xref: /titanic_44/usr/src/lib/libzfs/common/libzfs_dataset.c (revision b227c420ebc30f71999e5e7cd26ca1b23d2cb088)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #include <ctype.h>
28 #include <errno.h>
29 #include <libintl.h>
30 #include <math.h>
31 #include <stdio.h>
32 #include <stdlib.h>
33 #include <strings.h>
34 #include <unistd.h>
35 #include <stddef.h>
36 #include <zone.h>
37 #include <fcntl.h>
38 #include <sys/mntent.h>
39 #include <sys/mount.h>
40 #include <priv.h>
41 #include <pwd.h>
42 #include <grp.h>
43 #include <stddef.h>
44 #include <ucred.h>
45 #include <idmap.h>
46 #include <aclutils.h>
47 #include <directory.h>
48 
49 #include <sys/dnode.h>
50 #include <sys/spa.h>
51 #include <sys/zap.h>
52 #include <libzfs.h>
53 
54 #include "zfs_namecheck.h"
55 #include "zfs_prop.h"
56 #include "libzfs_impl.h"
57 #include "zfs_deleg.h"
58 
59 static int userquota_propname_decode(const char *propname, boolean_t zoned,
60     zfs_userquota_prop_t *typep, char *domain, int domainlen, uint64_t *ridp);
61 
62 /*
63  * Given a single type (not a mask of types), return the type in a human
64  * readable form.
65  */
66 const char *
67 zfs_type_to_name(zfs_type_t type)
68 {
69 	switch (type) {
70 	case ZFS_TYPE_FILESYSTEM:
71 		return (dgettext(TEXT_DOMAIN, "filesystem"));
72 	case ZFS_TYPE_SNAPSHOT:
73 		return (dgettext(TEXT_DOMAIN, "snapshot"));
74 	case ZFS_TYPE_VOLUME:
75 		return (dgettext(TEXT_DOMAIN, "volume"));
76 	}
77 
78 	return (NULL);
79 }
80 
81 /*
82  * Given a path and mask of ZFS types, return a string describing this dataset.
83  * This is used when we fail to open a dataset and we cannot get an exact type.
84  * We guess what the type would have been based on the path and the mask of
85  * acceptable types.
86  */
87 static const char *
88 path_to_str(const char *path, int types)
89 {
90 	/*
91 	 * When given a single type, always report the exact type.
92 	 */
93 	if (types == ZFS_TYPE_SNAPSHOT)
94 		return (dgettext(TEXT_DOMAIN, "snapshot"));
95 	if (types == ZFS_TYPE_FILESYSTEM)
96 		return (dgettext(TEXT_DOMAIN, "filesystem"));
97 	if (types == ZFS_TYPE_VOLUME)
98 		return (dgettext(TEXT_DOMAIN, "volume"));
99 
100 	/*
101 	 * The user is requesting more than one type of dataset.  If this is the
102 	 * case, consult the path itself.  If we're looking for a snapshot, and
103 	 * a '@' is found, then report it as "snapshot".  Otherwise, remove the
104 	 * snapshot attribute and try again.
105 	 */
106 	if (types & ZFS_TYPE_SNAPSHOT) {
107 		if (strchr(path, '@') != NULL)
108 			return (dgettext(TEXT_DOMAIN, "snapshot"));
109 		return (path_to_str(path, types & ~ZFS_TYPE_SNAPSHOT));
110 	}
111 
112 	/*
113 	 * The user has requested either filesystems or volumes.
114 	 * We have no way of knowing a priori what type this would be, so always
115 	 * report it as "filesystem" or "volume", our two primitive types.
116 	 */
117 	if (types & ZFS_TYPE_FILESYSTEM)
118 		return (dgettext(TEXT_DOMAIN, "filesystem"));
119 
120 	assert(types & ZFS_TYPE_VOLUME);
121 	return (dgettext(TEXT_DOMAIN, "volume"));
122 }
123 
124 /*
125  * Validate a ZFS path.  This is used even before trying to open the dataset, to
126  * provide a more meaningful error message.  We call zfs_error_aux() to
127  * explain exactly why the name was not valid.
128  */
129 static int
130 zfs_validate_name(libzfs_handle_t *hdl, const char *path, int type,
131     boolean_t modifying)
132 {
133 	namecheck_err_t why;
134 	char what;
135 
136 	if (dataset_namecheck(path, &why, &what) != 0) {
137 		if (hdl != NULL) {
138 			switch (why) {
139 			case NAME_ERR_TOOLONG:
140 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
141 				    "name is too long"));
142 				break;
143 
144 			case NAME_ERR_LEADING_SLASH:
145 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
146 				    "leading slash in name"));
147 				break;
148 
149 			case NAME_ERR_EMPTY_COMPONENT:
150 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
151 				    "empty component in name"));
152 				break;
153 
154 			case NAME_ERR_TRAILING_SLASH:
155 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
156 				    "trailing slash in name"));
157 				break;
158 
159 			case NAME_ERR_INVALCHAR:
160 				zfs_error_aux(hdl,
161 				    dgettext(TEXT_DOMAIN, "invalid character "
162 				    "'%c' in name"), what);
163 				break;
164 
165 			case NAME_ERR_MULTIPLE_AT:
166 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
167 				    "multiple '@' delimiters in name"));
168 				break;
169 
170 			case NAME_ERR_NOLETTER:
171 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
172 				    "pool doesn't begin with a letter"));
173 				break;
174 
175 			case NAME_ERR_RESERVED:
176 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
177 				    "name is reserved"));
178 				break;
179 
180 			case NAME_ERR_DISKLIKE:
181 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
182 				    "reserved disk name"));
183 				break;
184 			}
185 		}
186 
187 		return (0);
188 	}
189 
190 	if (!(type & ZFS_TYPE_SNAPSHOT) && strchr(path, '@') != NULL) {
191 		if (hdl != NULL)
192 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
193 			    "snapshot delimiter '@' in filesystem name"));
194 		return (0);
195 	}
196 
197 	if (type == ZFS_TYPE_SNAPSHOT && strchr(path, '@') == NULL) {
198 		if (hdl != NULL)
199 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
200 			    "missing '@' delimiter in snapshot name"));
201 		return (0);
202 	}
203 
204 	if (modifying && strchr(path, '%') != NULL) {
205 		if (hdl != NULL)
206 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
207 			    "invalid character %c in name"), '%');
208 		return (0);
209 	}
210 
211 	return (-1);
212 }
213 
214 int
215 zfs_name_valid(const char *name, zfs_type_t type)
216 {
217 	if (type == ZFS_TYPE_POOL)
218 		return (zpool_name_valid(NULL, B_FALSE, name));
219 	return (zfs_validate_name(NULL, name, type, B_FALSE));
220 }
221 
222 /*
223  * This function takes the raw DSL properties, and filters out the user-defined
224  * properties into a separate nvlist.
225  */
226 static nvlist_t *
227 process_user_props(zfs_handle_t *zhp, nvlist_t *props)
228 {
229 	libzfs_handle_t *hdl = zhp->zfs_hdl;
230 	nvpair_t *elem;
231 	nvlist_t *propval;
232 	nvlist_t *nvl;
233 
234 	if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, 0) != 0) {
235 		(void) no_memory(hdl);
236 		return (NULL);
237 	}
238 
239 	elem = NULL;
240 	while ((elem = nvlist_next_nvpair(props, elem)) != NULL) {
241 		if (!zfs_prop_user(nvpair_name(elem)))
242 			continue;
243 
244 		verify(nvpair_value_nvlist(elem, &propval) == 0);
245 		if (nvlist_add_nvlist(nvl, nvpair_name(elem), propval) != 0) {
246 			nvlist_free(nvl);
247 			(void) no_memory(hdl);
248 			return (NULL);
249 		}
250 	}
251 
252 	return (nvl);
253 }
254 
255 static zpool_handle_t *
256 zpool_add_handle(zfs_handle_t *zhp, const char *pool_name)
257 {
258 	libzfs_handle_t *hdl = zhp->zfs_hdl;
259 	zpool_handle_t *zph;
260 
261 	if ((zph = zpool_open_canfail(hdl, pool_name)) != NULL) {
262 		if (hdl->libzfs_pool_handles != NULL)
263 			zph->zpool_next = hdl->libzfs_pool_handles;
264 		hdl->libzfs_pool_handles = zph;
265 	}
266 	return (zph);
267 }
268 
269 static zpool_handle_t *
270 zpool_find_handle(zfs_handle_t *zhp, const char *pool_name, int len)
271 {
272 	libzfs_handle_t *hdl = zhp->zfs_hdl;
273 	zpool_handle_t *zph = hdl->libzfs_pool_handles;
274 
275 	while ((zph != NULL) &&
276 	    (strncmp(pool_name, zpool_get_name(zph), len) != 0))
277 		zph = zph->zpool_next;
278 	return (zph);
279 }
280 
281 /*
282  * Returns a handle to the pool that contains the provided dataset.
283  * If a handle to that pool already exists then that handle is returned.
284  * Otherwise, a new handle is created and added to the list of handles.
285  */
286 static zpool_handle_t *
287 zpool_handle(zfs_handle_t *zhp)
288 {
289 	char *pool_name;
290 	int len;
291 	zpool_handle_t *zph;
292 
293 	len = strcspn(zhp->zfs_name, "/@") + 1;
294 	pool_name = zfs_alloc(zhp->zfs_hdl, len);
295 	(void) strlcpy(pool_name, zhp->zfs_name, len);
296 
297 	zph = zpool_find_handle(zhp, pool_name, len);
298 	if (zph == NULL)
299 		zph = zpool_add_handle(zhp, pool_name);
300 
301 	free(pool_name);
302 	return (zph);
303 }
304 
305 void
306 zpool_free_handles(libzfs_handle_t *hdl)
307 {
308 	zpool_handle_t *next, *zph = hdl->libzfs_pool_handles;
309 
310 	while (zph != NULL) {
311 		next = zph->zpool_next;
312 		zpool_close(zph);
313 		zph = next;
314 	}
315 	hdl->libzfs_pool_handles = NULL;
316 }
317 
318 /*
319  * Utility function to gather stats (objset and zpl) for the given object.
320  */
321 static int
322 get_stats_ioctl(zfs_handle_t *zhp, zfs_cmd_t *zc)
323 {
324 	libzfs_handle_t *hdl = zhp->zfs_hdl;
325 
326 	(void) strlcpy(zc->zc_name, zhp->zfs_name, sizeof (zc->zc_name));
327 
328 	while (ioctl(hdl->libzfs_fd, ZFS_IOC_OBJSET_STATS, zc) != 0) {
329 		if (errno == ENOMEM) {
330 			if (zcmd_expand_dst_nvlist(hdl, zc) != 0) {
331 				return (-1);
332 			}
333 		} else {
334 			return (-1);
335 		}
336 	}
337 	return (0);
338 }
339 
340 /*
341  * Utility function to get the received properties of the given object.
342  */
343 static int
344 get_recvd_props_ioctl(zfs_handle_t *zhp)
345 {
346 	libzfs_handle_t *hdl = zhp->zfs_hdl;
347 	nvlist_t *recvdprops;
348 	zfs_cmd_t zc = { 0 };
349 	int err;
350 
351 	if (zcmd_alloc_dst_nvlist(hdl, &zc, 0) != 0)
352 		return (-1);
353 
354 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
355 
356 	while (ioctl(hdl->libzfs_fd, ZFS_IOC_OBJSET_RECVD_PROPS, &zc) != 0) {
357 		if (errno == ENOMEM) {
358 			if (zcmd_expand_dst_nvlist(hdl, &zc) != 0) {
359 				return (-1);
360 			}
361 		} else {
362 			zcmd_free_nvlists(&zc);
363 			return (-1);
364 		}
365 	}
366 
367 	err = zcmd_read_dst_nvlist(zhp->zfs_hdl, &zc, &recvdprops);
368 	zcmd_free_nvlists(&zc);
369 	if (err != 0)
370 		return (-1);
371 
372 	nvlist_free(zhp->zfs_recvd_props);
373 	zhp->zfs_recvd_props = recvdprops;
374 
375 	return (0);
376 }
377 
378 static int
379 put_stats_zhdl(zfs_handle_t *zhp, zfs_cmd_t *zc)
380 {
381 	nvlist_t *allprops, *userprops;
382 
383 	zhp->zfs_dmustats = zc->zc_objset_stats; /* structure assignment */
384 
385 	if (zcmd_read_dst_nvlist(zhp->zfs_hdl, zc, &allprops) != 0) {
386 		return (-1);
387 	}
388 
389 	/*
390 	 * XXX Why do we store the user props separately, in addition to
391 	 * storing them in zfs_props?
392 	 */
393 	if ((userprops = process_user_props(zhp, allprops)) == NULL) {
394 		nvlist_free(allprops);
395 		return (-1);
396 	}
397 
398 	nvlist_free(zhp->zfs_props);
399 	nvlist_free(zhp->zfs_user_props);
400 
401 	zhp->zfs_props = allprops;
402 	zhp->zfs_user_props = userprops;
403 
404 	return (0);
405 }
406 
407 static int
408 get_stats(zfs_handle_t *zhp)
409 {
410 	int rc = 0;
411 	zfs_cmd_t zc = { 0 };
412 
413 	if (zcmd_alloc_dst_nvlist(zhp->zfs_hdl, &zc, 0) != 0)
414 		return (-1);
415 	if (get_stats_ioctl(zhp, &zc) != 0)
416 		rc = -1;
417 	else if (put_stats_zhdl(zhp, &zc) != 0)
418 		rc = -1;
419 	zcmd_free_nvlists(&zc);
420 	return (rc);
421 }
422 
423 /*
424  * Refresh the properties currently stored in the handle.
425  */
426 void
427 zfs_refresh_properties(zfs_handle_t *zhp)
428 {
429 	(void) get_stats(zhp);
430 }
431 
432 /*
433  * Makes a handle from the given dataset name.  Used by zfs_open() and
434  * zfs_iter_* to create child handles on the fly.
435  */
436 static int
437 make_dataset_handle_common(zfs_handle_t *zhp, zfs_cmd_t *zc)
438 {
439 	if (put_stats_zhdl(zhp, zc) != 0)
440 		return (-1);
441 
442 	/*
443 	 * We've managed to open the dataset and gather statistics.  Determine
444 	 * the high-level type.
445 	 */
446 	if (zhp->zfs_dmustats.dds_type == DMU_OST_ZVOL)
447 		zhp->zfs_head_type = ZFS_TYPE_VOLUME;
448 	else if (zhp->zfs_dmustats.dds_type == DMU_OST_ZFS)
449 		zhp->zfs_head_type = ZFS_TYPE_FILESYSTEM;
450 	else
451 		abort();
452 
453 	if (zhp->zfs_dmustats.dds_is_snapshot)
454 		zhp->zfs_type = ZFS_TYPE_SNAPSHOT;
455 	else if (zhp->zfs_dmustats.dds_type == DMU_OST_ZVOL)
456 		zhp->zfs_type = ZFS_TYPE_VOLUME;
457 	else if (zhp->zfs_dmustats.dds_type == DMU_OST_ZFS)
458 		zhp->zfs_type = ZFS_TYPE_FILESYSTEM;
459 	else
460 		abort();	/* we should never see any other types */
461 
462 	zhp->zpool_hdl = zpool_handle(zhp);
463 	return (0);
464 }
465 
466 zfs_handle_t *
467 make_dataset_handle(libzfs_handle_t *hdl, const char *path)
468 {
469 	zfs_cmd_t zc = { 0 };
470 
471 	zfs_handle_t *zhp = calloc(sizeof (zfs_handle_t), 1);
472 
473 	if (zhp == NULL)
474 		return (NULL);
475 
476 	zhp->zfs_hdl = hdl;
477 	(void) strlcpy(zhp->zfs_name, path, sizeof (zhp->zfs_name));
478 	if (zcmd_alloc_dst_nvlist(hdl, &zc, 0) != 0) {
479 		free(zhp);
480 		return (NULL);
481 	}
482 	if (get_stats_ioctl(zhp, &zc) == -1) {
483 		zcmd_free_nvlists(&zc);
484 		free(zhp);
485 		return (NULL);
486 	}
487 	if (make_dataset_handle_common(zhp, &zc) == -1) {
488 		free(zhp);
489 		zhp = NULL;
490 	}
491 	zcmd_free_nvlists(&zc);
492 	return (zhp);
493 }
494 
495 static zfs_handle_t *
496 make_dataset_handle_zc(libzfs_handle_t *hdl, zfs_cmd_t *zc)
497 {
498 	zfs_handle_t *zhp = calloc(sizeof (zfs_handle_t), 1);
499 
500 	if (zhp == NULL)
501 		return (NULL);
502 
503 	zhp->zfs_hdl = hdl;
504 	(void) strlcpy(zhp->zfs_name, zc->zc_name, sizeof (zhp->zfs_name));
505 	if (make_dataset_handle_common(zhp, zc) == -1) {
506 		free(zhp);
507 		return (NULL);
508 	}
509 	return (zhp);
510 }
511 
512 /*
513  * Opens the given snapshot, filesystem, or volume.   The 'types'
514  * argument is a mask of acceptable types.  The function will print an
515  * appropriate error message and return NULL if it can't be opened.
516  */
517 zfs_handle_t *
518 zfs_open(libzfs_handle_t *hdl, const char *path, int types)
519 {
520 	zfs_handle_t *zhp;
521 	char errbuf[1024];
522 
523 	(void) snprintf(errbuf, sizeof (errbuf),
524 	    dgettext(TEXT_DOMAIN, "cannot open '%s'"), path);
525 
526 	/*
527 	 * Validate the name before we even try to open it.
528 	 */
529 	if (!zfs_validate_name(hdl, path, ZFS_TYPE_DATASET, B_FALSE)) {
530 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
531 		    "invalid dataset name"));
532 		(void) zfs_error(hdl, EZFS_INVALIDNAME, errbuf);
533 		return (NULL);
534 	}
535 
536 	/*
537 	 * Try to get stats for the dataset, which will tell us if it exists.
538 	 */
539 	errno = 0;
540 	if ((zhp = make_dataset_handle(hdl, path)) == NULL) {
541 		(void) zfs_standard_error(hdl, errno, errbuf);
542 		return (NULL);
543 	}
544 
545 	if (!(types & zhp->zfs_type)) {
546 		(void) zfs_error(hdl, EZFS_BADTYPE, errbuf);
547 		zfs_close(zhp);
548 		return (NULL);
549 	}
550 
551 	return (zhp);
552 }
553 
554 /*
555  * Release a ZFS handle.  Nothing to do but free the associated memory.
556  */
557 void
558 zfs_close(zfs_handle_t *zhp)
559 {
560 	if (zhp->zfs_mntopts)
561 		free(zhp->zfs_mntopts);
562 	nvlist_free(zhp->zfs_props);
563 	nvlist_free(zhp->zfs_user_props);
564 	nvlist_free(zhp->zfs_recvd_props);
565 	free(zhp);
566 }
567 
568 typedef struct mnttab_node {
569 	struct mnttab mtn_mt;
570 	avl_node_t mtn_node;
571 } mnttab_node_t;
572 
573 static int
574 libzfs_mnttab_cache_compare(const void *arg1, const void *arg2)
575 {
576 	const mnttab_node_t *mtn1 = arg1;
577 	const mnttab_node_t *mtn2 = arg2;
578 	int rv;
579 
580 	rv = strcmp(mtn1->mtn_mt.mnt_special, mtn2->mtn_mt.mnt_special);
581 
582 	if (rv == 0)
583 		return (0);
584 	return (rv > 0 ? 1 : -1);
585 }
586 
587 void
588 libzfs_mnttab_init(libzfs_handle_t *hdl)
589 {
590 	assert(avl_numnodes(&hdl->libzfs_mnttab_cache) == 0);
591 	avl_create(&hdl->libzfs_mnttab_cache, libzfs_mnttab_cache_compare,
592 	    sizeof (mnttab_node_t), offsetof(mnttab_node_t, mtn_node));
593 }
594 
595 void
596 libzfs_mnttab_update(libzfs_handle_t *hdl)
597 {
598 	struct mnttab entry;
599 
600 	rewind(hdl->libzfs_mnttab);
601 	while (getmntent(hdl->libzfs_mnttab, &entry) == 0) {
602 		mnttab_node_t *mtn;
603 
604 		if (strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0)
605 			continue;
606 		mtn = zfs_alloc(hdl, sizeof (mnttab_node_t));
607 		mtn->mtn_mt.mnt_special = zfs_strdup(hdl, entry.mnt_special);
608 		mtn->mtn_mt.mnt_mountp = zfs_strdup(hdl, entry.mnt_mountp);
609 		mtn->mtn_mt.mnt_fstype = zfs_strdup(hdl, entry.mnt_fstype);
610 		mtn->mtn_mt.mnt_mntopts = zfs_strdup(hdl, entry.mnt_mntopts);
611 		avl_add(&hdl->libzfs_mnttab_cache, mtn);
612 	}
613 }
614 
615 void
616 libzfs_mnttab_fini(libzfs_handle_t *hdl)
617 {
618 	void *cookie = NULL;
619 	mnttab_node_t *mtn;
620 
621 	while (mtn = avl_destroy_nodes(&hdl->libzfs_mnttab_cache, &cookie)) {
622 		free(mtn->mtn_mt.mnt_special);
623 		free(mtn->mtn_mt.mnt_mountp);
624 		free(mtn->mtn_mt.mnt_fstype);
625 		free(mtn->mtn_mt.mnt_mntopts);
626 		free(mtn);
627 	}
628 	avl_destroy(&hdl->libzfs_mnttab_cache);
629 }
630 
631 void
632 libzfs_mnttab_cache(libzfs_handle_t *hdl, boolean_t enable)
633 {
634 	hdl->libzfs_mnttab_enable = enable;
635 }
636 
637 int
638 libzfs_mnttab_find(libzfs_handle_t *hdl, const char *fsname,
639     struct mnttab *entry)
640 {
641 	mnttab_node_t find;
642 	mnttab_node_t *mtn;
643 
644 	if (!hdl->libzfs_mnttab_enable) {
645 		struct mnttab srch = { 0 };
646 
647 		if (avl_numnodes(&hdl->libzfs_mnttab_cache))
648 			libzfs_mnttab_fini(hdl);
649 		rewind(hdl->libzfs_mnttab);
650 		srch.mnt_special = (char *)fsname;
651 		srch.mnt_fstype = MNTTYPE_ZFS;
652 		if (getmntany(hdl->libzfs_mnttab, entry, &srch) == 0)
653 			return (0);
654 		else
655 			return (ENOENT);
656 	}
657 
658 	if (avl_numnodes(&hdl->libzfs_mnttab_cache) == 0)
659 		libzfs_mnttab_update(hdl);
660 
661 	find.mtn_mt.mnt_special = (char *)fsname;
662 	mtn = avl_find(&hdl->libzfs_mnttab_cache, &find, NULL);
663 	if (mtn) {
664 		*entry = mtn->mtn_mt;
665 		return (0);
666 	}
667 	return (ENOENT);
668 }
669 
670 void
671 libzfs_mnttab_add(libzfs_handle_t *hdl, const char *special,
672     const char *mountp, const char *mntopts)
673 {
674 	mnttab_node_t *mtn;
675 
676 	if (avl_numnodes(&hdl->libzfs_mnttab_cache) == 0)
677 		return;
678 	mtn = zfs_alloc(hdl, sizeof (mnttab_node_t));
679 	mtn->mtn_mt.mnt_special = zfs_strdup(hdl, special);
680 	mtn->mtn_mt.mnt_mountp = zfs_strdup(hdl, mountp);
681 	mtn->mtn_mt.mnt_fstype = zfs_strdup(hdl, MNTTYPE_ZFS);
682 	mtn->mtn_mt.mnt_mntopts = zfs_strdup(hdl, mntopts);
683 	avl_add(&hdl->libzfs_mnttab_cache, mtn);
684 }
685 
686 void
687 libzfs_mnttab_remove(libzfs_handle_t *hdl, const char *fsname)
688 {
689 	mnttab_node_t find;
690 	mnttab_node_t *ret;
691 
692 	find.mtn_mt.mnt_special = (char *)fsname;
693 	if (ret = avl_find(&hdl->libzfs_mnttab_cache, (void *)&find, NULL)) {
694 		avl_remove(&hdl->libzfs_mnttab_cache, ret);
695 		free(ret->mtn_mt.mnt_special);
696 		free(ret->mtn_mt.mnt_mountp);
697 		free(ret->mtn_mt.mnt_fstype);
698 		free(ret->mtn_mt.mnt_mntopts);
699 		free(ret);
700 	}
701 }
702 
703 int
704 zfs_spa_version(zfs_handle_t *zhp, int *spa_version)
705 {
706 	zpool_handle_t *zpool_handle = zhp->zpool_hdl;
707 
708 	if (zpool_handle == NULL)
709 		return (-1);
710 
711 	*spa_version = zpool_get_prop_int(zpool_handle,
712 	    ZPOOL_PROP_VERSION, NULL);
713 	return (0);
714 }
715 
716 /*
717  * The choice of reservation property depends on the SPA version.
718  */
719 static int
720 zfs_which_resv_prop(zfs_handle_t *zhp, zfs_prop_t *resv_prop)
721 {
722 	int spa_version;
723 
724 	if (zfs_spa_version(zhp, &spa_version) < 0)
725 		return (-1);
726 
727 	if (spa_version >= SPA_VERSION_REFRESERVATION)
728 		*resv_prop = ZFS_PROP_REFRESERVATION;
729 	else
730 		*resv_prop = ZFS_PROP_RESERVATION;
731 
732 	return (0);
733 }
734 
735 /*
736  * Given an nvlist of properties to set, validates that they are correct, and
737  * parses any numeric properties (index, boolean, etc) if they are specified as
738  * strings.
739  */
740 nvlist_t *
741 zfs_valid_proplist(libzfs_handle_t *hdl, zfs_type_t type, nvlist_t *nvl,
742     uint64_t zoned, zfs_handle_t *zhp, const char *errbuf)
743 {
744 	nvpair_t *elem;
745 	uint64_t intval;
746 	char *strval;
747 	zfs_prop_t prop;
748 	nvlist_t *ret;
749 	int chosen_normal = -1;
750 	int chosen_utf = -1;
751 
752 	if (nvlist_alloc(&ret, NV_UNIQUE_NAME, 0) != 0) {
753 		(void) no_memory(hdl);
754 		return (NULL);
755 	}
756 
757 	/*
758 	 * Make sure this property is valid and applies to this type.
759 	 */
760 
761 	elem = NULL;
762 	while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) {
763 		const char *propname = nvpair_name(elem);
764 
765 		prop = zfs_name_to_prop(propname);
766 		if (prop == ZPROP_INVAL && zfs_prop_user(propname)) {
767 			/*
768 			 * This is a user property: make sure it's a
769 			 * string, and that it's less than ZAP_MAXNAMELEN.
770 			 */
771 			if (nvpair_type(elem) != DATA_TYPE_STRING) {
772 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
773 				    "'%s' must be a string"), propname);
774 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
775 				goto error;
776 			}
777 
778 			if (strlen(nvpair_name(elem)) >= ZAP_MAXNAMELEN) {
779 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
780 				    "property name '%s' is too long"),
781 				    propname);
782 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
783 				goto error;
784 			}
785 
786 			(void) nvpair_value_string(elem, &strval);
787 			if (nvlist_add_string(ret, propname, strval) != 0) {
788 				(void) no_memory(hdl);
789 				goto error;
790 			}
791 			continue;
792 		}
793 
794 		/*
795 		 * Currently, only user properties can be modified on
796 		 * snapshots.
797 		 */
798 		if (type == ZFS_TYPE_SNAPSHOT) {
799 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
800 			    "this property can not be modified for snapshots"));
801 			(void) zfs_error(hdl, EZFS_PROPTYPE, errbuf);
802 			goto error;
803 		}
804 
805 		if (prop == ZPROP_INVAL && zfs_prop_userquota(propname)) {
806 			zfs_userquota_prop_t uqtype;
807 			char newpropname[128];
808 			char domain[128];
809 			uint64_t rid;
810 			uint64_t valary[3];
811 
812 			if (userquota_propname_decode(propname, zoned,
813 			    &uqtype, domain, sizeof (domain), &rid) != 0) {
814 				zfs_error_aux(hdl,
815 				    dgettext(TEXT_DOMAIN,
816 				    "'%s' has an invalid user/group name"),
817 				    propname);
818 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
819 				goto error;
820 			}
821 
822 			if (uqtype != ZFS_PROP_USERQUOTA &&
823 			    uqtype != ZFS_PROP_GROUPQUOTA) {
824 				zfs_error_aux(hdl,
825 				    dgettext(TEXT_DOMAIN, "'%s' is readonly"),
826 				    propname);
827 				(void) zfs_error(hdl, EZFS_PROPREADONLY,
828 				    errbuf);
829 				goto error;
830 			}
831 
832 			if (nvpair_type(elem) == DATA_TYPE_STRING) {
833 				(void) nvpair_value_string(elem, &strval);
834 				if (strcmp(strval, "none") == 0) {
835 					intval = 0;
836 				} else if (zfs_nicestrtonum(hdl,
837 				    strval, &intval) != 0) {
838 					(void) zfs_error(hdl,
839 					    EZFS_BADPROP, errbuf);
840 					goto error;
841 				}
842 			} else if (nvpair_type(elem) ==
843 			    DATA_TYPE_UINT64) {
844 				(void) nvpair_value_uint64(elem, &intval);
845 				if (intval == 0) {
846 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
847 					    "use 'none' to disable "
848 					    "userquota/groupquota"));
849 					goto error;
850 				}
851 			} else {
852 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
853 				    "'%s' must be a number"), propname);
854 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
855 				goto error;
856 			}
857 
858 			/*
859 			 * Encode the prop name as
860 			 * userquota@<hex-rid>-domain, to make it easy
861 			 * for the kernel to decode.
862 			 */
863 			(void) snprintf(newpropname, sizeof (newpropname),
864 			    "%s%llx-%s", zfs_userquota_prop_prefixes[uqtype],
865 			    (longlong_t)rid, domain);
866 			valary[0] = uqtype;
867 			valary[1] = rid;
868 			valary[2] = intval;
869 			if (nvlist_add_uint64_array(ret, newpropname,
870 			    valary, 3) != 0) {
871 				(void) no_memory(hdl);
872 				goto error;
873 			}
874 			continue;
875 		}
876 
877 		if (prop == ZPROP_INVAL) {
878 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
879 			    "invalid property '%s'"), propname);
880 			(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
881 			goto error;
882 		}
883 
884 		if (!zfs_prop_valid_for_type(prop, type)) {
885 			zfs_error_aux(hdl,
886 			    dgettext(TEXT_DOMAIN, "'%s' does not "
887 			    "apply to datasets of this type"), propname);
888 			(void) zfs_error(hdl, EZFS_PROPTYPE, errbuf);
889 			goto error;
890 		}
891 
892 		if (zfs_prop_readonly(prop) &&
893 		    (!zfs_prop_setonce(prop) || zhp != NULL)) {
894 			zfs_error_aux(hdl,
895 			    dgettext(TEXT_DOMAIN, "'%s' is readonly"),
896 			    propname);
897 			(void) zfs_error(hdl, EZFS_PROPREADONLY, errbuf);
898 			goto error;
899 		}
900 
901 		if (zprop_parse_value(hdl, elem, prop, type, ret,
902 		    &strval, &intval, errbuf) != 0)
903 			goto error;
904 
905 		/*
906 		 * Perform some additional checks for specific properties.
907 		 */
908 		switch (prop) {
909 		case ZFS_PROP_VERSION:
910 		{
911 			int version;
912 
913 			if (zhp == NULL)
914 				break;
915 			version = zfs_prop_get_int(zhp, ZFS_PROP_VERSION);
916 			if (intval < version) {
917 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
918 				    "Can not downgrade; already at version %u"),
919 				    version);
920 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
921 				goto error;
922 			}
923 			break;
924 		}
925 
926 		case ZFS_PROP_RECORDSIZE:
927 		case ZFS_PROP_VOLBLOCKSIZE:
928 			/* must be power of two within SPA_{MIN,MAX}BLOCKSIZE */
929 			if (intval < SPA_MINBLOCKSIZE ||
930 			    intval > SPA_MAXBLOCKSIZE || !ISP2(intval)) {
931 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
932 				    "'%s' must be power of 2 from %u "
933 				    "to %uk"), propname,
934 				    (uint_t)SPA_MINBLOCKSIZE,
935 				    (uint_t)SPA_MAXBLOCKSIZE >> 10);
936 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
937 				goto error;
938 			}
939 			break;
940 
941 		case ZFS_PROP_SHAREISCSI:
942 			if (strcmp(strval, "off") != 0 &&
943 			    strcmp(strval, "on") != 0 &&
944 			    strcmp(strval, "type=disk") != 0) {
945 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
946 				    "'%s' must be 'on', 'off', or 'type=disk'"),
947 				    propname);
948 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
949 				goto error;
950 			}
951 
952 			break;
953 
954 		case ZFS_PROP_MLSLABEL:
955 		{
956 			/*
957 			 * Verify the mlslabel string and convert to
958 			 * internal hex label string.
959 			 */
960 
961 			m_label_t *new_sl;
962 			char *hex = NULL;	/* internal label string */
963 
964 			/* Default value is already OK. */
965 			if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
966 				break;
967 
968 			/* Verify the label can be converted to binary form */
969 			if (((new_sl = m_label_alloc(MAC_LABEL)) == NULL) ||
970 			    (str_to_label(strval, &new_sl, MAC_LABEL,
971 			    L_NO_CORRECTION, NULL) == -1)) {
972 				goto badlabel;
973 			}
974 
975 			/* Now translate to hex internal label string */
976 			if (label_to_str(new_sl, &hex, M_INTERNAL,
977 			    DEF_NAMES) != 0) {
978 				if (hex)
979 					free(hex);
980 				goto badlabel;
981 			}
982 			m_label_free(new_sl);
983 
984 			/* If string is already in internal form, we're done. */
985 			if (strcmp(strval, hex) == 0) {
986 				free(hex);
987 				break;
988 			}
989 
990 			/* Replace the label string with the internal form. */
991 			(void) nvlist_remove(ret, zfs_prop_to_name(prop),
992 			    DATA_TYPE_STRING);
993 			verify(nvlist_add_string(ret, zfs_prop_to_name(prop),
994 			    hex) == 0);
995 			free(hex);
996 
997 			break;
998 
999 badlabel:
1000 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1001 			    "invalid mlslabel '%s'"), strval);
1002 			(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
1003 			m_label_free(new_sl);	/* OK if null */
1004 			goto error;
1005 
1006 		}
1007 
1008 		case ZFS_PROP_MOUNTPOINT:
1009 		{
1010 			namecheck_err_t why;
1011 
1012 			if (strcmp(strval, ZFS_MOUNTPOINT_NONE) == 0 ||
1013 			    strcmp(strval, ZFS_MOUNTPOINT_LEGACY) == 0)
1014 				break;
1015 
1016 			if (mountpoint_namecheck(strval, &why)) {
1017 				switch (why) {
1018 				case NAME_ERR_LEADING_SLASH:
1019 					zfs_error_aux(hdl,
1020 					    dgettext(TEXT_DOMAIN,
1021 					    "'%s' must be an absolute path, "
1022 					    "'none', or 'legacy'"), propname);
1023 					break;
1024 				case NAME_ERR_TOOLONG:
1025 					zfs_error_aux(hdl,
1026 					    dgettext(TEXT_DOMAIN,
1027 					    "component of '%s' is too long"),
1028 					    propname);
1029 					break;
1030 				}
1031 				(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
1032 				goto error;
1033 			}
1034 		}
1035 
1036 			/*FALLTHRU*/
1037 
1038 		case ZFS_PROP_SHARESMB:
1039 		case ZFS_PROP_SHARENFS:
1040 			/*
1041 			 * For the mountpoint and sharenfs or sharesmb
1042 			 * properties, check if it can be set in a
1043 			 * global/non-global zone based on
1044 			 * the zoned property value:
1045 			 *
1046 			 *		global zone	    non-global zone
1047 			 * --------------------------------------------------
1048 			 * zoned=on	mountpoint (no)	    mountpoint (yes)
1049 			 *		sharenfs (no)	    sharenfs (no)
1050 			 *		sharesmb (no)	    sharesmb (no)
1051 			 *
1052 			 * zoned=off	mountpoint (yes)	N/A
1053 			 *		sharenfs (yes)
1054 			 *		sharesmb (yes)
1055 			 */
1056 			if (zoned) {
1057 				if (getzoneid() == GLOBAL_ZONEID) {
1058 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1059 					    "'%s' cannot be set on "
1060 					    "dataset in a non-global zone"),
1061 					    propname);
1062 					(void) zfs_error(hdl, EZFS_ZONED,
1063 					    errbuf);
1064 					goto error;
1065 				} else if (prop == ZFS_PROP_SHARENFS ||
1066 				    prop == ZFS_PROP_SHARESMB) {
1067 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1068 					    "'%s' cannot be set in "
1069 					    "a non-global zone"), propname);
1070 					(void) zfs_error(hdl, EZFS_ZONED,
1071 					    errbuf);
1072 					goto error;
1073 				}
1074 			} else if (getzoneid() != GLOBAL_ZONEID) {
1075 				/*
1076 				 * If zoned property is 'off', this must be in
1077 				 * a global zone. If not, something is wrong.
1078 				 */
1079 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1080 				    "'%s' cannot be set while dataset "
1081 				    "'zoned' property is set"), propname);
1082 				(void) zfs_error(hdl, EZFS_ZONED, errbuf);
1083 				goto error;
1084 			}
1085 
1086 			/*
1087 			 * At this point, it is legitimate to set the
1088 			 * property. Now we want to make sure that the
1089 			 * property value is valid if it is sharenfs.
1090 			 */
1091 			if ((prop == ZFS_PROP_SHARENFS ||
1092 			    prop == ZFS_PROP_SHARESMB) &&
1093 			    strcmp(strval, "on") != 0 &&
1094 			    strcmp(strval, "off") != 0) {
1095 				zfs_share_proto_t proto;
1096 
1097 				if (prop == ZFS_PROP_SHARESMB)
1098 					proto = PROTO_SMB;
1099 				else
1100 					proto = PROTO_NFS;
1101 
1102 				/*
1103 				 * Must be an valid sharing protocol
1104 				 * option string so init the libshare
1105 				 * in order to enable the parser and
1106 				 * then parse the options. We use the
1107 				 * control API since we don't care about
1108 				 * the current configuration and don't
1109 				 * want the overhead of loading it
1110 				 * until we actually do something.
1111 				 */
1112 
1113 				if (zfs_init_libshare(hdl,
1114 				    SA_INIT_CONTROL_API) != SA_OK) {
1115 					/*
1116 					 * An error occurred so we can't do
1117 					 * anything
1118 					 */
1119 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1120 					    "'%s' cannot be set: problem "
1121 					    "in share initialization"),
1122 					    propname);
1123 					(void) zfs_error(hdl, EZFS_BADPROP,
1124 					    errbuf);
1125 					goto error;
1126 				}
1127 
1128 				if (zfs_parse_options(strval, proto) != SA_OK) {
1129 					/*
1130 					 * There was an error in parsing so
1131 					 * deal with it by issuing an error
1132 					 * message and leaving after
1133 					 * uninitializing the the libshare
1134 					 * interface.
1135 					 */
1136 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1137 					    "'%s' cannot be set to invalid "
1138 					    "options"), propname);
1139 					(void) zfs_error(hdl, EZFS_BADPROP,
1140 					    errbuf);
1141 					zfs_uninit_libshare(hdl);
1142 					goto error;
1143 				}
1144 				zfs_uninit_libshare(hdl);
1145 			}
1146 
1147 			break;
1148 		case ZFS_PROP_UTF8ONLY:
1149 			chosen_utf = (int)intval;
1150 			break;
1151 		case ZFS_PROP_NORMALIZE:
1152 			chosen_normal = (int)intval;
1153 			break;
1154 		}
1155 
1156 		/*
1157 		 * For changes to existing volumes, we have some additional
1158 		 * checks to enforce.
1159 		 */
1160 		if (type == ZFS_TYPE_VOLUME && zhp != NULL) {
1161 			uint64_t volsize = zfs_prop_get_int(zhp,
1162 			    ZFS_PROP_VOLSIZE);
1163 			uint64_t blocksize = zfs_prop_get_int(zhp,
1164 			    ZFS_PROP_VOLBLOCKSIZE);
1165 			char buf[64];
1166 
1167 			switch (prop) {
1168 			case ZFS_PROP_RESERVATION:
1169 			case ZFS_PROP_REFRESERVATION:
1170 				if (intval > volsize) {
1171 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1172 					    "'%s' is greater than current "
1173 					    "volume size"), propname);
1174 					(void) zfs_error(hdl, EZFS_BADPROP,
1175 					    errbuf);
1176 					goto error;
1177 				}
1178 				break;
1179 
1180 			case ZFS_PROP_VOLSIZE:
1181 				if (intval % blocksize != 0) {
1182 					zfs_nicenum(blocksize, buf,
1183 					    sizeof (buf));
1184 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1185 					    "'%s' must be a multiple of "
1186 					    "volume block size (%s)"),
1187 					    propname, buf);
1188 					(void) zfs_error(hdl, EZFS_BADPROP,
1189 					    errbuf);
1190 					goto error;
1191 				}
1192 
1193 				if (intval == 0) {
1194 					zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1195 					    "'%s' cannot be zero"),
1196 					    propname);
1197 					(void) zfs_error(hdl, EZFS_BADPROP,
1198 					    errbuf);
1199 					goto error;
1200 				}
1201 				break;
1202 			}
1203 		}
1204 	}
1205 
1206 	/*
1207 	 * If normalization was chosen, but no UTF8 choice was made,
1208 	 * enforce rejection of non-UTF8 names.
1209 	 *
1210 	 * If normalization was chosen, but rejecting non-UTF8 names
1211 	 * was explicitly not chosen, it is an error.
1212 	 */
1213 	if (chosen_normal > 0 && chosen_utf < 0) {
1214 		if (nvlist_add_uint64(ret,
1215 		    zfs_prop_to_name(ZFS_PROP_UTF8ONLY), 1) != 0) {
1216 			(void) no_memory(hdl);
1217 			goto error;
1218 		}
1219 	} else if (chosen_normal > 0 && chosen_utf == 0) {
1220 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1221 		    "'%s' must be set 'on' if normalization chosen"),
1222 		    zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
1223 		(void) zfs_error(hdl, EZFS_BADPROP, errbuf);
1224 		goto error;
1225 	}
1226 
1227 	/*
1228 	 * If this is an existing volume, and someone is setting the volsize,
1229 	 * make sure that it matches the reservation, or add it if necessary.
1230 	 */
1231 	if (zhp != NULL && type == ZFS_TYPE_VOLUME &&
1232 	    nvlist_lookup_uint64(ret, zfs_prop_to_name(ZFS_PROP_VOLSIZE),
1233 	    &intval) == 0) {
1234 		uint64_t old_volsize = zfs_prop_get_int(zhp,
1235 		    ZFS_PROP_VOLSIZE);
1236 		uint64_t old_reservation;
1237 		uint64_t new_reservation;
1238 		zfs_prop_t resv_prop;
1239 
1240 		if (zfs_which_resv_prop(zhp, &resv_prop) < 0)
1241 			goto error;
1242 		old_reservation = zfs_prop_get_int(zhp, resv_prop);
1243 
1244 		if (old_volsize == old_reservation &&
1245 		    nvlist_lookup_uint64(ret, zfs_prop_to_name(resv_prop),
1246 		    &new_reservation) != 0) {
1247 			if (nvlist_add_uint64(ret,
1248 			    zfs_prop_to_name(resv_prop), intval) != 0) {
1249 				(void) no_memory(hdl);
1250 				goto error;
1251 			}
1252 		}
1253 	}
1254 	return (ret);
1255 
1256 error:
1257 	nvlist_free(ret);
1258 	return (NULL);
1259 }
1260 
1261 void
1262 zfs_setprop_error(libzfs_handle_t *hdl, zfs_prop_t prop, int err,
1263     char *errbuf)
1264 {
1265 	switch (err) {
1266 
1267 	case ENOSPC:
1268 		/*
1269 		 * For quotas and reservations, ENOSPC indicates
1270 		 * something different; setting a quota or reservation
1271 		 * doesn't use any disk space.
1272 		 */
1273 		switch (prop) {
1274 		case ZFS_PROP_QUOTA:
1275 		case ZFS_PROP_REFQUOTA:
1276 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1277 			    "size is less than current used or "
1278 			    "reserved space"));
1279 			(void) zfs_error(hdl, EZFS_PROPSPACE, errbuf);
1280 			break;
1281 
1282 		case ZFS_PROP_RESERVATION:
1283 		case ZFS_PROP_REFRESERVATION:
1284 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1285 			    "size is greater than available space"));
1286 			(void) zfs_error(hdl, EZFS_PROPSPACE, errbuf);
1287 			break;
1288 
1289 		default:
1290 			(void) zfs_standard_error(hdl, err, errbuf);
1291 			break;
1292 		}
1293 		break;
1294 
1295 	case EBUSY:
1296 		(void) zfs_standard_error(hdl, EBUSY, errbuf);
1297 		break;
1298 
1299 	case EROFS:
1300 		(void) zfs_error(hdl, EZFS_DSREADONLY, errbuf);
1301 		break;
1302 
1303 	case ENOTSUP:
1304 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1305 		    "pool and or dataset must be upgraded to set this "
1306 		    "property or value"));
1307 		(void) zfs_error(hdl, EZFS_BADVERSION, errbuf);
1308 		break;
1309 
1310 	case ERANGE:
1311 		if (prop == ZFS_PROP_COMPRESSION) {
1312 			(void) zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1313 			    "property setting is not allowed on "
1314 			    "bootable datasets"));
1315 			(void) zfs_error(hdl, EZFS_NOTSUP, errbuf);
1316 		} else {
1317 			(void) zfs_standard_error(hdl, err, errbuf);
1318 		}
1319 		break;
1320 
1321 	case EOVERFLOW:
1322 		/*
1323 		 * This platform can't address a volume this big.
1324 		 */
1325 #ifdef _ILP32
1326 		if (prop == ZFS_PROP_VOLSIZE) {
1327 			(void) zfs_error(hdl, EZFS_VOLTOOBIG, errbuf);
1328 			break;
1329 		}
1330 #endif
1331 		/* FALLTHROUGH */
1332 	default:
1333 		(void) zfs_standard_error(hdl, err, errbuf);
1334 	}
1335 }
1336 
1337 /*
1338  * Given a property name and value, set the property for the given dataset.
1339  */
1340 int
1341 zfs_prop_set(zfs_handle_t *zhp, const char *propname, const char *propval)
1342 {
1343 	zfs_cmd_t zc = { 0 };
1344 	int ret = -1;
1345 	prop_changelist_t *cl = NULL;
1346 	char errbuf[1024];
1347 	libzfs_handle_t *hdl = zhp->zfs_hdl;
1348 	nvlist_t *nvl = NULL, *realprops;
1349 	zfs_prop_t prop;
1350 	boolean_t do_prefix;
1351 	uint64_t idx;
1352 
1353 	(void) snprintf(errbuf, sizeof (errbuf),
1354 	    dgettext(TEXT_DOMAIN, "cannot set property for '%s'"),
1355 	    zhp->zfs_name);
1356 
1357 	if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, 0) != 0 ||
1358 	    nvlist_add_string(nvl, propname, propval) != 0) {
1359 		(void) no_memory(hdl);
1360 		goto error;
1361 	}
1362 
1363 	if ((realprops = zfs_valid_proplist(hdl, zhp->zfs_type, nvl,
1364 	    zfs_prop_get_int(zhp, ZFS_PROP_ZONED), zhp, errbuf)) == NULL)
1365 		goto error;
1366 
1367 	nvlist_free(nvl);
1368 	nvl = realprops;
1369 
1370 	prop = zfs_name_to_prop(propname);
1371 
1372 	if ((cl = changelist_gather(zhp, prop, 0, 0)) == NULL)
1373 		goto error;
1374 
1375 	if (prop == ZFS_PROP_MOUNTPOINT && changelist_haszonedchild(cl)) {
1376 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1377 		    "child dataset with inherited mountpoint is used "
1378 		    "in a non-global zone"));
1379 		ret = zfs_error(hdl, EZFS_ZONED, errbuf);
1380 		goto error;
1381 	}
1382 
1383 	/*
1384 	 * If the dataset's canmount property is being set to noauto,
1385 	 * then we want to prevent unmounting & remounting it.
1386 	 */
1387 	do_prefix = !((prop == ZFS_PROP_CANMOUNT) &&
1388 	    (zprop_string_to_index(prop, propval, &idx,
1389 	    ZFS_TYPE_DATASET) == 0) && (idx == ZFS_CANMOUNT_NOAUTO));
1390 
1391 	if (do_prefix && (ret = changelist_prefix(cl)) != 0)
1392 		goto error;
1393 
1394 	/*
1395 	 * Execute the corresponding ioctl() to set this property.
1396 	 */
1397 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1398 
1399 	if (zcmd_write_src_nvlist(hdl, &zc, nvl) != 0)
1400 		goto error;
1401 
1402 	ret = zfs_ioctl(hdl, ZFS_IOC_SET_PROP, &zc);
1403 
1404 	if (ret != 0) {
1405 		zfs_setprop_error(hdl, prop, errno, errbuf);
1406 	} else {
1407 		if (do_prefix)
1408 			ret = changelist_postfix(cl);
1409 
1410 		/*
1411 		 * Refresh the statistics so the new property value
1412 		 * is reflected.
1413 		 */
1414 		if (ret == 0)
1415 			(void) get_stats(zhp);
1416 	}
1417 
1418 error:
1419 	nvlist_free(nvl);
1420 	zcmd_free_nvlists(&zc);
1421 	if (cl)
1422 		changelist_free(cl);
1423 	return (ret);
1424 }
1425 
1426 /*
1427  * Given a property, inherit the value from the parent dataset, or if received
1428  * is TRUE, revert to the received value, if any.
1429  */
1430 int
1431 zfs_prop_inherit(zfs_handle_t *zhp, const char *propname, boolean_t received)
1432 {
1433 	zfs_cmd_t zc = { 0 };
1434 	int ret;
1435 	prop_changelist_t *cl;
1436 	libzfs_handle_t *hdl = zhp->zfs_hdl;
1437 	char errbuf[1024];
1438 	zfs_prop_t prop;
1439 
1440 	(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
1441 	    "cannot inherit %s for '%s'"), propname, zhp->zfs_name);
1442 
1443 	zc.zc_cookie = received;
1444 	if ((prop = zfs_name_to_prop(propname)) == ZPROP_INVAL) {
1445 		/*
1446 		 * For user properties, the amount of work we have to do is very
1447 		 * small, so just do it here.
1448 		 */
1449 		if (!zfs_prop_user(propname)) {
1450 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1451 			    "invalid property"));
1452 			return (zfs_error(hdl, EZFS_BADPROP, errbuf));
1453 		}
1454 
1455 		(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1456 		(void) strlcpy(zc.zc_value, propname, sizeof (zc.zc_value));
1457 
1458 		if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_INHERIT_PROP, &zc) != 0)
1459 			return (zfs_standard_error(hdl, errno, errbuf));
1460 
1461 		return (0);
1462 	}
1463 
1464 	/*
1465 	 * Verify that this property is inheritable.
1466 	 */
1467 	if (zfs_prop_readonly(prop))
1468 		return (zfs_error(hdl, EZFS_PROPREADONLY, errbuf));
1469 
1470 	if (!zfs_prop_inheritable(prop) && !received)
1471 		return (zfs_error(hdl, EZFS_PROPNONINHERIT, errbuf));
1472 
1473 	/*
1474 	 * Check to see if the value applies to this type
1475 	 */
1476 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type))
1477 		return (zfs_error(hdl, EZFS_PROPTYPE, errbuf));
1478 
1479 	/*
1480 	 * Normalize the name, to get rid of shorthand abbrevations.
1481 	 */
1482 	propname = zfs_prop_to_name(prop);
1483 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1484 	(void) strlcpy(zc.zc_value, propname, sizeof (zc.zc_value));
1485 
1486 	if (prop == ZFS_PROP_MOUNTPOINT && getzoneid() == GLOBAL_ZONEID &&
1487 	    zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) {
1488 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1489 		    "dataset is used in a non-global zone"));
1490 		return (zfs_error(hdl, EZFS_ZONED, errbuf));
1491 	}
1492 
1493 	/*
1494 	 * Determine datasets which will be affected by this change, if any.
1495 	 */
1496 	if ((cl = changelist_gather(zhp, prop, 0, 0)) == NULL)
1497 		return (-1);
1498 
1499 	if (prop == ZFS_PROP_MOUNTPOINT && changelist_haszonedchild(cl)) {
1500 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
1501 		    "child dataset with inherited mountpoint is used "
1502 		    "in a non-global zone"));
1503 		ret = zfs_error(hdl, EZFS_ZONED, errbuf);
1504 		goto error;
1505 	}
1506 
1507 	if ((ret = changelist_prefix(cl)) != 0)
1508 		goto error;
1509 
1510 	if ((ret = zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_INHERIT_PROP, &zc)) != 0) {
1511 		return (zfs_standard_error(hdl, errno, errbuf));
1512 	} else {
1513 
1514 		if ((ret = changelist_postfix(cl)) != 0)
1515 			goto error;
1516 
1517 		/*
1518 		 * Refresh the statistics so the new property is reflected.
1519 		 */
1520 		(void) get_stats(zhp);
1521 	}
1522 
1523 error:
1524 	changelist_free(cl);
1525 	return (ret);
1526 }
1527 
1528 /*
1529  * True DSL properties are stored in an nvlist.  The following two functions
1530  * extract them appropriately.
1531  */
1532 static uint64_t
1533 getprop_uint64(zfs_handle_t *zhp, zfs_prop_t prop, char **source)
1534 {
1535 	nvlist_t *nv;
1536 	uint64_t value;
1537 
1538 	*source = NULL;
1539 	if (nvlist_lookup_nvlist(zhp->zfs_props,
1540 	    zfs_prop_to_name(prop), &nv) == 0) {
1541 		verify(nvlist_lookup_uint64(nv, ZPROP_VALUE, &value) == 0);
1542 		(void) nvlist_lookup_string(nv, ZPROP_SOURCE, source);
1543 	} else {
1544 		verify(!zhp->zfs_props_table ||
1545 		    zhp->zfs_props_table[prop] == B_TRUE);
1546 		value = zfs_prop_default_numeric(prop);
1547 		*source = "";
1548 	}
1549 
1550 	return (value);
1551 }
1552 
1553 static char *
1554 getprop_string(zfs_handle_t *zhp, zfs_prop_t prop, char **source)
1555 {
1556 	nvlist_t *nv;
1557 	char *value;
1558 
1559 	*source = NULL;
1560 	if (nvlist_lookup_nvlist(zhp->zfs_props,
1561 	    zfs_prop_to_name(prop), &nv) == 0) {
1562 		verify(nvlist_lookup_string(nv, ZPROP_VALUE, &value) == 0);
1563 		(void) nvlist_lookup_string(nv, ZPROP_SOURCE, source);
1564 	} else {
1565 		verify(!zhp->zfs_props_table ||
1566 		    zhp->zfs_props_table[prop] == B_TRUE);
1567 		if ((value = (char *)zfs_prop_default_string(prop)) == NULL)
1568 			value = "";
1569 		*source = "";
1570 	}
1571 
1572 	return (value);
1573 }
1574 
1575 static boolean_t
1576 zfs_is_recvd_props_mode(zfs_handle_t *zhp)
1577 {
1578 	return (zhp->zfs_props == zhp->zfs_recvd_props);
1579 }
1580 
1581 static void
1582 zfs_set_recvd_props_mode(zfs_handle_t *zhp, uint64_t *cookie)
1583 {
1584 	*cookie = (uint64_t)(uintptr_t)zhp->zfs_props;
1585 	zhp->zfs_props = zhp->zfs_recvd_props;
1586 }
1587 
1588 static void
1589 zfs_unset_recvd_props_mode(zfs_handle_t *zhp, uint64_t *cookie)
1590 {
1591 	zhp->zfs_props = (nvlist_t *)(uintptr_t)*cookie;
1592 	*cookie = 0;
1593 }
1594 
1595 /*
1596  * Internal function for getting a numeric property.  Both zfs_prop_get() and
1597  * zfs_prop_get_int() are built using this interface.
1598  *
1599  * Certain properties can be overridden using 'mount -o'.  In this case, scan
1600  * the contents of the /etc/mnttab entry, searching for the appropriate options.
1601  * If they differ from the on-disk values, report the current values and mark
1602  * the source "temporary".
1603  */
1604 static int
1605 get_numeric_property(zfs_handle_t *zhp, zfs_prop_t prop, zprop_source_t *src,
1606     char **source, uint64_t *val)
1607 {
1608 	zfs_cmd_t zc = { 0 };
1609 	nvlist_t *zplprops = NULL;
1610 	struct mnttab mnt;
1611 	char *mntopt_on = NULL;
1612 	char *mntopt_off = NULL;
1613 	boolean_t received = zfs_is_recvd_props_mode(zhp);
1614 
1615 	*source = NULL;
1616 
1617 	switch (prop) {
1618 	case ZFS_PROP_ATIME:
1619 		mntopt_on = MNTOPT_ATIME;
1620 		mntopt_off = MNTOPT_NOATIME;
1621 		break;
1622 
1623 	case ZFS_PROP_DEVICES:
1624 		mntopt_on = MNTOPT_DEVICES;
1625 		mntopt_off = MNTOPT_NODEVICES;
1626 		break;
1627 
1628 	case ZFS_PROP_EXEC:
1629 		mntopt_on = MNTOPT_EXEC;
1630 		mntopt_off = MNTOPT_NOEXEC;
1631 		break;
1632 
1633 	case ZFS_PROP_READONLY:
1634 		mntopt_on = MNTOPT_RO;
1635 		mntopt_off = MNTOPT_RW;
1636 		break;
1637 
1638 	case ZFS_PROP_SETUID:
1639 		mntopt_on = MNTOPT_SETUID;
1640 		mntopt_off = MNTOPT_NOSETUID;
1641 		break;
1642 
1643 	case ZFS_PROP_XATTR:
1644 		mntopt_on = MNTOPT_XATTR;
1645 		mntopt_off = MNTOPT_NOXATTR;
1646 		break;
1647 
1648 	case ZFS_PROP_NBMAND:
1649 		mntopt_on = MNTOPT_NBMAND;
1650 		mntopt_off = MNTOPT_NONBMAND;
1651 		break;
1652 	}
1653 
1654 	/*
1655 	 * Because looking up the mount options is potentially expensive
1656 	 * (iterating over all of /etc/mnttab), we defer its calculation until
1657 	 * we're looking up a property which requires its presence.
1658 	 */
1659 	if (!zhp->zfs_mntcheck &&
1660 	    (mntopt_on != NULL || prop == ZFS_PROP_MOUNTED)) {
1661 		libzfs_handle_t *hdl = zhp->zfs_hdl;
1662 		struct mnttab entry;
1663 
1664 		if (libzfs_mnttab_find(hdl, zhp->zfs_name, &entry) == 0) {
1665 			zhp->zfs_mntopts = zfs_strdup(hdl,
1666 			    entry.mnt_mntopts);
1667 			if (zhp->zfs_mntopts == NULL)
1668 				return (-1);
1669 		}
1670 
1671 		zhp->zfs_mntcheck = B_TRUE;
1672 	}
1673 
1674 	if (zhp->zfs_mntopts == NULL)
1675 		mnt.mnt_mntopts = "";
1676 	else
1677 		mnt.mnt_mntopts = zhp->zfs_mntopts;
1678 
1679 	switch (prop) {
1680 	case ZFS_PROP_ATIME:
1681 	case ZFS_PROP_DEVICES:
1682 	case ZFS_PROP_EXEC:
1683 	case ZFS_PROP_READONLY:
1684 	case ZFS_PROP_SETUID:
1685 	case ZFS_PROP_XATTR:
1686 	case ZFS_PROP_NBMAND:
1687 		*val = getprop_uint64(zhp, prop, source);
1688 
1689 		if (received)
1690 			break;
1691 
1692 		if (hasmntopt(&mnt, mntopt_on) && !*val) {
1693 			*val = B_TRUE;
1694 			if (src)
1695 				*src = ZPROP_SRC_TEMPORARY;
1696 		} else if (hasmntopt(&mnt, mntopt_off) && *val) {
1697 			*val = B_FALSE;
1698 			if (src)
1699 				*src = ZPROP_SRC_TEMPORARY;
1700 		}
1701 		break;
1702 
1703 	case ZFS_PROP_CANMOUNT:
1704 	case ZFS_PROP_VOLSIZE:
1705 	case ZFS_PROP_QUOTA:
1706 	case ZFS_PROP_REFQUOTA:
1707 	case ZFS_PROP_RESERVATION:
1708 	case ZFS_PROP_REFRESERVATION:
1709 		*val = getprop_uint64(zhp, prop, source);
1710 
1711 		if (*source == NULL) {
1712 			/* not default, must be local */
1713 			*source = zhp->zfs_name;
1714 		}
1715 		break;
1716 
1717 	case ZFS_PROP_MOUNTED:
1718 		*val = (zhp->zfs_mntopts != NULL);
1719 		break;
1720 
1721 	case ZFS_PROP_NUMCLONES:
1722 		*val = zhp->zfs_dmustats.dds_num_clones;
1723 		break;
1724 
1725 	case ZFS_PROP_VERSION:
1726 	case ZFS_PROP_NORMALIZE:
1727 	case ZFS_PROP_UTF8ONLY:
1728 	case ZFS_PROP_CASE:
1729 		if (!zfs_prop_valid_for_type(prop, zhp->zfs_head_type) ||
1730 		    zcmd_alloc_dst_nvlist(zhp->zfs_hdl, &zc, 0) != 0)
1731 			return (-1);
1732 		(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1733 		if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_OBJSET_ZPLPROPS, &zc)) {
1734 			zcmd_free_nvlists(&zc);
1735 			return (-1);
1736 		}
1737 		if (zcmd_read_dst_nvlist(zhp->zfs_hdl, &zc, &zplprops) != 0 ||
1738 		    nvlist_lookup_uint64(zplprops, zfs_prop_to_name(prop),
1739 		    val) != 0) {
1740 			zcmd_free_nvlists(&zc);
1741 			return (-1);
1742 		}
1743 		if (zplprops)
1744 			nvlist_free(zplprops);
1745 		zcmd_free_nvlists(&zc);
1746 		break;
1747 
1748 	default:
1749 		switch (zfs_prop_get_type(prop)) {
1750 		case PROP_TYPE_NUMBER:
1751 		case PROP_TYPE_INDEX:
1752 			*val = getprop_uint64(zhp, prop, source);
1753 			/*
1754 			 * If we tried to use a default value for a
1755 			 * readonly property, it means that it was not
1756 			 * present.
1757 			 */
1758 			if (zfs_prop_readonly(prop) &&
1759 			    *source != NULL && (*source)[0] == '\0') {
1760 				*source = NULL;
1761 			}
1762 			break;
1763 
1764 		case PROP_TYPE_STRING:
1765 		default:
1766 			zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
1767 			    "cannot get non-numeric property"));
1768 			return (zfs_error(zhp->zfs_hdl, EZFS_BADPROP,
1769 			    dgettext(TEXT_DOMAIN, "internal error")));
1770 		}
1771 	}
1772 
1773 	return (0);
1774 }
1775 
1776 /*
1777  * Calculate the source type, given the raw source string.
1778  */
1779 static void
1780 get_source(zfs_handle_t *zhp, zprop_source_t *srctype, char *source,
1781     char *statbuf, size_t statlen)
1782 {
1783 	if (statbuf == NULL || *srctype == ZPROP_SRC_TEMPORARY)
1784 		return;
1785 
1786 	if (source == NULL) {
1787 		*srctype = ZPROP_SRC_NONE;
1788 	} else if (source[0] == '\0') {
1789 		*srctype = ZPROP_SRC_DEFAULT;
1790 	} else if (strstr(source, ZPROP_SOURCE_VAL_RECVD) != NULL) {
1791 		*srctype = ZPROP_SRC_RECEIVED;
1792 	} else {
1793 		if (strcmp(source, zhp->zfs_name) == 0) {
1794 			*srctype = ZPROP_SRC_LOCAL;
1795 		} else {
1796 			(void) strlcpy(statbuf, source, statlen);
1797 			*srctype = ZPROP_SRC_INHERITED;
1798 		}
1799 	}
1800 
1801 }
1802 
1803 int
1804 zfs_prop_get_recvd(zfs_handle_t *zhp, const char *propname, char *propbuf,
1805     size_t proplen, boolean_t literal)
1806 {
1807 	zfs_prop_t prop;
1808 	int err = 0;
1809 
1810 	if (zhp->zfs_recvd_props == NULL)
1811 		if (get_recvd_props_ioctl(zhp) != 0)
1812 			return (-1);
1813 
1814 	prop = zfs_name_to_prop(propname);
1815 
1816 	if (prop != ZPROP_INVAL) {
1817 		uint64_t cookie;
1818 		if (!nvlist_exists(zhp->zfs_recvd_props, propname))
1819 			return (-1);
1820 		zfs_set_recvd_props_mode(zhp, &cookie);
1821 		err = zfs_prop_get(zhp, prop, propbuf, proplen,
1822 		    NULL, NULL, 0, literal);
1823 		zfs_unset_recvd_props_mode(zhp, &cookie);
1824 	} else if (zfs_prop_userquota(propname)) {
1825 		return (-1);
1826 	} else {
1827 		nvlist_t *propval;
1828 		char *recvdval;
1829 		if (nvlist_lookup_nvlist(zhp->zfs_recvd_props,
1830 		    propname, &propval) != 0)
1831 			return (-1);
1832 		verify(nvlist_lookup_string(propval, ZPROP_VALUE,
1833 		    &recvdval) == 0);
1834 		(void) strlcpy(propbuf, recvdval, proplen);
1835 	}
1836 
1837 	return (err == 0 ? 0 : -1);
1838 }
1839 
1840 /*
1841  * Retrieve a property from the given object.  If 'literal' is specified, then
1842  * numbers are left as exact values.  Otherwise, numbers are converted to a
1843  * human-readable form.
1844  *
1845  * Returns 0 on success, or -1 on error.
1846  */
1847 int
1848 zfs_prop_get(zfs_handle_t *zhp, zfs_prop_t prop, char *propbuf, size_t proplen,
1849     zprop_source_t *src, char *statbuf, size_t statlen, boolean_t literal)
1850 {
1851 	char *source = NULL;
1852 	uint64_t val;
1853 	char *str;
1854 	const char *strval;
1855 	boolean_t received = zfs_is_recvd_props_mode(zhp);
1856 
1857 	/*
1858 	 * Check to see if this property applies to our object
1859 	 */
1860 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type))
1861 		return (-1);
1862 
1863 	if (received && zfs_prop_readonly(prop))
1864 		return (-1);
1865 
1866 	if (src)
1867 		*src = ZPROP_SRC_NONE;
1868 
1869 	switch (prop) {
1870 	case ZFS_PROP_CREATION:
1871 		/*
1872 		 * 'creation' is a time_t stored in the statistics.  We convert
1873 		 * this into a string unless 'literal' is specified.
1874 		 */
1875 		{
1876 			val = getprop_uint64(zhp, prop, &source);
1877 			time_t time = (time_t)val;
1878 			struct tm t;
1879 
1880 			if (literal ||
1881 			    localtime_r(&time, &t) == NULL ||
1882 			    strftime(propbuf, proplen, "%a %b %e %k:%M %Y",
1883 			    &t) == 0)
1884 				(void) snprintf(propbuf, proplen, "%llu", val);
1885 		}
1886 		break;
1887 
1888 	case ZFS_PROP_MOUNTPOINT:
1889 		/*
1890 		 * Getting the precise mountpoint can be tricky.
1891 		 *
1892 		 *  - for 'none' or 'legacy', return those values.
1893 		 *  - for inherited mountpoints, we want to take everything
1894 		 *    after our ancestor and append it to the inherited value.
1895 		 *
1896 		 * If the pool has an alternate root, we want to prepend that
1897 		 * root to any values we return.
1898 		 */
1899 
1900 		str = getprop_string(zhp, prop, &source);
1901 
1902 		if (str[0] == '/') {
1903 			char buf[MAXPATHLEN];
1904 			char *root = buf;
1905 			const char *relpath;
1906 
1907 			/*
1908 			 * If we inherit the mountpoint, even from a dataset
1909 			 * with a received value, the source will be the path of
1910 			 * the dataset we inherit from. If source is
1911 			 * ZPROP_SOURCE_VAL_RECVD, the received value is not
1912 			 * inherited.
1913 			 */
1914 			if (strcmp(source, ZPROP_SOURCE_VAL_RECVD) == 0) {
1915 				relpath = "";
1916 			} else {
1917 				relpath = zhp->zfs_name + strlen(source);
1918 				if (relpath[0] == '/')
1919 					relpath++;
1920 			}
1921 
1922 			if ((zpool_get_prop(zhp->zpool_hdl,
1923 			    ZPOOL_PROP_ALTROOT, buf, MAXPATHLEN, NULL)) ||
1924 			    (strcmp(root, "-") == 0))
1925 				root[0] = '\0';
1926 			/*
1927 			 * Special case an alternate root of '/'. This will
1928 			 * avoid having multiple leading slashes in the
1929 			 * mountpoint path.
1930 			 */
1931 			if (strcmp(root, "/") == 0)
1932 				root++;
1933 
1934 			/*
1935 			 * If the mountpoint is '/' then skip over this
1936 			 * if we are obtaining either an alternate root or
1937 			 * an inherited mountpoint.
1938 			 */
1939 			if (str[1] == '\0' && (root[0] != '\0' ||
1940 			    relpath[0] != '\0'))
1941 				str++;
1942 
1943 			if (relpath[0] == '\0')
1944 				(void) snprintf(propbuf, proplen, "%s%s",
1945 				    root, str);
1946 			else
1947 				(void) snprintf(propbuf, proplen, "%s%s%s%s",
1948 				    root, str, relpath[0] == '@' ? "" : "/",
1949 				    relpath);
1950 		} else {
1951 			/* 'legacy' or 'none' */
1952 			(void) strlcpy(propbuf, str, proplen);
1953 		}
1954 
1955 		break;
1956 
1957 	case ZFS_PROP_ORIGIN:
1958 		(void) strlcpy(propbuf, getprop_string(zhp, prop, &source),
1959 		    proplen);
1960 		/*
1961 		 * If there is no parent at all, return failure to indicate that
1962 		 * it doesn't apply to this dataset.
1963 		 */
1964 		if (propbuf[0] == '\0')
1965 			return (-1);
1966 		break;
1967 
1968 	case ZFS_PROP_QUOTA:
1969 	case ZFS_PROP_REFQUOTA:
1970 	case ZFS_PROP_RESERVATION:
1971 	case ZFS_PROP_REFRESERVATION:
1972 
1973 		if (get_numeric_property(zhp, prop, src, &source, &val) != 0)
1974 			return (-1);
1975 
1976 		/*
1977 		 * If quota or reservation is 0, we translate this into 'none'
1978 		 * (unless literal is set), and indicate that it's the default
1979 		 * value.  Otherwise, we print the number nicely and indicate
1980 		 * that its set locally.
1981 		 */
1982 		if (val == 0) {
1983 			if (literal)
1984 				(void) strlcpy(propbuf, "0", proplen);
1985 			else
1986 				(void) strlcpy(propbuf, "none", proplen);
1987 		} else {
1988 			if (literal)
1989 				(void) snprintf(propbuf, proplen, "%llu",
1990 				    (u_longlong_t)val);
1991 			else
1992 				zfs_nicenum(val, propbuf, proplen);
1993 		}
1994 		break;
1995 
1996 	case ZFS_PROP_COMPRESSRATIO:
1997 		if (get_numeric_property(zhp, prop, src, &source, &val) != 0)
1998 			return (-1);
1999 		(void) snprintf(propbuf, proplen, "%llu.%02llux",
2000 		    (u_longlong_t)(val / 100),
2001 		    (u_longlong_t)(val % 100));
2002 		break;
2003 
2004 	case ZFS_PROP_TYPE:
2005 		switch (zhp->zfs_type) {
2006 		case ZFS_TYPE_FILESYSTEM:
2007 			str = "filesystem";
2008 			break;
2009 		case ZFS_TYPE_VOLUME:
2010 			str = "volume";
2011 			break;
2012 		case ZFS_TYPE_SNAPSHOT:
2013 			str = "snapshot";
2014 			break;
2015 		default:
2016 			abort();
2017 		}
2018 		(void) snprintf(propbuf, proplen, "%s", str);
2019 		break;
2020 
2021 	case ZFS_PROP_MOUNTED:
2022 		/*
2023 		 * The 'mounted' property is a pseudo-property that described
2024 		 * whether the filesystem is currently mounted.  Even though
2025 		 * it's a boolean value, the typical values of "on" and "off"
2026 		 * don't make sense, so we translate to "yes" and "no".
2027 		 */
2028 		if (get_numeric_property(zhp, ZFS_PROP_MOUNTED,
2029 		    src, &source, &val) != 0)
2030 			return (-1);
2031 		if (val)
2032 			(void) strlcpy(propbuf, "yes", proplen);
2033 		else
2034 			(void) strlcpy(propbuf, "no", proplen);
2035 		break;
2036 
2037 	case ZFS_PROP_NAME:
2038 		/*
2039 		 * The 'name' property is a pseudo-property derived from the
2040 		 * dataset name.  It is presented as a real property to simplify
2041 		 * consumers.
2042 		 */
2043 		(void) strlcpy(propbuf, zhp->zfs_name, proplen);
2044 		break;
2045 
2046 	case ZFS_PROP_MLSLABEL:
2047 		{
2048 			m_label_t *new_sl = NULL;
2049 			char *ascii = NULL;	/* human readable label */
2050 
2051 			(void) strlcpy(propbuf,
2052 			    getprop_string(zhp, prop, &source), proplen);
2053 
2054 			if (literal || (strcasecmp(propbuf,
2055 			    ZFS_MLSLABEL_DEFAULT) == 0))
2056 				break;
2057 
2058 			/*
2059 			 * Try to translate the internal hex string to
2060 			 * human-readable output.  If there are any
2061 			 * problems just use the hex string.
2062 			 */
2063 
2064 			if (str_to_label(propbuf, &new_sl, MAC_LABEL,
2065 			    L_NO_CORRECTION, NULL) == -1) {
2066 				m_label_free(new_sl);
2067 				break;
2068 			}
2069 
2070 			if (label_to_str(new_sl, &ascii, M_LABEL,
2071 			    DEF_NAMES) != 0) {
2072 				if (ascii)
2073 					free(ascii);
2074 				m_label_free(new_sl);
2075 				break;
2076 			}
2077 			m_label_free(new_sl);
2078 
2079 			(void) strlcpy(propbuf, ascii, proplen);
2080 			free(ascii);
2081 		}
2082 		break;
2083 
2084 	default:
2085 		switch (zfs_prop_get_type(prop)) {
2086 		case PROP_TYPE_NUMBER:
2087 			if (get_numeric_property(zhp, prop, src,
2088 			    &source, &val) != 0)
2089 				return (-1);
2090 			if (literal)
2091 				(void) snprintf(propbuf, proplen, "%llu",
2092 				    (u_longlong_t)val);
2093 			else
2094 				zfs_nicenum(val, propbuf, proplen);
2095 			break;
2096 
2097 		case PROP_TYPE_STRING:
2098 			(void) strlcpy(propbuf,
2099 			    getprop_string(zhp, prop, &source), proplen);
2100 			break;
2101 
2102 		case PROP_TYPE_INDEX:
2103 			if (get_numeric_property(zhp, prop, src,
2104 			    &source, &val) != 0)
2105 				return (-1);
2106 			if (zfs_prop_index_to_string(prop, val, &strval) != 0)
2107 				return (-1);
2108 			(void) strlcpy(propbuf, strval, proplen);
2109 			break;
2110 
2111 		default:
2112 			abort();
2113 		}
2114 	}
2115 
2116 	get_source(zhp, src, source, statbuf, statlen);
2117 
2118 	return (0);
2119 }
2120 
2121 /*
2122  * Utility function to get the given numeric property.  Does no validation that
2123  * the given property is the appropriate type; should only be used with
2124  * hard-coded property types.
2125  */
2126 uint64_t
2127 zfs_prop_get_int(zfs_handle_t *zhp, zfs_prop_t prop)
2128 {
2129 	char *source;
2130 	uint64_t val;
2131 
2132 	(void) get_numeric_property(zhp, prop, NULL, &source, &val);
2133 
2134 	return (val);
2135 }
2136 
2137 int
2138 zfs_prop_set_int(zfs_handle_t *zhp, zfs_prop_t prop, uint64_t val)
2139 {
2140 	char buf[64];
2141 
2142 	(void) snprintf(buf, sizeof (buf), "%llu", (longlong_t)val);
2143 	return (zfs_prop_set(zhp, zfs_prop_to_name(prop), buf));
2144 }
2145 
2146 /*
2147  * Similar to zfs_prop_get(), but returns the value as an integer.
2148  */
2149 int
2150 zfs_prop_get_numeric(zfs_handle_t *zhp, zfs_prop_t prop, uint64_t *value,
2151     zprop_source_t *src, char *statbuf, size_t statlen)
2152 {
2153 	char *source;
2154 
2155 	/*
2156 	 * Check to see if this property applies to our object
2157 	 */
2158 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type)) {
2159 		return (zfs_error_fmt(zhp->zfs_hdl, EZFS_PROPTYPE,
2160 		    dgettext(TEXT_DOMAIN, "cannot get property '%s'"),
2161 		    zfs_prop_to_name(prop)));
2162 	}
2163 
2164 	if (src)
2165 		*src = ZPROP_SRC_NONE;
2166 
2167 	if (get_numeric_property(zhp, prop, src, &source, value) != 0)
2168 		return (-1);
2169 
2170 	get_source(zhp, src, source, statbuf, statlen);
2171 
2172 	return (0);
2173 }
2174 
2175 static int
2176 idmap_id_to_numeric_domain_rid(uid_t id, boolean_t isuser,
2177     char **domainp, idmap_rid_t *ridp)
2178 {
2179 	idmap_handle_t *idmap_hdl = NULL;
2180 	idmap_get_handle_t *get_hdl = NULL;
2181 	idmap_stat status;
2182 	int err = EINVAL;
2183 
2184 	if (idmap_init(&idmap_hdl) != IDMAP_SUCCESS)
2185 		goto out;
2186 	if (idmap_get_create(idmap_hdl, &get_hdl) != IDMAP_SUCCESS)
2187 		goto out;
2188 
2189 	if (isuser) {
2190 		err = idmap_get_sidbyuid(get_hdl, id,
2191 		    IDMAP_REQ_FLG_USE_CACHE, domainp, ridp, &status);
2192 	} else {
2193 		err = idmap_get_sidbygid(get_hdl, id,
2194 		    IDMAP_REQ_FLG_USE_CACHE, domainp, ridp, &status);
2195 	}
2196 	if (err == IDMAP_SUCCESS &&
2197 	    idmap_get_mappings(get_hdl) == IDMAP_SUCCESS &&
2198 	    status == IDMAP_SUCCESS)
2199 		err = 0;
2200 	else
2201 		err = EINVAL;
2202 out:
2203 	if (get_hdl)
2204 		idmap_get_destroy(get_hdl);
2205 	if (idmap_hdl)
2206 		(void) idmap_fini(idmap_hdl);
2207 	return (err);
2208 }
2209 
2210 /*
2211  * convert the propname into parameters needed by kernel
2212  * Eg: userquota@ahrens -> ZFS_PROP_USERQUOTA, "", 126829
2213  * Eg: userused@matt@domain -> ZFS_PROP_USERUSED, "S-1-123-456", 789
2214  */
2215 static int
2216 userquota_propname_decode(const char *propname, boolean_t zoned,
2217     zfs_userquota_prop_t *typep, char *domain, int domainlen, uint64_t *ridp)
2218 {
2219 	zfs_userquota_prop_t type;
2220 	char *cp, *end;
2221 	char *numericsid = NULL;
2222 	boolean_t isuser;
2223 
2224 	domain[0] = '\0';
2225 
2226 	/* Figure out the property type ({user|group}{quota|space}) */
2227 	for (type = 0; type < ZFS_NUM_USERQUOTA_PROPS; type++) {
2228 		if (strncmp(propname, zfs_userquota_prop_prefixes[type],
2229 		    strlen(zfs_userquota_prop_prefixes[type])) == 0)
2230 			break;
2231 	}
2232 	if (type == ZFS_NUM_USERQUOTA_PROPS)
2233 		return (EINVAL);
2234 	*typep = type;
2235 
2236 	isuser = (type == ZFS_PROP_USERQUOTA ||
2237 	    type == ZFS_PROP_USERUSED);
2238 
2239 	cp = strchr(propname, '@') + 1;
2240 
2241 	if (strchr(cp, '@')) {
2242 		/*
2243 		 * It's a SID name (eg "user@domain") that needs to be
2244 		 * turned into S-1-domainID-RID.
2245 		 */
2246 		directory_error_t e;
2247 		if (zoned && getzoneid() == GLOBAL_ZONEID)
2248 			return (ENOENT);
2249 		if (isuser) {
2250 			e = directory_sid_from_user_name(NULL,
2251 			    cp, &numericsid);
2252 		} else {
2253 			e = directory_sid_from_group_name(NULL,
2254 			    cp, &numericsid);
2255 		}
2256 		if (e != NULL) {
2257 			directory_error_free(e);
2258 			return (ENOENT);
2259 		}
2260 		if (numericsid == NULL)
2261 			return (ENOENT);
2262 		cp = numericsid;
2263 		/* will be further decoded below */
2264 	}
2265 
2266 	if (strncmp(cp, "S-1-", 4) == 0) {
2267 		/* It's a numeric SID (eg "S-1-234-567-89") */
2268 		(void) strlcpy(domain, cp, domainlen);
2269 		cp = strrchr(domain, '-');
2270 		*cp = '\0';
2271 		cp++;
2272 
2273 		errno = 0;
2274 		*ridp = strtoull(cp, &end, 10);
2275 		if (numericsid) {
2276 			free(numericsid);
2277 			numericsid = NULL;
2278 		}
2279 		if (errno != 0 || *end != '\0')
2280 			return (EINVAL);
2281 	} else if (!isdigit(*cp)) {
2282 		/*
2283 		 * It's a user/group name (eg "user") that needs to be
2284 		 * turned into a uid/gid
2285 		 */
2286 		if (zoned && getzoneid() == GLOBAL_ZONEID)
2287 			return (ENOENT);
2288 		if (isuser) {
2289 			struct passwd *pw;
2290 			pw = getpwnam(cp);
2291 			if (pw == NULL)
2292 				return (ENOENT);
2293 			*ridp = pw->pw_uid;
2294 		} else {
2295 			struct group *gr;
2296 			gr = getgrnam(cp);
2297 			if (gr == NULL)
2298 				return (ENOENT);
2299 			*ridp = gr->gr_gid;
2300 		}
2301 	} else {
2302 		/* It's a user/group ID (eg "12345"). */
2303 		uid_t id = strtoul(cp, &end, 10);
2304 		idmap_rid_t rid;
2305 		char *mapdomain;
2306 
2307 		if (*end != '\0')
2308 			return (EINVAL);
2309 		if (id > MAXUID) {
2310 			/* It's an ephemeral ID. */
2311 			if (idmap_id_to_numeric_domain_rid(id, isuser,
2312 			    &mapdomain, &rid) != 0)
2313 				return (ENOENT);
2314 			(void) strlcpy(domain, mapdomain, domainlen);
2315 			*ridp = rid;
2316 		} else {
2317 			*ridp = id;
2318 		}
2319 	}
2320 
2321 	ASSERT3P(numericsid, ==, NULL);
2322 	return (0);
2323 }
2324 
2325 static int
2326 zfs_prop_get_userquota_common(zfs_handle_t *zhp, const char *propname,
2327     uint64_t *propvalue, zfs_userquota_prop_t *typep)
2328 {
2329 	int err;
2330 	zfs_cmd_t zc = { 0 };
2331 
2332 	(void) strncpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
2333 
2334 	err = userquota_propname_decode(propname,
2335 	    zfs_prop_get_int(zhp, ZFS_PROP_ZONED),
2336 	    typep, zc.zc_value, sizeof (zc.zc_value), &zc.zc_guid);
2337 	zc.zc_objset_type = *typep;
2338 	if (err)
2339 		return (err);
2340 
2341 	err = ioctl(zhp->zfs_hdl->libzfs_fd, ZFS_IOC_USERSPACE_ONE, &zc);
2342 	if (err)
2343 		return (err);
2344 
2345 	*propvalue = zc.zc_cookie;
2346 	return (0);
2347 }
2348 
2349 int
2350 zfs_prop_get_userquota_int(zfs_handle_t *zhp, const char *propname,
2351     uint64_t *propvalue)
2352 {
2353 	zfs_userquota_prop_t type;
2354 
2355 	return (zfs_prop_get_userquota_common(zhp, propname, propvalue,
2356 	    &type));
2357 }
2358 
2359 int
2360 zfs_prop_get_userquota(zfs_handle_t *zhp, const char *propname,
2361     char *propbuf, int proplen, boolean_t literal)
2362 {
2363 	int err;
2364 	uint64_t propvalue;
2365 	zfs_userquota_prop_t type;
2366 
2367 	err = zfs_prop_get_userquota_common(zhp, propname, &propvalue,
2368 	    &type);
2369 
2370 	if (err)
2371 		return (err);
2372 
2373 	if (literal) {
2374 		(void) snprintf(propbuf, proplen, "%llu", propvalue);
2375 	} else if (propvalue == 0 &&
2376 	    (type == ZFS_PROP_USERQUOTA || type == ZFS_PROP_GROUPQUOTA)) {
2377 		(void) strlcpy(propbuf, "none", proplen);
2378 	} else {
2379 		zfs_nicenum(propvalue, propbuf, proplen);
2380 	}
2381 	return (0);
2382 }
2383 
2384 /*
2385  * Returns the name of the given zfs handle.
2386  */
2387 const char *
2388 zfs_get_name(const zfs_handle_t *zhp)
2389 {
2390 	return (zhp->zfs_name);
2391 }
2392 
2393 /*
2394  * Returns the type of the given zfs handle.
2395  */
2396 zfs_type_t
2397 zfs_get_type(const zfs_handle_t *zhp)
2398 {
2399 	return (zhp->zfs_type);
2400 }
2401 
2402 static int
2403 zfs_do_list_ioctl(zfs_handle_t *zhp, int arg, zfs_cmd_t *zc)
2404 {
2405 	int rc;
2406 	uint64_t	orig_cookie;
2407 
2408 	orig_cookie = zc->zc_cookie;
2409 top:
2410 	(void) strlcpy(zc->zc_name, zhp->zfs_name, sizeof (zc->zc_name));
2411 	rc = ioctl(zhp->zfs_hdl->libzfs_fd, arg, zc);
2412 
2413 	if (rc == -1) {
2414 		switch (errno) {
2415 		case ENOMEM:
2416 			/* expand nvlist memory and try again */
2417 			if (zcmd_expand_dst_nvlist(zhp->zfs_hdl, zc) != 0) {
2418 				zcmd_free_nvlists(zc);
2419 				return (-1);
2420 			}
2421 			zc->zc_cookie = orig_cookie;
2422 			goto top;
2423 		/*
2424 		 * An errno value of ESRCH indicates normal completion.
2425 		 * If ENOENT is returned, then the underlying dataset
2426 		 * has been removed since we obtained the handle.
2427 		 */
2428 		case ESRCH:
2429 		case ENOENT:
2430 			rc = 1;
2431 			break;
2432 		default:
2433 			rc = zfs_standard_error(zhp->zfs_hdl, errno,
2434 			    dgettext(TEXT_DOMAIN,
2435 			    "cannot iterate filesystems"));
2436 			break;
2437 		}
2438 	}
2439 	return (rc);
2440 }
2441 
2442 /*
2443  * Iterate over all child filesystems
2444  */
2445 int
2446 zfs_iter_filesystems(zfs_handle_t *zhp, zfs_iter_f func, void *data)
2447 {
2448 	zfs_cmd_t zc = { 0 };
2449 	zfs_handle_t *nzhp;
2450 	int ret;
2451 
2452 	if (zhp->zfs_type != ZFS_TYPE_FILESYSTEM)
2453 		return (0);
2454 
2455 	if (zcmd_alloc_dst_nvlist(zhp->zfs_hdl, &zc, 0) != 0)
2456 		return (-1);
2457 
2458 	while ((ret = zfs_do_list_ioctl(zhp, ZFS_IOC_DATASET_LIST_NEXT,
2459 	    &zc)) == 0) {
2460 		/*
2461 		 * Silently ignore errors, as the only plausible explanation is
2462 		 * that the pool has since been removed.
2463 		 */
2464 		if ((nzhp = make_dataset_handle_zc(zhp->zfs_hdl,
2465 		    &zc)) == NULL) {
2466 			continue;
2467 		}
2468 
2469 		if ((ret = func(nzhp, data)) != 0) {
2470 			zcmd_free_nvlists(&zc);
2471 			return (ret);
2472 		}
2473 	}
2474 	zcmd_free_nvlists(&zc);
2475 	return ((ret < 0) ? ret : 0);
2476 }
2477 
2478 /*
2479  * Iterate over all snapshots
2480  */
2481 int
2482 zfs_iter_snapshots(zfs_handle_t *zhp, zfs_iter_f func, void *data)
2483 {
2484 	zfs_cmd_t zc = { 0 };
2485 	zfs_handle_t *nzhp;
2486 	int ret;
2487 
2488 	if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT)
2489 		return (0);
2490 
2491 	if (zcmd_alloc_dst_nvlist(zhp->zfs_hdl, &zc, 0) != 0)
2492 		return (-1);
2493 	while ((ret = zfs_do_list_ioctl(zhp, ZFS_IOC_SNAPSHOT_LIST_NEXT,
2494 	    &zc)) == 0) {
2495 
2496 		if ((nzhp = make_dataset_handle_zc(zhp->zfs_hdl,
2497 		    &zc)) == NULL) {
2498 			continue;
2499 		}
2500 
2501 		if ((ret = func(nzhp, data)) != 0) {
2502 			zcmd_free_nvlists(&zc);
2503 			return (ret);
2504 		}
2505 	}
2506 	zcmd_free_nvlists(&zc);
2507 	return ((ret < 0) ? ret : 0);
2508 }
2509 
2510 /*
2511  * Iterate over all children, snapshots and filesystems
2512  */
2513 int
2514 zfs_iter_children(zfs_handle_t *zhp, zfs_iter_f func, void *data)
2515 {
2516 	int ret;
2517 
2518 	if ((ret = zfs_iter_filesystems(zhp, func, data)) != 0)
2519 		return (ret);
2520 
2521 	return (zfs_iter_snapshots(zhp, func, data));
2522 }
2523 
2524 /*
2525  * Is one dataset name a child dataset of another?
2526  *
2527  * Needs to handle these cases:
2528  * Dataset 1	"a/foo"		"a/foo"		"a/foo"		"a/foo"
2529  * Dataset 2	"a/fo"		"a/foobar"	"a/bar/baz"	"a/foo/bar"
2530  * Descendant?	No.		No.		No.		Yes.
2531  */
2532 static boolean_t
2533 is_descendant(const char *ds1, const char *ds2)
2534 {
2535 	size_t d1len = strlen(ds1);
2536 
2537 	/* ds2 can't be a descendant if it's smaller */
2538 	if (strlen(ds2) < d1len)
2539 		return (B_FALSE);
2540 
2541 	/* otherwise, compare strings and verify that there's a '/' char */
2542 	return (ds2[d1len] == '/' && (strncmp(ds1, ds2, d1len) == 0));
2543 }
2544 
2545 /*
2546  * Given a complete name, return just the portion that refers to the parent.
2547  * Can return NULL if this is a pool.
2548  */
2549 static int
2550 parent_name(const char *path, char *buf, size_t buflen)
2551 {
2552 	char *loc;
2553 
2554 	if ((loc = strrchr(path, '/')) == NULL)
2555 		return (-1);
2556 
2557 	(void) strncpy(buf, path, MIN(buflen, loc - path));
2558 	buf[loc - path] = '\0';
2559 
2560 	return (0);
2561 }
2562 
2563 /*
2564  * If accept_ancestor is false, then check to make sure that the given path has
2565  * a parent, and that it exists.  If accept_ancestor is true, then find the
2566  * closest existing ancestor for the given path.  In prefixlen return the
2567  * length of already existing prefix of the given path.  We also fetch the
2568  * 'zoned' property, which is used to validate property settings when creating
2569  * new datasets.
2570  */
2571 static int
2572 check_parents(libzfs_handle_t *hdl, const char *path, uint64_t *zoned,
2573     boolean_t accept_ancestor, int *prefixlen)
2574 {
2575 	zfs_cmd_t zc = { 0 };
2576 	char parent[ZFS_MAXNAMELEN];
2577 	char *slash;
2578 	zfs_handle_t *zhp;
2579 	char errbuf[1024];
2580 	uint64_t is_zoned;
2581 
2582 	(void) snprintf(errbuf, sizeof (errbuf),
2583 	    dgettext(TEXT_DOMAIN, "cannot create '%s'"), path);
2584 
2585 	/* get parent, and check to see if this is just a pool */
2586 	if (parent_name(path, parent, sizeof (parent)) != 0) {
2587 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2588 		    "missing dataset name"));
2589 		return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
2590 	}
2591 
2592 	/* check to see if the pool exists */
2593 	if ((slash = strchr(parent, '/')) == NULL)
2594 		slash = parent + strlen(parent);
2595 	(void) strncpy(zc.zc_name, parent, slash - parent);
2596 	zc.zc_name[slash - parent] = '\0';
2597 	if (ioctl(hdl->libzfs_fd, ZFS_IOC_OBJSET_STATS, &zc) != 0 &&
2598 	    errno == ENOENT) {
2599 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2600 		    "no such pool '%s'"), zc.zc_name);
2601 		return (zfs_error(hdl, EZFS_NOENT, errbuf));
2602 	}
2603 
2604 	/* check to see if the parent dataset exists */
2605 	while ((zhp = make_dataset_handle(hdl, parent)) == NULL) {
2606 		if (errno == ENOENT && accept_ancestor) {
2607 			/*
2608 			 * Go deeper to find an ancestor, give up on top level.
2609 			 */
2610 			if (parent_name(parent, parent, sizeof (parent)) != 0) {
2611 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2612 				    "no such pool '%s'"), zc.zc_name);
2613 				return (zfs_error(hdl, EZFS_NOENT, errbuf));
2614 			}
2615 		} else if (errno == ENOENT) {
2616 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2617 			    "parent does not exist"));
2618 			return (zfs_error(hdl, EZFS_NOENT, errbuf));
2619 		} else
2620 			return (zfs_standard_error(hdl, errno, errbuf));
2621 	}
2622 
2623 	is_zoned = zfs_prop_get_int(zhp, ZFS_PROP_ZONED);
2624 	if (zoned != NULL)
2625 		*zoned = is_zoned;
2626 
2627 	/* we are in a non-global zone, but parent is in the global zone */
2628 	if (getzoneid() != GLOBAL_ZONEID && !is_zoned) {
2629 		(void) zfs_standard_error(hdl, EPERM, errbuf);
2630 		zfs_close(zhp);
2631 		return (-1);
2632 	}
2633 
2634 	/* make sure parent is a filesystem */
2635 	if (zfs_get_type(zhp) != ZFS_TYPE_FILESYSTEM) {
2636 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2637 		    "parent is not a filesystem"));
2638 		(void) zfs_error(hdl, EZFS_BADTYPE, errbuf);
2639 		zfs_close(zhp);
2640 		return (-1);
2641 	}
2642 
2643 	zfs_close(zhp);
2644 	if (prefixlen != NULL)
2645 		*prefixlen = strlen(parent);
2646 	return (0);
2647 }
2648 
2649 /*
2650  * Finds whether the dataset of the given type(s) exists.
2651  */
2652 boolean_t
2653 zfs_dataset_exists(libzfs_handle_t *hdl, const char *path, zfs_type_t types)
2654 {
2655 	zfs_handle_t *zhp;
2656 
2657 	if (!zfs_validate_name(hdl, path, types, B_FALSE))
2658 		return (B_FALSE);
2659 
2660 	/*
2661 	 * Try to get stats for the dataset, which will tell us if it exists.
2662 	 */
2663 	if ((zhp = make_dataset_handle(hdl, path)) != NULL) {
2664 		int ds_type = zhp->zfs_type;
2665 
2666 		zfs_close(zhp);
2667 		if (types & ds_type)
2668 			return (B_TRUE);
2669 	}
2670 	return (B_FALSE);
2671 }
2672 
2673 /*
2674  * Given a path to 'target', create all the ancestors between
2675  * the prefixlen portion of the path, and the target itself.
2676  * Fail if the initial prefixlen-ancestor does not already exist.
2677  */
2678 int
2679 create_parents(libzfs_handle_t *hdl, char *target, int prefixlen)
2680 {
2681 	zfs_handle_t *h;
2682 	char *cp;
2683 	const char *opname;
2684 
2685 	/* make sure prefix exists */
2686 	cp = target + prefixlen;
2687 	if (*cp != '/') {
2688 		assert(strchr(cp, '/') == NULL);
2689 		h = zfs_open(hdl, target, ZFS_TYPE_FILESYSTEM);
2690 	} else {
2691 		*cp = '\0';
2692 		h = zfs_open(hdl, target, ZFS_TYPE_FILESYSTEM);
2693 		*cp = '/';
2694 	}
2695 	if (h == NULL)
2696 		return (-1);
2697 	zfs_close(h);
2698 
2699 	/*
2700 	 * Attempt to create, mount, and share any ancestor filesystems,
2701 	 * up to the prefixlen-long one.
2702 	 */
2703 	for (cp = target + prefixlen + 1;
2704 	    cp = strchr(cp, '/'); *cp = '/', cp++) {
2705 		char *logstr;
2706 
2707 		*cp = '\0';
2708 
2709 		h = make_dataset_handle(hdl, target);
2710 		if (h) {
2711 			/* it already exists, nothing to do here */
2712 			zfs_close(h);
2713 			continue;
2714 		}
2715 
2716 		logstr = hdl->libzfs_log_str;
2717 		hdl->libzfs_log_str = NULL;
2718 		if (zfs_create(hdl, target, ZFS_TYPE_FILESYSTEM,
2719 		    NULL) != 0) {
2720 			hdl->libzfs_log_str = logstr;
2721 			opname = dgettext(TEXT_DOMAIN, "create");
2722 			goto ancestorerr;
2723 		}
2724 
2725 		hdl->libzfs_log_str = logstr;
2726 		h = zfs_open(hdl, target, ZFS_TYPE_FILESYSTEM);
2727 		if (h == NULL) {
2728 			opname = dgettext(TEXT_DOMAIN, "open");
2729 			goto ancestorerr;
2730 		}
2731 
2732 		if (zfs_mount(h, NULL, 0) != 0) {
2733 			opname = dgettext(TEXT_DOMAIN, "mount");
2734 			goto ancestorerr;
2735 		}
2736 
2737 		if (zfs_share(h) != 0) {
2738 			opname = dgettext(TEXT_DOMAIN, "share");
2739 			goto ancestorerr;
2740 		}
2741 
2742 		zfs_close(h);
2743 	}
2744 
2745 	return (0);
2746 
2747 ancestorerr:
2748 	zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2749 	    "failed to %s ancestor '%s'"), opname, target);
2750 	return (-1);
2751 }
2752 
2753 /*
2754  * Creates non-existing ancestors of the given path.
2755  */
2756 int
2757 zfs_create_ancestors(libzfs_handle_t *hdl, const char *path)
2758 {
2759 	int prefix;
2760 	char *path_copy;
2761 	int rc;
2762 
2763 	if (check_parents(hdl, path, NULL, B_TRUE, &prefix) != 0)
2764 		return (-1);
2765 
2766 	if ((path_copy = strdup(path)) != NULL) {
2767 		rc = create_parents(hdl, path_copy, prefix);
2768 		free(path_copy);
2769 	}
2770 	if (path_copy == NULL || rc != 0)
2771 		return (-1);
2772 
2773 	return (0);
2774 }
2775 
2776 /*
2777  * Create a new filesystem or volume.
2778  */
2779 int
2780 zfs_create(libzfs_handle_t *hdl, const char *path, zfs_type_t type,
2781     nvlist_t *props)
2782 {
2783 	zfs_cmd_t zc = { 0 };
2784 	int ret;
2785 	uint64_t size = 0;
2786 	uint64_t blocksize = zfs_prop_default_numeric(ZFS_PROP_VOLBLOCKSIZE);
2787 	char errbuf[1024];
2788 	uint64_t zoned;
2789 
2790 	(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
2791 	    "cannot create '%s'"), path);
2792 
2793 	/* validate the path, taking care to note the extended error message */
2794 	if (!zfs_validate_name(hdl, path, type, B_TRUE))
2795 		return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
2796 
2797 	/* validate parents exist */
2798 	if (check_parents(hdl, path, &zoned, B_FALSE, NULL) != 0)
2799 		return (-1);
2800 
2801 	/*
2802 	 * The failure modes when creating a dataset of a different type over
2803 	 * one that already exists is a little strange.  In particular, if you
2804 	 * try to create a dataset on top of an existing dataset, the ioctl()
2805 	 * will return ENOENT, not EEXIST.  To prevent this from happening, we
2806 	 * first try to see if the dataset exists.
2807 	 */
2808 	(void) strlcpy(zc.zc_name, path, sizeof (zc.zc_name));
2809 	if (zfs_dataset_exists(hdl, zc.zc_name, ZFS_TYPE_DATASET)) {
2810 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2811 		    "dataset already exists"));
2812 		return (zfs_error(hdl, EZFS_EXISTS, errbuf));
2813 	}
2814 
2815 	if (type == ZFS_TYPE_VOLUME)
2816 		zc.zc_objset_type = DMU_OST_ZVOL;
2817 	else
2818 		zc.zc_objset_type = DMU_OST_ZFS;
2819 
2820 	if (props && (props = zfs_valid_proplist(hdl, type, props,
2821 	    zoned, NULL, errbuf)) == 0)
2822 		return (-1);
2823 
2824 	if (type == ZFS_TYPE_VOLUME) {
2825 		/*
2826 		 * If we are creating a volume, the size and block size must
2827 		 * satisfy a few restraints.  First, the blocksize must be a
2828 		 * valid block size between SPA_{MIN,MAX}BLOCKSIZE.  Second, the
2829 		 * volsize must be a multiple of the block size, and cannot be
2830 		 * zero.
2831 		 */
2832 		if (props == NULL || nvlist_lookup_uint64(props,
2833 		    zfs_prop_to_name(ZFS_PROP_VOLSIZE), &size) != 0) {
2834 			nvlist_free(props);
2835 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2836 			    "missing volume size"));
2837 			return (zfs_error(hdl, EZFS_BADPROP, errbuf));
2838 		}
2839 
2840 		if ((ret = nvlist_lookup_uint64(props,
2841 		    zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
2842 		    &blocksize)) != 0) {
2843 			if (ret == ENOENT) {
2844 				blocksize = zfs_prop_default_numeric(
2845 				    ZFS_PROP_VOLBLOCKSIZE);
2846 			} else {
2847 				nvlist_free(props);
2848 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2849 				    "missing volume block size"));
2850 				return (zfs_error(hdl, EZFS_BADPROP, errbuf));
2851 			}
2852 		}
2853 
2854 		if (size == 0) {
2855 			nvlist_free(props);
2856 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2857 			    "volume size cannot be zero"));
2858 			return (zfs_error(hdl, EZFS_BADPROP, errbuf));
2859 		}
2860 
2861 		if (size % blocksize != 0) {
2862 			nvlist_free(props);
2863 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2864 			    "volume size must be a multiple of volume block "
2865 			    "size"));
2866 			return (zfs_error(hdl, EZFS_BADPROP, errbuf));
2867 		}
2868 	}
2869 
2870 	if (props && zcmd_write_src_nvlist(hdl, &zc, props) != 0)
2871 		return (-1);
2872 	nvlist_free(props);
2873 
2874 	/* create the dataset */
2875 	ret = zfs_ioctl(hdl, ZFS_IOC_CREATE, &zc);
2876 
2877 	zcmd_free_nvlists(&zc);
2878 
2879 	/* check for failure */
2880 	if (ret != 0) {
2881 		char parent[ZFS_MAXNAMELEN];
2882 		(void) parent_name(path, parent, sizeof (parent));
2883 
2884 		switch (errno) {
2885 		case ENOENT:
2886 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2887 			    "no such parent '%s'"), parent);
2888 			return (zfs_error(hdl, EZFS_NOENT, errbuf));
2889 
2890 		case EINVAL:
2891 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2892 			    "parent '%s' is not a filesystem"), parent);
2893 			return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
2894 
2895 		case EDOM:
2896 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2897 			    "volume block size must be power of 2 from "
2898 			    "%u to %uk"),
2899 			    (uint_t)SPA_MINBLOCKSIZE,
2900 			    (uint_t)SPA_MAXBLOCKSIZE >> 10);
2901 
2902 			return (zfs_error(hdl, EZFS_BADPROP, errbuf));
2903 
2904 		case ENOTSUP:
2905 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
2906 			    "pool must be upgraded to set this "
2907 			    "property or value"));
2908 			return (zfs_error(hdl, EZFS_BADVERSION, errbuf));
2909 #ifdef _ILP32
2910 		case EOVERFLOW:
2911 			/*
2912 			 * This platform can't address a volume this big.
2913 			 */
2914 			if (type == ZFS_TYPE_VOLUME)
2915 				return (zfs_error(hdl, EZFS_VOLTOOBIG,
2916 				    errbuf));
2917 #endif
2918 			/* FALLTHROUGH */
2919 		default:
2920 			return (zfs_standard_error(hdl, errno, errbuf));
2921 		}
2922 	}
2923 
2924 	return (0);
2925 }
2926 
2927 /*
2928  * Destroys the given dataset.  The caller must make sure that the filesystem
2929  * isn't mounted, and that there are no active dependents.
2930  */
2931 int
2932 zfs_destroy(zfs_handle_t *zhp, boolean_t defer)
2933 {
2934 	zfs_cmd_t zc = { 0 };
2935 
2936 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
2937 
2938 	if (ZFS_IS_VOLUME(zhp)) {
2939 		/*
2940 		 * If user doesn't have permissions to unshare volume, then
2941 		 * abort the request.  This would only happen for a
2942 		 * non-privileged user.
2943 		 */
2944 		if (zfs_unshare_iscsi(zhp) != 0) {
2945 			return (-1);
2946 		}
2947 
2948 		zc.zc_objset_type = DMU_OST_ZVOL;
2949 	} else {
2950 		zc.zc_objset_type = DMU_OST_ZFS;
2951 	}
2952 
2953 	zc.zc_defer_destroy = defer;
2954 	if (zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_DESTROY, &zc) != 0) {
2955 		return (zfs_standard_error_fmt(zhp->zfs_hdl, errno,
2956 		    dgettext(TEXT_DOMAIN, "cannot destroy '%s'"),
2957 		    zhp->zfs_name));
2958 	}
2959 
2960 	remove_mountpoint(zhp);
2961 
2962 	return (0);
2963 }
2964 
2965 struct destroydata {
2966 	char *snapname;
2967 	boolean_t gotone;
2968 	boolean_t closezhp;
2969 };
2970 
2971 static int
2972 zfs_check_snap_cb(zfs_handle_t *zhp, void *arg)
2973 {
2974 	struct destroydata *dd = arg;
2975 	zfs_handle_t *szhp;
2976 	char name[ZFS_MAXNAMELEN];
2977 	boolean_t closezhp = dd->closezhp;
2978 	int rv = 0;
2979 
2980 	(void) strlcpy(name, zhp->zfs_name, sizeof (name));
2981 	(void) strlcat(name, "@", sizeof (name));
2982 	(void) strlcat(name, dd->snapname, sizeof (name));
2983 
2984 	szhp = make_dataset_handle(zhp->zfs_hdl, name);
2985 	if (szhp) {
2986 		dd->gotone = B_TRUE;
2987 		zfs_close(szhp);
2988 	}
2989 
2990 	dd->closezhp = B_TRUE;
2991 	if (!dd->gotone)
2992 		rv = zfs_iter_filesystems(zhp, zfs_check_snap_cb, arg);
2993 	if (closezhp)
2994 		zfs_close(zhp);
2995 	return (rv);
2996 }
2997 
2998 /*
2999  * Destroys all snapshots with the given name in zhp & descendants.
3000  */
3001 int
3002 zfs_destroy_snaps(zfs_handle_t *zhp, char *snapname, boolean_t defer)
3003 {
3004 	zfs_cmd_t zc = { 0 };
3005 	int ret;
3006 	struct destroydata dd = { 0 };
3007 
3008 	dd.snapname = snapname;
3009 	(void) zfs_check_snap_cb(zhp, &dd);
3010 
3011 	if (!dd.gotone) {
3012 		return (zfs_standard_error_fmt(zhp->zfs_hdl, ENOENT,
3013 		    dgettext(TEXT_DOMAIN, "cannot destroy '%s@%s'"),
3014 		    zhp->zfs_name, snapname));
3015 	}
3016 
3017 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3018 	(void) strlcpy(zc.zc_value, snapname, sizeof (zc.zc_value));
3019 	zc.zc_defer_destroy = defer;
3020 
3021 	ret = zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_DESTROY_SNAPS, &zc);
3022 	if (ret != 0) {
3023 		char errbuf[1024];
3024 
3025 		(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3026 		    "cannot destroy '%s@%s'"), zc.zc_name, snapname);
3027 
3028 		switch (errno) {
3029 		case EEXIST:
3030 			zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
3031 			    "snapshot is cloned"));
3032 			return (zfs_error(zhp->zfs_hdl, EZFS_EXISTS, errbuf));
3033 
3034 		default:
3035 			return (zfs_standard_error(zhp->zfs_hdl, errno,
3036 			    errbuf));
3037 		}
3038 	}
3039 
3040 	return (0);
3041 }
3042 
3043 /*
3044  * Clones the given dataset.  The target must be of the same type as the source.
3045  */
3046 int
3047 zfs_clone(zfs_handle_t *zhp, const char *target, nvlist_t *props)
3048 {
3049 	zfs_cmd_t zc = { 0 };
3050 	char parent[ZFS_MAXNAMELEN];
3051 	int ret;
3052 	char errbuf[1024];
3053 	libzfs_handle_t *hdl = zhp->zfs_hdl;
3054 	zfs_type_t type;
3055 	uint64_t zoned;
3056 
3057 	assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
3058 
3059 	(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3060 	    "cannot create '%s'"), target);
3061 
3062 	/* validate the target name */
3063 	if (!zfs_validate_name(hdl, target, ZFS_TYPE_FILESYSTEM, B_TRUE))
3064 		return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
3065 
3066 	/* validate parents exist */
3067 	if (check_parents(hdl, target, &zoned, B_FALSE, NULL) != 0)
3068 		return (-1);
3069 
3070 	(void) parent_name(target, parent, sizeof (parent));
3071 
3072 	/* do the clone */
3073 	if (ZFS_IS_VOLUME(zhp)) {
3074 		zc.zc_objset_type = DMU_OST_ZVOL;
3075 		type = ZFS_TYPE_VOLUME;
3076 	} else {
3077 		zc.zc_objset_type = DMU_OST_ZFS;
3078 		type = ZFS_TYPE_FILESYSTEM;
3079 	}
3080 
3081 	if (props) {
3082 		if ((props = zfs_valid_proplist(hdl, type, props, zoned,
3083 		    zhp, errbuf)) == NULL)
3084 			return (-1);
3085 
3086 		if (zcmd_write_src_nvlist(hdl, &zc, props) != 0) {
3087 			nvlist_free(props);
3088 			return (-1);
3089 		}
3090 
3091 		nvlist_free(props);
3092 	}
3093 
3094 	(void) strlcpy(zc.zc_name, target, sizeof (zc.zc_name));
3095 	(void) strlcpy(zc.zc_value, zhp->zfs_name, sizeof (zc.zc_value));
3096 	ret = zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_CREATE, &zc);
3097 
3098 	zcmd_free_nvlists(&zc);
3099 
3100 	if (ret != 0) {
3101 		switch (errno) {
3102 
3103 		case ENOENT:
3104 			/*
3105 			 * The parent doesn't exist.  We should have caught this
3106 			 * above, but there may a race condition that has since
3107 			 * destroyed the parent.
3108 			 *
3109 			 * At this point, we don't know whether it's the source
3110 			 * that doesn't exist anymore, or whether the target
3111 			 * dataset doesn't exist.
3112 			 */
3113 			zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
3114 			    "no such parent '%s'"), parent);
3115 			return (zfs_error(zhp->zfs_hdl, EZFS_NOENT, errbuf));
3116 
3117 		case EXDEV:
3118 			zfs_error_aux(zhp->zfs_hdl, dgettext(TEXT_DOMAIN,
3119 			    "source and target pools differ"));
3120 			return (zfs_error(zhp->zfs_hdl, EZFS_CROSSTARGET,
3121 			    errbuf));
3122 
3123 		default:
3124 			return (zfs_standard_error(zhp->zfs_hdl, errno,
3125 			    errbuf));
3126 		}
3127 	}
3128 
3129 	return (ret);
3130 }
3131 
3132 /*
3133  * Promotes the given clone fs to be the clone parent.
3134  */
3135 int
3136 zfs_promote(zfs_handle_t *zhp)
3137 {
3138 	libzfs_handle_t *hdl = zhp->zfs_hdl;
3139 	zfs_cmd_t zc = { 0 };
3140 	char parent[MAXPATHLEN];
3141 	int ret;
3142 	char errbuf[1024];
3143 
3144 	(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3145 	    "cannot promote '%s'"), zhp->zfs_name);
3146 
3147 	if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) {
3148 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3149 		    "snapshots can not be promoted"));
3150 		return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
3151 	}
3152 
3153 	(void) strlcpy(parent, zhp->zfs_dmustats.dds_origin, sizeof (parent));
3154 	if (parent[0] == '\0') {
3155 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3156 		    "not a cloned filesystem"));
3157 		return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
3158 	}
3159 
3160 	(void) strlcpy(zc.zc_value, zhp->zfs_dmustats.dds_origin,
3161 	    sizeof (zc.zc_value));
3162 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3163 	ret = zfs_ioctl(hdl, ZFS_IOC_PROMOTE, &zc);
3164 
3165 	if (ret != 0) {
3166 		int save_errno = errno;
3167 
3168 		switch (save_errno) {
3169 		case EEXIST:
3170 			/* There is a conflicting snapshot name. */
3171 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3172 			    "conflicting snapshot '%s' from parent '%s'"),
3173 			    zc.zc_string, parent);
3174 			return (zfs_error(hdl, EZFS_EXISTS, errbuf));
3175 
3176 		default:
3177 			return (zfs_standard_error(hdl, save_errno, errbuf));
3178 		}
3179 	}
3180 	return (ret);
3181 }
3182 
3183 /*
3184  * Takes a snapshot of the given dataset.
3185  */
3186 int
3187 zfs_snapshot(libzfs_handle_t *hdl, const char *path, boolean_t recursive,
3188     nvlist_t *props)
3189 {
3190 	const char *delim;
3191 	char parent[ZFS_MAXNAMELEN];
3192 	zfs_handle_t *zhp;
3193 	zfs_cmd_t zc = { 0 };
3194 	int ret;
3195 	char errbuf[1024];
3196 
3197 	(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3198 	    "cannot snapshot '%s'"), path);
3199 
3200 	/* validate the target name */
3201 	if (!zfs_validate_name(hdl, path, ZFS_TYPE_SNAPSHOT, B_TRUE))
3202 		return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
3203 
3204 	if (props) {
3205 		if ((props = zfs_valid_proplist(hdl, ZFS_TYPE_SNAPSHOT,
3206 		    props, B_FALSE, NULL, errbuf)) == NULL)
3207 			return (-1);
3208 
3209 		if (zcmd_write_src_nvlist(hdl, &zc, props) != 0) {
3210 			nvlist_free(props);
3211 			return (-1);
3212 		}
3213 
3214 		nvlist_free(props);
3215 	}
3216 
3217 	/* make sure the parent exists and is of the appropriate type */
3218 	delim = strchr(path, '@');
3219 	(void) strncpy(parent, path, delim - path);
3220 	parent[delim - path] = '\0';
3221 
3222 	if ((zhp = zfs_open(hdl, parent, ZFS_TYPE_FILESYSTEM |
3223 	    ZFS_TYPE_VOLUME)) == NULL) {
3224 		zcmd_free_nvlists(&zc);
3225 		return (-1);
3226 	}
3227 
3228 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3229 	(void) strlcpy(zc.zc_value, delim+1, sizeof (zc.zc_value));
3230 	if (ZFS_IS_VOLUME(zhp))
3231 		zc.zc_objset_type = DMU_OST_ZVOL;
3232 	else
3233 		zc.zc_objset_type = DMU_OST_ZFS;
3234 	zc.zc_cookie = recursive;
3235 	ret = zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_SNAPSHOT, &zc);
3236 
3237 	zcmd_free_nvlists(&zc);
3238 
3239 	/*
3240 	 * if it was recursive, the one that actually failed will be in
3241 	 * zc.zc_name.
3242 	 */
3243 	if (ret != 0) {
3244 		(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3245 		    "cannot create snapshot '%s@%s'"), zc.zc_name, zc.zc_value);
3246 		(void) zfs_standard_error(hdl, errno, errbuf);
3247 	}
3248 
3249 	zfs_close(zhp);
3250 
3251 	return (ret);
3252 }
3253 
3254 /*
3255  * Destroy any more recent snapshots.  We invoke this callback on any dependents
3256  * of the snapshot first.  If the 'cb_dependent' member is non-zero, then this
3257  * is a dependent and we should just destroy it without checking the transaction
3258  * group.
3259  */
3260 typedef struct rollback_data {
3261 	const char	*cb_target;		/* the snapshot */
3262 	uint64_t	cb_create;		/* creation time reference */
3263 	boolean_t	cb_error;
3264 	boolean_t	cb_dependent;
3265 	boolean_t	cb_force;
3266 } rollback_data_t;
3267 
3268 static int
3269 rollback_destroy(zfs_handle_t *zhp, void *data)
3270 {
3271 	rollback_data_t *cbp = data;
3272 
3273 	if (!cbp->cb_dependent) {
3274 		if (strcmp(zhp->zfs_name, cbp->cb_target) != 0 &&
3275 		    zfs_get_type(zhp) == ZFS_TYPE_SNAPSHOT &&
3276 		    zfs_prop_get_int(zhp, ZFS_PROP_CREATETXG) >
3277 		    cbp->cb_create) {
3278 			char *logstr;
3279 
3280 			cbp->cb_dependent = B_TRUE;
3281 			cbp->cb_error |= zfs_iter_dependents(zhp, B_FALSE,
3282 			    rollback_destroy, cbp);
3283 			cbp->cb_dependent = B_FALSE;
3284 
3285 			logstr = zhp->zfs_hdl->libzfs_log_str;
3286 			zhp->zfs_hdl->libzfs_log_str = NULL;
3287 			cbp->cb_error |= zfs_destroy(zhp, B_FALSE);
3288 			zhp->zfs_hdl->libzfs_log_str = logstr;
3289 		}
3290 	} else {
3291 		/* We must destroy this clone; first unmount it */
3292 		prop_changelist_t *clp;
3293 
3294 		clp = changelist_gather(zhp, ZFS_PROP_NAME, 0,
3295 		    cbp->cb_force ? MS_FORCE: 0);
3296 		if (clp == NULL || changelist_prefix(clp) != 0) {
3297 			cbp->cb_error = B_TRUE;
3298 			zfs_close(zhp);
3299 			return (0);
3300 		}
3301 		if (zfs_destroy(zhp, B_FALSE) != 0)
3302 			cbp->cb_error = B_TRUE;
3303 		else
3304 			changelist_remove(clp, zhp->zfs_name);
3305 		(void) changelist_postfix(clp);
3306 		changelist_free(clp);
3307 	}
3308 
3309 	zfs_close(zhp);
3310 	return (0);
3311 }
3312 
3313 /*
3314  * Given a dataset, rollback to a specific snapshot, discarding any
3315  * data changes since then and making it the active dataset.
3316  *
3317  * Any snapshots more recent than the target are destroyed, along with
3318  * their dependents.
3319  */
3320 int
3321 zfs_rollback(zfs_handle_t *zhp, zfs_handle_t *snap, boolean_t force)
3322 {
3323 	rollback_data_t cb = { 0 };
3324 	int err;
3325 	zfs_cmd_t zc = { 0 };
3326 	boolean_t restore_resv = 0;
3327 	uint64_t old_volsize, new_volsize;
3328 	zfs_prop_t resv_prop;
3329 
3330 	assert(zhp->zfs_type == ZFS_TYPE_FILESYSTEM ||
3331 	    zhp->zfs_type == ZFS_TYPE_VOLUME);
3332 
3333 	/*
3334 	 * Destroy all recent snapshots and its dependends.
3335 	 */
3336 	cb.cb_force = force;
3337 	cb.cb_target = snap->zfs_name;
3338 	cb.cb_create = zfs_prop_get_int(snap, ZFS_PROP_CREATETXG);
3339 	(void) zfs_iter_children(zhp, rollback_destroy, &cb);
3340 
3341 	if (cb.cb_error)
3342 		return (-1);
3343 
3344 	/*
3345 	 * Now that we have verified that the snapshot is the latest,
3346 	 * rollback to the given snapshot.
3347 	 */
3348 
3349 	if (zhp->zfs_type == ZFS_TYPE_VOLUME) {
3350 		if (zfs_which_resv_prop(zhp, &resv_prop) < 0)
3351 			return (-1);
3352 		old_volsize = zfs_prop_get_int(zhp, ZFS_PROP_VOLSIZE);
3353 		restore_resv =
3354 		    (old_volsize == zfs_prop_get_int(zhp, resv_prop));
3355 	}
3356 
3357 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3358 
3359 	if (ZFS_IS_VOLUME(zhp))
3360 		zc.zc_objset_type = DMU_OST_ZVOL;
3361 	else
3362 		zc.zc_objset_type = DMU_OST_ZFS;
3363 
3364 	/*
3365 	 * We rely on zfs_iter_children() to verify that there are no
3366 	 * newer snapshots for the given dataset.  Therefore, we can
3367 	 * simply pass the name on to the ioctl() call.  There is still
3368 	 * an unlikely race condition where the user has taken a
3369 	 * snapshot since we verified that this was the most recent.
3370 	 *
3371 	 */
3372 	if ((err = zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_ROLLBACK, &zc)) != 0) {
3373 		(void) zfs_standard_error_fmt(zhp->zfs_hdl, errno,
3374 		    dgettext(TEXT_DOMAIN, "cannot rollback '%s'"),
3375 		    zhp->zfs_name);
3376 		return (err);
3377 	}
3378 
3379 	/*
3380 	 * For volumes, if the pre-rollback volsize matched the pre-
3381 	 * rollback reservation and the volsize has changed then set
3382 	 * the reservation property to the post-rollback volsize.
3383 	 * Make a new handle since the rollback closed the dataset.
3384 	 */
3385 	if ((zhp->zfs_type == ZFS_TYPE_VOLUME) &&
3386 	    (zhp = make_dataset_handle(zhp->zfs_hdl, zhp->zfs_name))) {
3387 		if (restore_resv) {
3388 			new_volsize = zfs_prop_get_int(zhp, ZFS_PROP_VOLSIZE);
3389 			if (old_volsize != new_volsize)
3390 				err = zfs_prop_set_int(zhp, resv_prop,
3391 				    new_volsize);
3392 		}
3393 		zfs_close(zhp);
3394 	}
3395 	return (err);
3396 }
3397 
3398 /*
3399  * Iterate over all dependents for a given dataset.  This includes both
3400  * hierarchical dependents (children) and data dependents (snapshots and
3401  * clones).  The bulk of the processing occurs in get_dependents() in
3402  * libzfs_graph.c.
3403  */
3404 int
3405 zfs_iter_dependents(zfs_handle_t *zhp, boolean_t allowrecursion,
3406     zfs_iter_f func, void *data)
3407 {
3408 	char **dependents;
3409 	size_t count;
3410 	int i;
3411 	zfs_handle_t *child;
3412 	int ret = 0;
3413 
3414 	if (get_dependents(zhp->zfs_hdl, allowrecursion, zhp->zfs_name,
3415 	    &dependents, &count) != 0)
3416 		return (-1);
3417 
3418 	for (i = 0; i < count; i++) {
3419 		if ((child = make_dataset_handle(zhp->zfs_hdl,
3420 		    dependents[i])) == NULL)
3421 			continue;
3422 
3423 		if ((ret = func(child, data)) != 0)
3424 			break;
3425 	}
3426 
3427 	for (i = 0; i < count; i++)
3428 		free(dependents[i]);
3429 	free(dependents);
3430 
3431 	return (ret);
3432 }
3433 
3434 /*
3435  * Renames the given dataset.
3436  */
3437 int
3438 zfs_rename(zfs_handle_t *zhp, const char *target, boolean_t recursive)
3439 {
3440 	int ret;
3441 	zfs_cmd_t zc = { 0 };
3442 	char *delim;
3443 	prop_changelist_t *cl = NULL;
3444 	zfs_handle_t *zhrp = NULL;
3445 	char *parentname = NULL;
3446 	char parent[ZFS_MAXNAMELEN];
3447 	libzfs_handle_t *hdl = zhp->zfs_hdl;
3448 	char errbuf[1024];
3449 
3450 	/* if we have the same exact name, just return success */
3451 	if (strcmp(zhp->zfs_name, target) == 0)
3452 		return (0);
3453 
3454 	(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3455 	    "cannot rename to '%s'"), target);
3456 
3457 	/*
3458 	 * Make sure the target name is valid
3459 	 */
3460 	if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) {
3461 		if ((strchr(target, '@') == NULL) ||
3462 		    *target == '@') {
3463 			/*
3464 			 * Snapshot target name is abbreviated,
3465 			 * reconstruct full dataset name
3466 			 */
3467 			(void) strlcpy(parent, zhp->zfs_name,
3468 			    sizeof (parent));
3469 			delim = strchr(parent, '@');
3470 			if (strchr(target, '@') == NULL)
3471 				*(++delim) = '\0';
3472 			else
3473 				*delim = '\0';
3474 			(void) strlcat(parent, target, sizeof (parent));
3475 			target = parent;
3476 		} else {
3477 			/*
3478 			 * Make sure we're renaming within the same dataset.
3479 			 */
3480 			delim = strchr(target, '@');
3481 			if (strncmp(zhp->zfs_name, target, delim - target)
3482 			    != 0 || zhp->zfs_name[delim - target] != '@') {
3483 				zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3484 				    "snapshots must be part of same "
3485 				    "dataset"));
3486 				return (zfs_error(hdl, EZFS_CROSSTARGET,
3487 				    errbuf));
3488 			}
3489 		}
3490 		if (!zfs_validate_name(hdl, target, zhp->zfs_type, B_TRUE))
3491 			return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
3492 	} else {
3493 		if (recursive) {
3494 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3495 			    "recursive rename must be a snapshot"));
3496 			return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
3497 		}
3498 
3499 		if (!zfs_validate_name(hdl, target, zhp->zfs_type, B_TRUE))
3500 			return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
3501 
3502 		/* validate parents */
3503 		if (check_parents(hdl, target, NULL, B_FALSE, NULL) != 0)
3504 			return (-1);
3505 
3506 		/* make sure we're in the same pool */
3507 		verify((delim = strchr(target, '/')) != NULL);
3508 		if (strncmp(zhp->zfs_name, target, delim - target) != 0 ||
3509 		    zhp->zfs_name[delim - target] != '/') {
3510 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3511 			    "datasets must be within same pool"));
3512 			return (zfs_error(hdl, EZFS_CROSSTARGET, errbuf));
3513 		}
3514 
3515 		/* new name cannot be a child of the current dataset name */
3516 		if (is_descendant(zhp->zfs_name, target)) {
3517 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3518 			    "New dataset name cannot be a descendant of "
3519 			    "current dataset name"));
3520 			return (zfs_error(hdl, EZFS_INVALIDNAME, errbuf));
3521 		}
3522 	}
3523 
3524 	(void) snprintf(errbuf, sizeof (errbuf),
3525 	    dgettext(TEXT_DOMAIN, "cannot rename '%s'"), zhp->zfs_name);
3526 
3527 	if (getzoneid() == GLOBAL_ZONEID &&
3528 	    zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) {
3529 		zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3530 		    "dataset is used in a non-global zone"));
3531 		return (zfs_error(hdl, EZFS_ZONED, errbuf));
3532 	}
3533 
3534 	if (recursive) {
3535 
3536 		parentname = zfs_strdup(zhp->zfs_hdl, zhp->zfs_name);
3537 		if (parentname == NULL) {
3538 			ret = -1;
3539 			goto error;
3540 		}
3541 		delim = strchr(parentname, '@');
3542 		*delim = '\0';
3543 		zhrp = zfs_open(zhp->zfs_hdl, parentname, ZFS_TYPE_DATASET);
3544 		if (zhrp == NULL) {
3545 			ret = -1;
3546 			goto error;
3547 		}
3548 
3549 	} else {
3550 		if ((cl = changelist_gather(zhp, ZFS_PROP_NAME, 0, 0)) == NULL)
3551 			return (-1);
3552 
3553 		if (changelist_haszonedchild(cl)) {
3554 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3555 			    "child dataset with inherited mountpoint is used "
3556 			    "in a non-global zone"));
3557 			(void) zfs_error(hdl, EZFS_ZONED, errbuf);
3558 			goto error;
3559 		}
3560 
3561 		if ((ret = changelist_prefix(cl)) != 0)
3562 			goto error;
3563 	}
3564 
3565 	if (ZFS_IS_VOLUME(zhp))
3566 		zc.zc_objset_type = DMU_OST_ZVOL;
3567 	else
3568 		zc.zc_objset_type = DMU_OST_ZFS;
3569 
3570 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3571 	(void) strlcpy(zc.zc_value, target, sizeof (zc.zc_value));
3572 
3573 	zc.zc_cookie = recursive;
3574 
3575 	if ((ret = zfs_ioctl(zhp->zfs_hdl, ZFS_IOC_RENAME, &zc)) != 0) {
3576 		/*
3577 		 * if it was recursive, the one that actually failed will
3578 		 * be in zc.zc_name
3579 		 */
3580 		(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3581 		    "cannot rename '%s'"), zc.zc_name);
3582 
3583 		if (recursive && errno == EEXIST) {
3584 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3585 			    "a child dataset already has a snapshot "
3586 			    "with the new name"));
3587 			(void) zfs_error(hdl, EZFS_EXISTS, errbuf);
3588 		} else {
3589 			(void) zfs_standard_error(zhp->zfs_hdl, errno, errbuf);
3590 		}
3591 
3592 		/*
3593 		 * On failure, we still want to remount any filesystems that
3594 		 * were previously mounted, so we don't alter the system state.
3595 		 */
3596 		if (!recursive)
3597 			(void) changelist_postfix(cl);
3598 	} else {
3599 		if (!recursive) {
3600 			changelist_rename(cl, zfs_get_name(zhp), target);
3601 			ret = changelist_postfix(cl);
3602 		}
3603 	}
3604 
3605 error:
3606 	if (parentname) {
3607 		free(parentname);
3608 	}
3609 	if (zhrp) {
3610 		zfs_close(zhrp);
3611 	}
3612 	if (cl) {
3613 		changelist_free(cl);
3614 	}
3615 	return (ret);
3616 }
3617 
3618 nvlist_t *
3619 zfs_get_user_props(zfs_handle_t *zhp)
3620 {
3621 	return (zhp->zfs_user_props);
3622 }
3623 
3624 nvlist_t *
3625 zfs_get_recvd_props(zfs_handle_t *zhp)
3626 {
3627 	if (zhp->zfs_recvd_props == NULL)
3628 		if (get_recvd_props_ioctl(zhp) != 0)
3629 			return (NULL);
3630 	return (zhp->zfs_recvd_props);
3631 }
3632 
3633 /*
3634  * This function is used by 'zfs list' to determine the exact set of columns to
3635  * display, and their maximum widths.  This does two main things:
3636  *
3637  *      - If this is a list of all properties, then expand the list to include
3638  *        all native properties, and set a flag so that for each dataset we look
3639  *        for new unique user properties and add them to the list.
3640  *
3641  *      - For non fixed-width properties, keep track of the maximum width seen
3642  *        so that we can size the column appropriately. If the user has
3643  *        requested received property values, we also need to compute the width
3644  *        of the RECEIVED column.
3645  */
3646 int
3647 zfs_expand_proplist(zfs_handle_t *zhp, zprop_list_t **plp, boolean_t received)
3648 {
3649 	libzfs_handle_t *hdl = zhp->zfs_hdl;
3650 	zprop_list_t *entry;
3651 	zprop_list_t **last, **start;
3652 	nvlist_t *userprops, *propval;
3653 	nvpair_t *elem;
3654 	char *strval;
3655 	char buf[ZFS_MAXPROPLEN];
3656 
3657 	if (zprop_expand_list(hdl, plp, ZFS_TYPE_DATASET) != 0)
3658 		return (-1);
3659 
3660 	userprops = zfs_get_user_props(zhp);
3661 
3662 	entry = *plp;
3663 	if (entry->pl_all && nvlist_next_nvpair(userprops, NULL) != NULL) {
3664 		/*
3665 		 * Go through and add any user properties as necessary.  We
3666 		 * start by incrementing our list pointer to the first
3667 		 * non-native property.
3668 		 */
3669 		start = plp;
3670 		while (*start != NULL) {
3671 			if ((*start)->pl_prop == ZPROP_INVAL)
3672 				break;
3673 			start = &(*start)->pl_next;
3674 		}
3675 
3676 		elem = NULL;
3677 		while ((elem = nvlist_next_nvpair(userprops, elem)) != NULL) {
3678 			/*
3679 			 * See if we've already found this property in our list.
3680 			 */
3681 			for (last = start; *last != NULL;
3682 			    last = &(*last)->pl_next) {
3683 				if (strcmp((*last)->pl_user_prop,
3684 				    nvpair_name(elem)) == 0)
3685 					break;
3686 			}
3687 
3688 			if (*last == NULL) {
3689 				if ((entry = zfs_alloc(hdl,
3690 				    sizeof (zprop_list_t))) == NULL ||
3691 				    ((entry->pl_user_prop = zfs_strdup(hdl,
3692 				    nvpair_name(elem)))) == NULL) {
3693 					free(entry);
3694 					return (-1);
3695 				}
3696 
3697 				entry->pl_prop = ZPROP_INVAL;
3698 				entry->pl_width = strlen(nvpair_name(elem));
3699 				entry->pl_all = B_TRUE;
3700 				*last = entry;
3701 			}
3702 		}
3703 	}
3704 
3705 	/*
3706 	 * Now go through and check the width of any non-fixed columns
3707 	 */
3708 	for (entry = *plp; entry != NULL; entry = entry->pl_next) {
3709 		if (entry->pl_fixed)
3710 			continue;
3711 
3712 		if (entry->pl_prop != ZPROP_INVAL) {
3713 			if (zfs_prop_get(zhp, entry->pl_prop,
3714 			    buf, sizeof (buf), NULL, NULL, 0, B_FALSE) == 0) {
3715 				if (strlen(buf) > entry->pl_width)
3716 					entry->pl_width = strlen(buf);
3717 			}
3718 			if (received && zfs_prop_get_recvd(zhp,
3719 			    zfs_prop_to_name(entry->pl_prop),
3720 			    buf, sizeof (buf), B_FALSE) == 0)
3721 				if (strlen(buf) > entry->pl_recvd_width)
3722 					entry->pl_recvd_width = strlen(buf);
3723 		} else {
3724 			if (nvlist_lookup_nvlist(userprops, entry->pl_user_prop,
3725 			    &propval) == 0) {
3726 				verify(nvlist_lookup_string(propval,
3727 				    ZPROP_VALUE, &strval) == 0);
3728 				if (strlen(strval) > entry->pl_width)
3729 					entry->pl_width = strlen(strval);
3730 			}
3731 			if (received && zfs_prop_get_recvd(zhp,
3732 			    entry->pl_user_prop,
3733 			    buf, sizeof (buf), B_FALSE) == 0)
3734 				if (strlen(buf) > entry->pl_recvd_width)
3735 					entry->pl_recvd_width = strlen(buf);
3736 		}
3737 	}
3738 
3739 	return (0);
3740 }
3741 
3742 int
3743 zfs_iscsi_perm_check(libzfs_handle_t *hdl, char *dataset, ucred_t *cred)
3744 {
3745 	zfs_cmd_t zc = { 0 };
3746 	nvlist_t *nvp;
3747 	gid_t gid;
3748 	uid_t uid;
3749 	const gid_t *groups;
3750 	int group_cnt;
3751 	int error;
3752 
3753 	if (nvlist_alloc(&nvp, NV_UNIQUE_NAME, 0) != 0)
3754 		return (no_memory(hdl));
3755 
3756 	uid = ucred_geteuid(cred);
3757 	gid = ucred_getegid(cred);
3758 	group_cnt = ucred_getgroups(cred, &groups);
3759 
3760 	if (uid == (uid_t)-1 || gid == (uid_t)-1 || group_cnt == (uid_t)-1)
3761 		return (1);
3762 
3763 	if (nvlist_add_uint32(nvp, ZFS_DELEG_PERM_UID, uid) != 0) {
3764 		nvlist_free(nvp);
3765 		return (1);
3766 	}
3767 
3768 	if (nvlist_add_uint32(nvp, ZFS_DELEG_PERM_GID, gid) != 0) {
3769 		nvlist_free(nvp);
3770 		return (1);
3771 	}
3772 
3773 	if (nvlist_add_uint32_array(nvp,
3774 	    ZFS_DELEG_PERM_GROUPS, (uint32_t *)groups, group_cnt) != 0) {
3775 		nvlist_free(nvp);
3776 		return (1);
3777 	}
3778 	(void) strlcpy(zc.zc_name, dataset, sizeof (zc.zc_name));
3779 
3780 	if (zcmd_write_src_nvlist(hdl, &zc, nvp))
3781 		return (-1);
3782 
3783 	error = ioctl(hdl->libzfs_fd, ZFS_IOC_ISCSI_PERM_CHECK, &zc);
3784 	nvlist_free(nvp);
3785 	return (error);
3786 }
3787 
3788 int
3789 zfs_deleg_share_nfs(libzfs_handle_t *hdl, char *dataset, char *path,
3790     char *resource, void *export, void *sharetab,
3791     int sharemax, zfs_share_op_t operation)
3792 {
3793 	zfs_cmd_t zc = { 0 };
3794 	int error;
3795 
3796 	(void) strlcpy(zc.zc_name, dataset, sizeof (zc.zc_name));
3797 	(void) strlcpy(zc.zc_value, path, sizeof (zc.zc_value));
3798 	if (resource)
3799 		(void) strlcpy(zc.zc_string, resource, sizeof (zc.zc_string));
3800 	zc.zc_share.z_sharedata = (uint64_t)(uintptr_t)sharetab;
3801 	zc.zc_share.z_exportdata = (uint64_t)(uintptr_t)export;
3802 	zc.zc_share.z_sharetype = operation;
3803 	zc.zc_share.z_sharemax = sharemax;
3804 	error = ioctl(hdl->libzfs_fd, ZFS_IOC_SHARE, &zc);
3805 	return (error);
3806 }
3807 
3808 void
3809 zfs_prune_proplist(zfs_handle_t *zhp, uint8_t *props)
3810 {
3811 	nvpair_t *curr;
3812 
3813 	/*
3814 	 * Keep a reference to the props-table against which we prune the
3815 	 * properties.
3816 	 */
3817 	zhp->zfs_props_table = props;
3818 
3819 	curr = nvlist_next_nvpair(zhp->zfs_props, NULL);
3820 
3821 	while (curr) {
3822 		zfs_prop_t zfs_prop = zfs_name_to_prop(nvpair_name(curr));
3823 		nvpair_t *next = nvlist_next_nvpair(zhp->zfs_props, curr);
3824 
3825 		/*
3826 		 * User properties will result in ZPROP_INVAL, and since we
3827 		 * only know how to prune standard ZFS properties, we always
3828 		 * leave these in the list.  This can also happen if we
3829 		 * encounter an unknown DSL property (when running older
3830 		 * software, for example).
3831 		 */
3832 		if (zfs_prop != ZPROP_INVAL && props[zfs_prop] == B_FALSE)
3833 			(void) nvlist_remove(zhp->zfs_props,
3834 			    nvpair_name(curr), nvpair_type(curr));
3835 		curr = next;
3836 	}
3837 }
3838 
3839 static int
3840 zfs_smb_acl_mgmt(libzfs_handle_t *hdl, char *dataset, char *path,
3841     zfs_smb_acl_op_t cmd, char *resource1, char *resource2)
3842 {
3843 	zfs_cmd_t zc = { 0 };
3844 	nvlist_t *nvlist = NULL;
3845 	int error;
3846 
3847 	(void) strlcpy(zc.zc_name, dataset, sizeof (zc.zc_name));
3848 	(void) strlcpy(zc.zc_value, path, sizeof (zc.zc_value));
3849 	zc.zc_cookie = (uint64_t)cmd;
3850 
3851 	if (cmd == ZFS_SMB_ACL_RENAME) {
3852 		if (nvlist_alloc(&nvlist, NV_UNIQUE_NAME, 0) != 0) {
3853 			(void) no_memory(hdl);
3854 			return (NULL);
3855 		}
3856 	}
3857 
3858 	switch (cmd) {
3859 	case ZFS_SMB_ACL_ADD:
3860 	case ZFS_SMB_ACL_REMOVE:
3861 		(void) strlcpy(zc.zc_string, resource1, sizeof (zc.zc_string));
3862 		break;
3863 	case ZFS_SMB_ACL_RENAME:
3864 		if (nvlist_add_string(nvlist, ZFS_SMB_ACL_SRC,
3865 		    resource1) != 0) {
3866 				(void) no_memory(hdl);
3867 				return (-1);
3868 		}
3869 		if (nvlist_add_string(nvlist, ZFS_SMB_ACL_TARGET,
3870 		    resource2) != 0) {
3871 				(void) no_memory(hdl);
3872 				return (-1);
3873 		}
3874 		if (zcmd_write_src_nvlist(hdl, &zc, nvlist) != 0) {
3875 			nvlist_free(nvlist);
3876 			return (-1);
3877 		}
3878 		break;
3879 	case ZFS_SMB_ACL_PURGE:
3880 		break;
3881 	default:
3882 		return (-1);
3883 	}
3884 	error = ioctl(hdl->libzfs_fd, ZFS_IOC_SMB_ACL, &zc);
3885 	if (nvlist)
3886 		nvlist_free(nvlist);
3887 	return (error);
3888 }
3889 
3890 int
3891 zfs_smb_acl_add(libzfs_handle_t *hdl, char *dataset,
3892     char *path, char *resource)
3893 {
3894 	return (zfs_smb_acl_mgmt(hdl, dataset, path, ZFS_SMB_ACL_ADD,
3895 	    resource, NULL));
3896 }
3897 
3898 int
3899 zfs_smb_acl_remove(libzfs_handle_t *hdl, char *dataset,
3900     char *path, char *resource)
3901 {
3902 	return (zfs_smb_acl_mgmt(hdl, dataset, path, ZFS_SMB_ACL_REMOVE,
3903 	    resource, NULL));
3904 }
3905 
3906 int
3907 zfs_smb_acl_purge(libzfs_handle_t *hdl, char *dataset, char *path)
3908 {
3909 	return (zfs_smb_acl_mgmt(hdl, dataset, path, ZFS_SMB_ACL_PURGE,
3910 	    NULL, NULL));
3911 }
3912 
3913 int
3914 zfs_smb_acl_rename(libzfs_handle_t *hdl, char *dataset, char *path,
3915     char *oldname, char *newname)
3916 {
3917 	return (zfs_smb_acl_mgmt(hdl, dataset, path, ZFS_SMB_ACL_RENAME,
3918 	    oldname, newname));
3919 }
3920 
3921 int
3922 zfs_userspace(zfs_handle_t *zhp, zfs_userquota_prop_t type,
3923     zfs_userspace_cb_t func, void *arg)
3924 {
3925 	zfs_cmd_t zc = { 0 };
3926 	int error;
3927 	zfs_useracct_t buf[100];
3928 
3929 	(void) strncpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3930 
3931 	zc.zc_objset_type = type;
3932 	zc.zc_nvlist_dst = (uintptr_t)buf;
3933 
3934 	/* CONSTCOND */
3935 	while (1) {
3936 		zfs_useracct_t *zua = buf;
3937 
3938 		zc.zc_nvlist_dst_size = sizeof (buf);
3939 		error = ioctl(zhp->zfs_hdl->libzfs_fd,
3940 		    ZFS_IOC_USERSPACE_MANY, &zc);
3941 		if (error || zc.zc_nvlist_dst_size == 0)
3942 			break;
3943 
3944 		while (zc.zc_nvlist_dst_size > 0) {
3945 			error = func(arg, zua->zu_domain, zua->zu_rid,
3946 			    zua->zu_space);
3947 			if (error != 0)
3948 				return (error);
3949 			zua++;
3950 			zc.zc_nvlist_dst_size -= sizeof (zfs_useracct_t);
3951 		}
3952 	}
3953 
3954 	return (error);
3955 }
3956 
3957 int
3958 zfs_hold(zfs_handle_t *zhp, const char *snapname, const char *tag,
3959     boolean_t recursive, boolean_t temphold, boolean_t enoent_ok)
3960 {
3961 	zfs_cmd_t zc = { 0 };
3962 	libzfs_handle_t *hdl = zhp->zfs_hdl;
3963 
3964 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
3965 	(void) strlcpy(zc.zc_value, snapname, sizeof (zc.zc_value));
3966 	if (strlcpy(zc.zc_string, tag, sizeof (zc.zc_string))
3967 	    >= sizeof (zc.zc_string))
3968 		return (zfs_error(hdl, EZFS_TAGTOOLONG, tag));
3969 	zc.zc_cookie = recursive;
3970 	zc.zc_temphold = temphold;
3971 
3972 	if (zfs_ioctl(hdl, ZFS_IOC_HOLD, &zc) != 0) {
3973 		char errbuf[ZFS_MAXNAMELEN+32];
3974 
3975 		/*
3976 		 * if it was recursive, the one that actually failed will be in
3977 		 * zc.zc_name.
3978 		 */
3979 		(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
3980 		    "cannot hold '%s@%s'"), zc.zc_name, snapname);
3981 		switch (errno) {
3982 		case E2BIG:
3983 			/*
3984 			 * Temporary tags wind up having the ds object id
3985 			 * prepended. So even if we passed the length check
3986 			 * above, it's still possible for the tag to wind
3987 			 * up being slightly too long.
3988 			 */
3989 			return (zfs_error(hdl, EZFS_TAGTOOLONG, errbuf));
3990 		case ENOTSUP:
3991 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
3992 			    "pool must be upgraded"));
3993 			return (zfs_error(hdl, EZFS_BADVERSION, errbuf));
3994 		case EINVAL:
3995 			return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
3996 		case EEXIST:
3997 			return (zfs_error(hdl, EZFS_REFTAG_HOLD, errbuf));
3998 		case ENOENT:
3999 			if (enoent_ok)
4000 				return (0);
4001 			/* FALLTHROUGH */
4002 		default:
4003 			return (zfs_standard_error_fmt(hdl, errno, errbuf));
4004 		}
4005 	}
4006 
4007 	return (0);
4008 }
4009 
4010 struct hold_range_arg {
4011 	zfs_handle_t	*origin;
4012 	const char	*fromsnap;
4013 	const char	*tosnap;
4014 	char		lastsnapheld[ZFS_MAXNAMELEN];
4015 	const char	*tag;
4016 	boolean_t	temphold;
4017 	boolean_t	seento;
4018 	boolean_t	seenfrom;
4019 	boolean_t	holding;
4020 	boolean_t	recursive;
4021 };
4022 
4023 static int
4024 zfs_hold_range_one(zfs_handle_t *zhp, void *arg)
4025 {
4026 	struct hold_range_arg *hra = arg;
4027 	const char *thissnap;
4028 	int error;
4029 
4030 	thissnap = strchr(zfs_get_name(zhp), '@') + 1;
4031 
4032 	if (hra->fromsnap && !hra->seenfrom &&
4033 	    strcmp(hra->fromsnap, thissnap) == 0)
4034 		hra->seenfrom = B_TRUE;
4035 
4036 	/* snap is older or newer than the desired range, ignore it */
4037 	if (hra->seento || !hra->seenfrom) {
4038 		zfs_close(zhp);
4039 		return (0);
4040 	}
4041 
4042 	if (hra->holding) {
4043 		/* We could be racing with destroy, so ignore ENOENT. */
4044 		error = zfs_hold(hra->origin, thissnap, hra->tag,
4045 		    hra->recursive, hra->temphold, B_TRUE);
4046 		if (error == 0) {
4047 			(void) strlcpy(hra->lastsnapheld, zfs_get_name(zhp),
4048 			    sizeof (hra->lastsnapheld));
4049 		}
4050 	} else {
4051 		error = zfs_release(hra->origin, thissnap, hra->tag,
4052 		    hra->recursive);
4053 	}
4054 
4055 	if (!hra->seento && strcmp(hra->tosnap, thissnap) == 0)
4056 		hra->seento = B_TRUE;
4057 
4058 	zfs_close(zhp);
4059 	return (error);
4060 }
4061 
4062 /*
4063  * Add a user hold on the set of snapshots starting with fromsnap up to
4064  * and including tosnap. If we're unable to to acquire a particular hold,
4065  * undo any holds up to that point.
4066  */
4067 int
4068 zfs_hold_range(zfs_handle_t *zhp, const char *fromsnap, const char *tosnap,
4069     const char *tag, boolean_t recursive, boolean_t temphold)
4070 {
4071 	struct hold_range_arg arg = { 0 };
4072 	int error;
4073 
4074 	arg.origin = zhp;
4075 	arg.fromsnap = fromsnap;
4076 	arg.tosnap = tosnap;
4077 	arg.tag = tag;
4078 	arg.temphold = temphold;
4079 	arg.holding = B_TRUE;
4080 	arg.recursive = recursive;
4081 
4082 	error = zfs_iter_snapshots_sorted(zhp, zfs_hold_range_one, &arg);
4083 
4084 	/*
4085 	 * Make sure we either hold the entire range or none.
4086 	 */
4087 	if (error && arg.lastsnapheld[0] != '\0') {
4088 		(void) zfs_release_range(zhp, fromsnap,
4089 		    (const char *)arg.lastsnapheld, tag, recursive);
4090 	}
4091 	return (error);
4092 }
4093 
4094 int
4095 zfs_release(zfs_handle_t *zhp, const char *snapname, const char *tag,
4096     boolean_t recursive)
4097 {
4098 	zfs_cmd_t zc = { 0 };
4099 	libzfs_handle_t *hdl = zhp->zfs_hdl;
4100 
4101 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
4102 	(void) strlcpy(zc.zc_value, snapname, sizeof (zc.zc_value));
4103 	if (strlcpy(zc.zc_string, tag, sizeof (zc.zc_string))
4104 	    >= sizeof (zc.zc_string))
4105 		return (zfs_error(hdl, EZFS_TAGTOOLONG, tag));
4106 	zc.zc_cookie = recursive;
4107 
4108 	if (zfs_ioctl(hdl, ZFS_IOC_RELEASE, &zc) != 0) {
4109 		char errbuf[ZFS_MAXNAMELEN+32];
4110 
4111 		/*
4112 		 * if it was recursive, the one that actually failed will be in
4113 		 * zc.zc_name.
4114 		 */
4115 		(void) snprintf(errbuf, sizeof (errbuf), dgettext(TEXT_DOMAIN,
4116 		    "cannot release '%s' from '%s@%s'"), tag, zc.zc_name,
4117 		    snapname);
4118 		switch (errno) {
4119 		case ESRCH:
4120 			return (zfs_error(hdl, EZFS_REFTAG_RELE, errbuf));
4121 		case ENOTSUP:
4122 			zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
4123 			    "pool must be upgraded"));
4124 			return (zfs_error(hdl, EZFS_BADVERSION, errbuf));
4125 		case EINVAL:
4126 			return (zfs_error(hdl, EZFS_BADTYPE, errbuf));
4127 		default:
4128 			return (zfs_standard_error_fmt(hdl, errno, errbuf));
4129 		}
4130 	}
4131 
4132 	return (0);
4133 }
4134 
4135 /*
4136  * Release a user hold from the set of snapshots starting with fromsnap
4137  * up to and including tosnap.
4138  */
4139 int
4140 zfs_release_range(zfs_handle_t *zhp, const char *fromsnap, const char *tosnap,
4141     const char *tag, boolean_t recursive)
4142 {
4143 	struct hold_range_arg arg = { 0 };
4144 
4145 	arg.origin = zhp;
4146 	arg.fromsnap = fromsnap;
4147 	arg.tosnap = tosnap;
4148 	arg.tag = tag;
4149 	arg.recursive = recursive;
4150 
4151 	return (zfs_iter_snapshots_sorted(zhp, zfs_hold_range_one, &arg));
4152 }
4153 
4154 uint64_t
4155 zvol_volsize_to_reservation(uint64_t volsize, nvlist_t *props)
4156 {
4157 	uint64_t numdb;
4158 	uint64_t nblocks, volblocksize;
4159 	int ncopies;
4160 	char *strval;
4161 
4162 	if (nvlist_lookup_string(props,
4163 	    zfs_prop_to_name(ZFS_PROP_COPIES), &strval) == 0)
4164 		ncopies = atoi(strval);
4165 	else
4166 		ncopies = 1;
4167 	if (nvlist_lookup_uint64(props,
4168 	    zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
4169 	    &volblocksize) != 0)
4170 		volblocksize = ZVOL_DEFAULT_BLOCKSIZE;
4171 	nblocks = volsize/volblocksize;
4172 	/* start with metadnode L0-L6 */
4173 	numdb = 7;
4174 	/* calculate number of indirects */
4175 	while (nblocks > 1) {
4176 		nblocks += DNODES_PER_LEVEL - 1;
4177 		nblocks /= DNODES_PER_LEVEL;
4178 		numdb += nblocks;
4179 	}
4180 	numdb *= MIN(SPA_DVAS_PER_BP, ncopies + 1);
4181 	volsize *= ncopies;
4182 	/*
4183 	 * this is exactly DN_MAX_INDBLKSHIFT when metadata isn't
4184 	 * compressed, but in practice they compress down to about
4185 	 * 1100 bytes
4186 	 */
4187 	numdb *= 1ULL << DN_MAX_INDBLKSHIFT;
4188 	volsize += numdb;
4189 	return (volsize);
4190 }
4191