Print this page
3006 VERIFY[S,U,P] and ASSERT[S,U,P] frequently check if first argument is zero
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/zfs/zfs_ioctl.c
+++ new/usr/src/uts/common/fs/zfs/zfs_ioctl.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 24 * Portions Copyright 2011 Martin Matuska
25 25 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
26 26 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
27 27 * Copyright (c) 2012 by Delphix. All rights reserved.
28 28 */
29 29
30 30 /*
31 31 * ZFS ioctls.
32 32 *
33 33 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
34 34 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
35 35 *
36 36 * There are two ways that we handle ioctls: the legacy way where almost
37 37 * all of the logic is in the ioctl callback, and the new way where most
38 38 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
39 39 *
40 40 * Non-legacy ioctls should be registered by calling
41 41 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
42 42 * from userland by lzc_ioctl().
43 43 *
44 44 * The registration arguments are as follows:
45 45 *
46 46 * const char *name
47 47 * The name of the ioctl. This is used for history logging. If the
48 48 * ioctl returns successfully (the callback returns 0), and allow_log
49 49 * is true, then a history log entry will be recorded with the input &
50 50 * output nvlists. The log entry can be printed with "zpool history -i".
51 51 *
52 52 * zfs_ioc_t ioc
53 53 * The ioctl request number, which userland will pass to ioctl(2).
54 54 * The ioctl numbers can change from release to release, because
55 55 * the caller (libzfs) must be matched to the kernel.
56 56 *
57 57 * zfs_secpolicy_func_t *secpolicy
58 58 * This function will be called before the zfs_ioc_func_t, to
59 59 * determine if this operation is permitted. It should return EPERM
60 60 * on failure, and 0 on success. Checks include determining if the
61 61 * dataset is visible in this zone, and if the user has either all
62 62 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
63 63 * to do this operation on this dataset with "zfs allow".
64 64 *
65 65 * zfs_ioc_namecheck_t namecheck
66 66 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
67 67 * name, a dataset name, or nothing. If the name is not well-formed,
68 68 * the ioctl will fail and the callback will not be called.
69 69 * Therefore, the callback can assume that the name is well-formed
70 70 * (e.g. is null-terminated, doesn't have more than one '@' character,
71 71 * doesn't have invalid characters).
72 72 *
73 73 * zfs_ioc_poolcheck_t pool_check
74 74 * This specifies requirements on the pool state. If the pool does
75 75 * not meet them (is suspended or is readonly), the ioctl will fail
76 76 * and the callback will not be called. If any checks are specified
77 77 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
78 78 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
79 79 * POOL_CHECK_READONLY).
80 80 *
81 81 * boolean_t smush_outnvlist
82 82 * If smush_outnvlist is true, then the output is presumed to be a
83 83 * list of errors, and it will be "smushed" down to fit into the
84 84 * caller's buffer, by removing some entries and replacing them with a
85 85 * single "N_MORE_ERRORS" entry indicating how many were removed. See
86 86 * nvlist_smush() for details. If smush_outnvlist is false, and the
87 87 * outnvlist does not fit into the userland-provided buffer, then the
88 88 * ioctl will fail with ENOMEM.
89 89 *
90 90 * zfs_ioc_func_t *func
91 91 * The callback function that will perform the operation.
92 92 *
93 93 * The callback should return 0 on success, or an error number on
94 94 * failure. If the function fails, the userland ioctl will return -1,
95 95 * and errno will be set to the callback's return value. The callback
96 96 * will be called with the following arguments:
97 97 *
98 98 * const char *name
99 99 * The name of the pool or dataset to operate on, from
100 100 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
101 101 * expected type (pool, dataset, or none).
102 102 *
103 103 * nvlist_t *innvl
104 104 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
105 105 * NULL if no input nvlist was provided. Changes to this nvlist are
106 106 * ignored. If the input nvlist could not be deserialized, the
107 107 * ioctl will fail and the callback will not be called.
108 108 *
109 109 * nvlist_t *outnvl
110 110 * The output nvlist, initially empty. The callback can fill it in,
111 111 * and it will be returned to userland by serializing it into
112 112 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
113 113 * fails (e.g. because the caller didn't supply a large enough
114 114 * buffer), then the overall ioctl will fail. See the
115 115 * 'smush_nvlist' argument above for additional behaviors.
116 116 *
117 117 * There are two typical uses of the output nvlist:
118 118 * - To return state, e.g. property values. In this case,
119 119 * smush_outnvlist should be false. If the buffer was not large
120 120 * enough, the caller will reallocate a larger buffer and try
121 121 * the ioctl again.
122 122 *
123 123 * - To return multiple errors from an ioctl which makes on-disk
124 124 * changes. In this case, smush_outnvlist should be true.
125 125 * Ioctls which make on-disk modifications should generally not
126 126 * use the outnvl if they succeed, because the caller can not
127 127 * distinguish between the operation failing, and
128 128 * deserialization failing.
129 129 */
130 130
131 131 #include <sys/types.h>
132 132 #include <sys/param.h>
133 133 #include <sys/errno.h>
134 134 #include <sys/uio.h>
135 135 #include <sys/buf.h>
136 136 #include <sys/modctl.h>
137 137 #include <sys/open.h>
138 138 #include <sys/file.h>
139 139 #include <sys/kmem.h>
140 140 #include <sys/conf.h>
141 141 #include <sys/cmn_err.h>
142 142 #include <sys/stat.h>
143 143 #include <sys/zfs_ioctl.h>
144 144 #include <sys/zfs_vfsops.h>
145 145 #include <sys/zfs_znode.h>
146 146 #include <sys/zap.h>
147 147 #include <sys/spa.h>
148 148 #include <sys/spa_impl.h>
149 149 #include <sys/vdev.h>
150 150 #include <sys/priv_impl.h>
151 151 #include <sys/dmu.h>
152 152 #include <sys/dsl_dir.h>
153 153 #include <sys/dsl_dataset.h>
154 154 #include <sys/dsl_prop.h>
155 155 #include <sys/dsl_deleg.h>
156 156 #include <sys/dmu_objset.h>
157 157 #include <sys/dmu_impl.h>
158 158 #include <sys/ddi.h>
159 159 #include <sys/sunddi.h>
160 160 #include <sys/sunldi.h>
161 161 #include <sys/policy.h>
162 162 #include <sys/zone.h>
163 163 #include <sys/nvpair.h>
164 164 #include <sys/pathname.h>
165 165 #include <sys/mount.h>
166 166 #include <sys/sdt.h>
167 167 #include <sys/fs/zfs.h>
168 168 #include <sys/zfs_ctldir.h>
169 169 #include <sys/zfs_dir.h>
170 170 #include <sys/zfs_onexit.h>
171 171 #include <sys/zvol.h>
172 172 #include <sys/dsl_scan.h>
173 173 #include <sharefs/share.h>
174 174 #include <sys/dmu_objset.h>
175 175
176 176 #include "zfs_namecheck.h"
177 177 #include "zfs_prop.h"
178 178 #include "zfs_deleg.h"
179 179 #include "zfs_comutil.h"
180 180
181 181 extern struct modlfs zfs_modlfs;
182 182
183 183 extern void zfs_init(void);
184 184 extern void zfs_fini(void);
185 185
186 186 ldi_ident_t zfs_li = NULL;
187 187 dev_info_t *zfs_dip;
188 188
189 189 uint_t zfs_fsyncer_key;
190 190 extern uint_t rrw_tsd_key;
191 191 static uint_t zfs_allow_log_key;
192 192
193 193 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
194 194 typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
195 195 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
196 196
197 197 typedef enum {
198 198 NO_NAME,
199 199 POOL_NAME,
200 200 DATASET_NAME
201 201 } zfs_ioc_namecheck_t;
202 202
203 203 typedef enum {
204 204 POOL_CHECK_NONE = 1 << 0,
205 205 POOL_CHECK_SUSPENDED = 1 << 1,
206 206 POOL_CHECK_READONLY = 1 << 2,
207 207 } zfs_ioc_poolcheck_t;
208 208
209 209 typedef struct zfs_ioc_vec {
210 210 zfs_ioc_legacy_func_t *zvec_legacy_func;
211 211 zfs_ioc_func_t *zvec_func;
212 212 zfs_secpolicy_func_t *zvec_secpolicy;
213 213 zfs_ioc_namecheck_t zvec_namecheck;
214 214 boolean_t zvec_allow_log;
215 215 zfs_ioc_poolcheck_t zvec_pool_check;
216 216 boolean_t zvec_smush_outnvlist;
217 217 const char *zvec_name;
218 218 } zfs_ioc_vec_t;
219 219
220 220 /* This array is indexed by zfs_userquota_prop_t */
221 221 static const char *userquota_perms[] = {
222 222 ZFS_DELEG_PERM_USERUSED,
223 223 ZFS_DELEG_PERM_USERQUOTA,
224 224 ZFS_DELEG_PERM_GROUPUSED,
225 225 ZFS_DELEG_PERM_GROUPQUOTA,
226 226 };
227 227
228 228 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
229 229 static int zfs_check_settable(const char *name, nvpair_t *property,
230 230 cred_t *cr);
231 231 static int zfs_check_clearable(char *dataset, nvlist_t *props,
232 232 nvlist_t **errors);
233 233 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
234 234 boolean_t *);
235 235 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
236 236 static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
237 237
238 238 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
239 239 void
240 240 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
241 241 {
242 242 const char *newfile;
243 243 char buf[512];
244 244 va_list adx;
245 245
246 246 /*
247 247 * Get rid of annoying "../common/" prefix to filename.
248 248 */
249 249 newfile = strrchr(file, '/');
250 250 if (newfile != NULL) {
251 251 newfile = newfile + 1; /* Get rid of leading / */
252 252 } else {
253 253 newfile = file;
254 254 }
255 255
256 256 va_start(adx, fmt);
257 257 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
258 258 va_end(adx);
259 259
260 260 /*
261 261 * To get this data, use the zfs-dprintf probe as so:
262 262 * dtrace -q -n 'zfs-dprintf \
263 263 * /stringof(arg0) == "dbuf.c"/ \
264 264 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
265 265 * arg0 = file name
266 266 * arg1 = function name
267 267 * arg2 = line number
268 268 * arg3 = message
269 269 */
270 270 DTRACE_PROBE4(zfs__dprintf,
271 271 char *, newfile, char *, func, int, line, char *, buf);
272 272 }
273 273
274 274 static void
275 275 history_str_free(char *buf)
276 276 {
277 277 kmem_free(buf, HIS_MAX_RECORD_LEN);
278 278 }
279 279
280 280 static char *
281 281 history_str_get(zfs_cmd_t *zc)
282 282 {
283 283 char *buf;
284 284
285 285 if (zc->zc_history == NULL)
286 286 return (NULL);
287 287
288 288 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
289 289 if (copyinstr((void *)(uintptr_t)zc->zc_history,
290 290 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
291 291 history_str_free(buf);
292 292 return (NULL);
293 293 }
294 294
295 295 buf[HIS_MAX_RECORD_LEN -1] = '\0';
296 296
297 297 return (buf);
298 298 }
299 299
300 300 /*
301 301 * Check to see if the named dataset is currently defined as bootable
302 302 */
303 303 static boolean_t
304 304 zfs_is_bootfs(const char *name)
305 305 {
306 306 objset_t *os;
307 307
308 308 if (dmu_objset_hold(name, FTAG, &os) == 0) {
309 309 boolean_t ret;
310 310 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
311 311 dmu_objset_rele(os, FTAG);
312 312 return (ret);
313 313 }
314 314 return (B_FALSE);
315 315 }
316 316
317 317 /*
318 318 * zfs_earlier_version
319 319 *
320 320 * Return non-zero if the spa version is less than requested version.
321 321 */
322 322 static int
323 323 zfs_earlier_version(const char *name, int version)
324 324 {
325 325 spa_t *spa;
326 326
327 327 if (spa_open(name, &spa, FTAG) == 0) {
328 328 if (spa_version(spa) < version) {
329 329 spa_close(spa, FTAG);
330 330 return (1);
331 331 }
332 332 spa_close(spa, FTAG);
333 333 }
334 334 return (0);
335 335 }
336 336
337 337 /*
338 338 * zpl_earlier_version
339 339 *
340 340 * Return TRUE if the ZPL version is less than requested version.
341 341 */
342 342 static boolean_t
343 343 zpl_earlier_version(const char *name, int version)
344 344 {
345 345 objset_t *os;
346 346 boolean_t rc = B_TRUE;
347 347
348 348 if (dmu_objset_hold(name, FTAG, &os) == 0) {
349 349 uint64_t zplversion;
350 350
351 351 if (dmu_objset_type(os) != DMU_OST_ZFS) {
352 352 dmu_objset_rele(os, FTAG);
353 353 return (B_TRUE);
354 354 }
355 355 /* XXX reading from non-owned objset */
356 356 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
357 357 rc = zplversion < version;
358 358 dmu_objset_rele(os, FTAG);
359 359 }
360 360 return (rc);
361 361 }
362 362
363 363 static void
364 364 zfs_log_history(zfs_cmd_t *zc)
365 365 {
366 366 spa_t *spa;
367 367 char *buf;
368 368
369 369 if ((buf = history_str_get(zc)) == NULL)
370 370 return;
371 371
372 372 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
373 373 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
374 374 (void) spa_history_log(spa, buf);
375 375 spa_close(spa, FTAG);
376 376 }
377 377 history_str_free(buf);
378 378 }
379 379
380 380 /*
381 381 * Policy for top-level read operations (list pools). Requires no privileges,
382 382 * and can be used in the local zone, as there is no associated dataset.
383 383 */
384 384 /* ARGSUSED */
385 385 static int
386 386 zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
387 387 {
388 388 return (0);
389 389 }
390 390
391 391 /*
392 392 * Policy for dataset read operations (list children, get statistics). Requires
393 393 * no privileges, but must be visible in the local zone.
394 394 */
395 395 /* ARGSUSED */
396 396 static int
397 397 zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
398 398 {
399 399 if (INGLOBALZONE(curproc) ||
400 400 zone_dataset_visible(zc->zc_name, NULL))
401 401 return (0);
402 402
403 403 return (ENOENT);
404 404 }
405 405
406 406 static int
407 407 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
408 408 {
409 409 int writable = 1;
410 410
411 411 /*
412 412 * The dataset must be visible by this zone -- check this first
413 413 * so they don't see EPERM on something they shouldn't know about.
414 414 */
415 415 if (!INGLOBALZONE(curproc) &&
416 416 !zone_dataset_visible(dataset, &writable))
417 417 return (ENOENT);
418 418
419 419 if (INGLOBALZONE(curproc)) {
420 420 /*
421 421 * If the fs is zoned, only root can access it from the
422 422 * global zone.
423 423 */
424 424 if (secpolicy_zfs(cr) && zoned)
425 425 return (EPERM);
426 426 } else {
427 427 /*
428 428 * If we are in a local zone, the 'zoned' property must be set.
429 429 */
430 430 if (!zoned)
431 431 return (EPERM);
432 432
433 433 /* must be writable by this zone */
434 434 if (!writable)
435 435 return (EPERM);
436 436 }
437 437 return (0);
438 438 }
439 439
440 440 static int
441 441 zfs_dozonecheck(const char *dataset, cred_t *cr)
442 442 {
443 443 uint64_t zoned;
444 444
445 445 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
446 446 return (ENOENT);
447 447
448 448 return (zfs_dozonecheck_impl(dataset, zoned, cr));
449 449 }
450 450
451 451 static int
452 452 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
453 453 {
454 454 uint64_t zoned;
455 455
456 456 rw_enter(&ds->ds_dir->dd_pool->dp_config_rwlock, RW_READER);
457 457 if (dsl_prop_get_ds(ds, "zoned", 8, 1, &zoned, NULL)) {
458 458 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
459 459 return (ENOENT);
460 460 }
461 461 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
462 462
463 463 return (zfs_dozonecheck_impl(dataset, zoned, cr));
464 464 }
465 465
466 466 static int
467 467 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
468 468 {
469 469 int error;
470 470 dsl_dataset_t *ds;
471 471
472 472 error = dsl_dataset_hold(name, FTAG, &ds);
473 473 if (error != 0)
474 474 return (error);
475 475
476 476 error = zfs_dozonecheck_ds(name, ds, cr);
477 477 if (error == 0) {
478 478 error = secpolicy_zfs(cr);
479 479 if (error)
480 480 error = dsl_deleg_access_impl(ds, perm, cr);
481 481 }
482 482
483 483 dsl_dataset_rele(ds, FTAG);
484 484 return (error);
485 485 }
486 486
487 487 static int
488 488 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
489 489 const char *perm, cred_t *cr)
490 490 {
491 491 int error;
492 492
493 493 error = zfs_dozonecheck_ds(name, ds, cr);
494 494 if (error == 0) {
495 495 error = secpolicy_zfs(cr);
496 496 if (error)
497 497 error = dsl_deleg_access_impl(ds, perm, cr);
498 498 }
499 499 return (error);
500 500 }
501 501
502 502 /*
503 503 * Policy for setting the security label property.
504 504 *
505 505 * Returns 0 for success, non-zero for access and other errors.
506 506 */
507 507 static int
508 508 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
509 509 {
510 510 char ds_hexsl[MAXNAMELEN];
511 511 bslabel_t ds_sl, new_sl;
512 512 boolean_t new_default = FALSE;
513 513 uint64_t zoned;
514 514 int needed_priv = -1;
515 515 int error;
516 516
517 517 /* First get the existing dataset label. */
518 518 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
519 519 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
520 520 if (error)
521 521 return (EPERM);
522 522
523 523 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
524 524 new_default = TRUE;
525 525
526 526 /* The label must be translatable */
527 527 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
528 528 return (EINVAL);
529 529
530 530 /*
531 531 * In a non-global zone, disallow attempts to set a label that
532 532 * doesn't match that of the zone; otherwise no other checks
533 533 * are needed.
534 534 */
535 535 if (!INGLOBALZONE(curproc)) {
536 536 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
537 537 return (EPERM);
538 538 return (0);
539 539 }
540 540
541 541 /*
542 542 * For global-zone datasets (i.e., those whose zoned property is
543 543 * "off", verify that the specified new label is valid for the
544 544 * global zone.
545 545 */
546 546 if (dsl_prop_get_integer(name,
547 547 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
548 548 return (EPERM);
549 549 if (!zoned) {
550 550 if (zfs_check_global_label(name, strval) != 0)
551 551 return (EPERM);
552 552 }
553 553
554 554 /*
555 555 * If the existing dataset label is nondefault, check if the
556 556 * dataset is mounted (label cannot be changed while mounted).
557 557 * Get the zfsvfs; if there isn't one, then the dataset isn't
558 558 * mounted (or isn't a dataset, doesn't exist, ...).
559 559 */
560 560 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
561 561 objset_t *os;
562 562 static char *setsl_tag = "setsl_tag";
563 563
564 564 /*
565 565 * Try to own the dataset; abort if there is any error,
566 566 * (e.g., already mounted, in use, or other error).
567 567 */
568 568 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
569 569 setsl_tag, &os);
570 570 if (error)
571 571 return (EPERM);
572 572
573 573 dmu_objset_disown(os, setsl_tag);
574 574
575 575 if (new_default) {
576 576 needed_priv = PRIV_FILE_DOWNGRADE_SL;
577 577 goto out_check;
578 578 }
579 579
580 580 if (hexstr_to_label(strval, &new_sl) != 0)
581 581 return (EPERM);
582 582
583 583 if (blstrictdom(&ds_sl, &new_sl))
584 584 needed_priv = PRIV_FILE_DOWNGRADE_SL;
585 585 else if (blstrictdom(&new_sl, &ds_sl))
586 586 needed_priv = PRIV_FILE_UPGRADE_SL;
587 587 } else {
588 588 /* dataset currently has a default label */
589 589 if (!new_default)
590 590 needed_priv = PRIV_FILE_UPGRADE_SL;
591 591 }
592 592
593 593 out_check:
594 594 if (needed_priv != -1)
595 595 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
596 596 return (0);
597 597 }
598 598
599 599 static int
600 600 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
601 601 cred_t *cr)
602 602 {
603 603 char *strval;
604 604
605 605 /*
606 606 * Check permissions for special properties.
607 607 */
608 608 switch (prop) {
609 609 case ZFS_PROP_ZONED:
610 610 /*
611 611 * Disallow setting of 'zoned' from within a local zone.
612 612 */
613 613 if (!INGLOBALZONE(curproc))
614 614 return (EPERM);
615 615 break;
616 616
617 617 case ZFS_PROP_QUOTA:
618 618 if (!INGLOBALZONE(curproc)) {
619 619 uint64_t zoned;
620 620 char setpoint[MAXNAMELEN];
621 621 /*
622 622 * Unprivileged users are allowed to modify the
623 623 * quota on things *under* (ie. contained by)
624 624 * the thing they own.
625 625 */
626 626 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
627 627 setpoint))
628 628 return (EPERM);
629 629 if (!zoned || strlen(dsname) <= strlen(setpoint))
630 630 return (EPERM);
631 631 }
632 632 break;
633 633
634 634 case ZFS_PROP_MLSLABEL:
635 635 if (!is_system_labeled())
636 636 return (EPERM);
637 637
638 638 if (nvpair_value_string(propval, &strval) == 0) {
639 639 int err;
640 640
641 641 err = zfs_set_slabel_policy(dsname, strval, CRED());
642 642 if (err != 0)
643 643 return (err);
644 644 }
645 645 break;
646 646 }
647 647
648 648 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
649 649 }
650 650
651 651 /* ARGSUSED */
652 652 static int
653 653 zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
654 654 {
655 655 int error;
656 656
657 657 error = zfs_dozonecheck(zc->zc_name, cr);
658 658 if (error)
659 659 return (error);
660 660
661 661 /*
662 662 * permission to set permissions will be evaluated later in
663 663 * dsl_deleg_can_allow()
664 664 */
665 665 return (0);
666 666 }
667 667
668 668 /* ARGSUSED */
669 669 static int
670 670 zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
671 671 {
672 672 return (zfs_secpolicy_write_perms(zc->zc_name,
673 673 ZFS_DELEG_PERM_ROLLBACK, cr));
674 674 }
675 675
676 676 /* ARGSUSED */
677 677 static int
678 678 zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
679 679 {
680 680 spa_t *spa;
681 681 dsl_pool_t *dp;
682 682 dsl_dataset_t *ds;
683 683 char *cp;
684 684 int error;
685 685
686 686 /*
687 687 * Generate the current snapshot name from the given objsetid, then
688 688 * use that name for the secpolicy/zone checks.
689 689 */
690 690 cp = strchr(zc->zc_name, '@');
691 691 if (cp == NULL)
692 692 return (EINVAL);
693 693 error = spa_open(zc->zc_name, &spa, FTAG);
694 694 if (error)
695 695 return (error);
696 696
697 697 dp = spa_get_dsl(spa);
698 698 rw_enter(&dp->dp_config_rwlock, RW_READER);
699 699 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
700 700 rw_exit(&dp->dp_config_rwlock);
701 701 spa_close(spa, FTAG);
702 702 if (error)
703 703 return (error);
704 704
705 705 dsl_dataset_name(ds, zc->zc_name);
706 706
707 707 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
708 708 ZFS_DELEG_PERM_SEND, cr);
709 709 dsl_dataset_rele(ds, FTAG);
710 710
711 711 return (error);
712 712 }
713 713
714 714 /* ARGSUSED */
715 715 static int
716 716 zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
717 717 {
718 718 return (zfs_secpolicy_write_perms(zc->zc_name,
719 719 ZFS_DELEG_PERM_SEND, cr));
720 720 }
721 721
722 722 /* ARGSUSED */
723 723 static int
724 724 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
725 725 {
726 726 vnode_t *vp;
727 727 int error;
728 728
729 729 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
730 730 NO_FOLLOW, NULL, &vp)) != 0)
731 731 return (error);
732 732
733 733 /* Now make sure mntpnt and dataset are ZFS */
734 734
735 735 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
736 736 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
737 737 zc->zc_name) != 0)) {
738 738 VN_RELE(vp);
739 739 return (EPERM);
740 740 }
741 741
742 742 VN_RELE(vp);
743 743 return (dsl_deleg_access(zc->zc_name,
744 744 ZFS_DELEG_PERM_SHARE, cr));
745 745 }
746 746
747 747 int
748 748 zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
749 749 {
750 750 if (!INGLOBALZONE(curproc))
751 751 return (EPERM);
752 752
753 753 if (secpolicy_nfs(cr) == 0) {
754 754 return (0);
755 755 } else {
756 756 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
757 757 }
758 758 }
759 759
760 760 int
761 761 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
762 762 {
763 763 if (!INGLOBALZONE(curproc))
764 764 return (EPERM);
765 765
766 766 if (secpolicy_smb(cr) == 0) {
767 767 return (0);
768 768 } else {
769 769 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
770 770 }
771 771 }
772 772
773 773 static int
774 774 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
775 775 {
776 776 char *cp;
777 777
778 778 /*
779 779 * Remove the @bla or /bla from the end of the name to get the parent.
780 780 */
781 781 (void) strncpy(parent, datasetname, parentsize);
782 782 cp = strrchr(parent, '@');
783 783 if (cp != NULL) {
784 784 cp[0] = '\0';
785 785 } else {
786 786 cp = strrchr(parent, '/');
787 787 if (cp == NULL)
788 788 return (ENOENT);
789 789 cp[0] = '\0';
790 790 }
791 791
792 792 return (0);
793 793 }
794 794
795 795 int
796 796 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
797 797 {
798 798 int error;
799 799
800 800 if ((error = zfs_secpolicy_write_perms(name,
801 801 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
802 802 return (error);
803 803
804 804 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
805 805 }
806 806
807 807 /* ARGSUSED */
808 808 static int
809 809 zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
810 810 {
811 811 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
812 812 }
813 813
814 814 /*
815 815 * Destroying snapshots with delegated permissions requires
816 816 * descendant mount and destroy permissions.
817 817 */
818 818 /* ARGSUSED */
819 819 static int
820 820 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
821 821 {
822 822 nvlist_t *snaps;
823 823 nvpair_t *pair, *nextpair;
824 824 int error = 0;
825 825
826 826 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
827 827 return (EINVAL);
828 828 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
829 829 pair = nextpair) {
830 830 dsl_dataset_t *ds;
831 831
832 832 nextpair = nvlist_next_nvpair(snaps, pair);
833 833 error = dsl_dataset_hold(nvpair_name(pair), FTAG, &ds);
834 834 if (error == 0) {
835 835 dsl_dataset_rele(ds, FTAG);
836 836 } else if (error == ENOENT) {
837 837 /*
838 838 * Ignore any snapshots that don't exist (we consider
839 839 * them "already destroyed"). Remove the name from the
840 840 * nvl here in case the snapshot is created between
841 841 * now and when we try to destroy it (in which case
842 842 * we don't want to destroy it since we haven't
843 843 * checked for permission).
844 844 */
845 845 fnvlist_remove_nvpair(snaps, pair);
846 846 error = 0;
847 847 continue;
848 848 } else {
849 849 break;
850 850 }
851 851 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
852 852 if (error != 0)
853 853 break;
854 854 }
855 855
856 856 return (error);
857 857 }
858 858
859 859 int
860 860 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
861 861 {
862 862 char parentname[MAXNAMELEN];
863 863 int error;
864 864
865 865 if ((error = zfs_secpolicy_write_perms(from,
866 866 ZFS_DELEG_PERM_RENAME, cr)) != 0)
867 867 return (error);
868 868
869 869 if ((error = zfs_secpolicy_write_perms(from,
870 870 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
871 871 return (error);
872 872
873 873 if ((error = zfs_get_parent(to, parentname,
874 874 sizeof (parentname))) != 0)
875 875 return (error);
876 876
877 877 if ((error = zfs_secpolicy_write_perms(parentname,
878 878 ZFS_DELEG_PERM_CREATE, cr)) != 0)
879 879 return (error);
880 880
881 881 if ((error = zfs_secpolicy_write_perms(parentname,
882 882 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
883 883 return (error);
884 884
885 885 return (error);
886 886 }
887 887
888 888 /* ARGSUSED */
889 889 static int
890 890 zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
891 891 {
892 892 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
893 893 }
894 894
895 895 /* ARGSUSED */
896 896 static int
897 897 zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
898 898 {
899 899 char parentname[MAXNAMELEN];
900 900 objset_t *clone;
901 901 int error;
902 902
903 903 error = zfs_secpolicy_write_perms(zc->zc_name,
904 904 ZFS_DELEG_PERM_PROMOTE, cr);
905 905 if (error)
906 906 return (error);
907 907
908 908 error = dmu_objset_hold(zc->zc_name, FTAG, &clone);
909 909
910 910 if (error == 0) {
911 911 dsl_dataset_t *pclone = NULL;
912 912 dsl_dir_t *dd;
913 913 dd = clone->os_dsl_dataset->ds_dir;
914 914
915 915 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER);
916 916 error = dsl_dataset_hold_obj(dd->dd_pool,
917 917 dd->dd_phys->dd_origin_obj, FTAG, &pclone);
918 918 rw_exit(&dd->dd_pool->dp_config_rwlock);
919 919 if (error) {
920 920 dmu_objset_rele(clone, FTAG);
921 921 return (error);
922 922 }
923 923
924 924 error = zfs_secpolicy_write_perms(zc->zc_name,
925 925 ZFS_DELEG_PERM_MOUNT, cr);
926 926
927 927 dsl_dataset_name(pclone, parentname);
928 928 dmu_objset_rele(clone, FTAG);
929 929 dsl_dataset_rele(pclone, FTAG);
930 930 if (error == 0)
931 931 error = zfs_secpolicy_write_perms(parentname,
932 932 ZFS_DELEG_PERM_PROMOTE, cr);
933 933 }
934 934 return (error);
935 935 }
936 936
937 937 /* ARGSUSED */
938 938 static int
939 939 zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
940 940 {
941 941 int error;
942 942
943 943 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
944 944 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
945 945 return (error);
946 946
947 947 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
948 948 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
949 949 return (error);
950 950
951 951 return (zfs_secpolicy_write_perms(zc->zc_name,
952 952 ZFS_DELEG_PERM_CREATE, cr));
953 953 }
954 954
955 955 int
956 956 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
957 957 {
958 958 return (zfs_secpolicy_write_perms(name,
959 959 ZFS_DELEG_PERM_SNAPSHOT, cr));
960 960 }
961 961
962 962 /*
963 963 * Check for permission to create each snapshot in the nvlist.
964 964 */
965 965 /* ARGSUSED */
966 966 static int
967 967 zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
968 968 {
969 969 nvlist_t *snaps;
970 970 int error;
971 971 nvpair_t *pair;
972 972
973 973 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
974 974 return (EINVAL);
975 975 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
976 976 pair = nvlist_next_nvpair(snaps, pair)) {
977 977 char *name = nvpair_name(pair);
978 978 char *atp = strchr(name, '@');
979 979
980 980 if (atp == NULL) {
981 981 error = EINVAL;
982 982 break;
983 983 }
984 984 *atp = '\0';
985 985 error = zfs_secpolicy_snapshot_perms(name, cr);
986 986 *atp = '@';
987 987 if (error != 0)
988 988 break;
989 989 }
990 990 return (error);
991 991 }
992 992
993 993 /* ARGSUSED */
994 994 static int
995 995 zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
996 996 {
997 997 /*
998 998 * Even root must have a proper TSD so that we know what pool
999 999 * to log to.
1000 1000 */
1001 1001 if (tsd_get(zfs_allow_log_key) == NULL)
1002 1002 return (EPERM);
1003 1003 return (0);
1004 1004 }
1005 1005
1006 1006 static int
1007 1007 zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1008 1008 {
1009 1009 char parentname[MAXNAMELEN];
1010 1010 int error;
1011 1011 char *origin;
1012 1012
1013 1013 if ((error = zfs_get_parent(zc->zc_name, parentname,
1014 1014 sizeof (parentname))) != 0)
1015 1015 return (error);
1016 1016
1017 1017 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1018 1018 (error = zfs_secpolicy_write_perms(origin,
1019 1019 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1020 1020 return (error);
1021 1021
1022 1022 if ((error = zfs_secpolicy_write_perms(parentname,
1023 1023 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1024 1024 return (error);
1025 1025
1026 1026 return (zfs_secpolicy_write_perms(parentname,
1027 1027 ZFS_DELEG_PERM_MOUNT, cr));
1028 1028 }
1029 1029
1030 1030 /*
1031 1031 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1032 1032 * SYS_CONFIG privilege, which is not available in a local zone.
1033 1033 */
1034 1034 /* ARGSUSED */
1035 1035 static int
1036 1036 zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1037 1037 {
1038 1038 if (secpolicy_sys_config(cr, B_FALSE) != 0)
1039 1039 return (EPERM);
1040 1040
1041 1041 return (0);
1042 1042 }
1043 1043
1044 1044 /*
1045 1045 * Policy for object to name lookups.
1046 1046 */
1047 1047 /* ARGSUSED */
1048 1048 static int
1049 1049 zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1050 1050 {
1051 1051 int error;
1052 1052
1053 1053 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1054 1054 return (0);
1055 1055
1056 1056 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1057 1057 return (error);
1058 1058 }
1059 1059
1060 1060 /*
1061 1061 * Policy for fault injection. Requires all privileges.
1062 1062 */
1063 1063 /* ARGSUSED */
1064 1064 static int
1065 1065 zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1066 1066 {
1067 1067 return (secpolicy_zinject(cr));
1068 1068 }
1069 1069
1070 1070 /* ARGSUSED */
1071 1071 static int
1072 1072 zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1073 1073 {
1074 1074 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1075 1075
1076 1076 if (prop == ZPROP_INVAL) {
1077 1077 if (!zfs_prop_user(zc->zc_value))
1078 1078 return (EINVAL);
1079 1079 return (zfs_secpolicy_write_perms(zc->zc_name,
1080 1080 ZFS_DELEG_PERM_USERPROP, cr));
1081 1081 } else {
1082 1082 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1083 1083 NULL, cr));
1084 1084 }
1085 1085 }
1086 1086
1087 1087 static int
1088 1088 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1089 1089 {
1090 1090 int err = zfs_secpolicy_read(zc, innvl, cr);
1091 1091 if (err)
1092 1092 return (err);
1093 1093
1094 1094 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1095 1095 return (EINVAL);
1096 1096
1097 1097 if (zc->zc_value[0] == 0) {
1098 1098 /*
1099 1099 * They are asking about a posix uid/gid. If it's
1100 1100 * themself, allow it.
1101 1101 */
1102 1102 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1103 1103 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
1104 1104 if (zc->zc_guid == crgetuid(cr))
1105 1105 return (0);
1106 1106 } else {
1107 1107 if (groupmember(zc->zc_guid, cr))
1108 1108 return (0);
1109 1109 }
1110 1110 }
1111 1111
1112 1112 return (zfs_secpolicy_write_perms(zc->zc_name,
1113 1113 userquota_perms[zc->zc_objset_type], cr));
1114 1114 }
1115 1115
1116 1116 static int
1117 1117 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1118 1118 {
1119 1119 int err = zfs_secpolicy_read(zc, innvl, cr);
1120 1120 if (err)
1121 1121 return (err);
1122 1122
1123 1123 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1124 1124 return (EINVAL);
1125 1125
1126 1126 return (zfs_secpolicy_write_perms(zc->zc_name,
1127 1127 userquota_perms[zc->zc_objset_type], cr));
1128 1128 }
1129 1129
1130 1130 /* ARGSUSED */
1131 1131 static int
1132 1132 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1133 1133 {
1134 1134 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1135 1135 NULL, cr));
1136 1136 }
1137 1137
1138 1138 /* ARGSUSED */
1139 1139 static int
1140 1140 zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1141 1141 {
1142 1142 return (zfs_secpolicy_write_perms(zc->zc_name,
1143 1143 ZFS_DELEG_PERM_HOLD, cr));
1144 1144 }
1145 1145
1146 1146 /* ARGSUSED */
1147 1147 static int
1148 1148 zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1149 1149 {
1150 1150 return (zfs_secpolicy_write_perms(zc->zc_name,
1151 1151 ZFS_DELEG_PERM_RELEASE, cr));
1152 1152 }
1153 1153
1154 1154 /*
1155 1155 * Policy for allowing temporary snapshots to be taken or released
1156 1156 */
1157 1157 static int
1158 1158 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1159 1159 {
1160 1160 /*
1161 1161 * A temporary snapshot is the same as a snapshot,
1162 1162 * hold, destroy and release all rolled into one.
1163 1163 * Delegated diff alone is sufficient that we allow this.
1164 1164 */
1165 1165 int error;
1166 1166
1167 1167 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1168 1168 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1169 1169 return (0);
1170 1170
1171 1171 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
1172 1172 if (!error)
1173 1173 error = zfs_secpolicy_hold(zc, innvl, cr);
1174 1174 if (!error)
1175 1175 error = zfs_secpolicy_release(zc, innvl, cr);
1176 1176 if (!error)
1177 1177 error = zfs_secpolicy_destroy(zc, innvl, cr);
1178 1178 return (error);
1179 1179 }
1180 1180
1181 1181 /*
1182 1182 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1183 1183 */
1184 1184 static int
1185 1185 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1186 1186 {
1187 1187 char *packed;
1188 1188 int error;
1189 1189 nvlist_t *list = NULL;
1190 1190
1191 1191 /*
1192 1192 * Read in and unpack the user-supplied nvlist.
1193 1193 */
1194 1194 if (size == 0)
1195 1195 return (EINVAL);
1196 1196
1197 1197 packed = kmem_alloc(size, KM_SLEEP);
1198 1198
1199 1199 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1200 1200 iflag)) != 0) {
1201 1201 kmem_free(packed, size);
1202 1202 return (error);
1203 1203 }
1204 1204
1205 1205 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1206 1206 kmem_free(packed, size);
1207 1207 return (error);
1208 1208 }
1209 1209
1210 1210 kmem_free(packed, size);
1211 1211
1212 1212 *nvp = list;
1213 1213 return (0);
1214 1214 }
1215 1215
1216 1216 /*
1217 1217 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1218 1218 * Entries will be removed from the end of the nvlist, and one int32 entry
1219 1219 * named "N_MORE_ERRORS" will be added indicating how many entries were
1220 1220 * removed.
1221 1221 */
1222 1222 static int
1223 1223 nvlist_smush(nvlist_t *errors, size_t max)
1224 1224 {
1225 1225 size_t size;
1226 1226
1227 1227 size = fnvlist_size(errors);
1228 1228
1229 1229 if (size > max) {
1230 1230 nvpair_t *more_errors;
1231 1231 int n = 0;
1232 1232
1233 1233 if (max < 1024)
1234 1234 return (ENOMEM);
1235 1235
1236 1236 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1237 1237 more_errors = nvlist_prev_nvpair(errors, NULL);
1238 1238
1239 1239 do {
1240 1240 nvpair_t *pair = nvlist_prev_nvpair(errors,
1241 1241 more_errors);
1242 1242 fnvlist_remove_nvpair(errors, pair);
1243 1243 n++;
1244 1244 size = fnvlist_size(errors);
1245 1245 } while (size > max);
1246 1246
1247 1247 fnvlist_remove_nvpair(errors, more_errors);
1248 1248 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1249 1249 ASSERT3U(fnvlist_size(errors), <=, max);
1250 1250 }
1251 1251
1252 1252 return (0);
1253 1253 }
1254 1254
1255 1255 static int
1256 1256 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1257 1257 {
1258 1258 char *packed = NULL;
1259 1259 int error = 0;
1260 1260 size_t size;
1261 1261
1262 1262 size = fnvlist_size(nvl);
1263 1263
1264 1264 if (size > zc->zc_nvlist_dst_size) {
1265 1265 error = ENOMEM;
1266 1266 } else {
1267 1267 packed = fnvlist_pack(nvl, &size);
1268 1268 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1269 1269 size, zc->zc_iflags) != 0)
1270 1270 error = EFAULT;
1271 1271 fnvlist_pack_free(packed, size);
1272 1272 }
1273 1273
1274 1274 zc->zc_nvlist_dst_size = size;
1275 1275 zc->zc_nvlist_dst_filled = B_TRUE;
1276 1276 return (error);
1277 1277 }
1278 1278
1279 1279 static int
1280 1280 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1281 1281 {
1282 1282 objset_t *os;
1283 1283 int error;
1284 1284
1285 1285 error = dmu_objset_hold(dsname, FTAG, &os);
1286 1286 if (error)
1287 1287 return (error);
1288 1288 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1289 1289 dmu_objset_rele(os, FTAG);
1290 1290 return (EINVAL);
1291 1291 }
1292 1292
1293 1293 mutex_enter(&os->os_user_ptr_lock);
1294 1294 *zfvp = dmu_objset_get_user(os);
1295 1295 if (*zfvp) {
1296 1296 VFS_HOLD((*zfvp)->z_vfs);
1297 1297 } else {
1298 1298 error = ESRCH;
1299 1299 }
1300 1300 mutex_exit(&os->os_user_ptr_lock);
1301 1301 dmu_objset_rele(os, FTAG);
1302 1302 return (error);
1303 1303 }
1304 1304
1305 1305 /*
1306 1306 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1307 1307 * case its z_vfs will be NULL, and it will be opened as the owner.
1308 1308 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1309 1309 * which prevents all vnode ops from running.
1310 1310 */
1311 1311 static int
1312 1312 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1313 1313 {
1314 1314 int error = 0;
1315 1315
1316 1316 if (getzfsvfs(name, zfvp) != 0)
1317 1317 error = zfsvfs_create(name, zfvp);
1318 1318 if (error == 0) {
1319 1319 rrw_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1320 1320 RW_READER, tag);
1321 1321 if ((*zfvp)->z_unmounted) {
1322 1322 /*
1323 1323 * XXX we could probably try again, since the unmounting
1324 1324 * thread should be just about to disassociate the
1325 1325 * objset from the zfsvfs.
1326 1326 */
1327 1327 rrw_exit(&(*zfvp)->z_teardown_lock, tag);
1328 1328 return (EBUSY);
1329 1329 }
1330 1330 }
1331 1331 return (error);
1332 1332 }
1333 1333
1334 1334 static void
1335 1335 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1336 1336 {
1337 1337 rrw_exit(&zfsvfs->z_teardown_lock, tag);
1338 1338
1339 1339 if (zfsvfs->z_vfs) {
1340 1340 VFS_RELE(zfsvfs->z_vfs);
1341 1341 } else {
1342 1342 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1343 1343 zfsvfs_free(zfsvfs);
1344 1344 }
1345 1345 }
1346 1346
1347 1347 static int
1348 1348 zfs_ioc_pool_create(zfs_cmd_t *zc)
1349 1349 {
1350 1350 int error;
1351 1351 nvlist_t *config, *props = NULL;
1352 1352 nvlist_t *rootprops = NULL;
1353 1353 nvlist_t *zplprops = NULL;
1354 1354
1355 1355 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1356 1356 zc->zc_iflags, &config))
1357 1357 return (error);
1358 1358
1359 1359 if (zc->zc_nvlist_src_size != 0 && (error =
1360 1360 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1361 1361 zc->zc_iflags, &props))) {
1362 1362 nvlist_free(config);
1363 1363 return (error);
1364 1364 }
1365 1365
1366 1366 if (props) {
1367 1367 nvlist_t *nvl = NULL;
1368 1368 uint64_t version = SPA_VERSION;
1369 1369
1370 1370 (void) nvlist_lookup_uint64(props,
1371 1371 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1372 1372 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1373 1373 error = EINVAL;
1374 1374 goto pool_props_bad;
1375 1375 }
1376 1376 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1377 1377 if (nvl) {
1378 1378 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1379 1379 if (error != 0) {
1380 1380 nvlist_free(config);
1381 1381 nvlist_free(props);
1382 1382 return (error);
1383 1383 }
1384 1384 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1385 1385 }
1386 1386 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1387 1387 error = zfs_fill_zplprops_root(version, rootprops,
1388 1388 zplprops, NULL);
1389 1389 if (error)
1390 1390 goto pool_props_bad;
1391 1391 }
1392 1392
1393 1393 error = spa_create(zc->zc_name, config, props, zplprops);
1394 1394
1395 1395 /*
1396 1396 * Set the remaining root properties
1397 1397 */
1398 1398 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1399 1399 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1400 1400 (void) spa_destroy(zc->zc_name);
1401 1401
1402 1402 pool_props_bad:
1403 1403 nvlist_free(rootprops);
1404 1404 nvlist_free(zplprops);
1405 1405 nvlist_free(config);
1406 1406 nvlist_free(props);
1407 1407
1408 1408 return (error);
1409 1409 }
1410 1410
1411 1411 static int
1412 1412 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1413 1413 {
1414 1414 int error;
1415 1415 zfs_log_history(zc);
1416 1416 error = spa_destroy(zc->zc_name);
1417 1417 if (error == 0)
1418 1418 zvol_remove_minors(zc->zc_name);
1419 1419 return (error);
1420 1420 }
1421 1421
1422 1422 static int
1423 1423 zfs_ioc_pool_import(zfs_cmd_t *zc)
1424 1424 {
1425 1425 nvlist_t *config, *props = NULL;
1426 1426 uint64_t guid;
1427 1427 int error;
1428 1428
1429 1429 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1430 1430 zc->zc_iflags, &config)) != 0)
1431 1431 return (error);
1432 1432
1433 1433 if (zc->zc_nvlist_src_size != 0 && (error =
1434 1434 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1435 1435 zc->zc_iflags, &props))) {
1436 1436 nvlist_free(config);
1437 1437 return (error);
1438 1438 }
1439 1439
1440 1440 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1441 1441 guid != zc->zc_guid)
1442 1442 error = EINVAL;
1443 1443 else
1444 1444 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1445 1445
1446 1446 if (zc->zc_nvlist_dst != 0) {
1447 1447 int err;
1448 1448
1449 1449 if ((err = put_nvlist(zc, config)) != 0)
1450 1450 error = err;
1451 1451 }
1452 1452
1453 1453 nvlist_free(config);
1454 1454
1455 1455 if (props)
1456 1456 nvlist_free(props);
1457 1457
1458 1458 return (error);
1459 1459 }
1460 1460
1461 1461 static int
1462 1462 zfs_ioc_pool_export(zfs_cmd_t *zc)
1463 1463 {
1464 1464 int error;
1465 1465 boolean_t force = (boolean_t)zc->zc_cookie;
1466 1466 boolean_t hardforce = (boolean_t)zc->zc_guid;
1467 1467
1468 1468 zfs_log_history(zc);
1469 1469 error = spa_export(zc->zc_name, NULL, force, hardforce);
1470 1470 if (error == 0)
1471 1471 zvol_remove_minors(zc->zc_name);
1472 1472 return (error);
1473 1473 }
1474 1474
1475 1475 static int
1476 1476 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1477 1477 {
1478 1478 nvlist_t *configs;
1479 1479 int error;
1480 1480
1481 1481 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1482 1482 return (EEXIST);
1483 1483
1484 1484 error = put_nvlist(zc, configs);
1485 1485
1486 1486 nvlist_free(configs);
1487 1487
1488 1488 return (error);
1489 1489 }
1490 1490
1491 1491 /*
1492 1492 * inputs:
1493 1493 * zc_name name of the pool
1494 1494 *
1495 1495 * outputs:
1496 1496 * zc_cookie real errno
1497 1497 * zc_nvlist_dst config nvlist
1498 1498 * zc_nvlist_dst_size size of config nvlist
1499 1499 */
1500 1500 static int
1501 1501 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1502 1502 {
1503 1503 nvlist_t *config;
1504 1504 int error;
1505 1505 int ret = 0;
1506 1506
1507 1507 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1508 1508 sizeof (zc->zc_value));
1509 1509
1510 1510 if (config != NULL) {
1511 1511 ret = put_nvlist(zc, config);
1512 1512 nvlist_free(config);
1513 1513
1514 1514 /*
1515 1515 * The config may be present even if 'error' is non-zero.
1516 1516 * In this case we return success, and preserve the real errno
1517 1517 * in 'zc_cookie'.
1518 1518 */
1519 1519 zc->zc_cookie = error;
1520 1520 } else {
1521 1521 ret = error;
1522 1522 }
1523 1523
1524 1524 return (ret);
1525 1525 }
1526 1526
1527 1527 /*
1528 1528 * Try to import the given pool, returning pool stats as appropriate so that
1529 1529 * user land knows which devices are available and overall pool health.
1530 1530 */
1531 1531 static int
1532 1532 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1533 1533 {
1534 1534 nvlist_t *tryconfig, *config;
1535 1535 int error;
1536 1536
1537 1537 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1538 1538 zc->zc_iflags, &tryconfig)) != 0)
1539 1539 return (error);
1540 1540
1541 1541 config = spa_tryimport(tryconfig);
1542 1542
1543 1543 nvlist_free(tryconfig);
1544 1544
1545 1545 if (config == NULL)
1546 1546 return (EINVAL);
1547 1547
1548 1548 error = put_nvlist(zc, config);
1549 1549 nvlist_free(config);
1550 1550
1551 1551 return (error);
1552 1552 }
1553 1553
1554 1554 /*
1555 1555 * inputs:
1556 1556 * zc_name name of the pool
1557 1557 * zc_cookie scan func (pool_scan_func_t)
1558 1558 */
1559 1559 static int
1560 1560 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1561 1561 {
1562 1562 spa_t *spa;
1563 1563 int error;
1564 1564
1565 1565 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1566 1566 return (error);
1567 1567
1568 1568 if (zc->zc_cookie == POOL_SCAN_NONE)
1569 1569 error = spa_scan_stop(spa);
1570 1570 else
1571 1571 error = spa_scan(spa, zc->zc_cookie);
1572 1572
1573 1573 spa_close(spa, FTAG);
1574 1574
1575 1575 return (error);
1576 1576 }
1577 1577
1578 1578 static int
1579 1579 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1580 1580 {
1581 1581 spa_t *spa;
1582 1582 int error;
1583 1583
1584 1584 error = spa_open(zc->zc_name, &spa, FTAG);
1585 1585 if (error == 0) {
1586 1586 spa_freeze(spa);
1587 1587 spa_close(spa, FTAG);
1588 1588 }
1589 1589 return (error);
1590 1590 }
1591 1591
1592 1592 static int
1593 1593 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1594 1594 {
1595 1595 spa_t *spa;
1596 1596 int error;
1597 1597
1598 1598 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1599 1599 return (error);
1600 1600
1601 1601 if (zc->zc_cookie < spa_version(spa) ||
1602 1602 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1603 1603 spa_close(spa, FTAG);
1604 1604 return (EINVAL);
1605 1605 }
1606 1606
1607 1607 spa_upgrade(spa, zc->zc_cookie);
1608 1608 spa_close(spa, FTAG);
1609 1609
1610 1610 return (error);
1611 1611 }
1612 1612
1613 1613 static int
1614 1614 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1615 1615 {
1616 1616 spa_t *spa;
1617 1617 char *hist_buf;
1618 1618 uint64_t size;
1619 1619 int error;
1620 1620
1621 1621 if ((size = zc->zc_history_len) == 0)
1622 1622 return (EINVAL);
1623 1623
1624 1624 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1625 1625 return (error);
1626 1626
1627 1627 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1628 1628 spa_close(spa, FTAG);
1629 1629 return (ENOTSUP);
1630 1630 }
1631 1631
1632 1632 hist_buf = kmem_alloc(size, KM_SLEEP);
1633 1633 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1634 1634 &zc->zc_history_len, hist_buf)) == 0) {
1635 1635 error = ddi_copyout(hist_buf,
1636 1636 (void *)(uintptr_t)zc->zc_history,
1637 1637 zc->zc_history_len, zc->zc_iflags);
1638 1638 }
1639 1639
1640 1640 spa_close(spa, FTAG);
1641 1641 kmem_free(hist_buf, size);
1642 1642 return (error);
1643 1643 }
1644 1644
1645 1645 static int
1646 1646 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1647 1647 {
1648 1648 spa_t *spa;
1649 1649 int error;
1650 1650
1651 1651 error = spa_open(zc->zc_name, &spa, FTAG);
1652 1652 if (error == 0) {
1653 1653 error = spa_change_guid(spa);
1654 1654 spa_close(spa, FTAG);
1655 1655 }
1656 1656 return (error);
1657 1657 }
1658 1658
1659 1659 static int
1660 1660 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1661 1661 {
1662 1662 int error;
1663 1663
1664 1664 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value))
1665 1665 return (error);
1666 1666
1667 1667 return (0);
1668 1668 }
1669 1669
1670 1670 /*
1671 1671 * inputs:
1672 1672 * zc_name name of filesystem
1673 1673 * zc_obj object to find
1674 1674 *
1675 1675 * outputs:
1676 1676 * zc_value name of object
1677 1677 */
1678 1678 static int
1679 1679 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1680 1680 {
1681 1681 objset_t *os;
1682 1682 int error;
1683 1683
1684 1684 /* XXX reading from objset not owned */
1685 1685 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1686 1686 return (error);
1687 1687 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1688 1688 dmu_objset_rele(os, FTAG);
1689 1689 return (EINVAL);
1690 1690 }
1691 1691 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1692 1692 sizeof (zc->zc_value));
1693 1693 dmu_objset_rele(os, FTAG);
1694 1694
1695 1695 return (error);
1696 1696 }
1697 1697
1698 1698 /*
1699 1699 * inputs:
1700 1700 * zc_name name of filesystem
1701 1701 * zc_obj object to find
1702 1702 *
1703 1703 * outputs:
1704 1704 * zc_stat stats on object
1705 1705 * zc_value path to object
1706 1706 */
1707 1707 static int
1708 1708 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1709 1709 {
1710 1710 objset_t *os;
1711 1711 int error;
1712 1712
1713 1713 /* XXX reading from objset not owned */
1714 1714 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1715 1715 return (error);
1716 1716 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1717 1717 dmu_objset_rele(os, FTAG);
1718 1718 return (EINVAL);
1719 1719 }
1720 1720 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1721 1721 sizeof (zc->zc_value));
1722 1722 dmu_objset_rele(os, FTAG);
1723 1723
1724 1724 return (error);
1725 1725 }
1726 1726
1727 1727 static int
1728 1728 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1729 1729 {
1730 1730 spa_t *spa;
1731 1731 int error;
1732 1732 nvlist_t *config, **l2cache, **spares;
1733 1733 uint_t nl2cache = 0, nspares = 0;
1734 1734
1735 1735 error = spa_open(zc->zc_name, &spa, FTAG);
1736 1736 if (error != 0)
1737 1737 return (error);
1738 1738
1739 1739 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1740 1740 zc->zc_iflags, &config);
1741 1741 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1742 1742 &l2cache, &nl2cache);
1743 1743
1744 1744 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1745 1745 &spares, &nspares);
1746 1746
1747 1747 /*
1748 1748 * A root pool with concatenated devices is not supported.
1749 1749 * Thus, can not add a device to a root pool.
1750 1750 *
1751 1751 * Intent log device can not be added to a rootpool because
1752 1752 * during mountroot, zil is replayed, a seperated log device
1753 1753 * can not be accessed during the mountroot time.
1754 1754 *
1755 1755 * l2cache and spare devices are ok to be added to a rootpool.
1756 1756 */
1757 1757 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1758 1758 nvlist_free(config);
1759 1759 spa_close(spa, FTAG);
1760 1760 return (EDOM);
1761 1761 }
1762 1762
1763 1763 if (error == 0) {
1764 1764 error = spa_vdev_add(spa, config);
1765 1765 nvlist_free(config);
1766 1766 }
1767 1767 spa_close(spa, FTAG);
1768 1768 return (error);
1769 1769 }
1770 1770
1771 1771 /*
1772 1772 * inputs:
1773 1773 * zc_name name of the pool
1774 1774 * zc_nvlist_conf nvlist of devices to remove
1775 1775 * zc_cookie to stop the remove?
1776 1776 */
1777 1777 static int
1778 1778 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1779 1779 {
1780 1780 spa_t *spa;
1781 1781 int error;
1782 1782
1783 1783 error = spa_open(zc->zc_name, &spa, FTAG);
1784 1784 if (error != 0)
1785 1785 return (error);
1786 1786 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1787 1787 spa_close(spa, FTAG);
1788 1788 return (error);
1789 1789 }
1790 1790
1791 1791 static int
1792 1792 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1793 1793 {
1794 1794 spa_t *spa;
1795 1795 int error;
1796 1796 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1797 1797
1798 1798 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1799 1799 return (error);
1800 1800 switch (zc->zc_cookie) {
1801 1801 case VDEV_STATE_ONLINE:
1802 1802 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1803 1803 break;
1804 1804
1805 1805 case VDEV_STATE_OFFLINE:
1806 1806 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1807 1807 break;
1808 1808
1809 1809 case VDEV_STATE_FAULTED:
1810 1810 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1811 1811 zc->zc_obj != VDEV_AUX_EXTERNAL)
1812 1812 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1813 1813
1814 1814 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1815 1815 break;
1816 1816
1817 1817 case VDEV_STATE_DEGRADED:
1818 1818 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1819 1819 zc->zc_obj != VDEV_AUX_EXTERNAL)
1820 1820 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1821 1821
1822 1822 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1823 1823 break;
1824 1824
1825 1825 default:
1826 1826 error = EINVAL;
1827 1827 }
1828 1828 zc->zc_cookie = newstate;
1829 1829 spa_close(spa, FTAG);
1830 1830 return (error);
1831 1831 }
1832 1832
1833 1833 static int
1834 1834 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1835 1835 {
1836 1836 spa_t *spa;
1837 1837 int replacing = zc->zc_cookie;
1838 1838 nvlist_t *config;
1839 1839 int error;
1840 1840
1841 1841 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1842 1842 return (error);
1843 1843
1844 1844 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1845 1845 zc->zc_iflags, &config)) == 0) {
1846 1846 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1847 1847 nvlist_free(config);
1848 1848 }
1849 1849
1850 1850 spa_close(spa, FTAG);
1851 1851 return (error);
1852 1852 }
1853 1853
1854 1854 static int
1855 1855 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1856 1856 {
1857 1857 spa_t *spa;
1858 1858 int error;
1859 1859
1860 1860 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1861 1861 return (error);
1862 1862
1863 1863 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1864 1864
1865 1865 spa_close(spa, FTAG);
1866 1866 return (error);
1867 1867 }
1868 1868
1869 1869 static int
1870 1870 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1871 1871 {
1872 1872 spa_t *spa;
1873 1873 nvlist_t *config, *props = NULL;
1874 1874 int error;
1875 1875 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1876 1876
1877 1877 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1878 1878 return (error);
1879 1879
1880 1880 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1881 1881 zc->zc_iflags, &config)) {
1882 1882 spa_close(spa, FTAG);
1883 1883 return (error);
1884 1884 }
1885 1885
1886 1886 if (zc->zc_nvlist_src_size != 0 && (error =
1887 1887 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1888 1888 zc->zc_iflags, &props))) {
1889 1889 spa_close(spa, FTAG);
1890 1890 nvlist_free(config);
1891 1891 return (error);
1892 1892 }
1893 1893
1894 1894 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1895 1895
1896 1896 spa_close(spa, FTAG);
1897 1897
1898 1898 nvlist_free(config);
1899 1899 nvlist_free(props);
1900 1900
1901 1901 return (error);
1902 1902 }
1903 1903
1904 1904 static int
1905 1905 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
1906 1906 {
1907 1907 spa_t *spa;
1908 1908 char *path = zc->zc_value;
1909 1909 uint64_t guid = zc->zc_guid;
1910 1910 int error;
1911 1911
1912 1912 error = spa_open(zc->zc_name, &spa, FTAG);
1913 1913 if (error != 0)
1914 1914 return (error);
1915 1915
1916 1916 error = spa_vdev_setpath(spa, guid, path);
1917 1917 spa_close(spa, FTAG);
1918 1918 return (error);
1919 1919 }
1920 1920
1921 1921 static int
1922 1922 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
1923 1923 {
1924 1924 spa_t *spa;
1925 1925 char *fru = zc->zc_value;
1926 1926 uint64_t guid = zc->zc_guid;
1927 1927 int error;
1928 1928
1929 1929 error = spa_open(zc->zc_name, &spa, FTAG);
1930 1930 if (error != 0)
1931 1931 return (error);
1932 1932
1933 1933 error = spa_vdev_setfru(spa, guid, fru);
1934 1934 spa_close(spa, FTAG);
1935 1935 return (error);
1936 1936 }
1937 1937
1938 1938 static int
1939 1939 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
1940 1940 {
1941 1941 int error = 0;
1942 1942 nvlist_t *nv;
1943 1943
1944 1944 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1945 1945
1946 1946 if (zc->zc_nvlist_dst != 0 &&
1947 1947 (error = dsl_prop_get_all(os, &nv)) == 0) {
1948 1948 dmu_objset_stats(os, nv);
1949 1949 /*
1950 1950 * NB: zvol_get_stats() will read the objset contents,
|
↓ open down ↓ |
1950 lines elided |
↑ open up ↑ |
1951 1951 * which we aren't supposed to do with a
1952 1952 * DS_MODE_USER hold, because it could be
1953 1953 * inconsistent. So this is a bit of a workaround...
1954 1954 * XXX reading with out owning
1955 1955 */
1956 1956 if (!zc->zc_objset_stats.dds_inconsistent &&
1957 1957 dmu_objset_type(os) == DMU_OST_ZVOL) {
1958 1958 error = zvol_get_stats(os, nv);
1959 1959 if (error == EIO)
1960 1960 return (error);
1961 - VERIFY3S(error, ==, 0);
1961 + VERIFY0(error);
1962 1962 }
1963 1963 error = put_nvlist(zc, nv);
1964 1964 nvlist_free(nv);
1965 1965 }
1966 1966
1967 1967 return (error);
1968 1968 }
1969 1969
1970 1970 /*
1971 1971 * inputs:
1972 1972 * zc_name name of filesystem
1973 1973 * zc_nvlist_dst_size size of buffer for property nvlist
1974 1974 *
1975 1975 * outputs:
1976 1976 * zc_objset_stats stats
1977 1977 * zc_nvlist_dst property nvlist
1978 1978 * zc_nvlist_dst_size size of property nvlist
1979 1979 */
1980 1980 static int
1981 1981 zfs_ioc_objset_stats(zfs_cmd_t *zc)
1982 1982 {
1983 1983 objset_t *os = NULL;
1984 1984 int error;
1985 1985
1986 1986 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
1987 1987 return (error);
1988 1988
1989 1989 error = zfs_ioc_objset_stats_impl(zc, os);
1990 1990
1991 1991 dmu_objset_rele(os, FTAG);
1992 1992
1993 1993 return (error);
1994 1994 }
1995 1995
1996 1996 /*
1997 1997 * inputs:
1998 1998 * zc_name name of filesystem
1999 1999 * zc_nvlist_dst_size size of buffer for property nvlist
2000 2000 *
2001 2001 * outputs:
2002 2002 * zc_nvlist_dst received property nvlist
2003 2003 * zc_nvlist_dst_size size of received property nvlist
2004 2004 *
2005 2005 * Gets received properties (distinct from local properties on or after
2006 2006 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2007 2007 * local property values.
2008 2008 */
2009 2009 static int
2010 2010 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
2011 2011 {
2012 2012 objset_t *os = NULL;
2013 2013 int error;
2014 2014 nvlist_t *nv;
2015 2015
2016 2016 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
2017 2017 return (error);
2018 2018
2019 2019 /*
2020 2020 * Without this check, we would return local property values if the
2021 2021 * caller has not already received properties on or after
2022 2022 * SPA_VERSION_RECVD_PROPS.
2023 2023 */
2024 2024 if (!dsl_prop_get_hasrecvd(os)) {
2025 2025 dmu_objset_rele(os, FTAG);
2026 2026 return (ENOTSUP);
2027 2027 }
2028 2028
2029 2029 if (zc->zc_nvlist_dst != 0 &&
2030 2030 (error = dsl_prop_get_received(os, &nv)) == 0) {
2031 2031 error = put_nvlist(zc, nv);
2032 2032 nvlist_free(nv);
2033 2033 }
2034 2034
2035 2035 dmu_objset_rele(os, FTAG);
2036 2036 return (error);
2037 2037 }
2038 2038
2039 2039 static int
2040 2040 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2041 2041 {
2042 2042 uint64_t value;
2043 2043 int error;
2044 2044
2045 2045 /*
2046 2046 * zfs_get_zplprop() will either find a value or give us
2047 2047 * the default value (if there is one).
2048 2048 */
2049 2049 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2050 2050 return (error);
2051 2051 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2052 2052 return (0);
2053 2053 }
2054 2054
2055 2055 /*
2056 2056 * inputs:
2057 2057 * zc_name name of filesystem
2058 2058 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2059 2059 *
2060 2060 * outputs:
2061 2061 * zc_nvlist_dst zpl property nvlist
2062 2062 * zc_nvlist_dst_size size of zpl property nvlist
2063 2063 */
2064 2064 static int
2065 2065 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2066 2066 {
2067 2067 objset_t *os;
2068 2068 int err;
2069 2069
2070 2070 /* XXX reading without owning */
2071 2071 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
2072 2072 return (err);
2073 2073
2074 2074 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2075 2075
2076 2076 /*
2077 2077 * NB: nvl_add_zplprop() will read the objset contents,
2078 2078 * which we aren't supposed to do with a DS_MODE_USER
2079 2079 * hold, because it could be inconsistent.
2080 2080 */
2081 2081 if (zc->zc_nvlist_dst != NULL &&
2082 2082 !zc->zc_objset_stats.dds_inconsistent &&
2083 2083 dmu_objset_type(os) == DMU_OST_ZFS) {
2084 2084 nvlist_t *nv;
2085 2085
2086 2086 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2087 2087 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2088 2088 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2089 2089 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2090 2090 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2091 2091 err = put_nvlist(zc, nv);
2092 2092 nvlist_free(nv);
2093 2093 } else {
2094 2094 err = ENOENT;
2095 2095 }
2096 2096 dmu_objset_rele(os, FTAG);
2097 2097 return (err);
2098 2098 }
2099 2099
2100 2100 static boolean_t
2101 2101 dataset_name_hidden(const char *name)
2102 2102 {
2103 2103 /*
2104 2104 * Skip over datasets that are not visible in this zone,
2105 2105 * internal datasets (which have a $ in their name), and
2106 2106 * temporary datasets (which have a % in their name).
2107 2107 */
2108 2108 if (strchr(name, '$') != NULL)
2109 2109 return (B_TRUE);
2110 2110 if (strchr(name, '%') != NULL)
2111 2111 return (B_TRUE);
2112 2112 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
2113 2113 return (B_TRUE);
2114 2114 return (B_FALSE);
2115 2115 }
2116 2116
2117 2117 /*
2118 2118 * inputs:
2119 2119 * zc_name name of filesystem
2120 2120 * zc_cookie zap cursor
2121 2121 * zc_nvlist_dst_size size of buffer for property nvlist
2122 2122 *
2123 2123 * outputs:
2124 2124 * zc_name name of next filesystem
2125 2125 * zc_cookie zap cursor
2126 2126 * zc_objset_stats stats
2127 2127 * zc_nvlist_dst property nvlist
2128 2128 * zc_nvlist_dst_size size of property nvlist
2129 2129 */
2130 2130 static int
2131 2131 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2132 2132 {
2133 2133 objset_t *os;
2134 2134 int error;
2135 2135 char *p;
2136 2136 size_t orig_len = strlen(zc->zc_name);
2137 2137
2138 2138 top:
2139 2139 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2140 2140 if (error == ENOENT)
2141 2141 error = ESRCH;
2142 2142 return (error);
2143 2143 }
2144 2144
2145 2145 p = strrchr(zc->zc_name, '/');
2146 2146 if (p == NULL || p[1] != '\0')
2147 2147 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2148 2148 p = zc->zc_name + strlen(zc->zc_name);
2149 2149
2150 2150 /*
2151 2151 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0
2152 2152 * but is not declared void because its called by dmu_objset_find().
2153 2153 */
2154 2154 if (zc->zc_cookie == 0) {
2155 2155 uint64_t cookie = 0;
2156 2156 int len = sizeof (zc->zc_name) - (p - zc->zc_name);
2157 2157
2158 2158 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0) {
2159 2159 if (!dataset_name_hidden(zc->zc_name))
2160 2160 (void) dmu_objset_prefetch(zc->zc_name, NULL);
2161 2161 }
2162 2162 }
2163 2163
2164 2164 do {
2165 2165 error = dmu_dir_list_next(os,
2166 2166 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2167 2167 NULL, &zc->zc_cookie);
2168 2168 if (error == ENOENT)
2169 2169 error = ESRCH;
2170 2170 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2171 2171 dmu_objset_rele(os, FTAG);
2172 2172
2173 2173 /*
2174 2174 * If it's an internal dataset (ie. with a '$' in its name),
2175 2175 * don't try to get stats for it, otherwise we'll return ENOENT.
2176 2176 */
2177 2177 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2178 2178 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2179 2179 if (error == ENOENT) {
2180 2180 /* We lost a race with destroy, get the next one. */
2181 2181 zc->zc_name[orig_len] = '\0';
2182 2182 goto top;
2183 2183 }
2184 2184 }
2185 2185 return (error);
2186 2186 }
2187 2187
2188 2188 /*
2189 2189 * inputs:
2190 2190 * zc_name name of filesystem
2191 2191 * zc_cookie zap cursor
2192 2192 * zc_nvlist_dst_size size of buffer for property nvlist
2193 2193 *
2194 2194 * outputs:
2195 2195 * zc_name name of next snapshot
2196 2196 * zc_objset_stats stats
2197 2197 * zc_nvlist_dst property nvlist
2198 2198 * zc_nvlist_dst_size size of property nvlist
2199 2199 */
2200 2200 static int
2201 2201 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2202 2202 {
2203 2203 objset_t *os;
2204 2204 int error;
2205 2205
2206 2206 top:
2207 2207 if (zc->zc_cookie == 0)
2208 2208 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch,
2209 2209 NULL, DS_FIND_SNAPSHOTS);
2210 2210
2211 2211 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2212 2212 if (error)
2213 2213 return (error == ENOENT ? ESRCH : error);
2214 2214
2215 2215 /*
2216 2216 * A dataset name of maximum length cannot have any snapshots,
2217 2217 * so exit immediately.
2218 2218 */
2219 2219 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2220 2220 dmu_objset_rele(os, FTAG);
2221 2221 return (ESRCH);
2222 2222 }
2223 2223
2224 2224 error = dmu_snapshot_list_next(os,
2225 2225 sizeof (zc->zc_name) - strlen(zc->zc_name),
2226 2226 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2227 2227 NULL);
2228 2228
2229 2229 if (error == 0) {
2230 2230 dsl_dataset_t *ds;
2231 2231 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2232 2232
2233 2233 /*
2234 2234 * Since we probably don't have a hold on this snapshot,
2235 2235 * it's possible that the objsetid could have been destroyed
2236 2236 * and reused for a new objset. It's OK if this happens during
2237 2237 * a zfs send operation, since the new createtxg will be
2238 2238 * beyond the range we're interested in.
2239 2239 */
2240 2240 rw_enter(&dp->dp_config_rwlock, RW_READER);
2241 2241 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2242 2242 rw_exit(&dp->dp_config_rwlock);
2243 2243 if (error) {
2244 2244 if (error == ENOENT) {
2245 2245 /* Racing with destroy, get the next one. */
2246 2246 *strchr(zc->zc_name, '@') = '\0';
2247 2247 dmu_objset_rele(os, FTAG);
2248 2248 goto top;
2249 2249 }
2250 2250 } else {
2251 2251 objset_t *ossnap;
2252 2252
2253 2253 error = dmu_objset_from_ds(ds, &ossnap);
2254 2254 if (error == 0)
2255 2255 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2256 2256 dsl_dataset_rele(ds, FTAG);
2257 2257 }
2258 2258 } else if (error == ENOENT) {
2259 2259 error = ESRCH;
2260 2260 }
2261 2261
2262 2262 dmu_objset_rele(os, FTAG);
2263 2263 /* if we failed, undo the @ that we tacked on to zc_name */
2264 2264 if (error)
2265 2265 *strchr(zc->zc_name, '@') = '\0';
2266 2266 return (error);
2267 2267 }
2268 2268
2269 2269 static int
2270 2270 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2271 2271 {
2272 2272 const char *propname = nvpair_name(pair);
2273 2273 uint64_t *valary;
2274 2274 unsigned int vallen;
2275 2275 const char *domain;
2276 2276 char *dash;
2277 2277 zfs_userquota_prop_t type;
2278 2278 uint64_t rid;
2279 2279 uint64_t quota;
2280 2280 zfsvfs_t *zfsvfs;
2281 2281 int err;
2282 2282
2283 2283 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2284 2284 nvlist_t *attrs;
2285 2285 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2286 2286 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2287 2287 &pair) != 0)
2288 2288 return (EINVAL);
2289 2289 }
2290 2290
2291 2291 /*
2292 2292 * A correctly constructed propname is encoded as
2293 2293 * userquota@<rid>-<domain>.
2294 2294 */
2295 2295 if ((dash = strchr(propname, '-')) == NULL ||
2296 2296 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2297 2297 vallen != 3)
2298 2298 return (EINVAL);
2299 2299
2300 2300 domain = dash + 1;
2301 2301 type = valary[0];
2302 2302 rid = valary[1];
2303 2303 quota = valary[2];
2304 2304
2305 2305 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2306 2306 if (err == 0) {
2307 2307 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2308 2308 zfsvfs_rele(zfsvfs, FTAG);
2309 2309 }
2310 2310
2311 2311 return (err);
2312 2312 }
2313 2313
2314 2314 /*
2315 2315 * If the named property is one that has a special function to set its value,
2316 2316 * return 0 on success and a positive error code on failure; otherwise if it is
2317 2317 * not one of the special properties handled by this function, return -1.
2318 2318 *
2319 2319 * XXX: It would be better for callers of the property interface if we handled
2320 2320 * these special cases in dsl_prop.c (in the dsl layer).
2321 2321 */
2322 2322 static int
2323 2323 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2324 2324 nvpair_t *pair)
2325 2325 {
2326 2326 const char *propname = nvpair_name(pair);
2327 2327 zfs_prop_t prop = zfs_name_to_prop(propname);
2328 2328 uint64_t intval;
2329 2329 int err;
2330 2330
2331 2331 if (prop == ZPROP_INVAL) {
2332 2332 if (zfs_prop_userquota(propname))
2333 2333 return (zfs_prop_set_userquota(dsname, pair));
2334 2334 return (-1);
2335 2335 }
2336 2336
2337 2337 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2338 2338 nvlist_t *attrs;
2339 2339 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2340 2340 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2341 2341 &pair) == 0);
2342 2342 }
2343 2343
2344 2344 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2345 2345 return (-1);
2346 2346
2347 2347 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2348 2348
2349 2349 switch (prop) {
2350 2350 case ZFS_PROP_QUOTA:
2351 2351 err = dsl_dir_set_quota(dsname, source, intval);
2352 2352 break;
2353 2353 case ZFS_PROP_REFQUOTA:
2354 2354 err = dsl_dataset_set_quota(dsname, source, intval);
2355 2355 break;
2356 2356 case ZFS_PROP_RESERVATION:
2357 2357 err = dsl_dir_set_reservation(dsname, source, intval);
2358 2358 break;
2359 2359 case ZFS_PROP_REFRESERVATION:
2360 2360 err = dsl_dataset_set_reservation(dsname, source, intval);
2361 2361 break;
2362 2362 case ZFS_PROP_VOLSIZE:
2363 2363 err = zvol_set_volsize(dsname, ddi_driver_major(zfs_dip),
2364 2364 intval);
2365 2365 break;
2366 2366 case ZFS_PROP_VERSION:
2367 2367 {
2368 2368 zfsvfs_t *zfsvfs;
2369 2369
2370 2370 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2371 2371 break;
2372 2372
2373 2373 err = zfs_set_version(zfsvfs, intval);
2374 2374 zfsvfs_rele(zfsvfs, FTAG);
2375 2375
2376 2376 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2377 2377 zfs_cmd_t *zc;
2378 2378
2379 2379 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2380 2380 (void) strcpy(zc->zc_name, dsname);
2381 2381 (void) zfs_ioc_userspace_upgrade(zc);
2382 2382 kmem_free(zc, sizeof (zfs_cmd_t));
2383 2383 }
2384 2384 break;
2385 2385 }
2386 2386
2387 2387 default:
2388 2388 err = -1;
2389 2389 }
2390 2390
2391 2391 return (err);
2392 2392 }
2393 2393
2394 2394 /*
2395 2395 * This function is best effort. If it fails to set any of the given properties,
2396 2396 * it continues to set as many as it can and returns the last error
2397 2397 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2398 2398 * with the list of names of all the properties that failed along with the
2399 2399 * corresponding error numbers.
2400 2400 *
2401 2401 * If every property is set successfully, zero is returned and errlist is not
2402 2402 * modified.
2403 2403 */
2404 2404 int
2405 2405 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2406 2406 nvlist_t *errlist)
2407 2407 {
2408 2408 nvpair_t *pair;
2409 2409 nvpair_t *propval;
2410 2410 int rv = 0;
2411 2411 uint64_t intval;
2412 2412 char *strval;
2413 2413 nvlist_t *genericnvl = fnvlist_alloc();
2414 2414 nvlist_t *retrynvl = fnvlist_alloc();
2415 2415
2416 2416 retry:
2417 2417 pair = NULL;
2418 2418 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2419 2419 const char *propname = nvpair_name(pair);
2420 2420 zfs_prop_t prop = zfs_name_to_prop(propname);
2421 2421 int err = 0;
2422 2422
2423 2423 /* decode the property value */
2424 2424 propval = pair;
2425 2425 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2426 2426 nvlist_t *attrs;
2427 2427 attrs = fnvpair_value_nvlist(pair);
2428 2428 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2429 2429 &propval) != 0)
2430 2430 err = EINVAL;
2431 2431 }
2432 2432
2433 2433 /* Validate value type */
2434 2434 if (err == 0 && prop == ZPROP_INVAL) {
2435 2435 if (zfs_prop_user(propname)) {
2436 2436 if (nvpair_type(propval) != DATA_TYPE_STRING)
2437 2437 err = EINVAL;
2438 2438 } else if (zfs_prop_userquota(propname)) {
2439 2439 if (nvpair_type(propval) !=
2440 2440 DATA_TYPE_UINT64_ARRAY)
2441 2441 err = EINVAL;
2442 2442 } else {
2443 2443 err = EINVAL;
2444 2444 }
2445 2445 } else if (err == 0) {
2446 2446 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2447 2447 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2448 2448 err = EINVAL;
2449 2449 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2450 2450 const char *unused;
2451 2451
2452 2452 intval = fnvpair_value_uint64(propval);
2453 2453
2454 2454 switch (zfs_prop_get_type(prop)) {
2455 2455 case PROP_TYPE_NUMBER:
2456 2456 break;
2457 2457 case PROP_TYPE_STRING:
2458 2458 err = EINVAL;
2459 2459 break;
2460 2460 case PROP_TYPE_INDEX:
2461 2461 if (zfs_prop_index_to_string(prop,
2462 2462 intval, &unused) != 0)
2463 2463 err = EINVAL;
2464 2464 break;
2465 2465 default:
2466 2466 cmn_err(CE_PANIC,
2467 2467 "unknown property type");
2468 2468 }
2469 2469 } else {
2470 2470 err = EINVAL;
2471 2471 }
2472 2472 }
2473 2473
2474 2474 /* Validate permissions */
2475 2475 if (err == 0)
2476 2476 err = zfs_check_settable(dsname, pair, CRED());
2477 2477
2478 2478 if (err == 0) {
2479 2479 err = zfs_prop_set_special(dsname, source, pair);
2480 2480 if (err == -1) {
2481 2481 /*
2482 2482 * For better performance we build up a list of
2483 2483 * properties to set in a single transaction.
2484 2484 */
2485 2485 err = nvlist_add_nvpair(genericnvl, pair);
2486 2486 } else if (err != 0 && nvl != retrynvl) {
2487 2487 /*
2488 2488 * This may be a spurious error caused by
2489 2489 * receiving quota and reservation out of order.
2490 2490 * Try again in a second pass.
2491 2491 */
2492 2492 err = nvlist_add_nvpair(retrynvl, pair);
2493 2493 }
2494 2494 }
2495 2495
2496 2496 if (err != 0) {
2497 2497 if (errlist != NULL)
2498 2498 fnvlist_add_int32(errlist, propname, err);
2499 2499 rv = err;
2500 2500 }
2501 2501 }
2502 2502
2503 2503 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2504 2504 nvl = retrynvl;
2505 2505 goto retry;
2506 2506 }
2507 2507
2508 2508 if (!nvlist_empty(genericnvl) &&
2509 2509 dsl_props_set(dsname, source, genericnvl) != 0) {
2510 2510 /*
2511 2511 * If this fails, we still want to set as many properties as we
2512 2512 * can, so try setting them individually.
2513 2513 */
2514 2514 pair = NULL;
2515 2515 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2516 2516 const char *propname = nvpair_name(pair);
2517 2517 int err = 0;
2518 2518
2519 2519 propval = pair;
2520 2520 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2521 2521 nvlist_t *attrs;
2522 2522 attrs = fnvpair_value_nvlist(pair);
2523 2523 propval = fnvlist_lookup_nvpair(attrs,
2524 2524 ZPROP_VALUE);
2525 2525 }
2526 2526
2527 2527 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2528 2528 strval = fnvpair_value_string(propval);
2529 2529 err = dsl_prop_set(dsname, propname, source, 1,
2530 2530 strlen(strval) + 1, strval);
2531 2531 } else {
2532 2532 intval = fnvpair_value_uint64(propval);
2533 2533 err = dsl_prop_set(dsname, propname, source, 8,
2534 2534 1, &intval);
2535 2535 }
2536 2536
2537 2537 if (err != 0) {
2538 2538 if (errlist != NULL) {
2539 2539 fnvlist_add_int32(errlist, propname,
2540 2540 err);
2541 2541 }
2542 2542 rv = err;
2543 2543 }
2544 2544 }
2545 2545 }
2546 2546 nvlist_free(genericnvl);
2547 2547 nvlist_free(retrynvl);
2548 2548
2549 2549 return (rv);
2550 2550 }
2551 2551
2552 2552 /*
2553 2553 * Check that all the properties are valid user properties.
2554 2554 */
2555 2555 static int
2556 2556 zfs_check_userprops(const char *fsname, nvlist_t *nvl)
2557 2557 {
2558 2558 nvpair_t *pair = NULL;
2559 2559 int error = 0;
2560 2560
2561 2561 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2562 2562 const char *propname = nvpair_name(pair);
2563 2563 char *valstr;
2564 2564
2565 2565 if (!zfs_prop_user(propname) ||
2566 2566 nvpair_type(pair) != DATA_TYPE_STRING)
2567 2567 return (EINVAL);
2568 2568
2569 2569 if (error = zfs_secpolicy_write_perms(fsname,
2570 2570 ZFS_DELEG_PERM_USERPROP, CRED()))
2571 2571 return (error);
2572 2572
2573 2573 if (strlen(propname) >= ZAP_MAXNAMELEN)
2574 2574 return (ENAMETOOLONG);
2575 2575
2576 2576 VERIFY(nvpair_value_string(pair, &valstr) == 0);
2577 2577 if (strlen(valstr) >= ZAP_MAXVALUELEN)
2578 2578 return (E2BIG);
2579 2579 }
2580 2580 return (0);
2581 2581 }
2582 2582
2583 2583 static void
2584 2584 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2585 2585 {
2586 2586 nvpair_t *pair;
2587 2587
2588 2588 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2589 2589
2590 2590 pair = NULL;
2591 2591 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2592 2592 if (nvlist_exists(skipped, nvpair_name(pair)))
2593 2593 continue;
2594 2594
2595 2595 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2596 2596 }
2597 2597 }
2598 2598
2599 2599 static int
2600 2600 clear_received_props(objset_t *os, const char *fs, nvlist_t *props,
2601 2601 nvlist_t *skipped)
2602 2602 {
2603 2603 int err = 0;
2604 2604 nvlist_t *cleared_props = NULL;
2605 2605 props_skip(props, skipped, &cleared_props);
2606 2606 if (!nvlist_empty(cleared_props)) {
2607 2607 /*
2608 2608 * Acts on local properties until the dataset has received
2609 2609 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2610 2610 */
2611 2611 zprop_source_t flags = (ZPROP_SRC_NONE |
2612 2612 (dsl_prop_get_hasrecvd(os) ? ZPROP_SRC_RECEIVED : 0));
2613 2613 err = zfs_set_prop_nvlist(fs, flags, cleared_props, NULL);
2614 2614 }
2615 2615 nvlist_free(cleared_props);
2616 2616 return (err);
2617 2617 }
2618 2618
2619 2619 /*
2620 2620 * inputs:
2621 2621 * zc_name name of filesystem
2622 2622 * zc_value name of property to set
2623 2623 * zc_nvlist_src{_size} nvlist of properties to apply
2624 2624 * zc_cookie received properties flag
2625 2625 *
2626 2626 * outputs:
2627 2627 * zc_nvlist_dst{_size} error for each unapplied received property
2628 2628 */
2629 2629 static int
2630 2630 zfs_ioc_set_prop(zfs_cmd_t *zc)
2631 2631 {
2632 2632 nvlist_t *nvl;
2633 2633 boolean_t received = zc->zc_cookie;
2634 2634 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2635 2635 ZPROP_SRC_LOCAL);
2636 2636 nvlist_t *errors;
2637 2637 int error;
2638 2638
2639 2639 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2640 2640 zc->zc_iflags, &nvl)) != 0)
2641 2641 return (error);
2642 2642
2643 2643 if (received) {
2644 2644 nvlist_t *origprops;
2645 2645 objset_t *os;
2646 2646
2647 2647 if (dmu_objset_hold(zc->zc_name, FTAG, &os) == 0) {
2648 2648 if (dsl_prop_get_received(os, &origprops) == 0) {
2649 2649 (void) clear_received_props(os,
2650 2650 zc->zc_name, origprops, nvl);
2651 2651 nvlist_free(origprops);
2652 2652 }
2653 2653
2654 2654 dsl_prop_set_hasrecvd(os);
2655 2655 dmu_objset_rele(os, FTAG);
2656 2656 }
2657 2657 }
2658 2658
2659 2659 errors = fnvlist_alloc();
2660 2660 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
2661 2661
2662 2662 if (zc->zc_nvlist_dst != NULL && errors != NULL) {
2663 2663 (void) put_nvlist(zc, errors);
2664 2664 }
2665 2665
2666 2666 nvlist_free(errors);
2667 2667 nvlist_free(nvl);
2668 2668 return (error);
2669 2669 }
2670 2670
2671 2671 /*
2672 2672 * inputs:
2673 2673 * zc_name name of filesystem
2674 2674 * zc_value name of property to inherit
2675 2675 * zc_cookie revert to received value if TRUE
2676 2676 *
2677 2677 * outputs: none
2678 2678 */
2679 2679 static int
2680 2680 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2681 2681 {
2682 2682 const char *propname = zc->zc_value;
2683 2683 zfs_prop_t prop = zfs_name_to_prop(propname);
2684 2684 boolean_t received = zc->zc_cookie;
2685 2685 zprop_source_t source = (received
2686 2686 ? ZPROP_SRC_NONE /* revert to received value, if any */
2687 2687 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2688 2688
2689 2689 if (received) {
2690 2690 nvlist_t *dummy;
2691 2691 nvpair_t *pair;
2692 2692 zprop_type_t type;
2693 2693 int err;
2694 2694
2695 2695 /*
2696 2696 * zfs_prop_set_special() expects properties in the form of an
2697 2697 * nvpair with type info.
2698 2698 */
2699 2699 if (prop == ZPROP_INVAL) {
2700 2700 if (!zfs_prop_user(propname))
2701 2701 return (EINVAL);
2702 2702
2703 2703 type = PROP_TYPE_STRING;
2704 2704 } else if (prop == ZFS_PROP_VOLSIZE ||
2705 2705 prop == ZFS_PROP_VERSION) {
2706 2706 return (EINVAL);
2707 2707 } else {
2708 2708 type = zfs_prop_get_type(prop);
2709 2709 }
2710 2710
2711 2711 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2712 2712
2713 2713 switch (type) {
2714 2714 case PROP_TYPE_STRING:
2715 2715 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2716 2716 break;
2717 2717 case PROP_TYPE_NUMBER:
2718 2718 case PROP_TYPE_INDEX:
2719 2719 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2720 2720 break;
2721 2721 default:
2722 2722 nvlist_free(dummy);
2723 2723 return (EINVAL);
2724 2724 }
2725 2725
2726 2726 pair = nvlist_next_nvpair(dummy, NULL);
2727 2727 err = zfs_prop_set_special(zc->zc_name, source, pair);
2728 2728 nvlist_free(dummy);
2729 2729 if (err != -1)
2730 2730 return (err); /* special property already handled */
2731 2731 } else {
2732 2732 /*
2733 2733 * Only check this in the non-received case. We want to allow
2734 2734 * 'inherit -S' to revert non-inheritable properties like quota
2735 2735 * and reservation to the received or default values even though
2736 2736 * they are not considered inheritable.
2737 2737 */
2738 2738 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2739 2739 return (EINVAL);
2740 2740 }
2741 2741
2742 2742 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2743 2743 return (dsl_prop_set(zc->zc_name, zc->zc_value, source, 0, 0, NULL));
2744 2744 }
2745 2745
2746 2746 static int
2747 2747 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2748 2748 {
2749 2749 nvlist_t *props;
2750 2750 spa_t *spa;
2751 2751 int error;
2752 2752 nvpair_t *pair;
2753 2753
2754 2754 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2755 2755 zc->zc_iflags, &props))
2756 2756 return (error);
2757 2757
2758 2758 /*
2759 2759 * If the only property is the configfile, then just do a spa_lookup()
2760 2760 * to handle the faulted case.
2761 2761 */
2762 2762 pair = nvlist_next_nvpair(props, NULL);
2763 2763 if (pair != NULL && strcmp(nvpair_name(pair),
2764 2764 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2765 2765 nvlist_next_nvpair(props, pair) == NULL) {
2766 2766 mutex_enter(&spa_namespace_lock);
2767 2767 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2768 2768 spa_configfile_set(spa, props, B_FALSE);
2769 2769 spa_config_sync(spa, B_FALSE, B_TRUE);
2770 2770 }
2771 2771 mutex_exit(&spa_namespace_lock);
2772 2772 if (spa != NULL) {
2773 2773 nvlist_free(props);
2774 2774 return (0);
2775 2775 }
2776 2776 }
2777 2777
2778 2778 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2779 2779 nvlist_free(props);
2780 2780 return (error);
2781 2781 }
2782 2782
2783 2783 error = spa_prop_set(spa, props);
2784 2784
2785 2785 nvlist_free(props);
2786 2786 spa_close(spa, FTAG);
2787 2787
2788 2788 return (error);
2789 2789 }
2790 2790
2791 2791 static int
2792 2792 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2793 2793 {
2794 2794 spa_t *spa;
2795 2795 int error;
2796 2796 nvlist_t *nvp = NULL;
2797 2797
2798 2798 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2799 2799 /*
2800 2800 * If the pool is faulted, there may be properties we can still
2801 2801 * get (such as altroot and cachefile), so attempt to get them
2802 2802 * anyway.
2803 2803 */
2804 2804 mutex_enter(&spa_namespace_lock);
2805 2805 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2806 2806 error = spa_prop_get(spa, &nvp);
2807 2807 mutex_exit(&spa_namespace_lock);
2808 2808 } else {
2809 2809 error = spa_prop_get(spa, &nvp);
2810 2810 spa_close(spa, FTAG);
2811 2811 }
2812 2812
2813 2813 if (error == 0 && zc->zc_nvlist_dst != NULL)
2814 2814 error = put_nvlist(zc, nvp);
2815 2815 else
2816 2816 error = EFAULT;
2817 2817
2818 2818 nvlist_free(nvp);
2819 2819 return (error);
2820 2820 }
2821 2821
2822 2822 /*
2823 2823 * inputs:
2824 2824 * zc_name name of filesystem
2825 2825 * zc_nvlist_src{_size} nvlist of delegated permissions
2826 2826 * zc_perm_action allow/unallow flag
2827 2827 *
2828 2828 * outputs: none
2829 2829 */
2830 2830 static int
2831 2831 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2832 2832 {
2833 2833 int error;
2834 2834 nvlist_t *fsaclnv = NULL;
2835 2835
2836 2836 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2837 2837 zc->zc_iflags, &fsaclnv)) != 0)
2838 2838 return (error);
2839 2839
2840 2840 /*
2841 2841 * Verify nvlist is constructed correctly
2842 2842 */
2843 2843 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2844 2844 nvlist_free(fsaclnv);
2845 2845 return (EINVAL);
2846 2846 }
2847 2847
2848 2848 /*
2849 2849 * If we don't have PRIV_SYS_MOUNT, then validate
2850 2850 * that user is allowed to hand out each permission in
2851 2851 * the nvlist(s)
2852 2852 */
2853 2853
2854 2854 error = secpolicy_zfs(CRED());
2855 2855 if (error) {
2856 2856 if (zc->zc_perm_action == B_FALSE) {
2857 2857 error = dsl_deleg_can_allow(zc->zc_name,
2858 2858 fsaclnv, CRED());
2859 2859 } else {
2860 2860 error = dsl_deleg_can_unallow(zc->zc_name,
2861 2861 fsaclnv, CRED());
2862 2862 }
2863 2863 }
2864 2864
2865 2865 if (error == 0)
2866 2866 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2867 2867
2868 2868 nvlist_free(fsaclnv);
2869 2869 return (error);
2870 2870 }
2871 2871
2872 2872 /*
2873 2873 * inputs:
2874 2874 * zc_name name of filesystem
2875 2875 *
2876 2876 * outputs:
2877 2877 * zc_nvlist_src{_size} nvlist of delegated permissions
2878 2878 */
2879 2879 static int
2880 2880 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2881 2881 {
2882 2882 nvlist_t *nvp;
2883 2883 int error;
2884 2884
2885 2885 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2886 2886 error = put_nvlist(zc, nvp);
2887 2887 nvlist_free(nvp);
2888 2888 }
2889 2889
2890 2890 return (error);
2891 2891 }
2892 2892
2893 2893 /*
2894 2894 * Search the vfs list for a specified resource. Returns a pointer to it
2895 2895 * or NULL if no suitable entry is found. The caller of this routine
2896 2896 * is responsible for releasing the returned vfs pointer.
2897 2897 */
2898 2898 static vfs_t *
2899 2899 zfs_get_vfs(const char *resource)
2900 2900 {
2901 2901 struct vfs *vfsp;
2902 2902 struct vfs *vfs_found = NULL;
2903 2903
2904 2904 vfs_list_read_lock();
2905 2905 vfsp = rootvfs;
2906 2906 do {
2907 2907 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2908 2908 VFS_HOLD(vfsp);
2909 2909 vfs_found = vfsp;
2910 2910 break;
2911 2911 }
2912 2912 vfsp = vfsp->vfs_next;
2913 2913 } while (vfsp != rootvfs);
2914 2914 vfs_list_unlock();
2915 2915 return (vfs_found);
2916 2916 }
2917 2917
2918 2918 /* ARGSUSED */
2919 2919 static void
2920 2920 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2921 2921 {
2922 2922 zfs_creat_t *zct = arg;
2923 2923
2924 2924 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2925 2925 }
2926 2926
2927 2927 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2928 2928
2929 2929 /*
2930 2930 * inputs:
2931 2931 * createprops list of properties requested by creator
2932 2932 * default_zplver zpl version to use if unspecified in createprops
2933 2933 * fuids_ok fuids allowed in this version of the spa?
2934 2934 * os parent objset pointer (NULL if root fs)
2935 2935 *
2936 2936 * outputs:
2937 2937 * zplprops values for the zplprops we attach to the master node object
2938 2938 * is_ci true if requested file system will be purely case-insensitive
2939 2939 *
2940 2940 * Determine the settings for utf8only, normalization and
2941 2941 * casesensitivity. Specific values may have been requested by the
2942 2942 * creator and/or we can inherit values from the parent dataset. If
2943 2943 * the file system is of too early a vintage, a creator can not
2944 2944 * request settings for these properties, even if the requested
2945 2945 * setting is the default value. We don't actually want to create dsl
2946 2946 * properties for these, so remove them from the source nvlist after
2947 2947 * processing.
2948 2948 */
2949 2949 static int
2950 2950 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
2951 2951 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
2952 2952 nvlist_t *zplprops, boolean_t *is_ci)
2953 2953 {
2954 2954 uint64_t sense = ZFS_PROP_UNDEFINED;
2955 2955 uint64_t norm = ZFS_PROP_UNDEFINED;
2956 2956 uint64_t u8 = ZFS_PROP_UNDEFINED;
2957 2957
2958 2958 ASSERT(zplprops != NULL);
2959 2959
2960 2960 /*
2961 2961 * Pull out creator prop choices, if any.
2962 2962 */
2963 2963 if (createprops) {
2964 2964 (void) nvlist_lookup_uint64(createprops,
2965 2965 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
2966 2966 (void) nvlist_lookup_uint64(createprops,
2967 2967 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
2968 2968 (void) nvlist_remove_all(createprops,
2969 2969 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
2970 2970 (void) nvlist_lookup_uint64(createprops,
2971 2971 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
2972 2972 (void) nvlist_remove_all(createprops,
2973 2973 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
2974 2974 (void) nvlist_lookup_uint64(createprops,
2975 2975 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
2976 2976 (void) nvlist_remove_all(createprops,
2977 2977 zfs_prop_to_name(ZFS_PROP_CASE));
2978 2978 }
2979 2979
2980 2980 /*
2981 2981 * If the zpl version requested is whacky or the file system
2982 2982 * or pool is version is too "young" to support normalization
2983 2983 * and the creator tried to set a value for one of the props,
2984 2984 * error out.
2985 2985 */
2986 2986 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
2987 2987 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
2988 2988 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
2989 2989 (zplver < ZPL_VERSION_NORMALIZATION &&
2990 2990 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
2991 2991 sense != ZFS_PROP_UNDEFINED)))
2992 2992 return (ENOTSUP);
2993 2993
2994 2994 /*
2995 2995 * Put the version in the zplprops
2996 2996 */
2997 2997 VERIFY(nvlist_add_uint64(zplprops,
2998 2998 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
2999 2999
3000 3000 if (norm == ZFS_PROP_UNDEFINED)
3001 3001 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
3002 3002 VERIFY(nvlist_add_uint64(zplprops,
3003 3003 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3004 3004
3005 3005 /*
3006 3006 * If we're normalizing, names must always be valid UTF-8 strings.
3007 3007 */
3008 3008 if (norm)
3009 3009 u8 = 1;
3010 3010 if (u8 == ZFS_PROP_UNDEFINED)
3011 3011 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
3012 3012 VERIFY(nvlist_add_uint64(zplprops,
3013 3013 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3014 3014
3015 3015 if (sense == ZFS_PROP_UNDEFINED)
3016 3016 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
3017 3017 VERIFY(nvlist_add_uint64(zplprops,
3018 3018 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3019 3019
3020 3020 if (is_ci)
3021 3021 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3022 3022
3023 3023 return (0);
3024 3024 }
3025 3025
3026 3026 static int
3027 3027 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3028 3028 nvlist_t *zplprops, boolean_t *is_ci)
3029 3029 {
3030 3030 boolean_t fuids_ok, sa_ok;
3031 3031 uint64_t zplver = ZPL_VERSION;
3032 3032 objset_t *os = NULL;
3033 3033 char parentname[MAXNAMELEN];
3034 3034 char *cp;
3035 3035 spa_t *spa;
3036 3036 uint64_t spa_vers;
3037 3037 int error;
3038 3038
3039 3039 (void) strlcpy(parentname, dataset, sizeof (parentname));
3040 3040 cp = strrchr(parentname, '/');
3041 3041 ASSERT(cp != NULL);
3042 3042 cp[0] = '\0';
3043 3043
3044 3044 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3045 3045 return (error);
3046 3046
3047 3047 spa_vers = spa_version(spa);
3048 3048 spa_close(spa, FTAG);
3049 3049
3050 3050 zplver = zfs_zpl_version_map(spa_vers);
3051 3051 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3052 3052 sa_ok = (zplver >= ZPL_VERSION_SA);
3053 3053
3054 3054 /*
3055 3055 * Open parent object set so we can inherit zplprop values.
3056 3056 */
3057 3057 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
3058 3058 return (error);
3059 3059
3060 3060 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
3061 3061 zplprops, is_ci);
3062 3062 dmu_objset_rele(os, FTAG);
3063 3063 return (error);
3064 3064 }
3065 3065
3066 3066 static int
3067 3067 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3068 3068 nvlist_t *zplprops, boolean_t *is_ci)
3069 3069 {
3070 3070 boolean_t fuids_ok;
3071 3071 boolean_t sa_ok;
3072 3072 uint64_t zplver = ZPL_VERSION;
3073 3073 int error;
3074 3074
3075 3075 zplver = zfs_zpl_version_map(spa_vers);
3076 3076 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3077 3077 sa_ok = (zplver >= ZPL_VERSION_SA);
3078 3078
3079 3079 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3080 3080 createprops, zplprops, is_ci);
3081 3081 return (error);
3082 3082 }
3083 3083
3084 3084 /*
3085 3085 * innvl: {
3086 3086 * "type" -> dmu_objset_type_t (int32)
3087 3087 * (optional) "props" -> { prop -> value }
3088 3088 * }
3089 3089 *
3090 3090 * outnvl: propname -> error code (int32)
3091 3091 */
3092 3092 static int
3093 3093 zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3094 3094 {
3095 3095 int error = 0;
3096 3096 zfs_creat_t zct = { 0 };
3097 3097 nvlist_t *nvprops = NULL;
3098 3098 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3099 3099 int32_t type32;
3100 3100 dmu_objset_type_t type;
3101 3101 boolean_t is_insensitive = B_FALSE;
3102 3102
3103 3103 if (nvlist_lookup_int32(innvl, "type", &type32) != 0)
3104 3104 return (EINVAL);
3105 3105 type = type32;
3106 3106 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3107 3107
3108 3108 switch (type) {
3109 3109 case DMU_OST_ZFS:
3110 3110 cbfunc = zfs_create_cb;
3111 3111 break;
3112 3112
3113 3113 case DMU_OST_ZVOL:
3114 3114 cbfunc = zvol_create_cb;
3115 3115 break;
3116 3116
3117 3117 default:
3118 3118 cbfunc = NULL;
3119 3119 break;
3120 3120 }
3121 3121 if (strchr(fsname, '@') ||
3122 3122 strchr(fsname, '%'))
3123 3123 return (EINVAL);
3124 3124
3125 3125 zct.zct_props = nvprops;
3126 3126
3127 3127 if (cbfunc == NULL)
3128 3128 return (EINVAL);
3129 3129
3130 3130 if (type == DMU_OST_ZVOL) {
3131 3131 uint64_t volsize, volblocksize;
3132 3132
3133 3133 if (nvprops == NULL)
3134 3134 return (EINVAL);
3135 3135 if (nvlist_lookup_uint64(nvprops,
3136 3136 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
3137 3137 return (EINVAL);
3138 3138
3139 3139 if ((error = nvlist_lookup_uint64(nvprops,
3140 3140 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3141 3141 &volblocksize)) != 0 && error != ENOENT)
3142 3142 return (EINVAL);
3143 3143
3144 3144 if (error != 0)
3145 3145 volblocksize = zfs_prop_default_numeric(
3146 3146 ZFS_PROP_VOLBLOCKSIZE);
3147 3147
3148 3148 if ((error = zvol_check_volblocksize(
3149 3149 volblocksize)) != 0 ||
3150 3150 (error = zvol_check_volsize(volsize,
3151 3151 volblocksize)) != 0)
3152 3152 return (error);
3153 3153 } else if (type == DMU_OST_ZFS) {
3154 3154 int error;
3155 3155
3156 3156 /*
3157 3157 * We have to have normalization and
3158 3158 * case-folding flags correct when we do the
3159 3159 * file system creation, so go figure them out
3160 3160 * now.
3161 3161 */
3162 3162 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3163 3163 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3164 3164 error = zfs_fill_zplprops(fsname, nvprops,
3165 3165 zct.zct_zplprops, &is_insensitive);
3166 3166 if (error != 0) {
3167 3167 nvlist_free(zct.zct_zplprops);
3168 3168 return (error);
3169 3169 }
3170 3170 }
3171 3171
3172 3172 error = dmu_objset_create(fsname, type,
3173 3173 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3174 3174 nvlist_free(zct.zct_zplprops);
3175 3175
3176 3176 /*
3177 3177 * It would be nice to do this atomically.
3178 3178 */
3179 3179 if (error == 0) {
3180 3180 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3181 3181 nvprops, outnvl);
3182 3182 if (error != 0)
3183 3183 (void) dmu_objset_destroy(fsname, B_FALSE);
3184 3184 }
3185 3185 return (error);
3186 3186 }
3187 3187
3188 3188 /*
3189 3189 * innvl: {
3190 3190 * "origin" -> name of origin snapshot
3191 3191 * (optional) "props" -> { prop -> value }
3192 3192 * }
3193 3193 *
3194 3194 * outnvl: propname -> error code (int32)
3195 3195 */
3196 3196 static int
3197 3197 zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3198 3198 {
3199 3199 int error = 0;
3200 3200 nvlist_t *nvprops = NULL;
3201 3201 char *origin_name;
3202 3202 dsl_dataset_t *origin;
3203 3203
3204 3204 if (nvlist_lookup_string(innvl, "origin", &origin_name) != 0)
3205 3205 return (EINVAL);
3206 3206 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3207 3207
3208 3208 if (strchr(fsname, '@') ||
3209 3209 strchr(fsname, '%'))
3210 3210 return (EINVAL);
3211 3211
3212 3212 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
3213 3213 return (EINVAL);
3214 3214
3215 3215 error = dsl_dataset_hold(origin_name, FTAG, &origin);
3216 3216 if (error)
3217 3217 return (error);
3218 3218
3219 3219 error = dmu_objset_clone(fsname, origin, 0);
3220 3220 dsl_dataset_rele(origin, FTAG);
3221 3221 if (error)
3222 3222 return (error);
3223 3223
3224 3224 /*
3225 3225 * It would be nice to do this atomically.
3226 3226 */
3227 3227 if (error == 0) {
3228 3228 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3229 3229 nvprops, outnvl);
3230 3230 if (error != 0)
3231 3231 (void) dmu_objset_destroy(fsname, B_FALSE);
3232 3232 }
3233 3233 return (error);
3234 3234 }
3235 3235
3236 3236 /*
3237 3237 * innvl: {
3238 3238 * "snaps" -> { snapshot1, snapshot2 }
3239 3239 * (optional) "props" -> { prop -> value (string) }
3240 3240 * }
3241 3241 *
3242 3242 * outnvl: snapshot -> error code (int32)
3243 3243 *
3244 3244 */
3245 3245 static int
3246 3246 zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3247 3247 {
3248 3248 nvlist_t *snaps;
3249 3249 nvlist_t *props = NULL;
3250 3250 int error, poollen;
3251 3251 nvpair_t *pair;
3252 3252
3253 3253 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3254 3254 if ((error = zfs_check_userprops(poolname, props)) != 0)
3255 3255 return (error);
3256 3256
3257 3257 if (!nvlist_empty(props) &&
3258 3258 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
3259 3259 return (ENOTSUP);
3260 3260
3261 3261 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3262 3262 return (EINVAL);
3263 3263 poollen = strlen(poolname);
3264 3264 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3265 3265 pair = nvlist_next_nvpair(snaps, pair)) {
3266 3266 const char *name = nvpair_name(pair);
3267 3267 const char *cp = strchr(name, '@');
3268 3268
3269 3269 /*
3270 3270 * The snap name must contain an @, and the part after it must
3271 3271 * contain only valid characters.
3272 3272 */
3273 3273 if (cp == NULL || snapshot_namecheck(cp + 1, NULL, NULL) != 0)
3274 3274 return (EINVAL);
3275 3275
3276 3276 /*
3277 3277 * The snap must be in the specified pool.
3278 3278 */
3279 3279 if (strncmp(name, poolname, poollen) != 0 ||
3280 3280 (name[poollen] != '/' && name[poollen] != '@'))
3281 3281 return (EXDEV);
3282 3282
3283 3283 /* This must be the only snap of this fs. */
3284 3284 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
3285 3285 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3286 3286 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3287 3287 == 0) {
3288 3288 return (EXDEV);
3289 3289 }
3290 3290 }
3291 3291 }
3292 3292
3293 3293 error = dmu_objset_snapshot(snaps, props, outnvl);
3294 3294 return (error);
3295 3295 }
3296 3296
3297 3297 /*
3298 3298 * innvl: "message" -> string
3299 3299 */
3300 3300 /* ARGSUSED */
3301 3301 static int
3302 3302 zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3303 3303 {
3304 3304 char *message;
3305 3305 spa_t *spa;
3306 3306 int error;
3307 3307 char *poolname;
3308 3308
3309 3309 /*
3310 3310 * The poolname in the ioctl is not set, we get it from the TSD,
3311 3311 * which was set at the end of the last successful ioctl that allows
3312 3312 * logging. The secpolicy func already checked that it is set.
3313 3313 * Only one log ioctl is allowed after each successful ioctl, so
3314 3314 * we clear the TSD here.
3315 3315 */
3316 3316 poolname = tsd_get(zfs_allow_log_key);
3317 3317 (void) tsd_set(zfs_allow_log_key, NULL);
3318 3318 error = spa_open(poolname, &spa, FTAG);
3319 3319 strfree(poolname);
3320 3320 if (error != 0)
3321 3321 return (error);
3322 3322
3323 3323 if (nvlist_lookup_string(innvl, "message", &message) != 0) {
3324 3324 spa_close(spa, FTAG);
3325 3325 return (EINVAL);
3326 3326 }
3327 3327
3328 3328 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3329 3329 spa_close(spa, FTAG);
3330 3330 return (ENOTSUP);
3331 3331 }
3332 3332
3333 3333 error = spa_history_log(spa, message);
3334 3334 spa_close(spa, FTAG);
3335 3335 return (error);
3336 3336 }
3337 3337
3338 3338 /* ARGSUSED */
3339 3339 int
3340 3340 zfs_unmount_snap(const char *name, void *arg)
3341 3341 {
3342 3342 vfs_t *vfsp;
3343 3343 int err;
3344 3344
3345 3345 if (strchr(name, '@') == NULL)
3346 3346 return (0);
3347 3347
3348 3348 vfsp = zfs_get_vfs(name);
3349 3349 if (vfsp == NULL)
3350 3350 return (0);
3351 3351
3352 3352 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) {
3353 3353 VFS_RELE(vfsp);
3354 3354 return (err);
3355 3355 }
3356 3356 VFS_RELE(vfsp);
3357 3357
3358 3358 /*
3359 3359 * Always force the unmount for snapshots.
3360 3360 */
3361 3361 return (dounmount(vfsp, MS_FORCE, kcred));
3362 3362 }
3363 3363
3364 3364 /*
3365 3365 * innvl: {
3366 3366 * "snaps" -> { snapshot1, snapshot2 }
3367 3367 * (optional boolean) "defer"
3368 3368 * }
3369 3369 *
3370 3370 * outnvl: snapshot -> error code (int32)
3371 3371 *
3372 3372 */
3373 3373 static int
3374 3374 zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3375 3375 {
3376 3376 int poollen;
3377 3377 nvlist_t *snaps;
3378 3378 nvpair_t *pair;
3379 3379 boolean_t defer;
3380 3380
3381 3381 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3382 3382 return (EINVAL);
3383 3383 defer = nvlist_exists(innvl, "defer");
3384 3384
3385 3385 poollen = strlen(poolname);
3386 3386 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3387 3387 pair = nvlist_next_nvpair(snaps, pair)) {
3388 3388 const char *name = nvpair_name(pair);
3389 3389
3390 3390 /*
3391 3391 * The snap must be in the specified pool.
3392 3392 */
3393 3393 if (strncmp(name, poolname, poollen) != 0 ||
3394 3394 (name[poollen] != '/' && name[poollen] != '@'))
3395 3395 return (EXDEV);
3396 3396
3397 3397 /*
3398 3398 * Ignore failures to unmount; dmu_snapshots_destroy_nvl()
3399 3399 * will deal with this gracefully (by filling in outnvl).
3400 3400 */
3401 3401 (void) zfs_unmount_snap(name, NULL);
3402 3402 }
3403 3403
3404 3404 return (dmu_snapshots_destroy_nvl(snaps, defer, outnvl));
3405 3405 }
3406 3406
3407 3407 /*
3408 3408 * inputs:
3409 3409 * zc_name name of dataset to destroy
3410 3410 * zc_objset_type type of objset
3411 3411 * zc_defer_destroy mark for deferred destroy
3412 3412 *
3413 3413 * outputs: none
3414 3414 */
3415 3415 static int
3416 3416 zfs_ioc_destroy(zfs_cmd_t *zc)
3417 3417 {
3418 3418 int err;
3419 3419 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) {
3420 3420 err = zfs_unmount_snap(zc->zc_name, NULL);
3421 3421 if (err)
3422 3422 return (err);
3423 3423 }
3424 3424
3425 3425 err = dmu_objset_destroy(zc->zc_name, zc->zc_defer_destroy);
3426 3426 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3427 3427 (void) zvol_remove_minor(zc->zc_name);
3428 3428 return (err);
3429 3429 }
3430 3430
3431 3431 /*
3432 3432 * inputs:
3433 3433 * zc_name name of dataset to rollback (to most recent snapshot)
3434 3434 *
3435 3435 * outputs: none
3436 3436 */
3437 3437 static int
3438 3438 zfs_ioc_rollback(zfs_cmd_t *zc)
3439 3439 {
3440 3440 dsl_dataset_t *ds, *clone;
3441 3441 int error;
3442 3442 zfsvfs_t *zfsvfs;
3443 3443 char *clone_name;
3444 3444
3445 3445 error = dsl_dataset_hold(zc->zc_name, FTAG, &ds);
3446 3446 if (error)
3447 3447 return (error);
3448 3448
3449 3449 /* must not be a snapshot */
3450 3450 if (dsl_dataset_is_snapshot(ds)) {
3451 3451 dsl_dataset_rele(ds, FTAG);
3452 3452 return (EINVAL);
3453 3453 }
3454 3454
3455 3455 /* must have a most recent snapshot */
3456 3456 if (ds->ds_phys->ds_prev_snap_txg < TXG_INITIAL) {
3457 3457 dsl_dataset_rele(ds, FTAG);
3458 3458 return (EINVAL);
3459 3459 }
3460 3460
3461 3461 /*
3462 3462 * Create clone of most recent snapshot.
3463 3463 */
3464 3464 clone_name = kmem_asprintf("%s/%%rollback", zc->zc_name);
3465 3465 error = dmu_objset_clone(clone_name, ds->ds_prev, DS_FLAG_INCONSISTENT);
3466 3466 if (error)
3467 3467 goto out;
3468 3468
3469 3469 error = dsl_dataset_own(clone_name, B_TRUE, FTAG, &clone);
3470 3470 if (error)
3471 3471 goto out;
3472 3472
3473 3473 /*
3474 3474 * Do clone swap.
3475 3475 */
3476 3476 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
3477 3477 error = zfs_suspend_fs(zfsvfs);
3478 3478 if (error == 0) {
3479 3479 int resume_err;
3480 3480
3481 3481 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3482 3482 error = dsl_dataset_clone_swap(clone, ds,
3483 3483 B_TRUE);
3484 3484 dsl_dataset_disown(ds, FTAG);
3485 3485 ds = NULL;
3486 3486 } else {
3487 3487 error = EBUSY;
3488 3488 }
3489 3489 resume_err = zfs_resume_fs(zfsvfs, zc->zc_name);
3490 3490 error = error ? error : resume_err;
3491 3491 }
3492 3492 VFS_RELE(zfsvfs->z_vfs);
3493 3493 } else {
3494 3494 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3495 3495 error = dsl_dataset_clone_swap(clone, ds, B_TRUE);
3496 3496 dsl_dataset_disown(ds, FTAG);
3497 3497 ds = NULL;
3498 3498 } else {
3499 3499 error = EBUSY;
3500 3500 }
3501 3501 }
3502 3502
3503 3503 /*
3504 3504 * Destroy clone (which also closes it).
3505 3505 */
3506 3506 (void) dsl_dataset_destroy(clone, FTAG, B_FALSE);
3507 3507
3508 3508 out:
3509 3509 strfree(clone_name);
3510 3510 if (ds)
3511 3511 dsl_dataset_rele(ds, FTAG);
3512 3512 return (error);
3513 3513 }
3514 3514
3515 3515 /*
3516 3516 * inputs:
3517 3517 * zc_name old name of dataset
3518 3518 * zc_value new name of dataset
3519 3519 * zc_cookie recursive flag (only valid for snapshots)
3520 3520 *
3521 3521 * outputs: none
3522 3522 */
3523 3523 static int
3524 3524 zfs_ioc_rename(zfs_cmd_t *zc)
3525 3525 {
3526 3526 boolean_t recursive = zc->zc_cookie & 1;
3527 3527
3528 3528 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3529 3529 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3530 3530 strchr(zc->zc_value, '%'))
3531 3531 return (EINVAL);
3532 3532
3533 3533 /*
3534 3534 * Unmount snapshot unless we're doing a recursive rename,
3535 3535 * in which case the dataset code figures out which snapshots
3536 3536 * to unmount.
3537 3537 */
3538 3538 if (!recursive && strchr(zc->zc_name, '@') != NULL &&
3539 3539 zc->zc_objset_type == DMU_OST_ZFS) {
3540 3540 int err = zfs_unmount_snap(zc->zc_name, NULL);
3541 3541 if (err)
3542 3542 return (err);
3543 3543 }
3544 3544 if (zc->zc_objset_type == DMU_OST_ZVOL)
3545 3545 (void) zvol_remove_minor(zc->zc_name);
3546 3546 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive));
3547 3547 }
3548 3548
3549 3549 static int
3550 3550 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3551 3551 {
3552 3552 const char *propname = nvpair_name(pair);
3553 3553 boolean_t issnap = (strchr(dsname, '@') != NULL);
3554 3554 zfs_prop_t prop = zfs_name_to_prop(propname);
3555 3555 uint64_t intval;
3556 3556 int err;
3557 3557
3558 3558 if (prop == ZPROP_INVAL) {
3559 3559 if (zfs_prop_user(propname)) {
3560 3560 if (err = zfs_secpolicy_write_perms(dsname,
3561 3561 ZFS_DELEG_PERM_USERPROP, cr))
3562 3562 return (err);
3563 3563 return (0);
3564 3564 }
3565 3565
3566 3566 if (!issnap && zfs_prop_userquota(propname)) {
3567 3567 const char *perm = NULL;
3568 3568 const char *uq_prefix =
3569 3569 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3570 3570 const char *gq_prefix =
3571 3571 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3572 3572
3573 3573 if (strncmp(propname, uq_prefix,
3574 3574 strlen(uq_prefix)) == 0) {
3575 3575 perm = ZFS_DELEG_PERM_USERQUOTA;
3576 3576 } else if (strncmp(propname, gq_prefix,
3577 3577 strlen(gq_prefix)) == 0) {
3578 3578 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3579 3579 } else {
3580 3580 /* USERUSED and GROUPUSED are read-only */
3581 3581 return (EINVAL);
3582 3582 }
3583 3583
3584 3584 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3585 3585 return (err);
3586 3586 return (0);
3587 3587 }
3588 3588
3589 3589 return (EINVAL);
3590 3590 }
3591 3591
3592 3592 if (issnap)
3593 3593 return (EINVAL);
3594 3594
3595 3595 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3596 3596 /*
3597 3597 * dsl_prop_get_all_impl() returns properties in this
3598 3598 * format.
3599 3599 */
3600 3600 nvlist_t *attrs;
3601 3601 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3602 3602 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3603 3603 &pair) == 0);
3604 3604 }
3605 3605
3606 3606 /*
3607 3607 * Check that this value is valid for this pool version
3608 3608 */
3609 3609 switch (prop) {
3610 3610 case ZFS_PROP_COMPRESSION:
3611 3611 /*
3612 3612 * If the user specified gzip compression, make sure
3613 3613 * the SPA supports it. We ignore any errors here since
3614 3614 * we'll catch them later.
3615 3615 */
3616 3616 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3617 3617 nvpair_value_uint64(pair, &intval) == 0) {
3618 3618 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3619 3619 intval <= ZIO_COMPRESS_GZIP_9 &&
3620 3620 zfs_earlier_version(dsname,
3621 3621 SPA_VERSION_GZIP_COMPRESSION)) {
3622 3622 return (ENOTSUP);
3623 3623 }
3624 3624
3625 3625 if (intval == ZIO_COMPRESS_ZLE &&
3626 3626 zfs_earlier_version(dsname,
3627 3627 SPA_VERSION_ZLE_COMPRESSION))
3628 3628 return (ENOTSUP);
3629 3629
3630 3630 /*
3631 3631 * If this is a bootable dataset then
3632 3632 * verify that the compression algorithm
3633 3633 * is supported for booting. We must return
3634 3634 * something other than ENOTSUP since it
3635 3635 * implies a downrev pool version.
3636 3636 */
3637 3637 if (zfs_is_bootfs(dsname) &&
3638 3638 !BOOTFS_COMPRESS_VALID(intval)) {
3639 3639 return (ERANGE);
3640 3640 }
3641 3641 }
3642 3642 break;
3643 3643
3644 3644 case ZFS_PROP_COPIES:
3645 3645 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3646 3646 return (ENOTSUP);
3647 3647 break;
3648 3648
3649 3649 case ZFS_PROP_DEDUP:
3650 3650 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3651 3651 return (ENOTSUP);
3652 3652 break;
3653 3653
3654 3654 case ZFS_PROP_SHARESMB:
3655 3655 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3656 3656 return (ENOTSUP);
3657 3657 break;
3658 3658
3659 3659 case ZFS_PROP_ACLINHERIT:
3660 3660 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3661 3661 nvpair_value_uint64(pair, &intval) == 0) {
3662 3662 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3663 3663 zfs_earlier_version(dsname,
3664 3664 SPA_VERSION_PASSTHROUGH_X))
3665 3665 return (ENOTSUP);
3666 3666 }
3667 3667 break;
3668 3668 }
3669 3669
3670 3670 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3671 3671 }
3672 3672
3673 3673 /*
3674 3674 * Removes properties from the given props list that fail permission checks
3675 3675 * needed to clear them and to restore them in case of a receive error. For each
3676 3676 * property, make sure we have both set and inherit permissions.
3677 3677 *
3678 3678 * Returns the first error encountered if any permission checks fail. If the
3679 3679 * caller provides a non-NULL errlist, it also gives the complete list of names
3680 3680 * of all the properties that failed a permission check along with the
3681 3681 * corresponding error numbers. The caller is responsible for freeing the
3682 3682 * returned errlist.
3683 3683 *
3684 3684 * If every property checks out successfully, zero is returned and the list
3685 3685 * pointed at by errlist is NULL.
3686 3686 */
3687 3687 static int
3688 3688 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3689 3689 {
3690 3690 zfs_cmd_t *zc;
3691 3691 nvpair_t *pair, *next_pair;
3692 3692 nvlist_t *errors;
3693 3693 int err, rv = 0;
3694 3694
3695 3695 if (props == NULL)
3696 3696 return (0);
3697 3697
3698 3698 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3699 3699
3700 3700 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3701 3701 (void) strcpy(zc->zc_name, dataset);
3702 3702 pair = nvlist_next_nvpair(props, NULL);
3703 3703 while (pair != NULL) {
3704 3704 next_pair = nvlist_next_nvpair(props, pair);
3705 3705
3706 3706 (void) strcpy(zc->zc_value, nvpair_name(pair));
3707 3707 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3708 3708 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
3709 3709 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3710 3710 VERIFY(nvlist_add_int32(errors,
3711 3711 zc->zc_value, err) == 0);
3712 3712 }
3713 3713 pair = next_pair;
3714 3714 }
3715 3715 kmem_free(zc, sizeof (zfs_cmd_t));
3716 3716
3717 3717 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3718 3718 nvlist_free(errors);
3719 3719 errors = NULL;
3720 3720 } else {
3721 3721 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3722 3722 }
3723 3723
3724 3724 if (errlist == NULL)
3725 3725 nvlist_free(errors);
3726 3726 else
3727 3727 *errlist = errors;
3728 3728
3729 3729 return (rv);
3730 3730 }
3731 3731
3732 3732 static boolean_t
3733 3733 propval_equals(nvpair_t *p1, nvpair_t *p2)
3734 3734 {
3735 3735 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3736 3736 /* dsl_prop_get_all_impl() format */
3737 3737 nvlist_t *attrs;
3738 3738 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3739 3739 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3740 3740 &p1) == 0);
3741 3741 }
3742 3742
3743 3743 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
3744 3744 nvlist_t *attrs;
3745 3745 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
3746 3746 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3747 3747 &p2) == 0);
3748 3748 }
3749 3749
3750 3750 if (nvpair_type(p1) != nvpair_type(p2))
3751 3751 return (B_FALSE);
3752 3752
3753 3753 if (nvpair_type(p1) == DATA_TYPE_STRING) {
3754 3754 char *valstr1, *valstr2;
3755 3755
3756 3756 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
3757 3757 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
3758 3758 return (strcmp(valstr1, valstr2) == 0);
3759 3759 } else {
3760 3760 uint64_t intval1, intval2;
3761 3761
3762 3762 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
3763 3763 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
3764 3764 return (intval1 == intval2);
3765 3765 }
3766 3766 }
3767 3767
3768 3768 /*
3769 3769 * Remove properties from props if they are not going to change (as determined
3770 3770 * by comparison with origprops). Remove them from origprops as well, since we
3771 3771 * do not need to clear or restore properties that won't change.
3772 3772 */
3773 3773 static void
3774 3774 props_reduce(nvlist_t *props, nvlist_t *origprops)
3775 3775 {
3776 3776 nvpair_t *pair, *next_pair;
3777 3777
3778 3778 if (origprops == NULL)
3779 3779 return; /* all props need to be received */
3780 3780
3781 3781 pair = nvlist_next_nvpair(props, NULL);
3782 3782 while (pair != NULL) {
3783 3783 const char *propname = nvpair_name(pair);
3784 3784 nvpair_t *match;
3785 3785
3786 3786 next_pair = nvlist_next_nvpair(props, pair);
3787 3787
3788 3788 if ((nvlist_lookup_nvpair(origprops, propname,
3789 3789 &match) != 0) || !propval_equals(pair, match))
3790 3790 goto next; /* need to set received value */
3791 3791
3792 3792 /* don't clear the existing received value */
3793 3793 (void) nvlist_remove_nvpair(origprops, match);
3794 3794 /* don't bother receiving the property */
3795 3795 (void) nvlist_remove_nvpair(props, pair);
3796 3796 next:
3797 3797 pair = next_pair;
3798 3798 }
3799 3799 }
3800 3800
3801 3801 #ifdef DEBUG
3802 3802 static boolean_t zfs_ioc_recv_inject_err;
3803 3803 #endif
3804 3804
3805 3805 /*
3806 3806 * inputs:
3807 3807 * zc_name name of containing filesystem
3808 3808 * zc_nvlist_src{_size} nvlist of properties to apply
3809 3809 * zc_value name of snapshot to create
3810 3810 * zc_string name of clone origin (if DRR_FLAG_CLONE)
3811 3811 * zc_cookie file descriptor to recv from
3812 3812 * zc_begin_record the BEGIN record of the stream (not byteswapped)
3813 3813 * zc_guid force flag
3814 3814 * zc_cleanup_fd cleanup-on-exit file descriptor
3815 3815 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
3816 3816 *
3817 3817 * outputs:
3818 3818 * zc_cookie number of bytes read
3819 3819 * zc_nvlist_dst{_size} error for each unapplied received property
3820 3820 * zc_obj zprop_errflags_t
3821 3821 * zc_action_handle handle for this guid/ds mapping
3822 3822 */
3823 3823 static int
3824 3824 zfs_ioc_recv(zfs_cmd_t *zc)
3825 3825 {
3826 3826 file_t *fp;
3827 3827 objset_t *os;
3828 3828 dmu_recv_cookie_t drc;
3829 3829 boolean_t force = (boolean_t)zc->zc_guid;
3830 3830 int fd;
3831 3831 int error = 0;
3832 3832 int props_error = 0;
3833 3833 nvlist_t *errors;
3834 3834 offset_t off;
3835 3835 nvlist_t *props = NULL; /* sent properties */
3836 3836 nvlist_t *origprops = NULL; /* existing properties */
3837 3837 objset_t *origin = NULL;
3838 3838 char *tosnap;
3839 3839 char tofs[ZFS_MAXNAMELEN];
3840 3840 boolean_t first_recvd_props = B_FALSE;
3841 3841
3842 3842 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3843 3843 strchr(zc->zc_value, '@') == NULL ||
3844 3844 strchr(zc->zc_value, '%'))
3845 3845 return (EINVAL);
3846 3846
3847 3847 (void) strcpy(tofs, zc->zc_value);
3848 3848 tosnap = strchr(tofs, '@');
3849 3849 *tosnap++ = '\0';
3850 3850
3851 3851 if (zc->zc_nvlist_src != NULL &&
3852 3852 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3853 3853 zc->zc_iflags, &props)) != 0)
3854 3854 return (error);
3855 3855
3856 3856 fd = zc->zc_cookie;
3857 3857 fp = getf(fd);
3858 3858 if (fp == NULL) {
3859 3859 nvlist_free(props);
3860 3860 return (EBADF);
3861 3861 }
3862 3862
3863 3863 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3864 3864
3865 3865 if (props && dmu_objset_hold(tofs, FTAG, &os) == 0) {
3866 3866 if ((spa_version(os->os_spa) >= SPA_VERSION_RECVD_PROPS) &&
3867 3867 !dsl_prop_get_hasrecvd(os)) {
3868 3868 first_recvd_props = B_TRUE;
3869 3869 }
3870 3870
3871 3871 /*
3872 3872 * If new received properties are supplied, they are to
3873 3873 * completely replace the existing received properties, so stash
3874 3874 * away the existing ones.
3875 3875 */
3876 3876 if (dsl_prop_get_received(os, &origprops) == 0) {
3877 3877 nvlist_t *errlist = NULL;
3878 3878 /*
3879 3879 * Don't bother writing a property if its value won't
3880 3880 * change (and avoid the unnecessary security checks).
3881 3881 *
3882 3882 * The first receive after SPA_VERSION_RECVD_PROPS is a
3883 3883 * special case where we blow away all local properties
3884 3884 * regardless.
3885 3885 */
3886 3886 if (!first_recvd_props)
3887 3887 props_reduce(props, origprops);
3888 3888 if (zfs_check_clearable(tofs, origprops,
3889 3889 &errlist) != 0)
3890 3890 (void) nvlist_merge(errors, errlist, 0);
3891 3891 nvlist_free(errlist);
3892 3892 }
3893 3893
3894 3894 dmu_objset_rele(os, FTAG);
3895 3895 }
3896 3896
3897 3897 if (zc->zc_string[0]) {
3898 3898 error = dmu_objset_hold(zc->zc_string, FTAG, &origin);
3899 3899 if (error)
3900 3900 goto out;
3901 3901 }
3902 3902
3903 3903 error = dmu_recv_begin(tofs, tosnap, zc->zc_top_ds,
3904 3904 &zc->zc_begin_record, force, origin, &drc);
3905 3905 if (origin)
3906 3906 dmu_objset_rele(origin, FTAG);
3907 3907 if (error)
3908 3908 goto out;
3909 3909
3910 3910 /*
3911 3911 * Set properties before we receive the stream so that they are applied
3912 3912 * to the new data. Note that we must call dmu_recv_stream() if
3913 3913 * dmu_recv_begin() succeeds.
3914 3914 */
3915 3915 if (props) {
3916 3916 if (dmu_objset_from_ds(drc.drc_logical_ds, &os) == 0) {
3917 3917 if (drc.drc_newfs) {
3918 3918 if (spa_version(os->os_spa) >=
3919 3919 SPA_VERSION_RECVD_PROPS)
3920 3920 first_recvd_props = B_TRUE;
3921 3921 } else if (origprops != NULL) {
3922 3922 if (clear_received_props(os, tofs, origprops,
3923 3923 first_recvd_props ? NULL : props) != 0)
3924 3924 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3925 3925 } else {
3926 3926 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3927 3927 }
3928 3928 dsl_prop_set_hasrecvd(os);
3929 3929 } else if (!drc.drc_newfs) {
3930 3930 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3931 3931 }
3932 3932
3933 3933 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
3934 3934 props, errors);
3935 3935 }
3936 3936
3937 3937 if (zc->zc_nvlist_dst_size != 0 &&
3938 3938 (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
3939 3939 put_nvlist(zc, errors) != 0)) {
3940 3940 /*
3941 3941 * Caller made zc->zc_nvlist_dst less than the minimum expected
3942 3942 * size or supplied an invalid address.
3943 3943 */
3944 3944 props_error = EINVAL;
3945 3945 }
3946 3946
3947 3947 off = fp->f_offset;
3948 3948 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
3949 3949 &zc->zc_action_handle);
3950 3950
3951 3951 if (error == 0) {
3952 3952 zfsvfs_t *zfsvfs = NULL;
3953 3953
3954 3954 if (getzfsvfs(tofs, &zfsvfs) == 0) {
3955 3955 /* online recv */
3956 3956 int end_err;
3957 3957
3958 3958 error = zfs_suspend_fs(zfsvfs);
3959 3959 /*
3960 3960 * If the suspend fails, then the recv_end will
3961 3961 * likely also fail, and clean up after itself.
3962 3962 */
3963 3963 end_err = dmu_recv_end(&drc);
3964 3964 if (error == 0)
3965 3965 error = zfs_resume_fs(zfsvfs, tofs);
3966 3966 error = error ? error : end_err;
3967 3967 VFS_RELE(zfsvfs->z_vfs);
3968 3968 } else {
3969 3969 error = dmu_recv_end(&drc);
3970 3970 }
3971 3971 }
3972 3972
3973 3973 zc->zc_cookie = off - fp->f_offset;
3974 3974 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
3975 3975 fp->f_offset = off;
3976 3976
3977 3977 #ifdef DEBUG
3978 3978 if (zfs_ioc_recv_inject_err) {
3979 3979 zfs_ioc_recv_inject_err = B_FALSE;
3980 3980 error = 1;
3981 3981 }
3982 3982 #endif
3983 3983 /*
3984 3984 * On error, restore the original props.
3985 3985 */
3986 3986 if (error && props) {
3987 3987 if (dmu_objset_hold(tofs, FTAG, &os) == 0) {
3988 3988 if (clear_received_props(os, tofs, props, NULL) != 0) {
3989 3989 /*
3990 3990 * We failed to clear the received properties.
3991 3991 * Since we may have left a $recvd value on the
3992 3992 * system, we can't clear the $hasrecvd flag.
3993 3993 */
3994 3994 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3995 3995 } else if (first_recvd_props) {
3996 3996 dsl_prop_unset_hasrecvd(os);
3997 3997 }
3998 3998 dmu_objset_rele(os, FTAG);
3999 3999 } else if (!drc.drc_newfs) {
4000 4000 /* We failed to clear the received properties. */
4001 4001 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4002 4002 }
4003 4003
4004 4004 if (origprops == NULL && !drc.drc_newfs) {
4005 4005 /* We failed to stash the original properties. */
4006 4006 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4007 4007 }
4008 4008
4009 4009 /*
4010 4010 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4011 4011 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4012 4012 * explictly if we're restoring local properties cleared in the
4013 4013 * first new-style receive.
4014 4014 */
4015 4015 if (origprops != NULL &&
4016 4016 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4017 4017 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
4018 4018 origprops, NULL) != 0) {
4019 4019 /*
4020 4020 * We stashed the original properties but failed to
4021 4021 * restore them.
4022 4022 */
4023 4023 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4024 4024 }
4025 4025 }
4026 4026 out:
4027 4027 nvlist_free(props);
4028 4028 nvlist_free(origprops);
4029 4029 nvlist_free(errors);
4030 4030 releasef(fd);
4031 4031
4032 4032 if (error == 0)
4033 4033 error = props_error;
4034 4034
4035 4035 return (error);
4036 4036 }
4037 4037
4038 4038 /*
4039 4039 * inputs:
4040 4040 * zc_name name of snapshot to send
4041 4041 * zc_cookie file descriptor to send stream to
4042 4042 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4043 4043 * zc_sendobj objsetid of snapshot to send
4044 4044 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4045 4045 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4046 4046 * output size in zc_objset_type.
4047 4047 *
4048 4048 * outputs: none
4049 4049 */
4050 4050 static int
4051 4051 zfs_ioc_send(zfs_cmd_t *zc)
4052 4052 {
4053 4053 objset_t *fromsnap = NULL;
4054 4054 objset_t *tosnap;
4055 4055 int error;
4056 4056 offset_t off;
4057 4057 dsl_dataset_t *ds;
4058 4058 dsl_dataset_t *dsfrom = NULL;
4059 4059 spa_t *spa;
4060 4060 dsl_pool_t *dp;
4061 4061 boolean_t estimate = (zc->zc_guid != 0);
4062 4062
4063 4063 error = spa_open(zc->zc_name, &spa, FTAG);
4064 4064 if (error)
4065 4065 return (error);
4066 4066
4067 4067 dp = spa_get_dsl(spa);
4068 4068 rw_enter(&dp->dp_config_rwlock, RW_READER);
4069 4069 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4070 4070 rw_exit(&dp->dp_config_rwlock);
4071 4071 spa_close(spa, FTAG);
4072 4072 if (error)
4073 4073 return (error);
4074 4074
4075 4075 error = dmu_objset_from_ds(ds, &tosnap);
4076 4076 if (error) {
4077 4077 dsl_dataset_rele(ds, FTAG);
4078 4078 return (error);
4079 4079 }
4080 4080
4081 4081 if (zc->zc_fromobj != 0) {
4082 4082 rw_enter(&dp->dp_config_rwlock, RW_READER);
4083 4083 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj, FTAG, &dsfrom);
4084 4084 rw_exit(&dp->dp_config_rwlock);
4085 4085 if (error) {
4086 4086 dsl_dataset_rele(ds, FTAG);
4087 4087 return (error);
4088 4088 }
4089 4089 error = dmu_objset_from_ds(dsfrom, &fromsnap);
4090 4090 if (error) {
4091 4091 dsl_dataset_rele(dsfrom, FTAG);
4092 4092 dsl_dataset_rele(ds, FTAG);
4093 4093 return (error);
4094 4094 }
4095 4095 }
4096 4096
4097 4097 if (zc->zc_obj) {
4098 4098 dsl_pool_t *dp = ds->ds_dir->dd_pool;
4099 4099
4100 4100 if (fromsnap != NULL) {
4101 4101 dsl_dataset_rele(dsfrom, FTAG);
4102 4102 dsl_dataset_rele(ds, FTAG);
4103 4103 return (EINVAL);
4104 4104 }
4105 4105
4106 4106 if (dsl_dir_is_clone(ds->ds_dir)) {
4107 4107 rw_enter(&dp->dp_config_rwlock, RW_READER);
4108 4108 error = dsl_dataset_hold_obj(dp,
4109 4109 ds->ds_dir->dd_phys->dd_origin_obj, FTAG, &dsfrom);
4110 4110 rw_exit(&dp->dp_config_rwlock);
4111 4111 if (error) {
4112 4112 dsl_dataset_rele(ds, FTAG);
4113 4113 return (error);
4114 4114 }
4115 4115 error = dmu_objset_from_ds(dsfrom, &fromsnap);
4116 4116 if (error) {
4117 4117 dsl_dataset_rele(dsfrom, FTAG);
4118 4118 dsl_dataset_rele(ds, FTAG);
4119 4119 return (error);
4120 4120 }
4121 4121 }
4122 4122 }
4123 4123
4124 4124 if (estimate) {
4125 4125 error = dmu_send_estimate(tosnap, fromsnap,
4126 4126 &zc->zc_objset_type);
4127 4127 } else {
4128 4128 file_t *fp = getf(zc->zc_cookie);
4129 4129 if (fp == NULL) {
4130 4130 dsl_dataset_rele(ds, FTAG);
4131 4131 if (dsfrom)
4132 4132 dsl_dataset_rele(dsfrom, FTAG);
4133 4133 return (EBADF);
4134 4134 }
4135 4135
4136 4136 off = fp->f_offset;
4137 4137 error = dmu_send(tosnap, fromsnap,
4138 4138 zc->zc_cookie, fp->f_vnode, &off);
4139 4139
4140 4140 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4141 4141 fp->f_offset = off;
4142 4142 releasef(zc->zc_cookie);
4143 4143 }
4144 4144 if (dsfrom)
4145 4145 dsl_dataset_rele(dsfrom, FTAG);
4146 4146 dsl_dataset_rele(ds, FTAG);
4147 4147 return (error);
4148 4148 }
4149 4149
4150 4150 /*
4151 4151 * inputs:
4152 4152 * zc_name name of snapshot on which to report progress
4153 4153 * zc_cookie file descriptor of send stream
4154 4154 *
4155 4155 * outputs:
4156 4156 * zc_cookie number of bytes written in send stream thus far
4157 4157 */
4158 4158 static int
4159 4159 zfs_ioc_send_progress(zfs_cmd_t *zc)
4160 4160 {
4161 4161 dsl_dataset_t *ds;
4162 4162 dmu_sendarg_t *dsp = NULL;
4163 4163 int error;
4164 4164
4165 4165 if ((error = dsl_dataset_hold(zc->zc_name, FTAG, &ds)) != 0)
4166 4166 return (error);
4167 4167
4168 4168 mutex_enter(&ds->ds_sendstream_lock);
4169 4169
4170 4170 /*
4171 4171 * Iterate over all the send streams currently active on this dataset.
4172 4172 * If there's one which matches the specified file descriptor _and_ the
4173 4173 * stream was started by the current process, return the progress of
4174 4174 * that stream.
4175 4175 */
4176 4176 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4177 4177 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4178 4178 if (dsp->dsa_outfd == zc->zc_cookie &&
4179 4179 dsp->dsa_proc == curproc)
4180 4180 break;
4181 4181 }
4182 4182
4183 4183 if (dsp != NULL)
4184 4184 zc->zc_cookie = *(dsp->dsa_off);
4185 4185 else
4186 4186 error = ENOENT;
4187 4187
4188 4188 mutex_exit(&ds->ds_sendstream_lock);
4189 4189 dsl_dataset_rele(ds, FTAG);
4190 4190 return (error);
4191 4191 }
4192 4192
4193 4193 static int
4194 4194 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4195 4195 {
4196 4196 int id, error;
4197 4197
4198 4198 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4199 4199 &zc->zc_inject_record);
4200 4200
4201 4201 if (error == 0)
4202 4202 zc->zc_guid = (uint64_t)id;
4203 4203
4204 4204 return (error);
4205 4205 }
4206 4206
4207 4207 static int
4208 4208 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4209 4209 {
4210 4210 return (zio_clear_fault((int)zc->zc_guid));
4211 4211 }
4212 4212
4213 4213 static int
4214 4214 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4215 4215 {
4216 4216 int id = (int)zc->zc_guid;
4217 4217 int error;
4218 4218
4219 4219 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4220 4220 &zc->zc_inject_record);
4221 4221
4222 4222 zc->zc_guid = id;
4223 4223
4224 4224 return (error);
4225 4225 }
4226 4226
4227 4227 static int
4228 4228 zfs_ioc_error_log(zfs_cmd_t *zc)
4229 4229 {
4230 4230 spa_t *spa;
4231 4231 int error;
4232 4232 size_t count = (size_t)zc->zc_nvlist_dst_size;
4233 4233
4234 4234 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4235 4235 return (error);
4236 4236
4237 4237 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4238 4238 &count);
4239 4239 if (error == 0)
4240 4240 zc->zc_nvlist_dst_size = count;
4241 4241 else
4242 4242 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4243 4243
4244 4244 spa_close(spa, FTAG);
4245 4245
4246 4246 return (error);
4247 4247 }
4248 4248
4249 4249 static int
4250 4250 zfs_ioc_clear(zfs_cmd_t *zc)
4251 4251 {
4252 4252 spa_t *spa;
4253 4253 vdev_t *vd;
4254 4254 int error;
4255 4255
4256 4256 /*
4257 4257 * On zpool clear we also fix up missing slogs
4258 4258 */
4259 4259 mutex_enter(&spa_namespace_lock);
4260 4260 spa = spa_lookup(zc->zc_name);
4261 4261 if (spa == NULL) {
4262 4262 mutex_exit(&spa_namespace_lock);
4263 4263 return (EIO);
4264 4264 }
4265 4265 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4266 4266 /* we need to let spa_open/spa_load clear the chains */
4267 4267 spa_set_log_state(spa, SPA_LOG_CLEAR);
4268 4268 }
4269 4269 spa->spa_last_open_failed = 0;
4270 4270 mutex_exit(&spa_namespace_lock);
4271 4271
4272 4272 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4273 4273 error = spa_open(zc->zc_name, &spa, FTAG);
4274 4274 } else {
4275 4275 nvlist_t *policy;
4276 4276 nvlist_t *config = NULL;
4277 4277
4278 4278 if (zc->zc_nvlist_src == NULL)
4279 4279 return (EINVAL);
4280 4280
4281 4281 if ((error = get_nvlist(zc->zc_nvlist_src,
4282 4282 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4283 4283 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4284 4284 policy, &config);
4285 4285 if (config != NULL) {
4286 4286 int err;
4287 4287
4288 4288 if ((err = put_nvlist(zc, config)) != 0)
4289 4289 error = err;
4290 4290 nvlist_free(config);
4291 4291 }
4292 4292 nvlist_free(policy);
4293 4293 }
4294 4294 }
4295 4295
4296 4296 if (error)
4297 4297 return (error);
4298 4298
4299 4299 spa_vdev_state_enter(spa, SCL_NONE);
4300 4300
4301 4301 if (zc->zc_guid == 0) {
4302 4302 vd = NULL;
4303 4303 } else {
4304 4304 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4305 4305 if (vd == NULL) {
4306 4306 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4307 4307 spa_close(spa, FTAG);
4308 4308 return (ENODEV);
4309 4309 }
4310 4310 }
4311 4311
4312 4312 vdev_clear(spa, vd);
4313 4313
4314 4314 (void) spa_vdev_state_exit(spa, NULL, 0);
4315 4315
4316 4316 /*
4317 4317 * Resume any suspended I/Os.
4318 4318 */
4319 4319 if (zio_resume(spa) != 0)
4320 4320 error = EIO;
4321 4321
4322 4322 spa_close(spa, FTAG);
4323 4323
4324 4324 return (error);
4325 4325 }
4326 4326
4327 4327 static int
4328 4328 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4329 4329 {
4330 4330 spa_t *spa;
4331 4331 int error;
4332 4332
4333 4333 error = spa_open(zc->zc_name, &spa, FTAG);
4334 4334 if (error)
4335 4335 return (error);
4336 4336
4337 4337 spa_vdev_state_enter(spa, SCL_NONE);
4338 4338 vdev_reopen(spa->spa_root_vdev);
4339 4339 (void) spa_vdev_state_exit(spa, NULL, 0);
4340 4340 spa_close(spa, FTAG);
4341 4341 return (0);
4342 4342 }
4343 4343 /*
4344 4344 * inputs:
4345 4345 * zc_name name of filesystem
4346 4346 * zc_value name of origin snapshot
4347 4347 *
4348 4348 * outputs:
4349 4349 * zc_string name of conflicting snapshot, if there is one
4350 4350 */
4351 4351 static int
4352 4352 zfs_ioc_promote(zfs_cmd_t *zc)
4353 4353 {
4354 4354 char *cp;
4355 4355
4356 4356 /*
4357 4357 * We don't need to unmount *all* the origin fs's snapshots, but
4358 4358 * it's easier.
4359 4359 */
4360 4360 cp = strchr(zc->zc_value, '@');
4361 4361 if (cp)
4362 4362 *cp = '\0';
4363 4363 (void) dmu_objset_find(zc->zc_value,
4364 4364 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS);
4365 4365 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4366 4366 }
4367 4367
4368 4368 /*
4369 4369 * Retrieve a single {user|group}{used|quota}@... property.
4370 4370 *
4371 4371 * inputs:
4372 4372 * zc_name name of filesystem
4373 4373 * zc_objset_type zfs_userquota_prop_t
4374 4374 * zc_value domain name (eg. "S-1-234-567-89")
4375 4375 * zc_guid RID/UID/GID
4376 4376 *
4377 4377 * outputs:
4378 4378 * zc_cookie property value
4379 4379 */
4380 4380 static int
4381 4381 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4382 4382 {
4383 4383 zfsvfs_t *zfsvfs;
4384 4384 int error;
4385 4385
4386 4386 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4387 4387 return (EINVAL);
4388 4388
4389 4389 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4390 4390 if (error)
4391 4391 return (error);
4392 4392
4393 4393 error = zfs_userspace_one(zfsvfs,
4394 4394 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4395 4395 zfsvfs_rele(zfsvfs, FTAG);
4396 4396
4397 4397 return (error);
4398 4398 }
4399 4399
4400 4400 /*
4401 4401 * inputs:
4402 4402 * zc_name name of filesystem
4403 4403 * zc_cookie zap cursor
4404 4404 * zc_objset_type zfs_userquota_prop_t
4405 4405 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4406 4406 *
4407 4407 * outputs:
4408 4408 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4409 4409 * zc_cookie zap cursor
4410 4410 */
4411 4411 static int
4412 4412 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4413 4413 {
4414 4414 zfsvfs_t *zfsvfs;
4415 4415 int bufsize = zc->zc_nvlist_dst_size;
4416 4416
4417 4417 if (bufsize <= 0)
4418 4418 return (ENOMEM);
4419 4419
4420 4420 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4421 4421 if (error)
4422 4422 return (error);
4423 4423
4424 4424 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4425 4425
4426 4426 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4427 4427 buf, &zc->zc_nvlist_dst_size);
4428 4428
4429 4429 if (error == 0) {
4430 4430 error = xcopyout(buf,
4431 4431 (void *)(uintptr_t)zc->zc_nvlist_dst,
4432 4432 zc->zc_nvlist_dst_size);
4433 4433 }
4434 4434 kmem_free(buf, bufsize);
4435 4435 zfsvfs_rele(zfsvfs, FTAG);
4436 4436
4437 4437 return (error);
4438 4438 }
4439 4439
4440 4440 /*
4441 4441 * inputs:
4442 4442 * zc_name name of filesystem
4443 4443 *
4444 4444 * outputs:
4445 4445 * none
4446 4446 */
4447 4447 static int
4448 4448 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4449 4449 {
4450 4450 objset_t *os;
4451 4451 int error = 0;
4452 4452 zfsvfs_t *zfsvfs;
4453 4453
4454 4454 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4455 4455 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4456 4456 /*
4457 4457 * If userused is not enabled, it may be because the
4458 4458 * objset needs to be closed & reopened (to grow the
4459 4459 * objset_phys_t). Suspend/resume the fs will do that.
4460 4460 */
4461 4461 error = zfs_suspend_fs(zfsvfs);
4462 4462 if (error == 0)
4463 4463 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4464 4464 }
4465 4465 if (error == 0)
4466 4466 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4467 4467 VFS_RELE(zfsvfs->z_vfs);
4468 4468 } else {
4469 4469 /* XXX kind of reading contents without owning */
4470 4470 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4471 4471 if (error)
4472 4472 return (error);
4473 4473
4474 4474 error = dmu_objset_userspace_upgrade(os);
4475 4475 dmu_objset_rele(os, FTAG);
4476 4476 }
4477 4477
4478 4478 return (error);
4479 4479 }
4480 4480
4481 4481 /*
4482 4482 * We don't want to have a hard dependency
4483 4483 * against some special symbols in sharefs
4484 4484 * nfs, and smbsrv. Determine them if needed when
4485 4485 * the first file system is shared.
4486 4486 * Neither sharefs, nfs or smbsrv are unloadable modules.
4487 4487 */
4488 4488 int (*znfsexport_fs)(void *arg);
4489 4489 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4490 4490 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4491 4491
4492 4492 int zfs_nfsshare_inited;
4493 4493 int zfs_smbshare_inited;
4494 4494
4495 4495 ddi_modhandle_t nfs_mod;
4496 4496 ddi_modhandle_t sharefs_mod;
4497 4497 ddi_modhandle_t smbsrv_mod;
4498 4498 kmutex_t zfs_share_lock;
4499 4499
4500 4500 static int
4501 4501 zfs_init_sharefs()
4502 4502 {
4503 4503 int error;
4504 4504
4505 4505 ASSERT(MUTEX_HELD(&zfs_share_lock));
4506 4506 /* Both NFS and SMB shares also require sharetab support. */
4507 4507 if (sharefs_mod == NULL && ((sharefs_mod =
4508 4508 ddi_modopen("fs/sharefs",
4509 4509 KRTLD_MODE_FIRST, &error)) == NULL)) {
4510 4510 return (ENOSYS);
4511 4511 }
4512 4512 if (zshare_fs == NULL && ((zshare_fs =
4513 4513 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4514 4514 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4515 4515 return (ENOSYS);
4516 4516 }
4517 4517 return (0);
4518 4518 }
4519 4519
4520 4520 static int
4521 4521 zfs_ioc_share(zfs_cmd_t *zc)
4522 4522 {
4523 4523 int error;
4524 4524 int opcode;
4525 4525
4526 4526 switch (zc->zc_share.z_sharetype) {
4527 4527 case ZFS_SHARE_NFS:
4528 4528 case ZFS_UNSHARE_NFS:
4529 4529 if (zfs_nfsshare_inited == 0) {
4530 4530 mutex_enter(&zfs_share_lock);
4531 4531 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4532 4532 KRTLD_MODE_FIRST, &error)) == NULL)) {
4533 4533 mutex_exit(&zfs_share_lock);
4534 4534 return (ENOSYS);
4535 4535 }
4536 4536 if (znfsexport_fs == NULL &&
4537 4537 ((znfsexport_fs = (int (*)(void *))
4538 4538 ddi_modsym(nfs_mod,
4539 4539 "nfs_export", &error)) == NULL)) {
4540 4540 mutex_exit(&zfs_share_lock);
4541 4541 return (ENOSYS);
4542 4542 }
4543 4543 error = zfs_init_sharefs();
4544 4544 if (error) {
4545 4545 mutex_exit(&zfs_share_lock);
4546 4546 return (ENOSYS);
4547 4547 }
4548 4548 zfs_nfsshare_inited = 1;
4549 4549 mutex_exit(&zfs_share_lock);
4550 4550 }
4551 4551 break;
4552 4552 case ZFS_SHARE_SMB:
4553 4553 case ZFS_UNSHARE_SMB:
4554 4554 if (zfs_smbshare_inited == 0) {
4555 4555 mutex_enter(&zfs_share_lock);
4556 4556 if (smbsrv_mod == NULL && ((smbsrv_mod =
4557 4557 ddi_modopen("drv/smbsrv",
4558 4558 KRTLD_MODE_FIRST, &error)) == NULL)) {
4559 4559 mutex_exit(&zfs_share_lock);
4560 4560 return (ENOSYS);
4561 4561 }
4562 4562 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4563 4563 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4564 4564 "smb_server_share", &error)) == NULL)) {
4565 4565 mutex_exit(&zfs_share_lock);
4566 4566 return (ENOSYS);
4567 4567 }
4568 4568 error = zfs_init_sharefs();
4569 4569 if (error) {
4570 4570 mutex_exit(&zfs_share_lock);
4571 4571 return (ENOSYS);
4572 4572 }
4573 4573 zfs_smbshare_inited = 1;
4574 4574 mutex_exit(&zfs_share_lock);
4575 4575 }
4576 4576 break;
4577 4577 default:
4578 4578 return (EINVAL);
4579 4579 }
4580 4580
4581 4581 switch (zc->zc_share.z_sharetype) {
4582 4582 case ZFS_SHARE_NFS:
4583 4583 case ZFS_UNSHARE_NFS:
4584 4584 if (error =
4585 4585 znfsexport_fs((void *)
4586 4586 (uintptr_t)zc->zc_share.z_exportdata))
4587 4587 return (error);
4588 4588 break;
4589 4589 case ZFS_SHARE_SMB:
4590 4590 case ZFS_UNSHARE_SMB:
4591 4591 if (error = zsmbexport_fs((void *)
4592 4592 (uintptr_t)zc->zc_share.z_exportdata,
4593 4593 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4594 4594 B_TRUE: B_FALSE)) {
4595 4595 return (error);
4596 4596 }
4597 4597 break;
4598 4598 }
4599 4599
4600 4600 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4601 4601 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4602 4602 SHAREFS_ADD : SHAREFS_REMOVE;
4603 4603
4604 4604 /*
4605 4605 * Add or remove share from sharetab
4606 4606 */
4607 4607 error = zshare_fs(opcode,
4608 4608 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4609 4609 zc->zc_share.z_sharemax);
4610 4610
4611 4611 return (error);
4612 4612
4613 4613 }
4614 4614
4615 4615 ace_t full_access[] = {
4616 4616 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4617 4617 };
4618 4618
4619 4619 /*
4620 4620 * inputs:
4621 4621 * zc_name name of containing filesystem
4622 4622 * zc_obj object # beyond which we want next in-use object #
4623 4623 *
4624 4624 * outputs:
4625 4625 * zc_obj next in-use object #
4626 4626 */
4627 4627 static int
4628 4628 zfs_ioc_next_obj(zfs_cmd_t *zc)
4629 4629 {
4630 4630 objset_t *os = NULL;
4631 4631 int error;
4632 4632
4633 4633 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4634 4634 if (error)
4635 4635 return (error);
4636 4636
4637 4637 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4638 4638 os->os_dsl_dataset->ds_phys->ds_prev_snap_txg);
4639 4639
4640 4640 dmu_objset_rele(os, FTAG);
4641 4641 return (error);
4642 4642 }
4643 4643
4644 4644 /*
4645 4645 * inputs:
4646 4646 * zc_name name of filesystem
4647 4647 * zc_value prefix name for snapshot
4648 4648 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4649 4649 *
4650 4650 * outputs:
4651 4651 * zc_value short name of new snapshot
4652 4652 */
4653 4653 static int
4654 4654 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4655 4655 {
4656 4656 char *snap_name;
4657 4657 int error;
4658 4658
4659 4659 snap_name = kmem_asprintf("%s@%s-%016llx", zc->zc_name, zc->zc_value,
4660 4660 (u_longlong_t)ddi_get_lbolt64());
4661 4661
4662 4662 if (strlen(snap_name) >= MAXPATHLEN) {
4663 4663 strfree(snap_name);
4664 4664 return (E2BIG);
4665 4665 }
4666 4666
4667 4667 error = dmu_objset_snapshot_tmp(snap_name, "%temp", zc->zc_cleanup_fd);
4668 4668 if (error != 0) {
4669 4669 strfree(snap_name);
4670 4670 return (error);
4671 4671 }
4672 4672
4673 4673 (void) strcpy(zc->zc_value, strchr(snap_name, '@') + 1);
4674 4674 strfree(snap_name);
4675 4675 return (0);
4676 4676 }
4677 4677
4678 4678 /*
4679 4679 * inputs:
4680 4680 * zc_name name of "to" snapshot
4681 4681 * zc_value name of "from" snapshot
4682 4682 * zc_cookie file descriptor to write diff data on
4683 4683 *
4684 4684 * outputs:
4685 4685 * dmu_diff_record_t's to the file descriptor
4686 4686 */
4687 4687 static int
4688 4688 zfs_ioc_diff(zfs_cmd_t *zc)
4689 4689 {
4690 4690 objset_t *fromsnap;
4691 4691 objset_t *tosnap;
4692 4692 file_t *fp;
4693 4693 offset_t off;
4694 4694 int error;
4695 4695
4696 4696 error = dmu_objset_hold(zc->zc_name, FTAG, &tosnap);
4697 4697 if (error)
4698 4698 return (error);
4699 4699
4700 4700 error = dmu_objset_hold(zc->zc_value, FTAG, &fromsnap);
4701 4701 if (error) {
4702 4702 dmu_objset_rele(tosnap, FTAG);
4703 4703 return (error);
4704 4704 }
4705 4705
4706 4706 fp = getf(zc->zc_cookie);
4707 4707 if (fp == NULL) {
4708 4708 dmu_objset_rele(fromsnap, FTAG);
4709 4709 dmu_objset_rele(tosnap, FTAG);
4710 4710 return (EBADF);
4711 4711 }
4712 4712
4713 4713 off = fp->f_offset;
4714 4714
4715 4715 error = dmu_diff(tosnap, fromsnap, fp->f_vnode, &off);
4716 4716
4717 4717 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4718 4718 fp->f_offset = off;
4719 4719 releasef(zc->zc_cookie);
4720 4720
4721 4721 dmu_objset_rele(fromsnap, FTAG);
4722 4722 dmu_objset_rele(tosnap, FTAG);
4723 4723 return (error);
4724 4724 }
4725 4725
4726 4726 /*
4727 4727 * Remove all ACL files in shares dir
4728 4728 */
4729 4729 static int
4730 4730 zfs_smb_acl_purge(znode_t *dzp)
4731 4731 {
4732 4732 zap_cursor_t zc;
4733 4733 zap_attribute_t zap;
4734 4734 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4735 4735 int error;
4736 4736
4737 4737 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4738 4738 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4739 4739 zap_cursor_advance(&zc)) {
4740 4740 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4741 4741 NULL, 0)) != 0)
4742 4742 break;
4743 4743 }
4744 4744 zap_cursor_fini(&zc);
4745 4745 return (error);
4746 4746 }
4747 4747
4748 4748 static int
4749 4749 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4750 4750 {
4751 4751 vnode_t *vp;
4752 4752 znode_t *dzp;
4753 4753 vnode_t *resourcevp = NULL;
4754 4754 znode_t *sharedir;
4755 4755 zfsvfs_t *zfsvfs;
4756 4756 nvlist_t *nvlist;
4757 4757 char *src, *target;
4758 4758 vattr_t vattr;
4759 4759 vsecattr_t vsec;
4760 4760 int error = 0;
4761 4761
4762 4762 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4763 4763 NO_FOLLOW, NULL, &vp)) != 0)
4764 4764 return (error);
4765 4765
4766 4766 /* Now make sure mntpnt and dataset are ZFS */
4767 4767
4768 4768 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
4769 4769 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4770 4770 zc->zc_name) != 0)) {
4771 4771 VN_RELE(vp);
4772 4772 return (EINVAL);
4773 4773 }
4774 4774
4775 4775 dzp = VTOZ(vp);
4776 4776 zfsvfs = dzp->z_zfsvfs;
4777 4777 ZFS_ENTER(zfsvfs);
4778 4778
4779 4779 /*
4780 4780 * Create share dir if its missing.
4781 4781 */
4782 4782 mutex_enter(&zfsvfs->z_lock);
4783 4783 if (zfsvfs->z_shares_dir == 0) {
4784 4784 dmu_tx_t *tx;
4785 4785
4786 4786 tx = dmu_tx_create(zfsvfs->z_os);
4787 4787 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
4788 4788 ZFS_SHARES_DIR);
4789 4789 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
4790 4790 error = dmu_tx_assign(tx, TXG_WAIT);
4791 4791 if (error) {
4792 4792 dmu_tx_abort(tx);
4793 4793 } else {
4794 4794 error = zfs_create_share_dir(zfsvfs, tx);
4795 4795 dmu_tx_commit(tx);
4796 4796 }
4797 4797 if (error) {
4798 4798 mutex_exit(&zfsvfs->z_lock);
4799 4799 VN_RELE(vp);
4800 4800 ZFS_EXIT(zfsvfs);
4801 4801 return (error);
4802 4802 }
4803 4803 }
4804 4804 mutex_exit(&zfsvfs->z_lock);
4805 4805
4806 4806 ASSERT(zfsvfs->z_shares_dir);
4807 4807 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
4808 4808 VN_RELE(vp);
4809 4809 ZFS_EXIT(zfsvfs);
4810 4810 return (error);
4811 4811 }
4812 4812
4813 4813 switch (zc->zc_cookie) {
4814 4814 case ZFS_SMB_ACL_ADD:
4815 4815 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
4816 4816 vattr.va_type = VREG;
4817 4817 vattr.va_mode = S_IFREG|0777;
4818 4818 vattr.va_uid = 0;
4819 4819 vattr.va_gid = 0;
4820 4820
4821 4821 vsec.vsa_mask = VSA_ACE;
4822 4822 vsec.vsa_aclentp = &full_access;
4823 4823 vsec.vsa_aclentsz = sizeof (full_access);
4824 4824 vsec.vsa_aclcnt = 1;
4825 4825
4826 4826 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
4827 4827 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
4828 4828 if (resourcevp)
4829 4829 VN_RELE(resourcevp);
4830 4830 break;
4831 4831
4832 4832 case ZFS_SMB_ACL_REMOVE:
4833 4833 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
4834 4834 NULL, 0);
4835 4835 break;
4836 4836
4837 4837 case ZFS_SMB_ACL_RENAME:
4838 4838 if ((error = get_nvlist(zc->zc_nvlist_src,
4839 4839 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
4840 4840 VN_RELE(vp);
4841 4841 ZFS_EXIT(zfsvfs);
4842 4842 return (error);
4843 4843 }
4844 4844 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
4845 4845 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
4846 4846 &target)) {
4847 4847 VN_RELE(vp);
4848 4848 VN_RELE(ZTOV(sharedir));
4849 4849 ZFS_EXIT(zfsvfs);
4850 4850 nvlist_free(nvlist);
4851 4851 return (error);
4852 4852 }
4853 4853 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
4854 4854 kcred, NULL, 0);
4855 4855 nvlist_free(nvlist);
4856 4856 break;
4857 4857
4858 4858 case ZFS_SMB_ACL_PURGE:
4859 4859 error = zfs_smb_acl_purge(sharedir);
4860 4860 break;
4861 4861
4862 4862 default:
4863 4863 error = EINVAL;
4864 4864 break;
4865 4865 }
4866 4866
4867 4867 VN_RELE(vp);
4868 4868 VN_RELE(ZTOV(sharedir));
4869 4869
4870 4870 ZFS_EXIT(zfsvfs);
4871 4871
4872 4872 return (error);
4873 4873 }
4874 4874
4875 4875 /*
4876 4876 * inputs:
4877 4877 * zc_name name of filesystem
4878 4878 * zc_value short name of snap
4879 4879 * zc_string user-supplied tag for this hold
4880 4880 * zc_cookie recursive flag
4881 4881 * zc_temphold set if hold is temporary
4882 4882 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4883 4883 * zc_sendobj if non-zero, the objid for zc_name@zc_value
4884 4884 * zc_createtxg if zc_sendobj is non-zero, snap must have zc_createtxg
4885 4885 *
4886 4886 * outputs: none
4887 4887 */
4888 4888 static int
4889 4889 zfs_ioc_hold(zfs_cmd_t *zc)
4890 4890 {
4891 4891 boolean_t recursive = zc->zc_cookie;
4892 4892 spa_t *spa;
4893 4893 dsl_pool_t *dp;
4894 4894 dsl_dataset_t *ds;
4895 4895 int error;
4896 4896 minor_t minor = 0;
4897 4897
4898 4898 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4899 4899 return (EINVAL);
4900 4900
4901 4901 if (zc->zc_sendobj == 0) {
4902 4902 return (dsl_dataset_user_hold(zc->zc_name, zc->zc_value,
4903 4903 zc->zc_string, recursive, zc->zc_temphold,
4904 4904 zc->zc_cleanup_fd));
4905 4905 }
4906 4906
4907 4907 if (recursive)
4908 4908 return (EINVAL);
4909 4909
4910 4910 error = spa_open(zc->zc_name, &spa, FTAG);
4911 4911 if (error)
4912 4912 return (error);
4913 4913
4914 4914 dp = spa_get_dsl(spa);
4915 4915 rw_enter(&dp->dp_config_rwlock, RW_READER);
4916 4916 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4917 4917 rw_exit(&dp->dp_config_rwlock);
4918 4918 spa_close(spa, FTAG);
4919 4919 if (error)
4920 4920 return (error);
4921 4921
4922 4922 /*
4923 4923 * Until we have a hold on this snapshot, it's possible that
4924 4924 * zc_sendobj could've been destroyed and reused as part
4925 4925 * of a later txg. Make sure we're looking at the right object.
4926 4926 */
4927 4927 if (zc->zc_createtxg != ds->ds_phys->ds_creation_txg) {
4928 4928 dsl_dataset_rele(ds, FTAG);
4929 4929 return (ENOENT);
4930 4930 }
4931 4931
4932 4932 if (zc->zc_cleanup_fd != -1 && zc->zc_temphold) {
4933 4933 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4934 4934 if (error) {
4935 4935 dsl_dataset_rele(ds, FTAG);
4936 4936 return (error);
4937 4937 }
4938 4938 }
4939 4939
4940 4940 error = dsl_dataset_user_hold_for_send(ds, zc->zc_string,
4941 4941 zc->zc_temphold);
4942 4942 if (minor != 0) {
4943 4943 if (error == 0) {
4944 4944 dsl_register_onexit_hold_cleanup(ds, zc->zc_string,
4945 4945 minor);
4946 4946 }
4947 4947 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4948 4948 }
4949 4949 dsl_dataset_rele(ds, FTAG);
4950 4950
4951 4951 return (error);
4952 4952 }
4953 4953
4954 4954 /*
4955 4955 * inputs:
4956 4956 * zc_name name of dataset from which we're releasing a user hold
4957 4957 * zc_value short name of snap
4958 4958 * zc_string user-supplied tag for this hold
4959 4959 * zc_cookie recursive flag
4960 4960 *
4961 4961 * outputs: none
4962 4962 */
4963 4963 static int
4964 4964 zfs_ioc_release(zfs_cmd_t *zc)
4965 4965 {
4966 4966 boolean_t recursive = zc->zc_cookie;
4967 4967
4968 4968 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4969 4969 return (EINVAL);
4970 4970
4971 4971 return (dsl_dataset_user_release(zc->zc_name, zc->zc_value,
4972 4972 zc->zc_string, recursive));
4973 4973 }
4974 4974
4975 4975 /*
4976 4976 * inputs:
4977 4977 * zc_name name of filesystem
4978 4978 *
4979 4979 * outputs:
4980 4980 * zc_nvlist_src{_size} nvlist of snapshot holds
4981 4981 */
4982 4982 static int
4983 4983 zfs_ioc_get_holds(zfs_cmd_t *zc)
4984 4984 {
4985 4985 nvlist_t *nvp;
4986 4986 int error;
4987 4987
4988 4988 if ((error = dsl_dataset_get_holds(zc->zc_name, &nvp)) == 0) {
4989 4989 error = put_nvlist(zc, nvp);
4990 4990 nvlist_free(nvp);
4991 4991 }
4992 4992
4993 4993 return (error);
4994 4994 }
4995 4995
4996 4996 /*
4997 4997 * inputs:
4998 4998 * zc_name name of new filesystem or snapshot
4999 4999 * zc_value full name of old snapshot
5000 5000 *
5001 5001 * outputs:
5002 5002 * zc_cookie space in bytes
5003 5003 * zc_objset_type compressed space in bytes
5004 5004 * zc_perm_action uncompressed space in bytes
5005 5005 */
5006 5006 static int
5007 5007 zfs_ioc_space_written(zfs_cmd_t *zc)
5008 5008 {
5009 5009 int error;
5010 5010 dsl_dataset_t *new, *old;
5011 5011
5012 5012 error = dsl_dataset_hold(zc->zc_name, FTAG, &new);
5013 5013 if (error != 0)
5014 5014 return (error);
5015 5015 error = dsl_dataset_hold(zc->zc_value, FTAG, &old);
5016 5016 if (error != 0) {
5017 5017 dsl_dataset_rele(new, FTAG);
5018 5018 return (error);
5019 5019 }
5020 5020
5021 5021 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5022 5022 &zc->zc_objset_type, &zc->zc_perm_action);
5023 5023 dsl_dataset_rele(old, FTAG);
5024 5024 dsl_dataset_rele(new, FTAG);
5025 5025 return (error);
5026 5026 }
5027 5027 /*
5028 5028 * innvl: {
5029 5029 * "firstsnap" -> snapshot name
5030 5030 * }
5031 5031 *
5032 5032 * outnvl: {
5033 5033 * "used" -> space in bytes
5034 5034 * "compressed" -> compressed space in bytes
5035 5035 * "uncompressed" -> uncompressed space in bytes
5036 5036 * }
5037 5037 */
5038 5038 static int
5039 5039 zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
5040 5040 {
5041 5041 int error;
5042 5042 dsl_dataset_t *new, *old;
5043 5043 char *firstsnap;
5044 5044 uint64_t used, comp, uncomp;
5045 5045
5046 5046 if (nvlist_lookup_string(innvl, "firstsnap", &firstsnap) != 0)
5047 5047 return (EINVAL);
5048 5048
5049 5049 error = dsl_dataset_hold(lastsnap, FTAG, &new);
5050 5050 if (error != 0)
5051 5051 return (error);
5052 5052 error = dsl_dataset_hold(firstsnap, FTAG, &old);
5053 5053 if (error != 0) {
5054 5054 dsl_dataset_rele(new, FTAG);
5055 5055 return (error);
5056 5056 }
5057 5057
5058 5058 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
5059 5059 dsl_dataset_rele(old, FTAG);
5060 5060 dsl_dataset_rele(new, FTAG);
5061 5061 fnvlist_add_uint64(outnvl, "used", used);
5062 5062 fnvlist_add_uint64(outnvl, "compressed", comp);
5063 5063 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
5064 5064 return (error);
5065 5065 }
5066 5066
5067 5067 /*
5068 5068 * innvl: {
5069 5069 * "fd" -> file descriptor to write stream to (int32)
5070 5070 * (optional) "fromsnap" -> full snap name to send an incremental from
5071 5071 * }
5072 5072 *
5073 5073 * outnvl is unused
5074 5074 */
5075 5075 /* ARGSUSED */
5076 5076 static int
5077 5077 zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5078 5078 {
5079 5079 objset_t *fromsnap = NULL;
5080 5080 objset_t *tosnap;
5081 5081 int error;
5082 5082 offset_t off;
5083 5083 char *fromname;
5084 5084 int fd;
5085 5085
5086 5086 error = nvlist_lookup_int32(innvl, "fd", &fd);
5087 5087 if (error != 0)
5088 5088 return (EINVAL);
5089 5089
5090 5090 error = dmu_objset_hold(snapname, FTAG, &tosnap);
5091 5091 if (error)
5092 5092 return (error);
5093 5093
5094 5094 error = nvlist_lookup_string(innvl, "fromsnap", &fromname);
5095 5095 if (error == 0) {
5096 5096 error = dmu_objset_hold(fromname, FTAG, &fromsnap);
5097 5097 if (error) {
5098 5098 dmu_objset_rele(tosnap, FTAG);
5099 5099 return (error);
5100 5100 }
5101 5101 }
5102 5102
5103 5103 file_t *fp = getf(fd);
5104 5104 if (fp == NULL) {
5105 5105 dmu_objset_rele(tosnap, FTAG);
5106 5106 if (fromsnap != NULL)
5107 5107 dmu_objset_rele(fromsnap, FTAG);
5108 5108 return (EBADF);
5109 5109 }
5110 5110
5111 5111 off = fp->f_offset;
5112 5112 error = dmu_send(tosnap, fromsnap, fd, fp->f_vnode, &off);
5113 5113
5114 5114 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5115 5115 fp->f_offset = off;
5116 5116 releasef(fd);
5117 5117 if (fromsnap != NULL)
5118 5118 dmu_objset_rele(fromsnap, FTAG);
5119 5119 dmu_objset_rele(tosnap, FTAG);
5120 5120 return (error);
5121 5121 }
5122 5122
5123 5123 /*
5124 5124 * Determine approximately how large a zfs send stream will be -- the number
5125 5125 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5126 5126 *
5127 5127 * innvl: {
5128 5128 * (optional) "fromsnap" -> full snap name to send an incremental from
5129 5129 * }
5130 5130 *
5131 5131 * outnvl: {
5132 5132 * "space" -> bytes of space (uint64)
5133 5133 * }
5134 5134 */
5135 5135 static int
5136 5136 zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5137 5137 {
5138 5138 objset_t *fromsnap = NULL;
5139 5139 objset_t *tosnap;
5140 5140 int error;
5141 5141 char *fromname;
5142 5142 uint64_t space;
5143 5143
5144 5144 error = dmu_objset_hold(snapname, FTAG, &tosnap);
5145 5145 if (error)
5146 5146 return (error);
5147 5147
5148 5148 error = nvlist_lookup_string(innvl, "fromsnap", &fromname);
5149 5149 if (error == 0) {
5150 5150 error = dmu_objset_hold(fromname, FTAG, &fromsnap);
5151 5151 if (error) {
5152 5152 dmu_objset_rele(tosnap, FTAG);
5153 5153 return (error);
5154 5154 }
5155 5155 }
5156 5156
5157 5157 error = dmu_send_estimate(tosnap, fromsnap, &space);
5158 5158 fnvlist_add_uint64(outnvl, "space", space);
5159 5159
5160 5160 if (fromsnap != NULL)
5161 5161 dmu_objset_rele(fromsnap, FTAG);
5162 5162 dmu_objset_rele(tosnap, FTAG);
5163 5163 return (error);
5164 5164 }
5165 5165
5166 5166
5167 5167 static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
5168 5168
5169 5169 static void
5170 5170 zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5171 5171 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5172 5172 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
5173 5173 {
5174 5174 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5175 5175
5176 5176 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5177 5177 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5178 5178 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5179 5179 ASSERT3P(vec->zvec_func, ==, NULL);
5180 5180
5181 5181 vec->zvec_legacy_func = func;
5182 5182 vec->zvec_secpolicy = secpolicy;
5183 5183 vec->zvec_namecheck = namecheck;
5184 5184 vec->zvec_allow_log = log_history;
5185 5185 vec->zvec_pool_check = pool_check;
5186 5186 }
5187 5187
5188 5188 /*
5189 5189 * See the block comment at the beginning of this file for details on
5190 5190 * each argument to this function.
5191 5191 */
5192 5192 static void
5193 5193 zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
5194 5194 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5195 5195 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
5196 5196 boolean_t allow_log)
5197 5197 {
5198 5198 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5199 5199
5200 5200 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5201 5201 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5202 5202 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5203 5203 ASSERT3P(vec->zvec_func, ==, NULL);
5204 5204
5205 5205 /* if we are logging, the name must be valid */
5206 5206 ASSERT(!allow_log || namecheck != NO_NAME);
5207 5207
5208 5208 vec->zvec_name = name;
5209 5209 vec->zvec_func = func;
5210 5210 vec->zvec_secpolicy = secpolicy;
5211 5211 vec->zvec_namecheck = namecheck;
5212 5212 vec->zvec_pool_check = pool_check;
5213 5213 vec->zvec_smush_outnvlist = smush_outnvlist;
5214 5214 vec->zvec_allow_log = allow_log;
5215 5215 }
5216 5216
5217 5217 static void
5218 5218 zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5219 5219 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
5220 5220 zfs_ioc_poolcheck_t pool_check)
5221 5221 {
5222 5222 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5223 5223 POOL_NAME, log_history, pool_check);
5224 5224 }
5225 5225
5226 5226 static void
5227 5227 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5228 5228 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
5229 5229 {
5230 5230 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5231 5231 DATASET_NAME, B_FALSE, pool_check);
5232 5232 }
5233 5233
5234 5234 static void
5235 5235 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5236 5236 {
5237 5237 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
5238 5238 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5239 5239 }
5240 5240
5241 5241 static void
5242 5242 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5243 5243 zfs_secpolicy_func_t *secpolicy)
5244 5244 {
5245 5245 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5246 5246 NO_NAME, B_FALSE, POOL_CHECK_NONE);
5247 5247 }
5248 5248
5249 5249 static void
5250 5250 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
5251 5251 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
5252 5252 {
5253 5253 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5254 5254 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
5255 5255 }
5256 5256
5257 5257 static void
5258 5258 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5259 5259 {
5260 5260 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
5261 5261 zfs_secpolicy_read);
5262 5262 }
5263 5263
5264 5264 static void
5265 5265 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5266 5266 zfs_secpolicy_func_t *secpolicy)
5267 5267 {
5268 5268 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5269 5269 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5270 5270 }
5271 5271
5272 5272 static void
5273 5273 zfs_ioctl_init(void)
5274 5274 {
5275 5275 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
5276 5276 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
5277 5277 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5278 5278
5279 5279 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
5280 5280 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
5281 5281 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE);
5282 5282
5283 5283 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
5284 5284 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
5285 5285 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5286 5286
5287 5287 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
5288 5288 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
5289 5289 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5290 5290
5291 5291 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
5292 5292 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
5293 5293 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5294 5294
5295 5295 zfs_ioctl_register("create", ZFS_IOC_CREATE,
5296 5296 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
5297 5297 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5298 5298
5299 5299 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
5300 5300 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
5301 5301 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5302 5302
5303 5303 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
5304 5304 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
5305 5305 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5306 5306
5307 5307 /* IOCTLS that use the legacy function signature */
5308 5308
5309 5309 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
5310 5310 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
5311 5311
5312 5312 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
5313 5313 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5314 5314 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
5315 5315 zfs_ioc_pool_scan);
5316 5316 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
5317 5317 zfs_ioc_pool_upgrade);
5318 5318 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
5319 5319 zfs_ioc_vdev_add);
5320 5320 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
5321 5321 zfs_ioc_vdev_remove);
5322 5322 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
5323 5323 zfs_ioc_vdev_set_state);
5324 5324 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
5325 5325 zfs_ioc_vdev_attach);
5326 5326 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
5327 5327 zfs_ioc_vdev_detach);
5328 5328 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
5329 5329 zfs_ioc_vdev_setpath);
5330 5330 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
5331 5331 zfs_ioc_vdev_setfru);
5332 5332 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
5333 5333 zfs_ioc_pool_set_props);
5334 5334 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
5335 5335 zfs_ioc_vdev_split);
5336 5336 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
5337 5337 zfs_ioc_pool_reguid);
5338 5338
5339 5339 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
5340 5340 zfs_ioc_pool_configs, zfs_secpolicy_none);
5341 5341 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
5342 5342 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
5343 5343 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
5344 5344 zfs_ioc_inject_fault, zfs_secpolicy_inject);
5345 5345 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
5346 5346 zfs_ioc_clear_fault, zfs_secpolicy_inject);
5347 5347 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
5348 5348 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
5349 5349
5350 5350 /*
5351 5351 * pool destroy, and export don't log the history as part of
5352 5352 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5353 5353 * does the logging of those commands.
5354 5354 */
5355 5355 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
5356 5356 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5357 5357 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
5358 5358 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5359 5359
5360 5360 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
5361 5361 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5362 5362 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
5363 5363 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5364 5364
5365 5365 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
5366 5366 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
5367 5367 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
5368 5368 zfs_ioc_dsobj_to_dsname,
5369 5369 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
5370 5370 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
5371 5371 zfs_ioc_pool_get_history,
5372 5372 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
5373 5373
5374 5374 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
5375 5375 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5376 5376
5377 5377 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
5378 5378 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5379 5379 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
5380 5380 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5381 5381
5382 5382 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
5383 5383 zfs_ioc_space_written);
5384 5384 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_HOLDS,
5385 5385 zfs_ioc_get_holds);
5386 5386 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
5387 5387 zfs_ioc_objset_recvd_props);
5388 5388 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
5389 5389 zfs_ioc_next_obj);
5390 5390 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
5391 5391 zfs_ioc_get_fsacl);
5392 5392 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
5393 5393 zfs_ioc_objset_stats);
5394 5394 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
5395 5395 zfs_ioc_objset_zplprops);
5396 5396 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
5397 5397 zfs_ioc_dataset_list_next);
5398 5398 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
5399 5399 zfs_ioc_snapshot_list_next);
5400 5400 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
5401 5401 zfs_ioc_send_progress);
5402 5402
5403 5403 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
5404 5404 zfs_ioc_diff, zfs_secpolicy_diff);
5405 5405 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
5406 5406 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
5407 5407 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
5408 5408 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
5409 5409 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
5410 5410 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
5411 5411 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
5412 5412 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
5413 5413 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
5414 5414 zfs_ioc_send, zfs_secpolicy_send);
5415 5415
5416 5416 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
5417 5417 zfs_secpolicy_none);
5418 5418 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
5419 5419 zfs_secpolicy_destroy);
5420 5420 zfs_ioctl_register_dataset_modify(ZFS_IOC_ROLLBACK, zfs_ioc_rollback,
5421 5421 zfs_secpolicy_rollback);
5422 5422 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
5423 5423 zfs_secpolicy_rename);
5424 5424 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
5425 5425 zfs_secpolicy_recv);
5426 5426 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
5427 5427 zfs_secpolicy_promote);
5428 5428 zfs_ioctl_register_dataset_modify(ZFS_IOC_HOLD, zfs_ioc_hold,
5429 5429 zfs_secpolicy_hold);
5430 5430 zfs_ioctl_register_dataset_modify(ZFS_IOC_RELEASE, zfs_ioc_release,
5431 5431 zfs_secpolicy_release);
5432 5432 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
5433 5433 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
5434 5434 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
5435 5435 zfs_secpolicy_set_fsacl);
5436 5436
5437 5437 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
5438 5438 zfs_secpolicy_share, POOL_CHECK_NONE);
5439 5439 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
5440 5440 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
5441 5441 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
5442 5442 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5443 5443 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5444 5444 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
5445 5445 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
5446 5446 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5447 5447 }
5448 5448
5449 5449 int
5450 5450 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5451 5451 zfs_ioc_poolcheck_t check)
5452 5452 {
5453 5453 spa_t *spa;
5454 5454 int error;
5455 5455
5456 5456 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5457 5457
5458 5458 if (check & POOL_CHECK_NONE)
5459 5459 return (0);
5460 5460
5461 5461 error = spa_open(name, &spa, FTAG);
5462 5462 if (error == 0) {
5463 5463 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5464 5464 error = EAGAIN;
5465 5465 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5466 5466 error = EROFS;
5467 5467 spa_close(spa, FTAG);
5468 5468 }
5469 5469 return (error);
5470 5470 }
5471 5471
5472 5472 /*
5473 5473 * Find a free minor number.
5474 5474 */
5475 5475 minor_t
5476 5476 zfsdev_minor_alloc(void)
5477 5477 {
5478 5478 static minor_t last_minor;
5479 5479 minor_t m;
5480 5480
5481 5481 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5482 5482
5483 5483 for (m = last_minor + 1; m != last_minor; m++) {
5484 5484 if (m > ZFSDEV_MAX_MINOR)
5485 5485 m = 1;
5486 5486 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5487 5487 last_minor = m;
5488 5488 return (m);
5489 5489 }
5490 5490 }
5491 5491
5492 5492 return (0);
5493 5493 }
5494 5494
5495 5495 static int
5496 5496 zfs_ctldev_init(dev_t *devp)
5497 5497 {
5498 5498 minor_t minor;
5499 5499 zfs_soft_state_t *zs;
5500 5500
5501 5501 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5502 5502 ASSERT(getminor(*devp) == 0);
5503 5503
5504 5504 minor = zfsdev_minor_alloc();
5505 5505 if (minor == 0)
5506 5506 return (ENXIO);
5507 5507
5508 5508 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5509 5509 return (EAGAIN);
5510 5510
5511 5511 *devp = makedevice(getemajor(*devp), minor);
5512 5512
5513 5513 zs = ddi_get_soft_state(zfsdev_state, minor);
5514 5514 zs->zss_type = ZSST_CTLDEV;
5515 5515 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5516 5516
5517 5517 return (0);
5518 5518 }
5519 5519
5520 5520 static void
5521 5521 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5522 5522 {
5523 5523 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5524 5524
5525 5525 zfs_onexit_destroy(zo);
5526 5526 ddi_soft_state_free(zfsdev_state, minor);
5527 5527 }
5528 5528
5529 5529 void *
5530 5530 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5531 5531 {
5532 5532 zfs_soft_state_t *zp;
5533 5533
5534 5534 zp = ddi_get_soft_state(zfsdev_state, minor);
5535 5535 if (zp == NULL || zp->zss_type != which)
5536 5536 return (NULL);
5537 5537
5538 5538 return (zp->zss_data);
5539 5539 }
5540 5540
5541 5541 static int
5542 5542 zfsdev_open(dev_t *devp, int flag, int otyp, cred_t *cr)
5543 5543 {
5544 5544 int error = 0;
5545 5545
5546 5546 if (getminor(*devp) != 0)
5547 5547 return (zvol_open(devp, flag, otyp, cr));
5548 5548
5549 5549 /* This is the control device. Allocate a new minor if requested. */
5550 5550 if (flag & FEXCL) {
5551 5551 mutex_enter(&zfsdev_state_lock);
5552 5552 error = zfs_ctldev_init(devp);
5553 5553 mutex_exit(&zfsdev_state_lock);
5554 5554 }
5555 5555
5556 5556 return (error);
5557 5557 }
5558 5558
5559 5559 static int
5560 5560 zfsdev_close(dev_t dev, int flag, int otyp, cred_t *cr)
5561 5561 {
5562 5562 zfs_onexit_t *zo;
5563 5563 minor_t minor = getminor(dev);
5564 5564
5565 5565 if (minor == 0)
5566 5566 return (0);
5567 5567
5568 5568 mutex_enter(&zfsdev_state_lock);
5569 5569 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5570 5570 if (zo == NULL) {
5571 5571 mutex_exit(&zfsdev_state_lock);
5572 5572 return (zvol_close(dev, flag, otyp, cr));
5573 5573 }
5574 5574 zfs_ctldev_destroy(zo, minor);
5575 5575 mutex_exit(&zfsdev_state_lock);
5576 5576
5577 5577 return (0);
5578 5578 }
5579 5579
5580 5580 static int
5581 5581 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp)
5582 5582 {
5583 5583 zfs_cmd_t *zc;
5584 5584 uint_t vecnum;
5585 5585 int error, rc, len;
5586 5586 minor_t minor = getminor(dev);
5587 5587 const zfs_ioc_vec_t *vec;
5588 5588 char *saved_poolname = NULL;
5589 5589 nvlist_t *innvl = NULL;
5590 5590
5591 5591 if (minor != 0 &&
5592 5592 zfsdev_get_soft_state(minor, ZSST_CTLDEV) == NULL)
5593 5593 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp));
5594 5594
5595 5595 vecnum = cmd - ZFS_IOC_FIRST;
5596 5596 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip));
5597 5597
5598 5598 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5599 5599 return (EINVAL);
5600 5600 vec = &zfs_ioc_vec[vecnum];
5601 5601
5602 5602 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
5603 5603
5604 5604 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5605 5605 if (error != 0) {
5606 5606 error = EFAULT;
5607 5607 goto out;
5608 5608 }
5609 5609
5610 5610 zc->zc_iflags = flag & FKIOCTL;
5611 5611 if (zc->zc_nvlist_src_size != 0) {
5612 5612 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
5613 5613 zc->zc_iflags, &innvl);
5614 5614 if (error != 0)
5615 5615 goto out;
5616 5616 }
5617 5617
5618 5618 /*
5619 5619 * Ensure that all pool/dataset names are valid before we pass down to
5620 5620 * the lower layers.
5621 5621 */
5622 5622 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5623 5623 switch (vec->zvec_namecheck) {
5624 5624 case POOL_NAME:
5625 5625 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5626 5626 error = EINVAL;
5627 5627 else
5628 5628 error = pool_status_check(zc->zc_name,
5629 5629 vec->zvec_namecheck, vec->zvec_pool_check);
5630 5630 break;
5631 5631
5632 5632 case DATASET_NAME:
5633 5633 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5634 5634 error = EINVAL;
5635 5635 else
5636 5636 error = pool_status_check(zc->zc_name,
5637 5637 vec->zvec_namecheck, vec->zvec_pool_check);
5638 5638 break;
5639 5639
5640 5640 case NO_NAME:
5641 5641 break;
5642 5642 }
5643 5643
5644 5644
5645 5645 if (error == 0 && !(flag & FKIOCTL))
5646 5646 error = vec->zvec_secpolicy(zc, innvl, cr);
5647 5647
5648 5648 if (error != 0)
5649 5649 goto out;
5650 5650
5651 5651 /* legacy ioctls can modify zc_name */
5652 5652 len = strcspn(zc->zc_name, "/@") + 1;
5653 5653 saved_poolname = kmem_alloc(len, KM_SLEEP);
5654 5654 (void) strlcpy(saved_poolname, zc->zc_name, len);
5655 5655
5656 5656 if (vec->zvec_func != NULL) {
5657 5657 nvlist_t *outnvl;
5658 5658 int puterror = 0;
5659 5659 spa_t *spa;
5660 5660 nvlist_t *lognv = NULL;
5661 5661
5662 5662 ASSERT(vec->zvec_legacy_func == NULL);
5663 5663
5664 5664 /*
5665 5665 * Add the innvl to the lognv before calling the func,
5666 5666 * in case the func changes the innvl.
5667 5667 */
5668 5668 if (vec->zvec_allow_log) {
5669 5669 lognv = fnvlist_alloc();
5670 5670 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
5671 5671 vec->zvec_name);
5672 5672 if (!nvlist_empty(innvl)) {
5673 5673 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
5674 5674 innvl);
5675 5675 }
5676 5676 }
5677 5677
5678 5678 outnvl = fnvlist_alloc();
5679 5679 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
5680 5680
5681 5681 if (error == 0 && vec->zvec_allow_log &&
5682 5682 spa_open(zc->zc_name, &spa, FTAG) == 0) {
5683 5683 if (!nvlist_empty(outnvl)) {
5684 5684 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
5685 5685 outnvl);
5686 5686 }
5687 5687 (void) spa_history_log_nvl(spa, lognv);
5688 5688 spa_close(spa, FTAG);
5689 5689 }
5690 5690 fnvlist_free(lognv);
5691 5691
5692 5692 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
5693 5693 int smusherror = 0;
5694 5694 if (vec->zvec_smush_outnvlist) {
5695 5695 smusherror = nvlist_smush(outnvl,
5696 5696 zc->zc_nvlist_dst_size);
5697 5697 }
5698 5698 if (smusherror == 0)
5699 5699 puterror = put_nvlist(zc, outnvl);
5700 5700 }
5701 5701
5702 5702 if (puterror != 0)
5703 5703 error = puterror;
5704 5704
5705 5705 nvlist_free(outnvl);
5706 5706 } else {
5707 5707 error = vec->zvec_legacy_func(zc);
5708 5708 }
5709 5709
5710 5710 out:
5711 5711 nvlist_free(innvl);
5712 5712 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
5713 5713 if (error == 0 && rc != 0)
5714 5714 error = EFAULT;
5715 5715 if (error == 0 && vec->zvec_allow_log) {
5716 5716 char *s = tsd_get(zfs_allow_log_key);
5717 5717 if (s != NULL)
5718 5718 strfree(s);
5719 5719 (void) tsd_set(zfs_allow_log_key, saved_poolname);
5720 5720 } else {
5721 5721 if (saved_poolname != NULL)
5722 5722 strfree(saved_poolname);
5723 5723 }
5724 5724
5725 5725 kmem_free(zc, sizeof (zfs_cmd_t));
5726 5726 return (error);
5727 5727 }
5728 5728
5729 5729 static int
5730 5730 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
5731 5731 {
5732 5732 if (cmd != DDI_ATTACH)
5733 5733 return (DDI_FAILURE);
5734 5734
5735 5735 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
5736 5736 DDI_PSEUDO, 0) == DDI_FAILURE)
5737 5737 return (DDI_FAILURE);
5738 5738
5739 5739 zfs_dip = dip;
5740 5740
5741 5741 ddi_report_dev(dip);
5742 5742
5743 5743 return (DDI_SUCCESS);
5744 5744 }
5745 5745
5746 5746 static int
5747 5747 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5748 5748 {
5749 5749 if (spa_busy() || zfs_busy() || zvol_busy())
5750 5750 return (DDI_FAILURE);
5751 5751
5752 5752 if (cmd != DDI_DETACH)
5753 5753 return (DDI_FAILURE);
5754 5754
5755 5755 zfs_dip = NULL;
5756 5756
5757 5757 ddi_prop_remove_all(dip);
5758 5758 ddi_remove_minor_node(dip, NULL);
5759 5759
5760 5760 return (DDI_SUCCESS);
5761 5761 }
5762 5762
5763 5763 /*ARGSUSED*/
5764 5764 static int
5765 5765 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
5766 5766 {
5767 5767 switch (infocmd) {
5768 5768 case DDI_INFO_DEVT2DEVINFO:
5769 5769 *result = zfs_dip;
5770 5770 return (DDI_SUCCESS);
5771 5771
5772 5772 case DDI_INFO_DEVT2INSTANCE:
5773 5773 *result = (void *)0;
5774 5774 return (DDI_SUCCESS);
5775 5775 }
5776 5776
5777 5777 return (DDI_FAILURE);
5778 5778 }
5779 5779
5780 5780 /*
5781 5781 * OK, so this is a little weird.
5782 5782 *
5783 5783 * /dev/zfs is the control node, i.e. minor 0.
5784 5784 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
5785 5785 *
5786 5786 * /dev/zfs has basically nothing to do except serve up ioctls,
5787 5787 * so most of the standard driver entry points are in zvol.c.
5788 5788 */
5789 5789 static struct cb_ops zfs_cb_ops = {
5790 5790 zfsdev_open, /* open */
5791 5791 zfsdev_close, /* close */
5792 5792 zvol_strategy, /* strategy */
5793 5793 nodev, /* print */
5794 5794 zvol_dump, /* dump */
5795 5795 zvol_read, /* read */
5796 5796 zvol_write, /* write */
5797 5797 zfsdev_ioctl, /* ioctl */
5798 5798 nodev, /* devmap */
5799 5799 nodev, /* mmap */
5800 5800 nodev, /* segmap */
5801 5801 nochpoll, /* poll */
5802 5802 ddi_prop_op, /* prop_op */
5803 5803 NULL, /* streamtab */
5804 5804 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
5805 5805 CB_REV, /* version */
5806 5806 nodev, /* async read */
5807 5807 nodev, /* async write */
5808 5808 };
5809 5809
5810 5810 static struct dev_ops zfs_dev_ops = {
5811 5811 DEVO_REV, /* version */
5812 5812 0, /* refcnt */
5813 5813 zfs_info, /* info */
5814 5814 nulldev, /* identify */
5815 5815 nulldev, /* probe */
5816 5816 zfs_attach, /* attach */
5817 5817 zfs_detach, /* detach */
5818 5818 nodev, /* reset */
5819 5819 &zfs_cb_ops, /* driver operations */
5820 5820 NULL, /* no bus operations */
5821 5821 NULL, /* power */
5822 5822 ddi_quiesce_not_needed, /* quiesce */
5823 5823 };
5824 5824
5825 5825 static struct modldrv zfs_modldrv = {
5826 5826 &mod_driverops,
5827 5827 "ZFS storage pool",
5828 5828 &zfs_dev_ops
5829 5829 };
5830 5830
5831 5831 static struct modlinkage modlinkage = {
5832 5832 MODREV_1,
5833 5833 (void *)&zfs_modlfs,
5834 5834 (void *)&zfs_modldrv,
5835 5835 NULL
5836 5836 };
5837 5837
5838 5838 static void
5839 5839 zfs_allow_log_destroy(void *arg)
5840 5840 {
5841 5841 char *poolname = arg;
5842 5842 strfree(poolname);
5843 5843 }
5844 5844
5845 5845 int
5846 5846 _init(void)
5847 5847 {
5848 5848 int error;
5849 5849
5850 5850 spa_init(FREAD | FWRITE);
5851 5851 zfs_init();
5852 5852 zvol_init();
5853 5853 zfs_ioctl_init();
5854 5854
5855 5855 if ((error = mod_install(&modlinkage)) != 0) {
5856 5856 zvol_fini();
5857 5857 zfs_fini();
5858 5858 spa_fini();
5859 5859 return (error);
5860 5860 }
5861 5861
5862 5862 tsd_create(&zfs_fsyncer_key, NULL);
5863 5863 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
5864 5864 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
5865 5865
5866 5866 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
5867 5867 ASSERT(error == 0);
5868 5868 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5869 5869
5870 5870 return (0);
5871 5871 }
5872 5872
5873 5873 int
5874 5874 _fini(void)
5875 5875 {
5876 5876 int error;
5877 5877
5878 5878 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
5879 5879 return (EBUSY);
5880 5880
5881 5881 if ((error = mod_remove(&modlinkage)) != 0)
5882 5882 return (error);
5883 5883
5884 5884 zvol_fini();
5885 5885 zfs_fini();
5886 5886 spa_fini();
5887 5887 if (zfs_nfsshare_inited)
5888 5888 (void) ddi_modclose(nfs_mod);
5889 5889 if (zfs_smbshare_inited)
5890 5890 (void) ddi_modclose(smbsrv_mod);
5891 5891 if (zfs_nfsshare_inited || zfs_smbshare_inited)
5892 5892 (void) ddi_modclose(sharefs_mod);
5893 5893
5894 5894 tsd_destroy(&zfs_fsyncer_key);
5895 5895 ldi_ident_release(zfs_li);
5896 5896 zfs_li = NULL;
5897 5897 mutex_destroy(&zfs_share_lock);
5898 5898
5899 5899 return (error);
5900 5900 }
5901 5901
5902 5902 int
5903 5903 _info(struct modinfo *modinfop)
5904 5904 {
5905 5905 return (mod_info(&modlinkage, modinfop));
5906 5906 }
|
↓ open down ↓ |
3935 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX