]> git.proxmox.com Git - mirror_zfs.git/blob - lib/libzfs/libzfs_sendrecv.c
projects / mirror_zfs.git / blob
? search:


b5c91ec20a60009a3d7d31afa0dc23b21aaa118f
[mirror_zfs.git] / lib / libzfs / libzfs_sendrecv.c
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2011, 2015 by Delphix. All rights reserved.
25 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
26 * Copyright (c) 2012 Pawel Jakub Dawidek <pawel@dawidek.net>.
27 * All rights reserved
28 * Copyright (c) 2013 Steven Hartland. All rights reserved.
29 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
30 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
31 * Copyright (c) 2017, loli10K <ezomori.nozomu@gmail.com>. All rights reserved.
32 */
33
34 #include <assert.h>
35 #include <ctype.h>
36 #include <errno.h>
37 #include <libintl.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <strings.h>
41 #include <unistd.h>
42 #include <stddef.h>
43 #include <fcntl.h>
44 #include <sys/mount.h>
45 #include <sys/mntent.h>
46 #include <sys/mnttab.h>
47 #include <sys/avl.h>
48 #include <sys/debug.h>
49 #include <sys/stat.h>
50 #include <stddef.h>
51 #include <pthread.h>
52 #include <umem.h>
53 #include <time.h>
54
55 #include <libzfs.h>
56 #include <libzfs_core.h>
57
58 #include "zfs_namecheck.h"
59 #include "zfs_prop.h"
60 #include "zfs_fletcher.h"
61 #include "libzfs_impl.h"
62 #include <zlib.h>
63 #include <sys/zio_checksum.h>
64 #include <sys/dsl_crypt.h>
65 #include <sys/ddt.h>
66 #include <sys/socket.h>
67 #include <sys/sha2.h>
68
69 /* in libzfs_dataset.c */
70 extern void zfs_setprop_error(libzfs_handle_t *, zfs_prop_t, int, char *);
71
72 static int zfs_receive_impl(libzfs_handle_t *, const char *, const char *,
73 recvflags_t *, int, const char *, nvlist_t *, avl_tree_t *, char **, int,
74 uint64_t *, const char *, nvlist_t *);
75 static int guid_to_name(libzfs_handle_t *, const char *,
76 uint64_t, boolean_t, char *);
77
78 static const zio_cksum_t zero_cksum = { { 0 } };
79
80 typedef struct dedup_arg {
81 int inputfd;
82 int outputfd;
83 libzfs_handle_t *dedup_hdl;
84 } dedup_arg_t;
85
86 typedef struct progress_arg {
87 zfs_handle_t *pa_zhp;
88 int pa_fd;
89 boolean_t pa_parsable;
90 } progress_arg_t;
91
92 typedef struct dataref {
93 uint64_t ref_guid;
94 uint64_t ref_object;
95 uint64_t ref_offset;
96 } dataref_t;
97
98 typedef struct dedup_entry {
99 struct dedup_entry *dde_next;
100 zio_cksum_t dde_chksum;
101 uint64_t dde_prop;
102 dataref_t dde_ref;
103 } dedup_entry_t;
104
105 #define MAX_DDT_PHYSMEM_PERCENT 20
106 #define SMALLEST_POSSIBLE_MAX_DDT_MB 128
107
108 typedef struct dedup_table {
109 dedup_entry_t **dedup_hash_array;
110 umem_cache_t *ddecache;
111 uint64_t max_ddt_size; /* max dedup table size in bytes */
112 uint64_t cur_ddt_size; /* current dedup table size in bytes */
113 uint64_t ddt_count;
114 int numhashbits;
115 boolean_t ddt_full;
116 } dedup_table_t;
117
118 static int
119 high_order_bit(uint64_t n)
120 {
121 int count;
122
123 for (count = 0; n != 0; count++)
124 n >>= 1;
125 return (count);
126 }
127
128 static size_t
129 ssread(void *buf, size_t len, FILE *stream)
130 {
131 size_t outlen;
132
133 if ((outlen = fread(buf, len, 1, stream)) == 0)
134 return (0);
135
136 return (outlen);
137 }
138
139 static void
140 ddt_hash_append(libzfs_handle_t *hdl, dedup_table_t *ddt, dedup_entry_t **ddepp,
141 zio_cksum_t *cs, uint64_t prop, dataref_t *dr)
142 {
143 dedup_entry_t *dde;
144
145 if (ddt->cur_ddt_size >= ddt->max_ddt_size) {
146 if (ddt->ddt_full == B_FALSE) {
147 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
148 "Dedup table full. Deduplication will continue "
149 "with existing table entries"));
150 ddt->ddt_full = B_TRUE;
151 }
152 return;
153 }
154
155 if ((dde = umem_cache_alloc(ddt->ddecache, UMEM_DEFAULT))
156 != NULL) {
157 assert(*ddepp == NULL);
158 dde->dde_next = NULL;
159 dde->dde_chksum = *cs;
160 dde->dde_prop = prop;
161 dde->dde_ref = *dr;
162 *ddepp = dde;
163 ddt->cur_ddt_size += sizeof (dedup_entry_t);
164 ddt->ddt_count++;
165 }
166 }
167
168 /*
169 * Using the specified dedup table, do a lookup for an entry with
170 * the checksum cs. If found, return the block's reference info
171 * in *dr. Otherwise, insert a new entry in the dedup table, using
172 * the reference information specified by *dr.
173 *
174 * return value: true - entry was found
175 * false - entry was not found
176 */
177 static boolean_t
178 ddt_update(libzfs_handle_t *hdl, dedup_table_t *ddt, zio_cksum_t *cs,
179 uint64_t prop, dataref_t *dr)
180 {
181 uint32_t hashcode;
182 dedup_entry_t **ddepp;
183
184 hashcode = BF64_GET(cs->zc_word[0], 0, ddt->numhashbits);
185
186 for (ddepp = &(ddt->dedup_hash_array[hashcode]); *ddepp != NULL;
187 ddepp = &((*ddepp)->dde_next)) {
188 if (ZIO_CHECKSUM_EQUAL(((*ddepp)->dde_chksum), *cs) &&
189 (*ddepp)->dde_prop == prop) {
190 *dr = (*ddepp)->dde_ref;
191 return (B_TRUE);
192 }
193 }
194 ddt_hash_append(hdl, ddt, ddepp, cs, prop, dr);
195 return (B_FALSE);
196 }
197
198 static int
199 dump_record(dmu_replay_record_t *drr, void *payload, int payload_len,
200 zio_cksum_t *zc, int outfd)
201 {
202 ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
203 ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t));
204 fletcher_4_incremental_native(drr,
205 offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), zc);
206 if (drr->drr_type != DRR_BEGIN) {
207 ASSERT(ZIO_CHECKSUM_IS_ZERO(&drr->drr_u.
208 drr_checksum.drr_checksum));
209 drr->drr_u.drr_checksum.drr_checksum = *zc;
210 }
211 fletcher_4_incremental_native(&drr->drr_u.drr_checksum.drr_checksum,
212 sizeof (zio_cksum_t), zc);
213 if (write(outfd, drr, sizeof (*drr)) == -1)
214 return (errno);
215 if (payload_len != 0) {
216 fletcher_4_incremental_native(payload, payload_len, zc);
217 if (write(outfd, payload, payload_len) == -1)
218 return (errno);
219 }
220 return (0);
221 }
222
223 /*
224 * This function is started in a separate thread when the dedup option
225 * has been requested. The main send thread determines the list of
226 * snapshots to be included in the send stream and makes the ioctl calls
227 * for each one. But instead of having the ioctl send the output to the
228 * the output fd specified by the caller of zfs_send()), the
229 * ioctl is told to direct the output to a pipe, which is read by the
230 * alternate thread running THIS function. This function does the
231 * dedup'ing by:
232 * 1. building a dedup table (the DDT)
233 * 2. doing checksums on each data block and inserting a record in the DDT
234 * 3. looking for matching checksums, and
235 * 4. sending a DRR_WRITE_BYREF record instead of a write record whenever
236 * a duplicate block is found.
237 * The output of this function then goes to the output fd requested
238 * by the caller of zfs_send().
239 */
240 static void *
241 cksummer(void *arg)
242 {
243 dedup_arg_t *dda = arg;
244 char *buf = zfs_alloc(dda->dedup_hdl, SPA_MAXBLOCKSIZE);
245 dmu_replay_record_t thedrr = { 0 };
246 dmu_replay_record_t *drr = &thedrr;
247 FILE *ofp;
248 int outfd;
249 dedup_table_t ddt;
250 zio_cksum_t stream_cksum;
251 uint64_t numbuckets;
252
253 #ifdef _ILP32
254 ddt.max_ddt_size = SMALLEST_POSSIBLE_MAX_DDT_MB << 20;
255 #else
256 uint64_t physmem = sysconf(_SC_PHYS_PAGES) * sysconf(_SC_PAGESIZE);
257 ddt.max_ddt_size =
258 MAX((physmem * MAX_DDT_PHYSMEM_PERCENT) / 100,
259 SMALLEST_POSSIBLE_MAX_DDT_MB << 20);
260 #endif
261
262 numbuckets = ddt.max_ddt_size / (sizeof (dedup_entry_t));
263
264 /*
265 * numbuckets must be a power of 2. Increase number to
266 * a power of 2 if necessary.
267 */
268 if (!ISP2(numbuckets))
269 numbuckets = 1ULL << high_order_bit(numbuckets);
270
271 ddt.dedup_hash_array = calloc(numbuckets, sizeof (dedup_entry_t *));
272 ddt.ddecache = umem_cache_create("dde", sizeof (dedup_entry_t), 0,
273 NULL, NULL, NULL, NULL, NULL, 0);
274 ddt.cur_ddt_size = numbuckets * sizeof (dedup_entry_t *);
275 ddt.numhashbits = high_order_bit(numbuckets) - 1;
276 ddt.ddt_full = B_FALSE;
277
278 outfd = dda->outputfd;
279 ofp = fdopen(dda->inputfd, "r");
280 while (ssread(drr, sizeof (*drr), ofp) != 0) {
281
282 /*
283 * kernel filled in checksum, we are going to write same
284 * record, but need to regenerate checksum.
285 */
286 if (drr->drr_type != DRR_BEGIN) {
287 bzero(&drr->drr_u.drr_checksum.drr_checksum,
288 sizeof (drr->drr_u.drr_checksum.drr_checksum));
289 }
290
291 switch (drr->drr_type) {
292 case DRR_BEGIN:
293 {
294 struct drr_begin *drrb = &drr->drr_u.drr_begin;
295 int fflags;
296 int sz = 0;
297 ZIO_SET_CHECKSUM(&stream_cksum, 0, 0, 0, 0);
298
299 ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC);
300
301 /* set the DEDUP feature flag for this stream */
302 fflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
303 fflags |= (DMU_BACKUP_FEATURE_DEDUP |
304 DMU_BACKUP_FEATURE_DEDUPPROPS);
305 DMU_SET_FEATUREFLAGS(drrb->drr_versioninfo, fflags);
306
307 if (drr->drr_payloadlen != 0) {
308 sz = drr->drr_payloadlen;
309
310 if (sz > SPA_MAXBLOCKSIZE) {
311 buf = zfs_realloc(dda->dedup_hdl, buf,
312 SPA_MAXBLOCKSIZE, sz);
313 }
314 (void) ssread(buf, sz, ofp);
315 if (ferror(stdin))
316 perror("fread");
317 }
318 if (dump_record(drr, buf, sz, &stream_cksum,
319 outfd) != 0)
320 goto out;
321 break;
322 }
323
324 case DRR_END:
325 {
326 struct drr_end *drre = &drr->drr_u.drr_end;
327 /* use the recalculated checksum */
328 drre->drr_checksum = stream_cksum;
329 if (dump_record(drr, NULL, 0, &stream_cksum,
330 outfd) != 0)
331 goto out;
332 break;
333 }
334
335 case DRR_OBJECT:
336 {
337 struct drr_object *drro = &drr->drr_u.drr_object;
338 if (drro->drr_bonuslen > 0) {
339 (void) ssread(buf,
340 DRR_OBJECT_PAYLOAD_SIZE(drro), ofp);
341 }
342 if (dump_record(drr, buf, DRR_OBJECT_PAYLOAD_SIZE(drro),
343 &stream_cksum, outfd) != 0)
344 goto out;
345 break;
346 }
347
348 case DRR_SPILL:
349 {
350 struct drr_spill *drrs = &drr->drr_u.drr_spill;
351 (void) ssread(buf, DRR_SPILL_PAYLOAD_SIZE(drrs), ofp);
352 if (dump_record(drr, buf, DRR_SPILL_PAYLOAD_SIZE(drrs),
353 &stream_cksum, outfd) != 0)
354 goto out;
355 break;
356 }
357
358 case DRR_FREEOBJECTS:
359 {
360 if (dump_record(drr, NULL, 0, &stream_cksum,
361 outfd) != 0)
362 goto out;
363 break;
364 }
365
366 case DRR_WRITE:
367 {
368 struct drr_write *drrw = &drr->drr_u.drr_write;
369 dataref_t dataref;
370 uint64_t payload_size;
371
372 payload_size = DRR_WRITE_PAYLOAD_SIZE(drrw);
373 (void) ssread(buf, payload_size, ofp);
374
375 /*
376 * Use the existing checksum if it's dedup-capable,
377 * else calculate a SHA256 checksum for it.
378 */
379
380 if (ZIO_CHECKSUM_EQUAL(drrw->drr_key.ddk_cksum,
381 zero_cksum) ||
382 !DRR_IS_DEDUP_CAPABLE(drrw->drr_flags)) {
383 SHA2_CTX ctx;
384 zio_cksum_t tmpsha256;
385
386 SHA2Init(SHA256, &ctx);
387 SHA2Update(&ctx, buf, payload_size);
388 SHA2Final(&tmpsha256, &ctx);
389
390 drrw->drr_key.ddk_cksum.zc_word[0] =
391 BE_64(tmpsha256.zc_word[0]);
392 drrw->drr_key.ddk_cksum.zc_word[1] =
393 BE_64(tmpsha256.zc_word[1]);
394 drrw->drr_key.ddk_cksum.zc_word[2] =
395 BE_64(tmpsha256.zc_word[2]);
396 drrw->drr_key.ddk_cksum.zc_word[3] =
397 BE_64(tmpsha256.zc_word[3]);
398 drrw->drr_checksumtype = ZIO_CHECKSUM_SHA256;
399 drrw->drr_flags |= DRR_CHECKSUM_DEDUP;
400 }
401
402 dataref.ref_guid = drrw->drr_toguid;
403 dataref.ref_object = drrw->drr_object;
404 dataref.ref_offset = drrw->drr_offset;
405
406 if (ddt_update(dda->dedup_hdl, &ddt,
407 &drrw->drr_key.ddk_cksum, drrw->drr_key.ddk_prop,
408 &dataref)) {
409 dmu_replay_record_t wbr_drr = {0};
410 struct drr_write_byref *wbr_drrr =
411 &wbr_drr.drr_u.drr_write_byref;
412
413 /* block already present in stream */
414 wbr_drr.drr_type = DRR_WRITE_BYREF;
415
416 wbr_drrr->drr_object = drrw->drr_object;
417 wbr_drrr->drr_offset = drrw->drr_offset;
418 wbr_drrr->drr_length = drrw->drr_logical_size;
419 wbr_drrr->drr_toguid = drrw->drr_toguid;
420 wbr_drrr->drr_refguid = dataref.ref_guid;
421 wbr_drrr->drr_refobject =
422 dataref.ref_object;
423 wbr_drrr->drr_refoffset =
424 dataref.ref_offset;
425
426 wbr_drrr->drr_checksumtype =
427 drrw->drr_checksumtype;
428 wbr_drrr->drr_flags = drrw->drr_flags;
429 wbr_drrr->drr_key.ddk_cksum =
430 drrw->drr_key.ddk_cksum;
431 wbr_drrr->drr_key.ddk_prop =
432 drrw->drr_key.ddk_prop;
433
434 if (dump_record(&wbr_drr, NULL, 0,
435 &stream_cksum, outfd) != 0)
436 goto out;
437 } else {
438 /* block not previously seen */
439 if (dump_record(drr, buf, payload_size,
440 &stream_cksum, outfd) != 0)
441 goto out;
442 }
443 break;
444 }
445
446 case DRR_WRITE_EMBEDDED:
447 {
448 struct drr_write_embedded *drrwe =
449 &drr->drr_u.drr_write_embedded;
450 (void) ssread(buf,
451 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8), ofp);
452 if (dump_record(drr, buf,
453 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8),
454 &stream_cksum, outfd) != 0)
455 goto out;
456 break;
457 }
458
459 case DRR_FREE:
460 {
461 if (dump_record(drr, NULL, 0, &stream_cksum,
462 outfd) != 0)
463 goto out;
464 break;
465 }
466
467 case DRR_OBJECT_RANGE:
468 {
469 if (dump_record(drr, NULL, 0, &stream_cksum,
470 outfd) != 0)
471 goto out;
472 break;
473 }
474
475 default:
476 (void) fprintf(stderr, "INVALID record type 0x%x\n",
477 drr->drr_type);
478 /* should never happen, so assert */
479 assert(B_FALSE);
480 }
481 }
482 out:
483 umem_cache_destroy(ddt.ddecache);
484 free(ddt.dedup_hash_array);
485 free(buf);
486 (void) fclose(ofp);
487
488 return (NULL);
489 }
490
491 /*
492 * Routines for dealing with the AVL tree of fs-nvlists
493 */
494 typedef struct fsavl_node {
495 avl_node_t fn_node;
496 nvlist_t *fn_nvfs;
497 char *fn_snapname;
498 uint64_t fn_guid;
499 } fsavl_node_t;
500
501 static int
502 fsavl_compare(const void *arg1, const void *arg2)
503 {
504 const fsavl_node_t *fn1 = (const fsavl_node_t *)arg1;
505 const fsavl_node_t *fn2 = (const fsavl_node_t *)arg2;
506
507 return (AVL_CMP(fn1->fn_guid, fn2->fn_guid));
508 }
509
510 /*
511 * Given the GUID of a snapshot, find its containing filesystem and
512 * (optionally) name.
513 */
514 static nvlist_t *
515 fsavl_find(avl_tree_t *avl, uint64_t snapguid, char **snapname)
516 {
517 fsavl_node_t fn_find;
518 fsavl_node_t *fn;
519
520 fn_find.fn_guid = snapguid;
521
522 fn = avl_find(avl, &fn_find, NULL);
523 if (fn) {
524 if (snapname)
525 *snapname = fn->fn_snapname;
526 return (fn->fn_nvfs);
527 }
528 return (NULL);
529 }
530
531 static void
532 fsavl_destroy(avl_tree_t *avl)
533 {
534 fsavl_node_t *fn;
535 void *cookie;
536
537 if (avl == NULL)
538 return;
539
540 cookie = NULL;
541 while ((fn = avl_destroy_nodes(avl, &cookie)) != NULL)
542 free(fn);
543 avl_destroy(avl);
544 free(avl);
545 }
546
547 /*
548 * Given an nvlist, produce an avl tree of snapshots, ordered by guid
549 */
550 static avl_tree_t *
551 fsavl_create(nvlist_t *fss)
552 {
553 avl_tree_t *fsavl;
554 nvpair_t *fselem = NULL;
555
556 if ((fsavl = malloc(sizeof (avl_tree_t))) == NULL)
557 return (NULL);
558
559 avl_create(fsavl, fsavl_compare, sizeof (fsavl_node_t),
560 offsetof(fsavl_node_t, fn_node));
561
562 while ((fselem = nvlist_next_nvpair(fss, fselem)) != NULL) {
563 nvlist_t *nvfs, *snaps;
564 nvpair_t *snapelem = NULL;
565
566 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs));
567 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps));
568
569 while ((snapelem =
570 nvlist_next_nvpair(snaps, snapelem)) != NULL) {
571 fsavl_node_t *fn;
572 uint64_t guid;
573
574 VERIFY(0 == nvpair_value_uint64(snapelem, &guid));
575 if ((fn = malloc(sizeof (fsavl_node_t))) == NULL) {
576 fsavl_destroy(fsavl);
577 return (NULL);
578 }
579 fn->fn_nvfs = nvfs;
580 fn->fn_snapname = nvpair_name(snapelem);
581 fn->fn_guid = guid;
582
583 /*
584 * Note: if there are multiple snaps with the
585 * same GUID, we ignore all but one.
586 */
587 if (avl_find(fsavl, fn, NULL) == NULL)
588 avl_add(fsavl, fn);
589 else
590 free(fn);
591 }
592 }
593
594 return (fsavl);
595 }
596
597 /*
598 * Routines for dealing with the giant nvlist of fs-nvlists, etc.
599 */
600 typedef struct send_data {
601 /*
602 * assigned inside every recursive call,
603 * restored from *_save on return:
604 *
605 * guid of fromsnap snapshot in parent dataset
606 * txg of fromsnap snapshot in current dataset
607 * txg of tosnap snapshot in current dataset
608 */
609
610 uint64_t parent_fromsnap_guid;
611 uint64_t fromsnap_txg;
612 uint64_t tosnap_txg;
613
614 /* the nvlists get accumulated during depth-first traversal */
615 nvlist_t *parent_snaps;
616 nvlist_t *fss;
617 nvlist_t *snapprops;
618
619 /* send-receive configuration, does not change during traversal */
620 const char *fsname;
621 const char *fromsnap;
622 const char *tosnap;
623 boolean_t raw;
624 boolean_t backup;
625 boolean_t recursive;
626 boolean_t verbose;
627 boolean_t seenfrom;
628 boolean_t seento;
629
630 /*
631 * The header nvlist is of the following format:
632 * {
633 * "tosnap" -> string
634 * "fromsnap" -> string (if incremental)
635 * "fss" -> {
636 * id -> {
637 *
638 * "name" -> string (full name; for debugging)
639 * "parentfromsnap" -> number (guid of fromsnap in parent)
640 *
641 * "props" -> { name -> value (only if set here) }
642 * "snaps" -> { name (lastname) -> number (guid) }
643 * "snapprops" -> { name (lastname) -> { name -> value } }
644 *
645 * "origin" -> number (guid) (if clone)
646 * "is_encroot" -> boolean
647 * "sent" -> boolean (not on-disk)
648 * }
649 * }
650 * }
651 *
652 */
653 } send_data_t;
654
655 static void
656 send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv);
657
658 static int
659 send_iterate_snap(zfs_handle_t *zhp, void *arg)
660 {
661 send_data_t *sd = arg;
662 uint64_t guid = zhp->zfs_dmustats.dds_guid;
663 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg;
664 char *snapname;
665 nvlist_t *nv;
666 boolean_t isfromsnap, istosnap, istosnapwithnofrom;
667
668 snapname = strrchr(zhp->zfs_name, '@')+1;
669 isfromsnap = (sd->fromsnap != NULL &&
670 strcmp(sd->fromsnap, snapname) == 0);
671 istosnap = (sd->tosnap != NULL && (strcmp(sd->tosnap, snapname) == 0));
672 istosnapwithnofrom = (istosnap && sd->fromsnap == NULL);
673
674 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) {
675 if (sd->verbose) {
676 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
677 "skipping snapshot %s because it was created "
678 "after the destination snapshot (%s)\n"),
679 zhp->zfs_name, sd->tosnap);
680 }
681 zfs_close(zhp);
682 return (0);
683 }
684
685 VERIFY(0 == nvlist_add_uint64(sd->parent_snaps, snapname, guid));
686 /*
687 * NB: if there is no fromsnap here (it's a newly created fs in
688 * an incremental replication), we will substitute the tosnap.
689 */
690 if (isfromsnap || (sd->parent_fromsnap_guid == 0 && istosnap)) {
691 sd->parent_fromsnap_guid = guid;
692 }
693
694 if (!sd->recursive) {
695 if (!sd->seenfrom && isfromsnap) {
696 sd->seenfrom = B_TRUE;
697 zfs_close(zhp);
698 return (0);
699 }
700
701 if ((sd->seento || !sd->seenfrom) && !istosnapwithnofrom) {
702 zfs_close(zhp);
703 return (0);
704 }
705
706 if (istosnap)
707 sd->seento = B_TRUE;
708 }
709
710 VERIFY(0 == nvlist_alloc(&nv, NV_UNIQUE_NAME, 0));
711 send_iterate_prop(zhp, sd->backup, nv);
712 VERIFY(0 == nvlist_add_nvlist(sd->snapprops, snapname, nv));
713 nvlist_free(nv);
714
715 zfs_close(zhp);
716 return (0);
717 }
718
719 static void
720 send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv)
721 {
722 nvlist_t *props = NULL;
723 nvpair_t *elem = NULL;
724
725 if (received_only)
726 props = zfs_get_recvd_props(zhp);
727 else
728 props = zhp->zfs_props;
729
730 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) {
731 char *propname = nvpair_name(elem);
732 zfs_prop_t prop = zfs_name_to_prop(propname);
733 nvlist_t *propnv;
734
735 if (!zfs_prop_user(propname)) {
736 /*
737 * Realistically, this should never happen. However,
738 * we want the ability to add DSL properties without
739 * needing to make incompatible version changes. We
740 * need to ignore unknown properties to allow older
741 * software to still send datasets containing these
742 * properties, with the unknown properties elided.
743 */
744 if (prop == ZPROP_INVAL)
745 continue;
746
747 if (zfs_prop_readonly(prop))
748 continue;
749 }
750
751 verify(nvpair_value_nvlist(elem, &propnv) == 0);
752 if (prop == ZFS_PROP_QUOTA || prop == ZFS_PROP_RESERVATION ||
753 prop == ZFS_PROP_REFQUOTA ||
754 prop == ZFS_PROP_REFRESERVATION) {
755 char *source;
756 uint64_t value;
757 verify(nvlist_lookup_uint64(propnv,
758 ZPROP_VALUE, &value) == 0);
759 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT)
760 continue;
761 /*
762 * May have no source before SPA_VERSION_RECVD_PROPS,
763 * but is still modifiable.
764 */
765 if (nvlist_lookup_string(propnv,
766 ZPROP_SOURCE, &source) == 0) {
767 if ((strcmp(source, zhp->zfs_name) != 0) &&
768 (strcmp(source,
769 ZPROP_SOURCE_VAL_RECVD) != 0))
770 continue;
771 }
772 } else {
773 char *source;
774 if (nvlist_lookup_string(propnv,
775 ZPROP_SOURCE, &source) != 0)
776 continue;
777 if ((strcmp(source, zhp->zfs_name) != 0) &&
778 (strcmp(source, ZPROP_SOURCE_VAL_RECVD) != 0))
779 continue;
780 }
781
782 if (zfs_prop_user(propname) ||
783 zfs_prop_get_type(prop) == PROP_TYPE_STRING) {
784 char *value;
785 verify(nvlist_lookup_string(propnv,
786 ZPROP_VALUE, &value) == 0);
787 VERIFY(0 == nvlist_add_string(nv, propname, value));
788 } else {
789 uint64_t value;
790 verify(nvlist_lookup_uint64(propnv,
791 ZPROP_VALUE, &value) == 0);
792 VERIFY(0 == nvlist_add_uint64(nv, propname, value));
793 }
794 }
795 }
796
797 /*
798 * returns snapshot creation txg
799 * and returns 0 if the snapshot does not exist
800 */
801 static uint64_t
802 get_snap_txg(libzfs_handle_t *hdl, const char *fs, const char *snap)
803 {
804 char name[ZFS_MAX_DATASET_NAME_LEN];
805 uint64_t txg = 0;
806
807 if (fs == NULL || fs[0] == '\0' || snap == NULL || snap[0] == '\0')
808 return (txg);
809
810 (void) snprintf(name, sizeof (name), "%s@%s", fs, snap);
811 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_SNAPSHOT)) {
812 zfs_handle_t *zhp = zfs_open(hdl, name, ZFS_TYPE_SNAPSHOT);
813 if (zhp != NULL) {
814 txg = zfs_prop_get_int(zhp, ZFS_PROP_CREATETXG);
815 zfs_close(zhp);
816 }
817 }
818
819 return (txg);
820 }
821
822 /*
823 * recursively generate nvlists describing datasets. See comment
824 * for the data structure send_data_t above for description of contents
825 * of the nvlist.
826 */
827 static int
828 send_iterate_fs(zfs_handle_t *zhp, void *arg)
829 {
830 send_data_t *sd = arg;
831 nvlist_t *nvfs = NULL, *nv = NULL;
832 int rv = 0;
833 uint64_t parent_fromsnap_guid_save = sd->parent_fromsnap_guid;
834 uint64_t fromsnap_txg_save = sd->fromsnap_txg;
835 uint64_t tosnap_txg_save = sd->tosnap_txg;
836 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg;
837 uint64_t guid = zhp->zfs_dmustats.dds_guid;
838 uint64_t fromsnap_txg, tosnap_txg;
839 char guidstring[64];
840
841 fromsnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->fromsnap);
842 if (fromsnap_txg != 0)
843 sd->fromsnap_txg = fromsnap_txg;
844
845 tosnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->tosnap);
846 if (tosnap_txg != 0)
847 sd->tosnap_txg = tosnap_txg;
848
849 /*
850 * on the send side, if the current dataset does not have tosnap,
851 * perform two additional checks:
852 *
853 * - skip sending the current dataset if it was created later than
854 * the parent tosnap
855 * - return error if the current dataset was created earlier than
856 * the parent tosnap
857 */
858 if (sd->tosnap != NULL && tosnap_txg == 0) {
859 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) {
860 if (sd->verbose) {
861 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
862 "skipping dataset %s: snapshot %s does "
863 "not exist\n"), zhp->zfs_name, sd->tosnap);
864 }
865 } else {
866 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
867 "cannot send %s@%s%s: snapshot %s@%s does not "
868 "exist\n"), sd->fsname, sd->tosnap, sd->recursive ?
869 dgettext(TEXT_DOMAIN, " recursively") : "",
870 zhp->zfs_name, sd->tosnap);
871 rv = -1;
872 }
873 goto out;
874 }
875
876 VERIFY(0 == nvlist_alloc(&nvfs, NV_UNIQUE_NAME, 0));
877 VERIFY(0 == nvlist_add_string(nvfs, "name", zhp->zfs_name));
878 VERIFY(0 == nvlist_add_uint64(nvfs, "parentfromsnap",
879 sd->parent_fromsnap_guid));
880
881 if (zhp->zfs_dmustats.dds_origin[0]) {
882 zfs_handle_t *origin = zfs_open(zhp->zfs_hdl,
883 zhp->zfs_dmustats.dds_origin, ZFS_TYPE_SNAPSHOT);
884 if (origin == NULL) {
885 rv = -1;
886 goto out;
887 }
888 VERIFY(0 == nvlist_add_uint64(nvfs, "origin",
889 origin->zfs_dmustats.dds_guid));
890
891 zfs_close(origin);
892 }
893
894 /* iterate over props */
895 VERIFY(0 == nvlist_alloc(&nv, NV_UNIQUE_NAME, 0));
896 send_iterate_prop(zhp, sd->backup, nv);
897
898 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
899 boolean_t encroot;
900
901 /* determine if this dataset is an encryption root */
902 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0) {
903 rv = -1;
904 goto out;
905 }
906
907 if (encroot)
908 VERIFY(0 == nvlist_add_boolean(nvfs, "is_encroot"));
909
910 /*
911 * Encrypted datasets can only be sent with properties if
912 * the raw flag is specified because the receive side doesn't
913 * currently have a mechanism for recursively asking the user
914 * for new encryption parameters.
915 */
916 if (!sd->raw) {
917 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
918 "cannot send %s@%s: encrypted dataset %s may not "
919 "be sent with properties without the raw flag\n"),
920 sd->fsname, sd->tosnap, zhp->zfs_name);
921 rv = -1;
922 goto out;
923 }
924
925 }
926
927 VERIFY(0 == nvlist_add_nvlist(nvfs, "props", nv));
928
929 /* iterate over snaps, and set sd->parent_fromsnap_guid */
930 sd->parent_fromsnap_guid = 0;
931 VERIFY(0 == nvlist_alloc(&sd->parent_snaps, NV_UNIQUE_NAME, 0));
932 VERIFY(0 == nvlist_alloc(&sd->snapprops, NV_UNIQUE_NAME, 0));
933 (void) zfs_iter_snapshots_sorted(zhp, send_iterate_snap, sd);
934 VERIFY(0 == nvlist_add_nvlist(nvfs, "snaps", sd->parent_snaps));
935 VERIFY(0 == nvlist_add_nvlist(nvfs, "snapprops", sd->snapprops));
936 nvlist_free(sd->parent_snaps);
937 nvlist_free(sd->snapprops);
938
939 /* add this fs to nvlist */
940 (void) snprintf(guidstring, sizeof (guidstring),
941 "0x%llx", (longlong_t)guid);
942 VERIFY(0 == nvlist_add_nvlist(sd->fss, guidstring, nvfs));
943
944 /* iterate over children */
945 if (sd->recursive)
946 rv = zfs_iter_filesystems(zhp, send_iterate_fs, sd);
947
948 out:
949 sd->parent_fromsnap_guid = parent_fromsnap_guid_save;
950 sd->fromsnap_txg = fromsnap_txg_save;
951 sd->tosnap_txg = tosnap_txg_save;
952 nvlist_free(nv);
953 nvlist_free(nvfs);
954
955 zfs_close(zhp);
956 return (rv);
957 }
958
959 static int
960 gather_nvlist(libzfs_handle_t *hdl, const char *fsname, const char *fromsnap,
961 const char *tosnap, boolean_t recursive, boolean_t raw, boolean_t verbose,
962 boolean_t backup, nvlist_t **nvlp, avl_tree_t **avlp)
963 {
964 zfs_handle_t *zhp;
965 send_data_t sd = { 0 };
966 int error;
967
968 zhp = zfs_open(hdl, fsname, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
969 if (zhp == NULL)
970 return (EZFS_BADTYPE);
971
972 VERIFY(0 == nvlist_alloc(&sd.fss, NV_UNIQUE_NAME, 0));
973 sd.fsname = fsname;
974 sd.fromsnap = fromsnap;
975 sd.tosnap = tosnap;
976 sd.recursive = recursive;
977 sd.raw = raw;
978 sd.verbose = verbose;
979 sd.backup = backup;
980
981 if ((error = send_iterate_fs(zhp, &sd)) != 0) {
982 nvlist_free(sd.fss);
983 if (avlp != NULL)
984 *avlp = NULL;
985 *nvlp = NULL;
986 return (error);
987 }
988
989 if (avlp != NULL && (*avlp = fsavl_create(sd.fss)) == NULL) {
990 nvlist_free(sd.fss);
991 *nvlp = NULL;
992 return (EZFS_NOMEM);
993 }
994
995 *nvlp = sd.fss;
996 return (0);
997 }
998
999 /*
1000 * Routines specific to "zfs send"
1001 */
1002 typedef struct send_dump_data {
1003 /* these are all just the short snapname (the part after the @) */
1004 const char *fromsnap;
1005 const char *tosnap;
1006 char prevsnap[ZFS_MAX_DATASET_NAME_LEN];
1007 uint64_t prevsnap_obj;
1008 boolean_t seenfrom, seento, replicate, doall, fromorigin;
1009 boolean_t verbose, dryrun, parsable, progress, embed_data, std_out;
1010 boolean_t large_block, compress, raw;
1011 int outfd;
1012 boolean_t err;
1013 nvlist_t *fss;
1014 nvlist_t *snapholds;
1015 avl_tree_t *fsavl;
1016 snapfilter_cb_t *filter_cb;
1017 void *filter_cb_arg;
1018 nvlist_t *debugnv;
1019 char holdtag[ZFS_MAX_DATASET_NAME_LEN];
1020 int cleanup_fd;
1021 uint64_t size;
1022 } send_dump_data_t;
1023
1024 static int
1025 zfs_send_space(zfs_handle_t *zhp, const char *snapname, const char *from,
1026 enum lzc_send_flags flags, uint64_t *spacep)
1027 {
1028 libzfs_handle_t *hdl = zhp->zfs_hdl;
1029 int error;
1030
1031 assert(snapname != NULL);
1032 error = lzc_send_space(snapname, from, flags, spacep);
1033
1034 if (error != 0) {
1035 char errbuf[1024];
1036 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1037 "warning: cannot estimate space for '%s'"), snapname);
1038
1039 switch (error) {
1040 case EXDEV:
1041 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1042 "not an earlier snapshot from the same fs"));
1043 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
1044
1045 case ENOENT:
1046 if (zfs_dataset_exists(hdl, snapname,
1047 ZFS_TYPE_SNAPSHOT)) {
1048 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1049 "incremental source (%s) does not exist"),
1050 snapname);
1051 }
1052 return (zfs_error(hdl, EZFS_NOENT, errbuf));
1053
1054 case EDQUOT:
1055 case EFBIG:
1056 case EIO:
1057 case ENOLINK:
1058 case ENOSPC:
1059 case ENOSTR:
1060 case ENXIO:
1061 case EPIPE:
1062 case ERANGE:
1063 case EFAULT:
1064 case EROFS:
1065 case EINVAL:
1066 zfs_error_aux(hdl, strerror(error));
1067 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1068
1069 default:
1070 return (zfs_standard_error(hdl, error, errbuf));
1071 }
1072 }
1073
1074 return (0);
1075 }
1076
1077 /*
1078 * Dumps a backup of the given snapshot (incremental from fromsnap if it's not
1079 * NULL) to the file descriptor specified by outfd.
1080 */
1081 static int
1082 dump_ioctl(zfs_handle_t *zhp, const char *fromsnap, uint64_t fromsnap_obj,
1083 boolean_t fromorigin, int outfd, enum lzc_send_flags flags,
1084 nvlist_t *debugnv)
1085 {
1086 zfs_cmd_t zc = {"\0"};
1087 libzfs_handle_t *hdl = zhp->zfs_hdl;
1088 nvlist_t *thisdbg;
1089
1090 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
1091 assert(fromsnap_obj == 0 || !fromorigin);
1092
1093 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1094 zc.zc_cookie = outfd;
1095 zc.zc_obj = fromorigin;
1096 zc.zc_sendobj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
1097 zc.zc_fromobj = fromsnap_obj;
1098 zc.zc_flags = flags;
1099
1100 VERIFY(0 == nvlist_alloc(&thisdbg, NV_UNIQUE_NAME, 0));
1101 if (fromsnap && fromsnap[0] != '\0') {
1102 VERIFY(0 == nvlist_add_string(thisdbg,
1103 "fromsnap", fromsnap));
1104 }
1105
1106 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND, &zc) != 0) {
1107 char errbuf[1024];
1108 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1109 "warning: cannot send '%s'"), zhp->zfs_name);
1110
1111 VERIFY(0 == nvlist_add_uint64(thisdbg, "error", errno));
1112 if (debugnv) {
1113 VERIFY(0 == nvlist_add_nvlist(debugnv,
1114 zhp->zfs_name, thisdbg));
1115 }
1116 nvlist_free(thisdbg);
1117
1118 switch (errno) {
1119 case EXDEV:
1120 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1121 "not an earlier snapshot from the same fs"));
1122 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
1123
1124 case EACCES:
1125 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1126 "source key must be loaded"));
1127 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
1128
1129 case ENOENT:
1130 if (zfs_dataset_exists(hdl, zc.zc_name,
1131 ZFS_TYPE_SNAPSHOT)) {
1132 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1133 "incremental source (@%s) does not exist"),
1134 zc.zc_value);
1135 }
1136 return (zfs_error(hdl, EZFS_NOENT, errbuf));
1137
1138 case EDQUOT:
1139 case EFBIG:
1140 case EIO:
1141 case ENOLINK:
1142 case ENOSPC:
1143 case ENOSTR:
1144 case ENXIO:
1145 case EPIPE:
1146 case ERANGE:
1147 case EFAULT:
1148 case EROFS:
1149 zfs_error_aux(hdl, strerror(errno));
1150 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1151
1152 default:
1153 return (zfs_standard_error(hdl, errno, errbuf));
1154 }
1155 }
1156
1157 if (debugnv)
1158 VERIFY(0 == nvlist_add_nvlist(debugnv, zhp->zfs_name, thisdbg));
1159 nvlist_free(thisdbg);
1160
1161 return (0);
1162 }
1163
1164 static void
1165 gather_holds(zfs_handle_t *zhp, send_dump_data_t *sdd)
1166 {
1167 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
1168
1169 /*
1170 * zfs_send() only sets snapholds for sends that need them,
1171 * e.g. replication and doall.
1172 */
1173 if (sdd->snapholds == NULL)
1174 return;
1175
1176 fnvlist_add_string(sdd->snapholds, zhp->zfs_name, sdd->holdtag);
1177 }
1178
1179 static void *
1180 send_progress_thread(void *arg)
1181 {
1182 progress_arg_t *pa = arg;
1183 zfs_cmd_t zc = {"\0"};
1184 zfs_handle_t *zhp = pa->pa_zhp;
1185 libzfs_handle_t *hdl = zhp->zfs_hdl;
1186 unsigned long long bytes;
1187 char buf[16];
1188 time_t t;
1189 struct tm *tm;
1190
1191 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1192
1193 if (!pa->pa_parsable)
1194 (void) fprintf(stderr, "TIME SENT SNAPSHOT\n");
1195
1196 /*
1197 * Print the progress from ZFS_IOC_SEND_PROGRESS every second.
1198 */
1199 for (;;) {
1200 (void) sleep(1);
1201
1202 zc.zc_cookie = pa->pa_fd;
1203 if (zfs_ioctl(hdl, ZFS_IOC_SEND_PROGRESS, &zc) != 0)
1204 return ((void *)-1);
1205
1206 (void) time(&t);
1207 tm = localtime(&t);
1208 bytes = zc.zc_cookie;
1209
1210 if (pa->pa_parsable) {
1211 (void) fprintf(stderr, "%02d:%02d:%02d\t%llu\t%s\n",
1212 tm->tm_hour, tm->tm_min, tm->tm_sec,
1213 bytes, zhp->zfs_name);
1214 } else {
1215 zfs_nicebytes(bytes, buf, sizeof (buf));
1216 (void) fprintf(stderr, "%02d:%02d:%02d %5s %s\n",
1217 tm->tm_hour, tm->tm_min, tm->tm_sec,
1218 buf, zhp->zfs_name);
1219 }
1220 }
1221 }
1222
1223 static void
1224 send_print_verbose(FILE *fout, const char *tosnap, const char *fromsnap,
1225 uint64_t size, boolean_t parsable)
1226 {
1227 if (parsable) {
1228 if (fromsnap != NULL) {
1229 (void) fprintf(fout, "incremental\t%s\t%s",
1230 fromsnap, tosnap);
1231 } else {
1232 (void) fprintf(fout, "full\t%s",
1233 tosnap);
1234 }
1235 } else {
1236 if (fromsnap != NULL) {
1237 if (strchr(fromsnap, '@') == NULL &&
1238 strchr(fromsnap, '#') == NULL) {
1239 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1240 "send from @%s to %s"),
1241 fromsnap, tosnap);
1242 } else {
1243 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1244 "send from %s to %s"),
1245 fromsnap, tosnap);
1246 }
1247 } else {
1248 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1249 "full send of %s"),
1250 tosnap);
1251 }
1252 }
1253
1254 if (parsable) {
1255 (void) fprintf(fout, "\t%llu",
1256 (longlong_t)size);
1257 } else if (size != 0) {
1258 char buf[16];
1259 zfs_nicebytes(size, buf, sizeof (buf));
1260 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1261 " estimated size is %s"), buf);
1262 }
1263 (void) fprintf(fout, "\n");
1264 }
1265
1266 static int
1267 dump_snapshot(zfs_handle_t *zhp, void *arg)
1268 {
1269 send_dump_data_t *sdd = arg;
1270 progress_arg_t pa = { 0 };
1271 pthread_t tid;
1272 char *thissnap;
1273 enum lzc_send_flags flags = 0;
1274 int err;
1275 boolean_t isfromsnap, istosnap, fromorigin;
1276 boolean_t exclude = B_FALSE;
1277 FILE *fout = sdd->std_out ? stdout : stderr;
1278
1279 err = 0;
1280 thissnap = strchr(zhp->zfs_name, '@') + 1;
1281 isfromsnap = (sdd->fromsnap != NULL &&
1282 strcmp(sdd->fromsnap, thissnap) == 0);
1283
1284 if (!sdd->seenfrom && isfromsnap) {
1285 gather_holds(zhp, sdd);
1286 sdd->seenfrom = B_TRUE;
1287 (void) strlcpy(sdd->prevsnap, thissnap,
1288 sizeof (sdd->prevsnap));
1289 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
1290 zfs_close(zhp);
1291 return (0);
1292 }
1293
1294 if (sdd->seento || !sdd->seenfrom) {
1295 zfs_close(zhp);
1296 return (0);
1297 }
1298
1299 istosnap = (strcmp(sdd->tosnap, thissnap) == 0);
1300 if (istosnap)
1301 sdd->seento = B_TRUE;
1302
1303 if (sdd->large_block)
1304 flags |= LZC_SEND_FLAG_LARGE_BLOCK;
1305 if (sdd->embed_data)
1306 flags |= LZC_SEND_FLAG_EMBED_DATA;
1307 if (sdd->compress)
1308 flags |= LZC_SEND_FLAG_COMPRESS;
1309 if (sdd->raw)
1310 flags |= LZC_SEND_FLAG_RAW;
1311
1312 if (!sdd->doall && !isfromsnap && !istosnap) {
1313 if (sdd->replicate) {
1314 char *snapname;
1315 nvlist_t *snapprops;
1316 /*
1317 * Filter out all intermediate snapshots except origin
1318 * snapshots needed to replicate clones.
1319 */
1320 nvlist_t *nvfs = fsavl_find(sdd->fsavl,
1321 zhp->zfs_dmustats.dds_guid, &snapname);
1322
1323 VERIFY(0 == nvlist_lookup_nvlist(nvfs,
1324 "snapprops", &snapprops));
1325 VERIFY(0 == nvlist_lookup_nvlist(snapprops,
1326 thissnap, &snapprops));
1327 exclude = !nvlist_exists(snapprops, "is_clone_origin");
1328 } else {
1329 exclude = B_TRUE;
1330 }
1331 }
1332
1333 /*
1334 * If a filter function exists, call it to determine whether
1335 * this snapshot will be sent.
1336 */
1337 if (exclude || (sdd->filter_cb != NULL &&
1338 sdd->filter_cb(zhp, sdd->filter_cb_arg) == B_FALSE)) {
1339 /*
1340 * This snapshot is filtered out. Don't send it, and don't
1341 * set prevsnap_obj, so it will be as if this snapshot didn't
1342 * exist, and the next accepted snapshot will be sent as
1343 * an incremental from the last accepted one, or as the
1344 * first (and full) snapshot in the case of a replication,
1345 * non-incremental send.
1346 */
1347 zfs_close(zhp);
1348 return (0);
1349 }
1350
1351 gather_holds(zhp, sdd);
1352 fromorigin = sdd->prevsnap[0] == '\0' &&
1353 (sdd->fromorigin || sdd->replicate);
1354
1355 if (sdd->verbose) {
1356 uint64_t size = 0;
1357 char fromds[ZFS_MAX_DATASET_NAME_LEN];
1358
1359 if (sdd->prevsnap[0] != '\0') {
1360 (void) strlcpy(fromds, zhp->zfs_name, sizeof (fromds));
1361 *(strchr(fromds, '@') + 1) = '\0';
1362 (void) strlcat(fromds, sdd->prevsnap, sizeof (fromds));
1363 }
1364 if (zfs_send_space(zhp, zhp->zfs_name,
1365 sdd->prevsnap[0] ? fromds : NULL, flags, &size) != 0) {
1366 size = 0; /* cannot estimate send space */
1367 } else {
1368 send_print_verbose(fout, zhp->zfs_name,
1369 sdd->prevsnap[0] ? sdd->prevsnap : NULL,
1370 size, sdd->parsable);
1371 }
1372 sdd->size += size;
1373 }
1374
1375 if (!sdd->dryrun) {
1376 /*
1377 * If progress reporting is requested, spawn a new thread to
1378 * poll ZFS_IOC_SEND_PROGRESS at a regular interval.
1379 */
1380 if (sdd->progress) {
1381 pa.pa_zhp = zhp;
1382 pa.pa_fd = sdd->outfd;
1383 pa.pa_parsable = sdd->parsable;
1384
1385 if ((err = pthread_create(&tid, NULL,
1386 send_progress_thread, &pa)) != 0) {
1387 zfs_close(zhp);
1388 return (err);
1389 }
1390 }
1391
1392 err = dump_ioctl(zhp, sdd->prevsnap, sdd->prevsnap_obj,
1393 fromorigin, sdd->outfd, flags, sdd->debugnv);
1394
1395 if (sdd->progress) {
1396 (void) pthread_cancel(tid);
1397 (void) pthread_join(tid, NULL);
1398 }
1399 }
1400
1401 (void) strcpy(sdd->prevsnap, thissnap);
1402 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID);
1403 zfs_close(zhp);
1404 return (err);
1405 }
1406
1407 static int
1408 dump_filesystem(zfs_handle_t *zhp, void *arg)
1409 {
1410 int rv = 0;
1411 send_dump_data_t *sdd = arg;
1412 boolean_t missingfrom = B_FALSE;
1413 zfs_cmd_t zc = {"\0"};
1414
1415 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s",
1416 zhp->zfs_name, sdd->tosnap);
1417 if (ioctl(zhp->zfs_hdl->libzfs_fd, ZFS_IOC_OBJSET_STATS, &zc) != 0) {
1418 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1419 "WARNING: could not send %s@%s: does not exist\n"),
1420 zhp->zfs_name, sdd->tosnap);
1421 sdd->err = B_TRUE;
1422 return (0);
1423 }
1424
1425 if (sdd->replicate && sdd->fromsnap) {
1426 /*
1427 * If this fs does not have fromsnap, and we're doing
1428 * recursive, we need to send a full stream from the
1429 * beginning (or an incremental from the origin if this
1430 * is a clone). If we're doing non-recursive, then let
1431 * them get the error.
1432 */
1433 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s",
1434 zhp->zfs_name, sdd->fromsnap);
1435 if (ioctl(zhp->zfs_hdl->libzfs_fd,
1436 ZFS_IOC_OBJSET_STATS, &zc) != 0) {
1437 missingfrom = B_TRUE;
1438 }
1439 }
1440
1441 sdd->seenfrom = sdd->seento = sdd->prevsnap[0] = 0;
1442 sdd->prevsnap_obj = 0;
1443 if (sdd->fromsnap == NULL || missingfrom)
1444 sdd->seenfrom = B_TRUE;
1445
1446 rv = zfs_iter_snapshots_sorted(zhp, dump_snapshot, arg);
1447 if (!sdd->seenfrom) {
1448 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1449 "WARNING: could not send %s@%s:\n"
1450 "incremental source (%s@%s) does not exist\n"),
1451 zhp->zfs_name, sdd->tosnap,
1452 zhp->zfs_name, sdd->fromsnap);
1453 sdd->err = B_TRUE;
1454 } else if (!sdd->seento) {
1455 if (sdd->fromsnap) {
1456 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1457 "WARNING: could not send %s@%s:\n"
1458 "incremental source (%s@%s) "
1459 "is not earlier than it\n"),
1460 zhp->zfs_name, sdd->tosnap,
1461 zhp->zfs_name, sdd->fromsnap);
1462 } else {
1463 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
1464 "WARNING: "
1465 "could not send %s@%s: does not exist\n"),
1466 zhp->zfs_name, sdd->tosnap);
1467 }
1468 sdd->err = B_TRUE;
1469 }
1470
1471 return (rv);
1472 }
1473
1474 static int
1475 dump_filesystems(zfs_handle_t *rzhp, void *arg)
1476 {
1477 send_dump_data_t *sdd = arg;
1478 nvpair_t *fspair;
1479 boolean_t needagain, progress;
1480
1481 if (!sdd->replicate)
1482 return (dump_filesystem(rzhp, sdd));
1483
1484 /* Mark the clone origin snapshots. */
1485 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1486 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1487 nvlist_t *nvfs;
1488 uint64_t origin_guid = 0;
1489
1490 VERIFY(0 == nvpair_value_nvlist(fspair, &nvfs));
1491 (void) nvlist_lookup_uint64(nvfs, "origin", &origin_guid);
1492 if (origin_guid != 0) {
1493 char *snapname;
1494 nvlist_t *origin_nv = fsavl_find(sdd->fsavl,
1495 origin_guid, &snapname);
1496 if (origin_nv != NULL) {
1497 nvlist_t *snapprops;
1498 VERIFY(0 == nvlist_lookup_nvlist(origin_nv,
1499 "snapprops", &snapprops));
1500 VERIFY(0 == nvlist_lookup_nvlist(snapprops,
1501 snapname, &snapprops));
1502 VERIFY(0 == nvlist_add_boolean(
1503 snapprops, "is_clone_origin"));
1504 }
1505 }
1506 }
1507 again:
1508 needagain = progress = B_FALSE;
1509 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1510 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1511 nvlist_t *fslist, *parent_nv;
1512 char *fsname;
1513 zfs_handle_t *zhp;
1514 int err;
1515 uint64_t origin_guid = 0;
1516 uint64_t parent_guid = 0;
1517
1518 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0);
1519 if (nvlist_lookup_boolean(fslist, "sent") == 0)
1520 continue;
1521
1522 VERIFY(nvlist_lookup_string(fslist, "name", &fsname) == 0);
1523 (void) nvlist_lookup_uint64(fslist, "origin", &origin_guid);
1524 (void) nvlist_lookup_uint64(fslist, "parentfromsnap",
1525 &parent_guid);
1526
1527 if (parent_guid != 0) {
1528 parent_nv = fsavl_find(sdd->fsavl, parent_guid, NULL);
1529 if (!nvlist_exists(parent_nv, "sent")) {
1530 /* parent has not been sent; skip this one */
1531 needagain = B_TRUE;
1532 continue;
1533 }
1534 }
1535
1536 if (origin_guid != 0) {
1537 nvlist_t *origin_nv = fsavl_find(sdd->fsavl,
1538 origin_guid, NULL);
1539 if (origin_nv != NULL &&
1540 !nvlist_exists(origin_nv, "sent")) {
1541 /*
1542 * origin has not been sent yet;
1543 * skip this clone.
1544 */
1545 needagain = B_TRUE;
1546 continue;
1547 }
1548 }
1549
1550 zhp = zfs_open(rzhp->zfs_hdl, fsname, ZFS_TYPE_DATASET);
1551 if (zhp == NULL)
1552 return (-1);
1553 err = dump_filesystem(zhp, sdd);
1554 VERIFY(nvlist_add_boolean(fslist, "sent") == 0);
1555 progress = B_TRUE;
1556 zfs_close(zhp);
1557 if (err)
1558 return (err);
1559 }
1560 if (needagain) {
1561 assert(progress);
1562 goto again;
1563 }
1564
1565 /* clean out the sent flags in case we reuse this fss */
1566 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair;
1567 fspair = nvlist_next_nvpair(sdd->fss, fspair)) {
1568 nvlist_t *fslist;
1569
1570 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0);
1571 (void) nvlist_remove_all(fslist, "sent");
1572 }
1573
1574 return (0);
1575 }
1576
1577 nvlist_t *
1578 zfs_send_resume_token_to_nvlist(libzfs_handle_t *hdl, const char *token)
1579 {
1580 unsigned int version;
1581 int nread, i;
1582 unsigned long long checksum, packed_len;
1583
1584 /*
1585 * Decode token header, which is:
1586 * <token version>-<checksum of payload>-<uncompressed payload length>
1587 * Note that the only supported token version is 1.
1588 */
1589 nread = sscanf(token, "%u-%llx-%llx-",
1590 &version, &checksum, &packed_len);
1591 if (nread != 3) {
1592 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1593 "resume token is corrupt (invalid format)"));
1594 return (NULL);
1595 }
1596
1597 if (version != ZFS_SEND_RESUME_TOKEN_VERSION) {
1598 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1599 "resume token is corrupt (invalid version %u)"),
1600 version);
1601 return (NULL);
1602 }
1603
1604 /* convert hexadecimal representation to binary */
1605 token = strrchr(token, '-') + 1;
1606 int len = strlen(token) / 2;
1607 unsigned char *compressed = zfs_alloc(hdl, len);
1608 for (i = 0; i < len; i++) {
1609 nread = sscanf(token + i * 2, "%2hhx", compressed + i);
1610 if (nread != 1) {
1611 free(compressed);
1612 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1613 "resume token is corrupt "
1614 "(payload is not hex-encoded)"));
1615 return (NULL);
1616 }
1617 }
1618
1619 /* verify checksum */
1620 zio_cksum_t cksum;
1621 fletcher_4_native_varsize(compressed, len, &cksum);
1622 if (cksum.zc_word[0] != checksum) {
1623 free(compressed);
1624 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1625 "resume token is corrupt (incorrect checksum)"));
1626 return (NULL);
1627 }
1628
1629 /* uncompress */
1630 void *packed = zfs_alloc(hdl, packed_len);
1631 uLongf packed_len_long = packed_len;
1632 if (uncompress(packed, &packed_len_long, compressed, len) != Z_OK ||
1633 packed_len_long != packed_len) {
1634 free(packed);
1635 free(compressed);
1636 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1637 "resume token is corrupt (decompression failed)"));
1638 return (NULL);
1639 }
1640
1641 /* unpack nvlist */
1642 nvlist_t *nv;
1643 int error = nvlist_unpack(packed, packed_len, &nv, KM_SLEEP);
1644 free(packed);
1645 free(compressed);
1646 if (error != 0) {
1647 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1648 "resume token is corrupt (nvlist_unpack failed)"));
1649 return (NULL);
1650 }
1651 return (nv);
1652 }
1653
1654 int
1655 zfs_send_resume(libzfs_handle_t *hdl, sendflags_t *flags, int outfd,
1656 const char *resume_token)
1657 {
1658 char errbuf[1024];
1659 char *toname;
1660 char *fromname = NULL;
1661 uint64_t resumeobj, resumeoff, toguid, fromguid, bytes;
1662 zfs_handle_t *zhp;
1663 int error = 0;
1664 char name[ZFS_MAX_DATASET_NAME_LEN];
1665 enum lzc_send_flags lzc_flags = 0;
1666 FILE *fout = (flags->verbose && flags->dryrun) ? stdout : stderr;
1667
1668 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1669 "cannot resume send"));
1670
1671 nvlist_t *resume_nvl =
1672 zfs_send_resume_token_to_nvlist(hdl, resume_token);
1673 if (resume_nvl == NULL) {
1674 /*
1675 * zfs_error_aux has already been set by
1676 * zfs_send_resume_token_to_nvlist
1677 */
1678 return (zfs_error(hdl, EZFS_FAULT, errbuf));
1679 }
1680 if (flags->verbose) {
1681 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
1682 "resume token contents:\n"));
1683 nvlist_print(fout, resume_nvl);
1684 }
1685
1686 if (nvlist_lookup_string(resume_nvl, "toname", &toname) != 0 ||
1687 nvlist_lookup_uint64(resume_nvl, "object", &resumeobj) != 0 ||
1688 nvlist_lookup_uint64(resume_nvl, "offset", &resumeoff) != 0 ||
1689 nvlist_lookup_uint64(resume_nvl, "bytes", &bytes) != 0 ||
1690 nvlist_lookup_uint64(resume_nvl, "toguid", &toguid) != 0) {
1691 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1692 "resume token is corrupt"));
1693 return (zfs_error(hdl, EZFS_FAULT, errbuf));
1694 }
1695 fromguid = 0;
1696 (void) nvlist_lookup_uint64(resume_nvl, "fromguid", &fromguid);
1697
1698 if (flags->largeblock || nvlist_exists(resume_nvl, "largeblockok"))
1699 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK;
1700 if (flags->embed_data || nvlist_exists(resume_nvl, "embedok"))
1701 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA;
1702 if (flags->compress || nvlist_exists(resume_nvl, "compressok"))
1703 lzc_flags |= LZC_SEND_FLAG_COMPRESS;
1704 if (flags->raw || nvlist_exists(resume_nvl, "rawok"))
1705 lzc_flags |= LZC_SEND_FLAG_RAW;
1706
1707 if (guid_to_name(hdl, toname, toguid, B_FALSE, name) != 0) {
1708 if (zfs_dataset_exists(hdl, toname, ZFS_TYPE_DATASET)) {
1709 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1710 "'%s' is no longer the same snapshot used in "
1711 "the initial send"), toname);
1712 } else {
1713 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1714 "'%s' used in the initial send no longer exists"),
1715 toname);
1716 }
1717 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
1718 }
1719 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
1720 if (zhp == NULL) {
1721 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1722 "unable to access '%s'"), name);
1723 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
1724 }
1725
1726 if (fromguid != 0) {
1727 if (guid_to_name(hdl, toname, fromguid, B_TRUE, name) != 0) {
1728 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1729 "incremental source %#llx no longer exists"),
1730 (longlong_t)fromguid);
1731 return (zfs_error(hdl, EZFS_BADPATH, errbuf));
1732 }
1733 fromname = name;
1734 }
1735
1736 if (flags->verbose) {
1737 uint64_t size = 0;
1738 error = lzc_send_space(zhp->zfs_name, fromname,
1739 lzc_flags, &size);
1740 if (error == 0)
1741 size = MAX(0, (int64_t)(size - bytes));
1742 send_print_verbose(fout, zhp->zfs_name, fromname,
1743 size, flags->parsable);
1744 }
1745
1746 if (!flags->dryrun) {
1747 progress_arg_t pa = { 0 };
1748 pthread_t tid;
1749 /*
1750 * If progress reporting is requested, spawn a new thread to
1751 * poll ZFS_IOC_SEND_PROGRESS at a regular interval.
1752 */
1753 if (flags->progress) {
1754 pa.pa_zhp = zhp;
1755 pa.pa_fd = outfd;
1756 pa.pa_parsable = flags->parsable;
1757
1758 error = pthread_create(&tid, NULL,
1759 send_progress_thread, &pa);
1760 if (error != 0) {
1761 zfs_close(zhp);
1762 return (error);
1763 }
1764 }
1765
1766 error = lzc_send_resume(zhp->zfs_name, fromname, outfd,
1767 lzc_flags, resumeobj, resumeoff);
1768
1769 if (flags->progress) {
1770 (void) pthread_cancel(tid);
1771 (void) pthread_join(tid, NULL);
1772 }
1773
1774 char errbuf[1024];
1775 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1776 "warning: cannot send '%s'"), zhp->zfs_name);
1777
1778 zfs_close(zhp);
1779
1780 switch (error) {
1781 case 0:
1782 return (0);
1783 case EACCES:
1784 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1785 "source key must be loaded"));
1786 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
1787
1788 case EXDEV:
1789 case ENOENT:
1790 case EDQUOT:
1791 case EFBIG:
1792 case EIO:
1793 case ENOLINK:
1794 case ENOSPC:
1795 case ENOSTR:
1796 case ENXIO:
1797 case EPIPE:
1798 case ERANGE:
1799 case EFAULT:
1800 case EROFS:
1801 zfs_error_aux(hdl, strerror(errno));
1802 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
1803
1804 default:
1805 return (zfs_standard_error(hdl, errno, errbuf));
1806 }
1807 }
1808
1809
1810 zfs_close(zhp);
1811
1812 return (error);
1813 }
1814
1815 /*
1816 * Generate a send stream for the dataset identified by the argument zhp.
1817 *
1818 * The content of the send stream is the snapshot identified by
1819 * 'tosnap'. Incremental streams are requested in two ways:
1820 * - from the snapshot identified by "fromsnap" (if non-null) or
1821 * - from the origin of the dataset identified by zhp, which must
1822 * be a clone. In this case, "fromsnap" is null and "fromorigin"
1823 * is TRUE.
1824 *
1825 * The send stream is recursive (i.e. dumps a hierarchy of snapshots) and
1826 * uses a special header (with a hdrtype field of DMU_COMPOUNDSTREAM)
1827 * if "replicate" is set. If "doall" is set, dump all the intermediate
1828 * snapshots. The DMU_COMPOUNDSTREAM header is used in the "doall"
1829 * case too. If "props" is set, send properties.
1830 */
1831 int
1832 zfs_send(zfs_handle_t *zhp, const char *fromsnap, const char *tosnap,
1833 sendflags_t *flags, int outfd, snapfilter_cb_t filter_func,
1834 void *cb_arg, nvlist_t **debugnvp)
1835 {
1836 char errbuf[1024];
1837 send_dump_data_t sdd = { 0 };
1838 int err = 0;
1839 nvlist_t *fss = NULL;
1840 avl_tree_t *fsavl = NULL;
1841 static uint64_t holdseq;
1842 int spa_version;
1843 pthread_t tid = 0;
1844 int pipefd[2];
1845 dedup_arg_t dda = { 0 };
1846 int featureflags = 0;
1847 FILE *fout;
1848
1849 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1850 "cannot send '%s'"), zhp->zfs_name);
1851
1852 if (fromsnap && fromsnap[0] == '\0') {
1853 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
1854 "zero-length incremental source"));
1855 return (zfs_error(zhp->zfs_hdl, EZFS_NOENT, errbuf));
1856 }
1857
1858 if (zhp->zfs_type == ZFS_TYPE_FILESYSTEM) {
1859 uint64_t version;
1860 version = zfs_prop_get_int(zhp, ZFS_PROP_VERSION);
1861 if (version >= ZPL_VERSION_SA) {
1862 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL;
1863 }
1864 }
1865
1866 /*
1867 * Start the dedup thread if this is a dedup stream. We do not bother
1868 * doing this if this a raw send of an encrypted dataset with dedup off
1869 * because normal encrypted blocks won't dedup.
1870 */
1871 if (flags->dedup && !flags->dryrun && !(flags->raw &&
1872 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF &&
1873 zfs_prop_get_int(zhp, ZFS_PROP_DEDUP) == ZIO_CHECKSUM_OFF)) {
1874 featureflags |= (DMU_BACKUP_FEATURE_DEDUP |
1875 DMU_BACKUP_FEATURE_DEDUPPROPS);
1876 if ((err = socketpair(AF_UNIX, SOCK_STREAM, 0, pipefd)) != 0) {
1877 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
1878 return (zfs_error(zhp->zfs_hdl, EZFS_PIPEFAILED,
1879 errbuf));
1880 }
1881 dda.outputfd = outfd;
1882 dda.inputfd = pipefd[1];
1883 dda.dedup_hdl = zhp->zfs_hdl;
1884 if ((err = pthread_create(&tid, NULL, cksummer, &dda)) != 0) {
1885 (void) close(pipefd[0]);
1886 (void) close(pipefd[1]);
1887 zfs_error_aux(zhp->zfs_hdl, strerror(errno));
1888 return (zfs_error(zhp->zfs_hdl,
1889 EZFS_THREADCREATEFAILED, errbuf));
1890 }
1891 }
1892
1893 if (flags->replicate || flags->doall || flags->props || flags->backup) {
1894 dmu_replay_record_t drr = { 0 };
1895 char *packbuf = NULL;
1896 size_t buflen = 0;
1897 zio_cksum_t zc;
1898
1899 ZIO_SET_CHECKSUM(&zc, 0, 0, 0, 0);
1900
1901 if (flags->replicate || flags->props || flags->backup) {
1902 nvlist_t *hdrnv;
1903
1904 VERIFY(0 == nvlist_alloc(&hdrnv, NV_UNIQUE_NAME, 0));
1905 if (fromsnap) {
1906 VERIFY(0 == nvlist_add_string(hdrnv,
1907 "fromsnap", fromsnap));
1908 }
1909 VERIFY(0 == nvlist_add_string(hdrnv, "tosnap", tosnap));
1910 if (!flags->replicate) {
1911 VERIFY(0 == nvlist_add_boolean(hdrnv,
1912 "not_recursive"));
1913 }
1914 if (flags->raw) {
1915 VERIFY(0 == nvlist_add_boolean(hdrnv, "raw"));
1916 }
1917
1918 err = gather_nvlist(zhp->zfs_hdl, zhp->zfs_name,
1919 fromsnap, tosnap, flags->replicate, flags->raw,
1920 flags->verbose, flags->backup, &fss, &fsavl);
1921 if (err)
1922 goto err_out;
1923 VERIFY(0 == nvlist_add_nvlist(hdrnv, "fss", fss));
1924 err = nvlist_pack(hdrnv, &packbuf, &buflen,
1925 NV_ENCODE_XDR, 0);
1926 if (debugnvp)
1927 *debugnvp = hdrnv;
1928 else
1929 nvlist_free(hdrnv);
1930 if (err)
1931 goto stderr_out;
1932 }
1933
1934 if (!flags->dryrun) {
1935 /* write first begin record */
1936 drr.drr_type = DRR_BEGIN;
1937 drr.drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC;
1938 DMU_SET_STREAM_HDRTYPE(drr.drr_u.drr_begin.
1939 drr_versioninfo, DMU_COMPOUNDSTREAM);
1940 DMU_SET_FEATUREFLAGS(drr.drr_u.drr_begin.
1941 drr_versioninfo, featureflags);
1942 if (snprintf(drr.drr_u.drr_begin.drr_toname,
1943 sizeof (drr.drr_u.drr_begin.drr_toname),
1944 "%s@%s", zhp->zfs_name, tosnap) >=
1945 sizeof (drr.drr_u.drr_begin.drr_toname)) {
1946 err = EINVAL;
1947 goto stderr_out;
1948 }
1949 drr.drr_payloadlen = buflen;
1950
1951 err = dump_record(&drr, packbuf, buflen, &zc, outfd);
1952 free(packbuf);
1953 if (err != 0)
1954 goto stderr_out;
1955
1956 /* write end record */
1957 bzero(&drr, sizeof (drr));
1958 drr.drr_type = DRR_END;
1959 drr.drr_u.drr_end.drr_checksum = zc;
1960 err = write(outfd, &drr, sizeof (drr));
1961 if (err == -1) {
1962 err = errno;
1963 goto stderr_out;
1964 }
1965
1966 err = 0;
1967 }
1968 }
1969
1970 /* dump each stream */
1971 sdd.fromsnap = fromsnap;
1972 sdd.tosnap = tosnap;
1973 if (tid != 0)
1974 sdd.outfd = pipefd[0];
1975 else
1976 sdd.outfd = outfd;
1977 sdd.replicate = flags->replicate;
1978 sdd.doall = flags->doall;
1979 sdd.fromorigin = flags->fromorigin;
1980 sdd.fss = fss;
1981 sdd.fsavl = fsavl;
1982 sdd.verbose = flags->verbose;
1983 sdd.parsable = flags->parsable;
1984 sdd.progress = flags->progress;
1985 sdd.dryrun = flags->dryrun;
1986 sdd.large_block = flags->largeblock;
1987 sdd.embed_data = flags->embed_data;
1988 sdd.compress = flags->compress;
1989 sdd.raw = flags->raw;
1990 sdd.filter_cb = filter_func;
1991 sdd.filter_cb_arg = cb_arg;
1992 if (debugnvp)
1993 sdd.debugnv = *debugnvp;
1994 if (sdd.verbose && sdd.dryrun)
1995 sdd.std_out = B_TRUE;
1996 fout = sdd.std_out ? stdout : stderr;
1997
1998 /*
1999 * Some flags require that we place user holds on the datasets that are
2000 * being sent so they don't get destroyed during the send. We can skip
2001 * this step if the pool is imported read-only since the datasets cannot
2002 * be destroyed.
2003 */
2004 if (!flags->dryrun && !zpool_get_prop_int(zfs_get_pool_handle(zhp),
2005 ZPOOL_PROP_READONLY, NULL) &&
2006 zfs_spa_version(zhp, &spa_version) == 0 &&
2007 spa_version >= SPA_VERSION_USERREFS &&
2008 (flags->doall || flags->replicate)) {
2009 ++holdseq;
2010 (void) snprintf(sdd.holdtag, sizeof (sdd.holdtag),
2011 ".send-%d-%llu", getpid(), (u_longlong_t)holdseq);
2012 sdd.cleanup_fd = open(ZFS_DEV, O_RDWR);
2013 if (sdd.cleanup_fd < 0) {
2014 err = errno;
2015 goto stderr_out;
2016 }
2017 sdd.snapholds = fnvlist_alloc();
2018 } else {
2019 sdd.cleanup_fd = -1;
2020 sdd.snapholds = NULL;
2021 }
2022 if (flags->verbose || sdd.snapholds != NULL) {
2023 /*
2024 * Do a verbose no-op dry run to get all the verbose output
2025 * or to gather snapshot hold's before generating any data,
2026 * then do a non-verbose real run to generate the streams.
2027 */
2028 sdd.dryrun = B_TRUE;
2029 err = dump_filesystems(zhp, &sdd);
2030
2031 if (err != 0)
2032 goto stderr_out;
2033
2034 if (flags->verbose) {
2035 if (flags->parsable) {
2036 (void) fprintf(fout, "size\t%llu\n",
2037 (longlong_t)sdd.size);
2038 } else {
2039 char buf[16];
2040 zfs_nicebytes(sdd.size, buf, sizeof (buf));
2041 (void) fprintf(fout, dgettext(TEXT_DOMAIN,
2042 "total estimated size is %s\n"), buf);
2043 }
2044 }
2045
2046 /* Ensure no snaps found is treated as an error. */
2047 if (!sdd.seento) {
2048 err = ENOENT;
2049 goto err_out;
2050 }
2051
2052 /* Skip the second run if dryrun was requested. */
2053 if (flags->dryrun)
2054 goto err_out;
2055
2056 if (sdd.snapholds != NULL) {
2057 err = zfs_hold_nvl(zhp, sdd.cleanup_fd, sdd.snapholds);
2058 if (err != 0)
2059 goto stderr_out;
2060
2061 fnvlist_free(sdd.snapholds);
2062 sdd.snapholds = NULL;
2063 }
2064
2065 sdd.dryrun = B_FALSE;
2066 sdd.verbose = B_FALSE;
2067 }
2068
2069 err = dump_filesystems(zhp, &sdd);
2070 fsavl_destroy(fsavl);
2071 nvlist_free(fss);
2072
2073 /* Ensure no snaps found is treated as an error. */
2074 if (err == 0 && !sdd.seento)
2075 err = ENOENT;
2076
2077 if (tid != 0) {
2078 if (err != 0)
2079 (void) pthread_cancel(tid);
2080 (void) close(pipefd[0]);
2081 (void) pthread_join(tid, NULL);
2082 }
2083
2084 if (sdd.cleanup_fd != -1) {
2085 VERIFY(0 == close(sdd.cleanup_fd));
2086 sdd.cleanup_fd = -1;
2087 }
2088
2089 if (!flags->dryrun && (flags->replicate || flags->doall ||
2090 flags->props || flags->backup)) {
2091 /*
2092 * write final end record. NB: want to do this even if
2093 * there was some error, because it might not be totally
2094 * failed.
2095 */
2096 dmu_replay_record_t drr = { 0 };
2097 drr.drr_type = DRR_END;
2098 if (write(outfd, &drr, sizeof (drr)) == -1) {
2099 return (zfs_standard_error(zhp->zfs_hdl,
2100 errno, errbuf));
2101 }
2102 }
2103
2104 return (err || sdd.err);
2105
2106 stderr_out:
2107 err = zfs_standard_error(zhp->zfs_hdl, err, errbuf);
2108 err_out:
2109 fsavl_destroy(fsavl);
2110 nvlist_free(fss);
2111 fnvlist_free(sdd.snapholds);
2112
2113 if (sdd.cleanup_fd != -1)
2114 VERIFY(0 == close(sdd.cleanup_fd));
2115 if (tid != 0) {
2116 (void) pthread_cancel(tid);
2117 (void) close(pipefd[0]);
2118 (void) pthread_join(tid, NULL);
2119 }
2120 return (err);
2121 }
2122
2123 int
2124 zfs_send_one(zfs_handle_t *zhp, const char *from, int fd, sendflags_t flags)
2125 {
2126 int err = 0;
2127 libzfs_handle_t *hdl = zhp->zfs_hdl;
2128 enum lzc_send_flags lzc_flags = 0;
2129 FILE *fout = (flags.verbose && flags.dryrun) ? stdout : stderr;
2130 char errbuf[1024];
2131
2132 if (flags.largeblock)
2133 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK;
2134 if (flags.embed_data)
2135 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA;
2136 if (flags.compress)
2137 lzc_flags |= LZC_SEND_FLAG_COMPRESS;
2138 if (flags.raw)
2139 lzc_flags |= LZC_SEND_FLAG_RAW;
2140
2141 if (flags.verbose) {
2142 uint64_t size = 0;
2143 err = lzc_send_space(zhp->zfs_name, from, lzc_flags, &size);
2144 if (err == 0) {
2145 send_print_verbose(fout, zhp->zfs_name, from, size,
2146 flags.parsable);
2147 } else {
2148 (void) fprintf(stderr, "Cannot estimate send size: "
2149 "%s\n", strerror(errno));
2150 }
2151 }
2152
2153 if (flags.dryrun)
2154 return (err);
2155
2156 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2157 "warning: cannot send '%s'"), zhp->zfs_name);
2158
2159 err = lzc_send(zhp->zfs_name, from, fd, lzc_flags);
2160 if (err != 0) {
2161 switch (errno) {
2162 case EXDEV:
2163 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2164 "not an earlier snapshot from the same fs"));
2165 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
2166
2167 case ENOENT:
2168 case ESRCH:
2169 if (lzc_exists(zhp->zfs_name)) {
2170 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2171 "incremental source (%s) does not exist"),
2172 from);
2173 }
2174 return (zfs_error(hdl, EZFS_NOENT, errbuf));
2175
2176 case EACCES:
2177 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2178 "dataset key must be loaded"));
2179 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf));
2180
2181 case EBUSY:
2182 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2183 "target is busy; if a filesystem, "
2184 "it must not be mounted"));
2185 return (zfs_error(hdl, EZFS_BUSY, errbuf));
2186
2187 case EDQUOT:
2188 case EFBIG:
2189 case EIO:
2190 case ENOLINK:
2191 case ENOSPC:
2192 case ENOSTR:
2193 case ENXIO:
2194 case EPIPE:
2195 case ERANGE:
2196 case EFAULT:
2197 case EROFS:
2198 zfs_error_aux(hdl, strerror(errno));
2199 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf));
2200
2201 default:
2202 return (zfs_standard_error(hdl, errno, errbuf));
2203 }
2204 }
2205 return (err != 0);
2206 }
2207
2208 /*
2209 * Routines specific to "zfs recv"
2210 */
2211
2212 static int
2213 recv_read(libzfs_handle_t *hdl, int fd, void *buf, int ilen,
2214 boolean_t byteswap, zio_cksum_t *zc)
2215 {
2216 char *cp = buf;
2217 int rv;
2218 int len = ilen;
2219
2220 assert(ilen <= SPA_MAXBLOCKSIZE);
2221
2222 do {
2223 rv = read(fd, cp, len);
2224 cp += rv;
2225 len -= rv;
2226 } while (rv > 0);
2227
2228 if (rv < 0 || len != 0) {
2229 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2230 "failed to read from stream"));
2231 return (zfs_error(hdl, EZFS_BADSTREAM, dgettext(TEXT_DOMAIN,
2232 "cannot receive")));
2233 }
2234
2235 if (zc) {
2236 if (byteswap)
2237 fletcher_4_incremental_byteswap(buf, ilen, zc);
2238 else
2239 fletcher_4_incremental_native(buf, ilen, zc);
2240 }
2241 return (0);
2242 }
2243
2244 static int
2245 recv_read_nvlist(libzfs_handle_t *hdl, int fd, int len, nvlist_t **nvp,
2246 boolean_t byteswap, zio_cksum_t *zc)
2247 {
2248 char *buf;
2249 int err;
2250
2251 buf = zfs_alloc(hdl, len);
2252 if (buf == NULL)
2253 return (ENOMEM);
2254
2255 err = recv_read(hdl, fd, buf, len, byteswap, zc);
2256 if (err != 0) {
2257 free(buf);
2258 return (err);
2259 }
2260
2261 err = nvlist_unpack(buf, len, nvp, 0);
2262 free(buf);
2263 if (err != 0) {
2264 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
2265 "stream (malformed nvlist)"));
2266 return (EINVAL);
2267 }
2268 return (0);
2269 }
2270
2271 /*
2272 * Returns the grand origin (origin of origin of origin...) of a given handle.
2273 * If this dataset is not a clone, it simply returns a copy of the original
2274 * handle.
2275 */
2276 static zfs_handle_t *
2277 recv_open_grand_origin(zfs_handle_t *zhp)
2278 {
2279 char origin[ZFS_MAX_DATASET_NAME_LEN];
2280 zprop_source_t src;
2281 zfs_handle_t *ozhp = zfs_handle_dup(zhp);
2282
2283 while (ozhp != NULL) {
2284 if (zfs_prop_get(ozhp, ZFS_PROP_ORIGIN, origin,
2285 sizeof (origin), &src, NULL, 0, B_FALSE) != 0)
2286 break;
2287
2288 (void) zfs_close(ozhp);
2289 ozhp = zfs_open(zhp->zfs_hdl, origin, ZFS_TYPE_FILESYSTEM);
2290 }
2291
2292 return (ozhp);
2293 }
2294
2295 static int
2296 recv_rename_impl(zfs_handle_t *zhp, zfs_cmd_t *zc)
2297 {
2298 int err;
2299 zfs_handle_t *ozhp = NULL;
2300
2301 /*
2302 * Attempt to rename the dataset. If it fails with EACCES we have
2303 * attempted to rename the dataset outside of its encryption root.
2304 * Force the dataset to become an encryption root and try again.
2305 */
2306 err = ioctl(zhp->zfs_hdl->libzfs_fd, ZFS_IOC_RENAME, &zc);
2307 if (err == EACCES) {
2308 ozhp = recv_open_grand_origin(zhp);
2309 if (ozhp == NULL) {
2310 err = ENOENT;
2311 goto out;
2312 }
2313
2314 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY,
2315 NULL, NULL, 0);
2316 if (err != 0)
2317 goto out;
2318
2319 err = ioctl(zhp->zfs_hdl->libzfs_fd, ZFS_IOC_RENAME, &zc);
2320 }
2321
2322 out:
2323 if (ozhp != NULL)
2324 zfs_close(ozhp);
2325 return (err);
2326 }
2327
2328 static int
2329 recv_rename(libzfs_handle_t *hdl, const char *name, const char *tryname,
2330 int baselen, char *newname, recvflags_t *flags)
2331 {
2332 static int seq;
2333 zfs_cmd_t zc = {"\0"};
2334 int err;
2335 prop_changelist_t *clp = NULL;
2336 zfs_handle_t *zhp = NULL;
2337
2338 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
2339 if (zhp == NULL) {
2340 err = -1;
2341 goto out;
2342 }
2343 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
2344 flags->force ? MS_FORCE : 0);
2345 if (clp == NULL) {
2346 err = -1;
2347 goto out;
2348 }
2349 err = changelist_prefix(clp);
2350 if (err)
2351 goto out;
2352
2353 zc.zc_objset_type = DMU_OST_ZFS;
2354 (void) strlcpy(zc.zc_name, name, sizeof (zc.zc_name));
2355
2356 if (tryname) {
2357 (void) strcpy(newname, tryname);
2358
2359 (void) strlcpy(zc.zc_value, tryname, sizeof (zc.zc_value));
2360
2361 if (flags->verbose) {
2362 (void) printf("attempting rename %s to %s\n",
2363 zc.zc_name, zc.zc_value);
2364 }
2365 err = recv_rename_impl(zhp, &zc);
2366 if (err == 0)
2367 changelist_rename(clp, name, tryname);
2368 } else {
2369 err = ENOENT;
2370 }
2371
2372 if (err != 0 && strncmp(name + baselen, "recv-", 5) != 0) {
2373 seq++;
2374
2375 (void) snprintf(newname, ZFS_MAX_DATASET_NAME_LEN,
2376 "%.*srecv-%u-%u", baselen, name, getpid(), seq);
2377 (void) strlcpy(zc.zc_value, newname, sizeof (zc.zc_value));
2378
2379 if (flags->verbose) {
2380 (void) printf("failed - trying rename %s to %s\n",
2381 zc.zc_name, zc.zc_value);
2382 }
2383 err = recv_rename_impl(zhp, &zc);
2384 if (err == 0)
2385 changelist_rename(clp, name, newname);
2386 if (err && flags->verbose) {
2387 (void) printf("failed (%u) - "
2388 "will try again on next pass\n", errno);
2389 }
2390 err = EAGAIN;
2391 } else if (flags->verbose) {
2392 if (err == 0)
2393 (void) printf("success\n");
2394 else
2395 (void) printf("failed (%u)\n", errno);
2396 }
2397
2398 (void) changelist_postfix(clp);
2399
2400 out:
2401 if (clp != NULL)
2402 changelist_free(clp);
2403 if (zhp != NULL)
2404 zfs_close(zhp);
2405
2406 return (err);
2407 }
2408
2409 static int
2410 recv_promote(libzfs_handle_t *hdl, const char *fsname,
2411 const char *origin_fsname, recvflags_t *flags)
2412 {
2413 int err;
2414 zfs_cmd_t zc = {"\0"};
2415 zfs_handle_t *zhp = NULL, *ozhp = NULL;
2416
2417 if (flags->verbose)
2418 (void) printf("promoting %s\n", fsname);
2419
2420 (void) strlcpy(zc.zc_value, origin_fsname, sizeof (zc.zc_value));
2421 (void) strlcpy(zc.zc_name, fsname, sizeof (zc.zc_name));
2422
2423 /*
2424 * Attempt to promote the dataset. If it fails with EACCES the
2425 * promotion would cause this dataset to leave its encryption root.
2426 * Force the origin to become an encryption root and try again.
2427 */
2428 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
2429 if (err == EACCES) {
2430 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET);
2431 if (zhp == NULL) {
2432 err = -1;
2433 goto out;
2434 }
2435
2436 ozhp = recv_open_grand_origin(zhp);
2437 if (ozhp == NULL) {
2438 err = -1;
2439 goto out;
2440 }
2441
2442 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY,
2443 NULL, NULL, 0);
2444 if (err != 0)
2445 goto out;
2446
2447 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
2448 }
2449
2450 out:
2451 if (zhp != NULL)
2452 zfs_close(zhp);
2453 if (ozhp != NULL)
2454 zfs_close(ozhp);
2455
2456 return (err);
2457 }
2458
2459 static int
2460 recv_destroy(libzfs_handle_t *hdl, const char *name, int baselen,
2461 char *newname, recvflags_t *flags)
2462 {
2463 zfs_cmd_t zc = {"\0"};
2464 int err = 0;
2465 prop_changelist_t *clp;
2466 zfs_handle_t *zhp;
2467 boolean_t defer = B_FALSE;
2468 int spa_version;
2469
2470 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
2471 if (zhp == NULL)
2472 return (-1);
2473 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
2474 flags->force ? MS_FORCE : 0);
2475 if (zfs_get_type(zhp) == ZFS_TYPE_SNAPSHOT &&
2476 zfs_spa_version(zhp, &spa_version) == 0 &&
2477 spa_version >= SPA_VERSION_USERREFS)
2478 defer = B_TRUE;
2479 zfs_close(zhp);
2480 if (clp == NULL)
2481 return (-1);
2482 err = changelist_prefix(clp);
2483 if (err)
2484 return (err);
2485
2486 zc.zc_objset_type = DMU_OST_ZFS;
2487 zc.zc_defer_destroy = defer;
2488 (void) strlcpy(zc.zc_name, name, sizeof (zc.zc_name));
2489
2490 if (flags->verbose)
2491 (void) printf("attempting destroy %s\n", zc.zc_name);
2492 err = ioctl(hdl->libzfs_fd, ZFS_IOC_DESTROY, &zc);
2493 if (err == 0) {
2494 if (flags->verbose)
2495 (void) printf("success\n");
2496 changelist_remove(clp, zc.zc_name);
2497 }
2498
2499 (void) changelist_postfix(clp);
2500 changelist_free(clp);
2501
2502 /*
2503 * Deferred destroy might destroy the snapshot or only mark it to be
2504 * destroyed later, and it returns success in either case.
2505 */
2506 if (err != 0 || (defer && zfs_dataset_exists(hdl, name,
2507 ZFS_TYPE_SNAPSHOT))) {
2508 err = recv_rename(hdl, name, NULL, baselen, newname, flags);
2509 }
2510
2511 return (err);
2512 }
2513
2514 typedef struct guid_to_name_data {
2515 uint64_t guid;
2516 boolean_t bookmark_ok;
2517 char *name;
2518 char *skip;
2519 } guid_to_name_data_t;
2520
2521 static int
2522 guid_to_name_cb(zfs_handle_t *zhp, void *arg)
2523 {
2524 guid_to_name_data_t *gtnd = arg;
2525 const char *slash;
2526 int err;
2527
2528 if (gtnd->skip != NULL &&
2529 (slash = strrchr(zhp->zfs_name, '/')) != NULL &&
2530 strcmp(slash + 1, gtnd->skip) == 0) {
2531 zfs_close(zhp);
2532 return (0);
2533 }
2534
2535 if (zfs_prop_get_int(zhp, ZFS_PROP_GUID) == gtnd->guid) {
2536 (void) strcpy(gtnd->name, zhp->zfs_name);
2537 zfs_close(zhp);
2538 return (EEXIST);
2539 }
2540
2541 err = zfs_iter_children(zhp, guid_to_name_cb, gtnd);
2542 if (err != EEXIST && gtnd->bookmark_ok)
2543 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, gtnd);
2544 zfs_close(zhp);
2545 return (err);
2546 }
2547
2548 /*
2549 * Attempt to find the local dataset associated with this guid. In the case of
2550 * multiple matches, we attempt to find the "best" match by searching
2551 * progressively larger portions of the hierarchy. This allows one to send a
2552 * tree of datasets individually and guarantee that we will find the source
2553 * guid within that hierarchy, even if there are multiple matches elsewhere.
2554 */
2555 static int
2556 guid_to_name(libzfs_handle_t *hdl, const char *parent, uint64_t guid,
2557 boolean_t bookmark_ok, char *name)
2558 {
2559 char pname[ZFS_MAX_DATASET_NAME_LEN];
2560 guid_to_name_data_t gtnd;
2561
2562 gtnd.guid = guid;
2563 gtnd.bookmark_ok = bookmark_ok;
2564 gtnd.name = name;
2565 gtnd.skip = NULL;
2566
2567 /*
2568 * Search progressively larger portions of the hierarchy, starting
2569 * with the filesystem specified by 'parent'. This will
2570 * select the "most local" version of the origin snapshot in the case
2571 * that there are multiple matching snapshots in the system.
2572 */
2573 (void) strlcpy(pname, parent, sizeof (pname));
2574 char *cp = strrchr(pname, '@');
2575 if (cp == NULL)
2576 cp = strchr(pname, '\0');
2577 for (; cp != NULL; cp = strrchr(pname, '/')) {
2578 /* Chop off the last component and open the parent */
2579 *cp = '\0';
2580 zfs_handle_t *zhp = make_dataset_handle(hdl, pname);
2581
2582 if (zhp == NULL)
2583 continue;
2584 int err = guid_to_name_cb(zfs_handle_dup(zhp), &gtnd);
2585 if (err != EEXIST)
2586 err = zfs_iter_children(zhp, guid_to_name_cb, &gtnd);
2587 if (err != EEXIST && bookmark_ok)
2588 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, &gtnd);
2589 zfs_close(zhp);
2590 if (err == EEXIST)
2591 return (0);
2592
2593 /*
2594 * Remember the last portion of the dataset so we skip it next
2595 * time through (as we've already searched that portion of the
2596 * hierarchy).
2597 */
2598 gtnd.skip = strrchr(pname, '/') + 1;
2599 }
2600
2601 return (ENOENT);
2602 }
2603
2604 /*
2605 * Return +1 if guid1 is before guid2, 0 if they are the same, and -1 if
2606 * guid1 is after guid2.
2607 */
2608 static int
2609 created_before(libzfs_handle_t *hdl, avl_tree_t *avl,
2610 uint64_t guid1, uint64_t guid2)
2611 {
2612 nvlist_t *nvfs;
2613 char *fsname = NULL, *snapname = NULL;
2614 char buf[ZFS_MAX_DATASET_NAME_LEN];
2615 int rv;
2616 zfs_handle_t *guid1hdl, *guid2hdl;
2617 uint64_t create1, create2;
2618
2619 if (guid2 == 0)
2620 return (0);
2621 if (guid1 == 0)
2622 return (1);
2623
2624 nvfs = fsavl_find(avl, guid1, &snapname);
2625 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
2626 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname);
2627 guid1hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT);
2628 if (guid1hdl == NULL)
2629 return (-1);
2630
2631 nvfs = fsavl_find(avl, guid2, &snapname);
2632 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
2633 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname);
2634 guid2hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT);
2635 if (guid2hdl == NULL) {
2636 zfs_close(guid1hdl);
2637 return (-1);
2638 }
2639
2640 create1 = zfs_prop_get_int(guid1hdl, ZFS_PROP_CREATETXG);
2641 create2 = zfs_prop_get_int(guid2hdl, ZFS_PROP_CREATETXG);
2642
2643 if (create1 < create2)
2644 rv = -1;
2645 else if (create1 > create2)
2646 rv = +1;
2647 else
2648 rv = 0;
2649
2650 zfs_close(guid1hdl);
2651 zfs_close(guid2hdl);
2652
2653 return (rv);
2654 }
2655
2656 /*
2657 * This function reestablishes the heirarchy of encryption roots after a
2658 * recursive incremental receive has completed. This must be done after the
2659 * second call to recv_incremental_replication() has renamed and promoted all
2660 * sent datasets to their final locations in the dataset heriarchy.
2661 */
2662 static int
2663 recv_fix_encryption_heirarchy(libzfs_handle_t *hdl, const char *destname,
2664 nvlist_t *stream_nv, avl_tree_t *stream_avl)
2665 {
2666 int err;
2667 nvpair_t *fselem = NULL;
2668 nvlist_t *stream_fss;
2669 char *cp;
2670 char top_zfs[ZFS_MAX_DATASET_NAME_LEN];
2671
2672 (void) strcpy(top_zfs, destname);
2673 cp = strrchr(top_zfs, '@');
2674 if (cp != NULL)
2675 *cp = '\0';
2676
2677 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss", &stream_fss));
2678
2679 while ((fselem = nvlist_next_nvpair(stream_fss, fselem)) != NULL) {
2680 zfs_handle_t *zhp = NULL;
2681 uint64_t crypt;
2682 nvlist_t *snaps, *props, *stream_nvfs = NULL;
2683 nvpair_t *snapel = NULL;
2684 boolean_t is_encroot, is_clone, stream_encroot;
2685 char *cp;
2686 char *stream_keylocation = NULL;
2687 char keylocation[MAXNAMELEN];
2688 char fsname[ZFS_MAX_DATASET_NAME_LEN];
2689
2690 keylocation[0] = '\0';
2691 VERIFY(0 == nvpair_value_nvlist(fselem, &stream_nvfs));
2692 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "snaps", &snaps));
2693 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "props", &props));
2694 stream_encroot = nvlist_exists(stream_nvfs, "is_encroot");
2695
2696 /* find a snapshot from the stream that exists locally */
2697 err = ENOENT;
2698 while ((snapel = nvlist_next_nvpair(snaps, snapel)) != NULL) {
2699 uint64_t guid;
2700
2701 VERIFY(0 == nvpair_value_uint64(snapel, &guid));
2702 err = guid_to_name(hdl, destname, guid, B_FALSE,
2703 fsname);
2704 if (err == 0)
2705 break;
2706 }
2707
2708 if (err != 0)
2709 continue;
2710
2711 cp = strchr(fsname, '@');
2712 if (cp != NULL)
2713 *cp = '\0';
2714
2715 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET);
2716 if (zhp == NULL) {
2717 err = ENOENT;
2718 goto error;
2719 }
2720
2721 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION);
2722 is_clone = zhp->zfs_dmustats.dds_origin[0] != '\0';
2723 (void) zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL);
2724
2725 /* we don't need to do anything for unencrypted filesystems */
2726 if (crypt == ZIO_CRYPT_OFF) {
2727 zfs_close(zhp);
2728 continue;
2729 }
2730
2731 /*
2732 * If the dataset is flagged as an encryption root, was not
2733 * received as a clone and is not currently an encryption root,
2734 * force it to become one. Fixup the keylocation if necessary.
2735 */
2736 if (stream_encroot) {
2737 if (!is_clone && !is_encroot) {
2738 err = lzc_change_key(fsname,
2739 DCP_CMD_FORCE_NEW_KEY, NULL, NULL, 0);
2740 if (err != 0) {
2741 zfs_close(zhp);
2742 goto error;
2743 }
2744 }
2745
2746 VERIFY(0 == nvlist_lookup_string(props,
2747 zfs_prop_to_name(ZFS_PROP_KEYLOCATION),
2748 &stream_keylocation));
2749
2750 /*
2751 * Refresh the properties in case the call to
2752 * lzc_change_key() changed the value.
2753 */
2754 zfs_refresh_properties(zhp);
2755 err = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION,
2756 keylocation, sizeof (keylocation), NULL, NULL,
2757 0, B_TRUE);
2758 if (err != 0) {
2759 zfs_close(zhp);
2760 goto error;
2761 }
2762
2763 if (strcmp(keylocation, stream_keylocation) != 0) {
2764 err = zfs_prop_set(zhp,
2765 zfs_prop_to_name(ZFS_PROP_KEYLOCATION),
2766 stream_keylocation);
2767 if (err != 0) {
2768 zfs_close(zhp);
2769 goto error;
2770 }
2771 }
2772 }
2773
2774 /*
2775 * If the dataset is not flagged as an encryption root and is
2776 * currently an encryption root, force it to inherit from its
2777 * parent. The root of a raw send should never be
2778 * force-inherited.
2779 */
2780 if (!stream_encroot && is_encroot &&
2781 strcmp(top_zfs, fsname) != 0) {
2782 err = lzc_change_key(fsname, DCP_CMD_FORCE_INHERIT,
2783 NULL, NULL, 0);
2784 if (err != 0) {
2785 zfs_close(zhp);
2786 goto error;
2787 }
2788 }
2789
2790 zfs_close(zhp);
2791 }
2792
2793 return (0);
2794
2795 error:
2796 return (err);
2797 }
2798
2799 static int
2800 recv_incremental_replication(libzfs_handle_t *hdl, const char *tofs,
2801 recvflags_t *flags, nvlist_t *stream_nv, avl_tree_t *stream_avl,
2802 nvlist_t *renamed)
2803 {
2804 nvlist_t *local_nv, *deleted = NULL;
2805 avl_tree_t *local_avl;
2806 nvpair_t *fselem, *nextfselem;
2807 char *fromsnap;
2808 char newname[ZFS_MAX_DATASET_NAME_LEN];
2809 char guidname[32];
2810 int error;
2811 boolean_t needagain, progress, recursive;
2812 char *s1, *s2;
2813
2814 VERIFY(0 == nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap));
2815
2816 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
2817 ENOENT);
2818
2819 if (flags->dryrun)
2820 return (0);
2821
2822 again:
2823 needagain = progress = B_FALSE;
2824
2825 VERIFY(0 == nvlist_alloc(&deleted, NV_UNIQUE_NAME, 0));
2826
2827 if ((error = gather_nvlist(hdl, tofs, fromsnap, NULL,
2828 recursive, B_TRUE, B_FALSE, B_FALSE, &local_nv, &local_avl)) != 0)
2829 return (error);
2830
2831 /*
2832 * Process deletes and renames
2833 */
2834 for (fselem = nvlist_next_nvpair(local_nv, NULL);
2835 fselem; fselem = nextfselem) {
2836 nvlist_t *nvfs, *snaps;
2837 nvlist_t *stream_nvfs = NULL;
2838 nvpair_t *snapelem, *nextsnapelem;
2839 uint64_t fromguid = 0;
2840 uint64_t originguid = 0;
2841 uint64_t stream_originguid = 0;
2842 uint64_t parent_fromsnap_guid, stream_parent_fromsnap_guid;
2843 char *fsname, *stream_fsname;
2844
2845 nextfselem = nvlist_next_nvpair(local_nv, fselem);
2846
2847 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs));
2848 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps));
2849 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname));
2850 VERIFY(0 == nvlist_lookup_uint64(nvfs, "parentfromsnap",
2851 &parent_fromsnap_guid));
2852 (void) nvlist_lookup_uint64(nvfs, "origin", &originguid);
2853
2854 /*
2855 * First find the stream's fs, so we can check for
2856 * a different origin (due to "zfs promote")
2857 */
2858 for (snapelem = nvlist_next_nvpair(snaps, NULL);
2859 snapelem; snapelem = nvlist_next_nvpair(snaps, snapelem)) {
2860 uint64_t thisguid;
2861
2862 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid));
2863 stream_nvfs = fsavl_find(stream_avl, thisguid, NULL);
2864
2865 if (stream_nvfs != NULL)
2866 break;
2867 }
2868
2869 /* check for promote */
2870 (void) nvlist_lookup_uint64(stream_nvfs, "origin",
2871 &stream_originguid);
2872 if (stream_nvfs && originguid != stream_originguid) {
2873 switch (created_before(hdl, local_avl,
2874 stream_originguid, originguid)) {
2875 case 1: {
2876 /* promote it! */
2877 nvlist_t *origin_nvfs;
2878 char *origin_fsname;
2879
2880 origin_nvfs = fsavl_find(local_avl, originguid,
2881 NULL);
2882 VERIFY(0 == nvlist_lookup_string(origin_nvfs,
2883 "name", &origin_fsname));
2884 error = recv_promote(hdl, fsname, origin_fsname,
2885 flags);
2886 if (error == 0)
2887 progress = B_TRUE;
2888 break;
2889 }
2890 default:
2891 break;
2892 case -1:
2893 fsavl_destroy(local_avl);
2894 nvlist_free(local_nv);
2895 return (-1);
2896 }
2897 /*
2898 * We had/have the wrong origin, therefore our
2899 * list of snapshots is wrong. Need to handle
2900 * them on the next pass.
2901 */
2902 needagain = B_TRUE;
2903 continue;
2904 }
2905
2906 for (snapelem = nvlist_next_nvpair(snaps, NULL);
2907 snapelem; snapelem = nextsnapelem) {
2908 uint64_t thisguid;
2909 char *stream_snapname;
2910 nvlist_t *found, *props;
2911
2912 nextsnapelem = nvlist_next_nvpair(snaps, snapelem);
2913
2914 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid));
2915 found = fsavl_find(stream_avl, thisguid,
2916 &stream_snapname);
2917
2918 /* check for delete */
2919 if (found == NULL) {
2920 char name[ZFS_MAX_DATASET_NAME_LEN];
2921
2922 if (!flags->force)
2923 continue;
2924
2925 (void) snprintf(name, sizeof (name), "%s@%s",
2926 fsname, nvpair_name(snapelem));
2927
2928 error = recv_destroy(hdl, name,
2929 strlen(fsname)+1, newname, flags);
2930 if (error)
2931 needagain = B_TRUE;
2932 else
2933 progress = B_TRUE;
2934 sprintf(guidname, "%llu",
2935 (u_longlong_t)thisguid);
2936 nvlist_add_boolean(deleted, guidname);
2937 continue;
2938 }
2939
2940 stream_nvfs = found;
2941
2942 if (0 == nvlist_lookup_nvlist(stream_nvfs, "snapprops",
2943 &props) && 0 == nvlist_lookup_nvlist(props,
2944 stream_snapname, &props)) {
2945 zfs_cmd_t zc = {"\0"};
2946
2947 zc.zc_cookie = B_TRUE; /* received */
2948 (void) snprintf(zc.zc_name, sizeof (zc.zc_name),
2949 "%s@%s", fsname, nvpair_name(snapelem));
2950 if (zcmd_write_src_nvlist(hdl, &zc,
2951 props) == 0) {
2952 (void) zfs_ioctl(hdl,
2953 ZFS_IOC_SET_PROP, &zc);
2954 zcmd_free_nvlists(&zc);
2955 }
2956 }
2957
2958 /* check for different snapname */
2959 if (strcmp(nvpair_name(snapelem),
2960 stream_snapname) != 0) {
2961 char name[ZFS_MAX_DATASET_NAME_LEN];
2962 char tryname[ZFS_MAX_DATASET_NAME_LEN];
2963
2964 (void) snprintf(name, sizeof (name), "%s@%s",
2965 fsname, nvpair_name(snapelem));
2966 (void) snprintf(tryname, sizeof (name), "%s@%s",
2967 fsname, stream_snapname);
2968
2969 error = recv_rename(hdl, name, tryname,
2970 strlen(fsname)+1, newname, flags);
2971 if (error)
2972 needagain = B_TRUE;
2973 else
2974 progress = B_TRUE;
2975 }
2976
2977 if (strcmp(stream_snapname, fromsnap) == 0)
2978 fromguid = thisguid;
2979 }
2980
2981 /* check for delete */
2982 if (stream_nvfs == NULL) {
2983 if (!flags->force)
2984 continue;
2985
2986 error = recv_destroy(hdl, fsname, strlen(tofs)+1,
2987 newname, flags);
2988 if (error)
2989 needagain = B_TRUE;
2990 else
2991 progress = B_TRUE;
2992 sprintf(guidname, "%llu",
2993 (u_longlong_t)parent_fromsnap_guid);
2994 nvlist_add_boolean(deleted, guidname);
2995 continue;
2996 }
2997
2998 if (fromguid == 0) {
2999 if (flags->verbose) {
3000 (void) printf("local fs %s does not have "
3001 "fromsnap (%s in stream); must have "
3002 "been deleted locally; ignoring\n",
3003 fsname, fromsnap);
3004 }
3005 continue;
3006 }
3007
3008 VERIFY(0 == nvlist_lookup_string(stream_nvfs,
3009 "name", &stream_fsname));
3010 VERIFY(0 == nvlist_lookup_uint64(stream_nvfs,
3011 "parentfromsnap", &stream_parent_fromsnap_guid));
3012
3013 s1 = strrchr(fsname, '/');
3014 s2 = strrchr(stream_fsname, '/');
3015
3016 /*
3017 * Check if we're going to rename based on parent guid change
3018 * and the current parent guid was also deleted. If it was then
3019 * rename will fail and is likely unneeded, so avoid this and
3020 * force an early retry to determine the new
3021 * parent_fromsnap_guid.
3022 */
3023 if (stream_parent_fromsnap_guid != 0 &&
3024 parent_fromsnap_guid != 0 &&
3025 stream_parent_fromsnap_guid != parent_fromsnap_guid) {
3026 sprintf(guidname, "%llu",
3027 (u_longlong_t)parent_fromsnap_guid);
3028 if (nvlist_exists(deleted, guidname)) {
3029 progress = B_TRUE;
3030 needagain = B_TRUE;
3031 goto doagain;
3032 }
3033 }
3034
3035 /*
3036 * Check for rename. If the exact receive path is specified, it
3037 * does not count as a rename, but we still need to check the
3038 * datasets beneath it.
3039 */
3040 if ((stream_parent_fromsnap_guid != 0 &&
3041 parent_fromsnap_guid != 0 &&
3042 stream_parent_fromsnap_guid != parent_fromsnap_guid) ||
3043 ((flags->isprefix || strcmp(tofs, fsname) != 0) &&
3044 (s1 != NULL) && (s2 != NULL) && strcmp(s1, s2) != 0)) {
3045 nvlist_t *parent;
3046 char tryname[ZFS_MAX_DATASET_NAME_LEN];
3047
3048 parent = fsavl_find(local_avl,
3049 stream_parent_fromsnap_guid, NULL);
3050 /*
3051 * NB: parent might not be found if we used the
3052 * tosnap for stream_parent_fromsnap_guid,
3053 * because the parent is a newly-created fs;
3054 * we'll be able to rename it after we recv the
3055 * new fs.
3056 */
3057 if (parent != NULL) {
3058 char *pname;
3059
3060 VERIFY(0 == nvlist_lookup_string(parent, "name",
3061 &pname));
3062 (void) snprintf(tryname, sizeof (tryname),
3063 "%s%s", pname, strrchr(stream_fsname, '/'));
3064 } else {
3065 tryname[0] = '\0';
3066 if (flags->verbose) {
3067 (void) printf("local fs %s new parent "
3068 "not found\n", fsname);
3069 }
3070 }
3071
3072 newname[0] = '\0';
3073
3074 error = recv_rename(hdl, fsname, tryname,
3075 strlen(tofs)+1, newname, flags);
3076
3077 if (renamed != NULL && newname[0] != '\0') {
3078 VERIFY(0 == nvlist_add_boolean(renamed,
3079 newname));
3080 }
3081
3082 if (error)
3083 needagain = B_TRUE;
3084 else
3085 progress = B_TRUE;
3086 }
3087 }
3088
3089 doagain:
3090 fsavl_destroy(local_avl);
3091 nvlist_free(local_nv);
3092 nvlist_free(deleted);
3093
3094 if (needagain && progress) {
3095 /* do another pass to fix up temporary names */
3096 if (flags->verbose)
3097 (void) printf("another pass:\n");
3098 goto again;
3099 }
3100
3101 return (needagain || error != 0);
3102 }
3103
3104 static int
3105 zfs_receive_package(libzfs_handle_t *hdl, int fd, const char *destname,
3106 recvflags_t *flags, dmu_replay_record_t *drr, zio_cksum_t *zc,
3107 char **top_zfs, int cleanup_fd, uint64_t *action_handlep,
3108 nvlist_t *cmdprops)
3109 {
3110 nvlist_t *stream_nv = NULL;
3111 avl_tree_t *stream_avl = NULL;
3112 char *fromsnap = NULL;
3113 char *sendsnap = NULL;
3114 char *cp;
3115 char tofs[ZFS_MAX_DATASET_NAME_LEN];
3116 char sendfs[ZFS_MAX_DATASET_NAME_LEN];
3117 char errbuf[1024];
3118 dmu_replay_record_t drre;
3119 int error;
3120 boolean_t anyerr = B_FALSE;
3121 boolean_t softerr = B_FALSE;
3122 boolean_t recursive, raw;
3123
3124 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3125 "cannot receive"));
3126
3127 assert(drr->drr_type == DRR_BEGIN);
3128 assert(drr->drr_u.drr_begin.drr_magic == DMU_BACKUP_MAGIC);
3129 assert(DMU_GET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo) ==
3130 DMU_COMPOUNDSTREAM);
3131
3132 /*
3133 * Read in the nvlist from the stream.
3134 */
3135 if (drr->drr_payloadlen != 0) {
3136 error = recv_read_nvlist(hdl, fd, drr->drr_payloadlen,
3137 &stream_nv, flags->byteswap, zc);
3138 if (error) {
3139 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3140 goto out;
3141 }
3142 }
3143
3144 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
3145 ENOENT);
3146 raw = (nvlist_lookup_boolean(stream_nv, "raw") == 0);
3147
3148 if (recursive && strchr(destname, '@')) {
3149 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3150 "cannot specify snapshot name for multi-snapshot stream"));
3151 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3152 goto out;
3153 }
3154
3155 /*
3156 * Read in the end record and verify checksum.
3157 */
3158 if (0 != (error = recv_read(hdl, fd, &drre, sizeof (drre),
3159 flags->byteswap, NULL)))
3160 goto out;
3161 if (flags->byteswap) {
3162 drre.drr_type = BSWAP_32(drre.drr_type);
3163 drre.drr_u.drr_end.drr_checksum.zc_word[0] =
3164 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[0]);
3165 drre.drr_u.drr_end.drr_checksum.zc_word[1] =
3166 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[1]);
3167 drre.drr_u.drr_end.drr_checksum.zc_word[2] =
3168 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[2]);
3169 drre.drr_u.drr_end.drr_checksum.zc_word[3] =
3170 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[3]);
3171 }
3172 if (drre.drr_type != DRR_END) {
3173 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3174 goto out;
3175 }
3176 if (!ZIO_CHECKSUM_EQUAL(drre.drr_u.drr_end.drr_checksum, *zc)) {
3177 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3178 "incorrect header checksum"));
3179 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3180 goto out;
3181 }
3182
3183 (void) nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap);
3184
3185 if (drr->drr_payloadlen != 0) {
3186 nvlist_t *stream_fss;
3187
3188 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss",
3189 &stream_fss));
3190 if ((stream_avl = fsavl_create(stream_fss)) == NULL) {
3191 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3192 "couldn't allocate avl tree"));
3193 error = zfs_error(hdl, EZFS_NOMEM, errbuf);
3194 goto out;
3195 }
3196
3197 if (fromsnap != NULL && recursive) {
3198 nvlist_t *renamed = NULL;
3199 nvpair_t *pair = NULL;
3200
3201 (void) strlcpy(tofs, destname, sizeof (tofs));
3202 if (flags->isprefix) {
3203 struct drr_begin *drrb = &drr->drr_u.drr_begin;
3204 int i;
3205
3206 if (flags->istail) {
3207 cp = strrchr(drrb->drr_toname, '/');
3208 if (cp == NULL) {
3209 (void) strlcat(tofs, "/",
3210 sizeof (tofs));
3211 i = 0;
3212 } else {
3213 i = (cp - drrb->drr_toname);
3214 }
3215 } else {
3216 i = strcspn(drrb->drr_toname, "/@");
3217 }
3218 /* zfs_receive_one() will create_parents() */
3219 (void) strlcat(tofs, &drrb->drr_toname[i],
3220 sizeof (tofs));
3221 *strchr(tofs, '@') = '\0';
3222 }
3223
3224 if (!flags->dryrun && !flags->nomount) {
3225 VERIFY(0 == nvlist_alloc(&renamed,
3226 NV_UNIQUE_NAME, 0));
3227 }
3228
3229 softerr = recv_incremental_replication(hdl, tofs, flags,
3230 stream_nv, stream_avl, renamed);
3231
3232 /* Unmount renamed filesystems before receiving. */
3233 while ((pair = nvlist_next_nvpair(renamed,
3234 pair)) != NULL) {
3235 zfs_handle_t *zhp;
3236 prop_changelist_t *clp = NULL;
3237
3238 zhp = zfs_open(hdl, nvpair_name(pair),
3239 ZFS_TYPE_FILESYSTEM);
3240 if (zhp != NULL) {
3241 clp = changelist_gather(zhp,
3242 ZFS_PROP_MOUNTPOINT, 0, 0);
3243 zfs_close(zhp);
3244 if (clp != NULL) {
3245 softerr |=
3246 changelist_prefix(clp);
3247 changelist_free(clp);
3248 }
3249 }
3250 }
3251
3252 nvlist_free(renamed);
3253 }
3254 }
3255
3256 /*
3257 * Get the fs specified by the first path in the stream (the top level
3258 * specified by 'zfs send') and pass it to each invocation of
3259 * zfs_receive_one().
3260 */
3261 (void) strlcpy(sendfs, drr->drr_u.drr_begin.drr_toname,
3262 sizeof (sendfs));
3263 if ((cp = strchr(sendfs, '@')) != NULL) {
3264 *cp = '\0';
3265 /*
3266 * Find the "sendsnap", the final snapshot in a replication
3267 * stream. zfs_receive_one() handles certain errors
3268 * differently, depending on if the contained stream is the
3269 * last one or not.
3270 */
3271 sendsnap = (cp + 1);
3272 }
3273
3274 /* Finally, receive each contained stream */
3275 do {
3276 /*
3277 * we should figure out if it has a recoverable
3278 * error, in which case do a recv_skip() and drive on.
3279 * Note, if we fail due to already having this guid,
3280 * zfs_receive_one() will take care of it (ie,
3281 * recv_skip() and return 0).
3282 */
3283 error = zfs_receive_impl(hdl, destname, NULL, flags, fd,
3284 sendfs, stream_nv, stream_avl, top_zfs, cleanup_fd,
3285 action_handlep, sendsnap, cmdprops);
3286 if (error == ENODATA) {
3287 error = 0;
3288 break;
3289 }
3290 anyerr |= error;
3291 } while (error == 0);
3292
3293 if (drr->drr_payloadlen != 0 && recursive && fromsnap != NULL) {
3294 /*
3295 * Now that we have the fs's they sent us, try the
3296 * renames again.
3297 */
3298 softerr = recv_incremental_replication(hdl, tofs, flags,
3299 stream_nv, stream_avl, NULL);
3300 }
3301
3302 if (raw && softerr == 0) {
3303 softerr = recv_fix_encryption_heirarchy(hdl, destname,
3304 stream_nv, stream_avl);
3305 }
3306
3307 out:
3308 fsavl_destroy(stream_avl);
3309 nvlist_free(stream_nv);
3310 if (softerr)
3311 error = -2;
3312 if (anyerr)
3313 error = -1;
3314 return (error);
3315 }
3316
3317 static void
3318 trunc_prop_errs(int truncated)
3319 {
3320 ASSERT(truncated != 0);
3321
3322 if (truncated == 1)
3323 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
3324 "1 more property could not be set\n"));
3325 else
3326 (void) fprintf(stderr, dgettext(TEXT_DOMAIN,
3327 "%d more properties could not be set\n"), truncated);
3328 }
3329
3330 static int
3331 recv_skip(libzfs_handle_t *hdl, int fd, boolean_t byteswap)
3332 {
3333 dmu_replay_record_t *drr;
3334 void *buf = zfs_alloc(hdl, SPA_MAXBLOCKSIZE);
3335 char errbuf[1024];
3336
3337 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3338 "cannot receive:"));
3339
3340 /* XXX would be great to use lseek if possible... */
3341 drr = buf;
3342
3343 while (recv_read(hdl, fd, drr, sizeof (dmu_replay_record_t),
3344 byteswap, NULL) == 0) {
3345 if (byteswap)
3346 drr->drr_type = BSWAP_32(drr->drr_type);
3347
3348 switch (drr->drr_type) {
3349 case DRR_BEGIN:
3350 if (drr->drr_payloadlen != 0) {
3351 (void) recv_read(hdl, fd, buf,
3352 drr->drr_payloadlen, B_FALSE, NULL);
3353 }
3354 break;
3355
3356 case DRR_END:
3357 free(buf);
3358 return (0);
3359
3360 case DRR_OBJECT:
3361 if (byteswap) {
3362 drr->drr_u.drr_object.drr_bonuslen =
3363 BSWAP_32(drr->drr_u.drr_object.
3364 drr_bonuslen);
3365 }
3366 (void) recv_read(hdl, fd, buf,
3367 P2ROUNDUP(drr->drr_u.drr_object.drr_bonuslen, 8),
3368 B_FALSE, NULL);
3369 break;
3370
3371 case DRR_WRITE:
3372 if (byteswap) {
3373 drr->drr_u.drr_write.drr_logical_size =
3374 BSWAP_64(
3375 drr->drr_u.drr_write.drr_logical_size);
3376 drr->drr_u.drr_write.drr_compressed_size =
3377 BSWAP_64(
3378 drr->drr_u.drr_write.drr_compressed_size);
3379 }
3380 uint64_t payload_size =
3381 DRR_WRITE_PAYLOAD_SIZE(&drr->drr_u.drr_write);
3382 (void) recv_read(hdl, fd, buf,
3383 payload_size, B_FALSE, NULL);
3384 break;
3385 case DRR_SPILL:
3386 if (byteswap) {
3387 drr->drr_u.drr_spill.drr_length =
3388 BSWAP_64(drr->drr_u.drr_spill.drr_length);
3389 }
3390 (void) recv_read(hdl, fd, buf,
3391 drr->drr_u.drr_spill.drr_length, B_FALSE, NULL);
3392 break;
3393 case DRR_WRITE_EMBEDDED:
3394 if (byteswap) {
3395 drr->drr_u.drr_write_embedded.drr_psize =
3396 BSWAP_32(drr->drr_u.drr_write_embedded.
3397 drr_psize);
3398 }
3399 (void) recv_read(hdl, fd, buf,
3400 P2ROUNDUP(drr->drr_u.drr_write_embedded.drr_psize,
3401 8), B_FALSE, NULL);
3402 break;
3403 case DRR_WRITE_BYREF:
3404 case DRR_FREEOBJECTS:
3405 case DRR_FREE:
3406 break;
3407
3408 default:
3409 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3410 "invalid record type"));
3411 free(buf);
3412 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
3413 }
3414 }
3415
3416 free(buf);
3417 return (-1);
3418 }
3419
3420 static void
3421 recv_ecksum_set_aux(libzfs_handle_t *hdl, const char *target_snap,
3422 boolean_t resumable)
3423 {
3424 char target_fs[ZFS_MAX_DATASET_NAME_LEN];
3425
3426 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3427 "checksum mismatch or incomplete stream"));
3428
3429 if (!resumable)
3430 return;
3431 (void) strlcpy(target_fs, target_snap, sizeof (target_fs));
3432 *strchr(target_fs, '@') = '\0';
3433 zfs_handle_t *zhp = zfs_open(hdl, target_fs,
3434 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
3435 if (zhp == NULL)
3436 return;
3437
3438 char token_buf[ZFS_MAXPROPLEN];
3439 int error = zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
3440 token_buf, sizeof (token_buf),
3441 NULL, NULL, 0, B_TRUE);
3442 if (error == 0) {
3443 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3444 "checksum mismatch or incomplete stream.\n"
3445 "Partially received snapshot is saved.\n"
3446 "A resuming stream can be generated on the sending "
3447 "system by running:\n"
3448 " zfs send -t %s"),
3449 token_buf);
3450 }
3451 zfs_close(zhp);
3452 }
3453
3454 /*
3455 * Prepare a new nvlist of properties that are to override (-o) or be excluded
3456 * (-x) from the received dataset
3457 * recvprops: received properties from the send stream
3458 * cmdprops: raw input properties from command line
3459 * origprops: properties, both locally-set and received, currently set on the
3460 * target dataset if it exists, NULL otherwise.
3461 * oxprops: valid output override (-o) and excluded (-x) properties
3462 */
3463 static int
3464 zfs_setup_cmdline_props(libzfs_handle_t *hdl, zfs_type_t type,
3465 char *fsname, boolean_t zoned, boolean_t recursive, boolean_t newfs,
3466 boolean_t raw, boolean_t toplevel, nvlist_t *recvprops, nvlist_t *cmdprops,
3467 nvlist_t *origprops, nvlist_t **oxprops, uint8_t **wkeydata_out,
3468 uint_t *wkeylen_out, const char *errbuf)
3469 {
3470 nvpair_t *nvp;
3471 nvlist_t *oprops, *voprops;
3472 zfs_handle_t *zhp = NULL;
3473 zpool_handle_t *zpool_hdl = NULL;
3474 char *cp;
3475 int ret = 0;
3476 char namebuf[ZFS_MAX_DATASET_NAME_LEN];
3477
3478 if (nvlist_empty(cmdprops))
3479 return (0); /* No properties to override or exclude */
3480
3481 *oxprops = fnvlist_alloc();
3482 oprops = fnvlist_alloc();
3483
3484 strlcpy(namebuf, fsname, ZFS_MAX_DATASET_NAME_LEN);
3485
3486 /*
3487 * Get our dataset handle. The target dataset may not exist yet.
3488 */
3489 if (zfs_dataset_exists(hdl, namebuf, ZFS_TYPE_DATASET)) {
3490 zhp = zfs_open(hdl, namebuf, ZFS_TYPE_DATASET);
3491 if (zhp == NULL) {
3492 ret = -1;
3493 goto error;
3494 }
3495 }
3496
3497 /* open the zpool handle */
3498 cp = strchr(namebuf, '/');
3499 if (cp != NULL)
3500 *cp = '\0';
3501 zpool_hdl = zpool_open(hdl, namebuf);
3502 if (zpool_hdl == NULL) {
3503 ret = -1;
3504 goto error;
3505 }
3506
3507 /* restore namebuf to match fsname for later use */
3508 if (cp != NULL)
3509 *cp = '/';
3510
3511 /*
3512 * first iteration: process excluded (-x) properties now and gather
3513 * added (-o) properties to be later processed by zfs_valid_proplist()
3514 */
3515 nvp = NULL;
3516 while ((nvp = nvlist_next_nvpair(cmdprops, nvp)) != NULL) {
3517 const char *name = nvpair_name(nvp);
3518 zfs_prop_t prop = zfs_name_to_prop(name);
3519
3520 /* "origin" is processed separately, don't handle it here */
3521 if (prop == ZFS_PROP_ORIGIN)
3522 continue;
3523
3524 /*
3525 * we're trying to override or exclude a property that does not
3526 * make sense for this type of dataset, but we don't want to
3527 * fail if the receive is recursive: this comes in handy when
3528 * the send stream contains, for instance, a child ZVOL and
3529 * we're trying to receive it with "-o atime=on"
3530 */
3531 if (!zfs_prop_valid_for_type(prop, type, B_FALSE) &&
3532 !zfs_prop_user(name)) {
3533 if (recursive)
3534 continue;
3535 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3536 "property '%s' does not apply to datasets of this "
3537 "type"), name);
3538 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
3539 goto error;
3540 }
3541
3542 /* raw streams can't override encryption properties */
3543 if ((zfs_prop_encryption_key_param(prop) ||
3544 prop == ZFS_PROP_ENCRYPTION) && (raw || !newfs)) {
3545 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3546 "encryption property '%s' cannot "
3547 "be set or excluded for raw or incremental "
3548 "streams."), name);
3549 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
3550 goto error;
3551 }
3552
3553 switch (nvpair_type(nvp)) {
3554 case DATA_TYPE_BOOLEAN: /* -x property */
3555 /*
3556 * DATA_TYPE_BOOLEAN is the way we're asked to "exclude"
3557 * a property: this is done by forcing an explicit
3558 * inherit on the destination so the effective value is
3559 * not the one we received from the send stream.
3560 * We do this only if the property is not already
3561 * locally-set, in which case its value will take
3562 * priority over the received anyway.
3563 */
3564 if (nvlist_exists(origprops, name)) {
3565 nvlist_t *attrs;
3566
3567 attrs = fnvlist_lookup_nvlist(origprops, name);
3568 if (strcmp(fnvlist_lookup_string(attrs,
3569 ZPROP_SOURCE), ZPROP_SOURCE_VAL_RECVD) != 0)
3570 continue;
3571 }
3572 /*
3573 * We can't force an explicit inherit on non-inheritable
3574 * properties: if we're asked to exclude this kind of
3575 * values we remove them from "recvprops" input nvlist.
3576 */
3577 if (!zfs_prop_inheritable(prop) &&
3578 !zfs_prop_user(name) && /* can be inherited too */
3579 nvlist_exists(recvprops, name))
3580 fnvlist_remove(recvprops, name);
3581 else
3582 fnvlist_add_nvpair(*oxprops, nvp);
3583 break;
3584 case DATA_TYPE_STRING: /* -o property=value */
3585 fnvlist_add_nvpair(oprops, nvp);
3586 break;
3587 default:
3588 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3589 "property '%s' must be a string or boolean"), name);
3590 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
3591 goto error;
3592 }
3593 }
3594
3595 if (toplevel) {
3596 /* convert override strings properties to native */
3597 if ((voprops = zfs_valid_proplist(hdl, ZFS_TYPE_DATASET,
3598 oprops, zoned, zhp, zpool_hdl, B_FALSE, errbuf)) == NULL) {
3599 ret = zfs_error(hdl, EZFS_BADPROP, errbuf);
3600 goto error;
3601 }
3602
3603 /*
3604 * zfs_crypto_create() requires the parent name. Get it
3605 * by truncating the fsname copy stored in namebuf.
3606 */
3607 cp = strrchr(namebuf, '/');
3608 if (cp != NULL)
3609 *cp = '\0';
3610
3611 if (!raw && zfs_crypto_create(hdl, namebuf, voprops, NULL,
3612 B_FALSE, wkeydata_out, wkeylen_out) != 0) {
3613 fnvlist_free(voprops);
3614 ret = zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf);
3615 goto error;
3616 }
3617
3618 /* second pass: process "-o" properties */
3619 fnvlist_merge(*oxprops, voprops);
3620 fnvlist_free(voprops);
3621 } else {
3622 /* override props on child dataset are inherited */
3623 nvp = NULL;
3624 while ((nvp = nvlist_next_nvpair(oprops, nvp)) != NULL) {
3625 const char *name = nvpair_name(nvp);
3626 fnvlist_add_boolean(*oxprops, name);
3627 }
3628 }
3629
3630 error:
3631 if (zhp != NULL)
3632 zfs_close(zhp);
3633 if (zpool_hdl != NULL)
3634 zpool_close(zpool_hdl);
3635 fnvlist_free(oprops);
3636 return (ret);
3637 }
3638
3639 /*
3640 * Restores a backup of tosnap from the file descriptor specified by infd.
3641 */
3642 static int
3643 zfs_receive_one(libzfs_handle_t *hdl, int infd, const char *tosnap,
3644 const char *originsnap, recvflags_t *flags, dmu_replay_record_t *drr,
3645 dmu_replay_record_t *drr_noswap, const char *sendfs, nvlist_t *stream_nv,
3646 avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd,
3647 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops)
3648 {
3649 time_t begin_time;
3650 int ioctl_err, ioctl_errno, err;
3651 char *cp;
3652 struct drr_begin *drrb = &drr->drr_u.drr_begin;
3653 char errbuf[1024];
3654 const char *chopprefix;
3655 boolean_t newfs = B_FALSE;
3656 boolean_t stream_wantsnewfs;
3657 boolean_t newprops = B_FALSE;
3658 uint64_t read_bytes = 0;
3659 uint64_t errflags = 0;
3660 uint64_t parent_snapguid = 0;
3661 prop_changelist_t *clp = NULL;
3662 nvlist_t *snapprops_nvlist = NULL;
3663 zprop_errflags_t prop_errflags;
3664 nvlist_t *prop_errors = NULL;
3665 boolean_t recursive;
3666 char *snapname = NULL;
3667 char destsnap[MAXPATHLEN * 2];
3668 char origin[MAXNAMELEN];
3669 char name[MAXPATHLEN];
3670 char tmp_keylocation[MAXNAMELEN];
3671 nvlist_t *rcvprops = NULL; /* props received from the send stream */
3672 nvlist_t *oxprops = NULL; /* override (-o) and exclude (-x) props */
3673 nvlist_t *origprops = NULL; /* original props (if destination exists) */
3674 zfs_type_t type;
3675 boolean_t toplevel = B_FALSE;
3676 boolean_t zoned = B_FALSE;
3677 boolean_t hastoken = B_FALSE;
3678 uint8_t *wkeydata = NULL;
3679 uint_t wkeylen = 0;
3680
3681 begin_time = time(NULL);
3682 bzero(origin, MAXNAMELEN);
3683 bzero(tmp_keylocation, MAXNAMELEN);
3684
3685 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3686 "cannot receive"));
3687
3688 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") ==
3689 ENOENT);
3690
3691 if (stream_avl != NULL) {
3692 char *keylocation = NULL;
3693 nvlist_t *lookup = NULL;
3694 nvlist_t *fs = fsavl_find(stream_avl, drrb->drr_toguid,
3695 &snapname);
3696
3697 (void) nvlist_lookup_uint64(fs, "parentfromsnap",
3698 &parent_snapguid);
3699 err = nvlist_lookup_nvlist(fs, "props", &rcvprops);
3700 if (err) {
3701 VERIFY(0 == nvlist_alloc(&rcvprops, NV_UNIQUE_NAME, 0));
3702 newprops = B_TRUE;
3703 }
3704
3705 /*
3706 * The keylocation property may only be set on encryption roots,
3707 * but this dataset might not become an encryption root until
3708 * recv_fix_encryption_heirarchy() is called. That function
3709 * will fixup the keylocation anyway, so we temporarily unset
3710 * the keylocation for now to avoid any errors from the receive
3711 * ioctl.
3712 */
3713 err = nvlist_lookup_string(rcvprops,
3714 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation);
3715 if (err == 0) {
3716 strcpy(tmp_keylocation, keylocation);
3717 (void) nvlist_remove_all(rcvprops,
3718 zfs_prop_to_name(ZFS_PROP_KEYLOCATION));
3719 }
3720
3721 if (flags->canmountoff) {
3722 VERIFY(0 == nvlist_add_uint64(rcvprops,
3723 zfs_prop_to_name(ZFS_PROP_CANMOUNT), 0));
3724 }
3725 if (0 == nvlist_lookup_nvlist(fs, "snapprops", &lookup)) {
3726 VERIFY(0 == nvlist_lookup_nvlist(lookup,
3727 snapname, &snapprops_nvlist));
3728 }
3729 }
3730
3731 cp = NULL;
3732
3733 /*
3734 * Determine how much of the snapshot name stored in the stream
3735 * we are going to tack on to the name they specified on the
3736 * command line, and how much we are going to chop off.
3737 *
3738 * If they specified a snapshot, chop the entire name stored in
3739 * the stream.
3740 */
3741 if (flags->istail) {
3742 /*
3743 * A filesystem was specified with -e. We want to tack on only
3744 * the tail of the sent snapshot path.
3745 */
3746 if (strchr(tosnap, '@')) {
3747 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
3748 "argument - snapshot not allowed with -e"));
3749 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
3750 goto out;
3751 }
3752
3753 chopprefix = strrchr(sendfs, '/');
3754
3755 if (chopprefix == NULL) {
3756 /*
3757 * The tail is the poolname, so we need to
3758 * prepend a path separator.
3759 */
3760 int len = strlen(drrb->drr_toname);
3761 cp = malloc(len + 2);
3762 cp[0] = '/';
3763 (void) strcpy(&cp[1], drrb->drr_toname);
3764 chopprefix = cp;
3765 } else {
3766 chopprefix = drrb->drr_toname + (chopprefix - sendfs);
3767 }
3768 } else if (flags->isprefix) {
3769 /*
3770 * A filesystem was specified with -d. We want to tack on
3771 * everything but the first element of the sent snapshot path
3772 * (all but the pool name).
3773 */
3774 if (strchr(tosnap, '@')) {
3775 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
3776 "argument - snapshot not allowed with -d"));
3777 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
3778 goto out;
3779 }
3780
3781 chopprefix = strchr(drrb->drr_toname, '/');
3782 if (chopprefix == NULL)
3783 chopprefix = strchr(drrb->drr_toname, '@');
3784 } else if (strchr(tosnap, '@') == NULL) {
3785 /*
3786 * If a filesystem was specified without -d or -e, we want to
3787 * tack on everything after the fs specified by 'zfs send'.
3788 */
3789 chopprefix = drrb->drr_toname + strlen(sendfs);
3790 } else {
3791 /* A snapshot was specified as an exact path (no -d or -e). */
3792 if (recursive) {
3793 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3794 "cannot specify snapshot name for multi-snapshot "
3795 "stream"));
3796 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
3797 goto out;
3798 }
3799 chopprefix = drrb->drr_toname + strlen(drrb->drr_toname);
3800 }
3801
3802 ASSERT(strstr(drrb->drr_toname, sendfs) == drrb->drr_toname);
3803 ASSERT(chopprefix > drrb->drr_toname);
3804 ASSERT(chopprefix <= drrb->drr_toname + strlen(drrb->drr_toname));
3805 ASSERT(chopprefix[0] == '/' || chopprefix[0] == '@' ||
3806 chopprefix[0] == '\0');
3807
3808 /*
3809 * Determine name of destination snapshot.
3810 */
3811 (void) strlcpy(destsnap, tosnap, sizeof (destsnap));
3812 (void) strlcat(destsnap, chopprefix, sizeof (destsnap));
3813 free(cp);
3814 if (!zfs_name_valid(destsnap, ZFS_TYPE_SNAPSHOT)) {
3815 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
3816 goto out;
3817 }
3818
3819 /*
3820 * Determine the name of the origin snapshot.
3821 */
3822 if (originsnap) {
3823 (void) strlcpy(origin, originsnap, sizeof (origin));
3824 if (flags->verbose)
3825 (void) printf("using provided clone origin %s\n",
3826 origin);
3827 } else if (drrb->drr_flags & DRR_FLAG_CLONE) {
3828 if (guid_to_name(hdl, destsnap,
3829 drrb->drr_fromguid, B_FALSE, origin) != 0) {
3830 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3831 "local origin for clone %s does not exist"),
3832 destsnap);
3833 err = zfs_error(hdl, EZFS_NOENT, errbuf);
3834 goto out;
3835 }
3836 if (flags->verbose)
3837 (void) printf("found clone origin %s\n", origin);
3838 }
3839
3840 boolean_t resuming = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
3841 DMU_BACKUP_FEATURE_RESUMING;
3842 boolean_t raw = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
3843 DMU_BACKUP_FEATURE_RAW;
3844 boolean_t embedded = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
3845 DMU_BACKUP_FEATURE_EMBED_DATA;
3846 stream_wantsnewfs = (drrb->drr_fromguid == 0 ||
3847 (drrb->drr_flags & DRR_FLAG_CLONE) || originsnap) && !resuming;
3848
3849 if (stream_wantsnewfs) {
3850 /*
3851 * if the parent fs does not exist, look for it based on
3852 * the parent snap GUID
3853 */
3854 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3855 "cannot receive new filesystem stream"));
3856
3857 (void) strcpy(name, destsnap);
3858 cp = strrchr(name, '/');
3859 if (cp)
3860 *cp = '\0';
3861 if (cp &&
3862 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
3863 char suffix[ZFS_MAX_DATASET_NAME_LEN];
3864 (void) strcpy(suffix, strrchr(destsnap, '/'));
3865 if (guid_to_name(hdl, name, parent_snapguid,
3866 B_FALSE, destsnap) == 0) {
3867 *strchr(destsnap, '@') = '\0';
3868 (void) strcat(destsnap, suffix);
3869 }
3870 }
3871 } else {
3872 /*
3873 * if the fs does not exist, look for it based on the
3874 * fromsnap GUID
3875 */
3876 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3877 "cannot receive incremental stream"));
3878
3879 (void) strcpy(name, destsnap);
3880 *strchr(name, '@') = '\0';
3881
3882 /*
3883 * If the exact receive path was specified and this is the
3884 * topmost path in the stream, then if the fs does not exist we
3885 * should look no further.
3886 */
3887 if ((flags->isprefix || (*(chopprefix = drrb->drr_toname +
3888 strlen(sendfs)) != '\0' && *chopprefix != '@')) &&
3889 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
3890 char snap[ZFS_MAX_DATASET_NAME_LEN];
3891 (void) strcpy(snap, strchr(destsnap, '@'));
3892 if (guid_to_name(hdl, name, drrb->drr_fromguid,
3893 B_FALSE, destsnap) == 0) {
3894 *strchr(destsnap, '@') = '\0';
3895 (void) strcat(destsnap, snap);
3896 }
3897 }
3898 }
3899
3900 (void) strcpy(name, destsnap);
3901 *strchr(name, '@') = '\0';
3902
3903 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) {
3904 zfs_cmd_t zc = {"\0"};
3905 zfs_handle_t *zhp;
3906 boolean_t encrypted;
3907
3908 (void) strcpy(zc.zc_name, name);
3909
3910 /*
3911 * Destination fs exists. It must be one of these cases:
3912 * - an incremental send stream
3913 * - the stream specifies a new fs (full stream or clone)
3914 * and they want us to blow away the existing fs (and
3915 * have therefore specified -F and removed any snapshots)
3916 * - we are resuming a failed receive.
3917 */
3918 if (stream_wantsnewfs) {
3919 if (!flags->force) {
3920 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3921 "destination '%s' exists\n"
3922 "must specify -F to overwrite it"), name);
3923 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
3924 goto out;
3925 }
3926 if (ioctl(hdl->libzfs_fd, ZFS_IOC_SNAPSHOT_LIST_NEXT,
3927 &zc) == 0) {
3928 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3929 "destination has snapshots (eg. %s)\n"
3930 "must destroy them to overwrite it"),
3931 name);
3932 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
3933 goto out;
3934 }
3935 }
3936
3937 if ((zhp = zfs_open(hdl, name,
3938 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME)) == NULL) {
3939 err = -1;
3940 goto out;
3941 }
3942
3943 if (stream_wantsnewfs &&
3944 zhp->zfs_dmustats.dds_origin[0]) {
3945 zfs_close(zhp);
3946 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3947 "destination '%s' is a clone\n"
3948 "must destroy it to overwrite it"), name);
3949 err = zfs_error(hdl, EZFS_EXISTS, errbuf);
3950 goto out;
3951 }
3952
3953 /*
3954 * Raw sends can not be performed as an incremental on top
3955 * of existing unencryppted datasets. zfs recv -F cant be
3956 * used to blow away an existing encrypted filesystem. This
3957 * is because it would require the dsl dir to point to the
3958 * new key (or lack of a key) and the old key at the same
3959 * time. The -F flag may still be used for deleting
3960 * intermediate snapshots that would otherwise prevent the
3961 * receive from working.
3962 */
3963 encrypted = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) !=
3964 ZIO_CRYPT_OFF;
3965 if (!stream_wantsnewfs && !encrypted && raw) {
3966 zfs_close(zhp);
3967 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3968 "cannot perform raw receive on top of "
3969 "existing unencrypted dataset"));
3970 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
3971 goto out;
3972 }
3973
3974 if (stream_wantsnewfs && flags->force &&
3975 ((raw && !encrypted) || encrypted)) {
3976 zfs_close(zhp);
3977 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3978 "zfs receive -F cannot be used to destroy an "
3979 "encrypted filesystem or overwrite an "
3980 "unencrypted one with an encrypted one"));
3981 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
3982 goto out;
3983 }
3984
3985 if (!flags->dryrun && zhp->zfs_type == ZFS_TYPE_FILESYSTEM &&
3986 stream_wantsnewfs) {
3987 /* We can't do online recv in this case */
3988 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0, 0);
3989 if (clp == NULL) {
3990 zfs_close(zhp);
3991 err = -1;
3992 goto out;
3993 }
3994 if (changelist_prefix(clp) != 0) {
3995 changelist_free(clp);
3996 zfs_close(zhp);
3997 err = -1;
3998 goto out;
3999 }
4000 }
4001
4002 /*
4003 * If we are resuming a newfs, set newfs here so that we will
4004 * mount it if the recv succeeds this time. We can tell
4005 * that it was a newfs on the first recv because the fs
4006 * itself will be inconsistent (if the fs existed when we
4007 * did the first recv, we would have received it into
4008 * .../%recv).
4009 */
4010 if (resuming && zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT))
4011 newfs = B_TRUE;
4012
4013 /* we want to know if we're zoned when validating -o|-x props */
4014 zoned = zfs_prop_get_int(zhp, ZFS_PROP_ZONED);
4015
4016 /* may need this info later, get it now we have zhp around */
4017 if (zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN, NULL, 0,
4018 NULL, NULL, 0, B_TRUE) == 0)
4019 hastoken = B_TRUE;
4020
4021 /* gather existing properties on destination */
4022 origprops = fnvlist_alloc();
4023 fnvlist_merge(origprops, zhp->zfs_props);
4024 fnvlist_merge(origprops, zhp->zfs_user_props);
4025
4026 zfs_close(zhp);
4027 } else {
4028 zfs_handle_t *zhp;
4029
4030 /*
4031 * Destination filesystem does not exist. Therefore we better
4032 * be creating a new filesystem (either from a full backup, or
4033 * a clone). It would therefore be invalid if the user
4034 * specified only the pool name (i.e. if the destination name
4035 * contained no slash character).
4036 */
4037 cp = strrchr(name, '/');
4038
4039 if (!stream_wantsnewfs || cp == NULL) {
4040 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4041 "destination '%s' does not exist"), name);
4042 err = zfs_error(hdl, EZFS_NOENT, errbuf);
4043 goto out;
4044 }
4045
4046 /*
4047 * Trim off the final dataset component so we perform the
4048 * recvbackup ioctl to the filesystems's parent.
4049 */
4050 *cp = '\0';
4051
4052 if (flags->isprefix && !flags->istail && !flags->dryrun &&
4053 create_parents(hdl, destsnap, strlen(tosnap)) != 0) {
4054 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4055 goto out;
4056 }
4057
4058 /*
4059 * It is invalid to receive a properties stream that was
4060 * unencrypted on the send side as a child of an encrypted
4061 * parent. Technically there is nothing preventing this, but
4062 * it would mean that the encryption=off property which is
4063 * locally set on the send side would not be received correctly.
4064 * We can infer encryption=off if the stream is not raw and
4065 * properties were included since the send side will only ever
4066 * send the encryption property in a raw nvlist header. This
4067 * check will be avoided if the user specifically overrides
4068 * the encryption property on the command line.
4069 */
4070 if (!raw && rcvprops != NULL &&
4071 !nvlist_exists(cmdprops,
4072 zfs_prop_to_name(ZFS_PROP_ENCRYPTION))) {
4073 uint64_t crypt;
4074
4075 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET);
4076 if (zhp == NULL) {
4077 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4078 goto out;
4079 }
4080
4081 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION);
4082 zfs_close(zhp);
4083
4084 if (crypt != ZIO_CRYPT_OFF) {
4085 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4086 "parent '%s' must not be encrypted to "
4087 "receive unenecrypted property"), name);
4088 err = zfs_error(hdl, EZFS_BADPROP, errbuf);
4089 goto out;
4090 }
4091 }
4092
4093 newfs = B_TRUE;
4094 *cp = '/';
4095 }
4096
4097 if (flags->verbose) {
4098 (void) printf("%s %s stream of %s into %s\n",
4099 flags->dryrun ? "would receive" : "receiving",
4100 drrb->drr_fromguid ? "incremental" : "full",
4101 drrb->drr_toname, destsnap);
4102 (void) fflush(stdout);
4103 }
4104
4105 if (flags->dryrun) {
4106 err = recv_skip(hdl, infd, flags->byteswap);
4107 goto out;
4108 }
4109
4110 if (top_zfs && (*top_zfs == NULL || strcmp(*top_zfs, name) == 0))
4111 toplevel = B_TRUE;
4112 if (drrb->drr_type == DMU_OST_ZVOL) {
4113 type = ZFS_TYPE_VOLUME;
4114 } else if (drrb->drr_type == DMU_OST_ZFS) {
4115 type = ZFS_TYPE_FILESYSTEM;
4116 } else {
4117 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4118 "invalid record type: 0x%d"), drrb->drr_type);
4119 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4120 goto out;
4121 }
4122 if ((err = zfs_setup_cmdline_props(hdl, type, name, zoned, recursive,
4123 stream_wantsnewfs, raw, toplevel, rcvprops, cmdprops, origprops,
4124 &oxprops, &wkeydata, &wkeylen, errbuf)) != 0)
4125 goto out;
4126
4127 err = ioctl_err = lzc_receive_with_cmdprops(destsnap, rcvprops,
4128 oxprops, wkeydata, wkeylen, origin, flags->force, flags->resumable,
4129 raw, infd, drr_noswap, cleanup_fd, &read_bytes, &errflags,
4130 action_handlep, &prop_errors);
4131 ioctl_errno = ioctl_err;
4132 prop_errflags = errflags;
4133
4134 if (err == 0) {
4135 nvpair_t *prop_err = NULL;
4136
4137 while ((prop_err = nvlist_next_nvpair(prop_errors,
4138 prop_err)) != NULL) {
4139 char tbuf[1024];
4140 zfs_prop_t prop;
4141 int intval;
4142
4143 prop = zfs_name_to_prop(nvpair_name(prop_err));
4144 (void) nvpair_value_int32(prop_err, &intval);
4145 if (strcmp(nvpair_name(prop_err),
4146 ZPROP_N_MORE_ERRORS) == 0) {
4147 trunc_prop_errs(intval);
4148 break;
4149 } else if (snapname == NULL || finalsnap == NULL ||
4150 strcmp(finalsnap, snapname) == 0 ||
4151 strcmp(nvpair_name(prop_err),
4152 zfs_prop_to_name(ZFS_PROP_REFQUOTA)) != 0) {
4153 /*
4154 * Skip the special case of, for example,
4155 * "refquota", errors on intermediate
4156 * snapshots leading up to a final one.
4157 * That's why we have all of the checks above.
4158 *
4159 * See zfs_ioctl.c's extract_delay_props() for
4160 * a list of props which can fail on
4161 * intermediate snapshots, but shouldn't
4162 * affect the overall receive.
4163 */
4164 (void) snprintf(tbuf, sizeof (tbuf),
4165 dgettext(TEXT_DOMAIN,
4166 "cannot receive %s property on %s"),
4167 nvpair_name(prop_err), name);
4168 zfs_setprop_error(hdl, prop, intval, tbuf);
4169 }
4170 }
4171 }
4172
4173 if (err == 0 && snapprops_nvlist) {
4174 zfs_cmd_t zc = {"\0"};
4175
4176 (void) strcpy(zc.zc_name, destsnap);
4177 zc.zc_cookie = B_TRUE; /* received */
4178 if (zcmd_write_src_nvlist(hdl, &zc, snapprops_nvlist) == 0) {
4179 (void) zfs_ioctl(hdl, ZFS_IOC_SET_PROP, &zc);
4180 zcmd_free_nvlists(&zc);
4181 }
4182 }
4183
4184 if (err && (ioctl_errno == ENOENT || ioctl_errno == EEXIST)) {
4185 /*
4186 * It may be that this snapshot already exists,
4187 * in which case we want to consume & ignore it
4188 * rather than failing.
4189 */
4190 avl_tree_t *local_avl;
4191 nvlist_t *local_nv, *fs;
4192 cp = strchr(destsnap, '@');
4193
4194 /*
4195 * XXX Do this faster by just iterating over snaps in
4196 * this fs. Also if zc_value does not exist, we will
4197 * get a strange "does not exist" error message.
4198 */
4199 *cp = '\0';
4200 if (gather_nvlist(hdl, destsnap, NULL, NULL, B_FALSE, B_TRUE,
4201 B_FALSE, B_FALSE, &local_nv, &local_avl) == 0) {
4202 *cp = '@';
4203 fs = fsavl_find(local_avl, drrb->drr_toguid, NULL);
4204 fsavl_destroy(local_avl);
4205 nvlist_free(local_nv);
4206
4207 if (fs != NULL) {
4208 if (flags->verbose) {
4209 (void) printf("snap %s already exists; "
4210 "ignoring\n", destsnap);
4211 }
4212 err = ioctl_err = recv_skip(hdl, infd,
4213 flags->byteswap);
4214 }
4215 }
4216 *cp = '@';
4217 }
4218
4219 if (ioctl_err != 0) {
4220 switch (ioctl_errno) {
4221 case ENODEV:
4222 cp = strchr(destsnap, '@');
4223 *cp = '\0';
4224 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4225 "most recent snapshot of %s does not\n"
4226 "match incremental source"), destsnap);
4227 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4228 *cp = '@';
4229 break;
4230 case ETXTBSY:
4231 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4232 "destination %s has been modified\n"
4233 "since most recent snapshot"), name);
4234 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf);
4235 break;
4236 case EACCES:
4237 if (raw && stream_wantsnewfs) {
4238 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4239 "failed to create encryption key"));
4240 } else if (raw && !stream_wantsnewfs) {
4241 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4242 "encryption key does not match "
4243 "existing key"));
4244 } else {
4245 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4246 "inherited key must be loaded"));
4247 }
4248 (void) zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf);
4249 break;
4250 case EEXIST:
4251 cp = strchr(destsnap, '@');
4252 if (newfs) {
4253 /* it's the containing fs that exists */
4254 *cp = '\0';
4255 }
4256 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4257 "destination already exists"));
4258 (void) zfs_error_fmt(hdl, EZFS_EXISTS,
4259 dgettext(TEXT_DOMAIN, "cannot restore to %s"),
4260 destsnap);
4261 *cp = '@';
4262 break;
4263 case EINVAL:
4264 if (flags->resumable)
4265 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4266 "kernel modules must be upgraded to "
4267 "receive this stream."));
4268 if (embedded && !raw)
4269 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4270 "incompatible embedded data stream "
4271 "feature with encrypted receive."));
4272 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4273 break;
4274 case ECKSUM:
4275 recv_ecksum_set_aux(hdl, destsnap, flags->resumable);
4276 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf);
4277 break;
4278 case ENOTSUP:
4279 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4280 "pool must be upgraded to receive this stream."));
4281 (void) zfs_error(hdl, EZFS_BADVERSION, errbuf);
4282 break;
4283 case EDQUOT:
4284 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4285 "destination %s space quota exceeded."), name);
4286 (void) zfs_error(hdl, EZFS_NOSPC, errbuf);
4287 break;
4288 case EBUSY:
4289 if (hastoken) {
4290 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4291 "destination %s contains "
4292 "partially-complete state from "
4293 "\"zfs receive -s\"."), name);
4294 (void) zfs_error(hdl, EZFS_BUSY, errbuf);
4295 break;
4296 }
4297 /* fallthru */
4298 default:
4299 (void) zfs_standard_error(hdl, ioctl_errno, errbuf);
4300 }
4301 }
4302
4303 /*
4304 * Mount the target filesystem (if created). Also mount any
4305 * children of the target filesystem if we did a replication
4306 * receive (indicated by stream_avl being non-NULL).
4307 */
4308 cp = strchr(destsnap, '@');
4309 if (cp && (ioctl_err == 0 || !newfs)) {
4310 zfs_handle_t *h;
4311
4312 *cp = '\0';
4313 h = zfs_open(hdl, destsnap,
4314 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
4315 if (h != NULL) {
4316 if (h->zfs_type == ZFS_TYPE_VOLUME) {
4317 *cp = '@';
4318 } else if (newfs || stream_avl) {
4319 /*
4320 * Track the first/top of hierarchy fs,
4321 * for mounting and sharing later.
4322 */
4323 if (top_zfs && *top_zfs == NULL)
4324 *top_zfs = zfs_strdup(hdl, destsnap);
4325 }
4326 zfs_close(h);
4327 }
4328 *cp = '@';
4329 }
4330
4331 if (clp) {
4332 if (!flags->nomount)
4333 err |= changelist_postfix(clp);
4334 changelist_free(clp);
4335 }
4336
4337 if (prop_errflags & ZPROP_ERR_NOCLEAR) {
4338 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: "
4339 "failed to clear unreceived properties on %s"), name);
4340 (void) fprintf(stderr, "\n");
4341 }
4342 if (prop_errflags & ZPROP_ERR_NORESTORE) {
4343 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: "
4344 "failed to restore original properties on %s"), name);
4345 (void) fprintf(stderr, "\n");
4346 }
4347
4348 if (err || ioctl_err) {
4349 err = -1;
4350 goto out;
4351 }
4352
4353 if (flags->verbose) {
4354 char buf1[64];
4355 char buf2[64];
4356 uint64_t bytes = read_bytes;
4357 time_t delta = time(NULL) - begin_time;
4358 if (delta == 0)
4359 delta = 1;
4360 zfs_nicebytes(bytes, buf1, sizeof (buf1));
4361 zfs_nicebytes(bytes/delta, buf2, sizeof (buf1));
4362
4363 (void) printf("received %s stream in %lu seconds (%s/sec)\n",
4364 buf1, delta, buf2);
4365 }
4366
4367 err = 0;
4368 out:
4369 if (prop_errors != NULL)
4370 nvlist_free(prop_errors);
4371
4372 if (tmp_keylocation[0] != '\0') {
4373 VERIFY(0 == nvlist_add_string(rcvprops,
4374 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), tmp_keylocation));
4375 }
4376
4377 if (newprops)
4378 nvlist_free(rcvprops);
4379
4380 nvlist_free(oxprops);
4381 nvlist_free(origprops);
4382
4383 return (err);
4384 }
4385
4386 /*
4387 * Check properties we were asked to override (both -o|-x)
4388 */
4389 static boolean_t
4390 zfs_receive_checkprops(libzfs_handle_t *hdl, nvlist_t *props,
4391 const char *errbuf)
4392 {
4393 nvpair_t *nvp;
4394 zfs_prop_t prop;
4395 const char *name;
4396
4397 nvp = NULL;
4398 while ((nvp = nvlist_next_nvpair(props, nvp)) != NULL) {
4399 name = nvpair_name(nvp);
4400 prop = zfs_name_to_prop(name);
4401
4402 if (prop == ZPROP_INVAL) {
4403 if (!zfs_prop_user(name)) {
4404 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4405 "invalid property '%s'"), name);
4406 return (B_FALSE);
4407 }
4408 continue;
4409 }
4410 /*
4411 * "origin" is readonly but is used to receive datasets as
4412 * clones so we don't raise an error here
4413 */
4414 if (prop == ZFS_PROP_ORIGIN)
4415 continue;
4416
4417 /* encryption params have their own verification later */
4418 if (prop == ZFS_PROP_ENCRYPTION ||
4419 zfs_prop_encryption_key_param(prop))
4420 continue;
4421
4422 /*
4423 * cannot override readonly, set-once and other specific
4424 * settable properties
4425 */
4426 if (zfs_prop_readonly(prop) || prop == ZFS_PROP_VERSION ||
4427 prop == ZFS_PROP_VOLSIZE) {
4428 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4429 "invalid property '%s'"), name);
4430 return (B_FALSE);
4431 }
4432 }
4433
4434 return (B_TRUE);
4435 }
4436
4437 static int
4438 zfs_receive_impl(libzfs_handle_t *hdl, const char *tosnap,
4439 const char *originsnap, recvflags_t *flags, int infd, const char *sendfs,
4440 nvlist_t *stream_nv, avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd,
4441 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops)
4442 {
4443 int err;
4444 dmu_replay_record_t drr, drr_noswap;
4445 struct drr_begin *drrb = &drr.drr_u.drr_begin;
4446 char errbuf[1024];
4447 zio_cksum_t zcksum = { { 0 } };
4448 uint64_t featureflags;
4449 int hdrtype;
4450
4451 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
4452 "cannot receive"));
4453
4454 /* check cmdline props, raise an error if they cannot be received */
4455 if (!zfs_receive_checkprops(hdl, cmdprops, errbuf)) {
4456 return (zfs_error(hdl, EZFS_BADPROP, errbuf));
4457 }
4458
4459 if (flags->isprefix &&
4460 !zfs_dataset_exists(hdl, tosnap, ZFS_TYPE_DATASET)) {
4461 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified fs "
4462 "(%s) does not exist"), tosnap);
4463 return (zfs_error(hdl, EZFS_NOENT, errbuf));
4464 }
4465 if (originsnap &&
4466 !zfs_dataset_exists(hdl, originsnap, ZFS_TYPE_DATASET)) {
4467 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified origin fs "
4468 "(%s) does not exist"), originsnap);
4469 return (zfs_error(hdl, EZFS_NOENT, errbuf));
4470 }
4471
4472 /* read in the BEGIN record */
4473 if (0 != (err = recv_read(hdl, infd, &drr, sizeof (drr), B_FALSE,
4474 &zcksum)))
4475 return (err);
4476
4477 if (drr.drr_type == DRR_END || drr.drr_type == BSWAP_32(DRR_END)) {
4478 /* It's the double end record at the end of a package */
4479 return (ENODATA);
4480 }
4481
4482 /* the kernel needs the non-byteswapped begin record */
4483 drr_noswap = drr;
4484
4485 flags->byteswap = B_FALSE;
4486 if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC)) {
4487 /*
4488 * We computed the checksum in the wrong byteorder in
4489 * recv_read() above; do it again correctly.
4490 */
4491 bzero(&zcksum, sizeof (zio_cksum_t));
4492 fletcher_4_incremental_byteswap(&drr, sizeof (drr), &zcksum);
4493 flags->byteswap = B_TRUE;
4494
4495 drr.drr_type = BSWAP_32(drr.drr_type);
4496 drr.drr_payloadlen = BSWAP_32(drr.drr_payloadlen);
4497 drrb->drr_magic = BSWAP_64(drrb->drr_magic);
4498 drrb->drr_versioninfo = BSWAP_64(drrb->drr_versioninfo);
4499 drrb->drr_creation_time = BSWAP_64(drrb->drr_creation_time);
4500 drrb->drr_type = BSWAP_32(drrb->drr_type);
4501 drrb->drr_flags = BSWAP_32(drrb->drr_flags);
4502 drrb->drr_toguid = BSWAP_64(drrb->drr_toguid);
4503 drrb->drr_fromguid = BSWAP_64(drrb->drr_fromguid);
4504 }
4505
4506 if (drrb->drr_magic != DMU_BACKUP_MAGIC || drr.drr_type != DRR_BEGIN) {
4507 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
4508 "stream (bad magic number)"));
4509 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
4510 }
4511
4512 featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
4513 hdrtype = DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo);
4514
4515 if (!DMU_STREAM_SUPPORTED(featureflags) ||
4516 (hdrtype != DMU_SUBSTREAM && hdrtype != DMU_COMPOUNDSTREAM)) {
4517 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4518 "stream has unsupported feature, feature flags = %lx"),
4519 featureflags);
4520 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
4521 }
4522
4523 if (strchr(drrb->drr_toname, '@') == NULL) {
4524 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid "
4525 "stream (bad snapshot name)"));
4526 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf));
4527 }
4528
4529 if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) == DMU_SUBSTREAM) {
4530 char nonpackage_sendfs[ZFS_MAX_DATASET_NAME_LEN];
4531 if (sendfs == NULL) {
4532 /*
4533 * We were not called from zfs_receive_package(). Get
4534 * the fs specified by 'zfs send'.
4535 */
4536 char *cp;
4537 (void) strlcpy(nonpackage_sendfs,
4538 drr.drr_u.drr_begin.drr_toname,
4539 sizeof (nonpackage_sendfs));
4540 if ((cp = strchr(nonpackage_sendfs, '@')) != NULL)
4541 *cp = '\0';
4542 sendfs = nonpackage_sendfs;
4543 VERIFY(finalsnap == NULL);
4544 }
4545 return (zfs_receive_one(hdl, infd, tosnap, originsnap, flags,
4546 &drr, &drr_noswap, sendfs, stream_nv, stream_avl, top_zfs,
4547 cleanup_fd, action_handlep, finalsnap, cmdprops));
4548 } else {
4549 assert(DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) ==
4550 DMU_COMPOUNDSTREAM);
4551 return (zfs_receive_package(hdl, infd, tosnap, flags, &drr,
4552 &zcksum, top_zfs, cleanup_fd, action_handlep, cmdprops));
4553 }
4554 }
4555
4556 /*
4557 * Restores a backup of tosnap from the file descriptor specified by infd.
4558 * Return 0 on total success, -2 if some things couldn't be
4559 * destroyed/renamed/promoted, -1 if some things couldn't be received.
4560 * (-1 will override -2, if -1 and the resumable flag was specified the
4561 * transfer can be resumed if the sending side supports it).
4562 */
4563 int
4564 zfs_receive(libzfs_handle_t *hdl, const char *tosnap, nvlist_t *props,
4565 recvflags_t *flags, int infd, avl_tree_t *stream_avl)
4566 {
4567 char *top_zfs = NULL;
4568 int err;
4569 int cleanup_fd;
4570 uint64_t action_handle = 0;
4571 struct stat sb;
4572 char *originsnap = NULL;
4573
4574 /*
4575 * The only way fstat can fail is if we do not have a valid file
4576 * descriptor.
4577 */
4578 if (fstat(infd, &sb) == -1) {
4579 perror("fstat");
4580 return (-2);
4581 }
4582
4583 #ifdef __linux__
4584 #ifndef F_SETPIPE_SZ
4585 #define F_SETPIPE_SZ (F_SETLEASE + 7)
4586 #endif /* F_SETPIPE_SZ */
4587
4588 #ifndef F_GETPIPE_SZ
4589 #define F_GETPIPE_SZ (F_GETLEASE + 7)
4590 #endif /* F_GETPIPE_SZ */
4591
4592 /*
4593 * It is not uncommon for gigabytes to be processed in zfs receive.
4594 * Speculatively increase the buffer size via Linux-specific fcntl()
4595 * call.
4596 */
4597 if (S_ISFIFO(sb.st_mode)) {
4598 FILE *procf = fopen("/proc/sys/fs/pipe-max-size", "r");
4599
4600 if (procf != NULL) {
4601 unsigned long max_psize;
4602 long cur_psize;
4603 if (fscanf(procf, "%lu", &max_psize) > 0) {
4604 cur_psize = fcntl(infd, F_GETPIPE_SZ);
4605 if (cur_psize > 0 &&
4606 max_psize > (unsigned long) cur_psize)
4607 (void) fcntl(infd, F_SETPIPE_SZ,
4608 max_psize);
4609 }
4610 fclose(procf);
4611 }
4612 }
4613 #endif /* __linux__ */
4614
4615 if (props) {
4616 err = nvlist_lookup_string(props, "origin", &originsnap);
4617 if (err && err != ENOENT)
4618 return (err);
4619 }
4620
4621 cleanup_fd = open(ZFS_DEV, O_RDWR);
4622 VERIFY(cleanup_fd >= 0);
4623
4624 err = zfs_receive_impl(hdl, tosnap, originsnap, flags, infd, NULL, NULL,
4625 stream_avl, &top_zfs, cleanup_fd, &action_handle, NULL, props);
4626
4627 VERIFY(0 == close(cleanup_fd));
4628
4629 if (err == 0 && !flags->nomount && top_zfs) {
4630 zfs_handle_t *zhp = NULL;
4631 prop_changelist_t *clp = NULL;
4632
4633 zhp = zfs_open(hdl, top_zfs, ZFS_TYPE_FILESYSTEM);
4634 if (zhp != NULL) {
4635 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT,
4636 CL_GATHER_MOUNT_ALWAYS, 0);
4637 zfs_close(zhp);
4638 if (clp != NULL) {
4639 /* mount and share received datasets */
4640 err = changelist_postfix(clp);
4641 changelist_free(clp);
4642 }
4643 }
4644 if (zhp == NULL || clp == NULL || err)
4645 err = -1;
4646 }
4647 if (top_zfs)
4648 free(top_zfs);
4649
4650 return (err);
4651 }
ZFS On Linux mirror for PVE