4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
25 #include <sys/types.h>
26 #include <sys/param.h>
27 #include <sys/errno.h>
30 #include <sys/modctl.h>
35 #include <sys/cmn_err.h>
37 #include <sys/zfs_ioctl.h>
38 #include <sys/zfs_vfsops.h>
39 #include <sys/zfs_znode.h>
42 #include <sys/spa_impl.h>
44 #include <sys/priv_impl.h>
46 #include <sys/dsl_dir.h>
47 #include <sys/dsl_dataset.h>
48 #include <sys/dsl_prop.h>
49 #include <sys/dsl_deleg.h>
50 #include <sys/dmu_objset.h>
52 #include <sys/sunddi.h>
53 #include <sys/sunldi.h>
54 #include <sys/policy.h>
56 #include <sys/nvpair.h>
57 #include <sys/pathname.h>
58 #include <sys/mount.h>
60 #include <sys/fs/zfs.h>
61 #include <sys/zfs_ctldir.h>
62 #include <sys/zfs_dir.h>
63 #include <sys/zfs_onexit.h>
65 #include <sys/dsl_scan.h>
66 #include <sharefs/share.h>
67 #include <sys/dmu_objset.h>
68 #include <sys/fm/util.h>
70 #include <linux/miscdevice.h>
72 #include "zfs_namecheck.h"
74 #include "zfs_deleg.h"
75 #include "zfs_comutil.h"
77 kmutex_t zfsdev_state_lock;
78 list_t zfsdev_state_list;
80 extern void zfs_init(void);
81 extern void zfs_fini(void);
83 typedef int zfs_ioc_func_t(zfs_cmd_t *);
84 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, cred_t *);
90 } zfs_ioc_namecheck_t;
93 POOL_CHECK_NONE = 1 << 0,
94 POOL_CHECK_SUSPENDED = 1 << 1,
95 POOL_CHECK_READONLY = 1 << 2
96 } zfs_ioc_poolcheck_t;
98 typedef struct zfs_ioc_vec {
99 zfs_ioc_func_t *zvec_func;
100 zfs_secpolicy_func_t *zvec_secpolicy;
101 zfs_ioc_namecheck_t zvec_namecheck;
102 boolean_t zvec_his_log;
103 zfs_ioc_poolcheck_t zvec_pool_check;
106 /* This array is indexed by zfs_userquota_prop_t */
107 static const char *userquota_perms[] = {
108 ZFS_DELEG_PERM_USERUSED,
109 ZFS_DELEG_PERM_USERQUOTA,
110 ZFS_DELEG_PERM_GROUPUSED,
111 ZFS_DELEG_PERM_GROUPQUOTA,
114 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
115 static int zfs_check_settable(const char *name, nvpair_t *property,
117 static int zfs_check_clearable(char *dataset, nvlist_t *props,
119 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
121 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t **);
123 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
125 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
132 * Get rid of annoying "../common/" prefix to filename.
134 newfile = strrchr(file, '/');
135 if (newfile != NULL) {
136 newfile = newfile + 1; /* Get rid of leading / */
142 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
146 * To get this data, use the zfs-dprintf probe as so:
147 * dtrace -q -n 'zfs-dprintf \
148 * /stringof(arg0) == "dbuf.c"/ \
149 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
151 * arg1 = function name
155 DTRACE_PROBE4(zfs__dprintf,
156 char *, newfile, char *, func, int, line, char *, buf);
160 history_str_free(char *buf)
162 kmem_free(buf, HIS_MAX_RECORD_LEN);
166 history_str_get(zfs_cmd_t *zc)
170 if (zc->zc_history == 0)
173 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP | KM_NODEBUG);
174 if (copyinstr((void *)(uintptr_t)zc->zc_history,
175 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
176 history_str_free(buf);
180 buf[HIS_MAX_RECORD_LEN -1] = '\0';
186 * Check to see if the named dataset is currently defined as bootable
189 zfs_is_bootfs(const char *name)
193 if (dmu_objset_hold(name, FTAG, &os) == 0) {
195 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
196 dmu_objset_rele(os, FTAG);
203 * zfs_earlier_version
205 * Return non-zero if the spa version is less than requested version.
208 zfs_earlier_version(const char *name, int version)
212 if (spa_open(name, &spa, FTAG) == 0) {
213 if (spa_version(spa) < version) {
214 spa_close(spa, FTAG);
217 spa_close(spa, FTAG);
223 * zpl_earlier_version
225 * Return TRUE if the ZPL version is less than requested version.
228 zpl_earlier_version(const char *name, int version)
231 boolean_t rc = B_TRUE;
233 if (dmu_objset_hold(name, FTAG, &os) == 0) {
236 if (dmu_objset_type(os) != DMU_OST_ZFS) {
237 dmu_objset_rele(os, FTAG);
240 /* XXX reading from non-owned objset */
241 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
242 rc = zplversion < version;
243 dmu_objset_rele(os, FTAG);
249 zfs_log_history(zfs_cmd_t *zc)
254 if ((buf = history_str_get(zc)) == NULL)
257 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
258 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
259 (void) spa_history_log(spa, buf, LOG_CMD_NORMAL);
260 spa_close(spa, FTAG);
262 history_str_free(buf);
266 * Policy for top-level read operations (list pools). Requires no privileges,
267 * and can be used in the local zone, as there is no associated dataset.
271 zfs_secpolicy_none(zfs_cmd_t *zc, cred_t *cr)
277 * Policy for dataset read operations (list children, get statistics). Requires
278 * no privileges, but must be visible in the local zone.
282 zfs_secpolicy_read(zfs_cmd_t *zc, cred_t *cr)
284 if (INGLOBALZONE(curproc) ||
285 zone_dataset_visible(zc->zc_name, NULL))
292 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
297 * The dataset must be visible by this zone -- check this first
298 * so they don't see EPERM on something they shouldn't know about.
300 if (!INGLOBALZONE(curproc) &&
301 !zone_dataset_visible(dataset, &writable))
304 if (INGLOBALZONE(curproc)) {
306 * If the fs is zoned, only root can access it from the
309 if (secpolicy_zfs(cr) && zoned)
313 * If we are in a local zone, the 'zoned' property must be set.
318 /* must be writable by this zone */
326 zfs_dozonecheck(const char *dataset, cred_t *cr)
330 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
333 return (zfs_dozonecheck_impl(dataset, zoned, cr));
337 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
341 rw_enter(&ds->ds_dir->dd_pool->dp_config_rwlock, RW_READER);
342 if (dsl_prop_get_ds(ds, "zoned", 8, 1, &zoned, NULL)) {
343 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
346 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
348 return (zfs_dozonecheck_impl(dataset, zoned, cr));
352 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
356 error = zfs_dozonecheck(name, cr);
358 error = secpolicy_zfs(cr);
360 error = dsl_deleg_access(name, perm, cr);
366 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
367 const char *perm, cred_t *cr)
371 error = zfs_dozonecheck_ds(name, ds, cr);
373 error = secpolicy_zfs(cr);
375 error = dsl_deleg_access_impl(ds, perm, cr);
381 * Policy for setting the security label property.
383 * Returns 0 for success, non-zero for access and other errors.
386 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
389 char ds_hexsl[MAXNAMELEN];
390 bslabel_t ds_sl, new_sl;
391 boolean_t new_default = FALSE;
393 int needed_priv = -1;
396 /* First get the existing dataset label. */
397 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
398 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
402 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
405 /* The label must be translatable */
406 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
410 * In a non-global zone, disallow attempts to set a label that
411 * doesn't match that of the zone; otherwise no other checks
414 if (!INGLOBALZONE(curproc)) {
415 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
421 * For global-zone datasets (i.e., those whose zoned property is
422 * "off", verify that the specified new label is valid for the
425 if (dsl_prop_get_integer(name,
426 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
429 if (zfs_check_global_label(name, strval) != 0)
434 * If the existing dataset label is nondefault, check if the
435 * dataset is mounted (label cannot be changed while mounted).
436 * Get the zfsvfs; if there isn't one, then the dataset isn't
437 * mounted (or isn't a dataset, doesn't exist, ...).
439 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
441 static char *setsl_tag = "setsl_tag";
444 * Try to own the dataset; abort if there is any error,
445 * (e.g., already mounted, in use, or other error).
447 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
452 dmu_objset_disown(os, setsl_tag);
455 needed_priv = PRIV_FILE_DOWNGRADE_SL;
459 if (hexstr_to_label(strval, &new_sl) != 0)
462 if (blstrictdom(&ds_sl, &new_sl))
463 needed_priv = PRIV_FILE_DOWNGRADE_SL;
464 else if (blstrictdom(&new_sl, &ds_sl))
465 needed_priv = PRIV_FILE_UPGRADE_SL;
467 /* dataset currently has a default label */
469 needed_priv = PRIV_FILE_UPGRADE_SL;
473 if (needed_priv != -1)
474 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
478 #endif /* HAVE_MLSLABEL */
482 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
488 * Check permissions for special properties.
495 * Disallow setting of 'zoned' from within a local zone.
497 if (!INGLOBALZONE(curproc))
502 if (!INGLOBALZONE(curproc)) {
504 char setpoint[MAXNAMELEN];
506 * Unprivileged users are allowed to modify the
507 * quota on things *under* (ie. contained by)
508 * the thing they own.
510 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
513 if (!zoned || strlen(dsname) <= strlen(setpoint))
518 case ZFS_PROP_MLSLABEL:
519 if (!is_system_labeled())
522 if (nvpair_value_string(propval, &strval) == 0) {
525 err = zfs_set_slabel_policy(dsname, strval, CRED());
532 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
536 zfs_secpolicy_fsacl(zfs_cmd_t *zc, cred_t *cr)
540 error = zfs_dozonecheck(zc->zc_name, cr);
545 * permission to set permissions will be evaluated later in
546 * dsl_deleg_can_allow()
552 zfs_secpolicy_rollback(zfs_cmd_t *zc, cred_t *cr)
554 return (zfs_secpolicy_write_perms(zc->zc_name,
555 ZFS_DELEG_PERM_ROLLBACK, cr));
559 zfs_secpolicy_send(zfs_cmd_t *zc, cred_t *cr)
568 * Generate the current snapshot name from the given objsetid, then
569 * use that name for the secpolicy/zone checks.
571 cp = strchr(zc->zc_name, '@');
574 error = spa_open(zc->zc_name, &spa, FTAG);
578 dp = spa_get_dsl(spa);
579 rw_enter(&dp->dp_config_rwlock, RW_READER);
580 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
581 rw_exit(&dp->dp_config_rwlock);
582 spa_close(spa, FTAG);
586 dsl_dataset_name(ds, zc->zc_name);
588 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
589 ZFS_DELEG_PERM_SEND, cr);
590 dsl_dataset_rele(ds, FTAG);
597 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, cred_t *cr)
602 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
603 NO_FOLLOW, NULL, &vp)) != 0)
606 /* Now make sure mntpnt and dataset are ZFS */
608 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
609 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
610 zc->zc_name) != 0)) {
616 return (dsl_deleg_access(zc->zc_name,
617 ZFS_DELEG_PERM_SHARE, cr));
619 #endif /* HAVE_ZPL */
622 zfs_secpolicy_share(zfs_cmd_t *zc, cred_t *cr)
625 if (!INGLOBALZONE(curproc))
628 if (secpolicy_nfs(cr) == 0) {
631 return (zfs_secpolicy_deleg_share(zc, cr));
635 #endif /* HAVE_ZPL */
639 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, cred_t *cr)
642 if (!INGLOBALZONE(curproc))
645 if (secpolicy_smb(cr) == 0) {
648 return (zfs_secpolicy_deleg_share(zc, cr));
652 #endif /* HAVE_ZPL */
656 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
661 * Remove the @bla or /bla from the end of the name to get the parent.
663 (void) strncpy(parent, datasetname, parentsize);
664 cp = strrchr(parent, '@');
668 cp = strrchr(parent, '/');
678 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
682 if ((error = zfs_secpolicy_write_perms(name,
683 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
686 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
690 zfs_secpolicy_destroy(zfs_cmd_t *zc, cred_t *cr)
692 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
696 * Destroying snapshots with delegated permissions requires
697 * descendent mount and destroy permissions.
698 * Reassemble the full filesystem@snap name so dsl_deleg_access()
699 * can do the correct permission check.
701 * Since this routine is used when doing a recursive destroy of snapshots
702 * and destroying snapshots requires descendent permissions, a successfull
703 * check of the top level snapshot applies to snapshots of all descendent
707 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, cred_t *cr)
712 dsname = kmem_asprintf("%s@%s", zc->zc_name, zc->zc_value);
714 error = zfs_secpolicy_destroy_perms(dsname, cr);
721 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
723 char parentname[MAXNAMELEN];
726 if ((error = zfs_secpolicy_write_perms(from,
727 ZFS_DELEG_PERM_RENAME, cr)) != 0)
730 if ((error = zfs_secpolicy_write_perms(from,
731 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
734 if ((error = zfs_get_parent(to, parentname,
735 sizeof (parentname))) != 0)
738 if ((error = zfs_secpolicy_write_perms(parentname,
739 ZFS_DELEG_PERM_CREATE, cr)) != 0)
742 if ((error = zfs_secpolicy_write_perms(parentname,
743 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
750 zfs_secpolicy_rename(zfs_cmd_t *zc, cred_t *cr)
752 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
756 zfs_secpolicy_promote(zfs_cmd_t *zc, cred_t *cr)
758 char parentname[MAXNAMELEN];
762 error = zfs_secpolicy_write_perms(zc->zc_name,
763 ZFS_DELEG_PERM_PROMOTE, cr);
767 error = dmu_objset_hold(zc->zc_name, FTAG, &clone);
770 dsl_dataset_t *pclone = NULL;
772 dd = clone->os_dsl_dataset->ds_dir;
774 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER);
775 error = dsl_dataset_hold_obj(dd->dd_pool,
776 dd->dd_phys->dd_origin_obj, FTAG, &pclone);
777 rw_exit(&dd->dd_pool->dp_config_rwlock);
779 dmu_objset_rele(clone, FTAG);
783 error = zfs_secpolicy_write_perms(zc->zc_name,
784 ZFS_DELEG_PERM_MOUNT, cr);
786 dsl_dataset_name(pclone, parentname);
787 dmu_objset_rele(clone, FTAG);
788 dsl_dataset_rele(pclone, FTAG);
790 error = zfs_secpolicy_write_perms(parentname,
791 ZFS_DELEG_PERM_PROMOTE, cr);
797 zfs_secpolicy_receive(zfs_cmd_t *zc, cred_t *cr)
801 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
802 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
805 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
806 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
809 return (zfs_secpolicy_write_perms(zc->zc_name,
810 ZFS_DELEG_PERM_CREATE, cr));
814 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
816 return (zfs_secpolicy_write_perms(name,
817 ZFS_DELEG_PERM_SNAPSHOT, cr));
821 zfs_secpolicy_snapshot(zfs_cmd_t *zc, cred_t *cr)
824 return (zfs_secpolicy_snapshot_perms(zc->zc_name, cr));
828 zfs_secpolicy_create(zfs_cmd_t *zc, cred_t *cr)
830 char parentname[MAXNAMELEN];
833 if ((error = zfs_get_parent(zc->zc_name, parentname,
834 sizeof (parentname))) != 0)
837 if (zc->zc_value[0] != '\0') {
838 if ((error = zfs_secpolicy_write_perms(zc->zc_value,
839 ZFS_DELEG_PERM_CLONE, cr)) != 0)
843 if ((error = zfs_secpolicy_write_perms(parentname,
844 ZFS_DELEG_PERM_CREATE, cr)) != 0)
847 error = zfs_secpolicy_write_perms(parentname,
848 ZFS_DELEG_PERM_MOUNT, cr);
855 zfs_secpolicy_umount(zfs_cmd_t *zc, cred_t *cr)
859 error = secpolicy_fs_unmount(cr, NULL);
861 error = dsl_deleg_access(zc->zc_name, ZFS_DELEG_PERM_MOUNT, cr);
865 #endif /* HAVE_ZPL */
868 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
869 * SYS_CONFIG privilege, which is not available in a local zone.
873 zfs_secpolicy_config(zfs_cmd_t *zc, cred_t *cr)
875 if (secpolicy_sys_config(cr, B_FALSE) != 0)
882 * Policy for object to name lookups.
886 zfs_secpolicy_diff(zfs_cmd_t *zc, cred_t *cr)
890 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
893 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
898 * Policy for fault injection. Requires all privileges.
902 zfs_secpolicy_inject(zfs_cmd_t *zc, cred_t *cr)
904 return (secpolicy_zinject(cr));
908 zfs_secpolicy_inherit(zfs_cmd_t *zc, cred_t *cr)
910 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
912 if (prop == ZPROP_INVAL) {
913 if (!zfs_prop_user(zc->zc_value))
915 return (zfs_secpolicy_write_perms(zc->zc_name,
916 ZFS_DELEG_PERM_USERPROP, cr));
918 return (zfs_secpolicy_setprop(zc->zc_name, prop,
924 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, cred_t *cr)
926 int err = zfs_secpolicy_read(zc, cr);
930 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
933 if (zc->zc_value[0] == 0) {
935 * They are asking about a posix uid/gid. If it's
936 * themself, allow it.
938 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
939 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
940 if (zc->zc_guid == crgetuid(cr))
943 if (groupmember(zc->zc_guid, cr))
948 return (zfs_secpolicy_write_perms(zc->zc_name,
949 userquota_perms[zc->zc_objset_type], cr));
953 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, cred_t *cr)
955 int err = zfs_secpolicy_read(zc, cr);
959 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
962 return (zfs_secpolicy_write_perms(zc->zc_name,
963 userquota_perms[zc->zc_objset_type], cr));
967 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, cred_t *cr)
969 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
974 zfs_secpolicy_hold(zfs_cmd_t *zc, cred_t *cr)
976 return (zfs_secpolicy_write_perms(zc->zc_name,
977 ZFS_DELEG_PERM_HOLD, cr));
981 zfs_secpolicy_release(zfs_cmd_t *zc, cred_t *cr)
983 return (zfs_secpolicy_write_perms(zc->zc_name,
984 ZFS_DELEG_PERM_RELEASE, cr));
988 * Policy for allowing temporary snapshots to be taken or released
991 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, cred_t *cr)
994 * A temporary snapshot is the same as a snapshot,
995 * hold, destroy and release all rolled into one.
996 * Delegated diff alone is sufficient that we allow this.
1000 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1001 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1004 error = zfs_secpolicy_snapshot(zc, cr);
1006 error = zfs_secpolicy_hold(zc, cr);
1008 error = zfs_secpolicy_release(zc, cr);
1010 error = zfs_secpolicy_destroy(zc, cr);
1015 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1018 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1022 nvlist_t *list = NULL;
1025 * Read in and unpack the user-supplied nvlist.
1030 packed = kmem_alloc(size, KM_SLEEP | KM_NODEBUG);
1032 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1034 kmem_free(packed, size);
1038 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1039 kmem_free(packed, size);
1043 kmem_free(packed, size);
1050 fit_error_list(zfs_cmd_t *zc, nvlist_t **errors)
1054 VERIFY(nvlist_size(*errors, &size, NV_ENCODE_NATIVE) == 0);
1056 if (size > zc->zc_nvlist_dst_size) {
1057 nvpair_t *more_errors;
1060 if (zc->zc_nvlist_dst_size < 1024)
1063 VERIFY(nvlist_add_int32(*errors, ZPROP_N_MORE_ERRORS, 0) == 0);
1064 more_errors = nvlist_prev_nvpair(*errors, NULL);
1067 nvpair_t *pair = nvlist_prev_nvpair(*errors,
1069 VERIFY(nvlist_remove_nvpair(*errors, pair) == 0);
1071 VERIFY(nvlist_size(*errors, &size,
1072 NV_ENCODE_NATIVE) == 0);
1073 } while (size > zc->zc_nvlist_dst_size);
1075 VERIFY(nvlist_remove_nvpair(*errors, more_errors) == 0);
1076 VERIFY(nvlist_add_int32(*errors, ZPROP_N_MORE_ERRORS, n) == 0);
1077 ASSERT(nvlist_size(*errors, &size, NV_ENCODE_NATIVE) == 0);
1078 ASSERT(size <= zc->zc_nvlist_dst_size);
1085 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1087 char *packed = NULL;
1091 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0);
1093 if (size > zc->zc_nvlist_dst_size) {
1096 packed = kmem_alloc(size, KM_SLEEP | KM_NODEBUG);
1097 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE,
1099 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1100 size, zc->zc_iflags) != 0)
1102 kmem_free(packed, size);
1105 zc->zc_nvlist_dst_size = size;
1111 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1116 error = dmu_objset_hold(dsname, FTAG, &os);
1119 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1120 dmu_objset_rele(os, FTAG);
1124 mutex_enter(&os->os_user_ptr_lock);
1125 *zfvp = dmu_objset_get_user(os);
1127 VFS_HOLD((*zfvp)->z_vfs);
1131 mutex_exit(&os->os_user_ptr_lock);
1132 dmu_objset_rele(os, FTAG);
1138 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1139 * case its z_vfs will be NULL, and it will be opened as the owner.
1142 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1147 if (getzfsvfs(name, zfvp) != 0)
1148 error = zfsvfs_create(name, zfvp);
1150 rrw_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1152 if ((*zfvp)->z_unmounted) {
1154 * XXX we could probably try again, since the unmounting
1155 * thread should be just about to disassociate the
1156 * objset from the zfsvfs.
1158 rrw_exit(&(*zfvp)->z_teardown_lock, tag);
1169 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1172 rrw_exit(&zfsvfs->z_teardown_lock, tag);
1174 if (zfsvfs->z_vfs) {
1175 VFS_RELE(zfsvfs->z_vfs);
1177 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1178 zfsvfs_free(zfsvfs);
1184 zfs_ioc_pool_create(zfs_cmd_t *zc)
1187 nvlist_t *config, *props = NULL;
1188 nvlist_t *rootprops = NULL;
1189 nvlist_t *zplprops = NULL;
1192 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1193 zc->zc_iflags, &config)))
1196 if (zc->zc_nvlist_src_size != 0 && (error =
1197 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1198 zc->zc_iflags, &props))) {
1199 nvlist_free(config);
1204 nvlist_t *nvl = NULL;
1205 uint64_t version = SPA_VERSION;
1207 (void) nvlist_lookup_uint64(props,
1208 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1209 if (version < SPA_VERSION_INITIAL || version > SPA_VERSION) {
1211 goto pool_props_bad;
1213 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1215 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1217 nvlist_free(config);
1221 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1223 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1224 error = zfs_fill_zplprops_root(version, rootprops,
1227 goto pool_props_bad;
1230 buf = history_str_get(zc);
1232 error = spa_create(zc->zc_name, config, props, buf, zplprops);
1235 * Set the remaining root properties
1237 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1238 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1239 (void) spa_destroy(zc->zc_name);
1242 history_str_free(buf);
1245 nvlist_free(rootprops);
1246 nvlist_free(zplprops);
1247 nvlist_free(config);
1254 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1257 zfs_log_history(zc);
1258 error = spa_destroy(zc->zc_name);
1260 zvol_remove_minors(zc->zc_name);
1265 zfs_ioc_pool_import(zfs_cmd_t *zc)
1267 nvlist_t *config, *props = NULL;
1271 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1272 zc->zc_iflags, &config)) != 0)
1275 if (zc->zc_nvlist_src_size != 0 && (error =
1276 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1277 zc->zc_iflags, &props))) {
1278 nvlist_free(config);
1282 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1283 guid != zc->zc_guid)
1286 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1288 if (zc->zc_nvlist_dst != 0) {
1291 if ((err = put_nvlist(zc, config)) != 0)
1296 zvol_create_minors(zc->zc_name);
1298 nvlist_free(config);
1307 zfs_ioc_pool_export(zfs_cmd_t *zc)
1310 boolean_t force = (boolean_t)zc->zc_cookie;
1311 boolean_t hardforce = (boolean_t)zc->zc_guid;
1313 zfs_log_history(zc);
1314 error = spa_export(zc->zc_name, NULL, force, hardforce);
1316 zvol_remove_minors(zc->zc_name);
1321 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1326 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1329 error = put_nvlist(zc, configs);
1331 nvlist_free(configs);
1337 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1343 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1344 sizeof (zc->zc_value));
1346 if (config != NULL) {
1347 ret = put_nvlist(zc, config);
1348 nvlist_free(config);
1351 * The config may be present even if 'error' is non-zero.
1352 * In this case we return success, and preserve the real errno
1355 zc->zc_cookie = error;
1364 * Try to import the given pool, returning pool stats as appropriate so that
1365 * user land knows which devices are available and overall pool health.
1368 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1370 nvlist_t *tryconfig, *config;
1373 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1374 zc->zc_iflags, &tryconfig)) != 0)
1377 config = spa_tryimport(tryconfig);
1379 nvlist_free(tryconfig);
1384 error = put_nvlist(zc, config);
1385 nvlist_free(config);
1392 * zc_name name of the pool
1393 * zc_cookie scan func (pool_scan_func_t)
1396 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1401 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1404 if (zc->zc_cookie == POOL_SCAN_NONE)
1405 error = spa_scan_stop(spa);
1407 error = spa_scan(spa, zc->zc_cookie);
1409 spa_close(spa, FTAG);
1415 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1420 error = spa_open(zc->zc_name, &spa, FTAG);
1423 spa_close(spa, FTAG);
1429 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1434 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1437 if (zc->zc_cookie < spa_version(spa) || zc->zc_cookie > SPA_VERSION) {
1438 spa_close(spa, FTAG);
1442 spa_upgrade(spa, zc->zc_cookie);
1443 spa_close(spa, FTAG);
1449 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1456 if ((size = zc->zc_history_len) == 0)
1459 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1462 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1463 spa_close(spa, FTAG);
1467 hist_buf = kmem_alloc(size, KM_SLEEP);
1468 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1469 &zc->zc_history_len, hist_buf)) == 0) {
1470 error = ddi_copyout(hist_buf,
1471 (void *)(uintptr_t)zc->zc_history,
1472 zc->zc_history_len, zc->zc_iflags);
1475 spa_close(spa, FTAG);
1476 kmem_free(hist_buf, size);
1481 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1485 if ((error = dsl_dsobj_to_dsname(zc->zc_name,zc->zc_obj,zc->zc_value)))
1493 * zc_name name of filesystem
1494 * zc_obj object to find
1497 * zc_value name of object
1500 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1505 /* XXX reading from objset not owned */
1506 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1508 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1509 dmu_objset_rele(os, FTAG);
1512 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1513 sizeof (zc->zc_value));
1514 dmu_objset_rele(os, FTAG);
1521 * zc_name name of filesystem
1522 * zc_obj object to find
1525 * zc_stat stats on object
1526 * zc_value path to object
1529 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1534 /* XXX reading from objset not owned */
1535 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1537 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1538 dmu_objset_rele(os, FTAG);
1541 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1542 sizeof (zc->zc_value));
1543 dmu_objset_rele(os, FTAG);
1549 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1553 nvlist_t *config, **l2cache, **spares;
1554 uint_t nl2cache = 0, nspares = 0;
1556 error = spa_open(zc->zc_name, &spa, FTAG);
1560 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1561 zc->zc_iflags, &config);
1562 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1563 &l2cache, &nl2cache);
1565 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1569 * A root pool with concatenated devices is not supported.
1570 * Thus, can not add a device to a root pool.
1572 * Intent log device can not be added to a rootpool because
1573 * during mountroot, zil is replayed, a seperated log device
1574 * can not be accessed during the mountroot time.
1576 * l2cache and spare devices are ok to be added to a rootpool.
1578 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1579 nvlist_free(config);
1580 spa_close(spa, FTAG);
1585 error = spa_vdev_add(spa, config);
1586 nvlist_free(config);
1588 spa_close(spa, FTAG);
1594 * zc_name name of the pool
1595 * zc_nvlist_conf nvlist of devices to remove
1596 * zc_cookie to stop the remove?
1599 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1604 error = spa_open(zc->zc_name, &spa, FTAG);
1607 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1608 spa_close(spa, FTAG);
1613 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1617 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1619 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1621 switch (zc->zc_cookie) {
1622 case VDEV_STATE_ONLINE:
1623 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1626 case VDEV_STATE_OFFLINE:
1627 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1630 case VDEV_STATE_FAULTED:
1631 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1632 zc->zc_obj != VDEV_AUX_EXTERNAL)
1633 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1635 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1638 case VDEV_STATE_DEGRADED:
1639 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1640 zc->zc_obj != VDEV_AUX_EXTERNAL)
1641 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1643 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1649 zc->zc_cookie = newstate;
1650 spa_close(spa, FTAG);
1655 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1658 int replacing = zc->zc_cookie;
1662 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1665 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1666 zc->zc_iflags, &config)) == 0) {
1667 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1668 nvlist_free(config);
1671 spa_close(spa, FTAG);
1676 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1681 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1684 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1686 spa_close(spa, FTAG);
1691 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1694 nvlist_t *config, *props = NULL;
1696 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1698 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1701 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1702 zc->zc_iflags, &config))) {
1703 spa_close(spa, FTAG);
1707 if (zc->zc_nvlist_src_size != 0 && (error =
1708 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1709 zc->zc_iflags, &props))) {
1710 spa_close(spa, FTAG);
1711 nvlist_free(config);
1715 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1717 spa_close(spa, FTAG);
1719 nvlist_free(config);
1726 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
1729 char *path = zc->zc_value;
1730 uint64_t guid = zc->zc_guid;
1733 error = spa_open(zc->zc_name, &spa, FTAG);
1737 error = spa_vdev_setpath(spa, guid, path);
1738 spa_close(spa, FTAG);
1743 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
1746 char *fru = zc->zc_value;
1747 uint64_t guid = zc->zc_guid;
1750 error = spa_open(zc->zc_name, &spa, FTAG);
1754 error = spa_vdev_setfru(spa, guid, fru);
1755 spa_close(spa, FTAG);
1760 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
1765 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1767 if (zc->zc_nvlist_dst != 0 &&
1768 (error = dsl_prop_get_all(os, &nv)) == 0) {
1769 dmu_objset_stats(os, nv);
1771 * NB: zvol_get_stats() will read the objset contents,
1772 * which we aren't supposed to do with a
1773 * DS_MODE_USER hold, because it could be
1774 * inconsistent. So this is a bit of a workaround...
1775 * XXX reading with out owning
1777 if (!zc->zc_objset_stats.dds_inconsistent) {
1778 if (dmu_objset_type(os) == DMU_OST_ZVOL)
1779 error = zvol_get_stats(os, nv);
1782 error = put_nvlist(zc, nv);
1791 * zc_name name of filesystem
1792 * zc_nvlist_dst_size size of buffer for property nvlist
1795 * zc_objset_stats stats
1796 * zc_nvlist_dst property nvlist
1797 * zc_nvlist_dst_size size of property nvlist
1800 zfs_ioc_objset_stats(zfs_cmd_t *zc)
1802 objset_t *os = NULL;
1805 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)))
1808 error = zfs_ioc_objset_stats_impl(zc, os);
1810 dmu_objset_rele(os, FTAG);
1817 * zc_name name of filesystem
1818 * zc_nvlist_dst_size size of buffer for property nvlist
1821 * zc_nvlist_dst received property nvlist
1822 * zc_nvlist_dst_size size of received property nvlist
1824 * Gets received properties (distinct from local properties on or after
1825 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
1826 * local property values.
1829 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
1831 objset_t *os = NULL;
1835 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)))
1839 * Without this check, we would return local property values if the
1840 * caller has not already received properties on or after
1841 * SPA_VERSION_RECVD_PROPS.
1843 if (!dsl_prop_get_hasrecvd(os)) {
1844 dmu_objset_rele(os, FTAG);
1848 if (zc->zc_nvlist_dst != 0 &&
1849 (error = dsl_prop_get_received(os, &nv)) == 0) {
1850 error = put_nvlist(zc, nv);
1854 dmu_objset_rele(os, FTAG);
1859 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
1865 * zfs_get_zplprop() will either find a value or give us
1866 * the default value (if there is one).
1868 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
1870 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
1876 * zc_name name of filesystem
1877 * zc_nvlist_dst_size size of buffer for zpl property nvlist
1880 * zc_nvlist_dst zpl property nvlist
1881 * zc_nvlist_dst_size size of zpl property nvlist
1884 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
1889 /* XXX reading without owning */
1890 if ((err = dmu_objset_hold(zc->zc_name, FTAG, &os)))
1893 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1896 * NB: nvl_add_zplprop() will read the objset contents,
1897 * which we aren't supposed to do with a DS_MODE_USER
1898 * hold, because it could be inconsistent.
1900 if (zc->zc_nvlist_dst != 0 &&
1901 !zc->zc_objset_stats.dds_inconsistent &&
1902 dmu_objset_type(os) == DMU_OST_ZFS) {
1905 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1906 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
1907 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
1908 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
1909 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
1910 err = put_nvlist(zc, nv);
1915 dmu_objset_rele(os, FTAG);
1920 dataset_name_hidden(const char *name)
1923 * Skip over datasets that are not visible in this zone,
1924 * internal datasets (which have a $ in their name), and
1925 * temporary datasets (which have a % in their name).
1927 if (strchr(name, '$') != NULL)
1929 if (strchr(name, '%') != NULL)
1931 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
1938 * zc_name name of filesystem
1939 * zc_cookie zap cursor
1940 * zc_nvlist_dst_size size of buffer for property nvlist
1943 * zc_name name of next filesystem
1944 * zc_cookie zap cursor
1945 * zc_objset_stats stats
1946 * zc_nvlist_dst property nvlist
1947 * zc_nvlist_dst_size size of property nvlist
1950 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
1955 size_t orig_len = strlen(zc->zc_name);
1958 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os))) {
1959 if (error == ENOENT)
1964 p = strrchr(zc->zc_name, '/');
1965 if (p == NULL || p[1] != '\0')
1966 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
1967 p = zc->zc_name + strlen(zc->zc_name);
1970 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0
1971 * but is not declared void because its called by dmu_objset_find().
1973 if (zc->zc_cookie == 0) {
1974 uint64_t cookie = 0;
1975 int len = sizeof (zc->zc_name) - (p - zc->zc_name);
1977 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0)
1978 (void) dmu_objset_prefetch(p, NULL);
1982 error = dmu_dir_list_next(os,
1983 sizeof (zc->zc_name) - (p - zc->zc_name), p,
1984 NULL, &zc->zc_cookie);
1985 if (error == ENOENT)
1987 } while (error == 0 && dataset_name_hidden(zc->zc_name) &&
1988 !(zc->zc_iflags & FKIOCTL));
1989 dmu_objset_rele(os, FTAG);
1992 * If it's an internal dataset (ie. with a '$' in its name),
1993 * don't try to get stats for it, otherwise we'll return ENOENT.
1995 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
1996 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
1997 if (error == ENOENT) {
1998 /* We lost a race with destroy, get the next one. */
1999 zc->zc_name[orig_len] = '\0';
2008 * zc_name name of filesystem
2009 * zc_cookie zap cursor
2010 * zc_nvlist_dst_size size of buffer for property nvlist
2013 * zc_name name of next snapshot
2014 * zc_objset_stats stats
2015 * zc_nvlist_dst property nvlist
2016 * zc_nvlist_dst_size size of property nvlist
2019 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2025 if (zc->zc_cookie == 0)
2026 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch,
2027 NULL, DS_FIND_SNAPSHOTS);
2029 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2031 return (error == ENOENT ? ESRCH : error);
2034 * A dataset name of maximum length cannot have any snapshots,
2035 * so exit immediately.
2037 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2038 dmu_objset_rele(os, FTAG);
2042 error = dmu_snapshot_list_next(os,
2043 sizeof (zc->zc_name) - strlen(zc->zc_name),
2044 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2049 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2052 * Since we probably don't have a hold on this snapshot,
2053 * it's possible that the objsetid could have been destroyed
2054 * and reused for a new objset. It's OK if this happens during
2055 * a zfs send operation, since the new createtxg will be
2056 * beyond the range we're interested in.
2058 rw_enter(&dp->dp_config_rwlock, RW_READER);
2059 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2060 rw_exit(&dp->dp_config_rwlock);
2062 if (error == ENOENT) {
2063 /* Racing with destroy, get the next one. */
2064 *strchr(zc->zc_name, '@') = '\0';
2065 dmu_objset_rele(os, FTAG);
2071 error = dmu_objset_from_ds(ds, &ossnap);
2073 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2074 dsl_dataset_rele(ds, FTAG);
2076 } else if (error == ENOENT) {
2080 dmu_objset_rele(os, FTAG);
2081 /* if we failed, undo the @ that we tacked on to zc_name */
2083 *strchr(zc->zc_name, '@') = '\0';
2088 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2091 const char *propname = nvpair_name(pair);
2093 unsigned int vallen;
2096 zfs_userquota_prop_t type;
2102 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2104 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2105 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2111 * A correctly constructed propname is encoded as
2112 * userquota@<rid>-<domain>.
2114 if ((dash = strchr(propname, '-')) == NULL ||
2115 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2124 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2126 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2127 zfsvfs_rele(zfsvfs, FTAG);
2137 * If the named property is one that has a special function to set its value,
2138 * return 0 on success and a positive error code on failure; otherwise if it is
2139 * not one of the special properties handled by this function, return -1.
2141 * XXX: It would be better for callers of the property interface if we handled
2142 * these special cases in dsl_prop.c (in the dsl layer).
2145 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2148 const char *propname = nvpair_name(pair);
2149 zfs_prop_t prop = zfs_name_to_prop(propname);
2153 if (prop == ZPROP_INVAL) {
2154 if (zfs_prop_userquota(propname))
2155 return (zfs_prop_set_userquota(dsname, pair));
2159 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2161 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2162 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2166 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2169 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2172 case ZFS_PROP_QUOTA:
2173 err = dsl_dir_set_quota(dsname, source, intval);
2175 case ZFS_PROP_REFQUOTA:
2176 err = dsl_dataset_set_quota(dsname, source, intval);
2178 case ZFS_PROP_RESERVATION:
2179 err = dsl_dir_set_reservation(dsname, source, intval);
2181 case ZFS_PROP_REFRESERVATION:
2182 err = dsl_dataset_set_reservation(dsname, source, intval);
2184 case ZFS_PROP_VOLSIZE:
2185 err = zvol_set_volsize(dsname, intval);
2187 case ZFS_PROP_VERSION:
2191 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2195 err = zfs_set_version(zfsvfs, intval);
2197 zfsvfs_rele(zfsvfs, FTAG);
2199 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2202 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2203 (void) strcpy(zc->zc_name, dsname);
2204 (void) zfs_ioc_userspace_upgrade(zc);
2205 kmem_free(zc, sizeof (zfs_cmd_t));
2218 * This function is best effort. If it fails to set any of the given properties,
2219 * it continues to set as many as it can and returns the first error
2220 * encountered. If the caller provides a non-NULL errlist, it also gives the
2221 * complete list of names of all the properties it failed to set along with the
2222 * corresponding error numbers. The caller is responsible for freeing the
2225 * If every property is set successfully, zero is returned and the list pointed
2226 * at by errlist is NULL.
2229 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2237 nvlist_t *genericnvl;
2241 VERIFY(nvlist_alloc(&genericnvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2242 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2243 VERIFY(nvlist_alloc(&retrynvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2247 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2248 const char *propname = nvpair_name(pair);
2249 zfs_prop_t prop = zfs_name_to_prop(propname);
2252 /* decode the property value */
2254 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2256 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2257 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2262 /* Validate value type */
2263 if (err == 0 && prop == ZPROP_INVAL) {
2264 if (zfs_prop_user(propname)) {
2265 if (nvpair_type(propval) != DATA_TYPE_STRING)
2267 } else if (zfs_prop_userquota(propname)) {
2268 if (nvpair_type(propval) !=
2269 DATA_TYPE_UINT64_ARRAY)
2272 } else if (err == 0) {
2273 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2274 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2276 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2279 VERIFY(nvpair_value_uint64(propval,
2282 switch (zfs_prop_get_type(prop)) {
2283 case PROP_TYPE_NUMBER:
2285 case PROP_TYPE_STRING:
2288 case PROP_TYPE_INDEX:
2289 if (zfs_prop_index_to_string(prop,
2290 intval, &unused) != 0)
2295 "unknown property type");
2302 /* Validate permissions */
2304 err = zfs_check_settable(dsname, pair, CRED());
2307 err = zfs_prop_set_special(dsname, source, pair);
2310 * For better performance we build up a list of
2311 * properties to set in a single transaction.
2313 err = nvlist_add_nvpair(genericnvl, pair);
2314 } else if (err != 0 && nvl != retrynvl) {
2316 * This may be a spurious error caused by
2317 * receiving quota and reservation out of order.
2318 * Try again in a second pass.
2320 err = nvlist_add_nvpair(retrynvl, pair);
2325 VERIFY(nvlist_add_int32(errors, propname, err) == 0);
2328 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2333 if (!nvlist_empty(genericnvl) &&
2334 dsl_props_set(dsname, source, genericnvl) != 0) {
2336 * If this fails, we still want to set as many properties as we
2337 * can, so try setting them individually.
2340 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2341 const char *propname = nvpair_name(pair);
2345 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2347 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2348 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2352 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2353 VERIFY(nvpair_value_string(propval,
2355 err = dsl_prop_set(dsname, propname, source, 1,
2356 strlen(strval) + 1, strval);
2358 VERIFY(nvpair_value_uint64(propval,
2360 err = dsl_prop_set(dsname, propname, source, 8,
2365 VERIFY(nvlist_add_int32(errors, propname,
2370 nvlist_free(genericnvl);
2371 nvlist_free(retrynvl);
2373 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
2374 nvlist_free(errors);
2377 VERIFY(nvpair_value_int32(pair, &rv) == 0);
2380 if (errlist == NULL)
2381 nvlist_free(errors);
2389 * Check that all the properties are valid user properties.
2392 zfs_check_userprops(char *fsname, nvlist_t *nvl)
2394 nvpair_t *pair = NULL;
2397 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2398 const char *propname = nvpair_name(pair);
2401 if (!zfs_prop_user(propname) ||
2402 nvpair_type(pair) != DATA_TYPE_STRING)
2405 if ((error = zfs_secpolicy_write_perms(fsname,
2406 ZFS_DELEG_PERM_USERPROP, CRED())))
2409 if (strlen(propname) >= ZAP_MAXNAMELEN)
2410 return (ENAMETOOLONG);
2412 VERIFY(nvpair_value_string(pair, &valstr) == 0);
2413 if (strlen(valstr) >= ZAP_MAXVALUELEN)
2420 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2424 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2427 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2428 if (nvlist_exists(skipped, nvpair_name(pair)))
2431 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2436 clear_received_props(objset_t *os, const char *fs, nvlist_t *props,
2440 nvlist_t *cleared_props = NULL;
2441 props_skip(props, skipped, &cleared_props);
2442 if (!nvlist_empty(cleared_props)) {
2444 * Acts on local properties until the dataset has received
2445 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2447 zprop_source_t flags = (ZPROP_SRC_NONE |
2448 (dsl_prop_get_hasrecvd(os) ? ZPROP_SRC_RECEIVED : 0));
2449 err = zfs_set_prop_nvlist(fs, flags, cleared_props, NULL);
2451 nvlist_free(cleared_props);
2457 * zc_name name of filesystem
2458 * zc_value name of property to set
2459 * zc_nvlist_src{_size} nvlist of properties to apply
2460 * zc_cookie received properties flag
2463 * zc_nvlist_dst{_size} error for each unapplied received property
2466 zfs_ioc_set_prop(zfs_cmd_t *zc)
2469 boolean_t received = zc->zc_cookie;
2470 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2472 nvlist_t *errors = NULL;
2475 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2476 zc->zc_iflags, &nvl)) != 0)
2480 nvlist_t *origprops;
2483 if (dmu_objset_hold(zc->zc_name, FTAG, &os) == 0) {
2484 if (dsl_prop_get_received(os, &origprops) == 0) {
2485 (void) clear_received_props(os,
2486 zc->zc_name, origprops, nvl);
2487 nvlist_free(origprops);
2490 dsl_prop_set_hasrecvd(os);
2491 dmu_objset_rele(os, FTAG);
2495 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, &errors);
2497 if (zc->zc_nvlist_dst != 0 && errors != NULL) {
2498 (void) put_nvlist(zc, errors);
2501 nvlist_free(errors);
2508 * zc_name name of filesystem
2509 * zc_value name of property to inherit
2510 * zc_cookie revert to received value if TRUE
2515 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2517 const char *propname = zc->zc_value;
2518 zfs_prop_t prop = zfs_name_to_prop(propname);
2519 boolean_t received = zc->zc_cookie;
2520 zprop_source_t source = (received
2521 ? ZPROP_SRC_NONE /* revert to received value, if any */
2522 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2531 * zfs_prop_set_special() expects properties in the form of an
2532 * nvpair with type info.
2534 if (prop == ZPROP_INVAL) {
2535 if (!zfs_prop_user(propname))
2538 type = PROP_TYPE_STRING;
2539 } else if (prop == ZFS_PROP_VOLSIZE ||
2540 prop == ZFS_PROP_VERSION) {
2543 type = zfs_prop_get_type(prop);
2546 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2549 case PROP_TYPE_STRING:
2550 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2552 case PROP_TYPE_NUMBER:
2553 case PROP_TYPE_INDEX:
2554 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2561 pair = nvlist_next_nvpair(dummy, NULL);
2562 err = zfs_prop_set_special(zc->zc_name, source, pair);
2565 return (err); /* special property already handled */
2568 * Only check this in the non-received case. We want to allow
2569 * 'inherit -S' to revert non-inheritable properties like quota
2570 * and reservation to the received or default values even though
2571 * they are not considered inheritable.
2573 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2577 /* the property name has been validated by zfs_secpolicy_inherit() */
2578 return (dsl_prop_set(zc->zc_name, zc->zc_value, source, 0, 0, NULL));
2582 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2589 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2590 zc->zc_iflags, &props)))
2594 * If the only property is the configfile, then just do a spa_lookup()
2595 * to handle the faulted case.
2597 pair = nvlist_next_nvpair(props, NULL);
2598 if (pair != NULL && strcmp(nvpair_name(pair),
2599 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2600 nvlist_next_nvpair(props, pair) == NULL) {
2601 mutex_enter(&spa_namespace_lock);
2602 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2603 spa_configfile_set(spa, props, B_FALSE);
2604 spa_config_sync(spa, B_FALSE, B_TRUE);
2606 mutex_exit(&spa_namespace_lock);
2613 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2618 error = spa_prop_set(spa, props);
2621 spa_close(spa, FTAG);
2627 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2631 nvlist_t *nvp = NULL;
2633 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2635 * If the pool is faulted, there may be properties we can still
2636 * get (such as altroot and cachefile), so attempt to get them
2639 mutex_enter(&spa_namespace_lock);
2640 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2641 error = spa_prop_get(spa, &nvp);
2642 mutex_exit(&spa_namespace_lock);
2644 error = spa_prop_get(spa, &nvp);
2645 spa_close(spa, FTAG);
2648 if (error == 0 && zc->zc_nvlist_dst != 0)
2649 error = put_nvlist(zc, nvp);
2659 * zc_name name of volume
2664 zfs_ioc_create_minor(zfs_cmd_t *zc)
2666 return (zvol_create_minor(zc->zc_name));
2671 * zc_name name of volume
2676 zfs_ioc_remove_minor(zfs_cmd_t *zc)
2678 return (zvol_remove_minor(zc->zc_name));
2683 * zc_name name of filesystem
2684 * zc_nvlist_src{_size} nvlist of delegated permissions
2685 * zc_perm_action allow/unallow flag
2690 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2693 nvlist_t *fsaclnv = NULL;
2695 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2696 zc->zc_iflags, &fsaclnv)) != 0)
2700 * Verify nvlist is constructed correctly
2702 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2703 nvlist_free(fsaclnv);
2708 * If we don't have PRIV_SYS_MOUNT, then validate
2709 * that user is allowed to hand out each permission in
2713 error = secpolicy_zfs(CRED());
2715 if (zc->zc_perm_action == B_FALSE) {
2716 error = dsl_deleg_can_allow(zc->zc_name,
2719 error = dsl_deleg_can_unallow(zc->zc_name,
2725 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2727 nvlist_free(fsaclnv);
2733 * zc_name name of filesystem
2736 * zc_nvlist_src{_size} nvlist of delegated permissions
2739 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2744 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2745 error = put_nvlist(zc, nvp);
2754 * Search the vfs list for a specified resource. Returns a pointer to it
2755 * or NULL if no suitable entry is found. The caller of this routine
2756 * is responsible for releasing the returned vfs pointer.
2759 zfs_get_vfs(const char *resource)
2762 struct vfs *vfs_found = NULL;
2764 vfs_list_read_lock();
2767 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2772 vfsp = vfsp->vfs_next;
2773 } while (vfsp != rootvfs);
2777 #endif /* HAVE_ZPL */
2781 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2783 zfs_creat_t *zct = arg;
2785 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2788 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2792 * createprops list of properties requested by creator
2793 * default_zplver zpl version to use if unspecified in createprops
2794 * fuids_ok fuids allowed in this version of the spa?
2795 * os parent objset pointer (NULL if root fs)
2798 * zplprops values for the zplprops we attach to the master node object
2799 * is_ci true if requested file system will be purely case-insensitive
2801 * Determine the settings for utf8only, normalization and
2802 * casesensitivity. Specific values may have been requested by the
2803 * creator and/or we can inherit values from the parent dataset. If
2804 * the file system is of too early a vintage, a creator can not
2805 * request settings for these properties, even if the requested
2806 * setting is the default value. We don't actually want to create dsl
2807 * properties for these, so remove them from the source nvlist after
2811 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
2812 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
2813 nvlist_t *zplprops, boolean_t *is_ci)
2815 uint64_t sense = ZFS_PROP_UNDEFINED;
2816 uint64_t norm = ZFS_PROP_UNDEFINED;
2817 uint64_t u8 = ZFS_PROP_UNDEFINED;
2819 ASSERT(zplprops != NULL);
2822 * Pull out creator prop choices, if any.
2825 (void) nvlist_lookup_uint64(createprops,
2826 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
2827 (void) nvlist_lookup_uint64(createprops,
2828 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
2829 (void) nvlist_remove_all(createprops,
2830 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
2831 (void) nvlist_lookup_uint64(createprops,
2832 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
2833 (void) nvlist_remove_all(createprops,
2834 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
2835 (void) nvlist_lookup_uint64(createprops,
2836 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
2837 (void) nvlist_remove_all(createprops,
2838 zfs_prop_to_name(ZFS_PROP_CASE));
2842 * If the zpl version requested is whacky or the file system
2843 * or pool is version is too "young" to support normalization
2844 * and the creator tried to set a value for one of the props,
2847 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
2848 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
2849 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
2850 (zplver < ZPL_VERSION_NORMALIZATION &&
2851 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
2852 sense != ZFS_PROP_UNDEFINED)))
2856 * Put the version in the zplprops
2858 VERIFY(nvlist_add_uint64(zplprops,
2859 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
2861 if (norm == ZFS_PROP_UNDEFINED)
2862 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
2863 VERIFY(nvlist_add_uint64(zplprops,
2864 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
2867 * If we're normalizing, names must always be valid UTF-8 strings.
2871 if (u8 == ZFS_PROP_UNDEFINED)
2872 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
2873 VERIFY(nvlist_add_uint64(zplprops,
2874 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
2876 if (sense == ZFS_PROP_UNDEFINED)
2877 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
2878 VERIFY(nvlist_add_uint64(zplprops,
2879 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
2882 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
2888 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
2889 nvlist_t *zplprops, boolean_t *is_ci)
2891 boolean_t fuids_ok, sa_ok;
2892 uint64_t zplver = ZPL_VERSION;
2893 objset_t *os = NULL;
2894 char parentname[MAXNAMELEN];
2900 (void) strlcpy(parentname, dataset, sizeof (parentname));
2901 cp = strrchr(parentname, '/');
2905 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
2908 spa_vers = spa_version(spa);
2909 spa_close(spa, FTAG);
2911 zplver = zfs_zpl_version_map(spa_vers);
2912 fuids_ok = (zplver >= ZPL_VERSION_FUID);
2913 sa_ok = (zplver >= ZPL_VERSION_SA);
2916 * Open parent object set so we can inherit zplprop values.
2918 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
2921 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
2923 dmu_objset_rele(os, FTAG);
2928 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
2929 nvlist_t *zplprops, boolean_t *is_ci)
2933 uint64_t zplver = ZPL_VERSION;
2936 zplver = zfs_zpl_version_map(spa_vers);
2937 fuids_ok = (zplver >= ZPL_VERSION_FUID);
2938 sa_ok = (zplver >= ZPL_VERSION_SA);
2940 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
2941 createprops, zplprops, is_ci);
2947 * zc_objset_type type of objset to create (fs vs zvol)
2948 * zc_name name of new objset
2949 * zc_value name of snapshot to clone from (may be empty)
2950 * zc_nvlist_src{_size} nvlist of properties to apply
2955 zfs_ioc_create(zfs_cmd_t *zc)
2960 nvlist_t *nvprops = NULL;
2961 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
2962 dmu_objset_type_t type = zc->zc_objset_type;
2967 cbfunc = zfs_create_cb;
2971 cbfunc = zvol_create_cb;
2978 if (strchr(zc->zc_name, '@') ||
2979 strchr(zc->zc_name, '%'))
2982 if (zc->zc_nvlist_src != 0 &&
2983 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2984 zc->zc_iflags, &nvprops)) != 0)
2987 zct.zct_zplprops = NULL;
2988 zct.zct_props = nvprops;
2990 if (zc->zc_value[0] != '\0') {
2992 * We're creating a clone of an existing snapshot.
2994 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
2995 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) {
2996 nvlist_free(nvprops);
3000 error = dmu_objset_hold(zc->zc_value, FTAG, &clone);
3002 nvlist_free(nvprops);
3006 error = dmu_objset_clone(zc->zc_name, dmu_objset_ds(clone), 0);
3007 dmu_objset_rele(clone, FTAG);
3009 nvlist_free(nvprops);
3013 boolean_t is_insensitive = B_FALSE;
3015 if (cbfunc == NULL) {
3016 nvlist_free(nvprops);
3020 if (type == DMU_OST_ZVOL) {
3021 uint64_t volsize, volblocksize;
3023 if (nvprops == NULL ||
3024 nvlist_lookup_uint64(nvprops,
3025 zfs_prop_to_name(ZFS_PROP_VOLSIZE),
3027 nvlist_free(nvprops);
3031 if ((error = nvlist_lookup_uint64(nvprops,
3032 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3033 &volblocksize)) != 0 && error != ENOENT) {
3034 nvlist_free(nvprops);
3039 volblocksize = zfs_prop_default_numeric(
3040 ZFS_PROP_VOLBLOCKSIZE);
3042 if ((error = zvol_check_volblocksize(
3043 volblocksize)) != 0 ||
3044 (error = zvol_check_volsize(volsize,
3045 volblocksize)) != 0) {
3046 nvlist_free(nvprops);
3049 } else if (type == DMU_OST_ZFS) {
3053 * We have to have normalization and
3054 * case-folding flags correct when we do the
3055 * file system creation, so go figure them out
3058 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3059 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3060 error = zfs_fill_zplprops(zc->zc_name, nvprops,
3061 zct.zct_zplprops, &is_insensitive);
3063 nvlist_free(nvprops);
3064 nvlist_free(zct.zct_zplprops);
3068 error = dmu_objset_create(zc->zc_name, type,
3069 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3070 nvlist_free(zct.zct_zplprops);
3074 * It would be nice to do this atomically.
3077 error = zfs_set_prop_nvlist(zc->zc_name, ZPROP_SRC_LOCAL,
3080 (void) dmu_objset_destroy(zc->zc_name, B_FALSE);
3082 nvlist_free(nvprops);
3088 * zc_name name of filesystem
3089 * zc_value short name of snapshot
3090 * zc_cookie recursive flag
3091 * zc_nvlist_src[_size] property list
3094 * zc_value short snapname (i.e. part after the '@')
3097 zfs_ioc_snapshot(zfs_cmd_t *zc)
3099 nvlist_t *nvprops = NULL;
3101 boolean_t recursive = zc->zc_cookie;
3103 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
3106 if (zc->zc_nvlist_src != 0 &&
3107 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3108 zc->zc_iflags, &nvprops)) != 0)
3111 error = zfs_check_userprops(zc->zc_name, nvprops);
3115 if (!nvlist_empty(nvprops) &&
3116 zfs_earlier_version(zc->zc_name, SPA_VERSION_SNAP_PROPS)) {
3121 error = dmu_objset_snapshot(zc->zc_name, zc->zc_value, NULL,
3122 nvprops, recursive, B_FALSE, -1);
3125 nvlist_free(nvprops);
3130 zfs_unmount_snap(const char *name, void *arg)
3136 char *snapname = arg;
3137 char *fullname = kmem_asprintf("%s@%s", name, snapname);
3138 vfsp = zfs_get_vfs(fullname);
3140 } else if (strchr(name, '@')) {
3141 vfsp = zfs_get_vfs(name);
3146 * Always force the unmount for snapshots.
3148 int flag = MS_FORCE;
3151 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) {
3156 if ((err = dounmount(vfsp, flag, kcred)) != 0)
3159 #endif /* HAVE_ZPL */
3165 * zc_name name of filesystem
3166 * zc_value short name of snapshot
3167 * zc_defer_destroy mark for deferred destroy
3172 zfs_ioc_destroy_snaps(zfs_cmd_t *zc)
3176 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
3178 err = dmu_objset_find(zc->zc_name,
3179 zfs_unmount_snap, zc->zc_value, DS_FIND_CHILDREN);
3182 return (dmu_snapshots_destroy(zc->zc_name, zc->zc_value,
3183 zc->zc_defer_destroy));
3188 * zc_name name of dataset to destroy
3189 * zc_objset_type type of objset
3190 * zc_defer_destroy mark for deferred destroy
3195 zfs_ioc_destroy(zfs_cmd_t *zc)
3198 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) {
3199 err = zfs_unmount_snap(zc->zc_name, NULL);
3204 err = dmu_objset_destroy(zc->zc_name, zc->zc_defer_destroy);
3205 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3206 (void) zvol_remove_minor(zc->zc_name);
3212 * zc_name name of dataset to rollback (to most recent snapshot)
3217 zfs_ioc_rollback(zfs_cmd_t *zc)
3220 dsl_dataset_t *ds, *clone;
3225 error = dsl_dataset_hold(zc->zc_name, FTAG, &ds);
3229 /* must not be a snapshot */
3230 if (dsl_dataset_is_snapshot(ds)) {
3231 dsl_dataset_rele(ds, FTAG);
3235 /* must have a most recent snapshot */
3236 if (ds->ds_phys->ds_prev_snap_txg < TXG_INITIAL) {
3237 dsl_dataset_rele(ds, FTAG);
3242 * Create clone of most recent snapshot.
3244 clone_name = kmem_asprintf("%s/%%rollback", zc->zc_name);
3245 error = dmu_objset_clone(clone_name, ds->ds_prev, DS_FLAG_INCONSISTENT);
3249 error = dsl_dataset_own(clone_name, B_TRUE, FTAG, &clone);
3256 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
3257 error = zfs_suspend_fs(zfsvfs);
3261 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3262 error = dsl_dataset_clone_swap(clone, ds,
3264 dsl_dataset_disown(ds, FTAG);
3269 resume_err = zfs_resume_fs(zfsvfs, zc->zc_name);
3270 error = error ? error : resume_err;
3272 VFS_RELE(zfsvfs->z_vfs);
3274 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3275 error = dsl_dataset_clone_swap(clone, ds, B_TRUE);
3276 dsl_dataset_disown(ds, FTAG);
3284 * Destroy clone (which also closes it).
3286 (void) dsl_dataset_destroy(clone, FTAG, B_FALSE);
3289 strfree(clone_name);
3291 dsl_dataset_rele(ds, FTAG);
3295 #endif /* HAVE_ZPL */
3300 * zc_name old name of dataset
3301 * zc_value new name of dataset
3302 * zc_cookie recursive flag (only valid for snapshots)
3307 zfs_ioc_rename(zfs_cmd_t *zc)
3309 boolean_t recursive = zc->zc_cookie & 1;
3311 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3312 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3313 strchr(zc->zc_value, '%'))
3317 * Unmount snapshot unless we're doing a recursive rename,
3318 * in which case the dataset code figures out which snapshots
3321 if (!recursive && strchr(zc->zc_name, '@') != NULL &&
3322 zc->zc_objset_type == DMU_OST_ZFS) {
3323 int err = zfs_unmount_snap(zc->zc_name, NULL);
3327 if (zc->zc_objset_type == DMU_OST_ZVOL)
3328 (void) zvol_remove_minor(zc->zc_name);
3329 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive));
3333 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3335 const char *propname = nvpair_name(pair);
3336 boolean_t issnap = (strchr(dsname, '@') != NULL);
3337 zfs_prop_t prop = zfs_name_to_prop(propname);
3341 if (prop == ZPROP_INVAL) {
3342 if (zfs_prop_user(propname)) {
3343 if ((err = zfs_secpolicy_write_perms(dsname,
3344 ZFS_DELEG_PERM_USERPROP, cr)))
3349 if (!issnap && zfs_prop_userquota(propname)) {
3350 const char *perm = NULL;
3351 const char *uq_prefix =
3352 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3353 const char *gq_prefix =
3354 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3356 if (strncmp(propname, uq_prefix,
3357 strlen(uq_prefix)) == 0) {
3358 perm = ZFS_DELEG_PERM_USERQUOTA;
3359 } else if (strncmp(propname, gq_prefix,
3360 strlen(gq_prefix)) == 0) {
3361 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3363 /* USERUSED and GROUPUSED are read-only */
3367 if ((err = zfs_secpolicy_write_perms(dsname, perm, cr)))
3378 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3380 * dsl_prop_get_all_impl() returns properties in this
3384 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3385 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3390 * Check that this value is valid for this pool version
3393 case ZFS_PROP_COMPRESSION:
3395 * If the user specified gzip compression, make sure
3396 * the SPA supports it. We ignore any errors here since
3397 * we'll catch them later.
3399 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3400 nvpair_value_uint64(pair, &intval) == 0) {
3401 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3402 intval <= ZIO_COMPRESS_GZIP_9 &&
3403 zfs_earlier_version(dsname,
3404 SPA_VERSION_GZIP_COMPRESSION)) {
3408 if (intval == ZIO_COMPRESS_ZLE &&
3409 zfs_earlier_version(dsname,
3410 SPA_VERSION_ZLE_COMPRESSION))
3414 * If this is a bootable dataset then
3415 * verify that the compression algorithm
3416 * is supported for booting. We must return
3417 * something other than ENOTSUP since it
3418 * implies a downrev pool version.
3420 if (zfs_is_bootfs(dsname) &&
3421 !BOOTFS_COMPRESS_VALID(intval)) {
3427 case ZFS_PROP_COPIES:
3428 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3432 case ZFS_PROP_DEDUP:
3433 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3437 case ZFS_PROP_SHARESMB:
3438 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3442 case ZFS_PROP_ACLINHERIT:
3443 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3444 nvpair_value_uint64(pair, &intval) == 0) {
3445 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3446 zfs_earlier_version(dsname,
3447 SPA_VERSION_PASSTHROUGH_X))
3455 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3459 * Removes properties from the given props list that fail permission checks
3460 * needed to clear them and to restore them in case of a receive error. For each
3461 * property, make sure we have both set and inherit permissions.
3463 * Returns the first error encountered if any permission checks fail. If the
3464 * caller provides a non-NULL errlist, it also gives the complete list of names
3465 * of all the properties that failed a permission check along with the
3466 * corresponding error numbers. The caller is responsible for freeing the
3469 * If every property checks out successfully, zero is returned and the list
3470 * pointed at by errlist is NULL.
3473 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3476 nvpair_t *pair, *next_pair;
3483 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3485 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3486 (void) strcpy(zc->zc_name, dataset);
3487 pair = nvlist_next_nvpair(props, NULL);
3488 while (pair != NULL) {
3489 next_pair = nvlist_next_nvpair(props, pair);
3491 (void) strcpy(zc->zc_value, nvpair_name(pair));
3492 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3493 (err = zfs_secpolicy_inherit(zc, CRED())) != 0) {
3494 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3495 VERIFY(nvlist_add_int32(errors,
3496 zc->zc_value, err) == 0);
3500 kmem_free(zc, sizeof (zfs_cmd_t));
3502 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3503 nvlist_free(errors);
3506 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3509 if (errlist == NULL)
3510 nvlist_free(errors);
3518 propval_equals(nvpair_t *p1, nvpair_t *p2)
3520 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3521 /* dsl_prop_get_all_impl() format */
3523 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3524 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3528 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
3530 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
3531 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3535 if (nvpair_type(p1) != nvpair_type(p2))
3538 if (nvpair_type(p1) == DATA_TYPE_STRING) {
3539 char *valstr1, *valstr2;
3541 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
3542 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
3543 return (strcmp(valstr1, valstr2) == 0);
3545 uint64_t intval1, intval2;
3547 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
3548 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
3549 return (intval1 == intval2);
3554 * Remove properties from props if they are not going to change (as determined
3555 * by comparison with origprops). Remove them from origprops as well, since we
3556 * do not need to clear or restore properties that won't change.
3559 props_reduce(nvlist_t *props, nvlist_t *origprops)
3561 nvpair_t *pair, *next_pair;
3563 if (origprops == NULL)
3564 return; /* all props need to be received */
3566 pair = nvlist_next_nvpair(props, NULL);
3567 while (pair != NULL) {
3568 const char *propname = nvpair_name(pair);
3571 next_pair = nvlist_next_nvpair(props, pair);
3573 if ((nvlist_lookup_nvpair(origprops, propname,
3574 &match) != 0) || !propval_equals(pair, match))
3575 goto next; /* need to set received value */
3577 /* don't clear the existing received value */
3578 (void) nvlist_remove_nvpair(origprops, match);
3579 /* don't bother receiving the property */
3580 (void) nvlist_remove_nvpair(props, pair);
3587 static boolean_t zfs_ioc_recv_inject_err;
3592 * zc_name name of containing filesystem
3593 * zc_nvlist_src{_size} nvlist of properties to apply
3594 * zc_value name of snapshot to create
3595 * zc_string name of clone origin (if DRR_FLAG_CLONE)
3596 * zc_cookie file descriptor to recv from
3597 * zc_begin_record the BEGIN record of the stream (not byteswapped)
3598 * zc_guid force flag
3599 * zc_cleanup_fd cleanup-on-exit file descriptor
3600 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
3603 * zc_cookie number of bytes read
3604 * zc_nvlist_dst{_size} error for each unapplied received property
3605 * zc_obj zprop_errflags_t
3606 * zc_action_handle handle for this guid/ds mapping
3609 zfs_ioc_recv(zfs_cmd_t *zc)
3613 dmu_recv_cookie_t drc;
3614 boolean_t force = (boolean_t)zc->zc_guid;
3617 int props_error = 0;
3620 nvlist_t *props = NULL; /* sent properties */
3621 nvlist_t *origprops = NULL; /* existing properties */
3622 objset_t *origin = NULL;
3624 char tofs[ZFS_MAXNAMELEN];
3625 boolean_t first_recvd_props = B_FALSE;
3627 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3628 strchr(zc->zc_value, '@') == NULL ||
3629 strchr(zc->zc_value, '%'))
3632 (void) strcpy(tofs, zc->zc_value);
3633 tosnap = strchr(tofs, '@');
3636 if (zc->zc_nvlist_src != 0 &&
3637 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3638 zc->zc_iflags, &props)) != 0)
3648 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3650 if (props && dmu_objset_hold(tofs, FTAG, &os) == 0) {
3651 if ((spa_version(os->os_spa) >= SPA_VERSION_RECVD_PROPS) &&
3652 !dsl_prop_get_hasrecvd(os)) {
3653 first_recvd_props = B_TRUE;
3657 * If new received properties are supplied, they are to
3658 * completely replace the existing received properties, so stash
3659 * away the existing ones.
3661 if (dsl_prop_get_received(os, &origprops) == 0) {
3662 nvlist_t *errlist = NULL;
3664 * Don't bother writing a property if its value won't
3665 * change (and avoid the unnecessary security checks).
3667 * The first receive after SPA_VERSION_RECVD_PROPS is a
3668 * special case where we blow away all local properties
3671 if (!first_recvd_props)
3672 props_reduce(props, origprops);
3673 if (zfs_check_clearable(tofs, origprops,
3675 (void) nvlist_merge(errors, errlist, 0);
3676 nvlist_free(errlist);
3679 dmu_objset_rele(os, FTAG);
3682 if (zc->zc_string[0]) {
3683 error = dmu_objset_hold(zc->zc_string, FTAG, &origin);
3688 error = dmu_recv_begin(tofs, tosnap, zc->zc_top_ds,
3689 &zc->zc_begin_record, force, origin, &drc);
3691 dmu_objset_rele(origin, FTAG);
3696 * Set properties before we receive the stream so that they are applied
3697 * to the new data. Note that we must call dmu_recv_stream() if
3698 * dmu_recv_begin() succeeds.
3703 if (dmu_objset_from_ds(drc.drc_logical_ds, &os) == 0) {
3704 if (drc.drc_newfs) {
3705 if (spa_version(os->os_spa) >=
3706 SPA_VERSION_RECVD_PROPS)
3707 first_recvd_props = B_TRUE;
3708 } else if (origprops != NULL) {
3709 if (clear_received_props(os, tofs, origprops,
3710 first_recvd_props ? NULL : props) != 0)
3711 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3713 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3715 dsl_prop_set_hasrecvd(os);
3716 } else if (!drc.drc_newfs) {
3717 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3720 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
3722 (void) nvlist_merge(errors, errlist, 0);
3723 nvlist_free(errlist);
3726 if (fit_error_list(zc, &errors) != 0 || put_nvlist(zc, errors) != 0) {
3728 * Caller made zc->zc_nvlist_dst less than the minimum expected
3729 * size or supplied an invalid address.
3731 props_error = EINVAL;
3735 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
3736 &zc->zc_action_handle);
3740 zfsvfs_t *zfsvfs = NULL;
3742 if (getzfsvfs(tofs, &zfsvfs) == 0) {
3746 error = zfs_suspend_fs(zfsvfs);
3748 * If the suspend fails, then the recv_end will
3749 * likely also fail, and clean up after itself.
3751 end_err = dmu_recv_end(&drc);
3753 error = zfs_resume_fs(zfsvfs, tofs);
3754 error = error ? error : end_err;
3755 VFS_RELE(zfsvfs->z_vfs);
3757 error = dmu_recv_end(&drc);
3760 error = dmu_recv_end(&drc);
3761 #endif /* HAVE_ZPL */
3764 zc->zc_cookie = off - fp->f_offset;
3765 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
3769 if (zfs_ioc_recv_inject_err) {
3770 zfs_ioc_recv_inject_err = B_FALSE;
3775 * On error, restore the original props.
3777 if (error && props) {
3778 if (dmu_objset_hold(tofs, FTAG, &os) == 0) {
3779 if (clear_received_props(os, tofs, props, NULL) != 0) {
3781 * We failed to clear the received properties.
3782 * Since we may have left a $recvd value on the
3783 * system, we can't clear the $hasrecvd flag.
3785 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3786 } else if (first_recvd_props) {
3787 dsl_prop_unset_hasrecvd(os);
3789 dmu_objset_rele(os, FTAG);
3790 } else if (!drc.drc_newfs) {
3791 /* We failed to clear the received properties. */
3792 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3795 if (origprops == NULL && !drc.drc_newfs) {
3796 /* We failed to stash the original properties. */
3797 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3801 * dsl_props_set() will not convert RECEIVED to LOCAL on or
3802 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
3803 * explictly if we're restoring local properties cleared in the
3804 * first new-style receive.
3806 if (origprops != NULL &&
3807 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
3808 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
3809 origprops, NULL) != 0) {
3811 * We stashed the original properties but failed to
3814 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3819 nvlist_free(origprops);
3820 nvlist_free(errors);
3824 error = props_error;
3831 * zc_name name of snapshot to send
3832 * zc_cookie file descriptor to send stream to
3833 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
3834 * zc_sendobj objsetid of snapshot to send
3835 * zc_fromobj objsetid of incremental fromsnap (may be zero)
3840 zfs_ioc_send(zfs_cmd_t *zc)
3842 objset_t *fromsnap = NULL;
3848 dsl_dataset_t *dsfrom = NULL;
3852 error = spa_open(zc->zc_name, &spa, FTAG);
3856 dp = spa_get_dsl(spa);
3857 rw_enter(&dp->dp_config_rwlock, RW_READER);
3858 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
3859 rw_exit(&dp->dp_config_rwlock);
3861 spa_close(spa, FTAG);
3865 error = dmu_objset_from_ds(ds, &tosnap);
3867 dsl_dataset_rele(ds, FTAG);
3868 spa_close(spa, FTAG);
3872 if (zc->zc_fromobj != 0) {
3873 rw_enter(&dp->dp_config_rwlock, RW_READER);
3874 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj, FTAG, &dsfrom);
3875 rw_exit(&dp->dp_config_rwlock);
3876 spa_close(spa, FTAG);
3878 dsl_dataset_rele(ds, FTAG);
3881 error = dmu_objset_from_ds(dsfrom, &fromsnap);
3883 dsl_dataset_rele(dsfrom, FTAG);
3884 dsl_dataset_rele(ds, FTAG);
3888 spa_close(spa, FTAG);
3891 fp = getf(zc->zc_cookie);
3893 dsl_dataset_rele(ds, FTAG);
3895 dsl_dataset_rele(dsfrom, FTAG);
3900 error = dmu_sendbackup(tosnap, fromsnap, zc->zc_obj, fp->f_vnode, &off);
3902 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
3904 releasef(zc->zc_cookie);
3906 dsl_dataset_rele(dsfrom, FTAG);
3907 dsl_dataset_rele(ds, FTAG);
3912 zfs_ioc_inject_fault(zfs_cmd_t *zc)
3916 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
3917 &zc->zc_inject_record);
3920 zc->zc_guid = (uint64_t)id;
3926 zfs_ioc_clear_fault(zfs_cmd_t *zc)
3928 return (zio_clear_fault((int)zc->zc_guid));
3932 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
3934 int id = (int)zc->zc_guid;
3937 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
3938 &zc->zc_inject_record);
3946 zfs_ioc_error_log(zfs_cmd_t *zc)
3950 size_t count = (size_t)zc->zc_nvlist_dst_size;
3952 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
3955 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
3958 zc->zc_nvlist_dst_size = count;
3960 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
3962 spa_close(spa, FTAG);
3968 zfs_ioc_clear(zfs_cmd_t *zc)
3975 * On zpool clear we also fix up missing slogs
3977 mutex_enter(&spa_namespace_lock);
3978 spa = spa_lookup(zc->zc_name);
3980 mutex_exit(&spa_namespace_lock);
3983 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
3984 /* we need to let spa_open/spa_load clear the chains */
3985 spa_set_log_state(spa, SPA_LOG_CLEAR);
3987 spa->spa_last_open_failed = 0;
3988 mutex_exit(&spa_namespace_lock);
3990 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
3991 error = spa_open(zc->zc_name, &spa, FTAG);
3994 nvlist_t *config = NULL;
3996 if (zc->zc_nvlist_src == 0)
3999 if ((error = get_nvlist(zc->zc_nvlist_src,
4000 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4001 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4003 if (config != NULL) {
4006 if ((err = put_nvlist(zc, config)) != 0)
4008 nvlist_free(config);
4010 nvlist_free(policy);
4017 spa_vdev_state_enter(spa, SCL_NONE);
4019 if (zc->zc_guid == 0) {
4022 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4024 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4025 spa_close(spa, FTAG);
4030 vdev_clear(spa, vd);
4032 (void) spa_vdev_state_exit(spa, NULL, 0);
4035 * Resume any suspended I/Os.
4037 if (zio_resume(spa) != 0)
4040 spa_close(spa, FTAG);
4047 * zc_name name of filesystem
4048 * zc_value name of origin snapshot
4051 * zc_string name of conflicting snapshot, if there is one
4054 zfs_ioc_promote(zfs_cmd_t *zc)
4059 * We don't need to unmount *all* the origin fs's snapshots, but
4062 cp = strchr(zc->zc_value, '@');
4065 (void) dmu_objset_find(zc->zc_value,
4066 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS);
4067 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4071 * Retrieve a single {user|group}{used|quota}@... property.
4074 * zc_name name of filesystem
4075 * zc_objset_type zfs_userquota_prop_t
4076 * zc_value domain name (eg. "S-1-234-567-89")
4077 * zc_guid RID/UID/GID
4080 * zc_cookie property value
4083 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4089 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4092 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4096 error = zfs_userspace_one(zfsvfs,
4097 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4098 zfsvfs_rele(zfsvfs, FTAG);
4103 #endif /* HAVE_ZPL */
4108 * zc_name name of filesystem
4109 * zc_cookie zap cursor
4110 * zc_objset_type zfs_userquota_prop_t
4111 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4114 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4115 * zc_cookie zap cursor
4118 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4122 int bufsize = zc->zc_nvlist_dst_size;
4127 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4131 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4133 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4134 buf, &zc->zc_nvlist_dst_size);
4137 error = xcopyout(buf,
4138 (void *)(uintptr_t)zc->zc_nvlist_dst,
4139 zc->zc_nvlist_dst_size);
4141 kmem_free(buf, bufsize);
4142 zfsvfs_rele(zfsvfs, FTAG);
4147 #endif /* HAVE_ZPL */
4152 * zc_name name of filesystem
4158 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4165 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4166 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4168 * If userused is not enabled, it may be because the
4169 * objset needs to be closed & reopened (to grow the
4170 * objset_phys_t). Suspend/resume the fs will do that.
4172 error = zfs_suspend_fs(zfsvfs);
4174 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4177 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4178 VFS_RELE(zfsvfs->z_vfs);
4180 /* XXX kind of reading contents without owning */
4181 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4185 error = dmu_objset_userspace_upgrade(os);
4186 dmu_objset_rele(os, FTAG);
4192 #endif /* HAVE_ZPL */
4196 * We don't want to have a hard dependency
4197 * against some special symbols in sharefs
4198 * nfs, and smbsrv. Determine them if needed when
4199 * the first file system is shared.
4200 * Neither sharefs, nfs or smbsrv are unloadable modules.
4203 int (*znfsexport_fs)(void *arg);
4204 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4205 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4207 int zfs_nfsshare_inited;
4208 int zfs_smbshare_inited;
4210 ddi_modhandle_t nfs_mod;
4211 ddi_modhandle_t sharefs_mod;
4212 ddi_modhandle_t smbsrv_mod;
4213 kmutex_t zfs_share_lock;
4220 ASSERT(MUTEX_HELD(&zfs_share_lock));
4221 /* Both NFS and SMB shares also require sharetab support. */
4222 if (sharefs_mod == NULL && ((sharefs_mod =
4223 ddi_modopen("fs/sharefs",
4224 KRTLD_MODE_FIRST, &error)) == NULL)) {
4227 if (zshare_fs == NULL && ((zshare_fs =
4228 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4229 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4234 #endif /* HAVE_ZPL */
4237 zfs_ioc_share(zfs_cmd_t *zc)
4243 switch (zc->zc_share.z_sharetype) {
4245 case ZFS_UNSHARE_NFS:
4246 if (zfs_nfsshare_inited == 0) {
4247 mutex_enter(&zfs_share_lock);
4248 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4249 KRTLD_MODE_FIRST, &error)) == NULL)) {
4250 mutex_exit(&zfs_share_lock);
4253 if (znfsexport_fs == NULL &&
4254 ((znfsexport_fs = (int (*)(void *))
4256 "nfs_export", &error)) == NULL)) {
4257 mutex_exit(&zfs_share_lock);
4260 error = zfs_init_sharefs();
4262 mutex_exit(&zfs_share_lock);
4265 zfs_nfsshare_inited = 1;
4266 mutex_exit(&zfs_share_lock);
4270 case ZFS_UNSHARE_SMB:
4271 if (zfs_smbshare_inited == 0) {
4272 mutex_enter(&zfs_share_lock);
4273 if (smbsrv_mod == NULL && ((smbsrv_mod =
4274 ddi_modopen("drv/smbsrv",
4275 KRTLD_MODE_FIRST, &error)) == NULL)) {
4276 mutex_exit(&zfs_share_lock);
4279 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4280 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4281 "smb_server_share", &error)) == NULL)) {
4282 mutex_exit(&zfs_share_lock);
4285 error = zfs_init_sharefs();
4287 mutex_exit(&zfs_share_lock);
4290 zfs_smbshare_inited = 1;
4291 mutex_exit(&zfs_share_lock);
4298 switch (zc->zc_share.z_sharetype) {
4300 case ZFS_UNSHARE_NFS:
4302 znfsexport_fs((void *)
4303 (uintptr_t)zc->zc_share.z_exportdata))
4307 case ZFS_UNSHARE_SMB:
4308 if (error = zsmbexport_fs((void *)
4309 (uintptr_t)zc->zc_share.z_exportdata,
4310 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4317 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4318 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4319 SHAREFS_ADD : SHAREFS_REMOVE;
4322 * Add or remove share from sharetab
4324 error = zshare_fs(opcode,
4325 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4326 zc->zc_share.z_sharemax);
4331 #endif /* HAVE_ZPL */
4334 ace_t full_access[] = {
4335 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4340 * zc_name name of containing filesystem
4341 * zc_obj object # beyond which we want next in-use object #
4344 * zc_obj next in-use object #
4347 zfs_ioc_next_obj(zfs_cmd_t *zc)
4349 objset_t *os = NULL;
4352 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4356 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4357 os->os_dsl_dataset->ds_phys->ds_prev_snap_txg);
4359 dmu_objset_rele(os, FTAG);
4365 * zc_name name of filesystem
4366 * zc_value prefix name for snapshot
4367 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4372 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4377 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4378 (u_longlong_t)ddi_get_lbolt64());
4380 if (strlen(snap_name) >= MAXNAMELEN) {
4385 error = dmu_objset_snapshot(zc->zc_name, snap_name, snap_name,
4386 NULL, B_FALSE, B_TRUE, zc->zc_cleanup_fd);
4392 (void) strcpy(zc->zc_value, snap_name);
4399 * zc_name name of "to" snapshot
4400 * zc_value name of "from" snapshot
4401 * zc_cookie file descriptor to write diff data on
4404 * dmu_diff_record_t's to the file descriptor
4407 zfs_ioc_diff(zfs_cmd_t *zc)
4415 error = dmu_objset_hold(zc->zc_name, FTAG, &tosnap);
4419 error = dmu_objset_hold(zc->zc_value, FTAG, &fromsnap);
4421 dmu_objset_rele(tosnap, FTAG);
4425 fp = getf(zc->zc_cookie);
4427 dmu_objset_rele(fromsnap, FTAG);
4428 dmu_objset_rele(tosnap, FTAG);
4434 error = dmu_diff(tosnap, fromsnap, fp->f_vnode, &off);
4436 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4438 releasef(zc->zc_cookie);
4440 dmu_objset_rele(fromsnap, FTAG);
4441 dmu_objset_rele(tosnap, FTAG);
4446 * Remove all ACL files in shares dir
4450 zfs_smb_acl_purge(znode_t *dzp)
4453 zap_attribute_t zap;
4454 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4457 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4458 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4459 zap_cursor_advance(&zc)) {
4460 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4464 zap_cursor_fini(&zc);
4467 #endif /* HAVE ZPL */
4470 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4475 vnode_t *resourcevp = NULL;
4484 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4485 NO_FOLLOW, NULL, &vp)) != 0)
4488 /* Now make sure mntpnt and dataset are ZFS */
4490 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
4491 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4492 zc->zc_name) != 0)) {
4498 zfsvfs = dzp->z_zfsvfs;
4502 * Create share dir if its missing.
4504 mutex_enter(&zfsvfs->z_lock);
4505 if (zfsvfs->z_shares_dir == 0) {
4508 tx = dmu_tx_create(zfsvfs->z_os);
4509 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
4511 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
4512 error = dmu_tx_assign(tx, TXG_WAIT);
4516 error = zfs_create_share_dir(zfsvfs, tx);
4520 mutex_exit(&zfsvfs->z_lock);
4526 mutex_exit(&zfsvfs->z_lock);
4528 ASSERT(zfsvfs->z_shares_dir);
4529 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
4535 switch (zc->zc_cookie) {
4536 case ZFS_SMB_ACL_ADD:
4537 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
4538 vattr.va_type = VREG;
4539 vattr.va_mode = S_IFREG|0777;
4543 vsec.vsa_mask = VSA_ACE;
4544 vsec.vsa_aclentp = &full_access;
4545 vsec.vsa_aclentsz = sizeof (full_access);
4546 vsec.vsa_aclcnt = 1;
4548 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
4549 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
4551 VN_RELE(resourcevp);
4554 case ZFS_SMB_ACL_REMOVE:
4555 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
4559 case ZFS_SMB_ACL_RENAME:
4560 if ((error = get_nvlist(zc->zc_nvlist_src,
4561 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
4566 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
4567 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
4570 VN_RELE(ZTOV(sharedir));
4572 nvlist_free(nvlist);
4575 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
4577 nvlist_free(nvlist);
4580 case ZFS_SMB_ACL_PURGE:
4581 error = zfs_smb_acl_purge(sharedir);
4590 VN_RELE(ZTOV(sharedir));
4597 #endif /* HAVE_ZPL */
4602 * zc_name name of filesystem
4603 * zc_value short name of snap
4604 * zc_string user-supplied tag for this hold
4605 * zc_cookie recursive flag
4606 * zc_temphold set if hold is temporary
4607 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4608 * zc_sendobj if non-zero, the objid for zc_name@zc_value
4609 * zc_createtxg if zc_sendobj is non-zero, snap must have zc_createtxg
4614 zfs_ioc_hold(zfs_cmd_t *zc)
4616 boolean_t recursive = zc->zc_cookie;
4623 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4626 if (zc->zc_sendobj == 0) {
4627 return (dsl_dataset_user_hold(zc->zc_name, zc->zc_value,
4628 zc->zc_string, recursive, zc->zc_temphold,
4629 zc->zc_cleanup_fd));
4635 error = spa_open(zc->zc_name, &spa, FTAG);
4639 dp = spa_get_dsl(spa);
4640 rw_enter(&dp->dp_config_rwlock, RW_READER);
4641 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4642 rw_exit(&dp->dp_config_rwlock);
4643 spa_close(spa, FTAG);
4648 * Until we have a hold on this snapshot, it's possible that
4649 * zc_sendobj could've been destroyed and reused as part
4650 * of a later txg. Make sure we're looking at the right object.
4652 if (zc->zc_createtxg != ds->ds_phys->ds_creation_txg) {
4653 dsl_dataset_rele(ds, FTAG);
4657 if (zc->zc_cleanup_fd != -1 && zc->zc_temphold) {
4658 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4660 dsl_dataset_rele(ds, FTAG);
4665 error = dsl_dataset_user_hold_for_send(ds, zc->zc_string,
4669 dsl_register_onexit_hold_cleanup(ds, zc->zc_string,
4672 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4674 dsl_dataset_rele(ds, FTAG);
4681 * zc_name name of dataset from which we're releasing a user hold
4682 * zc_value short name of snap
4683 * zc_string user-supplied tag for this hold
4684 * zc_cookie recursive flag
4689 zfs_ioc_release(zfs_cmd_t *zc)
4691 boolean_t recursive = zc->zc_cookie;
4693 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4696 return (dsl_dataset_user_release(zc->zc_name, zc->zc_value,
4697 zc->zc_string, recursive));
4702 * zc_name name of filesystem
4705 * zc_nvlist_src{_size} nvlist of snapshot holds
4708 zfs_ioc_get_holds(zfs_cmd_t *zc)
4713 if ((error = dsl_dataset_get_holds(zc->zc_name, &nvp)) == 0) {
4714 error = put_nvlist(zc, nvp);
4723 * zc_guid flags (ZEVENT_NONBLOCK)
4726 * zc_nvlist_dst next nvlist event
4727 * zc_cookie dropped events since last get
4728 * zc_cleanup_fd cleanup-on-exit file descriptor
4731 zfs_ioc_events_next(zfs_cmd_t *zc)
4734 nvlist_t *event = NULL;
4736 uint64_t dropped = 0;
4739 error = zfs_zevent_fd_hold(zc->zc_cleanup_fd, &minor, &ze);
4744 error = zfs_zevent_next(ze, &event,
4745 &zc->zc_nvlist_dst_size, &dropped);
4746 if (event != NULL) {
4747 zc->zc_cookie = dropped;
4748 error = put_nvlist(zc, event);
4752 if (zc->zc_guid & ZEVENT_NONBLOCK)
4755 if ((error == 0) || (error != ENOENT))
4758 error = zfs_zevent_wait(ze);
4763 zfs_zevent_fd_rele(zc->zc_cleanup_fd);
4770 * zc_cookie cleared events count
4773 zfs_ioc_events_clear(zfs_cmd_t *zc)
4777 zfs_zevent_drain_all(&count);
4778 zc->zc_cookie = count;
4784 * pool create, destroy, and export don't log the history as part of
4785 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export
4786 * do the logging of those commands.
4788 static zfs_ioc_vec_t zfs_ioc_vec[] = {
4789 { zfs_ioc_pool_create, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4791 { zfs_ioc_pool_destroy, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4793 { zfs_ioc_pool_import, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4795 { zfs_ioc_pool_export, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4797 { zfs_ioc_pool_configs, zfs_secpolicy_none, NO_NAME, B_FALSE,
4799 { zfs_ioc_pool_stats, zfs_secpolicy_read, POOL_NAME, B_FALSE,
4801 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, NO_NAME, B_FALSE,
4803 { zfs_ioc_pool_scan, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4804 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4805 { zfs_ioc_pool_freeze, zfs_secpolicy_config, NO_NAME, B_FALSE,
4806 POOL_CHECK_READONLY },
4807 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4808 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4809 { zfs_ioc_pool_get_history, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4811 { zfs_ioc_vdev_add, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4812 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4813 { zfs_ioc_vdev_remove, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4814 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4815 { zfs_ioc_vdev_set_state, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4816 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4817 { zfs_ioc_vdev_attach, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4818 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4819 { zfs_ioc_vdev_detach, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4820 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4821 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4822 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4823 { zfs_ioc_vdev_setfru, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4824 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4825 { zfs_ioc_objset_stats, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4826 POOL_CHECK_SUSPENDED },
4827 { zfs_ioc_objset_zplprops, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4829 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4830 POOL_CHECK_SUSPENDED },
4831 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4832 POOL_CHECK_SUSPENDED },
4833 { zfs_ioc_set_prop, zfs_secpolicy_none, DATASET_NAME, B_TRUE,
4834 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4835 { zfs_ioc_create_minor, zfs_secpolicy_config, DATASET_NAME, B_FALSE,
4837 { zfs_ioc_remove_minor, zfs_secpolicy_config, DATASET_NAME, B_FALSE,
4839 { zfs_ioc_create, zfs_secpolicy_create, DATASET_NAME, B_TRUE,
4840 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4841 { zfs_ioc_destroy, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE,
4842 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4843 { zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME, B_TRUE,
4844 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4845 { zfs_ioc_rename, zfs_secpolicy_rename, DATASET_NAME, B_TRUE,
4846 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4847 { zfs_ioc_recv, zfs_secpolicy_receive, DATASET_NAME, B_TRUE,
4848 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4849 { zfs_ioc_send, zfs_secpolicy_send, DATASET_NAME, B_TRUE,
4851 { zfs_ioc_inject_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE,
4853 { zfs_ioc_clear_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE,
4855 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, NO_NAME, B_FALSE,
4857 { zfs_ioc_error_log, zfs_secpolicy_inject, POOL_NAME, B_FALSE,
4859 { zfs_ioc_clear, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4861 { zfs_ioc_promote, zfs_secpolicy_promote, DATASET_NAME, B_TRUE,
4862 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4863 { zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, DATASET_NAME,
4864 B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4865 { zfs_ioc_snapshot, zfs_secpolicy_snapshot, DATASET_NAME, B_TRUE,
4866 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4867 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_diff, POOL_NAME, B_FALSE,
4869 { zfs_ioc_obj_to_path, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
4870 POOL_CHECK_SUSPENDED },
4871 { zfs_ioc_pool_set_props, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4872 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4873 { zfs_ioc_pool_get_props, zfs_secpolicy_read, POOL_NAME, B_FALSE,
4875 { zfs_ioc_set_fsacl, zfs_secpolicy_fsacl, DATASET_NAME, B_TRUE,
4876 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4877 { zfs_ioc_get_fsacl, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4879 { zfs_ioc_share, zfs_secpolicy_share, DATASET_NAME, B_FALSE,
4881 { zfs_ioc_inherit_prop, zfs_secpolicy_inherit, DATASET_NAME, B_TRUE,
4882 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4883 { zfs_ioc_smb_acl, zfs_secpolicy_smb_acl, DATASET_NAME, B_FALSE,
4885 { zfs_ioc_userspace_one, zfs_secpolicy_userspace_one, DATASET_NAME,
4886 B_FALSE, POOL_CHECK_NONE },
4887 { zfs_ioc_userspace_many, zfs_secpolicy_userspace_many, DATASET_NAME,
4888 B_FALSE, POOL_CHECK_NONE },
4889 { zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
4890 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4891 { zfs_ioc_hold, zfs_secpolicy_hold, DATASET_NAME, B_TRUE,
4892 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4893 { zfs_ioc_release, zfs_secpolicy_release, DATASET_NAME, B_TRUE,
4894 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4895 { zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4896 POOL_CHECK_SUSPENDED },
4897 { zfs_ioc_objset_recvd_props, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4899 { zfs_ioc_vdev_split, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4900 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4901 { zfs_ioc_next_obj, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4903 { zfs_ioc_diff, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
4905 { zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot, DATASET_NAME,
4906 B_FALSE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
4907 { zfs_ioc_obj_to_stats, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
4908 POOL_CHECK_SUSPENDED },
4909 { zfs_ioc_events_next, zfs_secpolicy_config, NO_NAME, B_FALSE,
4911 { zfs_ioc_events_clear, zfs_secpolicy_config, NO_NAME, B_FALSE,
4916 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
4917 zfs_ioc_poolcheck_t check)
4922 ASSERT(type == POOL_NAME || type == DATASET_NAME);
4924 if (check & POOL_CHECK_NONE)
4927 error = spa_open(name, &spa, FTAG);
4929 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
4931 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
4933 spa_close(spa, FTAG);
4939 zfsdev_get_state_impl(minor_t minor, enum zfsdev_state_type which)
4943 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
4945 for (zs = list_head(&zfsdev_state_list); zs != NULL;
4946 zs = list_next(&zfsdev_state_list, zs)) {
4947 if (zs->zs_minor == minor) {
4949 case ZST_ONEXIT: return (zs->zs_onexit);
4950 case ZST_ZEVENT: return (zs->zs_zevent);
4951 case ZST_ALL: return (zs);
4960 zfsdev_get_state(minor_t minor, enum zfsdev_state_type which)
4964 mutex_enter(&zfsdev_state_lock);
4965 ptr = zfsdev_get_state_impl(minor, which);
4966 mutex_exit(&zfsdev_state_lock);
4972 zfsdev_getminor(struct file *filp)
4974 ASSERT(filp != NULL);
4975 ASSERT(filp->private_data != NULL);
4977 return (((zfsdev_state_t *)filp->private_data)->zs_minor);
4981 * Find a free minor number. The zfsdev_state_list is expected to
4982 * be short since it is only a list of currently open file handles.
4985 zfsdev_minor_alloc(void)
4987 static minor_t last_minor = 0;
4990 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
4992 for (m = last_minor + 1; m != last_minor; m++) {
4993 if (m > ZFSDEV_MAX_MINOR)
4995 if (zfsdev_get_state_impl(m, ZST_ALL) == NULL) {
5005 zfsdev_state_init(struct file *filp)
5010 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5012 minor = zfsdev_minor_alloc();
5016 zs = kmem_zalloc( sizeof(zfsdev_state_t), KM_SLEEP);
5021 zs->zs_minor = minor;
5022 filp->private_data = zs;
5024 zfs_onexit_init((zfs_onexit_t **)&zs->zs_onexit);
5025 zfs_zevent_init((zfs_zevent_t **)&zs->zs_zevent);
5027 list_insert_tail(&zfsdev_state_list, zs);
5033 zfsdev_state_destroy(struct file *filp)
5037 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5038 ASSERT(filp->private_data != NULL);
5040 zs = filp->private_data;
5041 zfs_onexit_destroy(zs->zs_onexit);
5042 zfs_zevent_destroy(zs->zs_zevent);
5044 list_remove(&zfsdev_state_list, zs);
5045 kmem_free(zs, sizeof(zfsdev_state_t));
5051 zfsdev_open(struct inode *ino, struct file *filp)
5055 mutex_enter(&zfsdev_state_lock);
5056 error = zfsdev_state_init(filp);
5057 mutex_exit(&zfsdev_state_lock);
5063 zfsdev_release(struct inode *ino, struct file *filp)
5067 mutex_enter(&zfsdev_state_lock);
5068 error = zfsdev_state_destroy(filp);
5069 mutex_exit(&zfsdev_state_lock);
5075 zfsdev_ioctl(struct file *filp, unsigned cmd, unsigned long arg)
5079 int error, rc, flag = 0;
5081 vec = cmd - ZFS_IOC;
5082 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5085 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP | KM_NODEBUG);
5087 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5091 if ((error == 0) && !(flag & FKIOCTL))
5092 error = zfs_ioc_vec[vec].zvec_secpolicy(zc, NULL);
5095 * Ensure that all pool/dataset names are valid before we pass down to
5099 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5100 zc->zc_iflags = flag & FKIOCTL;
5101 switch (zfs_ioc_vec[vec].zvec_namecheck) {
5103 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5105 error = pool_status_check(zc->zc_name,
5106 zfs_ioc_vec[vec].zvec_namecheck,
5107 zfs_ioc_vec[vec].zvec_pool_check);
5111 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5113 error = pool_status_check(zc->zc_name,
5114 zfs_ioc_vec[vec].zvec_namecheck,
5115 zfs_ioc_vec[vec].zvec_pool_check);
5124 error = zfs_ioc_vec[vec].zvec_func(zc);
5126 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
5130 if (zfs_ioc_vec[vec].zvec_his_log)
5131 zfs_log_history(zc);
5134 kmem_free(zc, sizeof (zfs_cmd_t));
5138 #ifdef CONFIG_COMPAT
5140 zfsdev_compat_ioctl(struct file *filp, unsigned cmd, unsigned long arg)
5142 return zfsdev_ioctl(filp, cmd, arg);
5145 #define zfsdev_compat_ioctl NULL
5148 static const struct file_operations zfsdev_fops = {
5149 .open = zfsdev_open,
5150 .release = zfsdev_release,
5151 .unlocked_ioctl = zfsdev_ioctl,
5152 .compat_ioctl = zfsdev_compat_ioctl,
5153 .owner = THIS_MODULE,
5156 static struct miscdevice zfs_misc = {
5157 .minor = MISC_DYNAMIC_MINOR,
5159 .fops = &zfsdev_fops,
5167 mutex_init(&zfsdev_state_lock, NULL, MUTEX_DEFAULT, NULL);
5168 list_create(&zfsdev_state_list, sizeof (zfsdev_state_t),
5169 offsetof(zfsdev_state_t, zs_next));
5171 error = misc_register(&zfs_misc);
5173 printk(KERN_INFO "ZFS: misc_register() failed %d\n", error);
5185 error = misc_deregister(&zfs_misc);
5187 printk(KERN_INFO "ZFS: misc_deregister() failed %d\n", error);
5189 mutex_destroy(&zfsdev_state_lock);
5190 list_destroy(&zfsdev_state_list);
5194 uint_t zfs_fsyncer_key;
5195 extern uint_t rrw_tsd_key;
5199 #define ZFS_DEBUG_STR " (DEBUG mode)"
5201 #define ZFS_DEBUG_STR ""
5209 spa_init(FREAD | FWRITE);
5212 if ((error = zvol_init()) != 0)
5215 if ((error = zfs_attach()) != 0)
5219 tsd_create(&zfs_fsyncer_key, NULL);
5220 tsd_create(&rrw_tsd_key, NULL);
5222 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5223 #endif /* HAVE_ZPL */
5225 printk(KERN_NOTICE "ZFS: Loaded ZFS Filesystem v%s%s\n",
5226 ZFS_META_VERSION, ZFS_DEBUG_STR);
5235 printk(KERN_NOTICE "ZFS: Failed to Load ZFS Filesystem v%s%s"
5236 ", rc = %d\n", ZFS_META_VERSION, ZFS_DEBUG_STR, error);
5249 if (zfs_nfsshare_inited)
5250 (void) ddi_modclose(nfs_mod);
5251 if (zfs_smbshare_inited)
5252 (void) ddi_modclose(smbsrv_mod);
5253 if (zfs_nfsshare_inited || zfs_smbshare_inited)
5254 (void) ddi_modclose(sharefs_mod);
5256 mutex_destroy(&zfs_share_lock);
5257 tsd_destroy(&zfs_fsyncer_key);
5258 #endif /* HAVE_ZPL */
5260 printk(KERN_NOTICE "ZFS: Unloaded ZFS Filesystem v%s%s\n",
5261 ZFS_META_VERSION, ZFS_DEBUG_STR);
5267 spl_module_init(_init);
5268 spl_module_exit(_fini);
5270 MODULE_DESCRIPTION("ZFS");
5271 MODULE_AUTHOR(ZFS_META_AUTHOR);
5272 MODULE_LICENSE(ZFS_META_LICENSE);
5273 #endif /* HAVE_SPL */
git://git.camperquake.de / zfs.git / blob