4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Portions Copyright 2011 Martin Matuska
25 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
26 * Portions Copyright 2012 Pawel Jakub Dawidek <pawel@dawidek.net>
27 * Copyright (c) 2014, 2016 Joyent, Inc. All rights reserved.
28 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
29 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
30 * Copyright (c) 2011, 2020 by Delphix. All rights reserved.
31 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
32 * Copyright (c) 2013 Steven Hartland. All rights reserved.
33 * Copyright (c) 2014 Integros [integros.com]
34 * Copyright 2016 Toomas Soome <tsoome@me.com>
35 * Copyright (c) 2016 Actifio, Inc. All rights reserved.
36 * Copyright (c) 2018, loli10K <ezomori.nozomu@gmail.com>. All rights reserved.
37 * Copyright 2017 RackTop Systems.
38 * Copyright (c) 2017 Open-E, Inc. All Rights Reserved.
39 * Copyright (c) 2019 Datto Inc.
40 * Copyright (c) 2019, 2020 by Christian Schwarz. All rights reserved.
46 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
47 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
49 * There are two ways that we handle ioctls: the legacy way where almost
50 * all of the logic is in the ioctl callback, and the new way where most
51 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
53 * Non-legacy ioctls should be registered by calling
54 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
55 * from userland by lzc_ioctl().
57 * The registration arguments are as follows:
60 * The name of the ioctl. This is used for history logging. If the
61 * ioctl returns successfully (the callback returns 0), and allow_log
62 * is true, then a history log entry will be recorded with the input &
63 * output nvlists. The log entry can be printed with "zpool history -i".
66 * The ioctl request number, which userland will pass to ioctl(2).
67 * We want newer versions of libzfs and libzfs_core to run against
68 * existing zfs kernel modules (i.e. a deferred reboot after an update).
69 * Therefore the ioctl numbers cannot change from release to release.
71 * zfs_secpolicy_func_t *secpolicy
72 * This function will be called before the zfs_ioc_func_t, to
73 * determine if this operation is permitted. It should return EPERM
74 * on failure, and 0 on success. Checks include determining if the
75 * dataset is visible in this zone, and if the user has either all
76 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
77 * to do this operation on this dataset with "zfs allow".
79 * zfs_ioc_namecheck_t namecheck
80 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
81 * name, a dataset name, or nothing. If the name is not well-formed,
82 * the ioctl will fail and the callback will not be called.
83 * Therefore, the callback can assume that the name is well-formed
84 * (e.g. is null-terminated, doesn't have more than one '@' character,
85 * doesn't have invalid characters).
87 * zfs_ioc_poolcheck_t pool_check
88 * This specifies requirements on the pool state. If the pool does
89 * not meet them (is suspended or is readonly), the ioctl will fail
90 * and the callback will not be called. If any checks are specified
91 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
92 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
93 * POOL_CHECK_READONLY).
95 * zfs_ioc_key_t *nvl_keys
96 * The list of expected/allowable innvl input keys. This list is used
97 * to validate the nvlist input to the ioctl.
99 * boolean_t smush_outnvlist
100 * If smush_outnvlist is true, then the output is presumed to be a
101 * list of errors, and it will be "smushed" down to fit into the
102 * caller's buffer, by removing some entries and replacing them with a
103 * single "N_MORE_ERRORS" entry indicating how many were removed. See
104 * nvlist_smush() for details. If smush_outnvlist is false, and the
105 * outnvlist does not fit into the userland-provided buffer, then the
106 * ioctl will fail with ENOMEM.
108 * zfs_ioc_func_t *func
109 * The callback function that will perform the operation.
111 * The callback should return 0 on success, or an error number on
112 * failure. If the function fails, the userland ioctl will return -1,
113 * and errno will be set to the callback's return value. The callback
114 * will be called with the following arguments:
117 * The name of the pool or dataset to operate on, from
118 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
119 * expected type (pool, dataset, or none).
122 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
123 * NULL if no input nvlist was provided. Changes to this nvlist are
124 * ignored. If the input nvlist could not be deserialized, the
125 * ioctl will fail and the callback will not be called.
128 * The output nvlist, initially empty. The callback can fill it in,
129 * and it will be returned to userland by serializing it into
130 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
131 * fails (e.g. because the caller didn't supply a large enough
132 * buffer), then the overall ioctl will fail. See the
133 * 'smush_nvlist' argument above for additional behaviors.
135 * There are two typical uses of the output nvlist:
136 * - To return state, e.g. property values. In this case,
137 * smush_outnvlist should be false. If the buffer was not large
138 * enough, the caller will reallocate a larger buffer and try
141 * - To return multiple errors from an ioctl which makes on-disk
142 * changes. In this case, smush_outnvlist should be true.
143 * Ioctls which make on-disk modifications should generally not
144 * use the outnvl if they succeed, because the caller can not
145 * distinguish between the operation failing, and
146 * deserialization failing.
148 * IOCTL Interface Errors
150 * The following ioctl input errors can be returned:
151 * ZFS_ERR_IOC_CMD_UNAVAIL the ioctl number is not supported by kernel
152 * ZFS_ERR_IOC_ARG_UNAVAIL an input argument is not supported by kernel
153 * ZFS_ERR_IOC_ARG_REQUIRED a required input argument is missing
154 * ZFS_ERR_IOC_ARG_BADTYPE an input argument has an invalid type
157 #include <sys/types.h>
158 #include <sys/param.h>
159 #include <sys/errno.h>
161 #include <sys/file.h>
162 #include <sys/kmem.h>
163 #include <sys/cmn_err.h>
164 #include <sys/stat.h>
165 #include <sys/zfs_ioctl.h>
166 #include <sys/zfs_quota.h>
167 #include <sys/zfs_vfsops.h>
168 #include <sys/zfs_znode.h>
171 #include <sys/spa_impl.h>
172 #include <sys/vdev.h>
173 #include <sys/vdev_impl.h>
175 #include <sys/dsl_dir.h>
176 #include <sys/dsl_dataset.h>
177 #include <sys/dsl_prop.h>
178 #include <sys/dsl_deleg.h>
179 #include <sys/dmu_objset.h>
180 #include <sys/dmu_impl.h>
181 #include <sys/dmu_redact.h>
182 #include <sys/dmu_tx.h>
183 #include <sys/sunddi.h>
184 #include <sys/policy.h>
185 #include <sys/zone.h>
186 #include <sys/nvpair.h>
187 #include <sys/pathname.h>
188 #include <sys/fs/zfs.h>
189 #include <sys/zfs_ctldir.h>
190 #include <sys/zfs_dir.h>
191 #include <sys/zfs_onexit.h>
192 #include <sys/zvol.h>
193 #include <sys/dsl_scan.h>
194 #include <sys/fm/util.h>
195 #include <sys/dsl_crypt.h>
196 #include <sys/rrwlock.h>
197 #include <sys/zfs_file.h>
199 #include <sys/dmu_recv.h>
200 #include <sys/dmu_send.h>
201 #include <sys/dmu_recv.h>
202 #include <sys/dsl_destroy.h>
203 #include <sys/dsl_bookmark.h>
204 #include <sys/dsl_userhold.h>
205 #include <sys/zfeature.h>
207 #include <sys/zio_checksum.h>
208 #include <sys/vdev_removal.h>
209 #include <sys/vdev_impl.h>
210 #include <sys/vdev_initialize.h>
211 #include <sys/vdev_trim.h>
213 #include "zfs_namecheck.h"
214 #include "zfs_prop.h"
215 #include "zfs_deleg.h"
216 #include "zfs_comutil.h"
218 #include <sys/lua/lua.h>
219 #include <sys/lua/lauxlib.h>
220 #include <sys/zfs_ioctl_impl.h>
222 kmutex_t zfsdev_state_lock
;
223 zfsdev_state_t
*zfsdev_state_list
;
226 * Limit maximum nvlist size. We don't want users passing in insane values
227 * for zc->zc_nvlist_src_size, since we will need to allocate that much memory.
229 #define MAX_NVLIST_SRC_SIZE KMALLOC_MAX_SIZE
231 uint_t zfs_fsyncer_key
;
232 uint_t zfs_allow_log_key
;
234 /* DATA_TYPE_ANY is used when zkey_type can vary. */
235 #define DATA_TYPE_ANY DATA_TYPE_UNKNOWN
237 typedef struct zfs_ioc_vec
{
238 zfs_ioc_legacy_func_t
*zvec_legacy_func
;
239 zfs_ioc_func_t
*zvec_func
;
240 zfs_secpolicy_func_t
*zvec_secpolicy
;
241 zfs_ioc_namecheck_t zvec_namecheck
;
242 boolean_t zvec_allow_log
;
243 zfs_ioc_poolcheck_t zvec_pool_check
;
244 boolean_t zvec_smush_outnvlist
;
245 const char *zvec_name
;
246 const zfs_ioc_key_t
*zvec_nvl_keys
;
247 size_t zvec_nvl_key_count
;
250 /* This array is indexed by zfs_userquota_prop_t */
251 static const char *userquota_perms
[] = {
252 ZFS_DELEG_PERM_USERUSED
,
253 ZFS_DELEG_PERM_USERQUOTA
,
254 ZFS_DELEG_PERM_GROUPUSED
,
255 ZFS_DELEG_PERM_GROUPQUOTA
,
256 ZFS_DELEG_PERM_USEROBJUSED
,
257 ZFS_DELEG_PERM_USEROBJQUOTA
,
258 ZFS_DELEG_PERM_GROUPOBJUSED
,
259 ZFS_DELEG_PERM_GROUPOBJQUOTA
,
260 ZFS_DELEG_PERM_PROJECTUSED
,
261 ZFS_DELEG_PERM_PROJECTQUOTA
,
262 ZFS_DELEG_PERM_PROJECTOBJUSED
,
263 ZFS_DELEG_PERM_PROJECTOBJQUOTA
,
266 static int zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
);
267 static int zfs_ioc_id_quota_upgrade(zfs_cmd_t
*zc
);
268 static int zfs_check_settable(const char *name
, nvpair_t
*property
,
270 static int zfs_check_clearable(char *dataset
, nvlist_t
*props
,
272 static int zfs_fill_zplprops_root(uint64_t, nvlist_t
*, nvlist_t
*,
274 int zfs_set_prop_nvlist(const char *, zprop_source_t
, nvlist_t
*, nvlist_t
*);
275 static int get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
);
278 history_str_free(char *buf
)
280 kmem_free(buf
, HIS_MAX_RECORD_LEN
);
284 history_str_get(zfs_cmd_t
*zc
)
288 if (zc
->zc_history
== 0)
291 buf
= kmem_alloc(HIS_MAX_RECORD_LEN
, KM_SLEEP
);
292 if (copyinstr((void *)(uintptr_t)zc
->zc_history
,
293 buf
, HIS_MAX_RECORD_LEN
, NULL
) != 0) {
294 history_str_free(buf
);
298 buf
[HIS_MAX_RECORD_LEN
-1] = '\0';
304 * Check to see if the named dataset is currently defined as bootable
307 zfs_is_bootfs(const char *name
)
311 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
313 ret
= (dmu_objset_id(os
) == spa_bootfs(dmu_objset_spa(os
)));
314 dmu_objset_rele(os
, FTAG
);
321 * Return non-zero if the spa version is less than requested version.
324 zfs_earlier_version(const char *name
, int version
)
328 if (spa_open(name
, &spa
, FTAG
) == 0) {
329 if (spa_version(spa
) < version
) {
330 spa_close(spa
, FTAG
);
333 spa_close(spa
, FTAG
);
339 * Return TRUE if the ZPL version is less than requested version.
342 zpl_earlier_version(const char *name
, int version
)
345 boolean_t rc
= B_TRUE
;
347 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
350 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
351 dmu_objset_rele(os
, FTAG
);
354 /* XXX reading from non-owned objset */
355 if (zfs_get_zplprop(os
, ZFS_PROP_VERSION
, &zplversion
) == 0)
356 rc
= zplversion
< version
;
357 dmu_objset_rele(os
, FTAG
);
363 zfs_log_history(zfs_cmd_t
*zc
)
368 if ((buf
= history_str_get(zc
)) == NULL
)
371 if (spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
372 if (spa_version(spa
) >= SPA_VERSION_ZPOOL_HISTORY
)
373 (void) spa_history_log(spa
, buf
);
374 spa_close(spa
, FTAG
);
376 history_str_free(buf
);
380 * Policy for top-level read operations (list pools). Requires no privileges,
381 * and can be used in the local zone, as there is no associated dataset.
385 zfs_secpolicy_none(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
391 * Policy for dataset read operations (list children, get statistics). Requires
392 * no privileges, but must be visible in the local zone.
396 zfs_secpolicy_read(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
398 if (INGLOBALZONE(curproc
) ||
399 zone_dataset_visible(zc
->zc_name
, NULL
))
402 return (SET_ERROR(ENOENT
));
406 zfs_dozonecheck_impl(const char *dataset
, uint64_t zoned
, cred_t
*cr
)
411 * The dataset must be visible by this zone -- check this first
412 * so they don't see EPERM on something they shouldn't know about.
414 if (!INGLOBALZONE(curproc
) &&
415 !zone_dataset_visible(dataset
, &writable
))
416 return (SET_ERROR(ENOENT
));
418 if (INGLOBALZONE(curproc
)) {
420 * If the fs is zoned, only root can access it from the
423 if (secpolicy_zfs(cr
) && zoned
)
424 return (SET_ERROR(EPERM
));
427 * If we are in a local zone, the 'zoned' property must be set.
430 return (SET_ERROR(EPERM
));
432 /* must be writable by this zone */
434 return (SET_ERROR(EPERM
));
440 zfs_dozonecheck(const char *dataset
, cred_t
*cr
)
444 if (dsl_prop_get_integer(dataset
, zfs_prop_to_name(ZFS_PROP_ZONED
),
446 return (SET_ERROR(ENOENT
));
448 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
452 zfs_dozonecheck_ds(const char *dataset
, dsl_dataset_t
*ds
, cred_t
*cr
)
456 if (dsl_prop_get_int_ds(ds
, zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
))
457 return (SET_ERROR(ENOENT
));
459 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
463 zfs_secpolicy_write_perms_ds(const char *name
, dsl_dataset_t
*ds
,
464 const char *perm
, cred_t
*cr
)
468 error
= zfs_dozonecheck_ds(name
, ds
, cr
);
470 error
= secpolicy_zfs(cr
);
472 error
= dsl_deleg_access_impl(ds
, perm
, cr
);
478 zfs_secpolicy_write_perms(const char *name
, const char *perm
, cred_t
*cr
)
485 * First do a quick check for root in the global zone, which
486 * is allowed to do all write_perms. This ensures that zfs_ioc_*
487 * will get to handle nonexistent datasets.
489 if (INGLOBALZONE(curproc
) && secpolicy_zfs(cr
) == 0)
492 error
= dsl_pool_hold(name
, FTAG
, &dp
);
496 error
= dsl_dataset_hold(dp
, name
, FTAG
, &ds
);
498 dsl_pool_rele(dp
, FTAG
);
502 error
= zfs_secpolicy_write_perms_ds(name
, ds
, perm
, cr
);
504 dsl_dataset_rele(ds
, FTAG
);
505 dsl_pool_rele(dp
, FTAG
);
510 * Policy for setting the security label property.
512 * Returns 0 for success, non-zero for access and other errors.
515 zfs_set_slabel_policy(const char *name
, char *strval
, cred_t
*cr
)
518 char ds_hexsl
[MAXNAMELEN
];
519 bslabel_t ds_sl
, new_sl
;
520 boolean_t new_default
= FALSE
;
522 int needed_priv
= -1;
525 /* First get the existing dataset label. */
526 error
= dsl_prop_get(name
, zfs_prop_to_name(ZFS_PROP_MLSLABEL
),
527 1, sizeof (ds_hexsl
), &ds_hexsl
, NULL
);
529 return (SET_ERROR(EPERM
));
531 if (strcasecmp(strval
, ZFS_MLSLABEL_DEFAULT
) == 0)
534 /* The label must be translatable */
535 if (!new_default
&& (hexstr_to_label(strval
, &new_sl
) != 0))
536 return (SET_ERROR(EINVAL
));
539 * In a non-global zone, disallow attempts to set a label that
540 * doesn't match that of the zone; otherwise no other checks
543 if (!INGLOBALZONE(curproc
)) {
544 if (new_default
|| !blequal(&new_sl
, CR_SL(CRED())))
545 return (SET_ERROR(EPERM
));
550 * For global-zone datasets (i.e., those whose zoned property is
551 * "off", verify that the specified new label is valid for the
554 if (dsl_prop_get_integer(name
,
555 zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
, NULL
))
556 return (SET_ERROR(EPERM
));
558 if (zfs_check_global_label(name
, strval
) != 0)
559 return (SET_ERROR(EPERM
));
563 * If the existing dataset label is nondefault, check if the
564 * dataset is mounted (label cannot be changed while mounted).
565 * Get the zfsvfs_t; if there isn't one, then the dataset isn't
566 * mounted (or isn't a dataset, doesn't exist, ...).
568 if (strcasecmp(ds_hexsl
, ZFS_MLSLABEL_DEFAULT
) != 0) {
570 static char *setsl_tag
= "setsl_tag";
573 * Try to own the dataset; abort if there is any error,
574 * (e.g., already mounted, in use, or other error).
576 error
= dmu_objset_own(name
, DMU_OST_ZFS
, B_TRUE
, B_TRUE
,
579 return (SET_ERROR(EPERM
));
581 dmu_objset_disown(os
, B_TRUE
, setsl_tag
);
584 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
588 if (hexstr_to_label(strval
, &new_sl
) != 0)
589 return (SET_ERROR(EPERM
));
591 if (blstrictdom(&ds_sl
, &new_sl
))
592 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
593 else if (blstrictdom(&new_sl
, &ds_sl
))
594 needed_priv
= PRIV_FILE_UPGRADE_SL
;
596 /* dataset currently has a default label */
598 needed_priv
= PRIV_FILE_UPGRADE_SL
;
602 if (needed_priv
!= -1)
603 return (PRIV_POLICY(cr
, needed_priv
, B_FALSE
, EPERM
, NULL
));
606 return (SET_ERROR(ENOTSUP
));
607 #endif /* HAVE_MLSLABEL */
611 zfs_secpolicy_setprop(const char *dsname
, zfs_prop_t prop
, nvpair_t
*propval
,
617 * Check permissions for special properties.
624 * Disallow setting of 'zoned' from within a local zone.
626 if (!INGLOBALZONE(curproc
))
627 return (SET_ERROR(EPERM
));
631 case ZFS_PROP_FILESYSTEM_LIMIT
:
632 case ZFS_PROP_SNAPSHOT_LIMIT
:
633 if (!INGLOBALZONE(curproc
)) {
635 char setpoint
[ZFS_MAX_DATASET_NAME_LEN
];
637 * Unprivileged users are allowed to modify the
638 * limit on things *under* (ie. contained by)
639 * the thing they own.
641 if (dsl_prop_get_integer(dsname
,
642 zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
, setpoint
))
643 return (SET_ERROR(EPERM
));
644 if (!zoned
|| strlen(dsname
) <= strlen(setpoint
))
645 return (SET_ERROR(EPERM
));
649 case ZFS_PROP_MLSLABEL
:
650 if (!is_system_labeled())
651 return (SET_ERROR(EPERM
));
653 if (nvpair_value_string(propval
, &strval
) == 0) {
656 err
= zfs_set_slabel_policy(dsname
, strval
, CRED());
663 return (zfs_secpolicy_write_perms(dsname
, zfs_prop_to_name(prop
), cr
));
668 zfs_secpolicy_set_fsacl(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
672 error
= zfs_dozonecheck(zc
->zc_name
, cr
);
677 * permission to set permissions will be evaluated later in
678 * dsl_deleg_can_allow()
685 zfs_secpolicy_rollback(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
687 return (zfs_secpolicy_write_perms(zc
->zc_name
,
688 ZFS_DELEG_PERM_ROLLBACK
, cr
));
693 zfs_secpolicy_send(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
701 * Generate the current snapshot name from the given objsetid, then
702 * use that name for the secpolicy/zone checks.
704 cp
= strchr(zc
->zc_name
, '@');
706 return (SET_ERROR(EINVAL
));
707 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
711 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &ds
);
713 dsl_pool_rele(dp
, FTAG
);
717 dsl_dataset_name(ds
, zc
->zc_name
);
719 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, ds
,
720 ZFS_DELEG_PERM_SEND
, cr
);
721 dsl_dataset_rele(ds
, FTAG
);
722 dsl_pool_rele(dp
, FTAG
);
729 zfs_secpolicy_send_new(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
731 return (zfs_secpolicy_write_perms(zc
->zc_name
,
732 ZFS_DELEG_PERM_SEND
, cr
));
736 zfs_secpolicy_share(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
738 return (SET_ERROR(ENOTSUP
));
742 zfs_secpolicy_smb_acl(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
744 return (SET_ERROR(ENOTSUP
));
748 zfs_get_parent(const char *datasetname
, char *parent
, int parentsize
)
753 * Remove the @bla or /bla from the end of the name to get the parent.
755 (void) strncpy(parent
, datasetname
, parentsize
);
756 cp
= strrchr(parent
, '@');
760 cp
= strrchr(parent
, '/');
762 return (SET_ERROR(ENOENT
));
770 zfs_secpolicy_destroy_perms(const char *name
, cred_t
*cr
)
774 if ((error
= zfs_secpolicy_write_perms(name
,
775 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
778 return (zfs_secpolicy_write_perms(name
, ZFS_DELEG_PERM_DESTROY
, cr
));
783 zfs_secpolicy_destroy(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
785 return (zfs_secpolicy_destroy_perms(zc
->zc_name
, cr
));
789 * Destroying snapshots with delegated permissions requires
790 * descendant mount and destroy permissions.
794 zfs_secpolicy_destroy_snaps(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
797 nvpair_t
*pair
, *nextpair
;
800 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
802 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
804 nextpair
= nvlist_next_nvpair(snaps
, pair
);
805 error
= zfs_secpolicy_destroy_perms(nvpair_name(pair
), cr
);
806 if (error
== ENOENT
) {
808 * Ignore any snapshots that don't exist (we consider
809 * them "already destroyed"). Remove the name from the
810 * nvl here in case the snapshot is created between
811 * now and when we try to destroy it (in which case
812 * we don't want to destroy it since we haven't
813 * checked for permission).
815 fnvlist_remove_nvpair(snaps
, pair
);
826 zfs_secpolicy_rename_perms(const char *from
, const char *to
, cred_t
*cr
)
828 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
831 if ((error
= zfs_secpolicy_write_perms(from
,
832 ZFS_DELEG_PERM_RENAME
, cr
)) != 0)
835 if ((error
= zfs_secpolicy_write_perms(from
,
836 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
839 if ((error
= zfs_get_parent(to
, parentname
,
840 sizeof (parentname
))) != 0)
843 if ((error
= zfs_secpolicy_write_perms(parentname
,
844 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
847 if ((error
= zfs_secpolicy_write_perms(parentname
,
848 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
856 zfs_secpolicy_rename(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
858 return (zfs_secpolicy_rename_perms(zc
->zc_name
, zc
->zc_value
, cr
));
863 zfs_secpolicy_promote(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
866 dsl_dataset_t
*clone
;
869 error
= zfs_secpolicy_write_perms(zc
->zc_name
,
870 ZFS_DELEG_PERM_PROMOTE
, cr
);
874 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
878 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &clone
);
881 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
882 dsl_dataset_t
*origin
= NULL
;
886 error
= dsl_dataset_hold_obj(dd
->dd_pool
,
887 dsl_dir_phys(dd
)->dd_origin_obj
, FTAG
, &origin
);
889 dsl_dataset_rele(clone
, FTAG
);
890 dsl_pool_rele(dp
, FTAG
);
894 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, clone
,
895 ZFS_DELEG_PERM_MOUNT
, cr
);
897 dsl_dataset_name(origin
, parentname
);
899 error
= zfs_secpolicy_write_perms_ds(parentname
, origin
,
900 ZFS_DELEG_PERM_PROMOTE
, cr
);
902 dsl_dataset_rele(clone
, FTAG
);
903 dsl_dataset_rele(origin
, FTAG
);
905 dsl_pool_rele(dp
, FTAG
);
911 zfs_secpolicy_recv(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
915 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
916 ZFS_DELEG_PERM_RECEIVE
, cr
)) != 0)
919 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
920 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
923 return (zfs_secpolicy_write_perms(zc
->zc_name
,
924 ZFS_DELEG_PERM_CREATE
, cr
));
929 zfs_secpolicy_recv_new(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
931 return (zfs_secpolicy_recv(zc
, innvl
, cr
));
935 zfs_secpolicy_snapshot_perms(const char *name
, cred_t
*cr
)
937 return (zfs_secpolicy_write_perms(name
,
938 ZFS_DELEG_PERM_SNAPSHOT
, cr
));
942 * Check for permission to create each snapshot in the nvlist.
946 zfs_secpolicy_snapshot(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
952 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
954 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
955 pair
= nvlist_next_nvpair(snaps
, pair
)) {
956 char *name
= nvpair_name(pair
);
957 char *atp
= strchr(name
, '@');
960 error
= SET_ERROR(EINVAL
);
964 error
= zfs_secpolicy_snapshot_perms(name
, cr
);
973 * Check for permission to create each bookmark in the nvlist.
977 zfs_secpolicy_bookmark(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
981 for (nvpair_t
*pair
= nvlist_next_nvpair(innvl
, NULL
);
982 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
983 char *name
= nvpair_name(pair
);
984 char *hashp
= strchr(name
, '#');
987 error
= SET_ERROR(EINVAL
);
991 error
= zfs_secpolicy_write_perms(name
,
992 ZFS_DELEG_PERM_BOOKMARK
, cr
);
1002 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1004 nvpair_t
*pair
, *nextpair
;
1007 for (pair
= nvlist_next_nvpair(innvl
, NULL
); pair
!= NULL
;
1009 char *name
= nvpair_name(pair
);
1010 char *hashp
= strchr(name
, '#');
1011 nextpair
= nvlist_next_nvpair(innvl
, pair
);
1013 if (hashp
== NULL
) {
1014 error
= SET_ERROR(EINVAL
);
1019 error
= zfs_secpolicy_write_perms(name
,
1020 ZFS_DELEG_PERM_DESTROY
, cr
);
1022 if (error
== ENOENT
) {
1024 * Ignore any filesystems that don't exist (we consider
1025 * their bookmarks "already destroyed"). Remove
1026 * the name from the nvl here in case the filesystem
1027 * is created between now and when we try to destroy
1028 * the bookmark (in which case we don't want to
1029 * destroy it since we haven't checked for permission).
1031 fnvlist_remove_nvpair(innvl
, pair
);
1043 zfs_secpolicy_log_history(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1046 * Even root must have a proper TSD so that we know what pool
1049 if (tsd_get(zfs_allow_log_key
) == NULL
)
1050 return (SET_ERROR(EPERM
));
1055 zfs_secpolicy_create_clone(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1057 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
1061 if ((error
= zfs_get_parent(zc
->zc_name
, parentname
,
1062 sizeof (parentname
))) != 0)
1065 if (nvlist_lookup_string(innvl
, "origin", &origin
) == 0 &&
1066 (error
= zfs_secpolicy_write_perms(origin
,
1067 ZFS_DELEG_PERM_CLONE
, cr
)) != 0)
1070 if ((error
= zfs_secpolicy_write_perms(parentname
,
1071 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
1074 return (zfs_secpolicy_write_perms(parentname
,
1075 ZFS_DELEG_PERM_MOUNT
, cr
));
1079 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1080 * SYS_CONFIG privilege, which is not available in a local zone.
1084 zfs_secpolicy_config(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1086 if (secpolicy_sys_config(cr
, B_FALSE
) != 0)
1087 return (SET_ERROR(EPERM
));
1093 * Policy for object to name lookups.
1097 zfs_secpolicy_diff(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1101 if ((error
= secpolicy_sys_config(cr
, B_FALSE
)) == 0)
1104 error
= zfs_secpolicy_write_perms(zc
->zc_name
, ZFS_DELEG_PERM_DIFF
, cr
);
1109 * Policy for fault injection. Requires all privileges.
1113 zfs_secpolicy_inject(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1115 return (secpolicy_zinject(cr
));
1120 zfs_secpolicy_inherit_prop(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1122 zfs_prop_t prop
= zfs_name_to_prop(zc
->zc_value
);
1124 if (prop
== ZPROP_INVAL
) {
1125 if (!zfs_prop_user(zc
->zc_value
))
1126 return (SET_ERROR(EINVAL
));
1127 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1128 ZFS_DELEG_PERM_USERPROP
, cr
));
1130 return (zfs_secpolicy_setprop(zc
->zc_name
, prop
,
1136 zfs_secpolicy_userspace_one(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1138 int err
= zfs_secpolicy_read(zc
, innvl
, cr
);
1142 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
1143 return (SET_ERROR(EINVAL
));
1145 if (zc
->zc_value
[0] == 0) {
1147 * They are asking about a posix uid/gid. If it's
1148 * themself, allow it.
1150 if (zc
->zc_objset_type
== ZFS_PROP_USERUSED
||
1151 zc
->zc_objset_type
== ZFS_PROP_USERQUOTA
||
1152 zc
->zc_objset_type
== ZFS_PROP_USEROBJUSED
||
1153 zc
->zc_objset_type
== ZFS_PROP_USEROBJQUOTA
) {
1154 if (zc
->zc_guid
== crgetuid(cr
))
1156 } else if (zc
->zc_objset_type
== ZFS_PROP_GROUPUSED
||
1157 zc
->zc_objset_type
== ZFS_PROP_GROUPQUOTA
||
1158 zc
->zc_objset_type
== ZFS_PROP_GROUPOBJUSED
||
1159 zc
->zc_objset_type
== ZFS_PROP_GROUPOBJQUOTA
) {
1160 if (groupmember(zc
->zc_guid
, cr
))
1163 /* else is for project quota/used */
1166 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1167 userquota_perms
[zc
->zc_objset_type
], cr
));
1171 zfs_secpolicy_userspace_many(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1173 int err
= zfs_secpolicy_read(zc
, innvl
, cr
);
1177 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
1178 return (SET_ERROR(EINVAL
));
1180 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1181 userquota_perms
[zc
->zc_objset_type
], cr
));
1186 zfs_secpolicy_userspace_upgrade(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1188 return (zfs_secpolicy_setprop(zc
->zc_name
, ZFS_PROP_VERSION
,
1194 zfs_secpolicy_hold(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1200 holds
= fnvlist_lookup_nvlist(innvl
, "holds");
1202 for (pair
= nvlist_next_nvpair(holds
, NULL
); pair
!= NULL
;
1203 pair
= nvlist_next_nvpair(holds
, pair
)) {
1204 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
1205 error
= dmu_fsname(nvpair_name(pair
), fsname
);
1208 error
= zfs_secpolicy_write_perms(fsname
,
1209 ZFS_DELEG_PERM_HOLD
, cr
);
1218 zfs_secpolicy_release(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1223 for (pair
= nvlist_next_nvpair(innvl
, NULL
); pair
!= NULL
;
1224 pair
= nvlist_next_nvpair(innvl
, pair
)) {
1225 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
1226 error
= dmu_fsname(nvpair_name(pair
), fsname
);
1229 error
= zfs_secpolicy_write_perms(fsname
,
1230 ZFS_DELEG_PERM_RELEASE
, cr
);
1238 * Policy for allowing temporary snapshots to be taken or released
1241 zfs_secpolicy_tmp_snapshot(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1244 * A temporary snapshot is the same as a snapshot,
1245 * hold, destroy and release all rolled into one.
1246 * Delegated diff alone is sufficient that we allow this.
1250 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
1251 ZFS_DELEG_PERM_DIFF
, cr
)) == 0)
1254 error
= zfs_secpolicy_snapshot_perms(zc
->zc_name
, cr
);
1256 if (innvl
!= NULL
) {
1258 error
= zfs_secpolicy_hold(zc
, innvl
, cr
);
1260 error
= zfs_secpolicy_release(zc
, innvl
, cr
);
1262 error
= zfs_secpolicy_destroy(zc
, innvl
, cr
);
1268 zfs_secpolicy_load_key(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1270 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1271 ZFS_DELEG_PERM_LOAD_KEY
, cr
));
1275 zfs_secpolicy_change_key(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1277 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1278 ZFS_DELEG_PERM_CHANGE_KEY
, cr
));
1282 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1285 get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
)
1289 nvlist_t
*list
= NULL
;
1292 * Read in and unpack the user-supplied nvlist.
1295 return (SET_ERROR(EINVAL
));
1297 packed
= vmem_alloc(size
, KM_SLEEP
);
1299 if ((error
= ddi_copyin((void *)(uintptr_t)nvl
, packed
, size
,
1301 vmem_free(packed
, size
);
1302 return (SET_ERROR(EFAULT
));
1305 if ((error
= nvlist_unpack(packed
, size
, &list
, 0)) != 0) {
1306 vmem_free(packed
, size
);
1310 vmem_free(packed
, size
);
1317 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1318 * Entries will be removed from the end of the nvlist, and one int32 entry
1319 * named "N_MORE_ERRORS" will be added indicating how many entries were
1323 nvlist_smush(nvlist_t
*errors
, size_t max
)
1327 size
= fnvlist_size(errors
);
1330 nvpair_t
*more_errors
;
1334 return (SET_ERROR(ENOMEM
));
1336 fnvlist_add_int32(errors
, ZPROP_N_MORE_ERRORS
, 0);
1337 more_errors
= nvlist_prev_nvpair(errors
, NULL
);
1340 nvpair_t
*pair
= nvlist_prev_nvpair(errors
,
1342 fnvlist_remove_nvpair(errors
, pair
);
1344 size
= fnvlist_size(errors
);
1345 } while (size
> max
);
1347 fnvlist_remove_nvpair(errors
, more_errors
);
1348 fnvlist_add_int32(errors
, ZPROP_N_MORE_ERRORS
, n
);
1349 ASSERT3U(fnvlist_size(errors
), <=, max
);
1356 put_nvlist(zfs_cmd_t
*zc
, nvlist_t
*nvl
)
1358 char *packed
= NULL
;
1362 size
= fnvlist_size(nvl
);
1364 if (size
> zc
->zc_nvlist_dst_size
) {
1365 error
= SET_ERROR(ENOMEM
);
1367 packed
= fnvlist_pack(nvl
, &size
);
1368 if (ddi_copyout(packed
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
1369 size
, zc
->zc_iflags
) != 0)
1370 error
= SET_ERROR(EFAULT
);
1371 fnvlist_pack_free(packed
, size
);
1374 zc
->zc_nvlist_dst_size
= size
;
1375 zc
->zc_nvlist_dst_filled
= B_TRUE
;
1380 getzfsvfs_impl(objset_t
*os
, zfsvfs_t
**zfvp
)
1383 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1384 return (SET_ERROR(EINVAL
));
1387 mutex_enter(&os
->os_user_ptr_lock
);
1388 *zfvp
= dmu_objset_get_user(os
);
1389 /* bump s_active only when non-zero to prevent umount race */
1390 error
= zfs_vfs_ref(zfvp
);
1391 mutex_exit(&os
->os_user_ptr_lock
);
1396 getzfsvfs(const char *dsname
, zfsvfs_t
**zfvp
)
1401 error
= dmu_objset_hold(dsname
, FTAG
, &os
);
1405 error
= getzfsvfs_impl(os
, zfvp
);
1406 dmu_objset_rele(os
, FTAG
);
1411 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1412 * case its z_sb will be NULL, and it will be opened as the owner.
1413 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1414 * which prevents all inode ops from running.
1417 zfsvfs_hold(const char *name
, void *tag
, zfsvfs_t
**zfvp
, boolean_t writer
)
1421 if (getzfsvfs(name
, zfvp
) != 0)
1422 error
= zfsvfs_create(name
, B_FALSE
, zfvp
);
1424 rrm_enter(&(*zfvp
)->z_teardown_lock
, (writer
) ? RW_WRITER
:
1426 if ((*zfvp
)->z_unmounted
) {
1428 * XXX we could probably try again, since the unmounting
1429 * thread should be just about to disassociate the
1430 * objset from the zfsvfs.
1432 rrm_exit(&(*zfvp
)->z_teardown_lock
, tag
);
1433 return (SET_ERROR(EBUSY
));
1440 zfsvfs_rele(zfsvfs_t
*zfsvfs
, void *tag
)
1442 rrm_exit(&zfsvfs
->z_teardown_lock
, tag
);
1444 if (zfs_vfs_held(zfsvfs
)) {
1445 zfs_vfs_rele(zfsvfs
);
1447 dmu_objset_disown(zfsvfs
->z_os
, B_TRUE
, zfsvfs
);
1448 zfsvfs_free(zfsvfs
);
1453 zfs_ioc_pool_create(zfs_cmd_t
*zc
)
1456 nvlist_t
*config
, *props
= NULL
;
1457 nvlist_t
*rootprops
= NULL
;
1458 nvlist_t
*zplprops
= NULL
;
1459 dsl_crypto_params_t
*dcp
= NULL
;
1460 char *spa_name
= zc
->zc_name
;
1461 boolean_t unload_wkey
= B_TRUE
;
1463 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1464 zc
->zc_iflags
, &config
)))
1467 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1468 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1469 zc
->zc_iflags
, &props
))) {
1470 nvlist_free(config
);
1475 nvlist_t
*nvl
= NULL
;
1476 nvlist_t
*hidden_args
= NULL
;
1477 uint64_t version
= SPA_VERSION
;
1480 (void) nvlist_lookup_uint64(props
,
1481 zpool_prop_to_name(ZPOOL_PROP_VERSION
), &version
);
1482 if (!SPA_VERSION_IS_SUPPORTED(version
)) {
1483 error
= SET_ERROR(EINVAL
);
1484 goto pool_props_bad
;
1486 (void) nvlist_lookup_nvlist(props
, ZPOOL_ROOTFS_PROPS
, &nvl
);
1488 error
= nvlist_dup(nvl
, &rootprops
, KM_SLEEP
);
1490 goto pool_props_bad
;
1491 (void) nvlist_remove_all(props
, ZPOOL_ROOTFS_PROPS
);
1494 (void) nvlist_lookup_nvlist(props
, ZPOOL_HIDDEN_ARGS
,
1496 error
= dsl_crypto_params_create_nvlist(DCP_CMD_NONE
,
1497 rootprops
, hidden_args
, &dcp
);
1499 goto pool_props_bad
;
1500 (void) nvlist_remove_all(props
, ZPOOL_HIDDEN_ARGS
);
1502 VERIFY(nvlist_alloc(&zplprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
1503 error
= zfs_fill_zplprops_root(version
, rootprops
,
1506 goto pool_props_bad
;
1508 if (nvlist_lookup_string(props
,
1509 zpool_prop_to_name(ZPOOL_PROP_TNAME
), &tname
) == 0)
1513 error
= spa_create(zc
->zc_name
, config
, props
, zplprops
, dcp
);
1516 * Set the remaining root properties
1518 if (!error
&& (error
= zfs_set_prop_nvlist(spa_name
,
1519 ZPROP_SRC_LOCAL
, rootprops
, NULL
)) != 0) {
1520 (void) spa_destroy(spa_name
);
1521 unload_wkey
= B_FALSE
; /* spa_destroy() unloads wrapping keys */
1525 nvlist_free(rootprops
);
1526 nvlist_free(zplprops
);
1527 nvlist_free(config
);
1529 dsl_crypto_params_free(dcp
, unload_wkey
&& !!error
);
1535 zfs_ioc_pool_destroy(zfs_cmd_t
*zc
)
1538 zfs_log_history(zc
);
1539 error
= spa_destroy(zc
->zc_name
);
1545 zfs_ioc_pool_import(zfs_cmd_t
*zc
)
1547 nvlist_t
*config
, *props
= NULL
;
1551 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1552 zc
->zc_iflags
, &config
)) != 0)
1555 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1556 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1557 zc
->zc_iflags
, &props
))) {
1558 nvlist_free(config
);
1562 if (nvlist_lookup_uint64(config
, ZPOOL_CONFIG_POOL_GUID
, &guid
) != 0 ||
1563 guid
!= zc
->zc_guid
)
1564 error
= SET_ERROR(EINVAL
);
1566 error
= spa_import(zc
->zc_name
, config
, props
, zc
->zc_cookie
);
1568 if (zc
->zc_nvlist_dst
!= 0) {
1571 if ((err
= put_nvlist(zc
, config
)) != 0)
1575 nvlist_free(config
);
1582 zfs_ioc_pool_export(zfs_cmd_t
*zc
)
1585 boolean_t force
= (boolean_t
)zc
->zc_cookie
;
1586 boolean_t hardforce
= (boolean_t
)zc
->zc_guid
;
1588 zfs_log_history(zc
);
1589 error
= spa_export(zc
->zc_name
, NULL
, force
, hardforce
);
1595 zfs_ioc_pool_configs(zfs_cmd_t
*zc
)
1600 if ((configs
= spa_all_configs(&zc
->zc_cookie
)) == NULL
)
1601 return (SET_ERROR(EEXIST
));
1603 error
= put_nvlist(zc
, configs
);
1605 nvlist_free(configs
);
1612 * zc_name name of the pool
1615 * zc_cookie real errno
1616 * zc_nvlist_dst config nvlist
1617 * zc_nvlist_dst_size size of config nvlist
1620 zfs_ioc_pool_stats(zfs_cmd_t
*zc
)
1626 error
= spa_get_stats(zc
->zc_name
, &config
, zc
->zc_value
,
1627 sizeof (zc
->zc_value
));
1629 if (config
!= NULL
) {
1630 ret
= put_nvlist(zc
, config
);
1631 nvlist_free(config
);
1634 * The config may be present even if 'error' is non-zero.
1635 * In this case we return success, and preserve the real errno
1638 zc
->zc_cookie
= error
;
1647 * Try to import the given pool, returning pool stats as appropriate so that
1648 * user land knows which devices are available and overall pool health.
1651 zfs_ioc_pool_tryimport(zfs_cmd_t
*zc
)
1653 nvlist_t
*tryconfig
, *config
= NULL
;
1656 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1657 zc
->zc_iflags
, &tryconfig
)) != 0)
1660 config
= spa_tryimport(tryconfig
);
1662 nvlist_free(tryconfig
);
1665 return (SET_ERROR(EINVAL
));
1667 error
= put_nvlist(zc
, config
);
1668 nvlist_free(config
);
1675 * zc_name name of the pool
1676 * zc_cookie scan func (pool_scan_func_t)
1677 * zc_flags scrub pause/resume flag (pool_scrub_cmd_t)
1680 zfs_ioc_pool_scan(zfs_cmd_t
*zc
)
1685 if (zc
->zc_flags
>= POOL_SCRUB_FLAGS_END
)
1686 return (SET_ERROR(EINVAL
));
1688 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1691 if (zc
->zc_flags
== POOL_SCRUB_PAUSE
)
1692 error
= spa_scrub_pause_resume(spa
, POOL_SCRUB_PAUSE
);
1693 else if (zc
->zc_cookie
== POOL_SCAN_NONE
)
1694 error
= spa_scan_stop(spa
);
1696 error
= spa_scan(spa
, zc
->zc_cookie
);
1698 spa_close(spa
, FTAG
);
1704 zfs_ioc_pool_freeze(zfs_cmd_t
*zc
)
1709 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1712 spa_close(spa
, FTAG
);
1718 zfs_ioc_pool_upgrade(zfs_cmd_t
*zc
)
1723 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1726 if (zc
->zc_cookie
< spa_version(spa
) ||
1727 !SPA_VERSION_IS_SUPPORTED(zc
->zc_cookie
)) {
1728 spa_close(spa
, FTAG
);
1729 return (SET_ERROR(EINVAL
));
1732 spa_upgrade(spa
, zc
->zc_cookie
);
1733 spa_close(spa
, FTAG
);
1739 zfs_ioc_pool_get_history(zfs_cmd_t
*zc
)
1746 if ((size
= zc
->zc_history_len
) == 0)
1747 return (SET_ERROR(EINVAL
));
1749 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1752 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
1753 spa_close(spa
, FTAG
);
1754 return (SET_ERROR(ENOTSUP
));
1757 hist_buf
= vmem_alloc(size
, KM_SLEEP
);
1758 if ((error
= spa_history_get(spa
, &zc
->zc_history_offset
,
1759 &zc
->zc_history_len
, hist_buf
)) == 0) {
1760 error
= ddi_copyout(hist_buf
,
1761 (void *)(uintptr_t)zc
->zc_history
,
1762 zc
->zc_history_len
, zc
->zc_iflags
);
1765 spa_close(spa
, FTAG
);
1766 vmem_free(hist_buf
, size
);
1771 zfs_ioc_pool_reguid(zfs_cmd_t
*zc
)
1776 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1778 error
= spa_change_guid(spa
);
1779 spa_close(spa
, FTAG
);
1785 zfs_ioc_dsobj_to_dsname(zfs_cmd_t
*zc
)
1787 return (dsl_dsobj_to_dsname(zc
->zc_name
, zc
->zc_obj
, zc
->zc_value
));
1792 * zc_name name of filesystem
1793 * zc_obj object to find
1796 * zc_value name of object
1799 zfs_ioc_obj_to_path(zfs_cmd_t
*zc
)
1804 /* XXX reading from objset not owned */
1805 if ((error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
,
1808 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1809 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1810 return (SET_ERROR(EINVAL
));
1812 error
= zfs_obj_to_path(os
, zc
->zc_obj
, zc
->zc_value
,
1813 sizeof (zc
->zc_value
));
1814 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1821 * zc_name name of filesystem
1822 * zc_obj object to find
1825 * zc_stat stats on object
1826 * zc_value path to object
1829 zfs_ioc_obj_to_stats(zfs_cmd_t
*zc
)
1834 /* XXX reading from objset not owned */
1835 if ((error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
,
1838 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1839 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1840 return (SET_ERROR(EINVAL
));
1842 error
= zfs_obj_to_stats(os
, zc
->zc_obj
, &zc
->zc_stat
, zc
->zc_value
,
1843 sizeof (zc
->zc_value
));
1844 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
1850 zfs_ioc_vdev_add(zfs_cmd_t
*zc
)
1856 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1860 error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1861 zc
->zc_iflags
, &config
);
1863 error
= spa_vdev_add(spa
, config
);
1864 nvlist_free(config
);
1866 spa_close(spa
, FTAG
);
1872 * zc_name name of the pool
1873 * zc_guid guid of vdev to remove
1874 * zc_cookie cancel removal
1877 zfs_ioc_vdev_remove(zfs_cmd_t
*zc
)
1882 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1885 if (zc
->zc_cookie
!= 0) {
1886 error
= spa_vdev_remove_cancel(spa
);
1888 error
= spa_vdev_remove(spa
, zc
->zc_guid
, B_FALSE
);
1890 spa_close(spa
, FTAG
);
1895 zfs_ioc_vdev_set_state(zfs_cmd_t
*zc
)
1899 vdev_state_t newstate
= VDEV_STATE_UNKNOWN
;
1901 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1903 switch (zc
->zc_cookie
) {
1904 case VDEV_STATE_ONLINE
:
1905 error
= vdev_online(spa
, zc
->zc_guid
, zc
->zc_obj
, &newstate
);
1908 case VDEV_STATE_OFFLINE
:
1909 error
= vdev_offline(spa
, zc
->zc_guid
, zc
->zc_obj
);
1912 case VDEV_STATE_FAULTED
:
1913 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1914 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
&&
1915 zc
->zc_obj
!= VDEV_AUX_EXTERNAL_PERSIST
)
1916 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1918 error
= vdev_fault(spa
, zc
->zc_guid
, zc
->zc_obj
);
1921 case VDEV_STATE_DEGRADED
:
1922 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1923 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
)
1924 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1926 error
= vdev_degrade(spa
, zc
->zc_guid
, zc
->zc_obj
);
1930 error
= SET_ERROR(EINVAL
);
1932 zc
->zc_cookie
= newstate
;
1933 spa_close(spa
, FTAG
);
1938 zfs_ioc_vdev_attach(zfs_cmd_t
*zc
)
1942 int replacing
= zc
->zc_cookie
;
1943 int rebuild
= zc
->zc_simple
;
1946 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1949 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1950 zc
->zc_iflags
, &config
)) == 0) {
1951 error
= spa_vdev_attach(spa
, zc
->zc_guid
, config
, replacing
,
1953 nvlist_free(config
);
1956 spa_close(spa
, FTAG
);
1961 zfs_ioc_vdev_detach(zfs_cmd_t
*zc
)
1966 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1969 error
= spa_vdev_detach(spa
, zc
->zc_guid
, 0, B_FALSE
);
1971 spa_close(spa
, FTAG
);
1976 zfs_ioc_vdev_split(zfs_cmd_t
*zc
)
1979 nvlist_t
*config
, *props
= NULL
;
1981 boolean_t exp
= !!(zc
->zc_cookie
& ZPOOL_EXPORT_AFTER_SPLIT
);
1983 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1986 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1987 zc
->zc_iflags
, &config
))) {
1988 spa_close(spa
, FTAG
);
1992 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1993 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1994 zc
->zc_iflags
, &props
))) {
1995 spa_close(spa
, FTAG
);
1996 nvlist_free(config
);
2000 error
= spa_vdev_split_mirror(spa
, zc
->zc_string
, config
, props
, exp
);
2002 spa_close(spa
, FTAG
);
2004 nvlist_free(config
);
2011 zfs_ioc_vdev_setpath(zfs_cmd_t
*zc
)
2014 char *path
= zc
->zc_value
;
2015 uint64_t guid
= zc
->zc_guid
;
2018 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
2022 error
= spa_vdev_setpath(spa
, guid
, path
);
2023 spa_close(spa
, FTAG
);
2028 zfs_ioc_vdev_setfru(zfs_cmd_t
*zc
)
2031 char *fru
= zc
->zc_value
;
2032 uint64_t guid
= zc
->zc_guid
;
2035 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
2039 error
= spa_vdev_setfru(spa
, guid
, fru
);
2040 spa_close(spa
, FTAG
);
2045 zfs_ioc_objset_stats_impl(zfs_cmd_t
*zc
, objset_t
*os
)
2050 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
2052 if (zc
->zc_nvlist_dst
!= 0 &&
2053 (error
= dsl_prop_get_all(os
, &nv
)) == 0) {
2054 dmu_objset_stats(os
, nv
);
2056 * NB: zvol_get_stats() will read the objset contents,
2057 * which we aren't supposed to do with a
2058 * DS_MODE_USER hold, because it could be
2059 * inconsistent. So this is a bit of a workaround...
2060 * XXX reading without owning
2062 if (!zc
->zc_objset_stats
.dds_inconsistent
&&
2063 dmu_objset_type(os
) == DMU_OST_ZVOL
) {
2064 error
= zvol_get_stats(os
, nv
);
2072 error
= put_nvlist(zc
, nv
);
2081 * zc_name name of filesystem
2082 * zc_nvlist_dst_size size of buffer for property nvlist
2085 * zc_objset_stats stats
2086 * zc_nvlist_dst property nvlist
2087 * zc_nvlist_dst_size size of property nvlist
2090 zfs_ioc_objset_stats(zfs_cmd_t
*zc
)
2095 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2097 error
= zfs_ioc_objset_stats_impl(zc
, os
);
2098 dmu_objset_rele(os
, FTAG
);
2106 * zc_name name of filesystem
2107 * zc_nvlist_dst_size size of buffer for property nvlist
2110 * zc_nvlist_dst received property nvlist
2111 * zc_nvlist_dst_size size of received property nvlist
2113 * Gets received properties (distinct from local properties on or after
2114 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2115 * local property values.
2118 zfs_ioc_objset_recvd_props(zfs_cmd_t
*zc
)
2124 * Without this check, we would return local property values if the
2125 * caller has not already received properties on or after
2126 * SPA_VERSION_RECVD_PROPS.
2128 if (!dsl_prop_get_hasrecvd(zc
->zc_name
))
2129 return (SET_ERROR(ENOTSUP
));
2131 if (zc
->zc_nvlist_dst
!= 0 &&
2132 (error
= dsl_prop_get_received(zc
->zc_name
, &nv
)) == 0) {
2133 error
= put_nvlist(zc
, nv
);
2141 nvl_add_zplprop(objset_t
*os
, nvlist_t
*props
, zfs_prop_t prop
)
2147 * zfs_get_zplprop() will either find a value or give us
2148 * the default value (if there is one).
2150 if ((error
= zfs_get_zplprop(os
, prop
, &value
)) != 0)
2152 VERIFY(nvlist_add_uint64(props
, zfs_prop_to_name(prop
), value
) == 0);
2158 * zc_name name of filesystem
2159 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2162 * zc_nvlist_dst zpl property nvlist
2163 * zc_nvlist_dst_size size of zpl property nvlist
2166 zfs_ioc_objset_zplprops(zfs_cmd_t
*zc
)
2171 /* XXX reading without owning */
2172 if ((err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)))
2175 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
2178 * NB: nvl_add_zplprop() will read the objset contents,
2179 * which we aren't supposed to do with a DS_MODE_USER
2180 * hold, because it could be inconsistent.
2182 if (zc
->zc_nvlist_dst
!= 0 &&
2183 !zc
->zc_objset_stats
.dds_inconsistent
&&
2184 dmu_objset_type(os
) == DMU_OST_ZFS
) {
2187 VERIFY(nvlist_alloc(&nv
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2188 if ((err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_VERSION
)) == 0 &&
2189 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_NORMALIZE
)) == 0 &&
2190 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_UTF8ONLY
)) == 0 &&
2191 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_CASE
)) == 0)
2192 err
= put_nvlist(zc
, nv
);
2195 err
= SET_ERROR(ENOENT
);
2197 dmu_objset_rele(os
, FTAG
);
2203 * zc_name name of filesystem
2204 * zc_cookie zap cursor
2205 * zc_nvlist_dst_size size of buffer for property nvlist
2208 * zc_name name of next filesystem
2209 * zc_cookie zap cursor
2210 * zc_objset_stats stats
2211 * zc_nvlist_dst property nvlist
2212 * zc_nvlist_dst_size size of property nvlist
2215 zfs_ioc_dataset_list_next(zfs_cmd_t
*zc
)
2220 size_t orig_len
= strlen(zc
->zc_name
);
2223 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
))) {
2224 if (error
== ENOENT
)
2225 error
= SET_ERROR(ESRCH
);
2229 p
= strrchr(zc
->zc_name
, '/');
2230 if (p
== NULL
|| p
[1] != '\0')
2231 (void) strlcat(zc
->zc_name
, "/", sizeof (zc
->zc_name
));
2232 p
= zc
->zc_name
+ strlen(zc
->zc_name
);
2235 error
= dmu_dir_list_next(os
,
2236 sizeof (zc
->zc_name
) - (p
- zc
->zc_name
), p
,
2237 NULL
, &zc
->zc_cookie
);
2238 if (error
== ENOENT
)
2239 error
= SET_ERROR(ESRCH
);
2240 } while (error
== 0 && zfs_dataset_name_hidden(zc
->zc_name
));
2241 dmu_objset_rele(os
, FTAG
);
2244 * If it's an internal dataset (ie. with a '$' in its name),
2245 * don't try to get stats for it, otherwise we'll return ENOENT.
2247 if (error
== 0 && strchr(zc
->zc_name
, '$') == NULL
) {
2248 error
= zfs_ioc_objset_stats(zc
); /* fill in the stats */
2249 if (error
== ENOENT
) {
2250 /* We lost a race with destroy, get the next one. */
2251 zc
->zc_name
[orig_len
] = '\0';
2260 * zc_name name of filesystem
2261 * zc_cookie zap cursor
2262 * zc_nvlist_src iteration range nvlist
2263 * zc_nvlist_src_size size of iteration range nvlist
2266 * zc_name name of next snapshot
2267 * zc_objset_stats stats
2268 * zc_nvlist_dst property nvlist
2269 * zc_nvlist_dst_size size of property nvlist
2272 zfs_ioc_snapshot_list_next(zfs_cmd_t
*zc
)
2275 objset_t
*os
, *ossnap
;
2277 uint64_t min_txg
= 0, max_txg
= 0;
2279 if (zc
->zc_nvlist_src_size
!= 0) {
2280 nvlist_t
*props
= NULL
;
2281 error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2282 zc
->zc_iflags
, &props
);
2285 (void) nvlist_lookup_uint64(props
, SNAP_ITER_MIN_TXG
,
2287 (void) nvlist_lookup_uint64(props
, SNAP_ITER_MAX_TXG
,
2292 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2294 return (error
== ENOENT
? SET_ERROR(ESRCH
) : error
);
2298 * A dataset name of maximum length cannot have any snapshots,
2299 * so exit immediately.
2301 if (strlcat(zc
->zc_name
, "@", sizeof (zc
->zc_name
)) >=
2302 ZFS_MAX_DATASET_NAME_LEN
) {
2303 dmu_objset_rele(os
, FTAG
);
2304 return (SET_ERROR(ESRCH
));
2307 while (error
== 0) {
2308 if (issig(JUSTLOOKING
) && issig(FORREAL
)) {
2309 error
= SET_ERROR(EINTR
);
2313 error
= dmu_snapshot_list_next(os
,
2314 sizeof (zc
->zc_name
) - strlen(zc
->zc_name
),
2315 zc
->zc_name
+ strlen(zc
->zc_name
), &zc
->zc_obj
,
2316 &zc
->zc_cookie
, NULL
);
2317 if (error
== ENOENT
) {
2318 error
= SET_ERROR(ESRCH
);
2320 } else if (error
!= 0) {
2324 error
= dsl_dataset_hold_obj(dmu_objset_pool(os
), zc
->zc_obj
,
2329 if ((min_txg
!= 0 && dsl_get_creationtxg(ds
) < min_txg
) ||
2330 (max_txg
!= 0 && dsl_get_creationtxg(ds
) > max_txg
)) {
2331 dsl_dataset_rele(ds
, FTAG
);
2332 /* undo snapshot name append */
2333 *(strchr(zc
->zc_name
, '@') + 1) = '\0';
2338 if (zc
->zc_simple
) {
2339 dsl_dataset_rele(ds
, FTAG
);
2343 if ((error
= dmu_objset_from_ds(ds
, &ossnap
)) != 0) {
2344 dsl_dataset_rele(ds
, FTAG
);
2347 if ((error
= zfs_ioc_objset_stats_impl(zc
, ossnap
)) != 0) {
2348 dsl_dataset_rele(ds
, FTAG
);
2351 dsl_dataset_rele(ds
, FTAG
);
2355 dmu_objset_rele(os
, FTAG
);
2356 /* if we failed, undo the @ that we tacked on to zc_name */
2358 *strchr(zc
->zc_name
, '@') = '\0';
2363 zfs_prop_set_userquota(const char *dsname
, nvpair_t
*pair
)
2365 const char *propname
= nvpair_name(pair
);
2367 unsigned int vallen
;
2370 zfs_userquota_prop_t type
;
2376 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2378 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2379 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2381 return (SET_ERROR(EINVAL
));
2385 * A correctly constructed propname is encoded as
2386 * userquota@<rid>-<domain>.
2388 if ((dash
= strchr(propname
, '-')) == NULL
||
2389 nvpair_value_uint64_array(pair
, &valary
, &vallen
) != 0 ||
2391 return (SET_ERROR(EINVAL
));
2398 err
= zfsvfs_hold(dsname
, FTAG
, &zfsvfs
, B_FALSE
);
2400 err
= zfs_set_userquota(zfsvfs
, type
, domain
, rid
, quota
);
2401 zfsvfs_rele(zfsvfs
, FTAG
);
2408 * If the named property is one that has a special function to set its value,
2409 * return 0 on success and a positive error code on failure; otherwise if it is
2410 * not one of the special properties handled by this function, return -1.
2412 * XXX: It would be better for callers of the property interface if we handled
2413 * these special cases in dsl_prop.c (in the dsl layer).
2416 zfs_prop_set_special(const char *dsname
, zprop_source_t source
,
2419 const char *propname
= nvpair_name(pair
);
2420 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2421 uint64_t intval
= 0;
2422 char *strval
= NULL
;
2425 if (prop
== ZPROP_INVAL
) {
2426 if (zfs_prop_userquota(propname
))
2427 return (zfs_prop_set_userquota(dsname
, pair
));
2431 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2433 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2434 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2438 /* all special properties are numeric except for keylocation */
2439 if (zfs_prop_get_type(prop
) == PROP_TYPE_STRING
) {
2440 strval
= fnvpair_value_string(pair
);
2442 intval
= fnvpair_value_uint64(pair
);
2446 case ZFS_PROP_QUOTA
:
2447 err
= dsl_dir_set_quota(dsname
, source
, intval
);
2449 case ZFS_PROP_REFQUOTA
:
2450 err
= dsl_dataset_set_refquota(dsname
, source
, intval
);
2452 case ZFS_PROP_FILESYSTEM_LIMIT
:
2453 case ZFS_PROP_SNAPSHOT_LIMIT
:
2454 if (intval
== UINT64_MAX
) {
2455 /* clearing the limit, just do it */
2458 err
= dsl_dir_activate_fs_ss_limit(dsname
);
2461 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2462 * default path to set the value in the nvlist.
2467 case ZFS_PROP_KEYLOCATION
:
2468 err
= dsl_crypto_can_set_keylocation(dsname
, strval
);
2471 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2472 * default path to set the value in the nvlist.
2477 case ZFS_PROP_RESERVATION
:
2478 err
= dsl_dir_set_reservation(dsname
, source
, intval
);
2480 case ZFS_PROP_REFRESERVATION
:
2481 err
= dsl_dataset_set_refreservation(dsname
, source
, intval
);
2483 case ZFS_PROP_VOLSIZE
:
2484 err
= zvol_set_volsize(dsname
, intval
);
2486 case ZFS_PROP_SNAPDEV
:
2487 err
= zvol_set_snapdev(dsname
, source
, intval
);
2489 case ZFS_PROP_VOLMODE
:
2490 err
= zvol_set_volmode(dsname
, source
, intval
);
2492 case ZFS_PROP_VERSION
:
2496 if ((err
= zfsvfs_hold(dsname
, FTAG
, &zfsvfs
, B_TRUE
)) != 0)
2499 err
= zfs_set_version(zfsvfs
, intval
);
2500 zfsvfs_rele(zfsvfs
, FTAG
);
2502 if (err
== 0 && intval
>= ZPL_VERSION_USERSPACE
) {
2505 zc
= kmem_zalloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
2506 (void) strlcpy(zc
->zc_name
, dsname
,
2507 sizeof (zc
->zc_name
));
2508 (void) zfs_ioc_userspace_upgrade(zc
);
2509 (void) zfs_ioc_id_quota_upgrade(zc
);
2510 kmem_free(zc
, sizeof (zfs_cmd_t
));
2522 * This function is best effort. If it fails to set any of the given properties,
2523 * it continues to set as many as it can and returns the last error
2524 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2525 * with the list of names of all the properties that failed along with the
2526 * corresponding error numbers.
2528 * If every property is set successfully, zero is returned and errlist is not
2532 zfs_set_prop_nvlist(const char *dsname
, zprop_source_t source
, nvlist_t
*nvl
,
2541 nvlist_t
*genericnvl
= fnvlist_alloc();
2542 nvlist_t
*retrynvl
= fnvlist_alloc();
2545 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2546 const char *propname
= nvpair_name(pair
);
2547 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2550 /* decode the property value */
2552 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2554 attrs
= fnvpair_value_nvlist(pair
);
2555 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2557 err
= SET_ERROR(EINVAL
);
2560 /* Validate value type */
2561 if (err
== 0 && source
== ZPROP_SRC_INHERITED
) {
2562 /* inherited properties are expected to be booleans */
2563 if (nvpair_type(propval
) != DATA_TYPE_BOOLEAN
)
2564 err
= SET_ERROR(EINVAL
);
2565 } else if (err
== 0 && prop
== ZPROP_INVAL
) {
2566 if (zfs_prop_user(propname
)) {
2567 if (nvpair_type(propval
) != DATA_TYPE_STRING
)
2568 err
= SET_ERROR(EINVAL
);
2569 } else if (zfs_prop_userquota(propname
)) {
2570 if (nvpair_type(propval
) !=
2571 DATA_TYPE_UINT64_ARRAY
)
2572 err
= SET_ERROR(EINVAL
);
2574 err
= SET_ERROR(EINVAL
);
2576 } else if (err
== 0) {
2577 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2578 if (zfs_prop_get_type(prop
) != PROP_TYPE_STRING
)
2579 err
= SET_ERROR(EINVAL
);
2580 } else if (nvpair_type(propval
) == DATA_TYPE_UINT64
) {
2583 intval
= fnvpair_value_uint64(propval
);
2585 switch (zfs_prop_get_type(prop
)) {
2586 case PROP_TYPE_NUMBER
:
2588 case PROP_TYPE_STRING
:
2589 err
= SET_ERROR(EINVAL
);
2591 case PROP_TYPE_INDEX
:
2592 if (zfs_prop_index_to_string(prop
,
2593 intval
, &unused
) != 0)
2594 err
= SET_ERROR(EINVAL
);
2598 "unknown property type");
2601 err
= SET_ERROR(EINVAL
);
2605 /* Validate permissions */
2607 err
= zfs_check_settable(dsname
, pair
, CRED());
2610 if (source
== ZPROP_SRC_INHERITED
)
2611 err
= -1; /* does not need special handling */
2613 err
= zfs_prop_set_special(dsname
, source
,
2617 * For better performance we build up a list of
2618 * properties to set in a single transaction.
2620 err
= nvlist_add_nvpair(genericnvl
, pair
);
2621 } else if (err
!= 0 && nvl
!= retrynvl
) {
2623 * This may be a spurious error caused by
2624 * receiving quota and reservation out of order.
2625 * Try again in a second pass.
2627 err
= nvlist_add_nvpair(retrynvl
, pair
);
2632 if (errlist
!= NULL
)
2633 fnvlist_add_int32(errlist
, propname
, err
);
2638 if (nvl
!= retrynvl
&& !nvlist_empty(retrynvl
)) {
2643 if (!nvlist_empty(genericnvl
) &&
2644 dsl_props_set(dsname
, source
, genericnvl
) != 0) {
2646 * If this fails, we still want to set as many properties as we
2647 * can, so try setting them individually.
2650 while ((pair
= nvlist_next_nvpair(genericnvl
, pair
)) != NULL
) {
2651 const char *propname
= nvpair_name(pair
);
2655 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2657 attrs
= fnvpair_value_nvlist(pair
);
2658 propval
= fnvlist_lookup_nvpair(attrs
,
2662 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2663 strval
= fnvpair_value_string(propval
);
2664 err
= dsl_prop_set_string(dsname
, propname
,
2666 } else if (nvpair_type(propval
) == DATA_TYPE_BOOLEAN
) {
2667 err
= dsl_prop_inherit(dsname
, propname
,
2670 intval
= fnvpair_value_uint64(propval
);
2671 err
= dsl_prop_set_int(dsname
, propname
, source
,
2676 if (errlist
!= NULL
) {
2677 fnvlist_add_int32(errlist
, propname
,
2684 nvlist_free(genericnvl
);
2685 nvlist_free(retrynvl
);
2691 * Check that all the properties are valid user properties.
2694 zfs_check_userprops(nvlist_t
*nvl
)
2696 nvpair_t
*pair
= NULL
;
2698 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2699 const char *propname
= nvpair_name(pair
);
2701 if (!zfs_prop_user(propname
) ||
2702 nvpair_type(pair
) != DATA_TYPE_STRING
)
2703 return (SET_ERROR(EINVAL
));
2705 if (strlen(propname
) >= ZAP_MAXNAMELEN
)
2706 return (SET_ERROR(ENAMETOOLONG
));
2708 if (strlen(fnvpair_value_string(pair
)) >= ZAP_MAXVALUELEN
)
2709 return (SET_ERROR(E2BIG
));
2715 props_skip(nvlist_t
*props
, nvlist_t
*skipped
, nvlist_t
**newprops
)
2719 VERIFY(nvlist_alloc(newprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2722 while ((pair
= nvlist_next_nvpair(props
, pair
)) != NULL
) {
2723 if (nvlist_exists(skipped
, nvpair_name(pair
)))
2726 VERIFY(nvlist_add_nvpair(*newprops
, pair
) == 0);
2731 clear_received_props(const char *dsname
, nvlist_t
*props
,
2735 nvlist_t
*cleared_props
= NULL
;
2736 props_skip(props
, skipped
, &cleared_props
);
2737 if (!nvlist_empty(cleared_props
)) {
2739 * Acts on local properties until the dataset has received
2740 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2742 zprop_source_t flags
= (ZPROP_SRC_NONE
|
2743 (dsl_prop_get_hasrecvd(dsname
) ? ZPROP_SRC_RECEIVED
: 0));
2744 err
= zfs_set_prop_nvlist(dsname
, flags
, cleared_props
, NULL
);
2746 nvlist_free(cleared_props
);
2752 * zc_name name of filesystem
2753 * zc_value name of property to set
2754 * zc_nvlist_src{_size} nvlist of properties to apply
2755 * zc_cookie received properties flag
2758 * zc_nvlist_dst{_size} error for each unapplied received property
2761 zfs_ioc_set_prop(zfs_cmd_t
*zc
)
2764 boolean_t received
= zc
->zc_cookie
;
2765 zprop_source_t source
= (received
? ZPROP_SRC_RECEIVED
:
2770 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2771 zc
->zc_iflags
, &nvl
)) != 0)
2775 nvlist_t
*origprops
;
2777 if (dsl_prop_get_received(zc
->zc_name
, &origprops
) == 0) {
2778 (void) clear_received_props(zc
->zc_name
,
2780 nvlist_free(origprops
);
2783 error
= dsl_prop_set_hasrecvd(zc
->zc_name
);
2786 errors
= fnvlist_alloc();
2788 error
= zfs_set_prop_nvlist(zc
->zc_name
, source
, nvl
, errors
);
2790 if (zc
->zc_nvlist_dst
!= 0 && errors
!= NULL
) {
2791 (void) put_nvlist(zc
, errors
);
2794 nvlist_free(errors
);
2801 * zc_name name of filesystem
2802 * zc_value name of property to inherit
2803 * zc_cookie revert to received value if TRUE
2808 zfs_ioc_inherit_prop(zfs_cmd_t
*zc
)
2810 const char *propname
= zc
->zc_value
;
2811 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2812 boolean_t received
= zc
->zc_cookie
;
2813 zprop_source_t source
= (received
2814 ? ZPROP_SRC_NONE
/* revert to received value, if any */
2815 : ZPROP_SRC_INHERITED
); /* explicitly inherit */
2823 * Only check this in the non-received case. We want to allow
2824 * 'inherit -S' to revert non-inheritable properties like quota
2825 * and reservation to the received or default values even though
2826 * they are not considered inheritable.
2828 if (prop
!= ZPROP_INVAL
&& !zfs_prop_inheritable(prop
))
2829 return (SET_ERROR(EINVAL
));
2832 if (prop
== ZPROP_INVAL
) {
2833 if (!zfs_prop_user(propname
))
2834 return (SET_ERROR(EINVAL
));
2836 type
= PROP_TYPE_STRING
;
2837 } else if (prop
== ZFS_PROP_VOLSIZE
|| prop
== ZFS_PROP_VERSION
) {
2838 return (SET_ERROR(EINVAL
));
2840 type
= zfs_prop_get_type(prop
);
2844 * zfs_prop_set_special() expects properties in the form of an
2845 * nvpair with type info.
2847 dummy
= fnvlist_alloc();
2850 case PROP_TYPE_STRING
:
2851 VERIFY(0 == nvlist_add_string(dummy
, propname
, ""));
2853 case PROP_TYPE_NUMBER
:
2854 case PROP_TYPE_INDEX
:
2855 VERIFY(0 == nvlist_add_uint64(dummy
, propname
, 0));
2858 err
= SET_ERROR(EINVAL
);
2862 pair
= nvlist_next_nvpair(dummy
, NULL
);
2864 err
= SET_ERROR(EINVAL
);
2866 err
= zfs_prop_set_special(zc
->zc_name
, source
, pair
);
2867 if (err
== -1) /* property is not "special", needs handling */
2868 err
= dsl_prop_inherit(zc
->zc_name
, zc
->zc_value
,
2878 zfs_ioc_pool_set_props(zfs_cmd_t
*zc
)
2885 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2886 zc
->zc_iflags
, &props
)))
2890 * If the only property is the configfile, then just do a spa_lookup()
2891 * to handle the faulted case.
2893 pair
= nvlist_next_nvpair(props
, NULL
);
2894 if (pair
!= NULL
&& strcmp(nvpair_name(pair
),
2895 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE
)) == 0 &&
2896 nvlist_next_nvpair(props
, pair
) == NULL
) {
2897 mutex_enter(&spa_namespace_lock
);
2898 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
) {
2899 spa_configfile_set(spa
, props
, B_FALSE
);
2900 spa_write_cachefile(spa
, B_FALSE
, B_TRUE
);
2902 mutex_exit(&spa_namespace_lock
);
2909 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2914 error
= spa_prop_set(spa
, props
);
2917 spa_close(spa
, FTAG
);
2923 zfs_ioc_pool_get_props(zfs_cmd_t
*zc
)
2927 nvlist_t
*nvp
= NULL
;
2929 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2931 * If the pool is faulted, there may be properties we can still
2932 * get (such as altroot and cachefile), so attempt to get them
2935 mutex_enter(&spa_namespace_lock
);
2936 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
)
2937 error
= spa_prop_get(spa
, &nvp
);
2938 mutex_exit(&spa_namespace_lock
);
2940 error
= spa_prop_get(spa
, &nvp
);
2941 spa_close(spa
, FTAG
);
2944 if (error
== 0 && zc
->zc_nvlist_dst
!= 0)
2945 error
= put_nvlist(zc
, nvp
);
2947 error
= SET_ERROR(EFAULT
);
2955 * zc_name name of filesystem
2956 * zc_nvlist_src{_size} nvlist of delegated permissions
2957 * zc_perm_action allow/unallow flag
2962 zfs_ioc_set_fsacl(zfs_cmd_t
*zc
)
2965 nvlist_t
*fsaclnv
= NULL
;
2967 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2968 zc
->zc_iflags
, &fsaclnv
)) != 0)
2972 * Verify nvlist is constructed correctly
2974 if ((error
= zfs_deleg_verify_nvlist(fsaclnv
)) != 0) {
2975 nvlist_free(fsaclnv
);
2976 return (SET_ERROR(EINVAL
));
2980 * If we don't have PRIV_SYS_MOUNT, then validate
2981 * that user is allowed to hand out each permission in
2985 error
= secpolicy_zfs(CRED());
2987 if (zc
->zc_perm_action
== B_FALSE
) {
2988 error
= dsl_deleg_can_allow(zc
->zc_name
,
2991 error
= dsl_deleg_can_unallow(zc
->zc_name
,
2997 error
= dsl_deleg_set(zc
->zc_name
, fsaclnv
, zc
->zc_perm_action
);
2999 nvlist_free(fsaclnv
);
3005 * zc_name name of filesystem
3008 * zc_nvlist_src{_size} nvlist of delegated permissions
3011 zfs_ioc_get_fsacl(zfs_cmd_t
*zc
)
3016 if ((error
= dsl_deleg_get(zc
->zc_name
, &nvp
)) == 0) {
3017 error
= put_nvlist(zc
, nvp
);
3026 zfs_create_cb(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
)
3028 zfs_creat_t
*zct
= arg
;
3030 zfs_create_fs(os
, cr
, zct
->zct_zplprops
, tx
);
3033 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
3037 * os parent objset pointer (NULL if root fs)
3038 * fuids_ok fuids allowed in this version of the spa?
3039 * sa_ok SAs allowed in this version of the spa?
3040 * createprops list of properties requested by creator
3043 * zplprops values for the zplprops we attach to the master node object
3044 * is_ci true if requested file system will be purely case-insensitive
3046 * Determine the settings for utf8only, normalization and
3047 * casesensitivity. Specific values may have been requested by the
3048 * creator and/or we can inherit values from the parent dataset. If
3049 * the file system is of too early a vintage, a creator can not
3050 * request settings for these properties, even if the requested
3051 * setting is the default value. We don't actually want to create dsl
3052 * properties for these, so remove them from the source nvlist after
3056 zfs_fill_zplprops_impl(objset_t
*os
, uint64_t zplver
,
3057 boolean_t fuids_ok
, boolean_t sa_ok
, nvlist_t
*createprops
,
3058 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3060 uint64_t sense
= ZFS_PROP_UNDEFINED
;
3061 uint64_t norm
= ZFS_PROP_UNDEFINED
;
3062 uint64_t u8
= ZFS_PROP_UNDEFINED
;
3065 ASSERT(zplprops
!= NULL
);
3067 /* parent dataset must be a filesystem */
3068 if (os
!= NULL
&& os
->os_phys
->os_type
!= DMU_OST_ZFS
)
3069 return (SET_ERROR(ZFS_ERR_WRONG_PARENT
));
3072 * Pull out creator prop choices, if any.
3075 (void) nvlist_lookup_uint64(createprops
,
3076 zfs_prop_to_name(ZFS_PROP_VERSION
), &zplver
);
3077 (void) nvlist_lookup_uint64(createprops
,
3078 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), &norm
);
3079 (void) nvlist_remove_all(createprops
,
3080 zfs_prop_to_name(ZFS_PROP_NORMALIZE
));
3081 (void) nvlist_lookup_uint64(createprops
,
3082 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), &u8
);
3083 (void) nvlist_remove_all(createprops
,
3084 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
));
3085 (void) nvlist_lookup_uint64(createprops
,
3086 zfs_prop_to_name(ZFS_PROP_CASE
), &sense
);
3087 (void) nvlist_remove_all(createprops
,
3088 zfs_prop_to_name(ZFS_PROP_CASE
));
3092 * If the zpl version requested is whacky or the file system
3093 * or pool is version is too "young" to support normalization
3094 * and the creator tried to set a value for one of the props,
3097 if ((zplver
< ZPL_VERSION_INITIAL
|| zplver
> ZPL_VERSION
) ||
3098 (zplver
>= ZPL_VERSION_FUID
&& !fuids_ok
) ||
3099 (zplver
>= ZPL_VERSION_SA
&& !sa_ok
) ||
3100 (zplver
< ZPL_VERSION_NORMALIZATION
&&
3101 (norm
!= ZFS_PROP_UNDEFINED
|| u8
!= ZFS_PROP_UNDEFINED
||
3102 sense
!= ZFS_PROP_UNDEFINED
)))
3103 return (SET_ERROR(ENOTSUP
));
3106 * Put the version in the zplprops
3108 VERIFY(nvlist_add_uint64(zplprops
,
3109 zfs_prop_to_name(ZFS_PROP_VERSION
), zplver
) == 0);
3111 if (norm
== ZFS_PROP_UNDEFINED
&&
3112 (error
= zfs_get_zplprop(os
, ZFS_PROP_NORMALIZE
, &norm
)) != 0)
3114 VERIFY(nvlist_add_uint64(zplprops
,
3115 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), norm
) == 0);
3118 * If we're normalizing, names must always be valid UTF-8 strings.
3122 if (u8
== ZFS_PROP_UNDEFINED
&&
3123 (error
= zfs_get_zplprop(os
, ZFS_PROP_UTF8ONLY
, &u8
)) != 0)
3125 VERIFY(nvlist_add_uint64(zplprops
,
3126 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), u8
) == 0);
3128 if (sense
== ZFS_PROP_UNDEFINED
&&
3129 (error
= zfs_get_zplprop(os
, ZFS_PROP_CASE
, &sense
)) != 0)
3131 VERIFY(nvlist_add_uint64(zplprops
,
3132 zfs_prop_to_name(ZFS_PROP_CASE
), sense
) == 0);
3135 *is_ci
= (sense
== ZFS_CASE_INSENSITIVE
);
3141 zfs_fill_zplprops(const char *dataset
, nvlist_t
*createprops
,
3142 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3144 boolean_t fuids_ok
, sa_ok
;
3145 uint64_t zplver
= ZPL_VERSION
;
3146 objset_t
*os
= NULL
;
3147 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
3152 zfs_get_parent(dataset
, parentname
, sizeof (parentname
));
3154 if ((error
= spa_open(dataset
, &spa
, FTAG
)) != 0)
3157 spa_vers
= spa_version(spa
);
3158 spa_close(spa
, FTAG
);
3160 zplver
= zfs_zpl_version_map(spa_vers
);
3161 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
3162 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
3165 * Open parent object set so we can inherit zplprop values.
3167 if ((error
= dmu_objset_hold(parentname
, FTAG
, &os
)) != 0)
3170 error
= zfs_fill_zplprops_impl(os
, zplver
, fuids_ok
, sa_ok
, createprops
,
3172 dmu_objset_rele(os
, FTAG
);
3177 zfs_fill_zplprops_root(uint64_t spa_vers
, nvlist_t
*createprops
,
3178 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3182 uint64_t zplver
= ZPL_VERSION
;
3185 zplver
= zfs_zpl_version_map(spa_vers
);
3186 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
3187 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
3189 error
= zfs_fill_zplprops_impl(NULL
, zplver
, fuids_ok
, sa_ok
,
3190 createprops
, zplprops
, is_ci
);
3196 * "type" -> dmu_objset_type_t (int32)
3197 * (optional) "props" -> { prop -> value }
3198 * (optional) "hidden_args" -> { "wkeydata" -> value }
3199 * raw uint8_t array of encryption wrapping key data (32 bytes)
3202 * outnvl: propname -> error code (int32)
3205 static const zfs_ioc_key_t zfs_keys_create
[] = {
3206 {"type", DATA_TYPE_INT32
, 0},
3207 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3208 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3212 zfs_ioc_create(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3215 zfs_creat_t zct
= { 0 };
3216 nvlist_t
*nvprops
= NULL
;
3217 nvlist_t
*hidden_args
= NULL
;
3218 void (*cbfunc
)(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
);
3219 dmu_objset_type_t type
;
3220 boolean_t is_insensitive
= B_FALSE
;
3221 dsl_crypto_params_t
*dcp
= NULL
;
3223 type
= (dmu_objset_type_t
)fnvlist_lookup_int32(innvl
, "type");
3224 (void) nvlist_lookup_nvlist(innvl
, "props", &nvprops
);
3225 (void) nvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
, &hidden_args
);
3229 cbfunc
= zfs_create_cb
;
3233 cbfunc
= zvol_create_cb
;
3240 if (strchr(fsname
, '@') ||
3241 strchr(fsname
, '%'))
3242 return (SET_ERROR(EINVAL
));
3244 zct
.zct_props
= nvprops
;
3247 return (SET_ERROR(EINVAL
));
3249 if (type
== DMU_OST_ZVOL
) {
3250 uint64_t volsize
, volblocksize
;
3252 if (nvprops
== NULL
)
3253 return (SET_ERROR(EINVAL
));
3254 if (nvlist_lookup_uint64(nvprops
,
3255 zfs_prop_to_name(ZFS_PROP_VOLSIZE
), &volsize
) != 0)
3256 return (SET_ERROR(EINVAL
));
3258 if ((error
= nvlist_lookup_uint64(nvprops
,
3259 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE
),
3260 &volblocksize
)) != 0 && error
!= ENOENT
)
3261 return (SET_ERROR(EINVAL
));
3264 volblocksize
= zfs_prop_default_numeric(
3265 ZFS_PROP_VOLBLOCKSIZE
);
3267 if ((error
= zvol_check_volblocksize(fsname
,
3268 volblocksize
)) != 0 ||
3269 (error
= zvol_check_volsize(volsize
,
3270 volblocksize
)) != 0)
3272 } else if (type
== DMU_OST_ZFS
) {
3276 * We have to have normalization and
3277 * case-folding flags correct when we do the
3278 * file system creation, so go figure them out
3281 VERIFY(nvlist_alloc(&zct
.zct_zplprops
,
3282 NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
3283 error
= zfs_fill_zplprops(fsname
, nvprops
,
3284 zct
.zct_zplprops
, &is_insensitive
);
3286 nvlist_free(zct
.zct_zplprops
);
3291 error
= dsl_crypto_params_create_nvlist(DCP_CMD_NONE
, nvprops
,
3294 nvlist_free(zct
.zct_zplprops
);
3298 error
= dmu_objset_create(fsname
, type
,
3299 is_insensitive
? DS_FLAG_CI_DATASET
: 0, dcp
, cbfunc
, &zct
);
3301 nvlist_free(zct
.zct_zplprops
);
3302 dsl_crypto_params_free(dcp
, !!error
);
3305 * It would be nice to do this atomically.
3308 error
= zfs_set_prop_nvlist(fsname
, ZPROP_SRC_LOCAL
,
3315 * Volumes will return EBUSY and cannot be destroyed
3316 * until all asynchronous minor handling (e.g. from
3317 * setting the volmode property) has completed. Wait for
3318 * the spa_zvol_taskq to drain then retry.
3320 error2
= dsl_destroy_head(fsname
);
3321 while ((error2
== EBUSY
) && (type
== DMU_OST_ZVOL
)) {
3322 error2
= spa_open(fsname
, &spa
, FTAG
);
3324 taskq_wait(spa
->spa_zvol_taskq
);
3325 spa_close(spa
, FTAG
);
3327 error2
= dsl_destroy_head(fsname
);
3336 * "origin" -> name of origin snapshot
3337 * (optional) "props" -> { prop -> value }
3338 * (optional) "hidden_args" -> { "wkeydata" -> value }
3339 * raw uint8_t array of encryption wrapping key data (32 bytes)
3343 * outnvl: propname -> error code (int32)
3345 static const zfs_ioc_key_t zfs_keys_clone
[] = {
3346 {"origin", DATA_TYPE_STRING
, 0},
3347 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3348 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3352 zfs_ioc_clone(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3355 nvlist_t
*nvprops
= NULL
;
3358 origin_name
= fnvlist_lookup_string(innvl
, "origin");
3359 (void) nvlist_lookup_nvlist(innvl
, "props", &nvprops
);
3361 if (strchr(fsname
, '@') ||
3362 strchr(fsname
, '%'))
3363 return (SET_ERROR(EINVAL
));
3365 if (dataset_namecheck(origin_name
, NULL
, NULL
) != 0)
3366 return (SET_ERROR(EINVAL
));
3368 error
= dmu_objset_clone(fsname
, origin_name
);
3371 * It would be nice to do this atomically.
3374 error
= zfs_set_prop_nvlist(fsname
, ZPROP_SRC_LOCAL
,
3377 (void) dsl_destroy_head(fsname
);
3382 static const zfs_ioc_key_t zfs_keys_remap
[] = {
3388 zfs_ioc_remap(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3390 /* This IOCTL is no longer supported. */
3396 * "snaps" -> { snapshot1, snapshot2 }
3397 * (optional) "props" -> { prop -> value (string) }
3400 * outnvl: snapshot -> error code (int32)
3402 static const zfs_ioc_key_t zfs_keys_snapshot
[] = {
3403 {"snaps", DATA_TYPE_NVLIST
, 0},
3404 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
3408 zfs_ioc_snapshot(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3411 nvlist_t
*props
= NULL
;
3415 (void) nvlist_lookup_nvlist(innvl
, "props", &props
);
3416 if (!nvlist_empty(props
) &&
3417 zfs_earlier_version(poolname
, SPA_VERSION_SNAP_PROPS
))
3418 return (SET_ERROR(ENOTSUP
));
3419 if ((error
= zfs_check_userprops(props
)) != 0)
3422 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
3423 poollen
= strlen(poolname
);
3424 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
3425 pair
= nvlist_next_nvpair(snaps
, pair
)) {
3426 const char *name
= nvpair_name(pair
);
3427 char *cp
= strchr(name
, '@');
3430 * The snap name must contain an @, and the part after it must
3431 * contain only valid characters.
3434 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
3435 return (SET_ERROR(EINVAL
));
3438 * The snap must be in the specified pool.
3440 if (strncmp(name
, poolname
, poollen
) != 0 ||
3441 (name
[poollen
] != '/' && name
[poollen
] != '@'))
3442 return (SET_ERROR(EXDEV
));
3445 * Check for permission to set the properties on the fs.
3447 if (!nvlist_empty(props
)) {
3449 error
= zfs_secpolicy_write_perms(name
,
3450 ZFS_DELEG_PERM_USERPROP
, CRED());
3456 /* This must be the only snap of this fs. */
3457 for (nvpair_t
*pair2
= nvlist_next_nvpair(snaps
, pair
);
3458 pair2
!= NULL
; pair2
= nvlist_next_nvpair(snaps
, pair2
)) {
3459 if (strncmp(name
, nvpair_name(pair2
), cp
- name
+ 1)
3461 return (SET_ERROR(EXDEV
));
3466 error
= dsl_dataset_snapshot(snaps
, props
, outnvl
);
3472 * innvl: "message" -> string
3474 static const zfs_ioc_key_t zfs_keys_log_history
[] = {
3475 {"message", DATA_TYPE_STRING
, 0},
3480 zfs_ioc_log_history(const char *unused
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3488 * The poolname in the ioctl is not set, we get it from the TSD,
3489 * which was set at the end of the last successful ioctl that allows
3490 * logging. The secpolicy func already checked that it is set.
3491 * Only one log ioctl is allowed after each successful ioctl, so
3492 * we clear the TSD here.
3494 poolname
= tsd_get(zfs_allow_log_key
);
3495 if (poolname
== NULL
)
3496 return (SET_ERROR(EINVAL
));
3497 (void) tsd_set(zfs_allow_log_key
, NULL
);
3498 error
= spa_open(poolname
, &spa
, FTAG
);
3499 kmem_strfree(poolname
);
3503 message
= fnvlist_lookup_string(innvl
, "message");
3505 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
3506 spa_close(spa
, FTAG
);
3507 return (SET_ERROR(ENOTSUP
));
3510 error
= spa_history_log(spa
, message
);
3511 spa_close(spa
, FTAG
);
3516 * This ioctl is used to set the bootenv configuration on the current
3517 * pool. This configuration is stored in the second padding area of the label,
3518 * and it is used by the GRUB bootloader used on Linux to store the contents
3519 * of the grubenv file. The file is stored as raw ASCII, and is protected by
3520 * an embedded checksum. By default, GRUB will check if the boot filesystem
3521 * supports storing the environment data in a special location, and if so,
3522 * will invoke filesystem specific logic to retrieve it. This can be overridden
3523 * by a variable, should the user so desire.
3526 static const zfs_ioc_key_t zfs_keys_set_bootenv
[] = {
3527 {"envmap", DATA_TYPE_STRING
, 0},
3531 zfs_ioc_set_bootenv(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3537 envmap
= fnvlist_lookup_string(innvl
, "envmap");
3538 if ((error
= spa_open(name
, &spa
, FTAG
)) != 0)
3540 spa_vdev_state_enter(spa
, SCL_ALL
);
3541 error
= vdev_label_write_bootenv(spa
->spa_root_vdev
, envmap
);
3542 (void) spa_vdev_state_exit(spa
, NULL
, 0);
3543 spa_close(spa
, FTAG
);
3547 static const zfs_ioc_key_t zfs_keys_get_bootenv
[] = {
3553 zfs_ioc_get_bootenv(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3558 if ((error
= spa_open(name
, &spa
, FTAG
)) != 0)
3560 spa_vdev_state_enter(spa
, SCL_ALL
);
3561 error
= vdev_label_read_bootenv(spa
->spa_root_vdev
, outnvl
);
3562 (void) spa_vdev_state_exit(spa
, NULL
, 0);
3563 spa_close(spa
, FTAG
);
3568 * The dp_config_rwlock must not be held when calling this, because the
3569 * unmount may need to write out data.
3571 * This function is best-effort. Callers must deal gracefully if it
3572 * remains mounted (or is remounted after this call).
3574 * Returns 0 if the argument is not a snapshot, or it is not currently a
3575 * filesystem, or we were able to unmount it. Returns error code otherwise.
3578 zfs_unmount_snap(const char *snapname
)
3580 if (strchr(snapname
, '@') == NULL
)
3583 (void) zfsctl_snapshot_unmount((char *)snapname
, MNT_FORCE
);
3588 zfs_unmount_snap_cb(const char *snapname
, void *arg
)
3590 zfs_unmount_snap(snapname
);
3595 * When a clone is destroyed, its origin may also need to be destroyed,
3596 * in which case it must be unmounted. This routine will do that unmount
3600 zfs_destroy_unmount_origin(const char *fsname
)
3606 error
= dmu_objset_hold(fsname
, FTAG
, &os
);
3609 ds
= dmu_objset_ds(os
);
3610 if (dsl_dir_is_clone(ds
->ds_dir
) && DS_IS_DEFER_DESTROY(ds
->ds_prev
)) {
3611 char originname
[ZFS_MAX_DATASET_NAME_LEN
];
3612 dsl_dataset_name(ds
->ds_prev
, originname
);
3613 dmu_objset_rele(os
, FTAG
);
3614 zfs_unmount_snap(originname
);
3616 dmu_objset_rele(os
, FTAG
);
3622 * "snaps" -> { snapshot1, snapshot2 }
3623 * (optional boolean) "defer"
3626 * outnvl: snapshot -> error code (int32)
3628 static const zfs_ioc_key_t zfs_keys_destroy_snaps
[] = {
3629 {"snaps", DATA_TYPE_NVLIST
, 0},
3630 {"defer", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
3635 zfs_ioc_destroy_snaps(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3643 snaps
= fnvlist_lookup_nvlist(innvl
, "snaps");
3644 defer
= nvlist_exists(innvl
, "defer");
3646 poollen
= strlen(poolname
);
3647 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
3648 pair
= nvlist_next_nvpair(snaps
, pair
)) {
3649 const char *name
= nvpair_name(pair
);
3652 * The snap must be in the specified pool to prevent the
3653 * invalid removal of zvol minors below.
3655 if (strncmp(name
, poolname
, poollen
) != 0 ||
3656 (name
[poollen
] != '/' && name
[poollen
] != '@'))
3657 return (SET_ERROR(EXDEV
));
3659 zfs_unmount_snap(nvpair_name(pair
));
3660 if (spa_open(name
, &spa
, FTAG
) == 0) {
3661 zvol_remove_minors(spa
, name
, B_TRUE
);
3662 spa_close(spa
, FTAG
);
3666 return (dsl_destroy_snapshots_nvl(snaps
, defer
, outnvl
));
3670 * Create bookmarks. The bookmark names are of the form <fs>#<bmark>.
3671 * All bookmarks and snapshots must be in the same pool.
3672 * dsl_bookmark_create_nvl_validate describes the nvlist schema in more detail.
3675 * new_bookmark1 -> existing_snapshot,
3676 * new_bookmark2 -> existing_bookmark,
3679 * outnvl: bookmark -> error code (int32)
3682 static const zfs_ioc_key_t zfs_keys_bookmark
[] = {
3683 {"<bookmark>...", DATA_TYPE_STRING
, ZK_WILDCARDLIST
},
3688 zfs_ioc_bookmark(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3690 return (dsl_bookmark_create(innvl
, outnvl
));
3695 * property 1, property 2, ...
3699 * bookmark name 1 -> { property 1, property 2, ... },
3700 * bookmark name 2 -> { property 1, property 2, ... }
3704 static const zfs_ioc_key_t zfs_keys_get_bookmarks
[] = {
3705 {"<property>...", DATA_TYPE_BOOLEAN
, ZK_WILDCARDLIST
| ZK_OPTIONAL
},
3709 zfs_ioc_get_bookmarks(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3711 return (dsl_get_bookmarks(fsname
, innvl
, outnvl
));
3715 * innvl is not used.
3718 * property 1, property 2, ...
3722 static const zfs_ioc_key_t zfs_keys_get_bookmark_props
[] = {
3728 zfs_ioc_get_bookmark_props(const char *bookmark
, nvlist_t
*innvl
,
3731 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
3734 bmname
= strchr(bookmark
, '#');
3736 return (SET_ERROR(EINVAL
));
3739 (void) strlcpy(fsname
, bookmark
, sizeof (fsname
));
3740 *(strchr(fsname
, '#')) = '\0';
3742 return (dsl_get_bookmark_props(fsname
, bmname
, outnvl
));
3747 * bookmark name 1, bookmark name 2
3750 * outnvl: bookmark -> error code (int32)
3753 static const zfs_ioc_key_t zfs_keys_destroy_bookmarks
[] = {
3754 {"<bookmark>...", DATA_TYPE_BOOLEAN
, ZK_WILDCARDLIST
},
3758 zfs_ioc_destroy_bookmarks(const char *poolname
, nvlist_t
*innvl
,
3763 poollen
= strlen(poolname
);
3764 for (nvpair_t
*pair
= nvlist_next_nvpair(innvl
, NULL
);
3765 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
3766 const char *name
= nvpair_name(pair
);
3767 const char *cp
= strchr(name
, '#');
3770 * The bookmark name must contain an #, and the part after it
3771 * must contain only valid characters.
3774 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
3775 return (SET_ERROR(EINVAL
));
3778 * The bookmark must be in the specified pool.
3780 if (strncmp(name
, poolname
, poollen
) != 0 ||
3781 (name
[poollen
] != '/' && name
[poollen
] != '#'))
3782 return (SET_ERROR(EXDEV
));
3785 error
= dsl_bookmark_destroy(innvl
, outnvl
);
3789 static const zfs_ioc_key_t zfs_keys_channel_program
[] = {
3790 {"program", DATA_TYPE_STRING
, 0},
3791 {"arg", DATA_TYPE_ANY
, 0},
3792 {"sync", DATA_TYPE_BOOLEAN_VALUE
, ZK_OPTIONAL
},
3793 {"instrlimit", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
3794 {"memlimit", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
3798 zfs_ioc_channel_program(const char *poolname
, nvlist_t
*innvl
,
3802 uint64_t instrlimit
, memlimit
;
3803 boolean_t sync_flag
;
3804 nvpair_t
*nvarg
= NULL
;
3806 program
= fnvlist_lookup_string(innvl
, ZCP_ARG_PROGRAM
);
3807 if (0 != nvlist_lookup_boolean_value(innvl
, ZCP_ARG_SYNC
, &sync_flag
)) {
3810 if (0 != nvlist_lookup_uint64(innvl
, ZCP_ARG_INSTRLIMIT
, &instrlimit
)) {
3811 instrlimit
= ZCP_DEFAULT_INSTRLIMIT
;
3813 if (0 != nvlist_lookup_uint64(innvl
, ZCP_ARG_MEMLIMIT
, &memlimit
)) {
3814 memlimit
= ZCP_DEFAULT_MEMLIMIT
;
3816 nvarg
= fnvlist_lookup_nvpair(innvl
, ZCP_ARG_ARGLIST
);
3818 if (instrlimit
== 0 || instrlimit
> zfs_lua_max_instrlimit
)
3819 return (SET_ERROR(EINVAL
));
3820 if (memlimit
== 0 || memlimit
> zfs_lua_max_memlimit
)
3821 return (SET_ERROR(EINVAL
));
3823 return (zcp_eval(poolname
, program
, sync_flag
, instrlimit
, memlimit
,
3831 static const zfs_ioc_key_t zfs_keys_pool_checkpoint
[] = {
3837 zfs_ioc_pool_checkpoint(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3839 return (spa_checkpoint(poolname
));
3846 static const zfs_ioc_key_t zfs_keys_pool_discard_checkpoint
[] = {
3852 zfs_ioc_pool_discard_checkpoint(const char *poolname
, nvlist_t
*innvl
,
3855 return (spa_checkpoint_discard(poolname
));
3860 * zc_name name of dataset to destroy
3861 * zc_defer_destroy mark for deferred destroy
3866 zfs_ioc_destroy(zfs_cmd_t
*zc
)
3869 dmu_objset_type_t ost
;
3872 err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
3875 ost
= dmu_objset_type(os
);
3876 dmu_objset_rele(os
, FTAG
);
3878 if (ost
== DMU_OST_ZFS
)
3879 zfs_unmount_snap(zc
->zc_name
);
3881 if (strchr(zc
->zc_name
, '@')) {
3882 err
= dsl_destroy_snapshot(zc
->zc_name
, zc
->zc_defer_destroy
);
3884 err
= dsl_destroy_head(zc
->zc_name
);
3885 if (err
== EEXIST
) {
3887 * It is possible that the given DS may have
3888 * hidden child (%recv) datasets - "leftovers"
3889 * resulting from the previously interrupted
3892 * 6 extra bytes for /%recv
3894 char namebuf
[ZFS_MAX_DATASET_NAME_LEN
+ 6];
3896 if (snprintf(namebuf
, sizeof (namebuf
), "%s/%s",
3897 zc
->zc_name
, recv_clone_name
) >=
3899 return (SET_ERROR(EINVAL
));
3902 * Try to remove the hidden child (%recv) and after
3903 * that try to remove the target dataset.
3904 * If the hidden child (%recv) does not exist
3905 * the original error (EEXIST) will be returned
3907 err
= dsl_destroy_head(namebuf
);
3909 err
= dsl_destroy_head(zc
->zc_name
);
3910 else if (err
== ENOENT
)
3911 err
= SET_ERROR(EEXIST
);
3920 * "initialize_command" -> POOL_INITIALIZE_{CANCEL|START|SUSPEND} (uint64)
3921 * "initialize_vdevs": { -> guids to initialize (nvlist)
3922 * "vdev_path_1": vdev_guid_1, (uint64),
3923 * "vdev_path_2": vdev_guid_2, (uint64),
3929 * "initialize_vdevs": { -> initialization errors (nvlist)
3930 * "vdev_path_1": errno, see function body for possible errnos (uint64)
3931 * "vdev_path_2": errno, ... (uint64)
3936 * EINVAL is returned for an unknown commands or if any of the provided vdev
3937 * guids have be specified with a type other than uint64.
3939 static const zfs_ioc_key_t zfs_keys_pool_initialize
[] = {
3940 {ZPOOL_INITIALIZE_COMMAND
, DATA_TYPE_UINT64
, 0},
3941 {ZPOOL_INITIALIZE_VDEVS
, DATA_TYPE_NVLIST
, 0}
3945 zfs_ioc_pool_initialize(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3948 if (nvlist_lookup_uint64(innvl
, ZPOOL_INITIALIZE_COMMAND
,
3950 return (SET_ERROR(EINVAL
));
3953 if (!(cmd_type
== POOL_INITIALIZE_CANCEL
||
3954 cmd_type
== POOL_INITIALIZE_START
||
3955 cmd_type
== POOL_INITIALIZE_SUSPEND
)) {
3956 return (SET_ERROR(EINVAL
));
3959 nvlist_t
*vdev_guids
;
3960 if (nvlist_lookup_nvlist(innvl
, ZPOOL_INITIALIZE_VDEVS
,
3961 &vdev_guids
) != 0) {
3962 return (SET_ERROR(EINVAL
));
3965 for (nvpair_t
*pair
= nvlist_next_nvpair(vdev_guids
, NULL
);
3966 pair
!= NULL
; pair
= nvlist_next_nvpair(vdev_guids
, pair
)) {
3968 if (nvpair_value_uint64(pair
, &vdev_guid
) != 0) {
3969 return (SET_ERROR(EINVAL
));
3974 int error
= spa_open(poolname
, &spa
, FTAG
);
3978 nvlist_t
*vdev_errlist
= fnvlist_alloc();
3979 int total_errors
= spa_vdev_initialize(spa
, vdev_guids
, cmd_type
,
3982 if (fnvlist_size(vdev_errlist
) > 0) {
3983 fnvlist_add_nvlist(outnvl
, ZPOOL_INITIALIZE_VDEVS
,
3986 fnvlist_free(vdev_errlist
);
3988 spa_close(spa
, FTAG
);
3989 return (total_errors
> 0 ? EINVAL
: 0);
3994 * "trim_command" -> POOL_TRIM_{CANCEL|START|SUSPEND} (uint64)
3995 * "trim_vdevs": { -> guids to TRIM (nvlist)
3996 * "vdev_path_1": vdev_guid_1, (uint64),
3997 * "vdev_path_2": vdev_guid_2, (uint64),
4000 * "trim_rate" -> Target TRIM rate in bytes/sec.
4001 * "trim_secure" -> Set to request a secure TRIM.
4005 * "trim_vdevs": { -> TRIM errors (nvlist)
4006 * "vdev_path_1": errno, see function body for possible errnos (uint64)
4007 * "vdev_path_2": errno, ... (uint64)
4012 * EINVAL is returned for an unknown commands or if any of the provided vdev
4013 * guids have be specified with a type other than uint64.
4015 static const zfs_ioc_key_t zfs_keys_pool_trim
[] = {
4016 {ZPOOL_TRIM_COMMAND
, DATA_TYPE_UINT64
, 0},
4017 {ZPOOL_TRIM_VDEVS
, DATA_TYPE_NVLIST
, 0},
4018 {ZPOOL_TRIM_RATE
, DATA_TYPE_UINT64
, ZK_OPTIONAL
},
4019 {ZPOOL_TRIM_SECURE
, DATA_TYPE_BOOLEAN_VALUE
, ZK_OPTIONAL
},
4023 zfs_ioc_pool_trim(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4026 if (nvlist_lookup_uint64(innvl
, ZPOOL_TRIM_COMMAND
, &cmd_type
) != 0)
4027 return (SET_ERROR(EINVAL
));
4029 if (!(cmd_type
== POOL_TRIM_CANCEL
||
4030 cmd_type
== POOL_TRIM_START
||
4031 cmd_type
== POOL_TRIM_SUSPEND
)) {
4032 return (SET_ERROR(EINVAL
));
4035 nvlist_t
*vdev_guids
;
4036 if (nvlist_lookup_nvlist(innvl
, ZPOOL_TRIM_VDEVS
, &vdev_guids
) != 0)
4037 return (SET_ERROR(EINVAL
));
4039 for (nvpair_t
*pair
= nvlist_next_nvpair(vdev_guids
, NULL
);
4040 pair
!= NULL
; pair
= nvlist_next_nvpair(vdev_guids
, pair
)) {
4042 if (nvpair_value_uint64(pair
, &vdev_guid
) != 0) {
4043 return (SET_ERROR(EINVAL
));
4047 /* Optional, defaults to maximum rate when not provided */
4049 if (nvlist_lookup_uint64(innvl
, ZPOOL_TRIM_RATE
, &rate
) != 0)
4052 /* Optional, defaults to standard TRIM when not provided */
4054 if (nvlist_lookup_boolean_value(innvl
, ZPOOL_TRIM_SECURE
,
4060 int error
= spa_open(poolname
, &spa
, FTAG
);
4064 nvlist_t
*vdev_errlist
= fnvlist_alloc();
4065 int total_errors
= spa_vdev_trim(spa
, vdev_guids
, cmd_type
,
4066 rate
, !!zfs_trim_metaslab_skip
, secure
, vdev_errlist
);
4068 if (fnvlist_size(vdev_errlist
) > 0)
4069 fnvlist_add_nvlist(outnvl
, ZPOOL_TRIM_VDEVS
, vdev_errlist
);
4071 fnvlist_free(vdev_errlist
);
4073 spa_close(spa
, FTAG
);
4074 return (total_errors
> 0 ? EINVAL
: 0);
4078 * This ioctl waits for activity of a particular type to complete. If there is
4079 * no activity of that type in progress, it returns immediately, and the
4080 * returned value "waited" is false. If there is activity in progress, and no
4081 * tag is passed in, the ioctl blocks until all activity of that type is
4082 * complete, and then returns with "waited" set to true.
4084 * If a tag is provided, it identifies a particular instance of an activity to
4085 * wait for. Currently, this is only valid for use with 'initialize', because
4086 * that is the only activity for which there can be multiple instances running
4087 * concurrently. In the case of 'initialize', the tag corresponds to the guid of
4088 * the vdev on which to wait.
4090 * If a thread waiting in the ioctl receives a signal, the call will return
4091 * immediately, and the return value will be EINTR.
4094 * "wait_activity" -> int32_t
4095 * (optional) "wait_tag" -> uint64_t
4098 * outnvl: "waited" -> boolean_t
4100 static const zfs_ioc_key_t zfs_keys_pool_wait
[] = {
4101 {ZPOOL_WAIT_ACTIVITY
, DATA_TYPE_INT32
, 0},
4102 {ZPOOL_WAIT_TAG
, DATA_TYPE_UINT64
, ZK_OPTIONAL
},
4106 zfs_ioc_wait(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4113 if (nvlist_lookup_int32(innvl
, ZPOOL_WAIT_ACTIVITY
, &activity
) != 0)
4116 if (nvlist_lookup_uint64(innvl
, ZPOOL_WAIT_TAG
, &tag
) == 0)
4117 error
= spa_wait_tag(name
, activity
, tag
, &waited
);
4119 error
= spa_wait(name
, activity
, &waited
);
4122 fnvlist_add_boolean_value(outnvl
, ZPOOL_WAIT_WAITED
, waited
);
4128 * This ioctl waits for activity of a particular type to complete. If there is
4129 * no activity of that type in progress, it returns immediately, and the
4130 * returned value "waited" is false. If there is activity in progress, and no
4131 * tag is passed in, the ioctl blocks until all activity of that type is
4132 * complete, and then returns with "waited" set to true.
4134 * If a thread waiting in the ioctl receives a signal, the call will return
4135 * immediately, and the return value will be EINTR.
4138 * "wait_activity" -> int32_t
4141 * outnvl: "waited" -> boolean_t
4143 static const zfs_ioc_key_t zfs_keys_fs_wait
[] = {
4144 {ZFS_WAIT_ACTIVITY
, DATA_TYPE_INT32
, 0},
4148 zfs_ioc_wait_fs(const char *name
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4151 boolean_t waited
= B_FALSE
;
4157 if (nvlist_lookup_int32(innvl
, ZFS_WAIT_ACTIVITY
, &activity
) != 0)
4158 return (SET_ERROR(EINVAL
));
4160 if (activity
>= ZFS_WAIT_NUM_ACTIVITIES
|| activity
< 0)
4161 return (SET_ERROR(EINVAL
));
4163 if ((error
= dsl_pool_hold(name
, FTAG
, &dp
)) != 0)
4166 if ((error
= dsl_dataset_hold(dp
, name
, FTAG
, &ds
)) != 0) {
4167 dsl_pool_rele(dp
, FTAG
);
4172 mutex_enter(&dd
->dd_activity_lock
);
4173 dd
->dd_activity_waiters
++;
4176 * We get a long-hold here so that the dsl_dataset_t and dsl_dir_t
4177 * aren't evicted while we're waiting. Normally this is prevented by
4178 * holding the pool, but we can't do that while we're waiting since
4179 * that would prevent TXGs from syncing out. Some of the functionality
4180 * of long-holds (e.g. preventing deletion) is unnecessary for this
4181 * case, since we would cancel the waiters before proceeding with a
4182 * deletion. An alternative mechanism for keeping the dataset around
4183 * could be developed but this is simpler.
4185 dsl_dataset_long_hold(ds
, FTAG
);
4186 dsl_pool_rele(dp
, FTAG
);
4188 error
= dsl_dir_wait(dd
, ds
, activity
, &waited
);
4190 dsl_dataset_long_rele(ds
, FTAG
);
4191 dd
->dd_activity_waiters
--;
4192 if (dd
->dd_activity_waiters
== 0)
4193 cv_signal(&dd
->dd_activity_cv
);
4194 mutex_exit(&dd
->dd_activity_lock
);
4196 dsl_dataset_rele(ds
, FTAG
);
4199 fnvlist_add_boolean_value(outnvl
, ZFS_WAIT_WAITED
, waited
);
4205 * fsname is name of dataset to rollback (to most recent snapshot)
4207 * innvl may contain name of expected target snapshot
4209 * outnvl: "target" -> name of most recent snapshot
4212 static const zfs_ioc_key_t zfs_keys_rollback
[] = {
4213 {"target", DATA_TYPE_STRING
, ZK_OPTIONAL
},
4218 zfs_ioc_rollback(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4221 zvol_state_handle_t
*zv
;
4222 char *target
= NULL
;
4225 (void) nvlist_lookup_string(innvl
, "target", &target
);
4226 if (target
!= NULL
) {
4227 const char *cp
= strchr(target
, '@');
4230 * The snap name must contain an @, and the part after it must
4231 * contain only valid characters.
4234 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
4235 return (SET_ERROR(EINVAL
));
4238 if (getzfsvfs(fsname
, &zfsvfs
) == 0) {
4241 ds
= dmu_objset_ds(zfsvfs
->z_os
);
4242 error
= zfs_suspend_fs(zfsvfs
);
4246 error
= dsl_dataset_rollback(fsname
, target
, zfsvfs
,
4248 resume_err
= zfs_resume_fs(zfsvfs
, ds
);
4249 error
= error
? error
: resume_err
;
4251 zfs_vfs_rele(zfsvfs
);
4252 } else if ((zv
= zvol_suspend(fsname
)) != NULL
) {
4253 error
= dsl_dataset_rollback(fsname
, target
, zvol_tag(zv
),
4257 error
= dsl_dataset_rollback(fsname
, target
, NULL
, outnvl
);
4263 recursive_unmount(const char *fsname
, void *arg
)
4265 const char *snapname
= arg
;
4268 fullname
= kmem_asprintf("%s@%s", fsname
, snapname
);
4269 zfs_unmount_snap(fullname
);
4270 kmem_strfree(fullname
);
4277 * snapname is the snapshot to redact.
4279 * "bookname" -> (string)
4280 * shortname of the redaction bookmark to generate
4281 * "snapnv" -> (nvlist, values ignored)
4282 * snapshots to redact snapname with respect to
4289 static const zfs_ioc_key_t zfs_keys_redact
[] = {
4290 {"bookname", DATA_TYPE_STRING
, 0},
4291 {"snapnv", DATA_TYPE_NVLIST
, 0},
4294 zfs_ioc_redact(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4296 nvlist_t
*redactnvl
= NULL
;
4297 char *redactbook
= NULL
;
4299 if (nvlist_lookup_nvlist(innvl
, "snapnv", &redactnvl
) != 0)
4300 return (SET_ERROR(EINVAL
));
4301 if (fnvlist_num_pairs(redactnvl
) == 0)
4302 return (SET_ERROR(ENXIO
));
4303 if (nvlist_lookup_string(innvl
, "bookname", &redactbook
) != 0)
4304 return (SET_ERROR(EINVAL
));
4306 return (dmu_redact_snap(snapname
, redactnvl
, redactbook
));
4311 * zc_name old name of dataset
4312 * zc_value new name of dataset
4313 * zc_cookie recursive flag (only valid for snapshots)
4318 zfs_ioc_rename(zfs_cmd_t
*zc
)
4321 dmu_objset_type_t ost
;
4322 boolean_t recursive
= zc
->zc_cookie
& 1;
4326 /* "zfs rename" from and to ...%recv datasets should both fail */
4327 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
4328 zc
->zc_value
[sizeof (zc
->zc_value
) - 1] = '\0';
4329 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0 ||
4330 dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
4331 strchr(zc
->zc_name
, '%') || strchr(zc
->zc_value
, '%'))
4332 return (SET_ERROR(EINVAL
));
4334 err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4337 ost
= dmu_objset_type(os
);
4338 dmu_objset_rele(os
, FTAG
);
4340 at
= strchr(zc
->zc_name
, '@');
4342 /* snaps must be in same fs */
4345 if (strncmp(zc
->zc_name
, zc
->zc_value
, at
- zc
->zc_name
+ 1))
4346 return (SET_ERROR(EXDEV
));
4348 if (ost
== DMU_OST_ZFS
) {
4349 error
= dmu_objset_find(zc
->zc_name
,
4350 recursive_unmount
, at
+ 1,
4351 recursive
? DS_FIND_CHILDREN
: 0);
4357 error
= dsl_dataset_rename_snapshot(zc
->zc_name
,
4358 at
+ 1, strchr(zc
->zc_value
, '@') + 1, recursive
);
4363 return (dsl_dir_rename(zc
->zc_name
, zc
->zc_value
));
4368 zfs_check_settable(const char *dsname
, nvpair_t
*pair
, cred_t
*cr
)
4370 const char *propname
= nvpair_name(pair
);
4371 boolean_t issnap
= (strchr(dsname
, '@') != NULL
);
4372 zfs_prop_t prop
= zfs_name_to_prop(propname
);
4376 if (prop
== ZPROP_INVAL
) {
4377 if (zfs_prop_user(propname
)) {
4378 if ((err
= zfs_secpolicy_write_perms(dsname
,
4379 ZFS_DELEG_PERM_USERPROP
, cr
)))
4384 if (!issnap
&& zfs_prop_userquota(propname
)) {
4385 const char *perm
= NULL
;
4386 const char *uq_prefix
=
4387 zfs_userquota_prop_prefixes
[ZFS_PROP_USERQUOTA
];
4388 const char *gq_prefix
=
4389 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPQUOTA
];
4390 const char *uiq_prefix
=
4391 zfs_userquota_prop_prefixes
[ZFS_PROP_USEROBJQUOTA
];
4392 const char *giq_prefix
=
4393 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPOBJQUOTA
];
4394 const char *pq_prefix
=
4395 zfs_userquota_prop_prefixes
[ZFS_PROP_PROJECTQUOTA
];
4396 const char *piq_prefix
= zfs_userquota_prop_prefixes
[\
4397 ZFS_PROP_PROJECTOBJQUOTA
];
4399 if (strncmp(propname
, uq_prefix
,
4400 strlen(uq_prefix
)) == 0) {
4401 perm
= ZFS_DELEG_PERM_USERQUOTA
;
4402 } else if (strncmp(propname
, uiq_prefix
,
4403 strlen(uiq_prefix
)) == 0) {
4404 perm
= ZFS_DELEG_PERM_USEROBJQUOTA
;
4405 } else if (strncmp(propname
, gq_prefix
,
4406 strlen(gq_prefix
)) == 0) {
4407 perm
= ZFS_DELEG_PERM_GROUPQUOTA
;
4408 } else if (strncmp(propname
, giq_prefix
,
4409 strlen(giq_prefix
)) == 0) {
4410 perm
= ZFS_DELEG_PERM_GROUPOBJQUOTA
;
4411 } else if (strncmp(propname
, pq_prefix
,
4412 strlen(pq_prefix
)) == 0) {
4413 perm
= ZFS_DELEG_PERM_PROJECTQUOTA
;
4414 } else if (strncmp(propname
, piq_prefix
,
4415 strlen(piq_prefix
)) == 0) {
4416 perm
= ZFS_DELEG_PERM_PROJECTOBJQUOTA
;
4418 /* {USER|GROUP|PROJECT}USED are read-only */
4419 return (SET_ERROR(EINVAL
));
4422 if ((err
= zfs_secpolicy_write_perms(dsname
, perm
, cr
)))
4427 return (SET_ERROR(EINVAL
));
4431 return (SET_ERROR(EINVAL
));
4433 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
4435 * dsl_prop_get_all_impl() returns properties in this
4439 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
4440 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4445 * Check that this value is valid for this pool version
4448 case ZFS_PROP_COMPRESSION
:
4450 * If the user specified gzip compression, make sure
4451 * the SPA supports it. We ignore any errors here since
4452 * we'll catch them later.
4454 if (nvpair_value_uint64(pair
, &intval
) == 0) {
4455 if (intval
>= ZIO_COMPRESS_GZIP_1
&&
4456 intval
<= ZIO_COMPRESS_GZIP_9
&&
4457 zfs_earlier_version(dsname
,
4458 SPA_VERSION_GZIP_COMPRESSION
)) {
4459 return (SET_ERROR(ENOTSUP
));
4462 if (intval
== ZIO_COMPRESS_ZLE
&&
4463 zfs_earlier_version(dsname
,
4464 SPA_VERSION_ZLE_COMPRESSION
))
4465 return (SET_ERROR(ENOTSUP
));
4467 if (intval
== ZIO_COMPRESS_LZ4
) {
4470 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4473 if (!spa_feature_is_enabled(spa
,
4474 SPA_FEATURE_LZ4_COMPRESS
)) {
4475 spa_close(spa
, FTAG
);
4476 return (SET_ERROR(ENOTSUP
));
4478 spa_close(spa
, FTAG
);
4482 * If this is a bootable dataset then
4483 * verify that the compression algorithm
4484 * is supported for booting. We must return
4485 * something other than ENOTSUP since it
4486 * implies a downrev pool version.
4488 if (zfs_is_bootfs(dsname
) &&
4489 !BOOTFS_COMPRESS_VALID(intval
)) {
4490 return (SET_ERROR(ERANGE
));
4495 case ZFS_PROP_COPIES
:
4496 if (zfs_earlier_version(dsname
, SPA_VERSION_DITTO_BLOCKS
))
4497 return (SET_ERROR(ENOTSUP
));
4500 case ZFS_PROP_VOLBLOCKSIZE
:
4501 case ZFS_PROP_RECORDSIZE
:
4502 /* Record sizes above 128k need the feature to be enabled */
4503 if (nvpair_value_uint64(pair
, &intval
) == 0 &&
4504 intval
> SPA_OLD_MAXBLOCKSIZE
) {
4508 * We don't allow setting the property above 1MB,
4509 * unless the tunable has been changed.
4511 if (intval
> zfs_max_recordsize
||
4512 intval
> SPA_MAXBLOCKSIZE
)
4513 return (SET_ERROR(ERANGE
));
4515 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4518 if (!spa_feature_is_enabled(spa
,
4519 SPA_FEATURE_LARGE_BLOCKS
)) {
4520 spa_close(spa
, FTAG
);
4521 return (SET_ERROR(ENOTSUP
));
4523 spa_close(spa
, FTAG
);
4527 case ZFS_PROP_DNODESIZE
:
4528 /* Dnode sizes above 512 need the feature to be enabled */
4529 if (nvpair_value_uint64(pair
, &intval
) == 0 &&
4530 intval
!= ZFS_DNSIZE_LEGACY
) {
4534 * If this is a bootable dataset then
4535 * we don't allow large (>512B) dnodes,
4536 * because GRUB doesn't support them.
4538 if (zfs_is_bootfs(dsname
) &&
4539 intval
!= ZFS_DNSIZE_LEGACY
) {
4540 return (SET_ERROR(EDOM
));
4543 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4546 if (!spa_feature_is_enabled(spa
,
4547 SPA_FEATURE_LARGE_DNODE
)) {
4548 spa_close(spa
, FTAG
);
4549 return (SET_ERROR(ENOTSUP
));
4551 spa_close(spa
, FTAG
);
4555 case ZFS_PROP_SPECIAL_SMALL_BLOCKS
:
4557 * This property could require the allocation classes
4558 * feature to be active for setting, however we allow
4559 * it so that tests of settable properties succeed.
4560 * The CLI will issue a warning in this case.
4564 case ZFS_PROP_SHARESMB
:
4565 if (zpl_earlier_version(dsname
, ZPL_VERSION_FUID
))
4566 return (SET_ERROR(ENOTSUP
));
4569 case ZFS_PROP_ACLINHERIT
:
4570 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
4571 nvpair_value_uint64(pair
, &intval
) == 0) {
4572 if (intval
== ZFS_ACL_PASSTHROUGH_X
&&
4573 zfs_earlier_version(dsname
,
4574 SPA_VERSION_PASSTHROUGH_X
))
4575 return (SET_ERROR(ENOTSUP
));
4578 case ZFS_PROP_CHECKSUM
:
4579 case ZFS_PROP_DEDUP
:
4581 spa_feature_t feature
;
4585 /* dedup feature version checks */
4586 if (prop
== ZFS_PROP_DEDUP
&&
4587 zfs_earlier_version(dsname
, SPA_VERSION_DEDUP
))
4588 return (SET_ERROR(ENOTSUP
));
4590 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
4591 nvpair_value_uint64(pair
, &intval
) == 0) {
4592 /* check prop value is enabled in features */
4593 feature
= zio_checksum_to_feature(
4594 intval
& ZIO_CHECKSUM_MASK
);
4595 if (feature
== SPA_FEATURE_NONE
)
4598 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
4601 if (!spa_feature_is_enabled(spa
, feature
)) {
4602 spa_close(spa
, FTAG
);
4603 return (SET_ERROR(ENOTSUP
));
4605 spa_close(spa
, FTAG
);
4614 return (zfs_secpolicy_setprop(dsname
, prop
, pair
, CRED()));
4618 * Removes properties from the given props list that fail permission checks
4619 * needed to clear them and to restore them in case of a receive error. For each
4620 * property, make sure we have both set and inherit permissions.
4622 * Returns the first error encountered if any permission checks fail. If the
4623 * caller provides a non-NULL errlist, it also gives the complete list of names
4624 * of all the properties that failed a permission check along with the
4625 * corresponding error numbers. The caller is responsible for freeing the
4628 * If every property checks out successfully, zero is returned and the list
4629 * pointed at by errlist is NULL.
4632 zfs_check_clearable(char *dataset
, nvlist_t
*props
, nvlist_t
**errlist
)
4635 nvpair_t
*pair
, *next_pair
;
4642 VERIFY(nvlist_alloc(&errors
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
4644 zc
= kmem_alloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
4645 (void) strlcpy(zc
->zc_name
, dataset
, sizeof (zc
->zc_name
));
4646 pair
= nvlist_next_nvpair(props
, NULL
);
4647 while (pair
!= NULL
) {
4648 next_pair
= nvlist_next_nvpair(props
, pair
);
4650 (void) strlcpy(zc
->zc_value
, nvpair_name(pair
),
4651 sizeof (zc
->zc_value
));
4652 if ((err
= zfs_check_settable(dataset
, pair
, CRED())) != 0 ||
4653 (err
= zfs_secpolicy_inherit_prop(zc
, NULL
, CRED())) != 0) {
4654 VERIFY(nvlist_remove_nvpair(props
, pair
) == 0);
4655 VERIFY(nvlist_add_int32(errors
,
4656 zc
->zc_value
, err
) == 0);
4660 kmem_free(zc
, sizeof (zfs_cmd_t
));
4662 if ((pair
= nvlist_next_nvpair(errors
, NULL
)) == NULL
) {
4663 nvlist_free(errors
);
4666 VERIFY(nvpair_value_int32(pair
, &rv
) == 0);
4669 if (errlist
== NULL
)
4670 nvlist_free(errors
);
4678 propval_equals(nvpair_t
*p1
, nvpair_t
*p2
)
4680 if (nvpair_type(p1
) == DATA_TYPE_NVLIST
) {
4681 /* dsl_prop_get_all_impl() format */
4683 VERIFY(nvpair_value_nvlist(p1
, &attrs
) == 0);
4684 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4688 if (nvpair_type(p2
) == DATA_TYPE_NVLIST
) {
4690 VERIFY(nvpair_value_nvlist(p2
, &attrs
) == 0);
4691 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4695 if (nvpair_type(p1
) != nvpair_type(p2
))
4698 if (nvpair_type(p1
) == DATA_TYPE_STRING
) {
4699 char *valstr1
, *valstr2
;
4701 VERIFY(nvpair_value_string(p1
, (char **)&valstr1
) == 0);
4702 VERIFY(nvpair_value_string(p2
, (char **)&valstr2
) == 0);
4703 return (strcmp(valstr1
, valstr2
) == 0);
4705 uint64_t intval1
, intval2
;
4707 VERIFY(nvpair_value_uint64(p1
, &intval1
) == 0);
4708 VERIFY(nvpair_value_uint64(p2
, &intval2
) == 0);
4709 return (intval1
== intval2
);
4714 * Remove properties from props if they are not going to change (as determined
4715 * by comparison with origprops). Remove them from origprops as well, since we
4716 * do not need to clear or restore properties that won't change.
4719 props_reduce(nvlist_t
*props
, nvlist_t
*origprops
)
4721 nvpair_t
*pair
, *next_pair
;
4723 if (origprops
== NULL
)
4724 return; /* all props need to be received */
4726 pair
= nvlist_next_nvpair(props
, NULL
);
4727 while (pair
!= NULL
) {
4728 const char *propname
= nvpair_name(pair
);
4731 next_pair
= nvlist_next_nvpair(props
, pair
);
4733 if ((nvlist_lookup_nvpair(origprops
, propname
,
4734 &match
) != 0) || !propval_equals(pair
, match
))
4735 goto next
; /* need to set received value */
4737 /* don't clear the existing received value */
4738 (void) nvlist_remove_nvpair(origprops
, match
);
4739 /* don't bother receiving the property */
4740 (void) nvlist_remove_nvpair(props
, pair
);
4747 * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4748 * For example, refquota cannot be set until after the receipt of a dataset,
4749 * because in replication streams, an older/earlier snapshot may exceed the
4750 * refquota. We want to receive the older/earlier snapshot, but setting
4751 * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4752 * the older/earlier snapshot from being received (with EDQUOT).
4754 * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4756 * libzfs will need to be judicious handling errors encountered by props
4757 * extracted by this function.
4760 extract_delay_props(nvlist_t
*props
)
4762 nvlist_t
*delayprops
;
4763 nvpair_t
*nvp
, *tmp
;
4764 static const zfs_prop_t delayable
[] = {
4766 ZFS_PROP_KEYLOCATION
,
4771 VERIFY(nvlist_alloc(&delayprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
4773 for (nvp
= nvlist_next_nvpair(props
, NULL
); nvp
!= NULL
;
4774 nvp
= nvlist_next_nvpair(props
, nvp
)) {
4776 * strcmp() is safe because zfs_prop_to_name() always returns
4779 for (i
= 0; delayable
[i
] != 0; i
++) {
4780 if (strcmp(zfs_prop_to_name(delayable
[i
]),
4781 nvpair_name(nvp
)) == 0) {
4785 if (delayable
[i
] != 0) {
4786 tmp
= nvlist_prev_nvpair(props
, nvp
);
4787 VERIFY(nvlist_add_nvpair(delayprops
, nvp
) == 0);
4788 VERIFY(nvlist_remove_nvpair(props
, nvp
) == 0);
4793 if (nvlist_empty(delayprops
)) {
4794 nvlist_free(delayprops
);
4797 return (delayprops
);
4801 zfs_allow_log_destroy(void *arg
)
4803 char *poolname
= arg
;
4805 if (poolname
!= NULL
)
4806 kmem_strfree(poolname
);
4810 static boolean_t zfs_ioc_recv_inject_err
;
4814 * nvlist 'errors' is always allocated. It will contain descriptions of
4815 * encountered errors, if any. It's the callers responsibility to free.
4818 zfs_ioc_recv_impl(char *tofs
, char *tosnap
, char *origin
, nvlist_t
*recvprops
,
4819 nvlist_t
*localprops
, nvlist_t
*hidden_args
, boolean_t force
,
4820 boolean_t resumable
, int input_fd
,
4821 dmu_replay_record_t
*begin_record
, uint64_t *read_bytes
,
4822 uint64_t *errflags
, nvlist_t
**errors
)
4824 dmu_recv_cookie_t drc
;
4826 int props_error
= 0;
4828 nvlist_t
*local_delayprops
= NULL
;
4829 nvlist_t
*recv_delayprops
= NULL
;
4830 nvlist_t
*origprops
= NULL
; /* existing properties */
4831 nvlist_t
*origrecvd
= NULL
; /* existing received properties */
4832 boolean_t first_recvd_props
= B_FALSE
;
4833 boolean_t tofs_was_redacted
;
4834 zfs_file_t
*input_fp
;
4838 *errors
= fnvlist_alloc();
4841 if ((error
= zfs_file_get(input_fd
, &input_fp
)))
4844 noff
= off
= zfs_file_off(input_fp
);
4845 error
= dmu_recv_begin(tofs
, tosnap
, begin_record
, force
,
4846 resumable
, localprops
, hidden_args
, origin
, &drc
, input_fp
,
4850 tofs_was_redacted
= dsl_get_redacted(drc
.drc_ds
);
4853 * Set properties before we receive the stream so that they are applied
4854 * to the new data. Note that we must call dmu_recv_stream() if
4855 * dmu_recv_begin() succeeds.
4857 if (recvprops
!= NULL
&& !drc
.drc_newfs
) {
4858 if (spa_version(dsl_dataset_get_spa(drc
.drc_ds
)) >=
4859 SPA_VERSION_RECVD_PROPS
&&
4860 !dsl_prop_get_hasrecvd(tofs
))
4861 first_recvd_props
= B_TRUE
;
4864 * If new received properties are supplied, they are to
4865 * completely replace the existing received properties,
4866 * so stash away the existing ones.
4868 if (dsl_prop_get_received(tofs
, &origrecvd
) == 0) {
4869 nvlist_t
*errlist
= NULL
;
4871 * Don't bother writing a property if its value won't
4872 * change (and avoid the unnecessary security checks).
4874 * The first receive after SPA_VERSION_RECVD_PROPS is a
4875 * special case where we blow away all local properties
4878 if (!first_recvd_props
)
4879 props_reduce(recvprops
, origrecvd
);
4880 if (zfs_check_clearable(tofs
, origrecvd
, &errlist
) != 0)
4881 (void) nvlist_merge(*errors
, errlist
, 0);
4882 nvlist_free(errlist
);
4884 if (clear_received_props(tofs
, origrecvd
,
4885 first_recvd_props
? NULL
: recvprops
) != 0)
4886 *errflags
|= ZPROP_ERR_NOCLEAR
;
4888 *errflags
|= ZPROP_ERR_NOCLEAR
;
4893 * Stash away existing properties so we can restore them on error unless
4894 * we're doing the first receive after SPA_VERSION_RECVD_PROPS, in which
4895 * case "origrecvd" will take care of that.
4897 if (localprops
!= NULL
&& !drc
.drc_newfs
&& !first_recvd_props
) {
4899 if (dmu_objset_hold(tofs
, FTAG
, &os
) == 0) {
4900 if (dsl_prop_get_all(os
, &origprops
) != 0) {
4901 *errflags
|= ZPROP_ERR_NOCLEAR
;
4903 dmu_objset_rele(os
, FTAG
);
4905 *errflags
|= ZPROP_ERR_NOCLEAR
;
4909 if (recvprops
!= NULL
) {
4910 props_error
= dsl_prop_set_hasrecvd(tofs
);
4912 if (props_error
== 0) {
4913 recv_delayprops
= extract_delay_props(recvprops
);
4914 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
4915 recvprops
, *errors
);
4919 if (localprops
!= NULL
) {
4920 nvlist_t
*oprops
= fnvlist_alloc();
4921 nvlist_t
*xprops
= fnvlist_alloc();
4922 nvpair_t
*nvp
= NULL
;
4924 while ((nvp
= nvlist_next_nvpair(localprops
, nvp
)) != NULL
) {
4925 if (nvpair_type(nvp
) == DATA_TYPE_BOOLEAN
) {
4927 const char *name
= nvpair_name(nvp
);
4928 zfs_prop_t prop
= zfs_name_to_prop(name
);
4929 if (prop
!= ZPROP_INVAL
) {
4930 if (!zfs_prop_inheritable(prop
))
4932 } else if (!zfs_prop_user(name
))
4934 fnvlist_add_boolean(xprops
, name
);
4936 /* -o property=value */
4937 fnvlist_add_nvpair(oprops
, nvp
);
4941 local_delayprops
= extract_delay_props(oprops
);
4942 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_LOCAL
,
4944 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_INHERITED
,
4947 nvlist_free(oprops
);
4948 nvlist_free(xprops
);
4951 error
= dmu_recv_stream(&drc
, &off
);
4954 zfsvfs_t
*zfsvfs
= NULL
;
4955 zvol_state_handle_t
*zv
= NULL
;
4957 if (getzfsvfs(tofs
, &zfsvfs
) == 0) {
4961 boolean_t stream_is_redacted
= DMU_GET_FEATUREFLAGS(
4962 begin_record
->drr_u
.drr_begin
.
4963 drr_versioninfo
) & DMU_BACKUP_FEATURE_REDACTED
;
4965 ds
= dmu_objset_ds(zfsvfs
->z_os
);
4966 error
= zfs_suspend_fs(zfsvfs
);
4968 * If the suspend fails, then the recv_end will
4969 * likely also fail, and clean up after itself.
4971 end_err
= dmu_recv_end(&drc
, zfsvfs
);
4973 * If the dataset was not redacted, but we received a
4974 * redacted stream onto it, we need to unmount the
4975 * dataset. Otherwise, resume the filesystem.
4977 if (error
== 0 && !drc
.drc_newfs
&&
4978 stream_is_redacted
&& !tofs_was_redacted
) {
4979 error
= zfs_end_fs(zfsvfs
, ds
);
4980 } else if (error
== 0) {
4981 error
= zfs_resume_fs(zfsvfs
, ds
);
4983 error
= error
? error
: end_err
;
4984 zfs_vfs_rele(zfsvfs
);
4985 } else if ((zv
= zvol_suspend(tofs
)) != NULL
) {
4986 error
= dmu_recv_end(&drc
, zvol_tag(zv
));
4989 error
= dmu_recv_end(&drc
, NULL
);
4992 /* Set delayed properties now, after we're done receiving. */
4993 if (recv_delayprops
!= NULL
&& error
== 0) {
4994 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
4995 recv_delayprops
, *errors
);
4997 if (local_delayprops
!= NULL
&& error
== 0) {
4998 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_LOCAL
,
4999 local_delayprops
, *errors
);
5004 * Merge delayed props back in with initial props, in case
5005 * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
5006 * we have to make sure clear_received_props() includes
5007 * the delayed properties).
5009 * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
5010 * using ASSERT() will be just like a VERIFY.
5012 if (recv_delayprops
!= NULL
) {
5013 ASSERT(nvlist_merge(recvprops
, recv_delayprops
, 0) == 0);
5014 nvlist_free(recv_delayprops
);
5016 if (local_delayprops
!= NULL
) {
5017 ASSERT(nvlist_merge(localprops
, local_delayprops
, 0) == 0);
5018 nvlist_free(local_delayprops
);
5020 *read_bytes
= off
- noff
;
5023 if (zfs_ioc_recv_inject_err
) {
5024 zfs_ioc_recv_inject_err
= B_FALSE
;
5030 * On error, restore the original props.
5032 if (error
!= 0 && recvprops
!= NULL
&& !drc
.drc_newfs
) {
5033 if (clear_received_props(tofs
, recvprops
, NULL
) != 0) {
5035 * We failed to clear the received properties.
5036 * Since we may have left a $recvd value on the
5037 * system, we can't clear the $hasrecvd flag.
5039 *errflags
|= ZPROP_ERR_NORESTORE
;
5040 } else if (first_recvd_props
) {
5041 dsl_prop_unset_hasrecvd(tofs
);
5044 if (origrecvd
== NULL
&& !drc
.drc_newfs
) {
5045 /* We failed to stash the original properties. */
5046 *errflags
|= ZPROP_ERR_NORESTORE
;
5050 * dsl_props_set() will not convert RECEIVED to LOCAL on or
5051 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
5052 * explicitly if we're restoring local properties cleared in the
5053 * first new-style receive.
5055 if (origrecvd
!= NULL
&&
5056 zfs_set_prop_nvlist(tofs
, (first_recvd_props
?
5057 ZPROP_SRC_LOCAL
: ZPROP_SRC_RECEIVED
),
5058 origrecvd
, NULL
) != 0) {
5060 * We stashed the original properties but failed to
5063 *errflags
|= ZPROP_ERR_NORESTORE
;
5066 if (error
!= 0 && localprops
!= NULL
&& !drc
.drc_newfs
&&
5067 !first_recvd_props
) {
5069 nvlist_t
*inheritprops
;
5072 if (origprops
== NULL
) {
5073 /* We failed to stash the original properties. */
5074 *errflags
|= ZPROP_ERR_NORESTORE
;
5078 /* Restore original props */
5079 setprops
= fnvlist_alloc();
5080 inheritprops
= fnvlist_alloc();
5082 while ((nvp
= nvlist_next_nvpair(localprops
, nvp
)) != NULL
) {
5083 const char *name
= nvpair_name(nvp
);
5087 if (!nvlist_exists(origprops
, name
)) {
5089 * Property was not present or was explicitly
5090 * inherited before the receive, restore this.
5092 fnvlist_add_boolean(inheritprops
, name
);
5095 attrs
= fnvlist_lookup_nvlist(origprops
, name
);
5096 source
= fnvlist_lookup_string(attrs
, ZPROP_SOURCE
);
5098 /* Skip received properties */
5099 if (strcmp(source
, ZPROP_SOURCE_VAL_RECVD
) == 0)
5102 if (strcmp(source
, tofs
) == 0) {
5103 /* Property was locally set */
5104 fnvlist_add_nvlist(setprops
, name
, attrs
);
5106 /* Property was implicitly inherited */
5107 fnvlist_add_boolean(inheritprops
, name
);
5111 if (zfs_set_prop_nvlist(tofs
, ZPROP_SRC_LOCAL
, setprops
,
5113 *errflags
|= ZPROP_ERR_NORESTORE
;
5114 if (zfs_set_prop_nvlist(tofs
, ZPROP_SRC_INHERITED
, inheritprops
,
5116 *errflags
|= ZPROP_ERR_NORESTORE
;
5118 nvlist_free(setprops
);
5119 nvlist_free(inheritprops
);
5122 zfs_file_put(input_fd
);
5123 nvlist_free(origrecvd
);
5124 nvlist_free(origprops
);
5127 error
= props_error
;
5134 * zc_name name of containing filesystem (unused)
5135 * zc_nvlist_src{_size} nvlist of properties to apply
5136 * zc_nvlist_conf{_size} nvlist of properties to exclude
5137 * (DATA_TYPE_BOOLEAN) and override (everything else)
5138 * zc_value name of snapshot to create
5139 * zc_string name of clone origin (if DRR_FLAG_CLONE)
5140 * zc_cookie file descriptor to recv from
5141 * zc_begin_record the BEGIN record of the stream (not byteswapped)
5142 * zc_guid force flag
5145 * zc_cookie number of bytes read
5146 * zc_obj zprop_errflags_t
5147 * zc_nvlist_dst{_size} error for each unapplied received property
5150 zfs_ioc_recv(zfs_cmd_t
*zc
)
5152 dmu_replay_record_t begin_record
;
5153 nvlist_t
*errors
= NULL
;
5154 nvlist_t
*recvdprops
= NULL
;
5155 nvlist_t
*localprops
= NULL
;
5156 char *origin
= NULL
;
5158 char tofs
[ZFS_MAX_DATASET_NAME_LEN
];
5161 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
5162 strchr(zc
->zc_value
, '@') == NULL
||
5163 strchr(zc
->zc_value
, '%'))
5164 return (SET_ERROR(EINVAL
));
5166 (void) strlcpy(tofs
, zc
->zc_value
, sizeof (tofs
));
5167 tosnap
= strchr(tofs
, '@');
5170 if (zc
->zc_nvlist_src
!= 0 &&
5171 (error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
5172 zc
->zc_iflags
, &recvdprops
)) != 0)
5175 if (zc
->zc_nvlist_conf
!= 0 &&
5176 (error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
5177 zc
->zc_iflags
, &localprops
)) != 0)
5180 if (zc
->zc_string
[0])
5181 origin
= zc
->zc_string
;
5183 begin_record
.drr_type
= DRR_BEGIN
;
5184 begin_record
.drr_payloadlen
= 0;
5185 begin_record
.drr_u
.drr_begin
= zc
->zc_begin_record
;
5187 error
= zfs_ioc_recv_impl(tofs
, tosnap
, origin
, recvdprops
, localprops
,
5188 NULL
, zc
->zc_guid
, B_FALSE
, zc
->zc_cookie
, &begin_record
,
5189 &zc
->zc_cookie
, &zc
->zc_obj
, &errors
);
5190 nvlist_free(recvdprops
);
5191 nvlist_free(localprops
);
5194 * Now that all props, initial and delayed, are set, report the prop
5195 * errors to the caller.
5197 if (zc
->zc_nvlist_dst_size
!= 0 && errors
!= NULL
&&
5198 (nvlist_smush(errors
, zc
->zc_nvlist_dst_size
) != 0 ||
5199 put_nvlist(zc
, errors
) != 0)) {
5201 * Caller made zc->zc_nvlist_dst less than the minimum expected
5202 * size or supplied an invalid address.
5204 error
= SET_ERROR(EINVAL
);
5207 nvlist_free(errors
);
5214 * "snapname" -> full name of the snapshot to create
5215 * (optional) "props" -> received properties to set (nvlist)
5216 * (optional) "localprops" -> override and exclude properties (nvlist)
5217 * (optional) "origin" -> name of clone origin (DRR_FLAG_CLONE)
5218 * "begin_record" -> non-byteswapped dmu_replay_record_t
5219 * "input_fd" -> file descriptor to read stream from (int32)
5220 * (optional) "force" -> force flag (value ignored)
5221 * (optional) "resumable" -> resumable flag (value ignored)
5222 * (optional) "cleanup_fd" -> unused
5223 * (optional) "action_handle" -> unused
5224 * (optional) "hidden_args" -> { "wkeydata" -> value }
5228 * "read_bytes" -> number of bytes read
5229 * "error_flags" -> zprop_errflags_t
5230 * "errors" -> error for each unapplied received property (nvlist)
5233 static const zfs_ioc_key_t zfs_keys_recv_new
[] = {
5234 {"snapname", DATA_TYPE_STRING
, 0},
5235 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
5236 {"localprops", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
5237 {"origin", DATA_TYPE_STRING
, ZK_OPTIONAL
},
5238 {"begin_record", DATA_TYPE_BYTE_ARRAY
, 0},
5239 {"input_fd", DATA_TYPE_INT32
, 0},
5240 {"force", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
5241 {"resumable", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
5242 {"cleanup_fd", DATA_TYPE_INT32
, ZK_OPTIONAL
},
5243 {"action_handle", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
5244 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
5248 zfs_ioc_recv_new(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5250 dmu_replay_record_t
*begin_record
;
5251 uint_t begin_record_size
;
5252 nvlist_t
*errors
= NULL
;
5253 nvlist_t
*recvprops
= NULL
;
5254 nvlist_t
*localprops
= NULL
;
5255 nvlist_t
*hidden_args
= NULL
;
5257 char *origin
= NULL
;
5259 char tofs
[ZFS_MAX_DATASET_NAME_LEN
];
5261 boolean_t resumable
;
5262 uint64_t read_bytes
= 0;
5263 uint64_t errflags
= 0;
5267 snapname
= fnvlist_lookup_string(innvl
, "snapname");
5269 if (dataset_namecheck(snapname
, NULL
, NULL
) != 0 ||
5270 strchr(snapname
, '@') == NULL
||
5271 strchr(snapname
, '%'))
5272 return (SET_ERROR(EINVAL
));
5274 (void) strlcpy(tofs
, snapname
, sizeof (tofs
));
5275 tosnap
= strchr(tofs
, '@');
5278 error
= nvlist_lookup_string(innvl
, "origin", &origin
);
5279 if (error
&& error
!= ENOENT
)
5282 error
= nvlist_lookup_byte_array(innvl
, "begin_record",
5283 (uchar_t
**)&begin_record
, &begin_record_size
);
5284 if (error
!= 0 || begin_record_size
!= sizeof (*begin_record
))
5285 return (SET_ERROR(EINVAL
));
5287 input_fd
= fnvlist_lookup_int32(innvl
, "input_fd");
5289 force
= nvlist_exists(innvl
, "force");
5290 resumable
= nvlist_exists(innvl
, "resumable");
5292 /* we still use "props" here for backwards compatibility */
5293 error
= nvlist_lookup_nvlist(innvl
, "props", &recvprops
);
5294 if (error
&& error
!= ENOENT
)
5297 error
= nvlist_lookup_nvlist(innvl
, "localprops", &localprops
);
5298 if (error
&& error
!= ENOENT
)
5301 error
= nvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
, &hidden_args
);
5302 if (error
&& error
!= ENOENT
)
5305 error
= zfs_ioc_recv_impl(tofs
, tosnap
, origin
, recvprops
, localprops
,
5306 hidden_args
, force
, resumable
, input_fd
, begin_record
,
5307 &read_bytes
, &errflags
, &errors
);
5309 fnvlist_add_uint64(outnvl
, "read_bytes", read_bytes
);
5310 fnvlist_add_uint64(outnvl
, "error_flags", errflags
);
5311 fnvlist_add_nvlist(outnvl
, "errors", errors
);
5313 nvlist_free(errors
);
5314 nvlist_free(recvprops
);
5315 nvlist_free(localprops
);
5320 typedef struct dump_bytes_io
{
5328 dump_bytes_cb(void *arg
)
5330 dump_bytes_io_t
*dbi
= (dump_bytes_io_t
*)arg
;
5337 dbi
->dbi_err
= zfs_file_write(fp
, buf
, dbi
->dbi_len
, NULL
);
5341 dump_bytes(objset_t
*os
, void *buf
, int len
, void *arg
)
5343 dump_bytes_io_t dbi
;
5349 #if defined(HAVE_LARGE_STACKS)
5350 dump_bytes_cb(&dbi
);
5353 * The vn_rdwr() call is performed in a taskq to ensure that there is
5354 * always enough stack space to write safely to the target filesystem.
5355 * The ZIO_TYPE_FREE threads are used because there can be a lot of
5356 * them and they are used in vdev_file.c for a similar purpose.
5358 spa_taskq_dispatch_sync(dmu_objset_spa(os
), ZIO_TYPE_FREE
,
5359 ZIO_TASKQ_ISSUE
, dump_bytes_cb
, &dbi
, TQ_SLEEP
);
5360 #endif /* HAVE_LARGE_STACKS */
5362 return (dbi
.dbi_err
);
5367 * zc_name name of snapshot to send
5368 * zc_cookie file descriptor to send stream to
5369 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
5370 * zc_sendobj objsetid of snapshot to send
5371 * zc_fromobj objsetid of incremental fromsnap (may be zero)
5372 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
5373 * output size in zc_objset_type.
5374 * zc_flags lzc_send_flags
5377 * zc_objset_type estimated size, if zc_guid is set
5379 * NOTE: This is no longer the preferred interface, any new functionality
5380 * should be added to zfs_ioc_send_new() instead.
5383 zfs_ioc_send(zfs_cmd_t
*zc
)
5387 boolean_t estimate
= (zc
->zc_guid
!= 0);
5388 boolean_t embedok
= (zc
->zc_flags
& 0x1);
5389 boolean_t large_block_ok
= (zc
->zc_flags
& 0x2);
5390 boolean_t compressok
= (zc
->zc_flags
& 0x4);
5391 boolean_t rawok
= (zc
->zc_flags
& 0x8);
5392 boolean_t savedok
= (zc
->zc_flags
& 0x10);
5394 if (zc
->zc_obj
!= 0) {
5396 dsl_dataset_t
*tosnap
;
5398 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5402 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &tosnap
);
5404 dsl_pool_rele(dp
, FTAG
);
5408 if (dsl_dir_is_clone(tosnap
->ds_dir
))
5410 dsl_dir_phys(tosnap
->ds_dir
)->dd_origin_obj
;
5411 dsl_dataset_rele(tosnap
, FTAG
);
5412 dsl_pool_rele(dp
, FTAG
);
5417 dsl_dataset_t
*tosnap
;
5418 dsl_dataset_t
*fromsnap
= NULL
;
5420 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5424 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
,
5427 dsl_pool_rele(dp
, FTAG
);
5431 if (zc
->zc_fromobj
!= 0) {
5432 error
= dsl_dataset_hold_obj(dp
, zc
->zc_fromobj
,
5435 dsl_dataset_rele(tosnap
, FTAG
);
5436 dsl_pool_rele(dp
, FTAG
);
5441 error
= dmu_send_estimate_fast(tosnap
, fromsnap
, NULL
,
5442 compressok
|| rawok
, savedok
, &zc
->zc_objset_type
);
5444 if (fromsnap
!= NULL
)
5445 dsl_dataset_rele(fromsnap
, FTAG
);
5446 dsl_dataset_rele(tosnap
, FTAG
);
5447 dsl_pool_rele(dp
, FTAG
);
5450 dmu_send_outparams_t out
= {0};
5452 if ((error
= zfs_file_get(zc
->zc_cookie
, &fp
)))
5455 off
= zfs_file_off(fp
);
5456 out
.dso_outfunc
= dump_bytes
;
5458 out
.dso_dryrun
= B_FALSE
;
5459 error
= dmu_send_obj(zc
->zc_name
, zc
->zc_sendobj
,
5460 zc
->zc_fromobj
, embedok
, large_block_ok
, compressok
,
5461 rawok
, savedok
, zc
->zc_cookie
, &off
, &out
);
5463 zfs_file_put(zc
->zc_cookie
);
5470 * zc_name name of snapshot on which to report progress
5471 * zc_cookie file descriptor of send stream
5474 * zc_cookie number of bytes written in send stream thus far
5475 * zc_objset_type logical size of data traversed by send thus far
5478 zfs_ioc_send_progress(zfs_cmd_t
*zc
)
5482 dmu_sendstatus_t
*dsp
= NULL
;
5485 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5489 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &ds
);
5491 dsl_pool_rele(dp
, FTAG
);
5495 mutex_enter(&ds
->ds_sendstream_lock
);
5498 * Iterate over all the send streams currently active on this dataset.
5499 * If there's one which matches the specified file descriptor _and_ the
5500 * stream was started by the current process, return the progress of
5504 for (dsp
= list_head(&ds
->ds_sendstreams
); dsp
!= NULL
;
5505 dsp
= list_next(&ds
->ds_sendstreams
, dsp
)) {
5506 if (dsp
->dss_outfd
== zc
->zc_cookie
&&
5507 zfs_proc_is_caller(dsp
->dss_proc
))
5512 zc
->zc_cookie
= atomic_cas_64((volatile uint64_t *)dsp
->dss_off
,
5514 /* This is the closest thing we have to atomic_read_64. */
5515 zc
->zc_objset_type
= atomic_cas_64(&dsp
->dss_blocks
, 0, 0);
5517 error
= SET_ERROR(ENOENT
);
5520 mutex_exit(&ds
->ds_sendstream_lock
);
5521 dsl_dataset_rele(ds
, FTAG
);
5522 dsl_pool_rele(dp
, FTAG
);
5527 zfs_ioc_inject_fault(zfs_cmd_t
*zc
)
5531 error
= zio_inject_fault(zc
->zc_name
, (int)zc
->zc_guid
, &id
,
5532 &zc
->zc_inject_record
);
5535 zc
->zc_guid
= (uint64_t)id
;
5541 zfs_ioc_clear_fault(zfs_cmd_t
*zc
)
5543 return (zio_clear_fault((int)zc
->zc_guid
));
5547 zfs_ioc_inject_list_next(zfs_cmd_t
*zc
)
5549 int id
= (int)zc
->zc_guid
;
5552 error
= zio_inject_list_next(&id
, zc
->zc_name
, sizeof (zc
->zc_name
),
5553 &zc
->zc_inject_record
);
5561 zfs_ioc_error_log(zfs_cmd_t
*zc
)
5565 size_t count
= (size_t)zc
->zc_nvlist_dst_size
;
5567 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
5570 error
= spa_get_errlog(spa
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
5573 zc
->zc_nvlist_dst_size
= count
;
5575 zc
->zc_nvlist_dst_size
= spa_get_errlog_size(spa
);
5577 spa_close(spa
, FTAG
);
5583 zfs_ioc_clear(zfs_cmd_t
*zc
)
5590 * On zpool clear we also fix up missing slogs
5592 mutex_enter(&spa_namespace_lock
);
5593 spa
= spa_lookup(zc
->zc_name
);
5595 mutex_exit(&spa_namespace_lock
);
5596 return (SET_ERROR(EIO
));
5598 if (spa_get_log_state(spa
) == SPA_LOG_MISSING
) {
5599 /* we need to let spa_open/spa_load clear the chains */
5600 spa_set_log_state(spa
, SPA_LOG_CLEAR
);
5602 spa
->spa_last_open_failed
= 0;
5603 mutex_exit(&spa_namespace_lock
);
5605 if (zc
->zc_cookie
& ZPOOL_NO_REWIND
) {
5606 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
5609 nvlist_t
*config
= NULL
;
5611 if (zc
->zc_nvlist_src
== 0)
5612 return (SET_ERROR(EINVAL
));
5614 if ((error
= get_nvlist(zc
->zc_nvlist_src
,
5615 zc
->zc_nvlist_src_size
, zc
->zc_iflags
, &policy
)) == 0) {
5616 error
= spa_open_rewind(zc
->zc_name
, &spa
, FTAG
,
5618 if (config
!= NULL
) {
5621 if ((err
= put_nvlist(zc
, config
)) != 0)
5623 nvlist_free(config
);
5625 nvlist_free(policy
);
5633 * If multihost is enabled, resuming I/O is unsafe as another
5634 * host may have imported the pool.
5636 if (spa_multihost(spa
) && spa_suspended(spa
))
5637 return (SET_ERROR(EINVAL
));
5639 spa_vdev_state_enter(spa
, SCL_NONE
);
5641 if (zc
->zc_guid
== 0) {
5644 vd
= spa_lookup_by_guid(spa
, zc
->zc_guid
, B_TRUE
);
5646 error
= SET_ERROR(ENODEV
);
5647 (void) spa_vdev_state_exit(spa
, NULL
, error
);
5648 spa_close(spa
, FTAG
);
5653 vdev_clear(spa
, vd
);
5655 (void) spa_vdev_state_exit(spa
, spa_suspended(spa
) ?
5656 NULL
: spa
->spa_root_vdev
, 0);
5659 * Resume any suspended I/Os.
5661 if (zio_resume(spa
) != 0)
5662 error
= SET_ERROR(EIO
);
5664 spa_close(spa
, FTAG
);
5670 * Reopen all the vdevs associated with the pool.
5673 * "scrub_restart" -> when true and scrub is running, allow to restart
5674 * scrub as the side effect of the reopen (boolean).
5679 static const zfs_ioc_key_t zfs_keys_pool_reopen
[] = {
5680 {"scrub_restart", DATA_TYPE_BOOLEAN_VALUE
, ZK_OPTIONAL
},
5685 zfs_ioc_pool_reopen(const char *pool
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5689 boolean_t rc
, scrub_restart
= B_TRUE
;
5692 error
= nvlist_lookup_boolean_value(innvl
,
5693 "scrub_restart", &rc
);
5698 error
= spa_open(pool
, &spa
, FTAG
);
5702 spa_vdev_state_enter(spa
, SCL_NONE
);
5705 * If the scrub_restart flag is B_FALSE and a scrub is already
5706 * in progress then set spa_scrub_reopen flag to B_TRUE so that
5707 * we don't restart the scrub as a side effect of the reopen.
5708 * Otherwise, let vdev_open() decided if a resilver is required.
5711 spa
->spa_scrub_reopen
= (!scrub_restart
&&
5712 dsl_scan_scrubbing(spa
->spa_dsl_pool
));
5713 vdev_reopen(spa
->spa_root_vdev
);
5714 spa
->spa_scrub_reopen
= B_FALSE
;
5716 (void) spa_vdev_state_exit(spa
, NULL
, 0);
5717 spa_close(spa
, FTAG
);
5723 * zc_name name of filesystem
5726 * zc_string name of conflicting snapshot, if there is one
5729 zfs_ioc_promote(zfs_cmd_t
*zc
)
5732 dsl_dataset_t
*ds
, *ods
;
5733 char origin
[ZFS_MAX_DATASET_NAME_LEN
];
5737 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
5738 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0 ||
5739 strchr(zc
->zc_name
, '%'))
5740 return (SET_ERROR(EINVAL
));
5742 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5746 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &ds
);
5748 dsl_pool_rele(dp
, FTAG
);
5752 if (!dsl_dir_is_clone(ds
->ds_dir
)) {
5753 dsl_dataset_rele(ds
, FTAG
);
5754 dsl_pool_rele(dp
, FTAG
);
5755 return (SET_ERROR(EINVAL
));
5758 error
= dsl_dataset_hold_obj(dp
,
5759 dsl_dir_phys(ds
->ds_dir
)->dd_origin_obj
, FTAG
, &ods
);
5761 dsl_dataset_rele(ds
, FTAG
);
5762 dsl_pool_rele(dp
, FTAG
);
5766 dsl_dataset_name(ods
, origin
);
5767 dsl_dataset_rele(ods
, FTAG
);
5768 dsl_dataset_rele(ds
, FTAG
);
5769 dsl_pool_rele(dp
, FTAG
);
5772 * We don't need to unmount *all* the origin fs's snapshots, but
5775 cp
= strchr(origin
, '@');
5778 (void) dmu_objset_find(origin
,
5779 zfs_unmount_snap_cb
, NULL
, DS_FIND_SNAPSHOTS
);
5780 return (dsl_dataset_promote(zc
->zc_name
, zc
->zc_string
));
5784 * Retrieve a single {user|group|project}{used|quota}@... property.
5787 * zc_name name of filesystem
5788 * zc_objset_type zfs_userquota_prop_t
5789 * zc_value domain name (eg. "S-1-234-567-89")
5790 * zc_guid RID/UID/GID
5793 * zc_cookie property value
5796 zfs_ioc_userspace_one(zfs_cmd_t
*zc
)
5801 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
5802 return (SET_ERROR(EINVAL
));
5804 error
= zfsvfs_hold(zc
->zc_name
, FTAG
, &zfsvfs
, B_FALSE
);
5808 error
= zfs_userspace_one(zfsvfs
,
5809 zc
->zc_objset_type
, zc
->zc_value
, zc
->zc_guid
, &zc
->zc_cookie
);
5810 zfsvfs_rele(zfsvfs
, FTAG
);
5817 * zc_name name of filesystem
5818 * zc_cookie zap cursor
5819 * zc_objset_type zfs_userquota_prop_t
5820 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
5823 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
5824 * zc_cookie zap cursor
5827 zfs_ioc_userspace_many(zfs_cmd_t
*zc
)
5830 int bufsize
= zc
->zc_nvlist_dst_size
;
5833 return (SET_ERROR(ENOMEM
));
5835 int error
= zfsvfs_hold(zc
->zc_name
, FTAG
, &zfsvfs
, B_FALSE
);
5839 void *buf
= vmem_alloc(bufsize
, KM_SLEEP
);
5841 error
= zfs_userspace_many(zfsvfs
, zc
->zc_objset_type
, &zc
->zc_cookie
,
5842 buf
, &zc
->zc_nvlist_dst_size
);
5845 error
= xcopyout(buf
,
5846 (void *)(uintptr_t)zc
->zc_nvlist_dst
,
5847 zc
->zc_nvlist_dst_size
);
5849 vmem_free(buf
, bufsize
);
5850 zfsvfs_rele(zfsvfs
, FTAG
);
5857 * zc_name name of filesystem
5863 zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
)
5869 if (getzfsvfs(zc
->zc_name
, &zfsvfs
) == 0) {
5870 if (!dmu_objset_userused_enabled(zfsvfs
->z_os
)) {
5872 * If userused is not enabled, it may be because the
5873 * objset needs to be closed & reopened (to grow the
5874 * objset_phys_t). Suspend/resume the fs will do that.
5876 dsl_dataset_t
*ds
, *newds
;
5878 ds
= dmu_objset_ds(zfsvfs
->z_os
);
5879 error
= zfs_suspend_fs(zfsvfs
);
5881 dmu_objset_refresh_ownership(ds
, &newds
,
5883 error
= zfs_resume_fs(zfsvfs
, newds
);
5887 error
= dmu_objset_userspace_upgrade(zfsvfs
->z_os
);
5888 zfs_vfs_rele(zfsvfs
);
5890 /* XXX kind of reading contents without owning */
5891 error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
, FTAG
, &os
);
5895 error
= dmu_objset_userspace_upgrade(os
);
5896 dmu_objset_rele_flags(os
, B_TRUE
, FTAG
);
5904 * zc_name name of filesystem
5910 zfs_ioc_id_quota_upgrade(zfs_cmd_t
*zc
)
5915 error
= dmu_objset_hold_flags(zc
->zc_name
, B_TRUE
, FTAG
, &os
);
5919 if (dmu_objset_userobjspace_upgradable(os
) ||
5920 dmu_objset_projectquota_upgradable(os
)) {
5921 mutex_enter(&os
->os_upgrade_lock
);
5922 if (os
->os_upgrade_id
== 0) {
5923 /* clear potential error code and retry */
5924 os
->os_upgrade_status
= 0;
5925 mutex_exit(&os
->os_upgrade_lock
);
5927 dmu_objset_id_quota_upgrade(os
);
5929 mutex_exit(&os
->os_upgrade_lock
);
5932 dsl_pool_rele(dmu_objset_pool(os
), FTAG
);
5934 taskq_wait_id(os
->os_spa
->spa_upgrade_taskq
, os
->os_upgrade_id
);
5935 error
= os
->os_upgrade_status
;
5937 dsl_pool_rele(dmu_objset_pool(os
), FTAG
);
5940 dsl_dataset_rele_flags(dmu_objset_ds(os
), DS_HOLD_FLAG_DECRYPT
, FTAG
);
5946 zfs_ioc_share(zfs_cmd_t
*zc
)
5948 return (SET_ERROR(ENOSYS
));
5951 ace_t full_access
[] = {
5952 {(uid_t
)-1, ACE_ALL_PERMS
, ACE_EVERYONE
, 0}
5957 * zc_name name of containing filesystem
5958 * zc_obj object # beyond which we want next in-use object #
5961 * zc_obj next in-use object #
5964 zfs_ioc_next_obj(zfs_cmd_t
*zc
)
5966 objset_t
*os
= NULL
;
5969 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
5973 error
= dmu_object_next(os
, &zc
->zc_obj
, B_FALSE
, 0);
5975 dmu_objset_rele(os
, FTAG
);
5981 * zc_name name of filesystem
5982 * zc_value prefix name for snapshot
5983 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
5986 * zc_value short name of new snapshot
5989 zfs_ioc_tmp_snapshot(zfs_cmd_t
*zc
)
5996 error
= zfs_onexit_fd_hold(zc
->zc_cleanup_fd
, &minor
);
6000 snap_name
= kmem_asprintf("%s-%016llx", zc
->zc_value
,
6001 (u_longlong_t
)ddi_get_lbolt64());
6002 hold_name
= kmem_asprintf("%%%s", zc
->zc_value
);
6004 error
= dsl_dataset_snapshot_tmp(zc
->zc_name
, snap_name
, minor
,
6007 (void) strlcpy(zc
->zc_value
, snap_name
,
6008 sizeof (zc
->zc_value
));
6009 kmem_strfree(snap_name
);
6010 kmem_strfree(hold_name
);
6011 zfs_onexit_fd_rele(zc
->zc_cleanup_fd
);
6017 * zc_name name of "to" snapshot
6018 * zc_value name of "from" snapshot
6019 * zc_cookie file descriptor to write diff data on
6022 * dmu_diff_record_t's to the file descriptor
6025 zfs_ioc_diff(zfs_cmd_t
*zc
)
6031 if ((error
= zfs_file_get(zc
->zc_cookie
, &fp
)))
6034 off
= zfs_file_off(fp
);
6035 error
= dmu_diff(zc
->zc_name
, zc
->zc_value
, fp
, &off
);
6037 zfs_file_put(zc
->zc_cookie
);
6043 zfs_ioc_smb_acl(zfs_cmd_t
*zc
)
6045 return (SET_ERROR(ENOTSUP
));
6050 * "holds" -> { snapname -> holdname (string), ... }
6051 * (optional) "cleanup_fd" -> fd (int32)
6055 * snapname -> error value (int32)
6059 static const zfs_ioc_key_t zfs_keys_hold
[] = {
6060 {"holds", DATA_TYPE_NVLIST
, 0},
6061 {"cleanup_fd", DATA_TYPE_INT32
, ZK_OPTIONAL
},
6066 zfs_ioc_hold(const char *pool
, nvlist_t
*args
, nvlist_t
*errlist
)
6070 int cleanup_fd
= -1;
6074 holds
= fnvlist_lookup_nvlist(args
, "holds");
6076 /* make sure the user didn't pass us any invalid (empty) tags */
6077 for (pair
= nvlist_next_nvpair(holds
, NULL
); pair
!= NULL
;
6078 pair
= nvlist_next_nvpair(holds
, pair
)) {
6081 error
= nvpair_value_string(pair
, &htag
);
6083 return (SET_ERROR(error
));
6085 if (strlen(htag
) == 0)
6086 return (SET_ERROR(EINVAL
));
6089 if (nvlist_lookup_int32(args
, "cleanup_fd", &cleanup_fd
) == 0) {
6090 error
= zfs_onexit_fd_hold(cleanup_fd
, &minor
);
6092 return (SET_ERROR(error
));
6095 error
= dsl_dataset_user_hold(holds
, minor
, errlist
);
6097 zfs_onexit_fd_rele(cleanup_fd
);
6098 return (SET_ERROR(error
));
6102 * innvl is not used.
6105 * holdname -> time added (uint64 seconds since epoch)
6109 static const zfs_ioc_key_t zfs_keys_get_holds
[] = {
6115 zfs_ioc_get_holds(const char *snapname
, nvlist_t
*args
, nvlist_t
*outnvl
)
6117 return (dsl_dataset_get_holds(snapname
, outnvl
));
6122 * snapname -> { holdname, ... }
6127 * snapname -> error value (int32)
6131 static const zfs_ioc_key_t zfs_keys_release
[] = {
6132 {"<snapname>...", DATA_TYPE_NVLIST
, ZK_WILDCARDLIST
},
6137 zfs_ioc_release(const char *pool
, nvlist_t
*holds
, nvlist_t
*errlist
)
6139 return (dsl_dataset_user_release(holds
, errlist
));
6144 * zc_guid flags (ZEVENT_NONBLOCK)
6145 * zc_cleanup_fd zevent file descriptor
6148 * zc_nvlist_dst next nvlist event
6149 * zc_cookie dropped events since last get
6152 zfs_ioc_events_next(zfs_cmd_t
*zc
)
6155 nvlist_t
*event
= NULL
;
6157 uint64_t dropped
= 0;
6160 error
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
6165 error
= zfs_zevent_next(ze
, &event
,
6166 &zc
->zc_nvlist_dst_size
, &dropped
);
6167 if (event
!= NULL
) {
6168 zc
->zc_cookie
= dropped
;
6169 error
= put_nvlist(zc
, event
);
6173 if (zc
->zc_guid
& ZEVENT_NONBLOCK
)
6176 if ((error
== 0) || (error
!= ENOENT
))
6179 error
= zfs_zevent_wait(ze
);
6184 zfs_zevent_fd_rele(zc
->zc_cleanup_fd
);
6191 * zc_cookie cleared events count
6194 zfs_ioc_events_clear(zfs_cmd_t
*zc
)
6198 zfs_zevent_drain_all(&count
);
6199 zc
->zc_cookie
= count
;
6206 * zc_guid eid | ZEVENT_SEEK_START | ZEVENT_SEEK_END
6207 * zc_cleanup zevent file descriptor
6210 zfs_ioc_events_seek(zfs_cmd_t
*zc
)
6216 error
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
6220 error
= zfs_zevent_seek(ze
, zc
->zc_guid
);
6221 zfs_zevent_fd_rele(zc
->zc_cleanup_fd
);
6228 * zc_name name of later filesystem or snapshot
6229 * zc_value full name of old snapshot or bookmark
6232 * zc_cookie space in bytes
6233 * zc_objset_type compressed space in bytes
6234 * zc_perm_action uncompressed space in bytes
6237 zfs_ioc_space_written(zfs_cmd_t
*zc
)
6243 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
6246 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &new);
6248 dsl_pool_rele(dp
, FTAG
);
6251 if (strchr(zc
->zc_value
, '#') != NULL
) {
6252 zfs_bookmark_phys_t bmp
;
6253 error
= dsl_bookmark_lookup(dp
, zc
->zc_value
,
6256 error
= dsl_dataset_space_written_bookmark(&bmp
, new,
6258 &zc
->zc_objset_type
, &zc
->zc_perm_action
);
6262 error
= dsl_dataset_hold(dp
, zc
->zc_value
, FTAG
, &old
);
6265 error
= dsl_dataset_space_written(old
, new,
6267 &zc
->zc_objset_type
, &zc
->zc_perm_action
);
6268 dsl_dataset_rele(old
, FTAG
);
6271 dsl_dataset_rele(new, FTAG
);
6272 dsl_pool_rele(dp
, FTAG
);
6278 * "firstsnap" -> snapshot name
6282 * "used" -> space in bytes
6283 * "compressed" -> compressed space in bytes
6284 * "uncompressed" -> uncompressed space in bytes
6287 static const zfs_ioc_key_t zfs_keys_space_snaps
[] = {
6288 {"firstsnap", DATA_TYPE_STRING
, 0},
6292 zfs_ioc_space_snaps(const char *lastsnap
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6296 dsl_dataset_t
*new, *old
;
6298 uint64_t used
, comp
, uncomp
;
6300 firstsnap
= fnvlist_lookup_string(innvl
, "firstsnap");
6302 error
= dsl_pool_hold(lastsnap
, FTAG
, &dp
);
6306 error
= dsl_dataset_hold(dp
, lastsnap
, FTAG
, &new);
6307 if (error
== 0 && !new->ds_is_snapshot
) {
6308 dsl_dataset_rele(new, FTAG
);
6309 error
= SET_ERROR(EINVAL
);
6312 dsl_pool_rele(dp
, FTAG
);
6315 error
= dsl_dataset_hold(dp
, firstsnap
, FTAG
, &old
);
6316 if (error
== 0 && !old
->ds_is_snapshot
) {
6317 dsl_dataset_rele(old
, FTAG
);
6318 error
= SET_ERROR(EINVAL
);
6321 dsl_dataset_rele(new, FTAG
);
6322 dsl_pool_rele(dp
, FTAG
);
6326 error
= dsl_dataset_space_wouldfree(old
, new, &used
, &comp
, &uncomp
);
6327 dsl_dataset_rele(old
, FTAG
);
6328 dsl_dataset_rele(new, FTAG
);
6329 dsl_pool_rele(dp
, FTAG
);
6330 fnvlist_add_uint64(outnvl
, "used", used
);
6331 fnvlist_add_uint64(outnvl
, "compressed", comp
);
6332 fnvlist_add_uint64(outnvl
, "uncompressed", uncomp
);
6338 * "fd" -> file descriptor to write stream to (int32)
6339 * (optional) "fromsnap" -> full snap name to send an incremental from
6340 * (optional) "largeblockok" -> (value ignored)
6341 * indicates that blocks > 128KB are permitted
6342 * (optional) "embedok" -> (value ignored)
6343 * presence indicates DRR_WRITE_EMBEDDED records are permitted
6344 * (optional) "compressok" -> (value ignored)
6345 * presence indicates compressed DRR_WRITE records are permitted
6346 * (optional) "rawok" -> (value ignored)
6347 * presence indicates raw encrypted records should be used.
6348 * (optional) "savedok" -> (value ignored)
6349 * presence indicates we should send a partially received snapshot
6350 * (optional) "resume_object" and "resume_offset" -> (uint64)
6351 * if present, resume send stream from specified object and offset.
6352 * (optional) "redactbook" -> (string)
6353 * if present, use this bookmark's redaction list to generate a redacted
6359 static const zfs_ioc_key_t zfs_keys_send_new
[] = {
6360 {"fd", DATA_TYPE_INT32
, 0},
6361 {"fromsnap", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6362 {"largeblockok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6363 {"embedok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6364 {"compressok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6365 {"rawok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6366 {"savedok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6367 {"resume_object", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6368 {"resume_offset", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6369 {"redactbook", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6374 zfs_ioc_send_new(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6378 char *fromname
= NULL
;
6381 boolean_t largeblockok
;
6383 boolean_t compressok
;
6386 uint64_t resumeobj
= 0;
6387 uint64_t resumeoff
= 0;
6388 char *redactbook
= NULL
;
6390 fd
= fnvlist_lookup_int32(innvl
, "fd");
6392 (void) nvlist_lookup_string(innvl
, "fromsnap", &fromname
);
6394 largeblockok
= nvlist_exists(innvl
, "largeblockok");
6395 embedok
= nvlist_exists(innvl
, "embedok");
6396 compressok
= nvlist_exists(innvl
, "compressok");
6397 rawok
= nvlist_exists(innvl
, "rawok");
6398 savedok
= nvlist_exists(innvl
, "savedok");
6400 (void) nvlist_lookup_uint64(innvl
, "resume_object", &resumeobj
);
6401 (void) nvlist_lookup_uint64(innvl
, "resume_offset", &resumeoff
);
6403 (void) nvlist_lookup_string(innvl
, "redactbook", &redactbook
);
6405 if ((error
= zfs_file_get(fd
, &fp
)))
6408 off
= zfs_file_off(fp
);
6410 dmu_send_outparams_t out
= {0};
6411 out
.dso_outfunc
= dump_bytes
;
6413 out
.dso_dryrun
= B_FALSE
;
6414 error
= dmu_send(snapname
, fromname
, embedok
, largeblockok
,
6415 compressok
, rawok
, savedok
, resumeobj
, resumeoff
,
6416 redactbook
, fd
, &off
, &out
);
6424 send_space_sum(objset_t
*os
, void *buf
, int len
, void *arg
)
6426 uint64_t *size
= arg
;
6432 * Determine approximately how large a zfs send stream will be -- the number
6433 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
6436 * (optional) "from" -> full snap or bookmark name to send an incremental
6438 * (optional) "largeblockok" -> (value ignored)
6439 * indicates that blocks > 128KB are permitted
6440 * (optional) "embedok" -> (value ignored)
6441 * presence indicates DRR_WRITE_EMBEDDED records are permitted
6442 * (optional) "compressok" -> (value ignored)
6443 * presence indicates compressed DRR_WRITE records are permitted
6444 * (optional) "rawok" -> (value ignored)
6445 * presence indicates raw encrypted records should be used.
6446 * (optional) "fd" -> file descriptor to use as a cookie for progress
6451 * "space" -> bytes of space (uint64)
6454 static const zfs_ioc_key_t zfs_keys_send_space
[] = {
6455 {"from", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6456 {"fromsnap", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6457 {"largeblockok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6458 {"embedok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6459 {"compressok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6460 {"rawok", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6461 {"fd", DATA_TYPE_INT32
, ZK_OPTIONAL
},
6462 {"redactbook", DATA_TYPE_STRING
, ZK_OPTIONAL
},
6463 {"resumeobj", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6464 {"resumeoff", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6465 {"bytes", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6469 zfs_ioc_send_space(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6472 dsl_dataset_t
*tosnap
;
6473 dsl_dataset_t
*fromsnap
= NULL
;
6475 char *fromname
= NULL
;
6476 char *redactlist_book
= NULL
;
6477 boolean_t largeblockok
;
6479 boolean_t compressok
;
6483 boolean_t full_estimate
= B_FALSE
;
6484 uint64_t resumeobj
= 0;
6485 uint64_t resumeoff
= 0;
6486 uint64_t resume_bytes
= 0;
6488 zfs_bookmark_phys_t zbm
= {0};
6490 error
= dsl_pool_hold(snapname
, FTAG
, &dp
);
6494 error
= dsl_dataset_hold(dp
, snapname
, FTAG
, &tosnap
);
6496 dsl_pool_rele(dp
, FTAG
);
6499 (void) nvlist_lookup_int32(innvl
, "fd", &fd
);
6501 largeblockok
= nvlist_exists(innvl
, "largeblockok");
6502 embedok
= nvlist_exists(innvl
, "embedok");
6503 compressok
= nvlist_exists(innvl
, "compressok");
6504 rawok
= nvlist_exists(innvl
, "rawok");
6505 savedok
= nvlist_exists(innvl
, "savedok");
6506 boolean_t from
= (nvlist_lookup_string(innvl
, "from", &fromname
) == 0);
6507 boolean_t altbook
= (nvlist_lookup_string(innvl
, "redactbook",
6508 &redactlist_book
) == 0);
6510 (void) nvlist_lookup_uint64(innvl
, "resume_object", &resumeobj
);
6511 (void) nvlist_lookup_uint64(innvl
, "resume_offset", &resumeoff
);
6512 (void) nvlist_lookup_uint64(innvl
, "bytes", &resume_bytes
);
6515 full_estimate
= B_TRUE
;
6517 if (strchr(fromname
, '#')) {
6518 error
= dsl_bookmark_lookup(dp
, fromname
, tosnap
, &zbm
);
6521 * dsl_bookmark_lookup() will fail with EXDEV if
6522 * the from-bookmark and tosnap are at the same txg.
6523 * However, it's valid to do a send (and therefore,
6524 * a send estimate) from and to the same time point,
6525 * if the bookmark is redacted (the incremental send
6526 * can change what's redacted on the target). In
6527 * this case, dsl_bookmark_lookup() fills in zbm
6528 * but returns EXDEV. Ignore this error.
6530 if (error
== EXDEV
&& zbm
.zbm_redaction_obj
!= 0 &&
6532 dsl_dataset_phys(tosnap
)->ds_guid
)
6536 dsl_dataset_rele(tosnap
, FTAG
);
6537 dsl_pool_rele(dp
, FTAG
);
6540 if (zbm
.zbm_redaction_obj
!= 0 || !(zbm
.zbm_flags
&
6541 ZBM_FLAG_HAS_FBN
)) {
6542 full_estimate
= B_TRUE
;
6544 } else if (strchr(fromname
, '@')) {
6545 error
= dsl_dataset_hold(dp
, fromname
, FTAG
, &fromsnap
);
6547 dsl_dataset_rele(tosnap
, FTAG
);
6548 dsl_pool_rele(dp
, FTAG
);
6552 if (!dsl_dataset_is_before(tosnap
, fromsnap
, 0)) {
6553 full_estimate
= B_TRUE
;
6554 dsl_dataset_rele(fromsnap
, FTAG
);
6558 * from is not properly formatted as a snapshot or
6561 dsl_dataset_rele(tosnap
, FTAG
);
6562 dsl_pool_rele(dp
, FTAG
);
6563 return (SET_ERROR(EINVAL
));
6567 if (full_estimate
) {
6568 dmu_send_outparams_t out
= {0};
6570 out
.dso_outfunc
= send_space_sum
;
6571 out
.dso_arg
= &space
;
6572 out
.dso_dryrun
= B_TRUE
;
6574 * We have to release these holds so dmu_send can take them. It
6575 * will do all the error checking we need.
6577 dsl_dataset_rele(tosnap
, FTAG
);
6578 dsl_pool_rele(dp
, FTAG
);
6579 error
= dmu_send(snapname
, fromname
, embedok
, largeblockok
,
6580 compressok
, rawok
, savedok
, resumeobj
, resumeoff
,
6581 redactlist_book
, fd
, &off
, &out
);
6583 error
= dmu_send_estimate_fast(tosnap
, fromsnap
,
6584 (from
&& strchr(fromname
, '#') != NULL
? &zbm
: NULL
),
6585 compressok
|| rawok
, savedok
, &space
);
6586 space
-= resume_bytes
;
6587 if (fromsnap
!= NULL
)
6588 dsl_dataset_rele(fromsnap
, FTAG
);
6589 dsl_dataset_rele(tosnap
, FTAG
);
6590 dsl_pool_rele(dp
, FTAG
);
6593 fnvlist_add_uint64(outnvl
, "space", space
);
6599 * Sync the currently open TXG to disk for the specified pool.
6600 * This is somewhat similar to 'zfs_sync()'.
6601 * For cases that do not result in error this ioctl will wait for
6602 * the currently open TXG to commit before returning back to the caller.
6605 * "force" -> when true, force uberblock update even if there is no dirty data.
6606 * In addition this will cause the vdev configuration to be written
6607 * out including updating the zpool cache file. (boolean_t)
6612 static const zfs_ioc_key_t zfs_keys_pool_sync
[] = {
6613 {"force", DATA_TYPE_BOOLEAN_VALUE
, 0},
6618 zfs_ioc_pool_sync(const char *pool
, nvlist_t
*innvl
, nvlist_t
*onvl
)
6621 boolean_t force
= B_FALSE
;
6624 if ((err
= spa_open(pool
, &spa
, FTAG
)) != 0)
6628 force
= fnvlist_lookup_boolean_value(innvl
, "force");
6631 spa_config_enter(spa
, SCL_CONFIG
, FTAG
, RW_WRITER
);
6632 vdev_config_dirty(spa
->spa_root_vdev
);
6633 spa_config_exit(spa
, SCL_CONFIG
, FTAG
);
6635 txg_wait_synced(spa_get_dsl(spa
), 0);
6637 spa_close(spa
, FTAG
);
6643 * Load a user's wrapping key into the kernel.
6645 * "hidden_args" -> { "wkeydata" -> value }
6646 * raw uint8_t array of encryption wrapping key data (32 bytes)
6647 * (optional) "noop" -> (value ignored)
6648 * presence indicated key should only be verified, not loaded
6651 static const zfs_ioc_key_t zfs_keys_load_key
[] = {
6652 {"hidden_args", DATA_TYPE_NVLIST
, 0},
6653 {"noop", DATA_TYPE_BOOLEAN
, ZK_OPTIONAL
},
6658 zfs_ioc_load_key(const char *dsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6661 dsl_crypto_params_t
*dcp
= NULL
;
6662 nvlist_t
*hidden_args
;
6663 boolean_t noop
= nvlist_exists(innvl
, "noop");
6665 if (strchr(dsname
, '@') != NULL
|| strchr(dsname
, '%') != NULL
) {
6666 ret
= SET_ERROR(EINVAL
);
6670 hidden_args
= fnvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
);
6672 ret
= dsl_crypto_params_create_nvlist(DCP_CMD_NONE
, NULL
,
6677 ret
= spa_keystore_load_wkey(dsname
, dcp
, noop
);
6681 dsl_crypto_params_free(dcp
, noop
);
6686 dsl_crypto_params_free(dcp
, B_TRUE
);
6691 * Unload a user's wrapping key from the kernel.
6692 * Both innvl and outnvl are unused.
6694 static const zfs_ioc_key_t zfs_keys_unload_key
[] = {
6700 zfs_ioc_unload_key(const char *dsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6704 if (strchr(dsname
, '@') != NULL
|| strchr(dsname
, '%') != NULL
) {
6705 ret
= (SET_ERROR(EINVAL
));
6709 ret
= spa_keystore_unload_wkey(dsname
);
6718 * Changes a user's wrapping key used to decrypt a dataset. The keyformat,
6719 * keylocation, pbkdf2salt, and pbkdf2iters properties can also be specified
6720 * here to change how the key is derived in userspace.
6723 * "hidden_args" (optional) -> { "wkeydata" -> value }
6724 * raw uint8_t array of new encryption wrapping key data (32 bytes)
6725 * "props" (optional) -> { prop -> value }
6730 static const zfs_ioc_key_t zfs_keys_change_key
[] = {
6731 {"crypt_cmd", DATA_TYPE_UINT64
, ZK_OPTIONAL
},
6732 {"hidden_args", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
6733 {"props", DATA_TYPE_NVLIST
, ZK_OPTIONAL
},
6738 zfs_ioc_change_key(const char *dsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
6741 uint64_t cmd
= DCP_CMD_NONE
;
6742 dsl_crypto_params_t
*dcp
= NULL
;
6743 nvlist_t
*args
= NULL
, *hidden_args
= NULL
;
6745 if (strchr(dsname
, '@') != NULL
|| strchr(dsname
, '%') != NULL
) {
6746 ret
= (SET_ERROR(EINVAL
));
6750 (void) nvlist_lookup_uint64(innvl
, "crypt_cmd", &cmd
);
6751 (void) nvlist_lookup_nvlist(innvl
, "props", &args
);
6752 (void) nvlist_lookup_nvlist(innvl
, ZPOOL_HIDDEN_ARGS
, &hidden_args
);
6754 ret
= dsl_crypto_params_create_nvlist(cmd
, args
, hidden_args
, &dcp
);
6758 ret
= spa_keystore_change_key(dsname
, dcp
);
6762 dsl_crypto_params_free(dcp
, B_FALSE
);
6767 dsl_crypto_params_free(dcp
, B_TRUE
);
6771 static zfs_ioc_vec_t zfs_ioc_vec
[ZFS_IOC_LAST
- ZFS_IOC_FIRST
];
6774 zfs_ioctl_register_legacy(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
6775 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_namecheck_t namecheck
,
6776 boolean_t log_history
, zfs_ioc_poolcheck_t pool_check
)
6778 zfs_ioc_vec_t
*vec
= &zfs_ioc_vec
[ioc
- ZFS_IOC_FIRST
];
6780 ASSERT3U(ioc
, >=, ZFS_IOC_FIRST
);
6781 ASSERT3U(ioc
, <, ZFS_IOC_LAST
);
6782 ASSERT3P(vec
->zvec_legacy_func
, ==, NULL
);
6783 ASSERT3P(vec
->zvec_func
, ==, NULL
);
6785 vec
->zvec_legacy_func
= func
;
6786 vec
->zvec_secpolicy
= secpolicy
;
6787 vec
->zvec_namecheck
= namecheck
;
6788 vec
->zvec_allow_log
= log_history
;
6789 vec
->zvec_pool_check
= pool_check
;
6793 * See the block comment at the beginning of this file for details on
6794 * each argument to this function.
6797 zfs_ioctl_register(const char *name
, zfs_ioc_t ioc
, zfs_ioc_func_t
*func
,
6798 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_namecheck_t namecheck
,
6799 zfs_ioc_poolcheck_t pool_check
, boolean_t smush_outnvlist
,
6800 boolean_t allow_log
, const zfs_ioc_key_t
*nvl_keys
, size_t num_keys
)
6802 zfs_ioc_vec_t
*vec
= &zfs_ioc_vec
[ioc
- ZFS_IOC_FIRST
];
6804 ASSERT3U(ioc
, >=, ZFS_IOC_FIRST
);
6805 ASSERT3U(ioc
, <, ZFS_IOC_LAST
);
6806 ASSERT3P(vec
->zvec_legacy_func
, ==, NULL
);
6807 ASSERT3P(vec
->zvec_func
, ==, NULL
);
6809 /* if we are logging, the name must be valid */
6810 ASSERT(!allow_log
|| namecheck
!= NO_NAME
);
6812 vec
->zvec_name
= name
;
6813 vec
->zvec_func
= func
;
6814 vec
->zvec_secpolicy
= secpolicy
;
6815 vec
->zvec_namecheck
= namecheck
;
6816 vec
->zvec_pool_check
= pool_check
;
6817 vec
->zvec_smush_outnvlist
= smush_outnvlist
;
6818 vec
->zvec_allow_log
= allow_log
;
6819 vec
->zvec_nvl_keys
= nvl_keys
;
6820 vec
->zvec_nvl_key_count
= num_keys
;
6824 zfs_ioctl_register_pool(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
6825 zfs_secpolicy_func_t
*secpolicy
, boolean_t log_history
,
6826 zfs_ioc_poolcheck_t pool_check
)
6828 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
6829 POOL_NAME
, log_history
, pool_check
);
6833 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
6834 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_poolcheck_t pool_check
)
6836 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
6837 DATASET_NAME
, B_FALSE
, pool_check
);
6841 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
)
6843 zfs_ioctl_register_legacy(ioc
, func
, zfs_secpolicy_config
,
6844 POOL_NAME
, B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
6848 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
6849 zfs_secpolicy_func_t
*secpolicy
)
6851 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
6852 NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
6856 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc
,
6857 zfs_ioc_legacy_func_t
*func
, zfs_secpolicy_func_t
*secpolicy
)
6859 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
6860 DATASET_NAME
, B_FALSE
, POOL_CHECK_SUSPENDED
);
6864 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
)
6866 zfs_ioctl_register_dataset_read_secpolicy(ioc
, func
,
6867 zfs_secpolicy_read
);
6871 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
6872 zfs_secpolicy_func_t
*secpolicy
)
6874 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
6875 DATASET_NAME
, B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
6879 zfs_ioctl_init(void)
6881 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT
,
6882 zfs_ioc_snapshot
, zfs_secpolicy_snapshot
, POOL_NAME
,
6883 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6884 zfs_keys_snapshot
, ARRAY_SIZE(zfs_keys_snapshot
));
6886 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY
,
6887 zfs_ioc_log_history
, zfs_secpolicy_log_history
, NO_NAME
,
6888 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
6889 zfs_keys_log_history
, ARRAY_SIZE(zfs_keys_log_history
));
6891 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS
,
6892 zfs_ioc_space_snaps
, zfs_secpolicy_read
, DATASET_NAME
,
6893 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
6894 zfs_keys_space_snaps
, ARRAY_SIZE(zfs_keys_space_snaps
));
6896 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW
,
6897 zfs_ioc_send_new
, zfs_secpolicy_send_new
, DATASET_NAME
,
6898 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
6899 zfs_keys_send_new
, ARRAY_SIZE(zfs_keys_send_new
));
6901 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE
,
6902 zfs_ioc_send_space
, zfs_secpolicy_read
, DATASET_NAME
,
6903 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
6904 zfs_keys_send_space
, ARRAY_SIZE(zfs_keys_send_space
));
6906 zfs_ioctl_register("create", ZFS_IOC_CREATE
,
6907 zfs_ioc_create
, zfs_secpolicy_create_clone
, DATASET_NAME
,
6908 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6909 zfs_keys_create
, ARRAY_SIZE(zfs_keys_create
));
6911 zfs_ioctl_register("clone", ZFS_IOC_CLONE
,
6912 zfs_ioc_clone
, zfs_secpolicy_create_clone
, DATASET_NAME
,
6913 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6914 zfs_keys_clone
, ARRAY_SIZE(zfs_keys_clone
));
6916 zfs_ioctl_register("remap", ZFS_IOC_REMAP
,
6917 zfs_ioc_remap
, zfs_secpolicy_none
, DATASET_NAME
,
6918 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
,
6919 zfs_keys_remap
, ARRAY_SIZE(zfs_keys_remap
));
6921 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS
,
6922 zfs_ioc_destroy_snaps
, zfs_secpolicy_destroy_snaps
, POOL_NAME
,
6923 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6924 zfs_keys_destroy_snaps
, ARRAY_SIZE(zfs_keys_destroy_snaps
));
6926 zfs_ioctl_register("hold", ZFS_IOC_HOLD
,
6927 zfs_ioc_hold
, zfs_secpolicy_hold
, POOL_NAME
,
6928 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6929 zfs_keys_hold
, ARRAY_SIZE(zfs_keys_hold
));
6930 zfs_ioctl_register("release", ZFS_IOC_RELEASE
,
6931 zfs_ioc_release
, zfs_secpolicy_release
, POOL_NAME
,
6932 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6933 zfs_keys_release
, ARRAY_SIZE(zfs_keys_release
));
6935 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS
,
6936 zfs_ioc_get_holds
, zfs_secpolicy_read
, DATASET_NAME
,
6937 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
6938 zfs_keys_get_holds
, ARRAY_SIZE(zfs_keys_get_holds
));
6940 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK
,
6941 zfs_ioc_rollback
, zfs_secpolicy_rollback
, DATASET_NAME
,
6942 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
,
6943 zfs_keys_rollback
, ARRAY_SIZE(zfs_keys_rollback
));
6945 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK
,
6946 zfs_ioc_bookmark
, zfs_secpolicy_bookmark
, POOL_NAME
,
6947 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6948 zfs_keys_bookmark
, ARRAY_SIZE(zfs_keys_bookmark
));
6950 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS
,
6951 zfs_ioc_get_bookmarks
, zfs_secpolicy_read
, DATASET_NAME
,
6952 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
,
6953 zfs_keys_get_bookmarks
, ARRAY_SIZE(zfs_keys_get_bookmarks
));
6955 zfs_ioctl_register("get_bookmark_props", ZFS_IOC_GET_BOOKMARK_PROPS
,
6956 zfs_ioc_get_bookmark_props
, zfs_secpolicy_read
, ENTITY_NAME
,
6957 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
, zfs_keys_get_bookmark_props
,
6958 ARRAY_SIZE(zfs_keys_get_bookmark_props
));
6960 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS
,
6961 zfs_ioc_destroy_bookmarks
, zfs_secpolicy_destroy_bookmarks
,
6963 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6964 zfs_keys_destroy_bookmarks
,
6965 ARRAY_SIZE(zfs_keys_destroy_bookmarks
));
6967 zfs_ioctl_register("receive", ZFS_IOC_RECV_NEW
,
6968 zfs_ioc_recv_new
, zfs_secpolicy_recv_new
, DATASET_NAME
,
6969 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
6970 zfs_keys_recv_new
, ARRAY_SIZE(zfs_keys_recv_new
));
6971 zfs_ioctl_register("load-key", ZFS_IOC_LOAD_KEY
,
6972 zfs_ioc_load_key
, zfs_secpolicy_load_key
,
6973 DATASET_NAME
, POOL_CHECK_SUSPENDED
, B_TRUE
, B_TRUE
,
6974 zfs_keys_load_key
, ARRAY_SIZE(zfs_keys_load_key
));
6975 zfs_ioctl_register("unload-key", ZFS_IOC_UNLOAD_KEY
,
6976 zfs_ioc_unload_key
, zfs_secpolicy_load_key
,
6977 DATASET_NAME
, POOL_CHECK_SUSPENDED
, B_TRUE
, B_TRUE
,
6978 zfs_keys_unload_key
, ARRAY_SIZE(zfs_keys_unload_key
));
6979 zfs_ioctl_register("change-key", ZFS_IOC_CHANGE_KEY
,
6980 zfs_ioc_change_key
, zfs_secpolicy_change_key
,
6981 DATASET_NAME
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
,
6982 B_TRUE
, B_TRUE
, zfs_keys_change_key
,
6983 ARRAY_SIZE(zfs_keys_change_key
));
6985 zfs_ioctl_register("sync", ZFS_IOC_POOL_SYNC
,
6986 zfs_ioc_pool_sync
, zfs_secpolicy_none
, POOL_NAME
,
6987 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
6988 zfs_keys_pool_sync
, ARRAY_SIZE(zfs_keys_pool_sync
));
6989 zfs_ioctl_register("reopen", ZFS_IOC_POOL_REOPEN
, zfs_ioc_pool_reopen
,
6990 zfs_secpolicy_config
, POOL_NAME
, POOL_CHECK_SUSPENDED
, B_TRUE
,
6991 B_TRUE
, zfs_keys_pool_reopen
, ARRAY_SIZE(zfs_keys_pool_reopen
));
6993 zfs_ioctl_register("channel_program", ZFS_IOC_CHANNEL_PROGRAM
,
6994 zfs_ioc_channel_program
, zfs_secpolicy_config
,
6995 POOL_NAME
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
,
6996 B_TRUE
, zfs_keys_channel_program
,
6997 ARRAY_SIZE(zfs_keys_channel_program
));
6999 zfs_ioctl_register("redact", ZFS_IOC_REDACT
,
7000 zfs_ioc_redact
, zfs_secpolicy_config
, DATASET_NAME
,
7001 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7002 zfs_keys_redact
, ARRAY_SIZE(zfs_keys_redact
));
7004 zfs_ioctl_register("zpool_checkpoint", ZFS_IOC_POOL_CHECKPOINT
,
7005 zfs_ioc_pool_checkpoint
, zfs_secpolicy_config
, POOL_NAME
,
7006 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7007 zfs_keys_pool_checkpoint
, ARRAY_SIZE(zfs_keys_pool_checkpoint
));
7009 zfs_ioctl_register("zpool_discard_checkpoint",
7010 ZFS_IOC_POOL_DISCARD_CHECKPOINT
, zfs_ioc_pool_discard_checkpoint
,
7011 zfs_secpolicy_config
, POOL_NAME
,
7012 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7013 zfs_keys_pool_discard_checkpoint
,
7014 ARRAY_SIZE(zfs_keys_pool_discard_checkpoint
));
7016 zfs_ioctl_register("initialize", ZFS_IOC_POOL_INITIALIZE
,
7017 zfs_ioc_pool_initialize
, zfs_secpolicy_config
, POOL_NAME
,
7018 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7019 zfs_keys_pool_initialize
, ARRAY_SIZE(zfs_keys_pool_initialize
));
7021 zfs_ioctl_register("trim", ZFS_IOC_POOL_TRIM
,
7022 zfs_ioc_pool_trim
, zfs_secpolicy_config
, POOL_NAME
,
7023 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
,
7024 zfs_keys_pool_trim
, ARRAY_SIZE(zfs_keys_pool_trim
));
7026 zfs_ioctl_register("wait", ZFS_IOC_WAIT
,
7027 zfs_ioc_wait
, zfs_secpolicy_none
, POOL_NAME
,
7028 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7029 zfs_keys_pool_wait
, ARRAY_SIZE(zfs_keys_pool_wait
));
7031 zfs_ioctl_register("wait_fs", ZFS_IOC_WAIT_FS
,
7032 zfs_ioc_wait_fs
, zfs_secpolicy_none
, DATASET_NAME
,
7033 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
,
7034 zfs_keys_fs_wait
, ARRAY_SIZE(zfs_keys_fs_wait
));
7036 zfs_ioctl_register("set_bootenv", ZFS_IOC_SET_BOOTENV
,
7037 zfs_ioc_set_bootenv
, zfs_secpolicy_config
, POOL_NAME
,
7038 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
,
7039 zfs_keys_set_bootenv
, ARRAY_SIZE(zfs_keys_set_bootenv
));
7041 zfs_ioctl_register("get_bootenv", ZFS_IOC_GET_BOOTENV
,
7042 zfs_ioc_get_bootenv
, zfs_secpolicy_none
, POOL_NAME
,
7043 POOL_CHECK_SUSPENDED
, B_FALSE
, B_TRUE
,
7044 zfs_keys_get_bootenv
, ARRAY_SIZE(zfs_keys_get_bootenv
));
7046 /* IOCTLS that use the legacy function signature */
7048 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE
, zfs_ioc_pool_freeze
,
7049 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_READONLY
);
7051 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE
, zfs_ioc_pool_create
,
7052 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
7053 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN
,
7055 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE
,
7056 zfs_ioc_pool_upgrade
);
7057 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD
,
7059 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE
,
7060 zfs_ioc_vdev_remove
);
7061 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE
,
7062 zfs_ioc_vdev_set_state
);
7063 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH
,
7064 zfs_ioc_vdev_attach
);
7065 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH
,
7066 zfs_ioc_vdev_detach
);
7067 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH
,
7068 zfs_ioc_vdev_setpath
);
7069 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU
,
7070 zfs_ioc_vdev_setfru
);
7071 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS
,
7072 zfs_ioc_pool_set_props
);
7073 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT
,
7074 zfs_ioc_vdev_split
);
7075 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID
,
7076 zfs_ioc_pool_reguid
);
7078 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS
,
7079 zfs_ioc_pool_configs
, zfs_secpolicy_none
);
7080 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT
,
7081 zfs_ioc_pool_tryimport
, zfs_secpolicy_config
);
7082 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT
,
7083 zfs_ioc_inject_fault
, zfs_secpolicy_inject
);
7084 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT
,
7085 zfs_ioc_clear_fault
, zfs_secpolicy_inject
);
7086 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT
,
7087 zfs_ioc_inject_list_next
, zfs_secpolicy_inject
);
7090 * pool destroy, and export don't log the history as part of
7091 * zfsdev_ioctl, but rather zfs_ioc_pool_export
7092 * does the logging of those commands.
7094 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY
, zfs_ioc_pool_destroy
,
7095 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7096 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT
, zfs_ioc_pool_export
,
7097 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7099 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS
, zfs_ioc_pool_stats
,
7100 zfs_secpolicy_read
, B_FALSE
, POOL_CHECK_NONE
);
7101 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS
, zfs_ioc_pool_get_props
,
7102 zfs_secpolicy_read
, B_FALSE
, POOL_CHECK_NONE
);
7104 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG
, zfs_ioc_error_log
,
7105 zfs_secpolicy_inject
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7106 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME
,
7107 zfs_ioc_dsobj_to_dsname
,
7108 zfs_secpolicy_diff
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7109 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY
,
7110 zfs_ioc_pool_get_history
,
7111 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
7113 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT
, zfs_ioc_pool_import
,
7114 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
7116 zfs_ioctl_register_pool(ZFS_IOC_CLEAR
, zfs_ioc_clear
,
7117 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_READONLY
);
7119 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN
,
7120 zfs_ioc_space_written
);
7121 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS
,
7122 zfs_ioc_objset_recvd_props
);
7123 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ
,
7125 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL
,
7127 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS
,
7128 zfs_ioc_objset_stats
);
7129 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS
,
7130 zfs_ioc_objset_zplprops
);
7131 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT
,
7132 zfs_ioc_dataset_list_next
);
7133 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT
,
7134 zfs_ioc_snapshot_list_next
);
7135 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS
,
7136 zfs_ioc_send_progress
);
7138 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF
,
7139 zfs_ioc_diff
, zfs_secpolicy_diff
);
7140 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS
,
7141 zfs_ioc_obj_to_stats
, zfs_secpolicy_diff
);
7142 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH
,
7143 zfs_ioc_obj_to_path
, zfs_secpolicy_diff
);
7144 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE
,
7145 zfs_ioc_userspace_one
, zfs_secpolicy_userspace_one
);
7146 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY
,
7147 zfs_ioc_userspace_many
, zfs_secpolicy_userspace_many
);
7148 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND
,
7149 zfs_ioc_send
, zfs_secpolicy_send
);
7151 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP
, zfs_ioc_set_prop
,
7152 zfs_secpolicy_none
);
7153 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY
, zfs_ioc_destroy
,
7154 zfs_secpolicy_destroy
);
7155 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME
, zfs_ioc_rename
,
7156 zfs_secpolicy_rename
);
7157 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV
, zfs_ioc_recv
,
7158 zfs_secpolicy_recv
);
7159 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE
, zfs_ioc_promote
,
7160 zfs_secpolicy_promote
);
7161 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP
,
7162 zfs_ioc_inherit_prop
, zfs_secpolicy_inherit_prop
);
7163 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL
, zfs_ioc_set_fsacl
,
7164 zfs_secpolicy_set_fsacl
);
7166 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE
, zfs_ioc_share
,
7167 zfs_secpolicy_share
, POOL_CHECK_NONE
);
7168 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL
, zfs_ioc_smb_acl
,
7169 zfs_secpolicy_smb_acl
, POOL_CHECK_NONE
);
7170 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE
,
7171 zfs_ioc_userspace_upgrade
, zfs_secpolicy_userspace_upgrade
,
7172 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
7173 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT
,
7174 zfs_ioc_tmp_snapshot
, zfs_secpolicy_tmp_snapshot
,
7175 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
7177 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_NEXT
, zfs_ioc_events_next
,
7178 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7179 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_CLEAR
, zfs_ioc_events_clear
,
7180 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7181 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_SEEK
, zfs_ioc_events_seek
,
7182 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
7184 zfs_ioctl_init_os();
7188 * Verify that for non-legacy ioctls the input nvlist
7189 * pairs match against the expected input.
7191 * Possible errors are:
7192 * ZFS_ERR_IOC_ARG_UNAVAIL An unrecognized nvpair was encountered
7193 * ZFS_ERR_IOC_ARG_REQUIRED A required nvpair is missing
7194 * ZFS_ERR_IOC_ARG_BADTYPE Invalid type for nvpair
7197 zfs_check_input_nvpairs(nvlist_t
*innvl
, const zfs_ioc_vec_t
*vec
)
7199 const zfs_ioc_key_t
*nvl_keys
= vec
->zvec_nvl_keys
;
7200 boolean_t required_keys_found
= B_FALSE
;
7203 * examine each input pair
7205 for (nvpair_t
*pair
= nvlist_next_nvpair(innvl
, NULL
);
7206 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
7207 char *name
= nvpair_name(pair
);
7208 data_type_t type
= nvpair_type(pair
);
7209 boolean_t identified
= B_FALSE
;
7212 * check pair against the documented names and type
7214 for (int k
= 0; k
< vec
->zvec_nvl_key_count
; k
++) {
7215 /* if not a wild card name, check for an exact match */
7216 if ((nvl_keys
[k
].zkey_flags
& ZK_WILDCARDLIST
) == 0 &&
7217 strcmp(nvl_keys
[k
].zkey_name
, name
) != 0)
7220 identified
= B_TRUE
;
7222 if (nvl_keys
[k
].zkey_type
!= DATA_TYPE_ANY
&&
7223 nvl_keys
[k
].zkey_type
!= type
) {
7224 return (SET_ERROR(ZFS_ERR_IOC_ARG_BADTYPE
));
7227 if (nvl_keys
[k
].zkey_flags
& ZK_OPTIONAL
)
7230 required_keys_found
= B_TRUE
;
7234 /* allow an 'optional' key, everything else is invalid */
7236 (strcmp(name
, "optional") != 0 ||
7237 type
!= DATA_TYPE_NVLIST
)) {
7238 return (SET_ERROR(ZFS_ERR_IOC_ARG_UNAVAIL
));
7242 /* verify that all required keys were found */
7243 for (int k
= 0; k
< vec
->zvec_nvl_key_count
; k
++) {
7244 if (nvl_keys
[k
].zkey_flags
& ZK_OPTIONAL
)
7247 if (nvl_keys
[k
].zkey_flags
& ZK_WILDCARDLIST
) {
7248 /* at least one non-optional key is expected here */
7249 if (!required_keys_found
)
7250 return (SET_ERROR(ZFS_ERR_IOC_ARG_REQUIRED
));
7254 if (!nvlist_exists(innvl
, nvl_keys
[k
].zkey_name
))
7255 return (SET_ERROR(ZFS_ERR_IOC_ARG_REQUIRED
));
7262 pool_status_check(const char *name
, zfs_ioc_namecheck_t type
,
7263 zfs_ioc_poolcheck_t check
)
7268 ASSERT(type
== POOL_NAME
|| type
== DATASET_NAME
||
7269 type
== ENTITY_NAME
);
7271 if (check
& POOL_CHECK_NONE
)
7274 error
= spa_open(name
, &spa
, FTAG
);
7276 if ((check
& POOL_CHECK_SUSPENDED
) && spa_suspended(spa
))
7277 error
= SET_ERROR(EAGAIN
);
7278 else if ((check
& POOL_CHECK_READONLY
) && !spa_writeable(spa
))
7279 error
= SET_ERROR(EROFS
);
7280 spa_close(spa
, FTAG
);
7286 zfsdev_getminor(int fd
, minor_t
*minorp
)
7288 zfsdev_state_t
*zs
, *fpd
;
7292 ASSERT(!MUTEX_HELD(&zfsdev_state_lock
));
7294 if ((rc
= zfs_file_get(fd
, &fp
)))
7297 fpd
= zfs_file_private(fp
);
7299 return (SET_ERROR(EBADF
));
7301 mutex_enter(&zfsdev_state_lock
);
7303 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
7305 if (zs
->zs_minor
== -1)
7309 *minorp
= fpd
->zs_minor
;
7310 mutex_exit(&zfsdev_state_lock
);
7315 mutex_exit(&zfsdev_state_lock
);
7317 return (SET_ERROR(EBADF
));
7321 zfsdev_get_state_impl(minor_t minor
, enum zfsdev_state_type which
)
7325 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
7326 if (zs
->zs_minor
== minor
) {
7330 return (zs
->zs_onexit
);
7332 return (zs
->zs_zevent
);
7343 zfsdev_get_state(minor_t minor
, enum zfsdev_state_type which
)
7347 ptr
= zfsdev_get_state_impl(minor
, which
);
7353 * Find a free minor number. The zfsdev_state_list is expected to
7354 * be short since it is only a list of currently open file handles.
7357 zfsdev_minor_alloc(void)
7359 static minor_t last_minor
= 0;
7362 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
7364 for (m
= last_minor
+ 1; m
!= last_minor
; m
++) {
7365 if (m
> ZFSDEV_MAX_MINOR
)
7367 if (zfsdev_get_state_impl(m
, ZST_ALL
) == NULL
) {
7377 zfsdev_ioctl_common(uint_t vecnum
, zfs_cmd_t
*zc
, int flag
)
7380 const zfs_ioc_vec_t
*vec
;
7381 char *saved_poolname
= NULL
;
7382 size_t saved_poolname_len
= 0;
7383 nvlist_t
*innvl
= NULL
;
7384 fstrans_cookie_t cookie
;
7388 if (vecnum
>= sizeof (zfs_ioc_vec
) / sizeof (zfs_ioc_vec
[0]))
7389 return (SET_ERROR(ZFS_ERR_IOC_CMD_UNAVAIL
));
7391 vec
= &zfs_ioc_vec
[vecnum
];
7394 * The registered ioctl list may be sparse, verify that either
7395 * a normal or legacy handler are registered.
7397 if (vec
->zvec_func
== NULL
&& vec
->zvec_legacy_func
== NULL
)
7398 return (SET_ERROR(ZFS_ERR_IOC_CMD_UNAVAIL
));
7400 zc
->zc_iflags
= flag
& FKIOCTL
;
7401 if (zc
->zc_nvlist_src_size
> MAX_NVLIST_SRC_SIZE
) {
7403 * Make sure the user doesn't pass in an insane value for
7404 * zc_nvlist_src_size. We have to check, since we will end
7405 * up allocating that much memory inside of get_nvlist(). This
7406 * prevents a nefarious user from allocating tons of kernel
7409 * Also, we return EINVAL instead of ENOMEM here. The reason
7410 * being that returning ENOMEM from an ioctl() has a special
7411 * connotation; that the user's size value is too small and
7412 * needs to be expanded to hold the nvlist. See
7413 * zcmd_expand_dst_nvlist() for details.
7415 error
= SET_ERROR(EINVAL
); /* User's size too big */
7417 } else if (zc
->zc_nvlist_src_size
!= 0) {
7418 error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
7419 zc
->zc_iflags
, &innvl
);
7425 * Ensure that all pool/dataset names are valid before we pass down to
7428 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
7429 switch (vec
->zvec_namecheck
) {
7431 if (pool_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
7432 error
= SET_ERROR(EINVAL
);
7434 error
= pool_status_check(zc
->zc_name
,
7435 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
7439 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
7440 error
= SET_ERROR(EINVAL
);
7442 error
= pool_status_check(zc
->zc_name
,
7443 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
7447 if (entity_namecheck(zc
->zc_name
, NULL
, NULL
) != 0) {
7448 error
= SET_ERROR(EINVAL
);
7450 error
= pool_status_check(zc
->zc_name
,
7451 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
7459 * Ensure that all input pairs are valid before we pass them down
7460 * to the lower layers.
7462 * The vectored functions can use fnvlist_lookup_{type} for any
7463 * required pairs since zfs_check_input_nvpairs() confirmed that
7464 * they exist and are of the correct type.
7466 if (error
== 0 && vec
->zvec_func
!= NULL
) {
7467 error
= zfs_check_input_nvpairs(innvl
, vec
);
7473 cookie
= spl_fstrans_mark();
7474 error
= vec
->zvec_secpolicy(zc
, innvl
, CRED());
7475 spl_fstrans_unmark(cookie
);
7481 /* legacy ioctls can modify zc_name */
7483 * Can't use kmem_strdup() as we might truncate the string and
7484 * kmem_strfree() would then free with incorrect size.
7486 saved_poolname_len
= strlen(zc
->zc_name
) + 1;
7487 saved_poolname
= kmem_alloc(saved_poolname_len
, KM_SLEEP
);
7489 strlcpy(saved_poolname
, zc
->zc_name
, saved_poolname_len
);
7490 saved_poolname
[strcspn(saved_poolname
, "/@#")] = '\0';
7492 if (vec
->zvec_func
!= NULL
) {
7496 nvlist_t
*lognv
= NULL
;
7498 ASSERT(vec
->zvec_legacy_func
== NULL
);
7501 * Add the innvl to the lognv before calling the func,
7502 * in case the func changes the innvl.
7504 if (vec
->zvec_allow_log
) {
7505 lognv
= fnvlist_alloc();
7506 fnvlist_add_string(lognv
, ZPOOL_HIST_IOCTL
,
7508 if (!nvlist_empty(innvl
)) {
7509 fnvlist_add_nvlist(lognv
, ZPOOL_HIST_INPUT_NVL
,
7514 outnvl
= fnvlist_alloc();
7515 cookie
= spl_fstrans_mark();
7516 error
= vec
->zvec_func(zc
->zc_name
, innvl
, outnvl
);
7517 spl_fstrans_unmark(cookie
);
7520 * Some commands can partially execute, modify state, and still
7521 * return an error. In these cases, attempt to record what
7525 (cmd
== ZFS_IOC_CHANNEL_PROGRAM
&& error
!= EINVAL
)) &&
7526 vec
->zvec_allow_log
&&
7527 spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
7528 if (!nvlist_empty(outnvl
)) {
7529 fnvlist_add_nvlist(lognv
, ZPOOL_HIST_OUTPUT_NVL
,
7533 fnvlist_add_int64(lognv
, ZPOOL_HIST_ERRNO
,
7536 (void) spa_history_log_nvl(spa
, lognv
);
7537 spa_close(spa
, FTAG
);
7539 fnvlist_free(lognv
);
7541 if (!nvlist_empty(outnvl
) || zc
->zc_nvlist_dst_size
!= 0) {
7543 if (vec
->zvec_smush_outnvlist
) {
7544 smusherror
= nvlist_smush(outnvl
,
7545 zc
->zc_nvlist_dst_size
);
7547 if (smusherror
== 0)
7548 puterror
= put_nvlist(zc
, outnvl
);
7554 nvlist_free(outnvl
);
7556 cookie
= spl_fstrans_mark();
7557 error
= vec
->zvec_legacy_func(zc
);
7558 spl_fstrans_unmark(cookie
);
7563 if (error
== 0 && vec
->zvec_allow_log
) {
7564 char *s
= tsd_get(zfs_allow_log_key
);
7567 (void) tsd_set(zfs_allow_log_key
, kmem_strdup(saved_poolname
));
7569 if (saved_poolname
!= NULL
)
7570 kmem_free(saved_poolname
, saved_poolname_len
);
7580 if ((error
= zvol_init()) != 0)
7583 spa_init(SPA_MODE_READ
| SPA_MODE_WRITE
);
7588 mutex_init(&zfsdev_state_lock
, NULL
, MUTEX_DEFAULT
, NULL
);
7589 zfsdev_state_list
= kmem_zalloc(sizeof (zfsdev_state_t
), KM_SLEEP
);
7590 zfsdev_state_list
->zs_minor
= -1;
7592 if ((error
= zfsdev_attach()) != 0)
7595 tsd_create(&zfs_fsyncer_key
, NULL
);
7596 tsd_create(&rrw_tsd_key
, rrw_tsd_destroy
);
7597 tsd_create(&zfs_allow_log_key
, zfs_allow_log_destroy
);
7611 zfsdev_state_t
*zs
, *zsprev
= NULL
;
7615 mutex_destroy(&zfsdev_state_lock
);
7617 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
7619 kmem_free(zsprev
, sizeof (zfsdev_state_t
));
7623 kmem_free(zsprev
, sizeof (zfsdev_state_t
));
7629 tsd_destroy(&zfs_fsyncer_key
);
7630 tsd_destroy(&rrw_tsd_key
);
7631 tsd_destroy(&zfs_allow_log_key
);