4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or https://opensource.org/licenses/CDDL-1.0.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2012, 2018 by Delphix. All rights reserved.
25 * Copyright (c) 2015 by Chunwei Chen. All rights reserved.
26 * Copyright 2017 Nexenta Systems, Inc.
27 * Copyright (c) 2021, 2022 by Pawel Jakub Dawidek
30 /* Portions Copyright 2007 Jeremy Teo */
31 /* Portions Copyright 2010 Robert Milkowski */
33 #include <sys/types.h>
34 #include <sys/param.h>
36 #include <sys/sysmacros.h>
38 #include <sys/uio_impl.h>
42 #include <sys/cmn_err.h>
43 #include <sys/errno.h>
44 #include <sys/zfs_dir.h>
45 #include <sys/zfs_acl.h>
46 #include <sys/zfs_ioctl.h>
47 #include <sys/fs/zfs.h>
49 #include <sys/dmu_objset.h>
50 #include <sys/dsl_crypt.h>
54 #include <sys/policy.h>
55 #include <sys/zfeature.h>
56 #include <sys/zfs_vnops.h>
57 #include <sys/zfs_quota.h>
58 #include <sys/zfs_vfsops.h>
59 #include <sys/zfs_znode.h>
62 static ulong_t zfs_fsync_sync_cnt
= 4;
65 zfs_fsync(znode_t
*zp
, int syncflag
, cred_t
*cr
)
68 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
70 (void) tsd_set(zfs_fsyncer_key
, (void *)(uintptr_t)zfs_fsync_sync_cnt
);
72 if (zfsvfs
->z_os
->os_sync
!= ZFS_SYNC_DISABLED
) {
73 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
75 atomic_inc_32(&zp
->z_sync_writes_cnt
);
76 zil_commit(zfsvfs
->z_log
, zp
->z_id
);
77 atomic_dec_32(&zp
->z_sync_writes_cnt
);
78 zfs_exit(zfsvfs
, FTAG
);
81 tsd_set(zfs_fsyncer_key
, NULL
);
87 #if defined(SEEK_HOLE) && defined(SEEK_DATA)
89 * Lseek support for finding holes (cmd == SEEK_HOLE) and
90 * data (cmd == SEEK_DATA). "off" is an in/out parameter.
93 zfs_holey_common(znode_t
*zp
, ulong_t cmd
, loff_t
*off
)
95 zfs_locked_range_t
*lr
;
96 uint64_t noff
= (uint64_t)*off
; /* new offset */
101 file_sz
= zp
->z_size
;
102 if (noff
>= file_sz
) {
103 return (SET_ERROR(ENXIO
));
106 if (cmd
== F_SEEK_HOLE
)
111 /* Flush any mmap()'d data to disk */
112 if (zn_has_cached_data(zp
, 0, file_sz
- 1))
113 zn_flush_cached_data(zp
, B_FALSE
);
115 lr
= zfs_rangelock_enter(&zp
->z_rangelock
, 0, UINT64_MAX
, RL_READER
);
116 error
= dmu_offset_next(ZTOZSB(zp
)->z_os
, zp
->z_id
, hole
, &noff
);
117 zfs_rangelock_exit(lr
);
120 return (SET_ERROR(ENXIO
));
122 /* File was dirty, so fall back to using generic logic */
123 if (error
== EBUSY
) {
131 * We could find a hole that begins after the logical end-of-file,
132 * because dmu_offset_next() only works on whole blocks. If the
133 * EOF falls mid-block, then indicate that the "virtual hole"
134 * at the end of the file begins at the logical EOF, rather than
135 * at the end of the last block.
137 if (noff
> file_sz
) {
149 zfs_holey(znode_t
*zp
, ulong_t cmd
, loff_t
*off
)
151 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
154 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
157 error
= zfs_holey_common(zp
, cmd
, off
);
159 zfs_exit(zfsvfs
, FTAG
);
162 #endif /* SEEK_HOLE && SEEK_DATA */
165 zfs_access(znode_t
*zp
, int mode
, int flag
, cred_t
*cr
)
167 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
170 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
173 if (flag
& V_ACE_MASK
)
174 #if defined(__linux__)
175 error
= zfs_zaccess(zp
, mode
, flag
, B_FALSE
, cr
,
178 error
= zfs_zaccess(zp
, mode
, flag
, B_FALSE
, cr
,
182 #if defined(__linux__)
183 error
= zfs_zaccess_rwx(zp
, mode
, flag
, cr
, zfs_init_idmap
);
185 error
= zfs_zaccess_rwx(zp
, mode
, flag
, cr
, NULL
);
188 zfs_exit(zfsvfs
, FTAG
);
192 static uint64_t zfs_vnops_read_chunk_size
= 1024 * 1024; /* Tunable */
195 * Read bytes from specified file into supplied buffer.
197 * IN: zp - inode of file to be read from.
198 * uio - structure supplying read location, range info,
200 * ioflag - O_SYNC flags; used to provide FRSYNC semantics.
201 * O_DIRECT flag; used to bypass page cache.
202 * cr - credentials of caller.
204 * OUT: uio - updated offset and range, buffer filled.
206 * RETURN: 0 on success, error code on failure.
209 * inode - atime updated if byte count > 0
212 zfs_read(struct znode
*zp
, zfs_uio_t
*uio
, int ioflag
, cred_t
*cr
)
216 boolean_t frsync
= B_FALSE
;
218 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
219 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
222 if (zp
->z_pflags
& ZFS_AV_QUARANTINED
) {
223 zfs_exit(zfsvfs
, FTAG
);
224 return (SET_ERROR(EACCES
));
227 /* We don't copy out anything useful for directories. */
228 if (Z_ISDIR(ZTOTYPE(zp
))) {
229 zfs_exit(zfsvfs
, FTAG
);
230 return (SET_ERROR(EISDIR
));
234 * Validate file offset
236 if (zfs_uio_offset(uio
) < (offset_t
)0) {
237 zfs_exit(zfsvfs
, FTAG
);
238 return (SET_ERROR(EINVAL
));
242 * Fasttrack empty reads
244 if (zfs_uio_resid(uio
) == 0) {
245 zfs_exit(zfsvfs
, FTAG
);
251 * If we're in FRSYNC mode, sync out this znode before reading it.
252 * Only do this for non-snapshots.
254 * Some platforms do not support FRSYNC and instead map it
255 * to O_SYNC, which results in unnecessary calls to zil_commit. We
256 * only honor FRSYNC requests on platforms which support it.
258 frsync
= !!(ioflag
& FRSYNC
);
261 (frsync
|| zfsvfs
->z_os
->os_sync
== ZFS_SYNC_ALWAYS
))
262 zil_commit(zfsvfs
->z_log
, zp
->z_id
);
265 * Lock the range against changes.
267 zfs_locked_range_t
*lr
= zfs_rangelock_enter(&zp
->z_rangelock
,
268 zfs_uio_offset(uio
), zfs_uio_resid(uio
), RL_READER
);
271 * If we are reading past end-of-file we can skip
272 * to the end; but we might still need to set atime.
274 if (zfs_uio_offset(uio
) >= zp
->z_size
) {
279 ASSERT(zfs_uio_offset(uio
) < zp
->z_size
);
280 #if defined(__linux__)
281 ssize_t start_offset
= zfs_uio_offset(uio
);
283 ssize_t n
= MIN(zfs_uio_resid(uio
), zp
->z_size
- zfs_uio_offset(uio
));
284 ssize_t start_resid
= n
;
287 ssize_t nbytes
= MIN(n
, zfs_vnops_read_chunk_size
-
288 P2PHASE(zfs_uio_offset(uio
), zfs_vnops_read_chunk_size
));
290 if (zfs_uio_segflg(uio
) == UIO_NOCOPY
)
291 error
= mappedread_sf(zp
, nbytes
, uio
);
294 if (zn_has_cached_data(zp
, zfs_uio_offset(uio
),
295 zfs_uio_offset(uio
) + nbytes
- 1) && !(ioflag
& O_DIRECT
)) {
296 error
= mappedread(zp
, nbytes
, uio
);
298 error
= dmu_read_uio_dbuf(sa_get_db(zp
->z_sa_hdl
),
303 /* convert checksum errors into IO errors */
305 error
= SET_ERROR(EIO
);
307 #if defined(__linux__)
309 * if we actually read some bytes, bubbling EFAULT
310 * up to become EAGAIN isn't what we want here...
312 * ...on Linux, at least. On FBSD, doing this breaks.
314 if (error
== EFAULT
&&
315 (zfs_uio_offset(uio
) - start_offset
) != 0)
324 int64_t nread
= start_resid
- n
;
325 dataset_kstats_update_read_kstats(&zfsvfs
->z_kstat
, nread
);
326 task_io_account_read(nread
);
328 zfs_rangelock_exit(lr
);
330 ZFS_ACCESSTIME_STAMP(zfsvfs
, zp
);
331 zfs_exit(zfsvfs
, FTAG
);
336 zfs_clear_setid_bits_if_necessary(zfsvfs_t
*zfsvfs
, znode_t
*zp
, cred_t
*cr
,
337 uint64_t *clear_setid_bits_txgp
, dmu_tx_t
*tx
)
339 zilog_t
*zilog
= zfsvfs
->z_log
;
340 const uint64_t uid
= KUID_TO_SUID(ZTOUID(zp
));
342 ASSERT(clear_setid_bits_txgp
!= NULL
);
346 * Clear Set-UID/Set-GID bits on successful write if not
347 * privileged and at least one of the execute bits is set.
349 * It would be nice to do this after all writes have
350 * been done, but that would still expose the ISUID/ISGID
351 * to another app after the partial write is committed.
353 * Note: we don't call zfs_fuid_map_id() here because
354 * user 0 is not an ephemeral uid.
356 mutex_enter(&zp
->z_acl_lock
);
357 if ((zp
->z_mode
& (S_IXUSR
| (S_IXUSR
>> 3) | (S_IXUSR
>> 6))) != 0 &&
358 (zp
->z_mode
& (S_ISUID
| S_ISGID
)) != 0 &&
359 secpolicy_vnode_setid_retain(zp
, cr
,
360 ((zp
->z_mode
& S_ISUID
) != 0 && uid
== 0)) != 0) {
363 zp
->z_mode
&= ~(S_ISUID
| S_ISGID
);
364 newmode
= zp
->z_mode
;
365 (void) sa_update(zp
->z_sa_hdl
, SA_ZPL_MODE(zfsvfs
),
366 (void *)&newmode
, sizeof (uint64_t), tx
);
368 mutex_exit(&zp
->z_acl_lock
);
371 * Make sure SUID/SGID bits will be removed when we replay the
372 * log. If the setid bits are keep coming back, don't log more
373 * than one TX_SETATTR per transaction group.
375 if (*clear_setid_bits_txgp
!= dmu_tx_get_txg(tx
)) {
378 va
.va_mask
= ATTR_MODE
;
379 va
.va_nodeid
= zp
->z_id
;
380 va
.va_mode
= newmode
;
381 zfs_log_setattr(zilog
, tx
, TX_SETATTR
, zp
, &va
,
383 *clear_setid_bits_txgp
= dmu_tx_get_txg(tx
);
386 mutex_exit(&zp
->z_acl_lock
);
391 * Write the bytes to a file.
393 * IN: zp - znode of file to be written to.
394 * uio - structure supplying write location, range info,
396 * ioflag - O_APPEND flag set if in append mode.
397 * O_DIRECT flag; used to bypass page cache.
398 * cr - credentials of caller.
400 * OUT: uio - updated offset and range.
402 * RETURN: 0 if success
403 * error code if failure
406 * ip - ctime|mtime updated if byte count > 0
409 zfs_write(znode_t
*zp
, zfs_uio_t
*uio
, int ioflag
, cred_t
*cr
)
411 int error
= 0, error1
;
412 ssize_t start_resid
= zfs_uio_resid(uio
);
413 uint64_t clear_setid_bits_txg
= 0;
416 * Fasttrack empty write
418 ssize_t n
= start_resid
;
422 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
423 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
426 sa_bulk_attr_t bulk
[4];
428 uint64_t mtime
[2], ctime
[2];
429 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_MTIME(zfsvfs
), NULL
, &mtime
, 16);
430 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_CTIME(zfsvfs
), NULL
, &ctime
, 16);
431 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_SIZE(zfsvfs
), NULL
,
433 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_FLAGS(zfsvfs
), NULL
,
437 * Callers might not be able to detect properly that we are read-only,
438 * so check it explicitly here.
440 if (zfs_is_readonly(zfsvfs
)) {
441 zfs_exit(zfsvfs
, FTAG
);
442 return (SET_ERROR(EROFS
));
446 * If immutable or not appending then return EPERM.
447 * Intentionally allow ZFS_READONLY through here.
448 * See zfs_zaccess_common()
450 if ((zp
->z_pflags
& ZFS_IMMUTABLE
) ||
451 ((zp
->z_pflags
& ZFS_APPENDONLY
) && !(ioflag
& O_APPEND
) &&
452 (zfs_uio_offset(uio
) < zp
->z_size
))) {
453 zfs_exit(zfsvfs
, FTAG
);
454 return (SET_ERROR(EPERM
));
458 * Validate file offset
460 offset_t woff
= ioflag
& O_APPEND
? zp
->z_size
: zfs_uio_offset(uio
);
462 zfs_exit(zfsvfs
, FTAG
);
463 return (SET_ERROR(EINVAL
));
467 * Pre-fault the pages to ensure slow (eg NFS) pages
470 ssize_t pfbytes
= MIN(n
, DMU_MAX_ACCESS
>> 1);
471 if (zfs_uio_prefaultpages(pfbytes
, uio
)) {
472 zfs_exit(zfsvfs
, FTAG
);
473 return (SET_ERROR(EFAULT
));
477 * If in append mode, set the io offset pointer to eof.
479 zfs_locked_range_t
*lr
;
480 if (ioflag
& O_APPEND
) {
482 * Obtain an appending range lock to guarantee file append
483 * semantics. We reset the write offset once we have the lock.
485 lr
= zfs_rangelock_enter(&zp
->z_rangelock
, 0, n
, RL_APPEND
);
486 woff
= lr
->lr_offset
;
487 if (lr
->lr_length
== UINT64_MAX
) {
489 * We overlocked the file because this write will cause
490 * the file block size to increase.
491 * Note that zp_size cannot change with this lock held.
495 zfs_uio_setoffset(uio
, woff
);
498 * Note that if the file block size will change as a result of
499 * this write, then this range lock will lock the entire file
500 * so that we can re-write the block safely.
502 lr
= zfs_rangelock_enter(&zp
->z_rangelock
, woff
, n
, RL_WRITER
);
505 if (zn_rlimit_fsize_uio(zp
, uio
)) {
506 zfs_rangelock_exit(lr
);
507 zfs_exit(zfsvfs
, FTAG
);
508 return (SET_ERROR(EFBIG
));
511 const rlim64_t limit
= MAXOFFSET_T
;
514 zfs_rangelock_exit(lr
);
515 zfs_exit(zfsvfs
, FTAG
);
516 return (SET_ERROR(EFBIG
));
519 if (n
> limit
- woff
)
522 uint64_t end_size
= MAX(zp
->z_size
, woff
+ n
);
523 zilog_t
*zilog
= zfsvfs
->z_log
;
525 const uint64_t uid
= KUID_TO_SUID(ZTOUID(zp
));
526 const uint64_t gid
= KGID_TO_SGID(ZTOGID(zp
));
527 const uint64_t projid
= zp
->z_projid
;
530 * Write the file in reasonable size chunks. Each chunk is written
531 * in a separate transaction; this keeps the intent log records small
532 * and allows us to do more fine-grained space accounting.
535 woff
= zfs_uio_offset(uio
);
537 if (zfs_id_overblockquota(zfsvfs
, DMU_USERUSED_OBJECT
, uid
) ||
538 zfs_id_overblockquota(zfsvfs
, DMU_GROUPUSED_OBJECT
, gid
) ||
539 (projid
!= ZFS_DEFAULT_PROJID
&&
540 zfs_id_overblockquota(zfsvfs
, DMU_PROJECTUSED_OBJECT
,
542 error
= SET_ERROR(EDQUOT
);
547 if (lr
->lr_length
== UINT64_MAX
&& zp
->z_size
<= zp
->z_blksz
) {
548 if (zp
->z_blksz
> zfsvfs
->z_max_blksz
&&
549 !ISP2(zp
->z_blksz
)) {
551 * File's blocksize is already larger than the
552 * "recordsize" property. Only let it grow to
553 * the next power of 2.
555 blksz
= 1 << highbit64(zp
->z_blksz
);
557 blksz
= zfsvfs
->z_max_blksz
;
559 blksz
= MIN(blksz
, P2ROUNDUP(end_size
,
561 blksz
= MAX(blksz
, zp
->z_blksz
);
566 arc_buf_t
*abuf
= NULL
;
568 if (n
>= blksz
&& woff
>= zp
->z_size
&&
569 P2PHASE(woff
, blksz
) == 0 &&
570 (blksz
>= SPA_OLD_MAXBLOCKSIZE
|| n
< 4 * blksz
)) {
572 * This write covers a full block. "Borrow" a buffer
573 * from the dmu so that we can fill it before we enter
574 * a transaction. This avoids the possibility of
575 * holding up the transaction if the data copy hangs
576 * up on a pagefault (e.g., from an NFS server mapping).
578 abuf
= dmu_request_arcbuf(sa_get_db(zp
->z_sa_hdl
),
580 ASSERT(abuf
!= NULL
);
581 ASSERT(arc_buf_size(abuf
) == blksz
);
582 if ((error
= zfs_uiocopy(abuf
->b_data
, blksz
,
583 UIO_WRITE
, uio
, &nbytes
))) {
584 dmu_return_arcbuf(abuf
);
587 ASSERT3S(nbytes
, ==, blksz
);
589 nbytes
= MIN(n
, (DMU_MAX_ACCESS
>> 1) -
590 P2PHASE(woff
, blksz
));
591 if (pfbytes
< nbytes
) {
592 if (zfs_uio_prefaultpages(nbytes
, uio
)) {
593 error
= SET_ERROR(EFAULT
);
601 * Start a transaction.
603 dmu_tx_t
*tx
= dmu_tx_create(zfsvfs
->z_os
);
604 dmu_tx_hold_sa(tx
, zp
->z_sa_hdl
, B_FALSE
);
605 dmu_buf_impl_t
*db
= (dmu_buf_impl_t
*)sa_get_db(zp
->z_sa_hdl
);
607 dmu_tx_hold_write_by_dnode(tx
, DB_DNODE(db
), woff
, nbytes
);
609 zfs_sa_upgrade_txholds(tx
, zp
);
610 error
= dmu_tx_assign(tx
, TXG_WAIT
);
614 dmu_return_arcbuf(abuf
);
619 * NB: We must call zfs_clear_setid_bits_if_necessary before
620 * committing the transaction!
624 * If rangelock_enter() over-locked we grow the blocksize
625 * and then reduce the lock range. This will only happen
626 * on the first iteration since rangelock_reduce() will
627 * shrink down lr_length to the appropriate size.
629 if (lr
->lr_length
== UINT64_MAX
) {
630 zfs_grow_blocksize(zp
, blksz
, tx
);
631 zfs_rangelock_reduce(lr
, woff
, n
);
636 tx_bytes
= zfs_uio_resid(uio
);
637 zfs_uio_fault_disable(uio
, B_TRUE
);
638 error
= dmu_write_uio_dbuf(sa_get_db(zp
->z_sa_hdl
),
640 zfs_uio_fault_disable(uio
, B_FALSE
);
642 if (error
== EFAULT
) {
643 zfs_clear_setid_bits_if_necessary(zfsvfs
, zp
,
644 cr
, &clear_setid_bits_txg
, tx
);
647 * Account for partial writes before
648 * continuing the loop.
649 * Update needs to occur before the next
650 * zfs_uio_prefaultpages, or prefaultpages may
651 * error, and we may break the loop early.
653 n
-= tx_bytes
- zfs_uio_resid(uio
);
654 pfbytes
-= tx_bytes
- zfs_uio_resid(uio
);
659 * On FreeBSD, EFAULT should be propagated back to the
660 * VFS, which will handle faulting and will retry.
662 if (error
!= 0 && error
!= EFAULT
) {
663 zfs_clear_setid_bits_if_necessary(zfsvfs
, zp
,
664 cr
, &clear_setid_bits_txg
, tx
);
668 tx_bytes
-= zfs_uio_resid(uio
);
671 * Thus, we're writing a full block at a block-aligned
672 * offset and extending the file past EOF.
674 * dmu_assign_arcbuf_by_dbuf() will directly assign the
675 * arc buffer to a dbuf.
677 error
= dmu_assign_arcbuf_by_dbuf(
678 sa_get_db(zp
->z_sa_hdl
), woff
, abuf
, tx
);
681 * XXX This might not be necessary if
682 * dmu_assign_arcbuf_by_dbuf is guaranteed
685 zfs_clear_setid_bits_if_necessary(zfsvfs
, zp
,
686 cr
, &clear_setid_bits_txg
, tx
);
687 dmu_return_arcbuf(abuf
);
691 ASSERT3S(nbytes
, <=, zfs_uio_resid(uio
));
692 zfs_uioskip(uio
, nbytes
);
696 zn_has_cached_data(zp
, woff
, woff
+ tx_bytes
- 1) &&
697 !(ioflag
& O_DIRECT
)) {
698 update_pages(zp
, woff
, tx_bytes
, zfsvfs
->z_os
);
702 * If we made no progress, we're done. If we made even
703 * partial progress, update the znode and ZIL accordingly.
706 (void) sa_update(zp
->z_sa_hdl
, SA_ZPL_SIZE(zfsvfs
),
707 (void *)&zp
->z_size
, sizeof (uint64_t), tx
);
713 zfs_clear_setid_bits_if_necessary(zfsvfs
, zp
, cr
,
714 &clear_setid_bits_txg
, tx
);
716 zfs_tstamp_update_setup(zp
, CONTENT_MODIFIED
, mtime
, ctime
);
719 * Update the file size (zp_size) if it has changed;
720 * account for possible concurrent updates.
722 while ((end_size
= zp
->z_size
) < zfs_uio_offset(uio
)) {
723 (void) atomic_cas_64(&zp
->z_size
, end_size
,
724 zfs_uio_offset(uio
));
725 ASSERT(error
== 0 || error
== EFAULT
);
728 * If we are replaying and eof is non zero then force
729 * the file size to the specified eof. Note, there's no
730 * concurrency during replay.
732 if (zfsvfs
->z_replay
&& zfsvfs
->z_replay_eof
!= 0)
733 zp
->z_size
= zfsvfs
->z_replay_eof
;
735 error1
= sa_bulk_update(zp
->z_sa_hdl
, bulk
, count
, tx
);
737 /* Avoid clobbering EFAULT. */
741 * NB: During replay, the TX_SETATTR record logged by
742 * zfs_clear_setid_bits_if_necessary must precede any of
743 * the TX_WRITE records logged here.
745 zfs_log_write(zilog
, tx
, TX_WRITE
, zp
, woff
, tx_bytes
, ioflag
,
752 ASSERT3S(tx_bytes
, ==, nbytes
);
757 zfs_znode_update_vfs(zp
);
758 zfs_rangelock_exit(lr
);
761 * If we're in replay mode, or we made no progress, or the
762 * uio data is inaccessible return an error. Otherwise, it's
763 * at least a partial write, so it's successful.
765 if (zfsvfs
->z_replay
|| zfs_uio_resid(uio
) == start_resid
||
767 zfs_exit(zfsvfs
, FTAG
);
771 if (ioflag
& (O_SYNC
| O_DSYNC
) ||
772 zfsvfs
->z_os
->os_sync
== ZFS_SYNC_ALWAYS
)
773 zil_commit(zilog
, zp
->z_id
);
775 const int64_t nwritten
= start_resid
- zfs_uio_resid(uio
);
776 dataset_kstats_update_write_kstats(&zfsvfs
->z_kstat
, nwritten
);
777 task_io_account_write(nwritten
);
779 zfs_exit(zfsvfs
, FTAG
);
784 zfs_getsecattr(znode_t
*zp
, vsecattr_t
*vsecp
, int flag
, cred_t
*cr
)
786 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
788 boolean_t skipaclchk
= (flag
& ATTR_NOACLCHECK
) ? B_TRUE
: B_FALSE
;
790 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
792 error
= zfs_getacl(zp
, vsecp
, skipaclchk
, cr
);
793 zfs_exit(zfsvfs
, FTAG
);
799 zfs_setsecattr(znode_t
*zp
, vsecattr_t
*vsecp
, int flag
, cred_t
*cr
)
801 zfsvfs_t
*zfsvfs
= ZTOZSB(zp
);
803 boolean_t skipaclchk
= (flag
& ATTR_NOACLCHECK
) ? B_TRUE
: B_FALSE
;
806 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
808 zilog
= zfsvfs
->z_log
;
809 error
= zfs_setacl(zp
, vsecp
, skipaclchk
, cr
);
811 if (zfsvfs
->z_os
->os_sync
== ZFS_SYNC_ALWAYS
)
812 zil_commit(zilog
, 0);
814 zfs_exit(zfsvfs
, FTAG
);
819 static int zil_fault_io
= 0;
822 static void zfs_get_done(zgd_t
*zgd
, int error
);
825 * Get data to generate a TX_WRITE intent log record.
828 zfs_get_data(void *arg
, uint64_t gen
, lr_write_t
*lr
, char *buf
,
829 struct lwb
*lwb
, zio_t
*zio
)
831 zfsvfs_t
*zfsvfs
= arg
;
832 objset_t
*os
= zfsvfs
->z_os
;
834 uint64_t object
= lr
->lr_foid
;
835 uint64_t offset
= lr
->lr_offset
;
836 uint64_t size
= lr
->lr_length
;
842 ASSERT3P(lwb
, !=, NULL
);
843 ASSERT3U(size
, !=, 0);
846 * Nothing to do if the file has been removed
848 if (zfs_zget(zfsvfs
, object
, &zp
) != 0)
849 return (SET_ERROR(ENOENT
));
850 if (zp
->z_unlinked
) {
852 * Release the vnode asynchronously as we currently have the
853 * txg stopped from syncing.
856 return (SET_ERROR(ENOENT
));
858 /* check if generation number matches */
859 if (sa_lookup(zp
->z_sa_hdl
, SA_ZPL_GEN(zfsvfs
), &zp_gen
,
860 sizeof (zp_gen
)) != 0) {
862 return (SET_ERROR(EIO
));
866 return (SET_ERROR(ENOENT
));
869 zgd
= kmem_zalloc(sizeof (zgd_t
), KM_SLEEP
);
871 zgd
->zgd_private
= zp
;
874 * Write records come in two flavors: immediate and indirect.
875 * For small writes it's cheaper to store the data with the
876 * log record (immediate); for large writes it's cheaper to
877 * sync the data and get a pointer to it (indirect) so that
878 * we don't have to write the data twice.
880 if (buf
!= NULL
) { /* immediate write */
881 zgd
->zgd_lr
= zfs_rangelock_enter(&zp
->z_rangelock
,
882 offset
, size
, RL_READER
);
883 /* test for truncation needs to be done while range locked */
884 if (offset
>= zp
->z_size
) {
885 error
= SET_ERROR(ENOENT
);
887 error
= dmu_read(os
, object
, offset
, size
, buf
,
888 DMU_READ_NO_PREFETCH
);
890 ASSERT(error
== 0 || error
== ENOENT
);
891 } else { /* indirect write */
892 ASSERT3P(zio
, !=, NULL
);
894 * Have to lock the whole block to ensure when it's
895 * written out and its checksum is being calculated
896 * that no one can change the data. We need to re-check
897 * blocksize after we get the lock in case it's changed!
902 blkoff
= ISP2(size
) ? P2PHASE(offset
, size
) : offset
;
904 zgd
->zgd_lr
= zfs_rangelock_enter(&zp
->z_rangelock
,
905 offset
, size
, RL_READER
);
906 if (zp
->z_blksz
== size
)
909 zfs_rangelock_exit(zgd
->zgd_lr
);
911 /* test for truncation needs to be done while range locked */
912 if (lr
->lr_offset
>= zp
->z_size
)
913 error
= SET_ERROR(ENOENT
);
916 error
= SET_ERROR(EIO
);
921 error
= dmu_buf_hold_noread(os
, object
, offset
, zgd
,
925 blkptr_t
*bp
= &lr
->lr_blkptr
;
930 ASSERT(db
->db_offset
== offset
);
931 ASSERT(db
->db_size
== size
);
933 error
= dmu_sync(zio
, lr
->lr_common
.lrc_txg
,
935 ASSERT(error
|| lr
->lr_length
<= size
);
938 * On success, we need to wait for the write I/O
939 * initiated by dmu_sync() to complete before we can
940 * release this dbuf. We will finish everything up
941 * in the zfs_get_done() callback.
946 if (error
== EALREADY
) {
947 lr
->lr_common
.lrc_txtype
= TX_WRITE2
;
949 * TX_WRITE2 relies on the data previously
950 * written by the TX_WRITE that caused
951 * EALREADY. We zero out the BP because
952 * it is the old, currently-on-disk BP.
961 zfs_get_done(zgd
, error
);
968 zfs_get_done(zgd_t
*zgd
, int error
)
971 znode_t
*zp
= zgd
->zgd_private
;
974 dmu_buf_rele(zgd
->zgd_db
, zgd
);
976 zfs_rangelock_exit(zgd
->zgd_lr
);
979 * Release the vnode asynchronously as we currently have the
980 * txg stopped from syncing.
984 kmem_free(zgd
, sizeof (zgd_t
));
988 zfs_enter_two(zfsvfs_t
*zfsvfs1
, zfsvfs_t
*zfsvfs2
, const char *tag
)
992 /* Swap. Not sure if the order of zfs_enter()s is important. */
993 if (zfsvfs1
> zfsvfs2
) {
1001 error
= zfs_enter(zfsvfs1
, tag
);
1004 if (zfsvfs1
!= zfsvfs2
) {
1005 error
= zfs_enter(zfsvfs2
, tag
);
1007 zfs_exit(zfsvfs1
, tag
);
1016 zfs_exit_two(zfsvfs_t
*zfsvfs1
, zfsvfs_t
*zfsvfs2
, const char *tag
)
1019 zfs_exit(zfsvfs1
, tag
);
1020 if (zfsvfs1
!= zfsvfs2
)
1021 zfs_exit(zfsvfs2
, tag
);
1025 * We split each clone request in chunks that can fit into a single ZIL
1026 * log entry. Each ZIL log entry can fit 130816 bytes for a block cloning
1027 * operation (see zil_max_log_data() and zfs_log_clone_range()). This gives
1028 * us room for storing 1022 block pointers.
1030 * On success, the function return the number of bytes copied in *lenp.
1031 * Note, it doesn't return how much bytes are left to be copied.
1032 * On errors which are caused by any file system limitations or
1033 * brt limitations `EINVAL` is returned. In the most cases a user
1034 * requested bad parameters, it could be possible to clone the file but
1035 * some parameters don't match the requirements.
1038 zfs_clone_range(znode_t
*inzp
, uint64_t *inoffp
, znode_t
*outzp
,
1039 uint64_t *outoffp
, uint64_t *lenp
, cred_t
*cr
)
1041 zfsvfs_t
*inzfsvfs
, *outzfsvfs
;
1042 objset_t
*inos
, *outos
;
1043 zfs_locked_range_t
*inlr
, *outlr
;
1047 uint64_t inoff
, outoff
, len
, done
;
1048 uint64_t outsize
, size
;
1051 sa_bulk_attr_t bulk
[3];
1052 uint64_t mtime
[2], ctime
[2];
1053 uint64_t uid
, gid
, projid
;
1055 size_t maxblocks
, nbps
;
1057 uint64_t clear_setid_bits_txg
= 0;
1064 inzfsvfs
= ZTOZSB(inzp
);
1065 outzfsvfs
= ZTOZSB(outzp
);
1068 * We need to call zfs_enter() potentially on two different datasets,
1069 * so we need a dedicated function for that.
1071 error
= zfs_enter_two(inzfsvfs
, outzfsvfs
, FTAG
);
1075 inos
= inzfsvfs
->z_os
;
1076 outos
= outzfsvfs
->z_os
;
1079 * Both source and destination have to belong to the same storage pool.
1081 if (dmu_objset_spa(inos
) != dmu_objset_spa(outos
)) {
1082 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1083 return (SET_ERROR(EXDEV
));
1087 * outos and inos belongs to the same storage pool.
1088 * see a few lines above, only one check.
1090 if (!spa_feature_is_enabled(dmu_objset_spa(outos
),
1091 SPA_FEATURE_BLOCK_CLONING
)) {
1092 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1093 return (SET_ERROR(EOPNOTSUPP
));
1096 ASSERT(!outzfsvfs
->z_replay
);
1099 * Block cloning from an unencrypted dataset into an encrypted
1100 * dataset and vice versa is not supported.
1102 if (inos
->os_encrypted
!= outos
->os_encrypted
) {
1103 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1104 return (SET_ERROR(EXDEV
));
1108 * Cloning across encrypted datasets is possible only if they
1109 * share the same master key.
1111 if (inos
!= outos
&& inos
->os_encrypted
&&
1112 !dmu_objset_crypto_key_equal(inos
, outos
)) {
1113 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1114 return (SET_ERROR(EXDEV
));
1117 error
= zfs_verify_zp(inzp
);
1119 error
= zfs_verify_zp(outzp
);
1121 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1126 * We don't copy source file's flags that's why we don't allow to clone
1127 * files that are in quarantine.
1129 if (inzp
->z_pflags
& ZFS_AV_QUARANTINED
) {
1130 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1131 return (SET_ERROR(EACCES
));
1134 if (inoff
>= inzp
->z_size
) {
1136 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1139 if (len
> inzp
->z_size
- inoff
) {
1140 len
= inzp
->z_size
- inoff
;
1144 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1149 * Callers might not be able to detect properly that we are read-only,
1150 * so check it explicitly here.
1152 if (zfs_is_readonly(outzfsvfs
)) {
1153 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1154 return (SET_ERROR(EROFS
));
1158 * If immutable or not appending then return EPERM.
1159 * Intentionally allow ZFS_READONLY through here.
1160 * See zfs_zaccess_common()
1162 if ((outzp
->z_pflags
& ZFS_IMMUTABLE
) != 0) {
1163 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1164 return (SET_ERROR(EPERM
));
1168 * No overlapping if we are cloning within the same file.
1170 if (inzp
== outzp
) {
1171 if (inoff
< outoff
+ len
&& outoff
< inoff
+ len
) {
1172 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1173 return (SET_ERROR(EINVAL
));
1178 * Maintain predictable lock order.
1180 if (inzp
< outzp
|| (inzp
== outzp
&& inoff
< outoff
)) {
1181 inlr
= zfs_rangelock_enter(&inzp
->z_rangelock
, inoff
, len
,
1183 outlr
= zfs_rangelock_enter(&outzp
->z_rangelock
, outoff
, len
,
1186 outlr
= zfs_rangelock_enter(&outzp
->z_rangelock
, outoff
, len
,
1188 inlr
= zfs_rangelock_enter(&inzp
->z_rangelock
, inoff
, len
,
1192 inblksz
= inzp
->z_blksz
;
1195 * We cannot clone into a file with different block size if we can't
1196 * grow it (block size is already bigger, has more than one block, or
1197 * not locked for growth). There are other possible reasons for the
1198 * grow to fail, but we cover what we can before opening transaction
1199 * and the rest detect after we try to do it.
1201 if (inblksz
< outzp
->z_blksz
) {
1202 error
= SET_ERROR(EINVAL
);
1205 if (inblksz
!= outzp
->z_blksz
&& (outzp
->z_size
> outzp
->z_blksz
||
1206 outlr
->lr_length
!= UINT64_MAX
)) {
1207 error
= SET_ERROR(EINVAL
);
1212 * Block size must be power-of-2 if destination offset != 0.
1213 * There can be no multiple blocks of non-power-of-2 size.
1215 if (outoff
!= 0 && !ISP2(inblksz
)) {
1216 error
= SET_ERROR(EINVAL
);
1221 * Offsets and len must be at block boundries.
1223 if ((inoff
% inblksz
) != 0 || (outoff
% inblksz
) != 0) {
1224 error
= SET_ERROR(EINVAL
);
1228 * Length must be multipe of blksz, except for the end of the file.
1230 if ((len
% inblksz
) != 0 &&
1231 (len
< inzp
->z_size
- inoff
|| len
< outzp
->z_size
- outoff
)) {
1232 error
= SET_ERROR(EINVAL
);
1237 * If we are copying only one block and it is smaller than recordsize
1238 * property, do not allow destination to grow beyond one block if it
1239 * is not there yet. Otherwise the destination will get stuck with
1240 * that block size forever, that can be as small as 512 bytes, no
1241 * matter how big the destination grow later.
1243 if (len
<= inblksz
&& inblksz
< outzfsvfs
->z_max_blksz
&&
1244 outzp
->z_size
<= inblksz
&& outoff
+ len
> inblksz
) {
1245 error
= SET_ERROR(EINVAL
);
1249 error
= zn_rlimit_fsize(outoff
+ len
);
1254 if (inoff
>= MAXOFFSET_T
|| outoff
>= MAXOFFSET_T
) {
1255 error
= SET_ERROR(EFBIG
);
1259 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_MTIME(outzfsvfs
), NULL
,
1261 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_CTIME(outzfsvfs
), NULL
,
1263 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_SIZE(outzfsvfs
), NULL
,
1266 zilog
= outzfsvfs
->z_log
;
1267 maxblocks
= zil_max_log_data(zilog
, sizeof (lr_clone_range_t
)) /
1270 uid
= KUID_TO_SUID(ZTOUID(outzp
));
1271 gid
= KGID_TO_SGID(ZTOGID(outzp
));
1272 projid
= outzp
->z_projid
;
1274 bps
= vmem_alloc(sizeof (bps
[0]) * maxblocks
, KM_SLEEP
);
1277 * Clone the file in reasonable size chunks. Each chunk is cloned
1278 * in a separate transaction; this keeps the intent log records small
1279 * and allows us to do more fine-grained space accounting.
1282 size
= MIN(inblksz
* maxblocks
, len
);
1284 if (zfs_id_overblockquota(outzfsvfs
, DMU_USERUSED_OBJECT
,
1286 zfs_id_overblockquota(outzfsvfs
, DMU_GROUPUSED_OBJECT
,
1288 (projid
!= ZFS_DEFAULT_PROJID
&&
1289 zfs_id_overblockquota(outzfsvfs
, DMU_PROJECTUSED_OBJECT
,
1291 error
= SET_ERROR(EDQUOT
);
1296 error
= dmu_read_l0_bps(inos
, inzp
->z_id
, inoff
, size
, bps
,
1300 * If we are trying to clone a block that was created
1301 * in the current transaction group, error will be
1302 * EAGAIN here, which we can just return to the caller
1303 * so it can fallback if it likes.
1309 * Start a transaction.
1311 tx
= dmu_tx_create(outos
);
1312 dmu_tx_hold_sa(tx
, outzp
->z_sa_hdl
, B_FALSE
);
1313 db
= (dmu_buf_impl_t
*)sa_get_db(outzp
->z_sa_hdl
);
1315 dmu_tx_hold_clone_by_dnode(tx
, DB_DNODE(db
), outoff
, size
);
1317 zfs_sa_upgrade_txholds(tx
, outzp
);
1318 error
= dmu_tx_assign(tx
, TXG_WAIT
);
1325 * Copy source znode's block size. This is done only if the
1326 * whole znode is locked (see zfs_rangelock_cb()) and only
1327 * on the first iteration since zfs_rangelock_reduce() will
1328 * shrink down lr_length to the appropriate size.
1330 if (outlr
->lr_length
== UINT64_MAX
) {
1331 zfs_grow_blocksize(outzp
, inblksz
, tx
);
1334 * Block growth may fail for many reasons we can not
1335 * predict here. If it happen the cloning is doomed.
1337 if (inblksz
!= outzp
->z_blksz
) {
1338 error
= SET_ERROR(EINVAL
);
1344 * Round range lock up to the block boundary, so we
1345 * prevent appends until we are done.
1347 zfs_rangelock_reduce(outlr
, outoff
,
1348 ((len
- 1) / inblksz
+ 1) * inblksz
);
1351 error
= dmu_brt_clone(outos
, outzp
->z_id
, outoff
, size
, tx
,
1358 if (zn_has_cached_data(outzp
, outoff
, outoff
+ size
- 1)) {
1359 update_pages(outzp
, outoff
, size
, outos
);
1362 zfs_clear_setid_bits_if_necessary(outzfsvfs
, outzp
, cr
,
1363 &clear_setid_bits_txg
, tx
);
1365 zfs_tstamp_update_setup(outzp
, CONTENT_MODIFIED
, mtime
, ctime
);
1368 * Update the file size (zp_size) if it has changed;
1369 * account for possible concurrent updates.
1371 while ((outsize
= outzp
->z_size
) < outoff
+ size
) {
1372 (void) atomic_cas_64(&outzp
->z_size
, outsize
,
1376 error
= sa_bulk_update(outzp
->z_sa_hdl
, bulk
, count
, tx
);
1378 zfs_log_clone_range(zilog
, tx
, TX_CLONE_RANGE
, outzp
, outoff
,
1379 size
, inblksz
, bps
, nbps
);
1392 vmem_free(bps
, sizeof (bps
[0]) * maxblocks
);
1393 zfs_znode_update_vfs(outzp
);
1396 zfs_rangelock_exit(outlr
);
1397 zfs_rangelock_exit(inlr
);
1401 * If we have made at least partial progress, reset the error.
1405 ZFS_ACCESSTIME_STAMP(inzfsvfs
, inzp
);
1407 if (outos
->os_sync
== ZFS_SYNC_ALWAYS
) {
1408 zil_commit(zilog
, outzp
->z_id
);
1416 * If we made no progress, there must be a good reason.
1417 * EOF is handled explicitly above, before the loop.
1419 ASSERT3S(error
, !=, 0);
1422 zfs_exit_two(inzfsvfs
, outzfsvfs
, FTAG
);
1428 * Usual pattern would be to call zfs_clone_range() from zfs_replay_clone(),
1429 * but we cannot do that, because when replaying we don't have source znode
1430 * available. This is why we need a dedicated replay function.
1433 zfs_clone_range_replay(znode_t
*zp
, uint64_t off
, uint64_t len
, uint64_t blksz
,
1434 const blkptr_t
*bps
, size_t nbps
)
1441 sa_bulk_attr_t bulk
[3];
1442 uint64_t mtime
[2], ctime
[2];
1444 ASSERT3U(off
, <, MAXOFFSET_T
);
1445 ASSERT3U(len
, >, 0);
1446 ASSERT3U(nbps
, >, 0);
1448 zfsvfs
= ZTOZSB(zp
);
1450 ASSERT(spa_feature_is_enabled(dmu_objset_spa(zfsvfs
->z_os
),
1451 SPA_FEATURE_BLOCK_CLONING
));
1453 if ((error
= zfs_enter_verify_zp(zfsvfs
, zp
, FTAG
)) != 0)
1456 ASSERT(zfsvfs
->z_replay
);
1457 ASSERT(!zfs_is_readonly(zfsvfs
));
1459 if ((off
% blksz
) != 0) {
1460 zfs_exit(zfsvfs
, FTAG
);
1461 return (SET_ERROR(EINVAL
));
1464 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_MTIME(zfsvfs
), NULL
, &mtime
, 16);
1465 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_CTIME(zfsvfs
), NULL
, &ctime
, 16);
1466 SA_ADD_BULK_ATTR(bulk
, count
, SA_ZPL_SIZE(zfsvfs
), NULL
,
1470 * Start a transaction.
1472 tx
= dmu_tx_create(zfsvfs
->z_os
);
1474 dmu_tx_hold_sa(tx
, zp
->z_sa_hdl
, B_FALSE
);
1475 db
= (dmu_buf_impl_t
*)sa_get_db(zp
->z_sa_hdl
);
1477 dmu_tx_hold_clone_by_dnode(tx
, DB_DNODE(db
), off
, len
);
1479 zfs_sa_upgrade_txholds(tx
, zp
);
1480 error
= dmu_tx_assign(tx
, TXG_WAIT
);
1483 zfs_exit(zfsvfs
, FTAG
);
1487 if (zp
->z_blksz
< blksz
)
1488 zfs_grow_blocksize(zp
, blksz
, tx
);
1490 dmu_brt_clone(zfsvfs
->z_os
, zp
->z_id
, off
, len
, tx
, bps
, nbps
);
1492 zfs_tstamp_update_setup(zp
, CONTENT_MODIFIED
, mtime
, ctime
);
1494 if (zp
->z_size
< off
+ len
)
1495 zp
->z_size
= off
+ len
;
1497 error
= sa_bulk_update(zp
->z_sa_hdl
, bulk
, count
, tx
);
1500 * zil_replaying() not only check if we are replaying ZIL, but also
1501 * updates the ZIL header to record replay progress.
1503 VERIFY(zil_replaying(zfsvfs
->z_log
, tx
));
1507 zfs_znode_update_vfs(zp
);
1509 zfs_exit(zfsvfs
, FTAG
);
1514 EXPORT_SYMBOL(zfs_access
);
1515 EXPORT_SYMBOL(zfs_fsync
);
1516 EXPORT_SYMBOL(zfs_holey
);
1517 EXPORT_SYMBOL(zfs_read
);
1518 EXPORT_SYMBOL(zfs_write
);
1519 EXPORT_SYMBOL(zfs_getsecattr
);
1520 EXPORT_SYMBOL(zfs_setsecattr
);
1521 EXPORT_SYMBOL(zfs_clone_range
);
1522 EXPORT_SYMBOL(zfs_clone_range_replay
);
1524 ZFS_MODULE_PARAM(zfs_vnops
, zfs_vnops_
, read_chunk_size
, U64
, ZMOD_RW
,
1525 "Bytes to read per chunk");