1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright (c) 2011, 2015 by Delphix. All rights reserved. 25 * Copyright 2019 Joyent, Inc. 26 * Copyright (c) 2012 Pawel Jakub Dawidek. All rights reserved. 27 * Copyright (c) 2013 Steven Hartland. All rights reserved. 28 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved. 29 * Copyright (c) 2014 Integros [integros.com] 30 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com> 31 * Copyright (c) 2017, loli10K <ezomori.nozomu@gmail.com>. All rights reserved. 32 * Copyright (c) 2018 Datto Inc. 33 */ 34 35 #include <assert.h> 36 #include <ctype.h> 37 #include <errno.h> 38 #include <libintl.h> 39 #include <stdio.h> 40 #include <stdlib.h> 41 #include <strings.h> 42 #include <unistd.h> 43 #include <stddef.h> 44 #include <fcntl.h> 45 #include <sys/mount.h> 46 #include <pthread.h> 47 #include <umem.h> 48 #include <time.h> 49 50 #include <libzfs.h> 51 #include <libzfs_core.h> 52 #include <libzutil.h> 53 54 #include "zfs_namecheck.h" 55 #include "zfs_prop.h" 56 #include "zfs_fletcher.h" 57 #include "libzfs_impl.h" 58 #include <zlib.h> 59 #include <sha2.h> 60 #include <sys/zio_checksum.h> 61 #include <sys/dsl_crypt.h> 62 #include <sys/ddt.h> 63 64 /* in libzfs_dataset.c */ 65 extern void zfs_setprop_error(libzfs_handle_t *, zfs_prop_t, int, char *); 66 67 static int zfs_receive_impl(libzfs_handle_t *, const char *, const char *, 68 recvflags_t *, int, const char *, nvlist_t *, avl_tree_t *, char **, int, 69 uint64_t *, const char *, nvlist_t *); 70 static int guid_to_name(libzfs_handle_t *, const char *, 71 uint64_t, boolean_t, char *); 72 73 static const zio_cksum_t zero_cksum = { 0 }; 74 75 typedef struct dedup_arg { 76 int inputfd; 77 int outputfd; 78 libzfs_handle_t *dedup_hdl; 79 } dedup_arg_t; 80 81 typedef struct progress_arg { 82 zfs_handle_t *pa_zhp; 83 int pa_fd; 84 boolean_t pa_parsable; 85 } progress_arg_t; 86 87 typedef struct dataref { 88 uint64_t ref_guid; 89 uint64_t ref_object; 90 uint64_t ref_offset; 91 } dataref_t; 92 93 typedef struct dedup_entry { 94 struct dedup_entry *dde_next; 95 zio_cksum_t dde_chksum; 96 uint64_t dde_prop; 97 dataref_t dde_ref; 98 } dedup_entry_t; 99 100 #define MAX_DDT_PHYSMEM_PERCENT 20 101 #define SMALLEST_POSSIBLE_MAX_DDT_MB 128 102 103 typedef struct dedup_table { 104 dedup_entry_t **dedup_hash_array; 105 umem_cache_t *ddecache; 106 uint64_t max_ddt_size; /* max dedup table size in bytes */ 107 uint64_t cur_ddt_size; /* current dedup table size in bytes */ 108 uint64_t ddt_count; 109 int numhashbits; 110 boolean_t ddt_full; 111 } dedup_table_t; 112 113 static int 114 high_order_bit(uint64_t n) 115 { 116 int count; 117 118 for (count = 0; n != 0; count++) 119 n >>= 1; 120 return (count); 121 } 122 123 static size_t 124 ssread(void *buf, size_t len, FILE *stream) 125 { 126 size_t outlen; 127 128 if ((outlen = fread(buf, len, 1, stream)) == 0) 129 return (0); 130 131 return (outlen); 132 } 133 134 static void 135 ddt_hash_append(libzfs_handle_t *hdl, dedup_table_t *ddt, dedup_entry_t **ddepp, 136 zio_cksum_t *cs, uint64_t prop, dataref_t *dr) 137 { 138 dedup_entry_t *dde; 139 140 if (ddt->cur_ddt_size >= ddt->max_ddt_size) { 141 if (ddt->ddt_full == B_FALSE) { 142 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 143 "Dedup table full. Deduplication will continue " 144 "with existing table entries")); 145 ddt->ddt_full = B_TRUE; 146 } 147 return; 148 } 149 150 if ((dde = umem_cache_alloc(ddt->ddecache, UMEM_DEFAULT)) 151 != NULL) { 152 assert(*ddepp == NULL); 153 dde->dde_next = NULL; 154 dde->dde_chksum = *cs; 155 dde->dde_prop = prop; 156 dde->dde_ref = *dr; 157 *ddepp = dde; 158 ddt->cur_ddt_size += sizeof (dedup_entry_t); 159 ddt->ddt_count++; 160 } 161 } 162 163 /* 164 * Using the specified dedup table, do a lookup for an entry with 165 * the checksum cs. If found, return the block's reference info 166 * in *dr. Otherwise, insert a new entry in the dedup table, using 167 * the reference information specified by *dr. 168 * 169 * return value: true - entry was found 170 * false - entry was not found 171 */ 172 static boolean_t 173 ddt_update(libzfs_handle_t *hdl, dedup_table_t *ddt, zio_cksum_t *cs, 174 uint64_t prop, dataref_t *dr) 175 { 176 uint32_t hashcode; 177 dedup_entry_t **ddepp; 178 179 hashcode = BF64_GET(cs->zc_word[0], 0, ddt->numhashbits); 180 181 for (ddepp = &(ddt->dedup_hash_array[hashcode]); *ddepp != NULL; 182 ddepp = &((*ddepp)->dde_next)) { 183 if (ZIO_CHECKSUM_EQUAL(((*ddepp)->dde_chksum), *cs) && 184 (*ddepp)->dde_prop == prop) { 185 *dr = (*ddepp)->dde_ref; 186 return (B_TRUE); 187 } 188 } 189 ddt_hash_append(hdl, ddt, ddepp, cs, prop, dr); 190 return (B_FALSE); 191 } 192 193 static int 194 dump_record(dmu_replay_record_t *drr, void *payload, int payload_len, 195 zio_cksum_t *zc, int outfd) 196 { 197 ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), 198 ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t)); 199 (void) fletcher_4_incremental_native(drr, 200 offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), zc); 201 if (drr->drr_type != DRR_BEGIN) { 202 ASSERT(ZIO_CHECKSUM_IS_ZERO(&drr->drr_u. 203 drr_checksum.drr_checksum)); 204 drr->drr_u.drr_checksum.drr_checksum = *zc; 205 } 206 (void) fletcher_4_incremental_native( 207 &drr->drr_u.drr_checksum.drr_checksum, sizeof (zio_cksum_t), zc); 208 if (write(outfd, drr, sizeof (*drr)) == -1) 209 return (errno); 210 if (payload_len != 0) { 211 (void) fletcher_4_incremental_native(payload, payload_len, zc); 212 if (write(outfd, payload, payload_len) == -1) 213 return (errno); 214 } 215 return (0); 216 } 217 218 /* 219 * This function is started in a separate thread when the dedup option 220 * has been requested. The main send thread determines the list of 221 * snapshots to be included in the send stream and makes the ioctl calls 222 * for each one. But instead of having the ioctl send the output to the 223 * the output fd specified by the caller of zfs_send()), the 224 * ioctl is told to direct the output to a pipe, which is read by the 225 * alternate thread running THIS function. This function does the 226 * dedup'ing by: 227 * 1. building a dedup table (the DDT) 228 * 2. doing checksums on each data block and inserting a record in the DDT 229 * 3. looking for matching checksums, and 230 * 4. sending a DRR_WRITE_BYREF record instead of a write record whenever 231 * a duplicate block is found. 232 * The output of this function then goes to the output fd requested 233 * by the caller of zfs_send(). 234 */ 235 static void * 236 cksummer(void *arg) 237 { 238 dedup_arg_t *dda = arg; 239 char *buf = zfs_alloc(dda->dedup_hdl, SPA_MAXBLOCKSIZE); 240 dmu_replay_record_t thedrr; 241 dmu_replay_record_t *drr = &thedrr; 242 FILE *ofp; 243 int outfd; 244 dedup_table_t ddt; 245 zio_cksum_t stream_cksum; 246 uint64_t physmem = sysconf(_SC_PHYS_PAGES) * sysconf(_SC_PAGESIZE); 247 uint64_t numbuckets; 248 249 ddt.max_ddt_size = 250 MAX((physmem * MAX_DDT_PHYSMEM_PERCENT) / 100, 251 SMALLEST_POSSIBLE_MAX_DDT_MB << 20); 252 253 numbuckets = ddt.max_ddt_size / (sizeof (dedup_entry_t)); 254 255 /* 256 * numbuckets must be a power of 2. Increase number to 257 * a power of 2 if necessary. 258 */ 259 if (!ISP2(numbuckets)) 260 numbuckets = 1 << high_order_bit(numbuckets); 261 262 ddt.dedup_hash_array = calloc(numbuckets, sizeof (dedup_entry_t *)); 263 ddt.ddecache = umem_cache_create("dde", sizeof (dedup_entry_t), 0, 264 NULL, NULL, NULL, NULL, NULL, 0); 265 ddt.cur_ddt_size = numbuckets * sizeof (dedup_entry_t *); 266 ddt.numhashbits = high_order_bit(numbuckets) - 1; 267 ddt.ddt_full = B_FALSE; 268 269 outfd = dda->outputfd; 270 ofp = fdopen(dda->inputfd, "r"); 271 while (ssread(drr, sizeof (*drr), ofp) != 0) { 272 273 /* 274 * kernel filled in checksum, we are going to write same 275 * record, but need to regenerate checksum. 276 */ 277 if (drr->drr_type != DRR_BEGIN) { 278 bzero(&drr->drr_u.drr_checksum.drr_checksum, 279 sizeof (drr->drr_u.drr_checksum.drr_checksum)); 280 } 281 282 switch (drr->drr_type) { 283 case DRR_BEGIN: 284 { 285 struct drr_begin *drrb = &drr->drr_u.drr_begin; 286 int fflags; 287 int sz = 0; 288 ZIO_SET_CHECKSUM(&stream_cksum, 0, 0, 0, 0); 289 290 ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC); 291 292 /* set the DEDUP feature flag for this stream */ 293 fflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo); 294 fflags |= (DMU_BACKUP_FEATURE_DEDUP | 295 DMU_BACKUP_FEATURE_DEDUPPROPS); 296 DMU_SET_FEATUREFLAGS(drrb->drr_versioninfo, fflags); 297 298 if (drr->drr_payloadlen != 0) { 299 sz = drr->drr_payloadlen; 300 301 if (sz > SPA_MAXBLOCKSIZE) { 302 buf = zfs_realloc(dda->dedup_hdl, buf, 303 SPA_MAXBLOCKSIZE, sz); 304 } 305 (void) ssread(buf, sz, ofp); 306 if (ferror(stdin)) 307 perror("fread"); 308 } 309 if (dump_record(drr, buf, sz, &stream_cksum, 310 outfd) != 0) 311 goto out; 312 break; 313 } 314 315 case DRR_END: 316 { 317 struct drr_end *drre = &drr->drr_u.drr_end; 318 /* use the recalculated checksum */ 319 drre->drr_checksum = stream_cksum; 320 if (dump_record(drr, NULL, 0, &stream_cksum, 321 outfd) != 0) 322 goto out; 323 break; 324 } 325 326 case DRR_OBJECT: 327 { 328 struct drr_object *drro = &drr->drr_u.drr_object; 329 if (drro->drr_bonuslen > 0) { 330 (void) ssread(buf, 331 DRR_OBJECT_PAYLOAD_SIZE(drro), ofp); 332 } 333 if (dump_record(drr, buf, DRR_OBJECT_PAYLOAD_SIZE(drro), 334 &stream_cksum, outfd) != 0) 335 goto out; 336 break; 337 } 338 339 case DRR_SPILL: 340 { 341 struct drr_spill *drrs = &drr->drr_u.drr_spill; 342 (void) ssread(buf, DRR_SPILL_PAYLOAD_SIZE(drrs), ofp); 343 if (dump_record(drr, buf, DRR_SPILL_PAYLOAD_SIZE(drrs), 344 &stream_cksum, outfd) != 0) 345 goto out; 346 break; 347 } 348 349 case DRR_FREEOBJECTS: 350 { 351 if (dump_record(drr, NULL, 0, &stream_cksum, 352 outfd) != 0) 353 goto out; 354 break; 355 } 356 357 case DRR_WRITE: 358 { 359 struct drr_write *drrw = &drr->drr_u.drr_write; 360 dataref_t dataref; 361 uint64_t payload_size; 362 363 payload_size = DRR_WRITE_PAYLOAD_SIZE(drrw); 364 (void) ssread(buf, payload_size, ofp); 365 366 /* 367 * Use the existing checksum if it's dedup-capable, 368 * else calculate a SHA256 checksum for it. 369 */ 370 371 if (ZIO_CHECKSUM_EQUAL(drrw->drr_key.ddk_cksum, 372 zero_cksum) || 373 !DRR_IS_DEDUP_CAPABLE(drrw->drr_flags)) { 374 SHA256_CTX ctx; 375 zio_cksum_t tmpsha256; 376 377 SHA256Init(&ctx); 378 SHA256Update(&ctx, buf, payload_size); 379 SHA256Final(&tmpsha256, &ctx); 380 drrw->drr_key.ddk_cksum.zc_word[0] = 381 BE_64(tmpsha256.zc_word[0]); 382 drrw->drr_key.ddk_cksum.zc_word[1] = 383 BE_64(tmpsha256.zc_word[1]); 384 drrw->drr_key.ddk_cksum.zc_word[2] = 385 BE_64(tmpsha256.zc_word[2]); 386 drrw->drr_key.ddk_cksum.zc_word[3] = 387 BE_64(tmpsha256.zc_word[3]); 388 drrw->drr_checksumtype = ZIO_CHECKSUM_SHA256; 389 drrw->drr_flags |= DRR_CHECKSUM_DEDUP; 390 } 391 392 dataref.ref_guid = drrw->drr_toguid; 393 dataref.ref_object = drrw->drr_object; 394 dataref.ref_offset = drrw->drr_offset; 395 396 if (ddt_update(dda->dedup_hdl, &ddt, 397 &drrw->drr_key.ddk_cksum, drrw->drr_key.ddk_prop, 398 &dataref)) { 399 dmu_replay_record_t wbr_drr = {0}; 400 struct drr_write_byref *wbr_drrr = 401 &wbr_drr.drr_u.drr_write_byref; 402 403 /* block already present in stream */ 404 wbr_drr.drr_type = DRR_WRITE_BYREF; 405 406 wbr_drrr->drr_object = drrw->drr_object; 407 wbr_drrr->drr_offset = drrw->drr_offset; 408 wbr_drrr->drr_length = drrw->drr_logical_size; 409 wbr_drrr->drr_toguid = drrw->drr_toguid; 410 wbr_drrr->drr_refguid = dataref.ref_guid; 411 wbr_drrr->drr_refobject = 412 dataref.ref_object; 413 wbr_drrr->drr_refoffset = 414 dataref.ref_offset; 415 416 wbr_drrr->drr_checksumtype = 417 drrw->drr_checksumtype; 418 wbr_drrr->drr_flags = drrw->drr_flags; 419 wbr_drrr->drr_key.ddk_cksum = 420 drrw->drr_key.ddk_cksum; 421 wbr_drrr->drr_key.ddk_prop = 422 drrw->drr_key.ddk_prop; 423 424 if (dump_record(&wbr_drr, NULL, 0, 425 &stream_cksum, outfd) != 0) 426 goto out; 427 } else { 428 /* block not previously seen */ 429 if (dump_record(drr, buf, payload_size, 430 &stream_cksum, outfd) != 0) 431 goto out; 432 } 433 break; 434 } 435 436 case DRR_WRITE_EMBEDDED: 437 { 438 struct drr_write_embedded *drrwe = 439 &drr->drr_u.drr_write_embedded; 440 (void) ssread(buf, 441 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8), ofp); 442 if (dump_record(drr, buf, 443 P2ROUNDUP((uint64_t)drrwe->drr_psize, 8), 444 &stream_cksum, outfd) != 0) 445 goto out; 446 break; 447 } 448 449 case DRR_FREE: 450 { 451 if (dump_record(drr, NULL, 0, &stream_cksum, 452 outfd) != 0) 453 goto out; 454 break; 455 } 456 457 case DRR_OBJECT_RANGE: 458 { 459 if (dump_record(drr, NULL, 0, &stream_cksum, 460 outfd) != 0) 461 goto out; 462 break; 463 } 464 465 default: 466 (void) fprintf(stderr, "INVALID record type 0x%x\n", 467 drr->drr_type); 468 /* should never happen, so assert */ 469 assert(B_FALSE); 470 } 471 } 472 out: 473 umem_cache_destroy(ddt.ddecache); 474 free(ddt.dedup_hash_array); 475 free(buf); 476 (void) fclose(ofp); 477 478 return (NULL); 479 } 480 481 /* 482 * Routines for dealing with the AVL tree of fs-nvlists 483 */ 484 typedef struct fsavl_node { 485 avl_node_t fn_node; 486 nvlist_t *fn_nvfs; 487 char *fn_snapname; 488 uint64_t fn_guid; 489 } fsavl_node_t; 490 491 static int 492 fsavl_compare(const void *arg1, const void *arg2) 493 { 494 const fsavl_node_t *fn1 = (const fsavl_node_t *)arg1; 495 const fsavl_node_t *fn2 = (const fsavl_node_t *)arg2; 496 497 if (fn1->fn_guid > fn2->fn_guid) 498 return (+1); 499 if (fn1->fn_guid < fn2->fn_guid) 500 return (-1); 501 return (0); 502 } 503 504 /* 505 * Given the GUID of a snapshot, find its containing filesystem and 506 * (optionally) name. 507 */ 508 static nvlist_t * 509 fsavl_find(avl_tree_t *avl, uint64_t snapguid, char **snapname) 510 { 511 fsavl_node_t fn_find; 512 fsavl_node_t *fn; 513 514 fn_find.fn_guid = snapguid; 515 516 fn = avl_find(avl, &fn_find, NULL); 517 if (fn) { 518 if (snapname) 519 *snapname = fn->fn_snapname; 520 return (fn->fn_nvfs); 521 } 522 return (NULL); 523 } 524 525 static void 526 fsavl_destroy(avl_tree_t *avl) 527 { 528 fsavl_node_t *fn; 529 void *cookie; 530 531 if (avl == NULL) 532 return; 533 534 cookie = NULL; 535 while ((fn = avl_destroy_nodes(avl, &cookie)) != NULL) 536 free(fn); 537 avl_destroy(avl); 538 free(avl); 539 } 540 541 /* 542 * Given an nvlist, produce an avl tree of snapshots, ordered by guid 543 */ 544 static avl_tree_t * 545 fsavl_create(nvlist_t *fss) 546 { 547 avl_tree_t *fsavl; 548 nvpair_t *fselem = NULL; 549 550 if ((fsavl = malloc(sizeof (avl_tree_t))) == NULL) 551 return (NULL); 552 553 avl_create(fsavl, fsavl_compare, sizeof (fsavl_node_t), 554 offsetof(fsavl_node_t, fn_node)); 555 556 while ((fselem = nvlist_next_nvpair(fss, fselem)) != NULL) { 557 nvlist_t *nvfs, *snaps; 558 nvpair_t *snapelem = NULL; 559 560 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs)); 561 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps)); 562 563 while ((snapelem = 564 nvlist_next_nvpair(snaps, snapelem)) != NULL) { 565 fsavl_node_t *fn; 566 uint64_t guid; 567 568 VERIFY(0 == nvpair_value_uint64(snapelem, &guid)); 569 if ((fn = malloc(sizeof (fsavl_node_t))) == NULL) { 570 fsavl_destroy(fsavl); 571 return (NULL); 572 } 573 fn->fn_nvfs = nvfs; 574 fn->fn_snapname = nvpair_name(snapelem); 575 fn->fn_guid = guid; 576 577 /* 578 * Note: if there are multiple snaps with the 579 * same GUID, we ignore all but one. 580 */ 581 if (avl_find(fsavl, fn, NULL) == NULL) 582 avl_add(fsavl, fn); 583 else 584 free(fn); 585 } 586 } 587 588 return (fsavl); 589 } 590 591 /* 592 * Routines for dealing with the giant nvlist of fs-nvlists, etc. 593 */ 594 typedef struct send_data { 595 /* 596 * assigned inside every recursive call, 597 * restored from *_save on return: 598 * 599 * guid of fromsnap snapshot in parent dataset 600 * txg of fromsnap snapshot in current dataset 601 * txg of tosnap snapshot in current dataset 602 */ 603 604 uint64_t parent_fromsnap_guid; 605 uint64_t fromsnap_txg; 606 uint64_t tosnap_txg; 607 608 /* the nvlists get accumulated during depth-first traversal */ 609 nvlist_t *parent_snaps; 610 nvlist_t *fss; 611 nvlist_t *snapprops; 612 nvlist_t *snapholds; /* user holds */ 613 614 /* send-receive configuration, does not change during traversal */ 615 const char *fsname; 616 const char *fromsnap; 617 const char *tosnap; 618 boolean_t recursive; 619 boolean_t raw; 620 boolean_t verbose; 621 boolean_t backup; 622 boolean_t holds; /* were holds requested with send -h */ 623 boolean_t props; 624 625 /* 626 * The header nvlist is of the following format: 627 * { 628 * "tosnap" -> string 629 * "fromsnap" -> string (if incremental) 630 * "fss" -> { 631 * id -> { 632 * 633 * "name" -> string (full name; for debugging) 634 * "parentfromsnap" -> number (guid of fromsnap in parent) 635 * 636 * "props" -> { name -> value (only if set here) } 637 * "snaps" -> { name (lastname) -> number (guid) } 638 * "snapprops" -> { name (lastname) -> { name -> value } } 639 * "snapholds" -> { name (lastname) -> { holdname -> crtime } } 640 * 641 * "origin" -> number (guid) (if clone) 642 * "is_encroot" -> boolean 643 * "sent" -> boolean (not on-disk) 644 * } 645 * } 646 * } 647 * 648 */ 649 } send_data_t; 650 651 static void 652 send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv); 653 654 static int 655 send_iterate_snap(zfs_handle_t *zhp, void *arg) 656 { 657 send_data_t *sd = arg; 658 uint64_t guid = zhp->zfs_dmustats.dds_guid; 659 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg; 660 char *snapname; 661 nvlist_t *nv; 662 663 snapname = strrchr(zhp->zfs_name, '@')+1; 664 665 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) { 666 if (sd->verbose) { 667 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 668 "skipping snapshot %s because it was created " 669 "after the destination snapshot (%s)\n"), 670 zhp->zfs_name, sd->tosnap); 671 } 672 zfs_close(zhp); 673 return (0); 674 } 675 676 VERIFY(0 == nvlist_add_uint64(sd->parent_snaps, snapname, guid)); 677 /* 678 * NB: if there is no fromsnap here (it's a newly created fs in 679 * an incremental replication), we will substitute the tosnap. 680 */ 681 if ((sd->fromsnap && strcmp(snapname, sd->fromsnap) == 0) || 682 (sd->parent_fromsnap_guid == 0 && sd->tosnap && 683 strcmp(snapname, sd->tosnap) == 0)) { 684 sd->parent_fromsnap_guid = guid; 685 } 686 687 VERIFY(0 == nvlist_alloc(&nv, NV_UNIQUE_NAME, 0)); 688 send_iterate_prop(zhp, sd->backup, nv); 689 VERIFY(0 == nvlist_add_nvlist(sd->snapprops, snapname, nv)); 690 nvlist_free(nv); 691 if (sd->holds) { 692 nvlist_t *holds = fnvlist_alloc(); 693 int err = lzc_get_holds(zhp->zfs_name, &holds); 694 if (err == 0) { 695 VERIFY(0 == nvlist_add_nvlist(sd->snapholds, 696 snapname, holds)); 697 } 698 fnvlist_free(holds); 699 } 700 701 zfs_close(zhp); 702 return (0); 703 } 704 705 static void 706 send_iterate_prop(zfs_handle_t *zhp, boolean_t received_only, nvlist_t *nv) 707 { 708 nvlist_t *props = NULL; 709 nvpair_t *elem = NULL; 710 711 if (received_only) 712 props = zfs_get_recvd_props(zhp); 713 else 714 props = zhp->zfs_props; 715 716 while ((elem = nvlist_next_nvpair(props, elem)) != NULL) { 717 char *propname = nvpair_name(elem); 718 zfs_prop_t prop = zfs_name_to_prop(propname); 719 nvlist_t *propnv; 720 721 if (!zfs_prop_user(propname)) { 722 /* 723 * Realistically, this should never happen. However, 724 * we want the ability to add DSL properties without 725 * needing to make incompatible version changes. We 726 * need to ignore unknown properties to allow older 727 * software to still send datasets containing these 728 * properties, with the unknown properties elided. 729 */ 730 if (prop == ZPROP_INVAL) 731 continue; 732 733 if (zfs_prop_readonly(prop)) 734 continue; 735 } 736 737 verify(nvpair_value_nvlist(elem, &propnv) == 0); 738 if (prop == ZFS_PROP_QUOTA || prop == ZFS_PROP_RESERVATION || 739 prop == ZFS_PROP_REFQUOTA || 740 prop == ZFS_PROP_REFRESERVATION) { 741 char *source; 742 uint64_t value; 743 verify(nvlist_lookup_uint64(propnv, 744 ZPROP_VALUE, &value) == 0); 745 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) 746 continue; 747 /* 748 * May have no source before SPA_VERSION_RECVD_PROPS, 749 * but is still modifiable. 750 */ 751 if (nvlist_lookup_string(propnv, 752 ZPROP_SOURCE, &source) == 0) { 753 if ((strcmp(source, zhp->zfs_name) != 0) && 754 (strcmp(source, 755 ZPROP_SOURCE_VAL_RECVD) != 0)) 756 continue; 757 } 758 } else { 759 char *source; 760 if (nvlist_lookup_string(propnv, 761 ZPROP_SOURCE, &source) != 0) 762 continue; 763 if ((strcmp(source, zhp->zfs_name) != 0) && 764 (strcmp(source, ZPROP_SOURCE_VAL_RECVD) != 0)) 765 continue; 766 } 767 768 if (zfs_prop_user(propname) || 769 zfs_prop_get_type(prop) == PROP_TYPE_STRING) { 770 char *value; 771 verify(nvlist_lookup_string(propnv, 772 ZPROP_VALUE, &value) == 0); 773 VERIFY(0 == nvlist_add_string(nv, propname, value)); 774 } else { 775 uint64_t value; 776 verify(nvlist_lookup_uint64(propnv, 777 ZPROP_VALUE, &value) == 0); 778 VERIFY(0 == nvlist_add_uint64(nv, propname, value)); 779 } 780 } 781 } 782 783 /* 784 * returns snapshot creation txg 785 * and returns 0 if the snapshot does not exist 786 */ 787 static uint64_t 788 get_snap_txg(libzfs_handle_t *hdl, const char *fs, const char *snap) 789 { 790 char name[ZFS_MAX_DATASET_NAME_LEN]; 791 uint64_t txg = 0; 792 793 if (fs == NULL || fs[0] == '\0' || snap == NULL || snap[0] == '\0') 794 return (txg); 795 796 (void) snprintf(name, sizeof (name), "%s@%s", fs, snap); 797 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_SNAPSHOT)) { 798 zfs_handle_t *zhp = zfs_open(hdl, name, ZFS_TYPE_SNAPSHOT); 799 if (zhp != NULL) { 800 txg = zfs_prop_get_int(zhp, ZFS_PROP_CREATETXG); 801 zfs_close(zhp); 802 } 803 } 804 805 return (txg); 806 } 807 808 /* 809 * recursively generate nvlists describing datasets. See comment 810 * for the data structure send_data_t above for description of contents 811 * of the nvlist. 812 */ 813 static int 814 send_iterate_fs(zfs_handle_t *zhp, void *arg) 815 { 816 send_data_t *sd = arg; 817 nvlist_t *nvfs = NULL, *nv = NULL; 818 int rv = 0; 819 uint64_t parent_fromsnap_guid_save = sd->parent_fromsnap_guid; 820 uint64_t fromsnap_txg_save = sd->fromsnap_txg; 821 uint64_t tosnap_txg_save = sd->tosnap_txg; 822 uint64_t txg = zhp->zfs_dmustats.dds_creation_txg; 823 uint64_t guid = zhp->zfs_dmustats.dds_guid; 824 uint64_t fromsnap_txg, tosnap_txg; 825 char guidstring[64]; 826 827 fromsnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->fromsnap); 828 if (fromsnap_txg != 0) 829 sd->fromsnap_txg = fromsnap_txg; 830 831 tosnap_txg = get_snap_txg(zhp->zfs_hdl, zhp->zfs_name, sd->tosnap); 832 if (tosnap_txg != 0) 833 sd->tosnap_txg = tosnap_txg; 834 835 /* 836 * on the send side, if the current dataset does not have tosnap, 837 * perform two additional checks: 838 * 839 * - skip sending the current dataset if it was created later than 840 * the parent tosnap 841 * - return error if the current dataset was created earlier than 842 * the parent tosnap 843 */ 844 if (sd->tosnap != NULL && tosnap_txg == 0) { 845 if (sd->tosnap_txg != 0 && txg > sd->tosnap_txg) { 846 if (sd->verbose) { 847 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 848 "skipping dataset %s: snapshot %s does " 849 "not exist\n"), zhp->zfs_name, sd->tosnap); 850 } 851 } else { 852 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 853 "cannot send %s@%s%s: snapshot %s@%s does not " 854 "exist\n"), sd->fsname, sd->tosnap, sd->recursive ? 855 dgettext(TEXT_DOMAIN, " recursively") : "", 856 zhp->zfs_name, sd->tosnap); 857 rv = -1; 858 } 859 goto out; 860 } 861 862 VERIFY(0 == nvlist_alloc(&nvfs, NV_UNIQUE_NAME, 0)); 863 VERIFY(0 == nvlist_add_string(nvfs, "name", zhp->zfs_name)); 864 VERIFY(0 == nvlist_add_uint64(nvfs, "parentfromsnap", 865 sd->parent_fromsnap_guid)); 866 867 if (zhp->zfs_dmustats.dds_origin[0]) { 868 zfs_handle_t *origin = zfs_open(zhp->zfs_hdl, 869 zhp->zfs_dmustats.dds_origin, ZFS_TYPE_SNAPSHOT); 870 if (origin == NULL) { 871 rv = -1; 872 goto out; 873 } 874 VERIFY(0 == nvlist_add_uint64(nvfs, "origin", 875 origin->zfs_dmustats.dds_guid)); 876 } 877 878 /* iterate over props */ 879 if (sd->props || sd->backup || sd->recursive) { 880 VERIFY(0 == nvlist_alloc(&nv, NV_UNIQUE_NAME, 0)); 881 send_iterate_prop(zhp, sd->backup, nv); 882 } 883 884 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) { 885 boolean_t encroot; 886 887 /* determine if this dataset is an encryption root */ 888 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0) { 889 rv = -1; 890 goto out; 891 } 892 893 if (encroot) 894 VERIFY(0 == nvlist_add_boolean(nvfs, "is_encroot")); 895 896 /* 897 * Encrypted datasets can only be sent with properties if 898 * the raw flag is specified because the receive side doesn't 899 * currently have a mechanism for recursively asking the user 900 * for new encryption parameters. 901 */ 902 if (!sd->raw) { 903 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 904 "cannot send %s@%s: encrypted dataset %s may not " 905 "be sent with properties without the raw flag\n"), 906 sd->fsname, sd->tosnap, zhp->zfs_name); 907 rv = -1; 908 goto out; 909 } 910 911 } 912 913 if (nv != NULL) 914 VERIFY(0 == nvlist_add_nvlist(nvfs, "props", nv)); 915 916 /* iterate over snaps, and set sd->parent_fromsnap_guid */ 917 sd->parent_fromsnap_guid = 0; 918 VERIFY(0 == nvlist_alloc(&sd->parent_snaps, NV_UNIQUE_NAME, 0)); 919 VERIFY(0 == nvlist_alloc(&sd->snapprops, NV_UNIQUE_NAME, 0)); 920 if (sd->holds) 921 VERIFY(0 == nvlist_alloc(&sd->snapholds, NV_UNIQUE_NAME, 0)); 922 (void) zfs_iter_snapshots(zhp, B_FALSE, send_iterate_snap, sd); 923 VERIFY(0 == nvlist_add_nvlist(nvfs, "snaps", sd->parent_snaps)); 924 VERIFY(0 == nvlist_add_nvlist(nvfs, "snapprops", sd->snapprops)); 925 if (sd->holds) 926 VERIFY(0 == nvlist_add_nvlist(nvfs, "snapholds", 927 sd->snapholds)); 928 nvlist_free(sd->parent_snaps); 929 nvlist_free(sd->snapprops); 930 nvlist_free(sd->snapholds); 931 932 /* add this fs to nvlist */ 933 (void) snprintf(guidstring, sizeof (guidstring), 934 "0x%llx", (longlong_t)guid); 935 VERIFY(0 == nvlist_add_nvlist(sd->fss, guidstring, nvfs)); 936 937 /* iterate over children */ 938 if (sd->recursive) 939 rv = zfs_iter_filesystems(zhp, send_iterate_fs, sd); 940 941 out: 942 sd->parent_fromsnap_guid = parent_fromsnap_guid_save; 943 sd->fromsnap_txg = fromsnap_txg_save; 944 sd->tosnap_txg = tosnap_txg_save; 945 nvlist_free(nv); 946 nvlist_free(nvfs); 947 948 zfs_close(zhp); 949 return (rv); 950 } 951 952 static int 953 gather_nvlist(libzfs_handle_t *hdl, const char *fsname, const char *fromsnap, 954 const char *tosnap, boolean_t recursive, boolean_t raw, 955 boolean_t verbose, boolean_t backup, boolean_t holds, 956 boolean_t props, nvlist_t **nvlp, avl_tree_t **avlp) 957 { 958 zfs_handle_t *zhp; 959 send_data_t sd = { 0 }; 960 int error; 961 962 zhp = zfs_open(hdl, fsname, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME); 963 if (zhp == NULL) 964 return (EZFS_BADTYPE); 965 966 VERIFY(0 == nvlist_alloc(&sd.fss, NV_UNIQUE_NAME, 0)); 967 sd.fsname = fsname; 968 sd.fromsnap = fromsnap; 969 sd.tosnap = tosnap; 970 sd.recursive = recursive; 971 sd.raw = raw; 972 sd.verbose = verbose; 973 sd.backup = backup; 974 sd.holds = holds; 975 sd.props = props; 976 977 if ((error = send_iterate_fs(zhp, &sd)) != 0) { 978 nvlist_free(sd.fss); 979 if (avlp != NULL) 980 *avlp = NULL; 981 *nvlp = NULL; 982 return (error); 983 } 984 985 if (avlp != NULL && (*avlp = fsavl_create(sd.fss)) == NULL) { 986 nvlist_free(sd.fss); 987 *nvlp = NULL; 988 return (EZFS_NOMEM); 989 } 990 991 *nvlp = sd.fss; 992 return (0); 993 } 994 995 /* 996 * Routines specific to "zfs send" 997 */ 998 typedef struct send_dump_data { 999 /* these are all just the short snapname (the part after the @) */ 1000 const char *fromsnap; 1001 const char *tosnap; 1002 char prevsnap[ZFS_MAX_DATASET_NAME_LEN]; 1003 uint64_t prevsnap_obj; 1004 boolean_t seenfrom, seento, replicate, doall, fromorigin; 1005 boolean_t verbose, dryrun, parsable, progress, embed_data, std_out; 1006 boolean_t large_block, compress, raw, holds; 1007 int outfd; 1008 boolean_t err; 1009 nvlist_t *fss; 1010 nvlist_t *snapholds; 1011 avl_tree_t *fsavl; 1012 snapfilter_cb_t *filter_cb; 1013 void *filter_cb_arg; 1014 nvlist_t *debugnv; 1015 char holdtag[ZFS_MAX_DATASET_NAME_LEN]; 1016 int cleanup_fd; 1017 uint64_t size; 1018 } send_dump_data_t; 1019 1020 static int 1021 estimate_ioctl(zfs_handle_t *zhp, uint64_t fromsnap_obj, 1022 boolean_t fromorigin, enum lzc_send_flags flags, uint64_t *sizep) 1023 { 1024 zfs_cmd_t zc = { 0 }; 1025 libzfs_handle_t *hdl = zhp->zfs_hdl; 1026 1027 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT); 1028 assert(fromsnap_obj == 0 || !fromorigin); 1029 1030 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name)); 1031 zc.zc_obj = fromorigin; 1032 zc.zc_sendobj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID); 1033 zc.zc_fromobj = fromsnap_obj; 1034 zc.zc_guid = 1; /* estimate flag */ 1035 zc.zc_flags = flags; 1036 1037 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND, &zc) != 0) { 1038 char errbuf[1024]; 1039 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 1040 "warning: cannot estimate space for '%s'"), zhp->zfs_name); 1041 1042 switch (errno) { 1043 case EXDEV: 1044 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1045 "not an earlier snapshot from the same fs")); 1046 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf)); 1047 1048 case EACCES: 1049 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1050 "source key must be loaded")); 1051 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf)); 1052 1053 case ENOENT: 1054 if (zfs_dataset_exists(hdl, zc.zc_name, 1055 ZFS_TYPE_SNAPSHOT)) { 1056 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1057 "incremental source (@%s) does not exist"), 1058 zc.zc_value); 1059 } 1060 return (zfs_error(hdl, EZFS_NOENT, errbuf)); 1061 1062 case EDQUOT: 1063 case EFBIG: 1064 case EIO: 1065 case ENOLINK: 1066 case ENOSPC: 1067 case ENOSTR: 1068 case ENXIO: 1069 case EPIPE: 1070 case ERANGE: 1071 case EFAULT: 1072 case EROFS: 1073 zfs_error_aux(hdl, strerror(errno)); 1074 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf)); 1075 1076 default: 1077 return (zfs_standard_error(hdl, errno, errbuf)); 1078 } 1079 } 1080 1081 *sizep = zc.zc_objset_type; 1082 1083 return (0); 1084 } 1085 1086 /* 1087 * Dumps a backup of the given snapshot (incremental from fromsnap if it's not 1088 * NULL) to the file descriptor specified by outfd. 1089 */ 1090 static int 1091 dump_ioctl(zfs_handle_t *zhp, const char *fromsnap, uint64_t fromsnap_obj, 1092 boolean_t fromorigin, int outfd, enum lzc_send_flags flags, 1093 nvlist_t *debugnv) 1094 { 1095 zfs_cmd_t zc = { 0 }; 1096 libzfs_handle_t *hdl = zhp->zfs_hdl; 1097 nvlist_t *thisdbg; 1098 1099 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT); 1100 assert(fromsnap_obj == 0 || !fromorigin); 1101 1102 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name)); 1103 zc.zc_cookie = outfd; 1104 zc.zc_obj = fromorigin; 1105 zc.zc_sendobj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID); 1106 zc.zc_fromobj = fromsnap_obj; 1107 zc.zc_flags = flags; 1108 1109 VERIFY(0 == nvlist_alloc(&thisdbg, NV_UNIQUE_NAME, 0)); 1110 if (fromsnap && fromsnap[0] != '\0') { 1111 VERIFY(0 == nvlist_add_string(thisdbg, 1112 "fromsnap", fromsnap)); 1113 } 1114 1115 if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SEND, &zc) != 0) { 1116 char errbuf[1024]; 1117 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 1118 "warning: cannot send '%s'"), zhp->zfs_name); 1119 1120 VERIFY(0 == nvlist_add_uint64(thisdbg, "error", errno)); 1121 if (debugnv) { 1122 VERIFY(0 == nvlist_add_nvlist(debugnv, 1123 zhp->zfs_name, thisdbg)); 1124 } 1125 nvlist_free(thisdbg); 1126 1127 switch (errno) { 1128 case EXDEV: 1129 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1130 "not an earlier snapshot from the same fs")); 1131 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf)); 1132 1133 case EACCES: 1134 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1135 "source key must be loaded")); 1136 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf)); 1137 1138 case ENOENT: 1139 if (zfs_dataset_exists(hdl, zc.zc_name, 1140 ZFS_TYPE_SNAPSHOT)) { 1141 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1142 "incremental source (@%s) does not exist"), 1143 zc.zc_value); 1144 } 1145 return (zfs_error(hdl, EZFS_NOENT, errbuf)); 1146 1147 case EDQUOT: 1148 case EFBIG: 1149 case EIO: 1150 case ENOLINK: 1151 case ENOSPC: 1152 case ENOSTR: 1153 case ENXIO: 1154 case EPIPE: 1155 case ERANGE: 1156 case EFAULT: 1157 case EROFS: 1158 zfs_error_aux(hdl, strerror(errno)); 1159 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf)); 1160 1161 default: 1162 return (zfs_standard_error(hdl, errno, errbuf)); 1163 } 1164 } 1165 1166 if (debugnv) 1167 VERIFY(0 == nvlist_add_nvlist(debugnv, zhp->zfs_name, thisdbg)); 1168 nvlist_free(thisdbg); 1169 1170 return (0); 1171 } 1172 1173 static void 1174 gather_holds(zfs_handle_t *zhp, send_dump_data_t *sdd) 1175 { 1176 assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT); 1177 1178 /* 1179 * zfs_send() only sets snapholds for sends that need them, 1180 * e.g. replication and doall. 1181 */ 1182 if (sdd->snapholds == NULL) 1183 return; 1184 1185 fnvlist_add_string(sdd->snapholds, zhp->zfs_name, sdd->holdtag); 1186 } 1187 1188 static void * 1189 send_progress_thread(void *arg) 1190 { 1191 progress_arg_t *pa = arg; 1192 zfs_cmd_t zc = { 0 }; 1193 zfs_handle_t *zhp = pa->pa_zhp; 1194 libzfs_handle_t *hdl = zhp->zfs_hdl; 1195 unsigned long long bytes; 1196 char buf[16]; 1197 time_t t; 1198 struct tm *tm; 1199 1200 (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name)); 1201 1202 if (!pa->pa_parsable) 1203 (void) fprintf(stderr, "TIME SENT SNAPSHOT\n"); 1204 1205 /* 1206 * Print the progress from ZFS_IOC_SEND_PROGRESS every second. 1207 */ 1208 for (;;) { 1209 (void) sleep(1); 1210 1211 zc.zc_cookie = pa->pa_fd; 1212 if (zfs_ioctl(hdl, ZFS_IOC_SEND_PROGRESS, &zc) != 0) 1213 return ((void *)-1); 1214 1215 (void) time(&t); 1216 tm = localtime(&t); 1217 bytes = zc.zc_cookie; 1218 1219 if (pa->pa_parsable) { 1220 (void) fprintf(stderr, "%02d:%02d:%02d\t%llu\t%s\n", 1221 tm->tm_hour, tm->tm_min, tm->tm_sec, 1222 bytes, zhp->zfs_name); 1223 } else { 1224 zfs_nicenum(bytes, buf, sizeof (buf)); 1225 (void) fprintf(stderr, "%02d:%02d:%02d %5s %s\n", 1226 tm->tm_hour, tm->tm_min, tm->tm_sec, 1227 buf, zhp->zfs_name); 1228 } 1229 } 1230 } 1231 1232 static void 1233 send_print_verbose(FILE *fout, const char *tosnap, const char *fromsnap, 1234 uint64_t size, boolean_t parsable) 1235 { 1236 if (parsable) { 1237 if (fromsnap != NULL) { 1238 (void) fprintf(fout, "incremental\t%s\t%s", 1239 fromsnap, tosnap); 1240 } else { 1241 (void) fprintf(fout, "full\t%s", 1242 tosnap); 1243 } 1244 } else { 1245 if (fromsnap != NULL) { 1246 if (strchr(fromsnap, '@') == NULL && 1247 strchr(fromsnap, '#') == NULL) { 1248 (void) fprintf(fout, dgettext(TEXT_DOMAIN, 1249 "send from @%s to %s"), 1250 fromsnap, tosnap); 1251 } else { 1252 (void) fprintf(fout, dgettext(TEXT_DOMAIN, 1253 "send from %s to %s"), 1254 fromsnap, tosnap); 1255 } 1256 } else { 1257 (void) fprintf(fout, dgettext(TEXT_DOMAIN, 1258 "full send of %s"), 1259 tosnap); 1260 } 1261 } 1262 1263 if (size != 0) { 1264 if (parsable) { 1265 (void) fprintf(fout, "\t%llu", 1266 (longlong_t)size); 1267 } else { 1268 char buf[16]; 1269 zfs_nicenum(size, buf, sizeof (buf)); 1270 (void) fprintf(fout, dgettext(TEXT_DOMAIN, 1271 " estimated size is %s"), buf); 1272 } 1273 } 1274 (void) fprintf(fout, "\n"); 1275 } 1276 1277 static int 1278 dump_snapshot(zfs_handle_t *zhp, void *arg) 1279 { 1280 send_dump_data_t *sdd = arg; 1281 progress_arg_t pa = { 0 }; 1282 pthread_t tid; 1283 char *thissnap; 1284 enum lzc_send_flags flags = 0; 1285 int err; 1286 boolean_t isfromsnap, istosnap, fromorigin; 1287 boolean_t exclude = B_FALSE; 1288 FILE *fout = sdd->std_out ? stdout : stderr; 1289 1290 err = 0; 1291 thissnap = strchr(zhp->zfs_name, '@') + 1; 1292 isfromsnap = (sdd->fromsnap != NULL && 1293 strcmp(sdd->fromsnap, thissnap) == 0); 1294 1295 if (!sdd->seenfrom && isfromsnap) { 1296 gather_holds(zhp, sdd); 1297 sdd->seenfrom = B_TRUE; 1298 (void) strcpy(sdd->prevsnap, thissnap); 1299 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID); 1300 zfs_close(zhp); 1301 return (0); 1302 } 1303 1304 if (sdd->seento || !sdd->seenfrom) { 1305 zfs_close(zhp); 1306 return (0); 1307 } 1308 1309 istosnap = (strcmp(sdd->tosnap, thissnap) == 0); 1310 if (istosnap) 1311 sdd->seento = B_TRUE; 1312 1313 if (sdd->large_block) 1314 flags |= LZC_SEND_FLAG_LARGE_BLOCK; 1315 if (sdd->embed_data) 1316 flags |= LZC_SEND_FLAG_EMBED_DATA; 1317 if (sdd->compress) 1318 flags |= LZC_SEND_FLAG_COMPRESS; 1319 if (sdd->raw) 1320 flags |= LZC_SEND_FLAG_RAW; 1321 1322 if (!sdd->doall && !isfromsnap && !istosnap) { 1323 if (sdd->replicate) { 1324 char *snapname; 1325 nvlist_t *snapprops; 1326 /* 1327 * Filter out all intermediate snapshots except origin 1328 * snapshots needed to replicate clones. 1329 */ 1330 nvlist_t *nvfs = fsavl_find(sdd->fsavl, 1331 zhp->zfs_dmustats.dds_guid, &snapname); 1332 1333 VERIFY(0 == nvlist_lookup_nvlist(nvfs, 1334 "snapprops", &snapprops)); 1335 VERIFY(0 == nvlist_lookup_nvlist(snapprops, 1336 thissnap, &snapprops)); 1337 exclude = !nvlist_exists(snapprops, "is_clone_origin"); 1338 } else { 1339 exclude = B_TRUE; 1340 } 1341 } 1342 1343 /* 1344 * If a filter function exists, call it to determine whether 1345 * this snapshot will be sent. 1346 */ 1347 if (exclude || (sdd->filter_cb != NULL && 1348 sdd->filter_cb(zhp, sdd->filter_cb_arg) == B_FALSE)) { 1349 /* 1350 * This snapshot is filtered out. Don't send it, and don't 1351 * set prevsnap_obj, so it will be as if this snapshot didn't 1352 * exist, and the next accepted snapshot will be sent as 1353 * an incremental from the last accepted one, or as the 1354 * first (and full) snapshot in the case of a replication, 1355 * non-incremental send. 1356 */ 1357 zfs_close(zhp); 1358 return (0); 1359 } 1360 1361 gather_holds(zhp, sdd); 1362 fromorigin = sdd->prevsnap[0] == '\0' && 1363 (sdd->fromorigin || sdd->replicate); 1364 1365 if (sdd->verbose) { 1366 uint64_t size = 0; 1367 (void) estimate_ioctl(zhp, sdd->prevsnap_obj, 1368 fromorigin, flags, &size); 1369 1370 send_print_verbose(fout, zhp->zfs_name, 1371 sdd->prevsnap[0] ? sdd->prevsnap : NULL, 1372 size, sdd->parsable); 1373 sdd->size += size; 1374 } 1375 1376 if (!sdd->dryrun) { 1377 /* 1378 * If progress reporting is requested, spawn a new thread to 1379 * poll ZFS_IOC_SEND_PROGRESS at a regular interval. 1380 */ 1381 if (sdd->progress) { 1382 pa.pa_zhp = zhp; 1383 pa.pa_fd = sdd->outfd; 1384 pa.pa_parsable = sdd->parsable; 1385 1386 if ((err = pthread_create(&tid, NULL, 1387 send_progress_thread, &pa)) != 0) { 1388 zfs_close(zhp); 1389 return (err); 1390 } 1391 } 1392 1393 err = dump_ioctl(zhp, sdd->prevsnap, sdd->prevsnap_obj, 1394 fromorigin, sdd->outfd, flags, sdd->debugnv); 1395 1396 if (sdd->progress) { 1397 (void) pthread_cancel(tid); 1398 (void) pthread_join(tid, NULL); 1399 } 1400 } 1401 1402 (void) strcpy(sdd->prevsnap, thissnap); 1403 sdd->prevsnap_obj = zfs_prop_get_int(zhp, ZFS_PROP_OBJSETID); 1404 zfs_close(zhp); 1405 return (err); 1406 } 1407 1408 static int 1409 dump_filesystem(zfs_handle_t *zhp, void *arg) 1410 { 1411 int rv = 0; 1412 send_dump_data_t *sdd = arg; 1413 boolean_t missingfrom = B_FALSE; 1414 zfs_cmd_t zc = { 0 }; 1415 1416 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s", 1417 zhp->zfs_name, sdd->tosnap); 1418 if (ioctl(zhp->zfs_hdl->libzfs_fd, ZFS_IOC_OBJSET_STATS, &zc) != 0) { 1419 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1420 "WARNING: could not send %s@%s: does not exist\n"), 1421 zhp->zfs_name, sdd->tosnap); 1422 sdd->err = B_TRUE; 1423 return (0); 1424 } 1425 1426 if (sdd->replicate && sdd->fromsnap) { 1427 /* 1428 * If this fs does not have fromsnap, and we're doing 1429 * recursive, we need to send a full stream from the 1430 * beginning (or an incremental from the origin if this 1431 * is a clone). If we're doing non-recursive, then let 1432 * them get the error. 1433 */ 1434 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), "%s@%s", 1435 zhp->zfs_name, sdd->fromsnap); 1436 if (ioctl(zhp->zfs_hdl->libzfs_fd, 1437 ZFS_IOC_OBJSET_STATS, &zc) != 0) { 1438 missingfrom = B_TRUE; 1439 } 1440 } 1441 1442 sdd->seenfrom = sdd->seento = sdd->prevsnap[0] = 0; 1443 sdd->prevsnap_obj = 0; 1444 if (sdd->fromsnap == NULL || missingfrom) 1445 sdd->seenfrom = B_TRUE; 1446 1447 rv = zfs_iter_snapshots_sorted(zhp, dump_snapshot, arg); 1448 if (!sdd->seenfrom) { 1449 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1450 "WARNING: could not send %s@%s:\n" 1451 "incremental source (%s@%s) does not exist\n"), 1452 zhp->zfs_name, sdd->tosnap, 1453 zhp->zfs_name, sdd->fromsnap); 1454 sdd->err = B_TRUE; 1455 } else if (!sdd->seento) { 1456 if (sdd->fromsnap) { 1457 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1458 "WARNING: could not send %s@%s:\n" 1459 "incremental source (%s@%s) " 1460 "is not earlier than it\n"), 1461 zhp->zfs_name, sdd->tosnap, 1462 zhp->zfs_name, sdd->fromsnap); 1463 } else { 1464 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 1465 "WARNING: " 1466 "could not send %s@%s: does not exist\n"), 1467 zhp->zfs_name, sdd->tosnap); 1468 } 1469 sdd->err = B_TRUE; 1470 } 1471 1472 return (rv); 1473 } 1474 1475 static int 1476 dump_filesystems(zfs_handle_t *rzhp, void *arg) 1477 { 1478 send_dump_data_t *sdd = arg; 1479 nvpair_t *fspair; 1480 boolean_t needagain, progress; 1481 1482 if (!sdd->replicate) 1483 return (dump_filesystem(rzhp, sdd)); 1484 1485 /* Mark the clone origin snapshots. */ 1486 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair; 1487 fspair = nvlist_next_nvpair(sdd->fss, fspair)) { 1488 nvlist_t *nvfs; 1489 uint64_t origin_guid = 0; 1490 1491 VERIFY(0 == nvpair_value_nvlist(fspair, &nvfs)); 1492 (void) nvlist_lookup_uint64(nvfs, "origin", &origin_guid); 1493 if (origin_guid != 0) { 1494 char *snapname; 1495 nvlist_t *origin_nv = fsavl_find(sdd->fsavl, 1496 origin_guid, &snapname); 1497 if (origin_nv != NULL) { 1498 nvlist_t *snapprops; 1499 VERIFY(0 == nvlist_lookup_nvlist(origin_nv, 1500 "snapprops", &snapprops)); 1501 VERIFY(0 == nvlist_lookup_nvlist(snapprops, 1502 snapname, &snapprops)); 1503 VERIFY(0 == nvlist_add_boolean( 1504 snapprops, "is_clone_origin")); 1505 } 1506 } 1507 } 1508 again: 1509 needagain = progress = B_FALSE; 1510 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair; 1511 fspair = nvlist_next_nvpair(sdd->fss, fspair)) { 1512 nvlist_t *fslist, *parent_nv; 1513 char *fsname; 1514 zfs_handle_t *zhp; 1515 int err; 1516 uint64_t origin_guid = 0; 1517 uint64_t parent_guid = 0; 1518 1519 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0); 1520 if (nvlist_lookup_boolean(fslist, "sent") == 0) 1521 continue; 1522 1523 VERIFY(nvlist_lookup_string(fslist, "name", &fsname) == 0); 1524 (void) nvlist_lookup_uint64(fslist, "origin", &origin_guid); 1525 (void) nvlist_lookup_uint64(fslist, "parentfromsnap", 1526 &parent_guid); 1527 1528 if (parent_guid != 0) { 1529 parent_nv = fsavl_find(sdd->fsavl, parent_guid, NULL); 1530 if (!nvlist_exists(parent_nv, "sent")) { 1531 /* parent has not been sent; skip this one */ 1532 needagain = B_TRUE; 1533 continue; 1534 } 1535 } 1536 1537 if (origin_guid != 0) { 1538 nvlist_t *origin_nv = fsavl_find(sdd->fsavl, 1539 origin_guid, NULL); 1540 if (origin_nv != NULL && 1541 !nvlist_exists(origin_nv, "sent")) { 1542 /* 1543 * origin has not been sent yet; 1544 * skip this clone. 1545 */ 1546 needagain = B_TRUE; 1547 continue; 1548 } 1549 } 1550 1551 zhp = zfs_open(rzhp->zfs_hdl, fsname, ZFS_TYPE_DATASET); 1552 if (zhp == NULL) 1553 return (-1); 1554 err = dump_filesystem(zhp, sdd); 1555 VERIFY(nvlist_add_boolean(fslist, "sent") == 0); 1556 progress = B_TRUE; 1557 zfs_close(zhp); 1558 if (err) 1559 return (err); 1560 } 1561 if (needagain) { 1562 assert(progress); 1563 goto again; 1564 } 1565 1566 /* clean out the sent flags in case we reuse this fss */ 1567 for (fspair = nvlist_next_nvpair(sdd->fss, NULL); fspair; 1568 fspair = nvlist_next_nvpair(sdd->fss, fspair)) { 1569 nvlist_t *fslist; 1570 1571 VERIFY(nvpair_value_nvlist(fspair, &fslist) == 0); 1572 (void) nvlist_remove_all(fslist, "sent"); 1573 } 1574 1575 return (0); 1576 } 1577 1578 nvlist_t * 1579 zfs_send_resume_token_to_nvlist(libzfs_handle_t *hdl, const char *token) 1580 { 1581 unsigned int version; 1582 int nread; 1583 unsigned long long checksum, packed_len; 1584 1585 /* 1586 * Decode token header, which is: 1587 * <token version>-<checksum of payload>-<uncompressed payload length> 1588 * Note that the only supported token version is 1. 1589 */ 1590 nread = sscanf(token, "%u-%llx-%llx-", 1591 &version, &checksum, &packed_len); 1592 if (nread != 3) { 1593 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1594 "resume token is corrupt (invalid format)")); 1595 return (NULL); 1596 } 1597 1598 if (version != ZFS_SEND_RESUME_TOKEN_VERSION) { 1599 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1600 "resume token is corrupt (invalid version %u)"), 1601 version); 1602 return (NULL); 1603 } 1604 1605 /* convert hexadecimal representation to binary */ 1606 token = strrchr(token, '-') + 1; 1607 int len = strlen(token) / 2; 1608 unsigned char *compressed = zfs_alloc(hdl, len); 1609 for (int i = 0; i < len; i++) { 1610 nread = sscanf(token + i * 2, "%2hhx", compressed + i); 1611 if (nread != 1) { 1612 free(compressed); 1613 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1614 "resume token is corrupt " 1615 "(payload is not hex-encoded)")); 1616 return (NULL); 1617 } 1618 } 1619 1620 /* verify checksum */ 1621 zio_cksum_t cksum; 1622 fletcher_4_native(compressed, len, NULL, &cksum); 1623 if (cksum.zc_word[0] != checksum) { 1624 free(compressed); 1625 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1626 "resume token is corrupt (incorrect checksum)")); 1627 return (NULL); 1628 } 1629 1630 /* uncompress */ 1631 void *packed = zfs_alloc(hdl, packed_len); 1632 uLongf packed_len_long = packed_len; 1633 if (uncompress(packed, &packed_len_long, compressed, len) != Z_OK || 1634 packed_len_long != packed_len) { 1635 free(packed); 1636 free(compressed); 1637 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1638 "resume token is corrupt (decompression failed)")); 1639 return (NULL); 1640 } 1641 1642 /* unpack nvlist */ 1643 nvlist_t *nv; 1644 int error = nvlist_unpack(packed, packed_len, &nv, KM_SLEEP); 1645 free(packed); 1646 free(compressed); 1647 if (error != 0) { 1648 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1649 "resume token is corrupt (nvlist_unpack failed)")); 1650 return (NULL); 1651 } 1652 return (nv); 1653 } 1654 1655 int 1656 zfs_send_resume(libzfs_handle_t *hdl, sendflags_t *flags, int outfd, 1657 const char *resume_token) 1658 { 1659 char errbuf[1024]; 1660 char *toname; 1661 char *fromname = NULL; 1662 uint64_t resumeobj, resumeoff, toguid, fromguid, bytes; 1663 zfs_handle_t *zhp; 1664 int error = 0; 1665 char name[ZFS_MAX_DATASET_NAME_LEN]; 1666 enum lzc_send_flags lzc_flags = 0; 1667 FILE *fout = (flags->verbose && flags->dryrun) ? stdout : stderr; 1668 1669 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 1670 "cannot resume send")); 1671 1672 nvlist_t *resume_nvl = 1673 zfs_send_resume_token_to_nvlist(hdl, resume_token); 1674 if (resume_nvl == NULL) { 1675 /* 1676 * zfs_error_aux has already been set by 1677 * zfs_send_resume_token_to_nvlist 1678 */ 1679 return (zfs_error(hdl, EZFS_FAULT, errbuf)); 1680 } 1681 if (flags->verbose) { 1682 (void) fprintf(fout, dgettext(TEXT_DOMAIN, 1683 "resume token contents:\n")); 1684 nvlist_print(fout, resume_nvl); 1685 } 1686 1687 if (nvlist_lookup_string(resume_nvl, "toname", &toname) != 0 || 1688 nvlist_lookup_uint64(resume_nvl, "object", &resumeobj) != 0 || 1689 nvlist_lookup_uint64(resume_nvl, "offset", &resumeoff) != 0 || 1690 nvlist_lookup_uint64(resume_nvl, "bytes", &bytes) != 0 || 1691 nvlist_lookup_uint64(resume_nvl, "toguid", &toguid) != 0) { 1692 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1693 "resume token is corrupt")); 1694 return (zfs_error(hdl, EZFS_FAULT, errbuf)); 1695 } 1696 fromguid = 0; 1697 (void) nvlist_lookup_uint64(resume_nvl, "fromguid", &fromguid); 1698 1699 if (flags->largeblock || nvlist_exists(resume_nvl, "largeblockok")) 1700 lzc_flags |= LZC_SEND_FLAG_LARGE_BLOCK; 1701 if (flags->embed_data || nvlist_exists(resume_nvl, "embedok")) 1702 lzc_flags |= LZC_SEND_FLAG_EMBED_DATA; 1703 if (flags->compress || nvlist_exists(resume_nvl, "compressok")) 1704 lzc_flags |= LZC_SEND_FLAG_COMPRESS; 1705 if (flags->raw || nvlist_exists(resume_nvl, "rawok")) 1706 lzc_flags |= LZC_SEND_FLAG_RAW; 1707 1708 if (guid_to_name(hdl, toname, toguid, B_FALSE, name) != 0) { 1709 if (zfs_dataset_exists(hdl, toname, ZFS_TYPE_DATASET)) { 1710 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1711 "'%s' is no longer the same snapshot used in " 1712 "the initial send"), toname); 1713 } else { 1714 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1715 "'%s' used in the initial send no longer exists"), 1716 toname); 1717 } 1718 return (zfs_error(hdl, EZFS_BADPATH, errbuf)); 1719 } 1720 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET); 1721 if (zhp == NULL) { 1722 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1723 "unable to access '%s'"), name); 1724 return (zfs_error(hdl, EZFS_BADPATH, errbuf)); 1725 } 1726 1727 if (fromguid != 0) { 1728 if (guid_to_name(hdl, toname, fromguid, B_TRUE, name) != 0) { 1729 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1730 "incremental source %#llx no longer exists"), 1731 (longlong_t)fromguid); 1732 return (zfs_error(hdl, EZFS_BADPATH, errbuf)); 1733 } 1734 fromname = name; 1735 } 1736 1737 if (flags->verbose) { 1738 uint64_t size = 0; 1739 error = lzc_send_space(zhp->zfs_name, fromname, 1740 lzc_flags, &size); 1741 if (error == 0) 1742 size = MAX(0, (int64_t)(size - bytes)); 1743 send_print_verbose(fout, zhp->zfs_name, fromname, 1744 size, flags->parsable); 1745 } 1746 1747 if (!flags->dryrun) { 1748 progress_arg_t pa = { 0 }; 1749 pthread_t tid; 1750 /* 1751 * If progress reporting is requested, spawn a new thread to 1752 * poll ZFS_IOC_SEND_PROGRESS at a regular interval. 1753 */ 1754 if (flags->progress) { 1755 pa.pa_zhp = zhp; 1756 pa.pa_fd = outfd; 1757 pa.pa_parsable = flags->parsable; 1758 1759 error = pthread_create(&tid, NULL, 1760 send_progress_thread, &pa); 1761 if (error != 0) { 1762 zfs_close(zhp); 1763 return (error); 1764 } 1765 } 1766 1767 error = lzc_send_resume(zhp->zfs_name, fromname, outfd, 1768 lzc_flags, resumeobj, resumeoff); 1769 1770 if (flags->progress) { 1771 (void) pthread_cancel(tid); 1772 (void) pthread_join(tid, NULL); 1773 } 1774 1775 char errbuf[1024]; 1776 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 1777 "warning: cannot send '%s'"), zhp->zfs_name); 1778 1779 zfs_close(zhp); 1780 1781 switch (error) { 1782 case 0: 1783 return (0); 1784 case EACCES: 1785 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 1786 "source key must be loaded")); 1787 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf)); 1788 1789 case EXDEV: 1790 case ENOENT: 1791 case EDQUOT: 1792 case EFBIG: 1793 case EIO: 1794 case ENOLINK: 1795 case ENOSPC: 1796 case ENOSTR: 1797 case ENXIO: 1798 case EPIPE: 1799 case ERANGE: 1800 case EFAULT: 1801 case EROFS: 1802 zfs_error_aux(hdl, strerror(errno)); 1803 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf)); 1804 1805 default: 1806 return (zfs_standard_error(hdl, errno, errbuf)); 1807 } 1808 } 1809 1810 1811 zfs_close(zhp); 1812 1813 return (error); 1814 } 1815 1816 /* 1817 * Generate a send stream for the dataset identified by the argument zhp. 1818 * 1819 * The content of the send stream is the snapshot identified by 1820 * 'tosnap'. Incremental streams are requested in two ways: 1821 * - from the snapshot identified by "fromsnap" (if non-null) or 1822 * - from the origin of the dataset identified by zhp, which must 1823 * be a clone. In this case, "fromsnap" is null and "fromorigin" 1824 * is TRUE. 1825 * 1826 * The send stream is recursive (i.e. dumps a hierarchy of snapshots) and 1827 * uses a special header (with a hdrtype field of DMU_COMPOUNDSTREAM) 1828 * if "replicate" is set. If "doall" is set, dump all the intermediate 1829 * snapshots. The DMU_COMPOUNDSTREAM header is used in the "doall" 1830 * case too. If "props" is set, send properties. 1831 */ 1832 int 1833 zfs_send(zfs_handle_t *zhp, const char *fromsnap, const char *tosnap, 1834 sendflags_t *flags, int outfd, snapfilter_cb_t filter_func, 1835 void *cb_arg, nvlist_t **debugnvp) 1836 { 1837 char errbuf[1024]; 1838 send_dump_data_t sdd = { 0 }; 1839 int err = 0; 1840 nvlist_t *fss = NULL; 1841 avl_tree_t *fsavl = NULL; 1842 static uint64_t holdseq; 1843 int spa_version; 1844 pthread_t tid = 0; 1845 int pipefd[2]; 1846 dedup_arg_t dda = { 0 }; 1847 int featureflags = 0; 1848 FILE *fout; 1849 1850 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 1851 "cannot send '%s'"), zhp->zfs_name); 1852 1853 if (fromsnap && fromsnap[0] == '\0') { 1854 zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN, 1855 "zero-length incremental source")); 1856 return (zfs_error(zhp->zfs_hdl, EZFS_NOENT, errbuf)); 1857 } 1858 1859 if (zhp->zfs_type == ZFS_TYPE_FILESYSTEM) { 1860 uint64_t version; 1861 version = zfs_prop_get_int(zhp, ZFS_PROP_VERSION); 1862 if (version >= ZPL_VERSION_SA) { 1863 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL; 1864 } 1865 } 1866 1867 if (flags->holds) 1868 featureflags |= DMU_BACKUP_FEATURE_HOLDS; 1869 1870 /* 1871 * Start the dedup thread if this is a dedup stream. We do not bother 1872 * doing this if this a raw send of an encrypted dataset with dedup off 1873 * because normal encrypted blocks won't dedup. 1874 */ 1875 if (flags->dedup && !flags->dryrun && !(flags->raw && 1876 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF && 1877 zfs_prop_get_int(zhp, ZFS_PROP_DEDUP) == ZIO_CHECKSUM_OFF)) { 1878 featureflags |= (DMU_BACKUP_FEATURE_DEDUP | 1879 DMU_BACKUP_FEATURE_DEDUPPROPS); 1880 if ((err = pipe(pipefd)) != 0) { 1881 zfs_error_aux(zhp->zfs_hdl, strerror(errno)); 1882 return (zfs_error(zhp->zfs_hdl, EZFS_PIPEFAILED, 1883 errbuf)); 1884 } 1885 dda.outputfd = outfd; 1886 dda.inputfd = pipefd[1]; 1887 dda.dedup_hdl = zhp->zfs_hdl; 1888 if ((err = pthread_create(&tid, NULL, cksummer, &dda)) != 0) { 1889 (void) close(pipefd[0]); 1890 (void) close(pipefd[1]); 1891 zfs_error_aux(zhp->zfs_hdl, strerror(errno)); 1892 return (zfs_error(zhp->zfs_hdl, 1893 EZFS_THREADCREATEFAILED, errbuf)); 1894 } 1895 } 1896 1897 if (flags->replicate || flags->doall || flags->props || 1898 flags->holds || flags->backup) { 1899 dmu_replay_record_t drr = { 0 }; 1900 char *packbuf = NULL; 1901 size_t buflen = 0; 1902 zio_cksum_t zc; 1903 1904 ZIO_SET_CHECKSUM(&zc, 0, 0, 0, 0); 1905 1906 if (flags->replicate || flags->props || flags->backup || 1907 flags->holds) { 1908 nvlist_t *hdrnv; 1909 1910 VERIFY(0 == nvlist_alloc(&hdrnv, NV_UNIQUE_NAME, 0)); 1911 if (fromsnap) { 1912 VERIFY(0 == nvlist_add_string(hdrnv, 1913 "fromsnap", fromsnap)); 1914 } 1915 VERIFY(0 == nvlist_add_string(hdrnv, "tosnap", tosnap)); 1916 if (!flags->replicate) { 1917 VERIFY(0 == nvlist_add_boolean(hdrnv, 1918 "not_recursive")); 1919 } 1920 if (flags->raw) { 1921 VERIFY(0 == nvlist_add_boolean(hdrnv, "raw")); 1922 } 1923 1924 err = gather_nvlist(zhp->zfs_hdl, zhp->zfs_name, 1925 fromsnap, tosnap, flags->replicate, flags->raw, 1926 flags->verbose, flags->backup, 1927 flags->holds, flags->props, &fss, 1928 &fsavl); 1929 if (err) 1930 goto err_out; 1931 VERIFY(0 == nvlist_add_nvlist(hdrnv, "fss", fss)); 1932 err = nvlist_pack(hdrnv, &packbuf, &buflen, 1933 NV_ENCODE_XDR, 0); 1934 if (debugnvp) 1935 *debugnvp = hdrnv; 1936 else 1937 nvlist_free(hdrnv); 1938 if (err) 1939 goto stderr_out; 1940 } 1941 1942 if (!flags->dryrun) { 1943 /* write first begin record */ 1944 drr.drr_type = DRR_BEGIN; 1945 drr.drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC; 1946 DMU_SET_STREAM_HDRTYPE(drr.drr_u.drr_begin. 1947 drr_versioninfo, DMU_COMPOUNDSTREAM); 1948 DMU_SET_FEATUREFLAGS(drr.drr_u.drr_begin. 1949 drr_versioninfo, featureflags); 1950 (void) snprintf(drr.drr_u.drr_begin.drr_toname, 1951 sizeof (drr.drr_u.drr_begin.drr_toname), 1952 "%s@%s", zhp->zfs_name, tosnap); 1953 drr.drr_payloadlen = buflen; 1954 1955 err = dump_record(&drr, packbuf, buflen, &zc, outfd); 1956 free(packbuf); 1957 if (err != 0) 1958 goto stderr_out; 1959 1960 /* write end record */ 1961 bzero(&drr, sizeof (drr)); 1962 drr.drr_type = DRR_END; 1963 drr.drr_u.drr_end.drr_checksum = zc; 1964 err = write(outfd, &drr, sizeof (drr)); 1965 if (err == -1) { 1966 err = errno; 1967 goto stderr_out; 1968 } 1969 1970 err = 0; 1971 } 1972 } 1973 1974 /* dump each stream */ 1975 sdd.fromsnap = fromsnap; 1976 sdd.tosnap = tosnap; 1977 if (tid != 0) 1978 sdd.outfd = pipefd[0]; 1979 else 1980 sdd.outfd = outfd; 1981 sdd.replicate = flags->replicate; 1982 sdd.doall = flags->doall; 1983 sdd.fromorigin = flags->fromorigin; 1984 sdd.fss = fss; 1985 sdd.fsavl = fsavl; 1986 sdd.verbose = flags->verbose; 1987 sdd.parsable = flags->parsable; 1988 sdd.progress = flags->progress; 1989 sdd.dryrun = flags->dryrun; 1990 sdd.large_block = flags->largeblock; 1991 sdd.embed_data = flags->embed_data; 1992 sdd.compress = flags->compress; 1993 sdd.raw = flags->raw; 1994 sdd.holds = flags->holds; 1995 sdd.filter_cb = filter_func; 1996 sdd.filter_cb_arg = cb_arg; 1997 if (debugnvp) 1998 sdd.debugnv = *debugnvp; 1999 if (sdd.verbose && sdd.dryrun) 2000 sdd.std_out = B_TRUE; 2001 fout = sdd.std_out ? stdout : stderr; 2002 2003 /* 2004 * Some flags require that we place user holds on the datasets that are 2005 * being sent so they don't get destroyed during the send. We can skip 2006 * this step if the pool is imported read-only since the datasets cannot 2007 * be destroyed. 2008 */ 2009 if (!flags->dryrun && !zpool_get_prop_int(zfs_get_pool_handle(zhp), 2010 ZPOOL_PROP_READONLY, NULL) && 2011 zfs_spa_version(zhp, &spa_version) == 0 && 2012 spa_version >= SPA_VERSION_USERREFS && 2013 (flags->doall || flags->replicate)) { 2014 ++holdseq; 2015 (void) snprintf(sdd.holdtag, sizeof (sdd.holdtag), 2016 ".send-%d-%llu", getpid(), (u_longlong_t)holdseq); 2017 sdd.cleanup_fd = open(ZFS_DEV, O_RDWR|O_EXCL); 2018 if (sdd.cleanup_fd < 0) { 2019 err = errno; 2020 goto stderr_out; 2021 } 2022 sdd.snapholds = fnvlist_alloc(); 2023 } else { 2024 sdd.cleanup_fd = -1; 2025 sdd.snapholds = NULL; 2026 } 2027 2028 if (flags->verbose || sdd.snapholds != NULL) { 2029 /* 2030 * Do a verbose no-op dry run to get all the verbose output 2031 * or to gather snapshot hold's before generating any data, 2032 * then do a non-verbose real run to generate the streams. 2033 */ 2034 sdd.dryrun = B_TRUE; 2035 err = dump_filesystems(zhp, &sdd); 2036 2037 if (err != 0) 2038 goto stderr_out; 2039 2040 if (flags->verbose) { 2041 if (flags->parsable) { 2042 (void) fprintf(fout, "size\t%llu\n", 2043 (longlong_t)sdd.size); 2044 } else { 2045 char buf[16]; 2046 zfs_nicenum(sdd.size, buf, sizeof (buf)); 2047 (void) fprintf(fout, dgettext(TEXT_DOMAIN, 2048 "total estimated size is %s\n"), buf); 2049 } 2050 } 2051 2052 /* Ensure no snaps found is treated as an error. */ 2053 if (!sdd.seento) { 2054 err = ENOENT; 2055 goto err_out; 2056 } 2057 2058 /* Skip the second run if dryrun was requested. */ 2059 if (flags->dryrun) 2060 goto err_out; 2061 2062 if (sdd.snapholds != NULL) { 2063 err = zfs_hold_nvl(zhp, sdd.cleanup_fd, sdd.snapholds); 2064 if (err != 0) 2065 goto stderr_out; 2066 2067 fnvlist_free(sdd.snapholds); 2068 sdd.snapholds = NULL; 2069 } 2070 2071 sdd.dryrun = B_FALSE; 2072 sdd.verbose = B_FALSE; 2073 } 2074 2075 err = dump_filesystems(zhp, &sdd); 2076 fsavl_destroy(fsavl); 2077 nvlist_free(fss); 2078 2079 /* Ensure no snaps found is treated as an error. */ 2080 if (err == 0 && !sdd.seento) 2081 err = ENOENT; 2082 2083 if (tid != 0) { 2084 if (err != 0) 2085 (void) pthread_cancel(tid); 2086 (void) close(pipefd[0]); 2087 (void) pthread_join(tid, NULL); 2088 } 2089 2090 if (sdd.cleanup_fd != -1) { 2091 VERIFY(0 == close(sdd.cleanup_fd)); 2092 sdd.cleanup_fd = -1; 2093 } 2094 2095 if (!flags->dryrun && (flags->replicate || flags->doall || 2096 flags->props || flags->backup || flags->holds)) { 2097 /* 2098 * write final end record. NB: want to do this even if 2099 * there was some error, because it might not be totally 2100 * failed. 2101 */ 2102 dmu_replay_record_t drr = { 0 }; 2103 drr.drr_type = DRR_END; 2104 if (write(outfd, &drr, sizeof (drr)) == -1) { 2105 return (zfs_standard_error(zhp->zfs_hdl, 2106 errno, errbuf)); 2107 } 2108 } 2109 2110 return (err || sdd.err); 2111 2112 stderr_out: 2113 err = zfs_standard_error(zhp->zfs_hdl, err, errbuf); 2114 err_out: 2115 fsavl_destroy(fsavl); 2116 nvlist_free(fss); 2117 fnvlist_free(sdd.snapholds); 2118 2119 if (sdd.cleanup_fd != -1) 2120 VERIFY(0 == close(sdd.cleanup_fd)); 2121 if (tid != 0) { 2122 (void) pthread_cancel(tid); 2123 (void) close(pipefd[0]); 2124 (void) pthread_join(tid, NULL); 2125 } 2126 return (err); 2127 } 2128 2129 int 2130 zfs_send_one(zfs_handle_t *zhp, const char *from, int fd, 2131 enum lzc_send_flags flags) 2132 { 2133 int err; 2134 libzfs_handle_t *hdl = zhp->zfs_hdl; 2135 2136 char errbuf[1024]; 2137 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 2138 "warning: cannot send '%s'"), zhp->zfs_name); 2139 2140 err = lzc_send(zhp->zfs_name, from, fd, flags); 2141 if (err != 0) { 2142 switch (errno) { 2143 case EXDEV: 2144 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 2145 "not an earlier snapshot from the same fs")); 2146 return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf)); 2147 2148 case ENOENT: 2149 case ESRCH: 2150 if (lzc_exists(zhp->zfs_name)) { 2151 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 2152 "incremental source (%s) does not exist"), 2153 from); 2154 } 2155 return (zfs_error(hdl, EZFS_NOENT, errbuf)); 2156 2157 case EACCES: 2158 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 2159 "dataset key must be loaded")); 2160 return (zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf)); 2161 2162 case EBUSY: 2163 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 2164 "target is busy; if a filesystem, " 2165 "it must not be mounted")); 2166 return (zfs_error(hdl, EZFS_BUSY, errbuf)); 2167 2168 case EDQUOT: 2169 case EFBIG: 2170 case EIO: 2171 case ENOLINK: 2172 case ENOSPC: 2173 case ENOSTR: 2174 case ENXIO: 2175 case EPIPE: 2176 case ERANGE: 2177 case EFAULT: 2178 case EROFS: 2179 zfs_error_aux(hdl, strerror(errno)); 2180 return (zfs_error(hdl, EZFS_BADBACKUP, errbuf)); 2181 2182 default: 2183 return (zfs_standard_error(hdl, errno, errbuf)); 2184 } 2185 } 2186 return (err != 0); 2187 } 2188 2189 /* 2190 * Routines specific to "zfs recv" 2191 */ 2192 2193 static int 2194 recv_read(libzfs_handle_t *hdl, int fd, void *buf, int ilen, 2195 boolean_t byteswap, zio_cksum_t *zc) 2196 { 2197 char *cp = buf; 2198 int rv; 2199 int len = ilen; 2200 2201 assert(ilen <= SPA_MAXBLOCKSIZE); 2202 2203 do { 2204 rv = read(fd, cp, len); 2205 cp += rv; 2206 len -= rv; 2207 } while (rv > 0); 2208 2209 if (rv < 0 || len != 0) { 2210 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 2211 "failed to read from stream")); 2212 return (zfs_error(hdl, EZFS_BADSTREAM, dgettext(TEXT_DOMAIN, 2213 "cannot receive"))); 2214 } 2215 2216 if (zc) { 2217 if (byteswap) 2218 (void) fletcher_4_incremental_byteswap(buf, ilen, zc); 2219 else 2220 (void) fletcher_4_incremental_native(buf, ilen, zc); 2221 } 2222 return (0); 2223 } 2224 2225 static int 2226 recv_read_nvlist(libzfs_handle_t *hdl, int fd, int len, nvlist_t **nvp, 2227 boolean_t byteswap, zio_cksum_t *zc) 2228 { 2229 char *buf; 2230 int err; 2231 2232 buf = zfs_alloc(hdl, len); 2233 if (buf == NULL) 2234 return (ENOMEM); 2235 2236 err = recv_read(hdl, fd, buf, len, byteswap, zc); 2237 if (err != 0) { 2238 free(buf); 2239 return (err); 2240 } 2241 2242 err = nvlist_unpack(buf, len, nvp, 0); 2243 free(buf); 2244 if (err != 0) { 2245 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid " 2246 "stream (malformed nvlist)")); 2247 return (EINVAL); 2248 } 2249 return (0); 2250 } 2251 2252 /* 2253 * Returns the grand origin (origin of origin of origin...) of a given handle. 2254 * If this dataset is not a clone, it simply returns a copy of the original 2255 * handle. 2256 */ 2257 static zfs_handle_t * 2258 recv_open_grand_origin(zfs_handle_t *zhp) 2259 { 2260 char origin[ZFS_MAX_DATASET_NAME_LEN]; 2261 zprop_source_t src; 2262 zfs_handle_t *ozhp = zfs_handle_dup(zhp); 2263 2264 while (ozhp != NULL) { 2265 if (zfs_prop_get(ozhp, ZFS_PROP_ORIGIN, origin, 2266 sizeof (origin), &src, NULL, 0, B_FALSE) != 0) 2267 break; 2268 2269 (void) zfs_close(ozhp); 2270 ozhp = zfs_open(zhp->zfs_hdl, origin, ZFS_TYPE_FILESYSTEM); 2271 } 2272 2273 return (ozhp); 2274 } 2275 2276 static int 2277 recv_rename_impl(zfs_handle_t *zhp, const char *source, const char *target) 2278 { 2279 int err; 2280 zfs_handle_t *ozhp = NULL; 2281 2282 /* 2283 * Attempt to rename the dataset. If it fails with EACCES we have 2284 * attempted to rename the dataset outside of its encryption root. 2285 * Force the dataset to become an encryption root and try again. 2286 */ 2287 err = lzc_rename(source, target); 2288 if (err == EACCES) { 2289 ozhp = recv_open_grand_origin(zhp); 2290 if (ozhp == NULL) { 2291 err = ENOENT; 2292 goto out; 2293 } 2294 2295 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY, 2296 NULL, NULL, 0); 2297 if (err != 0) 2298 goto out; 2299 2300 err = lzc_rename(source, target); 2301 } 2302 2303 out: 2304 if (ozhp != NULL) 2305 zfs_close(ozhp); 2306 return (err); 2307 } 2308 2309 static int 2310 recv_rename(libzfs_handle_t *hdl, const char *name, const char *tryname, 2311 int baselen, char *newname, recvflags_t *flags) 2312 { 2313 static int seq; 2314 int err; 2315 prop_changelist_t *clp = NULL; 2316 zfs_handle_t *zhp = NULL; 2317 2318 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET); 2319 if (zhp == NULL) { 2320 err = -1; 2321 goto out; 2322 } 2323 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0, 2324 flags->force ? MS_FORCE : 0); 2325 if (clp == NULL) { 2326 err = -1; 2327 goto out; 2328 } 2329 err = changelist_prefix(clp); 2330 if (err) 2331 goto out; 2332 2333 if (tryname) { 2334 (void) strcpy(newname, tryname); 2335 if (flags->verbose) { 2336 (void) printf("attempting rename %s to %s\n", 2337 name, newname); 2338 } 2339 err = recv_rename_impl(zhp, name, newname); 2340 if (err == 0) 2341 changelist_rename(clp, name, tryname); 2342 } else { 2343 err = ENOENT; 2344 } 2345 2346 if (err != 0 && strncmp(name + baselen, "recv-", 5) != 0) { 2347 seq++; 2348 2349 (void) snprintf(newname, ZFS_MAX_DATASET_NAME_LEN, 2350 "%.*srecv-%u-%u", baselen, name, getpid(), seq); 2351 if (flags->verbose) { 2352 (void) printf("failed - trying rename %s to %s\n", 2353 name, newname); 2354 } 2355 err = recv_rename_impl(zhp, name, newname); 2356 if (err == 0) 2357 changelist_rename(clp, name, newname); 2358 if (err && flags->verbose) { 2359 (void) printf("failed (%u) - " 2360 "will try again on next pass\n", errno); 2361 } 2362 err = EAGAIN; 2363 } else if (flags->verbose) { 2364 if (err == 0) 2365 (void) printf("success\n"); 2366 else 2367 (void) printf("failed (%u)\n", errno); 2368 } 2369 2370 (void) changelist_postfix(clp); 2371 2372 out: 2373 if (clp != NULL) 2374 changelist_free(clp); 2375 if (zhp != NULL) 2376 zfs_close(zhp); 2377 2378 return (err); 2379 } 2380 2381 static int 2382 recv_promote(libzfs_handle_t *hdl, const char *fsname, 2383 const char *origin_fsname, recvflags_t *flags) 2384 { 2385 int err; 2386 zfs_cmd_t zc = {"\0"}; 2387 zfs_handle_t *zhp = NULL, *ozhp = NULL; 2388 2389 if (flags->verbose) 2390 (void) printf("promoting %s\n", fsname); 2391 2392 (void) strlcpy(zc.zc_value, origin_fsname, sizeof (zc.zc_value)); 2393 (void) strlcpy(zc.zc_name, fsname, sizeof (zc.zc_name)); 2394 2395 /* 2396 * Attempt to promote the dataset. If it fails with EACCES the 2397 * promotion would cause this dataset to leave its encryption root. 2398 * Force the origin to become an encryption root and try again. 2399 */ 2400 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc); 2401 if (err == EACCES) { 2402 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET); 2403 if (zhp == NULL) { 2404 err = -1; 2405 goto out; 2406 } 2407 2408 ozhp = recv_open_grand_origin(zhp); 2409 if (ozhp == NULL) { 2410 err = -1; 2411 goto out; 2412 } 2413 2414 err = lzc_change_key(ozhp->zfs_name, DCP_CMD_FORCE_NEW_KEY, 2415 NULL, NULL, 0); 2416 if (err != 0) 2417 goto out; 2418 2419 err = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc); 2420 } 2421 2422 out: 2423 if (zhp != NULL) 2424 zfs_close(zhp); 2425 if (ozhp != NULL) 2426 zfs_close(ozhp); 2427 2428 return (err); 2429 } 2430 2431 static int 2432 recv_destroy(libzfs_handle_t *hdl, const char *name, int baselen, 2433 char *newname, recvflags_t *flags) 2434 { 2435 int err = 0; 2436 prop_changelist_t *clp; 2437 zfs_handle_t *zhp; 2438 boolean_t defer = B_FALSE; 2439 int spa_version; 2440 2441 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET); 2442 if (zhp == NULL) 2443 return (-1); 2444 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0, 2445 flags->force ? MS_FORCE : 0); 2446 if (zfs_get_type(zhp) == ZFS_TYPE_SNAPSHOT && 2447 zfs_spa_version(zhp, &spa_version) == 0 && 2448 spa_version >= SPA_VERSION_USERREFS) 2449 defer = B_TRUE; 2450 zfs_close(zhp); 2451 if (clp == NULL) 2452 return (-1); 2453 err = changelist_prefix(clp); 2454 if (err) 2455 return (err); 2456 2457 if (flags->verbose) 2458 (void) printf("attempting destroy %s\n", name); 2459 if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) { 2460 nvlist_t *nv = fnvlist_alloc(); 2461 fnvlist_add_boolean(nv, name); 2462 err = lzc_destroy_snaps(nv, defer, NULL); 2463 fnvlist_free(nv); 2464 } else { 2465 err = lzc_destroy(name); 2466 } 2467 if (err == 0) { 2468 if (flags->verbose) 2469 (void) printf("success\n"); 2470 changelist_remove(clp, name); 2471 } 2472 2473 (void) changelist_postfix(clp); 2474 changelist_free(clp); 2475 2476 /* 2477 * Deferred destroy might destroy the snapshot or only mark it to be 2478 * destroyed later, and it returns success in either case. 2479 */ 2480 if (err != 0 || (defer && zfs_dataset_exists(hdl, name, 2481 ZFS_TYPE_SNAPSHOT))) { 2482 err = recv_rename(hdl, name, NULL, baselen, newname, flags); 2483 } 2484 2485 return (err); 2486 } 2487 2488 typedef struct guid_to_name_data { 2489 uint64_t guid; 2490 boolean_t bookmark_ok; 2491 char *name; 2492 char *skip; 2493 } guid_to_name_data_t; 2494 2495 static int 2496 guid_to_name_cb(zfs_handle_t *zhp, void *arg) 2497 { 2498 guid_to_name_data_t *gtnd = arg; 2499 const char *slash; 2500 int err; 2501 2502 if (gtnd->skip != NULL && 2503 (slash = strrchr(zhp->zfs_name, '/')) != NULL && 2504 strcmp(slash + 1, gtnd->skip) == 0) { 2505 zfs_close(zhp); 2506 return (0); 2507 } 2508 2509 if (zfs_prop_get_int(zhp, ZFS_PROP_GUID) == gtnd->guid) { 2510 (void) strcpy(gtnd->name, zhp->zfs_name); 2511 zfs_close(zhp); 2512 return (EEXIST); 2513 } 2514 2515 err = zfs_iter_children(zhp, guid_to_name_cb, gtnd); 2516 if (err != EEXIST && gtnd->bookmark_ok) 2517 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, gtnd); 2518 zfs_close(zhp); 2519 return (err); 2520 } 2521 2522 /* 2523 * Attempt to find the local dataset associated with this guid. In the case of 2524 * multiple matches, we attempt to find the "best" match by searching 2525 * progressively larger portions of the hierarchy. This allows one to send a 2526 * tree of datasets individually and guarantee that we will find the source 2527 * guid within that hierarchy, even if there are multiple matches elsewhere. 2528 */ 2529 static int 2530 guid_to_name(libzfs_handle_t *hdl, const char *parent, uint64_t guid, 2531 boolean_t bookmark_ok, char *name) 2532 { 2533 char pname[ZFS_MAX_DATASET_NAME_LEN]; 2534 guid_to_name_data_t gtnd; 2535 2536 gtnd.guid = guid; 2537 gtnd.bookmark_ok = bookmark_ok; 2538 gtnd.name = name; 2539 gtnd.skip = NULL; 2540 2541 /* 2542 * Search progressively larger portions of the hierarchy, starting 2543 * with the filesystem specified by 'parent'. This will 2544 * select the "most local" version of the origin snapshot in the case 2545 * that there are multiple matching snapshots in the system. 2546 */ 2547 (void) strlcpy(pname, parent, sizeof (pname)); 2548 char *cp = strrchr(pname, '@'); 2549 if (cp == NULL) 2550 cp = strchr(pname, '\0'); 2551 for (; cp != NULL; cp = strrchr(pname, '/')) { 2552 /* Chop off the last component and open the parent */ 2553 *cp = '\0'; 2554 zfs_handle_t *zhp = make_dataset_handle(hdl, pname); 2555 2556 if (zhp == NULL) 2557 continue; 2558 int err = guid_to_name_cb(zfs_handle_dup(zhp), >nd); 2559 if (err != EEXIST) 2560 err = zfs_iter_children(zhp, guid_to_name_cb, >nd); 2561 if (err != EEXIST && bookmark_ok) 2562 err = zfs_iter_bookmarks(zhp, guid_to_name_cb, >nd); 2563 zfs_close(zhp); 2564 if (err == EEXIST) 2565 return (0); 2566 2567 /* 2568 * Remember the last portion of the dataset so we skip it next 2569 * time through (as we've already searched that portion of the 2570 * hierarchy). 2571 */ 2572 gtnd.skip = strrchr(pname, '/') + 1; 2573 } 2574 2575 return (ENOENT); 2576 } 2577 2578 /* 2579 * Return +1 if guid1 is before guid2, 0 if they are the same, and -1 if 2580 * guid1 is after guid2. 2581 */ 2582 static int 2583 created_before(libzfs_handle_t *hdl, avl_tree_t *avl, 2584 uint64_t guid1, uint64_t guid2) 2585 { 2586 nvlist_t *nvfs; 2587 char *fsname, *snapname; 2588 char buf[ZFS_MAX_DATASET_NAME_LEN]; 2589 int rv; 2590 zfs_handle_t *guid1hdl, *guid2hdl; 2591 uint64_t create1, create2; 2592 2593 if (guid2 == 0) 2594 return (0); 2595 if (guid1 == 0) 2596 return (1); 2597 2598 nvfs = fsavl_find(avl, guid1, &snapname); 2599 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname)); 2600 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname); 2601 guid1hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT); 2602 if (guid1hdl == NULL) 2603 return (-1); 2604 2605 nvfs = fsavl_find(avl, guid2, &snapname); 2606 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname)); 2607 (void) snprintf(buf, sizeof (buf), "%s@%s", fsname, snapname); 2608 guid2hdl = zfs_open(hdl, buf, ZFS_TYPE_SNAPSHOT); 2609 if (guid2hdl == NULL) { 2610 zfs_close(guid1hdl); 2611 return (-1); 2612 } 2613 2614 create1 = zfs_prop_get_int(guid1hdl, ZFS_PROP_CREATETXG); 2615 create2 = zfs_prop_get_int(guid2hdl, ZFS_PROP_CREATETXG); 2616 2617 if (create1 < create2) 2618 rv = -1; 2619 else if (create1 > create2) 2620 rv = +1; 2621 else 2622 rv = 0; 2623 2624 zfs_close(guid1hdl); 2625 zfs_close(guid2hdl); 2626 2627 return (rv); 2628 } 2629 2630 /* 2631 * This function reestablishes the heirarchy of encryption roots after a 2632 * recursive incremental receive has completed. This must be done after the 2633 * second call to recv_incremental_replication() has renamed and promoted all 2634 * sent datasets to their final locations in the dataset heriarchy. 2635 */ 2636 /* ARGSUSED */ 2637 static int 2638 recv_fix_encryption_hierarchy(libzfs_handle_t *hdl, const char *destname, 2639 nvlist_t *stream_nv, avl_tree_t *stream_avl) 2640 { 2641 int err; 2642 nvpair_t *fselem = NULL; 2643 nvlist_t *stream_fss; 2644 char *cp; 2645 char top_zfs[ZFS_MAX_DATASET_NAME_LEN]; 2646 2647 (void) strcpy(top_zfs, destname); 2648 cp = strrchr(top_zfs, '@'); 2649 if (cp != NULL) 2650 *cp = '\0'; 2651 2652 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss", &stream_fss)); 2653 2654 while ((fselem = nvlist_next_nvpair(stream_fss, fselem)) != NULL) { 2655 zfs_handle_t *zhp = NULL; 2656 uint64_t crypt; 2657 nvlist_t *snaps, *props, *stream_nvfs = NULL; 2658 nvpair_t *snapel = NULL; 2659 boolean_t is_encroot, is_clone, stream_encroot; 2660 char *cp; 2661 char *stream_keylocation = NULL; 2662 char keylocation[MAXNAMELEN]; 2663 char fsname[ZFS_MAX_DATASET_NAME_LEN]; 2664 2665 keylocation[0] = '\0'; 2666 VERIFY(0 == nvpair_value_nvlist(fselem, &stream_nvfs)); 2667 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "snaps", &snaps)); 2668 VERIFY(0 == nvlist_lookup_nvlist(stream_nvfs, "props", &props)); 2669 stream_encroot = nvlist_exists(stream_nvfs, "is_encroot"); 2670 2671 /* find a snapshot from the stream that exists locally */ 2672 err = ENOENT; 2673 while ((snapel = nvlist_next_nvpair(snaps, snapel)) != NULL) { 2674 uint64_t guid; 2675 2676 VERIFY(0 == nvpair_value_uint64(snapel, &guid)); 2677 err = guid_to_name(hdl, destname, guid, B_FALSE, 2678 fsname); 2679 if (err == 0) 2680 break; 2681 } 2682 2683 if (err != 0) 2684 continue; 2685 2686 cp = strchr(fsname, '@'); 2687 if (cp != NULL) 2688 *cp = '\0'; 2689 2690 zhp = zfs_open(hdl, fsname, ZFS_TYPE_DATASET); 2691 if (zhp == NULL) { 2692 err = ENOENT; 2693 goto error; 2694 } 2695 2696 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION); 2697 is_clone = zhp->zfs_dmustats.dds_origin[0] != '\0'; 2698 (void) zfs_crypto_get_encryption_root(zhp, &is_encroot, NULL); 2699 2700 /* we don't need to do anything for unencrypted datasets */ 2701 if (crypt == ZIO_CRYPT_OFF) { 2702 zfs_close(zhp); 2703 continue; 2704 } 2705 2706 /* 2707 * If the dataset is flagged as an encryption root, was not 2708 * received as a clone and is not currently an encryption root, 2709 * force it to become one. Fixup the keylocation if necessary. 2710 */ 2711 if (stream_encroot) { 2712 if (!is_clone && !is_encroot) { 2713 err = lzc_change_key(fsname, 2714 DCP_CMD_FORCE_NEW_KEY, NULL, NULL, 0); 2715 if (err != 0) { 2716 zfs_close(zhp); 2717 goto error; 2718 } 2719 } 2720 2721 VERIFY(0 == nvlist_lookup_string(props, 2722 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), 2723 &stream_keylocation)); 2724 2725 /* 2726 * Refresh the properties in case the call to 2727 * lzc_change_key() changed the value. 2728 */ 2729 zfs_refresh_properties(zhp); 2730 err = zfs_prop_get(zhp, ZFS_PROP_KEYLOCATION, 2731 keylocation, sizeof (keylocation), NULL, NULL, 2732 0, B_TRUE); 2733 if (err != 0) { 2734 zfs_close(zhp); 2735 goto error; 2736 } 2737 2738 if (strcmp(keylocation, stream_keylocation) != 0) { 2739 err = zfs_prop_set(zhp, 2740 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), 2741 stream_keylocation); 2742 if (err != 0) { 2743 zfs_close(zhp); 2744 goto error; 2745 } 2746 } 2747 } 2748 2749 /* 2750 * If the dataset is not flagged as an encryption root and is 2751 * currently an encryption root, force it to inherit from its 2752 * parent. The root of a raw send should never be 2753 * force-inherited. 2754 */ 2755 if (!stream_encroot && is_encroot && 2756 strcmp(top_zfs, fsname) != 0) { 2757 err = lzc_change_key(fsname, DCP_CMD_FORCE_INHERIT, 2758 NULL, NULL, 0); 2759 if (err != 0) { 2760 zfs_close(zhp); 2761 goto error; 2762 } 2763 } 2764 2765 zfs_close(zhp); 2766 } 2767 2768 return (0); 2769 2770 error: 2771 return (err); 2772 } 2773 2774 static int 2775 recv_incremental_replication(libzfs_handle_t *hdl, const char *tofs, 2776 recvflags_t *flags, nvlist_t *stream_nv, avl_tree_t *stream_avl, 2777 nvlist_t *renamed) 2778 { 2779 nvlist_t *local_nv; 2780 avl_tree_t *local_avl; 2781 nvpair_t *fselem, *nextfselem; 2782 char *fromsnap; 2783 char newname[ZFS_MAX_DATASET_NAME_LEN]; 2784 int error; 2785 boolean_t needagain, progress, recursive; 2786 char *s1, *s2; 2787 2788 VERIFY(0 == nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap)); 2789 2790 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") == 2791 ENOENT); 2792 2793 if (flags->dryrun) 2794 return (0); 2795 2796 again: 2797 needagain = progress = B_FALSE; 2798 2799 if ((error = gather_nvlist(hdl, tofs, fromsnap, NULL, 2800 recursive, B_TRUE, B_FALSE, 2801 B_FALSE, B_FALSE, B_TRUE, &local_nv, &local_avl)) != 0) 2802 return (error); 2803 2804 /* 2805 * Process deletes and renames 2806 */ 2807 for (fselem = nvlist_next_nvpair(local_nv, NULL); 2808 fselem; fselem = nextfselem) { 2809 nvlist_t *nvfs, *snaps; 2810 nvlist_t *stream_nvfs = NULL; 2811 nvpair_t *snapelem, *nextsnapelem; 2812 uint64_t fromguid = 0; 2813 uint64_t originguid = 0; 2814 uint64_t stream_originguid = 0; 2815 uint64_t parent_fromsnap_guid, stream_parent_fromsnap_guid; 2816 char *fsname, *stream_fsname; 2817 2818 nextfselem = nvlist_next_nvpair(local_nv, fselem); 2819 2820 VERIFY(0 == nvpair_value_nvlist(fselem, &nvfs)); 2821 VERIFY(0 == nvlist_lookup_nvlist(nvfs, "snaps", &snaps)); 2822 VERIFY(0 == nvlist_lookup_string(nvfs, "name", &fsname)); 2823 VERIFY(0 == nvlist_lookup_uint64(nvfs, "parentfromsnap", 2824 &parent_fromsnap_guid)); 2825 (void) nvlist_lookup_uint64(nvfs, "origin", &originguid); 2826 2827 /* 2828 * First find the stream's fs, so we can check for 2829 * a different origin (due to "zfs promote") 2830 */ 2831 for (snapelem = nvlist_next_nvpair(snaps, NULL); 2832 snapelem; snapelem = nvlist_next_nvpair(snaps, snapelem)) { 2833 uint64_t thisguid; 2834 2835 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid)); 2836 stream_nvfs = fsavl_find(stream_avl, thisguid, NULL); 2837 2838 if (stream_nvfs != NULL) 2839 break; 2840 } 2841 2842 /* check for promote */ 2843 (void) nvlist_lookup_uint64(stream_nvfs, "origin", 2844 &stream_originguid); 2845 if (stream_nvfs && originguid != stream_originguid) { 2846 switch (created_before(hdl, local_avl, 2847 stream_originguid, originguid)) { 2848 case 1: { 2849 /* promote it! */ 2850 nvlist_t *origin_nvfs; 2851 char *origin_fsname; 2852 2853 origin_nvfs = fsavl_find(local_avl, originguid, 2854 NULL); 2855 VERIFY(0 == nvlist_lookup_string(origin_nvfs, 2856 "name", &origin_fsname)); 2857 error = recv_promote(hdl, fsname, origin_fsname, 2858 flags); 2859 if (error == 0) 2860 progress = B_TRUE; 2861 break; 2862 } 2863 default: 2864 break; 2865 case -1: 2866 fsavl_destroy(local_avl); 2867 nvlist_free(local_nv); 2868 return (-1); 2869 } 2870 /* 2871 * We had/have the wrong origin, therefore our 2872 * list of snapshots is wrong. Need to handle 2873 * them on the next pass. 2874 */ 2875 needagain = B_TRUE; 2876 continue; 2877 } 2878 2879 for (snapelem = nvlist_next_nvpair(snaps, NULL); 2880 snapelem; snapelem = nextsnapelem) { 2881 uint64_t thisguid; 2882 char *stream_snapname; 2883 nvlist_t *found, *props; 2884 2885 nextsnapelem = nvlist_next_nvpair(snaps, snapelem); 2886 2887 VERIFY(0 == nvpair_value_uint64(snapelem, &thisguid)); 2888 found = fsavl_find(stream_avl, thisguid, 2889 &stream_snapname); 2890 2891 /* check for delete */ 2892 if (found == NULL) { 2893 char name[ZFS_MAX_DATASET_NAME_LEN]; 2894 2895 if (!flags->force) 2896 continue; 2897 2898 (void) snprintf(name, sizeof (name), "%s@%s", 2899 fsname, nvpair_name(snapelem)); 2900 2901 error = recv_destroy(hdl, name, 2902 strlen(fsname)+1, newname, flags); 2903 if (error) 2904 needagain = B_TRUE; 2905 else 2906 progress = B_TRUE; 2907 continue; 2908 } 2909 2910 stream_nvfs = found; 2911 2912 if (0 == nvlist_lookup_nvlist(stream_nvfs, "snapprops", 2913 &props) && 0 == nvlist_lookup_nvlist(props, 2914 stream_snapname, &props)) { 2915 zfs_cmd_t zc = { 0 }; 2916 2917 zc.zc_cookie = B_TRUE; /* received */ 2918 (void) snprintf(zc.zc_name, sizeof (zc.zc_name), 2919 "%s@%s", fsname, nvpair_name(snapelem)); 2920 if (zcmd_write_src_nvlist(hdl, &zc, 2921 props) == 0) { 2922 (void) zfs_ioctl(hdl, 2923 ZFS_IOC_SET_PROP, &zc); 2924 zcmd_free_nvlists(&zc); 2925 } 2926 } 2927 2928 /* check for different snapname */ 2929 if (strcmp(nvpair_name(snapelem), 2930 stream_snapname) != 0) { 2931 char name[ZFS_MAX_DATASET_NAME_LEN]; 2932 char tryname[ZFS_MAX_DATASET_NAME_LEN]; 2933 2934 (void) snprintf(name, sizeof (name), "%s@%s", 2935 fsname, nvpair_name(snapelem)); 2936 (void) snprintf(tryname, sizeof (name), "%s@%s", 2937 fsname, stream_snapname); 2938 2939 error = recv_rename(hdl, name, tryname, 2940 strlen(fsname)+1, newname, flags); 2941 if (error) 2942 needagain = B_TRUE; 2943 else 2944 progress = B_TRUE; 2945 } 2946 2947 if (strcmp(stream_snapname, fromsnap) == 0) 2948 fromguid = thisguid; 2949 } 2950 2951 /* check for delete */ 2952 if (stream_nvfs == NULL) { 2953 if (!flags->force) 2954 continue; 2955 2956 error = recv_destroy(hdl, fsname, strlen(tofs)+1, 2957 newname, flags); 2958 if (error) 2959 needagain = B_TRUE; 2960 else 2961 progress = B_TRUE; 2962 continue; 2963 } 2964 2965 if (fromguid == 0) { 2966 if (flags->verbose) { 2967 (void) printf("local fs %s does not have " 2968 "fromsnap (%s in stream); must have " 2969 "been deleted locally; ignoring\n", 2970 fsname, fromsnap); 2971 } 2972 continue; 2973 } 2974 2975 VERIFY(0 == nvlist_lookup_string(stream_nvfs, 2976 "name", &stream_fsname)); 2977 VERIFY(0 == nvlist_lookup_uint64(stream_nvfs, 2978 "parentfromsnap", &stream_parent_fromsnap_guid)); 2979 2980 s1 = strrchr(fsname, '/'); 2981 s2 = strrchr(stream_fsname, '/'); 2982 2983 /* 2984 * Check for rename. If the exact receive path is specified, it 2985 * does not count as a rename, but we still need to check the 2986 * datasets beneath it. 2987 */ 2988 if ((stream_parent_fromsnap_guid != 0 && 2989 parent_fromsnap_guid != 0 && 2990 stream_parent_fromsnap_guid != parent_fromsnap_guid) || 2991 ((flags->isprefix || strcmp(tofs, fsname) != 0) && 2992 (s1 != NULL) && (s2 != NULL) && strcmp(s1, s2) != 0)) { 2993 nvlist_t *parent; 2994 char tryname[ZFS_MAX_DATASET_NAME_LEN]; 2995 2996 parent = fsavl_find(local_avl, 2997 stream_parent_fromsnap_guid, NULL); 2998 /* 2999 * NB: parent might not be found if we used the 3000 * tosnap for stream_parent_fromsnap_guid, 3001 * because the parent is a newly-created fs; 3002 * we'll be able to rename it after we recv the 3003 * new fs. 3004 */ 3005 if (parent != NULL) { 3006 char *pname; 3007 3008 VERIFY(0 == nvlist_lookup_string(parent, "name", 3009 &pname)); 3010 (void) snprintf(tryname, sizeof (tryname), 3011 "%s%s", pname, strrchr(stream_fsname, '/')); 3012 } else { 3013 tryname[0] = '\0'; 3014 if (flags->verbose) { 3015 (void) printf("local fs %s new parent " 3016 "not found\n", fsname); 3017 } 3018 } 3019 3020 newname[0] = '\0'; 3021 3022 error = recv_rename(hdl, fsname, tryname, 3023 strlen(tofs)+1, newname, flags); 3024 3025 if (renamed != NULL && newname[0] != '\0') { 3026 VERIFY(0 == nvlist_add_boolean(renamed, 3027 newname)); 3028 } 3029 3030 if (error) 3031 needagain = B_TRUE; 3032 else 3033 progress = B_TRUE; 3034 } 3035 } 3036 3037 fsavl_destroy(local_avl); 3038 nvlist_free(local_nv); 3039 3040 if (needagain && progress) { 3041 /* do another pass to fix up temporary names */ 3042 if (flags->verbose) 3043 (void) printf("another pass:\n"); 3044 goto again; 3045 } 3046 3047 return (needagain || error != 0); 3048 } 3049 3050 static int 3051 zfs_receive_package(libzfs_handle_t *hdl, int fd, const char *destname, 3052 recvflags_t *flags, dmu_replay_record_t *drr, zio_cksum_t *zc, 3053 char **top_zfs, int cleanup_fd, uint64_t *action_handlep, 3054 nvlist_t *cmdprops) 3055 { 3056 nvlist_t *stream_nv = NULL; 3057 avl_tree_t *stream_avl = NULL; 3058 char *fromsnap = NULL; 3059 char *sendsnap = NULL; 3060 char *cp; 3061 char tofs[ZFS_MAX_DATASET_NAME_LEN]; 3062 char sendfs[ZFS_MAX_DATASET_NAME_LEN]; 3063 char errbuf[1024]; 3064 dmu_replay_record_t drre; 3065 int error; 3066 boolean_t anyerr = B_FALSE; 3067 boolean_t softerr = B_FALSE; 3068 boolean_t recursive, raw; 3069 3070 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 3071 "cannot receive")); 3072 3073 assert(drr->drr_type == DRR_BEGIN); 3074 assert(drr->drr_u.drr_begin.drr_magic == DMU_BACKUP_MAGIC); 3075 assert(DMU_GET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo) == 3076 DMU_COMPOUNDSTREAM); 3077 3078 /* 3079 * Read in the nvlist from the stream. 3080 */ 3081 if (drr->drr_payloadlen != 0) { 3082 error = recv_read_nvlist(hdl, fd, drr->drr_payloadlen, 3083 &stream_nv, flags->byteswap, zc); 3084 if (error) { 3085 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf); 3086 goto out; 3087 } 3088 } 3089 3090 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") == 3091 ENOENT); 3092 raw = (nvlist_lookup_boolean(stream_nv, "raw") == 0); 3093 3094 if (recursive && strchr(destname, '@')) { 3095 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3096 "cannot specify snapshot name for multi-snapshot stream")); 3097 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf); 3098 goto out; 3099 } 3100 3101 /* 3102 * Read in the end record and verify checksum. 3103 */ 3104 if (0 != (error = recv_read(hdl, fd, &drre, sizeof (drre), 3105 flags->byteswap, NULL))) 3106 goto out; 3107 if (flags->byteswap) { 3108 drre.drr_type = BSWAP_32(drre.drr_type); 3109 drre.drr_u.drr_end.drr_checksum.zc_word[0] = 3110 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[0]); 3111 drre.drr_u.drr_end.drr_checksum.zc_word[1] = 3112 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[1]); 3113 drre.drr_u.drr_end.drr_checksum.zc_word[2] = 3114 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[2]); 3115 drre.drr_u.drr_end.drr_checksum.zc_word[3] = 3116 BSWAP_64(drre.drr_u.drr_end.drr_checksum.zc_word[3]); 3117 } 3118 if (drre.drr_type != DRR_END) { 3119 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf); 3120 goto out; 3121 } 3122 if (!ZIO_CHECKSUM_EQUAL(drre.drr_u.drr_end.drr_checksum, *zc)) { 3123 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3124 "incorrect header checksum")); 3125 error = zfs_error(hdl, EZFS_BADSTREAM, errbuf); 3126 goto out; 3127 } 3128 3129 (void) nvlist_lookup_string(stream_nv, "fromsnap", &fromsnap); 3130 3131 if (drr->drr_payloadlen != 0) { 3132 nvlist_t *stream_fss; 3133 3134 VERIFY(0 == nvlist_lookup_nvlist(stream_nv, "fss", 3135 &stream_fss)); 3136 if ((stream_avl = fsavl_create(stream_fss)) == NULL) { 3137 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3138 "couldn't allocate avl tree")); 3139 error = zfs_error(hdl, EZFS_NOMEM, errbuf); 3140 goto out; 3141 } 3142 3143 if (fromsnap != NULL && recursive) { 3144 nvlist_t *renamed = NULL; 3145 nvpair_t *pair = NULL; 3146 3147 (void) strlcpy(tofs, destname, sizeof (tofs)); 3148 if (flags->isprefix) { 3149 struct drr_begin *drrb = &drr->drr_u.drr_begin; 3150 int i; 3151 3152 if (flags->istail) { 3153 cp = strrchr(drrb->drr_toname, '/'); 3154 if (cp == NULL) { 3155 (void) strlcat(tofs, "/", 3156 sizeof (tofs)); 3157 i = 0; 3158 } else { 3159 i = (cp - drrb->drr_toname); 3160 } 3161 } else { 3162 i = strcspn(drrb->drr_toname, "/@"); 3163 } 3164 /* zfs_receive_one() will create_parents() */ 3165 (void) strlcat(tofs, &drrb->drr_toname[i], 3166 sizeof (tofs)); 3167 *strchr(tofs, '@') = '\0'; 3168 } 3169 3170 if (!flags->dryrun && !flags->nomount) { 3171 VERIFY(0 == nvlist_alloc(&renamed, 3172 NV_UNIQUE_NAME, 0)); 3173 } 3174 3175 softerr = recv_incremental_replication(hdl, tofs, flags, 3176 stream_nv, stream_avl, renamed); 3177 3178 /* Unmount renamed filesystems before receiving. */ 3179 while ((pair = nvlist_next_nvpair(renamed, 3180 pair)) != NULL) { 3181 zfs_handle_t *zhp; 3182 prop_changelist_t *clp = NULL; 3183 3184 zhp = zfs_open(hdl, nvpair_name(pair), 3185 ZFS_TYPE_FILESYSTEM); 3186 if (zhp != NULL) { 3187 clp = changelist_gather(zhp, 3188 ZFS_PROP_MOUNTPOINT, 0, 0); 3189 zfs_close(zhp); 3190 if (clp != NULL) { 3191 softerr |= 3192 changelist_prefix(clp); 3193 changelist_free(clp); 3194 } 3195 } 3196 } 3197 3198 nvlist_free(renamed); 3199 } 3200 } 3201 3202 /* 3203 * Get the fs specified by the first path in the stream (the top level 3204 * specified by 'zfs send') and pass it to each invocation of 3205 * zfs_receive_one(). 3206 */ 3207 (void) strlcpy(sendfs, drr->drr_u.drr_begin.drr_toname, 3208 sizeof (sendfs)); 3209 if ((cp = strchr(sendfs, '@')) != NULL) { 3210 *cp = '\0'; 3211 /* 3212 * Find the "sendsnap", the final snapshot in a replication 3213 * stream. zfs_receive_one() handles certain errors 3214 * differently, depending on if the contained stream is the 3215 * last one or not. 3216 */ 3217 sendsnap = (cp + 1); 3218 } 3219 3220 /* Finally, receive each contained stream */ 3221 do { 3222 /* 3223 * we should figure out if it has a recoverable 3224 * error, in which case do a recv_skip() and drive on. 3225 * Note, if we fail due to already having this guid, 3226 * zfs_receive_one() will take care of it (ie, 3227 * recv_skip() and return 0). 3228 */ 3229 error = zfs_receive_impl(hdl, destname, NULL, flags, fd, 3230 sendfs, stream_nv, stream_avl, top_zfs, cleanup_fd, 3231 action_handlep, sendsnap, cmdprops); 3232 if (error == ENODATA) { 3233 error = 0; 3234 break; 3235 } 3236 anyerr |= error; 3237 } while (error == 0); 3238 3239 if (drr->drr_payloadlen != 0 && recursive && fromsnap != NULL) { 3240 /* 3241 * Now that we have the fs's they sent us, try the 3242 * renames again. 3243 */ 3244 softerr = recv_incremental_replication(hdl, tofs, flags, 3245 stream_nv, stream_avl, NULL); 3246 } 3247 3248 if (raw && softerr == 0) { 3249 softerr = recv_fix_encryption_hierarchy(hdl, destname, 3250 stream_nv, stream_avl); 3251 } 3252 3253 out: 3254 fsavl_destroy(stream_avl); 3255 nvlist_free(stream_nv); 3256 if (softerr) 3257 error = -2; 3258 if (anyerr) 3259 error = -1; 3260 return (error); 3261 } 3262 3263 static void 3264 trunc_prop_errs(int truncated) 3265 { 3266 ASSERT(truncated != 0); 3267 3268 if (truncated == 1) 3269 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 3270 "1 more property could not be set\n")); 3271 else 3272 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, 3273 "%d more properties could not be set\n"), truncated); 3274 } 3275 3276 static int 3277 recv_skip(libzfs_handle_t *hdl, int fd, boolean_t byteswap) 3278 { 3279 dmu_replay_record_t *drr; 3280 void *buf = zfs_alloc(hdl, SPA_MAXBLOCKSIZE); 3281 char errbuf[1024]; 3282 3283 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 3284 "cannot receive:")); 3285 3286 /* XXX would be great to use lseek if possible... */ 3287 drr = buf; 3288 3289 while (recv_read(hdl, fd, drr, sizeof (dmu_replay_record_t), 3290 byteswap, NULL) == 0) { 3291 if (byteswap) 3292 drr->drr_type = BSWAP_32(drr->drr_type); 3293 3294 switch (drr->drr_type) { 3295 case DRR_BEGIN: 3296 if (drr->drr_payloadlen != 0) { 3297 (void) recv_read(hdl, fd, buf, 3298 drr->drr_payloadlen, B_FALSE, NULL); 3299 } 3300 break; 3301 3302 case DRR_END: 3303 free(buf); 3304 return (0); 3305 3306 case DRR_OBJECT: 3307 if (byteswap) { 3308 drr->drr_u.drr_object.drr_bonuslen = 3309 BSWAP_32(drr->drr_u.drr_object. 3310 drr_bonuslen); 3311 } 3312 (void) recv_read(hdl, fd, buf, 3313 P2ROUNDUP(drr->drr_u.drr_object.drr_bonuslen, 8), 3314 B_FALSE, NULL); 3315 break; 3316 3317 case DRR_WRITE: 3318 if (byteswap) { 3319 drr->drr_u.drr_write.drr_logical_size = 3320 BSWAP_64( 3321 drr->drr_u.drr_write.drr_logical_size); 3322 drr->drr_u.drr_write.drr_compressed_size = 3323 BSWAP_64( 3324 drr->drr_u.drr_write.drr_compressed_size); 3325 } 3326 uint64_t payload_size = 3327 DRR_WRITE_PAYLOAD_SIZE(&drr->drr_u.drr_write); 3328 (void) recv_read(hdl, fd, buf, 3329 payload_size, B_FALSE, NULL); 3330 break; 3331 case DRR_SPILL: 3332 if (byteswap) { 3333 drr->drr_u.drr_spill.drr_length = 3334 BSWAP_64(drr->drr_u.drr_spill.drr_length); 3335 } 3336 (void) recv_read(hdl, fd, buf, 3337 drr->drr_u.drr_spill.drr_length, B_FALSE, NULL); 3338 break; 3339 case DRR_WRITE_EMBEDDED: 3340 if (byteswap) { 3341 drr->drr_u.drr_write_embedded.drr_psize = 3342 BSWAP_32(drr->drr_u.drr_write_embedded. 3343 drr_psize); 3344 } 3345 (void) recv_read(hdl, fd, buf, 3346 P2ROUNDUP(drr->drr_u.drr_write_embedded.drr_psize, 3347 8), B_FALSE, NULL); 3348 break; 3349 case DRR_WRITE_BYREF: 3350 case DRR_FREEOBJECTS: 3351 case DRR_FREE: 3352 break; 3353 3354 default: 3355 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3356 "invalid record type")); 3357 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf)); 3358 } 3359 } 3360 3361 free(buf); 3362 return (-1); 3363 } 3364 3365 static void 3366 recv_ecksum_set_aux(libzfs_handle_t *hdl, const char *target_snap, 3367 boolean_t resumable) 3368 { 3369 char target_fs[ZFS_MAX_DATASET_NAME_LEN]; 3370 3371 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3372 "checksum mismatch or incomplete stream")); 3373 3374 if (!resumable) 3375 return; 3376 (void) strlcpy(target_fs, target_snap, sizeof (target_fs)); 3377 *strchr(target_fs, '@') = '\0'; 3378 zfs_handle_t *zhp = zfs_open(hdl, target_fs, 3379 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME); 3380 if (zhp == NULL) 3381 return; 3382 3383 char token_buf[ZFS_MAXPROPLEN]; 3384 int error = zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN, 3385 token_buf, sizeof (token_buf), 3386 NULL, NULL, 0, B_TRUE); 3387 if (error == 0) { 3388 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3389 "checksum mismatch or incomplete stream.\n" 3390 "Partially received snapshot is saved.\n" 3391 "A resuming stream can be generated on the sending " 3392 "system by running:\n" 3393 " zfs send -t %s"), 3394 token_buf); 3395 } 3396 zfs_close(zhp); 3397 } 3398 3399 /* 3400 * Prepare a new nvlist of properties that are to override (-o) or be excluded 3401 * (-x) from the received dataset 3402 * recvprops: received properties from the send stream 3403 * cmdprops: raw input properties from command line 3404 * origprops: properties, both locally-set and received, currently set on the 3405 * target dataset if it exists, NULL otherwise. 3406 * oxprops: valid output override (-o) and excluded (-x) properties 3407 */ 3408 static int 3409 zfs_setup_cmdline_props(libzfs_handle_t *hdl, zfs_type_t type, 3410 char *fsname, boolean_t zoned, boolean_t recursive, boolean_t newfs, 3411 boolean_t raw, boolean_t toplevel, nvlist_t *recvprops, nvlist_t *cmdprops, 3412 nvlist_t *origprops, nvlist_t **oxprops, uint8_t **wkeydata_out, 3413 uint_t *wkeylen_out, const char *errbuf) 3414 { 3415 nvpair_t *nvp; 3416 nvlist_t *oprops, *voprops; 3417 zfs_handle_t *zhp = NULL; 3418 zpool_handle_t *zpool_hdl = NULL; 3419 char *cp; 3420 int ret = 0; 3421 char namebuf[ZFS_MAX_DATASET_NAME_LEN]; 3422 3423 if (nvlist_empty(cmdprops)) 3424 return (0); /* No properties to override or exclude */ 3425 3426 *oxprops = fnvlist_alloc(); 3427 oprops = fnvlist_alloc(); 3428 3429 strlcpy(namebuf, fsname, ZFS_MAX_DATASET_NAME_LEN); 3430 3431 /* 3432 * Get our dataset handle. The target dataset may not exist yet. 3433 */ 3434 if (zfs_dataset_exists(hdl, namebuf, ZFS_TYPE_DATASET)) { 3435 zhp = zfs_open(hdl, namebuf, ZFS_TYPE_DATASET); 3436 if (zhp == NULL) { 3437 ret = -1; 3438 goto error; 3439 } 3440 } 3441 3442 /* open the zpool handle */ 3443 cp = strchr(namebuf, '/'); 3444 if (cp != NULL) 3445 *cp = '\0'; 3446 zpool_hdl = zpool_open(hdl, namebuf); 3447 if (zpool_hdl == NULL) { 3448 ret = -1; 3449 goto error; 3450 } 3451 3452 /* restore namebuf to match fsname for later use */ 3453 if (cp != NULL) 3454 *cp = '/'; 3455 3456 /* 3457 * first iteration: process excluded (-x) properties now and gather 3458 * added (-o) properties to be later processed by zfs_valid_proplist() 3459 */ 3460 nvp = NULL; 3461 while ((nvp = nvlist_next_nvpair(cmdprops, nvp)) != NULL) { 3462 const char *name = nvpair_name(nvp); 3463 zfs_prop_t prop = zfs_name_to_prop(name); 3464 3465 /* "origin" is processed separately, don't handle it here */ 3466 if (prop == ZFS_PROP_ORIGIN) 3467 continue; 3468 3469 /* 3470 * we're trying to override or exclude a property that does not 3471 * make sense for this type of dataset, but we don't want to 3472 * fail if the receive is recursive: this comes in handy when 3473 * the send stream contains, for instance, a child ZVOL and 3474 * we're trying to receive it with "-o atime=on" 3475 */ 3476 if (!zfs_prop_valid_for_type(prop, type) && 3477 !zfs_prop_user(name)) { 3478 if (recursive) 3479 continue; 3480 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3481 "property '%s' does not apply to datasets of this " 3482 "type"), name); 3483 ret = zfs_error(hdl, EZFS_BADPROP, errbuf); 3484 goto error; 3485 } 3486 3487 /* raw streams can't override encryption properties */ 3488 if ((zfs_prop_encryption_key_param(prop) || 3489 prop == ZFS_PROP_ENCRYPTION) && raw) { 3490 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3491 "encryption property '%s' cannot " 3492 "be set or excluded for raw streams."), name); 3493 ret = zfs_error(hdl, EZFS_BADPROP, errbuf); 3494 goto error; 3495 } 3496 3497 /* incremental streams can only exclude encryption properties */ 3498 if ((zfs_prop_encryption_key_param(prop) || 3499 prop == ZFS_PROP_ENCRYPTION) && !newfs && 3500 nvpair_type(nvp) != DATA_TYPE_BOOLEAN) { 3501 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3502 "encryption property '%s' cannot " 3503 "be set for incremental streams."), name); 3504 ret = zfs_error(hdl, EZFS_BADPROP, errbuf); 3505 goto error; 3506 } 3507 3508 switch (nvpair_type(nvp)) { 3509 case DATA_TYPE_BOOLEAN: /* -x property */ 3510 /* 3511 * DATA_TYPE_BOOLEAN is the way we're asked to "exclude" 3512 * a property: this is done by forcing an explicit 3513 * inherit on the destination so the effective value is 3514 * not the one we received from the send stream. 3515 * We do this only if the property is not already 3516 * locally-set, in which case its value will take 3517 * priority over the received anyway. 3518 */ 3519 if (nvlist_exists(origprops, name)) { 3520 nvlist_t *attrs; 3521 char *source = NULL; 3522 3523 attrs = fnvlist_lookup_nvlist(origprops, name); 3524 if (nvlist_lookup_string(attrs, 3525 ZPROP_SOURCE, &source) == 0 && 3526 strcmp(source, ZPROP_SOURCE_VAL_RECVD) != 0) 3527 continue; 3528 } 3529 /* 3530 * We can't force an explicit inherit on non-inheritable 3531 * properties: if we're asked to exclude this kind of 3532 * values we remove them from "recvprops" input nvlist. 3533 */ 3534 if (!zfs_prop_inheritable(prop) && 3535 !zfs_prop_user(name) && /* can be inherited too */ 3536 nvlist_exists(recvprops, name)) 3537 fnvlist_remove(recvprops, name); 3538 else 3539 fnvlist_add_nvpair(*oxprops, nvp); 3540 break; 3541 case DATA_TYPE_STRING: /* -o property=value */ 3542 fnvlist_add_nvpair(oprops, nvp); 3543 break; 3544 default: 3545 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3546 "property '%s' must be a string or boolean"), name); 3547 ret = zfs_error(hdl, EZFS_BADPROP, errbuf); 3548 goto error; 3549 } 3550 } 3551 3552 if (toplevel) { 3553 /* convert override strings properties to native */ 3554 if ((voprops = zfs_valid_proplist(hdl, ZFS_TYPE_DATASET, 3555 oprops, zoned, zhp, zpool_hdl, B_FALSE, errbuf)) == NULL) { 3556 ret = zfs_error(hdl, EZFS_BADPROP, errbuf); 3557 goto error; 3558 } 3559 3560 /* 3561 * zfs_crypto_create() requires the parent name. Get it 3562 * by truncating the fsname copy stored in namebuf. 3563 */ 3564 cp = strrchr(namebuf, '/'); 3565 if (cp != NULL) 3566 *cp = '\0'; 3567 3568 if (!raw && zfs_crypto_create(hdl, namebuf, voprops, NULL, 3569 B_FALSE, wkeydata_out, wkeylen_out) != 0) { 3570 fnvlist_free(voprops); 3571 ret = zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf); 3572 goto error; 3573 } 3574 3575 /* second pass: process "-o" properties */ 3576 fnvlist_merge(*oxprops, voprops); 3577 fnvlist_free(voprops); 3578 } else { 3579 /* override props on child dataset are inherited */ 3580 nvp = NULL; 3581 while ((nvp = nvlist_next_nvpair(oprops, nvp)) != NULL) { 3582 const char *name = nvpair_name(nvp); 3583 fnvlist_add_boolean(*oxprops, name); 3584 } 3585 } 3586 3587 error: 3588 if (zhp != NULL) 3589 zfs_close(zhp); 3590 if (zpool_hdl != NULL) 3591 zpool_close(zpool_hdl); 3592 fnvlist_free(oprops); 3593 return (ret); 3594 } 3595 3596 /* 3597 * Restores a backup of tosnap from the file descriptor specified by infd. 3598 */ 3599 static int 3600 zfs_receive_one(libzfs_handle_t *hdl, int infd, const char *tosnap, 3601 const char *originsnap, recvflags_t *flags, dmu_replay_record_t *drr, 3602 dmu_replay_record_t *drr_noswap, const char *sendfs, nvlist_t *stream_nv, 3603 avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd, 3604 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops) 3605 { 3606 time_t begin_time; 3607 int ioctl_err, ioctl_errno, err; 3608 char *cp; 3609 struct drr_begin *drrb = &drr->drr_u.drr_begin; 3610 char errbuf[1024]; 3611 const char *chopprefix; 3612 boolean_t newfs = B_FALSE; 3613 boolean_t stream_wantsnewfs; 3614 boolean_t newprops = B_FALSE; 3615 uint64_t read_bytes = 0; 3616 uint64_t errflags = 0; 3617 uint64_t parent_snapguid = 0; 3618 prop_changelist_t *clp = NULL; 3619 nvlist_t *snapprops_nvlist = NULL; 3620 nvlist_t *snapholds_nvlist = NULL; 3621 zprop_errflags_t prop_errflags; 3622 nvlist_t *prop_errors = NULL; 3623 boolean_t recursive; 3624 char *snapname = NULL; 3625 char destsnap[MAXPATHLEN * 2]; 3626 char origin[MAXNAMELEN]; 3627 char name[MAXPATHLEN]; 3628 char tmp_keylocation[MAXNAMELEN]; 3629 nvlist_t *rcvprops = NULL; /* props received from the send stream */ 3630 nvlist_t *oxprops = NULL; /* override (-o) and exclude (-x) props */ 3631 nvlist_t *origprops = NULL; /* original props (if destination exists) */ 3632 zfs_type_t type; 3633 boolean_t toplevel = B_FALSE; 3634 boolean_t zoned = B_FALSE; 3635 boolean_t hastoken = B_FALSE; 3636 uint8_t *wkeydata = NULL; 3637 uint_t wkeylen = 0; 3638 3639 begin_time = time(NULL); 3640 bzero(origin, MAXNAMELEN); 3641 bzero(tmp_keylocation, MAXNAMELEN); 3642 3643 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 3644 "cannot receive")); 3645 3646 recursive = (nvlist_lookup_boolean(stream_nv, "not_recursive") == 3647 ENOENT); 3648 3649 /* Did the user request holds be skipped via zfs recv -k? */ 3650 boolean_t holds = flags->holds && !flags->skipholds; 3651 3652 if (stream_avl != NULL) { 3653 char *keylocation = NULL; 3654 nvlist_t *lookup = NULL; 3655 nvlist_t *fs = fsavl_find(stream_avl, drrb->drr_toguid, 3656 &snapname); 3657 3658 (void) nvlist_lookup_uint64(fs, "parentfromsnap", 3659 &parent_snapguid); 3660 err = nvlist_lookup_nvlist(fs, "props", &rcvprops); 3661 if (err) { 3662 VERIFY(0 == nvlist_alloc(&rcvprops, NV_UNIQUE_NAME, 0)); 3663 newprops = B_TRUE; 3664 } 3665 /* 3666 * The keylocation property may only be set on encryption roots, 3667 * but this dataset might not become an encryption root until 3668 * recv_fix_encryption_hierarchy() is called. That function 3669 * will fixup the keylocation anyway, so we temporarily unset 3670 * the keylocation for now to avoid any errors from the receive 3671 * ioctl. 3672 */ 3673 err = nvlist_lookup_string(rcvprops, 3674 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), &keylocation); 3675 if (err == 0) { 3676 (void) strcpy(tmp_keylocation, keylocation); 3677 (void) nvlist_remove_all(rcvprops, 3678 zfs_prop_to_name(ZFS_PROP_KEYLOCATION)); 3679 } 3680 3681 if (flags->canmountoff) { 3682 VERIFY(0 == nvlist_add_uint64(rcvprops, 3683 zfs_prop_to_name(ZFS_PROP_CANMOUNT), 0)); 3684 } else if (newprops) { /* nothing in rcvprops, eliminate it */ 3685 nvlist_free(rcvprops); 3686 rcvprops = NULL; 3687 newprops = B_FALSE; 3688 } 3689 if (0 == nvlist_lookup_nvlist(fs, "snapprops", &lookup)) { 3690 VERIFY(0 == nvlist_lookup_nvlist(lookup, 3691 snapname, &snapprops_nvlist)); 3692 } 3693 if (holds) { 3694 if (0 == nvlist_lookup_nvlist(fs, "snapholds", 3695 &lookup)) { 3696 VERIFY(0 == nvlist_lookup_nvlist(lookup, 3697 snapname, &snapholds_nvlist)); 3698 } 3699 } 3700 } 3701 3702 cp = NULL; 3703 3704 /* 3705 * Determine how much of the snapshot name stored in the stream 3706 * we are going to tack on to the name they specified on the 3707 * command line, and how much we are going to chop off. 3708 * 3709 * If they specified a snapshot, chop the entire name stored in 3710 * the stream. 3711 */ 3712 if (flags->istail) { 3713 /* 3714 * A filesystem was specified with -e. We want to tack on only 3715 * the tail of the sent snapshot path. 3716 */ 3717 if (strchr(tosnap, '@')) { 3718 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid " 3719 "argument - snapshot not allowed with -e")); 3720 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf); 3721 goto out; 3722 } 3723 3724 chopprefix = strrchr(sendfs, '/'); 3725 3726 if (chopprefix == NULL) { 3727 /* 3728 * The tail is the poolname, so we need to 3729 * prepend a path separator. 3730 */ 3731 int len = strlen(drrb->drr_toname); 3732 cp = malloc(len + 2); 3733 cp[0] = '/'; 3734 (void) strcpy(&cp[1], drrb->drr_toname); 3735 chopprefix = cp; 3736 } else { 3737 chopprefix = drrb->drr_toname + (chopprefix - sendfs); 3738 } 3739 } else if (flags->isprefix) { 3740 /* 3741 * A filesystem was specified with -d. We want to tack on 3742 * everything but the first element of the sent snapshot path 3743 * (all but the pool name). 3744 */ 3745 if (strchr(tosnap, '@')) { 3746 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid " 3747 "argument - snapshot not allowed with -d")); 3748 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf); 3749 goto out; 3750 } 3751 3752 chopprefix = strchr(drrb->drr_toname, '/'); 3753 if (chopprefix == NULL) 3754 chopprefix = strchr(drrb->drr_toname, '@'); 3755 } else if (strchr(tosnap, '@') == NULL) { 3756 /* 3757 * If a filesystem was specified without -d or -e, we want to 3758 * tack on everything after the fs specified by 'zfs send'. 3759 */ 3760 chopprefix = drrb->drr_toname + strlen(sendfs); 3761 } else { 3762 /* A snapshot was specified as an exact path (no -d or -e). */ 3763 if (recursive) { 3764 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3765 "cannot specify snapshot name for multi-snapshot " 3766 "stream")); 3767 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf); 3768 goto out; 3769 } 3770 chopprefix = drrb->drr_toname + strlen(drrb->drr_toname); 3771 } 3772 3773 ASSERT(strstr(drrb->drr_toname, sendfs) == drrb->drr_toname); 3774 ASSERT(chopprefix > drrb->drr_toname); 3775 ASSERT(chopprefix <= drrb->drr_toname + strlen(drrb->drr_toname)); 3776 ASSERT(chopprefix[0] == '/' || chopprefix[0] == '@' || 3777 chopprefix[0] == '\0'); 3778 3779 /* 3780 * Determine name of destination snapshot, store in zc_value. 3781 */ 3782 (void) strlcpy(destsnap, tosnap, sizeof (destsnap)); 3783 (void) strlcat(destsnap, chopprefix, sizeof (destsnap)); 3784 free(cp); 3785 if (!zfs_name_valid(destsnap, ZFS_TYPE_SNAPSHOT)) { 3786 err = zfs_error(hdl, EZFS_INVALIDNAME, errbuf); 3787 goto out; 3788 } 3789 3790 /* 3791 * Determine the name of the origin snapshot, store in zc_string. 3792 */ 3793 if (originsnap) { 3794 (void) strlcpy(origin, originsnap, sizeof (origin)); 3795 if (flags->verbose) 3796 (void) printf("using provided clone origin %s\n", 3797 origin); 3798 } else if (drrb->drr_flags & DRR_FLAG_CLONE) { 3799 if (guid_to_name(hdl, destsnap, 3800 drrb->drr_fromguid, B_FALSE, origin) != 0) { 3801 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3802 "local origin for clone %s does not exist"), 3803 destsnap); 3804 err = zfs_error(hdl, EZFS_NOENT, errbuf); 3805 goto out; 3806 } 3807 if (flags->verbose) 3808 (void) printf("found clone origin %s\n", origin); 3809 } 3810 3811 boolean_t resuming = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) & 3812 DMU_BACKUP_FEATURE_RESUMING; 3813 boolean_t raw = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) & 3814 DMU_BACKUP_FEATURE_RAW; 3815 boolean_t embedded = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) & 3816 DMU_BACKUP_FEATURE_EMBED_DATA; 3817 stream_wantsnewfs = (drrb->drr_fromguid == 0 || 3818 (drrb->drr_flags & DRR_FLAG_CLONE) || originsnap) && !resuming; 3819 3820 if (stream_wantsnewfs) { 3821 /* 3822 * if the parent fs does not exist, look for it based on 3823 * the parent snap GUID 3824 */ 3825 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 3826 "cannot receive new filesystem stream")); 3827 3828 (void) strcpy(name, destsnap); 3829 cp = strrchr(name, '/'); 3830 if (cp) 3831 *cp = '\0'; 3832 if (cp && 3833 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) { 3834 char suffix[ZFS_MAX_DATASET_NAME_LEN]; 3835 (void) strcpy(suffix, strrchr(destsnap, '/')); 3836 if (guid_to_name(hdl, name, parent_snapguid, 3837 B_FALSE, destsnap) == 0) { 3838 *strchr(destsnap, '@') = '\0'; 3839 (void) strcat(destsnap, suffix); 3840 } 3841 } 3842 } else { 3843 /* 3844 * if the fs does not exist, look for it based on the 3845 * fromsnap GUID 3846 */ 3847 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 3848 "cannot receive incremental stream")); 3849 3850 (void) strcpy(name, destsnap); 3851 *strchr(name, '@') = '\0'; 3852 3853 /* 3854 * If the exact receive path was specified and this is the 3855 * topmost path in the stream, then if the fs does not exist we 3856 * should look no further. 3857 */ 3858 if ((flags->isprefix || (*(chopprefix = drrb->drr_toname + 3859 strlen(sendfs)) != '\0' && *chopprefix != '@')) && 3860 !zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) { 3861 char snap[ZFS_MAX_DATASET_NAME_LEN]; 3862 (void) strcpy(snap, strchr(destsnap, '@')); 3863 if (guid_to_name(hdl, name, drrb->drr_fromguid, 3864 B_FALSE, destsnap) == 0) { 3865 *strchr(destsnap, '@') = '\0'; 3866 (void) strcat(destsnap, snap); 3867 } 3868 } 3869 } 3870 3871 (void) strcpy(name, destsnap); 3872 *strchr(name, '@') = '\0'; 3873 3874 if (zfs_dataset_exists(hdl, name, ZFS_TYPE_DATASET)) { 3875 zfs_cmd_t zc = { 0 }; 3876 zfs_handle_t *zhp; 3877 boolean_t encrypted; 3878 3879 (void) strcpy(zc.zc_name, name); 3880 3881 /* 3882 * Destination fs exists. It must be one of these cases: 3883 * - an incremental send stream 3884 * - the stream specifies a new fs (full stream or clone) 3885 * and they want us to blow away the existing fs (and 3886 * have therefore specified -F and removed any snapshots) 3887 * - we are resuming a failed receive. 3888 */ 3889 if (stream_wantsnewfs) { 3890 if (!flags->force) { 3891 zcmd_free_nvlists(&zc); 3892 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3893 "destination '%s' exists\n" 3894 "must specify -F to overwrite it"), name); 3895 err = zfs_error(hdl, EZFS_EXISTS, errbuf); 3896 goto out; 3897 } 3898 if (ioctl(hdl->libzfs_fd, ZFS_IOC_SNAPSHOT_LIST_NEXT, 3899 &zc) == 0) { 3900 zcmd_free_nvlists(&zc); 3901 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3902 "destination has snapshots (eg. %s)\n" 3903 "must destroy them to overwrite it"), 3904 zc.zc_name); 3905 err = zfs_error(hdl, EZFS_EXISTS, errbuf); 3906 goto out; 3907 } 3908 } 3909 3910 if ((zhp = zfs_open(hdl, name, 3911 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME)) == NULL) { 3912 zcmd_free_nvlists(&zc); 3913 err = -1; 3914 goto out; 3915 } 3916 3917 if (stream_wantsnewfs && 3918 zhp->zfs_dmustats.dds_origin[0]) { 3919 zcmd_free_nvlists(&zc); 3920 zfs_close(zhp); 3921 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3922 "destination '%s' is a clone\n" 3923 "must destroy it to overwrite it"), name); 3924 err = zfs_error(hdl, EZFS_EXISTS, errbuf); 3925 goto out; 3926 } 3927 3928 /* 3929 * Raw sends can not be performed as an incremental on top 3930 * of existing unencrypted datasets. zfs recv -F cant be 3931 * used to blow away an existing encrypted filesystem. This 3932 * is because it would require the dsl dir to point to the 3933 * new key (or lack of a key) and the old key at the same 3934 * time. The -F flag may still be used for deleting 3935 * intermediate snapshots that would otherwise prevent the 3936 * receive from working. 3937 */ 3938 encrypted = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != 3939 ZIO_CRYPT_OFF; 3940 if (!stream_wantsnewfs && !encrypted && raw) { 3941 zfs_close(zhp); 3942 zcmd_free_nvlists(&zc); 3943 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3944 "cannot perform raw receive on top of " 3945 "existing unencrypted dataset")); 3946 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf); 3947 goto out; 3948 } 3949 3950 if (stream_wantsnewfs && flags->force && 3951 ((raw && !encrypted) || encrypted)) { 3952 zfs_close(zhp); 3953 zcmd_free_nvlists(&zc); 3954 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 3955 "zfs receive -F cannot be used to destroy an " 3956 "encrypted filesystem or overwrite an " 3957 "unencrypted one with an encrypted one")); 3958 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf); 3959 goto out; 3960 } 3961 3962 if (!flags->dryrun && zhp->zfs_type == ZFS_TYPE_FILESYSTEM && 3963 stream_wantsnewfs) { 3964 /* We can't do online recv in this case */ 3965 clp = changelist_gather(zhp, ZFS_PROP_NAME, 0, 0); 3966 if (clp == NULL) { 3967 zfs_close(zhp); 3968 err = -1; 3969 goto out; 3970 } 3971 if (changelist_prefix(clp) != 0) { 3972 changelist_free(clp); 3973 zfs_close(zhp); 3974 err = -1; 3975 goto out; 3976 } 3977 } 3978 3979 /* 3980 * If we are resuming a newfs, set newfs here so that we will 3981 * mount it if the recv succeeds this time. We can tell 3982 * that it was a newfs on the first recv because the fs 3983 * itself will be inconsistent (if the fs existed when we 3984 * did the first recv, we would have received it into 3985 * .../%recv). 3986 */ 3987 if (resuming && zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT)) 3988 newfs = B_TRUE; 3989 3990 /* we want to know if we're zoned when validating -o|-x props */ 3991 zoned = zfs_prop_get_int(zhp, ZFS_PROP_ZONED); 3992 3993 /* may need this info later, get it now we have zhp around */ 3994 if (zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN, NULL, 0, 3995 NULL, NULL, 0, B_TRUE) == 0) 3996 hastoken = B_TRUE; 3997 3998 /* gather existing properties on destination */ 3999 origprops = fnvlist_alloc(); 4000 fnvlist_merge(origprops, zhp->zfs_props); 4001 fnvlist_merge(origprops, zhp->zfs_user_props); 4002 4003 zfs_close(zhp); 4004 cp = NULL; 4005 } else { 4006 zfs_handle_t *zhp; 4007 4008 /* 4009 * Destination filesystem does not exist. Therefore we better 4010 * be creating a new filesystem (either from a full backup, or 4011 * a clone). It would therefore be invalid if the user 4012 * specified only the pool name (i.e. if the destination name 4013 * contained no slash character). 4014 */ 4015 cp = strrchr(name, '/'); 4016 4017 if (!stream_wantsnewfs || cp == NULL) { 4018 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4019 "destination '%s' does not exist"), name); 4020 err = zfs_error(hdl, EZFS_NOENT, errbuf); 4021 goto out; 4022 } 4023 4024 /* 4025 * Trim off the final dataset component so we perform the 4026 * recvbackup ioctl to the filesystems's parent. 4027 */ 4028 *cp = '\0'; 4029 4030 if (flags->isprefix && !flags->istail && !flags->dryrun && 4031 create_parents(hdl, destsnap, strlen(tosnap)) != 0) { 4032 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf); 4033 goto out; 4034 } 4035 4036 /* validate parent */ 4037 zhp = zfs_open(hdl, name, ZFS_TYPE_DATASET); 4038 if (zhp == NULL) { 4039 err = zfs_error(hdl, EZFS_BADRESTORE, errbuf); 4040 goto out; 4041 } 4042 if (zfs_get_type(zhp) != ZFS_TYPE_FILESYSTEM) { 4043 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4044 "parent '%s' is not a filesystem"), name); 4045 err = zfs_error(hdl, EZFS_WRONG_PARENT, errbuf); 4046 zfs_close(zhp); 4047 goto out; 4048 } 4049 4050 /* 4051 * It is invalid to receive a properties stream that was 4052 * unencrypted on the send side as a child of an encrypted 4053 * parent. Technically there is nothing preventing this, but 4054 * it would mean that the encryption=off property which is 4055 * locally set on the send side would not be received correctly. 4056 * We can infer encryption=off if the stream is not raw and 4057 * properties were included since the send side will only ever 4058 * send the encryption property in a raw nvlist header. This 4059 * check will be avoided if the user specifically overrides 4060 * the encryption property on the command line. 4061 */ 4062 if (!raw && rcvprops != NULL && 4063 !nvlist_exists(cmdprops, 4064 zfs_prop_to_name(ZFS_PROP_ENCRYPTION))) { 4065 uint64_t crypt; 4066 4067 crypt = zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION); 4068 4069 if (crypt != ZIO_CRYPT_OFF) { 4070 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4071 "parent '%s' must not be encrypted to " 4072 "receive unenecrypted property"), name); 4073 err = zfs_error(hdl, EZFS_BADPROP, errbuf); 4074 zfs_close(zhp); 4075 goto out; 4076 } 4077 } 4078 zfs_close(zhp); 4079 4080 newfs = B_TRUE; 4081 *cp = '/'; 4082 } 4083 4084 if (flags->verbose) { 4085 (void) printf("%s %s stream of %s into %s\n", 4086 flags->dryrun ? "would receive" : "receiving", 4087 drrb->drr_fromguid ? "incremental" : "full", 4088 drrb->drr_toname, destsnap); 4089 (void) fflush(stdout); 4090 } 4091 4092 if (flags->dryrun) { 4093 err = recv_skip(hdl, infd, flags->byteswap); 4094 goto out; 4095 } 4096 4097 if (top_zfs && (*top_zfs == NULL || strcmp(*top_zfs, name) == 0)) 4098 toplevel = B_TRUE; 4099 if (drrb->drr_type == DMU_OST_ZVOL) { 4100 type = ZFS_TYPE_VOLUME; 4101 } else if (drrb->drr_type == DMU_OST_ZFS) { 4102 type = ZFS_TYPE_FILESYSTEM; 4103 } else { 4104 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4105 "invalid record type: 0x%d"), drrb->drr_type); 4106 err = zfs_error(hdl, EZFS_BADSTREAM, errbuf); 4107 goto out; 4108 } 4109 if ((err = zfs_setup_cmdline_props(hdl, type, name, zoned, recursive, 4110 stream_wantsnewfs, raw, toplevel, rcvprops, cmdprops, origprops, 4111 &oxprops, &wkeydata, &wkeylen, errbuf)) != 0) 4112 goto out; 4113 4114 /* 4115 * The following is a difference between ZoL and illumos. 4116 * 4117 * On illumos, we must trim the last component of the dataset name 4118 * that is passed via the ioctl so that we can properly validate 4119 * zfs_secpolicy_recv() when receiving to a delegated dataset within 4120 * zone. This matches the historical behavior of the receive ioctl. 4121 * However, we can't do this until after zfs_setup_cmdline_props() 4122 * has finished with the full name. 4123 */ 4124 if (cp != NULL) 4125 *cp = '\0'; 4126 4127 err = ioctl_err = lzc_receive_with_cmdprops(destsnap, rcvprops, 4128 oxprops, wkeydata, wkeylen, origin, flags->force, flags->resumable, 4129 raw, infd, drr_noswap, cleanup_fd, &read_bytes, &errflags, 4130 action_handlep, &prop_errors); 4131 ioctl_errno = errno; 4132 prop_errflags = errflags; 4133 4134 if (err == 0) { 4135 nvpair_t *prop_err = NULL; 4136 4137 while ((prop_err = nvlist_next_nvpair(prop_errors, 4138 prop_err)) != NULL) { 4139 char tbuf[1024]; 4140 zfs_prop_t prop; 4141 int intval; 4142 4143 prop = zfs_name_to_prop(nvpair_name(prop_err)); 4144 (void) nvpair_value_int32(prop_err, &intval); 4145 if (strcmp(nvpair_name(prop_err), 4146 ZPROP_N_MORE_ERRORS) == 0) { 4147 trunc_prop_errs(intval); 4148 break; 4149 } else if (snapname == NULL || finalsnap == NULL || 4150 strcmp(finalsnap, snapname) == 0 || 4151 strcmp(nvpair_name(prop_err), 4152 zfs_prop_to_name(ZFS_PROP_REFQUOTA)) != 0) { 4153 /* 4154 * Skip the special case of, for example, 4155 * "refquota", errors on intermediate 4156 * snapshots leading up to a final one. 4157 * That's why we have all of the checks above. 4158 * 4159 * See zfs_ioctl.c's extract_delay_props() for 4160 * a list of props which can fail on 4161 * intermediate snapshots, but shouldn't 4162 * affect the overall receive. 4163 */ 4164 (void) snprintf(tbuf, sizeof (tbuf), 4165 dgettext(TEXT_DOMAIN, 4166 "cannot receive %s property on %s"), 4167 nvpair_name(prop_err), name); 4168 zfs_setprop_error(hdl, prop, intval, tbuf); 4169 } 4170 } 4171 nvlist_free(prop_errors); 4172 } 4173 4174 if (err == 0 && snapprops_nvlist) { 4175 zfs_cmd_t zc = { 0 }; 4176 4177 (void) strcpy(zc.zc_name, destsnap); 4178 zc.zc_cookie = B_TRUE; /* received */ 4179 if (zcmd_write_src_nvlist(hdl, &zc, snapprops_nvlist) == 0) { 4180 (void) zfs_ioctl(hdl, ZFS_IOC_SET_PROP, &zc); 4181 zcmd_free_nvlists(&zc); 4182 } 4183 } 4184 if (err == 0 && snapholds_nvlist) { 4185 nvpair_t *pair; 4186 nvlist_t *holds, *errors = NULL; 4187 int cleanup_fd = -1; 4188 4189 VERIFY(0 == nvlist_alloc(&holds, 0, KM_SLEEP)); 4190 for (pair = nvlist_next_nvpair(snapholds_nvlist, NULL); 4191 pair != NULL; 4192 pair = nvlist_next_nvpair(snapholds_nvlist, pair)) { 4193 VERIFY(0 == nvlist_add_string(holds, destsnap, 4194 nvpair_name(pair))); 4195 } 4196 (void) lzc_hold(holds, cleanup_fd, &errors); 4197 nvlist_free(snapholds_nvlist); 4198 nvlist_free(holds); 4199 } 4200 4201 if (err && (ioctl_errno == ENOENT || ioctl_errno == EEXIST)) { 4202 /* 4203 * It may be that this snapshot already exists, 4204 * in which case we want to consume & ignore it 4205 * rather than failing. 4206 */ 4207 avl_tree_t *local_avl; 4208 nvlist_t *local_nv, *fs; 4209 cp = strchr(destsnap, '@'); 4210 4211 /* 4212 * XXX Do this faster by just iterating over snaps in 4213 * this fs. Also if zc_value does not exist, we will 4214 * get a strange "does not exist" error message. 4215 */ 4216 *cp = '\0'; 4217 if (gather_nvlist(hdl, destsnap, NULL, NULL, B_FALSE, B_TRUE, 4218 B_FALSE, B_FALSE, B_FALSE, B_TRUE, 4219 &local_nv, &local_avl) == 0) { 4220 *cp = '@'; 4221 fs = fsavl_find(local_avl, drrb->drr_toguid, NULL); 4222 fsavl_destroy(local_avl); 4223 nvlist_free(local_nv); 4224 4225 if (fs != NULL) { 4226 if (flags->verbose) { 4227 (void) printf("snap %s already exists; " 4228 "ignoring\n", destsnap); 4229 } 4230 err = ioctl_err = recv_skip(hdl, infd, 4231 flags->byteswap); 4232 } 4233 } 4234 *cp = '@'; 4235 } 4236 4237 if (ioctl_err != 0) { 4238 switch (ioctl_errno) { 4239 case ENODEV: 4240 cp = strchr(destsnap, '@'); 4241 *cp = '\0'; 4242 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4243 "most recent snapshot of %s does not\n" 4244 "match incremental source"), destsnap); 4245 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf); 4246 *cp = '@'; 4247 break; 4248 case ETXTBSY: 4249 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4250 "destination %s has been modified\n" 4251 "since most recent snapshot"), name); 4252 (void) zfs_error(hdl, EZFS_BADRESTORE, errbuf); 4253 break; 4254 case EACCES: 4255 if (raw && stream_wantsnewfs) { 4256 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4257 "failed to create encryption key")); 4258 } else if (raw && !stream_wantsnewfs) { 4259 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4260 "encryption key does not match " 4261 "existing key")); 4262 } else { 4263 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4264 "inherited key must be loaded")); 4265 } 4266 (void) zfs_error(hdl, EZFS_CRYPTOFAILED, errbuf); 4267 break; 4268 case EEXIST: 4269 cp = strchr(destsnap, '@'); 4270 if (newfs) { 4271 /* it's the containing fs that exists */ 4272 *cp = '\0'; 4273 } 4274 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4275 "destination already exists")); 4276 (void) zfs_error_fmt(hdl, EZFS_EXISTS, 4277 dgettext(TEXT_DOMAIN, "cannot restore to %s"), 4278 destsnap); 4279 *cp = '@'; 4280 break; 4281 case EINVAL: 4282 if (embedded && !raw) 4283 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4284 "incompatible embedded data stream " 4285 "feature with encrypted receive.")); 4286 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf); 4287 break; 4288 case ECKSUM: 4289 recv_ecksum_set_aux(hdl, destsnap, flags->resumable); 4290 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf); 4291 break; 4292 case ENOTSUP: 4293 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4294 "pool must be upgraded to receive this stream.")); 4295 (void) zfs_error(hdl, EZFS_BADVERSION, errbuf); 4296 break; 4297 case EDQUOT: 4298 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4299 "destination %s space quota exceeded."), name); 4300 (void) zfs_error(hdl, EZFS_NOSPC, errbuf); 4301 break; 4302 case ZFS_ERR_FROM_IVSET_GUID_MISSING: 4303 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4304 "IV set guid missing. See errata %u at" 4305 "http://zfsonlinux.org/msg/ZFS-8000-ER"), 4306 ZPOOL_ERRATA_ZOL_8308_ENCRYPTION); 4307 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf); 4308 break; 4309 case ZFS_ERR_FROM_IVSET_GUID_MISMATCH: 4310 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4311 "IV set guid mismatch. See the 'zfs receive' " 4312 "man page section\n discussing the limitations " 4313 "of raw encrypted send streams.")); 4314 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf); 4315 break; 4316 case ZFS_ERR_SPILL_BLOCK_FLAG_MISSING: 4317 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4318 "Spill block flag missing for raw send.\n" 4319 "The zfs software on the sending system must " 4320 "be updated.")); 4321 (void) zfs_error(hdl, EZFS_BADSTREAM, errbuf); 4322 break; 4323 case EBUSY: 4324 if (hastoken) { 4325 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4326 "destination %s contains " 4327 "partially-complete state from " 4328 "\"zfs receive -s\"."), name); 4329 (void) zfs_error(hdl, EZFS_BUSY, errbuf); 4330 break; 4331 } 4332 /* fallthru */ 4333 default: 4334 (void) zfs_standard_error(hdl, ioctl_errno, errbuf); 4335 } 4336 } 4337 4338 /* 4339 * Mount the target filesystem (if created). Also mount any 4340 * children of the target filesystem if we did a replication 4341 * receive (indicated by stream_avl being non-NULL). 4342 */ 4343 cp = strchr(destsnap, '@'); 4344 if (cp && (ioctl_err == 0 || !newfs)) { 4345 zfs_handle_t *h; 4346 4347 *cp = '\0'; 4348 h = zfs_open(hdl, destsnap, 4349 ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME); 4350 if (h != NULL) { 4351 if (h->zfs_type == ZFS_TYPE_VOLUME) { 4352 *cp = '@'; 4353 } else if (newfs || stream_avl) { 4354 /* 4355 * Track the first/top of hierarchy fs, 4356 * for mounting and sharing later. 4357 */ 4358 if (top_zfs && *top_zfs == NULL) 4359 *top_zfs = zfs_strdup(hdl, destsnap); 4360 } 4361 zfs_close(h); 4362 } 4363 *cp = '@'; 4364 } 4365 4366 if (clp) { 4367 if (!flags->nomount) 4368 err |= changelist_postfix(clp); 4369 changelist_free(clp); 4370 } 4371 4372 if (prop_errflags & ZPROP_ERR_NOCLEAR) { 4373 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: " 4374 "failed to clear unreceived properties on %s"), name); 4375 (void) fprintf(stderr, "\n"); 4376 } 4377 if (prop_errflags & ZPROP_ERR_NORESTORE) { 4378 (void) fprintf(stderr, dgettext(TEXT_DOMAIN, "Warning: " 4379 "failed to restore original properties on %s"), name); 4380 (void) fprintf(stderr, "\n"); 4381 } 4382 4383 if (err || ioctl_err) { 4384 err = -1; 4385 goto out; 4386 } 4387 4388 if (flags->verbose) { 4389 char buf1[64]; 4390 char buf2[64]; 4391 uint64_t bytes = read_bytes; 4392 time_t delta = time(NULL) - begin_time; 4393 if (delta == 0) 4394 delta = 1; 4395 zfs_nicenum(bytes, buf1, sizeof (buf1)); 4396 zfs_nicenum(bytes/delta, buf2, sizeof (buf1)); 4397 4398 (void) printf("received %sB stream in %lu seconds (%sB/sec)\n", 4399 buf1, delta, buf2); 4400 } 4401 4402 err = 0; 4403 out: 4404 4405 if (tmp_keylocation[0] != '\0') { 4406 VERIFY(0 == nvlist_add_string(rcvprops, 4407 zfs_prop_to_name(ZFS_PROP_KEYLOCATION), tmp_keylocation)); 4408 } 4409 4410 if (newprops) 4411 nvlist_free(rcvprops); 4412 4413 nvlist_free(oxprops); 4414 nvlist_free(origprops); 4415 4416 return (err); 4417 } 4418 4419 /* 4420 * Check properties we were asked to override (both -o|-x) 4421 */ 4422 static boolean_t 4423 zfs_receive_checkprops(libzfs_handle_t *hdl, nvlist_t *props, 4424 const char *errbuf) 4425 { 4426 nvpair_t *nvp; 4427 zfs_prop_t prop; 4428 const char *name; 4429 4430 nvp = NULL; 4431 while ((nvp = nvlist_next_nvpair(props, nvp)) != NULL) { 4432 name = nvpair_name(nvp); 4433 prop = zfs_name_to_prop(name); 4434 4435 if (prop == ZPROP_INVAL) { 4436 if (!zfs_prop_user(name)) { 4437 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4438 "invalid property '%s'"), name); 4439 return (B_FALSE); 4440 } 4441 continue; 4442 } 4443 /* 4444 * "origin" is readonly but is used to receive datasets as 4445 * clones so we don't raise an error here 4446 */ 4447 if (prop == ZFS_PROP_ORIGIN) 4448 continue; 4449 4450 /* encryption params have their own verification later */ 4451 if (prop == ZFS_PROP_ENCRYPTION || 4452 zfs_prop_encryption_key_param(prop)) 4453 continue; 4454 4455 /* 4456 * cannot override readonly, set-once and other specific 4457 * settable properties 4458 */ 4459 if (zfs_prop_readonly(prop) || prop == ZFS_PROP_VERSION || 4460 prop == ZFS_PROP_VOLSIZE) { 4461 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4462 "invalid property '%s'"), name); 4463 return (B_FALSE); 4464 } 4465 } 4466 4467 return (B_TRUE); 4468 } 4469 4470 static int 4471 zfs_receive_impl(libzfs_handle_t *hdl, const char *tosnap, 4472 const char *originsnap, recvflags_t *flags, int infd, const char *sendfs, 4473 nvlist_t *stream_nv, avl_tree_t *stream_avl, char **top_zfs, int cleanup_fd, 4474 uint64_t *action_handlep, const char *finalsnap, nvlist_t *cmdprops) 4475 { 4476 int err; 4477 dmu_replay_record_t drr, drr_noswap; 4478 struct drr_begin *drrb = &drr.drr_u.drr_begin; 4479 char errbuf[1024]; 4480 zio_cksum_t zcksum = { 0 }; 4481 uint64_t featureflags; 4482 int hdrtype; 4483 4484 (void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN, 4485 "cannot receive")); 4486 4487 /* check cmdline props, raise an error if they cannot be received */ 4488 if (!zfs_receive_checkprops(hdl, cmdprops, errbuf)) { 4489 return (zfs_error(hdl, EZFS_BADPROP, errbuf)); 4490 } 4491 4492 if (flags->isprefix && 4493 !zfs_dataset_exists(hdl, tosnap, ZFS_TYPE_DATASET)) { 4494 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified fs " 4495 "(%s) does not exist"), tosnap); 4496 return (zfs_error(hdl, EZFS_NOENT, errbuf)); 4497 } 4498 if (originsnap && 4499 !zfs_dataset_exists(hdl, originsnap, ZFS_TYPE_DATASET)) { 4500 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "specified origin fs " 4501 "(%s) does not exist"), originsnap); 4502 return (zfs_error(hdl, EZFS_NOENT, errbuf)); 4503 } 4504 4505 /* read in the BEGIN record */ 4506 if (0 != (err = recv_read(hdl, infd, &drr, sizeof (drr), B_FALSE, 4507 &zcksum))) 4508 return (err); 4509 4510 if (drr.drr_type == DRR_END || drr.drr_type == BSWAP_32(DRR_END)) { 4511 /* It's the double end record at the end of a package */ 4512 return (ENODATA); 4513 } 4514 4515 /* the kernel needs the non-byteswapped begin record */ 4516 drr_noswap = drr; 4517 4518 flags->byteswap = B_FALSE; 4519 if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC)) { 4520 /* 4521 * We computed the checksum in the wrong byteorder in 4522 * recv_read() above; do it again correctly. 4523 */ 4524 bzero(&zcksum, sizeof (zio_cksum_t)); 4525 (void) fletcher_4_incremental_byteswap(&drr, 4526 sizeof (drr), &zcksum); 4527 flags->byteswap = B_TRUE; 4528 4529 drr.drr_type = BSWAP_32(drr.drr_type); 4530 drr.drr_payloadlen = BSWAP_32(drr.drr_payloadlen); 4531 drrb->drr_magic = BSWAP_64(drrb->drr_magic); 4532 drrb->drr_versioninfo = BSWAP_64(drrb->drr_versioninfo); 4533 drrb->drr_creation_time = BSWAP_64(drrb->drr_creation_time); 4534 drrb->drr_type = BSWAP_32(drrb->drr_type); 4535 drrb->drr_flags = BSWAP_32(drrb->drr_flags); 4536 drrb->drr_toguid = BSWAP_64(drrb->drr_toguid); 4537 drrb->drr_fromguid = BSWAP_64(drrb->drr_fromguid); 4538 } 4539 4540 if (drrb->drr_magic != DMU_BACKUP_MAGIC || drr.drr_type != DRR_BEGIN) { 4541 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid " 4542 "stream (bad magic number)")); 4543 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf)); 4544 } 4545 4546 featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo); 4547 hdrtype = DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo); 4548 4549 if (!DMU_STREAM_SUPPORTED(featureflags) || 4550 (hdrtype != DMU_SUBSTREAM && hdrtype != DMU_COMPOUNDSTREAM)) { 4551 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, 4552 "stream has unsupported feature, feature flags = %lx"), 4553 featureflags); 4554 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf)); 4555 } 4556 4557 /* Holds feature is set once in the compound stream header. */ 4558 boolean_t holds = (DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) & 4559 DMU_BACKUP_FEATURE_HOLDS); 4560 if (holds) 4561 flags->holds = B_TRUE; 4562 4563 if (strchr(drrb->drr_toname, '@') == NULL) { 4564 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, "invalid " 4565 "stream (bad snapshot name)")); 4566 return (zfs_error(hdl, EZFS_BADSTREAM, errbuf)); 4567 } 4568 4569 if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) == DMU_SUBSTREAM) { 4570 char nonpackage_sendfs[ZFS_MAX_DATASET_NAME_LEN]; 4571 if (sendfs == NULL) { 4572 /* 4573 * We were not called from zfs_receive_package(). Get 4574 * the fs specified by 'zfs send'. 4575 */ 4576 char *cp; 4577 (void) strlcpy(nonpackage_sendfs, 4578 drr.drr_u.drr_begin.drr_toname, 4579 sizeof (nonpackage_sendfs)); 4580 if ((cp = strchr(nonpackage_sendfs, '@')) != NULL) 4581 *cp = '\0'; 4582 sendfs = nonpackage_sendfs; 4583 VERIFY(finalsnap == NULL); 4584 } 4585 return (zfs_receive_one(hdl, infd, tosnap, originsnap, flags, 4586 &drr, &drr_noswap, sendfs, stream_nv, stream_avl, top_zfs, 4587 cleanup_fd, action_handlep, finalsnap, cmdprops)); 4588 } else { 4589 assert(DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) == 4590 DMU_COMPOUNDSTREAM); 4591 return (zfs_receive_package(hdl, infd, tosnap, flags, &drr, 4592 &zcksum, top_zfs, cleanup_fd, action_handlep, cmdprops)); 4593 } 4594 } 4595 4596 /* 4597 * Restores a backup of tosnap from the file descriptor specified by infd. 4598 * Return 0 on total success, -2 if some things couldn't be 4599 * destroyed/renamed/promoted, -1 if some things couldn't be received. 4600 * (-1 will override -2, if -1 and the resumable flag was specified the 4601 * transfer can be resumed if the sending side supports it). 4602 */ 4603 int 4604 zfs_receive(libzfs_handle_t *hdl, const char *tosnap, nvlist_t *props, 4605 recvflags_t *flags, int infd, avl_tree_t *stream_avl) 4606 { 4607 char *top_zfs = NULL; 4608 int err; 4609 int cleanup_fd; 4610 uint64_t action_handle = 0; 4611 char *originsnap = NULL; 4612 if (props) { 4613 err = nvlist_lookup_string(props, "origin", &originsnap); 4614 if (err && err != ENOENT) 4615 return (err); 4616 } 4617 4618 cleanup_fd = open(ZFS_DEV, O_RDWR|O_EXCL); 4619 VERIFY(cleanup_fd >= 0); 4620 4621 err = zfs_receive_impl(hdl, tosnap, originsnap, flags, infd, NULL, NULL, 4622 stream_avl, &top_zfs, cleanup_fd, &action_handle, NULL, props); 4623 4624 VERIFY(0 == close(cleanup_fd)); 4625 4626 if (err == 0 && !flags->nomount && top_zfs) { 4627 zfs_handle_t *zhp; 4628 prop_changelist_t *clp; 4629 4630 zhp = zfs_open(hdl, top_zfs, ZFS_TYPE_FILESYSTEM); 4631 if (zhp != NULL) { 4632 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT, 4633 CL_GATHER_MOUNT_ALWAYS, 0); 4634 zfs_close(zhp); 4635 if (clp != NULL) { 4636 /* mount and share received datasets */ 4637 err = changelist_postfix(clp); 4638 changelist_free(clp); 4639 } 4640 } 4641 if (zhp == NULL || clp == NULL || err) 4642 err = -1; 4643 } 4644 if (top_zfs) 4645 free(top_zfs); 4646 4647 return (err); 4648 } 4649