]> git.proxmox.com Git - mirror_zfs.git/blame - lib/libzfs/libzfs_sendrecv.c
projects / mirror_zfs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix more leaks detected by ASAN
[mirror_zfs.git] / lib / libzfs / libzfs_sendrecv.c
CommitLineData
34dc7c2f
BB		 1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22/*
428870ff 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
30af21b0 24 * Copyright (c) 2011, 2018 by Delphix. All rights reserved.
37abac6d 25 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
95fd54a1 26 * Copyright (c) 2012 Pawel Jakub Dawidek <pawel@dawidek.net>.
0cee2406 27 * All rights reserved
95fd54a1 28 * Copyright (c) 2013 Steven Hartland. All rights reserved.
671c9354 29 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
23d70cde 30 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
d8d418ff 31 * Copyright (c) 2018, loli10K <ezomori.nozomu@gmail.com>. All rights reserved.
4c0883fb 32 * Copyright (c) 2019 Datto Inc.
34dc7c2f
BB		 33 */
34
34dc7c2f
BB		 35#include <assert.h>
36#include <ctype.h>
37#include <errno.h>
34dc7c2f
BB		 38#include <libintl.h>
39#include <stdio.h>
40#include <stdlib.h>
41#include <strings.h>
42#include <unistd.h>
43#include <stddef.h>
44#include <fcntl.h>
45#include <sys/mount.h>
9b020fd9
BB		 46#include <sys/mntent.h>
47#include <sys/mnttab.h>
48#include <sys/avl.h>
49#include <sys/debug.h>
5c3f61eb 50#include <sys/stat.h>
9b020fd9 51#include <stddef.h>
428870ff
BB		 52#include <pthread.h>
53#include <umem.h>
37abac6d 54#include <time.h>
34dc7c2f
BB		 55
56#include <libzfs.h>
9b67f605 57#include <libzfs_core.h>
e89f1295 58#include <libzutil.h>
34dc7c2f
BB		 59
60#include "zfs_namecheck.h"
61#include "zfs_prop.h"
428870ff 62#include "zfs_fletcher.h"
34dc7c2f 63#include "libzfs_impl.h"
c618f87c 64#include <cityhash.h>
47dfff3b 65#include <zlib.h>
428870ff 66#include <sys/zio_checksum.h>
b5256303 67#include <sys/dsl_crypt.h>
428870ff 68#include <sys/ddt.h>
1b9d8c34 69#include <sys/socket.h>
3c67d83a 70#include <sys/sha2.h>
34dc7c2f 71
428870ff
BB		 72/* in libzfs_dataset.c */
73extern void zfs_setprop_error(libzfs_handle_t *, zfs_prop_t, int, char *);
34dc7c2f 74
fcff0f35
PD		 75static int zfs_receive_impl(libzfs_handle_t *, const char *, const char *,
76 recvflags_t *, int, const char *, nvlist_t *, avl_tree_t *, char **, int,
a3eeab2d 77 uint64_t *, const char *, nvlist_t *);
30af21b0
PD		 78static int guid_to_name_redact_snaps(libzfs_handle_t *hdl, const char *parent,
79 uint64_t guid, boolean_t bookmark_ok, uint64_t *redact_snap_guids,
80 uint64_t num_redact_snaps, char *name);
47dfff3b
MA		 81static int guid_to_name(libzfs_handle_t *, const char *,
82 uint64_t, boolean_t, char *);
428870ff 83
2598c001 84static const zio_cksum_t zero_cksum = { { 0 } };
428870ff
BB		 85
86typedef struct dedup_arg {
87 int inputfd;
88 int outputfd;
89 libzfs_handle_t *dedup_hdl;
90} dedup_arg_t;
91
37abac6d
BP		 92typedef struct progress_arg {
93 zfs_handle_t *pa_zhp;
94 int pa_fd;
95 boolean_t pa_parsable;
30af21b0
PD		 96 boolean_t pa_estimate;
97 int pa_verbosity;
37abac6d
BP		 98} progress_arg_t;
99
428870ff
BB		 100typedef struct dataref {
101 uint64_t ref_guid;
102 uint64_t ref_object;
103 uint64_t ref_offset;
104} dataref_t;
105
106typedef struct dedup_entry {
107 struct dedup_entry *dde_next;
108 zio_cksum_t dde_chksum;
109 uint64_t dde_prop;
110 dataref_t dde_ref;
111} dedup_entry_t;
112
113#define MAX_DDT_PHYSMEM_PERCENT 20
114#define SMALLEST_POSSIBLE_MAX_DDT_MB 128
115
116typedef struct dedup_table {
117 dedup_entry_t **dedup_hash_array;
118 umem_cache_t *ddecache;
119 uint64_t max_ddt_size; /* max dedup table size in bytes */
120 uint64_t cur_ddt_size; /* current dedup table size in bytes */
121 uint64_t ddt_count;
122 int numhashbits;
123 boolean_t ddt_full;
124} dedup_table_t;
125
126static int
127high_order_bit(uint64_t n)
128{
129 int count;
130
131 for (count = 0; n != 0; count++)
132 n >>= 1;
133 return (count);
134}
135
136static size_t
137ssread(void *buf, size_t len, FILE *stream)
138{
139 size_t outlen;
140
141 if ((outlen = fread(buf, len, 1, stream)) == 0)
142 return (0);
143
144 return (outlen);
145}
146
147static void
148ddt_hash_append(libzfs_handle_t *hdl, dedup_table_t *ddt, dedup_entry_t **ddepp,
149 zio_cksum_t *cs, uint64_t prop, dataref_t *dr)
150{
151 dedup_entry_t *dde;
152
153 if (ddt->cur_ddt_size >= ddt->max_ddt_size) {
154 if (ddt->ddt_full == B_FALSE) {
155 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
156 "Dedup table full. Deduplication will continue "
157 "with existing table entries"));
158 ddt->ddt_full = B_TRUE;
159 }
160 return;
161 }
162
163 if ((dde = umem_cache_alloc(ddt->ddecache, UMEM_DEFAULT))
164 != NULL) {
165 assert(*ddepp == NULL);
166 dde->dde_next = NULL;
167 dde->dde_chksum = *cs;
168 dde->dde_prop = prop;
169 dde->dde_ref = *dr;
170 *ddepp = dde;
171 ddt->cur_ddt_size += sizeof (dedup_entry_t);
172 ddt->ddt_count++;
173 }
174}
175
176/*
177 * Using the specified dedup table, do a lookup for an entry with
178 * the checksum cs. If found, return the block's reference info
179 * in *dr. Otherwise, insert a new entry in the dedup table, using
180 * the reference information specified by *dr.
181 *
182 * return value: true - entry was found
183 * false - entry was not found
184 */
185static boolean_t
186ddt_update(libzfs_handle_t *hdl, dedup_table_t *ddt, zio_cksum_t *cs,
187 uint64_t prop, dataref_t *dr)
188{
189 uint32_t hashcode;
190 dedup_entry_t **ddepp;
191
192 hashcode = BF64_GET(cs->zc_word[0], 0, ddt->numhashbits);
193
194 for (ddepp = &(ddt->dedup_hash_array[hashcode]); *ddepp != NULL;
195 ddepp = &((*ddepp)->dde_next)) {
196 if (ZIO_CHECKSUM_EQUAL(((*ddepp)->dde_chksum), *cs) &&
197 (*ddepp)->dde_prop == prop) {
198 *dr = (*ddepp)->dde_ref;
199 return (B_TRUE);
200 }
201 }
202 ddt_hash_append(hdl, ddt, ddepp, cs, prop, dr);
203 return (B_FALSE);
204}
205
206static int
37f8a883
MA		 207dump_record(dmu_replay_record_t *drr, void *payload, int payload_len,
208 zio_cksum_t *zc, int outfd)
428870ff 209{
37f8a883
MA		 210 ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
211 ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t));
212 fletcher_4_incremental_native(drr,
213 offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), zc);
214 if (drr->drr_type != DRR_BEGIN) {
215 ASSERT(ZIO_CHECKSUM_IS_ZERO(&drr->drr_u.
216 drr_checksum.drr_checksum));
217 drr->drr_u.drr_checksum.drr_checksum = *zc;
218 }
219 fletcher_4_incremental_native(&drr->drr_u.drr_checksum.drr_checksum,
220 sizeof (zio_cksum_t), zc);
221 if (write(outfd, drr, sizeof (*drr)) == -1)
222 return (errno);
223 if (payload_len != 0) {
224 fletcher_4_incremental_native(payload, payload_len, zc);
225 if (write(outfd, payload, payload_len) == -1)
226 return (errno);
227 }
228 return (0);
428870ff
BB		 229}
230
231/*
232 * This function is started in a separate thread when the dedup option
233 * has been requested. The main send thread determines the list of
234 * snapshots to be included in the send stream and makes the ioctl calls
235 * for each one. But instead of having the ioctl send the output to the
236 * the output fd specified by the caller of zfs_send()), the
237 * ioctl is told to direct the output to a pipe, which is read by the
238 * alternate thread running THIS function. This function does the
239 * dedup'ing by:
240 * 1. building a dedup table (the DDT)
241 * 2. doing checksums on each data block and inserting a record in the DDT
242 * 3. looking for matching checksums, and
243 * 4. sending a DRR_WRITE_BYREF record instead of a write record whenever
244 * a duplicate block is found.
245 * The output of this function then goes to the output fd requested
246 * by the caller of zfs_send().
247 */
248static void *
249cksummer(void *arg)
250{
251 dedup_arg_t *dda = arg;
f1512ee6 252 char *buf = zfs_alloc(dda->dedup_hdl, SPA_MAXBLOCKSIZE);
47dfff3b 253 dmu_replay_record_t thedrr = { 0 };
428870ff 254 dmu_replay_record_t *drr = &thedrr;
428870ff
BB		 255 FILE *ofp;
256 int outfd;
428870ff
BB		 257 dedup_table_t ddt;
258 zio_cksum_t stream_cksum;
428870ff
BB		 259 uint64_t numbuckets;
260
2e0e443a
GM		 261#ifdef _ILP32
262 ddt.max_ddt_size = SMALLEST_POSSIBLE_MAX_DDT_MB << 20;
263#else
264 uint64_t physmem = sysconf(_SC_PHYS_PAGES) * sysconf(_SC_PAGESIZE);
428870ff 265 ddt.max_ddt_size =
37f8a883
MA		 266 MAX((physmem * MAX_DDT_PHYSMEM_PERCENT) / 100,
267 SMALLEST_POSSIBLE_MAX_DDT_MB << 20);
2e0e443a 268#endif
428870ff 269
37f8a883 270 numbuckets = ddt.max_ddt_size / (sizeof (dedup_entry_t));
428870ff
BB		 271
272 /*
273 * numbuckets must be a power of 2. Increase number to
274 * a power of 2 if necessary.
275 */
276 if (!ISP2(numbuckets))
f4bae2ed 277 numbuckets = 1ULL << high_order_bit(numbuckets);
428870ff
BB		 278
279 ddt.dedup_hash_array = calloc(numbuckets, sizeof (dedup_entry_t *));
280 ddt.ddecache = umem_cache_create("dde", sizeof (dedup_entry_t), 0,
281 NULL, NULL, NULL, NULL, NULL, 0);
282 ddt.cur_ddt_size = numbuckets * sizeof (dedup_entry_t *);
283 ddt.numhashbits = high_order_bit(numbuckets) - 1;
284 ddt.ddt_full = B_FALSE;
285
428870ff
BB		 286 outfd = dda->outputfd;
287 ofp = fdopen(dda->inputfd, "r");
37f8a883 288 while (ssread(drr, sizeof (*drr), ofp) != 0) {
428870ff 289
e2454897
GM		 290 /*
291 * kernel filled in checksum, we are going to write same
292 * record, but need to regenerate checksum.
293 */
294 if (drr->drr_type != DRR_BEGIN) {
295 bzero(&drr->drr_u.drr_checksum.drr_checksum,
296 sizeof (drr->drr_u.drr_checksum.drr_checksum));
297 }
298
428870ff
BB		 299 switch (drr->drr_type) {
300 case DRR_BEGIN:
301 {
37f8a883
MA		 302 struct drr_begin *drrb = &drr->drr_u.drr_begin;
303 int fflags;
304 int sz = 0;
428870ff
BB		 305 ZIO_SET_CHECKSUM(&stream_cksum, 0, 0, 0, 0);
306
37f8a883
MA		 307 ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC);
308
428870ff
BB		 309 /* set the DEDUP feature flag for this stream */
310 fflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
311 fflags |= (DMU_BACKUP_FEATURE_DEDUP |
312 DMU_BACKUP_FEATURE_DEDUPPROPS);
313 DMU_SET_FEATUREFLAGS(drrb->drr_versioninfo, fflags);
314
47dfff3b 315 if (drr->drr_payloadlen != 0) {
37f8a883 316 sz = drr->drr_payloadlen;
428870ff 317
f1512ee6
MA		 318 if (sz > SPA_MAXBLOCKSIZE) {
319 buf = zfs_realloc(dda->dedup_hdl, buf,
320 SPA_MAXBLOCKSIZE, sz);
428870ff
BB		 321 }
322 (void) ssread(buf, sz, ofp);
323 if (ferror(stdin))
324 perror("fread");
428870ff 325 }
37f8a883
MA		 326 if (dump_record(drr, buf, sz, &stream_cksum,
327 outfd) != 0)
328 goto out;
428870ff
BB		 329 break;
330 }
331
332 case DRR_END:
333 {
37f8a883 334 struct drr_end *drre = &drr->drr_u.drr_end;
428870ff 335 /* use the recalculated checksum */
37f8a883
MA		 336 drre->drr_checksum = stream_cksum;
337 if (dump_record(drr, NULL, 0, &stream_cksum,
338 outfd) != 0)
428870ff
BB		 339 goto out;
340 break;
341 }
342
343 case DRR_OBJECT:
344 {
37f8a883 345 struct drr_object *drro = &drr->drr_u.drr_object;
428870ff
BB		 346 if (drro->drr_bonuslen > 0) {
347 (void) ssread(buf,
b5256303 348 DRR_OBJECT_PAYLOAD_SIZE(drro), ofp);
428870ff 349 }
b5256303 350 if (dump_record(drr, buf, DRR_OBJECT_PAYLOAD_SIZE(drro),
37f8a883
MA		 351 &stream_cksum, outfd) != 0)
352 goto out;
428870ff
BB		 353 break;
354 }
355
356 case DRR_SPILL:
357 {
37f8a883 358 struct drr_spill *drrs = &drr->drr_u.drr_spill;
b5256303
TC		 359 (void) ssread(buf, DRR_SPILL_PAYLOAD_SIZE(drrs), ofp);
360 if (dump_record(drr, buf, DRR_SPILL_PAYLOAD_SIZE(drrs),
37f8a883 361 &stream_cksum, outfd) != 0)
428870ff
BB		 362 goto out;
363 break;
364 }
365
366 case DRR_FREEOBJECTS:
367 {
37f8a883
MA		 368 if (dump_record(drr, NULL, 0, &stream_cksum,
369 outfd) != 0)
428870ff
BB		 370 goto out;
371 break;
372 }
373
374 case DRR_WRITE:
375 {
37f8a883 376 struct drr_write *drrw = &drr->drr_u.drr_write;
428870ff 377 dataref_t dataref;
2aa34383 378 uint64_t payload_size;
428870ff 379
2aa34383
DK		 380 payload_size = DRR_WRITE_PAYLOAD_SIZE(drrw);
381 (void) ssread(buf, payload_size, ofp);
428870ff
BB		 382
383 /*
384 * Use the existing checksum if it's dedup-capable,
385 * else calculate a SHA256 checksum for it.
386 */
387
388 if (ZIO_CHECKSUM_EQUAL(drrw->drr_key.ddk_cksum,
389 zero_cksum) ||
b5256303 390 !DRR_IS_DEDUP_CAPABLE(drrw->drr_flags)) {
a6255b7f 391 SHA2_CTX ctx;
9c905c55
BB		 392 zio_cksum_t tmpsha256;
393
a6255b7f
DQ		 394 SHA2Init(SHA256, &ctx);
395 SHA2Update(&ctx, buf, payload_size);
396 SHA2Final(&tmpsha256, &ctx);
428870ff 397
428870ff
BB		 398 drrw->drr_key.ddk_cksum.zc_word[0] =
399 BE_64(tmpsha256.zc_word[0]);
400 drrw->drr_key.ddk_cksum.zc_word[1] =
401 BE_64(tmpsha256.zc_word[1]);
402 drrw->drr_key.ddk_cksum.zc_word[2] =
403 BE_64(tmpsha256.zc_word[2]);
404 drrw->drr_key.ddk_cksum.zc_word[3] =
405 BE_64(tmpsha256.zc_word[3]);
406 drrw->drr_checksumtype = ZIO_CHECKSUM_SHA256;
b5256303 407 drrw->drr_flags |= DRR_CHECKSUM_DEDUP;
428870ff
BB		 408 }
409
410 dataref.ref_guid = drrw->drr_toguid;
411 dataref.ref_object = drrw->drr_object;
412 dataref.ref_offset = drrw->drr_offset;
413
414 if (ddt_update(dda->dedup_hdl, &ddt,
415 &drrw->drr_key.ddk_cksum, drrw->drr_key.ddk_prop,
416 &dataref)) {
37f8a883
MA		 417 dmu_replay_record_t wbr_drr = {0};
418 struct drr_write_byref *wbr_drrr =
419 &wbr_drr.drr_u.drr_write_byref;
420
428870ff 421 /* block already present in stream */
37f8a883
MA		 422 wbr_drr.drr_type = DRR_WRITE_BYREF;
423
428870ff
BB		 424 wbr_drrr->drr_object = drrw->drr_object;
425 wbr_drrr->drr_offset = drrw->drr_offset;
2aa34383 426 wbr_drrr->drr_length = drrw->drr_logical_size;
428870ff
BB		 427 wbr_drrr->drr_toguid = drrw->drr_toguid;
428 wbr_drrr->drr_refguid = dataref.ref_guid;
429 wbr_drrr->drr_refobject =
430 dataref.ref_object;
431 wbr_drrr->drr_refoffset =
432 dataref.ref_offset;
433
434 wbr_drrr->drr_checksumtype =
435 drrw->drr_checksumtype;
b5256303 436 wbr_drrr->drr_flags = drrw->drr_flags;
428870ff
BB		 437 wbr_drrr->drr_key.ddk_cksum =
438 drrw->drr_key.ddk_cksum;
439 wbr_drrr->drr_key.ddk_prop =
440 drrw->drr_key.ddk_prop;
441
37f8a883
MA		 442 if (dump_record(&wbr_drr, NULL, 0,
443 &stream_cksum, outfd) != 0)
428870ff
BB		 444 goto out;
445 } else {
446 /* block not previously seen */
2aa34383 447 if (dump_record(drr, buf, payload_size,
37f8a883 448 &stream_cksum, outfd) != 0)
428870ff
BB		 449 goto out;
450 }
451 break;
452 }
453
9b67f605
MA		 454 case DRR_WRITE_EMBEDDED:
455 {
37f8a883
MA		 456 struct drr_write_embedded *drrwe =
457 &drr->drr_u.drr_write_embedded;
9b67f605
MA		 458 (void) ssread(buf,
459 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8), ofp);
37f8a883 460 if (dump_record(drr, buf,
9b67f605 461 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8),
37f8a883 462 &stream_cksum, outfd) != 0)
9b67f605
MA		 463 goto out;
464 break;
465 }
466
428870ff
BB		 467 case DRR_FREE:
468 {
37f8a883
MA		 469 if (dump_record(drr, NULL, 0, &stream_cksum,
470 outfd) != 0)
428870ff
BB		 471 goto out;
472 break;
473 }
474
b5256303
TC		 475 case DRR_OBJECT_RANGE:
476 {
477 if (dump_record(drr, NULL, 0, &stream_cksum,
478 outfd) != 0)
479 goto out;
480 break;
481 }
482
428870ff 483 default:
37f8a883 484 (void) fprintf(stderr, "INVALID record type 0x%x\n",
428870ff
BB		 485 drr->drr_type);
486 /* should never happen, so assert */
487 assert(B_FALSE);
488 }
489 }
490out:
491 umem_cache_destroy(ddt.ddecache);
492 free(ddt.dedup_hash_array);
493 free(buf);
494 (void) fclose(ofp);
495
496 return (NULL);
497}
b128c09f 498
34dc7c2f
BB		 499/*
500 * Routines for dealing with the AVL tree of fs-nvlists
501 */
502typedef struct fsavl_node {
503 avl_node_t fn_node;
504 nvlist_t *fn_nvfs;
505 char *fn_snapname;
506 uint64_t fn_guid;
507} fsavl_node_t;
508
509static int
510fsavl_compare(const void *arg1, const void *arg2)
511{
ee36c709
GN		 512 const fsavl_node_t *fn1 = (const fsavl_node_t *)arg1;
513 const fsavl_node_t *fn2 = (const fsavl_node_t *)arg2;
514
ca577779 515 return (TREE_CMP(fn1->fn_guid, fn2->fn_guid));
34dc7c2f
BB		 516}
517
518/*
519 * Given the GUID of a snapshot, find its containing filesystem and
520 * (optionally) name.
521 */
522static nvlist_t *
523fsavl_find(avl_tree_t *avl, uint64_t snapguid, char **snapname)
524{
525 fsavl_node_t fn_find;
526 fsavl_node_t *fn;
527
528 fn_find.fn_guid = snapguid;
529
530 fn = avl_find(avl, &fn_find, NULL);
531 if (fn) {
532 if (snapname)
533 *snapname = fn->fn_snapname;
534 return (fn->fn_nvfs);
535 }
536 return (NULL);
537}
538
539static void
540fsavl_destroy(avl_tree_t *avl)
541{
542 fsavl_node_t *fn;
543 void *cookie;
544
545 if (avl == NULL)
546 return;
547
548 cookie = NULL;
549 while ((fn = avl_destroy_nodes(avl, &cookie)) != NULL)
550 free(fn);
551 avl_destroy(avl);
552 free(avl);
553}
554
45d1cae3
BB		 555/*
556 * Given an nvlist, produce an avl tree of snapshots, ordered by guid
557 */
34dc7c2f
BB		 558static avl_tree_t *
559fsavl_create(nvlist_t *fss)
560{
561 avl_tree_t *fsavl;
562 nvpair_t *fselem = NULL;
563
564 if ((fsavl = malloc(sizeof (avl_tree_t))) == NULL)
565 return (NULL);
566
567 avl_create(fsavl, fsavl_compare, sizeof (fsavl_node_t),
568 offsetof(fsavl_node_t, fn_node));
569
570 while ((fselem = nvlist_next_nvpair(fss, fselem)) != NULL) {
571 nvlist_t *nvfs, *snaps;
572 nvpair_t *snapelem = NULL;
573
574 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs));
575 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps));
576
577 while ((snapelem =
578 nvlist_next_nvpair(snaps, snapelem)) != NULL) {
579 fsavl_node_t *fn;
580 uint64_t guid;
581
582 VERIFY(0 == nvpair_value_uint64(snapelem, &guid));
583 if ((fn = malloc(sizeof (fsavl_node_t))) == NULL) {
584 fsavl_destroy(fsavl);
585 return (NULL);
586 }
587 fn->fn_nvfs = nvfs;
588 fn->fn_snapname = nvpair_name(snapelem);
589 fn->fn_guid = guid;
590
591 /*
592 * Note: if there are multiple snaps with the
593 * same GUID, we ignore all but one.
594 */
595 if (avl_find(fsavl, fn, NULL) == NULL)
596 avl_add(fsavl, fn);
597 else
598 free(fn);
599 }
600 }
601
602 return (fsavl);
603}
604
605/*
606 * Routines for dealing with the giant nvlist of fs-nvlists, etc.
607 */
608typedef struct send_data {
66356240
K		 609 /*
610 * assigned inside every recursive call,
611 * restored from *_save on return:
612 *
613 * guid of fromsnap snapshot in parent dataset
614 * txg of fromsnap snapshot in current dataset
615 * txg of tosnap snapshot in current dataset
616 */
617
34dc7c2f 618 uint64_t parent_fromsnap_guid;
66356240
K		 619 uint64_t fromsnap_txg;
620 uint64_t tosnap_txg;
621
622 /* the nvlists get accumulated during depth-first traversal */
34dc7c2f
BB		 623 nvlist_t *parent_snaps;
624 nvlist_t *fss;
b128c09f 625 nvlist_t *snapprops;
9c5e88b1 626 nvlist_t *snapholds; /* user holds */
66356240
K		 627
628 /* send-receive configuration, does not change during traversal */
629 const char *fsname;
34dc7c2f
BB		 630 const char *fromsnap;
631 const char *tosnap;
428870ff 632 boolean_t recursive;
4c0883fb 633 boolean_t raw;
f94b3cbf 634 boolean_t doall;
4c0883fb 635 boolean_t replicate;
66356240 636 boolean_t verbose;
4c0883fb 637 boolean_t backup;
05748550
AG		 638 boolean_t seenfrom;
639 boolean_t seento;
9c5e88b1
PZ		 640 boolean_t holds; /* were holds requested with send -h */
641 boolean_t props;
34dc7c2f
BB		 642
643 /*
644 * The header nvlist is of the following format:
645 * {
646 * "tosnap" -> string
647 * "fromsnap" -> string (if incremental)
648 * "fss" -> {
649 * id -> {
650 *
651 * "name" -> string (full name; for debugging)
652 * "parentfromsnap" -> number (guid of fromsnap in parent)
653 *
654 * "props" -> { name -> value (only if set here) }
655 * "snaps" -> { name (lastname) -> number (guid) }
b128c09f 656 * "snapprops" -> { name (lastname) -> { name -> value } }
9c5e88b1 657 * "snapholds" -> { name (lastname) -> { holdname -> crtime } }
34dc7c2f
BB		 658 *
659 * "origin" -> number (guid) (if clone)
b5256303 660 * "is_encroot" -> boolean
34dc7c2f
BB		 661 * "sent" -> boolean (not on-disk)
662 * }
663 * }
664 * }
665 *
666 */
667} send_data_t;
668
faa97c16 669static void
670send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv);
b128c09f 671
34dc7c2f
BB		 672static int
673send_iterate_snap(zfs_handle_t *zhp, void *arg)
674{
675 send_data_t *sd = arg;
676 uint64_t guid = zhp->zfs_dmustats.dds_guid;
66356240 677 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg;
34dc7c2f 678 char *snapname;
b128c09f 679 nvlist_t *nv;
e890dd85 680 boolean_t isfromsnap, istosnap, istosnapwithnofrom;
34dc7c2f
BB		 681
682 snapname = strrchr(zhp->zfs_name, '@')+1;
05748550
AG		 683 isfromsnap = (sd->fromsnap != NULL &&
684 strcmp(sd->fromsnap, snapname) == 0);
685 istosnap = (sd->tosnap != NULL && (strcmp(sd->tosnap, snapname) == 0));
e890dd85 686 istosnapwithnofrom = (istosnap && sd->fromsnap == NULL);
34dc7c2f 687
66356240
K		 688 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) {
689 if (sd->verbose) {
690 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
691 "skipping snapshot %s because it was created "
692 "after the destination snapshot (%s)\n"),
693 zhp->zfs_name, sd->tosnap);
694 }
695 zfs_close(zhp);
696 return (0);
697 }
698
e890dd85 699 VERIFY(0 == nvlist_add_uint64(sd->parent_snaps, snapname, guid));
34dc7c2f
BB		 700 /*
701 * NB: if there is no fromsnap here (it's a newly created fs in
702 * an incremental replication), we will substitute the tosnap.
703 */
05748550 704 if (isfromsnap || (sd->parent_fromsnap_guid == 0 && istosnap)) {
34dc7c2f
BB		 705 sd->parent_fromsnap_guid = guid;
706 }
707
05748550
AG		 708 if (!sd->recursive) {
709 if (!sd->seenfrom && isfromsnap) {
710 sd->seenfrom = B_TRUE;
711 zfs_close(zhp);
712 return (0);
713 }
714
e890dd85 715 if ((sd->seento || !sd->seenfrom) && !istosnapwithnofrom) {
05748550
AG		 716 zfs_close(zhp);
717 return (0);
718 }
719
720 if (istosnap)
721 sd->seento = B_TRUE;
722 }
723
b128c09f 724 VERIFY(0 == nvlist_alloc(&nv, NV_UNIQUE_NAME, 0));
faa97c16 725 send_iterate_prop(zhp, sd->backup, nv);
b128c09f
BB		 726 VERIFY(0 == nvlist_add_nvlist(sd->snapprops, snapname, nv));
727 nvlist_free(nv);
9c5e88b1
PZ		 728 if (sd->holds) {
729 nvlist_t *holds = fnvlist_alloc();
730 int err = lzc_get_holds(zhp->zfs_name, &holds);
731 if (err == 0) {
732 VERIFY(0 == nvlist_add_nvlist(sd->snapholds,
733 snapname, holds));
734 }
735 fnvlist_free(holds);
736 }
b128c09f 737
34dc7c2f
BB		 738 zfs_close(zhp);
739 return (0);
740}
741
742static void
faa97c16 743send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv)
34dc7c2f 744{
faa97c16 745 nvlist_t *props = NULL;
34dc7c2f
BB		 746 nvpair_t *elem = NULL;
747
faa97c16 748 if (received_only)
749 props = zfs_get_recvd_props(zhp);
750 else
751 props = zhp->zfs_props;
752
753 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) {
34dc7c2f
BB		 754 char *propname = nvpair_name(elem);
755 zfs_prop_t prop = zfs_name_to_prop(propname);
756 nvlist_t *propnv;
757
428870ff
BB		 758 if (!zfs_prop_user(propname)) {
759 /*
760 * Realistically, this should never happen. However,
761 * we want the ability to add DSL properties without
762 * needing to make incompatible version changes. We
763 * need to ignore unknown properties to allow older
764 * software to still send datasets containing these
765 * properties, with the unknown properties elided.
766 */
767 if (prop == ZPROP_INVAL)
768 continue;
9babb374 769
428870ff
BB		 770 if (zfs_prop_readonly(prop))
771 continue;
772 }
34dc7c2f
BB		 773
774 verify(nvpair_value_nvlist(elem, &propnv) == 0);
45d1cae3
BB		 775 if (prop == ZFS_PROP_QUOTA || prop == ZFS_PROP_RESERVATION ||
776 prop == ZFS_PROP_REFQUOTA ||
777 prop == ZFS_PROP_REFRESERVATION) {
428870ff 778 char *source;
34dc7c2f
BB		 779 uint64_t value;
780 verify(nvlist_lookup_uint64(propnv,
781 ZPROP_VALUE, &value) == 0);
b128c09f
BB		 782 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT)
783 continue;
428870ff
BB		 784 /*
785 * May have no source before SPA_VERSION_RECVD_PROPS,
786 * but is still modifiable.
787 */
788 if (nvlist_lookup_string(propnv,
789 ZPROP_SOURCE, &source) == 0) {
790 if ((strcmp(source, zhp->zfs_name) != 0) &&
791 (strcmp(source,
792 ZPROP_SOURCE_VAL_RECVD) != 0))
793 continue;
794 }
34dc7c2f
BB		 795 } else {
796 char *source;
797 if (nvlist_lookup_string(propnv,
798 ZPROP_SOURCE, &source) != 0)
799 continue;
428870ff
BB		 800 if ((strcmp(source, zhp->zfs_name) != 0) &&
801 (strcmp(source, ZPROP_SOURCE_VAL_RECVD) != 0))
34dc7c2f
BB		 802 continue;
803 }
804
805 if (zfs_prop_user(propname) ||
806 zfs_prop_get_type(prop) == PROP_TYPE_STRING) {
807 char *value;
808 verify(nvlist_lookup_string(propnv,
809 ZPROP_VALUE, &value) == 0);
810 VERIFY(0 == nvlist_add_string(nv, propname, value));
811 } else {
812 uint64_t value;
813 verify(nvlist_lookup_uint64(propnv,
814 ZPROP_VALUE, &value) == 0);
815 VERIFY(0 == nvlist_add_uint64(nv, propname, value));
816 }
817 }
818}
819
66356240
K		 820/*
821 * returns snapshot creation txg
822 * and returns 0 if the snapshot does not exist
823 */
824static uint64_t
825get_snap_txg(libzfs_handle_t *hdl, const char *fs, const char *snap)
826{
827 char name[ZFS_MAX_DATASET_NAME_LEN];
828 uint64_t txg = 0;
829
830 if (fs == NULL || fs[0] == '\0' || snap == NULL || snap[0] == '\0')
831 return (txg);
832
833 (void) snprintf(name, sizeof (name), "%s@%s", fs, snap);
834 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_SNAPSHOT)) {
835 zfs_handle_t *zhp = zfs_open(hdl, name, ZFS_TYPE_SNAPSHOT);
836 if (zhp != NULL) {
837 txg = zfs_prop_get_int(zhp, ZFS_PROP_CREATETXG);
838 zfs_close(zhp);
839 }
840 }
841
842 return (txg);
843}
844
45d1cae3
BB		 845/*
846 * recursively generate nvlists describing datasets. See comment
847 * for the data structure send_data_t above for description of contents
848 * of the nvlist.
849 */
34dc7c2f
BB		 850static int
851send_iterate_fs(zfs_handle_t *zhp, void *arg)
852{
853 send_data_t *sd = arg;
b5256303 854 nvlist_t *nvfs = NULL, *nv = NULL;
428870ff 855 int rv = 0;
4c0883fb 856 uint64_t min_txg = 0, max_txg = 0;
34dc7c2f 857 uint64_t parent_fromsnap_guid_save = sd->parent_fromsnap_guid;
66356240
K		 858 uint64_t fromsnap_txg_save = sd->fromsnap_txg;
859 uint64_t tosnap_txg_save = sd->tosnap_txg;
860 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg;
34dc7c2f 861 uint64_t guid = zhp->zfs_dmustats.dds_guid;
66356240 862 uint64_t fromsnap_txg, tosnap_txg;
34dc7c2f
BB		 863 char guidstring[64];
864
66356240
K		 865 fromsnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->fromsnap);
866 if (fromsnap_txg != 0)
867 sd->fromsnap_txg = fromsnap_txg;
868
869 tosnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->tosnap);
870 if (tosnap_txg != 0)
871 sd->tosnap_txg = tosnap_txg;
872
873 /*
874 * on the send side, if the current dataset does not have tosnap,
875 * perform two additional checks:
876 *
877 * - skip sending the current dataset if it was created later than
878 * the parent tosnap
879 * - return error if the current dataset was created earlier than
880 * the parent tosnap
881 */
882 if (sd->tosnap != NULL && tosnap_txg == 0) {
883 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) {
884 if (sd->verbose) {
885 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
886 "skipping dataset %s: snapshot %s does "
887 "not exist\n"), zhp->zfs_name, sd->tosnap);
888 }
889 } else {
890 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
891 "cannot send %s@%s%s: snapshot %s@%s does not "
892 "exist\n"), sd->fsname, sd->tosnap, sd->recursive ?
893 dgettext(TEXT_DOMAIN, " recursively") : "",
894 zhp->zfs_name, sd->tosnap);
30af21b0 895 rv = EZFS_NOENT;
66356240
K		 896 }
897 goto out;
898 }
899
4c0883fb
AP		 900 nvfs = fnvlist_alloc();
901 fnvlist_add_string(nvfs, "name", zhp->zfs_name);
902 fnvlist_add_uint64(nvfs, "parentfromsnap",
903 sd->parent_fromsnap_guid);
34dc7c2f
BB		 904
905 if (zhp->zfs_dmustats.dds_origin[0]) {
906 zfs_handle_t *origin = zfs_open(zhp->zfs_hdl,
907 zhp->zfs_dmustats.dds_origin, ZFS_TYPE_SNAPSHOT);
66356240
K		 908 if (origin == NULL) {
909 rv = -1;
910 goto out;
911 }
4c0883fb
AP		 912 fnvlist_add_uint64(nvfs, "origin",
913 origin->zfs_dmustats.dds_guid);
ad7e908a
TC		 914
915 zfs_close(origin);
34dc7c2f
BB		 916 }
917
918 /* iterate over props */
9c5e88b1 919 if (sd->props || sd->backup || sd->recursive) {
4c0883fb 920 nv = fnvlist_alloc();
9c5e88b1
PZ		 921 send_iterate_prop(zhp, sd->backup, nv);
922 }
b5256303
TC		 923 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
924 boolean_t encroot;
925
926 /* determine if this dataset is an encryption root */
927 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0) {
928 rv = -1;
929 goto out;
930 }
931
932 if (encroot)
4c0883fb 933 fnvlist_add_boolean(nvfs, "is_encroot");
b5256303
TC		 934
935 /*
936 * Encrypted datasets can only be sent with properties if
937 * the raw flag is specified because the receive side doesn't
938 * currently have a mechanism for recursively asking the user
939 * for new encryption parameters.
940 */
941 if (!sd->raw) {
942 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
943 "cannot send %s@%s: encrypted dataset %s may not "
944 "be sent with properties without the raw flag\n"),
945 sd->fsname, sd->tosnap, zhp->zfs_name);
946 rv = -1;
947 goto out;
948 }
949
950 }
951
9c5e88b1 952 if (nv != NULL)
4c0883fb 953 fnvlist_add_nvlist(nvfs, "props", nv);
34dc7c2f
BB		 954
955 /* iterate over snaps, and set sd->parent_fromsnap_guid */
956 sd->parent_fromsnap_guid = 0;
4c0883fb
AP		 957 sd->parent_snaps = fnvlist_alloc();
958 sd->snapprops = fnvlist_alloc();
9c5e88b1
PZ		 959 if (sd->holds)
960 VERIFY(0 == nvlist_alloc(&sd->snapholds, NV_UNIQUE_NAME, 0));
f94b3cbf
TC		 961
962
963 /*
964 * If this is a "doall" send, a replicate send or we're just trying
965 * to gather a list of previous snapshots, iterate through all the
966 * snaps in the txg range. Otherwise just look at the one we're
967 * interested in.
968 */
969 if (sd->doall || sd->replicate || sd->tosnap == NULL) {
970 if (!sd->replicate && fromsnap_txg != 0)
971 min_txg = fromsnap_txg;
972 if (!sd->replicate && tosnap_txg != 0)
973 max_txg = tosnap_txg;
974 (void) zfs_iter_snapshots_sorted(zhp, send_iterate_snap, sd,
975 min_txg, max_txg);
976 } else {
977 char snapname[MAXPATHLEN] = { 0 };
978 zfs_handle_t *snap;
979
f0ce0436 980 (void) snprintf(snapname, sizeof (snapname), "%s@%s",
f94b3cbf
TC		 981 zhp->zfs_name, sd->tosnap);
982 if (sd->fromsnap != NULL)
983 sd->seenfrom = B_TRUE;
984 snap = zfs_open(zhp->zfs_hdl, snapname,
985 ZFS_TYPE_SNAPSHOT);
986 if (snap != NULL)
987 (void) send_iterate_snap(snap, sd);
988 }
989
4c0883fb
AP		 990 fnvlist_add_nvlist(nvfs, "snaps", sd->parent_snaps);
991 fnvlist_add_nvlist(nvfs, "snapprops", sd->snapprops);
9c5e88b1 992 if (sd->holds)
4c0883fb
AP		 993 fnvlist_add_nvlist(nvfs, "snapholds", sd->snapholds);
994 fnvlist_free(sd->parent_snaps);
995 fnvlist_free(sd->snapprops);
996 fnvlist_free(sd->snapholds);
34dc7c2f
BB		 997
998 /* add this fs to nvlist */
999 (void) snprintf(guidstring, sizeof (guidstring),
1000 "0x%llx", (longlong_t)guid);
4c0883fb 1001 fnvlist_add_nvlist(sd->fss, guidstring, nvfs);
34dc7c2f
BB		 1002
1003 /* iterate over children */
428870ff
BB		 1004 if (sd->recursive)
1005 rv = zfs_iter_filesystems(zhp, send_iterate_fs, sd);
34dc7c2f 1006
66356240 1007out:
34dc7c2f 1008 sd->parent_fromsnap_guid = parent_fromsnap_guid_save;
66356240
K		 1009 sd->fromsnap_txg = fromsnap_txg_save;
1010 sd->tosnap_txg = tosnap_txg_save;
4c0883fb
AP		 1011 fnvlist_free(nv);
1012 fnvlist_free(nvfs);
34dc7c2f
BB		 1013
1014 zfs_close(zhp);
1015 return (rv);
1016}
1017
1018static int
1019gather_nvlist(libzfs_handle_t *hdl, const char *fsname, const char *fromsnap,
f94b3cbf
TC		 1020 const char *tosnap, boolean_t recursive, boolean_t raw, boolean_t doall,
1021 boolean_t replicate, boolean_t verbose, boolean_t backup, boolean_t holds,
1022 boolean_t props, nvlist_t **nvlp, avl_tree_t **avlp)
34dc7c2f
BB		 1023{
1024 zfs_handle_t *zhp;
1025 send_data_t sd = { 0 };
1026 int error;
1027
1028 zhp = zfs_open(hdl, fsname, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
1029 if (zhp == NULL)
1030 return (EZFS_BADTYPE);
1031
1032 VERIFY(0 == nvlist_alloc(&sd.fss, NV_UNIQUE_NAME, 0));
66356240 1033 sd.fsname = fsname;
34dc7c2f
BB		 1034 sd.fromsnap = fromsnap;
1035 sd.tosnap = tosnap;
428870ff 1036 sd.recursive = recursive;
b5256303 1037 sd.raw = raw;
f94b3cbf 1038 sd.doall = doall;
4c0883fb 1039 sd.replicate = replicate;
66356240 1040 sd.verbose = verbose;
faa97c16 1041 sd.backup = backup;
9c5e88b1
PZ		 1042 sd.holds = holds;
1043 sd.props = props;
34dc7c2f
BB		 1044
1045 if ((error = send_iterate_fs(zhp, &sd)) != 0) {
1046 nvlist_free(sd.fss);
1047 if (avlp != NULL)
1048 *avlp = NULL;
1049 *nvlp = NULL;
1050 return (error);
1051 }
1052
1053 if (avlp != NULL && (*avlp = fsavl_create(sd.fss)) == NULL) {
1054 nvlist_free(sd.fss);
1055 *nvlp = NULL;
1056 return (EZFS_NOMEM);
1057 }
1058
1059 *nvlp = sd.fss;
1060 return (0);
1061}
1062
34dc7c2f
BB		 1063/*
1064 * Routines specific to "zfs send"
1065 */
1066typedef struct send_dump_data {
1067 /* these are all just the short snapname (the part after the @) */
1068 const char *fromsnap;
1069 const char *tosnap;
eca7b760 1070 char prevsnap[ZFS_MAX_DATASET_NAME_LEN];
572e2857 1071 uint64_t prevsnap_obj;
34dc7c2f 1072 boolean_t seenfrom, seento, replicate, doall, fromorigin;
30af21b0 1073 boolean_t dryrun, parsable, progress, embed_data, std_out;
9c5e88b1 1074 boolean_t large_block, compress, raw, holds;
34dc7c2f
BB		 1075 int outfd;
1076 boolean_t err;
1077 nvlist_t *fss;
95fd54a1 1078 nvlist_t *snapholds;
34dc7c2f 1079 avl_tree_t *fsavl;
428870ff
BB		 1080 snapfilter_cb_t *filter_cb;
1081 void *filter_cb_arg;
1082 nvlist_t *debugnv;
eca7b760 1083 char holdtag[ZFS_MAX_DATASET_NAME_LEN];
572e2857 1084 int cleanup_fd;
30af21b0 1085 int verbosity;
330d06f9 1086 uint64_t size;
34dc7c2f
BB		 1087} send_dump_data_t;
1088
330d06f9 1089static int
cf7684bc 1090zfs_send_space(zfs_handle_t *zhp, const char *snapname, const char *from,
1091 enum lzc_send_flags flags, uint64_t *spacep)
330d06f9 1092{
330d06f9 1093 libzfs_handle_t *hdl = zhp->zfs_hdl;
cf7684bc 1094 int error;
330d06f9 1095
cf7684bc 1096 assert(snapname != NULL);
1097 error = lzc_send_space(snapname, from, flags, spacep);
330d06f9 1098
cf7684bc 1099 if (error != 0) {
330d06f9
MA		 1100 char errbuf[1024];
1101 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
cf7684bc 1102 "warning: cannot estimate space for '%s'"), snapname);
330d06f9 1103
cf7684bc 1104 switch (error) {
330d06f9
MA		 1105 case EXDEV:
1106 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1107 "not an earlier snapshot from the same fs"));
1108 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
1109
1110 case ENOENT:
cf7684bc 1111 if (zfs_dataset_exists(hdl, snapname,
330d06f9
MA		 1112 ZFS_TYPE_SNAPSHOT)) {
1113 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
cf7684bc 1114 "incremental source (%s) does not exist"),
1115 snapname);
330d06f9
MA		 1116 }
1117 return (zfs_error(hdl, EZFS_NOENT, errbuf));
1118
1119 case EDQUOT:
1120 case EFBIG:
1121 case EIO:
1122 case ENOLINK:
1123 case ENOSPC:
1124 case ENOSTR:
1125 case ENXIO:
1126 case EPIPE:
1127 case ERANGE:
1128 case EFAULT:
1129 case EROFS:
cf7684bc 1130 case EINVAL:
1131 zfs_error_aux(hdl, strerror(error));
330d06f9
MA		 1132 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1133
1134 default:
cf7684bc 1135 return (zfs_standard_error(hdl, error, errbuf));
330d06f9
MA		 1136 }
1137 }
1138
330d06f9
MA		 1139 return (0);
1140}
1141
34dc7c2f
BB		 1142/*
1143 * Dumps a backup of the given snapshot (incremental from fromsnap if it's not
1144 * NULL) to the file descriptor specified by outfd.
1145 */
1146static int
572e2857 1147dump_ioctl(zfs_handle_t *zhp, const char *fromsnap, uint64_t fromsnap_obj,
9b67f605
MA		 1148 boolean_t fromorigin, int outfd, enum lzc_send_flags flags,
1149 nvlist_t *debugnv)
34dc7c2f 1150{
13fe0198 1151 zfs_cmd_t zc = {"\0"};
34dc7c2f 1152 libzfs_handle_t *hdl = zhp->zfs_hdl;
428870ff 1153 nvlist_t *thisdbg;
34dc7c2f
BB		 1154
1155 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
572e2857 1156 assert(fromsnap_obj == 0 || !fromorigin);
34dc7c2f
BB		 1157
1158 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
34dc7c2f
BB		 1159 zc.zc_cookie = outfd;
1160 zc.zc_obj = fromorigin;
572e2857
BB		 1161 zc.zc_sendobj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
1162 zc.zc_fromobj = fromsnap_obj;
9b67f605 1163 zc.zc_flags = flags;
428870ff
BB		 1164
1165 VERIFY(0 == nvlist_alloc(&thisdbg, NV_UNIQUE_NAME, 0));
1166 if (fromsnap && fromsnap[0] != '\0') {
1167 VERIFY(0 == nvlist_add_string(thisdbg,
1168 "fromsnap", fromsnap));
1169 }
1170
330d06f9 1171 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND, &zc) != 0) {
34dc7c2f
BB		 1172 char errbuf[1024];
1173 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1174 "warning: cannot send '%s'"), zhp->zfs_name);
1175
428870ff
BB		 1176 VERIFY(0 == nvlist_add_uint64(thisdbg, "error", errno));
1177 if (debugnv) {
1178 VERIFY(0 == nvlist_add_nvlist(debugnv,
1179 zhp->zfs_name, thisdbg));
1180 }
1181 nvlist_free(thisdbg);
1182
34dc7c2f 1183 switch (errno) {
34dc7c2f
BB		 1184 case EXDEV:
1185 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1186 "not an earlier snapshot from the same fs"));
1187 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
1188
b5256303
TC		 1189 case EACCES:
1190 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1191 "source key must be loaded"));
1192 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
1193
34dc7c2f
BB		 1194 case ENOENT:
1195 if (zfs_dataset_exists(hdl, zc.zc_name,
1196 ZFS_TYPE_SNAPSHOT)) {
1197 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1198 "incremental source (@%s) does not exist"),
1199 zc.zc_value);
1200 }
1201 return (zfs_error(hdl, EZFS_NOENT, errbuf));
1202
1203 case EDQUOT:
1204 case EFBIG:
1205 case EIO:
1206 case ENOLINK:
1207 case ENOSPC:
1208 case ENOSTR:
1209 case ENXIO:
1210 case EPIPE:
1211 case ERANGE:
1212 case EFAULT:
1213 case EROFS:
1214 zfs_error_aux(hdl, strerror(errno));
1215 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1216
1217 default:
1218 return (zfs_standard_error(hdl, errno, errbuf));
1219 }
1220 }
1221
428870ff
BB		 1222 if (debugnv)
1223 VERIFY(0 == nvlist_add_nvlist(debugnv, zhp->zfs_name, thisdbg));
1224 nvlist_free(thisdbg);
1225
34dc7c2f
BB		 1226 return (0);
1227}
1228
95fd54a1
SH		 1229static void
1230gather_holds(zfs_handle_t *zhp, send_dump_data_t *sdd)
572e2857 1231{
572e2857
BB		 1232 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
1233
1234 /*
95fd54a1 1235 * zfs_send() only sets snapholds for sends that need them,
572e2857
BB		 1236 * e.g. replication and doall.
1237 */
95fd54a1
SH		 1238 if (sdd->snapholds == NULL)
1239 return;
572e2857 1240
95fd54a1 1241 fnvlist_add_string(sdd->snapholds, zhp->zfs_name, sdd->holdtag);
572e2857
BB		 1242}
1243
30af21b0
PD		 1244int
1245zfs_send_progress(zfs_handle_t *zhp, int fd, uint64_t *bytes_written,
1246 uint64_t *blocks_visited)
1247{
1248 zfs_cmd_t zc = { {0} };
1249 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1250 zc.zc_cookie = fd;
1251 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND_PROGRESS, &zc) != 0)
1252 return (errno);
1253 if (bytes_written != NULL)
1254 *bytes_written = zc.zc_cookie;
1255 if (blocks_visited != NULL)
1256 *blocks_visited = zc.zc_objset_type;
1257 return (0);
1258}
1259
37abac6d
BP		 1260static void *
1261send_progress_thread(void *arg)
1262{
1263 progress_arg_t *pa = arg;
37abac6d 1264 zfs_handle_t *zhp = pa->pa_zhp;
30af21b0
PD		 1265 uint64_t bytes;
1266 uint64_t blocks;
37abac6d 1267 char buf[16];
37abac6d
BP		 1268 time_t t;
1269 struct tm *tm;
30af21b0 1270 boolean_t firstloop = B_TRUE;
37abac6d
BP		 1271
1272 /*
1273 * Print the progress from ZFS_IOC_SEND_PROGRESS every second.
1274 */
1275 for (;;) {
30af21b0 1276 int err;
37abac6d 1277 (void) sleep(1);
30af21b0
PD		 1278 if ((err = zfs_send_progress(zhp, pa->pa_fd, &bytes,
1279 &blocks)) != 0) {
1280 if (err == EINTR || err == ENOENT)
1281 return ((void *)0);
1282 return ((void *)(uintptr_t)err);
1283 }
37abac6d 1284
30af21b0
PD		 1285 if (firstloop && !pa->pa_parsable) {
1286 (void) fprintf(stderr,
1287 "TIME %s %sSNAPSHOT %s\n",
1288 pa->pa_estimate ? "BYTES" : " SENT",
1289 pa->pa_verbosity >= 2 ? " BLOCKS " : "",
1290 zhp->zfs_name);
1291 firstloop = B_FALSE;
1292 }
37abac6d
BP		 1293
1294 (void) time(&t);
1295 tm = localtime(&t);
37abac6d 1296
30af21b0
PD		 1297 if (pa->pa_verbosity >= 2 && pa->pa_parsable) {
1298 (void) fprintf(stderr,
1299 "%02d:%02d:%02d\t%llu\t%llu\t%s\n",
1300 tm->tm_hour, tm->tm_min, tm->tm_sec,
1301 (u_longlong_t)bytes, (u_longlong_t)blocks,
1302 zhp->zfs_name);
1303 } else if (pa->pa_verbosity >= 2) {
1304 zfs_nicenum(bytes, buf, sizeof (buf));
1305 (void) fprintf(stderr,
1306 "%02d:%02d:%02d %5s %8llu %s\n",
1307 tm->tm_hour, tm->tm_min, tm->tm_sec,
1308 buf, (u_longlong_t)blocks, zhp->zfs_name);
1309 } else if (pa->pa_parsable) {
37abac6d
BP		 1310 (void) fprintf(stderr, "%02d:%02d:%02d\t%llu\t%s\n",
1311 tm->tm_hour, tm->tm_min, tm->tm_sec,
30af21b0 1312 (u_longlong_t)bytes, zhp->zfs_name);
37abac6d 1313 } else {
e7fbeb60 1314 zfs_nicebytes(bytes, buf, sizeof (buf));
37abac6d
BP		 1315 (void) fprintf(stderr, "%02d:%02d:%02d %5s %s\n",
1316 tm->tm_hour, tm->tm_min, tm->tm_sec,
1317 buf, zhp->zfs_name);
1318 }
1319 }
1320}
1321
47dfff3b
MA		 1322static void
1323send_print_verbose(FILE *fout, const char *tosnap, const char *fromsnap,
1324 uint64_t size, boolean_t parsable)
1325{
1326 if (parsable) {
1327 if (fromsnap != NULL) {
1328 (void) fprintf(fout, "incremental\t%s\t%s",
1329 fromsnap, tosnap);
1330 } else {
1331 (void) fprintf(fout, "full\t%s",
1332 tosnap);
1333 }
1334 } else {
1335 if (fromsnap != NULL) {
1336 if (strchr(fromsnap, '@') == NULL &&
1337 strchr(fromsnap, '#') == NULL) {
1338 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1339 "send from @%s to %s"),
1340 fromsnap, tosnap);
1341 } else {
1342 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1343 "send from %s to %s"),
1344 fromsnap, tosnap);
1345 }
1346 } else {
1347 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1348 "full send of %s"),
1349 tosnap);
1350 }
1351 }
1352
835db585 1353 if (parsable) {
1354 (void) fprintf(fout, "\t%llu",
1355 (longlong_t)size);
1356 } else if (size != 0) {
1357 char buf[16];
1358 zfs_nicebytes(size, buf, sizeof (buf));
1359 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1360 " estimated size is %s"), buf);
47dfff3b
MA		 1361 }
1362 (void) fprintf(fout, "\n");
1363}
1364
34dc7c2f
BB		 1365static int
1366dump_snapshot(zfs_handle_t *zhp, void *arg)
1367{
1368 send_dump_data_t *sdd = arg;
37abac6d
BP		 1369 progress_arg_t pa = { 0 };
1370 pthread_t tid;
572e2857 1371 char *thissnap;
2aa34383 1372 enum lzc_send_flags flags = 0;
34dc7c2f 1373 int err;
330d06f9 1374 boolean_t isfromsnap, istosnap, fromorigin;
428870ff 1375 boolean_t exclude = B_FALSE;
93f6d7e2 1376 FILE *fout = sdd->std_out ? stdout : stderr;
34dc7c2f 1377
95fd54a1 1378 err = 0;
34dc7c2f 1379 thissnap = strchr(zhp->zfs_name, '@') + 1;
428870ff
BB		 1380 isfromsnap = (sdd->fromsnap != NULL &&
1381 strcmp(sdd->fromsnap, thissnap) == 0);
34dc7c2f 1382
428870ff 1383 if (!sdd->seenfrom && isfromsnap) {
95fd54a1
SH		 1384 gather_holds(zhp, sdd);
1385 sdd->seenfrom = B_TRUE;
c9d61adb 1386 (void) strlcpy(sdd->prevsnap, thissnap,
1387 sizeof (sdd->prevsnap));
95fd54a1 1388 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
34dc7c2f 1389 zfs_close(zhp);
95fd54a1 1390 return (0);
34dc7c2f
BB		 1391 }
1392
1393 if (sdd->seento || !sdd->seenfrom) {
1394 zfs_close(zhp);
1395 return (0);
1396 }
1397
428870ff
BB		 1398 istosnap = (strcmp(sdd->tosnap, thissnap) == 0);
1399 if (istosnap)
1400 sdd->seento = B_TRUE;
1401
2aa34383
DK		 1402 if (sdd->large_block)
1403 flags |= LZC_SEND_FLAG_LARGE_BLOCK;
1404 if (sdd->embed_data)
1405 flags |= LZC_SEND_FLAG_EMBED_DATA;
1406 if (sdd->compress)
1407 flags |= LZC_SEND_FLAG_COMPRESS;
b5256303
TC		 1408 if (sdd->raw)
1409 flags |= LZC_SEND_FLAG_RAW;
2aa34383 1410
428870ff
BB		 1411 if (!sdd->doall && !isfromsnap && !istosnap) {
1412 if (sdd->replicate) {
1413 char *snapname;
1414 nvlist_t *snapprops;
1415 /*
1416 * Filter out all intermediate snapshots except origin
1417 * snapshots needed to replicate clones.
1418 */
1419 nvlist_t *nvfs = fsavl_find(sdd->fsavl,
1420 zhp->zfs_dmustats.dds_guid, &snapname);
1421
1422 VERIFY(0 == nvlist_lookup_nvlist(nvfs,
1423 "snapprops", &snapprops));
1424 VERIFY(0 == nvlist_lookup_nvlist(snapprops,
1425 thissnap, &snapprops));
1426 exclude = !nvlist_exists(snapprops, "is_clone_origin");
1427 } else {
1428 exclude = B_TRUE;
1429 }
1430 }
1431
1432 /*
1433 * If a filter function exists, call it to determine whether
1434 * this snapshot will be sent.
1435 */
1436 if (exclude || (sdd->filter_cb != NULL &&
1437 sdd->filter_cb(zhp, sdd->filter_cb_arg) == B_FALSE)) {
1438 /*
1439 * This snapshot is filtered out. Don't send it, and don't
572e2857 1440 * set prevsnap_obj, so it will be as if this snapshot didn't
428870ff
BB		 1441 * exist, and the next accepted snapshot will be sent as
1442 * an incremental from the last accepted one, or as the
1443 * first (and full) snapshot in the case of a replication,
1444 * non-incremental send.
1445 */
1446 zfs_close(zhp);
1447 return (0);
1448 }
1449
95fd54a1 1450 gather_holds(zhp, sdd);
330d06f9
MA		 1451 fromorigin = sdd->prevsnap[0] == '\0' &&
1452 (sdd->fromorigin || sdd->replicate);
1453
30af21b0 1454 if (sdd->verbosity != 0) {
47dfff3b 1455 uint64_t size = 0;
cf7684bc 1456 char fromds[ZFS_MAX_DATASET_NAME_LEN];
330d06f9 1457
cf7684bc 1458 if (sdd->prevsnap[0] != '\0') {
1459 (void) strlcpy(fromds, zhp->zfs_name, sizeof (fromds));
1460 *(strchr(fromds, '@') + 1) = '\0';
1461 (void) strlcat(fromds, sdd->prevsnap, sizeof (fromds));
1462 }
1463 if (zfs_send_space(zhp, zhp->zfs_name,
1464 sdd->prevsnap[0] ? fromds : NULL, flags, &size) != 0) {
1465 size = 0; /* cannot estimate send space */
1466 } else {
1467 send_print_verbose(fout, zhp->zfs_name,
1468 sdd->prevsnap[0] ? sdd->prevsnap : NULL,
1469 size, sdd->parsable);
1470 }
47dfff3b 1471 sdd->size += size;
34dc7c2f
BB		 1472 }
1473
330d06f9 1474 if (!sdd->dryrun) {
37abac6d
BP		 1475 /*
1476 * If progress reporting is requested, spawn a new thread to
1477 * poll ZFS_IOC_SEND_PROGRESS at a regular interval.
1478 */
1479 if (sdd->progress) {
1480 pa.pa_zhp = zhp;
1481 pa.pa_fd = sdd->outfd;
1482 pa.pa_parsable = sdd->parsable;
30af21b0
PD		 1483 pa.pa_estimate = B_FALSE;
1484 pa.pa_verbosity = sdd->verbosity;
37abac6d
BP		 1485
1486 if ((err = pthread_create(&tid, NULL,
23d70cde 1487 send_progress_thread, &pa)) != 0) {
37abac6d
BP		 1488 zfs_close(zhp);
1489 return (err);
1490 }
1491 }
1492
330d06f9 1493 err = dump_ioctl(zhp, sdd->prevsnap, sdd->prevsnap_obj,
9b67f605 1494 fromorigin, sdd->outfd, flags, sdd->debugnv);
37abac6d
BP		 1495
1496 if (sdd->progress) {
30af21b0 1497 void *status = NULL;
37abac6d 1498 (void) pthread_cancel(tid);
30af21b0
PD		 1499 (void) pthread_join(tid, &status);
1500 int error = (int)(uintptr_t)status;
1501 if (error != 0 && status != PTHREAD_CANCELED) {
1502 char errbuf[1024];
1503 (void) snprintf(errbuf, sizeof (errbuf),
1504 dgettext(TEXT_DOMAIN,
1505 "progress thread exited nonzero"));
1506 return (zfs_standard_error(zhp->zfs_hdl, error,
1507 errbuf));
1508 }
37abac6d 1509 }
330d06f9 1510 }
34dc7c2f 1511
572e2857
BB		 1512 (void) strcpy(sdd->prevsnap, thissnap);
1513 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
34dc7c2f
BB		 1514 zfs_close(zhp);
1515 return (err);
1516}
1517
1518static int
1519dump_filesystem(zfs_handle_t *zhp, void *arg)
1520{
1521 int rv = 0;
1522 send_dump_data_t *sdd = arg;
1523 boolean_t missingfrom = B_FALSE;
13fe0198 1524 zfs_cmd_t zc = {"\0"};
4c0883fb 1525 uint64_t min_txg = 0, max_txg = 0;
34dc7c2f
BB		 1526
1527 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s",
1528 zhp->zfs_name, sdd->tosnap);
b834b58a 1529 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_OBJSET_STATS, &zc) != 0) {
330d06f9
MA		 1530 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1531 "WARNING: could not send %s@%s: does not exist\n"),
34dc7c2f
BB		 1532 zhp->zfs_name, sdd->tosnap);
1533 sdd->err = B_TRUE;
1534 return (0);
1535 }
1536
1537 if (sdd->replicate && sdd->fromsnap) {
1538 /*
1539 * If this fs does not have fromsnap, and we're doing
1540 * recursive, we need to send a full stream from the
1541 * beginning (or an incremental from the origin if this
1542 * is a clone). If we're doing non-recursive, then let
1543 * them get the error.
1544 */
1545 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s",
1546 zhp->zfs_name, sdd->fromsnap);
b834b58a 1547 if (zfs_ioctl(zhp->zfs_hdl,
34dc7c2f
BB		 1548 ZFS_IOC_OBJSET_STATS, &zc) != 0) {
1549 missingfrom = B_TRUE;
1550 }
1551 }
1552
428870ff 1553 sdd->seenfrom = sdd->seento = sdd->prevsnap[0] = 0;
572e2857 1554 sdd->prevsnap_obj = 0;
428870ff
BB		 1555 if (sdd->fromsnap == NULL || missingfrom)
1556 sdd->seenfrom = B_TRUE;
34dc7c2f 1557
4c0883fb 1558
f94b3cbf
TC		 1559
1560 /*
1561 * Iterate through all snapshots and process the ones we will be
1562 * sending. If we only have a "from" and "to" snapshot to deal
1563 * with, we can avoid iterating through all the other snapshots.
1564 */
1565 if (sdd->doall || sdd->replicate || sdd->tosnap == NULL) {
1566 if (!sdd->replicate && sdd->fromsnap != NULL)
1567 min_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name,
1568 sdd->fromsnap);
1569 if (!sdd->replicate && sdd->tosnap != NULL)
1570 max_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name,
1571 sdd->tosnap);
1572 rv = zfs_iter_snapshots_sorted(zhp, dump_snapshot, arg,
1573 min_txg, max_txg);
1574 } else {
1575 char snapname[MAXPATHLEN] = { 0 };
1576 zfs_handle_t *snap;
1577
1578 if (!sdd->seenfrom) {
f0ce0436 1579 (void) snprintf(snapname, sizeof (snapname),
f94b3cbf
TC		 1580 "%s@%s", zhp->zfs_name, sdd->fromsnap);
1581 snap = zfs_open(zhp->zfs_hdl, snapname,
1582 ZFS_TYPE_SNAPSHOT);
1583 if (snap != NULL)
1584 rv = dump_snapshot(snap, sdd);
1585 else
1586 rv = -1;
1587 }
1588
1589 if (rv == 0) {
f0ce0436 1590 (void) snprintf(snapname, sizeof (snapname),
f94b3cbf
TC		 1591 "%s@%s", zhp->zfs_name, sdd->tosnap);
1592 snap = zfs_open(zhp->zfs_hdl, snapname,
1593 ZFS_TYPE_SNAPSHOT);
1594 if (snap != NULL)
1595 rv = dump_snapshot(snap, sdd);
1596 else
1597 rv = -1;
1598 }
1599 }
1600
428870ff 1601 if (!sdd->seenfrom) {
330d06f9 1602 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
428870ff 1603 "WARNING: could not send %s@%s:\n"
330d06f9 1604 "incremental source (%s@%s) does not exist\n"),
428870ff
BB		 1605 zhp->zfs_name, sdd->tosnap,
1606 zhp->zfs_name, sdd->fromsnap);
1607 sdd->err = B_TRUE;
1608 } else if (!sdd->seento) {
1609 if (sdd->fromsnap) {
330d06f9 1610 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
34dc7c2f 1611 "WARNING: could not send %s@%s:\n"
428870ff 1612 "incremental source (%s@%s) "
330d06f9 1613 "is not earlier than it\n"),
34dc7c2f
BB		 1614 zhp->zfs_name, sdd->tosnap,
1615 zhp->zfs_name, sdd->fromsnap);
34dc7c2f 1616 } else {
330d06f9
MA		 1617 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1618 "WARNING: "
1619 "could not send %s@%s: does not exist\n"),
428870ff 1620 zhp->zfs_name, sdd->tosnap);
34dc7c2f 1621 }
428870ff 1622 sdd->err = B_TRUE;
34dc7c2f
BB		 1623 }
1624
1625 return (rv);
1626}
1627
1628static int
1629dump_filesystems(zfs_handle_t *rzhp, void *arg)
1630{
1631 send_dump_data_t *sdd = arg;
1632 nvpair_t *fspair;
1633 boolean_t needagain, progress;
1634
1635 if (!sdd->replicate)
1636 return (dump_filesystem(rzhp, sdd));
1637
428870ff
BB		 1638 /* Mark the clone origin snapshots. */
1639 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1640 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1641 nvlist_t *nvfs;
1642 uint64_t origin_guid = 0;
1643
1644 VERIFY(0 == nvpair_value_nvlist(fspair, &nvfs));
1645 (void) nvlist_lookup_uint64(nvfs, "origin", &origin_guid);
1646 if (origin_guid != 0) {
1647 char *snapname;
1648 nvlist_t *origin_nv = fsavl_find(sdd->fsavl,
1649 origin_guid, &snapname);
1650 if (origin_nv != NULL) {
1651 nvlist_t *snapprops;
1652 VERIFY(0 == nvlist_lookup_nvlist(origin_nv,
1653 "snapprops", &snapprops));
1654 VERIFY(0 == nvlist_lookup_nvlist(snapprops,
1655 snapname, &snapprops));
1656 VERIFY(0 == nvlist_add_boolean(
1657 snapprops, "is_clone_origin"));
1658 }
1659 }
1660 }
34dc7c2f
BB		 1661again:
1662 needagain = progress = B_FALSE;
1663 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1664 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
330d06f9 1665 nvlist_t *fslist, *parent_nv;
34dc7c2f
BB		 1666 char *fsname;
1667 zfs_handle_t *zhp;
1668 int err;
1669 uint64_t origin_guid = 0;
330d06f9 1670 uint64_t parent_guid = 0;
34dc7c2f
BB		 1671
1672 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0);
1673 if (nvlist_lookup_boolean(fslist, "sent") == 0)
1674 continue;
1675
1676 VERIFY(nvlist_lookup_string(fslist, "name", &fsname) == 0);
1677 (void) nvlist_lookup_uint64(fslist, "origin", &origin_guid);
330d06f9
MA		 1678 (void) nvlist_lookup_uint64(fslist, "parentfromsnap",
1679 &parent_guid);
1680
1681 if (parent_guid != 0) {
1682 parent_nv = fsavl_find(sdd->fsavl, parent_guid, NULL);
1683 if (!nvlist_exists(parent_nv, "sent")) {
1684 /* parent has not been sent; skip this one */
1685 needagain = B_TRUE;
1686 continue;
1687 }
1688 }
34dc7c2f 1689
428870ff
BB		 1690 if (origin_guid != 0) {
1691 nvlist_t *origin_nv = fsavl_find(sdd->fsavl,
1692 origin_guid, NULL);
1693 if (origin_nv != NULL &&
330d06f9 1694 !nvlist_exists(origin_nv, "sent")) {
428870ff
BB		 1695 /*
1696 * origin has not been sent yet;
1697 * skip this clone.
1698 */
1699 needagain = B_TRUE;
1700 continue;
1701 }
34dc7c2f
BB		 1702 }
1703
1704 zhp = zfs_open(rzhp->zfs_hdl, fsname, ZFS_TYPE_DATASET);
1705 if (zhp == NULL)
1706 return (-1);
1707 err = dump_filesystem(zhp, sdd);
1708 VERIFY(nvlist_add_boolean(fslist, "sent") == 0);
1709 progress = B_TRUE;
1710 zfs_close(zhp);
1711 if (err)
1712 return (err);
1713 }
1714 if (needagain) {
1715 assert(progress);
1716 goto again;
1717 }
330d06f9
MA		 1718
1719 /* clean out the sent flags in case we reuse this fss */
1720 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1721 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1722 nvlist_t *fslist;
1723
1724 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0);
1725 (void) nvlist_remove_all(fslist, "sent");
1726 }
1727
34dc7c2f
BB		 1728 return (0);
1729}
1730
47dfff3b
MA		 1731nvlist_t *
1732zfs_send_resume_token_to_nvlist(libzfs_handle_t *hdl, const char *token)
1733{
1734 unsigned int version;
1735 int nread, i;
1736 unsigned long long checksum, packed_len;
1737
1738 /*
1739 * Decode token header, which is:
1740 * <token version>-<checksum of payload>-<uncompressed payload length>
1741 * Note that the only supported token version is 1.
1742 */
1743 nread = sscanf(token, "%u-%llx-%llx-",
1744 &version, &checksum, &packed_len);
1745 if (nread != 3) {
1746 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1747 "resume token is corrupt (invalid format)"));
1748 return (NULL);
1749 }
1750
1751 if (version != ZFS_SEND_RESUME_TOKEN_VERSION) {
1752 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1753 "resume token is corrupt (invalid version %u)"),
1754 version);
1755 return (NULL);
1756 }
1757
1758 /* convert hexadecimal representation to binary */
1759 token = strrchr(token, '-') + 1;
1760 int len = strlen(token) / 2;
1761 unsigned char *compressed = zfs_alloc(hdl, len);
1762 for (i = 0; i < len; i++) {
1763 nread = sscanf(token + i * 2, "%2hhx", compressed + i);
1764 if (nread != 1) {
1765 free(compressed);
1766 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1767 "resume token is corrupt "
1768 "(payload is not hex-encoded)"));
1769 return (NULL);
1770 }
1771 }
1772
1773 /* verify checksum */
1774 zio_cksum_t cksum;
fc897b24 1775 fletcher_4_native_varsize(compressed, len, &cksum);
47dfff3b
MA		 1776 if (cksum.zc_word[0] != checksum) {
1777 free(compressed);
1778 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1779 "resume token is corrupt (incorrect checksum)"));
1780 return (NULL);
1781 }
1782
1783 /* uncompress */
1784 void *packed = zfs_alloc(hdl, packed_len);
1785 uLongf packed_len_long = packed_len;
1786 if (uncompress(packed, &packed_len_long, compressed, len) != Z_OK ||
1787 packed_len_long != packed_len) {
1788 free(packed);
1789 free(compressed);
1790 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1791 "resume token is corrupt (decompression failed)"));
1792 return (NULL);
1793 }
1794
1795 /* unpack nvlist */
1796 nvlist_t *nv;
1797 int error = nvlist_unpack(packed, packed_len, &nv, KM_SLEEP);
1798 free(packed);
1799 free(compressed);
1800 if (error != 0) {
1801 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1802 "resume token is corrupt (nvlist_unpack failed)"));
1803 return (NULL);
1804 }
1805 return (nv);
1806}
30af21b0
PD		 1807static enum lzc_send_flags
1808lzc_flags_from_sendflags(const sendflags_t *flags)
1809{
1810 enum lzc_send_flags lzc_flags = 0;
1811 if (flags->largeblock)
1812 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK;
1813 if (flags->embed_data)
1814 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA;
1815 if (flags->compress)
1816 lzc_flags |= LZC_SEND_FLAG_COMPRESS;
1817 if (flags->raw)
1818 lzc_flags |= LZC_SEND_FLAG_RAW;
ba0ba69e
TC		 1819 if (flags->saved)
1820 lzc_flags |= LZC_SEND_FLAG_SAVED;
30af21b0
PD		 1821 return (lzc_flags);
1822}
1823
1824static int
1825estimate_size(zfs_handle_t *zhp, const char *from, int fd, sendflags_t *flags,
1826 uint64_t resumeobj, uint64_t resumeoff, uint64_t bytes,
1827 const char *redactbook, char *errbuf)
1828{
1829 uint64_t size;
1830 FILE *fout = flags->dryrun ? stdout : stderr;
1831 progress_arg_t pa = { 0 };
1832 int err = 0;
1833 pthread_t ptid;
1834
1835 if (flags->progress) {
1836 pa.pa_zhp = zhp;
1837 pa.pa_fd = fd;
1838 pa.pa_parsable = flags->parsable;
1839 pa.pa_estimate = B_TRUE;
1840 pa.pa_verbosity = flags->verbosity;
1841
1842 err = pthread_create(&ptid, NULL,
1843 send_progress_thread, &pa);
1844 if (err != 0) {
1845 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
1846 return (zfs_error(zhp->zfs_hdl,
1847 EZFS_THREADCREATEFAILED, errbuf));
1848 }
1849 }
1850
1851 err = lzc_send_space_resume_redacted(zhp->zfs_name, from,
1852 lzc_flags_from_sendflags(flags), resumeobj, resumeoff, bytes,
1853 redactbook, fd, &size);
1854
1855 if (flags->progress) {
1856 void *status = NULL;
1857 (void) pthread_cancel(ptid);
1858 (void) pthread_join(ptid, &status);
1859 int error = (int)(uintptr_t)status;
1860 if (error != 0 && status != PTHREAD_CANCELED) {
1861 char errbuf[1024];
1862 (void) snprintf(errbuf, sizeof (errbuf),
1863 dgettext(TEXT_DOMAIN, "progress thread exited "
1864 "nonzero"));
1865 return (zfs_standard_error(zhp->zfs_hdl, error,
1866 errbuf));
1867 }
1868 }
1869
1870 if (err != 0) {
1871 zfs_error_aux(zhp->zfs_hdl, strerror(err));
1872 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
1873 errbuf));
1874 }
1875 send_print_verbose(fout, zhp->zfs_name, from, size,
1876 flags->parsable);
1877
1878 if (flags->parsable) {
1879 (void) fprintf(fout, "size\t%llu\n", (longlong_t)size);
1880 } else {
1881 char buf[16];
1882 zfs_nicenum(size, buf, sizeof (buf));
1883 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1884 "total estimated size is %s\n"), buf);
1885 }
1886 return (0);
1887}
1888
1889static boolean_t
1890redact_snaps_contains(const uint64_t *snaps, uint64_t num_snaps, uint64_t guid)
1891{
1892 for (int i = 0; i < num_snaps; i++) {
1893 if (snaps[i] == guid)
1894 return (B_TRUE);
1895 }
1896 return (B_FALSE);
1897}
1898
1899static boolean_t
1900redact_snaps_equal(const uint64_t *snaps1, uint64_t num_snaps1,
1901 const uint64_t *snaps2, uint64_t num_snaps2)
1902{
1903 if (num_snaps1 != num_snaps2)
1904 return (B_FALSE);
1905 for (int i = 0; i < num_snaps1; i++) {
1906 if (!redact_snaps_contains(snaps2, num_snaps2, snaps1[i]))
1907 return (B_FALSE);
1908 }
1909 return (B_TRUE);
1910}
1911
1912/*
1913 * Check that the list of redaction snapshots in the bookmark matches the send
1914 * we're resuming, and return whether or not it's complete.
1915 *
1916 * Note that the caller needs to free the contents of *bookname with free() if
1917 * this function returns successfully.
1918 */
1919static int
1920find_redact_book(libzfs_handle_t *hdl, const char *path,
1921 const uint64_t *redact_snap_guids, int num_redact_snaps,
1922 char **bookname)
1923{
1924 char errbuf[1024];
1925 int error = 0;
1926 nvlist_t *props = fnvlist_alloc();
1927 nvlist_t *bmarks;
1928
1929 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1930 "cannot resume send"));
1931
1932 fnvlist_add_boolean(props, "redact_complete");
1933 fnvlist_add_boolean(props, zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS));
1934 error = lzc_get_bookmarks(path, props, &bmarks);
1935 nvlist_free(props);
1936 if (error != 0) {
1937 if (error == ESRCH) {
1938 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1939 "nonexistent redaction bookmark provided"));
1940 } else if (error == ENOENT) {
1941 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1942 "dataset to be sent no longer exists"));
1943 } else {
1944 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1945 "unknown error: %s"), strerror(error));
1946 }
1947 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1948 }
1949 nvpair_t *pair;
1950 for (pair = nvlist_next_nvpair(bmarks, NULL); pair;
1951 pair = nvlist_next_nvpair(bmarks, pair)) {
1952
1953 nvlist_t *bmark = fnvpair_value_nvlist(pair);
1954 nvlist_t *vallist = fnvlist_lookup_nvlist(bmark,
1955 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS));
1956 uint_t len = 0;
1957 uint64_t *bmarksnaps = fnvlist_lookup_uint64_array(vallist,
1958 ZPROP_VALUE, &len);
1959 if (redact_snaps_equal(redact_snap_guids,
1960 num_redact_snaps, bmarksnaps, len)) {
1961 break;
1962 }
1963 }
1964 if (pair == NULL) {
1965 fnvlist_free(bmarks);
1966 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1967 "no appropriate redaction bookmark exists"));
1968 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1969 }
1970 char *name = nvpair_name(pair);
1971 nvlist_t *bmark = fnvpair_value_nvlist(pair);
1972 nvlist_t *vallist = fnvlist_lookup_nvlist(bmark, "redact_complete");
1973 boolean_t complete = fnvlist_lookup_boolean_value(vallist,
1974 ZPROP_VALUE);
1975 if (!complete) {
1976 fnvlist_free(bmarks);
1977 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1978 "incomplete redaction bookmark provided"));
1979 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1980 }
1981 *bookname = strndup(name, ZFS_MAX_DATASET_NAME_LEN);
1982 ASSERT3P(*bookname, !=, NULL);
1983 fnvlist_free(bmarks);
1984 return (0);
1985}
47dfff3b 1986
ba0ba69e
TC		 1987static int
1988zfs_send_resume_impl(libzfs_handle_t *hdl, sendflags_t *flags, int outfd,
1989 nvlist_t *resume_nvl)
47dfff3b
MA		 1990{
1991 char errbuf[1024];
1992 char *toname;
1993 char *fromname = NULL;
1994 uint64_t resumeobj, resumeoff, toguid, fromguid, bytes;
1995 zfs_handle_t *zhp;
1996 int error = 0;
eca7b760 1997 char name[ZFS_MAX_DATASET_NAME_LEN];
47dfff3b 1998 enum lzc_send_flags lzc_flags = 0;
30af21b0
PD		 1999 FILE *fout = (flags->verbosity > 0 && flags->dryrun) ? stdout : stderr;
2000 uint64_t *redact_snap_guids = NULL;
2001 int num_redact_snaps = 0;
2002 char *redact_book = NULL;
47dfff3b
MA		 2003
2004 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2005 "cannot resume send"));
2006
30af21b0 2007 if (flags->verbosity != 0) {
aee1dd4d 2008 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
47dfff3b 2009 "resume token contents:\n"));
aee1dd4d 2010 nvlist_print(fout, resume_nvl);
47dfff3b
MA		 2011 }
2012
2013 if (nvlist_lookup_string(resume_nvl, "toname", &toname) != 0 ||
2014 nvlist_lookup_uint64(resume_nvl, "object", &resumeobj) != 0 ||
2015 nvlist_lookup_uint64(resume_nvl, "offset", &resumeoff) != 0 ||
2016 nvlist_lookup_uint64(resume_nvl, "bytes", &bytes) != 0 ||
2017 nvlist_lookup_uint64(resume_nvl, "toguid", &toguid) != 0) {
2018 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2019 "resume token is corrupt"));
2020 return (zfs_error(hdl, EZFS_FAULT, errbuf));
2021 }
2022 fromguid = 0;
2023 (void) nvlist_lookup_uint64(resume_nvl, "fromguid", &fromguid);
2024
2aa34383
DK		 2025 if (flags->largeblock || nvlist_exists(resume_nvl, "largeblockok"))
2026 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK;
47dfff3b
MA		 2027 if (flags->embed_data || nvlist_exists(resume_nvl, "embedok"))
2028 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA;
2aa34383
DK		 2029 if (flags->compress || nvlist_exists(resume_nvl, "compressok"))
2030 lzc_flags |= LZC_SEND_FLAG_COMPRESS;
b5256303
TC		 2031 if (flags->raw || nvlist_exists(resume_nvl, "rawok"))
2032 lzc_flags |= LZC_SEND_FLAG_RAW;
ba0ba69e
TC		 2033 if (flags->saved || nvlist_exists(resume_nvl, "savedok"))
2034 lzc_flags |= LZC_SEND_FLAG_SAVED;
47dfff3b 2035
ba0ba69e
TC		 2036 if (flags->saved) {
2037 (void) strcpy(name, toname);
2038 } else {
2039 error = guid_to_name(hdl, toname, toguid, B_FALSE, name);
2040 if (error != 0) {
2041 if (zfs_dataset_exists(hdl, toname, ZFS_TYPE_DATASET)) {
2042 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2043 "'%s' is no longer the same snapshot "
2044 "used in the initial send"), toname);
2045 } else {
2046 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2047 "'%s' used in the initial send no "
2048 "longer exists"), toname);
2049 }
2050 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
47dfff3b 2051 }
47dfff3b 2052 }
ba0ba69e 2053
47dfff3b
MA		 2054 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
2055 if (zhp == NULL) {
2056 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2057 "unable to access '%s'"), name);
2058 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
2059 }
2060
30af21b0
PD		 2061 if (nvlist_lookup_uint64_array(resume_nvl, "book_redact_snaps",
2062 &redact_snap_guids, (uint_t *)&num_redact_snaps) != 0) {
2063 num_redact_snaps = -1;
2064 }
2065
47dfff3b 2066 if (fromguid != 0) {
30af21b0
PD		 2067 if (guid_to_name_redact_snaps(hdl, toname, fromguid, B_TRUE,
2068 redact_snap_guids, num_redact_snaps, name) != 0) {
47dfff3b
MA		 2069 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2070 "incremental source %#llx no longer exists"),
2071 (longlong_t)fromguid);
2072 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
2073 }
2074 fromname = name;
2075 }
2076
30af21b0
PD		 2077 redact_snap_guids = NULL;
2078
2079 if (nvlist_lookup_uint64_array(resume_nvl,
2080 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS), &redact_snap_guids,
2081 (uint_t *)&num_redact_snaps) == 0) {
2082 char path[ZFS_MAX_DATASET_NAME_LEN];
2083
2084 (void) strlcpy(path, toname, sizeof (path));
2085 char *at = strchr(path, '@');
2086 ASSERT3P(at, !=, NULL);
2087
2088 *at = '\0';
2089
2090 if ((error = find_redact_book(hdl, path, redact_snap_guids,
2091 num_redact_snaps, &redact_book)) != 0) {
2092 return (error);
2093 }
2094 }
2095
2096 if (flags->verbosity != 0) {
2097 /*
2098 * Some of these may have come from the resume token, set them
2099 * here for size estimate purposes.
2100 */
2101 sendflags_t tmpflags = *flags;
2102 if (lzc_flags & LZC_SEND_FLAG_LARGE_BLOCK)
2103 tmpflags.largeblock = B_TRUE;
2104 if (lzc_flags & LZC_SEND_FLAG_COMPRESS)
2105 tmpflags.compress = B_TRUE;
2106 if (lzc_flags & LZC_SEND_FLAG_EMBED_DATA)
2107 tmpflags.embed_data = B_TRUE;
2108 error = estimate_size(zhp, fromname, outfd, &tmpflags,
2109 resumeobj, resumeoff, bytes, redact_book, errbuf);
47dfff3b
MA		 2110 }
2111
2112 if (!flags->dryrun) {
2113 progress_arg_t pa = { 0 };
2114 pthread_t tid;
2115 /*
2116 * If progress reporting is requested, spawn a new thread to
2117 * poll ZFS_IOC_SEND_PROGRESS at a regular interval.
2118 */
2119 if (flags->progress) {
2120 pa.pa_zhp = zhp;
2121 pa.pa_fd = outfd;
2122 pa.pa_parsable = flags->parsable;
30af21b0
PD		 2123 pa.pa_estimate = B_FALSE;
2124 pa.pa_verbosity = flags->verbosity;
47dfff3b
MA		 2125
2126 error = pthread_create(&tid, NULL,
2127 send_progress_thread, &pa);
2128 if (error != 0) {
30af21b0
PD		 2129 if (redact_book != NULL)
2130 free(redact_book);
47dfff3b
MA		 2131 zfs_close(zhp);
2132 return (error);
2133 }
2134 }
2135
30af21b0
PD		 2136 error = lzc_send_resume_redacted(zhp->zfs_name, fromname, outfd,
2137 lzc_flags, resumeobj, resumeoff, redact_book);
2138 if (redact_book != NULL)
2139 free(redact_book);
47dfff3b
MA		 2140
2141 if (flags->progress) {
30af21b0 2142 void *status = NULL;
47dfff3b 2143 (void) pthread_cancel(tid);
30af21b0
PD		 2144 (void) pthread_join(tid, &status);
2145 int error = (int)(uintptr_t)status;
2146 if (error != 0 && status != PTHREAD_CANCELED) {
2147 char errbuf[1024];
2148 (void) snprintf(errbuf, sizeof (errbuf),
2149 dgettext(TEXT_DOMAIN,
2150 "progress thread exited nonzero"));
2151 return (zfs_standard_error(hdl, error, errbuf));
2152 }
47dfff3b
MA		 2153 }
2154
2155 char errbuf[1024];
2156 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2157 "warning: cannot send '%s'"), zhp->zfs_name);
2158
2159 zfs_close(zhp);
2160
2161 switch (error) {
2162 case 0:
2163 return (0);
b5256303
TC		 2164 case EACCES:
2165 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2166 "source key must be loaded"));
2167 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
30af21b0
PD		 2168 case ESRCH:
2169 if (lzc_exists(zhp->zfs_name)) {
2170 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2171 "incremental source could not be found"));
2172 }
2173 return (zfs_error(hdl, EZFS_NOENT, errbuf));
b5256303 2174
47dfff3b
MA		 2175 case EXDEV:
2176 case ENOENT:
2177 case EDQUOT:
2178 case EFBIG:
2179 case EIO:
2180 case ENOLINK:
2181 case ENOSPC:
2182 case ENOSTR:
2183 case ENXIO:
2184 case EPIPE:
2185 case ERANGE:
2186 case EFAULT:
2187 case EROFS:
2188 zfs_error_aux(hdl, strerror(errno));
2189 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
2190
2191 default:
2192 return (zfs_standard_error(hdl, errno, errbuf));
2193 }
30af21b0
PD		 2194 } else {
2195 if (redact_book != NULL)
2196 free(redact_book);
47dfff3b
MA		 2197 }
2198
47dfff3b
MA		 2199 zfs_close(zhp);
2200
2201 return (error);
2202}
2203
ba0ba69e
TC		 2204int
2205zfs_send_resume(libzfs_handle_t *hdl, sendflags_t *flags, int outfd,
2206 const char *resume_token)
2207{
2208 int ret;
2209 char errbuf[1024];
2210 nvlist_t *resume_nvl;
2211
2212 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2213 "cannot resume send"));
2214
2215 resume_nvl = zfs_send_resume_token_to_nvlist(hdl, resume_token);
2216 if (resume_nvl == NULL) {
2217 /*
2218 * zfs_error_aux has already been set by
2219 * zfs_send_resume_token_to_nvlist()
2220 */
2221 return (zfs_error(hdl, EZFS_FAULT, errbuf));
2222 }
2223
2224 ret = zfs_send_resume_impl(hdl, flags, outfd, resume_nvl);
2225 nvlist_free(resume_nvl);
2226
2227 return (ret);
2228}
2229
2230int
2231zfs_send_saved(zfs_handle_t *zhp, sendflags_t *flags, int outfd,
2232 const char *resume_token)
2233{
2234 int ret;
2235 libzfs_handle_t *hdl = zhp->zfs_hdl;
2236 nvlist_t *saved_nvl = NULL, *resume_nvl = NULL;
2237 uint64_t saved_guid = 0, resume_guid = 0;
2238 uint64_t obj = 0, off = 0, bytes = 0;
2239 char token_buf[ZFS_MAXPROPLEN];
2240 char errbuf[1024];
2241
2242 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2243 "saved send failed"));
2244
2245 ret = zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
2246 token_buf, sizeof (token_buf), NULL, NULL, 0, B_TRUE);
2247 if (ret != 0)
2248 goto out;
2249
2250 saved_nvl = zfs_send_resume_token_to_nvlist(hdl, token_buf);
2251 if (saved_nvl == NULL) {
2252 /*
2253 * zfs_error_aux has already been set by
2254 * zfs_send_resume_token_to_nvlist()
2255 */
2256 ret = zfs_error(hdl, EZFS_FAULT, errbuf);
2257 goto out;
2258 }
2259
2260 /*
2261 * If a resume token is provided we use the object and offset
2262 * from that instead of the default, which starts from the
2263 * beginning.
2264 */
2265 if (resume_token != NULL) {
2266 resume_nvl = zfs_send_resume_token_to_nvlist(hdl,
2267 resume_token);
2268 if (resume_nvl == NULL) {
2269 ret = zfs_error(hdl, EZFS_FAULT, errbuf);
2270 goto out;
2271 }
2272
2273 if (nvlist_lookup_uint64(resume_nvl, "object", &obj) != 0 ||
2274 nvlist_lookup_uint64(resume_nvl, "offset", &off) != 0 ||
2275 nvlist_lookup_uint64(resume_nvl, "bytes", &bytes) != 0 ||
2276 nvlist_lookup_uint64(resume_nvl, "toguid",
2277 &resume_guid) != 0) {
2278 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2279 "provided resume token is corrupt"));
2280 ret = zfs_error(hdl, EZFS_FAULT, errbuf);
2281 goto out;
2282 }
2283
2284 if (nvlist_lookup_uint64(saved_nvl, "toguid",
2285 &saved_guid)) {
2286 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2287 "dataset's resume token is corrupt"));
2288 ret = zfs_error(hdl, EZFS_FAULT, errbuf);
2289 goto out;
2290 }
2291
2292 if (resume_guid != saved_guid) {
2293 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2294 "provided resume token does not match dataset"));
2295 ret = zfs_error(hdl, EZFS_BADBACKUP, errbuf);
2296 goto out;
2297 }
2298 }
2299
2300 (void) nvlist_remove_all(saved_nvl, "object");
2301 fnvlist_add_uint64(saved_nvl, "object", obj);
2302
2303 (void) nvlist_remove_all(saved_nvl, "offset");
2304 fnvlist_add_uint64(saved_nvl, "offset", off);
2305
2306 (void) nvlist_remove_all(saved_nvl, "bytes");
2307 fnvlist_add_uint64(saved_nvl, "bytes", bytes);
2308
2309 (void) nvlist_remove_all(saved_nvl, "toname");
2310 fnvlist_add_string(saved_nvl, "toname", zhp->zfs_name);
2311
2312 ret = zfs_send_resume_impl(hdl, flags, outfd, saved_nvl);
2313
2314out:
2315 nvlist_free(saved_nvl);
2316 nvlist_free(resume_nvl);
2317 return (ret);
2318}
2319
34dc7c2f 2320/*
30af21b0
PD		 2321 * This function informs the target system that the recursive send is complete.
2322 * The record is also expected in the case of a send -p.
2323 */
2324static int
2325send_conclusion_record(int fd, zio_cksum_t *zc)
2326{
2327 dmu_replay_record_t drr = { 0 };
2328 drr.drr_type = DRR_END;
2329 if (zc != NULL)
2330 drr.drr_u.drr_end.drr_checksum = *zc;
2331 if (write(fd, &drr, sizeof (drr)) == -1) {
2332 return (errno);
2333 }
2334 return (0);
2335}
2336
2337/*
2338 * This function is responsible for sending the records that contain the
2339 * necessary information for the target system's libzfs to be able to set the
2340 * properties of the filesystem being received, or to be able to prepare for
2341 * a recursive receive.
2342 *
2343 * The "zhp" argument is the handle of the snapshot we are sending
2344 * (the "tosnap"). The "from" argument is the short snapshot name (the part
2345 * after the @) of the incremental source.
2346 */
2347static int
2348send_prelim_records(zfs_handle_t *zhp, const char *from, int fd,
2349 boolean_t gather_props, boolean_t recursive, boolean_t verbose,
2350 boolean_t dryrun, boolean_t raw, boolean_t replicate, boolean_t backup,
2351 boolean_t holds, boolean_t props, boolean_t doall,
2352 nvlist_t **fssp, avl_tree_t **fsavlp)
2353{
2354 int err = 0;
2355 char *packbuf = NULL;
2356 size_t buflen = 0;
2357 zio_cksum_t zc = { {0} };
2358 int featureflags = 0;
2359 /* name of filesystem/volume that contains snapshot we are sending */
2360 char tofs[ZFS_MAX_DATASET_NAME_LEN];
2361 /* short name of snap we are sending */
2362 char *tosnap = "";
2363
2364 char errbuf[1024];
2365 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2366 "warning: cannot send '%s'"), zhp->zfs_name);
2367 if (zhp->zfs_type == ZFS_TYPE_FILESYSTEM && zfs_prop_get_int(zhp,
2368 ZFS_PROP_VERSION) >= ZPL_VERSION_SA) {
2369 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL;
2370 }
2371
2372 if (holds)
2373 featureflags |= DMU_BACKUP_FEATURE_HOLDS;
2374
2375 (void) strlcpy(tofs, zhp->zfs_name, ZFS_MAX_DATASET_NAME_LEN);
2376 char *at = strchr(tofs, '@');
2377 if (at != NULL) {
2378 *at = '\0';
2379 tosnap = at + 1;
2380 }
2381
2382 if (gather_props) {
2383 nvlist_t *hdrnv = fnvlist_alloc();
2384 nvlist_t *fss = NULL;
2385
2386 if (from != NULL)
2387 fnvlist_add_string(hdrnv, "fromsnap", from);
2388 fnvlist_add_string(hdrnv, "tosnap", tosnap);
2389 if (!recursive)
2390 fnvlist_add_boolean(hdrnv, "not_recursive");
2391
2392 if (raw) {
2393 VERIFY0(nvlist_add_boolean(hdrnv, "raw"));
2394 }
2395
2396 if ((err = gather_nvlist(zhp->zfs_hdl, tofs,
2397 from, tosnap, recursive, raw, doall, replicate, verbose,
2398 backup, holds, props, &fss, fsavlp)) != 0) {
2399 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2400 errbuf));
2401 }
2402 fnvlist_add_nvlist(hdrnv, "fss", fss);
2403 VERIFY0(nvlist_pack(hdrnv, &packbuf, &buflen, NV_ENCODE_XDR,
2404 0));
2405 if (fssp != NULL) {
2406 *fssp = fss;
2407 } else {
2408 nvlist_free(fss);
2409 }
2410 nvlist_free(hdrnv);
2411 }
2412
2413 if (!dryrun) {
2414 dmu_replay_record_t drr = { 0 };
2415 /* write first begin record */
2416 drr.drr_type = DRR_BEGIN;
2417 drr.drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC;
2418 DMU_SET_STREAM_HDRTYPE(drr.drr_u.drr_begin.
2419 drr_versioninfo, DMU_COMPOUNDSTREAM);
2420 DMU_SET_FEATUREFLAGS(drr.drr_u.drr_begin.
2421 drr_versioninfo, featureflags);
2422 if (snprintf(drr.drr_u.drr_begin.drr_toname,
2423 sizeof (drr.drr_u.drr_begin.drr_toname), "%s@%s", tofs,
2424 tosnap) >= sizeof (drr.drr_u.drr_begin.drr_toname)) {
2425 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2426 errbuf));
2427 }
2428 drr.drr_payloadlen = buflen;
2429
2430 err = dump_record(&drr, packbuf, buflen, &zc, fd);
2431 free(packbuf);
2432 if (err != 0) {
2433 zfs_error_aux(zhp->zfs_hdl, strerror(err));
2434 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2435 errbuf));
2436 }
2437 err = send_conclusion_record(fd, &zc);
2438 if (err != 0) {
2439 zfs_error_aux(zhp->zfs_hdl, strerror(err));
2440 return (zfs_error(zhp->zfs_hdl, EZFS_BADBACKUP,
2441 errbuf));
2442 }
2443 }
2444 return (0);
2445}
2446
2447/*
2448 * Generate a send stream. The "zhp" argument is the filesystem/volume
2449 * that contains the snapshot to send. The "fromsnap" argument is the
2450 * short name (the part after the '@') of the snapshot that is the
2451 * incremental source to send from (if non-NULL). The "tosnap" argument
2452 * is the short name of the snapshot to send.
45d1cae3
BB		 2453 *
2454 * The content of the send stream is the snapshot identified by
2455 * 'tosnap'. Incremental streams are requested in two ways:
2456 * - from the snapshot identified by "fromsnap" (if non-null) or
2457 * - from the origin of the dataset identified by zhp, which must
2458 * be a clone. In this case, "fromsnap" is null and "fromorigin"
2459 * is TRUE.
2460 *
2461 * The send stream is recursive (i.e. dumps a hierarchy of snapshots) and
428870ff 2462 * uses a special header (with a hdrtype field of DMU_COMPOUNDSTREAM)
45d1cae3 2463 * if "replicate" is set. If "doall" is set, dump all the intermediate
428870ff
BB		 2464 * snapshots. The DMU_COMPOUNDSTREAM header is used in the "doall"
2465 * case too. If "props" is set, send properties.
34dc7c2f
BB		 2466 */
2467int
2468zfs_send(zfs_handle_t *zhp, const char *fromsnap, const char *tosnap,
330d06f9 2469 sendflags_t *flags, int outfd, snapfilter_cb_t filter_func,
428870ff 2470 void *cb_arg, nvlist_t **debugnvp)
34dc7c2f
BB		 2471{
2472 char errbuf[1024];
2473 send_dump_data_t sdd = { 0 };
330d06f9 2474 int err = 0;
34dc7c2f
BB		 2475 nvlist_t *fss = NULL;
2476 avl_tree_t *fsavl = NULL;
428870ff
BB		 2477 static uint64_t holdseq;
2478 int spa_version;
95fd54a1 2479 pthread_t tid = 0;
428870ff
BB		 2480 int pipefd[2];
2481 dedup_arg_t dda = { 0 };
2482 int featureflags = 0;
93f6d7e2 2483 FILE *fout;
428870ff 2484
34dc7c2f
BB		 2485 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2486 "cannot send '%s'"), zhp->zfs_name);
2487
2488 if (fromsnap && fromsnap[0] == '\0') {
2489 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
2490 "zero-length incremental source"));
2491 return (zfs_error(zhp->zfs_hdl, EZFS_NOENT, errbuf));
2492 }
2493
572e2857
BB		 2494 if (zhp->zfs_type == ZFS_TYPE_FILESYSTEM) {
2495 uint64_t version;
2496 version = zfs_prop_get_int(zhp, ZFS_PROP_VERSION);
2497 if (version >= ZPL_VERSION_SA) {
2498 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL;
2499 }
2500 }
2501
9c5e88b1
PZ		 2502 if (flags->holds)
2503 featureflags |= DMU_BACKUP_FEATURE_HOLDS;
2504
b5256303
TC		 2505 /*
2506 * Start the dedup thread if this is a dedup stream. We do not bother
2507 * doing this if this a raw send of an encrypted dataset with dedup off
2508 * because normal encrypted blocks won't dedup.
2509 */
2510 if (flags->dedup && !flags->dryrun && !(flags->raw &&
2511 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF &&
2512 zfs_prop_get_int(zhp, ZFS_PROP_DEDUP) == ZIO_CHECKSUM_OFF)) {
428870ff
BB		 2513 featureflags |= (DMU_BACKUP_FEATURE_DEDUP |
2514 DMU_BACKUP_FEATURE_DEDUPPROPS);
23d70cde 2515 if ((err = socketpair(AF_UNIX, SOCK_STREAM, 0, pipefd)) != 0) {
428870ff
BB		 2516 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2517 return (zfs_error(zhp->zfs_hdl, EZFS_PIPEFAILED,
2518 errbuf));
2519 }
2520 dda.outputfd = outfd;
2521 dda.inputfd = pipefd[1];
2522 dda.dedup_hdl = zhp->zfs_hdl;
23d70cde 2523 if ((err = pthread_create(&tid, NULL, cksummer, &dda)) != 0) {
428870ff
BB		 2524 (void) close(pipefd[0]);
2525 (void) close(pipefd[1]);
2526 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2527 return (zfs_error(zhp->zfs_hdl,
2528 EZFS_THREADCREATEFAILED, errbuf));
2529 }
2530 }
2531
9c5e88b1
PZ		 2532 if (flags->replicate || flags->doall || flags->props ||
2533 flags->holds || flags->backup) {
30af21b0
PD		 2534 char full_tosnap_name[ZFS_MAX_DATASET_NAME_LEN];
2535 if (snprintf(full_tosnap_name, sizeof (full_tosnap_name),
2536 "%s@%s", zhp->zfs_name, tosnap) >=
2537 sizeof (full_tosnap_name)) {
2538 err = EINVAL;
2539 goto stderr_out;
34dc7c2f 2540 }
30af21b0
PD		 2541 zfs_handle_t *tosnap = zfs_open(zhp->zfs_hdl,
2542 full_tosnap_name, ZFS_TYPE_SNAPSHOT);
1d20b763 2543 if (tosnap == NULL) {
2544 err = -1;
2545 goto err_out;
2546 }
30af21b0
PD		 2547 err = send_prelim_records(tosnap, fromsnap, outfd,
2548 flags->replicate || flags->props || flags->holds,
2549 flags->replicate, flags->verbosity > 0, flags->dryrun,
2550 flags->raw, flags->replicate, flags->backup, flags->holds,
2551 flags->props, flags->doall, &fss, &fsavl);
2552 zfs_close(tosnap);
2553 if (err != 0)
2554 goto err_out;
34dc7c2f
BB		 2555 }
2556
2557 /* dump each stream */
2558 sdd.fromsnap = fromsnap;
2559 sdd.tosnap = tosnap;
95fd54a1 2560 if (tid != 0)
428870ff
BB		 2561 sdd.outfd = pipefd[0];
2562 else
2563 sdd.outfd = outfd;
330d06f9
MA		 2564 sdd.replicate = flags->replicate;
2565 sdd.doall = flags->doall;
2566 sdd.fromorigin = flags->fromorigin;
34dc7c2f
BB		 2567 sdd.fss = fss;
2568 sdd.fsavl = fsavl;
30af21b0 2569 sdd.verbosity = flags->verbosity;
330d06f9 2570 sdd.parsable = flags->parsable;
37abac6d 2571 sdd.progress = flags->progress;
330d06f9 2572 sdd.dryrun = flags->dryrun;
f1512ee6 2573 sdd.large_block = flags->largeblock;
9b67f605 2574 sdd.embed_data = flags->embed_data;
2aa34383 2575 sdd.compress = flags->compress;
b5256303 2576 sdd.raw = flags->raw;
9c5e88b1 2577 sdd.holds = flags->holds;
428870ff
BB		 2578 sdd.filter_cb = filter_func;
2579 sdd.filter_cb_arg = cb_arg;
2580 if (debugnvp)
2581 sdd.debugnv = *debugnvp;
30af21b0 2582 if (sdd.verbosity != 0 && sdd.dryrun)
93f6d7e2
MJ		 2583 sdd.std_out = B_TRUE;
2584 fout = sdd.std_out ? stdout : stderr;
e956d651
CS		 2585
2586 /*
2587 * Some flags require that we place user holds on the datasets that are
2588 * being sent so they don't get destroyed during the send. We can skip
2589 * this step if the pool is imported read-only since the datasets cannot
2590 * be destroyed.
2591 */
2592 if (!flags->dryrun && !zpool_get_prop_int(zfs_get_pool_handle(zhp),
2593 ZPOOL_PROP_READONLY, NULL) &&
2594 zfs_spa_version(zhp, &spa_version) == 0 &&
2595 spa_version >= SPA_VERSION_USERREFS &&
2596 (flags->doall || flags->replicate)) {
572e2857
BB		 2597 ++holdseq;
2598 (void) snprintf(sdd.holdtag, sizeof (sdd.holdtag),
2599 ".send-%d-%llu", getpid(), (u_longlong_t)holdseq);
d32eff3a 2600 sdd.cleanup_fd = open(ZFS_DEV, O_RDWR);
572e2857
BB		 2601 if (sdd.cleanup_fd < 0) {
2602 err = errno;
2603 goto stderr_out;
2604 }
95fd54a1 2605 sdd.snapholds = fnvlist_alloc();
572e2857
BB		 2606 } else {
2607 sdd.cleanup_fd = -1;
95fd54a1 2608 sdd.snapholds = NULL;
572e2857 2609 }
9c5e88b1 2610
30af21b0 2611 if (flags->verbosity != 0 || sdd.snapholds != NULL) {
330d06f9
MA		 2612 /*
2613 * Do a verbose no-op dry run to get all the verbose output
95fd54a1
SH		 2614 * or to gather snapshot hold's before generating any data,
2615 * then do a non-verbose real run to generate the streams.
330d06f9
MA		 2616 */
2617 sdd.dryrun = B_TRUE;
2618 err = dump_filesystems(zhp, &sdd);
95fd54a1
SH		 2619
2620 if (err != 0)
2621 goto stderr_out;
2622
30af21b0 2623 if (flags->verbosity != 0) {
95fd54a1 2624 if (flags->parsable) {
93f6d7e2 2625 (void) fprintf(fout, "size\t%llu\n",
95fd54a1
SH		 2626 (longlong_t)sdd.size);
2627 } else {
2628 char buf[16];
e7fbeb60 2629 zfs_nicebytes(sdd.size, buf, sizeof (buf));
93f6d7e2 2630 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
95fd54a1
SH		 2631 "total estimated size is %s\n"), buf);
2632 }
330d06f9 2633 }
95fd54a1
SH		 2634
2635 /* Ensure no snaps found is treated as an error. */
2636 if (!sdd.seento) {
2637 err = ENOENT;
2638 goto err_out;
2639 }
2640
2641 /* Skip the second run if dryrun was requested. */
2642 if (flags->dryrun)
2643 goto err_out;
2644
2645 if (sdd.snapholds != NULL) {
2646 err = zfs_hold_nvl(zhp, sdd.cleanup_fd, sdd.snapholds);
2647 if (err != 0)
2648 goto stderr_out;
2649
2650 fnvlist_free(sdd.snapholds);
2651 sdd.snapholds = NULL;
2652 }
2653
2654 sdd.dryrun = B_FALSE;
30af21b0 2655 sdd.verbosity = 0;
330d06f9 2656 }
95fd54a1 2657
34dc7c2f
BB		 2658 err = dump_filesystems(zhp, &sdd);
2659 fsavl_destroy(fsavl);
2660 nvlist_free(fss);
2661
95fd54a1
SH		 2662 /* Ensure no snaps found is treated as an error. */
2663 if (err == 0 && !sdd.seento)
2664 err = ENOENT;
2665
2666 if (tid != 0) {
2667 if (err != 0)
2668 (void) pthread_cancel(tid);
95fd54a1 2669 (void) close(pipefd[0]);
6389d422 2670 (void) pthread_join(tid, NULL);
428870ff
BB		 2671 }
2672
572e2857
BB		 2673 if (sdd.cleanup_fd != -1) {
2674 VERIFY(0 == close(sdd.cleanup_fd));
2675 sdd.cleanup_fd = -1;
2676 }
2677
330d06f9 2678 if (!flags->dryrun && (flags->replicate || flags->doall ||
9c5e88b1 2679 flags->props || flags->backup || flags->holds)) {
34dc7c2f
BB		 2680 /*
2681 * write final end record. NB: want to do this even if
2682 * there was some error, because it might not be totally
2683 * failed.
2684 */
30af21b0
PD		 2685 err = send_conclusion_record(outfd, NULL);
2686 if (err != 0)
2687 return (zfs_standard_error(zhp->zfs_hdl, err, errbuf));
34dc7c2f
BB		 2688 }
2689
2690 return (err || sdd.err);
428870ff
BB		 2691
2692stderr_out:
2693 err = zfs_standard_error(zhp->zfs_hdl, err, errbuf);
2694err_out:
95fd54a1
SH		 2695 fsavl_destroy(fsavl);
2696 nvlist_free(fss);
2697 fnvlist_free(sdd.snapholds);
2698
572e2857
BB		 2699 if (sdd.cleanup_fd != -1)
2700 VERIFY(0 == close(sdd.cleanup_fd));
95fd54a1 2701 if (tid != 0) {
428870ff 2702 (void) pthread_cancel(tid);
428870ff 2703 (void) close(pipefd[0]);
6389d422 2704 (void) pthread_join(tid, NULL);
428870ff
BB		 2705 }
2706 return (err);
34dc7c2f
BB		 2707}
2708
30af21b0
PD		 2709static int
2710get_dedup_fd(zfs_handle_t *zhp, dedup_arg_t *dda, int fd, pthread_t *tid,
2711 int *outfd)
2712{
2713 int pipefd[2];
2714 char errbuf[1024];
2715 int err;
2716 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2717 "warning: cannot send '%s'"), zhp->zfs_name);
2718 if ((err = socketpair(AF_UNIX, SOCK_STREAM, 0, pipefd)) != 0) {
2719 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2720 return (zfs_error(zhp->zfs_hdl, EZFS_PIPEFAILED,
2721 errbuf));
2722 }
2723 dda->outputfd = fd;
2724 dda->inputfd = pipefd[1];
2725 dda->dedup_hdl = zhp->zfs_hdl;
2726 if ((err = pthread_create(tid, NULL, cksummer, dda)) != 0) {
2727 (void) close(pipefd[0]);
2728 (void) close(pipefd[1]);
2729 zfs_error_aux(zhp->zfs_hdl, strerror(err));
2730 return (zfs_error(zhp->zfs_hdl, EZFS_THREADCREATEFAILED,
2731 errbuf));
2732 }
2733 *outfd = pipefd[0];
2734 return (0);
2735}
2736
2737zfs_handle_t *
2738name_to_dir_handle(libzfs_handle_t *hdl, const char *snapname)
2739{
2740 char dirname[ZFS_MAX_DATASET_NAME_LEN];
2741 (void) strlcpy(dirname, snapname, ZFS_MAX_DATASET_NAME_LEN);
2742 char *c = strchr(dirname, '@');
2743 if (c != NULL)
2744 *c = '\0';
2745 return (zfs_open(hdl, dirname, ZFS_TYPE_DATASET));
2746}
2747
2748/*
2749 * Returns B_TRUE if earlier is an earlier snapshot in later's timeline; either
2750 * an earlier snapshot in the same filesystem, or a snapshot before later's
2751 * origin, or it's origin's origin, etc.
2752 */
2753static boolean_t
2754snapshot_is_before(zfs_handle_t *earlier, zfs_handle_t *later)
2755{
2756 boolean_t ret;
2757 uint64_t later_txg =
2758 (later->zfs_type == ZFS_TYPE_FILESYSTEM ||
2759 later->zfs_type == ZFS_TYPE_VOLUME ?
2760 UINT64_MAX : zfs_prop_get_int(later, ZFS_PROP_CREATETXG));
2761 uint64_t earlier_txg = zfs_prop_get_int(earlier, ZFS_PROP_CREATETXG);
2762
2763 if (earlier_txg >= later_txg)
2764 return (B_FALSE);
2765
2766 zfs_handle_t *earlier_dir = name_to_dir_handle(earlier->zfs_hdl,
2767 earlier->zfs_name);
2768 zfs_handle_t *later_dir = name_to_dir_handle(later->zfs_hdl,
2769 later->zfs_name);
2770
2771 if (strcmp(earlier_dir->zfs_name, later_dir->zfs_name) == 0) {
2772 zfs_close(earlier_dir);
2773 zfs_close(later_dir);
2774 return (B_TRUE);
2775 }
2776
2777 char clonename[ZFS_MAX_DATASET_NAME_LEN];
2778 if (zfs_prop_get(later_dir, ZFS_PROP_ORIGIN, clonename,
2779 ZFS_MAX_DATASET_NAME_LEN, NULL, NULL, 0, B_TRUE) != 0) {
2780 zfs_close(earlier_dir);
2781 zfs_close(later_dir);
2782 return (B_FALSE);
2783 }
2784
2785 zfs_handle_t *origin = zfs_open(earlier->zfs_hdl, clonename,
2786 ZFS_TYPE_DATASET);
2787 uint64_t origin_txg = zfs_prop_get_int(origin, ZFS_PROP_CREATETXG);
2788
2789 /*
2790 * If "earlier" is exactly the origin, then
2791 * snapshot_is_before(earlier, origin) will return false (because
2792 * they're the same).
2793 */
2794 if (origin_txg == earlier_txg &&
2795 strcmp(origin->zfs_name, earlier->zfs_name) == 0) {
2796 zfs_close(earlier_dir);
2797 zfs_close(later_dir);
2798 zfs_close(origin);
2799 return (B_TRUE);
2800 }
2801 zfs_close(earlier_dir);
2802 zfs_close(later_dir);
2803
2804 ret = snapshot_is_before(earlier, origin);
2805 zfs_close(origin);
2806 return (ret);
2807}
2808
2809/*
2810 * The "zhp" argument is the handle of the dataset to send (typically a
2811 * snapshot). The "from" argument is the full name of the snapshot or
2812 * bookmark that is the incremental source.
2813 */
da536844 2814int
30af21b0
PD		 2815zfs_send_one(zfs_handle_t *zhp, const char *from, int fd, sendflags_t *flags,
2816 const char *redactbook)
da536844 2817{
30af21b0 2818 int err;
da536844 2819 libzfs_handle_t *hdl = zhp->zfs_hdl;
22df2457 2820 char *name = zhp->zfs_name;
30af21b0
PD		 2821 int orig_fd = fd;
2822 pthread_t ddtid, ptid;
2823 progress_arg_t pa = { 0 };
2824 dedup_arg_t dda = { 0 };
2825
da536844 2826 char errbuf[1024];
30af21b0 2827 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
22df2457 2828 "warning: cannot send '%s'"), name);
835db585 2829
30af21b0
PD		 2830 if (from != NULL && strchr(from, '@')) {
2831 zfs_handle_t *from_zhp = zfs_open(hdl, from,
2832 ZFS_TYPE_DATASET);
1d20b763 2833 if (from_zhp == NULL)
2834 return (-1);
30af21b0
PD		 2835 if (!snapshot_is_before(from_zhp, zhp)) {
2836 zfs_close(from_zhp);
2837 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2838 "not an earlier snapshot from the same fs"));
2839 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
2840 }
2841 zfs_close(from_zhp);
2842 }
835db585 2843
22df2457
RM		 2844 if (redactbook != NULL) {
2845 char bookname[ZFS_MAX_DATASET_NAME_LEN];
2846 nvlist_t *redact_snaps;
2847 zfs_handle_t *book_zhp;
2848 char *at, *pound;
2849 int dsnamelen;
2850
2851 pound = strchr(redactbook, '#');
2852 if (pound != NULL)
2853 redactbook = pound + 1;
2854 at = strchr(name, '@');
2855 if (at == NULL) {
2856 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2857 "cannot do a redacted send to a filesystem"));
2858 return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
2859 }
2860 dsnamelen = at - name;
2861 if (snprintf(bookname, sizeof (bookname), "%.*s#%s",
2862 dsnamelen, name, redactbook)
2863 >= sizeof (bookname)) {
2864 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2865 "invalid bookmark name"));
2866 return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
2867 }
2868 book_zhp = zfs_open(hdl, bookname, ZFS_TYPE_BOOKMARK);
2869 if (book_zhp == NULL)
2870 return (-1);
2871 if (nvlist_lookup_nvlist(book_zhp->zfs_props,
2872 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS),
2873 &redact_snaps) != 0 || redact_snaps == NULL) {
2874 zfs_close(book_zhp);
2875 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2876 "not a redaction bookmark"));
2877 return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
2878 }
2879 zfs_close(book_zhp);
2880 }
2881
30af21b0
PD		 2882 /*
2883 * Send fs properties
2884 */
2885 if (flags->props || flags->holds || flags->backup) {
2886 /*
2887 * Note: the header generated by send_prelim_records()
2888 * assumes that the incremental source is in the same
2889 * filesystem/volume as the target (which is a requirement
2890 * when doing "zfs send -R"). But that isn't always the
2891 * case here (e.g. send from snap in origin, or send from
2892 * bookmark). We pass from=NULL, which will omit this
2893 * information from the prelim records; it isn't used
2894 * when receiving this type of stream.
2895 */
2896 err = send_prelim_records(zhp, NULL, fd, B_TRUE, B_FALSE,
2897 flags->verbosity > 0, flags->dryrun, flags->raw,
2898 flags->replicate, flags->backup, flags->holds,
2899 flags->props, flags->doall, NULL, NULL);
2900 if (err != 0)
2901 return (err);
2902 }
2903
2904 /*
2905 * Perform size estimate if verbose was specified.
2906 */
2907 if (flags->verbosity != 0) {
2908 err = estimate_size(zhp, from, fd, flags, 0, 0, 0, redactbook,
2909 errbuf);
2910 if (err != 0)
2911 return (err);
2912 }
2913
2914 if (flags->dryrun)
2915 return (0);
2916
2917 /*
2918 * If deduplication is requested, spawn a thread that will deduplicate
2919 * the data coming out of the kernel.
2920 */
2921 if (flags->dedup) {
2922 err = get_dedup_fd(zhp, &dda, fd, &ddtid, &fd);
2923 if (err != 0)
2924 return (err);
2925 }
2926
2927 /*
2928 * If progress reporting is requested, spawn a new thread to poll
2929 * ZFS_IOC_SEND_PROGRESS at a regular interval.
2930 */
2931 if (flags->progress) {
2932 pa.pa_zhp = zhp;
2933 pa.pa_fd = fd;
2934 pa.pa_parsable = flags->parsable;
2935 pa.pa_estimate = B_FALSE;
2936 pa.pa_verbosity = flags->verbosity;
2937
2938 err = pthread_create(&ptid, NULL,
2939 send_progress_thread, &pa);
2940 if (err != 0) {
2941 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
2942 if (flags->dedup) {
2943 (void) pthread_cancel(ddtid);
2944 (void) close(fd);
2945 (void) pthread_join(ddtid, NULL);
2946 }
2947 return (zfs_error(zhp->zfs_hdl,
2948 EZFS_THREADCREATEFAILED, errbuf));
835db585 2949 }
2950 }
2951
22df2457 2952 err = lzc_send_redacted(name, from, fd,
30af21b0 2953 lzc_flags_from_sendflags(flags), redactbook);
835db585 2954
30af21b0
PD		 2955 if (flags->progress) {
2956 void *status = NULL;
2957 if (err != 0)
2958 (void) pthread_cancel(ptid);
2959 (void) pthread_join(ptid, &status);
2960 int error = (int)(uintptr_t)status;
2961 if (error != 0 && status != PTHREAD_CANCELED) {
2962 char errbuf[1024];
2963 (void) snprintf(errbuf, sizeof (errbuf),
2964 dgettext(TEXT_DOMAIN, "progress thread exited "
2965 "nonzero"));
2966 return (zfs_standard_error(hdl, error, errbuf));
2967 }
2968 }
2969 if (flags->dedup) {
2970 if (err != 0)
2971 (void) pthread_cancel(ddtid);
2972 (void) close(fd);
2973 (void) pthread_join(ddtid, NULL);
2974 }
da536844 2975
30af21b0
PD		 2976 if (flags->props || flags->holds || flags->backup) {
2977 /* Write the final end record. */
2978 err = send_conclusion_record(orig_fd, NULL);
2979 if (err != 0)
2980 return (zfs_standard_error(hdl, err, errbuf));
2981 }
da536844
MA		 2982 if (err != 0) {
2983 switch (errno) {
2984 case EXDEV:
2985 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2986 "not an earlier snapshot from the same fs"));
2987 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
2988
2989 case ENOENT:
2990 case ESRCH:
22df2457 2991 if (lzc_exists(name)) {
da536844
MA		 2992 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2993 "incremental source (%s) does not exist"),
2994 from);
2995 }
2996 return (zfs_error(hdl, EZFS_NOENT, errbuf));
2997
b5256303
TC		 2998 case EACCES:
2999 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3000 "dataset key must be loaded"));
3001 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
3002
da536844
MA		 3003 case EBUSY:
3004 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3005 "target is busy; if a filesystem, "
3006 "it must not be mounted"));
3007 return (zfs_error(hdl, EZFS_BUSY, errbuf));
3008
3009 case EDQUOT:
22df2457 3010 case EFAULT:
da536844 3011 case EFBIG:
22df2457 3012 case EINVAL:
da536844
MA		 3013 case EIO:
3014 case ENOLINK:
3015 case ENOSPC:
3016 case ENOSTR:
3017 case ENXIO:
3018 case EPIPE:
3019 case ERANGE:
da536844
MA		 3020 case EROFS:
3021 zfs_error_aux(hdl, strerror(errno));
3022 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
3023
3024 default:
3025 return (zfs_standard_error(hdl, errno, errbuf));
3026 }
3027 }
3028 return (err != 0);
3029}
3030
34dc7c2f
BB		 3031/*
3032 * Routines specific to "zfs recv"
3033 */
3034
3035static int
3036recv_read(libzfs_handle_t *hdl, int fd, void *buf, int ilen,
3037 boolean_t byteswap, zio_cksum_t *zc)
3038{
3039 char *cp = buf;
3040 int rv;
3041 int len = ilen;
3042
37f8a883
MA		 3043 assert(ilen <= SPA_MAXBLOCKSIZE);
3044
34dc7c2f
BB		 3045 do {
3046 rv = read(fd, cp, len);
3047 cp += rv;
3048 len -= rv;
3049 } while (rv > 0);
3050
3051 if (rv < 0 || len != 0) {
3052 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3053 "failed to read from stream"));
3054 return (zfs_error(hdl, EZFS_BADSTREAM, dgettext(TEXT_DOMAIN,
3055 "cannot receive")));
3056 }
3057
3058 if (zc) {
3059 if (byteswap)
3060 fletcher_4_incremental_byteswap(buf, ilen, zc);
3061 else
3062 fletcher_4_incremental_native(buf, ilen, zc);
3063 }
3064 return (0);
3065}
3066
3067static int
3068recv_read_nvlist(libzfs_handle_t *hdl, int fd, int len, nvlist_t **nvp,
3069 boolean_t byteswap, zio_cksum_t *zc)
3070{
3071 char *buf;
3072 int err;
3073
3074 buf = zfs_alloc(hdl, len);
3075 if (buf == NULL)
3076 return (ENOMEM);
3077
3078 err = recv_read(hdl, fd, buf, len, byteswap, zc);
3079 if (err != 0) {
3080 free(buf);
3081 return (err);
3082 }
3083
3084 err = nvlist_unpack(buf, len, nvp, 0);
3085 free(buf);
3086 if (err != 0) {
3087 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
3088 "stream (malformed nvlist)"));
3089 return (EINVAL);
3090 }
3091 return (0);
3092}
3093
b5256303
TC		 3094/*
3095 * Returns the grand origin (origin of origin of origin...) of a given handle.
3096 * If this dataset is not a clone, it simply returns a copy of the original
3097 * handle.
3098 */
3099static zfs_handle_t *
3100recv_open_grand_origin(zfs_handle_t *zhp)
3101{
3102 char origin[ZFS_MAX_DATASET_NAME_LEN];
3103 zprop_source_t src;
3104 zfs_handle_t *ozhp = zfs_handle_dup(zhp);
3105
3106 while (ozhp != NULL) {
3107 if (zfs_prop_get(ozhp, ZFS_PROP_ORIGIN, origin,
3108 sizeof (origin), &src, NULL, 0, B_FALSE) != 0)
3109 break;
3110
3111 (void) zfs_close(ozhp);
3112 ozhp = zfs_open(zhp->zfs_hdl, origin, ZFS_TYPE_FILESYSTEM);
3113 }
3114
3115 return (ozhp);
3116}
3117
3118static int
dc1c630b 3119recv_rename_impl(zfs_handle_t *zhp, const char *name, const char *newname)
b5256303
TC		 3120{
3121 int err;
3122 zfs_handle_t *ozhp = NULL;
3123
3124 /*
3125 * Attempt to rename the dataset. If it fails with EACCES we have
3126 * attempted to rename the dataset outside of its encryption root.
3127 * Force the dataset to become an encryption root and try again.
3128 */
dc1c630b 3129 err = lzc_rename(name, newname);
b5256303
TC		 3130 if (err == EACCES) {
3131 ozhp = recv_open_grand_origin(zhp);
3132 if (ozhp == NULL) {
3133 err = ENOENT;
3134 goto out;
3135 }
3136
3137 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY,
3138 NULL, NULL, 0);
3139 if (err != 0)
3140 goto out;
3141
dc1c630b 3142 err = lzc_rename(name, newname);
b5256303
TC		 3143 }
3144
3145out:
3146 if (ozhp != NULL)
3147 zfs_close(ozhp);
3148 return (err);
3149}
3150
34dc7c2f
BB		 3151static int
3152recv_rename(libzfs_handle_t *hdl, const char *name, const char *tryname,
330d06f9 3153 int baselen, char *newname, recvflags_t *flags)
34dc7c2f
BB		 3154{
3155 static int seq;
34dc7c2f 3156 int err;
b5256303
TC		 3157 prop_changelist_t *clp = NULL;
3158 zfs_handle_t *zhp = NULL;
34dc7c2f
BB		 3159
3160 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
b5256303
TC		 3161 if (zhp == NULL) {
3162 err = -1;
3163 goto out;
3164 }
b128c09f 3165 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
330d06f9 3166 flags->force ? MS_FORCE : 0);
b5256303
TC		 3167 if (clp == NULL) {
3168 err = -1;
3169 goto out;
3170 }
34dc7c2f
BB		 3171 err = changelist_prefix(clp);
3172 if (err)
b5256303 3173 goto out;
34dc7c2f
BB		 3174
3175 if (tryname) {
3176 (void) strcpy(newname, tryname);
330d06f9 3177 if (flags->verbose) {
34dc7c2f 3178 (void) printf("attempting rename %s to %s\n",
dc1c630b 3179 name, newname);
34dc7c2f 3180 }
dc1c630b 3181 err = recv_rename_impl(zhp, name, newname);
34dc7c2f
BB		 3182 if (err == 0)
3183 changelist_rename(clp, name, tryname);
3184 } else {
3185 err = ENOENT;
3186 }
3187
13fe0198 3188 if (err != 0 && strncmp(name + baselen, "recv-", 5) != 0) {
34dc7c2f
BB		 3189 seq++;
3190
eca7b760
IK		 3191 (void) snprintf(newname, ZFS_MAX_DATASET_NAME_LEN,
3192 "%.*srecv-%u-%u", baselen, name, getpid(), seq);
34dc7c2f 3193
330d06f9 3194 if (flags->verbose) {
34dc7c2f 3195 (void) printf("failed - trying rename %s to %s\n",
dc1c630b 3196 name, newname);
34dc7c2f 3197 }
dc1c630b 3198 err = recv_rename_impl(zhp, name, newname);
34dc7c2f
BB		 3199 if (err == 0)
3200 changelist_rename(clp, name, newname);
330d06f9 3201 if (err && flags->verbose) {
34dc7c2f
BB		 3202 (void) printf("failed (%u) - "
3203 "will try again on next pass\n", errno);
3204 }
3205 err = EAGAIN;
330d06f9 3206 } else if (flags->verbose) {
34dc7c2f
BB		 3207 if (err == 0)
3208 (void) printf("success\n");
3209 else
3210 (void) printf("failed (%u)\n", errno);
3211 }
3212
3213 (void) changelist_postfix(clp);
b5256303
TC		 3214
3215out:
3216 if (clp != NULL)
3217 changelist_free(clp);
3218 if (zhp != NULL)
3219 zfs_close(zhp);
3220
3221 return (err);
3222}
3223
3224static int
3225recv_promote(libzfs_handle_t *hdl, const char *fsname,
3226 const char *origin_fsname, recvflags_t *flags)
3227{
3228 int err;
3229 zfs_cmd_t zc = {"\0"};
3230 zfs_handle_t *zhp = NULL, *ozhp = NULL;
3231
3232 if (flags->verbose)
3233 (void) printf("promoting %s\n", fsname);
3234
3235 (void) strlcpy(zc.zc_value, origin_fsname, sizeof (zc.zc_value));
3236 (void) strlcpy(zc.zc_name, fsname, sizeof (zc.zc_name));
3237
3238 /*
3239 * Attempt to promote the dataset. If it fails with EACCES the
3240 * promotion would cause this dataset to leave its encryption root.
3241 * Force the origin to become an encryption root and try again.
3242 */
3243 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
3244 if (err == EACCES) {
3245 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET);
3246 if (zhp == NULL) {
3247 err = -1;
3248 goto out;
3249 }
3250
3251 ozhp = recv_open_grand_origin(zhp);
3252 if (ozhp == NULL) {
3253 err = -1;
3254 goto out;
3255 }
3256
3257 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY,
3258 NULL, NULL, 0);
3259 if (err != 0)
3260 goto out;
3261
3262 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
3263 }
3264
3265out:
3266 if (zhp != NULL)
3267 zfs_close(zhp);
3268 if (ozhp != NULL)
3269 zfs_close(ozhp);
34dc7c2f
BB		 3270
3271 return (err);
3272}
3273
3274static int
3275recv_destroy(libzfs_handle_t *hdl, const char *name, int baselen,
330d06f9 3276 char *newname, recvflags_t *flags)
34dc7c2f 3277{
34dc7c2f
BB		 3278 int err = 0;
3279 prop_changelist_t *clp;
3280 zfs_handle_t *zhp;
45d1cae3
BB		 3281 boolean_t defer = B_FALSE;
3282 int spa_version;
34dc7c2f
BB		 3283
3284 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
3285 if (zhp == NULL)
3286 return (-1);
b128c09f 3287 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
330d06f9 3288 flags->force ? MS_FORCE : 0);
45d1cae3
BB		 3289 if (zfs_get_type(zhp) == ZFS_TYPE_SNAPSHOT &&
3290 zfs_spa_version(zhp, &spa_version) == 0 &&
3291 spa_version >= SPA_VERSION_USERREFS)
3292 defer = B_TRUE;
34dc7c2f
BB		 3293 zfs_close(zhp);
3294 if (clp == NULL)
3295 return (-1);
3296 err = changelist_prefix(clp);
3297 if (err)
3298 return (err);
3299
330d06f9 3300 if (flags->verbose)
dc1c630b
AG		 3301 (void) printf("attempting destroy %s\n", name);
3302 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) {
3303 nvlist_t *nv = fnvlist_alloc();
3304 fnvlist_add_boolean(nv, name);
3305 err = lzc_destroy_snaps(nv, defer, NULL);
3306 fnvlist_free(nv);
3307 } else {
3308 err = lzc_destroy(name);
3309 }
34dc7c2f 3310 if (err == 0) {
330d06f9 3311 if (flags->verbose)
34dc7c2f 3312 (void) printf("success\n");
dc1c630b 3313 changelist_remove(clp, name);
34dc7c2f
BB		 3314 }
3315
3316 (void) changelist_postfix(clp);
3317 changelist_free(clp);
3318
45d1cae3 3319 /*
428870ff
BB		 3320 * Deferred destroy might destroy the snapshot or only mark it to be
3321 * destroyed later, and it returns success in either case.
45d1cae3 3322 */
428870ff
BB		 3323 if (err != 0 || (defer && zfs_dataset_exists(hdl, name,
3324 ZFS_TYPE_SNAPSHOT))) {
34dc7c2f 3325 err = recv_rename(hdl, name, NULL, baselen, newname, flags);
428870ff 3326 }
34dc7c2f
BB		 3327
3328 return (err);
3329}
3330
3331typedef struct guid_to_name_data {
3332 uint64_t guid;
47dfff3b 3333 boolean_t bookmark_ok;
34dc7c2f 3334 char *name;
330d06f9 3335 char *skip;
30af21b0
PD		 3336 uint64_t *redact_snap_guids;
3337 uint64_t num_redact_snaps;
34dc7c2f
BB		 3338} guid_to_name_data_t;
3339
30af21b0
PD		 3340boolean_t
3341redact_snaps_match(zfs_handle_t *zhp, guid_to_name_data_t *gtnd)
3342{
3343 uint64_t *bmark_snaps;
3344 uint_t bmark_num_snaps;
3345 nvlist_t *nvl;
3346 if (zhp->zfs_type != ZFS_TYPE_BOOKMARK)
3347 return (B_FALSE);
3348
3349 nvl = fnvlist_lookup_nvlist(zhp->zfs_props,
3350 zfs_prop_to_name(ZFS_PROP_REDACT_SNAPS));
3351 bmark_snaps = fnvlist_lookup_uint64_array(nvl, ZPROP_VALUE,
3352 &bmark_num_snaps);
3353 if (bmark_num_snaps != gtnd->num_redact_snaps)
3354 return (B_FALSE);
3355 int i = 0;
3356 for (; i < bmark_num_snaps; i++) {
3357 int j = 0;
3358 for (; j < bmark_num_snaps; j++) {
3359 if (bmark_snaps[i] == gtnd->redact_snap_guids[j])
3360 break;
3361 }
3362 if (j == bmark_num_snaps)
3363 break;
3364 }
3365 return (i == bmark_num_snaps);
3366}
3367
34dc7c2f
BB		 3368static int
3369guid_to_name_cb(zfs_handle_t *zhp, void *arg)
3370{
3371 guid_to_name_data_t *gtnd = arg;
47dfff3b 3372 const char *slash;
34dc7c2f
BB		 3373 int err;
3374
330d06f9 3375 if (gtnd->skip != NULL &&
47dfff3b
MA		 3376 (slash = strrchr(zhp->zfs_name, '/')) != NULL &&
3377 strcmp(slash + 1, gtnd->skip) == 0) {
3378 zfs_close(zhp);
330d06f9
MA		 3379 return (0);
3380 }
3381
30af21b0
PD		 3382 if (zfs_prop_get_int(zhp, ZFS_PROP_GUID) == gtnd->guid &&
3383 (gtnd->num_redact_snaps == -1 || redact_snaps_match(zhp, gtnd))) {
34dc7c2f 3384 (void) strcpy(gtnd->name, zhp->zfs_name);
428870ff 3385 zfs_close(zhp);
34dc7c2f
BB		 3386 return (EEXIST);
3387 }
330d06f9 3388
34dc7c2f 3389 err = zfs_iter_children(zhp, guid_to_name_cb, gtnd);
47dfff3b
MA		 3390 if (err != EEXIST && gtnd->bookmark_ok)
3391 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, gtnd);
34dc7c2f
BB		 3392 zfs_close(zhp);
3393 return (err);
3394}
3395
330d06f9
MA		 3396/*
3397 * Attempt to find the local dataset associated with this guid. In the case of
3398 * multiple matches, we attempt to find the "best" match by searching
3399 * progressively larger portions of the hierarchy. This allows one to send a
3400 * tree of datasets individually and guarantee that we will find the source
3401 * guid within that hierarchy, even if there are multiple matches elsewhere.
30af21b0
PD		 3402 *
3403 * If num_redact_snaps is not -1, we attempt to find a redaction bookmark with
3404 * the specified number of redaction snapshots. If num_redact_snaps isn't 0 or
3405 * -1, then redact_snap_guids will be an array of the guids of the snapshots the
3406 * redaction bookmark was created with. If num_redact_snaps is -1, then we will
3407 * attempt to find a snapshot or bookmark (if bookmark_ok is passed) with the
3408 * given guid. Note that a redaction bookmark can be returned if
3409 * num_redact_snaps == -1.
330d06f9 3410 */
34dc7c2f 3411static int
30af21b0
PD		 3412guid_to_name_redact_snaps(libzfs_handle_t *hdl, const char *parent,
3413 uint64_t guid, boolean_t bookmark_ok, uint64_t *redact_snap_guids,
3414 uint64_t num_redact_snaps, char *name)
34dc7c2f 3415{
eca7b760 3416 char pname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 3417 guid_to_name_data_t gtnd;
34dc7c2f
BB		 3418
3419 gtnd.guid = guid;
47dfff3b 3420 gtnd.bookmark_ok = bookmark_ok;
34dc7c2f 3421 gtnd.name = name;
330d06f9 3422 gtnd.skip = NULL;
30af21b0
PD		 3423 gtnd.redact_snap_guids = redact_snap_guids;
3424 gtnd.num_redact_snaps = num_redact_snaps;
34dc7c2f 3425
330d06f9 3426 /*
47dfff3b
MA		 3427 * Search progressively larger portions of the hierarchy, starting
3428 * with the filesystem specified by 'parent'. This will
330d06f9
MA		 3429 * select the "most local" version of the origin snapshot in the case
3430 * that there are multiple matching snapshots in the system.
3431 */
47dfff3b
MA		 3432 (void) strlcpy(pname, parent, sizeof (pname));
3433 char *cp = strrchr(pname, '@');
3434 if (cp == NULL)
3435 cp = strchr(pname, '\0');
3436 for (; cp != NULL; cp = strrchr(pname, '/')) {
330d06f9 3437 /* Chop off the last component and open the parent */
34dc7c2f 3438 *cp = '\0';
47dfff3b 3439 zfs_handle_t *zhp = make_dataset_handle(hdl, pname);
330d06f9
MA		 3440
3441 if (zhp == NULL)
3442 continue;
47dfff3b
MA		 3443 int err = guid_to_name_cb(zfs_handle_dup(zhp), &gtnd);
3444 if (err != EEXIST)
3445 err = zfs_iter_children(zhp, guid_to_name_cb, &gtnd);
3446 if (err != EEXIST && bookmark_ok)
3447 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, &gtnd);
34dc7c2f 3448 zfs_close(zhp);
330d06f9
MA		 3449 if (err == EEXIST)
3450 return (0);
34dc7c2f 3451
330d06f9 3452 /*
47dfff3b
MA		 3453 * Remember the last portion of the dataset so we skip it next
3454 * time through (as we've already searched that portion of the
3455 * hierarchy).
330d06f9 3456 */
47dfff3b 3457 gtnd.skip = strrchr(pname, '/') + 1;
330d06f9 3458 }
34dc7c2f 3459
330d06f9 3460 return (ENOENT);
34dc7c2f
BB		 3461}
3462
30af21b0
PD		 3463static int
3464guid_to_name(libzfs_handle_t *hdl, const char *parent, uint64_t guid,
3465 boolean_t bookmark_ok, char *name)
3466{
3467 return (guid_to_name_redact_snaps(hdl, parent, guid, bookmark_ok, NULL,
3468 -1, name));
3469}
3470
34dc7c2f 3471/*
330d06f9
MA		 3472 * Return +1 if guid1 is before guid2, 0 if they are the same, and -1 if
3473 * guid1 is after guid2.
34dc7c2f
BB		 3474 */
3475static int
3476created_before(libzfs_handle_t *hdl, avl_tree_t *avl,
3477 uint64_t guid1, uint64_t guid2)
3478{
3479 nvlist_t *nvfs;
98401d23 3480 char *fsname = NULL, *snapname = NULL;
eca7b760 3481 char buf[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 3482 int rv;
330d06f9
MA		 3483 zfs_handle_t *guid1hdl, *guid2hdl;
3484 uint64_t create1, create2;
34dc7c2f
BB		 3485
3486 if (guid2 == 0)
3487 return (0);
3488 if (guid1 == 0)
3489 return (1);
3490
3491 nvfs = fsavl_find(avl, guid1, &snapname);
3492 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
3493 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname);
330d06f9
MA		 3494 guid1hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT);
3495 if (guid1hdl == NULL)
34dc7c2f
BB		 3496 return (-1);
3497
3498 nvfs = fsavl_find(avl, guid2, &snapname);
3499 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
3500 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname);
330d06f9
MA		 3501 guid2hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT);
3502 if (guid2hdl == NULL) {
3503 zfs_close(guid1hdl);
34dc7c2f
BB		 3504 return (-1);
3505 }
3506
330d06f9
MA		 3507 create1 = zfs_prop_get_int(guid1hdl, ZFS_PROP_CREATETXG);
3508 create2 = zfs_prop_get_int(guid2hdl, ZFS_PROP_CREATETXG);
34dc7c2f 3509
330d06f9
MA		 3510 if (create1 < create2)
3511 rv = -1;
3512 else if (create1 > create2)
3513 rv = +1;
3514 else
3515 rv = 0;
3516
3517 zfs_close(guid1hdl);
3518 zfs_close(guid2hdl);
34dc7c2f
BB		 3519
3520 return (rv);
3521}
3522
b5256303 3523/*
83472fab 3524 * This function reestablishes the hierarchy of encryption roots after a
b5256303
TC		 3525 * recursive incremental receive has completed. This must be done after the
3526 * second call to recv_incremental_replication() has renamed and promoted all
83472fab 3527 * sent datasets to their final locations in the dataset hierarchy.
b5256303
TC		 3528 */
3529static int
bb61cc31 3530recv_fix_encryption_hierarchy(libzfs_handle_t *hdl, const char *top_zfs,
b5256303
TC		 3531 nvlist_t *stream_nv, avl_tree_t *stream_avl)
3532{
3533 int err;
3534 nvpair_t *fselem = NULL;
3535 nvlist_t *stream_fss;
3536
3537 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss", &stream_fss));
3538
3539 while ((fselem = nvlist_next_nvpair(stream_fss, fselem)) != NULL) {
3540 zfs_handle_t *zhp = NULL;
3541 uint64_t crypt;
3542 nvlist_t *snaps, *props, *stream_nvfs = NULL;
3543 nvpair_t *snapel = NULL;
3544 boolean_t is_encroot, is_clone, stream_encroot;
3545 char *cp;
3546 char *stream_keylocation = NULL;
3547 char keylocation[MAXNAMELEN];
3548 char fsname[ZFS_MAX_DATASET_NAME_LEN];
3549
3550 keylocation[0] = '\0';
3551 VERIFY(0 == nvpair_value_nvlist(fselem, &stream_nvfs));
3552 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "snaps", &snaps));
3553 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "props", &props));
3554 stream_encroot = nvlist_exists(stream_nvfs, "is_encroot");
3555
3556 /* find a snapshot from the stream that exists locally */
3557 err = ENOENT;
3558 while ((snapel = nvlist_next_nvpair(snaps, snapel)) != NULL) {
3559 uint64_t guid;
3560
3561 VERIFY(0 == nvpair_value_uint64(snapel, &guid));
bb61cc31 3562 err = guid_to_name(hdl, top_zfs, guid, B_FALSE,
b5256303
TC		 3563 fsname);
3564 if (err == 0)
3565 break;
3566 }
3567
3568 if (err != 0)
3569 continue;
3570
3571 cp = strchr(fsname, '@');
3572 if (cp != NULL)
3573 *cp = '\0';
3574
3575 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET);
3576 if (zhp == NULL) {
3577 err = ENOENT;
3578 goto error;
3579 }
3580
3581 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION);
3582 is_clone = zhp->zfs_dmustats.dds_origin[0] != '\0';
3583 (void) zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL);
3584
da689887 3585 /* we don't need to do anything for unencrypted datasets */
b5256303
TC		 3586 if (crypt == ZIO_CRYPT_OFF) {
3587 zfs_close(zhp);
3588 continue;
3589 }
3590
3591 /*
3592 * If the dataset is flagged as an encryption root, was not
3593 * received as a clone and is not currently an encryption root,
3594 * force it to become one. Fixup the keylocation if necessary.
3595 */
3596 if (stream_encroot) {
3597 if (!is_clone && !is_encroot) {
3598 err = lzc_change_key(fsname,
3599 DCP_CMD_FORCE_NEW_KEY, NULL, NULL, 0);
3600 if (err != 0) {
3601 zfs_close(zhp);
3602 goto error;
3603 }
3604 }
3605
3606 VERIFY(0 == nvlist_lookup_string(props,
3607 zfs_prop_to_name(ZFS_PROP_KEYLOCATION),
3608 &stream_keylocation));
3609
3610 /*
3611 * Refresh the properties in case the call to
3612 * lzc_change_key() changed the value.
3613 */
3614 zfs_refresh_properties(zhp);
3615 err = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION,
3616 keylocation, sizeof (keylocation), NULL, NULL,
3617 0, B_TRUE);
3618 if (err != 0) {
3619 zfs_close(zhp);
3620 goto error;
3621 }
3622
3623 if (strcmp(keylocation, stream_keylocation) != 0) {
3624 err = zfs_prop_set(zhp,
3625 zfs_prop_to_name(ZFS_PROP_KEYLOCATION),
3626 stream_keylocation);
3627 if (err != 0) {
3628 zfs_close(zhp);
3629 goto error;
3630 }
3631 }
3632 }
3633
3634 /*
3635 * If the dataset is not flagged as an encryption root and is
3636 * currently an encryption root, force it to inherit from its
4807c0ba
TC		 3637 * parent. The root of a raw send should never be
3638 * force-inherited.
b5256303 3639 */
4807c0ba
TC		 3640 if (!stream_encroot && is_encroot &&
3641 strcmp(top_zfs, fsname) != 0) {
b5256303
TC		 3642 err = lzc_change_key(fsname, DCP_CMD_FORCE_INHERIT,
3643 NULL, NULL, 0);
3644 if (err != 0) {
3645 zfs_close(zhp);
3646 goto error;
3647 }
3648 }
3649
3650 zfs_close(zhp);
3651 }
3652
3653 return (0);
3654
3655error:
3656 return (err);
3657}
3658
34dc7c2f
BB		 3659static int
3660recv_incremental_replication(libzfs_handle_t *hdl, const char *tofs,
330d06f9 3661 recvflags_t *flags, nvlist_t *stream_nv, avl_tree_t *stream_avl,
428870ff 3662 nvlist_t *renamed)
34dc7c2f 3663{
7509a3d2 3664 nvlist_t *local_nv, *deleted = NULL;
34dc7c2f
BB		 3665 avl_tree_t *local_avl;
3666 nvpair_t *fselem, *nextfselem;
428870ff 3667 char *fromsnap;
eca7b760 3668 char newname[ZFS_MAX_DATASET_NAME_LEN];
7509a3d2 3669 char guidname[32];
34dc7c2f 3670 int error;
428870ff
BB		 3671 boolean_t needagain, progress, recursive;
3672 char *s1, *s2;
34dc7c2f
BB		 3673
3674 VERIFY(0 == nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap));
428870ff
BB		 3675
3676 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
3677 ENOENT);
34dc7c2f 3678
330d06f9 3679 if (flags->dryrun)
34dc7c2f
BB		 3680 return (0);
3681
3682again:
3683 needagain = progress = B_FALSE;
3684
7509a3d2 3685 VERIFY(0 == nvlist_alloc(&deleted, NV_UNIQUE_NAME, 0));
3686
34dc7c2f 3687 if ((error = gather_nvlist(hdl, tofs, fromsnap, NULL,
f94b3cbf
TC		 3688 recursive, B_TRUE, B_FALSE, recursive, B_FALSE, B_FALSE,
3689 B_FALSE, B_TRUE, &local_nv, &local_avl)) != 0)
34dc7c2f
BB		 3690 return (error);
3691
3692 /*
3693 * Process deletes and renames
3694 */
3695 for (fselem = nvlist_next_nvpair(local_nv, NULL);
3696 fselem; fselem = nextfselem) {
3697 nvlist_t *nvfs, *snaps;
3698 nvlist_t *stream_nvfs = NULL;
3699 nvpair_t *snapelem, *nextsnapelem;
3700 uint64_t fromguid = 0;
3701 uint64_t originguid = 0;
3702 uint64_t stream_originguid = 0;
3703 uint64_t parent_fromsnap_guid, stream_parent_fromsnap_guid;
3704 char *fsname, *stream_fsname;
3705
3706 nextfselem = nvlist_next_nvpair(local_nv, fselem);
3707
3708 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs));
3709 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps));
3710 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
3711 VERIFY(0 == nvlist_lookup_uint64(nvfs, "parentfromsnap",
3712 &parent_fromsnap_guid));
3713 (void) nvlist_lookup_uint64(nvfs, "origin", &originguid);
3714
3715 /*
3716 * First find the stream's fs, so we can check for
3717 * a different origin (due to "zfs promote")
3718 */
3719 for (snapelem = nvlist_next_nvpair(snaps, NULL);
3720 snapelem; snapelem = nvlist_next_nvpair(snaps, snapelem)) {
3721 uint64_t thisguid;
3722
3723 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid));
3724 stream_nvfs = fsavl_find(stream_avl, thisguid, NULL);
3725
3726 if (stream_nvfs != NULL)
3727 break;
3728 }
3729
3730 /* check for promote */
3731 (void) nvlist_lookup_uint64(stream_nvfs, "origin",
3732 &stream_originguid);
3733 if (stream_nvfs && originguid != stream_originguid) {
3734 switch (created_before(hdl, local_avl,
3735 stream_originguid, originguid)) {
3736 case 1: {
3737 /* promote it! */
34dc7c2f
BB		 3738 nvlist_t *origin_nvfs;
3739 char *origin_fsname;
3740
34dc7c2f
BB		 3741 origin_nvfs = fsavl_find(local_avl, originguid,
3742 NULL);
3743 VERIFY(0 == nvlist_lookup_string(origin_nvfs,
3744 "name", &origin_fsname));
b5256303
TC		 3745 error = recv_promote(hdl, fsname, origin_fsname,
3746 flags);
34dc7c2f
BB		 3747 if (error == 0)
3748 progress = B_TRUE;
3749 break;
3750 }
3751 default:
3752 break;
3753 case -1:
3754 fsavl_destroy(local_avl);
3755 nvlist_free(local_nv);
3756 return (-1);
3757 }
3758 /*
3759 * We had/have the wrong origin, therefore our
3760 * list of snapshots is wrong. Need to handle
3761 * them on the next pass.
3762 */
3763 needagain = B_TRUE;
3764 continue;
3765 }
3766
3767 for (snapelem = nvlist_next_nvpair(snaps, NULL);
3768 snapelem; snapelem = nextsnapelem) {
3769 uint64_t thisguid;
3770 char *stream_snapname;
b128c09f 3771 nvlist_t *found, *props;
34dc7c2f
BB		 3772
3773 nextsnapelem = nvlist_next_nvpair(snaps, snapelem);
3774
3775 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid));
3776 found = fsavl_find(stream_avl, thisguid,
3777 &stream_snapname);
3778
3779 /* check for delete */
3780 if (found == NULL) {
eca7b760 3781 char name[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 3782
330d06f9 3783 if (!flags->force)
34dc7c2f
BB		 3784 continue;
3785
3786 (void) snprintf(name, sizeof (name), "%s@%s",
3787 fsname, nvpair_name(snapelem));
3788
3789 error = recv_destroy(hdl, name,
3790 strlen(fsname)+1, newname, flags);
3791 if (error)
3792 needagain = B_TRUE;
3793 else
3794 progress = B_TRUE;
3df29340
BB		 3795 sprintf(guidname, "%llu",
3796 (u_longlong_t)thisguid);
7509a3d2 3797 nvlist_add_boolean(deleted, guidname);
34dc7c2f
BB		 3798 continue;
3799 }
3800
3801 stream_nvfs = found;
3802
b128c09f
BB		 3803 if (0 == nvlist_lookup_nvlist(stream_nvfs, "snapprops",
3804 &props) && 0 == nvlist_lookup_nvlist(props,
3805 stream_snapname, &props)) {
13fe0198 3806 zfs_cmd_t zc = {"\0"};
b128c09f 3807
428870ff 3808 zc.zc_cookie = B_TRUE; /* received */
b128c09f
BB		 3809 (void) snprintf(zc.zc_name, sizeof (zc.zc_name),
3810 "%s@%s", fsname, nvpair_name(snapelem));
3811 if (zcmd_write_src_nvlist(hdl, &zc,
3812 props) == 0) {
3813 (void) zfs_ioctl(hdl,
3814 ZFS_IOC_SET_PROP, &zc);
3815 zcmd_free_nvlists(&zc);
3816 }
3817 }
3818
34dc7c2f
BB		 3819 /* check for different snapname */
3820 if (strcmp(nvpair_name(snapelem),
3821 stream_snapname) != 0) {
eca7b760
IK		 3822 char name[ZFS_MAX_DATASET_NAME_LEN];
3823 char tryname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 3824
3825 (void) snprintf(name, sizeof (name), "%s@%s",
3826 fsname, nvpair_name(snapelem));
3827 (void) snprintf(tryname, sizeof (name), "%s@%s",
3828 fsname, stream_snapname);
3829
3830 error = recv_rename(hdl, name, tryname,
3831 strlen(fsname)+1, newname, flags);
3832 if (error)
3833 needagain = B_TRUE;
3834 else
3835 progress = B_TRUE;
3836 }
3837
3838 if (strcmp(stream_snapname, fromsnap) == 0)
3839 fromguid = thisguid;
3840 }
3841
3842 /* check for delete */
3843 if (stream_nvfs == NULL) {
330d06f9 3844 if (!flags->force)
34dc7c2f
BB		 3845 continue;
3846
3847 error = recv_destroy(hdl, fsname, strlen(tofs)+1,
3848 newname, flags);
3849 if (error)
3850 needagain = B_TRUE;
3851 else
3852 progress = B_TRUE;
3df29340 3853 sprintf(guidname, "%llu",
02730c33 3854 (u_longlong_t)parent_fromsnap_guid);
7509a3d2 3855 nvlist_add_boolean(deleted, guidname);
34dc7c2f
BB		 3856 continue;
3857 }
3858
428870ff 3859 if (fromguid == 0) {
330d06f9 3860 if (flags->verbose) {
428870ff
BB		 3861 (void) printf("local fs %s does not have "
3862 "fromsnap (%s in stream); must have "
3863 "been deleted locally; ignoring\n",
3864 fsname, fromsnap);
3865 }
34dc7c2f
BB		 3866 continue;
3867 }
3868
3869 VERIFY(0 == nvlist_lookup_string(stream_nvfs,
3870 "name", &stream_fsname));
3871 VERIFY(0 == nvlist_lookup_uint64(stream_nvfs,
3872 "parentfromsnap", &stream_parent_fromsnap_guid));
3873
428870ff
BB		 3874 s1 = strrchr(fsname, '/');
3875 s2 = strrchr(stream_fsname, '/');
3876
7509a3d2 3877 /*
3878 * Check if we're going to rename based on parent guid change
3879 * and the current parent guid was also deleted. If it was then
3880 * rename will fail and is likely unneeded, so avoid this and
3881 * force an early retry to determine the new
3882 * parent_fromsnap_guid.
3883 */
3884 if (stream_parent_fromsnap_guid != 0 &&
3885 parent_fromsnap_guid != 0 &&
3886 stream_parent_fromsnap_guid != parent_fromsnap_guid) {
3df29340 3887 sprintf(guidname, "%llu",
02730c33 3888 (u_longlong_t)parent_fromsnap_guid);
7509a3d2 3889 if (nvlist_exists(deleted, guidname)) {
3890 progress = B_TRUE;
3891 needagain = B_TRUE;
3892 goto doagain;
3893 }
3894 }
3895
428870ff
BB		 3896 /*
3897 * Check for rename. If the exact receive path is specified, it
3898 * does not count as a rename, but we still need to check the
3899 * datasets beneath it.
3900 */
34dc7c2f 3901 if ((stream_parent_fromsnap_guid != 0 &&
428870ff 3902 parent_fromsnap_guid != 0 &&
34dc7c2f 3903 stream_parent_fromsnap_guid != parent_fromsnap_guid) ||
330d06f9 3904 ((flags->isprefix || strcmp(tofs, fsname) != 0) &&
428870ff 3905 (s1 != NULL) && (s2 != NULL) && strcmp(s1, s2) != 0)) {
34dc7c2f 3906 nvlist_t *parent;
eca7b760 3907 char tryname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 3908
3909 parent = fsavl_find(local_avl,
3910 stream_parent_fromsnap_guid, NULL);
3911 /*
3912 * NB: parent might not be found if we used the
3913 * tosnap for stream_parent_fromsnap_guid,
3914 * because the parent is a newly-created fs;
3915 * we'll be able to rename it after we recv the
3916 * new fs.
3917 */
3918 if (parent != NULL) {
3919 char *pname;
3920
3921 VERIFY(0 == nvlist_lookup_string(parent, "name",
3922 &pname));
3923 (void) snprintf(tryname, sizeof (tryname),
3924 "%s%s", pname, strrchr(stream_fsname, '/'));
3925 } else {
3926 tryname[0] = '\0';
330d06f9 3927 if (flags->verbose) {
34dc7c2f
BB		 3928 (void) printf("local fs %s new parent "
3929 "not found\n", fsname);
3930 }
3931 }
3932
428870ff
BB		 3933 newname[0] = '\0';
3934
34dc7c2f
BB		 3935 error = recv_rename(hdl, fsname, tryname,
3936 strlen(tofs)+1, newname, flags);
428870ff
BB		 3937
3938 if (renamed != NULL && newname[0] != '\0') {
3939 VERIFY(0 == nvlist_add_boolean(renamed,
3940 newname));
3941 }
3942
34dc7c2f
BB		 3943 if (error)
3944 needagain = B_TRUE;
3945 else
3946 progress = B_TRUE;
3947 }
3948 }
3949
7509a3d2 3950doagain:
34dc7c2f
BB		 3951 fsavl_destroy(local_avl);
3952 nvlist_free(local_nv);
7509a3d2 3953 nvlist_free(deleted);
34dc7c2f
BB		 3954
3955 if (needagain && progress) {
3956 /* do another pass to fix up temporary names */
330d06f9 3957 if (flags->verbose)
34dc7c2f
BB		 3958 (void) printf("another pass:\n");
3959 goto again;
3960 }
3961
b5256303 3962 return (needagain || error != 0);
34dc7c2f
BB		 3963}
3964
3965static int
3966zfs_receive_package(libzfs_handle_t *hdl, int fd, const char *destname,
330d06f9 3967 recvflags_t *flags, dmu_replay_record_t *drr, zio_cksum_t *zc,
a3eeab2d 3968 char **top_zfs, int cleanup_fd, uint64_t *action_handlep,
3969 nvlist_t *cmdprops)
34dc7c2f
BB		 3970{
3971 nvlist_t *stream_nv = NULL;
3972 avl_tree_t *stream_avl = NULL;
3973 char *fromsnap = NULL;
671c9354 3974 char *sendsnap = NULL;
428870ff 3975 char *cp;
eca7b760
IK		 3976 char tofs[ZFS_MAX_DATASET_NAME_LEN];
3977 char sendfs[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 3978 char errbuf[1024];
3979 dmu_replay_record_t drre;
3980 int error;
3981 boolean_t anyerr = B_FALSE;
3982 boolean_t softerr = B_FALSE;
b5256303 3983 boolean_t recursive, raw;
34dc7c2f
BB		 3984
3985 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3986 "cannot receive"));
3987
34dc7c2f
BB		 3988 assert(drr->drr_type == DRR_BEGIN);
3989 assert(drr->drr_u.drr_begin.drr_magic == DMU_BACKUP_MAGIC);
428870ff
BB		 3990 assert(DMU_GET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo) ==
3991 DMU_COMPOUNDSTREAM);
34dc7c2f
BB		 3992
3993 /*
3994 * Read in the nvlist from the stream.
3995 */
3996 if (drr->drr_payloadlen != 0) {
34dc7c2f 3997 error = recv_read_nvlist(hdl, fd, drr->drr_payloadlen,
330d06f9 3998 &stream_nv, flags->byteswap, zc);
34dc7c2f
BB		 3999 if (error) {
4000 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4001 goto out;
4002 }
4003 }
4004
428870ff
BB		 4005 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
4006 ENOENT);
b5256303 4007 raw = (nvlist_lookup_boolean(stream_nv, "raw") == 0);
428870ff
BB		 4008
4009 if (recursive && strchr(destname, '@')) {
4010 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4011 "cannot specify snapshot name for multi-snapshot stream"));
4012 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4013 goto out;
4014 }
4015
34dc7c2f
BB		 4016 /*
4017 * Read in the end record and verify checksum.
4018 */
4019 if (0 != (error = recv_read(hdl, fd, &drre, sizeof (drre),
330d06f9 4020 flags->byteswap, NULL)))
34dc7c2f 4021 goto out;
330d06f9 4022 if (flags->byteswap) {
34dc7c2f
BB		 4023 drre.drr_type = BSWAP_32(drre.drr_type);
4024 drre.drr_u.drr_end.drr_checksum.zc_word[0] =
4025 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[0]);
4026 drre.drr_u.drr_end.drr_checksum.zc_word[1] =
4027 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[1]);
4028 drre.drr_u.drr_end.drr_checksum.zc_word[2] =
4029 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[2]);
4030 drre.drr_u.drr_end.drr_checksum.zc_word[3] =
4031 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[3]);
4032 }
4033 if (drre.drr_type != DRR_END) {
4034 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4035 goto out;
4036 }
4037 if (!ZIO_CHECKSUM_EQUAL(drre.drr_u.drr_end.drr_checksum, *zc)) {
4038 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4039 "incorrect header checksum"));
4040 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4041 goto out;
4042 }
4043
4044 (void) nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap);
4045
4046 if (drr->drr_payloadlen != 0) {
4047 nvlist_t *stream_fss;
4048
4049 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss",
4050 &stream_fss));
4051 if ((stream_avl = fsavl_create(stream_fss)) == NULL) {
4052 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4053 "couldn't allocate avl tree"));
4054 error = zfs_error(hdl, EZFS_NOMEM, errbuf);
4055 goto out;
4056 }
4057
4c3c6b6c 4058 if (fromsnap != NULL && recursive) {
428870ff
BB		 4059 nvlist_t *renamed = NULL;
4060 nvpair_t *pair = NULL;
4061
eca7b760 4062 (void) strlcpy(tofs, destname, sizeof (tofs));
330d06f9 4063 if (flags->isprefix) {
428870ff
BB		 4064 struct drr_begin *drrb = &drr->drr_u.drr_begin;
4065 int i;
4066
330d06f9 4067 if (flags->istail) {
428870ff
BB		 4068 cp = strrchr(drrb->drr_toname, '/');
4069 if (cp == NULL) {
4070 (void) strlcat(tofs, "/",
eca7b760 4071 sizeof (tofs));
428870ff
BB		 4072 i = 0;
4073 } else {
4074 i = (cp - drrb->drr_toname);
4075 }
4076 } else {
4077 i = strcspn(drrb->drr_toname, "/@");
4078 }
34dc7c2f 4079 /* zfs_receive_one() will create_parents() */
428870ff 4080 (void) strlcat(tofs, &drrb->drr_toname[i],
eca7b760 4081 sizeof (tofs));
34dc7c2f
BB		 4082 *strchr(tofs, '@') = '\0';
4083 }
428870ff 4084
4c3c6b6c 4085 if (!flags->dryrun && !flags->nomount) {
428870ff
BB		 4086 VERIFY(0 == nvlist_alloc(&renamed,
4087 NV_UNIQUE_NAME, 0));
4088 }
4089
4090 softerr = recv_incremental_replication(hdl, tofs, flags,
4091 stream_nv, stream_avl, renamed);
4092
4093 /* Unmount renamed filesystems before receiving. */
4094 while ((pair = nvlist_next_nvpair(renamed,
4095 pair)) != NULL) {
4096 zfs_handle_t *zhp;
4097 prop_changelist_t *clp = NULL;
4098
4099 zhp = zfs_open(hdl, nvpair_name(pair),
4100 ZFS_TYPE_FILESYSTEM);
4101 if (zhp != NULL) {
4102 clp = changelist_gather(zhp,
a57d3d45
MZ		 4103 ZFS_PROP_MOUNTPOINT, 0,
4104 flags->forceunmount ? MS_FORCE : 0);
428870ff
BB		 4105 zfs_close(zhp);
4106 if (clp != NULL) {
4107 softerr |=
4108 changelist_prefix(clp);
4109 changelist_free(clp);
4110 }
4111 }
4112 }
4113
4114 nvlist_free(renamed);
34dc7c2f
BB		 4115 }
4116 }
4117
428870ff
BB		 4118 /*
4119 * Get the fs specified by the first path in the stream (the top level
4120 * specified by 'zfs send') and pass it to each invocation of
4121 * zfs_receive_one().
4122 */
4123 (void) strlcpy(sendfs, drr->drr_u.drr_begin.drr_toname,
eca7b760 4124 sizeof (sendfs));
671c9354 4125 if ((cp = strchr(sendfs, '@')) != NULL) {
428870ff 4126 *cp = '\0';
671c9354
DM		 4127 /*
4128 * Find the "sendsnap", the final snapshot in a replication
4129 * stream. zfs_receive_one() handles certain errors
4130 * differently, depending on if the contained stream is the
4131 * last one or not.
4132 */
4133 sendsnap = (cp + 1);
4134 }
34dc7c2f
BB		 4135
4136 /* Finally, receive each contained stream */
4137 do {
4138 /*
4139 * we should figure out if it has a recoverable
4140 * error, in which case do a recv_skip() and drive on.
4141 * Note, if we fail due to already having this guid,
4142 * zfs_receive_one() will take care of it (ie,
4143 * recv_skip() and return 0).
4144 */
fcff0f35 4145 error = zfs_receive_impl(hdl, destname, NULL, flags, fd,
572e2857 4146 sendfs, stream_nv, stream_avl, top_zfs, cleanup_fd,
a3eeab2d 4147 action_handlep, sendsnap, cmdprops);
34dc7c2f
BB		 4148 if (error == ENODATA) {
4149 error = 0;
4150 break;
4151 }
4152 anyerr |= error;
4153 } while (error == 0);
4154
4c3c6b6c 4155 if (drr->drr_payloadlen != 0 && recursive && fromsnap != NULL) {
34dc7c2f
BB		 4156 /*
4157 * Now that we have the fs's they sent us, try the
4158 * renames again.
4159 */
4160 softerr = recv_incremental_replication(hdl, tofs, flags,
428870ff 4161 stream_nv, stream_avl, NULL);
34dc7c2f
BB		 4162 }
4163
bb61cc31
TC		 4164 if (raw && softerr == 0 && *top_zfs != NULL) {
4165 softerr = recv_fix_encryption_hierarchy(hdl, *top_zfs,
b5256303
TC		 4166 stream_nv, stream_avl);
4167 }
4168
34dc7c2f
BB		 4169out:
4170 fsavl_destroy(stream_avl);
8a5fc748 4171 nvlist_free(stream_nv);
34dc7c2f
BB		 4172 if (softerr)
4173 error = -2;
4174 if (anyerr)
4175 error = -1;
4176 return (error);
4177}
4178
428870ff
BB		 4179static void
4180trunc_prop_errs(int truncated)
4181{
4182 ASSERT(truncated != 0);
4183
4184 if (truncated == 1)
4185 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
4186 "1 more property could not be set\n"));
4187 else
4188 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
4189 "%d more properties could not be set\n"), truncated);
4190}
4191
34dc7c2f
BB		 4192static int
4193recv_skip(libzfs_handle_t *hdl, int fd, boolean_t byteswap)
4194{
4195 dmu_replay_record_t *drr;
f1512ee6 4196 void *buf = zfs_alloc(hdl, SPA_MAXBLOCKSIZE);
870e7a52 4197 uint64_t payload_size;
428870ff
BB		 4198 char errbuf[1024];
4199
4200 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
870e7a52 4201 "cannot receive"));
34dc7c2f
BB		 4202
4203 /* XXX would be great to use lseek if possible... */
4204 drr = buf;
4205
4206 while (recv_read(hdl, fd, drr, sizeof (dmu_replay_record_t),
4207 byteswap, NULL) == 0) {
4208 if (byteswap)
4209 drr->drr_type = BSWAP_32(drr->drr_type);
4210
4211 switch (drr->drr_type) {
4212 case DRR_BEGIN:
428870ff 4213 if (drr->drr_payloadlen != 0) {
47dfff3b
MA		 4214 (void) recv_read(hdl, fd, buf,
4215 drr->drr_payloadlen, B_FALSE, NULL);
428870ff 4216 }
34dc7c2f
BB		 4217 break;
4218
4219 case DRR_END:
4220 free(buf);
4221 return (0);
4222
4223 case DRR_OBJECT:
4224 if (byteswap) {
4225 drr->drr_u.drr_object.drr_bonuslen =
4226 BSWAP_32(drr->drr_u.drr_object.
4227 drr_bonuslen);
870e7a52
TC		 4228 drr->drr_u.drr_object.drr_raw_bonuslen =
4229 BSWAP_32(drr->drr_u.drr_object.
4230 drr_raw_bonuslen);
34dc7c2f 4231 }
870e7a52
TC		 4232
4233 payload_size =
4234 DRR_OBJECT_PAYLOAD_SIZE(&drr->drr_u.drr_object);
4235 (void) recv_read(hdl, fd, buf, payload_size,
34dc7c2f
BB		 4236 B_FALSE, NULL);
4237 break;
4238
4239 case DRR_WRITE:
4240 if (byteswap) {
2aa34383
DK		 4241 drr->drr_u.drr_write.drr_logical_size =
4242 BSWAP_64(
4243 drr->drr_u.drr_write.drr_logical_size);
4244 drr->drr_u.drr_write.drr_compressed_size =
4245 BSWAP_64(
4246 drr->drr_u.drr_write.drr_compressed_size);
34dc7c2f 4247 }
870e7a52 4248 payload_size =
2aa34383 4249 DRR_WRITE_PAYLOAD_SIZE(&drr->drr_u.drr_write);
34dc7c2f 4250 (void) recv_read(hdl, fd, buf,
2aa34383 4251 payload_size, B_FALSE, NULL);
34dc7c2f 4252 break;
428870ff
BB		 4253 case DRR_SPILL:
4254 if (byteswap) {
9f8026c8 4255 drr->drr_u.drr_spill.drr_length =
428870ff 4256 BSWAP_64(drr->drr_u.drr_spill.drr_length);
870e7a52
TC		 4257 drr->drr_u.drr_spill.drr_compressed_size =
4258 BSWAP_64(drr->drr_u.drr_spill.
4259 drr_compressed_size);
428870ff 4260 }
870e7a52
TC		 4261
4262 payload_size =
4263 DRR_SPILL_PAYLOAD_SIZE(&drr->drr_u.drr_spill);
4264 (void) recv_read(hdl, fd, buf, payload_size,
4265 B_FALSE, NULL);
428870ff 4266 break;
9b67f605
MA		 4267 case DRR_WRITE_EMBEDDED:
4268 if (byteswap) {
4269 drr->drr_u.drr_write_embedded.drr_psize =
4270 BSWAP_32(drr->drr_u.drr_write_embedded.
4271 drr_psize);
4272 }
4273 (void) recv_read(hdl, fd, buf,
4274 P2ROUNDUP(drr->drr_u.drr_write_embedded.drr_psize,
4275 8), B_FALSE, NULL);
4276 break;
30af21b0 4277 case DRR_OBJECT_RANGE:
428870ff 4278 case DRR_WRITE_BYREF:
34dc7c2f
BB		 4279 case DRR_FREEOBJECTS:
4280 case DRR_FREE:
4281 break;
4282
4283 default:
428870ff
BB		 4284 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4285 "invalid record type"));
fad5fb01 4286 free(buf);
428870ff 4287 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
34dc7c2f
BB		 4288 }
4289 }
4290
4291 free(buf);
4292 return (-1);
4293}
4294
47dfff3b
MA		 4295static void
4296recv_ecksum_set_aux(libzfs_handle_t *hdl, const char *target_snap,
7145123b 4297 boolean_t resumable, boolean_t checksum)
47dfff3b 4298{
eca7b760 4299 char target_fs[ZFS_MAX_DATASET_NAME_LEN];
47dfff3b 4300
7145123b
PD		 4301 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, (checksum ?
4302 "checksum mismatch" : "incomplete stream")));
47dfff3b
MA		 4303
4304 if (!resumable)
4305 return;
4306 (void) strlcpy(target_fs, target_snap, sizeof (target_fs));
4307 *strchr(target_fs, '@') = '\0';
4308 zfs_handle_t *zhp = zfs_open(hdl, target_fs,
4309 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
4310 if (zhp == NULL)
4311 return;
4312
4313 char token_buf[ZFS_MAXPROPLEN];
4314 int error = zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
4315 token_buf, sizeof (token_buf),
4316 NULL, NULL, 0, B_TRUE);
4317 if (error == 0) {
4318 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4319 "checksum mismatch or incomplete stream.\n"
4320 "Partially received snapshot is saved.\n"
4321 "A resuming stream can be generated on the sending "
4322 "system by running:\n"
4323 " zfs send -t %s"),
4324 token_buf);
4325 }
4326 zfs_close(zhp);
4327}
4328
a3eeab2d 4329/*
4330 * Prepare a new nvlist of properties that are to override (-o) or be excluded
4331 * (-x) from the received dataset
4332 * recvprops: received properties from the send stream
4333 * cmdprops: raw input properties from command line
4334 * origprops: properties, both locally-set and received, currently set on the
4335 * target dataset if it exists, NULL otherwise.
4336 * oxprops: valid output override (-o) and excluded (-x) properties
4337 */
4338static int
d9c460a0
TC		 4339zfs_setup_cmdline_props(libzfs_handle_t *hdl, zfs_type_t type,
4340 char *fsname, boolean_t zoned, boolean_t recursive, boolean_t newfs,
4341 boolean_t raw, boolean_t toplevel, nvlist_t *recvprops, nvlist_t *cmdprops,
4342 nvlist_t *origprops, nvlist_t **oxprops, uint8_t **wkeydata_out,
4343 uint_t *wkeylen_out, const char *errbuf)
a3eeab2d 4344{
4345 nvpair_t *nvp;
4346 nvlist_t *oprops, *voprops;
4347 zfs_handle_t *zhp = NULL;
4348 zpool_handle_t *zpool_hdl = NULL;
d9c460a0 4349 char *cp;
a3eeab2d 4350 int ret = 0;
d9c460a0 4351 char namebuf[ZFS_MAX_DATASET_NAME_LEN];
a3eeab2d 4352
4353 if (nvlist_empty(cmdprops))
4354 return (0); /* No properties to override or exclude */
4355
4356 *oxprops = fnvlist_alloc();
4357 oprops = fnvlist_alloc();
4358
d9c460a0
TC		 4359 strlcpy(namebuf, fsname, ZFS_MAX_DATASET_NAME_LEN);
4360
4361 /*
4362 * Get our dataset handle. The target dataset may not exist yet.
4363 */
4364 if (zfs_dataset_exists(hdl, namebuf, ZFS_TYPE_DATASET)) {
4365 zhp = zfs_open(hdl, namebuf, ZFS_TYPE_DATASET);
4366 if (zhp == NULL) {
4367 ret = -1;
4368 goto error;
4369 }
4370 }
4371
4372 /* open the zpool handle */
4373 cp = strchr(namebuf, '/');
4374 if (cp != NULL)
4375 *cp = '\0';
4376 zpool_hdl = zpool_open(hdl, namebuf);
4377 if (zpool_hdl == NULL) {
4378 ret = -1;
4379 goto error;
4380 }
4381
4382 /* restore namebuf to match fsname for later use */
4383 if (cp != NULL)
4384 *cp = '/';
4385
a3eeab2d 4386 /*
4387 * first iteration: process excluded (-x) properties now and gather
4388 * added (-o) properties to be later processed by zfs_valid_proplist()
4389 */
4390 nvp = NULL;
4391 while ((nvp = nvlist_next_nvpair(cmdprops, nvp)) != NULL) {
4392 const char *name = nvpair_name(nvp);
4393 zfs_prop_t prop = zfs_name_to_prop(name);
4394
4395 /* "origin" is processed separately, don't handle it here */
4396 if (prop == ZFS_PROP_ORIGIN)
4397 continue;
4398
4399 /*
4400 * we're trying to override or exclude a property that does not
4401 * make sense for this type of dataset, but we don't want to
4402 * fail if the receive is recursive: this comes in handy when
4403 * the send stream contains, for instance, a child ZVOL and
4404 * we're trying to receive it with "-o atime=on"
4405 */
4406 if (!zfs_prop_valid_for_type(prop, type, B_FALSE) &&
4407 !zfs_prop_user(name)) {
4408 if (recursive)
4409 continue;
4410 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4411 "property '%s' does not apply to datasets of this "
4412 "type"), name);
4413 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4414 goto error;
4415 }
4416
d9c460a0
TC		 4417 /* raw streams can't override encryption properties */
4418 if ((zfs_prop_encryption_key_param(prop) ||
b4238327 4419 prop == ZFS_PROP_ENCRYPTION) && raw) {
d9c460a0
TC		 4420 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4421 "encryption property '%s' cannot "
b4238327
TC		 4422 "be set or excluded for raw streams."), name);
4423 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4424 goto error;
4425 }
4426
4427 /* incremental streams can only exclude encryption properties */
4428 if ((zfs_prop_encryption_key_param(prop) ||
4429 prop == ZFS_PROP_ENCRYPTION) && !newfs &&
4430 nvpair_type(nvp) != DATA_TYPE_BOOLEAN) {
4431 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4432 "encryption property '%s' cannot "
4433 "be set for incremental streams."), name);
d9c460a0
TC		 4434 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4435 goto error;
4436 }
4437
a3eeab2d 4438 switch (nvpair_type(nvp)) {
4439 case DATA_TYPE_BOOLEAN: /* -x property */
4440 /*
4441 * DATA_TYPE_BOOLEAN is the way we're asked to "exclude"
4442 * a property: this is done by forcing an explicit
4443 * inherit on the destination so the effective value is
4444 * not the one we received from the send stream.
4445 * We do this only if the property is not already
4446 * locally-set, in which case its value will take
4447 * priority over the received anyway.
4448 */
4449 if (nvlist_exists(origprops, name)) {
4450 nvlist_t *attrs;
b4238327 4451 char *source = NULL;
a3eeab2d 4452
4453 attrs = fnvlist_lookup_nvlist(origprops, name);
b4238327
TC		 4454 if (nvlist_lookup_string(attrs,
4455 ZPROP_SOURCE, &source) == 0 &&
4456 strcmp(source, ZPROP_SOURCE_VAL_RECVD) != 0)
a3eeab2d 4457 continue;
4458 }
4459 /*
4460 * We can't force an explicit inherit on non-inheritable
4461 * properties: if we're asked to exclude this kind of
4462 * values we remove them from "recvprops" input nvlist.
4463 */
4464 if (!zfs_prop_inheritable(prop) &&
4465 !zfs_prop_user(name) && /* can be inherited too */
4466 nvlist_exists(recvprops, name))
4467 fnvlist_remove(recvprops, name);
4468 else
4469 fnvlist_add_nvpair(*oxprops, nvp);
4470 break;
4471 case DATA_TYPE_STRING: /* -o property=value */
4472 fnvlist_add_nvpair(oprops, nvp);
4473 break;
4474 default:
4475 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4476 "property '%s' must be a string or boolean"), name);
4477 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4478 goto error;
4479 }
4480 }
4481
4482 if (toplevel) {
4483 /* convert override strings properties to native */
4484 if ((voprops = zfs_valid_proplist(hdl, ZFS_TYPE_DATASET,
b5256303 4485 oprops, zoned, zhp, zpool_hdl, B_FALSE, errbuf)) == NULL) {
a3eeab2d 4486 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
4487 goto error;
4488 }
4489
d9c460a0
TC		 4490 /*
4491 * zfs_crypto_create() requires the parent name. Get it
4492 * by truncating the fsname copy stored in namebuf.
4493 */
4494 cp = strrchr(namebuf, '/');
4495 if (cp != NULL)
4496 *cp = '\0';
4497
4498 if (!raw && zfs_crypto_create(hdl, namebuf, voprops, NULL,
4499 B_FALSE, wkeydata_out, wkeylen_out) != 0) {
4500 fnvlist_free(voprops);
4501 ret = zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf);
4502 goto error;
4503 }
4504
a3eeab2d 4505 /* second pass: process "-o" properties */
4506 fnvlist_merge(*oxprops, voprops);
4507 fnvlist_free(voprops);
4508 } else {
4509 /* override props on child dataset are inherited */
4510 nvp = NULL;
4511 while ((nvp = nvlist_next_nvpair(oprops, nvp)) != NULL) {
4512 const char *name = nvpair_name(nvp);
4513 fnvlist_add_boolean(*oxprops, name);
4514 }
4515 }
4516
4517error:
d9c460a0
TC		 4518 if (zhp != NULL)
4519 zfs_close(zhp);
4520 if (zpool_hdl != NULL)
4521 zpool_close(zpool_hdl);
a3eeab2d 4522 fnvlist_free(oprops);
4523 return (ret);
4524}
4525
34dc7c2f
BB		 4526/*
4527 * Restores a backup of tosnap from the file descriptor specified by infd.
4528 */
4529static int
4530zfs_receive_one(libzfs_handle_t *hdl, int infd, const char *tosnap,
fcff0f35
PD		 4531 const char *originsnap, recvflags_t *flags, dmu_replay_record_t *drr,
4532 dmu_replay_record_t *drr_noswap, const char *sendfs, nvlist_t *stream_nv,
4533 avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd,
a3eeab2d 4534 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops)
34dc7c2f 4535{
34dc7c2f 4536 time_t begin_time;
428870ff 4537 int ioctl_err, ioctl_errno, err;
34dc7c2f
BB		 4538 char *cp;
4539 struct drr_begin *drrb = &drr->drr_u.drr_begin;
4540 char errbuf[1024];
428870ff 4541 const char *chopprefix;
34dc7c2f
BB		 4542 boolean_t newfs = B_FALSE;
4543 boolean_t stream_wantsnewfs;
43e52edd
BB		 4544 boolean_t newprops = B_FALSE;
4545 uint64_t read_bytes = 0;
4546 uint64_t errflags = 0;
34dc7c2f
BB		 4547 uint64_t parent_snapguid = 0;
4548 prop_changelist_t *clp = NULL;
b128c09f 4549 nvlist_t *snapprops_nvlist = NULL;
9c5e88b1 4550 nvlist_t *snapholds_nvlist = NULL;
428870ff 4551 zprop_errflags_t prop_errflags;
43e52edd 4552 nvlist_t *prop_errors = NULL;
428870ff 4553 boolean_t recursive;
671c9354 4554 char *snapname = NULL;
43e52edd
BB		 4555 char destsnap[MAXPATHLEN * 2];
4556 char origin[MAXNAMELEN];
4557 char name[MAXPATHLEN];
b5256303 4558 char tmp_keylocation[MAXNAMELEN];
a3eeab2d 4559 nvlist_t *rcvprops = NULL; /* props received from the send stream */
4560 nvlist_t *oxprops = NULL; /* override (-o) and exclude (-x) props */
4561 nvlist_t *origprops = NULL; /* original props (if destination exists) */
4562 zfs_type_t type;
bee7e4ff 4563 boolean_t toplevel = B_FALSE;
a3eeab2d 4564 boolean_t zoned = B_FALSE;
c03f0470 4565 boolean_t hastoken = B_FALSE;
30af21b0 4566 boolean_t redacted;
d9c460a0
TC		 4567 uint8_t *wkeydata = NULL;
4568 uint_t wkeylen = 0;
34dc7c2f
BB		 4569
4570 begin_time = time(NULL);
43e52edd 4571 bzero(origin, MAXNAMELEN);
b5256303 4572 bzero(tmp_keylocation, MAXNAMELEN);
34dc7c2f
BB		 4573
4574 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
4575 "cannot receive"));
4576
428870ff
BB		 4577 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
4578 ENOENT);
4579
9c5e88b1
PZ		 4580 /* Did the user request holds be skipped via zfs recv -k? */
4581 boolean_t holds = flags->holds && !flags->skipholds;
4582
34dc7c2f 4583 if (stream_avl != NULL) {
b5256303 4584 char *keylocation = NULL;
48f783de 4585 nvlist_t *lookup = NULL;
b128c09f
BB		 4586 nvlist_t *fs = fsavl_find(stream_avl, drrb->drr_toguid,
4587 &snapname);
34dc7c2f
BB		 4588
4589 (void) nvlist_lookup_uint64(fs, "parentfromsnap",
4590 &parent_snapguid);
a3eeab2d 4591 err = nvlist_lookup_nvlist(fs, "props", &rcvprops);
43e52edd 4592 if (err) {
a3eeab2d 4593 VERIFY(0 == nvlist_alloc(&rcvprops, NV_UNIQUE_NAME, 0));
43e52edd
BB		 4594 newprops = B_TRUE;
4595 }
34dc7c2f 4596
b5256303
TC		 4597 /*
4598 * The keylocation property may only be set on encryption roots,
4599 * but this dataset might not become an encryption root until
83472fab 4600 * recv_fix_encryption_hierarchy() is called. That function
b5256303
TC		 4601 * will fixup the keylocation anyway, so we temporarily unset
4602 * the keylocation for now to avoid any errors from the receive
4603 * ioctl.
4604 */
4605 err = nvlist_lookup_string(rcvprops,
4606 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation);
4607 if (err == 0) {
4608 strcpy(tmp_keylocation, keylocation);
4609 (void) nvlist_remove_all(rcvprops,
4610 zfs_prop_to_name(ZFS_PROP_KEYLOCATION));
4611 }
4612
330d06f9 4613 if (flags->canmountoff) {
a3eeab2d 4614 VERIFY(0 == nvlist_add_uint64(rcvprops,
34dc7c2f 4615 zfs_prop_to_name(ZFS_PROP_CANMOUNT), 0));
9c5e88b1
PZ		 4616 } else if (newprops) { /* nothing in rcvprops, eliminate it */
4617 nvlist_free(rcvprops);
4618 rcvprops = NULL;
4619 newprops = B_FALSE;
34dc7c2f 4620 }
48f783de 4621 if (0 == nvlist_lookup_nvlist(fs, "snapprops", &lookup)) {
4622 VERIFY(0 == nvlist_lookup_nvlist(lookup,
4623 snapname, &snapprops_nvlist));
4624 }
9c5e88b1
PZ		 4625 if (holds) {
4626 if (0 == nvlist_lookup_nvlist(fs, "snapholds",
4627 &lookup)) {
4628 VERIFY(0 == nvlist_lookup_nvlist(lookup,
4629 snapname, &snapholds_nvlist));
4630 }
4631 }
34dc7c2f
BB		 4632 }
4633
428870ff
BB		 4634 cp = NULL;
4635
34dc7c2f
BB		 4636 /*
4637 * Determine how much of the snapshot name stored in the stream
4638 * we are going to tack on to the name they specified on the
4639 * command line, and how much we are going to chop off.
4640 *
4641 * If they specified a snapshot, chop the entire name stored in
4642 * the stream.
4643 */
330d06f9 4644 if (flags->istail) {
428870ff
BB		 4645 /*
4646 * A filesystem was specified with -e. We want to tack on only
4647 * the tail of the sent snapshot path.
4648 */
4649 if (strchr(tosnap, '@')) {
4650 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
4651 "argument - snapshot not allowed with -e"));
43e52edd
BB		 4652 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
4653 goto out;
428870ff
BB		 4654 }
4655
4656 chopprefix = strrchr(sendfs, '/');
4657
4658 if (chopprefix == NULL) {
4659 /*
4660 * The tail is the poolname, so we need to
4661 * prepend a path separator.
4662 */
4663 int len = strlen(drrb->drr_toname);
4664 cp = malloc(len + 2);
4665 cp[0] = '/';
4666 (void) strcpy(&cp[1], drrb->drr_toname);
4667 chopprefix = cp;
4668 } else {
4669 chopprefix = drrb->drr_toname + (chopprefix - sendfs);
4670 }
330d06f9 4671 } else if (flags->isprefix) {
34dc7c2f 4672 /*
428870ff
BB		 4673 * A filesystem was specified with -d. We want to tack on
4674 * everything but the first element of the sent snapshot path
4675 * (all but the pool name).
34dc7c2f
BB		 4676 */
4677 if (strchr(tosnap, '@')) {
4678 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
4679 "argument - snapshot not allowed with -d"));
43e52edd
BB		 4680 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
4681 goto out;
34dc7c2f 4682 }
428870ff
BB		 4683
4684 chopprefix = strchr(drrb->drr_toname, '/');
4685 if (chopprefix == NULL)
4686 chopprefix = strchr(drrb->drr_toname, '@');
34dc7c2f
BB		 4687 } else if (strchr(tosnap, '@') == NULL) {
4688 /*
428870ff
BB		 4689 * If a filesystem was specified without -d or -e, we want to
4690 * tack on everything after the fs specified by 'zfs send'.
34dc7c2f 4691 */
428870ff
BB		 4692 chopprefix = drrb->drr_toname + strlen(sendfs);
4693 } else {
4694 /* A snapshot was specified as an exact path (no -d or -e). */
4695 if (recursive) {
4696 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4697 "cannot specify snapshot name for multi-snapshot "
4698 "stream"));
43e52edd
BB		 4699 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4700 goto out;
428870ff
BB		 4701 }
4702 chopprefix = drrb->drr_toname + strlen(drrb->drr_toname);
34dc7c2f 4703 }
428870ff
BB		 4704
4705 ASSERT(strstr(drrb->drr_toname, sendfs) == drrb->drr_toname);
bdbd5477 4706 ASSERT(chopprefix > drrb->drr_toname || strchr(sendfs, '/') == NULL);
4707 ASSERT(chopprefix <= drrb->drr_toname + strlen(drrb->drr_toname) ||
4708 strchr(sendfs, '/') == NULL);
428870ff
BB		 4709 ASSERT(chopprefix[0] == '/' || chopprefix[0] == '@' ||
4710 chopprefix[0] == '\0');
34dc7c2f
BB		 4711
4712 /*
43e52edd 4713 * Determine name of destination snapshot.
34dc7c2f 4714 */
45cb520b 4715 (void) strlcpy(destsnap, tosnap, sizeof (destsnap));
43e52edd 4716 (void) strlcat(destsnap, chopprefix, sizeof (destsnap));
428870ff 4717 free(cp);
43e52edd
BB		 4718 if (!zfs_name_valid(destsnap, ZFS_TYPE_SNAPSHOT)) {
4719 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
4720 goto out;
34dc7c2f
BB		 4721 }
4722
4723 /*
43e52edd 4724 * Determine the name of the origin snapshot.
34dc7c2f 4725 */
160af771 4726 if (originsnap) {
21a4f5cc 4727 (void) strlcpy(origin, originsnap, sizeof (origin));
160af771
GM		 4728 if (flags->verbose)
4729 (void) printf("using provided clone origin %s\n",
4730 origin);
4731 } else if (drrb->drr_flags & DRR_FLAG_CLONE) {
43e52edd
BB		 4732 if (guid_to_name(hdl, destsnap,
4733 drrb->drr_fromguid, B_FALSE, origin) != 0) {
34dc7c2f
BB		 4734 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4735 "local origin for clone %s does not exist"),
43e52edd
BB		 4736 destsnap);
4737 err = zfs_error(hdl, EZFS_NOENT, errbuf);
4738 goto out;
34dc7c2f 4739 }
330d06f9 4740 if (flags->verbose)
43e52edd 4741 (void) printf("found clone origin %s\n", origin);
34dc7c2f
BB		 4742 }
4743
652bdc9b
MA		 4744 if (!hdl->libzfs_dedup_warning_printed &&
4745 (DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4746 DMU_BACKUP_FEATURE_DEDUP)) {
4747 (void) fprintf(stderr,
4748 gettext("WARNING: This is a deduplicated send stream. "
4749 "The ability to send and\n"
4750 "receive deduplicated send streams is deprecated. "
4751 "In the future, the\n"
4752 "ability to receive a deduplicated send stream with "
4753 "\"zfs receive\" will be\n"
4754 "removed. However, in the future, a utility will be "
4755 "provided to convert a\n"
4756 "deduplicated send stream to a regular "
4757 "(non-deduplicated) stream. This\n"
4758 "future utility will require that the send stream be "
4759 "located in a\n"
4760 "seek-able file, rather than provided by a pipe.\n\n"));
4761 hdl->libzfs_dedup_warning_printed = B_TRUE;
4762 }
4763
47dfff3b
MA		 4764 boolean_t resuming = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4765 DMU_BACKUP_FEATURE_RESUMING;
b5256303
TC		 4766 boolean_t raw = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4767 DMU_BACKUP_FEATURE_RAW;
9b840763
TC		 4768 boolean_t embedded = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4769 DMU_BACKUP_FEATURE_EMBED_DATA;
b8864a23 4770 stream_wantsnewfs = (drrb->drr_fromguid == 0 ||
47dfff3b 4771 (drrb->drr_flags & DRR_FLAG_CLONE) || originsnap) && !resuming;
34dc7c2f
BB		 4772
4773 if (stream_wantsnewfs) {
4774 /*
4775 * if the parent fs does not exist, look for it based on
4776 * the parent snap GUID
4777 */
4778 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
4779 "cannot receive new filesystem stream"));
4780
43e52edd
BB		 4781 (void) strcpy(name, destsnap);
4782 cp = strrchr(name, '/');
34dc7c2f
BB		 4783 if (cp)
4784 *cp = '\0';
4785 if (cp &&
43e52edd 4786 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
eca7b760 4787 char suffix[ZFS_MAX_DATASET_NAME_LEN];
43e52edd
BB		 4788 (void) strcpy(suffix, strrchr(destsnap, '/'));
4789 if (guid_to_name(hdl, name, parent_snapguid,
4790 B_FALSE, destsnap) == 0) {
4791 *strchr(destsnap, '@') = '\0';
4792 (void) strcat(destsnap, suffix);
34dc7c2f
BB		 4793 }
4794 }
4795 } else {
4796 /*
ebeb6f23
AG		 4797 * If the fs does not exist, look for it based on the
4798 * fromsnap GUID.
34dc7c2f 4799 */
ebeb6f23
AG		 4800 if (resuming) {
4801 (void) snprintf(errbuf, sizeof (errbuf),
4802 dgettext(TEXT_DOMAIN,
4803 "cannot receive resume stream"));
4804 } else {
4805 (void) snprintf(errbuf, sizeof (errbuf),
4806 dgettext(TEXT_DOMAIN,
4807 "cannot receive incremental stream"));
4808 }
34dc7c2f 4809
43e52edd
BB		 4810 (void) strcpy(name, destsnap);
4811 *strchr(name, '@') = '\0';
34dc7c2f 4812
428870ff
BB		 4813 /*
4814 * If the exact receive path was specified and this is the
4815 * topmost path in the stream, then if the fs does not exist we
4816 * should look no further.
4817 */
330d06f9 4818 if ((flags->isprefix || (*(chopprefix = drrb->drr_toname +
428870ff 4819 strlen(sendfs)) != '\0' && *chopprefix != '@')) &&
43e52edd 4820 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
eca7b760 4821 char snap[ZFS_MAX_DATASET_NAME_LEN];
43e52edd
BB		 4822 (void) strcpy(snap, strchr(destsnap, '@'));
4823 if (guid_to_name(hdl, name, drrb->drr_fromguid,
4824 B_FALSE, destsnap) == 0) {
4825 *strchr(destsnap, '@') = '\0';
4826 (void) strcat(destsnap, snap);
34dc7c2f
BB		 4827 }
4828 }
4829 }
4830
43e52edd
BB		 4831 (void) strcpy(name, destsnap);
4832 *strchr(name, '@') = '\0';
34dc7c2f 4833
30af21b0
PD		 4834 redacted = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
4835 DMU_BACKUP_FEATURE_REDACTED;
4836
43e52edd
BB		 4837 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
4838 zfs_cmd_t zc = {"\0"};
34dc7c2f 4839 zfs_handle_t *zhp;
4a385862 4840 boolean_t encrypted;
428870ff 4841
43e52edd
BB		 4842 (void) strcpy(zc.zc_name, name);
4843
34dc7c2f 4844 /*
47dfff3b
MA		 4845 * Destination fs exists. It must be one of these cases:
4846 * - an incremental send stream
4847 * - the stream specifies a new fs (full stream or clone)
4848 * and they want us to blow away the existing fs (and
4849 * have therefore specified -F and removed any snapshots)
4850 * - we are resuming a failed receive.
34dc7c2f 4851 */
34dc7c2f 4852 if (stream_wantsnewfs) {
d8d418ff 4853 boolean_t is_volume = drrb->drr_type == DMU_OST_ZVOL;
330d06f9 4854 if (!flags->force) {
34dc7c2f
BB		 4855 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4856 "destination '%s' exists\n"
43e52edd
BB		 4857 "must specify -F to overwrite it"), name);
4858 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4859 goto out;
34dc7c2f 4860 }
b834b58a 4861 if (zfs_ioctl(hdl, ZFS_IOC_SNAPSHOT_LIST_NEXT,
34dc7c2f 4862 &zc) == 0) {
34dc7c2f
BB		 4863 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4864 "destination has snapshots (eg. %s)\n"
4865 "must destroy them to overwrite it"),
b53cb02d 4866 zc.zc_name);
43e52edd
BB		 4867 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4868 goto out;
34dc7c2f 4869 }
d8d418ff 4870 if (is_volume && strrchr(name, '/') == NULL) {
4871 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4872 "destination %s is the root dataset\n"
4873 "cannot overwrite with a ZVOL"),
4874 name);
4875 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4876 goto out;
4877 }
4878 if (is_volume &&
b834b58a 4879 zfs_ioctl(hdl, ZFS_IOC_DATASET_LIST_NEXT,
d8d418ff 4880 &zc) == 0) {
4881 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4882 "destination has children (eg. %s)\n"
4883 "cannot overwrite with a ZVOL"),
4884 zc.zc_name);
4885 err = zfs_error(hdl, EZFS_WRONG_PARENT, errbuf);
4886 goto out;
4887 }
34dc7c2f
BB		 4888 }
4889
43e52edd 4890 if ((zhp = zfs_open(hdl, name,
34dc7c2f 4891 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME)) == NULL) {
43e52edd
BB		 4892 err = -1;
4893 goto out;
34dc7c2f
BB		 4894 }
4895
4896 if (stream_wantsnewfs &&
4897 zhp->zfs_dmustats.dds_origin[0]) {
34dc7c2f
BB		 4898 zfs_close(zhp);
4899 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4900 "destination '%s' is a clone\n"
43e52edd
BB		 4901 "must destroy it to overwrite it"), name);
4902 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
4903 goto out;
34dc7c2f
BB		 4904 }
4905
b5256303 4906 /*
4a385862 4907 * Raw sends can not be performed as an incremental on top
78595377 4908 * of existing unencrypted datasets. zfs recv -F can't be
4a385862
TC		 4909 * used to blow away an existing encrypted filesystem. This
4910 * is because it would require the dsl dir to point to the
4911 * new key (or lack of a key) and the old key at the same
4912 * time. The -F flag may still be used for deleting
4913 * intermediate snapshots that would otherwise prevent the
4914 * receive from working.
b5256303 4915 */
4a385862
TC		 4916 encrypted = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) !=
4917 ZIO_CRYPT_OFF;
4918 if (!stream_wantsnewfs && !encrypted && raw) {
b5256303
TC		 4919 zfs_close(zhp);
4920 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4a385862
TC		 4921 "cannot perform raw receive on top of "
4922 "existing unencrypted dataset"));
b5256303
TC		 4923 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4924 goto out;
4925 }
4926
4a385862
TC		 4927 if (stream_wantsnewfs && flags->force &&
4928 ((raw && !encrypted) || encrypted)) {
4929 zfs_close(zhp);
4930 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4931 "zfs receive -F cannot be used to destroy an "
4932 "encrypted filesystem or overwrite an "
4933 "unencrypted one with an encrypted one"));
4934 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4935 goto out;
4936 }
b5256303 4937
330d06f9 4938 if (!flags->dryrun && zhp->zfs_type == ZFS_TYPE_FILESYSTEM &&
34dc7c2f
BB		 4939 stream_wantsnewfs) {
4940 /* We can't do online recv in this case */
a57d3d45
MZ		 4941 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
4942 flags->forceunmount ? MS_FORCE : 0);
34dc7c2f 4943 if (clp == NULL) {
45d1cae3 4944 zfs_close(zhp);
43e52edd
BB		 4945 err = -1;
4946 goto out;
34dc7c2f
BB		 4947 }
4948 if (changelist_prefix(clp) != 0) {
4949 changelist_free(clp);
45d1cae3 4950 zfs_close(zhp);
43e52edd
BB		 4951 err = -1;
4952 goto out;
34dc7c2f
BB		 4953 }
4954 }
47dfff3b
MA		 4955
4956 /*
4957 * If we are resuming a newfs, set newfs here so that we will
4958 * mount it if the recv succeeds this time. We can tell
4959 * that it was a newfs on the first recv because the fs
4960 * itself will be inconsistent (if the fs existed when we
4961 * did the first recv, we would have received it into
4962 * .../%recv).
4963 */
4964 if (resuming && zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT))
4965 newfs = B_TRUE;
4966
a3eeab2d 4967 /* we want to know if we're zoned when validating -o|-x props */
4968 zoned = zfs_prop_get_int(zhp, ZFS_PROP_ZONED);
4969
c03f0470 4970 /* may need this info later, get it now we have zhp around */
4971 if (zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN, NULL, 0,
4972 NULL, NULL, 0, B_TRUE) == 0)
4973 hastoken = B_TRUE;
4974
a3eeab2d 4975 /* gather existing properties on destination */
4976 origprops = fnvlist_alloc();
4977 fnvlist_merge(origprops, zhp->zfs_props);
4978 fnvlist_merge(origprops, zhp->zfs_user_props);
4979
34dc7c2f
BB		 4980 zfs_close(zhp);
4981 } else {
b5256303
TC		 4982 zfs_handle_t *zhp;
4983
34dc7c2f
BB		 4984 /*
4985 * Destination filesystem does not exist. Therefore we better
4986 * be creating a new filesystem (either from a full backup, or
4987 * a clone). It would therefore be invalid if the user
4988 * specified only the pool name (i.e. if the destination name
4989 * contained no slash character).
4990 */
a64f903b
GN		 4991 cp = strrchr(name, '/');
4992
4993 if (!stream_wantsnewfs || cp == NULL) {
34dc7c2f 4994 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
43e52edd
BB		 4995 "destination '%s' does not exist"), name);
4996 err = zfs_error(hdl, EZFS_NOENT, errbuf);
4997 goto out;
34dc7c2f
BB		 4998 }
4999
5000 /*
5001 * Trim off the final dataset component so we perform the
5002 * recvbackup ioctl to the filesystems's parent.
5003 */
5004 *cp = '\0';
5005
330d06f9 5006 if (flags->isprefix && !flags->istail && !flags->dryrun &&
43e52edd
BB		 5007 create_parents(hdl, destsnap, strlen(tosnap)) != 0) {
5008 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
5009 goto out;
34dc7c2f
BB		 5010 }
5011
d8d418ff 5012 /* validate parent */
5013 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
5014 if (zhp == NULL) {
5015 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
5016 goto out;
5017 }
5018 if (zfs_get_type(zhp) != ZFS_TYPE_FILESYSTEM) {
5019 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5020 "parent '%s' is not a filesystem"), name);
5021 err = zfs_error(hdl, EZFS_WRONG_PARENT, errbuf);
5022 zfs_close(zhp);
5023 goto out;
5024 }
5025
d8d418ff 5026 zfs_close(zhp);
b5256303 5027
34dc7c2f 5028 newfs = B_TRUE;
b5256303 5029 *cp = '/';
34dc7c2f
BB		 5030 }
5031
330d06f9 5032 if (flags->verbose) {
34dc7c2f 5033 (void) printf("%s %s stream of %s into %s\n",
330d06f9 5034 flags->dryrun ? "would receive" : "receiving",
34dc7c2f 5035 drrb->drr_fromguid ? "incremental" : "full",
43e52edd 5036 drrb->drr_toname, destsnap);
34dc7c2f
BB		 5037 (void) fflush(stdout);
5038 }
5039
330d06f9 5040 if (flags->dryrun) {
870e7a52
TC		 5041 void *buf = zfs_alloc(hdl, SPA_MAXBLOCKSIZE);
5042
5043 /*
5044 * We have read the DRR_BEGIN record, but we have
5045 * not yet read the payload. For non-dryrun sends
5046 * this will be done by the kernel, so we must
5047 * emulate that here, before attempting to read
5048 * more records.
5049 */
5050 err = recv_read(hdl, infd, buf, drr->drr_payloadlen,
5051 flags->byteswap, NULL);
5052 free(buf);
5053 if (err != 0)
5054 goto out;
5055
43e52edd
BB		 5056 err = recv_skip(hdl, infd, flags->byteswap);
5057 goto out;
34dc7c2f
BB		 5058 }
5059
bb61cc31
TC		 5060 /*
5061 * If this is the top-level dataset, record it so we can use it
5062 * for recursive operations later.
5063 */
5064 if (top_zfs != NULL &&
5065 (*top_zfs == NULL || strcmp(*top_zfs, name) == 0)) {
bee7e4ff 5066 toplevel = B_TRUE;
bb61cc31
TC		 5067 if (*top_zfs == NULL)
5068 *top_zfs = zfs_strdup(hdl, name);
5069 }
5070
a3eeab2d 5071 if (drrb->drr_type == DMU_OST_ZVOL) {
5072 type = ZFS_TYPE_VOLUME;
5073 } else if (drrb->drr_type == DMU_OST_ZFS) {
5074 type = ZFS_TYPE_FILESYSTEM;
5075 } else {
5076 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5077 "invalid record type: 0x%d"), drrb->drr_type);
5078 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5079 goto out;
5080 }
d9c460a0
TC		 5081 if ((err = zfs_setup_cmdline_props(hdl, type, name, zoned, recursive,
5082 stream_wantsnewfs, raw, toplevel, rcvprops, cmdprops, origprops,
5083 &oxprops, &wkeydata, &wkeylen, errbuf)) != 0)
a3eeab2d 5084 goto out;
5085
da689887
TC		 5086 /*
5087 * When sending with properties (zfs send -p), the encryption property
5088 * is not included because it is a SETONCE property and therefore
5089 * treated as read only. However, we are always able to determine its
5090 * value because raw sends will include it in the DRR_BDEGIN payload
5091 * and non-raw sends with properties are not allowed for encrypted
5092 * datasets. Therefore, if this is a non-raw properties stream, we can
5093 * infer that the value should be ZIO_CRYPT_OFF and manually add that
5094 * to the received properties.
5095 */
5096 if (stream_wantsnewfs && !raw && rcvprops != NULL &&
5097 !nvlist_exists(cmdprops, zfs_prop_to_name(ZFS_PROP_ENCRYPTION))) {
5098 if (oxprops == NULL)
5099 oxprops = fnvlist_alloc();
5100 fnvlist_add_uint64(oxprops,
5101 zfs_prop_to_name(ZFS_PROP_ENCRYPTION), ZIO_CRYPT_OFF);
5102 }
5103
d9c460a0
TC		 5104 err = ioctl_err = lzc_receive_with_cmdprops(destsnap, rcvprops,
5105 oxprops, wkeydata, wkeylen, origin, flags->force, flags->resumable,
5106 raw, infd, drr_noswap, cleanup_fd, &read_bytes, &errflags,
5107 action_handlep, &prop_errors);
43e52edd
BB		 5108 ioctl_errno = ioctl_err;
5109 prop_errflags = errflags;
428870ff
BB		 5110
5111 if (err == 0) {
428870ff
BB		 5112 nvpair_t *prop_err = NULL;
5113
5114 while ((prop_err = nvlist_next_nvpair(prop_errors,
5115 prop_err)) != NULL) {
5116 char tbuf[1024];
5117 zfs_prop_t prop;
5118 int intval;
5119
5120 prop = zfs_name_to_prop(nvpair_name(prop_err));
5121 (void) nvpair_value_int32(prop_err, &intval);
5122 if (strcmp(nvpair_name(prop_err),
5123 ZPROP_N_MORE_ERRORS) == 0) {
5124 trunc_prop_errs(intval);
5125 break;
671c9354
DM		 5126 } else if (snapname == NULL || finalsnap == NULL ||
5127 strcmp(finalsnap, snapname) == 0 ||
5128 strcmp(nvpair_name(prop_err),
5129 zfs_prop_to_name(ZFS_PROP_REFQUOTA)) != 0) {
5130 /*
5131 * Skip the special case of, for example,
5132 * "refquota", errors on intermediate
5133 * snapshots leading up to a final one.
5134 * That's why we have all of the checks above.
5135 *
5136 * See zfs_ioctl.c's extract_delay_props() for
5137 * a list of props which can fail on
5138 * intermediate snapshots, but shouldn't
5139 * affect the overall receive.
5140 */
428870ff
BB		 5141 (void) snprintf(tbuf, sizeof (tbuf),
5142 dgettext(TEXT_DOMAIN,
5143 "cannot receive %s property on %s"),
43e52edd 5144 nvpair_name(prop_err), name);
428870ff
BB		 5145 zfs_setprop_error(hdl, prop, intval, tbuf);
5146 }
5147 }
428870ff
BB		 5148 }
5149
b128c09f 5150 if (err == 0 && snapprops_nvlist) {
43e52edd 5151 zfs_cmd_t zc = {"\0"};
b128c09f 5152
43e52edd
BB		 5153 (void) strcpy(zc.zc_name, destsnap);
5154 zc.zc_cookie = B_TRUE; /* received */
5155 if (zcmd_write_src_nvlist(hdl, &zc, snapprops_nvlist) == 0) {
5156 (void) zfs_ioctl(hdl, ZFS_IOC_SET_PROP, &zc);
5157 zcmd_free_nvlists(&zc);
b128c09f
BB		 5158 }
5159 }
9c5e88b1
PZ		 5160 if (err == 0 && snapholds_nvlist) {
5161 nvpair_t *pair;
5162 nvlist_t *holds, *errors = NULL;
5163 int cleanup_fd = -1;
5164
5165 VERIFY(0 == nvlist_alloc(&holds, 0, KM_SLEEP));
5166 for (pair = nvlist_next_nvpair(snapholds_nvlist, NULL);
5167 pair != NULL;
5168 pair = nvlist_next_nvpair(snapholds_nvlist, pair)) {
5169 VERIFY(0 == nvlist_add_string(holds, destsnap,
5170 nvpair_name(pair)));
5171 }
5172 (void) lzc_hold(holds, cleanup_fd, &errors);
5173 nvlist_free(snapholds_nvlist);
5174 nvlist_free(holds);
5175 }
b128c09f 5176
428870ff 5177 if (err && (ioctl_errno == ENOENT || ioctl_errno == EEXIST)) {
34dc7c2f
BB		 5178 /*
5179 * It may be that this snapshot already exists,
5180 * in which case we want to consume & ignore it
5181 * rather than failing.
5182 */
5183 avl_tree_t *local_avl;
5184 nvlist_t *local_nv, *fs;
43e52edd 5185 cp = strchr(destsnap, '@');
34dc7c2f
BB		 5186
5187 /*
5188 * XXX Do this faster by just iterating over snaps in
5189 * this fs. Also if zc_value does not exist, we will
5190 * get a strange "does not exist" error message.
5191 */
5192 *cp = '\0';
b5256303 5193 if (gather_nvlist(hdl, destsnap, NULL, NULL, B_FALSE, B_TRUE,
f94b3cbf
TC		 5194 B_FALSE, B_FALSE, B_FALSE, B_FALSE, B_FALSE, B_TRUE,
5195 &local_nv, &local_avl) == 0) {
34dc7c2f
BB		 5196 *cp = '@';
5197 fs = fsavl_find(local_avl, drrb->drr_toguid, NULL);
5198 fsavl_destroy(local_avl);
5199 nvlist_free(local_nv);
5200
5201 if (fs != NULL) {
330d06f9 5202 if (flags->verbose) {
34dc7c2f 5203 (void) printf("snap %s already exists; "
43e52edd 5204 "ignoring\n", destsnap);
34dc7c2f 5205 }
428870ff 5206 err = ioctl_err = recv_skip(hdl, infd,
330d06f9 5207 flags->byteswap);
34dc7c2f
BB		 5208 }
5209 }
5210 *cp = '@';
5211 }
5212
34dc7c2f
BB		 5213 if (ioctl_err != 0) {
5214 switch (ioctl_errno) {
5215 case ENODEV:
43e52edd 5216 cp = strchr(destsnap, '@');
34dc7c2f
BB		 5217 *cp = '\0';
5218 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5219 "most recent snapshot of %s does not\n"
43e52edd 5220 "match incremental source"), destsnap);
34dc7c2f
BB		 5221 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf);
5222 *cp = '@';
5223 break;
5224 case ETXTBSY:
5225 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5226 "destination %s has been modified\n"
43e52edd 5227 "since most recent snapshot"), name);
34dc7c2f
BB		 5228 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf);
5229 break;
b5256303
TC		 5230 case EACCES:
5231 if (raw && stream_wantsnewfs) {
5232 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5233 "failed to create encryption key"));
5234 } else if (raw && !stream_wantsnewfs) {
5235 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5236 "encryption key does not match "
5237 "existing key"));
5238 } else {
5239 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5240 "inherited key must be loaded"));
5241 }
5242 (void) zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf);
5243 break;
34dc7c2f 5244 case EEXIST:
43e52edd 5245 cp = strchr(destsnap, '@');
34dc7c2f
BB		 5246 if (newfs) {
5247 /* it's the containing fs that exists */
5248 *cp = '\0';
5249 }
5250 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5251 "destination already exists"));
5252 (void) zfs_error_fmt(hdl, EZFS_EXISTS,
5253 dgettext(TEXT_DOMAIN, "cannot restore to %s"),
43e52edd 5254 destsnap);
34dc7c2f
BB		 5255 *cp = '@';
5256 break;
5257 case EINVAL:
2ba59fa9 5258 if (flags->resumable) {
43e52edd
BB		 5259 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5260 "kernel modules must be upgraded to "
5261 "receive this stream."));
2ba59fa9 5262 } else if (embedded && !raw) {
9b840763
TC		 5263 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5264 "incompatible embedded data stream "
5265 "feature with encrypted receive."));
2ba59fa9 5266 }
34dc7c2f
BB		 5267 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5268 break;
5269 case ECKSUM:
7145123b
PD		 5270 case ZFS_ERR_STREAM_TRUNCATED:
5271 recv_ecksum_set_aux(hdl, destsnap, flags->resumable,
5272 ioctl_err == ECKSUM);
34dc7c2f
BB		 5273 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5274 break;
428870ff
BB		 5275 case ENOTSUP:
5276 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5277 "pool must be upgraded to receive this stream."));
5278 (void) zfs_error(hdl, EZFS_BADVERSION, errbuf);
5279 break;
5280 case EDQUOT:
5281 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
c03f0470 5282 "destination %s space quota exceeded."), name);
330d06f9 5283 (void) zfs_error(hdl, EZFS_NOSPC, errbuf);
428870ff 5284 break;
f00ab3f2
TC		 5285 case ZFS_ERR_FROM_IVSET_GUID_MISSING:
5286 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
73c25a78 5287 "IV set guid missing. See errata %u at "
e458fcca 5288 "https://zfsonlinux.org/msg/ZFS-8000-ER."),
f00ab3f2
TC		 5289 ZPOOL_ERRATA_ZOL_8308_ENCRYPTION);
5290 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5291 break;
5292 case ZFS_ERR_FROM_IVSET_GUID_MISMATCH:
5293 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5294 "IV set guid mismatch. See the 'zfs receive' "
5295 "man page section\n discussing the limitations "
5296 "of raw encrypted send streams."));
5297 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5298 break;
caf9dd20
BB		 5299 case ZFS_ERR_SPILL_BLOCK_FLAG_MISSING:
5300 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5301 "Spill block flag missing for raw send.\n"
5302 "The zfs software on the sending system must "
5303 "be updated."));
5304 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
5305 break;
c03f0470 5306 case EBUSY:
5307 if (hastoken) {
5308 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5309 "destination %s contains "
5310 "partially-complete state from "
5311 "\"zfs receive -s\"."), name);
5312 (void) zfs_error(hdl, EZFS_BUSY, errbuf);
5313 break;
5314 }
5315 /* fallthru */
34dc7c2f
BB		 5316 default:
5317 (void) zfs_standard_error(hdl, ioctl_errno, errbuf);
5318 }
5319 }
5320
5321 /*
428870ff
BB		 5322 * Mount the target filesystem (if created). Also mount any
5323 * children of the target filesystem if we did a replication
5324 * receive (indicated by stream_avl being non-NULL).
34dc7c2f 5325 */
34dc7c2f 5326 if (clp) {
89d43feb
GM		 5327 if (!flags->nomount)
5328 err |= changelist_postfix(clp);
34dc7c2f
BB		 5329 changelist_free(clp);
5330 }
5331
bb61cc31
TC		 5332 if ((newfs || stream_avl) && type == ZFS_TYPE_FILESYSTEM && !redacted)
5333 flags->domount = B_TRUE;
5334
428870ff
BB		 5335 if (prop_errflags & ZPROP_ERR_NOCLEAR) {
5336 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: "
43e52edd 5337 "failed to clear unreceived properties on %s"), name);
428870ff
BB		 5338 (void) fprintf(stderr, "\n");
5339 }
5340 if (prop_errflags & ZPROP_ERR_NORESTORE) {
5341 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: "
43e52edd 5342 "failed to restore original properties on %s"), name);
428870ff
BB		 5343 (void) fprintf(stderr, "\n");
5344 }
5345
43e52edd
BB		 5346 if (err || ioctl_err) {
5347 err = -1;
5348 goto out;
5349 }
572e2857 5350
330d06f9 5351 if (flags->verbose) {
34dc7c2f
BB		 5352 char buf1[64];
5353 char buf2[64];
43e52edd 5354 uint64_t bytes = read_bytes;
34dc7c2f
BB		 5355 time_t delta = time(NULL) - begin_time;
5356 if (delta == 0)
5357 delta = 1;
e7fbeb60 5358 zfs_nicebytes(bytes, buf1, sizeof (buf1));
5359 zfs_nicebytes(bytes/delta, buf2, sizeof (buf1));
34dc7c2f 5360
e7fbeb60 5361 (void) printf("received %s stream in %lu seconds (%s/sec)\n",
34dc7c2f
BB		 5362 buf1, delta, buf2);
5363 }
5364
43e52edd
BB		 5365 err = 0;
5366out:
5367 if (prop_errors != NULL)
5368 nvlist_free(prop_errors);
5369
b5256303
TC		 5370 if (tmp_keylocation[0] != '\0') {
5371 VERIFY(0 == nvlist_add_string(rcvprops,
5372 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), tmp_keylocation));
5373 }
5374
43e52edd 5375 if (newprops)
a3eeab2d 5376 nvlist_free(rcvprops);
5377
5378 nvlist_free(oxprops);
5379 nvlist_free(origprops);
43e52edd
BB		 5380
5381 return (err);
34dc7c2f
BB		 5382}
5383
a3eeab2d 5384/*
5385 * Check properties we were asked to override (both -o|-x)
5386 */
5387static boolean_t
5388zfs_receive_checkprops(libzfs_handle_t *hdl, nvlist_t *props,
5389 const char *errbuf)
5390{
5391 nvpair_t *nvp;
5392 zfs_prop_t prop;
5393 const char *name;
5394
5395 nvp = NULL;
5396 while ((nvp = nvlist_next_nvpair(props, nvp)) != NULL) {
5397 name = nvpair_name(nvp);
5398 prop = zfs_name_to_prop(name);
5399
5400 if (prop == ZPROP_INVAL) {
5401 if (!zfs_prop_user(name)) {
5402 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5403 "invalid property '%s'"), name);
5404 return (B_FALSE);
5405 }
5406 continue;
5407 }
5408 /*
5409 * "origin" is readonly but is used to receive datasets as
5410 * clones so we don't raise an error here
5411 */
5412 if (prop == ZFS_PROP_ORIGIN)
5413 continue;
5414
d9c460a0
TC		 5415 /* encryption params have their own verification later */
5416 if (prop == ZFS_PROP_ENCRYPTION ||
5417 zfs_prop_encryption_key_param(prop))
5418 continue;
5419
a3eeab2d 5420 /*
5421 * cannot override readonly, set-once and other specific
5422 * settable properties
5423 */
5424 if (zfs_prop_readonly(prop) || prop == ZFS_PROP_VERSION ||
5425 prop == ZFS_PROP_VOLSIZE) {
5426 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5427 "invalid property '%s'"), name);
5428 return (B_FALSE);
5429 }
5430 }
5431
5432 return (B_TRUE);
5433}
5434
b128c09f 5435static int
fcff0f35
PD		 5436zfs_receive_impl(libzfs_handle_t *hdl, const char *tosnap,
5437 const char *originsnap, recvflags_t *flags, int infd, const char *sendfs,
5438 nvlist_t *stream_nv, avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd,
a3eeab2d 5439 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops)
34dc7c2f
BB		 5440{
5441 int err;
5442 dmu_replay_record_t drr, drr_noswap;
5443 struct drr_begin *drrb = &drr.drr_u.drr_begin;
5444 char errbuf[1024];
2598c001 5445 zio_cksum_t zcksum = { { 0 } };
428870ff
BB		 5446 uint64_t featureflags;
5447 int hdrtype;
34dc7c2f
BB		 5448
5449 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
5450 "cannot receive"));
5451
a3eeab2d 5452 /* check cmdline props, raise an error if they cannot be received */
5453 if (!zfs_receive_checkprops(hdl, cmdprops, errbuf)) {
5454 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
5455 }
5456
330d06f9 5457 if (flags->isprefix &&
34dc7c2f
BB		 5458 !zfs_dataset_exists(hdl, tosnap, ZFS_TYPE_DATASET)) {
5459 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified fs "
5460 "(%s) does not exist"), tosnap);
5461 return (zfs_error(hdl, EZFS_NOENT, errbuf));
5462 }
fcff0f35
PD		 5463 if (originsnap &&
5464 !zfs_dataset_exists(hdl, originsnap, ZFS_TYPE_DATASET)) {
5465 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified origin fs "
5466 "(%s) does not exist"), originsnap);
5467 return (zfs_error(hdl, EZFS_NOENT, errbuf));
5468 }
34dc7c2f
BB		 5469
5470 /* read in the BEGIN record */
5471 if (0 != (err = recv_read(hdl, infd, &drr, sizeof (drr), B_FALSE,
5472 &zcksum)))
5473 return (err);
5474
5475 if (drr.drr_type == DRR_END || drr.drr_type == BSWAP_32(DRR_END)) {
5476 /* It's the double end record at the end of a package */
5477 return (ENODATA);
5478 }
5479
5480 /* the kernel needs the non-byteswapped begin record */
5481 drr_noswap = drr;
5482
330d06f9 5483 flags->byteswap = B_FALSE;
34dc7c2f
BB		 5484 if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC)) {
5485 /*
5486 * We computed the checksum in the wrong byteorder in
5487 * recv_read() above; do it again correctly.
5488 */
5489 bzero(&zcksum, sizeof (zio_cksum_t));
5490 fletcher_4_incremental_byteswap(&drr, sizeof (drr), &zcksum);
330d06f9 5491 flags->byteswap = B_TRUE;
34dc7c2f
BB		 5492
5493 drr.drr_type = BSWAP_32(drr.drr_type);
5494 drr.drr_payloadlen = BSWAP_32(drr.drr_payloadlen);
5495 drrb->drr_magic = BSWAP_64(drrb->drr_magic);
428870ff 5496 drrb->drr_versioninfo = BSWAP_64(drrb->drr_versioninfo);
34dc7c2f
BB		 5497 drrb->drr_creation_time = BSWAP_64(drrb->drr_creation_time);
5498 drrb->drr_type = BSWAP_32(drrb->drr_type);
5499 drrb->drr_flags = BSWAP_32(drrb->drr_flags);
5500 drrb->drr_toguid = BSWAP_64(drrb->drr_toguid);
5501 drrb->drr_fromguid = BSWAP_64(drrb->drr_fromguid);
5502 }
5503
5504 if (drrb->drr_magic != DMU_BACKUP_MAGIC || drr.drr_type != DRR_BEGIN) {
5505 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
5506 "stream (bad magic number)"));
5507 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
5508 }
5509
428870ff
BB		 5510 featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
5511 hdrtype = DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo);
5512
5513 if (!DMU_STREAM_SUPPORTED(featureflags) ||
5514 (hdrtype != DMU_SUBSTREAM && hdrtype != DMU_COMPOUNDSTREAM)) {
5515 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
5516 "stream has unsupported feature, feature flags = %lx"),
5517 featureflags);
5518 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
5519 }
5520
9c5e88b1 5521 /* Holds feature is set once in the compound stream header. */
c618f87c 5522 if (featureflags & DMU_BACKUP_FEATURE_HOLDS)
9c5e88b1
PZ		 5523 flags->holds = B_TRUE;
5524
34dc7c2f
BB		 5525 if (strchr(drrb->drr_toname, '@') == NULL) {
5526 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
5527 "stream (bad snapshot name)"));
5528 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
5529 }
5530
428870ff 5531 if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) == DMU_SUBSTREAM) {
eca7b760 5532 char nonpackage_sendfs[ZFS_MAX_DATASET_NAME_LEN];
428870ff
BB		 5533 if (sendfs == NULL) {
5534 /*
5535 * We were not called from zfs_receive_package(). Get
5536 * the fs specified by 'zfs send'.
5537 */
5538 char *cp;
5539 (void) strlcpy(nonpackage_sendfs,
eca7b760
IK		 5540 drr.drr_u.drr_begin.drr_toname,
5541 sizeof (nonpackage_sendfs));
428870ff
BB		 5542 if ((cp = strchr(nonpackage_sendfs, '@')) != NULL)
5543 *cp = '\0';
5544 sendfs = nonpackage_sendfs;
671c9354 5545 VERIFY(finalsnap == NULL);
428870ff 5546 }
fcff0f35
PD		 5547 return (zfs_receive_one(hdl, infd, tosnap, originsnap, flags,
5548 &drr, &drr_noswap, sendfs, stream_nv, stream_avl, top_zfs,
a3eeab2d 5549 cleanup_fd, action_handlep, finalsnap, cmdprops));
428870ff
BB		 5550 } else {
5551 assert(DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) ==
5552 DMU_COMPOUNDSTREAM);
fcff0f35 5553 return (zfs_receive_package(hdl, infd, tosnap, flags, &drr,
a3eeab2d 5554 &zcksum, top_zfs, cleanup_fd, action_handlep, cmdprops));
34dc7c2f
BB		 5555 }
5556}
b128c09f
BB		 5557
5558/*
5559 * Restores a backup of tosnap from the file descriptor specified by infd.
5560 * Return 0 on total success, -2 if some things couldn't be
5561 * destroyed/renamed/promoted, -1 if some things couldn't be received.
47dfff3b
MA		 5562 * (-1 will override -2, if -1 and the resumable flag was specified the
5563 * transfer can be resumed if the sending side supports it).
b128c09f
BB		 5564 */
5565int
fcff0f35
PD		 5566zfs_receive(libzfs_handle_t *hdl, const char *tosnap, nvlist_t *props,
5567 recvflags_t *flags, int infd, avl_tree_t *stream_avl)
b128c09f
BB		 5568{
5569 char *top_zfs = NULL;
5570 int err;
572e2857
BB		 5571 int cleanup_fd;
5572 uint64_t action_handle = 0;
5c3f61eb 5573 struct stat sb;
fcff0f35 5574 char *originsnap = NULL;
5c3f61eb
RY		 5575
5576 /*
5577 * The only way fstat can fail is if we do not have a valid file
5578 * descriptor.
5579 */
5580 if (fstat(infd, &sb) == -1) {
5581 perror("fstat");
5582 return (-2);
5583 }
5584
5c3f61eb
RY		 5585 /*
5586 * It is not uncommon for gigabytes to be processed in zfs receive.
73cdcc63 5587 * Speculatively increase the buffer size if supported by the platform.
5c3f61eb 5588 */
73cdcc63
MM		 5589 if (S_ISFIFO(sb.st_mode))
5590 libzfs_set_pipe_max(infd);
572e2857 5591
fcff0f35
PD		 5592 if (props) {
5593 err = nvlist_lookup_string(props, "origin", &originsnap);
5594 if (err && err != ENOENT)
5595 return (err);
5596 }
5597
d32eff3a 5598 cleanup_fd = open(ZFS_DEV, O_RDWR);
572e2857 5599 VERIFY(cleanup_fd >= 0);
b128c09f 5600
fcff0f35 5601 err = zfs_receive_impl(hdl, tosnap, originsnap, flags, infd, NULL, NULL,
a3eeab2d 5602 stream_avl, &top_zfs, cleanup_fd, &action_handle, NULL, props);
572e2857
BB		 5603
5604 VERIFY(0 == close(cleanup_fd));
b128c09f 5605
bb61cc31 5606 if (err == 0 && !flags->nomount && flags->domount && top_zfs) {
689f093e
GN		 5607 zfs_handle_t *zhp = NULL;
5608 prop_changelist_t *clp = NULL;
b128c09f 5609
bb61cc31
TC		 5610 zhp = zfs_open(hdl, top_zfs,
5611 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
5612 if (zhp == NULL) {
5613 err = -1;
5614 goto out;
5615 } else {
5616 if (zhp->zfs_type == ZFS_TYPE_VOLUME) {
5617 zfs_close(zhp);
5618 goto out;
5619 }
5620
b128c09f 5621 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT,
a57d3d45
MZ		 5622 CL_GATHER_MOUNT_ALWAYS,
5623 flags->forceunmount ? MS_FORCE : 0);
b128c09f 5624 zfs_close(zhp);
bb61cc31
TC		 5625 if (clp == NULL) {
5626 err = -1;
5627 goto out;
b128c09f 5628 }
bb61cc31
TC		 5629
5630 /* mount and share received datasets */
5631 err = changelist_postfix(clp);
5632 changelist_free(clp);
5633 if (err != 0)
5634 err = -1;
b128c09f 5635 }
b128c09f 5636 }
bb61cc31
TC		 5637
5638out:
b128c09f
BB		 5639 if (top_zfs)
5640 free(top_zfs);
5641
5642 return (err);
5643}
ZFS On Linux mirror for PVE