]>
Commit | Line | Data |
---|---|---|
e53d678d MM |
1 | /* |
2 | * CDDL HEADER START | |
3 | * | |
4 | * The contents of this file are subject to the terms of the | |
5 | * Common Development and Distribution License (the "License"). | |
6 | * You may not use this file except in compliance with the License. | |
7 | * | |
8 | * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE | |
1d3ba0bf | 9 | * or https://opensource.org/licenses/CDDL-1.0. |
e53d678d MM |
10 | * See the License for the specific language governing permissions |
11 | * and limitations under the License. | |
12 | * | |
13 | * When distributing Covered Code, include this CDDL HEADER in each | |
14 | * file and include the License file at usr/src/OPENSOLARIS.LICENSE. | |
15 | * If applicable, add the following below this CDDL HEADER, with the | |
16 | * fields enclosed by brackets "[]" replaced with your own identifying | |
17 | * information: Portions Copyright [yyyy] [name of copyright owner] | |
18 | * | |
19 | * CDDL HEADER END | |
20 | */ | |
21 | ||
22 | /* | |
23 | * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. | |
24 | * Copyright (c) 2012, 2018 by Delphix. All rights reserved. | |
25 | * Copyright (c) 2015 by Chunwei Chen. All rights reserved. | |
26 | * Copyright 2017 Nexenta Systems, Inc. | |
67a1b037 | 27 | * Copyright (c) 2021, 2022 by Pawel Jakub Dawidek |
e53d678d MM |
28 | */ |
29 | ||
30 | /* Portions Copyright 2007 Jeremy Teo */ | |
31 | /* Portions Copyright 2010 Robert Milkowski */ | |
32 | ||
33 | #include <sys/types.h> | |
34 | #include <sys/param.h> | |
35 | #include <sys/time.h> | |
36 | #include <sys/sysmacros.h> | |
37 | #include <sys/vfs.h> | |
c0801bf3 | 38 | #include <sys/uio_impl.h> |
e53d678d MM |
39 | #include <sys/file.h> |
40 | #include <sys/stat.h> | |
41 | #include <sys/kmem.h> | |
42 | #include <sys/cmn_err.h> | |
43 | #include <sys/errno.h> | |
44 | #include <sys/zfs_dir.h> | |
45 | #include <sys/zfs_acl.h> | |
46 | #include <sys/zfs_ioctl.h> | |
47 | #include <sys/fs/zfs.h> | |
48 | #include <sys/dmu.h> | |
49 | #include <sys/dmu_objset.h> | |
c7b61192 | 50 | #include <sys/dsl_crypt.h> |
e53d678d MM |
51 | #include <sys/spa.h> |
52 | #include <sys/txg.h> | |
53 | #include <sys/dbuf.h> | |
54 | #include <sys/policy.h> | |
67a1b037 | 55 | #include <sys/zfeature.h> |
e53d678d MM |
56 | #include <sys/zfs_vnops.h> |
57 | #include <sys/zfs_quota.h> | |
ab8c935e CS |
58 | #include <sys/zfs_vfsops.h> |
59 | #include <sys/zfs_znode.h> | |
e53d678d MM |
60 | |
61 | ||
e53d678d MM |
62 | int |
63 | zfs_fsync(znode_t *zp, int syncflag, cred_t *cr) | |
64 | { | |
768eaced | 65 | int error = 0; |
e53d678d MM |
66 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
67 | ||
e53d678d | 68 | if (zfsvfs->z_os->os_sync != ZFS_SYNC_DISABLED) { |
768eaced | 69 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
c3773de1 | 70 | return (error); |
411f4a01 | 71 | atomic_inc_32(&zp->z_sync_writes_cnt); |
e53d678d | 72 | zil_commit(zfsvfs->z_log, zp->z_id); |
411f4a01 | 73 | atomic_dec_32(&zp->z_sync_writes_cnt); |
768eaced | 74 | zfs_exit(zfsvfs, FTAG); |
e53d678d | 75 | } |
768eaced | 76 | return (error); |
e53d678d MM |
77 | } |
78 | ||
8583540c MM |
79 | |
80 | #if defined(SEEK_HOLE) && defined(SEEK_DATA) | |
81 | /* | |
82 | * Lseek support for finding holes (cmd == SEEK_HOLE) and | |
83 | * data (cmd == SEEK_DATA). "off" is an in/out parameter. | |
84 | */ | |
85 | static int | |
86 | zfs_holey_common(znode_t *zp, ulong_t cmd, loff_t *off) | |
87 | { | |
de198f2d | 88 | zfs_locked_range_t *lr; |
8583540c MM |
89 | uint64_t noff = (uint64_t)*off; /* new offset */ |
90 | uint64_t file_sz; | |
91 | int error; | |
92 | boolean_t hole; | |
93 | ||
94 | file_sz = zp->z_size; | |
95 | if (noff >= file_sz) { | |
96 | return (SET_ERROR(ENXIO)); | |
97 | } | |
98 | ||
99 | if (cmd == F_SEEK_HOLE) | |
100 | hole = B_TRUE; | |
101 | else | |
102 | hole = B_FALSE; | |
103 | ||
de198f2d | 104 | /* Flush any mmap()'d data to disk */ |
3fc92adc | 105 | if (zn_has_cached_data(zp, 0, file_sz - 1)) |
de198f2d BB |
106 | zn_flush_cached_data(zp, B_FALSE); |
107 | ||
64bfa6ba | 108 | lr = zfs_rangelock_enter(&zp->z_rangelock, 0, UINT64_MAX, RL_READER); |
8583540c | 109 | error = dmu_offset_next(ZTOZSB(zp)->z_os, zp->z_id, hole, &noff); |
de198f2d | 110 | zfs_rangelock_exit(lr); |
8583540c MM |
111 | |
112 | if (error == ESRCH) | |
113 | return (SET_ERROR(ENXIO)); | |
114 | ||
de198f2d | 115 | /* File was dirty, so fall back to using generic logic */ |
8583540c MM |
116 | if (error == EBUSY) { |
117 | if (hole) | |
118 | *off = file_sz; | |
119 | ||
120 | return (0); | |
121 | } | |
122 | ||
123 | /* | |
124 | * We could find a hole that begins after the logical end-of-file, | |
125 | * because dmu_offset_next() only works on whole blocks. If the | |
126 | * EOF falls mid-block, then indicate that the "virtual hole" | |
127 | * at the end of the file begins at the logical EOF, rather than | |
128 | * at the end of the last block. | |
129 | */ | |
130 | if (noff > file_sz) { | |
131 | ASSERT(hole); | |
132 | noff = file_sz; | |
133 | } | |
134 | ||
135 | if (noff < *off) | |
136 | return (error); | |
137 | *off = noff; | |
138 | return (error); | |
139 | } | |
140 | ||
141 | int | |
142 | zfs_holey(znode_t *zp, ulong_t cmd, loff_t *off) | |
143 | { | |
144 | zfsvfs_t *zfsvfs = ZTOZSB(zp); | |
145 | int error; | |
146 | ||
768eaced CC |
147 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
148 | return (error); | |
8583540c MM |
149 | |
150 | error = zfs_holey_common(zp, cmd, off); | |
151 | ||
768eaced | 152 | zfs_exit(zfsvfs, FTAG); |
8583540c MM |
153 | return (error); |
154 | } | |
155 | #endif /* SEEK_HOLE && SEEK_DATA */ | |
156 | ||
8583540c MM |
157 | int |
158 | zfs_access(znode_t *zp, int mode, int flag, cred_t *cr) | |
159 | { | |
160 | zfsvfs_t *zfsvfs = ZTOZSB(zp); | |
161 | int error; | |
162 | ||
768eaced CC |
163 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
164 | return (error); | |
8583540c MM |
165 | |
166 | if (flag & V_ACE_MASK) | |
f224eddf YY |
167 | #if defined(__linux__) |
168 | error = zfs_zaccess(zp, mode, flag, B_FALSE, cr, | |
d4dc53da | 169 | zfs_init_idmap); |
f224eddf YY |
170 | #else |
171 | error = zfs_zaccess(zp, mode, flag, B_FALSE, cr, | |
172 | NULL); | |
173 | #endif | |
8583540c | 174 | else |
f224eddf | 175 | #if defined(__linux__) |
d4dc53da | 176 | error = zfs_zaccess_rwx(zp, mode, flag, cr, zfs_init_idmap); |
f224eddf | 177 | #else |
2a068a13 | 178 | error = zfs_zaccess_rwx(zp, mode, flag, cr, NULL); |
f224eddf | 179 | #endif |
8583540c | 180 | |
768eaced | 181 | zfs_exit(zfsvfs, FTAG); |
8583540c MM |
182 | return (error); |
183 | } | |
184 | ||
ab8d9c17 | 185 | static uint64_t zfs_vnops_read_chunk_size = 1024 * 1024; /* Tunable */ |
e53d678d MM |
186 | |
187 | /* | |
188 | * Read bytes from specified file into supplied buffer. | |
189 | * | |
190 | * IN: zp - inode of file to be read from. | |
191 | * uio - structure supplying read location, range info, | |
192 | * and return buffer. | |
193 | * ioflag - O_SYNC flags; used to provide FRSYNC semantics. | |
194 | * O_DIRECT flag; used to bypass page cache. | |
195 | * cr - credentials of caller. | |
196 | * | |
197 | * OUT: uio - updated offset and range, buffer filled. | |
198 | * | |
199 | * RETURN: 0 on success, error code on failure. | |
200 | * | |
201 | * Side Effects: | |
202 | * inode - atime updated if byte count > 0 | |
203 | */ | |
e53d678d | 204 | int |
d0cd9a5c | 205 | zfs_read(struct znode *zp, zfs_uio_t *uio, int ioflag, cred_t *cr) |
e53d678d | 206 | { |
ef70eff1 | 207 | (void) cr; |
e53d678d MM |
208 | int error = 0; |
209 | boolean_t frsync = B_FALSE; | |
210 | ||
211 | zfsvfs_t *zfsvfs = ZTOZSB(zp); | |
768eaced CC |
212 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
213 | return (error); | |
e53d678d MM |
214 | |
215 | if (zp->z_pflags & ZFS_AV_QUARANTINED) { | |
768eaced | 216 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
217 | return (SET_ERROR(EACCES)); |
218 | } | |
219 | ||
220 | /* We don't copy out anything useful for directories. */ | |
221 | if (Z_ISDIR(ZTOTYPE(zp))) { | |
768eaced | 222 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
223 | return (SET_ERROR(EISDIR)); |
224 | } | |
225 | ||
226 | /* | |
227 | * Validate file offset | |
228 | */ | |
d0cd9a5c | 229 | if (zfs_uio_offset(uio) < (offset_t)0) { |
768eaced | 230 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
231 | return (SET_ERROR(EINVAL)); |
232 | } | |
233 | ||
234 | /* | |
235 | * Fasttrack empty reads | |
236 | */ | |
d0cd9a5c | 237 | if (zfs_uio_resid(uio) == 0) { |
768eaced | 238 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
239 | return (0); |
240 | } | |
241 | ||
242 | #ifdef FRSYNC | |
243 | /* | |
244 | * If we're in FRSYNC mode, sync out this znode before reading it. | |
245 | * Only do this for non-snapshots. | |
246 | * | |
247 | * Some platforms do not support FRSYNC and instead map it | |
248 | * to O_SYNC, which results in unnecessary calls to zil_commit. We | |
249 | * only honor FRSYNC requests on platforms which support it. | |
250 | */ | |
251 | frsync = !!(ioflag & FRSYNC); | |
252 | #endif | |
253 | if (zfsvfs->z_log && | |
254 | (frsync || zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)) | |
255 | zil_commit(zfsvfs->z_log, zp->z_id); | |
256 | ||
257 | /* | |
258 | * Lock the range against changes. | |
259 | */ | |
260 | zfs_locked_range_t *lr = zfs_rangelock_enter(&zp->z_rangelock, | |
d0cd9a5c | 261 | zfs_uio_offset(uio), zfs_uio_resid(uio), RL_READER); |
e53d678d MM |
262 | |
263 | /* | |
264 | * If we are reading past end-of-file we can skip | |
265 | * to the end; but we might still need to set atime. | |
266 | */ | |
d0cd9a5c | 267 | if (zfs_uio_offset(uio) >= zp->z_size) { |
e53d678d MM |
268 | error = 0; |
269 | goto out; | |
270 | } | |
271 | ||
d0cd9a5c | 272 | ASSERT(zfs_uio_offset(uio) < zp->z_size); |
05679465 | 273 | #if defined(__linux__) |
59eab109 | 274 | ssize_t start_offset = zfs_uio_offset(uio); |
05679465 | 275 | #endif |
d0cd9a5c | 276 | ssize_t n = MIN(zfs_uio_resid(uio), zp->z_size - zfs_uio_offset(uio)); |
e53d678d MM |
277 | ssize_t start_resid = n; |
278 | ||
279 | while (n > 0) { | |
280 | ssize_t nbytes = MIN(n, zfs_vnops_read_chunk_size - | |
d0cd9a5c | 281 | P2PHASE(zfs_uio_offset(uio), zfs_vnops_read_chunk_size)); |
e53d678d | 282 | #ifdef UIO_NOCOPY |
d0cd9a5c | 283 | if (zfs_uio_segflg(uio) == UIO_NOCOPY) |
e53d678d MM |
284 | error = mappedread_sf(zp, nbytes, uio); |
285 | else | |
286 | #endif | |
3fc92adc BB |
287 | if (zn_has_cached_data(zp, zfs_uio_offset(uio), |
288 | zfs_uio_offset(uio) + nbytes - 1) && !(ioflag & O_DIRECT)) { | |
e53d678d MM |
289 | error = mappedread(zp, nbytes, uio); |
290 | } else { | |
291 | error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl), | |
292 | uio, nbytes); | |
293 | } | |
294 | ||
295 | if (error) { | |
296 | /* convert checksum errors into IO errors */ | |
297 | if (error == ECKSUM) | |
298 | error = SET_ERROR(EIO); | |
05679465 RE |
299 | |
300 | #if defined(__linux__) | |
59eab109 RE |
301 | /* |
302 | * if we actually read some bytes, bubbling EFAULT | |
05679465 RE |
303 | * up to become EAGAIN isn't what we want here... |
304 | * | |
305 | * ...on Linux, at least. On FBSD, doing this breaks. | |
59eab109 RE |
306 | */ |
307 | if (error == EFAULT && | |
308 | (zfs_uio_offset(uio) - start_offset) != 0) | |
309 | error = 0; | |
05679465 | 310 | #endif |
e53d678d MM |
311 | break; |
312 | } | |
313 | ||
314 | n -= nbytes; | |
315 | } | |
316 | ||
317 | int64_t nread = start_resid - n; | |
318 | dataset_kstats_update_read_kstats(&zfsvfs->z_kstat, nread); | |
319 | task_io_account_read(nread); | |
320 | out: | |
321 | zfs_rangelock_exit(lr); | |
322 | ||
323 | ZFS_ACCESSTIME_STAMP(zfsvfs, zp); | |
768eaced | 324 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
325 | return (error); |
326 | } | |
327 | ||
3d244b48 PJD |
328 | static void |
329 | zfs_clear_setid_bits_if_necessary(zfsvfs_t *zfsvfs, znode_t *zp, cred_t *cr, | |
330 | uint64_t *clear_setid_bits_txgp, dmu_tx_t *tx) | |
331 | { | |
332 | zilog_t *zilog = zfsvfs->z_log; | |
333 | const uint64_t uid = KUID_TO_SUID(ZTOUID(zp)); | |
334 | ||
335 | ASSERT(clear_setid_bits_txgp != NULL); | |
336 | ASSERT(tx != NULL); | |
337 | ||
338 | /* | |
339 | * Clear Set-UID/Set-GID bits on successful write if not | |
340 | * privileged and at least one of the execute bits is set. | |
341 | * | |
342 | * It would be nice to do this after all writes have | |
343 | * been done, but that would still expose the ISUID/ISGID | |
344 | * to another app after the partial write is committed. | |
345 | * | |
346 | * Note: we don't call zfs_fuid_map_id() here because | |
347 | * user 0 is not an ephemeral uid. | |
348 | */ | |
349 | mutex_enter(&zp->z_acl_lock); | |
350 | if ((zp->z_mode & (S_IXUSR | (S_IXUSR >> 3) | (S_IXUSR >> 6))) != 0 && | |
351 | (zp->z_mode & (S_ISUID | S_ISGID)) != 0 && | |
352 | secpolicy_vnode_setid_retain(zp, cr, | |
353 | ((zp->z_mode & S_ISUID) != 0 && uid == 0)) != 0) { | |
354 | uint64_t newmode; | |
355 | ||
356 | zp->z_mode &= ~(S_ISUID | S_ISGID); | |
357 | newmode = zp->z_mode; | |
358 | (void) sa_update(zp->z_sa_hdl, SA_ZPL_MODE(zfsvfs), | |
359 | (void *)&newmode, sizeof (uint64_t), tx); | |
360 | ||
361 | mutex_exit(&zp->z_acl_lock); | |
362 | ||
363 | /* | |
364 | * Make sure SUID/SGID bits will be removed when we replay the | |
365 | * log. If the setid bits are keep coming back, don't log more | |
366 | * than one TX_SETATTR per transaction group. | |
367 | */ | |
368 | if (*clear_setid_bits_txgp != dmu_tx_get_txg(tx)) { | |
861166b0 | 369 | vattr_t va = {0}; |
3d244b48 | 370 | |
4d972ab5 | 371 | va.va_mask = ATTR_MODE; |
3d244b48 PJD |
372 | va.va_nodeid = zp->z_id; |
373 | va.va_mode = newmode; | |
4d972ab5 JL |
374 | zfs_log_setattr(zilog, tx, TX_SETATTR, zp, &va, |
375 | ATTR_MODE, NULL); | |
3d244b48 PJD |
376 | *clear_setid_bits_txgp = dmu_tx_get_txg(tx); |
377 | } | |
378 | } else { | |
379 | mutex_exit(&zp->z_acl_lock); | |
380 | } | |
381 | } | |
382 | ||
e53d678d MM |
383 | /* |
384 | * Write the bytes to a file. | |
385 | * | |
386 | * IN: zp - znode of file to be written to. | |
387 | * uio - structure supplying write location, range info, | |
388 | * and data buffer. | |
389 | * ioflag - O_APPEND flag set if in append mode. | |
390 | * O_DIRECT flag; used to bypass page cache. | |
391 | * cr - credentials of caller. | |
392 | * | |
393 | * OUT: uio - updated offset and range. | |
394 | * | |
395 | * RETURN: 0 if success | |
396 | * error code if failure | |
397 | * | |
398 | * Timestamps: | |
399 | * ip - ctime|mtime updated if byte count > 0 | |
400 | */ | |
e53d678d | 401 | int |
d0cd9a5c | 402 | zfs_write(znode_t *zp, zfs_uio_t *uio, int ioflag, cred_t *cr) |
e53d678d | 403 | { |
063daa83 | 404 | int error = 0, error1; |
d0cd9a5c | 405 | ssize_t start_resid = zfs_uio_resid(uio); |
3d244b48 | 406 | uint64_t clear_setid_bits_txg = 0; |
e53d678d MM |
407 | |
408 | /* | |
409 | * Fasttrack empty write | |
410 | */ | |
411 | ssize_t n = start_resid; | |
412 | if (n == 0) | |
413 | return (0); | |
414 | ||
e53d678d | 415 | zfsvfs_t *zfsvfs = ZTOZSB(zp); |
768eaced CC |
416 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
417 | return (error); | |
e53d678d MM |
418 | |
419 | sa_bulk_attr_t bulk[4]; | |
420 | int count = 0; | |
421 | uint64_t mtime[2], ctime[2]; | |
422 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16); | |
423 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16); | |
424 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), NULL, | |
425 | &zp->z_size, 8); | |
426 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL, | |
427 | &zp->z_pflags, 8); | |
428 | ||
429 | /* | |
430 | * Callers might not be able to detect properly that we are read-only, | |
431 | * so check it explicitly here. | |
432 | */ | |
433 | if (zfs_is_readonly(zfsvfs)) { | |
768eaced | 434 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
435 | return (SET_ERROR(EROFS)); |
436 | } | |
437 | ||
438 | /* | |
4b2e2082 RM |
439 | * If immutable or not appending then return EPERM. |
440 | * Intentionally allow ZFS_READONLY through here. | |
441 | * See zfs_zaccess_common() | |
e53d678d | 442 | */ |
4b2e2082 | 443 | if ((zp->z_pflags & ZFS_IMMUTABLE) || |
e53d678d | 444 | ((zp->z_pflags & ZFS_APPENDONLY) && !(ioflag & O_APPEND) && |
d0cd9a5c | 445 | (zfs_uio_offset(uio) < zp->z_size))) { |
768eaced | 446 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
447 | return (SET_ERROR(EPERM)); |
448 | } | |
449 | ||
450 | /* | |
451 | * Validate file offset | |
452 | */ | |
d0cd9a5c | 453 | offset_t woff = ioflag & O_APPEND ? zp->z_size : zfs_uio_offset(uio); |
e53d678d | 454 | if (woff < 0) { |
768eaced | 455 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
456 | return (SET_ERROR(EINVAL)); |
457 | } | |
458 | ||
e53d678d MM |
459 | /* |
460 | * Pre-fault the pages to ensure slow (eg NFS) pages | |
461 | * don't hold up txg. | |
e53d678d | 462 | */ |
b0cbc1aa AM |
463 | ssize_t pfbytes = MIN(n, DMU_MAX_ACCESS >> 1); |
464 | if (zfs_uio_prefaultpages(pfbytes, uio)) { | |
768eaced | 465 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
466 | return (SET_ERROR(EFAULT)); |
467 | } | |
468 | ||
469 | /* | |
470 | * If in append mode, set the io offset pointer to eof. | |
471 | */ | |
472 | zfs_locked_range_t *lr; | |
473 | if (ioflag & O_APPEND) { | |
474 | /* | |
475 | * Obtain an appending range lock to guarantee file append | |
476 | * semantics. We reset the write offset once we have the lock. | |
477 | */ | |
478 | lr = zfs_rangelock_enter(&zp->z_rangelock, 0, n, RL_APPEND); | |
479 | woff = lr->lr_offset; | |
480 | if (lr->lr_length == UINT64_MAX) { | |
481 | /* | |
482 | * We overlocked the file because this write will cause | |
483 | * the file block size to increase. | |
484 | * Note that zp_size cannot change with this lock held. | |
485 | */ | |
486 | woff = zp->z_size; | |
487 | } | |
d0cd9a5c | 488 | zfs_uio_setoffset(uio, woff); |
e53d678d MM |
489 | } else { |
490 | /* | |
491 | * Note that if the file block size will change as a result of | |
492 | * this write, then this range lock will lock the entire file | |
493 | * so that we can re-write the block safely. | |
494 | */ | |
495 | lr = zfs_rangelock_enter(&zp->z_rangelock, woff, n, RL_WRITER); | |
496 | } | |
497 | ||
67a1b037 | 498 | if (zn_rlimit_fsize_uio(zp, uio)) { |
e53d678d | 499 | zfs_rangelock_exit(lr); |
768eaced | 500 | zfs_exit(zfsvfs, FTAG); |
7e3617de | 501 | return (SET_ERROR(EFBIG)); |
e53d678d MM |
502 | } |
503 | ||
d1dd72a2 RM |
504 | const rlim64_t limit = MAXOFFSET_T; |
505 | ||
e53d678d MM |
506 | if (woff >= limit) { |
507 | zfs_rangelock_exit(lr); | |
768eaced | 508 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
509 | return (SET_ERROR(EFBIG)); |
510 | } | |
511 | ||
d1dd72a2 | 512 | if (n > limit - woff) |
e53d678d MM |
513 | n = limit - woff; |
514 | ||
515 | uint64_t end_size = MAX(zp->z_size, woff + n); | |
516 | zilog_t *zilog = zfsvfs->z_log; | |
c3773de1 AM |
517 | boolean_t commit = (ioflag & (O_SYNC | O_DSYNC)) || |
518 | (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS); | |
e53d678d | 519 | |
eec6646e RM |
520 | const uint64_t uid = KUID_TO_SUID(ZTOUID(zp)); |
521 | const uint64_t gid = KGID_TO_SGID(ZTOGID(zp)); | |
522 | const uint64_t projid = zp->z_projid; | |
523 | ||
e53d678d MM |
524 | /* |
525 | * Write the file in reasonable size chunks. Each chunk is written | |
526 | * in a separate transaction; this keeps the intent log records small | |
527 | * and allows us to do more fine-grained space accounting. | |
528 | */ | |
529 | while (n > 0) { | |
d0cd9a5c | 530 | woff = zfs_uio_offset(uio); |
e53d678d | 531 | |
eec6646e RM |
532 | if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT, uid) || |
533 | zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT, gid) || | |
534 | (projid != ZFS_DEFAULT_PROJID && | |
e53d678d | 535 | zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT, |
eec6646e | 536 | projid))) { |
e53d678d MM |
537 | error = SET_ERROR(EDQUOT); |
538 | break; | |
539 | } | |
540 | ||
b0cbc1aa AM |
541 | uint64_t blksz; |
542 | if (lr->lr_length == UINT64_MAX && zp->z_size <= zp->z_blksz) { | |
543 | if (zp->z_blksz > zfsvfs->z_max_blksz && | |
544 | !ISP2(zp->z_blksz)) { | |
545 | /* | |
546 | * File's blocksize is already larger than the | |
547 | * "recordsize" property. Only let it grow to | |
548 | * the next power of 2. | |
549 | */ | |
550 | blksz = 1 << highbit64(zp->z_blksz); | |
551 | } else { | |
552 | blksz = zfsvfs->z_max_blksz; | |
553 | } | |
554 | blksz = MIN(blksz, P2ROUNDUP(end_size, | |
555 | SPA_MINBLOCKSIZE)); | |
556 | blksz = MAX(blksz, zp->z_blksz); | |
557 | } else { | |
558 | blksz = zp->z_blksz; | |
559 | } | |
560 | ||
e53d678d | 561 | arc_buf_t *abuf = NULL; |
b0cbc1aa AM |
562 | ssize_t nbytes = n; |
563 | if (n >= blksz && woff >= zp->z_size && | |
564 | P2PHASE(woff, blksz) == 0 && | |
565 | (blksz >= SPA_OLD_MAXBLOCKSIZE || n < 4 * blksz)) { | |
e53d678d MM |
566 | /* |
567 | * This write covers a full block. "Borrow" a buffer | |
568 | * from the dmu so that we can fill it before we enter | |
569 | * a transaction. This avoids the possibility of | |
570 | * holding up the transaction if the data copy hangs | |
571 | * up on a pagefault (e.g., from an NFS server mapping). | |
572 | */ | |
e53d678d | 573 | abuf = dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl), |
b0cbc1aa | 574 | blksz); |
e53d678d | 575 | ASSERT(abuf != NULL); |
b0cbc1aa AM |
576 | ASSERT(arc_buf_size(abuf) == blksz); |
577 | if ((error = zfs_uiocopy(abuf->b_data, blksz, | |
578 | UIO_WRITE, uio, &nbytes))) { | |
e53d678d MM |
579 | dmu_return_arcbuf(abuf); |
580 | break; | |
581 | } | |
b0cbc1aa AM |
582 | ASSERT3S(nbytes, ==, blksz); |
583 | } else { | |
584 | nbytes = MIN(n, (DMU_MAX_ACCESS >> 1) - | |
585 | P2PHASE(woff, blksz)); | |
586 | if (pfbytes < nbytes) { | |
587 | if (zfs_uio_prefaultpages(nbytes, uio)) { | |
588 | error = SET_ERROR(EFAULT); | |
589 | break; | |
590 | } | |
591 | pfbytes = nbytes; | |
592 | } | |
e53d678d MM |
593 | } |
594 | ||
595 | /* | |
596 | * Start a transaction. | |
597 | */ | |
598 | dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os); | |
599 | dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE); | |
600 | dmu_buf_impl_t *db = (dmu_buf_impl_t *)sa_get_db(zp->z_sa_hdl); | |
601 | DB_DNODE_ENTER(db); | |
b0cbc1aa | 602 | dmu_tx_hold_write_by_dnode(tx, DB_DNODE(db), woff, nbytes); |
e53d678d MM |
603 | DB_DNODE_EXIT(db); |
604 | zfs_sa_upgrade_txholds(tx, zp); | |
605 | error = dmu_tx_assign(tx, TXG_WAIT); | |
606 | if (error) { | |
607 | dmu_tx_abort(tx); | |
608 | if (abuf != NULL) | |
609 | dmu_return_arcbuf(abuf); | |
610 | break; | |
611 | } | |
612 | ||
3d244b48 PJD |
613 | /* |
614 | * NB: We must call zfs_clear_setid_bits_if_necessary before | |
615 | * committing the transaction! | |
616 | */ | |
617 | ||
e53d678d MM |
618 | /* |
619 | * If rangelock_enter() over-locked we grow the blocksize | |
620 | * and then reduce the lock range. This will only happen | |
621 | * on the first iteration since rangelock_reduce() will | |
622 | * shrink down lr_length to the appropriate size. | |
623 | */ | |
624 | if (lr->lr_length == UINT64_MAX) { | |
b0cbc1aa | 625 | zfs_grow_blocksize(zp, blksz, tx); |
e53d678d MM |
626 | zfs_rangelock_reduce(lr, woff, n); |
627 | } | |
628 | ||
e53d678d MM |
629 | ssize_t tx_bytes; |
630 | if (abuf == NULL) { | |
d0cd9a5c BA |
631 | tx_bytes = zfs_uio_resid(uio); |
632 | zfs_uio_fault_disable(uio, B_TRUE); | |
e53d678d MM |
633 | error = dmu_write_uio_dbuf(sa_get_db(zp->z_sa_hdl), |
634 | uio, nbytes, tx); | |
d0cd9a5c | 635 | zfs_uio_fault_disable(uio, B_FALSE); |
e53d678d MM |
636 | #ifdef __linux__ |
637 | if (error == EFAULT) { | |
3d244b48 PJD |
638 | zfs_clear_setid_bits_if_necessary(zfsvfs, zp, |
639 | cr, &clear_setid_bits_txg, tx); | |
e53d678d MM |
640 | dmu_tx_commit(tx); |
641 | /* | |
642 | * Account for partial writes before | |
643 | * continuing the loop. | |
644 | * Update needs to occur before the next | |
d0cd9a5c | 645 | * zfs_uio_prefaultpages, or prefaultpages may |
e53d678d MM |
646 | * error, and we may break the loop early. |
647 | */ | |
b0cbc1aa AM |
648 | n -= tx_bytes - zfs_uio_resid(uio); |
649 | pfbytes -= tx_bytes - zfs_uio_resid(uio); | |
e53d678d MM |
650 | continue; |
651 | } | |
652 | #endif | |
063daa83 MJ |
653 | /* |
654 | * On FreeBSD, EFAULT should be propagated back to the | |
655 | * VFS, which will handle faulting and will retry. | |
656 | */ | |
657 | if (error != 0 && error != EFAULT) { | |
3d244b48 PJD |
658 | zfs_clear_setid_bits_if_necessary(zfsvfs, zp, |
659 | cr, &clear_setid_bits_txg, tx); | |
e53d678d MM |
660 | dmu_tx_commit(tx); |
661 | break; | |
662 | } | |
d0cd9a5c | 663 | tx_bytes -= zfs_uio_resid(uio); |
e53d678d | 664 | } else { |
e53d678d | 665 | /* |
85703f61 RM |
666 | * Thus, we're writing a full block at a block-aligned |
667 | * offset and extending the file past EOF. | |
668 | * | |
669 | * dmu_assign_arcbuf_by_dbuf() will directly assign the | |
670 | * arc buffer to a dbuf. | |
e53d678d | 671 | */ |
85703f61 RM |
672 | error = dmu_assign_arcbuf_by_dbuf( |
673 | sa_get_db(zp->z_sa_hdl), woff, abuf, tx); | |
674 | if (error != 0) { | |
3d244b48 PJD |
675 | /* |
676 | * XXX This might not be necessary if | |
677 | * dmu_assign_arcbuf_by_dbuf is guaranteed | |
678 | * to be atomic. | |
679 | */ | |
680 | zfs_clear_setid_bits_if_necessary(zfsvfs, zp, | |
681 | cr, &clear_setid_bits_txg, tx); | |
85703f61 RM |
682 | dmu_return_arcbuf(abuf); |
683 | dmu_tx_commit(tx); | |
684 | break; | |
e53d678d | 685 | } |
d0cd9a5c BA |
686 | ASSERT3S(nbytes, <=, zfs_uio_resid(uio)); |
687 | zfs_uioskip(uio, nbytes); | |
85703f61 | 688 | tx_bytes = nbytes; |
e53d678d | 689 | } |
3fc92adc BB |
690 | if (tx_bytes && |
691 | zn_has_cached_data(zp, woff, woff + tx_bytes - 1) && | |
e53d678d | 692 | !(ioflag & O_DIRECT)) { |
8a9634e2 | 693 | update_pages(zp, woff, tx_bytes, zfsvfs->z_os); |
e53d678d MM |
694 | } |
695 | ||
696 | /* | |
697 | * If we made no progress, we're done. If we made even | |
698 | * partial progress, update the znode and ZIL accordingly. | |
699 | */ | |
700 | if (tx_bytes == 0) { | |
701 | (void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs), | |
702 | (void *)&zp->z_size, sizeof (uint64_t), tx); | |
703 | dmu_tx_commit(tx); | |
704 | ASSERT(error != 0); | |
705 | break; | |
706 | } | |
707 | ||
3d244b48 PJD |
708 | zfs_clear_setid_bits_if_necessary(zfsvfs, zp, cr, |
709 | &clear_setid_bits_txg, tx); | |
e53d678d MM |
710 | |
711 | zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime); | |
712 | ||
713 | /* | |
714 | * Update the file size (zp_size) if it has changed; | |
715 | * account for possible concurrent updates. | |
716 | */ | |
d0cd9a5c | 717 | while ((end_size = zp->z_size) < zfs_uio_offset(uio)) { |
e53d678d | 718 | (void) atomic_cas_64(&zp->z_size, end_size, |
d0cd9a5c | 719 | zfs_uio_offset(uio)); |
063daa83 | 720 | ASSERT(error == 0 || error == EFAULT); |
e53d678d MM |
721 | } |
722 | /* | |
723 | * If we are replaying and eof is non zero then force | |
724 | * the file size to the specified eof. Note, there's no | |
725 | * concurrency during replay. | |
726 | */ | |
727 | if (zfsvfs->z_replay && zfsvfs->z_replay_eof != 0) | |
728 | zp->z_size = zfsvfs->z_replay_eof; | |
729 | ||
063daa83 MJ |
730 | error1 = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx); |
731 | if (error1 != 0) | |
732 | /* Avoid clobbering EFAULT. */ | |
733 | error = error1; | |
e53d678d | 734 | |
3d244b48 PJD |
735 | /* |
736 | * NB: During replay, the TX_SETATTR record logged by | |
737 | * zfs_clear_setid_bits_if_necessary must precede any of | |
738 | * the TX_WRITE records logged here. | |
739 | */ | |
c3773de1 | 740 | zfs_log_write(zilog, tx, TX_WRITE, zp, woff, tx_bytes, commit, |
e53d678d | 741 | NULL, NULL); |
3d244b48 | 742 | |
e53d678d MM |
743 | dmu_tx_commit(tx); |
744 | ||
745 | if (error != 0) | |
746 | break; | |
1c2358c1 | 747 | ASSERT3S(tx_bytes, ==, nbytes); |
e53d678d | 748 | n -= nbytes; |
b0cbc1aa | 749 | pfbytes -= nbytes; |
e53d678d MM |
750 | } |
751 | ||
fc273894 | 752 | zfs_znode_update_vfs(zp); |
e53d678d MM |
753 | zfs_rangelock_exit(lr); |
754 | ||
755 | /* | |
7e3617de RM |
756 | * If we're in replay mode, or we made no progress, or the |
757 | * uio data is inaccessible return an error. Otherwise, it's | |
758 | * at least a partial write, so it's successful. | |
e53d678d | 759 | */ |
d0cd9a5c | 760 | if (zfsvfs->z_replay || zfs_uio_resid(uio) == start_resid || |
7e3617de | 761 | error == EFAULT) { |
768eaced | 762 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
763 | return (error); |
764 | } | |
765 | ||
c3773de1 | 766 | if (commit) |
e53d678d MM |
767 | zil_commit(zilog, zp->z_id); |
768 | ||
d0cd9a5c | 769 | const int64_t nwritten = start_resid - zfs_uio_resid(uio); |
e53d678d MM |
770 | dataset_kstats_update_write_kstats(&zfsvfs->z_kstat, nwritten); |
771 | task_io_account_write(nwritten); | |
772 | ||
768eaced | 773 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
774 | return (0); |
775 | } | |
776 | ||
e53d678d MM |
777 | int |
778 | zfs_getsecattr(znode_t *zp, vsecattr_t *vsecp, int flag, cred_t *cr) | |
779 | { | |
780 | zfsvfs_t *zfsvfs = ZTOZSB(zp); | |
781 | int error; | |
782 | boolean_t skipaclchk = (flag & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE; | |
783 | ||
768eaced CC |
784 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
785 | return (error); | |
e53d678d | 786 | error = zfs_getacl(zp, vsecp, skipaclchk, cr); |
768eaced | 787 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
788 | |
789 | return (error); | |
790 | } | |
791 | ||
e53d678d MM |
792 | int |
793 | zfs_setsecattr(znode_t *zp, vsecattr_t *vsecp, int flag, cred_t *cr) | |
794 | { | |
795 | zfsvfs_t *zfsvfs = ZTOZSB(zp); | |
796 | int error; | |
797 | boolean_t skipaclchk = (flag & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE; | |
798 | zilog_t *zilog = zfsvfs->z_log; | |
799 | ||
768eaced CC |
800 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) |
801 | return (error); | |
e53d678d MM |
802 | |
803 | error = zfs_setacl(zp, vsecp, skipaclchk, cr); | |
804 | ||
805 | if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS) | |
806 | zil_commit(zilog, 0); | |
807 | ||
768eaced | 808 | zfs_exit(zfsvfs, FTAG); |
e53d678d MM |
809 | return (error); |
810 | } | |
811 | ||
ab8c935e CS |
812 | #ifdef ZFS_DEBUG |
813 | static int zil_fault_io = 0; | |
814 | #endif | |
815 | ||
816 | static void zfs_get_done(zgd_t *zgd, int error); | |
817 | ||
818 | /* | |
819 | * Get data to generate a TX_WRITE intent log record. | |
820 | */ | |
821 | int | |
296a4a36 CC |
822 | zfs_get_data(void *arg, uint64_t gen, lr_write_t *lr, char *buf, |
823 | struct lwb *lwb, zio_t *zio) | |
ab8c935e CS |
824 | { |
825 | zfsvfs_t *zfsvfs = arg; | |
826 | objset_t *os = zfsvfs->z_os; | |
827 | znode_t *zp; | |
828 | uint64_t object = lr->lr_foid; | |
829 | uint64_t offset = lr->lr_offset; | |
830 | uint64_t size = lr->lr_length; | |
831 | dmu_buf_t *db; | |
832 | zgd_t *zgd; | |
833 | int error = 0; | |
296a4a36 | 834 | uint64_t zp_gen; |
ab8c935e CS |
835 | |
836 | ASSERT3P(lwb, !=, NULL); | |
ab8c935e CS |
837 | ASSERT3U(size, !=, 0); |
838 | ||
839 | /* | |
840 | * Nothing to do if the file has been removed | |
841 | */ | |
842 | if (zfs_zget(zfsvfs, object, &zp) != 0) | |
843 | return (SET_ERROR(ENOENT)); | |
844 | if (zp->z_unlinked) { | |
845 | /* | |
846 | * Release the vnode asynchronously as we currently have the | |
847 | * txg stopped from syncing. | |
848 | */ | |
849 | zfs_zrele_async(zp); | |
850 | return (SET_ERROR(ENOENT)); | |
851 | } | |
296a4a36 CC |
852 | /* check if generation number matches */ |
853 | if (sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(zfsvfs), &zp_gen, | |
854 | sizeof (zp_gen)) != 0) { | |
855 | zfs_zrele_async(zp); | |
856 | return (SET_ERROR(EIO)); | |
857 | } | |
858 | if (zp_gen != gen) { | |
859 | zfs_zrele_async(zp); | |
860 | return (SET_ERROR(ENOENT)); | |
861 | } | |
ab8c935e | 862 | |
7384ec65 | 863 | zgd = kmem_zalloc(sizeof (zgd_t), KM_SLEEP); |
ab8c935e CS |
864 | zgd->zgd_lwb = lwb; |
865 | zgd->zgd_private = zp; | |
866 | ||
867 | /* | |
868 | * Write records come in two flavors: immediate and indirect. | |
869 | * For small writes it's cheaper to store the data with the | |
870 | * log record (immediate); for large writes it's cheaper to | |
871 | * sync the data and get a pointer to it (indirect) so that | |
872 | * we don't have to write the data twice. | |
873 | */ | |
874 | if (buf != NULL) { /* immediate write */ | |
875 | zgd->zgd_lr = zfs_rangelock_enter(&zp->z_rangelock, | |
876 | offset, size, RL_READER); | |
877 | /* test for truncation needs to be done while range locked */ | |
878 | if (offset >= zp->z_size) { | |
879 | error = SET_ERROR(ENOENT); | |
880 | } else { | |
881 | error = dmu_read(os, object, offset, size, buf, | |
882 | DMU_READ_NO_PREFETCH); | |
883 | } | |
884 | ASSERT(error == 0 || error == ENOENT); | |
885 | } else { /* indirect write */ | |
eda3fcd5 | 886 | ASSERT3P(zio, !=, NULL); |
ab8c935e CS |
887 | /* |
888 | * Have to lock the whole block to ensure when it's | |
889 | * written out and its checksum is being calculated | |
890 | * that no one can change the data. We need to re-check | |
891 | * blocksize after we get the lock in case it's changed! | |
892 | */ | |
893 | for (;;) { | |
894 | uint64_t blkoff; | |
895 | size = zp->z_blksz; | |
896 | blkoff = ISP2(size) ? P2PHASE(offset, size) : offset; | |
897 | offset -= blkoff; | |
898 | zgd->zgd_lr = zfs_rangelock_enter(&zp->z_rangelock, | |
899 | offset, size, RL_READER); | |
900 | if (zp->z_blksz == size) | |
901 | break; | |
902 | offset += blkoff; | |
903 | zfs_rangelock_exit(zgd->zgd_lr); | |
904 | } | |
905 | /* test for truncation needs to be done while range locked */ | |
906 | if (lr->lr_offset >= zp->z_size) | |
907 | error = SET_ERROR(ENOENT); | |
908 | #ifdef ZFS_DEBUG | |
909 | if (zil_fault_io) { | |
910 | error = SET_ERROR(EIO); | |
911 | zil_fault_io = 0; | |
912 | } | |
913 | #endif | |
914 | if (error == 0) | |
bdb7df42 AM |
915 | error = dmu_buf_hold_noread(os, object, offset, zgd, |
916 | &db); | |
ab8c935e CS |
917 | |
918 | if (error == 0) { | |
919 | blkptr_t *bp = &lr->lr_blkptr; | |
920 | ||
921 | zgd->zgd_db = db; | |
922 | zgd->zgd_bp = bp; | |
923 | ||
924 | ASSERT(db->db_offset == offset); | |
925 | ASSERT(db->db_size == size); | |
926 | ||
927 | error = dmu_sync(zio, lr->lr_common.lrc_txg, | |
928 | zfs_get_done, zgd); | |
929 | ASSERT(error || lr->lr_length <= size); | |
930 | ||
931 | /* | |
932 | * On success, we need to wait for the write I/O | |
933 | * initiated by dmu_sync() to complete before we can | |
934 | * release this dbuf. We will finish everything up | |
935 | * in the zfs_get_done() callback. | |
936 | */ | |
937 | if (error == 0) | |
938 | return (0); | |
939 | ||
940 | if (error == EALREADY) { | |
941 | lr->lr_common.lrc_txtype = TX_WRITE2; | |
942 | /* | |
943 | * TX_WRITE2 relies on the data previously | |
944 | * written by the TX_WRITE that caused | |
945 | * EALREADY. We zero out the BP because | |
946 | * it is the old, currently-on-disk BP. | |
947 | */ | |
948 | zgd->zgd_bp = NULL; | |
949 | BP_ZERO(bp); | |
950 | error = 0; | |
951 | } | |
952 | } | |
953 | } | |
954 | ||
955 | zfs_get_done(zgd, error); | |
956 | ||
957 | return (error); | |
958 | } | |
959 | ||
960 | ||
ab8c935e CS |
961 | static void |
962 | zfs_get_done(zgd_t *zgd, int error) | |
963 | { | |
ef70eff1 | 964 | (void) error; |
ab8c935e CS |
965 | znode_t *zp = zgd->zgd_private; |
966 | ||
967 | if (zgd->zgd_db) | |
968 | dmu_buf_rele(zgd->zgd_db, zgd); | |
969 | ||
970 | zfs_rangelock_exit(zgd->zgd_lr); | |
971 | ||
972 | /* | |
973 | * Release the vnode asynchronously as we currently have the | |
974 | * txg stopped from syncing. | |
975 | */ | |
976 | zfs_zrele_async(zp); | |
977 | ||
978 | kmem_free(zgd, sizeof (zgd_t)); | |
979 | } | |
980 | ||
67a1b037 PJD |
981 | static int |
982 | zfs_enter_two(zfsvfs_t *zfsvfs1, zfsvfs_t *zfsvfs2, const char *tag) | |
983 | { | |
984 | int error; | |
985 | ||
986 | /* Swap. Not sure if the order of zfs_enter()s is important. */ | |
987 | if (zfsvfs1 > zfsvfs2) { | |
988 | zfsvfs_t *tmpzfsvfs; | |
989 | ||
990 | tmpzfsvfs = zfsvfs2; | |
991 | zfsvfs2 = zfsvfs1; | |
992 | zfsvfs1 = tmpzfsvfs; | |
993 | } | |
994 | ||
995 | error = zfs_enter(zfsvfs1, tag); | |
996 | if (error != 0) | |
997 | return (error); | |
998 | if (zfsvfs1 != zfsvfs2) { | |
999 | error = zfs_enter(zfsvfs2, tag); | |
1000 | if (error != 0) { | |
1001 | zfs_exit(zfsvfs1, tag); | |
1002 | return (error); | |
1003 | } | |
1004 | } | |
1005 | ||
1006 | return (0); | |
1007 | } | |
1008 | ||
1009 | static void | |
1010 | zfs_exit_two(zfsvfs_t *zfsvfs1, zfsvfs_t *zfsvfs2, const char *tag) | |
1011 | { | |
1012 | ||
1013 | zfs_exit(zfsvfs1, tag); | |
1014 | if (zfsvfs1 != zfsvfs2) | |
1015 | zfs_exit(zfsvfs2, tag); | |
1016 | } | |
1017 | ||
1018 | /* | |
1019 | * We split each clone request in chunks that can fit into a single ZIL | |
1020 | * log entry. Each ZIL log entry can fit 130816 bytes for a block cloning | |
1021 | * operation (see zil_max_log_data() and zfs_log_clone_range()). This gives | |
1022 | * us room for storing 1022 block pointers. | |
1023 | * | |
1024 | * On success, the function return the number of bytes copied in *lenp. | |
1025 | * Note, it doesn't return how much bytes are left to be copied. | |
019dea0a KP |
1026 | * On errors which are caused by any file system limitations or |
1027 | * brt limitations `EINVAL` is returned. In the most cases a user | |
1028 | * requested bad parameters, it could be possible to clone the file but | |
1029 | * some parameters don't match the requirements. | |
67a1b037 PJD |
1030 | */ |
1031 | int | |
1032 | zfs_clone_range(znode_t *inzp, uint64_t *inoffp, znode_t *outzp, | |
1033 | uint64_t *outoffp, uint64_t *lenp, cred_t *cr) | |
1034 | { | |
1035 | zfsvfs_t *inzfsvfs, *outzfsvfs; | |
1036 | objset_t *inos, *outos; | |
1037 | zfs_locked_range_t *inlr, *outlr; | |
1038 | dmu_buf_impl_t *db; | |
1039 | dmu_tx_t *tx; | |
1040 | zilog_t *zilog; | |
1041 | uint64_t inoff, outoff, len, done; | |
1042 | uint64_t outsize, size; | |
1043 | int error; | |
1044 | int count = 0; | |
1045 | sa_bulk_attr_t bulk[3]; | |
1046 | uint64_t mtime[2], ctime[2]; | |
1047 | uint64_t uid, gid, projid; | |
1048 | blkptr_t *bps; | |
1049 | size_t maxblocks, nbps; | |
1050 | uint_t inblksz; | |
1051 | uint64_t clear_setid_bits_txg = 0; | |
1052 | ||
1053 | inoff = *inoffp; | |
1054 | outoff = *outoffp; | |
1055 | len = *lenp; | |
1056 | done = 0; | |
1057 | ||
1058 | inzfsvfs = ZTOZSB(inzp); | |
1059 | outzfsvfs = ZTOZSB(outzp); | |
b6d7370b PJD |
1060 | |
1061 | /* | |
1062 | * We need to call zfs_enter() potentially on two different datasets, | |
1063 | * so we need a dedicated function for that. | |
1064 | */ | |
1065 | error = zfs_enter_two(inzfsvfs, outzfsvfs, FTAG); | |
1066 | if (error != 0) | |
1067 | return (error); | |
1068 | ||
67a1b037 PJD |
1069 | inos = inzfsvfs->z_os; |
1070 | outos = outzfsvfs->z_os; | |
1071 | ||
1072 | /* | |
1073 | * Both source and destination have to belong to the same storage pool. | |
1074 | */ | |
1075 | if (dmu_objset_spa(inos) != dmu_objset_spa(outos)) { | |
1076 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1077 | return (SET_ERROR(EXDEV)); | |
1078 | } | |
1079 | ||
5bdfff5c KP |
1080 | /* |
1081 | * outos and inos belongs to the same storage pool. | |
1082 | * see a few lines above, only one check. | |
1083 | */ | |
1084 | if (!spa_feature_is_enabled(dmu_objset_spa(outos), | |
1085 | SPA_FEATURE_BLOCK_CLONING)) { | |
1086 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1087 | return (SET_ERROR(EOPNOTSUPP)); | |
1088 | } | |
1089 | ||
67a1b037 PJD |
1090 | ASSERT(!outzfsvfs->z_replay); |
1091 | ||
763ca47f MM |
1092 | /* |
1093 | * Block cloning from an unencrypted dataset into an encrypted | |
1094 | * dataset and vice versa is not supported. | |
1095 | */ | |
1096 | if (inos->os_encrypted != outos->os_encrypted) { | |
1097 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1098 | return (SET_ERROR(EXDEV)); | |
1099 | } | |
1100 | ||
c7b61192 KP |
1101 | /* |
1102 | * Cloning across encrypted datasets is possible only if they | |
1103 | * share the same master key. | |
1104 | */ | |
1105 | if (inos != outos && inos->os_encrypted && | |
1106 | !dmu_objset_crypto_key_equal(inos, outos)) { | |
1107 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1108 | return (SET_ERROR(EXDEV)); | |
1109 | } | |
1110 | ||
67a1b037 PJD |
1111 | error = zfs_verify_zp(inzp); |
1112 | if (error == 0) | |
1113 | error = zfs_verify_zp(outzp); | |
1114 | if (error != 0) { | |
1115 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1116 | return (error); | |
1117 | } | |
1118 | ||
67a1b037 PJD |
1119 | /* |
1120 | * We don't copy source file's flags that's why we don't allow to clone | |
1121 | * files that are in quarantine. | |
1122 | */ | |
1123 | if (inzp->z_pflags & ZFS_AV_QUARANTINED) { | |
1124 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1125 | return (SET_ERROR(EACCES)); | |
1126 | } | |
1127 | ||
1128 | if (inoff >= inzp->z_size) { | |
1129 | *lenp = 0; | |
1130 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1131 | return (0); | |
1132 | } | |
1133 | if (len > inzp->z_size - inoff) { | |
1134 | len = inzp->z_size - inoff; | |
1135 | } | |
1136 | if (len == 0) { | |
1137 | *lenp = 0; | |
1138 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1139 | return (0); | |
1140 | } | |
1141 | ||
1142 | /* | |
1143 | * Callers might not be able to detect properly that we are read-only, | |
1144 | * so check it explicitly here. | |
1145 | */ | |
1146 | if (zfs_is_readonly(outzfsvfs)) { | |
1147 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1148 | return (SET_ERROR(EROFS)); | |
1149 | } | |
1150 | ||
1151 | /* | |
1152 | * If immutable or not appending then return EPERM. | |
1153 | * Intentionally allow ZFS_READONLY through here. | |
1154 | * See zfs_zaccess_common() | |
1155 | */ | |
1156 | if ((outzp->z_pflags & ZFS_IMMUTABLE) != 0) { | |
1157 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1158 | return (SET_ERROR(EPERM)); | |
1159 | } | |
1160 | ||
1161 | /* | |
1162 | * No overlapping if we are cloning within the same file. | |
1163 | */ | |
1164 | if (inzp == outzp) { | |
1165 | if (inoff < outoff + len && outoff < inoff + len) { | |
1166 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1167 | return (SET_ERROR(EINVAL)); | |
1168 | } | |
1169 | } | |
1170 | ||
1171 | /* | |
1172 | * Maintain predictable lock order. | |
1173 | */ | |
1174 | if (inzp < outzp || (inzp == outzp && inoff < outoff)) { | |
1175 | inlr = zfs_rangelock_enter(&inzp->z_rangelock, inoff, len, | |
1176 | RL_READER); | |
1177 | outlr = zfs_rangelock_enter(&outzp->z_rangelock, outoff, len, | |
1178 | RL_WRITER); | |
1179 | } else { | |
1180 | outlr = zfs_rangelock_enter(&outzp->z_rangelock, outoff, len, | |
1181 | RL_WRITER); | |
1182 | inlr = zfs_rangelock_enter(&inzp->z_rangelock, inoff, len, | |
1183 | RL_READER); | |
1184 | } | |
1185 | ||
1186 | inblksz = inzp->z_blksz; | |
1187 | ||
1188 | /* | |
5cc1876f AM |
1189 | * We cannot clone into files with different block size if we can't |
1190 | * grow it (block size is already bigger or more than one block). | |
67a1b037 | 1191 | */ |
5cc1876f AM |
1192 | if (inblksz != outzp->z_blksz && (outzp->z_size > outzp->z_blksz || |
1193 | outzp->z_size > inblksz)) { | |
1194 | error = SET_ERROR(EINVAL); | |
1195 | goto unlock; | |
1196 | } | |
1197 | ||
1198 | /* | |
1199 | * Block size must be power-of-2 if destination offset != 0. | |
1200 | * There can be no multiple blocks of non-power-of-2 size. | |
1201 | */ | |
1202 | if (outoff != 0 && !ISP2(inblksz)) { | |
019dea0a | 1203 | error = SET_ERROR(EINVAL); |
67a1b037 PJD |
1204 | goto unlock; |
1205 | } | |
1206 | ||
1207 | /* | |
1208 | * Offsets and len must be at block boundries. | |
1209 | */ | |
1210 | if ((inoff % inblksz) != 0 || (outoff % inblksz) != 0) { | |
019dea0a | 1211 | error = SET_ERROR(EINVAL); |
67a1b037 PJD |
1212 | goto unlock; |
1213 | } | |
1214 | /* | |
1215 | * Length must be multipe of blksz, except for the end of the file. | |
1216 | */ | |
1217 | if ((len % inblksz) != 0 && | |
1218 | (len < inzp->z_size - inoff || len < outzp->z_size - outoff)) { | |
019dea0a | 1219 | error = SET_ERROR(EINVAL); |
67a1b037 PJD |
1220 | goto unlock; |
1221 | } | |
1222 | ||
e1353885 AM |
1223 | /* |
1224 | * If we are copying only one block and it is smaller than recordsize | |
1225 | * property, do not allow destination to grow beyond one block if it | |
1226 | * is not there yet. Otherwise the destination will get stuck with | |
1227 | * that block size forever, that can be as small as 512 bytes, no | |
1228 | * matter how big the destination grow later. | |
1229 | */ | |
1230 | if (len <= inblksz && inblksz < outzfsvfs->z_max_blksz && | |
1231 | outzp->z_size <= inblksz && outoff + len > inblksz) { | |
1232 | error = SET_ERROR(EINVAL); | |
1233 | goto unlock; | |
1234 | } | |
1235 | ||
67a1b037 PJD |
1236 | error = zn_rlimit_fsize(outoff + len); |
1237 | if (error != 0) { | |
1238 | goto unlock; | |
1239 | } | |
1240 | ||
1241 | if (inoff >= MAXOFFSET_T || outoff >= MAXOFFSET_T) { | |
1242 | error = SET_ERROR(EFBIG); | |
1243 | goto unlock; | |
1244 | } | |
1245 | ||
1246 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(outzfsvfs), NULL, | |
1247 | &mtime, 16); | |
1248 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(outzfsvfs), NULL, | |
1249 | &ctime, 16); | |
1250 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(outzfsvfs), NULL, | |
1251 | &outzp->z_size, 8); | |
1252 | ||
1253 | zilog = outzfsvfs->z_log; | |
1254 | maxblocks = zil_max_log_data(zilog, sizeof (lr_clone_range_t)) / | |
1255 | sizeof (bps[0]); | |
1256 | ||
1257 | uid = KUID_TO_SUID(ZTOUID(outzp)); | |
1258 | gid = KGID_TO_SGID(ZTOGID(outzp)); | |
1259 | projid = outzp->z_projid; | |
1260 | ||
8d21c002 | 1261 | bps = vmem_alloc(sizeof (bps[0]) * maxblocks, KM_SLEEP); |
67a1b037 PJD |
1262 | |
1263 | /* | |
1264 | * Clone the file in reasonable size chunks. Each chunk is cloned | |
1265 | * in a separate transaction; this keeps the intent log records small | |
1266 | * and allows us to do more fine-grained space accounting. | |
1267 | */ | |
1268 | while (len > 0) { | |
1269 | size = MIN(inblksz * maxblocks, len); | |
1270 | ||
1271 | if (zfs_id_overblockquota(outzfsvfs, DMU_USERUSED_OBJECT, | |
1272 | uid) || | |
1273 | zfs_id_overblockquota(outzfsvfs, DMU_GROUPUSED_OBJECT, | |
1274 | gid) || | |
1275 | (projid != ZFS_DEFAULT_PROJID && | |
1276 | zfs_id_overblockquota(outzfsvfs, DMU_PROJECTUSED_OBJECT, | |
1277 | projid))) { | |
1278 | error = SET_ERROR(EDQUOT); | |
1279 | break; | |
1280 | } | |
1281 | ||
67a1b037 | 1282 | nbps = maxblocks; |
d0d91f18 | 1283 | error = dmu_read_l0_bps(inos, inzp->z_id, inoff, size, bps, |
67a1b037 PJD |
1284 | &nbps); |
1285 | if (error != 0) { | |
67a1b037 | 1286 | /* |
cae502c1 RN |
1287 | * If we are trying to clone a block that was created |
1288 | * in the current transaction group, error will be | |
1289 | * EAGAIN here, which we can just return to the caller | |
1290 | * so it can fallback if it likes. | |
67a1b037 | 1291 | */ |
67a1b037 PJD |
1292 | break; |
1293 | } | |
67a1b037 | 1294 | |
d0d91f18 PJD |
1295 | /* |
1296 | * Start a transaction. | |
1297 | */ | |
1298 | tx = dmu_tx_create(outos); | |
67a1b037 PJD |
1299 | dmu_tx_hold_sa(tx, outzp->z_sa_hdl, B_FALSE); |
1300 | db = (dmu_buf_impl_t *)sa_get_db(outzp->z_sa_hdl); | |
1301 | DB_DNODE_ENTER(db); | |
1302 | dmu_tx_hold_clone_by_dnode(tx, DB_DNODE(db), outoff, size); | |
1303 | DB_DNODE_EXIT(db); | |
1304 | zfs_sa_upgrade_txholds(tx, outzp); | |
1305 | error = dmu_tx_assign(tx, TXG_WAIT); | |
1306 | if (error != 0) { | |
1307 | dmu_tx_abort(tx); | |
1308 | break; | |
1309 | } | |
1310 | ||
1311 | /* | |
1312 | * Copy source znode's block size. This only happens on the | |
1313 | * first iteration since zfs_rangelock_reduce() will shrink down | |
1314 | * lr_len to the appropriate size. | |
1315 | */ | |
1316 | if (outlr->lr_length == UINT64_MAX) { | |
1317 | zfs_grow_blocksize(outzp, inblksz, tx); | |
1318 | /* | |
1319 | * Round range lock up to the block boundary, so we | |
1320 | * prevent appends until we are done. | |
1321 | */ | |
1322 | zfs_rangelock_reduce(outlr, outoff, | |
1323 | ((len - 1) / inblksz + 1) * inblksz); | |
1324 | } | |
1325 | ||
bd8c6bd6 | 1326 | error = dmu_brt_clone(outos, outzp->z_id, outoff, size, tx, |
a03ebd9b | 1327 | bps, nbps); |
bd8c6bd6 PJD |
1328 | if (error != 0) { |
1329 | dmu_tx_commit(tx); | |
1330 | break; | |
1331 | } | |
67a1b037 PJD |
1332 | |
1333 | zfs_clear_setid_bits_if_necessary(outzfsvfs, outzp, cr, | |
1334 | &clear_setid_bits_txg, tx); | |
1335 | ||
1336 | zfs_tstamp_update_setup(outzp, CONTENT_MODIFIED, mtime, ctime); | |
1337 | ||
1338 | /* | |
1339 | * Update the file size (zp_size) if it has changed; | |
1340 | * account for possible concurrent updates. | |
1341 | */ | |
1342 | while ((outsize = outzp->z_size) < outoff + size) { | |
1343 | (void) atomic_cas_64(&outzp->z_size, outsize, | |
1344 | outoff + size); | |
1345 | } | |
1346 | ||
1347 | error = sa_bulk_update(outzp->z_sa_hdl, bulk, count, tx); | |
1348 | ||
1349 | zfs_log_clone_range(zilog, tx, TX_CLONE_RANGE, outzp, outoff, | |
1350 | size, inblksz, bps, nbps); | |
1351 | ||
1352 | dmu_tx_commit(tx); | |
1353 | ||
1354 | if (error != 0) | |
1355 | break; | |
1356 | ||
1357 | inoff += size; | |
1358 | outoff += size; | |
1359 | len -= size; | |
1360 | done += size; | |
1361 | } | |
1362 | ||
8d21c002 | 1363 | vmem_free(bps, sizeof (bps[0]) * maxblocks); |
67a1b037 PJD |
1364 | zfs_znode_update_vfs(outzp); |
1365 | ||
1366 | unlock: | |
1367 | zfs_rangelock_exit(outlr); | |
1368 | zfs_rangelock_exit(inlr); | |
1369 | ||
1370 | if (done > 0) { | |
1371 | /* | |
1372 | * If we have made at least partial progress, reset the error. | |
1373 | */ | |
1374 | error = 0; | |
1375 | ||
1376 | ZFS_ACCESSTIME_STAMP(inzfsvfs, inzp); | |
1377 | ||
1378 | if (outos->os_sync == ZFS_SYNC_ALWAYS) { | |
1379 | zil_commit(zilog, outzp->z_id); | |
1380 | } | |
1381 | ||
1382 | *inoffp += done; | |
1383 | *outoffp += done; | |
1384 | *lenp = done; | |
5cc1876f AM |
1385 | } else { |
1386 | /* | |
1387 | * If we made no progress, there must be a good reason. | |
1388 | * EOF is handled explicitly above, before the loop. | |
1389 | */ | |
1390 | ASSERT3S(error, !=, 0); | |
67a1b037 PJD |
1391 | } |
1392 | ||
1393 | zfs_exit_two(inzfsvfs, outzfsvfs, FTAG); | |
1394 | ||
1395 | return (error); | |
1396 | } | |
1397 | ||
1398 | /* | |
1399 | * Usual pattern would be to call zfs_clone_range() from zfs_replay_clone(), | |
1400 | * but we cannot do that, because when replaying we don't have source znode | |
1401 | * available. This is why we need a dedicated replay function. | |
1402 | */ | |
1403 | int | |
1404 | zfs_clone_range_replay(znode_t *zp, uint64_t off, uint64_t len, uint64_t blksz, | |
1405 | const blkptr_t *bps, size_t nbps) | |
1406 | { | |
1407 | zfsvfs_t *zfsvfs; | |
1408 | dmu_buf_impl_t *db; | |
1409 | dmu_tx_t *tx; | |
1410 | int error; | |
1411 | int count = 0; | |
1412 | sa_bulk_attr_t bulk[3]; | |
1413 | uint64_t mtime[2], ctime[2]; | |
1414 | ||
1415 | ASSERT3U(off, <, MAXOFFSET_T); | |
1416 | ASSERT3U(len, >, 0); | |
1417 | ASSERT3U(nbps, >, 0); | |
1418 | ||
1419 | zfsvfs = ZTOZSB(zp); | |
1420 | ||
1421 | ASSERT(spa_feature_is_enabled(dmu_objset_spa(zfsvfs->z_os), | |
1422 | SPA_FEATURE_BLOCK_CLONING)); | |
1423 | ||
1424 | if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0) | |
1425 | return (error); | |
1426 | ||
1427 | ASSERT(zfsvfs->z_replay); | |
1428 | ASSERT(!zfs_is_readonly(zfsvfs)); | |
1429 | ||
1430 | if ((off % blksz) != 0) { | |
1431 | zfs_exit(zfsvfs, FTAG); | |
1432 | return (SET_ERROR(EINVAL)); | |
1433 | } | |
1434 | ||
1435 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16); | |
1436 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16); | |
1437 | SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), NULL, | |
1438 | &zp->z_size, 8); | |
1439 | ||
1440 | /* | |
1441 | * Start a transaction. | |
1442 | */ | |
1443 | tx = dmu_tx_create(zfsvfs->z_os); | |
1444 | ||
1445 | dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE); | |
1446 | db = (dmu_buf_impl_t *)sa_get_db(zp->z_sa_hdl); | |
1447 | DB_DNODE_ENTER(db); | |
1448 | dmu_tx_hold_clone_by_dnode(tx, DB_DNODE(db), off, len); | |
1449 | DB_DNODE_EXIT(db); | |
1450 | zfs_sa_upgrade_txholds(tx, zp); | |
1451 | error = dmu_tx_assign(tx, TXG_WAIT); | |
1452 | if (error != 0) { | |
1453 | dmu_tx_abort(tx); | |
1454 | zfs_exit(zfsvfs, FTAG); | |
1455 | return (error); | |
1456 | } | |
1457 | ||
1458 | if (zp->z_blksz < blksz) | |
1459 | zfs_grow_blocksize(zp, blksz, tx); | |
1460 | ||
a03ebd9b | 1461 | dmu_brt_clone(zfsvfs->z_os, zp->z_id, off, len, tx, bps, nbps); |
67a1b037 PJD |
1462 | |
1463 | zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime); | |
1464 | ||
1465 | if (zp->z_size < off + len) | |
1466 | zp->z_size = off + len; | |
1467 | ||
1468 | error = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx); | |
1469 | ||
1470 | /* | |
1471 | * zil_replaying() not only check if we are replaying ZIL, but also | |
1472 | * updates the ZIL header to record replay progress. | |
1473 | */ | |
1474 | VERIFY(zil_replaying(zfsvfs->z_log, tx)); | |
1475 | ||
1476 | dmu_tx_commit(tx); | |
1477 | ||
1478 | zfs_znode_update_vfs(zp); | |
1479 | ||
1480 | zfs_exit(zfsvfs, FTAG); | |
1481 | ||
1482 | return (error); | |
1483 | } | |
1484 | ||
8583540c | 1485 | EXPORT_SYMBOL(zfs_access); |
e53d678d | 1486 | EXPORT_SYMBOL(zfs_fsync); |
8583540c | 1487 | EXPORT_SYMBOL(zfs_holey); |
e53d678d MM |
1488 | EXPORT_SYMBOL(zfs_read); |
1489 | EXPORT_SYMBOL(zfs_write); | |
1490 | EXPORT_SYMBOL(zfs_getsecattr); | |
1491 | EXPORT_SYMBOL(zfs_setsecattr); | |
67a1b037 PJD |
1492 | EXPORT_SYMBOL(zfs_clone_range); |
1493 | EXPORT_SYMBOL(zfs_clone_range_replay); | |
e53d678d | 1494 | |
ab8d9c17 | 1495 | ZFS_MODULE_PARAM(zfs_vnops, zfs_vnops_, read_chunk_size, U64, ZMOD_RW, |
e53d678d | 1496 | "Bytes to read per chunk"); |