]> git.proxmox.com Git - mirror_zfs.git/blame - module/zfs/zfs_ioctl.c
projects / mirror_zfs.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Do not resume a pool if multihost is enabled
[mirror_zfs.git] / module / zfs / zfs_ioctl.c
CommitLineData
34dc7c2f
BB		 1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
9ae529ec 21
34dc7c2f 22/*
428870ff 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
b129c659 24 * Portions Copyright 2011 Martin Matuska
671c9354 25 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
0cee2406 26 * Portions Copyright 2012 Pawel Jakub Dawidek <pawel@dawidek.net>
005e27e3 27 * Copyright (c) 2014, 2016 Joyent, Inc. All rights reserved.
1b87e0f5 28 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
788eb90c 29 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
b83a0e2d 30 * Copyright (c) 2011, 2018 by Delphix. All rights reserved.
9759c60f 31 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
95fd54a1 32 * Copyright (c) 2013 Steven Hartland. All rights reserved.
e550644f
BB		 33 * Copyright (c) 2014 Integros [integros.com]
34 * Copyright 2016 Toomas Soome <tsoome@me.com>
a0bd735a 35 * Copyright (c) 2016 Actifio, Inc. All rights reserved.
d8d418ff 36 * Copyright (c) 2018, loli10K <ezomori.nozomu@gmail.com>. All rights reserved.
b5256303 37 * Copyright (c) 2017 Datto Inc. All rights reserved.
d12f91fd 38 * Copyright 2017 RackTop Systems.
d3f2cd7e 39 * Copyright (c) 2017 Open-E, Inc. All Rights Reserved.
6f1ffb06
MA		 40 */
41
42/*
43 * ZFS ioctls.
44 *
45 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
46 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
47 *
48 * There are two ways that we handle ioctls: the legacy way where almost
49 * all of the logic is in the ioctl callback, and the new way where most
50 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
51 *
52 * Non-legacy ioctls should be registered by calling
53 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
54 * from userland by lzc_ioctl().
55 *
56 * The registration arguments are as follows:
57 *
58 * const char *name
59 * The name of the ioctl. This is used for history logging. If the
60 * ioctl returns successfully (the callback returns 0), and allow_log
61 * is true, then a history log entry will be recorded with the input &
62 * output nvlists. The log entry can be printed with "zpool history -i".
63 *
64 * zfs_ioc_t ioc
65 * The ioctl request number, which userland will pass to ioctl(2).
b83a0e2d
DB		 66 * We want newer versions of libzfs and libzfs_core to run against
67 * existing zfs kernel modules (i.e. a deferred reboot after an update).
68 * Therefore the ioctl numbers cannot change from release to release.
6f1ffb06
MA		 69 *
70 * zfs_secpolicy_func_t *secpolicy
71 * This function will be called before the zfs_ioc_func_t, to
72 * determine if this operation is permitted. It should return EPERM
73 * on failure, and 0 on success. Checks include determining if the
74 * dataset is visible in this zone, and if the user has either all
75 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
76 * to do this operation on this dataset with "zfs allow".
77 *
78 * zfs_ioc_namecheck_t namecheck
79 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
80 * name, a dataset name, or nothing. If the name is not well-formed,
81 * the ioctl will fail and the callback will not be called.
82 * Therefore, the callback can assume that the name is well-formed
83 * (e.g. is null-terminated, doesn't have more than one '@' character,
84 * doesn't have invalid characters).
85 *
86 * zfs_ioc_poolcheck_t pool_check
87 * This specifies requirements on the pool state. If the pool does
88 * not meet them (is suspended or is readonly), the ioctl will fail
89 * and the callback will not be called. If any checks are specified
90 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
91 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
92 * POOL_CHECK_READONLY).
93 *
b83a0e2d
DB		 94 * zfs_ioc_key_t *nvl_keys
95 * The list of expected/allowable innvl input keys. This list is used
96 * to validate the nvlist input to the ioctl.
97 *
6f1ffb06
MA		 98 * boolean_t smush_outnvlist
99 * If smush_outnvlist is true, then the output is presumed to be a
100 * list of errors, and it will be "smushed" down to fit into the
101 * caller's buffer, by removing some entries and replacing them with a
102 * single "N_MORE_ERRORS" entry indicating how many were removed. See
103 * nvlist_smush() for details. If smush_outnvlist is false, and the
104 * outnvlist does not fit into the userland-provided buffer, then the
105 * ioctl will fail with ENOMEM.
106 *
107 * zfs_ioc_func_t *func
108 * The callback function that will perform the operation.
109 *
110 * The callback should return 0 on success, or an error number on
111 * failure. If the function fails, the userland ioctl will return -1,
112 * and errno will be set to the callback's return value. The callback
113 * will be called with the following arguments:
114 *
115 * const char *name
116 * The name of the pool or dataset to operate on, from
117 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
118 * expected type (pool, dataset, or none).
119 *
120 * nvlist_t *innvl
121 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
122 * NULL if no input nvlist was provided. Changes to this nvlist are
123 * ignored. If the input nvlist could not be deserialized, the
124 * ioctl will fail and the callback will not be called.
125 *
126 * nvlist_t *outnvl
127 * The output nvlist, initially empty. The callback can fill it in,
128 * and it will be returned to userland by serializing it into
129 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
130 * fails (e.g. because the caller didn't supply a large enough
131 * buffer), then the overall ioctl will fail. See the
132 * 'smush_nvlist' argument above for additional behaviors.
133 *
134 * There are two typical uses of the output nvlist:
135 * - To return state, e.g. property values. In this case,
136 * smush_outnvlist should be false. If the buffer was not large
137 * enough, the caller will reallocate a larger buffer and try
138 * the ioctl again.
139 *
140 * - To return multiple errors from an ioctl which makes on-disk
141 * changes. In this case, smush_outnvlist should be true.
142 * Ioctls which make on-disk modifications should generally not
143 * use the outnvl if they succeed, because the caller can not
144 * distinguish between the operation failing, and
145 * deserialization failing.
b83a0e2d
DB		 146 *
147 * IOCTL Interface Errors
148 *
149 * The following ioctl input errors can be returned:
150 * ZFS_ERR_IOC_CMD_UNAVAIL the ioctl number is not supported by kernel
151 * ZFS_ERR_IOC_ARG_UNAVAIL an input argument is not supported by kernel
152 * ZFS_ERR_IOC_ARG_REQUIRED a required input argument is missing
153 * ZFS_ERR_IOC_ARG_BADTYPE an input argument has an invalid type
3541dc6d 154 */
34dc7c2f 155
34dc7c2f
BB		 156#include <sys/types.h>
157#include <sys/param.h>
158#include <sys/errno.h>
159#include <sys/uio.h>
34dc7c2f
BB		 160#include <sys/file.h>
161#include <sys/kmem.h>
34dc7c2f
BB		 162#include <sys/cmn_err.h>
163#include <sys/stat.h>
164#include <sys/zfs_ioctl.h>
428870ff 165#include <sys/zfs_vfsops.h>
34dc7c2f
BB		 166#include <sys/zfs_znode.h>
167#include <sys/zap.h>
168#include <sys/spa.h>
169#include <sys/spa_impl.h>
170#include <sys/vdev.h>
4a283c7f 171#include <sys/vdev_impl.h>
34dc7c2f
BB		 172#include <sys/dmu.h>
173#include <sys/dsl_dir.h>
174#include <sys/dsl_dataset.h>
175#include <sys/dsl_prop.h>
176#include <sys/dsl_deleg.h>
177#include <sys/dmu_objset.h>
37abac6d 178#include <sys/dmu_impl.h>
13fe0198 179#include <sys/dmu_tx.h>
34dc7c2f 180#include <sys/sunddi.h>
34dc7c2f
BB		 181#include <sys/policy.h>
182#include <sys/zone.h>
183#include <sys/nvpair.h>
184#include <sys/pathname.h>
34dc7c2f
BB		 185#include <sys/sdt.h>
186#include <sys/fs/zfs.h>
ebe7e575 187#include <sys/zfs_ctldir.h>
34dc7c2f 188#include <sys/zfs_dir.h>
572e2857 189#include <sys/zfs_onexit.h>
34dc7c2f 190#include <sys/zvol.h>
428870ff 191#include <sys/dsl_scan.h>
325f0235 192#include <sys/fm/util.h>
b5256303 193#include <sys/dsl_crypt.h>
325f0235 194
03916905 195#include <sys/dmu_recv.h>
13fe0198
MA		 196#include <sys/dmu_send.h>
197#include <sys/dsl_destroy.h>
da536844 198#include <sys/dsl_bookmark.h>
13fe0198 199#include <sys/dsl_userhold.h>
9759c60f 200#include <sys/zfeature.h>
d99a0153 201#include <sys/zcp.h>
3c67d83a 202#include <sys/zio_checksum.h>
a1d477c2 203#include <sys/vdev_removal.h>
e8bcb693 204#include <sys/zfs_sysfs.h>
619f0976
GW		 205#include <sys/vdev_impl.h>
206#include <sys/vdev_initialize.h>
9759c60f 207
325f0235 208#include <linux/miscdevice.h>
f74b821a 209#include <linux/slab.h>
34dc7c2f
BB		 210
211#include "zfs_namecheck.h"
212#include "zfs_prop.h"
213#include "zfs_deleg.h"
428870ff 214#include "zfs_comutil.h"
34dc7c2f 215
d99a0153
CW		 216#include <sys/lua/lua.h>
217#include <sys/lua/lauxlib.h>
218
f74b821a
BB		 219/*
220 * Limit maximum nvlist size. We don't want users passing in insane values
221 * for zc->zc_nvlist_src_size, since we will need to allocate that much memory.
222 */
223#define MAX_NVLIST_SRC_SIZE KMALLOC_MAX_SIZE
224
325f0235 225kmutex_t zfsdev_state_lock;
3937ab20 226zfsdev_state_t *zfsdev_state_list;
34dc7c2f
BB		 227
228extern void zfs_init(void);
229extern void zfs_fini(void);
230
6f1ffb06
MA		 231uint_t zfs_fsyncer_key;
232extern uint_t rrw_tsd_key;
233static uint_t zfs_allow_log_key;
234
235typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
236typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
237typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
34dc7c2f 238
b83a0e2d
DB		 239/*
240 * IOC Keys are used to document and validate user->kernel interface inputs.
241 * See zfs_keys_recv_new for an example declaration. Any key name that is not
242 * listed will be rejected as input.
243 *
244 * The keyname 'optional' is always allowed, and must be an nvlist if present.
245 * Arguments which older kernels can safely ignore can be placed under the
246 * "optional" key.
247 *
248 * When adding new keys to an existing ioc for new functionality, consider:
249 * - adding an entry into zfs_sysfs.c zfs_features[] list
250 * - updating the libzfs_input_check.c test utility
251 *
252 * Note: in the ZK_WILDCARDLIST case, the name serves as documentation
253 * for the expected name (bookmark, snapshot, property, etc) but there
254 * is no validation in the preflight zfs_check_input_nvpairs() check.
255 */
256typedef enum {
257 ZK_OPTIONAL = 1 << 0, /* pair is optional */
258 ZK_WILDCARDLIST = 1 << 1, /* one or more unspecified key names */
259} ioc_key_flag_t;
260
261/* DATA_TYPE_ANY is used when zkey_type can vary. */
262#define DATA_TYPE_ANY DATA_TYPE_UNKNOWN
263
264typedef struct zfs_ioc_key {
265 const char *zkey_name;
266 data_type_t zkey_type;
267 ioc_key_flag_t zkey_flags;
268} zfs_ioc_key_t;
269
9babb374
BB		 270typedef enum {
271 NO_NAME,
272 POOL_NAME,
273 DATASET_NAME
274} zfs_ioc_namecheck_t;
275
572e2857
BB		 276typedef enum {
277 POOL_CHECK_NONE = 1 << 0,
278 POOL_CHECK_SUSPENDED = 1 << 1,
6f1ffb06 279 POOL_CHECK_READONLY = 1 << 2,
572e2857
BB		 280} zfs_ioc_poolcheck_t;
281
34dc7c2f 282typedef struct zfs_ioc_vec {
6f1ffb06 283 zfs_ioc_legacy_func_t *zvec_legacy_func;
34dc7c2f
BB		 284 zfs_ioc_func_t *zvec_func;
285 zfs_secpolicy_func_t *zvec_secpolicy;
9babb374 286 zfs_ioc_namecheck_t zvec_namecheck;
6f1ffb06 287 boolean_t zvec_allow_log;
572e2857 288 zfs_ioc_poolcheck_t zvec_pool_check;
6f1ffb06
MA		 289 boolean_t zvec_smush_outnvlist;
290 const char *zvec_name;
b83a0e2d
DB		 291 const zfs_ioc_key_t *zvec_nvl_keys;
292 size_t zvec_nvl_key_count;
34dc7c2f
BB		 293} zfs_ioc_vec_t;
294
9babb374
BB		 295/* This array is indexed by zfs_userquota_prop_t */
296static const char *userquota_perms[] = {
297 ZFS_DELEG_PERM_USERUSED,
298 ZFS_DELEG_PERM_USERQUOTA,
299 ZFS_DELEG_PERM_GROUPUSED,
300 ZFS_DELEG_PERM_GROUPQUOTA,
1de321e6
JX		 301 ZFS_DELEG_PERM_USEROBJUSED,
302 ZFS_DELEG_PERM_USEROBJQUOTA,
303 ZFS_DELEG_PERM_GROUPOBJUSED,
304 ZFS_DELEG_PERM_GROUPOBJQUOTA,
9c5167d1
NF		 305 ZFS_DELEG_PERM_PROJECTUSED,
306 ZFS_DELEG_PERM_PROJECTQUOTA,
307 ZFS_DELEG_PERM_PROJECTOBJUSED,
308 ZFS_DELEG_PERM_PROJECTOBJQUOTA,
9babb374
BB		 309};
310
311static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
9c5167d1 312static int zfs_ioc_id_quota_upgrade(zfs_cmd_t *zc);
428870ff
BB		 313static int zfs_check_settable(const char *name, nvpair_t *property,
314 cred_t *cr);
315static int zfs_check_clearable(char *dataset, nvlist_t *props,
316 nvlist_t **errors);
b128c09f
BB		 317static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
318 boolean_t *);
6f1ffb06
MA		 319int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
320static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
b128c09f 321
34dc7c2f
BB		 322static void
323history_str_free(char *buf)
324{
325 kmem_free(buf, HIS_MAX_RECORD_LEN);
326}
327
328static char *
329history_str_get(zfs_cmd_t *zc)
330{
331 char *buf;
332
b8864a23 333 if (zc->zc_history == 0)
34dc7c2f
BB		 334 return (NULL);
335
efcd79a8 336 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
34dc7c2f
BB		 337 if (copyinstr((void *)(uintptr_t)zc->zc_history,
338 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
339 history_str_free(buf);
340 return (NULL);
341 }
342
343 buf[HIS_MAX_RECORD_LEN -1] = '\0';
344
345 return (buf);
346}
347
348/*
b128c09f
BB		 349 * Check to see if the named dataset is currently defined as bootable
350 */
351static boolean_t
352zfs_is_bootfs(const char *name)
353{
428870ff 354 objset_t *os;
b128c09f 355
428870ff
BB		 356 if (dmu_objset_hold(name, FTAG, &os) == 0) {
357 boolean_t ret;
358 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
359 dmu_objset_rele(os, FTAG);
360 return (ret);
b128c09f 361 }
428870ff 362 return (B_FALSE);
b128c09f
BB		 363}
364
365/*
d3cc8b15 366 * Return non-zero if the spa version is less than requested version.
34dc7c2f
BB		 367 */
368static int
b128c09f 369zfs_earlier_version(const char *name, int version)
34dc7c2f 370{
34dc7c2f
BB		 371 spa_t *spa;
372
373 if (spa_open(name, &spa, FTAG) == 0) {
374 if (spa_version(spa) < version) {
375 spa_close(spa, FTAG);
376 return (1);
377 }
378 spa_close(spa, FTAG);
379 }
380 return (0);
381}
382
383/*
b128c09f 384 * Return TRUE if the ZPL version is less than requested version.
34dc7c2f 385 */
b128c09f
BB		 386static boolean_t
387zpl_earlier_version(const char *name, int version)
34dc7c2f
BB		 388{
389 objset_t *os;
b128c09f 390 boolean_t rc = B_TRUE;
34dc7c2f 391
428870ff 392 if (dmu_objset_hold(name, FTAG, &os) == 0) {
b128c09f 393 uint64_t zplversion;
34dc7c2f 394
428870ff
BB		 395 if (dmu_objset_type(os) != DMU_OST_ZFS) {
396 dmu_objset_rele(os, FTAG);
397 return (B_TRUE);
398 }
399 /* XXX reading from non-owned objset */
b128c09f
BB		 400 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
401 rc = zplversion < version;
428870ff 402 dmu_objset_rele(os, FTAG);
34dc7c2f
BB		 403 }
404 return (rc);
405}
406
407static void
408zfs_log_history(zfs_cmd_t *zc)
409{
410 spa_t *spa;
411 char *buf;
412
413 if ((buf = history_str_get(zc)) == NULL)
414 return;
415
416 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
417 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
6f1ffb06 418 (void) spa_history_log(spa, buf);
34dc7c2f
BB		 419 spa_close(spa, FTAG);
420 }
421 history_str_free(buf);
422}
423
424/*
425 * Policy for top-level read operations (list pools). Requires no privileges,
426 * and can be used in the local zone, as there is no associated dataset.
427 */
428/* ARGSUSED */
429static int
6f1ffb06 430zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 431{
432 return (0);
433}
434
435/*
436 * Policy for dataset read operations (list children, get statistics). Requires
437 * no privileges, but must be visible in the local zone.
438 */
439/* ARGSUSED */
440static int
6f1ffb06 441zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 442{
443 if (INGLOBALZONE(curproc) ||
444 zone_dataset_visible(zc->zc_name, NULL))
445 return (0);
446
2e528b49 447 return (SET_ERROR(ENOENT));
34dc7c2f
BB		 448}
449
450static int
572e2857 451zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
34dc7c2f 452{
34dc7c2f
BB		 453 int writable = 1;
454
455 /*
456 * The dataset must be visible by this zone -- check this first
457 * so they don't see EPERM on something they shouldn't know about.
458 */
459 if (!INGLOBALZONE(curproc) &&
460 !zone_dataset_visible(dataset, &writable))
2e528b49 461 return (SET_ERROR(ENOENT));
34dc7c2f 462
34dc7c2f
BB		 463 if (INGLOBALZONE(curproc)) {
464 /*
465 * If the fs is zoned, only root can access it from the
466 * global zone.
467 */
468 if (secpolicy_zfs(cr) && zoned)
2e528b49 469 return (SET_ERROR(EPERM));
34dc7c2f
BB		 470 } else {
471 /*
472 * If we are in a local zone, the 'zoned' property must be set.
473 */
474 if (!zoned)
2e528b49 475 return (SET_ERROR(EPERM));
34dc7c2f
BB		 476
477 /* must be writable by this zone */
478 if (!writable)
2e528b49 479 return (SET_ERROR(EPERM));
34dc7c2f
BB		 480 }
481 return (0);
482}
483
572e2857
BB		 484static int
485zfs_dozonecheck(const char *dataset, cred_t *cr)
486{
487 uint64_t zoned;
488
489 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
2e528b49 490 return (SET_ERROR(ENOENT));
572e2857
BB		 491
492 return (zfs_dozonecheck_impl(dataset, zoned, cr));
493}
494
495static int
496zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
497{
498 uint64_t zoned;
499
13fe0198 500 if (dsl_prop_get_int_ds(ds, "zoned", &zoned))
2e528b49 501 return (SET_ERROR(ENOENT));
572e2857
BB		 502
503 return (zfs_dozonecheck_impl(dataset, zoned, cr));
504}
505
6f1ffb06 506static int
13fe0198
MA		 507zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
508 const char *perm, cred_t *cr)
34dc7c2f
BB		 509{
510 int error;
511
330d06f9 512 error = zfs_dozonecheck_ds(name, ds, cr);
34dc7c2f
BB		 513 if (error == 0) {
514 error = secpolicy_zfs(cr);
13fe0198 515 if (error != 0)
6f1ffb06 516 error = dsl_deleg_access_impl(ds, perm, cr);
34dc7c2f
BB		 517 }
518 return (error);
519}
520
6f1ffb06 521static int
13fe0198 522zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
572e2857
BB		 523{
524 int error;
13fe0198
MA		 525 dsl_dataset_t *ds;
526 dsl_pool_t *dp;
572e2857 527
e88551d5
GM		 528 /*
529 * First do a quick check for root in the global zone, which
530 * is allowed to do all write_perms. This ensures that zfs_ioc_*
531 * will get to handle nonexistent datasets.
532 */
533 if (INGLOBALZONE(curproc) && secpolicy_zfs(cr) == 0)
534 return (0);
535
13fe0198
MA		 536 error = dsl_pool_hold(name, FTAG, &dp);
537 if (error != 0)
538 return (error);
539
540 error = dsl_dataset_hold(dp, name, FTAG, &ds);
541 if (error != 0) {
542 dsl_pool_rele(dp, FTAG);
543 return (error);
572e2857 544 }
13fe0198
MA		 545
546 error = zfs_secpolicy_write_perms_ds(name, ds, perm, cr);
547
548 dsl_dataset_rele(ds, FTAG);
549 dsl_pool_rele(dp, FTAG);
572e2857
BB		 550 return (error);
551}
552
428870ff
BB		 553/*
554 * Policy for setting the security label property.
555 *
556 * Returns 0 for success, non-zero for access and other errors.
557 */
34dc7c2f 558static int
428870ff 559zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
34dc7c2f 560{
d2c15e84 561#ifdef HAVE_MLSLABEL
428870ff
BB		 562 char ds_hexsl[MAXNAMELEN];
563 bslabel_t ds_sl, new_sl;
564 boolean_t new_default = FALSE;
565 uint64_t zoned;
566 int needed_priv = -1;
567 int error;
568
569 /* First get the existing dataset label. */
570 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
571 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
13fe0198 572 if (error != 0)
2e528b49 573 return (SET_ERROR(EPERM));
428870ff
BB		 574
575 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
576 new_default = TRUE;
577
578 /* The label must be translatable */
579 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
2e528b49 580 return (SET_ERROR(EINVAL));
428870ff
BB		 581
582 /*
583 * In a non-global zone, disallow attempts to set a label that
584 * doesn't match that of the zone; otherwise no other checks
585 * are needed.
586 */
587 if (!INGLOBALZONE(curproc)) {
588 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
2e528b49 589 return (SET_ERROR(EPERM));
428870ff
BB		 590 return (0);
591 }
592
593 /*
594 * For global-zone datasets (i.e., those whose zoned property is
595 * "off", verify that the specified new label is valid for the
596 * global zone.
597 */
598 if (dsl_prop_get_integer(name,
599 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
2e528b49 600 return (SET_ERROR(EPERM));
428870ff
BB		 601 if (!zoned) {
602 if (zfs_check_global_label(name, strval) != 0)
2e528b49 603 return (SET_ERROR(EPERM));
428870ff
BB		 604 }
605
606 /*
607 * If the existing dataset label is nondefault, check if the
608 * dataset is mounted (label cannot be changed while mounted).
0037b49e 609 * Get the zfsvfs_t; if there isn't one, then the dataset isn't
428870ff
BB		 610 * mounted (or isn't a dataset, doesn't exist, ...).
611 */
612 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
613 objset_t *os;
614 static char *setsl_tag = "setsl_tag";
615
616 /*
617 * Try to own the dataset; abort if there is any error,
618 * (e.g., already mounted, in use, or other error).
619 */
b5256303 620 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE, B_TRUE,
428870ff 621 setsl_tag, &os);
13fe0198 622 if (error != 0)
2e528b49 623 return (SET_ERROR(EPERM));
428870ff 624
b5256303 625 dmu_objset_disown(os, B_TRUE, setsl_tag);
428870ff
BB		 626
627 if (new_default) {
628 needed_priv = PRIV_FILE_DOWNGRADE_SL;
629 goto out_check;
630 }
631
632 if (hexstr_to_label(strval, &new_sl) != 0)
2e528b49 633 return (SET_ERROR(EPERM));
428870ff
BB		 634
635 if (blstrictdom(&ds_sl, &new_sl))
636 needed_priv = PRIV_FILE_DOWNGRADE_SL;
637 else if (blstrictdom(&new_sl, &ds_sl))
638 needed_priv = PRIV_FILE_UPGRADE_SL;
639 } else {
640 /* dataset currently has a default label */
641 if (!new_default)
642 needed_priv = PRIV_FILE_UPGRADE_SL;
643 }
644
645out_check:
646 if (needed_priv != -1)
647 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
648 return (0);
d2c15e84 649#else
ecb2b7dc 650 return (SET_ERROR(ENOTSUP));
d2c15e84 651#endif /* HAVE_MLSLABEL */
428870ff
BB		 652}
653
654static int
655zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
656 cred_t *cr)
657{
658 char *strval;
659
34dc7c2f
BB		 660 /*
661 * Check permissions for special properties.
662 */
663 switch (prop) {
e75c13c3
BB		 664 default:
665 break;
34dc7c2f
BB		 666 case ZFS_PROP_ZONED:
667 /*
668 * Disallow setting of 'zoned' from within a local zone.
669 */
670 if (!INGLOBALZONE(curproc))
2e528b49 671 return (SET_ERROR(EPERM));
34dc7c2f
BB		 672 break;
673
674 case ZFS_PROP_QUOTA:
788eb90c
JJ		 675 case ZFS_PROP_FILESYSTEM_LIMIT:
676 case ZFS_PROP_SNAPSHOT_LIMIT:
34dc7c2f
BB		 677 if (!INGLOBALZONE(curproc)) {
678 uint64_t zoned;
eca7b760 679 char setpoint[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 680 /*
681 * Unprivileged users are allowed to modify the
788eb90c 682 * limit on things *under* (ie. contained by)
34dc7c2f
BB		 683 * the thing they own.
684 */
428870ff 685 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
34dc7c2f 686 setpoint))
2e528b49 687 return (SET_ERROR(EPERM));
428870ff 688 if (!zoned || strlen(dsname) <= strlen(setpoint))
2e528b49 689 return (SET_ERROR(EPERM));
34dc7c2f
BB		 690 }
691 break;
428870ff
BB		 692
693 case ZFS_PROP_MLSLABEL:
694 if (!is_system_labeled())
2e528b49 695 return (SET_ERROR(EPERM));
428870ff
BB		 696
697 if (nvpair_value_string(propval, &strval) == 0) {
698 int err;
699
700 err = zfs_set_slabel_policy(dsname, strval, CRED());
701 if (err != 0)
702 return (err);
703 }
704 break;
34dc7c2f
BB		 705 }
706
428870ff 707 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
34dc7c2f
BB		 708}
709
6f1ffb06
MA		 710/* ARGSUSED */
711static int
712zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 713{
714 int error;
715
716 error = zfs_dozonecheck(zc->zc_name, cr);
13fe0198 717 if (error != 0)
34dc7c2f
BB		 718 return (error);
719
720 /*
721 * permission to set permissions will be evaluated later in
722 * dsl_deleg_can_allow()
723 */
724 return (0);
725}
726
6f1ffb06
MA		 727/* ARGSUSED */
728static int
729zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 730{
428870ff
BB		 731 return (zfs_secpolicy_write_perms(zc->zc_name,
732 ZFS_DELEG_PERM_ROLLBACK, cr));
34dc7c2f
BB		 733}
734
6f1ffb06
MA		 735/* ARGSUSED */
736static int
737zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 738{
572e2857
BB		 739 dsl_pool_t *dp;
740 dsl_dataset_t *ds;
741 char *cp;
742 int error;
743
744 /*
745 * Generate the current snapshot name from the given objsetid, then
746 * use that name for the secpolicy/zone checks.
747 */
748 cp = strchr(zc->zc_name, '@');
749 if (cp == NULL)
2e528b49 750 return (SET_ERROR(EINVAL));
13fe0198
MA		 751 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
752 if (error != 0)
572e2857
BB		 753 return (error);
754
572e2857 755 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
13fe0198
MA		 756 if (error != 0) {
757 dsl_pool_rele(dp, FTAG);
572e2857 758 return (error);
13fe0198 759 }
572e2857
BB		 760
761 dsl_dataset_name(ds, zc->zc_name);
762
763 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
764 ZFS_DELEG_PERM_SEND, cr);
765 dsl_dataset_rele(ds, FTAG);
13fe0198 766 dsl_pool_rele(dp, FTAG);
572e2857
BB		 767
768 return (error);
34dc7c2f
BB		 769}
770
6f1ffb06
MA		 771/* ARGSUSED */
772static int
773zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
774{
775 return (zfs_secpolicy_write_perms(zc->zc_name,
776 ZFS_DELEG_PERM_SEND, cr));
777}
778
34dc7c2f 779int
6f1ffb06 780zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 781{
2e528b49 782 return (SET_ERROR(ENOTSUP));
9babb374 783}
34dc7c2f 784
9babb374 785int
6f1ffb06 786zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
9babb374 787{
2e528b49 788 return (SET_ERROR(ENOTSUP));
34dc7c2f
BB		 789}
790
791static int
792zfs_get_parent(const char *datasetname, char *parent, int parentsize)
793{
794 char *cp;
795
796 /*
797 * Remove the @bla or /bla from the end of the name to get the parent.
798 */
799 (void) strncpy(parent, datasetname, parentsize);
800 cp = strrchr(parent, '@');
801 if (cp != NULL) {
802 cp[0] = '\0';
803 } else {
804 cp = strrchr(parent, '/');
805 if (cp == NULL)
2e528b49 806 return (SET_ERROR(ENOENT));
34dc7c2f
BB		 807 cp[0] = '\0';
808 }
809
810 return (0);
811}
812
813int
814zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
815{
816 int error;
817
818 if ((error = zfs_secpolicy_write_perms(name,
819 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
820 return (error);
821
822 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
823}
824
6f1ffb06 825/* ARGSUSED */
34dc7c2f 826static int
6f1ffb06 827zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 828{
829 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
830}
831
832/*
428870ff 833 * Destroying snapshots with delegated permissions requires
6f1ffb06 834 * descendant mount and destroy permissions.
34dc7c2f 835 */
6f1ffb06 836/* ARGSUSED */
34dc7c2f 837static int
6f1ffb06 838zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 839{
6f1ffb06
MA		 840 nvlist_t *snaps;
841 nvpair_t *pair, *nextpair;
842 int error = 0;
428870ff 843
b83a0e2d
DB		 844 snaps = fnvlist_lookup_nvlist(innvl, "snaps");
845
6f1ffb06
MA		 846 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
847 pair = nextpair) {
6f1ffb06 848 nextpair = nvlist_next_nvpair(snaps, pair);
da536844
MA		 849 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
850 if (error == ENOENT) {
6f1ffb06
MA		 851 /*
852 * Ignore any snapshots that don't exist (we consider
853 * them "already destroyed"). Remove the name from the
854 * nvl here in case the snapshot is created between
855 * now and when we try to destroy it (in which case
856 * we don't want to destroy it since we haven't
857 * checked for permission).
858 */
859 fnvlist_remove_nvpair(snaps, pair);
860 error = 0;
6f1ffb06 861 }
6f1ffb06
MA		 862 if (error != 0)
863 break;
864 }
428870ff 865
428870ff 866 return (error);
34dc7c2f
BB		 867}
868
869int
870zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
871{
eca7b760 872 char parentname[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f
BB		 873 int error;
874
875 if ((error = zfs_secpolicy_write_perms(from,
876 ZFS_DELEG_PERM_RENAME, cr)) != 0)
877 return (error);
878
879 if ((error = zfs_secpolicy_write_perms(from,
880 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
881 return (error);
882
883 if ((error = zfs_get_parent(to, parentname,
884 sizeof (parentname))) != 0)
885 return (error);
886
887 if ((error = zfs_secpolicy_write_perms(parentname,
888 ZFS_DELEG_PERM_CREATE, cr)) != 0)
889 return (error);
890
891 if ((error = zfs_secpolicy_write_perms(parentname,
892 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
893 return (error);
894
895 return (error);
896}
897
6f1ffb06 898/* ARGSUSED */
34dc7c2f 899static int
6f1ffb06 900zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 901{
902 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
903}
904
6f1ffb06 905/* ARGSUSED */
34dc7c2f 906static int
6f1ffb06 907zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 908{
13fe0198
MA		 909 dsl_pool_t *dp;
910 dsl_dataset_t *clone;
34dc7c2f
BB		 911 int error;
912
913 error = zfs_secpolicy_write_perms(zc->zc_name,
914 ZFS_DELEG_PERM_PROMOTE, cr);
13fe0198
MA		 915 if (error != 0)
916 return (error);
917
918 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
919 if (error != 0)
34dc7c2f
BB		 920 return (error);
921
13fe0198 922 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &clone);
34dc7c2f
BB		 923
924 if (error == 0) {
eca7b760 925 char parentname[ZFS_MAX_DATASET_NAME_LEN];
13fe0198 926 dsl_dataset_t *origin = NULL;
34dc7c2f 927 dsl_dir_t *dd;
13fe0198 928 dd = clone->ds_dir;
34dc7c2f 929
b128c09f 930 error = dsl_dataset_hold_obj(dd->dd_pool,
d683ddbb 931 dsl_dir_phys(dd)->dd_origin_obj, FTAG, &origin);
13fe0198
MA		 932 if (error != 0) {
933 dsl_dataset_rele(clone, FTAG);
934 dsl_pool_rele(dp, FTAG);
34dc7c2f
BB		 935 return (error);
936 }
937
13fe0198 938 error = zfs_secpolicy_write_perms_ds(zc->zc_name, clone,
34dc7c2f
BB		 939 ZFS_DELEG_PERM_MOUNT, cr);
940
13fe0198
MA		 941 dsl_dataset_name(origin, parentname);
942 if (error == 0) {
943 error = zfs_secpolicy_write_perms_ds(parentname, origin,
34dc7c2f 944 ZFS_DELEG_PERM_PROMOTE, cr);
13fe0198
MA		 945 }
946 dsl_dataset_rele(clone, FTAG);
947 dsl_dataset_rele(origin, FTAG);
34dc7c2f 948 }
13fe0198 949 dsl_pool_rele(dp, FTAG);
34dc7c2f
BB		 950 return (error);
951}
952
6f1ffb06 953/* ARGSUSED */
34dc7c2f 954static int
6f1ffb06 955zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 956{
957 int error;
958
959 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
960 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
961 return (error);
962
963 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
964 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
965 return (error);
966
967 return (zfs_secpolicy_write_perms(zc->zc_name,
968 ZFS_DELEG_PERM_CREATE, cr));
969}
970
43e52edd
BB		 971/* ARGSUSED */
972static int
973zfs_secpolicy_recv_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
974{
975 return (zfs_secpolicy_recv(zc, innvl, cr));
976}
977
34dc7c2f
BB		 978int
979zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
980{
428870ff
BB		 981 return (zfs_secpolicy_write_perms(name,
982 ZFS_DELEG_PERM_SNAPSHOT, cr));
34dc7c2f
BB		 983}
984
6f1ffb06
MA		 985/*
986 * Check for permission to create each snapshot in the nvlist.
987 */
988/* ARGSUSED */
34dc7c2f 989static int
6f1ffb06 990zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 991{
6f1ffb06
MA		 992 nvlist_t *snaps;
993 int error = 0;
994 nvpair_t *pair;
995
b83a0e2d
DB		 996 snaps = fnvlist_lookup_nvlist(innvl, "snaps");
997
6f1ffb06
MA		 998 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
999 pair = nvlist_next_nvpair(snaps, pair)) {
1000 char *name = nvpair_name(pair);
1001 char *atp = strchr(name, '@');
34dc7c2f 1002
6f1ffb06 1003 if (atp == NULL) {
2e528b49 1004 error = SET_ERROR(EINVAL);
6f1ffb06
MA		 1005 break;
1006 }
1007 *atp = '\0';
1008 error = zfs_secpolicy_snapshot_perms(name, cr);
1009 *atp = '@';
1010 if (error != 0)
1011 break;
1012 }
1013 return (error);
1014}
1015
da536844 1016/*
b83a0e2d 1017 * Check for permission to create each bookmark in the nvlist.
da536844
MA		 1018 */
1019/* ARGSUSED */
1020static int
1021zfs_secpolicy_bookmark(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1022{
1023 int error = 0;
da536844 1024
1c27024e 1025 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
da536844
MA		 1026 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
1027 char *name = nvpair_name(pair);
1028 char *hashp = strchr(name, '#');
1029
1030 if (hashp == NULL) {
1031 error = SET_ERROR(EINVAL);
1032 break;
1033 }
1034 *hashp = '\0';
1035 error = zfs_secpolicy_write_perms(name,
1036 ZFS_DELEG_PERM_BOOKMARK, cr);
1037 *hashp = '#';
1038 if (error != 0)
1039 break;
1040 }
1041 return (error);
1042}
1043
a1d477c2
MA		 1044/* ARGSUSED */
1045static int
1046zfs_secpolicy_remap(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1047{
1048 return (zfs_secpolicy_write_perms(zc->zc_name,
1049 ZFS_DELEG_PERM_REMAP, cr));
1050}
1051
da536844
MA		 1052/* ARGSUSED */
1053static int
1054zfs_secpolicy_destroy_bookmarks(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1055{
1056 nvpair_t *pair, *nextpair;
1057 int error = 0;
1058
1059 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1060 pair = nextpair) {
1061 char *name = nvpair_name(pair);
1062 char *hashp = strchr(name, '#');
1063 nextpair = nvlist_next_nvpair(innvl, pair);
1064
1065 if (hashp == NULL) {
1066 error = SET_ERROR(EINVAL);
1067 break;
1068 }
1069
1070 *hashp = '\0';
1071 error = zfs_secpolicy_write_perms(name,
1072 ZFS_DELEG_PERM_DESTROY, cr);
1073 *hashp = '#';
1074 if (error == ENOENT) {
1075 /*
1076 * Ignore any filesystems that don't exist (we consider
1077 * their bookmarks "already destroyed"). Remove
1078 * the name from the nvl here in case the filesystem
1079 * is created between now and when we try to destroy
1080 * the bookmark (in which case we don't want to
1081 * destroy it since we haven't checked for permission).
1082 */
1083 fnvlist_remove_nvpair(innvl, pair);
1084 error = 0;
1085 }
1086 if (error != 0)
1087 break;
1088 }
1089
1090 return (error);
1091}
1092
6f1ffb06
MA		 1093/* ARGSUSED */
1094static int
1095zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1096{
1097 /*
1098 * Even root must have a proper TSD so that we know what pool
1099 * to log to.
1100 */
1101 if (tsd_get(zfs_allow_log_key) == NULL)
2e528b49 1102 return (SET_ERROR(EPERM));
6f1ffb06 1103 return (0);
34dc7c2f
BB		 1104}
1105
1106static int
6f1ffb06 1107zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f 1108{
eca7b760 1109 char parentname[ZFS_MAX_DATASET_NAME_LEN];
428870ff 1110 int error;
6f1ffb06 1111 char *origin;
34dc7c2f
BB		 1112
1113 if ((error = zfs_get_parent(zc->zc_name, parentname,
1114 sizeof (parentname))) != 0)
1115 return (error);
1116
6f1ffb06
MA		 1117 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1118 (error = zfs_secpolicy_write_perms(origin,
1119 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1120 return (error);
34dc7c2f
BB		 1121
1122 if ((error = zfs_secpolicy_write_perms(parentname,
1123 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1124 return (error);
1125
6f1ffb06
MA		 1126 return (zfs_secpolicy_write_perms(parentname,
1127 ZFS_DELEG_PERM_MOUNT, cr));
34dc7c2f
BB		 1128}
1129
34dc7c2f
BB		 1130/*
1131 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1132 * SYS_CONFIG privilege, which is not available in a local zone.
1133 */
1134/* ARGSUSED */
1135static int
6f1ffb06 1136zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 1137{
1138 if (secpolicy_sys_config(cr, B_FALSE) != 0)
2e528b49 1139 return (SET_ERROR(EPERM));
34dc7c2f
BB		 1140
1141 return (0);
1142}
1143
572e2857
BB		 1144/*
1145 * Policy for object to name lookups.
1146 */
1147/* ARGSUSED */
1148static int
6f1ffb06 1149zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
572e2857
BB		 1150{
1151 int error;
1152
1153 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1154 return (0);
1155
1156 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1157 return (error);
1158}
1159
34dc7c2f
BB		 1160/*
1161 * Policy for fault injection. Requires all privileges.
1162 */
1163/* ARGSUSED */
1164static int
6f1ffb06 1165zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 1166{
1167 return (secpolicy_zinject(cr));
1168}
1169
6f1ffb06 1170/* ARGSUSED */
34dc7c2f 1171static int
6f1ffb06 1172zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
34dc7c2f
BB		 1173{
1174 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1175
1176 if (prop == ZPROP_INVAL) {
1177 if (!zfs_prop_user(zc->zc_value))
2e528b49 1178 return (SET_ERROR(EINVAL));
34dc7c2f
BB		 1179 return (zfs_secpolicy_write_perms(zc->zc_name,
1180 ZFS_DELEG_PERM_USERPROP, cr));
1181 } else {
428870ff
BB		 1182 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1183 NULL, cr));
34dc7c2f
BB		 1184 }
1185}
1186
9babb374 1187static int
6f1ffb06 1188zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
9babb374 1189{
6f1ffb06 1190 int err = zfs_secpolicy_read(zc, innvl, cr);
9babb374
BB		 1191 if (err)
1192 return (err);
1193
1194 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
2e528b49 1195 return (SET_ERROR(EINVAL));
9babb374
BB		 1196
1197 if (zc->zc_value[0] == 0) {
1198 /*
1199 * They are asking about a posix uid/gid. If it's
1200 * themself, allow it.
1201 */
1202 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1de321e6
JX		 1203 zc->zc_objset_type == ZFS_PROP_USERQUOTA ||
1204 zc->zc_objset_type == ZFS_PROP_USEROBJUSED ||
1205 zc->zc_objset_type == ZFS_PROP_USEROBJQUOTA) {
9babb374
BB		 1206 if (zc->zc_guid == crgetuid(cr))
1207 return (0);
9c5167d1
NF		 1208 } else if (zc->zc_objset_type == ZFS_PROP_GROUPUSED ||
1209 zc->zc_objset_type == ZFS_PROP_GROUPQUOTA ||
1210 zc->zc_objset_type == ZFS_PROP_GROUPOBJUSED ||
1211 zc->zc_objset_type == ZFS_PROP_GROUPOBJQUOTA) {
9babb374
BB		 1212 if (groupmember(zc->zc_guid, cr))
1213 return (0);
1214 }
9c5167d1 1215 /* else is for project quota/used */
9babb374
BB		 1216 }
1217
1218 return (zfs_secpolicy_write_perms(zc->zc_name,
1219 userquota_perms[zc->zc_objset_type], cr));
1220}
1221
1222static int
6f1ffb06 1223zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
9babb374 1224{
6f1ffb06 1225 int err = zfs_secpolicy_read(zc, innvl, cr);
9babb374
BB		 1226 if (err)
1227 return (err);
1228
1229 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
2e528b49 1230 return (SET_ERROR(EINVAL));
9babb374
BB		 1231
1232 return (zfs_secpolicy_write_perms(zc->zc_name,
1233 userquota_perms[zc->zc_objset_type], cr));
1234}
1235
6f1ffb06 1236/* ARGSUSED */
9babb374 1237static int
6f1ffb06 1238zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
9babb374 1239{
428870ff
BB		 1240 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1241 NULL, cr));
9babb374
BB		 1242}
1243
6f1ffb06 1244/* ARGSUSED */
45d1cae3 1245static int
6f1ffb06 1246zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
45d1cae3 1247{
13fe0198
MA		 1248 nvpair_t *pair;
1249 nvlist_t *holds;
1250 int error;
1251
b83a0e2d 1252 holds = fnvlist_lookup_nvlist(innvl, "holds");
13fe0198
MA		 1253
1254 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
1255 pair = nvlist_next_nvpair(holds, pair)) {
eca7b760 1256 char fsname[ZFS_MAX_DATASET_NAME_LEN];
13fe0198
MA		 1257 error = dmu_fsname(nvpair_name(pair), fsname);
1258 if (error != 0)
1259 return (error);
1260 error = zfs_secpolicy_write_perms(fsname,
1261 ZFS_DELEG_PERM_HOLD, cr);
1262 if (error != 0)
1263 return (error);
1264 }
1265 return (0);
45d1cae3
BB		 1266}
1267
6f1ffb06 1268/* ARGSUSED */
45d1cae3 1269static int
6f1ffb06 1270zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
45d1cae3 1271{
13fe0198
MA		 1272 nvpair_t *pair;
1273 int error;
1274
1275 for (pair = nvlist_next_nvpair(innvl, NULL); pair != NULL;
1276 pair = nvlist_next_nvpair(innvl, pair)) {
eca7b760 1277 char fsname[ZFS_MAX_DATASET_NAME_LEN];
13fe0198
MA		 1278 error = dmu_fsname(nvpair_name(pair), fsname);
1279 if (error != 0)
1280 return (error);
1281 error = zfs_secpolicy_write_perms(fsname,
1282 ZFS_DELEG_PERM_RELEASE, cr);
1283 if (error != 0)
1284 return (error);
1285 }
1286 return (0);
45d1cae3
BB		 1287}
1288
572e2857
BB		 1289/*
1290 * Policy for allowing temporary snapshots to be taken or released
1291 */
1292static int
6f1ffb06 1293zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
572e2857
BB		 1294{
1295 /*
1296 * A temporary snapshot is the same as a snapshot,
1297 * hold, destroy and release all rolled into one.
1298 * Delegated diff alone is sufficient that we allow this.
1299 */
1300 int error;
1301
1302 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1303 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1304 return (0);
1305
6f1ffb06 1306 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
b83a0e2d
DB		 1307
1308 if (innvl != NULL) {
1309 if (error == 0)
1310 error = zfs_secpolicy_hold(zc, innvl, cr);
1311 if (error == 0)
1312 error = zfs_secpolicy_release(zc, innvl, cr);
1313 if (error == 0)
1314 error = zfs_secpolicy_destroy(zc, innvl, cr);
1315 }
572e2857
BB		 1316 return (error);
1317}
1318
b5256303
TC		 1319static int
1320zfs_secpolicy_load_key(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1321{
1322 return (zfs_secpolicy_write_perms(zc->zc_name,
1323 ZFS_DELEG_PERM_LOAD_KEY, cr));
1324}
1325
1326static int
1327zfs_secpolicy_change_key(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1328{
1329 return (zfs_secpolicy_write_perms(zc->zc_name,
1330 ZFS_DELEG_PERM_CHANGE_KEY, cr));
1331}
1332
34dc7c2f
BB		 1333/*
1334 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1335 */
1336static int
9babb374 1337get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
34dc7c2f
BB		 1338{
1339 char *packed;
1340 int error;
1341 nvlist_t *list = NULL;
1342
1343 /*
1344 * Read in and unpack the user-supplied nvlist.
1345 */
1346 if (size == 0)
2e528b49 1347 return (SET_ERROR(EINVAL));
34dc7c2f 1348
77aef6f6 1349 packed = vmem_alloc(size, KM_SLEEP);
34dc7c2f 1350
9babb374
BB		 1351 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1352 iflag)) != 0) {
77aef6f6 1353 vmem_free(packed, size);
0de7c552 1354 return (SET_ERROR(EFAULT));
34dc7c2f
BB		 1355 }
1356
1357 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
77aef6f6 1358 vmem_free(packed, size);
34dc7c2f
BB		 1359 return (error);
1360 }
1361
77aef6f6 1362 vmem_free(packed, size);
34dc7c2f
BB		 1363
1364 *nvp = list;
1365 return (0);
1366}
1367
6f1ffb06
MA		 1368/*
1369 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1370 * Entries will be removed from the end of the nvlist, and one int32 entry
1371 * named "N_MORE_ERRORS" will be added indicating how many entries were
1372 * removed.
1373 */
428870ff 1374static int
6f1ffb06 1375nvlist_smush(nvlist_t *errors, size_t max)
428870ff
BB		 1376{
1377 size_t size;
1378
6f1ffb06 1379 size = fnvlist_size(errors);
428870ff 1380
6f1ffb06 1381 if (size > max) {
428870ff
BB		 1382 nvpair_t *more_errors;
1383 int n = 0;
1384
6f1ffb06 1385 if (max < 1024)
2e528b49 1386 return (SET_ERROR(ENOMEM));
428870ff 1387
6f1ffb06
MA		 1388 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1389 more_errors = nvlist_prev_nvpair(errors, NULL);
428870ff
BB		 1390
1391 do {
6f1ffb06 1392 nvpair_t *pair = nvlist_prev_nvpair(errors,
428870ff 1393 more_errors);
6f1ffb06 1394 fnvlist_remove_nvpair(errors, pair);
428870ff 1395 n++;
6f1ffb06
MA		 1396 size = fnvlist_size(errors);
1397 } while (size > max);
428870ff 1398
6f1ffb06
MA		 1399 fnvlist_remove_nvpair(errors, more_errors);
1400 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1401 ASSERT3U(fnvlist_size(errors), <=, max);
428870ff
BB		 1402 }
1403
1404 return (0);
1405}
1406
34dc7c2f
BB		 1407static int
1408put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1409{
1410 char *packed = NULL;
428870ff 1411 int error = 0;
34dc7c2f 1412 size_t size;
34dc7c2f 1413
6f1ffb06 1414 size = fnvlist_size(nvl);
34dc7c2f
BB		 1415
1416 if (size > zc->zc_nvlist_dst_size) {
2e528b49 1417 error = SET_ERROR(ENOMEM);
34dc7c2f 1418 } else {
6f1ffb06 1419 packed = fnvlist_pack(nvl, &size);
428870ff
BB		 1420 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1421 size, zc->zc_iflags) != 0)
2e528b49 1422 error = SET_ERROR(EFAULT);
6f1ffb06 1423 fnvlist_pack_free(packed, size);
34dc7c2f
BB		 1424 }
1425
1426 zc->zc_nvlist_dst_size = size;
6f1ffb06 1427 zc->zc_nvlist_dst_filled = B_TRUE;
34dc7c2f
BB		 1428 return (error);
1429}
1430
d99a0153
CW		 1431int
1432getzfsvfs_impl(objset_t *os, zfsvfs_t **zfvp)
9babb374 1433{
d99a0153 1434 int error = 0;
428870ff 1435 if (dmu_objset_type(os) != DMU_OST_ZFS) {
2e528b49 1436 return (SET_ERROR(EINVAL));
428870ff 1437 }
9babb374 1438
428870ff 1439 mutex_enter(&os->os_user_ptr_lock);
0037b49e 1440 *zfvp = dmu_objset_get_user(os);
061460df 1441 /* bump s_active only when non-zero to prevent umount race */
0037b49e
BB		 1442 if (*zfvp == NULL || (*zfvp)->z_sb == NULL ||
1443 !atomic_inc_not_zero(&((*zfvp)->z_sb->s_active))) {
2e528b49 1444 error = SET_ERROR(ESRCH);
9babb374 1445 }
428870ff 1446 mutex_exit(&os->os_user_ptr_lock);
d99a0153
CW		 1447 return (error);
1448}
1449
8d103d88 1450int
d99a0153
CW		 1451getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1452{
1453 objset_t *os;
1454 int error;
1455
1456 error = dmu_objset_hold(dsname, FTAG, &os);
1457 if (error != 0)
1458 return (error);
1459
1460 error = getzfsvfs_impl(os, zfvp);
428870ff 1461 dmu_objset_rele(os, FTAG);
9babb374
BB		 1462 return (error);
1463}
1464
1465/*
0037b49e 1466 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
2cf7f52b 1467 * case its z_sb will be NULL, and it will be opened as the owner.
9ae529ec
CS		 1468 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1469 * which prevents all inode ops from running.
9babb374
BB		 1470 */
1471static int
f298b24d 1472zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
9babb374
BB		 1473{
1474 int error = 0;
9babb374 1475
f298b24d 1476 if (getzfsvfs(name, zfvp) != 0)
163a8c28 1477 error = zfsvfs_create(name, B_FALSE, zfvp);
9babb374 1478 if (error == 0) {
0037b49e 1479 rrm_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
572e2857 1480 RW_READER, tag);
0037b49e 1481 if ((*zfvp)->z_unmounted) {
9babb374
BB		 1482 /*
1483 * XXX we could probably try again, since the unmounting
1484 * thread should be just about to disassociate the
0037b49e 1485 * objset from the zfsvfs.
9babb374 1486 */
0037b49e 1487 rrm_exit(&(*zfvp)->z_teardown_lock, tag);
2e528b49 1488 return (SET_ERROR(EBUSY));
9babb374
BB		 1489 }
1490 }
1491 return (error);
1492}
1493
1494static void
f298b24d 1495zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
9babb374 1496{
0037b49e 1497 rrm_exit(&zfsvfs->z_teardown_lock, tag);
9babb374 1498
0037b49e
BB		 1499 if (zfsvfs->z_sb) {
1500 deactivate_super(zfsvfs->z_sb);
9babb374 1501 } else {
b5256303 1502 dmu_objset_disown(zfsvfs->z_os, B_TRUE, zfsvfs);
f298b24d 1503 zfsvfs_free(zfsvfs);
9babb374
BB		 1504 }
1505}
1506
34dc7c2f
BB		 1507static int
1508zfs_ioc_pool_create(zfs_cmd_t *zc)
1509{
1510 int error;
1511 nvlist_t *config, *props = NULL;
b128c09f
BB		 1512 nvlist_t *rootprops = NULL;
1513 nvlist_t *zplprops = NULL;
b5256303 1514 dsl_crypto_params_t *dcp = NULL;
4ceb8dd6 1515 char *spa_name = zc->zc_name;
34dc7c2f 1516
c65aa5b2
BB		 1517 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1518 zc->zc_iflags, &config)))
34dc7c2f
BB		 1519 return (error);
1520
1521 if (zc->zc_nvlist_src_size != 0 && (error =
9babb374
BB		 1522 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1523 zc->zc_iflags, &props))) {
34dc7c2f
BB		 1524 nvlist_free(config);
1525 return (error);
1526 }
1527
b128c09f
BB		 1528 if (props) {
1529 nvlist_t *nvl = NULL;
b5256303 1530 nvlist_t *hidden_args = NULL;
b128c09f 1531 uint64_t version = SPA_VERSION;
4ceb8dd6 1532 char *tname;
b128c09f
BB		 1533
1534 (void) nvlist_lookup_uint64(props,
1535 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
9ae529ec 1536 if (!SPA_VERSION_IS_SUPPORTED(version)) {
2e528b49 1537 error = SET_ERROR(EINVAL);
b128c09f
BB		 1538 goto pool_props_bad;
1539 }
1540 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1541 if (nvl) {
1542 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1543 if (error != 0) {
1544 nvlist_free(config);
1545 nvlist_free(props);
1546 return (error);
1547 }
1548 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1549 }
b5256303
TC		 1550
1551 (void) nvlist_lookup_nvlist(props, ZPOOL_HIDDEN_ARGS,
1552 &hidden_args);
1553 error = dsl_crypto_params_create_nvlist(DCP_CMD_NONE,
1554 rootprops, hidden_args, &dcp);
1555 if (error != 0) {
1556 nvlist_free(config);
1557 nvlist_free(props);
1558 return (error);
1559 }
1560 (void) nvlist_remove_all(props, ZPOOL_HIDDEN_ARGS);
1561
b128c09f
BB		 1562 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1563 error = zfs_fill_zplprops_root(version, rootprops,
1564 zplprops, NULL);
13fe0198 1565 if (error != 0)
b128c09f 1566 goto pool_props_bad;
4ceb8dd6 1567
1568 if (nvlist_lookup_string(props,
1569 zpool_prop_to_name(ZPOOL_PROP_TNAME), &tname) == 0)
1570 spa_name = tname;
b128c09f
BB		 1571 }
1572
b5256303 1573 error = spa_create(zc->zc_name, config, props, zplprops, dcp);
b128c09f
BB		 1574
1575 /*
1576 * Set the remaining root properties
1577 */
4ceb8dd6 1578 if (!error && (error = zfs_set_prop_nvlist(spa_name,
428870ff 1579 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
4ceb8dd6 1580 (void) spa_destroy(spa_name);
34dc7c2f 1581
b128c09f
BB		 1582pool_props_bad:
1583 nvlist_free(rootprops);
1584 nvlist_free(zplprops);
34dc7c2f 1585 nvlist_free(config);
b128c09f 1586 nvlist_free(props);
b5256303 1587 dsl_crypto_params_free(dcp, !!error);
34dc7c2f
BB		 1588
1589 return (error);
1590}
1591
1592static int
1593zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1594{
1595 int error;
1596 zfs_log_history(zc);
1597 error = spa_destroy(zc->zc_name);
a0bd735a 1598
34dc7c2f
BB		 1599 return (error);
1600}
1601
1602static int
1603zfs_ioc_pool_import(zfs_cmd_t *zc)
1604{
34dc7c2f
BB		 1605 nvlist_t *config, *props = NULL;
1606 uint64_t guid;
428870ff 1607 int error;
34dc7c2f
BB		 1608
1609 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
9babb374 1610 zc->zc_iflags, &config)) != 0)
34dc7c2f
BB		 1611 return (error);
1612
1613 if (zc->zc_nvlist_src_size != 0 && (error =
9babb374
BB		 1614 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1615 zc->zc_iflags, &props))) {
34dc7c2f
BB		 1616 nvlist_free(config);
1617 return (error);
1618 }
1619
1620 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1621 guid != zc->zc_guid)
2e528b49 1622 error = SET_ERROR(EINVAL);
34dc7c2f 1623 else
572e2857 1624 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
34dc7c2f 1625
572e2857
BB		 1626 if (zc->zc_nvlist_dst != 0) {
1627 int err;
1628
1629 if ((err = put_nvlist(zc, config)) != 0)
1630 error = err;
1631 }
428870ff 1632
34dc7c2f 1633 nvlist_free(config);
8a5fc748 1634 nvlist_free(props);
34dc7c2f
BB		 1635
1636 return (error);
1637}
1638
1639static int
1640zfs_ioc_pool_export(zfs_cmd_t *zc)
1641{
1642 int error;
b128c09f 1643 boolean_t force = (boolean_t)zc->zc_cookie;
fb5f0bc8 1644 boolean_t hardforce = (boolean_t)zc->zc_guid;
b128c09f 1645
34dc7c2f 1646 zfs_log_history(zc);
fb5f0bc8 1647 error = spa_export(zc->zc_name, NULL, force, hardforce);
a0bd735a 1648
34dc7c2f
BB		 1649 return (error);
1650}
1651
1652static int
1653zfs_ioc_pool_configs(zfs_cmd_t *zc)
1654{
1655 nvlist_t *configs;
1656 int error;
1657
1658 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
2e528b49 1659 return (SET_ERROR(EEXIST));
34dc7c2f
BB		 1660
1661 error = put_nvlist(zc, configs);
1662
1663 nvlist_free(configs);
1664
1665 return (error);
1666}
1667
9ae529ec
CS		 1668/*
1669 * inputs:
1670 * zc_name name of the pool
1671 *
1672 * outputs:
1673 * zc_cookie real errno
1674 * zc_nvlist_dst config nvlist
1675 * zc_nvlist_dst_size size of config nvlist
1676 */
34dc7c2f
BB		 1677static int
1678zfs_ioc_pool_stats(zfs_cmd_t *zc)
1679{
1680 nvlist_t *config;
1681 int error;
1682 int ret = 0;
1683
1684 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1685 sizeof (zc->zc_value));
1686
1687 if (config != NULL) {
1688 ret = put_nvlist(zc, config);
1689 nvlist_free(config);
1690
1691 /*
1692 * The config may be present even if 'error' is non-zero.
1693 * In this case we return success, and preserve the real errno
1694 * in 'zc_cookie'.
1695 */
1696 zc->zc_cookie = error;
1697 } else {
1698 ret = error;
1699 }
1700
1701 return (ret);
1702}
1703
1704/*
1705 * Try to import the given pool, returning pool stats as appropriate so that
1706 * user land knows which devices are available and overall pool health.
1707 */
1708static int
1709zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1710{
379ca9cf 1711 nvlist_t *tryconfig, *config = NULL;
34dc7c2f
BB		 1712 int error;
1713
1714 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
9babb374 1715 zc->zc_iflags, &tryconfig)) != 0)
34dc7c2f
BB		 1716 return (error);
1717
1718 config = spa_tryimport(tryconfig);
1719
1720 nvlist_free(tryconfig);
1721
1722 if (config == NULL)
2e528b49 1723 return (SET_ERROR(EINVAL));
34dc7c2f
BB		 1724
1725 error = put_nvlist(zc, config);
1726 nvlist_free(config);
1727
1728 return (error);
1729}
1730
428870ff
BB		 1731/*
1732 * inputs:
1733 * zc_name name of the pool
1734 * zc_cookie scan func (pool_scan_func_t)
0ea05c64 1735 * zc_flags scrub pause/resume flag (pool_scrub_cmd_t)
428870ff 1736 */
34dc7c2f 1737static int
428870ff 1738zfs_ioc_pool_scan(zfs_cmd_t *zc)
34dc7c2f
BB		 1739{
1740 spa_t *spa;
1741 int error;
1742
0ea05c64
AP		 1743 if (zc->zc_flags >= POOL_SCRUB_FLAGS_END)
1744 return (SET_ERROR(EINVAL));
1745
1724eb62 1746 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1747 return (error);
1748
0ea05c64
AP		 1749 if (zc->zc_flags == POOL_SCRUB_PAUSE)
1750 error = spa_scrub_pause_resume(spa, POOL_SCRUB_PAUSE);
1751 else if (zc->zc_cookie == POOL_SCAN_NONE)
428870ff
BB		 1752 error = spa_scan_stop(spa);
1753 else
1754 error = spa_scan(spa, zc->zc_cookie);
34dc7c2f
BB		 1755
1756 spa_close(spa, FTAG);
1757
1758 return (error);
1759}
1760
1761static int
1762zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1763{
1764 spa_t *spa;
1765 int error;
1766
1767 error = spa_open(zc->zc_name, &spa, FTAG);
1768 if (error == 0) {
1769 spa_freeze(spa);
1770 spa_close(spa, FTAG);
1771 }
1772 return (error);
1773}
1774
1775static int
1776zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1777{
1778 spa_t *spa;
1779 int error;
1780
1781 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1782 return (error);
1783
9ae529ec
CS		 1784 if (zc->zc_cookie < spa_version(spa) ||
1785 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
34dc7c2f 1786 spa_close(spa, FTAG);
2e528b49 1787 return (SET_ERROR(EINVAL));
34dc7c2f
BB		 1788 }
1789
1790 spa_upgrade(spa, zc->zc_cookie);
1791 spa_close(spa, FTAG);
1792
1793 return (error);
1794}
1795
1796static int
1797zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1798{
1799 spa_t *spa;
1800 char *hist_buf;
1801 uint64_t size;
1802 int error;
1803
1804 if ((size = zc->zc_history_len) == 0)
2e528b49 1805 return (SET_ERROR(EINVAL));
34dc7c2f
BB		 1806
1807 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1808 return (error);
1809
1810 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1811 spa_close(spa, FTAG);
2e528b49 1812 return (SET_ERROR(ENOTSUP));
34dc7c2f
BB		 1813 }
1814
34b84cb8 1815 hist_buf = vmem_alloc(size, KM_SLEEP);
34dc7c2f
BB		 1816 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1817 &zc->zc_history_len, hist_buf)) == 0) {
9babb374
BB		 1818 error = ddi_copyout(hist_buf,
1819 (void *)(uintptr_t)zc->zc_history,
1820 zc->zc_history_len, zc->zc_iflags);
34dc7c2f
BB		 1821 }
1822
1823 spa_close(spa, FTAG);
34b84cb8 1824 vmem_free(hist_buf, size);
34dc7c2f
BB		 1825 return (error);
1826}
1827
3541dc6d
GA		 1828static int
1829zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1830{
1831 spa_t *spa;
1832 int error;
1833
1834 error = spa_open(zc->zc_name, &spa, FTAG);
1835 if (error == 0) {
1836 error = spa_change_guid(spa);
1837 spa_close(spa, FTAG);
1838 }
1839 return (error);
1840}
1841
34dc7c2f
BB		 1842static int
1843zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1844{
13fe0198 1845 return (dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value));
34dc7c2f
BB		 1846}
1847
428870ff
BB		 1848/*
1849 * inputs:
1850 * zc_name name of filesystem
1851 * zc_obj object to find
1852 *
1853 * outputs:
1854 * zc_value name of object
1855 */
34dc7c2f
BB		 1856static int
1857zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1858{
428870ff 1859 objset_t *os;
34dc7c2f
BB		 1860 int error;
1861
428870ff 1862 /* XXX reading from objset not owned */
b5256303
TC		 1863 if ((error = dmu_objset_hold_flags(zc->zc_name, B_TRUE,
1864 FTAG, &os)) != 0)
34dc7c2f 1865 return (error);
428870ff 1866 if (dmu_objset_type(os) != DMU_OST_ZFS) {
b5256303 1867 dmu_objset_rele_flags(os, B_TRUE, FTAG);
2e528b49 1868 return (SET_ERROR(EINVAL));
428870ff
BB		 1869 }
1870 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
34dc7c2f 1871 sizeof (zc->zc_value));
b5256303 1872 dmu_objset_rele_flags(os, B_TRUE, FTAG);
34dc7c2f
BB		 1873
1874 return (error);
1875}
1876
572e2857
BB		 1877/*
1878 * inputs:
1879 * zc_name name of filesystem
1880 * zc_obj object to find
1881 *
1882 * outputs:
1883 * zc_stat stats on object
1884 * zc_value path to object
1885 */
1886static int
1887zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1888{
1889 objset_t *os;
1890 int error;
1891
1892 /* XXX reading from objset not owned */
b5256303
TC		 1893 if ((error = dmu_objset_hold_flags(zc->zc_name, B_TRUE,
1894 FTAG, &os)) != 0)
572e2857
BB		 1895 return (error);
1896 if (dmu_objset_type(os) != DMU_OST_ZFS) {
b5256303 1897 dmu_objset_rele_flags(os, B_TRUE, FTAG);
2e528b49 1898 return (SET_ERROR(EINVAL));
572e2857
BB		 1899 }
1900 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1901 sizeof (zc->zc_value));
b5256303 1902 dmu_objset_rele_flags(os, B_TRUE, FTAG);
572e2857
BB		 1903
1904 return (error);
1905}
1906
34dc7c2f
BB		 1907static int
1908zfs_ioc_vdev_add(zfs_cmd_t *zc)
1909{
1910 spa_t *spa;
1911 int error;
64ad2b26 1912 nvlist_t *config;
34dc7c2f
BB		 1913
1914 error = spa_open(zc->zc_name, &spa, FTAG);
1915 if (error != 0)
1916 return (error);
1917
1918 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
9babb374 1919 zc->zc_iflags, &config);
34dc7c2f
BB		 1920 if (error == 0) {
1921 error = spa_vdev_add(spa, config);
1922 nvlist_free(config);
1923 }
1924 spa_close(spa, FTAG);
1925 return (error);
1926}
1927
428870ff
BB		 1928/*
1929 * inputs:
1930 * zc_name name of the pool
a1d477c2
MA		 1931 * zc_guid guid of vdev to remove
1932 * zc_cookie cancel removal
428870ff 1933 */
34dc7c2f
BB		 1934static int
1935zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1936{
1937 spa_t *spa;
1938 int error;
1939
1940 error = spa_open(zc->zc_name, &spa, FTAG);
1941 if (error != 0)
1942 return (error);
a1d477c2
MA		 1943 if (zc->zc_cookie != 0) {
1944 error = spa_vdev_remove_cancel(spa);
1945 } else {
1946 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1947 }
34dc7c2f
BB		 1948 spa_close(spa, FTAG);
1949 return (error);
1950}
1951
1952static int
1953zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1954{
1955 spa_t *spa;
1956 int error;
1957 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1958
1959 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1960 return (error);
1961 switch (zc->zc_cookie) {
1962 case VDEV_STATE_ONLINE:
1963 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1964 break;
1965
1966 case VDEV_STATE_OFFLINE:
1967 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1968 break;
1969
1970 case VDEV_STATE_FAULTED:
428870ff 1971 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
4a283c7f
TH		 1972 zc->zc_obj != VDEV_AUX_EXTERNAL &&
1973 zc->zc_obj != VDEV_AUX_EXTERNAL_PERSIST)
428870ff
BB		 1974 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1975
1976 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
34dc7c2f
BB		 1977 break;
1978
1979 case VDEV_STATE_DEGRADED:
428870ff
BB		 1980 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1981 zc->zc_obj != VDEV_AUX_EXTERNAL)
1982 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1983
1984 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
34dc7c2f
BB		 1985 break;
1986
1987 default:
2e528b49 1988 error = SET_ERROR(EINVAL);
34dc7c2f
BB		 1989 }
1990 zc->zc_cookie = newstate;
1991 spa_close(spa, FTAG);
1992 return (error);
1993}
1994
1995static int
1996zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1997{
1998 spa_t *spa;
1999 int replacing = zc->zc_cookie;
2000 nvlist_t *config;
2001 int error;
2002
2003 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
2004 return (error);
2005
2006 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
9babb374 2007 zc->zc_iflags, &config)) == 0) {
34dc7c2f
BB		 2008 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
2009 nvlist_free(config);
2010 }
2011
2012 spa_close(spa, FTAG);
2013 return (error);
2014}
2015
2016static int
2017zfs_ioc_vdev_detach(zfs_cmd_t *zc)
2018{
2019 spa_t *spa;
2020 int error;
2021
2022 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
2023 return (error);
2024
fb5f0bc8 2025 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
34dc7c2f
BB		 2026
2027 spa_close(spa, FTAG);
2028 return (error);
2029}
2030
428870ff
BB		 2031static int
2032zfs_ioc_vdev_split(zfs_cmd_t *zc)
2033{
2034 spa_t *spa;
2035 nvlist_t *config, *props = NULL;
2036 int error;
2037 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
2038
2039 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
2040 return (error);
2041
c65aa5b2
BB		 2042 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
2043 zc->zc_iflags, &config))) {
428870ff
BB		 2044 spa_close(spa, FTAG);
2045 return (error);
2046 }
2047
2048 if (zc->zc_nvlist_src_size != 0 && (error =
2049 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2050 zc->zc_iflags, &props))) {
2051 spa_close(spa, FTAG);
2052 nvlist_free(config);
2053 return (error);
2054 }
2055
2056 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
2057
2058 spa_close(spa, FTAG);
2059
2060 nvlist_free(config);
2061 nvlist_free(props);
2062
2063 return (error);
2064}
2065
34dc7c2f
BB		 2066static int
2067zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
2068{
2069 spa_t *spa;
2070 char *path = zc->zc_value;
2071 uint64_t guid = zc->zc_guid;
2072 int error;
2073
2074 error = spa_open(zc->zc_name, &spa, FTAG);
2075 if (error != 0)
2076 return (error);
2077
2078 error = spa_vdev_setpath(spa, guid, path);
2079 spa_close(spa, FTAG);
2080 return (error);
2081}
2082
9babb374
BB		 2083static int
2084zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
2085{
2086 spa_t *spa;
2087 char *fru = zc->zc_value;
2088 uint64_t guid = zc->zc_guid;
2089 int error;
2090
2091 error = spa_open(zc->zc_name, &spa, FTAG);
2092 if (error != 0)
2093 return (error);
2094
2095 error = spa_vdev_setfru(spa, guid, fru);
2096 spa_close(spa, FTAG);
2097 return (error);
2098}
2099
34dc7c2f 2100static int
572e2857 2101zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
34dc7c2f 2102{
572e2857 2103 int error = 0;
34dc7c2f
BB		 2104 nvlist_t *nv;
2105
34dc7c2f
BB		 2106 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2107
2108 if (zc->zc_nvlist_dst != 0 &&
428870ff 2109 (error = dsl_prop_get_all(os, &nv)) == 0) {
34dc7c2f
BB		 2110 dmu_objset_stats(os, nv);
2111 /*
2112 * NB: zvol_get_stats() will read the objset contents,
2113 * which we aren't supposed to do with a
b128c09f 2114 * DS_MODE_USER hold, because it could be
34dc7c2f 2115 * inconsistent. So this is a bit of a workaround...
428870ff 2116 * XXX reading with out owning
34dc7c2f 2117 */
330d06f9
MA		 2118 if (!zc->zc_objset_stats.dds_inconsistent &&
2119 dmu_objset_type(os) == DMU_OST_ZVOL) {
2120 error = zvol_get_stats(os, nv);
6d421005
B		 2121 if (error == EIO) {
2122 nvlist_free(nv);
330d06f9 2123 return (error);
6d421005 2124 }
c99c9001 2125 VERIFY0(error);
34dc7c2f 2126 }
8a8f5c6b
BB		 2127 if (error == 0)
2128 error = put_nvlist(zc, nv);
34dc7c2f
BB		 2129 nvlist_free(nv);
2130 }
2131
572e2857
BB		 2132 return (error);
2133}
2134
2135/*
2136 * inputs:
2137 * zc_name name of filesystem
2138 * zc_nvlist_dst_size size of buffer for property nvlist
2139 *
2140 * outputs:
2141 * zc_objset_stats stats
2142 * zc_nvlist_dst property nvlist
2143 * zc_nvlist_dst_size size of property nvlist
2144 */
2145static int
2146zfs_ioc_objset_stats(zfs_cmd_t *zc)
2147{
13fe0198 2148 objset_t *os;
572e2857
BB		 2149 int error;
2150
13fe0198
MA		 2151 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2152 if (error == 0) {
2153 error = zfs_ioc_objset_stats_impl(zc, os);
2154 dmu_objset_rele(os, FTAG);
2155 }
572e2857 2156
428870ff
BB		 2157 return (error);
2158}
2159
2160/*
2161 * inputs:
2162 * zc_name name of filesystem
2163 * zc_nvlist_dst_size size of buffer for property nvlist
2164 *
2165 * outputs:
2166 * zc_nvlist_dst received property nvlist
2167 * zc_nvlist_dst_size size of received property nvlist
2168 *
2169 * Gets received properties (distinct from local properties on or after
2170 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2171 * local property values.
2172 */
2173static int
26685276 2174zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
428870ff 2175{
13fe0198 2176 int error = 0;
428870ff
BB		 2177 nvlist_t *nv;
2178
428870ff
BB		 2179 /*
2180 * Without this check, we would return local property values if the
2181 * caller has not already received properties on or after
2182 * SPA_VERSION_RECVD_PROPS.
2183 */
13fe0198 2184 if (!dsl_prop_get_hasrecvd(zc->zc_name))
2e528b49 2185 return (SET_ERROR(ENOTSUP));
428870ff
BB		 2186
2187 if (zc->zc_nvlist_dst != 0 &&
13fe0198 2188 (error = dsl_prop_get_received(zc->zc_name, &nv)) == 0) {
428870ff
BB		 2189 error = put_nvlist(zc, nv);
2190 nvlist_free(nv);
2191 }
2192
34dc7c2f
BB		 2193 return (error);
2194}
2195
2196static int
2197nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2198{
2199 uint64_t value;
2200 int error;
2201
2202 /*
2203 * zfs_get_zplprop() will either find a value or give us
2204 * the default value (if there is one).
2205 */
2206 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2207 return (error);
2208 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2209 return (0);
2210}
2211
2212/*
2213 * inputs:
2214 * zc_name name of filesystem
2215 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2216 *
2217 * outputs:
2218 * zc_nvlist_dst zpl property nvlist
2219 * zc_nvlist_dst_size size of zpl property nvlist
2220 */
2221static int
2222zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2223{
2224 objset_t *os;
2225 int err;
2226
428870ff 2227 /* XXX reading without owning */
c65aa5b2 2228 if ((err = dmu_objset_hold(zc->zc_name, FTAG, &os)))
34dc7c2f
BB		 2229 return (err);
2230
2231 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2232
2233 /*
2234 * NB: nvl_add_zplprop() will read the objset contents,
b128c09f
BB		 2235 * which we aren't supposed to do with a DS_MODE_USER
2236 * hold, because it could be inconsistent.
34dc7c2f 2237 */
b8864a23 2238 if (zc->zc_nvlist_dst != 0 &&
34dc7c2f
BB		 2239 !zc->zc_objset_stats.dds_inconsistent &&
2240 dmu_objset_type(os) == DMU_OST_ZFS) {
2241 nvlist_t *nv;
2242
2243 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2244 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2245 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2246 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2247 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2248 err = put_nvlist(zc, nv);
2249 nvlist_free(nv);
2250 } else {
2e528b49 2251 err = SET_ERROR(ENOENT);
34dc7c2f 2252 }
428870ff 2253 dmu_objset_rele(os, FTAG);
34dc7c2f
BB		 2254 return (err);
2255}
2256
2257/*
2258 * inputs:
2259 * zc_name name of filesystem
2260 * zc_cookie zap cursor
2261 * zc_nvlist_dst_size size of buffer for property nvlist
2262 *
2263 * outputs:
2264 * zc_name name of next filesystem
9babb374 2265 * zc_cookie zap cursor
34dc7c2f
BB		 2266 * zc_objset_stats stats
2267 * zc_nvlist_dst property nvlist
2268 * zc_nvlist_dst_size size of property nvlist
34dc7c2f
BB		 2269 */
2270static int
2271zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2272{
2273 objset_t *os;
2274 int error;
2275 char *p;
428870ff 2276 size_t orig_len = strlen(zc->zc_name);
34dc7c2f 2277
428870ff 2278top:
c65aa5b2 2279 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os))) {
34dc7c2f 2280 if (error == ENOENT)
2e528b49 2281 error = SET_ERROR(ESRCH);
34dc7c2f
BB		 2282 return (error);
2283 }
2284
2285 p = strrchr(zc->zc_name, '/');
2286 if (p == NULL || p[1] != '\0')
2287 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2288 p = zc->zc_name + strlen(zc->zc_name);
2289
2290 do {
2291 error = dmu_dir_list_next(os,
2292 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2293 NULL, &zc->zc_cookie);
2294 if (error == ENOENT)
2e528b49 2295 error = SET_ERROR(ESRCH);
2e5dc449 2296 } while (error == 0 && zfs_dataset_name_hidden(zc->zc_name));
428870ff 2297 dmu_objset_rele(os, FTAG);
34dc7c2f 2298
428870ff
BB		 2299 /*
2300 * If it's an internal dataset (ie. with a '$' in its name),
2301 * don't try to get stats for it, otherwise we'll return ENOENT.
2302 */
2303 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
34dc7c2f 2304 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
428870ff
BB		 2305 if (error == ENOENT) {
2306 /* We lost a race with destroy, get the next one. */
2307 zc->zc_name[orig_len] = '\0';
2308 goto top;
2309 }
2310 }
34dc7c2f
BB		 2311 return (error);
2312}
2313
2314/*
2315 * inputs:
2316 * zc_name name of filesystem
2317 * zc_cookie zap cursor
2318 * zc_nvlist_dst_size size of buffer for property nvlist
2319 *
2320 * outputs:
2321 * zc_name name of next snapshot
2322 * zc_objset_stats stats
2323 * zc_nvlist_dst property nvlist
2324 * zc_nvlist_dst_size size of property nvlist
34dc7c2f
BB		 2325 */
2326static int
2327zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2328{
2329 objset_t *os;
2330 int error;
2331
428870ff 2332 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
13fe0198 2333 if (error != 0) {
b128c09f 2334 return (error == ENOENT ? ESRCH : error);
13fe0198 2335 }
34dc7c2f
BB		 2336
2337 /*
2338 * A dataset name of maximum length cannot have any snapshots,
2339 * so exit immediately.
2340 */
eca7b760
IK		 2341 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >=
2342 ZFS_MAX_DATASET_NAME_LEN) {
428870ff 2343 dmu_objset_rele(os, FTAG);
2e528b49 2344 return (SET_ERROR(ESRCH));
34dc7c2f
BB		 2345 }
2346
2347 error = dmu_snapshot_list_next(os,
2348 sizeof (zc->zc_name) - strlen(zc->zc_name),
572e2857
BB		 2349 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2350 NULL);
2351
0cee2406 2352 if (error == 0 && !zc->zc_simple) {
572e2857
BB		 2353 dsl_dataset_t *ds;
2354 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2355
572e2857 2356 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
13fe0198 2357 if (error == 0) {
572e2857
BB		 2358 objset_t *ossnap;
2359
2360 error = dmu_objset_from_ds(ds, &ossnap);
2361 if (error == 0)
2362 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2363 dsl_dataset_rele(ds, FTAG);
428870ff
BB		 2364 }
2365 } else if (error == ENOENT) {
2e528b49 2366 error = SET_ERROR(ESRCH);
428870ff 2367 }
34dc7c2f 2368
572e2857 2369 dmu_objset_rele(os, FTAG);
34dc7c2f 2370 /* if we failed, undo the @ that we tacked on to zc_name */
13fe0198 2371 if (error != 0)
34dc7c2f 2372 *strchr(zc->zc_name, '@') = '\0';
34dc7c2f
BB		 2373 return (error);
2374}
2375
428870ff
BB		 2376static int
2377zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
34dc7c2f 2378{
428870ff
BB		 2379 const char *propname = nvpair_name(pair);
2380 uint64_t *valary;
2381 unsigned int vallen;
2382 const char *domain;
2383 char *dash;
2384 zfs_userquota_prop_t type;
2385 uint64_t rid;
2386 uint64_t quota;
0037b49e 2387 zfsvfs_t *zfsvfs;
428870ff
BB		 2388 int err;
2389
2390 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2391 nvlist_t *attrs;
2392 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2393 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2394 &pair) != 0)
2e528b49 2395 return (SET_ERROR(EINVAL));
428870ff 2396 }
34dc7c2f
BB		 2397
2398 /*
428870ff
BB		 2399 * A correctly constructed propname is encoded as
2400 * userquota@<rid>-<domain>.
34dc7c2f 2401 */
428870ff
BB		 2402 if ((dash = strchr(propname, '-')) == NULL ||
2403 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2404 vallen != 3)
2e528b49 2405 return (SET_ERROR(EINVAL));
34dc7c2f 2406
428870ff
BB		 2407 domain = dash + 1;
2408 type = valary[0];
2409 rid = valary[1];
2410 quota = valary[2];
34dc7c2f 2411
f298b24d 2412 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
428870ff 2413 if (err == 0) {
0037b49e 2414 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
f298b24d 2415 zfsvfs_rele(zfsvfs, FTAG);
428870ff 2416 }
9babb374 2417
428870ff
BB		 2418 return (err);
2419}
34dc7c2f 2420
428870ff
BB		 2421/*
2422 * If the named property is one that has a special function to set its value,
2423 * return 0 on success and a positive error code on failure; otherwise if it is
2424 * not one of the special properties handled by this function, return -1.
2425 *
2426 * XXX: It would be better for callers of the property interface if we handled
2427 * these special cases in dsl_prop.c (in the dsl layer).
2428 */
2429static int
2430zfs_prop_set_special(const char *dsname, zprop_source_t source,
2431 nvpair_t *pair)
2432{
2433 const char *propname = nvpair_name(pair);
2434 zfs_prop_t prop = zfs_name_to_prop(propname);
b5256303
TC		 2435 uint64_t intval = 0;
2436 char *strval = NULL;
f1512ee6 2437 int err = -1;
9babb374 2438
428870ff
BB		 2439 if (prop == ZPROP_INVAL) {
2440 if (zfs_prop_userquota(propname))
2441 return (zfs_prop_set_userquota(dsname, pair));
2442 return (-1);
2443 }
34dc7c2f 2444
428870ff
BB		 2445 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2446 nvlist_t *attrs;
2447 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2448 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2449 &pair) == 0);
2450 }
b128c09f 2451
b5256303
TC		 2452 /* all special properties are numeric except for keylocation */
2453 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING) {
2454 strval = fnvpair_value_string(pair);
2455 } else {
2456 intval = fnvpair_value_uint64(pair);
2457 }
34dc7c2f 2458
428870ff
BB		 2459 switch (prop) {
2460 case ZFS_PROP_QUOTA:
2461 err = dsl_dir_set_quota(dsname, source, intval);
2462 break;
2463 case ZFS_PROP_REFQUOTA:
13fe0198 2464 err = dsl_dataset_set_refquota(dsname, source, intval);
428870ff 2465 break;
788eb90c
JJ		 2466 case ZFS_PROP_FILESYSTEM_LIMIT:
2467 case ZFS_PROP_SNAPSHOT_LIMIT:
2468 if (intval == UINT64_MAX) {
2469 /* clearing the limit, just do it */
2470 err = 0;
2471 } else {
2472 err = dsl_dir_activate_fs_ss_limit(dsname);
2473 }
b5256303
TC		 2474 /*
2475 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2476 * default path to set the value in the nvlist.
2477 */
2478 if (err == 0)
2479 err = -1;
2480 break;
2481 case ZFS_PROP_KEYLOCATION:
2482 err = dsl_crypto_can_set_keylocation(dsname, strval);
2483
788eb90c
JJ		 2484 /*
2485 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2486 * default path to set the value in the nvlist.
2487 */
2488 if (err == 0)
2489 err = -1;
2490 break;
428870ff
BB		 2491 case ZFS_PROP_RESERVATION:
2492 err = dsl_dir_set_reservation(dsname, source, intval);
2493 break;
2494 case ZFS_PROP_REFRESERVATION:
13fe0198 2495 err = dsl_dataset_set_refreservation(dsname, source, intval);
428870ff
BB		 2496 break;
2497 case ZFS_PROP_VOLSIZE:
60101509 2498 err = zvol_set_volsize(dsname, intval);
428870ff 2499 break;
0b4d1b58 2500 case ZFS_PROP_SNAPDEV:
a0bd735a 2501 err = zvol_set_snapdev(dsname, source, intval);
0b4d1b58 2502 break;
cf8738d8 2503 case ZFS_PROP_VOLMODE:
2504 err = zvol_set_volmode(dsname, source, intval);
2505 break;
428870ff
BB		 2506 case ZFS_PROP_VERSION:
2507 {
0037b49e 2508 zfsvfs_t *zfsvfs;
428870ff 2509
f298b24d 2510 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
34dc7c2f 2511 break;
b128c09f 2512
0037b49e 2513 err = zfs_set_version(zfsvfs, intval);
f298b24d 2514 zfsvfs_rele(zfsvfs, FTAG);
34dc7c2f 2515
428870ff
BB		 2516 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2517 zfs_cmd_t *zc;
34dc7c2f 2518
efcd79a8 2519 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
428870ff
BB		 2520 (void) strcpy(zc->zc_name, dsname);
2521 (void) zfs_ioc_userspace_upgrade(zc);
9c5167d1 2522 (void) zfs_ioc_id_quota_upgrade(zc);
428870ff 2523 kmem_free(zc, sizeof (zfs_cmd_t));
34dc7c2f 2524 }
428870ff
BB		 2525 break;
2526 }
428870ff
BB		 2527 default:
2528 err = -1;
2529 }
34dc7c2f 2530
428870ff
BB		 2531 return (err);
2532}
34dc7c2f 2533
428870ff
BB		 2534/*
2535 * This function is best effort. If it fails to set any of the given properties,
6f1ffb06
MA		 2536 * it continues to set as many as it can and returns the last error
2537 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2538 * with the list of names of all the properties that failed along with the
2539 * corresponding error numbers.
428870ff 2540 *
6f1ffb06
MA		 2541 * If every property is set successfully, zero is returned and errlist is not
2542 * modified.
428870ff
BB		 2543 */
2544int
2545zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
6f1ffb06 2546 nvlist_t *errlist)
428870ff
BB		 2547{
2548 nvpair_t *pair;
2549 nvpair_t *propval;
2550 int rv = 0;
2551 uint64_t intval;
2552 char *strval;
34dc7c2f 2553
6f1ffb06
MA		 2554 nvlist_t *genericnvl = fnvlist_alloc();
2555 nvlist_t *retrynvl = fnvlist_alloc();
428870ff
BB		 2556retry:
2557 pair = NULL;
2558 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2559 const char *propname = nvpair_name(pair);
2560 zfs_prop_t prop = zfs_name_to_prop(propname);
2561 int err = 0;
2562
2563 /* decode the property value */
2564 propval = pair;
2565 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2566 nvlist_t *attrs;
6f1ffb06 2567 attrs = fnvpair_value_nvlist(pair);
428870ff
BB		 2568 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2569 &propval) != 0)
2e528b49 2570 err = SET_ERROR(EINVAL);
9babb374 2571 }
34dc7c2f 2572
428870ff 2573 /* Validate value type */
a3eeab2d 2574 if (err == 0 && source == ZPROP_SRC_INHERITED) {
2575 /* inherited properties are expected to be booleans */
2576 if (nvpair_type(propval) != DATA_TYPE_BOOLEAN)
2577 err = SET_ERROR(EINVAL);
2578 } else if (err == 0 && prop == ZPROP_INVAL) {
428870ff
BB		 2579 if (zfs_prop_user(propname)) {
2580 if (nvpair_type(propval) != DATA_TYPE_STRING)
2e528b49 2581 err = SET_ERROR(EINVAL);
428870ff
BB		 2582 } else if (zfs_prop_userquota(propname)) {
2583 if (nvpair_type(propval) !=
2584 DATA_TYPE_UINT64_ARRAY)
2e528b49 2585 err = SET_ERROR(EINVAL);
330d06f9 2586 } else {
2e528b49 2587 err = SET_ERROR(EINVAL);
428870ff
BB		 2588 }
2589 } else if (err == 0) {
2590 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2591 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2e528b49 2592 err = SET_ERROR(EINVAL);
428870ff 2593 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
34dc7c2f
BB		 2594 const char *unused;
2595
6f1ffb06 2596 intval = fnvpair_value_uint64(propval);
34dc7c2f
BB		 2597
2598 switch (zfs_prop_get_type(prop)) {
2599 case PROP_TYPE_NUMBER:
2600 break;
2601 case PROP_TYPE_STRING:
2e528b49 2602 err = SET_ERROR(EINVAL);
428870ff 2603 break;
34dc7c2f
BB		 2604 case PROP_TYPE_INDEX:
2605 if (zfs_prop_index_to_string(prop,
428870ff 2606 intval, &unused) != 0)
2e528b49 2607 err = SET_ERROR(EINVAL);
34dc7c2f
BB		 2608 break;
2609 default:
2610 cmn_err(CE_PANIC,
2611 "unknown property type");
34dc7c2f 2612 }
34dc7c2f 2613 } else {
2e528b49 2614 err = SET_ERROR(EINVAL);
34dc7c2f 2615 }
34dc7c2f 2616 }
428870ff
BB		 2617
2618 /* Validate permissions */
2619 if (err == 0)
2620 err = zfs_check_settable(dsname, pair, CRED());
2621
2622 if (err == 0) {
a3eeab2d 2623 if (source == ZPROP_SRC_INHERITED)
2624 err = -1; /* does not need special handling */
2625 else
2626 err = zfs_prop_set_special(dsname, source,
2627 pair);
428870ff
BB		 2628 if (err == -1) {
2629 /*
2630 * For better performance we build up a list of
2631 * properties to set in a single transaction.
2632 */
2633 err = nvlist_add_nvpair(genericnvl, pair);
2634 } else if (err != 0 && nvl != retrynvl) {
2635 /*
2636 * This may be a spurious error caused by
2637 * receiving quota and reservation out of order.
2638 * Try again in a second pass.
2639 */
2640 err = nvlist_add_nvpair(retrynvl, pair);
2641 }
2642 }
2643
6f1ffb06
MA		 2644 if (err != 0) {
2645 if (errlist != NULL)
2646 fnvlist_add_int32(errlist, propname, err);
2647 rv = err;
2648 }
34dc7c2f
BB		 2649 }
2650
428870ff
BB		 2651 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2652 nvl = retrynvl;
2653 goto retry;
2654 }
2655
2656 if (!nvlist_empty(genericnvl) &&
2657 dsl_props_set(dsname, source, genericnvl) != 0) {
2658 /*
2659 * If this fails, we still want to set as many properties as we
2660 * can, so try setting them individually.
2661 */
2662 pair = NULL;
2663 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2664 const char *propname = nvpair_name(pair);
2665 int err = 0;
2666
2667 propval = pair;
2668 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2669 nvlist_t *attrs;
6f1ffb06
MA		 2670 attrs = fnvpair_value_nvlist(pair);
2671 propval = fnvlist_lookup_nvpair(attrs,
2672 ZPROP_VALUE);
428870ff
BB		 2673 }
2674
2675 if (nvpair_type(propval) == DATA_TYPE_STRING) {
6f1ffb06 2676 strval = fnvpair_value_string(propval);
13fe0198
MA		 2677 err = dsl_prop_set_string(dsname, propname,
2678 source, strval);
a3eeab2d 2679 } else if (nvpair_type(propval) == DATA_TYPE_BOOLEAN) {
2680 err = dsl_prop_inherit(dsname, propname,
2681 source);
428870ff 2682 } else {
6f1ffb06 2683 intval = fnvpair_value_uint64(propval);
13fe0198
MA		 2684 err = dsl_prop_set_int(dsname, propname, source,
2685 intval);
428870ff
BB		 2686 }
2687
2688 if (err != 0) {
6f1ffb06
MA		 2689 if (errlist != NULL) {
2690 fnvlist_add_int32(errlist, propname,
2691 err);
2692 }
2693 rv = err;
428870ff
BB		 2694 }
2695 }
9babb374 2696 }
9babb374 2697 nvlist_free(genericnvl);
428870ff
BB		 2698 nvlist_free(retrynvl);
2699
428870ff 2700 return (rv);
9babb374
BB		 2701}
2702
2703/*
2704 * Check that all the properties are valid user properties.
2705 */
2706static int
6f1ffb06 2707zfs_check_userprops(const char *fsname, nvlist_t *nvl)
9babb374 2708{
428870ff 2709 nvpair_t *pair = NULL;
9babb374
BB		 2710 int error = 0;
2711
428870ff
BB		 2712 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2713 const char *propname = nvpair_name(pair);
9babb374
BB		 2714
2715 if (!zfs_prop_user(propname) ||
428870ff 2716 nvpair_type(pair) != DATA_TYPE_STRING)
2e528b49 2717 return (SET_ERROR(EINVAL));
9babb374 2718
c65aa5b2
BB		 2719 if ((error = zfs_secpolicy_write_perms(fsname,
2720 ZFS_DELEG_PERM_USERPROP, CRED())))
9babb374
BB		 2721 return (error);
2722
2723 if (strlen(propname) >= ZAP_MAXNAMELEN)
2e528b49 2724 return (SET_ERROR(ENAMETOOLONG));
9babb374 2725
da536844 2726 if (strlen(fnvpair_value_string(pair)) >= ZAP_MAXVALUELEN)
2e528b49 2727 return (SET_ERROR(E2BIG));
9babb374 2728 }
34dc7c2f
BB		 2729 return (0);
2730}
2731
428870ff
BB		 2732static void
2733props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2734{
2735 nvpair_t *pair;
2736
2737 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2738
2739 pair = NULL;
2740 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2741 if (nvlist_exists(skipped, nvpair_name(pair)))
2742 continue;
2743
2744 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2745 }
2746}
2747
2748static int
13fe0198 2749clear_received_props(const char *dsname, nvlist_t *props,
428870ff
BB		 2750 nvlist_t *skipped)
2751{
2752 int err = 0;
2753 nvlist_t *cleared_props = NULL;
2754 props_skip(props, skipped, &cleared_props);
2755 if (!nvlist_empty(cleared_props)) {
2756 /*
2757 * Acts on local properties until the dataset has received
2758 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2759 */
2760 zprop_source_t flags = (ZPROP_SRC_NONE |
13fe0198
MA		 2761 (dsl_prop_get_hasrecvd(dsname) ? ZPROP_SRC_RECEIVED : 0));
2762 err = zfs_set_prop_nvlist(dsname, flags, cleared_props, NULL);
428870ff
BB		 2763 }
2764 nvlist_free(cleared_props);
2765 return (err);
2766}
2767
34dc7c2f
BB		 2768/*
2769 * inputs:
2770 * zc_name name of filesystem
9babb374 2771 * zc_value name of property to set
34dc7c2f 2772 * zc_nvlist_src{_size} nvlist of properties to apply
428870ff 2773 * zc_cookie received properties flag
34dc7c2f 2774 *
428870ff
BB		 2775 * outputs:
2776 * zc_nvlist_dst{_size} error for each unapplied received property
34dc7c2f
BB		 2777 */
2778static int
2779zfs_ioc_set_prop(zfs_cmd_t *zc)
2780{
2781 nvlist_t *nvl;
428870ff
BB		 2782 boolean_t received = zc->zc_cookie;
2783 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2784 ZPROP_SRC_LOCAL);
6f1ffb06 2785 nvlist_t *errors;
34dc7c2f
BB		 2786 int error;
2787
2788 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
9babb374 2789 zc->zc_iflags, &nvl)) != 0)
34dc7c2f
BB		 2790 return (error);
2791
428870ff 2792 if (received) {
b128c09f 2793 nvlist_t *origprops;
b128c09f 2794
13fe0198
MA		 2795 if (dsl_prop_get_received(zc->zc_name, &origprops) == 0) {
2796 (void) clear_received_props(zc->zc_name,
2797 origprops, nvl);
2798 nvlist_free(origprops);
428870ff 2799 }
13fe0198
MA		 2800
2801 error = dsl_prop_set_hasrecvd(zc->zc_name);
b128c09f
BB		 2802 }
2803
6f1ffb06 2804 errors = fnvlist_alloc();
13fe0198
MA		 2805 if (error == 0)
2806 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
34dc7c2f 2807
b8864a23 2808 if (zc->zc_nvlist_dst != 0 && errors != NULL) {
428870ff
BB		 2809 (void) put_nvlist(zc, errors);
2810 }
2811
2812 nvlist_free(errors);
34dc7c2f
BB		 2813 nvlist_free(nvl);
2814 return (error);
2815}
2816
2817/*
2818 * inputs:
2819 * zc_name name of filesystem
2820 * zc_value name of property to inherit
428870ff 2821 * zc_cookie revert to received value if TRUE
34dc7c2f
BB		 2822 *
2823 * outputs: none
2824 */
2825static int
2826zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2827{
428870ff
BB		 2828 const char *propname = zc->zc_value;
2829 zfs_prop_t prop = zfs_name_to_prop(propname);
2830 boolean_t received = zc->zc_cookie;
2831 zprop_source_t source = (received
2832 ? ZPROP_SRC_NONE /* revert to received value, if any */
2833 : ZPROP_SRC_INHERITED); /* explicitly inherit */
92aceb2a 2834 nvlist_t *dummy;
2835 nvpair_t *pair;
2836 zprop_type_t type;
2837 int err;
428870ff 2838
92aceb2a 2839 if (!received) {
261c013f
BB		 2840 /*
2841 * Only check this in the non-received case. We want to allow
2842 * 'inherit -S' to revert non-inheritable properties like quota
2843 * and reservation to the received or default values even though
2844 * they are not considered inheritable.
2845 */
2846 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2847 return (SET_ERROR(EINVAL));
959f56b9 2848 }
2849
92aceb2a 2850 if (prop == ZPROP_INVAL) {
2851 if (!zfs_prop_user(propname))
2852 return (SET_ERROR(EINVAL));
2853
2854 type = PROP_TYPE_STRING;
2855 } else if (prop == ZFS_PROP_VOLSIZE || prop == ZFS_PROP_VERSION) {
2856 return (SET_ERROR(EINVAL));
2857 } else {
2858 type = zfs_prop_get_type(prop);
2859 }
2860
2861 /*
2862 * zfs_prop_set_special() expects properties in the form of an
2863 * nvpair with type info.
2864 */
2865 dummy = fnvlist_alloc();
2866
2867 switch (type) {
2868 case PROP_TYPE_STRING:
2869 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2870 break;
2871 case PROP_TYPE_NUMBER:
2872 case PROP_TYPE_INDEX:
2873 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2874 break;
2875 default:
2876 err = SET_ERROR(EINVAL);
2877 goto errout;
2878 }
2879
2880 pair = nvlist_next_nvpair(dummy, NULL);
2881 if (pair == NULL) {
2882 err = SET_ERROR(EINVAL);
2883 } else {
2884 err = zfs_prop_set_special(zc->zc_name, source, pair);
2885 if (err == -1) /* property is not "special", needs handling */
2886 err = dsl_prop_inherit(zc->zc_name, zc->zc_value,
2887 source);
2888 }
2889
2890errout:
2891 nvlist_free(dummy);
2892 return (err);
34dc7c2f
BB		 2893}
2894
2895static int
2896zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2897{
2898 nvlist_t *props;
2899 spa_t *spa;
2900 int error;
428870ff 2901 nvpair_t *pair;
34dc7c2f 2902
c65aa5b2
BB		 2903 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2904 zc->zc_iflags, &props)))
34dc7c2f
BB		 2905 return (error);
2906
d164b209
BB		 2907 /*
2908 * If the only property is the configfile, then just do a spa_lookup()
2909 * to handle the faulted case.
2910 */
428870ff
BB		 2911 pair = nvlist_next_nvpair(props, NULL);
2912 if (pair != NULL && strcmp(nvpair_name(pair),
d164b209 2913 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
428870ff 2914 nvlist_next_nvpair(props, pair) == NULL) {
d164b209
BB		 2915 mutex_enter(&spa_namespace_lock);
2916 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2917 spa_configfile_set(spa, props, B_FALSE);
a1d477c2 2918 spa_write_cachefile(spa, B_FALSE, B_TRUE);
d164b209
BB		 2919 }
2920 mutex_exit(&spa_namespace_lock);
428870ff
BB		 2921 if (spa != NULL) {
2922 nvlist_free(props);
d164b209 2923 return (0);
428870ff 2924 }
d164b209
BB		 2925 }
2926
34dc7c2f
BB		 2927 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2928 nvlist_free(props);
2929 return (error);
2930 }
2931
2932 error = spa_prop_set(spa, props);
2933
2934 nvlist_free(props);
2935 spa_close(spa, FTAG);
2936
2937 return (error);
2938}
2939
2940static int
2941zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2942{
2943 spa_t *spa;
2944 int error;
2945 nvlist_t *nvp = NULL;
2946
d164b209
BB		 2947 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2948 /*
2949 * If the pool is faulted, there may be properties we can still
2950 * get (such as altroot and cachefile), so attempt to get them
2951 * anyway.
2952 */
2953 mutex_enter(&spa_namespace_lock);
2954 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2955 error = spa_prop_get(spa, &nvp);
2956 mutex_exit(&spa_namespace_lock);
2957 } else {
2958 error = spa_prop_get(spa, &nvp);
2959 spa_close(spa, FTAG);
2960 }
34dc7c2f 2961
b8864a23 2962 if (error == 0 && zc->zc_nvlist_dst != 0)
34dc7c2f
BB		 2963 error = put_nvlist(zc, nvp);
2964 else
2e528b49 2965 error = SET_ERROR(EFAULT);
34dc7c2f 2966
d164b209 2967 nvlist_free(nvp);
34dc7c2f
BB		 2968 return (error);
2969}
2970
34dc7c2f
BB		 2971/*
2972 * inputs:
2973 * zc_name name of filesystem
2974 * zc_nvlist_src{_size} nvlist of delegated permissions
2975 * zc_perm_action allow/unallow flag
2976 *
2977 * outputs: none
2978 */
2979static int
2980zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2981{
2982 int error;
2983 nvlist_t *fsaclnv = NULL;
2984
2985 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
9babb374 2986 zc->zc_iflags, &fsaclnv)) != 0)
34dc7c2f
BB		 2987 return (error);
2988
2989 /*
2990 * Verify nvlist is constructed correctly
2991 */
2992 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2993 nvlist_free(fsaclnv);
2e528b49 2994 return (SET_ERROR(EINVAL));
34dc7c2f
BB		 2995 }
2996
2997 /*
2998 * If we don't have PRIV_SYS_MOUNT, then validate
2999 * that user is allowed to hand out each permission in
3000 * the nvlist(s)
3001 */
3002
3003 error = secpolicy_zfs(CRED());
13fe0198 3004 if (error != 0) {
34dc7c2f
BB		 3005 if (zc->zc_perm_action == B_FALSE) {
3006 error = dsl_deleg_can_allow(zc->zc_name,
3007 fsaclnv, CRED());
3008 } else {
3009 error = dsl_deleg_can_unallow(zc->zc_name,
3010 fsaclnv, CRED());
3011 }
3012 }
3013
3014 if (error == 0)
3015 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
3016
3017 nvlist_free(fsaclnv);
3018 return (error);
3019}
3020
3021/*
3022 * inputs:
3023 * zc_name name of filesystem
3024 *
3025 * outputs:
3026 * zc_nvlist_src{_size} nvlist of delegated permissions
3027 */
3028static int
3029zfs_ioc_get_fsacl(zfs_cmd_t *zc)
3030{
3031 nvlist_t *nvp;
3032 int error;
3033
3034 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
3035 error = put_nvlist(zc, nvp);
3036 nvlist_free(nvp);
3037 }
3038
3039 return (error);
3040}
3041
34dc7c2f
BB		 3042/* ARGSUSED */
3043static void
3044zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
3045{
3046 zfs_creat_t *zct = arg;
3047
3048 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
3049}
3050
3051#define ZFS_PROP_UNDEFINED ((uint64_t)-1)
3052
3053/*
3054 * inputs:
b128c09f 3055 * os parent objset pointer (NULL if root fs)
d3cc8b15
WA		 3056 * fuids_ok fuids allowed in this version of the spa?
3057 * sa_ok SAs allowed in this version of the spa?
3058 * createprops list of properties requested by creator
34dc7c2f
BB		 3059 *
3060 * outputs:
3061 * zplprops values for the zplprops we attach to the master node object
b128c09f 3062 * is_ci true if requested file system will be purely case-insensitive
34dc7c2f
BB		 3063 *
3064 * Determine the settings for utf8only, normalization and
3065 * casesensitivity. Specific values may have been requested by the
3066 * creator and/or we can inherit values from the parent dataset. If
3067 * the file system is of too early a vintage, a creator can not
3068 * request settings for these properties, even if the requested
3069 * setting is the default value. We don't actually want to create dsl
3070 * properties for these, so remove them from the source nvlist after
3071 * processing.
3072 */
3073static int
9babb374 3074zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
428870ff
BB		 3075 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
3076 nvlist_t *zplprops, boolean_t *is_ci)
34dc7c2f 3077{
34dc7c2f
BB		 3078 uint64_t sense = ZFS_PROP_UNDEFINED;
3079 uint64_t norm = ZFS_PROP_UNDEFINED;
3080 uint64_t u8 = ZFS_PROP_UNDEFINED;
b129c659 3081 int error;
34dc7c2f
BB		 3082
3083 ASSERT(zplprops != NULL);
3084
d8d418ff 3085 /* parent dataset must be a filesystem */
87a275d9 3086 if (os != NULL && os->os_phys->os_type != DMU_OST_ZFS)
d8d418ff 3087 return (SET_ERROR(ZFS_ERR_WRONG_PARENT));
87a275d9 3088
34dc7c2f
BB		 3089 /*
3090 * Pull out creator prop choices, if any.
3091 */
3092 if (createprops) {
b128c09f
BB		 3093 (void) nvlist_lookup_uint64(createprops,
3094 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
34dc7c2f
BB		 3095 (void) nvlist_lookup_uint64(createprops,
3096 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
3097 (void) nvlist_remove_all(createprops,
3098 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
3099 (void) nvlist_lookup_uint64(createprops,
3100 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
3101 (void) nvlist_remove_all(createprops,
3102 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
3103 (void) nvlist_lookup_uint64(createprops,
3104 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
3105 (void) nvlist_remove_all(createprops,
3106 zfs_prop_to_name(ZFS_PROP_CASE));
3107 }
3108
3109 /*
b128c09f
BB		 3110 * If the zpl version requested is whacky or the file system
3111 * or pool is version is too "young" to support normalization
3112 * and the creator tried to set a value for one of the props,
3113 * error out.
34dc7c2f 3114 */
b128c09f
BB		 3115 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
3116 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
428870ff 3117 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
b128c09f 3118 (zplver < ZPL_VERSION_NORMALIZATION &&
34dc7c2f 3119 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
b128c09f 3120 sense != ZFS_PROP_UNDEFINED)))
2e528b49 3121 return (SET_ERROR(ENOTSUP));
34dc7c2f
BB		 3122
3123 /*
3124 * Put the version in the zplprops
3125 */
3126 VERIFY(nvlist_add_uint64(zplprops,
3127 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
3128
b129c659
MM		 3129 if (norm == ZFS_PROP_UNDEFINED &&
3130 (error = zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm)) != 0)
3131 return (error);
34dc7c2f
BB		 3132 VERIFY(nvlist_add_uint64(zplprops,
3133 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3134
3135 /*
3136 * If we're normalizing, names must always be valid UTF-8 strings.
3137 */
3138 if (norm)
3139 u8 = 1;
b129c659
MM		 3140 if (u8 == ZFS_PROP_UNDEFINED &&
3141 (error = zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8)) != 0)
3142 return (error);
34dc7c2f
BB		 3143 VERIFY(nvlist_add_uint64(zplprops,
3144 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3145
b129c659
MM		 3146 if (sense == ZFS_PROP_UNDEFINED &&
3147 (error = zfs_get_zplprop(os, ZFS_PROP_CASE, &sense)) != 0)
3148 return (error);
34dc7c2f
BB		 3149 VERIFY(nvlist_add_uint64(zplprops,
3150 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3151
3152 if (is_ci)
3153 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3154
34dc7c2f
BB		 3155 return (0);
3156}
3157
b128c09f
BB		 3158static int
3159zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3160 nvlist_t *zplprops, boolean_t *is_ci)
3161{
428870ff 3162 boolean_t fuids_ok, sa_ok;
b128c09f
BB		 3163 uint64_t zplver = ZPL_VERSION;
3164 objset_t *os = NULL;
eca7b760 3165 char parentname[ZFS_MAX_DATASET_NAME_LEN];
428870ff
BB		 3166 spa_t *spa;
3167 uint64_t spa_vers;
b128c09f
BB		 3168 int error;
3169
d8d418ff 3170 zfs_get_parent(dataset, parentname, sizeof (parentname));
b128c09f 3171
428870ff
BB		 3172 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3173 return (error);
3174
3175 spa_vers = spa_version(spa);
3176 spa_close(spa, FTAG);
3177
3178 zplver = zfs_zpl_version_map(spa_vers);
3179 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3180 sa_ok = (zplver >= ZPL_VERSION_SA);
b128c09f
BB		 3181
3182 /*
3183 * Open parent object set so we can inherit zplprop values.
3184 */
428870ff 3185 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
b128c09f
BB		 3186 return (error);
3187
428870ff 3188 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
b128c09f 3189 zplprops, is_ci);
428870ff 3190 dmu_objset_rele(os, FTAG);
b128c09f
BB		 3191 return (error);
3192}
3193
3194static int
3195zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3196 nvlist_t *zplprops, boolean_t *is_ci)
3197{
428870ff
BB		 3198 boolean_t fuids_ok;
3199 boolean_t sa_ok;
b128c09f
BB		 3200 uint64_t zplver = ZPL_VERSION;
3201 int error;
3202
428870ff
BB		 3203 zplver = zfs_zpl_version_map(spa_vers);
3204 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3205 sa_ok = (zplver >= ZPL_VERSION_SA);
b128c09f 3206
428870ff
BB		 3207 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3208 createprops, zplprops, is_ci);
b128c09f
BB		 3209 return (error);
3210}
3211
34dc7c2f 3212/*
6f1ffb06
MA		 3213 * innvl: {
3214 * "type" -> dmu_objset_type_t (int32)
3215 * (optional) "props" -> { prop -> value }
b5256303
TC		 3216 * (optional) "hidden_args" -> { "wkeydata" -> value }
3217 * raw uint8_t array of encryption wrapping key data (32 bytes)
6f1ffb06 3218 * }
34dc7c2f 3219 *
6f1ffb06 3220 * outnvl: propname -> error code (int32)
34dc7c2f 3221 */
b83a0e2d
DB		 3222
3223static const zfs_ioc_key_t zfs_keys_create[] = {
3224 {"type", DATA_TYPE_INT32, 0},
3225 {"props", DATA_TYPE_NVLIST, ZK_OPTIONAL},
3226 {"hidden_args", DATA_TYPE_NVLIST, ZK_OPTIONAL},
3227};
3228
34dc7c2f 3229static int
6f1ffb06 3230zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
34dc7c2f 3231{
34dc7c2f 3232 int error = 0;
6f1ffb06 3233 zfs_creat_t zct = { 0 };
34dc7c2f 3234 nvlist_t *nvprops = NULL;
b5256303 3235 nvlist_t *hidden_args = NULL;
34dc7c2f 3236 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
6f1ffb06
MA		 3237 dmu_objset_type_t type;
3238 boolean_t is_insensitive = B_FALSE;
b5256303 3239 dsl_crypto_params_t *dcp = NULL;
34dc7c2f 3240
b83a0e2d 3241 type = (dmu_objset_type_t)fnvlist_lookup_int32(innvl, "type");
6f1ffb06 3242 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
b5256303 3243 (void) nvlist_lookup_nvlist(innvl, ZPOOL_HIDDEN_ARGS, &hidden_args);
34dc7c2f 3244
6f1ffb06 3245 switch (type) {
34dc7c2f
BB		 3246 case DMU_OST_ZFS:
3247 cbfunc = zfs_create_cb;
3248 break;
3249
3250 case DMU_OST_ZVOL:
3251 cbfunc = zvol_create_cb;
3252 break;
3253
3254 default:
3255 cbfunc = NULL;
3256 break;
3257 }
6f1ffb06
MA		 3258 if (strchr(fsname, '@') ||
3259 strchr(fsname, '%'))
2e528b49 3260 return (SET_ERROR(EINVAL));
34dc7c2f 3261
34dc7c2f
BB		 3262 zct.zct_props = nvprops;
3263
6f1ffb06 3264 if (cbfunc == NULL)
2e528b49 3265 return (SET_ERROR(EINVAL));
34dc7c2f 3266
6f1ffb06
MA		 3267 if (type == DMU_OST_ZVOL) {
3268 uint64_t volsize, volblocksize;
34dc7c2f 3269
6f1ffb06 3270 if (nvprops == NULL)
2e528b49 3271 return (SET_ERROR(EINVAL));
6f1ffb06
MA		 3272 if (nvlist_lookup_uint64(nvprops,
3273 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
2e528b49 3274 return (SET_ERROR(EINVAL));
34dc7c2f 3275
6f1ffb06
MA		 3276 if ((error = nvlist_lookup_uint64(nvprops,
3277 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3278 &volblocksize)) != 0 && error != ENOENT)
2e528b49 3279 return (SET_ERROR(EINVAL));
34dc7c2f 3280
6f1ffb06
MA		 3281 if (error != 0)
3282 volblocksize = zfs_prop_default_numeric(
3283 ZFS_PROP_VOLBLOCKSIZE);
34dc7c2f 3284
4cb7b9c5 3285 if ((error = zvol_check_volblocksize(fsname,
6f1ffb06
MA		 3286 volblocksize)) != 0 ||
3287 (error = zvol_check_volsize(volsize,
3288 volblocksize)) != 0)
3289 return (error);
3290 } else if (type == DMU_OST_ZFS) {
3291 int error;
34dc7c2f 3292
6f1ffb06
MA		 3293 /*
3294 * We have to have normalization and
3295 * case-folding flags correct when we do the
3296 * file system creation, so go figure them out
3297 * now.
3298 */
3299 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3300 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3301 error = zfs_fill_zplprops(fsname, nvprops,
3302 zct.zct_zplprops, &is_insensitive);
3303 if (error != 0) {
3304 nvlist_free(zct.zct_zplprops);
3305 return (error);
34dc7c2f 3306 }
34dc7c2f
BB		 3307 }
3308
b5256303
TC		 3309 error = dsl_crypto_params_create_nvlist(DCP_CMD_NONE, nvprops,
3310 hidden_args, &dcp);
3311 if (error != 0) {
3312 nvlist_free(zct.zct_zplprops);
3313 return (error);
3314 }
3315
6f1ffb06 3316 error = dmu_objset_create(fsname, type,
b5256303
TC		 3317 is_insensitive ? DS_FLAG_CI_DATASET : 0, dcp, cbfunc, &zct);
3318
6f1ffb06 3319 nvlist_free(zct.zct_zplprops);
b5256303 3320 dsl_crypto_params_free(dcp, !!error);
6f1ffb06 3321
34dc7c2f
BB		 3322 /*
3323 * It would be nice to do this atomically.
3324 */
3325 if (error == 0) {
6f1ffb06
MA		 3326 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3327 nvprops, outnvl);
f74b821a
BB		 3328 if (error != 0) {
3329 spa_t *spa;
3330 int error2;
3331
3332 /*
3333 * Volumes will return EBUSY and cannot be destroyed
3334 * until all asynchronous minor handling has completed.
3335 * Wait for the spa_zvol_taskq to drain then retry.
3336 */
3337 error2 = dsl_destroy_head(fsname);
3338 while ((error2 == EBUSY) && (type == DMU_OST_ZVOL)) {
3339 error2 = spa_open(fsname, &spa, FTAG);
3340 if (error2 == 0) {
3341 taskq_wait(spa->spa_zvol_taskq);
3342 spa_close(spa, FTAG);
3343 }
3344 error2 = dsl_destroy_head(fsname);
3345 }
3346 }
34dc7c2f 3347 }
34dc7c2f
BB		 3348 return (error);
3349}
3350
3351/*
6f1ffb06
MA		 3352 * innvl: {
3353 * "origin" -> name of origin snapshot
3354 * (optional) "props" -> { prop -> value }
b5256303
TC		 3355 * (optional) "hidden_args" -> { "wkeydata" -> value }
3356 * raw uint8_t array of encryption wrapping key data (32 bytes)
6f1ffb06 3357 * }
34dc7c2f 3358 *
428870ff 3359 * outputs:
6f1ffb06 3360 * outnvl: propname -> error code (int32)
34dc7c2f 3361 */
b83a0e2d
DB		 3362static const zfs_ioc_key_t zfs_keys_clone[] = {
3363 {"origin", DATA_TYPE_STRING, 0},
3364 {"props", DATA_TYPE_NVLIST, ZK_OPTIONAL},
3365 {"hidden_args", DATA_TYPE_NVLIST, ZK_OPTIONAL},
3366};
3367
34dc7c2f 3368static int
6f1ffb06 3369zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
34dc7c2f 3370{
6f1ffb06 3371 int error = 0;
b128c09f 3372 nvlist_t *nvprops = NULL;
6f1ffb06 3373 char *origin_name;
b128c09f 3374
b83a0e2d 3375 origin_name = fnvlist_lookup_string(innvl, "origin");
6f1ffb06 3376 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
b128c09f 3377
6f1ffb06
MA		 3378 if (strchr(fsname, '@') ||
3379 strchr(fsname, '%'))
2e528b49 3380 return (SET_ERROR(EINVAL));
6f1ffb06
MA		 3381
3382 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
2e528b49 3383 return (SET_ERROR(EINVAL));
b5256303 3384
13fe0198 3385 error = dmu_objset_clone(fsname, origin_name);
b128c09f 3386
6f1ffb06
MA		 3387 /*
3388 * It would be nice to do this atomically.
3389 */
3390 if (error == 0) {
3391 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3392 nvprops, outnvl);
3393 if (error != 0)
13fe0198 3394 (void) dsl_destroy_head(fsname);
b128c09f 3395 }
6f1ffb06
MA		 3396 return (error);
3397}
9babb374 3398
b83a0e2d
DB		 3399static const zfs_ioc_key_t zfs_keys_remap[] = {
3400 /* no nvl keys */
3401};
3402
a1d477c2
MA		 3403/* ARGSUSED */
3404static int
3405zfs_ioc_remap(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3406{
3407 if (strchr(fsname, '@') ||
3408 strchr(fsname, '%'))
3409 return (SET_ERROR(EINVAL));
3410
3411 return (dmu_objset_remap_indirects(fsname));
3412}
3413
6f1ffb06
MA		 3414/*
3415 * innvl: {
3416 * "snaps" -> { snapshot1, snapshot2 }
3417 * (optional) "props" -> { prop -> value (string) }
3418 * }
3419 *
3420 * outnvl: snapshot -> error code (int32)
6f1ffb06 3421 */
b83a0e2d
DB		 3422static const zfs_ioc_key_t zfs_keys_snapshot[] = {
3423 {"snaps", DATA_TYPE_NVLIST, 0},
3424 {"props", DATA_TYPE_NVLIST, ZK_OPTIONAL},
3425};
3426
6f1ffb06
MA		 3427static int
3428zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3429{
3430 nvlist_t *snaps;
3431 nvlist_t *props = NULL;
3432 int error, poollen;
1c27024e 3433 nvpair_t *pair;
9babb374 3434
6f1ffb06
MA		 3435 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3436 if ((error = zfs_check_userprops(poolname, props)) != 0)
3437 return (error);
3438
3439 if (!nvlist_empty(props) &&
3440 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
2e528b49 3441 return (SET_ERROR(ENOTSUP));
6f1ffb06 3442
b83a0e2d 3443 snaps = fnvlist_lookup_nvlist(innvl, "snaps");
6f1ffb06
MA		 3444 poollen = strlen(poolname);
3445 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3446 pair = nvlist_next_nvpair(snaps, pair)) {
3447 const char *name = nvpair_name(pair);
3448 const char *cp = strchr(name, '@');
3449
3450 /*
3451 * The snap name must contain an @, and the part after it must
3452 * contain only valid characters.
3453 */
da536844
MA		 3454 if (cp == NULL ||
3455 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
2e528b49 3456 return (SET_ERROR(EINVAL));
6f1ffb06
MA		 3457
3458 /*
3459 * The snap must be in the specified pool.
3460 */
3461 if (strncmp(name, poolname, poollen) != 0 ||
3462 (name[poollen] != '/' && name[poollen] != '@'))
2e528b49 3463 return (SET_ERROR(EXDEV));
6f1ffb06
MA		 3464
3465 /* This must be the only snap of this fs. */
1c27024e 3466 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
6f1ffb06
MA		 3467 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3468 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3469 == 0) {
2e528b49 3470 return (SET_ERROR(EXDEV));
6f1ffb06
MA		 3471 }
3472 }
3473 }
3474
13fe0198 3475 error = dsl_dataset_snapshot(snaps, props, outnvl);
ba6a2402 3476
6f1ffb06
MA		 3477 return (error);
3478}
3479
3480/*
3481 * innvl: "message" -> string
3482 */
b83a0e2d
DB		 3483static const zfs_ioc_key_t zfs_keys_log_history[] = {
3484 {"message", DATA_TYPE_STRING, 0},
3485};
3486
6f1ffb06
MA		 3487/* ARGSUSED */
3488static int
3489zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3490{
3491 char *message;
3492 spa_t *spa;
3493 int error;
3494 char *poolname;
3495
3496 /*
3497 * The poolname in the ioctl is not set, we get it from the TSD,
3498 * which was set at the end of the last successful ioctl that allows
3499 * logging. The secpolicy func already checked that it is set.
3500 * Only one log ioctl is allowed after each successful ioctl, so
3501 * we clear the TSD here.
3502 */
3503 poolname = tsd_get(zfs_allow_log_key);
9f3d1407 3504 if (poolname == NULL)
3505 return (SET_ERROR(EINVAL));
6f1ffb06
MA		 3506 (void) tsd_set(zfs_allow_log_key, NULL);
3507 error = spa_open(poolname, &spa, FTAG);
3508 strfree(poolname);
3509 if (error != 0)
3510 return (error);
3511
b83a0e2d 3512 message = fnvlist_lookup_string(innvl, "message");
6f1ffb06
MA		 3513
3514 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3515 spa_close(spa, FTAG);
2e528b49 3516 return (SET_ERROR(ENOTSUP));
6f1ffb06
MA		 3517 }
3518
3519 error = spa_history_log(spa, message);
3520 spa_close(spa, FTAG);
b128c09f 3521 return (error);
34dc7c2f
BB		 3522}
3523
ebe7e575 3524/*
13fe0198
MA		 3525 * The dp_config_rwlock must not be held when calling this, because the
3526 * unmount may need to write out data.
3527 *
3528 * This function is best-effort. Callers must deal gracefully if it
3529 * remains mounted (or is remounted after this call).
d09f25dc 3530 *
278bee93
BB		 3531 * Returns 0 if the argument is not a snapshot, or it is not currently a
3532 * filesystem, or we were able to unmount it. Returns error code otherwise.
ebe7e575 3533 */
8d103d88 3534void
13fe0198 3535zfs_unmount_snap(const char *snapname)
34dc7c2f 3536{
278bee93 3537 if (strchr(snapname, '@') == NULL)
8d103d88 3538 return;
ebe7e575 3539
8d103d88 3540 (void) zfsctl_snapshot_unmount((char *)snapname, MNT_FORCE);
13fe0198
MA		 3541}
3542
3543/* ARGSUSED */
3544static int
3545zfs_unmount_snap_cb(const char *snapname, void *arg)
3546{
8d103d88
SD		 3547 zfs_unmount_snap(snapname);
3548 return (0);
13fe0198
MA		 3549}
3550
3551/*
3552 * When a clone is destroyed, its origin may also need to be destroyed,
3553 * in which case it must be unmounted. This routine will do that unmount
3554 * if necessary.
3555 */
3556void
3557zfs_destroy_unmount_origin(const char *fsname)
3558{
3559 int error;
3560 objset_t *os;
3561 dsl_dataset_t *ds;
3562
3563 error = dmu_objset_hold(fsname, FTAG, &os);
3564 if (error != 0)
3565 return;
3566 ds = dmu_objset_ds(os);
3567 if (dsl_dir_is_clone(ds->ds_dir) && DS_IS_DEFER_DESTROY(ds->ds_prev)) {
eca7b760 3568 char originname[ZFS_MAX_DATASET_NAME_LEN];
13fe0198
MA		 3569 dsl_dataset_name(ds->ds_prev, originname);
3570 dmu_objset_rele(os, FTAG);
8d103d88 3571 zfs_unmount_snap(originname);
13fe0198
MA		 3572 } else {
3573 dmu_objset_rele(os, FTAG);
3574 }
34dc7c2f
BB		 3575}
3576
3577/*
6f1ffb06
MA		 3578 * innvl: {
3579 * "snaps" -> { snapshot1, snapshot2 }
3580 * (optional boolean) "defer"
3581 * }
34dc7c2f 3582 *
6f1ffb06 3583 * outnvl: snapshot -> error code (int32)
34dc7c2f 3584 */
b83a0e2d
DB		 3585static const zfs_ioc_key_t zfs_keys_destroy_snaps[] = {
3586 {"snaps", DATA_TYPE_NVLIST, 0},
3587 {"defer", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
3588};
3589
da536844 3590/* ARGSUSED */
34dc7c2f 3591static int
6f1ffb06 3592zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
34dc7c2f 3593{
6f1ffb06 3594 nvlist_t *snaps;
330d06f9 3595 nvpair_t *pair;
6f1ffb06 3596 boolean_t defer;
34dc7c2f 3597
b83a0e2d 3598 snaps = fnvlist_lookup_nvlist(innvl, "snaps");
6f1ffb06 3599 defer = nvlist_exists(innvl, "defer");
330d06f9 3600
6f1ffb06
MA		 3601 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3602 pair = nvlist_next_nvpair(snaps, pair)) {
8d103d88 3603 zfs_unmount_snap(nvpair_name(pair));
da536844
MA		 3604 }
3605
3606 return (dsl_destroy_snapshots_nvl(snaps, defer, outnvl));
3607}
3608
3609/*
3610 * Create bookmarks. Bookmark names are of the form <fs>#<bmark>.
3611 * All bookmarks must be in the same pool.
3612 *
3613 * innvl: {
3614 * bookmark1 -> snapshot1, bookmark2 -> snapshot2
3615 * }
3616 *
3617 * outnvl: bookmark -> error code (int32)
3618 *
3619 */
b83a0e2d
DB		 3620static const zfs_ioc_key_t zfs_keys_bookmark[] = {
3621 {"<bookmark>...", DATA_TYPE_STRING, ZK_WILDCARDLIST},
3622};
3623
da536844
MA		 3624/* ARGSUSED */
3625static int
3626zfs_ioc_bookmark(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3627{
1c27024e 3628 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
da536844
MA		 3629 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
3630 char *snap_name;
3631
3632 /*
3633 * Verify the snapshot argument.
3634 */
3635 if (nvpair_value_string(pair, &snap_name) != 0)
3636 return (SET_ERROR(EINVAL));
3637
3638
3639 /* Verify that the keys (bookmarks) are unique */
1c27024e 3640 for (nvpair_t *pair2 = nvlist_next_nvpair(innvl, pair);
da536844
MA		 3641 pair2 != NULL; pair2 = nvlist_next_nvpair(innvl, pair2)) {
3642 if (strcmp(nvpair_name(pair), nvpair_name(pair2)) == 0)
3643 return (SET_ERROR(EINVAL));
3644 }
3645 }
3646
3647 return (dsl_bookmark_create(innvl, outnvl));
3648}
3649
3650/*
3651 * innvl: {
3652 * property 1, property 2, ...
3653 * }
3654 *
3655 * outnvl: {
3656 * bookmark name 1 -> { property 1, property 2, ... },
3657 * bookmark name 2 -> { property 1, property 2, ... }
3658 * }
3659 *
3660 */
b83a0e2d
DB		 3661static const zfs_ioc_key_t zfs_keys_get_bookmarks[] = {
3662 {"<property>...", DATA_TYPE_BOOLEAN, ZK_WILDCARDLIST | ZK_OPTIONAL},
3663};
3664
da536844
MA		 3665static int
3666zfs_ioc_get_bookmarks(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3667{
3668 return (dsl_get_bookmarks(fsname, innvl, outnvl));
3669}
3670
3671/*
3672 * innvl: {
3673 * bookmark name 1, bookmark name 2
3674 * }
3675 *
3676 * outnvl: bookmark -> error code (int32)
3677 *
3678 */
b83a0e2d
DB		 3679static const zfs_ioc_key_t zfs_keys_destroy_bookmarks[] = {
3680 {"<bookmark>...", DATA_TYPE_BOOLEAN, ZK_WILDCARDLIST},
3681};
3682
da536844
MA		 3683static int
3684zfs_ioc_destroy_bookmarks(const char *poolname, nvlist_t *innvl,
3685 nvlist_t *outnvl)
3686{
3687 int error, poollen;
da536844
MA		 3688
3689 poollen = strlen(poolname);
1c27024e 3690 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
da536844 3691 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
330d06f9 3692 const char *name = nvpair_name(pair);
da536844 3693 const char *cp = strchr(name, '#');
6f1ffb06 3694
330d06f9 3695 /*
da536844
MA		 3696 * The bookmark name must contain an #, and the part after it
3697 * must contain only valid characters.
3698 */
3699 if (cp == NULL ||
3700 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
3701 return (SET_ERROR(EINVAL));
3702
3703 /*
3704 * The bookmark must be in the specified pool.
330d06f9 3705 */
6f1ffb06 3706 if (strncmp(name, poolname, poollen) != 0 ||
da536844 3707 (name[poollen] != '/' && name[poollen] != '#'))
2e528b49 3708 return (SET_ERROR(EXDEV));
330d06f9
MA		 3709 }
3710
da536844
MA		 3711 error = dsl_bookmark_destroy(innvl, outnvl);
3712 return (error);
34dc7c2f
BB		 3713}
3714
b83a0e2d
DB		 3715static const zfs_ioc_key_t zfs_keys_channel_program[] = {
3716 {"program", DATA_TYPE_STRING, 0},
3717 {"arg", DATA_TYPE_ANY, 0},
3718 {"sync", DATA_TYPE_BOOLEAN_VALUE, ZK_OPTIONAL},
3719 {"instrlimit", DATA_TYPE_UINT64, ZK_OPTIONAL},
3720 {"memlimit", DATA_TYPE_UINT64, ZK_OPTIONAL},
3721};
3722
d99a0153
CW		 3723static int
3724zfs_ioc_channel_program(const char *poolname, nvlist_t *innvl,
3725 nvlist_t *outnvl)
3726{
3727 char *program;
3728 uint64_t instrlimit, memlimit;
5b72a38d 3729 boolean_t sync_flag;
d99a0153
CW		 3730 nvpair_t *nvarg = NULL;
3731
b83a0e2d 3732 program = fnvlist_lookup_string(innvl, ZCP_ARG_PROGRAM);
5b72a38d
SD		 3733 if (0 != nvlist_lookup_boolean_value(innvl, ZCP_ARG_SYNC, &sync_flag)) {
3734 sync_flag = B_TRUE;
3735 }
d99a0153
CW		 3736 if (0 != nvlist_lookup_uint64(innvl, ZCP_ARG_INSTRLIMIT, &instrlimit)) {
3737 instrlimit = ZCP_DEFAULT_INSTRLIMIT;
3738 }
3739 if (0 != nvlist_lookup_uint64(innvl, ZCP_ARG_MEMLIMIT, &memlimit)) {
3740 memlimit = ZCP_DEFAULT_MEMLIMIT;
3741 }
b83a0e2d 3742 nvarg = fnvlist_lookup_nvpair(innvl, ZCP_ARG_ARGLIST);
d99a0153
CW		 3743
3744 if (instrlimit == 0 || instrlimit > zfs_lua_max_instrlimit)
3745 return (EINVAL);
234c91c5 3746 if (memlimit == 0 || memlimit > zfs_lua_max_memlimit)
d99a0153
CW		 3747 return (EINVAL);
3748
5b72a38d 3749 return (zcp_eval(poolname, program, sync_flag, instrlimit, memlimit,
d99a0153
CW		 3750 nvarg, outnvl));
3751}
3752
d2734cce
SD		 3753/*
3754 * innvl: unused
3755 * outnvl: empty
3756 */
b83a0e2d
DB		 3757static const zfs_ioc_key_t zfs_keys_pool_checkpoint[] = {
3758 /* no nvl keys */
3759};
3760
d2734cce
SD		 3761/* ARGSUSED */
3762static int
3763zfs_ioc_pool_checkpoint(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3764{
3765 return (spa_checkpoint(poolname));
3766}
3767
3768/*
3769 * innvl: unused
3770 * outnvl: empty
3771 */
b83a0e2d
DB		 3772static const zfs_ioc_key_t zfs_keys_pool_discard_checkpoint[] = {
3773 /* no nvl keys */
3774};
3775
d2734cce
SD		 3776/* ARGSUSED */
3777static int
3778zfs_ioc_pool_discard_checkpoint(const char *poolname, nvlist_t *innvl,
3779 nvlist_t *outnvl)
3780{
3781 return (spa_checkpoint_discard(poolname));
3782}
3783
34dc7c2f
BB		 3784/*
3785 * inputs:
3786 * zc_name name of dataset to destroy
45d1cae3 3787 * zc_defer_destroy mark for deferred destroy
34dc7c2f
BB		 3788 *
3789 * outputs: none
3790 */
3791static int
3792zfs_ioc_destroy(zfs_cmd_t *zc)
3793{
dc1c630b
AG		 3794 objset_t *os;
3795 dmu_objset_type_t ost;
428870ff 3796 int err;
d09f25dc 3797
dc1c630b
AG		 3798 err = dmu_objset_hold(zc->zc_name, FTAG, &os);
3799 if (err != 0)
3800 return (err);
3801 ost = dmu_objset_type(os);
3802 dmu_objset_rele(os, FTAG);
3803
3804 if (ost == DMU_OST_ZFS)
8d103d88 3805 zfs_unmount_snap(zc->zc_name);
34dc7c2f 3806
1b87e0f5 3807 if (strchr(zc->zc_name, '@')) {
13fe0198 3808 err = dsl_destroy_snapshot(zc->zc_name, zc->zc_defer_destroy);
1b87e0f5 3809 } else {
13fe0198 3810 err = dsl_destroy_head(zc->zc_name);
1b87e0f5
RS		 3811 if (err == EEXIST) {
3812 /*
3813 * It is possible that the given DS may have
3814 * hidden child (%recv) datasets - "leftovers"
3815 * resulting from the previously interrupted
3816 * 'zfs receive'.
3817 *
3818 * 6 extra bytes for /%recv
3819 */
3820 char namebuf[ZFS_MAX_DATASET_NAME_LEN + 6];
3821
682ce104
TH		 3822 if (snprintf(namebuf, sizeof (namebuf), "%s/%s",
3823 zc->zc_name, recv_clone_name) >=
3824 sizeof (namebuf))
3825 return (SET_ERROR(EINVAL));
1b87e0f5
RS		 3826
3827 /*
3828 * Try to remove the hidden child (%recv) and after
3829 * that try to remove the target dataset.
3830 * If the hidden child (%recv) does not exist
3831 * the original error (EEXIST) will be returned
3832 */
3833 err = dsl_destroy_head(namebuf);
3834 if (err == 0)
3835 err = dsl_destroy_head(zc->zc_name);
3836 else if (err == ENOENT)
ecb2b7dc 3837 err = SET_ERROR(EEXIST);
1b87e0f5
RS		 3838 }
3839 }
a0bd735a 3840
428870ff 3841 return (err);
34dc7c2f
BB		 3842}
3843
619f0976
GW		 3844/*
3845 * innvl: {
c10d37dd
GW		 3846 * "initialize_command" -> POOL_INITIALIZE_{CANCEL|DO|SUSPEND} (uint64)
3847 * "initialize_vdevs": { -> guids to initialize (nvlist)
3848 * "vdev_path_1": vdev_guid_1, (uint64),
3849 * "vdev_path_2": vdev_guid_2, (uint64),
3850 * ...
619f0976 3851 * },
619f0976
GW		 3852 * }
3853 *
3854 * outnvl: {
c10d37dd
GW		 3855 * "initialize_vdevs": { -> initialization errors (nvlist)
3856 * "vdev_path_1": errno, see function body for possible errnos (uint64)
3857 * "vdev_path_2": errno, ... (uint64)
619f0976 3858 * ...
c10d37dd 3859 * }
619f0976
GW		 3860 * }
3861 *
c10d37dd
GW		 3862 * EINVAL is returned for an unknown commands or if any of the provided vdev
3863 * guids have be specified with a type other than uint64.
619f0976
GW		 3864 */
3865static const zfs_ioc_key_t zfs_keys_pool_initialize[] = {
c10d37dd 3866 {ZPOOL_INITIALIZE_COMMAND, DATA_TYPE_UINT64, 0},
619f0976
GW		 3867 {ZPOOL_INITIALIZE_VDEVS, DATA_TYPE_NVLIST, 0}
3868};
3869
3870static int
3871zfs_ioc_pool_initialize(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3872{
619f0976
GW		 3873 uint64_t cmd_type;
3874 if (nvlist_lookup_uint64(innvl, ZPOOL_INITIALIZE_COMMAND,
3875 &cmd_type) != 0) {
619f0976
GW		 3876 return (SET_ERROR(EINVAL));
3877 }
c10d37dd 3878
619f0976
GW		 3879 if (!(cmd_type == POOL_INITIALIZE_CANCEL ||
3880 cmd_type == POOL_INITIALIZE_DO ||
3881 cmd_type == POOL_INITIALIZE_SUSPEND)) {
619f0976
GW		 3882 return (SET_ERROR(EINVAL));
3883 }
3884
3885 nvlist_t *vdev_guids;
3886 if (nvlist_lookup_nvlist(innvl, ZPOOL_INITIALIZE_VDEVS,
3887 &vdev_guids) != 0) {
619f0976
GW		 3888 return (SET_ERROR(EINVAL));
3889 }
3890
619f0976
GW		 3891 for (nvpair_t *pair = nvlist_next_nvpair(vdev_guids, NULL);
3892 pair != NULL; pair = nvlist_next_nvpair(vdev_guids, pair)) {
c10d37dd
GW		 3893 uint64_t vdev_guid;
3894 if (nvpair_value_uint64(pair, &vdev_guid) != 0) {
3895 return (SET_ERROR(EINVAL));
619f0976
GW		 3896 }
3897 }
c10d37dd
GW		 3898
3899 spa_t *spa;
3900 int error = spa_open(poolname, &spa, FTAG);
3901 if (error != 0)
3902 return (error);
3903
3904 nvlist_t *vdev_errlist = fnvlist_alloc();
3905 int total_errors = spa_vdev_initialize(spa, vdev_guids, cmd_type,
3906 vdev_errlist);
3907
619f0976
GW		 3908 if (fnvlist_size(vdev_errlist) > 0) {
3909 fnvlist_add_nvlist(outnvl, ZPOOL_INITIALIZE_VDEVS,
3910 vdev_errlist);
3911 }
3912 fnvlist_free(vdev_errlist);
3913
3914 spa_close(spa, FTAG);
3915 return (total_errors > 0 ? EINVAL : 0);
3916}
3917
34dc7c2f 3918/*
46ba1e59 3919 * fsname is name of dataset to rollback (to most recent snapshot)
34dc7c2f 3920 *
8ca78ab0 3921 * innvl may contain name of expected target snapshot
46ba1e59
MA		 3922 *
3923 * outnvl: "target" -> name of most recent snapshot
3924 * }
34dc7c2f 3925 */
b83a0e2d
DB		 3926static const zfs_ioc_key_t zfs_keys_rollback[] = {
3927 {"target", DATA_TYPE_STRING, ZK_OPTIONAL},
3928};
3929
46ba1e59 3930/* ARGSUSED */
34dc7c2f 3931static int
8ca78ab0 3932zfs_ioc_rollback(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
34dc7c2f 3933{
0037b49e 3934 zfsvfs_t *zfsvfs;
040dab99 3935 zvol_state_t *zv;
8ca78ab0 3936 char *target = NULL;
13fe0198 3937 int error;
34dc7c2f 3938
8ca78ab0
AG		 3939 (void) nvlist_lookup_string(innvl, "target", &target);
3940 if (target != NULL) {
13342832 3941 const char *cp = strchr(target, '@');
8ca78ab0 3942
13342832
AG		 3943 /*
3944 * The snap name must contain an @, and the part after it must
3945 * contain only valid characters.
3946 */
3947 if (cp == NULL ||
3948 zfs_component_namecheck(cp + 1, NULL, NULL) != 0)
8ca78ab0
AG		 3949 return (SET_ERROR(EINVAL));
3950 }
3951
f298b24d 3952 if (getzfsvfs(fsname, &zfsvfs) == 0) {
ec923db2
GM		 3953 dsl_dataset_t *ds;
3954
0037b49e
BB		 3955 ds = dmu_objset_ds(zfsvfs->z_os);
3956 error = zfs_suspend_fs(zfsvfs);
34dc7c2f
BB		 3957 if (error == 0) {
3958 int resume_err;
3959
8ca78ab0
AG		 3960 error = dsl_dataset_rollback(fsname, target, zfsvfs,
3961 outnvl);
0037b49e 3962 resume_err = zfs_resume_fs(zfsvfs, ds);
34dc7c2f 3963 error = error ? error : resume_err;
34dc7c2f 3964 }
0037b49e 3965 deactivate_super(zfsvfs->z_sb);
040dab99 3966 } else if ((zv = zvol_suspend(fsname)) != NULL) {
8ca78ab0
AG		 3967 error = dsl_dataset_rollback(fsname, target, zvol_tag(zv),
3968 outnvl);
040dab99 3969 zvol_resume(zv);
34dc7c2f 3970 } else {
8ca78ab0 3971 error = dsl_dataset_rollback(fsname, target, NULL, outnvl);
34dc7c2f 3972 }
13fe0198
MA		 3973 return (error);
3974}
34dc7c2f 3975
13fe0198
MA		 3976static int
3977recursive_unmount(const char *fsname, void *arg)
3978{
3979 const char *snapname = arg;
3980 char *fullname;
428870ff 3981
13fe0198 3982 fullname = kmem_asprintf("%s@%s", fsname, snapname);
8d103d88 3983 zfs_unmount_snap(fullname);
13fe0198 3984 strfree(fullname);
00fcdee1 3985
8d103d88 3986 return (0);
34dc7c2f
BB		 3987}
3988
3989/*
3990 * inputs:
3991 * zc_name old name of dataset
3992 * zc_value new name of dataset
3993 * zc_cookie recursive flag (only valid for snapshots)
3994 *
3995 * outputs: none
3996 */
3997static int
3998zfs_ioc_rename(zfs_cmd_t *zc)
3999{
dc1c630b
AG		 4000 objset_t *os;
4001 dmu_objset_type_t ost;
34dc7c2f 4002 boolean_t recursive = zc->zc_cookie & 1;
13fe0198 4003 char *at;
dc1c630b 4004 int err;
34dc7c2f 4005
650258d7 4006 /* "zfs rename" from and to ...%recv datasets should both fail */
4007 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
34dc7c2f 4008 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
650258d7 4009 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0 ||
4010 dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
4011 strchr(zc->zc_name, '%') || strchr(zc->zc_value, '%'))
2e528b49 4012 return (SET_ERROR(EINVAL));
34dc7c2f 4013
dc1c630b
AG		 4014 err = dmu_objset_hold(zc->zc_name, FTAG, &os);
4015 if (err != 0)
4016 return (err);
4017 ost = dmu_objset_type(os);
4018 dmu_objset_rele(os, FTAG);
4019
13fe0198
MA		 4020 at = strchr(zc->zc_name, '@');
4021 if (at != NULL) {
4022 /* snaps must be in same fs */
9554185d
SH		 4023 int error;
4024
13fe0198 4025 if (strncmp(zc->zc_name, zc->zc_value, at - zc->zc_name + 1))
2e528b49 4026 return (SET_ERROR(EXDEV));
13fe0198 4027 *at = '\0';
dc1c630b 4028 if (ost == DMU_OST_ZFS) {
9554185d 4029 error = dmu_objset_find(zc->zc_name,
13fe0198
MA		 4030 recursive_unmount, at + 1,
4031 recursive ? DS_FIND_CHILDREN : 0);
9554185d
SH		 4032 if (error != 0) {
4033 *at = '@';
13fe0198 4034 return (error);
9554185d 4035 }
13fe0198 4036 }
9554185d
SH		 4037 error = dsl_dataset_rename_snapshot(zc->zc_name,
4038 at + 1, strchr(zc->zc_value, '@') + 1, recursive);
4039 *at = '@';
4040
4041 return (error);
13fe0198 4042 } else {
ba6a2402 4043 return (dsl_dir_rename(zc->zc_name, zc->zc_value));
95c73795 4044 }
34dc7c2f
BB		 4045}
4046
428870ff
BB		 4047static int
4048zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
4049{
4050 const char *propname = nvpair_name(pair);
4051 boolean_t issnap = (strchr(dsname, '@') != NULL);
4052 zfs_prop_t prop = zfs_name_to_prop(propname);
4053 uint64_t intval;
4054 int err;
4055
4056 if (prop == ZPROP_INVAL) {
4057 if (zfs_prop_user(propname)) {
c65aa5b2
BB		 4058 if ((err = zfs_secpolicy_write_perms(dsname,
4059 ZFS_DELEG_PERM_USERPROP, cr)))
428870ff
BB		 4060 return (err);
4061 return (0);
4062 }
4063
4064 if (!issnap && zfs_prop_userquota(propname)) {
4065 const char *perm = NULL;
4066 const char *uq_prefix =
4067 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
4068 const char *gq_prefix =
4069 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
1de321e6
JX		 4070 const char *uiq_prefix =
4071 zfs_userquota_prop_prefixes[ZFS_PROP_USEROBJQUOTA];
4072 const char *giq_prefix =
4073 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPOBJQUOTA];
9c5167d1
NF		 4074 const char *pq_prefix =
4075 zfs_userquota_prop_prefixes[ZFS_PROP_PROJECTQUOTA];
4076 const char *piq_prefix = zfs_userquota_prop_prefixes[\
4077 ZFS_PROP_PROJECTOBJQUOTA];
428870ff
BB		 4078
4079 if (strncmp(propname, uq_prefix,
4080 strlen(uq_prefix)) == 0) {
4081 perm = ZFS_DELEG_PERM_USERQUOTA;
1de321e6
JX		 4082 } else if (strncmp(propname, uiq_prefix,
4083 strlen(uiq_prefix)) == 0) {
4084 perm = ZFS_DELEG_PERM_USEROBJQUOTA;
428870ff
BB		 4085 } else if (strncmp(propname, gq_prefix,
4086 strlen(gq_prefix)) == 0) {
4087 perm = ZFS_DELEG_PERM_GROUPQUOTA;
1de321e6
JX		 4088 } else if (strncmp(propname, giq_prefix,
4089 strlen(giq_prefix)) == 0) {
4090 perm = ZFS_DELEG_PERM_GROUPOBJQUOTA;
9c5167d1
NF		 4091 } else if (strncmp(propname, pq_prefix,
4092 strlen(pq_prefix)) == 0) {
4093 perm = ZFS_DELEG_PERM_PROJECTQUOTA;
4094 } else if (strncmp(propname, piq_prefix,
4095 strlen(piq_prefix)) == 0) {
4096 perm = ZFS_DELEG_PERM_PROJECTOBJQUOTA;
428870ff 4097 } else {
9c5167d1 4098 /* {USER|GROUP|PROJECT}USED are read-only */
2e528b49 4099 return (SET_ERROR(EINVAL));
428870ff
BB		 4100 }
4101
c65aa5b2 4102 if ((err = zfs_secpolicy_write_perms(dsname, perm, cr)))
428870ff
BB		 4103 return (err);
4104 return (0);
4105 }
4106
2e528b49 4107 return (SET_ERROR(EINVAL));
428870ff
BB		 4108 }
4109
4110 if (issnap)
2e528b49 4111 return (SET_ERROR(EINVAL));
428870ff
BB		 4112
4113 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
4114 /*
4115 * dsl_prop_get_all_impl() returns properties in this
4116 * format.
4117 */
4118 nvlist_t *attrs;
4119 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
4120 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4121 &pair) == 0);
4122 }
4123
4124 /*
4125 * Check that this value is valid for this pool version
4126 */
4127 switch (prop) {
4128 case ZFS_PROP_COMPRESSION:
4129 /*
4130 * If the user specified gzip compression, make sure
4131 * the SPA supports it. We ignore any errors here since
4132 * we'll catch them later.
4133 */
f1512ee6 4134 if (nvpair_value_uint64(pair, &intval) == 0) {
428870ff
BB		 4135 if (intval >= ZIO_COMPRESS_GZIP_1 &&
4136 intval <= ZIO_COMPRESS_GZIP_9 &&
4137 zfs_earlier_version(dsname,
4138 SPA_VERSION_GZIP_COMPRESSION)) {
2e528b49 4139 return (SET_ERROR(ENOTSUP));
428870ff
BB		 4140 }
4141
4142 if (intval == ZIO_COMPRESS_ZLE &&
4143 zfs_earlier_version(dsname,
4144 SPA_VERSION_ZLE_COMPRESSION))
2e528b49 4145 return (SET_ERROR(ENOTSUP));
428870ff 4146
9759c60f 4147 if (intval == ZIO_COMPRESS_LZ4) {
9759c60f
ED		 4148 spa_t *spa;
4149
4150 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
4151 return (err);
4152
fa86b5db
MA		 4153 if (!spa_feature_is_enabled(spa,
4154 SPA_FEATURE_LZ4_COMPRESS)) {
9759c60f 4155 spa_close(spa, FTAG);
2e528b49 4156 return (SET_ERROR(ENOTSUP));
9759c60f
ED		 4157 }
4158 spa_close(spa, FTAG);
4159 }
4160
428870ff
BB		 4161 /*
4162 * If this is a bootable dataset then
4163 * verify that the compression algorithm
4164 * is supported for booting. We must return
4165 * something other than ENOTSUP since it
4166 * implies a downrev pool version.
4167 */
4168 if (zfs_is_bootfs(dsname) &&
4169 !BOOTFS_COMPRESS_VALID(intval)) {
2e528b49 4170 return (SET_ERROR(ERANGE));
428870ff
BB		 4171 }
4172 }
4173 break;
4174
4175 case ZFS_PROP_COPIES:
4176 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
2e528b49 4177 return (SET_ERROR(ENOTSUP));
428870ff
BB		 4178 break;
4179
4cb7b9c5 4180 case ZFS_PROP_VOLBLOCKSIZE:
f1512ee6
MA		 4181 case ZFS_PROP_RECORDSIZE:
4182 /* Record sizes above 128k need the feature to be enabled */
4183 if (nvpair_value_uint64(pair, &intval) == 0 &&
4184 intval > SPA_OLD_MAXBLOCKSIZE) {
4185 spa_t *spa;
4186
f1512ee6
MA		 4187 /*
4188 * We don't allow setting the property above 1MB,
4189 * unless the tunable has been changed.
4190 */
4191 if (intval > zfs_max_recordsize ||
4192 intval > SPA_MAXBLOCKSIZE)
4b2a3e0c 4193 return (SET_ERROR(ERANGE));
f1512ee6
MA		 4194
4195 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
4196 return (err);
4197
4198 if (!spa_feature_is_enabled(spa,
4199 SPA_FEATURE_LARGE_BLOCKS)) {
4200 spa_close(spa, FTAG);
4201 return (SET_ERROR(ENOTSUP));
4202 }
4203 spa_close(spa, FTAG);
4204 }
4205 break;
4206
50c957f7
NB		 4207 case ZFS_PROP_DNODESIZE:
4208 /* Dnode sizes above 512 need the feature to be enabled */
4209 if (nvpair_value_uint64(pair, &intval) == 0 &&
4210 intval != ZFS_DNSIZE_LEGACY) {
4211 spa_t *spa;
4212
4213 /*
4214 * If this is a bootable dataset then
4215 * we don't allow large (>512B) dnodes,
4216 * because GRUB doesn't support them.
4217 */
4218 if (zfs_is_bootfs(dsname) &&
02730c33 4219 intval != ZFS_DNSIZE_LEGACY) {
50c957f7
NB		 4220 return (SET_ERROR(EDOM));
4221 }
4222
4223 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
4224 return (err);
4225
4226 if (!spa_feature_is_enabled(spa,
4227 SPA_FEATURE_LARGE_DNODE)) {
4228 spa_close(spa, FTAG);
4229 return (SET_ERROR(ENOTSUP));
4230 }
4231 spa_close(spa, FTAG);
4232 }
4233 break;
4234
cc99f275
DB		 4235 case ZFS_PROP_SPECIAL_SMALL_BLOCKS:
4236 /*
4237 * This property could require the allocation classes
4238 * feature to be active for setting, however we allow
4239 * it so that tests of settable properties succeed.
4240 * The CLI will issue a warning in this case.
4241 */
4242 break;
4243
428870ff
BB		 4244 case ZFS_PROP_SHARESMB:
4245 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
2e528b49 4246 return (SET_ERROR(ENOTSUP));
428870ff
BB		 4247 break;
4248
4249 case ZFS_PROP_ACLINHERIT:
4250 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
4251 nvpair_value_uint64(pair, &intval) == 0) {
4252 if (intval == ZFS_ACL_PASSTHROUGH_X &&
4253 zfs_earlier_version(dsname,
4254 SPA_VERSION_PASSTHROUGH_X))
2e528b49 4255 return (SET_ERROR(ENOTSUP));
428870ff
BB		 4256 }
4257 break;
3c67d83a
TH		 4258 case ZFS_PROP_CHECKSUM:
4259 case ZFS_PROP_DEDUP:
4260 {
4261 spa_feature_t feature;
4262 spa_t *spa;
3c67d83a
TH		 4263 int err;
4264
4265 /* dedup feature version checks */
4266 if (prop == ZFS_PROP_DEDUP &&
4267 zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
4268 return (SET_ERROR(ENOTSUP));
4269
c8c30836 4270 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
4271 nvpair_value_uint64(pair, &intval) == 0) {
4272 /* check prop value is enabled in features */
4273 feature = zio_checksum_to_feature(
4274 intval & ZIO_CHECKSUM_MASK);
4275 if (feature == SPA_FEATURE_NONE)
4276 break;
3c67d83a 4277
c8c30836 4278 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
4279 return (err);
5fadb7fb 4280
c8c30836 4281 if (!spa_feature_is_enabled(spa, feature)) {
4282 spa_close(spa, FTAG);
4283 return (SET_ERROR(ENOTSUP));
4284 }
3c67d83a 4285 spa_close(spa, FTAG);
3c67d83a 4286 }
3c67d83a
TH		 4287 break;
4288 }
4289
e75c13c3
BB		 4290 default:
4291 break;
428870ff
BB		 4292 }
4293
4294 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
4295}
4296
4297/*
4298 * Removes properties from the given props list that fail permission checks
4299 * needed to clear them and to restore them in case of a receive error. For each
4300 * property, make sure we have both set and inherit permissions.
4301 *
4302 * Returns the first error encountered if any permission checks fail. If the
4303 * caller provides a non-NULL errlist, it also gives the complete list of names
4304 * of all the properties that failed a permission check along with the
4305 * corresponding error numbers. The caller is responsible for freeing the
4306 * returned errlist.
4307 *
4308 * If every property checks out successfully, zero is returned and the list
4309 * pointed at by errlist is NULL.
4310 */
4311static int
4312zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
b128c09f
BB		 4313{
4314 zfs_cmd_t *zc;
428870ff
BB		 4315 nvpair_t *pair, *next_pair;
4316 nvlist_t *errors;
4317 int err, rv = 0;
b128c09f
BB		 4318
4319 if (props == NULL)
428870ff
BB		 4320 return (0);
4321
4322 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4323
efcd79a8 4324 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
680eada9 4325 (void) strlcpy(zc->zc_name, dataset, sizeof (zc->zc_name));
428870ff
BB		 4326 pair = nvlist_next_nvpair(props, NULL);
4327 while (pair != NULL) {
4328 next_pair = nvlist_next_nvpair(props, pair);
4329
680eada9 4330 (void) strlcpy(zc->zc_value, nvpair_name(pair),
4331 sizeof (zc->zc_value));
428870ff 4332 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
6f1ffb06 4333 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
428870ff
BB		 4334 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
4335 VERIFY(nvlist_add_int32(errors,
4336 zc->zc_value, err) == 0);
4337 }
4338 pair = next_pair;
b128c09f
BB		 4339 }
4340 kmem_free(zc, sizeof (zfs_cmd_t));
428870ff
BB		 4341
4342 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
4343 nvlist_free(errors);
4344 errors = NULL;
4345 } else {
4346 VERIFY(nvpair_value_int32(pair, &rv) == 0);
4347 }
4348
4349 if (errlist == NULL)
4350 nvlist_free(errors);
4351 else
4352 *errlist = errors;
4353
4354 return (rv);
4355}
4356
4357static boolean_t
4358propval_equals(nvpair_t *p1, nvpair_t *p2)
4359{
4360 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
4361 /* dsl_prop_get_all_impl() format */
4362 nvlist_t *attrs;
4363 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
4364 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4365 &p1) == 0);
4366 }
4367
4368 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
4369 nvlist_t *attrs;
4370 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
4371 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
4372 &p2) == 0);
4373 }
4374
4375 if (nvpair_type(p1) != nvpair_type(p2))
4376 return (B_FALSE);
4377
4378 if (nvpair_type(p1) == DATA_TYPE_STRING) {
4379 char *valstr1, *valstr2;
4380
4381 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
4382 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
4383 return (strcmp(valstr1, valstr2) == 0);
4384 } else {
4385 uint64_t intval1, intval2;
4386
4387 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
4388 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
4389 return (intval1 == intval2);
4390 }
b128c09f
BB		 4391}
4392
428870ff
BB		 4393/*
4394 * Remove properties from props if they are not going to change (as determined
4395 * by comparison with origprops). Remove them from origprops as well, since we
4396 * do not need to clear or restore properties that won't change.
4397 */
4398static void
4399props_reduce(nvlist_t *props, nvlist_t *origprops)
4400{
4401 nvpair_t *pair, *next_pair;
4402
4403 if (origprops == NULL)
4404 return; /* all props need to be received */
4405
4406 pair = nvlist_next_nvpair(props, NULL);
4407 while (pair != NULL) {
4408 const char *propname = nvpair_name(pair);
4409 nvpair_t *match;
4410
4411 next_pair = nvlist_next_nvpair(props, pair);
4412
4413 if ((nvlist_lookup_nvpair(origprops, propname,
4414 &match) != 0) || !propval_equals(pair, match))
4415 goto next; /* need to set received value */
4416
4417 /* don't clear the existing received value */
4418 (void) nvlist_remove_nvpair(origprops, match);
4419 /* don't bother receiving the property */
4420 (void) nvlist_remove_nvpair(props, pair);
4421next:
4422 pair = next_pair;
4423 }
4424}
4425
671c9354
DM		 4426/*
4427 * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4428 * For example, refquota cannot be set until after the receipt of a dataset,
4429 * because in replication streams, an older/earlier snapshot may exceed the
4430 * refquota. We want to receive the older/earlier snapshot, but setting
4431 * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4432 * the older/earlier snapshot from being received (with EDQUOT).
4433 *
4434 * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4435 *
4436 * libzfs will need to be judicious handling errors encountered by props
4437 * extracted by this function.
4438 */
4439static nvlist_t *
4440extract_delay_props(nvlist_t *props)
4441{
4442 nvlist_t *delayprops;
4443 nvpair_t *nvp, *tmp;
b5256303
TC		 4444 static const zfs_prop_t delayable[] = {
4445 ZFS_PROP_REFQUOTA,
4446 ZFS_PROP_KEYLOCATION,
4447 0
4448 };
671c9354
DM		 4449 int i;
4450
4451 VERIFY(nvlist_alloc(&delayprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
4452
4453 for (nvp = nvlist_next_nvpair(props, NULL); nvp != NULL;
4454 nvp = nvlist_next_nvpair(props, nvp)) {
4455 /*
4456 * strcmp() is safe because zfs_prop_to_name() always returns
4457 * a bounded string.
4458 */
4459 for (i = 0; delayable[i] != 0; i++) {
4460 if (strcmp(zfs_prop_to_name(delayable[i]),
4461 nvpair_name(nvp)) == 0) {
4462 break;
4463 }
4464 }
4465 if (delayable[i] != 0) {
4466 tmp = nvlist_prev_nvpair(props, nvp);
4467 VERIFY(nvlist_add_nvpair(delayprops, nvp) == 0);
4468 VERIFY(nvlist_remove_nvpair(props, nvp) == 0);
4469 nvp = tmp;
4470 }
4471 }
4472
4473 if (nvlist_empty(delayprops)) {
4474 nvlist_free(delayprops);
4475 delayprops = NULL;
4476 }
4477 return (delayprops);
4478}
4479
428870ff
BB		 4480#ifdef DEBUG
4481static boolean_t zfs_ioc_recv_inject_err;
4482#endif
4483
34dc7c2f 4484/*
1bf3bf0e
GN		 4485 * nvlist 'errors' is always allocated. It will contain descriptions of
4486 * encountered errors, if any. It's the callers responsibility to free.
34dc7c2f
BB		 4487 */
4488static int
a3eeab2d 4489zfs_ioc_recv_impl(char *tofs, char *tosnap, char *origin, nvlist_t *recvprops,
d9c460a0
TC		 4490 nvlist_t *localprops, nvlist_t *hidden_args, boolean_t force,
4491 boolean_t resumable, int input_fd, dmu_replay_record_t *begin_record,
4492 int cleanup_fd, uint64_t *read_bytes, uint64_t *errflags,
4493 uint64_t *action_handle, nvlist_t **errors)
34dc7c2f 4494{
34dc7c2f 4495 dmu_recv_cookie_t drc;
428870ff
BB		 4496 int error = 0;
4497 int props_error = 0;
34dc7c2f 4498 offset_t off;
d9c460a0
TC		 4499 nvlist_t *local_delayprops = NULL;
4500 nvlist_t *recv_delayprops = NULL;
43e52edd 4501 nvlist_t *origprops = NULL; /* existing properties */
a3eeab2d 4502 nvlist_t *origrecvd = NULL; /* existing received properties */
428870ff 4503 boolean_t first_recvd_props = B_FALSE;
43e52edd 4504 file_t *input_fp;
34dc7c2f 4505
1bf3bf0e
GN		 4506 *read_bytes = 0;
4507 *errflags = 0;
4508 *errors = fnvlist_alloc();
4509
43e52edd
BB		 4510 input_fp = getf(input_fd);
4511 if (input_fp == NULL)
2e528b49 4512 return (SET_ERROR(EBADF));
13fe0198 4513
d9c460a0
TC		 4514 error = dmu_recv_begin(tofs, tosnap, begin_record, force,
4515 resumable, localprops, hidden_args, origin, &drc);
13fe0198
MA		 4516 if (error != 0)
4517 goto out;
4518
4519 /*
4520 * Set properties before we receive the stream so that they are applied
4521 * to the new data. Note that we must call dmu_recv_stream() if
4522 * dmu_recv_begin() succeeds.
4523 */
a3eeab2d 4524 if (recvprops != NULL && !drc.drc_newfs) {
13fe0198
MA		 4525 if (spa_version(dsl_dataset_get_spa(drc.drc_ds)) >=
4526 SPA_VERSION_RECVD_PROPS &&
4527 !dsl_prop_get_hasrecvd(tofs))
428870ff 4528 first_recvd_props = B_TRUE;
428870ff 4529
b128c09f 4530 /*
428870ff 4531 * If new received properties are supplied, they are to
d9c460a0
TC		 4532 * completely replace the existing received properties,
4533 * so stash away the existing ones.
b128c09f 4534 */
a3eeab2d 4535 if (dsl_prop_get_received(tofs, &origrecvd) == 0) {
428870ff
BB		 4536 nvlist_t *errlist = NULL;
4537 /*
4538 * Don't bother writing a property if its value won't
4539 * change (and avoid the unnecessary security checks).
4540 *
4541 * The first receive after SPA_VERSION_RECVD_PROPS is a
4542 * special case where we blow away all local properties
4543 * regardless.
4544 */
4545 if (!first_recvd_props)
a3eeab2d 4546 props_reduce(recvprops, origrecvd);
4547 if (zfs_check_clearable(tofs, origrecvd, &errlist) != 0)
43e52edd 4548 (void) nvlist_merge(*errors, errlist, 0);
428870ff 4549 nvlist_free(errlist);
b128c09f 4550
a3eeab2d 4551 if (clear_received_props(tofs, origrecvd,
4552 first_recvd_props ? NULL : recvprops) != 0)
4553 *errflags |= ZPROP_ERR_NOCLEAR;
4554 } else {
4555 *errflags |= ZPROP_ERR_NOCLEAR;
4556 }
4557 }
4558
4559 /*
4560 * Stash away existing properties so we can restore them on error unless
4561 * we're doing the first receive after SPA_VERSION_RECVD_PROPS, in which
4562 * case "origrecvd" will take care of that.
4563 */
4564 if (localprops != NULL && !drc.drc_newfs && !first_recvd_props) {
4565 objset_t *os;
4566 if (dmu_objset_hold(tofs, FTAG, &os) == 0) {
4567 if (dsl_prop_get_all(os, &origprops) != 0) {
43e52edd 4568 *errflags |= ZPROP_ERR_NOCLEAR;
a3eeab2d 4569 }
4570 dmu_objset_rele(os, FTAG);
13fe0198 4571 } else {
43e52edd 4572 *errflags |= ZPROP_ERR_NOCLEAR;
428870ff 4573 }
13fe0198
MA		 4574 }
4575
a3eeab2d 4576 if (recvprops != NULL) {
13fe0198 4577 props_error = dsl_prop_set_hasrecvd(tofs);
428870ff 4578
13fe0198 4579 if (props_error == 0) {
d9c460a0 4580 recv_delayprops = extract_delay_props(recvprops);
13fe0198 4581 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
a3eeab2d 4582 recvprops, *errors);
13fe0198 4583 }
428870ff
BB		 4584 }
4585
a3eeab2d 4586 if (localprops != NULL) {
4587 nvlist_t *oprops = fnvlist_alloc();
4588 nvlist_t *xprops = fnvlist_alloc();
4589 nvpair_t *nvp = NULL;
4590
4591 while ((nvp = nvlist_next_nvpair(localprops, nvp)) != NULL) {
4592 if (nvpair_type(nvp) == DATA_TYPE_BOOLEAN) {
4593 /* -x property */
4594 const char *name = nvpair_name(nvp);
4595 zfs_prop_t prop = zfs_name_to_prop(name);
4596 if (prop != ZPROP_INVAL) {
4597 if (!zfs_prop_inheritable(prop))
4598 continue;
4599 } else if (!zfs_prop_user(name))
4600 continue;
4601 fnvlist_add_boolean(xprops, name);
4602 } else {
4603 /* -o property=value */
4604 fnvlist_add_nvpair(oprops, nvp);
4605 }
4606 }
d9c460a0
TC		 4607
4608 local_delayprops = extract_delay_props(oprops);
a3eeab2d 4609 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_LOCAL,
4610 oprops, *errors);
4611 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_INHERITED,
4612 xprops, *errors);
4613
4614 nvlist_free(oprops);
4615 nvlist_free(xprops);
4616 }
4617
43e52edd
BB		 4618 off = input_fp->f_offset;
4619 error = dmu_recv_stream(&drc, input_fp->f_vnode, &off, cleanup_fd,
4620 action_handle);
34dc7c2f 4621
45d1cae3 4622 if (error == 0) {
0037b49e 4623 zfsvfs_t *zfsvfs = NULL;
040dab99 4624 zvol_state_t *zv = NULL;
b128c09f 4625
f298b24d 4626 if (getzfsvfs(tofs, &zfsvfs) == 0) {
45d1cae3 4627 /* online recv */
ec923db2 4628 dsl_dataset_t *ds;
45d1cae3 4629 int end_err;
b128c09f 4630
0037b49e
BB		 4631 ds = dmu_objset_ds(zfsvfs->z_os);
4632 error = zfs_suspend_fs(zfsvfs);
45d1cae3
BB		 4633 /*
4634 * If the suspend fails, then the recv_end will
4635 * likely also fail, and clean up after itself.
4636 */
0037b49e 4637 end_err = dmu_recv_end(&drc, zfsvfs);
428870ff 4638 if (error == 0)
0037b49e 4639 error = zfs_resume_fs(zfsvfs, ds);
45d1cae3 4640 error = error ? error : end_err;
0037b49e 4641 deactivate_super(zfsvfs->z_sb);
040dab99
CC		 4642 } else if ((zv = zvol_suspend(tofs)) != NULL) {
4643 error = dmu_recv_end(&drc, zvol_tag(zv));
4644 zvol_resume(zv);
b128c09f 4645 } else {
831baf06 4646 error = dmu_recv_end(&drc, NULL);
34dc7c2f 4647 }
671c9354
DM		 4648
4649 /* Set delayed properties now, after we're done receiving. */
d9c460a0 4650 if (recv_delayprops != NULL && error == 0) {
671c9354 4651 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
d9c460a0
TC		 4652 recv_delayprops, *errors);
4653 }
4654 if (local_delayprops != NULL && error == 0) {
4655 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_LOCAL,
4656 local_delayprops, *errors);
671c9354
DM		 4657 }
4658 }
4659
d9c460a0
TC		 4660 /*
4661 * Merge delayed props back in with initial props, in case
4662 * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
4663 * we have to make sure clear_received_props() includes
4664 * the delayed properties).
4665 *
4666 * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
4667 * using ASSERT() will be just like a VERIFY.
4668 */
4669 if (recv_delayprops != NULL) {
4670 ASSERT(nvlist_merge(recvprops, recv_delayprops, 0) == 0);
4671 nvlist_free(recv_delayprops);
4672 }
4673 if (local_delayprops != NULL) {
4674 ASSERT(nvlist_merge(localprops, local_delayprops, 0) == 0);
4675 nvlist_free(local_delayprops);
671c9354 4676 }
34dc7c2f 4677
43e52edd
BB		 4678 *read_bytes = off - input_fp->f_offset;
4679 if (VOP_SEEK(input_fp->f_vnode, input_fp->f_offset, &off, NULL) == 0)
02730c33 4680 input_fp->f_offset = off;
34dc7c2f 4681
428870ff
BB		 4682#ifdef DEBUG
4683 if (zfs_ioc_recv_inject_err) {
4684 zfs_ioc_recv_inject_err = B_FALSE;
4685 error = 1;
4686 }
4687#endif
ba6a2402 4688
b128c09f
BB		 4689 /*
4690 * On error, restore the original props.
4691 */
a3eeab2d 4692 if (error != 0 && recvprops != NULL && !drc.drc_newfs) {
4693 if (clear_received_props(tofs, recvprops, NULL) != 0) {
13fe0198
MA		 4694 /*
4695 * We failed to clear the received properties.
4696 * Since we may have left a $recvd value on the
4697 * system, we can't clear the $hasrecvd flag.
4698 */
43e52edd 4699 *errflags |= ZPROP_ERR_NORESTORE;
13fe0198
MA		 4700 } else if (first_recvd_props) {
4701 dsl_prop_unset_hasrecvd(tofs);
428870ff
BB		 4702 }
4703
a3eeab2d 4704 if (origrecvd == NULL && !drc.drc_newfs) {
428870ff 4705 /* We failed to stash the original properties. */
43e52edd 4706 *errflags |= ZPROP_ERR_NORESTORE;
428870ff
BB		 4707 }
4708
4709 /*
4710 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4711 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4e33ba4c 4712 * explicitly if we're restoring local properties cleared in the
428870ff
BB		 4713 * first new-style receive.
4714 */
a3eeab2d 4715 if (origrecvd != NULL &&
428870ff
BB		 4716 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4717 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
a3eeab2d 4718 origrecvd, NULL) != 0) {
428870ff
BB		 4719 /*
4720 * We stashed the original properties but failed to
4721 * restore them.
4722 */
43e52edd 4723 *errflags |= ZPROP_ERR_NORESTORE;
428870ff 4724 }
b128c09f 4725 }
a3eeab2d 4726 if (error != 0 && localprops != NULL && !drc.drc_newfs &&
4727 !first_recvd_props) {
4728 nvlist_t *setprops;
4729 nvlist_t *inheritprops;
4730 nvpair_t *nvp;
4731
4732 if (origprops == NULL) {
4733 /* We failed to stash the original properties. */
4734 *errflags |= ZPROP_ERR_NORESTORE;
4735 goto out;
4736 }
4737
4738 /* Restore original props */
4739 setprops = fnvlist_alloc();
4740 inheritprops = fnvlist_alloc();
4741 nvp = NULL;
4742 while ((nvp = nvlist_next_nvpair(localprops, nvp)) != NULL) {
4743 const char *name = nvpair_name(nvp);
4744 const char *source;
4745 nvlist_t *attrs;
4746
4747 if (!nvlist_exists(origprops, name)) {
4748 /*
4749 * Property was not present or was explicitly
4750 * inherited before the receive, restore this.
4751 */
4752 fnvlist_add_boolean(inheritprops, name);
4753 continue;
4754 }
4755 attrs = fnvlist_lookup_nvlist(origprops, name);
4756 source = fnvlist_lookup_string(attrs, ZPROP_SOURCE);
4757
4758 /* Skip received properties */
4759 if (strcmp(source, ZPROP_SOURCE_VAL_RECVD) == 0)
4760 continue;
4761
4762 if (strcmp(source, tofs) == 0) {
4763 /* Property was locally set */
4764 fnvlist_add_nvlist(setprops, name, attrs);
4765 } else {
4766 /* Property was implicitly inherited */
4767 fnvlist_add_boolean(inheritprops, name);
4768 }
4769 }
4770
4771 if (zfs_set_prop_nvlist(tofs, ZPROP_SRC_LOCAL, setprops,
4772 NULL) != 0)
4773 *errflags |= ZPROP_ERR_NORESTORE;
4774 if (zfs_set_prop_nvlist(tofs, ZPROP_SRC_INHERITED, inheritprops,
4775 NULL) != 0)
4776 *errflags |= ZPROP_ERR_NORESTORE;
4777
4778 nvlist_free(setprops);
4779 nvlist_free(inheritprops);
4780 }
b128c09f 4781out:
43e52edd 4782 releasef(input_fd);
a3eeab2d 4783 nvlist_free(origrecvd);
b128c09f 4784 nvlist_free(origprops);
428870ff
BB		 4785
4786 if (error == 0)
4787 error = props_error;
4788
34dc7c2f
BB		 4789 return (error);
4790}
4791
43e52edd
BB		 4792/*
4793 * inputs:
4794 * zc_name name of containing filesystem (unused)
4795 * zc_nvlist_src{_size} nvlist of properties to apply
a3eeab2d 4796 * zc_nvlist_conf{_size} nvlist of properties to exclude
4797 * (DATA_TYPE_BOOLEAN) and override (everything else)
43e52edd
BB		 4798 * zc_value name of snapshot to create
4799 * zc_string name of clone origin (if DRR_FLAG_CLONE)
4800 * zc_cookie file descriptor to recv from
4801 * zc_begin_record the BEGIN record of the stream (not byteswapped)
4802 * zc_guid force flag
4803 * zc_cleanup_fd cleanup-on-exit file descriptor
4804 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
4805 *
4806 * outputs:
4807 * zc_cookie number of bytes read
4808 * zc_obj zprop_errflags_t
4809 * zc_action_handle handle for this guid/ds mapping
4810 * zc_nvlist_dst{_size} error for each unapplied received property
4811 */
4812static int
4813zfs_ioc_recv(zfs_cmd_t *zc)
4814{
4815 dmu_replay_record_t begin_record;
4816 nvlist_t *errors = NULL;
a3eeab2d 4817 nvlist_t *recvdprops = NULL;
4818 nvlist_t *localprops = NULL;
43e52edd
BB		 4819 char *origin = NULL;
4820 char *tosnap;
eca7b760 4821 char tofs[ZFS_MAX_DATASET_NAME_LEN];
43e52edd
BB		 4822 int error = 0;
4823
4824 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
4825 strchr(zc->zc_value, '@') == NULL ||
4826 strchr(zc->zc_value, '%'))
4827 return (SET_ERROR(EINVAL));
4828
30f3f2e1 4829 (void) strlcpy(tofs, zc->zc_value, sizeof (tofs));
43e52edd
BB		 4830 tosnap = strchr(tofs, '@');
4831 *tosnap++ = '\0';
4832
4833 if (zc->zc_nvlist_src != 0 &&
4834 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
a3eeab2d 4835 zc->zc_iflags, &recvdprops)) != 0)
4836 return (error);
4837
4838 if (zc->zc_nvlist_conf != 0 &&
4839 (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
4840 zc->zc_iflags, &localprops)) != 0)
43e52edd
BB		 4841 return (error);
4842
4843 if (zc->zc_string[0])
4844 origin = zc->zc_string;
4845
4846 begin_record.drr_type = DRR_BEGIN;
4847 begin_record.drr_payloadlen = 0;
4848 begin_record.drr_u.drr_begin = zc->zc_begin_record;
4849
a3eeab2d 4850 error = zfs_ioc_recv_impl(tofs, tosnap, origin, recvdprops, localprops,
d9c460a0 4851 NULL, zc->zc_guid, B_FALSE, zc->zc_cookie, &begin_record,
a3eeab2d 4852 zc->zc_cleanup_fd, &zc->zc_cookie, &zc->zc_obj,
4853 &zc->zc_action_handle, &errors);
4854 nvlist_free(recvdprops);
4855 nvlist_free(localprops);
43e52edd
BB		 4856
4857 /*
4858 * Now that all props, initial and delayed, are set, report the prop
4859 * errors to the caller.
4860 */
4861 if (zc->zc_nvlist_dst_size != 0 && errors != NULL &&
4862 (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4863 put_nvlist(zc, errors) != 0)) {
4864 /*
4865 * Caller made zc->zc_nvlist_dst less than the minimum expected
4866 * size or supplied an invalid address.
4867 */
4868 error = SET_ERROR(EINVAL);
4869 }
4870
4871 nvlist_free(errors);
4872
4873 return (error);
4874}
4875
4876/*
4877 * innvl: {
4878 * "snapname" -> full name of the snapshot to create
a3eeab2d 4879 * (optional) "props" -> received properties to set (nvlist)
4880 * (optional) "localprops" -> override and exclude properties (nvlist)
43e52edd
BB		 4881 * (optional) "origin" -> name of clone origin (DRR_FLAG_CLONE)
4882 * "begin_record" -> non-byteswapped dmu_replay_record_t
4883 * "input_fd" -> file descriptor to read stream from (int32)
4884 * (optional) "force" -> force flag (value ignored)
4885 * (optional) "resumable" -> resumable flag (value ignored)
4886 * (optional) "cleanup_fd" -> cleanup-on-exit file descriptor
4887 * (optional) "action_handle" -> handle for this guid/ds mapping
b83a0e2d 4888 * (optional) "hidden_args" -> { "wkeydata" -> value }
43e52edd
BB		 4889 * }
4890 *
4891 * outnvl: {
4892 * "read_bytes" -> number of bytes read
4893 * "error_flags" -> zprop_errflags_t
4894 * "action_handle" -> handle for this guid/ds mapping
4895 * "errors" -> error for each unapplied received property (nvlist)
4896 * }
4897 */
b83a0e2d
DB		 4898static const zfs_ioc_key_t zfs_keys_recv_new[] = {
4899 {"snapname", DATA_TYPE_STRING, 0},
4900 {"props", DATA_TYPE_NVLIST, ZK_OPTIONAL},
4901 {"localprops", DATA_TYPE_NVLIST, ZK_OPTIONAL},
4902 {"origin", DATA_TYPE_STRING, ZK_OPTIONAL},
4903 {"begin_record", DATA_TYPE_BYTE_ARRAY, 0},
4904 {"input_fd", DATA_TYPE_INT32, 0},
4905 {"force", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
4906 {"resumable", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
4907 {"cleanup_fd", DATA_TYPE_INT32, ZK_OPTIONAL},
4908 {"action_handle", DATA_TYPE_UINT64, ZK_OPTIONAL},
4909 {"hidden_args", DATA_TYPE_NVLIST, ZK_OPTIONAL},
4910};
4911
43e52edd
BB		 4912static int
4913zfs_ioc_recv_new(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
4914{
4915 dmu_replay_record_t *begin_record;
4916 uint_t begin_record_size;
4917 nvlist_t *errors = NULL;
a3eeab2d 4918 nvlist_t *recvprops = NULL;
4919 nvlist_t *localprops = NULL;
d9c460a0 4920 nvlist_t *hidden_args = NULL;
b83a0e2d 4921 char *snapname;
43e52edd
BB		 4922 char *origin = NULL;
4923 char *tosnap;
eca7b760 4924 char tofs[ZFS_MAX_DATASET_NAME_LEN];
43e52edd
BB		 4925 boolean_t force;
4926 boolean_t resumable;
4927 uint64_t action_handle = 0;
4928 uint64_t read_bytes = 0;
4929 uint64_t errflags = 0;
4930 int input_fd = -1;
4931 int cleanup_fd = -1;
4932 int error;
4933
b83a0e2d 4934 snapname = fnvlist_lookup_string(innvl, "snapname");
43e52edd
BB		 4935
4936 if (dataset_namecheck(snapname, NULL, NULL) != 0 ||
4937 strchr(snapname, '@') == NULL ||
4938 strchr(snapname, '%'))
4939 return (SET_ERROR(EINVAL));
4940
4941 (void) strcpy(tofs, snapname);
4942 tosnap = strchr(tofs, '@');
4943 *tosnap++ = '\0';
4944
4945 error = nvlist_lookup_string(innvl, "origin", &origin);
4946 if (error && error != ENOENT)
4947 return (error);
4948
4949 error = nvlist_lookup_byte_array(innvl, "begin_record",
02730c33 4950 (uchar_t **)&begin_record, &begin_record_size);
43e52edd
BB		 4951 if (error != 0 || begin_record_size != sizeof (*begin_record))
4952 return (SET_ERROR(EINVAL));
4953
b83a0e2d 4954 input_fd = fnvlist_lookup_int32(innvl, "input_fd");
43e52edd
BB		 4955
4956 force = nvlist_exists(innvl, "force");
4957 resumable = nvlist_exists(innvl, "resumable");
4958
4959 error = nvlist_lookup_int32(innvl, "cleanup_fd", &cleanup_fd);
4960 if (error && error != ENOENT)
4961 return (error);
4962
4963 error = nvlist_lookup_uint64(innvl, "action_handle", &action_handle);
4964 if (error && error != ENOENT)
4965 return (error);
4966
a3eeab2d 4967 /* we still use "props" here for backwards compatibility */
4968 error = nvlist_lookup_nvlist(innvl, "props", &recvprops);
43e52edd
BB		 4969 if (error && error != ENOENT)
4970 return (error);
4971
a3eeab2d 4972 error = nvlist_lookup_nvlist(innvl, "localprops", &localprops);
4973 if (error && error != ENOENT)
4974 return (error);
4975
d9c460a0
TC		 4976 error = nvlist_lookup_nvlist(innvl, ZPOOL_HIDDEN_ARGS, &hidden_args);
4977 if (error && error != ENOENT)
4978 return (error);
4979
a3eeab2d 4980 error = zfs_ioc_recv_impl(tofs, tosnap, origin, recvprops, localprops,
d9c460a0
TC		 4981 hidden_args, force, resumable, input_fd, begin_record, cleanup_fd,
4982 &read_bytes, &errflags, &action_handle, &errors);
43e52edd
BB		 4983
4984 fnvlist_add_uint64(outnvl, "read_bytes", read_bytes);
4985 fnvlist_add_uint64(outnvl, "error_flags", errflags);
4986 fnvlist_add_uint64(outnvl, "action_handle", action_handle);
4987 fnvlist_add_nvlist(outnvl, "errors", errors);
4988
4989 nvlist_free(errors);
a3eeab2d 4990 nvlist_free(recvprops);
4991 nvlist_free(localprops);
43e52edd
BB		 4992
4993 return (error);
4994}
4995
34dc7c2f
BB		 4996/*
4997 * inputs:
4998 * zc_name name of snapshot to send
34dc7c2f 4999 * zc_cookie file descriptor to send stream to
572e2857
BB		 5000 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
5001 * zc_sendobj objsetid of snapshot to send
5002 * zc_fromobj objsetid of incremental fromsnap (may be zero)
330d06f9
MA		 5003 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
5004 * output size in zc_objset_type.
f1512ee6 5005 * zc_flags lzc_send_flags
34dc7c2f 5006 *
da536844
MA		 5007 * outputs:
5008 * zc_objset_type estimated size, if zc_guid is set
cf7684bc 5009 *
5010 * NOTE: This is no longer the preferred interface, any new functionality
5011 * should be added to zfs_ioc_send_new() instead.
34dc7c2f
BB		 5012 */
5013static int
5014zfs_ioc_send(zfs_cmd_t *zc)
5015{
34dc7c2f
BB		 5016 int error;
5017 offset_t off;
330d06f9 5018 boolean_t estimate = (zc->zc_guid != 0);
9b67f605 5019 boolean_t embedok = (zc->zc_flags & 0x1);
f1512ee6 5020 boolean_t large_block_ok = (zc->zc_flags & 0x2);
2aa34383 5021 boolean_t compressok = (zc->zc_flags & 0x4);
b5256303 5022 boolean_t rawok = (zc->zc_flags & 0x8);
34dc7c2f 5023
13fe0198
MA		 5024 if (zc->zc_obj != 0) {
5025 dsl_pool_t *dp;
5026 dsl_dataset_t *tosnap;
34dc7c2f 5027
13fe0198
MA		 5028 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5029 if (error != 0)
572e2857 5030 return (error);
13fe0198
MA		 5031
5032 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &tosnap);
5033 if (error != 0) {
5034 dsl_pool_rele(dp, FTAG);
34dc7c2f
BB		 5035 return (error);
5036 }
13fe0198
MA		 5037
5038 if (dsl_dir_is_clone(tosnap->ds_dir))
d683ddbb
JG		 5039 zc->zc_fromobj =
5040 dsl_dir_phys(tosnap->ds_dir)->dd_origin_obj;
13fe0198
MA		 5041 dsl_dataset_rele(tosnap, FTAG);
5042 dsl_pool_rele(dp, FTAG);
6f1ffb06
MA		 5043 }
5044
13fe0198
MA		 5045 if (estimate) {
5046 dsl_pool_t *dp;
5047 dsl_dataset_t *tosnap;
5048 dsl_dataset_t *fromsnap = NULL;
5049
5050 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5051 if (error != 0)
5052 return (error);
6f1ffb06 5053
b5256303
TC		 5054 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj,
5055 FTAG, &tosnap);
13fe0198
MA		 5056 if (error != 0) {
5057 dsl_pool_rele(dp, FTAG);
5058 return (error);
6f1ffb06
MA		 5059 }
5060
13fe0198
MA		 5061 if (zc->zc_fromobj != 0) {
5062 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj,
5063 FTAG, &fromsnap);
5064 if (error != 0) {
5065 dsl_dataset_rele(tosnap, FTAG);
5066 dsl_pool_rele(dp, FTAG);
6f1ffb06
MA		 5067 return (error);
5068 }
5069 }
34dc7c2f 5070
b5256303 5071 error = dmu_send_estimate(tosnap, fromsnap, compressok || rawok,
330d06f9 5072 &zc->zc_objset_type);
13fe0198
MA		 5073
5074 if (fromsnap != NULL)
5075 dsl_dataset_rele(fromsnap, FTAG);
5076 dsl_dataset_rele(tosnap, FTAG);
5077 dsl_pool_rele(dp, FTAG);
330d06f9
MA		 5078 } else {
5079 file_t *fp = getf(zc->zc_cookie);
13fe0198 5080 if (fp == NULL)
2e528b49 5081 return (SET_ERROR(EBADF));
34dc7c2f 5082
330d06f9 5083 off = fp->f_offset;
13fe0198 5084 error = dmu_send_obj(zc->zc_name, zc->zc_sendobj,
b5256303 5085 zc->zc_fromobj, embedok, large_block_ok, compressok, rawok,
f1512ee6 5086 zc->zc_cookie, fp->f_vnode, &off);
34dc7c2f 5087
330d06f9
MA		 5088 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5089 fp->f_offset = off;
5090 releasef(zc->zc_cookie);
5091 }
34dc7c2f
BB		 5092 return (error);
5093}
5094
37abac6d
BP		 5095/*
5096 * inputs:
5097 * zc_name name of snapshot on which to report progress
5098 * zc_cookie file descriptor of send stream
5099 *
5100 * outputs:
5101 * zc_cookie number of bytes written in send stream thus far
5102 */
5103static int
5104zfs_ioc_send_progress(zfs_cmd_t *zc)
5105{
13fe0198 5106 dsl_pool_t *dp;
37abac6d
BP		 5107 dsl_dataset_t *ds;
5108 dmu_sendarg_t *dsp = NULL;
5109 int error;
5110
13fe0198
MA		 5111 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5112 if (error != 0)
37abac6d
BP		 5113 return (error);
5114
13fe0198
MA		 5115 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &ds);
5116 if (error != 0) {
5117 dsl_pool_rele(dp, FTAG);
5118 return (error);
5119 }
5120
37abac6d
BP		 5121 mutex_enter(&ds->ds_sendstream_lock);
5122
5123 /*
5124 * Iterate over all the send streams currently active on this dataset.
5125 * If there's one which matches the specified file descriptor _and_ the
5126 * stream was started by the current process, return the progress of
5127 * that stream.
5128 */
5129
5130 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
5131 dsp = list_next(&ds->ds_sendstreams, dsp)) {
5132 if (dsp->dsa_outfd == zc->zc_cookie &&
5133 dsp->dsa_proc->group_leader == curproc->group_leader)
5134 break;
5135 }
5136
5137 if (dsp != NULL)
5138 zc->zc_cookie = *(dsp->dsa_off);
5139 else
2e528b49 5140 error = SET_ERROR(ENOENT);
37abac6d
BP		 5141
5142 mutex_exit(&ds->ds_sendstream_lock);
5143 dsl_dataset_rele(ds, FTAG);
13fe0198 5144 dsl_pool_rele(dp, FTAG);
37abac6d
BP		 5145 return (error);
5146}
5147
34dc7c2f
BB		 5148static int
5149zfs_ioc_inject_fault(zfs_cmd_t *zc)
5150{
5151 int id, error;
5152
5153 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
5154 &zc->zc_inject_record);
5155
5156 if (error == 0)
5157 zc->zc_guid = (uint64_t)id;
5158
5159 return (error);
5160}
5161
5162static int
5163zfs_ioc_clear_fault(zfs_cmd_t *zc)
5164{
5165 return (zio_clear_fault((int)zc->zc_guid));
5166}
5167
5168static int
5169zfs_ioc_inject_list_next(zfs_cmd_t *zc)
5170{
5171 int id = (int)zc->zc_guid;
5172 int error;
5173
5174 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
5175 &zc->zc_inject_record);
5176
5177 zc->zc_guid = id;
5178
5179 return (error);
5180}
5181
5182static int
5183zfs_ioc_error_log(zfs_cmd_t *zc)
5184{
5185 spa_t *spa;
5186 int error;
5187 size_t count = (size_t)zc->zc_nvlist_dst_size;
5188
5189 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
5190 return (error);
5191
5192 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
5193 &count);
5194 if (error == 0)
5195 zc->zc_nvlist_dst_size = count;
5196 else
5197 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
5198
5199 spa_close(spa, FTAG);
5200
5201 return (error);
5202}
5203
5204static int
5205zfs_ioc_clear(zfs_cmd_t *zc)
5206{
5207 spa_t *spa;
5208 vdev_t *vd;
34dc7c2f
BB		 5209 int error;
5210
34dc7c2f 5211 /*
b128c09f 5212 * On zpool clear we also fix up missing slogs
34dc7c2f 5213 */
b128c09f
BB		 5214 mutex_enter(&spa_namespace_lock);
5215 spa = spa_lookup(zc->zc_name);
5216 if (spa == NULL) {
5217 mutex_exit(&spa_namespace_lock);
2e528b49 5218 return (SET_ERROR(EIO));
b128c09f 5219 }
428870ff 5220 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
b128c09f 5221 /* we need to let spa_open/spa_load clear the chains */
428870ff 5222 spa_set_log_state(spa, SPA_LOG_CLEAR);
34dc7c2f 5223 }
428870ff 5224 spa->spa_last_open_failed = 0;
b128c09f 5225 mutex_exit(&spa_namespace_lock);
34dc7c2f 5226
428870ff
BB		 5227 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
5228 error = spa_open(zc->zc_name, &spa, FTAG);
5229 } else {
5230 nvlist_t *policy;
5231 nvlist_t *config = NULL;
5232
b8864a23 5233 if (zc->zc_nvlist_src == 0)
2e528b49 5234 return (SET_ERROR(EINVAL));
428870ff
BB		 5235
5236 if ((error = get_nvlist(zc->zc_nvlist_src,
5237 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
5238 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
5239 policy, &config);
5240 if (config != NULL) {
572e2857
BB		 5241 int err;
5242
5243 if ((err = put_nvlist(zc, config)) != 0)
5244 error = err;
428870ff
BB		 5245 nvlist_free(config);
5246 }
5247 nvlist_free(policy);
5248 }
5249 }
5250
13fe0198 5251 if (error != 0)
b128c09f
BB		 5252 return (error);
5253
8133679f
OF		 5254 /*
5255 * If multihost is enabled, resuming I/O is unsafe as another
5256 * host may have imported the pool.
5257 */
5258 if (spa_multihost(spa) && spa_suspended(spa))
5259 return (SET_ERROR(EINVAL));
5260
428870ff 5261 spa_vdev_state_enter(spa, SCL_NONE);
34dc7c2f
BB		 5262
5263 if (zc->zc_guid == 0) {
5264 vd = NULL;
b128c09f
BB		 5265 } else {
5266 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
34dc7c2f 5267 if (vd == NULL) {
b128c09f 5268 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
34dc7c2f 5269 spa_close(spa, FTAG);
2e528b49 5270 return (SET_ERROR(ENODEV));
34dc7c2f
BB		 5271 }
5272 }
5273
b128c09f
BB		 5274 vdev_clear(spa, vd);
5275
3f759c0c
BB		 5276 (void) spa_vdev_state_exit(spa, spa_suspended(spa) ?
5277 NULL : spa->spa_root_vdev, 0);
34dc7c2f 5278
b128c09f
BB		 5279 /*
5280 * Resume any suspended I/Os.
5281 */
9babb374 5282 if (zio_resume(spa) != 0)
2e528b49 5283 error = SET_ERROR(EIO);
34dc7c2f
BB		 5284
5285 spa_close(spa, FTAG);
5286
9babb374 5287 return (error);
34dc7c2f
BB		 5288}
5289
d3f2cd7e
AB		 5290/*
5291 * Reopen all the vdevs associated with the pool.
5292 *
5293 * innvl: {
5294 * "scrub_restart" -> when true and scrub is running, allow to restart
5295 * scrub as the side effect of the reopen (boolean).
5296 * }
5297 *
5298 * outnvl is unused
5299 */
b83a0e2d
DB		 5300static const zfs_ioc_key_t zfs_keys_pool_reopen[] = {
5301 {"scrub_restart", DATA_TYPE_BOOLEAN_VALUE, 0},
5302};
5303
d3f2cd7e 5304/* ARGSUSED */
1bd201e7 5305static int
d3f2cd7e 5306zfs_ioc_pool_reopen(const char *pool, nvlist_t *innvl, nvlist_t *outnvl)
1bd201e7
CS		 5307{
5308 spa_t *spa;
5309 int error;
d3f2cd7e 5310 boolean_t scrub_restart = B_TRUE;
1bd201e7 5311
d3f2cd7e 5312 if (innvl) {
b83a0e2d
DB		 5313 scrub_restart = fnvlist_lookup_boolean_value(innvl,
5314 "scrub_restart");
d3f2cd7e
AB		 5315 }
5316
5317 error = spa_open(pool, &spa, FTAG);
13fe0198 5318 if (error != 0)
1bd201e7
CS		 5319 return (error);
5320
5321 spa_vdev_state_enter(spa, SCL_NONE);
65947351
GW		 5322
5323 /*
d3f2cd7e
AB		 5324 * If the scrub_restart flag is B_FALSE and a scrub is already
5325 * in progress then set spa_scrub_reopen flag to B_TRUE so that
5326 * we don't restart the scrub as a side effect of the reopen.
5327 * Otherwise, let vdev_open() decided if a resilver is required.
65947351 5328 */
d3f2cd7e
AB		 5329
5330 spa->spa_scrub_reopen = (!scrub_restart &&
5331 dsl_scan_scrubbing(spa->spa_dsl_pool));
1bd201e7 5332 vdev_reopen(spa->spa_root_vdev);
65947351
GW		 5333 spa->spa_scrub_reopen = B_FALSE;
5334
1bd201e7
CS		 5335 (void) spa_vdev_state_exit(spa, NULL, 0);
5336 spa_close(spa, FTAG);
5337 return (0);
5338}
d3f2cd7e 5339
34dc7c2f
BB		 5340/*
5341 * inputs:
5342 * zc_name name of filesystem
34dc7c2f 5343 *
428870ff
BB		 5344 * outputs:
5345 * zc_string name of conflicting snapshot, if there is one
34dc7c2f
BB		 5346 */
5347static int
5348zfs_ioc_promote(zfs_cmd_t *zc)
5349{
d12f91fd
GDN		 5350 dsl_pool_t *dp;
5351 dsl_dataset_t *ds, *ods;
5352 char origin[ZFS_MAX_DATASET_NAME_LEN];
34dc7c2f 5353 char *cp;
d12f91fd
GDN		 5354 int error;
5355
650258d7 5356 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5357 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0 ||
5358 strchr(zc->zc_name, '%'))
5359 return (SET_ERROR(EINVAL));
5360
d12f91fd
GDN		 5361 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
5362 if (error != 0)
5363 return (error);
5364
5365 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &ds);
5366 if (error != 0) {
5367 dsl_pool_rele(dp, FTAG);
5368 return (error);
5369 }
5370
5371 if (!dsl_dir_is_clone(ds->ds_dir)) {
5372 dsl_dataset_rele(ds, FTAG);
5373 dsl_pool_rele(dp, FTAG);
5374 return (SET_ERROR(EINVAL));
5375 }
5376
5377 error = dsl_dataset_hold_obj(dp,
5378 dsl_dir_phys(ds->ds_dir)->dd_origin_obj, FTAG, &ods);
5379 if (error != 0) {
5380 dsl_dataset_rele(ds, FTAG);
5381 dsl_pool_rele(dp, FTAG);
5382 return (error);
5383 }
5384
5385 dsl_dataset_name(ods, origin);
5386 dsl_dataset_rele(ods, FTAG);
5387 dsl_dataset_rele(ds, FTAG);
5388 dsl_pool_rele(dp, FTAG);
34dc7c2f
BB		 5389
5390 /*
5391 * We don't need to unmount *all* the origin fs's snapshots, but
5392 * it's easier.
5393 */
d12f91fd 5394 cp = strchr(origin, '@');
34dc7c2f
BB		 5395 if (cp)
5396 *cp = '\0';
d12f91fd 5397 (void) dmu_objset_find(origin,
13fe0198 5398 zfs_unmount_snap_cb, NULL, DS_FIND_SNAPSHOTS);
428870ff 5399 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
34dc7c2f
BB		 5400}
5401
9babb374 5402/*
9c5167d1 5403 * Retrieve a single {user|group|project}{used|quota}@... property.
9babb374
BB		 5404 *
5405 * inputs:
5406 * zc_name name of filesystem
5407 * zc_objset_type zfs_userquota_prop_t
5408 * zc_value domain name (eg. "S-1-234-567-89")
5409 * zc_guid RID/UID/GID
5410 *
5411 * outputs:
5412 * zc_cookie property value
5413 */
5414static int
5415zfs_ioc_userspace_one(zfs_cmd_t *zc)
5416{
0037b49e 5417 zfsvfs_t *zfsvfs;
9babb374
BB		 5418 int error;
5419
5420 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
2e528b49 5421 return (SET_ERROR(EINVAL));
9babb374 5422
f298b24d 5423 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
13fe0198 5424 if (error != 0)
9babb374
BB		 5425 return (error);
5426
0037b49e 5427 error = zfs_userspace_one(zfsvfs,
9babb374 5428 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
f298b24d 5429 zfsvfs_rele(zfsvfs, FTAG);
9babb374
BB		 5430
5431 return (error);
5432}
5433
5434/*
5435 * inputs:
5436 * zc_name name of filesystem
5437 * zc_cookie zap cursor
5438 * zc_objset_type zfs_userquota_prop_t
5439 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
5440 *
5441 * outputs:
5442 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
5443 * zc_cookie zap cursor
5444 */
5445static int
5446zfs_ioc_userspace_many(zfs_cmd_t *zc)
5447{
0037b49e 5448 zfsvfs_t *zfsvfs;
428870ff
BB		 5449 int bufsize = zc->zc_nvlist_dst_size;
5450
5451 if (bufsize <= 0)
2e528b49 5452 return (SET_ERROR(ENOMEM));
9babb374 5453
1c27024e 5454 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
13fe0198 5455 if (error != 0)
9babb374
BB		 5456 return (error);
5457
1c27024e 5458 void *buf = vmem_alloc(bufsize, KM_SLEEP);
9babb374 5459
0037b49e 5460 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
9babb374
BB		 5461 buf, &zc->zc_nvlist_dst_size);
5462
5463 if (error == 0) {
5464 error = xcopyout(buf,
5465 (void *)(uintptr_t)zc->zc_nvlist_dst,
5466 zc->zc_nvlist_dst_size);
5467 }
2b8cad61 5468 vmem_free(buf, bufsize);
f298b24d 5469 zfsvfs_rele(zfsvfs, FTAG);
9babb374
BB		 5470
5471 return (error);
5472}
5473
5474/*
5475 * inputs:
5476 * zc_name name of filesystem
5477 *
5478 * outputs:
5479 * none
5480 */
5481static int
5482zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
5483{
5484 objset_t *os;
428870ff 5485 int error = 0;
0037b49e 5486 zfsvfs_t *zfsvfs;
9babb374 5487
f298b24d 5488 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
0037b49e 5489 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
9babb374
BB		 5490 /*
5491 * If userused is not enabled, it may be because the
5492 * objset needs to be closed & reopened (to grow the
5493 * objset_phys_t). Suspend/resume the fs will do that.
5494 */
5e00213e 5495 dsl_dataset_t *ds, *newds;
ec923db2 5496
0037b49e
BB		 5497 ds = dmu_objset_ds(zfsvfs->z_os);
5498 error = zfs_suspend_fs(zfsvfs);
831baf06 5499 if (error == 0) {
5e00213e 5500 dmu_objset_refresh_ownership(ds, &newds,
b5256303 5501 B_TRUE, zfsvfs);
5e00213e 5502 error = zfs_resume_fs(zfsvfs, newds);
831baf06 5503 }
9babb374
BB		 5504 }
5505 if (error == 0)
0037b49e
BB		 5506 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
5507 deactivate_super(zfsvfs->z_sb);
9babb374 5508 } else {
428870ff 5509 /* XXX kind of reading contents without owning */
b5256303 5510 error = dmu_objset_hold_flags(zc->zc_name, B_TRUE, FTAG, &os);
13fe0198 5511 if (error != 0)
9babb374
BB		 5512 return (error);
5513
5514 error = dmu_objset_userspace_upgrade(os);
b5256303 5515 dmu_objset_rele_flags(os, B_TRUE, FTAG);
9babb374
BB		 5516 }
5517
5518 return (error);
5519}
5520
1de321e6
JX		 5521/*
5522 * inputs:
5523 * zc_name name of filesystem
5524 *
5525 * outputs:
5526 * none
5527 */
5528static int
9c5167d1 5529zfs_ioc_id_quota_upgrade(zfs_cmd_t *zc)
1de321e6
JX		 5530{
5531 objset_t *os;
5532 int error;
5533
b5256303 5534 error = dmu_objset_hold_flags(zc->zc_name, B_TRUE, FTAG, &os);
1de321e6
JX		 5535 if (error != 0)
5536 return (error);
5537
9c5167d1
NF		 5538 if (dmu_objset_userobjspace_upgradable(os) ||
5539 dmu_objset_projectquota_upgradable(os)) {
1de321e6
JX		 5540 mutex_enter(&os->os_upgrade_lock);
5541 if (os->os_upgrade_id == 0) {
5542 /* clear potential error code and retry */
5543 os->os_upgrade_status = 0;
5544 mutex_exit(&os->os_upgrade_lock);
5545
9c5167d1 5546 dmu_objset_id_quota_upgrade(os);
1de321e6
JX		 5547 } else {
5548 mutex_exit(&os->os_upgrade_lock);
5549 }
5550
c0daec32
AB		 5551 dsl_pool_rele(dmu_objset_pool(os), FTAG);
5552
1de321e6
JX		 5553 taskq_wait_id(os->os_spa->spa_upgrade_taskq, os->os_upgrade_id);
5554 error = os->os_upgrade_status;
c0daec32
AB		 5555 } else {
5556 dsl_pool_rele(dmu_objset_pool(os), FTAG);
1de321e6
JX		 5557 }
5558
b5256303 5559 dsl_dataset_rele_flags(dmu_objset_ds(os), DS_HOLD_FLAG_DECRYPT, FTAG);
1de321e6
JX		 5560
5561 return (error);
5562}
5563
34dc7c2f
BB		 5564static int
5565zfs_ioc_share(zfs_cmd_t *zc)
5566{
2e528b49 5567 return (SET_ERROR(ENOSYS));
34dc7c2f
BB		 5568}
5569
9babb374
BB		 5570ace_t full_access[] = {
5571 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
5572};
5573
572e2857
BB		 5574/*
5575 * inputs:
5576 * zc_name name of containing filesystem
5577 * zc_obj object # beyond which we want next in-use object #
5578 *
5579 * outputs:
5580 * zc_obj next in-use object #
5581 */
5582static int
5583zfs_ioc_next_obj(zfs_cmd_t *zc)
5584{
5585 objset_t *os = NULL;
5586 int error;
5587
5588 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
13fe0198 5589 if (error != 0)
572e2857
BB		 5590 return (error);
5591
7290cd3c 5592 error = dmu_object_next(os, &zc->zc_obj, B_FALSE, 0);
572e2857
BB		 5593
5594 dmu_objset_rele(os, FTAG);
5595 return (error);
5596}
5597
5598/*
5599 * inputs:
5600 * zc_name name of filesystem
5601 * zc_value prefix name for snapshot
5602 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
5603 *
5604 * outputs:
6f1ffb06 5605 * zc_value short name of new snapshot
572e2857
BB		 5606 */
5607static int
5608zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
5609{
5610 char *snap_name;
13fe0198 5611 char *hold_name;
572e2857 5612 int error;
13fe0198 5613 minor_t minor;
572e2857 5614
13fe0198
MA		 5615 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
5616 if (error != 0)
572e2857 5617 return (error);
572e2857 5618
13fe0198
MA		 5619 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
5620 (u_longlong_t)ddi_get_lbolt64());
5621 hold_name = kmem_asprintf("%%%s", zc->zc_value);
5622
5623 error = dsl_dataset_snapshot_tmp(zc->zc_name, snap_name, minor,
5624 hold_name);
5625 if (error == 0)
680eada9 5626 (void) strlcpy(zc->zc_value, snap_name,
5627 sizeof (zc->zc_value));
572e2857 5628 strfree(snap_name);
13fe0198
MA		 5629 strfree(hold_name);
5630 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
5631 return (error);
572e2857
BB		 5632}
5633
5634/*
5635 * inputs:
5636 * zc_name name of "to" snapshot
5637 * zc_value name of "from" snapshot
5638 * zc_cookie file descriptor to write diff data on
5639 *
5640 * outputs:
5641 * dmu_diff_record_t's to the file descriptor
5642 */
5643static int
5644zfs_ioc_diff(zfs_cmd_t *zc)
5645{
572e2857
BB		 5646 file_t *fp;
5647 offset_t off;
5648 int error;
5649
572e2857 5650 fp = getf(zc->zc_cookie);
13fe0198 5651 if (fp == NULL)
2e528b49 5652 return (SET_ERROR(EBADF));
572e2857
BB		 5653
5654 off = fp->f_offset;
5655
13fe0198 5656 error = dmu_diff(zc->zc_name, zc->zc_value, fp->f_vnode, &off);
572e2857
BB		 5657
5658 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5659 fp->f_offset = off;
5660 releasef(zc->zc_cookie);
5661
572e2857
BB		 5662 return (error);
5663}
5664
9babb374
BB		 5665static int
5666zfs_ioc_smb_acl(zfs_cmd_t *zc)
5667{
2e528b49 5668 return (SET_ERROR(ENOTSUP));
9babb374
BB		 5669}
5670
45d1cae3 5671/*
13fe0198
MA		 5672 * innvl: {
5673 * "holds" -> { snapname -> holdname (string), ... }
5674 * (optional) "cleanup_fd" -> fd (int32)
5675 * }
45d1cae3 5676 *
13fe0198
MA		 5677 * outnvl: {
5678 * snapname -> error value (int32)
5679 * ...
5680 * }
45d1cae3 5681 */
b83a0e2d
DB		 5682static const zfs_ioc_key_t zfs_keys_hold[] = {
5683 {"holds", DATA_TYPE_NVLIST, 0},
5684 {"cleanup_fd", DATA_TYPE_INT32, ZK_OPTIONAL},
5685};
5686
13fe0198 5687/* ARGSUSED */
45d1cae3 5688static int
13fe0198 5689zfs_ioc_hold(const char *pool, nvlist_t *args, nvlist_t *errlist)
45d1cae3 5690{
fc581e05 5691 nvpair_t *pair;
13fe0198
MA		 5692 nvlist_t *holds;
5693 int cleanup_fd = -1;
572e2857
BB		 5694 int error;
5695 minor_t minor = 0;
45d1cae3 5696
b83a0e2d 5697 holds = fnvlist_lookup_nvlist(args, "holds");
572e2857 5698
fc581e05
JJS		 5699 /* make sure the user didn't pass us any invalid (empty) tags */
5700 for (pair = nvlist_next_nvpair(holds, NULL); pair != NULL;
5701 pair = nvlist_next_nvpair(holds, pair)) {
5702 char *htag;
5703
5704 error = nvpair_value_string(pair, &htag);
5705 if (error != 0)
5706 return (SET_ERROR(error));
5707
5708 if (strlen(htag) == 0)
5709 return (SET_ERROR(EINVAL));
5710 }
5711
13fe0198
MA		 5712 if (nvlist_lookup_int32(args, "cleanup_fd", &cleanup_fd) == 0) {
5713 error = zfs_onexit_fd_hold(cleanup_fd, &minor);
5714 if (error != 0)
572e2857 5715 return (error);
572e2857 5716 }
572e2857 5717
13fe0198
MA		 5718 error = dsl_dataset_user_hold(holds, minor, errlist);
5719 if (minor != 0)
5720 zfs_onexit_fd_rele(cleanup_fd);
572e2857 5721 return (error);
45d1cae3
BB		 5722}
5723
5724/*
13fe0198 5725 * innvl is not used.
45d1cae3 5726 *
13fe0198
MA		 5727 * outnvl: {
5728 * holdname -> time added (uint64 seconds since epoch)
5729 * ...
5730 * }
45d1cae3 5731 */
b83a0e2d
DB		 5732static const zfs_ioc_key_t zfs_keys_get_holds[] = {
5733 /* no nvl keys */
5734};
5735
13fe0198 5736/* ARGSUSED */
45d1cae3 5737static int
13fe0198 5738zfs_ioc_get_holds(const char *snapname, nvlist_t *args, nvlist_t *outnvl)
45d1cae3 5739{
13fe0198 5740 return (dsl_dataset_get_holds(snapname, outnvl));
45d1cae3
BB		 5741}
5742
5743/*
13fe0198
MA		 5744 * innvl: {
5745 * snapname -> { holdname, ... }
5746 * ...
5747 * }
45d1cae3 5748 *
13fe0198
MA		 5749 * outnvl: {
5750 * snapname -> error value (int32)
5751 * ...
5752 * }
45d1cae3 5753 */
b83a0e2d
DB		 5754static const zfs_ioc_key_t zfs_keys_release[] = {
5755 {"<snapname>...", DATA_TYPE_NVLIST, ZK_WILDCARDLIST},
5756};
5757
13fe0198 5758/* ARGSUSED */
45d1cae3 5759static int
13fe0198 5760zfs_ioc_release(const char *pool, nvlist_t *holds, nvlist_t *errlist)
45d1cae3 5761{
13fe0198 5762 return (dsl_dataset_user_release(holds, errlist));
45d1cae3
BB		 5763}
5764
26685276
BB		 5765/*
5766 * inputs:
5767 * zc_guid flags (ZEVENT_NONBLOCK)
9b101a73 5768 * zc_cleanup_fd zevent file descriptor
26685276
BB		 5769 *
5770 * outputs:
5771 * zc_nvlist_dst next nvlist event
5772 * zc_cookie dropped events since last get
26685276
BB		 5773 */
5774static int
5775zfs_ioc_events_next(zfs_cmd_t *zc)
5776{
5777 zfs_zevent_t *ze;
5778 nvlist_t *event = NULL;
5779 minor_t minor;
5780 uint64_t dropped = 0;
5781 int error;
5782
5783 error = zfs_zevent_fd_hold(zc->zc_cleanup_fd, &minor, &ze);
5784 if (error != 0)
5785 return (error);
5786
5787 do {
baa40d45 5788 error = zfs_zevent_next(ze, &event,
02730c33 5789 &zc->zc_nvlist_dst_size, &dropped);
26685276
BB		 5790 if (event != NULL) {
5791 zc->zc_cookie = dropped;
5792 error = put_nvlist(zc, event);
baa40d45 5793 nvlist_free(event);
26685276
BB		 5794 }
5795
5796 if (zc->zc_guid & ZEVENT_NONBLOCK)
5797 break;
5798
5799 if ((error == 0) || (error != ENOENT))
5800 break;
5801
5802 error = zfs_zevent_wait(ze);
13fe0198 5803 if (error != 0)
26685276
BB		 5804 break;
5805 } while (1);
5806
5807 zfs_zevent_fd_rele(zc->zc_cleanup_fd);
5808
5809 return (error);
5810}
5811
5812/*
5813 * outputs:
5814 * zc_cookie cleared events count
5815 */
5816static int
5817zfs_ioc_events_clear(zfs_cmd_t *zc)
5818{
5819 int count;
5820
5821 zfs_zevent_drain_all(&count);
5822 zc->zc_cookie = count;
5823
d1d7e268 5824 return (0);
26685276
BB		 5825}
5826
75e3ff58
BB		 5827/*
5828 * inputs:
5829 * zc_guid eid | ZEVENT_SEEK_START | ZEVENT_SEEK_END
5830 * zc_cleanup zevent file descriptor
5831 */
5832static int
5833zfs_ioc_events_seek(zfs_cmd_t *zc)
5834{
5835 zfs_zevent_t *ze;
5836 minor_t minor;
5837 int error;
5838
5839 error = zfs_zevent_fd_hold(zc->zc_cleanup_fd, &minor, &ze);
5840 if (error != 0)
5841 return (error);
5842
5843 error = zfs_zevent_seek(ze, zc->zc_guid);
5844 zfs_zevent_fd_rele(zc->zc_cleanup_fd);
5845
5846 return (error);
5847}
5848
330d06f9
MA		 5849/*
5850 * inputs:
5851 * zc_name name of new filesystem or snapshot
5852 * zc_value full name of old snapshot
5853 *
5854 * outputs:
5855 * zc_cookie space in bytes
5856 * zc_objset_type compressed space in bytes
5857 * zc_perm_action uncompressed space in bytes
5858 */
5859static int
5860zfs_ioc_space_written(zfs_cmd_t *zc)
5861{
5862 int error;
13fe0198 5863 dsl_pool_t *dp;
330d06f9
MA		 5864 dsl_dataset_t *new, *old;
5865
13fe0198 5866 error = dsl_pool_hold(zc->zc_name, FTAG, &dp);
330d06f9
MA		 5867 if (error != 0)
5868 return (error);
13fe0198
MA		 5869 error = dsl_dataset_hold(dp, zc->zc_name, FTAG, &new);
5870 if (error != 0) {
5871 dsl_pool_rele(dp, FTAG);
5872 return (error);
5873 }
5874 error = dsl_dataset_hold(dp, zc->zc_value, FTAG, &old);
330d06f9
MA		 5875 if (error != 0) {
5876 dsl_dataset_rele(new, FTAG);
13fe0198 5877 dsl_pool_rele(dp, FTAG);
330d06f9
MA		 5878 return (error);
5879 }
5880
5881 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5882 &zc->zc_objset_type, &zc->zc_perm_action);
5883 dsl_dataset_rele(old, FTAG);
5884 dsl_dataset_rele(new, FTAG);
13fe0198 5885 dsl_pool_rele(dp, FTAG);
330d06f9
MA		 5886 return (error);
5887}
5888
5889/*
6f1ffb06
MA		 5890 * innvl: {
5891 * "firstsnap" -> snapshot name
5892 * }
330d06f9 5893 *
6f1ffb06
MA		 5894 * outnvl: {
5895 * "used" -> space in bytes
5896 * "compressed" -> compressed space in bytes
5897 * "uncompressed" -> uncompressed space in bytes
5898 * }
330d06f9 5899 */
b83a0e2d
DB		 5900static const zfs_ioc_key_t zfs_keys_space_snaps[] = {
5901 {"firstsnap", DATA_TYPE_STRING, 0},
5902};
5903
330d06f9 5904static int
6f1ffb06 5905zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
330d06f9
MA		 5906{
5907 int error;
13fe0198 5908 dsl_pool_t *dp;
330d06f9 5909 dsl_dataset_t *new, *old;
6f1ffb06
MA		 5910 char *firstsnap;
5911 uint64_t used, comp, uncomp;
330d06f9 5912
b83a0e2d 5913 firstsnap = fnvlist_lookup_string(innvl, "firstsnap");
6f1ffb06 5914
13fe0198 5915 error = dsl_pool_hold(lastsnap, FTAG, &dp);
330d06f9
MA		 5916 if (error != 0)
5917 return (error);
13fe0198
MA		 5918
5919 error = dsl_dataset_hold(dp, lastsnap, FTAG, &new);
71e2fe41
AG		 5920 if (error == 0 && !new->ds_is_snapshot) {
5921 dsl_dataset_rele(new, FTAG);
5922 error = SET_ERROR(EINVAL);
5923 }
13fe0198
MA		 5924 if (error != 0) {
5925 dsl_pool_rele(dp, FTAG);
5926 return (error);
5927 }
5928 error = dsl_dataset_hold(dp, firstsnap, FTAG, &old);
71e2fe41
AG		 5929 if (error == 0 && !old->ds_is_snapshot) {
5930 dsl_dataset_rele(old, FTAG);
5931 error = SET_ERROR(EINVAL);
5932 }
330d06f9
MA		 5933 if (error != 0) {
5934 dsl_dataset_rele(new, FTAG);
13fe0198 5935 dsl_pool_rele(dp, FTAG);
330d06f9
MA		 5936 return (error);
5937 }
5938
6f1ffb06 5939 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
330d06f9
MA		 5940 dsl_dataset_rele(old, FTAG);
5941 dsl_dataset_rele(new, FTAG);
13fe0198 5942 dsl_pool_rele(dp, FTAG);
6f1ffb06
MA		 5943 fnvlist_add_uint64(outnvl, "used", used);
5944 fnvlist_add_uint64(outnvl, "compressed", comp);
5945 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
330d06f9
MA		 5946 return (error);
5947}
5948
34dc7c2f 5949/*
6f1ffb06
MA		 5950 * innvl: {
5951 * "fd" -> file descriptor to write stream to (int32)
5952 * (optional) "fromsnap" -> full snap name to send an incremental from
f1512ee6
MA		 5953 * (optional) "largeblockok" -> (value ignored)
5954 * indicates that blocks > 128KB are permitted
9b67f605
MA		 5955 * (optional) "embedok" -> (value ignored)
5956 * presence indicates DRR_WRITE_EMBEDDED records are permitted
2aa34383
DK		 5957 * (optional) "compressok" -> (value ignored)
5958 * presence indicates compressed DRR_WRITE records are permitted
b5256303
TC		 5959 * (optional) "rawok" -> (value ignored)
5960 * presence indicates raw encrypted records should be used.
47dfff3b
MA		 5961 * (optional) "resume_object" and "resume_offset" -> (uint64)
5962 * if present, resume send stream from specified object and offset.
6f1ffb06
MA		 5963 * }
5964 *
5965 * outnvl is unused
34dc7c2f 5966 */
b83a0e2d
DB		 5967static const zfs_ioc_key_t zfs_keys_send_new[] = {
5968 {"fd", DATA_TYPE_INT32, 0},
5969 {"fromsnap", DATA_TYPE_STRING, ZK_OPTIONAL},
5970 {"largeblockok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
5971 {"embedok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
5972 {"compressok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
5973 {"rawok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
5974 {"resume_object", DATA_TYPE_UINT64, ZK_OPTIONAL},
5975 {"resume_offset", DATA_TYPE_UINT64, ZK_OPTIONAL},
5976};
5977
6f1ffb06
MA		 5978/* ARGSUSED */
5979static int
5980zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5981{
6f1ffb06
MA		 5982 int error;
5983 offset_t off;
13fe0198 5984 char *fromname = NULL;
6f1ffb06 5985 int fd;
13fe0198 5986 file_t *fp;
f1512ee6 5987 boolean_t largeblockok;
9b67f605 5988 boolean_t embedok;
2aa34383 5989 boolean_t compressok;
b5256303 5990 boolean_t rawok;
47dfff3b
MA		 5991 uint64_t resumeobj = 0;
5992 uint64_t resumeoff = 0;
6f1ffb06 5993
b83a0e2d 5994 fd = fnvlist_lookup_int32(innvl, "fd");
6f1ffb06 5995
13fe0198 5996 (void) nvlist_lookup_string(innvl, "fromsnap", &fromname);
6f1ffb06 5997
f1512ee6 5998 largeblockok = nvlist_exists(innvl, "largeblockok");
9b67f605 5999 embedok = nvlist_exists(innvl, "embedok");
2aa34383 6000 compressok = nvlist_exists(innvl, "compressok");
b5256303 6001 rawok = nvlist_exists(innvl, "rawok");
9b67f605 6002
47dfff3b
MA		 6003 (void) nvlist_lookup_uint64(innvl, "resume_object", &resumeobj);
6004 (void) nvlist_lookup_uint64(innvl, "resume_offset", &resumeoff);
6005
13fe0198 6006 if ((fp = getf(fd)) == NULL)
2e528b49 6007 return (SET_ERROR(EBADF));
6f1ffb06
MA		 6008
6009 off = fp->f_offset;
2aa34383 6010 error = dmu_send(snapname, fromname, embedok, largeblockok, compressok,
b5256303 6011 rawok, fd, resumeobj, resumeoff, fp->f_vnode, &off);
6f1ffb06
MA		 6012
6013 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
6014 fp->f_offset = off;
13fe0198 6015
6f1ffb06 6016 releasef(fd);
6f1ffb06
MA		 6017 return (error);
6018}
6019
6020/*
6021 * Determine approximately how large a zfs send stream will be -- the number
6022 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
6023 *
6024 * innvl: {
5dc8b736
MG		 6025 * (optional) "from" -> full snap or bookmark name to send an incremental
6026 * from
2aa34383
DK		 6027 * (optional) "largeblockok" -> (value ignored)
6028 * indicates that blocks > 128KB are permitted
6029 * (optional) "embedok" -> (value ignored)
6030 * presence indicates DRR_WRITE_EMBEDDED records are permitted
6031 * (optional) "compressok" -> (value ignored)
6032 * presence indicates compressed DRR_WRITE records are permitted
cf7684bc 6033 * (optional) "rawok" -> (value ignored)
6034 * presence indicates raw encrypted records should be used.
6f1ffb06
MA		 6035 * }
6036 *
6037 * outnvl: {
6038 * "space" -> bytes of space (uint64)
6039 * }
6040 */
b83a0e2d
DB		 6041static const zfs_ioc_key_t zfs_keys_send_space[] = {
6042 {"from", DATA_TYPE_STRING, ZK_OPTIONAL},
6043 {"fromsnap", DATA_TYPE_STRING, ZK_OPTIONAL},
6044 {"largeblockok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
6045 {"embedok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
6046 {"compressok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
6047 {"rawok", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
6048};
6049
6f1ffb06
MA		 6050static int
6051zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
6052{
13fe0198 6053 dsl_pool_t *dp;
13fe0198 6054 dsl_dataset_t *tosnap;
6f1ffb06
MA		 6055 int error;
6056 char *fromname;
2aa34383 6057 boolean_t compressok;
b5256303 6058 boolean_t rawok;
6f1ffb06
MA		 6059 uint64_t space;
6060
13fe0198
MA		 6061 error = dsl_pool_hold(snapname, FTAG, &dp);
6062 if (error != 0)
6f1ffb06
MA		 6063 return (error);
6064
13fe0198
MA		 6065 error = dsl_dataset_hold(dp, snapname, FTAG, &tosnap);
6066 if (error != 0) {
6067 dsl_pool_rele(dp, FTAG);
6068 return (error);
6069 }
6070
2aa34383 6071 compressok = nvlist_exists(innvl, "compressok");
b5256303 6072 rawok = nvlist_exists(innvl, "rawok");
2aa34383 6073
5dc8b736 6074 error = nvlist_lookup_string(innvl, "from", &fromname);
6f1ffb06 6075 if (error == 0) {
5dc8b736
MG		 6076 if (strchr(fromname, '@') != NULL) {
6077 /*
6078 * If from is a snapshot, hold it and use the more
6079 * efficient dmu_send_estimate to estimate send space
6080 * size using deadlists.
6081 */
6082 dsl_dataset_t *fromsnap;
6083 error = dsl_dataset_hold(dp, fromname, FTAG, &fromsnap);
6084 if (error != 0)
6085 goto out;
b5256303
TC		 6086 error = dmu_send_estimate(tosnap, fromsnap,
6087 compressok || rawok, &space);
5dc8b736
MG		 6088 dsl_dataset_rele(fromsnap, FTAG);
6089 } else if (strchr(fromname, '#') != NULL) {
6090 /*
6091 * If from is a bookmark, fetch the creation TXG of the
6092 * snapshot it was created from and use that to find
6093 * blocks that were born after it.
6094 */
6095 zfs_bookmark_phys_t frombm;
6096
6097 error = dsl_bookmark_lookup(dp, fromname, tosnap,
6098 &frombm);
6099 if (error != 0)
6100 goto out;
6101 error = dmu_send_estimate_from_txg(tosnap,
b5256303
TC		 6102 frombm.zbm_creation_txg, compressok || rawok,
6103 &space);
5dc8b736
MG		 6104 } else {
6105 /*
6106 * from is not properly formatted as a snapshot or
6107 * bookmark
6108 */
6109 error = SET_ERROR(EINVAL);
6110 goto out;
6f1ffb06 6111 }
5dc8b736 6112 } else {
d8fdfc2d
BB		 6113 /*
6114 * If estimating the size of a full send, use dmu_send_estimate.
6115 */
b5256303
TC		 6116 error = dmu_send_estimate(tosnap, NULL, compressok || rawok,
6117 &space);
6f1ffb06
MA		 6118 }
6119
6f1ffb06
MA		 6120 fnvlist_add_uint64(outnvl, "space", space);
6121
5dc8b736 6122out:
13fe0198
MA		 6123 dsl_dataset_rele(tosnap, FTAG);
6124 dsl_pool_rele(dp, FTAG);
6f1ffb06
MA		 6125 return (error);
6126}
6127
bec1067d
AP		 6128/*
6129 * Sync the currently open TXG to disk for the specified pool.
6130 * This is somewhat similar to 'zfs_sync()'.
6131 * For cases that do not result in error this ioctl will wait for
6132 * the currently open TXG to commit before returning back to the caller.
6133 *
6134 * innvl: {
6135 * "force" -> when true, force uberblock update even if there is no dirty data.
6136 * In addition this will cause the vdev configuration to be written
6137 * out including updating the zpool cache file. (boolean_t)
6138 * }
6139 *
6140 * onvl is unused
6141 */
b83a0e2d
DB		 6142static const zfs_ioc_key_t zfs_keys_pool_sync[] = {
6143 {"force", DATA_TYPE_BOOLEAN_VALUE, 0},
6144};
6145
bec1067d
AP		 6146/* ARGSUSED */
6147static int
6148zfs_ioc_pool_sync(const char *pool, nvlist_t *innvl, nvlist_t *onvl)
6149{
6150 int err;
05f85a6a 6151 boolean_t force = B_FALSE;
bec1067d
AP		 6152 spa_t *spa;
6153
6154 if ((err = spa_open(pool, &spa, FTAG)) != 0)
6155 return (err);
6156
b83a0e2d
DB		 6157 if (innvl)
6158 force = fnvlist_lookup_boolean_value(innvl, "force");
05f85a6a 6159
bec1067d
AP		 6160 if (force) {
6161 spa_config_enter(spa, SCL_CONFIG, FTAG, RW_WRITER);
6162 vdev_config_dirty(spa->spa_root_vdev);
6163 spa_config_exit(spa, SCL_CONFIG, FTAG);
6164 }
6165 txg_wait_synced(spa_get_dsl(spa), 0);
b83a0e2d 6166
bec1067d
AP		 6167 spa_close(spa, FTAG);
6168
6169 return (err);
6170}
6171
b5256303
TC		 6172/*
6173 * Load a user's wrapping key into the kernel.
6174 * innvl: {
6175 * "hidden_args" -> { "wkeydata" -> value }
6176 * raw uint8_t array of encryption wrapping key data (32 bytes)
6177 * (optional) "noop" -> (value ignored)
6178 * presence indicated key should only be verified, not loaded
6179 * }
6180 */
b83a0e2d
DB		 6181static const zfs_ioc_key_t zfs_keys_load_key[] = {
6182 {"hidden_args", DATA_TYPE_NVLIST, 0},
6183 {"noop", DATA_TYPE_BOOLEAN, ZK_OPTIONAL},
6184};
6185
b5256303
TC		 6186/* ARGSUSED */
6187static int
6188zfs_ioc_load_key(const char *dsname, nvlist_t *innvl, nvlist_t *outnvl)
6189{
6190 int ret;
6191 dsl_crypto_params_t *dcp = NULL;
6192 nvlist_t *hidden_args;
6193 boolean_t noop = nvlist_exists(innvl, "noop");
6194
6195 if (strchr(dsname, '@') != NULL || strchr(dsname, '%') != NULL) {
6196 ret = SET_ERROR(EINVAL);
6197 goto error;
6198 }
6199
b83a0e2d 6200 hidden_args = fnvlist_lookup_nvlist(innvl, ZPOOL_HIDDEN_ARGS);
b5256303
TC		 6201
6202 ret = dsl_crypto_params_create_nvlist(DCP_CMD_NONE, NULL,
6203 hidden_args, &dcp);
6204 if (ret != 0)
6205 goto error;
6206
6207 ret = spa_keystore_load_wkey(dsname, dcp, noop);
6208 if (ret != 0)
6209 goto error;
6210
6211 dsl_crypto_params_free(dcp, noop);
6212
6213 return (0);
6214
6215error:
6216 dsl_crypto_params_free(dcp, B_TRUE);
6217 return (ret);
6218}
6219
6220/*
6221 * Unload a user's wrapping key from the kernel.
6222 * Both innvl and outnvl are unused.
6223 */
b83a0e2d
DB		 6224static const zfs_ioc_key_t zfs_keys_unload_key[] = {
6225 /* no nvl keys */
6226};
6227
b5256303
TC		 6228/* ARGSUSED */
6229static int
6230zfs_ioc_unload_key(const char *dsname, nvlist_t *innvl, nvlist_t *outnvl)
6231{
6232 int ret = 0;
6233
6234 if (strchr(dsname, '@') != NULL || strchr(dsname, '%') != NULL) {
6235 ret = (SET_ERROR(EINVAL));
6236 goto out;
6237 }
6238
6239 ret = spa_keystore_unload_wkey(dsname);
6240 if (ret != 0)
6241 goto out;
6242
6243out:
6244 return (ret);
6245}
6246
6247/*
6248 * Changes a user's wrapping key used to decrypt a dataset. The keyformat,
6249 * keylocation, pbkdf2salt, and pbkdf2iters properties can also be specified
6250 * here to change how the key is derived in userspace.
6251 *
6252 * innvl: {
6253 * "hidden_args" (optional) -> { "wkeydata" -> value }
6254 * raw uint8_t array of new encryption wrapping key data (32 bytes)
6255 * "props" (optional) -> { prop -> value }
6256 * }
6257 *
6258 * outnvl is unused
6259 */
b83a0e2d
DB		 6260static const zfs_ioc_key_t zfs_keys_change_key[] = {
6261 {"crypt_cmd", DATA_TYPE_UINT64, ZK_OPTIONAL},
6262 {"hidden_args", DATA_TYPE_NVLIST, ZK_OPTIONAL},
6263 {"props", DATA_TYPE_NVLIST, ZK_OPTIONAL},
6264};
6265
b5256303
TC		 6266/* ARGSUSED */
6267static int
6268zfs_ioc_change_key(const char *dsname, nvlist_t *innvl, nvlist_t *outnvl)
6269{
6270 int ret;
6271 uint64_t cmd = DCP_CMD_NONE;
6272 dsl_crypto_params_t *dcp = NULL;
6273 nvlist_t *args = NULL, *hidden_args = NULL;
6274
6275 if (strchr(dsname, '@') != NULL || strchr(dsname, '%') != NULL) {
6276 ret = (SET_ERROR(EINVAL));
6277 goto error;
6278 }
6279
6280 (void) nvlist_lookup_uint64(innvl, "crypt_cmd", &cmd);
6281 (void) nvlist_lookup_nvlist(innvl, "props", &args);
6282 (void) nvlist_lookup_nvlist(innvl, ZPOOL_HIDDEN_ARGS, &hidden_args);
6283
6284 ret = dsl_crypto_params_create_nvlist(cmd, args, hidden_args, &dcp);
6285 if (ret != 0)
6286 goto error;
6287
6288 ret = spa_keystore_change_key(dsname, dcp);
6289 if (ret != 0)
6290 goto error;
6291
6292 dsl_crypto_params_free(dcp, B_FALSE);
6293
6294 return (0);
6295
6296error:
6297 dsl_crypto_params_free(dcp, B_TRUE);
6298 return (ret);
6299}
6300
6f1ffb06
MA		 6301static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
6302
6303static void
6304zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
6305 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
6306 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
6307{
6308 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
6309
6310 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
6311 ASSERT3U(ioc, <, ZFS_IOC_LAST);
6312 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
6313 ASSERT3P(vec->zvec_func, ==, NULL);
6314
6315 vec->zvec_legacy_func = func;
6316 vec->zvec_secpolicy = secpolicy;
6317 vec->zvec_namecheck = namecheck;
6318 vec->zvec_allow_log = log_history;
6319 vec->zvec_pool_check = pool_check;
6320}
6321
6322/*
6323 * See the block comment at the beginning of this file for details on
6324 * each argument to this function.
6325 */
6326static void
6327zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
6328 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
6329 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
b83a0e2d 6330 boolean_t allow_log, const zfs_ioc_key_t *nvl_keys, size_t num_keys)
6f1ffb06
MA		 6331{
6332 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
6333
6334 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
6335 ASSERT3U(ioc, <, ZFS_IOC_LAST);
6336 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
6337 ASSERT3P(vec->zvec_func, ==, NULL);
6338
6339 /* if we are logging, the name must be valid */
6340 ASSERT(!allow_log || namecheck != NO_NAME);
6341
6342 vec->zvec_name = name;
6343 vec->zvec_func = func;
6344 vec->zvec_secpolicy = secpolicy;
6345 vec->zvec_namecheck = namecheck;
6346 vec->zvec_pool_check = pool_check;
6347 vec->zvec_smush_outnvlist = smush_outnvlist;
6348 vec->zvec_allow_log = allow_log;
b83a0e2d
DB		 6349 vec->zvec_nvl_keys = nvl_keys;
6350 vec->zvec_nvl_key_count = num_keys;
6f1ffb06
MA		 6351}
6352
6353static void
6354zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
6355 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
6356 zfs_ioc_poolcheck_t pool_check)
6357{
6358 zfs_ioctl_register_legacy(ioc, func, secpolicy,
6359 POOL_NAME, log_history, pool_check);
6360}
6361
6362static void
6363zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
6364 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
6365{
6366 zfs_ioctl_register_legacy(ioc, func, secpolicy,
6367 DATASET_NAME, B_FALSE, pool_check);
6368}
6369
6370static void
6371zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
6372{
6373 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
6374 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
6375}
6376
6377static void
6378zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
6379 zfs_secpolicy_func_t *secpolicy)
6380{
6381 zfs_ioctl_register_legacy(ioc, func, secpolicy,
6382 NO_NAME, B_FALSE, POOL_CHECK_NONE);
6383}
6384
6385static void
6386zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
6387 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
6388{
6389 zfs_ioctl_register_legacy(ioc, func, secpolicy,
6390 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
6391}
6392
6393static void
6394zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
6395{
6396 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
6397 zfs_secpolicy_read);
6398}
6399
6400static void
6401zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
e9aa730c 6402 zfs_secpolicy_func_t *secpolicy)
6f1ffb06
MA		 6403{
6404 zfs_ioctl_register_legacy(ioc, func, secpolicy,
6405 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
6406}
6407
6408static void
6409zfs_ioctl_init(void)
6410{
6411 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
6412 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
b83a0e2d
DB		 6413 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6414 zfs_keys_snapshot, ARRAY_SIZE(zfs_keys_snapshot));
6f1ffb06
MA		 6415
6416 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
6417 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
b83a0e2d
DB		 6418 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE,
6419 zfs_keys_log_history, ARRAY_SIZE(zfs_keys_log_history));
6f1ffb06
MA		 6420
6421 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
6422 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
b83a0e2d
DB		 6423 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE,
6424 zfs_keys_space_snaps, ARRAY_SIZE(zfs_keys_space_snaps));
6f1ffb06
MA		 6425
6426 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
6427 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
b83a0e2d
DB		 6428 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE,
6429 zfs_keys_send_new, ARRAY_SIZE(zfs_keys_send_new));
6f1ffb06
MA		 6430
6431 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
6432 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
b83a0e2d
DB		 6433 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE,
6434 zfs_keys_send_space, ARRAY_SIZE(zfs_keys_send_space));
6f1ffb06
MA		 6435
6436 zfs_ioctl_register("create", ZFS_IOC_CREATE,
6437 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
b83a0e2d
DB		 6438 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6439 zfs_keys_create, ARRAY_SIZE(zfs_keys_create));
6f1ffb06
MA		 6440
6441 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
6442 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
b83a0e2d
DB		 6443 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6444 zfs_keys_clone, ARRAY_SIZE(zfs_keys_clone));
6f1ffb06 6445
a1d477c2
MA		 6446 zfs_ioctl_register("remap", ZFS_IOC_REMAP,
6447 zfs_ioc_remap, zfs_secpolicy_remap, DATASET_NAME,
b83a0e2d
DB		 6448 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_TRUE,
6449 zfs_keys_remap, ARRAY_SIZE(zfs_keys_remap));
a1d477c2 6450
6f1ffb06
MA		 6451 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
6452 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
b83a0e2d
DB		 6453 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6454 zfs_keys_destroy_snaps, ARRAY_SIZE(zfs_keys_destroy_snaps));
6f1ffb06 6455
13fe0198
MA		 6456 zfs_ioctl_register("hold", ZFS_IOC_HOLD,
6457 zfs_ioc_hold, zfs_secpolicy_hold, POOL_NAME,
b83a0e2d
DB		 6458 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6459 zfs_keys_hold, ARRAY_SIZE(zfs_keys_hold));
13fe0198
MA		 6460 zfs_ioctl_register("release", ZFS_IOC_RELEASE,
6461 zfs_ioc_release, zfs_secpolicy_release, POOL_NAME,
b83a0e2d
DB		 6462 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6463 zfs_keys_release, ARRAY_SIZE(zfs_keys_release));
13fe0198
MA		 6464
6465 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS,
6466 zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME,
b83a0e2d
DB		 6467 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE,
6468 zfs_keys_get_holds, ARRAY_SIZE(zfs_keys_get_holds));
13fe0198 6469
46ba1e59
MA		 6470 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK,
6471 zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME,
b83a0e2d
DB		 6472 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_TRUE,
6473 zfs_keys_rollback, ARRAY_SIZE(zfs_keys_rollback));
46ba1e59 6474
da536844
MA		 6475 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK,
6476 zfs_ioc_bookmark, zfs_secpolicy_bookmark, POOL_NAME,
b83a0e2d
DB		 6477 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6478 zfs_keys_bookmark, ARRAY_SIZE(zfs_keys_bookmark));
da536844
MA		 6479
6480 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS,
6481 zfs_ioc_get_bookmarks, zfs_secpolicy_read, DATASET_NAME,
b83a0e2d
DB		 6482 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE,
6483 zfs_keys_get_bookmarks, ARRAY_SIZE(zfs_keys_get_bookmarks));
da536844
MA		 6484
6485 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS,
6486 zfs_ioc_destroy_bookmarks, zfs_secpolicy_destroy_bookmarks,
6487 POOL_NAME,
b83a0e2d
DB		 6488 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6489 zfs_keys_destroy_bookmarks,
6490 ARRAY_SIZE(zfs_keys_destroy_bookmarks));
da536844 6491
43e52edd
BB		 6492 zfs_ioctl_register("receive", ZFS_IOC_RECV_NEW,
6493 zfs_ioc_recv_new, zfs_secpolicy_recv_new, DATASET_NAME,
b83a0e2d
DB		 6494 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6495 zfs_keys_recv_new, ARRAY_SIZE(zfs_keys_recv_new));
b5256303
TC		 6496 zfs_ioctl_register("load-key", ZFS_IOC_LOAD_KEY,
6497 zfs_ioc_load_key, zfs_secpolicy_load_key,
b83a0e2d
DB		 6498 DATASET_NAME, POOL_CHECK_SUSPENDED, B_TRUE, B_TRUE,
6499 zfs_keys_load_key, ARRAY_SIZE(zfs_keys_load_key));
b5256303
TC		 6500 zfs_ioctl_register("unload-key", ZFS_IOC_UNLOAD_KEY,
6501 zfs_ioc_unload_key, zfs_secpolicy_load_key,
b83a0e2d
DB		 6502 DATASET_NAME, POOL_CHECK_SUSPENDED, B_TRUE, B_TRUE,
6503 zfs_keys_unload_key, ARRAY_SIZE(zfs_keys_unload_key));
b5256303
TC		 6504 zfs_ioctl_register("change-key", ZFS_IOC_CHANGE_KEY,
6505 zfs_ioc_change_key, zfs_secpolicy_change_key,
6506 DATASET_NAME, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY,
b83a0e2d
DB		 6507 B_TRUE, B_TRUE, zfs_keys_change_key,
6508 ARRAY_SIZE(zfs_keys_change_key));
43e52edd 6509
bec1067d
AP		 6510 zfs_ioctl_register("sync", ZFS_IOC_POOL_SYNC,
6511 zfs_ioc_pool_sync, zfs_secpolicy_none, POOL_NAME,
b83a0e2d
DB		 6512 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE,
6513 zfs_keys_pool_sync, ARRAY_SIZE(zfs_keys_pool_sync));
d3f2cd7e
AB		 6514 zfs_ioctl_register("reopen", ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
6515 zfs_secpolicy_config, POOL_NAME, POOL_CHECK_SUSPENDED, B_TRUE,
b83a0e2d 6516 B_TRUE, zfs_keys_pool_reopen, ARRAY_SIZE(zfs_keys_pool_reopen));
bec1067d 6517
d99a0153
CW		 6518 zfs_ioctl_register("channel_program", ZFS_IOC_CHANNEL_PROGRAM,
6519 zfs_ioc_channel_program, zfs_secpolicy_config,
6520 POOL_NAME, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE,
b83a0e2d
DB		 6521 B_TRUE, zfs_keys_channel_program,
6522 ARRAY_SIZE(zfs_keys_channel_program));
d99a0153 6523
d2734cce
SD		 6524 zfs_ioctl_register("zpool_checkpoint", ZFS_IOC_POOL_CHECKPOINT,
6525 zfs_ioc_pool_checkpoint, zfs_secpolicy_config, POOL_NAME,
b83a0e2d
DB		 6526 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6527 zfs_keys_pool_checkpoint, ARRAY_SIZE(zfs_keys_pool_checkpoint));
d2734cce
SD		 6528
6529 zfs_ioctl_register("zpool_discard_checkpoint",
6530 ZFS_IOC_POOL_DISCARD_CHECKPOINT, zfs_ioc_pool_discard_checkpoint,
6531 zfs_secpolicy_config, POOL_NAME,
b83a0e2d
DB		 6532 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6533 zfs_keys_pool_discard_checkpoint,
6534 ARRAY_SIZE(zfs_keys_pool_discard_checkpoint));
d2734cce 6535
619f0976
GW		 6536 zfs_ioctl_register("initialize", ZFS_IOC_POOL_INITIALIZE,
6537 zfs_ioc_pool_initialize, zfs_secpolicy_config, POOL_NAME,
6538 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE,
6539 zfs_keys_pool_initialize, ARRAY_SIZE(zfs_keys_pool_initialize));
6540
6f1ffb06
MA		 6541 /* IOCTLS that use the legacy function signature */
6542
6543 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
6544 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
6545
6546 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
6547 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
6548 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
6549 zfs_ioc_pool_scan);
6550 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
6551 zfs_ioc_pool_upgrade);
6552 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
6553 zfs_ioc_vdev_add);
6554 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
6555 zfs_ioc_vdev_remove);
6556 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
6557 zfs_ioc_vdev_set_state);
6558 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
6559 zfs_ioc_vdev_attach);
6560 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
6561 zfs_ioc_vdev_detach);
6562 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
6563 zfs_ioc_vdev_setpath);
6564 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
6565 zfs_ioc_vdev_setfru);
6566 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
6567 zfs_ioc_pool_set_props);
6568 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
6569 zfs_ioc_vdev_split);
6570 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
6571 zfs_ioc_pool_reguid);
6572
6573 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
6574 zfs_ioc_pool_configs, zfs_secpolicy_none);
6575 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
6576 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
6577 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
6578 zfs_ioc_inject_fault, zfs_secpolicy_inject);
6579 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
6580 zfs_ioc_clear_fault, zfs_secpolicy_inject);
6581 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
6582 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
6583
6584 /*
6585 * pool destroy, and export don't log the history as part of
6586 * zfsdev_ioctl, but rather zfs_ioc_pool_export
6587 * does the logging of those commands.
6588 */
6589 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
87a63dd7 6590 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
6f1ffb06 6591 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
87a63dd7 6592 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
6f1ffb06
MA		 6593
6594 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
6595 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
6596 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
6597 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
6598
6599 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
6600 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
6601 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
6602 zfs_ioc_dsobj_to_dsname,
6603 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
6604 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
6605 zfs_ioc_pool_get_history,
6606 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
6607
6608 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
6609 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
6610
6611 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
92e43c17 6612 zfs_secpolicy_config, B_TRUE, POOL_CHECK_READONLY);
6f1ffb06
MA		 6613
6614 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
6615 zfs_ioc_space_written);
6f1ffb06
MA		 6616 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
6617 zfs_ioc_objset_recvd_props);
6618 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
6619 zfs_ioc_next_obj);
6620 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
6621 zfs_ioc_get_fsacl);
6622 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
6623 zfs_ioc_objset_stats);
6624 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
6625 zfs_ioc_objset_zplprops);
6626 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
6627 zfs_ioc_dataset_list_next);
6628 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
6629 zfs_ioc_snapshot_list_next);
6630 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
6631 zfs_ioc_send_progress);
6632
6633 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
6634 zfs_ioc_diff, zfs_secpolicy_diff);
6635 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
6636 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
6637 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
6638 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
6639 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
6640 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
6641 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
6642 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
6643 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
6644 zfs_ioc_send, zfs_secpolicy_send);
6645
6646 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
6647 zfs_secpolicy_none);
6648 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
6649 zfs_secpolicy_destroy);
6f1ffb06
MA		 6650 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
6651 zfs_secpolicy_rename);
6652 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
6653 zfs_secpolicy_recv);
6654 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
6655 zfs_secpolicy_promote);
6f1ffb06
MA		 6656 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
6657 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
6658 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
6659 zfs_secpolicy_set_fsacl);
6660
6661 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
6662 zfs_secpolicy_share, POOL_CHECK_NONE);
6663 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
6664 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
6665 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
6666 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
6667 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
6668 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
6669 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
6670 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
6671
6672 /*
ba6a2402 6673 * ZoL functions
6f1ffb06 6674 */
6f1ffb06
MA		 6675 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_NEXT, zfs_ioc_events_next,
6676 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_NONE);
6677 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_CLEAR, zfs_ioc_events_clear,
6678 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_NONE);
75e3ff58
BB		 6679 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_SEEK, zfs_ioc_events_seek,
6680 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_NONE);
6f1ffb06 6681}
34dc7c2f 6682
b83a0e2d
DB		 6683/*
6684 * Verify that for non-legacy ioctls the input nvlist
6685 * pairs match against the expected input.
6686 *
6687 * Possible errors are:
6688 * ZFS_ERR_IOC_ARG_UNAVAIL An unrecognized nvpair was encountered
6689 * ZFS_ERR_IOC_ARG_REQUIRED A required nvpair is missing
6690 * ZFS_ERR_IOC_ARG_BADTYPE Invalid type for nvpair
6691 */
6692static int
6693zfs_check_input_nvpairs(nvlist_t *innvl, const zfs_ioc_vec_t *vec)
6694{
6695 const zfs_ioc_key_t *nvl_keys = vec->zvec_nvl_keys;
6696 boolean_t required_keys_found = B_FALSE;
6697
6698 /*
6699 * examine each input pair
6700 */
6701 for (nvpair_t *pair = nvlist_next_nvpair(innvl, NULL);
6702 pair != NULL; pair = nvlist_next_nvpair(innvl, pair)) {
6703 char *name = nvpair_name(pair);
6704 data_type_t type = nvpair_type(pair);
6705 boolean_t identified = B_FALSE;
6706
6707 /*
6708 * check pair against the documented names and type
6709 */
6710 for (int k = 0; k < vec->zvec_nvl_key_count; k++) {
6711 /* if not a wild card name, check for an exact match */
6712 if ((nvl_keys[k].zkey_flags & ZK_WILDCARDLIST) == 0 &&
6713 strcmp(nvl_keys[k].zkey_name, name) != 0)
6714 continue;
6715
6716 identified = B_TRUE;
6717
6718 if (nvl_keys[k].zkey_type != DATA_TYPE_ANY &&
6719 nvl_keys[k].zkey_type != type) {
6720 return (SET_ERROR(ZFS_ERR_IOC_ARG_BADTYPE));
6721 }
6722
6723 if (nvl_keys[k].zkey_flags & ZK_OPTIONAL)
6724 continue;
6725
6726 required_keys_found = B_TRUE;
6727 break;
6728 }
6729
6730 /* allow an 'optional' key, everything else is invalid */
6731 if (!identified &&
6732 (strcmp(name, "optional") != 0 ||
6733 type != DATA_TYPE_NVLIST)) {
6734 return (SET_ERROR(ZFS_ERR_IOC_ARG_UNAVAIL));
6735 }
6736 }
6737
6738 /* verify that all required keys were found */
6739 for (int k = 0; k < vec->zvec_nvl_key_count; k++) {
6740 if (nvl_keys[k].zkey_flags & ZK_OPTIONAL)
6741 continue;
6742
6743 if (nvl_keys[k].zkey_flags & ZK_WILDCARDLIST) {
6744 /* at least one non-optionial key is expected here */
6745 if (!required_keys_found)
6746 return (SET_ERROR(ZFS_ERR_IOC_ARG_REQUIRED));
6747 continue;
6748 }
6749
6750 if (!nvlist_exists(innvl, nvl_keys[k].zkey_name))
6751 return (SET_ERROR(ZFS_ERR_IOC_ARG_REQUIRED));
6752 }
6753
6754 return (0);
6755}
6756
9babb374 6757int
572e2857
BB		 6758pool_status_check(const char *name, zfs_ioc_namecheck_t type,
6759 zfs_ioc_poolcheck_t check)
9babb374
BB		 6760{
6761 spa_t *spa;
6762 int error;
6763
6764 ASSERT(type == POOL_NAME || type == DATASET_NAME);
6765
572e2857
BB		 6766 if (check & POOL_CHECK_NONE)
6767 return (0);
6768
9babb374
BB		 6769 error = spa_open(name, &spa, FTAG);
6770 if (error == 0) {
572e2857 6771 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
2e528b49 6772 error = SET_ERROR(EAGAIN);
572e2857 6773 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
2e528b49 6774 error = SET_ERROR(EROFS);
9babb374
BB		 6775 spa_close(spa, FTAG);
6776 }
6777 return (error);
6778}
6779
325f0235
BB		 6780static void *
6781zfsdev_get_state_impl(minor_t minor, enum zfsdev_state_type which)
6782{
6783 zfsdev_state_t *zs;
6784
3937ab20 6785 for (zs = zfsdev_state_list; zs != NULL; zs = zs->zs_next) {
325f0235 6786 if (zs->zs_minor == minor) {
3937ab20 6787 smp_rmb();
325f0235 6788 switch (which) {
d1d7e268
MK		 6789 case ZST_ONEXIT:
6790 return (zs->zs_onexit);
6791 case ZST_ZEVENT:
6792 return (zs->zs_zevent);
6793 case ZST_ALL:
6794 return (zs);
325f0235
BB		 6795 }
6796 }
6797 }
6798
d1d7e268 6799 return (NULL);
325f0235
BB		 6800}
6801
6802void *
6803zfsdev_get_state(minor_t minor, enum zfsdev_state_type which)
6804{
6805 void *ptr;
6806
325f0235 6807 ptr = zfsdev_get_state_impl(minor, which);
325f0235 6808
d1d7e268 6809 return (ptr);
325f0235
BB		 6810}
6811
72540ea3
RY		 6812int
6813zfsdev_getminor(struct file *filp, minor_t *minorp)
325f0235 6814{
72540ea3
RY		 6815 zfsdev_state_t *zs, *fpd;
6816
325f0235 6817 ASSERT(filp != NULL);
72540ea3
RY		 6818 ASSERT(!MUTEX_HELD(&zfsdev_state_lock));
6819
6820 fpd = filp->private_data;
6821 if (fpd == NULL)
ecb2b7dc 6822 return (SET_ERROR(EBADF));
72540ea3
RY		 6823
6824 mutex_enter(&zfsdev_state_lock);
6825
6826 for (zs = zfsdev_state_list; zs != NULL; zs = zs->zs_next) {
6827
6828 if (zs->zs_minor == -1)
6829 continue;
6830
6831 if (fpd == zs) {
6832 *minorp = fpd->zs_minor;
6833 mutex_exit(&zfsdev_state_lock);
6834 return (0);
6835 }
6836 }
6837
6838 mutex_exit(&zfsdev_state_lock);
325f0235 6839
ecb2b7dc 6840 return (SET_ERROR(EBADF));
325f0235
BB		 6841}
6842
572e2857 6843/*
325f0235
BB		 6844 * Find a free minor number. The zfsdev_state_list is expected to
6845 * be short since it is only a list of currently open file handles.
572e2857
BB		 6846 */
6847minor_t
6848zfsdev_minor_alloc(void)
6849{
325f0235 6850 static minor_t last_minor = 0;
572e2857
BB		 6851 minor_t m;
6852
6853 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
6854
6855 for (m = last_minor + 1; m != last_minor; m++) {
6856 if (m > ZFSDEV_MAX_MINOR)
6857 m = 1;
325f0235 6858 if (zfsdev_get_state_impl(m, ZST_ALL) == NULL) {
572e2857
BB		 6859 last_minor = m;
6860 return (m);
6861 }
6862 }
6863
6864 return (0);
6865}
6866
6867static int
325f0235 6868zfsdev_state_init(struct file *filp)
572e2857 6869{
3937ab20 6870 zfsdev_state_t *zs, *zsprev = NULL;
572e2857 6871 minor_t minor;
3937ab20 6872 boolean_t newzs = B_FALSE;
572e2857
BB		 6873
6874 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
572e2857 6875
d1d7e268
MK		 6876 minor = zfsdev_minor_alloc();
6877 if (minor == 0)
6878 return (SET_ERROR(ENXIO));
325f0235 6879
3937ab20
TC		 6880 for (zs = zfsdev_state_list; zs != NULL; zs = zs->zs_next) {
6881 if (zs->zs_minor == -1)
6882 break;
6883 zsprev = zs;
6884 }
6885
6886 if (!zs) {
6887 zs = kmem_zalloc(sizeof (zfsdev_state_t), KM_SLEEP);
6888 newzs = B_TRUE;
6889 }
572e2857 6890
325f0235 6891 zs->zs_file = filp;
325f0235 6892 filp->private_data = zs;
572e2857 6893
325f0235
BB		 6894 zfs_onexit_init((zfs_onexit_t **)&zs->zs_onexit);
6895 zfs_zevent_init((zfs_zevent_t **)&zs->zs_zevent);
572e2857 6896
3937ab20
TC		 6897
6898 /*
6899 * In order to provide for lock-free concurrent read access
6900 * to the minor list in zfsdev_get_state_impl(), new entries
6901 * must be completely written before linking them into the
6902 * list whereas existing entries are already linked; the last
6903 * operation must be updating zs_minor (from -1 to the new
6904 * value).
6905 */
6906 if (newzs) {
6907 zs->zs_minor = minor;
6908 smp_wmb();
6909 zsprev->zs_next = zs;
6910 } else {
6911 smp_wmb();
6912 zs->zs_minor = minor;
6913 }
572e2857
BB		 6914
6915 return (0);
6916}
6917
325f0235
BB		 6918static int
6919zfsdev_state_destroy(struct file *filp)
572e2857 6920{
325f0235 6921 zfsdev_state_t *zs;
572e2857 6922
325f0235
BB		 6923 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
6924 ASSERT(filp->private_data != NULL);
572e2857 6925
325f0235 6926 zs = filp->private_data;
3937ab20 6927 zs->zs_minor = -1;
325f0235
BB		 6928 zfs_onexit_destroy(zs->zs_onexit);
6929 zfs_zevent_destroy(zs->zs_zevent);
572e2857 6930
d1d7e268 6931 return (0);
572e2857
BB		 6932}
6933
6934static int
325f0235 6935zfsdev_open(struct inode *ino, struct file *filp)
572e2857 6936{
325f0235 6937 int error;
572e2857 6938
325f0235
BB		 6939 mutex_enter(&zfsdev_state_lock);
6940 error = zfsdev_state_init(filp);
6941 mutex_exit(&zfsdev_state_lock);
572e2857 6942
325f0235 6943 return (-error);
572e2857
BB		 6944}
6945
6946static int
325f0235 6947zfsdev_release(struct inode *ino, struct file *filp)
572e2857 6948{
325f0235 6949 int error;
572e2857
BB		 6950
6951 mutex_enter(&zfsdev_state_lock);
325f0235 6952 error = zfsdev_state_destroy(filp);
572e2857
BB		 6953 mutex_exit(&zfsdev_state_lock);
6954
325f0235 6955 return (-error);
572e2857
BB		 6956}
6957
325f0235
BB		 6958static long
6959zfsdev_ioctl(struct file *filp, unsigned cmd, unsigned long arg)
34dc7c2f
BB		 6960{
6961 zfs_cmd_t *zc;
6f1ffb06 6962 uint_t vecnum;
4fd762f8 6963 int error, rc, flag = 0;
6f1ffb06 6964 const zfs_ioc_vec_t *vec;
fb8e608d 6965 char *saved_poolname = NULL;
6f1ffb06 6966 nvlist_t *innvl = NULL;
40d06e3c 6967 fstrans_cookie_t cookie;
6f1ffb06
MA		 6968
6969 vecnum = cmd - ZFS_IOC_FIRST;
6970 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
b83a0e2d 6971 return (-SET_ERROR(ZFS_ERR_IOC_CMD_UNAVAIL));
6f1ffb06 6972 vec = &zfs_ioc_vec[vecnum];
34dc7c2f 6973
2e0358cb
BB		 6974 /*
6975 * The registered ioctl list may be sparse, verify that either
6976 * a normal or legacy handler are registered.
6977 */
6978 if (vec->zvec_func == NULL && vec->zvec_legacy_func == NULL)
b83a0e2d 6979 return (-SET_ERROR(ZFS_ERR_IOC_CMD_UNAVAIL));
2e0358cb 6980
efcd79a8 6981 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
34dc7c2f 6982
9babb374 6983 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
6f1ffb06 6984 if (error != 0) {
2e528b49 6985 error = SET_ERROR(EFAULT);
6f1ffb06
MA		 6986 goto out;
6987 }
34dc7c2f 6988
6f1ffb06 6989 zc->zc_iflags = flag & FKIOCTL;
f74b821a
BB		 6990 if (zc->zc_nvlist_src_size > MAX_NVLIST_SRC_SIZE) {
6991 /*
6992 * Make sure the user doesn't pass in an insane value for
6993 * zc_nvlist_src_size. We have to check, since we will end
6994 * up allocating that much memory inside of get_nvlist(). This
6995 * prevents a nefarious user from allocating tons of kernel
6996 * memory.
6997 *
6998 * Also, we return EINVAL instead of ENOMEM here. The reason
6999 * being that returning ENOMEM from an ioctl() has a special
7000 * connotation; that the user's size value is too small and
7001 * needs to be expanded to hold the nvlist. See
7002 * zcmd_expand_dst_nvlist() for details.
7003 */
7004 error = SET_ERROR(EINVAL); /* User's size too big */
7005
7006 } else if (zc->zc_nvlist_src_size != 0) {
6f1ffb06
MA		 7007 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
7008 zc->zc_iflags, &innvl);
7009 if (error != 0)
7010 goto out;
7011 }
34dc7c2f
BB		 7012
7013 /*
7014 * Ensure that all pool/dataset names are valid before we pass down to
7015 * the lower layers.
7016 */
6f1ffb06
MA		 7017 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
7018 switch (vec->zvec_namecheck) {
7019 case POOL_NAME:
7020 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
2e528b49 7021 error = SET_ERROR(EINVAL);
6f1ffb06 7022 else
572e2857 7023 error = pool_status_check(zc->zc_name,
6f1ffb06
MA		 7024 vec->zvec_namecheck, vec->zvec_pool_check);
7025 break;
34dc7c2f 7026
6f1ffb06
MA		 7027 case DATASET_NAME:
7028 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
2e528b49 7029 error = SET_ERROR(EINVAL);
6f1ffb06 7030 else
572e2857 7031 error = pool_status_check(zc->zc_name,
6f1ffb06
MA		 7032 vec->zvec_namecheck, vec->zvec_pool_check);
7033 break;
34dc7c2f 7034
6f1ffb06
MA		 7035 case NO_NAME:
7036 break;
34dc7c2f
BB		 7037 }
7038
b83a0e2d
DB		 7039 /*
7040 * Ensure that all input pairs are valid before we pass them down
7041 * to the lower layers.
7042 *
7043 * The vectored functions can use fnvlist_lookup_{type} for any
7044 * required pairs since zfs_check_input_nvpairs() confirmed that
7045 * they exist and are of the correct type.
7046 */
7047 if (error == 0 && vec->zvec_func != NULL) {
7048 error = zfs_check_input_nvpairs(innvl, vec);
7049 if (error != 0)
7050 goto out;
7051 }
34dc7c2f 7052
005e27e3 7053 if (error == 0) {
ddab862d 7054 cookie = spl_fstrans_mark();
6f1ffb06 7055 error = vec->zvec_secpolicy(zc, innvl, CRED());
ddab862d
TC		 7056 spl_fstrans_unmark(cookie);
7057 }
6f1ffb06
MA		 7058
7059 if (error != 0)
7060 goto out;
7061
7062 /* legacy ioctls can modify zc_name */
4fd762f8
BB		 7063 saved_poolname = strdup(zc->zc_name);
7064 if (saved_poolname == NULL) {
7065 error = SET_ERROR(ENOMEM);
7066 goto out;
7067 } else {
7068 saved_poolname[strcspn(saved_poolname, "/@#")] = '\0';
7069 }
6f1ffb06
MA		 7070
7071 if (vec->zvec_func != NULL) {
7072 nvlist_t *outnvl;
7073 int puterror = 0;
7074 spa_t *spa;
7075 nvlist_t *lognv = NULL;
7076
7077 ASSERT(vec->zvec_legacy_func == NULL);
7078
7079 /*
7080 * Add the innvl to the lognv before calling the func,
7081 * in case the func changes the innvl.
7082 */
7083 if (vec->zvec_allow_log) {
7084 lognv = fnvlist_alloc();
7085 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
7086 vec->zvec_name);
7087 if (!nvlist_empty(innvl)) {
7088 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
7089 innvl);
7090 }
7091 }
7092
79c76d5b 7093 outnvl = fnvlist_alloc();
40d06e3c 7094 cookie = spl_fstrans_mark();
6f1ffb06 7095 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
40d06e3c 7096 spl_fstrans_unmark(cookie);
6f1ffb06 7097
d99a0153
CW		 7098 /*
7099 * Some commands can partially execute, modify state, and still
7100 * return an error. In these cases, attempt to record what
7101 * was modified.
7102 */
7103 if ((error == 0 ||
7104 (cmd == ZFS_IOC_CHANNEL_PROGRAM && error != EINVAL)) &&
7105 vec->zvec_allow_log &&
6f1ffb06
MA		 7106 spa_open(zc->zc_name, &spa, FTAG) == 0) {
7107 if (!nvlist_empty(outnvl)) {
7108 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
7109 outnvl);
7110 }
d99a0153
CW		 7111 if (error != 0) {
7112 fnvlist_add_int64(lognv, ZPOOL_HIST_ERRNO,
7113 error);
7114 }
6f1ffb06
MA		 7115 (void) spa_history_log_nvl(spa, lognv);
7116 spa_close(spa, FTAG);
7117 }
7118 fnvlist_free(lognv);
7119
7120 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
7121 int smusherror = 0;
7122 if (vec->zvec_smush_outnvlist) {
7123 smusherror = nvlist_smush(outnvl,
7124 zc->zc_nvlist_dst_size);
7125 }
7126 if (smusherror == 0)
7127 puterror = put_nvlist(zc, outnvl);
7128 }
7129
7130 if (puterror != 0)
7131 error = puterror;
7132
7133 nvlist_free(outnvl);
7134 } else {
40d06e3c 7135 cookie = spl_fstrans_mark();
6f1ffb06 7136 error = vec->zvec_legacy_func(zc);
40d06e3c 7137 spl_fstrans_unmark(cookie);
6f1ffb06
MA		 7138 }
7139
7140out:
7141 nvlist_free(innvl);
9babb374 7142 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
6f1ffb06 7143 if (error == 0 && rc != 0)
2e528b49 7144 error = SET_ERROR(EFAULT);
6f1ffb06
MA		 7145 if (error == 0 && vec->zvec_allow_log) {
7146 char *s = tsd_get(zfs_allow_log_key);
7147 if (s != NULL)
7148 strfree(s);
fb8e608d
TC		 7149 (void) tsd_set(zfs_allow_log_key, saved_poolname);
7150 } else {
7151 if (saved_poolname != NULL)
4fd762f8 7152 strfree(saved_poolname);
34dc7c2f
BB		 7153 }
7154
7155 kmem_free(zc, sizeof (zfs_cmd_t));
325f0235 7156 return (-error);
34dc7c2f
BB		 7157}
7158
325f0235
BB		 7159#ifdef CONFIG_COMPAT
7160static long
7161zfsdev_compat_ioctl(struct file *filp, unsigned cmd, unsigned long arg)
34dc7c2f 7162{
d1d7e268 7163 return (zfsdev_ioctl(filp, cmd, arg));
325f0235
BB		 7164}
7165#else
d1d7e268 7166#define zfsdev_compat_ioctl NULL
325f0235 7167#endif
34dc7c2f 7168
325f0235 7169static const struct file_operations zfsdev_fops = {
d1d7e268
MK		 7170 .open = zfsdev_open,
7171 .release = zfsdev_release,
7172 .unlocked_ioctl = zfsdev_ioctl,
7173 .compat_ioctl = zfsdev_compat_ioctl,
7174 .owner = THIS_MODULE,
325f0235 7175};
34dc7c2f 7176
325f0235 7177static struct miscdevice zfs_misc = {
fa61e723 7178 .minor = ZFS_DEVICE_MINOR,
d1d7e268
MK		 7179 .name = ZFS_DRIVER,
7180 .fops = &zfsdev_fops,
325f0235 7181};
34dc7c2f 7182
fa61e723 7183MODULE_ALIAS_MISCDEV(ZFS_DEVICE_MINOR);
a6cc9756
BB		 7184MODULE_ALIAS("devname:zfs");
7185
34dc7c2f 7186static int
325f0235 7187zfs_attach(void)
34dc7c2f 7188{
325f0235 7189 int error;
34dc7c2f 7190
325f0235 7191 mutex_init(&zfsdev_state_lock, NULL, MUTEX_DEFAULT, NULL);
3937ab20
TC		 7192 zfsdev_state_list = kmem_zalloc(sizeof (zfsdev_state_t), KM_SLEEP);
7193 zfsdev_state_list->zs_minor = -1;
34dc7c2f 7194
325f0235 7195 error = misc_register(&zfs_misc);
a6cc9756
BB		 7196 if (error == -EBUSY) {
7197 /*
7198 * Fallback to dynamic minor allocation in the event of a
7199 * collision with a reserved minor in linux/miscdevice.h.
7200 * In this case the kernel modules must be manually loaded.
7201 */
7202 printk(KERN_INFO "ZFS: misc_register() with static minor %d "
7203 "failed %d, retrying with MISC_DYNAMIC_MINOR\n",
fa61e723 7204 ZFS_DEVICE_MINOR, error);
a6cc9756
BB		 7205
7206 zfs_misc.minor = MISC_DYNAMIC_MINOR;
7207 error = misc_register(&zfs_misc);
325f0235 7208 }
34dc7c2f 7209
a6cc9756
BB		 7210 if (error)
7211 printk(KERN_INFO "ZFS: misc_register() failed %d\n", error);
7212
7213 return (error);
34dc7c2f
BB		 7214}
7215
325f0235
BB		 7216static void
7217zfs_detach(void)
34dc7c2f 7218{
3937ab20 7219 zfsdev_state_t *zs, *zsprev = NULL;
34dc7c2f 7220
324dcd37 7221 misc_deregister(&zfs_misc);
325f0235 7222 mutex_destroy(&zfsdev_state_lock);
3937ab20
TC		 7223
7224 for (zs = zfsdev_state_list; zs != NULL; zs = zs->zs_next) {
7225 if (zsprev)
7226 kmem_free(zsprev, sizeof (zfsdev_state_t));
7227 zsprev = zs;
7228 }
7229 if (zsprev)
7230 kmem_free(zsprev, sizeof (zfsdev_state_t));
34dc7c2f
BB		 7231}
7232
6f1ffb06
MA		 7233static void
7234zfs_allow_log_destroy(void *arg)
7235{
7236 char *poolname = arg;
9f3d1407 7237
7238 if (poolname != NULL)
7239 strfree(poolname);
6f1ffb06 7240}
325f0235
BB		 7241
7242#ifdef DEBUG
d1d7e268 7243#define ZFS_DEBUG_STR " (DEBUG mode)"
325f0235 7244#else
d1d7e268 7245#define ZFS_DEBUG_STR ""
325f0235 7246#endif
34dc7c2f 7247
b4f3666a 7248static int __init
34dc7c2f
BB		 7249_init(void)
7250{
7251 int error;
7252
3d8d245f 7253 error = -vn_set_pwd("/");
b4f3666a
BB		 7254 if (error) {
7255 printk(KERN_NOTICE
7256 "ZFS: Warning unable to set pwd to '/': %d\n", error);
7257 return (error);
7258 }
7259
a0bd735a
BP		 7260 if ((error = -zvol_init()) != 0)
7261 return (error);
7262
34dc7c2f
BB		 7263 spa_init(FREAD | FWRITE);
7264 zfs_init();
34dc7c2f 7265
6f1ffb06 7266 zfs_ioctl_init();
e8bcb693 7267 zfs_sysfs_init();
6f1ffb06 7268
325f0235 7269 if ((error = zfs_attach()) != 0)
a0bd735a 7270 goto out;
34dc7c2f 7271
d5446cfc 7272 tsd_create(&zfs_fsyncer_key, NULL);
6f1ffb06
MA		 7273 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
7274 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
34dc7c2f 7275
4b5d425f 7276 printk(KERN_NOTICE "ZFS: Loaded module v%s-%s%s, "
d1d7e268
MK		 7277 "ZFS pool version %s, ZFS filesystem version %s\n",
7278 ZFS_META_VERSION, ZFS_META_RELEASE, ZFS_DEBUG_STR,
7279 SPA_VERSION_STRING, ZPL_VERSION_STRING);
b695c34e
MM		 7280#ifndef CONFIG_FS_POSIX_ACL
7281 printk(KERN_NOTICE "ZFS: Posix ACLs disabled by kernel\n");
7282#endif /* CONFIG_FS_POSIX_ACL */
34dc7c2f
BB		 7283
7284 return (0);
325f0235 7285
a0bd735a 7286out:
e8bcb693 7287 zfs_sysfs_fini();
325f0235
BB		 7288 zfs_fini();
7289 spa_fini();
a0bd735a 7290 (void) zvol_fini();
4b5d425f 7291 printk(KERN_NOTICE "ZFS: Failed to Load ZFS Filesystem v%s-%s%s"
d1d7e268
MK		 7292 ", rc = %d\n", ZFS_META_VERSION, ZFS_META_RELEASE,
7293 ZFS_DEBUG_STR, error);
325f0235
BB		 7294
7295 return (error);
34dc7c2f
BB		 7296}
7297
b4f3666a 7298static void __exit
34dc7c2f
BB		 7299_fini(void)
7300{
325f0235 7301 zfs_detach();
e8bcb693 7302 zfs_sysfs_fini();
34dc7c2f
BB		 7303 zfs_fini();
7304 spa_fini();
a0bd735a 7305 zvol_fini();
46e18b3f 7306
d5446cfc 7307 tsd_destroy(&zfs_fsyncer_key);
3fc050aa 7308 tsd_destroy(&rrw_tsd_key);
6f1ffb06 7309 tsd_destroy(&zfs_allow_log_key);
34dc7c2f 7310
4b5d425f 7311 printk(KERN_NOTICE "ZFS: Unloaded module v%s-%s%s\n",
d1d7e268 7312 ZFS_META_VERSION, ZFS_META_RELEASE, ZFS_DEBUG_STR);
34dc7c2f 7313}
325f0235 7314
93ce2b4c 7315#if defined(_KERNEL)
b4f3666a
BB		 7316module_init(_init);
7317module_exit(_fini);
325f0235
BB		 7318
7319MODULE_DESCRIPTION("ZFS");
7320MODULE_AUTHOR(ZFS_META_AUTHOR);
7321MODULE_LICENSE(ZFS_META_LICENSE);
99e349db 7322MODULE_VERSION(ZFS_META_VERSION "-" ZFS_META_RELEASE);
93ce2b4c 7323#endif
ZFS On Linux mirror for PVE