1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 2012 by Delphix. All rights reserved.
25 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
26 */
27
28 #include <sys/dmu.h>
29 #include <sys/dmu_impl.h>
30 #include <sys/dmu_tx.h>
31 #include <sys/dbuf.h>
32 #include <sys/dnode.h>
33 #include <sys/zfs_context.h>
34 #include <sys/dmu_objset.h>
35 #include <sys/dmu_traverse.h>
36 #include <sys/dsl_dataset.h>
37 #include <sys/dsl_dir.h>
38 #include <sys/dsl_prop.h>
39 #include <sys/dsl_pool.h>
40 #include <sys/dsl_synctask.h>
41 #include <sys/zfs_ioctl.h>
42 #include <sys/zap.h>
43 #include <sys/zio_checksum.h>
44 #include <sys/zfs_znode.h>
45 #include <zfs_fletcher.h>
46 #include <sys/avl.h>
47 #include <sys/ddt.h>
48 #include <sys/zfs_onexit.h>
49
50 /* Set this tunable to TRUE to replace corrupt data with 0x2f5baddb10c */
51 int zfs_send_corrupt_data = B_FALSE;
52
53 static char *dmu_recv_tag = "dmu_recv_tag";
54 char *tmp_dmu_recv_tag = "tmp_dmu_recv_tag";
55
56 static int
57 dump_bytes(dmu_sendarg_t *dsp, void *buf, int len)
58 {
59 dsl_dataset_t *ds = dsp->dsa_os->os_dsl_dataset;
60 ssize_t resid; /* have to get resid to get detailed errno */
61 ASSERT0(len % 8);
62
63 fletcher_4_incremental_native(buf, len, &dsp->dsa_zc);
64 dsp->dsa_err = vn_rdwr(UIO_WRITE, dsp->dsa_vp,
65 (caddr_t)buf, len,
66 0, UIO_SYSSPACE, FAPPEND, RLIM64_INFINITY, CRED(), &resid);
67
68 mutex_enter(&ds->ds_sendstream_lock);
69 *dsp->dsa_off += len;
70 mutex_exit(&ds->ds_sendstream_lock);
71
72 return (dsp->dsa_err);
73 }
74
75 static int
76 dump_free(dmu_sendarg_t *dsp, uint64_t object, uint64_t offset,
77 uint64_t length)
78 {
79 struct drr_free *drrf = &(dsp->dsa_drr->drr_u.drr_free);
80
81 if (length != -1ULL && offset + length < offset)
82 length = -1ULL;
83
84 /*
85 * If there is a pending op, but it's not PENDING_FREE, push it out,
86 * since free block aggregation can only be done for blocks of the
87 * same type (i.e., DRR_FREE records can only be aggregated with
88 * other DRR_FREE records. DRR_FREEOBJECTS records can only be
89 * aggregated with other DRR_FREEOBJECTS records.
90 */
91 if (dsp->dsa_pending_op != PENDING_NONE &&
92 dsp->dsa_pending_op != PENDING_FREE) {
93 if (dump_bytes(dsp, dsp->dsa_drr,
94 sizeof (dmu_replay_record_t)) != 0)
95 return (EINTR);
96 dsp->dsa_pending_op = PENDING_NONE;
97 }
98
99 if (dsp->dsa_pending_op == PENDING_FREE) {
100 /*
101 * There should never be a PENDING_FREE if length is -1
102 * (because dump_dnode is the only place where this
103 * function is called with a -1, and only after flushing
104 * any pending record).
105 */
106 ASSERT(length != -1ULL);
107 /*
108 * Check to see whether this free block can be aggregated
109 * with pending one.
110 */
111 if (drrf->drr_object == object && drrf->drr_offset +
112 drrf->drr_length == offset) {
113 drrf->drr_length += length;
114 return (0);
115 } else {
116 /* not a continuation. Push out pending record */
117 if (dump_bytes(dsp, dsp->dsa_drr,
118 sizeof (dmu_replay_record_t)) != 0)
119 return (EINTR);
120 dsp->dsa_pending_op = PENDING_NONE;
121 }
122 }
123 /* create a FREE record and make it pending */
124 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
125 dsp->dsa_drr->drr_type = DRR_FREE;
126 drrf->drr_object = object;
127 drrf->drr_offset = offset;
128 drrf->drr_length = length;
129 drrf->drr_toguid = dsp->dsa_toguid;
130 if (length == -1ULL) {
131 if (dump_bytes(dsp, dsp->dsa_drr,
132 sizeof (dmu_replay_record_t)) != 0)
133 return (EINTR);
134 } else {
135 dsp->dsa_pending_op = PENDING_FREE;
136 }
137
138 return (0);
139 }
140
141 static int
142 dump_data(dmu_sendarg_t *dsp, dmu_object_type_t type,
143 uint64_t object, uint64_t offset, int blksz, const blkptr_t *bp, void *data)
144 {
145 struct drr_write *drrw = &(dsp->dsa_drr->drr_u.drr_write);
146
147
148 /*
149 * If there is any kind of pending aggregation (currently either
150 * a grouping of free objects or free blocks), push it out to
151 * the stream, since aggregation can't be done across operations
152 * of different types.
153 */
154 if (dsp->dsa_pending_op != PENDING_NONE) {
155 if (dump_bytes(dsp, dsp->dsa_drr,
156 sizeof (dmu_replay_record_t)) != 0)
157 return (EINTR);
158 dsp->dsa_pending_op = PENDING_NONE;
159 }
160 /* write a DATA record */
161 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
162 dsp->dsa_drr->drr_type = DRR_WRITE;
163 drrw->drr_object = object;
164 drrw->drr_type = type;
165 drrw->drr_offset = offset;
166 drrw->drr_length = blksz;
167 drrw->drr_toguid = dsp->dsa_toguid;
168 drrw->drr_checksumtype = BP_GET_CHECKSUM(bp);
169 if (zio_checksum_table[drrw->drr_checksumtype].ci_dedup)
170 drrw->drr_checksumflags |= DRR_CHECKSUM_DEDUP;
171 DDK_SET_LSIZE(&drrw->drr_key, BP_GET_LSIZE(bp));
172 DDK_SET_PSIZE(&drrw->drr_key, BP_GET_PSIZE(bp));
173 DDK_SET_COMPRESS(&drrw->drr_key, BP_GET_COMPRESS(bp));
174 drrw->drr_key.ddk_cksum = bp->blk_cksum;
175
176 if (dump_bytes(dsp, dsp->dsa_drr, sizeof (dmu_replay_record_t)) != 0)
177 return (EINTR);
178 if (dump_bytes(dsp, data, blksz) != 0)
179 return (EINTR);
180 return (0);
181 }
182
183 static int
184 dump_spill(dmu_sendarg_t *dsp, uint64_t object, int blksz, void *data)
185 {
186 struct drr_spill *drrs = &(dsp->dsa_drr->drr_u.drr_spill);
187
188 if (dsp->dsa_pending_op != PENDING_NONE) {
189 if (dump_bytes(dsp, dsp->dsa_drr,
190 sizeof (dmu_replay_record_t)) != 0)
191 return (EINTR);
192 dsp->dsa_pending_op = PENDING_NONE;
193 }
194
195 /* write a SPILL record */
196 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
197 dsp->dsa_drr->drr_type = DRR_SPILL;
198 drrs->drr_object = object;
199 drrs->drr_length = blksz;
200 drrs->drr_toguid = dsp->dsa_toguid;
201
202 if (dump_bytes(dsp, dsp->dsa_drr, sizeof (dmu_replay_record_t)))
203 return (EINTR);
204 if (dump_bytes(dsp, data, blksz))
205 return (EINTR);
206 return (0);
207 }
208
209 static int
210 dump_freeobjects(dmu_sendarg_t *dsp, uint64_t firstobj, uint64_t numobjs)
211 {
212 struct drr_freeobjects *drrfo = &(dsp->dsa_drr->drr_u.drr_freeobjects);
213
214 /*
215 * If there is a pending op, but it's not PENDING_FREEOBJECTS,
216 * push it out, since free block aggregation can only be done for
217 * blocks of the same type (i.e., DRR_FREE records can only be
218 * aggregated with other DRR_FREE records. DRR_FREEOBJECTS records
219 * can only be aggregated with other DRR_FREEOBJECTS records.
220 */
221 if (dsp->dsa_pending_op != PENDING_NONE &&
222 dsp->dsa_pending_op != PENDING_FREEOBJECTS) {
223 if (dump_bytes(dsp, dsp->dsa_drr,
224 sizeof (dmu_replay_record_t)) != 0)
225 return (EINTR);
226 dsp->dsa_pending_op = PENDING_NONE;
227 }
228 if (dsp->dsa_pending_op == PENDING_FREEOBJECTS) {
229 /*
230 * See whether this free object array can be aggregated
231 * with pending one
232 */
233 if (drrfo->drr_firstobj + drrfo->drr_numobjs == firstobj) {
234 drrfo->drr_numobjs += numobjs;
235 return (0);
236 } else {
237 /* can't be aggregated. Push out pending record */
238 if (dump_bytes(dsp, dsp->dsa_drr,
239 sizeof (dmu_replay_record_t)) != 0)
240 return (EINTR);
241 dsp->dsa_pending_op = PENDING_NONE;
242 }
243 }
244
245 /* write a FREEOBJECTS record */
246 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
247 dsp->dsa_drr->drr_type = DRR_FREEOBJECTS;
248 drrfo->drr_firstobj = firstobj;
249 drrfo->drr_numobjs = numobjs;
250 drrfo->drr_toguid = dsp->dsa_toguid;
251
252 dsp->dsa_pending_op = PENDING_FREEOBJECTS;
253
254 return (0);
255 }
256
257 static int
258 dump_dnode(dmu_sendarg_t *dsp, uint64_t object, dnode_phys_t *dnp)
259 {
260 struct drr_object *drro = &(dsp->dsa_drr->drr_u.drr_object);
261
262 if (dnp == NULL || dnp->dn_type == DMU_OT_NONE)
263 return (dump_freeobjects(dsp, object, 1));
264
265 if (dsp->dsa_pending_op != PENDING_NONE) {
266 if (dump_bytes(dsp, dsp->dsa_drr,
267 sizeof (dmu_replay_record_t)) != 0)
268 return (EINTR);
269 dsp->dsa_pending_op = PENDING_NONE;
270 }
271
272 /* write an OBJECT record */
273 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
274 dsp->dsa_drr->drr_type = DRR_OBJECT;
275 drro->drr_object = object;
276 drro->drr_type = dnp->dn_type;
277 drro->drr_bonustype = dnp->dn_bonustype;
278 drro->drr_blksz = dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT;
279 drro->drr_bonuslen = dnp->dn_bonuslen;
280 drro->drr_checksumtype = dnp->dn_checksum;
281 drro->drr_compress = dnp->dn_compress;
282 drro->drr_toguid = dsp->dsa_toguid;
283
284 if (dump_bytes(dsp, dsp->dsa_drr, sizeof (dmu_replay_record_t)) != 0)
285 return (EINTR);
286
287 if (dump_bytes(dsp, DN_BONUS(dnp), P2ROUNDUP(dnp->dn_bonuslen, 8)) != 0)
288 return (EINTR);
289
290 /* free anything past the end of the file */
291 if (dump_free(dsp, object, (dnp->dn_maxblkid + 1) *
292 (dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT), -1ULL))
293 return (EINTR);
294 if (dsp->dsa_err)
295 return (EINTR);
296 return (0);
297 }
298
299 #define BP_SPAN(dnp, level) \
300 (((uint64_t)dnp->dn_datablkszsec) << (SPA_MINBLOCKSHIFT + \
301 (level) * (dnp->dn_indblkshift - SPA_BLKPTRSHIFT)))
302
303 /* ARGSUSED */
304 static int
305 backup_cb(spa_t *spa, zilog_t *zilog, const blkptr_t *bp, arc_buf_t *pbuf,
306 const zbookmark_t *zb, const dnode_phys_t *dnp, void *arg)
307 {
308 dmu_sendarg_t *dsp = arg;
309 dmu_object_type_t type = bp ? BP_GET_TYPE(bp) : DMU_OT_NONE;
310 int err = 0;
311
312 if (issig(JUSTLOOKING) && issig(FORREAL))
313 return (EINTR);
314
315 if (zb->zb_object != DMU_META_DNODE_OBJECT &&
316 DMU_OBJECT_IS_SPECIAL(zb->zb_object)) {
317 return (0);
318 } else if (bp == NULL && zb->zb_object == DMU_META_DNODE_OBJECT) {
319 uint64_t span = BP_SPAN(dnp, zb->zb_level);
320 uint64_t dnobj = (zb->zb_blkid * span) >> DNODE_SHIFT;
321 err = dump_freeobjects(dsp, dnobj, span >> DNODE_SHIFT);
322 } else if (bp == NULL) {
323 uint64_t span = BP_SPAN(dnp, zb->zb_level);
324 err = dump_free(dsp, zb->zb_object, zb->zb_blkid * span, span);
325 } else if (zb->zb_level > 0 || type == DMU_OT_OBJSET) {
326 return (0);
327 } else if (type == DMU_OT_DNODE) {
328 dnode_phys_t *blk;
329 int i;
330 int blksz = BP_GET_LSIZE(bp);
331 uint32_t aflags = ARC_WAIT;
332 arc_buf_t *abuf;
333
334 if (dsl_read(NULL, spa, bp, pbuf,
335 arc_getbuf_func, &abuf, ZIO_PRIORITY_ASYNC_READ,
336 ZIO_FLAG_CANFAIL, &aflags, zb) != 0)
337 return (EIO);
338
339 blk = abuf->b_data;
340 for (i = 0; i < blksz >> DNODE_SHIFT; i++) {
341 uint64_t dnobj = (zb->zb_blkid <<
342 (DNODE_BLOCK_SHIFT - DNODE_SHIFT)) + i;
343 err = dump_dnode(dsp, dnobj, blk+i);
344 if (err)
345 break;
346 }
347 (void) arc_buf_remove_ref(abuf, &abuf);
348 } else if (type == DMU_OT_SA) {
349 uint32_t aflags = ARC_WAIT;
350 arc_buf_t *abuf;
351 int blksz = BP_GET_LSIZE(bp);
352
353 if (arc_read_nolock(NULL, spa, bp,
354 arc_getbuf_func, &abuf, ZIO_PRIORITY_ASYNC_READ,
355 ZIO_FLAG_CANFAIL, &aflags, zb) != 0)
356 return (EIO);
357
358 err = dump_spill(dsp, zb->zb_object, blksz, abuf->b_data);
359 (void) arc_buf_remove_ref(abuf, &abuf);
360 } else { /* it's a level-0 block of a regular object */
361 uint32_t aflags = ARC_WAIT;
362 arc_buf_t *abuf;
363 int blksz = BP_GET_LSIZE(bp);
364
365 if (dsl_read(NULL, spa, bp, pbuf,
366 arc_getbuf_func, &abuf, ZIO_PRIORITY_ASYNC_READ,
367 ZIO_FLAG_CANFAIL, &aflags, zb) != 0) {
368 if (zfs_send_corrupt_data) {
369 /* Send a block filled with 0x"zfs badd bloc" */
370 abuf = arc_buf_alloc(spa, blksz, &abuf,
371 ARC_BUFC_DATA);
372 uint64_t *ptr;
373 for (ptr = abuf->b_data;
374 (char *)ptr < (char *)abuf->b_data + blksz;
375 ptr++)
376 *ptr = 0x2f5baddb10c;
377 } else {
378 return (EIO);
379 }
380 }
381
382 err = dump_data(dsp, type, zb->zb_object, zb->zb_blkid * blksz,
383 blksz, bp, abuf->b_data);
384 (void) arc_buf_remove_ref(abuf, &abuf);
385 }
386
387 ASSERT(err == 0 || err == EINTR);
388 return (err);
389 }
390
391 /*
392 * Return TRUE if 'earlier' is an earlier snapshot in 'later's timeline.
393 * For example, they could both be snapshots of the same filesystem, and
394 * 'earlier' is before 'later'. Or 'earlier' could be the origin of
395 * 'later's filesystem. Or 'earlier' could be an older snapshot in the origin's
396 * filesystem. Or 'earlier' could be the origin's origin.
397 */
398 static boolean_t
399 is_before(dsl_dataset_t *later, dsl_dataset_t *earlier)
400 {
401 dsl_pool_t *dp = later->ds_dir->dd_pool;
402 int error;
403 boolean_t ret;
404 dsl_dataset_t *origin;
405
406 if (earlier->ds_phys->ds_creation_txg >=
407 later->ds_phys->ds_creation_txg)
408 return (B_FALSE);
409
410 if (later->ds_dir == earlier->ds_dir)
411 return (B_TRUE);
412 if (!dsl_dir_is_clone(later->ds_dir))
413 return (B_FALSE);
414
415 rw_enter(&dp->dp_config_rwlock, RW_READER);
416 if (later->ds_dir->dd_phys->dd_origin_obj == earlier->ds_object) {
417 rw_exit(&dp->dp_config_rwlock);
418 return (B_TRUE);
419 }
420 error = dsl_dataset_hold_obj(dp,
421 later->ds_dir->dd_phys->dd_origin_obj, FTAG, &origin);
422 rw_exit(&dp->dp_config_rwlock);
423 if (error != 0)
424 return (B_FALSE);
425 ret = is_before(origin, earlier);
426 dsl_dataset_rele(origin, FTAG);
427 return (ret);
428 }
429
430 int
431 dmu_send(objset_t *tosnap, objset_t *fromsnap, int outfd, vnode_t *vp,
432 offset_t *off)
433 {
434 dsl_dataset_t *ds = tosnap->os_dsl_dataset;
435 dsl_dataset_t *fromds = fromsnap ? fromsnap->os_dsl_dataset : NULL;
436 dmu_replay_record_t *drr;
437 dmu_sendarg_t *dsp;
438 int err;
439 uint64_t fromtxg = 0;
440
441 /* tosnap must be a snapshot */
442 if (ds->ds_phys->ds_next_snap_obj == 0)
443 return (EINVAL);
444
445 /*
446 * fromsnap must be an earlier snapshot from the same fs as tosnap,
447 * or the origin's fs.
448 */
449 if (fromds != NULL && !is_before(ds, fromds))
450 return (EXDEV);
451
452 drr = kmem_zalloc(sizeof (dmu_replay_record_t), KM_SLEEP);
453 drr->drr_type = DRR_BEGIN;
454 drr->drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC;
455 DMU_SET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo,
456 DMU_SUBSTREAM);
457
458 #ifdef _KERNEL
459 if (dmu_objset_type(tosnap) == DMU_OST_ZFS) {
460 uint64_t version;
461 if (zfs_get_zplprop(tosnap, ZFS_PROP_VERSION, &version) != 0) {
462 kmem_free(drr, sizeof (dmu_replay_record_t));
463 return (EINVAL);
464 }
465 if (version == ZPL_VERSION_SA) {
466 DMU_SET_FEATUREFLAGS(
467 drr->drr_u.drr_begin.drr_versioninfo,
468 DMU_BACKUP_FEATURE_SA_SPILL);
469 }
470 }
471 #endif
472
473 drr->drr_u.drr_begin.drr_creation_time =
474 ds->ds_phys->ds_creation_time;
475 drr->drr_u.drr_begin.drr_type = tosnap->os_phys->os_type;
476 if (fromds != NULL && ds->ds_dir != fromds->ds_dir)
477 drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_CLONE;
478 drr->drr_u.drr_begin.drr_toguid = ds->ds_phys->ds_guid;
479 if (ds->ds_phys->ds_flags & DS_FLAG_CI_DATASET)
480 drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_CI_DATA;
481
482 if (fromds)
483 drr->drr_u.drr_begin.drr_fromguid = fromds->ds_phys->ds_guid;
484 dsl_dataset_name(ds, drr->drr_u.drr_begin.drr_toname);
485
486 if (fromds)
487 fromtxg = fromds->ds_phys->ds_creation_txg;
488
489 dsp = kmem_zalloc(sizeof (dmu_sendarg_t), KM_SLEEP);
490
491 dsp->dsa_drr = drr;
492 dsp->dsa_vp = vp;
493 dsp->dsa_outfd = outfd;
494 dsp->dsa_proc = curproc;
495 dsp->dsa_os = tosnap;
496 dsp->dsa_off = off;
497 dsp->dsa_toguid = ds->ds_phys->ds_guid;
498 ZIO_SET_CHECKSUM(&dsp->dsa_zc, 0, 0, 0, 0);
499 dsp->dsa_pending_op = PENDING_NONE;
500
501 mutex_enter(&ds->ds_sendstream_lock);
502 list_insert_head(&ds->ds_sendstreams, dsp);
503 mutex_exit(&ds->ds_sendstream_lock);
504
505 if (dump_bytes(dsp, drr, sizeof (dmu_replay_record_t)) != 0) {
506 err = dsp->dsa_err;
507 goto out;
508 }
509
510 err = traverse_dataset(ds, fromtxg, TRAVERSE_PRE | TRAVERSE_PREFETCH,
511 backup_cb, dsp);
512
513 if (dsp->dsa_pending_op != PENDING_NONE)
514 if (dump_bytes(dsp, drr, sizeof (dmu_replay_record_t)) != 0)
515 err = EINTR;
516
517 if (err) {
518 if (err == EINTR && dsp->dsa_err)
519 err = dsp->dsa_err;
520 goto out;
521 }
522
523 bzero(drr, sizeof (dmu_replay_record_t));
524 drr->drr_type = DRR_END;
525 drr->drr_u.drr_end.drr_checksum = dsp->dsa_zc;
526 drr->drr_u.drr_end.drr_toguid = dsp->dsa_toguid;
527
528 if (dump_bytes(dsp, drr, sizeof (dmu_replay_record_t)) != 0) {
529 err = dsp->dsa_err;
530 goto out;
531 }
532
533 out:
534 mutex_enter(&ds->ds_sendstream_lock);
535 list_remove(&ds->ds_sendstreams, dsp);
536 mutex_exit(&ds->ds_sendstream_lock);
537
538 kmem_free(drr, sizeof (dmu_replay_record_t));
539 kmem_free(dsp, sizeof (dmu_sendarg_t));
540
541 return (err);
542 }
543
544 int
545 dmu_send_estimate(objset_t *tosnap, objset_t *fromsnap, uint64_t *sizep)
546 {
547 dsl_dataset_t *ds = tosnap->os_dsl_dataset;
548 dsl_dataset_t *fromds = fromsnap ? fromsnap->os_dsl_dataset : NULL;
549 dsl_pool_t *dp = ds->ds_dir->dd_pool;
550 int err;
551 uint64_t size;
552
553 /* tosnap must be a snapshot */
554 if (ds->ds_phys->ds_next_snap_obj == 0)
555 return (EINVAL);
556
557 /*
558 * fromsnap must be an earlier snapshot from the same fs as tosnap,
559 * or the origin's fs.
560 */
561 if (fromds != NULL && !is_before(ds, fromds))
562 return (EXDEV);
563
564 /* Get uncompressed size estimate of changed data. */
565 if (fromds == NULL) {
566 size = ds->ds_phys->ds_uncompressed_bytes;
567 } else {
568 uint64_t used, comp;
569 err = dsl_dataset_space_written(fromds, ds,
570 &used, &comp, &size);
571 if (err)
572 return (err);
573 }
574
575 /*
576 * Assume that space (both on-disk and in-stream) is dominated by
577 * data. We will adjust for indirect blocks and the copies property,
578 * but ignore per-object space used (eg, dnodes and DRR_OBJECT records).
579 */
580
581 /*
582 * Subtract out approximate space used by indirect blocks.
583 * Assume most space is used by data blocks (non-indirect, non-dnode).
584 * Assume all blocks are recordsize. Assume ditto blocks and
585 * internal fragmentation counter out compression.
586 *
587 * Therefore, space used by indirect blocks is sizeof(blkptr_t) per
588 * block, which we observe in practice.
589 */
590 uint64_t recordsize;
591 rw_enter(&dp->dp_config_rwlock, RW_READER);
592 err = dsl_prop_get_ds(ds, "recordsize",
593 sizeof (recordsize), 1, &recordsize, NULL);
594 rw_exit(&dp->dp_config_rwlock);
595 if (err)
596 return (err);
597 size -= size / recordsize * sizeof (blkptr_t);
598
599 /* Add in the space for the record associated with each block. */
600 size += size / recordsize * sizeof (dmu_replay_record_t);
601
602 *sizep = size;
603
604 return (0);
605 }
606
607 struct recvbeginsyncarg {
608 const char *tofs;
609 const char *tosnap;
610 dsl_dataset_t *origin;
611 uint64_t fromguid;
612 dmu_objset_type_t type;
613 void *tag;
614 boolean_t force;
615 uint64_t dsflags;
616 char clonelastname[MAXNAMELEN];
617 dsl_dataset_t *ds; /* the ds to recv into; returned from the syncfunc */
618 cred_t *cr;
619 };
620
621 /* ARGSUSED */
622 static int
623 recv_new_check(void *arg1, void *arg2, dmu_tx_t *tx)
624 {
625 dsl_dir_t *dd = arg1;
626 struct recvbeginsyncarg *rbsa = arg2;
627 objset_t *mos = dd->dd_pool->dp_meta_objset;
628 uint64_t val;
629 int err;
630
631 err = zap_lookup(mos, dd->dd_phys->dd_child_dir_zapobj,
632 strrchr(rbsa->tofs, '/') + 1, sizeof (uint64_t), 1, &val);
633
634 if (err != ENOENT)
635 return (err ? err : EEXIST);
636
637 if (rbsa->origin) {
638 /* make sure it's a snap in the same pool */
639 if (rbsa->origin->ds_dir->dd_pool != dd->dd_pool)
640 return (EXDEV);
641 if (!dsl_dataset_is_snapshot(rbsa->origin))
642 return (EINVAL);
643 if (rbsa->origin->ds_phys->ds_guid != rbsa->fromguid)
644 return (ENODEV);
645 }
646
647 /*
648 * Check dataset and snapshot quotas before receiving. We'll recheck
649 * again at the end, but might as well abort before receiving if we're
650 * already over quota.
651 */
652 if (dd->dd_parent != NULL) {
653 err = dsl_dir_dscount_check(dd->dd_parent, NULL, 1, NULL);
654 if (err != 0)
655 return (err);
656 }
657
658 err = dsl_snapcount_check(dd, tx, 1, NULL);
659 if (err != 0)
660 return (err);
661
662
663 return (0);
664 }
665
666 static void
667 recv_new_sync(void *arg1, void *arg2, dmu_tx_t *tx)
668 {
669 dsl_dir_t *dd = arg1;
670 struct recvbeginsyncarg *rbsa = arg2;
671 uint64_t flags = DS_FLAG_INCONSISTENT | rbsa->dsflags;
672 uint64_t dsobj;
673
674 /* Create and open new dataset. */
675 dsobj = dsl_dataset_create_sync(dd, strrchr(rbsa->tofs, '/') + 1,
676 rbsa->origin, flags, rbsa->cr, tx);
677 VERIFY(0 == dsl_dataset_own_obj(dd->dd_pool, dsobj,
678 B_TRUE, dmu_recv_tag, &rbsa->ds));
679
680 if (rbsa->origin == NULL) {
681 (void) dmu_objset_create_impl(dd->dd_pool->dp_spa,
682 rbsa->ds, &rbsa->ds->ds_phys->ds_bp, rbsa->type, tx);
683 }
684
685 spa_history_log_internal_ds(rbsa->ds, "receive new", tx, "");
686 }
687
688 /* ARGSUSED */
689 static int
690 recv_existing_check(void *arg1, void *arg2, dmu_tx_t *tx)
691 {
692 dsl_dataset_t *ds = arg1;
693 struct recvbeginsyncarg *rbsa = arg2;
694 int err;
695 uint64_t val;
696
697 /* must not have any changes since most recent snapshot */
698 if (!rbsa->force && dsl_dataset_modified_since_lastsnap(ds))
699 return (ETXTBSY);
700
701 /* new snapshot name must not exist */
702 err = zap_lookup(ds->ds_dir->dd_pool->dp_meta_objset,
703 ds->ds_phys->ds_snapnames_zapobj, rbsa->tosnap, 8, 1, &val);
704 if (err == 0)
705 return (EEXIST);
706 if (err != ENOENT)
707 return (err);
708
709 if (rbsa->fromguid) {
710 /* if incremental, most recent snapshot must match fromguid */
711 if (ds->ds_prev == NULL)
712 return (ENODEV);
713
714 /*
715 * most recent snapshot must match fromguid, or there are no
716 * changes since the fromguid one
717 */
718 if (ds->ds_prev->ds_phys->ds_guid != rbsa->fromguid) {
719 uint64_t birth = ds->ds_prev->ds_phys->ds_bp.blk_birth;
720 uint64_t obj = ds->ds_prev->ds_phys->ds_prev_snap_obj;
721 while (obj != 0) {
722 dsl_dataset_t *snap;
723 err = dsl_dataset_hold_obj(ds->ds_dir->dd_pool,
724 obj, FTAG, &snap);
725 if (err)
726 return (ENODEV);
727 if (snap->ds_phys->ds_creation_txg < birth) {
728 dsl_dataset_rele(snap, FTAG);
729 return (ENODEV);
730 }
731 if (snap->ds_phys->ds_guid == rbsa->fromguid) {
732 dsl_dataset_rele(snap, FTAG);
733 break; /* it's ok */
734 }
735 obj = snap->ds_phys->ds_prev_snap_obj;
736 dsl_dataset_rele(snap, FTAG);
737 }
738 if (obj == 0)
739 return (ENODEV);
740 }
741 } else {
742 /* if full, most recent snapshot must be $ORIGIN */
743 if (ds->ds_phys->ds_prev_snap_txg >= TXG_INITIAL)
744 return (ENODEV);
745
746 /* Check snapshot quota before receiving */
747 err = dsl_snapcount_check(ds->ds_dir, tx, 1, NULL);
748 if (err != 0)
749 return (err);
750 }
751
752 /* temporary clone name must not exist */
753 err = zap_lookup(ds->ds_dir->dd_pool->dp_meta_objset,
754 ds->ds_dir->dd_phys->dd_child_dir_zapobj,
755 rbsa->clonelastname, 8, 1, &val);
756 if (err == 0)
757 return (EEXIST);
758 if (err != ENOENT)
759 return (err);
760
761 return (0);
762 }
763
764 /* ARGSUSED */
765 static void
766 recv_existing_sync(void *arg1, void *arg2, dmu_tx_t *tx)
767 {
768 dsl_dataset_t *ohds = arg1;
769 struct recvbeginsyncarg *rbsa = arg2;
770 dsl_pool_t *dp = ohds->ds_dir->dd_pool;
771 dsl_dataset_t *cds;
772 uint64_t flags = DS_FLAG_INCONSISTENT | rbsa->dsflags;
773 uint64_t dsobj;
774
775 /* create and open the temporary clone */
776 dsobj = dsl_dataset_create_sync(ohds->ds_dir, rbsa->clonelastname,
777 ohds->ds_prev, flags, rbsa->cr, tx);
778 VERIFY(0 == dsl_dataset_own_obj(dp, dsobj, B_TRUE, dmu_recv_tag, &cds));
779
780 /*
781 * If we actually created a non-clone, we need to create the
782 * objset in our new dataset.
783 */
784 if (BP_IS_HOLE(dsl_dataset_get_blkptr(cds))) {
785 (void) dmu_objset_create_impl(dp->dp_spa,
786 cds, dsl_dataset_get_blkptr(cds), rbsa->type, tx);
787 }
788
789 rbsa->ds = cds;
790
791 spa_history_log_internal_ds(cds, "receive over existing", tx, "");
792 }
793
794 static boolean_t
795 dmu_recv_verify_features(dsl_dataset_t *ds, struct drr_begin *drrb)
796 {
797 int featureflags;
798
799 featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
800
801 /* Verify pool version supports SA if SA_SPILL feature set */
802 return ((featureflags & DMU_BACKUP_FEATURE_SA_SPILL) &&
803 (spa_version(dsl_dataset_get_spa(ds)) < SPA_VERSION_SA));
804 }
805
806 /*
807 * NB: callers *MUST* call dmu_recv_stream() if dmu_recv_begin()
808 * succeeds; otherwise we will leak the holds on the datasets.
809 */
810 int
811 dmu_recv_begin(char *tofs, char *tosnap, char *top_ds, struct drr_begin *drrb,
812 boolean_t force, objset_t *origin, dmu_recv_cookie_t *drc)
813 {
814 int err = 0;
815 boolean_t byteswap;
816 struct recvbeginsyncarg rbsa = { 0 };
817 uint64_t versioninfo;
818 int flags;
819 dsl_dataset_t *ds;
820
821 if (drrb->drr_magic == DMU_BACKUP_MAGIC)
822 byteswap = FALSE;
823 else if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC))
824 byteswap = TRUE;
825 else
826 return (EINVAL);
827
828 rbsa.tofs = tofs;
829 rbsa.tosnap = tosnap;
830 rbsa.origin = origin ? origin->os_dsl_dataset : NULL;
831 rbsa.fromguid = drrb->drr_fromguid;
832 rbsa.type = drrb->drr_type;
833 rbsa.tag = FTAG;
834 rbsa.dsflags = 0;
835 rbsa.cr = CRED();
836 versioninfo = drrb->drr_versioninfo;
837 flags = drrb->drr_flags;
838
839 if (byteswap) {
840 rbsa.type = BSWAP_32(rbsa.type);
841 rbsa.fromguid = BSWAP_64(rbsa.fromguid);
842 versioninfo = BSWAP_64(versioninfo);
843 flags = BSWAP_32(flags);
844 }
845
846 if (DMU_GET_STREAM_HDRTYPE(versioninfo) == DMU_COMPOUNDSTREAM ||
847 rbsa.type >= DMU_OST_NUMTYPES ||
848 ((flags & DRR_FLAG_CLONE) && origin == NULL))
849 return (EINVAL);
850
851 if (flags & DRR_FLAG_CI_DATA)
852 rbsa.dsflags = DS_FLAG_CI_DATASET;
853
854 bzero(drc, sizeof (dmu_recv_cookie_t));
855 drc->drc_drrb = drrb;
856 drc->drc_tosnap = tosnap;
857 drc->drc_top_ds = top_ds;
858 drc->drc_force = force;
859
860 /*
861 * Process the begin in syncing context.
862 */
863
864 /* open the dataset we are logically receiving into */
865 err = dsl_dataset_hold(tofs, dmu_recv_tag, &ds);
866 if (err == 0) {
867 if (dmu_recv_verify_features(ds, drrb)) {
868 dsl_dataset_rele(ds, dmu_recv_tag);
869 return (ENOTSUP);
870 }
871 /* target fs already exists; recv into temp clone */
872
873 /* Can't recv a clone into an existing fs */
874 if (flags & DRR_FLAG_CLONE) {
875 dsl_dataset_rele(ds, dmu_recv_tag);
876 return (EINVAL);
877 }
878
879 /* must not have an incremental recv already in progress */
880 if (!mutex_tryenter(&ds->ds_recvlock)) {
881 dsl_dataset_rele(ds, dmu_recv_tag);
882 return (EBUSY);
883 }
884
885 /* tmp clone name is: tofs/%tosnap" */
886 (void) snprintf(rbsa.clonelastname, sizeof (rbsa.clonelastname),
887 "%%%s", tosnap);
888 rbsa.force = force;
889 err = dsl_sync_task_do(ds->ds_dir->dd_pool,
890 recv_existing_check, recv_existing_sync, ds, &rbsa, 5);
891 if (err) {
892 mutex_exit(&ds->ds_recvlock);
893 dsl_dataset_rele(ds, dmu_recv_tag);
894 return (err);
895 }
896 drc->drc_logical_ds = ds;
897 drc->drc_real_ds = rbsa.ds;
898 } else if (err == ENOENT) {
899 /* target fs does not exist; must be a full backup or clone */
900 char *cp;
901
902 /*
903 * If it's a non-clone incremental, we are missing the
904 * target fs, so fail the recv.
905 */
906 if (rbsa.fromguid && !(flags & DRR_FLAG_CLONE))
907 return (ENOENT);
908
909 /* Open the parent of tofs */
910 cp = strrchr(tofs, '/');
911 *cp = '\0';
912 err = dsl_dataset_hold(tofs, FTAG, &ds);
913 *cp = '/';
914 if (err)
915 return (err);
916
917 if (dmu_recv_verify_features(ds, drrb)) {
918 dsl_dataset_rele(ds, FTAG);
919 return (ENOTSUP);
920 }
921
922 err = dsl_sync_task_do(ds->ds_dir->dd_pool,
923 recv_new_check, recv_new_sync, ds->ds_dir, &rbsa, 5);
924 dsl_dataset_rele(ds, FTAG);
925 if (err)
926 return (err);
927 drc->drc_logical_ds = drc->drc_real_ds = rbsa.ds;
928 drc->drc_newfs = B_TRUE;
929 }
930
931 return (err);
932 }
933
934 struct restorearg {
935 int err;
936 int byteswap;
937 vnode_t *vp;
938 char *buf;
939 uint64_t voff;
940 int bufsize; /* amount of memory allocated for buf */
941 zio_cksum_t cksum;
942 avl_tree_t *guid_to_ds_map;
943 };
944
945 typedef struct guid_map_entry {
946 uint64_t guid;
947 dsl_dataset_t *gme_ds;
948 avl_node_t avlnode;
949 } guid_map_entry_t;
950
951 static int
952 guid_compare(const void *arg1, const void *arg2)
953 {
954 const guid_map_entry_t *gmep1 = arg1;
955 const guid_map_entry_t *gmep2 = arg2;
956
957 if (gmep1->guid < gmep2->guid)
958 return (-1);
959 else if (gmep1->guid > gmep2->guid)
960 return (1);
961 return (0);
962 }
963
964 static void
965 free_guid_map_onexit(void *arg)
966 {
967 avl_tree_t *ca = arg;
968 void *cookie = NULL;
969 guid_map_entry_t *gmep;
970
971 while ((gmep = avl_destroy_nodes(ca, &cookie)) != NULL) {
972 dsl_dataset_rele(gmep->gme_ds, ca);
973 kmem_free(gmep, sizeof (guid_map_entry_t));
974 }
975 avl_destroy(ca);
976 kmem_free(ca, sizeof (avl_tree_t));
977 }
978
979 static void *
980 restore_read(struct restorearg *ra, int len)
981 {
982 void *rv;
983 int done = 0;
984
985 /* some things will require 8-byte alignment, so everything must */
986 ASSERT0(len % 8);
987
988 while (done < len) {
989 ssize_t resid;
990
991 ra->err = vn_rdwr(UIO_READ, ra->vp,
992 (caddr_t)ra->buf + done, len - done,
993 ra->voff, UIO_SYSSPACE, FAPPEND,
994 RLIM64_INFINITY, CRED(), &resid);
995
996 if (resid == len - done)
997 ra->err = EINVAL;
998 ra->voff += len - done - resid;
999 done = len - resid;
1000 if (ra->err)
1001 return (NULL);
1002 }
1003
1004 ASSERT3U(done, ==, len);
1005 rv = ra->buf;
1006 if (ra->byteswap)
1007 fletcher_4_incremental_byteswap(rv, len, &ra->cksum);
1008 else
1009 fletcher_4_incremental_native(rv, len, &ra->cksum);
1010 return (rv);
1011 }
1012
1013 static void
1014 backup_byteswap(dmu_replay_record_t *drr)
1015 {
1016 #define DO64(X) (drr->drr_u.X = BSWAP_64(drr->drr_u.X))
1017 #define DO32(X) (drr->drr_u.X = BSWAP_32(drr->drr_u.X))
1018 drr->drr_type = BSWAP_32(drr->drr_type);
1019 drr->drr_payloadlen = BSWAP_32(drr->drr_payloadlen);
1020 switch (drr->drr_type) {
1021 case DRR_BEGIN:
1022 DO64(drr_begin.drr_magic);
1023 DO64(drr_begin.drr_versioninfo);
1024 DO64(drr_begin.drr_creation_time);
1025 DO32(drr_begin.drr_type);
1026 DO32(drr_begin.drr_flags);
1027 DO64(drr_begin.drr_toguid);
1028 DO64(drr_begin.drr_fromguid);
1029 break;
1030 case DRR_OBJECT:
1031 DO64(drr_object.drr_object);
1032 /* DO64(drr_object.drr_allocation_txg); */
1033 DO32(drr_object.drr_type);
1034 DO32(drr_object.drr_bonustype);
1035 DO32(drr_object.drr_blksz);
1036 DO32(drr_object.drr_bonuslen);
1037 DO64(drr_object.drr_toguid);
1038 break;
1039 case DRR_FREEOBJECTS:
1040 DO64(drr_freeobjects.drr_firstobj);
1041 DO64(drr_freeobjects.drr_numobjs);
1042 DO64(drr_freeobjects.drr_toguid);
1043 break;
1044 case DRR_WRITE:
1045 DO64(drr_write.drr_object);
1046 DO32(drr_write.drr_type);
1047 DO64(drr_write.drr_offset);
1048 DO64(drr_write.drr_length);
1049 DO64(drr_write.drr_toguid);
1050 DO64(drr_write.drr_key.ddk_cksum.zc_word[0]);
1051 DO64(drr_write.drr_key.ddk_cksum.zc_word[1]);
1052 DO64(drr_write.drr_key.ddk_cksum.zc_word[2]);
1053 DO64(drr_write.drr_key.ddk_cksum.zc_word[3]);
1054 DO64(drr_write.drr_key.ddk_prop);
1055 break;
1056 case DRR_WRITE_BYREF:
1057 DO64(drr_write_byref.drr_object);
1058 DO64(drr_write_byref.drr_offset);
1059 DO64(drr_write_byref.drr_length);
1060 DO64(drr_write_byref.drr_toguid);
1061 DO64(drr_write_byref.drr_refguid);
1062 DO64(drr_write_byref.drr_refobject);
1063 DO64(drr_write_byref.drr_refoffset);
1064 DO64(drr_write_byref.drr_key.ddk_cksum.zc_word[0]);
1065 DO64(drr_write_byref.drr_key.ddk_cksum.zc_word[1]);
1066 DO64(drr_write_byref.drr_key.ddk_cksum.zc_word[2]);
1067 DO64(drr_write_byref.drr_key.ddk_cksum.zc_word[3]);
1068 DO64(drr_write_byref.drr_key.ddk_prop);
1069 break;
1070 case DRR_FREE:
1071 DO64(drr_free.drr_object);
1072 DO64(drr_free.drr_offset);
1073 DO64(drr_free.drr_length);
1074 DO64(drr_free.drr_toguid);
1075 break;
1076 case DRR_SPILL:
1077 DO64(drr_spill.drr_object);
1078 DO64(drr_spill.drr_length);
1079 DO64(drr_spill.drr_toguid);
1080 break;
1081 case DRR_END:
1082 DO64(drr_end.drr_checksum.zc_word[0]);
1083 DO64(drr_end.drr_checksum.zc_word[1]);
1084 DO64(drr_end.drr_checksum.zc_word[2]);
1085 DO64(drr_end.drr_checksum.zc_word[3]);
1086 DO64(drr_end.drr_toguid);
1087 break;
1088 }
1089 #undef DO64
1090 #undef DO32
1091 }
1092
1093 static int
1094 restore_object(struct restorearg *ra, objset_t *os, struct drr_object *drro)
1095 {
1096 int err;
1097 dmu_tx_t *tx;
1098 void *data = NULL;
1099
1100 if (drro->drr_type == DMU_OT_NONE ||
1101 !DMU_OT_IS_VALID(drro->drr_type) ||
1102 !DMU_OT_IS_VALID(drro->drr_bonustype) ||
1103 drro->drr_checksumtype >= ZIO_CHECKSUM_FUNCTIONS ||
1104 drro->drr_compress >= ZIO_COMPRESS_FUNCTIONS ||
1105 P2PHASE(drro->drr_blksz, SPA_MINBLOCKSIZE) ||
1106 drro->drr_blksz < SPA_MINBLOCKSIZE ||
1107 drro->drr_blksz > SPA_MAXBLOCKSIZE ||
1108 drro->drr_bonuslen > DN_MAX_BONUSLEN) {
1109 return (EINVAL);
1110 }
1111
1112 err = dmu_object_info(os, drro->drr_object, NULL);
1113
1114 if (err != 0 && err != ENOENT)
1115 return (EINVAL);
1116
1117 if (drro->drr_bonuslen) {
1118 data = restore_read(ra, P2ROUNDUP(drro->drr_bonuslen, 8));
1119 if (ra->err)
1120 return (ra->err);
1121 }
1122
1123 if (err == ENOENT) {
1124 /* currently free, want to be allocated */
1125 tx = dmu_tx_create(os);
1126 dmu_tx_hold_bonus(tx, DMU_NEW_OBJECT);
1127 err = dmu_tx_assign(tx, TXG_WAIT);
1128 if (err) {
1129 dmu_tx_abort(tx);
1130 return (err);
1131 }
1132 err = dmu_object_claim(os, drro->drr_object,
1133 drro->drr_type, drro->drr_blksz,
1134 drro->drr_bonustype, drro->drr_bonuslen, tx);
1135 dmu_tx_commit(tx);
1136 } else {
1137 /* currently allocated, want to be allocated */
1138 err = dmu_object_reclaim(os, drro->drr_object,
1139 drro->drr_type, drro->drr_blksz,
1140 drro->drr_bonustype, drro->drr_bonuslen);
1141 }
1142 if (err) {
1143 return (EINVAL);
1144 }
1145
1146 tx = dmu_tx_create(os);
1147 dmu_tx_hold_bonus(tx, drro->drr_object);
1148 err = dmu_tx_assign(tx, TXG_WAIT);
1149 if (err) {
1150 dmu_tx_abort(tx);
1151 return (err);
1152 }
1153
1154 dmu_object_set_checksum(os, drro->drr_object, drro->drr_checksumtype,
1155 tx);
1156 dmu_object_set_compress(os, drro->drr_object, drro->drr_compress, tx);
1157
1158 if (data != NULL) {
1159 dmu_buf_t *db;
1160
1161 VERIFY(0 == dmu_bonus_hold(os, drro->drr_object, FTAG, &db));
1162 dmu_buf_will_dirty(db, tx);
1163
1164 ASSERT3U(db->db_size, >=, drro->drr_bonuslen);
1165 bcopy(data, db->db_data, drro->drr_bonuslen);
1166 if (ra->byteswap) {
1167 dmu_object_byteswap_t byteswap =
1168 DMU_OT_BYTESWAP(drro->drr_bonustype);
1169 dmu_ot_byteswap[byteswap].ob_func(db->db_data,
1170 drro->drr_bonuslen);
1171 }
1172 dmu_buf_rele(db, FTAG);
1173 }
1174 dmu_tx_commit(tx);
1175 return (0);
1176 }
1177
1178 /* ARGSUSED */
1179 static int
1180 restore_freeobjects(struct restorearg *ra, objset_t *os,
1181 struct drr_freeobjects *drrfo)
1182 {
1183 uint64_t obj;
1184
1185 if (drrfo->drr_firstobj + drrfo->drr_numobjs < drrfo->drr_firstobj)
1186 return (EINVAL);
1187
1188 for (obj = drrfo->drr_firstobj;
1189 obj < drrfo->drr_firstobj + drrfo->drr_numobjs;
1190 (void) dmu_object_next(os, &obj, FALSE, 0)) {
1191 int err;
1192
1193 if (dmu_object_info(os, obj, NULL) != 0)
1194 continue;
1195
1196 err = dmu_free_object(os, obj);
1197 if (err)
1198 return (err);
1199 }
1200 return (0);
1201 }
1202
1203 static int
1204 restore_write(struct restorearg *ra, objset_t *os,
1205 struct drr_write *drrw)
1206 {
1207 dmu_tx_t *tx;
1208 void *data;
1209 int err;
1210
1211 if (drrw->drr_offset + drrw->drr_length < drrw->drr_offset ||
1212 !DMU_OT_IS_VALID(drrw->drr_type))
1213 return (EINVAL);
1214
1215 data = restore_read(ra, drrw->drr_length);
1216 if (data == NULL)
1217 return (ra->err);
1218
1219 if (dmu_object_info(os, drrw->drr_object, NULL) != 0)
1220 return (EINVAL);
1221
1222 tx = dmu_tx_create(os);
1223
1224 dmu_tx_hold_write(tx, drrw->drr_object,
1225 drrw->drr_offset, drrw->drr_length);
1226 err = dmu_tx_assign(tx, TXG_WAIT);
1227 if (err) {
1228 dmu_tx_abort(tx);
1229 return (err);
1230 }
1231 if (ra->byteswap) {
1232 dmu_object_byteswap_t byteswap =
1233 DMU_OT_BYTESWAP(drrw->drr_type);
1234 dmu_ot_byteswap[byteswap].ob_func(data, drrw->drr_length);
1235 }
1236 dmu_write(os, drrw->drr_object,
1237 drrw->drr_offset, drrw->drr_length, data, tx);
1238 dmu_tx_commit(tx);
1239 return (0);
1240 }
1241
1242 /*
1243 * Handle a DRR_WRITE_BYREF record. This record is used in dedup'ed
1244 * streams to refer to a copy of the data that is already on the
1245 * system because it came in earlier in the stream. This function
1246 * finds the earlier copy of the data, and uses that copy instead of
1247 * data from the stream to fulfill this write.
1248 */
1249 static int
1250 restore_write_byref(struct restorearg *ra, objset_t *os,
1251 struct drr_write_byref *drrwbr)
1252 {
1253 dmu_tx_t *tx;
1254 int err;
1255 guid_map_entry_t gmesrch;
1256 guid_map_entry_t *gmep;
1257 avl_index_t where;
1258 objset_t *ref_os = NULL;
1259 dmu_buf_t *dbp;
1260
1261 if (drrwbr->drr_offset + drrwbr->drr_length < drrwbr->drr_offset)
1262 return (EINVAL);
1263
1264 /*
1265 * If the GUID of the referenced dataset is different from the
1266 * GUID of the target dataset, find the referenced dataset.
1267 */
1268 if (drrwbr->drr_toguid != drrwbr->drr_refguid) {
1269 gmesrch.guid = drrwbr->drr_refguid;
1270 if ((gmep = avl_find(ra->guid_to_ds_map, &gmesrch,
1271 &where)) == NULL) {
1272 return (EINVAL);
1273 }
1274 if (dmu_objset_from_ds(gmep->gme_ds, &ref_os))
1275 return (EINVAL);
1276 } else {
1277 ref_os = os;
1278 }
1279
1280 if (err = dmu_buf_hold(ref_os, drrwbr->drr_refobject,
1281 drrwbr->drr_refoffset, FTAG, &dbp, DMU_READ_PREFETCH))
1282 return (err);
1283
1284 tx = dmu_tx_create(os);
1285
1286 dmu_tx_hold_write(tx, drrwbr->drr_object,
1287 drrwbr->drr_offset, drrwbr->drr_length);
1288 err = dmu_tx_assign(tx, TXG_WAIT);
1289 if (err) {
1290 dmu_tx_abort(tx);
1291 return (err);
1292 }
1293 dmu_write(os, drrwbr->drr_object,
1294 drrwbr->drr_offset, drrwbr->drr_length, dbp->db_data, tx);
1295 dmu_buf_rele(dbp, FTAG);
1296 dmu_tx_commit(tx);
1297 return (0);
1298 }
1299
1300 static int
1301 restore_spill(struct restorearg *ra, objset_t *os, struct drr_spill *drrs)
1302 {
1303 dmu_tx_t *tx;
1304 void *data;
1305 dmu_buf_t *db, *db_spill;
1306 int err;
1307
1308 if (drrs->drr_length < SPA_MINBLOCKSIZE ||
1309 drrs->drr_length > SPA_MAXBLOCKSIZE)
1310 return (EINVAL);
1311
1312 data = restore_read(ra, drrs->drr_length);
1313 if (data == NULL)
1314 return (ra->err);
1315
1316 if (dmu_object_info(os, drrs->drr_object, NULL) != 0)
1317 return (EINVAL);
1318
1319 VERIFY(0 == dmu_bonus_hold(os, drrs->drr_object, FTAG, &db));
1320 if ((err = dmu_spill_hold_by_bonus(db, FTAG, &db_spill)) != 0) {
1321 dmu_buf_rele(db, FTAG);
1322 return (err);
1323 }
1324
1325 tx = dmu_tx_create(os);
1326
1327 dmu_tx_hold_spill(tx, db->db_object);
1328
1329 err = dmu_tx_assign(tx, TXG_WAIT);
1330 if (err) {
1331 dmu_buf_rele(db, FTAG);
1332 dmu_buf_rele(db_spill, FTAG);
1333 dmu_tx_abort(tx);
1334 return (err);
1335 }
1336 dmu_buf_will_dirty(db_spill, tx);
1337
1338 if (db_spill->db_size < drrs->drr_length)
1339 VERIFY(0 == dbuf_spill_set_blksz(db_spill,
1340 drrs->drr_length, tx));
1341 bcopy(data, db_spill->db_data, drrs->drr_length);
1342
1343 dmu_buf_rele(db, FTAG);
1344 dmu_buf_rele(db_spill, FTAG);
1345
1346 dmu_tx_commit(tx);
1347 return (0);
1348 }
1349
1350 /* ARGSUSED */
1351 static int
1352 restore_free(struct restorearg *ra, objset_t *os,
1353 struct drr_free *drrf)
1354 {
1355 int err;
1356
1357 if (drrf->drr_length != -1ULL &&
1358 drrf->drr_offset + drrf->drr_length < drrf->drr_offset)
1359 return (EINVAL);
1360
1361 if (dmu_object_info(os, drrf->drr_object, NULL) != 0)
1362 return (EINVAL);
1363
1364 err = dmu_free_long_range(os, drrf->drr_object,
1365 drrf->drr_offset, drrf->drr_length);
1366 return (err);
1367 }
1368
1369 /*
1370 * NB: callers *must* call dmu_recv_end() if this succeeds.
1371 */
1372 int
1373 dmu_recv_stream(dmu_recv_cookie_t *drc, vnode_t *vp, offset_t *voffp,
1374 int cleanup_fd, uint64_t *action_handlep)
1375 {
1376 struct restorearg ra = { 0 };
1377 dmu_replay_record_t *drr;
1378 objset_t *os;
1379 zio_cksum_t pcksum;
1380 int featureflags;
1381
1382 if (drc->drc_drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC))
1383 ra.byteswap = TRUE;
1384
1385 {
1386 /* compute checksum of drr_begin record */
1387 dmu_replay_record_t *drr;
1388 drr = kmem_zalloc(sizeof (dmu_replay_record_t), KM_SLEEP);
1389
1390 drr->drr_type = DRR_BEGIN;
1391 drr->drr_u.drr_begin = *drc->drc_drrb;
1392 if (ra.byteswap) {
1393 fletcher_4_incremental_byteswap(drr,
1394 sizeof (dmu_replay_record_t), &ra.cksum);
1395 } else {
1396 fletcher_4_incremental_native(drr,
1397 sizeof (dmu_replay_record_t), &ra.cksum);
1398 }
1399 kmem_free(drr, sizeof (dmu_replay_record_t));
1400 }
1401
1402 if (ra.byteswap) {
1403 struct drr_begin *drrb = drc->drc_drrb;
1404 drrb->drr_magic = BSWAP_64(drrb->drr_magic);
1405 drrb->drr_versioninfo = BSWAP_64(drrb->drr_versioninfo);
1406 drrb->drr_creation_time = BSWAP_64(drrb->drr_creation_time);
1407 drrb->drr_type = BSWAP_32(drrb->drr_type);
1408 drrb->drr_toguid = BSWAP_64(drrb->drr_toguid);
1409 drrb->drr_fromguid = BSWAP_64(drrb->drr_fromguid);
1410 }
1411
1412 ra.vp = vp;
1413 ra.voff = *voffp;
1414 ra.bufsize = 1<<20;
1415 ra.buf = kmem_alloc(ra.bufsize, KM_SLEEP);
1416
1417 /* these were verified in dmu_recv_begin */
1418 ASSERT(DMU_GET_STREAM_HDRTYPE(drc->drc_drrb->drr_versioninfo) ==
1419 DMU_SUBSTREAM);
1420 ASSERT(drc->drc_drrb->drr_type < DMU_OST_NUMTYPES);
1421
1422 /*
1423 * Open the objset we are modifying.
1424 */
1425 VERIFY(dmu_objset_from_ds(drc->drc_real_ds, &os) == 0);
1426
1427 ASSERT(drc->drc_real_ds->ds_phys->ds_flags & DS_FLAG_INCONSISTENT);
1428
1429 featureflags = DMU_GET_FEATUREFLAGS(drc->drc_drrb->drr_versioninfo);
1430
1431 /* if this stream is dedup'ed, set up the avl tree for guid mapping */
1432 if (featureflags & DMU_BACKUP_FEATURE_DEDUP) {
1433 minor_t minor;
1434
1435 if (cleanup_fd == -1) {
1436 ra.err = EBADF;
1437 goto out;
1438 }
1439 ra.err = zfs_onexit_fd_hold(cleanup_fd, &minor);
1440 if (ra.err) {
1441 cleanup_fd = -1;
1442 goto out;
1443 }
1444
1445 if (*action_handlep == 0) {
1446 ra.guid_to_ds_map =
1447 kmem_alloc(sizeof (avl_tree_t), KM_SLEEP);
1448 avl_create(ra.guid_to_ds_map, guid_compare,
1449 sizeof (guid_map_entry_t),
1450 offsetof(guid_map_entry_t, avlnode));
1451 ra.err = zfs_onexit_add_cb(minor,
1452 free_guid_map_onexit, ra.guid_to_ds_map,
1453 action_handlep);
1454 if (ra.err)
1455 goto out;
1456 } else {
1457 ra.err = zfs_onexit_cb_data(minor, *action_handlep,
1458 (void **)&ra.guid_to_ds_map);
1459 if (ra.err)
1460 goto out;
1461 }
1462
1463 drc->drc_guid_to_ds_map = ra.guid_to_ds_map;
1464 }
1465
1466 /*
1467 * Read records and process them.
1468 */
1469 pcksum = ra.cksum;
1470 while (ra.err == 0 &&
1471 NULL != (drr = restore_read(&ra, sizeof (*drr)))) {
1472 if (issig(JUSTLOOKING) && issig(FORREAL)) {
1473 ra.err = EINTR;
1474 goto out;
1475 }
1476
1477 if (ra.byteswap)
1478 backup_byteswap(drr);
1479
1480 switch (drr->drr_type) {
1481 case DRR_OBJECT:
1482 {
1483 /*
1484 * We need to make a copy of the record header,
1485 * because restore_{object,write} may need to
1486 * restore_read(), which will invalidate drr.
1487 */
1488 struct drr_object drro = drr->drr_u.drr_object;
1489 ra.err = restore_object(&ra, os, &drro);
1490 break;
1491 }
1492 case DRR_FREEOBJECTS:
1493 {
1494 struct drr_freeobjects drrfo =
1495 drr->drr_u.drr_freeobjects;
1496 ra.err = restore_freeobjects(&ra, os, &drrfo);
1497 break;
1498 }
1499 case DRR_WRITE:
1500 {
1501 struct drr_write drrw = drr->drr_u.drr_write;
1502 ra.err = restore_write(&ra, os, &drrw);
1503 break;
1504 }
1505 case DRR_WRITE_BYREF:
1506 {
1507 struct drr_write_byref drrwbr =
1508 drr->drr_u.drr_write_byref;
1509 ra.err = restore_write_byref(&ra, os, &drrwbr);
1510 break;
1511 }
1512 case DRR_FREE:
1513 {
1514 struct drr_free drrf = drr->drr_u.drr_free;
1515 ra.err = restore_free(&ra, os, &drrf);
1516 break;
1517 }
1518 case DRR_END:
1519 {
1520 struct drr_end drre = drr->drr_u.drr_end;
1521 /*
1522 * We compare against the *previous* checksum
1523 * value, because the stored checksum is of
1524 * everything before the DRR_END record.
1525 */
1526 if (!ZIO_CHECKSUM_EQUAL(drre.drr_checksum, pcksum))
1527 ra.err = ECKSUM;
1528 goto out;
1529 }
1530 case DRR_SPILL:
1531 {
1532 struct drr_spill drrs = drr->drr_u.drr_spill;
1533 ra.err = restore_spill(&ra, os, &drrs);
1534 break;
1535 }
1536 default:
1537 ra.err = EINVAL;
1538 goto out;
1539 }
1540 pcksum = ra.cksum;
1541 }
1542 ASSERT(ra.err != 0);
1543
1544 out:
1545 if ((featureflags & DMU_BACKUP_FEATURE_DEDUP) && (cleanup_fd != -1))
1546 zfs_onexit_fd_rele(cleanup_fd);
1547
1548 if (ra.err != 0) {
1549 /*
1550 * destroy what we created, so we don't leave it in the
1551 * inconsistent restoring state.
1552 */
1553 txg_wait_synced(drc->drc_real_ds->ds_dir->dd_pool, 0);
1554
1555 (void) dsl_dataset_destroy(drc->drc_real_ds, dmu_recv_tag,
1556 B_FALSE);
1557 if (drc->drc_real_ds != drc->drc_logical_ds) {
1558 mutex_exit(&drc->drc_logical_ds->ds_recvlock);
1559 dsl_dataset_rele(drc->drc_logical_ds, dmu_recv_tag);
1560 }
1561 }
1562
1563 kmem_free(ra.buf, ra.bufsize);
1564 *voffp = ra.voff;
1565 return (ra.err);
1566 }
1567
1568 struct recvendsyncarg {
1569 char *tosnap;
1570 uint64_t creation_time;
1571 uint64_t toguid;
1572 boolean_t is_new;
1573 };
1574
1575 static int
1576 recv_end_check(void *arg1, void *arg2, dmu_tx_t *tx)
1577 {
1578 dsl_dataset_t *ds = arg1;
1579 struct recvendsyncarg *resa = arg2;
1580
1581 if (resa->is_new) {
1582 /* re-check the dataset quota now that recv is complete */
1583 dsl_dir_t *dd;
1584 int err;
1585
1586 dd = ds->ds_dir;
1587 if (dd->dd_parent != NULL) {
1588 err = dsl_dir_dscount_check(dd->dd_parent, NULL, 1,
1589 NULL);
1590 if (err != 0)
1591 return (err);
1592 }
1593 }
1594
1595 return (dsl_dataset_snapshot_check(ds, resa->tosnap, 1, tx));
1596 }
1597
1598 static void
1599 recv_end_sync(void *arg1, void *arg2, dmu_tx_t *tx)
1600 {
1601 dsl_dataset_t *ds = arg1;
1602 struct recvendsyncarg *resa = arg2;
1603
1604 if (resa->is_new)
1605 /* update the dataset counts */
1606 dsl_dir_dscount_adjust(ds->ds_dir->dd_parent, tx, 1, B_FALSE,
1607 B_TRUE);
1608
1609 dsl_dataset_snapshot_sync(ds, resa->tosnap, tx);
1610
1611 /* set snapshot's creation time and guid */
1612 dmu_buf_will_dirty(ds->ds_prev->ds_dbuf, tx);
1613 ds->ds_prev->ds_phys->ds_creation_time = resa->creation_time;
1614 ds->ds_prev->ds_phys->ds_guid = resa->toguid;
1615 ds->ds_prev->ds_phys->ds_flags &= ~DS_FLAG_INCONSISTENT;
1616
1617 dmu_buf_will_dirty(ds->ds_dbuf, tx);
1618 ds->ds_phys->ds_flags &= ~DS_FLAG_INCONSISTENT;
1619 spa_history_log_internal_ds(ds, "finished receiving", tx, "");
1620 }
1621
1622 static int
1623 add_ds_to_guidmap(avl_tree_t *guid_map, dsl_dataset_t *ds)
1624 {
1625 dsl_pool_t *dp = ds->ds_dir->dd_pool;
1626 uint64_t snapobj = ds->ds_phys->ds_prev_snap_obj;
1627 dsl_dataset_t *snapds;
1628 guid_map_entry_t *gmep;
1629 int err;
1630
1631 ASSERT(guid_map != NULL);
1632
1633 rw_enter(&dp->dp_config_rwlock, RW_READER);
1634 err = dsl_dataset_hold_obj(dp, snapobj, guid_map, &snapds);
1635 if (err == 0) {
1636 gmep = kmem_alloc(sizeof (guid_map_entry_t), KM_SLEEP);
1637 gmep->guid = snapds->ds_phys->ds_guid;
1638 gmep->gme_ds = snapds;
1639 avl_add(guid_map, gmep);
1640 }
1641
1642 rw_exit(&dp->dp_config_rwlock);
1643 return (err);
1644 }
1645
1646 static int
1647 dmu_recv_existing_end(dmu_recv_cookie_t *drc)
1648 {
1649 struct recvendsyncarg resa;
1650 dsl_dataset_t *ds = drc->drc_logical_ds;
1651 int err, myerr;
1652
1653 if (dsl_dataset_tryown(ds, FALSE, dmu_recv_tag)) {
1654 err = dsl_dataset_clone_swap(drc->drc_real_ds, ds,
1655 drc->drc_force);
1656 if (err)
1657 goto out;
1658 } else {
1659 mutex_exit(&ds->ds_recvlock);
1660 dsl_dataset_rele(ds, dmu_recv_tag);
1661 /* tag indicates temporary ds to dsl_dir_destroy_sync */
1662 (void) dsl_dataset_destroy(drc->drc_real_ds, tmp_dmu_recv_tag,
1663 B_FALSE);
1664 return (EBUSY);
1665 }
1666
1667 resa.creation_time = drc->drc_drrb->drr_creation_time;
1668 resa.toguid = drc->drc_drrb->drr_toguid;
1669 resa.tosnap = drc->drc_tosnap;
1670 resa.is_new = B_FALSE;
1671
1672 err = dsl_sync_task_do(ds->ds_dir->dd_pool,
1673 recv_end_check, recv_end_sync, ds, &resa, 3);
1674 if (err) {
1675 /* swap back */
1676 (void) dsl_dataset_clone_swap(drc->drc_real_ds, ds, B_TRUE);
1677 }
1678
1679 out:
1680 mutex_exit(&ds->ds_recvlock);
1681 if (err == 0 && drc->drc_guid_to_ds_map != NULL)
1682 (void) add_ds_to_guidmap(drc->drc_guid_to_ds_map, ds);
1683 dsl_dataset_disown(ds, dmu_recv_tag);
1684 /* tag indicates temporary ds to dsl_dir_destroy_sync */
1685 myerr = dsl_dataset_destroy(drc->drc_real_ds, tmp_dmu_recv_tag,
1686 B_FALSE);
1687 ASSERT0(myerr);
1688 return (err);
1689 }
1690
1691 static int
1692 dmu_recv_new_end(dmu_recv_cookie_t *drc)
1693 {
1694 struct recvendsyncarg resa;
1695 dsl_dataset_t *ds = drc->drc_logical_ds;
1696 int err;
1697
1698 /*
1699 * XXX hack; seems the ds is still dirty and dsl_pool_zil_clean()
1700 * expects it to have a ds_user_ptr (and zil), but clone_swap()
1701 * can close it.
1702 */
1703 txg_wait_synced(ds->ds_dir->dd_pool, 0);
1704
1705 resa.creation_time = drc->drc_drrb->drr_creation_time;
1706 resa.toguid = drc->drc_drrb->drr_toguid;
1707 resa.tosnap = drc->drc_tosnap;
1708 resa.is_new = B_TRUE;
1709
1710 err = dsl_sync_task_do(ds->ds_dir->dd_pool,
1711 recv_end_check, recv_end_sync, ds, &resa, 3);
1712 if (err) {
1713 /* clean up the fs we just recv'd into */
1714 (void) dsl_dataset_destroy(ds, dmu_recv_tag, B_FALSE);
1715 } else {
1716 if (drc->drc_guid_to_ds_map != NULL)
1717 (void) add_ds_to_guidmap(drc->drc_guid_to_ds_map, ds);
1718 /* release the hold from dmu_recv_begin */
1719 dsl_dataset_disown(ds, dmu_recv_tag);
1720 }
1721 return (err);
1722 }
1723
1724 int
1725 dmu_recv_end(dmu_recv_cookie_t *drc)
1726 {
1727 if (drc->drc_logical_ds != drc->drc_real_ds)
1728 return (dmu_recv_existing_end(drc));
1729 else
1730 return (dmu_recv_new_end(drc));
1731 }