4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Portions Copyright 2011 Martin Matuska
25 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
26 * Portions Copyright 2012 Pawel Jakub Dawidek <pawel@dawidek.net>
27 * Copyright (c) 2014, 2016 Joyent, Inc. All rights reserved.
28 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
29 * Copyright (c) 2014, Joyent, Inc. All rights reserved.
30 * Copyright (c) 2011, 2015 by Delphix. All rights reserved.
31 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
32 * Copyright (c) 2013 Steven Hartland. All rights reserved.
33 * Copyright (c) 2014 Integros [integros.com]
34 * Copyright 2016 Toomas Soome <tsoome@me.com>
35 * Copyright (c) 2016 Actifio, Inc. All rights reserved.
41 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
42 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
44 * There are two ways that we handle ioctls: the legacy way where almost
45 * all of the logic is in the ioctl callback, and the new way where most
46 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
48 * Non-legacy ioctls should be registered by calling
49 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
50 * from userland by lzc_ioctl().
52 * The registration arguments are as follows:
55 * The name of the ioctl. This is used for history logging. If the
56 * ioctl returns successfully (the callback returns 0), and allow_log
57 * is true, then a history log entry will be recorded with the input &
58 * output nvlists. The log entry can be printed with "zpool history -i".
61 * The ioctl request number, which userland will pass to ioctl(2).
62 * The ioctl numbers can change from release to release, because
63 * the caller (libzfs) must be matched to the kernel.
65 * zfs_secpolicy_func_t *secpolicy
66 * This function will be called before the zfs_ioc_func_t, to
67 * determine if this operation is permitted. It should return EPERM
68 * on failure, and 0 on success. Checks include determining if the
69 * dataset is visible in this zone, and if the user has either all
70 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
71 * to do this operation on this dataset with "zfs allow".
73 * zfs_ioc_namecheck_t namecheck
74 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
75 * name, a dataset name, or nothing. If the name is not well-formed,
76 * the ioctl will fail and the callback will not be called.
77 * Therefore, the callback can assume that the name is well-formed
78 * (e.g. is null-terminated, doesn't have more than one '@' character,
79 * doesn't have invalid characters).
81 * zfs_ioc_poolcheck_t pool_check
82 * This specifies requirements on the pool state. If the pool does
83 * not meet them (is suspended or is readonly), the ioctl will fail
84 * and the callback will not be called. If any checks are specified
85 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
86 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
87 * POOL_CHECK_READONLY).
89 * boolean_t smush_outnvlist
90 * If smush_outnvlist is true, then the output is presumed to be a
91 * list of errors, and it will be "smushed" down to fit into the
92 * caller's buffer, by removing some entries and replacing them with a
93 * single "N_MORE_ERRORS" entry indicating how many were removed. See
94 * nvlist_smush() for details. If smush_outnvlist is false, and the
95 * outnvlist does not fit into the userland-provided buffer, then the
96 * ioctl will fail with ENOMEM.
98 * zfs_ioc_func_t *func
99 * The callback function that will perform the operation.
101 * The callback should return 0 on success, or an error number on
102 * failure. If the function fails, the userland ioctl will return -1,
103 * and errno will be set to the callback's return value. The callback
104 * will be called with the following arguments:
107 * The name of the pool or dataset to operate on, from
108 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
109 * expected type (pool, dataset, or none).
112 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
113 * NULL if no input nvlist was provided. Changes to this nvlist are
114 * ignored. If the input nvlist could not be deserialized, the
115 * ioctl will fail and the callback will not be called.
118 * The output nvlist, initially empty. The callback can fill it in,
119 * and it will be returned to userland by serializing it into
120 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
121 * fails (e.g. because the caller didn't supply a large enough
122 * buffer), then the overall ioctl will fail. See the
123 * 'smush_nvlist' argument above for additional behaviors.
125 * There are two typical uses of the output nvlist:
126 * - To return state, e.g. property values. In this case,
127 * smush_outnvlist should be false. If the buffer was not large
128 * enough, the caller will reallocate a larger buffer and try
131 * - To return multiple errors from an ioctl which makes on-disk
132 * changes. In this case, smush_outnvlist should be true.
133 * Ioctls which make on-disk modifications should generally not
134 * use the outnvl if they succeed, because the caller can not
135 * distinguish between the operation failing, and
136 * deserialization failing.
139 #include <sys/types.h>
140 #include <sys/param.h>
141 #include <sys/errno.h>
144 #include <sys/modctl.h>
145 #include <sys/open.h>
146 #include <sys/file.h>
147 #include <sys/kmem.h>
148 #include <sys/conf.h>
149 #include <sys/cmn_err.h>
150 #include <sys/stat.h>
151 #include <sys/zfs_ioctl.h>
152 #include <sys/zfs_vfsops.h>
153 #include <sys/zfs_znode.h>
156 #include <sys/spa_impl.h>
157 #include <sys/vdev.h>
158 #include <sys/priv_impl.h>
160 #include <sys/dsl_dir.h>
161 #include <sys/dsl_dataset.h>
162 #include <sys/dsl_prop.h>
163 #include <sys/dsl_deleg.h>
164 #include <sys/dmu_objset.h>
165 #include <sys/dmu_impl.h>
166 #include <sys/dmu_tx.h>
168 #include <sys/sunddi.h>
169 #include <sys/sunldi.h>
170 #include <sys/policy.h>
171 #include <sys/zone.h>
172 #include <sys/nvpair.h>
173 #include <sys/pathname.h>
174 #include <sys/mount.h>
176 #include <sys/fs/zfs.h>
177 #include <sys/zfs_ctldir.h>
178 #include <sys/zfs_dir.h>
179 #include <sys/zfs_onexit.h>
180 #include <sys/zvol.h>
181 #include <sys/dsl_scan.h>
182 #include <sharefs/share.h>
183 #include <sys/fm/util.h>
185 #include <sys/dmu_send.h>
186 #include <sys/dsl_destroy.h>
187 #include <sys/dsl_bookmark.h>
188 #include <sys/dsl_userhold.h>
189 #include <sys/zfeature.h>
190 #include <sys/zio_checksum.h>
192 #include <linux/miscdevice.h>
193 #include <linux/slab.h>
195 #include "zfs_namecheck.h"
196 #include "zfs_prop.h"
197 #include "zfs_deleg.h"
198 #include "zfs_comutil.h"
201 * Limit maximum nvlist size. We don't want users passing in insane values
202 * for zc->zc_nvlist_src_size, since we will need to allocate that much memory.
204 #define MAX_NVLIST_SRC_SIZE KMALLOC_MAX_SIZE
206 kmutex_t zfsdev_state_lock
;
207 zfsdev_state_t
*zfsdev_state_list
;
209 extern void zfs_init(void);
210 extern void zfs_fini(void);
212 uint_t zfs_fsyncer_key
;
213 extern uint_t rrw_tsd_key
;
214 static uint_t zfs_allow_log_key
;
216 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t
*);
217 typedef int zfs_ioc_func_t(const char *, nvlist_t
*, nvlist_t
*);
218 typedef int zfs_secpolicy_func_t(zfs_cmd_t
*, nvlist_t
*, cred_t
*);
224 } zfs_ioc_namecheck_t
;
227 POOL_CHECK_NONE
= 1 << 0,
228 POOL_CHECK_SUSPENDED
= 1 << 1,
229 POOL_CHECK_READONLY
= 1 << 2,
230 } zfs_ioc_poolcheck_t
;
232 typedef struct zfs_ioc_vec
{
233 zfs_ioc_legacy_func_t
*zvec_legacy_func
;
234 zfs_ioc_func_t
*zvec_func
;
235 zfs_secpolicy_func_t
*zvec_secpolicy
;
236 zfs_ioc_namecheck_t zvec_namecheck
;
237 boolean_t zvec_allow_log
;
238 zfs_ioc_poolcheck_t zvec_pool_check
;
239 boolean_t zvec_smush_outnvlist
;
240 const char *zvec_name
;
243 /* This array is indexed by zfs_userquota_prop_t */
244 static const char *userquota_perms
[] = {
245 ZFS_DELEG_PERM_USERUSED
,
246 ZFS_DELEG_PERM_USERQUOTA
,
247 ZFS_DELEG_PERM_GROUPUSED
,
248 ZFS_DELEG_PERM_GROUPQUOTA
,
249 ZFS_DELEG_PERM_USEROBJUSED
,
250 ZFS_DELEG_PERM_USEROBJQUOTA
,
251 ZFS_DELEG_PERM_GROUPOBJUSED
,
252 ZFS_DELEG_PERM_GROUPOBJQUOTA
,
255 static int zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
);
256 static int zfs_ioc_userobjspace_upgrade(zfs_cmd_t
*zc
);
257 static int zfs_check_settable(const char *name
, nvpair_t
*property
,
259 static int zfs_check_clearable(char *dataset
, nvlist_t
*props
,
261 static int zfs_fill_zplprops_root(uint64_t, nvlist_t
*, nvlist_t
*,
263 int zfs_set_prop_nvlist(const char *, zprop_source_t
, nvlist_t
*, nvlist_t
*);
264 static int get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
);
267 history_str_free(char *buf
)
269 kmem_free(buf
, HIS_MAX_RECORD_LEN
);
273 history_str_get(zfs_cmd_t
*zc
)
277 if (zc
->zc_history
== 0)
280 buf
= kmem_alloc(HIS_MAX_RECORD_LEN
, KM_SLEEP
);
281 if (copyinstr((void *)(uintptr_t)zc
->zc_history
,
282 buf
, HIS_MAX_RECORD_LEN
, NULL
) != 0) {
283 history_str_free(buf
);
287 buf
[HIS_MAX_RECORD_LEN
-1] = '\0';
293 * Check to see if the named dataset is currently defined as bootable
296 zfs_is_bootfs(const char *name
)
300 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
302 ret
= (dmu_objset_id(os
) == spa_bootfs(dmu_objset_spa(os
)));
303 dmu_objset_rele(os
, FTAG
);
310 * Return non-zero if the spa version is less than requested version.
313 zfs_earlier_version(const char *name
, int version
)
317 if (spa_open(name
, &spa
, FTAG
) == 0) {
318 if (spa_version(spa
) < version
) {
319 spa_close(spa
, FTAG
);
322 spa_close(spa
, FTAG
);
328 * Return TRUE if the ZPL version is less than requested version.
331 zpl_earlier_version(const char *name
, int version
)
334 boolean_t rc
= B_TRUE
;
336 if (dmu_objset_hold(name
, FTAG
, &os
) == 0) {
339 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
340 dmu_objset_rele(os
, FTAG
);
343 /* XXX reading from non-owned objset */
344 if (zfs_get_zplprop(os
, ZFS_PROP_VERSION
, &zplversion
) == 0)
345 rc
= zplversion
< version
;
346 dmu_objset_rele(os
, FTAG
);
352 zfs_log_history(zfs_cmd_t
*zc
)
357 if ((buf
= history_str_get(zc
)) == NULL
)
360 if (spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
361 if (spa_version(spa
) >= SPA_VERSION_ZPOOL_HISTORY
)
362 (void) spa_history_log(spa
, buf
);
363 spa_close(spa
, FTAG
);
365 history_str_free(buf
);
369 * Policy for top-level read operations (list pools). Requires no privileges,
370 * and can be used in the local zone, as there is no associated dataset.
374 zfs_secpolicy_none(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
380 * Policy for dataset read operations (list children, get statistics). Requires
381 * no privileges, but must be visible in the local zone.
385 zfs_secpolicy_read(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
387 if (INGLOBALZONE(curproc
) ||
388 zone_dataset_visible(zc
->zc_name
, NULL
))
391 return (SET_ERROR(ENOENT
));
395 zfs_dozonecheck_impl(const char *dataset
, uint64_t zoned
, cred_t
*cr
)
400 * The dataset must be visible by this zone -- check this first
401 * so they don't see EPERM on something they shouldn't know about.
403 if (!INGLOBALZONE(curproc
) &&
404 !zone_dataset_visible(dataset
, &writable
))
405 return (SET_ERROR(ENOENT
));
407 if (INGLOBALZONE(curproc
)) {
409 * If the fs is zoned, only root can access it from the
412 if (secpolicy_zfs(cr
) && zoned
)
413 return (SET_ERROR(EPERM
));
416 * If we are in a local zone, the 'zoned' property must be set.
419 return (SET_ERROR(EPERM
));
421 /* must be writable by this zone */
423 return (SET_ERROR(EPERM
));
429 zfs_dozonecheck(const char *dataset
, cred_t
*cr
)
433 if (dsl_prop_get_integer(dataset
, "zoned", &zoned
, NULL
))
434 return (SET_ERROR(ENOENT
));
436 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
440 zfs_dozonecheck_ds(const char *dataset
, dsl_dataset_t
*ds
, cred_t
*cr
)
444 if (dsl_prop_get_int_ds(ds
, "zoned", &zoned
))
445 return (SET_ERROR(ENOENT
));
447 return (zfs_dozonecheck_impl(dataset
, zoned
, cr
));
451 zfs_secpolicy_write_perms_ds(const char *name
, dsl_dataset_t
*ds
,
452 const char *perm
, cred_t
*cr
)
456 error
= zfs_dozonecheck_ds(name
, ds
, cr
);
458 error
= secpolicy_zfs(cr
);
460 error
= dsl_deleg_access_impl(ds
, perm
, cr
);
466 zfs_secpolicy_write_perms(const char *name
, const char *perm
, cred_t
*cr
)
473 * First do a quick check for root in the global zone, which
474 * is allowed to do all write_perms. This ensures that zfs_ioc_*
475 * will get to handle nonexistent datasets.
477 if (INGLOBALZONE(curproc
) && secpolicy_zfs(cr
) == 0)
480 error
= dsl_pool_hold(name
, FTAG
, &dp
);
484 error
= dsl_dataset_hold(dp
, name
, FTAG
, &ds
);
486 dsl_pool_rele(dp
, FTAG
);
490 error
= zfs_secpolicy_write_perms_ds(name
, ds
, perm
, cr
);
492 dsl_dataset_rele(ds
, FTAG
);
493 dsl_pool_rele(dp
, FTAG
);
498 * Policy for setting the security label property.
500 * Returns 0 for success, non-zero for access and other errors.
503 zfs_set_slabel_policy(const char *name
, char *strval
, cred_t
*cr
)
506 char ds_hexsl
[MAXNAMELEN
];
507 bslabel_t ds_sl
, new_sl
;
508 boolean_t new_default
= FALSE
;
510 int needed_priv
= -1;
513 /* First get the existing dataset label. */
514 error
= dsl_prop_get(name
, zfs_prop_to_name(ZFS_PROP_MLSLABEL
),
515 1, sizeof (ds_hexsl
), &ds_hexsl
, NULL
);
517 return (SET_ERROR(EPERM
));
519 if (strcasecmp(strval
, ZFS_MLSLABEL_DEFAULT
) == 0)
522 /* The label must be translatable */
523 if (!new_default
&& (hexstr_to_label(strval
, &new_sl
) != 0))
524 return (SET_ERROR(EINVAL
));
527 * In a non-global zone, disallow attempts to set a label that
528 * doesn't match that of the zone; otherwise no other checks
531 if (!INGLOBALZONE(curproc
)) {
532 if (new_default
|| !blequal(&new_sl
, CR_SL(CRED())))
533 return (SET_ERROR(EPERM
));
538 * For global-zone datasets (i.e., those whose zoned property is
539 * "off", verify that the specified new label is valid for the
542 if (dsl_prop_get_integer(name
,
543 zfs_prop_to_name(ZFS_PROP_ZONED
), &zoned
, NULL
))
544 return (SET_ERROR(EPERM
));
546 if (zfs_check_global_label(name
, strval
) != 0)
547 return (SET_ERROR(EPERM
));
551 * If the existing dataset label is nondefault, check if the
552 * dataset is mounted (label cannot be changed while mounted).
553 * Get the zfsvfs_t; if there isn't one, then the dataset isn't
554 * mounted (or isn't a dataset, doesn't exist, ...).
556 if (strcasecmp(ds_hexsl
, ZFS_MLSLABEL_DEFAULT
) != 0) {
558 static char *setsl_tag
= "setsl_tag";
561 * Try to own the dataset; abort if there is any error,
562 * (e.g., already mounted, in use, or other error).
564 error
= dmu_objset_own(name
, DMU_OST_ZFS
, B_TRUE
,
567 return (SET_ERROR(EPERM
));
569 dmu_objset_disown(os
, setsl_tag
);
572 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
576 if (hexstr_to_label(strval
, &new_sl
) != 0)
577 return (SET_ERROR(EPERM
));
579 if (blstrictdom(&ds_sl
, &new_sl
))
580 needed_priv
= PRIV_FILE_DOWNGRADE_SL
;
581 else if (blstrictdom(&new_sl
, &ds_sl
))
582 needed_priv
= PRIV_FILE_UPGRADE_SL
;
584 /* dataset currently has a default label */
586 needed_priv
= PRIV_FILE_UPGRADE_SL
;
590 if (needed_priv
!= -1)
591 return (PRIV_POLICY(cr
, needed_priv
, B_FALSE
, EPERM
, NULL
));
595 #endif /* HAVE_MLSLABEL */
599 zfs_secpolicy_setprop(const char *dsname
, zfs_prop_t prop
, nvpair_t
*propval
,
605 * Check permissions for special properties.
612 * Disallow setting of 'zoned' from within a local zone.
614 if (!INGLOBALZONE(curproc
))
615 return (SET_ERROR(EPERM
));
619 case ZFS_PROP_FILESYSTEM_LIMIT
:
620 case ZFS_PROP_SNAPSHOT_LIMIT
:
621 if (!INGLOBALZONE(curproc
)) {
623 char setpoint
[ZFS_MAX_DATASET_NAME_LEN
];
625 * Unprivileged users are allowed to modify the
626 * limit on things *under* (ie. contained by)
627 * the thing they own.
629 if (dsl_prop_get_integer(dsname
, "zoned", &zoned
,
631 return (SET_ERROR(EPERM
));
632 if (!zoned
|| strlen(dsname
) <= strlen(setpoint
))
633 return (SET_ERROR(EPERM
));
637 case ZFS_PROP_MLSLABEL
:
638 if (!is_system_labeled())
639 return (SET_ERROR(EPERM
));
641 if (nvpair_value_string(propval
, &strval
) == 0) {
644 err
= zfs_set_slabel_policy(dsname
, strval
, CRED());
651 return (zfs_secpolicy_write_perms(dsname
, zfs_prop_to_name(prop
), cr
));
656 zfs_secpolicy_set_fsacl(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
660 error
= zfs_dozonecheck(zc
->zc_name
, cr
);
665 * permission to set permissions will be evaluated later in
666 * dsl_deleg_can_allow()
673 zfs_secpolicy_rollback(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
675 return (zfs_secpolicy_write_perms(zc
->zc_name
,
676 ZFS_DELEG_PERM_ROLLBACK
, cr
));
681 zfs_secpolicy_send(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
689 * Generate the current snapshot name from the given objsetid, then
690 * use that name for the secpolicy/zone checks.
692 cp
= strchr(zc
->zc_name
, '@');
694 return (SET_ERROR(EINVAL
));
695 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
699 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &ds
);
701 dsl_pool_rele(dp
, FTAG
);
705 dsl_dataset_name(ds
, zc
->zc_name
);
707 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, ds
,
708 ZFS_DELEG_PERM_SEND
, cr
);
709 dsl_dataset_rele(ds
, FTAG
);
710 dsl_pool_rele(dp
, FTAG
);
717 zfs_secpolicy_send_new(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
719 return (zfs_secpolicy_write_perms(zc
->zc_name
,
720 ZFS_DELEG_PERM_SEND
, cr
));
723 #ifdef HAVE_SMB_SHARE
726 zfs_secpolicy_deleg_share(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
731 if ((error
= lookupname(zc
->zc_value
, UIO_SYSSPACE
,
732 NO_FOLLOW
, NULL
, &vp
)) != 0)
735 /* Now make sure mntpnt and dataset are ZFS */
737 if (vp
->v_vfsp
->vfs_fstype
!= zfsfstype
||
738 (strcmp((char *)refstr_value(vp
->v_vfsp
->vfs_resource
),
739 zc
->zc_name
) != 0)) {
741 return (SET_ERROR(EPERM
));
745 return (dsl_deleg_access(zc
->zc_name
,
746 ZFS_DELEG_PERM_SHARE
, cr
));
748 #endif /* HAVE_SMB_SHARE */
751 zfs_secpolicy_share(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
753 #ifdef HAVE_SMB_SHARE
754 if (!INGLOBALZONE(curproc
))
755 return (SET_ERROR(EPERM
));
757 if (secpolicy_nfs(cr
) == 0) {
760 return (zfs_secpolicy_deleg_share(zc
, innvl
, cr
));
763 return (SET_ERROR(ENOTSUP
));
764 #endif /* HAVE_SMB_SHARE */
768 zfs_secpolicy_smb_acl(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
770 #ifdef HAVE_SMB_SHARE
771 if (!INGLOBALZONE(curproc
))
772 return (SET_ERROR(EPERM
));
774 if (secpolicy_smb(cr
) == 0) {
777 return (zfs_secpolicy_deleg_share(zc
, innvl
, cr
));
780 return (SET_ERROR(ENOTSUP
));
781 #endif /* HAVE_SMB_SHARE */
785 zfs_get_parent(const char *datasetname
, char *parent
, int parentsize
)
790 * Remove the @bla or /bla from the end of the name to get the parent.
792 (void) strncpy(parent
, datasetname
, parentsize
);
793 cp
= strrchr(parent
, '@');
797 cp
= strrchr(parent
, '/');
799 return (SET_ERROR(ENOENT
));
807 zfs_secpolicy_destroy_perms(const char *name
, cred_t
*cr
)
811 if ((error
= zfs_secpolicy_write_perms(name
,
812 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
815 return (zfs_secpolicy_write_perms(name
, ZFS_DELEG_PERM_DESTROY
, cr
));
820 zfs_secpolicy_destroy(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
822 return (zfs_secpolicy_destroy_perms(zc
->zc_name
, cr
));
826 * Destroying snapshots with delegated permissions requires
827 * descendant mount and destroy permissions.
831 zfs_secpolicy_destroy_snaps(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
834 nvpair_t
*pair
, *nextpair
;
837 if (nvlist_lookup_nvlist(innvl
, "snaps", &snaps
) != 0)
838 return (SET_ERROR(EINVAL
));
839 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
841 nextpair
= nvlist_next_nvpair(snaps
, pair
);
842 error
= zfs_secpolicy_destroy_perms(nvpair_name(pair
), cr
);
843 if (error
== ENOENT
) {
845 * Ignore any snapshots that don't exist (we consider
846 * them "already destroyed"). Remove the name from the
847 * nvl here in case the snapshot is created between
848 * now and when we try to destroy it (in which case
849 * we don't want to destroy it since we haven't
850 * checked for permission).
852 fnvlist_remove_nvpair(snaps
, pair
);
863 zfs_secpolicy_rename_perms(const char *from
, const char *to
, cred_t
*cr
)
865 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
868 if ((error
= zfs_secpolicy_write_perms(from
,
869 ZFS_DELEG_PERM_RENAME
, cr
)) != 0)
872 if ((error
= zfs_secpolicy_write_perms(from
,
873 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
876 if ((error
= zfs_get_parent(to
, parentname
,
877 sizeof (parentname
))) != 0)
880 if ((error
= zfs_secpolicy_write_perms(parentname
,
881 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
884 if ((error
= zfs_secpolicy_write_perms(parentname
,
885 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
893 zfs_secpolicy_rename(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
895 return (zfs_secpolicy_rename_perms(zc
->zc_name
, zc
->zc_value
, cr
));
900 zfs_secpolicy_promote(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
903 dsl_dataset_t
*clone
;
906 error
= zfs_secpolicy_write_perms(zc
->zc_name
,
907 ZFS_DELEG_PERM_PROMOTE
, cr
);
911 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
915 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &clone
);
918 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
919 dsl_dataset_t
*origin
= NULL
;
923 error
= dsl_dataset_hold_obj(dd
->dd_pool
,
924 dsl_dir_phys(dd
)->dd_origin_obj
, FTAG
, &origin
);
926 dsl_dataset_rele(clone
, FTAG
);
927 dsl_pool_rele(dp
, FTAG
);
931 error
= zfs_secpolicy_write_perms_ds(zc
->zc_name
, clone
,
932 ZFS_DELEG_PERM_MOUNT
, cr
);
934 dsl_dataset_name(origin
, parentname
);
936 error
= zfs_secpolicy_write_perms_ds(parentname
, origin
,
937 ZFS_DELEG_PERM_PROMOTE
, cr
);
939 dsl_dataset_rele(clone
, FTAG
);
940 dsl_dataset_rele(origin
, FTAG
);
942 dsl_pool_rele(dp
, FTAG
);
948 zfs_secpolicy_recv(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
952 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
953 ZFS_DELEG_PERM_RECEIVE
, cr
)) != 0)
956 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
957 ZFS_DELEG_PERM_MOUNT
, cr
)) != 0)
960 return (zfs_secpolicy_write_perms(zc
->zc_name
,
961 ZFS_DELEG_PERM_CREATE
, cr
));
966 zfs_secpolicy_recv_new(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
968 return (zfs_secpolicy_recv(zc
, innvl
, cr
));
972 zfs_secpolicy_snapshot_perms(const char *name
, cred_t
*cr
)
974 return (zfs_secpolicy_write_perms(name
,
975 ZFS_DELEG_PERM_SNAPSHOT
, cr
));
979 * Check for permission to create each snapshot in the nvlist.
983 zfs_secpolicy_snapshot(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
989 if (nvlist_lookup_nvlist(innvl
, "snaps", &snaps
) != 0)
990 return (SET_ERROR(EINVAL
));
991 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
992 pair
= nvlist_next_nvpair(snaps
, pair
)) {
993 char *name
= nvpair_name(pair
);
994 char *atp
= strchr(name
, '@');
997 error
= SET_ERROR(EINVAL
);
1001 error
= zfs_secpolicy_snapshot_perms(name
, cr
);
1010 * Check for permission to create each snapshot in the nvlist.
1014 zfs_secpolicy_bookmark(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1019 for (pair
= nvlist_next_nvpair(innvl
, NULL
);
1020 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
1021 char *name
= nvpair_name(pair
);
1022 char *hashp
= strchr(name
, '#');
1024 if (hashp
== NULL
) {
1025 error
= SET_ERROR(EINVAL
);
1029 error
= zfs_secpolicy_write_perms(name
,
1030 ZFS_DELEG_PERM_BOOKMARK
, cr
);
1040 zfs_secpolicy_destroy_bookmarks(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1042 nvpair_t
*pair
, *nextpair
;
1045 for (pair
= nvlist_next_nvpair(innvl
, NULL
); pair
!= NULL
;
1047 char *name
= nvpair_name(pair
);
1048 char *hashp
= strchr(name
, '#');
1049 nextpair
= nvlist_next_nvpair(innvl
, pair
);
1051 if (hashp
== NULL
) {
1052 error
= SET_ERROR(EINVAL
);
1057 error
= zfs_secpolicy_write_perms(name
,
1058 ZFS_DELEG_PERM_DESTROY
, cr
);
1060 if (error
== ENOENT
) {
1062 * Ignore any filesystems that don't exist (we consider
1063 * their bookmarks "already destroyed"). Remove
1064 * the name from the nvl here in case the filesystem
1065 * is created between now and when we try to destroy
1066 * the bookmark (in which case we don't want to
1067 * destroy it since we haven't checked for permission).
1069 fnvlist_remove_nvpair(innvl
, pair
);
1081 zfs_secpolicy_log_history(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1084 * Even root must have a proper TSD so that we know what pool
1087 if (tsd_get(zfs_allow_log_key
) == NULL
)
1088 return (SET_ERROR(EPERM
));
1093 zfs_secpolicy_create_clone(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1095 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
1099 if ((error
= zfs_get_parent(zc
->zc_name
, parentname
,
1100 sizeof (parentname
))) != 0)
1103 if (nvlist_lookup_string(innvl
, "origin", &origin
) == 0 &&
1104 (error
= zfs_secpolicy_write_perms(origin
,
1105 ZFS_DELEG_PERM_CLONE
, cr
)) != 0)
1108 if ((error
= zfs_secpolicy_write_perms(parentname
,
1109 ZFS_DELEG_PERM_CREATE
, cr
)) != 0)
1112 return (zfs_secpolicy_write_perms(parentname
,
1113 ZFS_DELEG_PERM_MOUNT
, cr
));
1117 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1118 * SYS_CONFIG privilege, which is not available in a local zone.
1122 zfs_secpolicy_config(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1124 if (secpolicy_sys_config(cr
, B_FALSE
) != 0)
1125 return (SET_ERROR(EPERM
));
1131 * Policy for object to name lookups.
1135 zfs_secpolicy_diff(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1139 if ((error
= secpolicy_sys_config(cr
, B_FALSE
)) == 0)
1142 error
= zfs_secpolicy_write_perms(zc
->zc_name
, ZFS_DELEG_PERM_DIFF
, cr
);
1147 * Policy for fault injection. Requires all privileges.
1151 zfs_secpolicy_inject(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1153 return (secpolicy_zinject(cr
));
1158 zfs_secpolicy_inherit_prop(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1160 zfs_prop_t prop
= zfs_name_to_prop(zc
->zc_value
);
1162 if (prop
== ZPROP_INVAL
) {
1163 if (!zfs_prop_user(zc
->zc_value
))
1164 return (SET_ERROR(EINVAL
));
1165 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1166 ZFS_DELEG_PERM_USERPROP
, cr
));
1168 return (zfs_secpolicy_setprop(zc
->zc_name
, prop
,
1174 zfs_secpolicy_userspace_one(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1176 int err
= zfs_secpolicy_read(zc
, innvl
, cr
);
1180 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
1181 return (SET_ERROR(EINVAL
));
1183 if (zc
->zc_value
[0] == 0) {
1185 * They are asking about a posix uid/gid. If it's
1186 * themself, allow it.
1188 if (zc
->zc_objset_type
== ZFS_PROP_USERUSED
||
1189 zc
->zc_objset_type
== ZFS_PROP_USERQUOTA
||
1190 zc
->zc_objset_type
== ZFS_PROP_USEROBJUSED
||
1191 zc
->zc_objset_type
== ZFS_PROP_USEROBJQUOTA
) {
1192 if (zc
->zc_guid
== crgetuid(cr
))
1195 if (groupmember(zc
->zc_guid
, cr
))
1200 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1201 userquota_perms
[zc
->zc_objset_type
], cr
));
1205 zfs_secpolicy_userspace_many(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1207 int err
= zfs_secpolicy_read(zc
, innvl
, cr
);
1211 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
1212 return (SET_ERROR(EINVAL
));
1214 return (zfs_secpolicy_write_perms(zc
->zc_name
,
1215 userquota_perms
[zc
->zc_objset_type
], cr
));
1220 zfs_secpolicy_userspace_upgrade(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1222 return (zfs_secpolicy_setprop(zc
->zc_name
, ZFS_PROP_VERSION
,
1228 zfs_secpolicy_hold(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1234 error
= nvlist_lookup_nvlist(innvl
, "holds", &holds
);
1236 return (SET_ERROR(EINVAL
));
1238 for (pair
= nvlist_next_nvpair(holds
, NULL
); pair
!= NULL
;
1239 pair
= nvlist_next_nvpair(holds
, pair
)) {
1240 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
1241 error
= dmu_fsname(nvpair_name(pair
), fsname
);
1244 error
= zfs_secpolicy_write_perms(fsname
,
1245 ZFS_DELEG_PERM_HOLD
, cr
);
1254 zfs_secpolicy_release(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1259 for (pair
= nvlist_next_nvpair(innvl
, NULL
); pair
!= NULL
;
1260 pair
= nvlist_next_nvpair(innvl
, pair
)) {
1261 char fsname
[ZFS_MAX_DATASET_NAME_LEN
];
1262 error
= dmu_fsname(nvpair_name(pair
), fsname
);
1265 error
= zfs_secpolicy_write_perms(fsname
,
1266 ZFS_DELEG_PERM_RELEASE
, cr
);
1274 * Policy for allowing temporary snapshots to be taken or released
1277 zfs_secpolicy_tmp_snapshot(zfs_cmd_t
*zc
, nvlist_t
*innvl
, cred_t
*cr
)
1280 * A temporary snapshot is the same as a snapshot,
1281 * hold, destroy and release all rolled into one.
1282 * Delegated diff alone is sufficient that we allow this.
1286 if ((error
= zfs_secpolicy_write_perms(zc
->zc_name
,
1287 ZFS_DELEG_PERM_DIFF
, cr
)) == 0)
1290 error
= zfs_secpolicy_snapshot_perms(zc
->zc_name
, cr
);
1292 error
= zfs_secpolicy_hold(zc
, innvl
, cr
);
1294 error
= zfs_secpolicy_release(zc
, innvl
, cr
);
1296 error
= zfs_secpolicy_destroy(zc
, innvl
, cr
);
1301 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1304 get_nvlist(uint64_t nvl
, uint64_t size
, int iflag
, nvlist_t
**nvp
)
1308 nvlist_t
*list
= NULL
;
1311 * Read in and unpack the user-supplied nvlist.
1314 return (SET_ERROR(EINVAL
));
1316 packed
= vmem_alloc(size
, KM_SLEEP
);
1318 if ((error
= ddi_copyin((void *)(uintptr_t)nvl
, packed
, size
,
1320 vmem_free(packed
, size
);
1321 return (SET_ERROR(EFAULT
));
1324 if ((error
= nvlist_unpack(packed
, size
, &list
, 0)) != 0) {
1325 vmem_free(packed
, size
);
1329 vmem_free(packed
, size
);
1336 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1337 * Entries will be removed from the end of the nvlist, and one int32 entry
1338 * named "N_MORE_ERRORS" will be added indicating how many entries were
1342 nvlist_smush(nvlist_t
*errors
, size_t max
)
1346 size
= fnvlist_size(errors
);
1349 nvpair_t
*more_errors
;
1353 return (SET_ERROR(ENOMEM
));
1355 fnvlist_add_int32(errors
, ZPROP_N_MORE_ERRORS
, 0);
1356 more_errors
= nvlist_prev_nvpair(errors
, NULL
);
1359 nvpair_t
*pair
= nvlist_prev_nvpair(errors
,
1361 fnvlist_remove_nvpair(errors
, pair
);
1363 size
= fnvlist_size(errors
);
1364 } while (size
> max
);
1366 fnvlist_remove_nvpair(errors
, more_errors
);
1367 fnvlist_add_int32(errors
, ZPROP_N_MORE_ERRORS
, n
);
1368 ASSERT3U(fnvlist_size(errors
), <=, max
);
1375 put_nvlist(zfs_cmd_t
*zc
, nvlist_t
*nvl
)
1377 char *packed
= NULL
;
1381 size
= fnvlist_size(nvl
);
1383 if (size
> zc
->zc_nvlist_dst_size
) {
1384 error
= SET_ERROR(ENOMEM
);
1386 packed
= fnvlist_pack(nvl
, &size
);
1387 if (ddi_copyout(packed
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
1388 size
, zc
->zc_iflags
) != 0)
1389 error
= SET_ERROR(EFAULT
);
1390 fnvlist_pack_free(packed
, size
);
1393 zc
->zc_nvlist_dst_size
= size
;
1394 zc
->zc_nvlist_dst_filled
= B_TRUE
;
1399 getzfsvfs(const char *dsname
, zfsvfs_t
**zfvp
)
1404 error
= dmu_objset_hold(dsname
, FTAG
, &os
);
1407 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1408 dmu_objset_rele(os
, FTAG
);
1409 return (SET_ERROR(EINVAL
));
1412 mutex_enter(&os
->os_user_ptr_lock
);
1413 *zfvp
= dmu_objset_get_user(os
);
1414 /* bump s_active only when non-zero to prevent umount race */
1415 if (*zfvp
== NULL
|| (*zfvp
)->z_sb
== NULL
||
1416 !atomic_inc_not_zero(&((*zfvp
)->z_sb
->s_active
))) {
1417 error
= SET_ERROR(ESRCH
);
1419 mutex_exit(&os
->os_user_ptr_lock
);
1420 dmu_objset_rele(os
, FTAG
);
1425 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1426 * case its z_sb will be NULL, and it will be opened as the owner.
1427 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1428 * which prevents all inode ops from running.
1431 zfsvfs_hold(const char *name
, void *tag
, zfsvfs_t
**zfvp
, boolean_t writer
)
1435 if (getzfsvfs(name
, zfvp
) != 0)
1436 error
= zfsvfs_create(name
, zfvp
);
1438 rrm_enter(&(*zfvp
)->z_teardown_lock
, (writer
) ? RW_WRITER
:
1440 if ((*zfvp
)->z_unmounted
) {
1442 * XXX we could probably try again, since the unmounting
1443 * thread should be just about to disassociate the
1444 * objset from the zfsvfs.
1446 rrm_exit(&(*zfvp
)->z_teardown_lock
, tag
);
1447 return (SET_ERROR(EBUSY
));
1454 zfsvfs_rele(zfsvfs_t
*zfsvfs
, void *tag
)
1456 rrm_exit(&zfsvfs
->z_teardown_lock
, tag
);
1459 deactivate_super(zfsvfs
->z_sb
);
1461 dmu_objset_disown(zfsvfs
->z_os
, zfsvfs
);
1462 zfsvfs_free(zfsvfs
);
1467 zfs_ioc_pool_create(zfs_cmd_t
*zc
)
1470 nvlist_t
*config
, *props
= NULL
;
1471 nvlist_t
*rootprops
= NULL
;
1472 nvlist_t
*zplprops
= NULL
;
1474 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1475 zc
->zc_iflags
, &config
)))
1478 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1479 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1480 zc
->zc_iflags
, &props
))) {
1481 nvlist_free(config
);
1486 nvlist_t
*nvl
= NULL
;
1487 uint64_t version
= SPA_VERSION
;
1489 (void) nvlist_lookup_uint64(props
,
1490 zpool_prop_to_name(ZPOOL_PROP_VERSION
), &version
);
1491 if (!SPA_VERSION_IS_SUPPORTED(version
)) {
1492 error
= SET_ERROR(EINVAL
);
1493 goto pool_props_bad
;
1495 (void) nvlist_lookup_nvlist(props
, ZPOOL_ROOTFS_PROPS
, &nvl
);
1497 error
= nvlist_dup(nvl
, &rootprops
, KM_SLEEP
);
1499 nvlist_free(config
);
1503 (void) nvlist_remove_all(props
, ZPOOL_ROOTFS_PROPS
);
1505 VERIFY(nvlist_alloc(&zplprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
1506 error
= zfs_fill_zplprops_root(version
, rootprops
,
1509 goto pool_props_bad
;
1512 error
= spa_create(zc
->zc_name
, config
, props
, zplprops
);
1515 * Set the remaining root properties
1517 if (!error
&& (error
= zfs_set_prop_nvlist(zc
->zc_name
,
1518 ZPROP_SRC_LOCAL
, rootprops
, NULL
)) != 0)
1519 (void) spa_destroy(zc
->zc_name
);
1522 nvlist_free(rootprops
);
1523 nvlist_free(zplprops
);
1524 nvlist_free(config
);
1531 zfs_ioc_pool_destroy(zfs_cmd_t
*zc
)
1534 zfs_log_history(zc
);
1535 error
= spa_destroy(zc
->zc_name
);
1541 zfs_ioc_pool_import(zfs_cmd_t
*zc
)
1543 nvlist_t
*config
, *props
= NULL
;
1547 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1548 zc
->zc_iflags
, &config
)) != 0)
1551 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1552 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1553 zc
->zc_iflags
, &props
))) {
1554 nvlist_free(config
);
1558 if (nvlist_lookup_uint64(config
, ZPOOL_CONFIG_POOL_GUID
, &guid
) != 0 ||
1559 guid
!= zc
->zc_guid
)
1560 error
= SET_ERROR(EINVAL
);
1562 error
= spa_import(zc
->zc_name
, config
, props
, zc
->zc_cookie
);
1564 if (zc
->zc_nvlist_dst
!= 0) {
1567 if ((err
= put_nvlist(zc
, config
)) != 0)
1571 nvlist_free(config
);
1578 zfs_ioc_pool_export(zfs_cmd_t
*zc
)
1581 boolean_t force
= (boolean_t
)zc
->zc_cookie
;
1582 boolean_t hardforce
= (boolean_t
)zc
->zc_guid
;
1584 zfs_log_history(zc
);
1585 error
= spa_export(zc
->zc_name
, NULL
, force
, hardforce
);
1591 zfs_ioc_pool_configs(zfs_cmd_t
*zc
)
1596 if ((configs
= spa_all_configs(&zc
->zc_cookie
)) == NULL
)
1597 return (SET_ERROR(EEXIST
));
1599 error
= put_nvlist(zc
, configs
);
1601 nvlist_free(configs
);
1608 * zc_name name of the pool
1611 * zc_cookie real errno
1612 * zc_nvlist_dst config nvlist
1613 * zc_nvlist_dst_size size of config nvlist
1616 zfs_ioc_pool_stats(zfs_cmd_t
*zc
)
1622 error
= spa_get_stats(zc
->zc_name
, &config
, zc
->zc_value
,
1623 sizeof (zc
->zc_value
));
1625 if (config
!= NULL
) {
1626 ret
= put_nvlist(zc
, config
);
1627 nvlist_free(config
);
1630 * The config may be present even if 'error' is non-zero.
1631 * In this case we return success, and preserve the real errno
1634 zc
->zc_cookie
= error
;
1643 * Try to import the given pool, returning pool stats as appropriate so that
1644 * user land knows which devices are available and overall pool health.
1647 zfs_ioc_pool_tryimport(zfs_cmd_t
*zc
)
1649 nvlist_t
*tryconfig
, *config
;
1652 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1653 zc
->zc_iflags
, &tryconfig
)) != 0)
1656 config
= spa_tryimport(tryconfig
);
1658 nvlist_free(tryconfig
);
1661 return (SET_ERROR(EINVAL
));
1663 error
= put_nvlist(zc
, config
);
1664 nvlist_free(config
);
1671 * zc_name name of the pool
1672 * zc_cookie scan func (pool_scan_func_t)
1675 zfs_ioc_pool_scan(zfs_cmd_t
*zc
)
1680 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1683 if (zc
->zc_cookie
== POOL_SCAN_NONE
)
1684 error
= spa_scan_stop(spa
);
1686 error
= spa_scan(spa
, zc
->zc_cookie
);
1688 spa_close(spa
, FTAG
);
1694 zfs_ioc_pool_freeze(zfs_cmd_t
*zc
)
1699 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1702 spa_close(spa
, FTAG
);
1708 zfs_ioc_pool_upgrade(zfs_cmd_t
*zc
)
1713 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1716 if (zc
->zc_cookie
< spa_version(spa
) ||
1717 !SPA_VERSION_IS_SUPPORTED(zc
->zc_cookie
)) {
1718 spa_close(spa
, FTAG
);
1719 return (SET_ERROR(EINVAL
));
1722 spa_upgrade(spa
, zc
->zc_cookie
);
1723 spa_close(spa
, FTAG
);
1729 zfs_ioc_pool_get_history(zfs_cmd_t
*zc
)
1736 if ((size
= zc
->zc_history_len
) == 0)
1737 return (SET_ERROR(EINVAL
));
1739 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1742 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
1743 spa_close(spa
, FTAG
);
1744 return (SET_ERROR(ENOTSUP
));
1747 hist_buf
= vmem_alloc(size
, KM_SLEEP
);
1748 if ((error
= spa_history_get(spa
, &zc
->zc_history_offset
,
1749 &zc
->zc_history_len
, hist_buf
)) == 0) {
1750 error
= ddi_copyout(hist_buf
,
1751 (void *)(uintptr_t)zc
->zc_history
,
1752 zc
->zc_history_len
, zc
->zc_iflags
);
1755 spa_close(spa
, FTAG
);
1756 vmem_free(hist_buf
, size
);
1761 zfs_ioc_pool_reguid(zfs_cmd_t
*zc
)
1766 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1768 error
= spa_change_guid(spa
);
1769 spa_close(spa
, FTAG
);
1775 zfs_ioc_dsobj_to_dsname(zfs_cmd_t
*zc
)
1777 return (dsl_dsobj_to_dsname(zc
->zc_name
, zc
->zc_obj
, zc
->zc_value
));
1782 * zc_name name of filesystem
1783 * zc_obj object to find
1786 * zc_value name of object
1789 zfs_ioc_obj_to_path(zfs_cmd_t
*zc
)
1794 /* XXX reading from objset not owned */
1795 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)) != 0)
1797 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1798 dmu_objset_rele(os
, FTAG
);
1799 return (SET_ERROR(EINVAL
));
1801 error
= zfs_obj_to_path(os
, zc
->zc_obj
, zc
->zc_value
,
1802 sizeof (zc
->zc_value
));
1803 dmu_objset_rele(os
, FTAG
);
1810 * zc_name name of filesystem
1811 * zc_obj object to find
1814 * zc_stat stats on object
1815 * zc_value path to object
1818 zfs_ioc_obj_to_stats(zfs_cmd_t
*zc
)
1823 /* XXX reading from objset not owned */
1824 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)) != 0)
1826 if (dmu_objset_type(os
) != DMU_OST_ZFS
) {
1827 dmu_objset_rele(os
, FTAG
);
1828 return (SET_ERROR(EINVAL
));
1830 error
= zfs_obj_to_stats(os
, zc
->zc_obj
, &zc
->zc_stat
, zc
->zc_value
,
1831 sizeof (zc
->zc_value
));
1832 dmu_objset_rele(os
, FTAG
);
1838 zfs_ioc_vdev_add(zfs_cmd_t
*zc
)
1844 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1848 error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1849 zc
->zc_iflags
, &config
);
1851 error
= spa_vdev_add(spa
, config
);
1852 nvlist_free(config
);
1854 spa_close(spa
, FTAG
);
1860 * zc_name name of the pool
1861 * zc_nvlist_conf nvlist of devices to remove
1862 * zc_cookie to stop the remove?
1865 zfs_ioc_vdev_remove(zfs_cmd_t
*zc
)
1870 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
1873 error
= spa_vdev_remove(spa
, zc
->zc_guid
, B_FALSE
);
1874 spa_close(spa
, FTAG
);
1879 zfs_ioc_vdev_set_state(zfs_cmd_t
*zc
)
1883 vdev_state_t newstate
= VDEV_STATE_UNKNOWN
;
1885 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1887 switch (zc
->zc_cookie
) {
1888 case VDEV_STATE_ONLINE
:
1889 error
= vdev_online(spa
, zc
->zc_guid
, zc
->zc_obj
, &newstate
);
1892 case VDEV_STATE_OFFLINE
:
1893 error
= vdev_offline(spa
, zc
->zc_guid
, zc
->zc_obj
);
1896 case VDEV_STATE_FAULTED
:
1897 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1898 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
)
1899 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1901 error
= vdev_fault(spa
, zc
->zc_guid
, zc
->zc_obj
);
1904 case VDEV_STATE_DEGRADED
:
1905 if (zc
->zc_obj
!= VDEV_AUX_ERR_EXCEEDED
&&
1906 zc
->zc_obj
!= VDEV_AUX_EXTERNAL
)
1907 zc
->zc_obj
= VDEV_AUX_ERR_EXCEEDED
;
1909 error
= vdev_degrade(spa
, zc
->zc_guid
, zc
->zc_obj
);
1913 error
= SET_ERROR(EINVAL
);
1915 zc
->zc_cookie
= newstate
;
1916 spa_close(spa
, FTAG
);
1921 zfs_ioc_vdev_attach(zfs_cmd_t
*zc
)
1924 int replacing
= zc
->zc_cookie
;
1928 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1931 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1932 zc
->zc_iflags
, &config
)) == 0) {
1933 error
= spa_vdev_attach(spa
, zc
->zc_guid
, config
, replacing
);
1934 nvlist_free(config
);
1937 spa_close(spa
, FTAG
);
1942 zfs_ioc_vdev_detach(zfs_cmd_t
*zc
)
1947 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1950 error
= spa_vdev_detach(spa
, zc
->zc_guid
, 0, B_FALSE
);
1952 spa_close(spa
, FTAG
);
1957 zfs_ioc_vdev_split(zfs_cmd_t
*zc
)
1960 nvlist_t
*config
, *props
= NULL
;
1962 boolean_t exp
= !!(zc
->zc_cookie
& ZPOOL_EXPORT_AFTER_SPLIT
);
1964 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
1967 if ((error
= get_nvlist(zc
->zc_nvlist_conf
, zc
->zc_nvlist_conf_size
,
1968 zc
->zc_iflags
, &config
))) {
1969 spa_close(spa
, FTAG
);
1973 if (zc
->zc_nvlist_src_size
!= 0 && (error
=
1974 get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
1975 zc
->zc_iflags
, &props
))) {
1976 spa_close(spa
, FTAG
);
1977 nvlist_free(config
);
1981 error
= spa_vdev_split_mirror(spa
, zc
->zc_string
, config
, props
, exp
);
1983 spa_close(spa
, FTAG
);
1985 nvlist_free(config
);
1992 zfs_ioc_vdev_setpath(zfs_cmd_t
*zc
)
1995 char *path
= zc
->zc_value
;
1996 uint64_t guid
= zc
->zc_guid
;
1999 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
2003 error
= spa_vdev_setpath(spa
, guid
, path
);
2004 spa_close(spa
, FTAG
);
2009 zfs_ioc_vdev_setfru(zfs_cmd_t
*zc
)
2012 char *fru
= zc
->zc_value
;
2013 uint64_t guid
= zc
->zc_guid
;
2016 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
2020 error
= spa_vdev_setfru(spa
, guid
, fru
);
2021 spa_close(spa
, FTAG
);
2026 zfs_ioc_objset_stats_impl(zfs_cmd_t
*zc
, objset_t
*os
)
2031 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
2033 if (zc
->zc_nvlist_dst
!= 0 &&
2034 (error
= dsl_prop_get_all(os
, &nv
)) == 0) {
2035 dmu_objset_stats(os
, nv
);
2037 * NB: zvol_get_stats() will read the objset contents,
2038 * which we aren't supposed to do with a
2039 * DS_MODE_USER hold, because it could be
2040 * inconsistent. So this is a bit of a workaround...
2041 * XXX reading with out owning
2043 if (!zc
->zc_objset_stats
.dds_inconsistent
&&
2044 dmu_objset_type(os
) == DMU_OST_ZVOL
) {
2045 error
= zvol_get_stats(os
, nv
);
2053 error
= put_nvlist(zc
, nv
);
2062 * zc_name name of filesystem
2063 * zc_nvlist_dst_size size of buffer for property nvlist
2066 * zc_objset_stats stats
2067 * zc_nvlist_dst property nvlist
2068 * zc_nvlist_dst_size size of property nvlist
2071 zfs_ioc_objset_stats(zfs_cmd_t
*zc
)
2076 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2078 error
= zfs_ioc_objset_stats_impl(zc
, os
);
2079 dmu_objset_rele(os
, FTAG
);
2087 * zc_name name of filesystem
2088 * zc_nvlist_dst_size size of buffer for property nvlist
2091 * zc_nvlist_dst received property nvlist
2092 * zc_nvlist_dst_size size of received property nvlist
2094 * Gets received properties (distinct from local properties on or after
2095 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2096 * local property values.
2099 zfs_ioc_objset_recvd_props(zfs_cmd_t
*zc
)
2105 * Without this check, we would return local property values if the
2106 * caller has not already received properties on or after
2107 * SPA_VERSION_RECVD_PROPS.
2109 if (!dsl_prop_get_hasrecvd(zc
->zc_name
))
2110 return (SET_ERROR(ENOTSUP
));
2112 if (zc
->zc_nvlist_dst
!= 0 &&
2113 (error
= dsl_prop_get_received(zc
->zc_name
, &nv
)) == 0) {
2114 error
= put_nvlist(zc
, nv
);
2122 nvl_add_zplprop(objset_t
*os
, nvlist_t
*props
, zfs_prop_t prop
)
2128 * zfs_get_zplprop() will either find a value or give us
2129 * the default value (if there is one).
2131 if ((error
= zfs_get_zplprop(os
, prop
, &value
)) != 0)
2133 VERIFY(nvlist_add_uint64(props
, zfs_prop_to_name(prop
), value
) == 0);
2139 * zc_name name of filesystem
2140 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2143 * zc_nvlist_dst zpl property nvlist
2144 * zc_nvlist_dst_size size of zpl property nvlist
2147 zfs_ioc_objset_zplprops(zfs_cmd_t
*zc
)
2152 /* XXX reading without owning */
2153 if ((err
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
)))
2156 dmu_objset_fast_stat(os
, &zc
->zc_objset_stats
);
2159 * NB: nvl_add_zplprop() will read the objset contents,
2160 * which we aren't supposed to do with a DS_MODE_USER
2161 * hold, because it could be inconsistent.
2163 if (zc
->zc_nvlist_dst
!= 0 &&
2164 !zc
->zc_objset_stats
.dds_inconsistent
&&
2165 dmu_objset_type(os
) == DMU_OST_ZFS
) {
2168 VERIFY(nvlist_alloc(&nv
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2169 if ((err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_VERSION
)) == 0 &&
2170 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_NORMALIZE
)) == 0 &&
2171 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_UTF8ONLY
)) == 0 &&
2172 (err
= nvl_add_zplprop(os
, nv
, ZFS_PROP_CASE
)) == 0)
2173 err
= put_nvlist(zc
, nv
);
2176 err
= SET_ERROR(ENOENT
);
2178 dmu_objset_rele(os
, FTAG
);
2183 dataset_name_hidden(const char *name
)
2186 * Skip over datasets that are not visible in this zone,
2187 * internal datasets (which have a $ in their name), and
2188 * temporary datasets (which have a % in their name).
2190 if (strchr(name
, '$') != NULL
)
2192 if (strchr(name
, '%') != NULL
)
2194 if (!INGLOBALZONE(curproc
) && !zone_dataset_visible(name
, NULL
))
2201 * zc_name name of filesystem
2202 * zc_cookie zap cursor
2203 * zc_nvlist_dst_size size of buffer for property nvlist
2206 * zc_name name of next filesystem
2207 * zc_cookie zap cursor
2208 * zc_objset_stats stats
2209 * zc_nvlist_dst property nvlist
2210 * zc_nvlist_dst_size size of property nvlist
2213 zfs_ioc_dataset_list_next(zfs_cmd_t
*zc
)
2218 size_t orig_len
= strlen(zc
->zc_name
);
2221 if ((error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
))) {
2222 if (error
== ENOENT
)
2223 error
= SET_ERROR(ESRCH
);
2227 p
= strrchr(zc
->zc_name
, '/');
2228 if (p
== NULL
|| p
[1] != '\0')
2229 (void) strlcat(zc
->zc_name
, "/", sizeof (zc
->zc_name
));
2230 p
= zc
->zc_name
+ strlen(zc
->zc_name
);
2233 error
= dmu_dir_list_next(os
,
2234 sizeof (zc
->zc_name
) - (p
- zc
->zc_name
), p
,
2235 NULL
, &zc
->zc_cookie
);
2236 if (error
== ENOENT
)
2237 error
= SET_ERROR(ESRCH
);
2238 } while (error
== 0 && dataset_name_hidden(zc
->zc_name
));
2239 dmu_objset_rele(os
, FTAG
);
2242 * If it's an internal dataset (ie. with a '$' in its name),
2243 * don't try to get stats for it, otherwise we'll return ENOENT.
2245 if (error
== 0 && strchr(zc
->zc_name
, '$') == NULL
) {
2246 error
= zfs_ioc_objset_stats(zc
); /* fill in the stats */
2247 if (error
== ENOENT
) {
2248 /* We lost a race with destroy, get the next one. */
2249 zc
->zc_name
[orig_len
] = '\0';
2258 * zc_name name of filesystem
2259 * zc_cookie zap cursor
2260 * zc_nvlist_dst_size size of buffer for property nvlist
2263 * zc_name name of next snapshot
2264 * zc_objset_stats stats
2265 * zc_nvlist_dst property nvlist
2266 * zc_nvlist_dst_size size of property nvlist
2269 zfs_ioc_snapshot_list_next(zfs_cmd_t
*zc
)
2274 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
2276 return (error
== ENOENT
? ESRCH
: error
);
2280 * A dataset name of maximum length cannot have any snapshots,
2281 * so exit immediately.
2283 if (strlcat(zc
->zc_name
, "@", sizeof (zc
->zc_name
)) >=
2284 ZFS_MAX_DATASET_NAME_LEN
) {
2285 dmu_objset_rele(os
, FTAG
);
2286 return (SET_ERROR(ESRCH
));
2289 error
= dmu_snapshot_list_next(os
,
2290 sizeof (zc
->zc_name
) - strlen(zc
->zc_name
),
2291 zc
->zc_name
+ strlen(zc
->zc_name
), &zc
->zc_obj
, &zc
->zc_cookie
,
2294 if (error
== 0 && !zc
->zc_simple
) {
2296 dsl_pool_t
*dp
= os
->os_dsl_dataset
->ds_dir
->dd_pool
;
2298 error
= dsl_dataset_hold_obj(dp
, zc
->zc_obj
, FTAG
, &ds
);
2302 error
= dmu_objset_from_ds(ds
, &ossnap
);
2304 error
= zfs_ioc_objset_stats_impl(zc
, ossnap
);
2305 dsl_dataset_rele(ds
, FTAG
);
2307 } else if (error
== ENOENT
) {
2308 error
= SET_ERROR(ESRCH
);
2311 dmu_objset_rele(os
, FTAG
);
2312 /* if we failed, undo the @ that we tacked on to zc_name */
2314 *strchr(zc
->zc_name
, '@') = '\0';
2319 zfs_prop_set_userquota(const char *dsname
, nvpair_t
*pair
)
2321 const char *propname
= nvpair_name(pair
);
2323 unsigned int vallen
;
2326 zfs_userquota_prop_t type
;
2332 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2334 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2335 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2337 return (SET_ERROR(EINVAL
));
2341 * A correctly constructed propname is encoded as
2342 * userquota@<rid>-<domain>.
2344 if ((dash
= strchr(propname
, '-')) == NULL
||
2345 nvpair_value_uint64_array(pair
, &valary
, &vallen
) != 0 ||
2347 return (SET_ERROR(EINVAL
));
2354 err
= zfsvfs_hold(dsname
, FTAG
, &zfsvfs
, B_FALSE
);
2356 err
= zfs_set_userquota(zfsvfs
, type
, domain
, rid
, quota
);
2357 zfsvfs_rele(zfsvfs
, FTAG
);
2364 * If the named property is one that has a special function to set its value,
2365 * return 0 on success and a positive error code on failure; otherwise if it is
2366 * not one of the special properties handled by this function, return -1.
2368 * XXX: It would be better for callers of the property interface if we handled
2369 * these special cases in dsl_prop.c (in the dsl layer).
2372 zfs_prop_set_special(const char *dsname
, zprop_source_t source
,
2375 const char *propname
= nvpair_name(pair
);
2376 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2380 if (prop
== ZPROP_INVAL
) {
2381 if (zfs_prop_userquota(propname
))
2382 return (zfs_prop_set_userquota(dsname
, pair
));
2386 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2388 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
2389 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2393 if (zfs_prop_get_type(prop
) == PROP_TYPE_STRING
)
2396 VERIFY(0 == nvpair_value_uint64(pair
, &intval
));
2399 case ZFS_PROP_QUOTA
:
2400 err
= dsl_dir_set_quota(dsname
, source
, intval
);
2402 case ZFS_PROP_REFQUOTA
:
2403 err
= dsl_dataset_set_refquota(dsname
, source
, intval
);
2405 case ZFS_PROP_FILESYSTEM_LIMIT
:
2406 case ZFS_PROP_SNAPSHOT_LIMIT
:
2407 if (intval
== UINT64_MAX
) {
2408 /* clearing the limit, just do it */
2411 err
= dsl_dir_activate_fs_ss_limit(dsname
);
2414 * Set err to -1 to force the zfs_set_prop_nvlist code down the
2415 * default path to set the value in the nvlist.
2420 case ZFS_PROP_RESERVATION
:
2421 err
= dsl_dir_set_reservation(dsname
, source
, intval
);
2423 case ZFS_PROP_REFRESERVATION
:
2424 err
= dsl_dataset_set_refreservation(dsname
, source
, intval
);
2426 case ZFS_PROP_VOLSIZE
:
2427 err
= zvol_set_volsize(dsname
, intval
);
2429 case ZFS_PROP_SNAPDEV
:
2430 err
= zvol_set_snapdev(dsname
, source
, intval
);
2432 case ZFS_PROP_VERSION
:
2436 if ((err
= zfsvfs_hold(dsname
, FTAG
, &zfsvfs
, B_TRUE
)) != 0)
2439 err
= zfs_set_version(zfsvfs
, intval
);
2440 zfsvfs_rele(zfsvfs
, FTAG
);
2442 if (err
== 0 && intval
>= ZPL_VERSION_USERSPACE
) {
2445 zc
= kmem_zalloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
2446 (void) strcpy(zc
->zc_name
, dsname
);
2447 (void) zfs_ioc_userspace_upgrade(zc
);
2448 (void) zfs_ioc_userobjspace_upgrade(zc
);
2449 kmem_free(zc
, sizeof (zfs_cmd_t
));
2461 * This function is best effort. If it fails to set any of the given properties,
2462 * it continues to set as many as it can and returns the last error
2463 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2464 * with the list of names of all the properties that failed along with the
2465 * corresponding error numbers.
2467 * If every property is set successfully, zero is returned and errlist is not
2471 zfs_set_prop_nvlist(const char *dsname
, zprop_source_t source
, nvlist_t
*nvl
,
2480 nvlist_t
*genericnvl
= fnvlist_alloc();
2481 nvlist_t
*retrynvl
= fnvlist_alloc();
2484 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2485 const char *propname
= nvpair_name(pair
);
2486 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2489 /* decode the property value */
2491 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2493 attrs
= fnvpair_value_nvlist(pair
);
2494 if (nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
2496 err
= SET_ERROR(EINVAL
);
2499 /* Validate value type */
2500 if (err
== 0 && prop
== ZPROP_INVAL
) {
2501 if (zfs_prop_user(propname
)) {
2502 if (nvpair_type(propval
) != DATA_TYPE_STRING
)
2503 err
= SET_ERROR(EINVAL
);
2504 } else if (zfs_prop_userquota(propname
)) {
2505 if (nvpair_type(propval
) !=
2506 DATA_TYPE_UINT64_ARRAY
)
2507 err
= SET_ERROR(EINVAL
);
2509 err
= SET_ERROR(EINVAL
);
2511 } else if (err
== 0) {
2512 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2513 if (zfs_prop_get_type(prop
) != PROP_TYPE_STRING
)
2514 err
= SET_ERROR(EINVAL
);
2515 } else if (nvpair_type(propval
) == DATA_TYPE_UINT64
) {
2518 intval
= fnvpair_value_uint64(propval
);
2520 switch (zfs_prop_get_type(prop
)) {
2521 case PROP_TYPE_NUMBER
:
2523 case PROP_TYPE_STRING
:
2524 err
= SET_ERROR(EINVAL
);
2526 case PROP_TYPE_INDEX
:
2527 if (zfs_prop_index_to_string(prop
,
2528 intval
, &unused
) != 0)
2529 err
= SET_ERROR(EINVAL
);
2533 "unknown property type");
2536 err
= SET_ERROR(EINVAL
);
2540 /* Validate permissions */
2542 err
= zfs_check_settable(dsname
, pair
, CRED());
2545 err
= zfs_prop_set_special(dsname
, source
, pair
);
2548 * For better performance we build up a list of
2549 * properties to set in a single transaction.
2551 err
= nvlist_add_nvpair(genericnvl
, pair
);
2552 } else if (err
!= 0 && nvl
!= retrynvl
) {
2554 * This may be a spurious error caused by
2555 * receiving quota and reservation out of order.
2556 * Try again in a second pass.
2558 err
= nvlist_add_nvpair(retrynvl
, pair
);
2563 if (errlist
!= NULL
)
2564 fnvlist_add_int32(errlist
, propname
, err
);
2569 if (nvl
!= retrynvl
&& !nvlist_empty(retrynvl
)) {
2574 if (!nvlist_empty(genericnvl
) &&
2575 dsl_props_set(dsname
, source
, genericnvl
) != 0) {
2577 * If this fails, we still want to set as many properties as we
2578 * can, so try setting them individually.
2581 while ((pair
= nvlist_next_nvpair(genericnvl
, pair
)) != NULL
) {
2582 const char *propname
= nvpair_name(pair
);
2586 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
2588 attrs
= fnvpair_value_nvlist(pair
);
2589 propval
= fnvlist_lookup_nvpair(attrs
,
2593 if (nvpair_type(propval
) == DATA_TYPE_STRING
) {
2594 strval
= fnvpair_value_string(propval
);
2595 err
= dsl_prop_set_string(dsname
, propname
,
2598 intval
= fnvpair_value_uint64(propval
);
2599 err
= dsl_prop_set_int(dsname
, propname
, source
,
2604 if (errlist
!= NULL
) {
2605 fnvlist_add_int32(errlist
, propname
,
2612 nvlist_free(genericnvl
);
2613 nvlist_free(retrynvl
);
2619 * Check that all the properties are valid user properties.
2622 zfs_check_userprops(const char *fsname
, nvlist_t
*nvl
)
2624 nvpair_t
*pair
= NULL
;
2627 while ((pair
= nvlist_next_nvpair(nvl
, pair
)) != NULL
) {
2628 const char *propname
= nvpair_name(pair
);
2630 if (!zfs_prop_user(propname
) ||
2631 nvpair_type(pair
) != DATA_TYPE_STRING
)
2632 return (SET_ERROR(EINVAL
));
2634 if ((error
= zfs_secpolicy_write_perms(fsname
,
2635 ZFS_DELEG_PERM_USERPROP
, CRED())))
2638 if (strlen(propname
) >= ZAP_MAXNAMELEN
)
2639 return (SET_ERROR(ENAMETOOLONG
));
2641 if (strlen(fnvpair_value_string(pair
)) >= ZAP_MAXVALUELEN
)
2642 return (SET_ERROR(E2BIG
));
2648 props_skip(nvlist_t
*props
, nvlist_t
*skipped
, nvlist_t
**newprops
)
2652 VERIFY(nvlist_alloc(newprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2655 while ((pair
= nvlist_next_nvpair(props
, pair
)) != NULL
) {
2656 if (nvlist_exists(skipped
, nvpair_name(pair
)))
2659 VERIFY(nvlist_add_nvpair(*newprops
, pair
) == 0);
2664 clear_received_props(const char *dsname
, nvlist_t
*props
,
2668 nvlist_t
*cleared_props
= NULL
;
2669 props_skip(props
, skipped
, &cleared_props
);
2670 if (!nvlist_empty(cleared_props
)) {
2672 * Acts on local properties until the dataset has received
2673 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2675 zprop_source_t flags
= (ZPROP_SRC_NONE
|
2676 (dsl_prop_get_hasrecvd(dsname
) ? ZPROP_SRC_RECEIVED
: 0));
2677 err
= zfs_set_prop_nvlist(dsname
, flags
, cleared_props
, NULL
);
2679 nvlist_free(cleared_props
);
2685 * zc_name name of filesystem
2686 * zc_value name of property to set
2687 * zc_nvlist_src{_size} nvlist of properties to apply
2688 * zc_cookie received properties flag
2691 * zc_nvlist_dst{_size} error for each unapplied received property
2694 zfs_ioc_set_prop(zfs_cmd_t
*zc
)
2697 boolean_t received
= zc
->zc_cookie
;
2698 zprop_source_t source
= (received
? ZPROP_SRC_RECEIVED
:
2703 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2704 zc
->zc_iflags
, &nvl
)) != 0)
2708 nvlist_t
*origprops
;
2710 if (dsl_prop_get_received(zc
->zc_name
, &origprops
) == 0) {
2711 (void) clear_received_props(zc
->zc_name
,
2713 nvlist_free(origprops
);
2716 error
= dsl_prop_set_hasrecvd(zc
->zc_name
);
2719 errors
= fnvlist_alloc();
2721 error
= zfs_set_prop_nvlist(zc
->zc_name
, source
, nvl
, errors
);
2723 if (zc
->zc_nvlist_dst
!= 0 && errors
!= NULL
) {
2724 (void) put_nvlist(zc
, errors
);
2727 nvlist_free(errors
);
2734 * zc_name name of filesystem
2735 * zc_value name of property to inherit
2736 * zc_cookie revert to received value if TRUE
2741 zfs_ioc_inherit_prop(zfs_cmd_t
*zc
)
2743 const char *propname
= zc
->zc_value
;
2744 zfs_prop_t prop
= zfs_name_to_prop(propname
);
2745 boolean_t received
= zc
->zc_cookie
;
2746 zprop_source_t source
= (received
2747 ? ZPROP_SRC_NONE
/* revert to received value, if any */
2748 : ZPROP_SRC_INHERITED
); /* explicitly inherit */
2757 * zfs_prop_set_special() expects properties in the form of an
2758 * nvpair with type info.
2760 if (prop
== ZPROP_INVAL
) {
2761 if (!zfs_prop_user(propname
))
2762 return (SET_ERROR(EINVAL
));
2764 type
= PROP_TYPE_STRING
;
2765 } else if (prop
== ZFS_PROP_VOLSIZE
||
2766 prop
== ZFS_PROP_VERSION
) {
2767 return (SET_ERROR(EINVAL
));
2769 type
= zfs_prop_get_type(prop
);
2772 VERIFY(nvlist_alloc(&dummy
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
2775 case PROP_TYPE_STRING
:
2776 VERIFY(0 == nvlist_add_string(dummy
, propname
, ""));
2778 case PROP_TYPE_NUMBER
:
2779 case PROP_TYPE_INDEX
:
2780 VERIFY(0 == nvlist_add_uint64(dummy
, propname
, 0));
2784 return (SET_ERROR(EINVAL
));
2787 pair
= nvlist_next_nvpair(dummy
, NULL
);
2790 return (SET_ERROR(EINVAL
));
2792 err
= zfs_prop_set_special(zc
->zc_name
, source
, pair
);
2795 return (err
); /* special property already handled */
2798 * Only check this in the non-received case. We want to allow
2799 * 'inherit -S' to revert non-inheritable properties like quota
2800 * and reservation to the received or default values even though
2801 * they are not considered inheritable.
2803 if (prop
!= ZPROP_INVAL
&& !zfs_prop_inheritable(prop
))
2804 return (SET_ERROR(EINVAL
));
2807 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2808 return (dsl_prop_inherit(zc
->zc_name
, zc
->zc_value
, source
));
2812 zfs_ioc_pool_set_props(zfs_cmd_t
*zc
)
2819 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2820 zc
->zc_iflags
, &props
)))
2824 * If the only property is the configfile, then just do a spa_lookup()
2825 * to handle the faulted case.
2827 pair
= nvlist_next_nvpair(props
, NULL
);
2828 if (pair
!= NULL
&& strcmp(nvpair_name(pair
),
2829 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE
)) == 0 &&
2830 nvlist_next_nvpair(props
, pair
) == NULL
) {
2831 mutex_enter(&spa_namespace_lock
);
2832 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
) {
2833 spa_configfile_set(spa
, props
, B_FALSE
);
2834 spa_config_sync(spa
, B_FALSE
, B_TRUE
);
2836 mutex_exit(&spa_namespace_lock
);
2843 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2848 error
= spa_prop_set(spa
, props
);
2851 spa_close(spa
, FTAG
);
2857 zfs_ioc_pool_get_props(zfs_cmd_t
*zc
)
2861 nvlist_t
*nvp
= NULL
;
2863 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0) {
2865 * If the pool is faulted, there may be properties we can still
2866 * get (such as altroot and cachefile), so attempt to get them
2869 mutex_enter(&spa_namespace_lock
);
2870 if ((spa
= spa_lookup(zc
->zc_name
)) != NULL
)
2871 error
= spa_prop_get(spa
, &nvp
);
2872 mutex_exit(&spa_namespace_lock
);
2874 error
= spa_prop_get(spa
, &nvp
);
2875 spa_close(spa
, FTAG
);
2878 if (error
== 0 && zc
->zc_nvlist_dst
!= 0)
2879 error
= put_nvlist(zc
, nvp
);
2881 error
= SET_ERROR(EFAULT
);
2889 * zc_name name of filesystem
2890 * zc_nvlist_src{_size} nvlist of delegated permissions
2891 * zc_perm_action allow/unallow flag
2896 zfs_ioc_set_fsacl(zfs_cmd_t
*zc
)
2899 nvlist_t
*fsaclnv
= NULL
;
2901 if ((error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
2902 zc
->zc_iflags
, &fsaclnv
)) != 0)
2906 * Verify nvlist is constructed correctly
2908 if ((error
= zfs_deleg_verify_nvlist(fsaclnv
)) != 0) {
2909 nvlist_free(fsaclnv
);
2910 return (SET_ERROR(EINVAL
));
2914 * If we don't have PRIV_SYS_MOUNT, then validate
2915 * that user is allowed to hand out each permission in
2919 error
= secpolicy_zfs(CRED());
2921 if (zc
->zc_perm_action
== B_FALSE
) {
2922 error
= dsl_deleg_can_allow(zc
->zc_name
,
2925 error
= dsl_deleg_can_unallow(zc
->zc_name
,
2931 error
= dsl_deleg_set(zc
->zc_name
, fsaclnv
, zc
->zc_perm_action
);
2933 nvlist_free(fsaclnv
);
2939 * zc_name name of filesystem
2942 * zc_nvlist_src{_size} nvlist of delegated permissions
2945 zfs_ioc_get_fsacl(zfs_cmd_t
*zc
)
2950 if ((error
= dsl_deleg_get(zc
->zc_name
, &nvp
)) == 0) {
2951 error
= put_nvlist(zc
, nvp
);
2960 zfs_create_cb(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
)
2962 zfs_creat_t
*zct
= arg
;
2964 zfs_create_fs(os
, cr
, zct
->zct_zplprops
, tx
);
2967 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2971 * os parent objset pointer (NULL if root fs)
2972 * fuids_ok fuids allowed in this version of the spa?
2973 * sa_ok SAs allowed in this version of the spa?
2974 * createprops list of properties requested by creator
2977 * zplprops values for the zplprops we attach to the master node object
2978 * is_ci true if requested file system will be purely case-insensitive
2980 * Determine the settings for utf8only, normalization and
2981 * casesensitivity. Specific values may have been requested by the
2982 * creator and/or we can inherit values from the parent dataset. If
2983 * the file system is of too early a vintage, a creator can not
2984 * request settings for these properties, even if the requested
2985 * setting is the default value. We don't actually want to create dsl
2986 * properties for these, so remove them from the source nvlist after
2990 zfs_fill_zplprops_impl(objset_t
*os
, uint64_t zplver
,
2991 boolean_t fuids_ok
, boolean_t sa_ok
, nvlist_t
*createprops
,
2992 nvlist_t
*zplprops
, boolean_t
*is_ci
)
2994 uint64_t sense
= ZFS_PROP_UNDEFINED
;
2995 uint64_t norm
= ZFS_PROP_UNDEFINED
;
2996 uint64_t u8
= ZFS_PROP_UNDEFINED
;
2999 ASSERT(zplprops
!= NULL
);
3001 if (os
!= NULL
&& os
->os_phys
->os_type
!= DMU_OST_ZFS
)
3002 return (SET_ERROR(EINVAL
));
3005 * Pull out creator prop choices, if any.
3008 (void) nvlist_lookup_uint64(createprops
,
3009 zfs_prop_to_name(ZFS_PROP_VERSION
), &zplver
);
3010 (void) nvlist_lookup_uint64(createprops
,
3011 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), &norm
);
3012 (void) nvlist_remove_all(createprops
,
3013 zfs_prop_to_name(ZFS_PROP_NORMALIZE
));
3014 (void) nvlist_lookup_uint64(createprops
,
3015 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), &u8
);
3016 (void) nvlist_remove_all(createprops
,
3017 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
));
3018 (void) nvlist_lookup_uint64(createprops
,
3019 zfs_prop_to_name(ZFS_PROP_CASE
), &sense
);
3020 (void) nvlist_remove_all(createprops
,
3021 zfs_prop_to_name(ZFS_PROP_CASE
));
3025 * If the zpl version requested is whacky or the file system
3026 * or pool is version is too "young" to support normalization
3027 * and the creator tried to set a value for one of the props,
3030 if ((zplver
< ZPL_VERSION_INITIAL
|| zplver
> ZPL_VERSION
) ||
3031 (zplver
>= ZPL_VERSION_FUID
&& !fuids_ok
) ||
3032 (zplver
>= ZPL_VERSION_SA
&& !sa_ok
) ||
3033 (zplver
< ZPL_VERSION_NORMALIZATION
&&
3034 (norm
!= ZFS_PROP_UNDEFINED
|| u8
!= ZFS_PROP_UNDEFINED
||
3035 sense
!= ZFS_PROP_UNDEFINED
)))
3036 return (SET_ERROR(ENOTSUP
));
3039 * Put the version in the zplprops
3041 VERIFY(nvlist_add_uint64(zplprops
,
3042 zfs_prop_to_name(ZFS_PROP_VERSION
), zplver
) == 0);
3044 if (norm
== ZFS_PROP_UNDEFINED
&&
3045 (error
= zfs_get_zplprop(os
, ZFS_PROP_NORMALIZE
, &norm
)) != 0)
3047 VERIFY(nvlist_add_uint64(zplprops
,
3048 zfs_prop_to_name(ZFS_PROP_NORMALIZE
), norm
) == 0);
3051 * If we're normalizing, names must always be valid UTF-8 strings.
3055 if (u8
== ZFS_PROP_UNDEFINED
&&
3056 (error
= zfs_get_zplprop(os
, ZFS_PROP_UTF8ONLY
, &u8
)) != 0)
3058 VERIFY(nvlist_add_uint64(zplprops
,
3059 zfs_prop_to_name(ZFS_PROP_UTF8ONLY
), u8
) == 0);
3061 if (sense
== ZFS_PROP_UNDEFINED
&&
3062 (error
= zfs_get_zplprop(os
, ZFS_PROP_CASE
, &sense
)) != 0)
3064 VERIFY(nvlist_add_uint64(zplprops
,
3065 zfs_prop_to_name(ZFS_PROP_CASE
), sense
) == 0);
3068 *is_ci
= (sense
== ZFS_CASE_INSENSITIVE
);
3074 zfs_fill_zplprops(const char *dataset
, nvlist_t
*createprops
,
3075 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3077 boolean_t fuids_ok
, sa_ok
;
3078 uint64_t zplver
= ZPL_VERSION
;
3079 objset_t
*os
= NULL
;
3080 char parentname
[ZFS_MAX_DATASET_NAME_LEN
];
3086 (void) strlcpy(parentname
, dataset
, sizeof (parentname
));
3087 cp
= strrchr(parentname
, '/');
3091 if ((error
= spa_open(dataset
, &spa
, FTAG
)) != 0)
3094 spa_vers
= spa_version(spa
);
3095 spa_close(spa
, FTAG
);
3097 zplver
= zfs_zpl_version_map(spa_vers
);
3098 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
3099 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
3102 * Open parent object set so we can inherit zplprop values.
3104 if ((error
= dmu_objset_hold(parentname
, FTAG
, &os
)) != 0)
3107 error
= zfs_fill_zplprops_impl(os
, zplver
, fuids_ok
, sa_ok
, createprops
,
3109 dmu_objset_rele(os
, FTAG
);
3114 zfs_fill_zplprops_root(uint64_t spa_vers
, nvlist_t
*createprops
,
3115 nvlist_t
*zplprops
, boolean_t
*is_ci
)
3119 uint64_t zplver
= ZPL_VERSION
;
3122 zplver
= zfs_zpl_version_map(spa_vers
);
3123 fuids_ok
= (zplver
>= ZPL_VERSION_FUID
);
3124 sa_ok
= (zplver
>= ZPL_VERSION_SA
);
3126 error
= zfs_fill_zplprops_impl(NULL
, zplver
, fuids_ok
, sa_ok
,
3127 createprops
, zplprops
, is_ci
);
3133 * "type" -> dmu_objset_type_t (int32)
3134 * (optional) "props" -> { prop -> value }
3137 * outnvl: propname -> error code (int32)
3140 zfs_ioc_create(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3143 zfs_creat_t zct
= { 0 };
3144 nvlist_t
*nvprops
= NULL
;
3145 void (*cbfunc
)(objset_t
*os
, void *arg
, cred_t
*cr
, dmu_tx_t
*tx
);
3147 dmu_objset_type_t type
;
3148 boolean_t is_insensitive
= B_FALSE
;
3150 if (nvlist_lookup_int32(innvl
, "type", &type32
) != 0)
3151 return (SET_ERROR(EINVAL
));
3153 (void) nvlist_lookup_nvlist(innvl
, "props", &nvprops
);
3157 cbfunc
= zfs_create_cb
;
3161 cbfunc
= zvol_create_cb
;
3168 if (strchr(fsname
, '@') ||
3169 strchr(fsname
, '%'))
3170 return (SET_ERROR(EINVAL
));
3172 zct
.zct_props
= nvprops
;
3175 return (SET_ERROR(EINVAL
));
3177 if (type
== DMU_OST_ZVOL
) {
3178 uint64_t volsize
, volblocksize
;
3180 if (nvprops
== NULL
)
3181 return (SET_ERROR(EINVAL
));
3182 if (nvlist_lookup_uint64(nvprops
,
3183 zfs_prop_to_name(ZFS_PROP_VOLSIZE
), &volsize
) != 0)
3184 return (SET_ERROR(EINVAL
));
3186 if ((error
= nvlist_lookup_uint64(nvprops
,
3187 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE
),
3188 &volblocksize
)) != 0 && error
!= ENOENT
)
3189 return (SET_ERROR(EINVAL
));
3192 volblocksize
= zfs_prop_default_numeric(
3193 ZFS_PROP_VOLBLOCKSIZE
);
3195 if ((error
= zvol_check_volblocksize(fsname
,
3196 volblocksize
)) != 0 ||
3197 (error
= zvol_check_volsize(volsize
,
3198 volblocksize
)) != 0)
3200 } else if (type
== DMU_OST_ZFS
) {
3204 * We have to have normalization and
3205 * case-folding flags correct when we do the
3206 * file system creation, so go figure them out
3209 VERIFY(nvlist_alloc(&zct
.zct_zplprops
,
3210 NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
3211 error
= zfs_fill_zplprops(fsname
, nvprops
,
3212 zct
.zct_zplprops
, &is_insensitive
);
3214 nvlist_free(zct
.zct_zplprops
);
3219 error
= dmu_objset_create(fsname
, type
,
3220 is_insensitive
? DS_FLAG_CI_DATASET
: 0, cbfunc
, &zct
);
3221 nvlist_free(zct
.zct_zplprops
);
3224 * It would be nice to do this atomically.
3227 error
= zfs_set_prop_nvlist(fsname
, ZPROP_SRC_LOCAL
,
3234 * Volumes will return EBUSY and cannot be destroyed
3235 * until all asynchronous minor handling has completed.
3236 * Wait for the spa_zvol_taskq to drain then retry.
3238 error2
= dsl_destroy_head(fsname
);
3239 while ((error2
== EBUSY
) && (type
== DMU_OST_ZVOL
)) {
3240 error2
= spa_open(fsname
, &spa
, FTAG
);
3242 taskq_wait(spa
->spa_zvol_taskq
);
3243 spa_close(spa
, FTAG
);
3245 error2
= dsl_destroy_head(fsname
);
3254 * "origin" -> name of origin snapshot
3255 * (optional) "props" -> { prop -> value }
3259 * outnvl: propname -> error code (int32)
3262 zfs_ioc_clone(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3265 nvlist_t
*nvprops
= NULL
;
3268 if (nvlist_lookup_string(innvl
, "origin", &origin_name
) != 0)
3269 return (SET_ERROR(EINVAL
));
3270 (void) nvlist_lookup_nvlist(innvl
, "props", &nvprops
);
3272 if (strchr(fsname
, '@') ||
3273 strchr(fsname
, '%'))
3274 return (SET_ERROR(EINVAL
));
3276 if (dataset_namecheck(origin_name
, NULL
, NULL
) != 0)
3277 return (SET_ERROR(EINVAL
));
3278 error
= dmu_objset_clone(fsname
, origin_name
);
3283 * It would be nice to do this atomically.
3286 error
= zfs_set_prop_nvlist(fsname
, ZPROP_SRC_LOCAL
,
3289 (void) dsl_destroy_head(fsname
);
3296 * "snaps" -> { snapshot1, snapshot2 }
3297 * (optional) "props" -> { prop -> value (string) }
3300 * outnvl: snapshot -> error code (int32)
3303 zfs_ioc_snapshot(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3306 nvlist_t
*props
= NULL
;
3308 nvpair_t
*pair
, *pair2
;
3310 (void) nvlist_lookup_nvlist(innvl
, "props", &props
);
3311 if ((error
= zfs_check_userprops(poolname
, props
)) != 0)
3314 if (!nvlist_empty(props
) &&
3315 zfs_earlier_version(poolname
, SPA_VERSION_SNAP_PROPS
))
3316 return (SET_ERROR(ENOTSUP
));
3318 if (nvlist_lookup_nvlist(innvl
, "snaps", &snaps
) != 0)
3319 return (SET_ERROR(EINVAL
));
3320 poollen
= strlen(poolname
);
3321 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
3322 pair
= nvlist_next_nvpair(snaps
, pair
)) {
3323 const char *name
= nvpair_name(pair
);
3324 const char *cp
= strchr(name
, '@');
3327 * The snap name must contain an @, and the part after it must
3328 * contain only valid characters.
3331 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
3332 return (SET_ERROR(EINVAL
));
3335 * The snap must be in the specified pool.
3337 if (strncmp(name
, poolname
, poollen
) != 0 ||
3338 (name
[poollen
] != '/' && name
[poollen
] != '@'))
3339 return (SET_ERROR(EXDEV
));
3341 /* This must be the only snap of this fs. */
3342 for (pair2
= nvlist_next_nvpair(snaps
, pair
);
3343 pair2
!= NULL
; pair2
= nvlist_next_nvpair(snaps
, pair2
)) {
3344 if (strncmp(name
, nvpair_name(pair2
), cp
- name
+ 1)
3346 return (SET_ERROR(EXDEV
));
3351 error
= dsl_dataset_snapshot(snaps
, props
, outnvl
);
3357 * innvl: "message" -> string
3361 zfs_ioc_log_history(const char *unused
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3369 * The poolname in the ioctl is not set, we get it from the TSD,
3370 * which was set at the end of the last successful ioctl that allows
3371 * logging. The secpolicy func already checked that it is set.
3372 * Only one log ioctl is allowed after each successful ioctl, so
3373 * we clear the TSD here.
3375 poolname
= tsd_get(zfs_allow_log_key
);
3376 if (poolname
== NULL
)
3377 return (SET_ERROR(EINVAL
));
3378 (void) tsd_set(zfs_allow_log_key
, NULL
);
3379 error
= spa_open(poolname
, &spa
, FTAG
);
3384 if (nvlist_lookup_string(innvl
, "message", &message
) != 0) {
3385 spa_close(spa
, FTAG
);
3386 return (SET_ERROR(EINVAL
));
3389 if (spa_version(spa
) < SPA_VERSION_ZPOOL_HISTORY
) {
3390 spa_close(spa
, FTAG
);
3391 return (SET_ERROR(ENOTSUP
));
3394 error
= spa_history_log(spa
, message
);
3395 spa_close(spa
, FTAG
);
3400 * The dp_config_rwlock must not be held when calling this, because the
3401 * unmount may need to write out data.
3403 * This function is best-effort. Callers must deal gracefully if it
3404 * remains mounted (or is remounted after this call).
3406 * Returns 0 if the argument is not a snapshot, or it is not currently a
3407 * filesystem, or we were able to unmount it. Returns error code otherwise.
3410 zfs_unmount_snap(const char *snapname
)
3414 if (strchr(snapname
, '@') == NULL
)
3417 err
= zfsctl_snapshot_unmount((char *)snapname
, MNT_FORCE
);
3418 if (err
!= 0 && err
!= ENOENT
)
3419 return (SET_ERROR(err
));
3426 zfs_unmount_snap_cb(const char *snapname
, void *arg
)
3428 return (zfs_unmount_snap(snapname
));
3432 * When a clone is destroyed, its origin may also need to be destroyed,
3433 * in which case it must be unmounted. This routine will do that unmount
3437 zfs_destroy_unmount_origin(const char *fsname
)
3443 error
= dmu_objset_hold(fsname
, FTAG
, &os
);
3446 ds
= dmu_objset_ds(os
);
3447 if (dsl_dir_is_clone(ds
->ds_dir
) && DS_IS_DEFER_DESTROY(ds
->ds_prev
)) {
3448 char originname
[ZFS_MAX_DATASET_NAME_LEN
];
3449 dsl_dataset_name(ds
->ds_prev
, originname
);
3450 dmu_objset_rele(os
, FTAG
);
3451 (void) zfs_unmount_snap(originname
);
3453 dmu_objset_rele(os
, FTAG
);
3459 * "snaps" -> { snapshot1, snapshot2 }
3460 * (optional boolean) "defer"
3463 * outnvl: snapshot -> error code (int32)
3467 zfs_ioc_destroy_snaps(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3473 if (nvlist_lookup_nvlist(innvl
, "snaps", &snaps
) != 0)
3474 return (SET_ERROR(EINVAL
));
3475 defer
= nvlist_exists(innvl
, "defer");
3477 for (pair
= nvlist_next_nvpair(snaps
, NULL
); pair
!= NULL
;
3478 pair
= nvlist_next_nvpair(snaps
, pair
)) {
3479 (void) zfs_unmount_snap(nvpair_name(pair
));
3482 return (dsl_destroy_snapshots_nvl(snaps
, defer
, outnvl
));
3486 * Create bookmarks. Bookmark names are of the form <fs>#<bmark>.
3487 * All bookmarks must be in the same pool.
3490 * bookmark1 -> snapshot1, bookmark2 -> snapshot2
3493 * outnvl: bookmark -> error code (int32)
3498 zfs_ioc_bookmark(const char *poolname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3500 nvpair_t
*pair
, *pair2
;
3502 for (pair
= nvlist_next_nvpair(innvl
, NULL
);
3503 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
3507 * Verify the snapshot argument.
3509 if (nvpair_value_string(pair
, &snap_name
) != 0)
3510 return (SET_ERROR(EINVAL
));
3513 /* Verify that the keys (bookmarks) are unique */
3514 for (pair2
= nvlist_next_nvpair(innvl
, pair
);
3515 pair2
!= NULL
; pair2
= nvlist_next_nvpair(innvl
, pair2
)) {
3516 if (strcmp(nvpair_name(pair
), nvpair_name(pair2
)) == 0)
3517 return (SET_ERROR(EINVAL
));
3521 return (dsl_bookmark_create(innvl
, outnvl
));
3526 * property 1, property 2, ...
3530 * bookmark name 1 -> { property 1, property 2, ... },
3531 * bookmark name 2 -> { property 1, property 2, ... }
3536 zfs_ioc_get_bookmarks(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
3538 return (dsl_get_bookmarks(fsname
, innvl
, outnvl
));
3543 * bookmark name 1, bookmark name 2
3546 * outnvl: bookmark -> error code (int32)
3550 zfs_ioc_destroy_bookmarks(const char *poolname
, nvlist_t
*innvl
,
3556 poollen
= strlen(poolname
);
3557 for (pair
= nvlist_next_nvpair(innvl
, NULL
);
3558 pair
!= NULL
; pair
= nvlist_next_nvpair(innvl
, pair
)) {
3559 const char *name
= nvpair_name(pair
);
3560 const char *cp
= strchr(name
, '#');
3563 * The bookmark name must contain an #, and the part after it
3564 * must contain only valid characters.
3567 zfs_component_namecheck(cp
+ 1, NULL
, NULL
) != 0)
3568 return (SET_ERROR(EINVAL
));
3571 * The bookmark must be in the specified pool.
3573 if (strncmp(name
, poolname
, poollen
) != 0 ||
3574 (name
[poollen
] != '/' && name
[poollen
] != '#'))
3575 return (SET_ERROR(EXDEV
));
3578 error
= dsl_bookmark_destroy(innvl
, outnvl
);
3584 * zc_name name of dataset to destroy
3585 * zc_objset_type type of objset
3586 * zc_defer_destroy mark for deferred destroy
3591 zfs_ioc_destroy(zfs_cmd_t
*zc
)
3595 if (zc
->zc_objset_type
== DMU_OST_ZFS
) {
3596 err
= zfs_unmount_snap(zc
->zc_name
);
3601 if (strchr(zc
->zc_name
, '@')) {
3602 err
= dsl_destroy_snapshot(zc
->zc_name
, zc
->zc_defer_destroy
);
3604 err
= dsl_destroy_head(zc
->zc_name
);
3605 if (err
== EEXIST
) {
3607 * It is possible that the given DS may have
3608 * hidden child (%recv) datasets - "leftovers"
3609 * resulting from the previously interrupted
3612 * 6 extra bytes for /%recv
3614 char namebuf
[ZFS_MAX_DATASET_NAME_LEN
+ 6];
3616 (void) snprintf(namebuf
, sizeof (namebuf
),
3617 "%s/%s", zc
->zc_name
, recv_clone_name
);
3620 * Try to remove the hidden child (%recv) and after
3621 * that try to remove the target dataset.
3622 * If the hidden child (%recv) does not exist
3623 * the original error (EEXIST) will be returned
3625 err
= dsl_destroy_head(namebuf
);
3627 err
= dsl_destroy_head(zc
->zc_name
);
3628 else if (err
== ENOENT
)
3637 * fsname is name of dataset to rollback (to most recent snapshot)
3639 * innvl is not used.
3641 * outnvl: "target" -> name of most recent snapshot
3646 zfs_ioc_rollback(const char *fsname
, nvlist_t
*args
, nvlist_t
*outnvl
)
3652 if (getzfsvfs(fsname
, &zfsvfs
) == 0) {
3655 ds
= dmu_objset_ds(zfsvfs
->z_os
);
3656 error
= zfs_suspend_fs(zfsvfs
);
3660 error
= dsl_dataset_rollback(fsname
, zfsvfs
, outnvl
);
3661 resume_err
= zfs_resume_fs(zfsvfs
, ds
);
3662 error
= error
? error
: resume_err
;
3664 deactivate_super(zfsvfs
->z_sb
);
3665 } else if ((zv
= zvol_suspend(fsname
)) != NULL
) {
3666 error
= dsl_dataset_rollback(fsname
, zvol_tag(zv
), outnvl
);
3669 error
= dsl_dataset_rollback(fsname
, NULL
, outnvl
);
3675 recursive_unmount(const char *fsname
, void *arg
)
3677 const char *snapname
= arg
;
3681 fullname
= kmem_asprintf("%s@%s", fsname
, snapname
);
3682 error
= zfs_unmount_snap(fullname
);
3690 * zc_name old name of dataset
3691 * zc_value new name of dataset
3692 * zc_cookie recursive flag (only valid for snapshots)
3697 zfs_ioc_rename(zfs_cmd_t
*zc
)
3699 boolean_t recursive
= zc
->zc_cookie
& 1;
3702 zc
->zc_value
[sizeof (zc
->zc_value
) - 1] = '\0';
3703 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
3704 strchr(zc
->zc_value
, '%'))
3705 return (SET_ERROR(EINVAL
));
3707 at
= strchr(zc
->zc_name
, '@');
3709 /* snaps must be in same fs */
3712 if (strncmp(zc
->zc_name
, zc
->zc_value
, at
- zc
->zc_name
+ 1))
3713 return (SET_ERROR(EXDEV
));
3715 if (zc
->zc_objset_type
== DMU_OST_ZFS
) {
3716 error
= dmu_objset_find(zc
->zc_name
,
3717 recursive_unmount
, at
+ 1,
3718 recursive
? DS_FIND_CHILDREN
: 0);
3724 error
= dsl_dataset_rename_snapshot(zc
->zc_name
,
3725 at
+ 1, strchr(zc
->zc_value
, '@') + 1, recursive
);
3730 return (dsl_dir_rename(zc
->zc_name
, zc
->zc_value
));
3735 zfs_check_settable(const char *dsname
, nvpair_t
*pair
, cred_t
*cr
)
3737 const char *propname
= nvpair_name(pair
);
3738 boolean_t issnap
= (strchr(dsname
, '@') != NULL
);
3739 zfs_prop_t prop
= zfs_name_to_prop(propname
);
3743 if (prop
== ZPROP_INVAL
) {
3744 if (zfs_prop_user(propname
)) {
3745 if ((err
= zfs_secpolicy_write_perms(dsname
,
3746 ZFS_DELEG_PERM_USERPROP
, cr
)))
3751 if (!issnap
&& zfs_prop_userquota(propname
)) {
3752 const char *perm
= NULL
;
3753 const char *uq_prefix
=
3754 zfs_userquota_prop_prefixes
[ZFS_PROP_USERQUOTA
];
3755 const char *gq_prefix
=
3756 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPQUOTA
];
3757 const char *uiq_prefix
=
3758 zfs_userquota_prop_prefixes
[ZFS_PROP_USEROBJQUOTA
];
3759 const char *giq_prefix
=
3760 zfs_userquota_prop_prefixes
[ZFS_PROP_GROUPOBJQUOTA
];
3762 if (strncmp(propname
, uq_prefix
,
3763 strlen(uq_prefix
)) == 0) {
3764 perm
= ZFS_DELEG_PERM_USERQUOTA
;
3765 } else if (strncmp(propname
, uiq_prefix
,
3766 strlen(uiq_prefix
)) == 0) {
3767 perm
= ZFS_DELEG_PERM_USEROBJQUOTA
;
3768 } else if (strncmp(propname
, gq_prefix
,
3769 strlen(gq_prefix
)) == 0) {
3770 perm
= ZFS_DELEG_PERM_GROUPQUOTA
;
3771 } else if (strncmp(propname
, giq_prefix
,
3772 strlen(giq_prefix
)) == 0) {
3773 perm
= ZFS_DELEG_PERM_GROUPOBJQUOTA
;
3775 /* USERUSED and GROUPUSED are read-only */
3776 return (SET_ERROR(EINVAL
));
3779 if ((err
= zfs_secpolicy_write_perms(dsname
, perm
, cr
)))
3784 return (SET_ERROR(EINVAL
));
3788 return (SET_ERROR(EINVAL
));
3790 if (nvpair_type(pair
) == DATA_TYPE_NVLIST
) {
3792 * dsl_prop_get_all_impl() returns properties in this
3796 VERIFY(nvpair_value_nvlist(pair
, &attrs
) == 0);
3797 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
3802 * Check that this value is valid for this pool version
3805 case ZFS_PROP_COMPRESSION
:
3807 * If the user specified gzip compression, make sure
3808 * the SPA supports it. We ignore any errors here since
3809 * we'll catch them later.
3811 if (nvpair_value_uint64(pair
, &intval
) == 0) {
3812 if (intval
>= ZIO_COMPRESS_GZIP_1
&&
3813 intval
<= ZIO_COMPRESS_GZIP_9
&&
3814 zfs_earlier_version(dsname
,
3815 SPA_VERSION_GZIP_COMPRESSION
)) {
3816 return (SET_ERROR(ENOTSUP
));
3819 if (intval
== ZIO_COMPRESS_ZLE
&&
3820 zfs_earlier_version(dsname
,
3821 SPA_VERSION_ZLE_COMPRESSION
))
3822 return (SET_ERROR(ENOTSUP
));
3824 if (intval
== ZIO_COMPRESS_LZ4
) {
3827 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
3830 if (!spa_feature_is_enabled(spa
,
3831 SPA_FEATURE_LZ4_COMPRESS
)) {
3832 spa_close(spa
, FTAG
);
3833 return (SET_ERROR(ENOTSUP
));
3835 spa_close(spa
, FTAG
);
3839 * If this is a bootable dataset then
3840 * verify that the compression algorithm
3841 * is supported for booting. We must return
3842 * something other than ENOTSUP since it
3843 * implies a downrev pool version.
3845 if (zfs_is_bootfs(dsname
) &&
3846 !BOOTFS_COMPRESS_VALID(intval
)) {
3847 return (SET_ERROR(ERANGE
));
3852 case ZFS_PROP_COPIES
:
3853 if (zfs_earlier_version(dsname
, SPA_VERSION_DITTO_BLOCKS
))
3854 return (SET_ERROR(ENOTSUP
));
3857 case ZFS_PROP_VOLBLOCKSIZE
:
3858 case ZFS_PROP_RECORDSIZE
:
3859 /* Record sizes above 128k need the feature to be enabled */
3860 if (nvpair_value_uint64(pair
, &intval
) == 0 &&
3861 intval
> SPA_OLD_MAXBLOCKSIZE
) {
3865 * We don't allow setting the property above 1MB,
3866 * unless the tunable has been changed.
3868 if (intval
> zfs_max_recordsize
||
3869 intval
> SPA_MAXBLOCKSIZE
)
3870 return (SET_ERROR(ERANGE
));
3872 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
3875 if (!spa_feature_is_enabled(spa
,
3876 SPA_FEATURE_LARGE_BLOCKS
)) {
3877 spa_close(spa
, FTAG
);
3878 return (SET_ERROR(ENOTSUP
));
3880 spa_close(spa
, FTAG
);
3884 case ZFS_PROP_DNODESIZE
:
3885 /* Dnode sizes above 512 need the feature to be enabled */
3886 if (nvpair_value_uint64(pair
, &intval
) == 0 &&
3887 intval
!= ZFS_DNSIZE_LEGACY
) {
3891 * If this is a bootable dataset then
3892 * we don't allow large (>512B) dnodes,
3893 * because GRUB doesn't support them.
3895 if (zfs_is_bootfs(dsname
) &&
3896 intval
!= ZFS_DNSIZE_LEGACY
) {
3897 return (SET_ERROR(EDOM
));
3900 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
3903 if (!spa_feature_is_enabled(spa
,
3904 SPA_FEATURE_LARGE_DNODE
)) {
3905 spa_close(spa
, FTAG
);
3906 return (SET_ERROR(ENOTSUP
));
3908 spa_close(spa
, FTAG
);
3912 case ZFS_PROP_SHARESMB
:
3913 if (zpl_earlier_version(dsname
, ZPL_VERSION_FUID
))
3914 return (SET_ERROR(ENOTSUP
));
3917 case ZFS_PROP_ACLINHERIT
:
3918 if (nvpair_type(pair
) == DATA_TYPE_UINT64
&&
3919 nvpair_value_uint64(pair
, &intval
) == 0) {
3920 if (intval
== ZFS_ACL_PASSTHROUGH_X
&&
3921 zfs_earlier_version(dsname
,
3922 SPA_VERSION_PASSTHROUGH_X
))
3923 return (SET_ERROR(ENOTSUP
));
3926 case ZFS_PROP_CHECKSUM
:
3927 case ZFS_PROP_DEDUP
:
3929 spa_feature_t feature
;
3934 /* dedup feature version checks */
3935 if (prop
== ZFS_PROP_DEDUP
&&
3936 zfs_earlier_version(dsname
, SPA_VERSION_DEDUP
))
3937 return (SET_ERROR(ENOTSUP
));
3939 if (nvpair_value_uint64(pair
, &intval
) != 0)
3940 return (SET_ERROR(EINVAL
));
3942 /* check prop value is enabled in features */
3943 feature
= zio_checksum_to_feature(intval
& ZIO_CHECKSUM_MASK
);
3944 if (feature
== SPA_FEATURE_NONE
)
3947 if ((err
= spa_open(dsname
, &spa
, FTAG
)) != 0)
3950 * Salted checksums are not supported on root pools.
3952 if (spa_bootfs(spa
) != 0 &&
3953 intval
< ZIO_CHECKSUM_FUNCTIONS
&&
3954 (zio_checksum_table
[intval
].ci_flags
&
3955 ZCHECKSUM_FLAG_SALTED
)) {
3956 spa_close(spa
, FTAG
);
3957 return (SET_ERROR(ERANGE
));
3959 if (!spa_feature_is_enabled(spa
, feature
)) {
3960 spa_close(spa
, FTAG
);
3961 return (SET_ERROR(ENOTSUP
));
3963 spa_close(spa
, FTAG
);
3971 return (zfs_secpolicy_setprop(dsname
, prop
, pair
, CRED()));
3975 * Removes properties from the given props list that fail permission checks
3976 * needed to clear them and to restore them in case of a receive error. For each
3977 * property, make sure we have both set and inherit permissions.
3979 * Returns the first error encountered if any permission checks fail. If the
3980 * caller provides a non-NULL errlist, it also gives the complete list of names
3981 * of all the properties that failed a permission check along with the
3982 * corresponding error numbers. The caller is responsible for freeing the
3985 * If every property checks out successfully, zero is returned and the list
3986 * pointed at by errlist is NULL.
3989 zfs_check_clearable(char *dataset
, nvlist_t
*props
, nvlist_t
**errlist
)
3992 nvpair_t
*pair
, *next_pair
;
3999 VERIFY(nvlist_alloc(&errors
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
4001 zc
= kmem_alloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
4002 (void) strlcpy(zc
->zc_name
, dataset
, sizeof (zc
->zc_name
));
4003 pair
= nvlist_next_nvpair(props
, NULL
);
4004 while (pair
!= NULL
) {
4005 next_pair
= nvlist_next_nvpair(props
, pair
);
4007 (void) strlcpy(zc
->zc_value
, nvpair_name(pair
),
4008 sizeof (zc
->zc_value
));
4009 if ((err
= zfs_check_settable(dataset
, pair
, CRED())) != 0 ||
4010 (err
= zfs_secpolicy_inherit_prop(zc
, NULL
, CRED())) != 0) {
4011 VERIFY(nvlist_remove_nvpair(props
, pair
) == 0);
4012 VERIFY(nvlist_add_int32(errors
,
4013 zc
->zc_value
, err
) == 0);
4017 kmem_free(zc
, sizeof (zfs_cmd_t
));
4019 if ((pair
= nvlist_next_nvpair(errors
, NULL
)) == NULL
) {
4020 nvlist_free(errors
);
4023 VERIFY(nvpair_value_int32(pair
, &rv
) == 0);
4026 if (errlist
== NULL
)
4027 nvlist_free(errors
);
4035 propval_equals(nvpair_t
*p1
, nvpair_t
*p2
)
4037 if (nvpair_type(p1
) == DATA_TYPE_NVLIST
) {
4038 /* dsl_prop_get_all_impl() format */
4040 VERIFY(nvpair_value_nvlist(p1
, &attrs
) == 0);
4041 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4045 if (nvpair_type(p2
) == DATA_TYPE_NVLIST
) {
4047 VERIFY(nvpair_value_nvlist(p2
, &attrs
) == 0);
4048 VERIFY(nvlist_lookup_nvpair(attrs
, ZPROP_VALUE
,
4052 if (nvpair_type(p1
) != nvpair_type(p2
))
4055 if (nvpair_type(p1
) == DATA_TYPE_STRING
) {
4056 char *valstr1
, *valstr2
;
4058 VERIFY(nvpair_value_string(p1
, (char **)&valstr1
) == 0);
4059 VERIFY(nvpair_value_string(p2
, (char **)&valstr2
) == 0);
4060 return (strcmp(valstr1
, valstr2
) == 0);
4062 uint64_t intval1
, intval2
;
4064 VERIFY(nvpair_value_uint64(p1
, &intval1
) == 0);
4065 VERIFY(nvpair_value_uint64(p2
, &intval2
) == 0);
4066 return (intval1
== intval2
);
4071 * Remove properties from props if they are not going to change (as determined
4072 * by comparison with origprops). Remove them from origprops as well, since we
4073 * do not need to clear or restore properties that won't change.
4076 props_reduce(nvlist_t
*props
, nvlist_t
*origprops
)
4078 nvpair_t
*pair
, *next_pair
;
4080 if (origprops
== NULL
)
4081 return; /* all props need to be received */
4083 pair
= nvlist_next_nvpair(props
, NULL
);
4084 while (pair
!= NULL
) {
4085 const char *propname
= nvpair_name(pair
);
4088 next_pair
= nvlist_next_nvpair(props
, pair
);
4090 if ((nvlist_lookup_nvpair(origprops
, propname
,
4091 &match
) != 0) || !propval_equals(pair
, match
))
4092 goto next
; /* need to set received value */
4094 /* don't clear the existing received value */
4095 (void) nvlist_remove_nvpair(origprops
, match
);
4096 /* don't bother receiving the property */
4097 (void) nvlist_remove_nvpair(props
, pair
);
4104 * Extract properties that cannot be set PRIOR to the receipt of a dataset.
4105 * For example, refquota cannot be set until after the receipt of a dataset,
4106 * because in replication streams, an older/earlier snapshot may exceed the
4107 * refquota. We want to receive the older/earlier snapshot, but setting
4108 * refquota pre-receipt will set the dsl's ACTUAL quota, which will prevent
4109 * the older/earlier snapshot from being received (with EDQUOT).
4111 * The ZFS test "zfs_receive_011_pos" demonstrates such a scenario.
4113 * libzfs will need to be judicious handling errors encountered by props
4114 * extracted by this function.
4117 extract_delay_props(nvlist_t
*props
)
4119 nvlist_t
*delayprops
;
4120 nvpair_t
*nvp
, *tmp
;
4121 static const zfs_prop_t delayable
[] = { ZFS_PROP_REFQUOTA
, 0 };
4124 VERIFY(nvlist_alloc(&delayprops
, NV_UNIQUE_NAME
, KM_SLEEP
) == 0);
4126 for (nvp
= nvlist_next_nvpair(props
, NULL
); nvp
!= NULL
;
4127 nvp
= nvlist_next_nvpair(props
, nvp
)) {
4129 * strcmp() is safe because zfs_prop_to_name() always returns
4132 for (i
= 0; delayable
[i
] != 0; i
++) {
4133 if (strcmp(zfs_prop_to_name(delayable
[i
]),
4134 nvpair_name(nvp
)) == 0) {
4138 if (delayable
[i
] != 0) {
4139 tmp
= nvlist_prev_nvpair(props
, nvp
);
4140 VERIFY(nvlist_add_nvpair(delayprops
, nvp
) == 0);
4141 VERIFY(nvlist_remove_nvpair(props
, nvp
) == 0);
4146 if (nvlist_empty(delayprops
)) {
4147 nvlist_free(delayprops
);
4150 return (delayprops
);
4154 static boolean_t zfs_ioc_recv_inject_err
;
4158 * nvlist 'errors' is always allocated. It will contain descriptions of
4159 * encountered errors, if any. It's the callers responsibility to free.
4162 zfs_ioc_recv_impl(char *tofs
, char *tosnap
, char *origin
,
4163 nvlist_t
*props
, boolean_t force
, boolean_t resumable
, int input_fd
,
4164 dmu_replay_record_t
*begin_record
, int cleanup_fd
, uint64_t *read_bytes
,
4165 uint64_t *errflags
, uint64_t *action_handle
, nvlist_t
**errors
)
4167 dmu_recv_cookie_t drc
;
4169 int props_error
= 0;
4171 nvlist_t
*delayprops
= NULL
; /* sent properties applied post-receive */
4172 nvlist_t
*origprops
= NULL
; /* existing properties */
4173 boolean_t first_recvd_props
= B_FALSE
;
4178 *errors
= fnvlist_alloc();
4180 input_fp
= getf(input_fd
);
4181 if (input_fp
== NULL
)
4182 return (SET_ERROR(EBADF
));
4184 error
= dmu_recv_begin(tofs
, tosnap
,
4185 begin_record
, force
, resumable
, origin
, &drc
);
4190 * Set properties before we receive the stream so that they are applied
4191 * to the new data. Note that we must call dmu_recv_stream() if
4192 * dmu_recv_begin() succeeds.
4194 if (props
!= NULL
&& !drc
.drc_newfs
) {
4195 if (spa_version(dsl_dataset_get_spa(drc
.drc_ds
)) >=
4196 SPA_VERSION_RECVD_PROPS
&&
4197 !dsl_prop_get_hasrecvd(tofs
))
4198 first_recvd_props
= B_TRUE
;
4201 * If new received properties are supplied, they are to
4202 * completely replace the existing received properties, so stash
4203 * away the existing ones.
4205 if (dsl_prop_get_received(tofs
, &origprops
) == 0) {
4206 nvlist_t
*errlist
= NULL
;
4208 * Don't bother writing a property if its value won't
4209 * change (and avoid the unnecessary security checks).
4211 * The first receive after SPA_VERSION_RECVD_PROPS is a
4212 * special case where we blow away all local properties
4215 if (!first_recvd_props
)
4216 props_reduce(props
, origprops
);
4217 if (zfs_check_clearable(tofs
, origprops
, &errlist
) != 0)
4218 (void) nvlist_merge(*errors
, errlist
, 0);
4219 nvlist_free(errlist
);
4221 if (clear_received_props(tofs
, origprops
,
4222 first_recvd_props
? NULL
: props
) != 0)
4223 *errflags
|= ZPROP_ERR_NOCLEAR
;
4225 *errflags
|= ZPROP_ERR_NOCLEAR
;
4229 if (props
!= NULL
) {
4230 props_error
= dsl_prop_set_hasrecvd(tofs
);
4232 if (props_error
== 0) {
4233 delayprops
= extract_delay_props(props
);
4234 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
4239 off
= input_fp
->f_offset
;
4240 error
= dmu_recv_stream(&drc
, input_fp
->f_vnode
, &off
, cleanup_fd
,
4244 zfsvfs_t
*zfsvfs
= NULL
;
4245 zvol_state_t
*zv
= NULL
;
4247 if (getzfsvfs(tofs
, &zfsvfs
) == 0) {
4252 ds
= dmu_objset_ds(zfsvfs
->z_os
);
4253 error
= zfs_suspend_fs(zfsvfs
);
4255 * If the suspend fails, then the recv_end will
4256 * likely also fail, and clean up after itself.
4258 end_err
= dmu_recv_end(&drc
, zfsvfs
);
4260 error
= zfs_resume_fs(zfsvfs
, ds
);
4261 error
= error
? error
: end_err
;
4262 deactivate_super(zfsvfs
->z_sb
);
4263 } else if ((zv
= zvol_suspend(tofs
)) != NULL
) {
4264 error
= dmu_recv_end(&drc
, zvol_tag(zv
));
4267 error
= dmu_recv_end(&drc
, NULL
);
4270 /* Set delayed properties now, after we're done receiving. */
4271 if (delayprops
!= NULL
&& error
== 0) {
4272 (void) zfs_set_prop_nvlist(tofs
, ZPROP_SRC_RECEIVED
,
4273 delayprops
, *errors
);
4277 if (delayprops
!= NULL
) {
4279 * Merge delayed props back in with initial props, in case
4280 * we're DEBUG and zfs_ioc_recv_inject_err is set (which means
4281 * we have to make sure clear_received_props() includes
4282 * the delayed properties).
4284 * Since zfs_ioc_recv_inject_err is only in DEBUG kernels,
4285 * using ASSERT() will be just like a VERIFY.
4287 ASSERT(nvlist_merge(props
, delayprops
, 0) == 0);
4288 nvlist_free(delayprops
);
4292 *read_bytes
= off
- input_fp
->f_offset
;
4293 if (VOP_SEEK(input_fp
->f_vnode
, input_fp
->f_offset
, &off
, NULL
) == 0)
4294 input_fp
->f_offset
= off
;
4297 if (zfs_ioc_recv_inject_err
) {
4298 zfs_ioc_recv_inject_err
= B_FALSE
;
4304 * On error, restore the original props.
4306 if (error
!= 0 && props
!= NULL
&& !drc
.drc_newfs
) {
4307 if (clear_received_props(tofs
, props
, NULL
) != 0) {
4309 * We failed to clear the received properties.
4310 * Since we may have left a $recvd value on the
4311 * system, we can't clear the $hasrecvd flag.
4313 *errflags
|= ZPROP_ERR_NORESTORE
;
4314 } else if (first_recvd_props
) {
4315 dsl_prop_unset_hasrecvd(tofs
);
4318 if (origprops
== NULL
&& !drc
.drc_newfs
) {
4319 /* We failed to stash the original properties. */
4320 *errflags
|= ZPROP_ERR_NORESTORE
;
4324 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4325 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4326 * explicitly if we're restoring local properties cleared in the
4327 * first new-style receive.
4329 if (origprops
!= NULL
&&
4330 zfs_set_prop_nvlist(tofs
, (first_recvd_props
?
4331 ZPROP_SRC_LOCAL
: ZPROP_SRC_RECEIVED
),
4332 origprops
, NULL
) != 0) {
4334 * We stashed the original properties but failed to
4337 *errflags
|= ZPROP_ERR_NORESTORE
;
4342 nvlist_free(origprops
);
4345 error
= props_error
;
4352 * zc_name name of containing filesystem (unused)
4353 * zc_nvlist_src{_size} nvlist of properties to apply
4354 * zc_value name of snapshot to create
4355 * zc_string name of clone origin (if DRR_FLAG_CLONE)
4356 * zc_cookie file descriptor to recv from
4357 * zc_begin_record the BEGIN record of the stream (not byteswapped)
4358 * zc_guid force flag
4359 * zc_cleanup_fd cleanup-on-exit file descriptor
4360 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
4363 * zc_cookie number of bytes read
4364 * zc_obj zprop_errflags_t
4365 * zc_action_handle handle for this guid/ds mapping
4366 * zc_nvlist_dst{_size} error for each unapplied received property
4369 zfs_ioc_recv(zfs_cmd_t
*zc
)
4371 dmu_replay_record_t begin_record
;
4372 nvlist_t
*errors
= NULL
;
4373 nvlist_t
*props
= NULL
;
4374 char *origin
= NULL
;
4376 char tofs
[ZFS_MAX_DATASET_NAME_LEN
];
4379 if (dataset_namecheck(zc
->zc_value
, NULL
, NULL
) != 0 ||
4380 strchr(zc
->zc_value
, '@') == NULL
||
4381 strchr(zc
->zc_value
, '%'))
4382 return (SET_ERROR(EINVAL
));
4384 (void) strlcpy(tofs
, zc
->zc_value
, sizeof (tofs
));
4385 tosnap
= strchr(tofs
, '@');
4388 if (zc
->zc_nvlist_src
!= 0 &&
4389 (error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
4390 zc
->zc_iflags
, &props
)) != 0)
4393 if (zc
->zc_string
[0])
4394 origin
= zc
->zc_string
;
4396 begin_record
.drr_type
= DRR_BEGIN
;
4397 begin_record
.drr_payloadlen
= 0;
4398 begin_record
.drr_u
.drr_begin
= zc
->zc_begin_record
;
4400 error
= zfs_ioc_recv_impl(tofs
, tosnap
, origin
, props
, zc
->zc_guid
,
4401 B_FALSE
, zc
->zc_cookie
, &begin_record
, zc
->zc_cleanup_fd
,
4402 &zc
->zc_cookie
, &zc
->zc_obj
, &zc
->zc_action_handle
, &errors
);
4406 * Now that all props, initial and delayed, are set, report the prop
4407 * errors to the caller.
4409 if (zc
->zc_nvlist_dst_size
!= 0 && errors
!= NULL
&&
4410 (nvlist_smush(errors
, zc
->zc_nvlist_dst_size
) != 0 ||
4411 put_nvlist(zc
, errors
) != 0)) {
4413 * Caller made zc->zc_nvlist_dst less than the minimum expected
4414 * size or supplied an invalid address.
4416 error
= SET_ERROR(EINVAL
);
4419 nvlist_free(errors
);
4426 * "snapname" -> full name of the snapshot to create
4427 * (optional) "props" -> properties to set (nvlist)
4428 * (optional) "origin" -> name of clone origin (DRR_FLAG_CLONE)
4429 * "begin_record" -> non-byteswapped dmu_replay_record_t
4430 * "input_fd" -> file descriptor to read stream from (int32)
4431 * (optional) "force" -> force flag (value ignored)
4432 * (optional) "resumable" -> resumable flag (value ignored)
4433 * (optional) "cleanup_fd" -> cleanup-on-exit file descriptor
4434 * (optional) "action_handle" -> handle for this guid/ds mapping
4438 * "read_bytes" -> number of bytes read
4439 * "error_flags" -> zprop_errflags_t
4440 * "action_handle" -> handle for this guid/ds mapping
4441 * "errors" -> error for each unapplied received property (nvlist)
4445 zfs_ioc_recv_new(const char *fsname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
4447 dmu_replay_record_t
*begin_record
;
4448 uint_t begin_record_size
;
4449 nvlist_t
*errors
= NULL
;
4450 nvlist_t
*props
= NULL
;
4451 char *snapname
= NULL
;
4452 char *origin
= NULL
;
4454 char tofs
[ZFS_MAX_DATASET_NAME_LEN
];
4456 boolean_t resumable
;
4457 uint64_t action_handle
= 0;
4458 uint64_t read_bytes
= 0;
4459 uint64_t errflags
= 0;
4461 int cleanup_fd
= -1;
4464 error
= nvlist_lookup_string(innvl
, "snapname", &snapname
);
4466 return (SET_ERROR(EINVAL
));
4468 if (dataset_namecheck(snapname
, NULL
, NULL
) != 0 ||
4469 strchr(snapname
, '@') == NULL
||
4470 strchr(snapname
, '%'))
4471 return (SET_ERROR(EINVAL
));
4473 (void) strcpy(tofs
, snapname
);
4474 tosnap
= strchr(tofs
, '@');
4477 error
= nvlist_lookup_string(innvl
, "origin", &origin
);
4478 if (error
&& error
!= ENOENT
)
4481 error
= nvlist_lookup_byte_array(innvl
, "begin_record",
4482 (uchar_t
**)&begin_record
, &begin_record_size
);
4483 if (error
!= 0 || begin_record_size
!= sizeof (*begin_record
))
4484 return (SET_ERROR(EINVAL
));
4486 error
= nvlist_lookup_int32(innvl
, "input_fd", &input_fd
);
4488 return (SET_ERROR(EINVAL
));
4490 force
= nvlist_exists(innvl
, "force");
4491 resumable
= nvlist_exists(innvl
, "resumable");
4493 error
= nvlist_lookup_int32(innvl
, "cleanup_fd", &cleanup_fd
);
4494 if (error
&& error
!= ENOENT
)
4497 error
= nvlist_lookup_uint64(innvl
, "action_handle", &action_handle
);
4498 if (error
&& error
!= ENOENT
)
4501 error
= nvlist_lookup_nvlist(innvl
, "props", &props
);
4502 if (error
&& error
!= ENOENT
)
4505 error
= zfs_ioc_recv_impl(tofs
, tosnap
, origin
, props
, force
,
4506 resumable
, input_fd
, begin_record
, cleanup_fd
, &read_bytes
,
4507 &errflags
, &action_handle
, &errors
);
4509 fnvlist_add_uint64(outnvl
, "read_bytes", read_bytes
);
4510 fnvlist_add_uint64(outnvl
, "error_flags", errflags
);
4511 fnvlist_add_uint64(outnvl
, "action_handle", action_handle
);
4512 fnvlist_add_nvlist(outnvl
, "errors", errors
);
4514 nvlist_free(errors
);
4522 * zc_name name of snapshot to send
4523 * zc_cookie file descriptor to send stream to
4524 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4525 * zc_sendobj objsetid of snapshot to send
4526 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4527 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4528 * output size in zc_objset_type.
4529 * zc_flags lzc_send_flags
4532 * zc_objset_type estimated size, if zc_guid is set
4535 zfs_ioc_send(zfs_cmd_t
*zc
)
4539 boolean_t estimate
= (zc
->zc_guid
!= 0);
4540 boolean_t embedok
= (zc
->zc_flags
& 0x1);
4541 boolean_t large_block_ok
= (zc
->zc_flags
& 0x2);
4542 boolean_t compressok
= (zc
->zc_flags
& 0x4);
4544 if (zc
->zc_obj
!= 0) {
4546 dsl_dataset_t
*tosnap
;
4548 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
4552 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &tosnap
);
4554 dsl_pool_rele(dp
, FTAG
);
4558 if (dsl_dir_is_clone(tosnap
->ds_dir
))
4560 dsl_dir_phys(tosnap
->ds_dir
)->dd_origin_obj
;
4561 dsl_dataset_rele(tosnap
, FTAG
);
4562 dsl_pool_rele(dp
, FTAG
);
4567 dsl_dataset_t
*tosnap
;
4568 dsl_dataset_t
*fromsnap
= NULL
;
4570 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
4574 error
= dsl_dataset_hold_obj(dp
, zc
->zc_sendobj
, FTAG
, &tosnap
);
4576 dsl_pool_rele(dp
, FTAG
);
4580 if (zc
->zc_fromobj
!= 0) {
4581 error
= dsl_dataset_hold_obj(dp
, zc
->zc_fromobj
,
4584 dsl_dataset_rele(tosnap
, FTAG
);
4585 dsl_pool_rele(dp
, FTAG
);
4590 error
= dmu_send_estimate(tosnap
, fromsnap
, compressok
,
4591 &zc
->zc_objset_type
);
4593 if (fromsnap
!= NULL
)
4594 dsl_dataset_rele(fromsnap
, FTAG
);
4595 dsl_dataset_rele(tosnap
, FTAG
);
4596 dsl_pool_rele(dp
, FTAG
);
4598 file_t
*fp
= getf(zc
->zc_cookie
);
4600 return (SET_ERROR(EBADF
));
4603 error
= dmu_send_obj(zc
->zc_name
, zc
->zc_sendobj
,
4604 zc
->zc_fromobj
, embedok
, large_block_ok
, compressok
,
4605 zc
->zc_cookie
, fp
->f_vnode
, &off
);
4607 if (VOP_SEEK(fp
->f_vnode
, fp
->f_offset
, &off
, NULL
) == 0)
4609 releasef(zc
->zc_cookie
);
4616 * zc_name name of snapshot on which to report progress
4617 * zc_cookie file descriptor of send stream
4620 * zc_cookie number of bytes written in send stream thus far
4623 zfs_ioc_send_progress(zfs_cmd_t
*zc
)
4627 dmu_sendarg_t
*dsp
= NULL
;
4630 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
4634 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &ds
);
4636 dsl_pool_rele(dp
, FTAG
);
4640 mutex_enter(&ds
->ds_sendstream_lock
);
4643 * Iterate over all the send streams currently active on this dataset.
4644 * If there's one which matches the specified file descriptor _and_ the
4645 * stream was started by the current process, return the progress of
4649 for (dsp
= list_head(&ds
->ds_sendstreams
); dsp
!= NULL
;
4650 dsp
= list_next(&ds
->ds_sendstreams
, dsp
)) {
4651 if (dsp
->dsa_outfd
== zc
->zc_cookie
&&
4652 dsp
->dsa_proc
->group_leader
== curproc
->group_leader
)
4657 zc
->zc_cookie
= *(dsp
->dsa_off
);
4659 error
= SET_ERROR(ENOENT
);
4661 mutex_exit(&ds
->ds_sendstream_lock
);
4662 dsl_dataset_rele(ds
, FTAG
);
4663 dsl_pool_rele(dp
, FTAG
);
4668 zfs_ioc_inject_fault(zfs_cmd_t
*zc
)
4672 error
= zio_inject_fault(zc
->zc_name
, (int)zc
->zc_guid
, &id
,
4673 &zc
->zc_inject_record
);
4676 zc
->zc_guid
= (uint64_t)id
;
4682 zfs_ioc_clear_fault(zfs_cmd_t
*zc
)
4684 return (zio_clear_fault((int)zc
->zc_guid
));
4688 zfs_ioc_inject_list_next(zfs_cmd_t
*zc
)
4690 int id
= (int)zc
->zc_guid
;
4693 error
= zio_inject_list_next(&id
, zc
->zc_name
, sizeof (zc
->zc_name
),
4694 &zc
->zc_inject_record
);
4702 zfs_ioc_error_log(zfs_cmd_t
*zc
)
4706 size_t count
= (size_t)zc
->zc_nvlist_dst_size
;
4708 if ((error
= spa_open(zc
->zc_name
, &spa
, FTAG
)) != 0)
4711 error
= spa_get_errlog(spa
, (void *)(uintptr_t)zc
->zc_nvlist_dst
,
4714 zc
->zc_nvlist_dst_size
= count
;
4716 zc
->zc_nvlist_dst_size
= spa_get_errlog_size(spa
);
4718 spa_close(spa
, FTAG
);
4724 zfs_ioc_clear(zfs_cmd_t
*zc
)
4731 * On zpool clear we also fix up missing slogs
4733 mutex_enter(&spa_namespace_lock
);
4734 spa
= spa_lookup(zc
->zc_name
);
4736 mutex_exit(&spa_namespace_lock
);
4737 return (SET_ERROR(EIO
));
4739 if (spa_get_log_state(spa
) == SPA_LOG_MISSING
) {
4740 /* we need to let spa_open/spa_load clear the chains */
4741 spa_set_log_state(spa
, SPA_LOG_CLEAR
);
4743 spa
->spa_last_open_failed
= 0;
4744 mutex_exit(&spa_namespace_lock
);
4746 if (zc
->zc_cookie
& ZPOOL_NO_REWIND
) {
4747 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
4750 nvlist_t
*config
= NULL
;
4752 if (zc
->zc_nvlist_src
== 0)
4753 return (SET_ERROR(EINVAL
));
4755 if ((error
= get_nvlist(zc
->zc_nvlist_src
,
4756 zc
->zc_nvlist_src_size
, zc
->zc_iflags
, &policy
)) == 0) {
4757 error
= spa_open_rewind(zc
->zc_name
, &spa
, FTAG
,
4759 if (config
!= NULL
) {
4762 if ((err
= put_nvlist(zc
, config
)) != 0)
4764 nvlist_free(config
);
4766 nvlist_free(policy
);
4773 spa_vdev_state_enter(spa
, SCL_NONE
);
4775 if (zc
->zc_guid
== 0) {
4778 vd
= spa_lookup_by_guid(spa
, zc
->zc_guid
, B_TRUE
);
4780 (void) spa_vdev_state_exit(spa
, NULL
, ENODEV
);
4781 spa_close(spa
, FTAG
);
4782 return (SET_ERROR(ENODEV
));
4786 vdev_clear(spa
, vd
);
4788 (void) spa_vdev_state_exit(spa
, NULL
, 0);
4791 * Resume any suspended I/Os.
4793 if (zio_resume(spa
) != 0)
4794 error
= SET_ERROR(EIO
);
4796 spa_close(spa
, FTAG
);
4802 zfs_ioc_pool_reopen(zfs_cmd_t
*zc
)
4807 error
= spa_open(zc
->zc_name
, &spa
, FTAG
);
4811 spa_vdev_state_enter(spa
, SCL_NONE
);
4814 * If a resilver is already in progress then set the
4815 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4816 * the scan as a side effect of the reopen. Otherwise, let
4817 * vdev_open() decided if a resilver is required.
4819 spa
->spa_scrub_reopen
= dsl_scan_resilvering(spa
->spa_dsl_pool
);
4820 vdev_reopen(spa
->spa_root_vdev
);
4821 spa
->spa_scrub_reopen
= B_FALSE
;
4823 (void) spa_vdev_state_exit(spa
, NULL
, 0);
4824 spa_close(spa
, FTAG
);
4829 * zc_name name of filesystem
4830 * zc_value name of origin snapshot
4833 * zc_string name of conflicting snapshot, if there is one
4836 zfs_ioc_promote(zfs_cmd_t
*zc
)
4841 * We don't need to unmount *all* the origin fs's snapshots, but
4844 cp
= strchr(zc
->zc_value
, '@');
4847 (void) dmu_objset_find(zc
->zc_value
,
4848 zfs_unmount_snap_cb
, NULL
, DS_FIND_SNAPSHOTS
);
4849 return (dsl_dataset_promote(zc
->zc_name
, zc
->zc_string
));
4853 * Retrieve a single {user|group}{used|quota}@... property.
4856 * zc_name name of filesystem
4857 * zc_objset_type zfs_userquota_prop_t
4858 * zc_value domain name (eg. "S-1-234-567-89")
4859 * zc_guid RID/UID/GID
4862 * zc_cookie property value
4865 zfs_ioc_userspace_one(zfs_cmd_t
*zc
)
4870 if (zc
->zc_objset_type
>= ZFS_NUM_USERQUOTA_PROPS
)
4871 return (SET_ERROR(EINVAL
));
4873 error
= zfsvfs_hold(zc
->zc_name
, FTAG
, &zfsvfs
, B_FALSE
);
4877 error
= zfs_userspace_one(zfsvfs
,
4878 zc
->zc_objset_type
, zc
->zc_value
, zc
->zc_guid
, &zc
->zc_cookie
);
4879 zfsvfs_rele(zfsvfs
, FTAG
);
4886 * zc_name name of filesystem
4887 * zc_cookie zap cursor
4888 * zc_objset_type zfs_userquota_prop_t
4889 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4892 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4893 * zc_cookie zap cursor
4896 zfs_ioc_userspace_many(zfs_cmd_t
*zc
)
4899 int bufsize
= zc
->zc_nvlist_dst_size
;
4904 return (SET_ERROR(ENOMEM
));
4906 error
= zfsvfs_hold(zc
->zc_name
, FTAG
, &zfsvfs
, B_FALSE
);
4910 buf
= vmem_alloc(bufsize
, KM_SLEEP
);
4912 error
= zfs_userspace_many(zfsvfs
, zc
->zc_objset_type
, &zc
->zc_cookie
,
4913 buf
, &zc
->zc_nvlist_dst_size
);
4916 error
= xcopyout(buf
,
4917 (void *)(uintptr_t)zc
->zc_nvlist_dst
,
4918 zc
->zc_nvlist_dst_size
);
4920 vmem_free(buf
, bufsize
);
4921 zfsvfs_rele(zfsvfs
, FTAG
);
4928 * zc_name name of filesystem
4934 zfs_ioc_userspace_upgrade(zfs_cmd_t
*zc
)
4940 if (getzfsvfs(zc
->zc_name
, &zfsvfs
) == 0) {
4941 if (!dmu_objset_userused_enabled(zfsvfs
->z_os
)) {
4943 * If userused is not enabled, it may be because the
4944 * objset needs to be closed & reopened (to grow the
4945 * objset_phys_t). Suspend/resume the fs will do that.
4949 ds
= dmu_objset_ds(zfsvfs
->z_os
);
4950 error
= zfs_suspend_fs(zfsvfs
);
4952 dmu_objset_refresh_ownership(zfsvfs
->z_os
,
4954 error
= zfs_resume_fs(zfsvfs
, ds
);
4958 error
= dmu_objset_userspace_upgrade(zfsvfs
->z_os
);
4959 deactivate_super(zfsvfs
->z_sb
);
4961 /* XXX kind of reading contents without owning */
4962 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4966 error
= dmu_objset_userspace_upgrade(os
);
4967 dmu_objset_rele(os
, FTAG
);
4975 * zc_name name of filesystem
4981 zfs_ioc_userobjspace_upgrade(zfs_cmd_t
*zc
)
4986 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
4990 dsl_dataset_long_hold(dmu_objset_ds(os
), FTAG
);
4991 dsl_pool_rele(dmu_objset_pool(os
), FTAG
);
4993 if (dmu_objset_userobjspace_upgradable(os
)) {
4994 mutex_enter(&os
->os_upgrade_lock
);
4995 if (os
->os_upgrade_id
== 0) {
4996 /* clear potential error code and retry */
4997 os
->os_upgrade_status
= 0;
4998 mutex_exit(&os
->os_upgrade_lock
);
5000 dmu_objset_userobjspace_upgrade(os
);
5002 mutex_exit(&os
->os_upgrade_lock
);
5005 taskq_wait_id(os
->os_spa
->spa_upgrade_taskq
, os
->os_upgrade_id
);
5006 error
= os
->os_upgrade_status
;
5009 dsl_dataset_long_rele(dmu_objset_ds(os
), FTAG
);
5010 dsl_dataset_rele(dmu_objset_ds(os
), FTAG
);
5016 zfs_ioc_share(zfs_cmd_t
*zc
)
5018 return (SET_ERROR(ENOSYS
));
5021 ace_t full_access
[] = {
5022 {(uid_t
)-1, ACE_ALL_PERMS
, ACE_EVERYONE
, 0}
5027 * zc_name name of containing filesystem
5028 * zc_obj object # beyond which we want next in-use object #
5031 * zc_obj next in-use object #
5034 zfs_ioc_next_obj(zfs_cmd_t
*zc
)
5036 objset_t
*os
= NULL
;
5039 error
= dmu_objset_hold(zc
->zc_name
, FTAG
, &os
);
5043 error
= dmu_object_next(os
, &zc
->zc_obj
, B_FALSE
, 0);
5045 dmu_objset_rele(os
, FTAG
);
5051 * zc_name name of filesystem
5052 * zc_value prefix name for snapshot
5053 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
5056 * zc_value short name of new snapshot
5059 zfs_ioc_tmp_snapshot(zfs_cmd_t
*zc
)
5066 error
= zfs_onexit_fd_hold(zc
->zc_cleanup_fd
, &minor
);
5070 snap_name
= kmem_asprintf("%s-%016llx", zc
->zc_value
,
5071 (u_longlong_t
)ddi_get_lbolt64());
5072 hold_name
= kmem_asprintf("%%%s", zc
->zc_value
);
5074 error
= dsl_dataset_snapshot_tmp(zc
->zc_name
, snap_name
, minor
,
5077 (void) strlcpy(zc
->zc_value
, snap_name
,
5078 sizeof (zc
->zc_value
));
5081 zfs_onexit_fd_rele(zc
->zc_cleanup_fd
);
5087 * zc_name name of "to" snapshot
5088 * zc_value name of "from" snapshot
5089 * zc_cookie file descriptor to write diff data on
5092 * dmu_diff_record_t's to the file descriptor
5095 zfs_ioc_diff(zfs_cmd_t
*zc
)
5101 fp
= getf(zc
->zc_cookie
);
5103 return (SET_ERROR(EBADF
));
5107 error
= dmu_diff(zc
->zc_name
, zc
->zc_value
, fp
->f_vnode
, &off
);
5109 if (VOP_SEEK(fp
->f_vnode
, fp
->f_offset
, &off
, NULL
) == 0)
5111 releasef(zc
->zc_cookie
);
5117 * Remove all ACL files in shares dir
5119 #ifdef HAVE_SMB_SHARE
5121 zfs_smb_acl_purge(znode_t
*dzp
)
5124 zap_attribute_t zap
;
5125 zfsvfs_t
*zfsvfs
= ZTOZSB(dzp
);
5128 for (zap_cursor_init(&zc
, zfsvfs
->z_os
, dzp
->z_id
);
5129 (error
= zap_cursor_retrieve(&zc
, &zap
)) == 0;
5130 zap_cursor_advance(&zc
)) {
5131 if ((error
= VOP_REMOVE(ZTOV(dzp
), zap
.za_name
, kcred
,
5135 zap_cursor_fini(&zc
);
5138 #endif /* HAVE_SMB_SHARE */
5141 zfs_ioc_smb_acl(zfs_cmd_t
*zc
)
5143 #ifdef HAVE_SMB_SHARE
5146 vnode_t
*resourcevp
= NULL
;
5155 if ((error
= lookupname(zc
->zc_value
, UIO_SYSSPACE
,
5156 NO_FOLLOW
, NULL
, &vp
)) != 0)
5159 /* Now make sure mntpnt and dataset are ZFS */
5161 if (vp
->v_vfsp
->vfs_fstype
!= zfsfstype
||
5162 (strcmp((char *)refstr_value(vp
->v_vfsp
->vfs_resource
),
5163 zc
->zc_name
) != 0)) {
5165 return (SET_ERROR(EINVAL
));
5169 zfsvfs
= ZTOZSB(dzp
);
5173 * Create share dir if its missing.
5175 mutex_enter(&zfsvfs
->z_lock
);
5176 if (zfsvfs
->z_shares_dir
== 0) {
5179 tx
= dmu_tx_create(zfsvfs
->z_os
);
5180 dmu_tx_hold_zap(tx
, MASTER_NODE_OBJ
, TRUE
,
5182 dmu_tx_hold_zap(tx
, DMU_NEW_OBJECT
, FALSE
, NULL
);
5183 error
= dmu_tx_assign(tx
, TXG_WAIT
);
5187 error
= zfs_create_share_dir(zfsvfs
, tx
);
5191 mutex_exit(&zfsvfs
->z_lock
);
5197 mutex_exit(&zfsvfs
->z_lock
);
5199 ASSERT(zfsvfs
->z_shares_dir
);
5200 if ((error
= zfs_zget(zfsvfs
, zfsvfs
->z_shares_dir
, &sharedir
)) != 0) {
5206 switch (zc
->zc_cookie
) {
5207 case ZFS_SMB_ACL_ADD
:
5208 vattr
.va_mask
= AT_MODE
|AT_UID
|AT_GID
|AT_TYPE
;
5209 vattr
.va_mode
= S_IFREG
|0777;
5213 vsec
.vsa_mask
= VSA_ACE
;
5214 vsec
.vsa_aclentp
= &full_access
;
5215 vsec
.vsa_aclentsz
= sizeof (full_access
);
5216 vsec
.vsa_aclcnt
= 1;
5218 error
= VOP_CREATE(ZTOV(sharedir
), zc
->zc_string
,
5219 &vattr
, EXCL
, 0, &resourcevp
, kcred
, 0, NULL
, &vsec
);
5221 VN_RELE(resourcevp
);
5224 case ZFS_SMB_ACL_REMOVE
:
5225 error
= VOP_REMOVE(ZTOV(sharedir
), zc
->zc_string
, kcred
,
5229 case ZFS_SMB_ACL_RENAME
:
5230 if ((error
= get_nvlist(zc
->zc_nvlist_src
,
5231 zc
->zc_nvlist_src_size
, zc
->zc_iflags
, &nvlist
)) != 0) {
5233 VN_RELE(ZTOV(sharedir
));
5237 if (nvlist_lookup_string(nvlist
, ZFS_SMB_ACL_SRC
, &src
) ||
5238 nvlist_lookup_string(nvlist
, ZFS_SMB_ACL_TARGET
,
5241 VN_RELE(ZTOV(sharedir
));
5243 nvlist_free(nvlist
);
5246 error
= VOP_RENAME(ZTOV(sharedir
), src
, ZTOV(sharedir
), target
,
5248 nvlist_free(nvlist
);
5251 case ZFS_SMB_ACL_PURGE
:
5252 error
= zfs_smb_acl_purge(sharedir
);
5256 error
= SET_ERROR(EINVAL
);
5261 VN_RELE(ZTOV(sharedir
));
5267 return (SET_ERROR(ENOTSUP
));
5268 #endif /* HAVE_SMB_SHARE */
5273 * "holds" -> { snapname -> holdname (string), ... }
5274 * (optional) "cleanup_fd" -> fd (int32)
5278 * snapname -> error value (int32)
5284 zfs_ioc_hold(const char *pool
, nvlist_t
*args
, nvlist_t
*errlist
)
5288 int cleanup_fd
= -1;
5292 error
= nvlist_lookup_nvlist(args
, "holds", &holds
);
5294 return (SET_ERROR(EINVAL
));
5296 /* make sure the user didn't pass us any invalid (empty) tags */
5297 for (pair
= nvlist_next_nvpair(holds
, NULL
); pair
!= NULL
;
5298 pair
= nvlist_next_nvpair(holds
, pair
)) {
5301 error
= nvpair_value_string(pair
, &htag
);
5303 return (SET_ERROR(error
));
5305 if (strlen(htag
) == 0)
5306 return (SET_ERROR(EINVAL
));
5309 if (nvlist_lookup_int32(args
, "cleanup_fd", &cleanup_fd
) == 0) {
5310 error
= zfs_onexit_fd_hold(cleanup_fd
, &minor
);
5315 error
= dsl_dataset_user_hold(holds
, minor
, errlist
);
5317 zfs_onexit_fd_rele(cleanup_fd
);
5322 * innvl is not used.
5325 * holdname -> time added (uint64 seconds since epoch)
5331 zfs_ioc_get_holds(const char *snapname
, nvlist_t
*args
, nvlist_t
*outnvl
)
5333 return (dsl_dataset_get_holds(snapname
, outnvl
));
5338 * snapname -> { holdname, ... }
5343 * snapname -> error value (int32)
5349 zfs_ioc_release(const char *pool
, nvlist_t
*holds
, nvlist_t
*errlist
)
5351 return (dsl_dataset_user_release(holds
, errlist
));
5356 * zc_guid flags (ZEVENT_NONBLOCK)
5357 * zc_cleanup_fd zevent file descriptor
5360 * zc_nvlist_dst next nvlist event
5361 * zc_cookie dropped events since last get
5364 zfs_ioc_events_next(zfs_cmd_t
*zc
)
5367 nvlist_t
*event
= NULL
;
5369 uint64_t dropped
= 0;
5372 error
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
5377 error
= zfs_zevent_next(ze
, &event
,
5378 &zc
->zc_nvlist_dst_size
, &dropped
);
5379 if (event
!= NULL
) {
5380 zc
->zc_cookie
= dropped
;
5381 error
= put_nvlist(zc
, event
);
5385 if (zc
->zc_guid
& ZEVENT_NONBLOCK
)
5388 if ((error
== 0) || (error
!= ENOENT
))
5391 error
= zfs_zevent_wait(ze
);
5396 zfs_zevent_fd_rele(zc
->zc_cleanup_fd
);
5403 * zc_cookie cleared events count
5406 zfs_ioc_events_clear(zfs_cmd_t
*zc
)
5410 zfs_zevent_drain_all(&count
);
5411 zc
->zc_cookie
= count
;
5418 * zc_guid eid | ZEVENT_SEEK_START | ZEVENT_SEEK_END
5419 * zc_cleanup zevent file descriptor
5422 zfs_ioc_events_seek(zfs_cmd_t
*zc
)
5428 error
= zfs_zevent_fd_hold(zc
->zc_cleanup_fd
, &minor
, &ze
);
5432 error
= zfs_zevent_seek(ze
, zc
->zc_guid
);
5433 zfs_zevent_fd_rele(zc
->zc_cleanup_fd
);
5440 * zc_name name of new filesystem or snapshot
5441 * zc_value full name of old snapshot
5444 * zc_cookie space in bytes
5445 * zc_objset_type compressed space in bytes
5446 * zc_perm_action uncompressed space in bytes
5449 zfs_ioc_space_written(zfs_cmd_t
*zc
)
5453 dsl_dataset_t
*new, *old
;
5455 error
= dsl_pool_hold(zc
->zc_name
, FTAG
, &dp
);
5458 error
= dsl_dataset_hold(dp
, zc
->zc_name
, FTAG
, &new);
5460 dsl_pool_rele(dp
, FTAG
);
5463 error
= dsl_dataset_hold(dp
, zc
->zc_value
, FTAG
, &old
);
5465 dsl_dataset_rele(new, FTAG
);
5466 dsl_pool_rele(dp
, FTAG
);
5470 error
= dsl_dataset_space_written(old
, new, &zc
->zc_cookie
,
5471 &zc
->zc_objset_type
, &zc
->zc_perm_action
);
5472 dsl_dataset_rele(old
, FTAG
);
5473 dsl_dataset_rele(new, FTAG
);
5474 dsl_pool_rele(dp
, FTAG
);
5480 * "firstsnap" -> snapshot name
5484 * "used" -> space in bytes
5485 * "compressed" -> compressed space in bytes
5486 * "uncompressed" -> uncompressed space in bytes
5490 zfs_ioc_space_snaps(const char *lastsnap
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5494 dsl_dataset_t
*new, *old
;
5496 uint64_t used
, comp
, uncomp
;
5498 if (nvlist_lookup_string(innvl
, "firstsnap", &firstsnap
) != 0)
5499 return (SET_ERROR(EINVAL
));
5501 error
= dsl_pool_hold(lastsnap
, FTAG
, &dp
);
5505 error
= dsl_dataset_hold(dp
, lastsnap
, FTAG
, &new);
5506 if (error
== 0 && !new->ds_is_snapshot
) {
5507 dsl_dataset_rele(new, FTAG
);
5508 error
= SET_ERROR(EINVAL
);
5511 dsl_pool_rele(dp
, FTAG
);
5514 error
= dsl_dataset_hold(dp
, firstsnap
, FTAG
, &old
);
5515 if (error
== 0 && !old
->ds_is_snapshot
) {
5516 dsl_dataset_rele(old
, FTAG
);
5517 error
= SET_ERROR(EINVAL
);
5520 dsl_dataset_rele(new, FTAG
);
5521 dsl_pool_rele(dp
, FTAG
);
5525 error
= dsl_dataset_space_wouldfree(old
, new, &used
, &comp
, &uncomp
);
5526 dsl_dataset_rele(old
, FTAG
);
5527 dsl_dataset_rele(new, FTAG
);
5528 dsl_pool_rele(dp
, FTAG
);
5529 fnvlist_add_uint64(outnvl
, "used", used
);
5530 fnvlist_add_uint64(outnvl
, "compressed", comp
);
5531 fnvlist_add_uint64(outnvl
, "uncompressed", uncomp
);
5537 * "fd" -> file descriptor to write stream to (int32)
5538 * (optional) "fromsnap" -> full snap name to send an incremental from
5539 * (optional) "largeblockok" -> (value ignored)
5540 * indicates that blocks > 128KB are permitted
5541 * (optional) "embedok" -> (value ignored)
5542 * presence indicates DRR_WRITE_EMBEDDED records are permitted
5543 * (optional) "compressok" -> (value ignored)
5544 * presence indicates compressed DRR_WRITE records are permitted
5545 * (optional) "resume_object" and "resume_offset" -> (uint64)
5546 * if present, resume send stream from specified object and offset.
5553 zfs_ioc_send_new(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5557 char *fromname
= NULL
;
5560 boolean_t largeblockok
;
5562 boolean_t compressok
;
5563 uint64_t resumeobj
= 0;
5564 uint64_t resumeoff
= 0;
5566 error
= nvlist_lookup_int32(innvl
, "fd", &fd
);
5568 return (SET_ERROR(EINVAL
));
5570 (void) nvlist_lookup_string(innvl
, "fromsnap", &fromname
);
5572 largeblockok
= nvlist_exists(innvl
, "largeblockok");
5573 embedok
= nvlist_exists(innvl
, "embedok");
5574 compressok
= nvlist_exists(innvl
, "compressok");
5576 (void) nvlist_lookup_uint64(innvl
, "resume_object", &resumeobj
);
5577 (void) nvlist_lookup_uint64(innvl
, "resume_offset", &resumeoff
);
5579 if ((fp
= getf(fd
)) == NULL
)
5580 return (SET_ERROR(EBADF
));
5583 error
= dmu_send(snapname
, fromname
, embedok
, largeblockok
, compressok
,
5584 fd
, resumeobj
, resumeoff
, fp
->f_vnode
, &off
);
5586 if (VOP_SEEK(fp
->f_vnode
, fp
->f_offset
, &off
, NULL
) == 0)
5594 * Determine approximately how large a zfs send stream will be -- the number
5595 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5598 * (optional) "from" -> full snap or bookmark name to send an incremental
5600 * (optional) "largeblockok" -> (value ignored)
5601 * indicates that blocks > 128KB are permitted
5602 * (optional) "embedok" -> (value ignored)
5603 * presence indicates DRR_WRITE_EMBEDDED records are permitted
5604 * (optional) "compressok" -> (value ignored)
5605 * presence indicates compressed DRR_WRITE records are permitted
5609 * "space" -> bytes of space (uint64)
5613 zfs_ioc_send_space(const char *snapname
, nvlist_t
*innvl
, nvlist_t
*outnvl
)
5616 dsl_dataset_t
*tosnap
;
5619 /* LINTED E_FUNC_SET_NOT_USED */
5620 boolean_t largeblockok
;
5621 /* LINTED E_FUNC_SET_NOT_USED */
5623 boolean_t compressok
;
5626 error
= dsl_pool_hold(snapname
, FTAG
, &dp
);
5630 error
= dsl_dataset_hold(dp
, snapname
, FTAG
, &tosnap
);
5632 dsl_pool_rele(dp
, FTAG
);
5636 largeblockok
= nvlist_exists(innvl
, "largeblockok");
5637 embedok
= nvlist_exists(innvl
, "embedok");
5638 compressok
= nvlist_exists(innvl
, "compressok");
5640 error
= nvlist_lookup_string(innvl
, "from", &fromname
);
5642 if (strchr(fromname
, '@') != NULL
) {
5644 * If from is a snapshot, hold it and use the more
5645 * efficient dmu_send_estimate to estimate send space
5646 * size using deadlists.
5648 dsl_dataset_t
*fromsnap
;
5649 error
= dsl_dataset_hold(dp
, fromname
, FTAG
, &fromsnap
);
5652 error
= dmu_send_estimate(tosnap
, fromsnap
, compressok
,
5654 dsl_dataset_rele(fromsnap
, FTAG
);
5655 } else if (strchr(fromname
, '#') != NULL
) {
5657 * If from is a bookmark, fetch the creation TXG of the
5658 * snapshot it was created from and use that to find
5659 * blocks that were born after it.
5661 zfs_bookmark_phys_t frombm
;
5663 error
= dsl_bookmark_lookup(dp
, fromname
, tosnap
,
5667 error
= dmu_send_estimate_from_txg(tosnap
,
5668 frombm
.zbm_creation_txg
, compressok
, &space
);
5671 * from is not properly formatted as a snapshot or
5674 error
= SET_ERROR(EINVAL
);
5678 // If estimating the size of a full send, use dmu_send_estimate
5679 error
= dmu_send_estimate(tosnap
, NULL
, compressok
, &space
);
5682 fnvlist_add_uint64(outnvl
, "space", space
);
5685 dsl_dataset_rele(tosnap
, FTAG
);
5686 dsl_pool_rele(dp
, FTAG
);
5690 static zfs_ioc_vec_t zfs_ioc_vec
[ZFS_IOC_LAST
- ZFS_IOC_FIRST
];
5693 zfs_ioctl_register_legacy(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
5694 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_namecheck_t namecheck
,
5695 boolean_t log_history
, zfs_ioc_poolcheck_t pool_check
)
5697 zfs_ioc_vec_t
*vec
= &zfs_ioc_vec
[ioc
- ZFS_IOC_FIRST
];
5699 ASSERT3U(ioc
, >=, ZFS_IOC_FIRST
);
5700 ASSERT3U(ioc
, <, ZFS_IOC_LAST
);
5701 ASSERT3P(vec
->zvec_legacy_func
, ==, NULL
);
5702 ASSERT3P(vec
->zvec_func
, ==, NULL
);
5704 vec
->zvec_legacy_func
= func
;
5705 vec
->zvec_secpolicy
= secpolicy
;
5706 vec
->zvec_namecheck
= namecheck
;
5707 vec
->zvec_allow_log
= log_history
;
5708 vec
->zvec_pool_check
= pool_check
;
5712 * See the block comment at the beginning of this file for details on
5713 * each argument to this function.
5716 zfs_ioctl_register(const char *name
, zfs_ioc_t ioc
, zfs_ioc_func_t
*func
,
5717 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_namecheck_t namecheck
,
5718 zfs_ioc_poolcheck_t pool_check
, boolean_t smush_outnvlist
,
5719 boolean_t allow_log
)
5721 zfs_ioc_vec_t
*vec
= &zfs_ioc_vec
[ioc
- ZFS_IOC_FIRST
];
5723 ASSERT3U(ioc
, >=, ZFS_IOC_FIRST
);
5724 ASSERT3U(ioc
, <, ZFS_IOC_LAST
);
5725 ASSERT3P(vec
->zvec_legacy_func
, ==, NULL
);
5726 ASSERT3P(vec
->zvec_func
, ==, NULL
);
5728 /* if we are logging, the name must be valid */
5729 ASSERT(!allow_log
|| namecheck
!= NO_NAME
);
5731 vec
->zvec_name
= name
;
5732 vec
->zvec_func
= func
;
5733 vec
->zvec_secpolicy
= secpolicy
;
5734 vec
->zvec_namecheck
= namecheck
;
5735 vec
->zvec_pool_check
= pool_check
;
5736 vec
->zvec_smush_outnvlist
= smush_outnvlist
;
5737 vec
->zvec_allow_log
= allow_log
;
5741 zfs_ioctl_register_pool(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
5742 zfs_secpolicy_func_t
*secpolicy
, boolean_t log_history
,
5743 zfs_ioc_poolcheck_t pool_check
)
5745 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
5746 POOL_NAME
, log_history
, pool_check
);
5750 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
5751 zfs_secpolicy_func_t
*secpolicy
, zfs_ioc_poolcheck_t pool_check
)
5753 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
5754 DATASET_NAME
, B_FALSE
, pool_check
);
5758 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
)
5760 zfs_ioctl_register_legacy(ioc
, func
, zfs_secpolicy_config
,
5761 POOL_NAME
, B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
5765 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
5766 zfs_secpolicy_func_t
*secpolicy
)
5768 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
5769 NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
5773 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc
,
5774 zfs_ioc_legacy_func_t
*func
, zfs_secpolicy_func_t
*secpolicy
)
5776 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
5777 DATASET_NAME
, B_FALSE
, POOL_CHECK_SUSPENDED
);
5781 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
)
5783 zfs_ioctl_register_dataset_read_secpolicy(ioc
, func
,
5784 zfs_secpolicy_read
);
5788 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc
, zfs_ioc_legacy_func_t
*func
,
5789 zfs_secpolicy_func_t
*secpolicy
)
5791 zfs_ioctl_register_legacy(ioc
, func
, secpolicy
,
5792 DATASET_NAME
, B_TRUE
, POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
5796 zfs_ioctl_init(void)
5798 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT
,
5799 zfs_ioc_snapshot
, zfs_secpolicy_snapshot
, POOL_NAME
,
5800 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5802 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY
,
5803 zfs_ioc_log_history
, zfs_secpolicy_log_history
, NO_NAME
,
5804 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_FALSE
);
5806 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS
,
5807 zfs_ioc_space_snaps
, zfs_secpolicy_read
, DATASET_NAME
,
5808 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
);
5810 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW
,
5811 zfs_ioc_send_new
, zfs_secpolicy_send_new
, DATASET_NAME
,
5812 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
);
5814 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE
,
5815 zfs_ioc_send_space
, zfs_secpolicy_read
, DATASET_NAME
,
5816 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
);
5818 zfs_ioctl_register("create", ZFS_IOC_CREATE
,
5819 zfs_ioc_create
, zfs_secpolicy_create_clone
, DATASET_NAME
,
5820 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5822 zfs_ioctl_register("clone", ZFS_IOC_CLONE
,
5823 zfs_ioc_clone
, zfs_secpolicy_create_clone
, DATASET_NAME
,
5824 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5826 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS
,
5827 zfs_ioc_destroy_snaps
, zfs_secpolicy_destroy_snaps
, POOL_NAME
,
5828 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5830 zfs_ioctl_register("hold", ZFS_IOC_HOLD
,
5831 zfs_ioc_hold
, zfs_secpolicy_hold
, POOL_NAME
,
5832 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5833 zfs_ioctl_register("release", ZFS_IOC_RELEASE
,
5834 zfs_ioc_release
, zfs_secpolicy_release
, POOL_NAME
,
5835 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5837 zfs_ioctl_register("get_holds", ZFS_IOC_GET_HOLDS
,
5838 zfs_ioc_get_holds
, zfs_secpolicy_read
, DATASET_NAME
,
5839 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
);
5841 zfs_ioctl_register("rollback", ZFS_IOC_ROLLBACK
,
5842 zfs_ioc_rollback
, zfs_secpolicy_rollback
, DATASET_NAME
,
5843 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_FALSE
, B_TRUE
);
5845 zfs_ioctl_register("bookmark", ZFS_IOC_BOOKMARK
,
5846 zfs_ioc_bookmark
, zfs_secpolicy_bookmark
, POOL_NAME
,
5847 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5849 zfs_ioctl_register("get_bookmarks", ZFS_IOC_GET_BOOKMARKS
,
5850 zfs_ioc_get_bookmarks
, zfs_secpolicy_read
, DATASET_NAME
,
5851 POOL_CHECK_SUSPENDED
, B_FALSE
, B_FALSE
);
5853 zfs_ioctl_register("destroy_bookmarks", ZFS_IOC_DESTROY_BOOKMARKS
,
5854 zfs_ioc_destroy_bookmarks
, zfs_secpolicy_destroy_bookmarks
,
5856 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5858 zfs_ioctl_register("receive", ZFS_IOC_RECV_NEW
,
5859 zfs_ioc_recv_new
, zfs_secpolicy_recv_new
, DATASET_NAME
,
5860 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
, B_TRUE
, B_TRUE
);
5862 /* IOCTLS that use the legacy function signature */
5864 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE
, zfs_ioc_pool_freeze
,
5865 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_READONLY
);
5867 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE
, zfs_ioc_pool_create
,
5868 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
5869 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN
,
5871 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE
,
5872 zfs_ioc_pool_upgrade
);
5873 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD
,
5875 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE
,
5876 zfs_ioc_vdev_remove
);
5877 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE
,
5878 zfs_ioc_vdev_set_state
);
5879 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH
,
5880 zfs_ioc_vdev_attach
);
5881 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH
,
5882 zfs_ioc_vdev_detach
);
5883 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH
,
5884 zfs_ioc_vdev_setpath
);
5885 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU
,
5886 zfs_ioc_vdev_setfru
);
5887 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS
,
5888 zfs_ioc_pool_set_props
);
5889 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT
,
5890 zfs_ioc_vdev_split
);
5891 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID
,
5892 zfs_ioc_pool_reguid
);
5894 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS
,
5895 zfs_ioc_pool_configs
, zfs_secpolicy_none
);
5896 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT
,
5897 zfs_ioc_pool_tryimport
, zfs_secpolicy_config
);
5898 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT
,
5899 zfs_ioc_inject_fault
, zfs_secpolicy_inject
);
5900 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT
,
5901 zfs_ioc_clear_fault
, zfs_secpolicy_inject
);
5902 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT
,
5903 zfs_ioc_inject_list_next
, zfs_secpolicy_inject
);
5906 * pool destroy, and export don't log the history as part of
5907 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5908 * does the logging of those commands.
5910 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY
, zfs_ioc_pool_destroy
,
5911 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
5912 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT
, zfs_ioc_pool_export
,
5913 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
5915 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS
, zfs_ioc_pool_stats
,
5916 zfs_secpolicy_read
, B_FALSE
, POOL_CHECK_NONE
);
5917 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS
, zfs_ioc_pool_get_props
,
5918 zfs_secpolicy_read
, B_FALSE
, POOL_CHECK_NONE
);
5920 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG
, zfs_ioc_error_log
,
5921 zfs_secpolicy_inject
, B_FALSE
, POOL_CHECK_SUSPENDED
);
5922 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME
,
5923 zfs_ioc_dsobj_to_dsname
,
5924 zfs_secpolicy_diff
, B_FALSE
, POOL_CHECK_SUSPENDED
);
5925 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY
,
5926 zfs_ioc_pool_get_history
,
5927 zfs_secpolicy_config
, B_FALSE
, POOL_CHECK_SUSPENDED
);
5929 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT
, zfs_ioc_pool_import
,
5930 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
5932 zfs_ioctl_register_pool(ZFS_IOC_CLEAR
, zfs_ioc_clear
,
5933 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_NONE
);
5934 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN
, zfs_ioc_pool_reopen
,
5935 zfs_secpolicy_config
, B_TRUE
, POOL_CHECK_SUSPENDED
);
5937 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN
,
5938 zfs_ioc_space_written
);
5939 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS
,
5940 zfs_ioc_objset_recvd_props
);
5941 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ
,
5943 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL
,
5945 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS
,
5946 zfs_ioc_objset_stats
);
5947 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS
,
5948 zfs_ioc_objset_zplprops
);
5949 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT
,
5950 zfs_ioc_dataset_list_next
);
5951 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT
,
5952 zfs_ioc_snapshot_list_next
);
5953 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS
,
5954 zfs_ioc_send_progress
);
5956 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF
,
5957 zfs_ioc_diff
, zfs_secpolicy_diff
);
5958 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS
,
5959 zfs_ioc_obj_to_stats
, zfs_secpolicy_diff
);
5960 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH
,
5961 zfs_ioc_obj_to_path
, zfs_secpolicy_diff
);
5962 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE
,
5963 zfs_ioc_userspace_one
, zfs_secpolicy_userspace_one
);
5964 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY
,
5965 zfs_ioc_userspace_many
, zfs_secpolicy_userspace_many
);
5966 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND
,
5967 zfs_ioc_send
, zfs_secpolicy_send
);
5969 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP
, zfs_ioc_set_prop
,
5970 zfs_secpolicy_none
);
5971 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY
, zfs_ioc_destroy
,
5972 zfs_secpolicy_destroy
);
5973 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME
, zfs_ioc_rename
,
5974 zfs_secpolicy_rename
);
5975 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV
, zfs_ioc_recv
,
5976 zfs_secpolicy_recv
);
5977 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE
, zfs_ioc_promote
,
5978 zfs_secpolicy_promote
);
5979 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP
,
5980 zfs_ioc_inherit_prop
, zfs_secpolicy_inherit_prop
);
5981 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL
, zfs_ioc_set_fsacl
,
5982 zfs_secpolicy_set_fsacl
);
5984 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE
, zfs_ioc_share
,
5985 zfs_secpolicy_share
, POOL_CHECK_NONE
);
5986 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL
, zfs_ioc_smb_acl
,
5987 zfs_secpolicy_smb_acl
, POOL_CHECK_NONE
);
5988 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE
,
5989 zfs_ioc_userspace_upgrade
, zfs_secpolicy_userspace_upgrade
,
5990 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
5991 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT
,
5992 zfs_ioc_tmp_snapshot
, zfs_secpolicy_tmp_snapshot
,
5993 POOL_CHECK_SUSPENDED
| POOL_CHECK_READONLY
);
5998 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_NEXT
, zfs_ioc_events_next
,
5999 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
6000 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_CLEAR
, zfs_ioc_events_clear
,
6001 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
6002 zfs_ioctl_register_legacy(ZFS_IOC_EVENTS_SEEK
, zfs_ioc_events_seek
,
6003 zfs_secpolicy_config
, NO_NAME
, B_FALSE
, POOL_CHECK_NONE
);
6007 pool_status_check(const char *name
, zfs_ioc_namecheck_t type
,
6008 zfs_ioc_poolcheck_t check
)
6013 ASSERT(type
== POOL_NAME
|| type
== DATASET_NAME
);
6015 if (check
& POOL_CHECK_NONE
)
6018 error
= spa_open(name
, &spa
, FTAG
);
6020 if ((check
& POOL_CHECK_SUSPENDED
) && spa_suspended(spa
))
6021 error
= SET_ERROR(EAGAIN
);
6022 else if ((check
& POOL_CHECK_READONLY
) && !spa_writeable(spa
))
6023 error
= SET_ERROR(EROFS
);
6024 spa_close(spa
, FTAG
);
6030 zfsdev_get_state_impl(minor_t minor
, enum zfsdev_state_type which
)
6034 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
6035 if (zs
->zs_minor
== minor
) {
6039 return (zs
->zs_onexit
);
6041 return (zs
->zs_zevent
);
6052 zfsdev_get_state(minor_t minor
, enum zfsdev_state_type which
)
6056 ptr
= zfsdev_get_state_impl(minor
, which
);
6062 zfsdev_getminor(struct file
*filp
, minor_t
*minorp
)
6064 zfsdev_state_t
*zs
, *fpd
;
6066 ASSERT(filp
!= NULL
);
6067 ASSERT(!MUTEX_HELD(&zfsdev_state_lock
));
6069 fpd
= filp
->private_data
;
6073 mutex_enter(&zfsdev_state_lock
);
6075 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
6077 if (zs
->zs_minor
== -1)
6081 *minorp
= fpd
->zs_minor
;
6082 mutex_exit(&zfsdev_state_lock
);
6087 mutex_exit(&zfsdev_state_lock
);
6093 * Find a free minor number. The zfsdev_state_list is expected to
6094 * be short since it is only a list of currently open file handles.
6097 zfsdev_minor_alloc(void)
6099 static minor_t last_minor
= 0;
6102 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
6104 for (m
= last_minor
+ 1; m
!= last_minor
; m
++) {
6105 if (m
> ZFSDEV_MAX_MINOR
)
6107 if (zfsdev_get_state_impl(m
, ZST_ALL
) == NULL
) {
6117 zfsdev_state_init(struct file
*filp
)
6119 zfsdev_state_t
*zs
, *zsprev
= NULL
;
6121 boolean_t newzs
= B_FALSE
;
6123 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
6125 minor
= zfsdev_minor_alloc();
6127 return (SET_ERROR(ENXIO
));
6129 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
6130 if (zs
->zs_minor
== -1)
6136 zs
= kmem_zalloc(sizeof (zfsdev_state_t
), KM_SLEEP
);
6141 filp
->private_data
= zs
;
6143 zfs_onexit_init((zfs_onexit_t
**)&zs
->zs_onexit
);
6144 zfs_zevent_init((zfs_zevent_t
**)&zs
->zs_zevent
);
6148 * In order to provide for lock-free concurrent read access
6149 * to the minor list in zfsdev_get_state_impl(), new entries
6150 * must be completely written before linking them into the
6151 * list whereas existing entries are already linked; the last
6152 * operation must be updating zs_minor (from -1 to the new
6156 zs
->zs_minor
= minor
;
6158 zsprev
->zs_next
= zs
;
6161 zs
->zs_minor
= minor
;
6168 zfsdev_state_destroy(struct file
*filp
)
6172 ASSERT(MUTEX_HELD(&zfsdev_state_lock
));
6173 ASSERT(filp
->private_data
!= NULL
);
6175 zs
= filp
->private_data
;
6177 zfs_onexit_destroy(zs
->zs_onexit
);
6178 zfs_zevent_destroy(zs
->zs_zevent
);
6184 zfsdev_open(struct inode
*ino
, struct file
*filp
)
6188 mutex_enter(&zfsdev_state_lock
);
6189 error
= zfsdev_state_init(filp
);
6190 mutex_exit(&zfsdev_state_lock
);
6196 zfsdev_release(struct inode
*ino
, struct file
*filp
)
6200 mutex_enter(&zfsdev_state_lock
);
6201 error
= zfsdev_state_destroy(filp
);
6202 mutex_exit(&zfsdev_state_lock
);
6208 zfsdev_ioctl(struct file
*filp
, unsigned cmd
, unsigned long arg
)
6212 int error
, rc
, flag
= 0;
6213 const zfs_ioc_vec_t
*vec
;
6214 char *saved_poolname
= NULL
;
6215 nvlist_t
*innvl
= NULL
;
6216 fstrans_cookie_t cookie
;
6218 vecnum
= cmd
- ZFS_IOC_FIRST
;
6219 if (vecnum
>= sizeof (zfs_ioc_vec
) / sizeof (zfs_ioc_vec
[0]))
6220 return (-SET_ERROR(EINVAL
));
6221 vec
= &zfs_ioc_vec
[vecnum
];
6224 * The registered ioctl list may be sparse, verify that either
6225 * a normal or legacy handler are registered.
6227 if (vec
->zvec_func
== NULL
&& vec
->zvec_legacy_func
== NULL
)
6228 return (-SET_ERROR(EINVAL
));
6230 zc
= kmem_zalloc(sizeof (zfs_cmd_t
), KM_SLEEP
);
6232 error
= ddi_copyin((void *)arg
, zc
, sizeof (zfs_cmd_t
), flag
);
6234 error
= SET_ERROR(EFAULT
);
6238 zc
->zc_iflags
= flag
& FKIOCTL
;
6239 if (zc
->zc_nvlist_src_size
> MAX_NVLIST_SRC_SIZE
) {
6241 * Make sure the user doesn't pass in an insane value for
6242 * zc_nvlist_src_size. We have to check, since we will end
6243 * up allocating that much memory inside of get_nvlist(). This
6244 * prevents a nefarious user from allocating tons of kernel
6247 * Also, we return EINVAL instead of ENOMEM here. The reason
6248 * being that returning ENOMEM from an ioctl() has a special
6249 * connotation; that the user's size value is too small and
6250 * needs to be expanded to hold the nvlist. See
6251 * zcmd_expand_dst_nvlist() for details.
6253 error
= SET_ERROR(EINVAL
); /* User's size too big */
6255 } else if (zc
->zc_nvlist_src_size
!= 0) {
6256 error
= get_nvlist(zc
->zc_nvlist_src
, zc
->zc_nvlist_src_size
,
6257 zc
->zc_iflags
, &innvl
);
6263 * Ensure that all pool/dataset names are valid before we pass down to
6266 zc
->zc_name
[sizeof (zc
->zc_name
) - 1] = '\0';
6267 switch (vec
->zvec_namecheck
) {
6269 if (pool_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
6270 error
= SET_ERROR(EINVAL
);
6272 error
= pool_status_check(zc
->zc_name
,
6273 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
6277 if (dataset_namecheck(zc
->zc_name
, NULL
, NULL
) != 0)
6278 error
= SET_ERROR(EINVAL
);
6280 error
= pool_status_check(zc
->zc_name
,
6281 vec
->zvec_namecheck
, vec
->zvec_pool_check
);
6290 cookie
= spl_fstrans_mark();
6291 error
= vec
->zvec_secpolicy(zc
, innvl
, CRED());
6292 spl_fstrans_unmark(cookie
);
6298 /* legacy ioctls can modify zc_name */
6299 saved_poolname
= strdup(zc
->zc_name
);
6300 if (saved_poolname
== NULL
) {
6301 error
= SET_ERROR(ENOMEM
);
6304 saved_poolname
[strcspn(saved_poolname
, "/@#")] = '\0';
6307 if (vec
->zvec_func
!= NULL
) {
6311 nvlist_t
*lognv
= NULL
;
6313 ASSERT(vec
->zvec_legacy_func
== NULL
);
6316 * Add the innvl to the lognv before calling the func,
6317 * in case the func changes the innvl.
6319 if (vec
->zvec_allow_log
) {
6320 lognv
= fnvlist_alloc();
6321 fnvlist_add_string(lognv
, ZPOOL_HIST_IOCTL
,
6323 if (!nvlist_empty(innvl
)) {
6324 fnvlist_add_nvlist(lognv
, ZPOOL_HIST_INPUT_NVL
,
6329 outnvl
= fnvlist_alloc();
6330 cookie
= spl_fstrans_mark();
6331 error
= vec
->zvec_func(zc
->zc_name
, innvl
, outnvl
);
6332 spl_fstrans_unmark(cookie
);
6334 if (error
== 0 && vec
->zvec_allow_log
&&
6335 spa_open(zc
->zc_name
, &spa
, FTAG
) == 0) {
6336 if (!nvlist_empty(outnvl
)) {
6337 fnvlist_add_nvlist(lognv
, ZPOOL_HIST_OUTPUT_NVL
,
6340 (void) spa_history_log_nvl(spa
, lognv
);
6341 spa_close(spa
, FTAG
);
6343 fnvlist_free(lognv
);
6345 if (!nvlist_empty(outnvl
) || zc
->zc_nvlist_dst_size
!= 0) {
6347 if (vec
->zvec_smush_outnvlist
) {
6348 smusherror
= nvlist_smush(outnvl
,
6349 zc
->zc_nvlist_dst_size
);
6351 if (smusherror
== 0)
6352 puterror
= put_nvlist(zc
, outnvl
);
6358 nvlist_free(outnvl
);
6360 cookie
= spl_fstrans_mark();
6361 error
= vec
->zvec_legacy_func(zc
);
6362 spl_fstrans_unmark(cookie
);
6367 rc
= ddi_copyout(zc
, (void *)arg
, sizeof (zfs_cmd_t
), flag
);
6368 if (error
== 0 && rc
!= 0)
6369 error
= SET_ERROR(EFAULT
);
6370 if (error
== 0 && vec
->zvec_allow_log
) {
6371 char *s
= tsd_get(zfs_allow_log_key
);
6374 (void) tsd_set(zfs_allow_log_key
, saved_poolname
);
6376 if (saved_poolname
!= NULL
)
6377 strfree(saved_poolname
);
6380 kmem_free(zc
, sizeof (zfs_cmd_t
));
6384 #ifdef CONFIG_COMPAT
6386 zfsdev_compat_ioctl(struct file
*filp
, unsigned cmd
, unsigned long arg
)
6388 return (zfsdev_ioctl(filp
, cmd
, arg
));
6391 #define zfsdev_compat_ioctl NULL
6394 static const struct file_operations zfsdev_fops
= {
6395 .open
= zfsdev_open
,
6396 .release
= zfsdev_release
,
6397 .unlocked_ioctl
= zfsdev_ioctl
,
6398 .compat_ioctl
= zfsdev_compat_ioctl
,
6399 .owner
= THIS_MODULE
,
6402 static struct miscdevice zfs_misc
= {
6403 .minor
= MISC_DYNAMIC_MINOR
,
6405 .fops
= &zfsdev_fops
,
6413 mutex_init(&zfsdev_state_lock
, NULL
, MUTEX_DEFAULT
, NULL
);
6414 zfsdev_state_list
= kmem_zalloc(sizeof (zfsdev_state_t
), KM_SLEEP
);
6415 zfsdev_state_list
->zs_minor
= -1;
6417 error
= misc_register(&zfs_misc
);
6419 printk(KERN_INFO
"ZFS: misc_register() failed %d\n", error
);
6429 zfsdev_state_t
*zs
, *zsprev
= NULL
;
6431 misc_deregister(&zfs_misc
);
6432 mutex_destroy(&zfsdev_state_lock
);
6434 for (zs
= zfsdev_state_list
; zs
!= NULL
; zs
= zs
->zs_next
) {
6436 kmem_free(zsprev
, sizeof (zfsdev_state_t
));
6440 kmem_free(zsprev
, sizeof (zfsdev_state_t
));
6444 zfs_allow_log_destroy(void *arg
)
6446 char *poolname
= arg
;
6448 if (poolname
!= NULL
)
6453 #define ZFS_DEBUG_STR " (DEBUG mode)"
6455 #define ZFS_DEBUG_STR ""
6463 error
= -vn_set_pwd("/");
6466 "ZFS: Warning unable to set pwd to '/': %d\n", error
);
6470 if ((error
= -zvol_init()) != 0)
6473 spa_init(FREAD
| FWRITE
);
6478 if ((error
= zfs_attach()) != 0)
6481 tsd_create(&zfs_fsyncer_key
, NULL
);
6482 tsd_create(&rrw_tsd_key
, rrw_tsd_destroy
);
6483 tsd_create(&zfs_allow_log_key
, zfs_allow_log_destroy
);
6485 printk(KERN_NOTICE
"ZFS: Loaded module v%s-%s%s, "
6486 "ZFS pool version %s, ZFS filesystem version %s\n",
6487 ZFS_META_VERSION
, ZFS_META_RELEASE
, ZFS_DEBUG_STR
,
6488 SPA_VERSION_STRING
, ZPL_VERSION_STRING
);
6489 #ifndef CONFIG_FS_POSIX_ACL
6490 printk(KERN_NOTICE
"ZFS: Posix ACLs disabled by kernel\n");
6491 #endif /* CONFIG_FS_POSIX_ACL */
6499 printk(KERN_NOTICE
"ZFS: Failed to Load ZFS Filesystem v%s-%s%s"
6500 ", rc = %d\n", ZFS_META_VERSION
, ZFS_META_RELEASE
,
6501 ZFS_DEBUG_STR
, error
);
6514 tsd_destroy(&zfs_fsyncer_key
);
6515 tsd_destroy(&rrw_tsd_key
);
6516 tsd_destroy(&zfs_allow_log_key
);
6518 printk(KERN_NOTICE
"ZFS: Unloaded module v%s-%s%s\n",
6519 ZFS_META_VERSION
, ZFS_META_RELEASE
, ZFS_DEBUG_STR
);
6526 MODULE_DESCRIPTION("ZFS");
6527 MODULE_AUTHOR(ZFS_META_AUTHOR
);
6528 MODULE_LICENSE(ZFS_META_LICENSE
);
6529 MODULE_VERSION(ZFS_META_VERSION
"-" ZFS_META_RELEASE
);
6530 #endif /* HAVE_SPL */