module/zfs/zfs_vnops.c

61145dc2SMartin Matuska// SPDX-License-Identifier: CDDL-1.0
7877fdebSMatt Macy/*
7877fdebSMatt Macy * CDDL HEADER START
7877fdebSMatt Macy *
7877fdebSMatt Macy * The contents of this file are subject to the terms of the
7877fdebSMatt Macy * Common Development and Distribution License (the "License").
7877fdebSMatt Macy * You may not use this file except in compliance with the License.
7877fdebSMatt Macy *
7877fdebSMatt Macy * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
271171e0SMartin Matuska * or https://opensource.org/licenses/CDDL-1.0.
7877fdebSMatt Macy * See the License for the specific language governing permissions
7877fdebSMatt Macy * and limitations under the License.
7877fdebSMatt Macy *
7877fdebSMatt Macy * When distributing Covered Code, include this CDDL HEADER in each
7877fdebSMatt Macy * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
7877fdebSMatt Macy * If applicable, add the following below this CDDL HEADER, with the
7877fdebSMatt Macy * fields enclosed by brackets "[]" replaced with your own identifying
7877fdebSMatt Macy * information: Portions Copyright [yyyy] [name of copyright owner]
7877fdebSMatt Macy *
7877fdebSMatt Macy * CDDL HEADER END
7877fdebSMatt Macy */
7877fdebSMatt Macy
7877fdebSMatt Macy/*
7877fdebSMatt Macy * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
7877fdebSMatt Macy * Copyright (c) 2012, 2018 by Delphix. All rights reserved.
7877fdebSMatt Macy * Copyright (c) 2015 by Chunwei Chen. All rights reserved.
7877fdebSMatt Macy * Copyright 2017 Nexenta Systems, Inc.
2a58b312SMartin Matuska * Copyright (c) 2021, 2022 by Pawel Jakub Dawidek
61145dc2SMartin Matuska * Copyright (c) 2025, Rob Norris <robn@despairlabs.com>
7877fdebSMatt Macy */
7877fdebSMatt Macy
7877fdebSMatt Macy/* Portions Copyright 2007 Jeremy Teo */
7877fdebSMatt Macy/* Portions Copyright 2010 Robert Milkowski */
7877fdebSMatt Macy
7877fdebSMatt Macy#include <sys/types.h>
7877fdebSMatt Macy#include <sys/param.h>
7877fdebSMatt Macy#include <sys/time.h>
7877fdebSMatt Macy#include <sys/sysmacros.h>
7877fdebSMatt Macy#include <sys/vfs.h>
7877fdebSMatt Macy#include <sys/file.h>
7877fdebSMatt Macy#include <sys/stat.h>
7877fdebSMatt Macy#include <sys/kmem.h>
7877fdebSMatt Macy#include <sys/cmn_err.h>
7877fdebSMatt Macy#include <sys/errno.h>
7877fdebSMatt Macy#include <sys/zfs_dir.h>
7877fdebSMatt Macy#include <sys/zfs_acl.h>
7877fdebSMatt Macy#include <sys/zfs_ioctl.h>
7877fdebSMatt Macy#include <sys/fs/zfs.h>
7877fdebSMatt Macy#include <sys/dmu.h>
7877fdebSMatt Macy#include <sys/dmu_objset.h>
3494f7c0SMartin Matuska#include <sys/dsl_crypt.h>
7877fdebSMatt Macy#include <sys/spa.h>
7877fdebSMatt Macy#include <sys/txg.h>
7877fdebSMatt Macy#include <sys/dbuf.h>
7877fdebSMatt Macy#include <sys/policy.h>
2a58b312SMartin Matuska#include <sys/zfeature.h>
7877fdebSMatt Macy#include <sys/zfs_vnops.h>
7877fdebSMatt Macy#include <sys/zfs_quota.h>
7877fdebSMatt Macy#include <sys/zfs_vfsops.h>
7877fdebSMatt Macy#include <sys/zfs_znode.h>
7877fdebSMatt Macy
a4e5e010SMartin Matuska/*
5c65a0a9SMartin Matuska * Enables access to the block cloning feature. If this setting is 0, then even
5c65a0a9SMartin Matuska * if feature@block_cloning is enabled, using functions and system calls that
5c65a0a9SMartin Matuska * attempt to clone blocks will act as though the feature is disabled.
a4e5e010SMartin Matuska */
a4e5e010SMartin Matuskaint zfs_bclone_enabled = 1;
a4e5e010SMartin Matuska
a4e5e010SMartin Matuska/*
a4e5e010SMartin Matuska * When set zfs_clone_range() waits for dirty data to be written to disk.
a4e5e010SMartin Matuska * This allows the clone operation to reliably succeed when a file is modified
a4e5e010SMartin Matuska * and then immediately cloned. For small files this may be slower than making
a4e5e010SMartin Matuska * a copy of the file and is therefore not the default.  However, in certain
a4e5e010SMartin Matuska * scenarios this behavior may be desirable so a tunable is provided.
a4e5e010SMartin Matuska */
dd215568SMartin Matuskaint zfs_bclone_wait_dirty = 0;
a4e5e010SMartin Matuska
a4e5e010SMartin Matuska/*
7a7741afSMartin Matuska * Enable Direct I/O. If this setting is 0, then all I/O requests will be
7a7741afSMartin Matuska * directed through the ARC acting as though the dataset property direct was
7a7741afSMartin Matuska * set to disabled.
87bf66d4SMartin Matuska *
87bf66d4SMartin Matuska * Disabled by default on FreeBSD until a potential range locking issue in
87bf66d4SMartin Matuska * zfs_getpages() can be resolved.
7a7741afSMartin Matuska */
87bf66d4SMartin Matuska#ifdef __FreeBSD__
7a7741afSMartin Matuskastatic int zfs_dio_enabled = 0;
87bf66d4SMartin Matuska#else
87bf66d4SMartin Matuskastatic int zfs_dio_enabled = 1;
87bf66d4SMartin Matuska#endif
7a7741afSMartin Matuska
b1c1ee44SMartin Matuska/*
b1c1ee44SMartin Matuska * Strictly enforce alignment for Direct I/O requests, returning EINVAL
b1c1ee44SMartin Matuska * if not page-aligned instead of silently falling back to uncached I/O.
b1c1ee44SMartin Matuska */
b1c1ee44SMartin Matuskastatic int zfs_dio_strict = 0;
b1c1ee44SMartin Matuska
7a7741afSMartin Matuska
7a7741afSMartin Matuska/*
a4e5e010SMartin Matuska * Maximum bytes to read per chunk in zfs_read().
a4e5e010SMartin Matuska */
*3a896071SMartin Matuska#ifdef _ILP32
a4e5e010SMartin Matuskastatic uint64_t zfs_vnops_read_chunk_size = 1024 * 1024;
*3a896071SMartin Matuska#else
*3a896071SMartin Matuskastatic uint64_t zfs_vnops_read_chunk_size = DMU_MAX_ACCESS / 2;
*3a896071SMartin Matuska#endif
7877fdebSMatt Macy
7877fdebSMatt Macyint
7877fdebSMatt Macyzfs_fsync(znode_t *zp, int syncflag, cred_t *cr)
7877fdebSMatt Macy{
c7046f76SMartin Matuska	int error = 0;
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
7877fdebSMatt Macy
7877fdebSMatt Macy	if (zfsvfs->z_os->os_sync != ZFS_SYNC_DISABLED) {
c7046f76SMartin Matuska		if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
f8b1db88SMartin Matuska			return (error);
716fd348SMartin Matuska		atomic_inc_32(&zp->z_sync_writes_cnt);
7877fdebSMatt Macy		zil_commit(zfsvfs->z_log, zp->z_id);
716fd348SMartin Matuska		atomic_dec_32(&zp->z_sync_writes_cnt);
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy	}
c7046f76SMartin Matuska	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
7877fdebSMatt Macy
7877fdebSMatt Macy#if defined(SEEK_HOLE) && defined(SEEK_DATA)
7877fdebSMatt Macy/*
7877fdebSMatt Macy * Lseek support for finding holes (cmd == SEEK_HOLE) and
7877fdebSMatt Macy * data (cmd == SEEK_DATA). "off" is an in/out parameter.
7877fdebSMatt Macy */
7877fdebSMatt Macystatic int
7877fdebSMatt Macyzfs_holey_common(znode_t *zp, ulong_t cmd, loff_t *off)
7877fdebSMatt Macy{
81b22a98SMartin Matuska	zfs_locked_range_t *lr;
7877fdebSMatt Macy	uint64_t noff = (uint64_t)*off; /* new offset */
7877fdebSMatt Macy	uint64_t file_sz;
7877fdebSMatt Macy	int error;
7877fdebSMatt Macy	boolean_t hole;
7877fdebSMatt Macy
7877fdebSMatt Macy	file_sz = zp->z_size;
7877fdebSMatt Macy	if (noff >= file_sz)  {
7877fdebSMatt Macy		return (SET_ERROR(ENXIO));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	if (cmd == F_SEEK_HOLE)
7877fdebSMatt Macy		hole = B_TRUE;
7877fdebSMatt Macy	else
7877fdebSMatt Macy		hole = B_FALSE;
7877fdebSMatt Macy
81b22a98SMartin Matuska	/* Flush any mmap()'d data to disk */
c9539b89SMartin Matuska	if (zn_has_cached_data(zp, 0, file_sz - 1))
783d3ff6SMartin Matuska		zn_flush_cached_data(zp, B_TRUE);
81b22a98SMartin Matuska
2a58b312SMartin Matuska	lr = zfs_rangelock_enter(&zp->z_rangelock, 0, UINT64_MAX, RL_READER);
7877fdebSMatt Macy	error = dmu_offset_next(ZTOZSB(zp)->z_os, zp->z_id, hole, &noff);
81b22a98SMartin Matuska	zfs_rangelock_exit(lr);
7877fdebSMatt Macy
7877fdebSMatt Macy	if (error == ESRCH)
7877fdebSMatt Macy		return (SET_ERROR(ENXIO));
7877fdebSMatt Macy
81b22a98SMartin Matuska	/* File was dirty, so fall back to using generic logic */
7877fdebSMatt Macy	if (error == EBUSY) {
7877fdebSMatt Macy		if (hole)
7877fdebSMatt Macy			*off = file_sz;
7877fdebSMatt Macy
7877fdebSMatt Macy		return (0);
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * We could find a hole that begins after the logical end-of-file,
7877fdebSMatt Macy	 * because dmu_offset_next() only works on whole blocks.  If the
7877fdebSMatt Macy	 * EOF falls mid-block, then indicate that the "virtual hole"
7877fdebSMatt Macy	 * at the end of the file begins at the logical EOF, rather than
7877fdebSMatt Macy	 * at the end of the last block.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	if (noff > file_sz) {
7877fdebSMatt Macy		ASSERT(hole);
7877fdebSMatt Macy		noff = file_sz;
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	if (noff < *off)
7877fdebSMatt Macy		return (error);
7877fdebSMatt Macy	*off = noff;
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
7877fdebSMatt Macyint
7877fdebSMatt Macyzfs_holey(znode_t *zp, ulong_t cmd, loff_t *off)
7877fdebSMatt Macy{
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
7877fdebSMatt Macy	int error;
7877fdebSMatt Macy
c7046f76SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
c7046f76SMartin Matuska		return (error);
7877fdebSMatt Macy
7877fdebSMatt Macy	error = zfs_holey_common(zp, cmd, off);
7877fdebSMatt Macy
c7046f76SMartin Matuska	zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy#endif /* SEEK_HOLE && SEEK_DATA */
7877fdebSMatt Macy
7877fdebSMatt Macyint
7877fdebSMatt Macyzfs_access(znode_t *zp, int mode, int flag, cred_t *cr)
7877fdebSMatt Macy{
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
7877fdebSMatt Macy	int error;
7877fdebSMatt Macy
c7046f76SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
c7046f76SMartin Matuska		return (error);
7877fdebSMatt Macy
7877fdebSMatt Macy	if (flag & V_ACE_MASK)
dbd5678dSMartin Matuska#if defined(__linux__)
dbd5678dSMartin Matuska		error = zfs_zaccess(zp, mode, flag, B_FALSE, cr,
d411c1d6SMartin Matuska		    zfs_init_idmap);
dbd5678dSMartin Matuska#else
dbd5678dSMartin Matuska		error = zfs_zaccess(zp, mode, flag, B_FALSE, cr,
dbd5678dSMartin Matuska		    NULL);
dbd5678dSMartin Matuska#endif
7877fdebSMatt Macy	else
dbd5678dSMartin Matuska#if defined(__linux__)
d411c1d6SMartin Matuska		error = zfs_zaccess_rwx(zp, mode, flag, cr, zfs_init_idmap);
dbd5678dSMartin Matuska#else
dbd5678dSMartin Matuska		error = zfs_zaccess_rwx(zp, mode, flag, cr, NULL);
dbd5678dSMartin Matuska#endif
7877fdebSMatt Macy
c7046f76SMartin Matuska	zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
7877fdebSMatt Macy/*
7a7741afSMartin Matuska * Determine if Direct I/O has been requested (either via the O_DIRECT flag or
7a7741afSMartin Matuska * the "direct" dataset property). When inherited by the property only apply
7a7741afSMartin Matuska * the O_DIRECT flag to correctly aligned IO requests. The rational for this
7a7741afSMartin Matuska * is it allows the property to be safely set on a dataset without forcing
7a7741afSMartin Matuska * all of the applications to be aware of the alignment restrictions. When
7a7741afSMartin Matuska * O_DIRECT is explicitly requested by an application return EINVAL if the
7a7741afSMartin Matuska * request is unaligned.  In all cases, if the range for this request has
7a7741afSMartin Matuska * been mmap'ed then we will perform buffered I/O to keep the mapped region
7a7741afSMartin Matuska * synhronized with the ARC.
7a7741afSMartin Matuska *
7a7741afSMartin Matuska * It is possible that a file's pages could be mmap'ed after it is checked
7a7741afSMartin Matuska * here. If so, that is handled coorarding in zfs_write(). See comments in the
7a7741afSMartin Matuska * following area for how this is handled:
7a7741afSMartin Matuska * zfs_write() -> update_pages()
7a7741afSMartin Matuska */
7a7741afSMartin Matuskastatic int
7a7741afSMartin Matuskazfs_setup_direct(struct znode *zp, zfs_uio_t *uio, zfs_uio_rw_t rw,
7a7741afSMartin Matuska    int *ioflagp)
7a7741afSMartin Matuska{
7a7741afSMartin Matuska	zfsvfs_t *zfsvfs = ZTOZSB(zp);
7a7741afSMartin Matuska	objset_t *os = zfsvfs->z_os;
7a7741afSMartin Matuska	int ioflag = *ioflagp;
7a7741afSMartin Matuska	int error = 0;
7a7741afSMartin Matuska
b1c1ee44SMartin Matuska	if (os->os_direct == ZFS_DIRECT_ALWAYS) {
b1c1ee44SMartin Matuska		/* Force either direct or uncached I/O. */
7a7741afSMartin Matuska		ioflag |= O_DIRECT;
7a7741afSMartin Matuska	}
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	if ((ioflag & O_DIRECT) == 0)
b1c1ee44SMartin Matuska		goto out;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	if (!zfs_dio_enabled || os->os_direct == ZFS_DIRECT_DISABLED) {
7a7741afSMartin Matuska		/*
b1c1ee44SMartin Matuska		 * Direct I/O is disabled.  The I/O request will be directed
b1c1ee44SMartin Matuska		 * through the ARC as uncached I/O.
7a7741afSMartin Matuska		 */
b1c1ee44SMartin Matuska		goto out;
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
7a7741afSMartin Matuska	if (!zfs_uio_page_aligned(uio) ||
7a7741afSMartin Matuska	    !zfs_uio_aligned(uio, PAGE_SIZE)) {
b1c1ee44SMartin Matuska		/*
b1c1ee44SMartin Matuska		 * Misaligned requests can be executed through the ARC as
b1c1ee44SMartin Matuska		 * uncached I/O.  But if O_DIRECT was set by user and we
b1c1ee44SMartin Matuska		 * were set to be strict, then it is a failure.
b1c1ee44SMartin Matuska		 */
b1c1ee44SMartin Matuska		if ((*ioflagp & O_DIRECT) && zfs_dio_strict)
7a7741afSMartin Matuska			error = SET_ERROR(EINVAL);
7a7741afSMartin Matuska		goto out;
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
b1c1ee44SMartin Matuska	if (zn_has_cached_data(zp, zfs_uio_offset(uio),
b1c1ee44SMartin Matuska	    zfs_uio_offset(uio) + zfs_uio_resid(uio) - 1)) {
b1c1ee44SMartin Matuska		/*
b1c1ee44SMartin Matuska		 * The region is mmap'ed.  The I/O request will be directed
b1c1ee44SMartin Matuska		 * through the ARC as uncached I/O.
b1c1ee44SMartin Matuska		 */
7a7741afSMartin Matuska		goto out;
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
b1c1ee44SMartin Matuska	/*
b1c1ee44SMartin Matuska	 * For short writes the page mapping of Direct I/O makes no sense.
b1c1ee44SMartin Matuska	 * Direct them through the ARC as uncached I/O.
b1c1ee44SMartin Matuska	 */
b1c1ee44SMartin Matuska	if (rw == UIO_WRITE && zfs_uio_resid(uio) < zp->z_blksz)
b1c1ee44SMartin Matuska		goto out;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	error = zfs_uio_get_dio_pages_alloc(uio, rw);
b1c1ee44SMartin Matuska	if (error)
b1c1ee44SMartin Matuska		goto out;
b1c1ee44SMartin Matuska	ASSERT(uio->uio_extflg & UIO_DIRECT);
7a7741afSMartin Matuska
7a7741afSMartin Matuskaout:
7a7741afSMartin Matuska	*ioflagp = ioflag;
7a7741afSMartin Matuska	return (error);
7a7741afSMartin Matuska}
7a7741afSMartin Matuska
7a7741afSMartin Matuska/*
7877fdebSMatt Macy * Read bytes from specified file into supplied buffer.
7877fdebSMatt Macy *
7877fdebSMatt Macy *	IN:	zp	- inode of file to be read from.
7877fdebSMatt Macy *		uio	- structure supplying read location, range info,
7877fdebSMatt Macy *			  and return buffer.
7877fdebSMatt Macy *		ioflag	- O_SYNC flags; used to provide FRSYNC semantics.
7877fdebSMatt Macy *			  O_DIRECT flag; used to bypass page cache.
7877fdebSMatt Macy *		cr	- credentials of caller.
7877fdebSMatt Macy *
7877fdebSMatt Macy *	OUT:	uio	- updated offset and range, buffer filled.
7877fdebSMatt Macy *
7877fdebSMatt Macy *	RETURN:	0 on success, error code on failure.
7877fdebSMatt Macy *
7877fdebSMatt Macy * Side Effects:
7877fdebSMatt Macy *	inode - atime updated if byte count > 0
7877fdebSMatt Macy */
7877fdebSMatt Macyint
184c1b94SMartin Matuskazfs_read(struct znode *zp, zfs_uio_t *uio, int ioflag, cred_t *cr)
7877fdebSMatt Macy{
c03c5b1cSMartin Matuska	(void) cr;
7877fdebSMatt Macy	int error = 0;
7877fdebSMatt Macy	boolean_t frsync = B_FALSE;
87bf66d4SMartin Matuska	boolean_t dio_checksum_failure = B_FALSE;
7877fdebSMatt Macy
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
c7046f76SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
c7046f76SMartin Matuska		return (error);
7877fdebSMatt Macy
7877fdebSMatt Macy	if (zp->z_pflags & ZFS_AV_QUARANTINED) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EACCES));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/* We don't copy out anything useful for directories. */
7877fdebSMatt Macy	if (Z_ISDIR(ZTOTYPE(zp))) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EISDIR));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Validate file offset
7877fdebSMatt Macy	 */
184c1b94SMartin Matuska	if (zfs_uio_offset(uio) < (offset_t)0) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EINVAL));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Fasttrack empty reads
7877fdebSMatt Macy	 */
184c1b94SMartin Matuska	if (zfs_uio_resid(uio) == 0) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (0);
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy#ifdef FRSYNC
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * If we're in FRSYNC mode, sync out this znode before reading it.
7877fdebSMatt Macy	 * Only do this for non-snapshots.
7877fdebSMatt Macy	 *
7877fdebSMatt Macy	 * Some platforms do not support FRSYNC and instead map it
7877fdebSMatt Macy	 * to O_SYNC, which results in unnecessary calls to zil_commit. We
7877fdebSMatt Macy	 * only honor FRSYNC requests on platforms which support it.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	frsync = !!(ioflag & FRSYNC);
7877fdebSMatt Macy#endif
7877fdebSMatt Macy	if (zfsvfs->z_log &&
7877fdebSMatt Macy	    (frsync || zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS))
7877fdebSMatt Macy		zil_commit(zfsvfs->z_log, zp->z_id);
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Lock the range against changes.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	zfs_locked_range_t *lr = zfs_rangelock_enter(&zp->z_rangelock,
184c1b94SMartin Matuska	    zfs_uio_offset(uio), zfs_uio_resid(uio), RL_READER);
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * If we are reading past end-of-file we can skip
7877fdebSMatt Macy	 * to the end; but we might still need to set atime.
7877fdebSMatt Macy	 */
184c1b94SMartin Matuska	if (zfs_uio_offset(uio) >= zp->z_size) {
7877fdebSMatt Macy		error = 0;
7877fdebSMatt Macy		goto out;
7877fdebSMatt Macy	}
184c1b94SMartin Matuska	ASSERT(zfs_uio_offset(uio) < zp->z_size);
7a7741afSMartin Matuska
7a7741afSMartin Matuska	/*
7a7741afSMartin Matuska	 * Setting up Direct I/O if requested.
7a7741afSMartin Matuska	 */
7a7741afSMartin Matuska	error = zfs_setup_direct(zp, uio, UIO_READ, &ioflag);
7a7741afSMartin Matuska	if (error) {
7a7741afSMartin Matuska		goto out;
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
81b22a98SMartin Matuska#if defined(__linux__)
81b22a98SMartin Matuska	ssize_t start_offset = zfs_uio_offset(uio);
81b22a98SMartin Matuska#endif
*3a896071SMartin Matuska	uint_t blksz = zp->z_blksz;
*3a896071SMartin Matuska	ssize_t chunk_size;
184c1b94SMartin Matuska	ssize_t n = MIN(zfs_uio_resid(uio), zp->z_size - zfs_uio_offset(uio));
7877fdebSMatt Macy	ssize_t start_resid = n;
7a7741afSMartin Matuska	ssize_t dio_remaining_resid = 0;
7a7741afSMartin Matuska
b1c1ee44SMartin Matuska	dmu_flags_t dflags = DMU_READ_PREFETCH;
b1c1ee44SMartin Matuska	if (ioflag & O_DIRECT)
b1c1ee44SMartin Matuska		dflags |= DMU_UNCACHEDIO;
7a7741afSMartin Matuska	if (uio->uio_extflg & UIO_DIRECT) {
7a7741afSMartin Matuska		/*
7a7741afSMartin Matuska		 * All pages for an O_DIRECT request ahve already been mapped
7a7741afSMartin Matuska		 * so there's no compelling reason to handle this uio in
7a7741afSMartin Matuska		 * smaller chunks.
7a7741afSMartin Matuska		 */
7a7741afSMartin Matuska		chunk_size = DMU_MAX_ACCESS;
7a7741afSMartin Matuska
7a7741afSMartin Matuska		/*
7a7741afSMartin Matuska		 * In the event that the O_DIRECT request is reading the entire
7a7741afSMartin Matuska		 * file, it is possible file's length is not page sized
7a7741afSMartin Matuska		 * aligned. However, lower layers expect that the Direct I/O
7a7741afSMartin Matuska		 * request is page-aligned. In this case, as much of the file
7a7741afSMartin Matuska		 * that can be read using Direct I/O happens and the remaining
7a7741afSMartin Matuska		 * amount will be read through the ARC.
7a7741afSMartin Matuska		 *
7a7741afSMartin Matuska		 * This is still consistent with the semantics of Direct I/O in
7a7741afSMartin Matuska		 * ZFS as at a minimum the I/O request must be page-aligned.
7a7741afSMartin Matuska		 */
7a7741afSMartin Matuska		dio_remaining_resid = n - P2ALIGN_TYPED(n, PAGE_SIZE, ssize_t);
7a7741afSMartin Matuska		if (dio_remaining_resid != 0)
7a7741afSMartin Matuska			n -= dio_remaining_resid;
b1c1ee44SMartin Matuska		dflags |= DMU_DIRECTIO;
*3a896071SMartin Matuska	} else {
*3a896071SMartin Matuska		chunk_size = MIN(MAX(zfs_vnops_read_chunk_size, blksz),
*3a896071SMartin Matuska		    DMU_MAX_ACCESS / 2);
7a7741afSMartin Matuska	}
7877fdebSMatt Macy
7877fdebSMatt Macy	while (n > 0) {
7a7741afSMartin Matuska		ssize_t nbytes = MIN(n, chunk_size -
*3a896071SMartin Matuska		    P2PHASE(zfs_uio_offset(uio), blksz));
7877fdebSMatt Macy#ifdef UIO_NOCOPY
184c1b94SMartin Matuska		if (zfs_uio_segflg(uio) == UIO_NOCOPY)
7877fdebSMatt Macy			error = mappedread_sf(zp, nbytes, uio);
7877fdebSMatt Macy		else
7877fdebSMatt Macy#endif
c9539b89SMartin Matuska		if (zn_has_cached_data(zp, zfs_uio_offset(uio),
7a7741afSMartin Matuska		    zfs_uio_offset(uio) + nbytes - 1)) {
7877fdebSMatt Macy			error = mappedread(zp, nbytes, uio);
7877fdebSMatt Macy		} else {
7877fdebSMatt Macy			error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl),
b1c1ee44SMartin Matuska			    uio, nbytes, dflags);
7877fdebSMatt Macy		}
7877fdebSMatt Macy
7877fdebSMatt Macy		if (error) {
7877fdebSMatt Macy			/* convert checksum errors into IO errors */
87bf66d4SMartin Matuska			if (error == ECKSUM) {
87bf66d4SMartin Matuska				/*
87bf66d4SMartin Matuska				 * If a Direct I/O read returned a checksum
87bf66d4SMartin Matuska				 * verify error, then it must be treated as
87bf66d4SMartin Matuska				 * suspicious. The contents of the buffer could
87bf66d4SMartin Matuska				 * have beeen manipulated while the I/O was in
87bf66d4SMartin Matuska				 * flight. In this case, the remainder of I/O
87bf66d4SMartin Matuska				 * request will just be reissued through the
87bf66d4SMartin Matuska				 * ARC.
87bf66d4SMartin Matuska				 */
87bf66d4SMartin Matuska				if (uio->uio_extflg & UIO_DIRECT) {
87bf66d4SMartin Matuska					dio_checksum_failure = B_TRUE;
87bf66d4SMartin Matuska					uio->uio_extflg &= ~UIO_DIRECT;
87bf66d4SMartin Matuska					n += dio_remaining_resid;
87bf66d4SMartin Matuska					dio_remaining_resid = 0;
87bf66d4SMartin Matuska					continue;
87bf66d4SMartin Matuska				} else {
7877fdebSMatt Macy					error = SET_ERROR(EIO);
87bf66d4SMartin Matuska				}
87bf66d4SMartin Matuska			}
81b22a98SMartin Matuska
81b22a98SMartin Matuska#if defined(__linux__)
81b22a98SMartin Matuska			/*
81b22a98SMartin Matuska			 * if we actually read some bytes, bubbling EFAULT
81b22a98SMartin Matuska			 * up to become EAGAIN isn't what we want here...
81b22a98SMartin Matuska			 *
81b22a98SMartin Matuska			 * ...on Linux, at least. On FBSD, doing this breaks.
81b22a98SMartin Matuska			 */
81b22a98SMartin Matuska			if (error == EFAULT &&
81b22a98SMartin Matuska			    (zfs_uio_offset(uio) - start_offset) != 0)
81b22a98SMartin Matuska				error = 0;
81b22a98SMartin Matuska#endif
7877fdebSMatt Macy			break;
7877fdebSMatt Macy		}
7877fdebSMatt Macy
7877fdebSMatt Macy		n -= nbytes;
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7a7741afSMartin Matuska	if (error == 0 && (uio->uio_extflg & UIO_DIRECT) &&
7a7741afSMartin Matuska	    dio_remaining_resid != 0) {
7a7741afSMartin Matuska		/*
7a7741afSMartin Matuska		 * Temporarily remove the UIO_DIRECT flag from the UIO so the
7a7741afSMartin Matuska		 * remainder of the file can be read using the ARC.
7a7741afSMartin Matuska		 */
7a7741afSMartin Matuska		uio->uio_extflg &= ~UIO_DIRECT;
b1c1ee44SMartin Matuska		dflags &= ~DMU_DIRECTIO;
7a7741afSMartin Matuska
7a7741afSMartin Matuska		if (zn_has_cached_data(zp, zfs_uio_offset(uio),
7a7741afSMartin Matuska		    zfs_uio_offset(uio) + dio_remaining_resid - 1)) {
7a7741afSMartin Matuska			error = mappedread(zp, dio_remaining_resid, uio);
7a7741afSMartin Matuska		} else {
7a7741afSMartin Matuska			error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl), uio,
b1c1ee44SMartin Matuska			    dio_remaining_resid, dflags);
7a7741afSMartin Matuska		}
7a7741afSMartin Matuska		uio->uio_extflg |= UIO_DIRECT;
b1c1ee44SMartin Matuska		dflags |= DMU_DIRECTIO;
7a7741afSMartin Matuska
7a7741afSMartin Matuska		if (error != 0)
7a7741afSMartin Matuska			n += dio_remaining_resid;
7a7741afSMartin Matuska	} else if (error && (uio->uio_extflg & UIO_DIRECT)) {
7a7741afSMartin Matuska		n += dio_remaining_resid;
7a7741afSMartin Matuska	}
7877fdebSMatt Macy	int64_t nread = start_resid - n;
7a7741afSMartin Matuska
7877fdebSMatt Macy	dataset_kstats_update_read_kstats(&zfsvfs->z_kstat, nread);
7877fdebSMatt Macyout:
7877fdebSMatt Macy	zfs_rangelock_exit(lr);
7877fdebSMatt Macy
87bf66d4SMartin Matuska	if (dio_checksum_failure == B_TRUE)
87bf66d4SMartin Matuska		uio->uio_extflg |= UIO_DIRECT;
87bf66d4SMartin Matuska
7a7741afSMartin Matuska	/*
7a7741afSMartin Matuska	 * Cleanup for Direct I/O if requested.
7a7741afSMartin Matuska	 */
7a7741afSMartin Matuska	if (uio->uio_extflg & UIO_DIRECT)
7a7741afSMartin Matuska		zfs_uio_free_dio_pages(uio, UIO_READ);
7a7741afSMartin Matuska
7877fdebSMatt Macy	ZFS_ACCESSTIME_STAMP(zfsvfs, zp);
c7046f76SMartin Matuska	zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
c03c5b1cSMartin Matuskastatic void
c03c5b1cSMartin Matuskazfs_clear_setid_bits_if_necessary(zfsvfs_t *zfsvfs, znode_t *zp, cred_t *cr,
c03c5b1cSMartin Matuska    uint64_t *clear_setid_bits_txgp, dmu_tx_t *tx)
c03c5b1cSMartin Matuska{
c03c5b1cSMartin Matuska	zilog_t *zilog = zfsvfs->z_log;
c03c5b1cSMartin Matuska	const uint64_t uid = KUID_TO_SUID(ZTOUID(zp));
c03c5b1cSMartin Matuska
c03c5b1cSMartin Matuska	ASSERT(clear_setid_bits_txgp != NULL);
c03c5b1cSMartin Matuska	ASSERT(tx != NULL);
c03c5b1cSMartin Matuska
c03c5b1cSMartin Matuska	/*
c03c5b1cSMartin Matuska	 * Clear Set-UID/Set-GID bits on successful write if not
c03c5b1cSMartin Matuska	 * privileged and at least one of the execute bits is set.
c03c5b1cSMartin Matuska	 *
c03c5b1cSMartin Matuska	 * It would be nice to do this after all writes have
c03c5b1cSMartin Matuska	 * been done, but that would still expose the ISUID/ISGID
c03c5b1cSMartin Matuska	 * to another app after the partial write is committed.
c03c5b1cSMartin Matuska	 *
c03c5b1cSMartin Matuska	 * Note: we don't call zfs_fuid_map_id() here because
c03c5b1cSMartin Matuska	 * user 0 is not an ephemeral uid.
c03c5b1cSMartin Matuska	 */
c03c5b1cSMartin Matuska	mutex_enter(&zp->z_acl_lock);
c03c5b1cSMartin Matuska	if ((zp->z_mode & (S_IXUSR | (S_IXUSR >> 3) | (S_IXUSR >> 6))) != 0 &&
c03c5b1cSMartin Matuska	    (zp->z_mode & (S_ISUID | S_ISGID)) != 0 &&
c03c5b1cSMartin Matuska	    secpolicy_vnode_setid_retain(zp, cr,
c03c5b1cSMartin Matuska	    ((zp->z_mode & S_ISUID) != 0 && uid == 0)) != 0) {
c03c5b1cSMartin Matuska		uint64_t newmode;
c03c5b1cSMartin Matuska
c03c5b1cSMartin Matuska		zp->z_mode &= ~(S_ISUID | S_ISGID);
c03c5b1cSMartin Matuska		newmode = zp->z_mode;
c03c5b1cSMartin Matuska		(void) sa_update(zp->z_sa_hdl, SA_ZPL_MODE(zfsvfs),
c03c5b1cSMartin Matuska		    (void *)&newmode, sizeof (uint64_t), tx);
c03c5b1cSMartin Matuska
c03c5b1cSMartin Matuska		mutex_exit(&zp->z_acl_lock);
c03c5b1cSMartin Matuska
c03c5b1cSMartin Matuska		/*
c03c5b1cSMartin Matuska		 * Make sure SUID/SGID bits will be removed when we replay the
c03c5b1cSMartin Matuska		 * log. If the setid bits are keep coming back, don't log more
c03c5b1cSMartin Matuska		 * than one TX_SETATTR per transaction group.
c03c5b1cSMartin Matuska		 */
c03c5b1cSMartin Matuska		if (*clear_setid_bits_txgp != dmu_tx_get_txg(tx)) {
da5137abSMartin Matuska			vattr_t va = {0};
c03c5b1cSMartin Matuska
716fd348SMartin Matuska			va.va_mask = ATTR_MODE;
c03c5b1cSMartin Matuska			va.va_nodeid = zp->z_id;
c03c5b1cSMartin Matuska			va.va_mode = newmode;
716fd348SMartin Matuska			zfs_log_setattr(zilog, tx, TX_SETATTR, zp, &va,
716fd348SMartin Matuska			    ATTR_MODE, NULL);
c03c5b1cSMartin Matuska			*clear_setid_bits_txgp = dmu_tx_get_txg(tx);
c03c5b1cSMartin Matuska		}
c03c5b1cSMartin Matuska	} else {
c03c5b1cSMartin Matuska		mutex_exit(&zp->z_acl_lock);
c03c5b1cSMartin Matuska	}
c03c5b1cSMartin Matuska}
c03c5b1cSMartin Matuska
7877fdebSMatt Macy/*
7877fdebSMatt Macy * Write the bytes to a file.
7877fdebSMatt Macy *
7877fdebSMatt Macy *	IN:	zp	- znode of file to be written to.
7877fdebSMatt Macy *		uio	- structure supplying write location, range info,
7877fdebSMatt Macy *			  and data buffer.
7877fdebSMatt Macy *		ioflag	- O_APPEND flag set if in append mode.
7877fdebSMatt Macy *			  O_DIRECT flag; used to bypass page cache.
7877fdebSMatt Macy *		cr	- credentials of caller.
7877fdebSMatt Macy *
7877fdebSMatt Macy *	OUT:	uio	- updated offset and range.
7877fdebSMatt Macy *
7877fdebSMatt Macy *	RETURN:	0 if success
7877fdebSMatt Macy *		error code if failure
7877fdebSMatt Macy *
7877fdebSMatt Macy * Timestamps:
7877fdebSMatt Macy *	ip - ctime|mtime updated if byte count > 0
7877fdebSMatt Macy */
7877fdebSMatt Macyint
184c1b94SMartin Matuskazfs_write(znode_t *zp, zfs_uio_t *uio, int ioflag, cred_t *cr)
7877fdebSMatt Macy{
e92ffd9bSMartin Matuska	int error = 0, error1;
184c1b94SMartin Matuska	ssize_t start_resid = zfs_uio_resid(uio);
c03c5b1cSMartin Matuska	uint64_t clear_setid_bits_txg = 0;
7a7741afSMartin Matuska	boolean_t o_direct_defer = B_FALSE;
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Fasttrack empty write
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	ssize_t n = start_resid;
7877fdebSMatt Macy	if (n == 0)
7877fdebSMatt Macy		return (0);
7877fdebSMatt Macy
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
c7046f76SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
c7046f76SMartin Matuska		return (error);
7877fdebSMatt Macy
7877fdebSMatt Macy	sa_bulk_attr_t bulk[4];
7877fdebSMatt Macy	int count = 0;
7877fdebSMatt Macy	uint64_t mtime[2], ctime[2];
7877fdebSMatt Macy	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
7877fdebSMatt Macy	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
7877fdebSMatt Macy	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), NULL,
7877fdebSMatt Macy	    &zp->z_size, 8);
7877fdebSMatt Macy	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL,
7877fdebSMatt Macy	    &zp->z_pflags, 8);
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Callers might not be able to detect properly that we are read-only,
7877fdebSMatt Macy	 * so check it explicitly here.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	if (zfs_is_readonly(zfsvfs)) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EROFS));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
9db44a8eSMartin Matuska	 * If immutable or not appending then return EPERM.
9db44a8eSMartin Matuska	 * Intentionally allow ZFS_READONLY through here.
9db44a8eSMartin Matuska	 * See zfs_zaccess_common()
7877fdebSMatt Macy	 */
9db44a8eSMartin Matuska	if ((zp->z_pflags & ZFS_IMMUTABLE) ||
7877fdebSMatt Macy	    ((zp->z_pflags & ZFS_APPENDONLY) && !(ioflag & O_APPEND) &&
184c1b94SMartin Matuska	    (zfs_uio_offset(uio) < zp->z_size))) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EPERM));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Validate file offset
7877fdebSMatt Macy	 */
184c1b94SMartin Matuska	offset_t woff = ioflag & O_APPEND ? zp->z_size : zfs_uio_offset(uio);
7877fdebSMatt Macy	if (woff < 0) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EINVAL));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7a7741afSMartin Matuska	 * Setting up Direct I/O if requested.
7a7741afSMartin Matuska	 */
7a7741afSMartin Matuska	error = zfs_setup_direct(zp, uio, UIO_WRITE, &ioflag);
7a7741afSMartin Matuska	if (error) {
7a7741afSMartin Matuska		zfs_exit(zfsvfs, FTAG);
7a7741afSMartin Matuska		return (SET_ERROR(error));
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
7a7741afSMartin Matuska	/*
7877fdebSMatt Macy	 * Pre-fault the pages to ensure slow (eg NFS) pages
7877fdebSMatt Macy	 * don't hold up txg.
7877fdebSMatt Macy	 */
7b5e6873SMartin Matuska	ssize_t pfbytes = MIN(n, DMU_MAX_ACCESS >> 1);
7b5e6873SMartin Matuska	if (zfs_uio_prefaultpages(pfbytes, uio)) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EFAULT));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * If in append mode, set the io offset pointer to eof.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	zfs_locked_range_t *lr;
7877fdebSMatt Macy	if (ioflag & O_APPEND) {
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * Obtain an appending range lock to guarantee file append
7877fdebSMatt Macy		 * semantics.  We reset the write offset once we have the lock.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		lr = zfs_rangelock_enter(&zp->z_rangelock, 0, n, RL_APPEND);
7877fdebSMatt Macy		woff = lr->lr_offset;
7877fdebSMatt Macy		if (lr->lr_length == UINT64_MAX) {
7877fdebSMatt Macy			/*
7877fdebSMatt Macy			 * We overlocked the file because this write will cause
7877fdebSMatt Macy			 * the file block size to increase.
7877fdebSMatt Macy			 * Note that zp_size cannot change with this lock held.
7877fdebSMatt Macy			 */
7877fdebSMatt Macy			woff = zp->z_size;
7877fdebSMatt Macy		}
184c1b94SMartin Matuska		zfs_uio_setoffset(uio, woff);
7a7741afSMartin Matuska		/*
7a7741afSMartin Matuska		 * We need to update the starting offset as well because it is
7a7741afSMartin Matuska		 * set previously in the ZPL (Linux) and VNOPS (FreeBSD)
7a7741afSMartin Matuska		 * layers.
7a7741afSMartin Matuska		 */
7a7741afSMartin Matuska		zfs_uio_setsoffset(uio, woff);
7877fdebSMatt Macy	} else {
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * Note that if the file block size will change as a result of
7877fdebSMatt Macy		 * this write, then this range lock will lock the entire file
7877fdebSMatt Macy		 * so that we can re-write the block safely.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		lr = zfs_rangelock_enter(&zp->z_rangelock, woff, n, RL_WRITER);
7877fdebSMatt Macy	}
7877fdebSMatt Macy
2a58b312SMartin Matuska	if (zn_rlimit_fsize_uio(zp, uio)) {
7877fdebSMatt Macy		zfs_rangelock_exit(lr);
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EFBIG));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	const rlim64_t limit = MAXOFFSET_T;
7877fdebSMatt Macy
7877fdebSMatt Macy	if (woff >= limit) {
7877fdebSMatt Macy		zfs_rangelock_exit(lr);
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (SET_ERROR(EFBIG));
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	if (n > limit - woff)
7877fdebSMatt Macy		n = limit - woff;
7877fdebSMatt Macy
7877fdebSMatt Macy	uint64_t end_size = MAX(zp->z_size, woff + n);
7877fdebSMatt Macy	zilog_t *zilog = zfsvfs->z_log;
f8b1db88SMartin Matuska	boolean_t commit = (ioflag & (O_SYNC | O_DSYNC)) ||
f8b1db88SMartin Matuska	    (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS);
7877fdebSMatt Macy
7877fdebSMatt Macy	const uint64_t uid = KUID_TO_SUID(ZTOUID(zp));
7877fdebSMatt Macy	const uint64_t gid = KGID_TO_SGID(ZTOGID(zp));
7877fdebSMatt Macy	const uint64_t projid = zp->z_projid;
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7a7741afSMartin Matuska	 * In the event we are increasing the file block size
7a7741afSMartin Matuska	 * (lr_length == UINT64_MAX), we will direct the write to the ARC.
7a7741afSMartin Matuska	 * Because zfs_grow_blocksize() will read from the ARC in order to
7a7741afSMartin Matuska	 * grow the dbuf, we avoid doing Direct I/O here as that would cause
7a7741afSMartin Matuska	 * data written to disk to be overwritten by data in the ARC during
7a7741afSMartin Matuska	 * the sync phase. Besides writing data twice to disk, we also
7a7741afSMartin Matuska	 * want to avoid consistency concerns between data in the the ARC and
7a7741afSMartin Matuska	 * on disk while growing the file's blocksize.
7a7741afSMartin Matuska	 *
7a7741afSMartin Matuska	 * We will only temporarily remove Direct I/O and put it back after
7a7741afSMartin Matuska	 * we have grown the blocksize. We do this in the event a request
7a7741afSMartin Matuska	 * is larger than max_blksz, so further requests to
7a7741afSMartin Matuska	 * dmu_write_uio_dbuf() will still issue the requests using Direct
7a7741afSMartin Matuska	 * IO.
7a7741afSMartin Matuska	 *
7a7741afSMartin Matuska	 * As an example:
7a7741afSMartin Matuska	 * The first block to file is being written as a 4k request with
7a7741afSMartin Matuska	 * a recorsize of 1K. The first 1K issued in the loop below will go
7a7741afSMartin Matuska	 * through the ARC; however, the following 3 1K requests will
7a7741afSMartin Matuska	 * use Direct I/O.
7a7741afSMartin Matuska	 */
7a7741afSMartin Matuska	if (uio->uio_extflg & UIO_DIRECT && lr->lr_length == UINT64_MAX) {
7a7741afSMartin Matuska		uio->uio_extflg &= ~UIO_DIRECT;
7a7741afSMartin Matuska		o_direct_defer = B_TRUE;
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
7a7741afSMartin Matuska	/*
7877fdebSMatt Macy	 * Write the file in reasonable size chunks.  Each chunk is written
7877fdebSMatt Macy	 * in a separate transaction; this keeps the intent log records small
7877fdebSMatt Macy	 * and allows us to do more fine-grained space accounting.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	while (n > 0) {
184c1b94SMartin Matuska		woff = zfs_uio_offset(uio);
7877fdebSMatt Macy
7877fdebSMatt Macy		if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT, uid) ||
7877fdebSMatt Macy		    zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT, gid) ||
7877fdebSMatt Macy		    (projid != ZFS_DEFAULT_PROJID &&
7877fdebSMatt Macy		    zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT,
7877fdebSMatt Macy		    projid))) {
7877fdebSMatt Macy			error = SET_ERROR(EDQUOT);
7877fdebSMatt Macy			break;
7877fdebSMatt Macy		}
7877fdebSMatt Macy
7b5e6873SMartin Matuska		uint64_t blksz;
7b5e6873SMartin Matuska		if (lr->lr_length == UINT64_MAX && zp->z_size <= zp->z_blksz) {
7b5e6873SMartin Matuska			if (zp->z_blksz > zfsvfs->z_max_blksz &&
7b5e6873SMartin Matuska			    !ISP2(zp->z_blksz)) {
7b5e6873SMartin Matuska				/*
7b5e6873SMartin Matuska				 * File's blocksize is already larger than the
7b5e6873SMartin Matuska				 * "recordsize" property.  Only let it grow to
7b5e6873SMartin Matuska				 * the next power of 2.
7b5e6873SMartin Matuska				 */
7b5e6873SMartin Matuska				blksz = 1 << highbit64(zp->z_blksz);
7b5e6873SMartin Matuska			} else {
7b5e6873SMartin Matuska				blksz = zfsvfs->z_max_blksz;
7b5e6873SMartin Matuska			}
7b5e6873SMartin Matuska			blksz = MIN(blksz, P2ROUNDUP(end_size,
7b5e6873SMartin Matuska			    SPA_MINBLOCKSIZE));
7b5e6873SMartin Matuska			blksz = MAX(blksz, zp->z_blksz);
7b5e6873SMartin Matuska		} else {
7b5e6873SMartin Matuska			blksz = zp->z_blksz;
7b5e6873SMartin Matuska		}
7b5e6873SMartin Matuska
7877fdebSMatt Macy		arc_buf_t *abuf = NULL;
7b5e6873SMartin Matuska		ssize_t nbytes = n;
7b5e6873SMartin Matuska		if (n >= blksz && woff >= zp->z_size &&
7b5e6873SMartin Matuska		    P2PHASE(woff, blksz) == 0 &&
7a7741afSMartin Matuska		    !(uio->uio_extflg & UIO_DIRECT) &&
7b5e6873SMartin Matuska		    (blksz >= SPA_OLD_MAXBLOCKSIZE || n < 4 * blksz)) {
7877fdebSMatt Macy			/*
7877fdebSMatt Macy			 * This write covers a full block.  "Borrow" a buffer
7877fdebSMatt Macy			 * from the dmu so that we can fill it before we enter
7877fdebSMatt Macy			 * a transaction.  This avoids the possibility of
7877fdebSMatt Macy			 * holding up the transaction if the data copy hangs
7877fdebSMatt Macy			 * up on a pagefault (e.g., from an NFS server mapping).
7877fdebSMatt Macy			 */
7877fdebSMatt Macy			abuf = dmu_request_arcbuf(sa_get_db(zp->z_sa_hdl),
7b5e6873SMartin Matuska			    blksz);
7877fdebSMatt Macy			ASSERT(abuf != NULL);
7b5e6873SMartin Matuska			ASSERT(arc_buf_size(abuf) == blksz);
7b5e6873SMartin Matuska			if ((error = zfs_uiocopy(abuf->b_data, blksz,
7b5e6873SMartin Matuska			    UIO_WRITE, uio, &nbytes))) {
7877fdebSMatt Macy				dmu_return_arcbuf(abuf);
7877fdebSMatt Macy				break;
7877fdebSMatt Macy			}
7b5e6873SMartin Matuska			ASSERT3S(nbytes, ==, blksz);
7b5e6873SMartin Matuska		} else {
7b5e6873SMartin Matuska			nbytes = MIN(n, (DMU_MAX_ACCESS >> 1) -
7b5e6873SMartin Matuska			    P2PHASE(woff, blksz));
7b5e6873SMartin Matuska			if (pfbytes < nbytes) {
7b5e6873SMartin Matuska				if (zfs_uio_prefaultpages(nbytes, uio)) {
7b5e6873SMartin Matuska					error = SET_ERROR(EFAULT);
7b5e6873SMartin Matuska					break;
7b5e6873SMartin Matuska				}
7b5e6873SMartin Matuska				pfbytes = nbytes;
7b5e6873SMartin Matuska			}
7877fdebSMatt Macy		}
7877fdebSMatt Macy
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * Start a transaction.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
7877fdebSMatt Macy		dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
7877fdebSMatt Macy		dmu_buf_impl_t *db = (dmu_buf_impl_t *)sa_get_db(zp->z_sa_hdl);
7877fdebSMatt Macy		DB_DNODE_ENTER(db);
7b5e6873SMartin Matuska		dmu_tx_hold_write_by_dnode(tx, DB_DNODE(db), woff, nbytes);
7877fdebSMatt Macy		DB_DNODE_EXIT(db);
7877fdebSMatt Macy		zfs_sa_upgrade_txholds(tx, zp);
61145dc2SMartin Matuska		error = dmu_tx_assign(tx, DMU_TX_WAIT);
7877fdebSMatt Macy		if (error) {
7877fdebSMatt Macy			dmu_tx_abort(tx);
7877fdebSMatt Macy			if (abuf != NULL)
7877fdebSMatt Macy				dmu_return_arcbuf(abuf);
7877fdebSMatt Macy			break;
7877fdebSMatt Macy		}
7877fdebSMatt Macy
7877fdebSMatt Macy		/*
c03c5b1cSMartin Matuska		 * NB: We must call zfs_clear_setid_bits_if_necessary before
c03c5b1cSMartin Matuska		 * committing the transaction!
c03c5b1cSMartin Matuska		 */
c03c5b1cSMartin Matuska
c03c5b1cSMartin Matuska		/*
7877fdebSMatt Macy		 * If rangelock_enter() over-locked we grow the blocksize
7877fdebSMatt Macy		 * and then reduce the lock range.  This will only happen
7877fdebSMatt Macy		 * on the first iteration since rangelock_reduce() will
7877fdebSMatt Macy		 * shrink down lr_length to the appropriate size.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		if (lr->lr_length == UINT64_MAX) {
7b5e6873SMartin Matuska			zfs_grow_blocksize(zp, blksz, tx);
7877fdebSMatt Macy			zfs_rangelock_reduce(lr, woff, n);
7877fdebSMatt Macy		}
7877fdebSMatt Macy
b1c1ee44SMartin Matuska		dmu_flags_t dflags = DMU_READ_PREFETCH;
b1c1ee44SMartin Matuska		if (ioflag & O_DIRECT)
b1c1ee44SMartin Matuska			dflags |= DMU_UNCACHEDIO;
b1c1ee44SMartin Matuska		if (uio->uio_extflg & UIO_DIRECT)
b1c1ee44SMartin Matuska			dflags |= DMU_DIRECTIO;
b1c1ee44SMartin Matuska
7877fdebSMatt Macy		ssize_t tx_bytes;
7877fdebSMatt Macy		if (abuf == NULL) {
184c1b94SMartin Matuska			tx_bytes = zfs_uio_resid(uio);
184c1b94SMartin Matuska			zfs_uio_fault_disable(uio, B_TRUE);
7877fdebSMatt Macy			error = dmu_write_uio_dbuf(sa_get_db(zp->z_sa_hdl),
b1c1ee44SMartin Matuska			    uio, nbytes, tx, dflags);
184c1b94SMartin Matuska			zfs_uio_fault_disable(uio, B_FALSE);
7877fdebSMatt Macy#ifdef __linux__
7877fdebSMatt Macy			if (error == EFAULT) {
c03c5b1cSMartin Matuska				zfs_clear_setid_bits_if_necessary(zfsvfs, zp,
c03c5b1cSMartin Matuska				    cr, &clear_setid_bits_txg, tx);
7877fdebSMatt Macy				dmu_tx_commit(tx);
7877fdebSMatt Macy				/*
7877fdebSMatt Macy				 * Account for partial writes before
7877fdebSMatt Macy				 * continuing the loop.
7877fdebSMatt Macy				 * Update needs to occur before the next
184c1b94SMartin Matuska				 * zfs_uio_prefaultpages, or prefaultpages may
7877fdebSMatt Macy				 * error, and we may break the loop early.
7877fdebSMatt Macy				 */
184c1b94SMartin Matuska				n -= tx_bytes - zfs_uio_resid(uio);
7b5e6873SMartin Matuska				pfbytes -= tx_bytes - zfs_uio_resid(uio);
7877fdebSMatt Macy				continue;
7877fdebSMatt Macy			}
7877fdebSMatt Macy#endif
e92ffd9bSMartin Matuska			/*
e92ffd9bSMartin Matuska			 * On FreeBSD, EFAULT should be propagated back to the
e92ffd9bSMartin Matuska			 * VFS, which will handle faulting and will retry.
e92ffd9bSMartin Matuska			 */
e92ffd9bSMartin Matuska			if (error != 0 && error != EFAULT) {
c03c5b1cSMartin Matuska				zfs_clear_setid_bits_if_necessary(zfsvfs, zp,
c03c5b1cSMartin Matuska				    cr, &clear_setid_bits_txg, tx);
7877fdebSMatt Macy				dmu_tx_commit(tx);
7877fdebSMatt Macy				break;
7877fdebSMatt Macy			}
184c1b94SMartin Matuska			tx_bytes -= zfs_uio_resid(uio);
7877fdebSMatt Macy		} else {
7877fdebSMatt Macy			/*
7877fdebSMatt Macy			 * Thus, we're writing a full block at a block-aligned
7877fdebSMatt Macy			 * offset and extending the file past EOF.
7877fdebSMatt Macy			 *
7877fdebSMatt Macy			 * dmu_assign_arcbuf_by_dbuf() will directly assign the
7877fdebSMatt Macy			 * arc buffer to a dbuf.
7877fdebSMatt Macy			 */
7877fdebSMatt Macy			error = dmu_assign_arcbuf_by_dbuf(
b1c1ee44SMartin Matuska			    sa_get_db(zp->z_sa_hdl), woff, abuf, tx, dflags);
7877fdebSMatt Macy			if (error != 0) {
c03c5b1cSMartin Matuska				/*
c03c5b1cSMartin Matuska				 * XXX This might not be necessary if
c03c5b1cSMartin Matuska				 * dmu_assign_arcbuf_by_dbuf is guaranteed
c03c5b1cSMartin Matuska				 * to be atomic.
c03c5b1cSMartin Matuska				 */
c03c5b1cSMartin Matuska				zfs_clear_setid_bits_if_necessary(zfsvfs, zp,
c03c5b1cSMartin Matuska				    cr, &clear_setid_bits_txg, tx);
7877fdebSMatt Macy				dmu_return_arcbuf(abuf);
7877fdebSMatt Macy				dmu_tx_commit(tx);
7877fdebSMatt Macy				break;
7877fdebSMatt Macy			}
184c1b94SMartin Matuska			ASSERT3S(nbytes, <=, zfs_uio_resid(uio));
184c1b94SMartin Matuska			zfs_uioskip(uio, nbytes);
7877fdebSMatt Macy			tx_bytes = nbytes;
7877fdebSMatt Macy		}
7a7741afSMartin Matuska		/*
7a7741afSMartin Matuska		 * There is a window where a file's pages can be mmap'ed after
7a7741afSMartin Matuska		 * zfs_setup_direct() is called. This is due to the fact that
7a7741afSMartin Matuska		 * the rangelock in this function is acquired after calling
7a7741afSMartin Matuska		 * zfs_setup_direct(). This is done so that
7a7741afSMartin Matuska		 * zfs_uio_prefaultpages() does not attempt to fault in pages
7a7741afSMartin Matuska		 * on Linux for Direct I/O requests. This is not necessary as
7a7741afSMartin Matuska		 * the pages are pinned in memory and can not be faulted out.
7a7741afSMartin Matuska		 * Ideally, the rangelock would be held before calling
7a7741afSMartin Matuska		 * zfs_setup_direct() and zfs_uio_prefaultpages(); however,
7a7741afSMartin Matuska		 * this can lead to a deadlock as zfs_getpage() also acquires
7a7741afSMartin Matuska		 * the rangelock as a RL_WRITER and prefaulting the pages can
7a7741afSMartin Matuska		 * lead to zfs_getpage() being called.
7a7741afSMartin Matuska		 *
7a7741afSMartin Matuska		 * In the case of the pages being mapped after
7a7741afSMartin Matuska		 * zfs_setup_direct() is called, the call to update_pages()
7a7741afSMartin Matuska		 * will still be made to make sure there is consistency between
7a7741afSMartin Matuska		 * the ARC and the Linux page cache. This is an ufortunate
7a7741afSMartin Matuska		 * situation as the data will be read back into the ARC after
7a7741afSMartin Matuska		 * the Direct I/O write has completed, but this is the penality
7a7741afSMartin Matuska		 * for writing to a mmap'ed region of a file using Direct I/O.
7a7741afSMartin Matuska		 */
c9539b89SMartin Matuska		if (tx_bytes &&
7a7741afSMartin Matuska		    zn_has_cached_data(zp, woff, woff + tx_bytes - 1)) {
7877fdebSMatt Macy			update_pages(zp, woff, tx_bytes, zfsvfs->z_os);
7877fdebSMatt Macy		}
7877fdebSMatt Macy
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * If we made no progress, we're done.  If we made even
7877fdebSMatt Macy		 * partial progress, update the znode and ZIL accordingly.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		if (tx_bytes == 0) {
7877fdebSMatt Macy			(void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs),
7877fdebSMatt Macy			    (void *)&zp->z_size, sizeof (uint64_t), tx);
7877fdebSMatt Macy			dmu_tx_commit(tx);
7877fdebSMatt Macy			ASSERT(error != 0);
7877fdebSMatt Macy			break;
7877fdebSMatt Macy		}
7877fdebSMatt Macy
c03c5b1cSMartin Matuska		zfs_clear_setid_bits_if_necessary(zfsvfs, zp, cr,
c03c5b1cSMartin Matuska		    &clear_setid_bits_txg, tx);
7877fdebSMatt Macy
7877fdebSMatt Macy		zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime);
7877fdebSMatt Macy
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * Update the file size (zp_size) if it has changed;
7877fdebSMatt Macy		 * account for possible concurrent updates.
7877fdebSMatt Macy		 */
184c1b94SMartin Matuska		while ((end_size = zp->z_size) < zfs_uio_offset(uio)) {
7877fdebSMatt Macy			(void) atomic_cas_64(&zp->z_size, end_size,
184c1b94SMartin Matuska			    zfs_uio_offset(uio));
e92ffd9bSMartin Matuska			ASSERT(error == 0 || error == EFAULT);
7877fdebSMatt Macy		}
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * If we are replaying and eof is non zero then force
7877fdebSMatt Macy		 * the file size to the specified eof. Note, there's no
7877fdebSMatt Macy		 * concurrency during replay.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		if (zfsvfs->z_replay && zfsvfs->z_replay_eof != 0)
7877fdebSMatt Macy			zp->z_size = zfsvfs->z_replay_eof;
7877fdebSMatt Macy
e92ffd9bSMartin Matuska		error1 = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
e92ffd9bSMartin Matuska		if (error1 != 0)
e92ffd9bSMartin Matuska			/* Avoid clobbering EFAULT. */
e92ffd9bSMartin Matuska			error = error1;
7877fdebSMatt Macy
c03c5b1cSMartin Matuska		/*
c03c5b1cSMartin Matuska		 * NB: During replay, the TX_SETATTR record logged by
c03c5b1cSMartin Matuska		 * zfs_clear_setid_bits_if_necessary must precede any of
c03c5b1cSMartin Matuska		 * the TX_WRITE records logged here.
c03c5b1cSMartin Matuska		 */
f8b1db88SMartin Matuska		zfs_log_write(zilog, tx, TX_WRITE, zp, woff, tx_bytes, commit,
7a7741afSMartin Matuska		    uio->uio_extflg & UIO_DIRECT ? B_TRUE : B_FALSE, NULL,
7a7741afSMartin Matuska		    NULL);
c03c5b1cSMartin Matuska
7877fdebSMatt Macy		dmu_tx_commit(tx);
7877fdebSMatt Macy
7a7741afSMartin Matuska		/*
7a7741afSMartin Matuska		 * Direct I/O was deferred in order to grow the first block.
7a7741afSMartin Matuska		 * At this point it can be re-enabled for subsequent writes.
7a7741afSMartin Matuska		 */
7a7741afSMartin Matuska		if (o_direct_defer) {
7a7741afSMartin Matuska			ASSERT(ioflag & O_DIRECT);
7a7741afSMartin Matuska			uio->uio_extflg |= UIO_DIRECT;
7a7741afSMartin Matuska			o_direct_defer = B_FALSE;
7a7741afSMartin Matuska		}
7a7741afSMartin Matuska
7877fdebSMatt Macy		if (error != 0)
7877fdebSMatt Macy			break;
7877fdebSMatt Macy		ASSERT3S(tx_bytes, ==, nbytes);
7877fdebSMatt Macy		n -= nbytes;
7b5e6873SMartin Matuska		pfbytes -= nbytes;
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7a7741afSMartin Matuska	if (o_direct_defer) {
7a7741afSMartin Matuska		ASSERT(ioflag & O_DIRECT);
7a7741afSMartin Matuska		uio->uio_extflg |= UIO_DIRECT;
7a7741afSMartin Matuska		o_direct_defer = B_FALSE;
7a7741afSMartin Matuska	}
7a7741afSMartin Matuska
184c1b94SMartin Matuska	zfs_znode_update_vfs(zp);
7877fdebSMatt Macy	zfs_rangelock_exit(lr);
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7a7741afSMartin Matuska	 * Cleanup for Direct I/O if requested.
7a7741afSMartin Matuska	 */
7a7741afSMartin Matuska	if (uio->uio_extflg & UIO_DIRECT)
7a7741afSMartin Matuska		zfs_uio_free_dio_pages(uio, UIO_WRITE);
7a7741afSMartin Matuska
7a7741afSMartin Matuska	/*
7877fdebSMatt Macy	 * If we're in replay mode, or we made no progress, or the
7877fdebSMatt Macy	 * uio data is inaccessible return an error.  Otherwise, it's
7877fdebSMatt Macy	 * at least a partial write, so it's successful.
7877fdebSMatt Macy	 */
184c1b94SMartin Matuska	if (zfsvfs->z_replay || zfs_uio_resid(uio) == start_resid ||
7877fdebSMatt Macy	    error == EFAULT) {
c7046f76SMartin Matuska		zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy		return (error);
7877fdebSMatt Macy	}
7877fdebSMatt Macy
f8b1db88SMartin Matuska	if (commit)
7877fdebSMatt Macy		zil_commit(zilog, zp->z_id);
7877fdebSMatt Macy
7a7741afSMartin Matuska	int64_t nwritten = start_resid - zfs_uio_resid(uio);
7877fdebSMatt Macy	dataset_kstats_update_write_kstats(&zfsvfs->z_kstat, nwritten);
7877fdebSMatt Macy
c7046f76SMartin Matuska	zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy	return (0);
7877fdebSMatt Macy}
7877fdebSMatt Macy
b1c1ee44SMartin Matuska/*
b1c1ee44SMartin Matuska * Rewrite a range of file as-is without modification.
b1c1ee44SMartin Matuska *
b1c1ee44SMartin Matuska *	IN:	zp	- znode of file to be rewritten.
b1c1ee44SMartin Matuska *		off	- Offset of the range to rewrite.
b1c1ee44SMartin Matuska *		len	- Length of the range to rewrite.
b1c1ee44SMartin Matuska *		flags	- Random rewrite parameters.
b1c1ee44SMartin Matuska *		arg	- flags-specific argument.
b1c1ee44SMartin Matuska *
b1c1ee44SMartin Matuska *	RETURN:	0 if success
b1c1ee44SMartin Matuska *		error code if failure
b1c1ee44SMartin Matuska */
b1c1ee44SMartin Matuskaint
b1c1ee44SMartin Matuskazfs_rewrite(znode_t *zp, uint64_t off, uint64_t len, uint64_t flags,
b1c1ee44SMartin Matuska    uint64_t arg)
b1c1ee44SMartin Matuska{
b1c1ee44SMartin Matuska	int error;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	if (flags != 0 || arg != 0)
b1c1ee44SMartin Matuska		return (SET_ERROR(EINVAL));
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	zfsvfs_t *zfsvfs = ZTOZSB(zp);
b1c1ee44SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
b1c1ee44SMartin Matuska		return (error);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	if (zfs_is_readonly(zfsvfs)) {
b1c1ee44SMartin Matuska		zfs_exit(zfsvfs, FTAG);
b1c1ee44SMartin Matuska		return (SET_ERROR(EROFS));
b1c1ee44SMartin Matuska	}
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	if (off >= zp->z_size) {
b1c1ee44SMartin Matuska		zfs_exit(zfsvfs, FTAG);
b1c1ee44SMartin Matuska		return (0);
b1c1ee44SMartin Matuska	}
b1c1ee44SMartin Matuska	if (len == 0 || len > zp->z_size - off)
b1c1ee44SMartin Matuska		len = zp->z_size - off;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	/* Flush any mmap()'d data to disk */
b1c1ee44SMartin Matuska	if (zn_has_cached_data(zp, off, off + len - 1))
b1c1ee44SMartin Matuska		zn_flush_cached_data(zp, B_TRUE);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	zfs_locked_range_t *lr;
b1c1ee44SMartin Matuska	lr = zfs_rangelock_enter(&zp->z_rangelock, off, len, RL_WRITER);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	const uint64_t uid = KUID_TO_SUID(ZTOUID(zp));
b1c1ee44SMartin Matuska	const uint64_t gid = KGID_TO_SGID(ZTOGID(zp));
b1c1ee44SMartin Matuska	const uint64_t projid = zp->z_projid;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	dmu_buf_impl_t *db = (dmu_buf_impl_t *)sa_get_db(zp->z_sa_hdl);
b1c1ee44SMartin Matuska	DB_DNODE_ENTER(db);
b1c1ee44SMartin Matuska	dnode_t *dn = DB_DNODE(db);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	uint64_t n, noff = off, nr = 0, nw = 0;
b1c1ee44SMartin Matuska	while (len > 0) {
b1c1ee44SMartin Matuska		/*
b1c1ee44SMartin Matuska		 * Rewrite only actual data, skipping any holes.  This might
b1c1ee44SMartin Matuska		 * be inaccurate for dirty files, but we don't really care.
b1c1ee44SMartin Matuska		 */
b1c1ee44SMartin Matuska		if (noff == off) {
b1c1ee44SMartin Matuska			/* Find next data in the file. */
b1c1ee44SMartin Matuska			error = dnode_next_offset(dn, 0, &noff, 1, 1, 0);
b1c1ee44SMartin Matuska			if (error || noff >= off + len) {
b1c1ee44SMartin Matuska				if (error == ESRCH)	/* No more data. */
b1c1ee44SMartin Matuska					error = 0;
b1c1ee44SMartin Matuska				break;
b1c1ee44SMartin Matuska			}
b1c1ee44SMartin Matuska			ASSERT3U(noff, >=, off);
b1c1ee44SMartin Matuska			len -= noff - off;
b1c1ee44SMartin Matuska			off = noff;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska			/* Find where the data end. */
b1c1ee44SMartin Matuska			error = dnode_next_offset(dn, DNODE_FIND_HOLE, &noff,
b1c1ee44SMartin Matuska			    1, 1, 0);
b1c1ee44SMartin Matuska			if (error != 0)
b1c1ee44SMartin Matuska				noff = off + len;
b1c1ee44SMartin Matuska		}
b1c1ee44SMartin Matuska		ASSERT3U(noff, >, off);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT, uid) ||
b1c1ee44SMartin Matuska		    zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT, gid) ||
b1c1ee44SMartin Matuska		    (projid != ZFS_DEFAULT_PROJID &&
b1c1ee44SMartin Matuska		    zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT,
b1c1ee44SMartin Matuska		    projid))) {
b1c1ee44SMartin Matuska			error = SET_ERROR(EDQUOT);
b1c1ee44SMartin Matuska			break;
b1c1ee44SMartin Matuska		}
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		n = MIN(MIN(len, noff - off),
b1c1ee44SMartin Matuska		    DMU_MAX_ACCESS / 2 - P2PHASE(off, zp->z_blksz));
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
b1c1ee44SMartin Matuska		dmu_tx_hold_write_by_dnode(tx, dn, off, n);
b1c1ee44SMartin Matuska		error = dmu_tx_assign(tx, DMU_TX_WAIT);
b1c1ee44SMartin Matuska		if (error) {
b1c1ee44SMartin Matuska			dmu_tx_abort(tx);
b1c1ee44SMartin Matuska			break;
b1c1ee44SMartin Matuska		}
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		/* Mark all dbufs within range as dirty to trigger rewrite. */
b1c1ee44SMartin Matuska		dmu_buf_t **dbp;
b1c1ee44SMartin Matuska		int numbufs;
b1c1ee44SMartin Matuska		error = dmu_buf_hold_array_by_dnode(dn, off, n, TRUE, FTAG,
3747329bSMartin Matuska		    &numbufs, &dbp, DMU_READ_PREFETCH | DMU_UNCACHEDIO);
b1c1ee44SMartin Matuska		if (error) {
*3a896071SMartin Matuska			dmu_tx_commit(tx);
b1c1ee44SMartin Matuska			break;
b1c1ee44SMartin Matuska		}
b1c1ee44SMartin Matuska		for (int i = 0; i < numbufs; i++) {
b1c1ee44SMartin Matuska			nr += dbp[i]->db_size;
b1c1ee44SMartin Matuska			if (dmu_buf_is_dirty(dbp[i], tx))
b1c1ee44SMartin Matuska				continue;
b1c1ee44SMartin Matuska			nw += dbp[i]->db_size;
b1c1ee44SMartin Matuska			dmu_buf_will_dirty(dbp[i], tx);
b1c1ee44SMartin Matuska		}
b1c1ee44SMartin Matuska		dmu_buf_rele_array(dbp, numbufs, FTAG);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		dmu_tx_commit(tx);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		len -= n;
b1c1ee44SMartin Matuska		off += n;
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska		if (issig()) {
b1c1ee44SMartin Matuska			error = SET_ERROR(EINTR);
b1c1ee44SMartin Matuska			break;
b1c1ee44SMartin Matuska		}
b1c1ee44SMartin Matuska	}
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	DB_DNODE_EXIT(db);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	dataset_kstats_update_read_kstats(&zfsvfs->z_kstat, nr);
b1c1ee44SMartin Matuska	dataset_kstats_update_write_kstats(&zfsvfs->z_kstat, nw);
b1c1ee44SMartin Matuska
b1c1ee44SMartin Matuska	zfs_rangelock_exit(lr);
b1c1ee44SMartin Matuska	zfs_exit(zfsvfs, FTAG);
b1c1ee44SMartin Matuska	return (error);
b1c1ee44SMartin Matuska}
b1c1ee44SMartin Matuska
7877fdebSMatt Macyint
7877fdebSMatt Macyzfs_getsecattr(znode_t *zp, vsecattr_t *vsecp, int flag, cred_t *cr)
7877fdebSMatt Macy{
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
7877fdebSMatt Macy	int error;
7877fdebSMatt Macy	boolean_t skipaclchk = (flag & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
7877fdebSMatt Macy
c7046f76SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
c7046f76SMartin Matuska		return (error);
7877fdebSMatt Macy	error = zfs_getacl(zp, vsecp, skipaclchk, cr);
c7046f76SMartin Matuska	zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
7877fdebSMatt Macyint
7877fdebSMatt Macyzfs_setsecattr(znode_t *zp, vsecattr_t *vsecp, int flag, cred_t *cr)
7877fdebSMatt Macy{
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = ZTOZSB(zp);
7877fdebSMatt Macy	int error;
7877fdebSMatt Macy	boolean_t skipaclchk = (flag & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
78ae60b4SMartin Matuska	zilog_t	*zilog;
7877fdebSMatt Macy
c7046f76SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
c7046f76SMartin Matuska		return (error);
78ae60b4SMartin Matuska	zilog = zfsvfs->z_log;
7877fdebSMatt Macy	error = zfs_setacl(zp, vsecp, skipaclchk, cr);
7877fdebSMatt Macy
7877fdebSMatt Macy	if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
7877fdebSMatt Macy		zil_commit(zilog, 0);
7877fdebSMatt Macy
c7046f76SMartin Matuska	zfs_exit(zfsvfs, FTAG);
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
61145dc2SMartin Matuska/*
61145dc2SMartin Matuska * Get the optimal alignment to ensure direct IO can be performed without
61145dc2SMartin Matuska * incurring any RMW penalty on write. If direct IO is not enabled for this
61145dc2SMartin Matuska * file, returns an error.
61145dc2SMartin Matuska */
61145dc2SMartin Matuskaint
61145dc2SMartin Matuskazfs_get_direct_alignment(znode_t *zp, uint64_t *alignp)
61145dc2SMartin Matuska{
61145dc2SMartin Matuska	zfsvfs_t *zfsvfs = ZTOZSB(zp);
61145dc2SMartin Matuska
61145dc2SMartin Matuska	if (!zfs_dio_enabled || zfsvfs->z_os->os_direct == ZFS_DIRECT_DISABLED)
61145dc2SMartin Matuska		return (SET_ERROR(EOPNOTSUPP));
61145dc2SMartin Matuska
61145dc2SMartin Matuska	/*
61145dc2SMartin Matuska	 * If the file has multiple blocks, then its block size is fixed
61145dc2SMartin Matuska	 * forever, and so is the ideal alignment.
61145dc2SMartin Matuska	 *
61145dc2SMartin Matuska	 * If however it only has a single block, then we want to return the
61145dc2SMartin Matuska	 * max block size it could possibly grown to (ie, the dataset
61145dc2SMartin Matuska	 * recordsize). We do this so that a program querying alignment
61145dc2SMartin Matuska	 * immediately after the file is created gets a value that won't change
61145dc2SMartin Matuska	 * once the file has grown into the second block and beyond.
61145dc2SMartin Matuska	 *
61145dc2SMartin Matuska	 * Because we don't have a count of blocks easily available here, we
61145dc2SMartin Matuska	 * check if the apparent file size is smaller than its current block
61145dc2SMartin Matuska	 * size (meaning, the file hasn't yet grown into the current block
61145dc2SMartin Matuska	 * size) and then, check if the block size is smaller than the dataset
61145dc2SMartin Matuska	 * maximum (meaning, if the file grew past the current block size, the
61145dc2SMartin Matuska	 * block size could would be increased).
61145dc2SMartin Matuska	 */
61145dc2SMartin Matuska	if (zp->z_size <= zp->z_blksz && zp->z_blksz < zfsvfs->z_max_blksz)
61145dc2SMartin Matuska		*alignp = MAX(zfsvfs->z_max_blksz, PAGE_SIZE);
61145dc2SMartin Matuska	else
61145dc2SMartin Matuska		*alignp = MAX(zp->z_blksz, PAGE_SIZE);
61145dc2SMartin Matuska
61145dc2SMartin Matuska	return (0);
61145dc2SMartin Matuska}
61145dc2SMartin Matuska
7877fdebSMatt Macy#ifdef ZFS_DEBUG
7877fdebSMatt Macystatic int zil_fault_io = 0;
7877fdebSMatt Macy#endif
7877fdebSMatt Macy
7877fdebSMatt Macystatic void zfs_get_done(zgd_t *zgd, int error);
7877fdebSMatt Macy
7877fdebSMatt Macy/*
7877fdebSMatt Macy * Get data to generate a TX_WRITE intent log record.
7877fdebSMatt Macy */
7877fdebSMatt Macyint
f9693befSMartin Matuskazfs_get_data(void *arg, uint64_t gen, lr_write_t *lr, char *buf,
f9693befSMartin Matuska    struct lwb *lwb, zio_t *zio)
7877fdebSMatt Macy{
7877fdebSMatt Macy	zfsvfs_t *zfsvfs = arg;
7877fdebSMatt Macy	objset_t *os = zfsvfs->z_os;
7877fdebSMatt Macy	znode_t *zp;
7877fdebSMatt Macy	uint64_t object = lr->lr_foid;
7877fdebSMatt Macy	uint64_t offset = lr->lr_offset;
7877fdebSMatt Macy	uint64_t size = lr->lr_length;
7877fdebSMatt Macy	zgd_t *zgd;
7877fdebSMatt Macy	int error = 0;
f9693befSMartin Matuska	uint64_t zp_gen;
7877fdebSMatt Macy
7877fdebSMatt Macy	ASSERT3P(lwb, !=, NULL);
7877fdebSMatt Macy	ASSERT3U(size, !=, 0);
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Nothing to do if the file has been removed
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	if (zfs_zget(zfsvfs, object, &zp) != 0)
7877fdebSMatt Macy		return (SET_ERROR(ENOENT));
7877fdebSMatt Macy	if (zp->z_unlinked) {
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * Release the vnode asynchronously as we currently have the
7877fdebSMatt Macy		 * txg stopped from syncing.
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		zfs_zrele_async(zp);
7877fdebSMatt Macy		return (SET_ERROR(ENOENT));
7877fdebSMatt Macy	}
f9693befSMartin Matuska	/* check if generation number matches */
f9693befSMartin Matuska	if (sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(zfsvfs), &zp_gen,
f9693befSMartin Matuska	    sizeof (zp_gen)) != 0) {
f9693befSMartin Matuska		zfs_zrele_async(zp);
f9693befSMartin Matuska		return (SET_ERROR(EIO));
f9693befSMartin Matuska	}
f9693befSMartin Matuska	if (zp_gen != gen) {
f9693befSMartin Matuska		zfs_zrele_async(zp);
f9693befSMartin Matuska		return (SET_ERROR(ENOENT));
f9693befSMartin Matuska	}
7877fdebSMatt Macy
15f0b8c3SMartin Matuska	zgd = kmem_zalloc(sizeof (zgd_t), KM_SLEEP);
7877fdebSMatt Macy	zgd->zgd_lwb = lwb;
7877fdebSMatt Macy	zgd->zgd_private = zp;
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Write records come in two flavors: immediate and indirect.
7877fdebSMatt Macy	 * For small writes it's cheaper to store the data with the
7877fdebSMatt Macy	 * log record (immediate); for large writes it's cheaper to
7877fdebSMatt Macy	 * sync the data and get a pointer to it (indirect) so that
7877fdebSMatt Macy	 * we don't have to write the data twice.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	if (buf != NULL) { /* immediate write */
7a7741afSMartin Matuska		zgd->zgd_lr = zfs_rangelock_enter(&zp->z_rangelock, offset,
7a7741afSMartin Matuska		    size, RL_READER);
7877fdebSMatt Macy		/* test for truncation needs to be done while range locked */
7877fdebSMatt Macy		if (offset >= zp->z_size) {
7877fdebSMatt Macy			error = SET_ERROR(ENOENT);
7877fdebSMatt Macy		} else {
7877fdebSMatt Macy			error = dmu_read(os, object, offset, size, buf,
b1c1ee44SMartin Matuska			    DMU_READ_NO_PREFETCH | DMU_KEEP_CACHING);
7877fdebSMatt Macy		}
7877fdebSMatt Macy		ASSERT(error == 0 || error == ENOENT);
7877fdebSMatt Macy	} else { /* indirect write */
315ee00fSMartin Matuska		ASSERT3P(zio, !=, NULL);
7877fdebSMatt Macy		/*
7877fdebSMatt Macy		 * Have to lock the whole block to ensure when it's
7877fdebSMatt Macy		 * written out and its checksum is being calculated
7877fdebSMatt Macy		 * that no one can change the data. We need to re-check
7877fdebSMatt Macy		 * blocksize after we get the lock in case it's changed!
7877fdebSMatt Macy		 */
7877fdebSMatt Macy		for (;;) {
7877fdebSMatt Macy			uint64_t blkoff;
7877fdebSMatt Macy			size = zp->z_blksz;
7877fdebSMatt Macy			blkoff = ISP2(size) ? P2PHASE(offset, size) : offset;
7877fdebSMatt Macy			offset -= blkoff;
7877fdebSMatt Macy			zgd->zgd_lr = zfs_rangelock_enter(&zp->z_rangelock,
7877fdebSMatt Macy			    offset, size, RL_READER);
7877fdebSMatt Macy			if (zp->z_blksz == size)
7877fdebSMatt Macy				break;
7877fdebSMatt Macy			offset += blkoff;
7877fdebSMatt Macy			zfs_rangelock_exit(zgd->zgd_lr);
7877fdebSMatt Macy		}
7877fdebSMatt Macy		/* test for truncation needs to be done while range locked */
7877fdebSMatt Macy		if (lr->lr_offset >= zp->z_size)
7877fdebSMatt Macy			error = SET_ERROR(ENOENT);
7877fdebSMatt Macy#ifdef ZFS_DEBUG
7877fdebSMatt Macy		if (zil_fault_io) {
7877fdebSMatt Macy			error = SET_ERROR(EIO);
7877fdebSMatt Macy			zil_fault_io = 0;
7877fdebSMatt Macy		}
7877fdebSMatt Macy#endif
7a7741afSMartin Matuska
7a7741afSMartin Matuska		dmu_buf_t *dbp;
7877fdebSMatt Macy		if (error == 0)
315ee00fSMartin Matuska			error = dmu_buf_hold_noread(os, object, offset, zgd,
7a7741afSMartin Matuska			    &dbp);
7877fdebSMatt Macy
7877fdebSMatt Macy		if (error == 0) {
7a7741afSMartin Matuska			zgd->zgd_db = dbp;
7a7741afSMartin Matuska			dmu_buf_impl_t *db = (dmu_buf_impl_t *)dbp;
7a7741afSMartin Matuska			boolean_t direct_write = B_FALSE;
7a7741afSMartin Matuska			mutex_enter(&db->db_mtx);
7a7741afSMartin Matuska			dbuf_dirty_record_t *dr =
7a7741afSMartin Matuska			    dbuf_find_dirty_eq(db, lr->lr_common.lrc_txg);
7a7741afSMartin Matuska			if (dr != NULL && dr->dt.dl.dr_diowrite)
7a7741afSMartin Matuska				direct_write = B_TRUE;
7a7741afSMartin Matuska			mutex_exit(&db->db_mtx);
7877fdebSMatt Macy
7a7741afSMartin Matuska			/*
7a7741afSMartin Matuska			 * All Direct I/O writes will have already completed and
7a7741afSMartin Matuska			 * the block pointer can be immediately stored in the
7a7741afSMartin Matuska			 * log record.
7a7741afSMartin Matuska			 */
7a7741afSMartin Matuska			if (direct_write) {
7a7741afSMartin Matuska				/*
7a7741afSMartin Matuska				 * A Direct I/O write always covers an entire
7a7741afSMartin Matuska				 * block.
7a7741afSMartin Matuska				 */
7a7741afSMartin Matuska				ASSERT3U(dbp->db_size, ==, zp->z_blksz);
7a7741afSMartin Matuska				lr->lr_blkptr = dr->dt.dl.dr_overridden_by;
7a7741afSMartin Matuska				zfs_get_done(zgd, 0);
7a7741afSMartin Matuska				return (0);
7a7741afSMartin Matuska			}
7a7741afSMartin Matuska
7a7741afSMartin Matuska			blkptr_t *bp = &lr->lr_blkptr;
7877fdebSMatt Macy			zgd->zgd_bp = bp;
7877fdebSMatt Macy
7a7741afSMartin Matuska			ASSERT3U(dbp->db_offset, ==, offset);
7a7741afSMartin Matuska			ASSERT3U(dbp->db_size, ==, size);
7877fdebSMatt Macy
7877fdebSMatt Macy			error = dmu_sync(zio, lr->lr_common.lrc_txg,
7877fdebSMatt Macy			    zfs_get_done, zgd);
7877fdebSMatt Macy			ASSERT(error || lr->lr_length <= size);
7877fdebSMatt Macy
7877fdebSMatt Macy			/*
7877fdebSMatt Macy			 * On success, we need to wait for the write I/O
7877fdebSMatt Macy			 * initiated by dmu_sync() to complete before we can
7877fdebSMatt Macy			 * release this dbuf.  We will finish everything up
7877fdebSMatt Macy			 * in the zfs_get_done() callback.
7877fdebSMatt Macy			 */
7877fdebSMatt Macy			if (error == 0)
7877fdebSMatt Macy				return (0);
7877fdebSMatt Macy
7877fdebSMatt Macy			if (error == EALREADY) {
7877fdebSMatt Macy				lr->lr_common.lrc_txtype = TX_WRITE2;
7877fdebSMatt Macy				/*
7877fdebSMatt Macy				 * TX_WRITE2 relies on the data previously
7877fdebSMatt Macy				 * written by the TX_WRITE that caused
7877fdebSMatt Macy				 * EALREADY.  We zero out the BP because
7877fdebSMatt Macy				 * it is the old, currently-on-disk BP.
7877fdebSMatt Macy				 */
7877fdebSMatt Macy				zgd->zgd_bp = NULL;
7877fdebSMatt Macy				BP_ZERO(bp);
7877fdebSMatt Macy				error = 0;
7877fdebSMatt Macy			}
7877fdebSMatt Macy		}
7877fdebSMatt Macy	}
7877fdebSMatt Macy
7877fdebSMatt Macy	zfs_get_done(zgd, error);
7877fdebSMatt Macy
7877fdebSMatt Macy	return (error);
7877fdebSMatt Macy}
7877fdebSMatt Macy
7877fdebSMatt Macystatic void
7877fdebSMatt Macyzfs_get_done(zgd_t *zgd, int error)
7877fdebSMatt Macy{
c03c5b1cSMartin Matuska	(void) error;
7877fdebSMatt Macy	znode_t *zp = zgd->zgd_private;
7877fdebSMatt Macy
7877fdebSMatt Macy	if (zgd->zgd_db)
7877fdebSMatt Macy		dmu_buf_rele(zgd->zgd_db, zgd);
7877fdebSMatt Macy
7877fdebSMatt Macy	zfs_rangelock_exit(zgd->zgd_lr);
7877fdebSMatt Macy
7877fdebSMatt Macy	/*
7877fdebSMatt Macy	 * Release the vnode asynchronously as we currently have the
7877fdebSMatt Macy	 * txg stopped from syncing.
7877fdebSMatt Macy	 */
7877fdebSMatt Macy	zfs_zrele_async(zp);
7877fdebSMatt Macy
7877fdebSMatt Macy	kmem_free(zgd, sizeof (zgd_t));
7877fdebSMatt Macy}
7877fdebSMatt Macy
2a58b312SMartin Matuskastatic int
2a58b312SMartin Matuskazfs_enter_two(zfsvfs_t *zfsvfs1, zfsvfs_t *zfsvfs2, const char *tag)
2a58b312SMartin Matuska{
2a58b312SMartin Matuska	int error;
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/* Swap. Not sure if the order of zfs_enter()s is important. */
2a58b312SMartin Matuska	if (zfsvfs1 > zfsvfs2) {
2a58b312SMartin Matuska		zfsvfs_t *tmpzfsvfs;
2a58b312SMartin Matuska
2a58b312SMartin Matuska		tmpzfsvfs = zfsvfs2;
2a58b312SMartin Matuska		zfsvfs2 = zfsvfs1;
2a58b312SMartin Matuska		zfsvfs1 = tmpzfsvfs;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	error = zfs_enter(zfsvfs1, tag);
2a58b312SMartin Matuska	if (error != 0)
2a58b312SMartin Matuska		return (error);
2a58b312SMartin Matuska	if (zfsvfs1 != zfsvfs2) {
2a58b312SMartin Matuska		error = zfs_enter(zfsvfs2, tag);
2a58b312SMartin Matuska		if (error != 0) {
2a58b312SMartin Matuska			zfs_exit(zfsvfs1, tag);
2a58b312SMartin Matuska			return (error);
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	return (0);
2a58b312SMartin Matuska}
2a58b312SMartin Matuska
2a58b312SMartin Matuskastatic void
2a58b312SMartin Matuskazfs_exit_two(zfsvfs_t *zfsvfs1, zfsvfs_t *zfsvfs2, const char *tag)
2a58b312SMartin Matuska{
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zfs_exit(zfsvfs1, tag);
2a58b312SMartin Matuska	if (zfsvfs1 != zfsvfs2)
2a58b312SMartin Matuska		zfs_exit(zfsvfs2, tag);
2a58b312SMartin Matuska}
2a58b312SMartin Matuska
2a58b312SMartin Matuska/*
2a58b312SMartin Matuska * We split each clone request in chunks that can fit into a single ZIL
2a58b312SMartin Matuska * log entry. Each ZIL log entry can fit 130816 bytes for a block cloning
2a58b312SMartin Matuska * operation (see zil_max_log_data() and zfs_log_clone_range()). This gives
2a58b312SMartin Matuska * us room for storing 1022 block pointers.
2a58b312SMartin Matuska *
2a58b312SMartin Matuska * On success, the function return the number of bytes copied in *lenp.
2a58b312SMartin Matuska * Note, it doesn't return how much bytes are left to be copied.
315ee00fSMartin Matuska * On errors which are caused by any file system limitations or
315ee00fSMartin Matuska * brt limitations `EINVAL` is returned. In the most cases a user
315ee00fSMartin Matuska * requested bad parameters, it could be possible to clone the file but
315ee00fSMartin Matuska * some parameters don't match the requirements.
2a58b312SMartin Matuska */
2a58b312SMartin Matuskaint
2a58b312SMartin Matuskazfs_clone_range(znode_t *inzp, uint64_t *inoffp, znode_t *outzp,
2a58b312SMartin Matuska    uint64_t *outoffp, uint64_t *lenp, cred_t *cr)
2a58b312SMartin Matuska{
2a58b312SMartin Matuska	zfsvfs_t	*inzfsvfs, *outzfsvfs;
2a58b312SMartin Matuska	objset_t	*inos, *outos;
2a58b312SMartin Matuska	zfs_locked_range_t *inlr, *outlr;
2a58b312SMartin Matuska	dmu_buf_impl_t	*db;
2a58b312SMartin Matuska	dmu_tx_t	*tx;
2a58b312SMartin Matuska	zilog_t		*zilog;
2a58b312SMartin Matuska	uint64_t	inoff, outoff, len, done;
2a58b312SMartin Matuska	uint64_t	outsize, size;
2a58b312SMartin Matuska	int		error;
2a58b312SMartin Matuska	int		count = 0;
2a58b312SMartin Matuska	sa_bulk_attr_t	bulk[3];
2a58b312SMartin Matuska	uint64_t	mtime[2], ctime[2];
2a58b312SMartin Matuska	uint64_t	uid, gid, projid;
2a58b312SMartin Matuska	blkptr_t	*bps;
2a58b312SMartin Matuska	size_t		maxblocks, nbps;
2a58b312SMartin Matuska	uint_t		inblksz;
2a58b312SMartin Matuska	uint64_t	clear_setid_bits_txg = 0;
a4e5e010SMartin Matuska	uint64_t	last_synced_txg = 0;
2a58b312SMartin Matuska
2a58b312SMartin Matuska	inoff = *inoffp;
2a58b312SMartin Matuska	outoff = *outoffp;
2a58b312SMartin Matuska	len = *lenp;
2a58b312SMartin Matuska	done = 0;
2a58b312SMartin Matuska
2a58b312SMartin Matuska	inzfsvfs = ZTOZSB(inzp);
2a58b312SMartin Matuska	outzfsvfs = ZTOZSB(outzp);
e639e0d2SMartin Matuska
e639e0d2SMartin Matuska	/*
e639e0d2SMartin Matuska	 * We need to call zfs_enter() potentially on two different datasets,
e639e0d2SMartin Matuska	 * so we need a dedicated function for that.
e639e0d2SMartin Matuska	 */
e639e0d2SMartin Matuska	error = zfs_enter_two(inzfsvfs, outzfsvfs, FTAG);
e639e0d2SMartin Matuska	if (error != 0)
e639e0d2SMartin Matuska		return (error);
e639e0d2SMartin Matuska
2a58b312SMartin Matuska	inos = inzfsvfs->z_os;
2a58b312SMartin Matuska	outos = outzfsvfs->z_os;
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Both source and destination have to belong to the same storage pool.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if (dmu_objset_spa(inos) != dmu_objset_spa(outos)) {
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (SET_ERROR(EXDEV));
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
315ee00fSMartin Matuska	/*
315ee00fSMartin Matuska	 * outos and inos belongs to the same storage pool.
315ee00fSMartin Matuska	 * see a few lines above, only one check.
315ee00fSMartin Matuska	 */
315ee00fSMartin Matuska	if (!spa_feature_is_enabled(dmu_objset_spa(outos),
315ee00fSMartin Matuska	    SPA_FEATURE_BLOCK_CLONING)) {
315ee00fSMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
315ee00fSMartin Matuska		return (SET_ERROR(EOPNOTSUPP));
315ee00fSMartin Matuska	}
315ee00fSMartin Matuska
2a58b312SMartin Matuska	ASSERT(!outzfsvfs->z_replay);
2a58b312SMartin Matuska
f8b1db88SMartin Matuska	/*
f8b1db88SMartin Matuska	 * Block cloning from an unencrypted dataset into an encrypted
f8b1db88SMartin Matuska	 * dataset and vice versa is not supported.
f8b1db88SMartin Matuska	 */
f8b1db88SMartin Matuska	if (inos->os_encrypted != outos->os_encrypted) {
f8b1db88SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
f8b1db88SMartin Matuska		return (SET_ERROR(EXDEV));
f8b1db88SMartin Matuska	}
f8b1db88SMartin Matuska
3494f7c0SMartin Matuska	/*
3494f7c0SMartin Matuska	 * Cloning across encrypted datasets is possible only if they
3494f7c0SMartin Matuska	 * share the same master key.
3494f7c0SMartin Matuska	 */
3494f7c0SMartin Matuska	if (inos != outos && inos->os_encrypted &&
3494f7c0SMartin Matuska	    !dmu_objset_crypto_key_equal(inos, outos)) {
3494f7c0SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
3494f7c0SMartin Matuska		return (SET_ERROR(EXDEV));
3494f7c0SMartin Matuska	}
3494f7c0SMartin Matuska
2a58b312SMartin Matuska	error = zfs_verify_zp(inzp);
2a58b312SMartin Matuska	if (error == 0)
2a58b312SMartin Matuska		error = zfs_verify_zp(outzp);
2a58b312SMartin Matuska	if (error != 0) {
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (error);
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * We don't copy source file's flags that's why we don't allow to clone
2a58b312SMartin Matuska	 * files that are in quarantine.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if (inzp->z_pflags & ZFS_AV_QUARANTINED) {
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (SET_ERROR(EACCES));
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if (inoff >= inzp->z_size) {
2a58b312SMartin Matuska		*lenp = 0;
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (0);
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska	if (len > inzp->z_size - inoff) {
2a58b312SMartin Matuska		len = inzp->z_size - inoff;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska	if (len == 0) {
2a58b312SMartin Matuska		*lenp = 0;
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (0);
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Callers might not be able to detect properly that we are read-only,
2a58b312SMartin Matuska	 * so check it explicitly here.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if (zfs_is_readonly(outzfsvfs)) {
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (SET_ERROR(EROFS));
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * If immutable or not appending then return EPERM.
2a58b312SMartin Matuska	 * Intentionally allow ZFS_READONLY through here.
2a58b312SMartin Matuska	 * See zfs_zaccess_common()
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if ((outzp->z_pflags & ZFS_IMMUTABLE) != 0) {
2a58b312SMartin Matuska		zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska		return (SET_ERROR(EPERM));
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * No overlapping if we are cloning within the same file.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if (inzp == outzp) {
2a58b312SMartin Matuska		if (inoff < outoff + len && outoff < inoff + len) {
2a58b312SMartin Matuska			zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska			return (SET_ERROR(EINVAL));
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
783d3ff6SMartin Matuska	/* Flush any mmap()'d data to disk */
783d3ff6SMartin Matuska	if (zn_has_cached_data(inzp, inoff, inoff + len - 1))
783d3ff6SMartin Matuska		zn_flush_cached_data(inzp, B_TRUE);
783d3ff6SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Maintain predictable lock order.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if (inzp < outzp || (inzp == outzp && inoff < outoff)) {
2a58b312SMartin Matuska		inlr = zfs_rangelock_enter(&inzp->z_rangelock, inoff, len,
2a58b312SMartin Matuska		    RL_READER);
2a58b312SMartin Matuska		outlr = zfs_rangelock_enter(&outzp->z_rangelock, outoff, len,
2a58b312SMartin Matuska		    RL_WRITER);
2a58b312SMartin Matuska	} else {
2a58b312SMartin Matuska		outlr = zfs_rangelock_enter(&outzp->z_rangelock, outoff, len,
2a58b312SMartin Matuska		    RL_WRITER);
2a58b312SMartin Matuska		inlr = zfs_rangelock_enter(&inzp->z_rangelock, inoff, len,
2a58b312SMartin Matuska		    RL_READER);
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	inblksz = inzp->z_blksz;
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
f552d7adSMartin Matuska	 * We cannot clone into a file with different block size if we can't
f552d7adSMartin Matuska	 * grow it (block size is already bigger, has more than one block, or
f552d7adSMartin Matuska	 * not locked for growth).  There are other possible reasons for the
f552d7adSMartin Matuska	 * grow to fail, but we cover what we can before opening transaction
f552d7adSMartin Matuska	 * and the rest detect after we try to do it.
2a58b312SMartin Matuska	 */
f552d7adSMartin Matuska	if (inblksz < outzp->z_blksz) {
f552d7adSMartin Matuska		error = SET_ERROR(EINVAL);
f552d7adSMartin Matuska		goto unlock;
f552d7adSMartin Matuska	}
3159b89bSMartin Matuska	if (inblksz != outzp->z_blksz && (outzp->z_size > outzp->z_blksz ||
f552d7adSMartin Matuska	    outlr->lr_length != UINT64_MAX)) {
3159b89bSMartin Matuska		error = SET_ERROR(EINVAL);
3159b89bSMartin Matuska		goto unlock;
3159b89bSMartin Matuska	}
3159b89bSMartin Matuska
3159b89bSMartin Matuska	/*
3159b89bSMartin Matuska	 * Block size must be power-of-2 if destination offset != 0.
3159b89bSMartin Matuska	 * There can be no multiple blocks of non-power-of-2 size.
3159b89bSMartin Matuska	 */
3159b89bSMartin Matuska	if (outoff != 0 && !ISP2(inblksz)) {
315ee00fSMartin Matuska		error = SET_ERROR(EINVAL);
2a58b312SMartin Matuska		goto unlock;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Offsets and len must be at block boundries.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if ((inoff % inblksz) != 0 || (outoff % inblksz) != 0) {
315ee00fSMartin Matuska		error = SET_ERROR(EINVAL);
2a58b312SMartin Matuska		goto unlock;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Length must be multipe of blksz, except for the end of the file.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	if ((len % inblksz) != 0 &&
2a58b312SMartin Matuska	    (len < inzp->z_size - inoff || len < outzp->z_size - outoff)) {
315ee00fSMartin Matuska		error = SET_ERROR(EINVAL);
2a58b312SMartin Matuska		goto unlock;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
f7a5903dSMartin Matuska	/*
f7a5903dSMartin Matuska	 * If we are copying only one block and it is smaller than recordsize
f7a5903dSMartin Matuska	 * property, do not allow destination to grow beyond one block if it
f7a5903dSMartin Matuska	 * is not there yet.  Otherwise the destination will get stuck with
f7a5903dSMartin Matuska	 * that block size forever, that can be as small as 512 bytes, no
f7a5903dSMartin Matuska	 * matter how big the destination grow later.
f7a5903dSMartin Matuska	 */
f7a5903dSMartin Matuska	if (len <= inblksz && inblksz < outzfsvfs->z_max_blksz &&
f7a5903dSMartin Matuska	    outzp->z_size <= inblksz && outoff + len > inblksz) {
f7a5903dSMartin Matuska		error = SET_ERROR(EINVAL);
f7a5903dSMartin Matuska		goto unlock;
f7a5903dSMartin Matuska	}
f7a5903dSMartin Matuska
2a58b312SMartin Matuska	error = zn_rlimit_fsize(outoff + len);
2a58b312SMartin Matuska	if (error != 0) {
2a58b312SMartin Matuska		goto unlock;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if (inoff >= MAXOFFSET_T || outoff >= MAXOFFSET_T) {
2a58b312SMartin Matuska		error = SET_ERROR(EFBIG);
2a58b312SMartin Matuska		goto unlock;
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(outzfsvfs), NULL,
2a58b312SMartin Matuska	    &mtime, 16);
2a58b312SMartin Matuska	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(outzfsvfs), NULL,
2a58b312SMartin Matuska	    &ctime, 16);
2a58b312SMartin Matuska	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(outzfsvfs), NULL,
2a58b312SMartin Matuska	    &outzp->z_size, 8);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zilog = outzfsvfs->z_log;
2a58b312SMartin Matuska	maxblocks = zil_max_log_data(zilog, sizeof (lr_clone_range_t)) /
2a58b312SMartin Matuska	    sizeof (bps[0]);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	uid = KUID_TO_SUID(ZTOUID(outzp));
2a58b312SMartin Matuska	gid = KGID_TO_SGID(ZTOGID(outzp));
2a58b312SMartin Matuska	projid = outzp->z_projid;
2a58b312SMartin Matuska
315ee00fSMartin Matuska	bps = vmem_alloc(sizeof (bps[0]) * maxblocks, KM_SLEEP);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Clone the file in reasonable size chunks.  Each chunk is cloned
2a58b312SMartin Matuska	 * in a separate transaction; this keeps the intent log records small
2a58b312SMartin Matuska	 * and allows us to do more fine-grained space accounting.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	while (len > 0) {
2a58b312SMartin Matuska		size = MIN(inblksz * maxblocks, len);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		if (zfs_id_overblockquota(outzfsvfs, DMU_USERUSED_OBJECT,
2a58b312SMartin Matuska		    uid) ||
2a58b312SMartin Matuska		    zfs_id_overblockquota(outzfsvfs, DMU_GROUPUSED_OBJECT,
2a58b312SMartin Matuska		    gid) ||
2a58b312SMartin Matuska		    (projid != ZFS_DEFAULT_PROJID &&
2a58b312SMartin Matuska		    zfs_id_overblockquota(outzfsvfs, DMU_PROJECTUSED_OBJECT,
2a58b312SMartin Matuska		    projid))) {
2a58b312SMartin Matuska			error = SET_ERROR(EDQUOT);
2a58b312SMartin Matuska			break;
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska
2a58b312SMartin Matuska		nbps = maxblocks;
a4e5e010SMartin Matuska		last_synced_txg = spa_last_synced_txg(dmu_objset_spa(inos));
e639e0d2SMartin Matuska		error = dmu_read_l0_bps(inos, inzp->z_id, inoff, size, bps,
2a58b312SMartin Matuska		    &nbps);
2a58b312SMartin Matuska		if (error != 0) {
2a58b312SMartin Matuska			/*
315ee00fSMartin Matuska			 * If we are trying to clone a block that was created
a4e5e010SMartin Matuska			 * in the current transaction group, the error will be
a4e5e010SMartin Matuska			 * EAGAIN here.  Based on zfs_bclone_wait_dirty either
a4e5e010SMartin Matuska			 * return a shortened range to the caller so it can
a4e5e010SMartin Matuska			 * fallback, or wait for the next TXG and check again.
2a58b312SMartin Matuska			 */
a4e5e010SMartin Matuska			if (error == EAGAIN && zfs_bclone_wait_dirty) {
*3a896071SMartin Matuska				txg_wait_flag_t wait_flags =
*3a896071SMartin Matuska				    spa_get_failmode(dmu_objset_spa(inos)) ==
*3a896071SMartin Matuska				    ZIO_FAILURE_MODE_CONTINUE ?
*3a896071SMartin Matuska				    TXG_WAIT_SUSPEND : 0;
*3a896071SMartin Matuska				error = txg_wait_synced_flags(
*3a896071SMartin Matuska				    dmu_objset_pool(inos), last_synced_txg + 1,
*3a896071SMartin Matuska				    wait_flags);
*3a896071SMartin Matuska				if (error == 0)
a4e5e010SMartin Matuska					continue;
*3a896071SMartin Matuska				ASSERT3U(error, ==, ESHUTDOWN);
*3a896071SMartin Matuska				error = SET_ERROR(EIO);
a4e5e010SMartin Matuska			}
a4e5e010SMartin Matuska
2a58b312SMartin Matuska			break;
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska
e639e0d2SMartin Matuska		/*
e639e0d2SMartin Matuska		 * Start a transaction.
e639e0d2SMartin Matuska		 */
e639e0d2SMartin Matuska		tx = dmu_tx_create(outos);
2a58b312SMartin Matuska		dmu_tx_hold_sa(tx, outzp->z_sa_hdl, B_FALSE);
2a58b312SMartin Matuska		db = (dmu_buf_impl_t *)sa_get_db(outzp->z_sa_hdl);
2a58b312SMartin Matuska		DB_DNODE_ENTER(db);
*3a896071SMartin Matuska		dmu_tx_hold_clone_by_dnode(tx, DB_DNODE(db), outoff, size,
*3a896071SMartin Matuska		    inblksz);
2a58b312SMartin Matuska		DB_DNODE_EXIT(db);
2a58b312SMartin Matuska		zfs_sa_upgrade_txholds(tx, outzp);
61145dc2SMartin Matuska		error = dmu_tx_assign(tx, DMU_TX_WAIT);
2a58b312SMartin Matuska		if (error != 0) {
2a58b312SMartin Matuska			dmu_tx_abort(tx);
2a58b312SMartin Matuska			break;
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska
2a58b312SMartin Matuska		/*
f552d7adSMartin Matuska		 * Copy source znode's block size. This is done only if the
f552d7adSMartin Matuska		 * whole znode is locked (see zfs_rangelock_cb()) and only
f552d7adSMartin Matuska		 * on the first iteration since zfs_rangelock_reduce() will
f552d7adSMartin Matuska		 * shrink down lr_length to the appropriate size.
2a58b312SMartin Matuska		 */
2a58b312SMartin Matuska		if (outlr->lr_length == UINT64_MAX) {
2a58b312SMartin Matuska			zfs_grow_blocksize(outzp, inblksz, tx);
f552d7adSMartin Matuska
f552d7adSMartin Matuska			/*
f552d7adSMartin Matuska			 * Block growth may fail for many reasons we can not
f552d7adSMartin Matuska			 * predict here.  If it happen the cloning is doomed.
f552d7adSMartin Matuska			 */
f552d7adSMartin Matuska			if (inblksz != outzp->z_blksz) {
f552d7adSMartin Matuska				error = SET_ERROR(EINVAL);
*3a896071SMartin Matuska				dmu_tx_commit(tx);
f552d7adSMartin Matuska				break;
f552d7adSMartin Matuska			}
f552d7adSMartin Matuska
2a58b312SMartin Matuska			/*
2a58b312SMartin Matuska			 * Round range lock up to the block boundary, so we
2a58b312SMartin Matuska			 * prevent appends until we are done.
2a58b312SMartin Matuska			 */
2a58b312SMartin Matuska			zfs_rangelock_reduce(outlr, outoff,
2a58b312SMartin Matuska			    ((len - 1) / inblksz + 1) * inblksz);
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska
e639e0d2SMartin Matuska		error = dmu_brt_clone(outos, outzp->z_id, outoff, size, tx,
525fe93dSMartin Matuska		    bps, nbps);
e639e0d2SMartin Matuska		if (error != 0) {
e639e0d2SMartin Matuska			dmu_tx_commit(tx);
e639e0d2SMartin Matuska			break;
e639e0d2SMartin Matuska		}
2a58b312SMartin Matuska
78ae60b4SMartin Matuska		if (zn_has_cached_data(outzp, outoff, outoff + size - 1)) {
78ae60b4SMartin Matuska			update_pages(outzp, outoff, size, outos);
78ae60b4SMartin Matuska		}
78ae60b4SMartin Matuska
2a58b312SMartin Matuska		zfs_clear_setid_bits_if_necessary(outzfsvfs, outzp, cr,
2a58b312SMartin Matuska		    &clear_setid_bits_txg, tx);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		zfs_tstamp_update_setup(outzp, CONTENT_MODIFIED, mtime, ctime);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		/*
2a58b312SMartin Matuska		 * Update the file size (zp_size) if it has changed;
2a58b312SMartin Matuska		 * account for possible concurrent updates.
2a58b312SMartin Matuska		 */
2a58b312SMartin Matuska		while ((outsize = outzp->z_size) < outoff + size) {
2a58b312SMartin Matuska			(void) atomic_cas_64(&outzp->z_size, outsize,
2a58b312SMartin Matuska			    outoff + size);
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska
2a58b312SMartin Matuska		error = sa_bulk_update(outzp->z_sa_hdl, bulk, count, tx);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		zfs_log_clone_range(zilog, tx, TX_CLONE_RANGE, outzp, outoff,
2a58b312SMartin Matuska		    size, inblksz, bps, nbps);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		dmu_tx_commit(tx);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		if (error != 0)
2a58b312SMartin Matuska			break;
2a58b312SMartin Matuska
2a58b312SMartin Matuska		inoff += size;
2a58b312SMartin Matuska		outoff += size;
2a58b312SMartin Matuska		len -= size;
2a58b312SMartin Matuska		done += size;
aca928a5SMartin Matuska
aca928a5SMartin Matuska		if (issig()) {
aca928a5SMartin Matuska			error = SET_ERROR(EINTR);
aca928a5SMartin Matuska			break;
aca928a5SMartin Matuska		}
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
315ee00fSMartin Matuska	vmem_free(bps, sizeof (bps[0]) * maxblocks);
2a58b312SMartin Matuska	zfs_znode_update_vfs(outzp);
2a58b312SMartin Matuska
2a58b312SMartin Matuskaunlock:
2a58b312SMartin Matuska	zfs_rangelock_exit(outlr);
2a58b312SMartin Matuska	zfs_rangelock_exit(inlr);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if (done > 0) {
2a58b312SMartin Matuska		/*
2a58b312SMartin Matuska		 * If we have made at least partial progress, reset the error.
2a58b312SMartin Matuska		 */
2a58b312SMartin Matuska		error = 0;
2a58b312SMartin Matuska
2a58b312SMartin Matuska		ZFS_ACCESSTIME_STAMP(inzfsvfs, inzp);
2a58b312SMartin Matuska
2a58b312SMartin Matuska		if (outos->os_sync == ZFS_SYNC_ALWAYS) {
2a58b312SMartin Matuska			zil_commit(zilog, outzp->z_id);
2a58b312SMartin Matuska		}
2a58b312SMartin Matuska
2a58b312SMartin Matuska		*inoffp += done;
2a58b312SMartin Matuska		*outoffp += done;
2a58b312SMartin Matuska		*lenp = done;
3159b89bSMartin Matuska	} else {
3159b89bSMartin Matuska		/*
3159b89bSMartin Matuska		 * If we made no progress, there must be a good reason.
3159b89bSMartin Matuska		 * EOF is handled explicitly above, before the loop.
3159b89bSMartin Matuska		 */
3159b89bSMartin Matuska		ASSERT3S(error, !=, 0);
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zfs_exit_two(inzfsvfs, outzfsvfs, FTAG);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	return (error);
2a58b312SMartin Matuska}
2a58b312SMartin Matuska
2a58b312SMartin Matuska/*
2a58b312SMartin Matuska * Usual pattern would be to call zfs_clone_range() from zfs_replay_clone(),
2a58b312SMartin Matuska * but we cannot do that, because when replaying we don't have source znode
2a58b312SMartin Matuska * available. This is why we need a dedicated replay function.
2a58b312SMartin Matuska */
2a58b312SMartin Matuskaint
2a58b312SMartin Matuskazfs_clone_range_replay(znode_t *zp, uint64_t off, uint64_t len, uint64_t blksz,
2a58b312SMartin Matuska    const blkptr_t *bps, size_t nbps)
2a58b312SMartin Matuska{
2a58b312SMartin Matuska	zfsvfs_t	*zfsvfs;
2a58b312SMartin Matuska	dmu_buf_impl_t	*db;
2a58b312SMartin Matuska	dmu_tx_t	*tx;
2a58b312SMartin Matuska	int		error;
2a58b312SMartin Matuska	int		count = 0;
2a58b312SMartin Matuska	sa_bulk_attr_t	bulk[3];
2a58b312SMartin Matuska	uint64_t	mtime[2], ctime[2];
2a58b312SMartin Matuska
2a58b312SMartin Matuska	ASSERT3U(off, <, MAXOFFSET_T);
2a58b312SMartin Matuska	ASSERT3U(len, >, 0);
2a58b312SMartin Matuska	ASSERT3U(nbps, >, 0);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zfsvfs = ZTOZSB(zp);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	ASSERT(spa_feature_is_enabled(dmu_objset_spa(zfsvfs->z_os),
2a58b312SMartin Matuska	    SPA_FEATURE_BLOCK_CLONING));
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if ((error = zfs_enter_verify_zp(zfsvfs, zp, FTAG)) != 0)
2a58b312SMartin Matuska		return (error);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	ASSERT(zfsvfs->z_replay);
2a58b312SMartin Matuska	ASSERT(!zfs_is_readonly(zfsvfs));
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if ((off % blksz) != 0) {
2a58b312SMartin Matuska		zfs_exit(zfsvfs, FTAG);
2a58b312SMartin Matuska		return (SET_ERROR(EINVAL));
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
2a58b312SMartin Matuska	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
2a58b312SMartin Matuska	SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), NULL,
2a58b312SMartin Matuska	    &zp->z_size, 8);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * Start a transaction.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	tx = dmu_tx_create(zfsvfs->z_os);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
2a58b312SMartin Matuska	db = (dmu_buf_impl_t *)sa_get_db(zp->z_sa_hdl);
2a58b312SMartin Matuska	DB_DNODE_ENTER(db);
*3a896071SMartin Matuska	dmu_tx_hold_clone_by_dnode(tx, DB_DNODE(db), off, len, blksz);
2a58b312SMartin Matuska	DB_DNODE_EXIT(db);
2a58b312SMartin Matuska	zfs_sa_upgrade_txholds(tx, zp);
61145dc2SMartin Matuska	error = dmu_tx_assign(tx, DMU_TX_WAIT);
2a58b312SMartin Matuska	if (error != 0) {
2a58b312SMartin Matuska		dmu_tx_abort(tx);
2a58b312SMartin Matuska		zfs_exit(zfsvfs, FTAG);
2a58b312SMartin Matuska		return (error);
2a58b312SMartin Matuska	}
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if (zp->z_blksz < blksz)
2a58b312SMartin Matuska		zfs_grow_blocksize(zp, blksz, tx);
2a58b312SMartin Matuska
525fe93dSMartin Matuska	dmu_brt_clone(zfsvfs->z_os, zp->z_id, off, len, tx, bps, nbps);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zfs_tstamp_update_setup(zp, CONTENT_MODIFIED, mtime, ctime);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	if (zp->z_size < off + len)
2a58b312SMartin Matuska		zp->z_size = off + len;
2a58b312SMartin Matuska
2a58b312SMartin Matuska	error = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	/*
2a58b312SMartin Matuska	 * zil_replaying() not only check if we are replaying ZIL, but also
2a58b312SMartin Matuska	 * updates the ZIL header to record replay progress.
2a58b312SMartin Matuska	 */
2a58b312SMartin Matuska	VERIFY(zil_replaying(zfsvfs->z_log, tx));
2a58b312SMartin Matuska
2a58b312SMartin Matuska	dmu_tx_commit(tx);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zfs_znode_update_vfs(zp);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	zfs_exit(zfsvfs, FTAG);
2a58b312SMartin Matuska
2a58b312SMartin Matuska	return (error);
2a58b312SMartin Matuska}
2a58b312SMartin Matuska
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_access);
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_fsync);
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_holey);
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_read);
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_write);
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_getsecattr);
7877fdebSMatt MacyEXPORT_SYMBOL(zfs_setsecattr);
2a58b312SMartin MatuskaEXPORT_SYMBOL(zfs_clone_range);
2a58b312SMartin MatuskaEXPORT_SYMBOL(zfs_clone_range_replay);
7877fdebSMatt Macy
dbd5678dSMartin MatuskaZFS_MODULE_PARAM(zfs_vnops, zfs_vnops_, read_chunk_size, U64, ZMOD_RW,
7877fdebSMatt Macy	"Bytes to read per chunk");
a4e5e010SMartin Matuska
a4e5e010SMartin MatuskaZFS_MODULE_PARAM(zfs, zfs_, bclone_enabled, INT, ZMOD_RW,
a4e5e010SMartin Matuska	"Enable block cloning");
a4e5e010SMartin Matuska
a4e5e010SMartin MatuskaZFS_MODULE_PARAM(zfs, zfs_, bclone_wait_dirty, INT, ZMOD_RW,
a4e5e010SMartin Matuska	"Wait for dirty blocks when cloning");
7a7741afSMartin Matuska
7a7741afSMartin MatuskaZFS_MODULE_PARAM(zfs, zfs_, dio_enabled, INT, ZMOD_RW,
7a7741afSMartin Matuska	"Enable Direct I/O");
b1c1ee44SMartin Matuska
b1c1ee44SMartin MatuskaZFS_MODULE_PARAM(zfs, zfs_, dio_strict, INT, ZMOD_RW,
b1c1ee44SMartin Matuska	"Return errors on misaligned Direct I/O");