4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Portions Copyright 2011 Martin Matuska <mm@FreeBSD.org>
26 #include <sys/types.h>
27 #include <sys/param.h>
28 #include <sys/systm.h>
30 #include <sys/kernel.h>
32 #include <sys/malloc.h>
33 #include <sys/mutex.h>
35 #include <sys/errno.h>
41 #include <sys/cmn_err.h>
43 #include <sys/zfs_ioctl.h>
44 #include <sys/zfs_vfsops.h>
45 #include <sys/zfs_znode.h>
48 #include <sys/spa_impl.h>
51 #include <sys/dsl_dir.h>
52 #include <sys/dsl_dataset.h>
53 #include <sys/dsl_prop.h>
54 #include <sys/dsl_deleg.h>
55 #include <sys/dmu_objset.h>
56 #include <sys/sunddi.h>
57 #include <sys/policy.h>
59 #include <sys/nvpair.h>
60 #include <sys/mount.h>
61 #include <sys/taskqueue.h>
63 #include <sys/varargs.h>
64 #include <sys/fs/zfs.h>
65 #include <sys/zfs_ctldir.h>
66 #include <sys/zfs_dir.h>
67 #include <sys/zfs_onexit.h>
69 #include <sys/dsl_scan.h>
70 #include <sys/dmu_objset.h>
72 #include "zfs_namecheck.h"
74 #include "zfs_deleg.h"
75 #include "zfs_comutil.h"
76 #include "zfs_ioctl_compat.h"
78 CTASSERT(sizeof(zfs_cmd_t) < IOCPARM_MAX);
80 static struct cdev *zfsdev;
82 extern void zfs_init(void);
83 extern void zfs_fini(void);
85 typedef int zfs_ioc_func_t(zfs_cmd_t *);
86 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, cred_t *);
92 } zfs_ioc_namecheck_t;
94 typedef struct zfs_ioc_vec {
95 zfs_ioc_func_t *zvec_func;
96 zfs_secpolicy_func_t *zvec_secpolicy;
97 zfs_ioc_namecheck_t zvec_namecheck;
98 boolean_t zvec_his_log;
99 boolean_t zvec_pool_check;
102 /* This array is indexed by zfs_userquota_prop_t */
103 static const char *userquota_perms[] = {
104 ZFS_DELEG_PERM_USERUSED,
105 ZFS_DELEG_PERM_USERQUOTA,
106 ZFS_DELEG_PERM_GROUPUSED,
107 ZFS_DELEG_PERM_GROUPQUOTA,
110 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
111 static int zfs_check_settable(const char *name, nvpair_t *property,
113 static int zfs_check_clearable(char *dataset, nvlist_t *props,
115 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
117 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t **);
119 static void zfsdev_close(void *data);
121 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
123 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
130 * Get rid of annoying "../common/" prefix to filename.
132 newfile = strrchr(file, '/');
133 if (newfile != NULL) {
134 newfile = newfile + 1; /* Get rid of leading / */
140 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
144 * To get this data, use the zfs-dprintf probe as so:
145 * dtrace -q -n 'zfs-dprintf \
146 * /stringof(arg0) == "dbuf.c"/ \
147 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
149 * arg1 = function name
153 DTRACE_PROBE4(zfs__dprintf,
154 char *, newfile, char *, func, int, line, char *, buf);
158 history_str_free(char *buf)
160 kmem_free(buf, HIS_MAX_RECORD_LEN);
164 history_str_get(zfs_cmd_t *zc)
168 if (zc->zc_history == 0)
171 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
172 if (copyinstr((void *)(uintptr_t)zc->zc_history,
173 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
174 history_str_free(buf);
178 buf[HIS_MAX_RECORD_LEN -1] = '\0';
184 * Check to see if the named dataset is currently defined as bootable
187 zfs_is_bootfs(const char *name)
191 if (dmu_objset_hold(name, FTAG, &os) == 0) {
193 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
194 dmu_objset_rele(os, FTAG);
201 * zfs_earlier_version
203 * Return non-zero if the spa version is less than requested version.
206 zfs_earlier_version(const char *name, int version)
210 if (spa_open(name, &spa, FTAG) == 0) {
211 if (spa_version(spa) < version) {
212 spa_close(spa, FTAG);
215 spa_close(spa, FTAG);
221 * zpl_earlier_version
223 * Return TRUE if the ZPL version is less than requested version.
226 zpl_earlier_version(const char *name, int version)
229 boolean_t rc = B_TRUE;
231 if (dmu_objset_hold(name, FTAG, &os) == 0) {
234 if (dmu_objset_type(os) != DMU_OST_ZFS) {
235 dmu_objset_rele(os, FTAG);
238 /* XXX reading from non-owned objset */
239 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
240 rc = zplversion < version;
241 dmu_objset_rele(os, FTAG);
247 zfs_log_history(zfs_cmd_t *zc)
252 if ((buf = history_str_get(zc)) == NULL)
255 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
256 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
257 (void) spa_history_log(spa, buf, LOG_CMD_NORMAL);
258 spa_close(spa, FTAG);
260 history_str_free(buf);
264 * Policy for top-level read operations (list pools). Requires no privileges,
265 * and can be used in the local zone, as there is no associated dataset.
269 zfs_secpolicy_none(zfs_cmd_t *zc, cred_t *cr)
275 * Policy for dataset read operations (list children, get statistics). Requires
276 * no privileges, but must be visible in the local zone.
280 zfs_secpolicy_read(zfs_cmd_t *zc, cred_t *cr)
282 if (INGLOBALZONE(curthread) ||
283 zone_dataset_visible(zc->zc_name, NULL))
290 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
295 * The dataset must be visible by this zone -- check this first
296 * so they don't see EPERM on something they shouldn't know about.
298 if (!INGLOBALZONE(curthread) &&
299 !zone_dataset_visible(dataset, &writable))
302 if (INGLOBALZONE(curthread)) {
304 * If the fs is zoned, only root can access it from the
307 if (secpolicy_zfs(cr) && zoned)
311 * If we are in a local zone, the 'zoned' property must be set.
316 /* must be writable by this zone */
324 zfs_dozonecheck(const char *dataset, cred_t *cr)
328 if (dsl_prop_get_integer(dataset, "jailed", &zoned, NULL))
331 return (zfs_dozonecheck_impl(dataset, zoned, cr));
335 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
339 rw_enter(&ds->ds_dir->dd_pool->dp_config_rwlock, RW_READER);
340 if (dsl_prop_get_ds(ds, "jailed", 8, 1, &zoned, NULL)) {
341 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
344 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
346 return (zfs_dozonecheck_impl(dataset, zoned, cr));
350 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
354 error = zfs_dozonecheck(name, cr);
356 error = secpolicy_zfs(cr);
358 error = dsl_deleg_access(name, perm, cr);
364 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
365 const char *perm, cred_t *cr)
369 error = zfs_dozonecheck_ds(name, ds, cr);
371 error = secpolicy_zfs(cr);
373 error = dsl_deleg_access_impl(ds, perm, cr);
380 * Policy for setting the security label property.
382 * Returns 0 for success, non-zero for access and other errors.
385 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
387 char ds_hexsl[MAXNAMELEN];
388 bslabel_t ds_sl, new_sl;
389 boolean_t new_default = FALSE;
391 int needed_priv = -1;
394 /* First get the existing dataset label. */
395 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
396 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
400 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
403 /* The label must be translatable */
404 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
408 * In a non-global zone, disallow attempts to set a label that
409 * doesn't match that of the zone; otherwise no other checks
412 if (!INGLOBALZONE(curproc)) {
413 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
419 * For global-zone datasets (i.e., those whose zoned property is
420 * "off", verify that the specified new label is valid for the
423 if (dsl_prop_get_integer(name,
424 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
427 if (zfs_check_global_label(name, strval) != 0)
432 * If the existing dataset label is nondefault, check if the
433 * dataset is mounted (label cannot be changed while mounted).
434 * Get the zfsvfs; if there isn't one, then the dataset isn't
435 * mounted (or isn't a dataset, doesn't exist, ...).
437 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
439 static char *setsl_tag = "setsl_tag";
442 * Try to own the dataset; abort if there is any error,
443 * (e.g., already mounted, in use, or other error).
445 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
450 dmu_objset_disown(os, setsl_tag);
453 needed_priv = PRIV_FILE_DOWNGRADE_SL;
457 if (hexstr_to_label(strval, &new_sl) != 0)
460 if (blstrictdom(&ds_sl, &new_sl))
461 needed_priv = PRIV_FILE_DOWNGRADE_SL;
462 else if (blstrictdom(&new_sl, &ds_sl))
463 needed_priv = PRIV_FILE_UPGRADE_SL;
465 /* dataset currently has a default label */
467 needed_priv = PRIV_FILE_UPGRADE_SL;
471 if (needed_priv != -1)
472 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
475 #endif /* SECLABEL */
478 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
484 * Check permissions for special properties.
489 * Disallow setting of 'zoned' from within a local zone.
491 if (!INGLOBALZONE(curthread))
496 if (!INGLOBALZONE(curthread)) {
498 char setpoint[MAXNAMELEN];
500 * Unprivileged users are allowed to modify the
501 * quota on things *under* (ie. contained by)
502 * the thing they own.
504 if (dsl_prop_get_integer(dsname, "jailed", &zoned,
507 if (!zoned || strlen(dsname) <= strlen(setpoint))
512 case ZFS_PROP_MLSLABEL:
514 if (!is_system_labeled())
517 if (nvpair_value_string(propval, &strval) == 0) {
520 err = zfs_set_slabel_policy(dsname, strval, CRED());
530 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
534 zfs_secpolicy_fsacl(zfs_cmd_t *zc, cred_t *cr)
538 error = zfs_dozonecheck(zc->zc_name, cr);
543 * permission to set permissions will be evaluated later in
544 * dsl_deleg_can_allow()
550 zfs_secpolicy_rollback(zfs_cmd_t *zc, cred_t *cr)
552 return (zfs_secpolicy_write_perms(zc->zc_name,
553 ZFS_DELEG_PERM_ROLLBACK, cr));
557 zfs_secpolicy_send(zfs_cmd_t *zc, cred_t *cr)
566 * Generate the current snapshot name from the given objsetid, then
567 * use that name for the secpolicy/zone checks.
569 cp = strchr(zc->zc_name, '@');
572 error = spa_open(zc->zc_name, &spa, FTAG);
576 dp = spa_get_dsl(spa);
577 rw_enter(&dp->dp_config_rwlock, RW_READER);
578 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
579 rw_exit(&dp->dp_config_rwlock);
580 spa_close(spa, FTAG);
584 dsl_dataset_name(ds, zc->zc_name);
586 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
587 ZFS_DELEG_PERM_SEND, cr);
588 dsl_dataset_rele(ds, FTAG);
594 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, cred_t *cr)
599 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
600 NO_FOLLOW, NULL, &vp)) != 0)
603 /* Now make sure mntpnt and dataset are ZFS */
605 if (strcmp(vp->v_vfsp->mnt_stat.f_fstypename, "zfs") != 0 ||
606 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
607 zc->zc_name) != 0)) {
613 return (dsl_deleg_access(zc->zc_name,
614 ZFS_DELEG_PERM_SHARE, cr));
618 zfs_secpolicy_share(zfs_cmd_t *zc, cred_t *cr)
620 if (!INGLOBALZONE(curthread))
623 if (secpolicy_nfs(cr) == 0) {
626 return (zfs_secpolicy_deleg_share(zc, cr));
631 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, cred_t *cr)
633 if (!INGLOBALZONE(curthread))
636 if (secpolicy_smb(cr) == 0) {
639 return (zfs_secpolicy_deleg_share(zc, cr));
644 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
649 * Remove the @bla or /bla from the end of the name to get the parent.
651 (void) strncpy(parent, datasetname, parentsize);
652 cp = strrchr(parent, '@');
656 cp = strrchr(parent, '/');
666 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
670 if ((error = zfs_secpolicy_write_perms(name,
671 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
674 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
678 zfs_secpolicy_destroy(zfs_cmd_t *zc, cred_t *cr)
680 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
684 * Destroying snapshots with delegated permissions requires
685 * descendent mount and destroy permissions.
686 * Reassemble the full filesystem@snap name so dsl_deleg_access()
687 * can do the correct permission check.
689 * Since this routine is used when doing a recursive destroy of snapshots
690 * and destroying snapshots requires descendent permissions, a successfull
691 * check of the top level snapshot applies to snapshots of all descendent
694 * The top level snapshot may not exist when doing a recursive destroy.
695 * In this case fallback to permissions of the parent dataset.
698 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, cred_t *cr)
703 dsname = kmem_asprintf("%s@%s", zc->zc_name, zc->zc_value);
705 error = zfs_secpolicy_destroy_perms(dsname, cr);
708 error = zfs_secpolicy_destroy_perms(zc->zc_name, cr);
715 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
717 char parentname[MAXNAMELEN];
720 if ((error = zfs_secpolicy_write_perms(from,
721 ZFS_DELEG_PERM_RENAME, cr)) != 0)
724 if ((error = zfs_secpolicy_write_perms(from,
725 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
728 if ((error = zfs_get_parent(to, parentname,
729 sizeof (parentname))) != 0)
732 if ((error = zfs_secpolicy_write_perms(parentname,
733 ZFS_DELEG_PERM_CREATE, cr)) != 0)
736 if ((error = zfs_secpolicy_write_perms(parentname,
737 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
744 zfs_secpolicy_rename(zfs_cmd_t *zc, cred_t *cr)
746 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
750 zfs_secpolicy_promote(zfs_cmd_t *zc, cred_t *cr)
752 char parentname[MAXNAMELEN];
756 error = zfs_secpolicy_write_perms(zc->zc_name,
757 ZFS_DELEG_PERM_PROMOTE, cr);
761 error = dmu_objset_hold(zc->zc_name, FTAG, &clone);
764 dsl_dataset_t *pclone = NULL;
766 dd = clone->os_dsl_dataset->ds_dir;
768 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER);
769 error = dsl_dataset_hold_obj(dd->dd_pool,
770 dd->dd_phys->dd_origin_obj, FTAG, &pclone);
771 rw_exit(&dd->dd_pool->dp_config_rwlock);
773 dmu_objset_rele(clone, FTAG);
777 error = zfs_secpolicy_write_perms(zc->zc_name,
778 ZFS_DELEG_PERM_MOUNT, cr);
780 dsl_dataset_name(pclone, parentname);
781 dmu_objset_rele(clone, FTAG);
782 dsl_dataset_rele(pclone, FTAG);
784 error = zfs_secpolicy_write_perms(parentname,
785 ZFS_DELEG_PERM_PROMOTE, cr);
791 zfs_secpolicy_receive(zfs_cmd_t *zc, cred_t *cr)
795 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
796 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
799 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
800 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
803 return (zfs_secpolicy_write_perms(zc->zc_name,
804 ZFS_DELEG_PERM_CREATE, cr));
808 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
810 return (zfs_secpolicy_write_perms(name,
811 ZFS_DELEG_PERM_SNAPSHOT, cr));
815 zfs_secpolicy_snapshot(zfs_cmd_t *zc, cred_t *cr)
818 return (zfs_secpolicy_snapshot_perms(zc->zc_name, cr));
822 zfs_secpolicy_create(zfs_cmd_t *zc, cred_t *cr)
824 char parentname[MAXNAMELEN];
827 if ((error = zfs_get_parent(zc->zc_name, parentname,
828 sizeof (parentname))) != 0)
831 if (zc->zc_value[0] != '\0') {
832 if ((error = zfs_secpolicy_write_perms(zc->zc_value,
833 ZFS_DELEG_PERM_CLONE, cr)) != 0)
837 if ((error = zfs_secpolicy_write_perms(parentname,
838 ZFS_DELEG_PERM_CREATE, cr)) != 0)
841 error = zfs_secpolicy_write_perms(parentname,
842 ZFS_DELEG_PERM_MOUNT, cr);
848 zfs_secpolicy_umount(zfs_cmd_t *zc, cred_t *cr)
852 error = secpolicy_fs_unmount(cr, NULL);
854 error = dsl_deleg_access(zc->zc_name, ZFS_DELEG_PERM_MOUNT, cr);
860 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
861 * SYS_CONFIG privilege, which is not available in a local zone.
865 zfs_secpolicy_config(zfs_cmd_t *zc, cred_t *cr)
867 if (secpolicy_sys_config(cr, B_FALSE) != 0)
874 * Policy for object to name lookups.
878 zfs_secpolicy_diff(zfs_cmd_t *zc, cred_t *cr)
882 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
885 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
890 * Policy for fault injection. Requires all privileges.
894 zfs_secpolicy_inject(zfs_cmd_t *zc, cred_t *cr)
896 return (secpolicy_zinject(cr));
900 zfs_secpolicy_inherit(zfs_cmd_t *zc, cred_t *cr)
902 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
904 if (prop == ZPROP_INVAL) {
905 if (!zfs_prop_user(zc->zc_value))
907 return (zfs_secpolicy_write_perms(zc->zc_name,
908 ZFS_DELEG_PERM_USERPROP, cr));
910 return (zfs_secpolicy_setprop(zc->zc_name, prop,
916 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, cred_t *cr)
918 int err = zfs_secpolicy_read(zc, cr);
922 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
925 if (zc->zc_value[0] == 0) {
927 * They are asking about a posix uid/gid. If it's
928 * themself, allow it.
930 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
931 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
932 if (zc->zc_guid == crgetuid(cr))
935 if (groupmember(zc->zc_guid, cr))
940 return (zfs_secpolicy_write_perms(zc->zc_name,
941 userquota_perms[zc->zc_objset_type], cr));
945 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, cred_t *cr)
947 int err = zfs_secpolicy_read(zc, cr);
951 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
954 return (zfs_secpolicy_write_perms(zc->zc_name,
955 userquota_perms[zc->zc_objset_type], cr));
959 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, cred_t *cr)
961 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
966 zfs_secpolicy_hold(zfs_cmd_t *zc, cred_t *cr)
968 return (zfs_secpolicy_write_perms(zc->zc_name,
969 ZFS_DELEG_PERM_HOLD, cr));
973 zfs_secpolicy_release(zfs_cmd_t *zc, cred_t *cr)
975 return (zfs_secpolicy_write_perms(zc->zc_name,
976 ZFS_DELEG_PERM_RELEASE, cr));
980 * Policy for allowing temporary snapshots to be taken or released
983 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, cred_t *cr)
986 * A temporary snapshot is the same as a snapshot,
987 * hold, destroy and release all rolled into one.
988 * Delegated diff alone is sufficient that we allow this.
992 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
993 ZFS_DELEG_PERM_DIFF, cr)) == 0)
996 error = zfs_secpolicy_snapshot(zc, cr);
998 error = zfs_secpolicy_hold(zc, cr);
1000 error = zfs_secpolicy_release(zc, cr);
1002 error = zfs_secpolicy_destroy(zc, cr);
1007 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1010 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1014 nvlist_t *list = NULL;
1017 * Read in and unpack the user-supplied nvlist.
1022 packed = kmem_alloc(size, KM_SLEEP);
1024 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1026 kmem_free(packed, size);
1030 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1031 kmem_free(packed, size);
1035 kmem_free(packed, size);
1042 fit_error_list(zfs_cmd_t *zc, nvlist_t **errors)
1046 VERIFY(nvlist_size(*errors, &size, NV_ENCODE_NATIVE) == 0);
1048 if (size > zc->zc_nvlist_dst_size) {
1049 nvpair_t *more_errors;
1052 if (zc->zc_nvlist_dst_size < 1024)
1055 VERIFY(nvlist_add_int32(*errors, ZPROP_N_MORE_ERRORS, 0) == 0);
1056 more_errors = nvlist_prev_nvpair(*errors, NULL);
1059 nvpair_t *pair = nvlist_prev_nvpair(*errors,
1061 VERIFY(nvlist_remove_nvpair(*errors, pair) == 0);
1063 VERIFY(nvlist_size(*errors, &size,
1064 NV_ENCODE_NATIVE) == 0);
1065 } while (size > zc->zc_nvlist_dst_size);
1067 VERIFY(nvlist_remove_nvpair(*errors, more_errors) == 0);
1068 VERIFY(nvlist_add_int32(*errors, ZPROP_N_MORE_ERRORS, n) == 0);
1069 ASSERT(nvlist_size(*errors, &size, NV_ENCODE_NATIVE) == 0);
1070 ASSERT(size <= zc->zc_nvlist_dst_size);
1077 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1079 char *packed = NULL;
1083 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0);
1085 if (size > zc->zc_nvlist_dst_size) {
1087 * Solaris returns ENOMEM here, because even if an error is
1088 * returned from an ioctl(2), new zc_nvlist_dst_size will be
1089 * passed to the userland. This is not the case for FreeBSD.
1090 * We need to return 0, so the kernel will copy the
1091 * zc_nvlist_dst_size back and the userland can discover that a
1092 * bigger buffer is needed.
1096 packed = kmem_alloc(size, KM_SLEEP);
1097 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE,
1099 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1100 size, zc->zc_iflags) != 0)
1102 kmem_free(packed, size);
1105 zc->zc_nvlist_dst_size = size;
1110 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1115 error = dmu_objset_hold(dsname, FTAG, &os);
1118 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1119 dmu_objset_rele(os, FTAG);
1123 mutex_enter(&os->os_user_ptr_lock);
1124 *zfvp = dmu_objset_get_user(os);
1126 VFS_HOLD((*zfvp)->z_vfs);
1130 mutex_exit(&os->os_user_ptr_lock);
1131 dmu_objset_rele(os, FTAG);
1136 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1137 * case its z_vfs will be NULL, and it will be opened as the owner.
1140 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1144 if (getzfsvfs(name, zfvp) != 0)
1145 error = zfsvfs_create(name, zfvp);
1147 rrw_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1149 if ((*zfvp)->z_unmounted) {
1151 * XXX we could probably try again, since the unmounting
1152 * thread should be just about to disassociate the
1153 * objset from the zfsvfs.
1155 rrw_exit(&(*zfvp)->z_teardown_lock, tag);
1163 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1165 rrw_exit(&zfsvfs->z_teardown_lock, tag);
1167 if (zfsvfs->z_vfs) {
1168 VFS_RELE(zfsvfs->z_vfs);
1170 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1171 zfsvfs_free(zfsvfs);
1176 zfs_ioc_pool_create(zfs_cmd_t *zc)
1179 nvlist_t *config, *props = NULL;
1180 nvlist_t *rootprops = NULL;
1181 nvlist_t *zplprops = NULL;
1184 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1185 zc->zc_iflags, &config))
1188 if (zc->zc_nvlist_src_size != 0 && (error =
1189 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1190 zc->zc_iflags, &props))) {
1191 nvlist_free(config);
1196 nvlist_t *nvl = NULL;
1197 uint64_t version = SPA_VERSION;
1199 (void) nvlist_lookup_uint64(props,
1200 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1201 if (version < SPA_VERSION_INITIAL || version > SPA_VERSION) {
1203 goto pool_props_bad;
1205 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1207 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1209 nvlist_free(config);
1213 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1215 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1216 error = zfs_fill_zplprops_root(version, rootprops,
1219 goto pool_props_bad;
1222 buf = history_str_get(zc);
1224 error = spa_create(zc->zc_name, config, props, buf, zplprops);
1227 * Set the remaining root properties
1229 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1230 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1231 (void) spa_destroy(zc->zc_name);
1234 history_str_free(buf);
1237 nvlist_free(rootprops);
1238 nvlist_free(zplprops);
1239 nvlist_free(config);
1246 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1249 zfs_log_history(zc);
1250 error = spa_destroy(zc->zc_name);
1252 zvol_remove_minors(zc->zc_name);
1257 zfs_ioc_pool_import(zfs_cmd_t *zc)
1259 nvlist_t *config, *props = NULL;
1263 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1264 zc->zc_iflags, &config)) != 0)
1267 if (zc->zc_nvlist_src_size != 0 && (error =
1268 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1269 zc->zc_iflags, &props))) {
1270 nvlist_free(config);
1274 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1275 guid != zc->zc_guid)
1278 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1280 if (zc->zc_nvlist_dst != 0) {
1283 if ((err = put_nvlist(zc, config)) != 0)
1287 nvlist_free(config);
1296 zfs_ioc_pool_export(zfs_cmd_t *zc)
1299 boolean_t force = (boolean_t)zc->zc_cookie;
1300 boolean_t hardforce = (boolean_t)zc->zc_guid;
1302 zfs_log_history(zc);
1303 error = spa_export(zc->zc_name, NULL, force, hardforce);
1305 zvol_remove_minors(zc->zc_name);
1310 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1315 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1318 error = put_nvlist(zc, configs);
1320 nvlist_free(configs);
1326 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1332 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1333 sizeof (zc->zc_value));
1335 if (config != NULL) {
1336 ret = put_nvlist(zc, config);
1337 nvlist_free(config);
1340 * The config may be present even if 'error' is non-zero.
1341 * In this case we return success, and preserve the real errno
1344 zc->zc_cookie = error;
1353 * Try to import the given pool, returning pool stats as appropriate so that
1354 * user land knows which devices are available and overall pool health.
1357 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1359 nvlist_t *tryconfig, *config;
1362 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1363 zc->zc_iflags, &tryconfig)) != 0)
1366 config = spa_tryimport(tryconfig);
1368 nvlist_free(tryconfig);
1373 error = put_nvlist(zc, config);
1374 nvlist_free(config);
1381 * zc_name name of the pool
1382 * zc_cookie scan func (pool_scan_func_t)
1385 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1390 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1393 if (zc->zc_cookie == POOL_SCAN_NONE)
1394 error = spa_scan_stop(spa);
1396 error = spa_scan(spa, zc->zc_cookie);
1398 spa_close(spa, FTAG);
1404 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1409 error = spa_open(zc->zc_name, &spa, FTAG);
1412 spa_close(spa, FTAG);
1418 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1423 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1426 if (zc->zc_cookie < spa_version(spa) || zc->zc_cookie > SPA_VERSION) {
1427 spa_close(spa, FTAG);
1431 spa_upgrade(spa, zc->zc_cookie);
1432 spa_close(spa, FTAG);
1438 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1445 if ((size = zc->zc_history_len) == 0)
1448 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1451 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1452 spa_close(spa, FTAG);
1456 hist_buf = kmem_alloc(size, KM_SLEEP);
1457 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1458 &zc->zc_history_len, hist_buf)) == 0) {
1459 error = ddi_copyout(hist_buf,
1460 (void *)(uintptr_t)zc->zc_history,
1461 zc->zc_history_len, zc->zc_iflags);
1464 spa_close(spa, FTAG);
1465 kmem_free(hist_buf, size);
1470 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1474 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value))
1482 * zc_name name of filesystem
1483 * zc_obj object to find
1486 * zc_value name of object
1489 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1494 /* XXX reading from objset not owned */
1495 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1497 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1498 dmu_objset_rele(os, FTAG);
1501 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1502 sizeof (zc->zc_value));
1503 dmu_objset_rele(os, FTAG);
1510 * zc_name name of filesystem
1511 * zc_obj object to find
1514 * zc_stat stats on object
1515 * zc_value path to object
1518 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1523 /* XXX reading from objset not owned */
1524 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1526 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1527 dmu_objset_rele(os, FTAG);
1530 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1531 sizeof (zc->zc_value));
1532 dmu_objset_rele(os, FTAG);
1538 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1542 nvlist_t *config, **l2cache, **spares;
1543 uint_t nl2cache = 0, nspares = 0;
1545 error = spa_open(zc->zc_name, &spa, FTAG);
1549 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1550 zc->zc_iflags, &config);
1551 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1552 &l2cache, &nl2cache);
1554 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1558 * A root pool with concatenated devices is not supported.
1559 * Thus, can not add a device to a root pool.
1561 * Intent log device can not be added to a rootpool because
1562 * during mountroot, zil is replayed, a seperated log device
1563 * can not be accessed during the mountroot time.
1565 * l2cache and spare devices are ok to be added to a rootpool.
1567 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1568 nvlist_free(config);
1569 spa_close(spa, FTAG);
1574 error = spa_vdev_add(spa, config);
1575 nvlist_free(config);
1577 spa_close(spa, FTAG);
1583 * zc_name name of the pool
1584 * zc_nvlist_conf nvlist of devices to remove
1585 * zc_cookie to stop the remove?
1588 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1593 error = spa_open(zc->zc_name, &spa, FTAG);
1596 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1597 spa_close(spa, FTAG);
1602 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1606 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1608 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1610 switch (zc->zc_cookie) {
1611 case VDEV_STATE_ONLINE:
1612 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1615 case VDEV_STATE_OFFLINE:
1616 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1619 case VDEV_STATE_FAULTED:
1620 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1621 zc->zc_obj != VDEV_AUX_EXTERNAL)
1622 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1624 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1627 case VDEV_STATE_DEGRADED:
1628 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1629 zc->zc_obj != VDEV_AUX_EXTERNAL)
1630 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1632 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1638 zc->zc_cookie = newstate;
1639 spa_close(spa, FTAG);
1644 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1647 int replacing = zc->zc_cookie;
1651 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1654 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1655 zc->zc_iflags, &config)) == 0) {
1656 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1657 nvlist_free(config);
1660 spa_close(spa, FTAG);
1665 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1670 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1673 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1675 spa_close(spa, FTAG);
1680 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1683 nvlist_t *config, *props = NULL;
1685 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1687 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1690 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1691 zc->zc_iflags, &config)) {
1692 spa_close(spa, FTAG);
1696 if (zc->zc_nvlist_src_size != 0 && (error =
1697 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1698 zc->zc_iflags, &props))) {
1699 spa_close(spa, FTAG);
1700 nvlist_free(config);
1704 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1706 spa_close(spa, FTAG);
1708 nvlist_free(config);
1715 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
1718 char *path = zc->zc_value;
1719 uint64_t guid = zc->zc_guid;
1722 error = spa_open(zc->zc_name, &spa, FTAG);
1726 error = spa_vdev_setpath(spa, guid, path);
1727 spa_close(spa, FTAG);
1732 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
1735 char *fru = zc->zc_value;
1736 uint64_t guid = zc->zc_guid;
1739 error = spa_open(zc->zc_name, &spa, FTAG);
1743 error = spa_vdev_setfru(spa, guid, fru);
1744 spa_close(spa, FTAG);
1749 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
1754 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1756 if (zc->zc_nvlist_dst != 0 &&
1757 (error = dsl_prop_get_all(os, &nv)) == 0) {
1758 dmu_objset_stats(os, nv);
1760 * NB: zvol_get_stats() will read the objset contents,
1761 * which we aren't supposed to do with a
1762 * DS_MODE_USER hold, because it could be
1763 * inconsistent. So this is a bit of a workaround...
1764 * XXX reading with out owning
1766 if (!zc->zc_objset_stats.dds_inconsistent) {
1767 if (dmu_objset_type(os) == DMU_OST_ZVOL)
1768 VERIFY(zvol_get_stats(os, nv) == 0);
1770 error = put_nvlist(zc, nv);
1779 * zc_name name of filesystem
1780 * zc_nvlist_dst_size size of buffer for property nvlist
1783 * zc_objset_stats stats
1784 * zc_nvlist_dst property nvlist
1785 * zc_nvlist_dst_size size of property nvlist
1788 zfs_ioc_objset_stats(zfs_cmd_t *zc)
1790 objset_t *os = NULL;
1793 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
1796 error = zfs_ioc_objset_stats_impl(zc, os);
1798 dmu_objset_rele(os, FTAG);
1800 if (error == ENOMEM)
1807 * zc_name name of filesystem
1808 * zc_nvlist_dst_size size of buffer for property nvlist
1811 * zc_nvlist_dst received property nvlist
1812 * zc_nvlist_dst_size size of received property nvlist
1814 * Gets received properties (distinct from local properties on or after
1815 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
1816 * local property values.
1819 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
1821 objset_t *os = NULL;
1825 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
1829 * Without this check, we would return local property values if the
1830 * caller has not already received properties on or after
1831 * SPA_VERSION_RECVD_PROPS.
1833 if (!dsl_prop_get_hasrecvd(os)) {
1834 dmu_objset_rele(os, FTAG);
1838 if (zc->zc_nvlist_dst != 0 &&
1839 (error = dsl_prop_get_received(os, &nv)) == 0) {
1840 error = put_nvlist(zc, nv);
1844 dmu_objset_rele(os, FTAG);
1849 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
1855 * zfs_get_zplprop() will either find a value or give us
1856 * the default value (if there is one).
1858 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
1860 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
1866 * zc_name name of filesystem
1867 * zc_nvlist_dst_size size of buffer for zpl property nvlist
1870 * zc_nvlist_dst zpl property nvlist
1871 * zc_nvlist_dst_size size of zpl property nvlist
1874 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
1879 /* XXX reading without owning */
1880 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
1883 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1886 * NB: nvl_add_zplprop() will read the objset contents,
1887 * which we aren't supposed to do with a DS_MODE_USER
1888 * hold, because it could be inconsistent.
1890 if (zc->zc_nvlist_dst != 0 &&
1891 !zc->zc_objset_stats.dds_inconsistent &&
1892 dmu_objset_type(os) == DMU_OST_ZFS) {
1895 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1896 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
1897 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
1898 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
1899 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
1900 err = put_nvlist(zc, nv);
1905 dmu_objset_rele(os, FTAG);
1910 dataset_name_hidden(const char *name)
1913 * Skip over datasets that are not visible in this zone,
1914 * internal datasets (which have a $ in their name), and
1915 * temporary datasets (which have a % in their name).
1917 if (strchr(name, '$') != NULL)
1919 if (strchr(name, '%') != NULL)
1921 if (!INGLOBALZONE(curthread) && !zone_dataset_visible(name, NULL))
1928 * zc_name name of filesystem
1929 * zc_cookie zap cursor
1930 * zc_nvlist_dst_size size of buffer for property nvlist
1933 * zc_name name of next filesystem
1934 * zc_cookie zap cursor
1935 * zc_objset_stats stats
1936 * zc_nvlist_dst property nvlist
1937 * zc_nvlist_dst_size size of property nvlist
1940 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
1945 size_t orig_len = strlen(zc->zc_name);
1948 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
1949 if (error == ENOENT)
1954 p = strrchr(zc->zc_name, '/');
1955 if (p == NULL || p[1] != '\0')
1956 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
1957 p = zc->zc_name + strlen(zc->zc_name);
1960 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0
1961 * but is not declared void because its called by dmu_objset_find().
1963 if (zc->zc_cookie == 0) {
1964 uint64_t cookie = 0;
1965 int len = sizeof (zc->zc_name) - (p - zc->zc_name);
1967 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0) {
1968 if (!dataset_name_hidden(zc->zc_name))
1969 (void) dmu_objset_prefetch(zc->zc_name, NULL);
1974 error = dmu_dir_list_next(os,
1975 sizeof (zc->zc_name) - (p - zc->zc_name), p,
1976 NULL, &zc->zc_cookie);
1977 if (error == ENOENT)
1979 } while (error == 0 && dataset_name_hidden(zc->zc_name) &&
1980 !(zc->zc_iflags & FKIOCTL));
1981 dmu_objset_rele(os, FTAG);
1984 * If it's an internal dataset (ie. with a '$' in its name),
1985 * don't try to get stats for it, otherwise we'll return ENOENT.
1987 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
1988 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
1989 if (error == ENOENT) {
1990 /* We lost a race with destroy, get the next one. */
1991 zc->zc_name[orig_len] = '\0';
2000 * zc_name name of filesystem
2001 * zc_cookie zap cursor
2002 * zc_nvlist_dst_size size of buffer for property nvlist
2005 * zc_name name of next snapshot
2006 * zc_objset_stats stats
2007 * zc_nvlist_dst property nvlist
2008 * zc_nvlist_dst_size size of property nvlist
2011 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2017 if (zc->zc_cookie == 0)
2018 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch,
2019 NULL, DS_FIND_SNAPSHOTS);
2021 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2023 return (error == ENOENT ? ESRCH : error);
2026 * A dataset name of maximum length cannot have any snapshots,
2027 * so exit immediately.
2029 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2030 dmu_objset_rele(os, FTAG);
2034 error = dmu_snapshot_list_next(os,
2035 sizeof (zc->zc_name) - strlen(zc->zc_name),
2036 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2041 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2044 * Since we probably don't have a hold on this snapshot,
2045 * it's possible that the objsetid could have been destroyed
2046 * and reused for a new objset. It's OK if this happens during
2047 * a zfs send operation, since the new createtxg will be
2048 * beyond the range we're interested in.
2050 rw_enter(&dp->dp_config_rwlock, RW_READER);
2051 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2052 rw_exit(&dp->dp_config_rwlock);
2054 if (error == ENOENT) {
2055 /* Racing with destroy, get the next one. */
2056 *strchr(zc->zc_name, '@') = '\0';
2057 dmu_objset_rele(os, FTAG);
2063 error = dmu_objset_from_ds(ds, &ossnap);
2065 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2066 dsl_dataset_rele(ds, FTAG);
2068 } else if (error == ENOENT) {
2072 dmu_objset_rele(os, FTAG);
2073 /* if we failed, undo the @ that we tacked on to zc_name */
2075 *strchr(zc->zc_name, '@') = '\0';
2080 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2082 const char *propname = nvpair_name(pair);
2084 unsigned int vallen;
2087 zfs_userquota_prop_t type;
2093 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2095 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2096 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2102 * A correctly constructed propname is encoded as
2103 * userquota@<rid>-<domain>.
2105 if ((dash = strchr(propname, '-')) == NULL ||
2106 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2115 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2117 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2118 zfsvfs_rele(zfsvfs, FTAG);
2125 * If the named property is one that has a special function to set its value,
2126 * return 0 on success and a positive error code on failure; otherwise if it is
2127 * not one of the special properties handled by this function, return -1.
2129 * XXX: It would be better for callers of the property interface if we handled
2130 * these special cases in dsl_prop.c (in the dsl layer).
2133 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2136 const char *propname = nvpair_name(pair);
2137 zfs_prop_t prop = zfs_name_to_prop(propname);
2141 if (prop == ZPROP_INVAL) {
2142 if (zfs_prop_userquota(propname))
2143 return (zfs_prop_set_userquota(dsname, pair));
2147 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2149 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2150 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2154 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2157 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2160 case ZFS_PROP_QUOTA:
2161 err = dsl_dir_set_quota(dsname, source, intval);
2163 case ZFS_PROP_REFQUOTA:
2164 err = dsl_dataset_set_quota(dsname, source, intval);
2166 case ZFS_PROP_RESERVATION:
2167 err = dsl_dir_set_reservation(dsname, source, intval);
2169 case ZFS_PROP_REFRESERVATION:
2170 err = dsl_dataset_set_reservation(dsname, source, intval);
2172 case ZFS_PROP_VOLSIZE:
2173 err = zvol_set_volsize(dsname, ddi_driver_major(zfs_dip),
2176 case ZFS_PROP_VERSION:
2180 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2183 err = zfs_set_version(zfsvfs, intval);
2184 zfsvfs_rele(zfsvfs, FTAG);
2186 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2189 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2190 (void) strcpy(zc->zc_name, dsname);
2191 (void) zfs_ioc_userspace_upgrade(zc);
2192 kmem_free(zc, sizeof (zfs_cmd_t));
2205 * This function is best effort. If it fails to set any of the given properties,
2206 * it continues to set as many as it can and returns the first error
2207 * encountered. If the caller provides a non-NULL errlist, it also gives the
2208 * complete list of names of all the properties it failed to set along with the
2209 * corresponding error numbers. The caller is responsible for freeing the
2212 * If every property is set successfully, zero is returned and the list pointed
2213 * at by errlist is NULL.
2216 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2224 nvlist_t *genericnvl;
2228 VERIFY(nvlist_alloc(&genericnvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2229 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2230 VERIFY(nvlist_alloc(&retrynvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2234 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2235 const char *propname = nvpair_name(pair);
2236 zfs_prop_t prop = zfs_name_to_prop(propname);
2239 /* decode the property value */
2241 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2243 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2244 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2249 /* Validate value type */
2250 if (err == 0 && prop == ZPROP_INVAL) {
2251 if (zfs_prop_user(propname)) {
2252 if (nvpair_type(propval) != DATA_TYPE_STRING)
2254 } else if (zfs_prop_userquota(propname)) {
2255 if (nvpair_type(propval) !=
2256 DATA_TYPE_UINT64_ARRAY)
2259 } else if (err == 0) {
2260 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2261 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2263 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2266 VERIFY(nvpair_value_uint64(propval,
2269 switch (zfs_prop_get_type(prop)) {
2270 case PROP_TYPE_NUMBER:
2272 case PROP_TYPE_STRING:
2275 case PROP_TYPE_INDEX:
2276 if (zfs_prop_index_to_string(prop,
2277 intval, &unused) != 0)
2282 "unknown property type");
2289 /* Validate permissions */
2291 err = zfs_check_settable(dsname, pair, CRED());
2294 err = zfs_prop_set_special(dsname, source, pair);
2297 * For better performance we build up a list of
2298 * properties to set in a single transaction.
2300 err = nvlist_add_nvpair(genericnvl, pair);
2301 } else if (err != 0 && nvl != retrynvl) {
2303 * This may be a spurious error caused by
2304 * receiving quota and reservation out of order.
2305 * Try again in a second pass.
2307 err = nvlist_add_nvpair(retrynvl, pair);
2312 VERIFY(nvlist_add_int32(errors, propname, err) == 0);
2315 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2320 if (!nvlist_empty(genericnvl) &&
2321 dsl_props_set(dsname, source, genericnvl) != 0) {
2323 * If this fails, we still want to set as many properties as we
2324 * can, so try setting them individually.
2327 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2328 const char *propname = nvpair_name(pair);
2332 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2334 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2335 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2339 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2340 VERIFY(nvpair_value_string(propval,
2342 err = dsl_prop_set(dsname, propname, source, 1,
2343 strlen(strval) + 1, strval);
2345 VERIFY(nvpair_value_uint64(propval,
2347 err = dsl_prop_set(dsname, propname, source, 8,
2352 VERIFY(nvlist_add_int32(errors, propname,
2357 nvlist_free(genericnvl);
2358 nvlist_free(retrynvl);
2360 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
2361 nvlist_free(errors);
2364 VERIFY(nvpair_value_int32(pair, &rv) == 0);
2367 if (errlist == NULL)
2368 nvlist_free(errors);
2376 * Check that all the properties are valid user properties.
2379 zfs_check_userprops(char *fsname, nvlist_t *nvl)
2381 nvpair_t *pair = NULL;
2384 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2385 const char *propname = nvpair_name(pair);
2388 if (!zfs_prop_user(propname) ||
2389 nvpair_type(pair) != DATA_TYPE_STRING)
2392 if (error = zfs_secpolicy_write_perms(fsname,
2393 ZFS_DELEG_PERM_USERPROP, CRED()))
2396 if (strlen(propname) >= ZAP_MAXNAMELEN)
2397 return (ENAMETOOLONG);
2399 VERIFY(nvpair_value_string(pair, &valstr) == 0);
2400 if (strlen(valstr) >= ZAP_MAXVALUELEN)
2407 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2411 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2414 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2415 if (nvlist_exists(skipped, nvpair_name(pair)))
2418 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2423 clear_received_props(objset_t *os, const char *fs, nvlist_t *props,
2427 nvlist_t *cleared_props = NULL;
2428 props_skip(props, skipped, &cleared_props);
2429 if (!nvlist_empty(cleared_props)) {
2431 * Acts on local properties until the dataset has received
2432 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2434 zprop_source_t flags = (ZPROP_SRC_NONE |
2435 (dsl_prop_get_hasrecvd(os) ? ZPROP_SRC_RECEIVED : 0));
2436 err = zfs_set_prop_nvlist(fs, flags, cleared_props, NULL);
2438 nvlist_free(cleared_props);
2444 * zc_name name of filesystem
2445 * zc_value name of property to set
2446 * zc_nvlist_src{_size} nvlist of properties to apply
2447 * zc_cookie received properties flag
2450 * zc_nvlist_dst{_size} error for each unapplied received property
2453 zfs_ioc_set_prop(zfs_cmd_t *zc)
2456 boolean_t received = zc->zc_cookie;
2457 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2459 nvlist_t *errors = NULL;
2462 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2463 zc->zc_iflags, &nvl)) != 0)
2467 nvlist_t *origprops;
2470 if (dmu_objset_hold(zc->zc_name, FTAG, &os) == 0) {
2471 if (dsl_prop_get_received(os, &origprops) == 0) {
2472 (void) clear_received_props(os,
2473 zc->zc_name, origprops, nvl);
2474 nvlist_free(origprops);
2477 dsl_prop_set_hasrecvd(os);
2478 dmu_objset_rele(os, FTAG);
2482 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, &errors);
2484 if (zc->zc_nvlist_dst != 0 && errors != NULL) {
2485 (void) put_nvlist(zc, errors);
2488 nvlist_free(errors);
2495 * zc_name name of filesystem
2496 * zc_value name of property to inherit
2497 * zc_cookie revert to received value if TRUE
2502 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2504 const char *propname = zc->zc_value;
2505 zfs_prop_t prop = zfs_name_to_prop(propname);
2506 boolean_t received = zc->zc_cookie;
2507 zprop_source_t source = (received
2508 ? ZPROP_SRC_NONE /* revert to received value, if any */
2509 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2518 * zfs_prop_set_special() expects properties in the form of an
2519 * nvpair with type info.
2521 if (prop == ZPROP_INVAL) {
2522 if (!zfs_prop_user(propname))
2525 type = PROP_TYPE_STRING;
2526 } else if (prop == ZFS_PROP_VOLSIZE ||
2527 prop == ZFS_PROP_VERSION) {
2530 type = zfs_prop_get_type(prop);
2533 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2536 case PROP_TYPE_STRING:
2537 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2539 case PROP_TYPE_NUMBER:
2540 case PROP_TYPE_INDEX:
2541 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2548 pair = nvlist_next_nvpair(dummy, NULL);
2549 err = zfs_prop_set_special(zc->zc_name, source, pair);
2552 return (err); /* special property already handled */
2555 * Only check this in the non-received case. We want to allow
2556 * 'inherit -S' to revert non-inheritable properties like quota
2557 * and reservation to the received or default values even though
2558 * they are not considered inheritable.
2560 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2564 /* the property name has been validated by zfs_secpolicy_inherit() */
2565 return (dsl_prop_set(zc->zc_name, zc->zc_value, source, 0, 0, NULL));
2569 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2576 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2577 zc->zc_iflags, &props))
2581 * If the only property is the configfile, then just do a spa_lookup()
2582 * to handle the faulted case.
2584 pair = nvlist_next_nvpair(props, NULL);
2585 if (pair != NULL && strcmp(nvpair_name(pair),
2586 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2587 nvlist_next_nvpair(props, pair) == NULL) {
2588 mutex_enter(&spa_namespace_lock);
2589 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2590 spa_configfile_set(spa, props, B_FALSE);
2591 spa_config_sync(spa, B_FALSE, B_TRUE);
2593 mutex_exit(&spa_namespace_lock);
2600 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2605 error = spa_prop_set(spa, props);
2608 spa_close(spa, FTAG);
2614 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2618 nvlist_t *nvp = NULL;
2620 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2622 * If the pool is faulted, there may be properties we can still
2623 * get (such as altroot and cachefile), so attempt to get them
2626 mutex_enter(&spa_namespace_lock);
2627 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2628 error = spa_prop_get(spa, &nvp);
2629 mutex_exit(&spa_namespace_lock);
2631 error = spa_prop_get(spa, &nvp);
2632 spa_close(spa, FTAG);
2635 if (error == 0 && zc->zc_nvlist_dst != 0)
2636 error = put_nvlist(zc, nvp);
2646 * zc_name name of filesystem
2647 * zc_nvlist_src{_size} nvlist of delegated permissions
2648 * zc_perm_action allow/unallow flag
2653 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2656 nvlist_t *fsaclnv = NULL;
2658 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2659 zc->zc_iflags, &fsaclnv)) != 0)
2663 * Verify nvlist is constructed correctly
2665 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2666 nvlist_free(fsaclnv);
2671 * If we don't have PRIV_SYS_MOUNT, then validate
2672 * that user is allowed to hand out each permission in
2676 error = secpolicy_zfs(CRED());
2678 if (zc->zc_perm_action == B_FALSE) {
2679 error = dsl_deleg_can_allow(zc->zc_name,
2682 error = dsl_deleg_can_unallow(zc->zc_name,
2688 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2690 nvlist_free(fsaclnv);
2696 * zc_name name of filesystem
2699 * zc_nvlist_src{_size} nvlist of delegated permissions
2702 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2707 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2708 error = put_nvlist(zc, nvp);
2716 * Search the vfs list for a specified resource. Returns a pointer to it
2717 * or NULL if no suitable entry is found. The caller of this routine
2718 * is responsible for releasing the returned vfs pointer.
2721 zfs_get_vfs(const char *resource)
2725 mtx_lock(&mountlist_mtx);
2726 TAILQ_FOREACH(vfsp, &mountlist, mnt_list) {
2727 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2732 mtx_unlock(&mountlist_mtx);
2738 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2740 zfs_creat_t *zct = arg;
2742 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2745 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2749 * createprops list of properties requested by creator
2750 * default_zplver zpl version to use if unspecified in createprops
2751 * fuids_ok fuids allowed in this version of the spa?
2752 * os parent objset pointer (NULL if root fs)
2755 * zplprops values for the zplprops we attach to the master node object
2756 * is_ci true if requested file system will be purely case-insensitive
2758 * Determine the settings for utf8only, normalization and
2759 * casesensitivity. Specific values may have been requested by the
2760 * creator and/or we can inherit values from the parent dataset. If
2761 * the file system is of too early a vintage, a creator can not
2762 * request settings for these properties, even if the requested
2763 * setting is the default value. We don't actually want to create dsl
2764 * properties for these, so remove them from the source nvlist after
2768 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
2769 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
2770 nvlist_t *zplprops, boolean_t *is_ci)
2772 uint64_t sense = ZFS_PROP_UNDEFINED;
2773 uint64_t norm = ZFS_PROP_UNDEFINED;
2774 uint64_t u8 = ZFS_PROP_UNDEFINED;
2776 ASSERT(zplprops != NULL);
2779 * Pull out creator prop choices, if any.
2782 (void) nvlist_lookup_uint64(createprops,
2783 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
2784 (void) nvlist_lookup_uint64(createprops,
2785 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
2786 (void) nvlist_remove_all(createprops,
2787 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
2788 (void) nvlist_lookup_uint64(createprops,
2789 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
2790 (void) nvlist_remove_all(createprops,
2791 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
2792 (void) nvlist_lookup_uint64(createprops,
2793 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
2794 (void) nvlist_remove_all(createprops,
2795 zfs_prop_to_name(ZFS_PROP_CASE));
2799 * If the zpl version requested is whacky or the file system
2800 * or pool is version is too "young" to support normalization
2801 * and the creator tried to set a value for one of the props,
2804 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
2805 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
2806 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
2807 (zplver < ZPL_VERSION_NORMALIZATION &&
2808 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
2809 sense != ZFS_PROP_UNDEFINED)))
2813 * Put the version in the zplprops
2815 VERIFY(nvlist_add_uint64(zplprops,
2816 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
2818 if (norm == ZFS_PROP_UNDEFINED)
2819 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
2820 VERIFY(nvlist_add_uint64(zplprops,
2821 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
2824 * If we're normalizing, names must always be valid UTF-8 strings.
2828 if (u8 == ZFS_PROP_UNDEFINED)
2829 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
2830 VERIFY(nvlist_add_uint64(zplprops,
2831 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
2833 if (sense == ZFS_PROP_UNDEFINED)
2834 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
2835 VERIFY(nvlist_add_uint64(zplprops,
2836 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
2839 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
2845 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
2846 nvlist_t *zplprops, boolean_t *is_ci)
2848 boolean_t fuids_ok, sa_ok;
2849 uint64_t zplver = ZPL_VERSION;
2850 objset_t *os = NULL;
2851 char parentname[MAXNAMELEN];
2857 (void) strlcpy(parentname, dataset, sizeof (parentname));
2858 cp = strrchr(parentname, '/');
2862 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
2865 spa_vers = spa_version(spa);
2866 spa_close(spa, FTAG);
2868 zplver = zfs_zpl_version_map(spa_vers);
2869 fuids_ok = (zplver >= ZPL_VERSION_FUID);
2870 sa_ok = (zplver >= ZPL_VERSION_SA);
2873 * Open parent object set so we can inherit zplprop values.
2875 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
2878 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
2880 dmu_objset_rele(os, FTAG);
2885 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
2886 nvlist_t *zplprops, boolean_t *is_ci)
2890 uint64_t zplver = ZPL_VERSION;
2893 zplver = zfs_zpl_version_map(spa_vers);
2894 fuids_ok = (zplver >= ZPL_VERSION_FUID);
2895 sa_ok = (zplver >= ZPL_VERSION_SA);
2897 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
2898 createprops, zplprops, is_ci);
2904 * zc_objset_type type of objset to create (fs vs zvol)
2905 * zc_name name of new objset
2906 * zc_value name of snapshot to clone from (may be empty)
2907 * zc_nvlist_src{_size} nvlist of properties to apply
2912 zfs_ioc_create(zfs_cmd_t *zc)
2917 nvlist_t *nvprops = NULL;
2918 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
2919 dmu_objset_type_t type = zc->zc_objset_type;
2924 cbfunc = zfs_create_cb;
2928 cbfunc = zvol_create_cb;
2935 if (strchr(zc->zc_name, '@') ||
2936 strchr(zc->zc_name, '%'))
2939 if (zc->zc_nvlist_src != 0 &&
2940 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2941 zc->zc_iflags, &nvprops)) != 0)
2944 zct.zct_zplprops = NULL;
2945 zct.zct_props = nvprops;
2947 if (zc->zc_value[0] != '\0') {
2949 * We're creating a clone of an existing snapshot.
2951 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
2952 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) {
2953 nvlist_free(nvprops);
2957 error = dmu_objset_hold(zc->zc_value, FTAG, &clone);
2959 nvlist_free(nvprops);
2963 error = dmu_objset_clone(zc->zc_name, dmu_objset_ds(clone), 0);
2964 dmu_objset_rele(clone, FTAG);
2966 nvlist_free(nvprops);
2970 boolean_t is_insensitive = B_FALSE;
2972 if (cbfunc == NULL) {
2973 nvlist_free(nvprops);
2977 if (type == DMU_OST_ZVOL) {
2978 uint64_t volsize, volblocksize;
2980 if (nvprops == NULL ||
2981 nvlist_lookup_uint64(nvprops,
2982 zfs_prop_to_name(ZFS_PROP_VOLSIZE),
2984 nvlist_free(nvprops);
2988 if ((error = nvlist_lookup_uint64(nvprops,
2989 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
2990 &volblocksize)) != 0 && error != ENOENT) {
2991 nvlist_free(nvprops);
2996 volblocksize = zfs_prop_default_numeric(
2997 ZFS_PROP_VOLBLOCKSIZE);
2999 if ((error = zvol_check_volblocksize(
3000 volblocksize)) != 0 ||
3001 (error = zvol_check_volsize(volsize,
3002 volblocksize)) != 0) {
3003 nvlist_free(nvprops);
3006 } else if (type == DMU_OST_ZFS) {
3010 * We have to have normalization and
3011 * case-folding flags correct when we do the
3012 * file system creation, so go figure them out
3015 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3016 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3017 error = zfs_fill_zplprops(zc->zc_name, nvprops,
3018 zct.zct_zplprops, &is_insensitive);
3020 nvlist_free(nvprops);
3021 nvlist_free(zct.zct_zplprops);
3025 error = dmu_objset_create(zc->zc_name, type,
3026 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3027 nvlist_free(zct.zct_zplprops);
3031 * It would be nice to do this atomically.
3034 error = zfs_set_prop_nvlist(zc->zc_name, ZPROP_SRC_LOCAL,
3037 (void) dmu_objset_destroy(zc->zc_name, B_FALSE);
3039 nvlist_free(nvprops);
3041 if (error == 0 && type == DMU_OST_ZVOL)
3042 zvol_create_minors(zc->zc_name);
3049 * zc_name name of filesystem
3050 * zc_value short name of snapshot
3051 * zc_cookie recursive flag
3052 * zc_nvlist_src[_size] property list
3055 * zc_value short snapname (i.e. part after the '@')
3058 zfs_ioc_snapshot(zfs_cmd_t *zc)
3060 nvlist_t *nvprops = NULL;
3062 boolean_t recursive = zc->zc_cookie;
3064 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
3067 if (zc->zc_nvlist_src != 0 &&
3068 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3069 zc->zc_iflags, &nvprops)) != 0)
3072 error = zfs_check_userprops(zc->zc_name, nvprops);
3076 if (!nvlist_empty(nvprops) &&
3077 zfs_earlier_version(zc->zc_name, SPA_VERSION_SNAP_PROPS)) {
3082 error = dmu_objset_snapshot(zc->zc_name, zc->zc_value, NULL,
3083 nvprops, recursive, B_FALSE, -1);
3086 nvlist_free(nvprops);
3091 zfs_unmount_snap(const char *name, void *arg)
3096 char *snapname = arg;
3097 char *fullname = kmem_asprintf("%s@%s", name, snapname);
3098 vfsp = zfs_get_vfs(fullname);
3100 } else if (strchr(name, '@')) {
3101 vfsp = zfs_get_vfs(name);
3106 * Always force the unmount for snapshots.
3108 int flag = MS_FORCE;
3111 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) {
3116 mtx_lock(&Giant); /* dounmount() */
3117 dounmount(vfsp, flag, curthread);
3118 mtx_unlock(&Giant); /* dounmount() */
3125 * zc_name name of filesystem
3126 * zc_value short name of snapshot
3127 * zc_defer_destroy mark for deferred destroy
3132 zfs_ioc_destroy_snaps(zfs_cmd_t *zc)
3136 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
3138 err = dmu_objset_find(zc->zc_name,
3139 zfs_unmount_snap, zc->zc_value, DS_FIND_CHILDREN);
3142 return (dmu_snapshots_destroy(zc->zc_name, zc->zc_value,
3143 zc->zc_defer_destroy));
3148 * zc_name name of dataset to destroy
3149 * zc_objset_type type of objset
3150 * zc_defer_destroy mark for deferred destroy
3155 zfs_ioc_destroy(zfs_cmd_t *zc)
3158 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) {
3159 err = zfs_unmount_snap(zc->zc_name, NULL);
3164 err = dmu_objset_destroy(zc->zc_name, zc->zc_defer_destroy);
3165 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3166 (void) zvol_remove_minor(zc->zc_name);
3172 * zc_name name of dataset to rollback (to most recent snapshot)
3177 zfs_ioc_rollback(zfs_cmd_t *zc)
3179 dsl_dataset_t *ds, *clone;
3184 error = dsl_dataset_hold(zc->zc_name, FTAG, &ds);
3188 /* must not be a snapshot */
3189 if (dsl_dataset_is_snapshot(ds)) {
3190 dsl_dataset_rele(ds, FTAG);
3194 /* must have a most recent snapshot */
3195 if (ds->ds_phys->ds_prev_snap_txg < TXG_INITIAL) {
3196 dsl_dataset_rele(ds, FTAG);
3201 * Create clone of most recent snapshot.
3203 clone_name = kmem_asprintf("%s/%%rollback", zc->zc_name);
3204 error = dmu_objset_clone(clone_name, ds->ds_prev, DS_FLAG_INCONSISTENT);
3208 error = dsl_dataset_own(clone_name, B_TRUE, FTAG, &clone);
3215 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
3216 error = zfs_suspend_fs(zfsvfs);
3220 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3221 error = dsl_dataset_clone_swap(clone, ds,
3223 dsl_dataset_disown(ds, FTAG);
3228 resume_err = zfs_resume_fs(zfsvfs, zc->zc_name);
3229 error = error ? error : resume_err;
3231 VFS_RELE(zfsvfs->z_vfs);
3233 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3234 error = dsl_dataset_clone_swap(clone, ds, B_TRUE);
3235 dsl_dataset_disown(ds, FTAG);
3243 * Destroy clone (which also closes it).
3245 (void) dsl_dataset_destroy(clone, FTAG, B_FALSE);
3248 strfree(clone_name);
3250 dsl_dataset_rele(ds, FTAG);
3256 * zc_name old name of dataset
3257 * zc_value new name of dataset
3258 * zc_cookie recursive flag (only valid for snapshots)
3263 zfs_ioc_rename(zfs_cmd_t *zc)
3265 boolean_t recursive = zc->zc_cookie & 1;
3267 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3268 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3269 strchr(zc->zc_value, '%'))
3273 * Unmount snapshot unless we're doing a recursive rename,
3274 * in which case the dataset code figures out which snapshots
3277 if (!recursive && strchr(zc->zc_name, '@') != NULL &&
3278 zc->zc_objset_type == DMU_OST_ZFS) {
3279 int err = zfs_unmount_snap(zc->zc_name, NULL);
3283 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive));
3287 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3289 const char *propname = nvpair_name(pair);
3290 boolean_t issnap = (strchr(dsname, '@') != NULL);
3291 zfs_prop_t prop = zfs_name_to_prop(propname);
3295 if (prop == ZPROP_INVAL) {
3296 if (zfs_prop_user(propname)) {
3297 if (err = zfs_secpolicy_write_perms(dsname,
3298 ZFS_DELEG_PERM_USERPROP, cr))
3303 if (!issnap && zfs_prop_userquota(propname)) {
3304 const char *perm = NULL;
3305 const char *uq_prefix =
3306 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3307 const char *gq_prefix =
3308 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3310 if (strncmp(propname, uq_prefix,
3311 strlen(uq_prefix)) == 0) {
3312 perm = ZFS_DELEG_PERM_USERQUOTA;
3313 } else if (strncmp(propname, gq_prefix,
3314 strlen(gq_prefix)) == 0) {
3315 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3317 /* USERUSED and GROUPUSED are read-only */
3321 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3332 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3334 * dsl_prop_get_all_impl() returns properties in this
3338 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3339 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3344 * Check that this value is valid for this pool version
3347 case ZFS_PROP_COMPRESSION:
3349 * If the user specified gzip compression, make sure
3350 * the SPA supports it. We ignore any errors here since
3351 * we'll catch them later.
3353 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3354 nvpair_value_uint64(pair, &intval) == 0) {
3355 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3356 intval <= ZIO_COMPRESS_GZIP_9 &&
3357 zfs_earlier_version(dsname,
3358 SPA_VERSION_GZIP_COMPRESSION)) {
3362 if (intval == ZIO_COMPRESS_ZLE &&
3363 zfs_earlier_version(dsname,
3364 SPA_VERSION_ZLE_COMPRESSION))
3368 * If this is a bootable dataset then
3369 * verify that the compression algorithm
3370 * is supported for booting. We must return
3371 * something other than ENOTSUP since it
3372 * implies a downrev pool version.
3374 if (zfs_is_bootfs(dsname) &&
3375 !BOOTFS_COMPRESS_VALID(intval)) {
3381 case ZFS_PROP_COPIES:
3382 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3386 case ZFS_PROP_DEDUP:
3387 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3391 case ZFS_PROP_SHARESMB:
3392 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3396 case ZFS_PROP_ACLINHERIT:
3397 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3398 nvpair_value_uint64(pair, &intval) == 0) {
3399 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3400 zfs_earlier_version(dsname,
3401 SPA_VERSION_PASSTHROUGH_X))
3407 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3411 * Removes properties from the given props list that fail permission checks
3412 * needed to clear them and to restore them in case of a receive error. For each
3413 * property, make sure we have both set and inherit permissions.
3415 * Returns the first error encountered if any permission checks fail. If the
3416 * caller provides a non-NULL errlist, it also gives the complete list of names
3417 * of all the properties that failed a permission check along with the
3418 * corresponding error numbers. The caller is responsible for freeing the
3421 * If every property checks out successfully, zero is returned and the list
3422 * pointed at by errlist is NULL.
3425 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3428 nvpair_t *pair, *next_pair;
3435 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3437 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3438 (void) strcpy(zc->zc_name, dataset);
3439 pair = nvlist_next_nvpair(props, NULL);
3440 while (pair != NULL) {
3441 next_pair = nvlist_next_nvpair(props, pair);
3443 (void) strcpy(zc->zc_value, nvpair_name(pair));
3444 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3445 (err = zfs_secpolicy_inherit(zc, CRED())) != 0) {
3446 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3447 VERIFY(nvlist_add_int32(errors,
3448 zc->zc_value, err) == 0);
3452 kmem_free(zc, sizeof (zfs_cmd_t));
3454 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3455 nvlist_free(errors);
3458 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3461 if (errlist == NULL)
3462 nvlist_free(errors);
3470 propval_equals(nvpair_t *p1, nvpair_t *p2)
3472 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3473 /* dsl_prop_get_all_impl() format */
3475 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3476 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3480 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
3482 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
3483 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3487 if (nvpair_type(p1) != nvpair_type(p2))
3490 if (nvpair_type(p1) == DATA_TYPE_STRING) {
3491 char *valstr1, *valstr2;
3493 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
3494 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
3495 return (strcmp(valstr1, valstr2) == 0);
3497 uint64_t intval1, intval2;
3499 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
3500 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
3501 return (intval1 == intval2);
3506 * Remove properties from props if they are not going to change (as determined
3507 * by comparison with origprops). Remove them from origprops as well, since we
3508 * do not need to clear or restore properties that won't change.
3511 props_reduce(nvlist_t *props, nvlist_t *origprops)
3513 nvpair_t *pair, *next_pair;
3515 if (origprops == NULL)
3516 return; /* all props need to be received */
3518 pair = nvlist_next_nvpair(props, NULL);
3519 while (pair != NULL) {
3520 const char *propname = nvpair_name(pair);
3523 next_pair = nvlist_next_nvpair(props, pair);
3525 if ((nvlist_lookup_nvpair(origprops, propname,
3526 &match) != 0) || !propval_equals(pair, match))
3527 goto next; /* need to set received value */
3529 /* don't clear the existing received value */
3530 (void) nvlist_remove_nvpair(origprops, match);
3531 /* don't bother receiving the property */
3532 (void) nvlist_remove_nvpair(props, pair);
3539 static boolean_t zfs_ioc_recv_inject_err;
3544 * zc_name name of containing filesystem
3545 * zc_nvlist_src{_size} nvlist of properties to apply
3546 * zc_value name of snapshot to create
3547 * zc_string name of clone origin (if DRR_FLAG_CLONE)
3548 * zc_cookie file descriptor to recv from
3549 * zc_begin_record the BEGIN record of the stream (not byteswapped)
3550 * zc_guid force flag
3551 * zc_cleanup_fd cleanup-on-exit file descriptor
3552 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
3555 * zc_cookie number of bytes read
3556 * zc_nvlist_dst{_size} error for each unapplied received property
3557 * zc_obj zprop_errflags_t
3558 * zc_action_handle handle for this guid/ds mapping
3561 zfs_ioc_recv(zfs_cmd_t *zc)
3565 dmu_recv_cookie_t drc;
3566 boolean_t force = (boolean_t)zc->zc_guid;
3569 int props_error = 0;
3572 nvlist_t *props = NULL; /* sent properties */
3573 nvlist_t *origprops = NULL; /* existing properties */
3574 objset_t *origin = NULL;
3576 char tofs[ZFS_MAXNAMELEN];
3577 boolean_t first_recvd_props = B_FALSE;
3579 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3580 strchr(zc->zc_value, '@') == NULL ||
3581 strchr(zc->zc_value, '%'))
3584 (void) strcpy(tofs, zc->zc_value);
3585 tosnap = strchr(tofs, '@');
3588 if (zc->zc_nvlist_src != 0 &&
3589 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3590 zc->zc_iflags, &props)) != 0)
3600 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3602 if (props && dmu_objset_hold(tofs, FTAG, &os) == 0) {
3603 if ((spa_version(os->os_spa) >= SPA_VERSION_RECVD_PROPS) &&
3604 !dsl_prop_get_hasrecvd(os)) {
3605 first_recvd_props = B_TRUE;
3609 * If new received properties are supplied, they are to
3610 * completely replace the existing received properties, so stash
3611 * away the existing ones.
3613 if (dsl_prop_get_received(os, &origprops) == 0) {
3614 nvlist_t *errlist = NULL;
3616 * Don't bother writing a property if its value won't
3617 * change (and avoid the unnecessary security checks).
3619 * The first receive after SPA_VERSION_RECVD_PROPS is a
3620 * special case where we blow away all local properties
3623 if (!first_recvd_props)
3624 props_reduce(props, origprops);
3625 if (zfs_check_clearable(tofs, origprops,
3627 (void) nvlist_merge(errors, errlist, 0);
3628 nvlist_free(errlist);
3631 dmu_objset_rele(os, FTAG);
3634 if (zc->zc_string[0]) {
3635 error = dmu_objset_hold(zc->zc_string, FTAG, &origin);
3640 error = dmu_recv_begin(tofs, tosnap, zc->zc_top_ds,
3641 &zc->zc_begin_record, force, origin, &drc);
3643 dmu_objset_rele(origin, FTAG);
3648 * Set properties before we receive the stream so that they are applied
3649 * to the new data. Note that we must call dmu_recv_stream() if
3650 * dmu_recv_begin() succeeds.
3655 if (dmu_objset_from_ds(drc.drc_logical_ds, &os) == 0) {
3656 if (drc.drc_newfs) {
3657 if (spa_version(os->os_spa) >=
3658 SPA_VERSION_RECVD_PROPS)
3659 first_recvd_props = B_TRUE;
3660 } else if (origprops != NULL) {
3661 if (clear_received_props(os, tofs, origprops,
3662 first_recvd_props ? NULL : props) != 0)
3663 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3665 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3667 dsl_prop_set_hasrecvd(os);
3668 } else if (!drc.drc_newfs) {
3669 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
3672 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
3674 (void) nvlist_merge(errors, errlist, 0);
3675 nvlist_free(errlist);
3678 if (fit_error_list(zc, &errors) != 0 || put_nvlist(zc, errors) != 0) {
3680 * Caller made zc->zc_nvlist_dst less than the minimum expected
3681 * size or supplied an invalid address.
3683 props_error = EINVAL;
3687 error = dmu_recv_stream(&drc, fp, &off, zc->zc_cleanup_fd,
3688 &zc->zc_action_handle);
3691 zfsvfs_t *zfsvfs = NULL;
3693 if (getzfsvfs(tofs, &zfsvfs) == 0) {
3697 error = zfs_suspend_fs(zfsvfs);
3699 * If the suspend fails, then the recv_end will
3700 * likely also fail, and clean up after itself.
3702 end_err = dmu_recv_end(&drc);
3704 error = zfs_resume_fs(zfsvfs, tofs);
3705 error = error ? error : end_err;
3706 VFS_RELE(zfsvfs->z_vfs);
3708 error = dmu_recv_end(&drc);
3712 zc->zc_cookie = off - fp->f_offset;
3713 if (off >= 0 && off <= MAXOFFSET_T)
3717 if (zfs_ioc_recv_inject_err) {
3718 zfs_ioc_recv_inject_err = B_FALSE;
3723 * On error, restore the original props.
3725 if (error && props) {
3726 if (dmu_objset_hold(tofs, FTAG, &os) == 0) {
3727 if (clear_received_props(os, tofs, props, NULL) != 0) {
3729 * We failed to clear the received properties.
3730 * Since we may have left a $recvd value on the
3731 * system, we can't clear the $hasrecvd flag.
3733 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3734 } else if (first_recvd_props) {
3735 dsl_prop_unset_hasrecvd(os);
3737 dmu_objset_rele(os, FTAG);
3738 } else if (!drc.drc_newfs) {
3739 /* We failed to clear the received properties. */
3740 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3743 if (origprops == NULL && !drc.drc_newfs) {
3744 /* We failed to stash the original properties. */
3745 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3749 * dsl_props_set() will not convert RECEIVED to LOCAL on or
3750 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
3751 * explictly if we're restoring local properties cleared in the
3752 * first new-style receive.
3754 if (origprops != NULL &&
3755 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
3756 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
3757 origprops, NULL) != 0) {
3759 * We stashed the original properties but failed to
3762 zc->zc_obj |= ZPROP_ERR_NORESTORE;
3767 nvlist_free(origprops);
3768 nvlist_free(errors);
3772 error = props_error;
3779 * zc_name name of snapshot to send
3780 * zc_cookie file descriptor to send stream to
3781 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
3782 * zc_sendobj objsetid of snapshot to send
3783 * zc_fromobj objsetid of incremental fromsnap (may be zero)
3788 zfs_ioc_send(zfs_cmd_t *zc)
3790 objset_t *fromsnap = NULL;
3796 dsl_dataset_t *dsfrom = NULL;
3800 error = spa_open(zc->zc_name, &spa, FTAG);
3804 dp = spa_get_dsl(spa);
3805 rw_enter(&dp->dp_config_rwlock, RW_READER);
3806 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
3807 rw_exit(&dp->dp_config_rwlock);
3809 spa_close(spa, FTAG);
3813 error = dmu_objset_from_ds(ds, &tosnap);
3815 dsl_dataset_rele(ds, FTAG);
3816 spa_close(spa, FTAG);
3820 if (zc->zc_fromobj != 0) {
3821 rw_enter(&dp->dp_config_rwlock, RW_READER);
3822 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj, FTAG, &dsfrom);
3823 rw_exit(&dp->dp_config_rwlock);
3824 spa_close(spa, FTAG);
3826 dsl_dataset_rele(ds, FTAG);
3829 error = dmu_objset_from_ds(dsfrom, &fromsnap);
3831 dsl_dataset_rele(dsfrom, FTAG);
3832 dsl_dataset_rele(ds, FTAG);
3836 spa_close(spa, FTAG);
3839 fp = getf(zc->zc_cookie);
3841 dsl_dataset_rele(ds, FTAG);
3843 dsl_dataset_rele(dsfrom, FTAG);
3848 error = dmu_sendbackup(tosnap, fromsnap, zc->zc_obj, fp, &off);
3850 if (off >= 0 && off <= MAXOFFSET_T)
3852 releasef(zc->zc_cookie);
3854 dsl_dataset_rele(dsfrom, FTAG);
3855 dsl_dataset_rele(ds, FTAG);
3860 zfs_ioc_inject_fault(zfs_cmd_t *zc)
3864 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
3865 &zc->zc_inject_record);
3868 zc->zc_guid = (uint64_t)id;
3874 zfs_ioc_clear_fault(zfs_cmd_t *zc)
3876 return (zio_clear_fault((int)zc->zc_guid));
3880 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
3882 int id = (int)zc->zc_guid;
3885 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
3886 &zc->zc_inject_record);
3894 zfs_ioc_error_log(zfs_cmd_t *zc)
3898 size_t count = (size_t)zc->zc_nvlist_dst_size;
3900 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
3903 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
3906 zc->zc_nvlist_dst_size = count;
3908 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
3910 spa_close(spa, FTAG);
3916 zfs_ioc_clear(zfs_cmd_t *zc)
3923 * On zpool clear we also fix up missing slogs
3925 mutex_enter(&spa_namespace_lock);
3926 spa = spa_lookup(zc->zc_name);
3928 mutex_exit(&spa_namespace_lock);
3931 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
3932 /* we need to let spa_open/spa_load clear the chains */
3933 spa_set_log_state(spa, SPA_LOG_CLEAR);
3935 spa->spa_last_open_failed = 0;
3936 mutex_exit(&spa_namespace_lock);
3938 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
3939 error = spa_open(zc->zc_name, &spa, FTAG);
3942 nvlist_t *config = NULL;
3944 if (zc->zc_nvlist_src == 0)
3947 if ((error = get_nvlist(zc->zc_nvlist_src,
3948 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
3949 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
3951 if (config != NULL) {
3954 if ((err = put_nvlist(zc, config)) != 0)
3956 nvlist_free(config);
3958 nvlist_free(policy);
3965 spa_vdev_state_enter(spa, SCL_NONE);
3967 if (zc->zc_guid == 0) {
3970 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
3972 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
3973 spa_close(spa, FTAG);
3978 vdev_clear(spa, vd);
3980 (void) spa_vdev_state_exit(spa, NULL, 0);
3983 * Resume any suspended I/Os.
3985 if (zio_resume(spa) != 0)
3988 spa_close(spa, FTAG);
3995 * zc_name name of filesystem
3996 * zc_value name of origin snapshot
3999 * zc_string name of conflicting snapshot, if there is one
4002 zfs_ioc_promote(zfs_cmd_t *zc)
4007 * We don't need to unmount *all* the origin fs's snapshots, but
4010 cp = strchr(zc->zc_value, '@');
4013 (void) dmu_objset_find(zc->zc_value,
4014 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS);
4015 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4019 * Retrieve a single {user|group}{used|quota}@... property.
4022 * zc_name name of filesystem
4023 * zc_objset_type zfs_userquota_prop_t
4024 * zc_value domain name (eg. "S-1-234-567-89")
4025 * zc_guid RID/UID/GID
4028 * zc_cookie property value
4031 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4036 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4039 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4043 error = zfs_userspace_one(zfsvfs,
4044 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4045 zfsvfs_rele(zfsvfs, FTAG);
4052 * zc_name name of filesystem
4053 * zc_cookie zap cursor
4054 * zc_objset_type zfs_userquota_prop_t
4055 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4058 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4059 * zc_cookie zap cursor
4062 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4065 int bufsize = zc->zc_nvlist_dst_size;
4070 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4074 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4076 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4077 buf, &zc->zc_nvlist_dst_size);
4080 error = ddi_copyout(buf,
4081 (void *)(uintptr_t)zc->zc_nvlist_dst,
4082 zc->zc_nvlist_dst_size, zc->zc_iflags);
4084 kmem_free(buf, bufsize);
4085 zfsvfs_rele(zfsvfs, FTAG);
4092 * zc_name name of filesystem
4098 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4104 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4105 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4107 * If userused is not enabled, it may be because the
4108 * objset needs to be closed & reopened (to grow the
4109 * objset_phys_t). Suspend/resume the fs will do that.
4111 error = zfs_suspend_fs(zfsvfs);
4113 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4116 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4117 VFS_RELE(zfsvfs->z_vfs);
4119 /* XXX kind of reading contents without owning */
4120 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4124 error = dmu_objset_userspace_upgrade(os);
4125 dmu_objset_rele(os, FTAG);
4133 * We don't want to have a hard dependency
4134 * against some special symbols in sharefs
4135 * nfs, and smbsrv. Determine them if needed when
4136 * the first file system is shared.
4137 * Neither sharefs, nfs or smbsrv are unloadable modules.
4139 int (*znfsexport_fs)(void *arg);
4140 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4141 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4143 int zfs_nfsshare_inited;
4144 int zfs_smbshare_inited;
4146 ddi_modhandle_t nfs_mod;
4147 ddi_modhandle_t sharefs_mod;
4148 ddi_modhandle_t smbsrv_mod;
4150 kmutex_t zfs_share_lock;
4158 ASSERT(MUTEX_HELD(&zfs_share_lock));
4159 /* Both NFS and SMB shares also require sharetab support. */
4160 if (sharefs_mod == NULL && ((sharefs_mod =
4161 ddi_modopen("fs/sharefs",
4162 KRTLD_MODE_FIRST, &error)) == NULL)) {
4165 if (zshare_fs == NULL && ((zshare_fs =
4166 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4167 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4175 zfs_ioc_share(zfs_cmd_t *zc)
4181 switch (zc->zc_share.z_sharetype) {
4183 case ZFS_UNSHARE_NFS:
4184 if (zfs_nfsshare_inited == 0) {
4185 mutex_enter(&zfs_share_lock);
4186 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4187 KRTLD_MODE_FIRST, &error)) == NULL)) {
4188 mutex_exit(&zfs_share_lock);
4191 if (znfsexport_fs == NULL &&
4192 ((znfsexport_fs = (int (*)(void *))
4194 "nfs_export", &error)) == NULL)) {
4195 mutex_exit(&zfs_share_lock);
4198 error = zfs_init_sharefs();
4200 mutex_exit(&zfs_share_lock);
4203 zfs_nfsshare_inited = 1;
4204 mutex_exit(&zfs_share_lock);
4208 case ZFS_UNSHARE_SMB:
4209 if (zfs_smbshare_inited == 0) {
4210 mutex_enter(&zfs_share_lock);
4211 if (smbsrv_mod == NULL && ((smbsrv_mod =
4212 ddi_modopen("drv/smbsrv",
4213 KRTLD_MODE_FIRST, &error)) == NULL)) {
4214 mutex_exit(&zfs_share_lock);
4217 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4218 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4219 "smb_server_share", &error)) == NULL)) {
4220 mutex_exit(&zfs_share_lock);
4223 error = zfs_init_sharefs();
4225 mutex_exit(&zfs_share_lock);
4228 zfs_smbshare_inited = 1;
4229 mutex_exit(&zfs_share_lock);
4236 switch (zc->zc_share.z_sharetype) {
4238 case ZFS_UNSHARE_NFS:
4240 znfsexport_fs((void *)
4241 (uintptr_t)zc->zc_share.z_exportdata))
4245 case ZFS_UNSHARE_SMB:
4246 if (error = zsmbexport_fs((void *)
4247 (uintptr_t)zc->zc_share.z_exportdata,
4248 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4255 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4256 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4257 SHAREFS_ADD : SHAREFS_REMOVE;
4260 * Add or remove share from sharetab
4262 error = zshare_fs(opcode,
4263 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4264 zc->zc_share.z_sharemax);
4273 ace_t full_access[] = {
4274 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4279 * zc_name name of containing filesystem
4280 * zc_obj object # beyond which we want next in-use object #
4283 * zc_obj next in-use object #
4286 zfs_ioc_next_obj(zfs_cmd_t *zc)
4288 objset_t *os = NULL;
4291 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4295 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4296 os->os_dsl_dataset->ds_phys->ds_prev_snap_txg);
4298 dmu_objset_rele(os, FTAG);
4304 * zc_name name of filesystem
4305 * zc_value prefix name for snapshot
4306 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4311 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4316 snap_name = kmem_asprintf("%s-%016llx", zc->zc_value,
4317 (u_longlong_t)ddi_get_lbolt64());
4319 if (strlen(snap_name) >= MAXNAMELEN) {
4324 error = dmu_objset_snapshot(zc->zc_name, snap_name, snap_name,
4325 NULL, B_FALSE, B_TRUE, zc->zc_cleanup_fd);
4331 (void) strcpy(zc->zc_value, snap_name);
4338 * zc_name name of "to" snapshot
4339 * zc_value name of "from" snapshot
4340 * zc_cookie file descriptor to write diff data on
4343 * dmu_diff_record_t's to the file descriptor
4346 zfs_ioc_diff(zfs_cmd_t *zc)
4354 error = dmu_objset_hold(zc->zc_name, FTAG, &tosnap);
4358 error = dmu_objset_hold(zc->zc_value, FTAG, &fromsnap);
4360 dmu_objset_rele(tosnap, FTAG);
4364 fp = getf(zc->zc_cookie);
4366 dmu_objset_rele(fromsnap, FTAG);
4367 dmu_objset_rele(tosnap, FTAG);
4373 error = dmu_diff(tosnap, fromsnap, fp, &off);
4375 if (off >= 0 && off <= MAXOFFSET_T)
4377 releasef(zc->zc_cookie);
4379 dmu_objset_rele(fromsnap, FTAG);
4380 dmu_objset_rele(tosnap, FTAG);
4386 * Remove all ACL files in shares dir
4389 zfs_smb_acl_purge(znode_t *dzp)
4392 zap_attribute_t zap;
4393 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4396 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4397 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4398 zap_cursor_advance(&zc)) {
4399 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4403 zap_cursor_fini(&zc);
4409 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4414 vnode_t *resourcevp = NULL;
4423 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4424 NO_FOLLOW, NULL, &vp)) != 0)
4427 /* Now make sure mntpnt and dataset are ZFS */
4429 if (strcmp(vp->v_vfsp->mnt_stat.f_fstypename, "zfs") != 0 ||
4430 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4431 zc->zc_name) != 0)) {
4437 zfsvfs = dzp->z_zfsvfs;
4441 * Create share dir if its missing.
4443 mutex_enter(&zfsvfs->z_lock);
4444 if (zfsvfs->z_shares_dir == 0) {
4447 tx = dmu_tx_create(zfsvfs->z_os);
4448 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
4450 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
4451 error = dmu_tx_assign(tx, TXG_WAIT);
4455 error = zfs_create_share_dir(zfsvfs, tx);
4459 mutex_exit(&zfsvfs->z_lock);
4465 mutex_exit(&zfsvfs->z_lock);
4467 ASSERT(zfsvfs->z_shares_dir);
4468 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
4474 switch (zc->zc_cookie) {
4475 case ZFS_SMB_ACL_ADD:
4476 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
4477 vattr.va_type = VREG;
4478 vattr.va_mode = S_IFREG|0777;
4482 vsec.vsa_mask = VSA_ACE;
4483 vsec.vsa_aclentp = &full_access;
4484 vsec.vsa_aclentsz = sizeof (full_access);
4485 vsec.vsa_aclcnt = 1;
4487 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
4488 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
4490 VN_RELE(resourcevp);
4493 case ZFS_SMB_ACL_REMOVE:
4494 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
4498 case ZFS_SMB_ACL_RENAME:
4499 if ((error = get_nvlist(zc->zc_nvlist_src,
4500 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
4505 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
4506 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
4509 VN_RELE(ZTOV(sharedir));
4511 nvlist_free(nvlist);
4514 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
4516 nvlist_free(nvlist);
4519 case ZFS_SMB_ACL_PURGE:
4520 error = zfs_smb_acl_purge(sharedir);
4529 VN_RELE(ZTOV(sharedir));
4535 return (EOPNOTSUPP);
4541 * zc_name name of filesystem
4542 * zc_value short name of snap
4543 * zc_string user-supplied tag for this hold
4544 * zc_cookie recursive flag
4545 * zc_temphold set if hold is temporary
4546 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4547 * zc_sendobj if non-zero, the objid for zc_name@zc_value
4548 * zc_createtxg if zc_sendobj is non-zero, snap must have zc_createtxg
4553 zfs_ioc_hold(zfs_cmd_t *zc)
4555 boolean_t recursive = zc->zc_cookie;
4562 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4565 if (zc->zc_sendobj == 0) {
4566 return (dsl_dataset_user_hold(zc->zc_name, zc->zc_value,
4567 zc->zc_string, recursive, zc->zc_temphold,
4568 zc->zc_cleanup_fd));
4574 error = spa_open(zc->zc_name, &spa, FTAG);
4578 dp = spa_get_dsl(spa);
4579 rw_enter(&dp->dp_config_rwlock, RW_READER);
4580 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4581 rw_exit(&dp->dp_config_rwlock);
4582 spa_close(spa, FTAG);
4587 * Until we have a hold on this snapshot, it's possible that
4588 * zc_sendobj could've been destroyed and reused as part
4589 * of a later txg. Make sure we're looking at the right object.
4591 if (zc->zc_createtxg != ds->ds_phys->ds_creation_txg) {
4592 dsl_dataset_rele(ds, FTAG);
4596 if (zc->zc_cleanup_fd != -1 && zc->zc_temphold) {
4597 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
4599 dsl_dataset_rele(ds, FTAG);
4604 error = dsl_dataset_user_hold_for_send(ds, zc->zc_string,
4608 dsl_register_onexit_hold_cleanup(ds, zc->zc_string,
4611 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
4613 dsl_dataset_rele(ds, FTAG);
4620 * zc_name name of dataset from which we're releasing a user hold
4621 * zc_value short name of snap
4622 * zc_string user-supplied tag for this hold
4623 * zc_cookie recursive flag
4628 zfs_ioc_release(zfs_cmd_t *zc)
4630 boolean_t recursive = zc->zc_cookie;
4632 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
4635 return (dsl_dataset_user_release(zc->zc_name, zc->zc_value,
4636 zc->zc_string, recursive));
4641 * zc_name name of filesystem
4644 * zc_nvlist_src{_size} nvlist of snapshot holds
4647 zfs_ioc_get_holds(zfs_cmd_t *zc)
4652 if ((error = dsl_dataset_get_holds(zc->zc_name, &nvp)) == 0) {
4653 error = put_nvlist(zc, nvp);
4661 * pool create, destroy, and export don't log the history as part of
4662 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export
4663 * do the logging of those commands.
4666 zfs_ioc_jail(zfs_cmd_t *zc)
4669 return (zone_dataset_attach(curthread->td_ucred, zc->zc_name,
4670 (int)zc->zc_jailid));
4674 zfs_ioc_unjail(zfs_cmd_t *zc)
4677 return (zone_dataset_detach(curthread->td_ucred, zc->zc_name,
4678 (int)zc->zc_jailid));
4681 static zfs_ioc_vec_t zfs_ioc_vec[] = {
4682 { zfs_ioc_pool_create, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4684 { zfs_ioc_pool_destroy, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4686 { zfs_ioc_pool_import, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4688 { zfs_ioc_pool_export, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4690 { zfs_ioc_pool_configs, zfs_secpolicy_none, NO_NAME, B_FALSE,
4692 { zfs_ioc_pool_stats, zfs_secpolicy_read, POOL_NAME, B_FALSE,
4694 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, NO_NAME, B_FALSE,
4696 { zfs_ioc_pool_scan, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4698 { zfs_ioc_pool_freeze, zfs_secpolicy_config, NO_NAME, B_FALSE,
4700 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4702 { zfs_ioc_pool_get_history, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4704 { zfs_ioc_vdev_add, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4706 { zfs_ioc_vdev_remove, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4708 { zfs_ioc_vdev_set_state, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4710 { zfs_ioc_vdev_attach, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4712 { zfs_ioc_vdev_detach, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4714 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4716 { zfs_ioc_vdev_setfru, zfs_secpolicy_config, POOL_NAME, B_FALSE,
4718 { zfs_ioc_objset_stats, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4720 { zfs_ioc_objset_zplprops, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4722 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4724 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4726 { zfs_ioc_set_prop, zfs_secpolicy_none, DATASET_NAME, B_TRUE, B_TRUE },
4727 { zfs_ioc_create, zfs_secpolicy_create, DATASET_NAME, B_TRUE, B_TRUE },
4728 { zfs_ioc_destroy, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE,
4730 { zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME, B_TRUE,
4732 { zfs_ioc_rename, zfs_secpolicy_rename, DATASET_NAME, B_TRUE, B_TRUE },
4733 { zfs_ioc_recv, zfs_secpolicy_receive, DATASET_NAME, B_TRUE, B_TRUE },
4734 { zfs_ioc_send, zfs_secpolicy_send, DATASET_NAME, B_TRUE, B_FALSE },
4735 { zfs_ioc_inject_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE,
4737 { zfs_ioc_clear_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE,
4739 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, NO_NAME, B_FALSE,
4741 { zfs_ioc_error_log, zfs_secpolicy_inject, POOL_NAME, B_FALSE,
4743 { zfs_ioc_clear, zfs_secpolicy_config, POOL_NAME, B_TRUE, B_FALSE },
4744 { zfs_ioc_promote, zfs_secpolicy_promote, DATASET_NAME, B_TRUE,
4746 { zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, DATASET_NAME,
4748 { zfs_ioc_snapshot, zfs_secpolicy_snapshot, DATASET_NAME, B_TRUE,
4750 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_diff, POOL_NAME, B_FALSE,
4752 { zfs_ioc_obj_to_path, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
4754 { zfs_ioc_pool_set_props, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4756 { zfs_ioc_pool_get_props, zfs_secpolicy_read, POOL_NAME, B_FALSE,
4758 { zfs_ioc_set_fsacl, zfs_secpolicy_fsacl, DATASET_NAME, B_TRUE,
4760 { zfs_ioc_get_fsacl, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4762 { zfs_ioc_share, zfs_secpolicy_share, DATASET_NAME, B_FALSE, B_FALSE },
4763 { zfs_ioc_inherit_prop, zfs_secpolicy_inherit, DATASET_NAME, B_TRUE,
4765 { zfs_ioc_smb_acl, zfs_secpolicy_smb_acl, DATASET_NAME, B_FALSE,
4767 { zfs_ioc_userspace_one, zfs_secpolicy_userspace_one,
4768 DATASET_NAME, B_FALSE, B_FALSE },
4769 { zfs_ioc_userspace_many, zfs_secpolicy_userspace_many,
4770 DATASET_NAME, B_FALSE, B_FALSE },
4771 { zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
4772 DATASET_NAME, B_FALSE, B_TRUE },
4773 { zfs_ioc_hold, zfs_secpolicy_hold, DATASET_NAME, B_TRUE, B_TRUE },
4774 { zfs_ioc_release, zfs_secpolicy_release, DATASET_NAME, B_TRUE,
4776 { zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4778 { zfs_ioc_objset_recvd_props, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4780 { zfs_ioc_vdev_split, zfs_secpolicy_config, POOL_NAME, B_TRUE,
4782 { zfs_ioc_next_obj, zfs_secpolicy_read, DATASET_NAME, B_FALSE,
4784 { zfs_ioc_diff, zfs_secpolicy_diff, DATASET_NAME, B_FALSE, B_FALSE },
4785 { zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot, DATASET_NAME,
4787 { zfs_ioc_obj_to_stats, zfs_secpolicy_diff, DATASET_NAME, B_FALSE,
4789 { zfs_ioc_jail, zfs_secpolicy_config, DATASET_NAME, B_TRUE, B_FALSE },
4790 { zfs_ioc_unjail, zfs_secpolicy_config, DATASET_NAME, B_TRUE, B_FALSE }
4794 pool_status_check(const char *name, zfs_ioc_namecheck_t type)
4799 ASSERT(type == POOL_NAME || type == DATASET_NAME);
4801 error = spa_open(name, &spa, FTAG);
4803 if (spa_suspended(spa))
4805 spa_close(spa, FTAG);
4811 * Find a free minor number.
4814 zfsdev_minor_alloc(void)
4816 static minor_t last_minor;
4819 ASSERT(MUTEX_HELD(&spa_namespace_lock));
4821 for (m = last_minor + 1; m != last_minor; m++) {
4822 if (m > ZFSDEV_MAX_MINOR)
4824 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
4834 zfs_ctldev_init(struct cdev *devp)
4837 zfs_soft_state_t *zs;
4839 ASSERT(MUTEX_HELD(&spa_namespace_lock));
4841 minor = zfsdev_minor_alloc();
4845 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
4848 devfs_set_cdevpriv((void *)(uintptr_t)minor, zfsdev_close);
4850 zs = ddi_get_soft_state(zfsdev_state, minor);
4851 zs->zss_type = ZSST_CTLDEV;
4852 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
4858 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
4860 ASSERT(MUTEX_HELD(&spa_namespace_lock));
4862 zfs_onexit_destroy(zo);
4863 ddi_soft_state_free(zfsdev_state, minor);
4867 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
4869 zfs_soft_state_t *zp;
4871 zp = ddi_get_soft_state(zfsdev_state, minor);
4872 if (zp == NULL || zp->zss_type != which)
4875 return (zp->zss_data);
4879 zfsdev_open(struct cdev *devp, int flag, int mode, struct thread *td)
4884 if (getminor(*devp) != 0)
4885 return (zvol_open(devp, flag, otyp, cr));
4888 /* This is the control device. Allocate a new minor if requested. */
4890 mutex_enter(&spa_namespace_lock);
4891 error = zfs_ctldev_init(devp);
4892 mutex_exit(&spa_namespace_lock);
4899 zfsdev_close(void *data)
4902 minor_t minor = (minor_t)(uintptr_t)data;
4907 mutex_enter(&spa_namespace_lock);
4908 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
4910 mutex_exit(&spa_namespace_lock);
4913 zfs_ctldev_destroy(zo, minor);
4914 mutex_exit(&spa_namespace_lock);
4918 zfsdev_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flag,
4923 int cflag, error, len;
4925 cflag = ZFS_CMD_COMPAT_NONE;
4926 len = IOCPARM_LEN(cmd);
4929 * Check if we have sufficient kernel memory allocated
4930 * for the zfs_cmd_t request. Bail out if not so we
4931 * will not access undefined memory region.
4933 if (len < sizeof(zfs_cmd_t))
4934 if (len == sizeof(zfs_cmd_v15_t)) {
4935 cflag = ZFS_CMD_COMPAT_V15;
4936 vec = zfs_ioctl_v15_to_v28[ZFS_IOC(cmd)];
4942 if (cflag != ZFS_CMD_COMPAT_NONE) {
4943 if (vec == ZFS_IOC_COMPAT_PASS)
4945 else if (vec == ZFS_IOC_COMPAT_FAIL)
4949 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
4952 if (cflag != ZFS_CMD_COMPAT_NONE) {
4953 zc = kmem_zalloc(sizeof(zfs_cmd_t), KM_SLEEP);
4954 bzero(zc, sizeof(zfs_cmd_t));
4955 zfs_cmd_compat_get(zc, addr, cflag);
4956 zfs_ioctl_compat_pre(zc, &vec, cflag);
4961 error = zfs_ioc_vec[vec].zvec_secpolicy(zc, td->td_ucred);
4964 * Ensure that all pool/dataset names are valid before we pass down to
4968 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
4969 zc->zc_iflags = flag & FKIOCTL;
4970 switch (zfs_ioc_vec[vec].zvec_namecheck) {
4972 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
4974 if (zfs_ioc_vec[vec].zvec_pool_check)
4975 error = pool_status_check(zc->zc_name,
4976 zfs_ioc_vec[vec].zvec_namecheck);
4980 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
4982 if (zfs_ioc_vec[vec].zvec_pool_check)
4983 error = pool_status_check(zc->zc_name,
4984 zfs_ioc_vec[vec].zvec_namecheck);
4993 error = zfs_ioc_vec[vec].zvec_func(zc);
4996 if (zfs_ioc_vec[vec].zvec_his_log)
4997 zfs_log_history(zc);
5000 if (cflag != ZFS_CMD_COMPAT_NONE) {
5001 zfs_ioctl_compat_post(zc, ZFS_IOC(cmd), cflag);
5002 zfs_cmd_compat_put(zc, addr, cflag);
5003 kmem_free(zc, sizeof(zfs_cmd_t));
5011 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
5013 if (cmd != DDI_ATTACH)
5014 return (DDI_FAILURE);
5016 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
5017 DDI_PSEUDO, 0) == DDI_FAILURE)
5018 return (DDI_FAILURE);
5022 ddi_report_dev(dip);
5024 return (DDI_SUCCESS);
5028 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5030 if (spa_busy() || zfs_busy() || zvol_busy())
5031 return (DDI_FAILURE);
5033 if (cmd != DDI_DETACH)
5034 return (DDI_FAILURE);
5038 ddi_prop_remove_all(dip);
5039 ddi_remove_minor_node(dip, NULL);
5041 return (DDI_SUCCESS);
5046 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
5049 case DDI_INFO_DEVT2DEVINFO:
5051 return (DDI_SUCCESS);
5053 case DDI_INFO_DEVT2INSTANCE:
5054 *result = (void *)0;
5055 return (DDI_SUCCESS);
5058 return (DDI_FAILURE);
5063 * OK, so this is a little weird.
5065 * /dev/zfs is the control node, i.e. minor 0.
5066 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
5068 * /dev/zfs has basically nothing to do except serve up ioctls,
5069 * so most of the standard driver entry points are in zvol.c.
5072 static struct cb_ops zfs_cb_ops = {
5073 zfsdev_open, /* open */
5074 zfsdev_close, /* close */
5075 zvol_strategy, /* strategy */
5077 zvol_dump, /* dump */
5078 zvol_read, /* read */
5079 zvol_write, /* write */
5080 zfsdev_ioctl, /* ioctl */
5084 nochpoll, /* poll */
5085 ddi_prop_op, /* prop_op */
5086 NULL, /* streamtab */
5087 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
5088 CB_REV, /* version */
5089 nodev, /* async read */
5090 nodev, /* async write */
5093 static struct dev_ops zfs_dev_ops = {
5094 DEVO_REV, /* version */
5096 zfs_info, /* info */
5097 nulldev, /* identify */
5098 nulldev, /* probe */
5099 zfs_attach, /* attach */
5100 zfs_detach, /* detach */
5102 &zfs_cb_ops, /* driver operations */
5103 NULL, /* no bus operations */
5105 ddi_quiesce_not_needed, /* quiesce */
5108 static struct modldrv zfs_modldrv = {
5114 static struct modlinkage modlinkage = {
5116 (void *)&zfs_modlfs,
5117 (void *)&zfs_modldrv,
5122 static struct cdevsw zfs_cdevsw = {
5123 .d_version = D_VERSION,
5124 .d_open = zfsdev_open,
5125 .d_ioctl = zfsdev_ioctl,
5126 .d_name = ZFS_DEV_NAME
5132 zfsdev = make_dev(&zfs_cdevsw, 0x0, UID_ROOT, GID_OPERATOR, 0666,
5140 destroy_dev(zfsdev);
5143 static struct root_hold_token *zfs_root_token;
5144 struct proc *zfsproc;
5146 uint_t zfs_fsyncer_key;
5147 extern uint_t rrw_tsd_key;
5155 spa_init(FREAD | FWRITE);
5159 if ((error = mod_install(&modlinkage)) != 0) {
5166 tsd_create(&zfs_fsyncer_key, NULL);
5167 tsd_create(&rrw_tsd_key, NULL);
5169 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
5171 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5181 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
5184 if ((error = mod_remove(&modlinkage)) != 0)
5190 if (zfs_nfsshare_inited)
5191 (void) ddi_modclose(nfs_mod);
5192 if (zfs_smbshare_inited)
5193 (void) ddi_modclose(smbsrv_mod);
5194 if (zfs_nfsshare_inited || zfs_smbshare_inited)
5195 (void) ddi_modclose(sharefs_mod);
5197 tsd_destroy(&zfs_fsyncer_key);
5198 ldi_ident_release(zfs_li);
5200 mutex_destroy(&zfs_share_lock);
5206 _info(struct modinfo *modinfop)
5208 return (mod_info(&modlinkage, modinfop));
5213 zfs_modevent(module_t mod, int type, void *unused __unused)
5219 zfs_root_token = root_mount_hold("ZFS");
5221 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5223 spa_init(FREAD | FWRITE);
5227 tsd_create(&zfs_fsyncer_key, NULL);
5228 tsd_create(&rrw_tsd_key, NULL);
5230 printf("ZFS storage pool version " SPA_VERSION_STRING "\n");
5231 root_mount_rel(zfs_root_token);
5236 if (spa_busy() || zfs_busy() || zvol_busy() ||
5237 zio_injection_enabled) {
5247 tsd_destroy(&zfs_fsyncer_key);
5248 tsd_destroy(&rrw_tsd_key);
5250 mutex_destroy(&zfs_share_lock);
5259 static moduledata_t zfs_mod = {
5264 DECLARE_MODULE(zfsctrl, zfs_mod, SI_SUB_VFS, SI_ORDER_ANY);
5265 MODULE_DEPEND(zfsctrl, opensolaris, 1, 1, 1);
5266 MODULE_DEPEND(zfsctrl, krpc, 1, 1, 1);
projects / FreeBSD / releng / 9.0.git / blob