4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2011-2012 Pawel Jakub Dawidek <pawel@dawidek.net>.
25 * All rights reserved.
26 * Copyright 2013 Martin Matuska <mm@FreeBSD.org>. All rights reserved.
27 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
28 * Copyright (c) 2012 by Delphix. All rights reserved.
29 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
30 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
33 #include <sys/types.h>
34 #include <sys/param.h>
35 #include <sys/systm.h>
37 #include <sys/kernel.h>
39 #include <sys/malloc.h>
40 #include <sys/mutex.h>
42 #include <sys/errno.h>
48 #include <sys/cmn_err.h>
50 #include <sys/zfs_ioctl.h>
51 #include <sys/zfs_vfsops.h>
52 #include <sys/zfs_znode.h>
55 #include <sys/spa_impl.h>
58 #include <sys/dsl_dir.h>
59 #include <sys/dsl_dataset.h>
60 #include <sys/dsl_prop.h>
61 #include <sys/dsl_deleg.h>
62 #include <sys/dmu_objset.h>
63 #include <sys/dmu_impl.h>
64 #include <sys/sunddi.h>
65 #include <sys/policy.h>
67 #include <sys/nvpair.h>
68 #include <sys/mount.h>
69 #include <sys/taskqueue.h>
71 #include <sys/varargs.h>
72 #include <sys/fs/zfs.h>
73 #include <sys/zfs_ctldir.h>
74 #include <sys/zfs_dir.h>
75 #include <sys/zfs_onexit.h>
77 #include <sys/dsl_scan.h>
78 #include <sys/dmu_objset.h>
79 #include <sys/zfeature.h>
81 #include "zfs_namecheck.h"
83 #include "zfs_deleg.h"
84 #include "zfs_comutil.h"
85 #include "zfs_ioctl_compat.h"
87 CTASSERT(sizeof(zfs_cmd_t) < IOCPARM_MAX);
89 static int snapshot_list_prefetch;
90 SYSCTL_DECL(_vfs_zfs);
91 TUNABLE_INT("vfs.zfs.snapshot_list_prefetch", &snapshot_list_prefetch);
92 SYSCTL_INT(_vfs_zfs, OID_AUTO, snapshot_list_prefetch, CTLFLAG_RW,
93 &snapshot_list_prefetch, 0, "Prefetch data when listing snapshots");
95 static struct cdev *zfsdev;
97 extern void zfs_init(void);
98 extern void zfs_fini(void);
100 typedef int zfs_ioc_func_t(zfs_cmd_t *);
101 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, cred_t *);
107 } zfs_ioc_namecheck_t;
110 POOL_CHECK_NONE = 1 << 0,
111 POOL_CHECK_SUSPENDED = 1 << 1,
112 POOL_CHECK_READONLY = 1 << 2
113 } zfs_ioc_poolcheck_t;
115 typedef struct zfs_ioc_vec {
116 zfs_ioc_func_t *zvec_func;
117 zfs_secpolicy_func_t *zvec_secpolicy;
118 zfs_ioc_namecheck_t zvec_namecheck;
119 boolean_t zvec_his_log;
120 zfs_ioc_poolcheck_t zvec_pool_check;
123 /* This array is indexed by zfs_userquota_prop_t */
124 static const char *userquota_perms[] = {
125 ZFS_DELEG_PERM_USERUSED,
126 ZFS_DELEG_PERM_USERQUOTA,
127 ZFS_DELEG_PERM_GROUPUSED,
128 ZFS_DELEG_PERM_GROUPQUOTA,
131 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
132 static int zfs_check_settable(const char *name, nvpair_t *property,
134 static int zfs_check_clearable(char *dataset, nvlist_t *props,
136 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
138 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t **);
140 static void zfsdev_close(void *data);
142 static int zfs_prop_activate_feature(dsl_pool_t *dp, zfeature_info_t *feature);
143 static int zfs_prop_activate_feature_check(void *arg1, void *arg2,
145 static void zfs_prop_activate_feature_sync(void *arg1, void *arg2,
148 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
150 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
157 * Get rid of annoying "../common/" prefix to filename.
159 newfile = strrchr(file, '/');
160 if (newfile != NULL) {
161 newfile = newfile + 1; /* Get rid of leading / */
167 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
171 * To get this data, use the zfs-dprintf probe as so:
172 * dtrace -q -n 'zfs-dprintf \
173 * /stringof(arg0) == "dbuf.c"/ \
174 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
176 * arg1 = function name
180 DTRACE_PROBE4(zfs__dprintf,
181 char *, newfile, char *, func, int, line, char *, buf);
185 history_str_free(char *buf)
187 kmem_free(buf, HIS_MAX_RECORD_LEN);
191 history_str_get(zfs_cmd_t *zc)
195 if (zc->zc_history == 0)
198 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
199 if (copyinstr((void *)(uintptr_t)zc->zc_history,
200 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
201 history_str_free(buf);
205 buf[HIS_MAX_RECORD_LEN -1] = '\0';
211 * Check to see if the named dataset is currently defined as bootable
214 zfs_is_bootfs(const char *name)
218 if (dmu_objset_hold(name, FTAG, &os) == 0) {
220 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
221 dmu_objset_rele(os, FTAG);
228 * zfs_earlier_version
230 * Return non-zero if the spa version is less than requested version.
233 zfs_earlier_version(const char *name, int version)
237 if (spa_open(name, &spa, FTAG) == 0) {
238 if (spa_version(spa) < version) {
239 spa_close(spa, FTAG);
242 spa_close(spa, FTAG);
248 * zpl_earlier_version
250 * Return TRUE if the ZPL version is less than requested version.
253 zpl_earlier_version(const char *name, int version)
256 boolean_t rc = B_TRUE;
258 if (dmu_objset_hold(name, FTAG, &os) == 0) {
261 if (dmu_objset_type(os) != DMU_OST_ZFS) {
262 dmu_objset_rele(os, FTAG);
265 /* XXX reading from non-owned objset */
266 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
267 rc = zplversion < version;
268 dmu_objset_rele(os, FTAG);
274 zfs_log_history(zfs_cmd_t *zc)
279 if ((buf = history_str_get(zc)) == NULL)
282 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
283 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
284 (void) spa_history_log(spa, buf, LOG_CMD_NORMAL);
285 spa_close(spa, FTAG);
287 history_str_free(buf);
291 * Policy for top-level read operations (list pools). Requires no privileges,
292 * and can be used in the local zone, as there is no associated dataset.
296 zfs_secpolicy_none(zfs_cmd_t *zc, cred_t *cr)
302 * Policy for dataset read operations (list children, get statistics). Requires
303 * no privileges, but must be visible in the local zone.
307 zfs_secpolicy_read(zfs_cmd_t *zc, cred_t *cr)
309 if (INGLOBALZONE(curthread) ||
310 zone_dataset_visible(zc->zc_name, NULL))
317 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
322 * The dataset must be visible by this zone -- check this first
323 * so they don't see EPERM on something they shouldn't know about.
325 if (!INGLOBALZONE(curthread) &&
326 !zone_dataset_visible(dataset, &writable))
329 if (INGLOBALZONE(curthread)) {
331 * If the fs is zoned, only root can access it from the
334 if (secpolicy_zfs(cr) && zoned)
338 * If we are in a local zone, the 'zoned' property must be set.
343 /* must be writable by this zone */
351 zfs_dozonecheck(const char *dataset, cred_t *cr)
355 if (dsl_prop_get_integer(dataset, "jailed", &zoned, NULL))
358 return (zfs_dozonecheck_impl(dataset, zoned, cr));
362 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
366 rw_enter(&ds->ds_dir->dd_pool->dp_config_rwlock, RW_READER);
367 if (dsl_prop_get_ds(ds, "jailed", 8, 1, &zoned, NULL)) {
368 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
371 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
373 return (zfs_dozonecheck_impl(dataset, zoned, cr));
377 * If name ends in a '@', then require recursive permissions.
380 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
383 boolean_t descendent = B_FALSE;
387 at = strchr(name, '@');
388 if (at != NULL && at[1] == '\0') {
393 error = dsl_dataset_hold(name, FTAG, &ds);
399 error = zfs_dozonecheck_ds(name, ds, cr);
401 error = secpolicy_zfs(cr);
403 error = dsl_deleg_access_impl(ds, descendent, perm, cr);
406 dsl_dataset_rele(ds, FTAG);
411 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
412 const char *perm, cred_t *cr)
416 error = zfs_dozonecheck_ds(name, ds, cr);
418 error = secpolicy_zfs(cr);
420 error = dsl_deleg_access_impl(ds, B_FALSE, perm, cr);
427 * Policy for setting the security label property.
429 * Returns 0 for success, non-zero for access and other errors.
432 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
434 char ds_hexsl[MAXNAMELEN];
435 bslabel_t ds_sl, new_sl;
436 boolean_t new_default = FALSE;
438 int needed_priv = -1;
441 /* First get the existing dataset label. */
442 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
443 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
447 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
450 /* The label must be translatable */
451 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
455 * In a non-global zone, disallow attempts to set a label that
456 * doesn't match that of the zone; otherwise no other checks
459 if (!INGLOBALZONE(curproc)) {
460 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
466 * For global-zone datasets (i.e., those whose zoned property is
467 * "off", verify that the specified new label is valid for the
470 if (dsl_prop_get_integer(name,
471 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
474 if (zfs_check_global_label(name, strval) != 0)
479 * If the existing dataset label is nondefault, check if the
480 * dataset is mounted (label cannot be changed while mounted).
481 * Get the zfsvfs; if there isn't one, then the dataset isn't
482 * mounted (or isn't a dataset, doesn't exist, ...).
484 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
486 static char *setsl_tag = "setsl_tag";
489 * Try to own the dataset; abort if there is any error,
490 * (e.g., already mounted, in use, or other error).
492 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
497 dmu_objset_disown(os, setsl_tag);
500 needed_priv = PRIV_FILE_DOWNGRADE_SL;
504 if (hexstr_to_label(strval, &new_sl) != 0)
507 if (blstrictdom(&ds_sl, &new_sl))
508 needed_priv = PRIV_FILE_DOWNGRADE_SL;
509 else if (blstrictdom(&new_sl, &ds_sl))
510 needed_priv = PRIV_FILE_UPGRADE_SL;
512 /* dataset currently has a default label */
514 needed_priv = PRIV_FILE_UPGRADE_SL;
518 if (needed_priv != -1)
519 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
522 #endif /* SECLABEL */
525 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
531 * Check permissions for special properties.
536 * Disallow setting of 'zoned' from within a local zone.
538 if (!INGLOBALZONE(curthread))
543 if (!INGLOBALZONE(curthread)) {
545 char setpoint[MAXNAMELEN];
547 * Unprivileged users are allowed to modify the
548 * quota on things *under* (ie. contained by)
549 * the thing they own.
551 if (dsl_prop_get_integer(dsname, "jailed", &zoned,
554 if (!zoned || strlen(dsname) <= strlen(setpoint))
559 case ZFS_PROP_MLSLABEL:
561 if (!is_system_labeled())
564 if (nvpair_value_string(propval, &strval) == 0) {
567 err = zfs_set_slabel_policy(dsname, strval, CRED());
577 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
581 zfs_secpolicy_fsacl(zfs_cmd_t *zc, cred_t *cr)
585 error = zfs_dozonecheck(zc->zc_name, cr);
590 * permission to set permissions will be evaluated later in
591 * dsl_deleg_can_allow()
597 zfs_secpolicy_rollback(zfs_cmd_t *zc, cred_t *cr)
599 return (zfs_secpolicy_write_perms(zc->zc_name,
600 ZFS_DELEG_PERM_ROLLBACK, cr));
604 zfs_secpolicy_send(zfs_cmd_t *zc, cred_t *cr)
613 * Generate the current snapshot name from the given objsetid, then
614 * use that name for the secpolicy/zone checks.
616 cp = strchr(zc->zc_name, '@');
619 error = spa_open(zc->zc_name, &spa, FTAG);
623 dp = spa_get_dsl(spa);
624 rw_enter(&dp->dp_config_rwlock, RW_READER);
625 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
626 rw_exit(&dp->dp_config_rwlock);
627 spa_close(spa, FTAG);
631 dsl_dataset_name(ds, zc->zc_name);
633 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
634 ZFS_DELEG_PERM_SEND, cr);
635 dsl_dataset_rele(ds, FTAG);
641 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, cred_t *cr)
646 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
647 NO_FOLLOW, NULL, &vp)) != 0)
650 /* Now make sure mntpnt and dataset are ZFS */
652 if (strcmp(vp->v_vfsp->mnt_stat.f_fstypename, "zfs") != 0 ||
653 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
654 zc->zc_name) != 0)) {
660 return (dsl_deleg_access(zc->zc_name,
661 ZFS_DELEG_PERM_SHARE, cr));
665 zfs_secpolicy_share(zfs_cmd_t *zc, cred_t *cr)
667 if (!INGLOBALZONE(curthread))
670 if (secpolicy_nfs(cr) == 0) {
673 return (zfs_secpolicy_deleg_share(zc, cr));
678 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, cred_t *cr)
680 if (!INGLOBALZONE(curthread))
683 if (secpolicy_smb(cr) == 0) {
686 return (zfs_secpolicy_deleg_share(zc, cr));
691 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
696 * Remove the @bla or /bla from the end of the name to get the parent.
698 (void) strncpy(parent, datasetname, parentsize);
699 cp = strrchr(parent, '@');
703 cp = strrchr(parent, '/');
713 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
717 if ((error = zfs_secpolicy_write_perms(name,
718 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
721 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
725 zfs_secpolicy_destroy(zfs_cmd_t *zc, cred_t *cr)
727 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
731 * Destroying snapshots with delegated permissions requires
732 * descendent mount and destroy permissions.
735 zfs_secpolicy_destroy_recursive(zfs_cmd_t *zc, cred_t *cr)
740 dsname = kmem_asprintf("%s@", zc->zc_name);
742 error = zfs_secpolicy_destroy_perms(dsname, cr);
745 error = zfs_secpolicy_destroy_perms(zc->zc_name, cr);
752 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
754 char parentname[MAXNAMELEN];
757 if ((error = zfs_secpolicy_write_perms(from,
758 ZFS_DELEG_PERM_RENAME, cr)) != 0)
761 if ((error = zfs_secpolicy_write_perms(from,
762 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
765 if ((error = zfs_get_parent(to, parentname,
766 sizeof (parentname))) != 0)
769 if ((error = zfs_secpolicy_write_perms(parentname,
770 ZFS_DELEG_PERM_CREATE, cr)) != 0)
773 if ((error = zfs_secpolicy_write_perms(parentname,
774 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
781 zfs_secpolicy_rename(zfs_cmd_t *zc, cred_t *cr)
783 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
787 zfs_secpolicy_promote(zfs_cmd_t *zc, cred_t *cr)
789 char parentname[MAXNAMELEN];
793 error = zfs_secpolicy_write_perms(zc->zc_name,
794 ZFS_DELEG_PERM_PROMOTE, cr);
798 error = dmu_objset_hold(zc->zc_name, FTAG, &clone);
801 dsl_dataset_t *pclone = NULL;
803 dd = clone->os_dsl_dataset->ds_dir;
805 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER);
806 error = dsl_dataset_hold_obj(dd->dd_pool,
807 dd->dd_phys->dd_origin_obj, FTAG, &pclone);
808 rw_exit(&dd->dd_pool->dp_config_rwlock);
810 dmu_objset_rele(clone, FTAG);
814 error = zfs_secpolicy_write_perms(zc->zc_name,
815 ZFS_DELEG_PERM_MOUNT, cr);
817 dsl_dataset_name(pclone, parentname);
818 dmu_objset_rele(clone, FTAG);
819 dsl_dataset_rele(pclone, FTAG);
821 error = zfs_secpolicy_write_perms(parentname,
822 ZFS_DELEG_PERM_PROMOTE, cr);
828 zfs_secpolicy_receive(zfs_cmd_t *zc, cred_t *cr)
832 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
833 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
836 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
837 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
840 return (zfs_secpolicy_write_perms(zc->zc_name,
841 ZFS_DELEG_PERM_CREATE, cr));
845 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
847 return (zfs_secpolicy_write_perms(name,
848 ZFS_DELEG_PERM_SNAPSHOT, cr));
852 zfs_secpolicy_snapshot(zfs_cmd_t *zc, cred_t *cr)
855 return (zfs_secpolicy_snapshot_perms(zc->zc_name, cr));
859 zfs_secpolicy_create(zfs_cmd_t *zc, cred_t *cr)
861 char parentname[MAXNAMELEN];
864 if ((error = zfs_get_parent(zc->zc_name, parentname,
865 sizeof (parentname))) != 0)
868 if (zc->zc_value[0] != '\0') {
869 if ((error = zfs_secpolicy_write_perms(zc->zc_value,
870 ZFS_DELEG_PERM_CLONE, cr)) != 0)
874 if ((error = zfs_secpolicy_write_perms(parentname,
875 ZFS_DELEG_PERM_CREATE, cr)) != 0)
878 error = zfs_secpolicy_write_perms(parentname,
879 ZFS_DELEG_PERM_MOUNT, cr);
885 zfs_secpolicy_umount(zfs_cmd_t *zc, cred_t *cr)
889 error = secpolicy_fs_unmount(cr, NULL);
891 error = dsl_deleg_access(zc->zc_name, ZFS_DELEG_PERM_MOUNT, cr);
897 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
898 * SYS_CONFIG privilege, which is not available in a local zone.
902 zfs_secpolicy_config(zfs_cmd_t *zc, cred_t *cr)
904 if (secpolicy_sys_config(cr, B_FALSE) != 0)
911 * Policy for object to name lookups.
915 zfs_secpolicy_diff(zfs_cmd_t *zc, cred_t *cr)
919 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
922 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
927 * Policy for fault injection. Requires all privileges.
931 zfs_secpolicy_inject(zfs_cmd_t *zc, cred_t *cr)
933 return (secpolicy_zinject(cr));
937 zfs_secpolicy_inherit(zfs_cmd_t *zc, cred_t *cr)
939 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
941 if (prop == ZPROP_INVAL) {
942 if (!zfs_prop_user(zc->zc_value))
944 return (zfs_secpolicy_write_perms(zc->zc_name,
945 ZFS_DELEG_PERM_USERPROP, cr));
947 return (zfs_secpolicy_setprop(zc->zc_name, prop,
953 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, cred_t *cr)
955 int err = zfs_secpolicy_read(zc, cr);
959 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
962 if (zc->zc_value[0] == 0) {
964 * They are asking about a posix uid/gid. If it's
965 * themself, allow it.
967 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
968 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
969 if (zc->zc_guid == crgetuid(cr))
972 if (groupmember(zc->zc_guid, cr))
977 return (zfs_secpolicy_write_perms(zc->zc_name,
978 userquota_perms[zc->zc_objset_type], cr));
982 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, cred_t *cr)
984 int err = zfs_secpolicy_read(zc, cr);
988 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
991 return (zfs_secpolicy_write_perms(zc->zc_name,
992 userquota_perms[zc->zc_objset_type], cr));
996 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, cred_t *cr)
998 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1003 zfs_secpolicy_hold(zfs_cmd_t *zc, cred_t *cr)
1005 return (zfs_secpolicy_write_perms(zc->zc_name,
1006 ZFS_DELEG_PERM_HOLD, cr));
1010 zfs_secpolicy_release(zfs_cmd_t *zc, cred_t *cr)
1012 return (zfs_secpolicy_write_perms(zc->zc_name,
1013 ZFS_DELEG_PERM_RELEASE, cr));
1017 * Policy for allowing temporary snapshots to be taken or released
1020 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, cred_t *cr)
1023 * A temporary snapshot is the same as a snapshot,
1024 * hold, destroy and release all rolled into one.
1025 * Delegated diff alone is sufficient that we allow this.
1029 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1030 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1033 error = zfs_secpolicy_snapshot(zc, cr);
1035 error = zfs_secpolicy_hold(zc, cr);
1037 error = zfs_secpolicy_release(zc, cr);
1039 error = zfs_secpolicy_destroy(zc, cr);
1044 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1047 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1051 nvlist_t *list = NULL;
1054 * Read in and unpack the user-supplied nvlist.
1059 packed = kmem_alloc(size, KM_SLEEP);
1061 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1063 kmem_free(packed, size);
1067 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1068 kmem_free(packed, size);
1072 kmem_free(packed, size);
1079 fit_error_list(zfs_cmd_t *zc, nvlist_t **errors)
1083 VERIFY(nvlist_size(*errors, &size, NV_ENCODE_NATIVE) == 0);
1085 if (size > zc->zc_nvlist_dst_size) {
1086 nvpair_t *more_errors;
1089 if (zc->zc_nvlist_dst_size < 1024)
1092 VERIFY(nvlist_add_int32(*errors, ZPROP_N_MORE_ERRORS, 0) == 0);
1093 more_errors = nvlist_prev_nvpair(*errors, NULL);
1096 nvpair_t *pair = nvlist_prev_nvpair(*errors,
1098 VERIFY(nvlist_remove_nvpair(*errors, pair) == 0);
1100 VERIFY(nvlist_size(*errors, &size,
1101 NV_ENCODE_NATIVE) == 0);
1102 } while (size > zc->zc_nvlist_dst_size);
1104 VERIFY(nvlist_remove_nvpair(*errors, more_errors) == 0);
1105 VERIFY(nvlist_add_int32(*errors, ZPROP_N_MORE_ERRORS, n) == 0);
1106 ASSERT(nvlist_size(*errors, &size, NV_ENCODE_NATIVE) == 0);
1107 ASSERT(size <= zc->zc_nvlist_dst_size);
1114 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1116 char *packed = NULL;
1120 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0);
1122 if (size > zc->zc_nvlist_dst_size) {
1124 * Solaris returns ENOMEM here, because even if an error is
1125 * returned from an ioctl(2), new zc_nvlist_dst_size will be
1126 * passed to the userland. This is not the case for FreeBSD.
1127 * We need to return 0, so the kernel will copy the
1128 * zc_nvlist_dst_size back and the userland can discover that a
1129 * bigger buffer is needed.
1133 packed = kmem_alloc(size, KM_SLEEP);
1134 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE,
1136 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1137 size, zc->zc_iflags) != 0)
1139 kmem_free(packed, size);
1142 zc->zc_nvlist_dst_size = size;
1147 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1152 error = dmu_objset_hold(dsname, FTAG, &os);
1155 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1156 dmu_objset_rele(os, FTAG);
1160 mutex_enter(&os->os_user_ptr_lock);
1161 *zfvp = dmu_objset_get_user(os);
1163 VFS_HOLD((*zfvp)->z_vfs);
1167 mutex_exit(&os->os_user_ptr_lock);
1168 dmu_objset_rele(os, FTAG);
1173 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1174 * case its z_vfs will be NULL, and it will be opened as the owner.
1175 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1176 * which prevents all vnode ops from running.
1179 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1183 if (getzfsvfs(name, zfvp) != 0)
1184 error = zfsvfs_create(name, zfvp);
1186 rrw_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1188 if ((*zfvp)->z_unmounted) {
1190 * XXX we could probably try again, since the unmounting
1191 * thread should be just about to disassociate the
1192 * objset from the zfsvfs.
1194 rrw_exit(&(*zfvp)->z_teardown_lock, tag);
1202 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1204 rrw_exit(&zfsvfs->z_teardown_lock, tag);
1206 if (zfsvfs->z_vfs) {
1207 VFS_RELE(zfsvfs->z_vfs);
1209 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1210 zfsvfs_free(zfsvfs);
1215 zfs_ioc_pool_create(zfs_cmd_t *zc)
1218 nvlist_t *config, *props = NULL;
1219 nvlist_t *rootprops = NULL;
1220 nvlist_t *zplprops = NULL;
1223 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1224 zc->zc_iflags, &config))
1227 if (zc->zc_nvlist_src_size != 0 && (error =
1228 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1229 zc->zc_iflags, &props))) {
1230 nvlist_free(config);
1235 nvlist_t *nvl = NULL;
1236 uint64_t version = SPA_VERSION;
1238 (void) nvlist_lookup_uint64(props,
1239 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1240 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1242 goto pool_props_bad;
1244 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1246 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1248 nvlist_free(config);
1252 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1254 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1255 error = zfs_fill_zplprops_root(version, rootprops,
1258 goto pool_props_bad;
1261 buf = history_str_get(zc);
1263 error = spa_create(zc->zc_name, config, props, buf, zplprops);
1266 * Set the remaining root properties
1268 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1269 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1270 (void) spa_destroy(zc->zc_name);
1273 history_str_free(buf);
1276 nvlist_free(rootprops);
1277 nvlist_free(zplprops);
1278 nvlist_free(config);
1285 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1288 zfs_log_history(zc);
1289 error = spa_destroy(zc->zc_name);
1291 zvol_remove_minors(zc->zc_name);
1296 zfs_ioc_pool_import(zfs_cmd_t *zc)
1298 nvlist_t *config, *props = NULL;
1302 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1303 zc->zc_iflags, &config)) != 0)
1306 if (zc->zc_nvlist_src_size != 0 && (error =
1307 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1308 zc->zc_iflags, &props))) {
1309 nvlist_free(config);
1313 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1314 guid != zc->zc_guid)
1317 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1319 if (zc->zc_nvlist_dst != 0) {
1322 if ((err = put_nvlist(zc, config)) != 0)
1326 nvlist_free(config);
1335 zfs_ioc_pool_export(zfs_cmd_t *zc)
1338 boolean_t force = (boolean_t)zc->zc_cookie;
1339 boolean_t hardforce = (boolean_t)zc->zc_guid;
1341 zfs_log_history(zc);
1342 error = spa_export(zc->zc_name, NULL, force, hardforce);
1344 zvol_remove_minors(zc->zc_name);
1349 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1354 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1357 error = put_nvlist(zc, configs);
1359 nvlist_free(configs);
1366 * zc_name name of the pool
1369 * zc_cookie real errno
1370 * zc_nvlist_dst config nvlist
1371 * zc_nvlist_dst_size size of config nvlist
1374 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1380 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1381 sizeof (zc->zc_value));
1383 if (config != NULL) {
1384 ret = put_nvlist(zc, config);
1385 nvlist_free(config);
1388 * The config may be present even if 'error' is non-zero.
1389 * In this case we return success, and preserve the real errno
1392 zc->zc_cookie = error;
1401 * Try to import the given pool, returning pool stats as appropriate so that
1402 * user land knows which devices are available and overall pool health.
1405 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1407 nvlist_t *tryconfig, *config;
1410 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1411 zc->zc_iflags, &tryconfig)) != 0)
1414 config = spa_tryimport(tryconfig);
1416 nvlist_free(tryconfig);
1421 error = put_nvlist(zc, config);
1422 nvlist_free(config);
1429 * zc_name name of the pool
1430 * zc_cookie scan func (pool_scan_func_t)
1433 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1438 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1441 if (zc->zc_cookie == POOL_SCAN_NONE)
1442 error = spa_scan_stop(spa);
1444 error = spa_scan(spa, zc->zc_cookie);
1446 spa_close(spa, FTAG);
1452 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1457 error = spa_open(zc->zc_name, &spa, FTAG);
1460 spa_close(spa, FTAG);
1466 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1471 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1474 if (zc->zc_cookie < spa_version(spa) ||
1475 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1476 spa_close(spa, FTAG);
1480 spa_upgrade(spa, zc->zc_cookie);
1481 spa_close(spa, FTAG);
1487 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1494 if ((size = zc->zc_history_len) == 0)
1497 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1500 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1501 spa_close(spa, FTAG);
1505 hist_buf = kmem_alloc(size, KM_SLEEP);
1506 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1507 &zc->zc_history_len, hist_buf)) == 0) {
1508 error = ddi_copyout(hist_buf,
1509 (void *)(uintptr_t)zc->zc_history,
1510 zc->zc_history_len, zc->zc_iflags);
1513 spa_close(spa, FTAG);
1514 kmem_free(hist_buf, size);
1519 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1524 error = spa_open(zc->zc_name, &spa, FTAG);
1526 error = spa_change_guid(spa);
1527 spa_close(spa, FTAG);
1533 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1537 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value))
1545 * zc_name name of filesystem
1546 * zc_obj object to find
1549 * zc_value name of object
1552 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1557 /* XXX reading from objset not owned */
1558 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1560 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1561 dmu_objset_rele(os, FTAG);
1564 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1565 sizeof (zc->zc_value));
1566 dmu_objset_rele(os, FTAG);
1573 * zc_name name of filesystem
1574 * zc_obj object to find
1577 * zc_stat stats on object
1578 * zc_value path to object
1581 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1586 /* XXX reading from objset not owned */
1587 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1589 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1590 dmu_objset_rele(os, FTAG);
1593 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1594 sizeof (zc->zc_value));
1595 dmu_objset_rele(os, FTAG);
1601 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1605 nvlist_t *config, **l2cache, **spares;
1606 uint_t nl2cache = 0, nspares = 0;
1608 error = spa_open(zc->zc_name, &spa, FTAG);
1612 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1613 zc->zc_iflags, &config);
1614 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1615 &l2cache, &nl2cache);
1617 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1621 * A root pool with concatenated devices is not supported.
1622 * Thus, can not add a device to a root pool.
1624 * Intent log device can not be added to a rootpool because
1625 * during mountroot, zil is replayed, a seperated log device
1626 * can not be accessed during the mountroot time.
1628 * l2cache and spare devices are ok to be added to a rootpool.
1630 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1631 nvlist_free(config);
1632 spa_close(spa, FTAG);
1637 error = spa_vdev_add(spa, config);
1638 nvlist_free(config);
1640 spa_close(spa, FTAG);
1646 * zc_name name of the pool
1647 * zc_nvlist_conf nvlist of devices to remove
1648 * zc_cookie to stop the remove?
1651 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1656 error = spa_open(zc->zc_name, &spa, FTAG);
1659 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1660 spa_close(spa, FTAG);
1665 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1669 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1671 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1673 switch (zc->zc_cookie) {
1674 case VDEV_STATE_ONLINE:
1675 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1678 case VDEV_STATE_OFFLINE:
1679 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1682 case VDEV_STATE_FAULTED:
1683 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1684 zc->zc_obj != VDEV_AUX_EXTERNAL)
1685 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1687 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1690 case VDEV_STATE_DEGRADED:
1691 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1692 zc->zc_obj != VDEV_AUX_EXTERNAL)
1693 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1695 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1701 zc->zc_cookie = newstate;
1702 spa_close(spa, FTAG);
1707 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1710 int replacing = zc->zc_cookie;
1714 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1717 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1718 zc->zc_iflags, &config)) == 0) {
1719 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1720 nvlist_free(config);
1723 spa_close(spa, FTAG);
1728 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1733 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1736 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1738 spa_close(spa, FTAG);
1743 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1746 nvlist_t *config, *props = NULL;
1748 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1750 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1753 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1754 zc->zc_iflags, &config)) {
1755 spa_close(spa, FTAG);
1759 if (zc->zc_nvlist_src_size != 0 && (error =
1760 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1761 zc->zc_iflags, &props))) {
1762 spa_close(spa, FTAG);
1763 nvlist_free(config);
1767 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1769 spa_close(spa, FTAG);
1771 nvlist_free(config);
1778 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
1781 char *path = zc->zc_value;
1782 uint64_t guid = zc->zc_guid;
1785 error = spa_open(zc->zc_name, &spa, FTAG);
1789 error = spa_vdev_setpath(spa, guid, path);
1790 spa_close(spa, FTAG);
1795 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
1798 char *fru = zc->zc_value;
1799 uint64_t guid = zc->zc_guid;
1802 error = spa_open(zc->zc_name, &spa, FTAG);
1806 error = spa_vdev_setfru(spa, guid, fru);
1807 spa_close(spa, FTAG);
1812 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
1817 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1819 if (zc->zc_nvlist_dst != 0 &&
1820 (error = dsl_prop_get_all(os, &nv)) == 0) {
1821 dmu_objset_stats(os, nv);
1823 * NB: zvol_get_stats() will read the objset contents,
1824 * which we aren't supposed to do with a
1825 * DS_MODE_USER hold, because it could be
1826 * inconsistent. So this is a bit of a workaround...
1827 * XXX reading with out owning
1829 if (!zc->zc_objset_stats.dds_inconsistent &&
1830 dmu_objset_type(os) == DMU_OST_ZVOL) {
1831 error = zvol_get_stats(os, nv);
1836 error = put_nvlist(zc, nv);
1845 * zc_name name of filesystem
1846 * zc_nvlist_dst_size size of buffer for property nvlist
1849 * zc_objset_stats stats
1850 * zc_nvlist_dst property nvlist
1851 * zc_nvlist_dst_size size of property nvlist
1854 zfs_ioc_objset_stats(zfs_cmd_t *zc)
1856 objset_t *os = NULL;
1859 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
1862 error = zfs_ioc_objset_stats_impl(zc, os);
1864 dmu_objset_rele(os, FTAG);
1866 if (error == ENOMEM)
1873 * zc_name name of filesystem
1874 * zc_nvlist_dst_size size of buffer for property nvlist
1877 * zc_nvlist_dst received property nvlist
1878 * zc_nvlist_dst_size size of received property nvlist
1880 * Gets received properties (distinct from local properties on or after
1881 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
1882 * local property values.
1885 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
1887 objset_t *os = NULL;
1891 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
1895 * Without this check, we would return local property values if the
1896 * caller has not already received properties on or after
1897 * SPA_VERSION_RECVD_PROPS.
1899 if (!dsl_prop_get_hasrecvd(os)) {
1900 dmu_objset_rele(os, FTAG);
1904 if (zc->zc_nvlist_dst != 0 &&
1905 (error = dsl_prop_get_received(os, &nv)) == 0) {
1906 error = put_nvlist(zc, nv);
1910 dmu_objset_rele(os, FTAG);
1915 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
1921 * zfs_get_zplprop() will either find a value or give us
1922 * the default value (if there is one).
1924 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
1926 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
1932 * zc_name name of filesystem
1933 * zc_nvlist_dst_size size of buffer for zpl property nvlist
1936 * zc_nvlist_dst zpl property nvlist
1937 * zc_nvlist_dst_size size of zpl property nvlist
1940 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
1945 /* XXX reading without owning */
1946 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
1949 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1952 * NB: nvl_add_zplprop() will read the objset contents,
1953 * which we aren't supposed to do with a DS_MODE_USER
1954 * hold, because it could be inconsistent.
1956 if (zc->zc_nvlist_dst != 0 &&
1957 !zc->zc_objset_stats.dds_inconsistent &&
1958 dmu_objset_type(os) == DMU_OST_ZFS) {
1961 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1962 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
1963 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
1964 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
1965 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
1966 err = put_nvlist(zc, nv);
1971 dmu_objset_rele(os, FTAG);
1976 dataset_name_hidden(const char *name)
1979 * Skip over datasets that are not visible in this zone,
1980 * internal datasets (which have a $ in their name), and
1981 * temporary datasets (which have a % in their name).
1983 if (strchr(name, '$') != NULL)
1985 if (strchr(name, '%') != NULL)
1987 if (!INGLOBALZONE(curthread) && !zone_dataset_visible(name, NULL))
1994 * zc_name name of filesystem
1995 * zc_cookie zap cursor
1996 * zc_nvlist_dst_size size of buffer for property nvlist
1999 * zc_name name of next filesystem
2000 * zc_cookie zap cursor
2001 * zc_objset_stats stats
2002 * zc_nvlist_dst property nvlist
2003 * zc_nvlist_dst_size size of property nvlist
2006 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2011 size_t orig_len = strlen(zc->zc_name);
2014 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2015 if (error == ENOENT)
2020 p = strrchr(zc->zc_name, '/');
2021 if (p == NULL || p[1] != '\0')
2022 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2023 p = zc->zc_name + strlen(zc->zc_name);
2026 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0
2027 * but is not declared void because its called by dmu_objset_find().
2029 if (zc->zc_cookie == 0) {
2030 uint64_t cookie = 0;
2031 int len = sizeof (zc->zc_name) - (p - zc->zc_name);
2033 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0) {
2034 if (!dataset_name_hidden(zc->zc_name))
2035 (void) dmu_objset_prefetch(zc->zc_name, NULL);
2040 error = dmu_dir_list_next(os,
2041 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2042 NULL, &zc->zc_cookie);
2043 if (error == ENOENT)
2045 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2046 dmu_objset_rele(os, FTAG);
2049 * If it's an internal dataset (ie. with a '$' in its name),
2050 * don't try to get stats for it, otherwise we'll return ENOENT.
2052 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2053 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2054 if (error == ENOENT) {
2055 /* We lost a race with destroy, get the next one. */
2056 zc->zc_name[orig_len] = '\0';
2065 * zc_name name of filesystem
2066 * zc_cookie zap cursor
2067 * zc_nvlist_dst_size size of buffer for property nvlist
2068 * zc_simple when set, only name is requested
2071 * zc_name name of next snapshot
2072 * zc_objset_stats stats
2073 * zc_nvlist_dst property nvlist
2074 * zc_nvlist_dst_size size of property nvlist
2077 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2083 if (snapshot_list_prefetch && zc->zc_cookie == 0 && !zc->zc_simple)
2084 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch,
2085 NULL, DS_FIND_SNAPSHOTS);
2087 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2089 return (error == ENOENT ? ESRCH : error);
2092 * A dataset name of maximum length cannot have any snapshots,
2093 * so exit immediately.
2095 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2096 dmu_objset_rele(os, FTAG);
2100 error = dmu_snapshot_list_next(os,
2101 sizeof (zc->zc_name) - strlen(zc->zc_name),
2102 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2105 if (error == 0 && !zc->zc_simple) {
2107 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2110 * Since we probably don't have a hold on this snapshot,
2111 * it's possible that the objsetid could have been destroyed
2112 * and reused for a new objset. It's OK if this happens during
2113 * a zfs send operation, since the new createtxg will be
2114 * beyond the range we're interested in.
2116 rw_enter(&dp->dp_config_rwlock, RW_READER);
2117 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2118 rw_exit(&dp->dp_config_rwlock);
2120 if (error == ENOENT) {
2121 /* Racing with destroy, get the next one. */
2122 *strchr(zc->zc_name, '@') = '\0';
2123 dmu_objset_rele(os, FTAG);
2129 error = dmu_objset_from_ds(ds, &ossnap);
2131 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2132 dsl_dataset_rele(ds, FTAG);
2134 } else if (error == ENOENT) {
2138 dmu_objset_rele(os, FTAG);
2139 /* if we failed, undo the @ that we tacked on to zc_name */
2141 *strchr(zc->zc_name, '@') = '\0';
2146 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2148 const char *propname = nvpair_name(pair);
2150 unsigned int vallen;
2153 zfs_userquota_prop_t type;
2159 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2161 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2162 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2168 * A correctly constructed propname is encoded as
2169 * userquota@<rid>-<domain>.
2171 if ((dash = strchr(propname, '-')) == NULL ||
2172 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2181 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2183 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2184 zfsvfs_rele(zfsvfs, FTAG);
2191 * If the named property is one that has a special function to set its value,
2192 * return 0 on success and a positive error code on failure; otherwise if it is
2193 * not one of the special properties handled by this function, return -1.
2195 * XXX: It would be better for callers of the property interface if we handled
2196 * these special cases in dsl_prop.c (in the dsl layer).
2199 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2202 const char *propname = nvpair_name(pair);
2203 zfs_prop_t prop = zfs_name_to_prop(propname);
2207 if (prop == ZPROP_INVAL) {
2208 if (zfs_prop_userquota(propname))
2209 return (zfs_prop_set_userquota(dsname, pair));
2213 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2215 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2216 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2220 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2223 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2226 case ZFS_PROP_QUOTA:
2227 err = dsl_dir_set_quota(dsname, source, intval);
2229 case ZFS_PROP_REFQUOTA:
2230 err = dsl_dataset_set_quota(dsname, source, intval);
2232 case ZFS_PROP_RESERVATION:
2233 err = dsl_dir_set_reservation(dsname, source, intval);
2235 case ZFS_PROP_REFRESERVATION:
2236 err = dsl_dataset_set_reservation(dsname, source, intval);
2238 case ZFS_PROP_VOLSIZE:
2239 err = zvol_set_volsize(dsname, ddi_driver_major(zfs_dip),
2242 case ZFS_PROP_VERSION:
2246 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2249 err = zfs_set_version(zfsvfs, intval);
2250 zfsvfs_rele(zfsvfs, FTAG);
2252 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2255 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2256 (void) strcpy(zc->zc_name, dsname);
2257 (void) zfs_ioc_userspace_upgrade(zc);
2258 kmem_free(zc, sizeof (zfs_cmd_t));
2262 case ZFS_PROP_COMPRESSION:
2264 if (intval == ZIO_COMPRESS_LZ4) {
2265 zfeature_info_t *feature =
2266 &spa_feature_table[SPA_FEATURE_LZ4_COMPRESS];
2270 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
2273 dp = spa->spa_dsl_pool;
2276 * Setting the LZ4 compression algorithm activates
2279 if (!spa_feature_is_active(spa, feature)) {
2280 if ((err = zfs_prop_activate_feature(dp,
2282 spa_close(spa, FTAG);
2287 spa_close(spa, FTAG);
2290 * We still want the default set action to be performed in the
2291 * caller, we only performed zfeature settings here.
2305 * This function is best effort. If it fails to set any of the given properties,
2306 * it continues to set as many as it can and returns the first error
2307 * encountered. If the caller provides a non-NULL errlist, it also gives the
2308 * complete list of names of all the properties it failed to set along with the
2309 * corresponding error numbers. The caller is responsible for freeing the
2312 * If every property is set successfully, zero is returned and the list pointed
2313 * at by errlist is NULL.
2316 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2324 nvlist_t *genericnvl;
2328 VERIFY(nvlist_alloc(&genericnvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2329 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2330 VERIFY(nvlist_alloc(&retrynvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2334 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2335 const char *propname = nvpair_name(pair);
2336 zfs_prop_t prop = zfs_name_to_prop(propname);
2339 /* decode the property value */
2341 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2343 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2344 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2349 /* Validate value type */
2350 if (err == 0 && prop == ZPROP_INVAL) {
2351 if (zfs_prop_user(propname)) {
2352 if (nvpair_type(propval) != DATA_TYPE_STRING)
2354 } else if (zfs_prop_userquota(propname)) {
2355 if (nvpair_type(propval) !=
2356 DATA_TYPE_UINT64_ARRAY)
2361 } else if (err == 0) {
2362 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2363 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2365 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2368 VERIFY(nvpair_value_uint64(propval,
2371 switch (zfs_prop_get_type(prop)) {
2372 case PROP_TYPE_NUMBER:
2374 case PROP_TYPE_STRING:
2377 case PROP_TYPE_INDEX:
2378 if (zfs_prop_index_to_string(prop,
2379 intval, &unused) != 0)
2384 "unknown property type");
2391 /* Validate permissions */
2393 err = zfs_check_settable(dsname, pair, CRED());
2396 err = zfs_prop_set_special(dsname, source, pair);
2399 * For better performance we build up a list of
2400 * properties to set in a single transaction.
2402 err = nvlist_add_nvpair(genericnvl, pair);
2403 } else if (err != 0 && nvl != retrynvl) {
2405 * This may be a spurious error caused by
2406 * receiving quota and reservation out of order.
2407 * Try again in a second pass.
2409 err = nvlist_add_nvpair(retrynvl, pair);
2414 VERIFY(nvlist_add_int32(errors, propname, err) == 0);
2417 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2422 if (!nvlist_empty(genericnvl) &&
2423 dsl_props_set(dsname, source, genericnvl) != 0) {
2425 * If this fails, we still want to set as many properties as we
2426 * can, so try setting them individually.
2429 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2430 const char *propname = nvpair_name(pair);
2434 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2436 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2437 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2441 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2442 VERIFY(nvpair_value_string(propval,
2444 err = dsl_prop_set(dsname, propname, source, 1,
2445 strlen(strval) + 1, strval);
2447 VERIFY(nvpair_value_uint64(propval,
2449 err = dsl_prop_set(dsname, propname, source, 8,
2454 VERIFY(nvlist_add_int32(errors, propname,
2459 nvlist_free(genericnvl);
2460 nvlist_free(retrynvl);
2462 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
2463 nvlist_free(errors);
2466 VERIFY(nvpair_value_int32(pair, &rv) == 0);
2469 if (errlist == NULL)
2470 nvlist_free(errors);
2478 * Check that all the properties are valid user properties.
2481 zfs_check_userprops(char *fsname, nvlist_t *nvl)
2483 nvpair_t *pair = NULL;
2486 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2487 const char *propname = nvpair_name(pair);
2490 if (!zfs_prop_user(propname) ||
2491 nvpair_type(pair) != DATA_TYPE_STRING)
2494 if (error = zfs_secpolicy_write_perms(fsname,
2495 ZFS_DELEG_PERM_USERPROP, CRED()))
2498 if (strlen(propname) >= ZAP_MAXNAMELEN)
2499 return (ENAMETOOLONG);
2501 VERIFY(nvpair_value_string(pair, &valstr) == 0);
2502 if (strlen(valstr) >= ZAP_MAXVALUELEN)
2509 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2513 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2516 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2517 if (nvlist_exists(skipped, nvpair_name(pair)))
2520 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2525 clear_received_props(objset_t *os, const char *fs, nvlist_t *props,
2529 nvlist_t *cleared_props = NULL;
2530 props_skip(props, skipped, &cleared_props);
2531 if (!nvlist_empty(cleared_props)) {
2533 * Acts on local properties until the dataset has received
2534 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2536 zprop_source_t flags = (ZPROP_SRC_NONE |
2537 (dsl_prop_get_hasrecvd(os) ? ZPROP_SRC_RECEIVED : 0));
2538 err = zfs_set_prop_nvlist(fs, flags, cleared_props, NULL);
2540 nvlist_free(cleared_props);
2546 * zc_name name of filesystem
2547 * zc_value name of property to set
2548 * zc_nvlist_src{_size} nvlist of properties to apply
2549 * zc_cookie received properties flag
2552 * zc_nvlist_dst{_size} error for each unapplied received property
2555 zfs_ioc_set_prop(zfs_cmd_t *zc)
2558 boolean_t received = zc->zc_cookie;
2559 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2561 nvlist_t *errors = NULL;
2564 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2565 zc->zc_iflags, &nvl)) != 0)
2569 nvlist_t *origprops;
2572 if (dmu_objset_hold(zc->zc_name, FTAG, &os) == 0) {
2573 if (dsl_prop_get_received(os, &origprops) == 0) {
2574 (void) clear_received_props(os,
2575 zc->zc_name, origprops, nvl);
2576 nvlist_free(origprops);
2579 dsl_prop_set_hasrecvd(os);
2580 dmu_objset_rele(os, FTAG);
2584 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, &errors);
2586 if (zc->zc_nvlist_dst != 0 && errors != NULL) {
2587 (void) put_nvlist(zc, errors);
2590 nvlist_free(errors);
2597 * zc_name name of filesystem
2598 * zc_value name of property to inherit
2599 * zc_cookie revert to received value if TRUE
2604 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2606 const char *propname = zc->zc_value;
2607 zfs_prop_t prop = zfs_name_to_prop(propname);
2608 boolean_t received = zc->zc_cookie;
2609 zprop_source_t source = (received
2610 ? ZPROP_SRC_NONE /* revert to received value, if any */
2611 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2620 * zfs_prop_set_special() expects properties in the form of an
2621 * nvpair with type info.
2623 if (prop == ZPROP_INVAL) {
2624 if (!zfs_prop_user(propname))
2627 type = PROP_TYPE_STRING;
2628 } else if (prop == ZFS_PROP_VOLSIZE ||
2629 prop == ZFS_PROP_VERSION) {
2632 type = zfs_prop_get_type(prop);
2635 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2638 case PROP_TYPE_STRING:
2639 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2641 case PROP_TYPE_NUMBER:
2642 case PROP_TYPE_INDEX:
2643 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2650 pair = nvlist_next_nvpair(dummy, NULL);
2651 err = zfs_prop_set_special(zc->zc_name, source, pair);
2654 return (err); /* special property already handled */
2657 * Only check this in the non-received case. We want to allow
2658 * 'inherit -S' to revert non-inheritable properties like quota
2659 * and reservation to the received or default values even though
2660 * they are not considered inheritable.
2662 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2666 /* the property name has been validated by zfs_secpolicy_inherit() */
2667 return (dsl_prop_set(zc->zc_name, zc->zc_value, source, 0, 0, NULL));
2671 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2678 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2679 zc->zc_iflags, &props))
2683 * If the only property is the configfile, then just do a spa_lookup()
2684 * to handle the faulted case.
2686 pair = nvlist_next_nvpair(props, NULL);
2687 if (pair != NULL && strcmp(nvpair_name(pair),
2688 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2689 nvlist_next_nvpair(props, pair) == NULL) {
2690 mutex_enter(&spa_namespace_lock);
2691 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2692 spa_configfile_set(spa, props, B_FALSE);
2693 spa_config_sync(spa, B_FALSE, B_TRUE);
2695 mutex_exit(&spa_namespace_lock);
2702 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2707 error = spa_prop_set(spa, props);
2710 spa_close(spa, FTAG);
2716 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2720 nvlist_t *nvp = NULL;
2722 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2724 * If the pool is faulted, there may be properties we can still
2725 * get (such as altroot and cachefile), so attempt to get them
2728 mutex_enter(&spa_namespace_lock);
2729 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2730 error = spa_prop_get(spa, &nvp);
2731 mutex_exit(&spa_namespace_lock);
2733 error = spa_prop_get(spa, &nvp);
2734 spa_close(spa, FTAG);
2737 if (error == 0 && zc->zc_nvlist_dst != 0)
2738 error = put_nvlist(zc, nvp);
2748 * zc_name name of filesystem
2749 * zc_nvlist_src{_size} nvlist of delegated permissions
2750 * zc_perm_action allow/unallow flag
2755 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2758 nvlist_t *fsaclnv = NULL;
2760 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2761 zc->zc_iflags, &fsaclnv)) != 0)
2765 * Verify nvlist is constructed correctly
2767 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2768 nvlist_free(fsaclnv);
2773 * If we don't have PRIV_SYS_MOUNT, then validate
2774 * that user is allowed to hand out each permission in
2778 error = secpolicy_zfs(CRED());
2780 if (zc->zc_perm_action == B_FALSE) {
2781 error = dsl_deleg_can_allow(zc->zc_name,
2784 error = dsl_deleg_can_unallow(zc->zc_name,
2790 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2792 nvlist_free(fsaclnv);
2798 * zc_name name of filesystem
2801 * zc_nvlist_src{_size} nvlist of delegated permissions
2804 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2809 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2810 error = put_nvlist(zc, nvp);
2818 * Search the vfs list for a specified resource. Returns a pointer to it
2819 * or NULL if no suitable entry is found. The caller of this routine
2820 * is responsible for releasing the returned vfs pointer.
2823 zfs_get_vfs(const char *resource)
2827 mtx_lock(&mountlist_mtx);
2828 TAILQ_FOREACH(vfsp, &mountlist, mnt_list) {
2829 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2834 mtx_unlock(&mountlist_mtx);
2840 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2842 zfs_creat_t *zct = arg;
2844 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2847 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2851 * createprops list of properties requested by creator
2852 * default_zplver zpl version to use if unspecified in createprops
2853 * fuids_ok fuids allowed in this version of the spa?
2854 * os parent objset pointer (NULL if root fs)
2857 * zplprops values for the zplprops we attach to the master node object
2858 * is_ci true if requested file system will be purely case-insensitive
2860 * Determine the settings for utf8only, normalization and
2861 * casesensitivity. Specific values may have been requested by the
2862 * creator and/or we can inherit values from the parent dataset. If
2863 * the file system is of too early a vintage, a creator can not
2864 * request settings for these properties, even if the requested
2865 * setting is the default value. We don't actually want to create dsl
2866 * properties for these, so remove them from the source nvlist after
2870 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
2871 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
2872 nvlist_t *zplprops, boolean_t *is_ci)
2874 uint64_t sense = ZFS_PROP_UNDEFINED;
2875 uint64_t norm = ZFS_PROP_UNDEFINED;
2876 uint64_t u8 = ZFS_PROP_UNDEFINED;
2878 ASSERT(zplprops != NULL);
2881 * Pull out creator prop choices, if any.
2884 (void) nvlist_lookup_uint64(createprops,
2885 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
2886 (void) nvlist_lookup_uint64(createprops,
2887 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
2888 (void) nvlist_remove_all(createprops,
2889 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
2890 (void) nvlist_lookup_uint64(createprops,
2891 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
2892 (void) nvlist_remove_all(createprops,
2893 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
2894 (void) nvlist_lookup_uint64(createprops,
2895 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
2896 (void) nvlist_remove_all(createprops,
2897 zfs_prop_to_name(ZFS_PROP_CASE));
2901 * If the zpl version requested is whacky or the file system
2902 * or pool is version is too "young" to support normalization
2903 * and the creator tried to set a value for one of the props,
2906 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
2907 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
2908 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
2909 (zplver < ZPL_VERSION_NORMALIZATION &&
2910 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
2911 sense != ZFS_PROP_UNDEFINED)))
2915 * Put the version in the zplprops
2917 VERIFY(nvlist_add_uint64(zplprops,
2918 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
2920 if (norm == ZFS_PROP_UNDEFINED)
2921 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
2922 VERIFY(nvlist_add_uint64(zplprops,
2923 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
2926 * If we're normalizing, names must always be valid UTF-8 strings.
2930 if (u8 == ZFS_PROP_UNDEFINED)
2931 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
2932 VERIFY(nvlist_add_uint64(zplprops,
2933 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
2935 if (sense == ZFS_PROP_UNDEFINED)
2936 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
2937 VERIFY(nvlist_add_uint64(zplprops,
2938 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
2941 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
2947 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
2948 nvlist_t *zplprops, boolean_t *is_ci)
2950 boolean_t fuids_ok, sa_ok;
2951 uint64_t zplver = ZPL_VERSION;
2952 objset_t *os = NULL;
2953 char parentname[MAXNAMELEN];
2959 (void) strlcpy(parentname, dataset, sizeof (parentname));
2960 cp = strrchr(parentname, '/');
2964 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
2967 spa_vers = spa_version(spa);
2968 spa_close(spa, FTAG);
2970 zplver = zfs_zpl_version_map(spa_vers);
2971 fuids_ok = (zplver >= ZPL_VERSION_FUID);
2972 sa_ok = (zplver >= ZPL_VERSION_SA);
2975 * Open parent object set so we can inherit zplprop values.
2977 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
2980 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
2982 dmu_objset_rele(os, FTAG);
2987 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
2988 nvlist_t *zplprops, boolean_t *is_ci)
2992 uint64_t zplver = ZPL_VERSION;
2995 zplver = zfs_zpl_version_map(spa_vers);
2996 fuids_ok = (zplver >= ZPL_VERSION_FUID);
2997 sa_ok = (zplver >= ZPL_VERSION_SA);
2999 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3000 createprops, zplprops, is_ci);
3006 * zc_objset_type type of objset to create (fs vs zvol)
3007 * zc_name name of new objset
3008 * zc_value name of snapshot to clone from (may be empty)
3009 * zc_nvlist_src{_size} nvlist of properties to apply
3014 zfs_ioc_create(zfs_cmd_t *zc)
3019 nvlist_t *nvprops = NULL;
3020 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3021 dmu_objset_type_t type = zc->zc_objset_type;
3026 cbfunc = zfs_create_cb;
3030 cbfunc = zvol_create_cb;
3037 if (strchr(zc->zc_name, '@') ||
3038 strchr(zc->zc_name, '%'))
3041 if (zc->zc_nvlist_src != 0 &&
3042 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3043 zc->zc_iflags, &nvprops)) != 0)
3046 zct.zct_zplprops = NULL;
3047 zct.zct_props = nvprops;
3049 if (zc->zc_value[0] != '\0') {
3051 * We're creating a clone of an existing snapshot.
3053 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3054 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) {
3055 nvlist_free(nvprops);
3059 error = dmu_objset_hold(zc->zc_value, FTAG, &clone);
3061 nvlist_free(nvprops);
3065 error = dmu_objset_clone(zc->zc_name, dmu_objset_ds(clone), 0);
3066 dmu_objset_rele(clone, FTAG);
3068 nvlist_free(nvprops);
3072 boolean_t is_insensitive = B_FALSE;
3074 if (cbfunc == NULL) {
3075 nvlist_free(nvprops);
3079 if (type == DMU_OST_ZVOL) {
3080 uint64_t volsize, volblocksize;
3082 if (nvprops == NULL ||
3083 nvlist_lookup_uint64(nvprops,
3084 zfs_prop_to_name(ZFS_PROP_VOLSIZE),
3086 nvlist_free(nvprops);
3090 if ((error = nvlist_lookup_uint64(nvprops,
3091 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3092 &volblocksize)) != 0 && error != ENOENT) {
3093 nvlist_free(nvprops);
3098 volblocksize = zfs_prop_default_numeric(
3099 ZFS_PROP_VOLBLOCKSIZE);
3101 if ((error = zvol_check_volblocksize(
3102 volblocksize)) != 0 ||
3103 (error = zvol_check_volsize(volsize,
3104 volblocksize)) != 0) {
3105 nvlist_free(nvprops);
3108 } else if (type == DMU_OST_ZFS) {
3112 * We have to have normalization and
3113 * case-folding flags correct when we do the
3114 * file system creation, so go figure them out
3117 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3118 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3119 error = zfs_fill_zplprops(zc->zc_name, nvprops,
3120 zct.zct_zplprops, &is_insensitive);
3122 nvlist_free(nvprops);
3123 nvlist_free(zct.zct_zplprops);
3127 error = dmu_objset_create(zc->zc_name, type,
3128 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3129 nvlist_free(zct.zct_zplprops);
3133 * It would be nice to do this atomically.
3136 error = zfs_set_prop_nvlist(zc->zc_name, ZPROP_SRC_LOCAL,
3139 (void) dmu_objset_destroy(zc->zc_name, B_FALSE);
3141 nvlist_free(nvprops);
3143 if (error == 0 && type == DMU_OST_ZVOL)
3144 zvol_create_minors(zc->zc_name);
3151 * zc_name name of filesystem
3152 * zc_value short name of snapshot
3153 * zc_cookie recursive flag
3154 * zc_nvlist_src[_size] property list
3157 * zc_value short snapname (i.e. part after the '@')
3160 zfs_ioc_snapshot(zfs_cmd_t *zc)
3162 nvlist_t *nvprops = NULL;
3164 boolean_t recursive = zc->zc_cookie;
3166 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
3169 if (zc->zc_nvlist_src != 0 &&
3170 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3171 zc->zc_iflags, &nvprops)) != 0)
3174 error = zfs_check_userprops(zc->zc_name, nvprops);
3178 if (!nvlist_empty(nvprops) &&
3179 zfs_earlier_version(zc->zc_name, SPA_VERSION_SNAP_PROPS)) {
3184 error = dmu_objset_snapshot(zc->zc_name, zc->zc_value, NULL,
3185 nvprops, recursive, B_FALSE, -1);
3188 nvlist_free(nvprops);
3193 zfs_unmount_snap(const char *name, void *arg)
3198 char *snapname = arg;
3199 char *fullname = kmem_asprintf("%s@%s", name, snapname);
3200 vfsp = zfs_get_vfs(fullname);
3202 } else if (strchr(name, '@')) {
3203 vfsp = zfs_get_vfs(name);
3208 * Always force the unmount for snapshots.
3210 int flag = MS_FORCE;
3213 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) {
3218 mtx_lock(&Giant); /* dounmount() */
3219 dounmount(vfsp, flag, curthread);
3220 mtx_unlock(&Giant); /* dounmount() */
3227 * zc_name name of filesystem, snaps must be under it
3228 * zc_nvlist_src[_size] full names of snapshots to destroy
3229 * zc_defer_destroy mark for deferred destroy
3232 * zc_name on failure, name of failed snapshot
3235 zfs_ioc_destroy_snaps_nvl(zfs_cmd_t *zc)
3241 if ((err = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3242 zc->zc_iflags, &nvl)) != 0) {
3247 * We are probably called by older binaries,
3248 * allocate and populate nvlist with recursive snapshots
3250 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
3252 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3253 err = dmu_get_recursive_snaps_nvl(zc->zc_name,
3259 #endif /* __FreeBSD__ */
3262 len = strlen(zc->zc_name);
3263 for (pair = nvlist_next_nvpair(nvl, NULL); pair != NULL;
3264 pair = nvlist_next_nvpair(nvl, pair)) {
3265 const char *name = nvpair_name(pair);
3267 * The snap name must be underneath the zc_name. This ensures
3268 * that our permission checks were legitimate.
3270 if (strncmp(zc->zc_name, name, len) != 0 ||
3271 (name[len] != '@' && name[len] != '/')) {
3276 (void) zfs_unmount_snap(name, NULL);
3277 (void) zvol_remove_minor(name);
3280 err = dmu_snapshots_destroy_nvl(nvl, zc->zc_defer_destroy,
3288 * zc_name name of dataset to destroy
3289 * zc_objset_type type of objset
3290 * zc_defer_destroy mark for deferred destroy
3295 zfs_ioc_destroy(zfs_cmd_t *zc)
3298 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) {
3299 err = zfs_unmount_snap(zc->zc_name, NULL);
3304 err = dmu_objset_destroy(zc->zc_name, zc->zc_defer_destroy);
3305 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3306 (void) zvol_remove_minor(zc->zc_name);
3312 * zc_name name of dataset to rollback (to most recent snapshot)
3317 zfs_ioc_rollback(zfs_cmd_t *zc)
3319 dsl_dataset_t *ds, *clone;
3324 error = dsl_dataset_hold(zc->zc_name, FTAG, &ds);
3328 /* must not be a snapshot */
3329 if (dsl_dataset_is_snapshot(ds)) {
3330 dsl_dataset_rele(ds, FTAG);
3334 /* must have a most recent snapshot */
3335 if (ds->ds_phys->ds_prev_snap_txg < TXG_INITIAL) {
3336 dsl_dataset_rele(ds, FTAG);
3341 * Create clone of most recent snapshot.
3343 clone_name = kmem_asprintf("%s/%%rollback", zc->zc_name);
3344 error = dmu_objset_clone(clone_name, ds->ds_prev, DS_FLAG_INCONSISTENT);
3348 error = dsl_dataset_own(clone_name, B_TRUE, FTAG, &clone);
3355 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
3356 error = zfs_suspend_fs(zfsvfs);
3360 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3361 error = dsl_dataset_clone_swap(clone, ds,
3363 dsl_dataset_disown(ds, FTAG);
3368 resume_err = zfs_resume_fs(zfsvfs, zc->zc_name);
3369 error = error ? error : resume_err;
3371 VFS_RELE(zfsvfs->z_vfs);
3373 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3374 error = dsl_dataset_clone_swap(clone, ds, B_TRUE);
3375 dsl_dataset_disown(ds, FTAG);
3383 * Destroy clone (which also closes it).
3385 (void) dsl_dataset_destroy(clone, FTAG, B_FALSE);
3388 strfree(clone_name);
3390 dsl_dataset_rele(ds, FTAG);
3396 * zc_name old name of dataset
3397 * zc_value new name of dataset
3398 * zc_cookie recursive flag (only valid for snapshots)
3403 zfs_ioc_rename(zfs_cmd_t *zc)
3407 if (zc->zc_cookie & 1)
3408 flags |= ZFS_RENAME_RECURSIVE;
3409 if (zc->zc_cookie & 2)
3410 flags |= ZFS_RENAME_ALLOW_MOUNTED;
3412 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3413 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3414 strchr(zc->zc_value, '%'))
3418 * Unmount snapshot unless we're doing a recursive rename,
3419 * in which case the dataset code figures out which snapshots
3422 if (!(flags & ZFS_RENAME_RECURSIVE) &&
3423 strchr(zc->zc_name, '@') != NULL &&
3424 zc->zc_objset_type == DMU_OST_ZFS) {
3425 int err = zfs_unmount_snap(zc->zc_name, NULL);
3429 return (dmu_objset_rename(zc->zc_name, zc->zc_value, flags));
3433 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3435 const char *propname = nvpair_name(pair);
3436 boolean_t issnap = (strchr(dsname, '@') != NULL);
3437 zfs_prop_t prop = zfs_name_to_prop(propname);
3441 if (prop == ZPROP_INVAL) {
3442 if (zfs_prop_user(propname)) {
3443 if (err = zfs_secpolicy_write_perms(dsname,
3444 ZFS_DELEG_PERM_USERPROP, cr))
3449 if (!issnap && zfs_prop_userquota(propname)) {
3450 const char *perm = NULL;
3451 const char *uq_prefix =
3452 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3453 const char *gq_prefix =
3454 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3456 if (strncmp(propname, uq_prefix,
3457 strlen(uq_prefix)) == 0) {
3458 perm = ZFS_DELEG_PERM_USERQUOTA;
3459 } else if (strncmp(propname, gq_prefix,
3460 strlen(gq_prefix)) == 0) {
3461 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3463 /* USERUSED and GROUPUSED are read-only */
3467 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3478 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3480 * dsl_prop_get_all_impl() returns properties in this
3484 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3485 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3490 * Check that this value is valid for this pool version
3493 case ZFS_PROP_COMPRESSION:
3495 * If the user specified gzip compression, make sure
3496 * the SPA supports it. We ignore any errors here since
3497 * we'll catch them later.
3499 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3500 nvpair_value_uint64(pair, &intval) == 0) {
3501 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3502 intval <= ZIO_COMPRESS_GZIP_9 &&
3503 zfs_earlier_version(dsname,
3504 SPA_VERSION_GZIP_COMPRESSION)) {
3508 if (intval == ZIO_COMPRESS_ZLE &&
3509 zfs_earlier_version(dsname,
3510 SPA_VERSION_ZLE_COMPRESSION))
3513 if (intval == ZIO_COMPRESS_LZ4) {
3514 zfeature_info_t *feature =
3516 SPA_FEATURE_LZ4_COMPRESS];
3519 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3522 if (!spa_feature_is_enabled(spa, feature)) {
3523 spa_close(spa, FTAG);
3526 spa_close(spa, FTAG);
3530 * If this is a bootable dataset then
3531 * verify that the compression algorithm
3532 * is supported for booting. We must return
3533 * something other than ENOTSUP since it
3534 * implies a downrev pool version.
3536 if (zfs_is_bootfs(dsname) &&
3537 !BOOTFS_COMPRESS_VALID(intval)) {
3543 case ZFS_PROP_COPIES:
3544 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3548 case ZFS_PROP_DEDUP:
3549 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3553 case ZFS_PROP_SHARESMB:
3554 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3558 case ZFS_PROP_ACLINHERIT:
3559 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3560 nvpair_value_uint64(pair, &intval) == 0) {
3561 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3562 zfs_earlier_version(dsname,
3563 SPA_VERSION_PASSTHROUGH_X))
3569 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3573 * Activates a feature on a pool in response to a property setting. This
3574 * creates a new sync task which modifies the pool to reflect the feature
3578 zfs_prop_activate_feature(dsl_pool_t *dp, zfeature_info_t *feature)
3582 /* EBUSY here indicates that the feature is already active */
3583 err = dsl_sync_task_do(dp, zfs_prop_activate_feature_check,
3584 zfs_prop_activate_feature_sync, dp->dp_spa, feature, 2);
3586 if (err != 0 && err != EBUSY)
3593 * Checks for a race condition to make sure we don't increment a feature flag
3598 zfs_prop_activate_feature_check(void *arg1, void *arg2, dmu_tx_t *tx)
3601 zfeature_info_t *feature = arg2;
3603 if (!spa_feature_is_active(spa, feature))
3610 * The callback invoked on feature activation in the sync task caused by
3611 * zfs_prop_activate_feature.
3614 zfs_prop_activate_feature_sync(void *arg1, void *arg2, dmu_tx_t *tx)
3617 zfeature_info_t *feature = arg2;
3619 spa_feature_incr(spa, feature, tx);
3623 * Removes properties from the given props list that fail permission checks
3624 * needed to clear them and to restore them in case of a receive error. For each
3625 * property, make sure we have both set and inherit permissions.
3627 * Returns the first error encountered if any permission checks fail. If the
3628 * caller provides a non-NULL errlist, it also gives the complete list of names
3629 * of all the properties that failed a permission check along with the
3630 * corresponding error numbers. The caller is responsible for freeing the
3633 * If every property checks out successfully, zero is returned and the list
3634 * pointed at by errlist is NULL.
3637 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3640 nvpair_t *pair, *next_pair;
3647 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3649 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3650 (void) strcpy(zc->zc_name, dataset);
3651 pair = nvlist_next_nvpair(props, NULL);
3652 while (pair != NULL) {
3653 next_pair = nvlist_next_nvpair(props, pair);
3655 (void) strcpy(zc->zc_value, nvpair_name(pair));
3656 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3657 (err = zfs_secpolicy_inherit(zc, CRED())) != 0) {
3658 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3659 VERIFY(nvlist_add_int32(errors,
3660 zc->zc_value, err) == 0);
3664 kmem_free(zc, sizeof (zfs_cmd_t));
3666 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3667 nvlist_free(errors);
3670 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3673 if (errlist == NULL)
3674 nvlist_free(errors);
3682 propval_equals(nvpair_t *p1, nvpair_t *p2)
3684 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3685 /* dsl_prop_get_all_impl() format */
3687 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3688 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3692 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
3694 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
3695 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3699 if (nvpair_type(p1) != nvpair_type(p2))
3702 if (nvpair_type(p1) == DATA_TYPE_STRING) {
3703 char *valstr1, *valstr2;
3705 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
3706 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
3707 return (strcmp(valstr1, valstr2) == 0);
3709 uint64_t intval1, intval2;
3711 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
3712 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
3713 return (intval1 == intval2);
3718 * Remove properties from props if they are not going to change (as determined
3719 * by comparison with origprops). Remove them from origprops as well, since we
3720 * do not need to clear or restore properties that won't change.
3723 props_reduce(nvlist_t *props, nvlist_t *origprops)
3725 nvpair_t *pair, *next_pair;
3727 if (origprops == NULL)
3728 return; /* all props need to be received */
3730 pair = nvlist_next_nvpair(props, NULL);
3731 while (pair != NULL) {
3732 const char *propname = nvpair_name(pair);
3735 next_pair = nvlist_next_nvpair(props, pair);
3737 if ((nvlist_lookup_nvpair(origprops, propname,
3738 &match) != 0) || !propval_equals(pair, match))
3739 goto next; /* need to set received value */
3741 /* don't clear the existing received value */
3742 (void) nvlist_remove_nvpair(origprops, match);
3743 /* don't bother receiving the property */
3744 (void) nvlist_remove_nvpair(props, pair);
3751 static boolean_t zfs_ioc_recv_inject_err;
3756 * zc_name name of containing filesystem
3757 * zc_nvlist_src{_size} nvlist of properties to apply
3758 * zc_value name of snapshot to create
3759 * zc_string name of clone origin (if DRR_FLAG_CLONE)
3760 * zc_cookie file descriptor to recv from
3761 * zc_begin_record the BEGIN record of the stream (not byteswapped)
3762 * zc_guid force flag
3763 * zc_cleanup_fd cleanup-on-exit file descriptor
3764 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
3767 * zc_cookie number of bytes read
3768 * zc_nvlist_dst{_size} error for each unapplied received property
3769 * zc_obj zprop_errflags_t
3770 * zc_action_handle handle for this guid/ds mapping
3773 zfs_ioc_recv(zfs_cmd_t *zc)
3777 dmu_recv_cookie_t drc;
3778 boolean_t force = (boolean_t)zc->zc_guid;
3781 int props_error = 0;
3784 nvlist_t *props = NULL; /* sent properties */
3785 nvlist_t *origprops = NULL; /* existing properties */
3786 objset_t *origin = NULL;
3788 char tofs[ZFS_MAXNAMELEN];
3789 boolean_t first_recvd_props = B_FALSE;
3791 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3792 strchr(zc->zc_value, '@') == NULL ||
3793 strchr(zc->zc_value, '%'))
3796 (void) strcpy(tofs, zc->zc_value);
3797 tosnap = strchr(tofs, '@');
3800 if (zc->zc_nvlist_src != 0 &&
3801 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3802 zc->zc_iflags, &props)) != 0)
3812 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3814 if (props && dmu_objset_hold(tofs, FTAG, &os) == 0) {
3815 if ((spa_version(os->os_spa) >= SPA_VERSION_RECVD_PROPS) &&
3816 !dsl_prop_get_hasrecvd(os)) {
3817 first_recvd_props = B_TRUE;
3821 * If new received properties are supplied, they are to
3822 * completely replace the existing received properties, so stash
3823 * away the existing ones.
3825 if (dsl_prop_get_received(os, &origprops) == 0) {
3826 nvlist_t *errlist = NULL;
3828 * Don't bother writing a property if its value won't
3829 * change (and avoid the unnecessary security checks).
3831 * The first receive after SPA_VERSION_RECVD_PROPS is a
3832 * special case where we blow away all local properties
3835 if (!first_recvd_props)
3836 props_reduce(props, origprops);
3837 if (zfs_check_clearable(tofs, origprops,
3839 (void) nvlist_merge(errors, errlist, 0);
3840 nvlist_free(errlist);
3843 dmu_objset_rele(os, FTAG);
3846 if (zc->zc_string[0]) {
3847 error = dmu_objset_hold(zc->zc_string, FTAG, &origin);
3852 error = dmu_recv_begin(tofs, tosnap, zc->zc_top_ds,
3853 &zc->zc_begin_record, force, origin, &drc);
3855 dmu_objset_rele(origin, FTAG);
3860 * Set properties before we receive the stream so that they are applied
3861 * to the new data. Note that we must call dmu_recv_stream() if
3862 * dmu_recv_begin() succeeds.
3867 if (dmu_objset_from_ds(drc.drc_logical_ds, &os) == 0) {
3868 if (drc.drc_newfs) {
3869 if (spa_version(os->os_spa) >=
3870 SPA_VERSION_RECVD_PROPS)
3871 first_recvd_props = B_TRUE;
3872 } else if (origprops != NULL) {
3873 if (clear_received_props(os, tofs, origprops,
3874 first_recvd_props ? NULL : props) != 0)
3875 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3877 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3879 dsl_prop_set_hasrecvd(os);
3880 } else if (!drc.drc_newfs) {
3881 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3884 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
3886 (void) nvlist_merge(errors, errlist, 0);
3887 nvlist_free(errlist);
3890 if (fit_error_list(zc, &errors) != 0 || put_nvlist(zc, errors) != 0) {
3892 * Caller made zc->zc_nvlist_dst less than the minimum expected
3893 * size or supplied an invalid address.
3895 props_error = EINVAL;
3899 error = dmu_recv_stream(&drc, fp, &off, zc->zc_cleanup_fd,
3900 &zc->zc_action_handle);
3903 zfsvfs_t *zfsvfs = NULL;
3905 if (getzfsvfs(tofs, &zfsvfs) == 0) {
3909 error = zfs_suspend_fs(zfsvfs);
3911 * If the suspend fails, then the recv_end will
3912 * likely also fail, and clean up after itself.
3914 end_err = dmu_recv_end(&drc);
3916 error = zfs_resume_fs(zfsvfs, tofs);
3917 error = error ? error : end_err;
3918 VFS_RELE(zfsvfs->z_vfs);
3920 error = dmu_recv_end(&drc);
3924 zc->zc_cookie = off - fp->f_offset;
3925 if (off >= 0 && off <= MAXOFFSET_T)
3929 if (zfs_ioc_recv_inject_err) {
3930 zfs_ioc_recv_inject_err = B_FALSE;
3937 zvol_create_minors(tofs);
3941 * On error, restore the original props.
3943 if (error && props) {
3944 if (dmu_objset_hold(tofs, FTAG, &os) == 0) {
3945 if (clear_received_props(os, tofs, props, NULL) != 0) {
3947 * We failed to clear the received properties.
3948 * Since we may have left a $recvd value on the
3949 * system, we can't clear the $hasrecvd flag.
3951 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3952 } else if (first_recvd_props) {
3953 dsl_prop_unset_hasrecvd(os);
3955 dmu_objset_rele(os, FTAG);
3956 } else if (!drc.drc_newfs) {
3957 /* We failed to clear the received properties. */
3958 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3961 if (origprops == NULL && !drc.drc_newfs) {
3962 /* We failed to stash the original properties. */
3963 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3967 * dsl_props_set() will not convert RECEIVED to LOCAL on or
3968 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
3969 * explictly if we're restoring local properties cleared in the
3970 * first new-style receive.
3972 if (origprops != NULL &&
3973 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
3974 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
3975 origprops, NULL) != 0) {
3977 * We stashed the original properties but failed to
3980 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3985 nvlist_free(origprops);
3986 nvlist_free(errors);
3990 error = props_error;
3997 * zc_name name of snapshot to send
3998 * zc_cookie file descriptor to send stream to
3999 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4000 * zc_sendobj objsetid of snapshot to send
4001 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4002 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4003 * output size in zc_objset_type.
4008 zfs_ioc_send(zfs_cmd_t *zc)
4010 objset_t *fromsnap = NULL;
4015 dsl_dataset_t *dsfrom = NULL;
4018 boolean_t estimate = (zc->zc_guid != 0);
4020 error = spa_open(zc->zc_name, &spa, FTAG);
4024 dp = spa_get_dsl(spa);
4025 rw_enter(&dp->dp_config_rwlock, RW_READER);
4026 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4027 rw_exit(&dp->dp_config_rwlock);
4029 spa_close(spa, FTAG);
4033 error = dmu_objset_from_ds(ds, &tosnap);
4035 dsl_dataset_rele(ds, FTAG);
4036 spa_close(spa, FTAG);
4040 if (zc->zc_fromobj != 0) {
4041 rw_enter(&dp->dp_config_rwlock, RW_READER);
4042 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj, FTAG, &dsfrom);
4043 rw_exit(&dp->dp_config_rwlock);
4044 spa_close(spa, FTAG);
4046 dsl_dataset_rele(ds, FTAG);
4049 error = dmu_objset_from_ds(dsfrom, &fromsnap);
4051 dsl_dataset_rele(dsfrom, FTAG);
4052 dsl_dataset_rele(ds, FTAG);
4056 spa_close(spa, FTAG);
4060 error = dmu_send_estimate(tosnap, fromsnap, zc->zc_obj,
4061 &zc->zc_objset_type);
4063 file_t *fp = getf(zc->zc_cookie);
4065 dsl_dataset_rele(ds, FTAG);
4067 dsl_dataset_rele(dsfrom, FTAG);
4072 error = dmu_send(tosnap, fromsnap, zc->zc_obj,
4073 zc->zc_cookie, fp, &off);
4075 if (off >= 0 && off <= MAXOFFSET_T)
4077 releasef(zc->zc_cookie);
4080 dsl_dataset_rele(dsfrom, FTAG);
4081 dsl_dataset_rele(ds, FTAG);
4087 * zc_name name of snapshot on which to report progress
4088 * zc_cookie file descriptor of send stream
4091 * zc_cookie number of bytes written in send stream thus far
4094 zfs_ioc_send_progress(zfs_cmd_t *zc)
4097 dmu_sendarg_t *dsp = NULL;
4100 if ((error = dsl_dataset_hold(zc->zc_name, FTAG, &ds)) != 0)
4103 mutex_enter(&ds->ds_sendstream_lock);
4106 * Iterate over all the send streams currently active on this dataset.
4107 * If there's one which matches the specified file descriptor _and_ the
4108 * stream was started by the current process, return the progress of
4111 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4112 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4113 if (dsp->dsa_outfd == zc->zc_cookie &&
4114 dsp->dsa_proc == curproc)
4119 zc->zc_cookie = *(dsp->dsa_off);
4123 mutex_exit(&ds->ds_sendstream_lock);
4124 dsl_dataset_rele(ds, FTAG);
4129 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4133 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4134 &zc->zc_inject_record);
4137 zc->zc_guid = (uint64_t)id;
4143 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4145 return (zio_clear_fault((int)zc->zc_guid));
4149 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4151 int id = (int)zc->zc_guid;
4154 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4155 &zc->zc_inject_record);
4163 zfs_ioc_error_log(zfs_cmd_t *zc)
4167 size_t count = (size_t)zc->zc_nvlist_dst_size;
4169 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4172 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4175 zc->zc_nvlist_dst_size = count;
4177 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4179 spa_close(spa, FTAG);
4185 zfs_ioc_clear(zfs_cmd_t *zc)
4192 * On zpool clear we also fix up missing slogs
4194 mutex_enter(&spa_namespace_lock);
4195 spa = spa_lookup(zc->zc_name);
4197 mutex_exit(&spa_namespace_lock);
4200 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4201 /* we need to let spa_open/spa_load clear the chains */
4202 spa_set_log_state(spa, SPA_LOG_CLEAR);
4204 spa->spa_last_open_failed = 0;
4205 mutex_exit(&spa_namespace_lock);
4207 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4208 error = spa_open(zc->zc_name, &spa, FTAG);
4211 nvlist_t *config = NULL;
4213 if (zc->zc_nvlist_src == 0)
4216 if ((error = get_nvlist(zc->zc_nvlist_src,
4217 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4218 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4220 if (config != NULL) {
4223 if ((err = put_nvlist(zc, config)) != 0)
4225 nvlist_free(config);
4227 nvlist_free(policy);
4234 spa_vdev_state_enter(spa, SCL_NONE);
4236 if (zc->zc_guid == 0) {
4239 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4241 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4242 spa_close(spa, FTAG);
4247 vdev_clear(spa, vd);
4249 (void) spa_vdev_state_exit(spa, NULL, 0);
4252 * Resume any suspended I/Os.
4254 if (zio_resume(spa) != 0)
4257 spa_close(spa, FTAG);
4263 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4268 error = spa_open(zc->zc_name, &spa, FTAG);
4272 spa_vdev_state_enter(spa, SCL_NONE);
4275 * If a resilver is already in progress then set the
4276 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4277 * the scan as a side effect of the reopen. Otherwise, let
4278 * vdev_open() decided if a resilver is required.
4280 spa->spa_scrub_reopen = dsl_scan_resilvering(spa->spa_dsl_pool);
4281 vdev_reopen(spa->spa_root_vdev);
4282 spa->spa_scrub_reopen = B_FALSE;
4284 (void) spa_vdev_state_exit(spa, NULL, 0);
4285 spa_close(spa, FTAG);
4290 * zc_name name of filesystem
4291 * zc_value name of origin snapshot
4294 * zc_string name of conflicting snapshot, if there is one
4297 zfs_ioc_promote(zfs_cmd_t *zc)
4302 * We don't need to unmount *all* the origin fs's snapshots, but
4305 cp = strchr(zc->zc_value, '@');
4308 (void) dmu_objset_find(zc->zc_value,
4309 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS);
4310 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4314 * Retrieve a single {user|group}{used|quota}@... property.
4317 * zc_name name of filesystem
4318 * zc_objset_type zfs_userquota_prop_t
4319 * zc_value domain name (eg. "S-1-234-567-89")
4320 * zc_guid RID/UID/GID
4323 * zc_cookie property value
4326 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4331 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4334 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4338 error = zfs_userspace_one(zfsvfs,
4339 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4340 zfsvfs_rele(zfsvfs, FTAG);
4347 * zc_name name of filesystem
4348 * zc_cookie zap cursor
4349 * zc_objset_type zfs_userquota_prop_t
4350 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4353 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4354 * zc_cookie zap cursor
4357 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4360 int bufsize = zc->zc_nvlist_dst_size;
4365 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4369 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4371 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4372 buf, &zc->zc_nvlist_dst_size);
4375 error = ddi_copyout(buf,
4376 (void *)(uintptr_t)zc->zc_nvlist_dst,
4377 zc->zc_nvlist_dst_size, zc->zc_iflags);
4379 kmem_free(buf, bufsize);
4380 zfsvfs_rele(zfsvfs, FTAG);
4387 * zc_name name of filesystem
4393 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4399 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4400 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4402 * If userused is not enabled, it may be because the
4403 * objset needs to be closed & reopened (to grow the
4404 * objset_phys_t). Suspend/resume the fs will do that.
4406 error = zfs_suspend_fs(zfsvfs);
4408 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4411 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4412 VFS_RELE(zfsvfs->z_vfs);
4414 /* XXX kind of reading contents without owning */
4415 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4419 error = dmu_objset_userspace_upgrade(os);
4420 dmu_objset_rele(os, FTAG);
4428 * We don't want to have a hard dependency
4429 * against some special symbols in sharefs
4430 * nfs, and smbsrv. Determine them if needed when
4431 * the first file system is shared.
4432 * Neither sharefs, nfs or smbsrv are unloadable modules.
4434 int (*znfsexport_fs)(void *arg);
4435 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4436 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4438 int zfs_nfsshare_inited;
4439 int zfs_smbshare_inited;
4441 ddi_modhandle_t nfs_mod;
4442 ddi_modhandle_t sharefs_mod;
4443 ddi_modhandle_t smbsrv_mod;
4445 kmutex_t zfs_share_lock;
4453 ASSERT(MUTEX_HELD(&zfs_share_lock));
4454 /* Both NFS and SMB shares also require sharetab support. */
4455 if (sharefs_mod == NULL && ((sharefs_mod =
4456 ddi_modopen("fs/sharefs",
4457 KRTLD_MODE_FIRST, &error)) == NULL)) {
4460 if (zshare_fs == NULL && ((zshare_fs =
4461 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4462 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4470 zfs_ioc_share(zfs_cmd_t *zc)
4476 switch (zc->zc_share.z_sharetype) {
4478 case ZFS_UNSHARE_NFS:
4479 if (zfs_nfsshare_inited == 0) {
4480 mutex_enter(&zfs_share_lock);
4481 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4482 KRTLD_MODE_FIRST, &error)) == NULL)) {
4483 mutex_exit(&zfs_share_lock);
4486 if (znfsexport_fs == NULL &&
4487 ((znfsexport_fs = (int (*)(void *))
4489 "nfs_export", &error)) == NULL)) {
4490 mutex_exit(&zfs_share_lock);
4493 error = zfs_init_sharefs();
4495 mutex_exit(&zfs_share_lock);
4498 zfs_nfsshare_inited = 1;
4499 mutex_exit(&zfs_share_lock);
4503 case ZFS_UNSHARE_SMB:
4504 if (zfs_smbshare_inited == 0) {
4505 mutex_enter(&zfs_share_lock);
4506 if (smbsrv_mod == NULL && ((smbsrv_mod =
4507 ddi_modopen("drv/smbsrv",
4508 KRTLD_MODE_FIRST, &error)) == NULL)) {
4509 mutex_exit(&zfs_share_lock);
4512 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4513 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4514 "smb_server_share", &error)) == NULL)) {
4515 mutex_exit(&zfs_share_lock);
4518 error = zfs_init_sharefs();
4520 mutex_exit(&zfs_share_lock);
4523 zfs_smbshare_inited = 1;
4524 mutex_exit(&zfs_share_lock);
4531 switch (zc->zc_share.z_sharetype) {
4533 case ZFS_UNSHARE_NFS:
4535 znfsexport_fs((void *)
4536 (uintptr_t)zc->zc_share.z_exportdata))
4540 case ZFS_UNSHARE_SMB:
4541 if (error = zsmbexport_fs((void *)
4542 (uintptr_t)zc->zc_share.z_exportdata,
4543 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4550 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4551 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4552 SHAREFS_ADD : SHAREFS_REMOVE;
4555 * Add or remove share from sharetab
4557 error = zshare_fs(opcode,
4558 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4559 zc->zc_share.z_sharemax);
4568 ace_t full_access[] = {
4569 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4574 * zc_name name of containing filesystem
4575 * zc_obj object # beyond which we want next in-use object #
4578 * zc_obj next in-use object #
4581 zfs_ioc_next_obj(zfs_cmd_t *zc)
4583 objset_t *os = NULL;
4586 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4590 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4591 os->os_dsl_dataset->ds_phys->ds_prev_snap_txg);
4593 dmu_objset_rele(os, FTAG);
4599 * zc_name name of filesystem
4600 * zc_value prefix name for snapshot
4601 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4606 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4611 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4612 (u_longlong_t)ddi_get_lbolt64());
4614 if (strlen(snap_name) >= MAXNAMELEN) {
4619 error = dmu_objset_snapshot(zc->zc_name, snap_name, snap_name,
4620 NULL, B_FALSE, B_TRUE, zc->zc_cleanup_fd);
4626 (void) strcpy(zc->zc_value, snap_name);
4633 * zc_name name of "to" snapshot
4634 * zc_value name of "from" snapshot
4635 * zc_cookie file descriptor to write diff data on
4638 * dmu_diff_record_t's to the file descriptor
4641 zfs_ioc_diff(zfs_cmd_t *zc)
4649 error = dmu_objset_hold(zc->zc_name, FTAG, &tosnap);
4653 error = dmu_objset_hold(zc->zc_value, FTAG, &fromsnap);
4655 dmu_objset_rele(tosnap, FTAG);
4659 fp = getf(zc->zc_cookie);
4661 dmu_objset_rele(fromsnap, FTAG);
4662 dmu_objset_rele(tosnap, FTAG);
4668 error = dmu_diff(tosnap, fromsnap, fp, &off);
4670 if (off >= 0 && off <= MAXOFFSET_T)
4672 releasef(zc->zc_cookie);
4674 dmu_objset_rele(fromsnap, FTAG);
4675 dmu_objset_rele(tosnap, FTAG);
4681 * Remove all ACL files in shares dir
4684 zfs_smb_acl_purge(znode_t *dzp)
4687 zap_attribute_t zap;
4688 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4691 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4692 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4693 zap_cursor_advance(&zc)) {
4694 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4698 zap_cursor_fini(&zc);
4704 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4709 vnode_t *resourcevp = NULL;
4718 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4719 NO_FOLLOW, NULL, &vp)) != 0)
4722 /* Now make sure mntpnt and dataset are ZFS */
4724 if (strcmp(vp->v_vfsp->mnt_stat.f_fstypename, "zfs") != 0 ||
4725 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4726 zc->zc_name) != 0)) {
4732 zfsvfs = dzp->z_zfsvfs;
4736 * Create share dir if its missing.
4738 mutex_enter(&zfsvfs->z_lock);
4739 if (zfsvfs->z_shares_dir == 0) {
4742 tx = dmu_tx_create(zfsvfs->z_os);
4743 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
4745 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
4746 error = dmu_tx_assign(tx, TXG_WAIT);
4750 error = zfs_create_share_dir(zfsvfs, tx);
4754 mutex_exit(&zfsvfs->z_lock);
4760 mutex_exit(&zfsvfs->z_lock);
4762 ASSERT(zfsvfs->z_shares_dir);
4763 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
4769 switch (zc->zc_cookie) {
4770 case ZFS_SMB_ACL_ADD:
4771 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
4772 vattr.va_type = VREG;
4773 vattr.va_mode = S_IFREG|0777;
4777 vsec.vsa_mask = VSA_ACE;
4778 vsec.vsa_aclentp = &full_access;
4779 vsec.vsa_aclentsz = sizeof (full_access);
4780 vsec.vsa_aclcnt = 1;
4782 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
4783 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
4785 VN_RELE(resourcevp);
4788 case ZFS_SMB_ACL_REMOVE:
4789 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
4793 case ZFS_SMB_ACL_RENAME:
4794 if ((error = get_nvlist(zc->zc_nvlist_src,
4795 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
4800 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
4801 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
4804 VN_RELE(ZTOV(sharedir));
4806 nvlist_free(nvlist);
4809 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
4811 nvlist_free(nvlist);
4814 case ZFS_SMB_ACL_PURGE:
4815 error = zfs_smb_acl_purge(sharedir);
4824 VN_RELE(ZTOV(sharedir));
4830 return (EOPNOTSUPP);
4836 * zc_name name of filesystem
4837 * zc_value short name of snap
4838 * zc_string user-supplied tag for this hold
4839 * zc_cookie recursive flag
4840 * zc_temphold set if hold is temporary
4841 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4842 * zc_sendobj if non-zero, the objid for zc_name@zc_value
4843 * zc_createtxg if zc_sendobj is non-zero, snap must have zc_createtxg
4848 zfs_ioc_hold(zfs_cmd_t *zc)
4850 boolean_t recursive = zc->zc_cookie;
4857 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4860 if (zc->zc_sendobj == 0) {
4861 return (dsl_dataset_user_hold(zc->zc_name, zc->zc_value,
4862 zc->zc_string, recursive, zc->zc_temphold,
4863 zc->zc_cleanup_fd));
4869 error = spa_open(zc->zc_name, &spa, FTAG);
4873 dp = spa_get_dsl(spa);
4874 rw_enter(&dp->dp_config_rwlock, RW_READER);
4875 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4876 rw_exit(&dp->dp_config_rwlock);
4877 spa_close(spa, FTAG);
4882 * Until we have a hold on this snapshot, it's possible that
4883 * zc_sendobj could've been destroyed and reused as part
4884 * of a later txg. Make sure we're looking at the right object.
4886 if (zc->zc_createtxg != ds->ds_phys->ds_creation_txg) {
4887 dsl_dataset_rele(ds, FTAG);
4891 if (zc->zc_cleanup_fd != -1 && zc->zc_temphold) {
4892 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4894 dsl_dataset_rele(ds, FTAG);
4899 error = dsl_dataset_user_hold_for_send(ds, zc->zc_string,
4903 dsl_register_onexit_hold_cleanup(ds, zc->zc_string,
4906 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4908 dsl_dataset_rele(ds, FTAG);
4915 * zc_name name of dataset from which we're releasing a user hold
4916 * zc_value short name of snap
4917 * zc_string user-supplied tag for this hold
4918 * zc_cookie recursive flag
4923 zfs_ioc_release(zfs_cmd_t *zc)
4925 boolean_t recursive = zc->zc_cookie;
4927 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4930 return (dsl_dataset_user_release(zc->zc_name, zc->zc_value,
4931 zc->zc_string, recursive));
4936 * zc_name name of filesystem
4939 * zc_nvlist_src{_size} nvlist of snapshot holds
4942 zfs_ioc_get_holds(zfs_cmd_t *zc)
4947 if ((error = dsl_dataset_get_holds(zc->zc_name, &nvp)) == 0) {
4948 error = put_nvlist(zc, nvp);
4957 * zc_name name of new filesystem or snapshot
4958 * zc_value full name of old snapshot
4961 * zc_cookie space in bytes
4962 * zc_objset_type compressed space in bytes
4963 * zc_perm_action uncompressed space in bytes
4966 zfs_ioc_space_written(zfs_cmd_t *zc)
4969 dsl_dataset_t *new, *old;
4971 error = dsl_dataset_hold(zc->zc_name, FTAG, &new);
4974 error = dsl_dataset_hold(zc->zc_value, FTAG, &old);
4976 dsl_dataset_rele(new, FTAG);
4980 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
4981 &zc->zc_objset_type, &zc->zc_perm_action);
4982 dsl_dataset_rele(old, FTAG);
4983 dsl_dataset_rele(new, FTAG);
4989 * zc_name full name of last snapshot
4990 * zc_value full name of first snapshot
4993 * zc_cookie space in bytes
4994 * zc_objset_type compressed space in bytes
4995 * zc_perm_action uncompressed space in bytes
4998 zfs_ioc_space_snaps(zfs_cmd_t *zc)
5001 dsl_dataset_t *new, *old;
5003 error = dsl_dataset_hold(zc->zc_name, FTAG, &new);
5006 error = dsl_dataset_hold(zc->zc_value, FTAG, &old);
5008 dsl_dataset_rele(new, FTAG);
5012 error = dsl_dataset_space_wouldfree(old, new, &zc->zc_cookie,
5013 &zc->zc_objset_type, &zc->zc_perm_action);
5014 dsl_dataset_rele(old, FTAG);
5015 dsl_dataset_rele(new, FTAG);
5020 * pool create, destroy, and export don't log the history as part of
5021 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export
5022 * do the logging of those commands.
5025 zfs_ioc_jail(zfs_cmd_t *zc)
5028 return (zone_dataset_attach(curthread->td_ucred, zc->zc_name,
5029 (int)zc->zc_jailid));
5033 zfs_ioc_unjail(zfs_cmd_t *zc)
5036 return (zone_dataset_detach(curthread->td_ucred, zc->zc_name,
5037 (int)zc->zc_jailid));
5040 static zfs_ioc_vec_t zfs_ioc_vec[] = {
5041 { zfs_ioc_pool_create, zfs_secpolicy_config, POOL_NAME, B_FALSE,
5043 { zfs_ioc_pool_destroy, zfs_secpolicy_config, POOL_NAME, B_FALSE,
5045 { zfs_ioc_pool_import, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5047 { zfs_ioc_pool_export, zfs_secpolicy_config, POOL_NAME, B_FALSE,
5049 { zfs_ioc_pool_configs, zfs_secpolicy_none, NO_NAME, B_FALSE,
5051 { zfs_ioc_pool_stats, zfs_secpolicy_read, POOL_NAME, B_FALSE,
5053 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, NO_NAME, B_FALSE,
5055 { zfs_ioc_pool_scan, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5056 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5057 { zfs_ioc_pool_freeze, zfs_secpolicy_config, NO_NAME, B_FALSE,
5058 POOL_CHECK_READONLY },
5059 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5060 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5061 { zfs_ioc_pool_get_history, zfs_secpolicy_config, POOL_NAME, B_FALSE,
5063 { zfs_ioc_vdev_add, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5064 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5065 { zfs_ioc_vdev_remove, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5066 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5067 { zfs_ioc_vdev_set_state, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5068 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5069 { zfs_ioc_vdev_attach, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5070 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5071 { zfs_ioc_vdev_detach, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5072 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5073 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, POOL_NAME, B_FALSE,
5074 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5075 { zfs_ioc_vdev_setfru, zfs_secpolicy_config, POOL_NAME, B_FALSE,
5076 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5077 { zfs_ioc_objset_stats, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5078 POOL_CHECK_SUSPENDED },
5079 { zfs_ioc_objset_zplprops, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5081 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5082 POOL_CHECK_SUSPENDED },
5083 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5084 POOL_CHECK_SUSPENDED },
5085 { zfs_ioc_set_prop, zfs_secpolicy_none, DATASET_NAME, B_TRUE,
5086 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5087 { zfs_ioc_create, zfs_secpolicy_create, DATASET_NAME, B_TRUE,
5088 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5089 { zfs_ioc_destroy, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE,
5090 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY},
5091 { zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME, B_TRUE,
5092 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5093 { zfs_ioc_rename, zfs_secpolicy_rename, DATASET_NAME, B_TRUE,
5094 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5095 { zfs_ioc_recv, zfs_secpolicy_receive, DATASET_NAME, B_TRUE,
5096 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5097 { zfs_ioc_send, zfs_secpolicy_send, DATASET_NAME, B_FALSE,
5099 { zfs_ioc_inject_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE,
5101 { zfs_ioc_clear_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE,
5103 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, NO_NAME, B_FALSE,
5105 { zfs_ioc_error_log, zfs_secpolicy_inject, POOL_NAME, B_FALSE,
5107 { zfs_ioc_clear, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5109 { zfs_ioc_promote, zfs_secpolicy_promote, DATASET_NAME, B_TRUE,
5110 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5111 { zfs_ioc_destroy_snaps_nvl, zfs_secpolicy_destroy_recursive,
5112 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5113 { zfs_ioc_snapshot, zfs_secpolicy_snapshot, DATASET_NAME, B_TRUE,
5114 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5115 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_diff, POOL_NAME, B_FALSE,
5117 { zfs_ioc_obj_to_path, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
5118 POOL_CHECK_SUSPENDED },
5119 { zfs_ioc_pool_set_props, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5120 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5121 { zfs_ioc_pool_get_props, zfs_secpolicy_read, POOL_NAME, B_FALSE,
5123 { zfs_ioc_set_fsacl, zfs_secpolicy_fsacl, DATASET_NAME, B_TRUE,
5124 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5125 { zfs_ioc_get_fsacl, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5127 { zfs_ioc_share, zfs_secpolicy_share, DATASET_NAME, B_FALSE,
5129 { zfs_ioc_inherit_prop, zfs_secpolicy_inherit, DATASET_NAME, B_TRUE,
5130 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5131 { zfs_ioc_smb_acl, zfs_secpolicy_smb_acl, DATASET_NAME, B_FALSE,
5133 { zfs_ioc_userspace_one, zfs_secpolicy_userspace_one, DATASET_NAME,
5134 B_FALSE, POOL_CHECK_NONE },
5135 { zfs_ioc_userspace_many, zfs_secpolicy_userspace_many, DATASET_NAME,
5136 B_FALSE, POOL_CHECK_NONE },
5137 { zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5138 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5139 { zfs_ioc_hold, zfs_secpolicy_hold, DATASET_NAME, B_TRUE,
5140 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5141 { zfs_ioc_release, zfs_secpolicy_release, DATASET_NAME, B_TRUE,
5142 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5143 { zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5144 POOL_CHECK_SUSPENDED },
5145 { zfs_ioc_objset_recvd_props, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5147 { zfs_ioc_vdev_split, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5148 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5149 { zfs_ioc_next_obj, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5151 { zfs_ioc_diff, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
5153 { zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot, DATASET_NAME,
5154 B_FALSE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5155 { zfs_ioc_obj_to_stats, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
5156 POOL_CHECK_SUSPENDED },
5157 { zfs_ioc_jail, zfs_secpolicy_config, DATASET_NAME, B_TRUE,
5159 { zfs_ioc_unjail, zfs_secpolicy_config, DATASET_NAME, B_TRUE,
5161 { zfs_ioc_pool_reguid, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5162 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY },
5163 { zfs_ioc_space_written, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5164 POOL_CHECK_SUSPENDED },
5165 { zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5166 POOL_CHECK_SUSPENDED },
5167 { zfs_ioc_send_progress, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
5169 { zfs_ioc_pool_reopen, zfs_secpolicy_config, POOL_NAME, B_TRUE,
5170 POOL_CHECK_SUSPENDED },
5174 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5175 zfs_ioc_poolcheck_t check)
5180 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5182 if (check & POOL_CHECK_NONE)
5185 error = spa_open(name, &spa, FTAG);
5187 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5189 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5191 spa_close(spa, FTAG);
5197 * Find a free minor number.
5200 zfsdev_minor_alloc(void)
5202 static minor_t last_minor;
5205 ASSERT(MUTEX_HELD(&spa_namespace_lock));
5207 for (m = last_minor + 1; m != last_minor; m++) {
5208 if (m > ZFSDEV_MAX_MINOR)
5210 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5220 zfs_ctldev_init(struct cdev *devp)
5223 zfs_soft_state_t *zs;
5225 ASSERT(MUTEX_HELD(&spa_namespace_lock));
5227 minor = zfsdev_minor_alloc();
5231 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5234 devfs_set_cdevpriv((void *)(uintptr_t)minor, zfsdev_close);
5236 zs = ddi_get_soft_state(zfsdev_state, minor);
5237 zs->zss_type = ZSST_CTLDEV;
5238 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5244 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5246 ASSERT(MUTEX_HELD(&spa_namespace_lock));
5248 zfs_onexit_destroy(zo);
5249 ddi_soft_state_free(zfsdev_state, minor);
5253 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5255 zfs_soft_state_t *zp;
5257 zp = ddi_get_soft_state(zfsdev_state, minor);
5258 if (zp == NULL || zp->zss_type != which)
5261 return (zp->zss_data);
5265 zfsdev_open(struct cdev *devp, int flag, int mode, struct thread *td)
5270 if (getminor(*devp) != 0)
5271 return (zvol_open(devp, flag, otyp, cr));
5274 /* This is the control device. Allocate a new minor if requested. */
5276 mutex_enter(&spa_namespace_lock);
5277 error = zfs_ctldev_init(devp);
5278 mutex_exit(&spa_namespace_lock);
5285 zfsdev_close(void *data)
5288 minor_t minor = (minor_t)(uintptr_t)data;
5293 mutex_enter(&spa_namespace_lock);
5294 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5296 mutex_exit(&spa_namespace_lock);
5299 zfs_ctldev_destroy(zo, minor);
5300 mutex_exit(&spa_namespace_lock);
5304 zfsdev_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag,
5309 int cflag, error, len;
5311 cflag = ZFS_CMD_COMPAT_NONE;
5312 len = IOCPARM_LEN(cmd);
5315 * Check if we are talking to supported older binaries
5316 * and translate zfs_cmd if necessary
5318 if (len < sizeof(zfs_cmd_t))
5319 if (len == sizeof(zfs_cmd_v28_t)) {
5320 cflag = ZFS_CMD_COMPAT_V28;
5322 } else if (len == sizeof(zfs_cmd_v15_t)) {
5323 cflag = ZFS_CMD_COMPAT_V15;
5324 vec = zfs_ioctl_v15_to_v28[ZFS_IOC(cmd)];
5330 if (cflag != ZFS_CMD_COMPAT_NONE) {
5331 if (vec == ZFS_IOC_COMPAT_PASS)
5333 else if (vec == ZFS_IOC_COMPAT_FAIL)
5338 * Check if we have sufficient kernel memory allocated
5339 * for the zfs_cmd_t request. Bail out if not so we
5340 * will not access undefined memory region.
5342 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5345 if (cflag != ZFS_CMD_COMPAT_NONE) {
5346 zc = kmem_zalloc(sizeof(zfs_cmd_t), KM_SLEEP);
5347 bzero(zc, sizeof(zfs_cmd_t));
5348 zfs_cmd_compat_get(zc, addr, cflag);
5349 zfs_ioctl_compat_pre(zc, &vec, cflag);
5354 error = zfs_ioc_vec[vec].zvec_secpolicy(zc, td->td_ucred);
5357 * Ensure that all pool/dataset names are valid before we pass down to
5361 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5362 zc->zc_iflags = flag & FKIOCTL;
5363 switch (zfs_ioc_vec[vec].zvec_namecheck) {
5365 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5368 error = pool_status_check(zc->zc_name,
5369 zfs_ioc_vec[vec].zvec_namecheck,
5370 zfs_ioc_vec[vec].zvec_pool_check);
5374 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5377 error = pool_status_check(zc->zc_name,
5378 zfs_ioc_vec[vec].zvec_namecheck,
5379 zfs_ioc_vec[vec].zvec_pool_check);
5388 error = zfs_ioc_vec[vec].zvec_func(zc);
5391 if (zfs_ioc_vec[vec].zvec_his_log)
5392 zfs_log_history(zc);
5395 if (cflag != ZFS_CMD_COMPAT_NONE) {
5396 zfs_ioctl_compat_post(zc, ZFS_IOC(cmd), cflag);
5397 zfs_cmd_compat_put(zc, addr, cflag);
5398 kmem_free(zc, sizeof(zfs_cmd_t));
5406 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
5408 if (cmd != DDI_ATTACH)
5409 return (DDI_FAILURE);
5411 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
5412 DDI_PSEUDO, 0) == DDI_FAILURE)
5413 return (DDI_FAILURE);
5417 ddi_report_dev(dip);
5419 return (DDI_SUCCESS);
5423 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5425 if (spa_busy() || zfs_busy() || zvol_busy())
5426 return (DDI_FAILURE);
5428 if (cmd != DDI_DETACH)
5429 return (DDI_FAILURE);
5433 ddi_prop_remove_all(dip);
5434 ddi_remove_minor_node(dip, NULL);
5436 return (DDI_SUCCESS);
5441 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
5444 case DDI_INFO_DEVT2DEVINFO:
5446 return (DDI_SUCCESS);
5448 case DDI_INFO_DEVT2INSTANCE:
5449 *result = (void *)0;
5450 return (DDI_SUCCESS);
5453 return (DDI_FAILURE);
5458 * OK, so this is a little weird.
5460 * /dev/zfs is the control node, i.e. minor 0.
5461 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
5463 * /dev/zfs has basically nothing to do except serve up ioctls,
5464 * so most of the standard driver entry points are in zvol.c.
5467 static struct cb_ops zfs_cb_ops = {
5468 zfsdev_open, /* open */
5469 zfsdev_close, /* close */
5470 zvol_strategy, /* strategy */
5472 zvol_dump, /* dump */
5473 zvol_read, /* read */
5474 zvol_write, /* write */
5475 zfsdev_ioctl, /* ioctl */
5479 nochpoll, /* poll */
5480 ddi_prop_op, /* prop_op */
5481 NULL, /* streamtab */
5482 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
5483 CB_REV, /* version */
5484 nodev, /* async read */
5485 nodev, /* async write */
5488 static struct dev_ops zfs_dev_ops = {
5489 DEVO_REV, /* version */
5491 zfs_info, /* info */
5492 nulldev, /* identify */
5493 nulldev, /* probe */
5494 zfs_attach, /* attach */
5495 zfs_detach, /* detach */
5497 &zfs_cb_ops, /* driver operations */
5498 NULL, /* no bus operations */
5500 ddi_quiesce_not_needed, /* quiesce */
5503 static struct modldrv zfs_modldrv = {
5509 static struct modlinkage modlinkage = {
5511 (void *)&zfs_modlfs,
5512 (void *)&zfs_modldrv,
5517 static struct cdevsw zfs_cdevsw = {
5518 .d_version = D_VERSION,
5519 .d_open = zfsdev_open,
5520 .d_ioctl = zfsdev_ioctl,
5521 .d_name = ZFS_DEV_NAME
5527 zfsdev = make_dev(&zfs_cdevsw, 0x0, UID_ROOT, GID_OPERATOR, 0666,
5535 destroy_dev(zfsdev);
5538 static struct root_hold_token *zfs_root_token;
5539 struct proc *zfsproc;
5541 uint_t zfs_fsyncer_key;
5542 extern uint_t rrw_tsd_key;
5550 spa_init(FREAD | FWRITE);
5554 if ((error = mod_install(&modlinkage)) != 0) {
5561 tsd_create(&zfs_fsyncer_key, NULL);
5562 tsd_create(&rrw_tsd_key, NULL);
5564 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
5566 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5576 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
5579 if ((error = mod_remove(&modlinkage)) != 0)
5585 if (zfs_nfsshare_inited)
5586 (void) ddi_modclose(nfs_mod);
5587 if (zfs_smbshare_inited)
5588 (void) ddi_modclose(smbsrv_mod);
5589 if (zfs_nfsshare_inited || zfs_smbshare_inited)
5590 (void) ddi_modclose(sharefs_mod);
5592 tsd_destroy(&zfs_fsyncer_key);
5593 ldi_ident_release(zfs_li);
5595 mutex_destroy(&zfs_share_lock);
5601 _info(struct modinfo *modinfop)
5603 return (mod_info(&modlinkage, modinfop));
5608 zfs_modevent(module_t mod, int type, void *unused __unused)
5614 zfs_root_token = root_mount_hold("ZFS");
5616 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5618 spa_init(FREAD | FWRITE);
5622 tsd_create(&zfs_fsyncer_key, NULL);
5623 tsd_create(&rrw_tsd_key, NULL);
5625 printf("ZFS storage pool version: features support (" SPA_VERSION_STRING ")\n");
5626 root_mount_rel(zfs_root_token);
5631 if (spa_busy() || zfs_busy() || zvol_busy() ||
5632 zio_injection_enabled) {
5642 tsd_destroy(&zfs_fsyncer_key);
5643 tsd_destroy(&rrw_tsd_key);
5645 mutex_destroy(&zfs_share_lock);
5654 static moduledata_t zfs_mod = {
5659 DECLARE_MODULE(zfsctrl, zfs_mod, SI_SUB_VFS, SI_ORDER_ANY);
5660 MODULE_VERSION(zfsctrl, 1);
5661 MODULE_DEPEND(zfsctrl, opensolaris, 1, 1, 1);
5662 MODULE_DEPEND(zfsctrl, krpc, 1, 1, 1);