4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2012, 2018 by Delphix. All rights reserved.
25 * Copyright (c) 2015 by Chunwei Chen. All rights reserved.
26 * Copyright 2017 Nexenta Systems, Inc.
29 /* Portions Copyright 2007 Jeremy Teo */
30 /* Portions Copyright 2010 Robert Milkowski */
33 #include <sys/types.h>
34 #include <sys/param.h>
36 #include <sys/sysmacros.h>
41 #include <sys/taskq.h>
43 #include <sys/vmsystm.h>
44 #include <sys/atomic.h>
45 #include <sys/pathname.h>
46 #include <sys/cmn_err.h>
47 #include <sys/errno.h>
48 #include <sys/zfs_dir.h>
49 #include <sys/zfs_acl.h>
50 #include <sys/zfs_ioctl.h>
51 #include <sys/fs/zfs.h>
53 #include <sys/dmu_objset.h>
59 #include <sys/policy.h>
60 #include <sys/sunddi.h>
62 #include <sys/zfs_ctldir.h>
63 #include <sys/zfs_fuid.h>
64 #include <sys/zfs_quota.h>
65 #include <sys/zfs_sa.h>
66 #include <sys/zfs_vnops.h>
67 #include <sys/zfs_rlock.h>
71 #include <sys/sa_impl.h>
76 * Each vnode op performs some logical unit of work. To do this, the ZPL must
77 * properly lock its in-core state, create a DMU transaction, do the work,
78 * record this work in the intent log (ZIL), commit the DMU transaction,
79 * and wait for the intent log to commit if it is a synchronous operation.
80 * Moreover, the vnode ops must work in both normal and log replay context.
81 * The ordering of events is important to avoid deadlocks and references
82 * to freed memory. The example below illustrates the following Big Rules:
84 * (1) A check must be made in each zfs thread for a mounted file system.
85 * This is done avoiding races using ZFS_ENTER(zfsvfs).
86 * A ZFS_EXIT(zfsvfs) is needed before all returns. Any znodes
87 * must be checked with ZFS_VERIFY_ZP(zp). Both of these macros
88 * can return EIO from the calling function.
90 * (2) zrele() should always be the last thing except for zil_commit()
91 * (if necessary) and ZFS_EXIT(). This is for 3 reasons:
92 * First, if it's the last reference, the vnode/znode
93 * can be freed, so the zp may point to freed memory. Second, the last
94 * reference will call zfs_zinactive(), which may induce a lot of work --
95 * pushing cached pages (which acquires range locks) and syncing out
96 * cached atime changes. Third, zfs_zinactive() may require a new tx,
97 * which could deadlock the system if you were already holding one.
98 * If you must call zrele() within a tx then use zfs_zrele_async().
100 * (3) All range locks must be grabbed before calling dmu_tx_assign(),
101 * as they can span dmu_tx_assign() calls.
103 * (4) If ZPL locks are held, pass TXG_NOWAIT as the second argument to
104 * dmu_tx_assign(). This is critical because we don't want to block
105 * while holding locks.
107 * If no ZPL locks are held (aside from ZFS_ENTER()), use TXG_WAIT. This
108 * reduces lock contention and CPU usage when we must wait (note that if
109 * throughput is constrained by the storage, nearly every transaction
112 * Note, in particular, that if a lock is sometimes acquired before
113 * the tx assigns, and sometimes after (e.g. z_lock), then failing
114 * to use a non-blocking assign can deadlock the system. The scenario:
116 * Thread A has grabbed a lock before calling dmu_tx_assign().
117 * Thread B is in an already-assigned tx, and blocks for this lock.
118 * Thread A calls dmu_tx_assign(TXG_WAIT) and blocks in txg_wait_open()
119 * forever, because the previous txg can't quiesce until B's tx commits.
121 * If dmu_tx_assign() returns ERESTART and zfsvfs->z_assign is TXG_NOWAIT,
122 * then drop all locks, call dmu_tx_wait(), and try again. On subsequent
123 * calls to dmu_tx_assign(), pass TXG_NOTHROTTLE in addition to TXG_NOWAIT,
124 * to indicate that this operation has already called dmu_tx_wait().
125 * This will ensure that we don't retry forever, waiting a short bit
128 * (5) If the operation succeeded, generate the intent log entry for it
129 * before dropping locks. This ensures that the ordering of events
130 * in the intent log matches the order in which they actually occurred.
131 * During ZIL replay the zfs_log_* functions will update the sequence
132 * number to indicate the zil transaction has replayed.
134 * (6) At the end of each vnode op, the DMU tx must always commit,
135 * regardless of whether there were any errors.
137 * (7) After dropping all locks, invoke zil_commit(zilog, foid)
138 * to ensure that synchronous semantics are provided when necessary.
140 * In general, this is how things should be ordered in each vnode op:
142 * ZFS_ENTER(zfsvfs); // exit if unmounted
144 * zfs_dirent_lock(&dl, ...) // lock directory entry (may igrab())
145 * rw_enter(...); // grab any other locks you need
146 * tx = dmu_tx_create(...); // get DMU tx
147 * dmu_tx_hold_*(); // hold each object you might modify
148 * error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
150 * rw_exit(...); // drop locks
151 * zfs_dirent_unlock(dl); // unlock directory entry
152 * zrele(...); // release held znodes
153 * if (error == ERESTART) {
159 * dmu_tx_abort(tx); // abort DMU tx
160 * ZFS_EXIT(zfsvfs); // finished in zfs
161 * return (error); // really out of space
163 * error = do_real_work(); // do whatever this VOP does
165 * zfs_log_*(...); // on success, make ZIL entry
166 * dmu_tx_commit(tx); // commit DMU tx -- error or not
167 * rw_exit(...); // drop locks
168 * zfs_dirent_unlock(dl); // unlock directory entry
169 * zrele(...); // release held znodes
170 * zil_commit(zilog, foid); // synchronous when necessary
171 * ZFS_EXIT(zfsvfs); // finished in zfs
172 * return (error); // done, report error
176 * Virus scanning is unsupported. It would be possible to add a hook
177 * here to performance the required virus scan. This could be done
178 * entirely in the kernel or potentially as an update to invoke a
182 zfs_vscan(struct inode *ip, cred_t *cr, int async)
189 zfs_open(struct inode *ip, int mode, int flag, cred_t *cr)
191 znode_t *zp = ITOZ(ip);
192 zfsvfs_t *zfsvfs = ITOZSB(ip);
197 /* Honor ZFS_APPENDONLY file attribute */
198 if ((mode & FMODE_WRITE) && (zp->z_pflags & ZFS_APPENDONLY) &&
199 ((flag & O_APPEND) == 0)) {
201 return (SET_ERROR(EPERM));
204 /* Virus scan eligible files on open */
205 if (!zfs_has_ctldir(zp) && zfsvfs->z_vscan && S_ISREG(ip->i_mode) &&
206 !(zp->z_pflags & ZFS_AV_QUARANTINED) && zp->z_size > 0) {
207 if (zfs_vscan(ip, cr, 0) != 0) {
209 return (SET_ERROR(EACCES));
213 /* Keep a count of the synchronous opens in the znode */
215 atomic_inc_32(&zp->z_sync_cnt);
223 zfs_close(struct inode *ip, int flag, cred_t *cr)
225 znode_t *zp = ITOZ(ip);
226 zfsvfs_t *zfsvfs = ITOZSB(ip);
231 /* Decrement the synchronous opens in the znode */
233 atomic_dec_32(&zp->z_sync_cnt);
235 if (!zfs_has_ctldir(zp) && zfsvfs->z_vscan && S_ISREG(ip->i_mode) &&
236 !(zp->z_pflags & ZFS_AV_QUARANTINED) && zp->z_size > 0)
237 VERIFY(zfs_vscan(ip, cr, 1) == 0);
243 #if defined(SEEK_HOLE) && defined(SEEK_DATA)
245 * Lseek support for finding holes (cmd == SEEK_HOLE) and
246 * data (cmd == SEEK_DATA). "off" is an in/out parameter.
249 zfs_holey_common(struct inode *ip, int cmd, loff_t *off)
251 znode_t *zp = ITOZ(ip);
252 uint64_t noff = (uint64_t)*off; /* new offset */
257 file_sz = zp->z_size;
258 if (noff >= file_sz) {
259 return (SET_ERROR(ENXIO));
262 if (cmd == SEEK_HOLE)
267 error = dmu_offset_next(ZTOZSB(zp)->z_os, zp->z_id, hole, &noff);
270 return (SET_ERROR(ENXIO));
272 /* file was dirty, so fall back to using generic logic */
273 if (error == EBUSY) {
281 * We could find a hole that begins after the logical end-of-file,
282 * because dmu_offset_next() only works on whole blocks. If the
283 * EOF falls mid-block, then indicate that the "virtual hole"
284 * at the end of the file begins at the logical EOF, rather than
285 * at the end of the last block.
287 if (noff > file_sz) {
299 zfs_holey(struct inode *ip, int cmd, loff_t *off)
301 znode_t *zp = ITOZ(ip);
302 zfsvfs_t *zfsvfs = ITOZSB(ip);
308 error = zfs_holey_common(ip, cmd, off);
313 #endif /* SEEK_HOLE && SEEK_DATA */
317 * When a file is memory mapped, we must keep the IO data synchronized
318 * between the DMU cache and the memory mapped pages. What this means:
320 * On Write: If we find a memory mapped page, we write to *both*
321 * the page and the dmu buffer.
324 update_pages(struct inode *ip, int64_t start, int len,
325 objset_t *os, uint64_t oid)
327 struct address_space *mp = ip->i_mapping;
333 off = start & (PAGE_SIZE-1);
334 for (start &= PAGE_MASK; len > 0; start += PAGE_SIZE) {
335 nbytes = MIN(PAGE_SIZE - off, len);
337 pp = find_lock_page(mp, start >> PAGE_SHIFT);
339 if (mapping_writably_mapped(mp))
340 flush_dcache_page(pp);
343 (void) dmu_read(os, oid, start+off, nbytes, pb+off,
347 if (mapping_writably_mapped(mp))
348 flush_dcache_page(pp);
350 mark_page_accessed(pp);
363 * When a file is memory mapped, we must keep the IO data synchronized
364 * between the DMU cache and the memory mapped pages. What this means:
366 * On Read: We "read" preferentially from memory mapped pages,
367 * else we default from the dmu buffer.
369 * NOTE: We will always "break up" the IO into PAGESIZE uiomoves when
370 * the file is memory mapped.
373 mappedread(struct inode *ip, int nbytes, uio_t *uio)
375 struct address_space *mp = ip->i_mapping;
377 znode_t *zp = ITOZ(ip);
384 start = uio->uio_loffset;
385 off = start & (PAGE_SIZE-1);
386 for (start &= PAGE_MASK; len > 0; start += PAGE_SIZE) {
387 bytes = MIN(PAGE_SIZE - off, len);
389 pp = find_lock_page(mp, start >> PAGE_SHIFT);
391 ASSERT(PageUptodate(pp));
395 error = uiomove(pb + off, bytes, UIO_READ, uio);
398 if (mapping_writably_mapped(mp))
399 flush_dcache_page(pp);
401 mark_page_accessed(pp);
404 error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl),
417 unsigned long zfs_read_chunk_size = 1024 * 1024; /* Tunable */
418 unsigned long zfs_delete_blocks = DMU_MAX_DELETEBLKCNT;
421 * Read bytes from specified file into supplied buffer.
423 * IN: ip - inode of file to be read from.
424 * uio - structure supplying read location, range info,
426 * ioflag - O_SYNC flags; used to provide FRSYNC semantics.
427 * O_DIRECT flag; used to bypass page cache.
428 * cr - credentials of caller.
430 * OUT: uio - updated offset and range, buffer filled.
432 * RETURN: 0 on success, error code on failure.
435 * inode - atime updated if byte count > 0
439 zfs_read(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr)
442 boolean_t frsync = B_FALSE;
444 znode_t *zp = ITOZ(ip);
445 zfsvfs_t *zfsvfs = ITOZSB(ip);
449 if (zp->z_pflags & ZFS_AV_QUARANTINED) {
451 return (SET_ERROR(EACCES));
455 * Validate file offset
457 if (uio->uio_loffset < (offset_t)0) {
459 return (SET_ERROR(EINVAL));
463 * Fasttrack empty reads
465 if (uio->uio_resid == 0) {
472 * If we're in FRSYNC mode, sync out this znode before reading it.
473 * Only do this for non-snapshots.
475 * Some platforms do not support FRSYNC and instead map it
476 * to O_SYNC, which results in unnecessary calls to zil_commit. We
477 * only honor FRSYNC requests on platforms which support it.
479 frsync = !!(ioflag & FRSYNC);
482 (frsync || zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS))
483 zil_commit(zfsvfs->z_log, zp->z_id);
486 * Lock the range against changes.
488 zfs_locked_range_t *lr = zfs_rangelock_enter(&zp->z_rangelock,
489 uio->uio_loffset, uio->uio_resid, RL_READER);
492 * If we are reading past end-of-file we can skip
493 * to the end; but we might still need to set atime.
495 if (uio->uio_loffset >= zp->z_size) {
500 ASSERT(uio->uio_loffset < zp->z_size);
501 ssize_t n = MIN(uio->uio_resid, zp->z_size - uio->uio_loffset);
502 ssize_t start_resid = n;
504 #ifdef HAVE_UIO_ZEROCOPY
506 if ((uio->uio_extflg == UIO_XUIO) &&
507 (((xuio_t *)uio)->xu_type == UIOTYPE_ZEROCOPY)) {
509 int blksz = zp->z_blksz;
510 uint64_t offset = uio->uio_loffset;
512 xuio = (xuio_t *)uio;
514 nblk = (P2ROUNDUP(offset + n, blksz) - P2ALIGN(offset,
517 ASSERT(offset + n <= blksz);
520 (void) dmu_xuio_init(xuio, nblk);
522 if (vn_has_cached_data(ip)) {
524 * For simplicity, we always allocate a full buffer
525 * even if we only expect to read a portion of a block.
527 while (--nblk >= 0) {
528 (void) dmu_xuio_add(xuio,
529 dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl),
534 #endif /* HAVE_UIO_ZEROCOPY */
537 ssize_t nbytes = MIN(n, zfs_read_chunk_size -
538 P2PHASE(uio->uio_loffset, zfs_read_chunk_size));
540 if (zp->z_is_mapped && !(ioflag & O_DIRECT)) {
541 error = mappedread(ip, nbytes, uio);
543 error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl),
548 /* convert checksum errors into IO errors */
550 error = SET_ERROR(EIO);
557 int64_t nread = start_resid - n;
558 dataset_kstats_update_read_kstats(&zfsvfs->z_kstat, nread);
559 task_io_account_read(nread);
561 zfs_rangelock_exit(lr);
568 * Write the bytes to a file.
570 * IN: ip - inode of file to be written to.
571 * uio - structure supplying write location, range info,
573 * ioflag - O_APPEND flag set if in append mode.
574 * O_DIRECT flag; used to bypass page cache.
575 * cr - credentials of caller.
577 * OUT: uio - updated offset and range.
579 * RETURN: 0 if success
580 * error code if failure
583 * ip - ctime|mtime updated if byte count > 0
588 zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr)
591 ssize_t start_resid = uio->uio_resid;
594 * Fasttrack empty write
596 ssize_t n = start_resid;
600 rlim64_t limit = uio->uio_limit;
601 if (limit == RLIM64_INFINITY || limit > MAXOFFSET_T)
604 znode_t *zp = ITOZ(ip);
605 zfsvfs_t *zfsvfs = ZTOZSB(zp);
609 sa_bulk_attr_t bulk[4];
611 uint64_t mtime[2], ctime[2];
612 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
613 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
614 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), NULL,
616 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL,
620 * Callers might not be able to detect properly that we are read-only,
621 * so check it explicitly here.
623 if (zfs_is_readonly(zfsvfs)) {
625 return (SET_ERROR(EROFS));
629 * If immutable or not appending then return EPERM
631 if ((zp->z_pflags & (ZFS_IMMUTABLE | ZFS_READONLY)) ||
632 ((zp->z_pflags & ZFS_APPENDONLY) && !(ioflag & O_APPEND) &&
633 (uio->uio_loffset < zp->z_size))) {
635 return (SET_ERROR(EPERM));
639 * Validate file offset
641 offset_t woff = ioflag & O_APPEND ? zp->z_size : uio->uio_loffset;
644 return (SET_ERROR(EINVAL));
647 int max_blksz = zfsvfs->z_max_blksz;
651 * Pre-fault the pages to ensure slow (eg NFS) pages
653 * Skip this if uio contains loaned arc_buf.
655 #ifdef HAVE_UIO_ZEROCOPY
656 if ((uio->uio_extflg == UIO_XUIO) &&
657 (((xuio_t *)uio)->xu_type == UIOTYPE_ZEROCOPY))
658 xuio = (xuio_t *)uio;
661 if (uio_prefaultpages(MIN(n, max_blksz), uio)) {
663 return (SET_ERROR(EFAULT));
667 * If in append mode, set the io offset pointer to eof.
669 zfs_locked_range_t *lr;
670 if (ioflag & O_APPEND) {
672 * Obtain an appending range lock to guarantee file append
673 * semantics. We reset the write offset once we have the lock.
675 lr = zfs_rangelock_enter(&zp->z_rangelock, 0, n, RL_APPEND);
676 woff = lr->lr_offset;
677 if (lr->lr_length == UINT64_MAX) {
679 * We overlocked the file because this write will cause
680 * the file block size to increase.
681 * Note that zp_size cannot change with this lock held.
685 uio->uio_loffset = woff;
688 * Note that if the file block size will change as a result of
689 * this write, then this range lock will lock the entire file
690 * so that we can re-write the block safely.
692 lr = zfs_rangelock_enter(&zp->z_rangelock, woff, n, RL_WRITER);
696 zfs_rangelock_exit(lr);
698 return (SET_ERROR(EFBIG));
701 if ((woff + n) > limit || woff > (limit - n))
704 /* Will this write extend the file length? */
705 int write_eof = (woff + n > zp->z_size);
707 uint64_t end_size = MAX(zp->z_size, woff + n);
708 zilog_t *zilog = zfsvfs->z_log;
709 #ifdef HAVE_UIO_ZEROCOPY
711 const iovec_t *iovp = uio->uio_iov;
712 int iovcnt __maybe_unused = uio->uio_iovcnt;
717 * Write the file in reasonable size chunks. Each chunk is written
718 * in a separate transaction; this keeps the intent log records small
719 * and allows us to do more fine-grained space accounting.
722 woff = uio->uio_loffset;
724 if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT,
725 KUID_TO_SUID(ip->i_uid)) ||
726 zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT,
727 KGID_TO_SGID(ip->i_gid)) ||
728 (zp->z_projid != ZFS_DEFAULT_PROJID &&
729 zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT,
731 error = SET_ERROR(EDQUOT);
735 arc_buf_t *abuf = NULL;
736 const iovec_t *aiov = NULL;
738 #ifdef HAVE_UIO_ZEROCOPY
739 ASSERT(i_iov < iovcnt);
740 ASSERT3U(uio->uio_segflg, !=, UIO_BVEC);
742 abuf = dmu_xuio_arcbuf(xuio, i_iov);
743 dmu_xuio_clear(xuio, i_iov);
744 ASSERT((aiov->iov_base == abuf->b_data) ||
745 ((char *)aiov->iov_base - (char *)abuf->b_data +
746 aiov->iov_len == arc_buf_size(abuf)));
749 } else if (n >= max_blksz && woff >= zp->z_size &&
750 P2PHASE(woff, max_blksz) == 0 &&
751 zp->z_blksz == max_blksz) {
753 * This write covers a full block. "Borrow" a buffer
754 * from the dmu so that we can fill it before we enter
755 * a transaction. This avoids the possibility of
756 * holding up the transaction if the data copy hangs
757 * up on a pagefault (e.g., from an NFS server mapping).
761 abuf = dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl),
763 ASSERT(abuf != NULL);
764 ASSERT(arc_buf_size(abuf) == max_blksz);
765 if ((error = uiocopy(abuf->b_data, max_blksz,
766 UIO_WRITE, uio, &cbytes))) {
767 dmu_return_arcbuf(abuf);
770 ASSERT(cbytes == max_blksz);
774 * Start a transaction.
776 dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
777 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
778 dmu_buf_impl_t *db = (dmu_buf_impl_t *)sa_get_db(zp->z_sa_hdl);
780 dmu_tx_hold_write_by_dnode(tx, DB_DNODE(db), woff,
783 zfs_sa_upgrade_txholds(tx, zp);
784 error = dmu_tx_assign(tx, TXG_WAIT);
788 dmu_return_arcbuf(abuf);
793 * If rangelock_enter() over-locked we grow the blocksize
794 * and then reduce the lock range. This will only happen
795 * on the first iteration since rangelock_reduce() will
796 * shrink down lr_length to the appropriate size.
798 if (lr->lr_length == UINT64_MAX) {
801 if (zp->z_blksz > max_blksz) {
803 * File's blocksize is already larger than the
804 * "recordsize" property. Only let it grow to
805 * the next power of 2.
807 ASSERT(!ISP2(zp->z_blksz));
808 new_blksz = MIN(end_size,
809 1 << highbit64(zp->z_blksz));
811 new_blksz = MIN(end_size, max_blksz);
813 zfs_grow_blocksize(zp, new_blksz, tx);
814 zfs_rangelock_reduce(lr, woff, n);
818 * XXX - should we really limit each write to z_max_blksz?
819 * Perhaps we should use SPA_MAXBLOCKSIZE chunks?
821 ssize_t nbytes = MIN(n, max_blksz - P2PHASE(woff, max_blksz));
825 tx_bytes = uio->uio_resid;
826 uio->uio_fault_disable = B_TRUE;
827 error = dmu_write_uio_dbuf(sa_get_db(zp->z_sa_hdl),
829 uio->uio_fault_disable = B_FALSE;
830 if (error == EFAULT) {
833 * Account for partial writes before
834 * continuing the loop.
835 * Update needs to occur before the next
836 * uio_prefaultpages, or prefaultpages may
837 * error, and we may break the loop early.
839 if (tx_bytes != uio->uio_resid)
840 n -= tx_bytes - uio->uio_resid;
841 if (uio_prefaultpages(MIN(n, max_blksz), uio)) {
845 } else if (error != 0) {
849 tx_bytes -= uio->uio_resid;
852 ASSERT(xuio == NULL || tx_bytes == aiov->iov_len);
854 * If this is not a full block write, but we are
855 * extending the file past EOF and this data starts
856 * block-aligned, use assign_arcbuf(). Otherwise,
857 * write via dmu_write().
859 if (tx_bytes < max_blksz && (!write_eof ||
860 aiov->iov_base != abuf->b_data)) {
862 dmu_write(zfsvfs->z_os, zp->z_id, woff,
863 /* cppcheck-suppress nullPointer */
864 aiov->iov_len, aiov->iov_base, tx);
865 dmu_return_arcbuf(abuf);
866 xuio_stat_wbuf_copied();
868 ASSERT(xuio || tx_bytes == max_blksz);
869 error = dmu_assign_arcbuf_by_dbuf(
870 sa_get_db(zp->z_sa_hdl), woff, abuf, tx);
872 dmu_return_arcbuf(abuf);
877 ASSERT(tx_bytes <= uio->uio_resid);
878 uioskip(uio, tx_bytes);
880 if (tx_bytes && zp->z_is_mapped && !(ioflag & O_DIRECT)) {
881 update_pages(ip, woff,
882 tx_bytes, zfsvfs->z_os, zp->z_id);
886 * If we made no progress, we're done. If we made even
887 * partial progress, update the znode and ZIL accordingly.
890 (void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs),
891 (void *)&zp->z_size, sizeof (uint64_t), tx);
898 * Clear Set-UID/Set-GID bits on successful write if not
899 * privileged and at least one of the execute bits is set.
901 * It would be nice to do this after all writes have
902 * been done, but that would still expose the ISUID/ISGID
903 * to another app after the partial write is committed.
905 * Note: we don't call zfs_fuid_map_id() here because
906 * user 0 is not an ephemeral uid.
908 mutex_enter(&zp->z_acl_lock);
909 uint32_t uid = KUID_TO_SUID(ip->i_uid);
910 if ((zp->z_mode & (S_IXUSR | (S_IXUSR >> 3) |
911 (S_IXUSR >> 6))) != 0 &&
912 (zp->z_mode & (S_ISUID | S_ISGID)) != 0 &&
913 secpolicy_vnode_setid_retain(cr,
914 ((zp->z_mode & S_ISUID) != 0 && uid == 0)) != 0) {
916 zp->z_mode &= ~(S_ISUID | S_ISGID);
917 ip->i_mode = newmode = zp->z_mode;
918 (void) sa_update(zp->z_sa_hdl, SA_ZPL_MODE(zfsvfs),
919 (void *)&newmode, sizeof (uint64_t), tx);
921 mutex_exit(&zp->z_acl_lock);
923 zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime);
926 * Update the file size (zp_size) if it has changed;
927 * account for possible concurrent updates.
929 while ((end_size = zp->z_size) < uio->uio_loffset) {
930 (void) atomic_cas_64(&zp->z_size, end_size,
935 * If we are replaying and eof is non zero then force
936 * the file size to the specified eof. Note, there's no
937 * concurrency during replay.
939 if (zfsvfs->z_replay && zfsvfs->z_replay_eof != 0)
940 zp->z_size = zfsvfs->z_replay_eof;
942 error = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
944 zfs_log_write(zilog, tx, TX_WRITE, zp, woff, tx_bytes, ioflag,
950 ASSERT(tx_bytes == nbytes);
953 if (!xuio && n > 0) {
954 if (uio_prefaultpages(MIN(n, max_blksz), uio)) {
961 zfs_inode_update(zp);
962 zfs_rangelock_exit(lr);
965 * If we're in replay mode, or we made no progress, return error.
966 * Otherwise, it's at least a partial write, so it's successful.
968 if (zfsvfs->z_replay || uio->uio_resid == start_resid) {
973 if (ioflag & (O_SYNC | O_DSYNC) ||
974 zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
975 zil_commit(zilog, zp->z_id);
977 int64_t nwritten = start_resid - uio->uio_resid;
978 dataset_kstats_update_write_kstats(&zfsvfs->z_kstat, nwritten);
979 task_io_account_write(nwritten);
986 * Write the bytes to a file.
988 * IN: zp - znode of file to be written to
989 * data - bytes to write
990 * len - number of bytes to write
991 * pos - offset to start writing at
993 * OUT: resid - remaining bytes to write
995 * RETURN: 0 if success
996 * positive error code if failure
999 * zp - ctime|mtime updated if byte count > 0
1002 zfs_write_simple(znode_t *zp, const void *data, size_t len,
1003 loff_t pos, size_t *resid)
1008 written = zpl_write_common(ZTOI(zp), data, len, &pos,
1009 UIO_SYSSPACE, 0, kcred);
1012 } else if (resid == NULL) {
1014 error = SET_ERROR(EIO); /* short write */
1016 *resid = len - written;
1022 * Drop a reference on the passed inode asynchronously. This ensures
1023 * that the caller will never drop the last reference on an inode in
1024 * the current context. Doing so while holding open a tx could result
1025 * in a deadlock if iput_final() re-enters the filesystem code.
1028 zfs_zrele_async(znode_t *zp)
1030 struct inode *ip = ZTOI(zp);
1031 objset_t *os = ITOZSB(ip)->z_os;
1033 ASSERT(atomic_read(&ip->i_count) > 0);
1036 if (atomic_read(&ip->i_count) == 1)
1037 VERIFY(taskq_dispatch(dsl_pool_zrele_taskq(dmu_objset_pool(os)),
1038 (task_func_t *)iput, ip, TQ_SLEEP) != TASKQID_INVALID);
1045 zfs_get_done(zgd_t *zgd, int error)
1047 znode_t *zp = zgd->zgd_private;
1050 dmu_buf_rele(zgd->zgd_db, zgd);
1052 zfs_rangelock_exit(zgd->zgd_lr);
1055 * Release the vnode asynchronously as we currently have the
1056 * txg stopped from syncing.
1058 zfs_zrele_async(zp);
1060 kmem_free(zgd, sizeof (zgd_t));
1064 static int zil_fault_io = 0;
1068 * Get data to generate a TX_WRITE intent log record.
1071 zfs_get_data(void *arg, lr_write_t *lr, char *buf, struct lwb *lwb, zio_t *zio)
1073 zfsvfs_t *zfsvfs = arg;
1074 objset_t *os = zfsvfs->z_os;
1076 uint64_t object = lr->lr_foid;
1077 uint64_t offset = lr->lr_offset;
1078 uint64_t size = lr->lr_length;
1083 ASSERT3P(lwb, !=, NULL);
1084 ASSERT3P(zio, !=, NULL);
1085 ASSERT3U(size, !=, 0);
1088 * Nothing to do if the file has been removed
1090 if (zfs_zget(zfsvfs, object, &zp) != 0)
1091 return (SET_ERROR(ENOENT));
1092 if (zp->z_unlinked) {
1094 * Release the vnode asynchronously as we currently have the
1095 * txg stopped from syncing.
1097 zfs_zrele_async(zp);
1098 return (SET_ERROR(ENOENT));
1101 zgd = kmem_zalloc(sizeof (zgd_t), KM_SLEEP);
1103 zgd->zgd_private = zp;
1106 * Write records come in two flavors: immediate and indirect.
1107 * For small writes it's cheaper to store the data with the
1108 * log record (immediate); for large writes it's cheaper to
1109 * sync the data and get a pointer to it (indirect) so that
1110 * we don't have to write the data twice.
1112 if (buf != NULL) { /* immediate write */
1113 zgd->zgd_lr = zfs_rangelock_enter(&zp->z_rangelock,
1114 offset, size, RL_READER);
1115 /* test for truncation needs to be done while range locked */
1116 if (offset >= zp->z_size) {
1117 error = SET_ERROR(ENOENT);
1119 error = dmu_read(os, object, offset, size, buf,
1120 DMU_READ_NO_PREFETCH);
1122 ASSERT(error == 0 || error == ENOENT);
1123 } else { /* indirect write */
1125 * Have to lock the whole block to ensure when it's
1126 * written out and its checksum is being calculated
1127 * that no one can change the data. We need to re-check
1128 * blocksize after we get the lock in case it's changed!
1133 blkoff = ISP2(size) ? P2PHASE(offset, size) : offset;
1135 zgd->zgd_lr = zfs_rangelock_enter(&zp->z_rangelock,
1136 offset, size, RL_READER);
1137 if (zp->z_blksz == size)
1140 zfs_rangelock_exit(zgd->zgd_lr);
1142 /* test for truncation needs to be done while range locked */
1143 if (lr->lr_offset >= zp->z_size)
1144 error = SET_ERROR(ENOENT);
1147 error = SET_ERROR(EIO);
1152 error = dmu_buf_hold(os, object, offset, zgd, &db,
1153 DMU_READ_NO_PREFETCH);
1156 blkptr_t *bp = &lr->lr_blkptr;
1161 ASSERT(db->db_offset == offset);
1162 ASSERT(db->db_size == size);
1164 error = dmu_sync(zio, lr->lr_common.lrc_txg,
1166 ASSERT(error || lr->lr_length <= size);
1169 * On success, we need to wait for the write I/O
1170 * initiated by dmu_sync() to complete before we can
1171 * release this dbuf. We will finish everything up
1172 * in the zfs_get_done() callback.
1177 if (error == EALREADY) {
1178 lr->lr_common.lrc_txtype = TX_WRITE2;
1180 * TX_WRITE2 relies on the data previously
1181 * written by the TX_WRITE that caused
1182 * EALREADY. We zero out the BP because
1183 * it is the old, currently-on-disk BP.
1192 zfs_get_done(zgd, error);
1199 zfs_access(struct inode *ip, int mode, int flag, cred_t *cr)
1201 znode_t *zp = ITOZ(ip);
1202 zfsvfs_t *zfsvfs = ITOZSB(ip);
1208 if (flag & V_ACE_MASK)
1209 error = zfs_zaccess(zp, mode, flag, B_FALSE, cr);
1211 error = zfs_zaccess_rwx(zp, mode, flag, cr);
1218 * Lookup an entry in a directory, or an extended attribute directory.
1219 * If it exists, return a held inode reference for it.
1221 * IN: zdp - znode of directory to search.
1222 * nm - name of entry to lookup.
1223 * flags - LOOKUP_XATTR set if looking for an attribute.
1224 * cr - credentials of caller.
1225 * direntflags - directory lookup flags
1226 * realpnp - returned pathname.
1228 * OUT: zpp - znode of located entry, NULL if not found.
1230 * RETURN: 0 on success, error code on failure.
1237 zfs_lookup(znode_t *zdp, char *nm, znode_t **zpp, int flags, cred_t *cr,
1238 int *direntflags, pathname_t *realpnp)
1240 zfsvfs_t *zfsvfs = ZTOZSB(zdp);
1244 * Fast path lookup, however we must skip DNLC lookup
1245 * for case folding or normalizing lookups because the
1246 * DNLC code only stores the passed in name. This means
1247 * creating 'a' and removing 'A' on a case insensitive
1248 * file system would work, but DNLC still thinks 'a'
1249 * exists and won't let you create it again on the next
1250 * pass through fast path.
1252 if (!(flags & (LOOKUP_XATTR | FIGNORECASE))) {
1254 if (!S_ISDIR(ZTOI(zdp)->i_mode)) {
1255 return (SET_ERROR(ENOTDIR));
1256 } else if (zdp->z_sa_hdl == NULL) {
1257 return (SET_ERROR(EIO));
1260 if (nm[0] == 0 || (nm[0] == '.' && nm[1] == '\0')) {
1261 error = zfs_fastaccesschk_execute(zdp, cr);
1276 if (flags & LOOKUP_XATTR) {
1278 * We don't allow recursive attributes..
1279 * Maybe someday we will.
1281 if (zdp->z_pflags & ZFS_XATTR) {
1283 return (SET_ERROR(EINVAL));
1286 if ((error = zfs_get_xattrdir(zdp, zpp, cr, flags))) {
1292 * Do we have permission to get into attribute directory?
1295 if ((error = zfs_zaccess(*zpp, ACE_EXECUTE, 0,
1305 if (!S_ISDIR(ZTOI(zdp)->i_mode)) {
1307 return (SET_ERROR(ENOTDIR));
1311 * Check accessibility of directory.
1314 if ((error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr))) {
1319 if (zfsvfs->z_utf8 && u8_validate(nm, strlen(nm),
1320 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
1322 return (SET_ERROR(EILSEQ));
1325 error = zfs_dirlook(zdp, nm, zpp, flags, direntflags, realpnp);
1326 if ((error == 0) && (*zpp))
1327 zfs_inode_update(*zpp);
1334 * Attempt to create a new entry in a directory. If the entry
1335 * already exists, truncate the file if permissible, else return
1336 * an error. Return the ip of the created or trunc'd file.
1338 * IN: dzp - znode of directory to put new file entry in.
1339 * name - name of new file entry.
1340 * vap - attributes of new file.
1341 * excl - flag indicating exclusive or non-exclusive mode.
1342 * mode - mode to open file with.
1343 * cr - credentials of caller.
1345 * vsecp - ACL to be set
1347 * OUT: zpp - znode of created or trunc'd entry.
1349 * RETURN: 0 on success, error code on failure.
1352 * dzp - ctime|mtime updated if new entry created
1353 * zp - ctime|mtime always, atime if new
1358 zfs_create(znode_t *dzp, char *name, vattr_t *vap, int excl,
1359 int mode, znode_t **zpp, cred_t *cr, int flag, vsecattr_t *vsecp)
1362 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
1370 zfs_acl_ids_t acl_ids;
1371 boolean_t fuid_dirtied;
1372 boolean_t have_acl = B_FALSE;
1373 boolean_t waited = B_FALSE;
1376 * If we have an ephemeral id, ACL, or XVATTR then
1377 * make sure file system is at proper version
1383 if (zfsvfs->z_use_fuids == B_FALSE &&
1384 (vsecp || IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
1385 return (SET_ERROR(EINVAL));
1388 return (SET_ERROR(EINVAL));
1393 zilog = zfsvfs->z_log;
1395 if (zfsvfs->z_utf8 && u8_validate(name, strlen(name),
1396 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
1398 return (SET_ERROR(EILSEQ));
1401 if (vap->va_mask & ATTR_XVATTR) {
1402 if ((error = secpolicy_xvattr((xvattr_t *)vap,
1403 crgetuid(cr), cr, vap->va_mode)) != 0) {
1411 if (*name == '\0') {
1413 * Null component name refers to the directory itself.
1420 /* possible igrab(zp) */
1423 if (flag & FIGNORECASE)
1426 error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg,
1430 zfs_acl_ids_free(&acl_ids);
1431 if (strcmp(name, "..") == 0)
1432 error = SET_ERROR(EISDIR);
1440 uint64_t projid = ZFS_DEFAULT_PROJID;
1443 * Create a new file object and update the directory
1446 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
1448 zfs_acl_ids_free(&acl_ids);
1453 * We only support the creation of regular files in
1454 * extended attribute directories.
1457 if ((dzp->z_pflags & ZFS_XATTR) && !S_ISREG(vap->va_mode)) {
1459 zfs_acl_ids_free(&acl_ids);
1460 error = SET_ERROR(EINVAL);
1464 if (!have_acl && (error = zfs_acl_ids_create(dzp, 0, vap,
1465 cr, vsecp, &acl_ids)) != 0)
1469 if (S_ISREG(vap->va_mode) || S_ISDIR(vap->va_mode))
1470 projid = zfs_inherit_projid(dzp);
1471 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, projid)) {
1472 zfs_acl_ids_free(&acl_ids);
1473 error = SET_ERROR(EDQUOT);
1477 tx = dmu_tx_create(os);
1479 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
1480 ZFS_SA_BASE_ATTR_SIZE);
1482 fuid_dirtied = zfsvfs->z_fuid_dirty;
1484 zfs_fuid_txhold(zfsvfs, tx);
1485 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, name);
1486 dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE);
1487 if (!zfsvfs->z_use_sa &&
1488 acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
1489 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
1490 0, acl_ids.z_aclp->z_acl_bytes);
1493 error = dmu_tx_assign(tx,
1494 (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
1496 zfs_dirent_unlock(dl);
1497 if (error == ERESTART) {
1503 zfs_acl_ids_free(&acl_ids);
1508 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
1510 error = zfs_link_create(dl, zp, tx, ZNEW);
1513 * Since, we failed to add the directory entry for it,
1514 * delete the newly created dnode.
1516 zfs_znode_delete(zp, tx);
1517 remove_inode_hash(ZTOI(zp));
1518 zfs_acl_ids_free(&acl_ids);
1524 zfs_fuid_sync(zfsvfs, tx);
1526 txtype = zfs_log_create_txtype(Z_FILE, vsecp, vap);
1527 if (flag & FIGNORECASE)
1529 zfs_log_create(zilog, tx, txtype, dzp, zp, name,
1530 vsecp, acl_ids.z_fuidp, vap);
1531 zfs_acl_ids_free(&acl_ids);
1534 int aflags = (flag & O_APPEND) ? V_APPEND : 0;
1537 zfs_acl_ids_free(&acl_ids);
1541 * A directory entry already exists for this name.
1544 * Can't truncate an existing file if in exclusive mode.
1547 error = SET_ERROR(EEXIST);
1551 * Can't open a directory for writing.
1553 if (S_ISDIR(ZTOI(zp)->i_mode)) {
1554 error = SET_ERROR(EISDIR);
1558 * Verify requested access to file.
1560 if (mode && (error = zfs_zaccess_rwx(zp, mode, aflags, cr))) {
1564 mutex_enter(&dzp->z_lock);
1566 mutex_exit(&dzp->z_lock);
1569 * Truncate regular files if requested.
1571 if (S_ISREG(ZTOI(zp)->i_mode) &&
1572 (vap->va_mask & ATTR_SIZE) && (vap->va_size == 0)) {
1573 /* we can't hold any locks when calling zfs_freesp() */
1575 zfs_dirent_unlock(dl);
1578 error = zfs_freesp(zp, 0, 0, mode, TRUE);
1584 zfs_dirent_unlock(dl);
1590 zfs_inode_update(dzp);
1591 zfs_inode_update(zp);
1595 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1596 zil_commit(zilog, 0);
1604 zfs_tmpfile(struct inode *dip, vattr_t *vap, int excl,
1605 int mode, struct inode **ipp, cred_t *cr, int flag, vsecattr_t *vsecp)
1607 znode_t *zp = NULL, *dzp = ITOZ(dip);
1608 zfsvfs_t *zfsvfs = ITOZSB(dip);
1614 zfs_acl_ids_t acl_ids;
1615 uint64_t projid = ZFS_DEFAULT_PROJID;
1616 boolean_t fuid_dirtied;
1617 boolean_t have_acl = B_FALSE;
1618 boolean_t waited = B_FALSE;
1621 * If we have an ephemeral id, ACL, or XVATTR then
1622 * make sure file system is at proper version
1628 if (zfsvfs->z_use_fuids == B_FALSE &&
1629 (vsecp || IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
1630 return (SET_ERROR(EINVAL));
1636 if (vap->va_mask & ATTR_XVATTR) {
1637 if ((error = secpolicy_xvattr((xvattr_t *)vap,
1638 crgetuid(cr), cr, vap->va_mode)) != 0) {
1648 * Create a new file object and update the directory
1651 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
1653 zfs_acl_ids_free(&acl_ids);
1657 if (!have_acl && (error = zfs_acl_ids_create(dzp, 0, vap,
1658 cr, vsecp, &acl_ids)) != 0)
1662 if (S_ISREG(vap->va_mode) || S_ISDIR(vap->va_mode))
1663 projid = zfs_inherit_projid(dzp);
1664 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, projid)) {
1665 zfs_acl_ids_free(&acl_ids);
1666 error = SET_ERROR(EDQUOT);
1670 tx = dmu_tx_create(os);
1672 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
1673 ZFS_SA_BASE_ATTR_SIZE);
1674 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
1676 fuid_dirtied = zfsvfs->z_fuid_dirty;
1678 zfs_fuid_txhold(zfsvfs, tx);
1679 if (!zfsvfs->z_use_sa &&
1680 acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
1681 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
1682 0, acl_ids.z_aclp->z_acl_bytes);
1684 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
1686 if (error == ERESTART) {
1692 zfs_acl_ids_free(&acl_ids);
1697 zfs_mknode(dzp, vap, tx, cr, IS_TMPFILE, &zp, &acl_ids);
1700 zfs_fuid_sync(zfsvfs, tx);
1702 /* Add to unlinked set */
1703 zp->z_unlinked = B_TRUE;
1704 zfs_unlinked_add(zp, tx);
1705 zfs_acl_ids_free(&acl_ids);
1713 zfs_inode_update(dzp);
1714 zfs_inode_update(zp);
1723 * Remove an entry from a directory.
1725 * IN: dzp - znode of directory to remove entry from.
1726 * name - name of entry to remove.
1727 * cr - credentials of caller.
1728 * flags - case flags.
1730 * RETURN: 0 if success
1731 * error code if failure
1735 * ip - ctime (if nlink > 0)
1738 uint64_t null_xattr = 0;
1742 zfs_remove(znode_t *dzp, char *name, cred_t *cr, int flags)
1746 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
1748 uint64_t acl_obj, xattr_obj;
1749 uint64_t xattr_obj_unlinked = 0;
1754 boolean_t may_delete_now, delete_now = FALSE;
1755 boolean_t unlinked, toobig = FALSE;
1757 pathname_t *realnmp = NULL;
1761 boolean_t waited = B_FALSE;
1764 return (SET_ERROR(EINVAL));
1768 zilog = zfsvfs->z_log;
1770 if (flags & FIGNORECASE) {
1780 * Attempt to lock directory; fail if entry doesn't exist.
1782 if ((error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg,
1790 if ((error = zfs_zaccess_delete(dzp, zp, cr))) {
1795 * Need to use rmdir for removing directories.
1797 if (S_ISDIR(ZTOI(zp)->i_mode)) {
1798 error = SET_ERROR(EPERM);
1802 mutex_enter(&zp->z_lock);
1803 may_delete_now = atomic_read(&ZTOI(zp)->i_count) == 1 &&
1805 mutex_exit(&zp->z_lock);
1808 * We may delete the znode now, or we may put it in the unlinked set;
1809 * it depends on whether we're the last link, and on whether there are
1810 * other holds on the inode. So we dmu_tx_hold() the right things to
1811 * allow for either case.
1814 tx = dmu_tx_create(zfsvfs->z_os);
1815 dmu_tx_hold_zap(tx, dzp->z_id, FALSE, name);
1816 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
1817 zfs_sa_upgrade_txholds(tx, zp);
1818 zfs_sa_upgrade_txholds(tx, dzp);
1819 if (may_delete_now) {
1820 toobig = zp->z_size > zp->z_blksz * zfs_delete_blocks;
1821 /* if the file is too big, only hold_free a token amount */
1822 dmu_tx_hold_free(tx, zp->z_id, 0,
1823 (toobig ? DMU_MAX_ACCESS : DMU_OBJECT_END));
1826 /* are there any extended attributes? */
1827 error = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
1828 &xattr_obj, sizeof (xattr_obj));
1829 if (error == 0 && xattr_obj) {
1830 error = zfs_zget(zfsvfs, xattr_obj, &xzp);
1832 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
1833 dmu_tx_hold_sa(tx, xzp->z_sa_hdl, B_FALSE);
1836 mutex_enter(&zp->z_lock);
1837 if ((acl_obj = zfs_external_acl(zp)) != 0 && may_delete_now)
1838 dmu_tx_hold_free(tx, acl_obj, 0, DMU_OBJECT_END);
1839 mutex_exit(&zp->z_lock);
1841 /* charge as an update -- would be nice not to charge at all */
1842 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
1845 * Mark this transaction as typically resulting in a net free of space
1847 dmu_tx_mark_netfree(tx);
1849 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
1851 zfs_dirent_unlock(dl);
1852 if (error == ERESTART) {
1872 * Remove the directory entry.
1874 error = zfs_link_destroy(dl, zp, tx, zflg, &unlinked);
1883 * Hold z_lock so that we can make sure that the ACL obj
1884 * hasn't changed. Could have been deleted due to
1887 mutex_enter(&zp->z_lock);
1888 (void) sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
1889 &xattr_obj_unlinked, sizeof (xattr_obj_unlinked));
1890 delete_now = may_delete_now && !toobig &&
1891 atomic_read(&ZTOI(zp)->i_count) == 1 &&
1892 !(zp->z_is_mapped) && xattr_obj == xattr_obj_unlinked &&
1893 zfs_external_acl(zp) == acl_obj;
1897 if (xattr_obj_unlinked) {
1898 ASSERT3U(ZTOI(xzp)->i_nlink, ==, 2);
1899 mutex_enter(&xzp->z_lock);
1900 xzp->z_unlinked = B_TRUE;
1901 clear_nlink(ZTOI(xzp));
1903 error = sa_update(xzp->z_sa_hdl, SA_ZPL_LINKS(zfsvfs),
1904 &links, sizeof (links), tx);
1905 ASSERT3U(error, ==, 0);
1906 mutex_exit(&xzp->z_lock);
1907 zfs_unlinked_add(xzp, tx);
1910 error = sa_remove(zp->z_sa_hdl,
1911 SA_ZPL_XATTR(zfsvfs), tx);
1913 error = sa_update(zp->z_sa_hdl,
1914 SA_ZPL_XATTR(zfsvfs), &null_xattr,
1915 sizeof (uint64_t), tx);
1919 * Add to the unlinked set because a new reference could be
1920 * taken concurrently resulting in a deferred destruction.
1922 zfs_unlinked_add(zp, tx);
1923 mutex_exit(&zp->z_lock);
1924 } else if (unlinked) {
1925 mutex_exit(&zp->z_lock);
1926 zfs_unlinked_add(zp, tx);
1930 if (flags & FIGNORECASE)
1932 zfs_log_remove(zilog, tx, txtype, dzp, name, obj, unlinked);
1939 zfs_dirent_unlock(dl);
1940 zfs_inode_update(dzp);
1941 zfs_inode_update(zp);
1946 zfs_zrele_async(zp);
1949 zfs_inode_update(xzp);
1950 zfs_zrele_async(xzp);
1953 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1954 zil_commit(zilog, 0);
1961 * Create a new directory and insert it into dzp using the name
1962 * provided. Return a pointer to the inserted directory.
1964 * IN: dzp - znode of directory to add subdir to.
1965 * dirname - name of new directory.
1966 * vap - attributes of new directory.
1967 * cr - credentials of caller.
1968 * flags - case flags.
1969 * vsecp - ACL to be set
1971 * OUT: zpp - znode of created directory.
1973 * RETURN: 0 if success
1974 * error code if failure
1977 * dzp - ctime|mtime updated
1978 * zpp - ctime|mtime|atime updated
1982 zfs_mkdir(znode_t *dzp, char *dirname, vattr_t *vap, znode_t **zpp,
1983 cred_t *cr, int flags, vsecattr_t *vsecp)
1986 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
1994 gid_t gid = crgetgid(cr);
1995 zfs_acl_ids_t acl_ids;
1996 boolean_t fuid_dirtied;
1997 boolean_t waited = B_FALSE;
1999 ASSERT(S_ISDIR(vap->va_mode));
2002 * If we have an ephemeral id, ACL, or XVATTR then
2003 * make sure file system is at proper version
2007 if (zfsvfs->z_use_fuids == B_FALSE &&
2008 (vsecp || IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
2009 return (SET_ERROR(EINVAL));
2011 if (dirname == NULL)
2012 return (SET_ERROR(EINVAL));
2016 zilog = zfsvfs->z_log;
2018 if (dzp->z_pflags & ZFS_XATTR) {
2020 return (SET_ERROR(EINVAL));
2023 if (zfsvfs->z_utf8 && u8_validate(dirname,
2024 strlen(dirname), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
2026 return (SET_ERROR(EILSEQ));
2028 if (flags & FIGNORECASE)
2031 if (vap->va_mask & ATTR_XVATTR) {
2032 if ((error = secpolicy_xvattr((xvattr_t *)vap,
2033 crgetuid(cr), cr, vap->va_mode)) != 0) {
2039 if ((error = zfs_acl_ids_create(dzp, 0, vap, cr,
2040 vsecp, &acl_ids)) != 0) {
2045 * First make sure the new directory doesn't exist.
2047 * Existence is checked first to make sure we don't return
2048 * EACCES instead of EEXIST which can cause some applications
2054 if ((error = zfs_dirent_lock(&dl, dzp, dirname, &zp, zf,
2056 zfs_acl_ids_free(&acl_ids);
2061 if ((error = zfs_zaccess(dzp, ACE_ADD_SUBDIRECTORY, 0, B_FALSE, cr))) {
2062 zfs_acl_ids_free(&acl_ids);
2063 zfs_dirent_unlock(dl);
2068 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, zfs_inherit_projid(dzp))) {
2069 zfs_acl_ids_free(&acl_ids);
2070 zfs_dirent_unlock(dl);
2072 return (SET_ERROR(EDQUOT));
2076 * Add a new entry to the directory.
2078 tx = dmu_tx_create(zfsvfs->z_os);
2079 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, dirname);
2080 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
2081 fuid_dirtied = zfsvfs->z_fuid_dirty;
2083 zfs_fuid_txhold(zfsvfs, tx);
2084 if (!zfsvfs->z_use_sa && acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
2085 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
2086 acl_ids.z_aclp->z_acl_bytes);
2089 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
2090 ZFS_SA_BASE_ATTR_SIZE);
2092 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
2094 zfs_dirent_unlock(dl);
2095 if (error == ERESTART) {
2101 zfs_acl_ids_free(&acl_ids);
2110 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
2113 * Now put new name in parent dir.
2115 error = zfs_link_create(dl, zp, tx, ZNEW);
2117 zfs_znode_delete(zp, tx);
2118 remove_inode_hash(ZTOI(zp));
2123 zfs_fuid_sync(zfsvfs, tx);
2127 txtype = zfs_log_create_txtype(Z_DIR, vsecp, vap);
2128 if (flags & FIGNORECASE)
2130 zfs_log_create(zilog, tx, txtype, dzp, zp, dirname, vsecp,
2131 acl_ids.z_fuidp, vap);
2134 zfs_acl_ids_free(&acl_ids);
2138 zfs_dirent_unlock(dl);
2140 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
2141 zil_commit(zilog, 0);
2146 zfs_inode_update(dzp);
2147 zfs_inode_update(zp);
2154 * Remove a directory subdir entry. If the current working
2155 * directory is the same as the subdir to be removed, the
2158 * IN: dzp - znode of directory to remove from.
2159 * name - name of directory to be removed.
2160 * cwd - inode of current working directory.
2161 * cr - credentials of caller.
2162 * flags - case flags
2164 * RETURN: 0 on success, error code on failure.
2167 * dzp - ctime|mtime updated
2171 zfs_rmdir(znode_t *dzp, char *name, znode_t *cwd, cred_t *cr,
2175 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
2181 boolean_t waited = B_FALSE;
2184 return (SET_ERROR(EINVAL));
2188 zilog = zfsvfs->z_log;
2190 if (flags & FIGNORECASE)
2196 * Attempt to lock directory; fail if entry doesn't exist.
2198 if ((error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg,
2204 if ((error = zfs_zaccess_delete(dzp, zp, cr))) {
2208 if (!S_ISDIR(ZTOI(zp)->i_mode)) {
2209 error = SET_ERROR(ENOTDIR);
2214 error = SET_ERROR(EINVAL);
2219 * Grab a lock on the directory to make sure that no one is
2220 * trying to add (or lookup) entries while we are removing it.
2222 rw_enter(&zp->z_name_lock, RW_WRITER);
2225 * Grab a lock on the parent pointer to make sure we play well
2226 * with the treewalk and directory rename code.
2228 rw_enter(&zp->z_parent_lock, RW_WRITER);
2230 tx = dmu_tx_create(zfsvfs->z_os);
2231 dmu_tx_hold_zap(tx, dzp->z_id, FALSE, name);
2232 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
2233 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
2234 zfs_sa_upgrade_txholds(tx, zp);
2235 zfs_sa_upgrade_txholds(tx, dzp);
2236 dmu_tx_mark_netfree(tx);
2237 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
2239 rw_exit(&zp->z_parent_lock);
2240 rw_exit(&zp->z_name_lock);
2241 zfs_dirent_unlock(dl);
2242 if (error == ERESTART) {
2255 error = zfs_link_destroy(dl, zp, tx, zflg, NULL);
2258 uint64_t txtype = TX_RMDIR;
2259 if (flags & FIGNORECASE)
2261 zfs_log_remove(zilog, tx, txtype, dzp, name, ZFS_NO_OBJECT,
2267 rw_exit(&zp->z_parent_lock);
2268 rw_exit(&zp->z_name_lock);
2270 zfs_dirent_unlock(dl);
2272 zfs_inode_update(dzp);
2273 zfs_inode_update(zp);
2276 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
2277 zil_commit(zilog, 0);
2284 * Read directory entries from the given directory cursor position and emit
2285 * name and position for each entry.
2287 * IN: ip - inode of directory to read.
2288 * ctx - directory entry context.
2289 * cr - credentials of caller.
2291 * RETURN: 0 if success
2292 * error code if failure
2295 * ip - atime updated
2297 * Note that the low 4 bits of the cookie returned by zap is always zero.
2298 * This allows us to use the low range for "special" directory entries:
2299 * We use 0 for '.', and 1 for '..'. If this is the root of the filesystem,
2300 * we use the offset 2 for the '.zfs' directory.
2304 zfs_readdir(struct inode *ip, zpl_dir_context_t *ctx, cred_t *cr)
2306 znode_t *zp = ITOZ(ip);
2307 zfsvfs_t *zfsvfs = ITOZSB(ip);
2310 zap_attribute_t zap;
2316 uint64_t offset; /* must be unsigned; checks for < 1 */
2321 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
2322 &parent, sizeof (parent))) != 0)
2326 * Quit if directory has been removed (posix)
2334 prefetch = zp->z_zn_prefetch;
2337 * Initialize the iterator cursor.
2341 * Start iteration from the beginning of the directory.
2343 zap_cursor_init(&zc, os, zp->z_id);
2346 * The offset is a serialized cursor.
2348 zap_cursor_init_serialized(&zc, os, zp->z_id, offset);
2352 * Transform to file-system independent format
2357 * Special case `.', `..', and `.zfs'.
2360 (void) strcpy(zap.za_name, ".");
2361 zap.za_normalization_conflict = 0;
2364 } else if (offset == 1) {
2365 (void) strcpy(zap.za_name, "..");
2366 zap.za_normalization_conflict = 0;
2369 } else if (offset == 2 && zfs_show_ctldir(zp)) {
2370 (void) strcpy(zap.za_name, ZFS_CTLDIR_NAME);
2371 zap.za_normalization_conflict = 0;
2372 objnum = ZFSCTL_INO_ROOT;
2378 if ((error = zap_cursor_retrieve(&zc, &zap))) {
2379 if (error == ENOENT)
2386 * Allow multiple entries provided the first entry is
2387 * the object id. Non-zpl consumers may safely make
2388 * use of the additional space.
2390 * XXX: This should be a feature flag for compatibility
2392 if (zap.za_integer_length != 8 ||
2393 zap.za_num_integers == 0) {
2394 cmn_err(CE_WARN, "zap_readdir: bad directory "
2395 "entry, obj = %lld, offset = %lld, "
2396 "length = %d, num = %lld\n",
2397 (u_longlong_t)zp->z_id,
2398 (u_longlong_t)offset,
2399 zap.za_integer_length,
2400 (u_longlong_t)zap.za_num_integers);
2401 error = SET_ERROR(ENXIO);
2405 objnum = ZFS_DIRENT_OBJ(zap.za_first_integer);
2406 type = ZFS_DIRENT_TYPE(zap.za_first_integer);
2409 done = !zpl_dir_emit(ctx, zap.za_name, strlen(zap.za_name),
2414 /* Prefetch znode */
2416 dmu_prefetch(os, objnum, 0, 0, 0,
2417 ZIO_PRIORITY_SYNC_READ);
2421 * Move to the next entry, fill in the previous offset.
2423 if (offset > 2 || (offset == 2 && !zfs_show_ctldir(zp))) {
2424 zap_cursor_advance(&zc);
2425 offset = zap_cursor_serialize(&zc);
2431 zp->z_zn_prefetch = B_FALSE; /* a lookup will re-enable pre-fetching */
2434 zap_cursor_fini(&zc);
2435 if (error == ENOENT)
2443 ulong_t zfs_fsync_sync_cnt = 4;
2446 zfs_fsync(znode_t *zp, int syncflag, cred_t *cr)
2448 zfsvfs_t *zfsvfs = ZTOZSB(zp);
2450 (void) tsd_set(zfs_fsyncer_key, (void *)zfs_fsync_sync_cnt);
2452 if (zfsvfs->z_os->os_sync != ZFS_SYNC_DISABLED) {
2455 zil_commit(zfsvfs->z_log, zp->z_id);
2458 tsd_set(zfs_fsyncer_key, NULL);
2464 * Get the basic file attributes and place them in the provided kstat
2465 * structure. The inode is assumed to be the authoritative source
2466 * for most of the attributes. However, the znode currently has the
2467 * authoritative atime, blksize, and block count.
2469 * IN: ip - inode of file.
2471 * OUT: sp - kstat values.
2473 * RETURN: 0 (always succeeds)
2477 zfs_getattr_fast(struct inode *ip, struct kstat *sp)
2479 znode_t *zp = ITOZ(ip);
2480 zfsvfs_t *zfsvfs = ITOZSB(ip);
2482 u_longlong_t nblocks;
2487 mutex_enter(&zp->z_lock);
2489 generic_fillattr(ip, sp);
2491 * +1 link count for root inode with visible '.zfs' directory.
2493 if ((zp->z_id == zfsvfs->z_root) && zfs_show_ctldir(zp))
2494 if (sp->nlink < ZFS_LINK_MAX)
2497 sa_object_size(zp->z_sa_hdl, &blksize, &nblocks);
2498 sp->blksize = blksize;
2499 sp->blocks = nblocks;
2501 if (unlikely(zp->z_blksz == 0)) {
2503 * Block size hasn't been set; suggest maximal I/O transfers.
2505 sp->blksize = zfsvfs->z_max_blksz;
2508 mutex_exit(&zp->z_lock);
2511 * Required to prevent NFS client from detecting different inode
2512 * numbers of snapshot root dentry before and after snapshot mount.
2514 if (zfsvfs->z_issnap) {
2515 if (ip->i_sb->s_root->d_inode == ip)
2516 sp->ino = ZFSCTL_INO_SNAPDIRS -
2517 dmu_objset_id(zfsvfs->z_os);
2526 * For the operation of changing file's user/group/project, we need to
2527 * handle not only the main object that is assigned to the file directly,
2528 * but also the ones that are used by the file via hidden xattr directory.
2530 * Because the xattr directory may contains many EA entries, as to it may
2531 * be impossible to change all of them via the transaction of changing the
2532 * main object's user/group/project attributes. Then we have to change them
2533 * via other multiple independent transactions one by one. It may be not good
2534 * solution, but we have no better idea yet.
2537 zfs_setattr_dir(znode_t *dzp)
2539 struct inode *dxip = ZTOI(dzp);
2540 struct inode *xip = NULL;
2541 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
2542 objset_t *os = zfsvfs->z_os;
2544 zap_attribute_t zap;
2547 dmu_tx_t *tx = NULL;
2549 sa_bulk_attr_t bulk[4];
2553 zap_cursor_init(&zc, os, dzp->z_id);
2554 while ((err = zap_cursor_retrieve(&zc, &zap)) == 0) {
2556 if (zap.za_integer_length != 8 || zap.za_num_integers != 1) {
2561 err = zfs_dirent_lock(&dl, dzp, (char *)zap.za_name, &zp,
2562 ZEXISTS, NULL, NULL);
2569 if (KUID_TO_SUID(xip->i_uid) == KUID_TO_SUID(dxip->i_uid) &&
2570 KGID_TO_SGID(xip->i_gid) == KGID_TO_SGID(dxip->i_gid) &&
2571 zp->z_projid == dzp->z_projid)
2574 tx = dmu_tx_create(os);
2575 if (!(zp->z_pflags & ZFS_PROJID))
2576 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2578 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
2580 err = dmu_tx_assign(tx, TXG_WAIT);
2584 mutex_enter(&dzp->z_lock);
2586 if (KUID_TO_SUID(xip->i_uid) != KUID_TO_SUID(dxip->i_uid)) {
2587 xip->i_uid = dxip->i_uid;
2588 uid = zfs_uid_read(dxip);
2589 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zfsvfs), NULL,
2590 &uid, sizeof (uid));
2593 if (KGID_TO_SGID(xip->i_gid) != KGID_TO_SGID(dxip->i_gid)) {
2594 xip->i_gid = dxip->i_gid;
2595 gid = zfs_gid_read(dxip);
2596 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zfsvfs), NULL,
2597 &gid, sizeof (gid));
2600 if (zp->z_projid != dzp->z_projid) {
2601 if (!(zp->z_pflags & ZFS_PROJID)) {
2602 zp->z_pflags |= ZFS_PROJID;
2603 SA_ADD_BULK_ATTR(bulk, count,
2604 SA_ZPL_FLAGS(zfsvfs), NULL, &zp->z_pflags,
2605 sizeof (zp->z_pflags));
2608 zp->z_projid = dzp->z_projid;
2609 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_PROJID(zfsvfs),
2610 NULL, &zp->z_projid, sizeof (zp->z_projid));
2613 mutex_exit(&dzp->z_lock);
2615 if (likely(count > 0)) {
2616 err = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
2622 if (err != 0 && err != ENOENT)
2629 zfs_dirent_unlock(dl);
2631 zap_cursor_advance(&zc);
2638 zfs_dirent_unlock(dl);
2640 zap_cursor_fini(&zc);
2642 return (err == ENOENT ? 0 : err);
2646 * Set the file attributes to the values contained in the
2649 * IN: zp - znode of file to be modified.
2650 * vap - new attribute values.
2651 * If ATTR_XVATTR set, then optional attrs are being set
2652 * flags - ATTR_UTIME set if non-default time values provided.
2653 * - ATTR_NOACLCHECK (CIFS context only).
2654 * cr - credentials of caller.
2656 * RETURN: 0 if success
2657 * error code if failure
2660 * ip - ctime updated, mtime updated if size changed.
2664 zfs_setattr(znode_t *zp, vattr_t *vap, int flags, cred_t *cr)
2667 zfsvfs_t *zfsvfs = ZTOZSB(zp);
2668 objset_t *os = zfsvfs->z_os;
2672 xvattr_t *tmpxvattr;
2673 uint_t mask = vap->va_mask;
2674 uint_t saved_mask = 0;
2677 uint64_t new_kuid = 0, new_kgid = 0, new_uid, new_gid;
2679 uint64_t mtime[2], ctime[2], atime[2];
2680 uint64_t projid = ZFS_INVALID_PROJID;
2682 int need_policy = FALSE;
2684 zfs_fuid_info_t *fuidp = NULL;
2685 xvattr_t *xvap = (xvattr_t *)vap; /* vap may be an xvattr_t * */
2688 boolean_t skipaclchk = (flags & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
2689 boolean_t fuid_dirtied = B_FALSE;
2690 boolean_t handle_eadir = B_FALSE;
2691 sa_bulk_attr_t *bulk, *xattr_bulk;
2692 int count = 0, xattr_count = 0, bulks = 8;
2702 * If this is a xvattr_t, then get a pointer to the structure of
2703 * optional attributes. If this is NULL, then we have a vattr_t.
2705 xoap = xva_getxoptattr(xvap);
2706 if (xoap != NULL && (mask & ATTR_XVATTR)) {
2707 if (XVA_ISSET_REQ(xvap, XAT_PROJID)) {
2708 if (!dmu_objset_projectquota_enabled(os) ||
2709 (!S_ISREG(ip->i_mode) && !S_ISDIR(ip->i_mode))) {
2711 return (SET_ERROR(ENOTSUP));
2714 projid = xoap->xoa_projid;
2715 if (unlikely(projid == ZFS_INVALID_PROJID)) {
2717 return (SET_ERROR(EINVAL));
2720 if (projid == zp->z_projid && zp->z_pflags & ZFS_PROJID)
2721 projid = ZFS_INVALID_PROJID;
2726 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT) &&
2727 (xoap->xoa_projinherit !=
2728 ((zp->z_pflags & ZFS_PROJINHERIT) != 0)) &&
2729 (!dmu_objset_projectquota_enabled(os) ||
2730 (!S_ISREG(ip->i_mode) && !S_ISDIR(ip->i_mode)))) {
2732 return (SET_ERROR(ENOTSUP));
2736 zilog = zfsvfs->z_log;
2739 * Make sure that if we have ephemeral uid/gid or xvattr specified
2740 * that file system is at proper version level
2743 if (zfsvfs->z_use_fuids == B_FALSE &&
2744 (((mask & ATTR_UID) && IS_EPHEMERAL(vap->va_uid)) ||
2745 ((mask & ATTR_GID) && IS_EPHEMERAL(vap->va_gid)) ||
2746 (mask & ATTR_XVATTR))) {
2748 return (SET_ERROR(EINVAL));
2751 if (mask & ATTR_SIZE && S_ISDIR(ip->i_mode)) {
2753 return (SET_ERROR(EISDIR));
2756 if (mask & ATTR_SIZE && !S_ISREG(ip->i_mode) && !S_ISFIFO(ip->i_mode)) {
2758 return (SET_ERROR(EINVAL));
2761 tmpxvattr = kmem_alloc(sizeof (xvattr_t), KM_SLEEP);
2762 xva_init(tmpxvattr);
2764 bulk = kmem_alloc(sizeof (sa_bulk_attr_t) * bulks, KM_SLEEP);
2765 xattr_bulk = kmem_alloc(sizeof (sa_bulk_attr_t) * bulks, KM_SLEEP);
2768 * Immutable files can only alter immutable bit and atime
2770 if ((zp->z_pflags & ZFS_IMMUTABLE) &&
2771 ((mask & (ATTR_SIZE|ATTR_UID|ATTR_GID|ATTR_MTIME|ATTR_MODE)) ||
2772 ((mask & ATTR_XVATTR) && XVA_ISSET_REQ(xvap, XAT_CREATETIME)))) {
2773 err = SET_ERROR(EPERM);
2777 if ((mask & ATTR_SIZE) && (zp->z_pflags & ZFS_READONLY)) {
2778 err = SET_ERROR(EPERM);
2783 * Verify timestamps doesn't overflow 32 bits.
2784 * ZFS can handle large timestamps, but 32bit syscalls can't
2785 * handle times greater than 2039. This check should be removed
2786 * once large timestamps are fully supported.
2788 if (mask & (ATTR_ATIME | ATTR_MTIME)) {
2789 if (((mask & ATTR_ATIME) &&
2790 TIMESPEC_OVERFLOW(&vap->va_atime)) ||
2791 ((mask & ATTR_MTIME) &&
2792 TIMESPEC_OVERFLOW(&vap->va_mtime))) {
2793 err = SET_ERROR(EOVERFLOW);
2802 /* Can this be moved to before the top label? */
2803 if (zfs_is_readonly(zfsvfs)) {
2804 err = SET_ERROR(EROFS);
2809 * First validate permissions
2812 if (mask & ATTR_SIZE) {
2813 err = zfs_zaccess(zp, ACE_WRITE_DATA, 0, skipaclchk, cr);
2818 * XXX - Note, we are not providing any open
2819 * mode flags here (like FNDELAY), so we may
2820 * block if there are locks present... this
2821 * should be addressed in openat().
2823 /* XXX - would it be OK to generate a log record here? */
2824 err = zfs_freesp(zp, vap->va_size, 0, 0, FALSE);
2829 if (mask & (ATTR_ATIME|ATTR_MTIME) ||
2830 ((mask & ATTR_XVATTR) && (XVA_ISSET_REQ(xvap, XAT_HIDDEN) ||
2831 XVA_ISSET_REQ(xvap, XAT_READONLY) ||
2832 XVA_ISSET_REQ(xvap, XAT_ARCHIVE) ||
2833 XVA_ISSET_REQ(xvap, XAT_OFFLINE) ||
2834 XVA_ISSET_REQ(xvap, XAT_SPARSE) ||
2835 XVA_ISSET_REQ(xvap, XAT_CREATETIME) ||
2836 XVA_ISSET_REQ(xvap, XAT_SYSTEM)))) {
2837 need_policy = zfs_zaccess(zp, ACE_WRITE_ATTRIBUTES, 0,
2841 if (mask & (ATTR_UID|ATTR_GID)) {
2842 int idmask = (mask & (ATTR_UID|ATTR_GID));
2847 * NOTE: even if a new mode is being set,
2848 * we may clear S_ISUID/S_ISGID bits.
2851 if (!(mask & ATTR_MODE))
2852 vap->va_mode = zp->z_mode;
2855 * Take ownership or chgrp to group we are a member of
2858 take_owner = (mask & ATTR_UID) && (vap->va_uid == crgetuid(cr));
2859 take_group = (mask & ATTR_GID) &&
2860 zfs_groupmember(zfsvfs, vap->va_gid, cr);
2863 * If both ATTR_UID and ATTR_GID are set then take_owner and
2864 * take_group must both be set in order to allow taking
2867 * Otherwise, send the check through secpolicy_vnode_setattr()
2871 if (((idmask == (ATTR_UID|ATTR_GID)) &&
2872 take_owner && take_group) ||
2873 ((idmask == ATTR_UID) && take_owner) ||
2874 ((idmask == ATTR_GID) && take_group)) {
2875 if (zfs_zaccess(zp, ACE_WRITE_OWNER, 0,
2876 skipaclchk, cr) == 0) {
2878 * Remove setuid/setgid for non-privileged users
2880 (void) secpolicy_setid_clear(vap, cr);
2881 trim_mask = (mask & (ATTR_UID|ATTR_GID));
2890 mutex_enter(&zp->z_lock);
2891 oldva.va_mode = zp->z_mode;
2892 zfs_fuid_map_ids(zp, cr, &oldva.va_uid, &oldva.va_gid);
2893 if (mask & ATTR_XVATTR) {
2895 * Update xvattr mask to include only those attributes
2896 * that are actually changing.
2898 * the bits will be restored prior to actually setting
2899 * the attributes so the caller thinks they were set.
2901 if (XVA_ISSET_REQ(xvap, XAT_APPENDONLY)) {
2902 if (xoap->xoa_appendonly !=
2903 ((zp->z_pflags & ZFS_APPENDONLY) != 0)) {
2906 XVA_CLR_REQ(xvap, XAT_APPENDONLY);
2907 XVA_SET_REQ(tmpxvattr, XAT_APPENDONLY);
2911 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT)) {
2912 if (xoap->xoa_projinherit !=
2913 ((zp->z_pflags & ZFS_PROJINHERIT) != 0)) {
2916 XVA_CLR_REQ(xvap, XAT_PROJINHERIT);
2917 XVA_SET_REQ(tmpxvattr, XAT_PROJINHERIT);
2921 if (XVA_ISSET_REQ(xvap, XAT_NOUNLINK)) {
2922 if (xoap->xoa_nounlink !=
2923 ((zp->z_pflags & ZFS_NOUNLINK) != 0)) {
2926 XVA_CLR_REQ(xvap, XAT_NOUNLINK);
2927 XVA_SET_REQ(tmpxvattr, XAT_NOUNLINK);
2931 if (XVA_ISSET_REQ(xvap, XAT_IMMUTABLE)) {
2932 if (xoap->xoa_immutable !=
2933 ((zp->z_pflags & ZFS_IMMUTABLE) != 0)) {
2936 XVA_CLR_REQ(xvap, XAT_IMMUTABLE);
2937 XVA_SET_REQ(tmpxvattr, XAT_IMMUTABLE);
2941 if (XVA_ISSET_REQ(xvap, XAT_NODUMP)) {
2942 if (xoap->xoa_nodump !=
2943 ((zp->z_pflags & ZFS_NODUMP) != 0)) {
2946 XVA_CLR_REQ(xvap, XAT_NODUMP);
2947 XVA_SET_REQ(tmpxvattr, XAT_NODUMP);
2951 if (XVA_ISSET_REQ(xvap, XAT_AV_MODIFIED)) {
2952 if (xoap->xoa_av_modified !=
2953 ((zp->z_pflags & ZFS_AV_MODIFIED) != 0)) {
2956 XVA_CLR_REQ(xvap, XAT_AV_MODIFIED);
2957 XVA_SET_REQ(tmpxvattr, XAT_AV_MODIFIED);
2961 if (XVA_ISSET_REQ(xvap, XAT_AV_QUARANTINED)) {
2962 if ((!S_ISREG(ip->i_mode) &&
2963 xoap->xoa_av_quarantined) ||
2964 xoap->xoa_av_quarantined !=
2965 ((zp->z_pflags & ZFS_AV_QUARANTINED) != 0)) {
2968 XVA_CLR_REQ(xvap, XAT_AV_QUARANTINED);
2969 XVA_SET_REQ(tmpxvattr, XAT_AV_QUARANTINED);
2973 if (XVA_ISSET_REQ(xvap, XAT_REPARSE)) {
2974 mutex_exit(&zp->z_lock);
2975 err = SET_ERROR(EPERM);
2979 if (need_policy == FALSE &&
2980 (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP) ||
2981 XVA_ISSET_REQ(xvap, XAT_OPAQUE))) {
2986 mutex_exit(&zp->z_lock);
2988 if (mask & ATTR_MODE) {
2989 if (zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr) == 0) {
2990 err = secpolicy_setid_setsticky_clear(ip, vap,
2995 trim_mask |= ATTR_MODE;
3003 * If trim_mask is set then take ownership
3004 * has been granted or write_acl is present and user
3005 * has the ability to modify mode. In that case remove
3006 * UID|GID and or MODE from mask so that
3007 * secpolicy_vnode_setattr() doesn't revoke it.
3011 saved_mask = vap->va_mask;
3012 vap->va_mask &= ~trim_mask;
3014 err = secpolicy_vnode_setattr(cr, ip, vap, &oldva, flags,
3015 (int (*)(void *, int, cred_t *))zfs_zaccess_unix, zp);
3020 vap->va_mask |= saved_mask;
3024 * secpolicy_vnode_setattr, or take ownership may have
3027 mask = vap->va_mask;
3029 if ((mask & (ATTR_UID | ATTR_GID)) || projid != ZFS_INVALID_PROJID) {
3030 handle_eadir = B_TRUE;
3031 err = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
3032 &xattr_obj, sizeof (xattr_obj));
3034 if (err == 0 && xattr_obj) {
3035 err = zfs_zget(ZTOZSB(zp), xattr_obj, &attrzp);
3039 if (mask & ATTR_UID) {
3040 new_kuid = zfs_fuid_create(zfsvfs,
3041 (uint64_t)vap->va_uid, cr, ZFS_OWNER, &fuidp);
3042 if (new_kuid != KUID_TO_SUID(ZTOI(zp)->i_uid) &&
3043 zfs_id_overquota(zfsvfs, DMU_USERUSED_OBJECT,
3047 err = SET_ERROR(EDQUOT);
3052 if (mask & ATTR_GID) {
3053 new_kgid = zfs_fuid_create(zfsvfs,
3054 (uint64_t)vap->va_gid, cr, ZFS_GROUP, &fuidp);
3055 if (new_kgid != KGID_TO_SGID(ZTOI(zp)->i_gid) &&
3056 zfs_id_overquota(zfsvfs, DMU_GROUPUSED_OBJECT,
3060 err = SET_ERROR(EDQUOT);
3065 if (projid != ZFS_INVALID_PROJID &&
3066 zfs_id_overquota(zfsvfs, DMU_PROJECTUSED_OBJECT, projid)) {
3073 tx = dmu_tx_create(os);
3075 if (mask & ATTR_MODE) {
3076 uint64_t pmode = zp->z_mode;
3078 new_mode = (pmode & S_IFMT) | (vap->va_mode & ~S_IFMT);
3080 if (ZTOZSB(zp)->z_acl_mode == ZFS_ACL_RESTRICTED &&
3081 !(zp->z_pflags & ZFS_ACL_TRIVIAL)) {
3086 if ((err = zfs_acl_chmod_setattr(zp, &aclp, new_mode)))
3089 mutex_enter(&zp->z_lock);
3090 if (!zp->z_is_sa && ((acl_obj = zfs_external_acl(zp)) != 0)) {
3092 * Are we upgrading ACL from old V0 format
3095 if (zfsvfs->z_version >= ZPL_VERSION_FUID &&
3096 zfs_znode_acl_version(zp) ==
3097 ZFS_ACL_VERSION_INITIAL) {
3098 dmu_tx_hold_free(tx, acl_obj, 0,
3100 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
3101 0, aclp->z_acl_bytes);
3103 dmu_tx_hold_write(tx, acl_obj, 0,
3106 } else if (!zp->z_is_sa && aclp->z_acl_bytes > ZFS_ACE_SPACE) {
3107 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
3108 0, aclp->z_acl_bytes);
3110 mutex_exit(&zp->z_lock);
3111 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
3113 if (((mask & ATTR_XVATTR) &&
3114 XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP)) ||
3115 (projid != ZFS_INVALID_PROJID &&
3116 !(zp->z_pflags & ZFS_PROJID)))
3117 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
3119 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
3123 dmu_tx_hold_sa(tx, attrzp->z_sa_hdl, B_FALSE);
3126 fuid_dirtied = zfsvfs->z_fuid_dirty;
3128 zfs_fuid_txhold(zfsvfs, tx);
3130 zfs_sa_upgrade_txholds(tx, zp);
3132 err = dmu_tx_assign(tx, TXG_WAIT);
3138 * Set each attribute requested.
3139 * We group settings according to the locks they need to acquire.
3141 * Note: you cannot set ctime directly, although it will be
3142 * updated as a side-effect of calling this function.
3145 if (projid != ZFS_INVALID_PROJID && !(zp->z_pflags & ZFS_PROJID)) {
3147 * For the existed object that is upgraded from old system,
3148 * its on-disk layout has no slot for the project ID attribute.
3149 * But quota accounting logic needs to access related slots by
3150 * offset directly. So we need to adjust old objects' layout
3151 * to make the project ID to some unified and fixed offset.
3154 err = sa_add_projid(attrzp->z_sa_hdl, tx, projid);
3156 err = sa_add_projid(zp->z_sa_hdl, tx, projid);
3158 if (unlikely(err == EEXIST))
3163 projid = ZFS_INVALID_PROJID;
3166 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
3167 mutex_enter(&zp->z_acl_lock);
3168 mutex_enter(&zp->z_lock);
3170 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL,
3171 &zp->z_pflags, sizeof (zp->z_pflags));
3174 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
3175 mutex_enter(&attrzp->z_acl_lock);
3176 mutex_enter(&attrzp->z_lock);
3177 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
3178 SA_ZPL_FLAGS(zfsvfs), NULL, &attrzp->z_pflags,
3179 sizeof (attrzp->z_pflags));
3180 if (projid != ZFS_INVALID_PROJID) {
3181 attrzp->z_projid = projid;
3182 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
3183 SA_ZPL_PROJID(zfsvfs), NULL, &attrzp->z_projid,
3184 sizeof (attrzp->z_projid));
3188 if (mask & (ATTR_UID|ATTR_GID)) {
3190 if (mask & ATTR_UID) {
3191 ZTOI(zp)->i_uid = SUID_TO_KUID(new_kuid);
3192 new_uid = zfs_uid_read(ZTOI(zp));
3193 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zfsvfs), NULL,
3194 &new_uid, sizeof (new_uid));
3196 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
3197 SA_ZPL_UID(zfsvfs), NULL, &new_uid,
3199 ZTOI(attrzp)->i_uid = SUID_TO_KUID(new_uid);
3203 if (mask & ATTR_GID) {
3204 ZTOI(zp)->i_gid = SGID_TO_KGID(new_kgid);
3205 new_gid = zfs_gid_read(ZTOI(zp));
3206 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zfsvfs),
3207 NULL, &new_gid, sizeof (new_gid));
3209 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
3210 SA_ZPL_GID(zfsvfs), NULL, &new_gid,
3212 ZTOI(attrzp)->i_gid = SGID_TO_KGID(new_kgid);
3215 if (!(mask & ATTR_MODE)) {
3216 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zfsvfs),
3217 NULL, &new_mode, sizeof (new_mode));
3218 new_mode = zp->z_mode;
3220 err = zfs_acl_chown_setattr(zp);
3223 err = zfs_acl_chown_setattr(attrzp);
3228 if (mask & ATTR_MODE) {
3229 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zfsvfs), NULL,
3230 &new_mode, sizeof (new_mode));
3231 zp->z_mode = ZTOI(zp)->i_mode = new_mode;
3232 ASSERT3P(aclp, !=, NULL);
3233 err = zfs_aclset_common(zp, aclp, cr, tx);
3235 if (zp->z_acl_cached)
3236 zfs_acl_free(zp->z_acl_cached);
3237 zp->z_acl_cached = aclp;
3241 if ((mask & ATTR_ATIME) || zp->z_atime_dirty) {
3242 zp->z_atime_dirty = B_FALSE;
3243 ZFS_TIME_ENCODE(&ip->i_atime, atime);
3244 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_ATIME(zfsvfs), NULL,
3245 &atime, sizeof (atime));
3248 if (mask & (ATTR_MTIME | ATTR_SIZE)) {
3249 ZFS_TIME_ENCODE(&vap->va_mtime, mtime);
3250 ZTOI(zp)->i_mtime = zpl_inode_timestamp_truncate(
3251 vap->va_mtime, ZTOI(zp));
3253 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL,
3254 mtime, sizeof (mtime));
3257 if (mask & (ATTR_CTIME | ATTR_SIZE)) {
3258 ZFS_TIME_ENCODE(&vap->va_ctime, ctime);
3259 ZTOI(zp)->i_ctime = zpl_inode_timestamp_truncate(vap->va_ctime,
3261 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL,
3262 ctime, sizeof (ctime));
3265 if (projid != ZFS_INVALID_PROJID) {
3266 zp->z_projid = projid;
3267 SA_ADD_BULK_ATTR(bulk, count,
3268 SA_ZPL_PROJID(zfsvfs), NULL, &zp->z_projid,
3269 sizeof (zp->z_projid));
3272 if (attrzp && mask) {
3273 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
3274 SA_ZPL_CTIME(zfsvfs), NULL, &ctime,
3279 * Do this after setting timestamps to prevent timestamp
3280 * update from toggling bit
3283 if (xoap && (mask & ATTR_XVATTR)) {
3286 * restore trimmed off masks
3287 * so that return masks can be set for caller.
3290 if (XVA_ISSET_REQ(tmpxvattr, XAT_APPENDONLY)) {
3291 XVA_SET_REQ(xvap, XAT_APPENDONLY);
3293 if (XVA_ISSET_REQ(tmpxvattr, XAT_NOUNLINK)) {
3294 XVA_SET_REQ(xvap, XAT_NOUNLINK);
3296 if (XVA_ISSET_REQ(tmpxvattr, XAT_IMMUTABLE)) {
3297 XVA_SET_REQ(xvap, XAT_IMMUTABLE);
3299 if (XVA_ISSET_REQ(tmpxvattr, XAT_NODUMP)) {
3300 XVA_SET_REQ(xvap, XAT_NODUMP);
3302 if (XVA_ISSET_REQ(tmpxvattr, XAT_AV_MODIFIED)) {
3303 XVA_SET_REQ(xvap, XAT_AV_MODIFIED);
3305 if (XVA_ISSET_REQ(tmpxvattr, XAT_AV_QUARANTINED)) {
3306 XVA_SET_REQ(xvap, XAT_AV_QUARANTINED);
3308 if (XVA_ISSET_REQ(tmpxvattr, XAT_PROJINHERIT)) {
3309 XVA_SET_REQ(xvap, XAT_PROJINHERIT);
3312 if (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP))
3313 ASSERT(S_ISREG(ip->i_mode));
3315 zfs_xvattr_set(zp, xvap, tx);
3319 zfs_fuid_sync(zfsvfs, tx);
3322 zfs_log_setattr(zilog, tx, TX_SETATTR, zp, vap, mask, fuidp);
3324 mutex_exit(&zp->z_lock);
3325 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
3326 mutex_exit(&zp->z_acl_lock);
3329 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
3330 mutex_exit(&attrzp->z_acl_lock);
3331 mutex_exit(&attrzp->z_lock);
3334 if (err == 0 && xattr_count > 0) {
3335 err2 = sa_bulk_update(attrzp->z_sa_hdl, xattr_bulk,
3344 zfs_fuid_info_free(fuidp);
3352 if (err == ERESTART)
3356 err2 = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
3359 if (err2 == 0 && handle_eadir)
3360 err2 = zfs_setattr_dir(attrzp);
3363 zfs_inode_update(zp);
3367 if (os->os_sync == ZFS_SYNC_ALWAYS)
3368 zil_commit(zilog, 0);
3371 kmem_free(xattr_bulk, sizeof (sa_bulk_attr_t) * bulks);
3372 kmem_free(bulk, sizeof (sa_bulk_attr_t) * bulks);
3373 kmem_free(tmpxvattr, sizeof (xvattr_t));
3378 typedef struct zfs_zlock {
3379 krwlock_t *zl_rwlock; /* lock we acquired */
3380 znode_t *zl_znode; /* znode we held */
3381 struct zfs_zlock *zl_next; /* next in list */
3385 * Drop locks and release vnodes that were held by zfs_rename_lock().
3388 zfs_rename_unlock(zfs_zlock_t **zlpp)
3392 while ((zl = *zlpp) != NULL) {
3393 if (zl->zl_znode != NULL)
3394 zfs_zrele_async(zl->zl_znode);
3395 rw_exit(zl->zl_rwlock);
3396 *zlpp = zl->zl_next;
3397 kmem_free(zl, sizeof (*zl));
3402 * Search back through the directory tree, using the ".." entries.
3403 * Lock each directory in the chain to prevent concurrent renames.
3404 * Fail any attempt to move a directory into one of its own descendants.
3405 * XXX - z_parent_lock can overlap with map or grow locks
3408 zfs_rename_lock(znode_t *szp, znode_t *tdzp, znode_t *sdzp, zfs_zlock_t **zlpp)
3412 uint64_t rootid = ZTOZSB(zp)->z_root;
3413 uint64_t oidp = zp->z_id;
3414 krwlock_t *rwlp = &szp->z_parent_lock;
3415 krw_t rw = RW_WRITER;
3418 * First pass write-locks szp and compares to zp->z_id.
3419 * Later passes read-lock zp and compare to zp->z_parent.
3422 if (!rw_tryenter(rwlp, rw)) {
3424 * Another thread is renaming in this path.
3425 * Note that if we are a WRITER, we don't have any
3426 * parent_locks held yet.
3428 if (rw == RW_READER && zp->z_id > szp->z_id) {
3430 * Drop our locks and restart
3432 zfs_rename_unlock(&zl);
3436 rwlp = &szp->z_parent_lock;
3441 * Wait for other thread to drop its locks
3447 zl = kmem_alloc(sizeof (*zl), KM_SLEEP);
3448 zl->zl_rwlock = rwlp;
3449 zl->zl_znode = NULL;
3450 zl->zl_next = *zlpp;
3453 if (oidp == szp->z_id) /* We're a descendant of szp */
3454 return (SET_ERROR(EINVAL));
3456 if (oidp == rootid) /* We've hit the top */
3459 if (rw == RW_READER) { /* i.e. not the first pass */
3460 int error = zfs_zget(ZTOZSB(zp), oidp, &zp);
3465 (void) sa_lookup(zp->z_sa_hdl, SA_ZPL_PARENT(ZTOZSB(zp)),
3466 &oidp, sizeof (oidp));
3467 rwlp = &zp->z_parent_lock;
3470 } while (zp->z_id != sdzp->z_id);
3476 * Move an entry from the provided source directory to the target
3477 * directory. Change the entry name as indicated.
3479 * IN: sdzp - Source directory containing the "old entry".
3480 * snm - Old entry name.
3481 * tdzp - Target directory to contain the "new entry".
3482 * tnm - New entry name.
3483 * cr - credentials of caller.
3484 * flags - case flags
3486 * RETURN: 0 on success, error code on failure.
3489 * sdzp,tdzp - ctime|mtime updated
3493 zfs_rename(znode_t *sdzp, char *snm, znode_t *tdzp, char *tnm,
3494 cred_t *cr, int flags)
3497 zfsvfs_t *zfsvfs = ZTOZSB(sdzp);
3499 zfs_dirlock_t *sdl, *tdl;
3502 int cmp, serr, terr;
3505 boolean_t waited = B_FALSE;
3507 if (snm == NULL || tnm == NULL)
3508 return (SET_ERROR(EINVAL));
3511 ZFS_VERIFY_ZP(sdzp);
3512 zilog = zfsvfs->z_log;
3514 ZFS_VERIFY_ZP(tdzp);
3517 * We check i_sb because snapshots and the ctldir must have different
3520 if (ZTOI(tdzp)->i_sb != ZTOI(sdzp)->i_sb ||
3521 zfsctl_is_node(ZTOI(tdzp))) {
3523 return (SET_ERROR(EXDEV));
3526 if (zfsvfs->z_utf8 && u8_validate(tnm,
3527 strlen(tnm), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3529 return (SET_ERROR(EILSEQ));
3532 if (flags & FIGNORECASE)
3541 * This is to prevent the creation of links into attribute space
3542 * by renaming a linked file into/outof an attribute directory.
3543 * See the comment in zfs_link() for why this is considered bad.
3545 if ((tdzp->z_pflags & ZFS_XATTR) != (sdzp->z_pflags & ZFS_XATTR)) {
3547 return (SET_ERROR(EINVAL));
3551 * Lock source and target directory entries. To prevent deadlock,
3552 * a lock ordering must be defined. We lock the directory with
3553 * the smallest object id first, or if it's a tie, the one with
3554 * the lexically first name.
3556 if (sdzp->z_id < tdzp->z_id) {
3558 } else if (sdzp->z_id > tdzp->z_id) {
3562 * First compare the two name arguments without
3563 * considering any case folding.
3565 int nofold = (zfsvfs->z_norm & ~U8_TEXTPREP_TOUPPER);
3567 cmp = u8_strcmp(snm, tnm, 0, nofold, U8_UNICODE_LATEST, &error);
3568 ASSERT(error == 0 || !zfsvfs->z_utf8);
3571 * POSIX: "If the old argument and the new argument
3572 * both refer to links to the same existing file,
3573 * the rename() function shall return successfully
3574 * and perform no other action."
3580 * If the file system is case-folding, then we may
3581 * have some more checking to do. A case-folding file
3582 * system is either supporting mixed case sensitivity
3583 * access or is completely case-insensitive. Note
3584 * that the file system is always case preserving.
3586 * In mixed sensitivity mode case sensitive behavior
3587 * is the default. FIGNORECASE must be used to
3588 * explicitly request case insensitive behavior.
3590 * If the source and target names provided differ only
3591 * by case (e.g., a request to rename 'tim' to 'Tim'),
3592 * we will treat this as a special case in the
3593 * case-insensitive mode: as long as the source name
3594 * is an exact match, we will allow this to proceed as
3595 * a name-change request.
3597 if ((zfsvfs->z_case == ZFS_CASE_INSENSITIVE ||
3598 (zfsvfs->z_case == ZFS_CASE_MIXED &&
3599 flags & FIGNORECASE)) &&
3600 u8_strcmp(snm, tnm, 0, zfsvfs->z_norm, U8_UNICODE_LATEST,
3603 * case preserving rename request, require exact
3612 * If the source and destination directories are the same, we should
3613 * grab the z_name_lock of that directory only once.
3617 rw_enter(&sdzp->z_name_lock, RW_READER);
3621 serr = zfs_dirent_lock(&sdl, sdzp, snm, &szp,
3622 ZEXISTS | zflg, NULL, NULL);
3623 terr = zfs_dirent_lock(&tdl,
3624 tdzp, tnm, &tzp, ZRENAMING | zflg, NULL, NULL);
3626 terr = zfs_dirent_lock(&tdl,
3627 tdzp, tnm, &tzp, zflg, NULL, NULL);
3628 serr = zfs_dirent_lock(&sdl,
3629 sdzp, snm, &szp, ZEXISTS | ZRENAMING | zflg,
3635 * Source entry invalid or not there.
3638 zfs_dirent_unlock(tdl);
3644 rw_exit(&sdzp->z_name_lock);
3646 if (strcmp(snm, "..") == 0)
3652 zfs_dirent_unlock(sdl);
3656 rw_exit(&sdzp->z_name_lock);
3658 if (strcmp(tnm, "..") == 0)
3665 * If we are using project inheritance, means if the directory has
3666 * ZFS_PROJINHERIT set, then its descendant directories will inherit
3667 * not only the project ID, but also the ZFS_PROJINHERIT flag. Under
3668 * such case, we only allow renames into our tree when the project
3671 if (tdzp->z_pflags & ZFS_PROJINHERIT &&
3672 tdzp->z_projid != szp->z_projid) {
3673 error = SET_ERROR(EXDEV);
3678 * Must have write access at the source to remove the old entry
3679 * and write access at the target to create the new entry.
3680 * Note that if target and source are the same, this can be
3681 * done in a single check.
3684 if ((error = zfs_zaccess_rename(sdzp, szp, tdzp, tzp, cr)))
3687 if (S_ISDIR(ZTOI(szp)->i_mode)) {
3689 * Check to make sure rename is valid.
3690 * Can't do a move like this: /usr/a/b to /usr/a/b/c/d
3692 if ((error = zfs_rename_lock(szp, tdzp, sdzp, &zl)))
3697 * Does target exist?
3701 * Source and target must be the same type.
3703 if (S_ISDIR(ZTOI(szp)->i_mode)) {
3704 if (!S_ISDIR(ZTOI(tzp)->i_mode)) {
3705 error = SET_ERROR(ENOTDIR);
3709 if (S_ISDIR(ZTOI(tzp)->i_mode)) {
3710 error = SET_ERROR(EISDIR);
3715 * POSIX dictates that when the source and target
3716 * entries refer to the same file object, rename
3717 * must do nothing and exit without error.
3719 if (szp->z_id == tzp->z_id) {
3725 tx = dmu_tx_create(zfsvfs->z_os);
3726 dmu_tx_hold_sa(tx, szp->z_sa_hdl, B_FALSE);
3727 dmu_tx_hold_sa(tx, sdzp->z_sa_hdl, B_FALSE);
3728 dmu_tx_hold_zap(tx, sdzp->z_id, FALSE, snm);
3729 dmu_tx_hold_zap(tx, tdzp->z_id, TRUE, tnm);
3731 dmu_tx_hold_sa(tx, tdzp->z_sa_hdl, B_FALSE);
3732 zfs_sa_upgrade_txholds(tx, tdzp);
3735 dmu_tx_hold_sa(tx, tzp->z_sa_hdl, B_FALSE);
3736 zfs_sa_upgrade_txholds(tx, tzp);
3739 zfs_sa_upgrade_txholds(tx, szp);
3740 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
3741 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
3744 zfs_rename_unlock(&zl);
3745 zfs_dirent_unlock(sdl);
3746 zfs_dirent_unlock(tdl);
3749 rw_exit(&sdzp->z_name_lock);
3751 if (error == ERESTART) {
3768 if (tzp) /* Attempt to remove the existing target */
3769 error = zfs_link_destroy(tdl, tzp, tx, zflg, NULL);
3772 error = zfs_link_create(tdl, szp, tx, ZRENAMING);
3774 szp->z_pflags |= ZFS_AV_MODIFIED;
3775 if (tdzp->z_pflags & ZFS_PROJINHERIT)
3776 szp->z_pflags |= ZFS_PROJINHERIT;
3778 error = sa_update(szp->z_sa_hdl, SA_ZPL_FLAGS(zfsvfs),
3779 (void *)&szp->z_pflags, sizeof (uint64_t), tx);
3782 error = zfs_link_destroy(sdl, szp, tx, ZRENAMING, NULL);
3784 zfs_log_rename(zilog, tx, TX_RENAME |
3785 (flags & FIGNORECASE ? TX_CI : 0), sdzp,
3786 sdl->dl_name, tdzp, tdl->dl_name, szp);
3789 * At this point, we have successfully created
3790 * the target name, but have failed to remove
3791 * the source name. Since the create was done
3792 * with the ZRENAMING flag, there are
3793 * complications; for one, the link count is
3794 * wrong. The easiest way to deal with this
3795 * is to remove the newly created target, and
3796 * return the original error. This must
3797 * succeed; fortunately, it is very unlikely to
3798 * fail, since we just created it.
3800 VERIFY3U(zfs_link_destroy(tdl, szp, tx,
3801 ZRENAMING, NULL), ==, 0);
3805 * If we had removed the existing target, subsequent
3806 * call to zfs_link_create() to add back the same entry
3807 * but, the new dnode (szp) should not fail.
3809 ASSERT(tzp == NULL);
3816 zfs_rename_unlock(&zl);
3818 zfs_dirent_unlock(sdl);
3819 zfs_dirent_unlock(tdl);
3821 zfs_inode_update(sdzp);
3823 rw_exit(&sdzp->z_name_lock);
3826 zfs_inode_update(tdzp);
3828 zfs_inode_update(szp);
3831 zfs_inode_update(tzp);
3835 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3836 zil_commit(zilog, 0);
3843 * Insert the indicated symbolic reference entry into the directory.
3845 * IN: dzp - Directory to contain new symbolic link.
3846 * name - Name of directory entry in dip.
3847 * vap - Attributes of new entry.
3848 * link - Name for new symlink entry.
3849 * cr - credentials of caller.
3850 * flags - case flags
3852 * OUT: zpp - Znode for new symbolic link.
3854 * RETURN: 0 on success, error code on failure.
3857 * dip - ctime|mtime updated
3861 zfs_symlink(znode_t *dzp, char *name, vattr_t *vap, char *link,
3862 znode_t **zpp, cred_t *cr, int flags)
3867 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
3869 uint64_t len = strlen(link);
3872 zfs_acl_ids_t acl_ids;
3873 boolean_t fuid_dirtied;
3874 uint64_t txtype = TX_SYMLINK;
3875 boolean_t waited = B_FALSE;
3877 ASSERT(S_ISLNK(vap->va_mode));
3880 return (SET_ERROR(EINVAL));
3884 zilog = zfsvfs->z_log;
3886 if (zfsvfs->z_utf8 && u8_validate(name, strlen(name),
3887 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3889 return (SET_ERROR(EILSEQ));
3891 if (flags & FIGNORECASE)
3894 if (len > MAXPATHLEN) {
3896 return (SET_ERROR(ENAMETOOLONG));
3899 if ((error = zfs_acl_ids_create(dzp, 0,
3900 vap, cr, NULL, &acl_ids)) != 0) {
3908 * Attempt to lock directory; fail if entry already exists.
3910 error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg, NULL, NULL);
3912 zfs_acl_ids_free(&acl_ids);
3917 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
3918 zfs_acl_ids_free(&acl_ids);
3919 zfs_dirent_unlock(dl);
3924 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, ZFS_DEFAULT_PROJID)) {
3925 zfs_acl_ids_free(&acl_ids);
3926 zfs_dirent_unlock(dl);
3928 return (SET_ERROR(EDQUOT));
3930 tx = dmu_tx_create(zfsvfs->z_os);
3931 fuid_dirtied = zfsvfs->z_fuid_dirty;
3932 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0, MAX(1, len));
3933 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, name);
3934 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
3935 ZFS_SA_BASE_ATTR_SIZE + len);
3936 dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE);
3937 if (!zfsvfs->z_use_sa && acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
3938 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
3939 acl_ids.z_aclp->z_acl_bytes);
3942 zfs_fuid_txhold(zfsvfs, tx);
3943 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
3945 zfs_dirent_unlock(dl);
3946 if (error == ERESTART) {
3952 zfs_acl_ids_free(&acl_ids);
3959 * Create a new object for the symlink.
3960 * for version 4 ZPL datsets the symlink will be an SA attribute
3962 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
3965 zfs_fuid_sync(zfsvfs, tx);
3967 mutex_enter(&zp->z_lock);
3969 error = sa_update(zp->z_sa_hdl, SA_ZPL_SYMLINK(zfsvfs),
3972 zfs_sa_symlink(zp, link, len, tx);
3973 mutex_exit(&zp->z_lock);
3976 (void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs),
3977 &zp->z_size, sizeof (zp->z_size), tx);
3979 * Insert the new object into the directory.
3981 error = zfs_link_create(dl, zp, tx, ZNEW);
3983 zfs_znode_delete(zp, tx);
3984 remove_inode_hash(ZTOI(zp));
3986 if (flags & FIGNORECASE)
3988 zfs_log_symlink(zilog, tx, txtype, dzp, zp, name, link);
3990 zfs_inode_update(dzp);
3991 zfs_inode_update(zp);
3994 zfs_acl_ids_free(&acl_ids);
3998 zfs_dirent_unlock(dl);
4003 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
4004 zil_commit(zilog, 0);
4014 * Return, in the buffer contained in the provided uio structure,
4015 * the symbolic path referred to by ip.
4017 * IN: ip - inode of symbolic link
4018 * uio - structure to contain the link path.
4019 * cr - credentials of caller.
4021 * RETURN: 0 if success
4022 * error code if failure
4025 * ip - atime updated
4029 zfs_readlink(struct inode *ip, uio_t *uio, cred_t *cr)
4031 znode_t *zp = ITOZ(ip);
4032 zfsvfs_t *zfsvfs = ITOZSB(ip);
4038 mutex_enter(&zp->z_lock);
4040 error = sa_lookup_uio(zp->z_sa_hdl,
4041 SA_ZPL_SYMLINK(zfsvfs), uio);
4043 error = zfs_sa_readlink(zp, uio);
4044 mutex_exit(&zp->z_lock);
4051 * Insert a new entry into directory tdzp referencing szp.
4053 * IN: tdzp - Directory to contain new entry.
4054 * szp - znode of new entry.
4055 * name - name of new entry.
4056 * cr - credentials of caller.
4057 * flags - case flags.
4059 * RETURN: 0 if success
4060 * error code if failure
4063 * tdzp - ctime|mtime updated
4064 * szp - ctime updated
4068 zfs_link(znode_t *tdzp, znode_t *szp, char *name, cred_t *cr,
4071 struct inode *sip = ZTOI(szp);
4073 zfsvfs_t *zfsvfs = ZTOZSB(tdzp);
4081 boolean_t waited = B_FALSE;
4082 boolean_t is_tmpfile = 0;
4085 is_tmpfile = (sip->i_nlink == 0 && (sip->i_state & I_LINKABLE));
4087 ASSERT(S_ISDIR(ZTOI(tdzp)->i_mode));
4090 return (SET_ERROR(EINVAL));
4093 ZFS_VERIFY_ZP(tdzp);
4094 zilog = zfsvfs->z_log;
4097 * POSIX dictates that we return EPERM here.
4098 * Better choices include ENOTSUP or EISDIR.
4100 if (S_ISDIR(sip->i_mode)) {
4102 return (SET_ERROR(EPERM));
4108 * If we are using project inheritance, means if the directory has
4109 * ZFS_PROJINHERIT set, then its descendant directories will inherit
4110 * not only the project ID, but also the ZFS_PROJINHERIT flag. Under
4111 * such case, we only allow hard link creation in our tree when the
4112 * project IDs are the same.
4114 if (tdzp->z_pflags & ZFS_PROJINHERIT &&
4115 tdzp->z_projid != szp->z_projid) {
4117 return (SET_ERROR(EXDEV));
4121 * We check i_sb because snapshots and the ctldir must have different
4124 if (sip->i_sb != ZTOI(tdzp)->i_sb || zfsctl_is_node(sip)) {
4126 return (SET_ERROR(EXDEV));
4129 /* Prevent links to .zfs/shares files */
4131 if ((error = sa_lookup(szp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
4132 &parent, sizeof (uint64_t))) != 0) {
4136 if (parent == zfsvfs->z_shares_dir) {
4138 return (SET_ERROR(EPERM));
4141 if (zfsvfs->z_utf8 && u8_validate(name,
4142 strlen(name), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
4144 return (SET_ERROR(EILSEQ));
4146 if (flags & FIGNORECASE)
4150 * We do not support links between attributes and non-attributes
4151 * because of the potential security risk of creating links
4152 * into "normal" file space in order to circumvent restrictions
4153 * imposed in attribute space.
4155 if ((szp->z_pflags & ZFS_XATTR) != (tdzp->z_pflags & ZFS_XATTR)) {
4157 return (SET_ERROR(EINVAL));
4160 owner = zfs_fuid_map_id(zfsvfs, KUID_TO_SUID(sip->i_uid),
4162 if (owner != crgetuid(cr) && secpolicy_basic_link(cr) != 0) {
4164 return (SET_ERROR(EPERM));
4167 if ((error = zfs_zaccess(tdzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
4174 * Attempt to lock directory; fail if entry already exists.
4176 error = zfs_dirent_lock(&dl, tdzp, name, &tzp, zf, NULL, NULL);
4182 tx = dmu_tx_create(zfsvfs->z_os);
4183 dmu_tx_hold_sa(tx, szp->z_sa_hdl, B_FALSE);
4184 dmu_tx_hold_zap(tx, tdzp->z_id, TRUE, name);
4186 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
4188 zfs_sa_upgrade_txholds(tx, szp);
4189 zfs_sa_upgrade_txholds(tx, tdzp);
4190 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
4192 zfs_dirent_unlock(dl);
4193 if (error == ERESTART) {
4203 /* unmark z_unlinked so zfs_link_create will not reject */
4205 szp->z_unlinked = B_FALSE;
4206 error = zfs_link_create(dl, szp, tx, 0);
4209 uint64_t txtype = TX_LINK;
4211 * tmpfile is created to be in z_unlinkedobj, so remove it.
4212 * Also, we don't log in ZIL, because all previous file
4213 * operation on the tmpfile are ignored by ZIL. Instead we
4214 * always wait for txg to sync to make sure all previous
4215 * operation are sync safe.
4218 VERIFY(zap_remove_int(zfsvfs->z_os,
4219 zfsvfs->z_unlinkedobj, szp->z_id, tx) == 0);
4221 if (flags & FIGNORECASE)
4223 zfs_log_link(zilog, tx, txtype, tdzp, szp, name);
4225 } else if (is_tmpfile) {
4226 /* restore z_unlinked since when linking failed */
4227 szp->z_unlinked = B_TRUE;
4229 txg = dmu_tx_get_txg(tx);
4232 zfs_dirent_unlock(dl);
4234 if (!is_tmpfile && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
4235 zil_commit(zilog, 0);
4237 if (is_tmpfile && zfsvfs->z_os->os_sync != ZFS_SYNC_DISABLED)
4238 txg_wait_synced(dmu_objset_pool(zfsvfs->z_os), txg);
4240 zfs_inode_update(tdzp);
4241 zfs_inode_update(szp);
4247 zfs_putpage_commit_cb(void *arg)
4249 struct page *pp = arg;
4252 end_page_writeback(pp);
4256 * Push a page out to disk, once the page is on stable storage the
4257 * registered commit callback will be run as notification of completion.
4259 * IN: ip - page mapped for inode.
4260 * pp - page to push (page is locked)
4261 * wbc - writeback control data
4263 * RETURN: 0 if success
4264 * error code if failure
4267 * ip - ctime|mtime updated
4271 zfs_putpage(struct inode *ip, struct page *pp, struct writeback_control *wbc)
4273 znode_t *zp = ITOZ(ip);
4274 zfsvfs_t *zfsvfs = ITOZSB(ip);
4281 uint64_t mtime[2], ctime[2];
4282 sa_bulk_attr_t bulk[3];
4284 struct address_space *mapping;
4289 ASSERT(PageLocked(pp));
4291 pgoff = page_offset(pp); /* Page byte-offset in file */
4292 offset = i_size_read(ip); /* File length in bytes */
4293 pglen = MIN(PAGE_SIZE, /* Page length in bytes */
4294 P2ROUNDUP(offset, PAGE_SIZE)-pgoff);
4296 /* Page is beyond end of file */
4297 if (pgoff >= offset) {
4303 /* Truncate page length to end of file */
4304 if (pgoff + pglen > offset)
4305 pglen = offset - pgoff;
4309 * FIXME: Allow mmap writes past its quota. The correct fix
4310 * is to register a page_mkwrite() handler to count the page
4311 * against its quota when it is about to be dirtied.
4313 if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT,
4314 KUID_TO_SUID(ip->i_uid)) ||
4315 zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT,
4316 KGID_TO_SGID(ip->i_gid)) ||
4317 (zp->z_projid != ZFS_DEFAULT_PROJID &&
4318 zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT,
4325 * The ordering here is critical and must adhere to the following
4326 * rules in order to avoid deadlocking in either zfs_read() or
4327 * zfs_free_range() due to a lock inversion.
4329 * 1) The page must be unlocked prior to acquiring the range lock.
4330 * This is critical because zfs_read() calls find_lock_page()
4331 * which may block on the page lock while holding the range lock.
4333 * 2) Before setting or clearing write back on a page the range lock
4334 * must be held in order to prevent a lock inversion with the
4335 * zfs_free_range() function.
4337 * This presents a problem because upon entering this function the
4338 * page lock is already held. To safely acquire the range lock the
4339 * page lock must be dropped. This creates a window where another
4340 * process could truncate, invalidate, dirty, or write out the page.
4342 * Therefore, after successfully reacquiring the range and page locks
4343 * the current page state is checked. In the common case everything
4344 * will be as is expected and it can be written out. However, if
4345 * the page state has changed it must be handled accordingly.
4347 mapping = pp->mapping;
4348 redirty_page_for_writepage(wbc, pp);
4351 zfs_locked_range_t *lr = zfs_rangelock_enter(&zp->z_rangelock,
4352 pgoff, pglen, RL_WRITER);
4355 /* Page mapping changed or it was no longer dirty, we're done */
4356 if (unlikely((mapping != pp->mapping) || !PageDirty(pp))) {
4358 zfs_rangelock_exit(lr);
4363 /* Another process started write block if required */
4364 if (PageWriteback(pp)) {
4366 zfs_rangelock_exit(lr);
4368 if (wbc->sync_mode != WB_SYNC_NONE) {
4369 if (PageWriteback(pp))
4370 wait_on_page_bit(pp, PG_writeback);
4377 /* Clear the dirty flag the required locks are held */
4378 if (!clear_page_dirty_for_io(pp)) {
4380 zfs_rangelock_exit(lr);
4386 * Counterpart for redirty_page_for_writepage() above. This page
4387 * was in fact not skipped and should not be counted as if it were.
4389 wbc->pages_skipped--;
4390 set_page_writeback(pp);
4393 tx = dmu_tx_create(zfsvfs->z_os);
4394 dmu_tx_hold_write(tx, zp->z_id, pgoff, pglen);
4395 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
4396 zfs_sa_upgrade_txholds(tx, zp);
4398 err = dmu_tx_assign(tx, TXG_NOWAIT);
4400 if (err == ERESTART)
4404 __set_page_dirty_nobuffers(pp);
4406 end_page_writeback(pp);
4407 zfs_rangelock_exit(lr);
4413 ASSERT3U(pglen, <=, PAGE_SIZE);
4414 dmu_write(zfsvfs->z_os, zp->z_id, pgoff, pglen, va, tx);
4417 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
4418 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
4419 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_FLAGS(zfsvfs), NULL,
4422 /* Preserve the mtime and ctime provided by the inode */
4423 ZFS_TIME_ENCODE(&ip->i_mtime, mtime);
4424 ZFS_TIME_ENCODE(&ip->i_ctime, ctime);
4425 zp->z_atime_dirty = B_FALSE;
4428 err = sa_bulk_update(zp->z_sa_hdl, bulk, cnt, tx);
4430 zfs_log_write(zfsvfs->z_log, tx, TX_WRITE, zp, pgoff, pglen, 0,
4431 zfs_putpage_commit_cb, pp);
4434 zfs_rangelock_exit(lr);
4436 if (wbc->sync_mode != WB_SYNC_NONE) {
4438 * Note that this is rarely called under writepages(), because
4439 * writepages() normally handles the entire commit for
4440 * performance reasons.
4442 zil_commit(zfsvfs->z_log, zp->z_id);
4450 * Update the system attributes when the inode has been dirtied. For the
4451 * moment we only update the mode, atime, mtime, and ctime.
4454 zfs_dirty_inode(struct inode *ip, int flags)
4456 znode_t *zp = ITOZ(ip);
4457 zfsvfs_t *zfsvfs = ITOZSB(ip);
4459 uint64_t mode, atime[2], mtime[2], ctime[2];
4460 sa_bulk_attr_t bulk[4];
4464 if (zfs_is_readonly(zfsvfs) || dmu_objset_is_snapshot(zfsvfs->z_os))
4472 * This is the lazytime semantic introduced in Linux 4.0
4473 * This flag will only be called from update_time when lazytime is set.
4474 * (Note, I_DIRTY_SYNC will also set if not lazytime)
4475 * Fortunately mtime and ctime are managed within ZFS itself, so we
4476 * only need to dirty atime.
4478 if (flags == I_DIRTY_TIME) {
4479 zp->z_atime_dirty = B_TRUE;
4484 tx = dmu_tx_create(zfsvfs->z_os);
4486 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
4487 zfs_sa_upgrade_txholds(tx, zp);
4489 error = dmu_tx_assign(tx, TXG_WAIT);
4495 mutex_enter(&zp->z_lock);
4496 zp->z_atime_dirty = B_FALSE;
4498 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_MODE(zfsvfs), NULL, &mode, 8);
4499 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_ATIME(zfsvfs), NULL, &atime, 16);
4500 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
4501 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
4503 /* Preserve the mode, mtime and ctime provided by the inode */
4504 ZFS_TIME_ENCODE(&ip->i_atime, atime);
4505 ZFS_TIME_ENCODE(&ip->i_mtime, mtime);
4506 ZFS_TIME_ENCODE(&ip->i_ctime, ctime);
4511 error = sa_bulk_update(zp->z_sa_hdl, bulk, cnt, tx);
4512 mutex_exit(&zp->z_lock);
4522 zfs_inactive(struct inode *ip)
4524 znode_t *zp = ITOZ(ip);
4525 zfsvfs_t *zfsvfs = ITOZSB(ip);
4528 int need_unlock = 0;
4530 /* Only read lock if we haven't already write locked, e.g. rollback */
4531 if (!RW_WRITE_HELD(&zfsvfs->z_teardown_inactive_lock)) {
4533 rw_enter(&zfsvfs->z_teardown_inactive_lock, RW_READER);
4535 if (zp->z_sa_hdl == NULL) {
4537 rw_exit(&zfsvfs->z_teardown_inactive_lock);
4541 if (zp->z_atime_dirty && zp->z_unlinked == B_FALSE) {
4542 dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
4544 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
4545 zfs_sa_upgrade_txholds(tx, zp);
4546 error = dmu_tx_assign(tx, TXG_WAIT);
4550 ZFS_TIME_ENCODE(&ip->i_atime, atime);
4551 mutex_enter(&zp->z_lock);
4552 (void) sa_update(zp->z_sa_hdl, SA_ZPL_ATIME(zfsvfs),
4553 (void *)&atime, sizeof (atime), tx);
4554 zp->z_atime_dirty = B_FALSE;
4555 mutex_exit(&zp->z_lock);
4562 rw_exit(&zfsvfs->z_teardown_inactive_lock);
4566 * Fill pages with data from the disk.
4569 zfs_fillpage(struct inode *ip, struct page *pl[], int nr_pages)
4571 znode_t *zp = ITOZ(ip);
4572 zfsvfs_t *zfsvfs = ITOZSB(ip);
4574 struct page *cur_pp;
4575 u_offset_t io_off, total;
4582 io_len = nr_pages << PAGE_SHIFT;
4583 i_size = i_size_read(ip);
4584 io_off = page_offset(pl[0]);
4586 if (io_off + io_len > i_size)
4587 io_len = i_size - io_off;
4590 * Iterate over list of pages and read each page individually.
4593 for (total = io_off + io_len; io_off < total; io_off += PAGESIZE) {
4596 cur_pp = pl[page_idx++];
4598 err = dmu_read(os, zp->z_id, io_off, PAGESIZE, va,
4602 /* convert checksum errors into IO errors */
4604 err = SET_ERROR(EIO);
4613 * Uses zfs_fillpage to read data from the file and fill the pages.
4615 * IN: ip - inode of file to get data from.
4616 * pl - list of pages to read
4617 * nr_pages - number of pages to read
4619 * RETURN: 0 on success, error code on failure.
4622 * vp - atime updated
4626 zfs_getpage(struct inode *ip, struct page *pl[], int nr_pages)
4628 znode_t *zp = ITOZ(ip);
4629 zfsvfs_t *zfsvfs = ITOZSB(ip);
4638 err = zfs_fillpage(ip, pl, nr_pages);
4645 * Check ZFS specific permissions to memory map a section of a file.
4647 * IN: ip - inode of the file to mmap
4649 * addrp - start address in memory region
4650 * len - length of memory region
4651 * vm_flags- address flags
4653 * RETURN: 0 if success
4654 * error code if failure
4658 zfs_map(struct inode *ip, offset_t off, caddr_t *addrp, size_t len,
4659 unsigned long vm_flags)
4661 znode_t *zp = ITOZ(ip);
4662 zfsvfs_t *zfsvfs = ITOZSB(ip);
4667 if ((vm_flags & VM_WRITE) && (zp->z_pflags &
4668 (ZFS_IMMUTABLE | ZFS_READONLY | ZFS_APPENDONLY))) {
4670 return (SET_ERROR(EPERM));
4673 if ((vm_flags & (VM_READ | VM_EXEC)) &&
4674 (zp->z_pflags & ZFS_AV_QUARANTINED)) {
4676 return (SET_ERROR(EACCES));
4679 if (off < 0 || len > MAXOFFSET_T - off) {
4681 return (SET_ERROR(ENXIO));
4689 * Free or allocate space in a file. Currently, this function only
4690 * supports the `F_FREESP' command. However, this command is somewhat
4691 * misnamed, as its functionality includes the ability to allocate as
4692 * well as free space.
4694 * IN: zp - znode of file to free data in.
4695 * cmd - action to take (only F_FREESP supported).
4696 * bfp - section of file to free/alloc.
4697 * flag - current file open mode flags.
4698 * offset - current file offset.
4699 * cr - credentials of caller.
4701 * RETURN: 0 on success, error code on failure.
4704 * zp - ctime|mtime updated
4708 zfs_space(znode_t *zp, int cmd, flock64_t *bfp, int flag,
4709 offset_t offset, cred_t *cr)
4711 zfsvfs_t *zfsvfs = ZTOZSB(zp);
4718 if (cmd != F_FREESP) {
4720 return (SET_ERROR(EINVAL));
4724 * Callers might not be able to detect properly that we are read-only,
4725 * so check it explicitly here.
4727 if (zfs_is_readonly(zfsvfs)) {
4729 return (SET_ERROR(EROFS));
4732 if (bfp->l_len < 0) {
4734 return (SET_ERROR(EINVAL));
4738 * Permissions aren't checked on Solaris because on this OS
4739 * zfs_space() can only be called with an opened file handle.
4740 * On Linux we can get here through truncate_range() which
4741 * operates directly on inodes, so we need to check access rights.
4743 if ((error = zfs_zaccess(zp, ACE_WRITE_DATA, 0, B_FALSE, cr))) {
4749 len = bfp->l_len; /* 0 means from off to end of file */
4751 error = zfs_freesp(zp, off, len, flag, TRUE);
4759 zfs_fid(struct inode *ip, fid_t *fidp)
4761 znode_t *zp = ITOZ(ip);
4762 zfsvfs_t *zfsvfs = ITOZSB(ip);
4765 uint64_t object = zp->z_id;
4772 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(zfsvfs),
4773 &gen64, sizeof (uint64_t))) != 0) {
4778 gen = (uint32_t)gen64;
4780 size = SHORT_FID_LEN;
4782 zfid = (zfid_short_t *)fidp;
4784 zfid->zf_len = size;
4786 for (i = 0; i < sizeof (zfid->zf_object); i++)
4787 zfid->zf_object[i] = (uint8_t)(object >> (8 * i));
4789 /* Must have a non-zero generation number to distinguish from .zfs */
4792 for (i = 0; i < sizeof (zfid->zf_gen); i++)
4793 zfid->zf_gen[i] = (uint8_t)(gen >> (8 * i));
4801 zfs_getsecattr(struct inode *ip, vsecattr_t *vsecp, int flag, cred_t *cr)
4803 znode_t *zp = ITOZ(ip);
4804 zfsvfs_t *zfsvfs = ITOZSB(ip);
4806 boolean_t skipaclchk = (flag & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
4810 error = zfs_getacl(zp, vsecp, skipaclchk, cr);
4818 zfs_setsecattr(znode_t *zp, vsecattr_t *vsecp, int flag, cred_t *cr)
4820 zfsvfs_t *zfsvfs = ZTOZSB(zp);
4822 boolean_t skipaclchk = (flag & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
4823 zilog_t *zilog = zfsvfs->z_log;
4828 error = zfs_setacl(zp, vsecp, skipaclchk, cr);
4830 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
4831 zil_commit(zilog, 0);
4837 #ifdef HAVE_UIO_ZEROCOPY
4839 * The smallest read we may consider to loan out an arcbuf.
4840 * This must be a power of 2.
4842 int zcr_blksz_min = (1 << 10); /* 1K */
4844 * If set to less than the file block size, allow loaning out of an
4845 * arcbuf for a partial block read. This must be a power of 2.
4847 int zcr_blksz_max = (1 << 17); /* 128K */
4851 zfs_reqzcbuf(struct inode *ip, enum uio_rw ioflag, xuio_t *xuio, cred_t *cr)
4853 znode_t *zp = ITOZ(ip);
4854 zfsvfs_t *zfsvfs = ITOZSB(ip);
4855 int max_blksz = zfsvfs->z_max_blksz;
4856 uio_t *uio = &xuio->xu_uio;
4857 ssize_t size = uio->uio_resid;
4858 offset_t offset = uio->uio_loffset;
4863 int preamble, postamble;
4865 if (xuio->xu_type != UIOTYPE_ZEROCOPY)
4866 return (SET_ERROR(EINVAL));
4873 * Loan out an arc_buf for write if write size is bigger than
4874 * max_blksz, and the file's block size is also max_blksz.
4877 if (size < blksz || zp->z_blksz != blksz) {
4879 return (SET_ERROR(EINVAL));
4882 * Caller requests buffers for write before knowing where the
4883 * write offset might be (e.g. NFS TCP write).
4888 preamble = P2PHASE(offset, blksz);
4890 preamble = blksz - preamble;
4895 postamble = P2PHASE(size, blksz);
4898 fullblk = size / blksz;
4899 (void) dmu_xuio_init(xuio,
4900 (preamble != 0) + fullblk + (postamble != 0));
4903 * Have to fix iov base/len for partial buffers. They
4904 * currently represent full arc_buf's.
4907 /* data begins in the middle of the arc_buf */
4908 abuf = dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl),
4911 (void) dmu_xuio_add(xuio, abuf,
4912 blksz - preamble, preamble);
4915 for (i = 0; i < fullblk; i++) {
4916 abuf = dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl),
4919 (void) dmu_xuio_add(xuio, abuf, 0, blksz);
4923 /* data ends in the middle of the arc_buf */
4924 abuf = dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl),
4927 (void) dmu_xuio_add(xuio, abuf, 0, postamble);
4932 * Loan out an arc_buf for read if the read size is larger than
4933 * the current file block size. Block alignment is not
4934 * considered. Partial arc_buf will be loaned out for read.
4936 blksz = zp->z_blksz;
4937 if (blksz < zcr_blksz_min)
4938 blksz = zcr_blksz_min;
4939 if (blksz > zcr_blksz_max)
4940 blksz = zcr_blksz_max;
4941 /* avoid potential complexity of dealing with it */
4942 if (blksz > max_blksz) {
4944 return (SET_ERROR(EINVAL));
4947 maxsize = zp->z_size - uio->uio_loffset;
4953 return (SET_ERROR(EINVAL));
4958 return (SET_ERROR(EINVAL));
4961 uio->uio_extflg = UIO_XUIO;
4962 XUIO_XUZC_RW(xuio) = ioflag;
4969 zfs_retzcbuf(struct inode *ip, xuio_t *xuio, cred_t *cr)
4973 int ioflag = XUIO_XUZC_RW(xuio);
4975 ASSERT(xuio->xu_type == UIOTYPE_ZEROCOPY);
4977 i = dmu_xuio_cnt(xuio);
4979 abuf = dmu_xuio_arcbuf(xuio, i);
4981 * if abuf == NULL, it must be a write buffer
4982 * that has been returned in zfs_write().
4985 dmu_return_arcbuf(abuf);
4986 ASSERT(abuf || ioflag == UIO_WRITE);
4989 dmu_xuio_fini(xuio);
4992 #endif /* HAVE_UIO_ZEROCOPY */
4994 #if defined(_KERNEL)
4995 EXPORT_SYMBOL(zfs_open);
4996 EXPORT_SYMBOL(zfs_close);
4997 EXPORT_SYMBOL(zfs_read);
4998 EXPORT_SYMBOL(zfs_write);
4999 EXPORT_SYMBOL(zfs_access);
5000 EXPORT_SYMBOL(zfs_lookup);
5001 EXPORT_SYMBOL(zfs_create);
5002 EXPORT_SYMBOL(zfs_tmpfile);
5003 EXPORT_SYMBOL(zfs_remove);
5004 EXPORT_SYMBOL(zfs_mkdir);
5005 EXPORT_SYMBOL(zfs_rmdir);
5006 EXPORT_SYMBOL(zfs_readdir);
5007 EXPORT_SYMBOL(zfs_fsync);
5008 EXPORT_SYMBOL(zfs_getattr_fast);
5009 EXPORT_SYMBOL(zfs_setattr);
5010 EXPORT_SYMBOL(zfs_rename);
5011 EXPORT_SYMBOL(zfs_symlink);
5012 EXPORT_SYMBOL(zfs_readlink);
5013 EXPORT_SYMBOL(zfs_link);
5014 EXPORT_SYMBOL(zfs_inactive);
5015 EXPORT_SYMBOL(zfs_space);
5016 EXPORT_SYMBOL(zfs_fid);
5017 EXPORT_SYMBOL(zfs_getsecattr);
5018 EXPORT_SYMBOL(zfs_setsecattr);
5019 EXPORT_SYMBOL(zfs_getpage);
5020 EXPORT_SYMBOL(zfs_putpage);
5021 EXPORT_SYMBOL(zfs_dirty_inode);
5022 EXPORT_SYMBOL(zfs_map);
5025 module_param(zfs_delete_blocks, ulong, 0644);
5026 MODULE_PARM_DESC(zfs_delete_blocks, "Delete files larger than N blocks async");
5027 module_param(zfs_read_chunk_size, ulong, 0644);
5028 MODULE_PARM_DESC(zfs_read_chunk_size, "Bytes to read per chunk");
projects / FreeBSD / FreeBSD.git / blob