1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
24 * Copyright (c) 2014 Integros [integros.com]
25 * Copyright 2016 Nexenta Systems, Inc. All rights reserved.
26 * Copyright 2019 Joyent, Inc.
27 * Copyright 2020 Joshua M. Clulow <josh@sysmgr.org>
28 * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
29 * Copyright 2024 Oxide Computer Company
30 */
31
32 /* Portions Copyright 2010 Robert Milkowski */
33
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/systm.h>
37 #include <sys/sysmacros.h>
38 #include <sys/kmem.h>
39 #include <sys/pathname.h>
40 #include <sys/vnode.h>
41 #include <sys/vfs.h>
42 #include <sys/vfs_opreg.h>
43 #include <sys/mntent.h>
44 #include <sys/mount.h>
45 #include <sys/cmn_err.h>
46 #include "fs/fs_subr.h"
47 #include <sys/zfs_znode.h>
48 #include <sys/zfs_dir.h>
49 #include <sys/zil.h>
50 #include <sys/fs/zfs.h>
51 #include <sys/dmu.h>
52 #include <sys/dsl_prop.h>
53 #include <sys/dsl_dataset.h>
54 #include <sys/dsl_deleg.h>
55 #include <sys/spa.h>
56 #include <sys/zap.h>
57 #include <sys/sa.h>
58 #include <sys/sa_impl.h>
59 #include <sys/varargs.h>
60 #include <sys/policy.h>
61 #include <sys/atomic.h>
62 #include <sys/mkdev.h>
63 #include <sys/modctl.h>
64 #include <sys/refstr.h>
65 #include <sys/zfs_ioctl.h>
66 #include <sys/zfs_ctldir.h>
67 #include <sys/zfs_fuid.h>
68 #include <sys/bootconf.h>
69 #include <sys/ddi.h>
70 #include <sys/sunddi.h>
71 #include <sys/dnlc.h>
72 #include <sys/dmu_objset.h>
73 #include <sys/spa_boot.h>
74 #include <sys/vdev_impl.h>
75 #include "zfs_comutil.h"
76
77 int zfsfstype;
78 vfsops_t *zfs_vfsops = NULL;
79 static major_t zfs_major;
80 static minor_t zfs_minor;
81 static kmutex_t zfs_dev_mtx;
82
83 extern int sys_shutdown;
84
85 static int zfs_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr);
86 static int zfs_umount(vfs_t *vfsp, int fflag, cred_t *cr);
87 static int zfs_mountroot(vfs_t *vfsp, enum whymountroot);
88 static int zfs_root(vfs_t *vfsp, vnode_t **vpp);
89 static int zfs_statvfs(vfs_t *vfsp, struct statvfs64 *statp);
90 static int zfs_vget(vfs_t *vfsp, vnode_t **vpp, fid_t *fidp);
91 static void zfs_freevfs(vfs_t *vfsp);
92 static int zfs_syncfs(vfs_t *vfsp, uint64_t flags, cred_t *cr);
93
94 static const fs_operation_def_t zfs_vfsops_template[] = {
95 VFSNAME_MOUNT, { .vfs_mount = zfs_mount },
96 VFSNAME_MOUNTROOT, { .vfs_mountroot = zfs_mountroot },
97 VFSNAME_UNMOUNT, { .vfs_unmount = zfs_umount },
98 VFSNAME_ROOT, { .vfs_root = zfs_root },
99 VFSNAME_STATVFS, { .vfs_statvfs = zfs_statvfs },
100 VFSNAME_SYNC, { .vfs_sync = zfs_sync },
101 VFSNAME_VGET, { .vfs_vget = zfs_vget },
102 VFSNAME_FREEVFS, { .vfs_freevfs = zfs_freevfs },
103 VFSNAME_SYNCFS, { .vfs_syncfs = zfs_syncfs },
104 NULL, NULL
105 };
106
107 /*
108 * We need to keep a count of active fs's.
109 * This is necessary to prevent our module
110 * from being unloaded after a umount -f
111 */
112 static uint32_t zfs_active_fs_count = 0;
113
114 static char *noatime_cancel[] = { MNTOPT_ATIME, NULL };
115 static char *atime_cancel[] = { MNTOPT_NOATIME, NULL };
116 static char *noxattr_cancel[] = { MNTOPT_XATTR, NULL };
117 static char *xattr_cancel[] = { MNTOPT_NOXATTR, NULL };
118
119 /*
120 * MO_DEFAULT is not used since the default value is determined
121 * by the equivalent property.
122 */
123 static mntopt_t mntopts[] = {
124 { MNTOPT_NOXATTR, noxattr_cancel, NULL, 0, NULL },
125 { MNTOPT_XATTR, xattr_cancel, NULL, 0, NULL },
126 { MNTOPT_NOATIME, noatime_cancel, NULL, 0, NULL },
127 { MNTOPT_ATIME, atime_cancel, NULL, 0, NULL }
128 };
129
130 static mntopts_t zfs_mntopts = {
131 sizeof (mntopts) / sizeof (mntopt_t),
132 mntopts
133 };
134
135 /*ARGSUSED*/
136 int
zfs_sync(vfs_t * vfsp,short flag,cred_t * cr)137 zfs_sync(vfs_t *vfsp, short flag, cred_t *cr)
138 {
139 /*
140 * Data integrity is job one. We don't want a compromised kernel
141 * writing to the storage pool, so we never sync during panic.
142 */
143 if (panicstr)
144 return (0);
145
146 /*
147 * SYNC_ATTR is used by fsflush() to force old filesystems like UFS
148 * to sync metadata, which they would otherwise cache indefinitely.
149 * Semantically, the only requirement is that the sync be initiated.
150 * The DMU syncs out txgs frequently, so there's nothing to do.
151 */
152 if (flag & SYNC_ATTR)
153 return (0);
154
155 if (vfsp != NULL) {
156 /*
157 * Sync a specific filesystem.
158 */
159 zfsvfs_t *zfsvfs = vfsp->vfs_data;
160 dsl_pool_t *dp;
161
162 ZFS_ENTER(zfsvfs);
163 dp = dmu_objset_pool(zfsvfs->z_os);
164
165 /*
166 * If the system is shutting down, then skip any
167 * filesystems which may exist on a suspended pool.
168 */
169 if (sys_shutdown && spa_suspended(dp->dp_spa)) {
170 ZFS_EXIT(zfsvfs);
171 return (0);
172 }
173
174 if (zfsvfs->z_log != NULL)
175 zil_commit(zfsvfs->z_log, 0);
176
177 ZFS_EXIT(zfsvfs);
178 } else {
179 /*
180 * Sync all ZFS filesystems. This is what happens when you
181 * run sync(8). Unlike other filesystems, ZFS honors the
182 * request by waiting for all pools to commit all dirty data.
183 */
184 spa_sync_allpools();
185 }
186
187 return (0);
188 }
189
190 /*
191 * This is a synchronous request to sync all file system data out.
192 */
193 static int
zfs_syncfs(vfs_t * vfsp,uint64_t flags,cred_t * cr)194 zfs_syncfs(vfs_t *vfsp, uint64_t flags, cred_t *cr)
195 {
196 if (flags != 0) {
197 return (ENOTSUP);
198 }
199
200 return (zfs_sync(vfsp, 0, cr));
201 }
202
203 static int
zfs_create_unique_device(dev_t * dev)204 zfs_create_unique_device(dev_t *dev)
205 {
206 major_t new_major;
207
208 do {
209 ASSERT3U(zfs_minor, <=, MAXMIN32);
210 minor_t start = zfs_minor;
211 do {
212 mutex_enter(&zfs_dev_mtx);
213 if (zfs_minor >= MAXMIN32) {
214 /*
215 * If we're still using the real major
216 * keep out of /dev/zfs and /dev/zvol minor
217 * number space. If we're using a getudev()'ed
218 * major number, we can use all of its minors.
219 */
220 if (zfs_major == ddi_name_to_major(ZFS_DRIVER))
221 zfs_minor = ZFS_MIN_MINOR;
222 else
223 zfs_minor = 0;
224 } else {
225 zfs_minor++;
226 }
227 *dev = makedevice(zfs_major, zfs_minor);
228 mutex_exit(&zfs_dev_mtx);
229 } while (vfs_devismounted(*dev) && zfs_minor != start);
230 if (zfs_minor == start) {
231 /*
232 * We are using all ~262,000 minor numbers for the
233 * current major number. Create a new major number.
234 */
235 if ((new_major = getudev()) == (major_t)-1) {
236 cmn_err(CE_WARN,
237 "zfs_mount: Can't get unique major "
238 "device number.");
239 return (-1);
240 }
241 mutex_enter(&zfs_dev_mtx);
242 zfs_major = new_major;
243 zfs_minor = 0;
244
245 mutex_exit(&zfs_dev_mtx);
246 } else {
247 break;
248 }
249 /* CONSTANTCONDITION */
250 } while (1);
251
252 return (0);
253 }
254
255 static void
atime_changed_cb(void * arg,uint64_t newval)256 atime_changed_cb(void *arg, uint64_t newval)
257 {
258 zfsvfs_t *zfsvfs = arg;
259
260 if (newval == TRUE) {
261 zfsvfs->z_atime = TRUE;
262 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NOATIME);
263 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_ATIME, NULL, 0);
264 } else {
265 zfsvfs->z_atime = FALSE;
266 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_ATIME);
267 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NOATIME, NULL, 0);
268 }
269 }
270
271 static void
xattr_changed_cb(void * arg,uint64_t newval)272 xattr_changed_cb(void *arg, uint64_t newval)
273 {
274 zfsvfs_t *zfsvfs = arg;
275
276 if (newval == TRUE) {
277 /* XXX locking on vfs_flag? */
278 zfsvfs->z_vfs->vfs_flag |= VFS_XATTR;
279 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NOXATTR);
280 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_XATTR, NULL, 0);
281 } else {
282 /* XXX locking on vfs_flag? */
283 zfsvfs->z_vfs->vfs_flag &= ~VFS_XATTR;
284 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_XATTR);
285 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NOXATTR, NULL, 0);
286 }
287 }
288
289 static void
blksz_changed_cb(void * arg,uint64_t newval)290 blksz_changed_cb(void *arg, uint64_t newval)
291 {
292 zfsvfs_t *zfsvfs = arg;
293 ASSERT3U(newval, <=, spa_maxblocksize(dmu_objset_spa(zfsvfs->z_os)));
294 ASSERT3U(newval, >=, SPA_MINBLOCKSIZE);
295 ASSERT(ISP2(newval));
296
297 zfsvfs->z_max_blksz = newval;
298 zfsvfs->z_vfs->vfs_bsize = newval;
299 }
300
301 static void
readonly_changed_cb(void * arg,uint64_t newval)302 readonly_changed_cb(void *arg, uint64_t newval)
303 {
304 zfsvfs_t *zfsvfs = arg;
305
306 if (newval) {
307 /* XXX locking on vfs_flag? */
308 zfsvfs->z_vfs->vfs_flag |= VFS_RDONLY;
309 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_RW);
310 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_RO, NULL, 0);
311 } else {
312 /* XXX locking on vfs_flag? */
313 zfsvfs->z_vfs->vfs_flag &= ~VFS_RDONLY;
314 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_RO);
315 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_RW, NULL, 0);
316 }
317 }
318
319 static void
devices_changed_cb(void * arg,uint64_t newval)320 devices_changed_cb(void *arg, uint64_t newval)
321 {
322 zfsvfs_t *zfsvfs = arg;
323
324 if (newval == FALSE) {
325 zfsvfs->z_vfs->vfs_flag |= VFS_NODEVICES;
326 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_DEVICES);
327 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NODEVICES, NULL, 0);
328 } else {
329 zfsvfs->z_vfs->vfs_flag &= ~VFS_NODEVICES;
330 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NODEVICES);
331 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_DEVICES, NULL, 0);
332 }
333 }
334
335 static void
setuid_changed_cb(void * arg,uint64_t newval)336 setuid_changed_cb(void *arg, uint64_t newval)
337 {
338 zfsvfs_t *zfsvfs = arg;
339
340 if (newval == FALSE) {
341 zfsvfs->z_vfs->vfs_flag |= VFS_NOSETUID;
342 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_SETUID);
343 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NOSETUID, NULL, 0);
344 } else {
345 zfsvfs->z_vfs->vfs_flag &= ~VFS_NOSETUID;
346 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NOSETUID);
347 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_SETUID, NULL, 0);
348 }
349 }
350
351 static void
exec_changed_cb(void * arg,uint64_t newval)352 exec_changed_cb(void *arg, uint64_t newval)
353 {
354 zfsvfs_t *zfsvfs = arg;
355
356 if (newval == FALSE) {
357 zfsvfs->z_vfs->vfs_flag |= VFS_NOEXEC;
358 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_EXEC);
359 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NOEXEC, NULL, 0);
360 } else {
361 zfsvfs->z_vfs->vfs_flag &= ~VFS_NOEXEC;
362 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NOEXEC);
363 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_EXEC, NULL, 0);
364 }
365 }
366
367 /*
368 * The nbmand mount option can be changed at mount time.
369 * We can't allow it to be toggled on live file systems or incorrect
370 * behavior may be seen from cifs clients
371 *
372 * This property isn't registered via dsl_prop_register(), but this callback
373 * will be called when a file system is first mounted
374 */
375 static void
nbmand_changed_cb(void * arg,uint64_t newval)376 nbmand_changed_cb(void *arg, uint64_t newval)
377 {
378 zfsvfs_t *zfsvfs = arg;
379 if (newval == FALSE) {
380 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NBMAND);
381 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NONBMAND, NULL, 0);
382 } else {
383 vfs_clearmntopt(zfsvfs->z_vfs, MNTOPT_NONBMAND);
384 vfs_setmntopt(zfsvfs->z_vfs, MNTOPT_NBMAND, NULL, 0);
385 }
386 }
387
388 static void
snapdir_changed_cb(void * arg,uint64_t newval)389 snapdir_changed_cb(void *arg, uint64_t newval)
390 {
391 zfsvfs_t *zfsvfs = arg;
392
393 zfsvfs->z_show_ctldir = newval;
394 }
395
396 static void
vscan_changed_cb(void * arg,uint64_t newval)397 vscan_changed_cb(void *arg, uint64_t newval)
398 {
399 zfsvfs_t *zfsvfs = arg;
400
401 zfsvfs->z_vscan = newval;
402 }
403
404 static void
acl_mode_changed_cb(void * arg,uint64_t newval)405 acl_mode_changed_cb(void *arg, uint64_t newval)
406 {
407 zfsvfs_t *zfsvfs = arg;
408
409 zfsvfs->z_acl_mode = newval;
410 }
411
412 static void
acl_inherit_changed_cb(void * arg,uint64_t newval)413 acl_inherit_changed_cb(void *arg, uint64_t newval)
414 {
415 zfsvfs_t *zfsvfs = arg;
416
417 zfsvfs->z_acl_inherit = newval;
418 }
419
420 static void
acl_implicit_changed_cb(void * arg,uint64_t newval)421 acl_implicit_changed_cb(void *arg, uint64_t newval)
422 {
423 zfsvfs_t *zfsvfs = arg;
424
425 zfsvfs->z_acl_implicit = (boolean_t)newval;
426 }
427
428 static int
zfs_register_callbacks(vfs_t * vfsp)429 zfs_register_callbacks(vfs_t *vfsp)
430 {
431 struct dsl_dataset *ds = NULL;
432 objset_t *os = NULL;
433 zfsvfs_t *zfsvfs = NULL;
434 uint64_t nbmand;
435 boolean_t readonly = B_FALSE;
436 boolean_t do_readonly = B_FALSE;
437 boolean_t setuid = B_FALSE;
438 boolean_t do_setuid = B_FALSE;
439 boolean_t exec = B_FALSE;
440 boolean_t do_exec = B_FALSE;
441 boolean_t devices = B_FALSE;
442 boolean_t do_devices = B_FALSE;
443 boolean_t xattr = B_FALSE;
444 boolean_t do_xattr = B_FALSE;
445 boolean_t atime = B_FALSE;
446 boolean_t do_atime = B_FALSE;
447 int error = 0;
448
449 ASSERT(vfsp);
450 zfsvfs = vfsp->vfs_data;
451 ASSERT(zfsvfs);
452 os = zfsvfs->z_os;
453
454 /*
455 * The act of registering our callbacks will destroy any mount
456 * options we may have. In order to enable temporary overrides
457 * of mount options, we stash away the current values and
458 * restore them after we register the callbacks.
459 */
460 if (vfs_optionisset(vfsp, MNTOPT_RO, NULL) ||
461 !spa_writeable(dmu_objset_spa(os))) {
462 readonly = B_TRUE;
463 do_readonly = B_TRUE;
464 } else if (vfs_optionisset(vfsp, MNTOPT_RW, NULL)) {
465 readonly = B_FALSE;
466 do_readonly = B_TRUE;
467 }
468 if (vfs_optionisset(vfsp, MNTOPT_NOSUID, NULL)) {
469 devices = B_FALSE;
470 setuid = B_FALSE;
471 do_devices = B_TRUE;
472 do_setuid = B_TRUE;
473 } else {
474 if (vfs_optionisset(vfsp, MNTOPT_NODEVICES, NULL)) {
475 devices = B_FALSE;
476 do_devices = B_TRUE;
477 } else if (vfs_optionisset(vfsp, MNTOPT_DEVICES, NULL)) {
478 devices = B_TRUE;
479 do_devices = B_TRUE;
480 }
481
482 if (vfs_optionisset(vfsp, MNTOPT_NOSETUID, NULL)) {
483 setuid = B_FALSE;
484 do_setuid = B_TRUE;
485 } else if (vfs_optionisset(vfsp, MNTOPT_SETUID, NULL)) {
486 setuid = B_TRUE;
487 do_setuid = B_TRUE;
488 }
489 }
490 if (vfs_optionisset(vfsp, MNTOPT_NOEXEC, NULL)) {
491 exec = B_FALSE;
492 do_exec = B_TRUE;
493 } else if (vfs_optionisset(vfsp, MNTOPT_EXEC, NULL)) {
494 exec = B_TRUE;
495 do_exec = B_TRUE;
496 }
497 if (vfs_optionisset(vfsp, MNTOPT_NOXATTR, NULL)) {
498 xattr = B_FALSE;
499 do_xattr = B_TRUE;
500 } else if (vfs_optionisset(vfsp, MNTOPT_XATTR, NULL)) {
501 xattr = B_TRUE;
502 do_xattr = B_TRUE;
503 }
504 if (vfs_optionisset(vfsp, MNTOPT_NOATIME, NULL)) {
505 atime = B_FALSE;
506 do_atime = B_TRUE;
507 } else if (vfs_optionisset(vfsp, MNTOPT_ATIME, NULL)) {
508 atime = B_TRUE;
509 do_atime = B_TRUE;
510 }
511
512 /*
513 * nbmand is a special property. It can only be changed at
514 * mount time.
515 *
516 * This is weird, but it is documented to only be changeable
517 * at mount time.
518 */
519 if (vfs_optionisset(vfsp, MNTOPT_NONBMAND, NULL)) {
520 nbmand = B_FALSE;
521 } else if (vfs_optionisset(vfsp, MNTOPT_NBMAND, NULL)) {
522 nbmand = B_TRUE;
523 } else {
524 char osname[ZFS_MAX_DATASET_NAME_LEN];
525
526 dmu_objset_name(os, osname);
527 if (error = dsl_prop_get_integer(osname, "nbmand", &nbmand,
528 NULL)) {
529 return (error);
530 }
531 }
532
533 /*
534 * Register property callbacks.
535 *
536 * It would probably be fine to just check for i/o error from
537 * the first prop_register(), but I guess I like to go
538 * overboard...
539 */
540 ds = dmu_objset_ds(os);
541 dsl_pool_config_enter(dmu_objset_pool(os), FTAG);
542 error = dsl_prop_register(ds,
543 zfs_prop_to_name(ZFS_PROP_ATIME), atime_changed_cb, zfsvfs);
544 error = error ? error : dsl_prop_register(ds,
545 zfs_prop_to_name(ZFS_PROP_XATTR), xattr_changed_cb, zfsvfs);
546 error = error ? error : dsl_prop_register(ds,
547 zfs_prop_to_name(ZFS_PROP_RECORDSIZE), blksz_changed_cb, zfsvfs);
548 error = error ? error : dsl_prop_register(ds,
549 zfs_prop_to_name(ZFS_PROP_READONLY), readonly_changed_cb, zfsvfs);
550 error = error ? error : dsl_prop_register(ds,
551 zfs_prop_to_name(ZFS_PROP_DEVICES), devices_changed_cb, zfsvfs);
552 error = error ? error : dsl_prop_register(ds,
553 zfs_prop_to_name(ZFS_PROP_SETUID), setuid_changed_cb, zfsvfs);
554 error = error ? error : dsl_prop_register(ds,
555 zfs_prop_to_name(ZFS_PROP_EXEC), exec_changed_cb, zfsvfs);
556 error = error ? error : dsl_prop_register(ds,
557 zfs_prop_to_name(ZFS_PROP_SNAPDIR), snapdir_changed_cb, zfsvfs);
558 error = error ? error : dsl_prop_register(ds,
559 zfs_prop_to_name(ZFS_PROP_ACLMODE), acl_mode_changed_cb, zfsvfs);
560 error = error ? error : dsl_prop_register(ds,
561 zfs_prop_to_name(ZFS_PROP_ACLINHERIT), acl_inherit_changed_cb,
562 zfsvfs);
563 error = error ? error : dsl_prop_register(ds,
564 zfs_prop_to_name(ZFS_PROP_ACLIMPLICIT),
565 acl_implicit_changed_cb, zfsvfs);
566 error = error ? error : dsl_prop_register(ds,
567 zfs_prop_to_name(ZFS_PROP_VSCAN), vscan_changed_cb, zfsvfs);
568 dsl_pool_config_exit(dmu_objset_pool(os), FTAG);
569 if (error)
570 goto unregister;
571
572 /*
573 * Invoke our callbacks to restore temporary mount options.
574 */
575 if (do_readonly)
576 readonly_changed_cb(zfsvfs, readonly);
577 if (do_setuid)
578 setuid_changed_cb(zfsvfs, setuid);
579 if (do_exec)
580 exec_changed_cb(zfsvfs, exec);
581 if (do_devices)
582 devices_changed_cb(zfsvfs, devices);
583 if (do_xattr)
584 xattr_changed_cb(zfsvfs, xattr);
585 if (do_atime)
586 atime_changed_cb(zfsvfs, atime);
587
588 nbmand_changed_cb(zfsvfs, nbmand);
589
590 return (0);
591
592 unregister:
593 dsl_prop_unregister_all(ds, zfsvfs);
594 return (error);
595 }
596
597 static int
zfs_space_delta_cb(dmu_object_type_t bonustype,void * data,uint64_t * userp,uint64_t * groupp,uint64_t * projectp)598 zfs_space_delta_cb(dmu_object_type_t bonustype, void *data,
599 uint64_t *userp, uint64_t *groupp, uint64_t *projectp)
600 {
601 sa_hdr_phys_t sa;
602 sa_hdr_phys_t *sap = data;
603 uint64_t flags;
604 int hdrsize;
605 boolean_t swap = B_FALSE;
606
607 /*
608 * Is it a valid type of object to track?
609 */
610 if (bonustype != DMU_OT_ZNODE && bonustype != DMU_OT_SA)
611 return (SET_ERROR(ENOENT));
612
613 /*
614 * If we have a NULL data pointer
615 * then assume the id's aren't changing and
616 * return EEXIST to the dmu to let it know to
617 * use the same ids
618 */
619 if (data == NULL)
620 return (SET_ERROR(EEXIST));
621
622 if (bonustype == DMU_OT_ZNODE) {
623 znode_phys_t *znp = data;
624 *userp = znp->zp_uid;
625 *groupp = znp->zp_gid;
626 *projectp = ZFS_DEFAULT_PROJID;
627 return (0);
628 }
629
630 if (sap->sa_magic == 0) {
631 /*
632 * This should only happen for newly created files
633 * that haven't had the znode data filled in yet.
634 */
635 *userp = 0;
636 *groupp = 0;
637 *projectp = ZFS_DEFAULT_PROJID;
638 return (0);
639 }
640
641 sa = *sap;
642 if (sa.sa_magic == BSWAP_32(SA_MAGIC)) {
643 sa.sa_magic = SA_MAGIC;
644 sa.sa_layout_info = BSWAP_16(sa.sa_layout_info);
645 swap = B_TRUE;
646 } else {
647 VERIFY3U(sa.sa_magic, ==, SA_MAGIC);
648 }
649
650 hdrsize = sa_hdrsize(&sa);
651 VERIFY3U(hdrsize, >=, sizeof (sa_hdr_phys_t));
652
653 *userp = *((uint64_t *)((uintptr_t)data + hdrsize + SA_UID_OFFSET));
654 *groupp = *((uint64_t *)((uintptr_t)data + hdrsize + SA_GID_OFFSET));
655 flags = *((uint64_t *)((uintptr_t)data + hdrsize + SA_FLAGS_OFFSET));
656 if (swap)
657 flags = BSWAP_64(flags);
658
659 if (flags & ZFS_PROJID)
660 *projectp = *((uint64_t *)((uintptr_t)data + hdrsize +
661 SA_PROJID_OFFSET));
662 else
663 *projectp = ZFS_DEFAULT_PROJID;
664
665 if (swap) {
666 *userp = BSWAP_64(*userp);
667 *groupp = BSWAP_64(*groupp);
668 *projectp = BSWAP_64(*projectp);
669 }
670 return (0);
671 }
672
673 static void
fuidstr_to_sid(zfsvfs_t * zfsvfs,const char * fuidstr,char * domainbuf,int buflen,uid_t * ridp)674 fuidstr_to_sid(zfsvfs_t *zfsvfs, const char *fuidstr,
675 char *domainbuf, int buflen, uid_t *ridp)
676 {
677 uint64_t fuid;
678 const char *domain;
679
680 fuid = zfs_strtonum(fuidstr, NULL);
681
682 domain = zfs_fuid_find_by_idx(zfsvfs, FUID_INDEX(fuid));
683 if (domain)
684 (void) strlcpy(domainbuf, domain, buflen);
685 else
686 domainbuf[0] = '\0';
687 *ridp = FUID_RID(fuid);
688 }
689
690 static uint64_t
zfs_userquota_prop_to_obj(zfsvfs_t * zfsvfs,zfs_userquota_prop_t type)691 zfs_userquota_prop_to_obj(zfsvfs_t *zfsvfs, zfs_userquota_prop_t type)
692 {
693 switch (type) {
694 case ZFS_PROP_USERUSED:
695 case ZFS_PROP_USEROBJUSED:
696 return (DMU_USERUSED_OBJECT);
697 case ZFS_PROP_GROUPUSED:
698 case ZFS_PROP_GROUPOBJUSED:
699 return (DMU_GROUPUSED_OBJECT);
700 case ZFS_PROP_PROJECTUSED:
701 case ZFS_PROP_PROJECTOBJUSED:
702 return (DMU_PROJECTUSED_OBJECT);
703 case ZFS_PROP_USERQUOTA:
704 return (zfsvfs->z_userquota_obj);
705 case ZFS_PROP_GROUPQUOTA:
706 return (zfsvfs->z_groupquota_obj);
707 case ZFS_PROP_USEROBJQUOTA:
708 return (zfsvfs->z_userobjquota_obj);
709 case ZFS_PROP_GROUPOBJQUOTA:
710 return (zfsvfs->z_groupobjquota_obj);
711 case ZFS_PROP_PROJECTQUOTA:
712 return (zfsvfs->z_projectquota_obj);
713 case ZFS_PROP_PROJECTOBJQUOTA:
714 return (zfsvfs->z_projectobjquota_obj);
715 default:
716 return (ZFS_NO_OBJECT);
717 }
718 }
719
720 int
zfs_userspace_many(zfsvfs_t * zfsvfs,zfs_userquota_prop_t type,uint64_t * cookiep,void * vbuf,uint64_t * bufsizep)721 zfs_userspace_many(zfsvfs_t *zfsvfs, zfs_userquota_prop_t type,
722 uint64_t *cookiep, void *vbuf, uint64_t *bufsizep)
723 {
724 int error;
725 zap_cursor_t zc;
726 zap_attribute_t za;
727 zfs_useracct_t *buf = vbuf;
728 uint64_t obj;
729 int offset = 0;
730
731 if (!dmu_objset_userspace_present(zfsvfs->z_os))
732 return (SET_ERROR(ENOTSUP));
733
734 if ((type == ZFS_PROP_PROJECTQUOTA || type == ZFS_PROP_PROJECTUSED ||
735 type == ZFS_PROP_PROJECTOBJQUOTA ||
736 type == ZFS_PROP_PROJECTOBJUSED) &&
737 !dmu_objset_projectquota_present(zfsvfs->z_os))
738 return (SET_ERROR(ENOTSUP));
739
740 if ((type == ZFS_PROP_USEROBJUSED || type == ZFS_PROP_GROUPOBJUSED ||
741 type == ZFS_PROP_USEROBJQUOTA || type == ZFS_PROP_GROUPOBJQUOTA ||
742 type == ZFS_PROP_PROJECTOBJUSED ||
743 type == ZFS_PROP_PROJECTOBJQUOTA) &&
744 !dmu_objset_userobjspace_present(zfsvfs->z_os))
745 return (SET_ERROR(ENOTSUP));
746
747 obj = zfs_userquota_prop_to_obj(zfsvfs, type);
748 if (obj == ZFS_NO_OBJECT) {
749 *bufsizep = 0;
750 return (0);
751 }
752
753 if (type == ZFS_PROP_USEROBJUSED || type == ZFS_PROP_GROUPOBJUSED ||
754 type == ZFS_PROP_PROJECTOBJUSED)
755 offset = DMU_OBJACCT_PREFIX_LEN;
756
757 for (zap_cursor_init_serialized(&zc, zfsvfs->z_os, obj, *cookiep);
758 (error = zap_cursor_retrieve(&zc, &za)) == 0;
759 zap_cursor_advance(&zc)) {
760 if ((uintptr_t)buf - (uintptr_t)vbuf + sizeof (zfs_useracct_t) >
761 *bufsizep)
762 break;
763
764 /*
765 * skip object quota (with zap name prefix DMU_OBJACCT_PREFIX)
766 * when dealing with block quota and vice versa.
767 */
768 if ((offset > 0) != (strncmp(za.za_name, DMU_OBJACCT_PREFIX,
769 DMU_OBJACCT_PREFIX_LEN) == 0))
770 continue;
771
772 fuidstr_to_sid(zfsvfs, za.za_name + offset,
773 buf->zu_domain, sizeof (buf->zu_domain), &buf->zu_rid);
774
775 buf->zu_space = za.za_first_integer;
776 buf++;
777 }
778 if (error == ENOENT)
779 error = 0;
780
781 ASSERT3U((uintptr_t)buf - (uintptr_t)vbuf, <=, *bufsizep);
782 *bufsizep = (uintptr_t)buf - (uintptr_t)vbuf;
783 *cookiep = zap_cursor_serialize(&zc);
784 zap_cursor_fini(&zc);
785 return (error);
786 }
787
788 /*
789 * buf must be big enough (eg, 32 bytes)
790 */
791 static int
id_to_fuidstr(zfsvfs_t * zfsvfs,const char * domain,uid_t rid,char * buf,boolean_t addok)792 id_to_fuidstr(zfsvfs_t *zfsvfs, const char *domain, uid_t rid,
793 char *buf, boolean_t addok)
794 {
795 uint64_t fuid;
796 int domainid = 0;
797
798 if (domain && domain[0]) {
799 domainid = zfs_fuid_find_by_domain(zfsvfs, domain, NULL, addok);
800 if (domainid == -1)
801 return (SET_ERROR(ENOENT));
802 }
803 fuid = FUID_ENCODE(domainid, rid);
804 (void) sprintf(buf, "%llx", (longlong_t)fuid);
805 return (0);
806 }
807
808 int
zfs_userspace_one(zfsvfs_t * zfsvfs,zfs_userquota_prop_t type,const char * domain,uint64_t rid,uint64_t * valp)809 zfs_userspace_one(zfsvfs_t *zfsvfs, zfs_userquota_prop_t type,
810 const char *domain, uint64_t rid, uint64_t *valp)
811 {
812 char buf[20 + DMU_OBJACCT_PREFIX_LEN];
813 int offset = 0;
814 int err;
815 uint64_t obj;
816
817 *valp = 0;
818
819 if (!dmu_objset_userspace_present(zfsvfs->z_os))
820 return (SET_ERROR(ENOTSUP));
821
822 if ((type == ZFS_PROP_USEROBJUSED || type == ZFS_PROP_GROUPOBJUSED ||
823 type == ZFS_PROP_USEROBJQUOTA || type == ZFS_PROP_GROUPOBJQUOTA ||
824 type == ZFS_PROP_PROJECTOBJUSED ||
825 type == ZFS_PROP_PROJECTOBJQUOTA) &&
826 !dmu_objset_userobjspace_present(zfsvfs->z_os))
827 return (SET_ERROR(ENOTSUP));
828
829 if (type == ZFS_PROP_PROJECTQUOTA || type == ZFS_PROP_PROJECTUSED ||
830 type == ZFS_PROP_PROJECTOBJQUOTA ||
831 type == ZFS_PROP_PROJECTOBJUSED) {
832 if (!dmu_objset_projectquota_present(zfsvfs->z_os))
833 return (SET_ERROR(ENOTSUP));
834 if (!zpl_is_valid_projid(rid))
835 return (SET_ERROR(EINVAL));
836 }
837
838 obj = zfs_userquota_prop_to_obj(zfsvfs, type);
839 if (obj == ZFS_NO_OBJECT)
840 return (0);
841
842 if (type == ZFS_PROP_USEROBJUSED || type == ZFS_PROP_GROUPOBJUSED ||
843 type == ZFS_PROP_PROJECTOBJUSED) {
844 strncpy(buf, DMU_OBJACCT_PREFIX, DMU_OBJACCT_PREFIX_LEN);
845 offset = DMU_OBJACCT_PREFIX_LEN;
846 }
847
848 err = id_to_fuidstr(zfsvfs, domain, rid, buf + offset, B_FALSE);
849 if (err)
850 return (err);
851
852 err = zap_lookup(zfsvfs->z_os, obj, buf, 8, 1, valp);
853 if (err == ENOENT)
854 err = 0;
855 return (err);
856 }
857
858 int
zfs_set_userquota(zfsvfs_t * zfsvfs,zfs_userquota_prop_t type,const char * domain,uint64_t rid,uint64_t quota)859 zfs_set_userquota(zfsvfs_t *zfsvfs, zfs_userquota_prop_t type,
860 const char *domain, uint64_t rid, uint64_t quota)
861 {
862 char buf[32];
863 int err;
864 dmu_tx_t *tx;
865 uint64_t *objp;
866 boolean_t fuid_dirtied;
867
868 if (zfsvfs->z_version < ZPL_VERSION_USERSPACE)
869 return (SET_ERROR(ENOTSUP));
870
871 switch (type) {
872 case ZFS_PROP_USERQUOTA:
873 objp = &zfsvfs->z_userquota_obj;
874 break;
875 case ZFS_PROP_GROUPQUOTA:
876 objp = &zfsvfs->z_groupquota_obj;
877 break;
878 case ZFS_PROP_USEROBJQUOTA:
879 objp = &zfsvfs->z_userobjquota_obj;
880 break;
881 case ZFS_PROP_GROUPOBJQUOTA:
882 objp = &zfsvfs->z_groupobjquota_obj;
883 break;
884 case ZFS_PROP_PROJECTQUOTA:
885 if (!dmu_objset_projectquota_enabled(zfsvfs->z_os))
886 return (SET_ERROR(ENOTSUP));
887 if (!zpl_is_valid_projid(rid))
888 return (SET_ERROR(EINVAL));
889
890 objp = &zfsvfs->z_projectquota_obj;
891 break;
892 case ZFS_PROP_PROJECTOBJQUOTA:
893 if (!dmu_objset_projectquota_enabled(zfsvfs->z_os))
894 return (SET_ERROR(ENOTSUP));
895 if (!zpl_is_valid_projid(rid))
896 return (SET_ERROR(EINVAL));
897
898 objp = &zfsvfs->z_projectobjquota_obj;
899 break;
900 default:
901 return (SET_ERROR(EINVAL));
902 }
903
904 err = id_to_fuidstr(zfsvfs, domain, rid, buf, B_TRUE);
905 if (err)
906 return (err);
907 fuid_dirtied = zfsvfs->z_fuid_dirty;
908
909 tx = dmu_tx_create(zfsvfs->z_os);
910 dmu_tx_hold_zap(tx, *objp ? *objp : DMU_NEW_OBJECT, B_TRUE, NULL);
911 if (*objp == 0) {
912 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, B_TRUE,
913 zfs_userquota_prop_prefixes[type]);
914 }
915 if (fuid_dirtied)
916 zfs_fuid_txhold(zfsvfs, tx);
917 err = dmu_tx_assign(tx, TXG_WAIT);
918 if (err) {
919 dmu_tx_abort(tx);
920 return (err);
921 }
922
923 mutex_enter(&zfsvfs->z_lock);
924 if (*objp == 0) {
925 *objp = zap_create(zfsvfs->z_os, DMU_OT_USERGROUP_QUOTA,
926 DMU_OT_NONE, 0, tx);
927 VERIFY(0 == zap_add(zfsvfs->z_os, MASTER_NODE_OBJ,
928 zfs_userquota_prop_prefixes[type], 8, 1, objp, tx));
929 }
930 mutex_exit(&zfsvfs->z_lock);
931
932 if (quota == 0) {
933 err = zap_remove(zfsvfs->z_os, *objp, buf, tx);
934 if (err == ENOENT)
935 err = 0;
936 } else {
937 err = zap_update(zfsvfs->z_os, *objp, buf, 8, 1, "a, tx);
938 }
939 ASSERT(err == 0);
940 if (fuid_dirtied)
941 zfs_fuid_sync(zfsvfs, tx);
942 dmu_tx_commit(tx);
943 return (err);
944 }
945
946 boolean_t
zfs_id_overobjquota(zfsvfs_t * zfsvfs,uint64_t usedobj,uint64_t id)947 zfs_id_overobjquota(zfsvfs_t *zfsvfs, uint64_t usedobj, uint64_t id)
948 {
949 char buf[20 + DMU_OBJACCT_PREFIX_LEN];
950 uint64_t used, quota, quotaobj;
951 int err;
952
953 if (!dmu_objset_userobjspace_present(zfsvfs->z_os)) {
954 if (dmu_objset_userobjspace_upgradable(zfsvfs->z_os)) {
955 dsl_pool_config_enter(
956 dmu_objset_pool(zfsvfs->z_os), FTAG);
957 dmu_objset_id_quota_upgrade(zfsvfs->z_os);
958 dsl_pool_config_exit(
959 dmu_objset_pool(zfsvfs->z_os), FTAG);
960 }
961 return (B_FALSE);
962 }
963
964 if (usedobj == DMU_PROJECTUSED_OBJECT) {
965 if (!dmu_objset_projectquota_present(zfsvfs->z_os)) {
966 if (dmu_objset_projectquota_upgradable(zfsvfs->z_os)) {
967 dsl_pool_config_enter(
968 dmu_objset_pool(zfsvfs->z_os), FTAG);
969 dmu_objset_id_quota_upgrade(zfsvfs->z_os);
970 dsl_pool_config_exit(
971 dmu_objset_pool(zfsvfs->z_os), FTAG);
972 }
973 return (B_FALSE);
974 }
975 quotaobj = zfsvfs->z_projectobjquota_obj;
976 } else if (usedobj == DMU_USERUSED_OBJECT) {
977 quotaobj = zfsvfs->z_userobjquota_obj;
978 } else if (usedobj == DMU_GROUPUSED_OBJECT) {
979 quotaobj = zfsvfs->z_groupobjquota_obj;
980 } else {
981 return (B_FALSE);
982 }
983 if (quotaobj == 0 || zfsvfs->z_replay)
984 return (B_FALSE);
985
986 (void) sprintf(buf, "%llx", (longlong_t)id);
987 err = zap_lookup(zfsvfs->z_os, quotaobj, buf, 8, 1, "a);
988 if (err != 0)
989 return (B_FALSE);
990
991 (void) sprintf(buf, DMU_OBJACCT_PREFIX "%llx", (longlong_t)id);
992 err = zap_lookup(zfsvfs->z_os, usedobj, buf, 8, 1, &used);
993 if (err != 0)
994 return (B_FALSE);
995 return (used >= quota);
996 }
997
998 boolean_t
zfs_id_overblockquota(zfsvfs_t * zfsvfs,uint64_t usedobj,uint64_t id)999 zfs_id_overblockquota(zfsvfs_t *zfsvfs, uint64_t usedobj, uint64_t id)
1000 {
1001 char buf[20];
1002 uint64_t used, quota, quotaobj;
1003 int err;
1004
1005 if (usedobj == DMU_PROJECTUSED_OBJECT) {
1006 if (!dmu_objset_projectquota_present(zfsvfs->z_os)) {
1007 if (dmu_objset_projectquota_upgradable(zfsvfs->z_os)) {
1008 dsl_pool_config_enter(
1009 dmu_objset_pool(zfsvfs->z_os), FTAG);
1010 dmu_objset_id_quota_upgrade(zfsvfs->z_os);
1011 dsl_pool_config_exit(
1012 dmu_objset_pool(zfsvfs->z_os), FTAG);
1013 }
1014 return (B_FALSE);
1015 }
1016 quotaobj = zfsvfs->z_projectquota_obj;
1017 } else if (usedobj == DMU_USERUSED_OBJECT) {
1018 quotaobj = zfsvfs->z_userquota_obj;
1019 } else if (usedobj == DMU_GROUPUSED_OBJECT) {
1020 quotaobj = zfsvfs->z_groupquota_obj;
1021 } else {
1022 return (B_FALSE);
1023 }
1024 if (quotaobj == 0 || zfsvfs->z_replay)
1025 return (B_FALSE);
1026
1027 (void) sprintf(buf, "%llx", (longlong_t)id);
1028 err = zap_lookup(zfsvfs->z_os, quotaobj, buf, 8, 1, "a);
1029 if (err != 0)
1030 return (B_FALSE);
1031
1032 err = zap_lookup(zfsvfs->z_os, usedobj, buf, 8, 1, &used);
1033 if (err != 0)
1034 return (B_FALSE);
1035 return (used >= quota);
1036 }
1037
1038 boolean_t
zfs_id_overquota(zfsvfs_t * zfsvfs,uint64_t usedobj,uint64_t id)1039 zfs_id_overquota(zfsvfs_t *zfsvfs, uint64_t usedobj, uint64_t id)
1040 {
1041 return (zfs_id_overblockquota(zfsvfs, usedobj, id) ||
1042 zfs_id_overobjquota(zfsvfs, usedobj, id));
1043 }
1044
1045 /*
1046 * Associate this zfsvfs with the given objset, which must be owned.
1047 * This will cache a bunch of on-disk state from the objset in the
1048 * zfsvfs.
1049 */
1050 static int
zfsvfs_init(zfsvfs_t * zfsvfs,objset_t * os)1051 zfsvfs_init(zfsvfs_t *zfsvfs, objset_t *os)
1052 {
1053 int error;
1054 uint64_t val;
1055
1056 zfsvfs->z_max_blksz = SPA_OLD_MAXBLOCKSIZE;
1057 zfsvfs->z_show_ctldir = ZFS_SNAPDIR_VISIBLE;
1058 zfsvfs->z_os = os;
1059
1060 error = zfs_get_zplprop(os, ZFS_PROP_VERSION, &zfsvfs->z_version);
1061 if (error != 0)
1062 return (error);
1063 if (zfsvfs->z_version >
1064 zfs_zpl_version_map(spa_version(dmu_objset_spa(os)))) {
1065 (void) printf("Can't mount a version %lld file system "
1066 "on a version %lld pool\n. Pool must be upgraded to mount "
1067 "this file system.", (u_longlong_t)zfsvfs->z_version,
1068 (u_longlong_t)spa_version(dmu_objset_spa(os)));
1069 return (SET_ERROR(ENOTSUP));
1070 }
1071 error = zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &val);
1072 if (error != 0)
1073 return (error);
1074 zfsvfs->z_norm = (int)val;
1075
1076 error = zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &val);
1077 if (error != 0)
1078 return (error);
1079 zfsvfs->z_utf8 = (val != 0);
1080
1081 error = zfs_get_zplprop(os, ZFS_PROP_CASE, &val);
1082 if (error != 0)
1083 return (error);
1084 zfsvfs->z_case = (uint_t)val;
1085
1086 /*
1087 * Fold case on file systems that are always or sometimes case
1088 * insensitive.
1089 */
1090 if (zfsvfs->z_case == ZFS_CASE_INSENSITIVE ||
1091 zfsvfs->z_case == ZFS_CASE_MIXED)
1092 zfsvfs->z_norm |= U8_TEXTPREP_TOUPPER;
1093
1094 zfsvfs->z_use_fuids = USE_FUIDS(zfsvfs->z_version, zfsvfs->z_os);
1095 zfsvfs->z_use_sa = USE_SA(zfsvfs->z_version, zfsvfs->z_os);
1096
1097 uint64_t sa_obj = 0;
1098 if (zfsvfs->z_use_sa) {
1099 /* should either have both of these objects or none */
1100 error = zap_lookup(os, MASTER_NODE_OBJ, ZFS_SA_ATTRS, 8, 1,
1101 &sa_obj);
1102 if (error != 0)
1103 return (error);
1104 }
1105
1106 error = sa_setup(os, sa_obj, zfs_attr_table, ZPL_END,
1107 &zfsvfs->z_attr_table);
1108 if (error != 0)
1109 return (error);
1110
1111 if (zfsvfs->z_version >= ZPL_VERSION_SA)
1112 sa_register_update_callback(os, zfs_sa_upgrade);
1113
1114 error = zap_lookup(os, MASTER_NODE_OBJ, ZFS_ROOT_OBJ, 8, 1,
1115 &zfsvfs->z_root);
1116 if (error != 0)
1117 return (error);
1118 ASSERT(zfsvfs->z_root != 0);
1119
1120 error = zap_lookup(os, MASTER_NODE_OBJ, ZFS_UNLINKED_SET, 8, 1,
1121 &zfsvfs->z_unlinkedobj);
1122 if (error != 0)
1123 return (error);
1124
1125 error = zap_lookup(os, MASTER_NODE_OBJ,
1126 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA],
1127 8, 1, &zfsvfs->z_userquota_obj);
1128 if (error == ENOENT)
1129 zfsvfs->z_userquota_obj = 0;
1130 else if (error != 0)
1131 return (error);
1132
1133 error = zap_lookup(os, MASTER_NODE_OBJ,
1134 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA],
1135 8, 1, &zfsvfs->z_groupquota_obj);
1136 if (error == ENOENT)
1137 zfsvfs->z_groupquota_obj = 0;
1138 else if (error != 0)
1139 return (error);
1140
1141 error = zap_lookup(os, MASTER_NODE_OBJ,
1142 zfs_userquota_prop_prefixes[ZFS_PROP_PROJECTQUOTA],
1143 8, 1, &zfsvfs->z_projectquota_obj);
1144 if (error == ENOENT)
1145 zfsvfs->z_projectquota_obj = 0;
1146 else if (error != 0)
1147 return (error);
1148
1149 error = zap_lookup(os, MASTER_NODE_OBJ,
1150 zfs_userquota_prop_prefixes[ZFS_PROP_USEROBJQUOTA],
1151 8, 1, &zfsvfs->z_userobjquota_obj);
1152 if (error == ENOENT)
1153 zfsvfs->z_userobjquota_obj = 0;
1154 else if (error != 0)
1155 return (error);
1156
1157 error = zap_lookup(os, MASTER_NODE_OBJ,
1158 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPOBJQUOTA],
1159 8, 1, &zfsvfs->z_groupobjquota_obj);
1160 if (error == ENOENT)
1161 zfsvfs->z_groupobjquota_obj = 0;
1162 else if (error != 0)
1163 return (error);
1164
1165 error = zap_lookup(os, MASTER_NODE_OBJ,
1166 zfs_userquota_prop_prefixes[ZFS_PROP_PROJECTOBJQUOTA],
1167 8, 1, &zfsvfs->z_projectobjquota_obj);
1168 if (error == ENOENT)
1169 zfsvfs->z_projectobjquota_obj = 0;
1170 else if (error != 0)
1171 return (error);
1172
1173 error = zap_lookup(os, MASTER_NODE_OBJ, ZFS_FUID_TABLES, 8, 1,
1174 &zfsvfs->z_fuid_obj);
1175 if (error == ENOENT)
1176 zfsvfs->z_fuid_obj = 0;
1177 else if (error != 0)
1178 return (error);
1179
1180 error = zap_lookup(os, MASTER_NODE_OBJ, ZFS_SHARES_DIR, 8, 1,
1181 &zfsvfs->z_shares_dir);
1182 if (error == ENOENT)
1183 zfsvfs->z_shares_dir = 0;
1184 else if (error != 0)
1185 return (error);
1186
1187 return (0);
1188 }
1189
1190 int
zfsvfs_create(const char * osname,boolean_t readonly,zfsvfs_t ** zfvp)1191 zfsvfs_create(const char *osname, boolean_t readonly, zfsvfs_t **zfvp)
1192 {
1193 objset_t *os;
1194 zfsvfs_t *zfsvfs;
1195 int error;
1196 boolean_t ro = (readonly || (strchr(osname, '@') != NULL));
1197
1198 zfsvfs = kmem_zalloc(sizeof (zfsvfs_t), KM_SLEEP);
1199
1200 error = dmu_objset_own(osname, DMU_OST_ZFS, ro, B_TRUE, zfsvfs, &os);
1201 if (error != 0) {
1202 kmem_free(zfsvfs, sizeof (zfsvfs_t));
1203 return (error);
1204 }
1205
1206 error = zfsvfs_create_impl(zfvp, zfsvfs, os);
1207 if (error != 0) {
1208 dmu_objset_disown(os, B_TRUE, zfsvfs);
1209 }
1210 return (error);
1211 }
1212
1213
1214 int
zfsvfs_create_impl(zfsvfs_t ** zfvp,zfsvfs_t * zfsvfs,objset_t * os)1215 zfsvfs_create_impl(zfsvfs_t **zfvp, zfsvfs_t *zfsvfs, objset_t *os)
1216 {
1217 int error;
1218
1219 zfsvfs->z_vfs = NULL;
1220 zfsvfs->z_parent = zfsvfs;
1221
1222 mutex_init(&zfsvfs->z_znodes_lock, NULL, MUTEX_DEFAULT, NULL);
1223 mutex_init(&zfsvfs->z_lock, NULL, MUTEX_DEFAULT, NULL);
1224 list_create(&zfsvfs->z_all_znodes, sizeof (znode_t),
1225 offsetof(znode_t, z_link_node));
1226 rrm_init(&zfsvfs->z_teardown_lock, B_FALSE);
1227 rw_init(&zfsvfs->z_teardown_inactive_lock, NULL, RW_DEFAULT, NULL);
1228 rw_init(&zfsvfs->z_fuid_lock, NULL, RW_DEFAULT, NULL);
1229 for (int i = 0; i != ZFS_OBJ_MTX_SZ; i++)
1230 mutex_init(&zfsvfs->z_hold_mtx[i], NULL, MUTEX_DEFAULT, NULL);
1231
1232 error = zfsvfs_init(zfsvfs, os);
1233 if (error != 0) {
1234 *zfvp = NULL;
1235 kmem_free(zfsvfs, sizeof (zfsvfs_t));
1236 return (error);
1237 }
1238
1239 zfsvfs->z_drain_task = TASKQID_INVALID;
1240 zfsvfs->z_draining = B_FALSE;
1241 zfsvfs->z_drain_cancel = B_TRUE;
1242
1243 *zfvp = zfsvfs;
1244 return (0);
1245 }
1246
1247 static int
zfsvfs_setup(zfsvfs_t * zfsvfs,boolean_t mounting)1248 zfsvfs_setup(zfsvfs_t *zfsvfs, boolean_t mounting)
1249 {
1250 int error;
1251
1252 error = zfs_register_callbacks(zfsvfs->z_vfs);
1253 if (error)
1254 return (error);
1255
1256 zfsvfs->z_log = zil_open(zfsvfs->z_os, zfs_get_data);
1257
1258 /*
1259 * If we are not mounting (ie: online recv), then we don't
1260 * have to worry about replaying the log as we blocked all
1261 * operations out since we closed the ZIL.
1262 */
1263 if (mounting) {
1264 boolean_t readonly;
1265
1266 /*
1267 * During replay we remove the read only flag to
1268 * allow replays to succeed.
1269 */
1270 readonly = zfsvfs->z_vfs->vfs_flag & VFS_RDONLY;
1271 if (readonly != 0) {
1272 zfsvfs->z_vfs->vfs_flag &= ~VFS_RDONLY;
1273 } else {
1274 zfs_unlinked_drain(zfsvfs);
1275 }
1276
1277 /*
1278 * Parse and replay the intent log.
1279 *
1280 * Because of ziltest, this must be done after
1281 * zfs_unlinked_drain(). (Further note: ziltest
1282 * doesn't use readonly mounts, where
1283 * zfs_unlinked_drain() isn't called.) This is because
1284 * ziltest causes spa_sync() to think it's committed,
1285 * but actually it is not, so the intent log contains
1286 * many txg's worth of changes.
1287 *
1288 * In particular, if object N is in the unlinked set in
1289 * the last txg to actually sync, then it could be
1290 * actually freed in a later txg and then reallocated
1291 * in a yet later txg. This would write a "create
1292 * object N" record to the intent log. Normally, this
1293 * would be fine because the spa_sync() would have
1294 * written out the fact that object N is free, before
1295 * we could write the "create object N" intent log
1296 * record.
1297 *
1298 * But when we are in ziltest mode, we advance the "open
1299 * txg" without actually spa_sync()-ing the changes to
1300 * disk. So we would see that object N is still
1301 * allocated and in the unlinked set, and there is an
1302 * intent log record saying to allocate it.
1303 */
1304 if (spa_writeable(dmu_objset_spa(zfsvfs->z_os))) {
1305 if (zil_replay_disable) {
1306 zil_destroy(zfsvfs->z_log, B_FALSE);
1307 } else {
1308 zfsvfs->z_replay = B_TRUE;
1309 zil_replay(zfsvfs->z_os, zfsvfs,
1310 zfs_replay_vector);
1311 zfsvfs->z_replay = B_FALSE;
1312 }
1313 }
1314
1315 /* restore readonly bit */
1316 if (readonly != 0)
1317 zfsvfs->z_vfs->vfs_flag |= VFS_RDONLY;
1318 }
1319
1320 /*
1321 * Set the objset user_ptr to track its zfsvfs.
1322 */
1323 mutex_enter(&zfsvfs->z_os->os_user_ptr_lock);
1324 dmu_objset_set_user(zfsvfs->z_os, zfsvfs);
1325 mutex_exit(&zfsvfs->z_os->os_user_ptr_lock);
1326
1327 return (0);
1328 }
1329
1330 void
zfsvfs_free(zfsvfs_t * zfsvfs)1331 zfsvfs_free(zfsvfs_t *zfsvfs)
1332 {
1333 int i;
1334 extern krwlock_t zfsvfs_lock; /* in zfs_znode.c */
1335
1336 /*
1337 * This is a barrier to prevent the filesystem from going away in
1338 * zfs_znode_move() until we can safely ensure that the filesystem is
1339 * not unmounted. We consider the filesystem valid before the barrier
1340 * and invalid after the barrier.
1341 */
1342 rw_enter(&zfsvfs_lock, RW_READER);
1343 rw_exit(&zfsvfs_lock);
1344
1345 zfs_fuid_destroy(zfsvfs);
1346
1347 mutex_destroy(&zfsvfs->z_znodes_lock);
1348 mutex_destroy(&zfsvfs->z_lock);
1349 list_destroy(&zfsvfs->z_all_znodes);
1350 rrm_destroy(&zfsvfs->z_teardown_lock);
1351 rw_destroy(&zfsvfs->z_teardown_inactive_lock);
1352 rw_destroy(&zfsvfs->z_fuid_lock);
1353 for (i = 0; i != ZFS_OBJ_MTX_SZ; i++)
1354 mutex_destroy(&zfsvfs->z_hold_mtx[i]);
1355 kmem_free(zfsvfs, sizeof (zfsvfs_t));
1356 }
1357
1358 static void
zfs_set_fuid_feature(zfsvfs_t * zfsvfs)1359 zfs_set_fuid_feature(zfsvfs_t *zfsvfs)
1360 {
1361 zfsvfs->z_use_fuids = USE_FUIDS(zfsvfs->z_version, zfsvfs->z_os);
1362 if (zfsvfs->z_vfs) {
1363 if (zfsvfs->z_use_fuids) {
1364 vfs_set_feature(zfsvfs->z_vfs, VFSFT_XVATTR);
1365 vfs_set_feature(zfsvfs->z_vfs, VFSFT_SYSATTR_VIEWS);
1366 vfs_set_feature(zfsvfs->z_vfs, VFSFT_ACEMASKONACCESS);
1367 vfs_set_feature(zfsvfs->z_vfs, VFSFT_ACLONCREATE);
1368 vfs_set_feature(zfsvfs->z_vfs, VFSFT_ACCESS_FILTER);
1369 vfs_set_feature(zfsvfs->z_vfs, VFSFT_REPARSE);
1370 } else {
1371 vfs_clear_feature(zfsvfs->z_vfs, VFSFT_XVATTR);
1372 vfs_clear_feature(zfsvfs->z_vfs, VFSFT_SYSATTR_VIEWS);
1373 vfs_clear_feature(zfsvfs->z_vfs, VFSFT_ACEMASKONACCESS);
1374 vfs_clear_feature(zfsvfs->z_vfs, VFSFT_ACLONCREATE);
1375 vfs_clear_feature(zfsvfs->z_vfs, VFSFT_ACCESS_FILTER);
1376 vfs_clear_feature(zfsvfs->z_vfs, VFSFT_REPARSE);
1377 }
1378 }
1379 zfsvfs->z_use_sa = USE_SA(zfsvfs->z_version, zfsvfs->z_os);
1380 }
1381
1382 static int
zfs_domount(vfs_t * vfsp,char * osname)1383 zfs_domount(vfs_t *vfsp, char *osname)
1384 {
1385 dev_t mount_dev;
1386 uint64_t recordsize, fsid_guid;
1387 int error = 0;
1388 zfsvfs_t *zfsvfs;
1389 boolean_t readonly = vfsp->vfs_flag & VFS_RDONLY ? B_TRUE : B_FALSE;
1390
1391 ASSERT(vfsp);
1392 ASSERT(osname);
1393
1394 error = zfsvfs_create(osname, readonly, &zfsvfs);
1395 if (error)
1396 return (error);
1397 zfsvfs->z_vfs = vfsp;
1398
1399 /* Initialize the generic filesystem structure. */
1400 vfsp->vfs_bcount = 0;
1401 vfsp->vfs_data = NULL;
1402
1403 if (zfs_create_unique_device(&mount_dev) == -1) {
1404 error = SET_ERROR(ENODEV);
1405 goto out;
1406 }
1407 ASSERT(vfs_devismounted(mount_dev) == 0);
1408
1409 if (error = dsl_prop_get_integer(osname, "recordsize", &recordsize,
1410 NULL))
1411 goto out;
1412
1413 vfsp->vfs_dev = mount_dev;
1414 vfsp->vfs_fstype = zfsfstype;
1415 vfsp->vfs_bsize = recordsize;
1416 vfsp->vfs_flag |= VFS_NOTRUNC;
1417 vfsp->vfs_data = zfsvfs;
1418
1419 /*
1420 * The fsid is 64 bits, composed of an 8-bit fs type, which
1421 * separates our fsid from any other filesystem types, and a
1422 * 56-bit objset unique ID. The objset unique ID is unique to
1423 * all objsets open on this system, provided by unique_create().
1424 * The 8-bit fs type must be put in the low bits of fsid[1]
1425 * because that's where other Solaris filesystems put it.
1426 */
1427 fsid_guid = dmu_objset_fsid_guid(zfsvfs->z_os);
1428 ASSERT((fsid_guid & ~((1ULL<<56)-1)) == 0);
1429 vfsp->vfs_fsid.val[0] = fsid_guid;
1430 vfsp->vfs_fsid.val[1] = ((fsid_guid>>32) << 8) |
1431 zfsfstype & 0xFF;
1432
1433 /*
1434 * Set features for file system.
1435 */
1436 zfs_set_fuid_feature(zfsvfs);
1437 if (zfsvfs->z_case == ZFS_CASE_INSENSITIVE) {
1438 vfs_set_feature(vfsp, VFSFT_DIRENTFLAGS);
1439 vfs_set_feature(vfsp, VFSFT_CASEINSENSITIVE);
1440 vfs_set_feature(vfsp, VFSFT_NOCASESENSITIVE);
1441 } else if (zfsvfs->z_case == ZFS_CASE_MIXED) {
1442 vfs_set_feature(vfsp, VFSFT_DIRENTFLAGS);
1443 vfs_set_feature(vfsp, VFSFT_CASEINSENSITIVE);
1444 }
1445 vfs_set_feature(vfsp, VFSFT_ZEROCOPY_SUPPORTED);
1446
1447 if (dmu_objset_is_snapshot(zfsvfs->z_os)) {
1448 uint64_t pval;
1449
1450 atime_changed_cb(zfsvfs, B_FALSE);
1451 readonly_changed_cb(zfsvfs, B_TRUE);
1452 if (error = dsl_prop_get_integer(osname, "xattr", &pval, NULL))
1453 goto out;
1454 xattr_changed_cb(zfsvfs, pval);
1455 zfsvfs->z_issnap = B_TRUE;
1456 zfsvfs->z_os->os_sync = ZFS_SYNC_DISABLED;
1457
1458 mutex_enter(&zfsvfs->z_os->os_user_ptr_lock);
1459 dmu_objset_set_user(zfsvfs->z_os, zfsvfs);
1460 mutex_exit(&zfsvfs->z_os->os_user_ptr_lock);
1461 } else {
1462 error = zfsvfs_setup(zfsvfs, B_TRUE);
1463 }
1464
1465 /* cache the root vnode for this mount */
1466 znode_t *rootzp;
1467 if (error = zfs_zget(zfsvfs, zfsvfs->z_root, &rootzp)) {
1468 goto out;
1469 }
1470 zfsvfs->z_rootdir = ZTOV(rootzp);
1471
1472 if (!zfsvfs->z_issnap)
1473 zfsctl_create(zfsvfs);
1474 out:
1475 if (error) {
1476 dmu_objset_disown(zfsvfs->z_os, B_TRUE, zfsvfs);
1477 zfsvfs_free(zfsvfs);
1478 } else {
1479 atomic_inc_32(&zfs_active_fs_count);
1480 }
1481
1482 return (error);
1483 }
1484
1485 void
zfs_unregister_callbacks(zfsvfs_t * zfsvfs)1486 zfs_unregister_callbacks(zfsvfs_t *zfsvfs)
1487 {
1488 objset_t *os = zfsvfs->z_os;
1489
1490 if (!dmu_objset_is_snapshot(os))
1491 dsl_prop_unregister_all(dmu_objset_ds(os), zfsvfs);
1492 }
1493
1494 /*
1495 * Convert a decimal digit string to a uint64_t integer.
1496 */
1497 static int
str_to_uint64(char * str,uint64_t * objnum)1498 str_to_uint64(char *str, uint64_t *objnum)
1499 {
1500 uint64_t num = 0;
1501
1502 while (*str) {
1503 if (*str < '0' || *str > '9')
1504 return (SET_ERROR(EINVAL));
1505
1506 num = num*10 + *str++ - '0';
1507 }
1508
1509 *objnum = num;
1510 return (0);
1511 }
1512
1513 /*
1514 * The boot path passed from the boot loader is in the form of
1515 * "rootpool-name/root-filesystem-object-number'. Convert this
1516 * string to a dataset name: "rootpool-name/root-filesystem-name".
1517 */
1518 static int
zfs_parse_bootfs(char * bpath,char * outpath)1519 zfs_parse_bootfs(char *bpath, char *outpath)
1520 {
1521 char *slashp;
1522 uint64_t objnum;
1523 int error;
1524
1525 if (*bpath == 0 || *bpath == '/')
1526 return (SET_ERROR(EINVAL));
1527
1528 (void) strcpy(outpath, bpath);
1529
1530 slashp = strchr(bpath, '/');
1531
1532 /* if no '/', just return the pool name */
1533 if (slashp == NULL) {
1534 return (0);
1535 }
1536
1537 /* if not a number, just return the root dataset name */
1538 if (str_to_uint64(slashp+1, &objnum)) {
1539 return (0);
1540 }
1541
1542 *slashp = '\0';
1543 error = dsl_dsobj_to_dsname(bpath, objnum, outpath);
1544 *slashp = '/';
1545
1546 return (error);
1547 }
1548
1549 /*
1550 * Check that the hex label string is appropriate for the dataset being
1551 * mounted into the global_zone proper.
1552 *
1553 * Return an error if the hex label string is not default or
1554 * admin_low/admin_high. For admin_low labels, the corresponding
1555 * dataset must be readonly.
1556 */
1557 int
zfs_check_global_label(const char * dsname,const char * hexsl)1558 zfs_check_global_label(const char *dsname, const char *hexsl)
1559 {
1560 if (strcasecmp(hexsl, ZFS_MLSLABEL_DEFAULT) == 0)
1561 return (0);
1562 if (strcasecmp(hexsl, ADMIN_HIGH) == 0)
1563 return (0);
1564 if (strcasecmp(hexsl, ADMIN_LOW) == 0) {
1565 /* must be readonly */
1566 uint64_t rdonly;
1567
1568 if (dsl_prop_get_integer(dsname,
1569 zfs_prop_to_name(ZFS_PROP_READONLY), &rdonly, NULL))
1570 return (SET_ERROR(EACCES));
1571 return (rdonly ? 0 : EACCES);
1572 }
1573 return (SET_ERROR(EACCES));
1574 }
1575
1576 static int
zfs_statfs_project(zfsvfs_t * zfsvfs,znode_t * zp,struct statvfs64 * statp,uint32_t bshift)1577 zfs_statfs_project(zfsvfs_t *zfsvfs, znode_t *zp, struct statvfs64 *statp,
1578 uint32_t bshift)
1579 {
1580 char buf[20 + DMU_OBJACCT_PREFIX_LEN];
1581 uint64_t offset = DMU_OBJACCT_PREFIX_LEN;
1582 uint64_t quota;
1583 uint64_t used;
1584 int err;
1585
1586 strlcpy(buf, DMU_OBJACCT_PREFIX, DMU_OBJACCT_PREFIX_LEN + 1);
1587 err = id_to_fuidstr(zfsvfs, NULL, zp->z_projid, buf + offset, B_FALSE);
1588 if (err)
1589 return (err);
1590
1591 if (zfsvfs->z_projectquota_obj == 0)
1592 goto objs;
1593
1594 err = zap_lookup(zfsvfs->z_os, zfsvfs->z_projectquota_obj,
1595 buf + offset, 8, 1, "a);
1596 if (err == ENOENT)
1597 goto objs;
1598 else if (err)
1599 return (err);
1600
1601 err = zap_lookup(zfsvfs->z_os, DMU_PROJECTUSED_OBJECT,
1602 buf + offset, 8, 1, &used);
1603 if (unlikely(err == ENOENT)) {
1604 uint32_t blksize;
1605 u_longlong_t nblocks;
1606
1607 /*
1608 * Quota accounting is async, so it is possible race case.
1609 * There is at least one object with the given project ID.
1610 */
1611 sa_object_size(zp->z_sa_hdl, &blksize, &nblocks);
1612 if (unlikely(zp->z_blksz == 0))
1613 blksize = zfsvfs->z_max_blksz;
1614
1615 used = blksize * nblocks;
1616 } else if (err) {
1617 return (err);
1618 }
1619
1620 statp->f_blocks = quota >> bshift;
1621 statp->f_bfree = (quota > used) ? ((quota - used) >> bshift) : 0;
1622 statp->f_bavail = statp->f_bfree;
1623
1624 objs:
1625 if (zfsvfs->z_projectobjquota_obj == 0)
1626 return (0);
1627
1628 err = zap_lookup(zfsvfs->z_os, zfsvfs->z_projectobjquota_obj,
1629 buf + offset, 8, 1, "a);
1630 if (err == ENOENT)
1631 return (0);
1632 else if (err)
1633 return (err);
1634
1635 err = zap_lookup(zfsvfs->z_os, DMU_PROJECTUSED_OBJECT,
1636 buf, 8, 1, &used);
1637 if (unlikely(err == ENOENT)) {
1638 /*
1639 * Quota accounting is async, so it is possible race case.
1640 * There is at least one object with the given project ID.
1641 */
1642 used = 1;
1643 } else if (err) {
1644 return (err);
1645 }
1646
1647 statp->f_files = quota;
1648 statp->f_ffree = (quota > used) ? (quota - used) : 0;
1649
1650 return (0);
1651 }
1652
1653 /*
1654 * Determine whether the mount is allowed according to MAC check.
1655 * by comparing (where appropriate) label of the dataset against
1656 * the label of the zone being mounted into. If the dataset has
1657 * no label, create one.
1658 *
1659 * Returns 0 if access allowed, error otherwise (e.g. EACCES)
1660 */
1661 static int
zfs_mount_label_policy(vfs_t * vfsp,char * osname)1662 zfs_mount_label_policy(vfs_t *vfsp, char *osname)
1663 {
1664 int error, retv;
1665 zone_t *mntzone = NULL;
1666 ts_label_t *mnt_tsl;
1667 bslabel_t *mnt_sl;
1668 bslabel_t ds_sl;
1669 char ds_hexsl[MAXNAMELEN];
1670
1671 retv = EACCES; /* assume the worst */
1672
1673 /*
1674 * Start by getting the dataset label if it exists.
1675 */
1676 error = dsl_prop_get(osname, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
1677 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
1678 if (error)
1679 return (SET_ERROR(EACCES));
1680
1681 /*
1682 * If labeling is NOT enabled, then disallow the mount of datasets
1683 * which have a non-default label already. No other label checks
1684 * are needed.
1685 */
1686 if (!is_system_labeled()) {
1687 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) == 0)
1688 return (0);
1689 return (SET_ERROR(EACCES));
1690 }
1691
1692 /*
1693 * Get the label of the mountpoint. If mounting into the global
1694 * zone (i.e. mountpoint is not within an active zone and the
1695 * zoned property is off), the label must be default or
1696 * admin_low/admin_high only; no other checks are needed.
1697 */
1698 mntzone = zone_find_by_any_path(refstr_value(vfsp->vfs_mntpt), B_FALSE);
1699 if (mntzone->zone_id == GLOBAL_ZONEID) {
1700 uint64_t zoned;
1701
1702 zone_rele(mntzone);
1703
1704 if (dsl_prop_get_integer(osname,
1705 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
1706 return (SET_ERROR(EACCES));
1707 if (!zoned)
1708 return (zfs_check_global_label(osname, ds_hexsl));
1709 else
1710 /*
1711 * This is the case of a zone dataset being mounted
1712 * initially, before the zone has been fully created;
1713 * allow this mount into global zone.
1714 */
1715 return (0);
1716 }
1717
1718 mnt_tsl = mntzone->zone_slabel;
1719 ASSERT(mnt_tsl != NULL);
1720 label_hold(mnt_tsl);
1721 mnt_sl = label2bslabel(mnt_tsl);
1722
1723 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) == 0) {
1724 /*
1725 * The dataset doesn't have a real label, so fabricate one.
1726 */
1727 char *str = NULL;
1728
1729 if (l_to_str_internal(mnt_sl, &str) == 0 &&
1730 dsl_prop_set_string(osname,
1731 zfs_prop_to_name(ZFS_PROP_MLSLABEL),
1732 ZPROP_SRC_LOCAL, str) == 0)
1733 retv = 0;
1734 if (str != NULL)
1735 kmem_free(str, strlen(str) + 1);
1736 } else if (hexstr_to_label(ds_hexsl, &ds_sl) == 0) {
1737 /*
1738 * Now compare labels to complete the MAC check. If the
1739 * labels are equal then allow access. If the mountpoint
1740 * label dominates the dataset label, allow readonly access.
1741 * Otherwise, access is denied.
1742 */
1743 if (blequal(mnt_sl, &ds_sl))
1744 retv = 0;
1745 else if (bldominates(mnt_sl, &ds_sl)) {
1746 vfs_setmntopt(vfsp, MNTOPT_RO, NULL, 0);
1747 retv = 0;
1748 }
1749 }
1750
1751 label_rele(mnt_tsl);
1752 zone_rele(mntzone);
1753 return (retv);
1754 }
1755
1756 /*
1757 * Load a string-valued boot property and attempt to convert it to a 64-bit
1758 * unsigned integer. If the value is not present, or the conversion fails,
1759 * return the provided default value.
1760 */
1761 static uint64_t
spa_get_bootprop_uint64(const char * name,uint64_t defval)1762 spa_get_bootprop_uint64(const char *name, uint64_t defval)
1763 {
1764 char *propval;
1765 u_longlong_t r;
1766 int e;
1767
1768 if ((propval = spa_get_bootprop(name)) == NULL) {
1769 /*
1770 * The property does not exist.
1771 */
1772 return (defval);
1773 }
1774
1775 e = ddi_strtoull(propval, NULL, 10, &r);
1776
1777 spa_free_bootprop(propval);
1778
1779 /*
1780 * If the conversion succeeded, return the value. If there was any
1781 * kind of failure, just return the default value.
1782 */
1783 return (e == 0 ? r : defval);
1784 }
1785
1786 static int
zfs_mountroot(vfs_t * vfsp,enum whymountroot why)1787 zfs_mountroot(vfs_t *vfsp, enum whymountroot why)
1788 {
1789 int error = 0;
1790 static int zfsrootdone = 0;
1791 zfsvfs_t *zfsvfs = NULL;
1792 znode_t *zp = NULL;
1793 vnode_t *vp = NULL;
1794 char *zfs_bootfs;
1795 char *zfs_devid;
1796 char *zfs_rootdisk_path;
1797 uint64_t zfs_bootpool;
1798 uint64_t zfs_bootvdev;
1799
1800 ASSERT(vfsp);
1801
1802 /*
1803 * The filesystem that we mount as root is defined in the
1804 * boot property "zfs-bootfs" with a format of
1805 * "poolname/root-dataset-objnum".
1806 */
1807 if (why == ROOT_INIT) {
1808 if (zfsrootdone++)
1809 return (SET_ERROR(EBUSY));
1810
1811 /*
1812 * the process of doing a spa_load will require the
1813 * clock to be set before we could (for example) do
1814 * something better by looking at the timestamp on
1815 * an uberblock, so just set it to -1.
1816 */
1817 clkset(-1);
1818
1819 if ((zfs_bootfs = spa_get_bootprop("zfs-bootfs")) == NULL) {
1820 cmn_err(CE_NOTE, "spa_get_bootfs: can not get "
1821 "bootfs name");
1822 return (SET_ERROR(EINVAL));
1823 }
1824 zfs_devid = spa_get_bootprop("diskdevid");
1825
1826 /*
1827 * The boot loader may also provide us with the GUID for both
1828 * the pool and the nominated boot vdev. A GUID value of 0 is
1829 * explicitly invalid (see "spa_change_guid()"), so we use this
1830 * as a sentinel value when no GUID is present.
1831 */
1832 zfs_bootpool = spa_get_bootprop_uint64("zfs-bootpool", 0);
1833 zfs_bootvdev = spa_get_bootprop_uint64("zfs-bootvdev", 0);
1834
1835 /*
1836 * If we have been given a root disk override path, we want to
1837 * ignore device paths from the pool configuration and use only
1838 * the specific path we were given in the boot properties.
1839 */
1840 zfs_rootdisk_path = spa_get_bootprop("zfs-rootdisk-path");
1841
1842 /*
1843 * Initialise the early boot device rescan mechanism. A scan
1844 * will not actually be performed unless we need to do so in
1845 * order to find the correct /devices path for a relocated
1846 * device.
1847 */
1848 vdev_disk_preroot_init(zfs_rootdisk_path);
1849
1850 error = spa_import_rootpool(rootfs.bo_name, zfs_devid,
1851 zfs_bootpool, zfs_bootvdev);
1852
1853 spa_free_bootprop(zfs_devid);
1854
1855 if (error != 0) {
1856 spa_free_bootprop(zfs_bootfs);
1857 spa_free_bootprop(zfs_rootdisk_path);
1858 vdev_disk_preroot_fini();
1859 cmn_err(CE_NOTE, "spa_import_rootpool: error %d",
1860 error);
1861 return (error);
1862 }
1863
1864 if (error = zfs_parse_bootfs(zfs_bootfs, rootfs.bo_name)) {
1865 spa_free_bootprop(zfs_bootfs);
1866 spa_free_bootprop(zfs_rootdisk_path);
1867 vdev_disk_preroot_fini();
1868 cmn_err(CE_NOTE, "zfs_parse_bootfs: error %d",
1869 error);
1870 return (error);
1871 }
1872
1873 spa_free_bootprop(zfs_bootfs);
1874 spa_free_bootprop(zfs_rootdisk_path);
1875
1876 if ((error = vfs_lock(vfsp)) != 0) {
1877 vdev_disk_preroot_fini();
1878 return (error);
1879 }
1880
1881 if (error = zfs_domount(vfsp, rootfs.bo_name)) {
1882 cmn_err(CE_NOTE, "zfs_domount: error %d", error);
1883 goto out;
1884 }
1885
1886 /* zfs_domount has already cached the root vnode for us */
1887 zfsvfs = (zfsvfs_t *)vfsp->vfs_data;
1888 ASSERT(zfsvfs);
1889 ASSERT(zfsvfs->z_rootdir);
1890
1891 vp = zfsvfs->z_rootdir;
1892 mutex_enter(&vp->v_lock);
1893 vp->v_flag |= VROOT;
1894 mutex_exit(&vp->v_lock);
1895
1896 /*
1897 * Leave rootvp held. The root file system is never unmounted.
1898 */
1899 VN_HOLD(vp);
1900 rootvp = vp;
1901
1902 vfs_add((struct vnode *)0, vfsp,
1903 (vfsp->vfs_flag & VFS_RDONLY) ? MS_RDONLY : 0);
1904 out:
1905 vdev_disk_preroot_fini();
1906 vfs_unlock(vfsp);
1907 return (error);
1908 } else if (why == ROOT_REMOUNT) {
1909 readonly_changed_cb(vfsp->vfs_data, B_FALSE);
1910 vfsp->vfs_flag |= VFS_REMOUNT;
1911
1912 /* refresh mount options */
1913 zfs_unregister_callbacks(vfsp->vfs_data);
1914 return (zfs_register_callbacks(vfsp));
1915
1916 } else if (why == ROOT_UNMOUNT) {
1917 zfs_unregister_callbacks((zfsvfs_t *)vfsp->vfs_data);
1918 (void) zfs_sync(vfsp, 0, 0);
1919 return (0);
1920 }
1921
1922 /*
1923 * if "why" is equal to anything else other than ROOT_INIT,
1924 * ROOT_REMOUNT, or ROOT_UNMOUNT, we do not support it.
1925 */
1926 return (SET_ERROR(ENOTSUP));
1927 }
1928
1929 /*ARGSUSED*/
1930 static int
zfs_mount(vfs_t * vfsp,vnode_t * mvp,struct mounta * uap,cred_t * cr)1931 zfs_mount(vfs_t *vfsp, vnode_t *mvp, struct mounta *uap, cred_t *cr)
1932 {
1933 char *osname;
1934 pathname_t spn;
1935 int error = 0;
1936 uio_seg_t fromspace = (uap->flags & MS_SYSSPACE) ?
1937 UIO_SYSSPACE : UIO_USERSPACE;
1938 int canwrite;
1939
1940 if (mvp->v_type != VDIR)
1941 return (SET_ERROR(ENOTDIR));
1942
1943 mutex_enter(&mvp->v_lock);
1944 if ((uap->flags & MS_REMOUNT) == 0 &&
1945 (uap->flags & MS_OVERLAY) == 0 &&
1946 (mvp->v_count != 1 || (mvp->v_flag & VROOT))) {
1947 mutex_exit(&mvp->v_lock);
1948 return (SET_ERROR(EBUSY));
1949 }
1950 mutex_exit(&mvp->v_lock);
1951
1952 /*
1953 * ZFS does not support passing unparsed data in via MS_DATA.
1954 * Users should use the MS_OPTIONSTR interface; this means
1955 * that all option parsing is already done and the options struct
1956 * can be interrogated.
1957 */
1958 if ((uap->flags & MS_DATA) && uap->datalen > 0)
1959 return (SET_ERROR(EINVAL));
1960
1961 /*
1962 * Get the objset name (the "special" mount argument).
1963 */
1964 if (error = pn_get(uap->spec, fromspace, &spn))
1965 return (error);
1966
1967 osname = spn.pn_path;
1968
1969 /*
1970 * Check for mount privilege?
1971 *
1972 * If we don't have privilege then see if
1973 * we have local permission to allow it
1974 */
1975 error = secpolicy_fs_mount(cr, mvp, vfsp);
1976 if (error) {
1977 if (dsl_deleg_access(osname, ZFS_DELEG_PERM_MOUNT, cr) == 0) {
1978 vattr_t vattr;
1979
1980 /*
1981 * Make sure user is the owner of the mount point
1982 * or has sufficient privileges.
1983 */
1984
1985 vattr.va_mask = AT_UID;
1986
1987 if (VOP_GETATTR(mvp, &vattr, 0, cr, NULL)) {
1988 goto out;
1989 }
1990
1991 if (secpolicy_vnode_owner(cr, vattr.va_uid) != 0 &&
1992 VOP_ACCESS(mvp, VWRITE, 0, cr, NULL) != 0) {
1993 goto out;
1994 }
1995 secpolicy_fs_mount_clearopts(cr, vfsp);
1996 } else {
1997 goto out;
1998 }
1999 }
2000
2001 /*
2002 * Refuse to mount a filesystem if we are in a local zone and the
2003 * dataset is not visible.
2004 */
2005 if (!INGLOBALZONE(curproc) &&
2006 (!zone_dataset_visible(osname, &canwrite) || !canwrite)) {
2007 error = SET_ERROR(EPERM);
2008 goto out;
2009 }
2010
2011 error = zfs_mount_label_policy(vfsp, osname);
2012 if (error)
2013 goto out;
2014
2015 /*
2016 * When doing a remount, we simply refresh our temporary properties
2017 * according to those options set in the current VFS options.
2018 */
2019 if (uap->flags & MS_REMOUNT) {
2020 /* refresh mount options */
2021 zfs_unregister_callbacks(vfsp->vfs_data);
2022 error = zfs_register_callbacks(vfsp);
2023 goto out;
2024 }
2025
2026 error = zfs_domount(vfsp, osname);
2027
2028 /*
2029 * Add an extra VFS_HOLD on our parent vfs so that it can't
2030 * disappear due to a forced unmount.
2031 */
2032 if (error == 0 && ((zfsvfs_t *)vfsp->vfs_data)->z_issnap)
2033 VFS_HOLD(mvp->v_vfsp);
2034
2035 out:
2036 pn_free(&spn);
2037 return (error);
2038 }
2039
2040 static int
zfs_statvfs(vfs_t * vfsp,struct statvfs64 * statp)2041 zfs_statvfs(vfs_t *vfsp, struct statvfs64 *statp)
2042 {
2043 zfsvfs_t *zfsvfs = vfsp->vfs_data;
2044 dev32_t d32;
2045 uint64_t refdbytes, availbytes, usedobjs, availobjs;
2046 int err = 0;
2047
2048 ZFS_ENTER(zfsvfs);
2049
2050 dmu_objset_space(zfsvfs->z_os,
2051 &refdbytes, &availbytes, &usedobjs, &availobjs);
2052
2053 /*
2054 * The underlying storage pool actually uses multiple block sizes.
2055 * We report the fragsize as the smallest block size we support,
2056 * and we report our blocksize as the filesystem's maximum blocksize.
2057 */
2058 statp->f_frsize = 1UL << SPA_MINBLOCKSHIFT;
2059 statp->f_bsize = zfsvfs->z_max_blksz;
2060
2061 /*
2062 * The following report "total" blocks of various kinds in the
2063 * file system, but reported in terms of f_frsize - the
2064 * "fragment" size.
2065 */
2066
2067 statp->f_blocks = (refdbytes + availbytes) >> SPA_MINBLOCKSHIFT;
2068 statp->f_bfree = availbytes >> SPA_MINBLOCKSHIFT;
2069 statp->f_bavail = statp->f_bfree; /* no root reservation */
2070
2071 /*
2072 * statvfs() should really be called statufs(), because it assumes
2073 * static metadata. ZFS doesn't preallocate files, so the best
2074 * we can do is report the max that could possibly fit in f_files,
2075 * and that minus the number actually used in f_ffree.
2076 * For f_ffree, report the smaller of the number of object available
2077 * and the number of blocks (each object will take at least a block).
2078 */
2079 statp->f_ffree = MIN(availobjs, statp->f_bfree);
2080 statp->f_favail = statp->f_ffree; /* no "root reservation" */
2081 statp->f_files = statp->f_ffree + usedobjs;
2082
2083 (void) cmpldev(&d32, vfsp->vfs_dev);
2084 statp->f_fsid = d32;
2085
2086 /*
2087 * We're a zfs filesystem.
2088 */
2089 (void) strcpy(statp->f_basetype, vfssw[vfsp->vfs_fstype].vsw_name);
2090
2091 statp->f_flag = vf_to_stf(vfsp->vfs_flag);
2092
2093 statp->f_namemax = MAXNAMELEN - 1;
2094
2095 /*
2096 * We have all of 32 characters to stuff a string here.
2097 * Is there anything useful we could/should provide?
2098 */
2099 bzero(statp->f_fstr, sizeof (statp->f_fstr));
2100
2101 if (dmu_objset_projectquota_enabled(zfsvfs->z_os) &&
2102 dmu_objset_projectquota_present(zfsvfs->z_os)) {
2103 znode_t *zp;
2104
2105 /*
2106 * In ZoL, zfs_statvfs is passed a Linux dentry (directory
2107 * entry), instead of a vfsp. The ZoL code uses the dentry
2108 * to get the znode from the dentry's inode. This represents
2109 * whatever filename was passed to the user-level statvfs
2110 * syscall.
2111 *
2112 * We're using the VFS root znode here, so this represents a
2113 * potential difference from ZoL.
2114 */
2115 if (zfs_zget(zfsvfs, zfsvfs->z_root, &zp) == 0) {
2116 uint32_t bshift = ddi_fls(statp->f_bsize) - 1;
2117
2118 if (zp->z_pflags & ZFS_PROJINHERIT && zp->z_projid &&
2119 zpl_is_valid_projid(zp->z_projid))
2120 err = zfs_statfs_project(zfsvfs, zp, statp,
2121 bshift);
2122 VN_RELE(ZTOV(zp));
2123 }
2124 }
2125
2126 ZFS_EXIT(zfsvfs);
2127 return (err);
2128 }
2129
2130 static int
zfs_root(vfs_t * vfsp,vnode_t ** vpp)2131 zfs_root(vfs_t *vfsp, vnode_t **vpp)
2132 {
2133 zfsvfs_t *zfsvfs = vfsp->vfs_data;
2134 struct vnode *vp;
2135 int error;
2136
2137 ZFS_ENTER(zfsvfs);
2138
2139 vp = zfsvfs->z_rootdir;
2140 if (vp != NULL) {
2141 VN_HOLD(vp);
2142 error = 0;
2143 } else {
2144 /* forced unmount */
2145 error = EIO;
2146 }
2147 *vpp = vp;
2148
2149 ZFS_EXIT(zfsvfs);
2150 return (error);
2151
2152 }
2153
2154 /*
2155 * Teardown the zfsvfs::z_os.
2156 *
2157 * Note, if 'unmounting' is FALSE, we return with the 'z_teardown_lock'
2158 * and 'z_teardown_inactive_lock' held.
2159 */
2160 static int
zfsvfs_teardown(zfsvfs_t * zfsvfs,boolean_t unmounting)2161 zfsvfs_teardown(zfsvfs_t *zfsvfs, boolean_t unmounting)
2162 {
2163 znode_t *zp;
2164
2165 zfs_unlinked_drain_stop_wait(zfsvfs);
2166
2167 rrm_enter(&zfsvfs->z_teardown_lock, RW_WRITER, FTAG);
2168
2169 if (!unmounting) {
2170 /*
2171 * We purge the parent filesystem's vfsp as the parent
2172 * filesystem and all of its snapshots have their vnode's
2173 * v_vfsp set to the parent's filesystem's vfsp. Note,
2174 * 'z_parent' is self referential for non-snapshots.
2175 */
2176 (void) dnlc_purge_vfsp(zfsvfs->z_parent->z_vfs, 0);
2177 }
2178
2179 /*
2180 * Close the zil. NB: Can't close the zil while zfs_inactive
2181 * threads are blocked as zil_close can call zfs_inactive.
2182 */
2183 if (zfsvfs->z_log) {
2184 zil_close(zfsvfs->z_log);
2185 zfsvfs->z_log = NULL;
2186 }
2187
2188 rw_enter(&zfsvfs->z_teardown_inactive_lock, RW_WRITER);
2189
2190 /*
2191 * If we are not unmounting (ie: online recv) and someone already
2192 * unmounted this file system while we were doing the switcheroo,
2193 * or a reopen of z_os failed then just bail out now.
2194 */
2195 if (!unmounting && (zfsvfs->z_unmounted || zfsvfs->z_os == NULL)) {
2196 rw_exit(&zfsvfs->z_teardown_inactive_lock);
2197 rrm_exit(&zfsvfs->z_teardown_lock, FTAG);
2198 return (SET_ERROR(EIO));
2199 }
2200
2201 /*
2202 * At this point there are no vops active, and any new vops will
2203 * fail with EIO since we have z_teardown_lock for writer (only
2204 * relavent for forced unmount).
2205 *
2206 * Release all holds on dbufs.
2207 */
2208 mutex_enter(&zfsvfs->z_znodes_lock);
2209 for (zp = list_head(&zfsvfs->z_all_znodes); zp != NULL;
2210 zp = list_next(&zfsvfs->z_all_znodes, zp))
2211 if (zp->z_sa_hdl) {
2212 ASSERT(ZTOV(zp)->v_count > 0);
2213 zfs_znode_dmu_fini(zp);
2214 }
2215 mutex_exit(&zfsvfs->z_znodes_lock);
2216
2217 /*
2218 * If we are unmounting, set the unmounted flag and let new vops
2219 * unblock. zfs_inactive will have the unmounted behavior, and all
2220 * other vops will fail with EIO.
2221 */
2222 if (unmounting) {
2223 /*
2224 * Clear the cached root vnode now that we are unmounted.
2225 * Its release must be performed outside the teardown locks to
2226 * avoid recursive lock entry via zfs_inactive().
2227 */
2228 vnode_t *vp = zfsvfs->z_rootdir;
2229 zfsvfs->z_rootdir = NULL;
2230
2231 zfsvfs->z_unmounted = B_TRUE;
2232 rw_exit(&zfsvfs->z_teardown_inactive_lock);
2233 rrm_exit(&zfsvfs->z_teardown_lock, FTAG);
2234
2235 /* Drop the cached root vp now that it is safe */
2236 VN_RELE(vp);
2237 }
2238
2239 /*
2240 * z_os will be NULL if there was an error in attempting to reopen
2241 * zfsvfs, so just return as the properties had already been
2242 * unregistered and cached data had been evicted before.
2243 */
2244 if (zfsvfs->z_os == NULL)
2245 return (0);
2246
2247 /*
2248 * Unregister properties.
2249 */
2250 zfs_unregister_callbacks(zfsvfs);
2251
2252 /*
2253 * Evict cached data
2254 */
2255 if (dsl_dataset_is_dirty(dmu_objset_ds(zfsvfs->z_os)) &&
2256 !(zfsvfs->z_vfs->vfs_flag & VFS_RDONLY))
2257 txg_wait_synced(dmu_objset_pool(zfsvfs->z_os), 0);
2258 dmu_objset_evict_dbufs(zfsvfs->z_os);
2259
2260 return (0);
2261 }
2262
2263 /*ARGSUSED*/
2264 static int
zfs_umount(vfs_t * vfsp,int fflag,cred_t * cr)2265 zfs_umount(vfs_t *vfsp, int fflag, cred_t *cr)
2266 {
2267 zfsvfs_t *zfsvfs = vfsp->vfs_data;
2268 objset_t *os;
2269 int ret;
2270
2271 ret = secpolicy_fs_unmount(cr, vfsp);
2272 if (ret) {
2273 if (dsl_deleg_access((char *)refstr_value(vfsp->vfs_resource),
2274 ZFS_DELEG_PERM_MOUNT, cr))
2275 return (ret);
2276 }
2277
2278 /*
2279 * We purge the parent filesystem's vfsp as the parent filesystem
2280 * and all of its snapshots have their vnode's v_vfsp set to the
2281 * parent's filesystem's vfsp. Note, 'z_parent' is self
2282 * referential for non-snapshots.
2283 */
2284 (void) dnlc_purge_vfsp(zfsvfs->z_parent->z_vfs, 0);
2285
2286 /*
2287 * Unmount any snapshots mounted under .zfs before unmounting the
2288 * dataset itself.
2289 */
2290 if (zfsvfs->z_ctldir != NULL &&
2291 (ret = zfsctl_umount_snapshots(vfsp, fflag, cr)) != 0) {
2292 return (ret);
2293 }
2294
2295 if (!(fflag & MS_FORCE)) {
2296 /*
2297 * Check the number of active vnodes in the file system.
2298 * Our count is maintained in the vfs structure, but the
2299 * number is off by 1 to indicate a hold on the vfs
2300 * structure itself.
2301 */
2302 boolean_t draining;
2303 uint_t thresh = 1;
2304 vnode_t *ctlvp, *rvp;
2305
2306 /*
2307 * The cached vnode for the root directory of the mount also
2308 * maintains a hold on the vfs structure.
2309 */
2310 rvp = zfsvfs->z_rootdir;
2311 thresh++;
2312
2313 /*
2314 * The '.zfs' directory maintains a reference of its own, and
2315 * any active references underneath are reflected in the vnode
2316 * count. Allow one additional reference for it.
2317 */
2318 ctlvp = zfsvfs->z_ctldir;
2319 if (ctlvp != NULL) {
2320 thresh++;
2321 }
2322
2323 /*
2324 * If it's running, the asynchronous unlinked drain task needs
2325 * to be stopped before the number of active vnodes can be
2326 * reliably checked.
2327 */
2328 draining = zfsvfs->z_draining;
2329 if (draining)
2330 zfs_unlinked_drain_stop_wait(zfsvfs);
2331
2332 if (vfsp->vfs_count > thresh || rvp->v_count > 1 ||
2333 (ctlvp != NULL && ctlvp->v_count > 1)) {
2334 if (draining) {
2335 /* If it was draining, restart the task */
2336 zfs_unlinked_drain(zfsvfs);
2337 }
2338 return (SET_ERROR(EBUSY));
2339 }
2340 }
2341
2342 vfsp->vfs_flag |= VFS_UNMOUNTED;
2343
2344 VERIFY(zfsvfs_teardown(zfsvfs, B_TRUE) == 0);
2345 os = zfsvfs->z_os;
2346
2347 /*
2348 * z_os will be NULL if there was an error in
2349 * attempting to reopen zfsvfs.
2350 */
2351 if (os != NULL) {
2352 /*
2353 * Unset the objset user_ptr.
2354 */
2355 mutex_enter(&os->os_user_ptr_lock);
2356 dmu_objset_set_user(os, NULL);
2357 mutex_exit(&os->os_user_ptr_lock);
2358
2359 /*
2360 * Finally release the objset
2361 */
2362 dmu_objset_disown(os, B_TRUE, zfsvfs);
2363 }
2364
2365 /*
2366 * We can now safely destroy the '.zfs' directory node.
2367 */
2368 if (zfsvfs->z_ctldir != NULL)
2369 zfsctl_destroy(zfsvfs);
2370
2371 return (0);
2372 }
2373
2374 static int
zfs_vget(vfs_t * vfsp,vnode_t ** vpp,fid_t * fidp)2375 zfs_vget(vfs_t *vfsp, vnode_t **vpp, fid_t *fidp)
2376 {
2377 zfsvfs_t *zfsvfs = vfsp->vfs_data;
2378 znode_t *zp;
2379 uint64_t object = 0;
2380 uint64_t fid_gen = 0;
2381 uint64_t gen_mask;
2382 uint64_t zp_gen;
2383 int i, err;
2384
2385 *vpp = NULL;
2386
2387 ZFS_ENTER(zfsvfs);
2388
2389 if (fidp->fid_len == LONG_FID_LEN) {
2390 zfid_long_t *zlfid = (zfid_long_t *)fidp;
2391 uint64_t objsetid = 0;
2392 uint64_t setgen = 0;
2393
2394 for (i = 0; i < sizeof (zlfid->zf_setid); i++)
2395 objsetid |= ((uint64_t)zlfid->zf_setid[i]) << (8 * i);
2396
2397 for (i = 0; i < sizeof (zlfid->zf_setgen); i++)
2398 setgen |= ((uint64_t)zlfid->zf_setgen[i]) << (8 * i);
2399
2400 ZFS_EXIT(zfsvfs);
2401
2402 err = zfsctl_lookup_objset(vfsp, objsetid, &zfsvfs);
2403 if (err)
2404 return (SET_ERROR(EINVAL));
2405 ZFS_ENTER(zfsvfs);
2406 }
2407
2408 if (fidp->fid_len == SHORT_FID_LEN || fidp->fid_len == LONG_FID_LEN) {
2409 zfid_short_t *zfid = (zfid_short_t *)fidp;
2410
2411 for (i = 0; i < sizeof (zfid->zf_object); i++)
2412 object |= ((uint64_t)zfid->zf_object[i]) << (8 * i);
2413
2414 for (i = 0; i < sizeof (zfid->zf_gen); i++)
2415 fid_gen |= ((uint64_t)zfid->zf_gen[i]) << (8 * i);
2416 } else {
2417 ZFS_EXIT(zfsvfs);
2418 return (SET_ERROR(EINVAL));
2419 }
2420
2421 /* A zero fid_gen means we are in the .zfs control directories */
2422 if (fid_gen == 0 &&
2423 (object == ZFSCTL_INO_ROOT || object == ZFSCTL_INO_SNAPDIR)) {
2424 *vpp = zfsvfs->z_ctldir;
2425 ASSERT(*vpp != NULL);
2426 if (object == ZFSCTL_INO_SNAPDIR) {
2427 VERIFY(zfsctl_root_lookup(*vpp, "snapshot", vpp, NULL,
2428 0, NULL, NULL, NULL, NULL, NULL) == 0);
2429 } else {
2430 VN_HOLD(*vpp);
2431 }
2432 ZFS_EXIT(zfsvfs);
2433 return (0);
2434 }
2435
2436 gen_mask = -1ULL >> (64 - 8 * i);
2437
2438 dprintf("getting %llu [%u mask %llx]\n", object, fid_gen, gen_mask);
2439 if (err = zfs_zget(zfsvfs, object, &zp)) {
2440 ZFS_EXIT(zfsvfs);
2441 return (err);
2442 }
2443 (void) sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(zfsvfs), &zp_gen,
2444 sizeof (uint64_t));
2445 zp_gen = zp_gen & gen_mask;
2446 if (zp_gen == 0)
2447 zp_gen = 1;
2448 if (zp->z_unlinked || zp_gen != fid_gen) {
2449 dprintf("znode gen (%u) != fid gen (%u)\n", zp_gen, fid_gen);
2450 VN_RELE(ZTOV(zp));
2451 ZFS_EXIT(zfsvfs);
2452 return (SET_ERROR(EINVAL));
2453 }
2454
2455 *vpp = ZTOV(zp);
2456 ZFS_EXIT(zfsvfs);
2457 return (0);
2458 }
2459
2460 /*
2461 * Block out VOPs and close zfsvfs_t::z_os
2462 *
2463 * Note, if successful, then we return with the 'z_teardown_lock' and
2464 * 'z_teardown_inactive_lock' write held. We leave ownership of the underlying
2465 * dataset and objset intact so that they can be atomically handed off during
2466 * a subsequent rollback or recv operation and the resume thereafter.
2467 */
2468 int
zfs_suspend_fs(zfsvfs_t * zfsvfs)2469 zfs_suspend_fs(zfsvfs_t *zfsvfs)
2470 {
2471 int error;
2472
2473 if ((error = zfsvfs_teardown(zfsvfs, B_FALSE)) != 0)
2474 return (error);
2475
2476 return (0);
2477 }
2478
2479 /*
2480 * Rebuild SA and release VOPs. Note that ownership of the underlying dataset
2481 * is an invariant across any of the operations that can be performed while the
2482 * filesystem was suspended. Whether it succeeded or failed, the preconditions
2483 * are the same: the relevant objset and associated dataset are owned by
2484 * zfsvfs, held, and long held on entry.
2485 */
2486 int
zfs_resume_fs(zfsvfs_t * zfsvfs,dsl_dataset_t * ds)2487 zfs_resume_fs(zfsvfs_t *zfsvfs, dsl_dataset_t *ds)
2488 {
2489 int err;
2490 znode_t *zp;
2491
2492 ASSERT(RRM_WRITE_HELD(&zfsvfs->z_teardown_lock));
2493 ASSERT(RW_WRITE_HELD(&zfsvfs->z_teardown_inactive_lock));
2494
2495 /*
2496 * We already own this, so just update the objset_t, as the one we
2497 * had before may have been evicted.
2498 */
2499 objset_t *os;
2500 VERIFY3P(ds->ds_owner, ==, zfsvfs);
2501 VERIFY(dsl_dataset_long_held(ds));
2502 VERIFY0(dmu_objset_from_ds(ds, &os));
2503
2504 err = zfsvfs_init(zfsvfs, os);
2505 if (err != 0)
2506 goto bail;
2507
2508 VERIFY(zfsvfs_setup(zfsvfs, B_FALSE) == 0);
2509
2510 zfs_set_fuid_feature(zfsvfs);
2511
2512 /*
2513 * Attempt to re-establish all the active znodes with
2514 * their dbufs. If a zfs_rezget() fails, then we'll let
2515 * any potential callers discover that via ZFS_ENTER_VERIFY_VP
2516 * when they try to use their znode.
2517 */
2518 mutex_enter(&zfsvfs->z_znodes_lock);
2519 for (zp = list_head(&zfsvfs->z_all_znodes); zp;
2520 zp = list_next(&zfsvfs->z_all_znodes, zp)) {
2521 (void) zfs_rezget(zp);
2522 }
2523 mutex_exit(&zfsvfs->z_znodes_lock);
2524
2525 if (((zfsvfs->z_vfs->vfs_flag & VFS_RDONLY) == 0) &&
2526 !zfsvfs->z_unmounted) {
2527 /*
2528 * zfs_suspend_fs() could have interrupted freeing
2529 * of dnodes. We need to restart this freeing so
2530 * that we don't "leak" the space.
2531 */
2532 zfs_unlinked_drain(zfsvfs);
2533 }
2534
2535 bail:
2536 /* release the VOPs */
2537 rw_exit(&zfsvfs->z_teardown_inactive_lock);
2538 rrm_exit(&zfsvfs->z_teardown_lock, FTAG);
2539
2540 if (err) {
2541 /*
2542 * Since we couldn't setup the sa framework, try to force
2543 * unmount this file system.
2544 */
2545 if (vn_vfswlock(zfsvfs->z_vfs->vfs_vnodecovered) == 0)
2546 (void) dounmount(zfsvfs->z_vfs, MS_FORCE, CRED());
2547 }
2548 return (err);
2549 }
2550
2551 static void
zfs_freevfs(vfs_t * vfsp)2552 zfs_freevfs(vfs_t *vfsp)
2553 {
2554 zfsvfs_t *zfsvfs = vfsp->vfs_data;
2555
2556 /*
2557 * If this is a snapshot, we have an extra VFS_HOLD on our parent
2558 * from zfs_mount(). Release it here. If we came through
2559 * zfs_mountroot() instead, we didn't grab an extra hold, so
2560 * skip the VFS_RELE for rootvfs.
2561 */
2562 if (zfsvfs->z_issnap && (vfsp != rootvfs))
2563 VFS_RELE(zfsvfs->z_parent->z_vfs);
2564
2565 zfsvfs_free(zfsvfs);
2566
2567 atomic_dec_32(&zfs_active_fs_count);
2568 }
2569
2570 /*
2571 * VFS_INIT() initialization. Note that there is no VFS_FINI(),
2572 * so we can't safely do any non-idempotent initialization here.
2573 * Leave that to zfs_init() and zfs_fini(), which are called
2574 * from the module's _init() and _fini() entry points.
2575 */
2576 /*ARGSUSED*/
2577 static int
zfs_vfsinit(int fstype,char * name)2578 zfs_vfsinit(int fstype, char *name)
2579 {
2580 int error;
2581
2582 zfsfstype = fstype;
2583
2584 /*
2585 * Setup vfsops and vnodeops tables.
2586 */
2587 error = vfs_setfsops(fstype, zfs_vfsops_template, &zfs_vfsops);
2588 if (error != 0) {
2589 cmn_err(CE_WARN, "zfs: bad vfs ops template");
2590 }
2591
2592 error = zfs_create_op_tables();
2593 if (error) {
2594 zfs_remove_op_tables();
2595 cmn_err(CE_WARN, "zfs: bad vnode ops template");
2596 (void) vfs_freevfsops_by_type(zfsfstype);
2597 return (error);
2598 }
2599
2600 mutex_init(&zfs_dev_mtx, NULL, MUTEX_DEFAULT, NULL);
2601
2602 /*
2603 * Unique major number for all zfs mounts.
2604 * If we run out of 32-bit minors, we'll getudev() another major.
2605 */
2606 zfs_major = ddi_name_to_major(ZFS_DRIVER);
2607 zfs_minor = ZFS_MIN_MINOR;
2608
2609 return (0);
2610 }
2611
2612 void
zfs_init(void)2613 zfs_init(void)
2614 {
2615 /*
2616 * Initialize .zfs directory structures
2617 */
2618 zfsctl_init();
2619
2620 /*
2621 * Initialize znode cache, vnode ops, etc...
2622 */
2623 zfs_znode_init();
2624
2625 dmu_objset_register_type(DMU_OST_ZFS, zfs_space_delta_cb);
2626 }
2627
2628 void
zfs_fini(void)2629 zfs_fini(void)
2630 {
2631 zfsctl_fini();
2632 zfs_znode_fini();
2633 }
2634
2635 int
zfs_busy(void)2636 zfs_busy(void)
2637 {
2638 return (zfs_active_fs_count != 0);
2639 }
2640
2641 int
zfs_set_version(zfsvfs_t * zfsvfs,uint64_t newvers)2642 zfs_set_version(zfsvfs_t *zfsvfs, uint64_t newvers)
2643 {
2644 int error;
2645 objset_t *os = zfsvfs->z_os;
2646 dmu_tx_t *tx;
2647
2648 if (newvers < ZPL_VERSION_INITIAL || newvers > ZPL_VERSION)
2649 return (SET_ERROR(EINVAL));
2650
2651 if (newvers < zfsvfs->z_version)
2652 return (SET_ERROR(EINVAL));
2653
2654 if (zfs_spa_version_map(newvers) >
2655 spa_version(dmu_objset_spa(zfsvfs->z_os)))
2656 return (SET_ERROR(ENOTSUP));
2657
2658 tx = dmu_tx_create(os);
2659 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, B_FALSE, ZPL_VERSION_STR);
2660 if (newvers >= ZPL_VERSION_SA && !zfsvfs->z_use_sa) {
2661 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, B_TRUE,
2662 ZFS_SA_ATTRS);
2663 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
2664 }
2665 error = dmu_tx_assign(tx, TXG_WAIT);
2666 if (error) {
2667 dmu_tx_abort(tx);
2668 return (error);
2669 }
2670
2671 error = zap_update(os, MASTER_NODE_OBJ, ZPL_VERSION_STR,
2672 8, 1, &newvers, tx);
2673
2674 if (error) {
2675 dmu_tx_commit(tx);
2676 return (error);
2677 }
2678
2679 if (newvers >= ZPL_VERSION_SA && !zfsvfs->z_use_sa) {
2680 uint64_t sa_obj;
2681
2682 ASSERT3U(spa_version(dmu_objset_spa(zfsvfs->z_os)), >=,
2683 SPA_VERSION_SA);
2684 sa_obj = zap_create(os, DMU_OT_SA_MASTER_NODE,
2685 DMU_OT_NONE, 0, tx);
2686
2687 error = zap_add(os, MASTER_NODE_OBJ,
2688 ZFS_SA_ATTRS, 8, 1, &sa_obj, tx);
2689 ASSERT0(error);
2690
2691 VERIFY(0 == sa_set_sa_object(os, sa_obj));
2692 sa_register_update_callback(os, zfs_sa_upgrade);
2693 }
2694
2695 spa_history_log_internal_ds(dmu_objset_ds(os), "upgrade", tx,
2696 "from %llu to %llu", zfsvfs->z_version, newvers);
2697
2698 dmu_tx_commit(tx);
2699
2700 zfsvfs->z_version = newvers;
2701 os->os_version = newvers;
2702
2703 zfs_set_fuid_feature(zfsvfs);
2704
2705 return (0);
2706 }
2707
2708 /*
2709 * Read a property stored within the master node.
2710 */
2711 int
zfs_get_zplprop(objset_t * os,zfs_prop_t prop,uint64_t * value)2712 zfs_get_zplprop(objset_t *os, zfs_prop_t prop, uint64_t *value)
2713 {
2714 uint64_t *cached_copy = NULL;
2715
2716 /*
2717 * Figure out where in the objset_t the cached copy would live, if it
2718 * is available for the requested property.
2719 */
2720 if (os != NULL) {
2721 switch (prop) {
2722 case ZFS_PROP_VERSION:
2723 cached_copy = &os->os_version;
2724 break;
2725 case ZFS_PROP_NORMALIZE:
2726 cached_copy = &os->os_normalization;
2727 break;
2728 case ZFS_PROP_UTF8ONLY:
2729 cached_copy = &os->os_utf8only;
2730 break;
2731 case ZFS_PROP_CASE:
2732 cached_copy = &os->os_casesensitivity;
2733 break;
2734 default:
2735 break;
2736 }
2737 }
2738 if (cached_copy != NULL && *cached_copy != OBJSET_PROP_UNINITIALIZED) {
2739 *value = *cached_copy;
2740 return (0);
2741 }
2742
2743 /*
2744 * If the property wasn't cached, look up the file system's value for
2745 * the property. For the version property, we look up a slightly
2746 * different string.
2747 */
2748 const char *pname;
2749 int error = ENOENT;
2750 if (prop == ZFS_PROP_VERSION) {
2751 pname = ZPL_VERSION_STR;
2752 } else {
2753 pname = zfs_prop_to_name(prop);
2754 }
2755
2756 if (os != NULL) {
2757 ASSERT3U(os->os_phys->os_type, ==, DMU_OST_ZFS);
2758 error = zap_lookup(os, MASTER_NODE_OBJ, pname, 8, 1, value);
2759 }
2760
2761 if (error == ENOENT) {
2762 /* No value set, use the default value */
2763 switch (prop) {
2764 case ZFS_PROP_VERSION:
2765 *value = ZPL_VERSION;
2766 break;
2767 case ZFS_PROP_NORMALIZE:
2768 case ZFS_PROP_UTF8ONLY:
2769 *value = 0;
2770 break;
2771 case ZFS_PROP_CASE:
2772 *value = ZFS_CASE_SENSITIVE;
2773 break;
2774 default:
2775 return (error);
2776 }
2777 error = 0;
2778 }
2779
2780 /*
2781 * If one of the methods for getting the property value above worked,
2782 * copy it into the objset_t's cache.
2783 */
2784 if (error == 0 && cached_copy != NULL) {
2785 *cached_copy = *value;
2786 }
2787
2788 return (error);
2789 }
2790
2791 /*
2792 * Return true if the coresponding vfs's unmounted flag is set.
2793 * Otherwise return false.
2794 * If this function returns true we know VFS unmount has been initiated.
2795 */
2796 boolean_t
zfs_get_vfs_flag_unmounted(objset_t * os)2797 zfs_get_vfs_flag_unmounted(objset_t *os)
2798 {
2799 zfsvfs_t *zfvp;
2800 boolean_t unmounted = B_FALSE;
2801
2802 ASSERT(dmu_objset_type(os) == DMU_OST_ZFS);
2803
2804 mutex_enter(&os->os_user_ptr_lock);
2805 zfvp = dmu_objset_get_user(os);
2806 if (zfvp != NULL && zfvp->z_vfs != NULL &&
2807 (zfvp->z_vfs->vfs_flag & VFS_UNMOUNTED))
2808 unmounted = B_TRUE;
2809 mutex_exit(&os->os_user_ptr_lock);
2810
2811 return (unmounted);
2812 }
2813
2814 static vfsdef_t vfw = {
2815 VFSDEF_VERSION,
2816 MNTTYPE_ZFS,
2817 zfs_vfsinit,
2818 VSW_HASPROTO|VSW_CANRWRO|VSW_CANREMOUNT|VSW_VOLATILEDEV|VSW_STATS|
2819 VSW_XID|VSW_ZMOUNT,
2820 &zfs_mntopts
2821 };
2822
2823 struct modlfs zfs_modlfs = {
2824 &mod_fsops, "ZFS filesystem version " SPA_VERSION_STRING, &vfw
2825 };
2826