1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or https://opensource.org/licenses/CDDL-1.0. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved. 24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 25 * Copyright (c) 2014, 2022 by Delphix. All rights reserved. 26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com> 27 * Copyright 2017 RackTop Systems. 28 * Copyright (c) 2018 Datto Inc. 29 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association. 30 */ 31 32 /* 33 * Routines to manage ZFS mounts. We separate all the nasty routines that have 34 * to deal with the OS. The following functions are the main entry points -- 35 * they are used by mount and unmount and when changing a filesystem's 36 * mountpoint. 37 * 38 * zfs_is_mounted() 39 * zfs_mount() 40 * zfs_mount_at() 41 * zfs_unmount() 42 * zfs_unmountall() 43 * 44 * This file also contains the functions used to manage sharing filesystems: 45 * 46 * zfs_is_shared() 47 * zfs_share() 48 * zfs_unshare() 49 * zfs_unshareall() 50 * zfs_commit_shares() 51 * 52 * The following functions are available for pool consumers, and will 53 * mount/unmount and share/unshare all datasets within pool: 54 * 55 * zpool_enable_datasets() 56 * zpool_disable_datasets() 57 */ 58 59 #include <dirent.h> 60 #include <dlfcn.h> 61 #include <errno.h> 62 #include <fcntl.h> 63 #include <libgen.h> 64 #include <libintl.h> 65 #include <stdio.h> 66 #include <stdlib.h> 67 #include <string.h> 68 #include <unistd.h> 69 #include <zone.h> 70 #include <sys/mntent.h> 71 #include <sys/mount.h> 72 #include <sys/stat.h> 73 #include <sys/vfs.h> 74 #include <sys/dsl_crypt.h> 75 76 #include <libzfs.h> 77 78 #include "libzfs_impl.h" 79 #include <thread_pool.h> 80 81 #include <libshare.h> 82 #include <sys/systeminfo.h> 83 #define MAXISALEN 257 /* based on sysinfo(2) man page */ 84 85 static int mount_tp_nthr = 512; /* tpool threads for multi-threaded mounting */ 86 87 static void zfs_mount_task(void *); 88 89 static const proto_table_t proto_table[SA_PROTOCOL_COUNT] = { 90 [SA_PROTOCOL_NFS] = 91 {ZFS_PROP_SHARENFS, EZFS_SHARENFSFAILED, EZFS_UNSHARENFSFAILED}, 92 [SA_PROTOCOL_SMB] = 93 {ZFS_PROP_SHARESMB, EZFS_SHARESMBFAILED, EZFS_UNSHARESMBFAILED}, 94 }; 95 96 static const enum sa_protocol share_all_proto[SA_PROTOCOL_COUNT + 1] = { 97 SA_PROTOCOL_NFS, 98 SA_PROTOCOL_SMB, 99 SA_NO_PROTOCOL 100 }; 101 102 103 104 static boolean_t 105 dir_is_empty_stat(const char *dirname) 106 { 107 struct stat st; 108 109 /* 110 * We only want to return false if the given path is a non empty 111 * directory, all other errors are handled elsewhere. 112 */ 113 if (stat(dirname, &st) < 0 || !S_ISDIR(st.st_mode)) { 114 return (B_TRUE); 115 } 116 117 /* 118 * An empty directory will still have two entries in it, one 119 * entry for each of "." and "..". 120 */ 121 if (st.st_size > 2) { 122 return (B_FALSE); 123 } 124 125 return (B_TRUE); 126 } 127 128 static boolean_t 129 dir_is_empty_readdir(const char *dirname) 130 { 131 DIR *dirp; 132 struct dirent64 *dp; 133 int dirfd; 134 135 if ((dirfd = openat(AT_FDCWD, dirname, 136 O_RDONLY | O_NDELAY | O_LARGEFILE | O_CLOEXEC, 0)) < 0) { 137 return (B_TRUE); 138 } 139 140 if ((dirp = fdopendir(dirfd)) == NULL) { 141 (void) close(dirfd); 142 return (B_TRUE); 143 } 144 145 while ((dp = readdir64(dirp)) != NULL) { 146 147 if (strcmp(dp->d_name, ".") == 0 || 148 strcmp(dp->d_name, "..") == 0) 149 continue; 150 151 (void) closedir(dirp); 152 return (B_FALSE); 153 } 154 155 (void) closedir(dirp); 156 return (B_TRUE); 157 } 158 159 /* 160 * Returns true if the specified directory is empty. If we can't open the 161 * directory at all, return true so that the mount can fail with a more 162 * informative error message. 163 */ 164 static boolean_t 165 dir_is_empty(const char *dirname) 166 { 167 struct statfs64 st; 168 169 /* 170 * If the statvfs call fails or the filesystem is not a ZFS 171 * filesystem, fall back to the slow path which uses readdir. 172 */ 173 if ((statfs64(dirname, &st) != 0) || 174 (st.f_type != ZFS_SUPER_MAGIC)) { 175 return (dir_is_empty_readdir(dirname)); 176 } 177 178 /* 179 * At this point, we know the provided path is on a ZFS 180 * filesystem, so we can use stat instead of readdir to 181 * determine if the directory is empty or not. We try to avoid 182 * using readdir because that requires opening "dirname"; this 183 * open file descriptor can potentially end up in a child 184 * process if there's a concurrent fork, thus preventing the 185 * zfs_mount() from otherwise succeeding (the open file 186 * descriptor inherited by the child process will cause the 187 * parent's mount to fail with EBUSY). The performance 188 * implications of replacing the open, read, and close with a 189 * single stat is nice; but is not the main motivation for the 190 * added complexity. 191 */ 192 return (dir_is_empty_stat(dirname)); 193 } 194 195 /* 196 * Checks to see if the mount is active. If the filesystem is mounted, we fill 197 * in 'where' with the current mountpoint, and return 1. Otherwise, we return 198 * 0. 199 */ 200 boolean_t 201 is_mounted(libzfs_handle_t *zfs_hdl, const char *special, char **where) 202 { 203 struct mnttab entry; 204 205 if (libzfs_mnttab_find(zfs_hdl, special, &entry) != 0) 206 return (B_FALSE); 207 208 if (where != NULL) 209 *where = zfs_strdup(zfs_hdl, entry.mnt_mountp); 210 211 return (B_TRUE); 212 } 213 214 boolean_t 215 zfs_is_mounted(zfs_handle_t *zhp, char **where) 216 { 217 return (is_mounted(zhp->zfs_hdl, zfs_get_name(zhp), where)); 218 } 219 220 /* 221 * Checks any higher order concerns about whether the given dataset is 222 * mountable, false otherwise. zfs_is_mountable_internal specifically assumes 223 * that the caller has verified the sanity of mounting the dataset at 224 * its mountpoint to the extent the caller wants. 225 */ 226 static boolean_t 227 zfs_is_mountable_internal(zfs_handle_t *zhp) 228 { 229 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED) && 230 getzoneid() == GLOBAL_ZONEID) 231 return (B_FALSE); 232 233 return (B_TRUE); 234 } 235 236 /* 237 * Returns true if the given dataset is mountable, false otherwise. Returns the 238 * mountpoint in 'buf'. 239 */ 240 static boolean_t 241 zfs_is_mountable(zfs_handle_t *zhp, char *buf, size_t buflen, 242 zprop_source_t *source, int flags) 243 { 244 char sourceloc[MAXNAMELEN]; 245 zprop_source_t sourcetype; 246 247 if (!zfs_prop_valid_for_type(ZFS_PROP_MOUNTPOINT, zhp->zfs_type, 248 B_FALSE)) 249 return (B_FALSE); 250 251 verify(zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, buf, buflen, 252 &sourcetype, sourceloc, sizeof (sourceloc), B_FALSE) == 0); 253 254 if (strcmp(buf, ZFS_MOUNTPOINT_NONE) == 0 || 255 strcmp(buf, ZFS_MOUNTPOINT_LEGACY) == 0) 256 return (B_FALSE); 257 258 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_OFF) 259 return (B_FALSE); 260 261 if (!zfs_is_mountable_internal(zhp)) 262 return (B_FALSE); 263 264 if (zfs_prop_get_int(zhp, ZFS_PROP_REDACTED) && !(flags & MS_FORCE)) 265 return (B_FALSE); 266 267 if (source) 268 *source = sourcetype; 269 270 return (B_TRUE); 271 } 272 273 /* 274 * The filesystem is mounted by invoking the system mount utility rather 275 * than by the system call mount(2). This ensures that the /etc/mtab 276 * file is correctly locked for the update. Performing our own locking 277 * and /etc/mtab update requires making an unsafe assumption about how 278 * the mount utility performs its locking. Unfortunately, this also means 279 * in the case of a mount failure we do not have the exact errno. We must 280 * make due with return value from the mount process. 281 * 282 * In the long term a shared library called libmount is under development 283 * which provides a common API to address the locking and errno issues. 284 * Once the standard mount utility has been updated to use this library 285 * we can add an autoconf check to conditionally use it. 286 * 287 * http://www.kernel.org/pub/linux/utils/util-linux/libmount-docs/index.html 288 */ 289 290 static int 291 zfs_add_option(zfs_handle_t *zhp, char *options, int len, 292 zfs_prop_t prop, const char *on, const char *off) 293 { 294 const char *source; 295 uint64_t value; 296 297 /* Skip adding duplicate default options */ 298 if ((strstr(options, on) != NULL) || (strstr(options, off) != NULL)) 299 return (0); 300 301 /* 302 * zfs_prop_get_int() is not used to ensure our mount options 303 * are not influenced by the current /proc/self/mounts contents. 304 */ 305 value = getprop_uint64(zhp, prop, &source); 306 307 (void) strlcat(options, ",", len); 308 (void) strlcat(options, value ? on : off, len); 309 310 return (0); 311 } 312 313 static int 314 zfs_add_options(zfs_handle_t *zhp, char *options, int len) 315 { 316 int error = 0; 317 318 error = zfs_add_option(zhp, options, len, 319 ZFS_PROP_ATIME, MNTOPT_ATIME, MNTOPT_NOATIME); 320 /* 321 * don't add relatime/strictatime when atime=off, otherwise strictatime 322 * will force atime=on 323 */ 324 if (strstr(options, MNTOPT_NOATIME) == NULL) { 325 error = zfs_add_option(zhp, options, len, 326 ZFS_PROP_RELATIME, MNTOPT_RELATIME, MNTOPT_STRICTATIME); 327 } 328 error = error ? error : zfs_add_option(zhp, options, len, 329 ZFS_PROP_DEVICES, MNTOPT_DEVICES, MNTOPT_NODEVICES); 330 error = error ? error : zfs_add_option(zhp, options, len, 331 ZFS_PROP_EXEC, MNTOPT_EXEC, MNTOPT_NOEXEC); 332 error = error ? error : zfs_add_option(zhp, options, len, 333 ZFS_PROP_READONLY, MNTOPT_RO, MNTOPT_RW); 334 error = error ? error : zfs_add_option(zhp, options, len, 335 ZFS_PROP_SETUID, MNTOPT_SETUID, MNTOPT_NOSETUID); 336 error = error ? error : zfs_add_option(zhp, options, len, 337 ZFS_PROP_NBMAND, MNTOPT_NBMAND, MNTOPT_NONBMAND); 338 339 return (error); 340 } 341 342 int 343 zfs_mount(zfs_handle_t *zhp, const char *options, int flags) 344 { 345 char mountpoint[ZFS_MAXPROPLEN]; 346 347 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL, 348 flags)) 349 return (0); 350 351 return (zfs_mount_at(zhp, options, flags, mountpoint)); 352 } 353 354 /* 355 * Mount the given filesystem. 356 */ 357 int 358 zfs_mount_at(zfs_handle_t *zhp, const char *options, int flags, 359 const char *mountpoint) 360 { 361 struct stat buf; 362 char mntopts[MNT_LINE_MAX]; 363 char overlay[ZFS_MAXPROPLEN]; 364 char prop_encroot[MAXNAMELEN]; 365 boolean_t is_encroot; 366 zfs_handle_t *encroot_hp = zhp; 367 libzfs_handle_t *hdl = zhp->zfs_hdl; 368 uint64_t keystatus; 369 int remount = 0, rc; 370 371 if (options == NULL) { 372 (void) strlcpy(mntopts, MNTOPT_DEFAULTS, sizeof (mntopts)); 373 } else { 374 (void) strlcpy(mntopts, options, sizeof (mntopts)); 375 } 376 377 if (strstr(mntopts, MNTOPT_REMOUNT) != NULL) 378 remount = 1; 379 380 /* Potentially duplicates some checks if invoked by zfs_mount(). */ 381 if (!zfs_is_mountable_internal(zhp)) 382 return (0); 383 384 /* 385 * If the pool is imported read-only then all mounts must be read-only 386 */ 387 if (zpool_get_prop_int(zhp->zpool_hdl, ZPOOL_PROP_READONLY, NULL)) 388 (void) strlcat(mntopts, "," MNTOPT_RO, sizeof (mntopts)); 389 390 /* 391 * Append default mount options which apply to the mount point. 392 * This is done because under Linux (unlike Solaris) multiple mount 393 * points may reference a single super block. This means that just 394 * given a super block there is no back reference to update the per 395 * mount point options. 396 */ 397 rc = zfs_add_options(zhp, mntopts, sizeof (mntopts)); 398 if (rc) { 399 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 400 "default options unavailable")); 401 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, 402 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), 403 mountpoint)); 404 } 405 406 /* 407 * If the filesystem is encrypted the key must be loaded in order to 408 * mount. If the key isn't loaded, the MS_CRYPT flag decides whether 409 * or not we attempt to load the keys. Note: we must call 410 * zfs_refresh_properties() here since some callers of this function 411 * (most notably zpool_enable_datasets()) may implicitly load our key 412 * by loading the parent's key first. 413 */ 414 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) { 415 zfs_refresh_properties(zhp); 416 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS); 417 418 /* 419 * If the key is unavailable and MS_CRYPT is set give the 420 * user a chance to enter the key. Otherwise just fail 421 * immediately. 422 */ 423 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) { 424 if (flags & MS_CRYPT) { 425 rc = zfs_crypto_get_encryption_root(zhp, 426 &is_encroot, prop_encroot); 427 if (rc) { 428 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 429 "Failed to get encryption root for " 430 "'%s'."), zfs_get_name(zhp)); 431 return (rc); 432 } 433 434 if (!is_encroot) { 435 encroot_hp = zfs_open(hdl, prop_encroot, 436 ZFS_TYPE_DATASET); 437 if (encroot_hp == NULL) 438 return (hdl->libzfs_error); 439 } 440 441 rc = zfs_crypto_load_key(encroot_hp, 442 B_FALSE, NULL); 443 444 if (!is_encroot) 445 zfs_close(encroot_hp); 446 if (rc) 447 return (rc); 448 } else { 449 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 450 "encryption key not loaded")); 451 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, 452 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), 453 mountpoint)); 454 } 455 } 456 457 } 458 459 /* 460 * Append zfsutil option so the mount helper allow the mount 461 */ 462 strlcat(mntopts, "," MNTOPT_ZFSUTIL, sizeof (mntopts)); 463 464 /* Create the directory if it doesn't already exist */ 465 if (lstat(mountpoint, &buf) != 0) { 466 if (mkdirp(mountpoint, 0755) != 0) { 467 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 468 "failed to create mountpoint: %s"), 469 strerror(errno)); 470 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, 471 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), 472 mountpoint)); 473 } 474 } 475 476 /* 477 * Overlay mounts are enabled by default but may be disabled 478 * via the 'overlay' property. The -O flag remains for compatibility. 479 */ 480 if (!(flags & MS_OVERLAY)) { 481 if (zfs_prop_get(zhp, ZFS_PROP_OVERLAY, overlay, 482 sizeof (overlay), NULL, NULL, 0, B_FALSE) == 0) { 483 if (strcmp(overlay, "on") == 0) { 484 flags |= MS_OVERLAY; 485 } 486 } 487 } 488 489 /* 490 * Determine if the mountpoint is empty. If so, refuse to perform the 491 * mount. We don't perform this check if 'remount' is 492 * specified or if overlay option (-O) is given 493 */ 494 if ((flags & MS_OVERLAY) == 0 && !remount && 495 !dir_is_empty(mountpoint)) { 496 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 497 "directory is not empty")); 498 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, 499 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint)); 500 } 501 502 /* perform the mount */ 503 rc = do_mount(zhp, mountpoint, mntopts, flags); 504 if (rc) { 505 /* 506 * Generic errors are nasty, but there are just way too many 507 * from mount(), and they're well-understood. We pick a few 508 * common ones to improve upon. 509 */ 510 if (rc == EBUSY) { 511 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 512 "mountpoint or dataset is busy")); 513 } else if (rc == EPERM) { 514 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 515 "Insufficient privileges")); 516 } else if (rc == ENOTSUP) { 517 int spa_version; 518 519 VERIFY(zfs_spa_version(zhp, &spa_version) == 0); 520 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 521 "Can't mount a version %llu " 522 "file system on a version %d pool. Pool must be" 523 " upgraded to mount this file system."), 524 (u_longlong_t)zfs_prop_get_int(zhp, 525 ZFS_PROP_VERSION), spa_version); 526 } else { 527 zfs_error_aux(hdl, "%s", strerror(rc)); 528 } 529 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED, 530 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), 531 zhp->zfs_name)); 532 } 533 534 /* remove the mounted entry before re-adding on remount */ 535 if (remount) 536 libzfs_mnttab_remove(hdl, zhp->zfs_name); 537 538 /* add the mounted entry into our cache */ 539 libzfs_mnttab_add(hdl, zfs_get_name(zhp), mountpoint, mntopts); 540 return (0); 541 } 542 543 /* 544 * Unmount a single filesystem. 545 */ 546 static int 547 unmount_one(zfs_handle_t *zhp, const char *mountpoint, int flags) 548 { 549 int error; 550 551 error = do_unmount(zhp, mountpoint, flags); 552 if (error != 0) { 553 int libzfs_err; 554 555 switch (error) { 556 case EBUSY: 557 libzfs_err = EZFS_BUSY; 558 break; 559 case EIO: 560 libzfs_err = EZFS_IO; 561 break; 562 case ENOENT: 563 libzfs_err = EZFS_NOENT; 564 break; 565 case ENOMEM: 566 libzfs_err = EZFS_NOMEM; 567 break; 568 case EPERM: 569 libzfs_err = EZFS_PERM; 570 break; 571 default: 572 libzfs_err = EZFS_UMOUNTFAILED; 573 } 574 if (zhp) { 575 return (zfs_error_fmt(zhp->zfs_hdl, libzfs_err, 576 dgettext(TEXT_DOMAIN, "cannot unmount '%s'"), 577 mountpoint)); 578 } else { 579 return (-1); 580 } 581 } 582 583 return (0); 584 } 585 586 /* 587 * Unmount the given filesystem. 588 */ 589 int 590 zfs_unmount(zfs_handle_t *zhp, const char *mountpoint, int flags) 591 { 592 libzfs_handle_t *hdl = zhp->zfs_hdl; 593 struct mnttab entry; 594 char *mntpt = NULL; 595 boolean_t encroot, unmounted = B_FALSE; 596 597 /* check to see if we need to unmount the filesystem */ 598 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) && 599 libzfs_mnttab_find(hdl, zhp->zfs_name, &entry) == 0)) { 600 /* 601 * mountpoint may have come from a call to 602 * getmnt/getmntany if it isn't NULL. If it is NULL, 603 * we know it comes from libzfs_mnttab_find which can 604 * then get freed later. We strdup it to play it safe. 605 */ 606 if (mountpoint == NULL) 607 mntpt = zfs_strdup(hdl, entry.mnt_mountp); 608 else 609 mntpt = zfs_strdup(hdl, mountpoint); 610 611 /* 612 * Unshare and unmount the filesystem 613 */ 614 if (zfs_unshare(zhp, mntpt, share_all_proto) != 0) { 615 free(mntpt); 616 return (-1); 617 } 618 zfs_commit_shares(NULL); 619 620 if (unmount_one(zhp, mntpt, flags) != 0) { 621 free(mntpt); 622 (void) zfs_share(zhp, NULL); 623 zfs_commit_shares(NULL); 624 return (-1); 625 } 626 627 libzfs_mnttab_remove(hdl, zhp->zfs_name); 628 free(mntpt); 629 unmounted = B_TRUE; 630 } 631 632 /* 633 * If the MS_CRYPT flag is provided we must ensure we attempt to 634 * unload the dataset's key regardless of whether we did any work 635 * to unmount it. We only do this for encryption roots. 636 */ 637 if ((flags & MS_CRYPT) != 0 && 638 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) { 639 zfs_refresh_properties(zhp); 640 641 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0 && 642 unmounted) { 643 (void) zfs_mount(zhp, NULL, 0); 644 return (-1); 645 } 646 647 if (encroot && zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) == 648 ZFS_KEYSTATUS_AVAILABLE && 649 zfs_crypto_unload_key(zhp) != 0) { 650 (void) zfs_mount(zhp, NULL, 0); 651 return (-1); 652 } 653 } 654 655 zpool_disable_volume_os(zhp->zfs_name); 656 657 return (0); 658 } 659 660 /* 661 * Unmount this filesystem and any children inheriting the mountpoint property. 662 * To do this, just act like we're changing the mountpoint property, but don't 663 * remount the filesystems afterwards. 664 */ 665 int 666 zfs_unmountall(zfs_handle_t *zhp, int flags) 667 { 668 prop_changelist_t *clp; 669 int ret; 670 671 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT, 672 CL_GATHER_ITER_MOUNTED, flags); 673 if (clp == NULL) 674 return (-1); 675 676 ret = changelist_prefix(clp); 677 changelist_free(clp); 678 679 return (ret); 680 } 681 682 /* 683 * Unshare a filesystem by mountpoint. 684 */ 685 static int 686 unshare_one(libzfs_handle_t *hdl, const char *name, const char *mountpoint, 687 enum sa_protocol proto) 688 { 689 int err = sa_disable_share(mountpoint, proto); 690 if (err != SA_OK) 691 return (zfs_error_fmt(hdl, proto_table[proto].p_unshare_err, 692 dgettext(TEXT_DOMAIN, "cannot unshare '%s': %s"), 693 name, sa_errorstr(err))); 694 695 return (0); 696 } 697 698 /* 699 * Share the given filesystem according to the options in the specified 700 * protocol specific properties (sharenfs, sharesmb). We rely 701 * on "libshare" to do the dirty work for us. 702 */ 703 int 704 zfs_share(zfs_handle_t *zhp, const enum sa_protocol *proto) 705 { 706 char mountpoint[ZFS_MAXPROPLEN]; 707 char shareopts[ZFS_MAXPROPLEN]; 708 char sourcestr[ZFS_MAXPROPLEN]; 709 const enum sa_protocol *curr_proto; 710 zprop_source_t sourcetype; 711 int err = 0; 712 713 if (proto == NULL) 714 proto = share_all_proto; 715 716 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL, 0)) 717 return (0); 718 719 for (curr_proto = proto; *curr_proto != SA_NO_PROTOCOL; curr_proto++) { 720 /* 721 * Return success if there are no share options. 722 */ 723 if (zfs_prop_get(zhp, proto_table[*curr_proto].p_prop, 724 shareopts, sizeof (shareopts), &sourcetype, sourcestr, 725 ZFS_MAXPROPLEN, B_FALSE) != 0 || 726 strcmp(shareopts, "off") == 0) 727 continue; 728 729 /* 730 * If the 'zoned' property is set, then zfs_is_mountable() 731 * will have already bailed out if we are in the global zone. 732 * But local zones cannot be NFS servers, so we ignore it for 733 * local zones as well. 734 */ 735 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) 736 continue; 737 738 err = sa_enable_share(zfs_get_name(zhp), mountpoint, shareopts, 739 *curr_proto); 740 if (err != SA_OK) { 741 return (zfs_error_fmt(zhp->zfs_hdl, 742 proto_table[*curr_proto].p_share_err, 743 dgettext(TEXT_DOMAIN, "cannot share '%s: %s'"), 744 zfs_get_name(zhp), sa_errorstr(err))); 745 } 746 747 } 748 return (0); 749 } 750 751 /* 752 * Check to see if the filesystem is currently shared. 753 */ 754 boolean_t 755 zfs_is_shared(zfs_handle_t *zhp, char **where, 756 const enum sa_protocol *proto) 757 { 758 char *mountpoint; 759 if (proto == NULL) 760 proto = share_all_proto; 761 762 if (ZFS_IS_VOLUME(zhp)) 763 return (B_FALSE); 764 765 if (!zfs_is_mounted(zhp, &mountpoint)) 766 return (B_FALSE); 767 768 for (const enum sa_protocol *p = proto; *p != SA_NO_PROTOCOL; ++p) 769 if (sa_is_shared(mountpoint, *p)) { 770 if (where != NULL) 771 *where = mountpoint; 772 else 773 free(mountpoint); 774 return (B_TRUE); 775 } 776 777 free(mountpoint); 778 return (B_FALSE); 779 } 780 781 void 782 zfs_commit_shares(const enum sa_protocol *proto) 783 { 784 if (proto == NULL) 785 proto = share_all_proto; 786 787 for (const enum sa_protocol *p = proto; *p != SA_NO_PROTOCOL; ++p) 788 sa_commit_shares(*p); 789 } 790 791 void 792 zfs_truncate_shares(const enum sa_protocol *proto) 793 { 794 if (proto == NULL) 795 proto = share_all_proto; 796 797 for (const enum sa_protocol *p = proto; *p != SA_NO_PROTOCOL; ++p) 798 sa_truncate_shares(*p); 799 } 800 801 /* 802 * Unshare the given filesystem. 803 */ 804 int 805 zfs_unshare(zfs_handle_t *zhp, const char *mountpoint, 806 const enum sa_protocol *proto) 807 { 808 libzfs_handle_t *hdl = zhp->zfs_hdl; 809 struct mnttab entry; 810 811 if (proto == NULL) 812 proto = share_all_proto; 813 814 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) && 815 libzfs_mnttab_find(hdl, zfs_get_name(zhp), &entry) == 0)) { 816 817 /* check to see if need to unmount the filesystem */ 818 const char *mntpt = mountpoint ?: entry.mnt_mountp; 819 820 for (const enum sa_protocol *curr_proto = proto; 821 *curr_proto != SA_NO_PROTOCOL; curr_proto++) 822 if (sa_is_shared(mntpt, *curr_proto) && 823 unshare_one(hdl, zhp->zfs_name, 824 mntpt, *curr_proto) != 0) 825 return (-1); 826 } 827 828 return (0); 829 } 830 831 /* 832 * Same as zfs_unmountall(), but for NFS and SMB unshares. 833 */ 834 int 835 zfs_unshareall(zfs_handle_t *zhp, const enum sa_protocol *proto) 836 { 837 prop_changelist_t *clp; 838 int ret; 839 840 if (proto == NULL) 841 proto = share_all_proto; 842 843 clp = changelist_gather(zhp, ZFS_PROP_SHARENFS, 0, 0); 844 if (clp == NULL) 845 return (-1); 846 847 ret = changelist_unshare(clp, proto); 848 changelist_free(clp); 849 850 return (ret); 851 } 852 853 /* 854 * Remove the mountpoint associated with the current dataset, if necessary. 855 * We only remove the underlying directory if: 856 * 857 * - The mountpoint is not 'none' or 'legacy' 858 * - The mountpoint is non-empty 859 * - The mountpoint is the default or inherited 860 * - The 'zoned' property is set, or we're in a local zone 861 * 862 * Any other directories we leave alone. 863 */ 864 void 865 remove_mountpoint(zfs_handle_t *zhp) 866 { 867 char mountpoint[ZFS_MAXPROPLEN]; 868 zprop_source_t source; 869 870 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), 871 &source, 0)) 872 return; 873 874 if (source == ZPROP_SRC_DEFAULT || 875 source == ZPROP_SRC_INHERITED) { 876 /* 877 * Try to remove the directory, silently ignoring any errors. 878 * The filesystem may have since been removed or moved around, 879 * and this error isn't really useful to the administrator in 880 * any way. 881 */ 882 (void) rmdir(mountpoint); 883 } 884 } 885 886 /* 887 * Add the given zfs handle to the cb_handles array, dynamically reallocating 888 * the array if it is out of space. 889 */ 890 void 891 libzfs_add_handle(get_all_cb_t *cbp, zfs_handle_t *zhp) 892 { 893 if (cbp->cb_alloc == cbp->cb_used) { 894 size_t newsz; 895 zfs_handle_t **newhandles; 896 897 newsz = cbp->cb_alloc != 0 ? cbp->cb_alloc * 2 : 64; 898 newhandles = zfs_realloc(zhp->zfs_hdl, 899 cbp->cb_handles, cbp->cb_alloc * sizeof (zfs_handle_t *), 900 newsz * sizeof (zfs_handle_t *)); 901 cbp->cb_handles = newhandles; 902 cbp->cb_alloc = newsz; 903 } 904 cbp->cb_handles[cbp->cb_used++] = zhp; 905 } 906 907 /* 908 * Recursive helper function used during file system enumeration 909 */ 910 static int 911 zfs_iter_cb(zfs_handle_t *zhp, void *data) 912 { 913 get_all_cb_t *cbp = data; 914 915 if (!(zfs_get_type(zhp) & ZFS_TYPE_FILESYSTEM)) { 916 zfs_close(zhp); 917 return (0); 918 } 919 920 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_NOAUTO) { 921 zfs_close(zhp); 922 return (0); 923 } 924 925 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) == 926 ZFS_KEYSTATUS_UNAVAILABLE) { 927 zfs_close(zhp); 928 return (0); 929 } 930 931 /* 932 * If this filesystem is inconsistent and has a receive resume 933 * token, we can not mount it. 934 */ 935 if (zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT) && 936 zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN, 937 NULL, 0, NULL, NULL, 0, B_TRUE) == 0) { 938 zfs_close(zhp); 939 return (0); 940 } 941 942 libzfs_add_handle(cbp, zhp); 943 if (zfs_iter_filesystems_v2(zhp, 0, zfs_iter_cb, cbp) != 0) { 944 zfs_close(zhp); 945 return (-1); 946 } 947 return (0); 948 } 949 950 /* 951 * Sort comparator that compares two mountpoint paths. We sort these paths so 952 * that subdirectories immediately follow their parents. This means that we 953 * effectively treat the '/' character as the lowest value non-nul char. 954 * Since filesystems from non-global zones can have the same mountpoint 955 * as other filesystems, the comparator sorts global zone filesystems to 956 * the top of the list. This means that the global zone will traverse the 957 * filesystem list in the correct order and can stop when it sees the 958 * first zoned filesystem. In a non-global zone, only the delegated 959 * filesystems are seen. 960 * 961 * An example sorted list using this comparator would look like: 962 * 963 * /foo 964 * /foo/bar 965 * /foo/bar/baz 966 * /foo/baz 967 * /foo.bar 968 * /foo (NGZ1) 969 * /foo (NGZ2) 970 * 971 * The mounting code depends on this ordering to deterministically iterate 972 * over filesystems in order to spawn parallel mount tasks. 973 */ 974 static int 975 mountpoint_cmp(const void *arga, const void *argb) 976 { 977 zfs_handle_t *const *zap = arga; 978 zfs_handle_t *za = *zap; 979 zfs_handle_t *const *zbp = argb; 980 zfs_handle_t *zb = *zbp; 981 char mounta[MAXPATHLEN]; 982 char mountb[MAXPATHLEN]; 983 const char *a = mounta; 984 const char *b = mountb; 985 boolean_t gota, gotb; 986 uint64_t zoneda, zonedb; 987 988 zoneda = zfs_prop_get_int(za, ZFS_PROP_ZONED); 989 zonedb = zfs_prop_get_int(zb, ZFS_PROP_ZONED); 990 if (zoneda && !zonedb) 991 return (1); 992 if (!zoneda && zonedb) 993 return (-1); 994 995 gota = (zfs_get_type(za) == ZFS_TYPE_FILESYSTEM); 996 if (gota) { 997 verify(zfs_prop_get(za, ZFS_PROP_MOUNTPOINT, mounta, 998 sizeof (mounta), NULL, NULL, 0, B_FALSE) == 0); 999 } 1000 gotb = (zfs_get_type(zb) == ZFS_TYPE_FILESYSTEM); 1001 if (gotb) { 1002 verify(zfs_prop_get(zb, ZFS_PROP_MOUNTPOINT, mountb, 1003 sizeof (mountb), NULL, NULL, 0, B_FALSE) == 0); 1004 } 1005 1006 if (gota && gotb) { 1007 while (*a != '\0' && (*a == *b)) { 1008 a++; 1009 b++; 1010 } 1011 if (*a == *b) 1012 return (0); 1013 if (*a == '\0') 1014 return (-1); 1015 if (*b == '\0') 1016 return (1); 1017 if (*a == '/') 1018 return (-1); 1019 if (*b == '/') 1020 return (1); 1021 return (*a < *b ? -1 : *a > *b); 1022 } 1023 1024 if (gota) 1025 return (-1); 1026 if (gotb) 1027 return (1); 1028 1029 /* 1030 * If neither filesystem has a mountpoint, revert to sorting by 1031 * dataset name. 1032 */ 1033 return (strcmp(zfs_get_name(za), zfs_get_name(zb))); 1034 } 1035 1036 /* 1037 * Return true if path2 is a child of path1 or path2 equals path1 or 1038 * path1 is "/" (path2 is always a child of "/"). 1039 */ 1040 static boolean_t 1041 libzfs_path_contains(const char *path1, const char *path2) 1042 { 1043 return (strcmp(path1, path2) == 0 || strcmp(path1, "/") == 0 || 1044 (strstr(path2, path1) == path2 && path2[strlen(path1)] == '/')); 1045 } 1046 1047 /* 1048 * Given a mountpoint specified by idx in the handles array, find the first 1049 * non-descendent of that mountpoint and return its index. Descendant paths 1050 * start with the parent's path. This function relies on the ordering 1051 * enforced by mountpoint_cmp(). 1052 */ 1053 static int 1054 non_descendant_idx(zfs_handle_t **handles, size_t num_handles, int idx) 1055 { 1056 char parent[ZFS_MAXPROPLEN]; 1057 char child[ZFS_MAXPROPLEN]; 1058 int i; 1059 1060 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, parent, 1061 sizeof (parent), NULL, NULL, 0, B_FALSE) == 0); 1062 1063 for (i = idx + 1; i < num_handles; i++) { 1064 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT, child, 1065 sizeof (child), NULL, NULL, 0, B_FALSE) == 0); 1066 if (!libzfs_path_contains(parent, child)) 1067 break; 1068 } 1069 return (i); 1070 } 1071 1072 typedef struct mnt_param { 1073 libzfs_handle_t *mnt_hdl; 1074 tpool_t *mnt_tp; 1075 zfs_handle_t **mnt_zhps; /* filesystems to mount */ 1076 size_t mnt_num_handles; 1077 int mnt_idx; /* Index of selected entry to mount */ 1078 zfs_iter_f mnt_func; 1079 void *mnt_data; 1080 } mnt_param_t; 1081 1082 /* 1083 * Allocate and populate the parameter struct for mount function, and 1084 * schedule mounting of the entry selected by idx. 1085 */ 1086 static void 1087 zfs_dispatch_mount(libzfs_handle_t *hdl, zfs_handle_t **handles, 1088 size_t num_handles, int idx, zfs_iter_f func, void *data, tpool_t *tp) 1089 { 1090 mnt_param_t *mnt_param = zfs_alloc(hdl, sizeof (mnt_param_t)); 1091 1092 mnt_param->mnt_hdl = hdl; 1093 mnt_param->mnt_tp = tp; 1094 mnt_param->mnt_zhps = handles; 1095 mnt_param->mnt_num_handles = num_handles; 1096 mnt_param->mnt_idx = idx; 1097 mnt_param->mnt_func = func; 1098 mnt_param->mnt_data = data; 1099 1100 (void) tpool_dispatch(tp, zfs_mount_task, (void*)mnt_param); 1101 } 1102 1103 /* 1104 * This is the structure used to keep state of mounting or sharing operations 1105 * during a call to zpool_enable_datasets(). 1106 */ 1107 typedef struct mount_state { 1108 /* 1109 * ms_mntstatus is set to -1 if any mount fails. While multiple threads 1110 * could update this variable concurrently, no synchronization is 1111 * needed as it's only ever set to -1. 1112 */ 1113 int ms_mntstatus; 1114 int ms_mntflags; 1115 const char *ms_mntopts; 1116 } mount_state_t; 1117 1118 static int 1119 zfs_mount_one(zfs_handle_t *zhp, void *arg) 1120 { 1121 mount_state_t *ms = arg; 1122 int ret = 0; 1123 1124 /* 1125 * don't attempt to mount encrypted datasets with 1126 * unloaded keys 1127 */ 1128 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) == 1129 ZFS_KEYSTATUS_UNAVAILABLE) 1130 return (0); 1131 1132 if (zfs_mount(zhp, ms->ms_mntopts, ms->ms_mntflags) != 0) 1133 ret = ms->ms_mntstatus = -1; 1134 return (ret); 1135 } 1136 1137 static int 1138 zfs_share_one(zfs_handle_t *zhp, void *arg) 1139 { 1140 mount_state_t *ms = arg; 1141 int ret = 0; 1142 1143 if (zfs_share(zhp, NULL) != 0) 1144 ret = ms->ms_mntstatus = -1; 1145 return (ret); 1146 } 1147 1148 /* 1149 * Thread pool function to mount one file system. On completion, it finds and 1150 * schedules its children to be mounted. This depends on the sorting done in 1151 * zfs_foreach_mountpoint(). Note that the degenerate case (chain of entries 1152 * each descending from the previous) will have no parallelism since we always 1153 * have to wait for the parent to finish mounting before we can schedule 1154 * its children. 1155 */ 1156 static void 1157 zfs_mount_task(void *arg) 1158 { 1159 mnt_param_t *mp = arg; 1160 int idx = mp->mnt_idx; 1161 zfs_handle_t **handles = mp->mnt_zhps; 1162 size_t num_handles = mp->mnt_num_handles; 1163 char mountpoint[ZFS_MAXPROPLEN]; 1164 1165 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, mountpoint, 1166 sizeof (mountpoint), NULL, NULL, 0, B_FALSE) == 0); 1167 1168 if (mp->mnt_func(handles[idx], mp->mnt_data) != 0) 1169 goto out; 1170 1171 /* 1172 * We dispatch tasks to mount filesystems with mountpoints underneath 1173 * this one. We do this by dispatching the next filesystem with a 1174 * descendant mountpoint of the one we just mounted, then skip all of 1175 * its descendants, dispatch the next descendant mountpoint, and so on. 1176 * The non_descendant_idx() function skips over filesystems that are 1177 * descendants of the filesystem we just dispatched. 1178 */ 1179 for (int i = idx + 1; i < num_handles; 1180 i = non_descendant_idx(handles, num_handles, i)) { 1181 char child[ZFS_MAXPROPLEN]; 1182 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT, 1183 child, sizeof (child), NULL, NULL, 0, B_FALSE) == 0); 1184 1185 if (!libzfs_path_contains(mountpoint, child)) 1186 break; /* not a descendant, return */ 1187 zfs_dispatch_mount(mp->mnt_hdl, handles, num_handles, i, 1188 mp->mnt_func, mp->mnt_data, mp->mnt_tp); 1189 } 1190 1191 out: 1192 free(mp); 1193 } 1194 1195 /* 1196 * Issue the func callback for each ZFS handle contained in the handles 1197 * array. This function is used to mount all datasets, and so this function 1198 * guarantees that filesystems for parent mountpoints are called before their 1199 * children. As such, before issuing any callbacks, we first sort the array 1200 * of handles by mountpoint. 1201 * 1202 * Callbacks are issued in one of two ways: 1203 * 1204 * 1. Sequentially: If the parallel argument is B_FALSE or the ZFS_SERIAL_MOUNT 1205 * environment variable is set, then we issue callbacks sequentially. 1206 * 1207 * 2. In parallel: If the parallel argument is B_TRUE and the ZFS_SERIAL_MOUNT 1208 * environment variable is not set, then we use a tpool to dispatch threads 1209 * to mount filesystems in parallel. This function dispatches tasks to mount 1210 * the filesystems at the top-level mountpoints, and these tasks in turn 1211 * are responsible for recursively mounting filesystems in their children 1212 * mountpoints. 1213 */ 1214 void 1215 zfs_foreach_mountpoint(libzfs_handle_t *hdl, zfs_handle_t **handles, 1216 size_t num_handles, zfs_iter_f func, void *data, boolean_t parallel) 1217 { 1218 zoneid_t zoneid = getzoneid(); 1219 1220 /* 1221 * The ZFS_SERIAL_MOUNT environment variable is an undocumented 1222 * variable that can be used as a convenience to do a/b comparison 1223 * of serial vs. parallel mounting. 1224 */ 1225 boolean_t serial_mount = !parallel || 1226 (getenv("ZFS_SERIAL_MOUNT") != NULL); 1227 1228 /* 1229 * Sort the datasets by mountpoint. See mountpoint_cmp for details 1230 * of how these are sorted. 1231 */ 1232 qsort(handles, num_handles, sizeof (zfs_handle_t *), mountpoint_cmp); 1233 1234 if (serial_mount) { 1235 for (int i = 0; i < num_handles; i++) { 1236 func(handles[i], data); 1237 } 1238 return; 1239 } 1240 1241 /* 1242 * Issue the callback function for each dataset using a parallel 1243 * algorithm that uses a thread pool to manage threads. 1244 */ 1245 tpool_t *tp = tpool_create(1, mount_tp_nthr, 0, NULL); 1246 1247 /* 1248 * There may be multiple "top level" mountpoints outside of the pool's 1249 * root mountpoint, e.g.: /foo /bar. Dispatch a mount task for each of 1250 * these. 1251 */ 1252 for (int i = 0; i < num_handles; 1253 i = non_descendant_idx(handles, num_handles, i)) { 1254 /* 1255 * Since the mountpoints have been sorted so that the zoned 1256 * filesystems are at the end, a zoned filesystem seen from 1257 * the global zone means that we're done. 1258 */ 1259 if (zoneid == GLOBAL_ZONEID && 1260 zfs_prop_get_int(handles[i], ZFS_PROP_ZONED)) 1261 break; 1262 zfs_dispatch_mount(hdl, handles, num_handles, i, func, data, 1263 tp); 1264 } 1265 1266 tpool_wait(tp); /* wait for all scheduled mounts to complete */ 1267 tpool_destroy(tp); 1268 } 1269 1270 /* 1271 * Mount and share all datasets within the given pool. This assumes that no 1272 * datasets within the pool are currently mounted. 1273 */ 1274 int 1275 zpool_enable_datasets(zpool_handle_t *zhp, const char *mntopts, int flags) 1276 { 1277 get_all_cb_t cb = { 0 }; 1278 mount_state_t ms = { 0 }; 1279 zfs_handle_t *zfsp; 1280 int ret = 0; 1281 1282 if ((zfsp = zfs_open(zhp->zpool_hdl, zhp->zpool_name, 1283 ZFS_TYPE_DATASET)) == NULL) 1284 goto out; 1285 1286 /* 1287 * Gather all non-snapshot datasets within the pool. Start by adding 1288 * the root filesystem for this pool to the list, and then iterate 1289 * over all child filesystems. 1290 */ 1291 libzfs_add_handle(&cb, zfsp); 1292 if (zfs_iter_filesystems_v2(zfsp, 0, zfs_iter_cb, &cb) != 0) 1293 goto out; 1294 1295 /* 1296 * Mount all filesystems 1297 */ 1298 ms.ms_mntopts = mntopts; 1299 ms.ms_mntflags = flags; 1300 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used, 1301 zfs_mount_one, &ms, B_TRUE); 1302 if (ms.ms_mntstatus != 0) 1303 ret = EZFS_MOUNTFAILED; 1304 1305 /* 1306 * Share all filesystems that need to be shared. This needs to be 1307 * a separate pass because libshare is not mt-safe, and so we need 1308 * to share serially. 1309 */ 1310 ms.ms_mntstatus = 0; 1311 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used, 1312 zfs_share_one, &ms, B_FALSE); 1313 if (ms.ms_mntstatus != 0) 1314 ret = EZFS_SHAREFAILED; 1315 else 1316 zfs_commit_shares(NULL); 1317 1318 out: 1319 for (int i = 0; i < cb.cb_used; i++) 1320 zfs_close(cb.cb_handles[i]); 1321 free(cb.cb_handles); 1322 1323 return (ret); 1324 } 1325 1326 struct sets_s { 1327 char *mountpoint; 1328 zfs_handle_t *dataset; 1329 }; 1330 1331 static int 1332 mountpoint_compare(const void *a, const void *b) 1333 { 1334 const struct sets_s *mounta = (struct sets_s *)a; 1335 const struct sets_s *mountb = (struct sets_s *)b; 1336 1337 return (strcmp(mountb->mountpoint, mounta->mountpoint)); 1338 } 1339 1340 /* 1341 * Unshare and unmount all datasets within the given pool. We don't want to 1342 * rely on traversing the DSL to discover the filesystems within the pool, 1343 * because this may be expensive (if not all of them are mounted), and can fail 1344 * arbitrarily (on I/O error, for example). Instead, we walk /proc/self/mounts 1345 * and gather all the filesystems that are currently mounted. 1346 */ 1347 int 1348 zpool_disable_datasets(zpool_handle_t *zhp, boolean_t force) 1349 { 1350 int used, alloc; 1351 FILE *mnttab; 1352 struct mnttab entry; 1353 size_t namelen; 1354 struct sets_s *sets = NULL; 1355 libzfs_handle_t *hdl = zhp->zpool_hdl; 1356 int i; 1357 int ret = -1; 1358 int flags = (force ? MS_FORCE : 0); 1359 1360 namelen = strlen(zhp->zpool_name); 1361 1362 if ((mnttab = fopen(MNTTAB, "re")) == NULL) 1363 return (ENOENT); 1364 1365 used = alloc = 0; 1366 while (getmntent(mnttab, &entry) == 0) { 1367 /* 1368 * Ignore non-ZFS entries. 1369 */ 1370 if (entry.mnt_fstype == NULL || 1371 strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0) 1372 continue; 1373 1374 /* 1375 * Ignore filesystems not within this pool. 1376 */ 1377 if (entry.mnt_mountp == NULL || 1378 strncmp(entry.mnt_special, zhp->zpool_name, namelen) != 0 || 1379 (entry.mnt_special[namelen] != '/' && 1380 entry.mnt_special[namelen] != '\0')) 1381 continue; 1382 1383 /* 1384 * At this point we've found a filesystem within our pool. Add 1385 * it to our growing list. 1386 */ 1387 if (used == alloc) { 1388 if (alloc == 0) { 1389 sets = zfs_alloc(hdl, 1390 8 * sizeof (struct sets_s)); 1391 alloc = 8; 1392 } else { 1393 sets = zfs_realloc(hdl, sets, 1394 alloc * sizeof (struct sets_s), 1395 alloc * 2 * sizeof (struct sets_s)); 1396 1397 alloc *= 2; 1398 } 1399 } 1400 1401 sets[used].mountpoint = zfs_strdup(hdl, entry.mnt_mountp); 1402 1403 /* 1404 * This is allowed to fail, in case there is some I/O error. It 1405 * is only used to determine if we need to remove the underlying 1406 * mountpoint, so failure is not fatal. 1407 */ 1408 sets[used].dataset = make_dataset_handle(hdl, 1409 entry.mnt_special); 1410 1411 used++; 1412 } 1413 1414 /* 1415 * At this point, we have the entire list of filesystems, so sort it by 1416 * mountpoint. 1417 */ 1418 if (used != 0) 1419 qsort(sets, used, sizeof (struct sets_s), mountpoint_compare); 1420 1421 /* 1422 * Walk through and first unshare everything. 1423 */ 1424 for (i = 0; i < used; i++) { 1425 for (enum sa_protocol p = 0; p < SA_PROTOCOL_COUNT; ++p) { 1426 if (sa_is_shared(sets[i].mountpoint, p) && 1427 unshare_one(hdl, sets[i].mountpoint, 1428 sets[i].mountpoint, p) != 0) 1429 goto out; 1430 } 1431 } 1432 zfs_commit_shares(NULL); 1433 1434 /* 1435 * Now unmount everything, removing the underlying directories as 1436 * appropriate. 1437 */ 1438 for (i = 0; i < used; i++) { 1439 if (unmount_one(sets[i].dataset, sets[i].mountpoint, 1440 flags) != 0) 1441 goto out; 1442 } 1443 1444 for (i = 0; i < used; i++) { 1445 if (sets[i].dataset) 1446 remove_mountpoint(sets[i].dataset); 1447 } 1448 1449 zpool_disable_datasets_os(zhp, force); 1450 1451 ret = 0; 1452 out: 1453 (void) fclose(mnttab); 1454 for (i = 0; i < used; i++) { 1455 if (sets[i].dataset) 1456 zfs_close(sets[i].dataset); 1457 free(sets[i].mountpoint); 1458 } 1459 free(sets); 1460 1461 return (ret); 1462 } 1463