 * There are two typical uses of the output nvlist:
120 120 * - To return state, e.g. property values. In this case,
121 121 * smush_outnvlist should be false. If the buffer was not large
122 122 * enough, the caller will reallocate a larger buffer and try
123 123 * the ioctl again.
124 124 *
125 125 * - To return multiple errors from an ioctl which makes on-disk
126 126 * changes. In this case, smush_outnvlist should be true.
127 127 * Ioctls which make on-disk modifications should generally not
128 128 * use the outnvl if they succeed, because the caller can not
129 129 * distinguish between the operation failing, and
130 130 * deserialization failing.
131 131 */
132 132
133 133 #include <sys/types.h>
134 134 #include <sys/param.h>
135 135 #include <sys/errno.h>
136 136 #include <sys/uio.h>
137 137 #include <sys/buf.h>
138 138 #include <sys/modctl.h>
139 139 #include <sys/open.h>
140 140 #include <sys/file.h>
141 141 #include <sys/kmem.h>
142 142 #include <sys/conf.h>
143 143 #include <sys/cmn_err.h>
144 144 #include <sys/stat.h>
145 145 #include <sys/zfs_ioctl.h>
146 146 #include <sys/zfs_vfsops.h>
147 147 #include <sys/zfs_znode.h>
148 148 #include <sys/zap.h>
149 149 #include <sys/spa.h>
150 150 #include <sys/spa_impl.h>
151 151 #include <sys/vdev.h>
152 152 #include <sys/priv_impl.h>
153 153 #include <sys/dmu.h>
154 154 #include <sys/dsl_dir.h>
155 155 #include <sys/dsl_dataset.h>
156 156 #include <sys/dsl_prop.h>
157 157 #include <sys/dsl_deleg.h>
158 158 #include <sys/dmu_objset.h>
159 159 #include <sys/dmu_impl.h>
160 160 #include <sys/dmu_tx.h>
161 161 #include <sys/ddi.h>
162 162 #include <sys/sunddi.h>
163 163 #include <sys/sunldi.h>
164 164 #include <sys/policy.h>
165 165 #include <sys/zone.h>
166 166 #include <sys/nvpair.h>
167 167 #include <sys/pathname.h>
168 168 #include <sys/mount.h>
169 169 #include <sys/sdt.h>
170 170 #include <sys/fs/zfs.h>
171 171 #include <sys/zfs_ctldir.h>
172 172 #include <sys/zfs_dir.h>
173 173 #include <sys/zfs_onexit.h>
174 174 #include <sys/zvol.h>
175 175 #include <sys/dsl_scan.h>
176 176 #include <sharefs/share.h>
177 177 #include <sys/dmu_objset.h>
178 178 #include <sys/dmu_send.h>
179 179 #include <sys/dsl_destroy.h>
180 180 #include <sys/dsl_bookmark.h>
181 181 #include <sys/dsl_userhold.h>
182 182 #include <sys/zfeature.h>
183 183 #include <sys/zio_checksum.h>
184 184
185 185 #include "zfs_namecheck.h"
186 186 #include "zfs_prop.h"
187 187 #include "zfs_deleg.h"
188 188 #include "zfs_comutil.h"
189 189
190 190 extern struct modlfs zfs_modlfs;
191 191
192 192 extern void zfs_init(void);
193 193 extern void zfs_fini(void);
194 194
195 195 ldi_ident_t zfs_li = NULL;
196 196 dev_info_t *zfs_dip;
197 197
198 198 uint_t zfs_fsyncer_key;
199 199 extern uint_t rrw_tsd_key;
200 200 static uint_t zfs_allow_log_key;
201 201
202 202 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
203 203 typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
204 204 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
205 205
206 206 typedef enum {
207 207 NO_NAME,
208 208 POOL_NAME,
209 209 DATASET_NAME
210 210 } zfs_ioc_namecheck_t;
211 211
212 212 typedef enum {
213 213 POOL_CHECK_NONE = 1 << 0,
214 214 POOL_CHECK_SUSPENDED = 1 << 1,
215 215 POOL_CHECK_READONLY = 1 << 2,
216 216 } zfs_ioc_poolcheck_t;
217 217
218 218 typedef struct zfs_ioc_vec {
219 219 zfs_ioc_legacy_func_t *zvec_legacy_func;
220 220 zfs_ioc_func_t *zvec_func;
221 221 zfs_secpolicy_func_t *zvec_secpolicy;
222 222 zfs_ioc_namecheck_t zvec_namecheck;
223 223 boolean_t zvec_allow_log;
224 224 zfs_ioc_poolcheck_t zvec_pool_check;
225 225 boolean_t zvec_smush_outnvlist;
226 226 const char *zvec_name;
227 227 } zfs_ioc_vec_t;
228 228
229 229 /* This array is indexed by zfs_userquota_prop_t */
230 230 static const char *userquota_perms[] = {
231 231 ZFS_DELEG_PERM_USERUSED,
232 232 ZFS_DELEG_PERM_USERQUOTA,
233 233 ZFS_DELEG_PERM_GROUPUSED,
234 234 ZFS_DELEG_PERM_GROUPQUOTA,
235 235 };
236 236
237 237 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
238 238 static int zfs_check_settable(const char *name, nvpair_t *property,
239 239 cred_t *cr);
240 240 static int zfs_check_clearable(char *dataset, nvlist_t *props,
241 241 nvlist_t **errors);
242 242 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
243 243 boolean_t *);
244 244 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
245 245 static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
246 246
247 247 static int zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature);
248 248
249 249 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
250 250 void
251 251 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
252 252 {
253 253 const char *newfile;
254 254 char buf[512];
255 255 va_list adx;
256 256
257 257 /*
258 258 * Get rid of annoying "../common/" prefix to filename.
259 259 */
260 260 newfile = strrchr(file, '/');
261 261 if (newfile != NULL) {
262 262 newfile = newfile + 1; /* Get rid of leading / */
263 263 } else {
264 264 newfile = file;
265 265 }
266 266
267 267 va_start(adx, fmt);
268 268 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
269 269 va_end(adx);
270 270
271 271 /*
272 272 * To get this data, use the zfs-dprintf probe as so:
273 273 * dtrace -q -n 'zfs-dprintf \
274 274 * /stringof(arg0) == "dbuf.c"/ \
275 275 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
276 276 * arg0 = file name
277 277 * arg1 = function name
278 278 * arg2 = line number
279 279 * arg3 = message
280 280 */
281 281 DTRACE_PROBE4(zfs__dprintf,
282 282 char *, newfile, char *, func, int, line, char *, buf);
283 283 }
284 284
285 285 static void
286 286 history_str_free(char *buf)
287 287 {
288 288 kmem_free(buf, HIS_MAX_RECORD_LEN);
289 289 }
290 290
291 291 static char *
292 292 history_str_get(zfs_cmd_t *zc)
293 293 {
294 294 char *buf;
295 295
296 296 if (zc->zc_history == NULL)
297 297 return (NULL);
298 298
299 299 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
300 300 if (copyinstr((void *)(uintptr_t)zc->zc_history,
301 301 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
302 302 history_str_free(buf);
303 303 return (NULL);
304 304 }
305 305
306 306 buf[HIS_MAX_RECORD_LEN -1] = '\0';
307 307
308 308 return (buf);
309 309 }
310 310
311 311 /*
312 312 * Check to see if the named dataset is currently defined as bootable
313 313 */
314 314 static boolean_t
315 315 zfs_is_bootfs(const char *name)
316 316 {
317 317 objset_t *os;
318 318
319 319 if (dmu_objset_hold(name, FTAG, &os) == 0) {
320 320 boolean_t ret;
321 321 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
322 322 dmu_objset_rele(os, FTAG);
323 323 return (ret);
324 324 }
325 325 return (B_FALSE);
326 326 }
327 327
328 328 /*
329 329 * Return non-zero if the spa version is less than requested version.
330 330 */
331 331 static int
332 332 zfs_earlier_version(const char *name, int version)
333 333 {
334 334 spa_t *spa;
335 335
336 336 if (spa_open(name, &spa, FTAG) == 0) {
337 337 if (spa_version(spa) < version) {
338 338 spa_close(spa, FTAG);
339 339 return (1);
340 340 }
341 341 spa_close(spa, FTAG);
342 342 }
343 343 return (0);
344 344 }
345 345
346 346 /*
347 347 * Return TRUE if the ZPL version is less than requested version.
348 348 */
349 349 static boolean_t
350 350 zpl_earlier_version(const char *name, int version)
351 351 {
352 352 objset_t *os;
353 353 boolean_t rc = B_TRUE;
354 354
355 355 if (dmu_objset_hold(name, FTAG, &os) == 0) {
356 356 uint64_t zplversion;
357 357
358 358 if (dmu_objset_type(os) != DMU_OST_ZFS) {
359 359 dmu_objset_rele(os, FTAG);
360 360 return (B_TRUE);
361 361 }
362 362 /* XXX reading from non-owned objset */
363 363 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
364 364 rc = zplversion < version;
365 365 dmu_objset_rele(os, FTAG);
366 366 }
367 367 return (rc);
368 368 }
369 369
370 370 static void
371 371 zfs_log_history(zfs_cmd_t *zc)
372 372 {
373 373 spa_t *spa;
374 374 char *buf;
375 375
376 376 if ((buf = history_str_get(zc)) == NULL)
377 377 return;
378 378
379 379 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
380 380 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
381 381 (void) spa_history_log(spa, buf);
382 382 spa_close(spa, FTAG);
383 383 }
384 384 history_str_free(buf);
385 385 }
386 386
387 387 /*
388 388 * Policy for top-level read operations (list pools). Requires no privileges,
389 389 * and can be used in the local zone, as there is no associated dataset.
390 390 */
391 391 /* ARGSUSED */
392 392 static int
393 393 zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
394 394 {
395 395 return (0);
396 396 }
397 397
398 398 /*
399 399 * Policy for dataset read operations (list children, get statistics). Requires
400 400 * no privileges, but must be visible in the local zone.
401 401 */
402 402 /* ARGSUSED */
403 403 static int
404 404 zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
405 405 {
406 406 if (INGLOBALZONE(curproc) ||
407 407 zone_dataset_visible(zc->zc_name, NULL))
408 408 return (0);
409 409
410 410 return (SET_ERROR(ENOENT));
411 411 }
412 412
413 413 static int
414 414 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
415 415 {
416 416 int writable = 1;
417 417
418 418 /*
419 419 * The dataset must be visible by this zone -- check this first
420 420 * so they don't see EPERM on something they shouldn't know about.
421 421 */
422 422 if (!INGLOBALZONE(curproc) &&
423 423 !zone_dataset_visible(dataset, &writable))
424 424 return (SET_ERROR(ENOENT));
425 425
426 426 if (INGLOBALZONE(curproc)) {
427 427 /*
428 428 * If the fs is zoned, only root can access it from the
429 429 * global zone.
430 430 */
431 431 if (secpolicy_zfs(cr) && zoned)
432 432 return (SET_ERROR(EPERM));
433 433 } else {
434 434 /*
435 435 * If we are in a local zone, the 'zoned' property must be set.
436 436 */
437 437 if (!zoned)
438 438 return (SET_ERROR(EPERM));
439 439
440 440 /* must be writable by this zone */
441 441 if (!writable)
442 442 return (SET_ERROR(EPERM));
443 443 }
444 444 return (0);
445 445 }
446 446
447 447 static int
448 448 zfs_dozonecheck(const char *dataset, cred_t *cr)
449 449 {
450 450 uint64_t zoned;
451 451
452 452 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
453 453 return (SET_ERROR(ENOENT));
454 454
455 455 return (zfs_dozonecheck_impl(dataset, zoned, cr));
456 456 }
457 457
458 458 static int
459 459 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
460 460 {
461 461 uint64_t zoned;
462 462
463 463 if (dsl_prop_get_int_ds(ds, "zoned", &zoned))
464 464 return (SET_ERROR(ENOENT));
465 465
466 466 return (zfs_dozonecheck_impl(dataset, zoned, cr));
467 467 }
468 468
469 469 static int
470 470 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
471 471 const char *perm, cred_t *cr)
472 472 {
473 473 int error;
474 474
475 475 error = zfs_dozonecheck_ds(name, ds, cr);
476 476 if (error == 0) {
477 477 error = secpolicy_zfs(cr);
478 478 if (error != 0)
479 479 error = dsl_deleg_access_impl(ds, perm, cr);
480 480 }
481 481 return (error);
482 482 }
483 483
484 484 static int
485 485 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
486 486 {
487 487 int error;
488 488 dsl_dataset_t *ds;
489 489 dsl_pool_t *dp;
490 490
491 491 error = dsl_pool_hold(name, FTAG, &dp);
492 492 if (error != 0)
493 493 return (error);
494 494
495 495 error = dsl_dataset_hold(dp, name, FTAG, &ds);
496 496 if (error != 0) {
497 497 dsl_pool_rele(dp, FTAG);
498 498 return (error);
499 499 }
500 500
501 501 error = zfs_secpolicy_write_perms_ds(name, ds, perm, cr);
502 502
503 503 dsl_dataset_rele(ds, FTAG);
504 504 dsl_pool_rele(dp, FTAG);
505 505 return (error);
506 506 }
507 507
508 508 /*
509 509 * Policy for setting the security label property.
510 510 *
511 511 * Returns 0 for success, non-zero for access and other errors.
512 512 */
513 513 static int
514 514 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
515 515 {
516 516 char ds_hexsl[MAXNAMELEN];
517 517 bslabel_t ds_sl, new_sl;
518 518 boolean_t new_default = FALSE;
519 519 uint64_t zoned;
520 520 int needed_priv = -1;
521 521 int error;
522 522
523 523 /* First get the existing dataset label. */
524 524 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
525 525 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
526 526 if (error != 0)
527 527 return (SET_ERROR(EPERM));
528 528
529 529 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
530 530 new_default = TRUE;
531 531
532 532 /* The label must be translatable */
533 533 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
534 534 return (SET_ERROR(EINVAL));
535 535
536 536 /*
537 537 * In a non-global zone, disallow attempts to set a label that
538 538 * doesn't match that of the zone; otherwise no other checks
539 539 * are needed.
540 540 */
541 541 if (!INGLOBALZONE(curproc)) {
542 542 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
543 543 return (SET_ERROR(EPERM));
544 544 return (0);
545 545 }
546 546
547 547 /*
548 548 * For global-zone datasets (i.e., those whose zoned property is
549 549 * "off", verify that the specified new label is valid for the
550 550 * global zone.
551 551 */
552 552 if (dsl_prop_get_integer(name,
553 553 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
554 554 return (SET_ERROR(EPERM));
555 555 if (!zoned) {
556 556 if (zfs_check_global_label(name, strval) != 0)
557 557 return (SET_ERROR(EPERM));
558 558 }
559 559
560 560 /*
561 561 * If the existing dataset label is nondefault, check if the
562 562 * dataset is mounted (label cannot be changed while mounted).
563 563 * Get the zfsvfs; if there isn't one, then the dataset isn't
564 564 * mounted (or isn't a dataset, doesn't exist, ...).
565 565 */
566 566 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
567 567 objset_t *os;
568 568 static char *setsl_tag = "setsl_tag";
569 569
570 570 /*
571 571 * Try to own the dataset; abort if there is any error,
572 572 * (e.g., already mounted, in use, or other error).
573 573 */
574 574 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
575 575 setsl_tag, &os);
576 576 if (error != 0)
577 577 return (SET_ERROR(EPERM));
578 578
579 579 dmu_objset_disown(os, setsl_tag);
580 580
581 581 if (new_default) {
582 582 needed_priv = PRIV_FILE_DOWNGRADE_SL;
583 583 goto out_check;
584 584 }
585 585
586 586 if (hexstr_to_label(strval, &new_sl) != 0)
587 587 return (SET_ERROR(EPERM));
588 588
589 589 if (blstrictdom(&ds_sl, &new_sl))
590 590 needed_priv = PRIV_FILE_DOWNGRADE_SL;
591 591 else if (blstrictdom(&new_sl, &ds_sl))
592 592 needed_priv = PRIV_FILE_UPGRADE_SL;
593 593 } else {
594 594 /* dataset currently has a default label */
595 595 if (!new_default)
596 596 needed_priv = PRIV_FILE_UPGRADE_SL;
597 597 }
598 598
599 599 out_check:
600 600 if (needed_priv != -1)
601 601 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
602 602 return (0);
603 603 }
604 604
605 605 static int
606 606 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
607 607 cred_t *cr)
608 608 {
609 609 char *strval;
610 610
611 611 /*
612 612 * Check permissions for special properties.
613 613 */
614 614 switch (prop) {
615 615 case ZFS_PROP_ZONED:
616 616 /*
617 617 * Disallow setting of 'zoned' from within a local zone.
618 618 */
619 619 if (!INGLOBALZONE(curproc))
620 620 return (SET_ERROR(EPERM));
621 621 break;
622 622
623 623 case ZFS_PROP_QUOTA:
624 624 case ZFS_PROP_FILESYSTEM_LIMIT:
625 625 case ZFS_PROP_SNAPSHOT_LIMIT:
626 626 if (!INGLOBALZONE(curproc)) {
627 627 uint64_t zoned;
628 628 char setpoint[MAXNAMELEN];
629 629 /*
630 630 * Unprivileged users are allowed to modify the
631 631 * limit on things *under* (ie. contained by)
632 632 * the thing they own.
633 633 */
634 634 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
635 635 setpoint))
636 636 return (SET_ERROR(EPERM));
637 637 if (!zoned || strlen(dsname) <= strlen(setpoint))
638 638 return (SET_ERROR(EPERM));
639 639 }
640 640 break;
641 641
642 642 case ZFS_PROP_MLSLABEL:
643 643 if (!is_system_labeled())
644 644 return (SET_ERROR(EPERM));
645 645
646 646 if (nvpair_value_string(propval, &strval) == 0) {
647 647 int err;
648 648
649 649 err = zfs_set_slabel_policy(dsname, strval, CRED());
650 650 if (err != 0)
651 651 return (err);
652 652 }
653 653 break;
654 654 }
655 655
656 656 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
657 657 }
658 658
659 659 /* ARGSUSED */
660 660 static int
661 661 zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
662 662 {
663 663 int error;
664 664
665 665 error = zfs_dozonecheck(zc->zc_name, cr);
666 666 if (error != 0)
667 667 return (error);
668 668
669 669 /*
670 670 * permission to set permissions will be evaluated later in
671 671 * dsl_deleg_can_allow()
672 672 */
673 673 return (0);
674 674 }
675 675
676 676 /* ARGSUSED */
677 677 static int
678 678 zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
679 679 {
680 680 return (zfs_secpolicy_write_perms(zc->zc_name,
681 681 ZFS_DELEG_PERM_ROLLBACK, cr));
682 682 }
683 683
684 684 /* ARGSUSED */
685 685 static int
686 686 zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
687 687 {
688 688 dsl_pool_t *dp;
689 689 dsl_dataset_t *ds;
690 690 char *cp;
691 691 int error;
692 692
693 693 /*
694 694 * Generate the current snapshot name from the given objsetid, then
695 695 * use that name for the secpolicy/zone checks.
696 696 */
697 697 cp = strchr(zc->zc_name, '@');
698 698 if (cp == NULL)
699 699 return (SET_ERROR(EINVAL));
700 700 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
701 701 if (error != 0)
702 702 return (error);
703 703
704 704 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
705 705 if (error != 0) {
706 706 dsl_pool_rele(dp, FTAG);
707 707 return (error);
708 708 }
709 709
710 710 dsl_dataset_name(ds, zc->zc_name);
711 711
712 712 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
713 713 ZFS_DELEG_PERM_SEND, cr);
714 714 dsl_dataset_rele(ds, FTAG);
715 715 dsl_pool_rele(dp, FTAG);
716 716
717 717 return (error);
718 718 }
719 719
720 720 /* ARGSUSED */
721 721 static int
722 722 zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
723 723 {
724 724 return (zfs_secpolicy_write_perms(zc->zc_name,
725 725 ZFS_DELEG_PERM_SEND, cr));
726 726 }
727 727
728 728 /* ARGSUSED */
729 729 static int
730 730 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
731 731 {
732 732 vnode_t *vp;
733 733 int error;
734 734
735 735 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
736 736 NO_FOLLOW, NULL, &vp)) != 0)
737 737 return (error);
738 738
739 739 /* Now make sure mntpnt and dataset are ZFS */
740 740
741 741 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
742 742 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
743 743 zc->zc_name) != 0)) {
744 744 VN_RELE(vp);
745 745 return (SET_ERROR(EPERM));
746 746 }
747 747
748 748 VN_RELE(vp);
749 749 return (dsl_deleg_access(zc->zc_name,
750 750 ZFS_DELEG_PERM_SHARE, cr));
751 751 }
752 752
753 753 int
754 754 zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
755 755 {
756 756 if (!INGLOBALZONE(curproc))
757 757 return (SET_ERROR(EPERM));
758 758
759 759 if (secpolicy_nfs(cr) == 0) {
760 760 return (0);
761 761 } else {
762 762 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
763 763 }
764 764 }
765 765
766 766 int
767 767 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
768 768 {
769 769 if (!INGLOBALZONE(curproc))
770 770 return (SET_ERROR(EPERM));
771 771
772 772 if (secpolicy_smb(cr) == 0) {
773 773 return (0);
774 774 } else {
775 775 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
776 776 }
777 777 }
778 778
779 779 static int
780 780 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
781 781 {
782 782 char *cp;
783 783
784 784 /*
785 785 * Remove the @bla or /bla from the end of the name to get the parent.
786 786 */
787 787 (void) strncpy(parent, datasetname, parentsize);
788 788 cp = strrchr(parent, '@');
789 789 if (cp != NULL) {
790 790 cp[0] = '\0';
791 791 } else {
792 792 cp = strrchr(parent, '/');
793 793 if (cp == NULL)
794 794 return (SET_ERROR(ENOENT));
795 795 cp[0] = '\0';
796 796 }
797 797
798 798 return (0);
799 799 }
800 800
801 801 int
802 802 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
803 803 {
804 804 int error;
805 805
806 806 if ((error = zfs_secpolicy_write_perms(name,
807 807 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
808 808 return (error);
809 809
810 810 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
811 811 }
812 812
813 813 /* ARGSUSED */
814 814 static int
815 815 zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
816 816 {
817 817 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
818 818 }
819 819
820 820 /*
821 821 * Destroying snapshots with delegated permissions requires
822 822 * descendant mount and destroy permissions.
823 823 */
824 824 /* ARGSUSED */
825 825 static int
826 826 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
827 827 {
828 828 nvlist_t *snaps;
829 829 nvpair_t *pair, *nextpair;
830 830 int error = 0;
831 831
832 832 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
833 833 return (SET_ERROR(EINVAL));
834 834 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
835 835 pair = nextpair) {
836 836 nextpair = nvlist_next_nvpair(snaps, pair);
837 837 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
838 838 if (error == ENOENT) {
839 839 /*
840 840 * Ignore any snapshots that don't exist (we consider
841 841 * them "already destroyed"). Remove the name from the
842 842 * nvl here in case the snapshot is created between
843 843 * now and when we try to destroy it (in which case
844 844 * we don't want to destroy it since we haven't
845 845 * checked for permission).
846 846 */
847 847 fnvlist_remove_nvpair(snaps, pair);
848 848 error = 0;
849 849 }
850 850 if (error != 0)
851 851 break;
852 852 }
853 853
854 854 return (error);
855 855 }
856 856
857 857 int
858 858 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
859 859 {
860 860 char parentname[MAXNAMELEN];
861 861 int error;
862 862
863 863 if ((error = zfs_secpolicy_write_perms(from,
864 864 ZFS_DELEG_PERM_RENAME, cr)) != 0)
865 865 return (error);
866 866
867 867 if ((error = zfs_secpolicy_write_perms(from,
868 868 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
869 869 return (error);
870 870
871 871 if ((error = zfs_get_parent(to, parentname,
872 872 sizeof (parentname))) != 0)
873 873 return (error);
874 874
875 875 if ((error = zfs_secpolicy_write_perms(parentname,
876 876 ZFS_DELEG_PERM_CREATE, cr)) != 0)
877 877 return (error);
878 878
879 879 if ((error = zfs_secpolicy_write_perms(parentname,
880 880 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
881 881 return (error);
882 882
883 883 return (error);
884 884 }
885 885
886 886 /* ARGSUSED */
887 887 static int
888 888 zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
889 889 {
890 890 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
891 891 }
892 892
893 893 /* ARGSUSED */
894 894 static int
895 895 zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
896 896 {
897 897 dsl_pool_t *dp;
898 898 dsl_dataset_t *clone;
899 899 int error;
900 900
901 901 error = zfs_secpolicy_write_perms(zc->zc_name,
902 902 ZFS_DELEG_PERM_PROMOTE, cr);
903 903 if (error != 0)
904 904 return (error);
905 905
906 906 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
907 907 if (error != 0)
908 908 return (error);
909 909
910 910 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &clone);
911 911
912 912 if (error == 0) {
913 913 char parentname[MAXNAMELEN];
914 914 dsl_dataset_t *origin = NULL;
915 915 dsl_dir_t *dd;
916 916 dd = clone->ds_dir;
917 917
918 918 error = dsl_dataset_hold_obj(dd->dd_pool,
919 919 dsl_dir_phys(dd)->dd_origin_obj, FTAG, &origin);
920 920 if (error != 0) {
921 921 dsl_dataset_rele(clone, FTAG);
922 922 dsl_pool_rele(dp, FTAG);
923 923 return (error);
924 924 }
925 925
926 926 error = zfs_secpolicy_write_perms_ds(zc->zc_name, clone,
927 927 ZFS_DELEG_PERM_MOUNT, cr);
928 928
929 929 dsl_dataset_name(origin, parentname);
930 930 if (error == 0) {
931 931 error = zfs_secpolicy_write_perms_ds(parentname, origin,
932 932 ZFS_DELEG_PERM_PROMOTE, cr);
933 933 }
934 934 dsl_dataset_rele(clone, FTAG);
935 935 dsl_dataset_rele(origin, FTAG);
936 936 }
937 937 dsl_pool_rele(dp, FTAG);
938 938 return (error);
939 939 }
940 940
941 941 /* ARGSUSED */
942 942 static int
943 943 zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
944 944 {
945 945 int error;
946 946
947 947 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
948 948 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
949 949 return (error);
950 950
951 951 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
952 952 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
953 953 return (error);
954 954
955 955 return (zfs_secpolicy_write_perms(zc->zc_name,
956 956 ZFS_DELEG_PERM_CREATE, cr));
957 957 }
958 958
959 959 int
960 960 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
961 961 {
962 962 return (zfs_secpolicy_write_perms(name,
963 963 ZFS_DELEG_PERM_SNAPSHOT, cr));
964 964 }
965 965
966 966 /*
967 967 * Check for permission to create each snapshot in the nvlist.
968 968 */
969 969 /* ARGSUSED */
970 970 static int
971 971 zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
972 972 {
973 973 nvlist_t *snaps;
974 974 int error = 0;
975 975 nvpair_t *pair;
976 976
977 977 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
978 978 return (SET_ERROR(EINVAL));
979 979 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
980 980 pair = nvlist_next_nvpair(snaps, pair)) {
981 981 char *name = nvpair_name(pair);
982 982 char *atp = strchr(name, '@');
983 983
984 984 if (atp == NULL) {
985 985 error = SET_ERROR(EINVAL);
986 986 break;
987 987 }
988 988 *atp = '\0';
989 989 error = zfs_secpolicy_snapshot_perms(name, cr);
990 990 *atp = '@';
991 991 if (error != 0)
992 992 break;
993 993 }
994 994 return (error);
995 995 }
996 996
997 997 /*
998 998 * Check for permission to create each snapshot in the nvlist.
999 999 */
1000 1000 /* ARGSUSED */
1001 1001 static int
1002 1002 zfs_secpolicy_bookmark(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1003 1003 {
1004 1004 int error = 0;
1005 1005
1006 1006 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
1007 1007 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
1008 1008 char *name = nvpair_name(pair);
1009 1009 char *hashp = strchr(name, '#');
1010 1010
1011 1011 if (hashp == NULL) {
1012 1012 error = SET_ERROR(EINVAL);
1013 1013 break;
1014 1014 }
1015 1015 *hashp = '\0';
1016 1016 error = zfs_secpolicy_write_perms(name,
1017 1017 ZFS_DELEG_PERM_BOOKMARK, cr);
1018 1018 *hashp = '#';
1019 1019 if (error != 0)
1020 1020 break;
1021 1021 }
1022 1022 return (error);
1023 1023 }
1024 1024
1025 1025 /* ARGSUSED */
1026 1026 static int
1027 1027 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1028 1028 {
1029 1029 nvpair_t *pair, *nextpair;
1030 1030 int error = 0;
1031 1031
1032 1032 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1033 1033 pair = nextpair) {
1034 1034 char *name = nvpair_name(pair);
1035 1035 char *hashp = strchr(name, '#');
1036 1036 nextpair = nvlist_next_nvpair(innvl, pair);
1037 1037
1038 1038 if (hashp == NULL) {
1039 1039 error = SET_ERROR(EINVAL);
1040 1040 break;
1041 1041 }
1042 1042
1043 1043 *hashp = '\0';
1044 1044 error = zfs_secpolicy_write_perms(name,
1045 1045 ZFS_DELEG_PERM_DESTROY, cr);
1046 1046 *hashp = '#';
1047 1047 if (error == ENOENT) {
1048 1048 /*
1049 1049 * Ignore any filesystems that don't exist (we consider
1050 1050 * their bookmarks "already destroyed"). Remove
1051 1051 * the name from the nvl here in case the filesystem
1052 1052 * is created between now and when we try to destroy
1053 1053 * the bookmark (in which case we don't want to
1054 1054 * destroy it since we haven't checked for permission).
1055 1055 */
1056 1056 fnvlist_remove_nvpair(innvl, pair);
1057 1057 error = 0;
1058 1058 }
1059 1059 if (error != 0)
1060 1060 break;
1061 1061 }
1062 1062
1063 1063 return (error);
1064 1064 }
1065 1065
1066 1066 /* ARGSUSED */
1067 1067 static int
1068 1068 zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1069 1069 {
1070 1070 /*
1071 1071 * Even root must have a proper TSD so that we know what pool
1072 1072 * to log to.
1073 1073 */
1074 1074 if (tsd_get(zfs_allow_log_key) == NULL)
1075 1075 return (SET_ERROR(EPERM));
1076 1076 return (0);
1077 1077 }
1078 1078
1079 1079 static int
1080 1080 zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1081 1081 {
1082 1082 char parentname[MAXNAMELEN];
1083 1083 int error;
1084 1084 char *origin;
1085 1085
1086 1086 if ((error = zfs_get_parent(zc->zc_name, parentname,
1087 1087 sizeof (parentname))) != 0)
1088 1088 return (error);
1089 1089
1090 1090 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1091 1091 (error = zfs_secpolicy_write_perms(origin,
1092 1092 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1093 1093 return (error);
1094 1094
1095 1095 if ((error = zfs_secpolicy_write_perms(parentname,
1096 1096 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1097 1097 return (error);
1098 1098
1099 1099 return (zfs_secpolicy_write_perms(parentname,
1100 1100 ZFS_DELEG_PERM_MOUNT, cr));
1101 1101 }
1102 1102
1103 1103 /*
1104 1104 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1105 1105 * SYS_CONFIG privilege, which is not available in a local zone.
1106 1106 */
1107 1107 /* ARGSUSED */
1108 1108 static int
1109 1109 zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1110 1110 {
1111 1111 if (secpolicy_sys_config(cr, B_FALSE) != 0)
1112 1112 return (SET_ERROR(EPERM));
1113 1113
1114 1114 return (0);
1115 1115 }
1116 1116
1117 1117 /*
1118 1118 * Policy for object to name lookups.
1119 1119 */
1120 1120 /* ARGSUSED */
1121 1121 static int
1122 1122 zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1123 1123 {
1124 1124 int error;
1125 1125
1126 1126 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1127 1127 return (0);
1128 1128
1129 1129 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1130 1130 return (error);
1131 1131 }
1132 1132
1133 1133 /*
1134 1134 * Policy for fault injection. Requires all privileges.
1135 1135 */
1136 1136 /* ARGSUSED */
1137 1137 static int
1138 1138 zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1139 1139 {
1140 1140 return (secpolicy_zinject(cr));
1141 1141 }
1142 1142
1143 1143 /* ARGSUSED */
1144 1144 static int
1145 1145 zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1146 1146 {
1147 1147 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1148 1148
1149 1149 if (prop == ZPROP_INVAL) {
1150 1150 if (!zfs_prop_user(zc->zc_value))
1151 1151 return (SET_ERROR(EINVAL));
1152 1152 return (zfs_secpolicy_write_perms(zc->zc_name,
1153 1153 ZFS_DELEG_PERM_USERPROP, cr));
1154 1154 } else {
1155 1155 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1156 1156 NULL, cr));
1157 1157 }
1158 1158 }
1159 1159
1160 1160 static int
1161 1161 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1162 1162 {
1163 1163 int err = zfs_secpolicy_read(zc, innvl, cr);
1164 1164 if (err)
1165 1165 return (err);
1166 1166
1167 1167 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1168 1168 return (SET_ERROR(EINVAL));
1169 1169
1170 1170 if (zc->zc_value[0] == 0) {
1171 1171 /*
1172 1172 * They are asking about a posix uid/gid. If it's
1173 1173 * themself, allow it.
1174 1174 */
1175 1175 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1176 1176 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
1177 1177 if (zc->zc_guid == crgetuid(cr))
1178 1178 return (0);
1179 1179 } else {
1180 1180 if (groupmember(zc->zc_guid, cr))
1181 1181 return (0);
1182 1182 }
1183 1183 }
1184 1184
1185 1185 return (zfs_secpolicy_write_perms(zc->zc_name,
1186 1186 userquota_perms[zc->zc_objset_type], cr));
1187 1187 }
1188 1188
1189 1189 static int
1190 1190 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1191 1191 {
1192 1192 int err = zfs_secpolicy_read(zc, innvl, cr);
1193 1193 if (err)
1194 1194 return (err);
1195 1195
1196 1196 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1197 1197 return (SET_ERROR(EINVAL));
1198 1198
1199 1199 return (zfs_secpolicy_write_perms(zc->zc_name,
1200 1200 userquota_perms[zc->zc_objset_type], cr));
1201 1201 }
1202 1202
1203 1203 /* ARGSUSED */
1204 1204 static int
1205 1205 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1206 1206 {
1207 1207 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1208 1208 NULL, cr));
1209 1209 }
1210 1210
1211 1211 /* ARGSUSED */
1212 1212 static int
1213 1213 zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1214 1214 {
1215 1215 nvpair_t *pair;
1216 1216 nvlist_t *holds;
1217 1217 int error;
1218 1218
1219 1219 error = nvlist_lookup_nvlist(innvl, "holds", &holds);
1220 1220 if (error != 0)
1221 1221 return (SET_ERROR(EINVAL));
1222 1222
1223 1223 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
1224 1224 pair = nvlist_next_nvpair(holds, pair)) {
1225 1225 char fsname[MAXNAMELEN];
1226 1226 error = dmu_fsname(nvpair_name(pair), fsname);
1227 1227 if (error != 0)
1228 1228 return (error);
1229 1229 error = zfs_secpolicy_write_perms(fsname,
1230 1230 ZFS_DELEG_PERM_HOLD, cr);
1231 1231 if (error != 0)
1232 1232 return (error);
1233 1233 }
1234 1234 return (0);
1235 1235 }
1236 1236
1237 1237 /* ARGSUSED */
1238 1238 static int
1239 1239 zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1240 1240 {
1241 1241 nvpair_t *pair;
1242 1242 int error;
1243 1243
1244 1244 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1245 1245 pair = nvlist_next_nvpair(innvl, pair)) {
1246 1246 char fsname[MAXNAMELEN];
1247 1247 error = dmu_fsname(nvpair_name(pair), fsname);
1248 1248 if (error != 0)
1249 1249 return (error);
1250 1250 error = zfs_secpolicy_write_perms(fsname,
1251 1251 ZFS_DELEG_PERM_RELEASE, cr);
1252 1252 if (error != 0)
1253 1253 return (error);
1254 1254 }
1255 1255 return (0);
1256 1256 }
1257 1257
1258 1258 /*
1259 1259 * Policy for allowing temporary snapshots to be taken or released
1260 1260 */
1261 1261 static int
1262 1262 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1263 1263 {
1264 1264 /*
1265 1265 * A temporary snapshot is the same as a snapshot,
1266 1266 * hold, destroy and release all rolled into one.
1267 1267 * Delegated diff alone is sufficient that we allow this.
1268 1268 */
1269 1269 int error;
1270 1270
1271 1271 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1272 1272 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1273 1273 return (0);
1274 1274
1275 1275 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
1276 1276 if (error == 0)
1277 1277 error = zfs_secpolicy_hold(zc, innvl, cr);
1278 1278 if (error == 0)
1279 1279 error = zfs_secpolicy_release(zc, innvl, cr);
1280 1280 if (error == 0)
1281 1281 error = zfs_secpolicy_destroy(zc, innvl, cr);
1282 1282 return (error);
1283 1283 }
1284 1284
1285 1285 /*
1286 1286 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1287 1287 */
1288 1288 static int
1289 1289 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1290 1290 {
1291 1291 char *packed;
1292 1292 int error;
1293 1293 nvlist_t *list = NULL;
1294 1294
1295 1295 /*
1296 1296 * Read in and unpack the user-supplied nvlist.
1297 1297 */
1298 1298 if (size == 0)
1299 1299 return (SET_ERROR(EINVAL));
1300 1300
1301 1301 packed = kmem_alloc(size, KM_SLEEP);
1302 1302
1303 1303 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1304 1304 iflag)) != 0) {
1305 1305 kmem_free(packed, size);
1306 1306 return (SET_ERROR(EFAULT));
1307 1307 }
1308 1308
1309 1309 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1310 1310 kmem_free(packed, size);
1311 1311 return (error);
1312 1312 }
1313 1313
1314 1314 kmem_free(packed, size);
1315 1315
1316 1316 *nvp = list;
1317 1317 return (0);
1318 1318 }
1319 1319
1320 1320 /*
1321 1321 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1322 1322 * Entries will be removed from the end of the nvlist, and one int32 entry
1323 1323 * named "N_MORE_ERRORS" will be added indicating how many entries were
1324 1324 * removed.
1325 1325 */
1326 1326 static int
1327 1327 nvlist_smush(nvlist_t *errors, size_t max)
1328 1328 {
1329 1329 size_t size;
1330 1330
1331 1331 size = fnvlist_size(errors);
1332 1332
1333 1333 if (size > max) {
1334 1334 nvpair_t *more_errors;
1335 1335 int n = 0;
1336 1336
1337 1337 if (max < 1024)
1338 1338 return (SET_ERROR(ENOMEM));
1339 1339
1340 1340 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1341 1341 more_errors = nvlist_prev_nvpair(errors, NULL);
1342 1342
1343 1343 do {
1344 1344 nvpair_t *pair = nvlist_prev_nvpair(errors,
1345 1345 more_errors);
1346 1346 fnvlist_remove_nvpair(errors, pair);
1347 1347 n++;
1348 1348 size = fnvlist_size(errors);
1349 1349 } while (size > max);
1350 1350
1351 1351 fnvlist_remove_nvpair(errors, more_errors);
1352 1352 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1353 1353 ASSERT3U(fnvlist_size(errors), <=, max);
1354 1354 }
1355 1355
1356 1356 return (0);
1357 1357 }
1358 1358
1359 1359 static int
1360 1360 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1361 1361 {
1362 1362 char *packed = NULL;
1363 1363 int error = 0;
1364 1364 size_t size;
1365 1365
1366 1366 size = fnvlist_size(nvl);
1367 1367
1368 1368 if (size > zc->zc_nvlist_dst_size) {
1369 1369 error = SET_ERROR(ENOMEM);
1370 1370 } else {
1371 1371 packed = fnvlist_pack(nvl, &size);
1372 1372 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1373 1373 size, zc->zc_iflags) != 0)
1374 1374 error = SET_ERROR(EFAULT);
1375 1375 fnvlist_pack_free(packed, size);
1376 1376 }
1377 1377
1378 1378 zc->zc_nvlist_dst_size = size;
1379 1379 zc->zc_nvlist_dst_filled = B_TRUE;
1380 1380 return (error);
1381 1381 }
1382 1382
1383 1383 static int
1384 1384 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1385 1385 {
1386 1386 objset_t *os;
1387 1387 int error;
1388 1388
1389 1389 error = dmu_objset_hold(dsname, FTAG, &os);
1390 1390 if (error != 0)
1391 1391 return (error);
1392 1392 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1393 1393 dmu_objset_rele(os, FTAG);
1394 1394 return (SET_ERROR(EINVAL));
1395 1395 }
1396 1396
1397 1397 mutex_enter(&os->os_user_ptr_lock);
1398 1398 *zfvp = dmu_objset_get_user(os);
1399 1399 if (*zfvp) {
1400 1400 VFS_HOLD((*zfvp)->z_vfs);
1401 1401 } else {
1402 1402 error = SET_ERROR(ESRCH);
1403 1403 }
1404 1404 mutex_exit(&os->os_user_ptr_lock);
1405 1405 dmu_objset_rele(os, FTAG);
1406 1406 return (error);
1407 1407 }
1408 1408
1409 1409 /*
1410 1410 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1411 1411 * case its z_vfs will be NULL, and it will be opened as the owner.
1412 1412 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1413 1413 * which prevents all vnode ops from running.
1414 1414 */
1415 1415 static int
1416 1416 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1417 1417 {
1418 1418 int error = 0;
1419 1419
1420 1420 if (getzfsvfs(name, zfvp) != 0)
1421 1421 error = zfsvfs_create(name, zfvp);
1422 1422 if (error == 0) {
1423 1423 rrm_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1424 1424 RW_READER, tag);
1425 1425 if ((*zfvp)->z_unmounted) {
1426 1426 /*
1427 1427 * XXX we could probably try again, since the unmounting
1428 1428 * thread should be just about to disassociate the
1429 1429 * objset from the zfsvfs.
1430 1430 */
1431 1431 rrm_exit(&(*zfvp)->z_teardown_lock, tag);
1432 1432 return (SET_ERROR(EBUSY));
1433 1433 }
1434 1434 }
1435 1435 return (error);
1436 1436 }
1437 1437
1438 1438 static void
1439 1439 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1440 1440 {
1441 1441 rrm_exit(&zfsvfs->z_teardown_lock, tag);
1442 1442
1443 1443 if (zfsvfs->z_vfs) {
1444 1444 VFS_RELE(zfsvfs->z_vfs);
1445 1445 } else {
1446 1446 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1447 1447 zfsvfs_free(zfsvfs);
1448 1448 }
1449 1449 }
1450 1450
1451 1451 static int
1452 1452 zfs_ioc_pool_create(zfs_cmd_t *zc)
1453 1453 {
1454 1454 int error;
1455 1455 nvlist_t *config, *props = NULL;
1456 1456 nvlist_t *rootprops = NULL;
1457 1457 nvlist_t *zplprops = NULL;
1458 1458
1459 1459 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1460 1460 zc->zc_iflags, &config))
1461 1461 return (error);
1462 1462
1463 1463 if (zc->zc_nvlist_src_size != 0 && (error =
1464 1464 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1465 1465 zc->zc_iflags, &props))) {
1466 1466 nvlist_free(config);
1467 1467 return (error);
1468 1468 }
1469 1469
1470 1470 if (props) {
1471 1471 nvlist_t *nvl = NULL;
1472 1472 uint64_t version = SPA_VERSION;
1473 1473
1474 1474 (void) nvlist_lookup_uint64(props,
1475 1475 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1476 1476 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1477 1477 error = SET_ERROR(EINVAL);
1478 1478 goto pool_props_bad;
1479 1479 }
1480 1480 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1481 1481 if (nvl) {
1482 1482 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1483 1483 if (error != 0) {
1484 1484 nvlist_free(config);
1485 1485 nvlist_free(props);
1486 1486 return (error);
1487 1487 }
1488 1488 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1489 1489 }
1490 1490 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1491 1491 error = zfs_fill_zplprops_root(version, rootprops,
1492 1492 zplprops, NULL);
1493 1493 if (error != 0)
1494 1494 goto pool_props_bad;
1495 1495 }
1496 1496
1497 1497 error = spa_create(zc->zc_name, config, props, zplprops);
1498 1498
1499 1499 /*
1500 1500 * Set the remaining root properties
1501 1501 */
1502 1502 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1503 1503 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1504 1504 (void) spa_destroy(zc->zc_name);
1505 1505
1506 1506 pool_props_bad:
1507 1507 nvlist_free(rootprops);
1508 1508 nvlist_free(zplprops);
1509 1509 nvlist_free(config);
1510 1510 nvlist_free(props);
1511 1511
1512 1512 return (error);
1513 1513 }
1514 1514
1515 1515 static int
1516 1516 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1517 1517 {
1518 1518 int error;
1519 1519 zfs_log_history(zc);
1520 1520 error = spa_destroy(zc->zc_name);
1521 1521 if (error == 0)
1522 1522 zvol_remove_minors(zc->zc_name);
1523 1523 return (error);
1524 1524 }
1525 1525
1526 1526 static int
1527 1527 zfs_ioc_pool_import(zfs_cmd_t *zc)
1528 1528 {
1529 1529 nvlist_t *config, *props = NULL;
1530 1530 uint64_t guid;
1531 1531 int error;
1532 1532
1533 1533 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1534 1534 zc->zc_iflags, &config)) != 0)
1535 1535 return (error);
1536 1536
1537 1537 if (zc->zc_nvlist_src_size != 0 && (error =
1538 1538 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1539 1539 zc->zc_iflags, &props))) {
1540 1540 nvlist_free(config);
1541 1541 return (error);
1542 1542 }
1543 1543
1544 1544 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1545 1545 guid != zc->zc_guid)
1546 1546 error = SET_ERROR(EINVAL);
1547 1547 else
1548 1548 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1549 1549
1550 1550 if (zc->zc_nvlist_dst != 0) {
1551 1551 int err;
1552 1552
1553 1553 if ((err = put_nvlist(zc, config)) != 0)
1554 1554 error = err;
1555 1555 }
1556 1556
1557 1557 nvlist_free(config);
1558 1558
1559 1559 if (props)
1560 1560 nvlist_free(props);
1561 1561
1562 1562 return (error);
1563 1563 }
1564 1564
1565 1565 static int
1566 1566 zfs_ioc_pool_export(zfs_cmd_t *zc)
1567 1567 {
1568 1568 int error;
1569 1569 boolean_t force = (boolean_t)zc->zc_cookie;
1570 1570 boolean_t hardforce = (boolean_t)zc->zc_guid;
1571 1571
1572 1572 zfs_log_history(zc);
1573 1573 error = spa_export(zc->zc_name, NULL, force, hardforce);
1574 1574 if (error == 0)
1575 1575 zvol_remove_minors(zc->zc_name);
1576 1576 return (error);
1577 1577 }
1578 1578
1579 1579 static int
1580 1580 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1581 1581 {
1582 1582 nvlist_t *configs;
1583 1583 int error;
1584 1584
1585 1585 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1586 1586 return (SET_ERROR(EEXIST));
1587 1587
1588 1588 error = put_nvlist(zc, configs);
1589 1589
1590 1590 nvlist_free(configs);
1591 1591
1592 1592 return (error);
1593 1593 }
1594 1594
1595 1595 /*
1596 1596 * inputs:
1597 1597 * zc_name name of the pool
1598 1598 *
1599 1599 * outputs:
1600 1600 * zc_cookie real errno
1601 1601 * zc_nvlist_dst config nvlist
1602 1602 * zc_nvlist_dst_size size of config nvlist
1603 1603 */
1604 1604 static int
1605 1605 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1606 1606 {
1607 1607 nvlist_t *config;
1608 1608 int error;
1609 1609 int ret = 0;
1610 1610
1611 1611 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1612 1612 sizeof (zc->zc_value));
1613 1613
1614 1614 if (config != NULL) {
1615 1615 ret = put_nvlist(zc, config);
1616 1616 nvlist_free(config);
1617 1617
1618 1618 /*
1619 1619 * The config may be present even if 'error' is non-zero.
1620 1620 * In this case we return success, and preserve the real errno
1621 1621 * in 'zc_cookie'.
1622 1622 */
1623 1623 zc->zc_cookie = error;
1624 1624 } else {
1625 1625 ret = error;
1626 1626 }
1627 1627
1628 1628 return (ret);
1629 1629 }
1630 1630
1631 1631 /*
1632 1632 * Try to import the given pool, returning pool stats as appropriate so that
1633 1633 * user land knows which devices are available and overall pool health.
1634 1634 */
1635 1635 static int
1636 1636 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1637 1637 {
1638 1638 nvlist_t *tryconfig, *config;
1639 1639 int error;
1640 1640
1641 1641 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1642 1642 zc->zc_iflags, &tryconfig)) != 0)
1643 1643 return (error);
1644 1644
1645 1645 config = spa_tryimport(tryconfig);
1646 1646
1647 1647 nvlist_free(tryconfig);
1648 1648
1649 1649 if (config == NULL)
1650 1650 return (SET_ERROR(EINVAL));
1651 1651
1652 1652 error = put_nvlist(zc, config);
1653 1653 nvlist_free(config);
1654 1654
1655 1655 return (error);
1656 1656 }
1657 1657
1658 1658 /*
1659 1659 * inputs:
1660 1660 * zc_name name of the pool
1661 1661 * zc_cookie scan func (pool_scan_func_t)
1662 1662 */
1663 1663 static int
1664 1664 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1665 1665 {
1666 1666 spa_t *spa;
1667 1667 int error;
1668 1668
1669 1669 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1670 1670 return (error);
1671 1671
1672 1672 if (zc->zc_cookie == POOL_SCAN_NONE)
1673 1673 error = spa_scan_stop(spa);
1674 1674 else
1675 1675 error = spa_scan(spa, zc->zc_cookie);
1676 1676
1677 1677 spa_close(spa, FTAG);
1678 1678
1679 1679 return (error);
1680 1680 }
1681 1681
1682 1682 static int
1683 1683 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1684 1684 {
1685 1685 spa_t *spa;
1686 1686 int error;
1687 1687
1688 1688 error = spa_open(zc->zc_name, &spa, FTAG);
1689 1689 if (error == 0) {
1690 1690 spa_freeze(spa);
1691 1691 spa_close(spa, FTAG);
1692 1692 }
1693 1693 return (error);
1694 1694 }
1695 1695
1696 1696 static int
1697 1697 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1698 1698 {
1699 1699 spa_t *spa;
1700 1700 int error;
1701 1701
1702 1702 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1703 1703 return (error);
1704 1704
1705 1705 if (zc->zc_cookie < spa_version(spa) ||
1706 1706 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1707 1707 spa_close(spa, FTAG);
1708 1708 return (SET_ERROR(EINVAL));
1709 1709 }
1710 1710
1711 1711 spa_upgrade(spa, zc->zc_cookie);
1712 1712 spa_close(spa, FTAG);
1713 1713
1714 1714 return (error);
1715 1715 }
1716 1716
1717 1717 static int
1718 1718 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1719 1719 {
1720 1720 spa_t *spa;
1721 1721 char *hist_buf;
1722 1722 uint64_t size;
1723 1723 int error;
1724 1724
1725 1725 if ((size = zc->zc_history_len) == 0)
1726 1726 return (SET_ERROR(EINVAL));
1727 1727
1728 1728 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1729 1729 return (error);
1730 1730
1731 1731 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1732 1732 spa_close(spa, FTAG);
1733 1733 return (SET_ERROR(ENOTSUP));
1734 1734 }
1735 1735
1736 1736 hist_buf = kmem_alloc(size, KM_SLEEP);
1737 1737 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1738 1738 &zc->zc_history_len, hist_buf)) == 0) {
1739 1739 error = ddi_copyout(hist_buf,
1740 1740 (void *)(uintptr_t)zc->zc_history,
1741 1741 zc->zc_history_len, zc->zc_iflags);
1742 1742 }
1743 1743
1744 1744 spa_close(spa, FTAG);
1745 1745 kmem_free(hist_buf, size);
1746 1746 return (error);
1747 1747 }
1748 1748
1749 1749 static int
1750 1750 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1751 1751 {
1752 1752 spa_t *spa;
1753 1753 int error;
1754 1754
1755 1755 error = spa_open(zc->zc_name, &spa, FTAG);
1756 1756 if (error == 0) {
1757 1757 error = spa_change_guid(spa);
1758 1758 spa_close(spa, FTAG);
1759 1759 }
1760 1760 return (error);
1761 1761 }
1762 1762
1763 1763 static int
1764 1764 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1765 1765 {
1766 1766 return (dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value));
1767 1767 }
1768 1768
1769 1769 /*
1770 1770 * inputs:
1771 1771 * zc_name name of filesystem
1772 1772 * zc_obj object to find
1773 1773 *
1774 1774 * outputs:
1775 1775 * zc_value name of object
1776 1776 */
1777 1777 static int
1778 1778 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1779 1779 {
1780 1780 objset_t *os;
1781 1781 int error;
1782 1782
1783 1783 /* XXX reading from objset not owned */
1784 1784 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1785 1785 return (error);
1786 1786 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1787 1787 dmu_objset_rele(os, FTAG);
1788 1788 return (SET_ERROR(EINVAL));
1789 1789 }
1790 1790 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1791 1791 sizeof (zc->zc_value));
1792 1792 dmu_objset_rele(os, FTAG);
1793 1793
1794 1794 return (error);
1795 1795 }
1796 1796
1797 1797 /*
1798 1798 * inputs:
1799 1799 * zc_name name of filesystem
1800 1800 * zc_obj object to find
1801 1801 *
1802 1802 * outputs:
1803 1803 * zc_stat stats on object
1804 1804 * zc_value path to object
1805 1805 */
1806 1806 static int
1807 1807 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1808 1808 {
1809 1809 objset_t *os;
1810 1810 int error;
1811 1811
1812 1812 /* XXX reading from objset not owned */
1813 1813 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1814 1814 return (error);
1815 1815 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1816 1816 dmu_objset_rele(os, FTAG);
1817 1817 return (SET_ERROR(EINVAL));
1818 1818 }
1819 1819 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1820 1820 sizeof (zc->zc_value));
1821 1821 dmu_objset_rele(os, FTAG);
1822 1822
1823 1823 return (error);
1824 1824 }
1825 1825
1826 1826 static int
1827 1827 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1828 1828 {
1829 1829 spa_t *spa;
1830 1830 int error;
1831 1831 nvlist_t *config, **l2cache, **spares;
1832 1832 uint_t nl2cache = 0, nspares = 0;
1833 1833
1834 1834 error = spa_open(zc->zc_name, &spa, FTAG);
1835 1835 if (error != 0)
1836 1836 return (error);
1837 1837
1838 1838 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1839 1839 zc->zc_iflags, &config);
1840 1840 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1841 1841 &l2cache, &nl2cache);
1842 1842
1843 1843 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1844 1844 &spares, &nspares);
1845 1845
1846 1846 /*
1847 1847 * A root pool with concatenated devices is not supported.
1848 1848 * Thus, can not add a device to a root pool.
1849 1849 *
1850 1850 * Intent log device can not be added to a rootpool because
1851 1851 * during mountroot, zil is replayed, a seperated log device
1852 1852 * can not be accessed during the mountroot time.
1853 1853 *
1854 1854 * l2cache and spare devices are ok to be added to a rootpool.
1855 1855 */
1856 1856 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1857 1857 nvlist_free(config);
1858 1858 spa_close(spa, FTAG);
1859 1859 return (SET_ERROR(EDOM));
1860 1860 }
1861 1861
1862 1862 if (error == 0) {
1863 1863 error = spa_vdev_add(spa, config);
1864 1864 nvlist_free(config);
1865 1865 }
1866 1866 spa_close(spa, FTAG);
1867 1867 return (error);
1868 1868 }
1869 1869
1870 1870 /*
1871 1871 * inputs:
1872 1872 * zc_name name of the pool
1873 1873 * zc_nvlist_conf nvlist of devices to remove
1874 1874 * zc_cookie to stop the remove?
1875 1875 */
1876 1876 static int
1877 1877 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1878 1878 {
1879 1879 spa_t *spa;
1880 1880 int error;
1881 1881
1882 1882 error = spa_open(zc->zc_name, &spa, FTAG);
1883 1883 if (error != 0)
1884 1884 return (error);
1885 1885 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1886 1886 spa_close(spa, FTAG);
1887 1887 return (error);
1888 1888 }
1889 1889
1890 1890 static int
1891 1891 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1892 1892 {
1893 1893 spa_t *spa;
1894 1894 int error;
1895 1895 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1896 1896
1897 1897 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1898 1898 return (error);
1899 1899 switch (zc->zc_cookie) {
1900 1900 case VDEV_STATE_ONLINE:
1901 1901 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1902 1902 break;
1903 1903
1904 1904 case VDEV_STATE_OFFLINE:
1905 1905 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1906 1906 break;
1907 1907
1908 1908 case VDEV_STATE_FAULTED:
1909 1909 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1910 1910 zc->zc_obj != VDEV_AUX_EXTERNAL)
1911 1911 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1912 1912
1913 1913 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1914 1914 break;
1915 1915
1916 1916 case VDEV_STATE_DEGRADED:
1917 1917 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1918 1918 zc->zc_obj != VDEV_AUX_EXTERNAL)
1919 1919 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1920 1920
1921 1921 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1922 1922 break;
1923 1923
1924 1924 default:
1925 1925 error = SET_ERROR(EINVAL);
1926 1926 }
1927 1927 zc->zc_cookie = newstate;
1928 1928 spa_close(spa, FTAG);
1929 1929 return (error);
1930 1930 }
1931 1931
1932 1932 static int
1933 1933 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1934 1934 {
1935 1935 spa_t *spa;
1936 1936 int replacing = zc->zc_cookie;
1937 1937 nvlist_t *config;
1938 1938 int error;
1939 1939
1940 1940 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1941 1941 return (error);
1942 1942
1943 1943 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1944 1944 zc->zc_iflags, &config)) == 0) {
1945 1945 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1946 1946 nvlist_free(config);
1947 1947 }
1948 1948
1949 1949 spa_close(spa, FTAG);
1950 1950 return (error);
1951 1951 }
1952 1952
1953 1953 static int
1954 1954 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1955 1955 {
1956 1956 spa_t *spa;
1957 1957 int error;
1958 1958
1959 1959 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1960 1960 return (error);
1961 1961
1962 1962 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1963 1963
1964 1964 spa_close(spa, FTAG);
1965 1965 return (error);
1966 1966 }
1967 1967
1968 1968 static int
1969 1969 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1970 1970 {
1971 1971 spa_t *spa;
1972 1972 nvlist_t *config, *props = NULL;
1973 1973 int error;
1974 1974 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1975 1975
1976 1976 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1977 1977 return (error);
1978 1978
1979 1979 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1980 1980 zc->zc_iflags, &config)) {
1981 1981 spa_close(spa, FTAG);
1982 1982 return (error);
1983 1983 }
1984 1984
1985 1985 if (zc->zc_nvlist_src_size != 0 && (error =
1986 1986 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1987 1987 zc->zc_iflags, &props))) {
1988 1988 spa_close(spa, FTAG);
1989 1989 nvlist_free(config);
1990 1990 return (error);
1991 1991 }
1992 1992
1993 1993 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1994 1994
1995 1995 spa_close(spa, FTAG);
1996 1996
1997 1997 nvlist_free(config);
1998 1998 nvlist_free(props);
1999 1999
2000 2000 return (error);
2001 2001 }
2002 2002
2003 2003 static int
2004 2004 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
2005 2005 {
2006 2006 spa_t *spa;
2007 2007 char *path = zc->zc_value;
2008 2008 uint64_t guid = zc->zc_guid;
2009 2009 int error;
2010 2010
2011 2011 error = spa_open(zc->zc_name, &spa, FTAG);
2012 2012 if (error != 0)
2013 2013 return (error);
2014 2014
2015 2015 error = spa_vdev_setpath(spa, guid, path);
2016 2016 spa_close(spa, FTAG);
2017 2017 return (error);
2018 2018 }
2019 2019
2020 2020 static int
2021 2021 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
2022 2022 {
2023 2023 spa_t *spa;
2024 2024 char *fru = zc->zc_value;
2025 2025 uint64_t guid = zc->zc_guid;
2026 2026 int error;
2027 2027
2028 2028 error = spa_open(zc->zc_name, &spa, FTAG);
2029 2029 if (error != 0)
2030 2030 return (error);
2031 2031
2032 2032 error = spa_vdev_setfru(spa, guid, fru);
2033 2033 spa_close(spa, FTAG);
2034 2034 return (error);
2035 2035 }
2036 2036
2037 2037 static int
2038 2038 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
2039 2039 {
2040 2040 int error = 0;
2041 2041 nvlist_t *nv;
2042 2042
2043 2043 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2044 2044
2045 2045 if (zc->zc_nvlist_dst != 0 &&
2046 2046 (error = dsl_prop_get_all(os, &nv)) == 0) {
2047 2047 dmu_objset_stats(os, nv);
2048 2048 /*
2049 2049 * NB: zvol_get_stats() will read the objset contents,
2050 2050 * which we aren't supposed to do with a
2051 2051 * DS_MODE_USER hold, because it could be
2052 2052 * inconsistent. So this is a bit of a workaround...
2053 2053 * XXX reading with out owning
2054 2054 */
2055 2055 if (!zc->zc_objset_stats.dds_inconsistent &&
2056 2056 dmu_objset_type(os) == DMU_OST_ZVOL) {
2057 2057 error = zvol_get_stats(os, nv);
2058 2058 if (error == EIO)
2059 2059 return (error);
2060 2060 VERIFY0(error);
2061 2061 }
2062 2062 error = put_nvlist(zc, nv);
2063 2063 nvlist_free(nv);
2064 2064 }
2065 2065
2066 2066 return (error);
2067 2067 }
2068 2068
2069 2069 /*
2070 2070 * inputs:
2071 2071 * zc_name name of filesystem
2072 2072 * zc_nvlist_dst_size size of buffer for property nvlist
2073 2073 *
2074 2074 * outputs:
2075 2075 * zc_objset_stats stats
2076 2076 * zc_nvlist_dst property nvlist
2077 2077 * zc_nvlist_dst_size size of property nvlist
2078 2078 */
2079 2079 static int
2080 2080 zfs_ioc_objset_stats(zfs_cmd_t *zc)
2081 2081 {
2082 2082 objset_t *os;
2083 2083 int error;
2084 2084
2085 2085 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2086 2086 if (error == 0) {
2087 2087 error = zfs_ioc_objset_stats_impl(zc, os);
2088 2088 dmu_objset_rele(os, FTAG);
2089 2089 }
2090 2090
2091 2091 return (error);
2092 2092 }
2093 2093
2094 2094 /*
2095 2095 * inputs:
2096 2096 * zc_name name of filesystem
2097 2097 * zc_nvlist_dst_size size of buffer for property nvlist
2098 2098 *
2099 2099 * outputs:
2100 2100 * zc_nvlist_dst received property nvlist
2101 2101 * zc_nvlist_dst_size size of received property nvlist
2102 2102 *
2103 2103 * Gets received properties (distinct from local properties on or after
2104 2104 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2105 2105 * local property values.
2106 2106 */
2107 2107 static int
2108 2108 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
2109 2109 {
2110 2110 int error = 0;
2111 2111 nvlist_t *nv;
2112 2112
2113 2113 /*
2114 2114 * Without this check, we would return local property values if the
2115 2115 * caller has not already received properties on or after
2116 2116 * SPA_VERSION_RECVD_PROPS.
2117 2117 */
2118 2118 if (!dsl_prop_get_hasrecvd(zc->zc_name))
2119 2119 return (SET_ERROR(ENOTSUP));
2120 2120
2121 2121 if (zc->zc_nvlist_dst != 0 &&
2122 2122 (error = dsl_prop_get_received(zc->zc_name, &nv)) == 0) {
2123 2123 error = put_nvlist(zc, nv);
2124 2124 nvlist_free(nv);
2125 2125 }
2126 2126
2127 2127 return (error);
2128 2128 }
2129 2129
2130 2130 static int
2131 2131 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2132 2132 {
2133 2133 uint64_t value;
2134 2134 int error;
2135 2135
2136 2136 /*
2137 2137 * zfs_get_zplprop() will either find a value or give us
2138 2138 * the default value (if there is one).
2139 2139 */
2140 2140 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2141 2141 return (error);
2142 2142 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2143 2143 return (0);
2144 2144 }
2145 2145
2146 2146 /*
2147 2147 * inputs:
2148 2148 * zc_name name of filesystem
2149 2149 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2150 2150 *
2151 2151 * outputs:
2152 2152 * zc_nvlist_dst zpl property nvlist
2153 2153 * zc_nvlist_dst_size size of zpl property nvlist
2154 2154 */
2155 2155 static int
2156 2156 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2157 2157 {
2158 2158 objset_t *os;
2159 2159 int err;
2160 2160
2161 2161 /* XXX reading without owning */
2162 2162 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
2163 2163 return (err);
2164 2164
2165 2165 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2166 2166
2167 2167 /*
2168 2168 * NB: nvl_add_zplprop() will read the objset contents,
2169 2169 * which we aren't supposed to do with a DS_MODE_USER
2170 2170 * hold, because it could be inconsistent.
2171 2171 */
2172 2172 if (zc->zc_nvlist_dst != NULL &&
2173 2173 !zc->zc_objset_stats.dds_inconsistent &&
2174 2174 dmu_objset_type(os) == DMU_OST_ZFS) {
2175 2175 nvlist_t *nv;
2176 2176
2177 2177 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2178 2178 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2179 2179 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2180 2180 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2181 2181 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2182 2182 err = put_nvlist(zc, nv);
2183 2183 nvlist_free(nv);
2184 2184 } else {
2185 2185 err = SET_ERROR(ENOENT);
2186 2186 }
2187 2187 dmu_objset_rele(os, FTAG);
2188 2188 return (err);
2189 2189 }
2190 2190
2191 2191 static boolean_t
2192 2192 dataset_name_hidden(const char *name)
2193 2193 {
2194 2194 /*
2195 2195 * Skip over datasets that are not visible in this zone,
2196 2196 * internal datasets (which have a $ in their name), and
2197 2197 * temporary datasets (which have a % in their name).
2198 2198 */
2199 2199 if (strchr(name, '$') != NULL)
2200 2200 return (B_TRUE);
2201 2201 if (strchr(name, '%') != NULL)
2202 2202 return (B_TRUE);
2203 2203 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
2204 2204 return (B_TRUE);
2205 2205 return (B_FALSE);
2206 2206 }
2207 2207
2208 2208 /*
2209 2209 * inputs:
2210 2210 * zc_name name of filesystem
2211 2211 * zc_cookie zap cursor
2212 2212 * zc_nvlist_dst_size size of buffer for property nvlist
2213 2213 *
2214 2214 * outputs:
2215 2215 * zc_name name of next filesystem
2216 2216 * zc_cookie zap cursor
2217 2217 * zc_objset_stats stats
2218 2218 * zc_nvlist_dst property nvlist
2219 2219 * zc_nvlist_dst_size size of property nvlist
2220 2220 */
2221 2221 static int
2222 2222 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2223 2223 {
2224 2224 objset_t *os;
2225 2225 int error;
2226 2226 char *p;
2227 2227 size_t orig_len = strlen(zc->zc_name);
2228 2228
2229 2229 top:
2230 2230 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2231 2231 if (error == ENOENT)
2232 2232 error = SET_ERROR(ESRCH);
2233 2233 return (error);
2234 2234 }
2235 2235
2236 2236 p = strrchr(zc->zc_name, '/');
2237 2237 if (p == NULL || p[1] != '\0')
2238 2238 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2239 2239 p = zc->zc_name + strlen(zc->zc_name);
2240 2240
2241 2241 do {
2242 2242 error = dmu_dir_list_next(os,
2243 2243 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2244 2244 NULL, &zc->zc_cookie);
2245 2245 if (error == ENOENT)
2246 2246 error = SET_ERROR(ESRCH);
2247 2247 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2248 2248 dmu_objset_rele(os, FTAG);
2249 2249
2250 2250 /*
2251 2251 * If it's an internal dataset (ie. with a '$' in its name),
2252 2252 * don't try to get stats for it, otherwise we'll return ENOENT.
2253 2253 */
2254 2254 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2255 2255 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2256 2256 if (error == ENOENT) {
2257 2257 /* We lost a race with destroy, get the next one. */
2258 2258 zc->zc_name[orig_len] = '\0';
2259 2259 goto top;
2260 2260 }
2261 2261 }
2262 2262 return (error);
2263 2263 }
2264 2264
2265 2265 /*
2266 2266 * inputs:
2267 2267 * zc_name name of filesystem
2268 2268 * zc_cookie zap cursor
2269 2269 * zc_nvlist_dst_size size of buffer for property nvlist
2270 2270 *
2271 2271 * outputs:
2272 2272 * zc_name name of next snapshot
2273 2273 * zc_objset_stats stats
2274 2274 * zc_nvlist_dst property nvlist
2275 2275 * zc_nvlist_dst_size size of property nvlist
2276 2276 */
2277 2277 static int
2278 2278 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2279 2279 {
2280 2280 objset_t *os;
2281 2281 int error;
2282 2282
2283 2283 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2284 2284 if (error != 0) {
2285 2285 return (error == ENOENT ? ESRCH : error);
2286 2286 }
2287 2287
2288 2288 /*
2289 2289 * A dataset name of maximum length cannot have any snapshots,
2290 2290 * so exit immediately.
2291 2291 */
2292 2292 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2293 2293 dmu_objset_rele(os, FTAG);
2294 2294 return (SET_ERROR(ESRCH));
2295 2295 }
2296 2296
2297 2297 error = dmu_snapshot_list_next(os,
2298 2298 sizeof (zc->zc_name) - strlen(zc->zc_name),
2299 2299 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2300 2300 NULL);
2301 2301
2302 2302 if (error == 0) {
2303 2303 dsl_dataset_t *ds;
2304 2304 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2305 2305
2306 2306 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2307 2307 if (error == 0) {
2308 2308 objset_t *ossnap;
2309 2309
2310 2310 error = dmu_objset_from_ds(ds, &ossnap);
2311 2311 if (error == 0)
2312 2312 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2313 2313 dsl_dataset_rele(ds, FTAG);
2314 2314 }
2315 2315 } else if (error == ENOENT) {
2316 2316 error = SET_ERROR(ESRCH);
2317 2317 }
2318 2318
2319 2319 dmu_objset_rele(os, FTAG);
2320 2320 /* if we failed, undo the @ that we tacked on to zc_name */
2321 2321 if (error != 0)
2322 2322 *strchr(zc->zc_name, '@') = '\0';
2323 2323 return (error);
2324 2324 }
2325 2325
2326 2326 static int
2327 2327 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2328 2328 {
2329 2329 const char *propname = nvpair_name(pair);
2330 2330 uint64_t *valary;
2331 2331 unsigned int vallen;
2332 2332 const char *domain;
2333 2333 char *dash;
2334 2334 zfs_userquota_prop_t type;
2335 2335 uint64_t rid;
2336 2336 uint64_t quota;
2337 2337 zfsvfs_t *zfsvfs;
2338 2338 int err;
2339 2339
2340 2340 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2341 2341 nvlist_t *attrs;
2342 2342 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2343 2343 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2344 2344 &pair) != 0)
2345 2345 return (SET_ERROR(EINVAL));
2346 2346 }
2347 2347
2348 2348 /*
2349 2349 * A correctly constructed propname is encoded as
2350 2350 * userquota@<rid>-<domain>.
2351 2351 */
2352 2352 if ((dash = strchr(propname, '-')) == NULL ||
2353 2353 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2354 2354 vallen != 3)
2355 2355 return (SET_ERROR(EINVAL));
2356 2356
2357 2357 domain = dash + 1;
2358 2358 type = valary[0];
2359 2359 rid = valary[1];
2360 2360 quota = valary[2];
2361 2361
2362 2362 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2363 2363 if (err == 0) {
2364 2364 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2365 2365 zfsvfs_rele(zfsvfs, FTAG);
2366 2366 }
2367 2367
2368 2368 return (err);
2369 2369 }
2370 2370
2371 2371 /*
2372 2372 * If the named property is one that has a special function to set its value,
2373 2373 * return 0 on success and a positive error code on failure; otherwise if it is
2374 2374 * not one of the special properties handled by this function, return -1.
2375 2375 *
2376 2376 * XXX: It would be better for callers of the property interface if we handled
2377 2377 * these special cases in dsl_prop.c (in the dsl layer).
2378 2378 */
2379 2379 static int
2380 2380 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2381 2381 nvpair_t *pair)
2382 2382 {
2383 2383 const char *propname = nvpair_name(pair);
2384 2384 zfs_prop_t prop = zfs_name_to_prop(propname);
2385 2385 uint64_t intval;
2386 2386 int err = -1;
2387 2387
2388 2388 if (prop == ZPROP_INVAL) {
2389 2389 if (zfs_prop_userquota(propname))
2390 2390 return (zfs_prop_set_userquota(dsname, pair));
2391 2391 return (-1);
2392 2392 }
2393 2393
2394 2394 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2395 2395 nvlist_t *attrs;
2396 2396 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2397 2397 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2398 2398 &pair) == 0);
2399 2399 }
2400 2400
2401 2401 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2402 2402 return (-1);
2403 2403
2404 2404 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2405 2405
2406 2406 switch (prop) {
2407 2407 case ZFS_PROP_QUOTA:
2408 2408 err = dsl_dir_set_quota(dsname, source, intval);
2409 2409 break;
2410 2410 case ZFS_PROP_REFQUOTA:
2411 2411 err = dsl_dataset_set_refquota(dsname, source, intval);
2412 2412 break;
2413 2413 case ZFS_PROP_FILESYSTEM_LIMIT:
2414 2414 case ZFS_PROP_SNAPSHOT_LIMIT:
2415 2415 if (intval == UINT64_MAX) {
2416 2416 /* clearing the limit, just do it */
2417 2417 err = 0;
2418 2418 } else {
2419 2419 err = dsl_dir_activate_fs_ss_limit(dsname);
2420 2420 }
2421 2421 /*
2422 2422 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2423 2423 * default path to set the value in the nvlist.
2424 2424 */
2425 2425 if (err == 0)
2426 2426 err = -1;
2427 2427 break;
2428 2428 case ZFS_PROP_RESERVATION:
2429 2429 err = dsl_dir_set_reservation(dsname, source, intval);
2430 2430 break;
2431 2431 case ZFS_PROP_REFRESERVATION:
2432 2432 err = dsl_dataset_set_refreservation(dsname, source, intval);
2433 2433 break;
2434 2434 case ZFS_PROP_VOLSIZE:
2435 2435 err = zvol_set_volsize(dsname, intval);
2436 2436 break;
2437 2437 case ZFS_PROP_VERSION:
2438 2438 {
2439 2439 zfsvfs_t *zfsvfs;
2440 2440
2441 2441 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2442 2442 break;
2443 2443
2444 2444 err = zfs_set_version(zfsvfs, intval);
2445 2445 zfsvfs_rele(zfsvfs, FTAG);
2446 2446
2447 2447 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2448 2448 zfs_cmd_t *zc;
2449 2449
2450 2450 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2451 2451 (void) strcpy(zc->zc_name, dsname);
2452 2452 (void) zfs_ioc_userspace_upgrade(zc);
2453 2453 kmem_free(zc, sizeof (zfs_cmd_t));
2454 2454 }
2455 2455 break;
2456 2456 }
2457 2457 default:
2458 2458 err = -1;
2459 2459 }
2460 2460
2461 2461 return (err);
2462 2462 }
2463 2463
2464 2464 /*
2465 2465 * This function is best effort. If it fails to set any of the given properties,
2466 2466 * it continues to set as many as it can and returns the last error
2467 2467 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2468 2468 * with the list of names of all the properties that failed along with the
2469 2469 * corresponding error numbers.
2470 2470 *
2471 2471 * If every property is set successfully, zero is returned and errlist is not
2472 2472 * modified.
2473 2473 */
2474 2474 int
2475 2475 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2476 2476 nvlist_t *errlist)
2477 2477 {
2478 2478 nvpair_t *pair;
2479 2479 nvpair_t *propval;
2480 2480 int rv = 0;
2481 2481 uint64_t intval;
2482 2482 char *strval;
2483 2483 nvlist_t *genericnvl = fnvlist_alloc();
2484 2484 nvlist_t *retrynvl = fnvlist_alloc();
2485 2485
2486 2486 retry:
2487 2487 pair = NULL;
2488 2488 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2489 2489 const char *propname = nvpair_name(pair);
2490 2490 zfs_prop_t prop = zfs_name_to_prop(propname);
2491 2491 int err = 0;
2492 2492
2493 2493 /* decode the property value */
2494 2494 propval = pair;
2495 2495 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2496 2496 nvlist_t *attrs;
2497 2497 attrs = fnvpair_value_nvlist(pair);
2498 2498 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2499 2499 &propval) != 0)
2500 2500 err = SET_ERROR(EINVAL);
2501 2501 }
2502 2502
2503 2503 /* Validate value type */
2504 2504 if (err == 0 && prop == ZPROP_INVAL) {
2505 2505 if (zfs_prop_user(propname)) {
2506 2506 if (nvpair_type(propval) != DATA_TYPE_STRING)
2507 2507 err = SET_ERROR(EINVAL);
2508 2508 } else if (zfs_prop_userquota(propname)) {
2509 2509 if (nvpair_type(propval) !=
2510 2510 DATA_TYPE_UINT64_ARRAY)
2511 2511 err = SET_ERROR(EINVAL);
2512 2512 } else {
2513 2513 err = SET_ERROR(EINVAL);
2514 2514 }
2515 2515 } else if (err == 0) {
2516 2516 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2517 2517 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2518 2518 err = SET_ERROR(EINVAL);
2519 2519 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2520 2520 const char *unused;
2521 2521
2522 2522 intval = fnvpair_value_uint64(propval);
2523 2523
2524 2524 switch (zfs_prop_get_type(prop)) {
2525 2525 case PROP_TYPE_NUMBER:
2526 2526 break;
2527 2527 case PROP_TYPE_STRING:
2528 2528 err = SET_ERROR(EINVAL);
2529 2529 break;
2530 2530 case PROP_TYPE_INDEX:
2531 2531 if (zfs_prop_index_to_string(prop,
2532 2532 intval, &unused) != 0)
2533 2533 err = SET_ERROR(EINVAL);
2534 2534 break;
2535 2535 default:
2536 2536 cmn_err(CE_PANIC,
2537 2537 "unknown property type");
2538 2538 }
2539 2539 } else {
2540 2540 err = SET_ERROR(EINVAL);
2541 2541 }
2542 2542 }
2543 2543
2544 2544 /* Validate permissions */
2545 2545 if (err == 0)
2546 2546 err = zfs_check_settable(dsname, pair, CRED());
2547 2547
2548 2548 if (err == 0) {
2549 2549 err = zfs_prop_set_special(dsname, source, pair);
2550 2550 if (err == -1) {
2551 2551 /*
2552 2552 * For better performance we build up a list of
2553 2553 * properties to set in a single transaction.
2554 2554 */
2555 2555 err = nvlist_add_nvpair(genericnvl, pair);
2556 2556 } else if (err != 0 && nvl != retrynvl) {
2557 2557 /*
2558 2558 * This may be a spurious error caused by
2559 2559 * receiving quota and reservation out of order.
2560 2560 * Try again in a second pass.
2561 2561 */
2562 2562 err = nvlist_add_nvpair(retrynvl, pair);
2563 2563 }
2564 2564 }
2565 2565
2566 2566 if (err != 0) {
2567 2567 if (errlist != NULL)
2568 2568 fnvlist_add_int32(errlist, propname, err);
2569 2569 rv = err;
2570 2570 }
2571 2571 }
2572 2572
2573 2573 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2574 2574 nvl = retrynvl;
2575 2575 goto retry;
2576 2576 }
2577 2577
2578 2578 if (!nvlist_empty(genericnvl) &&
2579 2579 dsl_props_set(dsname, source, genericnvl) != 0) {
2580 2580 /*
2581 2581 * If this fails, we still want to set as many properties as we
2582 2582 * can, so try setting them individually.
2583 2583 */
2584 2584 pair = NULL;
2585 2585 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2586 2586 const char *propname = nvpair_name(pair);
2587 2587 int err = 0;
2588 2588
2589 2589 propval = pair;
2590 2590 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2591 2591 nvlist_t *attrs;
2592 2592 attrs = fnvpair_value_nvlist(pair);
2593 2593 propval = fnvlist_lookup_nvpair(attrs,
2594 2594 ZPROP_VALUE);
2595 2595 }
2596 2596
2597 2597 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2598 2598 strval = fnvpair_value_string(propval);
2599 2599 err = dsl_prop_set_string(dsname, propname,
2600 2600 source, strval);
2601 2601 } else {
2602 2602 intval = fnvpair_value_uint64(propval);
2603 2603 err = dsl_prop_set_int(dsname, propname, source,
2604 2604 intval);
2605 2605 }
2606 2606
2607 2607 if (err != 0) {
2608 2608 if (errlist != NULL) {
2609 2609 fnvlist_add_int32(errlist, propname,
2610 2610 err);
2611 2611 }
2612 2612 rv = err;
2613 2613 }
2614 2614 }
2615 2615 }
2616 2616 nvlist_free(genericnvl);
2617 2617 nvlist_free(retrynvl);
2618 2618
2619 2619 return (rv);
2620 2620 }
2621 2621
2622 2622 /*
2623 2623 * Check that all the properties are valid user properties.
2624 2624 */
2625 2625 static int
2626 2626 zfs_check_userprops(const char *fsname, nvlist_t *nvl)
2627 2627 {
2628 2628 nvpair_t *pair = NULL;
2629 2629 int error = 0;
2630 2630
2631 2631 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2632 2632 const char *propname = nvpair_name(pair);
2633 2633
2634 2634 if (!zfs_prop_user(propname) ||
2635 2635 nvpair_type(pair) != DATA_TYPE_STRING)
2636 2636 return (SET_ERROR(EINVAL));
2637 2637
2638 2638 if (error = zfs_secpolicy_write_perms(fsname,
2639 2639 ZFS_DELEG_PERM_USERPROP, CRED()))
2640 2640 return (error);
2641 2641
2642 2642 if (strlen(propname) >= ZAP_MAXNAMELEN)
2643 2643 return (SET_ERROR(ENAMETOOLONG));
2644 2644
2645 2645 if (strlen(fnvpair_value_string(pair)) >= ZAP_MAXVALUELEN)
2646 2646 return (E2BIG);
2647 2647 }
2648 2648 return (0);
2649 2649 }
2650 2650
2651 2651 static void
2652 2652 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2653 2653 {
2654 2654 nvpair_t *pair;
2655 2655
2656 2656 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2657 2657
2658 2658 pair = NULL;
2659 2659 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2660 2660 if (nvlist_exists(skipped, nvpair_name(pair)))
2661 2661 continue;
2662 2662
2663 2663 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2664 2664 }
2665 2665 }
2666 2666
2667 2667 static int
2668 2668 clear_received_props(const char *dsname, nvlist_t *props,
2669 2669 nvlist_t *skipped)
2670 2670 {
2671 2671 int err = 0;
2672 2672 nvlist_t *cleared_props = NULL;
2673 2673 props_skip(props, skipped, &cleared_props);
2674 2674 if (!nvlist_empty(cleared_props)) {
2675 2675 /*
2676 2676 * Acts on local properties until the dataset has received
2677 2677 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2678 2678 */
2679 2679 zprop_source_t flags = (ZPROP_SRC_NONE |
2680 2680 (dsl_prop_get_hasrecvd(dsname) ? ZPROP_SRC_RECEIVED : 0));
2681 2681 err = zfs_set_prop_nvlist(dsname, flags, cleared_props, NULL);
2682 2682 }
2683 2683 nvlist_free(cleared_props);
2684 2684 return (err);
2685 2685 }
2686 2686
2687 2687 /*
2688 2688 * inputs:
2689 2689 * zc_name name of filesystem
2690 2690 * zc_value name of property to set
2691 2691 * zc_nvlist_src{_size} nvlist of properties to apply
2692 2692 * zc_cookie received properties flag
2693 2693 *
2694 2694 * outputs:
2695 2695 * zc_nvlist_dst{_size} error for each unapplied received property
2696 2696 */
2697 2697 static int
2698 2698 zfs_ioc_set_prop(zfs_cmd_t *zc)
2699 2699 {
2700 2700 nvlist_t *nvl;
2701 2701 boolean_t received = zc->zc_cookie;
2702 2702 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2703 2703 ZPROP_SRC_LOCAL);
2704 2704 nvlist_t *errors;
2705 2705 int error;
2706 2706
2707 2707 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2708 2708 zc->zc_iflags, &nvl)) != 0)
2709 2709 return (error);
2710 2710
2711 2711 if (received) {
2712 2712 nvlist_t *origprops;
2713 2713
2714 2714 if (dsl_prop_get_received(zc->zc_name, &origprops) == 0) {
2715 2715 (void) clear_received_props(zc->zc_name,
2716 2716 origprops, nvl);
2717 2717 nvlist_free(origprops);
2718 2718 }
2719 2719
2720 2720 error = dsl_prop_set_hasrecvd(zc->zc_name);
2721 2721 }
2722 2722
2723 2723 errors = fnvlist_alloc();
2724 2724 if (error == 0)
2725 2725 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
2726 2726
2727 2727 if (zc->zc_nvlist_dst != NULL && errors != NULL) {
2728 2728 (void) put_nvlist(zc, errors);
2729 2729 }
2730 2730
2731 2731 nvlist_free(errors);
2732 2732 nvlist_free(nvl);
2733 2733 return (error);
2734 2734 }
2735 2735
2736 2736 /*
2737 2737 * inputs:
2738 2738 * zc_name name of filesystem
2739 2739 * zc_value name of property to inherit
2740 2740 * zc_cookie revert to received value if TRUE
2741 2741 *
2742 2742 * outputs: none
2743 2743 */
2744 2744 static int
2745 2745 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2746 2746 {
2747 2747 const char *propname = zc->zc_value;
2748 2748 zfs_prop_t prop = zfs_name_to_prop(propname);
2749 2749 boolean_t received = zc->zc_cookie;
2750 2750 zprop_source_t source = (received
2751 2751 ? ZPROP_SRC_NONE /* revert to received value, if any */
2752 2752 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2753 2753
2754 2754 if (received) {
2755 2755 nvlist_t *dummy;
2756 2756 nvpair_t *pair;
2757 2757 zprop_type_t type;
2758 2758 int err;
2759 2759
2760 2760 /*
2761 2761 * zfs_prop_set_special() expects properties in the form of an
2762 2762 * nvpair with type info.
2763 2763 */
2764 2764 if (prop == ZPROP_INVAL) {
2765 2765 if (!zfs_prop_user(propname))
2766 2766 return (SET_ERROR(EINVAL));
2767 2767
2768 2768 type = PROP_TYPE_STRING;
2769 2769 } else if (prop == ZFS_PROP_VOLSIZE ||
2770 2770 prop == ZFS_PROP_VERSION) {
2771 2771 return (SET_ERROR(EINVAL));
2772 2772 } else {
2773 2773 type = zfs_prop_get_type(prop);
2774 2774 }
2775 2775
2776 2776 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2777 2777
2778 2778 switch (type) {
2779 2779 case PROP_TYPE_STRING:
2780 2780 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2781 2781 break;
2782 2782 case PROP_TYPE_NUMBER:
2783 2783 case PROP_TYPE_INDEX:
2784 2784 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2785 2785 break;
2786 2786 default:
2787 2787 nvlist_free(dummy);
2788 2788 return (SET_ERROR(EINVAL));
2789 2789 }
2790 2790
2791 2791 pair = nvlist_next_nvpair(dummy, NULL);
2792 2792 err = zfs_prop_set_special(zc->zc_name, source, pair);
2793 2793 nvlist_free(dummy);
2794 2794 if (err != -1)
2795 2795 return (err); /* special property already handled */
2796 2796 } else {
2797 2797 /*
2798 2798 * Only check this in the non-received case. We want to allow
2799 2799 * 'inherit -S' to revert non-inheritable properties like quota
2800 2800 * and reservation to the received or default values even though
2801 2801 * they are not considered inheritable.
2802 2802 */
2803 2803 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2804 2804 return (SET_ERROR(EINVAL));
2805 2805 }
2806 2806
2807 2807 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2808 2808 return (dsl_prop_inherit(zc->zc_name, zc->zc_value, source));
2809 2809 }
2810 2810
2811 2811 static int
2812 2812 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2813 2813 {
2814 2814 nvlist_t *props;
2815 2815 spa_t *spa;
2816 2816 int error;
2817 2817 nvpair_t *pair;
2818 2818
2819 2819 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2820 2820 zc->zc_iflags, &props))
2821 2821 return (error);
2822 2822
2823 2823 /*
2824 2824 * If the only property is the configfile, then just do a spa_lookup()
2825 2825 * to handle the faulted case.
2826 2826 */
2827 2827 pair = nvlist_next_nvpair(props, NULL);
2828 2828 if (pair != NULL && strcmp(nvpair_name(pair),
2829 2829 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2830 2830 nvlist_next_nvpair(props, pair) == NULL) {
2831 2831 mutex_enter(&spa_namespace_lock);
2832 2832 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2833 2833 spa_configfile_set(spa, props, B_FALSE);
2834 2834 spa_config_sync(spa, B_FALSE, B_TRUE);
2835 2835 }
2836 2836 mutex_exit(&spa_namespace_lock);
2837 2837 if (spa != NULL) {
2838 2838 nvlist_free(props);
2839 2839 return (0);
2840 2840 }
2841 2841 }
2842 2842
2843 2843 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2844 2844 nvlist_free(props);
2845 2845 return (error);
2846 2846 }
2847 2847
2848 2848 error = spa_prop_set(spa, props);
2849 2849
2850 2850 nvlist_free(props);
2851 2851 spa_close(spa, FTAG);
2852 2852
2853 2853 return (error);
2854 2854 }
2855 2855
2856 2856 static int
2857 2857 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2858 2858 {
2859 2859 spa_t *spa;
2860 2860 int error;
2861 2861 nvlist_t *nvp = NULL;
2862 2862
2863 2863 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2864 2864 /*
2865 2865 * If the pool is faulted, there may be properties we can still
2866 2866 * get (such as altroot and cachefile), so attempt to get them
2867 2867 * anyway.
2868 2868 */
2869 2869 mutex_enter(&spa_namespace_lock);
2870 2870 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2871 2871 error = spa_prop_get(spa, &nvp);
2872 2872 mutex_exit(&spa_namespace_lock);
2873 2873 } else {
2874 2874 error = spa_prop_get(spa, &nvp);
2875 2875 spa_close(spa, FTAG);
2876 2876 }
2877 2877
2878 2878 if (error == 0 && zc->zc_nvlist_dst != NULL)
2879 2879 error = put_nvlist(zc, nvp);
2880 2880 else
2881 2881 error = SET_ERROR(EFAULT);
2882 2882
2883 2883 nvlist_free(nvp);
2884 2884 return (error);
2885 2885 }
2886 2886
2887 2887 /*
2888 2888 * inputs:
2889 2889 * zc_name name of filesystem
2890 2890 * zc_nvlist_src{_size} nvlist of delegated permissions
2891 2891 * zc_perm_action allow/unallow flag
2892 2892 *
2893 2893 * outputs: none
2894 2894 */
2895 2895 static int
2896 2896 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2897 2897 {
2898 2898 int error;
2899 2899 nvlist_t *fsaclnv = NULL;
2900 2900
2901 2901 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2902 2902 zc->zc_iflags, &fsaclnv)) != 0)
2903 2903 return (error);
2904 2904
2905 2905 /*
2906 2906 * Verify nvlist is constructed correctly
2907 2907 */
2908 2908 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2909 2909 nvlist_free(fsaclnv);
2910 2910 return (SET_ERROR(EINVAL));
2911 2911 }
2912 2912
2913 2913 /*
2914 2914 * If we don't have PRIV_SYS_MOUNT, then validate
2915 2915 * that user is allowed to hand out each permission in
2916 2916 * the nvlist(s)
2917 2917 */
2918 2918
2919 2919 error = secpolicy_zfs(CRED());
2920 2920 if (error != 0) {
2921 2921 if (zc->zc_perm_action == B_FALSE) {
2922 2922 error = dsl_deleg_can_allow(zc->zc_name,
2923 2923 fsaclnv, CRED());
2924 2924 } else {
2925 2925 error = dsl_deleg_can_unallow(zc->zc_name,
2926 2926 fsaclnv, CRED());
2927 2927 }
2928 2928 }
2929 2929
2930 2930 if (error == 0)
2931 2931 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2932 2932
2933 2933 nvlist_free(fsaclnv);
2934 2934 return (error);
2935 2935 }
2936 2936
2937 2937 /*
2938 2938 * inputs:
2939 2939 * zc_name name of filesystem
2940 2940 *
2941 2941 * outputs:
2942 2942 * zc_nvlist_src{_size} nvlist of delegated permissions
2943 2943 */
2944 2944 static int
2945 2945 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2946 2946 {
2947 2947 nvlist_t *nvp;
2948 2948 int error;
2949 2949
2950 2950 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2951 2951 error = put_nvlist(zc, nvp);
2952 2952 nvlist_free(nvp);
2953 2953 }
2954 2954
2955 2955 return (error);
2956 2956 }
2957 2957
2958 2958 /*
2959 2959 * Search the vfs list for a specified resource. Returns a pointer to it
2960 2960 * or NULL if no suitable entry is found. The caller of this routine
2961 2961 * is responsible for releasing the returned vfs pointer.
2962 2962 */
2963 2963 static vfs_t *
2964 2964 zfs_get_vfs(const char *resource)
2965 2965 {
2966 2966 struct vfs *vfsp;
2967 2967 struct vfs *vfs_found = NULL;
2968 2968
2969 2969 vfs_list_read_lock();
2970 2970 vfsp = rootvfs;
2971 2971 do {
2972 2972 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2973 2973 VFS_HOLD(vfsp);
2974 2974 vfs_found = vfsp;
2975 2975 break;
2976 2976 }
2977 2977 vfsp = vfsp->vfs_next;
2978 2978 } while (vfsp != rootvfs);
2979 2979 vfs_list_unlock();
2980 2980 return (vfs_found);
2981 2981 }
2982 2982
2983 2983 /* ARGSUSED */
2984 2984 static void
2985 2985 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2986 2986 {
2987 2987 zfs_creat_t *zct = arg;
2988 2988
2989 2989 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2990 2990 }
2991 2991
2992 2992 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2993 2993
2994 2994 /*
2995 2995 * inputs:
2996 2996 * os parent objset pointer (NULL if root fs)
2997 2997 * fuids_ok fuids allowed in this version of the spa?
2998 2998 * sa_ok SAs allowed in this version of the spa?
2999 2999 * createprops list of properties requested by creator
3000 3000 *
3001 3001 * outputs:
3002 3002 * zplprops values for the zplprops we attach to the master node object
3003 3003 * is_ci true if requested file system will be purely case-insensitive
3004 3004 *
3005 3005 * Determine the settings for utf8only, normalization and
3006 3006 * casesensitivity. Specific values may have been requested by the
3007 3007 * creator and/or we can inherit values from the parent dataset. If
3008 3008 * the file system is of too early a vintage, a creator can not
3009 3009 * request settings for these properties, even if the requested
3010 3010 * setting is the default value. We don't actually want to create dsl
3011 3011 * properties for these, so remove them from the source nvlist after
3012 3012 * processing.
3013 3013 */
3014 3014 static int
3015 3015 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
3016 3016 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
3017 3017 nvlist_t *zplprops, boolean_t *is_ci)
3018 3018 {
3019 3019 uint64_t sense = ZFS_PROP_UNDEFINED;
3020 3020 uint64_t norm = ZFS_PROP_UNDEFINED;
3021 3021 uint64_t u8 = ZFS_PROP_UNDEFINED;
3022 3022
3023 3023 ASSERT(zplprops != NULL);
3024 3024
3025 3025 /*
3026 3026 * Pull out creator prop choices, if any.
3027 3027 */
3028 3028 if (createprops) {
3029 3029 (void) nvlist_lookup_uint64(createprops,
3030 3030 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
3031 3031 (void) nvlist_lookup_uint64(createprops,
3032 3032 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
3033 3033 (void) nvlist_remove_all(createprops,
3034 3034 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
3035 3035 (void) nvlist_lookup_uint64(createprops,
3036 3036 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
3037 3037 (void) nvlist_remove_all(createprops,
3038 3038 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
3039 3039 (void) nvlist_lookup_uint64(createprops,
3040 3040 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
3041 3041 (void) nvlist_remove_all(createprops,
3042 3042 zfs_prop_to_name(ZFS_PROP_CASE));
3043 3043 }
3044 3044
3045 3045 /*
3046 3046 * If the zpl version requested is whacky or the file system
3047 3047 * or pool is version is too "young" to support normalization
3048 3048 * and the creator tried to set a value for one of the props,
3049 3049 * error out.
3050 3050 */
3051 3051 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
3052 3052 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
3053 3053 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
3054 3054 (zplver < ZPL_VERSION_NORMALIZATION &&
3055 3055 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
3056 3056 sense != ZFS_PROP_UNDEFINED)))
3057 3057 return (SET_ERROR(ENOTSUP));
3058 3058
3059 3059 /*
3060 3060 * Put the version in the zplprops
3061 3061 */
3062 3062 VERIFY(nvlist_add_uint64(zplprops,
3063 3063 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
3064 3064
3065 3065 if (norm == ZFS_PROP_UNDEFINED)
3066 3066 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
3067 3067 VERIFY(nvlist_add_uint64(zplprops,
3068 3068 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3069 3069
3070 3070 /*
3071 3071 * If we're normalizing, names must always be valid UTF-8 strings.
3072 3072 */
3073 3073 if (norm)
3074 3074 u8 = 1;
3075 3075 if (u8 == ZFS_PROP_UNDEFINED)
3076 3076 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
3077 3077 VERIFY(nvlist_add_uint64(zplprops,
3078 3078 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3079 3079
3080 3080 if (sense == ZFS_PROP_UNDEFINED)
3081 3081 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
3082 3082 VERIFY(nvlist_add_uint64(zplprops,
3083 3083 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3084 3084
3085 3085 if (is_ci)
3086 3086 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3087 3087
3088 3088 return (0);
3089 3089 }
3090 3090
3091 3091 static int
3092 3092 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3093 3093 nvlist_t *zplprops, boolean_t *is_ci)
3094 3094 {
3095 3095 boolean_t fuids_ok, sa_ok;
3096 3096 uint64_t zplver = ZPL_VERSION;
3097 3097 objset_t *os = NULL;
3098 3098 char parentname[MAXNAMELEN];
3099 3099 char *cp;
3100 3100 spa_t *spa;
3101 3101 uint64_t spa_vers;
3102 3102 int error;
3103 3103
3104 3104 (void) strlcpy(parentname, dataset, sizeof (parentname));
3105 3105 cp = strrchr(parentname, '/');
3106 3106 ASSERT(cp != NULL);
3107 3107 cp[0] = '\0';
3108 3108
3109 3109 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3110 3110 return (error);
3111 3111
3112 3112 spa_vers = spa_version(spa);
3113 3113 spa_close(spa, FTAG);
3114 3114
3115 3115 zplver = zfs_zpl_version_map(spa_vers);
3116 3116 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3117 3117 sa_ok = (zplver >= ZPL_VERSION_SA);
3118 3118
3119 3119 /*
3120 3120 * Open parent object set so we can inherit zplprop values.
3121 3121 */
3122 3122 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
3123 3123 return (error);
3124 3124
3125 3125 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
3126 3126 zplprops, is_ci);
3127 3127 dmu_objset_rele(os, FTAG);
3128 3128 return (error);
3129 3129 }
3130 3130
3131 3131 static int
3132 3132 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3133 3133 nvlist_t *zplprops, boolean_t *is_ci)
3134 3134 {
3135 3135 boolean_t fuids_ok;
3136 3136 boolean_t sa_ok;
3137 3137 uint64_t zplver = ZPL_VERSION;
3138 3138 int error;
3139 3139
3140 3140 zplver = zfs_zpl_version_map(spa_vers);
3141 3141 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3142 3142 sa_ok = (zplver >= ZPL_VERSION_SA);
3143 3143
3144 3144 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3145 3145 createprops, zplprops, is_ci);
3146 3146 return (error);
3147 3147 }
3148 3148
3149 3149 /*
3150 3150 * innvl: {
3151 3151 * "type" -> dmu_objset_type_t (int32)
3152 3152 * (optional) "props" -> { prop -> value }
3153 3153 * }
3154 3154 *
3155 3155 * outnvl: propname -> error code (int32)
3156 3156 */
3157 3157 static int
3158 3158 zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3159 3159 {
3160 3160 int error = 0;
3161 3161 zfs_creat_t zct = { 0 };
3162 3162 nvlist_t *nvprops = NULL;
3163 3163 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3164 3164 int32_t type32;
3165 3165 dmu_objset_type_t type;
3166 3166 boolean_t is_insensitive = B_FALSE;
3167 3167
3168 3168 if (nvlist_lookup_int32(innvl, "type", &type32) != 0)
3169 3169 return (SET_ERROR(EINVAL));
3170 3170 type = type32;
3171 3171 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3172 3172
3173 3173 switch (type) {
3174 3174 case DMU_OST_ZFS:
3175 3175 cbfunc = zfs_create_cb;
3176 3176 break;
3177 3177
3178 3178 case DMU_OST_ZVOL:
3179 3179 cbfunc = zvol_create_cb;
3180 3180 break;
3181 3181
3182 3182 default:
3183 3183 cbfunc = NULL;
3184 3184 break;
3185 3185 }
3186 3186 if (strchr(fsname, '@') ||
3187 3187 strchr(fsname, '%'))
3188 3188 return (SET_ERROR(EINVAL));
3189 3189
3190 3190 zct.zct_props = nvprops;
3191 3191
3192 3192 if (cbfunc == NULL)
3193 3193 return (SET_ERROR(EINVAL));
3194 3194
3195 3195 if (type == DMU_OST_ZVOL) {
3196 3196 uint64_t volsize, volblocksize;
3197 3197
3198 3198 if (nvprops == NULL)
3199 3199 return (SET_ERROR(EINVAL));
3200 3200 if (nvlist_lookup_uint64(nvprops,
3201 3201 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
3202 3202 return (SET_ERROR(EINVAL));
3203 3203
3204 3204 if ((error = nvlist_lookup_uint64(nvprops,
3205 3205 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3206 3206 &volblocksize)) != 0 && error != ENOENT)
3207 3207 return (SET_ERROR(EINVAL));
3208 3208
3209 3209 if (error != 0)
3210 3210 volblocksize = zfs_prop_default_numeric(
3211 3211 ZFS_PROP_VOLBLOCKSIZE);
3212 3212
3213 3213 if ((error = zvol_check_volblocksize(
3214 3214 volblocksize)) != 0 ||
3215 3215 (error = zvol_check_volsize(volsize,
3216 3216 volblocksize)) != 0)
3217 3217 return (error);
3218 3218 } else if (type == DMU_OST_ZFS) {
3219 3219 int error;
3220 3220
3221 3221 /*
3222 3222 * We have to have normalization and
3223 3223 * case-folding flags correct when we do the
3224 3224 * file system creation, so go figure them out
3225 3225 * now.
3226 3226 */
3227 3227 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3228 3228 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3229 3229 error = zfs_fill_zplprops(fsname, nvprops,
3230 3230 zct.zct_zplprops, &is_insensitive);
3231 3231 if (error != 0) {
3232 3232 nvlist_free(zct.zct_zplprops);
3233 3233 return (error);
3234 3234 }
3235 3235 }
3236 3236
3237 3237 error = dmu_objset_create(fsname, type,
3238 3238 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3239 3239 nvlist_free(zct.zct_zplprops);
3240 3240
3241 3241 /*
3242 3242 * It would be nice to do this atomically.
3243 3243 */
3244 3244 if (error == 0) {
3245 3245 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3246 3246 nvprops, outnvl);
3247 3247 if (error != 0)
3248 3248 (void) dsl_destroy_head(fsname);
3249 3249 }
3250 3250 return (error);
3251 3251 }
3252 3252
3253 3253 /*
3254 3254 * innvl: {
3255 3255 * "origin" -> name of origin snapshot
3256 3256 * (optional) "props" -> { prop -> value }
3257 3257 * }
3258 3258 *
3259 3259 * outnvl: propname -> error code (int32)
3260 3260 */
3261 3261 static int
3262 3262 zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3263 3263 {
3264 3264 int error = 0;
3265 3265 nvlist_t *nvprops = NULL;
3266 3266 char *origin_name;
3267 3267
3268 3268 if (nvlist_lookup_string(innvl, "origin", &origin_name) != 0)
3269 3269 return (SET_ERROR(EINVAL));
3270 3270 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3271 3271
3272 3272 if (strchr(fsname, '@') ||
3273 3273 strchr(fsname, '%'))
3274 3274 return (SET_ERROR(EINVAL));
3275 3275
3276 3276 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
3277 3277 return (SET_ERROR(EINVAL));
3278 3278 error = dmu_objset_clone(fsname, origin_name);
3279 3279 if (error != 0)
3280 3280 return (error);
3281 3281
3282 3282 /*
3283 3283 * It would be nice to do this atomically.
3284 3284 */
3285 3285 if (error == 0) {
3286 3286 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3287 3287 nvprops, outnvl);
3288 3288 if (error != 0)
3289 3289 (void) dsl_destroy_head(fsname);
3290 3290 }
3291 3291 return (error);
3292 3292 }
3293 3293
3294 3294 /*
3295 3295 * innvl: {
3296 3296 * "snaps" -> { snapshot1, snapshot2 }
3297 3297 * (optional) "props" -> { prop -> value (string) }
3298 3298 * }
3299 3299 *
3300 3300 * outnvl: snapshot -> error code (int32)
3301 3301 */
3302 3302 static int
3303 3303 zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3304 3304 {
3305 3305 nvlist_t *snaps;
3306 3306 nvlist_t *props = NULL;
3307 3307 int error, poollen;
3308 3308 nvpair_t *pair;
3309 3309
3310 3310 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3311 3311 if ((error = zfs_check_userprops(poolname, props)) != 0)
3312 3312 return (error);
3313 3313
3314 3314 if (!nvlist_empty(props) &&
3315 3315 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
3316 3316 return (SET_ERROR(ENOTSUP));
3317 3317
3318 3318 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3319 3319 return (SET_ERROR(EINVAL));
3320 3320 poollen = strlen(poolname);
3321 3321 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3322 3322 pair = nvlist_next_nvpair(snaps, pair)) {
3323 3323 const char *name = nvpair_name(pair);
3324 3324 const char *cp = strchr(name, '@');
3325 3325
3326 3326 /*
3327 3327 * The snap name must contain an @, and the part after it must
3328 3328 * contain only valid characters.
3329 3329 */
3330 3330 if (cp == NULL ||
3331 3331 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3332 3332 return (SET_ERROR(EINVAL));
3333 3333
3334 3334 /*
3335 3335 * The snap must be in the specified pool.
3336 3336 */
3337 3337 if (strncmp(name, poolname, poollen) != 0 ||
3338 3338 (name[poollen] != '/' && name[poollen] != '@'))
3339 3339 return (SET_ERROR(EXDEV));
3340 3340
3341 3341 /* This must be the only snap of this fs. */
3342 3342 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
3343 3343 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3344 3344 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3345 3345 == 0) {
3346 3346 return (SET_ERROR(EXDEV));
3347 3347 }
3348 3348 }
3349 3349 }
3350 3350
3351 3351 error = dsl_dataset_snapshot(snaps, props, outnvl);
3352 3352 return (error);
3353 3353 }
3354 3354
3355 3355 /*
3356 3356 * innvl: "message" -> string
3357 3357 */
3358 3358 /* ARGSUSED */
3359 3359 static int
3360 3360 zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3361 3361 {
3362 3362 char *message;
3363 3363 spa_t *spa;
3364 3364 int error;
3365 3365 char *poolname;
3366 3366
3367 3367 /*
3368 3368 * The poolname in the ioctl is not set, we get it from the TSD,
3369 3369 * which was set at the end of the last successful ioctl that allows
3370 3370 * logging. The secpolicy func already checked that it is set.
3371 3371 * Only one log ioctl is allowed after each successful ioctl, so
3372 3372 * we clear the TSD here.
3373 3373 */
3374 3374 poolname = tsd_get(zfs_allow_log_key);
3375 3375 (void) tsd_set(zfs_allow_log_key, NULL);
3376 3376 error = spa_open(poolname, &spa, FTAG);
3377 3377 strfree(poolname);
3378 3378 if (error != 0)
3379 3379 return (error);
3380 3380
3381 3381 if (nvlist_lookup_string(innvl, "message", &message) != 0) {
3382 3382 spa_close(spa, FTAG);
3383 3383 return (SET_ERROR(EINVAL));
3384 3384 }
3385 3385
3386 3386 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3387 3387 spa_close(spa, FTAG);
3388 3388 return (SET_ERROR(ENOTSUP));
3389 3389 }
3390 3390
3391 3391 error = spa_history_log(spa, message);
3392 3392 spa_close(spa, FTAG);
3393 3393 return (error);
3394 3394 }
3395 3395
3396 3396 /*
3397 3397 * The dp_config_rwlock must not be held when calling this, because the
3398 3398 * unmount may need to write out data.
3399 3399 *
3400 3400 * This function is best-effort. Callers must deal gracefully if it
3401 3401 * remains mounted (or is remounted after this call).
3402 3402 *
3403 3403 * Returns 0 if the argument is not a snapshot, or it is not currently a
3404 3404 * filesystem, or we were able to unmount it. Returns error code otherwise.
3405 3405 */
3406 3406 int
3407 3407 zfs_unmount_snap(const char *snapname)
3408 3408 {
3409 3409 vfs_t *vfsp;
3410 3410 zfsvfs_t *zfsvfs;
3411 3411 int err;
3412 3412
3413 3413 if (strchr(snapname, '@') == NULL)
3414 3414 return (0);
3415 3415
3416 3416 vfsp = zfs_get_vfs(snapname);
3417 3417 if (vfsp == NULL)
3418 3418 return (0);
3419 3419
3420 3420 zfsvfs = vfsp->vfs_data;
3421 3421 ASSERT(!dsl_pool_config_held(dmu_objset_pool(zfsvfs->z_os)));
3422 3422
3423 3423 err = vn_vfswlock(vfsp->vfs_vnodecovered);
3424 3424 VFS_RELE(vfsp);
3425 3425 if (err != 0)
3426 3426 return (SET_ERROR(err));
3427 3427
3428 3428 /*
3429 3429 * Always force the unmount for snapshots.
3430 3430 */
3431 3431 (void) dounmount(vfsp, MS_FORCE, kcred);
3432 3432 return (0);
3433 3433 }
3434 3434
3435 3435 /* ARGSUSED */
3436 3436 static int
3437 3437 zfs_unmount_snap_cb(const char *snapname, void *arg)
3438 3438 {
3439 3439 return (zfs_unmount_snap(snapname));
3440 3440 }
3441 3441
3442 3442 /*
3443 3443 * When a clone is destroyed, its origin may also need to be destroyed,
3444 3444 * in which case it must be unmounted. This routine will do that unmount
3445 3445 * if necessary.
3446 3446 */
3447 3447 void
3448 3448 zfs_destroy_unmount_origin(const char *fsname)
3449 3449 {
3450 3450 int error;
3451 3451 objset_t *os;
3452 3452 dsl_dataset_t *ds;
3453 3453
3454 3454 error = dmu_objset_hold(fsname, FTAG, &os);
3455 3455 if (error != 0)
3456 3456 return;
3457 3457 ds = dmu_objset_ds(os);
3458 3458 if (dsl_dir_is_clone(ds->ds_dir) && DS_IS_DEFER_DESTROY(ds->ds_prev)) {
3459 3459 char originname[MAXNAMELEN];
3460 3460 dsl_dataset_name(ds->ds_prev, originname);
3461 3461 dmu_objset_rele(os, FTAG);
3462 3462 (void) zfs_unmount_snap(originname);
3463 3463 } else {
3464 3464 dmu_objset_rele(os, FTAG);
3465 3465 }
3466 3466 }
3467 3467
3468 3468 /*
3469 3469 * innvl: {
3470 3470 * "snaps" -> { snapshot1, snapshot2 }
3471 3471 * (optional boolean) "defer"
3472 3472 * }
3473 3473 *
3474 3474 * outnvl: snapshot -> error code (int32)
3475 3475 *
3476 3476 */
3477 3477 /* ARGSUSED */
3478 3478 static int
3479 3479 zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3480 3480 {
3481 3481 nvlist_t *snaps;
3482 3482 nvpair_t *pair;
3483 3483 boolean_t defer;
3484 3484
3485 3485 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3486 3486 return (SET_ERROR(EINVAL));
3487 3487 defer = nvlist_exists(innvl, "defer");
3488 3488
3489 3489 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3490 3490 pair = nvlist_next_nvpair(snaps, pair)) {
3491 3491 (void) zfs_unmount_snap(nvpair_name(pair));
3492 3492 }
3493 3493
3494 3494 return (dsl_destroy_snapshots_nvl(snaps, defer, outnvl));
3495 3495 }
3496 3496
3497 3497 /*
3498 3498 * Create bookmarks. Bookmark names are of the form <fs>#<bmark>.
3499 3499 * All bookmarks must be in the same pool.
3500 3500 *
3501 3501 * innvl: {
3502 3502 * bookmark1 -> snapshot1, bookmark2 -> snapshot2
3503 3503 * }
3504 3504 *
3505 3505 * outnvl: bookmark -> error code (int32)
3506 3506 *
3507 3507 */
3508 3508 /* ARGSUSED */
3509 3509 static int
3510 3510 zfs_ioc_bookmark(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3511 3511 {
3512 3512 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3513 3513 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3514 3514 char *snap_name;
3515 3515
3516 3516 /*
3517 3517 * Verify the snapshot argument.
3518 3518 */
3519 3519 if (nvpair_value_string(pair, &snap_name) != 0)
3520 3520 return (SET_ERROR(EINVAL));
3521 3521
3522 3522
3523 3523 /* Verify that the keys (bookmarks) are unique */
3524 3524 for (nvpair_t *pair2 = nvlist_next_nvpair(innvl, pair);
3525 3525 pair2 != NULL; pair2 = nvlist_next_nvpair(innvl, pair2)) {
3526 3526 if (strcmp(nvpair_name(pair), nvpair_name(pair2)) == 0)
3527 3527 return (SET_ERROR(EINVAL));
3528 3528 }
3529 3529 }
3530 3530
3531 3531 return (dsl_bookmark_create(innvl, outnvl));
3532 3532 }
3533 3533
3534 3534 /*
3535 3535 * innvl: {
3536 3536 * property 1, property 2, ...
3537 3537 * }
3538 3538 *
3539 3539 * outnvl: {
3540 3540 * bookmark name 1 -> { property 1, property 2, ... },
3541 3541 * bookmark name 2 -> { property 1, property 2, ... }
3542 3542 * }
3543 3543 *
3544 3544 */
3545 3545 static int
3546 3546 zfs_ioc_get_bookmarks(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3547 3547 {
3548 3548 return (dsl_get_bookmarks(fsname, innvl, outnvl));
3549 3549 }
3550 3550
3551 3551 /*
3552 3552 * innvl: {
3553 3553 * bookmark name 1, bookmark name 2
3554 3554 * }
3555 3555 *
3556 3556 * outnvl: bookmark -> error code (int32)
3557 3557 *
3558 3558 */
3559 3559 static int
3560 3560 zfs_ioc_destroy_bookmarks(const char *poolname, nvlist_t *innvl,
3561 3561 nvlist_t *outnvl)
3562 3562 {
3563 3563 int error, poollen;
3564 3564
3565 3565 poollen = strlen(poolname);
3566 3566 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3567 3567 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3568 3568 const char *name = nvpair_name(pair);
3569 3569 const char *cp = strchr(name, '#');
3570 3570
3571 3571 /*
3572 3572 * The bookmark name must contain an #, and the part after it
3573 3573 * must contain only valid characters.
3574 3574 */
3575 3575 if (cp == NULL ||
3576 3576 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3577 3577 return (SET_ERROR(EINVAL));
3578 3578
3579 3579 /*
3580 3580 * The bookmark must be in the specified pool.
3581 3581 */
3582 3582 if (strncmp(name, poolname, poollen) != 0 ||
3583 3583 (name[poollen] != '/' && name[poollen] != '#'))
3584 3584 return (SET_ERROR(EXDEV));
3585 3585 }
3586 3586
3587 3587 error = dsl_bookmark_destroy(innvl, outnvl);
3588 3588 return (error);
3589 3589 }
3590 3590
3591 3591 /*
3592 3592 * inputs:
3593 3593 * zc_name name of dataset to destroy
3594 3594 * zc_objset_type type of objset
3595 3595 * zc_defer_destroy mark for deferred destroy
3596 3596 *
3597 3597 * outputs: none
3598 3598 */
3599 3599 static int
3600 3600 zfs_ioc_destroy(zfs_cmd_t *zc)
3601 3601 {
3602 3602 int err;
3603 3603
3604 3604 if (zc->zc_objset_type == DMU_OST_ZFS) {
3605 3605 err = zfs_unmount_snap(zc->zc_name);
3606 3606 if (err != 0)
3607 3607 return (err);
3608 3608 }
3609 3609
3610 3610 if (strchr(zc->zc_name, '@'))
3611 3611 err = dsl_destroy_snapshot(zc->zc_name, zc->zc_defer_destroy);
3612 3612 else
3613 3613 err = dsl_destroy_head(zc->zc_name);
3614 3614 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3615 3615 (void) zvol_remove_minor(zc->zc_name);
3616 3616 return (err);
3617 3617 }
3618 3618
3619 3619 /*
3620 3620 * fsname is name of dataset to rollback (to most recent snapshot)
3621 3621 *
3622 3622 * innvl is not used.
3623 3623 *
3624 3624 * outnvl: "target" -> name of most recent snapshot
3625 3625 * }
3626 3626 */
3627 3627 /* ARGSUSED */
3628 3628 static int
3629 3629 zfs_ioc_rollback(const char *fsname, nvlist_t *args, nvlist_t *outnvl)
3630 3630 {
3631 3631 zfsvfs_t *zfsvfs;
3632 3632 int error;
3633 3633
3634 3634 if (getzfsvfs(fsname, &zfsvfs) == 0) {
3635 3635 error = zfs_suspend_fs(zfsvfs);
3636 3636 if (error == 0) {
3637 3637 int resume_err;
3638 3638
3639 3639 error = dsl_dataset_rollback(fsname, zfsvfs, outnvl);
3640 3640 resume_err = zfs_resume_fs(zfsvfs, fsname);
3641 3641 error = error ? error : resume_err;
3642 3642 }
3643 3643 VFS_RELE(zfsvfs->z_vfs);
3644 3644 } else {
3645 3645 error = dsl_dataset_rollback(fsname, NULL, outnvl);
3646 3646 }
3647 3647 return (error);
3648 3648 }
3649 3649
3650 3650 static int
3651 3651 recursive_unmount(const char *fsname, void *arg)
3652 3652 {
3653 3653 const char *snapname = arg;
3654 3654 char fullname[MAXNAMELEN];
3655 3655
3656 3656 (void) snprintf(fullname, sizeof (fullname), "%s@%s", fsname, snapname);
3657 3657 return (zfs_unmount_snap(fullname));
3658 3658 }
3659 3659
3660 3660 /*
3661 3661 * inputs:
3662 3662 * zc_name old name of dataset
3663 3663 * zc_value new name of dataset
3664 3664 * zc_cookie recursive flag (only valid for snapshots)
3665 3665 *
3666 3666 * outputs: none
3667 3667 */
3668 3668 static int
3669 3669 zfs_ioc_rename(zfs_cmd_t *zc)
3670 3670 {
3671 3671 boolean_t recursive = zc->zc_cookie & 1;
3672 3672 char *at;
3673 3673
3674 3674 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3675 3675 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3676 3676 strchr(zc->zc_value, '%'))
3677 3677 return (SET_ERROR(EINVAL));
3678 3678
3679 3679 at = strchr(zc->zc_name, '@');
3680 3680 if (at != NULL) {
3681 3681 /* snaps must be in same fs */
3682 3682 int error;
3683 3683
3684 3684 if (strncmp(zc->zc_name, zc->zc_value, at - zc->zc_name + 1))
3685 3685 return (SET_ERROR(EXDEV));
3686 3686 *at = '\0';
3687 3687 if (zc->zc_objset_type == DMU_OST_ZFS) {
3688 3688 error = dmu_objset_find(zc->zc_name,
3689 3689 recursive_unmount, at + 1,
3690 3690 recursive ? DS_FIND_CHILDREN : 0);
3691 3691 if (error != 0) {
3692 3692 *at = '@';
3693 3693 return (error);
3694 3694 }
3695 3695 }
3696 3696 error = dsl_dataset_rename_snapshot(zc->zc_name,
3697 3697 at + 1, strchr(zc->zc_value, '@') + 1, recursive);
3698 3698 *at = '@';
3699 3699
3700 3700 return (error);
3701 3701 } else {
3702 3702 if (zc->zc_objset_type == DMU_OST_ZVOL)
3703 3703 (void) zvol_remove_minor(zc->zc_name);
3704 3704 return (dsl_dir_rename(zc->zc_name, zc->zc_value));
3705 3705 }
3706 3706 }
3707 3707
3708 3708 static int
3709 3709 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3710 3710 {
3711 3711 const char *propname = nvpair_name(pair);
3712 3712 boolean_t issnap = (strchr(dsname, '@') != NULL);
3713 3713 zfs_prop_t prop = zfs_name_to_prop(propname);
3714 3714 uint64_t intval;
3715 3715 int err;
3716 3716
3717 3717 if (prop == ZPROP_INVAL) {
3718 3718 if (zfs_prop_user(propname)) {
3719 3719 if (err = zfs_secpolicy_write_perms(dsname,
3720 3720 ZFS_DELEG_PERM_USERPROP, cr))
3721 3721 return (err);
3722 3722 return (0);
3723 3723 }
3724 3724
3725 3725 if (!issnap && zfs_prop_userquota(propname)) {
3726 3726 const char *perm = NULL;
3727 3727 const char *uq_prefix =
3728 3728 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3729 3729 const char *gq_prefix =
3730 3730 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3731 3731
3732 3732 if (strncmp(propname, uq_prefix,
3733 3733 strlen(uq_prefix)) == 0) {
3734 3734 perm = ZFS_DELEG_PERM_USERQUOTA;
3735 3735 } else if (strncmp(propname, gq_prefix,
3736 3736 strlen(gq_prefix)) == 0) {
3737 3737 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3738 3738 } else {
3739 3739 /* USERUSED and GROUPUSED are read-only */
3740 3740 return (SET_ERROR(EINVAL));
3741 3741 }
3742 3742
3743 3743 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3744 3744 return (err);
3745 3745 return (0);
3746 3746 }
3747 3747
3748 3748 return (SET_ERROR(EINVAL));
3749 3749 }
3750 3750
3751 3751 if (issnap)
3752 3752 return (SET_ERROR(EINVAL));
3753 3753
3754 3754 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3755 3755 /*
3756 3756 * dsl_prop_get_all_impl() returns properties in this
3757 3757 * format.
3758 3758 */
3759 3759 nvlist_t *attrs;
3760 3760 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3761 3761 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3762 3762 &pair) == 0);
3763 3763 }
3764 3764
3765 3765 /*
3766 3766 * Check that this value is valid for this pool version
3767 3767 */
3768 3768 switch (prop) {
3769 3769 case ZFS_PROP_COMPRESSION:
3770 3770 /*
3771 3771 * If the user specified gzip compression, make sure
3772 3772 * the SPA supports it. We ignore any errors here since
3773 3773 * we'll catch them later.
3774 3774 */
3775 3775 if (nvpair_value_uint64(pair, &intval) == 0) {
3776 3776 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3777 3777 intval <= ZIO_COMPRESS_GZIP_9 &&
3778 3778 zfs_earlier_version(dsname,
3779 3779 SPA_VERSION_GZIP_COMPRESSION)) {
3780 3780 return (SET_ERROR(ENOTSUP));
3781 3781 }
3782 3782
3783 3783 if (intval == ZIO_COMPRESS_ZLE &&
3784 3784 zfs_earlier_version(dsname,
3785 3785 SPA_VERSION_ZLE_COMPRESSION))
3786 3786 return (SET_ERROR(ENOTSUP));
3787 3787
3788 3788 if (intval == ZIO_COMPRESS_LZ4) {
3789 3789 spa_t *spa;
3790 3790
3791 3791 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3792 3792 return (err);
3793 3793
3794 3794 if (!spa_feature_is_enabled(spa,
3795 3795 SPA_FEATURE_LZ4_COMPRESS)) {
3796 3796 spa_close(spa, FTAG);
3797 3797 return (SET_ERROR(ENOTSUP));
3798 3798 }
3799 3799 spa_close(spa, FTAG);
3800 3800 }
3801 3801
3802 3802 /*
3803 3803 * If this is a bootable dataset then
3804 3804 * verify that the compression algorithm
3805 3805 * is supported for booting. We must return
3806 3806 * something other than ENOTSUP since it
3807 3807 * implies a downrev pool version.
3808 3808 */
3809 3809 if (zfs_is_bootfs(dsname) &&
3810 3810 !BOOTFS_COMPRESS_VALID(intval)) {
3811 3811 return (SET_ERROR(ERANGE));
3812 3812 }
3813 3813 }
3814 3814 break;
3815 3815
3816 3816 case ZFS_PROP_COPIES:
3817 3817 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3818 3818 return (SET_ERROR(ENOTSUP));
3819 3819 break;
3820 3820
3821 3821 case ZFS_PROP_RECORDSIZE:
3822 3822 /* Record sizes above 128k need the feature to be enabled */
3823 3823 if (nvpair_value_uint64(pair, &intval) == 0 &&
3824 3824 intval > SPA_OLD_MAXBLOCKSIZE) {
3825 3825 spa_t *spa;
3826 3826
3827 3827 /*
3828 3828 * If this is a bootable dataset then
3829 3829 * the we don't allow large (>128K) blocks,
3830 3830 * because GRUB doesn't support them.
3831 3831 */
3832 3832 if (zfs_is_bootfs(dsname) &&
3833 3833 intval > SPA_OLD_MAXBLOCKSIZE) {
3834 3834 return (SET_ERROR(ERANGE));
3835 3835 }
3836 3836
3837 3837 /*
3838 3838 * We don't allow setting the property above 1MB,
3839 3839 * unless the tunable has been changed.
3840 3840 */
3841 3841 if (intval > zfs_max_recordsize ||
3842 3842 intval > SPA_MAXBLOCKSIZE)
3843 3843 return (SET_ERROR(ERANGE));
3844 3844
3845 3845 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3846 3846 return (err);
3847 3847
3848 3848 if (!spa_feature_is_enabled(spa,
3849 3849 SPA_FEATURE_LARGE_BLOCKS)) {
3850 3850 spa_close(spa, FTAG);
3851 3851 return (SET_ERROR(ENOTSUP));
3852 3852 }
3853 3853 spa_close(spa, FTAG);
3854 3854 }
3855 3855 break;
3856 3856
3857 3857 case ZFS_PROP_SHARESMB:
3858 3858 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3859 3859 return (SET_ERROR(ENOTSUP));
3860 3860 break;
3861 3861
3862 3862 case ZFS_PROP_ACLINHERIT:
3863 3863 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3864 3864 nvpair_value_uint64(pair, &intval) == 0) {
3865 3865 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3866 3866 zfs_earlier_version(dsname,
3867 3867 SPA_VERSION_PASSTHROUGH_X))
3868 3868 return (SET_ERROR(ENOTSUP));
3869 3869 }
3870 3870 break;
3871 3871
3872 3872 case ZFS_PROP_CHECKSUM:
3873 3873 case ZFS_PROP_DEDUP:
3874 3874 {
3875 3875 spa_feature_t feature;
3876 3876 spa_t *spa;
3877 3877
3878 3878 /* dedup feature version checks */
3879 3879 if (prop == ZFS_PROP_DEDUP &&
3880 3880 zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3881 3881 return (SET_ERROR(ENOTSUP));
3882 3882
3883 3883 if (nvpair_value_uint64(pair, &intval) != 0)
3884 3884 return (SET_ERROR(EINVAL));
3885 3885
3886 3886 /* check prop value is enabled in features */
3887 3887 feature = zio_checksum_to_feature(intval);
3888 3888 if (feature == SPA_FEATURE_NONE)
3889 3889 break;
3890 3890
3891 3891 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3892 3892 return (err);
3893 3893 /*
3894 3894 * Salted checksums are not supported on root pools.
3895 3895 */
3896 3896 if (spa_bootfs(spa) != 0 &&
3897 3897 intval < ZIO_CHECKSUM_FUNCTIONS &&
3898 3898 (zio_checksum_table[intval].ci_flags &
3899 3899 ZCHECKSUM_FLAG_SALTED)) {
3900 3900 spa_close(spa, FTAG);
3901 3901 return (SET_ERROR(ERANGE));
3902 3902 }
3903 3903 if (!spa_feature_is_enabled(spa, feature)) {
3904 3904 spa_close(spa, FTAG);
3905 3905 return (SET_ERROR(ENOTSUP));
3906 3906 }
3907 3907 spa_close(spa, FTAG);
3908 3908 break;
3909 3909 }
3910 3910 }
3911 3911
3912 3912 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3913 3913 }
3914 3914
3915 3915 /*
3916 3916 * Checks for a race condition to make sure we don't increment a feature flag
3917 3917 * multiple times.
3918 3918 */
3919 3919 static int
3920 3920 zfs_prop_activate_feature_check(void *arg, dmu_tx_t *tx)
3921 3921 {
3922 3922 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3923 3923 spa_feature_t *featurep = arg;
3924 3924
3925 3925 if (!spa_feature_is_active(spa, *featurep))
3926 3926 return (0);
3927 3927 else
3928 3928 return (SET_ERROR(EBUSY));
3929 3929 }
3930 3930
3931 3931 /*
3932 3932 * The callback invoked on feature activation in the sync task caused by
3933 3933 * zfs_prop_activate_feature.
3934 3934 */
3935 3935 static void
3936 3936 zfs_prop_activate_feature_sync(void *arg, dmu_tx_t *tx)
3937 3937 {
3938 3938 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3939 3939 spa_feature_t *featurep = arg;
3940 3940
3941 3941 spa_feature_incr(spa, *featurep, tx);
3942 3942 }
3943 3943
3944 3944 /*
3945 3945 * Activates a feature on a pool in response to a property setting. This
3946 3946 * creates a new sync task which modifies the pool to reflect the feature
3947 3947 * as being active.
3948 3948 */
3949 3949 static int
3950 3950 zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature)
3951 3951 {
3952 3952 int err;
3953 3953
3954 3954 /* EBUSY here indicates that the feature is already active */
3955 3955 err = dsl_sync_task(spa_name(spa),
3956 3956 zfs_prop_activate_feature_check, zfs_prop_activate_feature_sync,
3957 3957 &feature, 2, ZFS_SPACE_CHECK_RESERVED);
3958 3958
3959 3959 if (err != 0 && err != EBUSY)
3960 3960 return (err);
3961 3961 else
3962 3962 return (0);
3963 3963 }
3964 3964
3965 3965 /*
3966 3966 * Removes properties from the given props list that fail permission checks
3967 3967 * needed to clear them and to restore them in case of a receive error. For each
3968 3968 * property, make sure we have both set and inherit permissions.
3969 3969 *
3970 3970 * Returns the first error encountered if any permission checks fail. If the
3971 3971 * caller provides a non-NULL errlist, it also gives the complete list of names
3972 3972 * of all the properties that failed a permission check along with the
3973 3973 * corresponding error numbers. The caller is responsible for freeing the
3974 3974 * returned errlist.
3975 3975 *
3976 3976 * If every property checks out successfully, zero is returned and the list
3977 3977 * pointed at by errlist is NULL.
3978 3978 */
3979 3979 static int
3980 3980 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3981 3981 {
3982 3982 zfs_cmd_t *zc;
3983 3983 nvpair_t *pair, *next_pair;
3984 3984 nvlist_t *errors;
3985 3985 int err, rv = 0;
3986 3986
3987 3987 if (props == NULL)
3988 3988 return (0);
3989 3989
3990 3990 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3991 3991
3992 3992 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3993 3993 (void) strcpy(zc->zc_name, dataset);
3994 3994 pair = nvlist_next_nvpair(props, NULL);
3995 3995 while (pair != NULL) {
3996 3996 next_pair = nvlist_next_nvpair(props, pair);
3997 3997
3998 3998 (void) strcpy(zc->zc_value, nvpair_name(pair));
3999 3999 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
4000 4000 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
4001 4001 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
4002 4002 VERIFY(nvlist_add_int32(errors,
4003 4003 zc->zc_value, err) == 0);
4004 4004 }
4005 4005 pair = next_pair;
4006 4006 }
4007 4007 kmem_free(zc, sizeof (zfs_cmd_t));
4008 4008
4009 4009 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
4010 4010 nvlist_free(errors);
4011 4011 errors = NULL;
4012 4012 } else {
4013 4013 VERIFY(nvpair_value_int32(pair, &rv) == 0);
4014 4014 }
4015 4015
4016 4016 if (errlist == NULL)
4017 4017 nvlist_free(errors);
4018 4018 else
4019 4019 *errlist = errors;
4020 4020
4021 4021 return (rv);
4022 4022 }
4023 4023
4024 4024 static boolean_t
4025 4025 propval_equals(nvpair_t *p1, nvpair_t *p2)
4026 4026 {
4027 4027 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
4028 4028 /* dsl_prop_get_all_impl() format */
4029 4029 nvlist_t *attrs;
4030 4030 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
4031 4031 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4032 4032 &p1) == 0);
4033 4033 }
4034 4034
4035 4035 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
4036 4036 nvlist_t *attrs;
4037 4037 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
4038 4038 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4039 4039 &p2) == 0);
4040 4040 }
4041 4041
4042 4042 if (nvpair_type(p1) != nvpair_type(p2))
4043 4043 return (B_FALSE);
4044 4044
4045 4045 if (nvpair_type(p1) == DATA_TYPE_STRING) {
4046 4046 char *valstr1, *valstr2;
4047 4047
4048 4048 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
4049 4049 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
4050 4050 return (strcmp(valstr1, valstr2) == 0);
4051 4051 } else {
4052 4052 uint64_t intval1, intval2;
4053 4053
4054 4054 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
4055 4055 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
4056 4056 return (intval1 == intval2);
4057 4057 }
4058 4058 }
4059 4059
4060 4060 /*
4061 4061 * Remove properties from props if they are not going to change (as determined
4062 4062 * by comparison with origprops). Remove them from origprops as well, since we
4063 4063 * do not need to clear or restore properties that won't change.
4064 4064 */
4065 4065 static void
4066 4066 props_reduce(nvlist_t *props, nvlist_t *origprops)
4067 4067 {
4068 4068 nvpair_t *pair, *next_pair;
4069 4069
4070 4070 if (origprops == NULL)
4071 4071 return; /* all props need to be received */
4072 4072
4073 4073 pair = nvlist_next_nvpair(props, NULL);
4074 4074 while (pair != NULL) {
4075 4075 const char *propname = nvpair_name(pair);
4076 4076 nvpair_t *match;
4077 4077
4078 4078 next_pair = nvlist_next_nvpair(props, pair);
4079 4079
4080 4080 if ((nvlist_lookup_nvpair(origprops, propname,
4081 4081 &match) != 0) || !propval_equals(pair, match))
4082 4082 goto next; /* need to set received value */
|
↓ open down ↓ |
4082 lines elided |
↑ open up ↑ |
4083 4083
4084 4084 /* don't clear the existing received value */
4085 4085 (void) nvlist_remove_nvpair(origprops, match);
4086 4086 /* don't bother receiving the property */
4087 4087 (void) nvlist_remove_nvpair(props, pair);
4088 4088 next:
4089 4089 pair = next_pair;
4090 4090 }
4091 4091 }
4092 4092
4093 +/*
4094 + * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4095 + * For example, refquota cannot be set until after the receipt of a dataset,
4096 + * because in replication streams, an older/earlier snapshot may exceed the
4097 + * refquota. We want to receive the older/earlier snapshot, but setting
4098 + * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4099 + * the older/earlier snapshot from being received (with EDQUOT).
4100 + *
4101 + * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4102 + *
4103 + * libzfs will need to be judicious handling errors encountered by props
4104 + * extracted by this function.
4105 + */
4106 +static nvlist_t *
4107 +extract_delay_props(nvlist_t *props)
4108 +{
4109 + nvlist_t *delayprops;
4110 + nvpair_t *nvp, *tmp;
4111 + static const zfs_prop_t delayable[] = { ZFS_PROP_REFQUOTA, 0 };
4112 + int i;
4113 +
4114 + VERIFY(nvlist_alloc(&delayprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4115 +
4116 + for (nvp = nvlist_next_nvpair(props, NULL); nvp != NULL;
4117 + nvp = nvlist_next_nvpair(props, nvp)) {
4118 + /*
4119 + * strcmp() is safe because zfs_prop_to_name() always returns
4120 + * a bounded string.
4121 + */
4122 + for (i = 0; delayable[i] != 0; i++) {
4123 + if (strcmp(zfs_prop_to_name(delayable[i]),
4124 + nvpair_name(nvp)) == 0) {
4125 + break;
4126 + }
4127 + }
4128 + if (delayable[i] != 0) {
4129 + tmp = nvlist_prev_nvpair(props, nvp);
4130 + VERIFY(nvlist_add_nvpair(delayprops, nvp) == 0);
4131 + VERIFY(nvlist_remove_nvpair(props, nvp) == 0);
4132 + nvp = tmp;
4133 + }
4134 + }
4135 +
4136 + if (nvlist_empty(delayprops)) {
4137 + nvlist_free(delayprops);
4138 + delayprops = NULL;
4139 + }
4140 + return (delayprops);
4141 +}
4142 +
4093 4143 #ifdef DEBUG
4094 4144 static boolean_t zfs_ioc_recv_inject_err;
4095 4145 #endif
4096 4146
4097 4147 /*
4098 4148 * inputs:
4099 4149 * zc_name name of containing filesystem
4100 4150 * zc_nvlist_src{_size} nvlist of properties to apply
4101 4151 * zc_value name of snapshot to create
4102 4152 * zc_string name of clone origin (if DRR_FLAG_CLONE)
4103 4153 * zc_cookie file descriptor to recv from
4104 4154 * zc_begin_record the BEGIN record of the stream (not byteswapped)
4105 4155 * zc_guid force flag
4106 4156 * zc_cleanup_fd cleanup-on-exit file descriptor
4107 4157 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
4108 4158 * zc_resumable if data is incomplete assume sender will resume
4109 4159 *
4110 4160 * outputs:
4111 4161 * zc_cookie number of bytes read
4112 4162 * zc_nvlist_dst{_size} error for each unapplied received property
4113 4163 * zc_obj zprop_errflags_t
4114 4164 * zc_action_handle handle for this guid/ds mapping
4115 4165 */
4116 4166 static int
4117 4167 zfs_ioc_recv(zfs_cmd_t *zc)
4118 4168 {
|
↓ open down ↓ |
16 lines elided |
↑ open up ↑ |
4119 4169 file_t *fp;
4120 4170 dmu_recv_cookie_t drc;
4121 4171 boolean_t force = (boolean_t)zc->zc_guid;
4122 4172 int fd;
4123 4173 int error = 0;
4124 4174 int props_error = 0;
4125 4175 nvlist_t *errors;
4126 4176 offset_t off;
4127 4177 nvlist_t *props = NULL; /* sent properties */
4128 4178 nvlist_t *origprops = NULL; /* existing properties */
4179 + nvlist_t *delayprops = NULL; /* sent properties applied post-receive */
4129 4180 char *origin = NULL;
4130 4181 char *tosnap;
4131 4182 char tofs[ZFS_MAXNAMELEN];
4132 4183 boolean_t first_recvd_props = B_FALSE;
4133 4184
4134 4185 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
4135 4186 strchr(zc->zc_value, '@') == NULL ||
4136 4187 strchr(zc->zc_value, '%'))
4137 4188 return (SET_ERROR(EINVAL));
4138 4189
4139 4190 (void) strcpy(tofs, zc->zc_value);
4140 4191 tosnap = strchr(tofs, '@');
4141 4192 *tosnap++ = '\0';
4142 4193
4143 4194 if (zc->zc_nvlist_src != NULL &&
4144 4195 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
4145 4196 zc->zc_iflags, &props)) != 0)
4146 4197 return (error);
4147 4198
4148 4199 fd = zc->zc_cookie;
4149 4200 fp = getf(fd);
4150 4201 if (fp == NULL) {
4151 4202 nvlist_free(props);
4152 4203 return (SET_ERROR(EBADF));
4153 4204 }
4154 4205
4155 4206 errors = fnvlist_alloc();
4156 4207
4157 4208 if (zc->zc_string[0])
4158 4209 origin = zc->zc_string;
4159 4210
4160 4211 error = dmu_recv_begin(tofs, tosnap,
4161 4212 &zc->zc_begin_record, force, zc->zc_resumable, origin, &drc);
4162 4213 if (error != 0)
4163 4214 goto out;
4164 4215
4165 4216 /*
4166 4217 * Set properties before we receive the stream so that they are applied
4167 4218 * to the new data. Note that we must call dmu_recv_stream() if
4168 4219 * dmu_recv_begin() succeeds.
4169 4220 */
4170 4221 if (props != NULL && !drc.drc_newfs) {
4171 4222 if (spa_version(dsl_dataset_get_spa(drc.drc_ds)) >=
4172 4223 SPA_VERSION_RECVD_PROPS &&
4173 4224 !dsl_prop_get_hasrecvd(tofs))
4174 4225 first_recvd_props = B_TRUE;
4175 4226
4176 4227 /*
4177 4228 * If new received properties are supplied, they are to
4178 4229 * completely replace the existing received properties, so stash
4179 4230 * away the existing ones.
4180 4231 */
4181 4232 if (dsl_prop_get_received(tofs, &origprops) == 0) {
4182 4233 nvlist_t *errlist = NULL;
4183 4234 /*
4184 4235 * Don't bother writing a property if its value won't
4185 4236 * change (and avoid the unnecessary security checks).
4186 4237 *
4187 4238 * The first receive after SPA_VERSION_RECVD_PROPS is a
4188 4239 * special case where we blow away all local properties
4189 4240 * regardless.
4190 4241 */
4191 4242 if (!first_recvd_props)
4192 4243 props_reduce(props, origprops);
4193 4244 if (zfs_check_clearable(tofs, origprops, &errlist) != 0)
4194 4245 (void) nvlist_merge(errors, errlist, 0);
4195 4246 nvlist_free(errlist);
4196 4247
4197 4248 if (clear_received_props(tofs, origprops,
4198 4249 first_recvd_props ? NULL : props) != 0)
|
↓ open down ↓ |
60 lines elided |
↑ open up ↑ |
4199 4250 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4200 4251 } else {
4201 4252 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4202 4253 }
4203 4254 }
4204 4255
4205 4256 if (props != NULL) {
4206 4257 props_error = dsl_prop_set_hasrecvd(tofs);
4207 4258
4208 4259 if (props_error == 0) {
4260 + delayprops = extract_delay_props(props);
4209 4261 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4210 4262 props, errors);
4211 4263 }
4212 4264 }
4213 4265
4214 - if (zc->zc_nvlist_dst_size != 0 &&
4215 - (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4216 - put_nvlist(zc, errors) != 0)) {
4217 - /*
4218 - * Caller made zc->zc_nvlist_dst less than the minimum expected
4219 - * size or supplied an invalid address.
4220 - */
4221 - props_error = SET_ERROR(EINVAL);
4222 - }
4223 -
4224 4266 off = fp->f_offset;
4225 4267 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
4226 4268 &zc->zc_action_handle);
4227 4269
4228 4270 if (error == 0) {
4229 4271 zfsvfs_t *zfsvfs = NULL;
4230 4272
4231 4273 if (getzfsvfs(tofs, &zfsvfs) == 0) {
4232 4274 /* online recv */
4233 4275 int end_err;
4234 4276
4235 4277 error = zfs_suspend_fs(zfsvfs);
4236 4278 /*
4237 4279 * If the suspend fails, then the recv_end will
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
4238 4280 * likely also fail, and clean up after itself.
4239 4281 */
4240 4282 end_err = dmu_recv_end(&drc, zfsvfs);
4241 4283 if (error == 0)
4242 4284 error = zfs_resume_fs(zfsvfs, tofs);
4243 4285 error = error ? error : end_err;
4244 4286 VFS_RELE(zfsvfs->z_vfs);
4245 4287 } else {
4246 4288 error = dmu_recv_end(&drc, NULL);
4247 4289 }
4290 +
4291 + /* Set delayed properties now, after we're done receiving. */
4292 + if (delayprops != NULL && error == 0) {
4293 + (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4294 + delayprops, errors);
4295 + }
4248 4296 }
4249 4297
4298 + if (delayprops != NULL) {
4299 + /*
4300 + * Merge delayed props back in with initial props, in case
4301 + * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
4302 + * we have to make sure clear_received_props() includes
4303 + * the delayed properties).
4304 + *
4305 + * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
4306 + * using ASSERT() will be just like a VERIFY.
4307 + */
4308 + ASSERT(nvlist_merge(props, delayprops, 0) == 0);
4309 + nvlist_free(delayprops);
4310 + }
4311 +
4312 + /*
4313 + * Now that all props, initial and delayed, are set, report the prop
4314 + * errors to the caller.
4315 + */
4316 + if (zc->zc_nvlist_dst_size != 0 &&
4317 + (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4318 + put_nvlist(zc, errors) != 0)) {
4319 + /*
4320 + * Caller made zc->zc_nvlist_dst less than the minimum expected
4321 + * size or supplied an invalid address.
4322 + */
4323 + props_error = SET_ERROR(EINVAL);
4324 + }
4325 +
4250 4326 zc->zc_cookie = off - fp->f_offset;
4251 4327 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4252 4328 fp->f_offset = off;
4253 4329
4254 4330 #ifdef DEBUG
4255 4331 if (zfs_ioc_recv_inject_err) {
4256 4332 zfs_ioc_recv_inject_err = B_FALSE;
4257 4333 error = 1;
4258 4334 }
4259 4335 #endif
4260 4336 /*
4261 4337 * On error, restore the original props.
4262 4338 */
4263 4339 if (error != 0 && props != NULL && !drc.drc_newfs) {
4264 4340 if (clear_received_props(tofs, props, NULL) != 0) {
4265 4341 /*
4266 4342 * We failed to clear the received properties.
4267 4343 * Since we may have left a $recvd value on the
4268 4344 * system, we can't clear the $hasrecvd flag.
4269 4345 */
4270 4346 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4271 4347 } else if (first_recvd_props) {
4272 4348 dsl_prop_unset_hasrecvd(tofs);
4273 4349 }
4274 4350
4275 4351 if (origprops == NULL && !drc.drc_newfs) {
4276 4352 /* We failed to stash the original properties. */
4277 4353 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4278 4354 }
4279 4355
4280 4356 /*
4281 4357 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4282 4358 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4283 4359 * explictly if we're restoring local properties cleared in the
4284 4360 * first new-style receive.
4285 4361 */
4286 4362 if (origprops != NULL &&
4287 4363 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4288 4364 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
4289 4365 origprops, NULL) != 0) {
4290 4366 /*
4291 4367 * We stashed the original properties but failed to
4292 4368 * restore them.
4293 4369 */
4294 4370 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4295 4371 }
4296 4372 }
4297 4373 out:
4298 4374 nvlist_free(props);
4299 4375 nvlist_free(origprops);
4300 4376 nvlist_free(errors);
4301 4377 releasef(fd);
4302 4378
4303 4379 if (error == 0)
4304 4380 error = props_error;
4305 4381
4306 4382 return (error);
4307 4383 }
4308 4384
4309 4385 /*
4310 4386 * inputs:
4311 4387 * zc_name name of snapshot to send
4312 4388 * zc_cookie file descriptor to send stream to
4313 4389 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4314 4390 * zc_sendobj objsetid of snapshot to send
4315 4391 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4316 4392 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4317 4393 * output size in zc_objset_type.
4318 4394 * zc_flags lzc_send_flags
4319 4395 *
4320 4396 * outputs:
4321 4397 * zc_objset_type estimated size, if zc_guid is set
4322 4398 */
4323 4399 static int
4324 4400 zfs_ioc_send(zfs_cmd_t *zc)
4325 4401 {
4326 4402 int error;
4327 4403 offset_t off;
4328 4404 boolean_t estimate = (zc->zc_guid != 0);
4329 4405 boolean_t embedok = (zc->zc_flags & 0x1);
4330 4406 boolean_t large_block_ok = (zc->zc_flags & 0x2);
4331 4407
4332 4408 if (zc->zc_obj != 0) {
4333 4409 dsl_pool_t *dp;
4334 4410 dsl_dataset_t *tosnap;
4335 4411
4336 4412 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4337 4413 if (error != 0)
4338 4414 return (error);
4339 4415
4340 4416 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4341 4417 if (error != 0) {
4342 4418 dsl_pool_rele(dp, FTAG);
4343 4419 return (error);
4344 4420 }
4345 4421
4346 4422 if (dsl_dir_is_clone(tosnap->ds_dir))
4347 4423 zc->zc_fromobj =
4348 4424 dsl_dir_phys(tosnap->ds_dir)->dd_origin_obj;
4349 4425 dsl_dataset_rele(tosnap, FTAG);
4350 4426 dsl_pool_rele(dp, FTAG);
4351 4427 }
4352 4428
4353 4429 if (estimate) {
4354 4430 dsl_pool_t *dp;
4355 4431 dsl_dataset_t *tosnap;
4356 4432 dsl_dataset_t *fromsnap = NULL;
4357 4433
4358 4434 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4359 4435 if (error != 0)
4360 4436 return (error);
4361 4437
4362 4438 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4363 4439 if (error != 0) {
4364 4440 dsl_pool_rele(dp, FTAG);
4365 4441 return (error);
4366 4442 }
4367 4443
4368 4444 if (zc->zc_fromobj != 0) {
4369 4445 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj,
4370 4446 FTAG, &fromsnap);
4371 4447 if (error != 0) {
4372 4448 dsl_dataset_rele(tosnap, FTAG);
4373 4449 dsl_pool_rele(dp, FTAG);
4374 4450 return (error);
4375 4451 }
4376 4452 }
4377 4453
4378 4454 error = dmu_send_estimate(tosnap, fromsnap,
4379 4455 &zc->zc_objset_type);
4380 4456
4381 4457 if (fromsnap != NULL)
4382 4458 dsl_dataset_rele(fromsnap, FTAG);
4383 4459 dsl_dataset_rele(tosnap, FTAG);
4384 4460 dsl_pool_rele(dp, FTAG);
4385 4461 } else {
4386 4462 file_t *fp = getf(zc->zc_cookie);
4387 4463 if (fp == NULL)
4388 4464 return (SET_ERROR(EBADF));
4389 4465
4390 4466 off = fp->f_offset;
4391 4467 error = dmu_send_obj(zc->zc_name, zc->zc_sendobj,
4392 4468 zc->zc_fromobj, embedok, large_block_ok,
4393 4469 zc->zc_cookie, fp->f_vnode, &off);
4394 4470
4395 4471 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4396 4472 fp->f_offset = off;
4397 4473 releasef(zc->zc_cookie);
4398 4474 }
4399 4475 return (error);
4400 4476 }
4401 4477
4402 4478 /*
4403 4479 * inputs:
4404 4480 * zc_name name of snapshot on which to report progress
4405 4481 * zc_cookie file descriptor of send stream
4406 4482 *
4407 4483 * outputs:
4408 4484 * zc_cookie number of bytes written in send stream thus far
4409 4485 */
4410 4486 static int
4411 4487 zfs_ioc_send_progress(zfs_cmd_t *zc)
4412 4488 {
4413 4489 dsl_pool_t *dp;
4414 4490 dsl_dataset_t *ds;
4415 4491 dmu_sendarg_t *dsp = NULL;
4416 4492 int error;
4417 4493
4418 4494 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4419 4495 if (error != 0)
4420 4496 return (error);
4421 4497
4422 4498 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &ds);
4423 4499 if (error != 0) {
4424 4500 dsl_pool_rele(dp, FTAG);
4425 4501 return (error);
4426 4502 }
4427 4503
4428 4504 mutex_enter(&ds->ds_sendstream_lock);
4429 4505
4430 4506 /*
4431 4507 * Iterate over all the send streams currently active on this dataset.
4432 4508 * If there's one which matches the specified file descriptor _and_ the
4433 4509 * stream was started by the current process, return the progress of
4434 4510 * that stream.
4435 4511 */
4436 4512 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4437 4513 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4438 4514 if (dsp->dsa_outfd == zc->zc_cookie &&
4439 4515 dsp->dsa_proc == curproc)
4440 4516 break;
4441 4517 }
4442 4518
4443 4519 if (dsp != NULL)
4444 4520 zc->zc_cookie = *(dsp->dsa_off);
4445 4521 else
4446 4522 error = SET_ERROR(ENOENT);
4447 4523
4448 4524 mutex_exit(&ds->ds_sendstream_lock);
4449 4525 dsl_dataset_rele(ds, FTAG);
4450 4526 dsl_pool_rele(dp, FTAG);
4451 4527 return (error);
4452 4528 }
4453 4529
4454 4530 static int
4455 4531 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4456 4532 {
4457 4533 int id, error;
4458 4534
4459 4535 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4460 4536 &zc->zc_inject_record);
4461 4537
4462 4538 if (error == 0)
4463 4539 zc->zc_guid = (uint64_t)id;
4464 4540
4465 4541 return (error);
4466 4542 }
4467 4543
4468 4544 static int
4469 4545 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4470 4546 {
4471 4547 return (zio_clear_fault((int)zc->zc_guid));
4472 4548 }
4473 4549
4474 4550 static int
4475 4551 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4476 4552 {
4477 4553 int id = (int)zc->zc_guid;
4478 4554 int error;
4479 4555
4480 4556 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4481 4557 &zc->zc_inject_record);
4482 4558
4483 4559 zc->zc_guid = id;
4484 4560
4485 4561 return (error);
4486 4562 }
4487 4563
4488 4564 static int
4489 4565 zfs_ioc_error_log(zfs_cmd_t *zc)
4490 4566 {
4491 4567 spa_t *spa;
4492 4568 int error;
4493 4569 size_t count = (size_t)zc->zc_nvlist_dst_size;
4494 4570
4495 4571 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4496 4572 return (error);
4497 4573
4498 4574 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4499 4575 &count);
4500 4576 if (error == 0)
4501 4577 zc->zc_nvlist_dst_size = count;
4502 4578 else
4503 4579 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4504 4580
4505 4581 spa_close(spa, FTAG);
4506 4582
4507 4583 return (error);
4508 4584 }
4509 4585
4510 4586 static int
4511 4587 zfs_ioc_clear(zfs_cmd_t *zc)
4512 4588 {
4513 4589 spa_t *spa;
4514 4590 vdev_t *vd;
4515 4591 int error;
4516 4592
4517 4593 /*
4518 4594 * On zpool clear we also fix up missing slogs
4519 4595 */
4520 4596 mutex_enter(&spa_namespace_lock);
4521 4597 spa = spa_lookup(zc->zc_name);
4522 4598 if (spa == NULL) {
4523 4599 mutex_exit(&spa_namespace_lock);
4524 4600 return (SET_ERROR(EIO));
4525 4601 }
4526 4602 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4527 4603 /* we need to let spa_open/spa_load clear the chains */
4528 4604 spa_set_log_state(spa, SPA_LOG_CLEAR);
4529 4605 }
4530 4606 spa->spa_last_open_failed = 0;
4531 4607 mutex_exit(&spa_namespace_lock);
4532 4608
4533 4609 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4534 4610 error = spa_open(zc->zc_name, &spa, FTAG);
4535 4611 } else {
4536 4612 nvlist_t *policy;
4537 4613 nvlist_t *config = NULL;
4538 4614
4539 4615 if (zc->zc_nvlist_src == NULL)
4540 4616 return (SET_ERROR(EINVAL));
4541 4617
4542 4618 if ((error = get_nvlist(zc->zc_nvlist_src,
4543 4619 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4544 4620 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4545 4621 policy, &config);
4546 4622 if (config != NULL) {
4547 4623 int err;
4548 4624
4549 4625 if ((err = put_nvlist(zc, config)) != 0)
4550 4626 error = err;
4551 4627 nvlist_free(config);
4552 4628 }
4553 4629 nvlist_free(policy);
4554 4630 }
4555 4631 }
4556 4632
4557 4633 if (error != 0)
4558 4634 return (error);
4559 4635
4560 4636 spa_vdev_state_enter(spa, SCL_NONE);
4561 4637
4562 4638 if (zc->zc_guid == 0) {
4563 4639 vd = NULL;
4564 4640 } else {
4565 4641 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4566 4642 if (vd == NULL) {
4567 4643 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4568 4644 spa_close(spa, FTAG);
4569 4645 return (SET_ERROR(ENODEV));
4570 4646 }
4571 4647 }
4572 4648
4573 4649 vdev_clear(spa, vd);
4574 4650
4575 4651 (void) spa_vdev_state_exit(spa, NULL, 0);
4576 4652
4577 4653 /*
4578 4654 * Resume any suspended I/Os.
4579 4655 */
4580 4656 if (zio_resume(spa) != 0)
4581 4657 error = SET_ERROR(EIO);
4582 4658
4583 4659 spa_close(spa, FTAG);
4584 4660
4585 4661 return (error);
4586 4662 }
4587 4663
4588 4664 static int
4589 4665 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4590 4666 {
4591 4667 spa_t *spa;
4592 4668 int error;
4593 4669
4594 4670 error = spa_open(zc->zc_name, &spa, FTAG);
4595 4671 if (error != 0)
4596 4672 return (error);
4597 4673
4598 4674 spa_vdev_state_enter(spa, SCL_NONE);
4599 4675
4600 4676 /*
4601 4677 * If a resilver is already in progress then set the
4602 4678 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4603 4679 * the scan as a side effect of the reopen. Otherwise, let
4604 4680 * vdev_open() decided if a resilver is required.
4605 4681 */
4606 4682 spa->spa_scrub_reopen = dsl_scan_resilvering(spa->spa_dsl_pool);
4607 4683 vdev_reopen(spa->spa_root_vdev);
4608 4684 spa->spa_scrub_reopen = B_FALSE;
4609 4685
4610 4686 (void) spa_vdev_state_exit(spa, NULL, 0);
4611 4687 spa_close(spa, FTAG);
4612 4688 return (0);
4613 4689 }
4614 4690 /*
4615 4691 * inputs:
4616 4692 * zc_name name of filesystem
4617 4693 * zc_value name of origin snapshot
4618 4694 *
4619 4695 * outputs:
4620 4696 * zc_string name of conflicting snapshot, if there is one
4621 4697 */
4622 4698 static int
4623 4699 zfs_ioc_promote(zfs_cmd_t *zc)
4624 4700 {
4625 4701 char *cp;
4626 4702
4627 4703 /*
4628 4704 * We don't need to unmount *all* the origin fs's snapshots, but
4629 4705 * it's easier.
4630 4706 */
4631 4707 cp = strchr(zc->zc_value, '@');
4632 4708 if (cp)
4633 4709 *cp = '\0';
4634 4710 (void) dmu_objset_find(zc->zc_value,
4635 4711 zfs_unmount_snap_cb, NULL, DS_FIND_SNAPSHOTS);
4636 4712 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4637 4713 }
4638 4714
4639 4715 /*
4640 4716 * Retrieve a single {user|group}{used|quota}@... property.
4641 4717 *
4642 4718 * inputs:
4643 4719 * zc_name name of filesystem
4644 4720 * zc_objset_type zfs_userquota_prop_t
4645 4721 * zc_value domain name (eg. "S-1-234-567-89")
4646 4722 * zc_guid RID/UID/GID
4647 4723 *
4648 4724 * outputs:
4649 4725 * zc_cookie property value
4650 4726 */
4651 4727 static int
4652 4728 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4653 4729 {
4654 4730 zfsvfs_t *zfsvfs;
4655 4731 int error;
4656 4732
4657 4733 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4658 4734 return (SET_ERROR(EINVAL));
4659 4735
4660 4736 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4661 4737 if (error != 0)
4662 4738 return (error);
4663 4739
4664 4740 error = zfs_userspace_one(zfsvfs,
4665 4741 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4666 4742 zfsvfs_rele(zfsvfs, FTAG);
4667 4743
4668 4744 return (error);
4669 4745 }
4670 4746
4671 4747 /*
4672 4748 * inputs:
4673 4749 * zc_name name of filesystem
4674 4750 * zc_cookie zap cursor
4675 4751 * zc_objset_type zfs_userquota_prop_t
4676 4752 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4677 4753 *
4678 4754 * outputs:
4679 4755 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4680 4756 * zc_cookie zap cursor
4681 4757 */
4682 4758 static int
4683 4759 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4684 4760 {
4685 4761 zfsvfs_t *zfsvfs;
4686 4762 int bufsize = zc->zc_nvlist_dst_size;
4687 4763
4688 4764 if (bufsize <= 0)
4689 4765 return (SET_ERROR(ENOMEM));
4690 4766
4691 4767 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4692 4768 if (error != 0)
4693 4769 return (error);
4694 4770
4695 4771 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4696 4772
4697 4773 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4698 4774 buf, &zc->zc_nvlist_dst_size);
4699 4775
4700 4776 if (error == 0) {
4701 4777 error = xcopyout(buf,
4702 4778 (void *)(uintptr_t)zc->zc_nvlist_dst,
4703 4779 zc->zc_nvlist_dst_size);
4704 4780 }
4705 4781 kmem_free(buf, bufsize);
4706 4782 zfsvfs_rele(zfsvfs, FTAG);
4707 4783
4708 4784 return (error);
4709 4785 }
4710 4786
4711 4787 /*
4712 4788 * inputs:
4713 4789 * zc_name name of filesystem
4714 4790 *
4715 4791 * outputs:
4716 4792 * none
4717 4793 */
4718 4794 static int
4719 4795 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4720 4796 {
4721 4797 objset_t *os;
4722 4798 int error = 0;
4723 4799 zfsvfs_t *zfsvfs;
4724 4800
4725 4801 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4726 4802 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4727 4803 /*
4728 4804 * If userused is not enabled, it may be because the
4729 4805 * objset needs to be closed & reopened (to grow the
4730 4806 * objset_phys_t). Suspend/resume the fs will do that.
4731 4807 */
4732 4808 error = zfs_suspend_fs(zfsvfs);
4733 4809 if (error == 0) {
4734 4810 dmu_objset_refresh_ownership(zfsvfs->z_os,
4735 4811 zfsvfs);
4736 4812 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4737 4813 }
4738 4814 }
4739 4815 if (error == 0)
4740 4816 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4741 4817 VFS_RELE(zfsvfs->z_vfs);
4742 4818 } else {
4743 4819 /* XXX kind of reading contents without owning */
4744 4820 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4745 4821 if (error != 0)
4746 4822 return (error);
4747 4823
4748 4824 error = dmu_objset_userspace_upgrade(os);
4749 4825 dmu_objset_rele(os, FTAG);
4750 4826 }
4751 4827
4752 4828 return (error);
4753 4829 }
4754 4830
4755 4831 /*
4756 4832 * We don't want to have a hard dependency
4757 4833 * against some special symbols in sharefs
4758 4834 * nfs, and smbsrv. Determine them if needed when
4759 4835 * the first file system is shared.
4760 4836 * Neither sharefs, nfs or smbsrv are unloadable modules.
4761 4837 */
4762 4838 int (*znfsexport_fs)(void *arg);
4763 4839 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4764 4840 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4765 4841
4766 4842 int zfs_nfsshare_inited;
4767 4843 int zfs_smbshare_inited;
4768 4844
4769 4845 ddi_modhandle_t nfs_mod;
4770 4846 ddi_modhandle_t sharefs_mod;
4771 4847 ddi_modhandle_t smbsrv_mod;
4772 4848 kmutex_t zfs_share_lock;
4773 4849
4774 4850 static int
4775 4851 zfs_init_sharefs()
4776 4852 {
4777 4853 int error;
4778 4854
4779 4855 ASSERT(MUTEX_HELD(&zfs_share_lock));
4780 4856 /* Both NFS and SMB shares also require sharetab support. */
4781 4857 if (sharefs_mod == NULL && ((sharefs_mod =
4782 4858 ddi_modopen("fs/sharefs",
4783 4859 KRTLD_MODE_FIRST, &error)) == NULL)) {
4784 4860 return (SET_ERROR(ENOSYS));
4785 4861 }
4786 4862 if (zshare_fs == NULL && ((zshare_fs =
4787 4863 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4788 4864 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4789 4865 return (SET_ERROR(ENOSYS));
4790 4866 }
4791 4867 return (0);
4792 4868 }
4793 4869
4794 4870 static int
4795 4871 zfs_ioc_share(zfs_cmd_t *zc)
4796 4872 {
4797 4873 int error;
4798 4874 int opcode;
4799 4875
4800 4876 switch (zc->zc_share.z_sharetype) {
4801 4877 case ZFS_SHARE_NFS:
4802 4878 case ZFS_UNSHARE_NFS:
4803 4879 if (zfs_nfsshare_inited == 0) {
4804 4880 mutex_enter(&zfs_share_lock);
4805 4881 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4806 4882 KRTLD_MODE_FIRST, &error)) == NULL)) {
4807 4883 mutex_exit(&zfs_share_lock);
4808 4884 return (SET_ERROR(ENOSYS));
4809 4885 }
4810 4886 if (znfsexport_fs == NULL &&
4811 4887 ((znfsexport_fs = (int (*)(void *))
4812 4888 ddi_modsym(nfs_mod,
4813 4889 "nfs_export", &error)) == NULL)) {
4814 4890 mutex_exit(&zfs_share_lock);
4815 4891 return (SET_ERROR(ENOSYS));
4816 4892 }
4817 4893 error = zfs_init_sharefs();
4818 4894 if (error != 0) {
4819 4895 mutex_exit(&zfs_share_lock);
4820 4896 return (SET_ERROR(ENOSYS));
4821 4897 }
4822 4898 zfs_nfsshare_inited = 1;
4823 4899 mutex_exit(&zfs_share_lock);
4824 4900 }
4825 4901 break;
4826 4902 case ZFS_SHARE_SMB:
4827 4903 case ZFS_UNSHARE_SMB:
4828 4904 if (zfs_smbshare_inited == 0) {
4829 4905 mutex_enter(&zfs_share_lock);
4830 4906 if (smbsrv_mod == NULL && ((smbsrv_mod =
4831 4907 ddi_modopen("drv/smbsrv",
4832 4908 KRTLD_MODE_FIRST, &error)) == NULL)) {
4833 4909 mutex_exit(&zfs_share_lock);
4834 4910 return (SET_ERROR(ENOSYS));
4835 4911 }
4836 4912 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4837 4913 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4838 4914 "smb_server_share", &error)) == NULL)) {
4839 4915 mutex_exit(&zfs_share_lock);
4840 4916 return (SET_ERROR(ENOSYS));
4841 4917 }
4842 4918 error = zfs_init_sharefs();
4843 4919 if (error != 0) {
4844 4920 mutex_exit(&zfs_share_lock);
4845 4921 return (SET_ERROR(ENOSYS));
4846 4922 }
4847 4923 zfs_smbshare_inited = 1;
4848 4924 mutex_exit(&zfs_share_lock);
4849 4925 }
4850 4926 break;
4851 4927 default:
4852 4928 return (SET_ERROR(EINVAL));
4853 4929 }
4854 4930
4855 4931 switch (zc->zc_share.z_sharetype) {
4856 4932 case ZFS_SHARE_NFS:
4857 4933 case ZFS_UNSHARE_NFS:
4858 4934 if (error =
4859 4935 znfsexport_fs((void *)
4860 4936 (uintptr_t)zc->zc_share.z_exportdata))
4861 4937 return (error);
4862 4938 break;
4863 4939 case ZFS_SHARE_SMB:
4864 4940 case ZFS_UNSHARE_SMB:
4865 4941 if (error = zsmbexport_fs((void *)
4866 4942 (uintptr_t)zc->zc_share.z_exportdata,
4867 4943 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4868 4944 B_TRUE: B_FALSE)) {
4869 4945 return (error);
4870 4946 }
4871 4947 break;
4872 4948 }
4873 4949
4874 4950 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4875 4951 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4876 4952 SHAREFS_ADD : SHAREFS_REMOVE;
4877 4953
4878 4954 /*
4879 4955 * Add or remove share from sharetab
4880 4956 */
4881 4957 error = zshare_fs(opcode,
4882 4958 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4883 4959 zc->zc_share.z_sharemax);
4884 4960
4885 4961 return (error);
4886 4962
4887 4963 }
4888 4964
4889 4965 ace_t full_access[] = {
4890 4966 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4891 4967 };
4892 4968
4893 4969 /*
4894 4970 * inputs:
4895 4971 * zc_name name of containing filesystem
4896 4972 * zc_obj object # beyond which we want next in-use object #
4897 4973 *
4898 4974 * outputs:
4899 4975 * zc_obj next in-use object #
4900 4976 */
4901 4977 static int
4902 4978 zfs_ioc_next_obj(zfs_cmd_t *zc)
4903 4979 {
4904 4980 objset_t *os = NULL;
4905 4981 int error;
4906 4982
4907 4983 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4908 4984 if (error != 0)
4909 4985 return (error);
4910 4986
4911 4987 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4912 4988 dsl_dataset_phys(os->os_dsl_dataset)->ds_prev_snap_txg);
4913 4989
4914 4990 dmu_objset_rele(os, FTAG);
4915 4991 return (error);
4916 4992 }
4917 4993
4918 4994 /*
4919 4995 * inputs:
4920 4996 * zc_name name of filesystem
4921 4997 * zc_value prefix name for snapshot
4922 4998 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4923 4999 *
4924 5000 * outputs:
4925 5001 * zc_value short name of new snapshot
4926 5002 */
4927 5003 static int
4928 5004 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4929 5005 {
4930 5006 char *snap_name;
4931 5007 char *hold_name;
4932 5008 int error;
4933 5009 minor_t minor;
4934 5010
4935 5011 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4936 5012 if (error != 0)
4937 5013 return (error);
4938 5014
4939 5015 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4940 5016 (u_longlong_t)ddi_get_lbolt64());
4941 5017 hold_name = kmem_asprintf("%%%s", zc->zc_value);
4942 5018
4943 5019 error = dsl_dataset_snapshot_tmp(zc->zc_name, snap_name, minor,
4944 5020 hold_name);
4945 5021 if (error == 0)
4946 5022 (void) strcpy(zc->zc_value, snap_name);
4947 5023 strfree(snap_name);
4948 5024 strfree(hold_name);
4949 5025 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4950 5026 return (error);
4951 5027 }
4952 5028
4953 5029 /*
4954 5030 * inputs:
4955 5031 * zc_name name of "to" snapshot
4956 5032 * zc_value name of "from" snapshot
4957 5033 * zc_cookie file descriptor to write diff data on
4958 5034 *
4959 5035 * outputs:
4960 5036 * dmu_diff_record_t's to the file descriptor
4961 5037 */
4962 5038 static int
4963 5039 zfs_ioc_diff(zfs_cmd_t *zc)
4964 5040 {
4965 5041 file_t *fp;
4966 5042 offset_t off;
4967 5043 int error;
4968 5044
4969 5045 fp = getf(zc->zc_cookie);
4970 5046 if (fp == NULL)
4971 5047 return (SET_ERROR(EBADF));
4972 5048
4973 5049 off = fp->f_offset;
4974 5050
4975 5051 error = dmu_diff(zc->zc_name, zc->zc_value, fp->f_vnode, &off);
4976 5052
4977 5053 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4978 5054 fp->f_offset = off;
4979 5055 releasef(zc->zc_cookie);
4980 5056
4981 5057 return (error);
4982 5058 }
4983 5059
4984 5060 /*
4985 5061 * Remove all ACL files in shares dir
4986 5062 */
4987 5063 static int
4988 5064 zfs_smb_acl_purge(znode_t *dzp)
4989 5065 {
4990 5066 zap_cursor_t zc;
4991 5067 zap_attribute_t zap;
4992 5068 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4993 5069 int error;
4994 5070
4995 5071 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4996 5072 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4997 5073 zap_cursor_advance(&zc)) {
4998 5074 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4999 5075 NULL, 0)) != 0)
5000 5076 break;
5001 5077 }
5002 5078 zap_cursor_fini(&zc);
5003 5079 return (error);
5004 5080 }
5005 5081
5006 5082 static int
5007 5083 zfs_ioc_smb_acl(zfs_cmd_t *zc)
5008 5084 {
5009 5085 vnode_t *vp;
5010 5086 znode_t *dzp;
5011 5087 vnode_t *resourcevp = NULL;
5012 5088 znode_t *sharedir;
5013 5089 zfsvfs_t *zfsvfs;
5014 5090 nvlist_t *nvlist;
5015 5091 char *src, *target;
5016 5092 vattr_t vattr;
5017 5093 vsecattr_t vsec;
5018 5094 int error = 0;
5019 5095
5020 5096 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
5021 5097 NO_FOLLOW, NULL, &vp)) != 0)
5022 5098 return (error);
5023 5099
5024 5100 /* Now make sure mntpnt and dataset are ZFS */
5025 5101
5026 5102 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
5027 5103 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
5028 5104 zc->zc_name) != 0)) {
5029 5105 VN_RELE(vp);
5030 5106 return (SET_ERROR(EINVAL));
5031 5107 }
5032 5108
5033 5109 dzp = VTOZ(vp);
5034 5110 zfsvfs = dzp->z_zfsvfs;
5035 5111 ZFS_ENTER(zfsvfs);
5036 5112
5037 5113 /*
5038 5114 * Create share dir if its missing.
5039 5115 */
5040 5116 mutex_enter(&zfsvfs->z_lock);
5041 5117 if (zfsvfs->z_shares_dir == 0) {
5042 5118 dmu_tx_t *tx;
5043 5119
5044 5120 tx = dmu_tx_create(zfsvfs->z_os);
5045 5121 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
5046 5122 ZFS_SHARES_DIR);
5047 5123 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
5048 5124 error = dmu_tx_assign(tx, TXG_WAIT);
5049 5125 if (error != 0) {
5050 5126 dmu_tx_abort(tx);
5051 5127 } else {
5052 5128 error = zfs_create_share_dir(zfsvfs, tx);
5053 5129 dmu_tx_commit(tx);
5054 5130 }
5055 5131 if (error != 0) {
5056 5132 mutex_exit(&zfsvfs->z_lock);
5057 5133 VN_RELE(vp);
5058 5134 ZFS_EXIT(zfsvfs);
5059 5135 return (error);
5060 5136 }
5061 5137 }
5062 5138 mutex_exit(&zfsvfs->z_lock);
5063 5139
5064 5140 ASSERT(zfsvfs->z_shares_dir);
5065 5141 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
5066 5142 VN_RELE(vp);
5067 5143 ZFS_EXIT(zfsvfs);
5068 5144 return (error);
5069 5145 }
5070 5146
5071 5147 switch (zc->zc_cookie) {
5072 5148 case ZFS_SMB_ACL_ADD:
5073 5149 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
5074 5150 vattr.va_type = VREG;
5075 5151 vattr.va_mode = S_IFREG|0777;
5076 5152 vattr.va_uid = 0;
5077 5153 vattr.va_gid = 0;
5078 5154
5079 5155 vsec.vsa_mask = VSA_ACE;
5080 5156 vsec.vsa_aclentp = &full_access;
5081 5157 vsec.vsa_aclentsz = sizeof (full_access);
5082 5158 vsec.vsa_aclcnt = 1;
5083 5159
5084 5160 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
5085 5161 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
5086 5162 if (resourcevp)
5087 5163 VN_RELE(resourcevp);
5088 5164 break;
5089 5165
5090 5166 case ZFS_SMB_ACL_REMOVE:
5091 5167 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
5092 5168 NULL, 0);
5093 5169 break;
5094 5170
5095 5171 case ZFS_SMB_ACL_RENAME:
5096 5172 if ((error = get_nvlist(zc->zc_nvlist_src,
5097 5173 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
5098 5174 VN_RELE(vp);
5099 5175 VN_RELE(ZTOV(sharedir));
5100 5176 ZFS_EXIT(zfsvfs);
5101 5177 return (error);
5102 5178 }
5103 5179 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
5104 5180 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
5105 5181 &target)) {
5106 5182 VN_RELE(vp);
5107 5183 VN_RELE(ZTOV(sharedir));
5108 5184 ZFS_EXIT(zfsvfs);
5109 5185 nvlist_free(nvlist);
5110 5186 return (error);
5111 5187 }
5112 5188 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
5113 5189 kcred, NULL, 0);
5114 5190 nvlist_free(nvlist);
5115 5191 break;
5116 5192
5117 5193 case ZFS_SMB_ACL_PURGE:
5118 5194 error = zfs_smb_acl_purge(sharedir);
5119 5195 break;
5120 5196
5121 5197 default:
5122 5198 error = SET_ERROR(EINVAL);
5123 5199 break;
5124 5200 }
5125 5201
5126 5202 VN_RELE(vp);
5127 5203 VN_RELE(ZTOV(sharedir));
5128 5204
5129 5205 ZFS_EXIT(zfsvfs);
5130 5206
5131 5207 return (error);
5132 5208 }
5133 5209
5134 5210 /*
5135 5211 * innvl: {
5136 5212 * "holds" -> { snapname -> holdname (string), ... }
5137 5213 * (optional) "cleanup_fd" -> fd (int32)
5138 5214 * }
5139 5215 *
5140 5216 * outnvl: {
5141 5217 * snapname -> error value (int32)
5142 5218 * ...
5143 5219 * }
5144 5220 */
5145 5221 /* ARGSUSED */
5146 5222 static int
5147 5223 zfs_ioc_hold(const char *pool, nvlist_t *args, nvlist_t *errlist)
5148 5224 {
5149 5225 nvpair_t *pair;
5150 5226 nvlist_t *holds;
5151 5227 int cleanup_fd = -1;
5152 5228 int error;
5153 5229 minor_t minor = 0;
5154 5230
5155 5231 error = nvlist_lookup_nvlist(args, "holds", &holds);
5156 5232 if (error != 0)
5157 5233 return (SET_ERROR(EINVAL));
5158 5234
5159 5235 /* make sure the user didn't pass us any invalid (empty) tags */
5160 5236 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
5161 5237 pair = nvlist_next_nvpair(holds, pair)) {
5162 5238 char *htag;
5163 5239
5164 5240 error = nvpair_value_string(pair, &htag);
5165 5241 if (error != 0)
5166 5242 return (SET_ERROR(error));
5167 5243
5168 5244 if (strlen(htag) == 0)
5169 5245 return (SET_ERROR(EINVAL));
5170 5246 }
5171 5247
5172 5248 if (nvlist_lookup_int32(args, "cleanup_fd", &cleanup_fd) == 0) {
5173 5249 error = zfs_onexit_fd_hold(cleanup_fd, &minor);
5174 5250 if (error != 0)
5175 5251 return (error);
5176 5252 }
5177 5253
5178 5254 error = dsl_dataset_user_hold(holds, minor, errlist);
5179 5255 if (minor != 0)
5180 5256 zfs_onexit_fd_rele(cleanup_fd);
5181 5257 return (error);
5182 5258 }
5183 5259
5184 5260 /*
5185 5261 * innvl is not used.
5186 5262 *
5187 5263 * outnvl: {
5188 5264 * holdname -> time added (uint64 seconds since epoch)
5189 5265 * ...
5190 5266 * }
5191 5267 */
5192 5268 /* ARGSUSED */
5193 5269 static int
5194 5270 zfs_ioc_get_holds(const char *snapname, nvlist_t *args, nvlist_t *outnvl)
5195 5271 {
5196 5272 return (dsl_dataset_get_holds(snapname, outnvl));
5197 5273 }
5198 5274
5199 5275 /*
5200 5276 * innvl: {
5201 5277 * snapname -> { holdname, ... }
5202 5278 * ...
5203 5279 * }
5204 5280 *
5205 5281 * outnvl: {
5206 5282 * snapname -> error value (int32)
5207 5283 * ...
5208 5284 * }
5209 5285 */
5210 5286 /* ARGSUSED */
5211 5287 static int
5212 5288 zfs_ioc_release(const char *pool, nvlist_t *holds, nvlist_t *errlist)
5213 5289 {
5214 5290 return (dsl_dataset_user_release(holds, errlist));
5215 5291 }
5216 5292
5217 5293 /*
5218 5294 * inputs:
5219 5295 * zc_name name of new filesystem or snapshot
5220 5296 * zc_value full name of old snapshot
5221 5297 *
5222 5298 * outputs:
5223 5299 * zc_cookie space in bytes
5224 5300 * zc_objset_type compressed space in bytes
5225 5301 * zc_perm_action uncompressed space in bytes
5226 5302 */
5227 5303 static int
5228 5304 zfs_ioc_space_written(zfs_cmd_t *zc)
5229 5305 {
5230 5306 int error;
5231 5307 dsl_pool_t *dp;
5232 5308 dsl_dataset_t *new, *old;
5233 5309
5234 5310 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5235 5311 if (error != 0)
5236 5312 return (error);
5237 5313 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &new);
5238 5314 if (error != 0) {
5239 5315 dsl_pool_rele(dp, FTAG);
5240 5316 return (error);
5241 5317 }
5242 5318 error = dsl_dataset_hold(dp, zc->zc_value, FTAG, &old);
5243 5319 if (error != 0) {
5244 5320 dsl_dataset_rele(new, FTAG);
5245 5321 dsl_pool_rele(dp, FTAG);
5246 5322 return (error);
5247 5323 }
5248 5324
5249 5325 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5250 5326 &zc->zc_objset_type, &zc->zc_perm_action);
5251 5327 dsl_dataset_rele(old, FTAG);
5252 5328 dsl_dataset_rele(new, FTAG);
5253 5329 dsl_pool_rele(dp, FTAG);
5254 5330 return (error);
5255 5331 }
5256 5332
5257 5333 /*
5258 5334 * innvl: {
5259 5335 * "firstsnap" -> snapshot name
5260 5336 * }
5261 5337 *
5262 5338 * outnvl: {
5263 5339 * "used" -> space in bytes
5264 5340 * "compressed" -> compressed space in bytes
5265 5341 * "uncompressed" -> uncompressed space in bytes
5266 5342 * }
5267 5343 */
5268 5344 static int
5269 5345 zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
5270 5346 {
5271 5347 int error;
5272 5348 dsl_pool_t *dp;
5273 5349 dsl_dataset_t *new, *old;
5274 5350 char *firstsnap;
5275 5351 uint64_t used, comp, uncomp;
5276 5352
5277 5353 if (nvlist_lookup_string(innvl, "firstsnap", &firstsnap) != 0)
5278 5354 return (SET_ERROR(EINVAL));
5279 5355
5280 5356 error = dsl_pool_hold(lastsnap, FTAG, &dp);
5281 5357 if (error != 0)
5282 5358 return (error);
5283 5359
5284 5360 error = dsl_dataset_hold(dp, lastsnap, FTAG, &new);
5285 5361 if (error == 0 && !new->ds_is_snapshot) {
5286 5362 dsl_dataset_rele(new, FTAG);
5287 5363 error = SET_ERROR(EINVAL);
5288 5364 }
5289 5365 if (error != 0) {
5290 5366 dsl_pool_rele(dp, FTAG);
5291 5367 return (error);
5292 5368 }
5293 5369 error = dsl_dataset_hold(dp, firstsnap, FTAG, &old);
5294 5370 if (error == 0 && !old->ds_is_snapshot) {
5295 5371 dsl_dataset_rele(old, FTAG);
5296 5372 error = SET_ERROR(EINVAL);
5297 5373 }
5298 5374 if (error != 0) {
5299 5375 dsl_dataset_rele(new, FTAG);
5300 5376 dsl_pool_rele(dp, FTAG);
5301 5377 return (error);
5302 5378 }
5303 5379
5304 5380 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
5305 5381 dsl_dataset_rele(old, FTAG);
5306 5382 dsl_dataset_rele(new, FTAG);
5307 5383 dsl_pool_rele(dp, FTAG);
5308 5384 fnvlist_add_uint64(outnvl, "used", used);
5309 5385 fnvlist_add_uint64(outnvl, "compressed", comp);
5310 5386 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
5311 5387 return (error);
5312 5388 }
5313 5389
5314 5390 /*
5315 5391 * innvl: {
5316 5392 * "fd" -> file descriptor to write stream to (int32)
5317 5393 * (optional) "fromsnap" -> full snap name to send an incremental from
5318 5394 * (optional) "largeblockok" -> (value ignored)
5319 5395 * indicates that blocks > 128KB are permitted
5320 5396 * (optional) "embedok" -> (value ignored)
5321 5397 * presence indicates DRR_WRITE_EMBEDDED records are permitted
5322 5398 * (optional) "resume_object" and "resume_offset" -> (uint64)
5323 5399 * if present, resume send stream from specified object and offset.
5324 5400 * }
5325 5401 *
5326 5402 * outnvl is unused
5327 5403 */
5328 5404 /* ARGSUSED */
5329 5405 static int
5330 5406 zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5331 5407 {
5332 5408 int error;
5333 5409 offset_t off;
5334 5410 char *fromname = NULL;
5335 5411 int fd;
5336 5412 boolean_t largeblockok;
5337 5413 boolean_t embedok;
5338 5414 uint64_t resumeobj = 0;
5339 5415 uint64_t resumeoff = 0;
5340 5416
5341 5417 error = nvlist_lookup_int32(innvl, "fd", &fd);
5342 5418 if (error != 0)
5343 5419 return (SET_ERROR(EINVAL));
5344 5420
5345 5421 (void) nvlist_lookup_string(innvl, "fromsnap", &fromname);
5346 5422
5347 5423 largeblockok = nvlist_exists(innvl, "largeblockok");
5348 5424 embedok = nvlist_exists(innvl, "embedok");
5349 5425
5350 5426 (void) nvlist_lookup_uint64(innvl, "resume_object", &resumeobj);
5351 5427 (void) nvlist_lookup_uint64(innvl, "resume_offset", &resumeoff);
5352 5428
5353 5429 file_t *fp = getf(fd);
5354 5430 if (fp == NULL)
5355 5431 return (SET_ERROR(EBADF));
5356 5432
5357 5433 off = fp->f_offset;
5358 5434 error = dmu_send(snapname, fromname, embedok, largeblockok, fd,
5359 5435 resumeobj, resumeoff, fp->f_vnode, &off);
5360 5436
5361 5437 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5362 5438 fp->f_offset = off;
5363 5439 releasef(fd);
5364 5440 return (error);
5365 5441 }
5366 5442
5367 5443 /*
5368 5444 * Determine approximately how large a zfs send stream will be -- the number
5369 5445 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5370 5446 *
5371 5447 * innvl: {
5372 5448 * (optional) "from" -> full snap or bookmark name to send an incremental
5373 5449 * from
5374 5450 * }
5375 5451 *
5376 5452 * outnvl: {
5377 5453 * "space" -> bytes of space (uint64)
5378 5454 * }
5379 5455 */
5380 5456 static int
5381 5457 zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5382 5458 {
5383 5459 dsl_pool_t *dp;
5384 5460 dsl_dataset_t *tosnap;
5385 5461 int error;
5386 5462 char *fromname;
5387 5463 uint64_t space;
5388 5464
5389 5465 error = dsl_pool_hold(snapname, FTAG, &dp);
5390 5466 if (error != 0)
5391 5467 return (error);
5392 5468
5393 5469 error = dsl_dataset_hold(dp, snapname, FTAG, &tosnap);
5394 5470 if (error != 0) {
5395 5471 dsl_pool_rele(dp, FTAG);
5396 5472 return (error);
5397 5473 }
5398 5474
5399 5475 error = nvlist_lookup_string(innvl, "from", &fromname);
5400 5476 if (error == 0) {
5401 5477 if (strchr(fromname, '@') != NULL) {
5402 5478 /*
5403 5479 * If from is a snapshot, hold it and use the more
5404 5480 * efficient dmu_send_estimate to estimate send space
5405 5481 * size using deadlists.
5406 5482 */
5407 5483 dsl_dataset_t *fromsnap;
5408 5484 error = dsl_dataset_hold(dp, fromname, FTAG, &fromsnap);
5409 5485 if (error != 0)
5410 5486 goto out;
5411 5487 error = dmu_send_estimate(tosnap, fromsnap, &space);
5412 5488 dsl_dataset_rele(fromsnap, FTAG);
5413 5489 } else if (strchr(fromname, '#') != NULL) {
5414 5490 /*
5415 5491 * If from is a bookmark, fetch the creation TXG of the
5416 5492 * snapshot it was created from and use that to find
5417 5493 * blocks that were born after it.
5418 5494 */
5419 5495 zfs_bookmark_phys_t frombm;
5420 5496
5421 5497 error = dsl_bookmark_lookup(dp, fromname, tosnap,
5422 5498 &frombm);
5423 5499 if (error != 0)
5424 5500 goto out;
5425 5501 error = dmu_send_estimate_from_txg(tosnap,
5426 5502 frombm.zbm_creation_txg, &space);
5427 5503 } else {
5428 5504 /*
5429 5505 * from is not properly formatted as a snapshot or
5430 5506 * bookmark
5431 5507 */
5432 5508 error = SET_ERROR(EINVAL);
5433 5509 goto out;
5434 5510 }
5435 5511 } else {
5436 5512 // If estimating the size of a full send, use dmu_send_estimate
5437 5513 error = dmu_send_estimate(tosnap, NULL, &space);
5438 5514 }
5439 5515
5440 5516 fnvlist_add_uint64(outnvl, "space", space);
5441 5517
5442 5518 out:
5443 5519 dsl_dataset_rele(tosnap, FTAG);
5444 5520 dsl_pool_rele(dp, FTAG);
5445 5521 return (error);
5446 5522 }
5447 5523
5448 5524 static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
5449 5525
5450 5526 static void
5451 5527 zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5452 5528 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5453 5529 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
5454 5530 {
5455 5531 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5456 5532
5457 5533 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5458 5534 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5459 5535 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5460 5536 ASSERT3P(vec->zvec_func, ==, NULL);
5461 5537
5462 5538 vec->zvec_legacy_func = func;
5463 5539 vec->zvec_secpolicy = secpolicy;
5464 5540 vec->zvec_namecheck = namecheck;
5465 5541 vec->zvec_allow_log = log_history;
5466 5542 vec->zvec_pool_check = pool_check;
5467 5543 }
5468 5544
5469 5545 /*
5470 5546 * See the block comment at the beginning of this file for details on
5471 5547 * each argument to this function.
5472 5548 */
5473 5549 static void
5474 5550 zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
5475 5551 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5476 5552 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
5477 5553 boolean_t allow_log)
5478 5554 {
5479 5555 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5480 5556
5481 5557 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5482 5558 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5483 5559 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5484 5560 ASSERT3P(vec->zvec_func, ==, NULL);
5485 5561
5486 5562 /* if we are logging, the name must be valid */
5487 5563 ASSERT(!allow_log || namecheck != NO_NAME);
5488 5564
5489 5565 vec->zvec_name = name;
5490 5566 vec->zvec_func = func;
5491 5567 vec->zvec_secpolicy = secpolicy;
5492 5568 vec->zvec_namecheck = namecheck;
5493 5569 vec->zvec_pool_check = pool_check;
5494 5570 vec->zvec_smush_outnvlist = smush_outnvlist;
5495 5571 vec->zvec_allow_log = allow_log;
5496 5572 }
5497 5573
5498 5574 static void
5499 5575 zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5500 5576 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
5501 5577 zfs_ioc_poolcheck_t pool_check)
5502 5578 {
5503 5579 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5504 5580 POOL_NAME, log_history, pool_check);
5505 5581 }
5506 5582
5507 5583 static void
5508 5584 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5509 5585 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
5510 5586 {
5511 5587 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5512 5588 DATASET_NAME, B_FALSE, pool_check);
5513 5589 }
5514 5590
5515 5591 static void
5516 5592 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5517 5593 {
5518 5594 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
5519 5595 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5520 5596 }
5521 5597
5522 5598 static void
5523 5599 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5524 5600 zfs_secpolicy_func_t *secpolicy)
5525 5601 {
5526 5602 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5527 5603 NO_NAME, B_FALSE, POOL_CHECK_NONE);
5528 5604 }
5529 5605
5530 5606 static void
5531 5607 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
5532 5608 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
5533 5609 {
5534 5610 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5535 5611 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
5536 5612 }
5537 5613
5538 5614 static void
5539 5615 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5540 5616 {
5541 5617 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
5542 5618 zfs_secpolicy_read);
5543 5619 }
5544 5620
5545 5621 static void
5546 5622 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5547 5623 zfs_secpolicy_func_t *secpolicy)
5548 5624 {
5549 5625 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5550 5626 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5551 5627 }
5552 5628
5553 5629 static void
5554 5630 zfs_ioctl_init(void)
5555 5631 {
5556 5632 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
5557 5633 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
5558 5634 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5559 5635
5560 5636 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
5561 5637 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
5562 5638 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE);
5563 5639
5564 5640 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
5565 5641 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
5566 5642 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5567 5643
5568 5644 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
5569 5645 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
5570 5646 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5571 5647
5572 5648 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
5573 5649 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
5574 5650 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5575 5651
5576 5652 zfs_ioctl_register("create", ZFS_IOC_CREATE,
5577 5653 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
5578 5654 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5579 5655
5580 5656 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
5581 5657 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
5582 5658 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5583 5659
5584 5660 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
5585 5661 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
5586 5662 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5587 5663
5588 5664 zfs_ioctl_register("hold", ZFS_IOC_HOLD,
5589 5665 zfs_ioc_hold, zfs_secpolicy_hold, POOL_NAME,
5590 5666 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5591 5667 zfs_ioctl_register("release", ZFS_IOC_RELEASE,
5592 5668 zfs_ioc_release, zfs_secpolicy_release, POOL_NAME,
5593 5669 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5594 5670
5595 5671 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS,
5596 5672 zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME,
5597 5673 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5598 5674
5599 5675 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK,
5600 5676 zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME,
5601 5677 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_TRUE);
5602 5678
5603 5679 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK,
5604 5680 zfs_ioc_bookmark, zfs_secpolicy_bookmark, POOL_NAME,
5605 5681 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5606 5682
5607 5683 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS,
5608 5684 zfs_ioc_get_bookmarks, zfs_secpolicy_read, DATASET_NAME,
5609 5685 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5610 5686
5611 5687 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS,
5612 5688 zfs_ioc_destroy_bookmarks, zfs_secpolicy_destroy_bookmarks,
5613 5689 POOL_NAME,
5614 5690 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5615 5691
5616 5692 /* IOCTLS that use the legacy function signature */
5617 5693
5618 5694 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
5619 5695 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
5620 5696
5621 5697 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
5622 5698 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5623 5699 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
5624 5700 zfs_ioc_pool_scan);
5625 5701 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
5626 5702 zfs_ioc_pool_upgrade);
5627 5703 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
5628 5704 zfs_ioc_vdev_add);
5629 5705 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
5630 5706 zfs_ioc_vdev_remove);
5631 5707 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
5632 5708 zfs_ioc_vdev_set_state);
5633 5709 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
5634 5710 zfs_ioc_vdev_attach);
5635 5711 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
5636 5712 zfs_ioc_vdev_detach);
5637 5713 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
5638 5714 zfs_ioc_vdev_setpath);
5639 5715 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
5640 5716 zfs_ioc_vdev_setfru);
5641 5717 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
5642 5718 zfs_ioc_pool_set_props);
5643 5719 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
5644 5720 zfs_ioc_vdev_split);
5645 5721 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
5646 5722 zfs_ioc_pool_reguid);
5647 5723
5648 5724 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
5649 5725 zfs_ioc_pool_configs, zfs_secpolicy_none);
5650 5726 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
5651 5727 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
5652 5728 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
5653 5729 zfs_ioc_inject_fault, zfs_secpolicy_inject);
5654 5730 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
5655 5731 zfs_ioc_clear_fault, zfs_secpolicy_inject);
5656 5732 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
5657 5733 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
5658 5734
5659 5735 /*
5660 5736 * pool destroy, and export don't log the history as part of
5661 5737 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5662 5738 * does the logging of those commands.
5663 5739 */
5664 5740 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
5665 5741 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5666 5742 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
5667 5743 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5668 5744
5669 5745 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
5670 5746 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5671 5747 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
5672 5748 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5673 5749
5674 5750 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
5675 5751 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
5676 5752 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
5677 5753 zfs_ioc_dsobj_to_dsname,
5678 5754 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
5679 5755 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
5680 5756 zfs_ioc_pool_get_history,
5681 5757 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
5682 5758
5683 5759 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
5684 5760 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5685 5761
5686 5762 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
5687 5763 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5688 5764 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
5689 5765 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5690 5766
5691 5767 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
5692 5768 zfs_ioc_space_written);
5693 5769 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
5694 5770 zfs_ioc_objset_recvd_props);
5695 5771 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
5696 5772 zfs_ioc_next_obj);
5697 5773 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
5698 5774 zfs_ioc_get_fsacl);
5699 5775 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
5700 5776 zfs_ioc_objset_stats);
5701 5777 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
5702 5778 zfs_ioc_objset_zplprops);
5703 5779 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
5704 5780 zfs_ioc_dataset_list_next);
5705 5781 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
5706 5782 zfs_ioc_snapshot_list_next);
5707 5783 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
5708 5784 zfs_ioc_send_progress);
5709 5785
5710 5786 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
5711 5787 zfs_ioc_diff, zfs_secpolicy_diff);
5712 5788 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
5713 5789 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
5714 5790 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
5715 5791 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
5716 5792 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
5717 5793 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
5718 5794 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
5719 5795 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
5720 5796 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
5721 5797 zfs_ioc_send, zfs_secpolicy_send);
5722 5798
5723 5799 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
5724 5800 zfs_secpolicy_none);
5725 5801 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
5726 5802 zfs_secpolicy_destroy);
5727 5803 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
5728 5804 zfs_secpolicy_rename);
5729 5805 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
5730 5806 zfs_secpolicy_recv);
5731 5807 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
5732 5808 zfs_secpolicy_promote);
5733 5809 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
5734 5810 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
5735 5811 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
5736 5812 zfs_secpolicy_set_fsacl);
5737 5813
5738 5814 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
5739 5815 zfs_secpolicy_share, POOL_CHECK_NONE);
5740 5816 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
5741 5817 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
5742 5818 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
5743 5819 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5744 5820 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5745 5821 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
5746 5822 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
5747 5823 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5748 5824 }
5749 5825
5750 5826 int
5751 5827 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5752 5828 zfs_ioc_poolcheck_t check)
5753 5829 {
5754 5830 spa_t *spa;
5755 5831 int error;
5756 5832
5757 5833 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5758 5834
5759 5835 if (check & POOL_CHECK_NONE)
5760 5836 return (0);
5761 5837
5762 5838 error = spa_open(name, &spa, FTAG);
5763 5839 if (error == 0) {
5764 5840 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5765 5841 error = SET_ERROR(EAGAIN);
5766 5842 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5767 5843 error = SET_ERROR(EROFS);
5768 5844 spa_close(spa, FTAG);
5769 5845 }
5770 5846 return (error);
5771 5847 }
5772 5848
5773 5849 /*
5774 5850 * Find a free minor number.
5775 5851 */
5776 5852 minor_t
5777 5853 zfsdev_minor_alloc(void)
5778 5854 {
5779 5855 static minor_t last_minor;
5780 5856 minor_t m;
5781 5857
5782 5858 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5783 5859
5784 5860 for (m = last_minor + 1; m != last_minor; m++) {
5785 5861 if (m > ZFSDEV_MAX_MINOR)
5786 5862 m = 1;
5787 5863 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5788 5864 last_minor = m;
5789 5865 return (m);
5790 5866 }
5791 5867 }
5792 5868
5793 5869 return (0);
5794 5870 }
5795 5871
5796 5872 static int
5797 5873 zfs_ctldev_init(dev_t *devp)
5798 5874 {
5799 5875 minor_t minor;
5800 5876 zfs_soft_state_t *zs;
5801 5877
5802 5878 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5803 5879 ASSERT(getminor(*devp) == 0);
5804 5880
5805 5881 minor = zfsdev_minor_alloc();
5806 5882 if (minor == 0)
5807 5883 return (SET_ERROR(ENXIO));
5808 5884
5809 5885 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5810 5886 return (SET_ERROR(EAGAIN));
5811 5887
5812 5888 *devp = makedevice(getemajor(*devp), minor);
5813 5889
5814 5890 zs = ddi_get_soft_state(zfsdev_state, minor);
5815 5891 zs->zss_type = ZSST_CTLDEV;
5816 5892 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5817 5893
5818 5894 return (0);
5819 5895 }
5820 5896
5821 5897 static void
5822 5898 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5823 5899 {
5824 5900 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5825 5901
5826 5902 zfs_onexit_destroy(zo);
5827 5903 ddi_soft_state_free(zfsdev_state, minor);
5828 5904 }
5829 5905
5830 5906 void *
5831 5907 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5832 5908 {
5833 5909 zfs_soft_state_t *zp;
5834 5910
5835 5911 zp = ddi_get_soft_state(zfsdev_state, minor);
5836 5912 if (zp == NULL || zp->zss_type != which)
5837 5913 return (NULL);
5838 5914
5839 5915 return (zp->zss_data);
5840 5916 }
5841 5917
5842 5918 static int
5843 5919 zfsdev_open(dev_t *devp, int flag, int otyp, cred_t *cr)
5844 5920 {
5845 5921 int error = 0;
5846 5922
5847 5923 if (getminor(*devp) != 0)
5848 5924 return (zvol_open(devp, flag, otyp, cr));
5849 5925
5850 5926 /* This is the control device. Allocate a new minor if requested. */
5851 5927 if (flag & FEXCL) {
5852 5928 mutex_enter(&zfsdev_state_lock);
5853 5929 error = zfs_ctldev_init(devp);
5854 5930 mutex_exit(&zfsdev_state_lock);
5855 5931 }
5856 5932
5857 5933 return (error);
5858 5934 }
5859 5935
5860 5936 static int
5861 5937 zfsdev_close(dev_t dev, int flag, int otyp, cred_t *cr)
5862 5938 {
5863 5939 zfs_onexit_t *zo;
5864 5940 minor_t minor = getminor(dev);
5865 5941
5866 5942 if (minor == 0)
5867 5943 return (0);
5868 5944
5869 5945 mutex_enter(&zfsdev_state_lock);
5870 5946 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5871 5947 if (zo == NULL) {
5872 5948 mutex_exit(&zfsdev_state_lock);
5873 5949 return (zvol_close(dev, flag, otyp, cr));
5874 5950 }
5875 5951 zfs_ctldev_destroy(zo, minor);
5876 5952 mutex_exit(&zfsdev_state_lock);
5877 5953
5878 5954 return (0);
5879 5955 }
5880 5956
5881 5957 static int
5882 5958 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp)
5883 5959 {
5884 5960 zfs_cmd_t *zc;
5885 5961 uint_t vecnum;
5886 5962 int error, rc, len;
5887 5963 minor_t minor = getminor(dev);
5888 5964 const zfs_ioc_vec_t *vec;
5889 5965 char *saved_poolname = NULL;
5890 5966 nvlist_t *innvl = NULL;
5891 5967
5892 5968 if (minor != 0 &&
5893 5969 zfsdev_get_soft_state(minor, ZSST_CTLDEV) == NULL)
5894 5970 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp));
5895 5971
5896 5972 vecnum = cmd - ZFS_IOC_FIRST;
5897 5973 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip));
5898 5974
5899 5975 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5900 5976 return (SET_ERROR(EINVAL));
5901 5977 vec = &zfs_ioc_vec[vecnum];
5902 5978
5903 5979 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
5904 5980
5905 5981 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5906 5982 if (error != 0) {
5907 5983 error = SET_ERROR(EFAULT);
5908 5984 goto out;
5909 5985 }
5910 5986
5911 5987 zc->zc_iflags = flag & FKIOCTL;
5912 5988 if (zc->zc_nvlist_src_size != 0) {
5913 5989 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
5914 5990 zc->zc_iflags, &innvl);
5915 5991 if (error != 0)
5916 5992 goto out;
5917 5993 }
5918 5994
5919 5995 /*
5920 5996 * Ensure that all pool/dataset names are valid before we pass down to
5921 5997 * the lower layers.
5922 5998 */
5923 5999 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5924 6000 switch (vec->zvec_namecheck) {
5925 6001 case POOL_NAME:
5926 6002 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5927 6003 error = SET_ERROR(EINVAL);
5928 6004 else
5929 6005 error = pool_status_check(zc->zc_name,
5930 6006 vec->zvec_namecheck, vec->zvec_pool_check);
5931 6007 break;
5932 6008
5933 6009 case DATASET_NAME:
5934 6010 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5935 6011 error = SET_ERROR(EINVAL);
5936 6012 else
5937 6013 error = pool_status_check(zc->zc_name,
5938 6014 vec->zvec_namecheck, vec->zvec_pool_check);
5939 6015 break;
5940 6016
5941 6017 case NO_NAME:
5942 6018 break;
5943 6019 }
5944 6020
5945 6021
5946 6022 if (error == 0 && !(flag & FKIOCTL))
5947 6023 error = vec->zvec_secpolicy(zc, innvl, cr);
5948 6024
5949 6025 if (error != 0)
5950 6026 goto out;
5951 6027
5952 6028 /* legacy ioctls can modify zc_name */
5953 6029 len = strcspn(zc->zc_name, "/@#") + 1;
5954 6030 saved_poolname = kmem_alloc(len, KM_SLEEP);
5955 6031 (void) strlcpy(saved_poolname, zc->zc_name, len);
5956 6032
5957 6033 if (vec->zvec_func != NULL) {
5958 6034 nvlist_t *outnvl;
5959 6035 int puterror = 0;
5960 6036 spa_t *spa;
5961 6037 nvlist_t *lognv = NULL;
5962 6038
5963 6039 ASSERT(vec->zvec_legacy_func == NULL);
5964 6040
5965 6041 /*
5966 6042 * Add the innvl to the lognv before calling the func,
5967 6043 * in case the func changes the innvl.
5968 6044 */
5969 6045 if (vec->zvec_allow_log) {
5970 6046 lognv = fnvlist_alloc();
5971 6047 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
5972 6048 vec->zvec_name);
5973 6049 if (!nvlist_empty(innvl)) {
5974 6050 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
5975 6051 innvl);
5976 6052 }
5977 6053 }
5978 6054
5979 6055 outnvl = fnvlist_alloc();
5980 6056 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
5981 6057
5982 6058 if (error == 0 && vec->zvec_allow_log &&
5983 6059 spa_open(zc->zc_name, &spa, FTAG) == 0) {
5984 6060 if (!nvlist_empty(outnvl)) {
5985 6061 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
5986 6062 outnvl);
5987 6063 }
5988 6064 (void) spa_history_log_nvl(spa, lognv);
5989 6065 spa_close(spa, FTAG);
5990 6066 }
5991 6067 fnvlist_free(lognv);
5992 6068
5993 6069 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
5994 6070 int smusherror = 0;
5995 6071 if (vec->zvec_smush_outnvlist) {
5996 6072 smusherror = nvlist_smush(outnvl,
5997 6073 zc->zc_nvlist_dst_size);
5998 6074 }
5999 6075 if (smusherror == 0)
6000 6076 puterror = put_nvlist(zc, outnvl);
6001 6077 }
6002 6078
6003 6079 if (puterror != 0)
6004 6080 error = puterror;
6005 6081
6006 6082 nvlist_free(outnvl);
6007 6083 } else {
6008 6084 error = vec->zvec_legacy_func(zc);
6009 6085 }
6010 6086
6011 6087 out:
6012 6088 nvlist_free(innvl);
6013 6089 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
6014 6090 if (error == 0 && rc != 0)
6015 6091 error = SET_ERROR(EFAULT);
6016 6092 if (error == 0 && vec->zvec_allow_log) {
6017 6093 char *s = tsd_get(zfs_allow_log_key);
6018 6094 if (s != NULL)
6019 6095 strfree(s);
6020 6096 (void) tsd_set(zfs_allow_log_key, saved_poolname);
6021 6097 } else {
6022 6098 if (saved_poolname != NULL)
6023 6099 strfree(saved_poolname);
6024 6100 }
6025 6101
6026 6102 kmem_free(zc, sizeof (zfs_cmd_t));
6027 6103 return (error);
6028 6104 }
6029 6105
6030 6106 static int
6031 6107 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
6032 6108 {
6033 6109 if (cmd != DDI_ATTACH)
6034 6110 return (DDI_FAILURE);
6035 6111
6036 6112 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
6037 6113 DDI_PSEUDO, 0) == DDI_FAILURE)
6038 6114 return (DDI_FAILURE);
6039 6115
6040 6116 zfs_dip = dip;
6041 6117
6042 6118 ddi_report_dev(dip);
6043 6119
6044 6120 return (DDI_SUCCESS);
6045 6121 }
6046 6122
6047 6123 static int
6048 6124 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
6049 6125 {
6050 6126 if (spa_busy() || zfs_busy() || zvol_busy())
6051 6127 return (DDI_FAILURE);
6052 6128
6053 6129 if (cmd != DDI_DETACH)
6054 6130 return (DDI_FAILURE);
6055 6131
6056 6132 zfs_dip = NULL;
6057 6133
6058 6134 ddi_prop_remove_all(dip);
6059 6135 ddi_remove_minor_node(dip, NULL);
6060 6136
6061 6137 return (DDI_SUCCESS);
6062 6138 }
6063 6139
6064 6140 /*ARGSUSED*/
6065 6141 static int
6066 6142 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
6067 6143 {
6068 6144 switch (infocmd) {
6069 6145 case DDI_INFO_DEVT2DEVINFO:
6070 6146 *result = zfs_dip;
6071 6147 return (DDI_SUCCESS);
6072 6148
6073 6149 case DDI_INFO_DEVT2INSTANCE:
6074 6150 *result = (void *)0;
6075 6151 return (DDI_SUCCESS);
6076 6152 }
6077 6153
6078 6154 return (DDI_FAILURE);
6079 6155 }
6080 6156
6081 6157 /*
6082 6158 * OK, so this is a little weird.
6083 6159 *
6084 6160 * /dev/zfs is the control node, i.e. minor 0.
6085 6161 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
6086 6162 *
6087 6163 * /dev/zfs has basically nothing to do except serve up ioctls,
6088 6164 * so most of the standard driver entry points are in zvol.c.
6089 6165 */
6090 6166 static struct cb_ops zfs_cb_ops = {
6091 6167 zfsdev_open, /* open */
6092 6168 zfsdev_close, /* close */
6093 6169 zvol_strategy, /* strategy */
6094 6170 nodev, /* print */
6095 6171 zvol_dump, /* dump */
6096 6172 zvol_read, /* read */
6097 6173 zvol_write, /* write */
6098 6174 zfsdev_ioctl, /* ioctl */
6099 6175 nodev, /* devmap */
6100 6176 nodev, /* mmap */
6101 6177 nodev, /* segmap */
6102 6178 nochpoll, /* poll */
6103 6179 ddi_prop_op, /* prop_op */
6104 6180 NULL, /* streamtab */
6105 6181 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
6106 6182 CB_REV, /* version */
6107 6183 nodev, /* async read */
6108 6184 nodev, /* async write */
6109 6185 };
6110 6186
6111 6187 static struct dev_ops zfs_dev_ops = {
6112 6188 DEVO_REV, /* version */
6113 6189 0, /* refcnt */
6114 6190 zfs_info, /* info */
6115 6191 nulldev, /* identify */
6116 6192 nulldev, /* probe */
6117 6193 zfs_attach, /* attach */
6118 6194 zfs_detach, /* detach */
6119 6195 nodev, /* reset */
6120 6196 &zfs_cb_ops, /* driver operations */
6121 6197 NULL, /* no bus operations */
6122 6198 NULL, /* power */
6123 6199 ddi_quiesce_not_needed, /* quiesce */
6124 6200 };
6125 6201
6126 6202 static struct modldrv zfs_modldrv = {
6127 6203 &mod_driverops,
6128 6204 "ZFS storage pool",
6129 6205 &zfs_dev_ops
6130 6206 };
6131 6207
6132 6208 static struct modlinkage modlinkage = {
6133 6209 MODREV_1,
6134 6210 (void *)&zfs_modlfs,
6135 6211 (void *)&zfs_modldrv,
6136 6212 NULL
6137 6213 };
6138 6214
6139 6215 static void
6140 6216 zfs_allow_log_destroy(void *arg)
6141 6217 {
6142 6218 char *poolname = arg;
6143 6219 strfree(poolname);
6144 6220 }
6145 6221
6146 6222 int
6147 6223 _init(void)
6148 6224 {
6149 6225 int error;
6150 6226
6151 6227 spa_init(FREAD | FWRITE);
6152 6228 zfs_init();
6153 6229 zvol_init();
6154 6230 zfs_ioctl_init();
6155 6231
6156 6232 if ((error = mod_install(&modlinkage)) != 0) {
6157 6233 zvol_fini();
6158 6234 zfs_fini();
6159 6235 spa_fini();
6160 6236 return (error);
6161 6237 }
6162 6238
6163 6239 tsd_create(&zfs_fsyncer_key, NULL);
6164 6240 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
6165 6241 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
6166 6242
6167 6243 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
6168 6244 ASSERT(error == 0);
6169 6245 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
6170 6246
6171 6247 return (0);
6172 6248 }
6173 6249
6174 6250 int
6175 6251 _fini(void)
6176 6252 {
6177 6253 int error;
6178 6254
6179 6255 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
6180 6256 return (SET_ERROR(EBUSY));
6181 6257
6182 6258 if ((error = mod_remove(&modlinkage)) != 0)
6183 6259 return (error);
6184 6260
6185 6261 zvol_fini();
6186 6262 zfs_fini();
6187 6263 spa_fini();
6188 6264 if (zfs_nfsshare_inited)
6189 6265 (void) ddi_modclose(nfs_mod);
6190 6266 if (zfs_smbshare_inited)
6191 6267 (void) ddi_modclose(smbsrv_mod);
6192 6268 if (zfs_nfsshare_inited || zfs_smbshare_inited)
6193 6269 (void) ddi_modclose(sharefs_mod);
6194 6270
6195 6271 tsd_destroy(&zfs_fsyncer_key);
6196 6272 ldi_ident_release(zfs_li);
6197 6273 zfs_li = NULL;
6198 6274 mutex_destroy(&zfs_share_lock);
6199 6275
6200 6276 return (error);
6201 6277 }
6202 6278
6203 6279 int
6204 6280 _info(struct modinfo *modinfop)
6205 6281 {
6206 6282 return (mod_info(&modlinkage, modinfop));
6207 6283 }
|
↓ open down ↓ |
1948 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX