Print this page
Use the LZ4 algorithm to compress metadata when the corresponding feature is enabled
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/zfs/zfs_ioctl.c
+++ new/usr/src/uts/common/fs/zfs/zfs_ioctl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
|
↓ open down ↓ |
19 lines elided |
↑ open up ↑ |
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Portions Copyright 2011 Martin Matuska
25 25 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
26 26 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
27 27 * Copyright (c) 2013 by Delphix. All rights reserved.
28 28 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
29 29 * Copyright (c) 2013 Steven Hartland. All rights reserved.
30 + * Copyright (c) 2014, Nexenta Systems, Inc. All rights reserved.
30 31 */
31 32
32 33 /*
33 34 * ZFS ioctls.
34 35 *
35 36 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
36 37 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
37 38 *
38 39 * There are two ways that we handle ioctls: the legacy way where almost
39 40 * all of the logic is in the ioctl callback, and the new way where most
40 41 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
41 42 *
42 43 * Non-legacy ioctls should be registered by calling
43 44 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
44 45 * from userland by lzc_ioctl().
45 46 *
46 47 * The registration arguments are as follows:
47 48 *
48 49 * const char *name
49 50 * The name of the ioctl. This is used for history logging. If the
50 51 * ioctl returns successfully (the callback returns 0), and allow_log
51 52 * is true, then a history log entry will be recorded with the input &
52 53 * output nvlists. The log entry can be printed with "zpool history -i".
53 54 *
54 55 * zfs_ioc_t ioc
55 56 * The ioctl request number, which userland will pass to ioctl(2).
56 57 * The ioctl numbers can change from release to release, because
57 58 * the caller (libzfs) must be matched to the kernel.
58 59 *
59 60 * zfs_secpolicy_func_t *secpolicy
60 61 * This function will be called before the zfs_ioc_func_t, to
61 62 * determine if this operation is permitted. It should return EPERM
62 63 * on failure, and 0 on success. Checks include determining if the
63 64 * dataset is visible in this zone, and if the user has either all
64 65 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
65 66 * to do this operation on this dataset with "zfs allow".
66 67 *
67 68 * zfs_ioc_namecheck_t namecheck
68 69 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
69 70 * name, a dataset name, or nothing. If the name is not well-formed,
70 71 * the ioctl will fail and the callback will not be called.
71 72 * Therefore, the callback can assume that the name is well-formed
72 73 * (e.g. is null-terminated, doesn't have more than one '@' character,
73 74 * doesn't have invalid characters).
74 75 *
75 76 * zfs_ioc_poolcheck_t pool_check
76 77 * This specifies requirements on the pool state. If the pool does
77 78 * not meet them (is suspended or is readonly), the ioctl will fail
78 79 * and the callback will not be called. If any checks are specified
79 80 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
80 81 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
81 82 * POOL_CHECK_READONLY).
82 83 *
83 84 * boolean_t smush_outnvlist
84 85 * If smush_outnvlist is true, then the output is presumed to be a
85 86 * list of errors, and it will be "smushed" down to fit into the
86 87 * caller's buffer, by removing some entries and replacing them with a
87 88 * single "N_MORE_ERRORS" entry indicating how many were removed. See
88 89 * nvlist_smush() for details. If smush_outnvlist is false, and the
89 90 * outnvlist does not fit into the userland-provided buffer, then the
90 91 * ioctl will fail with ENOMEM.
91 92 *
92 93 * zfs_ioc_func_t *func
93 94 * The callback function that will perform the operation.
94 95 *
95 96 * The callback should return 0 on success, or an error number on
96 97 * failure. If the function fails, the userland ioctl will return -1,
97 98 * and errno will be set to the callback's return value. The callback
98 99 * will be called with the following arguments:
99 100 *
100 101 * const char *name
101 102 * The name of the pool or dataset to operate on, from
102 103 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
103 104 * expected type (pool, dataset, or none).
104 105 *
105 106 * nvlist_t *innvl
106 107 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
107 108 * NULL if no input nvlist was provided. Changes to this nvlist are
108 109 * ignored. If the input nvlist could not be deserialized, the
109 110 * ioctl will fail and the callback will not be called.
110 111 *
111 112 * nvlist_t *outnvl
112 113 * The output nvlist, initially empty. The callback can fill it in,
113 114 * and it will be returned to userland by serializing it into
114 115 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
115 116 * fails (e.g. because the caller didn't supply a large enough
116 117 * buffer), then the overall ioctl will fail. See the
117 118 * 'smush_nvlist' argument above for additional behaviors.
118 119 *
119 120 * There are two typical uses of the output nvlist:
120 121 * - To return state, e.g. property values. In this case,
121 122 * smush_outnvlist should be false. If the buffer was not large
122 123 * enough, the caller will reallocate a larger buffer and try
123 124 * the ioctl again.
124 125 *
125 126 * - To return multiple errors from an ioctl which makes on-disk
126 127 * changes. In this case, smush_outnvlist should be true.
127 128 * Ioctls which make on-disk modifications should generally not
128 129 * use the outnvl if they succeed, because the caller can not
129 130 * distinguish between the operation failing, and
130 131 * deserialization failing.
131 132 */
132 133
133 134 #include <sys/types.h>
134 135 #include <sys/param.h>
135 136 #include <sys/errno.h>
136 137 #include <sys/uio.h>
137 138 #include <sys/buf.h>
138 139 #include <sys/modctl.h>
139 140 #include <sys/open.h>
140 141 #include <sys/file.h>
141 142 #include <sys/kmem.h>
142 143 #include <sys/conf.h>
143 144 #include <sys/cmn_err.h>
144 145 #include <sys/stat.h>
145 146 #include <sys/zfs_ioctl.h>
146 147 #include <sys/zfs_vfsops.h>
147 148 #include <sys/zfs_znode.h>
148 149 #include <sys/zap.h>
149 150 #include <sys/spa.h>
150 151 #include <sys/spa_impl.h>
151 152 #include <sys/vdev.h>
152 153 #include <sys/priv_impl.h>
153 154 #include <sys/dmu.h>
154 155 #include <sys/dsl_dir.h>
155 156 #include <sys/dsl_dataset.h>
156 157 #include <sys/dsl_prop.h>
157 158 #include <sys/dsl_deleg.h>
158 159 #include <sys/dmu_objset.h>
159 160 #include <sys/dmu_impl.h>
160 161 #include <sys/dmu_tx.h>
161 162 #include <sys/ddi.h>
162 163 #include <sys/sunddi.h>
163 164 #include <sys/sunldi.h>
164 165 #include <sys/policy.h>
165 166 #include <sys/zone.h>
166 167 #include <sys/nvpair.h>
167 168 #include <sys/pathname.h>
168 169 #include <sys/mount.h>
169 170 #include <sys/sdt.h>
170 171 #include <sys/fs/zfs.h>
171 172 #include <sys/zfs_ctldir.h>
172 173 #include <sys/zfs_dir.h>
173 174 #include <sys/zfs_onexit.h>
174 175 #include <sys/zvol.h>
175 176 #include <sys/dsl_scan.h>
176 177 #include <sharefs/share.h>
177 178 #include <sys/dmu_objset.h>
178 179 #include <sys/dmu_send.h>
179 180 #include <sys/dsl_destroy.h>
180 181 #include <sys/dsl_bookmark.h>
181 182 #include <sys/dsl_userhold.h>
182 183 #include <sys/zfeature.h>
183 184
184 185 #include "zfs_namecheck.h"
185 186 #include "zfs_prop.h"
186 187 #include "zfs_deleg.h"
187 188 #include "zfs_comutil.h"
188 189
189 190 extern struct modlfs zfs_modlfs;
190 191
191 192 extern void zfs_init(void);
192 193 extern void zfs_fini(void);
193 194
194 195 ldi_ident_t zfs_li = NULL;
195 196 dev_info_t *zfs_dip;
196 197
197 198 uint_t zfs_fsyncer_key;
198 199 extern uint_t rrw_tsd_key;
199 200 static uint_t zfs_allow_log_key;
200 201
201 202 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
202 203 typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
203 204 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
204 205
205 206 typedef enum {
206 207 NO_NAME,
207 208 POOL_NAME,
208 209 DATASET_NAME
209 210 } zfs_ioc_namecheck_t;
210 211
211 212 typedef enum {
212 213 POOL_CHECK_NONE = 1 << 0,
213 214 POOL_CHECK_SUSPENDED = 1 << 1,
214 215 POOL_CHECK_READONLY = 1 << 2,
215 216 } zfs_ioc_poolcheck_t;
216 217
217 218 typedef struct zfs_ioc_vec {
218 219 zfs_ioc_legacy_func_t *zvec_legacy_func;
219 220 zfs_ioc_func_t *zvec_func;
220 221 zfs_secpolicy_func_t *zvec_secpolicy;
221 222 zfs_ioc_namecheck_t zvec_namecheck;
222 223 boolean_t zvec_allow_log;
223 224 zfs_ioc_poolcheck_t zvec_pool_check;
224 225 boolean_t zvec_smush_outnvlist;
225 226 const char *zvec_name;
226 227 } zfs_ioc_vec_t;
227 228
228 229 /* This array is indexed by zfs_userquota_prop_t */
229 230 static const char *userquota_perms[] = {
230 231 ZFS_DELEG_PERM_USERUSED,
231 232 ZFS_DELEG_PERM_USERQUOTA,
232 233 ZFS_DELEG_PERM_GROUPUSED,
233 234 ZFS_DELEG_PERM_GROUPQUOTA,
234 235 };
235 236
236 237 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
237 238 static int zfs_check_settable(const char *name, nvpair_t *property,
238 239 cred_t *cr);
239 240 static int zfs_check_clearable(char *dataset, nvlist_t *props,
240 241 nvlist_t **errors);
241 242 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
242 243 boolean_t *);
243 244 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
244 245 static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
245 246
246 247 static int zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature);
247 248
248 249 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
249 250 void
250 251 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
251 252 {
252 253 const char *newfile;
253 254 char buf[512];
254 255 va_list adx;
255 256
256 257 /*
257 258 * Get rid of annoying "../common/" prefix to filename.
258 259 */
259 260 newfile = strrchr(file, '/');
260 261 if (newfile != NULL) {
261 262 newfile = newfile + 1; /* Get rid of leading / */
262 263 } else {
263 264 newfile = file;
264 265 }
265 266
266 267 va_start(adx, fmt);
267 268 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
268 269 va_end(adx);
269 270
270 271 /*
271 272 * To get this data, use the zfs-dprintf probe as so:
272 273 * dtrace -q -n 'zfs-dprintf \
273 274 * /stringof(arg0) == "dbuf.c"/ \
274 275 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
275 276 * arg0 = file name
276 277 * arg1 = function name
277 278 * arg2 = line number
278 279 * arg3 = message
279 280 */
280 281 DTRACE_PROBE4(zfs__dprintf,
281 282 char *, newfile, char *, func, int, line, char *, buf);
282 283 }
283 284
284 285 static void
285 286 history_str_free(char *buf)
286 287 {
287 288 kmem_free(buf, HIS_MAX_RECORD_LEN);
288 289 }
289 290
290 291 static char *
291 292 history_str_get(zfs_cmd_t *zc)
292 293 {
293 294 char *buf;
294 295
295 296 if (zc->zc_history == NULL)
296 297 return (NULL);
297 298
298 299 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
299 300 if (copyinstr((void *)(uintptr_t)zc->zc_history,
300 301 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
301 302 history_str_free(buf);
302 303 return (NULL);
303 304 }
304 305
305 306 buf[HIS_MAX_RECORD_LEN -1] = '\0';
306 307
307 308 return (buf);
308 309 }
309 310
310 311 /*
311 312 * Check to see if the named dataset is currently defined as bootable
312 313 */
313 314 static boolean_t
314 315 zfs_is_bootfs(const char *name)
315 316 {
316 317 objset_t *os;
317 318
318 319 if (dmu_objset_hold(name, FTAG, &os) == 0) {
319 320 boolean_t ret;
320 321 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
321 322 dmu_objset_rele(os, FTAG);
322 323 return (ret);
323 324 }
324 325 return (B_FALSE);
325 326 }
326 327
327 328 /*
328 329 * Return non-zero if the spa version is less than requested version.
329 330 */
330 331 static int
331 332 zfs_earlier_version(const char *name, int version)
332 333 {
333 334 spa_t *spa;
334 335
335 336 if (spa_open(name, &spa, FTAG) == 0) {
336 337 if (spa_version(spa) < version) {
337 338 spa_close(spa, FTAG);
338 339 return (1);
339 340 }
340 341 spa_close(spa, FTAG);
341 342 }
342 343 return (0);
343 344 }
344 345
345 346 /*
346 347 * Return TRUE if the ZPL version is less than requested version.
347 348 */
348 349 static boolean_t
349 350 zpl_earlier_version(const char *name, int version)
350 351 {
351 352 objset_t *os;
352 353 boolean_t rc = B_TRUE;
353 354
354 355 if (dmu_objset_hold(name, FTAG, &os) == 0) {
355 356 uint64_t zplversion;
356 357
357 358 if (dmu_objset_type(os) != DMU_OST_ZFS) {
358 359 dmu_objset_rele(os, FTAG);
359 360 return (B_TRUE);
360 361 }
361 362 /* XXX reading from non-owned objset */
362 363 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
363 364 rc = zplversion < version;
364 365 dmu_objset_rele(os, FTAG);
365 366 }
366 367 return (rc);
367 368 }
368 369
369 370 static void
370 371 zfs_log_history(zfs_cmd_t *zc)
371 372 {
372 373 spa_t *spa;
373 374 char *buf;
374 375
375 376 if ((buf = history_str_get(zc)) == NULL)
376 377 return;
377 378
378 379 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
379 380 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
380 381 (void) spa_history_log(spa, buf);
381 382 spa_close(spa, FTAG);
382 383 }
383 384 history_str_free(buf);
384 385 }
385 386
386 387 /*
387 388 * Policy for top-level read operations (list pools). Requires no privileges,
388 389 * and can be used in the local zone, as there is no associated dataset.
389 390 */
390 391 /* ARGSUSED */
391 392 static int
392 393 zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
393 394 {
394 395 return (0);
395 396 }
396 397
397 398 /*
398 399 * Policy for dataset read operations (list children, get statistics). Requires
399 400 * no privileges, but must be visible in the local zone.
400 401 */
401 402 /* ARGSUSED */
402 403 static int
403 404 zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
404 405 {
405 406 if (INGLOBALZONE(curproc) ||
406 407 zone_dataset_visible(zc->zc_name, NULL))
407 408 return (0);
408 409
409 410 return (SET_ERROR(ENOENT));
410 411 }
411 412
412 413 static int
413 414 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
414 415 {
415 416 int writable = 1;
416 417
417 418 /*
418 419 * The dataset must be visible by this zone -- check this first
419 420 * so they don't see EPERM on something they shouldn't know about.
420 421 */
421 422 if (!INGLOBALZONE(curproc) &&
422 423 !zone_dataset_visible(dataset, &writable))
423 424 return (SET_ERROR(ENOENT));
424 425
425 426 if (INGLOBALZONE(curproc)) {
426 427 /*
427 428 * If the fs is zoned, only root can access it from the
428 429 * global zone.
429 430 */
430 431 if (secpolicy_zfs(cr) && zoned)
431 432 return (SET_ERROR(EPERM));
432 433 } else {
433 434 /*
434 435 * If we are in a local zone, the 'zoned' property must be set.
435 436 */
436 437 if (!zoned)
437 438 return (SET_ERROR(EPERM));
438 439
439 440 /* must be writable by this zone */
440 441 if (!writable)
441 442 return (SET_ERROR(EPERM));
442 443 }
443 444 return (0);
444 445 }
445 446
446 447 static int
447 448 zfs_dozonecheck(const char *dataset, cred_t *cr)
448 449 {
449 450 uint64_t zoned;
450 451
451 452 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
452 453 return (SET_ERROR(ENOENT));
453 454
454 455 return (zfs_dozonecheck_impl(dataset, zoned, cr));
455 456 }
456 457
457 458 static int
458 459 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
459 460 {
460 461 uint64_t zoned;
461 462
462 463 if (dsl_prop_get_int_ds(ds, "zoned", &zoned))
463 464 return (SET_ERROR(ENOENT));
464 465
465 466 return (zfs_dozonecheck_impl(dataset, zoned, cr));
466 467 }
467 468
468 469 static int
469 470 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
470 471 const char *perm, cred_t *cr)
471 472 {
472 473 int error;
473 474
474 475 error = zfs_dozonecheck_ds(name, ds, cr);
475 476 if (error == 0) {
476 477 error = secpolicy_zfs(cr);
477 478 if (error != 0)
478 479 error = dsl_deleg_access_impl(ds, perm, cr);
479 480 }
480 481 return (error);
481 482 }
482 483
483 484 static int
484 485 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
485 486 {
486 487 int error;
487 488 dsl_dataset_t *ds;
488 489 dsl_pool_t *dp;
489 490
490 491 error = dsl_pool_hold(name, FTAG, &dp);
491 492 if (error != 0)
492 493 return (error);
493 494
494 495 error = dsl_dataset_hold(dp, name, FTAG, &ds);
495 496 if (error != 0) {
496 497 dsl_pool_rele(dp, FTAG);
497 498 return (error);
498 499 }
499 500
500 501 error = zfs_secpolicy_write_perms_ds(name, ds, perm, cr);
501 502
502 503 dsl_dataset_rele(ds, FTAG);
503 504 dsl_pool_rele(dp, FTAG);
504 505 return (error);
505 506 }
506 507
507 508 /*
508 509 * Policy for setting the security label property.
509 510 *
510 511 * Returns 0 for success, non-zero for access and other errors.
511 512 */
512 513 static int
513 514 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
514 515 {
515 516 char ds_hexsl[MAXNAMELEN];
516 517 bslabel_t ds_sl, new_sl;
517 518 boolean_t new_default = FALSE;
518 519 uint64_t zoned;
519 520 int needed_priv = -1;
520 521 int error;
521 522
522 523 /* First get the existing dataset label. */
523 524 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
524 525 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
525 526 if (error != 0)
526 527 return (SET_ERROR(EPERM));
527 528
528 529 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
529 530 new_default = TRUE;
530 531
531 532 /* The label must be translatable */
532 533 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
533 534 return (SET_ERROR(EINVAL));
534 535
535 536 /*
536 537 * In a non-global zone, disallow attempts to set a label that
537 538 * doesn't match that of the zone; otherwise no other checks
538 539 * are needed.
539 540 */
540 541 if (!INGLOBALZONE(curproc)) {
541 542 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
542 543 return (SET_ERROR(EPERM));
543 544 return (0);
544 545 }
545 546
546 547 /*
547 548 * For global-zone datasets (i.e., those whose zoned property is
548 549 * "off", verify that the specified new label is valid for the
549 550 * global zone.
550 551 */
551 552 if (dsl_prop_get_integer(name,
552 553 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
553 554 return (SET_ERROR(EPERM));
554 555 if (!zoned) {
555 556 if (zfs_check_global_label(name, strval) != 0)
556 557 return (SET_ERROR(EPERM));
557 558 }
558 559
559 560 /*
560 561 * If the existing dataset label is nondefault, check if the
561 562 * dataset is mounted (label cannot be changed while mounted).
562 563 * Get the zfsvfs; if there isn't one, then the dataset isn't
563 564 * mounted (or isn't a dataset, doesn't exist, ...).
564 565 */
565 566 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
566 567 objset_t *os;
567 568 static char *setsl_tag = "setsl_tag";
568 569
569 570 /*
570 571 * Try to own the dataset; abort if there is any error,
571 572 * (e.g., already mounted, in use, or other error).
572 573 */
573 574 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
574 575 setsl_tag, &os);
575 576 if (error != 0)
576 577 return (SET_ERROR(EPERM));
577 578
578 579 dmu_objset_disown(os, setsl_tag);
579 580
580 581 if (new_default) {
581 582 needed_priv = PRIV_FILE_DOWNGRADE_SL;
582 583 goto out_check;
583 584 }
584 585
585 586 if (hexstr_to_label(strval, &new_sl) != 0)
586 587 return (SET_ERROR(EPERM));
587 588
588 589 if (blstrictdom(&ds_sl, &new_sl))
589 590 needed_priv = PRIV_FILE_DOWNGRADE_SL;
590 591 else if (blstrictdom(&new_sl, &ds_sl))
591 592 needed_priv = PRIV_FILE_UPGRADE_SL;
592 593 } else {
593 594 /* dataset currently has a default label */
594 595 if (!new_default)
595 596 needed_priv = PRIV_FILE_UPGRADE_SL;
596 597 }
597 598
598 599 out_check:
599 600 if (needed_priv != -1)
600 601 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
601 602 return (0);
602 603 }
603 604
604 605 static int
605 606 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
606 607 cred_t *cr)
607 608 {
608 609 char *strval;
609 610
610 611 /*
611 612 * Check permissions for special properties.
612 613 */
613 614 switch (prop) {
614 615 case ZFS_PROP_ZONED:
615 616 /*
616 617 * Disallow setting of 'zoned' from within a local zone.
617 618 */
618 619 if (!INGLOBALZONE(curproc))
619 620 return (SET_ERROR(EPERM));
620 621 break;
621 622
622 623 case ZFS_PROP_QUOTA:
623 624 case ZFS_PROP_FILESYSTEM_LIMIT:
624 625 case ZFS_PROP_SNAPSHOT_LIMIT:
625 626 if (!INGLOBALZONE(curproc)) {
626 627 uint64_t zoned;
627 628 char setpoint[MAXNAMELEN];
628 629 /*
629 630 * Unprivileged users are allowed to modify the
630 631 * limit on things *under* (ie. contained by)
631 632 * the thing they own.
632 633 */
633 634 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
634 635 setpoint))
635 636 return (SET_ERROR(EPERM));
636 637 if (!zoned || strlen(dsname) <= strlen(setpoint))
637 638 return (SET_ERROR(EPERM));
638 639 }
639 640 break;
640 641
641 642 case ZFS_PROP_MLSLABEL:
642 643 if (!is_system_labeled())
643 644 return (SET_ERROR(EPERM));
644 645
645 646 if (nvpair_value_string(propval, &strval) == 0) {
646 647 int err;
647 648
648 649 err = zfs_set_slabel_policy(dsname, strval, CRED());
649 650 if (err != 0)
650 651 return (err);
651 652 }
652 653 break;
653 654 }
654 655
655 656 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
656 657 }
657 658
658 659 /* ARGSUSED */
659 660 static int
660 661 zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
661 662 {
662 663 int error;
663 664
664 665 error = zfs_dozonecheck(zc->zc_name, cr);
665 666 if (error != 0)
666 667 return (error);
667 668
668 669 /*
669 670 * permission to set permissions will be evaluated later in
670 671 * dsl_deleg_can_allow()
671 672 */
672 673 return (0);
673 674 }
674 675
675 676 /* ARGSUSED */
676 677 static int
677 678 zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
678 679 {
679 680 return (zfs_secpolicy_write_perms(zc->zc_name,
680 681 ZFS_DELEG_PERM_ROLLBACK, cr));
681 682 }
682 683
683 684 /* ARGSUSED */
684 685 static int
685 686 zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
686 687 {
687 688 dsl_pool_t *dp;
688 689 dsl_dataset_t *ds;
689 690 char *cp;
690 691 int error;
691 692
692 693 /*
693 694 * Generate the current snapshot name from the given objsetid, then
694 695 * use that name for the secpolicy/zone checks.
695 696 */
696 697 cp = strchr(zc->zc_name, '@');
697 698 if (cp == NULL)
698 699 return (SET_ERROR(EINVAL));
699 700 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
700 701 if (error != 0)
701 702 return (error);
702 703
703 704 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
704 705 if (error != 0) {
705 706 dsl_pool_rele(dp, FTAG);
706 707 return (error);
707 708 }
708 709
709 710 dsl_dataset_name(ds, zc->zc_name);
710 711
711 712 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
712 713 ZFS_DELEG_PERM_SEND, cr);
713 714 dsl_dataset_rele(ds, FTAG);
714 715 dsl_pool_rele(dp, FTAG);
715 716
716 717 return (error);
717 718 }
718 719
719 720 /* ARGSUSED */
720 721 static int
721 722 zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
722 723 {
723 724 return (zfs_secpolicy_write_perms(zc->zc_name,
724 725 ZFS_DELEG_PERM_SEND, cr));
725 726 }
726 727
727 728 /* ARGSUSED */
728 729 static int
729 730 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
730 731 {
731 732 vnode_t *vp;
732 733 int error;
733 734
734 735 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
735 736 NO_FOLLOW, NULL, &vp)) != 0)
736 737 return (error);
737 738
738 739 /* Now make sure mntpnt and dataset are ZFS */
739 740
740 741 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
741 742 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
742 743 zc->zc_name) != 0)) {
743 744 VN_RELE(vp);
744 745 return (SET_ERROR(EPERM));
745 746 }
746 747
747 748 VN_RELE(vp);
748 749 return (dsl_deleg_access(zc->zc_name,
749 750 ZFS_DELEG_PERM_SHARE, cr));
750 751 }
751 752
752 753 int
753 754 zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
754 755 {
755 756 if (!INGLOBALZONE(curproc))
756 757 return (SET_ERROR(EPERM));
757 758
758 759 if (secpolicy_nfs(cr) == 0) {
759 760 return (0);
760 761 } else {
761 762 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
762 763 }
763 764 }
764 765
765 766 int
766 767 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
767 768 {
768 769 if (!INGLOBALZONE(curproc))
769 770 return (SET_ERROR(EPERM));
770 771
771 772 if (secpolicy_smb(cr) == 0) {
772 773 return (0);
773 774 } else {
774 775 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
775 776 }
776 777 }
777 778
778 779 static int
779 780 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
780 781 {
781 782 char *cp;
782 783
783 784 /*
784 785 * Remove the @bla or /bla from the end of the name to get the parent.
785 786 */
786 787 (void) strncpy(parent, datasetname, parentsize);
787 788 cp = strrchr(parent, '@');
788 789 if (cp != NULL) {
789 790 cp[0] = '\0';
790 791 } else {
791 792 cp = strrchr(parent, '/');
792 793 if (cp == NULL)
793 794 return (SET_ERROR(ENOENT));
794 795 cp[0] = '\0';
795 796 }
796 797
797 798 return (0);
798 799 }
799 800
800 801 int
801 802 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
802 803 {
803 804 int error;
804 805
805 806 if ((error = zfs_secpolicy_write_perms(name,
806 807 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
807 808 return (error);
808 809
809 810 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
810 811 }
811 812
812 813 /* ARGSUSED */
813 814 static int
814 815 zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
815 816 {
816 817 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
817 818 }
818 819
819 820 /*
820 821 * Destroying snapshots with delegated permissions requires
821 822 * descendant mount and destroy permissions.
822 823 */
823 824 /* ARGSUSED */
824 825 static int
825 826 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
826 827 {
827 828 nvlist_t *snaps;
828 829 nvpair_t *pair, *nextpair;
829 830 int error = 0;
830 831
831 832 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
832 833 return (SET_ERROR(EINVAL));
833 834 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
834 835 pair = nextpair) {
835 836 nextpair = nvlist_next_nvpair(snaps, pair);
836 837 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
837 838 if (error == ENOENT) {
838 839 /*
839 840 * Ignore any snapshots that don't exist (we consider
840 841 * them "already destroyed"). Remove the name from the
841 842 * nvl here in case the snapshot is created between
842 843 * now and when we try to destroy it (in which case
843 844 * we don't want to destroy it since we haven't
844 845 * checked for permission).
845 846 */
846 847 fnvlist_remove_nvpair(snaps, pair);
847 848 error = 0;
848 849 }
849 850 if (error != 0)
850 851 break;
851 852 }
852 853
853 854 return (error);
854 855 }
855 856
856 857 int
857 858 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
858 859 {
859 860 char parentname[MAXNAMELEN];
860 861 int error;
861 862
862 863 if ((error = zfs_secpolicy_write_perms(from,
863 864 ZFS_DELEG_PERM_RENAME, cr)) != 0)
864 865 return (error);
865 866
866 867 if ((error = zfs_secpolicy_write_perms(from,
867 868 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
868 869 return (error);
869 870
870 871 if ((error = zfs_get_parent(to, parentname,
871 872 sizeof (parentname))) != 0)
872 873 return (error);
873 874
874 875 if ((error = zfs_secpolicy_write_perms(parentname,
875 876 ZFS_DELEG_PERM_CREATE, cr)) != 0)
876 877 return (error);
877 878
878 879 if ((error = zfs_secpolicy_write_perms(parentname,
879 880 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
880 881 return (error);
881 882
882 883 return (error);
883 884 }
884 885
885 886 /* ARGSUSED */
886 887 static int
887 888 zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
888 889 {
889 890 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
890 891 }
891 892
892 893 /* ARGSUSED */
893 894 static int
894 895 zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
895 896 {
896 897 dsl_pool_t *dp;
897 898 dsl_dataset_t *clone;
898 899 int error;
899 900
900 901 error = zfs_secpolicy_write_perms(zc->zc_name,
901 902 ZFS_DELEG_PERM_PROMOTE, cr);
902 903 if (error != 0)
903 904 return (error);
904 905
905 906 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
906 907 if (error != 0)
907 908 return (error);
908 909
909 910 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &clone);
910 911
911 912 if (error == 0) {
912 913 char parentname[MAXNAMELEN];
913 914 dsl_dataset_t *origin = NULL;
914 915 dsl_dir_t *dd;
915 916 dd = clone->ds_dir;
916 917
917 918 error = dsl_dataset_hold_obj(dd->dd_pool,
918 919 dd->dd_phys->dd_origin_obj, FTAG, &origin);
919 920 if (error != 0) {
920 921 dsl_dataset_rele(clone, FTAG);
921 922 dsl_pool_rele(dp, FTAG);
922 923 return (error);
923 924 }
924 925
925 926 error = zfs_secpolicy_write_perms_ds(zc->zc_name, clone,
926 927 ZFS_DELEG_PERM_MOUNT, cr);
927 928
928 929 dsl_dataset_name(origin, parentname);
929 930 if (error == 0) {
930 931 error = zfs_secpolicy_write_perms_ds(parentname, origin,
931 932 ZFS_DELEG_PERM_PROMOTE, cr);
932 933 }
933 934 dsl_dataset_rele(clone, FTAG);
934 935 dsl_dataset_rele(origin, FTAG);
935 936 }
936 937 dsl_pool_rele(dp, FTAG);
937 938 return (error);
938 939 }
939 940
940 941 /* ARGSUSED */
941 942 static int
942 943 zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
943 944 {
944 945 int error;
945 946
946 947 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
947 948 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
948 949 return (error);
949 950
950 951 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
951 952 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
952 953 return (error);
953 954
954 955 return (zfs_secpolicy_write_perms(zc->zc_name,
955 956 ZFS_DELEG_PERM_CREATE, cr));
956 957 }
957 958
958 959 int
959 960 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
960 961 {
961 962 return (zfs_secpolicy_write_perms(name,
962 963 ZFS_DELEG_PERM_SNAPSHOT, cr));
963 964 }
964 965
965 966 /*
966 967 * Check for permission to create each snapshot in the nvlist.
967 968 */
968 969 /* ARGSUSED */
969 970 static int
970 971 zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
971 972 {
972 973 nvlist_t *snaps;
973 974 int error = 0;
974 975 nvpair_t *pair;
975 976
976 977 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
977 978 return (SET_ERROR(EINVAL));
978 979 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
979 980 pair = nvlist_next_nvpair(snaps, pair)) {
980 981 char *name = nvpair_name(pair);
981 982 char *atp = strchr(name, '@');
982 983
983 984 if (atp == NULL) {
984 985 error = SET_ERROR(EINVAL);
985 986 break;
986 987 }
987 988 *atp = '\0';
988 989 error = zfs_secpolicy_snapshot_perms(name, cr);
989 990 *atp = '@';
990 991 if (error != 0)
991 992 break;
992 993 }
993 994 return (error);
994 995 }
995 996
996 997 /*
997 998 * Check for permission to create each snapshot in the nvlist.
998 999 */
999 1000 /* ARGSUSED */
1000 1001 static int
1001 1002 zfs_secpolicy_bookmark(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1002 1003 {
1003 1004 int error = 0;
1004 1005
1005 1006 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
1006 1007 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
1007 1008 char *name = nvpair_name(pair);
1008 1009 char *hashp = strchr(name, '#');
1009 1010
1010 1011 if (hashp == NULL) {
1011 1012 error = SET_ERROR(EINVAL);
1012 1013 break;
1013 1014 }
1014 1015 *hashp = '\0';
1015 1016 error = zfs_secpolicy_write_perms(name,
1016 1017 ZFS_DELEG_PERM_BOOKMARK, cr);
1017 1018 *hashp = '#';
1018 1019 if (error != 0)
1019 1020 break;
1020 1021 }
1021 1022 return (error);
1022 1023 }
1023 1024
1024 1025 /* ARGSUSED */
1025 1026 static int
1026 1027 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1027 1028 {
1028 1029 nvpair_t *pair, *nextpair;
1029 1030 int error = 0;
1030 1031
1031 1032 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1032 1033 pair = nextpair) {
1033 1034 char *name = nvpair_name(pair);
1034 1035 char *hashp = strchr(name, '#');
1035 1036 nextpair = nvlist_next_nvpair(innvl, pair);
1036 1037
1037 1038 if (hashp == NULL) {
1038 1039 error = SET_ERROR(EINVAL);
1039 1040 break;
1040 1041 }
1041 1042
1042 1043 *hashp = '\0';
1043 1044 error = zfs_secpolicy_write_perms(name,
1044 1045 ZFS_DELEG_PERM_DESTROY, cr);
1045 1046 *hashp = '#';
1046 1047 if (error == ENOENT) {
1047 1048 /*
1048 1049 * Ignore any filesystems that don't exist (we consider
1049 1050 * their bookmarks "already destroyed"). Remove
1050 1051 * the name from the nvl here in case the filesystem
1051 1052 * is created between now and when we try to destroy
1052 1053 * the bookmark (in which case we don't want to
1053 1054 * destroy it since we haven't checked for permission).
1054 1055 */
1055 1056 fnvlist_remove_nvpair(innvl, pair);
1056 1057 error = 0;
1057 1058 }
1058 1059 if (error != 0)
1059 1060 break;
1060 1061 }
1061 1062
1062 1063 return (error);
1063 1064 }
1064 1065
1065 1066 /* ARGSUSED */
1066 1067 static int
1067 1068 zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1068 1069 {
1069 1070 /*
1070 1071 * Even root must have a proper TSD so that we know what pool
1071 1072 * to log to.
1072 1073 */
1073 1074 if (tsd_get(zfs_allow_log_key) == NULL)
1074 1075 return (SET_ERROR(EPERM));
1075 1076 return (0);
1076 1077 }
1077 1078
1078 1079 static int
1079 1080 zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1080 1081 {
1081 1082 char parentname[MAXNAMELEN];
1082 1083 int error;
1083 1084 char *origin;
1084 1085
1085 1086 if ((error = zfs_get_parent(zc->zc_name, parentname,
1086 1087 sizeof (parentname))) != 0)
1087 1088 return (error);
1088 1089
1089 1090 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1090 1091 (error = zfs_secpolicy_write_perms(origin,
1091 1092 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1092 1093 return (error);
1093 1094
1094 1095 if ((error = zfs_secpolicy_write_perms(parentname,
1095 1096 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1096 1097 return (error);
1097 1098
1098 1099 return (zfs_secpolicy_write_perms(parentname,
1099 1100 ZFS_DELEG_PERM_MOUNT, cr));
1100 1101 }
1101 1102
1102 1103 /*
1103 1104 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1104 1105 * SYS_CONFIG privilege, which is not available in a local zone.
1105 1106 */
1106 1107 /* ARGSUSED */
1107 1108 static int
1108 1109 zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1109 1110 {
1110 1111 if (secpolicy_sys_config(cr, B_FALSE) != 0)
1111 1112 return (SET_ERROR(EPERM));
1112 1113
1113 1114 return (0);
1114 1115 }
1115 1116
1116 1117 /*
1117 1118 * Policy for object to name lookups.
1118 1119 */
1119 1120 /* ARGSUSED */
1120 1121 static int
1121 1122 zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1122 1123 {
1123 1124 int error;
1124 1125
1125 1126 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1126 1127 return (0);
1127 1128
1128 1129 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1129 1130 return (error);
1130 1131 }
1131 1132
1132 1133 /*
1133 1134 * Policy for fault injection. Requires all privileges.
1134 1135 */
1135 1136 /* ARGSUSED */
1136 1137 static int
1137 1138 zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1138 1139 {
1139 1140 return (secpolicy_zinject(cr));
1140 1141 }
1141 1142
1142 1143 /* ARGSUSED */
1143 1144 static int
1144 1145 zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1145 1146 {
1146 1147 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1147 1148
1148 1149 if (prop == ZPROP_INVAL) {
1149 1150 if (!zfs_prop_user(zc->zc_value))
1150 1151 return (SET_ERROR(EINVAL));
1151 1152 return (zfs_secpolicy_write_perms(zc->zc_name,
1152 1153 ZFS_DELEG_PERM_USERPROP, cr));
1153 1154 } else {
1154 1155 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1155 1156 NULL, cr));
1156 1157 }
1157 1158 }
1158 1159
1159 1160 static int
1160 1161 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1161 1162 {
1162 1163 int err = zfs_secpolicy_read(zc, innvl, cr);
1163 1164 if (err)
1164 1165 return (err);
1165 1166
1166 1167 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1167 1168 return (SET_ERROR(EINVAL));
1168 1169
1169 1170 if (zc->zc_value[0] == 0) {
1170 1171 /*
1171 1172 * They are asking about a posix uid/gid. If it's
1172 1173 * themself, allow it.
1173 1174 */
1174 1175 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1175 1176 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
1176 1177 if (zc->zc_guid == crgetuid(cr))
1177 1178 return (0);
1178 1179 } else {
1179 1180 if (groupmember(zc->zc_guid, cr))
1180 1181 return (0);
1181 1182 }
1182 1183 }
1183 1184
1184 1185 return (zfs_secpolicy_write_perms(zc->zc_name,
1185 1186 userquota_perms[zc->zc_objset_type], cr));
1186 1187 }
1187 1188
1188 1189 static int
1189 1190 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1190 1191 {
1191 1192 int err = zfs_secpolicy_read(zc, innvl, cr);
1192 1193 if (err)
1193 1194 return (err);
1194 1195
1195 1196 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1196 1197 return (SET_ERROR(EINVAL));
1197 1198
1198 1199 return (zfs_secpolicy_write_perms(zc->zc_name,
1199 1200 userquota_perms[zc->zc_objset_type], cr));
1200 1201 }
1201 1202
1202 1203 /* ARGSUSED */
1203 1204 static int
1204 1205 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1205 1206 {
1206 1207 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1207 1208 NULL, cr));
1208 1209 }
1209 1210
1210 1211 /* ARGSUSED */
1211 1212 static int
1212 1213 zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1213 1214 {
1214 1215 nvpair_t *pair;
1215 1216 nvlist_t *holds;
1216 1217 int error;
1217 1218
1218 1219 error = nvlist_lookup_nvlist(innvl, "holds", &holds);
1219 1220 if (error != 0)
1220 1221 return (SET_ERROR(EINVAL));
1221 1222
1222 1223 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
1223 1224 pair = nvlist_next_nvpair(holds, pair)) {
1224 1225 char fsname[MAXNAMELEN];
1225 1226 error = dmu_fsname(nvpair_name(pair), fsname);
1226 1227 if (error != 0)
1227 1228 return (error);
1228 1229 error = zfs_secpolicy_write_perms(fsname,
1229 1230 ZFS_DELEG_PERM_HOLD, cr);
1230 1231 if (error != 0)
1231 1232 return (error);
1232 1233 }
1233 1234 return (0);
1234 1235 }
1235 1236
1236 1237 /* ARGSUSED */
1237 1238 static int
1238 1239 zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1239 1240 {
1240 1241 nvpair_t *pair;
1241 1242 int error;
1242 1243
1243 1244 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1244 1245 pair = nvlist_next_nvpair(innvl, pair)) {
1245 1246 char fsname[MAXNAMELEN];
1246 1247 error = dmu_fsname(nvpair_name(pair), fsname);
1247 1248 if (error != 0)
1248 1249 return (error);
1249 1250 error = zfs_secpolicy_write_perms(fsname,
1250 1251 ZFS_DELEG_PERM_RELEASE, cr);
1251 1252 if (error != 0)
1252 1253 return (error);
1253 1254 }
1254 1255 return (0);
1255 1256 }
1256 1257
1257 1258 /*
1258 1259 * Policy for allowing temporary snapshots to be taken or released
1259 1260 */
1260 1261 static int
1261 1262 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1262 1263 {
1263 1264 /*
1264 1265 * A temporary snapshot is the same as a snapshot,
1265 1266 * hold, destroy and release all rolled into one.
1266 1267 * Delegated diff alone is sufficient that we allow this.
1267 1268 */
1268 1269 int error;
1269 1270
1270 1271 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1271 1272 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1272 1273 return (0);
1273 1274
1274 1275 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
1275 1276 if (error == 0)
1276 1277 error = zfs_secpolicy_hold(zc, innvl, cr);
1277 1278 if (error == 0)
1278 1279 error = zfs_secpolicy_release(zc, innvl, cr);
1279 1280 if (error == 0)
1280 1281 error = zfs_secpolicy_destroy(zc, innvl, cr);
1281 1282 return (error);
1282 1283 }
1283 1284
1284 1285 /*
1285 1286 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1286 1287 */
1287 1288 static int
1288 1289 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1289 1290 {
1290 1291 char *packed;
1291 1292 int error;
1292 1293 nvlist_t *list = NULL;
1293 1294
1294 1295 /*
1295 1296 * Read in and unpack the user-supplied nvlist.
1296 1297 */
1297 1298 if (size == 0)
1298 1299 return (SET_ERROR(EINVAL));
1299 1300
1300 1301 packed = kmem_alloc(size, KM_SLEEP);
1301 1302
1302 1303 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1303 1304 iflag)) != 0) {
1304 1305 kmem_free(packed, size);
1305 1306 return (error);
1306 1307 }
1307 1308
1308 1309 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1309 1310 kmem_free(packed, size);
1310 1311 return (error);
1311 1312 }
1312 1313
1313 1314 kmem_free(packed, size);
1314 1315
1315 1316 *nvp = list;
1316 1317 return (0);
1317 1318 }
1318 1319
1319 1320 /*
1320 1321 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1321 1322 * Entries will be removed from the end of the nvlist, and one int32 entry
1322 1323 * named "N_MORE_ERRORS" will be added indicating how many entries were
1323 1324 * removed.
1324 1325 */
1325 1326 static int
1326 1327 nvlist_smush(nvlist_t *errors, size_t max)
1327 1328 {
1328 1329 size_t size;
1329 1330
1330 1331 size = fnvlist_size(errors);
1331 1332
1332 1333 if (size > max) {
1333 1334 nvpair_t *more_errors;
1334 1335 int n = 0;
1335 1336
1336 1337 if (max < 1024)
1337 1338 return (SET_ERROR(ENOMEM));
1338 1339
1339 1340 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1340 1341 more_errors = nvlist_prev_nvpair(errors, NULL);
1341 1342
1342 1343 do {
1343 1344 nvpair_t *pair = nvlist_prev_nvpair(errors,
1344 1345 more_errors);
1345 1346 fnvlist_remove_nvpair(errors, pair);
1346 1347 n++;
1347 1348 size = fnvlist_size(errors);
1348 1349 } while (size > max);
1349 1350
1350 1351 fnvlist_remove_nvpair(errors, more_errors);
1351 1352 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1352 1353 ASSERT3U(fnvlist_size(errors), <=, max);
1353 1354 }
1354 1355
1355 1356 return (0);
1356 1357 }
1357 1358
1358 1359 static int
1359 1360 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1360 1361 {
1361 1362 char *packed = NULL;
1362 1363 int error = 0;
1363 1364 size_t size;
1364 1365
1365 1366 size = fnvlist_size(nvl);
1366 1367
1367 1368 if (size > zc->zc_nvlist_dst_size) {
1368 1369 error = SET_ERROR(ENOMEM);
1369 1370 } else {
1370 1371 packed = fnvlist_pack(nvl, &size);
1371 1372 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1372 1373 size, zc->zc_iflags) != 0)
1373 1374 error = SET_ERROR(EFAULT);
1374 1375 fnvlist_pack_free(packed, size);
1375 1376 }
1376 1377
1377 1378 zc->zc_nvlist_dst_size = size;
1378 1379 zc->zc_nvlist_dst_filled = B_TRUE;
1379 1380 return (error);
1380 1381 }
1381 1382
1382 1383 static int
1383 1384 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1384 1385 {
1385 1386 objset_t *os;
1386 1387 int error;
1387 1388
1388 1389 error = dmu_objset_hold(dsname, FTAG, &os);
1389 1390 if (error != 0)
1390 1391 return (error);
1391 1392 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1392 1393 dmu_objset_rele(os, FTAG);
1393 1394 return (SET_ERROR(EINVAL));
1394 1395 }
1395 1396
1396 1397 mutex_enter(&os->os_user_ptr_lock);
1397 1398 *zfvp = dmu_objset_get_user(os);
1398 1399 if (*zfvp) {
1399 1400 VFS_HOLD((*zfvp)->z_vfs);
1400 1401 } else {
1401 1402 error = SET_ERROR(ESRCH);
1402 1403 }
1403 1404 mutex_exit(&os->os_user_ptr_lock);
1404 1405 dmu_objset_rele(os, FTAG);
1405 1406 return (error);
1406 1407 }
1407 1408
1408 1409 /*
1409 1410 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1410 1411 * case its z_vfs will be NULL, and it will be opened as the owner.
1411 1412 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1412 1413 * which prevents all vnode ops from running.
1413 1414 */
1414 1415 static int
1415 1416 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1416 1417 {
1417 1418 int error = 0;
1418 1419
1419 1420 if (getzfsvfs(name, zfvp) != 0)
1420 1421 error = zfsvfs_create(name, zfvp);
1421 1422 if (error == 0) {
1422 1423 rrw_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1423 1424 RW_READER, tag);
1424 1425 if ((*zfvp)->z_unmounted) {
1425 1426 /*
1426 1427 * XXX we could probably try again, since the unmounting
1427 1428 * thread should be just about to disassociate the
1428 1429 * objset from the zfsvfs.
1429 1430 */
1430 1431 rrw_exit(&(*zfvp)->z_teardown_lock, tag);
1431 1432 return (SET_ERROR(EBUSY));
1432 1433 }
1433 1434 }
1434 1435 return (error);
1435 1436 }
1436 1437
1437 1438 static void
1438 1439 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1439 1440 {
1440 1441 rrw_exit(&zfsvfs->z_teardown_lock, tag);
1441 1442
1442 1443 if (zfsvfs->z_vfs) {
1443 1444 VFS_RELE(zfsvfs->z_vfs);
1444 1445 } else {
1445 1446 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1446 1447 zfsvfs_free(zfsvfs);
1447 1448 }
1448 1449 }
1449 1450
1450 1451 static int
1451 1452 zfs_ioc_pool_create(zfs_cmd_t *zc)
1452 1453 {
1453 1454 int error;
1454 1455 nvlist_t *config, *props = NULL;
1455 1456 nvlist_t *rootprops = NULL;
1456 1457 nvlist_t *zplprops = NULL;
1457 1458
1458 1459 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1459 1460 zc->zc_iflags, &config))
1460 1461 return (error);
1461 1462
1462 1463 if (zc->zc_nvlist_src_size != 0 && (error =
1463 1464 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1464 1465 zc->zc_iflags, &props))) {
1465 1466 nvlist_free(config);
1466 1467 return (error);
1467 1468 }
1468 1469
1469 1470 if (props) {
1470 1471 nvlist_t *nvl = NULL;
1471 1472 uint64_t version = SPA_VERSION;
1472 1473
1473 1474 (void) nvlist_lookup_uint64(props,
1474 1475 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1475 1476 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1476 1477 error = SET_ERROR(EINVAL);
1477 1478 goto pool_props_bad;
1478 1479 }
1479 1480 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1480 1481 if (nvl) {
1481 1482 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1482 1483 if (error != 0) {
1483 1484 nvlist_free(config);
1484 1485 nvlist_free(props);
1485 1486 return (error);
1486 1487 }
1487 1488 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1488 1489 }
1489 1490 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1490 1491 error = zfs_fill_zplprops_root(version, rootprops,
1491 1492 zplprops, NULL);
1492 1493 if (error != 0)
1493 1494 goto pool_props_bad;
1494 1495 }
1495 1496
1496 1497 error = spa_create(zc->zc_name, config, props, zplprops);
1497 1498
1498 1499 /*
1499 1500 * Set the remaining root properties
1500 1501 */
1501 1502 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1502 1503 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1503 1504 (void) spa_destroy(zc->zc_name);
1504 1505
1505 1506 pool_props_bad:
1506 1507 nvlist_free(rootprops);
1507 1508 nvlist_free(zplprops);
1508 1509 nvlist_free(config);
1509 1510 nvlist_free(props);
1510 1511
1511 1512 return (error);
1512 1513 }
1513 1514
1514 1515 static int
1515 1516 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1516 1517 {
1517 1518 int error;
1518 1519 zfs_log_history(zc);
1519 1520 error = spa_destroy(zc->zc_name);
1520 1521 if (error == 0)
1521 1522 zvol_remove_minors(zc->zc_name);
1522 1523 return (error);
1523 1524 }
1524 1525
1525 1526 static int
1526 1527 zfs_ioc_pool_import(zfs_cmd_t *zc)
1527 1528 {
1528 1529 nvlist_t *config, *props = NULL;
1529 1530 uint64_t guid;
1530 1531 int error;
1531 1532
1532 1533 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1533 1534 zc->zc_iflags, &config)) != 0)
1534 1535 return (error);
1535 1536
1536 1537 if (zc->zc_nvlist_src_size != 0 && (error =
1537 1538 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1538 1539 zc->zc_iflags, &props))) {
1539 1540 nvlist_free(config);
1540 1541 return (error);
1541 1542 }
1542 1543
1543 1544 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1544 1545 guid != zc->zc_guid)
1545 1546 error = SET_ERROR(EINVAL);
1546 1547 else
1547 1548 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1548 1549
1549 1550 if (zc->zc_nvlist_dst != 0) {
1550 1551 int err;
1551 1552
1552 1553 if ((err = put_nvlist(zc, config)) != 0)
1553 1554 error = err;
1554 1555 }
1555 1556
1556 1557 nvlist_free(config);
1557 1558
1558 1559 if (props)
1559 1560 nvlist_free(props);
1560 1561
1561 1562 return (error);
1562 1563 }
1563 1564
1564 1565 static int
1565 1566 zfs_ioc_pool_export(zfs_cmd_t *zc)
1566 1567 {
1567 1568 int error;
1568 1569 boolean_t force = (boolean_t)zc->zc_cookie;
1569 1570 boolean_t hardforce = (boolean_t)zc->zc_guid;
1570 1571
1571 1572 zfs_log_history(zc);
1572 1573 error = spa_export(zc->zc_name, NULL, force, hardforce);
1573 1574 if (error == 0)
1574 1575 zvol_remove_minors(zc->zc_name);
1575 1576 return (error);
1576 1577 }
1577 1578
1578 1579 static int
1579 1580 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1580 1581 {
1581 1582 nvlist_t *configs;
1582 1583 int error;
1583 1584
1584 1585 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1585 1586 return (SET_ERROR(EEXIST));
1586 1587
1587 1588 error = put_nvlist(zc, configs);
1588 1589
1589 1590 nvlist_free(configs);
1590 1591
1591 1592 return (error);
1592 1593 }
1593 1594
1594 1595 /*
1595 1596 * inputs:
1596 1597 * zc_name name of the pool
1597 1598 *
1598 1599 * outputs:
1599 1600 * zc_cookie real errno
1600 1601 * zc_nvlist_dst config nvlist
1601 1602 * zc_nvlist_dst_size size of config nvlist
1602 1603 */
1603 1604 static int
1604 1605 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1605 1606 {
1606 1607 nvlist_t *config;
1607 1608 int error;
1608 1609 int ret = 0;
1609 1610
1610 1611 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1611 1612 sizeof (zc->zc_value));
1612 1613
1613 1614 if (config != NULL) {
1614 1615 ret = put_nvlist(zc, config);
1615 1616 nvlist_free(config);
1616 1617
1617 1618 /*
1618 1619 * The config may be present even if 'error' is non-zero.
1619 1620 * In this case we return success, and preserve the real errno
1620 1621 * in 'zc_cookie'.
1621 1622 */
1622 1623 zc->zc_cookie = error;
1623 1624 } else {
1624 1625 ret = error;
1625 1626 }
1626 1627
1627 1628 return (ret);
1628 1629 }
1629 1630
1630 1631 /*
1631 1632 * Try to import the given pool, returning pool stats as appropriate so that
1632 1633 * user land knows which devices are available and overall pool health.
1633 1634 */
1634 1635 static int
1635 1636 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1636 1637 {
1637 1638 nvlist_t *tryconfig, *config;
1638 1639 int error;
1639 1640
1640 1641 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1641 1642 zc->zc_iflags, &tryconfig)) != 0)
1642 1643 return (error);
1643 1644
1644 1645 config = spa_tryimport(tryconfig);
1645 1646
1646 1647 nvlist_free(tryconfig);
1647 1648
1648 1649 if (config == NULL)
1649 1650 return (SET_ERROR(EINVAL));
1650 1651
1651 1652 error = put_nvlist(zc, config);
1652 1653 nvlist_free(config);
1653 1654
1654 1655 return (error);
1655 1656 }
1656 1657
1657 1658 /*
1658 1659 * inputs:
1659 1660 * zc_name name of the pool
1660 1661 * zc_cookie scan func (pool_scan_func_t)
1661 1662 */
1662 1663 static int
1663 1664 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1664 1665 {
1665 1666 spa_t *spa;
1666 1667 int error;
1667 1668
1668 1669 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1669 1670 return (error);
1670 1671
1671 1672 if (zc->zc_cookie == POOL_SCAN_NONE)
1672 1673 error = spa_scan_stop(spa);
1673 1674 else
1674 1675 error = spa_scan(spa, zc->zc_cookie);
1675 1676
1676 1677 spa_close(spa, FTAG);
1677 1678
1678 1679 return (error);
1679 1680 }
1680 1681
1681 1682 static int
1682 1683 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1683 1684 {
1684 1685 spa_t *spa;
1685 1686 int error;
1686 1687
1687 1688 error = spa_open(zc->zc_name, &spa, FTAG);
1688 1689 if (error == 0) {
1689 1690 spa_freeze(spa);
1690 1691 spa_close(spa, FTAG);
1691 1692 }
1692 1693 return (error);
1693 1694 }
1694 1695
1695 1696 static int
1696 1697 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1697 1698 {
1698 1699 spa_t *spa;
1699 1700 int error;
1700 1701
1701 1702 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1702 1703 return (error);
1703 1704
1704 1705 if (zc->zc_cookie < spa_version(spa) ||
1705 1706 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1706 1707 spa_close(spa, FTAG);
1707 1708 return (SET_ERROR(EINVAL));
1708 1709 }
1709 1710
1710 1711 spa_upgrade(spa, zc->zc_cookie);
1711 1712 spa_close(spa, FTAG);
1712 1713
1713 1714 return (error);
1714 1715 }
1715 1716
1716 1717 static int
1717 1718 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1718 1719 {
1719 1720 spa_t *spa;
1720 1721 char *hist_buf;
1721 1722 uint64_t size;
1722 1723 int error;
1723 1724
1724 1725 if ((size = zc->zc_history_len) == 0)
1725 1726 return (SET_ERROR(EINVAL));
1726 1727
1727 1728 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1728 1729 return (error);
1729 1730
1730 1731 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1731 1732 spa_close(spa, FTAG);
1732 1733 return (SET_ERROR(ENOTSUP));
1733 1734 }
1734 1735
1735 1736 hist_buf = kmem_alloc(size, KM_SLEEP);
1736 1737 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1737 1738 &zc->zc_history_len, hist_buf)) == 0) {
1738 1739 error = ddi_copyout(hist_buf,
1739 1740 (void *)(uintptr_t)zc->zc_history,
1740 1741 zc->zc_history_len, zc->zc_iflags);
1741 1742 }
1742 1743
1743 1744 spa_close(spa, FTAG);
1744 1745 kmem_free(hist_buf, size);
1745 1746 return (error);
1746 1747 }
1747 1748
1748 1749 static int
1749 1750 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1750 1751 {
1751 1752 spa_t *spa;
1752 1753 int error;
1753 1754
1754 1755 error = spa_open(zc->zc_name, &spa, FTAG);
1755 1756 if (error == 0) {
1756 1757 error = spa_change_guid(spa);
1757 1758 spa_close(spa, FTAG);
1758 1759 }
1759 1760 return (error);
1760 1761 }
1761 1762
1762 1763 static int
1763 1764 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1764 1765 {
1765 1766 return (dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value));
1766 1767 }
1767 1768
1768 1769 /*
1769 1770 * inputs:
1770 1771 * zc_name name of filesystem
1771 1772 * zc_obj object to find
1772 1773 *
1773 1774 * outputs:
1774 1775 * zc_value name of object
1775 1776 */
1776 1777 static int
1777 1778 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1778 1779 {
1779 1780 objset_t *os;
1780 1781 int error;
1781 1782
1782 1783 /* XXX reading from objset not owned */
1783 1784 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1784 1785 return (error);
1785 1786 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1786 1787 dmu_objset_rele(os, FTAG);
1787 1788 return (SET_ERROR(EINVAL));
1788 1789 }
1789 1790 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1790 1791 sizeof (zc->zc_value));
1791 1792 dmu_objset_rele(os, FTAG);
1792 1793
1793 1794 return (error);
1794 1795 }
1795 1796
1796 1797 /*
1797 1798 * inputs:
1798 1799 * zc_name name of filesystem
1799 1800 * zc_obj object to find
1800 1801 *
1801 1802 * outputs:
1802 1803 * zc_stat stats on object
1803 1804 * zc_value path to object
1804 1805 */
1805 1806 static int
1806 1807 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1807 1808 {
1808 1809 objset_t *os;
1809 1810 int error;
1810 1811
1811 1812 /* XXX reading from objset not owned */
1812 1813 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1813 1814 return (error);
1814 1815 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1815 1816 dmu_objset_rele(os, FTAG);
1816 1817 return (SET_ERROR(EINVAL));
1817 1818 }
1818 1819 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1819 1820 sizeof (zc->zc_value));
1820 1821 dmu_objset_rele(os, FTAG);
1821 1822
1822 1823 return (error);
1823 1824 }
1824 1825
1825 1826 static int
1826 1827 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1827 1828 {
1828 1829 spa_t *spa;
1829 1830 int error;
1830 1831 nvlist_t *config, **l2cache, **spares;
1831 1832 uint_t nl2cache = 0, nspares = 0;
1832 1833
1833 1834 error = spa_open(zc->zc_name, &spa, FTAG);
1834 1835 if (error != 0)
1835 1836 return (error);
1836 1837
1837 1838 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1838 1839 zc->zc_iflags, &config);
1839 1840 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1840 1841 &l2cache, &nl2cache);
1841 1842
1842 1843 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1843 1844 &spares, &nspares);
1844 1845
1845 1846 /*
1846 1847 * A root pool with concatenated devices is not supported.
1847 1848 * Thus, can not add a device to a root pool.
1848 1849 *
1849 1850 * Intent log device can not be added to a rootpool because
1850 1851 * during mountroot, zil is replayed, a seperated log device
1851 1852 * can not be accessed during the mountroot time.
1852 1853 *
1853 1854 * l2cache and spare devices are ok to be added to a rootpool.
1854 1855 */
1855 1856 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1856 1857 nvlist_free(config);
1857 1858 spa_close(spa, FTAG);
1858 1859 return (SET_ERROR(EDOM));
1859 1860 }
1860 1861
1861 1862 if (error == 0) {
1862 1863 error = spa_vdev_add(spa, config);
1863 1864 nvlist_free(config);
1864 1865 }
1865 1866 spa_close(spa, FTAG);
1866 1867 return (error);
1867 1868 }
1868 1869
1869 1870 /*
1870 1871 * inputs:
1871 1872 * zc_name name of the pool
1872 1873 * zc_nvlist_conf nvlist of devices to remove
1873 1874 * zc_cookie to stop the remove?
1874 1875 */
1875 1876 static int
1876 1877 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1877 1878 {
1878 1879 spa_t *spa;
1879 1880 int error;
1880 1881
1881 1882 error = spa_open(zc->zc_name, &spa, FTAG);
1882 1883 if (error != 0)
1883 1884 return (error);
1884 1885 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1885 1886 spa_close(spa, FTAG);
1886 1887 return (error);
1887 1888 }
1888 1889
1889 1890 static int
1890 1891 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1891 1892 {
1892 1893 spa_t *spa;
1893 1894 int error;
1894 1895 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1895 1896
1896 1897 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1897 1898 return (error);
1898 1899 switch (zc->zc_cookie) {
1899 1900 case VDEV_STATE_ONLINE:
1900 1901 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1901 1902 break;
1902 1903
1903 1904 case VDEV_STATE_OFFLINE:
1904 1905 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1905 1906 break;
1906 1907
1907 1908 case VDEV_STATE_FAULTED:
1908 1909 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1909 1910 zc->zc_obj != VDEV_AUX_EXTERNAL)
1910 1911 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1911 1912
1912 1913 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1913 1914 break;
1914 1915
1915 1916 case VDEV_STATE_DEGRADED:
1916 1917 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1917 1918 zc->zc_obj != VDEV_AUX_EXTERNAL)
1918 1919 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1919 1920
1920 1921 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1921 1922 break;
1922 1923
1923 1924 default:
1924 1925 error = SET_ERROR(EINVAL);
1925 1926 }
1926 1927 zc->zc_cookie = newstate;
1927 1928 spa_close(spa, FTAG);
1928 1929 return (error);
1929 1930 }
1930 1931
1931 1932 static int
1932 1933 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1933 1934 {
1934 1935 spa_t *spa;
1935 1936 int replacing = zc->zc_cookie;
1936 1937 nvlist_t *config;
1937 1938 int error;
1938 1939
1939 1940 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1940 1941 return (error);
1941 1942
1942 1943 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1943 1944 zc->zc_iflags, &config)) == 0) {
1944 1945 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1945 1946 nvlist_free(config);
1946 1947 }
1947 1948
1948 1949 spa_close(spa, FTAG);
1949 1950 return (error);
1950 1951 }
1951 1952
1952 1953 static int
1953 1954 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1954 1955 {
1955 1956 spa_t *spa;
1956 1957 int error;
1957 1958
1958 1959 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1959 1960 return (error);
1960 1961
1961 1962 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1962 1963
1963 1964 spa_close(spa, FTAG);
1964 1965 return (error);
1965 1966 }
1966 1967
1967 1968 static int
1968 1969 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1969 1970 {
1970 1971 spa_t *spa;
1971 1972 nvlist_t *config, *props = NULL;
1972 1973 int error;
1973 1974 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1974 1975
1975 1976 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1976 1977 return (error);
1977 1978
1978 1979 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1979 1980 zc->zc_iflags, &config)) {
1980 1981 spa_close(spa, FTAG);
1981 1982 return (error);
1982 1983 }
1983 1984
1984 1985 if (zc->zc_nvlist_src_size != 0 && (error =
1985 1986 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1986 1987 zc->zc_iflags, &props))) {
1987 1988 spa_close(spa, FTAG);
1988 1989 nvlist_free(config);
1989 1990 return (error);
1990 1991 }
1991 1992
1992 1993 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1993 1994
1994 1995 spa_close(spa, FTAG);
1995 1996
1996 1997 nvlist_free(config);
1997 1998 nvlist_free(props);
1998 1999
1999 2000 return (error);
2000 2001 }
2001 2002
2002 2003 static int
2003 2004 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
2004 2005 {
2005 2006 spa_t *spa;
2006 2007 char *path = zc->zc_value;
2007 2008 uint64_t guid = zc->zc_guid;
2008 2009 int error;
2009 2010
2010 2011 error = spa_open(zc->zc_name, &spa, FTAG);
2011 2012 if (error != 0)
2012 2013 return (error);
2013 2014
2014 2015 error = spa_vdev_setpath(spa, guid, path);
2015 2016 spa_close(spa, FTAG);
2016 2017 return (error);
2017 2018 }
2018 2019
2019 2020 static int
2020 2021 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
2021 2022 {
2022 2023 spa_t *spa;
2023 2024 char *fru = zc->zc_value;
2024 2025 uint64_t guid = zc->zc_guid;
2025 2026 int error;
2026 2027
2027 2028 error = spa_open(zc->zc_name, &spa, FTAG);
2028 2029 if (error != 0)
2029 2030 return (error);
2030 2031
2031 2032 error = spa_vdev_setfru(spa, guid, fru);
2032 2033 spa_close(spa, FTAG);
2033 2034 return (error);
2034 2035 }
2035 2036
2036 2037 static int
2037 2038 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
2038 2039 {
2039 2040 int error = 0;
2040 2041 nvlist_t *nv;
2041 2042
2042 2043 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2043 2044
2044 2045 if (zc->zc_nvlist_dst != 0 &&
2045 2046 (error = dsl_prop_get_all(os, &nv)) == 0) {
2046 2047 dmu_objset_stats(os, nv);
2047 2048 /*
2048 2049 * NB: zvol_get_stats() will read the objset contents,
2049 2050 * which we aren't supposed to do with a
2050 2051 * DS_MODE_USER hold, because it could be
2051 2052 * inconsistent. So this is a bit of a workaround...
2052 2053 * XXX reading with out owning
2053 2054 */
2054 2055 if (!zc->zc_objset_stats.dds_inconsistent &&
2055 2056 dmu_objset_type(os) == DMU_OST_ZVOL) {
2056 2057 error = zvol_get_stats(os, nv);
2057 2058 if (error == EIO)
2058 2059 return (error);
2059 2060 VERIFY0(error);
2060 2061 }
2061 2062 error = put_nvlist(zc, nv);
2062 2063 nvlist_free(nv);
2063 2064 }
2064 2065
2065 2066 return (error);
2066 2067 }
2067 2068
2068 2069 /*
2069 2070 * inputs:
2070 2071 * zc_name name of filesystem
2071 2072 * zc_nvlist_dst_size size of buffer for property nvlist
2072 2073 *
2073 2074 * outputs:
2074 2075 * zc_objset_stats stats
2075 2076 * zc_nvlist_dst property nvlist
2076 2077 * zc_nvlist_dst_size size of property nvlist
2077 2078 */
2078 2079 static int
2079 2080 zfs_ioc_objset_stats(zfs_cmd_t *zc)
2080 2081 {
2081 2082 objset_t *os;
2082 2083 int error;
2083 2084
2084 2085 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2085 2086 if (error == 0) {
2086 2087 error = zfs_ioc_objset_stats_impl(zc, os);
2087 2088 dmu_objset_rele(os, FTAG);
2088 2089 }
2089 2090
2090 2091 return (error);
2091 2092 }
2092 2093
2093 2094 /*
2094 2095 * inputs:
2095 2096 * zc_name name of filesystem
2096 2097 * zc_nvlist_dst_size size of buffer for property nvlist
2097 2098 *
2098 2099 * outputs:
2099 2100 * zc_nvlist_dst received property nvlist
2100 2101 * zc_nvlist_dst_size size of received property nvlist
2101 2102 *
2102 2103 * Gets received properties (distinct from local properties on or after
2103 2104 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2104 2105 * local property values.
2105 2106 */
2106 2107 static int
2107 2108 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
2108 2109 {
2109 2110 int error = 0;
2110 2111 nvlist_t *nv;
2111 2112
2112 2113 /*
2113 2114 * Without this check, we would return local property values if the
2114 2115 * caller has not already received properties on or after
2115 2116 * SPA_VERSION_RECVD_PROPS.
2116 2117 */
2117 2118 if (!dsl_prop_get_hasrecvd(zc->zc_name))
2118 2119 return (SET_ERROR(ENOTSUP));
2119 2120
2120 2121 if (zc->zc_nvlist_dst != 0 &&
2121 2122 (error = dsl_prop_get_received(zc->zc_name, &nv)) == 0) {
2122 2123 error = put_nvlist(zc, nv);
2123 2124 nvlist_free(nv);
2124 2125 }
2125 2126
2126 2127 return (error);
2127 2128 }
2128 2129
2129 2130 static int
2130 2131 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2131 2132 {
2132 2133 uint64_t value;
2133 2134 int error;
2134 2135
2135 2136 /*
2136 2137 * zfs_get_zplprop() will either find a value or give us
2137 2138 * the default value (if there is one).
2138 2139 */
2139 2140 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2140 2141 return (error);
2141 2142 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2142 2143 return (0);
2143 2144 }
2144 2145
2145 2146 /*
2146 2147 * inputs:
2147 2148 * zc_name name of filesystem
2148 2149 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2149 2150 *
2150 2151 * outputs:
2151 2152 * zc_nvlist_dst zpl property nvlist
2152 2153 * zc_nvlist_dst_size size of zpl property nvlist
2153 2154 */
2154 2155 static int
2155 2156 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2156 2157 {
2157 2158 objset_t *os;
2158 2159 int err;
2159 2160
2160 2161 /* XXX reading without owning */
2161 2162 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
2162 2163 return (err);
2163 2164
2164 2165 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2165 2166
2166 2167 /*
2167 2168 * NB: nvl_add_zplprop() will read the objset contents,
2168 2169 * which we aren't supposed to do with a DS_MODE_USER
2169 2170 * hold, because it could be inconsistent.
2170 2171 */
2171 2172 if (zc->zc_nvlist_dst != NULL &&
2172 2173 !zc->zc_objset_stats.dds_inconsistent &&
2173 2174 dmu_objset_type(os) == DMU_OST_ZFS) {
2174 2175 nvlist_t *nv;
2175 2176
2176 2177 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2177 2178 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2178 2179 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2179 2180 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2180 2181 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2181 2182 err = put_nvlist(zc, nv);
2182 2183 nvlist_free(nv);
2183 2184 } else {
2184 2185 err = SET_ERROR(ENOENT);
2185 2186 }
2186 2187 dmu_objset_rele(os, FTAG);
2187 2188 return (err);
2188 2189 }
2189 2190
2190 2191 static boolean_t
2191 2192 dataset_name_hidden(const char *name)
2192 2193 {
2193 2194 /*
2194 2195 * Skip over datasets that are not visible in this zone,
2195 2196 * internal datasets (which have a $ in their name), and
2196 2197 * temporary datasets (which have a % in their name).
2197 2198 */
2198 2199 if (strchr(name, '$') != NULL)
2199 2200 return (B_TRUE);
2200 2201 if (strchr(name, '%') != NULL)
2201 2202 return (B_TRUE);
2202 2203 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
2203 2204 return (B_TRUE);
2204 2205 return (B_FALSE);
2205 2206 }
2206 2207
2207 2208 /*
2208 2209 * inputs:
2209 2210 * zc_name name of filesystem
2210 2211 * zc_cookie zap cursor
2211 2212 * zc_nvlist_dst_size size of buffer for property nvlist
2212 2213 *
2213 2214 * outputs:
2214 2215 * zc_name name of next filesystem
2215 2216 * zc_cookie zap cursor
2216 2217 * zc_objset_stats stats
2217 2218 * zc_nvlist_dst property nvlist
2218 2219 * zc_nvlist_dst_size size of property nvlist
2219 2220 */
2220 2221 static int
2221 2222 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2222 2223 {
2223 2224 objset_t *os;
2224 2225 int error;
2225 2226 char *p;
2226 2227 size_t orig_len = strlen(zc->zc_name);
2227 2228
2228 2229 top:
2229 2230 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2230 2231 if (error == ENOENT)
2231 2232 error = SET_ERROR(ESRCH);
2232 2233 return (error);
2233 2234 }
2234 2235
2235 2236 p = strrchr(zc->zc_name, '/');
2236 2237 if (p == NULL || p[1] != '\0')
2237 2238 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2238 2239 p = zc->zc_name + strlen(zc->zc_name);
2239 2240
2240 2241 do {
2241 2242 error = dmu_dir_list_next(os,
2242 2243 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2243 2244 NULL, &zc->zc_cookie);
2244 2245 if (error == ENOENT)
2245 2246 error = SET_ERROR(ESRCH);
2246 2247 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2247 2248 dmu_objset_rele(os, FTAG);
2248 2249
2249 2250 /*
2250 2251 * If it's an internal dataset (ie. with a '$' in its name),
2251 2252 * don't try to get stats for it, otherwise we'll return ENOENT.
2252 2253 */
2253 2254 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2254 2255 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2255 2256 if (error == ENOENT) {
2256 2257 /* We lost a race with destroy, get the next one. */
2257 2258 zc->zc_name[orig_len] = '\0';
2258 2259 goto top;
2259 2260 }
2260 2261 }
2261 2262 return (error);
2262 2263 }
2263 2264
2264 2265 /*
2265 2266 * inputs:
2266 2267 * zc_name name of filesystem
2267 2268 * zc_cookie zap cursor
2268 2269 * zc_nvlist_dst_size size of buffer for property nvlist
2269 2270 *
2270 2271 * outputs:
2271 2272 * zc_name name of next snapshot
2272 2273 * zc_objset_stats stats
2273 2274 * zc_nvlist_dst property nvlist
2274 2275 * zc_nvlist_dst_size size of property nvlist
2275 2276 */
2276 2277 static int
2277 2278 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2278 2279 {
2279 2280 objset_t *os;
2280 2281 int error;
2281 2282
2282 2283 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2283 2284 if (error != 0) {
2284 2285 return (error == ENOENT ? ESRCH : error);
2285 2286 }
2286 2287
2287 2288 /*
2288 2289 * A dataset name of maximum length cannot have any snapshots,
2289 2290 * so exit immediately.
2290 2291 */
2291 2292 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2292 2293 dmu_objset_rele(os, FTAG);
2293 2294 return (SET_ERROR(ESRCH));
2294 2295 }
2295 2296
2296 2297 error = dmu_snapshot_list_next(os,
2297 2298 sizeof (zc->zc_name) - strlen(zc->zc_name),
2298 2299 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2299 2300 NULL);
2300 2301
2301 2302 if (error == 0) {
2302 2303 dsl_dataset_t *ds;
2303 2304 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2304 2305
2305 2306 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2306 2307 if (error == 0) {
2307 2308 objset_t *ossnap;
2308 2309
2309 2310 error = dmu_objset_from_ds(ds, &ossnap);
2310 2311 if (error == 0)
2311 2312 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2312 2313 dsl_dataset_rele(ds, FTAG);
2313 2314 }
2314 2315 } else if (error == ENOENT) {
2315 2316 error = SET_ERROR(ESRCH);
2316 2317 }
2317 2318
2318 2319 dmu_objset_rele(os, FTAG);
2319 2320 /* if we failed, undo the @ that we tacked on to zc_name */
2320 2321 if (error != 0)
2321 2322 *strchr(zc->zc_name, '@') = '\0';
2322 2323 return (error);
2323 2324 }
2324 2325
2325 2326 static int
2326 2327 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2327 2328 {
2328 2329 const char *propname = nvpair_name(pair);
2329 2330 uint64_t *valary;
2330 2331 unsigned int vallen;
2331 2332 const char *domain;
2332 2333 char *dash;
2333 2334 zfs_userquota_prop_t type;
2334 2335 uint64_t rid;
2335 2336 uint64_t quota;
2336 2337 zfsvfs_t *zfsvfs;
2337 2338 int err;
2338 2339
2339 2340 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2340 2341 nvlist_t *attrs;
2341 2342 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2342 2343 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2343 2344 &pair) != 0)
2344 2345 return (SET_ERROR(EINVAL));
2345 2346 }
2346 2347
2347 2348 /*
2348 2349 * A correctly constructed propname is encoded as
2349 2350 * userquota@<rid>-<domain>.
2350 2351 */
2351 2352 if ((dash = strchr(propname, '-')) == NULL ||
2352 2353 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2353 2354 vallen != 3)
2354 2355 return (SET_ERROR(EINVAL));
2355 2356
2356 2357 domain = dash + 1;
2357 2358 type = valary[0];
2358 2359 rid = valary[1];
2359 2360 quota = valary[2];
2360 2361
2361 2362 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2362 2363 if (err == 0) {
2363 2364 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2364 2365 zfsvfs_rele(zfsvfs, FTAG);
2365 2366 }
2366 2367
2367 2368 return (err);
2368 2369 }
2369 2370
2370 2371 /*
2371 2372 * If the named property is one that has a special function to set its value,
2372 2373 * return 0 on success and a positive error code on failure; otherwise if it is
2373 2374 * not one of the special properties handled by this function, return -1.
2374 2375 *
2375 2376 * XXX: It would be better for callers of the property interface if we handled
2376 2377 * these special cases in dsl_prop.c (in the dsl layer).
2377 2378 */
2378 2379 static int
2379 2380 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2380 2381 nvpair_t *pair)
2381 2382 {
2382 2383 const char *propname = nvpair_name(pair);
2383 2384 zfs_prop_t prop = zfs_name_to_prop(propname);
2384 2385 uint64_t intval;
2385 2386 int err;
2386 2387
2387 2388 if (prop == ZPROP_INVAL) {
2388 2389 if (zfs_prop_userquota(propname))
2389 2390 return (zfs_prop_set_userquota(dsname, pair));
2390 2391 return (-1);
2391 2392 }
2392 2393
2393 2394 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2394 2395 nvlist_t *attrs;
2395 2396 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2396 2397 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2397 2398 &pair) == 0);
2398 2399 }
2399 2400
2400 2401 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2401 2402 return (-1);
2402 2403
2403 2404 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2404 2405
2405 2406 switch (prop) {
2406 2407 case ZFS_PROP_QUOTA:
2407 2408 err = dsl_dir_set_quota(dsname, source, intval);
2408 2409 break;
2409 2410 case ZFS_PROP_REFQUOTA:
2410 2411 err = dsl_dataset_set_refquota(dsname, source, intval);
2411 2412 break;
2412 2413 case ZFS_PROP_FILESYSTEM_LIMIT:
2413 2414 case ZFS_PROP_SNAPSHOT_LIMIT:
2414 2415 if (intval == UINT64_MAX) {
2415 2416 /* clearing the limit, just do it */
2416 2417 err = 0;
2417 2418 } else {
2418 2419 err = dsl_dir_activate_fs_ss_limit(dsname);
2419 2420 }
2420 2421 /*
2421 2422 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2422 2423 * default path to set the value in the nvlist.
2423 2424 */
2424 2425 if (err == 0)
2425 2426 err = -1;
2426 2427 break;
2427 2428 case ZFS_PROP_RESERVATION:
2428 2429 err = dsl_dir_set_reservation(dsname, source, intval);
2429 2430 break;
2430 2431 case ZFS_PROP_REFRESERVATION:
2431 2432 err = dsl_dataset_set_refreservation(dsname, source, intval);
2432 2433 break;
2433 2434 case ZFS_PROP_VOLSIZE:
2434 2435 err = zvol_set_volsize(dsname, intval);
2435 2436 break;
2436 2437 case ZFS_PROP_VERSION:
2437 2438 {
2438 2439 zfsvfs_t *zfsvfs;
2439 2440
2440 2441 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2441 2442 break;
2442 2443
2443 2444 err = zfs_set_version(zfsvfs, intval);
2444 2445 zfsvfs_rele(zfsvfs, FTAG);
2445 2446
|
↓ open down ↓ |
2406 lines elided |
↑ open up ↑ |
2446 2447 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2447 2448 zfs_cmd_t *zc;
2448 2449
2449 2450 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2450 2451 (void) strcpy(zc->zc_name, dsname);
2451 2452 (void) zfs_ioc_userspace_upgrade(zc);
2452 2453 kmem_free(zc, sizeof (zfs_cmd_t));
2453 2454 }
2454 2455 break;
2455 2456 }
2456 - case ZFS_PROP_COMPRESSION:
2457 - {
2458 - if (intval == ZIO_COMPRESS_LZ4) {
2459 - spa_t *spa;
2460 -
2461 - if ((err = spa_open(dsname, &spa, FTAG)) != 0)
2462 - return (err);
2463 -
2464 - /*
2465 - * Setting the LZ4 compression algorithm activates
2466 - * the feature.
2467 - */
2468 - if (!spa_feature_is_active(spa,
2469 - SPA_FEATURE_LZ4_COMPRESS)) {
2470 - if ((err = zfs_prop_activate_feature(spa,
2471 - SPA_FEATURE_LZ4_COMPRESS)) != 0) {
2472 - spa_close(spa, FTAG);
2473 - return (err);
2474 - }
2475 - }
2476 -
2477 - spa_close(spa, FTAG);
2478 - }
2479 - /*
2480 - * We still want the default set action to be performed in the
2481 - * caller, we only performed zfeature settings here.
2482 - */
2483 - err = -1;
2484 - break;
2485 - }
2486 -
2487 2457 default:
2488 2458 err = -1;
2489 2459 }
2490 2460
2491 2461 return (err);
2492 2462 }
2493 2463
2494 2464 /*
2495 2465 * This function is best effort. If it fails to set any of the given properties,
2496 2466 * it continues to set as many as it can and returns the last error
2497 2467 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2498 2468 * with the list of names of all the properties that failed along with the
2499 2469 * corresponding error numbers.
2500 2470 *
2501 2471 * If every property is set successfully, zero is returned and errlist is not
2502 2472 * modified.
2503 2473 */
2504 2474 int
2505 2475 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2506 2476 nvlist_t *errlist)
2507 2477 {
2508 2478 nvpair_t *pair;
2509 2479 nvpair_t *propval;
2510 2480 int rv = 0;
2511 2481 uint64_t intval;
2512 2482 char *strval;
2513 2483 nvlist_t *genericnvl = fnvlist_alloc();
2514 2484 nvlist_t *retrynvl = fnvlist_alloc();
2515 2485
2516 2486 retry:
2517 2487 pair = NULL;
2518 2488 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2519 2489 const char *propname = nvpair_name(pair);
2520 2490 zfs_prop_t prop = zfs_name_to_prop(propname);
2521 2491 int err = 0;
2522 2492
2523 2493 /* decode the property value */
2524 2494 propval = pair;
2525 2495 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2526 2496 nvlist_t *attrs;
2527 2497 attrs = fnvpair_value_nvlist(pair);
2528 2498 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2529 2499 &propval) != 0)
2530 2500 err = SET_ERROR(EINVAL);
2531 2501 }
2532 2502
2533 2503 /* Validate value type */
2534 2504 if (err == 0 && prop == ZPROP_INVAL) {
2535 2505 if (zfs_prop_user(propname)) {
2536 2506 if (nvpair_type(propval) != DATA_TYPE_STRING)
2537 2507 err = SET_ERROR(EINVAL);
2538 2508 } else if (zfs_prop_userquota(propname)) {
2539 2509 if (nvpair_type(propval) !=
2540 2510 DATA_TYPE_UINT64_ARRAY)
2541 2511 err = SET_ERROR(EINVAL);
2542 2512 } else {
2543 2513 err = SET_ERROR(EINVAL);
2544 2514 }
2545 2515 } else if (err == 0) {
2546 2516 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2547 2517 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2548 2518 err = SET_ERROR(EINVAL);
2549 2519 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2550 2520 const char *unused;
2551 2521
2552 2522 intval = fnvpair_value_uint64(propval);
2553 2523
2554 2524 switch (zfs_prop_get_type(prop)) {
2555 2525 case PROP_TYPE_NUMBER:
2556 2526 break;
2557 2527 case PROP_TYPE_STRING:
2558 2528 err = SET_ERROR(EINVAL);
2559 2529 break;
2560 2530 case PROP_TYPE_INDEX:
2561 2531 if (zfs_prop_index_to_string(prop,
2562 2532 intval, &unused) != 0)
2563 2533 err = SET_ERROR(EINVAL);
2564 2534 break;
2565 2535 default:
2566 2536 cmn_err(CE_PANIC,
2567 2537 "unknown property type");
2568 2538 }
2569 2539 } else {
2570 2540 err = SET_ERROR(EINVAL);
2571 2541 }
2572 2542 }
2573 2543
2574 2544 /* Validate permissions */
2575 2545 if (err == 0)
2576 2546 err = zfs_check_settable(dsname, pair, CRED());
2577 2547
2578 2548 if (err == 0) {
2579 2549 err = zfs_prop_set_special(dsname, source, pair);
2580 2550 if (err == -1) {
2581 2551 /*
2582 2552 * For better performance we build up a list of
2583 2553 * properties to set in a single transaction.
2584 2554 */
2585 2555 err = nvlist_add_nvpair(genericnvl, pair);
2586 2556 } else if (err != 0 && nvl != retrynvl) {
2587 2557 /*
2588 2558 * This may be a spurious error caused by
2589 2559 * receiving quota and reservation out of order.
2590 2560 * Try again in a second pass.
2591 2561 */
2592 2562 err = nvlist_add_nvpair(retrynvl, pair);
2593 2563 }
2594 2564 }
2595 2565
2596 2566 if (err != 0) {
2597 2567 if (errlist != NULL)
2598 2568 fnvlist_add_int32(errlist, propname, err);
2599 2569 rv = err;
2600 2570 }
2601 2571 }
2602 2572
2603 2573 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2604 2574 nvl = retrynvl;
2605 2575 goto retry;
2606 2576 }
2607 2577
2608 2578 if (!nvlist_empty(genericnvl) &&
2609 2579 dsl_props_set(dsname, source, genericnvl) != 0) {
2610 2580 /*
2611 2581 * If this fails, we still want to set as many properties as we
2612 2582 * can, so try setting them individually.
2613 2583 */
2614 2584 pair = NULL;
2615 2585 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2616 2586 const char *propname = nvpair_name(pair);
2617 2587 int err = 0;
2618 2588
2619 2589 propval = pair;
2620 2590 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2621 2591 nvlist_t *attrs;
2622 2592 attrs = fnvpair_value_nvlist(pair);
2623 2593 propval = fnvlist_lookup_nvpair(attrs,
2624 2594 ZPROP_VALUE);
2625 2595 }
2626 2596
2627 2597 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2628 2598 strval = fnvpair_value_string(propval);
2629 2599 err = dsl_prop_set_string(dsname, propname,
2630 2600 source, strval);
2631 2601 } else {
2632 2602 intval = fnvpair_value_uint64(propval);
2633 2603 err = dsl_prop_set_int(dsname, propname, source,
2634 2604 intval);
2635 2605 }
2636 2606
2637 2607 if (err != 0) {
2638 2608 if (errlist != NULL) {
2639 2609 fnvlist_add_int32(errlist, propname,
2640 2610 err);
2641 2611 }
2642 2612 rv = err;
2643 2613 }
2644 2614 }
2645 2615 }
2646 2616 nvlist_free(genericnvl);
2647 2617 nvlist_free(retrynvl);
2648 2618
2649 2619 return (rv);
2650 2620 }
2651 2621
2652 2622 /*
2653 2623 * Check that all the properties are valid user properties.
2654 2624 */
2655 2625 static int
2656 2626 zfs_check_userprops(const char *fsname, nvlist_t *nvl)
2657 2627 {
2658 2628 nvpair_t *pair = NULL;
2659 2629 int error = 0;
2660 2630
2661 2631 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2662 2632 const char *propname = nvpair_name(pair);
2663 2633
2664 2634 if (!zfs_prop_user(propname) ||
2665 2635 nvpair_type(pair) != DATA_TYPE_STRING)
2666 2636 return (SET_ERROR(EINVAL));
2667 2637
2668 2638 if (error = zfs_secpolicy_write_perms(fsname,
2669 2639 ZFS_DELEG_PERM_USERPROP, CRED()))
2670 2640 return (error);
2671 2641
2672 2642 if (strlen(propname) >= ZAP_MAXNAMELEN)
2673 2643 return (SET_ERROR(ENAMETOOLONG));
2674 2644
2675 2645 if (strlen(fnvpair_value_string(pair)) >= ZAP_MAXVALUELEN)
2676 2646 return (E2BIG);
2677 2647 }
2678 2648 return (0);
2679 2649 }
2680 2650
2681 2651 static void
2682 2652 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2683 2653 {
2684 2654 nvpair_t *pair;
2685 2655
2686 2656 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2687 2657
2688 2658 pair = NULL;
2689 2659 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2690 2660 if (nvlist_exists(skipped, nvpair_name(pair)))
2691 2661 continue;
2692 2662
2693 2663 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2694 2664 }
2695 2665 }
2696 2666
2697 2667 static int
2698 2668 clear_received_props(const char *dsname, nvlist_t *props,
2699 2669 nvlist_t *skipped)
2700 2670 {
2701 2671 int err = 0;
2702 2672 nvlist_t *cleared_props = NULL;
2703 2673 props_skip(props, skipped, &cleared_props);
2704 2674 if (!nvlist_empty(cleared_props)) {
2705 2675 /*
2706 2676 * Acts on local properties until the dataset has received
2707 2677 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2708 2678 */
2709 2679 zprop_source_t flags = (ZPROP_SRC_NONE |
2710 2680 (dsl_prop_get_hasrecvd(dsname) ? ZPROP_SRC_RECEIVED : 0));
2711 2681 err = zfs_set_prop_nvlist(dsname, flags, cleared_props, NULL);
2712 2682 }
2713 2683 nvlist_free(cleared_props);
2714 2684 return (err);
2715 2685 }
2716 2686
2717 2687 /*
2718 2688 * inputs:
2719 2689 * zc_name name of filesystem
2720 2690 * zc_value name of property to set
2721 2691 * zc_nvlist_src{_size} nvlist of properties to apply
2722 2692 * zc_cookie received properties flag
2723 2693 *
2724 2694 * outputs:
2725 2695 * zc_nvlist_dst{_size} error for each unapplied received property
2726 2696 */
2727 2697 static int
2728 2698 zfs_ioc_set_prop(zfs_cmd_t *zc)
2729 2699 {
2730 2700 nvlist_t *nvl;
2731 2701 boolean_t received = zc->zc_cookie;
2732 2702 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2733 2703 ZPROP_SRC_LOCAL);
2734 2704 nvlist_t *errors;
2735 2705 int error;
2736 2706
2737 2707 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2738 2708 zc->zc_iflags, &nvl)) != 0)
2739 2709 return (error);
2740 2710
2741 2711 if (received) {
2742 2712 nvlist_t *origprops;
2743 2713
2744 2714 if (dsl_prop_get_received(zc->zc_name, &origprops) == 0) {
2745 2715 (void) clear_received_props(zc->zc_name,
2746 2716 origprops, nvl);
2747 2717 nvlist_free(origprops);
2748 2718 }
2749 2719
2750 2720 error = dsl_prop_set_hasrecvd(zc->zc_name);
2751 2721 }
2752 2722
2753 2723 errors = fnvlist_alloc();
2754 2724 if (error == 0)
2755 2725 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
2756 2726
2757 2727 if (zc->zc_nvlist_dst != NULL && errors != NULL) {
2758 2728 (void) put_nvlist(zc, errors);
2759 2729 }
2760 2730
2761 2731 nvlist_free(errors);
2762 2732 nvlist_free(nvl);
2763 2733 return (error);
2764 2734 }
2765 2735
2766 2736 /*
2767 2737 * inputs:
2768 2738 * zc_name name of filesystem
2769 2739 * zc_value name of property to inherit
2770 2740 * zc_cookie revert to received value if TRUE
2771 2741 *
2772 2742 * outputs: none
2773 2743 */
2774 2744 static int
2775 2745 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2776 2746 {
2777 2747 const char *propname = zc->zc_value;
2778 2748 zfs_prop_t prop = zfs_name_to_prop(propname);
2779 2749 boolean_t received = zc->zc_cookie;
2780 2750 zprop_source_t source = (received
2781 2751 ? ZPROP_SRC_NONE /* revert to received value, if any */
2782 2752 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2783 2753
2784 2754 if (received) {
2785 2755 nvlist_t *dummy;
2786 2756 nvpair_t *pair;
2787 2757 zprop_type_t type;
2788 2758 int err;
2789 2759
2790 2760 /*
2791 2761 * zfs_prop_set_special() expects properties in the form of an
2792 2762 * nvpair with type info.
2793 2763 */
2794 2764 if (prop == ZPROP_INVAL) {
2795 2765 if (!zfs_prop_user(propname))
2796 2766 return (SET_ERROR(EINVAL));
2797 2767
2798 2768 type = PROP_TYPE_STRING;
2799 2769 } else if (prop == ZFS_PROP_VOLSIZE ||
2800 2770 prop == ZFS_PROP_VERSION) {
2801 2771 return (SET_ERROR(EINVAL));
2802 2772 } else {
2803 2773 type = zfs_prop_get_type(prop);
2804 2774 }
2805 2775
2806 2776 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2807 2777
2808 2778 switch (type) {
2809 2779 case PROP_TYPE_STRING:
2810 2780 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2811 2781 break;
2812 2782 case PROP_TYPE_NUMBER:
2813 2783 case PROP_TYPE_INDEX:
2814 2784 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2815 2785 break;
2816 2786 default:
2817 2787 nvlist_free(dummy);
2818 2788 return (SET_ERROR(EINVAL));
2819 2789 }
2820 2790
2821 2791 pair = nvlist_next_nvpair(dummy, NULL);
2822 2792 err = zfs_prop_set_special(zc->zc_name, source, pair);
2823 2793 nvlist_free(dummy);
2824 2794 if (err != -1)
2825 2795 return (err); /* special property already handled */
2826 2796 } else {
2827 2797 /*
2828 2798 * Only check this in the non-received case. We want to allow
2829 2799 * 'inherit -S' to revert non-inheritable properties like quota
2830 2800 * and reservation to the received or default values even though
2831 2801 * they are not considered inheritable.
2832 2802 */
2833 2803 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2834 2804 return (SET_ERROR(EINVAL));
2835 2805 }
2836 2806
2837 2807 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2838 2808 return (dsl_prop_inherit(zc->zc_name, zc->zc_value, source));
2839 2809 }
2840 2810
2841 2811 static int
2842 2812 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2843 2813 {
2844 2814 nvlist_t *props;
2845 2815 spa_t *spa;
2846 2816 int error;
2847 2817 nvpair_t *pair;
2848 2818
2849 2819 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2850 2820 zc->zc_iflags, &props))
2851 2821 return (error);
2852 2822
2853 2823 /*
2854 2824 * If the only property is the configfile, then just do a spa_lookup()
2855 2825 * to handle the faulted case.
2856 2826 */
2857 2827 pair = nvlist_next_nvpair(props, NULL);
2858 2828 if (pair != NULL && strcmp(nvpair_name(pair),
2859 2829 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2860 2830 nvlist_next_nvpair(props, pair) == NULL) {
2861 2831 mutex_enter(&spa_namespace_lock);
2862 2832 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2863 2833 spa_configfile_set(spa, props, B_FALSE);
2864 2834 spa_config_sync(spa, B_FALSE, B_TRUE);
2865 2835 }
2866 2836 mutex_exit(&spa_namespace_lock);
2867 2837 if (spa != NULL) {
2868 2838 nvlist_free(props);
2869 2839 return (0);
2870 2840 }
2871 2841 }
2872 2842
2873 2843 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2874 2844 nvlist_free(props);
2875 2845 return (error);
2876 2846 }
2877 2847
2878 2848 error = spa_prop_set(spa, props);
2879 2849
2880 2850 nvlist_free(props);
2881 2851 spa_close(spa, FTAG);
2882 2852
2883 2853 return (error);
2884 2854 }
2885 2855
2886 2856 static int
2887 2857 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2888 2858 {
2889 2859 spa_t *spa;
2890 2860 int error;
2891 2861 nvlist_t *nvp = NULL;
2892 2862
2893 2863 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2894 2864 /*
2895 2865 * If the pool is faulted, there may be properties we can still
2896 2866 * get (such as altroot and cachefile), so attempt to get them
2897 2867 * anyway.
2898 2868 */
2899 2869 mutex_enter(&spa_namespace_lock);
2900 2870 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2901 2871 error = spa_prop_get(spa, &nvp);
2902 2872 mutex_exit(&spa_namespace_lock);
2903 2873 } else {
2904 2874 error = spa_prop_get(spa, &nvp);
2905 2875 spa_close(spa, FTAG);
2906 2876 }
2907 2877
2908 2878 if (error == 0 && zc->zc_nvlist_dst != NULL)
2909 2879 error = put_nvlist(zc, nvp);
2910 2880 else
2911 2881 error = SET_ERROR(EFAULT);
2912 2882
2913 2883 nvlist_free(nvp);
2914 2884 return (error);
2915 2885 }
2916 2886
2917 2887 /*
2918 2888 * inputs:
2919 2889 * zc_name name of filesystem
2920 2890 * zc_nvlist_src{_size} nvlist of delegated permissions
2921 2891 * zc_perm_action allow/unallow flag
2922 2892 *
2923 2893 * outputs: none
2924 2894 */
2925 2895 static int
2926 2896 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2927 2897 {
2928 2898 int error;
2929 2899 nvlist_t *fsaclnv = NULL;
2930 2900
2931 2901 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2932 2902 zc->zc_iflags, &fsaclnv)) != 0)
2933 2903 return (error);
2934 2904
2935 2905 /*
2936 2906 * Verify nvlist is constructed correctly
2937 2907 */
2938 2908 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2939 2909 nvlist_free(fsaclnv);
2940 2910 return (SET_ERROR(EINVAL));
2941 2911 }
2942 2912
2943 2913 /*
2944 2914 * If we don't have PRIV_SYS_MOUNT, then validate
2945 2915 * that user is allowed to hand out each permission in
2946 2916 * the nvlist(s)
2947 2917 */
2948 2918
2949 2919 error = secpolicy_zfs(CRED());
2950 2920 if (error != 0) {
2951 2921 if (zc->zc_perm_action == B_FALSE) {
2952 2922 error = dsl_deleg_can_allow(zc->zc_name,
2953 2923 fsaclnv, CRED());
2954 2924 } else {
2955 2925 error = dsl_deleg_can_unallow(zc->zc_name,
2956 2926 fsaclnv, CRED());
2957 2927 }
2958 2928 }
2959 2929
2960 2930 if (error == 0)
2961 2931 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2962 2932
2963 2933 nvlist_free(fsaclnv);
2964 2934 return (error);
2965 2935 }
2966 2936
2967 2937 /*
2968 2938 * inputs:
2969 2939 * zc_name name of filesystem
2970 2940 *
2971 2941 * outputs:
2972 2942 * zc_nvlist_src{_size} nvlist of delegated permissions
2973 2943 */
2974 2944 static int
2975 2945 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2976 2946 {
2977 2947 nvlist_t *nvp;
2978 2948 int error;
2979 2949
2980 2950 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2981 2951 error = put_nvlist(zc, nvp);
2982 2952 nvlist_free(nvp);
2983 2953 }
2984 2954
2985 2955 return (error);
2986 2956 }
2987 2957
2988 2958 /*
2989 2959 * Search the vfs list for a specified resource. Returns a pointer to it
2990 2960 * or NULL if no suitable entry is found. The caller of this routine
2991 2961 * is responsible for releasing the returned vfs pointer.
2992 2962 */
2993 2963 static vfs_t *
2994 2964 zfs_get_vfs(const char *resource)
2995 2965 {
2996 2966 struct vfs *vfsp;
2997 2967 struct vfs *vfs_found = NULL;
2998 2968
2999 2969 vfs_list_read_lock();
3000 2970 vfsp = rootvfs;
3001 2971 do {
3002 2972 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
3003 2973 VFS_HOLD(vfsp);
3004 2974 vfs_found = vfsp;
3005 2975 break;
3006 2976 }
3007 2977 vfsp = vfsp->vfs_next;
3008 2978 } while (vfsp != rootvfs);
3009 2979 vfs_list_unlock();
3010 2980 return (vfs_found);
3011 2981 }
3012 2982
3013 2983 /* ARGSUSED */
3014 2984 static void
3015 2985 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
3016 2986 {
3017 2987 zfs_creat_t *zct = arg;
3018 2988
3019 2989 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
3020 2990 }
3021 2991
3022 2992 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
3023 2993
3024 2994 /*
3025 2995 * inputs:
3026 2996 * os parent objset pointer (NULL if root fs)
3027 2997 * fuids_ok fuids allowed in this version of the spa?
3028 2998 * sa_ok SAs allowed in this version of the spa?
3029 2999 * createprops list of properties requested by creator
3030 3000 *
3031 3001 * outputs:
3032 3002 * zplprops values for the zplprops we attach to the master node object
3033 3003 * is_ci true if requested file system will be purely case-insensitive
3034 3004 *
3035 3005 * Determine the settings for utf8only, normalization and
3036 3006 * casesensitivity. Specific values may have been requested by the
3037 3007 * creator and/or we can inherit values from the parent dataset. If
3038 3008 * the file system is of too early a vintage, a creator can not
3039 3009 * request settings for these properties, even if the requested
3040 3010 * setting is the default value. We don't actually want to create dsl
3041 3011 * properties for these, so remove them from the source nvlist after
3042 3012 * processing.
3043 3013 */
3044 3014 static int
3045 3015 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
3046 3016 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
3047 3017 nvlist_t *zplprops, boolean_t *is_ci)
3048 3018 {
3049 3019 uint64_t sense = ZFS_PROP_UNDEFINED;
3050 3020 uint64_t norm = ZFS_PROP_UNDEFINED;
3051 3021 uint64_t u8 = ZFS_PROP_UNDEFINED;
3052 3022
3053 3023 ASSERT(zplprops != NULL);
3054 3024
3055 3025 /*
3056 3026 * Pull out creator prop choices, if any.
3057 3027 */
3058 3028 if (createprops) {
3059 3029 (void) nvlist_lookup_uint64(createprops,
3060 3030 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
3061 3031 (void) nvlist_lookup_uint64(createprops,
3062 3032 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
3063 3033 (void) nvlist_remove_all(createprops,
3064 3034 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
3065 3035 (void) nvlist_lookup_uint64(createprops,
3066 3036 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
3067 3037 (void) nvlist_remove_all(createprops,
3068 3038 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
3069 3039 (void) nvlist_lookup_uint64(createprops,
3070 3040 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
3071 3041 (void) nvlist_remove_all(createprops,
3072 3042 zfs_prop_to_name(ZFS_PROP_CASE));
3073 3043 }
3074 3044
3075 3045 /*
3076 3046 * If the zpl version requested is whacky or the file system
3077 3047 * or pool is version is too "young" to support normalization
3078 3048 * and the creator tried to set a value for one of the props,
3079 3049 * error out.
3080 3050 */
3081 3051 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
3082 3052 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
3083 3053 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
3084 3054 (zplver < ZPL_VERSION_NORMALIZATION &&
3085 3055 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
3086 3056 sense != ZFS_PROP_UNDEFINED)))
3087 3057 return (SET_ERROR(ENOTSUP));
3088 3058
3089 3059 /*
3090 3060 * Put the version in the zplprops
3091 3061 */
3092 3062 VERIFY(nvlist_add_uint64(zplprops,
3093 3063 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
3094 3064
3095 3065 if (norm == ZFS_PROP_UNDEFINED)
3096 3066 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
3097 3067 VERIFY(nvlist_add_uint64(zplprops,
3098 3068 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3099 3069
3100 3070 /*
3101 3071 * If we're normalizing, names must always be valid UTF-8 strings.
3102 3072 */
3103 3073 if (norm)
3104 3074 u8 = 1;
3105 3075 if (u8 == ZFS_PROP_UNDEFINED)
3106 3076 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
3107 3077 VERIFY(nvlist_add_uint64(zplprops,
3108 3078 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3109 3079
3110 3080 if (sense == ZFS_PROP_UNDEFINED)
3111 3081 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
3112 3082 VERIFY(nvlist_add_uint64(zplprops,
3113 3083 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3114 3084
3115 3085 if (is_ci)
3116 3086 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3117 3087
3118 3088 return (0);
3119 3089 }
3120 3090
3121 3091 static int
3122 3092 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3123 3093 nvlist_t *zplprops, boolean_t *is_ci)
3124 3094 {
3125 3095 boolean_t fuids_ok, sa_ok;
3126 3096 uint64_t zplver = ZPL_VERSION;
3127 3097 objset_t *os = NULL;
3128 3098 char parentname[MAXNAMELEN];
3129 3099 char *cp;
3130 3100 spa_t *spa;
3131 3101 uint64_t spa_vers;
3132 3102 int error;
3133 3103
3134 3104 (void) strlcpy(parentname, dataset, sizeof (parentname));
3135 3105 cp = strrchr(parentname, '/');
3136 3106 ASSERT(cp != NULL);
3137 3107 cp[0] = '\0';
3138 3108
3139 3109 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3140 3110 return (error);
3141 3111
3142 3112 spa_vers = spa_version(spa);
3143 3113 spa_close(spa, FTAG);
3144 3114
3145 3115 zplver = zfs_zpl_version_map(spa_vers);
3146 3116 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3147 3117 sa_ok = (zplver >= ZPL_VERSION_SA);
3148 3118
3149 3119 /*
3150 3120 * Open parent object set so we can inherit zplprop values.
3151 3121 */
3152 3122 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
3153 3123 return (error);
3154 3124
3155 3125 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
3156 3126 zplprops, is_ci);
3157 3127 dmu_objset_rele(os, FTAG);
3158 3128 return (error);
3159 3129 }
3160 3130
3161 3131 static int
3162 3132 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3163 3133 nvlist_t *zplprops, boolean_t *is_ci)
3164 3134 {
3165 3135 boolean_t fuids_ok;
3166 3136 boolean_t sa_ok;
3167 3137 uint64_t zplver = ZPL_VERSION;
3168 3138 int error;
3169 3139
3170 3140 zplver = zfs_zpl_version_map(spa_vers);
3171 3141 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3172 3142 sa_ok = (zplver >= ZPL_VERSION_SA);
3173 3143
3174 3144 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3175 3145 createprops, zplprops, is_ci);
3176 3146 return (error);
3177 3147 }
3178 3148
3179 3149 /*
3180 3150 * innvl: {
3181 3151 * "type" -> dmu_objset_type_t (int32)
3182 3152 * (optional) "props" -> { prop -> value }
3183 3153 * }
3184 3154 *
3185 3155 * outnvl: propname -> error code (int32)
3186 3156 */
3187 3157 static int
3188 3158 zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3189 3159 {
3190 3160 int error = 0;
3191 3161 zfs_creat_t zct = { 0 };
3192 3162 nvlist_t *nvprops = NULL;
3193 3163 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3194 3164 int32_t type32;
3195 3165 dmu_objset_type_t type;
3196 3166 boolean_t is_insensitive = B_FALSE;
3197 3167
3198 3168 if (nvlist_lookup_int32(innvl, "type", &type32) != 0)
3199 3169 return (SET_ERROR(EINVAL));
3200 3170 type = type32;
3201 3171 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3202 3172
3203 3173 switch (type) {
3204 3174 case DMU_OST_ZFS:
3205 3175 cbfunc = zfs_create_cb;
3206 3176 break;
3207 3177
3208 3178 case DMU_OST_ZVOL:
3209 3179 cbfunc = zvol_create_cb;
3210 3180 break;
3211 3181
3212 3182 default:
3213 3183 cbfunc = NULL;
3214 3184 break;
3215 3185 }
3216 3186 if (strchr(fsname, '@') ||
3217 3187 strchr(fsname, '%'))
3218 3188 return (SET_ERROR(EINVAL));
3219 3189
3220 3190 zct.zct_props = nvprops;
3221 3191
3222 3192 if (cbfunc == NULL)
3223 3193 return (SET_ERROR(EINVAL));
3224 3194
3225 3195 if (type == DMU_OST_ZVOL) {
3226 3196 uint64_t volsize, volblocksize;
3227 3197
3228 3198 if (nvprops == NULL)
3229 3199 return (SET_ERROR(EINVAL));
3230 3200 if (nvlist_lookup_uint64(nvprops,
3231 3201 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
3232 3202 return (SET_ERROR(EINVAL));
3233 3203
3234 3204 if ((error = nvlist_lookup_uint64(nvprops,
3235 3205 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3236 3206 &volblocksize)) != 0 && error != ENOENT)
3237 3207 return (SET_ERROR(EINVAL));
3238 3208
3239 3209 if (error != 0)
3240 3210 volblocksize = zfs_prop_default_numeric(
3241 3211 ZFS_PROP_VOLBLOCKSIZE);
3242 3212
3243 3213 if ((error = zvol_check_volblocksize(
3244 3214 volblocksize)) != 0 ||
3245 3215 (error = zvol_check_volsize(volsize,
3246 3216 volblocksize)) != 0)
3247 3217 return (error);
3248 3218 } else if (type == DMU_OST_ZFS) {
3249 3219 int error;
3250 3220
3251 3221 /*
3252 3222 * We have to have normalization and
3253 3223 * case-folding flags correct when we do the
3254 3224 * file system creation, so go figure them out
3255 3225 * now.
3256 3226 */
3257 3227 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3258 3228 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3259 3229 error = zfs_fill_zplprops(fsname, nvprops,
3260 3230 zct.zct_zplprops, &is_insensitive);
3261 3231 if (error != 0) {
3262 3232 nvlist_free(zct.zct_zplprops);
3263 3233 return (error);
3264 3234 }
3265 3235 }
3266 3236
3267 3237 error = dmu_objset_create(fsname, type,
3268 3238 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3269 3239 nvlist_free(zct.zct_zplprops);
3270 3240
3271 3241 /*
3272 3242 * It would be nice to do this atomically.
3273 3243 */
3274 3244 if (error == 0) {
3275 3245 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3276 3246 nvprops, outnvl);
3277 3247 if (error != 0)
3278 3248 (void) dsl_destroy_head(fsname);
3279 3249 }
3280 3250 return (error);
3281 3251 }
3282 3252
3283 3253 /*
3284 3254 * innvl: {
3285 3255 * "origin" -> name of origin snapshot
3286 3256 * (optional) "props" -> { prop -> value }
3287 3257 * }
3288 3258 *
3289 3259 * outnvl: propname -> error code (int32)
3290 3260 */
3291 3261 static int
3292 3262 zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3293 3263 {
3294 3264 int error = 0;
3295 3265 nvlist_t *nvprops = NULL;
3296 3266 char *origin_name;
3297 3267
3298 3268 if (nvlist_lookup_string(innvl, "origin", &origin_name) != 0)
3299 3269 return (SET_ERROR(EINVAL));
3300 3270 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3301 3271
3302 3272 if (strchr(fsname, '@') ||
3303 3273 strchr(fsname, '%'))
3304 3274 return (SET_ERROR(EINVAL));
3305 3275
3306 3276 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
3307 3277 return (SET_ERROR(EINVAL));
3308 3278 error = dmu_objset_clone(fsname, origin_name);
3309 3279 if (error != 0)
3310 3280 return (error);
3311 3281
3312 3282 /*
3313 3283 * It would be nice to do this atomically.
3314 3284 */
3315 3285 if (error == 0) {
3316 3286 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3317 3287 nvprops, outnvl);
3318 3288 if (error != 0)
3319 3289 (void) dsl_destroy_head(fsname);
3320 3290 }
3321 3291 return (error);
3322 3292 }
3323 3293
3324 3294 /*
3325 3295 * innvl: {
3326 3296 * "snaps" -> { snapshot1, snapshot2 }
3327 3297 * (optional) "props" -> { prop -> value (string) }
3328 3298 * }
3329 3299 *
3330 3300 * outnvl: snapshot -> error code (int32)
3331 3301 */
3332 3302 static int
3333 3303 zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3334 3304 {
3335 3305 nvlist_t *snaps;
3336 3306 nvlist_t *props = NULL;
3337 3307 int error, poollen;
3338 3308 nvpair_t *pair;
3339 3309
3340 3310 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3341 3311 if ((error = zfs_check_userprops(poolname, props)) != 0)
3342 3312 return (error);
3343 3313
3344 3314 if (!nvlist_empty(props) &&
3345 3315 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
3346 3316 return (SET_ERROR(ENOTSUP));
3347 3317
3348 3318 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3349 3319 return (SET_ERROR(EINVAL));
3350 3320 poollen = strlen(poolname);
3351 3321 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3352 3322 pair = nvlist_next_nvpair(snaps, pair)) {
3353 3323 const char *name = nvpair_name(pair);
3354 3324 const char *cp = strchr(name, '@');
3355 3325
3356 3326 /*
3357 3327 * The snap name must contain an @, and the part after it must
3358 3328 * contain only valid characters.
3359 3329 */
3360 3330 if (cp == NULL ||
3361 3331 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3362 3332 return (SET_ERROR(EINVAL));
3363 3333
3364 3334 /*
3365 3335 * The snap must be in the specified pool.
3366 3336 */
3367 3337 if (strncmp(name, poolname, poollen) != 0 ||
3368 3338 (name[poollen] != '/' && name[poollen] != '@'))
3369 3339 return (SET_ERROR(EXDEV));
3370 3340
3371 3341 /* This must be the only snap of this fs. */
3372 3342 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
3373 3343 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3374 3344 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3375 3345 == 0) {
3376 3346 return (SET_ERROR(EXDEV));
3377 3347 }
3378 3348 }
3379 3349 }
3380 3350
3381 3351 error = dsl_dataset_snapshot(snaps, props, outnvl);
3382 3352 return (error);
3383 3353 }
3384 3354
3385 3355 /*
3386 3356 * innvl: "message" -> string
3387 3357 */
3388 3358 /* ARGSUSED */
3389 3359 static int
3390 3360 zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3391 3361 {
3392 3362 char *message;
3393 3363 spa_t *spa;
3394 3364 int error;
3395 3365 char *poolname;
3396 3366
3397 3367 /*
3398 3368 * The poolname in the ioctl is not set, we get it from the TSD,
3399 3369 * which was set at the end of the last successful ioctl that allows
3400 3370 * logging. The secpolicy func already checked that it is set.
3401 3371 * Only one log ioctl is allowed after each successful ioctl, so
3402 3372 * we clear the TSD here.
3403 3373 */
3404 3374 poolname = tsd_get(zfs_allow_log_key);
3405 3375 (void) tsd_set(zfs_allow_log_key, NULL);
3406 3376 error = spa_open(poolname, &spa, FTAG);
3407 3377 strfree(poolname);
3408 3378 if (error != 0)
3409 3379 return (error);
3410 3380
3411 3381 if (nvlist_lookup_string(innvl, "message", &message) != 0) {
3412 3382 spa_close(spa, FTAG);
3413 3383 return (SET_ERROR(EINVAL));
3414 3384 }
3415 3385
3416 3386 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3417 3387 spa_close(spa, FTAG);
3418 3388 return (SET_ERROR(ENOTSUP));
3419 3389 }
3420 3390
3421 3391 error = spa_history_log(spa, message);
3422 3392 spa_close(spa, FTAG);
3423 3393 return (error);
3424 3394 }
3425 3395
3426 3396 /*
3427 3397 * The dp_config_rwlock must not be held when calling this, because the
3428 3398 * unmount may need to write out data.
3429 3399 *
3430 3400 * This function is best-effort. Callers must deal gracefully if it
3431 3401 * remains mounted (or is remounted after this call).
3432 3402 *
3433 3403 * Returns 0 if the argument is not a snapshot, or it is not currently a
3434 3404 * filesystem, or we were able to unmount it. Returns error code otherwise.
3435 3405 */
3436 3406 int
3437 3407 zfs_unmount_snap(const char *snapname)
3438 3408 {
3439 3409 vfs_t *vfsp;
3440 3410 zfsvfs_t *zfsvfs;
3441 3411 int err;
3442 3412
3443 3413 if (strchr(snapname, '@') == NULL)
3444 3414 return (0);
3445 3415
3446 3416 vfsp = zfs_get_vfs(snapname);
3447 3417 if (vfsp == NULL)
3448 3418 return (0);
3449 3419
3450 3420 zfsvfs = vfsp->vfs_data;
3451 3421 ASSERT(!dsl_pool_config_held(dmu_objset_pool(zfsvfs->z_os)));
3452 3422
3453 3423 err = vn_vfswlock(vfsp->vfs_vnodecovered);
3454 3424 VFS_RELE(vfsp);
3455 3425 if (err != 0)
3456 3426 return (SET_ERROR(err));
3457 3427
3458 3428 /*
3459 3429 * Always force the unmount for snapshots.
3460 3430 */
3461 3431 (void) dounmount(vfsp, MS_FORCE, kcred);
3462 3432 return (0);
3463 3433 }
3464 3434
3465 3435 /* ARGSUSED */
3466 3436 static int
3467 3437 zfs_unmount_snap_cb(const char *snapname, void *arg)
3468 3438 {
3469 3439 return (zfs_unmount_snap(snapname));
3470 3440 }
3471 3441
3472 3442 /*
3473 3443 * When a clone is destroyed, its origin may also need to be destroyed,
3474 3444 * in which case it must be unmounted. This routine will do that unmount
3475 3445 * if necessary.
3476 3446 */
3477 3447 void
3478 3448 zfs_destroy_unmount_origin(const char *fsname)
3479 3449 {
3480 3450 int error;
3481 3451 objset_t *os;
3482 3452 dsl_dataset_t *ds;
3483 3453
3484 3454 error = dmu_objset_hold(fsname, FTAG, &os);
3485 3455 if (error != 0)
3486 3456 return;
3487 3457 ds = dmu_objset_ds(os);
3488 3458 if (dsl_dir_is_clone(ds->ds_dir) && DS_IS_DEFER_DESTROY(ds->ds_prev)) {
3489 3459 char originname[MAXNAMELEN];
3490 3460 dsl_dataset_name(ds->ds_prev, originname);
3491 3461 dmu_objset_rele(os, FTAG);
3492 3462 (void) zfs_unmount_snap(originname);
3493 3463 } else {
3494 3464 dmu_objset_rele(os, FTAG);
3495 3465 }
3496 3466 }
3497 3467
3498 3468 /*
3499 3469 * innvl: {
3500 3470 * "snaps" -> { snapshot1, snapshot2 }
3501 3471 * (optional boolean) "defer"
3502 3472 * }
3503 3473 *
3504 3474 * outnvl: snapshot -> error code (int32)
3505 3475 *
3506 3476 */
3507 3477 /* ARGSUSED */
3508 3478 static int
3509 3479 zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3510 3480 {
3511 3481 nvlist_t *snaps;
3512 3482 nvpair_t *pair;
3513 3483 boolean_t defer;
3514 3484
3515 3485 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3516 3486 return (SET_ERROR(EINVAL));
3517 3487 defer = nvlist_exists(innvl, "defer");
3518 3488
3519 3489 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3520 3490 pair = nvlist_next_nvpair(snaps, pair)) {
3521 3491 (void) zfs_unmount_snap(nvpair_name(pair));
3522 3492 }
3523 3493
3524 3494 return (dsl_destroy_snapshots_nvl(snaps, defer, outnvl));
3525 3495 }
3526 3496
3527 3497 /*
3528 3498 * Create bookmarks. Bookmark names are of the form <fs>#<bmark>.
3529 3499 * All bookmarks must be in the same pool.
3530 3500 *
3531 3501 * innvl: {
3532 3502 * bookmark1 -> snapshot1, bookmark2 -> snapshot2
3533 3503 * }
3534 3504 *
3535 3505 * outnvl: bookmark -> error code (int32)
3536 3506 *
3537 3507 */
3538 3508 /* ARGSUSED */
3539 3509 static int
3540 3510 zfs_ioc_bookmark(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3541 3511 {
3542 3512 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3543 3513 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3544 3514 char *snap_name;
3545 3515
3546 3516 /*
3547 3517 * Verify the snapshot argument.
3548 3518 */
3549 3519 if (nvpair_value_string(pair, &snap_name) != 0)
3550 3520 return (SET_ERROR(EINVAL));
3551 3521
3552 3522
3553 3523 /* Verify that the keys (bookmarks) are unique */
3554 3524 for (nvpair_t *pair2 = nvlist_next_nvpair(innvl, pair);
3555 3525 pair2 != NULL; pair2 = nvlist_next_nvpair(innvl, pair2)) {
3556 3526 if (strcmp(nvpair_name(pair), nvpair_name(pair2)) == 0)
3557 3527 return (SET_ERROR(EINVAL));
3558 3528 }
3559 3529 }
3560 3530
3561 3531 return (dsl_bookmark_create(innvl, outnvl));
3562 3532 }
3563 3533
3564 3534 /*
3565 3535 * innvl: {
3566 3536 * property 1, property 2, ...
3567 3537 * }
3568 3538 *
3569 3539 * outnvl: {
3570 3540 * bookmark name 1 -> { property 1, property 2, ... },
3571 3541 * bookmark name 2 -> { property 1, property 2, ... }
3572 3542 * }
3573 3543 *
3574 3544 */
3575 3545 static int
3576 3546 zfs_ioc_get_bookmarks(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3577 3547 {
3578 3548 return (dsl_get_bookmarks(fsname, innvl, outnvl));
3579 3549 }
3580 3550
3581 3551 /*
3582 3552 * innvl: {
3583 3553 * bookmark name 1, bookmark name 2
3584 3554 * }
3585 3555 *
3586 3556 * outnvl: bookmark -> error code (int32)
3587 3557 *
3588 3558 */
3589 3559 static int
3590 3560 zfs_ioc_destroy_bookmarks(const char *poolname, nvlist_t *innvl,
3591 3561 nvlist_t *outnvl)
3592 3562 {
3593 3563 int error, poollen;
3594 3564
3595 3565 poollen = strlen(poolname);
3596 3566 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
3597 3567 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3598 3568 const char *name = nvpair_name(pair);
3599 3569 const char *cp = strchr(name, '#');
3600 3570
3601 3571 /*
3602 3572 * The bookmark name must contain an #, and the part after it
3603 3573 * must contain only valid characters.
3604 3574 */
3605 3575 if (cp == NULL ||
3606 3576 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3607 3577 return (SET_ERROR(EINVAL));
3608 3578
3609 3579 /*
3610 3580 * The bookmark must be in the specified pool.
3611 3581 */
3612 3582 if (strncmp(name, poolname, poollen) != 0 ||
3613 3583 (name[poollen] != '/' && name[poollen] != '#'))
3614 3584 return (SET_ERROR(EXDEV));
3615 3585 }
3616 3586
3617 3587 error = dsl_bookmark_destroy(innvl, outnvl);
3618 3588 return (error);
3619 3589 }
3620 3590
3621 3591 /*
3622 3592 * inputs:
3623 3593 * zc_name name of dataset to destroy
3624 3594 * zc_objset_type type of objset
3625 3595 * zc_defer_destroy mark for deferred destroy
3626 3596 *
3627 3597 * outputs: none
3628 3598 */
3629 3599 static int
3630 3600 zfs_ioc_destroy(zfs_cmd_t *zc)
3631 3601 {
3632 3602 int err;
3633 3603
3634 3604 if (zc->zc_objset_type == DMU_OST_ZFS) {
3635 3605 err = zfs_unmount_snap(zc->zc_name);
3636 3606 if (err != 0)
3637 3607 return (err);
3638 3608 }
3639 3609
3640 3610 if (strchr(zc->zc_name, '@'))
3641 3611 err = dsl_destroy_snapshot(zc->zc_name, zc->zc_defer_destroy);
3642 3612 else
3643 3613 err = dsl_destroy_head(zc->zc_name);
3644 3614 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3645 3615 (void) zvol_remove_minor(zc->zc_name);
3646 3616 return (err);
3647 3617 }
3648 3618
3649 3619 /*
3650 3620 * fsname is name of dataset to rollback (to most recent snapshot)
3651 3621 *
3652 3622 * innvl is not used.
3653 3623 *
3654 3624 * outnvl: "target" -> name of most recent snapshot
3655 3625 * }
3656 3626 */
3657 3627 /* ARGSUSED */
3658 3628 static int
3659 3629 zfs_ioc_rollback(const char *fsname, nvlist_t *args, nvlist_t *outnvl)
3660 3630 {
3661 3631 zfsvfs_t *zfsvfs;
3662 3632 int error;
3663 3633
3664 3634 if (getzfsvfs(fsname, &zfsvfs) == 0) {
3665 3635 error = zfs_suspend_fs(zfsvfs);
3666 3636 if (error == 0) {
3667 3637 int resume_err;
3668 3638
3669 3639 error = dsl_dataset_rollback(fsname, zfsvfs, outnvl);
3670 3640 resume_err = zfs_resume_fs(zfsvfs, fsname);
3671 3641 error = error ? error : resume_err;
3672 3642 }
3673 3643 VFS_RELE(zfsvfs->z_vfs);
3674 3644 } else {
3675 3645 error = dsl_dataset_rollback(fsname, NULL, outnvl);
3676 3646 }
3677 3647 return (error);
3678 3648 }
3679 3649
3680 3650 static int
3681 3651 recursive_unmount(const char *fsname, void *arg)
3682 3652 {
3683 3653 const char *snapname = arg;
3684 3654 char fullname[MAXNAMELEN];
3685 3655
3686 3656 (void) snprintf(fullname, sizeof (fullname), "%s@%s", fsname, snapname);
3687 3657 return (zfs_unmount_snap(fullname));
3688 3658 }
3689 3659
3690 3660 /*
3691 3661 * inputs:
3692 3662 * zc_name old name of dataset
3693 3663 * zc_value new name of dataset
3694 3664 * zc_cookie recursive flag (only valid for snapshots)
3695 3665 *
3696 3666 * outputs: none
3697 3667 */
3698 3668 static int
3699 3669 zfs_ioc_rename(zfs_cmd_t *zc)
3700 3670 {
3701 3671 boolean_t recursive = zc->zc_cookie & 1;
3702 3672 char *at;
3703 3673
3704 3674 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3705 3675 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3706 3676 strchr(zc->zc_value, '%'))
3707 3677 return (SET_ERROR(EINVAL));
3708 3678
3709 3679 at = strchr(zc->zc_name, '@');
3710 3680 if (at != NULL) {
3711 3681 /* snaps must be in same fs */
3712 3682 int error;
3713 3683
3714 3684 if (strncmp(zc->zc_name, zc->zc_value, at - zc->zc_name + 1))
3715 3685 return (SET_ERROR(EXDEV));
3716 3686 *at = '\0';
3717 3687 if (zc->zc_objset_type == DMU_OST_ZFS) {
3718 3688 error = dmu_objset_find(zc->zc_name,
3719 3689 recursive_unmount, at + 1,
3720 3690 recursive ? DS_FIND_CHILDREN : 0);
3721 3691 if (error != 0) {
3722 3692 *at = '@';
3723 3693 return (error);
3724 3694 }
3725 3695 }
3726 3696 error = dsl_dataset_rename_snapshot(zc->zc_name,
3727 3697 at + 1, strchr(zc->zc_value, '@') + 1, recursive);
3728 3698 *at = '@';
3729 3699
3730 3700 return (error);
3731 3701 } else {
3732 3702 if (zc->zc_objset_type == DMU_OST_ZVOL)
3733 3703 (void) zvol_remove_minor(zc->zc_name);
3734 3704 return (dsl_dir_rename(zc->zc_name, zc->zc_value));
3735 3705 }
3736 3706 }
3737 3707
3738 3708 static int
3739 3709 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3740 3710 {
3741 3711 const char *propname = nvpair_name(pair);
3742 3712 boolean_t issnap = (strchr(dsname, '@') != NULL);
3743 3713 zfs_prop_t prop = zfs_name_to_prop(propname);
3744 3714 uint64_t intval;
3745 3715 int err;
3746 3716
3747 3717 if (prop == ZPROP_INVAL) {
3748 3718 if (zfs_prop_user(propname)) {
3749 3719 if (err = zfs_secpolicy_write_perms(dsname,
3750 3720 ZFS_DELEG_PERM_USERPROP, cr))
3751 3721 return (err);
3752 3722 return (0);
3753 3723 }
3754 3724
3755 3725 if (!issnap && zfs_prop_userquota(propname)) {
3756 3726 const char *perm = NULL;
3757 3727 const char *uq_prefix =
3758 3728 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3759 3729 const char *gq_prefix =
3760 3730 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3761 3731
3762 3732 if (strncmp(propname, uq_prefix,
3763 3733 strlen(uq_prefix)) == 0) {
3764 3734 perm = ZFS_DELEG_PERM_USERQUOTA;
3765 3735 } else if (strncmp(propname, gq_prefix,
3766 3736 strlen(gq_prefix)) == 0) {
3767 3737 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3768 3738 } else {
3769 3739 /* USERUSED and GROUPUSED are read-only */
3770 3740 return (SET_ERROR(EINVAL));
3771 3741 }
3772 3742
3773 3743 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3774 3744 return (err);
3775 3745 return (0);
3776 3746 }
3777 3747
3778 3748 return (SET_ERROR(EINVAL));
3779 3749 }
3780 3750
3781 3751 if (issnap)
3782 3752 return (SET_ERROR(EINVAL));
3783 3753
3784 3754 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3785 3755 /*
3786 3756 * dsl_prop_get_all_impl() returns properties in this
3787 3757 * format.
3788 3758 */
3789 3759 nvlist_t *attrs;
3790 3760 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3791 3761 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3792 3762 &pair) == 0);
3793 3763 }
3794 3764
3795 3765 /*
3796 3766 * Check that this value is valid for this pool version
3797 3767 */
3798 3768 switch (prop) {
3799 3769 case ZFS_PROP_COMPRESSION:
3800 3770 /*
3801 3771 * If the user specified gzip compression, make sure
3802 3772 * the SPA supports it. We ignore any errors here since
3803 3773 * we'll catch them later.
3804 3774 */
3805 3775 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3806 3776 nvpair_value_uint64(pair, &intval) == 0) {
3807 3777 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3808 3778 intval <= ZIO_COMPRESS_GZIP_9 &&
3809 3779 zfs_earlier_version(dsname,
3810 3780 SPA_VERSION_GZIP_COMPRESSION)) {
3811 3781 return (SET_ERROR(ENOTSUP));
3812 3782 }
3813 3783
3814 3784 if (intval == ZIO_COMPRESS_ZLE &&
3815 3785 zfs_earlier_version(dsname,
3816 3786 SPA_VERSION_ZLE_COMPRESSION))
3817 3787 return (SET_ERROR(ENOTSUP));
3818 3788
3819 3789 if (intval == ZIO_COMPRESS_LZ4) {
3820 3790 spa_t *spa;
3821 3791
3822 3792 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3823 3793 return (err);
3824 3794
3825 3795 if (!spa_feature_is_enabled(spa,
3826 3796 SPA_FEATURE_LZ4_COMPRESS)) {
3827 3797 spa_close(spa, FTAG);
3828 3798 return (SET_ERROR(ENOTSUP));
3829 3799 }
3830 3800 spa_close(spa, FTAG);
3831 3801 }
3832 3802
3833 3803 /*
3834 3804 * If this is a bootable dataset then
3835 3805 * verify that the compression algorithm
3836 3806 * is supported for booting. We must return
3837 3807 * something other than ENOTSUP since it
3838 3808 * implies a downrev pool version.
3839 3809 */
3840 3810 if (zfs_is_bootfs(dsname) &&
3841 3811 !BOOTFS_COMPRESS_VALID(intval)) {
3842 3812 return (SET_ERROR(ERANGE));
3843 3813 }
3844 3814 }
3845 3815 break;
3846 3816
3847 3817 case ZFS_PROP_COPIES:
3848 3818 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3849 3819 return (SET_ERROR(ENOTSUP));
3850 3820 break;
3851 3821
3852 3822 case ZFS_PROP_DEDUP:
3853 3823 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3854 3824 return (SET_ERROR(ENOTSUP));
3855 3825 break;
3856 3826
3857 3827 case ZFS_PROP_SHARESMB:
3858 3828 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3859 3829 return (SET_ERROR(ENOTSUP));
3860 3830 break;
3861 3831
3862 3832 case ZFS_PROP_ACLINHERIT:
3863 3833 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3864 3834 nvpair_value_uint64(pair, &intval) == 0) {
3865 3835 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3866 3836 zfs_earlier_version(dsname,
3867 3837 SPA_VERSION_PASSTHROUGH_X))
3868 3838 return (SET_ERROR(ENOTSUP));
3869 3839 }
3870 3840 break;
3871 3841 }
3872 3842
3873 3843 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3874 3844 }
3875 3845
3876 3846 /*
3877 3847 * Checks for a race condition to make sure we don't increment a feature flag
3878 3848 * multiple times.
3879 3849 */
3880 3850 static int
3881 3851 zfs_prop_activate_feature_check(void *arg, dmu_tx_t *tx)
3882 3852 {
3883 3853 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3884 3854 spa_feature_t *featurep = arg;
3885 3855
3886 3856 if (!spa_feature_is_active(spa, *featurep))
3887 3857 return (0);
3888 3858 else
3889 3859 return (SET_ERROR(EBUSY));
3890 3860 }
3891 3861
3892 3862 /*
3893 3863 * The callback invoked on feature activation in the sync task caused by
3894 3864 * zfs_prop_activate_feature.
3895 3865 */
3896 3866 static void
3897 3867 zfs_prop_activate_feature_sync(void *arg, dmu_tx_t *tx)
3898 3868 {
3899 3869 spa_t *spa = dmu_tx_pool(tx)->dp_spa;
3900 3870 spa_feature_t *featurep = arg;
3901 3871
3902 3872 spa_feature_incr(spa, *featurep, tx);
3903 3873 }
3904 3874
3905 3875 /*
3906 3876 * Activates a feature on a pool in response to a property setting. This
3907 3877 * creates a new sync task which modifies the pool to reflect the feature
3908 3878 * as being active.
3909 3879 */
3910 3880 static int
3911 3881 zfs_prop_activate_feature(spa_t *spa, spa_feature_t feature)
3912 3882 {
3913 3883 int err;
3914 3884
3915 3885 /* EBUSY here indicates that the feature is already active */
3916 3886 err = dsl_sync_task(spa_name(spa),
3917 3887 zfs_prop_activate_feature_check, zfs_prop_activate_feature_sync,
3918 3888 &feature, 2);
3919 3889
3920 3890 if (err != 0 && err != EBUSY)
3921 3891 return (err);
3922 3892 else
3923 3893 return (0);
3924 3894 }
3925 3895
3926 3896 /*
3927 3897 * Removes properties from the given props list that fail permission checks
3928 3898 * needed to clear them and to restore them in case of a receive error. For each
3929 3899 * property, make sure we have both set and inherit permissions.
3930 3900 *
3931 3901 * Returns the first error encountered if any permission checks fail. If the
3932 3902 * caller provides a non-NULL errlist, it also gives the complete list of names
3933 3903 * of all the properties that failed a permission check along with the
3934 3904 * corresponding error numbers. The caller is responsible for freeing the
3935 3905 * returned errlist.
3936 3906 *
3937 3907 * If every property checks out successfully, zero is returned and the list
3938 3908 * pointed at by errlist is NULL.
3939 3909 */
3940 3910 static int
3941 3911 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3942 3912 {
3943 3913 zfs_cmd_t *zc;
3944 3914 nvpair_t *pair, *next_pair;
3945 3915 nvlist_t *errors;
3946 3916 int err, rv = 0;
3947 3917
3948 3918 if (props == NULL)
3949 3919 return (0);
3950 3920
3951 3921 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3952 3922
3953 3923 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3954 3924 (void) strcpy(zc->zc_name, dataset);
3955 3925 pair = nvlist_next_nvpair(props, NULL);
3956 3926 while (pair != NULL) {
3957 3927 next_pair = nvlist_next_nvpair(props, pair);
3958 3928
3959 3929 (void) strcpy(zc->zc_value, nvpair_name(pair));
3960 3930 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3961 3931 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
3962 3932 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3963 3933 VERIFY(nvlist_add_int32(errors,
3964 3934 zc->zc_value, err) == 0);
3965 3935 }
3966 3936 pair = next_pair;
3967 3937 }
3968 3938 kmem_free(zc, sizeof (zfs_cmd_t));
3969 3939
3970 3940 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3971 3941 nvlist_free(errors);
3972 3942 errors = NULL;
3973 3943 } else {
3974 3944 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3975 3945 }
3976 3946
3977 3947 if (errlist == NULL)
3978 3948 nvlist_free(errors);
3979 3949 else
3980 3950 *errlist = errors;
3981 3951
3982 3952 return (rv);
3983 3953 }
3984 3954
3985 3955 static boolean_t
3986 3956 propval_equals(nvpair_t *p1, nvpair_t *p2)
3987 3957 {
3988 3958 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3989 3959 /* dsl_prop_get_all_impl() format */
3990 3960 nvlist_t *attrs;
3991 3961 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3992 3962 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3993 3963 &p1) == 0);
3994 3964 }
3995 3965
3996 3966 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
3997 3967 nvlist_t *attrs;
3998 3968 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
3999 3969 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4000 3970 &p2) == 0);
4001 3971 }
4002 3972
4003 3973 if (nvpair_type(p1) != nvpair_type(p2))
4004 3974 return (B_FALSE);
4005 3975
4006 3976 if (nvpair_type(p1) == DATA_TYPE_STRING) {
4007 3977 char *valstr1, *valstr2;
4008 3978
4009 3979 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
4010 3980 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
4011 3981 return (strcmp(valstr1, valstr2) == 0);
4012 3982 } else {
4013 3983 uint64_t intval1, intval2;
4014 3984
4015 3985 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
4016 3986 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
4017 3987 return (intval1 == intval2);
4018 3988 }
4019 3989 }
4020 3990
4021 3991 /*
4022 3992 * Remove properties from props if they are not going to change (as determined
4023 3993 * by comparison with origprops). Remove them from origprops as well, since we
4024 3994 * do not need to clear or restore properties that won't change.
4025 3995 */
4026 3996 static void
4027 3997 props_reduce(nvlist_t *props, nvlist_t *origprops)
4028 3998 {
4029 3999 nvpair_t *pair, *next_pair;
4030 4000
4031 4001 if (origprops == NULL)
4032 4002 return; /* all props need to be received */
4033 4003
4034 4004 pair = nvlist_next_nvpair(props, NULL);
4035 4005 while (pair != NULL) {
4036 4006 const char *propname = nvpair_name(pair);
4037 4007 nvpair_t *match;
4038 4008
4039 4009 next_pair = nvlist_next_nvpair(props, pair);
4040 4010
4041 4011 if ((nvlist_lookup_nvpair(origprops, propname,
4042 4012 &match) != 0) || !propval_equals(pair, match))
4043 4013 goto next; /* need to set received value */
4044 4014
4045 4015 /* don't clear the existing received value */
4046 4016 (void) nvlist_remove_nvpair(origprops, match);
4047 4017 /* don't bother receiving the property */
4048 4018 (void) nvlist_remove_nvpair(props, pair);
4049 4019 next:
4050 4020 pair = next_pair;
4051 4021 }
4052 4022 }
4053 4023
4054 4024 #ifdef DEBUG
4055 4025 static boolean_t zfs_ioc_recv_inject_err;
4056 4026 #endif
4057 4027
4058 4028 /*
4059 4029 * inputs:
4060 4030 * zc_name name of containing filesystem
4061 4031 * zc_nvlist_src{_size} nvlist of properties to apply
4062 4032 * zc_value name of snapshot to create
4063 4033 * zc_string name of clone origin (if DRR_FLAG_CLONE)
4064 4034 * zc_cookie file descriptor to recv from
4065 4035 * zc_begin_record the BEGIN record of the stream (not byteswapped)
4066 4036 * zc_guid force flag
4067 4037 * zc_cleanup_fd cleanup-on-exit file descriptor
4068 4038 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
4069 4039 *
4070 4040 * outputs:
4071 4041 * zc_cookie number of bytes read
4072 4042 * zc_nvlist_dst{_size} error for each unapplied received property
4073 4043 * zc_obj zprop_errflags_t
4074 4044 * zc_action_handle handle for this guid/ds mapping
4075 4045 */
4076 4046 static int
4077 4047 zfs_ioc_recv(zfs_cmd_t *zc)
4078 4048 {
4079 4049 file_t *fp;
4080 4050 dmu_recv_cookie_t drc;
4081 4051 boolean_t force = (boolean_t)zc->zc_guid;
4082 4052 int fd;
4083 4053 int error = 0;
4084 4054 int props_error = 0;
4085 4055 nvlist_t *errors;
4086 4056 offset_t off;
4087 4057 nvlist_t *props = NULL; /* sent properties */
4088 4058 nvlist_t *origprops = NULL; /* existing properties */
4089 4059 char *origin = NULL;
4090 4060 char *tosnap;
4091 4061 char tofs[ZFS_MAXNAMELEN];
4092 4062 boolean_t first_recvd_props = B_FALSE;
4093 4063
4094 4064 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
4095 4065 strchr(zc->zc_value, '@') == NULL ||
4096 4066 strchr(zc->zc_value, '%'))
4097 4067 return (SET_ERROR(EINVAL));
4098 4068
4099 4069 (void) strcpy(tofs, zc->zc_value);
4100 4070 tosnap = strchr(tofs, '@');
4101 4071 *tosnap++ = '\0';
4102 4072
4103 4073 if (zc->zc_nvlist_src != NULL &&
4104 4074 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
4105 4075 zc->zc_iflags, &props)) != 0)
4106 4076 return (error);
4107 4077
4108 4078 fd = zc->zc_cookie;
4109 4079 fp = getf(fd);
4110 4080 if (fp == NULL) {
4111 4081 nvlist_free(props);
4112 4082 return (SET_ERROR(EBADF));
4113 4083 }
4114 4084
4115 4085 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4116 4086
4117 4087 if (zc->zc_string[0])
4118 4088 origin = zc->zc_string;
4119 4089
4120 4090 error = dmu_recv_begin(tofs, tosnap,
4121 4091 &zc->zc_begin_record, force, origin, &drc);
4122 4092 if (error != 0)
4123 4093 goto out;
4124 4094
4125 4095 /*
4126 4096 * Set properties before we receive the stream so that they are applied
4127 4097 * to the new data. Note that we must call dmu_recv_stream() if
4128 4098 * dmu_recv_begin() succeeds.
4129 4099 */
4130 4100 if (props != NULL && !drc.drc_newfs) {
4131 4101 if (spa_version(dsl_dataset_get_spa(drc.drc_ds)) >=
4132 4102 SPA_VERSION_RECVD_PROPS &&
4133 4103 !dsl_prop_get_hasrecvd(tofs))
4134 4104 first_recvd_props = B_TRUE;
4135 4105
4136 4106 /*
4137 4107 * If new received properties are supplied, they are to
4138 4108 * completely replace the existing received properties, so stash
4139 4109 * away the existing ones.
4140 4110 */
4141 4111 if (dsl_prop_get_received(tofs, &origprops) == 0) {
4142 4112 nvlist_t *errlist = NULL;
4143 4113 /*
4144 4114 * Don't bother writing a property if its value won't
4145 4115 * change (and avoid the unnecessary security checks).
4146 4116 *
4147 4117 * The first receive after SPA_VERSION_RECVD_PROPS is a
4148 4118 * special case where we blow away all local properties
4149 4119 * regardless.
4150 4120 */
4151 4121 if (!first_recvd_props)
4152 4122 props_reduce(props, origprops);
4153 4123 if (zfs_check_clearable(tofs, origprops, &errlist) != 0)
4154 4124 (void) nvlist_merge(errors, errlist, 0);
4155 4125 nvlist_free(errlist);
4156 4126
4157 4127 if (clear_received_props(tofs, origprops,
4158 4128 first_recvd_props ? NULL : props) != 0)
4159 4129 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4160 4130 } else {
4161 4131 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4162 4132 }
4163 4133 }
4164 4134
4165 4135 if (props != NULL) {
4166 4136 props_error = dsl_prop_set_hasrecvd(tofs);
4167 4137
4168 4138 if (props_error == 0) {
4169 4139 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4170 4140 props, errors);
4171 4141 }
4172 4142 }
4173 4143
4174 4144 if (zc->zc_nvlist_dst_size != 0 &&
4175 4145 (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4176 4146 put_nvlist(zc, errors) != 0)) {
4177 4147 /*
4178 4148 * Caller made zc->zc_nvlist_dst less than the minimum expected
4179 4149 * size or supplied an invalid address.
4180 4150 */
4181 4151 props_error = SET_ERROR(EINVAL);
4182 4152 }
4183 4153
4184 4154 off = fp->f_offset;
4185 4155 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
4186 4156 &zc->zc_action_handle);
4187 4157
4188 4158 if (error == 0) {
4189 4159 zfsvfs_t *zfsvfs = NULL;
4190 4160
4191 4161 if (getzfsvfs(tofs, &zfsvfs) == 0) {
4192 4162 /* online recv */
4193 4163 int end_err;
4194 4164
4195 4165 error = zfs_suspend_fs(zfsvfs);
4196 4166 /*
4197 4167 * If the suspend fails, then the recv_end will
4198 4168 * likely also fail, and clean up after itself.
4199 4169 */
4200 4170 end_err = dmu_recv_end(&drc, zfsvfs);
4201 4171 if (error == 0)
4202 4172 error = zfs_resume_fs(zfsvfs, tofs);
4203 4173 error = error ? error : end_err;
4204 4174 VFS_RELE(zfsvfs->z_vfs);
4205 4175 } else {
4206 4176 error = dmu_recv_end(&drc, NULL);
4207 4177 }
4208 4178 }
4209 4179
4210 4180 zc->zc_cookie = off - fp->f_offset;
4211 4181 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4212 4182 fp->f_offset = off;
4213 4183
4214 4184 #ifdef DEBUG
4215 4185 if (zfs_ioc_recv_inject_err) {
4216 4186 zfs_ioc_recv_inject_err = B_FALSE;
4217 4187 error = 1;
4218 4188 }
4219 4189 #endif
4220 4190 /*
4221 4191 * On error, restore the original props.
4222 4192 */
4223 4193 if (error != 0 && props != NULL && !drc.drc_newfs) {
4224 4194 if (clear_received_props(tofs, props, NULL) != 0) {
4225 4195 /*
4226 4196 * We failed to clear the received properties.
4227 4197 * Since we may have left a $recvd value on the
4228 4198 * system, we can't clear the $hasrecvd flag.
4229 4199 */
4230 4200 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4231 4201 } else if (first_recvd_props) {
4232 4202 dsl_prop_unset_hasrecvd(tofs);
4233 4203 }
4234 4204
4235 4205 if (origprops == NULL && !drc.drc_newfs) {
4236 4206 /* We failed to stash the original properties. */
4237 4207 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4238 4208 }
4239 4209
4240 4210 /*
4241 4211 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4242 4212 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4243 4213 * explictly if we're restoring local properties cleared in the
4244 4214 * first new-style receive.
4245 4215 */
4246 4216 if (origprops != NULL &&
4247 4217 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4248 4218 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
4249 4219 origprops, NULL) != 0) {
4250 4220 /*
4251 4221 * We stashed the original properties but failed to
4252 4222 * restore them.
4253 4223 */
4254 4224 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4255 4225 }
4256 4226 }
4257 4227 out:
4258 4228 nvlist_free(props);
4259 4229 nvlist_free(origprops);
4260 4230 nvlist_free(errors);
4261 4231 releasef(fd);
4262 4232
4263 4233 if (error == 0)
4264 4234 error = props_error;
4265 4235
4266 4236 return (error);
4267 4237 }
4268 4238
4269 4239 /*
4270 4240 * inputs:
4271 4241 * zc_name name of snapshot to send
4272 4242 * zc_cookie file descriptor to send stream to
4273 4243 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4274 4244 * zc_sendobj objsetid of snapshot to send
4275 4245 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4276 4246 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4277 4247 * output size in zc_objset_type.
4278 4248 *
4279 4249 * outputs:
4280 4250 * zc_objset_type estimated size, if zc_guid is set
4281 4251 */
4282 4252 static int
4283 4253 zfs_ioc_send(zfs_cmd_t *zc)
4284 4254 {
4285 4255 int error;
4286 4256 offset_t off;
4287 4257 boolean_t estimate = (zc->zc_guid != 0);
4288 4258
4289 4259 if (zc->zc_obj != 0) {
4290 4260 dsl_pool_t *dp;
4291 4261 dsl_dataset_t *tosnap;
4292 4262
4293 4263 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4294 4264 if (error != 0)
4295 4265 return (error);
4296 4266
4297 4267 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4298 4268 if (error != 0) {
4299 4269 dsl_pool_rele(dp, FTAG);
4300 4270 return (error);
4301 4271 }
4302 4272
4303 4273 if (dsl_dir_is_clone(tosnap->ds_dir))
4304 4274 zc->zc_fromobj = tosnap->ds_dir->dd_phys->dd_origin_obj;
4305 4275 dsl_dataset_rele(tosnap, FTAG);
4306 4276 dsl_pool_rele(dp, FTAG);
4307 4277 }
4308 4278
4309 4279 if (estimate) {
4310 4280 dsl_pool_t *dp;
4311 4281 dsl_dataset_t *tosnap;
4312 4282 dsl_dataset_t *fromsnap = NULL;
4313 4283
4314 4284 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4315 4285 if (error != 0)
4316 4286 return (error);
4317 4287
4318 4288 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
4319 4289 if (error != 0) {
4320 4290 dsl_pool_rele(dp, FTAG);
4321 4291 return (error);
4322 4292 }
4323 4293
4324 4294 if (zc->zc_fromobj != 0) {
4325 4295 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj,
4326 4296 FTAG, &fromsnap);
4327 4297 if (error != 0) {
4328 4298 dsl_dataset_rele(tosnap, FTAG);
4329 4299 dsl_pool_rele(dp, FTAG);
4330 4300 return (error);
4331 4301 }
4332 4302 }
4333 4303
4334 4304 error = dmu_send_estimate(tosnap, fromsnap,
4335 4305 &zc->zc_objset_type);
4336 4306
4337 4307 if (fromsnap != NULL)
4338 4308 dsl_dataset_rele(fromsnap, FTAG);
4339 4309 dsl_dataset_rele(tosnap, FTAG);
4340 4310 dsl_pool_rele(dp, FTAG);
4341 4311 } else {
4342 4312 file_t *fp = getf(zc->zc_cookie);
4343 4313 if (fp == NULL)
4344 4314 return (SET_ERROR(EBADF));
4345 4315
4346 4316 off = fp->f_offset;
4347 4317 error = dmu_send_obj(zc->zc_name, zc->zc_sendobj,
4348 4318 zc->zc_fromobj, zc->zc_cookie, fp->f_vnode, &off);
4349 4319
4350 4320 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4351 4321 fp->f_offset = off;
4352 4322 releasef(zc->zc_cookie);
4353 4323 }
4354 4324 return (error);
4355 4325 }
4356 4326
4357 4327 /*
4358 4328 * inputs:
4359 4329 * zc_name name of snapshot on which to report progress
4360 4330 * zc_cookie file descriptor of send stream
4361 4331 *
4362 4332 * outputs:
4363 4333 * zc_cookie number of bytes written in send stream thus far
4364 4334 */
4365 4335 static int
4366 4336 zfs_ioc_send_progress(zfs_cmd_t *zc)
4367 4337 {
4368 4338 dsl_pool_t *dp;
4369 4339 dsl_dataset_t *ds;
4370 4340 dmu_sendarg_t *dsp = NULL;
4371 4341 int error;
4372 4342
4373 4343 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
4374 4344 if (error != 0)
4375 4345 return (error);
4376 4346
4377 4347 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &ds);
4378 4348 if (error != 0) {
4379 4349 dsl_pool_rele(dp, FTAG);
4380 4350 return (error);
4381 4351 }
4382 4352
4383 4353 mutex_enter(&ds->ds_sendstream_lock);
4384 4354
4385 4355 /*
4386 4356 * Iterate over all the send streams currently active on this dataset.
4387 4357 * If there's one which matches the specified file descriptor _and_ the
4388 4358 * stream was started by the current process, return the progress of
4389 4359 * that stream.
4390 4360 */
4391 4361 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4392 4362 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4393 4363 if (dsp->dsa_outfd == zc->zc_cookie &&
4394 4364 dsp->dsa_proc == curproc)
4395 4365 break;
4396 4366 }
4397 4367
4398 4368 if (dsp != NULL)
4399 4369 zc->zc_cookie = *(dsp->dsa_off);
4400 4370 else
4401 4371 error = SET_ERROR(ENOENT);
4402 4372
4403 4373 mutex_exit(&ds->ds_sendstream_lock);
4404 4374 dsl_dataset_rele(ds, FTAG);
4405 4375 dsl_pool_rele(dp, FTAG);
4406 4376 return (error);
4407 4377 }
4408 4378
4409 4379 static int
4410 4380 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4411 4381 {
4412 4382 int id, error;
4413 4383
4414 4384 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4415 4385 &zc->zc_inject_record);
4416 4386
4417 4387 if (error == 0)
4418 4388 zc->zc_guid = (uint64_t)id;
4419 4389
4420 4390 return (error);
4421 4391 }
4422 4392
4423 4393 static int
4424 4394 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4425 4395 {
4426 4396 return (zio_clear_fault((int)zc->zc_guid));
4427 4397 }
4428 4398
4429 4399 static int
4430 4400 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4431 4401 {
4432 4402 int id = (int)zc->zc_guid;
4433 4403 int error;
4434 4404
4435 4405 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4436 4406 &zc->zc_inject_record);
4437 4407
4438 4408 zc->zc_guid = id;
4439 4409
4440 4410 return (error);
4441 4411 }
4442 4412
4443 4413 static int
4444 4414 zfs_ioc_error_log(zfs_cmd_t *zc)
4445 4415 {
4446 4416 spa_t *spa;
4447 4417 int error;
4448 4418 size_t count = (size_t)zc->zc_nvlist_dst_size;
4449 4419
4450 4420 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4451 4421 return (error);
4452 4422
4453 4423 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4454 4424 &count);
4455 4425 if (error == 0)
4456 4426 zc->zc_nvlist_dst_size = count;
4457 4427 else
4458 4428 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4459 4429
4460 4430 spa_close(spa, FTAG);
4461 4431
4462 4432 return (error);
4463 4433 }
4464 4434
4465 4435 static int
4466 4436 zfs_ioc_clear(zfs_cmd_t *zc)
4467 4437 {
4468 4438 spa_t *spa;
4469 4439 vdev_t *vd;
4470 4440 int error;
4471 4441
4472 4442 /*
4473 4443 * On zpool clear we also fix up missing slogs
4474 4444 */
4475 4445 mutex_enter(&spa_namespace_lock);
4476 4446 spa = spa_lookup(zc->zc_name);
4477 4447 if (spa == NULL) {
4478 4448 mutex_exit(&spa_namespace_lock);
4479 4449 return (SET_ERROR(EIO));
4480 4450 }
4481 4451 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4482 4452 /* we need to let spa_open/spa_load clear the chains */
4483 4453 spa_set_log_state(spa, SPA_LOG_CLEAR);
4484 4454 }
4485 4455 spa->spa_last_open_failed = 0;
4486 4456 mutex_exit(&spa_namespace_lock);
4487 4457
4488 4458 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4489 4459 error = spa_open(zc->zc_name, &spa, FTAG);
4490 4460 } else {
4491 4461 nvlist_t *policy;
4492 4462 nvlist_t *config = NULL;
4493 4463
4494 4464 if (zc->zc_nvlist_src == NULL)
4495 4465 return (SET_ERROR(EINVAL));
4496 4466
4497 4467 if ((error = get_nvlist(zc->zc_nvlist_src,
4498 4468 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4499 4469 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4500 4470 policy, &config);
4501 4471 if (config != NULL) {
4502 4472 int err;
4503 4473
4504 4474 if ((err = put_nvlist(zc, config)) != 0)
4505 4475 error = err;
4506 4476 nvlist_free(config);
4507 4477 }
4508 4478 nvlist_free(policy);
4509 4479 }
4510 4480 }
4511 4481
4512 4482 if (error != 0)
4513 4483 return (error);
4514 4484
4515 4485 spa_vdev_state_enter(spa, SCL_NONE);
4516 4486
4517 4487 if (zc->zc_guid == 0) {
4518 4488 vd = NULL;
4519 4489 } else {
4520 4490 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4521 4491 if (vd == NULL) {
4522 4492 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4523 4493 spa_close(spa, FTAG);
4524 4494 return (SET_ERROR(ENODEV));
4525 4495 }
4526 4496 }
4527 4497
4528 4498 vdev_clear(spa, vd);
4529 4499
4530 4500 (void) spa_vdev_state_exit(spa, NULL, 0);
4531 4501
4532 4502 /*
4533 4503 * Resume any suspended I/Os.
4534 4504 */
4535 4505 if (zio_resume(spa) != 0)
4536 4506 error = SET_ERROR(EIO);
4537 4507
4538 4508 spa_close(spa, FTAG);
4539 4509
4540 4510 return (error);
4541 4511 }
4542 4512
4543 4513 static int
4544 4514 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4545 4515 {
4546 4516 spa_t *spa;
4547 4517 int error;
4548 4518
4549 4519 error = spa_open(zc->zc_name, &spa, FTAG);
4550 4520 if (error != 0)
4551 4521 return (error);
4552 4522
4553 4523 spa_vdev_state_enter(spa, SCL_NONE);
4554 4524
4555 4525 /*
4556 4526 * If a resilver is already in progress then set the
4557 4527 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4558 4528 * the scan as a side effect of the reopen. Otherwise, let
4559 4529 * vdev_open() decided if a resilver is required.
4560 4530 */
4561 4531 spa->spa_scrub_reopen = dsl_scan_resilvering(spa->spa_dsl_pool);
4562 4532 vdev_reopen(spa->spa_root_vdev);
4563 4533 spa->spa_scrub_reopen = B_FALSE;
4564 4534
4565 4535 (void) spa_vdev_state_exit(spa, NULL, 0);
4566 4536 spa_close(spa, FTAG);
4567 4537 return (0);
4568 4538 }
4569 4539 /*
4570 4540 * inputs:
4571 4541 * zc_name name of filesystem
4572 4542 * zc_value name of origin snapshot
4573 4543 *
4574 4544 * outputs:
4575 4545 * zc_string name of conflicting snapshot, if there is one
4576 4546 */
4577 4547 static int
4578 4548 zfs_ioc_promote(zfs_cmd_t *zc)
4579 4549 {
4580 4550 char *cp;
4581 4551
4582 4552 /*
4583 4553 * We don't need to unmount *all* the origin fs's snapshots, but
4584 4554 * it's easier.
4585 4555 */
4586 4556 cp = strchr(zc->zc_value, '@');
4587 4557 if (cp)
4588 4558 *cp = '\0';
4589 4559 (void) dmu_objset_find(zc->zc_value,
4590 4560 zfs_unmount_snap_cb, NULL, DS_FIND_SNAPSHOTS);
4591 4561 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4592 4562 }
4593 4563
4594 4564 /*
4595 4565 * Retrieve a single {user|group}{used|quota}@... property.
4596 4566 *
4597 4567 * inputs:
4598 4568 * zc_name name of filesystem
4599 4569 * zc_objset_type zfs_userquota_prop_t
4600 4570 * zc_value domain name (eg. "S-1-234-567-89")
4601 4571 * zc_guid RID/UID/GID
4602 4572 *
4603 4573 * outputs:
4604 4574 * zc_cookie property value
4605 4575 */
4606 4576 static int
4607 4577 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4608 4578 {
4609 4579 zfsvfs_t *zfsvfs;
4610 4580 int error;
4611 4581
4612 4582 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4613 4583 return (SET_ERROR(EINVAL));
4614 4584
4615 4585 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4616 4586 if (error != 0)
4617 4587 return (error);
4618 4588
4619 4589 error = zfs_userspace_one(zfsvfs,
4620 4590 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4621 4591 zfsvfs_rele(zfsvfs, FTAG);
4622 4592
4623 4593 return (error);
4624 4594 }
4625 4595
4626 4596 /*
4627 4597 * inputs:
4628 4598 * zc_name name of filesystem
4629 4599 * zc_cookie zap cursor
4630 4600 * zc_objset_type zfs_userquota_prop_t
4631 4601 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4632 4602 *
4633 4603 * outputs:
4634 4604 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4635 4605 * zc_cookie zap cursor
4636 4606 */
4637 4607 static int
4638 4608 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4639 4609 {
4640 4610 zfsvfs_t *zfsvfs;
4641 4611 int bufsize = zc->zc_nvlist_dst_size;
4642 4612
4643 4613 if (bufsize <= 0)
4644 4614 return (SET_ERROR(ENOMEM));
4645 4615
4646 4616 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4647 4617 if (error != 0)
4648 4618 return (error);
4649 4619
4650 4620 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4651 4621
4652 4622 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4653 4623 buf, &zc->zc_nvlist_dst_size);
4654 4624
4655 4625 if (error == 0) {
4656 4626 error = xcopyout(buf,
4657 4627 (void *)(uintptr_t)zc->zc_nvlist_dst,
4658 4628 zc->zc_nvlist_dst_size);
4659 4629 }
4660 4630 kmem_free(buf, bufsize);
4661 4631 zfsvfs_rele(zfsvfs, FTAG);
4662 4632
4663 4633 return (error);
4664 4634 }
4665 4635
4666 4636 /*
4667 4637 * inputs:
4668 4638 * zc_name name of filesystem
4669 4639 *
4670 4640 * outputs:
4671 4641 * none
4672 4642 */
4673 4643 static int
4674 4644 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4675 4645 {
4676 4646 objset_t *os;
4677 4647 int error = 0;
4678 4648 zfsvfs_t *zfsvfs;
4679 4649
4680 4650 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4681 4651 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4682 4652 /*
4683 4653 * If userused is not enabled, it may be because the
4684 4654 * objset needs to be closed & reopened (to grow the
4685 4655 * objset_phys_t). Suspend/resume the fs will do that.
4686 4656 */
4687 4657 error = zfs_suspend_fs(zfsvfs);
4688 4658 if (error == 0) {
4689 4659 dmu_objset_refresh_ownership(zfsvfs->z_os,
4690 4660 zfsvfs);
4691 4661 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4692 4662 }
4693 4663 }
4694 4664 if (error == 0)
4695 4665 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4696 4666 VFS_RELE(zfsvfs->z_vfs);
4697 4667 } else {
4698 4668 /* XXX kind of reading contents without owning */
4699 4669 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4700 4670 if (error != 0)
4701 4671 return (error);
4702 4672
4703 4673 error = dmu_objset_userspace_upgrade(os);
4704 4674 dmu_objset_rele(os, FTAG);
4705 4675 }
4706 4676
4707 4677 return (error);
4708 4678 }
4709 4679
4710 4680 /*
4711 4681 * We don't want to have a hard dependency
4712 4682 * against some special symbols in sharefs
4713 4683 * nfs, and smbsrv. Determine them if needed when
4714 4684 * the first file system is shared.
4715 4685 * Neither sharefs, nfs or smbsrv are unloadable modules.
4716 4686 */
4717 4687 int (*znfsexport_fs)(void *arg);
4718 4688 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4719 4689 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4720 4690
4721 4691 int zfs_nfsshare_inited;
4722 4692 int zfs_smbshare_inited;
4723 4693
4724 4694 ddi_modhandle_t nfs_mod;
4725 4695 ddi_modhandle_t sharefs_mod;
4726 4696 ddi_modhandle_t smbsrv_mod;
4727 4697 kmutex_t zfs_share_lock;
4728 4698
4729 4699 static int
4730 4700 zfs_init_sharefs()
4731 4701 {
4732 4702 int error;
4733 4703
4734 4704 ASSERT(MUTEX_HELD(&zfs_share_lock));
4735 4705 /* Both NFS and SMB shares also require sharetab support. */
4736 4706 if (sharefs_mod == NULL && ((sharefs_mod =
4737 4707 ddi_modopen("fs/sharefs",
4738 4708 KRTLD_MODE_FIRST, &error)) == NULL)) {
4739 4709 return (SET_ERROR(ENOSYS));
4740 4710 }
4741 4711 if (zshare_fs == NULL && ((zshare_fs =
4742 4712 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4743 4713 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4744 4714 return (SET_ERROR(ENOSYS));
4745 4715 }
4746 4716 return (0);
4747 4717 }
4748 4718
4749 4719 static int
4750 4720 zfs_ioc_share(zfs_cmd_t *zc)
4751 4721 {
4752 4722 int error;
4753 4723 int opcode;
4754 4724
4755 4725 switch (zc->zc_share.z_sharetype) {
4756 4726 case ZFS_SHARE_NFS:
4757 4727 case ZFS_UNSHARE_NFS:
4758 4728 if (zfs_nfsshare_inited == 0) {
4759 4729 mutex_enter(&zfs_share_lock);
4760 4730 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4761 4731 KRTLD_MODE_FIRST, &error)) == NULL)) {
4762 4732 mutex_exit(&zfs_share_lock);
4763 4733 return (SET_ERROR(ENOSYS));
4764 4734 }
4765 4735 if (znfsexport_fs == NULL &&
4766 4736 ((znfsexport_fs = (int (*)(void *))
4767 4737 ddi_modsym(nfs_mod,
4768 4738 "nfs_export", &error)) == NULL)) {
4769 4739 mutex_exit(&zfs_share_lock);
4770 4740 return (SET_ERROR(ENOSYS));
4771 4741 }
4772 4742 error = zfs_init_sharefs();
4773 4743 if (error != 0) {
4774 4744 mutex_exit(&zfs_share_lock);
4775 4745 return (SET_ERROR(ENOSYS));
4776 4746 }
4777 4747 zfs_nfsshare_inited = 1;
4778 4748 mutex_exit(&zfs_share_lock);
4779 4749 }
4780 4750 break;
4781 4751 case ZFS_SHARE_SMB:
4782 4752 case ZFS_UNSHARE_SMB:
4783 4753 if (zfs_smbshare_inited == 0) {
4784 4754 mutex_enter(&zfs_share_lock);
4785 4755 if (smbsrv_mod == NULL && ((smbsrv_mod =
4786 4756 ddi_modopen("drv/smbsrv",
4787 4757 KRTLD_MODE_FIRST, &error)) == NULL)) {
4788 4758 mutex_exit(&zfs_share_lock);
4789 4759 return (SET_ERROR(ENOSYS));
4790 4760 }
4791 4761 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4792 4762 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4793 4763 "smb_server_share", &error)) == NULL)) {
4794 4764 mutex_exit(&zfs_share_lock);
4795 4765 return (SET_ERROR(ENOSYS));
4796 4766 }
4797 4767 error = zfs_init_sharefs();
4798 4768 if (error != 0) {
4799 4769 mutex_exit(&zfs_share_lock);
4800 4770 return (SET_ERROR(ENOSYS));
4801 4771 }
4802 4772 zfs_smbshare_inited = 1;
4803 4773 mutex_exit(&zfs_share_lock);
4804 4774 }
4805 4775 break;
4806 4776 default:
4807 4777 return (SET_ERROR(EINVAL));
4808 4778 }
4809 4779
4810 4780 switch (zc->zc_share.z_sharetype) {
4811 4781 case ZFS_SHARE_NFS:
4812 4782 case ZFS_UNSHARE_NFS:
4813 4783 if (error =
4814 4784 znfsexport_fs((void *)
4815 4785 (uintptr_t)zc->zc_share.z_exportdata))
4816 4786 return (error);
4817 4787 break;
4818 4788 case ZFS_SHARE_SMB:
4819 4789 case ZFS_UNSHARE_SMB:
4820 4790 if (error = zsmbexport_fs((void *)
4821 4791 (uintptr_t)zc->zc_share.z_exportdata,
4822 4792 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4823 4793 B_TRUE: B_FALSE)) {
4824 4794 return (error);
4825 4795 }
4826 4796 break;
4827 4797 }
4828 4798
4829 4799 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4830 4800 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4831 4801 SHAREFS_ADD : SHAREFS_REMOVE;
4832 4802
4833 4803 /*
4834 4804 * Add or remove share from sharetab
4835 4805 */
4836 4806 error = zshare_fs(opcode,
4837 4807 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4838 4808 zc->zc_share.z_sharemax);
4839 4809
4840 4810 return (error);
4841 4811
4842 4812 }
4843 4813
4844 4814 ace_t full_access[] = {
4845 4815 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4846 4816 };
4847 4817
4848 4818 /*
4849 4819 * inputs:
4850 4820 * zc_name name of containing filesystem
4851 4821 * zc_obj object # beyond which we want next in-use object #
4852 4822 *
4853 4823 * outputs:
4854 4824 * zc_obj next in-use object #
4855 4825 */
4856 4826 static int
4857 4827 zfs_ioc_next_obj(zfs_cmd_t *zc)
4858 4828 {
4859 4829 objset_t *os = NULL;
4860 4830 int error;
4861 4831
4862 4832 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4863 4833 if (error != 0)
4864 4834 return (error);
4865 4835
4866 4836 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4867 4837 os->os_dsl_dataset->ds_phys->ds_prev_snap_txg);
4868 4838
4869 4839 dmu_objset_rele(os, FTAG);
4870 4840 return (error);
4871 4841 }
4872 4842
4873 4843 /*
4874 4844 * inputs:
4875 4845 * zc_name name of filesystem
4876 4846 * zc_value prefix name for snapshot
4877 4847 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4878 4848 *
4879 4849 * outputs:
4880 4850 * zc_value short name of new snapshot
4881 4851 */
4882 4852 static int
4883 4853 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4884 4854 {
4885 4855 char *snap_name;
4886 4856 char *hold_name;
4887 4857 int error;
4888 4858 minor_t minor;
4889 4859
4890 4860 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4891 4861 if (error != 0)
4892 4862 return (error);
4893 4863
4894 4864 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4895 4865 (u_longlong_t)ddi_get_lbolt64());
4896 4866 hold_name = kmem_asprintf("%%%s", zc->zc_value);
4897 4867
4898 4868 error = dsl_dataset_snapshot_tmp(zc->zc_name, snap_name, minor,
4899 4869 hold_name);
4900 4870 if (error == 0)
4901 4871 (void) strcpy(zc->zc_value, snap_name);
4902 4872 strfree(snap_name);
4903 4873 strfree(hold_name);
4904 4874 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4905 4875 return (error);
4906 4876 }
4907 4877
4908 4878 /*
4909 4879 * inputs:
4910 4880 * zc_name name of "to" snapshot
4911 4881 * zc_value name of "from" snapshot
4912 4882 * zc_cookie file descriptor to write diff data on
4913 4883 *
4914 4884 * outputs:
4915 4885 * dmu_diff_record_t's to the file descriptor
4916 4886 */
4917 4887 static int
4918 4888 zfs_ioc_diff(zfs_cmd_t *zc)
4919 4889 {
4920 4890 file_t *fp;
4921 4891 offset_t off;
4922 4892 int error;
4923 4893
4924 4894 fp = getf(zc->zc_cookie);
4925 4895 if (fp == NULL)
4926 4896 return (SET_ERROR(EBADF));
4927 4897
4928 4898 off = fp->f_offset;
4929 4899
4930 4900 error = dmu_diff(zc->zc_name, zc->zc_value, fp->f_vnode, &off);
4931 4901
4932 4902 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4933 4903 fp->f_offset = off;
4934 4904 releasef(zc->zc_cookie);
4935 4905
4936 4906 return (error);
4937 4907 }
4938 4908
4939 4909 /*
4940 4910 * Remove all ACL files in shares dir
4941 4911 */
4942 4912 static int
4943 4913 zfs_smb_acl_purge(znode_t *dzp)
4944 4914 {
4945 4915 zap_cursor_t zc;
4946 4916 zap_attribute_t zap;
4947 4917 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4948 4918 int error;
4949 4919
4950 4920 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4951 4921 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4952 4922 zap_cursor_advance(&zc)) {
4953 4923 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4954 4924 NULL, 0)) != 0)
4955 4925 break;
4956 4926 }
4957 4927 zap_cursor_fini(&zc);
4958 4928 return (error);
4959 4929 }
4960 4930
4961 4931 static int
4962 4932 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4963 4933 {
4964 4934 vnode_t *vp;
4965 4935 znode_t *dzp;
4966 4936 vnode_t *resourcevp = NULL;
4967 4937 znode_t *sharedir;
4968 4938 zfsvfs_t *zfsvfs;
4969 4939 nvlist_t *nvlist;
4970 4940 char *src, *target;
4971 4941 vattr_t vattr;
4972 4942 vsecattr_t vsec;
4973 4943 int error = 0;
4974 4944
4975 4945 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4976 4946 NO_FOLLOW, NULL, &vp)) != 0)
4977 4947 return (error);
4978 4948
4979 4949 /* Now make sure mntpnt and dataset are ZFS */
4980 4950
4981 4951 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
4982 4952 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4983 4953 zc->zc_name) != 0)) {
4984 4954 VN_RELE(vp);
4985 4955 return (SET_ERROR(EINVAL));
4986 4956 }
4987 4957
4988 4958 dzp = VTOZ(vp);
4989 4959 zfsvfs = dzp->z_zfsvfs;
4990 4960 ZFS_ENTER(zfsvfs);
4991 4961
4992 4962 /*
4993 4963 * Create share dir if its missing.
4994 4964 */
4995 4965 mutex_enter(&zfsvfs->z_lock);
4996 4966 if (zfsvfs->z_shares_dir == 0) {
4997 4967 dmu_tx_t *tx;
4998 4968
4999 4969 tx = dmu_tx_create(zfsvfs->z_os);
5000 4970 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
5001 4971 ZFS_SHARES_DIR);
5002 4972 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
5003 4973 error = dmu_tx_assign(tx, TXG_WAIT);
5004 4974 if (error != 0) {
5005 4975 dmu_tx_abort(tx);
5006 4976 } else {
5007 4977 error = zfs_create_share_dir(zfsvfs, tx);
5008 4978 dmu_tx_commit(tx);
5009 4979 }
5010 4980 if (error != 0) {
5011 4981 mutex_exit(&zfsvfs->z_lock);
5012 4982 VN_RELE(vp);
5013 4983 ZFS_EXIT(zfsvfs);
5014 4984 return (error);
5015 4985 }
5016 4986 }
5017 4987 mutex_exit(&zfsvfs->z_lock);
5018 4988
5019 4989 ASSERT(zfsvfs->z_shares_dir);
5020 4990 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
5021 4991 VN_RELE(vp);
5022 4992 ZFS_EXIT(zfsvfs);
5023 4993 return (error);
5024 4994 }
5025 4995
5026 4996 switch (zc->zc_cookie) {
5027 4997 case ZFS_SMB_ACL_ADD:
5028 4998 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
5029 4999 vattr.va_type = VREG;
5030 5000 vattr.va_mode = S_IFREG|0777;
5031 5001 vattr.va_uid = 0;
5032 5002 vattr.va_gid = 0;
5033 5003
5034 5004 vsec.vsa_mask = VSA_ACE;
5035 5005 vsec.vsa_aclentp = &full_access;
5036 5006 vsec.vsa_aclentsz = sizeof (full_access);
5037 5007 vsec.vsa_aclcnt = 1;
5038 5008
5039 5009 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
5040 5010 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
5041 5011 if (resourcevp)
5042 5012 VN_RELE(resourcevp);
5043 5013 break;
5044 5014
5045 5015 case ZFS_SMB_ACL_REMOVE:
5046 5016 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
5047 5017 NULL, 0);
5048 5018 break;
5049 5019
5050 5020 case ZFS_SMB_ACL_RENAME:
5051 5021 if ((error = get_nvlist(zc->zc_nvlist_src,
5052 5022 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
5053 5023 VN_RELE(vp);
5054 5024 ZFS_EXIT(zfsvfs);
5055 5025 return (error);
5056 5026 }
5057 5027 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
5058 5028 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
5059 5029 &target)) {
5060 5030 VN_RELE(vp);
5061 5031 VN_RELE(ZTOV(sharedir));
5062 5032 ZFS_EXIT(zfsvfs);
5063 5033 nvlist_free(nvlist);
5064 5034 return (error);
5065 5035 }
5066 5036 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
5067 5037 kcred, NULL, 0);
5068 5038 nvlist_free(nvlist);
5069 5039 break;
5070 5040
5071 5041 case ZFS_SMB_ACL_PURGE:
5072 5042 error = zfs_smb_acl_purge(sharedir);
5073 5043 break;
5074 5044
5075 5045 default:
5076 5046 error = SET_ERROR(EINVAL);
5077 5047 break;
5078 5048 }
5079 5049
5080 5050 VN_RELE(vp);
5081 5051 VN_RELE(ZTOV(sharedir));
5082 5052
5083 5053 ZFS_EXIT(zfsvfs);
5084 5054
5085 5055 return (error);
5086 5056 }
5087 5057
5088 5058 /*
5089 5059 * innvl: {
5090 5060 * "holds" -> { snapname -> holdname (string), ... }
5091 5061 * (optional) "cleanup_fd" -> fd (int32)
5092 5062 * }
5093 5063 *
5094 5064 * outnvl: {
5095 5065 * snapname -> error value (int32)
5096 5066 * ...
5097 5067 * }
5098 5068 */
5099 5069 /* ARGSUSED */
5100 5070 static int
5101 5071 zfs_ioc_hold(const char *pool, nvlist_t *args, nvlist_t *errlist)
5102 5072 {
5103 5073 nvlist_t *holds;
5104 5074 int cleanup_fd = -1;
5105 5075 int error;
5106 5076 minor_t minor = 0;
5107 5077
5108 5078 error = nvlist_lookup_nvlist(args, "holds", &holds);
5109 5079 if (error != 0)
5110 5080 return (SET_ERROR(EINVAL));
5111 5081
5112 5082 if (nvlist_lookup_int32(args, "cleanup_fd", &cleanup_fd) == 0) {
5113 5083 error = zfs_onexit_fd_hold(cleanup_fd, &minor);
5114 5084 if (error != 0)
5115 5085 return (error);
5116 5086 }
5117 5087
5118 5088 error = dsl_dataset_user_hold(holds, minor, errlist);
5119 5089 if (minor != 0)
5120 5090 zfs_onexit_fd_rele(cleanup_fd);
5121 5091 return (error);
5122 5092 }
5123 5093
5124 5094 /*
5125 5095 * innvl is not used.
5126 5096 *
5127 5097 * outnvl: {
5128 5098 * holdname -> time added (uint64 seconds since epoch)
5129 5099 * ...
5130 5100 * }
5131 5101 */
5132 5102 /* ARGSUSED */
5133 5103 static int
5134 5104 zfs_ioc_get_holds(const char *snapname, nvlist_t *args, nvlist_t *outnvl)
5135 5105 {
5136 5106 return (dsl_dataset_get_holds(snapname, outnvl));
5137 5107 }
5138 5108
5139 5109 /*
5140 5110 * innvl: {
5141 5111 * snapname -> { holdname, ... }
5142 5112 * ...
5143 5113 * }
5144 5114 *
5145 5115 * outnvl: {
5146 5116 * snapname -> error value (int32)
5147 5117 * ...
5148 5118 * }
5149 5119 */
5150 5120 /* ARGSUSED */
5151 5121 static int
5152 5122 zfs_ioc_release(const char *pool, nvlist_t *holds, nvlist_t *errlist)
5153 5123 {
5154 5124 return (dsl_dataset_user_release(holds, errlist));
5155 5125 }
5156 5126
5157 5127 /*
5158 5128 * inputs:
5159 5129 * zc_name name of new filesystem or snapshot
5160 5130 * zc_value full name of old snapshot
5161 5131 *
5162 5132 * outputs:
5163 5133 * zc_cookie space in bytes
5164 5134 * zc_objset_type compressed space in bytes
5165 5135 * zc_perm_action uncompressed space in bytes
5166 5136 */
5167 5137 static int
5168 5138 zfs_ioc_space_written(zfs_cmd_t *zc)
5169 5139 {
5170 5140 int error;
5171 5141 dsl_pool_t *dp;
5172 5142 dsl_dataset_t *new, *old;
5173 5143
5174 5144 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5175 5145 if (error != 0)
5176 5146 return (error);
5177 5147 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &new);
5178 5148 if (error != 0) {
5179 5149 dsl_pool_rele(dp, FTAG);
5180 5150 return (error);
5181 5151 }
5182 5152 error = dsl_dataset_hold(dp, zc->zc_value, FTAG, &old);
5183 5153 if (error != 0) {
5184 5154 dsl_dataset_rele(new, FTAG);
5185 5155 dsl_pool_rele(dp, FTAG);
5186 5156 return (error);
5187 5157 }
5188 5158
5189 5159 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5190 5160 &zc->zc_objset_type, &zc->zc_perm_action);
5191 5161 dsl_dataset_rele(old, FTAG);
5192 5162 dsl_dataset_rele(new, FTAG);
5193 5163 dsl_pool_rele(dp, FTAG);
5194 5164 return (error);
5195 5165 }
5196 5166
5197 5167 /*
5198 5168 * innvl: {
5199 5169 * "firstsnap" -> snapshot name
5200 5170 * }
5201 5171 *
5202 5172 * outnvl: {
5203 5173 * "used" -> space in bytes
5204 5174 * "compressed" -> compressed space in bytes
5205 5175 * "uncompressed" -> uncompressed space in bytes
5206 5176 * }
5207 5177 */
5208 5178 static int
5209 5179 zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
5210 5180 {
5211 5181 int error;
5212 5182 dsl_pool_t *dp;
5213 5183 dsl_dataset_t *new, *old;
5214 5184 char *firstsnap;
5215 5185 uint64_t used, comp, uncomp;
5216 5186
5217 5187 if (nvlist_lookup_string(innvl, "firstsnap", &firstsnap) != 0)
5218 5188 return (SET_ERROR(EINVAL));
5219 5189
5220 5190 error = dsl_pool_hold(lastsnap, FTAG, &dp);
5221 5191 if (error != 0)
5222 5192 return (error);
5223 5193
5224 5194 error = dsl_dataset_hold(dp, lastsnap, FTAG, &new);
5225 5195 if (error != 0) {
5226 5196 dsl_pool_rele(dp, FTAG);
5227 5197 return (error);
5228 5198 }
5229 5199 error = dsl_dataset_hold(dp, firstsnap, FTAG, &old);
5230 5200 if (error != 0) {
5231 5201 dsl_dataset_rele(new, FTAG);
5232 5202 dsl_pool_rele(dp, FTAG);
5233 5203 return (error);
5234 5204 }
5235 5205
5236 5206 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
5237 5207 dsl_dataset_rele(old, FTAG);
5238 5208 dsl_dataset_rele(new, FTAG);
5239 5209 dsl_pool_rele(dp, FTAG);
5240 5210 fnvlist_add_uint64(outnvl, "used", used);
5241 5211 fnvlist_add_uint64(outnvl, "compressed", comp);
5242 5212 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
5243 5213 return (error);
5244 5214 }
5245 5215
5246 5216 /*
5247 5217 * innvl: {
5248 5218 * "fd" -> file descriptor to write stream to (int32)
5249 5219 * (optional) "fromsnap" -> full snap name to send an incremental from
5250 5220 * }
5251 5221 *
5252 5222 * outnvl is unused
5253 5223 */
5254 5224 /* ARGSUSED */
5255 5225 static int
5256 5226 zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5257 5227 {
5258 5228 int error;
5259 5229 offset_t off;
5260 5230 char *fromname = NULL;
5261 5231 int fd;
5262 5232
5263 5233 error = nvlist_lookup_int32(innvl, "fd", &fd);
5264 5234 if (error != 0)
5265 5235 return (SET_ERROR(EINVAL));
5266 5236
5267 5237 (void) nvlist_lookup_string(innvl, "fromsnap", &fromname);
5268 5238
5269 5239 file_t *fp = getf(fd);
5270 5240 if (fp == NULL)
5271 5241 return (SET_ERROR(EBADF));
5272 5242
5273 5243 off = fp->f_offset;
5274 5244 error = dmu_send(snapname, fromname, fd, fp->f_vnode, &off);
5275 5245
5276 5246 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5277 5247 fp->f_offset = off;
5278 5248 releasef(fd);
5279 5249 return (error);
5280 5250 }
5281 5251
5282 5252 /*
5283 5253 * Determine approximately how large a zfs send stream will be -- the number
5284 5254 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5285 5255 *
5286 5256 * innvl: {
5287 5257 * (optional) "fromsnap" -> full snap name to send an incremental from
5288 5258 * }
5289 5259 *
5290 5260 * outnvl: {
5291 5261 * "space" -> bytes of space (uint64)
5292 5262 * }
5293 5263 */
5294 5264 static int
5295 5265 zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5296 5266 {
5297 5267 dsl_pool_t *dp;
5298 5268 dsl_dataset_t *fromsnap = NULL;
5299 5269 dsl_dataset_t *tosnap;
5300 5270 int error;
5301 5271 char *fromname;
5302 5272 uint64_t space;
5303 5273
5304 5274 error = dsl_pool_hold(snapname, FTAG, &dp);
5305 5275 if (error != 0)
5306 5276 return (error);
5307 5277
5308 5278 error = dsl_dataset_hold(dp, snapname, FTAG, &tosnap);
5309 5279 if (error != 0) {
5310 5280 dsl_pool_rele(dp, FTAG);
5311 5281 return (error);
5312 5282 }
5313 5283
5314 5284 error = nvlist_lookup_string(innvl, "fromsnap", &fromname);
5315 5285 if (error == 0) {
5316 5286 error = dsl_dataset_hold(dp, fromname, FTAG, &fromsnap);
5317 5287 if (error != 0) {
5318 5288 dsl_dataset_rele(tosnap, FTAG);
5319 5289 dsl_pool_rele(dp, FTAG);
5320 5290 return (error);
5321 5291 }
5322 5292 }
5323 5293
5324 5294 error = dmu_send_estimate(tosnap, fromsnap, &space);
5325 5295 fnvlist_add_uint64(outnvl, "space", space);
5326 5296
5327 5297 if (fromsnap != NULL)
5328 5298 dsl_dataset_rele(fromsnap, FTAG);
5329 5299 dsl_dataset_rele(tosnap, FTAG);
5330 5300 dsl_pool_rele(dp, FTAG);
5331 5301 return (error);
5332 5302 }
5333 5303
5334 5304
5335 5305 static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
5336 5306
5337 5307 static void
5338 5308 zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5339 5309 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5340 5310 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
5341 5311 {
5342 5312 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5343 5313
5344 5314 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5345 5315 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5346 5316 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5347 5317 ASSERT3P(vec->zvec_func, ==, NULL);
5348 5318
5349 5319 vec->zvec_legacy_func = func;
5350 5320 vec->zvec_secpolicy = secpolicy;
5351 5321 vec->zvec_namecheck = namecheck;
5352 5322 vec->zvec_allow_log = log_history;
5353 5323 vec->zvec_pool_check = pool_check;
5354 5324 }
5355 5325
5356 5326 /*
5357 5327 * See the block comment at the beginning of this file for details on
5358 5328 * each argument to this function.
5359 5329 */
5360 5330 static void
5361 5331 zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
5362 5332 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5363 5333 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
5364 5334 boolean_t allow_log)
5365 5335 {
5366 5336 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5367 5337
5368 5338 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5369 5339 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5370 5340 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5371 5341 ASSERT3P(vec->zvec_func, ==, NULL);
5372 5342
5373 5343 /* if we are logging, the name must be valid */
5374 5344 ASSERT(!allow_log || namecheck != NO_NAME);
5375 5345
5376 5346 vec->zvec_name = name;
5377 5347 vec->zvec_func = func;
5378 5348 vec->zvec_secpolicy = secpolicy;
5379 5349 vec->zvec_namecheck = namecheck;
5380 5350 vec->zvec_pool_check = pool_check;
5381 5351 vec->zvec_smush_outnvlist = smush_outnvlist;
5382 5352 vec->zvec_allow_log = allow_log;
5383 5353 }
5384 5354
5385 5355 static void
5386 5356 zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5387 5357 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
5388 5358 zfs_ioc_poolcheck_t pool_check)
5389 5359 {
5390 5360 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5391 5361 POOL_NAME, log_history, pool_check);
5392 5362 }
5393 5363
5394 5364 static void
5395 5365 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5396 5366 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
5397 5367 {
5398 5368 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5399 5369 DATASET_NAME, B_FALSE, pool_check);
5400 5370 }
5401 5371
5402 5372 static void
5403 5373 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5404 5374 {
5405 5375 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
5406 5376 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5407 5377 }
5408 5378
5409 5379 static void
5410 5380 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5411 5381 zfs_secpolicy_func_t *secpolicy)
5412 5382 {
5413 5383 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5414 5384 NO_NAME, B_FALSE, POOL_CHECK_NONE);
5415 5385 }
5416 5386
5417 5387 static void
5418 5388 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
5419 5389 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
5420 5390 {
5421 5391 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5422 5392 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
5423 5393 }
5424 5394
5425 5395 static void
5426 5396 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5427 5397 {
5428 5398 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
5429 5399 zfs_secpolicy_read);
5430 5400 }
5431 5401
5432 5402 static void
5433 5403 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5434 5404 zfs_secpolicy_func_t *secpolicy)
5435 5405 {
5436 5406 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5437 5407 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5438 5408 }
5439 5409
5440 5410 static void
5441 5411 zfs_ioctl_init(void)
5442 5412 {
5443 5413 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
5444 5414 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
5445 5415 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5446 5416
5447 5417 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
5448 5418 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
5449 5419 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE);
5450 5420
5451 5421 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
5452 5422 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
5453 5423 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5454 5424
5455 5425 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
5456 5426 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
5457 5427 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5458 5428
5459 5429 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
5460 5430 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
5461 5431 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5462 5432
5463 5433 zfs_ioctl_register("create", ZFS_IOC_CREATE,
5464 5434 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
5465 5435 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5466 5436
5467 5437 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
5468 5438 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
5469 5439 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5470 5440
5471 5441 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
5472 5442 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
5473 5443 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5474 5444
5475 5445 zfs_ioctl_register("hold", ZFS_IOC_HOLD,
5476 5446 zfs_ioc_hold, zfs_secpolicy_hold, POOL_NAME,
5477 5447 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5478 5448 zfs_ioctl_register("release", ZFS_IOC_RELEASE,
5479 5449 zfs_ioc_release, zfs_secpolicy_release, POOL_NAME,
5480 5450 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5481 5451
5482 5452 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS,
5483 5453 zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME,
5484 5454 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5485 5455
5486 5456 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK,
5487 5457 zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME,
5488 5458 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_TRUE);
5489 5459
5490 5460 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK,
5491 5461 zfs_ioc_bookmark, zfs_secpolicy_bookmark, POOL_NAME,
5492 5462 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5493 5463
5494 5464 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS,
5495 5465 zfs_ioc_get_bookmarks, zfs_secpolicy_read, DATASET_NAME,
5496 5466 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5497 5467
5498 5468 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS,
5499 5469 zfs_ioc_destroy_bookmarks, zfs_secpolicy_destroy_bookmarks,
5500 5470 POOL_NAME,
5501 5471 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5502 5472
5503 5473 /* IOCTLS that use the legacy function signature */
5504 5474
5505 5475 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
5506 5476 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
5507 5477
5508 5478 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
5509 5479 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5510 5480 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
5511 5481 zfs_ioc_pool_scan);
5512 5482 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
5513 5483 zfs_ioc_pool_upgrade);
5514 5484 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
5515 5485 zfs_ioc_vdev_add);
5516 5486 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
5517 5487 zfs_ioc_vdev_remove);
5518 5488 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
5519 5489 zfs_ioc_vdev_set_state);
5520 5490 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
5521 5491 zfs_ioc_vdev_attach);
5522 5492 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
5523 5493 zfs_ioc_vdev_detach);
5524 5494 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
5525 5495 zfs_ioc_vdev_setpath);
5526 5496 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
5527 5497 zfs_ioc_vdev_setfru);
5528 5498 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
5529 5499 zfs_ioc_pool_set_props);
5530 5500 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
5531 5501 zfs_ioc_vdev_split);
5532 5502 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
5533 5503 zfs_ioc_pool_reguid);
5534 5504
5535 5505 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
5536 5506 zfs_ioc_pool_configs, zfs_secpolicy_none);
5537 5507 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
5538 5508 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
5539 5509 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
5540 5510 zfs_ioc_inject_fault, zfs_secpolicy_inject);
5541 5511 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
5542 5512 zfs_ioc_clear_fault, zfs_secpolicy_inject);
5543 5513 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
5544 5514 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
5545 5515
5546 5516 /*
5547 5517 * pool destroy, and export don't log the history as part of
5548 5518 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5549 5519 * does the logging of those commands.
5550 5520 */
5551 5521 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
5552 5522 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5553 5523 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
5554 5524 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5555 5525
5556 5526 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
5557 5527 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5558 5528 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
5559 5529 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5560 5530
5561 5531 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
5562 5532 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
5563 5533 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
5564 5534 zfs_ioc_dsobj_to_dsname,
5565 5535 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
5566 5536 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
5567 5537 zfs_ioc_pool_get_history,
5568 5538 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
5569 5539
5570 5540 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
5571 5541 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5572 5542
5573 5543 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
5574 5544 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5575 5545 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
5576 5546 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5577 5547
5578 5548 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
5579 5549 zfs_ioc_space_written);
5580 5550 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
5581 5551 zfs_ioc_objset_recvd_props);
5582 5552 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
5583 5553 zfs_ioc_next_obj);
5584 5554 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
5585 5555 zfs_ioc_get_fsacl);
5586 5556 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
5587 5557 zfs_ioc_objset_stats);
5588 5558 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
5589 5559 zfs_ioc_objset_zplprops);
5590 5560 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
5591 5561 zfs_ioc_dataset_list_next);
5592 5562 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
5593 5563 zfs_ioc_snapshot_list_next);
5594 5564 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
5595 5565 zfs_ioc_send_progress);
5596 5566
5597 5567 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
5598 5568 zfs_ioc_diff, zfs_secpolicy_diff);
5599 5569 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
5600 5570 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
5601 5571 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
5602 5572 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
5603 5573 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
5604 5574 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
5605 5575 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
5606 5576 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
5607 5577 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
5608 5578 zfs_ioc_send, zfs_secpolicy_send);
5609 5579
5610 5580 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
5611 5581 zfs_secpolicy_none);
5612 5582 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
5613 5583 zfs_secpolicy_destroy);
5614 5584 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
5615 5585 zfs_secpolicy_rename);
5616 5586 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
5617 5587 zfs_secpolicy_recv);
5618 5588 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
5619 5589 zfs_secpolicy_promote);
5620 5590 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
5621 5591 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
5622 5592 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
5623 5593 zfs_secpolicy_set_fsacl);
5624 5594
5625 5595 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
5626 5596 zfs_secpolicy_share, POOL_CHECK_NONE);
5627 5597 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
5628 5598 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
5629 5599 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
5630 5600 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5631 5601 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5632 5602 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
5633 5603 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
5634 5604 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5635 5605 }
5636 5606
5637 5607 int
5638 5608 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5639 5609 zfs_ioc_poolcheck_t check)
5640 5610 {
5641 5611 spa_t *spa;
5642 5612 int error;
5643 5613
5644 5614 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5645 5615
5646 5616 if (check & POOL_CHECK_NONE)
5647 5617 return (0);
5648 5618
5649 5619 error = spa_open(name, &spa, FTAG);
5650 5620 if (error == 0) {
5651 5621 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5652 5622 error = SET_ERROR(EAGAIN);
5653 5623 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5654 5624 error = SET_ERROR(EROFS);
5655 5625 spa_close(spa, FTAG);
5656 5626 }
5657 5627 return (error);
5658 5628 }
5659 5629
5660 5630 /*
5661 5631 * Find a free minor number.
5662 5632 */
5663 5633 minor_t
5664 5634 zfsdev_minor_alloc(void)
5665 5635 {
5666 5636 static minor_t last_minor;
5667 5637 minor_t m;
5668 5638
5669 5639 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5670 5640
5671 5641 for (m = last_minor + 1; m != last_minor; m++) {
5672 5642 if (m > ZFSDEV_MAX_MINOR)
5673 5643 m = 1;
5674 5644 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5675 5645 last_minor = m;
5676 5646 return (m);
5677 5647 }
5678 5648 }
5679 5649
5680 5650 return (0);
5681 5651 }
5682 5652
5683 5653 static int
5684 5654 zfs_ctldev_init(dev_t *devp)
5685 5655 {
5686 5656 minor_t minor;
5687 5657 zfs_soft_state_t *zs;
5688 5658
5689 5659 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5690 5660 ASSERT(getminor(*devp) == 0);
5691 5661
5692 5662 minor = zfsdev_minor_alloc();
5693 5663 if (minor == 0)
5694 5664 return (SET_ERROR(ENXIO));
5695 5665
5696 5666 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5697 5667 return (SET_ERROR(EAGAIN));
5698 5668
5699 5669 *devp = makedevice(getemajor(*devp), minor);
5700 5670
5701 5671 zs = ddi_get_soft_state(zfsdev_state, minor);
5702 5672 zs->zss_type = ZSST_CTLDEV;
5703 5673 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5704 5674
5705 5675 return (0);
5706 5676 }
5707 5677
5708 5678 static void
5709 5679 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5710 5680 {
5711 5681 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5712 5682
5713 5683 zfs_onexit_destroy(zo);
5714 5684 ddi_soft_state_free(zfsdev_state, minor);
5715 5685 }
5716 5686
5717 5687 void *
5718 5688 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5719 5689 {
5720 5690 zfs_soft_state_t *zp;
5721 5691
5722 5692 zp = ddi_get_soft_state(zfsdev_state, minor);
5723 5693 if (zp == NULL || zp->zss_type != which)
5724 5694 return (NULL);
5725 5695
5726 5696 return (zp->zss_data);
5727 5697 }
5728 5698
5729 5699 static int
5730 5700 zfsdev_open(dev_t *devp, int flag, int otyp, cred_t *cr)
5731 5701 {
5732 5702 int error = 0;
5733 5703
5734 5704 if (getminor(*devp) != 0)
5735 5705 return (zvol_open(devp, flag, otyp, cr));
5736 5706
5737 5707 /* This is the control device. Allocate a new minor if requested. */
5738 5708 if (flag & FEXCL) {
5739 5709 mutex_enter(&zfsdev_state_lock);
5740 5710 error = zfs_ctldev_init(devp);
5741 5711 mutex_exit(&zfsdev_state_lock);
5742 5712 }
5743 5713
5744 5714 return (error);
5745 5715 }
5746 5716
5747 5717 static int
5748 5718 zfsdev_close(dev_t dev, int flag, int otyp, cred_t *cr)
5749 5719 {
5750 5720 zfs_onexit_t *zo;
5751 5721 minor_t minor = getminor(dev);
5752 5722
5753 5723 if (minor == 0)
5754 5724 return (0);
5755 5725
5756 5726 mutex_enter(&zfsdev_state_lock);
5757 5727 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5758 5728 if (zo == NULL) {
5759 5729 mutex_exit(&zfsdev_state_lock);
5760 5730 return (zvol_close(dev, flag, otyp, cr));
5761 5731 }
5762 5732 zfs_ctldev_destroy(zo, minor);
5763 5733 mutex_exit(&zfsdev_state_lock);
5764 5734
5765 5735 return (0);
5766 5736 }
5767 5737
5768 5738 static int
5769 5739 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp)
5770 5740 {
5771 5741 zfs_cmd_t *zc;
5772 5742 uint_t vecnum;
5773 5743 int error, rc, len;
5774 5744 minor_t minor = getminor(dev);
5775 5745 const zfs_ioc_vec_t *vec;
5776 5746 char *saved_poolname = NULL;
5777 5747 nvlist_t *innvl = NULL;
5778 5748
5779 5749 if (minor != 0 &&
5780 5750 zfsdev_get_soft_state(minor, ZSST_CTLDEV) == NULL)
5781 5751 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp));
5782 5752
5783 5753 vecnum = cmd - ZFS_IOC_FIRST;
5784 5754 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip));
5785 5755
5786 5756 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5787 5757 return (SET_ERROR(EINVAL));
5788 5758 vec = &zfs_ioc_vec[vecnum];
5789 5759
5790 5760 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
5791 5761
5792 5762 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5793 5763 if (error != 0) {
5794 5764 error = SET_ERROR(EFAULT);
5795 5765 goto out;
5796 5766 }
5797 5767
5798 5768 zc->zc_iflags = flag & FKIOCTL;
5799 5769 if (zc->zc_nvlist_src_size != 0) {
5800 5770 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
5801 5771 zc->zc_iflags, &innvl);
5802 5772 if (error != 0)
5803 5773 goto out;
5804 5774 }
5805 5775
5806 5776 /*
5807 5777 * Ensure that all pool/dataset names are valid before we pass down to
5808 5778 * the lower layers.
5809 5779 */
5810 5780 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5811 5781 switch (vec->zvec_namecheck) {
5812 5782 case POOL_NAME:
5813 5783 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5814 5784 error = SET_ERROR(EINVAL);
5815 5785 else
5816 5786 error = pool_status_check(zc->zc_name,
5817 5787 vec->zvec_namecheck, vec->zvec_pool_check);
5818 5788 break;
5819 5789
5820 5790 case DATASET_NAME:
5821 5791 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5822 5792 error = SET_ERROR(EINVAL);
5823 5793 else
5824 5794 error = pool_status_check(zc->zc_name,
5825 5795 vec->zvec_namecheck, vec->zvec_pool_check);
5826 5796 break;
5827 5797
5828 5798 case NO_NAME:
5829 5799 break;
5830 5800 }
5831 5801
5832 5802
5833 5803 if (error == 0 && !(flag & FKIOCTL))
5834 5804 error = vec->zvec_secpolicy(zc, innvl, cr);
5835 5805
5836 5806 if (error != 0)
5837 5807 goto out;
5838 5808
5839 5809 /* legacy ioctls can modify zc_name */
5840 5810 len = strcspn(zc->zc_name, "/@#") + 1;
5841 5811 saved_poolname = kmem_alloc(len, KM_SLEEP);
5842 5812 (void) strlcpy(saved_poolname, zc->zc_name, len);
5843 5813
5844 5814 if (vec->zvec_func != NULL) {
5845 5815 nvlist_t *outnvl;
5846 5816 int puterror = 0;
5847 5817 spa_t *spa;
5848 5818 nvlist_t *lognv = NULL;
5849 5819
5850 5820 ASSERT(vec->zvec_legacy_func == NULL);
5851 5821
5852 5822 /*
5853 5823 * Add the innvl to the lognv before calling the func,
5854 5824 * in case the func changes the innvl.
5855 5825 */
5856 5826 if (vec->zvec_allow_log) {
5857 5827 lognv = fnvlist_alloc();
5858 5828 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
5859 5829 vec->zvec_name);
5860 5830 if (!nvlist_empty(innvl)) {
5861 5831 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
5862 5832 innvl);
5863 5833 }
5864 5834 }
5865 5835
5866 5836 outnvl = fnvlist_alloc();
5867 5837 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
5868 5838
5869 5839 if (error == 0 && vec->zvec_allow_log &&
5870 5840 spa_open(zc->zc_name, &spa, FTAG) == 0) {
5871 5841 if (!nvlist_empty(outnvl)) {
5872 5842 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
5873 5843 outnvl);
5874 5844 }
5875 5845 (void) spa_history_log_nvl(spa, lognv);
5876 5846 spa_close(spa, FTAG);
5877 5847 }
5878 5848 fnvlist_free(lognv);
5879 5849
5880 5850 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
5881 5851 int smusherror = 0;
5882 5852 if (vec->zvec_smush_outnvlist) {
5883 5853 smusherror = nvlist_smush(outnvl,
5884 5854 zc->zc_nvlist_dst_size);
5885 5855 }
5886 5856 if (smusherror == 0)
5887 5857 puterror = put_nvlist(zc, outnvl);
5888 5858 }
5889 5859
5890 5860 if (puterror != 0)
5891 5861 error = puterror;
5892 5862
5893 5863 nvlist_free(outnvl);
5894 5864 } else {
5895 5865 error = vec->zvec_legacy_func(zc);
5896 5866 }
5897 5867
5898 5868 out:
5899 5869 nvlist_free(innvl);
5900 5870 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
5901 5871 if (error == 0 && rc != 0)
5902 5872 error = SET_ERROR(EFAULT);
5903 5873 if (error == 0 && vec->zvec_allow_log) {
5904 5874 char *s = tsd_get(zfs_allow_log_key);
5905 5875 if (s != NULL)
5906 5876 strfree(s);
5907 5877 (void) tsd_set(zfs_allow_log_key, saved_poolname);
5908 5878 } else {
5909 5879 if (saved_poolname != NULL)
5910 5880 strfree(saved_poolname);
5911 5881 }
5912 5882
5913 5883 kmem_free(zc, sizeof (zfs_cmd_t));
5914 5884 return (error);
5915 5885 }
5916 5886
5917 5887 static int
5918 5888 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
5919 5889 {
5920 5890 if (cmd != DDI_ATTACH)
5921 5891 return (DDI_FAILURE);
5922 5892
5923 5893 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
5924 5894 DDI_PSEUDO, 0) == DDI_FAILURE)
5925 5895 return (DDI_FAILURE);
5926 5896
5927 5897 zfs_dip = dip;
5928 5898
5929 5899 ddi_report_dev(dip);
5930 5900
5931 5901 return (DDI_SUCCESS);
5932 5902 }
5933 5903
5934 5904 static int
5935 5905 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5936 5906 {
5937 5907 if (spa_busy() || zfs_busy() || zvol_busy())
5938 5908 return (DDI_FAILURE);
5939 5909
5940 5910 if (cmd != DDI_DETACH)
5941 5911 return (DDI_FAILURE);
5942 5912
5943 5913 zfs_dip = NULL;
5944 5914
5945 5915 ddi_prop_remove_all(dip);
5946 5916 ddi_remove_minor_node(dip, NULL);
5947 5917
5948 5918 return (DDI_SUCCESS);
5949 5919 }
5950 5920
5951 5921 /*ARGSUSED*/
5952 5922 static int
5953 5923 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
5954 5924 {
5955 5925 switch (infocmd) {
5956 5926 case DDI_INFO_DEVT2DEVINFO:
5957 5927 *result = zfs_dip;
5958 5928 return (DDI_SUCCESS);
5959 5929
5960 5930 case DDI_INFO_DEVT2INSTANCE:
5961 5931 *result = (void *)0;
5962 5932 return (DDI_SUCCESS);
5963 5933 }
5964 5934
5965 5935 return (DDI_FAILURE);
5966 5936 }
5967 5937
5968 5938 /*
5969 5939 * OK, so this is a little weird.
5970 5940 *
5971 5941 * /dev/zfs is the control node, i.e. minor 0.
5972 5942 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
5973 5943 *
5974 5944 * /dev/zfs has basically nothing to do except serve up ioctls,
5975 5945 * so most of the standard driver entry points are in zvol.c.
5976 5946 */
5977 5947 static struct cb_ops zfs_cb_ops = {
5978 5948 zfsdev_open, /* open */
5979 5949 zfsdev_close, /* close */
5980 5950 zvol_strategy, /* strategy */
5981 5951 nodev, /* print */
5982 5952 zvol_dump, /* dump */
5983 5953 zvol_read, /* read */
5984 5954 zvol_write, /* write */
5985 5955 zfsdev_ioctl, /* ioctl */
5986 5956 nodev, /* devmap */
5987 5957 nodev, /* mmap */
5988 5958 nodev, /* segmap */
5989 5959 nochpoll, /* poll */
5990 5960 ddi_prop_op, /* prop_op */
5991 5961 NULL, /* streamtab */
5992 5962 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
5993 5963 CB_REV, /* version */
5994 5964 nodev, /* async read */
5995 5965 nodev, /* async write */
5996 5966 };
5997 5967
5998 5968 static struct dev_ops zfs_dev_ops = {
5999 5969 DEVO_REV, /* version */
6000 5970 0, /* refcnt */
6001 5971 zfs_info, /* info */
6002 5972 nulldev, /* identify */
6003 5973 nulldev, /* probe */
6004 5974 zfs_attach, /* attach */
6005 5975 zfs_detach, /* detach */
6006 5976 nodev, /* reset */
6007 5977 &zfs_cb_ops, /* driver operations */
6008 5978 NULL, /* no bus operations */
6009 5979 NULL, /* power */
6010 5980 ddi_quiesce_not_needed, /* quiesce */
6011 5981 };
6012 5982
6013 5983 static struct modldrv zfs_modldrv = {
6014 5984 &mod_driverops,
6015 5985 "ZFS storage pool",
6016 5986 &zfs_dev_ops
6017 5987 };
6018 5988
6019 5989 static struct modlinkage modlinkage = {
6020 5990 MODREV_1,
6021 5991 (void *)&zfs_modlfs,
6022 5992 (void *)&zfs_modldrv,
6023 5993 NULL
6024 5994 };
6025 5995
6026 5996 static void
6027 5997 zfs_allow_log_destroy(void *arg)
6028 5998 {
6029 5999 char *poolname = arg;
6030 6000 strfree(poolname);
6031 6001 }
6032 6002
6033 6003 int
6034 6004 _init(void)
6035 6005 {
6036 6006 int error;
6037 6007
6038 6008 spa_init(FREAD | FWRITE);
6039 6009 zfs_init();
6040 6010 zvol_init();
6041 6011 zfs_ioctl_init();
6042 6012
6043 6013 if ((error = mod_install(&modlinkage)) != 0) {
6044 6014 zvol_fini();
6045 6015 zfs_fini();
6046 6016 spa_fini();
6047 6017 return (error);
6048 6018 }
6049 6019
6050 6020 tsd_create(&zfs_fsyncer_key, NULL);
6051 6021 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
6052 6022 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
6053 6023
6054 6024 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
6055 6025 ASSERT(error == 0);
6056 6026 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
6057 6027
6058 6028 return (0);
6059 6029 }
6060 6030
6061 6031 int
6062 6032 _fini(void)
6063 6033 {
6064 6034 int error;
6065 6035
6066 6036 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
6067 6037 return (SET_ERROR(EBUSY));
6068 6038
6069 6039 if ((error = mod_remove(&modlinkage)) != 0)
6070 6040 return (error);
6071 6041
6072 6042 zvol_fini();
6073 6043 zfs_fini();
6074 6044 spa_fini();
6075 6045 if (zfs_nfsshare_inited)
6076 6046 (void) ddi_modclose(nfs_mod);
6077 6047 if (zfs_smbshare_inited)
6078 6048 (void) ddi_modclose(smbsrv_mod);
6079 6049 if (zfs_nfsshare_inited || zfs_smbshare_inited)
6080 6050 (void) ddi_modclose(sharefs_mod);
6081 6051
6082 6052 tsd_destroy(&zfs_fsyncer_key);
6083 6053 ldi_ident_release(zfs_li);
6084 6054 zfs_li = NULL;
6085 6055 mutex_destroy(&zfs_share_lock);
6086 6056
6087 6057 return (error);
6088 6058 }
6089 6059
6090 6060 int
6091 6061 _info(struct modinfo *modinfop)
6092 6062 {
6093 6063 return (mod_info(&modlinkage, modinfop));
6094 6064 }
|
↓ open down ↓ |
3598 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX