]> git.proxmox.com Git - mirror_zfs.git/blame - lib/libzfs/libzfs_sendrecv.c
projects / mirror_zfs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Don't call arc_buf_destroy on unallocated arc_buf
[mirror_zfs.git] / lib / libzfs / libzfs_sendrecv.c
CommitLineData
34dc7c2f
BB		 1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
428870ff 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
30af21b0 24 * Copyright (c) 2011, 2018 by Delphix. All rights reserved.
37abac6d 25 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
95fd54a1 26 * Copyright (c) 2012 Pawel Jakub Dawidek <pawel@dawidek.net>.
0cee2406 27 * All rights reserved
95fd54a1 28 * Copyright (c) 2013 Steven Hartland. All rights reserved.
671c9354 29 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
23d70cde 30 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
d8d418ff 31 * Copyright (c) 2018, loli10K <ezomori.nozomu@gmail.com>. All rights reserved.
4c0883fb 32 * Copyright (c) 2019 Datto Inc.
34dc7c2f
BB		 33 */
34
34dc7c2f
BB		 35#include <assert.h>
36#include <ctype.h>
37#include <errno.h>
34dc7c2f
BB		 38#include <libintl.h>
39#include <stdio.h>
40#include <stdlib.h>
41#include <strings.h>
42#include <unistd.h>
43#include <stddef.h>
44#include <fcntl.h>
45#include <sys/mount.h>
9b020fd9
BB		 46#include <sys/mntent.h>
47#include <sys/mnttab.h>
48#include <sys/avl.h>
49#include <sys/debug.h>
5c3f61eb 50#include <sys/stat.h>
9b020fd9 51#include <stddef.h>
428870ff
BB		 52#include <pthread.h>
53#include <umem.h>
37abac6d 54#include <time.h>
34dc7c2f
BB		 55
56#include <libzfs.h>
9b67f605 57#include <libzfs_core.h>
e89f1295 58#include <libzutil.h>
34dc7c2f
BB		 59
60#include "zfs_namecheck.h"
61#include "zfs_prop.h"
428870ff 62#include "zfs_fletcher.h"
34dc7c2f 63#include "libzfs_impl.h"
47dfff3b 64#include <zlib.h>
428870ff 65#include <sys/zio_checksum.h>
b5256303 66#include <sys/dsl_crypt.h>
428870ff 67#include <sys/ddt.h>
1b9d8c34 68#include <sys/socket.h>
3c67d83a 69#include <sys/sha2.h>
34dc7c2f 70
428870ff
BB		 71/* in libzfs_dataset.c */
72extern void zfs_setprop_error(libzfs_handle_t *, zfs_prop_t, int, char *);
34dc7c2f 73
fcff0f35
PD		 74static int zfs_receive_impl(libzfs_handle_t *, const char *, const char *,
75 recvflags_t *, int, const char *, nvlist_t *, avl_tree_t *, char **, int,
a3eeab2d 76 uint64_t *, const char *, nvlist_t *);
30af21b0
PD		 77static int guid_to_name_redact_snaps(libzfs_handle_t *hdl, const char *parent,
78 uint64_t guid, boolean_t bookmark_ok, uint64_t *redact_snap_guids,
79 uint64_t num_redact_snaps, char *name);
47dfff3b
MA		 80static int guid_to_name(libzfs_handle_t *, const char *,
81 uint64_t, boolean_t, char *);
428870ff 82
2598c001 83static const zio_cksum_t zero_cksum = { { 0 } };
428870ff
BB		 84
85typedef struct dedup_arg {
86 int inputfd;
87 int outputfd;
88 libzfs_handle_t *dedup_hdl;
89} dedup_arg_t;
90
37abac6d
BP		 91typedef struct progress_arg {
92 zfs_handle_t *pa_zhp;
93 int pa_fd;
94 boolean_t pa_parsable;
30af21b0
PD		 95 boolean_t pa_estimate;
96 int pa_verbosity;
37abac6d
BP		 97} progress_arg_t;
98
428870ff
BB		 99typedef struct dataref {
100 uint64_t ref_guid;
101 uint64_t ref_object;
102 uint64_t ref_offset;
103} dataref_t;
104
105typedef struct dedup_entry {
106 struct dedup_entry *dde_next;
107 zio_cksum_t dde_chksum;
108 uint64_t dde_prop;
109 dataref_t dde_ref;
110} dedup_entry_t;
111
112#define MAX_DDT_PHYSMEM_PERCENT 20
113#define SMALLEST_POSSIBLE_MAX_DDT_MB 128
114
115typedef struct dedup_table {
116 dedup_entry_t **dedup_hash_array;
117 umem_cache_t *ddecache;
118 uint64_t max_ddt_size; /* max dedup table size in bytes */
119 uint64_t cur_ddt_size; /* current dedup table size in bytes */
120 uint64_t ddt_count;
121 int numhashbits;
122 boolean_t ddt_full;
123} dedup_table_t;
124
125static int
126high_order_bit(uint64_t n)
127{
128 int count;
129
130 for (count = 0; n != 0; count++)
131 n >>= 1;
132 return (count);
133}
134
135static size_t
136ssread(void *buf, size_t len, FILE *stream)
137{
138 size_t outlen;
139
140 if ((outlen = fread(buf, len, 1, stream)) == 0)
141 return (0);
142
143 return (outlen);
144}
145
146static void
147ddt_hash_append(libzfs_handle_t *hdl, dedup_table_t *ddt, dedup_entry_t **ddepp,
148 zio_cksum_t *cs, uint64_t prop, dataref_t *dr)
149{
150 dedup_entry_t *dde;
151
152 if (ddt->cur_ddt_size >= ddt->max_ddt_size) {
153 if (ddt->ddt_full == B_FALSE) {
154 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
155 "Dedup table full. Deduplication will continue "
156 "with existing table entries"));
157 ddt->ddt_full = B_TRUE;
158 }
159 return;
160 }
161
162 if ((dde = umem_cache_alloc(ddt->ddecache, UMEM_DEFAULT))
163 != NULL) {
164 assert(*ddepp == NULL);
165 dde->dde_next = NULL;
166 dde->dde_chksum = *cs;
167 dde->dde_prop = prop;
168 dde->dde_ref = *dr;
169 *ddepp = dde;
170 ddt->cur_ddt_size += sizeof (dedup_entry_t);
171 ddt->ddt_count++;
172 }
173}
174
175/*
176 * Using the specified dedup table, do a lookup for an entry with
177 * the checksum cs. If found, return the block's reference info
178 * in *dr. Otherwise, insert a new entry in the dedup table, using
179 * the reference information specified by *dr.
180 *
181 * return value: true - entry was found
182 * false - entry was not found
183 */
184static boolean_t
185ddt_update(libzfs_handle_t *hdl, dedup_table_t *ddt, zio_cksum_t *cs,
186 uint64_t prop, dataref_t *dr)
187{
188 uint32_t hashcode;
189 dedup_entry_t **ddepp;
190
191 hashcode = BF64_GET(cs->zc_word[0], 0, ddt->numhashbits);
192
193 for (ddepp = &(ddt->dedup_hash_array[hashcode]); *ddepp != NULL;
194 ddepp = &((*ddepp)->dde_next)) {
195 if (ZIO_CHECKSUM_EQUAL(((*ddepp)->dde_chksum), *cs) &&
196 (*ddepp)->dde_prop == prop) {
197 *dr = (*ddepp)->dde_ref;
198 return (B_TRUE);
199 }
200 }
201 ddt_hash_append(hdl, ddt, ddepp, cs, prop, dr);
202 return (B_FALSE);
203}
204
205static int
37f8a883
MA		 206dump_record(dmu_replay_record_t *drr, void *payload, int payload_len,
207 zio_cksum_t *zc, int outfd)
428870ff 208{
37f8a883
MA		 209 ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
210 ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t));
211 fletcher_4_incremental_native(drr,
212 offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), zc);
213 if (drr->drr_type != DRR_BEGIN) {
214 ASSERT(ZIO_CHECKSUM_IS_ZERO(&drr->drr_u.
215 drr_checksum.drr_checksum));
216 drr->drr_u.drr_checksum.drr_checksum = *zc;
217 }
218 fletcher_4_incremental_native(&drr->drr_u.drr_checksum.drr_checksum,
219 sizeof (zio_cksum_t), zc);
220 if (write(outfd, drr, sizeof (*drr)) == -1)
221 return (errno);
222 if (payload_len != 0) {
223 fletcher_4_incremental_native(payload, payload_len, zc);
224 if (write(outfd, payload, payload_len) == -1)
225 return (errno);
226 }
227 return (0);
428870ff
BB		 228}
229
230/*
231 * This function is started in a separate thread when the dedup option
232 * has been requested. The main send thread determines the list of
233 * snapshots to be included in the send stream and makes the ioctl calls
234 * for each one. But instead of having the ioctl send the output to the
235 * the output fd specified by the caller of zfs_send()), the
236 * ioctl is told to direct the output to a pipe, which is read by the
237 * alternate thread running THIS function. This function does the
238 * dedup'ing by:
239 * 1. building a dedup table (the DDT)
240 * 2. doing checksums on each data block and inserting a record in the DDT
241 * 3. looking for matching checksums, and
242 * 4. sending a DRR_WRITE_BYREF record instead of a write record whenever
243 * a duplicate block is found.
244 * The output of this function then goes to the output fd requested
245 * by the caller of zfs_send().
246 */
247static void *
248cksummer(void *arg)
249{
250 dedup_arg_t *dda = arg;
f1512ee6 251 char *buf = zfs_alloc(dda->dedup_hdl, SPA_MAXBLOCKSIZE);
47dfff3b 252 dmu_replay_record_t thedrr = { 0 };
428870ff 253 dmu_replay_record_t *drr = &thedrr;
428870ff
BB		 254 FILE *ofp;
255 int outfd;
428870ff
BB		 256 dedup_table_t ddt;
257 zio_cksum_t stream_cksum;
428870ff
BB		 258 uint64_t numbuckets;
259
2e0e443a
GM		 260#ifdef _ILP32
261 ddt.max_ddt_size = SMALLEST_POSSIBLE_MAX_DDT_MB << 20;
262#else
263 uint64_t physmem = sysconf(_SC_PHYS_PAGES) * sysconf(_SC_PAGESIZE);
428870ff 264 ddt.max_ddt_size =
37f8a883
MA		 265 MAX((physmem * MAX_DDT_PHYSMEM_PERCENT) / 100,
266 SMALLEST_POSSIBLE_MAX_DDT_MB << 20);
2e0e443a 267#endif
428870ff 268
37f8a883 269 numbuckets = ddt.max_ddt_size / (sizeof (dedup_entry_t));
428870ff
BB		 270
271 /*
272 * numbuckets must be a power of 2. Increase number to
273 * a power of 2 if necessary.
274 */
275 if (!ISP2(numbuckets))
f4bae2ed 276 numbuckets = 1ULL << high_order_bit(numbuckets);
428870ff
BB		 277
278 ddt.dedup_hash_array = calloc(numbuckets, sizeof (dedup_entry_t *));
279 ddt.ddecache = umem_cache_create("dde", sizeof (dedup_entry_t), 0,
280 NULL, NULL, NULL, NULL, NULL, 0);
281 ddt.cur_ddt_size = numbuckets * sizeof (dedup_entry_t *);
282 ddt.numhashbits = high_order_bit(numbuckets) - 1;
283 ddt.ddt_full = B_FALSE;
284
428870ff
BB		 285 outfd = dda->outputfd;
286 ofp = fdopen(dda->inputfd, "r");
37f8a883 287 while (ssread(drr, sizeof (*drr), ofp) != 0) {
428870ff 288
e2454897
GM		 289 /*
290 * kernel filled in checksum, we are going to write same
291 * record, but need to regenerate checksum.
292 */
293 if (drr->drr_type != DRR_BEGIN) {
294 bzero(&drr->drr_u.drr_checksum.drr_checksum,
295 sizeof (drr->drr_u.drr_checksum.drr_checksum));
296 }
297
428870ff
BB		 298 switch (drr->drr_type) {
299 case DRR_BEGIN:
300 {
37f8a883
MA		 301 struct drr_begin *drrb = &drr->drr_u.drr_begin;
302 int fflags;
303 int sz = 0;
428870ff
BB		 304 ZIO_SET_CHECKSUM(&stream_cksum, 0, 0, 0, 0);
305
37f8a883
MA		 306 ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC);
307
428870ff
BB		 308 /* set the DEDUP feature flag for this stream */
309 fflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
310 fflags |= (DMU_BACKUP_FEATURE_DEDUP |
311 DMU_BACKUP_FEATURE_DEDUPPROPS);
312 DMU_SET_FEATUREFLAGS(drrb->drr_versioninfo, fflags);
313
47dfff3b 314 if (drr->drr_payloadlen != 0) {
37f8a883 315 sz = drr->drr_payloadlen;
428870ff 316
f1512ee6
MA		 317 if (sz > SPA_MAXBLOCKSIZE) {
318 buf = zfs_realloc(dda->dedup_hdl, buf,
319 SPA_MAXBLOCKSIZE, sz);
428870ff
BB		 320 }
321 (void) ssread(buf, sz, ofp);
322 if (ferror(stdin))
323 perror("fread");
428870ff 324 }
37f8a883
MA		 325 if (dump_record(drr, buf, sz, &stream_cksum,
326 outfd) != 0)
327 goto out;
428870ff
BB		 328 break;
329 }
330
331 case DRR_END:
332 {
37f8a883 333 struct drr_end *drre = &drr->drr_u.drr_end;
428870ff 334 /* use the recalculated checksum */
37f8a883
MA		 335 drre->drr_checksum = stream_cksum;
336 if (dump_record(drr, NULL, 0, &stream_cksum,
337 outfd) != 0)
428870ff
BB		 338 goto out;
339 break;
340 }
341
342 case DRR_OBJECT:
343 {
37f8a883 344 struct drr_object *drro = &drr->drr_u.drr_object;
428870ff
BB		 345 if (drro->drr_bonuslen > 0) {
346 (void) ssread(buf,
b5256303 347 DRR_OBJECT_PAYLOAD_SIZE(drro), ofp);
428870ff 348 }
b5256303 349 if (dump_record(drr, buf, DRR_OBJECT_PAYLOAD_SIZE(drro),
37f8a883
MA		 350 &stream_cksum, outfd) != 0)
351 goto out;
428870ff
BB		 352 break;
353 }
354
355 case DRR_SPILL:
356 {
37f8a883 357 struct drr_spill *drrs = &drr->drr_u.drr_spill;
b5256303
TC		 358 (void) ssread(buf, DRR_SPILL_PAYLOAD_SIZE(drrs), ofp);
359 if (dump_record(drr, buf, DRR_SPILL_PAYLOAD_SIZE(drrs),
37f8a883 360 &stream_cksum, outfd) != 0)
428870ff
BB		 361 goto out;
362 break;
363 }
364
365 case DRR_FREEOBJECTS:
366 {
37f8a883
MA		 367 if (dump_record(drr, NULL, 0, &stream_cksum,
368 outfd) != 0)
428870ff
BB		 369 goto out;
370 break;
371 }
372
373 case DRR_WRITE:
374 {
37f8a883 375 struct drr_write *drrw = &drr->drr_u.drr_write;
428870ff 376 dataref_t dataref;
2aa34383 377 uint64_t payload_size;
428870ff 378
2aa34383
DK		 379 payload_size = DRR_WRITE_PAYLOAD_SIZE(drrw);
380 (void) ssread(buf, payload_size, ofp);
428870ff
BB		 381
382 /*
383 * Use the existing checksum if it's dedup-capable,
384 * else calculate a SHA256 checksum for it.
385 */
386
387 if (ZIO_CHECKSUM_EQUAL(drrw->drr_key.ddk_cksum,
388 zero_cksum) ||
b5256303 389 !DRR_IS_DEDUP_CAPABLE(drrw->drr_flags)) {
a6255b7f 390 SHA2_CTX ctx;
9c905c55
BB		 391 zio_cksum_t tmpsha256;
392
a6255b7f
DQ		 393 SHA2Init(SHA256, &ctx);
394 SHA2Update(&ctx, buf, payload_size);
395 SHA2Final(&tmpsha256, &ctx);
428870ff 396
428870ff
BB		 397 drrw->drr_key.ddk_cksum.zc_word[0] =
398 BE_64(tmpsha256.zc_word[0]);
399 drrw->drr_key.ddk_cksum.zc_word[1] =
400 BE_64(tmpsha256.zc_word[1]);
401 drrw->drr_key.ddk_cksum.zc_word[2] =
402 BE_64(tmpsha256.zc_word[2]);
403 drrw->drr_key.ddk_cksum.zc_word[3] =
404 BE_64(tmpsha256.zc_word[3]);
405 drrw->drr_checksumtype = ZIO_CHECKSUM_SHA256;
b5256303 406 drrw->drr_flags |= DRR_CHECKSUM_DEDUP;
428870ff
BB		 407 }
408
409 dataref.ref_guid = drrw->drr_toguid;
410 dataref.ref_object = drrw->drr_object;
411 dataref.ref_offset = drrw->drr_offset;
412
413 if (ddt_update(dda->dedup_hdl, &ddt,
414 &drrw->drr_key.ddk_cksum, drrw->drr_key.ddk_prop,
415 &dataref)) {
37f8a883
MA		 416 dmu_replay_record_t wbr_drr = {0};
417 struct drr_write_byref *wbr_drrr =
418 &wbr_drr.drr_u.drr_write_byref;
419
428870ff 420 /* block already present in stream */
37f8a883
MA		 421 wbr_drr.drr_type = DRR_WRITE_BYREF;
422
428870ff
BB		 423 wbr_drrr->drr_object = drrw->drr_object;
424 wbr_drrr->drr_offset = drrw->drr_offset;
2aa34383 425 wbr_drrr->drr_length = drrw->drr_logical_size;
428870ff
BB		 426 wbr_drrr->drr_toguid = drrw->drr_toguid;
427 wbr_drrr->drr_refguid = dataref.ref_guid;
428 wbr_drrr->drr_refobject =
429 dataref.ref_object;
430 wbr_drrr->drr_refoffset =
431 dataref.ref_offset;
432
433 wbr_drrr->drr_checksumtype =
434 drrw->drr_checksumtype;
b5256303 435 wbr_drrr->drr_flags = drrw->drr_flags;
428870ff
BB		 436 wbr_drrr->drr_key.ddk_cksum =
437 drrw->drr_key.ddk_cksum;
438 wbr_drrr->drr_key.ddk_prop =
439 drrw->drr_key.ddk_prop;
440
37f8a883
MA		 441 if (dump_record(&wbr_drr, NULL, 0,
442 &stream_cksum, outfd) != 0)
428870ff
BB		 443 goto out;
444 } else {
445 /* block not previously seen */
2aa34383 446 if (dump_record(drr, buf, payload_size,
37f8a883 447 &stream_cksum, outfd) != 0)
428870ff
BB		 448 goto out;
449 }
450 break;
451 }
452
9b67f605
MA		 453 case DRR_WRITE_EMBEDDED:
454 {
37f8a883
MA		 455 struct drr_write_embedded *drrwe =
456 &drr->drr_u.drr_write_embedded;
9b67f605
MA		 457 (void) ssread(buf,
458 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8), ofp);
37f8a883 459 if (dump_record(drr, buf,
9b67f605 460 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8),
37f8a883 461 &stream_cksum, outfd) != 0)
9b67f605
MA		 462 goto out;
463 break;
464 }
465
428870ff
BB		 466 case DRR_FREE:
467 {
37f8a883
MA		 468 if (dump_record(drr, NULL, 0, &stream_cksum,
469 outfd) != 0)
428870ff
BB		 470 goto out;
471 break;
472 }
473
b5256303
TC		 474 case DRR_OBJECT_RANGE:
475 {
476 if (dump_record(drr, NULL, 0, &stream_cksum,
477 outfd) != 0)
478 goto out;
479 break;
480 }
481
428870ff 482 default:
37f8a883 483 (void) fprintf(stderr, "INVALID record type 0x%x\n",
428870ff
BB		 484 drr->drr_type);
485 /* should never happen, so assert */
486 assert(B_FALSE);
487 }
488 }
489out:
490 umem_cache_destroy(ddt.ddecache);
491 free(ddt.dedup_hash_array);
492 free(buf);
493 (void) fclose(ofp);
494
495 return (NULL);
496}
b128c09f 497
34dc7c2f
BB		 498/*
499 * Routines for dealing with the AVL tree of fs-nvlists
500 */
501typedef struct fsavl_node {
502 avl_node_t fn_node;
503 nvlist_t *fn_nvfs;
504 char *fn_snapname;
505 uint64_t fn_guid;
506} fsavl_node_t;
507
508static int
509fsavl_compare(const void *arg1, const void *arg2)
510{
ee36c709
GN		 511 const fsavl_node_t *fn1 = (const fsavl_node_t *)arg1;
512 const fsavl_node_t *fn2 = (const fsavl_node_t *)arg2;
513
ca577779 514 return (TREE_CMP(fn1->fn_guid, fn2->fn_guid));
34dc7c2f
BB		 515}
516
517/*
518 * Given the GUID of a snapshot, find its containing filesystem and
519 * (optionally) name.
520 */
521static nvlist_t *
522fsavl_find(avl_tree_t *avl, uint64_t snapguid, char **snapname)
523{
524 fsavl_node_t fn_find;
525 fsavl_node_t *fn;
526
527 fn_find.fn_guid = snapguid;
528
529 fn = avl_find(avl, &fn_find, NULL);
530 if (fn) {
531 if (snapname)
532 *snapname = fn->fn_snapname;
533 return (fn->fn_nvfs);
534 }
535 return (NULL);
536}
537
538static void
539fsavl_destroy(avl_tree_t *avl)
540{
541 fsavl_node_t *fn;
542 void *cookie;
543
544 if (avl == NULL)
545 return;
546
547 cookie = NULL;
548 while ((fn = avl_destroy_nodes(avl, &cookie)) != NULL)
549 free(fn);
550 avl_destroy(avl);
551 free(avl);
552}
553
45d1cae3
BB		 554/*
555 * Given an nvlist, produce an avl tree of snapshots, ordered by guid
556 */
34dc7c2f
BB		 557static avl_tree_t *
558fsavl_create(nvlist_t *fss)
559{
560 avl_tree_t *fsavl;
561 nvpair_t *fselem = NULL;
562
563 if ((fsavl = malloc(sizeof (avl_tree_t))) == NULL)
564 return (NULL);
565
566 avl_create(fsavl, fsavl_compare, sizeof (fsavl_node_t),
567 offsetof(fsavl_node_t, fn_node));
568
569 while ((fselem = nvlist_next_nvpair(fss, fselem)) != NULL) {
570 nvlist_t *nvfs, *snaps;
571 nvpair_t *snapelem = NULL;
572
573 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs));
574 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps));
575
576 while ((snapelem =
577 nvlist_next_nvpair(snaps, snapelem)) != NULL) {
578 fsavl_node_t *fn;
579 uint64_t guid;
580
581 VERIFY(0 == nvpair_value_uint64(snapelem, &guid));
582 if ((fn = malloc(sizeof (fsavl_node_t))) == NULL) {
583 fsavl_destroy(fsavl);
584 return (NULL);
585 }
586 fn->fn_nvfs = nvfs;
587 fn->fn_snapname = nvpair_name(snapelem);
588 fn->fn_guid = guid;
589
590 /*
591 * Note: if there are multiple snaps with the
592 * same GUID, we ignore all but one.
593 */
594 if (avl_find(fsavl, fn, NULL) == NULL)
595 avl_add(fsavl, fn);
596 else
597 free(fn);
598 }
599 }
600
601 return (fsavl);
602}
603
604/*
605 * Routines for dealing with the giant nvlist of fs-nvlists, etc.
606 */
607typedef struct send_data {
66356240
K		 608 /*
609 * assigned inside every recursive call,
610 * restored from *_save on return:
611 *
612 * guid of fromsnap snapshot in parent dataset
613 * txg of fromsnap snapshot in current dataset
614 * txg of tosnap snapshot in current dataset
615 */
616
34dc7c2f 617 uint64_t parent_fromsnap_guid;
66356240
K		 618 uint64_t fromsnap_txg;
619 uint64_t tosnap_txg;
620
621 /* the nvlists get accumulated during depth-first traversal */
34dc7c2f
BB		 622 nvlist_t *parent_snaps;
623 nvlist_t *fss;
b128c09f 624 nvlist_t *snapprops;
9c5e88b1 625 nvlist_t *snapholds; /* user holds */
66356240
K		 626
627 /* send-receive configuration, does not change during traversal */
628 const char *fsname;
34dc7c2f
BB		 629 const char *fromsnap;
630 const char *tosnap;
428870ff 631 boolean_t recursive;
4c0883fb 632 boolean_t raw;
f94b3cbf 633 boolean_t doall;
4c0883fb 634 boolean_t replicate;
66356240 635 boolean_t verbose;
4c0883fb 636 boolean_t backup;
05748550
AG		 637 boolean_t seenfrom;
638 boolean_t seento;
9c5e88b1
PZ		 639 boolean_t holds; /* were holds requested with send -h */
640 boolean_t props;
34dc7c2f
BB		 641
642 /*
643 * The header nvlist is of the following format:
644 * {
645 * "tosnap" -> string
646 * "fromsnap" -> string (if incremental)
647 * "fss" -> {
648 * id -> {
649 *
650 * "name" -> string (full name; for debugging)
651 * "parentfromsnap" -> number (guid of fromsnap in parent)
652 *
653 * "props" -> { name -> value (only if set here) }
654 * "snaps" -> { name (lastname) -> number (guid) }
b128c09f 655 * "snapprops" -> { name (lastname) -> { name -> value } }
9c5e88b1 656 * "snapholds" -> { name (lastname) -> { holdname -> crtime } }
34dc7c2f
BB		 657 *
658 * "origin" -> number (guid) (if clone)
b5256303 659 * "is_encroot" -> boolean
34dc7c2f
BB		 660 * "sent" -> boolean (not on-disk)
661 * }
662 * }
663 * }
664 *
665 */
666} send_data_t;
667
faa97c16 668static void
669send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv);
b128c09f 670
34dc7c2f
BB		 671static int
672send_iterate_snap(zfs_handle_t *zhp, void *arg)
673{
674 send_data_t *sd = arg;
675 uint64_t guid = zhp->zfs_dmustats.dds_guid;
66356240 676 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg;
34dc7c2f 677 char *snapname;
b128c09f 678 nvlist_t *nv;
e890dd85 679 boolean_t isfromsnap, istosnap, istosnapwithnofrom;
34dc7c2f
BB		 680
681 snapname = strrchr(zhp->zfs_name, '@')+1;
05748550
AG		 682 isfromsnap = (sd->fromsnap != NULL &&
683 strcmp(sd->fromsnap, snapname) == 0);
684 istosnap = (sd->tosnap != NULL && (strcmp(sd->tosnap, snapname) == 0));
e890dd85 685 istosnapwithnofrom = (istosnap && sd->fromsnap == NULL);
34dc7c2f 686
66356240
K		 687 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) {
688 if (sd->verbose) {
689 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
690 "skipping snapshot %s because it was created "
691 "after the destination snapshot (%s)\n"),
692 zhp->zfs_name, sd->tosnap);
693 }
694 zfs_close(zhp);
695 return (0);
696 }
697
e890dd85 698 VERIFY(0 == nvlist_add_uint64(sd->parent_snaps, snapname, guid));
34dc7c2f
BB		 699 /*
700 * NB: if there is no fromsnap here (it's a newly created fs in
701 * an incremental replication), we will substitute the tosnap.
702 */
05748550 703 if (isfromsnap || (sd->parent_fromsnap_guid == 0 && istosnap)) {
34dc7c2f
BB		 704 sd->parent_fromsnap_guid = guid;
705 }
706
05748550
AG		 707 if (!sd->recursive) {
708 if (!sd->seenfrom && isfromsnap) {
709 sd->seenfrom = B_TRUE;
710 zfs_close(zhp);
711 return (0);
712 }
713
e890dd85 714 if ((sd->seento || !sd->seenfrom) && !istosnapwithnofrom) {
05748550
AG		 715 zfs_close(zhp);
716 return (0);
717 }
718
719 if (istosnap)
720 sd->seento = B_TRUE;
721 }
722
b128c09f 723 VERIFY(0 == nvlist_alloc(&nv, NV_UNIQUE_NAME, 0));
faa97c16 724 send_iterate_prop(zhp, sd->backup, nv);
b128c09f
BB		 725 VERIFY(0 == nvlist_add_nvlist(sd->snapprops, snapname, nv));
726 nvlist_free(nv);
9c5e88b1
PZ		 727 if (sd->holds) {
728 nvlist_t *holds = fnvlist_alloc();
729 int err = lzc_get_holds(zhp->zfs_name, &holds);
730 if (err == 0) {
731 VERIFY(0 == nvlist_add_nvlist(sd->snapholds,
732 snapname, holds));
733 }
734 fnvlist_free(holds);
735 }
b128c09f 736
34dc7c2f
BB		 737 zfs_close(zhp);
738 return (0);
739}
740
741static void
faa97c16 742send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv)
34dc7c2f 743{
faa97c16 744 nvlist_t *props = NULL;
34dc7c2f
BB		 745 nvpair_t *elem = NULL;
746
faa97c16 747 if (received_only)
748 props = zfs_get_recvd_props(zhp);
749 else
750 props = zhp->zfs_props;
751
752 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) {
34dc7c2f
BB		 753 char *propname = nvpair_name(elem);
754 zfs_prop_t prop = zfs_name_to_prop(propname);
755 nvlist_t *propnv;
756
428870ff
BB		 757 if (!zfs_prop_user(propname)) {
758 /*
759 * Realistically, this should never happen. However,
760 * we want the ability to add DSL properties without
761 * needing to make incompatible version changes. We
762 * need to ignore unknown properties to allow older
763 * software to still send datasets containing these
764 * properties, with the unknown properties elided.
765 */
766 if (prop == ZPROP_INVAL)
767 continue;
9babb374 768
428870ff
BB		 769 if (zfs_prop_readonly(prop))
770 continue;
771 }
34dc7c2f
BB		 772
773 verify(nvpair_value_nvlist(elem, &propnv) == 0);
45d1cae3
BB		 774 if (prop == ZFS_PROP_QUOTA || prop == ZFS_PROP_RESERVATION ||
775 prop == ZFS_PROP_REFQUOTA ||
776 prop == ZFS_PROP_REFRESERVATION) {
428870ff 777 char *source;
34dc7c2f
BB		 778 uint64_t value;
779 verify(nvlist_lookup_uint64(propnv,
780 ZPROP_VALUE, &value) == 0);
b128c09f
BB		 781 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT)
782 continue;
428870ff
BB		 783 /*
784 * May have no source before SPA_VERSION_RECVD_PROPS,
785 * but is still modifiable.
786 */
787 if (nvlist_lookup_string(propnv,
788 ZPROP_SOURCE, &source) == 0) {
789 if ((strcmp(source, zhp->zfs_name) != 0) &&
790 (strcmp(source,
791 ZPROP_SOURCE_VAL_RECVD) != 0))
792 continue;
793 }
34dc7c2f
BB		 794 } else {
795 char *source;
796 if (nvlist_lookup_string(propnv,
797 ZPROP_SOURCE, &source) != 0)
798 continue;
428870ff
BB		 799 if ((strcmp(source, zhp->zfs_name) != 0) &&
800 (strcmp(source, ZPROP_SOURCE_VAL_RECVD) != 0))
34dc7c2f
BB		 801 continue;
802 }
803
804 if (zfs_prop_user(propname) ||
805 zfs_prop_get_type(prop) == PROP_TYPE_STRING) {
806 char *value;
807 verify(nvlist_lookup_string(propnv,
808 ZPROP_VALUE, &value) == 0);
809 VERIFY(0 == nvlist_add_string(nv, propname, value));
810 } else {
811 uint64_t value;
812 verify(nvlist_lookup_uint64(propnv,
813 ZPROP_VALUE, &value) == 0);
814 VERIFY(0 == nvlist_add_uint64(nv, propname, value));
815 }
816 }
817}
818
66356240
K		 819/*
820 * returns snapshot creation txg
821 * and returns 0 if the snapshot does not exist
822 */
823static uint64_t
824get_snap_txg(libzfs_handle_t *hdl, const char *fs, const char *snap)
825{
826 char name[ZFS_MAX_DATASET_NAME_LEN];
827 uint64_t txg = 0;
828
829 if (fs == NULL || fs[0] == '\0' || snap == NULL || snap[0] == '\0')
830 return (txg);
831
832 (void) snprintf(name, sizeof (name), "%s@%s", fs, snap);
833 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_SNAPSHOT)) {
834 zfs_handle_t *zhp = zfs_open(hdl, name, ZFS_TYPE_SNAPSHOT);
835 if (zhp != NULL) {
836 txg = zfs_prop_get_int(zhp, ZFS_PROP_CREATETXG);
837 zfs_close(zhp);
838 }
839 }
840
841 return (txg);
842}
843
45d1cae3
BB		 844/*
845 * recursively generate nvlists describing datasets. See comment
846 * for the data structure send_data_t above for description of contents
847 * of the nvlist.
848 */
34dc7c2f
BB		 849static int
850send_iterate_fs(zfs_handle_t *zhp, void *arg)
851{
852 send_data_t *sd = arg;
b5256303 853 nvlist_t *nvfs = NULL, *nv = NULL;
428870ff 854 int rv = 0;
4c0883fb 855 uint64_t min_txg = 0, max_txg = 0;
34dc7c2f 856 uint64_t parent_fromsnap_guid_save = sd->parent_fromsnap_guid;
66356240
K		 857 uint64_t fromsnap_txg_save = sd->fromsnap_txg;
858 uint64_t tosnap_txg_save = sd->tosnap_txg;
859 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg;
34dc7c2f 860 uint64_t guid = zhp->zfs_dmustats.dds_guid;
66356240 861 uint64_t fromsnap_txg, tosnap_txg;
34dc7c2f
BB		 862 char guidstring[64];
863
66356240
K		 864 fromsnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->fromsnap);
865 if (fromsnap_txg != 0)
866 sd->fromsnap_txg = fromsnap_txg;
867
868 tosnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->tosnap);
869 if (tosnap_txg != 0)
870 sd->tosnap_txg = tosnap_txg;
871
872 /*
873 * on the send side, if the current dataset does not have tosnap,
874 * perform two additional checks:
875 *
876 * - skip sending the current dataset if it was created later than
877 * the parent tosnap
878 * - return error if the current dataset was created earlier than
879 * the parent tosnap
880 */
881 if (sd->tosnap != NULL && tosnap_txg == 0) {
882 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) {
883 if (sd->verbose) {
884 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
885 "skipping dataset %s: snapshot %s does "
886 "not exist\n"), zhp->zfs_name, sd->tosnap);
887 }
888 } else {
889 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
890 "cannot send %s@%s%s: snapshot %s@%s does not "
891 "exist\n"), sd->fsname, sd->tosnap, sd->recursive ?
892 dgettext(TEXT_DOMAIN, " recursively") : "",
893 zhp->zfs_name, sd->tosnap);
30af21b0 894 rv = EZFS_NOENT;
66356240
K		 895 }
896 goto out;
897 }
898
4c0883fb
AP		 899 nvfs = fnvlist_alloc();
900 fnvlist_add_string(nvfs, "name", zhp->zfs_name);
901 fnvlist_add_uint64(nvfs, "parentfromsnap",
902 sd->parent_fromsnap_guid);
34dc7c2f
BB		 903
904 if (zhp->zfs_dmustats.dds_origin[0]) {
905 zfs_handle_t *origin = zfs_open(zhp->zfs_hdl,
906 zhp->zfs_dmustats.dds_origin, ZFS_TYPE_SNAPSHOT);
66356240
K		 907 if (origin == NULL) {
908 rv = -1;
909 goto out;
910 }
4c0883fb
AP		 911 fnvlist_add_uint64(nvfs, "origin",
912 origin->zfs_dmustats.dds_guid);
ad7e908a
TC		 913
914 zfs_close(origin);
34dc7c2f
BB		 915 }
916
917 /* iterate over props */
9c5e88b1 918 if (sd->props || sd->backup || sd->recursive) {
4c0883fb 919 nv = fnvlist_alloc();
9c5e88b1
PZ		 920 send_iterate_prop(zhp, sd->backup, nv);
921 }
b5256303
TC		 922 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
923 boolean_t encroot;
924
925 /* determine if this dataset is an encryption root */
926 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0) {
927 rv = -1;
928 goto out;
929 }
930
931 if (encroot)
4c0883fb 932 fnvlist_add_boolean(nvfs, "is_encroot");
b5256303
TC		 933
934 /*
935 * Encrypted datasets can only be sent with properties if
936 * the raw flag is specified because the receive side doesn't
937 * currently have a mechanism for recursively asking the user
938 * for new encryption parameters.
939 */
940 if (!sd->raw) {
941 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
942 "cannot send %s@%s: encrypted dataset %s may not "
943 "be sent with properties without the raw flag\n"),
944 sd->fsname, sd->tosnap, zhp->zfs_name);
945 rv = -1;
946 goto out;
947 }
948
949 }
950
9c5e88b1 951 if (nv != NULL)
4c0883fb 952 fnvlist_add_nvlist(nvfs, "props", nv);
34dc7c2f
BB		 953
954 /* iterate over snaps, and set sd->parent_fromsnap_guid */
955 sd->parent_fromsnap_guid = 0;
4c0883fb
AP		 956 sd->parent_snaps = fnvlist_alloc();
957 sd->snapprops = fnvlist_alloc();
9c5e88b1
PZ		 958 if (sd->holds)
959 VERIFY(0 == nvlist_alloc(&sd->snapholds, NV_UNIQUE_NAME, 0));
f94b3cbf
TC		 960
961
962 /*
963 * If this is a "doall" send, a replicate send or we're just trying
964 * to gather a list of previous snapshots, iterate through all the
965 * snaps in the txg range. Otherwise just look at the one we're
966 * interested in.
967 */
968 if (sd->doall || sd->replicate || sd->tosnap == NULL) {
969 if (!sd->replicate && fromsnap_txg != 0)
970 min_txg = fromsnap_txg;
971 if (!sd->replicate && tosnap_txg != 0)
972 max_txg = tosnap_txg;
973 (void) zfs_iter_snapshots_sorted(zhp, send_iterate_snap, sd,
974 min_txg, max_txg);
975 } else {
976 char snapname[MAXPATHLEN] = { 0 };
977 zfs_handle_t *snap;
978
f0ce0436 979 (void) snprintf(snapname, sizeof (snapname), "%s@%s",
f94b3cbf
TC		 980 zhp->zfs_name, sd->tosnap);
981 if (sd->fromsnap != NULL)
982 sd->seenfrom = B_TRUE;
983 snap = zfs_open(zhp->zfs_hdl, snapname,
984 ZFS_TYPE_SNAPSHOT);
985 if (snap != NULL)
986 (void) send_iterate_snap(snap, sd);
987 }
988
4c0883fb
AP		 989 fnvlist_add_nvlist(nvfs, "snaps", sd->parent_snaps);
990 fnvlist_add_nvlist(nvfs, "snapprops", sd->snapprops);
9c5e88b1 991 if (sd->holds)
4c0883fb
AP		 992 fnvlist_add_nvlist(nvfs, "snapholds", sd->snapholds);
993 fnvlist_free(sd->parent_snaps);
994 fnvlist_free(sd->snapprops);
995 fnvlist_free(sd->snapholds);
34dc7c2f
BB		 996
997 /* add this fs to nvlist */
998 (void) snprintf(guidstring, sizeof (guidstring),
999 "0x%llx", (longlong_t)guid);
4c0883fb 1000 fnvlist_add_nvlist(sd->fss, guidstring, nvfs);
34dc7c2f
BB		 1001
1002 /* iterate over children */
428870ff
BB		 1003 if (sd->recursive)
1004 rv = zfs_iter_filesystems(zhp, send_iterate_fs, sd);
34dc7c2f 1005
66356240 1006out:
34dc7c2f 1007 sd->parent_fromsnap_guid = parent_fromsnap_guid_save;
66356240
K		 1008 sd->fromsnap_txg = fromsnap_txg_save;
1009 sd->tosnap_txg = tosnap_txg_save;
4c0883fb
AP		 1010 fnvlist_free(nv);
1011 fnvlist_free(nvfs);
34dc7c2f
BB		 1012
1013 zfs_close(zhp);
1014 return (rv);
1015}
1016
1017static int
1018gather_nvlist(libzfs_handle_t *hdl, const char *fsname, const char *fromsnap,
f94b3cbf
TC		 1019 const char *tosnap, boolean_t recursive, boolean_t raw, boolean_t doall,
1020 boolean_t replicate, boolean_t verbose, boolean_t backup, boolean_t holds,
1021 boolean_t props, nvlist_t **nvlp, avl_tree_t **avlp)
34dc7c2f
BB		 1022{
1023 zfs_handle_t *zhp;
1024 send_data_t sd = { 0 };
1025 int error;
1026
1027 zhp = zfs_open(hdl, fsname, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
1028 if (zhp == NULL)
1029 return (EZFS_BADTYPE);
1030
1031 VERIFY(0 == nvlist_alloc(&sd.fss, NV_UNIQUE_NAME, 0));
66356240 1032 sd.fsname = fsname;
34dc7c2f
BB		 1033 sd.fromsnap = fromsnap;
1034 sd.tosnap = tosnap;
428870ff 1035 sd.recursive = recursive;
b5256303 1036 sd.raw = raw;
f94b3cbf 1037 sd.doall = doall;
4c0883fb 1038 sd.replicate = replicate;
66356240 1039 sd.verbose = verbose;
faa97c16 1040 sd.backup = backup;
9c5e88b1
PZ		 1041 sd.holds = holds;
1042 sd.props = props;
34dc7c2f
BB		 1043
1044 if ((error = send_iterate_fs(zhp, &sd)) != 0) {
1045 nvlist_free(sd.fss);
1046 if (avlp != NULL)
1047 *avlp = NULL;
1048 *nvlp = NULL;
1049 return (error);
1050 }
1051
1052 if (avlp != NULL && (*avlp = fsavl_create(sd.fss)) == NULL) {
1053 nvlist_free(sd.fss);
1054 *nvlp = NULL;
1055 return (EZFS_NOMEM);
1056 }
1057
1058 *nvlp = sd.fss;
1059 return (0);
1060}
1061
34dc7c2f
BB		 1062/*
1063 * Routines specific to "zfs send"
1064 */
1065typedef struct send_dump_data {
1066 /* these are all just the short snapname (the part after the @) */
1067 const char *fromsnap;
1068 const char *tosnap;
eca7b760 1069 char prevsnap[ZFS_MAX_DATASET_NAME_LEN];
572e2857 1070 uint64_t prevsnap_obj;
34dc7c2f 1071 boolean_t seenfrom, seento, replicate, doall, fromorigin;
30af21b0 1072 boolean_t dryrun, parsable, progress, embed_data, std_out;
9c5e88b1 1073 boolean_t large_block, compress, raw, holds;
34dc7c2f
BB		 1074 int outfd;
1075 boolean_t err;
1076 nvlist_t *fss;
95fd54a1 1077 nvlist_t *snapholds;
34dc7c2f 1078 avl_tree_t *fsavl;
428870ff
BB		 1079 snapfilter_cb_t *filter_cb;
1080 void *filter_cb_arg;
1081 nvlist_t *debugnv;
eca7b760 1082 char holdtag[ZFS_MAX_DATASET_NAME_LEN];
572e2857 1083 int cleanup_fd;
30af21b0 1084 int verbosity;
330d06f9 1085 uint64_t size;
34dc7c2f
BB		 1086} send_dump_data_t;
1087
330d06f9 1088static int
cf7684bc 1089zfs_send_space(zfs_handle_t *zhp, const char *snapname, const char *from,
1090 enum lzc_send_flags flags, uint64_t *spacep)
330d06f9 1091{
330d06f9 1092 libzfs_handle_t *hdl = zhp->zfs_hdl;
cf7684bc 1093 int error;
330d06f9 1094
cf7684bc 1095 assert(snapname != NULL);
1096 error = lzc_send_space(snapname, from, flags, spacep);
330d06f9 1097
cf7684bc 1098 if (error != 0) {
330d06f9
MA		 1099 char errbuf[1024];
1100 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
cf7684bc 1101 "warning: cannot estimate space for '%s'"), snapname);
330d06f9 1102
cf7684bc 1103 switch (error) {
330d06f9
MA		 1104 case EXDEV:
1105 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1106 "not an earlier snapshot from the same fs"));
1107 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
1108
1109 case ENOENT:
cf7684bc 1110 if (zfs_dataset_exists(hdl, snapname,
330d06f9
MA		 1111 ZFS_TYPE_SNAPSHOT)) {
1112 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
cf7684bc 1113 "incremental source (%s) does not exist"),
1114 snapname);
330d06f9
MA		 1115 }
1116 return (zfs_error(hdl, EZFS_NOENT, errbuf));
1117
1118 case EDQUOT:
1119 case EFBIG:
1120 case EIO:
1121 case ENOLINK:
1122 case ENOSPC:
1123 case ENOSTR:
1124 case ENXIO:
1125 case EPIPE:
1126 case ERANGE:
1127 case EFAULT:
1128 case EROFS:
cf7684bc 1129 case EINVAL:
1130 zfs_error_aux(hdl, strerror(error));
330d06f9
MA		 1131 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1132
1133 default:
cf7684bc 1134 return (zfs_standard_error(hdl, error, errbuf));
330d06f9
MA		 1135 }
1136 }
1137
330d06f9
MA		 1138 return (0);
1139}
1140
34dc7c2f
BB		 1141/*
1142 * Dumps a backup of the given snapshot (incremental from fromsnap if it's not
1143 * NULL) to the file descriptor specified by outfd.
1144 */
1145static int
572e2857 1146dump_ioctl(zfs_handle_t *zhp, const char *fromsnap, uint64_t fromsnap_obj,
9b67f605
MA		 1147 boolean_t fromorigin, int outfd, enum lzc_send_flags flags,
1148 nvlist_t *debugnv)
34dc7c2f 1149{
13fe0198 1150 zfs_cmd_t zc = {"\0"};
34dc7c2f 1151 libzfs_handle_t *hdl = zhp->zfs_hdl;
428870ff 1152 nvlist_t *thisdbg;
34dc7c2f
BB		 1153
1154 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
572e2857 1155 assert(fromsnap_obj == 0 || !fromorigin);
34dc7c2f
BB		 1156
1157 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
34dc7c2f
BB		 1158 zc.zc_cookie = outfd;
1159 zc.zc_obj = fromorigin;
572e2857
BB		 1160 zc.zc_sendobj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
1161 zc.zc_fromobj = fromsnap_obj;
9b67f605 1162 zc.zc_flags = flags;
428870ff
BB		 1163
1164 VERIFY(0 == nvlist_alloc(&thisdbg, NV_UNIQUE_NAME, 0));
1165 if (fromsnap && fromsnap[0] != '\0') {
1166 VERIFY(0 == nvlist_add_string(thisdbg,
1167 "fromsnap", fromsnap));
1168 }
1169
330d06f9 1170 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND, &zc) != 0) {
34dc7c2f
BB		 1171 char errbuf[1024];
1172 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1173 "warning: cannot send '%s'"), zhp->zfs_name);
1174
428870ff
BB		 1175 VERIFY(0 == nvlist_add_uint64(thisdbg, "error", errno));
1176 if (debugnv) {
1177 VERIFY(0 == nvlist_add_nvlist(debugnv,
1178 zhp->zfs_name, thisdbg));
1179 }
1180 nvlist_free(thisdbg);
1181
34dc7c2f 1182 switch (errno) {
34dc7c2f
BB		 1183 case EXDEV:
1184 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1185 "not an earlier snapshot from the same fs"));
1186 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
1187
b5256303
TC		 1188 case EACCES:
1189 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1190 "source key must be loaded"));
1191 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
1192
34dc7c2f
BB		 1193 case ENOENT:
1194 if (zfs_dataset_exists(hdl, zc.zc_name,
1195 ZFS_TYPE_SNAPSHOT)) {
1196 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1197 "incremental source (@%s) does not exist"),
1198 zc.zc_value);
1199 }
1200 return (zfs_error(hdl, EZFS_NOENT, errbuf));
1201
1202 case EDQUOT:
1203 case EFBIG:
1204 case EIO:
1205 case ENOLINK:
1206 case ENOSPC:
1207 case ENOSTR:
1208 case ENXIO:
1209 case EPIPE:
1210 case ERANGE:
1211 case EFAULT:
1212 case EROFS:
1213 zfs_error_aux(hdl, strerror(errno));
1214 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1215
1216 default:
1217 return (zfs_standard_error(hdl, errno, errbuf));
1218 }
1219 }
1220
428870ff
BB		 1221 if (debugnv)
1222 VERIFY(0 == nvlist_add_nvlist(debugnv, zhp->zfs_name, thisdbg));
1223 nvlist_free(thisdbg);
1224
34dc7c2f
BB		 1225 return (0);
1226}
1227
95fd54a1
SH		 1228static void
1229gather_holds(zfs_handle_t *zhp, send_dump_data_t *sdd)
572e2857 1230{
572e2857
BB		 1231 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
1232
1233 /*
95fd54a1 1234 * zfs_send() only sets snapholds for sends that need them,
572e2857
BB		 1235 * e.g. replication and doall.
1236 */
95fd54a1
SH		 1237 if (sdd->snapholds == NULL)
1238 return;
572e2857 1239
95fd54a1 1240 fnvlist_add_string(sdd->snapholds, zhp->zfs_name, sdd->holdtag);
572e2857
BB		 1241}
1242
30af21b0
PD		 1243int
1244zfs_send_progress(zfs_handle_t *zhp, int fd, uint64_t *bytes_written,
1245 uint64_t *blocks_visited)
1246{
1247 zfs_cmd_t zc = { {0} };
1248 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1249 zc.zc_cookie = fd;
1250 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND_PROGRESS, &zc) != 0)
1251 return (errno);
1252 if (bytes_written != NULL)
1253 *bytes_written = zc.zc_cookie;
1254 if (blocks_visited != NULL)
1255 *blocks_visited = zc.zc_objset_type;
1256 return (0);
1257}
1258
37abac6d
BP		 1259static void *
1260send_progress_thread(void *arg)
1261{
1262 progress_arg_t *pa = arg;
37abac6d 1263 zfs_handle_t *zhp = pa->pa_zhp;
30af21b0
PD		 1264 uint64_t bytes;
1265 uint64_t blocks;
37abac6d 1266 char buf[16];
37abac6d
BP		 1267 time_t t;
1268 struct tm *tm;
30af21b0 1269 boolean_t firstloop = B_TRUE;
37abac6d
BP		 1270
1271 /*
1272 * Print the progress from ZFS_IOC_SEND_PROGRESS every second.
1273 */
1274 for (;;) {
30af21b0 1275 int err;
37abac6d 1276 (void) sleep(1);
30af21b0
PD		 1277 if ((err = zfs_send_progress(zhp, pa->pa_fd, &bytes,
1278 &blocks)) != 0) {
1279 if (err == EINTR || err == ENOENT)
1280 return ((void *)0);
1281 return ((void *)(uintptr_t)err);
1282 }
37abac6d 1283
30af21b0
PD		 1284 if (firstloop && !pa->pa_parsable) {
1285 (void) fprintf(stderr,
1286 "TIME %s %sSNAPSHOT %s\n",
1287 pa->pa_estimate ? "BYTES" : " SENT",
1288 pa->pa_verbosity >= 2 ? " BLOCKS " : "",
1289 zhp->zfs_name);
1290 firstloop = B_FALSE;
1291 }
37abac6d
BP		 1292
1293 (void) time(&t);
1294 tm = localtime(&t);
37abac6d 1295
30af21b0
PD		 1296 if (pa->pa_verbosity >= 2 && pa->pa_parsable) {
1297 (void) fprintf(stderr,
1298 "%02d:%02d:%02d\t%llu\t%llu\t%s\n",
1299 tm->tm_hour, tm->tm_min, tm->tm_sec,
1300 (u_longlong_t)bytes, (u_longlong_t)blocks,
1301 zhp->zfs_name);
1302 } else if (pa->pa_verbosity >= 2) {
1303 zfs_nicenum(bytes, buf, sizeof (buf));
1304 (void) fprintf(stderr,
1305 "%02d:%02d:%02d %5s %8llu %s\n",
1306 tm->tm_hour, tm->tm_min, tm->tm_sec,
1307 buf, (u_longlong_t)blocks, zhp->zfs_name);
1308 } else if (pa->pa_parsable) {
37abac6d
BP		 1309 (void) fprintf(stderr, "%02d:%02d:%02d\t%llu\t%s\n",
1310 tm->tm_hour, tm->tm_min, tm->tm_sec,
30af21b0 1311 (u_longlong_t)bytes, zhp->zfs_name);
37abac6d 1312 } else {
e7fbeb60 1313 zfs_nicebytes(bytes, buf, sizeof (buf));
37abac6d
BP		 1314 (void) fprintf(stderr, "%02d:%02d:%02d %5s %s\n",
1315 tm->tm_hour, tm->tm_min, tm->tm_sec,
1316 buf, zhp->zfs_name);
1317 }
1318 }
1319}
1320
47dfff3b
MA		 1321static void
1322send_print_verbose(FILE *fout, const char *tosnap, const char *fromsnap,
1323 uint64_t size, boolean_t parsable)
1324{
1325 if (parsable) {
1326 if (fromsnap != NULL) {
1327 (void) fprintf(fout, "incremental\t%s\t%s",
1328 fromsnap, tosnap);
1329 } else {
1330 (void) fprintf(fout, "full\t%s",
1331 tosnap);
1332 }
1333 } else {
1334 if (fromsnap != NULL) {
1335 if (strchr(fromsnap, '@') == NULL &&
1336 strchr(fromsnap, '#') == NULL) {
1337 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1338 "send from @%s to %s"),
1339 fromsnap, tosnap);
1340 } else {
1341 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1342 "send from %s to %s"),
1343 fromsnap, tosnap);
1344 }
1345 } else {
1346 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1347 "full send of %s"),
1348 tosnap);
1349 }
1350 }
1351
835db585 1352 if (parsable) {
1353 (void) fprintf(fout, "\t%llu",
1354 (longlong_t)size);
1355 } else if (size != 0) {
1356 char buf[16];
1357 zfs_nicebytes(size, buf, sizeof (buf));
1358 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1359 " estimated size is %s"), buf);
47dfff3b
MA		 1360 }
1361 (void) fprintf(fout, "\n");
1362}
1363
34dc7c2f
BB		 1364static int
1365dump_snapshot(zfs_handle_t *zhp, void *arg)
1366{
1367 send_dump_data_t *sdd = arg;
37abac6d
BP		 1368 progress_arg_t pa = { 0 };
1369 pthread_t tid;
572e2857 1370 char *thissnap;
2aa34383 1371 enum lzc_send_flags flags = 0;
34dc7c2f 1372 int err;
330d06f9 1373 boolean_t isfromsnap, istosnap, fromorigin;
428870ff 1374 boolean_t exclude = B_FALSE;
93f6d7e2 1375 FILE *fout = sdd->std_out ? stdout : stderr;
34dc7c2f 1376
95fd54a1 1377 err = 0;
34dc7c2f 1378 thissnap = strchr(zhp->zfs_name, '@') + 1;
428870ff
BB		 1379 isfromsnap = (sdd->fromsnap != NULL &&
1380 strcmp(sdd->fromsnap, thissnap) == 0);
34dc7c2f 1381
428870ff 1382 if (!sdd->seenfrom && isfromsnap) {
95fd54a1
SH		 1383 gather_holds(zhp, sdd);
1384 sdd->seenfrom = B_TRUE;
c9d61adb 1385 (void) strlcpy(sdd->prevsnap, thissnap,
1386 sizeof (sdd->prevsnap));
95fd54a1 1387 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
34dc7c2f 1388 zfs_close(zhp);
95fd54a1 1389 return (0);
34dc7c2f
BB		 1390 }
1391
1392 if (sdd->seento || !sdd->seenfrom) {
1393 zfs_close(zhp);
1394 return (0);
1395 }
1396
428870ff
BB		 1397 istosnap = (strcmp(sdd->tosnap, thissnap) == 0);
1398 if (istosnap)
1399 sdd->seento = B_TRUE;
1400
2aa34383
DK		 1401 if (sdd->large_block)
1402 flags |= LZC_SEND_FLAG_LARGE_BLOCK;
1403 if (sdd->embed_data)
1404 flags |= LZC_SEND_FLAG_EMBED_DATA;
1405 if (sdd->compress)
1406 flags |= LZC_SEND_FLAG_COMPRESS;
b5256303
TC		 1407 if (sdd->raw)
1408 flags |= LZC_SEND_FLAG_RAW;
2aa34383 1409
428870ff
BB		 1410 if (!sdd->doall && !isfromsnap && !istosnap) {
1411 if (sdd->replicate) {
1412 char *snapname;
1413 nvlist_t *snapprops;
1414 /*
1415 * Filter out all intermediate snapshots except origin
1416 * snapshots needed to replicate clones.
1417 */
1418 nvlist_t *nvfs = fsavl_find(sdd->fsavl,
1419 zhp->zfs_dmustats.dds_guid, &snapname);
1420
1421 VERIFY(0 == nvlist_lookup_nvlist(nvfs,
1422 "snapprops", &snapprops));
1423 VERIFY(0 == nvlist_lookup_nvlist(snapprops,
1424 thissnap, &snapprops));
1425 exclude = !nvlist_exists(snapprops, "is_clone_origin");
1426 } else {
1427 exclude = B_TRUE;
1428 }
1429 }
1430
1431 /*
1432 * If a filter function exists, call it to determine whether
1433 * this snapshot will be sent.
1434 */
1435 if (exclude || (sdd->filter_cb != NULL &&
1436 sdd->filter_cb(zhp, sdd->filter_cb_arg) == B_FALSE)) {
1437 /*
1438 * This snapshot is filtered out. Don't send it, and don't
572e2857 1439 * set prevsnap_obj, so it will be as if this snapshot didn't
428870ff
BB		 1440 * exist, and the next accepted snapshot will be sent as
1441 * an incremental from the last accepted one, or as the
1442 * first (and full) snapshot in the case of a replication,
1443 * non-incremental send.
1444 */
1445 zfs_close(zhp);
1446 return (0);
1447 }
1448
95fd54a1 1449 gather_holds(zhp, sdd);
330d06f9
MA		 1450 fromorigin = sdd->prevsnap[0] == '\0' &&
1451 (sdd->fromorigin || sdd->replicate);
1452
30af21b0 1453 if (sdd->verbosity != 0) {
47dfff3b 1454 uint64_t size = 0;
cf7684bc 1455 char fromds[ZFS_MAX_DATASET_NAME_LEN];
330d06f9 1456
cf7684bc 1457 if (sdd->prevsnap[0] != '\0') {
1458 (void) strlcpy(fromds, zhp->zfs_name, sizeof (fromds));
1459 *(strchr(fromds, '@') + 1) = '\0';
1460 (void) strlcat(fromds, sdd->prevsnap, sizeof (fromds));
1461 }
1462 if (zfs_send_space(zhp, zhp->zfs_name,
1463 sdd->prevsnap[0] ? fromds : NULL, flags, &size) != 0) {
1464 size = 0; /* cannot estimate send space */
1465 } else {
1466 send_print_verbose(fout, zhp->zfs_name,
1467 sdd->prevsnap[0] ? sdd->prevsnap : NULL,
1468 size, sdd->parsable);
1469 }
47dfff3b 1470 sdd->size += size;
34dc7c2f
BB		 1471 }
1472
330d06f9 1473 if (!sdd->dryrun) {
37abac6d
BP		 1474 /*
1475 * If progress reporting is requested, spawn a new thread to
1476 * poll ZFS_IOC_SEND_PROGRESS at a regular interval.
1477 */
1478 if (sdd->progress) {
1479 pa.pa_zhp = zhp;
1480 pa.pa_fd = sdd->outfd;
1481 pa.pa_parsable = sdd->parsable;
30af21b0
PD		 1482 pa.pa_estimate = B_FALSE;
1483 pa.pa_verbosity = sdd->verbosity;
37abac6d
BP		 1484
1485 if ((err = pthread_create(&tid, NULL,
23d70cde 1486 send_progress_thread, &pa)) != 0) {
37abac6d
BP		 1487 zfs_close(zhp);
1488 return (err);
1489 }
1490 }
1491
330d06f9 1492 err = dump_ioctl(zhp, sdd->prevsnap, sdd->prevsnap_obj,
9b67f605 1493 fromorigin, sdd->outfd, flags, sdd->debugnv);
37abac6d
BP		 1494
1495 if (sdd->progress) {
30af21b0 1496 void *status = NULL;
37abac6d 1497 (void) pthread_cancel(tid);
30af21b0
PD		 1498 (void) pthread_join(tid, &status);
1499 int error = (int)(uintptr_t)status;
1500 if (error != 0 && status != PTHREAD_CANCELED) {
1501 char errbuf[1024];
1502 (void) snprintf(errbuf, sizeof (errbuf),
1503 dgettext(TEXT_DOMAIN,
1504 "progress thread exited nonzero"));
1505 return (zfs_standard_error(zhp->zfs_hdl, error,
1506 errbuf));
1507 }
37abac6d 1508 }
330d06f9 1509 }
34dc7c2f 1510
572e2857
BB		 1511 (void) strcpy(sdd->prevsnap, thissnap);
1512 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
34dc7c2f
BB		 1513 zfs_close(zhp);
1514 return (err);
1515}
1516
1517static int
1518dump_filesystem(zfs_handle_t *zhp, void *arg)
1519{
1520 int rv = 0;
1521 send_dump_data_t *sdd = arg;
1522 boolean_t missingfrom = B_FALSE;
13fe0198 1523 zfs_cmd_t zc = {"\0"};
4c0883fb 1524 uint64_t min_txg = 0, max_txg = 0;
34dc7c2f
BB		 1525
1526 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s",
1527 zhp->zfs_name, sdd->tosnap);
1528 if (ioctl(zhp->zfs_hdl->libzfs_fd, ZFS_IOC_OBJSET_STATS, &zc) != 0) {
330d06f9
MA		 1529 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1530 "WARNING: could not send %s@%s: does not exist\n"),
34dc7c2f
BB		 1531 zhp->zfs_name, sdd->tosnap);
1532 sdd->err = B_TRUE;
1533 return (0);
1534 }
1535
1536 if (sdd->replicate && sdd->fromsnap) {
1537 /*
1538 * If this fs does not have fromsnap, and we're doing
1539 * recursive, we need to send a full stream from the
1540 * beginning (or an incremental from the origin if this
1541 * is a clone). If we're doing non-recursive, then let
1542 * them get the error.
1543 */
1544 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s",
1545 zhp->zfs_name, sdd->fromsnap);
1546 if (ioctl(zhp->zfs_hdl->libzfs_fd,
1547 ZFS_IOC_OBJSET_STATS, &zc) != 0) {
1548 missingfrom = B_TRUE;
1549 }
1550 }
1551
428870ff 1552 sdd->seenfrom = sdd->seento = sdd->prevsnap[0] = 0;
572e2857 1553 sdd->prevsnap_obj = 0;
428870ff
BB		 1554 if (sdd->fromsnap == NULL || missingfrom)
1555 sdd->seenfrom = B_TRUE;
34dc7c2f 1556
4c0883fb 1557
f94b3cbf
TC		 1558
1559 /*
1560 * Iterate through all snapshots and process the ones we will be
1561 * sending. If we only have a "from" and "to" snapshot to deal
1562 * with, we can avoid iterating through all the other snapshots.
1563 */
1564 if (sdd->doall || sdd->replicate || sdd->tosnap == NULL) {
1565 if (!sdd->replicate && sdd->fromsnap != NULL)
1566 min_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name,
1567 sdd->fromsnap);
1568 if (!sdd->replicate && sdd->tosnap != NULL)
1569 max_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name,
1570 sdd->tosnap);
1571 rv = zfs_iter_snapshots_sorted(zhp, dump_snapshot, arg,
1572 min_txg, max_txg);
1573 } else {
1574 char snapname[MAXPATHLEN] = { 0 };
1575 zfs_handle_t *snap;
1576
1577 if (!sdd->seenfrom) {
f0ce0436 1578 (void) snprintf(snapname, sizeof (snapname),
f94b3cbf
TC		 1579 "%s@%s", zhp->zfs_name, sdd->fromsnap);
1580 snap = zfs_open(zhp->zfs_hdl, snapname,
1581 ZFS_TYPE_SNAPSHOT);
1582 if (snap != NULL)
1583 rv = dump_snapshot(snap, sdd);
1584 else
1585 rv = -1;
1586 }
1587
1588 if (rv == 0) {
f0ce0436 1589 (void) snprintf(snapname, sizeof (snapname),
f94b3cbf
TC		 1590 "%s@%s", zhp->zfs_name, sdd->tosnap);
1591 snap = zfs_open(zhp->zfs_hdl, snapname,
1592 ZFS_TYPE_SNAPSHOT);
1593 if (snap != NULL)
1594 rv = dump_snapshot(snap, sdd);
1595 else
1596 rv = -1;
1597 }
1598 }
1599
428870ff 1600 if (!sdd->seenfrom) {
330d06f9 1601 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
428870ff 1602 "WARNING: could not send %s@%s:\n"
330d06f9 1603 "incremental source (%s@%s) does not exist\n"),
428870ff
BB		 1604 zhp->zfs_name, sdd->tosnap,
1605 zhp->zfs_name, sdd->fromsnap);
1606 sdd->err = B_TRUE;
1607 } else if (!sdd->seento) {
1608 if (sdd->fromsnap) {
330d06f9 1609 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
34dc7c2f 1610 "WARNING: could not send %s@%s:\n"
428870ff 1611 "incremental source (%s@%s) "
330d06f9 1612 "is not earlier than it\n"),
34dc7c2f
BB		 1613 zhp->zfs_name, sdd->tosnap,
1614 zhp->zfs_name, sdd->fromsnap);
34dc7c2f 1615 } else {
330d06f9
MA		 1616 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1617 "WARNING: "
1618 "could not send %s@%s: does not exist\n"),
428870ff 1619 zhp->zfs_name, sdd->tosnap);
34dc7c2f 1620 }
428870ff 1621 sdd->err = B_TRUE;
34dc7c2f
BB		 1622 }
1623
1624 return (rv);
1625}
1626
1627static int
1628dump_filesystems(zfs_handle_t *rzhp, void *arg)
1629{
1630 send_dump_data_t *sdd = arg;
1631 nvpair_t *fspair;
1632 boolean_t needagain, progress;
1633
1634 if (!sdd->replicate)
1635 return (dump_filesystem(rzhp, sdd));
1636
428870ff
BB		 1637 /* Mark the clone origin snapshots. */
1638 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1639 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1640 nvlist_t *nvfs;
1641 uint64_t origin_guid = 0;
1642
1643 VERIFY(0 == nvpair_value_nvlist(fspair, &nvfs));
1644 (void) nvlist_lookup_uint64(nvfs, "origin", &origin_guid);
1645 if (origin_guid != 0) {
1646 char *snapname;
1647 nvlist_t *origin_nv = fsavl_find(sdd->fsavl,
1648 origin_guid, &snapname);
1649 if (origin_nv != NULL) {
1650 nvlist_t *snapprops;
1651 VERIFY(0 == nvlist_lookup_nvlist(origin_nv,
1652 "snapprops", &snapprops));
1653 VERIFY(0 == nvlist_lookup_nvlist(snapprops,
1654 snapname, &snapprops));
1655 VERIFY(0 == nvlist_add_boolean(
1656 snapprops, "is_clone_origin"));
1657 }
1658 }
1659 }
34dc7c2f
BB		 1660again:
1661 needagain = progress = B_FALSE;
1662 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1663 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
330d06f9 1664 nvlist_t *fslist, *parent_nv;
34dc7c2f
BB		 1665 char *fsname;
1666 zfs_handle_t *zhp;
1667 int err;
1668 uint64_t origin_guid = 0;
330d06f9 1669 uint64_t parent_guid = 0;
34dc7c2f
BB		 1670
1671 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0);
1672 if (nvlist_lookup_boolean(fslist, "sent") == 0)
1673 continue;
1674
1675 VERIFY(nvlist_lookup_string(fslist, "name", &fsname) == 0);
1676 (void) nvlist_lookup_uint64(fslist, "origin", &origin_guid);
330d06f9
MA		 1677 (void) nvlist_lookup_uint64(fslist, "parentfromsnap",
1678 &parent_guid);
1679
1680 if (parent_guid != 0) {
1681 parent_nv = fsavl_find(sdd->fsavl, parent_guid, NULL);
1682 if (!nvlist_exists(parent_nv, "sent")) {
1683 /* parent has not been sent; skip this one */
1684 needagain = B_TRUE;
1685 continue;
1686 }
1687 }
34dc7c2f 1688
428870ff
BB		 1689 if (origin_guid != 0) {
1690 nvlist_t *origin_nv = fsavl_find(sdd->fsavl,
1691 origin_guid, NULL);
1692 if (origin_nv != NULL &&
330d06f9 1693 !nvlist_exists(origin_nv, "sent")) {
428870ff
BB		 1694 /*
1695 * origin has not been sent yet;
1696 * skip this clone.
1697 */
1698 needagain = B_TRUE;
1699 continue;
1700 }
34dc7c2f
BB		 1701 }
1702
1703 zhp = zfs_open(rzhp->zfs_hdl, fsname, ZFS_TYPE_DATASET);
1704 if (zhp == NULL)
1705 return (-1);
1706 err = dump_filesystem(zhp, sdd);
1707 VERIFY(nvlist_add_boolean(fslist, "sent") == 0);
1708 progress = B_TRUE;
1709 zfs_close(zhp);
1710 if (err)
1711 return (err);
1712 }
1713 if (needagain) {
1714 assert(progress);
1715 goto again;
1716 }
330d06f9
MA		 1717
1718 /* clean out the sent flags in case we reuse this fss */
1719 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1720 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1721 nvlist_t *fslist;
1722
1723 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0);
1724 (void) nvlist_remove_all(fslist, "sent");
1725 }
1726
34dc7c2f
BB		 1727 return (0);
1728}
1729
47dfff3b
MA		 1730nvlist_t *
1731zfs_send_resume_token_to_nvlist(libzfs_handle_t *hdl, const char *token)
1732{
1733 unsigned int version;
1734 int nread, i;
1735 unsigned long long checksum, packed_len;
1736
1737 /*
1738 * Decode token header, which is:
1739 * <token version>-<checksum of payload>-<uncompressed payload length>
1740 * Note that the only supported token version is 1.
1741 */
1742 nread = sscanf(token, "%u-%llx-%llx-",
1743 &version, &checksum, &packed_len);
1744 if (nread != 3) {
1745 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1746 "resume token is corrupt (invalid format)"));
1747 return (NULL);
1748 }
1749
1750 if (version != ZFS_SEND_RESUME_TOKEN_VERSION) {
1751 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1752 "resume token is corrupt (invalid version %u)"),
1753 version);
1754 return (NULL);
1755 }
1756
1757 /* convert hexadecimal representation to binary */
1758 token = strrchr(token, '-') + 1;
1759 int len = strlen(token) / 2;
1760 unsigned char *compressed = zfs_alloc(hdl, len);
1761 for (i = 0; i < len; i++) {
1762 nread = sscanf(token + i * 2, "%2hhx", compressed + i);
1763 if (nread != 1) {
1764 free(compressed);
1765 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1766 "resume token is corrupt "
1767 "(payload is not hex-encoded)"));
1768 return (NULL);
1769 }
1770 }
1771
1772 /* verify checksum */
1773 zio_cksum_t cksum;
fc897b24 1774 fletcher_4_native_varsize(compressed, len, &cksum);
47dfff3b
MA		 1775 if (cksum.zc_word[0] != checksum) {
1776 free(compressed);
1777 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1778 "resume token is corrupt (incorrect checksum)"));
1779 return (NULL);
1780 }
1781
1782 /* uncompress */
1783 void *packed = zfs_alloc(hdl, packed_len);
1784 uLongf packed_len_long = packed_len;
1785 if (uncompress(packed, &packed_len_long, compressed, len) != Z_OK ||
1786 packed_len_long != packed_len) {
1787 free(packed);
1788 free(compressed);
1789 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1790 "resume token is corrupt (decompression failed)"));
1791 return (NULL);
1792 }
1793
1794 /* unpack nvlist */
1795 nvlist_t *nv;
1796 int error = nvlist_unpack(packed, packed_len, &nv, KM_SLEEP);
1797 free(packed);
1798 free(compressed);
1799 if (error != 0) {
1800 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1801 "resume token is corrupt (nvlist_unpack failed)"));
1802 return (NULL);
1803 }
1804 return (nv);
1805}
30af21b0
PD		 1806static enum lzc_send_flags
1807lzc_flags_from_sendflags(const sendflags_t *flags)
1808{
1809 enum lzc_send_flags lzc_flags = 0;
1810 if (flags->largeblock)
1811 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK;
1812 if (flags->embed_data)
1813 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA;
1814 if (flags->compress)
1815 lzc_flags |= LZC_SEND_FLAG_COMPRESS;
1816 if (flags->raw)
1817 lzc_flags |= LZC_SEND_FLAG_RAW;
1818 return (lzc_flags);
1819}
1820
1821static int
1822estimate_size(zfs_handle_t *zhp, const char *from, int fd, sendflags_t *flags,
1823 uint64_t resumeobj, uint64_t resumeoff, uint64_t bytes,
1824 const char *redactbook, char *errbuf)
1825{
1826 uint64_t size;
1827 FILE *fout = flags->dryrun ? stdout : stderr;
1828 progress_arg_t pa = { 0 };
1829 int err = 0;
1830 pthread_t ptid;
1831
1832 if (flags->progress) {
1833 pa.pa_zhp = zhp;
1834 pa.pa_fd = fd;
1835 pa.pa_parsable = flags->parsable;
1836 pa.pa_estimate = B_TRUE;
1837 pa.pa_verbosity = flags->verbosity;
1838
1839 err = pthread_create(&ptid, NULL,
1840 send_progress_thread, &pa);
1841 if (err != 0) {
1842 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
1843 return (zfs_error(zhp->zfs_hdl,
1844 EZFS_THREADCREATEFAILED, errbuf));
1845 }
1846 }
1847
1848 err = lzc_send_space_resume_redacted(zhp->zfs_name, from,
1849 lzc_flags_from_sendflags(flags), resumeobj, resumeoff, bytes,
1850 redactbook, fd, &size);
1851
1852 if (flags->progress) {
1853 void *status = NULL;
1854 (void) pthread_cancel(ptid);
1855 (void) pthread_join(ptid, &status);
1856 int error = (int)(uintptr_t)status;
1857 if (error != 0 && status != PTHREAD_CANCELED) {
1858 char errbuf[1024];
1859 (void) snprintf(errbuf, sizeof (errbuf),
1860 dgettext(TEXT_DOMAIN, "progress thread exited "
1861 "nonzero"));
1862 return (zfs_standard_error(zhp->zfs_hdl, error,
1863 errbuf));
1864 }
1865 }
1866
1867 if (err != 0) {
1868 zfs_error_aux(zhp->zfs_hdl, strerror(err));
1869 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
1870 errbuf));
1871 }
1872 send_print_verbose(fout, zhp->zfs_name, from, size,
1873 flags->parsable);
1874
1875 if (flags->parsable) {
1876 (void) fprintf(fout, "size\t%llu\n", (longlong_t)size);
1877 } else {
1878 char buf[16];
1879 zfs_nicenum(size, buf, sizeof (buf));
1880 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1881 "total estimated size is %s\n"), buf);
1882 }
1883 return (0);
1884}
1885
1886static boolean_t
1887redact_snaps_contains(const uint64_t *snaps, uint64_t num_snaps, uint64_t guid)
1888{
1889 for (int i = 0; i < num_snaps; i++) {
1890 if (snaps[i] == guid)
1891 return (B_TRUE);
1892 }
1893 return (B_FALSE);
1894}
1895
1896static boolean_t
1897redact_snaps_equal(const uint64_t *snaps1, uint64_t num_snaps1,
1898 const uint64_t *snaps2, uint64_t num_snaps2)
1899{
1900 if (num_snaps1 != num_snaps2)
1901 return (B_FALSE);
1902 for (int i = 0; i < num_snaps1; i++) {
1903 if (!redact_snaps_contains(snaps2, num_snaps2, snaps1[i]))
1904 return (B_FALSE);
1905 }
1906 return (B_TRUE);
1907}
1908
1909/*
1910 * Check that the list of redaction snapshots in the bookmark matches the send
1911 * we're resuming, and return whether or not it's complete.
1912 *
1913 * Note that the caller needs to free the contents of *bookname with free() if
1914 * this function returns successfully.
1915 */
1916static int
1917find_redact_book(libzfs_handle_t *hdl, const char *path,
1918 const uint64_t *redact_snap_guids, int num_redact_snaps,
1919 char **bookname)
1920{
1921 char errbuf[1024];
1922 int error = 0;
1923 nvlist_t *props = fnvlist_alloc();
1924 nvlist_t *bmarks;
1925
1926 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1927 "cannot resume send"));
1928
1929 fnvlist_add_boolean(props, "redact_complete");
1930 fnvlist_add_boolean(props, zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS));
1931 error = lzc_get_bookmarks(path, props, &bmarks);
1932 nvlist_free(props);
1933 if (error != 0) {
1934 if (error == ESRCH) {
1935 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1936 "nonexistent redaction bookmark provided"));
1937 } else if (error == ENOENT) {
1938 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1939 "dataset to be sent no longer exists"));
1940 } else {
1941 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1942 "unknown error: %s"), strerror(error));
1943 }
1944 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1945 }
1946 nvpair_t *pair;
1947 for (pair = nvlist_next_nvpair(bmarks, NULL); pair;
1948 pair = nvlist_next_nvpair(bmarks, pair)) {
1949
1950 nvlist_t *bmark = fnvpair_value_nvlist(pair);
1951 nvlist_t *vallist = fnvlist_lookup_nvlist(bmark,
1952 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS));
1953 uint_t len = 0;
1954 uint64_t *bmarksnaps = fnvlist_lookup_uint64_array(vallist,
1955 ZPROP_VALUE, &len);
1956 if (redact_snaps_equal(redact_snap_guids,
1957 num_redact_snaps, bmarksnaps, len)) {
1958 break;
1959 }
1960 }
1961 if (pair == NULL) {
1962 fnvlist_free(bmarks);
1963 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1964 "no appropriate redaction bookmark exists"));
1965 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1966 }
1967 char *name = nvpair_name(pair);
1968 nvlist_t *bmark = fnvpair_value_nvlist(pair);
1969 nvlist_t *vallist = fnvlist_lookup_nvlist(bmark, "redact_complete");
1970 boolean_t complete = fnvlist_lookup_boolean_value(vallist,
1971 ZPROP_VALUE);
1972 if (!complete) {
1973 fnvlist_free(bmarks);
1974 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1975 "incomplete redaction bookmark provided"));
1976 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1977 }
1978 *bookname = strndup(name, ZFS_MAX_DATASET_NAME_LEN);
1979 ASSERT3P(*bookname, !=, NULL);
1980 fnvlist_free(bmarks);
1981 return (0);
1982}
47dfff3b
MA		 1983
1984int
1985zfs_send_resume(libzfs_handle_t *hdl, sendflags_t *flags, int outfd,
1986 const char *resume_token)
1987{
1988 char errbuf[1024];
1989 char *toname;
1990 char *fromname = NULL;
1991 uint64_t resumeobj, resumeoff, toguid, fromguid, bytes;
1992 zfs_handle_t *zhp;
1993 int error = 0;
eca7b760 1994 char name[ZFS_MAX_DATASET_NAME_LEN];
47dfff3b 1995 enum lzc_send_flags lzc_flags = 0;
30af21b0
PD		 1996 FILE *fout = (flags->verbosity > 0 && flags->dryrun) ? stdout : stderr;
1997 uint64_t *redact_snap_guids = NULL;
1998 int num_redact_snaps = 0;
1999 char *redact_book = NULL;
47dfff3b
MA		 2000
2001 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2002 "cannot resume send"));
2003
2004 nvlist_t *resume_nvl =
2005 zfs_send_resume_token_to_nvlist(hdl, resume_token);
2006 if (resume_nvl == NULL) {
2007 /*
2008 * zfs_error_aux has already been set by
2009 * zfs_send_resume_token_to_nvlist
2010 */
2011 return (zfs_error(hdl, EZFS_FAULT, errbuf));
2012 }
30af21b0 2013 if (flags->verbosity != 0) {
aee1dd4d 2014 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
47dfff3b 2015 "resume token contents:\n"));
aee1dd4d 2016 nvlist_print(fout, resume_nvl);
47dfff3b
MA		 2017 }
2018
2019 if (nvlist_lookup_string(resume_nvl, "toname", &toname) != 0 ||
2020 nvlist_lookup_uint64(resume_nvl, "object", &resumeobj) != 0 ||
2021 nvlist_lookup_uint64(resume_nvl, "offset", &resumeoff) != 0 ||
2022 nvlist_lookup_uint64(resume_nvl, "bytes", &bytes) != 0 ||
2023 nvlist_lookup_uint64(resume_nvl, "toguid", &toguid) != 0) {
2024 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2025 "resume token is corrupt"));
2026 return (zfs_error(hdl, EZFS_FAULT, errbuf));
2027 }
2028 fromguid = 0;
2029 (void) nvlist_lookup_uint64(resume_nvl, "fromguid", &fromguid);
2030
2aa34383
DK		 2031 if (flags->largeblock || nvlist_exists(resume_nvl, "largeblockok"))
2032 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK;
47dfff3b
MA		 2033 if (flags->embed_data || nvlist_exists(resume_nvl, "embedok"))
2034 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA;
2aa34383
DK		 2035 if (flags->compress || nvlist_exists(resume_nvl, "compressok"))
2036 lzc_flags |= LZC_SEND_FLAG_COMPRESS;
b5256303
TC		 2037 if (flags->raw || nvlist_exists(resume_nvl, "rawok"))
2038 lzc_flags |= LZC_SEND_FLAG_RAW;
47dfff3b
MA		 2039
2040 if (guid_to_name(hdl, toname, toguid, B_FALSE, name) != 0) {
2041 if (zfs_dataset_exists(hdl, toname, ZFS_TYPE_DATASET)) {
2042 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2043 "'%s' is no longer the same snapshot used in "
2044 "the initial send"), toname);
2045 } else {
2046 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2047 "'%s' used in the initial send no longer exists"),
2048 toname);
2049 }
2050 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
2051 }
2052 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
2053 if (zhp == NULL) {
2054 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2055 "unable to access '%s'"), name);
2056 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
2057 }
2058
30af21b0
PD		 2059 if (nvlist_lookup_uint64_array(resume_nvl, "book_redact_snaps",
2060 &redact_snap_guids, (uint_t *)&num_redact_snaps) != 0) {
2061 num_redact_snaps = -1;
2062 }
2063
47dfff3b 2064 if (fromguid != 0) {
30af21b0
PD		 2065 if (guid_to_name_redact_snaps(hdl, toname, fromguid, B_TRUE,
2066 redact_snap_guids, num_redact_snaps, name) != 0) {
47dfff3b
MA		 2067 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2068 "incremental source %#llx no longer exists"),
2069 (longlong_t)fromguid);
2070 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
2071 }
2072 fromname = name;
2073 }
2074
30af21b0
PD		 2075 redact_snap_guids = NULL;
2076
2077 if (nvlist_lookup_uint64_array(resume_nvl,
2078 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS), &redact_snap_guids,
2079 (uint_t *)&num_redact_snaps) == 0) {
2080 char path[ZFS_MAX_DATASET_NAME_LEN];
2081
2082 (void) strlcpy(path, toname, sizeof (path));
2083 char *at = strchr(path, '@');
2084 ASSERT3P(at, !=, NULL);
2085
2086 *at = '\0';
2087
2088 if ((error = find_redact_book(hdl, path, redact_snap_guids,
2089 num_redact_snaps, &redact_book)) != 0) {
2090 return (error);
2091 }
2092 }
2093
2094 if (flags->verbosity != 0) {
2095 /*
2096 * Some of these may have come from the resume token, set them
2097 * here for size estimate purposes.
2098 */
2099 sendflags_t tmpflags = *flags;
2100 if (lzc_flags & LZC_SEND_FLAG_LARGE_BLOCK)
2101 tmpflags.largeblock = B_TRUE;
2102 if (lzc_flags & LZC_SEND_FLAG_COMPRESS)
2103 tmpflags.compress = B_TRUE;
2104 if (lzc_flags & LZC_SEND_FLAG_EMBED_DATA)
2105 tmpflags.embed_data = B_TRUE;
2106 error = estimate_size(zhp, fromname, outfd, &tmpflags,
2107 resumeobj, resumeoff, bytes, redact_book, errbuf);
47dfff3b
MA		 2108 }
2109
2110 if (!flags->dryrun) {
2111 progress_arg_t pa = { 0 };
2112 pthread_t tid;
2113 /*
2114 * If progress reporting is requested, spawn a new thread to
2115 * poll ZFS_IOC_SEND_PROGRESS at a regular interval.
2116 */
2117 if (flags->progress) {
2118 pa.pa_zhp = zhp;
2119 pa.pa_fd = outfd;
2120 pa.pa_parsable = flags->parsable;
30af21b0
PD		 2121 pa.pa_estimate = B_FALSE;
2122 pa.pa_verbosity = flags->verbosity;
47dfff3b
MA		 2123
2124 error = pthread_create(&tid, NULL,
2125 send_progress_thread, &pa);
2126 if (error != 0) {
30af21b0
PD		 2127 if (redact_book != NULL)
2128 free(redact_book);
47dfff3b
MA		 2129 zfs_close(zhp);
2130 return (error);
2131 }
2132 }
2133
30af21b0
PD		 2134 error = lzc_send_resume_redacted(zhp->zfs_name, fromname, outfd,
2135 lzc_flags, resumeobj, resumeoff, redact_book);
2136 if (redact_book != NULL)
2137 free(redact_book);
47dfff3b
MA		 2138
2139 if (flags->progress) {
30af21b0 2140 void *status = NULL;
47dfff3b 2141 (void) pthread_cancel(tid);
30af21b0
PD		 2142 (void) pthread_join(tid, &status);
2143 int error = (int)(uintptr_t)status;
2144 if (error != 0 && status != PTHREAD_CANCELED) {
2145 char errbuf[1024];
2146 (void) snprintf(errbuf, sizeof (errbuf),
2147 dgettext(TEXT_DOMAIN,
2148 "progress thread exited nonzero"));
2149 return (zfs_standard_error(hdl, error, errbuf));
2150 }
47dfff3b
MA		 2151 }
2152
2153 char errbuf[1024];
2154 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2155 "warning: cannot send '%s'"), zhp->zfs_name);
2156
2157 zfs_close(zhp);
2158
2159 switch (error) {
2160 case 0:
2161 return (0);
b5256303
TC		 2162 case EACCES:
2163 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2164 "source key must be loaded"));
2165 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
30af21b0
PD		 2166 case ESRCH:
2167 if (lzc_exists(zhp->zfs_name)) {
2168 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2169 "incremental source could not be found"));
2170 }
2171 return (zfs_error(hdl, EZFS_NOENT, errbuf));
b5256303 2172
47dfff3b
MA		 2173 case EXDEV:
2174 case ENOENT:
2175 case EDQUOT:
2176 case EFBIG:
2177 case EIO:
2178 case ENOLINK:
2179 case ENOSPC:
2180 case ENOSTR:
2181 case ENXIO:
2182 case EPIPE:
2183 case ERANGE:
2184 case EFAULT:
2185 case EROFS:
2186 zfs_error_aux(hdl, strerror(errno));
2187 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
2188
2189 default:
2190 return (zfs_standard_error(hdl, errno, errbuf));
2191 }
30af21b0
PD		 2192 } else {
2193 if (redact_book != NULL)
2194 free(redact_book);
47dfff3b
MA		 2195 }
2196
47dfff3b
MA		 2197 zfs_close(zhp);
2198
2199 return (error);
2200}
2201
34dc7c2f 2202/*
30af21b0
PD		 2203 * This function informs the target system that the recursive send is complete.
2204 * The record is also expected in the case of a send -p.
2205 */
2206static int
2207send_conclusion_record(int fd, zio_cksum_t *zc)
2208{
2209 dmu_replay_record_t drr = { 0 };
2210 drr.drr_type = DRR_END;
2211 if (zc != NULL)
2212 drr.drr_u.drr_end.drr_checksum = *zc;
2213 if (write(fd, &drr, sizeof (drr)) == -1) {
2214 return (errno);
2215 }
2216 return (0);
2217}
2218
2219/*
2220 * This function is responsible for sending the records that contain the
2221 * necessary information for the target system's libzfs to be able to set the
2222 * properties of the filesystem being received, or to be able to prepare for
2223 * a recursive receive.
2224 *
2225 * The "zhp" argument is the handle of the snapshot we are sending
2226 * (the "tosnap"). The "from" argument is the short snapshot name (the part
2227 * after the @) of the incremental source.
2228 */
2229static int
2230send_prelim_records(zfs_handle_t *zhp, const char *from, int fd,
2231 boolean_t gather_props, boolean_t recursive, boolean_t verbose,
2232 boolean_t dryrun, boolean_t raw, boolean_t replicate, boolean_t backup,
2233 boolean_t holds, boolean_t props, boolean_t doall,
2234 nvlist_t **fssp, avl_tree_t **fsavlp)
2235{
2236 int err = 0;
2237 char *packbuf = NULL;
2238 size_t buflen = 0;
2239 zio_cksum_t zc = { {0} };
2240 int featureflags = 0;
2241 /* name of filesystem/volume that contains snapshot we are sending */
2242 char tofs[ZFS_MAX_DATASET_NAME_LEN];
2243 /* short name of snap we are sending */
2244 char *tosnap = "";
2245
2246 char errbuf[1024];
2247 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2248 "warning: cannot send '%s'"), zhp->zfs_name);
2249 if (zhp->zfs_type == ZFS_TYPE_FILESYSTEM && zfs_prop_get_int(zhp,
2250 ZFS_PROP_VERSION) >= ZPL_VERSION_SA) {
2251 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL;
2252 }
2253
2254 if (holds)
2255 featureflags |= DMU_BACKUP_FEATURE_HOLDS;
2256
2257 (void) strlcpy(tofs, zhp->zfs_name, ZFS_MAX_DATASET_NAME_LEN);
2258 char *at = strchr(tofs, '@');
2259 if (at != NULL) {
2260 *at = '\0';
2261 tosnap = at + 1;
2262 }
2263
2264 if (gather_props) {
2265 nvlist_t *hdrnv = fnvlist_alloc();
2266 nvlist_t *fss = NULL;
2267
2268 if (from != NULL)
2269 fnvlist_add_string(hdrnv, "fromsnap", from);
2270 fnvlist_add_string(hdrnv, "tosnap", tosnap);
2271 if (!recursive)
2272 fnvlist_add_boolean(hdrnv, "not_recursive");
2273
2274 if (raw) {
2275 VERIFY0(nvlist_add_boolean(hdrnv, "raw"));
2276 }
2277
2278 if ((err = gather_nvlist(zhp->zfs_hdl, tofs,
2279 from, tosnap, recursive, raw, doall, replicate, verbose,
2280 backup, holds, props, &fss, fsavlp)) != 0) {
2281 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2282 errbuf));
2283 }
2284 fnvlist_add_nvlist(hdrnv, "fss", fss);
2285 VERIFY0(nvlist_pack(hdrnv, &packbuf, &buflen, NV_ENCODE_XDR,
2286 0));
2287 if (fssp != NULL) {
2288 *fssp = fss;
2289 } else {
2290 nvlist_free(fss);
2291 }
2292 nvlist_free(hdrnv);
2293 }
2294
2295 if (!dryrun) {
2296 dmu_replay_record_t drr = { 0 };
2297 /* write first begin record */
2298 drr.drr_type = DRR_BEGIN;
2299 drr.drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC;
2300 DMU_SET_STREAM_HDRTYPE(drr.drr_u.drr_begin.
2301 drr_versioninfo, DMU_COMPOUNDSTREAM);
2302 DMU_SET_FEATUREFLAGS(drr.drr_u.drr_begin.
2303 drr_versioninfo, featureflags);
2304 if (snprintf(drr.drr_u.drr_begin.drr_toname,
2305 sizeof (drr.drr_u.drr_begin.drr_toname), "%s@%s", tofs,
2306 tosnap) >= sizeof (drr.drr_u.drr_begin.drr_toname)) {
2307 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2308 errbuf));
2309 }
2310 drr.drr_payloadlen = buflen;
2311
2312 err = dump_record(&drr, packbuf, buflen, &zc, fd);
2313 free(packbuf);
2314 if (err != 0) {
2315 zfs_error_aux(zhp->zfs_hdl, strerror(err));
2316 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2317 errbuf));
2318 }
2319 err = send_conclusion_record(fd, &zc);
2320 if (err != 0) {
2321 zfs_error_aux(zhp->zfs_hdl, strerror(err));
2322 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2323 errbuf));
2324 }
2325 }
2326 return (0);
2327}
2328
2329/*
2330 * Generate a send stream. The "zhp" argument is the filesystem/volume
2331 * that contains the snapshot to send. The "fromsnap" argument is the
2332 * short name (the part after the '@') of the snapshot that is the
2333 * incremental source to send from (if non-NULL). The "tosnap" argument
2334 * is the short name of the snapshot to send.
45d1cae3
BB		 2335 *
2336 * The content of the send stream is the snapshot identified by
2337 * 'tosnap'. Incremental streams are requested in two ways:
2338 * - from the snapshot identified by "fromsnap" (if non-null) or
2339 * - from the origin of the dataset identified by zhp, which must
2340 * be a clone. In this case, "fromsnap" is null and "fromorigin"
2341 * is TRUE.
2342 *
2343 * The send stream is recursive (i.e. dumps a hierarchy of snapshots) and
428870ff 2344 * uses a special header (with a hdrtype field of DMU_COMPOUNDSTREAM)
45d1cae3 2345 * if "replicate" is set. If "doall" is set, dump all the intermediate
428870ff
BB		 2346 * snapshots. The DMU_COMPOUNDSTREAM header is used in the "doall"
2347 * case too. If "props" is set, send properties.
34dc7c2f
BB		 2348 */
2349int
2350zfs_send(zfs_handle_t *zhp, const char *fromsnap, const char *tosnap,
330d06f9 2351 sendflags_t *flags, int outfd, snapfilter_cb_t filter_func,
428870ff 2352 void *cb_arg, nvlist_t **debugnvp)
34dc7c2f
BB		 2353{
2354 char errbuf[1024];
2355 send_dump_data_t sdd = { 0 };
330d06f9 2356 int err = 0;
34dc7c2f
BB		 2357 nvlist_t *fss = NULL;
2358 avl_tree_t *fsavl = NULL;
428870ff
BB		 2359 static uint64_t holdseq;
2360 int spa_version;
95fd54a1 2361 pthread_t tid = 0;
428870ff
BB		 2362 int pipefd[2];
2363 dedup_arg_t dda = { 0 };
2364 int featureflags = 0;
93f6d7e2 2365 FILE *fout;
428870ff 2366
34dc7c2f
BB		 2367 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2368 "cannot send '%s'"), zhp->zfs_name);
2369
2370 if (fromsnap && fromsnap[0] == '\0') {
2371 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
2372 "zero-length incremental source"));
2373 return (zfs_error(zhp->zfs_hdl, EZFS_NOENT, errbuf));
2374 }
2375
572e2857
BB		 2376 if (zhp->zfs_type == ZFS_TYPE_FILESYSTEM) {
2377 uint64_t version;
2378 version = zfs_prop_get_int(zhp, ZFS_PROP_VERSION);
2379 if (version >= ZPL_VERSION_SA) {
2380 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL;
2381 }
2382 }
2383
9c5e88b1
PZ		 2384 if (flags->holds)
2385 featureflags |= DMU_BACKUP_FEATURE_HOLDS;
2386
b5256303
TC		 2387 /*
2388 * Start the dedup thread if this is a dedup stream. We do not bother
2389 * doing this if this a raw send of an encrypted dataset with dedup off
2390 * because normal encrypted blocks won't dedup.
2391 */
2392 if (flags->dedup && !flags->dryrun && !(flags->raw &&
2393 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF &&
2394 zfs_prop_get_int(zhp, ZFS_PROP_DEDUP) == ZIO_CHECKSUM_OFF)) {
428870ff
BB		 2395 featureflags |= (DMU_BACKUP_FEATURE_DEDUP |
2396 DMU_BACKUP_FEATURE_DEDUPPROPS);
23d70cde 2397 if ((err = socketpair(AF_UNIX, SOCK_STREAM, 0, pipefd)) != 0) {
428870ff
BB		 2398 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2399 return (zfs_error(zhp->zfs_hdl, EZFS_PIPEFAILED,
2400 errbuf));
2401 }
2402 dda.outputfd = outfd;
2403 dda.inputfd = pipefd[1];
2404 dda.dedup_hdl = zhp->zfs_hdl;
23d70cde 2405 if ((err = pthread_create(&tid, NULL, cksummer, &dda)) != 0) {
428870ff
BB		 2406 (void) close(pipefd[0]);
2407 (void) close(pipefd[1]);
2408 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2409 return (zfs_error(zhp->zfs_hdl,
2410 EZFS_THREADCREATEFAILED, errbuf));
2411 }
2412 }
2413
9c5e88b1
PZ		 2414 if (flags->replicate || flags->doall || flags->props ||
2415 flags->holds || flags->backup) {
30af21b0
PD		 2416 char full_tosnap_name[ZFS_MAX_DATASET_NAME_LEN];
2417 if (snprintf(full_tosnap_name, sizeof (full_tosnap_name),
2418 "%s@%s", zhp->zfs_name, tosnap) >=
2419 sizeof (full_tosnap_name)) {
2420 err = EINVAL;
2421 goto stderr_out;
34dc7c2f 2422 }
30af21b0
PD		 2423 zfs_handle_t *tosnap = zfs_open(zhp->zfs_hdl,
2424 full_tosnap_name, ZFS_TYPE_SNAPSHOT);
1d20b763 2425 if (tosnap == NULL) {
2426 err = -1;
2427 goto err_out;
2428 }
30af21b0
PD		 2429 err = send_prelim_records(tosnap, fromsnap, outfd,
2430 flags->replicate || flags->props || flags->holds,
2431 flags->replicate, flags->verbosity > 0, flags->dryrun,
2432 flags->raw, flags->replicate, flags->backup, flags->holds,
2433 flags->props, flags->doall, &fss, &fsavl);
2434 zfs_close(tosnap);
2435 if (err != 0)
2436 goto err_out;
34dc7c2f
BB		 2437 }
2438
2439 /* dump each stream */
2440 sdd.fromsnap = fromsnap;
2441 sdd.tosnap = tosnap;
95fd54a1 2442 if (tid != 0)
428870ff
BB		 2443 sdd.outfd = pipefd[0];
2444 else
2445 sdd.outfd = outfd;
330d06f9
MA		 2446 sdd.replicate = flags->replicate;
2447 sdd.doall = flags->doall;
2448 sdd.fromorigin = flags->fromorigin;
34dc7c2f
BB		 2449 sdd.fss = fss;
2450 sdd.fsavl = fsavl;
30af21b0 2451 sdd.verbosity = flags->verbosity;
330d06f9 2452 sdd.parsable = flags->parsable;
37abac6d 2453 sdd.progress = flags->progress;
330d06f9 2454 sdd.dryrun = flags->dryrun;
f1512ee6 2455 sdd.large_block = flags->largeblock;
9b67f605 2456 sdd.embed_data = flags->embed_data;
2aa34383 2457 sdd.compress = flags->compress;
b5256303 2458 sdd.raw = flags->raw;
9c5e88b1 2459 sdd.holds = flags->holds;
428870ff
BB		 2460 sdd.filter_cb = filter_func;
2461 sdd.filter_cb_arg = cb_arg;
2462 if (debugnvp)
2463 sdd.debugnv = *debugnvp;
30af21b0 2464 if (sdd.verbosity != 0 && sdd.dryrun)
93f6d7e2
MJ		 2465 sdd.std_out = B_TRUE;
2466 fout = sdd.std_out ? stdout : stderr;
e956d651
CS		 2467
2468 /*
2469 * Some flags require that we place user holds on the datasets that are
2470 * being sent so they don't get destroyed during the send. We can skip
2471 * this step if the pool is imported read-only since the datasets cannot
2472 * be destroyed.
2473 */
2474 if (!flags->dryrun && !zpool_get_prop_int(zfs_get_pool_handle(zhp),
2475 ZPOOL_PROP_READONLY, NULL) &&
2476 zfs_spa_version(zhp, &spa_version) == 0 &&
2477 spa_version >= SPA_VERSION_USERREFS &&
2478 (flags->doall || flags->replicate)) {
572e2857
BB		 2479 ++holdseq;
2480 (void) snprintf(sdd.holdtag, sizeof (sdd.holdtag),
2481 ".send-%d-%llu", getpid(), (u_longlong_t)holdseq);
73cdcc63 2482 sdd.cleanup_fd = open(ZFS_DEV, O_RDWR|O_EXCL);
572e2857
BB		 2483 if (sdd.cleanup_fd < 0) {
2484 err = errno;
2485 goto stderr_out;
2486 }
95fd54a1 2487 sdd.snapholds = fnvlist_alloc();
572e2857
BB		 2488 } else {
2489 sdd.cleanup_fd = -1;
95fd54a1 2490 sdd.snapholds = NULL;
572e2857 2491 }
9c5e88b1 2492
30af21b0 2493 if (flags->verbosity != 0 || sdd.snapholds != NULL) {
330d06f9
MA		 2494 /*
2495 * Do a verbose no-op dry run to get all the verbose output
95fd54a1
SH		 2496 * or to gather snapshot hold's before generating any data,
2497 * then do a non-verbose real run to generate the streams.
330d06f9
MA		 2498 */
2499 sdd.dryrun = B_TRUE;
2500 err = dump_filesystems(zhp, &sdd);
95fd54a1
SH		 2501
2502 if (err != 0)
2503 goto stderr_out;
2504
30af21b0 2505 if (flags->verbosity != 0) {
95fd54a1 2506 if (flags->parsable) {
93f6d7e2 2507 (void) fprintf(fout, "size\t%llu\n",
95fd54a1
SH		 2508 (longlong_t)sdd.size);
2509 } else {
2510 char buf[16];
e7fbeb60 2511 zfs_nicebytes(sdd.size, buf, sizeof (buf));
93f6d7e2 2512 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
95fd54a1
SH		 2513 "total estimated size is %s\n"), buf);
2514 }
330d06f9 2515 }
95fd54a1
SH		 2516
2517 /* Ensure no snaps found is treated as an error. */
2518 if (!sdd.seento) {
2519 err = ENOENT;
2520 goto err_out;
2521 }
2522
2523 /* Skip the second run if dryrun was requested. */
2524 if (flags->dryrun)
2525 goto err_out;
2526
2527 if (sdd.snapholds != NULL) {
2528 err = zfs_hold_nvl(zhp, sdd.cleanup_fd, sdd.snapholds);
2529 if (err != 0)
2530 goto stderr_out;
2531
2532 fnvlist_free(sdd.snapholds);
2533 sdd.snapholds = NULL;
2534 }
2535
2536 sdd.dryrun = B_FALSE;
30af21b0 2537 sdd.verbosity = 0;
330d06f9 2538 }
95fd54a1 2539
34dc7c2f
BB		 2540 err = dump_filesystems(zhp, &sdd);
2541 fsavl_destroy(fsavl);
2542 nvlist_free(fss);
2543
95fd54a1
SH		 2544 /* Ensure no snaps found is treated as an error. */
2545 if (err == 0 && !sdd.seento)
2546 err = ENOENT;
2547
2548 if (tid != 0) {
2549 if (err != 0)
2550 (void) pthread_cancel(tid);
95fd54a1 2551 (void) close(pipefd[0]);
6389d422 2552 (void) pthread_join(tid, NULL);
428870ff
BB		 2553 }
2554
572e2857
BB		 2555 if (sdd.cleanup_fd != -1) {
2556 VERIFY(0 == close(sdd.cleanup_fd));
2557 sdd.cleanup_fd = -1;
2558 }
2559
330d06f9 2560 if (!flags->dryrun && (flags->replicate || flags->doall ||
9c5e88b1 2561 flags->props || flags->backup || flags->holds)) {
34dc7c2f
BB		 2562 /*
2563 * write final end record. NB: want to do this even if
2564 * there was some error, because it might not be totally
2565 * failed.
2566 */
30af21b0
PD		 2567 err = send_conclusion_record(outfd, NULL);
2568 if (err != 0)
2569 return (zfs_standard_error(zhp->zfs_hdl, err, errbuf));
34dc7c2f
BB		 2570 }
2571
2572 return (err || sdd.err);
428870ff
BB		 2573
2574stderr_out:
2575 err = zfs_standard_error(zhp->zfs_hdl, err, errbuf);
2576err_out:
95fd54a1
SH		 2577 fsavl_destroy(fsavl);
2578 nvlist_free(fss);
2579 fnvlist_free(sdd.snapholds);
2580
572e2857
BB		 2581 if (sdd.cleanup_fd != -1)
2582 VERIFY(0 == close(sdd.cleanup_fd));
95fd54a1 2583 if (tid != 0) {
428870ff 2584 (void) pthread_cancel(tid);
428870ff 2585 (void) close(pipefd[0]);
6389d422 2586 (void) pthread_join(tid, NULL);
428870ff
BB		 2587 }
2588 return (err);
34dc7c2f
BB		 2589}
2590
30af21b0
PD		 2591static int
2592get_dedup_fd(zfs_handle_t *zhp, dedup_arg_t *dda, int fd, pthread_t *tid,
2593 int *outfd)
2594{
2595 int pipefd[2];
2596 char errbuf[1024];
2597 int err;
2598 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2599 "warning: cannot send '%s'"), zhp->zfs_name);
2600 if ((err = socketpair(AF_UNIX, SOCK_STREAM, 0, pipefd)) != 0) {
2601 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2602 return (zfs_error(zhp->zfs_hdl, EZFS_PIPEFAILED,
2603 errbuf));
2604 }
2605 dda->outputfd = fd;
2606 dda->inputfd = pipefd[1];
2607 dda->dedup_hdl = zhp->zfs_hdl;
2608 if ((err = pthread_create(tid, NULL, cksummer, dda)) != 0) {
2609 (void) close(pipefd[0]);
2610 (void) close(pipefd[1]);
2611 zfs_error_aux(zhp->zfs_hdl, strerror(err));
2612 return (zfs_error(zhp->zfs_hdl, EZFS_THREADCREATEFAILED,
2613 errbuf));
2614 }
2615 *outfd = pipefd[0];
2616 return (0);
2617}
2618
2619zfs_handle_t *
2620name_to_dir_handle(libzfs_handle_t *hdl, const char *snapname)
2621{
2622 char dirname[ZFS_MAX_DATASET_NAME_LEN];
2623 (void) strlcpy(dirname, snapname, ZFS_MAX_DATASET_NAME_LEN);
2624 char *c = strchr(dirname, '@');
2625 if (c != NULL)
2626 *c = '\0';
2627 return (zfs_open(hdl, dirname, ZFS_TYPE_DATASET));
2628}
2629
2630/*
2631 * Returns B_TRUE if earlier is an earlier snapshot in later's timeline; either
2632 * an earlier snapshot in the same filesystem, or a snapshot before later's
2633 * origin, or it's origin's origin, etc.
2634 */
2635static boolean_t
2636snapshot_is_before(zfs_handle_t *earlier, zfs_handle_t *later)
2637{
2638 boolean_t ret;
2639 uint64_t later_txg =
2640 (later->zfs_type == ZFS_TYPE_FILESYSTEM ||
2641 later->zfs_type == ZFS_TYPE_VOLUME ?
2642 UINT64_MAX : zfs_prop_get_int(later, ZFS_PROP_CREATETXG));
2643 uint64_t earlier_txg = zfs_prop_get_int(earlier, ZFS_PROP_CREATETXG);
2644
2645 if (earlier_txg >= later_txg)
2646 return (B_FALSE);
2647
2648 zfs_handle_t *earlier_dir = name_to_dir_handle(earlier->zfs_hdl,
2649 earlier->zfs_name);
2650 zfs_handle_t *later_dir = name_to_dir_handle(later->zfs_hdl,
2651 later->zfs_name);
2652
2653 if (strcmp(earlier_dir->zfs_name, later_dir->zfs_name) == 0) {
2654 zfs_close(earlier_dir);
2655 zfs_close(later_dir);
2656 return (B_TRUE);
2657 }
2658
2659 char clonename[ZFS_MAX_DATASET_NAME_LEN];
2660 if (zfs_prop_get(later_dir, ZFS_PROP_ORIGIN, clonename,
2661 ZFS_MAX_DATASET_NAME_LEN, NULL, NULL, 0, B_TRUE) != 0) {
2662 zfs_close(earlier_dir);
2663 zfs_close(later_dir);
2664 return (B_FALSE);
2665 }
2666
2667 zfs_handle_t *origin = zfs_open(earlier->zfs_hdl, clonename,
2668 ZFS_TYPE_DATASET);
2669 uint64_t origin_txg = zfs_prop_get_int(origin, ZFS_PROP_CREATETXG);
2670
2671 /*
2672 * If "earlier" is exactly the origin, then
2673 * snapshot_is_before(earlier, origin) will return false (because
2674 * they're the same).
2675 */
2676 if (origin_txg == earlier_txg &&
2677 strcmp(origin->zfs_name, earlier->zfs_name) == 0) {
2678 zfs_close(earlier_dir);
2679 zfs_close(later_dir);
2680 zfs_close(origin);
2681 return (B_TRUE);
2682 }
2683 zfs_close(earlier_dir);
2684 zfs_close(later_dir);
2685
2686 ret = snapshot_is_before(earlier, origin);
2687 zfs_close(origin);
2688 return (ret);
2689}
2690
2691/*
2692 * The "zhp" argument is the handle of the dataset to send (typically a
2693 * snapshot). The "from" argument is the full name of the snapshot or
2694 * bookmark that is the incremental source.
2695 */
da536844 2696int
30af21b0
PD		 2697zfs_send_one(zfs_handle_t *zhp, const char *from, int fd, sendflags_t *flags,
2698 const char *redactbook)
da536844 2699{
30af21b0 2700 int err;
da536844 2701 libzfs_handle_t *hdl = zhp->zfs_hdl;
30af21b0
PD		 2702 int orig_fd = fd;
2703 pthread_t ddtid, ptid;
2704 progress_arg_t pa = { 0 };
2705 dedup_arg_t dda = { 0 };
2706
da536844 2707 char errbuf[1024];
30af21b0
PD		 2708 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2709 "warning: cannot send '%s'"), zhp->zfs_name);
835db585 2710
30af21b0
PD		 2711 if (from != NULL && strchr(from, '@')) {
2712 zfs_handle_t *from_zhp = zfs_open(hdl, from,
2713 ZFS_TYPE_DATASET);
1d20b763 2714 if (from_zhp == NULL)
2715 return (-1);
30af21b0
PD		 2716 if (!snapshot_is_before(from_zhp, zhp)) {
2717 zfs_close(from_zhp);
2718 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2719 "not an earlier snapshot from the same fs"));
2720 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
2721 }
2722 zfs_close(from_zhp);
2723 }
835db585 2724
30af21b0
PD		 2725 /*
2726 * Send fs properties
2727 */
2728 if (flags->props || flags->holds || flags->backup) {
2729 /*
2730 * Note: the header generated by send_prelim_records()
2731 * assumes that the incremental source is in the same
2732 * filesystem/volume as the target (which is a requirement
2733 * when doing "zfs send -R"). But that isn't always the
2734 * case here (e.g. send from snap in origin, or send from
2735 * bookmark). We pass from=NULL, which will omit this
2736 * information from the prelim records; it isn't used
2737 * when receiving this type of stream.
2738 */
2739 err = send_prelim_records(zhp, NULL, fd, B_TRUE, B_FALSE,
2740 flags->verbosity > 0, flags->dryrun, flags->raw,
2741 flags->replicate, flags->backup, flags->holds,
2742 flags->props, flags->doall, NULL, NULL);
2743 if (err != 0)
2744 return (err);
2745 }
2746
2747 /*
2748 * Perform size estimate if verbose was specified.
2749 */
2750 if (flags->verbosity != 0) {
2751 err = estimate_size(zhp, from, fd, flags, 0, 0, 0, redactbook,
2752 errbuf);
2753 if (err != 0)
2754 return (err);
2755 }
2756
2757 if (flags->dryrun)
2758 return (0);
2759
2760 /*
2761 * If deduplication is requested, spawn a thread that will deduplicate
2762 * the data coming out of the kernel.
2763 */
2764 if (flags->dedup) {
2765 err = get_dedup_fd(zhp, &dda, fd, &ddtid, &fd);
2766 if (err != 0)
2767 return (err);
2768 }
2769
2770 /*
2771 * If progress reporting is requested, spawn a new thread to poll
2772 * ZFS_IOC_SEND_PROGRESS at a regular interval.
2773 */
2774 if (flags->progress) {
2775 pa.pa_zhp = zhp;
2776 pa.pa_fd = fd;
2777 pa.pa_parsable = flags->parsable;
2778 pa.pa_estimate = B_FALSE;
2779 pa.pa_verbosity = flags->verbosity;
2780
2781 err = pthread_create(&ptid, NULL,
2782 send_progress_thread, &pa);
2783 if (err != 0) {
2784 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2785 if (flags->dedup) {
2786 (void) pthread_cancel(ddtid);
2787 (void) close(fd);
2788 (void) pthread_join(ddtid, NULL);
2789 }
2790 return (zfs_error(zhp->zfs_hdl,
2791 EZFS_THREADCREATEFAILED, errbuf));
835db585 2792 }
2793 }
2794
30af21b0
PD		 2795 err = lzc_send_redacted(zhp->zfs_name, from, fd,
2796 lzc_flags_from_sendflags(flags), redactbook);
835db585 2797
30af21b0
PD		 2798 if (flags->progress) {
2799 void *status = NULL;
2800 if (err != 0)
2801 (void) pthread_cancel(ptid);
2802 (void) pthread_join(ptid, &status);
2803 int error = (int)(uintptr_t)status;
2804 if (error != 0 && status != PTHREAD_CANCELED) {
2805 char errbuf[1024];
2806 (void) snprintf(errbuf, sizeof (errbuf),
2807 dgettext(TEXT_DOMAIN, "progress thread exited "
2808 "nonzero"));
2809 return (zfs_standard_error(hdl, error, errbuf));
2810 }
2811 }
2812 if (flags->dedup) {
2813 if (err != 0)
2814 (void) pthread_cancel(ddtid);
2815 (void) close(fd);
2816 (void) pthread_join(ddtid, NULL);
2817 }
da536844 2818
30af21b0
PD		 2819 if (flags->props || flags->holds || flags->backup) {
2820 /* Write the final end record. */
2821 err = send_conclusion_record(orig_fd, NULL);
2822 if (err != 0)
2823 return (zfs_standard_error(hdl, err, errbuf));
2824 }
da536844
MA		 2825 if (err != 0) {
2826 switch (errno) {
2827 case EXDEV:
2828 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2829 "not an earlier snapshot from the same fs"));
2830 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
2831
2832 case ENOENT:
2833 case ESRCH:
2834 if (lzc_exists(zhp->zfs_name)) {
2835 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2836 "incremental source (%s) does not exist"),
2837 from);
2838 }
2839 return (zfs_error(hdl, EZFS_NOENT, errbuf));
2840
b5256303
TC		 2841 case EACCES:
2842 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2843 "dataset key must be loaded"));
2844 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
2845
da536844
MA		 2846 case EBUSY:
2847 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2848 "target is busy; if a filesystem, "
2849 "it must not be mounted"));
2850 return (zfs_error(hdl, EZFS_BUSY, errbuf));
2851
2852 case EDQUOT:
2853 case EFBIG:
2854 case EIO:
2855 case ENOLINK:
2856 case ENOSPC:
2857 case ENOSTR:
2858 case ENXIO:
2859 case EPIPE:
2860 case ERANGE:
2861 case EFAULT:
2862 case EROFS:
2863 zfs_error_aux(hdl, strerror(errno));
2864 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
2865
2866 default:
2867 return (zfs_standard_error(hdl, errno, errbuf));
2868 }
2869 }
2870 return (err != 0);
2871}
2872
34dc7c2f
BB		 2873/*
2874 * Routines specific to "zfs recv"
2875 */
2876
2877static int
2878recv_read(libzfs_handle_t *hdl, int fd, void *buf, int ilen,
2879 boolean_t byteswap, zio_cksum_t *zc)
2880{
2881 char *cp = buf;
2882 int rv;
2883 int len = ilen;
2884
37f8a883
MA		 2885 assert(ilen <= SPA_MAXBLOCKSIZE);
2886
34dc7c2f
BB		 2887 do {
2888 rv = read(fd, cp, len);
2889 cp += rv;
2890 len -= rv;
2891 } while (rv > 0);
2892
2893 if (rv < 0 || len != 0) {
2894 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2895 "failed to read from stream"));
2896 return (zfs_error(hdl, EZFS_BADSTREAM, dgettext(TEXT_DOMAIN,
2897 "cannot receive")));
2898 }
2899
2900 if (zc) {
2901 if (byteswap)
2902 fletcher_4_incremental_byteswap(buf, ilen, zc);
2903 else
2904 fletcher_4_incremental_native(buf, ilen, zc);
2905 }
2906 return (0);
2907}
2908
2909static int
2910recv_read_nvlist(libzfs_handle_t *hdl, int fd, int len, nvlist_t **nvp,
2911 boolean_t byteswap, zio_cksum_t *zc)
2912{
2913 char *buf;
2914 int err;
2915
2916 buf = zfs_alloc(hdl, len);
2917 if (buf == NULL)
2918 return (ENOMEM);
2919
2920 err = recv_read(hdl, fd, buf, len, byteswap, zc);
2921 if (err != 0) {
2922 free(buf);
2923 return (err);
2924 }
2925
2926 err = nvlist_unpack(buf, len, nvp, 0);
2927 free(buf);
2928 if (err != 0) {
2929 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
2930 "stream (malformed nvlist)"));
2931 return (EINVAL);
2932 }
2933 return (0);
2934}
2935
b5256303
TC		 2936/*
2937 * Returns the grand origin (origin of origin of origin...) of a given handle.
2938 * If this dataset is not a clone, it simply returns a copy of the original
2939 * handle.
2940 */
2941static zfs_handle_t *
2942recv_open_grand_origin(zfs_handle_t *zhp)
2943{
2944 char origin[ZFS_MAX_DATASET_NAME_LEN];
2945 zprop_source_t src;
2946 zfs_handle_t *ozhp = zfs_handle_dup(zhp);
2947
2948 while (ozhp != NULL) {
2949 if (zfs_prop_get(ozhp, ZFS_PROP_ORIGIN, origin,
2950 sizeof (origin), &src, NULL, 0, B_FALSE) != 0)
2951 break;
2952
2953 (void) zfs_close(ozhp);
2954 ozhp = zfs_open(zhp->zfs_hdl, origin, ZFS_TYPE_FILESYSTEM);
2955 }
2956
2957 return (ozhp);
2958}
2959
2960static int
dc1c630b 2961recv_rename_impl(zfs_handle_t *zhp, const char *name, const char *newname)
b5256303
TC		 2962{
2963 int err;
2964 zfs_handle_t *ozhp = NULL;
2965
2966 /*
2967 * Attempt to rename the dataset. If it fails with EACCES we have
2968 * attempted to rename the dataset outside of its encryption root.
2969 * Force the dataset to become an encryption root and try again.
2970 */
dc1c630b 2971 err = lzc_rename(name, newname);
b5256303
TC		 2972 if (err == EACCES) {
2973 ozhp = recv_open_grand_origin(zhp);
2974 if (ozhp == NULL) {
2975 err = ENOENT;
2976 goto out;
2977 }
2978
2979 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY,
2980 NULL, NULL, 0);
2981 if (err != 0)
2982 goto out;
2983
dc1c630b 2984 err = lzc_rename(name, newname);
b5256303
TC		 2985 }
2986
2987out:
2988 if (ozhp != NULL)
2989 zfs_close(ozhp);
2990 return (err);
2991}
2992
34dc7c2f
BB		 2993static int
2994recv_rename(libzfs_handle_t *hdl, const char *name, const char *tryname,
330d06f9 2995 int baselen, char *newname, recvflags_t *flags)
34dc7c2f
BB		 2996{
2997 static int seq;
34dc7c2f 2998 int err;
b5256303
TC		 2999 prop_changelist_t *clp = NULL;
3000 zfs_handle_t *zhp = NULL;
34dc7c2f
BB		 3001
3002 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
b5256303
TC		 3003 if (zhp == NULL) {
3004 err = -1;
3005 goto out;
3006 }
b128c09f 3007 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
330d06f9 3008 flags->force ? MS_FORCE : 0);
b5256303
TC		 3009 if (clp == NULL) {
3010 err = -1;
3011 goto out;
3012 }
34dc7c2f
BB		 3013 err = changelist_prefix(clp);
3014 if (err)
b5256303 3015 goto out;
34dc7c2f
BB		 3016
3017 if (tryname) {
3018 (void) strcpy(newname, tryname);
330d06f9 3019 if (flags->verbose) {
34dc7c2f 3020 (void) printf("attempting rename %s to %s\n",
dc1c630b 3021 name, newname);
34dc7c2f 3022 }
dc1c630b 3023 err = recv_rename_impl(zhp, name, newname);
34dc7c2f
BB		 3024 if (err == 0)
3025 changelist_rename(clp, name, tryname);
3026 } else {
3027 err = ENOENT;
3028 }
3029
13fe0198 3030 if (err != 0 && strncmp(name + baselen, "recv-", 5) != 0) {
34dc7c2f
BB		 3031 seq++;
3032
eca7b760
IK		 3033 (void) snprintf(newname, ZFS_MAX_DATASET_NAME_LEN,
3034 "%.*srecv-%u-%u", baselen, name, getpid(), seq);
34dc7c2f 3035
330d06f9 3036 if (flags->verbose) {
34dc7c2f 3037 (void) printf("failed - trying rename %s to %s\n",
dc1c630b 3038 name, newname);
34dc7c2f 3039 }
dc1c630b 3040 err = recv_rename_impl(zhp, name, newname);
34dc7c2f
BB		 3041 if (err == 0)
3042 changelist_rename(clp, name, newname);
330d06f9 3043 if (err && flags->verbose) {
34dc7c2f
BB		 3044 (void) printf("failed (%u) - "
3045 "will try again on next pass\n", errno);
3046 }
3047 err = EAGAIN;
330d06f9 3048 } else if (flags->verbose) {
34dc7c2f
BB		 3049 if (err == 0)
3050 (void) printf("success\n");
3051 else
3052 (void) printf("failed (%u)\n", errno);
3053 }
3054
3055 (void) changelist_postfix(clp);
b5256303
TC		 3056
3057out:
3058 if (clp != NULL)
3059 changelist_free(clp);
3060 if (zhp != NULL)
3061 zfs_close(zhp);
3062
3063 return (err);
3064}
3065
3066static int
3067recv_promote(libzfs_handle_t *hdl, const char *fsname,
3068 const char *origin_fsname, recvflags_t *flags)
3069{
3070 int err;
3071 zfs_cmd_t zc = {"\0"};
3072 zfs_handle_t *zhp = NULL, *ozhp = NULL;
3073
3074 if (flags->verbose)
3075 (void) printf("promoting %s\n", fsname);
3076
3077 (void) strlcpy(zc.zc_value, origin_fsname, sizeof (zc.zc_value));
3078 (void) strlcpy(zc.zc_name, fsname, sizeof (zc.zc_name));
3079
3080 /*
3081 * Attempt to promote the dataset. If it fails with EACCES the
3082 * promotion would cause this dataset to leave its encryption root.
3083 * Force the origin to become an encryption root and try again.
3084 */
3085 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
3086 if (err == EACCES) {
3087 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET);
3088 if (zhp == NULL) {
3089 err = -1;
3090 goto out;
3091 }
3092
3093 ozhp = recv_open_grand_origin(zhp);
3094 if (ozhp == NULL) {
3095 err = -1;
3096 goto out;
3097 }
3098
3099 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY,
3100 NULL, NULL, 0);
3101 if (err != 0)
3102 goto out;
3103
3104 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
3105 }
3106
3107out:
3108 if (zhp != NULL)
3109 zfs_close(zhp);
3110 if (ozhp != NULL)
3111 zfs_close(ozhp);
34dc7c2f
BB		 3112
3113 return (err);
3114}
3115
3116static int
3117recv_destroy(libzfs_handle_t *hdl, const char *name, int baselen,
330d06f9 3118 char *newname, recvflags_t *flags)
34dc7c2f 3119{
34dc7c2f
BB		 3120 int err = 0;
3121 prop_changelist_t *clp;
3122 zfs_handle_t *zhp;
45d1cae3
BB		 3123 boolean_t defer = B_FALSE;
3124 int spa_version;
34dc7c2f
BB		 3125
3126 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
3127 if (zhp == NULL)
3128 return (-1);
b128c09f 3129 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
330d06f9 3130 flags->force ? MS_FORCE : 0);
45d1cae3
BB		 3131 if (zfs_get_type(zhp) == ZFS_TYPE_SNAPSHOT &&
3132 zfs_spa_version(zhp, &spa_version) == 0 &&
3133 spa_version >= SPA_VERSION_USERREFS)
3134 defer = B_TRUE;
34dc7c2f
BB		 3135 zfs_close(zhp);
3136 if (clp == NULL)
3137 return (-1);
3138 err = changelist_prefix(clp);
3139 if (err)
3140 return (err);
3141
330d06f9 3142 if (flags->verbose)
dc1c630b
AG		 3143 (void) printf("attempting destroy %s\n", name);
3144 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) {
3145 nvlist_t *nv = fnvlist_alloc();
3146 fnvlist_add_boolean(nv, name);
3147 err = lzc_destroy_snaps(nv, defer, NULL);
3148 fnvlist_free(nv);
3149 } else {
3150 err = lzc_destroy(name);
3151 }
34dc7c2f 3152 if (err == 0) {
330d06f9 3153 if (flags->verbose)
34dc7c2f 3154 (void) printf("success\n");
dc1c630b 3155 changelist_remove(clp, name);
34dc7c2f
BB		 3156 }
3157
3158 (void) changelist_postfix(clp);
3159 changelist_free(clp);
3160
45d1cae3 3161 /*
428870ff
BB		 3162 * Deferred destroy might destroy the snapshot or only mark it to be
3163 * destroyed later, and it returns success in either case.
45d1cae3 3164 */
428870ff
BB		 3165 if (err != 0 || (defer && zfs_dataset_exists(hdl, name,
3166 ZFS_TYPE_SNAPSHOT))) {
34dc7c2f 3167 err = recv_rename(hdl, name, NULL, baselen, newname, flags);
428870ff 3168 }
34dc7c2f
BB		 3169
3170 return (err);
3171}
3172
3173typedef struct guid_to_name_data {
3174 uint64_t guid;
47dfff3b 3175 boolean_t bookmark_ok;
34dc7c2f 3176 char *name;
330d06f9 3177 char *skip;
30af21b0
PD		 3178 uint64_t *redact_snap_guids;
3179 uint64_t num_redact_snaps;
34dc7c2f
BB		 3180} guid_to_name_data_t;
3181
30af21b0
PD		 3182boolean_t
3183redact_snaps_match(zfs_handle_t *zhp, guid_to_name_data_t *gtnd)
3184{
3185 uint64_t *bmark_snaps;
3186 uint_t bmark_num_snaps;
3187 nvlist_t *nvl;
3188 if (zhp->zfs_type != ZFS_TYPE_BOOKMARK)
3189 return (B_FALSE);
3190
3191 nvl = fnvlist_lookup_nvlist(zhp->zfs_props,
3192 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS));
3193 bmark_snaps = fnvlist_lookup_uint64_array(nvl, ZPROP_VALUE,
3194 &bmark_num_snaps);
3195 if (bmark_num_snaps != gtnd->num_redact_snaps)
3196 return (B_FALSE);
3197 int i = 0;
3198 for (; i < bmark_num_snaps; i++) {
3199 int j = 0;
3200 for (; j < bmark_num_snaps; j++) {
3201 if (bmark_snaps[i] == gtnd->redact_snap_guids[j])
3202 break;
3203 }
3204 if (j == bmark_num_snaps)
3205 break;
3206 }
3207 return (i == bmark_num_snaps);
3208}
3209
34dc7c2f
BB		 3210static int
3211guid_to_name_cb(zfs_handle_t *zhp, void *arg)
3212{
3213 guid_to_name_data_t *gtnd = arg;
47dfff3b 3214 const char *slash;
34dc7c2f
BB		 3215 int err;
3216
330d06f9 3217 if (gtnd->skip != NULL &&
47dfff3b
MA		 3218 (slash = strrchr(zhp->zfs_name, '/')) != NULL &&
3219 strcmp(slash + 1, gtnd->skip) == 0) {
3220 zfs_close(zhp);
330d06f9
MA		 3221 return (0);
3222 }
3223
30af21b0
PD		 3224 if (zfs_prop_get_int(zhp, ZFS_PROP_GUID) == gtnd->guid &&
3225 (gtnd->num_redact_snaps == -1 || redact_snaps_match(zhp, gtnd))) {
34dc7c2f 3226 (void) strcpy(gtnd->name, zhp->zfs_name);
428870ff 3227 zfs_close(zhp);
34dc7c2f
BB		 3228 return (EEXIST);
3229 }
330d06f9 3230
34dc7c2f 3231 err = zfs_iter_children(zhp, guid_to_name_cb, gtnd);
47dfff3b
MA		 3232 if (err != EEXIST && gtnd->bookmark_ok)
3233 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, gtnd);
34dc7c2f
BB		 3234 zfs_close(zhp);
3235 return (err);
3236}
3237
330d06f9
MA		 3238/*
3239 * Attempt to find the local dataset associated with this guid. In the case of
3240 * multiple matches, we attempt to find the "best" match by searching
3241 * progressively larger portions of the hierarchy. This allows one to send a
3242 * tree of datasets individually and guarantee that we will find the source
3243 * guid within that hierarchy, even if there are multiple matches elsewhere.
30af21b0
PD		 3244 *
3245 * If num_redact_snaps is not -1, we attempt to find a redaction bookmark with
3246 * the specified number of redaction snapshots. If num_redact_snaps isn't 0 or
3247 * -1, then redact_snap_guids will be an array of the guids of the snapshots the
3248 * redaction bookmark was created with. If num_redact_snaps is -1, then we will
3249 * attempt to find a snapshot or bookmark (if bookmark_ok is passed) with the
3250 * given guid. Note that a redaction bookmark can be returned if
3251 * num_redact_snaps == -1.
330d06f9 3252 */
34dc7c2f 3253static int
30af21b0
PD		 3254guid_to_name_redact_snaps(libzfs_handle_t *hdl, const char *parent,
3255 uint64_t guid, boolean_t bookmark_ok, uint64_t *redact_snap_guids,
3256 uint64_t num_redact_snaps, char *name)
34dc7c2f 3257{
eca7b760 3258 char pname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 3259 guid_to_name_data_t gtnd;
34dc7c2f
BB		 3260
3261 gtnd.guid = guid;
47dfff3b 3262 gtnd.bookmark_ok = bookmark_ok;
34dc7c2f 3263 gtnd.name = name;
330d06f9 3264 gtnd.skip = NULL;
30af21b0
PD		 3265 gtnd.redact_snap_guids = redact_snap_guids;
3266 gtnd.num_redact_snaps = num_redact_snaps;
34dc7c2f 3267
330d06f9 3268 /*
47dfff3b
MA		 3269 * Search progressively larger portions of the hierarchy, starting
3270 * with the filesystem specified by 'parent'. This will
330d06f9
MA		 3271 * select the "most local" version of the origin snapshot in the case
3272 * that there are multiple matching snapshots in the system.
3273 */
47dfff3b
MA		 3274 (void) strlcpy(pname, parent, sizeof (pname));
3275 char *cp = strrchr(pname, '@');
3276 if (cp == NULL)
3277 cp = strchr(pname, '\0');
3278 for (; cp != NULL; cp = strrchr(pname, '/')) {
330d06f9 3279 /* Chop off the last component and open the parent */
34dc7c2f 3280 *cp = '\0';
47dfff3b 3281 zfs_handle_t *zhp = make_dataset_handle(hdl, pname);
330d06f9
MA		 3282
3283 if (zhp == NULL)
3284 continue;
47dfff3b
MA		 3285 int err = guid_to_name_cb(zfs_handle_dup(zhp), &gtnd);
3286 if (err != EEXIST)
3287 err = zfs_iter_children(zhp, guid_to_name_cb, &gtnd);
3288 if (err != EEXIST && bookmark_ok)
3289 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, &gtnd);
34dc7c2f 3290 zfs_close(zhp);
330d06f9
MA		 3291 if (err == EEXIST)
3292 return (0);
34dc7c2f 3293
330d06f9 3294 /*
47dfff3b
MA		 3295 * Remember the last portion of the dataset so we skip it next
3296 * time through (as we've already searched that portion of the
3297 * hierarchy).
330d06f9 3298 */
47dfff3b 3299 gtnd.skip = strrchr(pname, '/') + 1;
330d06f9 3300 }
34dc7c2f 3301
330d06f9 3302 return (ENOENT);
34dc7c2f
BB		 3303}
3304
30af21b0
PD		 3305static int
3306guid_to_name(libzfs_handle_t *hdl, const char *parent, uint64_t guid,
3307 boolean_t bookmark_ok, char *name)
3308{
3309 return (guid_to_name_redact_snaps(hdl, parent, guid, bookmark_ok, NULL,
3310 -1, name));
3311}
3312
34dc7c2f 3313/*
330d06f9
MA		 3314 * Return +1 if guid1 is before guid2, 0 if they are the same, and -1 if
3315 * guid1 is after guid2.
34dc7c2f
BB		 3316 */
3317static int
3318created_before(libzfs_handle_t *hdl, avl_tree_t *avl,
3319 uint64_t guid1, uint64_t guid2)
3320{
3321 nvlist_t *nvfs;
98401d23 3322 char *fsname = NULL, *snapname = NULL;
eca7b760 3323 char buf[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 3324 int rv;
330d06f9
MA		 3325 zfs_handle_t *guid1hdl, *guid2hdl;
3326 uint64_t create1, create2;
34dc7c2f
BB		 3327
3328 if (guid2 == 0)
3329 return (0);
3330 if (guid1 == 0)
3331 return (1);
3332
3333 nvfs = fsavl_find(avl, guid1, &snapname);
3334 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
3335 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname);
330d06f9
MA		 3336 guid1hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT);
3337 if (guid1hdl == NULL)
34dc7c2f
BB		 3338 return (-1);
3339
3340 nvfs = fsavl_find(avl, guid2, &snapname);
3341 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
3342 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname);
330d06f9
MA		 3343 guid2hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT);
3344 if (guid2hdl == NULL) {
3345 zfs_close(guid1hdl);
34dc7c2f
BB		 3346 return (-1);
3347 }
3348
330d06f9
MA		 3349 create1 = zfs_prop_get_int(guid1hdl, ZFS_PROP_CREATETXG);
3350 create2 = zfs_prop_get_int(guid2hdl, ZFS_PROP_CREATETXG);
34dc7c2f 3351
330d06f9
MA		 3352 if (create1 < create2)
3353 rv = -1;
3354 else if (create1 > create2)
3355 rv = +1;
3356 else
3357 rv = 0;
3358
3359 zfs_close(guid1hdl);
3360 zfs_close(guid2hdl);
34dc7c2f
BB		 3361
3362 return (rv);
3363}
3364
b5256303 3365/*
83472fab 3366 * This function reestablishes the hierarchy of encryption roots after a
b5256303
TC		 3367 * recursive incremental receive has completed. This must be done after the
3368 * second call to recv_incremental_replication() has renamed and promoted all
83472fab 3369 * sent datasets to their final locations in the dataset hierarchy.
b5256303
TC		 3370 */
3371static int
bb61cc31 3372recv_fix_encryption_hierarchy(libzfs_handle_t *hdl, const char *top_zfs,
b5256303
TC		 3373 nvlist_t *stream_nv, avl_tree_t *stream_avl)
3374{
3375 int err;
3376 nvpair_t *fselem = NULL;
3377 nvlist_t *stream_fss;
3378
3379 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss", &stream_fss));
3380
3381 while ((fselem = nvlist_next_nvpair(stream_fss, fselem)) != NULL) {
3382 zfs_handle_t *zhp = NULL;
3383 uint64_t crypt;
3384 nvlist_t *snaps, *props, *stream_nvfs = NULL;
3385 nvpair_t *snapel = NULL;
3386 boolean_t is_encroot, is_clone, stream_encroot;
3387 char *cp;
3388 char *stream_keylocation = NULL;
3389 char keylocation[MAXNAMELEN];
3390 char fsname[ZFS_MAX_DATASET_NAME_LEN];
3391
3392 keylocation[0] = '\0';
3393 VERIFY(0 == nvpair_value_nvlist(fselem, &stream_nvfs));
3394 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "snaps", &snaps));
3395 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "props", &props));
3396 stream_encroot = nvlist_exists(stream_nvfs, "is_encroot");
3397
3398 /* find a snapshot from the stream that exists locally */
3399 err = ENOENT;
3400 while ((snapel = nvlist_next_nvpair(snaps, snapel)) != NULL) {
3401 uint64_t guid;
3402
3403 VERIFY(0 == nvpair_value_uint64(snapel, &guid));
bb61cc31 3404 err = guid_to_name(hdl, top_zfs, guid, B_FALSE,
b5256303
TC		 3405 fsname);
3406 if (err == 0)
3407 break;
3408 }
3409
3410 if (err != 0)
3411 continue;
3412
3413 cp = strchr(fsname, '@');
3414 if (cp != NULL)
3415 *cp = '\0';
3416
3417 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET);
3418 if (zhp == NULL) {
3419 err = ENOENT;
3420 goto error;
3421 }
3422
3423 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION);
3424 is_clone = zhp->zfs_dmustats.dds_origin[0] != '\0';
3425 (void) zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL);
3426
da689887 3427 /* we don't need to do anything for unencrypted datasets */
b5256303
TC		 3428 if (crypt == ZIO_CRYPT_OFF) {
3429 zfs_close(zhp);
3430 continue;
3431 }
3432
3433 /*
3434 * If the dataset is flagged as an encryption root, was not
3435 * received as a clone and is not currently an encryption root,
3436 * force it to become one. Fixup the keylocation if necessary.
3437 */
3438 if (stream_encroot) {
3439 if (!is_clone && !is_encroot) {
3440 err = lzc_change_key(fsname,
3441 DCP_CMD_FORCE_NEW_KEY, NULL, NULL, 0);
3442 if (err != 0) {
3443 zfs_close(zhp);
3444 goto error;
3445 }
3446 }
3447
3448 VERIFY(0 == nvlist_lookup_string(props,
3449 zfs_prop_to_name(ZFS_PROP_KEYLOCATION),
3450 &stream_keylocation));
3451
3452 /*
3453 * Refresh the properties in case the call to
3454 * lzc_change_key() changed the value.
3455 */
3456 zfs_refresh_properties(zhp);
3457 err = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION,
3458 keylocation, sizeof (keylocation), NULL, NULL,
3459 0, B_TRUE);
3460 if (err != 0) {
3461 zfs_close(zhp);
3462 goto error;
3463 }
3464
3465 if (strcmp(keylocation, stream_keylocation) != 0) {
3466 err = zfs_prop_set(zhp,
3467 zfs_prop_to_name(ZFS_PROP_KEYLOCATION),
3468 stream_keylocation);
3469 if (err != 0) {
3470 zfs_close(zhp);
3471 goto error;
3472 }
3473 }
3474 }
3475
3476 /*
3477 * If the dataset is not flagged as an encryption root and is
3478 * currently an encryption root, force it to inherit from its
4807c0ba
TC		 3479 * parent. The root of a raw send should never be
3480 * force-inherited.
b5256303 3481 */
4807c0ba
TC		 3482 if (!stream_encroot && is_encroot &&
3483 strcmp(top_zfs, fsname) != 0) {
b5256303
TC		 3484 err = lzc_change_key(fsname, DCP_CMD_FORCE_INHERIT,
3485 NULL, NULL, 0);
3486 if (err != 0) {
3487 zfs_close(zhp);
3488 goto error;
3489 }
3490 }
3491
3492 zfs_close(zhp);
3493 }
3494
3495 return (0);
3496
3497error:
3498 return (err);
3499}
3500
34dc7c2f
BB		 3501static int
3502recv_incremental_replication(libzfs_handle_t *hdl, const char *tofs,
330d06f9 3503 recvflags_t *flags, nvlist_t *stream_nv, avl_tree_t *stream_avl,
428870ff 3504 nvlist_t *renamed)
34dc7c2f 3505{
7509a3d2 3506 nvlist_t *local_nv, *deleted = NULL;
34dc7c2f
BB		 3507 avl_tree_t *local_avl;
3508 nvpair_t *fselem, *nextfselem;
428870ff 3509 char *fromsnap;
eca7b760 3510 char newname[ZFS_MAX_DATASET_NAME_LEN];
7509a3d2 3511 char guidname[32];
34dc7c2f 3512 int error;
428870ff
BB		 3513 boolean_t needagain, progress, recursive;
3514 char *s1, *s2;
34dc7c2f
BB		 3515
3516 VERIFY(0 == nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap));
428870ff
BB		 3517
3518 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
3519 ENOENT);
34dc7c2f 3520
330d06f9 3521 if (flags->dryrun)
34dc7c2f
BB		 3522 return (0);
3523
3524again:
3525 needagain = progress = B_FALSE;
3526
7509a3d2 3527 VERIFY(0 == nvlist_alloc(&deleted, NV_UNIQUE_NAME, 0));
3528
34dc7c2f 3529 if ((error = gather_nvlist(hdl, tofs, fromsnap, NULL,
f94b3cbf
TC		 3530 recursive, B_TRUE, B_FALSE, recursive, B_FALSE, B_FALSE,
3531 B_FALSE, B_TRUE, &local_nv, &local_avl)) != 0)
34dc7c2f
BB		 3532 return (error);
3533
3534 /*
3535 * Process deletes and renames
3536 */
3537 for (fselem = nvlist_next_nvpair(local_nv, NULL);
3538 fselem; fselem = nextfselem) {
3539 nvlist_t *nvfs, *snaps;
3540 nvlist_t *stream_nvfs = NULL;
3541 nvpair_t *snapelem, *nextsnapelem;
3542 uint64_t fromguid = 0;
3543 uint64_t originguid = 0;
3544 uint64_t stream_originguid = 0;
3545 uint64_t parent_fromsnap_guid, stream_parent_fromsnap_guid;
3546 char *fsname, *stream_fsname;
3547
3548 nextfselem = nvlist_next_nvpair(local_nv, fselem);
3549
3550 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs));
3551 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps));
3552 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
3553 VERIFY(0 == nvlist_lookup_uint64(nvfs, "parentfromsnap",
3554 &parent_fromsnap_guid));
3555 (void) nvlist_lookup_uint64(nvfs, "origin", &originguid);
3556
3557 /*
3558 * First find the stream's fs, so we can check for
3559 * a different origin (due to "zfs promote")
3560 */
3561 for (snapelem = nvlist_next_nvpair(snaps, NULL);
3562 snapelem; snapelem = nvlist_next_nvpair(snaps, snapelem)) {
3563 uint64_t thisguid;
3564
3565 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid));
3566 stream_nvfs = fsavl_find(stream_avl, thisguid, NULL);
3567
3568 if (stream_nvfs != NULL)
3569 break;
3570 }
3571
3572 /* check for promote */
3573 (void) nvlist_lookup_uint64(stream_nvfs, "origin",
3574 &stream_originguid);
3575 if (stream_nvfs && originguid != stream_originguid) {
3576 switch (created_before(hdl, local_avl,
3577 stream_originguid, originguid)) {
3578 case 1: {
3579 /* promote it! */
34dc7c2f
BB		 3580 nvlist_t *origin_nvfs;
3581 char *origin_fsname;
3582
34dc7c2f
BB		 3583 origin_nvfs = fsavl_find(local_avl, originguid,
3584 NULL);
3585 VERIFY(0 == nvlist_lookup_string(origin_nvfs,
3586 "name", &origin_fsname));
b5256303
TC		 3587 error = recv_promote(hdl, fsname, origin_fsname,
3588 flags);
34dc7c2f
BB		 3589 if (error == 0)
3590 progress = B_TRUE;
3591 break;
3592 }
3593 default:
3594 break;
3595 case -1:
3596 fsavl_destroy(local_avl);
3597 nvlist_free(local_nv);
3598 return (-1);
3599 }
3600 /*
3601 * We had/have the wrong origin, therefore our
3602 * list of snapshots is wrong. Need to handle
3603 * them on the next pass.
3604 */
3605 needagain = B_TRUE;
3606 continue;
3607 }
3608
3609 for (snapelem = nvlist_next_nvpair(snaps, NULL);
3610 snapelem; snapelem = nextsnapelem) {
3611 uint64_t thisguid;
3612 char *stream_snapname;
b128c09f 3613 nvlist_t *found, *props;
34dc7c2f
BB		 3614
3615 nextsnapelem = nvlist_next_nvpair(snaps, snapelem);
3616
3617 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid));
3618 found = fsavl_find(stream_avl, thisguid,
3619 &stream_snapname);
3620
3621 /* check for delete */
3622 if (found == NULL) {
eca7b760 3623 char name[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 3624
330d06f9 3625 if (!flags->force)
34dc7c2f
BB		 3626 continue;
3627
3628 (void) snprintf(name, sizeof (name), "%s@%s",
3629 fsname, nvpair_name(snapelem));
3630
3631 error = recv_destroy(hdl, name,
3632 strlen(fsname)+1, newname, flags);
3633 if (error)
3634 needagain = B_TRUE;
3635 else
3636 progress = B_TRUE;
3df29340
BB		 3637 sprintf(guidname, "%llu",
3638 (u_longlong_t)thisguid);
7509a3d2 3639 nvlist_add_boolean(deleted, guidname);
34dc7c2f
BB		 3640 continue;
3641 }
3642
3643 stream_nvfs = found;
3644
b128c09f
BB		 3645 if (0 == nvlist_lookup_nvlist(stream_nvfs, "snapprops",
3646 &props) && 0 == nvlist_lookup_nvlist(props,
3647 stream_snapname, &props)) {
13fe0198 3648 zfs_cmd_t zc = {"\0"};
b128c09f 3649
428870ff 3650 zc.zc_cookie = B_TRUE; /* received */
b128c09f
BB		 3651 (void) snprintf(zc.zc_name, sizeof (zc.zc_name),
3652 "%s@%s", fsname, nvpair_name(snapelem));
3653 if (zcmd_write_src_nvlist(hdl, &zc,
3654 props) == 0) {
3655 (void) zfs_ioctl(hdl,
3656 ZFS_IOC_SET_PROP, &zc);
3657 zcmd_free_nvlists(&zc);
3658 }
3659 }
3660
34dc7c2f
BB		 3661 /* check for different snapname */
3662 if (strcmp(nvpair_name(snapelem),
3663 stream_snapname) != 0) {
eca7b760
IK		 3664 char name[ZFS_MAX_DATASET_NAME_LEN];
3665 char tryname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 3666
3667 (void) snprintf(name, sizeof (name), "%s@%s",
3668 fsname, nvpair_name(snapelem));
3669 (void) snprintf(tryname, sizeof (name), "%s@%s",
3670 fsname, stream_snapname);
3671
3672 error = recv_rename(hdl, name, tryname,
3673 strlen(fsname)+1, newname, flags);
3674 if (error)
3675 needagain = B_TRUE;
3676 else
3677 progress = B_TRUE;
3678 }
3679
3680 if (strcmp(stream_snapname, fromsnap) == 0)
3681 fromguid = thisguid;
3682 }
3683
3684 /* check for delete */
3685 if (stream_nvfs == NULL) {
330d06f9 3686 if (!flags->force)
34dc7c2f
BB		 3687 continue;
3688
3689 error = recv_destroy(hdl, fsname, strlen(tofs)+1,
3690 newname, flags);
3691 if (error)
3692 needagain = B_TRUE;
3693 else
3694 progress = B_TRUE;
3df29340 3695 sprintf(guidname, "%llu",
02730c33 3696 (u_longlong_t)parent_fromsnap_guid);
7509a3d2 3697 nvlist_add_boolean(deleted, guidname);
34dc7c2f
BB		 3698 continue;
3699 }
3700
428870ff 3701 if (fromguid == 0) {
330d06f9 3702 if (flags->verbose) {
428870ff
BB		 3703 (void) printf("local fs %s does not have "
3704 "fromsnap (%s in stream); must have "
3705 "been deleted locally; ignoring\n",
3706 fsname, fromsnap);
3707 }
34dc7c2f
BB		 3708 continue;
3709 }
3710
3711 VERIFY(0 == nvlist_lookup_string(stream_nvfs,
3712 "name", &stream_fsname));
3713 VERIFY(0 == nvlist_lookup_uint64(stream_nvfs,
3714 "parentfromsnap", &stream_parent_fromsnap_guid));
3715
428870ff
BB		 3716 s1 = strrchr(fsname, '/');
3717 s2 = strrchr(stream_fsname, '/');
3718
7509a3d2 3719 /*
3720 * Check if we're going to rename based on parent guid change
3721 * and the current parent guid was also deleted. If it was then
3722 * rename will fail and is likely unneeded, so avoid this and
3723 * force an early retry to determine the new
3724 * parent_fromsnap_guid.
3725 */
3726 if (stream_parent_fromsnap_guid != 0 &&
3727 parent_fromsnap_guid != 0 &&
3728 stream_parent_fromsnap_guid != parent_fromsnap_guid) {
3df29340 3729 sprintf(guidname, "%llu",
02730c33 3730 (u_longlong_t)parent_fromsnap_guid);
7509a3d2 3731 if (nvlist_exists(deleted, guidname)) {
3732 progress = B_TRUE;
3733 needagain = B_TRUE;
3734 goto doagain;
3735 }
3736 }
3737
428870ff
BB		 3738 /*
3739 * Check for rename. If the exact receive path is specified, it
3740 * does not count as a rename, but we still need to check the
3741 * datasets beneath it.
3742 */
34dc7c2f 3743 if ((stream_parent_fromsnap_guid != 0 &&
428870ff 3744 parent_fromsnap_guid != 0 &&
34dc7c2f 3745 stream_parent_fromsnap_guid != parent_fromsnap_guid) ||
330d06f9 3746 ((flags->isprefix || strcmp(tofs, fsname) != 0) &&
428870ff 3747 (s1 != NULL) && (s2 != NULL) && strcmp(s1, s2) != 0)) {
34dc7c2f 3748 nvlist_t *parent;
eca7b760 3749 char tryname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 3750
3751 parent = fsavl_find(local_avl,
3752 stream_parent_fromsnap_guid, NULL);
3753 /*
3754 * NB: parent might not be found if we used the
3755 * tosnap for stream_parent_fromsnap_guid,
3756 * because the parent is a newly-created fs;
3757 * we'll be able to rename it after we recv the
3758 * new fs.
3759 */
3760 if (parent != NULL) {
3761 char *pname;
3762
3763 VERIFY(0 == nvlist_lookup_string(parent, "name",
3764 &pname));
3765 (void) snprintf(tryname, sizeof (tryname),
3766 "%s%s", pname, strrchr(stream_fsname, '/'));
3767 } else {
3768 tryname[0] = '\0';
330d06f9 3769 if (flags->verbose) {
34dc7c2f
BB		 3770 (void) printf("local fs %s new parent "
3771 "not found\n", fsname);
3772 }
3773 }
3774
428870ff
BB		 3775 newname[0] = '\0';
3776
34dc7c2f
BB		 3777 error = recv_rename(hdl, fsname, tryname,
3778 strlen(tofs)+1, newname, flags);
428870ff
BB		 3779
3780 if (renamed != NULL && newname[0] != '\0') {
3781 VERIFY(0 == nvlist_add_boolean(renamed,
3782 newname));
3783 }
3784
34dc7c2f
BB		 3785 if (error)
3786 needagain = B_TRUE;
3787 else
3788 progress = B_TRUE;
3789 }
3790 }
3791
7509a3d2 3792doagain:
34dc7c2f
BB		 3793 fsavl_destroy(local_avl);
3794 nvlist_free(local_nv);
7509a3d2 3795 nvlist_free(deleted);
34dc7c2f
BB		 3796
3797 if (needagain && progress) {
3798 /* do another pass to fix up temporary names */
330d06f9 3799 if (flags->verbose)
34dc7c2f
BB		 3800 (void) printf("another pass:\n");
3801 goto again;
3802 }
3803
b5256303 3804 return (needagain || error != 0);
34dc7c2f
BB		 3805}
3806
3807static int
3808zfs_receive_package(libzfs_handle_t *hdl, int fd, const char *destname,
330d06f9 3809 recvflags_t *flags, dmu_replay_record_t *drr, zio_cksum_t *zc,
a3eeab2d 3810 char **top_zfs, int cleanup_fd, uint64_t *action_handlep,
3811 nvlist_t *cmdprops)
34dc7c2f
BB		 3812{
3813 nvlist_t *stream_nv = NULL;
3814 avl_tree_t *stream_avl = NULL;
3815 char *fromsnap = NULL;
671c9354 3816 char *sendsnap = NULL;
428870ff 3817 char *cp;
eca7b760
IK		 3818 char tofs[ZFS_MAX_DATASET_NAME_LEN];
3819 char sendfs[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 3820 char errbuf[1024];
3821 dmu_replay_record_t drre;
3822 int error;
3823 boolean_t anyerr = B_FALSE;
3824 boolean_t softerr = B_FALSE;
b5256303 3825 boolean_t recursive, raw;
34dc7c2f
BB		 3826
3827 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3828 "cannot receive"));
3829
34dc7c2f
BB		 3830 assert(drr->drr_type == DRR_BEGIN);
3831 assert(drr->drr_u.drr_begin.drr_magic == DMU_BACKUP_MAGIC);
428870ff
BB		 3832 assert(DMU_GET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo) ==
3833 DMU_COMPOUNDSTREAM);
34dc7c2f
BB		 3834
3835 /*
3836 * Read in the nvlist from the stream.
3837 */
3838 if (drr->drr_payloadlen != 0) {
34dc7c2f 3839 error = recv_read_nvlist(hdl, fd, drr->drr_payloadlen,
330d06f9 3840 &stream_nv, flags->byteswap, zc);
34dc7c2f
BB		 3841 if (error) {
3842 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3843 goto out;
3844 }
3845 }
3846
428870ff
BB		 3847 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
3848 ENOENT);
b5256303 3849 raw = (nvlist_lookup_boolean(stream_nv, "raw") == 0);
428870ff
BB		 3850
3851 if (recursive && strchr(destname, '@')) {
3852 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3853 "cannot specify snapshot name for multi-snapshot stream"));
3854 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3855 goto out;
3856 }
3857
34dc7c2f
BB		 3858 /*
3859 * Read in the end record and verify checksum.
3860 */
3861 if (0 != (error = recv_read(hdl, fd, &drre, sizeof (drre),
330d06f9 3862 flags->byteswap, NULL)))
34dc7c2f 3863 goto out;
330d06f9 3864 if (flags->byteswap) {
34dc7c2f
BB		 3865 drre.drr_type = BSWAP_32(drre.drr_type);
3866 drre.drr_u.drr_end.drr_checksum.zc_word[0] =
3867 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[0]);
3868 drre.drr_u.drr_end.drr_checksum.zc_word[1] =
3869 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[1]);
3870 drre.drr_u.drr_end.drr_checksum.zc_word[2] =
3871 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[2]);
3872 drre.drr_u.drr_end.drr_checksum.zc_word[3] =
3873 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[3]);
3874 }
3875 if (drre.drr_type != DRR_END) {
3876 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3877 goto out;
3878 }
3879 if (!ZIO_CHECKSUM_EQUAL(drre.drr_u.drr_end.drr_checksum, *zc)) {
3880 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3881 "incorrect header checksum"));
3882 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3883 goto out;
3884 }
3885
3886 (void) nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap);
3887
3888 if (drr->drr_payloadlen != 0) {
3889 nvlist_t *stream_fss;
3890
3891 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss",
3892 &stream_fss));
3893 if ((stream_avl = fsavl_create(stream_fss)) == NULL) {
3894 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3895 "couldn't allocate avl tree"));
3896 error = zfs_error(hdl, EZFS_NOMEM, errbuf);
3897 goto out;
3898 }
3899
4c3c6b6c 3900 if (fromsnap != NULL && recursive) {
428870ff
BB		 3901 nvlist_t *renamed = NULL;
3902 nvpair_t *pair = NULL;
3903
eca7b760 3904 (void) strlcpy(tofs, destname, sizeof (tofs));
330d06f9 3905 if (flags->isprefix) {
428870ff
BB		 3906 struct drr_begin *drrb = &drr->drr_u.drr_begin;
3907 int i;
3908
330d06f9 3909 if (flags->istail) {
428870ff
BB		 3910 cp = strrchr(drrb->drr_toname, '/');
3911 if (cp == NULL) {
3912 (void) strlcat(tofs, "/",
eca7b760 3913 sizeof (tofs));
428870ff
BB		 3914 i = 0;
3915 } else {
3916 i = (cp - drrb->drr_toname);
3917 }
3918 } else {
3919 i = strcspn(drrb->drr_toname, "/@");
3920 }
34dc7c2f 3921 /* zfs_receive_one() will create_parents() */
428870ff 3922 (void) strlcat(tofs, &drrb->drr_toname[i],
eca7b760 3923 sizeof (tofs));
34dc7c2f
BB		 3924 *strchr(tofs, '@') = '\0';
3925 }
428870ff 3926
4c3c6b6c 3927 if (!flags->dryrun && !flags->nomount) {
428870ff
BB		 3928 VERIFY(0 == nvlist_alloc(&renamed,
3929 NV_UNIQUE_NAME, 0));
3930 }
3931
3932 softerr = recv_incremental_replication(hdl, tofs, flags,
3933 stream_nv, stream_avl, renamed);
3934
3935 /* Unmount renamed filesystems before receiving. */
3936 while ((pair = nvlist_next_nvpair(renamed,
3937 pair)) != NULL) {
3938 zfs_handle_t *zhp;
3939 prop_changelist_t *clp = NULL;
3940
3941 zhp = zfs_open(hdl, nvpair_name(pair),
3942 ZFS_TYPE_FILESYSTEM);
3943 if (zhp != NULL) {
3944 clp = changelist_gather(zhp,
3945 ZFS_PROP_MOUNTPOINT, 0, 0);
3946 zfs_close(zhp);
3947 if (clp != NULL) {
3948 softerr |=
3949 changelist_prefix(clp);
3950 changelist_free(clp);
3951 }
3952 }
3953 }
3954
3955 nvlist_free(renamed);
34dc7c2f
BB		 3956 }
3957 }
3958
428870ff
BB		 3959 /*
3960 * Get the fs specified by the first path in the stream (the top level
3961 * specified by 'zfs send') and pass it to each invocation of
3962 * zfs_receive_one().
3963 */
3964 (void) strlcpy(sendfs, drr->drr_u.drr_begin.drr_toname,
eca7b760 3965 sizeof (sendfs));
671c9354 3966 if ((cp = strchr(sendfs, '@')) != NULL) {
428870ff 3967 *cp = '\0';
671c9354
DM		 3968 /*
3969 * Find the "sendsnap", the final snapshot in a replication
3970 * stream. zfs_receive_one() handles certain errors
3971 * differently, depending on if the contained stream is the
3972 * last one or not.
3973 */
3974 sendsnap = (cp + 1);
3975 }
34dc7c2f
BB		 3976
3977 /* Finally, receive each contained stream */
3978 do {
3979 /*
3980 * we should figure out if it has a recoverable
3981 * error, in which case do a recv_skip() and drive on.
3982 * Note, if we fail due to already having this guid,
3983 * zfs_receive_one() will take care of it (ie,
3984 * recv_skip() and return 0).
3985 */
fcff0f35 3986 error = zfs_receive_impl(hdl, destname, NULL, flags, fd,
572e2857 3987 sendfs, stream_nv, stream_avl, top_zfs, cleanup_fd,
a3eeab2d 3988 action_handlep, sendsnap, cmdprops);
34dc7c2f
BB		 3989 if (error == ENODATA) {
3990 error = 0;
3991 break;
3992 }
3993 anyerr |= error;
3994 } while (error == 0);
3995
4c3c6b6c 3996 if (drr->drr_payloadlen != 0 && recursive && fromsnap != NULL) {
34dc7c2f
BB		 3997 /*
3998 * Now that we have the fs's they sent us, try the
3999 * renames again.
4000 */
4001 softerr = recv_incremental_replication(hdl, tofs, flags,
428870ff 4002 stream_nv, stream_avl, NULL);
34dc7c2f
BB		 4003 }
4004
bb61cc31
TC		 4005 if (raw && softerr == 0 && *top_zfs != NULL) {
4006 softerr = recv_fix_encryption_hierarchy(hdl, *top_zfs,
b5256303
TC		 4007 stream_nv, stream_avl);
4008 }
4009
34dc7c2f
BB		 4010out:
4011 fsavl_destroy(stream_avl);
8a5fc748 4012 nvlist_free(stream_nv);
34dc7c2f
BB		 4013 if (softerr)
4014 error = -2;
4015 if (anyerr)
4016 error = -1;
4017 return (error);
4018}
4019
428870ff
BB		 4020static void
4021trunc_prop_errs(int truncated)
4022{
4023 ASSERT(truncated != 0);
4024
4025 if (truncated == 1)
4026 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
4027 "1 more property could not be set\n"));
4028 else
4029 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
4030 "%d more properties could not be set\n"), truncated);
4031}
4032
34dc7c2f
BB		 4033static int
4034recv_skip(libzfs_handle_t *hdl, int fd, boolean_t byteswap)
4035{
4036 dmu_replay_record_t *drr;
f1512ee6 4037 void *buf = zfs_alloc(hdl, SPA_MAXBLOCKSIZE);
870e7a52 4038 uint64_t payload_size;
428870ff
BB		 4039 char errbuf[1024];
4040
4041 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
870e7a52 4042 "cannot receive"));
34dc7c2f
BB		 4043
4044 /* XXX would be great to use lseek if possible... */
4045 drr = buf;
4046
4047 while (recv_read(hdl, fd, drr, sizeof (dmu_replay_record_t),
4048 byteswap, NULL) == 0) {
4049 if (byteswap)
4050 drr->drr_type = BSWAP_32(drr->drr_type);
4051
4052 switch (drr->drr_type) {
4053 case DRR_BEGIN:
428870ff 4054 if (drr->drr_payloadlen != 0) {
47dfff3b
MA		 4055 (void) recv_read(hdl, fd, buf,
4056 drr->drr_payloadlen, B_FALSE, NULL);
428870ff 4057 }
34dc7c2f
BB		 4058 break;
4059
4060 case DRR_END:
4061 free(buf);
4062 return (0);
4063
4064 case DRR_OBJECT:
4065 if (byteswap) {
4066 drr->drr_u.drr_object.drr_bonuslen =
4067 BSWAP_32(drr->drr_u.drr_object.
4068 drr_bonuslen);
870e7a52
TC		 4069 drr->drr_u.drr_object.drr_raw_bonuslen =
4070 BSWAP_32(drr->drr_u.drr_object.
4071 drr_raw_bonuslen);
34dc7c2f 4072 }
870e7a52
TC		 4073
4074 payload_size =
4075 DRR_OBJECT_PAYLOAD_SIZE(&drr->drr_u.drr_object);
4076 (void) recv_read(hdl, fd, buf, payload_size,
34dc7c2f
BB		 4077 B_FALSE, NULL);
4078 break;
4079
4080 case DRR_WRITE:
4081 if (byteswap) {
2aa34383
DK		 4082 drr->drr_u.drr_write.drr_logical_size =
4083 BSWAP_64(
4084 drr->drr_u.drr_write.drr_logical_size);
4085 drr->drr_u.drr_write.drr_compressed_size =
4086 BSWAP_64(
4087 drr->drr_u.drr_write.drr_compressed_size);
34dc7c2f 4088 }
870e7a52 4089 payload_size =
2aa34383 4090 DRR_WRITE_PAYLOAD_SIZE(&drr->drr_u.drr_write);
34dc7c2f 4091 (void) recv_read(hdl, fd, buf,
2aa34383 4092 payload_size, B_FALSE, NULL);
34dc7c2f 4093 break;
428870ff
BB		 4094 case DRR_SPILL:
4095 if (byteswap) {
9f8026c8 4096 drr->drr_u.drr_spill.drr_length =
428870ff 4097 BSWAP_64(drr->drr_u.drr_spill.drr_length);
870e7a52
TC		 4098 drr->drr_u.drr_spill.drr_compressed_size =
4099 BSWAP_64(drr->drr_u.drr_spill.
4100 drr_compressed_size);
428870ff 4101 }
870e7a52
TC		 4102
4103 payload_size =
4104 DRR_SPILL_PAYLOAD_SIZE(&drr->drr_u.drr_spill);
4105 (void) recv_read(hdl, fd, buf, payload_size,
4106 B_FALSE, NULL);
428870ff 4107 break;
9b67f605
MA		 4108 case DRR_WRITE_EMBEDDED:
4109 if (byteswap) {
4110 drr->drr_u.drr_write_embedded.drr_psize =
4111 BSWAP_32(drr->drr_u.drr_write_embedded.
4112 drr_psize);
4113 }
4114 (void) recv_read(hdl, fd, buf,
4115 P2ROUNDUP(drr->drr_u.drr_write_embedded.drr_psize,
4116 8), B_FALSE, NULL);
4117 break;
30af21b0 4118 case DRR_OBJECT_RANGE:
428870ff 4119 case DRR_WRITE_BYREF:
34dc7c2f
BB		 4120 case DRR_FREEOBJECTS:
4121 case DRR_FREE:
4122 break;
4123
4124 default:
428870ff
BB		 4125 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4126 "invalid record type"));
fad5fb01 4127 free(buf);
428870ff 4128 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
34dc7c2f
BB		 4129 }
4130 }
4131
4132 free(buf);
4133 return (-1);
4134}
4135
47dfff3b
MA		 4136static void
4137recv_ecksum_set_aux(libzfs_handle_t *hdl, const char *target_snap,
4138 boolean_t resumable)
4139{
eca7b760 4140 char target_fs[ZFS_MAX_DATASET_NAME_LEN];
47dfff3b
MA		 4141
4142 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4143 "checksum mismatch or incomplete stream"));
4144
4145 if (!resumable)
4146 return;
4147 (void) strlcpy(target_fs, target_snap, sizeof (target_fs));
4148 *strchr(target_fs, '@') = '\0';
4149 zfs_handle_t *zhp = zfs_open(hdl, target_fs,
4150 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
4151 if (zhp == NULL)
4152 return;
4153
4154 char token_buf[ZFS_MAXPROPLEN];
4155 int error = zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
4156 token_buf, sizeof (token_buf),
4157 NULL, NULL, 0, B_TRUE);
4158 if (error == 0) {
4159 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4160 "checksum mismatch or incomplete stream.\n"
4161 "Partially received snapshot is saved.\n"
4162 "A resuming stream can be generated on the sending "
4163 "system by running:\n"
4164 " zfs send -t %s"),
4165 token_buf);
4166 }
4167 zfs_close(zhp);
4168}
4169
a3eeab2d 4170/*
4171 * Prepare a new nvlist of properties that are to override (-o) or be excluded
4172 * (-x) from the received dataset
4173 * recvprops: received properties from the send stream
4174 * cmdprops: raw input properties from command line
4175 * origprops: properties, both locally-set and received, currently set on the
4176 * target dataset if it exists, NULL otherwise.
4177 * oxprops: valid output override (-o) and excluded (-x) properties
4178 */
4179static int
d9c460a0
TC		 4180zfs_setup_cmdline_props(libzfs_handle_t *hdl, zfs_type_t type,
4181 char *fsname, boolean_t zoned, boolean_t recursive, boolean_t newfs,
4182 boolean_t raw, boolean_t toplevel, nvlist_t *recvprops, nvlist_t *cmdprops,
4183 nvlist_t *origprops, nvlist_t **oxprops, uint8_t **wkeydata_out,
4184 uint_t *wkeylen_out, const char *errbuf)
a3eeab2d 4185{
4186 nvpair_t *nvp;
4187 nvlist_t *oprops, *voprops;
4188 zfs_handle_t *zhp = NULL;
4189 zpool_handle_t *zpool_hdl = NULL;
d9c460a0 4190 char *cp;
a3eeab2d 4191 int ret = 0;
d9c460a0 4192 char namebuf[ZFS_MAX_DATASET_NAME_LEN];
a3eeab2d 4193
4194 if (nvlist_empty(cmdprops))
4195 return (0); /* No properties to override or exclude */
4196
4197 *oxprops = fnvlist_alloc();
4198 oprops = fnvlist_alloc();
4199
d9c460a0
TC		 4200 strlcpy(namebuf, fsname, ZFS_MAX_DATASET_NAME_LEN);
4201
4202 /*
4203 * Get our dataset handle. The target dataset may not exist yet.
4204 */
4205 if (zfs_dataset_exists(hdl, namebuf, ZFS_TYPE_DATASET)) {
4206 zhp = zfs_open(hdl, namebuf, ZFS_TYPE_DATASET);
4207 if (zhp == NULL) {
4208 ret = -1;
4209 goto error;
4210 }
4211 }
4212
4213 /* open the zpool handle */
4214 cp = strchr(namebuf, '/');
4215 if (cp != NULL)
4216 *cp = '\0';
4217 zpool_hdl = zpool_open(hdl, namebuf);
4218 if (zpool_hdl == NULL) {
4219 ret = -1;
4220 goto error;
4221 }
4222
4223 /* restore namebuf to match fsname for later use */
4224 if (cp != NULL)
4225 *cp = '/';
4226
a3eeab2d 4227 /*
4228 * first iteration: process excluded (-x) properties now and gather
4229 * added (-o) properties to be later processed by zfs_valid_proplist()
4230 */
4231 nvp = NULL;
4232 while ((nvp = nvlist_next_nvpair(cmdprops, nvp)) != NULL) {
4233 const char *name = nvpair_name(nvp);
4234 zfs_prop_t prop = zfs_name_to_prop(name);
4235
4236 /* "origin" is processed separately, don't handle it here */
4237 if (prop == ZFS_PROP_ORIGIN)
4238 continue;
4239
4240 /*
4241 * we're trying to override or exclude a property that does not
4242 * make sense for this type of dataset, but we don't want to
4243 * fail if the receive is recursive: this comes in handy when
4244 * the send stream contains, for instance, a child ZVOL and
4245 * we're trying to receive it with "-o atime=on"
4246 */
4247 if (!zfs_prop_valid_for_type(prop, type, B_FALSE) &&
4248 !zfs_prop_user(name)) {
4249 if (recursive)
4250 continue;
4251 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4252 "property '%s' does not apply to datasets of this "
4253 "type"), name);
4254 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4255 goto error;
4256 }
4257
d9c460a0
TC		 4258 /* raw streams can't override encryption properties */
4259 if ((zfs_prop_encryption_key_param(prop) ||
4260 prop == ZFS_PROP_ENCRYPTION) && (raw || !newfs)) {
4261 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4262 "encryption property '%s' cannot "
4263 "be set or excluded for raw or incremental "
4264 "streams."), name);
4265 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4266 goto error;
4267 }
4268
a3eeab2d 4269 switch (nvpair_type(nvp)) {
4270 case DATA_TYPE_BOOLEAN: /* -x property */
4271 /*
4272 * DATA_TYPE_BOOLEAN is the way we're asked to "exclude"
4273 * a property: this is done by forcing an explicit
4274 * inherit on the destination so the effective value is
4275 * not the one we received from the send stream.
4276 * We do this only if the property is not already
4277 * locally-set, in which case its value will take
4278 * priority over the received anyway.
4279 */
4280 if (nvlist_exists(origprops, name)) {
4281 nvlist_t *attrs;
4282
4283 attrs = fnvlist_lookup_nvlist(origprops, name);
4284 if (strcmp(fnvlist_lookup_string(attrs,
4285 ZPROP_SOURCE), ZPROP_SOURCE_VAL_RECVD) != 0)
4286 continue;
4287 }
4288 /*
4289 * We can't force an explicit inherit on non-inheritable
4290 * properties: if we're asked to exclude this kind of
4291 * values we remove them from "recvprops" input nvlist.
4292 */
4293 if (!zfs_prop_inheritable(prop) &&
4294 !zfs_prop_user(name) && /* can be inherited too */
4295 nvlist_exists(recvprops, name))
4296 fnvlist_remove(recvprops, name);
4297 else
4298 fnvlist_add_nvpair(*oxprops, nvp);
4299 break;
4300 case DATA_TYPE_STRING: /* -o property=value */
4301 fnvlist_add_nvpair(oprops, nvp);
4302 break;
4303 default:
4304 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4305 "property '%s' must be a string or boolean"), name);
4306 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4307 goto error;
4308 }
4309 }
4310
4311 if (toplevel) {
4312 /* convert override strings properties to native */
4313 if ((voprops = zfs_valid_proplist(hdl, ZFS_TYPE_DATASET,
b5256303 4314 oprops, zoned, zhp, zpool_hdl, B_FALSE, errbuf)) == NULL) {
a3eeab2d 4315 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4316 goto error;
4317 }
4318
d9c460a0
TC		 4319 /*
4320 * zfs_crypto_create() requires the parent name. Get it
4321 * by truncating the fsname copy stored in namebuf.
4322 */
4323 cp = strrchr(namebuf, '/');
4324 if (cp != NULL)
4325 *cp = '\0';
4326
4327 if (!raw && zfs_crypto_create(hdl, namebuf, voprops, NULL,
4328 B_FALSE, wkeydata_out, wkeylen_out) != 0) {
4329 fnvlist_free(voprops);
4330 ret = zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf);
4331 goto error;
4332 }
4333
a3eeab2d 4334 /* second pass: process "-o" properties */
4335 fnvlist_merge(*oxprops, voprops);
4336 fnvlist_free(voprops);
4337 } else {
4338 /* override props on child dataset are inherited */
4339 nvp = NULL;
4340 while ((nvp = nvlist_next_nvpair(oprops, nvp)) != NULL) {
4341 const char *name = nvpair_name(nvp);
4342 fnvlist_add_boolean(*oxprops, name);
4343 }
4344 }
4345
4346error:
d9c460a0
TC		 4347 if (zhp != NULL)
4348 zfs_close(zhp);
4349 if (zpool_hdl != NULL)
4350 zpool_close(zpool_hdl);
a3eeab2d 4351 fnvlist_free(oprops);
4352 return (ret);
4353}
4354
34dc7c2f
BB		 4355/*
4356 * Restores a backup of tosnap from the file descriptor specified by infd.
4357 */
4358static int
4359zfs_receive_one(libzfs_handle_t *hdl, int infd, const char *tosnap,
fcff0f35
PD		 4360 const char *originsnap, recvflags_t *flags, dmu_replay_record_t *drr,
4361 dmu_replay_record_t *drr_noswap, const char *sendfs, nvlist_t *stream_nv,
4362 avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd,
a3eeab2d 4363 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops)
34dc7c2f 4364{
34dc7c2f 4365 time_t begin_time;
428870ff 4366 int ioctl_err, ioctl_errno, err;
34dc7c2f
BB		 4367 char *cp;
4368 struct drr_begin *drrb = &drr->drr_u.drr_begin;
4369 char errbuf[1024];
428870ff 4370 const char *chopprefix;
34dc7c2f
BB		 4371 boolean_t newfs = B_FALSE;
4372 boolean_t stream_wantsnewfs;
43e52edd
BB		 4373 boolean_t newprops = B_FALSE;
4374 uint64_t read_bytes = 0;
4375 uint64_t errflags = 0;
34dc7c2f
BB		 4376 uint64_t parent_snapguid = 0;
4377 prop_changelist_t *clp = NULL;
b128c09f 4378 nvlist_t *snapprops_nvlist = NULL;
9c5e88b1 4379 nvlist_t *snapholds_nvlist = NULL;
428870ff 4380 zprop_errflags_t prop_errflags;
43e52edd 4381 nvlist_t *prop_errors = NULL;
428870ff 4382 boolean_t recursive;
671c9354 4383 char *snapname = NULL;
43e52edd
BB		 4384 char destsnap[MAXPATHLEN * 2];
4385 char origin[MAXNAMELEN];
4386 char name[MAXPATHLEN];
b5256303 4387 char tmp_keylocation[MAXNAMELEN];
a3eeab2d 4388 nvlist_t *rcvprops = NULL; /* props received from the send stream */
4389 nvlist_t *oxprops = NULL; /* override (-o) and exclude (-x) props */
4390 nvlist_t *origprops = NULL; /* original props (if destination exists) */
4391 zfs_type_t type;
bee7e4ff 4392 boolean_t toplevel = B_FALSE;
a3eeab2d 4393 boolean_t zoned = B_FALSE;
c03f0470 4394 boolean_t hastoken = B_FALSE;
30af21b0 4395 boolean_t redacted;
d9c460a0
TC		 4396 uint8_t *wkeydata = NULL;
4397 uint_t wkeylen = 0;
34dc7c2f
BB		 4398
4399 begin_time = time(NULL);
43e52edd 4400 bzero(origin, MAXNAMELEN);
b5256303 4401 bzero(tmp_keylocation, MAXNAMELEN);
34dc7c2f
BB		 4402
4403 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
4404 "cannot receive"));
4405
428870ff
BB		 4406 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
4407 ENOENT);
4408
9c5e88b1
PZ		 4409 /* Did the user request holds be skipped via zfs recv -k? */
4410 boolean_t holds = flags->holds && !flags->skipholds;
4411
34dc7c2f 4412 if (stream_avl != NULL) {
b5256303 4413 char *keylocation = NULL;
48f783de 4414 nvlist_t *lookup = NULL;
b128c09f
BB		 4415 nvlist_t *fs = fsavl_find(stream_avl, drrb->drr_toguid,
4416 &snapname);
34dc7c2f
BB		 4417
4418 (void) nvlist_lookup_uint64(fs, "parentfromsnap",
4419 &parent_snapguid);
a3eeab2d 4420 err = nvlist_lookup_nvlist(fs, "props", &rcvprops);
43e52edd 4421 if (err) {
a3eeab2d 4422 VERIFY(0 == nvlist_alloc(&rcvprops, NV_UNIQUE_NAME, 0));
43e52edd
BB		 4423 newprops = B_TRUE;
4424 }
34dc7c2f 4425
b5256303
TC		 4426 /*
4427 * The keylocation property may only be set on encryption roots,
4428 * but this dataset might not become an encryption root until
83472fab 4429 * recv_fix_encryption_hierarchy() is called. That function
b5256303
TC		 4430 * will fixup the keylocation anyway, so we temporarily unset
4431 * the keylocation for now to avoid any errors from the receive
4432 * ioctl.
4433 */
4434 err = nvlist_lookup_string(rcvprops,
4435 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation);
4436 if (err == 0) {
4437 strcpy(tmp_keylocation, keylocation);
4438 (void) nvlist_remove_all(rcvprops,
4439 zfs_prop_to_name(ZFS_PROP_KEYLOCATION));
4440 }
4441
330d06f9 4442 if (flags->canmountoff) {
a3eeab2d 4443 VERIFY(0 == nvlist_add_uint64(rcvprops,
34dc7c2f 4444 zfs_prop_to_name(ZFS_PROP_CANMOUNT), 0));
9c5e88b1
PZ		 4445 } else if (newprops) { /* nothing in rcvprops, eliminate it */
4446 nvlist_free(rcvprops);
4447 rcvprops = NULL;
4448 newprops = B_FALSE;
34dc7c2f 4449 }
48f783de 4450 if (0 == nvlist_lookup_nvlist(fs, "snapprops", &lookup)) {
4451 VERIFY(0 == nvlist_lookup_nvlist(lookup,
4452 snapname, &snapprops_nvlist));
4453 }
9c5e88b1
PZ		 4454 if (holds) {
4455 if (0 == nvlist_lookup_nvlist(fs, "snapholds",
4456 &lookup)) {
4457 VERIFY(0 == nvlist_lookup_nvlist(lookup,
4458 snapname, &snapholds_nvlist));
4459 }
4460 }
34dc7c2f
BB		 4461 }
4462
428870ff
BB		 4463 cp = NULL;
4464
34dc7c2f
BB		 4465 /*
4466 * Determine how much of the snapshot name stored in the stream
4467 * we are going to tack on to the name they specified on the
4468 * command line, and how much we are going to chop off.
4469 *
4470 * If they specified a snapshot, chop the entire name stored in
4471 * the stream.
4472 */
330d06f9 4473 if (flags->istail) {
428870ff
BB		 4474 /*
4475 * A filesystem was specified with -e. We want to tack on only
4476 * the tail of the sent snapshot path.
4477 */
4478 if (strchr(tosnap, '@')) {
4479 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
4480 "argument - snapshot not allowed with -e"));
43e52edd
BB		 4481 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
4482 goto out;
428870ff
BB		 4483 }
4484
4485 chopprefix = strrchr(sendfs, '/');
4486
4487 if (chopprefix == NULL) {
4488 /*
4489 * The tail is the poolname, so we need to
4490 * prepend a path separator.
4491 */
4492 int len = strlen(drrb->drr_toname);
4493 cp = malloc(len + 2);
4494 cp[0] = '/';
4495 (void) strcpy(&cp[1], drrb->drr_toname);
4496 chopprefix = cp;
4497 } else {
4498 chopprefix = drrb->drr_toname + (chopprefix - sendfs);
4499 }
330d06f9 4500 } else if (flags->isprefix) {
34dc7c2f 4501 /*
428870ff
BB		 4502 * A filesystem was specified with -d. We want to tack on
4503 * everything but the first element of the sent snapshot path
4504 * (all but the pool name).
34dc7c2f
BB		 4505 */
4506 if (strchr(tosnap, '@')) {
4507 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
4508 "argument - snapshot not allowed with -d"));
43e52edd
BB		 4509 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
4510 goto out;
34dc7c2f 4511 }
428870ff
BB		 4512
4513 chopprefix = strchr(drrb->drr_toname, '/');
4514 if (chopprefix == NULL)
4515 chopprefix = strchr(drrb->drr_toname, '@');
34dc7c2f
BB		 4516 } else if (strchr(tosnap, '@') == NULL) {
4517 /*
428870ff
BB		 4518 * If a filesystem was specified without -d or -e, we want to
4519 * tack on everything after the fs specified by 'zfs send'.
34dc7c2f 4520 */
428870ff
BB		 4521 chopprefix = drrb->drr_toname + strlen(sendfs);
4522 } else {
4523 /* A snapshot was specified as an exact path (no -d or -e). */
4524 if (recursive) {
4525 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4526 "cannot specify snapshot name for multi-snapshot "
4527 "stream"));
43e52edd
BB		 4528 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4529 goto out;
428870ff
BB		 4530 }
4531 chopprefix = drrb->drr_toname + strlen(drrb->drr_toname);
34dc7c2f 4532 }
428870ff
BB		 4533
4534 ASSERT(strstr(drrb->drr_toname, sendfs) == drrb->drr_toname);
bdbd5477 4535 ASSERT(chopprefix > drrb->drr_toname || strchr(sendfs, '/') == NULL);
4536 ASSERT(chopprefix <= drrb->drr_toname + strlen(drrb->drr_toname) ||
4537 strchr(sendfs, '/') == NULL);
428870ff
BB		 4538 ASSERT(chopprefix[0] == '/' || chopprefix[0] == '@' ||
4539 chopprefix[0] == '\0');
34dc7c2f
BB		 4540
4541 /*
43e52edd 4542 * Determine name of destination snapshot.
34dc7c2f 4543 */
45cb520b 4544 (void) strlcpy(destsnap, tosnap, sizeof (destsnap));
43e52edd 4545 (void) strlcat(destsnap, chopprefix, sizeof (destsnap));
428870ff 4546 free(cp);
43e52edd
BB		 4547 if (!zfs_name_valid(destsnap, ZFS_TYPE_SNAPSHOT)) {
4548 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
4549 goto out;
34dc7c2f
BB		 4550 }
4551
4552 /*
43e52edd 4553 * Determine the name of the origin snapshot.
34dc7c2f 4554 */
160af771 4555 if (originsnap) {
21a4f5cc 4556 (void) strlcpy(origin, originsnap, sizeof (origin));
160af771
GM		 4557 if (flags->verbose)
4558 (void) printf("using provided clone origin %s\n",
4559 origin);
4560 } else if (drrb->drr_flags & DRR_FLAG_CLONE) {
43e52edd
BB		 4561 if (guid_to_name(hdl, destsnap,
4562 drrb->drr_fromguid, B_FALSE, origin) != 0) {
34dc7c2f
BB		 4563 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4564 "local origin for clone %s does not exist"),
43e52edd
BB		 4565 destsnap);
4566 err = zfs_error(hdl, EZFS_NOENT, errbuf);
4567 goto out;
34dc7c2f 4568 }
330d06f9 4569 if (flags->verbose)
43e52edd 4570 (void) printf("found clone origin %s\n", origin);
34dc7c2f
BB		 4571 }
4572
47dfff3b
MA		 4573 boolean_t resuming = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4574 DMU_BACKUP_FEATURE_RESUMING;
b5256303
TC		 4575 boolean_t raw = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4576 DMU_BACKUP_FEATURE_RAW;
9b840763
TC		 4577 boolean_t embedded = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4578 DMU_BACKUP_FEATURE_EMBED_DATA;
b8864a23 4579 stream_wantsnewfs = (drrb->drr_fromguid == 0 ||
47dfff3b 4580 (drrb->drr_flags & DRR_FLAG_CLONE) || originsnap) && !resuming;
34dc7c2f
BB		 4581
4582 if (stream_wantsnewfs) {
4583 /*
4584 * if the parent fs does not exist, look for it based on
4585 * the parent snap GUID
4586 */
4587 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
4588 "cannot receive new filesystem stream"));
4589
43e52edd
BB		 4590 (void) strcpy(name, destsnap);
4591 cp = strrchr(name, '/');
34dc7c2f
BB		 4592 if (cp)
4593 *cp = '\0';
4594 if (cp &&
43e52edd 4595 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
eca7b760 4596 char suffix[ZFS_MAX_DATASET_NAME_LEN];
43e52edd
BB		 4597 (void) strcpy(suffix, strrchr(destsnap, '/'));
4598 if (guid_to_name(hdl, name, parent_snapguid,
4599 B_FALSE, destsnap) == 0) {
4600 *strchr(destsnap, '@') = '\0';
4601 (void) strcat(destsnap, suffix);
34dc7c2f
BB		 4602 }
4603 }
4604 } else {
4605 /*
ebeb6f23
AG		 4606 * If the fs does not exist, look for it based on the
4607 * fromsnap GUID.
34dc7c2f 4608 */
ebeb6f23
AG		 4609 if (resuming) {
4610 (void) snprintf(errbuf, sizeof (errbuf),
4611 dgettext(TEXT_DOMAIN,
4612 "cannot receive resume stream"));
4613 } else {
4614 (void) snprintf(errbuf, sizeof (errbuf),
4615 dgettext(TEXT_DOMAIN,
4616 "cannot receive incremental stream"));
4617 }
34dc7c2f 4618
43e52edd
BB		 4619 (void) strcpy(name, destsnap);
4620 *strchr(name, '@') = '\0';
34dc7c2f 4621
428870ff
BB		 4622 /*
4623 * If the exact receive path was specified and this is the
4624 * topmost path in the stream, then if the fs does not exist we
4625 * should look no further.
4626 */
330d06f9 4627 if ((flags->isprefix || (*(chopprefix = drrb->drr_toname +
428870ff 4628 strlen(sendfs)) != '\0' && *chopprefix != '@')) &&
43e52edd 4629 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
eca7b760 4630 char snap[ZFS_MAX_DATASET_NAME_LEN];
43e52edd
BB		 4631 (void) strcpy(snap, strchr(destsnap, '@'));
4632 if (guid_to_name(hdl, name, drrb->drr_fromguid,
4633 B_FALSE, destsnap) == 0) {
4634 *strchr(destsnap, '@') = '\0';
4635 (void) strcat(destsnap, snap);
34dc7c2f
BB		 4636 }
4637 }
4638 }
4639
43e52edd
BB		 4640 (void) strcpy(name, destsnap);
4641 *strchr(name, '@') = '\0';
34dc7c2f 4642
30af21b0
PD		 4643 redacted = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4644 DMU_BACKUP_FEATURE_REDACTED;
4645
43e52edd
BB		 4646 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
4647 zfs_cmd_t zc = {"\0"};
34dc7c2f 4648 zfs_handle_t *zhp;
4a385862 4649 boolean_t encrypted;
428870ff 4650
43e52edd
BB		 4651 (void) strcpy(zc.zc_name, name);
4652
34dc7c2f 4653 /*
47dfff3b
MA		 4654 * Destination fs exists. It must be one of these cases:
4655 * - an incremental send stream
4656 * - the stream specifies a new fs (full stream or clone)
4657 * and they want us to blow away the existing fs (and
4658 * have therefore specified -F and removed any snapshots)
4659 * - we are resuming a failed receive.
34dc7c2f 4660 */
34dc7c2f 4661 if (stream_wantsnewfs) {
d8d418ff 4662 boolean_t is_volume = drrb->drr_type == DMU_OST_ZVOL;
330d06f9 4663 if (!flags->force) {
34dc7c2f
BB		 4664 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4665 "destination '%s' exists\n"
43e52edd
BB		 4666 "must specify -F to overwrite it"), name);
4667 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4668 goto out;
34dc7c2f
BB		 4669 }
4670 if (ioctl(hdl->libzfs_fd, ZFS_IOC_SNAPSHOT_LIST_NEXT,
4671 &zc) == 0) {
34dc7c2f
BB		 4672 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4673 "destination has snapshots (eg. %s)\n"
4674 "must destroy them to overwrite it"),
b53cb02d 4675 zc.zc_name);
43e52edd
BB		 4676 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4677 goto out;
34dc7c2f 4678 }
d8d418ff 4679 if (is_volume && strrchr(name, '/') == NULL) {
4680 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4681 "destination %s is the root dataset\n"
4682 "cannot overwrite with a ZVOL"),
4683 name);
4684 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4685 goto out;
4686 }
4687 if (is_volume &&
4688 ioctl(hdl->libzfs_fd, ZFS_IOC_DATASET_LIST_NEXT,
4689 &zc) == 0) {
4690 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4691 "destination has children (eg. %s)\n"
4692 "cannot overwrite with a ZVOL"),
4693 zc.zc_name);
4694 err = zfs_error(hdl, EZFS_WRONG_PARENT, errbuf);
4695 goto out;
4696 }
34dc7c2f
BB		 4697 }
4698
43e52edd 4699 if ((zhp = zfs_open(hdl, name,
34dc7c2f 4700 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME)) == NULL) {
43e52edd
BB		 4701 err = -1;
4702 goto out;
34dc7c2f
BB		 4703 }
4704
4705 if (stream_wantsnewfs &&
4706 zhp->zfs_dmustats.dds_origin[0]) {
34dc7c2f
BB		 4707 zfs_close(zhp);
4708 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4709 "destination '%s' is a clone\n"
43e52edd
BB		 4710 "must destroy it to overwrite it"), name);
4711 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4712 goto out;
34dc7c2f
BB		 4713 }
4714
b5256303 4715 /*
4a385862 4716 * Raw sends can not be performed as an incremental on top
78595377 4717 * of existing unencrypted datasets. zfs recv -F can't be
4a385862
TC		 4718 * used to blow away an existing encrypted filesystem. This
4719 * is because it would require the dsl dir to point to the
4720 * new key (or lack of a key) and the old key at the same
4721 * time. The -F flag may still be used for deleting
4722 * intermediate snapshots that would otherwise prevent the
4723 * receive from working.
b5256303 4724 */
4a385862
TC		 4725 encrypted = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) !=
4726 ZIO_CRYPT_OFF;
4727 if (!stream_wantsnewfs && !encrypted && raw) {
b5256303
TC		 4728 zfs_close(zhp);
4729 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4a385862
TC		 4730 "cannot perform raw receive on top of "
4731 "existing unencrypted dataset"));
b5256303
TC		 4732 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4733 goto out;
4734 }
4735
4a385862
TC		 4736 if (stream_wantsnewfs && flags->force &&
4737 ((raw && !encrypted) || encrypted)) {
4738 zfs_close(zhp);
4739 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4740 "zfs receive -F cannot be used to destroy an "
4741 "encrypted filesystem or overwrite an "
4742 "unencrypted one with an encrypted one"));
4743 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4744 goto out;
4745 }
b5256303 4746
330d06f9 4747 if (!flags->dryrun && zhp->zfs_type == ZFS_TYPE_FILESYSTEM &&
34dc7c2f
BB		 4748 stream_wantsnewfs) {
4749 /* We can't do online recv in this case */
b128c09f 4750 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0, 0);
34dc7c2f 4751 if (clp == NULL) {
45d1cae3 4752 zfs_close(zhp);
43e52edd
BB		 4753 err = -1;
4754 goto out;
34dc7c2f
BB		 4755 }
4756 if (changelist_prefix(clp) != 0) {
4757 changelist_free(clp);
45d1cae3 4758 zfs_close(zhp);
43e52edd
BB		 4759 err = -1;
4760 goto out;
34dc7c2f
BB		 4761 }
4762 }
47dfff3b
MA		 4763
4764 /*
4765 * If we are resuming a newfs, set newfs here so that we will
4766 * mount it if the recv succeeds this time. We can tell
4767 * that it was a newfs on the first recv because the fs
4768 * itself will be inconsistent (if the fs existed when we
4769 * did the first recv, we would have received it into
4770 * .../%recv).
4771 */
4772 if (resuming && zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT))
4773 newfs = B_TRUE;
4774
a3eeab2d 4775 /* we want to know if we're zoned when validating -o|-x props */
4776 zoned = zfs_prop_get_int(zhp, ZFS_PROP_ZONED);
4777
c03f0470 4778 /* may need this info later, get it now we have zhp around */
4779 if (zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN, NULL, 0,
4780 NULL, NULL, 0, B_TRUE) == 0)
4781 hastoken = B_TRUE;
4782
a3eeab2d 4783 /* gather existing properties on destination */
4784 origprops = fnvlist_alloc();
4785 fnvlist_merge(origprops, zhp->zfs_props);
4786 fnvlist_merge(origprops, zhp->zfs_user_props);
4787
34dc7c2f
BB		 4788 zfs_close(zhp);
4789 } else {
b5256303
TC		 4790 zfs_handle_t *zhp;
4791
34dc7c2f
BB		 4792 /*
4793 * Destination filesystem does not exist. Therefore we better
4794 * be creating a new filesystem (either from a full backup, or
4795 * a clone). It would therefore be invalid if the user
4796 * specified only the pool name (i.e. if the destination name
4797 * contained no slash character).
4798 */
a64f903b
GN		 4799 cp = strrchr(name, '/');
4800
4801 if (!stream_wantsnewfs || cp == NULL) {
34dc7c2f 4802 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
43e52edd
BB		 4803 "destination '%s' does not exist"), name);
4804 err = zfs_error(hdl, EZFS_NOENT, errbuf);
4805 goto out;
34dc7c2f
BB		 4806 }
4807
4808 /*
4809 * Trim off the final dataset component so we perform the
4810 * recvbackup ioctl to the filesystems's parent.
4811 */
4812 *cp = '\0';
4813
330d06f9 4814 if (flags->isprefix && !flags->istail && !flags->dryrun &&
43e52edd
BB		 4815 create_parents(hdl, destsnap, strlen(tosnap)) != 0) {
4816 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4817 goto out;
34dc7c2f
BB		 4818 }
4819
d8d418ff 4820 /* validate parent */
4821 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
4822 if (zhp == NULL) {
4823 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4824 goto out;
4825 }
4826 if (zfs_get_type(zhp) != ZFS_TYPE_FILESYSTEM) {
4827 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4828 "parent '%s' is not a filesystem"), name);
4829 err = zfs_error(hdl, EZFS_WRONG_PARENT, errbuf);
4830 zfs_close(zhp);
4831 goto out;
4832 }
4833
d8d418ff 4834 zfs_close(zhp);
b5256303 4835
34dc7c2f 4836 newfs = B_TRUE;
b5256303 4837 *cp = '/';
34dc7c2f
BB		 4838 }
4839
330d06f9 4840 if (flags->verbose) {
34dc7c2f 4841 (void) printf("%s %s stream of %s into %s\n",
330d06f9 4842 flags->dryrun ? "would receive" : "receiving",
34dc7c2f 4843 drrb->drr_fromguid ? "incremental" : "full",
43e52edd 4844 drrb->drr_toname, destsnap);
34dc7c2f
BB		 4845 (void) fflush(stdout);
4846 }
4847
330d06f9 4848 if (flags->dryrun) {
870e7a52
TC		 4849 void *buf = zfs_alloc(hdl, SPA_MAXBLOCKSIZE);
4850
4851 /*
4852 * We have read the DRR_BEGIN record, but we have
4853 * not yet read the payload. For non-dryrun sends
4854 * this will be done by the kernel, so we must
4855 * emulate that here, before attempting to read
4856 * more records.
4857 */
4858 err = recv_read(hdl, infd, buf, drr->drr_payloadlen,
4859 flags->byteswap, NULL);
4860 free(buf);
4861 if (err != 0)
4862 goto out;
4863
43e52edd
BB		 4864 err = recv_skip(hdl, infd, flags->byteswap);
4865 goto out;
34dc7c2f
BB		 4866 }
4867
bb61cc31
TC		 4868 /*
4869 * If this is the top-level dataset, record it so we can use it
4870 * for recursive operations later.
4871 */
4872 if (top_zfs != NULL &&
4873 (*top_zfs == NULL || strcmp(*top_zfs, name) == 0)) {
bee7e4ff 4874 toplevel = B_TRUE;
bb61cc31
TC		 4875 if (*top_zfs == NULL)
4876 *top_zfs = zfs_strdup(hdl, name);
4877 }
4878
a3eeab2d 4879 if (drrb->drr_type == DMU_OST_ZVOL) {
4880 type = ZFS_TYPE_VOLUME;
4881 } else if (drrb->drr_type == DMU_OST_ZFS) {
4882 type = ZFS_TYPE_FILESYSTEM;
4883 } else {
4884 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4885 "invalid record type: 0x%d"), drrb->drr_type);
4886 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4887 goto out;
4888 }
d9c460a0
TC		 4889 if ((err = zfs_setup_cmdline_props(hdl, type, name, zoned, recursive,
4890 stream_wantsnewfs, raw, toplevel, rcvprops, cmdprops, origprops,
4891 &oxprops, &wkeydata, &wkeylen, errbuf)) != 0)
a3eeab2d 4892 goto out;
4893
da689887
TC		 4894 /*
4895 * When sending with properties (zfs send -p), the encryption property
4896 * is not included because it is a SETONCE property and therefore
4897 * treated as read only. However, we are always able to determine its
4898 * value because raw sends will include it in the DRR_BDEGIN payload
4899 * and non-raw sends with properties are not allowed for encrypted
4900 * datasets. Therefore, if this is a non-raw properties stream, we can
4901 * infer that the value should be ZIO_CRYPT_OFF and manually add that
4902 * to the received properties.
4903 */
4904 if (stream_wantsnewfs && !raw && rcvprops != NULL &&
4905 !nvlist_exists(cmdprops, zfs_prop_to_name(ZFS_PROP_ENCRYPTION))) {
4906 if (oxprops == NULL)
4907 oxprops = fnvlist_alloc();
4908 fnvlist_add_uint64(oxprops,
4909 zfs_prop_to_name(ZFS_PROP_ENCRYPTION), ZIO_CRYPT_OFF);
4910 }
4911
d9c460a0
TC		 4912 err = ioctl_err = lzc_receive_with_cmdprops(destsnap, rcvprops,
4913 oxprops, wkeydata, wkeylen, origin, flags->force, flags->resumable,
4914 raw, infd, drr_noswap, cleanup_fd, &read_bytes, &errflags,
4915 action_handlep, &prop_errors);
43e52edd
BB		 4916 ioctl_errno = ioctl_err;
4917 prop_errflags = errflags;
428870ff
BB		 4918
4919 if (err == 0) {
428870ff
BB		 4920 nvpair_t *prop_err = NULL;
4921
4922 while ((prop_err = nvlist_next_nvpair(prop_errors,
4923 prop_err)) != NULL) {
4924 char tbuf[1024];
4925 zfs_prop_t prop;
4926 int intval;
4927
4928 prop = zfs_name_to_prop(nvpair_name(prop_err));
4929 (void) nvpair_value_int32(prop_err, &intval);
4930 if (strcmp(nvpair_name(prop_err),
4931 ZPROP_N_MORE_ERRORS) == 0) {
4932 trunc_prop_errs(intval);
4933 break;
671c9354
DM		 4934 } else if (snapname == NULL || finalsnap == NULL ||
4935 strcmp(finalsnap, snapname) == 0 ||
4936 strcmp(nvpair_name(prop_err),
4937 zfs_prop_to_name(ZFS_PROP_REFQUOTA)) != 0) {
4938 /*
4939 * Skip the special case of, for example,
4940 * "refquota", errors on intermediate
4941 * snapshots leading up to a final one.
4942 * That's why we have all of the checks above.
4943 *
4944 * See zfs_ioctl.c's extract_delay_props() for
4945 * a list of props which can fail on
4946 * intermediate snapshots, but shouldn't
4947 * affect the overall receive.
4948 */
428870ff
BB		 4949 (void) snprintf(tbuf, sizeof (tbuf),
4950 dgettext(TEXT_DOMAIN,
4951 "cannot receive %s property on %s"),
43e52edd 4952 nvpair_name(prop_err), name);
428870ff
BB		 4953 zfs_setprop_error(hdl, prop, intval, tbuf);
4954 }
4955 }
428870ff
BB		 4956 }
4957
b128c09f 4958 if (err == 0 && snapprops_nvlist) {
43e52edd 4959 zfs_cmd_t zc = {"\0"};
b128c09f 4960
43e52edd
BB		 4961 (void) strcpy(zc.zc_name, destsnap);
4962 zc.zc_cookie = B_TRUE; /* received */
4963 if (zcmd_write_src_nvlist(hdl, &zc, snapprops_nvlist) == 0) {
4964 (void) zfs_ioctl(hdl, ZFS_IOC_SET_PROP, &zc);
4965 zcmd_free_nvlists(&zc);
b128c09f
BB		 4966 }
4967 }
9c5e88b1
PZ		 4968 if (err == 0 && snapholds_nvlist) {
4969 nvpair_t *pair;
4970 nvlist_t *holds, *errors = NULL;
4971 int cleanup_fd = -1;
4972
4973 VERIFY(0 == nvlist_alloc(&holds, 0, KM_SLEEP));
4974 for (pair = nvlist_next_nvpair(snapholds_nvlist, NULL);
4975 pair != NULL;
4976 pair = nvlist_next_nvpair(snapholds_nvlist, pair)) {
4977 VERIFY(0 == nvlist_add_string(holds, destsnap,
4978 nvpair_name(pair)));
4979 }
4980 (void) lzc_hold(holds, cleanup_fd, &errors);
4981 nvlist_free(snapholds_nvlist);
4982 nvlist_free(holds);
4983 }
b128c09f 4984
428870ff 4985 if (err && (ioctl_errno == ENOENT || ioctl_errno == EEXIST)) {
34dc7c2f
BB		 4986 /*
4987 * It may be that this snapshot already exists,
4988 * in which case we want to consume & ignore it
4989 * rather than failing.
4990 */
4991 avl_tree_t *local_avl;
4992 nvlist_t *local_nv, *fs;
43e52edd 4993 cp = strchr(destsnap, '@');
34dc7c2f
BB		 4994
4995 /*
4996 * XXX Do this faster by just iterating over snaps in
4997 * this fs. Also if zc_value does not exist, we will
4998 * get a strange "does not exist" error message.
4999 */
5000 *cp = '\0';
b5256303 5001 if (gather_nvlist(hdl, destsnap, NULL, NULL, B_FALSE, B_TRUE,
f94b3cbf
TC		 5002 B_FALSE, B_FALSE, B_FALSE, B_FALSE, B_FALSE, B_TRUE,
5003 &local_nv, &local_avl) == 0) {
34dc7c2f
BB		 5004 *cp = '@';
5005 fs = fsavl_find(local_avl, drrb->drr_toguid, NULL);
5006 fsavl_destroy(local_avl);
5007 nvlist_free(local_nv);
5008
5009 if (fs != NULL) {
330d06f9 5010 if (flags->verbose) {
34dc7c2f 5011 (void) printf("snap %s already exists; "
43e52edd 5012 "ignoring\n", destsnap);
34dc7c2f 5013 }
428870ff 5014 err = ioctl_err = recv_skip(hdl, infd,
330d06f9 5015 flags->byteswap);
34dc7c2f
BB		 5016 }
5017 }
5018 *cp = '@';
5019 }
5020
34dc7c2f
BB		 5021 if (ioctl_err != 0) {
5022 switch (ioctl_errno) {
5023 case ENODEV:
43e52edd 5024 cp = strchr(destsnap, '@');
34dc7c2f
BB		 5025 *cp = '\0';
5026 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5027 "most recent snapshot of %s does not\n"
43e52edd 5028 "match incremental source"), destsnap);
34dc7c2f
BB		 5029 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf);
5030 *cp = '@';
5031 break;
5032 case ETXTBSY:
5033 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5034 "destination %s has been modified\n"
43e52edd 5035 "since most recent snapshot"), name);
34dc7c2f
BB		 5036 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf);
5037 break;
b5256303
TC		 5038 case EACCES:
5039 if (raw && stream_wantsnewfs) {
5040 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5041 "failed to create encryption key"));
5042 } else if (raw && !stream_wantsnewfs) {
5043 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5044 "encryption key does not match "
5045 "existing key"));
5046 } else {
5047 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5048 "inherited key must be loaded"));
5049 }
5050 (void) zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf);
5051 break;
34dc7c2f 5052 case EEXIST:
43e52edd 5053 cp = strchr(destsnap, '@');
34dc7c2f
BB		 5054 if (newfs) {
5055 /* it's the containing fs that exists */
5056 *cp = '\0';
5057 }
5058 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5059 "destination already exists"));
5060 (void) zfs_error_fmt(hdl, EZFS_EXISTS,
5061 dgettext(TEXT_DOMAIN, "cannot restore to %s"),
43e52edd 5062 destsnap);
34dc7c2f
BB		 5063 *cp = '@';
5064 break;
5065 case EINVAL:
2ba59fa9 5066 if (flags->resumable) {
43e52edd
BB		 5067 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5068 "kernel modules must be upgraded to "
5069 "receive this stream."));
2ba59fa9 5070 } else if (embedded && !raw) {
9b840763
TC		 5071 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5072 "incompatible embedded data stream "
5073 "feature with encrypted receive."));
2ba59fa9 5074 }
34dc7c2f
BB		 5075 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5076 break;
5077 case ECKSUM:
43e52edd 5078 recv_ecksum_set_aux(hdl, destsnap, flags->resumable);
34dc7c2f
BB		 5079 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5080 break;
428870ff
BB		 5081 case ENOTSUP:
5082 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5083 "pool must be upgraded to receive this stream."));
5084 (void) zfs_error(hdl, EZFS_BADVERSION, errbuf);
5085 break;
5086 case EDQUOT:
5087 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
c03f0470 5088 "destination %s space quota exceeded."), name);
330d06f9 5089 (void) zfs_error(hdl, EZFS_NOSPC, errbuf);
428870ff 5090 break;
f00ab3f2
TC		 5091 case ZFS_ERR_FROM_IVSET_GUID_MISSING:
5092 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
73c25a78
TC		 5093 "IV set guid missing. See errata %u at "
5094 "http://zfsonlinux.org/msg/ZFS-8000-ER."),
f00ab3f2
TC		 5095 ZPOOL_ERRATA_ZOL_8308_ENCRYPTION);
5096 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5097 break;
5098 case ZFS_ERR_FROM_IVSET_GUID_MISMATCH:
5099 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5100 "IV set guid mismatch. See the 'zfs receive' "
5101 "man page section\n discussing the limitations "
5102 "of raw encrypted send streams."));
5103 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5104 break;
caf9dd20
BB		 5105 case ZFS_ERR_SPILL_BLOCK_FLAG_MISSING:
5106 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5107 "Spill block flag missing for raw send.\n"
5108 "The zfs software on the sending system must "
5109 "be updated."));
5110 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5111 break;
c03f0470 5112 case EBUSY:
5113 if (hastoken) {
5114 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5115 "destination %s contains "
5116 "partially-complete state from "
5117 "\"zfs receive -s\"."), name);
5118 (void) zfs_error(hdl, EZFS_BUSY, errbuf);
5119 break;
5120 }
5121 /* fallthru */
34dc7c2f
BB		 5122 default:
5123 (void) zfs_standard_error(hdl, ioctl_errno, errbuf);
5124 }
5125 }
5126
5127 /*
428870ff
BB		 5128 * Mount the target filesystem (if created). Also mount any
5129 * children of the target filesystem if we did a replication
5130 * receive (indicated by stream_avl being non-NULL).
34dc7c2f 5131 */
34dc7c2f 5132 if (clp) {
89d43feb
GM		 5133 if (!flags->nomount)
5134 err |= changelist_postfix(clp);
34dc7c2f
BB		 5135 changelist_free(clp);
5136 }
5137
bb61cc31
TC		 5138 if ((newfs || stream_avl) && type == ZFS_TYPE_FILESYSTEM && !redacted)
5139 flags->domount = B_TRUE;
5140
428870ff
BB		 5141 if (prop_errflags & ZPROP_ERR_NOCLEAR) {
5142 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: "
43e52edd 5143 "failed to clear unreceived properties on %s"), name);
428870ff
BB		 5144 (void) fprintf(stderr, "\n");
5145 }
5146 if (prop_errflags & ZPROP_ERR_NORESTORE) {
5147 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: "
43e52edd 5148 "failed to restore original properties on %s"), name);
428870ff
BB		 5149 (void) fprintf(stderr, "\n");
5150 }
5151
43e52edd
BB		 5152 if (err || ioctl_err) {
5153 err = -1;
5154 goto out;
5155 }
572e2857 5156
330d06f9 5157 if (flags->verbose) {
34dc7c2f
BB		 5158 char buf1[64];
5159 char buf2[64];
43e52edd 5160 uint64_t bytes = read_bytes;
34dc7c2f
BB		 5161 time_t delta = time(NULL) - begin_time;
5162 if (delta == 0)
5163 delta = 1;
e7fbeb60 5164 zfs_nicebytes(bytes, buf1, sizeof (buf1));
5165 zfs_nicebytes(bytes/delta, buf2, sizeof (buf1));
34dc7c2f 5166
e7fbeb60 5167 (void) printf("received %s stream in %lu seconds (%s/sec)\n",
34dc7c2f
BB		 5168 buf1, delta, buf2);
5169 }
5170
43e52edd
BB		 5171 err = 0;
5172out:
5173 if (prop_errors != NULL)
5174 nvlist_free(prop_errors);
5175
b5256303
TC		 5176 if (tmp_keylocation[0] != '\0') {
5177 VERIFY(0 == nvlist_add_string(rcvprops,
5178 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), tmp_keylocation));
5179 }
5180
43e52edd 5181 if (newprops)
a3eeab2d 5182 nvlist_free(rcvprops);
5183
5184 nvlist_free(oxprops);
5185 nvlist_free(origprops);
43e52edd
BB		 5186
5187 return (err);
34dc7c2f
BB		 5188}
5189
a3eeab2d 5190/*
5191 * Check properties we were asked to override (both -o|-x)
5192 */
5193static boolean_t
5194zfs_receive_checkprops(libzfs_handle_t *hdl, nvlist_t *props,
5195 const char *errbuf)
5196{
5197 nvpair_t *nvp;
5198 zfs_prop_t prop;
5199 const char *name;
5200
5201 nvp = NULL;
5202 while ((nvp = nvlist_next_nvpair(props, nvp)) != NULL) {
5203 name = nvpair_name(nvp);
5204 prop = zfs_name_to_prop(name);
5205
5206 if (prop == ZPROP_INVAL) {
5207 if (!zfs_prop_user(name)) {
5208 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5209 "invalid property '%s'"), name);
5210 return (B_FALSE);
5211 }
5212 continue;
5213 }
5214 /*
5215 * "origin" is readonly but is used to receive datasets as
5216 * clones so we don't raise an error here
5217 */
5218 if (prop == ZFS_PROP_ORIGIN)
5219 continue;
5220
d9c460a0
TC		 5221 /* encryption params have their own verification later */
5222 if (prop == ZFS_PROP_ENCRYPTION ||
5223 zfs_prop_encryption_key_param(prop))
5224 continue;
5225
a3eeab2d 5226 /*
5227 * cannot override readonly, set-once and other specific
5228 * settable properties
5229 */
5230 if (zfs_prop_readonly(prop) || prop == ZFS_PROP_VERSION ||
5231 prop == ZFS_PROP_VOLSIZE) {
5232 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5233 "invalid property '%s'"), name);
5234 return (B_FALSE);
5235 }
5236 }
5237
5238 return (B_TRUE);
5239}
5240
b128c09f 5241static int
fcff0f35
PD		 5242zfs_receive_impl(libzfs_handle_t *hdl, const char *tosnap,
5243 const char *originsnap, recvflags_t *flags, int infd, const char *sendfs,
5244 nvlist_t *stream_nv, avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd,
a3eeab2d 5245 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops)
34dc7c2f
BB		 5246{
5247 int err;
5248 dmu_replay_record_t drr, drr_noswap;
5249 struct drr_begin *drrb = &drr.drr_u.drr_begin;
5250 char errbuf[1024];
2598c001 5251 zio_cksum_t zcksum = { { 0 } };
428870ff
BB		 5252 uint64_t featureflags;
5253 int hdrtype;
34dc7c2f
BB		 5254
5255 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
5256 "cannot receive"));
5257
a3eeab2d 5258 /* check cmdline props, raise an error if they cannot be received */
5259 if (!zfs_receive_checkprops(hdl, cmdprops, errbuf)) {
5260 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
5261 }
5262
330d06f9 5263 if (flags->isprefix &&
34dc7c2f
BB		 5264 !zfs_dataset_exists(hdl, tosnap, ZFS_TYPE_DATASET)) {
5265 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified fs "
5266 "(%s) does not exist"), tosnap);
5267 return (zfs_error(hdl, EZFS_NOENT, errbuf));
5268 }
fcff0f35
PD		 5269 if (originsnap &&
5270 !zfs_dataset_exists(hdl, originsnap, ZFS_TYPE_DATASET)) {
5271 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified origin fs "
5272 "(%s) does not exist"), originsnap);
5273 return (zfs_error(hdl, EZFS_NOENT, errbuf));
5274 }
34dc7c2f
BB		 5275
5276 /* read in the BEGIN record */
5277 if (0 != (err = recv_read(hdl, infd, &drr, sizeof (drr), B_FALSE,
5278 &zcksum)))
5279 return (err);
5280
5281 if (drr.drr_type == DRR_END || drr.drr_type == BSWAP_32(DRR_END)) {
5282 /* It's the double end record at the end of a package */
5283 return (ENODATA);
5284 }
5285
5286 /* the kernel needs the non-byteswapped begin record */
5287 drr_noswap = drr;
5288
330d06f9 5289 flags->byteswap = B_FALSE;
34dc7c2f
BB		 5290 if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC)) {
5291 /*
5292 * We computed the checksum in the wrong byteorder in
5293 * recv_read() above; do it again correctly.
5294 */
5295 bzero(&zcksum, sizeof (zio_cksum_t));
5296 fletcher_4_incremental_byteswap(&drr, sizeof (drr), &zcksum);
330d06f9 5297 flags->byteswap = B_TRUE;
34dc7c2f
BB		 5298
5299 drr.drr_type = BSWAP_32(drr.drr_type);
5300 drr.drr_payloadlen = BSWAP_32(drr.drr_payloadlen);
5301 drrb->drr_magic = BSWAP_64(drrb->drr_magic);
428870ff 5302 drrb->drr_versioninfo = BSWAP_64(drrb->drr_versioninfo);
34dc7c2f
BB		 5303 drrb->drr_creation_time = BSWAP_64(drrb->drr_creation_time);
5304 drrb->drr_type = BSWAP_32(drrb->drr_type);
5305 drrb->drr_flags = BSWAP_32(drrb->drr_flags);
5306 drrb->drr_toguid = BSWAP_64(drrb->drr_toguid);
5307 drrb->drr_fromguid = BSWAP_64(drrb->drr_fromguid);
5308 }
5309
5310 if (drrb->drr_magic != DMU_BACKUP_MAGIC || drr.drr_type != DRR_BEGIN) {
5311 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
5312 "stream (bad magic number)"));
5313 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
5314 }
5315
428870ff
BB		 5316 featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
5317 hdrtype = DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo);
5318
5319 if (!DMU_STREAM_SUPPORTED(featureflags) ||
5320 (hdrtype != DMU_SUBSTREAM && hdrtype != DMU_COMPOUNDSTREAM)) {
5321 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5322 "stream has unsupported feature, feature flags = %lx"),
5323 featureflags);
5324 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
5325 }
5326
9c5e88b1
PZ		 5327 /* Holds feature is set once in the compound stream header. */
5328 boolean_t holds = (DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
5329 DMU_BACKUP_FEATURE_HOLDS);
5330 if (holds)
5331 flags->holds = B_TRUE;
5332
34dc7c2f
BB		 5333 if (strchr(drrb->drr_toname, '@') == NULL) {
5334 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
5335 "stream (bad snapshot name)"));
5336 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
5337 }
5338
428870ff 5339 if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) == DMU_SUBSTREAM) {
eca7b760 5340 char nonpackage_sendfs[ZFS_MAX_DATASET_NAME_LEN];
428870ff
BB		 5341 if (sendfs == NULL) {
5342 /*
5343 * We were not called from zfs_receive_package(). Get
5344 * the fs specified by 'zfs send'.
5345 */
5346 char *cp;
5347 (void) strlcpy(nonpackage_sendfs,
eca7b760
IK		 5348 drr.drr_u.drr_begin.drr_toname,
5349 sizeof (nonpackage_sendfs));
428870ff
BB		 5350 if ((cp = strchr(nonpackage_sendfs, '@')) != NULL)
5351 *cp = '\0';
5352 sendfs = nonpackage_sendfs;
671c9354 5353 VERIFY(finalsnap == NULL);
428870ff 5354 }
fcff0f35
PD		 5355 return (zfs_receive_one(hdl, infd, tosnap, originsnap, flags,
5356 &drr, &drr_noswap, sendfs, stream_nv, stream_avl, top_zfs,
a3eeab2d 5357 cleanup_fd, action_handlep, finalsnap, cmdprops));
428870ff
BB		 5358 } else {
5359 assert(DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) ==
5360 DMU_COMPOUNDSTREAM);
fcff0f35 5361 return (zfs_receive_package(hdl, infd, tosnap, flags, &drr,
a3eeab2d 5362 &zcksum, top_zfs, cleanup_fd, action_handlep, cmdprops));
34dc7c2f
BB		 5363 }
5364}
b128c09f
BB		 5365
5366/*
5367 * Restores a backup of tosnap from the file descriptor specified by infd.
5368 * Return 0 on total success, -2 if some things couldn't be
5369 * destroyed/renamed/promoted, -1 if some things couldn't be received.
47dfff3b
MA		 5370 * (-1 will override -2, if -1 and the resumable flag was specified the
5371 * transfer can be resumed if the sending side supports it).
b128c09f
BB		 5372 */
5373int
fcff0f35
PD		 5374zfs_receive(libzfs_handle_t *hdl, const char *tosnap, nvlist_t *props,
5375 recvflags_t *flags, int infd, avl_tree_t *stream_avl)
b128c09f
BB		 5376{
5377 char *top_zfs = NULL;
5378 int err;
572e2857
BB		 5379 int cleanup_fd;
5380 uint64_t action_handle = 0;
5c3f61eb 5381 struct stat sb;
fcff0f35 5382 char *originsnap = NULL;
5c3f61eb
RY		 5383
5384 /*
5385 * The only way fstat can fail is if we do not have a valid file
5386 * descriptor.
5387 */
5388 if (fstat(infd, &sb) == -1) {
5389 perror("fstat");
5390 return (-2);
5391 }
5392
5c3f61eb
RY		 5393 /*
5394 * It is not uncommon for gigabytes to be processed in zfs receive.
73cdcc63 5395 * Speculatively increase the buffer size if supported by the platform.
5c3f61eb 5396 */
73cdcc63
MM		 5397 if (S_ISFIFO(sb.st_mode))
5398 libzfs_set_pipe_max(infd);
572e2857 5399
fcff0f35
PD		 5400 if (props) {
5401 err = nvlist_lookup_string(props, "origin", &originsnap);
5402 if (err && err != ENOENT)
5403 return (err);
5404 }
5405
73cdcc63 5406 cleanup_fd = open(ZFS_DEV, O_RDWR|O_EXCL);
572e2857 5407 VERIFY(cleanup_fd >= 0);
b128c09f 5408
fcff0f35 5409 err = zfs_receive_impl(hdl, tosnap, originsnap, flags, infd, NULL, NULL,
a3eeab2d 5410 stream_avl, &top_zfs, cleanup_fd, &action_handle, NULL, props);
572e2857
BB		 5411
5412 VERIFY(0 == close(cleanup_fd));
b128c09f 5413
bb61cc31 5414 if (err == 0 && !flags->nomount && flags->domount && top_zfs) {
689f093e
GN		 5415 zfs_handle_t *zhp = NULL;
5416 prop_changelist_t *clp = NULL;
b128c09f 5417
bb61cc31
TC		 5418 zhp = zfs_open(hdl, top_zfs,
5419 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
5420 if (zhp == NULL) {
5421 err = -1;
5422 goto out;
5423 } else {
5424 if (zhp->zfs_type == ZFS_TYPE_VOLUME) {
5425 zfs_close(zhp);
5426 goto out;
5427 }
5428
b128c09f
BB		 5429 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT,
5430 CL_GATHER_MOUNT_ALWAYS, 0);
5431 zfs_close(zhp);
bb61cc31
TC		 5432 if (clp == NULL) {
5433 err = -1;
5434 goto out;
b128c09f 5435 }
bb61cc31
TC		 5436
5437 /* mount and share received datasets */
5438 err = changelist_postfix(clp);
5439 changelist_free(clp);
5440 if (err != 0)
5441 err = -1;
b128c09f 5442 }
b128c09f 5443 }
bb61cc31
TC		 5444
5445out:
b128c09f
BB		 5446 if (top_zfs)
5447 free(top_zfs);
5448
5449 return (err);
5450}
ZFS On Linux mirror for PVE