4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or https://opensource.org/licenses/CDDL-1.0.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Portions Copyright 2011 Martin Matuska
25 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
26 * Copyright (c) 2012 Pawel Jakub Dawidek
27 * Copyright (c) 2014, 2016 Joyent, Inc. All rights reserved.
28 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
29 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
30 * Copyright (c) 2011, 2020 by Delphix. All rights reserved.
31 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
32 * Copyright (c) 2013 Steven Hartland. All rights reserved.
33 * Copyright (c) 2014 Integros [integros.com]
34 * Copyright 2016 Toomas Soome <tsoome@me.com>
35 * Copyright (c) 2016 Actifio, Inc. All rights reserved.
36 * Copyright (c) 2018, loli10K <ezomori.nozomu@gmail.com>. All rights reserved.
37 * Copyright 2017 RackTop Systems.
38 * Copyright (c) 2017 Open-E, Inc. All Rights Reserved.
39 * Copyright (c) 2019 Datto Inc.
40 * Copyright (c) 2019, 2020 by Christian Schwarz. All rights reserved.
41 * Copyright (c) 2019, 2021, Klara Inc.
42 * Copyright (c) 2019, Allan Jude
48 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
49 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
51 * There are two ways that we handle ioctls: the legacy way where almost
52 * all of the logic is in the ioctl callback, and the new way where most
53 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
55 * Non-legacy ioctls should be registered by calling
56 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
57 * from userland by lzc_ioctl().
59 * The registration arguments are as follows:
62 * The name of the ioctl. This is used for history logging. If the
63 * ioctl returns successfully (the callback returns 0), and allow_log
64 * is true, then a history log entry will be recorded with the input &
65 * output nvlists. The log entry can be printed with "zpool history -i".
68 * The ioctl request number, which userland will pass to ioctl(2).
69 * We want newer versions of libzfs and libzfs_core to run against
70 * existing zfs kernel modules (i.e. a deferred reboot after an update).
71 * Therefore the ioctl numbers cannot change from release to release.
73 * zfs_secpolicy_func_t *secpolicy
74 * This function will be called before the zfs_ioc_func_t, to
75 * determine if this operation is permitted. It should return EPERM
76 * on failure, and 0 on success. Checks include determining if the
77 * dataset is visible in this zone, and if the user has either all
78 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
79 * to do this operation on this dataset with "zfs allow".
81 * zfs_ioc_namecheck_t namecheck
82 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
83 * name, a dataset name, or nothing. If the name is not well-formed,
84 * the ioctl will fail and the callback will not be called.
85 * Therefore, the callback can assume that the name is well-formed
86 * (e.g. is null-terminated, doesn't have more than one '@' character,
87 * doesn't have invalid characters).
89 * zfs_ioc_poolcheck_t pool_check
90 * This specifies requirements on the pool state. If the pool does
91 * not meet them (is suspended or is readonly), the ioctl will fail
92 * and the callback will not be called. If any checks are specified
93 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
94 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
95 * POOL_CHECK_READONLY).
97 * zfs_ioc_key_t *nvl_keys
98 * The list of expected/allowable innvl input keys. This list is used
99 * to validate the nvlist input to the ioctl.
101 * boolean_t smush_outnvlist
102 * If smush_outnvlist is true, then the output is presumed to be a
103 * list of errors, and it will be "smushed" down to fit into the
104 * caller's buffer, by removing some entries and replacing them with a
105 * single "N_MORE_ERRORS" entry indicating how many were removed. See
106 * nvlist_smush() for details. If smush_outnvlist is false, and the
107 * outnvlist does not fit into the userland-provided buffer, then the
108 * ioctl will fail with ENOMEM.
110 * zfs_ioc_func_t *func
111 * The callback function that will perform the operation.
113 * The callback should return 0 on success, or an error number on
114 * failure. If the function fails, the userland ioctl will return -1,
115 * and errno will be set to the callback's return value. The callback
116 * will be called with the following arguments:
119 * The name of the pool or dataset to operate on, from
120 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
121 * expected type (pool, dataset, or none).
124 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
125 * NULL if no input nvlist was provided. Changes to this nvlist are
126 * ignored. If the input nvlist could not be deserialized, the
127 * ioctl will fail and the callback will not be called.
130 * The output nvlist, initially empty. The callback can fill it in,
131 * and it will be returned to userland by serializing it into
132 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
133 * fails (e.g. because the caller didn't supply a large enough
134 * buffer), then the overall ioctl will fail. See the
135 * 'smush_nvlist' argument above for additional behaviors.
137 * There are two typical uses of the output nvlist:
138 * - To return state, e.g. property values. In this case,
139 * smush_outnvlist should be false. If the buffer was not large
140 * enough, the caller will reallocate a larger buffer and try
143 * - To return multiple errors from an ioctl which makes on-disk
144 * changes. In this case, smush_outnvlist should be true.
145 * Ioctls which make on-disk modifications should generally not
146 * use the outnvl if they succeed, because the caller can not
147 * distinguish between the operation failing, and
148 * deserialization failing.
150 * IOCTL Interface Errors
152 * The following ioctl input errors can be returned:
153 * ZFS_ERR_IOC_CMD_UNAVAIL the ioctl number is not supported by kernel
154 * ZFS_ERR_IOC_ARG_UNAVAIL an input argument is not supported by kernel
155 * ZFS_ERR_IOC_ARG_REQUIRED a required input argument is missing
156 * ZFS_ERR_IOC_ARG_BADTYPE an input argument has an invalid type
159 #include <sys/types.h>
160 #include <sys/param.h>
161 #include <sys/errno.h>
162 #include <sys/uio_impl.h>
163 #include <sys/file.h>
164 #include <sys/kmem.h>
165 #include <sys/cmn_err.h>
166 #include <sys/stat.h>
167 #include <sys/zfs_ioctl.h>
168 #include <sys/zfs_quota.h>
169 #include <sys/zfs_vfsops.h>
170 #include <sys/zfs_znode.h>
173 #include <sys/spa_impl.h>
174 #include <sys/vdev.h>
175 #include <sys/vdev_impl.h>
177 #include <sys/dsl_dir.h>
178 #include <sys/dsl_dataset.h>
179 #include <sys/dsl_prop.h>
180 #include <sys/dsl_deleg.h>
181 #include <sys/dmu_objset.h>
182 #include <sys/dmu_impl.h>
183 #include <sys/dmu_redact.h>
184 #include <sys/dmu_tx.h>
185 #include <sys/sunddi.h>
186 #include <sys/policy.h>
187 #include <sys/zone.h>
188 #include <sys/nvpair.h>
189 #include <sys/pathname.h>
190 #include <sys/fs/zfs.h>
191 #include <sys/zfs_ctldir.h>
192 #include <sys/zfs_dir.h>
193 #include <sys/zfs_onexit.h>
194 #include <sys/zvol.h>
195 #include <sys/dsl_scan.h>
196 #include <sys/fm/util.h>
197 #include <sys/dsl_crypt.h>
198 #include <sys/rrwlock.h>
199 #include <sys/zfs_file.h>
201 #include <sys/dmu_recv.h>
202 #include <sys/dmu_send.h>
203 #include <sys/dmu_recv.h>
204 #include <sys/dsl_destroy.h>
205 #include <sys/dsl_bookmark.h>
206 #include <sys/dsl_userhold.h>
207 #include <sys/zfeature.h>
209 #include <sys/zio_checksum.h>
210 #include <sys/vdev_removal.h>
211 #include <sys/vdev_impl.h>
212 #include <sys/vdev_initialize.h>
213 #include <sys/vdev_trim.h>
215 #include "zfs_namecheck.h"
216 #include "zfs_prop.h"
217 #include "zfs_deleg.h"
218 #include "zfs_comutil.h"
220 #include <sys/lua/lua.h>
221 #include <sys/lua/lauxlib.h>
222 #include <sys/zfs_ioctl_impl.h>
224 kmutex_t zfsdev_state_lock
;
225 static zfsdev_state_t zfsdev_state_listhead
;
228 * Limit maximum nvlist size. We don't want users passing in insane values
229 * for zc->zc_nvlist_src_size, since we will need to allocate that much memory.
230 * Defaults to 0=auto which is handled by platform code.
232 uint64_t zfs_max_nvlist_src_size
= 0;
235 * When logging the output nvlist of an ioctl in the on-disk history, limit
236 * the logged size to this many bytes. This must be less than DMU_MAX_ACCESS.
237 * This applies primarily to zfs_ioc_channel_program().
239 static uint64_t zfs_history_output_max
= 1024 * 1024;
241 uint_t zfs_fsyncer_key
;
242 uint_t zfs_allow_log_key
;
244 /* DATA_TYPE_ANY is used when zkey_type can vary. */
245 #define DATA_TYPE_ANY DATA_TYPE_UNKNOWN
247 typedef struct zfs_ioc_vec
{
248 zfs_ioc_legacy_func_t
*zvec_legacy_func
;
249 zfs_ioc_func_t
*zvec_func
;
250 zfs_secpolicy_func_t
*zvec_secpolicy
;
251 zfs_ioc_namecheck_t zvec_namecheck
;
252 boolean_t zvec_allow_log
;
253 zfs_ioc_poolcheck_t zvec_pool_check
;
254 boolean_t zvec_smush_outnvlist
;
255 const char *zvec_name
;
256 const zfs_ioc_key_t
*zvec_nvl_keys
;
257 size_t zvec_nvl_key_count
;
260 /* This array is indexed by zfs_userquota_prop_t */
261 static const char *userquota_perms
[] = {
262 ZFS_DELEG_PERM_USERUSED
,
263 ZFS_DELEG_PERM_USERQUOTA
,
264 ZFS_DELEG_PERM_GROUPUSED
,
265 ZFS_DELEG_PERM_GROUPQUOTA
,
266 ZFS_DELEG_PERM_USEROBJUSED
,
267 ZFS_DELEG_PERM_USEROBJQUOTA
,
268 ZFS_DELEG_PERM_GROUPOBJUSED
,
269 ZFS_DELEG_PERM_GROUPOBJQUOTA
,
270 ZFS_DELEG_PERM_PROJECTUSED
,
271 ZFS_DELEG_PERM_PROJECTQUOTA
,
272 ZFS_DELEG_PERM_PROJECTOBJUSED
,
273 ZFS_DELEG_PERM_PROJECTOBJQUOTA
,
276 static int zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
);
277 static int zfs_ioc_id_quota_upgrade(zfs_cmd_t
*zc
);
278 static int zfs_check_settable(const char *name
, nvpair_t
*property
,
280 static int zfs_check_clearable(const char *dataset
, nvlist_t
*props
,
282 static int zfs_fill_zplprops_root(uint64_t, nvlist_t
*, nvlist_t
*,
284 int zfs_set_prop_nvlist(const char *, zprop_source_t
, nvlist_t
*, nvlist_t
*);
285 static int get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
);
288 history_str_free(char *buf
)
290 kmem_free(buf
, HIS_MAX_RECORD_LEN
);
294 history_str_get(zfs_cmd_t
*zc
)
298 if (zc
->zc_history
== 0)
301 buf
= kmem_alloc(HIS_MAX_RECORD_LEN
, KM_SLEEP
);
302 if (copyinstr((void *)(uintptr_t)zc
->zc_history
,
303 buf
, HIS_MAX_RECORD_LEN
, NULL
) != 0) {
304 history_str_free(buf
);
308 buf
[HIS_MAX_RECORD_LEN
-1] = '\0';
314 * Return non-zero if the spa version is less than requested version.
317 zfs_earlier_version(const char *name
, int version
)
321 if (spa_open(name
, &spa
, FTAG
) == 0) {
322 if (spa_version(spa
) < version
) {
323 spa_close(spa
, FTAG
);
326 spa_close(spa
, FTAG
);
332 * Return TRUE if the ZPL version is less than requested version.
335 zpl_earlier_version(const char *name
, int version
)
338 boolean_t rc
= B_TRUE
;
340 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
343 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
344 dmu_objset_rele(os
, FTAG
);
347 /* XXX reading from non-owned objset */
348 if (zfs_get_zplprop(os
, ZFS_PROP_VERSION
, &zplversion
) == 0)
349 rc
= zplversion
< version
;
350 dmu_objset_rele(os
, FTAG
);
356 zfs_log_history(zfs_cmd_t
*zc
)
361 if ((buf
= history_str_get(zc
)) == NULL
)
364 if (spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
365 if (spa_version(spa
) >= SPA_VERSION_ZPOOL_HISTORY
)
366 (void) spa_history_log(spa
, buf
);
367 spa_close(spa
, FTAG
);
369 history_str_free(buf
);
373 * Policy for top-level read operations (list pools). Requires no privileges,
374 * and can be used in the local zone, as there is no associated dataset.
377 zfs_secpolicy_none(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
379 (void) zc
, (void) innvl
, (void) cr
;
384 * Policy for dataset read operations (list children, get statistics). Requires
385 * no privileges, but must be visible in the local zone.
388 zfs_secpolicy_read(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
390 (void) innvl
, (void) cr
;
391 if (INGLOBALZONE(curproc
) ||
392 zone_dataset_visible(zc
->zc_name
, NULL
))
395 return (SET_ERROR(ENOENT
));
399 zfs_dozonecheck_impl(const char *dataset
, uint64_t zoned
, cred_t
*cr
)
404 * The dataset must be visible by this zone -- check this first
405 * so they don't see EPERM on something they shouldn't know about.
407 if (!INGLOBALZONE(curproc
) &&
408 !zone_dataset_visible(dataset
, &writable
))
409 return (SET_ERROR(ENOENT
));
411 if (INGLOBALZONE(curproc
)) {
413 * If the fs is zoned, only root can access it from the
416 if (secpolicy_zfs(cr
) && zoned
)
417 return (SET_ERROR(EPERM
));
420 * If we are in a local zone, the 'zoned' property must be set.
423 return (SET_ERROR(EPERM
));
425 /* must be writable by this zone */
427 return (SET_ERROR(EPERM
));
433 zfs_dozonecheck(const char *dataset
, cred_t
*cr
)
437 if (dsl_prop_get_integer(dataset
, zfs_prop_to_name(ZFS_PROP_ZONED
),
439 return (SET_ERROR(ENOENT
));
441 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
445 zfs_dozonecheck_ds(const char *dataset
, dsl_dataset_t
*ds
, cred_t
*cr
)
449 if (dsl_prop_get_int_ds(ds
, zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
))
450 return (SET_ERROR(ENOENT
));
452 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
456 zfs_secpolicy_write_perms_ds(const char *name
, dsl_dataset_t
*ds
,
457 const char *perm
, cred_t
*cr
)
461 error
= zfs_dozonecheck_ds(name
, ds
, cr
);
463 error
= secpolicy_zfs(cr
);
465 error
= dsl_deleg_access_impl(ds
, perm
, cr
);
471 zfs_secpolicy_write_perms(const char *name
, const char *perm
, cred_t
*cr
)
478 * First do a quick check for root in the global zone, which
479 * is allowed to do all write_perms. This ensures that zfs_ioc_*
480 * will get to handle nonexistent datasets.
482 if (INGLOBALZONE(curproc
) && secpolicy_zfs(cr
) == 0)
485 error
= dsl_pool_hold(name
, FTAG
, &dp
);
489 error
= dsl_dataset_hold(dp
, name
, FTAG
, &ds
);
491 dsl_pool_rele(dp
, FTAG
);
495 error
= zfs_secpolicy_write_perms_ds(name
, ds
, perm
, cr
);
497 dsl_dataset_rele(ds
, FTAG
);
498 dsl_pool_rele(dp
, FTAG
);
503 * Policy for setting the security label property.
505 * Returns 0 for success, non-zero for access and other errors.
508 zfs_set_slabel_policy(const char *name
, const char *strval
, cred_t
*cr
)
511 char ds_hexsl
[MAXNAMELEN
];
512 bslabel_t ds_sl
, new_sl
;
513 boolean_t new_default
= FALSE
;
515 int needed_priv
= -1;
518 /* First get the existing dataset label. */
519 error
= dsl_prop_get(name
, zfs_prop_to_name(ZFS_PROP_MLSLABEL
),
520 1, sizeof (ds_hexsl
), &ds_hexsl
, NULL
);
522 return (SET_ERROR(EPERM
));
524 if (strcasecmp(strval
, ZFS_MLSLABEL_DEFAULT
) == 0)
527 /* The label must be translatable */
528 if (!new_default
&& (hexstr_to_label(strval
, &new_sl
) != 0))
529 return (SET_ERROR(EINVAL
));
532 * In a non-global zone, disallow attempts to set a label that
533 * doesn't match that of the zone; otherwise no other checks
536 if (!INGLOBALZONE(curproc
)) {
537 if (new_default
|| !blequal(&new_sl
, CR_SL(CRED())))
538 return (SET_ERROR(EPERM
));
543 * For global-zone datasets (i.e., those whose zoned property is
544 * "off", verify that the specified new label is valid for the
547 if (dsl_prop_get_integer(name
,
548 zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
, NULL
))
549 return (SET_ERROR(EPERM
));
551 if (zfs_check_global_label(name
, strval
) != 0)
552 return (SET_ERROR(EPERM
));
556 * If the existing dataset label is nondefault, check if the
557 * dataset is mounted (label cannot be changed while mounted).
558 * Get the zfsvfs_t; if there isn't one, then the dataset isn't
559 * mounted (or isn't a dataset, doesn't exist, ...).
561 if (strcasecmp(ds_hexsl
, ZFS_MLSLABEL_DEFAULT
) != 0) {
563 static const char *setsl_tag
= "setsl_tag";
566 * Try to own the dataset; abort if there is any error,
567 * (e.g., already mounted, in use, or other error).
569 error
= dmu_objset_own(name
, DMU_OST_ZFS
, B_TRUE
, B_TRUE
,
572 return (SET_ERROR(EPERM
));
574 dmu_objset_disown(os
, B_TRUE
, setsl_tag
);
577 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
581 if (hexstr_to_label(strval
, &new_sl
) != 0)
582 return (SET_ERROR(EPERM
));
584 if (blstrictdom(&ds_sl
, &new_sl
))
585 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
586 else if (blstrictdom(&new_sl
, &ds_sl
))
587 needed_priv
= PRIV_FILE_UPGRADE_SL
;
589 /* dataset currently has a default label */
591 needed_priv
= PRIV_FILE_UPGRADE_SL
;
595 if (needed_priv
!= -1)
596 return (PRIV_POLICY(cr
, needed_priv
, B_FALSE
, EPERM
, NULL
));
599 return (SET_ERROR(ENOTSUP
));
600 #endif /* HAVE_MLSLABEL */
604 zfs_secpolicy_setprop(const char *dsname
, zfs_prop_t prop
, nvpair_t
*propval
,
610 * Check permissions for special properties.
617 * Disallow setting of 'zoned' from within a local zone.
619 if (!INGLOBALZONE(curproc
))
620 return (SET_ERROR(EPERM
));
624 case ZFS_PROP_FILESYSTEM_LIMIT
:
625 case ZFS_PROP_SNAPSHOT_LIMIT
:
626 if (!INGLOBALZONE(curproc
)) {
628 char setpoint
[ZFS_MAX_DATASET_NAME_LEN
];
630 * Unprivileged users are allowed to modify the
631 * limit on things *under* (ie. contained by)
632 * the thing they own.
634 if (dsl_prop_get_integer(dsname
,
635 zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
, setpoint
))
636 return (SET_ERROR(EPERM
));
637 if (!zoned
|| strlen(dsname
) <= strlen(setpoint
))
638 return (SET_ERROR(EPERM
));
642 case ZFS_PROP_MLSLABEL
:
643 if (!is_system_labeled())
644 return (SET_ERROR(EPERM
));
646 if (nvpair_value_string(propval
, &strval
) == 0) {
649 err
= zfs_set_slabel_policy(dsname
, strval
, CRED());
656 return (zfs_secpolicy_write_perms(dsname
, zfs_prop_to_name(prop
), cr
));
660 zfs_secpolicy_set_fsacl(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
663 * permission to set permissions will be evaluated later in
664 * dsl_deleg_can_allow()
667 return (zfs_dozonecheck(zc
->zc_name
, cr
));
671 zfs_secpolicy_rollback(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
674 return (zfs_secpolicy_write_perms(zc
->zc_name
,
675 ZFS_DELEG_PERM_ROLLBACK
, cr
));
679 zfs_secpolicy_send(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
688 * Generate the current snapshot name from the given objsetid, then
689 * use that name for the secpolicy/zone checks.
691 cp
= strchr(zc
->zc_name
, '@');
693 return (SET_ERROR(EINVAL
));
694 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
698 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &ds
);
700 dsl_pool_rele(dp
, FTAG
);
704 dsl_dataset_name(ds
, zc
->zc_name
);
706 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, ds
,
707 ZFS_DELEG_PERM_SEND
, cr
);
708 dsl_dataset_rele(ds
, FTAG
);
709 dsl_pool_rele(dp
, FTAG
);
715 zfs_secpolicy_send_new(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
718 return (zfs_secpolicy_write_perms(zc
->zc_name
,
719 ZFS_DELEG_PERM_SEND
, cr
));
723 zfs_secpolicy_share(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
725 (void) zc
, (void) innvl
, (void) cr
;
726 return (SET_ERROR(ENOTSUP
));
730 zfs_secpolicy_smb_acl(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
732 (void) zc
, (void) innvl
, (void) cr
;
733 return (SET_ERROR(ENOTSUP
));
737 zfs_get_parent(const char *datasetname
, char *parent
, int parentsize
)
742 * Remove the @bla or /bla from the end of the name to get the parent.
744 (void) strlcpy(parent
, datasetname
, parentsize
);
745 cp
= strrchr(parent
, '@');
749 cp
= strrchr(parent
, '/');
751 return (SET_ERROR(ENOENT
));
759 zfs_secpolicy_destroy_perms(const char *name
, cred_t
*cr
)
763 if ((error
= zfs_secpolicy_write_perms(name
,
764 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
767 return (zfs_secpolicy_write_perms(name
, ZFS_DELEG_PERM_DESTROY
, cr
));
771 zfs_secpolicy_destroy(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
774 return (zfs_secpolicy_destroy_perms(zc
->zc_name
, cr
));
778 * Destroying snapshots with delegated permissions requires
779 * descendant mount and destroy permissions.
782 zfs_secpolicy_destroy_snaps(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
786 nvpair_t
*pair
, *nextpair
;
789 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
791 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
793 nextpair
= nvlist_next_nvpair(snaps
, pair
);
794 error
= zfs_secpolicy_destroy_perms(nvpair_name(pair
), cr
);
795 if (error
== ENOENT
) {
797 * Ignore any snapshots that don't exist (we consider
798 * them "already destroyed"). Remove the name from the
799 * nvl here in case the snapshot is created between
800 * now and when we try to destroy it (in which case
801 * we don't want to destroy it since we haven't
802 * checked for permission).
804 fnvlist_remove_nvpair(snaps
, pair
);
815 zfs_secpolicy_rename_perms(const char *from
, const char *to
, cred_t
*cr
)
817 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
820 if ((error
= zfs_secpolicy_write_perms(from
,
821 ZFS_DELEG_PERM_RENAME
, cr
)) != 0)
824 if ((error
= zfs_secpolicy_write_perms(from
,
825 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
828 if ((error
= zfs_get_parent(to
, parentname
,
829 sizeof (parentname
))) != 0)
832 if ((error
= zfs_secpolicy_write_perms(parentname
,
833 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
836 if ((error
= zfs_secpolicy_write_perms(parentname
,
837 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
844 zfs_secpolicy_rename(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
847 return (zfs_secpolicy_rename_perms(zc
->zc_name
, zc
->zc_value
, cr
));
851 zfs_secpolicy_promote(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
855 dsl_dataset_t
*clone
;
858 error
= zfs_secpolicy_write_perms(zc
->zc_name
,
859 ZFS_DELEG_PERM_PROMOTE
, cr
);
863 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
867 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &clone
);
870 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
871 dsl_dataset_t
*origin
= NULL
;
875 error
= dsl_dataset_hold_obj(dd
->dd_pool
,
876 dsl_dir_phys(dd
)->dd_origin_obj
, FTAG
, &origin
);
878 dsl_dataset_rele(clone
, FTAG
);
879 dsl_pool_rele(dp
, FTAG
);
883 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, clone
,
884 ZFS_DELEG_PERM_MOUNT
, cr
);
886 dsl_dataset_name(origin
, parentname
);
888 error
= zfs_secpolicy_write_perms_ds(parentname
, origin
,
889 ZFS_DELEG_PERM_PROMOTE
, cr
);
891 dsl_dataset_rele(clone
, FTAG
);
892 dsl_dataset_rele(origin
, FTAG
);
894 dsl_pool_rele(dp
, FTAG
);
899 zfs_secpolicy_recv(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
904 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
905 ZFS_DELEG_PERM_RECEIVE
, cr
)) != 0)
908 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
909 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
912 return (zfs_secpolicy_write_perms(zc
->zc_name
,
913 ZFS_DELEG_PERM_CREATE
, cr
));
917 zfs_secpolicy_snapshot_perms(const char *name
, cred_t
*cr
)
919 return (zfs_secpolicy_write_perms(name
,
920 ZFS_DELEG_PERM_SNAPSHOT
, cr
));
924 * Check for permission to create each snapshot in the nvlist.
927 zfs_secpolicy_snapshot(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
934 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
936 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
937 pair
= nvlist_next_nvpair(snaps
, pair
)) {
938 char *name
= (char *)nvpair_name(pair
);
939 char *atp
= strchr(name
, '@');
942 error
= SET_ERROR(EINVAL
);
946 error
= zfs_secpolicy_snapshot_perms(name
, cr
);
955 * Check for permission to create each bookmark in the nvlist.
958 zfs_secpolicy_bookmark(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
963 for (nvpair_t
*pair
= nvlist_next_nvpair(innvl
, NULL
);
964 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
965 char *name
= (char *)nvpair_name(pair
);
966 char *hashp
= strchr(name
, '#');
969 error
= SET_ERROR(EINVAL
);
973 error
= zfs_secpolicy_write_perms(name
,
974 ZFS_DELEG_PERM_BOOKMARK
, cr
);
983 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
986 nvpair_t
*pair
, *nextpair
;
989 for (pair
= nvlist_next_nvpair(innvl
, NULL
); pair
!= NULL
;
991 char *name
= (char *)nvpair_name(pair
);
992 char *hashp
= strchr(name
, '#');
993 nextpair
= nvlist_next_nvpair(innvl
, pair
);
996 error
= SET_ERROR(EINVAL
);
1001 error
= zfs_secpolicy_write_perms(name
,
1002 ZFS_DELEG_PERM_DESTROY
, cr
);
1004 if (error
== ENOENT
) {
1006 * Ignore any filesystems that don't exist (we consider
1007 * their bookmarks "already destroyed"). Remove
1008 * the name from the nvl here in case the filesystem
1009 * is created between now and when we try to destroy
1010 * the bookmark (in which case we don't want to
1011 * destroy it since we haven't checked for permission).
1013 fnvlist_remove_nvpair(innvl
, pair
);
1024 zfs_secpolicy_log_history(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1026 (void) zc
, (void) innvl
, (void) cr
;
1028 * Even root must have a proper TSD so that we know what pool
1031 if (tsd_get(zfs_allow_log_key
) == NULL
)
1032 return (SET_ERROR(EPERM
));
1037 zfs_secpolicy_create_clone(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1039 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
1043 if ((error
= zfs_get_parent(zc
->zc_name
, parentname
,
1044 sizeof (parentname
))) != 0)
1047 if (nvlist_lookup_string(innvl
, "origin", &origin
) == 0 &&
1048 (error
= zfs_secpolicy_write_perms(origin
,
1049 ZFS_DELEG_PERM_CLONE
, cr
)) != 0)
1052 if ((error
= zfs_secpolicy_write_perms(parentname
,
1053 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
1056 return (zfs_secpolicy_write_perms(parentname
,
1057 ZFS_DELEG_PERM_MOUNT
, cr
));
1061 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1062 * SYS_CONFIG privilege, which is not available in a local zone.
1065 zfs_secpolicy_config(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1067 (void) zc
, (void) innvl
;
1069 if (secpolicy_sys_config(cr
, B_FALSE
) != 0)
1070 return (SET_ERROR(EPERM
));
1076 * Policy for object to name lookups.
1079 zfs_secpolicy_diff(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1084 if (secpolicy_sys_config(cr
, B_FALSE
) == 0)
1087 error
= zfs_secpolicy_write_perms(zc
->zc_name
, ZFS_DELEG_PERM_DIFF
, cr
);
1092 * Policy for fault injection. Requires all privileges.
1095 zfs_secpolicy_inject(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1097 (void) zc
, (void) innvl
;
1098 return (secpolicy_zinject(cr
));
1102 zfs_secpolicy_inherit_prop(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1105 zfs_prop_t prop
= zfs_name_to_prop(zc
->zc_value
);
1107 if (prop
== ZPROP_USERPROP
) {
1108 if (!zfs_prop_user(zc
->zc_value
))
1109 return (SET_ERROR(EINVAL
));
1110 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1111 ZFS_DELEG_PERM_USERPROP
, cr
));
1113 return (zfs_secpolicy_setprop(zc
->zc_name
, prop
,
1119 zfs_secpolicy_userspace_one(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1121 int err
= zfs_secpolicy_read(zc
, innvl
, cr
);
1125 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
1126 return (SET_ERROR(EINVAL
));
1128 if (zc
->zc_value
[0] == 0) {
1130 * They are asking about a posix uid/gid. If it's
1131 * themself, allow it.
1133 if (zc
->zc_objset_type
== ZFS_PROP_USERUSED
||
1134 zc
->zc_objset_type
== ZFS_PROP_USERQUOTA
||
1135 zc
->zc_objset_type
== ZFS_PROP_USEROBJUSED
||
1136 zc
->zc_objset_type
== ZFS_PROP_USEROBJQUOTA
) {
1137 if (zc
->zc_guid
== crgetuid(cr
))
1139 } else if (zc
->zc_objset_type
== ZFS_PROP_GROUPUSED
||
1140 zc
->zc_objset_type
== ZFS_PROP_GROUPQUOTA
||
1141 zc
->zc_objset_type
== ZFS_PROP_GROUPOBJUSED
||
1142 zc
->zc_objset_type
== ZFS_PROP_GROUPOBJQUOTA
) {
1143 if (groupmember(zc
->zc_guid
, cr
))
1146 /* else is for project quota/used */
1149 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1150 userquota_perms
[zc
->zc_objset_type
], cr
));
1154 zfs_secpolicy_userspace_many(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1156 int err
= zfs_secpolicy_read(zc
, innvl
, cr
);
1160 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
1161 return (SET_ERROR(EINVAL
));
1163 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1164 userquota_perms
[zc
->zc_objset_type
], cr
));
1168 zfs_secpolicy_userspace_upgrade(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1171 return (zfs_secpolicy_setprop(zc
->zc_name
, ZFS_PROP_VERSION
,
1176 zfs_secpolicy_hold(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1183 holds
= fnvlist_lookup_nvlist(innvl
, "holds");
1185 for (pair
= nvlist_next_nvpair(holds
, NULL
); pair
!= NULL
;
1186 pair
= nvlist_next_nvpair(holds
, pair
)) {
1187 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
1188 error
= dmu_fsname(nvpair_name(pair
), fsname
);
1191 error
= zfs_secpolicy_write_perms(fsname
,
1192 ZFS_DELEG_PERM_HOLD
, cr
);
1200 zfs_secpolicy_release(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1206 for (pair
= nvlist_next_nvpair(innvl
, NULL
); pair
!= NULL
;
1207 pair
= nvlist_next_nvpair(innvl
, pair
)) {
1208 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
1209 error
= dmu_fsname(nvpair_name(pair
), fsname
);
1212 error
= zfs_secpolicy_write_perms(fsname
,
1213 ZFS_DELEG_PERM_RELEASE
, cr
);
1221 * Policy for allowing temporary snapshots to be taken or released
1224 zfs_secpolicy_tmp_snapshot(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1227 * A temporary snapshot is the same as a snapshot,
1228 * hold, destroy and release all rolled into one.
1229 * Delegated diff alone is sufficient that we allow this.
1233 if (zfs_secpolicy_write_perms(zc
->zc_name
,
1234 ZFS_DELEG_PERM_DIFF
, cr
) == 0)
1237 error
= zfs_secpolicy_snapshot_perms(zc
->zc_name
, cr
);
1239 if (innvl
!= NULL
) {
1241 error
= zfs_secpolicy_hold(zc
, innvl
, cr
);
1243 error
= zfs_secpolicy_release(zc
, innvl
, cr
);
1245 error
= zfs_secpolicy_destroy(zc
, innvl
, cr
);
1251 zfs_secpolicy_load_key(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1253 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1254 ZFS_DELEG_PERM_LOAD_KEY
, cr
));
1258 zfs_secpolicy_change_key(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1260 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1261 ZFS_DELEG_PERM_CHANGE_KEY
, cr
));
1265 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1268 get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
)
1272 nvlist_t
*list
= NULL
;
1275 * Read in and unpack the user-supplied nvlist.
1278 return (SET_ERROR(EINVAL
));
1280 packed
= vmem_alloc(size
, KM_SLEEP
);
1282 if (ddi_copyin((void *)(uintptr_t)nvl
, packed
, size
, iflag
) != 0) {
1283 vmem_free(packed
, size
);
1284 return (SET_ERROR(EFAULT
));
1287 if ((error
= nvlist_unpack(packed
, size
, &list
, 0)) != 0) {
1288 vmem_free(packed
, size
);
1292 vmem_free(packed
, size
);
1299 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1300 * Entries will be removed from the end of the nvlist, and one int32 entry
1301 * named "N_MORE_ERRORS" will be added indicating how many entries were
1305 nvlist_smush(nvlist_t
*errors
, size_t max
)
1309 size
= fnvlist_size(errors
);
1312 nvpair_t
*more_errors
;
1316 return (SET_ERROR(ENOMEM
));
1318 fnvlist_add_int32(errors
, ZPROP_N_MORE_ERRORS
, 0);
1319 more_errors
= nvlist_prev_nvpair(errors
, NULL
);
1322 nvpair_t
*pair
= nvlist_prev_nvpair(errors
,
1324 fnvlist_remove_nvpair(errors
, pair
);
1326 size
= fnvlist_size(errors
);
1327 } while (size
> max
);
1329 fnvlist_remove_nvpair(errors
, more_errors
);
1330 fnvlist_add_int32(errors
, ZPROP_N_MORE_ERRORS
, n
);
1331 ASSERT3U(fnvlist_size(errors
), <=, max
);
1338 put_nvlist(zfs_cmd_t
*zc
, nvlist_t
*nvl
)
1340 char *packed
= NULL
;
1344 size
= fnvlist_size(nvl
);
1346 if (size
> zc
->zc_nvlist_dst_size
) {
1347 error
= SET_ERROR(ENOMEM
);
1349 packed
= fnvlist_pack(nvl
, &size
);
1350 if (ddi_copyout(packed
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
1351 size
, zc
->zc_iflags
) != 0)
1352 error
= SET_ERROR(EFAULT
);
1353 fnvlist_pack_free(packed
, size
);
1356 zc
->zc_nvlist_dst_size
= size
;
1357 zc
->zc_nvlist_dst_filled
= B_TRUE
;
1362 getzfsvfs_impl(objset_t
*os
, zfsvfs_t
**zfvp
)
1365 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1366 return (SET_ERROR(EINVAL
));
1369 mutex_enter(&os
->os_user_ptr_lock
);
1370 *zfvp
= dmu_objset_get_user(os
);
1371 /* bump s_active only when non-zero to prevent umount race */
1372 error
= zfs_vfs_ref(zfvp
);
1373 mutex_exit(&os
->os_user_ptr_lock
);
1378 getzfsvfs(const char *dsname
, zfsvfs_t
**zfvp
)
1383 error
= dmu_objset_hold(dsname
, FTAG
, &os
);
1387 error
= getzfsvfs_impl(os
, zfvp
);
1388 dmu_objset_rele(os
, FTAG
);
1393 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1394 * case its z_sb will be NULL, and it will be opened as the owner.
1395 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1396 * which prevents all inode ops from running.
1399 zfsvfs_hold(const char *name
, const void *tag
, zfsvfs_t
**zfvp
,
1404 if (getzfsvfs(name
, zfvp
) != 0)
1405 error
= zfsvfs_create(name
, B_FALSE
, zfvp
);
1408 ZFS_TEARDOWN_ENTER_WRITE(*zfvp
, tag
);
1410 ZFS_TEARDOWN_ENTER_READ(*zfvp
, tag
);
1411 if ((*zfvp
)->z_unmounted
) {
1413 * XXX we could probably try again, since the unmounting
1414 * thread should be just about to disassociate the
1415 * objset from the zfsvfs.
1417 ZFS_TEARDOWN_EXIT(*zfvp
, tag
);
1418 return (SET_ERROR(EBUSY
));
1425 zfsvfs_rele(zfsvfs_t
*zfsvfs
, const void *tag
)
1427 ZFS_TEARDOWN_EXIT(zfsvfs
, tag
);
1429 if (zfs_vfs_held(zfsvfs
)) {
1430 zfs_vfs_rele(zfsvfs
);
1432 dmu_objset_disown(zfsvfs
->z_os
, B_TRUE
, zfsvfs
);
1433 zfsvfs_free(zfsvfs
);
1438 zfs_ioc_pool_create(zfs_cmd_t
*zc
)
1441 nvlist_t
*config
, *props
= NULL
;
1442 nvlist_t
*rootprops
= NULL
;
1443 nvlist_t
*zplprops
= NULL
;
1444 dsl_crypto_params_t
*dcp
= NULL
;
1445 const char *spa_name
= zc
->zc_name
;
1446 boolean_t unload_wkey
= B_TRUE
;
1448 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1449 zc
->zc_iflags
, &config
)))
1452 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1453 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1454 zc
->zc_iflags
, &props
))) {
1455 nvlist_free(config
);
1460 nvlist_t
*nvl
= NULL
;
1461 nvlist_t
*hidden_args
= NULL
;
1462 uint64_t version
= SPA_VERSION
;
1465 (void) nvlist_lookup_uint64(props
,
1466 zpool_prop_to_name(ZPOOL_PROP_VERSION
), &version
);
1467 if (!SPA_VERSION_IS_SUPPORTED(version
)) {
1468 error
= SET_ERROR(EINVAL
);
1469 goto pool_props_bad
;
1471 (void) nvlist_lookup_nvlist(props
, ZPOOL_ROOTFS_PROPS
, &nvl
);
1473 error
= nvlist_dup(nvl
, &rootprops
, KM_SLEEP
);
1475 goto pool_props_bad
;
1476 (void) nvlist_remove_all(props
, ZPOOL_ROOTFS_PROPS
);
1479 (void) nvlist_lookup_nvlist(props
, ZPOOL_HIDDEN_ARGS
,
1481 error
= dsl_crypto_params_create_nvlist(DCP_CMD_NONE
,
1482 rootprops
, hidden_args
, &dcp
);
1484 goto pool_props_bad
;
1485 (void) nvlist_remove_all(props
, ZPOOL_HIDDEN_ARGS
);
1487 VERIFY(nvlist_alloc(&zplprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
1488 error
= zfs_fill_zplprops_root(version
, rootprops
,
1491 goto pool_props_bad
;
1493 if (nvlist_lookup_string(props
,
1494 zpool_prop_to_name(ZPOOL_PROP_TNAME
), &tname
) == 0)
1498 error
= spa_create(zc
->zc_name
, config
, props
, zplprops
, dcp
);
1501 * Set the remaining root properties
1503 if (!error
&& (error
= zfs_set_prop_nvlist(spa_name
,
1504 ZPROP_SRC_LOCAL
, rootprops
, NULL
)) != 0) {
1505 (void) spa_destroy(spa_name
);
1506 unload_wkey
= B_FALSE
; /* spa_destroy() unloads wrapping keys */
1510 nvlist_free(rootprops
);
1511 nvlist_free(zplprops
);
1512 nvlist_free(config
);
1514 dsl_crypto_params_free(dcp
, unload_wkey
&& !!error
);
1520 zfs_ioc_pool_destroy(zfs_cmd_t
*zc
)
1523 zfs_log_history(zc
);
1524 error
= spa_destroy(zc
->zc_name
);
1530 zfs_ioc_pool_import(zfs_cmd_t
*zc
)
1532 nvlist_t
*config
, *props
= NULL
;
1536 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1537 zc
->zc_iflags
, &config
)) != 0)
1540 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1541 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1542 zc
->zc_iflags
, &props
))) {
1543 nvlist_free(config
);
1547 if (nvlist_lookup_uint64(config
, ZPOOL_CONFIG_POOL_GUID
, &guid
) != 0 ||
1548 guid
!= zc
->zc_guid
)
1549 error
= SET_ERROR(EINVAL
);
1551 error
= spa_import(zc
->zc_name
, config
, props
, zc
->zc_cookie
);
1553 if (zc
->zc_nvlist_dst
!= 0) {
1556 if ((err
= put_nvlist(zc
, config
)) != 0)
1560 nvlist_free(config
);
1567 zfs_ioc_pool_export(zfs_cmd_t
*zc
)
1570 boolean_t force
= (boolean_t
)zc
->zc_cookie
;
1571 boolean_t hardforce
= (boolean_t
)zc
->zc_guid
;
1573 zfs_log_history(zc
);
1574 error
= spa_export(zc
->zc_name
, NULL
, force
, hardforce
);
1580 zfs_ioc_pool_configs(zfs_cmd_t
*zc
)
1585 if ((configs
= spa_all_configs(&zc
->zc_cookie
)) == NULL
)
1586 return (SET_ERROR(EEXIST
));
1588 error
= put_nvlist(zc
, configs
);
1590 nvlist_free(configs
);
1597 * zc_name name of the pool
1600 * zc_cookie real errno
1601 * zc_nvlist_dst config nvlist
1602 * zc_nvlist_dst_size size of config nvlist
1605 zfs_ioc_pool_stats(zfs_cmd_t
*zc
)
1611 error
= spa_get_stats(zc
->zc_name
, &config
, zc
->zc_value
,
1612 sizeof (zc
->zc_value
));
1614 if (config
!= NULL
) {
1615 ret
= put_nvlist(zc
, config
);
1616 nvlist_free(config
);
1619 * The config may be present even if 'error' is non-zero.
1620 * In this case we return success, and preserve the real errno
1623 zc
->zc_cookie
= error
;
1632 * Try to import the given pool, returning pool stats as appropriate so that
1633 * user land knows which devices are available and overall pool health.
1636 zfs_ioc_pool_tryimport(zfs_cmd_t
*zc
)
1638 nvlist_t
*tryconfig
, *config
= NULL
;
1641 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1642 zc
->zc_iflags
, &tryconfig
)) != 0)
1645 config
= spa_tryimport(tryconfig
);
1647 nvlist_free(tryconfig
);
1650 return (SET_ERROR(EINVAL
));
1652 error
= put_nvlist(zc
, config
);
1653 nvlist_free(config
);
1660 * zc_name name of the pool
1661 * zc_cookie scan func (pool_scan_func_t)
1662 * zc_flags scrub pause/resume flag (pool_scrub_cmd_t)
1665 zfs_ioc_pool_scan(zfs_cmd_t
*zc
)
1670 if (zc
->zc_flags
>= POOL_SCRUB_FLAGS_END
)
1671 return (SET_ERROR(EINVAL
));
1673 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1676 if (zc
->zc_flags
== POOL_SCRUB_PAUSE
)
1677 error
= spa_scrub_pause_resume(spa
, POOL_SCRUB_PAUSE
);
1678 else if (zc
->zc_cookie
== POOL_SCAN_NONE
)
1679 error
= spa_scan_stop(spa
);
1681 error
= spa_scan(spa
, zc
->zc_cookie
);
1683 spa_close(spa
, FTAG
);
1690 * poolname name of the pool
1691 * scan_type scan func (pool_scan_func_t)
1692 * scan_command scrub pause/resume flag (pool_scrub_cmd_t)
1694 static const zfs_ioc_key_t zfs_keys_pool_scrub
[] = {
1695 {"scan_type", DATA_TYPE_UINT64
, 0},
1696 {"scan_command", DATA_TYPE_UINT64
, 0},
1700 zfs_ioc_pool_scrub(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
1704 uint64_t scan_type
, scan_cmd
;
1706 if (nvlist_lookup_uint64(innvl
, "scan_type", &scan_type
) != 0)
1707 return (SET_ERROR(EINVAL
));
1708 if (nvlist_lookup_uint64(innvl
, "scan_command", &scan_cmd
) != 0)
1709 return (SET_ERROR(EINVAL
));
1711 if (scan_cmd
>= POOL_SCRUB_FLAGS_END
)
1712 return (SET_ERROR(EINVAL
));
1714 if ((error
= spa_open(poolname
, &spa
, FTAG
)) != 0)
1717 if (scan_cmd
== POOL_SCRUB_PAUSE
) {
1718 error
= spa_scrub_pause_resume(spa
, POOL_SCRUB_PAUSE
);
1719 } else if (scan_type
== POOL_SCAN_NONE
) {
1720 error
= spa_scan_stop(spa
);
1722 error
= spa_scan(spa
, scan_type
);
1725 spa_close(spa
, FTAG
);
1730 zfs_ioc_pool_freeze(zfs_cmd_t
*zc
)
1735 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1738 spa_close(spa
, FTAG
);
1744 zfs_ioc_pool_upgrade(zfs_cmd_t
*zc
)
1749 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1752 if (zc
->zc_cookie
< spa_version(spa
) ||
1753 !SPA_VERSION_IS_SUPPORTED(zc
->zc_cookie
)) {
1754 spa_close(spa
, FTAG
);
1755 return (SET_ERROR(EINVAL
));
1758 spa_upgrade(spa
, zc
->zc_cookie
);
1759 spa_close(spa
, FTAG
);
1765 zfs_ioc_pool_get_history(zfs_cmd_t
*zc
)
1772 if ((size
= zc
->zc_history_len
) == 0)
1773 return (SET_ERROR(EINVAL
));
1775 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1778 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
1779 spa_close(spa
, FTAG
);
1780 return (SET_ERROR(ENOTSUP
));
1783 hist_buf
= vmem_alloc(size
, KM_SLEEP
);
1784 if ((error
= spa_history_get(spa
, &zc
->zc_history_offset
,
1785 &zc
->zc_history_len
, hist_buf
)) == 0) {
1786 error
= ddi_copyout(hist_buf
,
1787 (void *)(uintptr_t)zc
->zc_history
,
1788 zc
->zc_history_len
, zc
->zc_iflags
);
1791 spa_close(spa
, FTAG
);
1792 vmem_free(hist_buf
, size
);
1797 zfs_ioc_pool_reguid(zfs_cmd_t
*zc
)
1802 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1804 error
= spa_change_guid(spa
);
1805 spa_close(spa
, FTAG
);
1811 zfs_ioc_dsobj_to_dsname(zfs_cmd_t
*zc
)
1813 return (dsl_dsobj_to_dsname(zc
->zc_name
, zc
->zc_obj
, zc
->zc_value
));
1818 * zc_name name of filesystem
1819 * zc_obj object to find
1822 * zc_value name of object
1825 zfs_ioc_obj_to_path(zfs_cmd_t
*zc
)
1830 /* XXX reading from objset not owned */
1831 if ((error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
,
1834 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1835 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1836 return (SET_ERROR(EINVAL
));
1838 error
= zfs_obj_to_path(os
, zc
->zc_obj
, zc
->zc_value
,
1839 sizeof (zc
->zc_value
));
1840 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1847 * zc_name name of filesystem
1848 * zc_obj object to find
1851 * zc_stat stats on object
1852 * zc_value path to object
1855 zfs_ioc_obj_to_stats(zfs_cmd_t
*zc
)
1860 /* XXX reading from objset not owned */
1861 if ((error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
,
1864 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1865 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1866 return (SET_ERROR(EINVAL
));
1868 error
= zfs_obj_to_stats(os
, zc
->zc_obj
, &zc
->zc_stat
, zc
->zc_value
,
1869 sizeof (zc
->zc_value
));
1870 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1876 zfs_ioc_vdev_add(zfs_cmd_t
*zc
)
1882 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1886 error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1887 zc
->zc_iflags
, &config
);
1889 error
= spa_vdev_add(spa
, config
);
1890 nvlist_free(config
);
1892 spa_close(spa
, FTAG
);
1898 * zc_name name of the pool
1899 * zc_guid guid of vdev to remove
1900 * zc_cookie cancel removal
1903 zfs_ioc_vdev_remove(zfs_cmd_t
*zc
)
1908 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1911 if (zc
->zc_cookie
!= 0) {
1912 error
= spa_vdev_remove_cancel(spa
);
1914 error
= spa_vdev_remove(spa
, zc
->zc_guid
, B_FALSE
);
1916 spa_close(spa
, FTAG
);
1921 zfs_ioc_vdev_set_state(zfs_cmd_t
*zc
)
1925 vdev_state_t newstate
= VDEV_STATE_UNKNOWN
;
1927 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1929 switch (zc
->zc_cookie
) {
1930 case VDEV_STATE_ONLINE
:
1931 error
= vdev_online(spa
, zc
->zc_guid
, zc
->zc_obj
, &newstate
);
1934 case VDEV_STATE_OFFLINE
:
1935 error
= vdev_offline(spa
, zc
->zc_guid
, zc
->zc_obj
);
1938 case VDEV_STATE_FAULTED
:
1939 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1940 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
&&
1941 zc
->zc_obj
!= VDEV_AUX_EXTERNAL_PERSIST
)
1942 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1944 error
= vdev_fault(spa
, zc
->zc_guid
, zc
->zc_obj
);
1947 case VDEV_STATE_DEGRADED
:
1948 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1949 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
)
1950 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1952 error
= vdev_degrade(spa
, zc
->zc_guid
, zc
->zc_obj
);
1955 case VDEV_STATE_REMOVED
:
1956 error
= vdev_remove_wanted(spa
, zc
->zc_guid
);
1960 error
= SET_ERROR(EINVAL
);
1962 zc
->zc_cookie
= newstate
;
1963 spa_close(spa
, FTAG
);
1968 zfs_ioc_vdev_attach(zfs_cmd_t
*zc
)
1972 int replacing
= zc
->zc_cookie
;
1973 int rebuild
= zc
->zc_simple
;
1976 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1979 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1980 zc
->zc_iflags
, &config
)) == 0) {
1981 error
= spa_vdev_attach(spa
, zc
->zc_guid
, config
, replacing
,
1983 nvlist_free(config
);
1986 spa_close(spa
, FTAG
);
1991 zfs_ioc_vdev_detach(zfs_cmd_t
*zc
)
1996 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1999 error
= spa_vdev_detach(spa
, zc
->zc_guid
, 0, B_FALSE
);
2001 spa_close(spa
, FTAG
);
2006 zfs_ioc_vdev_split(zfs_cmd_t
*zc
)
2009 nvlist_t
*config
, *props
= NULL
;
2011 boolean_t exp
= !!(zc
->zc_cookie
& ZPOOL_EXPORT_AFTER_SPLIT
);
2013 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
2016 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
2017 zc
->zc_iflags
, &config
))) {
2018 spa_close(spa
, FTAG
);
2022 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
2023 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2024 zc
->zc_iflags
, &props
))) {
2025 spa_close(spa
, FTAG
);
2026 nvlist_free(config
);
2030 error
= spa_vdev_split_mirror(spa
, zc
->zc_string
, config
, props
, exp
);
2032 spa_close(spa
, FTAG
);
2034 nvlist_free(config
);
2041 zfs_ioc_vdev_setpath(zfs_cmd_t
*zc
)
2044 const char *path
= zc
->zc_value
;
2045 uint64_t guid
= zc
->zc_guid
;
2048 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
2052 error
= spa_vdev_setpath(spa
, guid
, path
);
2053 spa_close(spa
, FTAG
);
2058 zfs_ioc_vdev_setfru(zfs_cmd_t
*zc
)
2061 const char *fru
= zc
->zc_value
;
2062 uint64_t guid
= zc
->zc_guid
;
2065 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
2069 error
= spa_vdev_setfru(spa
, guid
, fru
);
2070 spa_close(spa
, FTAG
);
2075 zfs_ioc_objset_stats_impl(zfs_cmd_t
*zc
, objset_t
*os
)
2080 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
2082 if (!zc
->zc_simple
&& zc
->zc_nvlist_dst
!= 0 &&
2083 (error
= dsl_prop_get_all(os
, &nv
)) == 0) {
2084 dmu_objset_stats(os
, nv
);
2086 * NB: zvol_get_stats() will read the objset contents,
2087 * which we aren't supposed to do with a
2088 * DS_MODE_USER hold, because it could be
2089 * inconsistent. So this is a bit of a workaround...
2090 * XXX reading without owning
2092 if (!zc
->zc_objset_stats
.dds_inconsistent
&&
2093 dmu_objset_type(os
) == DMU_OST_ZVOL
) {
2094 error
= zvol_get_stats(os
, nv
);
2102 error
= put_nvlist(zc
, nv
);
2111 * zc_name name of filesystem
2112 * zc_nvlist_dst_size size of buffer for property nvlist
2115 * zc_objset_stats stats
2116 * zc_nvlist_dst property nvlist
2117 * zc_nvlist_dst_size size of property nvlist
2120 zfs_ioc_objset_stats(zfs_cmd_t
*zc
)
2125 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2127 error
= zfs_ioc_objset_stats_impl(zc
, os
);
2128 dmu_objset_rele(os
, FTAG
);
2136 * zc_name name of filesystem
2137 * zc_nvlist_dst_size size of buffer for property nvlist
2140 * zc_nvlist_dst received property nvlist
2141 * zc_nvlist_dst_size size of received property nvlist
2143 * Gets received properties (distinct from local properties on or after
2144 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2145 * local property values.
2148 zfs_ioc_objset_recvd_props(zfs_cmd_t
*zc
)
2154 * Without this check, we would return local property values if the
2155 * caller has not already received properties on or after
2156 * SPA_VERSION_RECVD_PROPS.
2158 if (!dsl_prop_get_hasrecvd(zc
->zc_name
))
2159 return (SET_ERROR(ENOTSUP
));
2161 if (zc
->zc_nvlist_dst
!= 0 &&
2162 (error
= dsl_prop_get_received(zc
->zc_name
, &nv
)) == 0) {
2163 error
= put_nvlist(zc
, nv
);
2171 nvl_add_zplprop(objset_t
*os
, nvlist_t
*props
, zfs_prop_t prop
)
2177 * zfs_get_zplprop() will either find a value or give us
2178 * the default value (if there is one).
2180 if ((error
= zfs_get_zplprop(os
, prop
, &value
)) != 0)
2182 VERIFY(nvlist_add_uint64(props
, zfs_prop_to_name(prop
), value
) == 0);
2188 * zc_name name of filesystem
2189 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2192 * zc_nvlist_dst zpl property nvlist
2193 * zc_nvlist_dst_size size of zpl property nvlist
2196 zfs_ioc_objset_zplprops(zfs_cmd_t
*zc
)
2201 /* XXX reading without owning */
2202 if ((err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)))
2205 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
2208 * NB: nvl_add_zplprop() will read the objset contents,
2209 * which we aren't supposed to do with a DS_MODE_USER
2210 * hold, because it could be inconsistent.
2212 if (zc
->zc_nvlist_dst
!= 0 &&
2213 !zc
->zc_objset_stats
.dds_inconsistent
&&
2214 dmu_objset_type(os
) == DMU_OST_ZFS
) {
2217 VERIFY(nvlist_alloc(&nv
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2218 if ((err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_VERSION
)) == 0 &&
2219 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_NORMALIZE
)) == 0 &&
2220 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_UTF8ONLY
)) == 0 &&
2221 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_CASE
)) == 0)
2222 err
= put_nvlist(zc
, nv
);
2225 err
= SET_ERROR(ENOENT
);
2227 dmu_objset_rele(os
, FTAG
);
2233 * zc_name name of filesystem
2234 * zc_cookie zap cursor
2235 * zc_nvlist_dst_size size of buffer for property nvlist
2238 * zc_name name of next filesystem
2239 * zc_cookie zap cursor
2240 * zc_objset_stats stats
2241 * zc_nvlist_dst property nvlist
2242 * zc_nvlist_dst_size size of property nvlist
2245 zfs_ioc_dataset_list_next(zfs_cmd_t
*zc
)
2250 size_t orig_len
= strlen(zc
->zc_name
);
2253 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
))) {
2254 if (error
== ENOENT
)
2255 error
= SET_ERROR(ESRCH
);
2259 p
= strrchr(zc
->zc_name
, '/');
2260 if (p
== NULL
|| p
[1] != '\0')
2261 (void) strlcat(zc
->zc_name
, "/", sizeof (zc
->zc_name
));
2262 p
= zc
->zc_name
+ strlen(zc
->zc_name
);
2265 error
= dmu_dir_list_next(os
,
2266 sizeof (zc
->zc_name
) - (p
- zc
->zc_name
), p
,
2267 NULL
, &zc
->zc_cookie
);
2268 if (error
== ENOENT
)
2269 error
= SET_ERROR(ESRCH
);
2270 } while (error
== 0 && zfs_dataset_name_hidden(zc
->zc_name
));
2271 dmu_objset_rele(os
, FTAG
);
2274 * If it's an internal dataset (ie. with a '$' in its name),
2275 * don't try to get stats for it, otherwise we'll return ENOENT.
2277 if (error
== 0 && strchr(zc
->zc_name
, '$') == NULL
) {
2278 error
= zfs_ioc_objset_stats(zc
); /* fill in the stats */
2279 if (error
== ENOENT
) {
2280 /* We lost a race with destroy, get the next one. */
2281 zc
->zc_name
[orig_len
] = '\0';
2290 * zc_name name of filesystem
2291 * zc_cookie zap cursor
2292 * zc_nvlist_src iteration range nvlist
2293 * zc_nvlist_src_size size of iteration range nvlist
2296 * zc_name name of next snapshot
2297 * zc_objset_stats stats
2298 * zc_nvlist_dst property nvlist
2299 * zc_nvlist_dst_size size of property nvlist
2302 zfs_ioc_snapshot_list_next(zfs_cmd_t
*zc
)
2305 objset_t
*os
, *ossnap
;
2307 uint64_t min_txg
= 0, max_txg
= 0;
2309 if (zc
->zc_nvlist_src_size
!= 0) {
2310 nvlist_t
*props
= NULL
;
2311 error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2312 zc
->zc_iflags
, &props
);
2315 (void) nvlist_lookup_uint64(props
, SNAP_ITER_MIN_TXG
,
2317 (void) nvlist_lookup_uint64(props
, SNAP_ITER_MAX_TXG
,
2322 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2324 return (error
== ENOENT
? SET_ERROR(ESRCH
) : error
);
2328 * A dataset name of maximum length cannot have any snapshots,
2329 * so exit immediately.
2331 if (strlcat(zc
->zc_name
, "@", sizeof (zc
->zc_name
)) >=
2332 ZFS_MAX_DATASET_NAME_LEN
) {
2333 dmu_objset_rele(os
, FTAG
);
2334 return (SET_ERROR(ESRCH
));
2337 while (error
== 0) {
2338 if (issig(JUSTLOOKING
) && issig(FORREAL
)) {
2339 error
= SET_ERROR(EINTR
);
2343 error
= dmu_snapshot_list_next(os
,
2344 sizeof (zc
->zc_name
) - strlen(zc
->zc_name
),
2345 zc
->zc_name
+ strlen(zc
->zc_name
), &zc
->zc_obj
,
2346 &zc
->zc_cookie
, NULL
);
2347 if (error
== ENOENT
) {
2348 error
= SET_ERROR(ESRCH
);
2350 } else if (error
!= 0) {
2354 error
= dsl_dataset_hold_obj(dmu_objset_pool(os
), zc
->zc_obj
,
2359 if ((min_txg
!= 0 && dsl_get_creationtxg(ds
) < min_txg
) ||
2360 (max_txg
!= 0 && dsl_get_creationtxg(ds
) > max_txg
)) {
2361 dsl_dataset_rele(ds
, FTAG
);
2362 /* undo snapshot name append */
2363 *(strchr(zc
->zc_name
, '@') + 1) = '\0';
2368 if (zc
->zc_simple
) {
2369 dsl_dataset_fast_stat(ds
, &zc
->zc_objset_stats
);
2370 dsl_dataset_rele(ds
, FTAG
);
2374 if ((error
= dmu_objset_from_ds(ds
, &ossnap
)) != 0) {
2375 dsl_dataset_rele(ds
, FTAG
);
2378 if ((error
= zfs_ioc_objset_stats_impl(zc
, ossnap
)) != 0) {
2379 dsl_dataset_rele(ds
, FTAG
);
2382 dsl_dataset_rele(ds
, FTAG
);
2386 dmu_objset_rele(os
, FTAG
);
2387 /* if we failed, undo the @ that we tacked on to zc_name */
2389 *strchr(zc
->zc_name
, '@') = '\0';
2394 zfs_prop_set_userquota(const char *dsname
, nvpair_t
*pair
)
2396 const char *propname
= nvpair_name(pair
);
2398 unsigned int vallen
;
2399 const char *dash
, *domain
;
2400 zfs_userquota_prop_t type
;
2406 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2408 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2409 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2411 return (SET_ERROR(EINVAL
));
2415 * A correctly constructed propname is encoded as
2416 * userquota@<rid>-<domain>.
2418 if ((dash
= strchr(propname
, '-')) == NULL
||
2419 nvpair_value_uint64_array(pair
, &valary
, &vallen
) != 0 ||
2421 return (SET_ERROR(EINVAL
));
2428 err
= zfsvfs_hold(dsname
, FTAG
, &zfsvfs
, B_FALSE
);
2430 err
= zfs_set_userquota(zfsvfs
, type
, domain
, rid
, quota
);
2431 zfsvfs_rele(zfsvfs
, FTAG
);
2438 * If the named property is one that has a special function to set its value,
2439 * return 0 on success and a positive error code on failure; otherwise if it is
2440 * not one of the special properties handled by this function, return -1.
2442 * XXX: It would be better for callers of the property interface if we handled
2443 * these special cases in dsl_prop.c (in the dsl layer).
2446 zfs_prop_set_special(const char *dsname
, zprop_source_t source
,
2449 const char *propname
= nvpair_name(pair
);
2450 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2451 uint64_t intval
= 0;
2452 const char *strval
= NULL
;
2455 if (prop
== ZPROP_USERPROP
) {
2456 if (zfs_prop_userquota(propname
))
2457 return (zfs_prop_set_userquota(dsname
, pair
));
2461 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2463 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2464 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2468 /* all special properties are numeric except for keylocation */
2469 if (zfs_prop_get_type(prop
) == PROP_TYPE_STRING
) {
2470 strval
= fnvpair_value_string(pair
);
2472 intval
= fnvpair_value_uint64(pair
);
2476 case ZFS_PROP_QUOTA
:
2477 err
= dsl_dir_set_quota(dsname
, source
, intval
);
2479 case ZFS_PROP_REFQUOTA
:
2480 err
= dsl_dataset_set_refquota(dsname
, source
, intval
);
2482 case ZFS_PROP_FILESYSTEM_LIMIT
:
2483 case ZFS_PROP_SNAPSHOT_LIMIT
:
2484 if (intval
== UINT64_MAX
) {
2485 /* clearing the limit, just do it */
2488 err
= dsl_dir_activate_fs_ss_limit(dsname
);
2491 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2492 * default path to set the value in the nvlist.
2497 case ZFS_PROP_KEYLOCATION
:
2498 err
= dsl_crypto_can_set_keylocation(dsname
, strval
);
2501 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2502 * default path to set the value in the nvlist.
2507 case ZFS_PROP_RESERVATION
:
2508 err
= dsl_dir_set_reservation(dsname
, source
, intval
);
2510 case ZFS_PROP_REFRESERVATION
:
2511 err
= dsl_dataset_set_refreservation(dsname
, source
, intval
);
2513 case ZFS_PROP_COMPRESSION
:
2514 err
= dsl_dataset_set_compression(dsname
, source
, intval
);
2516 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2517 * default path to set the value in the nvlist.
2522 case ZFS_PROP_VOLSIZE
:
2523 err
= zvol_set_volsize(dsname
, intval
);
2525 case ZFS_PROP_SNAPDEV
:
2526 err
= zvol_set_snapdev(dsname
, source
, intval
);
2528 case ZFS_PROP_VOLMODE
:
2529 err
= zvol_set_volmode(dsname
, source
, intval
);
2531 case ZFS_PROP_VERSION
:
2535 if ((err
= zfsvfs_hold(dsname
, FTAG
, &zfsvfs
, B_TRUE
)) != 0)
2538 err
= zfs_set_version(zfsvfs
, intval
);
2539 zfsvfs_rele(zfsvfs
, FTAG
);
2541 if (err
== 0 && intval
>= ZPL_VERSION_USERSPACE
) {
2544 zc
= kmem_zalloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
2545 (void) strlcpy(zc
->zc_name
, dsname
,
2546 sizeof (zc
->zc_name
));
2547 (void) zfs_ioc_userspace_upgrade(zc
);
2548 (void) zfs_ioc_id_quota_upgrade(zc
);
2549 kmem_free(zc
, sizeof (zfs_cmd_t
));
2561 zfs_is_namespace_prop(zfs_prop_t prop
)
2565 case ZFS_PROP_ATIME
:
2566 case ZFS_PROP_RELATIME
:
2567 case ZFS_PROP_DEVICES
:
2569 case ZFS_PROP_SETUID
:
2570 case ZFS_PROP_READONLY
:
2571 case ZFS_PROP_XATTR
:
2572 case ZFS_PROP_NBMAND
:
2581 * This function is best effort. If it fails to set any of the given properties,
2582 * it continues to set as many as it can and returns the last error
2583 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2584 * with the list of names of all the properties that failed along with the
2585 * corresponding error numbers.
2587 * If every property is set successfully, zero is returned and errlist is not
2591 zfs_set_prop_nvlist(const char *dsname
, zprop_source_t source
, nvlist_t
*nvl
,
2600 boolean_t should_update_mount_cache
= B_FALSE
;
2602 nvlist_t
*genericnvl
= fnvlist_alloc();
2603 nvlist_t
*retrynvl
= fnvlist_alloc();
2606 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2607 const char *propname
= nvpair_name(pair
);
2608 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2611 /* decode the property value */
2613 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2615 attrs
= fnvpair_value_nvlist(pair
);
2616 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2618 err
= SET_ERROR(EINVAL
);
2621 /* Validate value type */
2622 if (err
== 0 && source
== ZPROP_SRC_INHERITED
) {
2623 /* inherited properties are expected to be booleans */
2624 if (nvpair_type(propval
) != DATA_TYPE_BOOLEAN
)
2625 err
= SET_ERROR(EINVAL
);
2626 } else if (err
== 0 && prop
== ZPROP_USERPROP
) {
2627 if (zfs_prop_user(propname
)) {
2628 if (nvpair_type(propval
) != DATA_TYPE_STRING
)
2629 err
= SET_ERROR(EINVAL
);
2630 } else if (zfs_prop_userquota(propname
)) {
2631 if (nvpair_type(propval
) !=
2632 DATA_TYPE_UINT64_ARRAY
)
2633 err
= SET_ERROR(EINVAL
);
2635 err
= SET_ERROR(EINVAL
);
2637 } else if (err
== 0) {
2638 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2639 if (zfs_prop_get_type(prop
) != PROP_TYPE_STRING
)
2640 err
= SET_ERROR(EINVAL
);
2641 } else if (nvpair_type(propval
) == DATA_TYPE_UINT64
) {
2644 intval
= fnvpair_value_uint64(propval
);
2646 switch (zfs_prop_get_type(prop
)) {
2647 case PROP_TYPE_NUMBER
:
2649 case PROP_TYPE_STRING
:
2650 err
= SET_ERROR(EINVAL
);
2652 case PROP_TYPE_INDEX
:
2653 if (zfs_prop_index_to_string(prop
,
2654 intval
, &unused
) != 0)
2656 SET_ERROR(ZFS_ERR_BADPROP
);
2660 "unknown property type");
2663 err
= SET_ERROR(EINVAL
);
2667 /* Validate permissions */
2669 err
= zfs_check_settable(dsname
, pair
, CRED());
2672 if (source
== ZPROP_SRC_INHERITED
)
2673 err
= -1; /* does not need special handling */
2675 err
= zfs_prop_set_special(dsname
, source
,
2679 * For better performance we build up a list of
2680 * properties to set in a single transaction.
2682 err
= nvlist_add_nvpair(genericnvl
, pair
);
2683 } else if (err
!= 0 && nvl
!= retrynvl
) {
2685 * This may be a spurious error caused by
2686 * receiving quota and reservation out of order.
2687 * Try again in a second pass.
2689 err
= nvlist_add_nvpair(retrynvl
, pair
);
2694 if (errlist
!= NULL
)
2695 fnvlist_add_int32(errlist
, propname
, err
);
2699 if (zfs_is_namespace_prop(prop
))
2700 should_update_mount_cache
= B_TRUE
;
2703 if (nvl
!= retrynvl
&& !nvlist_empty(retrynvl
)) {
2708 if (nvlist_empty(genericnvl
))
2712 * Try to set them all in one batch.
2714 err
= dsl_props_set(dsname
, source
, genericnvl
);
2719 * If batching fails, we still want to set as many properties as we
2720 * can, so try setting them individually.
2723 while ((pair
= nvlist_next_nvpair(genericnvl
, pair
)) != NULL
) {
2724 const char *propname
= nvpair_name(pair
);
2727 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2729 attrs
= fnvpair_value_nvlist(pair
);
2730 propval
= fnvlist_lookup_nvpair(attrs
, ZPROP_VALUE
);
2733 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2734 strval
= fnvpair_value_string(propval
);
2735 err
= dsl_prop_set_string(dsname
, propname
,
2737 } else if (nvpair_type(propval
) == DATA_TYPE_BOOLEAN
) {
2738 err
= dsl_prop_inherit(dsname
, propname
, source
);
2740 intval
= fnvpair_value_uint64(propval
);
2741 err
= dsl_prop_set_int(dsname
, propname
, source
,
2746 if (errlist
!= NULL
) {
2747 fnvlist_add_int32(errlist
, propname
, err
);
2754 if (should_update_mount_cache
)
2755 zfs_ioctl_update_mount_cache(dsname
);
2757 nvlist_free(genericnvl
);
2758 nvlist_free(retrynvl
);
2764 * Check that all the properties are valid user properties.
2767 zfs_check_userprops(nvlist_t
*nvl
)
2769 nvpair_t
*pair
= NULL
;
2771 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2772 const char *propname
= nvpair_name(pair
);
2774 if (!zfs_prop_user(propname
) ||
2775 nvpair_type(pair
) != DATA_TYPE_STRING
)
2776 return (SET_ERROR(EINVAL
));
2778 if (strlen(propname
) >= ZAP_MAXNAMELEN
)
2779 return (SET_ERROR(ENAMETOOLONG
));
2781 if (strlen(fnvpair_value_string(pair
)) >= ZAP_MAXVALUELEN
)
2782 return (SET_ERROR(E2BIG
));
2788 props_skip(nvlist_t
*props
, nvlist_t
*skipped
, nvlist_t
**newprops
)
2792 VERIFY(nvlist_alloc(newprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2795 while ((pair
= nvlist_next_nvpair(props
, pair
)) != NULL
) {
2796 if (nvlist_exists(skipped
, nvpair_name(pair
)))
2799 VERIFY(nvlist_add_nvpair(*newprops
, pair
) == 0);
2804 clear_received_props(const char *dsname
, nvlist_t
*props
,
2808 nvlist_t
*cleared_props
= NULL
;
2809 props_skip(props
, skipped
, &cleared_props
);
2810 if (!nvlist_empty(cleared_props
)) {
2812 * Acts on local properties until the dataset has received
2813 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2815 zprop_source_t flags
= (ZPROP_SRC_NONE
|
2816 (dsl_prop_get_hasrecvd(dsname
) ? ZPROP_SRC_RECEIVED
: 0));
2817 err
= zfs_set_prop_nvlist(dsname
, flags
, cleared_props
, NULL
);
2819 nvlist_free(cleared_props
);
2825 * zc_name name of filesystem
2826 * zc_value name of property to set
2827 * zc_nvlist_src{_size} nvlist of properties to apply
2828 * zc_cookie received properties flag
2831 * zc_nvlist_dst{_size} error for each unapplied received property
2834 zfs_ioc_set_prop(zfs_cmd_t
*zc
)
2837 boolean_t received
= zc
->zc_cookie
;
2838 zprop_source_t source
= (received
? ZPROP_SRC_RECEIVED
:
2843 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2844 zc
->zc_iflags
, &nvl
)) != 0)
2848 nvlist_t
*origprops
;
2850 if (dsl_prop_get_received(zc
->zc_name
, &origprops
) == 0) {
2851 (void) clear_received_props(zc
->zc_name
,
2853 nvlist_free(origprops
);
2856 error
= dsl_prop_set_hasrecvd(zc
->zc_name
);
2859 errors
= fnvlist_alloc();
2861 error
= zfs_set_prop_nvlist(zc
->zc_name
, source
, nvl
, errors
);
2863 if (zc
->zc_nvlist_dst
!= 0 && errors
!= NULL
) {
2864 (void) put_nvlist(zc
, errors
);
2867 nvlist_free(errors
);
2874 * zc_name name of filesystem
2875 * zc_value name of property to inherit
2876 * zc_cookie revert to received value if TRUE
2881 zfs_ioc_inherit_prop(zfs_cmd_t
*zc
)
2883 const char *propname
= zc
->zc_value
;
2884 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2885 boolean_t received
= zc
->zc_cookie
;
2886 zprop_source_t source
= (received
2887 ? ZPROP_SRC_NONE
/* revert to received value, if any */
2888 : ZPROP_SRC_INHERITED
); /* explicitly inherit */
2896 * Only check this in the non-received case. We want to allow
2897 * 'inherit -S' to revert non-inheritable properties like quota
2898 * and reservation to the received or default values even though
2899 * they are not considered inheritable.
2901 if (prop
!= ZPROP_USERPROP
&& !zfs_prop_inheritable(prop
))
2902 return (SET_ERROR(EINVAL
));
2905 if (prop
== ZPROP_USERPROP
) {
2906 if (!zfs_prop_user(propname
))
2907 return (SET_ERROR(EINVAL
));
2909 type
= PROP_TYPE_STRING
;
2910 } else if (prop
== ZFS_PROP_VOLSIZE
|| prop
== ZFS_PROP_VERSION
) {
2911 return (SET_ERROR(EINVAL
));
2913 type
= zfs_prop_get_type(prop
);
2917 * zfs_prop_set_special() expects properties in the form of an
2918 * nvpair with type info.
2920 dummy
= fnvlist_alloc();
2923 case PROP_TYPE_STRING
:
2924 VERIFY(0 == nvlist_add_string(dummy
, propname
, ""));
2926 case PROP_TYPE_NUMBER
:
2927 case PROP_TYPE_INDEX
:
2928 VERIFY(0 == nvlist_add_uint64(dummy
, propname
, 0));
2931 err
= SET_ERROR(EINVAL
);
2935 pair
= nvlist_next_nvpair(dummy
, NULL
);
2937 err
= SET_ERROR(EINVAL
);
2939 err
= zfs_prop_set_special(zc
->zc_name
, source
, pair
);
2940 if (err
== -1) /* property is not "special", needs handling */
2941 err
= dsl_prop_inherit(zc
->zc_name
, zc
->zc_value
,
2951 zfs_ioc_pool_set_props(zfs_cmd_t
*zc
)
2958 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2959 zc
->zc_iflags
, &props
)))
2963 * If the only property is the configfile, then just do a spa_lookup()
2964 * to handle the faulted case.
2966 pair
= nvlist_next_nvpair(props
, NULL
);
2967 if (pair
!= NULL
&& strcmp(nvpair_name(pair
),
2968 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE
)) == 0 &&
2969 nvlist_next_nvpair(props
, pair
) == NULL
) {
2970 mutex_enter(&spa_namespace_lock
);
2971 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
) {
2972 spa_configfile_set(spa
, props
, B_FALSE
);
2973 spa_write_cachefile(spa
, B_FALSE
, B_TRUE
, B_FALSE
);
2975 mutex_exit(&spa_namespace_lock
);
2982 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2987 error
= spa_prop_set(spa
, props
);
2990 spa_close(spa
, FTAG
);
2996 zfs_ioc_pool_get_props(zfs_cmd_t
*zc
)
3000 nvlist_t
*nvp
= NULL
;
3002 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
3004 * If the pool is faulted, there may be properties we can still
3005 * get (such as altroot and cachefile), so attempt to get them
3008 mutex_enter(&spa_namespace_lock
);
3009 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
)
3010 error
= spa_prop_get(spa
, &nvp
);
3011 mutex_exit(&spa_namespace_lock
);
3013 error
= spa_prop_get(spa
, &nvp
);
3014 spa_close(spa
, FTAG
);
3017 if (error
== 0 && zc
->zc_nvlist_dst
!= 0)
3018 error
= put_nvlist(zc
, nvp
);
3020 error
= SET_ERROR(EFAULT
);
3028 * "vdevprops_set_vdev" -> guid
3029 * "vdevprops_set_props" -> { prop -> value }
3032 * outnvl: propname -> error code (int32)
3034 static const zfs_ioc_key_t zfs_keys_vdev_set_props
[] = {
3035 {ZPOOL_VDEV_PROPS_SET_VDEV
, DATA_TYPE_UINT64
, 0},
3036 {ZPOOL_VDEV_PROPS_SET_PROPS
, DATA_TYPE_NVLIST
, 0}
3040 zfs_ioc_vdev_set_props(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3047 /* Early validation */
3048 if (nvlist_lookup_uint64(innvl
, ZPOOL_VDEV_PROPS_SET_VDEV
,
3050 return (SET_ERROR(EINVAL
));
3053 return (SET_ERROR(EINVAL
));
3055 if ((error
= spa_open(poolname
, &spa
, FTAG
)) != 0)
3058 ASSERT(spa_writeable(spa
));
3060 if ((vd
= spa_lookup_by_guid(spa
, vdev_guid
, B_TRUE
)) == NULL
) {
3061 spa_close(spa
, FTAG
);
3062 return (SET_ERROR(ENOENT
));
3065 error
= vdev_prop_set(vd
, innvl
, outnvl
);
3067 spa_close(spa
, FTAG
);
3074 * "vdevprops_get_vdev" -> guid
3075 * (optional) "vdevprops_get_props" -> { propname -> propid }
3078 * outnvl: propname -> value
3080 static const zfs_ioc_key_t zfs_keys_vdev_get_props
[] = {
3081 {ZPOOL_VDEV_PROPS_GET_VDEV
, DATA_TYPE_UINT64
, 0},
3082 {ZPOOL_VDEV_PROPS_GET_PROPS
, DATA_TYPE_NVLIST
, ZK_OPTIONAL
}
3086 zfs_ioc_vdev_get_props(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3093 /* Early validation */
3094 if (nvlist_lookup_uint64(innvl
, ZPOOL_VDEV_PROPS_GET_VDEV
,
3096 return (SET_ERROR(EINVAL
));
3099 return (SET_ERROR(EINVAL
));
3101 if ((error
= spa_open(poolname
, &spa
, FTAG
)) != 0)
3104 if ((vd
= spa_lookup_by_guid(spa
, vdev_guid
, B_TRUE
)) == NULL
) {
3105 spa_close(spa
, FTAG
);
3106 return (SET_ERROR(ENOENT
));
3109 error
= vdev_prop_get(vd
, innvl
, outnvl
);
3111 spa_close(spa
, FTAG
);
3118 * zc_name name of filesystem
3119 * zc_nvlist_src{_size} nvlist of delegated permissions
3120 * zc_perm_action allow/unallow flag
3125 zfs_ioc_set_fsacl(zfs_cmd_t
*zc
)
3128 nvlist_t
*fsaclnv
= NULL
;
3130 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
3131 zc
->zc_iflags
, &fsaclnv
)) != 0)
3135 * Verify nvlist is constructed correctly
3137 if (zfs_deleg_verify_nvlist(fsaclnv
) != 0) {
3138 nvlist_free(fsaclnv
);
3139 return (SET_ERROR(EINVAL
));
3143 * If we don't have PRIV_SYS_MOUNT, then validate
3144 * that user is allowed to hand out each permission in
3148 error
= secpolicy_zfs(CRED());
3150 if (zc
->zc_perm_action
== B_FALSE
) {
3151 error
= dsl_deleg_can_allow(zc
->zc_name
,
3154 error
= dsl_deleg_can_unallow(zc
->zc_name
,
3160 error
= dsl_deleg_set(zc
->zc_name
, fsaclnv
, zc
->zc_perm_action
);
3162 nvlist_free(fsaclnv
);
3168 * zc_name name of filesystem
3171 * zc_nvlist_src{_size} nvlist of delegated permissions
3174 zfs_ioc_get_fsacl(zfs_cmd_t
*zc
)
3179 if ((error
= dsl_deleg_get(zc
->zc_name
, &nvp
)) == 0) {
3180 error
= put_nvlist(zc
, nvp
);
3188 zfs_create_cb(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
)
3190 zfs_creat_t
*zct
= arg
;
3192 zfs_create_fs(os
, cr
, zct
->zct_zplprops
, tx
);
3195 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
3199 * os parent objset pointer (NULL if root fs)
3200 * fuids_ok fuids allowed in this version of the spa?
3201 * sa_ok SAs allowed in this version of the spa?
3202 * createprops list of properties requested by creator
3205 * zplprops values for the zplprops we attach to the master node object
3206 * is_ci true if requested file system will be purely case-insensitive
3208 * Determine the settings for utf8only, normalization and
3209 * casesensitivity. Specific values may have been requested by the
3210 * creator and/or we can inherit values from the parent dataset. If
3211 * the file system is of too early a vintage, a creator can not
3212 * request settings for these properties, even if the requested
3213 * setting is the default value. We don't actually want to create dsl
3214 * properties for these, so remove them from the source nvlist after
3218 zfs_fill_zplprops_impl(objset_t
*os
, uint64_t zplver
,
3219 boolean_t fuids_ok
, boolean_t sa_ok
, nvlist_t
*createprops
,
3220 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3222 uint64_t sense
= ZFS_PROP_UNDEFINED
;
3223 uint64_t norm
= ZFS_PROP_UNDEFINED
;
3224 uint64_t u8
= ZFS_PROP_UNDEFINED
;
3227 ASSERT(zplprops
!= NULL
);
3229 /* parent dataset must be a filesystem */
3230 if (os
!= NULL
&& os
->os_phys
->os_type
!= DMU_OST_ZFS
)
3231 return (SET_ERROR(ZFS_ERR_WRONG_PARENT
));
3234 * Pull out creator prop choices, if any.
3237 (void) nvlist_lookup_uint64(createprops
,
3238 zfs_prop_to_name(ZFS_PROP_VERSION
), &zplver
);
3239 (void) nvlist_lookup_uint64(createprops
,
3240 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), &norm
);
3241 (void) nvlist_remove_all(createprops
,
3242 zfs_prop_to_name(ZFS_PROP_NORMALIZE
));
3243 (void) nvlist_lookup_uint64(createprops
,
3244 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), &u8
);
3245 (void) nvlist_remove_all(createprops
,
3246 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
));
3247 (void) nvlist_lookup_uint64(createprops
,
3248 zfs_prop_to_name(ZFS_PROP_CASE
), &sense
);
3249 (void) nvlist_remove_all(createprops
,
3250 zfs_prop_to_name(ZFS_PROP_CASE
));
3254 * If the zpl version requested is whacky or the file system
3255 * or pool is version is too "young" to support normalization
3256 * and the creator tried to set a value for one of the props,
3259 if ((zplver
< ZPL_VERSION_INITIAL
|| zplver
> ZPL_VERSION
) ||
3260 (zplver
>= ZPL_VERSION_FUID
&& !fuids_ok
) ||
3261 (zplver
>= ZPL_VERSION_SA
&& !sa_ok
) ||
3262 (zplver
< ZPL_VERSION_NORMALIZATION
&&
3263 (norm
!= ZFS_PROP_UNDEFINED
|| u8
!= ZFS_PROP_UNDEFINED
||
3264 sense
!= ZFS_PROP_UNDEFINED
)))
3265 return (SET_ERROR(ENOTSUP
));
3268 * Put the version in the zplprops
3270 VERIFY(nvlist_add_uint64(zplprops
,
3271 zfs_prop_to_name(ZFS_PROP_VERSION
), zplver
) == 0);
3273 if (norm
== ZFS_PROP_UNDEFINED
&&
3274 (error
= zfs_get_zplprop(os
, ZFS_PROP_NORMALIZE
, &norm
)) != 0)
3276 VERIFY(nvlist_add_uint64(zplprops
,
3277 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), norm
) == 0);
3280 * If we're normalizing, names must always be valid UTF-8 strings.
3284 if (u8
== ZFS_PROP_UNDEFINED
&&
3285 (error
= zfs_get_zplprop(os
, ZFS_PROP_UTF8ONLY
, &u8
)) != 0)
3287 VERIFY(nvlist_add_uint64(zplprops
,
3288 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), u8
) == 0);
3290 if (sense
== ZFS_PROP_UNDEFINED
&&
3291 (error
= zfs_get_zplprop(os
, ZFS_PROP_CASE
, &sense
)) != 0)
3293 VERIFY(nvlist_add_uint64(zplprops
,
3294 zfs_prop_to_name(ZFS_PROP_CASE
), sense
) == 0);
3297 *is_ci
= (sense
== ZFS_CASE_INSENSITIVE
);
3303 zfs_fill_zplprops(const char *dataset
, nvlist_t
*createprops
,
3304 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3306 boolean_t fuids_ok
, sa_ok
;
3307 uint64_t zplver
= ZPL_VERSION
;
3308 objset_t
*os
= NULL
;
3309 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
3314 zfs_get_parent(dataset
, parentname
, sizeof (parentname
));
3316 if ((error
= spa_open(dataset
, &spa
, FTAG
)) != 0)
3319 spa_vers
= spa_version(spa
);
3320 spa_close(spa
, FTAG
);
3322 zplver
= zfs_zpl_version_map(spa_vers
);
3323 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
3324 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
3327 * Open parent object set so we can inherit zplprop values.
3329 if ((error
= dmu_objset_hold(parentname
, FTAG
, &os
)) != 0)
3332 error
= zfs_fill_zplprops_impl(os
, zplver
, fuids_ok
, sa_ok
, createprops
,
3334 dmu_objset_rele(os
, FTAG
);
3339 zfs_fill_zplprops_root(uint64_t spa_vers
, nvlist_t
*createprops
,
3340 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3344 uint64_t zplver
= ZPL_VERSION
;
3347 zplver
= zfs_zpl_version_map(spa_vers
);
3348 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
3349 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
3351 error
= zfs_fill_zplprops_impl(NULL
, zplver
, fuids_ok
, sa_ok
,
3352 createprops
, zplprops
, is_ci
);
3358 * "type" -> dmu_objset_type_t (int32)
3359 * (optional) "props" -> { prop -> value }
3360 * (optional) "hidden_args" -> { "wkeydata" -> value }
3361 * raw uint8_t array of encryption wrapping key data (32 bytes)
3364 * outnvl: propname -> error code (int32)
3367 static const zfs_ioc_key_t zfs_keys_create
[] = {
3368 {"type", DATA_TYPE_INT32
, 0},
3369 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3370 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3374 zfs_ioc_create(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3377 zfs_creat_t zct
= { 0 };
3378 nvlist_t
*nvprops
= NULL
;
3379 nvlist_t
*hidden_args
= NULL
;
3380 void (*cbfunc
)(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
);
3381 dmu_objset_type_t type
;
3382 boolean_t is_insensitive
= B_FALSE
;
3383 dsl_crypto_params_t
*dcp
= NULL
;
3385 type
= (dmu_objset_type_t
)fnvlist_lookup_int32(innvl
, "type");
3386 (void) nvlist_lookup_nvlist(innvl
, "props", &nvprops
);
3387 (void) nvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
, &hidden_args
);
3391 cbfunc
= zfs_create_cb
;
3395 cbfunc
= zvol_create_cb
;
3402 if (strchr(fsname
, '@') ||
3403 strchr(fsname
, '%'))
3404 return (SET_ERROR(EINVAL
));
3406 zct
.zct_props
= nvprops
;
3409 return (SET_ERROR(EINVAL
));
3411 if (type
== DMU_OST_ZVOL
) {
3412 uint64_t volsize
, volblocksize
;
3414 if (nvprops
== NULL
)
3415 return (SET_ERROR(EINVAL
));
3416 if (nvlist_lookup_uint64(nvprops
,
3417 zfs_prop_to_name(ZFS_PROP_VOLSIZE
), &volsize
) != 0)
3418 return (SET_ERROR(EINVAL
));
3420 if ((error
= nvlist_lookup_uint64(nvprops
,
3421 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE
),
3422 &volblocksize
)) != 0 && error
!= ENOENT
)
3423 return (SET_ERROR(EINVAL
));
3426 volblocksize
= zfs_prop_default_numeric(
3427 ZFS_PROP_VOLBLOCKSIZE
);
3429 if ((error
= zvol_check_volblocksize(fsname
,
3430 volblocksize
)) != 0 ||
3431 (error
= zvol_check_volsize(volsize
,
3432 volblocksize
)) != 0)
3434 } else if (type
== DMU_OST_ZFS
) {
3438 * We have to have normalization and
3439 * case-folding flags correct when we do the
3440 * file system creation, so go figure them out
3443 VERIFY(nvlist_alloc(&zct
.zct_zplprops
,
3444 NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
3445 error
= zfs_fill_zplprops(fsname
, nvprops
,
3446 zct
.zct_zplprops
, &is_insensitive
);
3448 nvlist_free(zct
.zct_zplprops
);
3453 error
= dsl_crypto_params_create_nvlist(DCP_CMD_NONE
, nvprops
,
3456 nvlist_free(zct
.zct_zplprops
);
3460 error
= dmu_objset_create(fsname
, type
,
3461 is_insensitive
? DS_FLAG_CI_DATASET
: 0, dcp
, cbfunc
, &zct
);
3463 nvlist_free(zct
.zct_zplprops
);
3464 dsl_crypto_params_free(dcp
, !!error
);
3467 * It would be nice to do this atomically.
3470 error
= zfs_set_prop_nvlist(fsname
, ZPROP_SRC_LOCAL
,
3477 * Volumes will return EBUSY and cannot be destroyed
3478 * until all asynchronous minor handling (e.g. from
3479 * setting the volmode property) has completed. Wait for
3480 * the spa_zvol_taskq to drain then retry.
3482 error2
= dsl_destroy_head(fsname
);
3483 while ((error2
== EBUSY
) && (type
== DMU_OST_ZVOL
)) {
3484 error2
= spa_open(fsname
, &spa
, FTAG
);
3486 taskq_wait(spa
->spa_zvol_taskq
);
3487 spa_close(spa
, FTAG
);
3489 error2
= dsl_destroy_head(fsname
);
3498 * "origin" -> name of origin snapshot
3499 * (optional) "props" -> { prop -> value }
3500 * (optional) "hidden_args" -> { "wkeydata" -> value }
3501 * raw uint8_t array of encryption wrapping key data (32 bytes)
3505 * outnvl: propname -> error code (int32)
3507 static const zfs_ioc_key_t zfs_keys_clone
[] = {
3508 {"origin", DATA_TYPE_STRING
, 0},
3509 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3510 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3514 zfs_ioc_clone(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3517 nvlist_t
*nvprops
= NULL
;
3518 const char *origin_name
;
3520 origin_name
= fnvlist_lookup_string(innvl
, "origin");
3521 (void) nvlist_lookup_nvlist(innvl
, "props", &nvprops
);
3523 if (strchr(fsname
, '@') ||
3524 strchr(fsname
, '%'))
3525 return (SET_ERROR(EINVAL
));
3527 if (dataset_namecheck(origin_name
, NULL
, NULL
) != 0)
3528 return (SET_ERROR(EINVAL
));
3530 error
= dmu_objset_clone(fsname
, origin_name
);
3533 * It would be nice to do this atomically.
3536 error
= zfs_set_prop_nvlist(fsname
, ZPROP_SRC_LOCAL
,
3539 (void) dsl_destroy_head(fsname
);
3544 static const zfs_ioc_key_t zfs_keys_remap
[] = {
3549 zfs_ioc_remap(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3551 /* This IOCTL is no longer supported. */
3552 (void) fsname
, (void) innvl
, (void) outnvl
;
3558 * "snaps" -> { snapshot1, snapshot2 }
3559 * (optional) "props" -> { prop -> value (string) }
3562 * outnvl: snapshot -> error code (int32)
3564 static const zfs_ioc_key_t zfs_keys_snapshot
[] = {
3565 {"snaps", DATA_TYPE_NVLIST
, 0},
3566 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3570 zfs_ioc_snapshot(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3573 nvlist_t
*props
= NULL
;
3577 (void) nvlist_lookup_nvlist(innvl
, "props", &props
);
3578 if (!nvlist_empty(props
) &&
3579 zfs_earlier_version(poolname
, SPA_VERSION_SNAP_PROPS
))
3580 return (SET_ERROR(ENOTSUP
));
3581 if ((error
= zfs_check_userprops(props
)) != 0)
3584 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
3585 poollen
= strlen(poolname
);
3586 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
3587 pair
= nvlist_next_nvpair(snaps
, pair
)) {
3588 const char *name
= nvpair_name(pair
);
3589 char *cp
= strchr(name
, '@');
3592 * The snap name must contain an @, and the part after it must
3593 * contain only valid characters.
3596 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
3597 return (SET_ERROR(EINVAL
));
3600 * The snap must be in the specified pool.
3602 if (strncmp(name
, poolname
, poollen
) != 0 ||
3603 (name
[poollen
] != '/' && name
[poollen
] != '@'))
3604 return (SET_ERROR(EXDEV
));
3607 * Check for permission to set the properties on the fs.
3609 if (!nvlist_empty(props
)) {
3611 error
= zfs_secpolicy_write_perms(name
,
3612 ZFS_DELEG_PERM_USERPROP
, CRED());
3618 /* This must be the only snap of this fs. */
3619 for (nvpair_t
*pair2
= nvlist_next_nvpair(snaps
, pair
);
3620 pair2
!= NULL
; pair2
= nvlist_next_nvpair(snaps
, pair2
)) {
3621 if (strncmp(name
, nvpair_name(pair2
), cp
- name
+ 1)
3623 return (SET_ERROR(EXDEV
));
3628 error
= dsl_dataset_snapshot(snaps
, props
, outnvl
);
3634 * innvl: "message" -> string
3636 static const zfs_ioc_key_t zfs_keys_log_history
[] = {
3637 {"message", DATA_TYPE_STRING
, 0},
3641 zfs_ioc_log_history(const char *unused
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3643 (void) unused
, (void) outnvl
;
3644 const char *message
;
3650 * The poolname in the ioctl is not set, we get it from the TSD,
3651 * which was set at the end of the last successful ioctl that allows
3652 * logging. The secpolicy func already checked that it is set.
3653 * Only one log ioctl is allowed after each successful ioctl, so
3654 * we clear the TSD here.
3656 poolname
= tsd_get(zfs_allow_log_key
);
3657 if (poolname
== NULL
)
3658 return (SET_ERROR(EINVAL
));
3659 (void) tsd_set(zfs_allow_log_key
, NULL
);
3660 error
= spa_open(poolname
, &spa
, FTAG
);
3661 kmem_strfree(poolname
);
3665 message
= fnvlist_lookup_string(innvl
, "message");
3667 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
3668 spa_close(spa
, FTAG
);
3669 return (SET_ERROR(ENOTSUP
));
3672 error
= spa_history_log(spa
, message
);
3673 spa_close(spa
, FTAG
);
3678 * This ioctl is used to set the bootenv configuration on the current
3679 * pool. This configuration is stored in the second padding area of the label,
3680 * and it is used by the bootloader(s) to store the bootloader and/or system
3682 * The data is stored as nvlist data stream, and is protected by
3683 * an embedded checksum.
3684 * The version can have two possible values:
3685 * VB_RAW: nvlist should have key GRUB_ENVMAP, value DATA_TYPE_STRING.
3686 * VB_NVLIST: nvlist with arbitrary <key, value> pairs.
3688 static const zfs_ioc_key_t zfs_keys_set_bootenv
[] = {
3689 {"version", DATA_TYPE_UINT64
, 0},
3690 {"<keys>", DATA_TYPE_ANY
, ZK_OPTIONAL
| ZK_WILDCARDLIST
},
3694 zfs_ioc_set_bootenv(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3699 if ((error
= spa_open(name
, &spa
, FTAG
)) != 0)
3701 spa_vdev_state_enter(spa
, SCL_ALL
);
3702 error
= vdev_label_write_bootenv(spa
->spa_root_vdev
, innvl
);
3703 (void) spa_vdev_state_exit(spa
, NULL
, 0);
3704 spa_close(spa
, FTAG
);
3708 static const zfs_ioc_key_t zfs_keys_get_bootenv
[] = {
3713 zfs_ioc_get_bootenv(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3718 if ((error
= spa_open(name
, &spa
, FTAG
)) != 0)
3720 spa_vdev_state_enter(spa
, SCL_ALL
);
3721 error
= vdev_label_read_bootenv(spa
->spa_root_vdev
, outnvl
);
3722 (void) spa_vdev_state_exit(spa
, NULL
, 0);
3723 spa_close(spa
, FTAG
);
3728 * The dp_config_rwlock must not be held when calling this, because the
3729 * unmount may need to write out data.
3731 * This function is best-effort. Callers must deal gracefully if it
3732 * remains mounted (or is remounted after this call).
3734 * Returns 0 if the argument is not a snapshot, or it is not currently a
3735 * filesystem, or we were able to unmount it. Returns error code otherwise.
3738 zfs_unmount_snap(const char *snapname
)
3740 if (strchr(snapname
, '@') == NULL
)
3743 (void) zfsctl_snapshot_unmount(snapname
, MNT_FORCE
);
3747 zfs_unmount_snap_cb(const char *snapname
, void *arg
)
3750 zfs_unmount_snap(snapname
);
3755 * When a clone is destroyed, its origin may also need to be destroyed,
3756 * in which case it must be unmounted. This routine will do that unmount
3760 zfs_destroy_unmount_origin(const char *fsname
)
3766 error
= dmu_objset_hold(fsname
, FTAG
, &os
);
3769 ds
= dmu_objset_ds(os
);
3770 if (dsl_dir_is_clone(ds
->ds_dir
) && DS_IS_DEFER_DESTROY(ds
->ds_prev
)) {
3771 char originname
[ZFS_MAX_DATASET_NAME_LEN
];
3772 dsl_dataset_name(ds
->ds_prev
, originname
);
3773 dmu_objset_rele(os
, FTAG
);
3774 zfs_unmount_snap(originname
);
3776 dmu_objset_rele(os
, FTAG
);
3782 * "snaps" -> { snapshot1, snapshot2 }
3783 * (optional boolean) "defer"
3786 * outnvl: snapshot -> error code (int32)
3788 static const zfs_ioc_key_t zfs_keys_destroy_snaps
[] = {
3789 {"snaps", DATA_TYPE_NVLIST
, 0},
3790 {"defer", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
3794 zfs_ioc_destroy_snaps(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3802 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
3803 defer
= nvlist_exists(innvl
, "defer");
3805 poollen
= strlen(poolname
);
3806 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
3807 pair
= nvlist_next_nvpair(snaps
, pair
)) {
3808 const char *name
= nvpair_name(pair
);
3811 * The snap must be in the specified pool to prevent the
3812 * invalid removal of zvol minors below.
3814 if (strncmp(name
, poolname
, poollen
) != 0 ||
3815 (name
[poollen
] != '/' && name
[poollen
] != '@'))
3816 return (SET_ERROR(EXDEV
));
3818 zfs_unmount_snap(nvpair_name(pair
));
3819 if (spa_open(name
, &spa
, FTAG
) == 0) {
3820 zvol_remove_minors(spa
, name
, B_TRUE
);
3821 spa_close(spa
, FTAG
);
3825 return (dsl_destroy_snapshots_nvl(snaps
, defer
, outnvl
));
3829 * Create bookmarks. The bookmark names are of the form <fs>#<bmark>.
3830 * All bookmarks and snapshots must be in the same pool.
3831 * dsl_bookmark_create_nvl_validate describes the nvlist schema in more detail.
3834 * new_bookmark1 -> existing_snapshot,
3835 * new_bookmark2 -> existing_bookmark,
3838 * outnvl: bookmark -> error code (int32)
3841 static const zfs_ioc_key_t zfs_keys_bookmark
[] = {
3842 {"<bookmark>...", DATA_TYPE_STRING
, ZK_WILDCARDLIST
},
3846 zfs_ioc_bookmark(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3849 return (dsl_bookmark_create(innvl
, outnvl
));
3854 * property 1, property 2, ...
3858 * bookmark name 1 -> { property 1, property 2, ... },
3859 * bookmark name 2 -> { property 1, property 2, ... }
3863 static const zfs_ioc_key_t zfs_keys_get_bookmarks
[] = {
3864 {"<property>...", DATA_TYPE_BOOLEAN
, ZK_WILDCARDLIST
| ZK_OPTIONAL
},
3868 zfs_ioc_get_bookmarks(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3870 return (dsl_get_bookmarks(fsname
, innvl
, outnvl
));
3874 * innvl is not used.
3877 * property 1, property 2, ...
3881 static const zfs_ioc_key_t zfs_keys_get_bookmark_props
[] = {
3886 zfs_ioc_get_bookmark_props(const char *bookmark
, nvlist_t
*innvl
,
3890 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
3893 bmname
= strchr(bookmark
, '#');
3895 return (SET_ERROR(EINVAL
));
3898 (void) strlcpy(fsname
, bookmark
, sizeof (fsname
));
3899 *(strchr(fsname
, '#')) = '\0';
3901 return (dsl_get_bookmark_props(fsname
, bmname
, outnvl
));
3906 * bookmark name 1, bookmark name 2
3909 * outnvl: bookmark -> error code (int32)
3912 static const zfs_ioc_key_t zfs_keys_destroy_bookmarks
[] = {
3913 {"<bookmark>...", DATA_TYPE_BOOLEAN
, ZK_WILDCARDLIST
},
3917 zfs_ioc_destroy_bookmarks(const char *poolname
, nvlist_t
*innvl
,
3922 poollen
= strlen(poolname
);
3923 for (nvpair_t
*pair
= nvlist_next_nvpair(innvl
, NULL
);
3924 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
3925 const char *name
= nvpair_name(pair
);
3926 const char *cp
= strchr(name
, '#');
3929 * The bookmark name must contain an #, and the part after it
3930 * must contain only valid characters.
3933 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
3934 return (SET_ERROR(EINVAL
));
3937 * The bookmark must be in the specified pool.
3939 if (strncmp(name
, poolname
, poollen
) != 0 ||
3940 (name
[poollen
] != '/' && name
[poollen
] != '#'))
3941 return (SET_ERROR(EXDEV
));
3944 error
= dsl_bookmark_destroy(innvl
, outnvl
);
3948 static const zfs_ioc_key_t zfs_keys_channel_program
[] = {
3949 {"program", DATA_TYPE_STRING
, 0},
3950 {"arg", DATA_TYPE_ANY
, 0},
3951 {"sync", DATA_TYPE_BOOLEAN_VALUE
, ZK_OPTIONAL
},
3952 {"instrlimit", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
3953 {"memlimit", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
3957 zfs_ioc_channel_program(const char *poolname
, nvlist_t
*innvl
,
3960 const char *program
;
3961 uint64_t instrlimit
, memlimit
;
3962 boolean_t sync_flag
;
3963 nvpair_t
*nvarg
= NULL
;
3965 program
= fnvlist_lookup_string(innvl
, ZCP_ARG_PROGRAM
);
3966 if (0 != nvlist_lookup_boolean_value(innvl
, ZCP_ARG_SYNC
, &sync_flag
)) {
3969 if (0 != nvlist_lookup_uint64(innvl
, ZCP_ARG_INSTRLIMIT
, &instrlimit
)) {
3970 instrlimit
= ZCP_DEFAULT_INSTRLIMIT
;
3972 if (0 != nvlist_lookup_uint64(innvl
, ZCP_ARG_MEMLIMIT
, &memlimit
)) {
3973 memlimit
= ZCP_DEFAULT_MEMLIMIT
;
3975 nvarg
= fnvlist_lookup_nvpair(innvl
, ZCP_ARG_ARGLIST
);
3977 if (instrlimit
== 0 || instrlimit
> zfs_lua_max_instrlimit
)
3978 return (SET_ERROR(EINVAL
));
3979 if (memlimit
== 0 || memlimit
> zfs_lua_max_memlimit
)
3980 return (SET_ERROR(EINVAL
));
3982 return (zcp_eval(poolname
, program
, sync_flag
, instrlimit
, memlimit
,
3990 static const zfs_ioc_key_t zfs_keys_pool_checkpoint
[] = {
3995 zfs_ioc_pool_checkpoint(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3997 (void) innvl
, (void) outnvl
;
3998 return (spa_checkpoint(poolname
));
4005 static const zfs_ioc_key_t zfs_keys_pool_discard_checkpoint
[] = {
4010 zfs_ioc_pool_discard_checkpoint(const char *poolname
, nvlist_t
*innvl
,
4013 (void) innvl
, (void) outnvl
;
4014 return (spa_checkpoint_discard(poolname
));
4019 * zc_name name of dataset to destroy
4020 * zc_defer_destroy mark for deferred destroy
4025 zfs_ioc_destroy(zfs_cmd_t
*zc
)
4028 dmu_objset_type_t ost
;
4031 err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4034 ost
= dmu_objset_type(os
);
4035 dmu_objset_rele(os
, FTAG
);
4037 if (ost
== DMU_OST_ZFS
)
4038 zfs_unmount_snap(zc
->zc_name
);
4040 if (strchr(zc
->zc_name
, '@')) {
4041 err
= dsl_destroy_snapshot(zc
->zc_name
, zc
->zc_defer_destroy
);
4043 err
= dsl_destroy_head(zc
->zc_name
);
4044 if (err
== EEXIST
) {
4046 * It is possible that the given DS may have
4047 * hidden child (%recv) datasets - "leftovers"
4048 * resulting from the previously interrupted
4051 * 6 extra bytes for /%recv
4053 char namebuf
[ZFS_MAX_DATASET_NAME_LEN
+ 6];
4055 if (snprintf(namebuf
, sizeof (namebuf
), "%s/%s",
4056 zc
->zc_name
, recv_clone_name
) >=
4058 return (SET_ERROR(EINVAL
));
4061 * Try to remove the hidden child (%recv) and after
4062 * that try to remove the target dataset.
4063 * If the hidden child (%recv) does not exist
4064 * the original error (EEXIST) will be returned
4066 err
= dsl_destroy_head(namebuf
);
4068 err
= dsl_destroy_head(zc
->zc_name
);
4069 else if (err
== ENOENT
)
4070 err
= SET_ERROR(EEXIST
);
4079 * "initialize_command" -> POOL_INITIALIZE_{CANCEL|START|SUSPEND} (uint64)
4080 * "initialize_vdevs": { -> guids to initialize (nvlist)
4081 * "vdev_path_1": vdev_guid_1, (uint64),
4082 * "vdev_path_2": vdev_guid_2, (uint64),
4088 * "initialize_vdevs": { -> initialization errors (nvlist)
4089 * "vdev_path_1": errno, see function body for possible errnos (uint64)
4090 * "vdev_path_2": errno, ... (uint64)
4095 * EINVAL is returned for an unknown commands or if any of the provided vdev
4096 * guids have be specified with a type other than uint64.
4098 static const zfs_ioc_key_t zfs_keys_pool_initialize
[] = {
4099 {ZPOOL_INITIALIZE_COMMAND
, DATA_TYPE_UINT64
, 0},
4100 {ZPOOL_INITIALIZE_VDEVS
, DATA_TYPE_NVLIST
, 0}
4104 zfs_ioc_pool_initialize(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4107 if (nvlist_lookup_uint64(innvl
, ZPOOL_INITIALIZE_COMMAND
,
4109 return (SET_ERROR(EINVAL
));
4112 if (!(cmd_type
== POOL_INITIALIZE_CANCEL
||
4113 cmd_type
== POOL_INITIALIZE_START
||
4114 cmd_type
== POOL_INITIALIZE_SUSPEND
||
4115 cmd_type
== POOL_INITIALIZE_UNINIT
)) {
4116 return (SET_ERROR(EINVAL
));
4119 nvlist_t
*vdev_guids
;
4120 if (nvlist_lookup_nvlist(innvl
, ZPOOL_INITIALIZE_VDEVS
,
4121 &vdev_guids
) != 0) {
4122 return (SET_ERROR(EINVAL
));
4125 for (nvpair_t
*pair
= nvlist_next_nvpair(vdev_guids
, NULL
);
4126 pair
!= NULL
; pair
= nvlist_next_nvpair(vdev_guids
, pair
)) {
4128 if (nvpair_value_uint64(pair
, &vdev_guid
) != 0) {
4129 return (SET_ERROR(EINVAL
));
4134 int error
= spa_open(poolname
, &spa
, FTAG
);
4138 nvlist_t
*vdev_errlist
= fnvlist_alloc();
4139 int total_errors
= spa_vdev_initialize(spa
, vdev_guids
, cmd_type
,
4142 if (fnvlist_size(vdev_errlist
) > 0) {
4143 fnvlist_add_nvlist(outnvl
, ZPOOL_INITIALIZE_VDEVS
,
4146 fnvlist_free(vdev_errlist
);
4148 spa_close(spa
, FTAG
);
4149 return (total_errors
> 0 ? SET_ERROR(EINVAL
) : 0);
4154 * "trim_command" -> POOL_TRIM_{CANCEL|START|SUSPEND} (uint64)
4155 * "trim_vdevs": { -> guids to TRIM (nvlist)
4156 * "vdev_path_1": vdev_guid_1, (uint64),
4157 * "vdev_path_2": vdev_guid_2, (uint64),
4160 * "trim_rate" -> Target TRIM rate in bytes/sec.
4161 * "trim_secure" -> Set to request a secure TRIM.
4165 * "trim_vdevs": { -> TRIM errors (nvlist)
4166 * "vdev_path_1": errno, see function body for possible errnos (uint64)
4167 * "vdev_path_2": errno, ... (uint64)
4172 * EINVAL is returned for an unknown commands or if any of the provided vdev
4173 * guids have be specified with a type other than uint64.
4175 static const zfs_ioc_key_t zfs_keys_pool_trim
[] = {
4176 {ZPOOL_TRIM_COMMAND
, DATA_TYPE_UINT64
, 0},
4177 {ZPOOL_TRIM_VDEVS
, DATA_TYPE_NVLIST
, 0},
4178 {ZPOOL_TRIM_RATE
, DATA_TYPE_UINT64
, ZK_OPTIONAL
},
4179 {ZPOOL_TRIM_SECURE
, DATA_TYPE_BOOLEAN_VALUE
, ZK_OPTIONAL
},
4183 zfs_ioc_pool_trim(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4186 if (nvlist_lookup_uint64(innvl
, ZPOOL_TRIM_COMMAND
, &cmd_type
) != 0)
4187 return (SET_ERROR(EINVAL
));
4189 if (!(cmd_type
== POOL_TRIM_CANCEL
||
4190 cmd_type
== POOL_TRIM_START
||
4191 cmd_type
== POOL_TRIM_SUSPEND
)) {
4192 return (SET_ERROR(EINVAL
));
4195 nvlist_t
*vdev_guids
;
4196 if (nvlist_lookup_nvlist(innvl
, ZPOOL_TRIM_VDEVS
, &vdev_guids
) != 0)
4197 return (SET_ERROR(EINVAL
));
4199 for (nvpair_t
*pair
= nvlist_next_nvpair(vdev_guids
, NULL
);
4200 pair
!= NULL
; pair
= nvlist_next_nvpair(vdev_guids
, pair
)) {
4202 if (nvpair_value_uint64(pair
, &vdev_guid
) != 0) {
4203 return (SET_ERROR(EINVAL
));
4207 /* Optional, defaults to maximum rate when not provided */
4209 if (nvlist_lookup_uint64(innvl
, ZPOOL_TRIM_RATE
, &rate
) != 0)
4212 /* Optional, defaults to standard TRIM when not provided */
4214 if (nvlist_lookup_boolean_value(innvl
, ZPOOL_TRIM_SECURE
,
4220 int error
= spa_open(poolname
, &spa
, FTAG
);
4224 nvlist_t
*vdev_errlist
= fnvlist_alloc();
4225 int total_errors
= spa_vdev_trim(spa
, vdev_guids
, cmd_type
,
4226 rate
, !!zfs_trim_metaslab_skip
, secure
, vdev_errlist
);
4228 if (fnvlist_size(vdev_errlist
) > 0)
4229 fnvlist_add_nvlist(outnvl
, ZPOOL_TRIM_VDEVS
, vdev_errlist
);
4231 fnvlist_free(vdev_errlist
);
4233 spa_close(spa
, FTAG
);
4234 return (total_errors
> 0 ? SET_ERROR(EINVAL
) : 0);
4238 * This ioctl waits for activity of a particular type to complete. If there is
4239 * no activity of that type in progress, it returns immediately, and the
4240 * returned value "waited" is false. If there is activity in progress, and no
4241 * tag is passed in, the ioctl blocks until all activity of that type is
4242 * complete, and then returns with "waited" set to true.
4244 * If a tag is provided, it identifies a particular instance of an activity to
4245 * wait for. Currently, this is only valid for use with 'initialize', because
4246 * that is the only activity for which there can be multiple instances running
4247 * concurrently. In the case of 'initialize', the tag corresponds to the guid of
4248 * the vdev on which to wait.
4250 * If a thread waiting in the ioctl receives a signal, the call will return
4251 * immediately, and the return value will be EINTR.
4254 * "wait_activity" -> int32_t
4255 * (optional) "wait_tag" -> uint64_t
4258 * outnvl: "waited" -> boolean_t
4260 static const zfs_ioc_key_t zfs_keys_pool_wait
[] = {
4261 {ZPOOL_WAIT_ACTIVITY
, DATA_TYPE_INT32
, 0},
4262 {ZPOOL_WAIT_TAG
, DATA_TYPE_UINT64
, ZK_OPTIONAL
},
4266 zfs_ioc_wait(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4273 if (nvlist_lookup_int32(innvl
, ZPOOL_WAIT_ACTIVITY
, &activity
) != 0)
4276 if (nvlist_lookup_uint64(innvl
, ZPOOL_WAIT_TAG
, &tag
) == 0)
4277 error
= spa_wait_tag(name
, activity
, tag
, &waited
);
4279 error
= spa_wait(name
, activity
, &waited
);
4282 fnvlist_add_boolean_value(outnvl
, ZPOOL_WAIT_WAITED
, waited
);
4288 * This ioctl waits for activity of a particular type to complete. If there is
4289 * no activity of that type in progress, it returns immediately, and the
4290 * returned value "waited" is false. If there is activity in progress, and no
4291 * tag is passed in, the ioctl blocks until all activity of that type is
4292 * complete, and then returns with "waited" set to true.
4294 * If a thread waiting in the ioctl receives a signal, the call will return
4295 * immediately, and the return value will be EINTR.
4298 * "wait_activity" -> int32_t
4301 * outnvl: "waited" -> boolean_t
4303 static const zfs_ioc_key_t zfs_keys_fs_wait
[] = {
4304 {ZFS_WAIT_ACTIVITY
, DATA_TYPE_INT32
, 0},
4308 zfs_ioc_wait_fs(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4311 boolean_t waited
= B_FALSE
;
4317 if (nvlist_lookup_int32(innvl
, ZFS_WAIT_ACTIVITY
, &activity
) != 0)
4318 return (SET_ERROR(EINVAL
));
4320 if (activity
>= ZFS_WAIT_NUM_ACTIVITIES
|| activity
< 0)
4321 return (SET_ERROR(EINVAL
));
4323 if ((error
= dsl_pool_hold(name
, FTAG
, &dp
)) != 0)
4326 if ((error
= dsl_dataset_hold(dp
, name
, FTAG
, &ds
)) != 0) {
4327 dsl_pool_rele(dp
, FTAG
);
4332 mutex_enter(&dd
->dd_activity_lock
);
4333 dd
->dd_activity_waiters
++;
4336 * We get a long-hold here so that the dsl_dataset_t and dsl_dir_t
4337 * aren't evicted while we're waiting. Normally this is prevented by
4338 * holding the pool, but we can't do that while we're waiting since
4339 * that would prevent TXGs from syncing out. Some of the functionality
4340 * of long-holds (e.g. preventing deletion) is unnecessary for this
4341 * case, since we would cancel the waiters before proceeding with a
4342 * deletion. An alternative mechanism for keeping the dataset around
4343 * could be developed but this is simpler.
4345 dsl_dataset_long_hold(ds
, FTAG
);
4346 dsl_pool_rele(dp
, FTAG
);
4348 error
= dsl_dir_wait(dd
, ds
, activity
, &waited
);
4350 dsl_dataset_long_rele(ds
, FTAG
);
4351 dd
->dd_activity_waiters
--;
4352 if (dd
->dd_activity_waiters
== 0)
4353 cv_signal(&dd
->dd_activity_cv
);
4354 mutex_exit(&dd
->dd_activity_lock
);
4356 dsl_dataset_rele(ds
, FTAG
);
4359 fnvlist_add_boolean_value(outnvl
, ZFS_WAIT_WAITED
, waited
);
4365 * fsname is name of dataset to rollback (to most recent snapshot)
4367 * innvl may contain name of expected target snapshot
4369 * outnvl: "target" -> name of most recent snapshot
4372 static const zfs_ioc_key_t zfs_keys_rollback
[] = {
4373 {"target", DATA_TYPE_STRING
, ZK_OPTIONAL
},
4377 zfs_ioc_rollback(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4380 zvol_state_handle_t
*zv
;
4381 const char *target
= NULL
;
4384 (void) nvlist_lookup_string(innvl
, "target", &target
);
4385 if (target
!= NULL
) {
4386 const char *cp
= strchr(target
, '@');
4389 * The snap name must contain an @, and the part after it must
4390 * contain only valid characters.
4393 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
4394 return (SET_ERROR(EINVAL
));
4397 if (getzfsvfs(fsname
, &zfsvfs
) == 0) {
4400 ds
= dmu_objset_ds(zfsvfs
->z_os
);
4401 error
= zfs_suspend_fs(zfsvfs
);
4405 error
= dsl_dataset_rollback(fsname
, target
, zfsvfs
,
4407 resume_err
= zfs_resume_fs(zfsvfs
, ds
);
4408 error
= error
? error
: resume_err
;
4410 zfs_vfs_rele(zfsvfs
);
4411 } else if ((zv
= zvol_suspend(fsname
)) != NULL
) {
4412 error
= dsl_dataset_rollback(fsname
, target
, zvol_tag(zv
),
4416 error
= dsl_dataset_rollback(fsname
, target
, NULL
, outnvl
);
4422 recursive_unmount(const char *fsname
, void *arg
)
4424 const char *snapname
= arg
;
4427 fullname
= kmem_asprintf("%s@%s", fsname
, snapname
);
4428 zfs_unmount_snap(fullname
);
4429 kmem_strfree(fullname
);
4436 * snapname is the snapshot to redact.
4438 * "bookname" -> (string)
4439 * shortname of the redaction bookmark to generate
4440 * "snapnv" -> (nvlist, values ignored)
4441 * snapshots to redact snapname with respect to
4447 static const zfs_ioc_key_t zfs_keys_redact
[] = {
4448 {"bookname", DATA_TYPE_STRING
, 0},
4449 {"snapnv", DATA_TYPE_NVLIST
, 0},
4453 zfs_ioc_redact(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4456 nvlist_t
*redactnvl
= NULL
;
4457 const char *redactbook
= NULL
;
4459 if (nvlist_lookup_nvlist(innvl
, "snapnv", &redactnvl
) != 0)
4460 return (SET_ERROR(EINVAL
));
4461 if (fnvlist_num_pairs(redactnvl
) == 0)
4462 return (SET_ERROR(ENXIO
));
4463 if (nvlist_lookup_string(innvl
, "bookname", &redactbook
) != 0)
4464 return (SET_ERROR(EINVAL
));
4466 return (dmu_redact_snap(snapname
, redactnvl
, redactbook
));
4471 * zc_name old name of dataset
4472 * zc_value new name of dataset
4473 * zc_cookie recursive flag (only valid for snapshots)
4478 zfs_ioc_rename(zfs_cmd_t
*zc
)
4481 dmu_objset_type_t ost
;
4482 boolean_t recursive
= zc
->zc_cookie
& 1;
4483 boolean_t nounmount
= !!(zc
->zc_cookie
& 2);
4487 /* "zfs rename" from and to ...%recv datasets should both fail */
4488 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
4489 zc
->zc_value
[sizeof (zc
->zc_value
) - 1] = '\0';
4490 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0 ||
4491 dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
4492 strchr(zc
->zc_name
, '%') || strchr(zc
->zc_value
, '%'))
4493 return (SET_ERROR(EINVAL
));
4495 err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4498 ost
= dmu_objset_type(os
);
4499 dmu_objset_rele(os
, FTAG
);
4501 at
= strchr(zc
->zc_name
, '@');
4503 /* snaps must be in same fs */
4506 if (strncmp(zc
->zc_name
, zc
->zc_value
, at
- zc
->zc_name
+ 1))
4507 return (SET_ERROR(EXDEV
));
4509 if (ost
== DMU_OST_ZFS
&& !nounmount
) {
4510 error
= dmu_objset_find(zc
->zc_name
,
4511 recursive_unmount
, at
+ 1,
4512 recursive
? DS_FIND_CHILDREN
: 0);
4518 error
= dsl_dataset_rename_snapshot(zc
->zc_name
,
4519 at
+ 1, strchr(zc
->zc_value
, '@') + 1, recursive
);
4524 return (dsl_dir_rename(zc
->zc_name
, zc
->zc_value
));
4529 zfs_check_settable(const char *dsname
, nvpair_t
*pair
, cred_t
*cr
)
4531 const char *propname
= nvpair_name(pair
);
4532 boolean_t issnap
= (strchr(dsname
, '@') != NULL
);
4533 zfs_prop_t prop
= zfs_name_to_prop(propname
);
4534 uint64_t intval
, compval
;
4537 if (prop
== ZPROP_USERPROP
) {
4538 if (zfs_prop_user(propname
)) {
4539 if ((err
= zfs_secpolicy_write_perms(dsname
,
4540 ZFS_DELEG_PERM_USERPROP
, cr
)))
4545 if (!issnap
&& zfs_prop_userquota(propname
)) {
4546 const char *perm
= NULL
;
4547 const char *uq_prefix
=
4548 zfs_userquota_prop_prefixes
[ZFS_PROP_USERQUOTA
];
4549 const char *gq_prefix
=
4550 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPQUOTA
];
4551 const char *uiq_prefix
=
4552 zfs_userquota_prop_prefixes
[ZFS_PROP_USEROBJQUOTA
];
4553 const char *giq_prefix
=
4554 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPOBJQUOTA
];
4555 const char *pq_prefix
=
4556 zfs_userquota_prop_prefixes
[ZFS_PROP_PROJECTQUOTA
];
4557 const char *piq_prefix
= zfs_userquota_prop_prefixes
[\
4558 ZFS_PROP_PROJECTOBJQUOTA
];
4560 if (strncmp(propname
, uq_prefix
,
4561 strlen(uq_prefix
)) == 0) {
4562 perm
= ZFS_DELEG_PERM_USERQUOTA
;
4563 } else if (strncmp(propname
, uiq_prefix
,
4564 strlen(uiq_prefix
)) == 0) {
4565 perm
= ZFS_DELEG_PERM_USEROBJQUOTA
;
4566 } else if (strncmp(propname
, gq_prefix
,
4567 strlen(gq_prefix
)) == 0) {
4568 perm
= ZFS_DELEG_PERM_GROUPQUOTA
;
4569 } else if (strncmp(propname
, giq_prefix
,
4570 strlen(giq_prefix
)) == 0) {
4571 perm
= ZFS_DELEG_PERM_GROUPOBJQUOTA
;
4572 } else if (strncmp(propname
, pq_prefix
,
4573 strlen(pq_prefix
)) == 0) {
4574 perm
= ZFS_DELEG_PERM_PROJECTQUOTA
;
4575 } else if (strncmp(propname
, piq_prefix
,
4576 strlen(piq_prefix
)) == 0) {
4577 perm
= ZFS_DELEG_PERM_PROJECTOBJQUOTA
;
4579 /* {USER|GROUP|PROJECT}USED are read-only */
4580 return (SET_ERROR(EINVAL
));
4583 if ((err
= zfs_secpolicy_write_perms(dsname
, perm
, cr
)))
4588 return (SET_ERROR(EINVAL
));
4592 return (SET_ERROR(EINVAL
));
4594 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
4596 * dsl_prop_get_all_impl() returns properties in this
4600 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
4601 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4606 * Check that this value is valid for this pool version
4609 case ZFS_PROP_COMPRESSION
:
4611 * If the user specified gzip compression, make sure
4612 * the SPA supports it. We ignore any errors here since
4613 * we'll catch them later.
4615 if (nvpair_value_uint64(pair
, &intval
) == 0) {
4616 compval
= ZIO_COMPRESS_ALGO(intval
);
4617 if (compval
>= ZIO_COMPRESS_GZIP_1
&&
4618 compval
<= ZIO_COMPRESS_GZIP_9
&&
4619 zfs_earlier_version(dsname
,
4620 SPA_VERSION_GZIP_COMPRESSION
)) {
4621 return (SET_ERROR(ENOTSUP
));
4624 if (compval
== ZIO_COMPRESS_ZLE
&&
4625 zfs_earlier_version(dsname
,
4626 SPA_VERSION_ZLE_COMPRESSION
))
4627 return (SET_ERROR(ENOTSUP
));
4629 if (compval
== ZIO_COMPRESS_LZ4
) {
4632 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4635 if (!spa_feature_is_enabled(spa
,
4636 SPA_FEATURE_LZ4_COMPRESS
)) {
4637 spa_close(spa
, FTAG
);
4638 return (SET_ERROR(ENOTSUP
));
4640 spa_close(spa
, FTAG
);
4643 if (compval
== ZIO_COMPRESS_ZSTD
) {
4646 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4649 if (!spa_feature_is_enabled(spa
,
4650 SPA_FEATURE_ZSTD_COMPRESS
)) {
4651 spa_close(spa
, FTAG
);
4652 return (SET_ERROR(ENOTSUP
));
4654 spa_close(spa
, FTAG
);
4659 case ZFS_PROP_COPIES
:
4660 if (zfs_earlier_version(dsname
, SPA_VERSION_DITTO_BLOCKS
))
4661 return (SET_ERROR(ENOTSUP
));
4664 case ZFS_PROP_VOLBLOCKSIZE
:
4665 case ZFS_PROP_RECORDSIZE
:
4666 /* Record sizes above 128k need the feature to be enabled */
4667 if (nvpair_value_uint64(pair
, &intval
) == 0 &&
4668 intval
> SPA_OLD_MAXBLOCKSIZE
) {
4672 * We don't allow setting the property above 1MB,
4673 * unless the tunable has been changed.
4675 if (intval
> zfs_max_recordsize
||
4676 intval
> SPA_MAXBLOCKSIZE
)
4677 return (SET_ERROR(ERANGE
));
4679 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4682 if (!spa_feature_is_enabled(spa
,
4683 SPA_FEATURE_LARGE_BLOCKS
)) {
4684 spa_close(spa
, FTAG
);
4685 return (SET_ERROR(ENOTSUP
));
4687 spa_close(spa
, FTAG
);
4691 case ZFS_PROP_DNODESIZE
:
4692 /* Dnode sizes above 512 need the feature to be enabled */
4693 if (nvpair_value_uint64(pair
, &intval
) == 0 &&
4694 intval
!= ZFS_DNSIZE_LEGACY
) {
4697 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4700 if (!spa_feature_is_enabled(spa
,
4701 SPA_FEATURE_LARGE_DNODE
)) {
4702 spa_close(spa
, FTAG
);
4703 return (SET_ERROR(ENOTSUP
));
4705 spa_close(spa
, FTAG
);
4709 case ZFS_PROP_SPECIAL_SMALL_BLOCKS
:
4711 * This property could require the allocation classes
4712 * feature to be active for setting, however we allow
4713 * it so that tests of settable properties succeed.
4714 * The CLI will issue a warning in this case.
4718 case ZFS_PROP_SHARESMB
:
4719 if (zpl_earlier_version(dsname
, ZPL_VERSION_FUID
))
4720 return (SET_ERROR(ENOTSUP
));
4723 case ZFS_PROP_ACLINHERIT
:
4724 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
4725 nvpair_value_uint64(pair
, &intval
) == 0) {
4726 if (intval
== ZFS_ACL_PASSTHROUGH_X
&&
4727 zfs_earlier_version(dsname
,
4728 SPA_VERSION_PASSTHROUGH_X
))
4729 return (SET_ERROR(ENOTSUP
));
4732 case ZFS_PROP_CHECKSUM
:
4733 case ZFS_PROP_DEDUP
:
4735 spa_feature_t feature
;
4739 /* dedup feature version checks */
4740 if (prop
== ZFS_PROP_DEDUP
&&
4741 zfs_earlier_version(dsname
, SPA_VERSION_DEDUP
))
4742 return (SET_ERROR(ENOTSUP
));
4744 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
4745 nvpair_value_uint64(pair
, &intval
) == 0) {
4746 /* check prop value is enabled in features */
4747 feature
= zio_checksum_to_feature(
4748 intval
& ZIO_CHECKSUM_MASK
);
4749 if (feature
== SPA_FEATURE_NONE
)
4752 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4755 if (!spa_feature_is_enabled(spa
, feature
)) {
4756 spa_close(spa
, FTAG
);
4757 return (SET_ERROR(ENOTSUP
));
4759 spa_close(spa
, FTAG
);
4768 return (zfs_secpolicy_setprop(dsname
, prop
, pair
, CRED()));
4772 * Removes properties from the given props list that fail permission checks
4773 * needed to clear them and to restore them in case of a receive error. For each
4774 * property, make sure we have both set and inherit permissions.
4776 * Returns the first error encountered if any permission checks fail. If the
4777 * caller provides a non-NULL errlist, it also gives the complete list of names
4778 * of all the properties that failed a permission check along with the
4779 * corresponding error numbers. The caller is responsible for freeing the
4782 * If every property checks out successfully, zero is returned and the list
4783 * pointed at by errlist is NULL.
4786 zfs_check_clearable(const char *dataset
, nvlist_t
*props
, nvlist_t
**errlist
)
4789 nvpair_t
*pair
, *next_pair
;
4796 VERIFY(nvlist_alloc(&errors
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
4798 zc
= kmem_alloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
4799 (void) strlcpy(zc
->zc_name
, dataset
, sizeof (zc
->zc_name
));
4800 pair
= nvlist_next_nvpair(props
, NULL
);
4801 while (pair
!= NULL
) {
4802 next_pair
= nvlist_next_nvpair(props
, pair
);
4804 (void) strlcpy(zc
->zc_value
, nvpair_name(pair
),
4805 sizeof (zc
->zc_value
));
4806 if ((err
= zfs_check_settable(dataset
, pair
, CRED())) != 0 ||
4807 (err
= zfs_secpolicy_inherit_prop(zc
, NULL
, CRED())) != 0) {
4808 VERIFY(nvlist_remove_nvpair(props
, pair
) == 0);
4809 VERIFY(nvlist_add_int32(errors
,
4810 zc
->zc_value
, err
) == 0);
4814 kmem_free(zc
, sizeof (zfs_cmd_t
));
4816 if ((pair
= nvlist_next_nvpair(errors
, NULL
)) == NULL
) {
4817 nvlist_free(errors
);
4820 VERIFY(nvpair_value_int32(pair
, &rv
) == 0);
4823 if (errlist
== NULL
)
4824 nvlist_free(errors
);
4832 propval_equals(nvpair_t
*p1
, nvpair_t
*p2
)
4834 if (nvpair_type(p1
) == DATA_TYPE_NVLIST
) {
4835 /* dsl_prop_get_all_impl() format */
4837 VERIFY(nvpair_value_nvlist(p1
, &attrs
) == 0);
4838 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4842 if (nvpair_type(p2
) == DATA_TYPE_NVLIST
) {
4844 VERIFY(nvpair_value_nvlist(p2
, &attrs
) == 0);
4845 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4849 if (nvpair_type(p1
) != nvpair_type(p2
))
4852 if (nvpair_type(p1
) == DATA_TYPE_STRING
) {
4853 const char *valstr1
, *valstr2
;
4855 VERIFY(nvpair_value_string(p1
, &valstr1
) == 0);
4856 VERIFY(nvpair_value_string(p2
, &valstr2
) == 0);
4857 return (strcmp(valstr1
, valstr2
) == 0);
4859 uint64_t intval1
, intval2
;
4861 VERIFY(nvpair_value_uint64(p1
, &intval1
) == 0);
4862 VERIFY(nvpair_value_uint64(p2
, &intval2
) == 0);
4863 return (intval1
== intval2
);
4868 * Remove properties from props if they are not going to change (as determined
4869 * by comparison with origprops). Remove them from origprops as well, since we
4870 * do not need to clear or restore properties that won't change.
4873 props_reduce(nvlist_t
*props
, nvlist_t
*origprops
)
4875 nvpair_t
*pair
, *next_pair
;
4877 if (origprops
== NULL
)
4878 return; /* all props need to be received */
4880 pair
= nvlist_next_nvpair(props
, NULL
);
4881 while (pair
!= NULL
) {
4882 const char *propname
= nvpair_name(pair
);
4885 next_pair
= nvlist_next_nvpair(props
, pair
);
4887 if ((nvlist_lookup_nvpair(origprops
, propname
,
4888 &match
) != 0) || !propval_equals(pair
, match
))
4889 goto next
; /* need to set received value */
4891 /* don't clear the existing received value */
4892 (void) nvlist_remove_nvpair(origprops
, match
);
4893 /* don't bother receiving the property */
4894 (void) nvlist_remove_nvpair(props
, pair
);
4901 * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4902 * For example, refquota cannot be set until after the receipt of a dataset,
4903 * because in replication streams, an older/earlier snapshot may exceed the
4904 * refquota. We want to receive the older/earlier snapshot, but setting
4905 * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4906 * the older/earlier snapshot from being received (with EDQUOT).
4908 * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4910 * libzfs will need to be judicious handling errors encountered by props
4911 * extracted by this function.
4914 extract_delay_props(nvlist_t
*props
)
4916 nvlist_t
*delayprops
;
4917 nvpair_t
*nvp
, *tmp
;
4918 static const zfs_prop_t delayable
[] = {
4920 ZFS_PROP_KEYLOCATION
,
4922 * Setting ZFS_PROP_SHARESMB requires the objset type to be
4923 * known, which is not possible prior to receipt of raw sends.
4930 VERIFY(nvlist_alloc(&delayprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
4932 for (nvp
= nvlist_next_nvpair(props
, NULL
); nvp
!= NULL
;
4933 nvp
= nvlist_next_nvpair(props
, nvp
)) {
4935 * strcmp() is safe because zfs_prop_to_name() always returns
4938 for (i
= 0; delayable
[i
] != 0; i
++) {
4939 if (strcmp(zfs_prop_to_name(delayable
[i
]),
4940 nvpair_name(nvp
)) == 0) {
4944 if (delayable
[i
] != 0) {
4945 tmp
= nvlist_prev_nvpair(props
, nvp
);
4946 VERIFY(nvlist_add_nvpair(delayprops
, nvp
) == 0);
4947 VERIFY(nvlist_remove_nvpair(props
, nvp
) == 0);
4952 if (nvlist_empty(delayprops
)) {
4953 nvlist_free(delayprops
);
4956 return (delayprops
);
4960 zfs_allow_log_destroy(void *arg
)
4962 char *poolname
= arg
;
4964 if (poolname
!= NULL
)
4965 kmem_strfree(poolname
);
4969 static boolean_t zfs_ioc_recv_inject_err
;
4973 * nvlist 'errors' is always allocated. It will contain descriptions of
4974 * encountered errors, if any. It's the callers responsibility to free.
4977 zfs_ioc_recv_impl(char *tofs
, char *tosnap
, const char *origin
,
4978 nvlist_t
*recvprops
, nvlist_t
*localprops
, nvlist_t
*hidden_args
,
4979 boolean_t force
, boolean_t heal
, boolean_t resumable
, int input_fd
,
4980 dmu_replay_record_t
*begin_record
, uint64_t *read_bytes
,
4981 uint64_t *errflags
, nvlist_t
**errors
)
4983 dmu_recv_cookie_t drc
;
4985 int props_error
= 0;
4987 nvlist_t
*local_delayprops
= NULL
;
4988 nvlist_t
*recv_delayprops
= NULL
;
4989 nvlist_t
*inherited_delayprops
= NULL
;
4990 nvlist_t
*origprops
= NULL
; /* existing properties */
4991 nvlist_t
*origrecvd
= NULL
; /* existing received properties */
4992 boolean_t first_recvd_props
= B_FALSE
;
4993 boolean_t tofs_was_redacted
;
4994 zfs_file_t
*input_fp
;
4998 *errors
= fnvlist_alloc();
5001 if ((input_fp
= zfs_file_get(input_fd
)) == NULL
)
5002 return (SET_ERROR(EBADF
));
5004 noff
= off
= zfs_file_off(input_fp
);
5005 error
= dmu_recv_begin(tofs
, tosnap
, begin_record
, force
, heal
,
5006 resumable
, localprops
, hidden_args
, origin
, &drc
, input_fp
,
5010 tofs_was_redacted
= dsl_get_redacted(drc
.drc_ds
);
5013 * Set properties before we receive the stream so that they are applied
5014 * to the new data. Note that we must call dmu_recv_stream() if
5015 * dmu_recv_begin() succeeds.
5017 if (recvprops
!= NULL
&& !drc
.drc_newfs
) {
5018 if (spa_version(dsl_dataset_get_spa(drc
.drc_ds
)) >=
5019 SPA_VERSION_RECVD_PROPS
&&
5020 !dsl_prop_get_hasrecvd(tofs
))
5021 first_recvd_props
= B_TRUE
;
5024 * If new received properties are supplied, they are to
5025 * completely replace the existing received properties,
5026 * so stash away the existing ones.
5028 if (dsl_prop_get_received(tofs
, &origrecvd
) == 0) {
5029 nvlist_t
*errlist
= NULL
;
5031 * Don't bother writing a property if its value won't
5032 * change (and avoid the unnecessary security checks).
5034 * The first receive after SPA_VERSION_RECVD_PROPS is a
5035 * special case where we blow away all local properties
5038 if (!first_recvd_props
)
5039 props_reduce(recvprops
, origrecvd
);
5040 if (zfs_check_clearable(tofs
, origrecvd
, &errlist
) != 0)
5041 (void) nvlist_merge(*errors
, errlist
, 0);
5042 nvlist_free(errlist
);
5044 if (clear_received_props(tofs
, origrecvd
,
5045 first_recvd_props
? NULL
: recvprops
) != 0)
5046 *errflags
|= ZPROP_ERR_NOCLEAR
;
5048 *errflags
|= ZPROP_ERR_NOCLEAR
;
5053 * Stash away existing properties so we can restore them on error unless
5054 * we're doing the first receive after SPA_VERSION_RECVD_PROPS, in which
5055 * case "origrecvd" will take care of that.
5057 if (localprops
!= NULL
&& !drc
.drc_newfs
&& !first_recvd_props
) {
5059 if (dmu_objset_hold(tofs
, FTAG
, &os
) == 0) {
5060 if (dsl_prop_get_all(os
, &origprops
) != 0) {
5061 *errflags
|= ZPROP_ERR_NOCLEAR
;
5063 dmu_objset_rele(os
, FTAG
);
5065 *errflags
|= ZPROP_ERR_NOCLEAR
;
5069 if (recvprops
!= NULL
) {
5070 props_error
= dsl_prop_set_hasrecvd(tofs
);
5072 if (props_error
== 0) {
5073 recv_delayprops
= extract_delay_props(recvprops
);
5074 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
5075 recvprops
, *errors
);
5079 if (localprops
!= NULL
) {
5080 nvlist_t
*oprops
= fnvlist_alloc();
5081 nvlist_t
*xprops
= fnvlist_alloc();
5082 nvpair_t
*nvp
= NULL
;
5084 while ((nvp
= nvlist_next_nvpair(localprops
, nvp
)) != NULL
) {
5085 if (nvpair_type(nvp
) == DATA_TYPE_BOOLEAN
) {
5087 const char *name
= nvpair_name(nvp
);
5088 zfs_prop_t prop
= zfs_name_to_prop(name
);
5089 if (prop
!= ZPROP_USERPROP
) {
5090 if (!zfs_prop_inheritable(prop
))
5092 } else if (!zfs_prop_user(name
))
5094 fnvlist_add_boolean(xprops
, name
);
5096 /* -o property=value */
5097 fnvlist_add_nvpair(oprops
, nvp
);
5101 local_delayprops
= extract_delay_props(oprops
);
5102 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_LOCAL
,
5104 inherited_delayprops
= extract_delay_props(xprops
);
5105 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_INHERITED
,
5108 nvlist_free(oprops
);
5109 nvlist_free(xprops
);
5112 error
= dmu_recv_stream(&drc
, &off
);
5115 zfsvfs_t
*zfsvfs
= NULL
;
5116 zvol_state_handle_t
*zv
= NULL
;
5118 if (getzfsvfs(tofs
, &zfsvfs
) == 0) {
5122 boolean_t stream_is_redacted
= DMU_GET_FEATUREFLAGS(
5123 begin_record
->drr_u
.drr_begin
.
5124 drr_versioninfo
) & DMU_BACKUP_FEATURE_REDACTED
;
5126 ds
= dmu_objset_ds(zfsvfs
->z_os
);
5127 error
= zfs_suspend_fs(zfsvfs
);
5129 * If the suspend fails, then the recv_end will
5130 * likely also fail, and clean up after itself.
5132 end_err
= dmu_recv_end(&drc
, zfsvfs
);
5134 * If the dataset was not redacted, but we received a
5135 * redacted stream onto it, we need to unmount the
5136 * dataset. Otherwise, resume the filesystem.
5138 if (error
== 0 && !drc
.drc_newfs
&&
5139 stream_is_redacted
&& !tofs_was_redacted
) {
5140 error
= zfs_end_fs(zfsvfs
, ds
);
5141 } else if (error
== 0) {
5142 error
= zfs_resume_fs(zfsvfs
, ds
);
5144 error
= error
? error
: end_err
;
5145 zfs_vfs_rele(zfsvfs
);
5146 } else if ((zv
= zvol_suspend(tofs
)) != NULL
) {
5147 error
= dmu_recv_end(&drc
, zvol_tag(zv
));
5150 error
= dmu_recv_end(&drc
, NULL
);
5153 /* Set delayed properties now, after we're done receiving. */
5154 if (recv_delayprops
!= NULL
&& error
== 0) {
5155 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
5156 recv_delayprops
, *errors
);
5158 if (local_delayprops
!= NULL
&& error
== 0) {
5159 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_LOCAL
,
5160 local_delayprops
, *errors
);
5162 if (inherited_delayprops
!= NULL
&& error
== 0) {
5163 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_INHERITED
,
5164 inherited_delayprops
, *errors
);
5169 * Merge delayed props back in with initial props, in case
5170 * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
5171 * we have to make sure clear_received_props() includes
5172 * the delayed properties).
5174 * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
5175 * using ASSERT() will be just like a VERIFY.
5177 if (recv_delayprops
!= NULL
) {
5178 ASSERT(nvlist_merge(recvprops
, recv_delayprops
, 0) == 0);
5179 nvlist_free(recv_delayprops
);
5181 if (local_delayprops
!= NULL
) {
5182 ASSERT(nvlist_merge(localprops
, local_delayprops
, 0) == 0);
5183 nvlist_free(local_delayprops
);
5185 if (inherited_delayprops
!= NULL
) {
5186 ASSERT(nvlist_merge(localprops
, inherited_delayprops
, 0) == 0);
5187 nvlist_free(inherited_delayprops
);
5189 *read_bytes
= off
- noff
;
5192 if (zfs_ioc_recv_inject_err
) {
5193 zfs_ioc_recv_inject_err
= B_FALSE
;
5199 * On error, restore the original props.
5201 if (error
!= 0 && recvprops
!= NULL
&& !drc
.drc_newfs
) {
5202 if (clear_received_props(tofs
, recvprops
, NULL
) != 0) {
5204 * We failed to clear the received properties.
5205 * Since we may have left a $recvd value on the
5206 * system, we can't clear the $hasrecvd flag.
5208 *errflags
|= ZPROP_ERR_NORESTORE
;
5209 } else if (first_recvd_props
) {
5210 dsl_prop_unset_hasrecvd(tofs
);
5213 if (origrecvd
== NULL
&& !drc
.drc_newfs
) {
5214 /* We failed to stash the original properties. */
5215 *errflags
|= ZPROP_ERR_NORESTORE
;
5219 * dsl_props_set() will not convert RECEIVED to LOCAL on or
5220 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
5221 * explicitly if we're restoring local properties cleared in the
5222 * first new-style receive.
5224 if (origrecvd
!= NULL
&&
5225 zfs_set_prop_nvlist(tofs
, (first_recvd_props
?
5226 ZPROP_SRC_LOCAL
: ZPROP_SRC_RECEIVED
),
5227 origrecvd
, NULL
) != 0) {
5229 * We stashed the original properties but failed to
5232 *errflags
|= ZPROP_ERR_NORESTORE
;
5235 if (error
!= 0 && localprops
!= NULL
&& !drc
.drc_newfs
&&
5236 !first_recvd_props
) {
5238 nvlist_t
*inheritprops
;
5241 if (origprops
== NULL
) {
5242 /* We failed to stash the original properties. */
5243 *errflags
|= ZPROP_ERR_NORESTORE
;
5247 /* Restore original props */
5248 setprops
= fnvlist_alloc();
5249 inheritprops
= fnvlist_alloc();
5251 while ((nvp
= nvlist_next_nvpair(localprops
, nvp
)) != NULL
) {
5252 const char *name
= nvpair_name(nvp
);
5256 if (!nvlist_exists(origprops
, name
)) {
5258 * Property was not present or was explicitly
5259 * inherited before the receive, restore this.
5261 fnvlist_add_boolean(inheritprops
, name
);
5264 attrs
= fnvlist_lookup_nvlist(origprops
, name
);
5265 source
= fnvlist_lookup_string(attrs
, ZPROP_SOURCE
);
5267 /* Skip received properties */
5268 if (strcmp(source
, ZPROP_SOURCE_VAL_RECVD
) == 0)
5271 if (strcmp(source
, tofs
) == 0) {
5272 /* Property was locally set */
5273 fnvlist_add_nvlist(setprops
, name
, attrs
);
5275 /* Property was implicitly inherited */
5276 fnvlist_add_boolean(inheritprops
, name
);
5280 if (zfs_set_prop_nvlist(tofs
, ZPROP_SRC_LOCAL
, setprops
,
5282 *errflags
|= ZPROP_ERR_NORESTORE
;
5283 if (zfs_set_prop_nvlist(tofs
, ZPROP_SRC_INHERITED
, inheritprops
,
5285 *errflags
|= ZPROP_ERR_NORESTORE
;
5287 nvlist_free(setprops
);
5288 nvlist_free(inheritprops
);
5291 zfs_file_put(input_fp
);
5292 nvlist_free(origrecvd
);
5293 nvlist_free(origprops
);
5296 error
= props_error
;
5303 * zc_name name of containing filesystem (unused)
5304 * zc_nvlist_src{_size} nvlist of properties to apply
5305 * zc_nvlist_conf{_size} nvlist of properties to exclude
5306 * (DATA_TYPE_BOOLEAN) and override (everything else)
5307 * zc_value name of snapshot to create
5308 * zc_string name of clone origin (if DRR_FLAG_CLONE)
5309 * zc_cookie file descriptor to recv from
5310 * zc_begin_record the BEGIN record of the stream (not byteswapped)
5311 * zc_guid force flag
5314 * zc_cookie number of bytes read
5315 * zc_obj zprop_errflags_t
5316 * zc_nvlist_dst{_size} error for each unapplied received property
5319 zfs_ioc_recv(zfs_cmd_t
*zc
)
5321 dmu_replay_record_t begin_record
;
5322 nvlist_t
*errors
= NULL
;
5323 nvlist_t
*recvdprops
= NULL
;
5324 nvlist_t
*localprops
= NULL
;
5325 const char *origin
= NULL
;
5327 char tofs
[ZFS_MAX_DATASET_NAME_LEN
];
5330 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
5331 strchr(zc
->zc_value
, '@') == NULL
||
5332 strchr(zc
->zc_value
, '%'))
5333 return (SET_ERROR(EINVAL
));
5335 (void) strlcpy(tofs
, zc
->zc_value
, sizeof (tofs
));
5336 tosnap
= strchr(tofs
, '@');
5339 if (zc
->zc_nvlist_src
!= 0 &&
5340 (error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
5341 zc
->zc_iflags
, &recvdprops
)) != 0)
5344 if (zc
->zc_nvlist_conf
!= 0 &&
5345 (error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
5346 zc
->zc_iflags
, &localprops
)) != 0)
5349 if (zc
->zc_string
[0])
5350 origin
= zc
->zc_string
;
5352 begin_record
.drr_type
= DRR_BEGIN
;
5353 begin_record
.drr_payloadlen
= 0;
5354 begin_record
.drr_u
.drr_begin
= zc
->zc_begin_record
;
5356 error
= zfs_ioc_recv_impl(tofs
, tosnap
, origin
, recvdprops
, localprops
,
5357 NULL
, zc
->zc_guid
, B_FALSE
, B_FALSE
, zc
->zc_cookie
, &begin_record
,
5358 &zc
->zc_cookie
, &zc
->zc_obj
, &errors
);
5359 nvlist_free(recvdprops
);
5360 nvlist_free(localprops
);
5363 * Now that all props, initial and delayed, are set, report the prop
5364 * errors to the caller.
5366 if (zc
->zc_nvlist_dst_size
!= 0 && errors
!= NULL
&&
5367 (nvlist_smush(errors
, zc
->zc_nvlist_dst_size
) != 0 ||
5368 put_nvlist(zc
, errors
) != 0)) {
5370 * Caller made zc->zc_nvlist_dst less than the minimum expected
5371 * size or supplied an invalid address.
5373 error
= SET_ERROR(EINVAL
);
5376 nvlist_free(errors
);
5383 * "snapname" -> full name of the snapshot to create
5384 * (optional) "props" -> received properties to set (nvlist)
5385 * (optional) "localprops" -> override and exclude properties (nvlist)
5386 * (optional) "origin" -> name of clone origin (DRR_FLAG_CLONE)
5387 * "begin_record" -> non-byteswapped dmu_replay_record_t
5388 * "input_fd" -> file descriptor to read stream from (int32)
5389 * (optional) "force" -> force flag (value ignored)
5390 * (optional) "heal" -> use send stream to heal data corruption
5391 * (optional) "resumable" -> resumable flag (value ignored)
5392 * (optional) "cleanup_fd" -> unused
5393 * (optional) "action_handle" -> unused
5394 * (optional) "hidden_args" -> { "wkeydata" -> value }
5398 * "read_bytes" -> number of bytes read
5399 * "error_flags" -> zprop_errflags_t
5400 * "errors" -> error for each unapplied received property (nvlist)
5403 static const zfs_ioc_key_t zfs_keys_recv_new
[] = {
5404 {"snapname", DATA_TYPE_STRING
, 0},
5405 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
5406 {"localprops", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
5407 {"origin", DATA_TYPE_STRING
, ZK_OPTIONAL
},
5408 {"begin_record", DATA_TYPE_BYTE_ARRAY
, 0},
5409 {"input_fd", DATA_TYPE_INT32
, 0},
5410 {"force", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
5411 {"heal", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
5412 {"resumable", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
5413 {"cleanup_fd", DATA_TYPE_INT32
, ZK_OPTIONAL
},
5414 {"action_handle", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
5415 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
5419 zfs_ioc_recv_new(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5421 dmu_replay_record_t
*begin_record
;
5422 uint_t begin_record_size
;
5423 nvlist_t
*errors
= NULL
;
5424 nvlist_t
*recvprops
= NULL
;
5425 nvlist_t
*localprops
= NULL
;
5426 nvlist_t
*hidden_args
= NULL
;
5427 const char *snapname
;
5428 const char *origin
= NULL
;
5430 char tofs
[ZFS_MAX_DATASET_NAME_LEN
];
5433 boolean_t resumable
;
5434 uint64_t read_bytes
= 0;
5435 uint64_t errflags
= 0;
5439 snapname
= fnvlist_lookup_string(innvl
, "snapname");
5441 if (dataset_namecheck(snapname
, NULL
, NULL
) != 0 ||
5442 strchr(snapname
, '@') == NULL
||
5443 strchr(snapname
, '%'))
5444 return (SET_ERROR(EINVAL
));
5446 (void) strlcpy(tofs
, snapname
, sizeof (tofs
));
5447 tosnap
= strchr(tofs
, '@');
5450 error
= nvlist_lookup_string(innvl
, "origin", &origin
);
5451 if (error
&& error
!= ENOENT
)
5454 error
= nvlist_lookup_byte_array(innvl
, "begin_record",
5455 (uchar_t
**)&begin_record
, &begin_record_size
);
5456 if (error
!= 0 || begin_record_size
!= sizeof (*begin_record
))
5457 return (SET_ERROR(EINVAL
));
5459 input_fd
= fnvlist_lookup_int32(innvl
, "input_fd");
5461 force
= nvlist_exists(innvl
, "force");
5462 heal
= nvlist_exists(innvl
, "heal");
5463 resumable
= nvlist_exists(innvl
, "resumable");
5465 /* we still use "props" here for backwards compatibility */
5466 error
= nvlist_lookup_nvlist(innvl
, "props", &recvprops
);
5467 if (error
&& error
!= ENOENT
)
5470 error
= nvlist_lookup_nvlist(innvl
, "localprops", &localprops
);
5471 if (error
&& error
!= ENOENT
)
5474 error
= nvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
, &hidden_args
);
5475 if (error
&& error
!= ENOENT
)
5478 error
= zfs_ioc_recv_impl(tofs
, tosnap
, origin
, recvprops
, localprops
,
5479 hidden_args
, force
, heal
, resumable
, input_fd
, begin_record
,
5480 &read_bytes
, &errflags
, &errors
);
5482 fnvlist_add_uint64(outnvl
, "read_bytes", read_bytes
);
5483 fnvlist_add_uint64(outnvl
, "error_flags", errflags
);
5484 fnvlist_add_nvlist(outnvl
, "errors", errors
);
5486 nvlist_free(errors
);
5487 nvlist_free(recvprops
);
5488 nvlist_free(localprops
);
5493 typedef struct dump_bytes_io
{
5501 dump_bytes_cb(void *arg
)
5503 dump_bytes_io_t
*dbi
= (dump_bytes_io_t
*)arg
;
5510 dbi
->dbi_err
= zfs_file_write(fp
, buf
, dbi
->dbi_len
, NULL
);
5514 dump_bytes(objset_t
*os
, void *buf
, int len
, void *arg
)
5516 dump_bytes_io_t dbi
;
5522 #if defined(HAVE_LARGE_STACKS)
5523 dump_bytes_cb(&dbi
);
5526 * The vn_rdwr() call is performed in a taskq to ensure that there is
5527 * always enough stack space to write safely to the target filesystem.
5528 * The ZIO_TYPE_FREE threads are used because there can be a lot of
5529 * them and they are used in vdev_file.c for a similar purpose.
5531 spa_taskq_dispatch_sync(dmu_objset_spa(os
), ZIO_TYPE_FREE
,
5532 ZIO_TASKQ_ISSUE
, dump_bytes_cb
, &dbi
, TQ_SLEEP
);
5533 #endif /* HAVE_LARGE_STACKS */
5535 return (dbi
.dbi_err
);
5540 * zc_name name of snapshot to send
5541 * zc_cookie file descriptor to send stream to
5542 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
5543 * zc_sendobj objsetid of snapshot to send
5544 * zc_fromobj objsetid of incremental fromsnap (may be zero)
5545 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
5546 * output size in zc_objset_type.
5547 * zc_flags lzc_send_flags
5550 * zc_objset_type estimated size, if zc_guid is set
5552 * NOTE: This is no longer the preferred interface, any new functionality
5553 * should be added to zfs_ioc_send_new() instead.
5556 zfs_ioc_send(zfs_cmd_t
*zc
)
5560 boolean_t estimate
= (zc
->zc_guid
!= 0);
5561 boolean_t embedok
= (zc
->zc_flags
& 0x1);
5562 boolean_t large_block_ok
= (zc
->zc_flags
& 0x2);
5563 boolean_t compressok
= (zc
->zc_flags
& 0x4);
5564 boolean_t rawok
= (zc
->zc_flags
& 0x8);
5565 boolean_t savedok
= (zc
->zc_flags
& 0x10);
5567 if (zc
->zc_obj
!= 0) {
5569 dsl_dataset_t
*tosnap
;
5571 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5575 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &tosnap
);
5577 dsl_pool_rele(dp
, FTAG
);
5581 if (dsl_dir_is_clone(tosnap
->ds_dir
))
5583 dsl_dir_phys(tosnap
->ds_dir
)->dd_origin_obj
;
5584 dsl_dataset_rele(tosnap
, FTAG
);
5585 dsl_pool_rele(dp
, FTAG
);
5590 dsl_dataset_t
*tosnap
;
5591 dsl_dataset_t
*fromsnap
= NULL
;
5593 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5597 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
,
5600 dsl_pool_rele(dp
, FTAG
);
5604 if (zc
->zc_fromobj
!= 0) {
5605 error
= dsl_dataset_hold_obj(dp
, zc
->zc_fromobj
,
5608 dsl_dataset_rele(tosnap
, FTAG
);
5609 dsl_pool_rele(dp
, FTAG
);
5614 error
= dmu_send_estimate_fast(tosnap
, fromsnap
, NULL
,
5615 compressok
|| rawok
, savedok
, &zc
->zc_objset_type
);
5617 if (fromsnap
!= NULL
)
5618 dsl_dataset_rele(fromsnap
, FTAG
);
5619 dsl_dataset_rele(tosnap
, FTAG
);
5620 dsl_pool_rele(dp
, FTAG
);
5623 dmu_send_outparams_t out
= {0};
5625 if ((fp
= zfs_file_get(zc
->zc_cookie
)) == NULL
)
5626 return (SET_ERROR(EBADF
));
5628 off
= zfs_file_off(fp
);
5629 out
.dso_outfunc
= dump_bytes
;
5631 out
.dso_dryrun
= B_FALSE
;
5632 error
= dmu_send_obj(zc
->zc_name
, zc
->zc_sendobj
,
5633 zc
->zc_fromobj
, embedok
, large_block_ok
, compressok
,
5634 rawok
, savedok
, zc
->zc_cookie
, &off
, &out
);
5643 * zc_name name of snapshot on which to report progress
5644 * zc_cookie file descriptor of send stream
5647 * zc_cookie number of bytes written in send stream thus far
5648 * zc_objset_type logical size of data traversed by send thus far
5651 zfs_ioc_send_progress(zfs_cmd_t
*zc
)
5655 dmu_sendstatus_t
*dsp
= NULL
;
5658 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5662 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &ds
);
5664 dsl_pool_rele(dp
, FTAG
);
5668 mutex_enter(&ds
->ds_sendstream_lock
);
5671 * Iterate over all the send streams currently active on this dataset.
5672 * If there's one which matches the specified file descriptor _and_ the
5673 * stream was started by the current process, return the progress of
5677 for (dsp
= list_head(&ds
->ds_sendstreams
); dsp
!= NULL
;
5678 dsp
= list_next(&ds
->ds_sendstreams
, dsp
)) {
5679 if (dsp
->dss_outfd
== zc
->zc_cookie
&&
5680 zfs_proc_is_caller(dsp
->dss_proc
))
5685 zc
->zc_cookie
= atomic_cas_64((volatile uint64_t *)dsp
->dss_off
,
5687 /* This is the closest thing we have to atomic_read_64. */
5688 zc
->zc_objset_type
= atomic_cas_64(&dsp
->dss_blocks
, 0, 0);
5690 error
= SET_ERROR(ENOENT
);
5693 mutex_exit(&ds
->ds_sendstream_lock
);
5694 dsl_dataset_rele(ds
, FTAG
);
5695 dsl_pool_rele(dp
, FTAG
);
5700 zfs_ioc_inject_fault(zfs_cmd_t
*zc
)
5704 error
= zio_inject_fault(zc
->zc_name
, (int)zc
->zc_guid
, &id
,
5705 &zc
->zc_inject_record
);
5708 zc
->zc_guid
= (uint64_t)id
;
5714 zfs_ioc_clear_fault(zfs_cmd_t
*zc
)
5716 return (zio_clear_fault((int)zc
->zc_guid
));
5720 zfs_ioc_inject_list_next(zfs_cmd_t
*zc
)
5722 int id
= (int)zc
->zc_guid
;
5725 error
= zio_inject_list_next(&id
, zc
->zc_name
, sizeof (zc
->zc_name
),
5726 &zc
->zc_inject_record
);
5734 zfs_ioc_error_log(zfs_cmd_t
*zc
)
5739 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
5742 error
= spa_get_errlog(spa
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
5743 &zc
->zc_nvlist_dst_size
);
5745 spa_close(spa
, FTAG
);
5751 zfs_ioc_clear(zfs_cmd_t
*zc
)
5758 * On zpool clear we also fix up missing slogs
5760 mutex_enter(&spa_namespace_lock
);
5761 spa
= spa_lookup(zc
->zc_name
);
5763 mutex_exit(&spa_namespace_lock
);
5764 return (SET_ERROR(EIO
));
5766 if (spa_get_log_state(spa
) == SPA_LOG_MISSING
) {
5767 /* we need to let spa_open/spa_load clear the chains */
5768 spa_set_log_state(spa
, SPA_LOG_CLEAR
);
5770 spa
->spa_last_open_failed
= 0;
5771 mutex_exit(&spa_namespace_lock
);
5773 if (zc
->zc_cookie
& ZPOOL_NO_REWIND
) {
5774 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
5777 nvlist_t
*config
= NULL
;
5779 if (zc
->zc_nvlist_src
== 0)
5780 return (SET_ERROR(EINVAL
));
5782 if ((error
= get_nvlist(zc
->zc_nvlist_src
,
5783 zc
->zc_nvlist_src_size
, zc
->zc_iflags
, &policy
)) == 0) {
5784 error
= spa_open_rewind(zc
->zc_name
, &spa
, FTAG
,
5786 if (config
!= NULL
) {
5789 if ((err
= put_nvlist(zc
, config
)) != 0)
5791 nvlist_free(config
);
5793 nvlist_free(policy
);
5801 * If multihost is enabled, resuming I/O is unsafe as another
5802 * host may have imported the pool.
5804 if (spa_multihost(spa
) && spa_suspended(spa
))
5805 return (SET_ERROR(EINVAL
));
5807 spa_vdev_state_enter(spa
, SCL_NONE
);
5809 if (zc
->zc_guid
== 0) {
5812 vd
= spa_lookup_by_guid(spa
, zc
->zc_guid
, B_TRUE
);
5814 error
= SET_ERROR(ENODEV
);
5815 (void) spa_vdev_state_exit(spa
, NULL
, error
);
5816 spa_close(spa
, FTAG
);
5821 vdev_clear(spa
, vd
);
5823 (void) spa_vdev_state_exit(spa
, spa_suspended(spa
) ?
5824 NULL
: spa
->spa_root_vdev
, 0);
5827 * Resume any suspended I/Os.
5829 if (zio_resume(spa
) != 0)
5830 error
= SET_ERROR(EIO
);
5832 spa_close(spa
, FTAG
);
5838 * Reopen all the vdevs associated with the pool.
5841 * "scrub_restart" -> when true and scrub is running, allow to restart
5842 * scrub as the side effect of the reopen (boolean).
5847 static const zfs_ioc_key_t zfs_keys_pool_reopen
[] = {
5848 {"scrub_restart", DATA_TYPE_BOOLEAN_VALUE
, ZK_OPTIONAL
},
5852 zfs_ioc_pool_reopen(const char *pool
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5857 boolean_t rc
, scrub_restart
= B_TRUE
;
5860 error
= nvlist_lookup_boolean_value(innvl
,
5861 "scrub_restart", &rc
);
5866 error
= spa_open(pool
, &spa
, FTAG
);
5870 spa_vdev_state_enter(spa
, SCL_NONE
);
5873 * If the scrub_restart flag is B_FALSE and a scrub is already
5874 * in progress then set spa_scrub_reopen flag to B_TRUE so that
5875 * we don't restart the scrub as a side effect of the reopen.
5876 * Otherwise, let vdev_open() decided if a resilver is required.
5879 spa
->spa_scrub_reopen
= (!scrub_restart
&&
5880 dsl_scan_scrubbing(spa
->spa_dsl_pool
));
5881 vdev_reopen(spa
->spa_root_vdev
);
5882 spa
->spa_scrub_reopen
= B_FALSE
;
5884 (void) spa_vdev_state_exit(spa
, NULL
, 0);
5885 spa_close(spa
, FTAG
);
5891 * zc_name name of filesystem
5894 * zc_string name of conflicting snapshot, if there is one
5897 zfs_ioc_promote(zfs_cmd_t
*zc
)
5900 dsl_dataset_t
*ds
, *ods
;
5901 char origin
[ZFS_MAX_DATASET_NAME_LEN
];
5905 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
5906 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0 ||
5907 strchr(zc
->zc_name
, '%'))
5908 return (SET_ERROR(EINVAL
));
5910 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5914 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &ds
);
5916 dsl_pool_rele(dp
, FTAG
);
5920 if (!dsl_dir_is_clone(ds
->ds_dir
)) {
5921 dsl_dataset_rele(ds
, FTAG
);
5922 dsl_pool_rele(dp
, FTAG
);
5923 return (SET_ERROR(EINVAL
));
5926 error
= dsl_dataset_hold_obj(dp
,
5927 dsl_dir_phys(ds
->ds_dir
)->dd_origin_obj
, FTAG
, &ods
);
5929 dsl_dataset_rele(ds
, FTAG
);
5930 dsl_pool_rele(dp
, FTAG
);
5934 dsl_dataset_name(ods
, origin
);
5935 dsl_dataset_rele(ods
, FTAG
);
5936 dsl_dataset_rele(ds
, FTAG
);
5937 dsl_pool_rele(dp
, FTAG
);
5940 * We don't need to unmount *all* the origin fs's snapshots, but
5943 cp
= strchr(origin
, '@');
5946 (void) dmu_objset_find(origin
,
5947 zfs_unmount_snap_cb
, NULL
, DS_FIND_SNAPSHOTS
);
5948 return (dsl_dataset_promote(zc
->zc_name
, zc
->zc_string
));
5952 * Retrieve a single {user|group|project}{used|quota}@... property.
5955 * zc_name name of filesystem
5956 * zc_objset_type zfs_userquota_prop_t
5957 * zc_value domain name (eg. "S-1-234-567-89")
5958 * zc_guid RID/UID/GID
5961 * zc_cookie property value
5964 zfs_ioc_userspace_one(zfs_cmd_t
*zc
)
5969 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
5970 return (SET_ERROR(EINVAL
));
5972 error
= zfsvfs_hold(zc
->zc_name
, FTAG
, &zfsvfs
, B_FALSE
);
5976 error
= zfs_userspace_one(zfsvfs
,
5977 zc
->zc_objset_type
, zc
->zc_value
, zc
->zc_guid
, &zc
->zc_cookie
);
5978 zfsvfs_rele(zfsvfs
, FTAG
);
5985 * zc_name name of filesystem
5986 * zc_cookie zap cursor
5987 * zc_objset_type zfs_userquota_prop_t
5988 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
5991 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
5992 * zc_cookie zap cursor
5995 zfs_ioc_userspace_many(zfs_cmd_t
*zc
)
5998 int bufsize
= zc
->zc_nvlist_dst_size
;
6001 return (SET_ERROR(ENOMEM
));
6003 int error
= zfsvfs_hold(zc
->zc_name
, FTAG
, &zfsvfs
, B_FALSE
);
6007 void *buf
= vmem_alloc(bufsize
, KM_SLEEP
);
6009 error
= zfs_userspace_many(zfsvfs
, zc
->zc_objset_type
, &zc
->zc_cookie
,
6010 buf
, &zc
->zc_nvlist_dst_size
);
6013 error
= xcopyout(buf
,
6014 (void *)(uintptr_t)zc
->zc_nvlist_dst
,
6015 zc
->zc_nvlist_dst_size
);
6017 vmem_free(buf
, bufsize
);
6018 zfsvfs_rele(zfsvfs
, FTAG
);
6025 * zc_name name of filesystem
6031 zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
)
6036 if (getzfsvfs(zc
->zc_name
, &zfsvfs
) == 0) {
6037 if (!dmu_objset_userused_enabled(zfsvfs
->z_os
)) {
6039 * If userused is not enabled, it may be because the
6040 * objset needs to be closed & reopened (to grow the
6041 * objset_phys_t). Suspend/resume the fs will do that.
6043 dsl_dataset_t
*ds
, *newds
;
6045 ds
= dmu_objset_ds(zfsvfs
->z_os
);
6046 error
= zfs_suspend_fs(zfsvfs
);
6048 dmu_objset_refresh_ownership(ds
, &newds
,
6050 error
= zfs_resume_fs(zfsvfs
, newds
);
6054 mutex_enter(&zfsvfs
->z_os
->os_upgrade_lock
);
6055 if (zfsvfs
->z_os
->os_upgrade_id
== 0) {
6056 /* clear potential error code and retry */
6057 zfsvfs
->z_os
->os_upgrade_status
= 0;
6058 mutex_exit(&zfsvfs
->z_os
->os_upgrade_lock
);
6060 dsl_pool_config_enter(
6061 dmu_objset_pool(zfsvfs
->z_os
), FTAG
);
6062 dmu_objset_userspace_upgrade(zfsvfs
->z_os
);
6063 dsl_pool_config_exit(
6064 dmu_objset_pool(zfsvfs
->z_os
), FTAG
);
6066 mutex_exit(&zfsvfs
->z_os
->os_upgrade_lock
);
6069 taskq_wait_id(zfsvfs
->z_os
->os_spa
->spa_upgrade_taskq
,
6070 zfsvfs
->z_os
->os_upgrade_id
);
6071 error
= zfsvfs
->z_os
->os_upgrade_status
;
6073 zfs_vfs_rele(zfsvfs
);
6077 /* XXX kind of reading contents without owning */
6078 error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
, FTAG
, &os
);
6082 mutex_enter(&os
->os_upgrade_lock
);
6083 if (os
->os_upgrade_id
== 0) {
6084 /* clear potential error code and retry */
6085 os
->os_upgrade_status
= 0;
6086 mutex_exit(&os
->os_upgrade_lock
);
6088 dmu_objset_userspace_upgrade(os
);
6090 mutex_exit(&os
->os_upgrade_lock
);
6093 dsl_pool_rele(dmu_objset_pool(os
), FTAG
);
6095 taskq_wait_id(os
->os_spa
->spa_upgrade_taskq
, os
->os_upgrade_id
);
6096 error
= os
->os_upgrade_status
;
6098 dsl_dataset_rele_flags(dmu_objset_ds(os
), DS_HOLD_FLAG_DECRYPT
,
6106 * zc_name name of filesystem
6112 zfs_ioc_id_quota_upgrade(zfs_cmd_t
*zc
)
6117 error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
, FTAG
, &os
);
6121 if (dmu_objset_userobjspace_upgradable(os
) ||
6122 dmu_objset_projectquota_upgradable(os
)) {
6123 mutex_enter(&os
->os_upgrade_lock
);
6124 if (os
->os_upgrade_id
== 0) {
6125 /* clear potential error code and retry */
6126 os
->os_upgrade_status
= 0;
6127 mutex_exit(&os
->os_upgrade_lock
);
6129 dmu_objset_id_quota_upgrade(os
);
6131 mutex_exit(&os
->os_upgrade_lock
);
6134 dsl_pool_rele(dmu_objset_pool(os
), FTAG
);
6136 taskq_wait_id(os
->os_spa
->spa_upgrade_taskq
, os
->os_upgrade_id
);
6137 error
= os
->os_upgrade_status
;
6139 dsl_pool_rele(dmu_objset_pool(os
), FTAG
);
6142 dsl_dataset_rele_flags(dmu_objset_ds(os
), DS_HOLD_FLAG_DECRYPT
, FTAG
);
6148 zfs_ioc_share(zfs_cmd_t
*zc
)
6150 return (SET_ERROR(ENOSYS
));
6155 * zc_name name of containing filesystem
6156 * zc_obj object # beyond which we want next in-use object #
6159 * zc_obj next in-use object #
6162 zfs_ioc_next_obj(zfs_cmd_t
*zc
)
6164 objset_t
*os
= NULL
;
6167 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
6171 error
= dmu_object_next(os
, &zc
->zc_obj
, B_FALSE
, 0);
6173 dmu_objset_rele(os
, FTAG
);
6179 * zc_name name of filesystem
6180 * zc_value prefix name for snapshot
6181 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
6184 * zc_value short name of new snapshot
6187 zfs_ioc_tmp_snapshot(zfs_cmd_t
*zc
)
6193 zfs_file_t
*fp
= zfs_onexit_fd_hold(zc
->zc_cleanup_fd
, &minor
);
6195 return (SET_ERROR(EBADF
));
6197 snap_name
= kmem_asprintf("%s-%016llx", zc
->zc_value
,
6198 (u_longlong_t
)ddi_get_lbolt64());
6199 hold_name
= kmem_asprintf("%%%s", zc
->zc_value
);
6201 int error
= dsl_dataset_snapshot_tmp(zc
->zc_name
, snap_name
, minor
,
6204 (void) strlcpy(zc
->zc_value
, snap_name
,
6205 sizeof (zc
->zc_value
));
6206 kmem_strfree(snap_name
);
6207 kmem_strfree(hold_name
);
6208 zfs_onexit_fd_rele(fp
);
6214 * zc_name name of "to" snapshot
6215 * zc_value name of "from" snapshot
6216 * zc_cookie file descriptor to write diff data on
6219 * dmu_diff_record_t's to the file descriptor
6222 zfs_ioc_diff(zfs_cmd_t
*zc
)
6228 if ((fp
= zfs_file_get(zc
->zc_cookie
)) == NULL
)
6229 return (SET_ERROR(EBADF
));
6231 off
= zfs_file_off(fp
);
6232 error
= dmu_diff(zc
->zc_name
, zc
->zc_value
, fp
, &off
);
6240 zfs_ioc_smb_acl(zfs_cmd_t
*zc
)
6242 return (SET_ERROR(ENOTSUP
));
6247 * "holds" -> { snapname -> holdname (string), ... }
6248 * (optional) "cleanup_fd" -> fd (int32)
6252 * snapname -> error value (int32)
6256 static const zfs_ioc_key_t zfs_keys_hold
[] = {
6257 {"holds", DATA_TYPE_NVLIST
, 0},
6258 {"cleanup_fd", DATA_TYPE_INT32
, ZK_OPTIONAL
},
6262 zfs_ioc_hold(const char *pool
, nvlist_t
*args
, nvlist_t
*errlist
)
6267 int cleanup_fd
= -1;
6270 zfs_file_t
*fp
= NULL
;
6272 holds
= fnvlist_lookup_nvlist(args
, "holds");
6274 /* make sure the user didn't pass us any invalid (empty) tags */
6275 for (pair
= nvlist_next_nvpair(holds
, NULL
); pair
!= NULL
;
6276 pair
= nvlist_next_nvpair(holds
, pair
)) {
6279 error
= nvpair_value_string(pair
, &htag
);
6281 return (SET_ERROR(error
));
6283 if (strlen(htag
) == 0)
6284 return (SET_ERROR(EINVAL
));
6287 if (nvlist_lookup_int32(args
, "cleanup_fd", &cleanup_fd
) == 0) {
6288 fp
= zfs_onexit_fd_hold(cleanup_fd
, &minor
);
6290 return (SET_ERROR(EBADF
));
6293 error
= dsl_dataset_user_hold(holds
, minor
, errlist
);
6295 ASSERT3U(minor
, !=, 0);
6296 zfs_onexit_fd_rele(fp
);
6298 return (SET_ERROR(error
));
6302 * innvl is not used.
6305 * holdname -> time added (uint64 seconds since epoch)
6309 static const zfs_ioc_key_t zfs_keys_get_holds
[] = {
6314 zfs_ioc_get_holds(const char *snapname
, nvlist_t
*args
, nvlist_t
*outnvl
)
6317 return (dsl_dataset_get_holds(snapname
, outnvl
));
6322 * snapname -> { holdname, ... }
6327 * snapname -> error value (int32)
6331 static const zfs_ioc_key_t zfs_keys_release
[] = {
6332 {"<snapname>...", DATA_TYPE_NVLIST
, ZK_WILDCARDLIST
},
6336 zfs_ioc_release(const char *pool
, nvlist_t
*holds
, nvlist_t
*errlist
)
6339 return (dsl_dataset_user_release(holds
, errlist
));
6344 * zc_guid flags (ZEVENT_NONBLOCK)
6345 * zc_cleanup_fd zevent file descriptor
6348 * zc_nvlist_dst next nvlist event
6349 * zc_cookie dropped events since last get
6352 zfs_ioc_events_next(zfs_cmd_t
*zc
)
6355 nvlist_t
*event
= NULL
;
6357 uint64_t dropped
= 0;
6360 zfs_file_t
*fp
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
6362 return (SET_ERROR(EBADF
));
6365 error
= zfs_zevent_next(ze
, &event
,
6366 &zc
->zc_nvlist_dst_size
, &dropped
);
6367 if (event
!= NULL
) {
6368 zc
->zc_cookie
= dropped
;
6369 error
= put_nvlist(zc
, event
);
6373 if (zc
->zc_guid
& ZEVENT_NONBLOCK
)
6376 if ((error
== 0) || (error
!= ENOENT
))
6379 error
= zfs_zevent_wait(ze
);
6384 zfs_zevent_fd_rele(fp
);
6391 * zc_cookie cleared events count
6394 zfs_ioc_events_clear(zfs_cmd_t
*zc
)
6398 zfs_zevent_drain_all(&count
);
6399 zc
->zc_cookie
= count
;
6406 * zc_guid eid | ZEVENT_SEEK_START | ZEVENT_SEEK_END
6407 * zc_cleanup zevent file descriptor
6410 zfs_ioc_events_seek(zfs_cmd_t
*zc
)
6416 zfs_file_t
*fp
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
6418 return (SET_ERROR(EBADF
));
6420 error
= zfs_zevent_seek(ze
, zc
->zc_guid
);
6421 zfs_zevent_fd_rele(fp
);
6428 * zc_name name of later filesystem or snapshot
6429 * zc_value full name of old snapshot or bookmark
6432 * zc_cookie space in bytes
6433 * zc_objset_type compressed space in bytes
6434 * zc_perm_action uncompressed space in bytes
6437 zfs_ioc_space_written(zfs_cmd_t
*zc
)
6443 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
6446 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &new);
6448 dsl_pool_rele(dp
, FTAG
);
6451 if (strchr(zc
->zc_value
, '#') != NULL
) {
6452 zfs_bookmark_phys_t bmp
;
6453 error
= dsl_bookmark_lookup(dp
, zc
->zc_value
,
6456 error
= dsl_dataset_space_written_bookmark(&bmp
, new,
6458 &zc
->zc_objset_type
, &zc
->zc_perm_action
);
6462 error
= dsl_dataset_hold(dp
, zc
->zc_value
, FTAG
, &old
);
6465 error
= dsl_dataset_space_written(old
, new,
6467 &zc
->zc_objset_type
, &zc
->zc_perm_action
);
6468 dsl_dataset_rele(old
, FTAG
);
6471 dsl_dataset_rele(new, FTAG
);
6472 dsl_pool_rele(dp
, FTAG
);
6478 * "firstsnap" -> snapshot name
6482 * "used" -> space in bytes
6483 * "compressed" -> compressed space in bytes
6484 * "uncompressed" -> uncompressed space in bytes
6487 static const zfs_ioc_key_t zfs_keys_space_snaps
[] = {
6488 {"firstsnap", DATA_TYPE_STRING
, 0},
6492 zfs_ioc_space_snaps(const char *lastsnap
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6496 dsl_dataset_t
*new, *old
;
6497 const char *firstsnap
;
6498 uint64_t used
, comp
, uncomp
;
6500 firstsnap
= fnvlist_lookup_string(innvl
, "firstsnap");
6502 error
= dsl_pool_hold(lastsnap
, FTAG
, &dp
);
6506 error
= dsl_dataset_hold(dp
, lastsnap
, FTAG
, &new);
6507 if (error
== 0 && !new->ds_is_snapshot
) {
6508 dsl_dataset_rele(new, FTAG
);
6509 error
= SET_ERROR(EINVAL
);
6512 dsl_pool_rele(dp
, FTAG
);
6515 error
= dsl_dataset_hold(dp
, firstsnap
, FTAG
, &old
);
6516 if (error
== 0 && !old
->ds_is_snapshot
) {
6517 dsl_dataset_rele(old
, FTAG
);
6518 error
= SET_ERROR(EINVAL
);
6521 dsl_dataset_rele(new, FTAG
);
6522 dsl_pool_rele(dp
, FTAG
);
6526 error
= dsl_dataset_space_wouldfree(old
, new, &used
, &comp
, &uncomp
);
6527 dsl_dataset_rele(old
, FTAG
);
6528 dsl_dataset_rele(new, FTAG
);
6529 dsl_pool_rele(dp
, FTAG
);
6530 fnvlist_add_uint64(outnvl
, "used", used
);
6531 fnvlist_add_uint64(outnvl
, "compressed", comp
);
6532 fnvlist_add_uint64(outnvl
, "uncompressed", uncomp
);
6538 * "fd" -> file descriptor to write stream to (int32)
6539 * (optional) "fromsnap" -> full snap name to send an incremental from
6540 * (optional) "largeblockok" -> (value ignored)
6541 * indicates that blocks > 128KB are permitted
6542 * (optional) "embedok" -> (value ignored)
6543 * presence indicates DRR_WRITE_EMBEDDED records are permitted
6544 * (optional) "compressok" -> (value ignored)
6545 * presence indicates compressed DRR_WRITE records are permitted
6546 * (optional) "rawok" -> (value ignored)
6547 * presence indicates raw encrypted records should be used.
6548 * (optional) "savedok" -> (value ignored)
6549 * presence indicates we should send a partially received snapshot
6550 * (optional) "resume_object" and "resume_offset" -> (uint64)
6551 * if present, resume send stream from specified object and offset.
6552 * (optional) "redactbook" -> (string)
6553 * if present, use this bookmark's redaction list to generate a redacted
6559 static const zfs_ioc_key_t zfs_keys_send_new
[] = {
6560 {"fd", DATA_TYPE_INT32
, 0},
6561 {"fromsnap", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6562 {"largeblockok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6563 {"embedok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6564 {"compressok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6565 {"rawok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6566 {"savedok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6567 {"resume_object", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6568 {"resume_offset", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6569 {"redactbook", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6573 zfs_ioc_send_new(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6578 const char *fromname
= NULL
;
6581 boolean_t largeblockok
;
6583 boolean_t compressok
;
6586 uint64_t resumeobj
= 0;
6587 uint64_t resumeoff
= 0;
6588 const char *redactbook
= NULL
;
6590 fd
= fnvlist_lookup_int32(innvl
, "fd");
6592 (void) nvlist_lookup_string(innvl
, "fromsnap", &fromname
);
6594 largeblockok
= nvlist_exists(innvl
, "largeblockok");
6595 embedok
= nvlist_exists(innvl
, "embedok");
6596 compressok
= nvlist_exists(innvl
, "compressok");
6597 rawok
= nvlist_exists(innvl
, "rawok");
6598 savedok
= nvlist_exists(innvl
, "savedok");
6600 (void) nvlist_lookup_uint64(innvl
, "resume_object", &resumeobj
);
6601 (void) nvlist_lookup_uint64(innvl
, "resume_offset", &resumeoff
);
6603 (void) nvlist_lookup_string(innvl
, "redactbook", &redactbook
);
6605 if ((fp
= zfs_file_get(fd
)) == NULL
)
6606 return (SET_ERROR(EBADF
));
6608 off
= zfs_file_off(fp
);
6610 dmu_send_outparams_t out
= {0};
6611 out
.dso_outfunc
= dump_bytes
;
6613 out
.dso_dryrun
= B_FALSE
;
6614 error
= dmu_send(snapname
, fromname
, embedok
, largeblockok
,
6615 compressok
, rawok
, savedok
, resumeobj
, resumeoff
,
6616 redactbook
, fd
, &off
, &out
);
6623 send_space_sum(objset_t
*os
, void *buf
, int len
, void *arg
)
6625 (void) os
, (void) buf
;
6626 uint64_t *size
= arg
;
6633 * Determine approximately how large a zfs send stream will be -- the number
6634 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
6637 * (optional) "from" -> full snap or bookmark name to send an incremental
6639 * (optional) "largeblockok" -> (value ignored)
6640 * indicates that blocks > 128KB are permitted
6641 * (optional) "embedok" -> (value ignored)
6642 * presence indicates DRR_WRITE_EMBEDDED records are permitted
6643 * (optional) "compressok" -> (value ignored)
6644 * presence indicates compressed DRR_WRITE records are permitted
6645 * (optional) "rawok" -> (value ignored)
6646 * presence indicates raw encrypted records should be used.
6647 * (optional) "resume_object" and "resume_offset" -> (uint64)
6648 * if present, resume send stream from specified object and offset.
6649 * (optional) "fd" -> file descriptor to use as a cookie for progress
6654 * "space" -> bytes of space (uint64)
6657 static const zfs_ioc_key_t zfs_keys_send_space
[] = {
6658 {"from", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6659 {"fromsnap", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6660 {"largeblockok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6661 {"embedok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6662 {"compressok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6663 {"rawok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6664 {"fd", DATA_TYPE_INT32
, ZK_OPTIONAL
},
6665 {"redactbook", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6666 {"resume_object", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6667 {"resume_offset", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6668 {"bytes", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6672 zfs_ioc_send_space(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6675 dsl_dataset_t
*tosnap
;
6676 dsl_dataset_t
*fromsnap
= NULL
;
6678 const char *fromname
= NULL
;
6679 const char *redactlist_book
= NULL
;
6680 boolean_t largeblockok
;
6682 boolean_t compressok
;
6686 boolean_t full_estimate
= B_FALSE
;
6687 uint64_t resumeobj
= 0;
6688 uint64_t resumeoff
= 0;
6689 uint64_t resume_bytes
= 0;
6691 zfs_bookmark_phys_t zbm
= {0};
6693 error
= dsl_pool_hold(snapname
, FTAG
, &dp
);
6697 error
= dsl_dataset_hold(dp
, snapname
, FTAG
, &tosnap
);
6699 dsl_pool_rele(dp
, FTAG
);
6702 (void) nvlist_lookup_int32(innvl
, "fd", &fd
);
6704 largeblockok
= nvlist_exists(innvl
, "largeblockok");
6705 embedok
= nvlist_exists(innvl
, "embedok");
6706 compressok
= nvlist_exists(innvl
, "compressok");
6707 rawok
= nvlist_exists(innvl
, "rawok");
6708 savedok
= nvlist_exists(innvl
, "savedok");
6709 boolean_t from
= (nvlist_lookup_string(innvl
, "from", &fromname
) == 0);
6710 boolean_t altbook
= (nvlist_lookup_string(innvl
, "redactbook",
6711 &redactlist_book
) == 0);
6713 (void) nvlist_lookup_uint64(innvl
, "resume_object", &resumeobj
);
6714 (void) nvlist_lookup_uint64(innvl
, "resume_offset", &resumeoff
);
6715 (void) nvlist_lookup_uint64(innvl
, "bytes", &resume_bytes
);
6718 full_estimate
= B_TRUE
;
6720 if (strchr(fromname
, '#')) {
6721 error
= dsl_bookmark_lookup(dp
, fromname
, tosnap
, &zbm
);
6724 * dsl_bookmark_lookup() will fail with EXDEV if
6725 * the from-bookmark and tosnap are at the same txg.
6726 * However, it's valid to do a send (and therefore,
6727 * a send estimate) from and to the same time point,
6728 * if the bookmark is redacted (the incremental send
6729 * can change what's redacted on the target). In
6730 * this case, dsl_bookmark_lookup() fills in zbm
6731 * but returns EXDEV. Ignore this error.
6733 if (error
== EXDEV
&& zbm
.zbm_redaction_obj
!= 0 &&
6735 dsl_dataset_phys(tosnap
)->ds_guid
)
6739 dsl_dataset_rele(tosnap
, FTAG
);
6740 dsl_pool_rele(dp
, FTAG
);
6743 if (zbm
.zbm_redaction_obj
!= 0 || !(zbm
.zbm_flags
&
6744 ZBM_FLAG_HAS_FBN
)) {
6745 full_estimate
= B_TRUE
;
6747 } else if (strchr(fromname
, '@')) {
6748 error
= dsl_dataset_hold(dp
, fromname
, FTAG
, &fromsnap
);
6750 dsl_dataset_rele(tosnap
, FTAG
);
6751 dsl_pool_rele(dp
, FTAG
);
6755 if (!dsl_dataset_is_before(tosnap
, fromsnap
, 0)) {
6756 full_estimate
= B_TRUE
;
6757 dsl_dataset_rele(fromsnap
, FTAG
);
6761 * from is not properly formatted as a snapshot or
6764 dsl_dataset_rele(tosnap
, FTAG
);
6765 dsl_pool_rele(dp
, FTAG
);
6766 return (SET_ERROR(EINVAL
));
6770 if (full_estimate
) {
6771 dmu_send_outparams_t out
= {0};
6773 out
.dso_outfunc
= send_space_sum
;
6774 out
.dso_arg
= &space
;
6775 out
.dso_dryrun
= B_TRUE
;
6777 * We have to release these holds so dmu_send can take them. It
6778 * will do all the error checking we need.
6780 dsl_dataset_rele(tosnap
, FTAG
);
6781 dsl_pool_rele(dp
, FTAG
);
6782 error
= dmu_send(snapname
, fromname
, embedok
, largeblockok
,
6783 compressok
, rawok
, savedok
, resumeobj
, resumeoff
,
6784 redactlist_book
, fd
, &off
, &out
);
6786 error
= dmu_send_estimate_fast(tosnap
, fromsnap
,
6787 (from
&& strchr(fromname
, '#') != NULL
? &zbm
: NULL
),
6788 compressok
|| rawok
, savedok
, &space
);
6789 space
-= resume_bytes
;
6790 if (fromsnap
!= NULL
)
6791 dsl_dataset_rele(fromsnap
, FTAG
);
6792 dsl_dataset_rele(tosnap
, FTAG
);
6793 dsl_pool_rele(dp
, FTAG
);
6796 fnvlist_add_uint64(outnvl
, "space", space
);
6802 * Sync the currently open TXG to disk for the specified pool.
6803 * This is somewhat similar to 'zfs_sync()'.
6804 * For cases that do not result in error this ioctl will wait for
6805 * the currently open TXG to commit before returning back to the caller.
6808 * "force" -> when true, force uberblock update even if there is no dirty data.
6809 * In addition this will cause the vdev configuration to be written
6810 * out including updating the zpool cache file. (boolean_t)
6815 static const zfs_ioc_key_t zfs_keys_pool_sync
[] = {
6816 {"force", DATA_TYPE_BOOLEAN_VALUE
, 0},
6820 zfs_ioc_pool_sync(const char *pool
, nvlist_t
*innvl
, nvlist_t
*onvl
)
6824 boolean_t rc
, force
= B_FALSE
;
6827 if ((err
= spa_open(pool
, &spa
, FTAG
)) != 0)
6831 err
= nvlist_lookup_boolean_value(innvl
, "force", &rc
);
6837 spa_config_enter(spa
, SCL_CONFIG
, FTAG
, RW_WRITER
);
6838 vdev_config_dirty(spa
->spa_root_vdev
);
6839 spa_config_exit(spa
, SCL_CONFIG
, FTAG
);
6841 txg_wait_synced(spa_get_dsl(spa
), 0);
6843 spa_close(spa
, FTAG
);
6849 * Load a user's wrapping key into the kernel.
6851 * "hidden_args" -> { "wkeydata" -> value }
6852 * raw uint8_t array of encryption wrapping key data (32 bytes)
6853 * (optional) "noop" -> (value ignored)
6854 * presence indicated key should only be verified, not loaded
6857 static const zfs_ioc_key_t zfs_keys_load_key
[] = {
6858 {"hidden_args", DATA_TYPE_NVLIST
, 0},
6859 {"noop", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6863 zfs_ioc_load_key(const char *dsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6867 dsl_crypto_params_t
*dcp
= NULL
;
6868 nvlist_t
*hidden_args
;
6869 boolean_t noop
= nvlist_exists(innvl
, "noop");
6871 if (strchr(dsname
, '@') != NULL
|| strchr(dsname
, '%') != NULL
) {
6872 ret
= SET_ERROR(EINVAL
);
6876 hidden_args
= fnvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
);
6878 ret
= dsl_crypto_params_create_nvlist(DCP_CMD_NONE
, NULL
,
6883 ret
= spa_keystore_load_wkey(dsname
, dcp
, noop
);
6887 dsl_crypto_params_free(dcp
, noop
);
6892 dsl_crypto_params_free(dcp
, B_TRUE
);
6897 * Unload a user's wrapping key from the kernel.
6898 * Both innvl and outnvl are unused.
6900 static const zfs_ioc_key_t zfs_keys_unload_key
[] = {
6905 zfs_ioc_unload_key(const char *dsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6907 (void) innvl
, (void) outnvl
;
6910 if (strchr(dsname
, '@') != NULL
|| strchr(dsname
, '%') != NULL
) {
6911 ret
= (SET_ERROR(EINVAL
));
6915 ret
= spa_keystore_unload_wkey(dsname
);
6924 * Changes a user's wrapping key used to decrypt a dataset. The keyformat,
6925 * keylocation, pbkdf2salt, and pbkdf2iters properties can also be specified
6926 * here to change how the key is derived in userspace.
6929 * "hidden_args" (optional) -> { "wkeydata" -> value }
6930 * raw uint8_t array of new encryption wrapping key data (32 bytes)
6931 * "props" (optional) -> { prop -> value }
6936 static const zfs_ioc_key_t zfs_keys_change_key
[] = {
6937 {"crypt_cmd", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6938 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
6939 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
6943 zfs_ioc_change_key(const char *dsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6947 uint64_t cmd
= DCP_CMD_NONE
;
6948 dsl_crypto_params_t
*dcp
= NULL
;
6949 nvlist_t
*args
= NULL
, *hidden_args
= NULL
;
6951 if (strchr(dsname
, '@') != NULL
|| strchr(dsname
, '%') != NULL
) {
6952 ret
= (SET_ERROR(EINVAL
));
6956 (void) nvlist_lookup_uint64(innvl
, "crypt_cmd", &cmd
);
6957 (void) nvlist_lookup_nvlist(innvl
, "props", &args
);
6958 (void) nvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
, &hidden_args
);
6960 ret
= dsl_crypto_params_create_nvlist(cmd
, args
, hidden_args
, &dcp
);
6964 ret
= spa_keystore_change_key(dsname
, dcp
);
6968 dsl_crypto_params_free(dcp
, B_FALSE
);
6973 dsl_crypto_params_free(dcp
, B_TRUE
);
6977 static zfs_ioc_vec_t zfs_ioc_vec
[ZFS_IOC_LAST
- ZFS_IOC_FIRST
];
6980 zfs_ioctl_register_legacy(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
6981 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_namecheck_t namecheck
,
6982 boolean_t log_history
, zfs_ioc_poolcheck_t pool_check
)
6984 zfs_ioc_vec_t
*vec
= &zfs_ioc_vec
[ioc
- ZFS_IOC_FIRST
];
6986 ASSERT3U(ioc
, >=, ZFS_IOC_FIRST
);
6987 ASSERT3U(ioc
, <, ZFS_IOC_LAST
);
6988 ASSERT3P(vec
->zvec_legacy_func
, ==, NULL
);
6989 ASSERT3P(vec
->zvec_func
, ==, NULL
);
6991 vec
->zvec_legacy_func
= func
;
6992 vec
->zvec_secpolicy
= secpolicy
;
6993 vec
->zvec_namecheck
= namecheck
;
6994 vec
->zvec_allow_log
= log_history
;
6995 vec
->zvec_pool_check
= pool_check
;
6999 * See the block comment at the beginning of this file for details on
7000 * each argument to this function.
7003 zfs_ioctl_register(const char *name
, zfs_ioc_t ioc
, zfs_ioc_func_t
*func
,
7004 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_namecheck_t namecheck
,
7005 zfs_ioc_poolcheck_t pool_check
, boolean_t smush_outnvlist
,
7006 boolean_t allow_log
, const zfs_ioc_key_t
*nvl_keys
, size_t num_keys
)
7008 zfs_ioc_vec_t
*vec
= &zfs_ioc_vec
[ioc
- ZFS_IOC_FIRST
];
7010 ASSERT3U(ioc
, >=, ZFS_IOC_FIRST
);
7011 ASSERT3U(ioc
, <, ZFS_IOC_LAST
);
7012 ASSERT3P(vec
->zvec_legacy_func
, ==, NULL
);
7013 ASSERT3P(vec
->zvec_func
, ==, NULL
);
7015 /* if we are logging, the name must be valid */
7016 ASSERT(!allow_log
|| namecheck
!= NO_NAME
);
7018 vec
->zvec_name
= name
;
7019 vec
->zvec_func
= func
;
7020 vec
->zvec_secpolicy
= secpolicy
;
7021 vec
->zvec_namecheck
= namecheck
;
7022 vec
->zvec_pool_check
= pool_check
;
7023 vec
->zvec_smush_outnvlist
= smush_outnvlist
;
7024 vec
->zvec_allow_log
= allow_log
;
7025 vec
->zvec_nvl_keys
= nvl_keys
;
7026 vec
->zvec_nvl_key_count
= num_keys
;
7030 zfs_ioctl_register_pool(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
7031 zfs_secpolicy_func_t
*secpolicy
, boolean_t log_history
,
7032 zfs_ioc_poolcheck_t pool_check
)
7034 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
7035 POOL_NAME
, log_history
, pool_check
);
7039 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
7040 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_poolcheck_t pool_check
)
7042 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
7043 DATASET_NAME
, B_FALSE
, pool_check
);
7047 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
)
7049 zfs_ioctl_register_legacy(ioc
, func
, zfs_secpolicy_config
,
7050 POOL_NAME
, B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
7054 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
7055 zfs_secpolicy_func_t
*secpolicy
)
7057 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
7058 NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7062 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc
,
7063 zfs_ioc_legacy_func_t
*func
, zfs_secpolicy_func_t
*secpolicy
)
7065 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
7066 DATASET_NAME
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7070 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
)
7072 zfs_ioctl_register_dataset_read_secpolicy(ioc
, func
,
7073 zfs_secpolicy_read
);
7077 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
7078 zfs_secpolicy_func_t
*secpolicy
)
7080 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
7081 DATASET_NAME
, B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
7085 zfs_ioctl_init(void)
7087 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT
,
7088 zfs_ioc_snapshot
, zfs_secpolicy_snapshot
, POOL_NAME
,
7089 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7090 zfs_keys_snapshot
, ARRAY_SIZE(zfs_keys_snapshot
));
7092 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY
,
7093 zfs_ioc_log_history
, zfs_secpolicy_log_history
, NO_NAME
,
7094 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7095 zfs_keys_log_history
, ARRAY_SIZE(zfs_keys_log_history
));
7097 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS
,
7098 zfs_ioc_space_snaps
, zfs_secpolicy_read
, DATASET_NAME
,
7099 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
7100 zfs_keys_space_snaps
, ARRAY_SIZE(zfs_keys_space_snaps
));
7102 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW
,
7103 zfs_ioc_send_new
, zfs_secpolicy_send_new
, DATASET_NAME
,
7104 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
7105 zfs_keys_send_new
, ARRAY_SIZE(zfs_keys_send_new
));
7107 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE
,
7108 zfs_ioc_send_space
, zfs_secpolicy_read
, DATASET_NAME
,
7109 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
7110 zfs_keys_send_space
, ARRAY_SIZE(zfs_keys_send_space
));
7112 zfs_ioctl_register("create", ZFS_IOC_CREATE
,
7113 zfs_ioc_create
, zfs_secpolicy_create_clone
, DATASET_NAME
,
7114 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7115 zfs_keys_create
, ARRAY_SIZE(zfs_keys_create
));
7117 zfs_ioctl_register("clone", ZFS_IOC_CLONE
,
7118 zfs_ioc_clone
, zfs_secpolicy_create_clone
, DATASET_NAME
,
7119 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7120 zfs_keys_clone
, ARRAY_SIZE(zfs_keys_clone
));
7122 zfs_ioctl_register("remap", ZFS_IOC_REMAP
,
7123 zfs_ioc_remap
, zfs_secpolicy_none
, DATASET_NAME
,
7124 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
,
7125 zfs_keys_remap
, ARRAY_SIZE(zfs_keys_remap
));
7127 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS
,
7128 zfs_ioc_destroy_snaps
, zfs_secpolicy_destroy_snaps
, POOL_NAME
,
7129 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7130 zfs_keys_destroy_snaps
, ARRAY_SIZE(zfs_keys_destroy_snaps
));
7132 zfs_ioctl_register("hold", ZFS_IOC_HOLD
,
7133 zfs_ioc_hold
, zfs_secpolicy_hold
, POOL_NAME
,
7134 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7135 zfs_keys_hold
, ARRAY_SIZE(zfs_keys_hold
));
7136 zfs_ioctl_register("release", ZFS_IOC_RELEASE
,
7137 zfs_ioc_release
, zfs_secpolicy_release
, POOL_NAME
,
7138 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7139 zfs_keys_release
, ARRAY_SIZE(zfs_keys_release
));
7141 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS
,
7142 zfs_ioc_get_holds
, zfs_secpolicy_read
, DATASET_NAME
,
7143 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
7144 zfs_keys_get_holds
, ARRAY_SIZE(zfs_keys_get_holds
));
7146 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK
,
7147 zfs_ioc_rollback
, zfs_secpolicy_rollback
, DATASET_NAME
,
7148 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
,
7149 zfs_keys_rollback
, ARRAY_SIZE(zfs_keys_rollback
));
7151 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK
,
7152 zfs_ioc_bookmark
, zfs_secpolicy_bookmark
, POOL_NAME
,
7153 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7154 zfs_keys_bookmark
, ARRAY_SIZE(zfs_keys_bookmark
));
7156 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS
,
7157 zfs_ioc_get_bookmarks
, zfs_secpolicy_read
, DATASET_NAME
,
7158 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
7159 zfs_keys_get_bookmarks
, ARRAY_SIZE(zfs_keys_get_bookmarks
));
7161 zfs_ioctl_register("get_bookmark_props", ZFS_IOC_GET_BOOKMARK_PROPS
,
7162 zfs_ioc_get_bookmark_props
, zfs_secpolicy_read
, ENTITY_NAME
,
7163 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
, zfs_keys_get_bookmark_props
,
7164 ARRAY_SIZE(zfs_keys_get_bookmark_props
));
7166 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS
,
7167 zfs_ioc_destroy_bookmarks
, zfs_secpolicy_destroy_bookmarks
,
7169 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7170 zfs_keys_destroy_bookmarks
,
7171 ARRAY_SIZE(zfs_keys_destroy_bookmarks
));
7173 zfs_ioctl_register("receive", ZFS_IOC_RECV_NEW
,
7174 zfs_ioc_recv_new
, zfs_secpolicy_recv
, DATASET_NAME
,
7175 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7176 zfs_keys_recv_new
, ARRAY_SIZE(zfs_keys_recv_new
));
7177 zfs_ioctl_register("load-key", ZFS_IOC_LOAD_KEY
,
7178 zfs_ioc_load_key
, zfs_secpolicy_load_key
,
7179 DATASET_NAME
, POOL_CHECK_SUSPENDED
, B_TRUE
, B_TRUE
,
7180 zfs_keys_load_key
, ARRAY_SIZE(zfs_keys_load_key
));
7181 zfs_ioctl_register("unload-key", ZFS_IOC_UNLOAD_KEY
,
7182 zfs_ioc_unload_key
, zfs_secpolicy_load_key
,
7183 DATASET_NAME
, POOL_CHECK_SUSPENDED
, B_TRUE
, B_TRUE
,
7184 zfs_keys_unload_key
, ARRAY_SIZE(zfs_keys_unload_key
));
7185 zfs_ioctl_register("change-key", ZFS_IOC_CHANGE_KEY
,
7186 zfs_ioc_change_key
, zfs_secpolicy_change_key
,
7187 DATASET_NAME
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
,
7188 B_TRUE
, B_TRUE
, zfs_keys_change_key
,
7189 ARRAY_SIZE(zfs_keys_change_key
));
7191 zfs_ioctl_register("sync", ZFS_IOC_POOL_SYNC
,
7192 zfs_ioc_pool_sync
, zfs_secpolicy_none
, POOL_NAME
,
7193 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7194 zfs_keys_pool_sync
, ARRAY_SIZE(zfs_keys_pool_sync
));
7195 zfs_ioctl_register("reopen", ZFS_IOC_POOL_REOPEN
, zfs_ioc_pool_reopen
,
7196 zfs_secpolicy_config
, POOL_NAME
, POOL_CHECK_SUSPENDED
, B_TRUE
,
7197 B_TRUE
, zfs_keys_pool_reopen
, ARRAY_SIZE(zfs_keys_pool_reopen
));
7199 zfs_ioctl_register("channel_program", ZFS_IOC_CHANNEL_PROGRAM
,
7200 zfs_ioc_channel_program
, zfs_secpolicy_config
,
7201 POOL_NAME
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
,
7202 B_TRUE
, zfs_keys_channel_program
,
7203 ARRAY_SIZE(zfs_keys_channel_program
));
7205 zfs_ioctl_register("redact", ZFS_IOC_REDACT
,
7206 zfs_ioc_redact
, zfs_secpolicy_config
, DATASET_NAME
,
7207 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7208 zfs_keys_redact
, ARRAY_SIZE(zfs_keys_redact
));
7210 zfs_ioctl_register("zpool_checkpoint", ZFS_IOC_POOL_CHECKPOINT
,
7211 zfs_ioc_pool_checkpoint
, zfs_secpolicy_config
, POOL_NAME
,
7212 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7213 zfs_keys_pool_checkpoint
, ARRAY_SIZE(zfs_keys_pool_checkpoint
));
7215 zfs_ioctl_register("zpool_discard_checkpoint",
7216 ZFS_IOC_POOL_DISCARD_CHECKPOINT
, zfs_ioc_pool_discard_checkpoint
,
7217 zfs_secpolicy_config
, POOL_NAME
,
7218 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7219 zfs_keys_pool_discard_checkpoint
,
7220 ARRAY_SIZE(zfs_keys_pool_discard_checkpoint
));
7222 zfs_ioctl_register("initialize", ZFS_IOC_POOL_INITIALIZE
,
7223 zfs_ioc_pool_initialize
, zfs_secpolicy_config
, POOL_NAME
,
7224 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7225 zfs_keys_pool_initialize
, ARRAY_SIZE(zfs_keys_pool_initialize
));
7227 zfs_ioctl_register("trim", ZFS_IOC_POOL_TRIM
,
7228 zfs_ioc_pool_trim
, zfs_secpolicy_config
, POOL_NAME
,
7229 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7230 zfs_keys_pool_trim
, ARRAY_SIZE(zfs_keys_pool_trim
));
7232 zfs_ioctl_register("wait", ZFS_IOC_WAIT
,
7233 zfs_ioc_wait
, zfs_secpolicy_none
, POOL_NAME
,
7234 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7235 zfs_keys_pool_wait
, ARRAY_SIZE(zfs_keys_pool_wait
));
7237 zfs_ioctl_register("wait_fs", ZFS_IOC_WAIT_FS
,
7238 zfs_ioc_wait_fs
, zfs_secpolicy_none
, DATASET_NAME
,
7239 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7240 zfs_keys_fs_wait
, ARRAY_SIZE(zfs_keys_fs_wait
));
7242 zfs_ioctl_register("set_bootenv", ZFS_IOC_SET_BOOTENV
,
7243 zfs_ioc_set_bootenv
, zfs_secpolicy_config
, POOL_NAME
,
7244 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
,
7245 zfs_keys_set_bootenv
, ARRAY_SIZE(zfs_keys_set_bootenv
));
7247 zfs_ioctl_register("get_bootenv", ZFS_IOC_GET_BOOTENV
,
7248 zfs_ioc_get_bootenv
, zfs_secpolicy_none
, POOL_NAME
,
7249 POOL_CHECK_SUSPENDED
, B_FALSE
, B_TRUE
,
7250 zfs_keys_get_bootenv
, ARRAY_SIZE(zfs_keys_get_bootenv
));
7252 zfs_ioctl_register("zpool_vdev_get_props", ZFS_IOC_VDEV_GET_PROPS
,
7253 zfs_ioc_vdev_get_props
, zfs_secpolicy_read
, POOL_NAME
,
7254 POOL_CHECK_NONE
, B_FALSE
, B_FALSE
, zfs_keys_vdev_get_props
,
7255 ARRAY_SIZE(zfs_keys_vdev_get_props
));
7257 zfs_ioctl_register("zpool_vdev_set_props", ZFS_IOC_VDEV_SET_PROPS
,
7258 zfs_ioc_vdev_set_props
, zfs_secpolicy_config
, POOL_NAME
,
7259 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7260 zfs_keys_vdev_set_props
, ARRAY_SIZE(zfs_keys_vdev_set_props
));
7262 zfs_ioctl_register("scrub", ZFS_IOC_POOL_SCRUB
,
7263 zfs_ioc_pool_scrub
, zfs_secpolicy_config
, POOL_NAME
,
7264 POOL_CHECK_NONE
, B_TRUE
, B_TRUE
,
7265 zfs_keys_pool_scrub
, ARRAY_SIZE(zfs_keys_pool_scrub
));
7267 /* IOCTLS that use the legacy function signature */
7269 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE
, zfs_ioc_pool_freeze
,
7270 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_READONLY
);
7272 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE
, zfs_ioc_pool_create
,
7273 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
7274 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN
,
7276 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE
,
7277 zfs_ioc_pool_upgrade
);
7278 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD
,
7280 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE
,
7281 zfs_ioc_vdev_remove
);
7282 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE
,
7283 zfs_ioc_vdev_set_state
);
7284 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH
,
7285 zfs_ioc_vdev_attach
);
7286 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH
,
7287 zfs_ioc_vdev_detach
);
7288 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH
,
7289 zfs_ioc_vdev_setpath
);
7290 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU
,
7291 zfs_ioc_vdev_setfru
);
7292 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS
,
7293 zfs_ioc_pool_set_props
);
7294 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT
,
7295 zfs_ioc_vdev_split
);
7296 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID
,
7297 zfs_ioc_pool_reguid
);
7299 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS
,
7300 zfs_ioc_pool_configs
, zfs_secpolicy_none
);
7301 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT
,
7302 zfs_ioc_pool_tryimport
, zfs_secpolicy_config
);
7303 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT
,
7304 zfs_ioc_inject_fault
, zfs_secpolicy_inject
);
7305 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT
,
7306 zfs_ioc_clear_fault
, zfs_secpolicy_inject
);
7307 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT
,
7308 zfs_ioc_inject_list_next
, zfs_secpolicy_inject
);
7311 * pool destroy, and export don't log the history as part of
7312 * zfsdev_ioctl, but rather zfs_ioc_pool_export
7313 * does the logging of those commands.
7315 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY
, zfs_ioc_pool_destroy
,
7316 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7317 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT
, zfs_ioc_pool_export
,
7318 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7320 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS
, zfs_ioc_pool_stats
,
7321 zfs_secpolicy_read
, B_FALSE
, POOL_CHECK_NONE
);
7322 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS
, zfs_ioc_pool_get_props
,
7323 zfs_secpolicy_read
, B_FALSE
, POOL_CHECK_NONE
);
7325 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG
, zfs_ioc_error_log
,
7326 zfs_secpolicy_inject
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7327 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME
,
7328 zfs_ioc_dsobj_to_dsname
,
7329 zfs_secpolicy_diff
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7330 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY
,
7331 zfs_ioc_pool_get_history
,
7332 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7334 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT
, zfs_ioc_pool_import
,
7335 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
7337 zfs_ioctl_register_pool(ZFS_IOC_CLEAR
, zfs_ioc_clear
,
7338 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_READONLY
);
7340 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN
,
7341 zfs_ioc_space_written
);
7342 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS
,
7343 zfs_ioc_objset_recvd_props
);
7344 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ
,
7346 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL
,
7348 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS
,
7349 zfs_ioc_objset_stats
);
7350 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS
,
7351 zfs_ioc_objset_zplprops
);
7352 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT
,
7353 zfs_ioc_dataset_list_next
);
7354 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT
,
7355 zfs_ioc_snapshot_list_next
);
7356 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS
,
7357 zfs_ioc_send_progress
);
7359 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF
,
7360 zfs_ioc_diff
, zfs_secpolicy_diff
);
7361 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS
,
7362 zfs_ioc_obj_to_stats
, zfs_secpolicy_diff
);
7363 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH
,
7364 zfs_ioc_obj_to_path
, zfs_secpolicy_diff
);
7365 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE
,
7366 zfs_ioc_userspace_one
, zfs_secpolicy_userspace_one
);
7367 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY
,
7368 zfs_ioc_userspace_many
, zfs_secpolicy_userspace_many
);
7369 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND
,
7370 zfs_ioc_send
, zfs_secpolicy_send
);
7372 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP
, zfs_ioc_set_prop
,
7373 zfs_secpolicy_none
);
7374 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY
, zfs_ioc_destroy
,
7375 zfs_secpolicy_destroy
);
7376 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME
, zfs_ioc_rename
,
7377 zfs_secpolicy_rename
);
7378 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV
, zfs_ioc_recv
,
7379 zfs_secpolicy_recv
);
7380 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE
, zfs_ioc_promote
,
7381 zfs_secpolicy_promote
);
7382 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP
,
7383 zfs_ioc_inherit_prop
, zfs_secpolicy_inherit_prop
);
7384 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL
, zfs_ioc_set_fsacl
,
7385 zfs_secpolicy_set_fsacl
);
7387 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE
, zfs_ioc_share
,
7388 zfs_secpolicy_share
, POOL_CHECK_NONE
);
7389 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL
, zfs_ioc_smb_acl
,
7390 zfs_secpolicy_smb_acl
, POOL_CHECK_NONE
);
7391 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE
,
7392 zfs_ioc_userspace_upgrade
, zfs_secpolicy_userspace_upgrade
,
7393 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
7394 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT
,
7395 zfs_ioc_tmp_snapshot
, zfs_secpolicy_tmp_snapshot
,
7396 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
7398 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_NEXT
, zfs_ioc_events_next
,
7399 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7400 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_CLEAR
, zfs_ioc_events_clear
,
7401 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7402 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_SEEK
, zfs_ioc_events_seek
,
7403 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7405 zfs_ioctl_init_os();
7409 * Verify that for non-legacy ioctls the input nvlist
7410 * pairs match against the expected input.
7412 * Possible errors are:
7413 * ZFS_ERR_IOC_ARG_UNAVAIL An unrecognized nvpair was encountered
7414 * ZFS_ERR_IOC_ARG_REQUIRED A required nvpair is missing
7415 * ZFS_ERR_IOC_ARG_BADTYPE Invalid type for nvpair
7418 zfs_check_input_nvpairs(nvlist_t
*innvl
, const zfs_ioc_vec_t
*vec
)
7420 const zfs_ioc_key_t
*nvl_keys
= vec
->zvec_nvl_keys
;
7421 boolean_t required_keys_found
= B_FALSE
;
7424 * examine each input pair
7426 for (nvpair_t
*pair
= nvlist_next_nvpair(innvl
, NULL
);
7427 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
7428 const char *name
= nvpair_name(pair
);
7429 data_type_t type
= nvpair_type(pair
);
7430 boolean_t identified
= B_FALSE
;
7433 * check pair against the documented names and type
7435 for (int k
= 0; k
< vec
->zvec_nvl_key_count
; k
++) {
7436 /* if not a wild card name, check for an exact match */
7437 if ((nvl_keys
[k
].zkey_flags
& ZK_WILDCARDLIST
) == 0 &&
7438 strcmp(nvl_keys
[k
].zkey_name
, name
) != 0)
7441 identified
= B_TRUE
;
7443 if (nvl_keys
[k
].zkey_type
!= DATA_TYPE_ANY
&&
7444 nvl_keys
[k
].zkey_type
!= type
) {
7445 return (SET_ERROR(ZFS_ERR_IOC_ARG_BADTYPE
));
7448 if (nvl_keys
[k
].zkey_flags
& ZK_OPTIONAL
)
7451 required_keys_found
= B_TRUE
;
7455 /* allow an 'optional' key, everything else is invalid */
7457 (strcmp(name
, "optional") != 0 ||
7458 type
!= DATA_TYPE_NVLIST
)) {
7459 return (SET_ERROR(ZFS_ERR_IOC_ARG_UNAVAIL
));
7463 /* verify that all required keys were found */
7464 for (int k
= 0; k
< vec
->zvec_nvl_key_count
; k
++) {
7465 if (nvl_keys
[k
].zkey_flags
& ZK_OPTIONAL
)
7468 if (nvl_keys
[k
].zkey_flags
& ZK_WILDCARDLIST
) {
7469 /* at least one non-optional key is expected here */
7470 if (!required_keys_found
)
7471 return (SET_ERROR(ZFS_ERR_IOC_ARG_REQUIRED
));
7475 if (!nvlist_exists(innvl
, nvl_keys
[k
].zkey_name
))
7476 return (SET_ERROR(ZFS_ERR_IOC_ARG_REQUIRED
));
7483 pool_status_check(const char *name
, zfs_ioc_namecheck_t type
,
7484 zfs_ioc_poolcheck_t check
)
7489 ASSERT(type
== POOL_NAME
|| type
== DATASET_NAME
||
7490 type
== ENTITY_NAME
);
7492 if (check
& POOL_CHECK_NONE
)
7495 error
= spa_open(name
, &spa
, FTAG
);
7497 if ((check
& POOL_CHECK_SUSPENDED
) && spa_suspended(spa
))
7498 error
= SET_ERROR(EAGAIN
);
7499 else if ((check
& POOL_CHECK_READONLY
) && !spa_writeable(spa
))
7500 error
= SET_ERROR(EROFS
);
7501 spa_close(spa
, FTAG
);
7507 zfsdev_getminor(zfs_file_t
*fp
, minor_t
*minorp
)
7509 zfsdev_state_t
*zs
, *fpd
;
7511 ASSERT(!MUTEX_HELD(&zfsdev_state_lock
));
7513 fpd
= zfs_file_private(fp
);
7515 return (SET_ERROR(EBADF
));
7517 mutex_enter(&zfsdev_state_lock
);
7519 for (zs
= &zfsdev_state_listhead
; zs
!= NULL
; zs
= zs
->zs_next
) {
7521 if (zs
->zs_minor
== -1)
7525 *minorp
= fpd
->zs_minor
;
7526 mutex_exit(&zfsdev_state_lock
);
7531 mutex_exit(&zfsdev_state_lock
);
7533 return (SET_ERROR(EBADF
));
7537 zfsdev_get_state(minor_t minor
, enum zfsdev_state_type which
)
7541 for (zs
= &zfsdev_state_listhead
; zs
!= NULL
; zs
= zs
->zs_next
) {
7542 if (zs
->zs_minor
== minor
) {
7546 return (zs
->zs_onexit
);
7548 return (zs
->zs_zevent
);
7559 * Find a free minor number. The zfsdev_state_list is expected to
7560 * be short since it is only a list of currently open file handles.
7563 zfsdev_minor_alloc(void)
7565 static minor_t last_minor
= 0;
7568 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
7570 for (m
= last_minor
+ 1; m
!= last_minor
; m
++) {
7571 if (m
> ZFSDEV_MAX_MINOR
)
7573 if (zfsdev_get_state(m
, ZST_ALL
) == NULL
) {
7583 zfsdev_state_init(void *priv
)
7585 zfsdev_state_t
*zs
, *zsprev
= NULL
;
7587 boolean_t newzs
= B_FALSE
;
7589 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
7591 minor
= zfsdev_minor_alloc();
7593 return (SET_ERROR(ENXIO
));
7595 for (zs
= &zfsdev_state_listhead
; zs
!= NULL
; zs
= zs
->zs_next
) {
7596 if (zs
->zs_minor
== -1)
7602 zs
= kmem_zalloc(sizeof (zfsdev_state_t
), KM_SLEEP
);
7606 zfsdev_private_set_state(priv
, zs
);
7608 zfs_onexit_init((zfs_onexit_t
**)&zs
->zs_onexit
);
7609 zfs_zevent_init((zfs_zevent_t
**)&zs
->zs_zevent
);
7612 * In order to provide for lock-free concurrent read access
7613 * to the minor list in zfsdev_get_state(), new entries
7614 * must be completely written before linking them into the
7615 * list whereas existing entries are already linked; the last
7616 * operation must be updating zs_minor (from -1 to the new
7620 zs
->zs_minor
= minor
;
7622 zsprev
->zs_next
= zs
;
7625 zs
->zs_minor
= minor
;
7632 zfsdev_state_destroy(void *priv
)
7634 zfsdev_state_t
*zs
= zfsdev_private_get_state(priv
);
7637 ASSERT3S(zs
->zs_minor
, >, 0);
7640 * The last reference to this zfsdev file descriptor is being dropped.
7641 * We don't have to worry about lookup grabbing this state object, and
7642 * zfsdev_state_init() will not try to reuse this object until it is
7643 * invalidated by setting zs_minor to -1. Invalidation must be done
7644 * last, with a memory barrier to ensure ordering. This lets us avoid
7645 * taking the global zfsdev state lock around destruction.
7647 zfs_onexit_destroy(zs
->zs_onexit
);
7648 zfs_zevent_destroy(zs
->zs_zevent
);
7649 zs
->zs_onexit
= NULL
;
7650 zs
->zs_zevent
= NULL
;
7656 zfsdev_ioctl_common(uint_t vecnum
, zfs_cmd_t
*zc
, int flag
)
7659 const zfs_ioc_vec_t
*vec
;
7660 char *saved_poolname
= NULL
;
7661 uint64_t max_nvlist_src_size
;
7662 size_t saved_poolname_len
= 0;
7663 nvlist_t
*innvl
= NULL
;
7664 fstrans_cookie_t cookie
;
7665 hrtime_t start_time
= gethrtime();
7669 if (vecnum
>= sizeof (zfs_ioc_vec
) / sizeof (zfs_ioc_vec
[0]))
7670 return (SET_ERROR(ZFS_ERR_IOC_CMD_UNAVAIL
));
7672 vec
= &zfs_ioc_vec
[vecnum
];
7675 * The registered ioctl list may be sparse, verify that either
7676 * a normal or legacy handler are registered.
7678 if (vec
->zvec_func
== NULL
&& vec
->zvec_legacy_func
== NULL
)
7679 return (SET_ERROR(ZFS_ERR_IOC_CMD_UNAVAIL
));
7681 zc
->zc_iflags
= flag
& FKIOCTL
;
7682 max_nvlist_src_size
= zfs_max_nvlist_src_size_os();
7683 if (zc
->zc_nvlist_src_size
> max_nvlist_src_size
) {
7685 * Make sure the user doesn't pass in an insane value for
7686 * zc_nvlist_src_size. We have to check, since we will end
7687 * up allocating that much memory inside of get_nvlist(). This
7688 * prevents a nefarious user from allocating tons of kernel
7691 * Also, we return EINVAL instead of ENOMEM here. The reason
7692 * being that returning ENOMEM from an ioctl() has a special
7693 * connotation; that the user's size value is too small and
7694 * needs to be expanded to hold the nvlist. See
7695 * zcmd_expand_dst_nvlist() for details.
7697 error
= SET_ERROR(EINVAL
); /* User's size too big */
7699 } else if (zc
->zc_nvlist_src_size
!= 0) {
7700 error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
7701 zc
->zc_iflags
, &innvl
);
7707 * Ensure that all pool/dataset names are valid before we pass down to
7710 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
7711 switch (vec
->zvec_namecheck
) {
7713 if (pool_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
7714 error
= SET_ERROR(EINVAL
);
7716 error
= pool_status_check(zc
->zc_name
,
7717 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
7721 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
7722 error
= SET_ERROR(EINVAL
);
7724 error
= pool_status_check(zc
->zc_name
,
7725 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
7729 if (entity_namecheck(zc
->zc_name
, NULL
, NULL
) != 0) {
7730 error
= SET_ERROR(EINVAL
);
7732 error
= pool_status_check(zc
->zc_name
,
7733 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
7741 * Ensure that all input pairs are valid before we pass them down
7742 * to the lower layers.
7744 * The vectored functions can use fnvlist_lookup_{type} for any
7745 * required pairs since zfs_check_input_nvpairs() confirmed that
7746 * they exist and are of the correct type.
7748 if (error
== 0 && vec
->zvec_func
!= NULL
) {
7749 error
= zfs_check_input_nvpairs(innvl
, vec
);
7755 cookie
= spl_fstrans_mark();
7756 error
= vec
->zvec_secpolicy(zc
, innvl
, CRED());
7757 spl_fstrans_unmark(cookie
);
7763 /* legacy ioctls can modify zc_name */
7765 * Can't use kmem_strdup() as we might truncate the string and
7766 * kmem_strfree() would then free with incorrect size.
7768 saved_poolname_len
= strlen(zc
->zc_name
) + 1;
7769 saved_poolname
= kmem_alloc(saved_poolname_len
, KM_SLEEP
);
7771 strlcpy(saved_poolname
, zc
->zc_name
, saved_poolname_len
);
7772 saved_poolname
[strcspn(saved_poolname
, "/@#")] = '\0';
7774 if (vec
->zvec_func
!= NULL
) {
7778 nvlist_t
*lognv
= NULL
;
7780 ASSERT(vec
->zvec_legacy_func
== NULL
);
7783 * Add the innvl to the lognv before calling the func,
7784 * in case the func changes the innvl.
7786 if (vec
->zvec_allow_log
) {
7787 lognv
= fnvlist_alloc();
7788 fnvlist_add_string(lognv
, ZPOOL_HIST_IOCTL
,
7790 if (!nvlist_empty(innvl
)) {
7791 fnvlist_add_nvlist(lognv
, ZPOOL_HIST_INPUT_NVL
,
7796 outnvl
= fnvlist_alloc();
7797 cookie
= spl_fstrans_mark();
7798 error
= vec
->zvec_func(zc
->zc_name
, innvl
, outnvl
);
7799 spl_fstrans_unmark(cookie
);
7802 * Some commands can partially execute, modify state, and still
7803 * return an error. In these cases, attempt to record what
7807 (cmd
== ZFS_IOC_CHANNEL_PROGRAM
&& error
!= EINVAL
)) &&
7808 vec
->zvec_allow_log
&&
7809 spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
7810 if (!nvlist_empty(outnvl
)) {
7811 size_t out_size
= fnvlist_size(outnvl
);
7812 if (out_size
> zfs_history_output_max
) {
7813 fnvlist_add_int64(lognv
,
7814 ZPOOL_HIST_OUTPUT_SIZE
, out_size
);
7816 fnvlist_add_nvlist(lognv
,
7817 ZPOOL_HIST_OUTPUT_NVL
, outnvl
);
7821 fnvlist_add_int64(lognv
, ZPOOL_HIST_ERRNO
,
7824 fnvlist_add_int64(lognv
, ZPOOL_HIST_ELAPSED_NS
,
7825 gethrtime() - start_time
);
7826 (void) spa_history_log_nvl(spa
, lognv
);
7827 spa_close(spa
, FTAG
);
7829 fnvlist_free(lognv
);
7831 if (!nvlist_empty(outnvl
) || zc
->zc_nvlist_dst_size
!= 0) {
7833 if (vec
->zvec_smush_outnvlist
) {
7834 smusherror
= nvlist_smush(outnvl
,
7835 zc
->zc_nvlist_dst_size
);
7837 if (smusherror
== 0)
7838 puterror
= put_nvlist(zc
, outnvl
);
7844 nvlist_free(outnvl
);
7846 cookie
= spl_fstrans_mark();
7847 error
= vec
->zvec_legacy_func(zc
);
7848 spl_fstrans_unmark(cookie
);
7853 if (error
== 0 && vec
->zvec_allow_log
) {
7854 char *s
= tsd_get(zfs_allow_log_key
);
7857 (void) tsd_set(zfs_allow_log_key
, kmem_strdup(saved_poolname
));
7859 if (saved_poolname
!= NULL
)
7860 kmem_free(saved_poolname
, saved_poolname_len
);
7870 if ((error
= zvol_init()) != 0)
7873 spa_init(SPA_MODE_READ
| SPA_MODE_WRITE
);
7878 mutex_init(&zfsdev_state_lock
, NULL
, MUTEX_DEFAULT
, NULL
);
7879 zfsdev_state_listhead
.zs_minor
= -1;
7881 if ((error
= zfsdev_attach()) != 0)
7884 tsd_create(&zfs_fsyncer_key
, NULL
);
7885 tsd_create(&rrw_tsd_key
, rrw_tsd_destroy
);
7886 tsd_create(&zfs_allow_log_key
, zfs_allow_log_destroy
);
7900 zfsdev_state_t
*zs
, *zsnext
= NULL
;
7904 mutex_destroy(&zfsdev_state_lock
);
7906 for (zs
= &zfsdev_state_listhead
; zs
!= NULL
; zs
= zsnext
) {
7907 zsnext
= zs
->zs_next
;
7909 zfs_onexit_destroy(zs
->zs_onexit
);
7911 zfs_zevent_destroy(zs
->zs_zevent
);
7912 if (zs
!= &zfsdev_state_listhead
)
7913 kmem_free(zs
, sizeof (zfsdev_state_t
));
7916 zfs_ereport_taskq_fini(); /* run before zfs_fini() on Linux */
7921 tsd_destroy(&zfs_fsyncer_key
);
7922 tsd_destroy(&rrw_tsd_key
);
7923 tsd_destroy(&zfs_allow_log_key
);
7926 ZFS_MODULE_PARAM(zfs
, zfs_
, max_nvlist_src_size
, U64
, ZMOD_RW
,
7927 "Maximum size in bytes allowed for src nvlist passed with ZFS ioctls");
7929 ZFS_MODULE_PARAM(zfs
, zfs_
, history_output_max
, U64
, ZMOD_RW
,
7930 "Maximum size in bytes of ZFS ioctl output that will be logged");