4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
26 #pragma ident "%Z%%M% %I% %E% SMI"
28 #include <sys/types.h>
29 #include <sys/param.h>
30 #include <sys/systm.h>
32 #include <sys/kernel.h>
34 #include <sys/malloc.h>
35 #include <sys/mutex.h>
37 #include <sys/errno.h>
43 #include <sys/cmn_err.h>
45 #include <sys/zfs_ioctl.h>
48 #include <sys/spa_impl.h>
50 #include <sys/vdev_impl.h>
52 #include <sys/dsl_dir.h>
53 #include <sys/dsl_dataset.h>
54 #include <sys/dsl_prop.h>
55 #include <sys/sunddi.h>
56 #include <sys/policy.h>
58 #include <sys/nvpair.h>
59 #include <sys/mount.h>
60 #include <sys/taskqueue.h>
62 #include <sys/varargs.h>
63 #include <sys/fs/zfs.h>
64 #include <sys/zfs_ctldir.h>
67 #include "zfs_namecheck.h"
70 CTASSERT(sizeof(zfs_cmd_t) <= PAGE_SIZE);
72 static struct cdev *zfsdev;
74 extern void zfs_init(void);
75 extern void zfs_fini(void);
77 typedef int zfs_ioc_func_t(zfs_cmd_t *);
78 typedef int zfs_secpolicy_func_t(const char *, cred_t *);
80 typedef struct zfs_ioc_vec {
81 zfs_ioc_func_t *zvec_func;
82 zfs_secpolicy_func_t *zvec_secpolicy;
90 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
92 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
99 * Get rid of annoying "../common/" prefix to filename.
101 newfile = strrchr(file, '/');
102 if (newfile != NULL) {
103 newfile = newfile + 1; /* Get rid of leading / */
109 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
113 * To get this data, use the zfs-dprintf probe as so:
114 * dtrace -q -n 'zfs-dprintf \
115 * /stringof(arg0) == "dbuf.c"/ \
116 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
118 * arg1 = function name
122 DTRACE_PROBE4(zfs__dprintf,
123 char *, newfile, char *, func, int, line, char *, buf);
127 * Policy for top-level read operations (list pools). Requires no privileges,
128 * and can be used in the local zone, as there is no associated dataset.
132 zfs_secpolicy_none(const char *unused1, cred_t *cr)
138 * Policy for dataset read operations (list children, get statistics). Requires
139 * no privileges, but must be visible in the local zone.
143 zfs_secpolicy_read(const char *dataset, cred_t *cr)
145 if (INGLOBALZONE(curproc) ||
146 zone_dataset_visible(dataset, NULL))
153 zfs_dozonecheck(const char *dataset, cred_t *cr)
159 * The dataset must be visible by this zone -- check this first
160 * so they don't see EPERM on something they shouldn't know about.
162 if (!INGLOBALZONE(curproc) &&
163 !zone_dataset_visible(dataset, &writable))
166 if (dsl_prop_get_integer(dataset, "jailed", &zoned, NULL))
169 if (INGLOBALZONE(curproc)) {
171 * If the fs is zoned, only root can access it from the
174 if (secpolicy_zfs(cr) && zoned)
178 * If we are in a local zone, the 'zoned' property must be set.
183 /* must be writable by this zone */
191 * Policy for dataset write operations (create children, set properties, etc).
192 * Requires SYS_MOUNT privilege, and must be writable in the local zone.
195 zfs_secpolicy_write(const char *dataset, cred_t *cr)
199 if (error = zfs_dozonecheck(dataset, cr))
202 return (secpolicy_zfs(cr));
206 * Policy for operations that want to write a dataset's parent:
207 * create, destroy, snapshot, clone, restore.
210 zfs_secpolicy_parent(const char *dataset, cred_t *cr)
212 char parentname[MAXNAMELEN];
216 * Remove the @bla or /bla from the end of the name to get the parent.
218 (void) strncpy(parentname, dataset, sizeof (parentname));
219 cp = strrchr(parentname, '@');
223 cp = strrchr(parentname, '/');
230 return (zfs_secpolicy_write(parentname, cr));
234 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
235 * SYS_CONFIG privilege, which is not available in a local zone.
239 zfs_secpolicy_config(const char *unused, cred_t *cr)
241 if (secpolicy_sys_config(cr, B_FALSE) != 0)
248 * Policy for fault injection. Requires all privileges.
252 zfs_secpolicy_inject(const char *unused, cred_t *cr)
254 return (secpolicy_zinject(cr));
258 * Policy for dataset backup operations (sendbackup).
259 * Requires SYS_MOUNT privilege, and must be writable in the local zone.
262 zfs_secpolicy_operator(const char *dataset, cred_t *cr)
266 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(dataset, &writable))
268 if (secpolicy_zfs(cr) != 0 && !groupmember(GID_OPERATOR, cr))
274 * Returns the nvlist as specified by the user in the zfs_cmd_t.
277 get_nvlist(zfs_cmd_t *zc, nvlist_t **nvp)
282 nvlist_t *config = NULL;
285 * Read in and unpack the user-supplied nvlist.
287 if ((size = zc->zc_nvlist_src_size) == 0)
290 packed = kmem_alloc(size, KM_SLEEP);
292 if ((error = xcopyin((void *)(uintptr_t)zc->zc_nvlist_src, packed,
294 kmem_free(packed, size);
298 if ((error = nvlist_unpack(packed, size, &config, 0)) != 0) {
299 kmem_free(packed, size);
303 kmem_free(packed, size);
310 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
316 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0);
318 if (size > zc->zc_nvlist_dst_size) {
320 * Solaris returns ENOMEM here, because even if an error is
321 * returned from an ioctl(2), new zc_nvlist_dst_size will be
322 * passed to the userland. This is not the case for FreeBSD.
323 * We need to return 0, so the kernel will copy the
324 * zc_nvlist_dst_size back and the userland can discover that a
325 * bigger buffer is needed.
329 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE,
331 error = xcopyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
333 kmem_free(packed, size);
336 zc->zc_nvlist_dst_size = size;
341 zfs_ioc_pool_create(zfs_cmd_t *zc)
346 if ((error = get_nvlist(zc, &config)) != 0)
349 error = spa_create(zc->zc_name, config, zc->zc_value[0] == '\0' ?
350 NULL : zc->zc_value);
358 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
360 return (spa_destroy(zc->zc_name));
364 zfs_ioc_pool_import(zfs_cmd_t *zc)
370 if ((error = get_nvlist(zc, &config)) != 0)
373 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
377 error = spa_import(zc->zc_name, config,
378 zc->zc_value[0] == '\0' ? NULL : zc->zc_value);
386 zfs_ioc_pool_export(zfs_cmd_t *zc)
388 return (spa_export(zc->zc_name, NULL));
392 zfs_ioc_pool_configs(zfs_cmd_t *zc)
397 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
400 error = put_nvlist(zc, configs);
402 nvlist_free(configs);
408 zfs_ioc_pool_stats(zfs_cmd_t *zc)
414 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
415 sizeof (zc->zc_value));
417 if (config != NULL) {
418 ret = put_nvlist(zc, config);
422 * The config may be present even if 'error' is non-zero.
423 * In this case we return success, and preserve the real errno
426 zc->zc_cookie = error;
435 * Try to import the given pool, returning pool stats as appropriate so that
436 * user land knows which devices are available and overall pool health.
439 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
441 nvlist_t *tryconfig, *config;
444 if ((error = get_nvlist(zc, &tryconfig)) != 0)
447 config = spa_tryimport(tryconfig);
449 nvlist_free(tryconfig);
454 error = put_nvlist(zc, config);
461 zfs_ioc_pool_scrub(zfs_cmd_t *zc)
466 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
469 error = spa_scrub(spa, zc->zc_cookie, B_FALSE);
471 spa_close(spa, FTAG);
477 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
482 error = spa_open(zc->zc_name, &spa, FTAG);
485 spa_close(spa, FTAG);
491 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
496 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
501 spa_close(spa, FTAG);
507 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
514 if ((size = zc->zc_history_len) == 0)
517 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
520 if (spa_version(spa) < ZFS_VERSION_ZPOOL_HISTORY) {
521 spa_close(spa, FTAG);
525 hist_buf = kmem_alloc(size, KM_SLEEP);
526 if ((error = spa_history_get(spa, &zc->zc_history_offset,
527 &zc->zc_history_len, hist_buf)) == 0) {
528 error = xcopyout(hist_buf, (char *)(uintptr_t)zc->zc_history,
532 spa_close(spa, FTAG);
533 kmem_free(hist_buf, size);
538 zfs_ioc_pool_log_history(zfs_cmd_t *zc)
541 char *history_str = NULL;
545 size = zc->zc_history_len;
546 if (size == 0 || size > HIS_MAX_RECORD_LEN)
549 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
552 if (spa_version(spa) < ZFS_VERSION_ZPOOL_HISTORY) {
553 spa_close(spa, FTAG);
557 /* add one for the NULL delimiter */
559 history_str = kmem_alloc(size, KM_SLEEP);
560 if ((error = xcopyin((void *)(uintptr_t)zc->zc_history, history_str,
562 spa_close(spa, FTAG);
563 kmem_free(history_str, size);
566 history_str[size - 1] = '\0';
568 error = spa_history_log(spa, history_str, zc->zc_history_offset);
570 spa_close(spa, FTAG);
571 kmem_free(history_str, size);
577 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
581 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value))
588 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
593 if ((error = dmu_objset_open(zc->zc_name, DMU_OST_ZFS,
594 DS_MODE_NONE | DS_MODE_READONLY, &osp)) != 0)
597 error = zfs_obj_to_path(osp, zc->zc_obj, zc->zc_value,
598 sizeof (zc->zc_value));
599 dmu_objset_close(osp);
605 zfs_ioc_vdev_add(zfs_cmd_t *zc)
611 error = spa_open(zc->zc_name, &spa, FTAG);
616 * A root pool with concatenated devices is not supported.
617 * Thus, can not add a device to a root pool with one device.
619 if (spa->spa_root_vdev->vdev_children == 1 && spa->spa_bootfs != 0) {
620 spa_close(spa, FTAG);
624 if ((error = get_nvlist(zc, &config)) == 0) {
625 error = spa_vdev_add(spa, config);
629 spa_close(spa, FTAG);
634 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
639 error = spa_open(zc->zc_name, &spa, FTAG);
642 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
643 spa_close(spa, FTAG);
648 zfs_ioc_vdev_online(zfs_cmd_t *zc)
653 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
655 error = vdev_online(spa, zc->zc_guid);
656 spa_close(spa, FTAG);
661 zfs_ioc_vdev_offline(zfs_cmd_t *zc)
664 int istmp = zc->zc_cookie;
667 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
669 error = vdev_offline(spa, zc->zc_guid, istmp);
670 spa_close(spa, FTAG);
675 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
678 int replacing = zc->zc_cookie;
682 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
685 if ((error = get_nvlist(zc, &config)) == 0) {
686 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
690 spa_close(spa, FTAG);
695 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
700 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
703 error = spa_vdev_detach(spa, zc->zc_guid, B_FALSE);
705 spa_close(spa, FTAG);
710 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
713 char *path = zc->zc_value;
714 uint64_t guid = zc->zc_guid;
717 error = spa_open(zc->zc_name, &spa, FTAG);
721 error = spa_vdev_setpath(spa, guid, path);
722 spa_close(spa, FTAG);
727 zfs_ioc_objset_stats(zfs_cmd_t *zc)
734 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY,
735 DS_MODE_STANDARD | DS_MODE_READONLY, &os);
738 * This is ugly: dmu_objset_open() can return EBUSY if
739 * the objset is held exclusively. Fortunately this hold is
740 * only for a short while, so we retry here.
741 * This avoids user code having to handle EBUSY,
742 * for example for a "zfs list".
744 if (error == EBUSY) {
751 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
753 if (zc->zc_nvlist_dst != 0 &&
754 (error = dsl_prop_get_all(os, &nv)) == 0) {
755 dmu_objset_stats(os, nv);
757 * NB: zvol_get_stats() will read the objset contents,
758 * which we aren't supposed to do with a
759 * DS_MODE_STANDARD open, because it could be
760 * inconsistent. So this is a bit of a workaround...
762 if (!zc->zc_objset_stats.dds_inconsistent &&
763 dmu_objset_type(os) == DMU_OST_ZVOL)
764 VERIFY(zvol_get_stats(os, nv) == 0);
765 error = put_nvlist(zc, nv);
769 spa_altroot(dmu_objset_spa(os), zc->zc_value, sizeof (zc->zc_value));
771 dmu_objset_close(os);
778 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
785 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY,
786 DS_MODE_STANDARD | DS_MODE_READONLY, &os);
789 * This is ugly: dmu_objset_open() can return EBUSY if
790 * the objset is held exclusively. Fortunately this hold is
791 * only for a short while, so we retry here.
792 * This avoids user code having to handle EBUSY,
793 * for example for a "zfs list".
795 if (error == EBUSY) {
804 p = strrchr(zc->zc_name, '/');
805 if (p == NULL || p[1] != '\0')
806 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
807 p = zc->zc_name + strlen(zc->zc_name);
810 error = dmu_dir_list_next(os,
811 sizeof (zc->zc_name) - (p - zc->zc_name), p,
812 NULL, &zc->zc_cookie);
815 } while (error == 0 && !INGLOBALZONE(curproc) &&
816 !zone_dataset_visible(zc->zc_name, NULL));
819 * If it's a hidden dataset (ie. with a '$' in its name), don't
820 * try to get stats for it. Userland will skip over it.
822 if (error == 0 && strchr(zc->zc_name, '$') == NULL)
823 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
825 dmu_objset_close(os);
830 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
836 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY,
837 DS_MODE_STANDARD | DS_MODE_READONLY, &os);
840 * This is ugly: dmu_objset_open() can return EBUSY if
841 * the objset is held exclusively. Fortunately this hold is
842 * only for a short while, so we retry here.
843 * This avoids user code having to handle EBUSY,
844 * for example for a "zfs list".
846 if (error == EBUSY) {
856 * A dataset name of maximum length cannot have any snapshots,
857 * so exit immediately.
859 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
860 dmu_objset_close(os);
864 error = dmu_snapshot_list_next(os,
865 sizeof (zc->zc_name) - strlen(zc->zc_name),
866 zc->zc_name + strlen(zc->zc_name), NULL, &zc->zc_cookie);
871 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
873 dmu_objset_close(os);
878 zfs_set_prop_nvlist(const char *name, dev_t dev, cred_t *cr, nvlist_t *nvl)
882 const char *propname;
886 char buf[MAXNAMELEN];
891 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) {
892 propname = nvpair_name(elem);
894 if ((prop = zfs_name_to_prop(propname)) ==
897 * If this is a user-defined property, it must be a
898 * string, and there is no further validation to do.
900 if (!zfs_prop_user(propname) ||
901 nvpair_type(elem) != DATA_TYPE_STRING)
904 VERIFY(nvpair_value_string(elem, &strval) == 0);
905 error = dsl_prop_set(name, propname, 1,
906 strlen(strval) + 1, strval);
914 * Check permissions for special properties.
919 * Disallow setting of 'zoned' from within a local zone.
921 if (!INGLOBALZONE(curproc))
926 if (error = zfs_dozonecheck(name, cr))
929 if (!INGLOBALZONE(curproc)) {
931 char setpoint[MAXNAMELEN];
934 * Unprivileged users are allowed to modify the
935 * quota on things *under* (ie. contained by)
936 * the thing they own.
938 if (dsl_prop_get_integer(name, "jailed", &zoned,
941 if (!zoned) /* this shouldn't happen */
943 dslen = strlen(name);
944 if (dslen <= strlen(setpoint))
949 case ZFS_PROP_COMPRESSION:
951 * If the user specified gzip compression, make sure
952 * the SPA supports it. We ignore any errors here since
953 * we'll catch them later.
955 if (nvpair_type(elem) == DATA_TYPE_UINT64 &&
956 nvpair_value_uint64(elem, &intval) == 0 &&
957 intval >= ZIO_COMPRESS_GZIP_1 &&
958 intval <= ZIO_COMPRESS_GZIP_9) {
959 if ((p = strchr(name, '/')) == NULL) {
962 bcopy(name, buf, p - name);
963 buf[p - name] = '\0';
967 if (spa_open(p, &spa, FTAG) == 0) {
968 if (spa_version(spa) <
969 ZFS_VERSION_GZIP_COMPRESSION) {
970 spa_close(spa, FTAG);
974 spa_close(spa, FTAG);
982 if ((error = nvpair_value_uint64(elem, &intval)) != 0 ||
983 (error = dsl_dir_set_quota(name,
988 case ZFS_PROP_RESERVATION:
989 if ((error = nvpair_value_uint64(elem, &intval)) != 0 ||
990 (error = dsl_dir_set_reservation(name,
995 case ZFS_PROP_VOLSIZE:
996 if ((error = nvpair_value_uint64(elem, &intval)) != 0 ||
997 (error = zvol_set_volsize(name, dev,
1002 case ZFS_PROP_VOLBLOCKSIZE:
1003 if ((error = nvpair_value_uint64(elem, &intval)) != 0 ||
1004 (error = zvol_set_volblocksize(name,
1010 if (nvpair_type(elem) == DATA_TYPE_STRING) {
1011 if (zfs_prop_get_type(prop) !=
1014 VERIFY(nvpair_value_string(elem, &strval) == 0);
1015 if ((error = dsl_prop_set(name,
1016 nvpair_name(elem), 1, strlen(strval) + 1,
1019 } else if (nvpair_type(elem) == DATA_TYPE_UINT64) {
1022 VERIFY(nvpair_value_uint64(elem, &intval) == 0);
1024 switch (zfs_prop_get_type(prop)) {
1025 case prop_type_number:
1027 case prop_type_boolean:
1031 case prop_type_string:
1033 case prop_type_index:
1034 if (zfs_prop_index_to_string(prop,
1035 intval, &unused) != 0)
1039 cmn_err(CE_PANIC, "unknown property "
1044 if ((error = dsl_prop_set(name, propname,
1045 8, 1, &intval)) != 0)
1058 zfs_ioc_set_prop(zfs_cmd_t *zc)
1065 * If zc_value is set, then this is an attempt to inherit a value.
1066 * Otherwise, zc_nvlist refers to a list of properties to set.
1068 if (zc->zc_value[0] != '\0') {
1069 if (!zfs_prop_user(zc->zc_value) &&
1070 ((prop = zfs_name_to_prop(zc->zc_value)) ==
1072 !zfs_prop_inheritable(prop)))
1075 return (dsl_prop_set(zc->zc_name, zc->zc_value, 0, 0, NULL));
1078 if ((error = get_nvlist(zc, &nvl)) != 0)
1081 error = zfs_set_prop_nvlist(zc->zc_name, zc->zc_dev,
1082 (cred_t *)(uintptr_t)zc->zc_cred, nvl);
1088 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
1091 int error, reset_bootfs = 0;
1095 char *propname, *strval;
1101 if ((error = get_nvlist(zc, &nvl)) != 0)
1104 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
1109 if (spa_version(spa) < ZFS_VERSION_BOOTFS) {
1111 spa_close(spa, FTAG);
1116 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) {
1118 propname = nvpair_name(elem);
1120 if ((prop = zpool_name_to_prop(propname)) ==
1123 spa_close(spa, FTAG);
1128 case ZFS_PROP_BOOTFS:
1130 * A bootable filesystem can not be on a RAIDZ pool
1131 * nor a striped pool with more than 1 device.
1133 rvdev = spa->spa_root_vdev;
1135 rvdev->vdev_child[0]->vdev_ops->vdev_op_type;
1136 if (strcmp(vdev_type, VDEV_TYPE_RAIDZ) == 0 ||
1137 (strcmp(vdev_type, VDEV_TYPE_MIRROR) != 0 &&
1138 rvdev->vdev_children > 1)) {
1145 VERIFY(nvpair_value_string(elem, &strval) == 0);
1146 if (strval == NULL || strval[0] == '\0') {
1148 zfs_prop_default_numeric(ZFS_PROP_BOOTFS);
1152 if (error = dmu_objset_open(strval, DMU_OST_ZFS,
1153 DS_MODE_STANDARD | DS_MODE_READONLY, &os))
1155 objnum = dmu_objset_id(os);
1156 dmu_objset_close(os);
1168 VERIFY(nvlist_remove(nvl,
1169 zpool_prop_to_name(ZFS_PROP_BOOTFS),
1170 DATA_TYPE_STRING) == 0);
1171 VERIFY(nvlist_add_uint64(nvl,
1172 zpool_prop_to_name(ZFS_PROP_BOOTFS), objnum) == 0);
1174 error = spa_set_props(spa, nvl);
1178 spa_close(spa, FTAG);
1184 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
1188 nvlist_t *nvp = NULL;
1190 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1193 error = spa_get_props(spa, &nvp);
1195 if (error == 0 && zc->zc_nvlist_dst != 0)
1196 error = put_nvlist(zc, nvp);
1200 spa_close(spa, FTAG);
1208 zfs_ioc_create_minor(zfs_cmd_t *zc)
1210 return (zvol_create_minor(zc->zc_name, zc->zc_dev));
1214 zfs_ioc_remove_minor(zfs_cmd_t *zc)
1216 return (zvol_remove_minor(zc->zc_name));
1220 * Search the vfs list for a specified resource. Returns a pointer to it
1221 * or NULL if no suitable entry is found. The caller of this routine
1222 * is responsible for releasing the returned vfs pointer.
1225 zfs_get_vfs(const char *resource)
1229 mtx_lock(&mountlist_mtx);
1230 TAILQ_FOREACH(vfsp, &mountlist, mnt_list) {
1231 if (strcmp(vfsp->mnt_stat.f_mntfromname, resource) == 0) {
1236 mtx_unlock(&mountlist_mtx);
1241 zfs_create_cb(objset_t *os, void *arg, dmu_tx_t *tx)
1243 zfs_create_data_t *zc = arg;
1245 zfs_create_fs(os, (cred_t *)(uintptr_t)zc->zc_cred, tx);
1249 zfs_ioc_create(zfs_cmd_t *zc)
1253 zfs_create_data_t cbdata = { 0 };
1254 void (*cbfunc)(objset_t *os, void *arg, dmu_tx_t *tx);
1255 dmu_objset_type_t type = zc->zc_objset_type;
1260 cbfunc = zfs_create_cb;
1264 cbfunc = zvol_create_cb;
1270 if (strchr(zc->zc_name, '@'))
1273 if (zc->zc_nvlist_src != 0 &&
1274 (error = get_nvlist(zc, &cbdata.zc_props)) != 0)
1277 cbdata.zc_cred = (cred_t *)(uintptr_t)zc->zc_cred;
1278 cbdata.zc_dev = (dev_t)zc->zc_dev;
1280 if (zc->zc_value[0] != '\0') {
1282 * We're creating a clone of an existing snapshot.
1284 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
1285 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) {
1286 nvlist_free(cbdata.zc_props);
1290 error = dmu_objset_open(zc->zc_value, type,
1291 DS_MODE_STANDARD | DS_MODE_READONLY, &clone);
1293 nvlist_free(cbdata.zc_props);
1296 error = dmu_objset_create(zc->zc_name, type, clone, NULL, NULL);
1297 dmu_objset_close(clone);
1299 if (cbfunc == NULL) {
1300 nvlist_free(cbdata.zc_props);
1304 if (type == DMU_OST_ZVOL) {
1305 uint64_t volsize, volblocksize;
1307 if (cbdata.zc_props == NULL ||
1308 nvlist_lookup_uint64(cbdata.zc_props,
1309 zfs_prop_to_name(ZFS_PROP_VOLSIZE),
1311 nvlist_free(cbdata.zc_props);
1315 if ((error = nvlist_lookup_uint64(cbdata.zc_props,
1316 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
1317 &volblocksize)) != 0 && error != ENOENT) {
1318 nvlist_free(cbdata.zc_props);
1323 volblocksize = zfs_prop_default_numeric(
1324 ZFS_PROP_VOLBLOCKSIZE);
1326 if ((error = zvol_check_volblocksize(
1327 volblocksize)) != 0 ||
1328 (error = zvol_check_volsize(volsize,
1329 volblocksize)) != 0) {
1330 nvlist_free(cbdata.zc_props);
1335 error = dmu_objset_create(zc->zc_name, type, NULL, cbfunc,
1340 * It would be nice to do this atomically.
1343 if ((error = zfs_set_prop_nvlist(zc->zc_name,
1344 zc->zc_dev, (cred_t *)(uintptr_t)zc->zc_cred,
1345 cbdata.zc_props)) != 0)
1346 (void) dmu_objset_destroy(zc->zc_name);
1349 nvlist_free(cbdata.zc_props);
1354 zfs_ioc_snapshot(zfs_cmd_t *zc)
1356 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
1358 return (dmu_objset_snapshot(zc->zc_name,
1359 zc->zc_value, zc->zc_cookie));
1363 zfs_unmount_snap(char *name, void *arg)
1365 char *snapname = arg;
1370 * Snapshots (which are under .zfs control) must be unmounted
1371 * before they can be destroyed.
1375 (void) strcat(name, "@");
1376 (void) strcat(name, snapname);
1377 vfsp = zfs_get_vfs(name);
1378 cp = strchr(name, '@');
1380 } else if (strchr(name, '@')) {
1381 vfsp = zfs_get_vfs(name);
1386 * Always force the unmount for snapshots.
1388 int flag = MS_FORCE;
1391 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) {
1396 mtx_lock(&Giant); /* dounmount() */
1397 dounmount(vfsp, flag, curthread);
1398 mtx_unlock(&Giant); /* dounmount() */
1404 zfs_ioc_destroy_snaps(zfs_cmd_t *zc)
1408 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
1410 err = dmu_objset_find(zc->zc_name,
1411 zfs_unmount_snap, zc->zc_value, DS_FIND_CHILDREN);
1414 return (dmu_snapshots_destroy(zc->zc_name, zc->zc_value));
1418 zfs_ioc_destroy(zfs_cmd_t *zc)
1420 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) {
1421 int err = zfs_unmount_snap(zc->zc_name, NULL);
1426 return (dmu_objset_destroy(zc->zc_name));
1430 zfs_ioc_rollback(zfs_cmd_t *zc)
1432 return (dmu_objset_rollback(zc->zc_name));
1436 zfs_ioc_rename(zfs_cmd_t *zc)
1438 int recursive = zc->zc_cookie & 1;
1440 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
1441 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0)
1445 * Unmount snapshot unless we're doing a recursive rename,
1446 * in which case the dataset code figures out which snapshots
1449 if (!recursive && strchr(zc->zc_name, '@') != NULL &&
1450 zc->zc_objset_type == DMU_OST_ZFS) {
1451 int err = zfs_unmount_snap(zc->zc_name, NULL);
1456 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive));
1460 zfs_ioc_recvbackup(zfs_cmd_t *zc)
1462 kthread_t *td = curthread;
1467 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
1468 strchr(zc->zc_value, '@') == NULL)
1471 error = fget_read(td, zc->zc_cookie, &fp);
1475 error = dmu_recvbackup(zc->zc_value, &zc->zc_begin_record,
1476 &zc->zc_cookie, (boolean_t)zc->zc_guid, fp,
1479 new_off = fp->f_offset + zc->zc_cookie;
1480 fp->f_offset = new_off;
1487 zfs_ioc_sendbackup(zfs_cmd_t *zc)
1489 kthread_t *td = curthread;
1491 objset_t *fromsnap = NULL;
1495 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY,
1496 DS_MODE_STANDARD | DS_MODE_READONLY, &tosnap);
1500 if (zc->zc_value[0] != '\0') {
1501 char buf[MAXPATHLEN];
1504 (void) strncpy(buf, zc->zc_name, sizeof (buf));
1505 cp = strchr(buf, '@');
1508 (void) strlcat(buf, zc->zc_value, sizeof (buf));
1509 error = dmu_objset_open(buf, DMU_OST_ANY,
1510 DS_MODE_STANDARD | DS_MODE_READONLY, &fromsnap);
1512 dmu_objset_close(tosnap);
1518 error = fget_write(td, fd, &fp);
1520 dmu_objset_close(tosnap);
1522 dmu_objset_close(fromsnap);
1526 error = dmu_sendbackup(tosnap, fromsnap, fp);
1530 dmu_objset_close(fromsnap);
1531 dmu_objset_close(tosnap);
1536 zfs_ioc_inject_fault(zfs_cmd_t *zc)
1540 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
1541 &zc->zc_inject_record);
1544 zc->zc_guid = (uint64_t)id;
1550 zfs_ioc_clear_fault(zfs_cmd_t *zc)
1552 return (zio_clear_fault((int)zc->zc_guid));
1556 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
1558 int id = (int)zc->zc_guid;
1561 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
1562 &zc->zc_inject_record);
1570 zfs_ioc_error_log(zfs_cmd_t *zc)
1574 size_t count = (size_t)zc->zc_nvlist_dst_size;
1576 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1579 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
1582 zc->zc_nvlist_dst_size = count;
1584 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
1586 spa_close(spa, FTAG);
1592 zfs_ioc_clear(zfs_cmd_t *zc)
1598 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1601 spa_config_enter(spa, RW_WRITER, FTAG);
1603 if (zc->zc_guid == 0) {
1605 } else if ((vd = spa_lookup_by_guid(spa, zc->zc_guid)) == NULL) {
1606 spa_config_exit(spa, FTAG);
1607 spa_close(spa, FTAG);
1611 vdev_clear(spa, vd);
1613 spa_config_exit(spa, FTAG);
1615 spa_close(spa, FTAG);
1621 zfs_ioc_promote(zfs_cmd_t *zc)
1626 * We don't need to unmount *all* the origin fs's snapshots, but
1629 cp = strchr(zc->zc_value, '@');
1632 (void) dmu_objset_find(zc->zc_value,
1633 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS);
1634 return (dsl_dataset_promote(zc->zc_name));
1638 zfs_ioc_jail(zfs_cmd_t *zc)
1641 return (zone_dataset_attach((cred_t *)(uintptr_t)zc->zc_cred,
1642 zc->zc_name, (int)zc->zc_jailid));
1646 zfs_ioc_unjail(zfs_cmd_t *zc)
1649 return (zone_dataset_detach((cred_t *)(uintptr_t)zc->zc_cred,
1650 zc->zc_name, (int)zc->zc_jailid));
1653 static zfs_ioc_vec_t zfs_ioc_vec[] = {
1654 { zfs_ioc_pool_create, zfs_secpolicy_config, pool_name },
1655 { zfs_ioc_pool_destroy, zfs_secpolicy_config, pool_name },
1656 { zfs_ioc_pool_import, zfs_secpolicy_config, pool_name },
1657 { zfs_ioc_pool_export, zfs_secpolicy_config, pool_name },
1658 { zfs_ioc_pool_configs, zfs_secpolicy_none, no_name },
1659 { zfs_ioc_pool_stats, zfs_secpolicy_read, pool_name },
1660 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, no_name },
1661 { zfs_ioc_pool_scrub, zfs_secpolicy_config, pool_name },
1662 { zfs_ioc_pool_freeze, zfs_secpolicy_config, no_name },
1663 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, pool_name },
1664 { zfs_ioc_pool_get_history, zfs_secpolicy_config, pool_name },
1665 { zfs_ioc_pool_log_history, zfs_secpolicy_config, pool_name },
1666 { zfs_ioc_vdev_add, zfs_secpolicy_config, pool_name },
1667 { zfs_ioc_vdev_remove, zfs_secpolicy_config, pool_name },
1668 { zfs_ioc_vdev_online, zfs_secpolicy_config, pool_name },
1669 { zfs_ioc_vdev_offline, zfs_secpolicy_config, pool_name },
1670 { zfs_ioc_vdev_attach, zfs_secpolicy_config, pool_name },
1671 { zfs_ioc_vdev_detach, zfs_secpolicy_config, pool_name },
1672 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, pool_name },
1673 { zfs_ioc_objset_stats, zfs_secpolicy_read, dataset_name },
1674 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, dataset_name },
1675 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, dataset_name },
1676 { zfs_ioc_set_prop, zfs_secpolicy_write, dataset_name },
1677 { zfs_ioc_create_minor, zfs_secpolicy_config, dataset_name },
1678 { zfs_ioc_remove_minor, zfs_secpolicy_config, dataset_name },
1679 { zfs_ioc_create, zfs_secpolicy_parent, dataset_name },
1680 { zfs_ioc_destroy, zfs_secpolicy_parent, dataset_name },
1681 { zfs_ioc_rollback, zfs_secpolicy_write, dataset_name },
1682 { zfs_ioc_rename, zfs_secpolicy_write, dataset_name },
1683 { zfs_ioc_recvbackup, zfs_secpolicy_write, dataset_name },
1684 { zfs_ioc_sendbackup, zfs_secpolicy_operator, dataset_name },
1685 { zfs_ioc_inject_fault, zfs_secpolicy_inject, no_name },
1686 { zfs_ioc_clear_fault, zfs_secpolicy_inject, no_name },
1687 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, no_name },
1688 { zfs_ioc_error_log, zfs_secpolicy_inject, pool_name },
1689 { zfs_ioc_clear, zfs_secpolicy_config, pool_name },
1690 { zfs_ioc_promote, zfs_secpolicy_write, dataset_name },
1691 { zfs_ioc_destroy_snaps, zfs_secpolicy_write, dataset_name },
1692 { zfs_ioc_snapshot, zfs_secpolicy_operator, dataset_name },
1693 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_config, pool_name },
1694 { zfs_ioc_obj_to_path, zfs_secpolicy_config, no_name },
1695 { zfs_ioc_pool_set_props, zfs_secpolicy_config, pool_name },
1696 { zfs_ioc_pool_get_props, zfs_secpolicy_read, pool_name },
1697 { zfs_ioc_jail, zfs_secpolicy_config, dataset_name },
1698 { zfs_ioc_unjail, zfs_secpolicy_config, dataset_name }
1702 zfsdev_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag,
1705 zfs_cmd_t *zc = (void *)addr;
1711 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
1714 zc->zc_cred = (uintptr_t)td->td_ucred;
1715 zc->zc_dev = (uintptr_t)dev;
1716 error = zfs_ioc_vec[vec].zvec_secpolicy(zc->zc_name, td->td_ucred);
1719 * Ensure that all pool/dataset names are valid before we pass down to
1723 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
1724 switch (zfs_ioc_vec[vec].zvec_namecheck) {
1726 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
1731 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
1741 error = zfs_ioc_vec[vec].zvec_func(zc);
1747 * OK, so this is a little weird.
1749 * /dev/zfs is the control node, i.e. minor 0.
1750 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
1752 * /dev/zfs has basically nothing to do except serve up ioctls,
1753 * so most of the standard driver entry points are in zvol.c.
1755 static struct cdevsw zfs_cdevsw = {
1756 .d_version = D_VERSION,
1757 .d_ioctl = zfsdev_ioctl,
1758 .d_name = ZFS_DEV_NAME
1764 zfsdev = make_dev(&zfs_cdevsw, 0x0, UID_ROOT, GID_OPERATOR, 0660,
1772 destroy_dev(zfsdev);
1775 static struct task zfs_start_task;
1776 static struct root_hold_token *zfs_root_token;
1779 zfs_start(void *context __unused, int pending __unused)
1783 spa_init(FREAD | FWRITE);
1786 printf("ZFS storage pool version " ZFS_VERSION_STRING "\n");
1787 root_mount_rel(zfs_root_token);
1791 zfs_modevent(module_t mod, int type, void *unused __unused)
1798 zfs_root_token = root_mount_hold("ZFS");
1799 printf("WARNING: ZFS is considered to be an experimental "
1800 "feature in FreeBSD.\n");
1801 TASK_INIT(&zfs_start_task, 0, zfs_start, NULL);
1802 taskqueue_enqueue(taskqueue_thread, &zfs_start_task);
1806 if (spa_busy() || zfs_busy() || zvol_busy() ||
1807 zio_injection_enabled) {
1821 static moduledata_t zfs_mod = {
1826 DECLARE_MODULE(zfsctrl, zfs_mod, SI_SUB_VFS, SI_ORDER_ANY);
1827 MODULE_DEPEND(zfsctrl, opensolaris, 1, 1, 1);