4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Portions Copyright 2011 Martin Matuska
24 * Portions Copyright 2012 Pawel Jakub Dawidek <pawel@dawidek.net>
25 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
28 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
29 * Copyright (c) 2011 by Delphix. All rights reserved.
32 #include <sys/types.h>
33 #include <sys/param.h>
34 #include <sys/errno.h>
37 #include <sys/modctl.h>
42 #include <sys/cmn_err.h>
44 #include <sys/zfs_ioctl.h>
45 #include <sys/zfs_vfsops.h>
46 #include <sys/zfs_znode.h>
49 #include <sys/spa_impl.h>
51 #include <sys/priv_impl.h>
53 #include <sys/dsl_dir.h>
54 #include <sys/dsl_dataset.h>
55 #include <sys/dsl_prop.h>
56 #include <sys/dsl_deleg.h>
57 #include <sys/dmu_objset.h>
59 #include <sys/sunddi.h>
60 #include <sys/sunldi.h>
61 #include <sys/policy.h>
63 #include <sys/nvpair.h>
64 #include <sys/pathname.h>
65 #include <sys/mount.h>
67 #include <sys/fs/zfs.h>
68 #include <sys/zfs_ctldir.h>
69 #include <sys/zfs_dir.h>
70 #include <sys/zfs_onexit.h>
72 #include <sys/dsl_scan.h>
73 #include <sharefs/share.h>
74 #include <sys/dmu_objset.h>
75 #include <sys/fm/util.h>
77 #include <linux/miscdevice.h>
79 #include "zfs_namecheck.h"
81 #include "zfs_deleg.h"
82 #include "zfs_comutil.h"
84 kmutex_t zfsdev_state_lock
;
85 list_t zfsdev_state_list
;
87 extern void zfs_init(void);
88 extern void zfs_fini(void);
90 typedef int zfs_ioc_func_t(zfs_cmd_t
*);
91 typedef int zfs_secpolicy_func_t(zfs_cmd_t
*, cred_t
*);
97 } zfs_ioc_namecheck_t
;
100 POOL_CHECK_NONE
= 1 << 0,
101 POOL_CHECK_SUSPENDED
= 1 << 1,
102 POOL_CHECK_READONLY
= 1 << 2
103 } zfs_ioc_poolcheck_t
;
105 typedef struct zfs_ioc_vec
{
106 zfs_ioc_func_t
*zvec_func
;
107 zfs_secpolicy_func_t
*zvec_secpolicy
;
108 zfs_ioc_namecheck_t zvec_namecheck
;
109 boolean_t zvec_his_log
;
110 zfs_ioc_poolcheck_t zvec_pool_check
;
113 /* This array is indexed by zfs_userquota_prop_t */
114 static const char *userquota_perms
[] = {
115 ZFS_DELEG_PERM_USERUSED
,
116 ZFS_DELEG_PERM_USERQUOTA
,
117 ZFS_DELEG_PERM_GROUPUSED
,
118 ZFS_DELEG_PERM_GROUPQUOTA
,
121 static int zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
);
122 static int zfs_check_settable(const char *name
, nvpair_t
*property
,
124 static int zfs_check_clearable(char *dataset
, nvlist_t
*props
,
126 static int zfs_fill_zplprops_root(uint64_t, nvlist_t
*, nvlist_t
*,
128 int zfs_set_prop_nvlist(const char *, zprop_source_t
, nvlist_t
*, nvlist_t
**);
131 history_str_free(char *buf
)
133 kmem_free(buf
, HIS_MAX_RECORD_LEN
);
137 history_str_get(zfs_cmd_t
*zc
)
141 if (zc
->zc_history
== 0)
144 buf
= kmem_alloc(HIS_MAX_RECORD_LEN
, KM_SLEEP
| KM_NODEBUG
);
145 if (copyinstr((void *)(uintptr_t)zc
->zc_history
,
146 buf
, HIS_MAX_RECORD_LEN
, NULL
) != 0) {
147 history_str_free(buf
);
151 buf
[HIS_MAX_RECORD_LEN
-1] = '\0';
157 * Check to see if the named dataset is currently defined as bootable
160 zfs_is_bootfs(const char *name
)
164 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
166 ret
= (dmu_objset_id(os
) == spa_bootfs(dmu_objset_spa(os
)));
167 dmu_objset_rele(os
, FTAG
);
174 * zfs_earlier_version
176 * Return non-zero if the spa version is less than requested version.
179 zfs_earlier_version(const char *name
, int version
)
183 if (spa_open(name
, &spa
, FTAG
) == 0) {
184 if (spa_version(spa
) < version
) {
185 spa_close(spa
, FTAG
);
188 spa_close(spa
, FTAG
);
194 * zpl_earlier_version
196 * Return TRUE if the ZPL version is less than requested version.
199 zpl_earlier_version(const char *name
, int version
)
202 boolean_t rc
= B_TRUE
;
204 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
207 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
208 dmu_objset_rele(os
, FTAG
);
211 /* XXX reading from non-owned objset */
212 if (zfs_get_zplprop(os
, ZFS_PROP_VERSION
, &zplversion
) == 0)
213 rc
= zplversion
< version
;
214 dmu_objset_rele(os
, FTAG
);
220 zfs_log_history(zfs_cmd_t
*zc
)
225 if ((buf
= history_str_get(zc
)) == NULL
)
228 if (spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
229 if (spa_version(spa
) >= SPA_VERSION_ZPOOL_HISTORY
)
230 (void) spa_history_log(spa
, buf
, LOG_CMD_NORMAL
);
231 spa_close(spa
, FTAG
);
233 history_str_free(buf
);
237 * Policy for top-level read operations (list pools). Requires no privileges,
238 * and can be used in the local zone, as there is no associated dataset.
242 zfs_secpolicy_none(zfs_cmd_t
*zc
, cred_t
*cr
)
248 * Policy for dataset read operations (list children, get statistics). Requires
249 * no privileges, but must be visible in the local zone.
253 zfs_secpolicy_read(zfs_cmd_t
*zc
, cred_t
*cr
)
255 if (INGLOBALZONE(curproc
) ||
256 zone_dataset_visible(zc
->zc_name
, NULL
))
263 zfs_dozonecheck_impl(const char *dataset
, uint64_t zoned
, cred_t
*cr
)
268 * The dataset must be visible by this zone -- check this first
269 * so they don't see EPERM on something they shouldn't know about.
271 if (!INGLOBALZONE(curproc
) &&
272 !zone_dataset_visible(dataset
, &writable
))
275 if (INGLOBALZONE(curproc
)) {
277 * If the fs is zoned, only root can access it from the
280 if (secpolicy_zfs(cr
) && zoned
)
284 * If we are in a local zone, the 'zoned' property must be set.
289 /* must be writable by this zone */
297 zfs_dozonecheck(const char *dataset
, cred_t
*cr
)
301 if (dsl_prop_get_integer(dataset
, "zoned", &zoned
, NULL
))
304 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
308 zfs_dozonecheck_ds(const char *dataset
, dsl_dataset_t
*ds
, cred_t
*cr
)
312 rw_enter(&ds
->ds_dir
->dd_pool
->dp_config_rwlock
, RW_READER
);
313 if (dsl_prop_get_ds(ds
, "zoned", 8, 1, &zoned
, NULL
)) {
314 rw_exit(&ds
->ds_dir
->dd_pool
->dp_config_rwlock
);
317 rw_exit(&ds
->ds_dir
->dd_pool
->dp_config_rwlock
);
319 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
323 zfs_secpolicy_write_perms(const char *name
, const char *perm
, cred_t
*cr
)
327 error
= zfs_dozonecheck(name
, cr
);
329 error
= secpolicy_zfs(cr
);
331 error
= dsl_deleg_access(name
, perm
, cr
);
337 zfs_secpolicy_write_perms_ds(const char *name
, dsl_dataset_t
*ds
,
338 const char *perm
, cred_t
*cr
)
342 error
= zfs_dozonecheck_ds(name
, ds
, cr
);
344 error
= secpolicy_zfs(cr
);
346 error
= dsl_deleg_access_impl(ds
, perm
, cr
);
352 * Policy for setting the security label property.
354 * Returns 0 for success, non-zero for access and other errors.
357 zfs_set_slabel_policy(const char *name
, char *strval
, cred_t
*cr
)
360 char ds_hexsl
[MAXNAMELEN
];
361 bslabel_t ds_sl
, new_sl
;
362 boolean_t new_default
= FALSE
;
364 int needed_priv
= -1;
367 /* First get the existing dataset label. */
368 error
= dsl_prop_get(name
, zfs_prop_to_name(ZFS_PROP_MLSLABEL
),
369 1, sizeof (ds_hexsl
), &ds_hexsl
, NULL
);
373 if (strcasecmp(strval
, ZFS_MLSLABEL_DEFAULT
) == 0)
376 /* The label must be translatable */
377 if (!new_default
&& (hexstr_to_label(strval
, &new_sl
) != 0))
381 * In a non-global zone, disallow attempts to set a label that
382 * doesn't match that of the zone; otherwise no other checks
385 if (!INGLOBALZONE(curproc
)) {
386 if (new_default
|| !blequal(&new_sl
, CR_SL(CRED())))
392 * For global-zone datasets (i.e., those whose zoned property is
393 * "off", verify that the specified new label is valid for the
396 if (dsl_prop_get_integer(name
,
397 zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
, NULL
))
400 if (zfs_check_global_label(name
, strval
) != 0)
405 * If the existing dataset label is nondefault, check if the
406 * dataset is mounted (label cannot be changed while mounted).
407 * Get the zfs_sb_t; if there isn't one, then the dataset isn't
408 * mounted (or isn't a dataset, doesn't exist, ...).
410 if (strcasecmp(ds_hexsl
, ZFS_MLSLABEL_DEFAULT
) != 0) {
412 static char *setsl_tag
= "setsl_tag";
415 * Try to own the dataset; abort if there is any error,
416 * (e.g., already mounted, in use, or other error).
418 error
= dmu_objset_own(name
, DMU_OST_ZFS
, B_TRUE
,
423 dmu_objset_disown(os
, setsl_tag
);
426 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
430 if (hexstr_to_label(strval
, &new_sl
) != 0)
433 if (blstrictdom(&ds_sl
, &new_sl
))
434 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
435 else if (blstrictdom(&new_sl
, &ds_sl
))
436 needed_priv
= PRIV_FILE_UPGRADE_SL
;
438 /* dataset currently has a default label */
440 needed_priv
= PRIV_FILE_UPGRADE_SL
;
444 if (needed_priv
!= -1)
445 return (PRIV_POLICY(cr
, needed_priv
, B_FALSE
, EPERM
, NULL
));
449 #endif /* HAVE_MLSLABEL */
453 zfs_secpolicy_setprop(const char *dsname
, zfs_prop_t prop
, nvpair_t
*propval
,
459 * Check permissions for special properties.
466 * Disallow setting of 'zoned' from within a local zone.
468 if (!INGLOBALZONE(curproc
))
473 if (!INGLOBALZONE(curproc
)) {
475 char setpoint
[MAXNAMELEN
];
477 * Unprivileged users are allowed to modify the
478 * quota on things *under* (ie. contained by)
479 * the thing they own.
481 if (dsl_prop_get_integer(dsname
, "zoned", &zoned
,
484 if (!zoned
|| strlen(dsname
) <= strlen(setpoint
))
489 case ZFS_PROP_MLSLABEL
:
490 if (!is_system_labeled())
493 if (nvpair_value_string(propval
, &strval
) == 0) {
496 err
= zfs_set_slabel_policy(dsname
, strval
, CRED());
503 return (zfs_secpolicy_write_perms(dsname
, zfs_prop_to_name(prop
), cr
));
507 zfs_secpolicy_fsacl(zfs_cmd_t
*zc
, cred_t
*cr
)
511 error
= zfs_dozonecheck(zc
->zc_name
, cr
);
516 * permission to set permissions will be evaluated later in
517 * dsl_deleg_can_allow()
523 zfs_secpolicy_rollback(zfs_cmd_t
*zc
, cred_t
*cr
)
525 return (zfs_secpolicy_write_perms(zc
->zc_name
,
526 ZFS_DELEG_PERM_ROLLBACK
, cr
));
530 zfs_secpolicy_send(zfs_cmd_t
*zc
, cred_t
*cr
)
539 * Generate the current snapshot name from the given objsetid, then
540 * use that name for the secpolicy/zone checks.
542 cp
= strchr(zc
->zc_name
, '@');
545 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
549 dp
= spa_get_dsl(spa
);
550 rw_enter(&dp
->dp_config_rwlock
, RW_READER
);
551 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &ds
);
552 rw_exit(&dp
->dp_config_rwlock
);
553 spa_close(spa
, FTAG
);
557 dsl_dataset_name(ds
, zc
->zc_name
);
559 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, ds
,
560 ZFS_DELEG_PERM_SEND
, cr
);
561 dsl_dataset_rele(ds
, FTAG
);
566 #ifdef HAVE_SMB_SHARE
568 zfs_secpolicy_deleg_share(zfs_cmd_t
*zc
, cred_t
*cr
)
573 if ((error
= lookupname(zc
->zc_value
, UIO_SYSSPACE
,
574 NO_FOLLOW
, NULL
, &vp
)) != 0)
577 /* Now make sure mntpnt and dataset are ZFS */
579 if (vp
->v_vfsp
->vfs_fstype
!= zfsfstype
||
580 (strcmp((char *)refstr_value(vp
->v_vfsp
->vfs_resource
),
581 zc
->zc_name
) != 0)) {
587 return (dsl_deleg_access(zc
->zc_name
,
588 ZFS_DELEG_PERM_SHARE
, cr
));
590 #endif /* HAVE_SMB_SHARE */
593 zfs_secpolicy_share(zfs_cmd_t
*zc
, cred_t
*cr
)
595 #ifdef HAVE_SMB_SHARE
596 if (!INGLOBALZONE(curproc
))
599 if (secpolicy_nfs(cr
) == 0) {
602 return (zfs_secpolicy_deleg_share(zc
, cr
));
606 #endif /* HAVE_SMB_SHARE */
610 zfs_secpolicy_smb_acl(zfs_cmd_t
*zc
, cred_t
*cr
)
612 #ifdef HAVE_SMB_SHARE
613 if (!INGLOBALZONE(curproc
))
616 if (secpolicy_smb(cr
) == 0) {
619 return (zfs_secpolicy_deleg_share(zc
, cr
));
623 #endif /* HAVE_SMB_SHARE */
627 zfs_get_parent(const char *datasetname
, char *parent
, int parentsize
)
632 * Remove the @bla or /bla from the end of the name to get the parent.
634 (void) strncpy(parent
, datasetname
, parentsize
);
635 cp
= strrchr(parent
, '@');
639 cp
= strrchr(parent
, '/');
649 zfs_secpolicy_destroy_perms(const char *name
, cred_t
*cr
)
653 if ((error
= zfs_secpolicy_write_perms(name
,
654 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
657 return (zfs_secpolicy_write_perms(name
, ZFS_DELEG_PERM_DESTROY
, cr
));
661 zfs_secpolicy_destroy(zfs_cmd_t
*zc
, cred_t
*cr
)
663 return (zfs_secpolicy_destroy_perms(zc
->zc_name
, cr
));
667 * Destroying snapshots with delegated permissions requires
668 * descendent mount and destroy permissions.
669 * Reassemble the full filesystem@snap name so dsl_deleg_access()
670 * can do the correct permission check.
672 * Since this routine is used when doing a recursive destroy of snapshots
673 * and destroying snapshots requires descendent permissions, a successfull
674 * check of the top level snapshot applies to snapshots of all descendent
677 * The target snapshot may not exist when doing a recursive destroy.
678 * In this case fallback to permissions of the parent dataset.
681 zfs_secpolicy_destroy_snaps(zfs_cmd_t
*zc
, cred_t
*cr
)
686 dsname
= kmem_asprintf("%s@%s", zc
->zc_name
, zc
->zc_value
);
688 error
= zfs_secpolicy_destroy_perms(dsname
, cr
);
690 error
= zfs_secpolicy_destroy_perms(zc
->zc_name
, cr
);
697 zfs_secpolicy_rename_perms(const char *from
, const char *to
, cred_t
*cr
)
699 char parentname
[MAXNAMELEN
];
702 if ((error
= zfs_secpolicy_write_perms(from
,
703 ZFS_DELEG_PERM_RENAME
, cr
)) != 0)
706 if ((error
= zfs_secpolicy_write_perms(from
,
707 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
710 if ((error
= zfs_get_parent(to
, parentname
,
711 sizeof (parentname
))) != 0)
714 if ((error
= zfs_secpolicy_write_perms(parentname
,
715 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
718 if ((error
= zfs_secpolicy_write_perms(parentname
,
719 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
726 zfs_secpolicy_rename(zfs_cmd_t
*zc
, cred_t
*cr
)
728 return (zfs_secpolicy_rename_perms(zc
->zc_name
, zc
->zc_value
, cr
));
732 zfs_secpolicy_promote(zfs_cmd_t
*zc
, cred_t
*cr
)
734 char parentname
[MAXNAMELEN
];
738 error
= zfs_secpolicy_write_perms(zc
->zc_name
,
739 ZFS_DELEG_PERM_PROMOTE
, cr
);
743 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &clone
);
746 dsl_dataset_t
*pclone
= NULL
;
748 dd
= clone
->os_dsl_dataset
->ds_dir
;
750 rw_enter(&dd
->dd_pool
->dp_config_rwlock
, RW_READER
);
751 error
= dsl_dataset_hold_obj(dd
->dd_pool
,
752 dd
->dd_phys
->dd_origin_obj
, FTAG
, &pclone
);
753 rw_exit(&dd
->dd_pool
->dp_config_rwlock
);
755 dmu_objset_rele(clone
, FTAG
);
759 error
= zfs_secpolicy_write_perms(zc
->zc_name
,
760 ZFS_DELEG_PERM_MOUNT
, cr
);
762 dsl_dataset_name(pclone
, parentname
);
763 dmu_objset_rele(clone
, FTAG
);
764 dsl_dataset_rele(pclone
, FTAG
);
766 error
= zfs_secpolicy_write_perms(parentname
,
767 ZFS_DELEG_PERM_PROMOTE
, cr
);
773 zfs_secpolicy_receive(zfs_cmd_t
*zc
, cred_t
*cr
)
777 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
778 ZFS_DELEG_PERM_RECEIVE
, cr
)) != 0)
781 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
782 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
785 return (zfs_secpolicy_write_perms(zc
->zc_name
,
786 ZFS_DELEG_PERM_CREATE
, cr
));
790 zfs_secpolicy_snapshot_perms(const char *name
, cred_t
*cr
)
792 return (zfs_secpolicy_write_perms(name
,
793 ZFS_DELEG_PERM_SNAPSHOT
, cr
));
797 zfs_secpolicy_snapshot(zfs_cmd_t
*zc
, cred_t
*cr
)
800 return (zfs_secpolicy_snapshot_perms(zc
->zc_name
, cr
));
804 zfs_secpolicy_create(zfs_cmd_t
*zc
, cred_t
*cr
)
806 char parentname
[MAXNAMELEN
];
809 if ((error
= zfs_get_parent(zc
->zc_name
, parentname
,
810 sizeof (parentname
))) != 0)
813 if (zc
->zc_value
[0] != '\0') {
814 if ((error
= zfs_secpolicy_write_perms(zc
->zc_value
,
815 ZFS_DELEG_PERM_CLONE
, cr
)) != 0)
819 if ((error
= zfs_secpolicy_write_perms(parentname
,
820 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
823 error
= zfs_secpolicy_write_perms(parentname
,
824 ZFS_DELEG_PERM_MOUNT
, cr
);
830 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
831 * SYS_CONFIG privilege, which is not available in a local zone.
835 zfs_secpolicy_config(zfs_cmd_t
*zc
, cred_t
*cr
)
837 if (secpolicy_sys_config(cr
, B_FALSE
) != 0)
844 * Policy for object to name lookups.
848 zfs_secpolicy_diff(zfs_cmd_t
*zc
, cred_t
*cr
)
852 if ((error
= secpolicy_sys_config(cr
, B_FALSE
)) == 0)
855 error
= zfs_secpolicy_write_perms(zc
->zc_name
, ZFS_DELEG_PERM_DIFF
, cr
);
860 * Policy for fault injection. Requires all privileges.
864 zfs_secpolicy_inject(zfs_cmd_t
*zc
, cred_t
*cr
)
866 return (secpolicy_zinject(cr
));
870 zfs_secpolicy_inherit(zfs_cmd_t
*zc
, cred_t
*cr
)
872 zfs_prop_t prop
= zfs_name_to_prop(zc
->zc_value
);
874 if (prop
== ZPROP_INVAL
) {
875 if (!zfs_prop_user(zc
->zc_value
))
877 return (zfs_secpolicy_write_perms(zc
->zc_name
,
878 ZFS_DELEG_PERM_USERPROP
, cr
));
880 return (zfs_secpolicy_setprop(zc
->zc_name
, prop
,
886 zfs_secpolicy_userspace_one(zfs_cmd_t
*zc
, cred_t
*cr
)
888 int err
= zfs_secpolicy_read(zc
, cr
);
892 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
895 if (zc
->zc_value
[0] == 0) {
897 * They are asking about a posix uid/gid. If it's
898 * themself, allow it.
900 if (zc
->zc_objset_type
== ZFS_PROP_USERUSED
||
901 zc
->zc_objset_type
== ZFS_PROP_USERQUOTA
) {
902 if (zc
->zc_guid
== crgetuid(cr
))
905 if (groupmember(zc
->zc_guid
, cr
))
910 return (zfs_secpolicy_write_perms(zc
->zc_name
,
911 userquota_perms
[zc
->zc_objset_type
], cr
));
915 zfs_secpolicy_userspace_many(zfs_cmd_t
*zc
, cred_t
*cr
)
917 int err
= zfs_secpolicy_read(zc
, cr
);
921 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
924 return (zfs_secpolicy_write_perms(zc
->zc_name
,
925 userquota_perms
[zc
->zc_objset_type
], cr
));
929 zfs_secpolicy_userspace_upgrade(zfs_cmd_t
*zc
, cred_t
*cr
)
931 return (zfs_secpolicy_setprop(zc
->zc_name
, ZFS_PROP_VERSION
,
936 zfs_secpolicy_hold(zfs_cmd_t
*zc
, cred_t
*cr
)
938 return (zfs_secpolicy_write_perms(zc
->zc_name
,
939 ZFS_DELEG_PERM_HOLD
, cr
));
943 zfs_secpolicy_release(zfs_cmd_t
*zc
, cred_t
*cr
)
945 return (zfs_secpolicy_write_perms(zc
->zc_name
,
946 ZFS_DELEG_PERM_RELEASE
, cr
));
950 * Policy for allowing temporary snapshots to be taken or released
953 zfs_secpolicy_tmp_snapshot(zfs_cmd_t
*zc
, cred_t
*cr
)
956 * A temporary snapshot is the same as a snapshot,
957 * hold, destroy and release all rolled into one.
958 * Delegated diff alone is sufficient that we allow this.
962 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
963 ZFS_DELEG_PERM_DIFF
, cr
)) == 0)
966 error
= zfs_secpolicy_snapshot(zc
, cr
);
968 error
= zfs_secpolicy_hold(zc
, cr
);
970 error
= zfs_secpolicy_release(zc
, cr
);
972 error
= zfs_secpolicy_destroy(zc
, cr
);
977 * Returns the nvlist as specified by the user in the zfs_cmd_t.
980 get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
)
984 nvlist_t
*list
= NULL
;
987 * Read in and unpack the user-supplied nvlist.
992 packed
= kmem_alloc(size
, KM_SLEEP
| KM_NODEBUG
);
994 if ((error
= ddi_copyin((void *)(uintptr_t)nvl
, packed
, size
,
996 kmem_free(packed
, size
);
1000 if ((error
= nvlist_unpack(packed
, size
, &list
, 0)) != 0) {
1001 kmem_free(packed
, size
);
1005 kmem_free(packed
, size
);
1012 fit_error_list(zfs_cmd_t
*zc
, nvlist_t
**errors
)
1016 VERIFY(nvlist_size(*errors
, &size
, NV_ENCODE_NATIVE
) == 0);
1018 if (size
> zc
->zc_nvlist_dst_size
) {
1019 nvpair_t
*more_errors
;
1022 if (zc
->zc_nvlist_dst_size
< 1024)
1025 VERIFY(nvlist_add_int32(*errors
, ZPROP_N_MORE_ERRORS
, 0) == 0);
1026 more_errors
= nvlist_prev_nvpair(*errors
, NULL
);
1029 nvpair_t
*pair
= nvlist_prev_nvpair(*errors
,
1031 VERIFY(nvlist_remove_nvpair(*errors
, pair
) == 0);
1033 VERIFY(nvlist_size(*errors
, &size
,
1034 NV_ENCODE_NATIVE
) == 0);
1035 } while (size
> zc
->zc_nvlist_dst_size
);
1037 VERIFY(nvlist_remove_nvpair(*errors
, more_errors
) == 0);
1038 VERIFY(nvlist_add_int32(*errors
, ZPROP_N_MORE_ERRORS
, n
) == 0);
1039 ASSERT(nvlist_size(*errors
, &size
, NV_ENCODE_NATIVE
) == 0);
1040 ASSERT(size
<= zc
->zc_nvlist_dst_size
);
1047 put_nvlist(zfs_cmd_t
*zc
, nvlist_t
*nvl
)
1049 char *packed
= NULL
;
1053 VERIFY(nvlist_size(nvl
, &size
, NV_ENCODE_NATIVE
) == 0);
1055 if (size
> zc
->zc_nvlist_dst_size
) {
1058 packed
= kmem_alloc(size
, KM_SLEEP
| KM_NODEBUG
);
1059 VERIFY(nvlist_pack(nvl
, &packed
, &size
, NV_ENCODE_NATIVE
,
1061 if (ddi_copyout(packed
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
1062 size
, zc
->zc_iflags
) != 0)
1064 kmem_free(packed
, size
);
1067 zc
->zc_nvlist_dst_size
= size
;
1072 get_zfs_sb(const char *dsname
, zfs_sb_t
**zsbp
)
1077 error
= dmu_objset_hold(dsname
, FTAG
, &os
);
1080 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1081 dmu_objset_rele(os
, FTAG
);
1085 mutex_enter(&os
->os_user_ptr_lock
);
1086 *zsbp
= dmu_objset_get_user(os
);
1087 if (*zsbp
&& (*zsbp
)->z_sb
) {
1088 atomic_inc(&((*zsbp
)->z_sb
->s_active
));
1092 mutex_exit(&os
->os_user_ptr_lock
);
1093 dmu_objset_rele(os
, FTAG
);
1098 * Find a zfs_sb_t for a mounted filesystem, or create our own, in which
1099 * case its z_sb will be NULL, and it will be opened as the owner.
1102 zfs_sb_hold(const char *name
, void *tag
, zfs_sb_t
**zsbp
, boolean_t writer
)
1106 if (get_zfs_sb(name
, zsbp
) != 0)
1107 error
= zfs_sb_create(name
, zsbp
);
1109 rrw_enter(&(*zsbp
)->z_teardown_lock
, (writer
) ? RW_WRITER
:
1111 if ((*zsbp
)->z_unmounted
) {
1113 * XXX we could probably try again, since the unmounting
1114 * thread should be just about to disassociate the
1115 * objset from the zfsvfs.
1117 rrw_exit(&(*zsbp
)->z_teardown_lock
, tag
);
1125 zfs_sb_rele(zfs_sb_t
*zsb
, void *tag
)
1127 rrw_exit(&zsb
->z_teardown_lock
, tag
);
1130 deactivate_super(zsb
->z_sb
);
1132 dmu_objset_disown(zsb
->z_os
, zsb
);
1138 zfs_ioc_pool_create(zfs_cmd_t
*zc
)
1141 nvlist_t
*config
, *props
= NULL
;
1142 nvlist_t
*rootprops
= NULL
;
1143 nvlist_t
*zplprops
= NULL
;
1146 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1147 zc
->zc_iflags
, &config
)))
1150 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1151 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1152 zc
->zc_iflags
, &props
))) {
1153 nvlist_free(config
);
1158 nvlist_t
*nvl
= NULL
;
1159 uint64_t version
= SPA_VERSION
;
1161 (void) nvlist_lookup_uint64(props
,
1162 zpool_prop_to_name(ZPOOL_PROP_VERSION
), &version
);
1163 if (version
< SPA_VERSION_INITIAL
|| version
> SPA_VERSION
) {
1165 goto pool_props_bad
;
1167 (void) nvlist_lookup_nvlist(props
, ZPOOL_ROOTFS_PROPS
, &nvl
);
1169 error
= nvlist_dup(nvl
, &rootprops
, KM_SLEEP
);
1171 nvlist_free(config
);
1175 (void) nvlist_remove_all(props
, ZPOOL_ROOTFS_PROPS
);
1177 VERIFY(nvlist_alloc(&zplprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
1178 error
= zfs_fill_zplprops_root(version
, rootprops
,
1181 goto pool_props_bad
;
1184 buf
= history_str_get(zc
);
1186 error
= spa_create(zc
->zc_name
, config
, props
, buf
, zplprops
);
1189 * Set the remaining root properties
1191 if (!error
&& (error
= zfs_set_prop_nvlist(zc
->zc_name
,
1192 ZPROP_SRC_LOCAL
, rootprops
, NULL
)) != 0)
1193 (void) spa_destroy(zc
->zc_name
);
1196 history_str_free(buf
);
1199 nvlist_free(rootprops
);
1200 nvlist_free(zplprops
);
1201 nvlist_free(config
);
1208 zfs_ioc_pool_destroy(zfs_cmd_t
*zc
)
1211 zfs_log_history(zc
);
1212 error
= spa_destroy(zc
->zc_name
);
1214 zvol_remove_minors(zc
->zc_name
);
1219 zfs_ioc_pool_import(zfs_cmd_t
*zc
)
1221 nvlist_t
*config
, *props
= NULL
;
1225 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1226 zc
->zc_iflags
, &config
)) != 0)
1229 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1230 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1231 zc
->zc_iflags
, &props
))) {
1232 nvlist_free(config
);
1236 if (nvlist_lookup_uint64(config
, ZPOOL_CONFIG_POOL_GUID
, &guid
) != 0 ||
1237 guid
!= zc
->zc_guid
)
1240 error
= spa_import(zc
->zc_name
, config
, props
, zc
->zc_cookie
);
1242 if (zc
->zc_nvlist_dst
!= 0) {
1245 if ((err
= put_nvlist(zc
, config
)) != 0)
1250 zvol_create_minors(zc
->zc_name
);
1252 nvlist_free(config
);
1261 zfs_ioc_pool_export(zfs_cmd_t
*zc
)
1264 boolean_t force
= (boolean_t
)zc
->zc_cookie
;
1265 boolean_t hardforce
= (boolean_t
)zc
->zc_guid
;
1267 zfs_log_history(zc
);
1268 error
= spa_export(zc
->zc_name
, NULL
, force
, hardforce
);
1270 zvol_remove_minors(zc
->zc_name
);
1275 zfs_ioc_pool_configs(zfs_cmd_t
*zc
)
1280 if ((configs
= spa_all_configs(&zc
->zc_cookie
)) == NULL
)
1283 error
= put_nvlist(zc
, configs
);
1285 nvlist_free(configs
);
1291 zfs_ioc_pool_stats(zfs_cmd_t
*zc
)
1297 error
= spa_get_stats(zc
->zc_name
, &config
, zc
->zc_value
,
1298 sizeof (zc
->zc_value
));
1300 if (config
!= NULL
) {
1301 ret
= put_nvlist(zc
, config
);
1302 nvlist_free(config
);
1305 * The config may be present even if 'error' is non-zero.
1306 * In this case we return success, and preserve the real errno
1309 zc
->zc_cookie
= error
;
1318 * Try to import the given pool, returning pool stats as appropriate so that
1319 * user land knows which devices are available and overall pool health.
1322 zfs_ioc_pool_tryimport(zfs_cmd_t
*zc
)
1324 nvlist_t
*tryconfig
, *config
;
1327 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1328 zc
->zc_iflags
, &tryconfig
)) != 0)
1331 config
= spa_tryimport(tryconfig
);
1333 nvlist_free(tryconfig
);
1338 error
= put_nvlist(zc
, config
);
1339 nvlist_free(config
);
1346 * zc_name name of the pool
1347 * zc_cookie scan func (pool_scan_func_t)
1350 zfs_ioc_pool_scan(zfs_cmd_t
*zc
)
1355 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1358 if (zc
->zc_cookie
== POOL_SCAN_NONE
)
1359 error
= spa_scan_stop(spa
);
1361 error
= spa_scan(spa
, zc
->zc_cookie
);
1363 spa_close(spa
, FTAG
);
1369 zfs_ioc_pool_freeze(zfs_cmd_t
*zc
)
1374 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1377 spa_close(spa
, FTAG
);
1383 zfs_ioc_pool_upgrade(zfs_cmd_t
*zc
)
1388 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1391 if (zc
->zc_cookie
< spa_version(spa
) || zc
->zc_cookie
> SPA_VERSION
) {
1392 spa_close(spa
, FTAG
);
1396 spa_upgrade(spa
, zc
->zc_cookie
);
1397 spa_close(spa
, FTAG
);
1403 zfs_ioc_pool_get_history(zfs_cmd_t
*zc
)
1410 if ((size
= zc
->zc_history_len
) == 0)
1413 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1416 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
1417 spa_close(spa
, FTAG
);
1421 hist_buf
= vmem_alloc(size
, KM_SLEEP
);
1422 if ((error
= spa_history_get(spa
, &zc
->zc_history_offset
,
1423 &zc
->zc_history_len
, hist_buf
)) == 0) {
1424 error
= ddi_copyout(hist_buf
,
1425 (void *)(uintptr_t)zc
->zc_history
,
1426 zc
->zc_history_len
, zc
->zc_iflags
);
1429 spa_close(spa
, FTAG
);
1430 vmem_free(hist_buf
, size
);
1435 zfs_ioc_pool_reguid(zfs_cmd_t
*zc
)
1440 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1442 error
= spa_change_guid(spa
);
1443 spa_close(spa
, FTAG
);
1449 zfs_ioc_dsobj_to_dsname(zfs_cmd_t
*zc
)
1453 if ((error
= dsl_dsobj_to_dsname(zc
->zc_name
,zc
->zc_obj
,zc
->zc_value
)))
1461 * zc_name name of filesystem
1462 * zc_obj object to find
1465 * zc_value name of object
1468 zfs_ioc_obj_to_path(zfs_cmd_t
*zc
)
1473 /* XXX reading from objset not owned */
1474 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)) != 0)
1476 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1477 dmu_objset_rele(os
, FTAG
);
1480 error
= zfs_obj_to_path(os
, zc
->zc_obj
, zc
->zc_value
,
1481 sizeof (zc
->zc_value
));
1482 dmu_objset_rele(os
, FTAG
);
1489 * zc_name name of filesystem
1490 * zc_obj object to find
1493 * zc_stat stats on object
1494 * zc_value path to object
1497 zfs_ioc_obj_to_stats(zfs_cmd_t
*zc
)
1502 /* XXX reading from objset not owned */
1503 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)) != 0)
1505 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1506 dmu_objset_rele(os
, FTAG
);
1509 error
= zfs_obj_to_stats(os
, zc
->zc_obj
, &zc
->zc_stat
, zc
->zc_value
,
1510 sizeof (zc
->zc_value
));
1511 dmu_objset_rele(os
, FTAG
);
1517 zfs_ioc_vdev_add(zfs_cmd_t
*zc
)
1521 nvlist_t
*config
, **l2cache
, **spares
;
1522 uint_t nl2cache
= 0, nspares
= 0;
1524 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1528 error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1529 zc
->zc_iflags
, &config
);
1530 (void) nvlist_lookup_nvlist_array(config
, ZPOOL_CONFIG_L2CACHE
,
1531 &l2cache
, &nl2cache
);
1533 (void) nvlist_lookup_nvlist_array(config
, ZPOOL_CONFIG_SPARES
,
1537 * A root pool with concatenated devices is not supported.
1538 * Thus, can not add a device to a root pool.
1540 * Intent log device can not be added to a rootpool because
1541 * during mountroot, zil is replayed, a seperated log device
1542 * can not be accessed during the mountroot time.
1544 * l2cache and spare devices are ok to be added to a rootpool.
1546 if (spa_bootfs(spa
) != 0 && nl2cache
== 0 && nspares
== 0) {
1547 nvlist_free(config
);
1548 spa_close(spa
, FTAG
);
1553 error
= spa_vdev_add(spa
, config
);
1554 nvlist_free(config
);
1556 spa_close(spa
, FTAG
);
1562 * zc_name name of the pool
1563 * zc_nvlist_conf nvlist of devices to remove
1564 * zc_cookie to stop the remove?
1567 zfs_ioc_vdev_remove(zfs_cmd_t
*zc
)
1572 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1575 error
= spa_vdev_remove(spa
, zc
->zc_guid
, B_FALSE
);
1576 spa_close(spa
, FTAG
);
1581 zfs_ioc_vdev_set_state(zfs_cmd_t
*zc
)
1585 vdev_state_t newstate
= VDEV_STATE_UNKNOWN
;
1587 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1589 switch (zc
->zc_cookie
) {
1590 case VDEV_STATE_ONLINE
:
1591 error
= vdev_online(spa
, zc
->zc_guid
, zc
->zc_obj
, &newstate
);
1594 case VDEV_STATE_OFFLINE
:
1595 error
= vdev_offline(spa
, zc
->zc_guid
, zc
->zc_obj
);
1598 case VDEV_STATE_FAULTED
:
1599 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1600 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
)
1601 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1603 error
= vdev_fault(spa
, zc
->zc_guid
, zc
->zc_obj
);
1606 case VDEV_STATE_DEGRADED
:
1607 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1608 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
)
1609 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1611 error
= vdev_degrade(spa
, zc
->zc_guid
, zc
->zc_obj
);
1617 zc
->zc_cookie
= newstate
;
1618 spa_close(spa
, FTAG
);
1623 zfs_ioc_vdev_attach(zfs_cmd_t
*zc
)
1626 int replacing
= zc
->zc_cookie
;
1630 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1633 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1634 zc
->zc_iflags
, &config
)) == 0) {
1635 error
= spa_vdev_attach(spa
, zc
->zc_guid
, config
, replacing
);
1636 nvlist_free(config
);
1639 spa_close(spa
, FTAG
);
1644 zfs_ioc_vdev_detach(zfs_cmd_t
*zc
)
1649 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1652 error
= spa_vdev_detach(spa
, zc
->zc_guid
, 0, B_FALSE
);
1654 spa_close(spa
, FTAG
);
1659 zfs_ioc_vdev_split(zfs_cmd_t
*zc
)
1662 nvlist_t
*config
, *props
= NULL
;
1664 boolean_t exp
= !!(zc
->zc_cookie
& ZPOOL_EXPORT_AFTER_SPLIT
);
1666 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1669 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1670 zc
->zc_iflags
, &config
))) {
1671 spa_close(spa
, FTAG
);
1675 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1676 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1677 zc
->zc_iflags
, &props
))) {
1678 spa_close(spa
, FTAG
);
1679 nvlist_free(config
);
1683 error
= spa_vdev_split_mirror(spa
, zc
->zc_string
, config
, props
, exp
);
1685 spa_close(spa
, FTAG
);
1687 nvlist_free(config
);
1694 zfs_ioc_vdev_setpath(zfs_cmd_t
*zc
)
1697 char *path
= zc
->zc_value
;
1698 uint64_t guid
= zc
->zc_guid
;
1701 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1705 error
= spa_vdev_setpath(spa
, guid
, path
);
1706 spa_close(spa
, FTAG
);
1711 zfs_ioc_vdev_setfru(zfs_cmd_t
*zc
)
1714 char *fru
= zc
->zc_value
;
1715 uint64_t guid
= zc
->zc_guid
;
1718 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1722 error
= spa_vdev_setfru(spa
, guid
, fru
);
1723 spa_close(spa
, FTAG
);
1728 zfs_ioc_objset_stats_impl(zfs_cmd_t
*zc
, objset_t
*os
)
1733 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
1735 if (zc
->zc_nvlist_dst
!= 0 &&
1736 (error
= dsl_prop_get_all(os
, &nv
)) == 0) {
1737 dmu_objset_stats(os
, nv
);
1739 * NB: zvol_get_stats() will read the objset contents,
1740 * which we aren't supposed to do with a
1741 * DS_MODE_USER hold, because it could be
1742 * inconsistent. So this is a bit of a workaround...
1743 * XXX reading with out owning
1745 if (!zc
->zc_objset_stats
.dds_inconsistent
) {
1746 if (dmu_objset_type(os
) == DMU_OST_ZVOL
)
1747 error
= zvol_get_stats(os
, nv
);
1750 error
= put_nvlist(zc
, nv
);
1759 * zc_name name of filesystem
1760 * zc_nvlist_dst_size size of buffer for property nvlist
1763 * zc_objset_stats stats
1764 * zc_nvlist_dst property nvlist
1765 * zc_nvlist_dst_size size of property nvlist
1768 zfs_ioc_objset_stats(zfs_cmd_t
*zc
)
1770 objset_t
*os
= NULL
;
1773 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)))
1776 error
= zfs_ioc_objset_stats_impl(zc
, os
);
1778 dmu_objset_rele(os
, FTAG
);
1785 * zc_name name of filesystem
1786 * zc_nvlist_dst_size size of buffer for property nvlist
1789 * zc_nvlist_dst received property nvlist
1790 * zc_nvlist_dst_size size of received property nvlist
1792 * Gets received properties (distinct from local properties on or after
1793 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
1794 * local property values.
1797 zfs_ioc_objset_recvd_props(zfs_cmd_t
*zc
)
1799 objset_t
*os
= NULL
;
1803 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)))
1807 * Without this check, we would return local property values if the
1808 * caller has not already received properties on or after
1809 * SPA_VERSION_RECVD_PROPS.
1811 if (!dsl_prop_get_hasrecvd(os
)) {
1812 dmu_objset_rele(os
, FTAG
);
1816 if (zc
->zc_nvlist_dst
!= 0 &&
1817 (error
= dsl_prop_get_received(os
, &nv
)) == 0) {
1818 error
= put_nvlist(zc
, nv
);
1822 dmu_objset_rele(os
, FTAG
);
1827 nvl_add_zplprop(objset_t
*os
, nvlist_t
*props
, zfs_prop_t prop
)
1833 * zfs_get_zplprop() will either find a value or give us
1834 * the default value (if there is one).
1836 if ((error
= zfs_get_zplprop(os
, prop
, &value
)) != 0)
1838 VERIFY(nvlist_add_uint64(props
, zfs_prop_to_name(prop
), value
) == 0);
1844 * zc_name name of filesystem
1845 * zc_nvlist_dst_size size of buffer for zpl property nvlist
1848 * zc_nvlist_dst zpl property nvlist
1849 * zc_nvlist_dst_size size of zpl property nvlist
1852 zfs_ioc_objset_zplprops(zfs_cmd_t
*zc
)
1857 /* XXX reading without owning */
1858 if ((err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)))
1861 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
1864 * NB: nvl_add_zplprop() will read the objset contents,
1865 * which we aren't supposed to do with a DS_MODE_USER
1866 * hold, because it could be inconsistent.
1868 if (zc
->zc_nvlist_dst
!= 0 &&
1869 !zc
->zc_objset_stats
.dds_inconsistent
&&
1870 dmu_objset_type(os
) == DMU_OST_ZFS
) {
1873 VERIFY(nvlist_alloc(&nv
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
1874 if ((err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_VERSION
)) == 0 &&
1875 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_NORMALIZE
)) == 0 &&
1876 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_UTF8ONLY
)) == 0 &&
1877 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_CASE
)) == 0)
1878 err
= put_nvlist(zc
, nv
);
1883 dmu_objset_rele(os
, FTAG
);
1888 dataset_name_hidden(const char *name
)
1891 * Skip over datasets that are not visible in this zone,
1892 * internal datasets (which have a $ in their name), and
1893 * temporary datasets (which have a % in their name).
1895 if (strchr(name
, '$') != NULL
)
1897 if (strchr(name
, '%') != NULL
)
1899 if (!INGLOBALZONE(curproc
) && !zone_dataset_visible(name
, NULL
))
1906 * zc_name name of filesystem
1907 * zc_cookie zap cursor
1908 * zc_nvlist_dst_size size of buffer for property nvlist
1911 * zc_name name of next filesystem
1912 * zc_cookie zap cursor
1913 * zc_objset_stats stats
1914 * zc_nvlist_dst property nvlist
1915 * zc_nvlist_dst_size size of property nvlist
1918 zfs_ioc_dataset_list_next(zfs_cmd_t
*zc
)
1923 size_t orig_len
= strlen(zc
->zc_name
);
1926 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
))) {
1927 if (error
== ENOENT
)
1932 p
= strrchr(zc
->zc_name
, '/');
1933 if (p
== NULL
|| p
[1] != '\0')
1934 (void) strlcat(zc
->zc_name
, "/", sizeof (zc
->zc_name
));
1935 p
= zc
->zc_name
+ strlen(zc
->zc_name
);
1938 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0
1939 * but is not declared void because its called by dmu_objset_find().
1941 if (zc
->zc_cookie
== 0) {
1942 uint64_t cookie
= 0;
1943 int len
= sizeof (zc
->zc_name
) - (p
- zc
->zc_name
);
1945 while (dmu_dir_list_next(os
, len
, p
, NULL
, &cookie
) == 0) {
1946 if (!dataset_name_hidden(zc
->zc_name
))
1947 (void) dmu_objset_prefetch(zc
->zc_name
, NULL
);
1952 error
= dmu_dir_list_next(os
,
1953 sizeof (zc
->zc_name
) - (p
- zc
->zc_name
), p
,
1954 NULL
, &zc
->zc_cookie
);
1955 if (error
== ENOENT
)
1957 } while (error
== 0 && dataset_name_hidden(zc
->zc_name
) &&
1958 !(zc
->zc_iflags
& FKIOCTL
));
1959 dmu_objset_rele(os
, FTAG
);
1962 * If it's an internal dataset (ie. with a '$' in its name),
1963 * don't try to get stats for it, otherwise we'll return ENOENT.
1965 if (error
== 0 && strchr(zc
->zc_name
, '$') == NULL
) {
1966 error
= zfs_ioc_objset_stats(zc
); /* fill in the stats */
1967 if (error
== ENOENT
) {
1968 /* We lost a race with destroy, get the next one. */
1969 zc
->zc_name
[orig_len
] = '\0';
1978 * zc_name name of filesystem
1979 * zc_cookie zap cursor
1980 * zc_nvlist_dst_size size of buffer for property nvlist
1983 * zc_name name of next snapshot
1984 * zc_objset_stats stats
1985 * zc_nvlist_dst property nvlist
1986 * zc_nvlist_dst_size size of property nvlist
1989 zfs_ioc_snapshot_list_next(zfs_cmd_t
*zc
)
1995 if (zc
->zc_cookie
== 0 && !zc
->zc_simple
)
1996 (void) dmu_objset_find(zc
->zc_name
, dmu_objset_prefetch
,
1997 NULL
, DS_FIND_SNAPSHOTS
);
1999 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2001 return (error
== ENOENT
? ESRCH
: error
);
2004 * A dataset name of maximum length cannot have any snapshots,
2005 * so exit immediately.
2007 if (strlcat(zc
->zc_name
, "@", sizeof (zc
->zc_name
)) >= MAXNAMELEN
) {
2008 dmu_objset_rele(os
, FTAG
);
2012 error
= dmu_snapshot_list_next(os
,
2013 sizeof (zc
->zc_name
) - strlen(zc
->zc_name
),
2014 zc
->zc_name
+ strlen(zc
->zc_name
), &zc
->zc_obj
, &zc
->zc_cookie
,
2017 if (error
== 0 && !zc
->zc_simple
) {
2019 dsl_pool_t
*dp
= os
->os_dsl_dataset
->ds_dir
->dd_pool
;
2022 * Since we probably don't have a hold on this snapshot,
2023 * it's possible that the objsetid could have been destroyed
2024 * and reused for a new objset. It's OK if this happens during
2025 * a zfs send operation, since the new createtxg will be
2026 * beyond the range we're interested in.
2028 rw_enter(&dp
->dp_config_rwlock
, RW_READER
);
2029 error
= dsl_dataset_hold_obj(dp
, zc
->zc_obj
, FTAG
, &ds
);
2030 rw_exit(&dp
->dp_config_rwlock
);
2032 if (error
== ENOENT
) {
2033 /* Racing with destroy, get the next one. */
2034 *strchr(zc
->zc_name
, '@') = '\0';
2035 dmu_objset_rele(os
, FTAG
);
2041 error
= dmu_objset_from_ds(ds
, &ossnap
);
2043 error
= zfs_ioc_objset_stats_impl(zc
, ossnap
);
2044 dsl_dataset_rele(ds
, FTAG
);
2046 } else if (error
== ENOENT
) {
2050 dmu_objset_rele(os
, FTAG
);
2051 /* if we failed, undo the @ that we tacked on to zc_name */
2053 *strchr(zc
->zc_name
, '@') = '\0';
2058 zfs_prop_set_userquota(const char *dsname
, nvpair_t
*pair
)
2060 const char *propname
= nvpair_name(pair
);
2062 unsigned int vallen
;
2065 zfs_userquota_prop_t type
;
2071 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2073 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2074 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2080 * A correctly constructed propname is encoded as
2081 * userquota@<rid>-<domain>.
2083 if ((dash
= strchr(propname
, '-')) == NULL
||
2084 nvpair_value_uint64_array(pair
, &valary
, &vallen
) != 0 ||
2093 err
= zfs_sb_hold(dsname
, FTAG
, &zsb
, B_FALSE
);
2095 err
= zfs_set_userquota(zsb
, type
, domain
, rid
, quota
);
2096 zfs_sb_rele(zsb
, FTAG
);
2103 * If the named property is one that has a special function to set its value,
2104 * return 0 on success and a positive error code on failure; otherwise if it is
2105 * not one of the special properties handled by this function, return -1.
2107 * XXX: It would be better for callers of the property interface if we handled
2108 * these special cases in dsl_prop.c (in the dsl layer).
2111 zfs_prop_set_special(const char *dsname
, zprop_source_t source
,
2114 const char *propname
= nvpair_name(pair
);
2115 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2119 if (prop
== ZPROP_INVAL
) {
2120 if (zfs_prop_userquota(propname
))
2121 return (zfs_prop_set_userquota(dsname
, pair
));
2125 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2127 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2128 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2132 if (zfs_prop_get_type(prop
) == PROP_TYPE_STRING
)
2135 VERIFY(0 == nvpair_value_uint64(pair
, &intval
));
2138 case ZFS_PROP_QUOTA
:
2139 err
= dsl_dir_set_quota(dsname
, source
, intval
);
2141 case ZFS_PROP_REFQUOTA
:
2142 err
= dsl_dataset_set_quota(dsname
, source
, intval
);
2144 case ZFS_PROP_RESERVATION
:
2145 err
= dsl_dir_set_reservation(dsname
, source
, intval
);
2147 case ZFS_PROP_REFRESERVATION
:
2148 err
= dsl_dataset_set_reservation(dsname
, source
, intval
);
2150 case ZFS_PROP_VOLSIZE
:
2151 err
= zvol_set_volsize(dsname
, intval
);
2153 case ZFS_PROP_VERSION
:
2157 if ((err
= zfs_sb_hold(dsname
, FTAG
, &zsb
, B_TRUE
)) != 0)
2160 err
= zfs_set_version(zsb
, intval
);
2161 zfs_sb_rele(zsb
, FTAG
);
2163 if (err
== 0 && intval
>= ZPL_VERSION_USERSPACE
) {
2166 zc
= kmem_zalloc(sizeof (zfs_cmd_t
),
2167 KM_SLEEP
| KM_NODEBUG
);
2168 (void) strcpy(zc
->zc_name
, dsname
);
2169 (void) zfs_ioc_userspace_upgrade(zc
);
2170 kmem_free(zc
, sizeof (zfs_cmd_t
));
2183 * This function is best effort. If it fails to set any of the given properties,
2184 * it continues to set as many as it can and returns the first error
2185 * encountered. If the caller provides a non-NULL errlist, it also gives the
2186 * complete list of names of all the properties it failed to set along with the
2187 * corresponding error numbers. The caller is responsible for freeing the
2190 * If every property is set successfully, zero is returned and the list pointed
2191 * at by errlist is NULL.
2194 zfs_set_prop_nvlist(const char *dsname
, zprop_source_t source
, nvlist_t
*nvl
,
2202 nvlist_t
*genericnvl
;
2206 VERIFY(nvlist_alloc(&genericnvl
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2207 VERIFY(nvlist_alloc(&errors
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2208 VERIFY(nvlist_alloc(&retrynvl
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2212 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2213 const char *propname
= nvpair_name(pair
);
2214 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2217 /* decode the property value */
2219 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2221 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2222 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2227 /* Validate value type */
2228 if (err
== 0 && prop
== ZPROP_INVAL
) {
2229 if (zfs_prop_user(propname
)) {
2230 if (nvpair_type(propval
) != DATA_TYPE_STRING
)
2232 } else if (zfs_prop_userquota(propname
)) {
2233 if (nvpair_type(propval
) !=
2234 DATA_TYPE_UINT64_ARRAY
)
2237 } else if (err
== 0) {
2238 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2239 if (zfs_prop_get_type(prop
) != PROP_TYPE_STRING
)
2241 } else if (nvpair_type(propval
) == DATA_TYPE_UINT64
) {
2244 VERIFY(nvpair_value_uint64(propval
,
2247 switch (zfs_prop_get_type(prop
)) {
2248 case PROP_TYPE_NUMBER
:
2250 case PROP_TYPE_STRING
:
2253 case PROP_TYPE_INDEX
:
2254 if (zfs_prop_index_to_string(prop
,
2255 intval
, &unused
) != 0)
2260 "unknown property type");
2267 /* Validate permissions */
2269 err
= zfs_check_settable(dsname
, pair
, CRED());
2272 err
= zfs_prop_set_special(dsname
, source
, pair
);
2275 * For better performance we build up a list of
2276 * properties to set in a single transaction.
2278 err
= nvlist_add_nvpair(genericnvl
, pair
);
2279 } else if (err
!= 0 && nvl
!= retrynvl
) {
2281 * This may be a spurious error caused by
2282 * receiving quota and reservation out of order.
2283 * Try again in a second pass.
2285 err
= nvlist_add_nvpair(retrynvl
, pair
);
2290 VERIFY(nvlist_add_int32(errors
, propname
, err
) == 0);
2293 if (nvl
!= retrynvl
&& !nvlist_empty(retrynvl
)) {
2298 if (!nvlist_empty(genericnvl
) &&
2299 dsl_props_set(dsname
, source
, genericnvl
) != 0) {
2301 * If this fails, we still want to set as many properties as we
2302 * can, so try setting them individually.
2305 while ((pair
= nvlist_next_nvpair(genericnvl
, pair
)) != NULL
) {
2306 const char *propname
= nvpair_name(pair
);
2310 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2312 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2313 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2317 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2318 VERIFY(nvpair_value_string(propval
,
2320 err
= dsl_prop_set(dsname
, propname
, source
, 1,
2321 strlen(strval
) + 1, strval
);
2323 VERIFY(nvpair_value_uint64(propval
,
2325 err
= dsl_prop_set(dsname
, propname
, source
, 8,
2330 VERIFY(nvlist_add_int32(errors
, propname
,
2335 nvlist_free(genericnvl
);
2336 nvlist_free(retrynvl
);
2338 if ((pair
= nvlist_next_nvpair(errors
, NULL
)) == NULL
) {
2339 nvlist_free(errors
);
2342 VERIFY(nvpair_value_int32(pair
, &rv
) == 0);
2345 if (errlist
== NULL
)
2346 nvlist_free(errors
);
2354 * Check that all the properties are valid user properties.
2357 zfs_check_userprops(char *fsname
, nvlist_t
*nvl
)
2359 nvpair_t
*pair
= NULL
;
2362 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2363 const char *propname
= nvpair_name(pair
);
2366 if (!zfs_prop_user(propname
) ||
2367 nvpair_type(pair
) != DATA_TYPE_STRING
)
2370 if ((error
= zfs_secpolicy_write_perms(fsname
,
2371 ZFS_DELEG_PERM_USERPROP
, CRED())))
2374 if (strlen(propname
) >= ZAP_MAXNAMELEN
)
2375 return (ENAMETOOLONG
);
2377 VERIFY(nvpair_value_string(pair
, &valstr
) == 0);
2378 if (strlen(valstr
) >= ZAP_MAXVALUELEN
)
2385 props_skip(nvlist_t
*props
, nvlist_t
*skipped
, nvlist_t
**newprops
)
2389 VERIFY(nvlist_alloc(newprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2392 while ((pair
= nvlist_next_nvpair(props
, pair
)) != NULL
) {
2393 if (nvlist_exists(skipped
, nvpair_name(pair
)))
2396 VERIFY(nvlist_add_nvpair(*newprops
, pair
) == 0);
2401 clear_received_props(objset_t
*os
, const char *fs
, nvlist_t
*props
,
2405 nvlist_t
*cleared_props
= NULL
;
2406 props_skip(props
, skipped
, &cleared_props
);
2407 if (!nvlist_empty(cleared_props
)) {
2409 * Acts on local properties until the dataset has received
2410 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2412 zprop_source_t flags
= (ZPROP_SRC_NONE
|
2413 (dsl_prop_get_hasrecvd(os
) ? ZPROP_SRC_RECEIVED
: 0));
2414 err
= zfs_set_prop_nvlist(fs
, flags
, cleared_props
, NULL
);
2416 nvlist_free(cleared_props
);
2422 * zc_name name of filesystem
2423 * zc_value name of property to set
2424 * zc_nvlist_src{_size} nvlist of properties to apply
2425 * zc_cookie received properties flag
2428 * zc_nvlist_dst{_size} error for each unapplied received property
2431 zfs_ioc_set_prop(zfs_cmd_t
*zc
)
2434 boolean_t received
= zc
->zc_cookie
;
2435 zprop_source_t source
= (received
? ZPROP_SRC_RECEIVED
:
2437 nvlist_t
*errors
= NULL
;
2440 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2441 zc
->zc_iflags
, &nvl
)) != 0)
2445 nvlist_t
*origprops
;
2448 if (dmu_objset_hold(zc
->zc_name
, FTAG
, &os
) == 0) {
2449 if (dsl_prop_get_received(os
, &origprops
) == 0) {
2450 (void) clear_received_props(os
,
2451 zc
->zc_name
, origprops
, nvl
);
2452 nvlist_free(origprops
);
2455 dsl_prop_set_hasrecvd(os
);
2456 dmu_objset_rele(os
, FTAG
);
2460 error
= zfs_set_prop_nvlist(zc
->zc_name
, source
, nvl
, &errors
);
2462 if (zc
->zc_nvlist_dst
!= 0 && errors
!= NULL
) {
2463 (void) put_nvlist(zc
, errors
);
2466 nvlist_free(errors
);
2473 * zc_name name of filesystem
2474 * zc_value name of property to inherit
2475 * zc_cookie revert to received value if TRUE
2480 zfs_ioc_inherit_prop(zfs_cmd_t
*zc
)
2482 const char *propname
= zc
->zc_value
;
2483 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2484 boolean_t received
= zc
->zc_cookie
;
2485 zprop_source_t source
= (received
2486 ? ZPROP_SRC_NONE
/* revert to received value, if any */
2487 : ZPROP_SRC_INHERITED
); /* explicitly inherit */
2496 * zfs_prop_set_special() expects properties in the form of an
2497 * nvpair with type info.
2499 if (prop
== ZPROP_INVAL
) {
2500 if (!zfs_prop_user(propname
))
2503 type
= PROP_TYPE_STRING
;
2504 } else if (prop
== ZFS_PROP_VOLSIZE
||
2505 prop
== ZFS_PROP_VERSION
) {
2508 type
= zfs_prop_get_type(prop
);
2511 VERIFY(nvlist_alloc(&dummy
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2514 case PROP_TYPE_STRING
:
2515 VERIFY(0 == nvlist_add_string(dummy
, propname
, ""));
2517 case PROP_TYPE_NUMBER
:
2518 case PROP_TYPE_INDEX
:
2519 VERIFY(0 == nvlist_add_uint64(dummy
, propname
, 0));
2526 pair
= nvlist_next_nvpair(dummy
, NULL
);
2527 err
= zfs_prop_set_special(zc
->zc_name
, source
, pair
);
2530 return (err
); /* special property already handled */
2533 * Only check this in the non-received case. We want to allow
2534 * 'inherit -S' to revert non-inheritable properties like quota
2535 * and reservation to the received or default values even though
2536 * they are not considered inheritable.
2538 if (prop
!= ZPROP_INVAL
&& !zfs_prop_inheritable(prop
))
2542 /* the property name has been validated by zfs_secpolicy_inherit() */
2543 return (dsl_prop_set(zc
->zc_name
, zc
->zc_value
, source
, 0, 0, NULL
));
2547 zfs_ioc_pool_set_props(zfs_cmd_t
*zc
)
2554 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2555 zc
->zc_iflags
, &props
)))
2559 * If the only property is the configfile, then just do a spa_lookup()
2560 * to handle the faulted case.
2562 pair
= nvlist_next_nvpair(props
, NULL
);
2563 if (pair
!= NULL
&& strcmp(nvpair_name(pair
),
2564 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE
)) == 0 &&
2565 nvlist_next_nvpair(props
, pair
) == NULL
) {
2566 mutex_enter(&spa_namespace_lock
);
2567 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
) {
2568 spa_configfile_set(spa
, props
, B_FALSE
);
2569 spa_config_sync(spa
, B_FALSE
, B_TRUE
);
2571 mutex_exit(&spa_namespace_lock
);
2578 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2583 error
= spa_prop_set(spa
, props
);
2586 spa_close(spa
, FTAG
);
2592 zfs_ioc_pool_get_props(zfs_cmd_t
*zc
)
2596 nvlist_t
*nvp
= NULL
;
2598 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2600 * If the pool is faulted, there may be properties we can still
2601 * get (such as altroot and cachefile), so attempt to get them
2604 mutex_enter(&spa_namespace_lock
);
2605 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
)
2606 error
= spa_prop_get(spa
, &nvp
);
2607 mutex_exit(&spa_namespace_lock
);
2609 error
= spa_prop_get(spa
, &nvp
);
2610 spa_close(spa
, FTAG
);
2613 if (error
== 0 && zc
->zc_nvlist_dst
!= 0)
2614 error
= put_nvlist(zc
, nvp
);
2624 * zc_name name of volume
2629 zfs_ioc_create_minor(zfs_cmd_t
*zc
)
2631 return (zvol_create_minor(zc
->zc_name
));
2636 * zc_name name of volume
2641 zfs_ioc_remove_minor(zfs_cmd_t
*zc
)
2643 return (zvol_remove_minor(zc
->zc_name
));
2648 * zc_name name of filesystem
2649 * zc_nvlist_src{_size} nvlist of delegated permissions
2650 * zc_perm_action allow/unallow flag
2655 zfs_ioc_set_fsacl(zfs_cmd_t
*zc
)
2658 nvlist_t
*fsaclnv
= NULL
;
2660 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2661 zc
->zc_iflags
, &fsaclnv
)) != 0)
2665 * Verify nvlist is constructed correctly
2667 if ((error
= zfs_deleg_verify_nvlist(fsaclnv
)) != 0) {
2668 nvlist_free(fsaclnv
);
2673 * If we don't have PRIV_SYS_MOUNT, then validate
2674 * that user is allowed to hand out each permission in
2678 error
= secpolicy_zfs(CRED());
2680 if (zc
->zc_perm_action
== B_FALSE
) {
2681 error
= dsl_deleg_can_allow(zc
->zc_name
,
2684 error
= dsl_deleg_can_unallow(zc
->zc_name
,
2690 error
= dsl_deleg_set(zc
->zc_name
, fsaclnv
, zc
->zc_perm_action
);
2692 nvlist_free(fsaclnv
);
2698 * zc_name name of filesystem
2701 * zc_nvlist_src{_size} nvlist of delegated permissions
2704 zfs_ioc_get_fsacl(zfs_cmd_t
*zc
)
2709 if ((error
= dsl_deleg_get(zc
->zc_name
, &nvp
)) == 0) {
2710 error
= put_nvlist(zc
, nvp
);
2719 zfs_create_cb(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
)
2721 zfs_creat_t
*zct
= arg
;
2723 zfs_create_fs(os
, cr
, zct
->zct_zplprops
, tx
);
2726 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2730 * createprops list of properties requested by creator
2731 * default_zplver zpl version to use if unspecified in createprops
2732 * fuids_ok fuids allowed in this version of the spa?
2733 * os parent objset pointer (NULL if root fs)
2736 * zplprops values for the zplprops we attach to the master node object
2737 * is_ci true if requested file system will be purely case-insensitive
2739 * Determine the settings for utf8only, normalization and
2740 * casesensitivity. Specific values may have been requested by the
2741 * creator and/or we can inherit values from the parent dataset. If
2742 * the file system is of too early a vintage, a creator can not
2743 * request settings for these properties, even if the requested
2744 * setting is the default value. We don't actually want to create dsl
2745 * properties for these, so remove them from the source nvlist after
2749 zfs_fill_zplprops_impl(objset_t
*os
, uint64_t zplver
,
2750 boolean_t fuids_ok
, boolean_t sa_ok
, nvlist_t
*createprops
,
2751 nvlist_t
*zplprops
, boolean_t
*is_ci
)
2753 uint64_t sense
= ZFS_PROP_UNDEFINED
;
2754 uint64_t norm
= ZFS_PROP_UNDEFINED
;
2755 uint64_t u8
= ZFS_PROP_UNDEFINED
;
2758 ASSERT(zplprops
!= NULL
);
2761 * Pull out creator prop choices, if any.
2764 (void) nvlist_lookup_uint64(createprops
,
2765 zfs_prop_to_name(ZFS_PROP_VERSION
), &zplver
);
2766 (void) nvlist_lookup_uint64(createprops
,
2767 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), &norm
);
2768 (void) nvlist_remove_all(createprops
,
2769 zfs_prop_to_name(ZFS_PROP_NORMALIZE
));
2770 (void) nvlist_lookup_uint64(createprops
,
2771 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), &u8
);
2772 (void) nvlist_remove_all(createprops
,
2773 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
));
2774 (void) nvlist_lookup_uint64(createprops
,
2775 zfs_prop_to_name(ZFS_PROP_CASE
), &sense
);
2776 (void) nvlist_remove_all(createprops
,
2777 zfs_prop_to_name(ZFS_PROP_CASE
));
2781 * If the zpl version requested is whacky or the file system
2782 * or pool is version is too "young" to support normalization
2783 * and the creator tried to set a value for one of the props,
2786 if ((zplver
< ZPL_VERSION_INITIAL
|| zplver
> ZPL_VERSION
) ||
2787 (zplver
>= ZPL_VERSION_FUID
&& !fuids_ok
) ||
2788 (zplver
>= ZPL_VERSION_SA
&& !sa_ok
) ||
2789 (zplver
< ZPL_VERSION_NORMALIZATION
&&
2790 (norm
!= ZFS_PROP_UNDEFINED
|| u8
!= ZFS_PROP_UNDEFINED
||
2791 sense
!= ZFS_PROP_UNDEFINED
)))
2795 * Put the version in the zplprops
2797 VERIFY(nvlist_add_uint64(zplprops
,
2798 zfs_prop_to_name(ZFS_PROP_VERSION
), zplver
) == 0);
2800 if (norm
== ZFS_PROP_UNDEFINED
&&
2801 (error
= zfs_get_zplprop(os
, ZFS_PROP_NORMALIZE
, &norm
)) != 0)
2803 VERIFY(nvlist_add_uint64(zplprops
,
2804 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), norm
) == 0);
2807 * If we're normalizing, names must always be valid UTF-8 strings.
2811 if (u8
== ZFS_PROP_UNDEFINED
&&
2812 (error
= zfs_get_zplprop(os
, ZFS_PROP_UTF8ONLY
, &u8
)) != 0)
2814 VERIFY(nvlist_add_uint64(zplprops
,
2815 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), u8
) == 0);
2817 if (sense
== ZFS_PROP_UNDEFINED
&&
2818 (error
= zfs_get_zplprop(os
, ZFS_PROP_CASE
, &sense
)) != 0)
2820 VERIFY(nvlist_add_uint64(zplprops
,
2821 zfs_prop_to_name(ZFS_PROP_CASE
), sense
) == 0);
2824 *is_ci
= (sense
== ZFS_CASE_INSENSITIVE
);
2830 zfs_fill_zplprops(const char *dataset
, nvlist_t
*createprops
,
2831 nvlist_t
*zplprops
, boolean_t
*is_ci
)
2833 boolean_t fuids_ok
, sa_ok
;
2834 uint64_t zplver
= ZPL_VERSION
;
2835 objset_t
*os
= NULL
;
2836 char parentname
[MAXNAMELEN
];
2842 (void) strlcpy(parentname
, dataset
, sizeof (parentname
));
2843 cp
= strrchr(parentname
, '/');
2847 if ((error
= spa_open(dataset
, &spa
, FTAG
)) != 0)
2850 spa_vers
= spa_version(spa
);
2851 spa_close(spa
, FTAG
);
2853 zplver
= zfs_zpl_version_map(spa_vers
);
2854 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
2855 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
2858 * Open parent object set so we can inherit zplprop values.
2860 if ((error
= dmu_objset_hold(parentname
, FTAG
, &os
)) != 0)
2863 error
= zfs_fill_zplprops_impl(os
, zplver
, fuids_ok
, sa_ok
, createprops
,
2865 dmu_objset_rele(os
, FTAG
);
2870 zfs_fill_zplprops_root(uint64_t spa_vers
, nvlist_t
*createprops
,
2871 nvlist_t
*zplprops
, boolean_t
*is_ci
)
2875 uint64_t zplver
= ZPL_VERSION
;
2878 zplver
= zfs_zpl_version_map(spa_vers
);
2879 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
2880 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
2882 error
= zfs_fill_zplprops_impl(NULL
, zplver
, fuids_ok
, sa_ok
,
2883 createprops
, zplprops
, is_ci
);
2889 * zc_objset_type type of objset to create (fs vs zvol)
2890 * zc_name name of new objset
2891 * zc_value name of snapshot to clone from (may be empty)
2892 * zc_nvlist_src{_size} nvlist of properties to apply
2897 zfs_ioc_create(zfs_cmd_t
*zc
)
2902 nvlist_t
*nvprops
= NULL
;
2903 void (*cbfunc
)(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
);
2904 dmu_objset_type_t type
= zc
->zc_objset_type
;
2909 cbfunc
= zfs_create_cb
;
2913 cbfunc
= zvol_create_cb
;
2920 if (strchr(zc
->zc_name
, '@') ||
2921 strchr(zc
->zc_name
, '%'))
2924 if (zc
->zc_nvlist_src
!= 0 &&
2925 (error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2926 zc
->zc_iflags
, &nvprops
)) != 0)
2929 zct
.zct_zplprops
= NULL
;
2930 zct
.zct_props
= nvprops
;
2932 if (zc
->zc_value
[0] != '\0') {
2934 * We're creating a clone of an existing snapshot.
2936 zc
->zc_value
[sizeof (zc
->zc_value
) - 1] = '\0';
2937 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0) {
2938 nvlist_free(nvprops
);
2942 error
= dmu_objset_hold(zc
->zc_value
, FTAG
, &clone
);
2944 nvlist_free(nvprops
);
2948 error
= dmu_objset_clone(zc
->zc_name
, dmu_objset_ds(clone
), 0);
2949 dmu_objset_rele(clone
, FTAG
);
2951 nvlist_free(nvprops
);
2955 boolean_t is_insensitive
= B_FALSE
;
2957 if (cbfunc
== NULL
) {
2958 nvlist_free(nvprops
);
2962 if (type
== DMU_OST_ZVOL
) {
2963 uint64_t volsize
, volblocksize
;
2965 if (nvprops
== NULL
||
2966 nvlist_lookup_uint64(nvprops
,
2967 zfs_prop_to_name(ZFS_PROP_VOLSIZE
),
2969 nvlist_free(nvprops
);
2973 if ((error
= nvlist_lookup_uint64(nvprops
,
2974 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE
),
2975 &volblocksize
)) != 0 && error
!= ENOENT
) {
2976 nvlist_free(nvprops
);
2981 volblocksize
= zfs_prop_default_numeric(
2982 ZFS_PROP_VOLBLOCKSIZE
);
2984 if ((error
= zvol_check_volblocksize(
2985 volblocksize
)) != 0 ||
2986 (error
= zvol_check_volsize(volsize
,
2987 volblocksize
)) != 0) {
2988 nvlist_free(nvprops
);
2991 } else if (type
== DMU_OST_ZFS
) {
2995 * We have to have normalization and
2996 * case-folding flags correct when we do the
2997 * file system creation, so go figure them out
3000 VERIFY(nvlist_alloc(&zct
.zct_zplprops
,
3001 NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
3002 error
= zfs_fill_zplprops(zc
->zc_name
, nvprops
,
3003 zct
.zct_zplprops
, &is_insensitive
);
3005 nvlist_free(nvprops
);
3006 nvlist_free(zct
.zct_zplprops
);
3010 error
= dmu_objset_create(zc
->zc_name
, type
,
3011 is_insensitive
? DS_FLAG_CI_DATASET
: 0, cbfunc
, &zct
);
3012 nvlist_free(zct
.zct_zplprops
);
3016 * It would be nice to do this atomically.
3019 error
= zfs_set_prop_nvlist(zc
->zc_name
, ZPROP_SRC_LOCAL
,
3022 (void) dmu_objset_destroy(zc
->zc_name
, B_FALSE
);
3024 nvlist_free(nvprops
);
3030 * zc_name name of filesystem
3031 * zc_value short name of snapshot
3032 * zc_cookie recursive flag
3033 * zc_nvlist_src[_size] property list
3036 * zc_value short snapname (i.e. part after the '@')
3039 zfs_ioc_snapshot(zfs_cmd_t
*zc
)
3041 nvlist_t
*nvprops
= NULL
;
3043 boolean_t recursive
= zc
->zc_cookie
;
3045 if (snapshot_namecheck(zc
->zc_value
, NULL
, NULL
) != 0)
3048 if (zc
->zc_nvlist_src
!= 0 &&
3049 (error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
3050 zc
->zc_iflags
, &nvprops
)) != 0)
3053 error
= zfs_check_userprops(zc
->zc_name
, nvprops
);
3057 if (!nvlist_empty(nvprops
) &&
3058 zfs_earlier_version(zc
->zc_name
, SPA_VERSION_SNAP_PROPS
)) {
3063 error
= dmu_objset_snapshot(zc
->zc_name
, zc
->zc_value
, NULL
,
3064 nvprops
, recursive
, B_FALSE
, -1);
3067 nvlist_free(nvprops
);
3073 * name dataset name, or when 'arg == NULL' the full snapshot name
3074 * arg short snapshot name (i.e. part after the '@')
3077 zfs_unmount_snap(const char *name
, void *arg
)
3079 zfs_sb_t
*zsb
= NULL
;
3087 dsname
= strdup(name
);
3088 snapname
= strdup(arg
);
3090 ptr
= strchr(name
, '@');
3092 dsname
= strdup(name
);
3093 dsname
[ptr
- name
] = '\0';
3094 snapname
= strdup(ptr
+ 1);
3100 fullname
= kmem_asprintf("%s@%s", dsname
, snapname
);
3102 error
= zfs_sb_hold(dsname
, FTAG
, &zsb
, B_FALSE
);
3104 error
= zfsctl_unmount_snapshot(zsb
, fullname
, MNT_FORCE
);
3105 zfs_sb_rele(zsb
, FTAG
);
3107 /* Allow ENOENT for consistency with upstream */
3108 if (error
== ENOENT
)
3121 * zc_name name of filesystem
3122 * zc_value short name of snapshot
3123 * zc_defer_destroy mark for deferred destroy
3128 zfs_ioc_destroy_snaps(zfs_cmd_t
*zc
)
3132 if (snapshot_namecheck(zc
->zc_value
, NULL
, NULL
) != 0)
3134 err
= dmu_objset_find(zc
->zc_name
,
3135 zfs_unmount_snap
, zc
->zc_value
, DS_FIND_CHILDREN
);
3138 return (dmu_snapshots_destroy(zc
->zc_name
, zc
->zc_value
,
3139 zc
->zc_defer_destroy
));
3144 * zc_name name of dataset to destroy
3145 * zc_objset_type type of objset
3146 * zc_defer_destroy mark for deferred destroy
3151 zfs_ioc_destroy(zfs_cmd_t
*zc
)
3154 if (strchr(zc
->zc_name
, '@') && zc
->zc_objset_type
== DMU_OST_ZFS
) {
3155 err
= zfs_unmount_snap(zc
->zc_name
, NULL
);
3160 err
= dmu_objset_destroy(zc
->zc_name
, zc
->zc_defer_destroy
);
3161 if (zc
->zc_objset_type
== DMU_OST_ZVOL
&& err
== 0)
3162 (void) zvol_remove_minor(zc
->zc_name
);
3168 * zc_name name of dataset to rollback (to most recent snapshot)
3173 zfs_ioc_rollback(zfs_cmd_t
*zc
)
3175 dsl_dataset_t
*ds
, *clone
;
3180 error
= dsl_dataset_hold(zc
->zc_name
, FTAG
, &ds
);
3184 /* must not be a snapshot */
3185 if (dsl_dataset_is_snapshot(ds
)) {
3186 dsl_dataset_rele(ds
, FTAG
);
3190 /* must have a most recent snapshot */
3191 if (ds
->ds_phys
->ds_prev_snap_txg
< TXG_INITIAL
) {
3192 dsl_dataset_rele(ds
, FTAG
);
3197 * Create clone of most recent snapshot.
3199 clone_name
= kmem_asprintf("%s/%%rollback", zc
->zc_name
);
3200 error
= dmu_objset_clone(clone_name
, ds
->ds_prev
, DS_FLAG_INCONSISTENT
);
3204 error
= dsl_dataset_own(clone_name
, B_TRUE
, FTAG
, &clone
);
3211 if (get_zfs_sb(zc
->zc_name
, &zsb
) == 0) {
3212 error
= zfs_suspend_fs(zsb
);
3216 if (dsl_dataset_tryown(ds
, B_FALSE
, FTAG
)) {
3217 error
= dsl_dataset_clone_swap(clone
, ds
,
3219 dsl_dataset_disown(ds
, FTAG
);
3224 resume_err
= zfs_resume_fs(zsb
, zc
->zc_name
);
3225 error
= error
? error
: resume_err
;
3227 deactivate_super(zsb
->z_sb
);
3229 if (dsl_dataset_tryown(ds
, B_FALSE
, FTAG
)) {
3230 error
= dsl_dataset_clone_swap(clone
, ds
, B_TRUE
);
3231 dsl_dataset_disown(ds
, FTAG
);
3239 * Destroy clone (which also closes it).
3241 (void) dsl_dataset_destroy(clone
, FTAG
, B_FALSE
);
3244 strfree(clone_name
);
3246 dsl_dataset_rele(ds
, FTAG
);
3252 * zc_name old name of dataset
3253 * zc_value new name of dataset
3254 * zc_cookie recursive flag (only valid for snapshots)
3259 zfs_ioc_rename(zfs_cmd_t
*zc
)
3261 boolean_t recursive
= zc
->zc_cookie
& 1;
3264 zc
->zc_value
[sizeof (zc
->zc_value
) - 1] = '\0';
3265 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
3266 strchr(zc
->zc_value
, '%'))
3270 * Unmount snapshot unless we're doing a recursive rename,
3271 * in which case the dataset code figures out which snapshots
3274 if (!recursive
&& strchr(zc
->zc_name
, '@') != NULL
&&
3275 zc
->zc_objset_type
== DMU_OST_ZFS
) {
3276 err
= zfs_unmount_snap(zc
->zc_name
, NULL
);
3281 err
= dmu_objset_rename(zc
->zc_name
, zc
->zc_value
, recursive
);
3282 if ((err
== 0) && (zc
->zc_objset_type
== DMU_OST_ZVOL
)) {
3283 (void) zvol_remove_minor(zc
->zc_name
);
3284 (void) zvol_create_minor(zc
->zc_value
);
3291 zfs_check_settable(const char *dsname
, nvpair_t
*pair
, cred_t
*cr
)
3293 const char *propname
= nvpair_name(pair
);
3294 boolean_t issnap
= (strchr(dsname
, '@') != NULL
);
3295 zfs_prop_t prop
= zfs_name_to_prop(propname
);
3299 if (prop
== ZPROP_INVAL
) {
3300 if (zfs_prop_user(propname
)) {
3301 if ((err
= zfs_secpolicy_write_perms(dsname
,
3302 ZFS_DELEG_PERM_USERPROP
, cr
)))
3307 if (!issnap
&& zfs_prop_userquota(propname
)) {
3308 const char *perm
= NULL
;
3309 const char *uq_prefix
=
3310 zfs_userquota_prop_prefixes
[ZFS_PROP_USERQUOTA
];
3311 const char *gq_prefix
=
3312 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPQUOTA
];
3314 if (strncmp(propname
, uq_prefix
,
3315 strlen(uq_prefix
)) == 0) {
3316 perm
= ZFS_DELEG_PERM_USERQUOTA
;
3317 } else if (strncmp(propname
, gq_prefix
,
3318 strlen(gq_prefix
)) == 0) {
3319 perm
= ZFS_DELEG_PERM_GROUPQUOTA
;
3321 /* USERUSED and GROUPUSED are read-only */
3325 if ((err
= zfs_secpolicy_write_perms(dsname
, perm
, cr
)))
3336 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
3338 * dsl_prop_get_all_impl() returns properties in this
3342 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
3343 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
3348 * Check that this value is valid for this pool version
3351 case ZFS_PROP_COMPRESSION
:
3353 * If the user specified gzip compression, make sure
3354 * the SPA supports it. We ignore any errors here since
3355 * we'll catch them later.
3357 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
3358 nvpair_value_uint64(pair
, &intval
) == 0) {
3359 if (intval
>= ZIO_COMPRESS_GZIP_1
&&
3360 intval
<= ZIO_COMPRESS_GZIP_9
&&
3361 zfs_earlier_version(dsname
,
3362 SPA_VERSION_GZIP_COMPRESSION
)) {
3366 if (intval
== ZIO_COMPRESS_ZLE
&&
3367 zfs_earlier_version(dsname
,
3368 SPA_VERSION_ZLE_COMPRESSION
))
3372 * If this is a bootable dataset then
3373 * verify that the compression algorithm
3374 * is supported for booting. We must return
3375 * something other than ENOTSUP since it
3376 * implies a downrev pool version.
3378 if (zfs_is_bootfs(dsname
) &&
3379 !BOOTFS_COMPRESS_VALID(intval
)) {
3385 case ZFS_PROP_COPIES
:
3386 if (zfs_earlier_version(dsname
, SPA_VERSION_DITTO_BLOCKS
))
3390 case ZFS_PROP_DEDUP
:
3391 if (zfs_earlier_version(dsname
, SPA_VERSION_DEDUP
))
3395 case ZFS_PROP_SHARESMB
:
3396 if (zpl_earlier_version(dsname
, ZPL_VERSION_FUID
))
3400 case ZFS_PROP_ACLINHERIT
:
3401 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
3402 nvpair_value_uint64(pair
, &intval
) == 0) {
3403 if (intval
== ZFS_ACL_PASSTHROUGH_X
&&
3404 zfs_earlier_version(dsname
,
3405 SPA_VERSION_PASSTHROUGH_X
))
3413 return (zfs_secpolicy_setprop(dsname
, prop
, pair
, CRED()));
3417 * Removes properties from the given props list that fail permission checks
3418 * needed to clear them and to restore them in case of a receive error. For each
3419 * property, make sure we have both set and inherit permissions.
3421 * Returns the first error encountered if any permission checks fail. If the
3422 * caller provides a non-NULL errlist, it also gives the complete list of names
3423 * of all the properties that failed a permission check along with the
3424 * corresponding error numbers. The caller is responsible for freeing the
3427 * If every property checks out successfully, zero is returned and the list
3428 * pointed at by errlist is NULL.
3431 zfs_check_clearable(char *dataset
, nvlist_t
*props
, nvlist_t
**errlist
)
3434 nvpair_t
*pair
, *next_pair
;
3441 VERIFY(nvlist_alloc(&errors
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
3443 zc
= kmem_alloc(sizeof (zfs_cmd_t
), KM_SLEEP
| KM_NODEBUG
);
3444 (void) strcpy(zc
->zc_name
, dataset
);
3445 pair
= nvlist_next_nvpair(props
, NULL
);
3446 while (pair
!= NULL
) {
3447 next_pair
= nvlist_next_nvpair(props
, pair
);
3449 (void) strcpy(zc
->zc_value
, nvpair_name(pair
));
3450 if ((err
= zfs_check_settable(dataset
, pair
, CRED())) != 0 ||
3451 (err
= zfs_secpolicy_inherit(zc
, CRED())) != 0) {
3452 VERIFY(nvlist_remove_nvpair(props
, pair
) == 0);
3453 VERIFY(nvlist_add_int32(errors
,
3454 zc
->zc_value
, err
) == 0);
3458 kmem_free(zc
, sizeof (zfs_cmd_t
));
3460 if ((pair
= nvlist_next_nvpair(errors
, NULL
)) == NULL
) {
3461 nvlist_free(errors
);
3464 VERIFY(nvpair_value_int32(pair
, &rv
) == 0);
3467 if (errlist
== NULL
)
3468 nvlist_free(errors
);
3476 propval_equals(nvpair_t
*p1
, nvpair_t
*p2
)
3478 if (nvpair_type(p1
) == DATA_TYPE_NVLIST
) {
3479 /* dsl_prop_get_all_impl() format */
3481 VERIFY(nvpair_value_nvlist(p1
, &attrs
) == 0);
3482 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
3486 if (nvpair_type(p2
) == DATA_TYPE_NVLIST
) {
3488 VERIFY(nvpair_value_nvlist(p2
, &attrs
) == 0);
3489 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
3493 if (nvpair_type(p1
) != nvpair_type(p2
))
3496 if (nvpair_type(p1
) == DATA_TYPE_STRING
) {
3497 char *valstr1
, *valstr2
;
3499 VERIFY(nvpair_value_string(p1
, (char **)&valstr1
) == 0);
3500 VERIFY(nvpair_value_string(p2
, (char **)&valstr2
) == 0);
3501 return (strcmp(valstr1
, valstr2
) == 0);
3503 uint64_t intval1
, intval2
;
3505 VERIFY(nvpair_value_uint64(p1
, &intval1
) == 0);
3506 VERIFY(nvpair_value_uint64(p2
, &intval2
) == 0);
3507 return (intval1
== intval2
);
3512 * Remove properties from props if they are not going to change (as determined
3513 * by comparison with origprops). Remove them from origprops as well, since we
3514 * do not need to clear or restore properties that won't change.
3517 props_reduce(nvlist_t
*props
, nvlist_t
*origprops
)
3519 nvpair_t
*pair
, *next_pair
;
3521 if (origprops
== NULL
)
3522 return; /* all props need to be received */
3524 pair
= nvlist_next_nvpair(props
, NULL
);
3525 while (pair
!= NULL
) {
3526 const char *propname
= nvpair_name(pair
);
3529 next_pair
= nvlist_next_nvpair(props
, pair
);
3531 if ((nvlist_lookup_nvpair(origprops
, propname
,
3532 &match
) != 0) || !propval_equals(pair
, match
))
3533 goto next
; /* need to set received value */
3535 /* don't clear the existing received value */
3536 (void) nvlist_remove_nvpair(origprops
, match
);
3537 /* don't bother receiving the property */
3538 (void) nvlist_remove_nvpair(props
, pair
);
3545 static boolean_t zfs_ioc_recv_inject_err
;
3550 * zc_name name of containing filesystem
3551 * zc_nvlist_src{_size} nvlist of properties to apply
3552 * zc_value name of snapshot to create
3553 * zc_string name of clone origin (if DRR_FLAG_CLONE)
3554 * zc_cookie file descriptor to recv from
3555 * zc_begin_record the BEGIN record of the stream (not byteswapped)
3556 * zc_guid force flag
3557 * zc_cleanup_fd cleanup-on-exit file descriptor
3558 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
3561 * zc_cookie number of bytes read
3562 * zc_nvlist_dst{_size} error for each unapplied received property
3563 * zc_obj zprop_errflags_t
3564 * zc_action_handle handle for this guid/ds mapping
3567 zfs_ioc_recv(zfs_cmd_t
*zc
)
3571 dmu_recv_cookie_t drc
;
3572 boolean_t force
= (boolean_t
)zc
->zc_guid
;
3575 int props_error
= 0;
3578 nvlist_t
*props
= NULL
; /* sent properties */
3579 nvlist_t
*origprops
= NULL
; /* existing properties */
3580 objset_t
*origin
= NULL
;
3582 char tofs
[ZFS_MAXNAMELEN
];
3583 boolean_t first_recvd_props
= B_FALSE
;
3585 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
3586 strchr(zc
->zc_value
, '@') == NULL
||
3587 strchr(zc
->zc_value
, '%'))
3590 (void) strcpy(tofs
, zc
->zc_value
);
3591 tosnap
= strchr(tofs
, '@');
3594 if (zc
->zc_nvlist_src
!= 0 &&
3595 (error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
3596 zc
->zc_iflags
, &props
)) != 0)
3606 VERIFY(nvlist_alloc(&errors
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
3608 if (props
&& dmu_objset_hold(tofs
, FTAG
, &os
) == 0) {
3609 if ((spa_version(os
->os_spa
) >= SPA_VERSION_RECVD_PROPS
) &&
3610 !dsl_prop_get_hasrecvd(os
)) {
3611 first_recvd_props
= B_TRUE
;
3615 * If new received properties are supplied, they are to
3616 * completely replace the existing received properties, so stash
3617 * away the existing ones.
3619 if (dsl_prop_get_received(os
, &origprops
) == 0) {
3620 nvlist_t
*errlist
= NULL
;
3622 * Don't bother writing a property if its value won't
3623 * change (and avoid the unnecessary security checks).
3625 * The first receive after SPA_VERSION_RECVD_PROPS is a
3626 * special case where we blow away all local properties
3629 if (!first_recvd_props
)
3630 props_reduce(props
, origprops
);
3631 if (zfs_check_clearable(tofs
, origprops
,
3633 (void) nvlist_merge(errors
, errlist
, 0);
3634 nvlist_free(errlist
);
3637 dmu_objset_rele(os
, FTAG
);
3640 if (zc
->zc_string
[0]) {
3641 error
= dmu_objset_hold(zc
->zc_string
, FTAG
, &origin
);
3646 error
= dmu_recv_begin(tofs
, tosnap
, zc
->zc_top_ds
,
3647 &zc
->zc_begin_record
, force
, origin
, &drc
);
3649 dmu_objset_rele(origin
, FTAG
);
3654 * Set properties before we receive the stream so that they are applied
3655 * to the new data. Note that we must call dmu_recv_stream() if
3656 * dmu_recv_begin() succeeds.
3661 if (dmu_objset_from_ds(drc
.drc_logical_ds
, &os
) == 0) {
3662 if (drc
.drc_newfs
) {
3663 if (spa_version(os
->os_spa
) >=
3664 SPA_VERSION_RECVD_PROPS
)
3665 first_recvd_props
= B_TRUE
;
3666 } else if (origprops
!= NULL
) {
3667 if (clear_received_props(os
, tofs
, origprops
,
3668 first_recvd_props
? NULL
: props
) != 0)
3669 zc
->zc_obj
|= ZPROP_ERR_NOCLEAR
;
3671 zc
->zc_obj
|= ZPROP_ERR_NOCLEAR
;
3673 dsl_prop_set_hasrecvd(os
);
3674 } else if (!drc
.drc_newfs
) {
3675 zc
->zc_obj
|= ZPROP_ERR_NOCLEAR
;
3678 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
3680 (void) nvlist_merge(errors
, errlist
, 0);
3681 nvlist_free(errlist
);
3684 if (fit_error_list(zc
, &errors
) != 0 || put_nvlist(zc
, errors
) != 0) {
3686 * Caller made zc->zc_nvlist_dst less than the minimum expected
3687 * size or supplied an invalid address.
3689 props_error
= EINVAL
;
3693 error
= dmu_recv_stream(&drc
, fp
->f_vnode
, &off
, zc
->zc_cleanup_fd
,
3694 &zc
->zc_action_handle
);
3697 zfs_sb_t
*zsb
= NULL
;
3699 if (get_zfs_sb(tofs
, &zsb
) == 0) {
3703 error
= zfs_suspend_fs(zsb
);
3705 * If the suspend fails, then the recv_end will
3706 * likely also fail, and clean up after itself.
3708 end_err
= dmu_recv_end(&drc
);
3710 error
= zfs_resume_fs(zsb
, tofs
);
3711 error
= error
? error
: end_err
;
3712 deactivate_super(zsb
->z_sb
);
3714 error
= dmu_recv_end(&drc
);
3718 zc
->zc_cookie
= off
- fp
->f_offset
;
3719 if (VOP_SEEK(fp
->f_vnode
, fp
->f_offset
, &off
, NULL
) == 0)
3723 if (zfs_ioc_recv_inject_err
) {
3724 zfs_ioc_recv_inject_err
= B_FALSE
;
3729 * On error, restore the original props.
3731 if (error
&& props
) {
3732 if (dmu_objset_hold(tofs
, FTAG
, &os
) == 0) {
3733 if (clear_received_props(os
, tofs
, props
, NULL
) != 0) {
3735 * We failed to clear the received properties.
3736 * Since we may have left a $recvd value on the
3737 * system, we can't clear the $hasrecvd flag.
3739 zc
->zc_obj
|= ZPROP_ERR_NORESTORE
;
3740 } else if (first_recvd_props
) {
3741 dsl_prop_unset_hasrecvd(os
);
3743 dmu_objset_rele(os
, FTAG
);
3744 } else if (!drc
.drc_newfs
) {
3745 /* We failed to clear the received properties. */
3746 zc
->zc_obj
|= ZPROP_ERR_NORESTORE
;
3749 if (origprops
== NULL
&& !drc
.drc_newfs
) {
3750 /* We failed to stash the original properties. */
3751 zc
->zc_obj
|= ZPROP_ERR_NORESTORE
;
3755 * dsl_props_set() will not convert RECEIVED to LOCAL on or
3756 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
3757 * explictly if we're restoring local properties cleared in the
3758 * first new-style receive.
3760 if (origprops
!= NULL
&&
3761 zfs_set_prop_nvlist(tofs
, (first_recvd_props
?
3762 ZPROP_SRC_LOCAL
: ZPROP_SRC_RECEIVED
),
3763 origprops
, NULL
) != 0) {
3765 * We stashed the original properties but failed to
3768 zc
->zc_obj
|= ZPROP_ERR_NORESTORE
;
3773 nvlist_free(origprops
);
3774 nvlist_free(errors
);
3778 error
= props_error
;
3785 * zc_name name of snapshot to send
3786 * zc_cookie file descriptor to send stream to
3787 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
3788 * zc_sendobj objsetid of snapshot to send
3789 * zc_fromobj objsetid of incremental fromsnap (may be zero)
3794 zfs_ioc_send(zfs_cmd_t
*zc
)
3796 objset_t
*fromsnap
= NULL
;
3802 dsl_dataset_t
*dsfrom
= NULL
;
3806 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
3810 dp
= spa_get_dsl(spa
);
3811 rw_enter(&dp
->dp_config_rwlock
, RW_READER
);
3812 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &ds
);
3813 rw_exit(&dp
->dp_config_rwlock
);
3815 spa_close(spa
, FTAG
);
3819 error
= dmu_objset_from_ds(ds
, &tosnap
);
3821 dsl_dataset_rele(ds
, FTAG
);
3822 spa_close(spa
, FTAG
);
3826 if (zc
->zc_fromobj
!= 0) {
3827 rw_enter(&dp
->dp_config_rwlock
, RW_READER
);
3828 error
= dsl_dataset_hold_obj(dp
, zc
->zc_fromobj
, FTAG
, &dsfrom
);
3829 rw_exit(&dp
->dp_config_rwlock
);
3830 spa_close(spa
, FTAG
);
3832 dsl_dataset_rele(ds
, FTAG
);
3835 error
= dmu_objset_from_ds(dsfrom
, &fromsnap
);
3837 dsl_dataset_rele(dsfrom
, FTAG
);
3838 dsl_dataset_rele(ds
, FTAG
);
3842 spa_close(spa
, FTAG
);
3845 fp
= getf(zc
->zc_cookie
);
3847 dsl_dataset_rele(ds
, FTAG
);
3849 dsl_dataset_rele(dsfrom
, FTAG
);
3854 error
= dmu_sendbackup(tosnap
, fromsnap
, zc
->zc_obj
, fp
->f_vnode
, &off
);
3856 if (VOP_SEEK(fp
->f_vnode
, fp
->f_offset
, &off
, NULL
) == 0)
3858 releasef(zc
->zc_cookie
);
3860 dsl_dataset_rele(dsfrom
, FTAG
);
3861 dsl_dataset_rele(ds
, FTAG
);
3866 zfs_ioc_inject_fault(zfs_cmd_t
*zc
)
3870 error
= zio_inject_fault(zc
->zc_name
, (int)zc
->zc_guid
, &id
,
3871 &zc
->zc_inject_record
);
3874 zc
->zc_guid
= (uint64_t)id
;
3880 zfs_ioc_clear_fault(zfs_cmd_t
*zc
)
3882 return (zio_clear_fault((int)zc
->zc_guid
));
3886 zfs_ioc_inject_list_next(zfs_cmd_t
*zc
)
3888 int id
= (int)zc
->zc_guid
;
3891 error
= zio_inject_list_next(&id
, zc
->zc_name
, sizeof (zc
->zc_name
),
3892 &zc
->zc_inject_record
);
3900 zfs_ioc_error_log(zfs_cmd_t
*zc
)
3904 size_t count
= (size_t)zc
->zc_nvlist_dst_size
;
3906 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
3909 error
= spa_get_errlog(spa
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
3912 zc
->zc_nvlist_dst_size
= count
;
3914 zc
->zc_nvlist_dst_size
= spa_get_errlog_size(spa
);
3916 spa_close(spa
, FTAG
);
3922 zfs_ioc_clear(zfs_cmd_t
*zc
)
3929 * On zpool clear we also fix up missing slogs
3931 mutex_enter(&spa_namespace_lock
);
3932 spa
= spa_lookup(zc
->zc_name
);
3934 mutex_exit(&spa_namespace_lock
);
3937 if (spa_get_log_state(spa
) == SPA_LOG_MISSING
) {
3938 /* we need to let spa_open/spa_load clear the chains */
3939 spa_set_log_state(spa
, SPA_LOG_CLEAR
);
3941 spa
->spa_last_open_failed
= 0;
3942 mutex_exit(&spa_namespace_lock
);
3944 if (zc
->zc_cookie
& ZPOOL_NO_REWIND
) {
3945 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
3948 nvlist_t
*config
= NULL
;
3950 if (zc
->zc_nvlist_src
== 0)
3953 if ((error
= get_nvlist(zc
->zc_nvlist_src
,
3954 zc
->zc_nvlist_src_size
, zc
->zc_iflags
, &policy
)) == 0) {
3955 error
= spa_open_rewind(zc
->zc_name
, &spa
, FTAG
,
3957 if (config
!= NULL
) {
3960 if ((err
= put_nvlist(zc
, config
)) != 0)
3962 nvlist_free(config
);
3964 nvlist_free(policy
);
3971 spa_vdev_state_enter(spa
, SCL_NONE
);
3973 if (zc
->zc_guid
== 0) {
3976 vd
= spa_lookup_by_guid(spa
, zc
->zc_guid
, B_TRUE
);
3978 (void) spa_vdev_state_exit(spa
, NULL
, ENODEV
);
3979 spa_close(spa
, FTAG
);
3984 vdev_clear(spa
, vd
);
3986 (void) spa_vdev_state_exit(spa
, NULL
, 0);
3989 * Resume any suspended I/Os.
3991 if (zio_resume(spa
) != 0)
3994 spa_close(spa
, FTAG
);
4001 * zc_name name of filesystem
4002 * zc_value name of origin snapshot
4005 * zc_string name of conflicting snapshot, if there is one
4008 zfs_ioc_promote(zfs_cmd_t
*zc
)
4013 * We don't need to unmount *all* the origin fs's snapshots, but
4016 cp
= strchr(zc
->zc_value
, '@');
4019 (void) dmu_objset_find(zc
->zc_value
,
4020 zfs_unmount_snap
, NULL
, DS_FIND_SNAPSHOTS
);
4021 return (dsl_dataset_promote(zc
->zc_name
, zc
->zc_string
));
4025 * Retrieve a single {user|group}{used|quota}@... property.
4028 * zc_name name of filesystem
4029 * zc_objset_type zfs_userquota_prop_t
4030 * zc_value domain name (eg. "S-1-234-567-89")
4031 * zc_guid RID/UID/GID
4034 * zc_cookie property value
4037 zfs_ioc_userspace_one(zfs_cmd_t
*zc
)
4042 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
4045 error
= zfs_sb_hold(zc
->zc_name
, FTAG
, &zsb
, B_FALSE
);
4049 error
= zfs_userspace_one(zsb
,
4050 zc
->zc_objset_type
, zc
->zc_value
, zc
->zc_guid
, &zc
->zc_cookie
);
4051 zfs_sb_rele(zsb
, FTAG
);
4058 * zc_name name of filesystem
4059 * zc_cookie zap cursor
4060 * zc_objset_type zfs_userquota_prop_t
4061 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4064 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4065 * zc_cookie zap cursor
4068 zfs_ioc_userspace_many(zfs_cmd_t
*zc
)
4071 int bufsize
= zc
->zc_nvlist_dst_size
;
4078 error
= zfs_sb_hold(zc
->zc_name
, FTAG
, &zsb
, B_FALSE
);
4082 buf
= vmem_alloc(bufsize
, KM_SLEEP
);
4084 error
= zfs_userspace_many(zsb
, zc
->zc_objset_type
, &zc
->zc_cookie
,
4085 buf
, &zc
->zc_nvlist_dst_size
);
4088 error
= xcopyout(buf
,
4089 (void *)(uintptr_t)zc
->zc_nvlist_dst
,
4090 zc
->zc_nvlist_dst_size
);
4092 vmem_free(buf
, bufsize
);
4093 zfs_sb_rele(zsb
, FTAG
);
4100 * zc_name name of filesystem
4106 zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
)
4112 if (get_zfs_sb(zc
->zc_name
, &zsb
) == 0) {
4113 if (!dmu_objset_userused_enabled(zsb
->z_os
)) {
4115 * If userused is not enabled, it may be because the
4116 * objset needs to be closed & reopened (to grow the
4117 * objset_phys_t). Suspend/resume the fs will do that.
4119 error
= zfs_suspend_fs(zsb
);
4121 error
= zfs_resume_fs(zsb
, zc
->zc_name
);
4124 error
= dmu_objset_userspace_upgrade(zsb
->z_os
);
4125 deactivate_super(zsb
->z_sb
);
4127 /* XXX kind of reading contents without owning */
4128 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4132 error
= dmu_objset_userspace_upgrade(os
);
4133 dmu_objset_rele(os
, FTAG
);
4140 zfs_ioc_share(zfs_cmd_t
*zc
)
4145 ace_t full_access
[] = {
4146 {(uid_t
)-1, ACE_ALL_PERMS
, ACE_EVERYONE
, 0}
4151 * zc_name name of containing filesystem
4152 * zc_obj object # beyond which we want next in-use object #
4155 * zc_obj next in-use object #
4158 zfs_ioc_next_obj(zfs_cmd_t
*zc
)
4160 objset_t
*os
= NULL
;
4163 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4167 error
= dmu_object_next(os
, &zc
->zc_obj
, B_FALSE
,
4168 os
->os_dsl_dataset
->ds_phys
->ds_prev_snap_txg
);
4170 dmu_objset_rele(os
, FTAG
);
4176 * zc_name name of filesystem
4177 * zc_value prefix name for snapshot
4178 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4183 zfs_ioc_tmp_snapshot(zfs_cmd_t
*zc
)
4188 snap_name
= kmem_asprintf("%s-%016llx", zc
->zc_value
,
4189 (u_longlong_t
)ddi_get_lbolt64());
4191 if (strlen(snap_name
) >= MAXNAMELEN
) {
4196 error
= dmu_objset_snapshot(zc
->zc_name
, snap_name
, snap_name
,
4197 NULL
, B_FALSE
, B_TRUE
, zc
->zc_cleanup_fd
);
4203 (void) strcpy(zc
->zc_value
, snap_name
);
4210 * zc_name name of "to" snapshot
4211 * zc_value name of "from" snapshot
4212 * zc_cookie file descriptor to write diff data on
4215 * dmu_diff_record_t's to the file descriptor
4218 zfs_ioc_diff(zfs_cmd_t
*zc
)
4226 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &tosnap
);
4230 error
= dmu_objset_hold(zc
->zc_value
, FTAG
, &fromsnap
);
4232 dmu_objset_rele(tosnap
, FTAG
);
4236 fp
= getf(zc
->zc_cookie
);
4238 dmu_objset_rele(fromsnap
, FTAG
);
4239 dmu_objset_rele(tosnap
, FTAG
);
4245 error
= dmu_diff(tosnap
, fromsnap
, fp
->f_vnode
, &off
);
4247 if (VOP_SEEK(fp
->f_vnode
, fp
->f_offset
, &off
, NULL
) == 0)
4249 releasef(zc
->zc_cookie
);
4251 dmu_objset_rele(fromsnap
, FTAG
);
4252 dmu_objset_rele(tosnap
, FTAG
);
4257 * Remove all ACL files in shares dir
4259 #ifdef HAVE_SMB_SHARE
4261 zfs_smb_acl_purge(znode_t
*dzp
)
4264 zap_attribute_t zap
;
4265 zfs_sb_t
*zsb
= ZTOZSB(dzp
);
4268 for (zap_cursor_init(&zc
, zsb
->z_os
, dzp
->z_id
);
4269 (error
= zap_cursor_retrieve(&zc
, &zap
)) == 0;
4270 zap_cursor_advance(&zc
)) {
4271 if ((error
= VOP_REMOVE(ZTOV(dzp
), zap
.za_name
, kcred
,
4275 zap_cursor_fini(&zc
);
4278 #endif /* HAVE_SMB_SHARE */
4281 zfs_ioc_smb_acl(zfs_cmd_t
*zc
)
4283 #ifdef HAVE_SMB_SHARE
4286 vnode_t
*resourcevp
= NULL
;
4295 if ((error
= lookupname(zc
->zc_value
, UIO_SYSSPACE
,
4296 NO_FOLLOW
, NULL
, &vp
)) != 0)
4299 /* Now make sure mntpnt and dataset are ZFS */
4301 if (vp
->v_vfsp
->vfs_fstype
!= zfsfstype
||
4302 (strcmp((char *)refstr_value(vp
->v_vfsp
->vfs_resource
),
4303 zc
->zc_name
) != 0)) {
4313 * Create share dir if its missing.
4315 mutex_enter(&zsb
->z_lock
);
4316 if (zsb
->z_shares_dir
== 0) {
4319 tx
= dmu_tx_create(zsb
->z_os
);
4320 dmu_tx_hold_zap(tx
, MASTER_NODE_OBJ
, TRUE
,
4322 dmu_tx_hold_zap(tx
, DMU_NEW_OBJECT
, FALSE
, NULL
);
4323 error
= dmu_tx_assign(tx
, TXG_WAIT
);
4327 error
= zfs_create_share_dir(zsb
, tx
);
4331 mutex_exit(&zsb
->z_lock
);
4337 mutex_exit(&zsb
->z_lock
);
4339 ASSERT(zsb
->z_shares_dir
);
4340 if ((error
= zfs_zget(zsb
, zsb
->z_shares_dir
, &sharedir
)) != 0) {
4346 switch (zc
->zc_cookie
) {
4347 case ZFS_SMB_ACL_ADD
:
4348 vattr
.va_mask
= AT_MODE
|AT_UID
|AT_GID
|AT_TYPE
;
4349 vattr
.va_mode
= S_IFREG
|0777;
4353 vsec
.vsa_mask
= VSA_ACE
;
4354 vsec
.vsa_aclentp
= &full_access
;
4355 vsec
.vsa_aclentsz
= sizeof (full_access
);
4356 vsec
.vsa_aclcnt
= 1;
4358 error
= VOP_CREATE(ZTOV(sharedir
), zc
->zc_string
,
4359 &vattr
, EXCL
, 0, &resourcevp
, kcred
, 0, NULL
, &vsec
);
4361 VN_RELE(resourcevp
);
4364 case ZFS_SMB_ACL_REMOVE
:
4365 error
= VOP_REMOVE(ZTOV(sharedir
), zc
->zc_string
, kcred
,
4369 case ZFS_SMB_ACL_RENAME
:
4370 if ((error
= get_nvlist(zc
->zc_nvlist_src
,
4371 zc
->zc_nvlist_src_size
, zc
->zc_iflags
, &nvlist
)) != 0) {
4376 if (nvlist_lookup_string(nvlist
, ZFS_SMB_ACL_SRC
, &src
) ||
4377 nvlist_lookup_string(nvlist
, ZFS_SMB_ACL_TARGET
,
4380 VN_RELE(ZTOV(sharedir
));
4382 nvlist_free(nvlist
);
4385 error
= VOP_RENAME(ZTOV(sharedir
), src
, ZTOV(sharedir
), target
,
4387 nvlist_free(nvlist
);
4390 case ZFS_SMB_ACL_PURGE
:
4391 error
= zfs_smb_acl_purge(sharedir
);
4400 VN_RELE(ZTOV(sharedir
));
4407 #endif /* HAVE_SMB_SHARE */
4412 * zc_name name of filesystem
4413 * zc_value short name of snap
4414 * zc_string user-supplied tag for this hold
4415 * zc_cookie recursive flag
4416 * zc_temphold set if hold is temporary
4417 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4418 * zc_sendobj if non-zero, the objid for zc_name@zc_value
4419 * zc_createtxg if zc_sendobj is non-zero, snap must have zc_createtxg
4424 zfs_ioc_hold(zfs_cmd_t
*zc
)
4426 boolean_t recursive
= zc
->zc_cookie
;
4433 if (snapshot_namecheck(zc
->zc_value
, NULL
, NULL
) != 0)
4436 if (zc
->zc_sendobj
== 0) {
4437 return (dsl_dataset_user_hold(zc
->zc_name
, zc
->zc_value
,
4438 zc
->zc_string
, recursive
, zc
->zc_temphold
,
4439 zc
->zc_cleanup_fd
));
4445 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
4449 dp
= spa_get_dsl(spa
);
4450 rw_enter(&dp
->dp_config_rwlock
, RW_READER
);
4451 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &ds
);
4452 rw_exit(&dp
->dp_config_rwlock
);
4453 spa_close(spa
, FTAG
);
4458 * Until we have a hold on this snapshot, it's possible that
4459 * zc_sendobj could've been destroyed and reused as part
4460 * of a later txg. Make sure we're looking at the right object.
4462 if (zc
->zc_createtxg
!= ds
->ds_phys
->ds_creation_txg
) {
4463 dsl_dataset_rele(ds
, FTAG
);
4467 if (zc
->zc_cleanup_fd
!= -1 && zc
->zc_temphold
) {
4468 error
= zfs_onexit_fd_hold(zc
->zc_cleanup_fd
, &minor
);
4470 dsl_dataset_rele(ds
, FTAG
);
4475 error
= dsl_dataset_user_hold_for_send(ds
, zc
->zc_string
,
4479 dsl_register_onexit_hold_cleanup(ds
, zc
->zc_string
,
4482 zfs_onexit_fd_rele(zc
->zc_cleanup_fd
);
4484 dsl_dataset_rele(ds
, FTAG
);
4491 * zc_name name of dataset from which we're releasing a user hold
4492 * zc_value short name of snap
4493 * zc_string user-supplied tag for this hold
4494 * zc_cookie recursive flag
4499 zfs_ioc_release(zfs_cmd_t
*zc
)
4501 boolean_t recursive
= zc
->zc_cookie
;
4503 if (snapshot_namecheck(zc
->zc_value
, NULL
, NULL
) != 0)
4506 return (dsl_dataset_user_release(zc
->zc_name
, zc
->zc_value
,
4507 zc
->zc_string
, recursive
));
4512 * zc_name name of filesystem
4515 * zc_nvlist_src{_size} nvlist of snapshot holds
4518 zfs_ioc_get_holds(zfs_cmd_t
*zc
)
4523 if ((error
= dsl_dataset_get_holds(zc
->zc_name
, &nvp
)) == 0) {
4524 error
= put_nvlist(zc
, nvp
);
4533 * zc_guid flags (ZEVENT_NONBLOCK)
4536 * zc_nvlist_dst next nvlist event
4537 * zc_cookie dropped events since last get
4538 * zc_cleanup_fd cleanup-on-exit file descriptor
4541 zfs_ioc_events_next(zfs_cmd_t
*zc
)
4544 nvlist_t
*event
= NULL
;
4546 uint64_t dropped
= 0;
4549 error
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
4554 error
= zfs_zevent_next(ze
, &event
,
4555 &zc
->zc_nvlist_dst_size
, &dropped
);
4556 if (event
!= NULL
) {
4557 zc
->zc_cookie
= dropped
;
4558 error
= put_nvlist(zc
, event
);
4562 if (zc
->zc_guid
& ZEVENT_NONBLOCK
)
4565 if ((error
== 0) || (error
!= ENOENT
))
4568 error
= zfs_zevent_wait(ze
);
4573 zfs_zevent_fd_rele(zc
->zc_cleanup_fd
);
4580 * zc_cookie cleared events count
4583 zfs_ioc_events_clear(zfs_cmd_t
*zc
)
4587 zfs_zevent_drain_all(&count
);
4588 zc
->zc_cookie
= count
;
4594 * pool create, destroy, and export don't log the history as part of
4595 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export
4596 * do the logging of those commands.
4598 static zfs_ioc_vec_t zfs_ioc_vec
[] = {
4599 { zfs_ioc_pool_create
, zfs_secpolicy_config
, POOL_NAME
, B_FALSE
,
4601 { zfs_ioc_pool_destroy
, zfs_secpolicy_config
, POOL_NAME
, B_FALSE
,
4603 { zfs_ioc_pool_import
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4605 { zfs_ioc_pool_export
, zfs_secpolicy_config
, POOL_NAME
, B_FALSE
,
4607 { zfs_ioc_pool_configs
, zfs_secpolicy_none
, NO_NAME
, B_FALSE
,
4609 { zfs_ioc_pool_stats
, zfs_secpolicy_read
, POOL_NAME
, B_FALSE
,
4611 { zfs_ioc_pool_tryimport
, zfs_secpolicy_config
, NO_NAME
, B_FALSE
,
4613 { zfs_ioc_pool_scan
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4614 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4615 { zfs_ioc_pool_freeze
, zfs_secpolicy_config
, NO_NAME
, B_FALSE
,
4616 POOL_CHECK_READONLY
},
4617 { zfs_ioc_pool_upgrade
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4618 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4619 { zfs_ioc_pool_get_history
, zfs_secpolicy_config
, POOL_NAME
, B_FALSE
,
4621 { zfs_ioc_vdev_add
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4622 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4623 { zfs_ioc_vdev_remove
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4624 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4625 { zfs_ioc_vdev_set_state
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4626 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4627 { zfs_ioc_vdev_attach
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4628 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4629 { zfs_ioc_vdev_detach
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4630 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4631 { zfs_ioc_vdev_setpath
, zfs_secpolicy_config
, POOL_NAME
, B_FALSE
,
4632 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4633 { zfs_ioc_vdev_setfru
, zfs_secpolicy_config
, POOL_NAME
, B_FALSE
,
4634 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4635 { zfs_ioc_objset_stats
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4636 POOL_CHECK_SUSPENDED
},
4637 { zfs_ioc_objset_zplprops
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4639 { zfs_ioc_dataset_list_next
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4640 POOL_CHECK_SUSPENDED
},
4641 { zfs_ioc_snapshot_list_next
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4642 POOL_CHECK_SUSPENDED
},
4643 { zfs_ioc_set_prop
, zfs_secpolicy_none
, DATASET_NAME
, B_TRUE
,
4644 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4645 { zfs_ioc_create_minor
, zfs_secpolicy_config
, DATASET_NAME
, B_FALSE
,
4647 { zfs_ioc_remove_minor
, zfs_secpolicy_config
, DATASET_NAME
, B_FALSE
,
4649 { zfs_ioc_create
, zfs_secpolicy_create
, DATASET_NAME
, B_TRUE
,
4650 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4651 { zfs_ioc_destroy
, zfs_secpolicy_destroy
, DATASET_NAME
, B_TRUE
,
4652 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4653 { zfs_ioc_rollback
, zfs_secpolicy_rollback
, DATASET_NAME
, B_TRUE
,
4654 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4655 { zfs_ioc_rename
, zfs_secpolicy_rename
, DATASET_NAME
, B_TRUE
,
4656 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4657 { zfs_ioc_recv
, zfs_secpolicy_receive
, DATASET_NAME
, B_TRUE
,
4658 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4659 { zfs_ioc_send
, zfs_secpolicy_send
, DATASET_NAME
, B_TRUE
,
4661 { zfs_ioc_inject_fault
, zfs_secpolicy_inject
, NO_NAME
, B_FALSE
,
4663 { zfs_ioc_clear_fault
, zfs_secpolicy_inject
, NO_NAME
, B_FALSE
,
4665 { zfs_ioc_inject_list_next
, zfs_secpolicy_inject
, NO_NAME
, B_FALSE
,
4667 { zfs_ioc_error_log
, zfs_secpolicy_inject
, POOL_NAME
, B_FALSE
,
4669 { zfs_ioc_clear
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4671 { zfs_ioc_promote
, zfs_secpolicy_promote
, DATASET_NAME
, B_TRUE
,
4672 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4673 { zfs_ioc_destroy_snaps
, zfs_secpolicy_destroy_snaps
, DATASET_NAME
,
4674 B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4675 { zfs_ioc_snapshot
, zfs_secpolicy_snapshot
, DATASET_NAME
, B_TRUE
,
4676 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4677 { zfs_ioc_dsobj_to_dsname
, zfs_secpolicy_diff
, POOL_NAME
, B_FALSE
,
4679 { zfs_ioc_obj_to_path
, zfs_secpolicy_diff
, DATASET_NAME
, B_FALSE
,
4680 POOL_CHECK_SUSPENDED
},
4681 { zfs_ioc_pool_set_props
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4682 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4683 { zfs_ioc_pool_get_props
, zfs_secpolicy_read
, POOL_NAME
, B_FALSE
,
4685 { zfs_ioc_set_fsacl
, zfs_secpolicy_fsacl
, DATASET_NAME
, B_TRUE
,
4686 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4687 { zfs_ioc_get_fsacl
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4689 { zfs_ioc_share
, zfs_secpolicy_share
, DATASET_NAME
, B_FALSE
,
4691 { zfs_ioc_inherit_prop
, zfs_secpolicy_inherit
, DATASET_NAME
, B_TRUE
,
4692 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4693 { zfs_ioc_smb_acl
, zfs_secpolicy_smb_acl
, DATASET_NAME
, B_FALSE
,
4695 { zfs_ioc_userspace_one
, zfs_secpolicy_userspace_one
, DATASET_NAME
,
4696 B_FALSE
, POOL_CHECK_NONE
},
4697 { zfs_ioc_userspace_many
, zfs_secpolicy_userspace_many
, DATASET_NAME
,
4698 B_FALSE
, POOL_CHECK_NONE
},
4699 { zfs_ioc_userspace_upgrade
, zfs_secpolicy_userspace_upgrade
,
4700 DATASET_NAME
, B_FALSE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4701 { zfs_ioc_hold
, zfs_secpolicy_hold
, DATASET_NAME
, B_TRUE
,
4702 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4703 { zfs_ioc_release
, zfs_secpolicy_release
, DATASET_NAME
, B_TRUE
,
4704 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4705 { zfs_ioc_get_holds
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4706 POOL_CHECK_SUSPENDED
},
4707 { zfs_ioc_objset_recvd_props
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4709 { zfs_ioc_vdev_split
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4710 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4711 { zfs_ioc_next_obj
, zfs_secpolicy_read
, DATASET_NAME
, B_FALSE
,
4713 { zfs_ioc_diff
, zfs_secpolicy_diff
, DATASET_NAME
, B_FALSE
,
4715 { zfs_ioc_tmp_snapshot
, zfs_secpolicy_tmp_snapshot
, DATASET_NAME
,
4716 B_FALSE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4717 { zfs_ioc_obj_to_stats
, zfs_secpolicy_diff
, DATASET_NAME
, B_FALSE
,
4718 POOL_CHECK_SUSPENDED
},
4719 { zfs_ioc_pool_reguid
, zfs_secpolicy_config
, POOL_NAME
, B_TRUE
,
4720 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
},
4721 { zfs_ioc_events_next
, zfs_secpolicy_config
, NO_NAME
, B_FALSE
,
4723 { zfs_ioc_events_clear
, zfs_secpolicy_config
, NO_NAME
, B_FALSE
,
4728 pool_status_check(const char *name
, zfs_ioc_namecheck_t type
,
4729 zfs_ioc_poolcheck_t check
)
4734 ASSERT(type
== POOL_NAME
|| type
== DATASET_NAME
);
4736 if (check
& POOL_CHECK_NONE
)
4739 error
= spa_open(name
, &spa
, FTAG
);
4741 if ((check
& POOL_CHECK_SUSPENDED
) && spa_suspended(spa
))
4743 else if ((check
& POOL_CHECK_READONLY
) && !spa_writeable(spa
))
4745 spa_close(spa
, FTAG
);
4751 zfsdev_get_state_impl(minor_t minor
, enum zfsdev_state_type which
)
4755 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
4757 for (zs
= list_head(&zfsdev_state_list
); zs
!= NULL
;
4758 zs
= list_next(&zfsdev_state_list
, zs
)) {
4759 if (zs
->zs_minor
== minor
) {
4761 case ZST_ONEXIT
: return (zs
->zs_onexit
);
4762 case ZST_ZEVENT
: return (zs
->zs_zevent
);
4763 case ZST_ALL
: return (zs
);
4772 zfsdev_get_state(minor_t minor
, enum zfsdev_state_type which
)
4776 mutex_enter(&zfsdev_state_lock
);
4777 ptr
= zfsdev_get_state_impl(minor
, which
);
4778 mutex_exit(&zfsdev_state_lock
);
4784 zfsdev_getminor(struct file
*filp
)
4786 ASSERT(filp
!= NULL
);
4787 ASSERT(filp
->private_data
!= NULL
);
4789 return (((zfsdev_state_t
*)filp
->private_data
)->zs_minor
);
4793 * Find a free minor number. The zfsdev_state_list is expected to
4794 * be short since it is only a list of currently open file handles.
4797 zfsdev_minor_alloc(void)
4799 static minor_t last_minor
= 0;
4802 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
4804 for (m
= last_minor
+ 1; m
!= last_minor
; m
++) {
4805 if (m
> ZFSDEV_MAX_MINOR
)
4807 if (zfsdev_get_state_impl(m
, ZST_ALL
) == NULL
) {
4817 zfsdev_state_init(struct file
*filp
)
4822 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
4824 minor
= zfsdev_minor_alloc();
4828 zs
= kmem_zalloc( sizeof(zfsdev_state_t
), KM_SLEEP
);
4833 zs
->zs_minor
= minor
;
4834 filp
->private_data
= zs
;
4836 zfs_onexit_init((zfs_onexit_t
**)&zs
->zs_onexit
);
4837 zfs_zevent_init((zfs_zevent_t
**)&zs
->zs_zevent
);
4839 list_insert_tail(&zfsdev_state_list
, zs
);
4845 zfsdev_state_destroy(struct file
*filp
)
4849 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
4850 ASSERT(filp
->private_data
!= NULL
);
4852 zs
= filp
->private_data
;
4853 zfs_onexit_destroy(zs
->zs_onexit
);
4854 zfs_zevent_destroy(zs
->zs_zevent
);
4856 list_remove(&zfsdev_state_list
, zs
);
4857 kmem_free(zs
, sizeof(zfsdev_state_t
));
4863 zfsdev_open(struct inode
*ino
, struct file
*filp
)
4867 mutex_enter(&zfsdev_state_lock
);
4868 error
= zfsdev_state_init(filp
);
4869 mutex_exit(&zfsdev_state_lock
);
4875 zfsdev_release(struct inode
*ino
, struct file
*filp
)
4879 mutex_enter(&zfsdev_state_lock
);
4880 error
= zfsdev_state_destroy(filp
);
4881 mutex_exit(&zfsdev_state_lock
);
4887 zfsdev_ioctl(struct file
*filp
, unsigned cmd
, unsigned long arg
)
4891 int error
, rc
, flag
= 0;
4893 vec
= cmd
- ZFS_IOC
;
4894 if (vec
>= sizeof (zfs_ioc_vec
) / sizeof (zfs_ioc_vec
[0]))
4897 zc
= kmem_zalloc(sizeof (zfs_cmd_t
), KM_SLEEP
| KM_NODEBUG
);
4899 error
= ddi_copyin((void *)arg
, zc
, sizeof (zfs_cmd_t
), flag
);
4903 if ((error
== 0) && !(flag
& FKIOCTL
))
4904 error
= zfs_ioc_vec
[vec
].zvec_secpolicy(zc
, CRED());
4907 * Ensure that all pool/dataset names are valid before we pass down to
4911 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
4912 zc
->zc_iflags
= flag
& FKIOCTL
;
4913 switch (zfs_ioc_vec
[vec
].zvec_namecheck
) {
4915 if (pool_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
4917 error
= pool_status_check(zc
->zc_name
,
4918 zfs_ioc_vec
[vec
].zvec_namecheck
,
4919 zfs_ioc_vec
[vec
].zvec_pool_check
);
4923 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
4925 error
= pool_status_check(zc
->zc_name
,
4926 zfs_ioc_vec
[vec
].zvec_namecheck
,
4927 zfs_ioc_vec
[vec
].zvec_pool_check
);
4936 error
= zfs_ioc_vec
[vec
].zvec_func(zc
);
4938 rc
= ddi_copyout(zc
, (void *)arg
, sizeof (zfs_cmd_t
), flag
);
4942 if (zfs_ioc_vec
[vec
].zvec_his_log
)
4943 zfs_log_history(zc
);
4946 kmem_free(zc
, sizeof (zfs_cmd_t
));
4950 #ifdef CONFIG_COMPAT
4952 zfsdev_compat_ioctl(struct file
*filp
, unsigned cmd
, unsigned long arg
)
4954 return zfsdev_ioctl(filp
, cmd
, arg
);
4957 #define zfsdev_compat_ioctl NULL
4960 static const struct file_operations zfsdev_fops
= {
4961 .open
= zfsdev_open
,
4962 .release
= zfsdev_release
,
4963 .unlocked_ioctl
= zfsdev_ioctl
,
4964 .compat_ioctl
= zfsdev_compat_ioctl
,
4965 .owner
= THIS_MODULE
,
4968 static struct miscdevice zfs_misc
= {
4969 .minor
= MISC_DYNAMIC_MINOR
,
4971 .fops
= &zfsdev_fops
,
4979 mutex_init(&zfsdev_state_lock
, NULL
, MUTEX_DEFAULT
, NULL
);
4980 list_create(&zfsdev_state_list
, sizeof (zfsdev_state_t
),
4981 offsetof(zfsdev_state_t
, zs_next
));
4983 error
= misc_register(&zfs_misc
);
4985 printk(KERN_INFO
"ZFS: misc_register() failed %d\n", error
);
4997 error
= misc_deregister(&zfs_misc
);
4999 printk(KERN_INFO
"ZFS: misc_deregister() failed %d\n", error
);
5001 mutex_destroy(&zfsdev_state_lock
);
5002 list_destroy(&zfsdev_state_list
);
5005 uint_t zfs_fsyncer_key
;
5006 extern uint_t rrw_tsd_key
;
5009 #define ZFS_DEBUG_STR " (DEBUG mode)"
5011 #define ZFS_DEBUG_STR ""
5019 spa_init(FREAD
| FWRITE
);
5022 if ((error
= zvol_init()) != 0)
5025 if ((error
= zfs_attach()) != 0)
5028 tsd_create(&zfs_fsyncer_key
, NULL
);
5029 tsd_create(&rrw_tsd_key
, NULL
);
5031 printk(KERN_NOTICE
"ZFS: Loaded module v%s-%s%s, "
5032 "ZFS pool version %s, ZFS filesystem version %s\n",
5033 ZFS_META_VERSION
, ZFS_META_RELEASE
, ZFS_DEBUG_STR
,
5034 SPA_VERSION_STRING
, ZPL_VERSION_STRING
);
5043 printk(KERN_NOTICE
"ZFS: Failed to Load ZFS Filesystem v%s-%s%s"
5044 ", rc = %d\n", ZFS_META_VERSION
, ZFS_META_RELEASE
,
5045 ZFS_DEBUG_STR
, error
);
5058 tsd_destroy(&zfs_fsyncer_key
);
5059 tsd_destroy(&rrw_tsd_key
);
5061 printk(KERN_NOTICE
"ZFS: Unloaded module v%s-%s%s\n",
5062 ZFS_META_VERSION
, ZFS_META_RELEASE
, ZFS_DEBUG_STR
);
5068 spl_module_init(_init
);
5069 spl_module_exit(_fini
);
5071 MODULE_DESCRIPTION("ZFS");
5072 MODULE_AUTHOR(ZFS_META_AUTHOR
);
5073 MODULE_LICENSE(ZFS_META_LICENSE
);
5074 #endif /* HAVE_SPL */