4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
24 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
28 * ZFS control directory (a.k.a. ".zfs")
30 * This directory provides a common location for all ZFS meta-objects.
31 * Currently, this is only the 'snapshot' directory, but this may expand in the
32 * future. The elements are built using the GFS primitives, as the hierarchy
33 * does not actually exist on disk.
35 * For 'snapshot', we don't want to have all snapshots always mounted, because
36 * this would take up a huge amount of space in /etc/mnttab. We have three
39 * ctldir ------> snapshotdir -------> snapshot
45 * The 'snapshot' node contains just enough information to lookup '..' and act
46 * as a mountpoint for the snapshot. Whenever we lookup a specific snapshot, we
47 * perform an automount of the underlying filesystem and return the
48 * corresponding vnode.
50 * All mounts are handled automatically by the kernel, but unmounts are
51 * (currently) handled from user land. The main reason is that there is no
52 * reliable way to auto-unmount the filesystem when it's "no longer in use".
53 * When the user unmounts a filesystem, we call zfsctl_unmount(), which
54 * unmounts any snapshots within the snapshot directory.
56 * The '.zfs', '.zfs/snapshot', and all directories created under
57 * '.zfs/snapshot' (ie: '.zfs/snapshot/<snapname>') are all GFS nodes and
58 * share the same vfs_t as the head filesystem (what '.zfs' lives under).
60 * File systems mounted ontop of the GFS nodes '.zfs/snapshot/<snapname>'
61 * (ie: snapshots) are ZFS nodes and have their own unique vfs_t.
62 * However, vnodes within these mounted on file systems have their v_vfsp
63 * fields set to the head filesystem to make NFS happy (see
64 * zfsctl_snapdir_lookup()). We VFS_HOLD the head filesystem's vfs_t
65 * so that it cannot be freed until all snapshots have been unmounted.
68 #include <sys/zfs_context.h>
69 #include <sys/zfs_ctldir.h>
70 #include <sys/zfs_ioctl.h>
71 #include <sys/zfs_vfsops.h>
72 #include <sys/namei.h>
75 #include <sys/dsl_dataset.h>
76 #include <sys/dsl_destroy.h>
77 #include <sys/dsl_deleg.h>
78 #include <sys/mount.h>
81 #include "zfs_namecheck.h"
83 /* Common access mode for all virtual directories under the ctldir */
84 const u_short zfsctl_ctldir_mode = S_IRUSR | S_IXUSR | S_IRGRP | S_IXGRP |
88 * "Synthetic" filesystem implementation.
92 * Assert that A implies B.
94 #define KASSERT_IMPLY(A, B, msg) KASSERT(!(A) || (B), (msg));
96 static MALLOC_DEFINE(M_SFSNODES, "sfs_nodes", "synthetic-fs nodes");
98 typedef struct sfs_node {
99 char sn_name[ZFS_MAX_DATASET_NAME_LEN];
100 uint64_t sn_parent_id;
105 * Check the parent's ID as well as the node's to account for a chance
106 * that IDs originating from different domains (snapshot IDs, artifical
107 * IDs, znode IDs) may clash.
110 sfs_compare_ids(struct vnode *vp, void *arg)
112 sfs_node_t *n1 = vp->v_data;
113 sfs_node_t *n2 = arg;
116 equal = n1->sn_id == n2->sn_id &&
117 n1->sn_parent_id == n2->sn_parent_id;
119 /* Zero means equality. */
124 sfs_vnode_get(const struct mount *mp, int flags, uint64_t parent_id,
125 uint64_t id, struct vnode **vpp)
131 search.sn_parent_id = parent_id;
132 err = vfs_hash_get(mp, (u_int)id, flags, curthread, vpp,
133 sfs_compare_ids, &search);
138 sfs_vnode_insert(struct vnode *vp, int flags, uint64_t parent_id,
139 uint64_t id, struct vnode **vpp)
143 KASSERT(vp->v_data != NULL, ("sfs_vnode_insert with NULL v_data"));
144 err = vfs_hash_insert(vp, (u_int)id, flags, curthread, vpp,
145 sfs_compare_ids, vp->v_data);
150 sfs_vnode_remove(struct vnode *vp)
155 typedef void sfs_vnode_setup_fn(vnode_t *vp, void *arg);
158 sfs_vgetx(struct mount *mp, int flags, uint64_t parent_id, uint64_t id,
159 const char *tag, struct vop_vector *vops,
160 sfs_vnode_setup_fn setup, void *arg,
166 error = sfs_vnode_get(mp, flags, parent_id, id, vpp);
167 if (error != 0 || *vpp != NULL) {
168 KASSERT_IMPLY(error == 0, (*vpp)->v_data != NULL,
169 "sfs vnode with no data");
173 /* Allocate a new vnode/inode. */
174 error = getnewvnode(tag, mp, vops, &vp);
181 * Exclusively lock the vnode vnode while it's being constructed.
183 lockmgr(vp->v_vnlock, LK_EXCLUSIVE, NULL);
184 error = insmntque(vp, mp);
192 error = sfs_vnode_insert(vp, flags, parent_id, id, vpp);
193 if (error != 0 || *vpp != NULL) {
194 KASSERT_IMPLY(error == 0, (*vpp)->v_data != NULL,
195 "sfs vnode with no data");
204 sfs_print_node(sfs_node_t *node)
206 printf("\tname = %s\n", node->sn_name);
207 printf("\tparent_id = %ju\n", (uintmax_t)node->sn_parent_id);
208 printf("\tid = %ju\n", (uintmax_t)node->sn_id);
212 sfs_alloc_node(size_t size, const char *name, uint64_t parent_id, uint64_t id)
214 struct sfs_node *node;
216 KASSERT(strlen(name) < sizeof(node->sn_name),
217 ("sfs node name is too long"));
218 KASSERT(size >= sizeof(*node), ("sfs node size is too small"));
219 node = malloc(size, M_SFSNODES, M_WAITOK | M_ZERO);
220 strlcpy(node->sn_name, name, sizeof(node->sn_name));
221 node->sn_parent_id = parent_id;
228 sfs_destroy_node(sfs_node_t *node)
230 free(node, M_SFSNODES);
234 sfs_reclaim_vnode(vnode_t *vp)
239 sfs_vnode_remove(vp);
246 sfs_readdir_common(uint64_t parent_id, uint64_t id, struct vop_readdir_args *ap,
247 uio_t *uio, off_t *offp)
252 /* Reset ncookies for subsequent use of vfs_read_dirent. */
253 if (ap->a_ncookies != NULL)
256 if (uio->uio_resid < sizeof(entry))
257 return (SET_ERROR(EINVAL));
259 if (uio->uio_offset < 0)
260 return (SET_ERROR(EINVAL));
261 if (uio->uio_offset == 0) {
263 entry.d_type = DT_DIR;
264 entry.d_name[0] = '.';
266 entry.d_reclen = sizeof(entry);
267 dirent_terminate(&entry);
268 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
270 return (SET_ERROR(error));
273 if (uio->uio_offset < sizeof(entry))
274 return (SET_ERROR(EINVAL));
275 if (uio->uio_offset == sizeof(entry)) {
276 entry.d_fileno = parent_id;
277 entry.d_type = DT_DIR;
278 entry.d_name[0] = '.';
279 entry.d_name[1] = '.';
281 entry.d_reclen = sizeof(entry);
282 dirent_terminate(&entry);
283 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
285 return (SET_ERROR(error));
289 *offp = 2 * sizeof(entry);
295 * .zfs inode namespace
297 * We need to generate unique inode numbers for all files and directories
298 * within the .zfs pseudo-filesystem. We use the following scheme:
303 * .zfs/snapshot/<snap> objectid(snap)
305 #define ZFSCTL_INO_SNAP(id) (id)
307 static struct vop_vector zfsctl_ops_root;
308 static struct vop_vector zfsctl_ops_snapdir;
309 static struct vop_vector zfsctl_ops_snapshot;
310 static struct vop_vector zfsctl_ops_shares_dir;
323 zfsctl_is_node(vnode_t *vp)
325 return (vn_matchops(vp, zfsctl_ops_root) ||
326 vn_matchops(vp, zfsctl_ops_snapdir) ||
327 vn_matchops(vp, zfsctl_ops_snapshot) ||
328 vn_matchops(vp, zfsctl_ops_shares_dir));
332 typedef struct zfsctl_root {
340 * Create the '.zfs' directory.
343 zfsctl_create(zfsvfs_t *zfsvfs)
345 zfsctl_root_t *dot_zfs;
350 ASSERT(zfsvfs->z_ctldir == NULL);
352 snapdir = sfs_alloc_node(sizeof(*snapdir), "snapshot", ZFSCTL_INO_ROOT,
354 dot_zfs = (zfsctl_root_t *)sfs_alloc_node(sizeof(*dot_zfs), ".zfs", 0,
356 dot_zfs->snapdir = snapdir;
358 VERIFY(VFS_ROOT(zfsvfs->z_vfs, LK_EXCLUSIVE, &rvp) == 0);
359 VERIFY(0 == sa_lookup(VTOZ(rvp)->z_sa_hdl, SA_ZPL_CRTIME(zfsvfs),
360 &crtime, sizeof(crtime)));
361 ZFS_TIME_DECODE(&dot_zfs->cmtime, crtime);
364 zfsvfs->z_ctldir = dot_zfs;
368 * Destroy the '.zfs' directory. Only called when the filesystem is unmounted.
369 * The nodes must not have any associated vnodes by now as they should be
373 zfsctl_destroy(zfsvfs_t *zfsvfs)
375 sfs_destroy_node(zfsvfs->z_ctldir->snapdir);
376 sfs_destroy_node((sfs_node_t *)zfsvfs->z_ctldir);
377 zfsvfs->z_ctldir = NULL;
381 zfsctl_fs_root_vnode(struct mount *mp, void *arg __unused, int flags,
384 return (VFS_ROOT(mp, flags, vpp));
388 zfsctl_common_vnode_setup(vnode_t *vp, void *arg)
390 ASSERT_VOP_ELOCKED(vp, __func__);
392 /* We support shared locking. */
399 zfsctl_root_vnode(struct mount *mp, void *arg __unused, int flags,
405 node = ((zfsvfs_t*)mp->mnt_data)->z_ctldir;
406 err = sfs_vgetx(mp, flags, 0, ZFSCTL_INO_ROOT, "zfs", &zfsctl_ops_root,
407 zfsctl_common_vnode_setup, node, vpp);
412 zfsctl_snapdir_vnode(struct mount *mp, void *arg __unused, int flags,
418 node = ((zfsvfs_t*)mp->mnt_data)->z_ctldir->snapdir;
419 err = sfs_vgetx(mp, flags, ZFSCTL_INO_ROOT, ZFSCTL_INO_SNAPDIR, "zfs",
420 &zfsctl_ops_snapdir, zfsctl_common_vnode_setup, node, vpp);
425 * Given a root znode, retrieve the associated .zfs directory.
426 * Add a hold to the vnode and return it.
429 zfsctl_root(zfsvfs_t *zfsvfs, int flags, vnode_t **vpp)
434 error = zfsctl_root_vnode(zfsvfs->z_vfs, NULL, flags, vpp);
439 * Common open routine. Disallow any write access.
442 zfsctl_common_open(struct vop_open_args *ap)
444 int flags = ap->a_mode;
447 return (SET_ERROR(EACCES));
453 * Common close routine. Nothing to do here.
457 zfsctl_common_close(struct vop_close_args *ap)
463 * Common access routine. Disallow writes.
466 zfsctl_common_access(ap)
467 struct vop_access_args /* {
470 struct ucred *a_cred;
474 accmode_t accmode = ap->a_accmode;
476 if (accmode & VWRITE)
477 return (SET_ERROR(EACCES));
482 * Common getattr function. Fill in basic information.
485 zfsctl_common_getattr(vnode_t *vp, vattr_t *vap)
496 * We are a purely virtual object, so we have no
497 * blocksize or allocated blocks.
503 vap->va_mode = zfsctl_ctldir_mode;
506 * We live in the now (for atime).
510 /* FreeBSD: Reset chflags(2) flags. */
513 vap->va_nodeid = node->sn_id;
515 /* At least '.' and '..'. */
520 zfsctl_common_fid(ap)
521 struct vop_fid_args /* {
526 vnode_t *vp = ap->a_vp;
527 fid_t *fidp = (void *)ap->a_fid;
528 sfs_node_t *node = vp->v_data;
529 uint64_t object = node->sn_id;
533 zfid = (zfid_short_t *)fidp;
534 zfid->zf_len = SHORT_FID_LEN;
536 for (i = 0; i < sizeof(zfid->zf_object); i++)
537 zfid->zf_object[i] = (uint8_t)(object >> (8 * i));
539 /* .zfs nodes always have a generation number of 0 */
540 for (i = 0; i < sizeof(zfid->zf_gen); i++)
547 zfsctl_common_reclaim(ap)
548 struct vop_reclaim_args /* {
553 vnode_t *vp = ap->a_vp;
555 (void) sfs_reclaim_vnode(vp);
560 zfsctl_common_print(ap)
561 struct vop_print_args /* {
565 sfs_print_node(ap->a_vp->v_data);
570 * Get root directory attributes.
573 zfsctl_root_getattr(ap)
574 struct vop_getattr_args /* {
577 struct ucred *a_cred;
580 struct vnode *vp = ap->a_vp;
581 struct vattr *vap = ap->a_vap;
582 zfsctl_root_t *node = vp->v_data;
584 zfsctl_common_getattr(vp, vap);
585 vap->va_ctime = node->cmtime;
586 vap->va_mtime = vap->va_ctime;
587 vap->va_birthtime = vap->va_ctime;
588 vap->va_nlink += 1; /* snapdir */
589 vap->va_size = vap->va_nlink;
594 * When we lookup "." we still can be asked to lock it
595 * differently, can't we?
598 zfsctl_relock_dot(vnode_t *dvp, int ltype)
601 if (ltype != VOP_ISLOCKED(dvp)) {
602 if (ltype == LK_EXCLUSIVE)
603 vn_lock(dvp, LK_UPGRADE | LK_RETRY);
604 else /* if (ltype == LK_SHARED) */
605 vn_lock(dvp, LK_DOWNGRADE | LK_RETRY);
607 /* Relock for the "." case may left us with reclaimed vnode. */
608 if ((dvp->v_iflag & VI_DOOMED) != 0) {
610 return (SET_ERROR(ENOENT));
617 * Special case the handling of "..".
620 zfsctl_root_lookup(ap)
621 struct vop_lookup_args /* {
623 struct vnode **a_vpp;
624 struct componentname *a_cnp;
627 struct componentname *cnp = ap->a_cnp;
628 vnode_t *dvp = ap->a_dvp;
629 vnode_t **vpp = ap->a_vpp;
630 cred_t *cr = ap->a_cnp->cn_cred;
631 int flags = ap->a_cnp->cn_flags;
632 int lkflags = ap->a_cnp->cn_lkflags;
633 int nameiop = ap->a_cnp->cn_nameiop;
637 ASSERT(dvp->v_type == VDIR);
639 if ((flags & ISLASTCN) != 0 && nameiop != LOOKUP)
640 return (SET_ERROR(ENOTSUP));
642 if (cnp->cn_namelen == 1 && *cnp->cn_nameptr == '.') {
643 err = zfsctl_relock_dot(dvp, lkflags & LK_TYPE_MASK);
646 } else if ((flags & ISDOTDOT) != 0) {
647 err = vn_vget_ino_gen(dvp, zfsctl_fs_root_vnode, NULL,
649 } else if (strncmp(cnp->cn_nameptr, "snapshot", cnp->cn_namelen) == 0) {
650 err = zfsctl_snapdir_vnode(dvp->v_mount, NULL, lkflags, vpp);
652 err = SET_ERROR(ENOENT);
660 zfsctl_root_readdir(ap)
661 struct vop_readdir_args /* {
664 struct ucred *a_cred;
671 vnode_t *vp = ap->a_vp;
672 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
673 zfsctl_root_t *node = vp->v_data;
674 uio_t *uio = ap->a_uio;
675 int *eofp = ap->a_eofflag;
679 ASSERT(vp->v_type == VDIR);
681 error = sfs_readdir_common(zfsvfs->z_root, ZFSCTL_INO_ROOT, ap, uio,
684 if (error == ENAMETOOLONG) /* ran out of destination space */
688 if (uio->uio_offset != dots_offset)
689 return (SET_ERROR(EINVAL));
691 CTASSERT(sizeof(node->snapdir->sn_name) <= sizeof(entry.d_name));
692 entry.d_fileno = node->snapdir->sn_id;
693 entry.d_type = DT_DIR;
694 strcpy(entry.d_name, node->snapdir->sn_name);
695 entry.d_namlen = strlen(entry.d_name);
696 entry.d_reclen = sizeof(entry);
697 dirent_terminate(&entry);
698 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
700 if (error == ENAMETOOLONG)
702 return (SET_ERROR(error));
710 zfsctl_root_vptocnp(struct vop_vptocnp_args *ap)
712 static const char dotzfs_name[4] = ".zfs";
716 if (*ap->a_buflen < sizeof (dotzfs_name))
717 return (SET_ERROR(ENOMEM));
719 error = vn_vget_ino_gen(ap->a_vp, zfsctl_fs_root_vnode, NULL,
722 return (SET_ERROR(error));
726 *ap->a_buflen -= sizeof (dotzfs_name);
727 bcopy(dotzfs_name, ap->a_buf + *ap->a_buflen, sizeof (dotzfs_name));
732 zfsctl_common_pathconf(ap)
733 struct vop_pathconf_args /* {
740 * We care about ACL variables so that user land utilities like ls
741 * can display them correctly. Since the ctldir's st_dev is set to be
742 * the same as the parent dataset, we must support all variables that
745 switch (ap->a_name) {
747 *ap->a_retval = MIN(LONG_MAX, ZFS_LINK_MAX);
750 case _PC_FILESIZEBITS:
754 case _PC_MIN_HOLE_SIZE:
755 *ap->a_retval = (int)SPA_MINBLOCKSIZE;
758 case _PC_ACL_EXTENDED:
766 case _PC_ACL_PATH_MAX:
767 *ap->a_retval = ACL_MAX_ENTRIES;
771 *ap->a_retval = NAME_MAX;
775 return (vop_stdpathconf(ap));
780 * Returns a trivial ACL
783 zfsctl_common_getacl(ap)
784 struct vop_getacl_args /* {
794 if (ap->a_type != ACL_TYPE_NFS4)
797 acl_nfs4_sync_acl_from_mode(ap->a_aclp, zfsctl_ctldir_mode, 0);
799 * acl_nfs4_sync_acl_from_mode assumes that the owner can always modify
800 * attributes. That is not the case for the ctldir, so we must clear
801 * those bits. We also must clear ACL_READ_NAMED_ATTRS, because xattrs
802 * aren't supported by the ctldir.
804 for (i = 0; i < ap->a_aclp->acl_cnt; i++) {
805 struct acl_entry *entry;
806 entry = &(ap->a_aclp->acl_entry[i]);
807 uint32_t old_perm = entry->ae_perm;
808 entry->ae_perm &= ~(ACL_WRITE_ACL | ACL_WRITE_OWNER |
809 ACL_WRITE_ATTRIBUTES | ACL_WRITE_NAMED_ATTRS |
810 ACL_READ_NAMED_ATTRS );
816 static struct vop_vector zfsctl_ops_root = {
817 .vop_default = &default_vnodeops,
818 .vop_open = zfsctl_common_open,
819 .vop_close = zfsctl_common_close,
820 .vop_ioctl = VOP_EINVAL,
821 .vop_getattr = zfsctl_root_getattr,
822 .vop_access = zfsctl_common_access,
823 .vop_readdir = zfsctl_root_readdir,
824 .vop_lookup = zfsctl_root_lookup,
825 .vop_inactive = VOP_NULL,
826 .vop_reclaim = zfsctl_common_reclaim,
827 .vop_fid = zfsctl_common_fid,
828 .vop_print = zfsctl_common_print,
829 .vop_vptocnp = zfsctl_root_vptocnp,
830 .vop_pathconf = zfsctl_common_pathconf,
831 .vop_getacl = zfsctl_common_getacl,
835 zfsctl_snapshot_zname(vnode_t *vp, const char *name, int len, char *zname)
837 objset_t *os = ((zfsvfs_t *)((vp)->v_vfsp->vfs_data))->z_os;
839 dmu_objset_name(os, zname);
840 if (strlen(zname) + 1 + strlen(name) >= len)
841 return (SET_ERROR(ENAMETOOLONG));
842 (void) strcat(zname, "@");
843 (void) strcat(zname, name);
848 zfsctl_snapshot_lookup(vnode_t *vp, const char *name, uint64_t *id)
850 objset_t *os = ((zfsvfs_t *)((vp)->v_vfsp->vfs_data))->z_os;
853 err = dsl_dataset_snap_lookup(dmu_objset_ds(os), name, id);
858 * Given a vnode get a root vnode of a filesystem mounted on top of
859 * the vnode, if any. The root vnode is referenced and locked.
860 * If no filesystem is mounted then the orinal vnode remains referenced
861 * and locked. If any error happens the orinal vnode is unlocked and
865 zfsctl_mounted_here(vnode_t **vpp, int flags)
870 ASSERT_VOP_LOCKED(*vpp, __func__);
871 ASSERT3S((*vpp)->v_type, ==, VDIR);
873 if ((mp = (*vpp)->v_mountedhere) != NULL) {
874 err = vfs_busy(mp, 0);
875 KASSERT(err == 0, ("vfs_busy(mp, 0) failed with %d", err));
876 KASSERT(vrefcnt(*vpp) > 1, ("unreferenced mountpoint"));
878 err = VFS_ROOT(mp, flags, vpp);
882 return (EJUSTRETURN);
886 const char *snap_name;
888 } snapshot_setup_arg_t;
891 zfsctl_snapshot_vnode_setup(vnode_t *vp, void *arg)
893 snapshot_setup_arg_t *ssa = arg;
896 ASSERT_VOP_ELOCKED(vp, __func__);
898 node = sfs_alloc_node(sizeof(sfs_node_t),
899 ssa->snap_name, ZFSCTL_INO_SNAPDIR, ssa->snap_id);
900 zfsctl_common_vnode_setup(vp, node);
902 /* We have to support recursive locking. */
907 * Lookup entry point for the 'snapshot' directory. Try to open the
908 * snapshot if it exist, creating the pseudo filesystem vnode as necessary.
909 * Perform a mount of the associated dataset on top of the vnode.
910 * There are four possibilities:
911 * - the snapshot node and vnode do not exist
912 * - the snapshot vnode is covered by the mounted snapshot
913 * - the snapshot vnode is not covered yet, the mount operation is in progress
914 * - the snapshot vnode is not covered, because the snapshot has been unmounted
915 * The last two states are transient and should be relatively short-lived.
918 zfsctl_snapdir_lookup(ap)
919 struct vop_lookup_args /* {
921 struct vnode **a_vpp;
922 struct componentname *a_cnp;
925 vnode_t *dvp = ap->a_dvp;
926 vnode_t **vpp = ap->a_vpp;
927 struct componentname *cnp = ap->a_cnp;
928 char name[NAME_MAX + 1];
929 char fullname[ZFS_MAX_DATASET_NAME_LEN];
931 size_t mountpoint_len;
932 zfsvfs_t *zfsvfs = dvp->v_vfsp->vfs_data;
934 int nameiop = cnp->cn_nameiop;
935 int lkflags = cnp->cn_lkflags;
936 int flags = cnp->cn_flags;
939 ASSERT(dvp->v_type == VDIR);
941 if ((flags & ISLASTCN) != 0 && nameiop != LOOKUP)
942 return (SET_ERROR(ENOTSUP));
944 if (cnp->cn_namelen == 1 && *cnp->cn_nameptr == '.') {
945 err = zfsctl_relock_dot(dvp, lkflags & LK_TYPE_MASK);
950 if (flags & ISDOTDOT) {
951 err = vn_vget_ino_gen(dvp, zfsctl_root_vnode, NULL, lkflags,
956 if (cnp->cn_namelen >= sizeof(name))
957 return (SET_ERROR(ENAMETOOLONG));
959 strlcpy(name, ap->a_cnp->cn_nameptr, ap->a_cnp->cn_namelen + 1);
960 err = zfsctl_snapshot_lookup(dvp, name, &snap_id);
962 return (SET_ERROR(ENOENT));
965 snapshot_setup_arg_t ssa;
967 ssa.snap_name = name;
968 ssa.snap_id = snap_id;
969 err = sfs_vgetx(dvp->v_mount, LK_SHARED, ZFSCTL_INO_SNAPDIR,
970 snap_id, "zfs", &zfsctl_ops_snapshot,
971 zfsctl_snapshot_vnode_setup, &ssa, vpp);
975 /* Check if a new vnode has just been created. */
976 if (VOP_ISLOCKED(*vpp) == LK_EXCLUSIVE)
980 * Check if a snapshot is already mounted on top of the vnode.
982 err = zfsctl_mounted_here(vpp, lkflags);
983 if (err != EJUSTRETURN)
987 * If the vnode is not covered, then either the mount operation
988 * is in progress or the snapshot has already been unmounted
989 * but the vnode hasn't been inactivated and reclaimed yet.
990 * We can try to re-use the vnode in the latter case.
993 if (((*vpp)->v_iflag & VI_MOUNT) == 0) {
994 /* Upgrade to exclusive lock in order to:
995 * - avoid race conditions
996 * - satisfy the contract of mount_snapshot()
998 err = VOP_LOCK(*vpp, LK_TRYUPGRADE | LK_INTERLOCK);
1006 * In this state we can loop on uncontested locks and starve
1007 * the thread doing the lengthy, non-trivial mount operation.
1008 * So, yield to prevent that from happening.
1011 kern_yield(PRI_USER);
1014 VERIFY0(zfsctl_snapshot_zname(dvp, name, sizeof(fullname), fullname));
1016 mountpoint_len = strlen(dvp->v_vfsp->mnt_stat.f_mntonname) +
1017 strlen("/" ZFS_CTLDIR_NAME "/snapshot/") + strlen(name) + 1;
1018 mountpoint = kmem_alloc(mountpoint_len, KM_SLEEP);
1019 (void) snprintf(mountpoint, mountpoint_len,
1020 "%s/" ZFS_CTLDIR_NAME "/snapshot/%s",
1021 dvp->v_vfsp->mnt_stat.f_mntonname, name);
1023 err = mount_snapshot(curthread, vpp, "zfs", mountpoint, fullname, 0);
1024 kmem_free(mountpoint, mountpoint_len);
1027 * Fix up the root vnode mounted on .zfs/snapshot/<snapname>.
1029 * This is where we lie about our v_vfsp in order to
1030 * make .zfs/snapshot/<snapname> accessible over NFS
1031 * without requiring manual mounts of <snapname>.
1033 ASSERT(VTOZ(*vpp)->z_zfsvfs != zfsvfs);
1034 VTOZ(*vpp)->z_zfsvfs->z_parent = zfsvfs;
1036 /* Clear the root flag (set via VFS_ROOT) as well. */
1037 (*vpp)->v_vflag &= ~VV_ROOT;
1046 zfsctl_snapdir_readdir(ap)
1047 struct vop_readdir_args /* {
1050 struct ucred *a_cred;
1056 char snapname[ZFS_MAX_DATASET_NAME_LEN];
1057 struct dirent entry;
1058 vnode_t *vp = ap->a_vp;
1059 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
1060 uio_t *uio = ap->a_uio;
1061 int *eofp = ap->a_eofflag;
1065 ASSERT(vp->v_type == VDIR);
1067 error = sfs_readdir_common(ZFSCTL_INO_ROOT, ZFSCTL_INO_SNAPDIR, ap, uio,
1070 if (error == ENAMETOOLONG) /* ran out of destination space */
1080 cookie = uio->uio_offset - dots_offset;
1082 dsl_pool_config_enter(dmu_objset_pool(zfsvfs->z_os), FTAG);
1083 error = dmu_snapshot_list_next(zfsvfs->z_os, sizeof(snapname),
1084 snapname, &id, &cookie, NULL);
1085 dsl_pool_config_exit(dmu_objset_pool(zfsvfs->z_os), FTAG);
1087 if (error == ENOENT) {
1096 entry.d_fileno = id;
1097 entry.d_type = DT_DIR;
1098 strcpy(entry.d_name, snapname);
1099 entry.d_namlen = strlen(entry.d_name);
1100 entry.d_reclen = sizeof(entry);
1101 /* NOTE: d_off is the offset for the *next* entry. */
1102 entry.d_off = cookie + dots_offset;
1103 dirent_terminate(&entry);
1104 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
1106 if (error == ENAMETOOLONG)
1109 return (SET_ERROR(error));
1111 uio->uio_offset = cookie + dots_offset;
1117 zfsctl_snapdir_getattr(ap)
1118 struct vop_getattr_args /* {
1120 struct vattr *a_vap;
1121 struct ucred *a_cred;
1124 vnode_t *vp = ap->a_vp;
1125 vattr_t *vap = ap->a_vap;
1126 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
1127 dsl_dataset_t *ds = dmu_objset_ds(zfsvfs->z_os);
1128 sfs_node_t *node = vp->v_data;
1129 uint64_t snap_count;
1133 zfsctl_common_getattr(vp, vap);
1134 vap->va_ctime = dmu_objset_snap_cmtime(zfsvfs->z_os);
1135 vap->va_mtime = vap->va_ctime;
1136 vap->va_birthtime = vap->va_ctime;
1137 if (dsl_dataset_phys(ds)->ds_snapnames_zapobj != 0) {
1138 err = zap_count(dmu_objset_pool(ds->ds_objset)->dp_meta_objset,
1139 dsl_dataset_phys(ds)->ds_snapnames_zapobj, &snap_count);
1144 vap->va_nlink += snap_count;
1146 vap->va_size = vap->va_nlink;
1152 static struct vop_vector zfsctl_ops_snapdir = {
1153 .vop_default = &default_vnodeops,
1154 .vop_open = zfsctl_common_open,
1155 .vop_close = zfsctl_common_close,
1156 .vop_getattr = zfsctl_snapdir_getattr,
1157 .vop_access = zfsctl_common_access,
1158 .vop_readdir = zfsctl_snapdir_readdir,
1159 .vop_lookup = zfsctl_snapdir_lookup,
1160 .vop_reclaim = zfsctl_common_reclaim,
1161 .vop_fid = zfsctl_common_fid,
1162 .vop_print = zfsctl_common_print,
1163 .vop_pathconf = zfsctl_common_pathconf,
1164 .vop_getacl = zfsctl_common_getacl,
1168 zfsctl_snapshot_inactive(ap)
1169 struct vop_inactive_args /* {
1171 struct thread *a_td;
1174 vnode_t *vp = ap->a_vp;
1176 VERIFY(vrecycle(vp) == 1);
1181 zfsctl_snapshot_reclaim(ap)
1182 struct vop_reclaim_args /* {
1184 struct thread *a_td;
1187 vnode_t *vp = ap->a_vp;
1188 void *data = vp->v_data;
1190 sfs_reclaim_vnode(vp);
1191 sfs_destroy_node(data);
1196 zfsctl_snapshot_vptocnp(struct vop_vptocnp_args *ap)
1208 len = strlen(node->sn_name);
1209 if (*ap->a_buflen < len)
1210 return (SET_ERROR(ENOMEM));
1213 * Prevent unmounting of the snapshot while the vnode lock
1214 * is not held. That is not strictly required, but allows
1215 * us to assert that an uncovered snapshot vnode is never
1218 mp = vp->v_mountedhere;
1220 return (SET_ERROR(ENOENT));
1221 error = vfs_busy(mp, 0);
1222 KASSERT(error == 0, ("vfs_busy(mp, 0) failed with %d", error));
1225 * We can vput the vnode as we can now depend on the reference owned
1226 * by the busied mp. But we also need to hold the vnode, because
1227 * the reference may go after vfs_unbusy() which has to be called
1228 * before we can lock the vnode again.
1230 locked = VOP_ISLOCKED(vp);
1234 /* Look up .zfs/snapshot, our parent. */
1235 error = zfsctl_snapdir_vnode(vp->v_mount, NULL, LK_SHARED, &dvp);
1239 *ap->a_buflen -= len;
1240 bcopy(node->sn_name, ap->a_buf + *ap->a_buflen, len);
1243 vget(vp, locked | LK_VNHELD | LK_RETRY, curthread);
1248 * These VP's should never see the light of day. They should always
1251 static struct vop_vector zfsctl_ops_snapshot = {
1252 .vop_default = NULL, /* ensure very restricted access */
1253 .vop_inactive = zfsctl_snapshot_inactive,
1254 .vop_reclaim = zfsctl_snapshot_reclaim,
1255 .vop_vptocnp = zfsctl_snapshot_vptocnp,
1256 .vop_lock1 = vop_stdlock,
1257 .vop_unlock = vop_stdunlock,
1258 .vop_islocked = vop_stdislocked,
1259 .vop_advlockpurge = vop_stdadvlockpurge, /* called by vgone */
1260 .vop_print = zfsctl_common_print,
1264 zfsctl_lookup_objset(vfs_t *vfsp, uint64_t objsetid, zfsvfs_t **zfsvfsp)
1267 zfsvfs_t *zfsvfs = vfsp->vfs_data;
1271 ASSERT(zfsvfs->z_ctldir != NULL);
1273 error = sfs_vnode_get(vfsp, LK_EXCLUSIVE,
1274 ZFSCTL_INO_SNAPDIR, objsetid, &vp);
1275 if (error == 0 && vp != NULL) {
1277 * XXX Probably need to at least reference, if not busy, the mp.
1279 if (vp->v_mountedhere != NULL)
1280 *zfsvfsp = vp->v_mountedhere->mnt_data;
1283 if (*zfsvfsp == NULL)
1284 return (SET_ERROR(EINVAL));
1289 * Unmount any snapshots for the given filesystem. This is called from
1290 * zfs_umount() - if we have a ctldir, then go through and unmount all the
1294 zfsctl_umount_snapshots(vfs_t *vfsp, int fflags, cred_t *cr)
1296 char snapname[ZFS_MAX_DATASET_NAME_LEN];
1297 zfsvfs_t *zfsvfs = vfsp->vfs_data;
1306 ASSERT(zfsvfs->z_ctldir != NULL);
1312 dsl_pool_config_enter(dmu_objset_pool(zfsvfs->z_os), FTAG);
1313 error = dmu_snapshot_list_next(zfsvfs->z_os, sizeof(snapname),
1314 snapname, &id, &cookie, NULL);
1315 dsl_pool_config_exit(dmu_objset_pool(zfsvfs->z_os), FTAG);
1317 if (error == ENOENT)
1323 error = sfs_vnode_get(vfsp, LK_EXCLUSIVE,
1324 ZFSCTL_INO_SNAPDIR, id, &vp);
1325 if (error != 0 || vp == NULL)
1328 mp = vp->v_mountedhere;
1331 * v_mountedhere being NULL means that the
1332 * (uncovered) vnode is in a transient state
1333 * (mounting or unmounting), so loop until it
1343 continue; /* no mountpoint, nothing to do */
1346 * The mount-point vnode is kept locked to avoid spurious EBUSY
1347 * from a concurrent umount.
1348 * The vnode lock must have recursive locking enabled.
1351 error = dounmount(mp, fflags, curthread);
1352 KASSERT_IMPLY(error == 0, vrefcnt(vp) == 1,
1353 ("extra references after unmount"));
1358 KASSERT_IMPLY((fflags & MS_FORCE) != 0, error == 0,
1359 ("force unmounting failed"));