1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #include <sys/types.h> 27 #include <sys/param.h> 28 #include <sys/errno.h> 29 #include <sys/uio.h> 30 #include <sys/buf.h> 31 #include <sys/modctl.h> 32 #include <sys/open.h> 33 #include <sys/file.h> 34 #include <sys/kmem.h> 35 #include <sys/conf.h> 36 #include <sys/cmn_err.h> 37 #include <sys/stat.h> 38 #include <sys/zfs_ioctl.h> 39 #include <sys/zfs_znode.h> 40 #include <sys/zap.h> 41 #include <sys/spa.h> 42 #include <sys/spa_impl.h> 43 #include <sys/vdev.h> 44 #include <sys/vdev_impl.h> 45 #include <sys/dmu.h> 46 #include <sys/dsl_dir.h> 47 #include <sys/dsl_dataset.h> 48 #include <sys/dsl_prop.h> 49 #include <sys/dsl_deleg.h> 50 #include <sys/dmu_objset.h> 51 #include <sys/ddi.h> 52 #include <sys/sunddi.h> 53 #include <sys/sunldi.h> 54 #include <sys/policy.h> 55 #include <sys/zone.h> 56 #include <sys/nvpair.h> 57 #include <sys/pathname.h> 58 #include <sys/mount.h> 59 #include <sys/sdt.h> 60 #include <sys/fs/zfs.h> 61 #include <sys/zfs_ctldir.h> 62 #include <sys/zfs_dir.h> 63 #include <sys/zvol.h> 64 #include <sharefs/share.h> 65 #include <sys/dmu_objset.h> 66 67 #include "zfs_namecheck.h" 68 #include "zfs_prop.h" 69 #include "zfs_deleg.h" 70 71 extern struct modlfs zfs_modlfs; 72 73 extern void zfs_init(void); 74 extern void zfs_fini(void); 75 76 ldi_ident_t zfs_li = NULL; 77 dev_info_t *zfs_dip; 78 79 typedef int zfs_ioc_func_t(zfs_cmd_t *); 80 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, cred_t *); 81 82 typedef enum { 83 NO_NAME, 84 POOL_NAME, 85 DATASET_NAME 86 } zfs_ioc_namecheck_t; 87 88 typedef struct zfs_ioc_vec { 89 zfs_ioc_func_t *zvec_func; 90 zfs_secpolicy_func_t *zvec_secpolicy; 91 zfs_ioc_namecheck_t zvec_namecheck; 92 boolean_t zvec_his_log; 93 boolean_t zvec_pool_check; 94 } zfs_ioc_vec_t; 95 96 /* This array is indexed by zfs_userquota_prop_t */ 97 static const char *userquota_perms[] = { 98 ZFS_DELEG_PERM_USERUSED, 99 ZFS_DELEG_PERM_USERQUOTA, 100 ZFS_DELEG_PERM_GROUPUSED, 101 ZFS_DELEG_PERM_GROUPQUOTA, 102 }; 103 104 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc); 105 static void clear_props(char *dataset, nvlist_t *props, nvlist_t *newprops); 106 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *, 107 boolean_t *); 108 int zfs_set_prop_nvlist(const char *, nvlist_t *); 109 110 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */ 111 void 112 __dprintf(const char *file, const char *func, int line, const char *fmt, ...) 113 { 114 const char *newfile; 115 char buf[256]; 116 va_list adx; 117 118 /* 119 * Get rid of annoying "../common/" prefix to filename. 120 */ 121 newfile = strrchr(file, '/'); 122 if (newfile != NULL) { 123 newfile = newfile + 1; /* Get rid of leading / */ 124 } else { 125 newfile = file; 126 } 127 128 va_start(adx, fmt); 129 (void) vsnprintf(buf, sizeof (buf), fmt, adx); 130 va_end(adx); 131 132 /* 133 * To get this data, use the zfs-dprintf probe as so: 134 * dtrace -q -n 'zfs-dprintf \ 135 * /stringof(arg0) == "dbuf.c"/ \ 136 * {printf("%s: %s", stringof(arg1), stringof(arg3))}' 137 * arg0 = file name 138 * arg1 = function name 139 * arg2 = line number 140 * arg3 = message 141 */ 142 DTRACE_PROBE4(zfs__dprintf, 143 char *, newfile, char *, func, int, line, char *, buf); 144 } 145 146 static void 147 history_str_free(char *buf) 148 { 149 kmem_free(buf, HIS_MAX_RECORD_LEN); 150 } 151 152 static char * 153 history_str_get(zfs_cmd_t *zc) 154 { 155 char *buf; 156 157 if (zc->zc_history == NULL) 158 return (NULL); 159 160 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP); 161 if (copyinstr((void *)(uintptr_t)zc->zc_history, 162 buf, HIS_MAX_RECORD_LEN, NULL) != 0) { 163 history_str_free(buf); 164 return (NULL); 165 } 166 167 buf[HIS_MAX_RECORD_LEN -1] = '\0'; 168 169 return (buf); 170 } 171 172 /* 173 * Check to see if the named dataset is currently defined as bootable 174 */ 175 static boolean_t 176 zfs_is_bootfs(const char *name) 177 { 178 objset_t *os; 179 180 if (dmu_objset_hold(name, FTAG, &os) == 0) { 181 boolean_t ret; 182 ret = (dmu_objset_id(os) == dmu_objset_spa(os)->spa_bootfs); 183 dmu_objset_rele(os, FTAG); 184 return (ret); 185 } 186 return (B_FALSE); 187 } 188 189 /* 190 * zfs_earlier_version 191 * 192 * Return non-zero if the spa version is less than requested version. 193 */ 194 static int 195 zfs_earlier_version(const char *name, int version) 196 { 197 spa_t *spa; 198 199 if (spa_open(name, &spa, FTAG) == 0) { 200 if (spa_version(spa) < version) { 201 spa_close(spa, FTAG); 202 return (1); 203 } 204 spa_close(spa, FTAG); 205 } 206 return (0); 207 } 208 209 /* 210 * zpl_earlier_version 211 * 212 * Return TRUE if the ZPL version is less than requested version. 213 */ 214 static boolean_t 215 zpl_earlier_version(const char *name, int version) 216 { 217 objset_t *os; 218 boolean_t rc = B_TRUE; 219 220 if (dmu_objset_hold(name, FTAG, &os) == 0) { 221 uint64_t zplversion; 222 223 if (dmu_objset_type(os) != DMU_OST_ZFS) { 224 dmu_objset_rele(os, FTAG); 225 return (B_TRUE); 226 } 227 /* XXX reading from non-owned objset */ 228 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0) 229 rc = zplversion < version; 230 dmu_objset_rele(os, FTAG); 231 } 232 return (rc); 233 } 234 235 static void 236 zfs_log_history(zfs_cmd_t *zc) 237 { 238 spa_t *spa; 239 char *buf; 240 241 if ((buf = history_str_get(zc)) == NULL) 242 return; 243 244 if (spa_open(zc->zc_name, &spa, FTAG) == 0) { 245 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY) 246 (void) spa_history_log(spa, buf, LOG_CMD_NORMAL); 247 spa_close(spa, FTAG); 248 } 249 history_str_free(buf); 250 } 251 252 /* 253 * Policy for top-level read operations (list pools). Requires no privileges, 254 * and can be used in the local zone, as there is no associated dataset. 255 */ 256 /* ARGSUSED */ 257 static int 258 zfs_secpolicy_none(zfs_cmd_t *zc, cred_t *cr) 259 { 260 return (0); 261 } 262 263 /* 264 * Policy for dataset read operations (list children, get statistics). Requires 265 * no privileges, but must be visible in the local zone. 266 */ 267 /* ARGSUSED */ 268 static int 269 zfs_secpolicy_read(zfs_cmd_t *zc, cred_t *cr) 270 { 271 if (INGLOBALZONE(curproc) || 272 zone_dataset_visible(zc->zc_name, NULL)) 273 return (0); 274 275 return (ENOENT); 276 } 277 278 static int 279 zfs_dozonecheck(const char *dataset, cred_t *cr) 280 { 281 uint64_t zoned; 282 int writable = 1; 283 284 /* 285 * The dataset must be visible by this zone -- check this first 286 * so they don't see EPERM on something they shouldn't know about. 287 */ 288 if (!INGLOBALZONE(curproc) && 289 !zone_dataset_visible(dataset, &writable)) 290 return (ENOENT); 291 292 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL)) 293 return (ENOENT); 294 295 if (INGLOBALZONE(curproc)) { 296 /* 297 * If the fs is zoned, only root can access it from the 298 * global zone. 299 */ 300 if (secpolicy_zfs(cr) && zoned) 301 return (EPERM); 302 } else { 303 /* 304 * If we are in a local zone, the 'zoned' property must be set. 305 */ 306 if (!zoned) 307 return (EPERM); 308 309 /* must be writable by this zone */ 310 if (!writable) 311 return (EPERM); 312 } 313 return (0); 314 } 315 316 int 317 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr) 318 { 319 int error; 320 321 error = zfs_dozonecheck(name, cr); 322 if (error == 0) { 323 error = secpolicy_zfs(cr); 324 if (error) 325 error = dsl_deleg_access(name, perm, cr); 326 } 327 return (error); 328 } 329 330 static int 331 zfs_secpolicy_setprop(const char *name, zfs_prop_t prop, cred_t *cr) 332 { 333 /* 334 * Check permissions for special properties. 335 */ 336 switch (prop) { 337 case ZFS_PROP_ZONED: 338 /* 339 * Disallow setting of 'zoned' from within a local zone. 340 */ 341 if (!INGLOBALZONE(curproc)) 342 return (EPERM); 343 break; 344 345 case ZFS_PROP_QUOTA: 346 if (!INGLOBALZONE(curproc)) { 347 uint64_t zoned; 348 char setpoint[MAXNAMELEN]; 349 /* 350 * Unprivileged users are allowed to modify the 351 * quota on things *under* (ie. contained by) 352 * the thing they own. 353 */ 354 if (dsl_prop_get_integer(name, "zoned", &zoned, 355 setpoint)) 356 return (EPERM); 357 if (!zoned || strlen(name) <= strlen(setpoint)) 358 return (EPERM); 359 } 360 break; 361 } 362 363 return (zfs_secpolicy_write_perms(name, zfs_prop_to_name(prop), cr)); 364 } 365 366 int 367 zfs_secpolicy_fsacl(zfs_cmd_t *zc, cred_t *cr) 368 { 369 int error; 370 371 error = zfs_dozonecheck(zc->zc_name, cr); 372 if (error) 373 return (error); 374 375 /* 376 * permission to set permissions will be evaluated later in 377 * dsl_deleg_can_allow() 378 */ 379 return (0); 380 } 381 382 int 383 zfs_secpolicy_rollback(zfs_cmd_t *zc, cred_t *cr) 384 { 385 return (zfs_secpolicy_write_perms(zc->zc_name, 386 ZFS_DELEG_PERM_ROLLBACK, cr)); 387 } 388 389 int 390 zfs_secpolicy_send(zfs_cmd_t *zc, cred_t *cr) 391 { 392 return (zfs_secpolicy_write_perms(zc->zc_name, 393 ZFS_DELEG_PERM_SEND, cr)); 394 } 395 396 static int 397 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, cred_t *cr) 398 { 399 vnode_t *vp; 400 int error; 401 402 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE, 403 NO_FOLLOW, NULL, &vp)) != 0) 404 return (error); 405 406 /* Now make sure mntpnt and dataset are ZFS */ 407 408 if (vp->v_vfsp->vfs_fstype != zfsfstype || 409 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource), 410 zc->zc_name) != 0)) { 411 VN_RELE(vp); 412 return (EPERM); 413 } 414 415 VN_RELE(vp); 416 return (dsl_deleg_access(zc->zc_name, 417 ZFS_DELEG_PERM_SHARE, cr)); 418 } 419 420 int 421 zfs_secpolicy_share(zfs_cmd_t *zc, cred_t *cr) 422 { 423 if (!INGLOBALZONE(curproc)) 424 return (EPERM); 425 426 if (secpolicy_nfs(cr) == 0) { 427 return (0); 428 } else { 429 return (zfs_secpolicy_deleg_share(zc, cr)); 430 } 431 } 432 433 int 434 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, cred_t *cr) 435 { 436 if (!INGLOBALZONE(curproc)) 437 return (EPERM); 438 439 if (secpolicy_smb(cr) == 0) { 440 return (0); 441 } else { 442 return (zfs_secpolicy_deleg_share(zc, cr)); 443 } 444 } 445 446 static int 447 zfs_get_parent(const char *datasetname, char *parent, int parentsize) 448 { 449 char *cp; 450 451 /* 452 * Remove the @bla or /bla from the end of the name to get the parent. 453 */ 454 (void) strncpy(parent, datasetname, parentsize); 455 cp = strrchr(parent, '@'); 456 if (cp != NULL) { 457 cp[0] = '\0'; 458 } else { 459 cp = strrchr(parent, '/'); 460 if (cp == NULL) 461 return (ENOENT); 462 cp[0] = '\0'; 463 } 464 465 return (0); 466 } 467 468 int 469 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr) 470 { 471 int error; 472 473 if ((error = zfs_secpolicy_write_perms(name, 474 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 475 return (error); 476 477 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr)); 478 } 479 480 static int 481 zfs_secpolicy_destroy(zfs_cmd_t *zc, cred_t *cr) 482 { 483 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr)); 484 } 485 486 /* 487 * Must have sys_config privilege to check the iscsi permission 488 */ 489 /* ARGSUSED */ 490 static int 491 zfs_secpolicy_iscsi(zfs_cmd_t *zc, cred_t *cr) 492 { 493 return (secpolicy_zfs(cr)); 494 } 495 496 int 497 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr) 498 { 499 char parentname[MAXNAMELEN]; 500 int error; 501 502 if ((error = zfs_secpolicy_write_perms(from, 503 ZFS_DELEG_PERM_RENAME, cr)) != 0) 504 return (error); 505 506 if ((error = zfs_secpolicy_write_perms(from, 507 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 508 return (error); 509 510 if ((error = zfs_get_parent(to, parentname, 511 sizeof (parentname))) != 0) 512 return (error); 513 514 if ((error = zfs_secpolicy_write_perms(parentname, 515 ZFS_DELEG_PERM_CREATE, cr)) != 0) 516 return (error); 517 518 if ((error = zfs_secpolicy_write_perms(parentname, 519 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 520 return (error); 521 522 return (error); 523 } 524 525 static int 526 zfs_secpolicy_rename(zfs_cmd_t *zc, cred_t *cr) 527 { 528 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr)); 529 } 530 531 static int 532 zfs_secpolicy_promote(zfs_cmd_t *zc, cred_t *cr) 533 { 534 char parentname[MAXNAMELEN]; 535 objset_t *clone; 536 int error; 537 538 error = zfs_secpolicy_write_perms(zc->zc_name, 539 ZFS_DELEG_PERM_PROMOTE, cr); 540 if (error) 541 return (error); 542 543 error = dmu_objset_hold(zc->zc_name, FTAG, &clone); 544 545 if (error == 0) { 546 dsl_dataset_t *pclone = NULL; 547 dsl_dir_t *dd; 548 dd = clone->os_dsl_dataset->ds_dir; 549 550 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER); 551 error = dsl_dataset_hold_obj(dd->dd_pool, 552 dd->dd_phys->dd_origin_obj, FTAG, &pclone); 553 rw_exit(&dd->dd_pool->dp_config_rwlock); 554 if (error) { 555 dmu_objset_rele(clone, FTAG); 556 return (error); 557 } 558 559 error = zfs_secpolicy_write_perms(zc->zc_name, 560 ZFS_DELEG_PERM_MOUNT, cr); 561 562 dsl_dataset_name(pclone, parentname); 563 dmu_objset_rele(clone, FTAG); 564 dsl_dataset_rele(pclone, FTAG); 565 if (error == 0) 566 error = zfs_secpolicy_write_perms(parentname, 567 ZFS_DELEG_PERM_PROMOTE, cr); 568 } 569 return (error); 570 } 571 572 static int 573 zfs_secpolicy_receive(zfs_cmd_t *zc, cred_t *cr) 574 { 575 int error; 576 577 if ((error = zfs_secpolicy_write_perms(zc->zc_name, 578 ZFS_DELEG_PERM_RECEIVE, cr)) != 0) 579 return (error); 580 581 if ((error = zfs_secpolicy_write_perms(zc->zc_name, 582 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 583 return (error); 584 585 return (zfs_secpolicy_write_perms(zc->zc_name, 586 ZFS_DELEG_PERM_CREATE, cr)); 587 } 588 589 int 590 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr) 591 { 592 return (zfs_secpolicy_write_perms(name, 593 ZFS_DELEG_PERM_SNAPSHOT, cr)); 594 } 595 596 static int 597 zfs_secpolicy_snapshot(zfs_cmd_t *zc, cred_t *cr) 598 { 599 600 return (zfs_secpolicy_snapshot_perms(zc->zc_name, cr)); 601 } 602 603 static int 604 zfs_secpolicy_create(zfs_cmd_t *zc, cred_t *cr) 605 { 606 char parentname[MAXNAMELEN]; 607 int error; 608 609 if ((error = zfs_get_parent(zc->zc_name, parentname, 610 sizeof (parentname))) != 0) 611 return (error); 612 613 if (zc->zc_value[0] != '\0') { 614 if ((error = zfs_secpolicy_write_perms(zc->zc_value, 615 ZFS_DELEG_PERM_CLONE, cr)) != 0) 616 return (error); 617 } 618 619 if ((error = zfs_secpolicy_write_perms(parentname, 620 ZFS_DELEG_PERM_CREATE, cr)) != 0) 621 return (error); 622 623 error = zfs_secpolicy_write_perms(parentname, 624 ZFS_DELEG_PERM_MOUNT, cr); 625 626 return (error); 627 } 628 629 static int 630 zfs_secpolicy_umount(zfs_cmd_t *zc, cred_t *cr) 631 { 632 int error; 633 634 error = secpolicy_fs_unmount(cr, NULL); 635 if (error) { 636 error = dsl_deleg_access(zc->zc_name, ZFS_DELEG_PERM_MOUNT, cr); 637 } 638 return (error); 639 } 640 641 /* 642 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires 643 * SYS_CONFIG privilege, which is not available in a local zone. 644 */ 645 /* ARGSUSED */ 646 static int 647 zfs_secpolicy_config(zfs_cmd_t *zc, cred_t *cr) 648 { 649 if (secpolicy_sys_config(cr, B_FALSE) != 0) 650 return (EPERM); 651 652 return (0); 653 } 654 655 /* 656 * Policy for fault injection. Requires all privileges. 657 */ 658 /* ARGSUSED */ 659 static int 660 zfs_secpolicy_inject(zfs_cmd_t *zc, cred_t *cr) 661 { 662 return (secpolicy_zinject(cr)); 663 } 664 665 static int 666 zfs_secpolicy_inherit(zfs_cmd_t *zc, cred_t *cr) 667 { 668 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value); 669 670 if (prop == ZPROP_INVAL) { 671 if (!zfs_prop_user(zc->zc_value)) 672 return (EINVAL); 673 return (zfs_secpolicy_write_perms(zc->zc_name, 674 ZFS_DELEG_PERM_USERPROP, cr)); 675 } else { 676 if (!zfs_prop_inheritable(prop)) 677 return (EINVAL); 678 return (zfs_secpolicy_setprop(zc->zc_name, prop, cr)); 679 } 680 } 681 682 static int 683 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, cred_t *cr) 684 { 685 int err = zfs_secpolicy_read(zc, cr); 686 if (err) 687 return (err); 688 689 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS) 690 return (EINVAL); 691 692 if (zc->zc_value[0] == 0) { 693 /* 694 * They are asking about a posix uid/gid. If it's 695 * themself, allow it. 696 */ 697 if (zc->zc_objset_type == ZFS_PROP_USERUSED || 698 zc->zc_objset_type == ZFS_PROP_USERQUOTA) { 699 if (zc->zc_guid == crgetuid(cr)) 700 return (0); 701 } else { 702 if (groupmember(zc->zc_guid, cr)) 703 return (0); 704 } 705 } 706 707 return (zfs_secpolicy_write_perms(zc->zc_name, 708 userquota_perms[zc->zc_objset_type], cr)); 709 } 710 711 static int 712 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, cred_t *cr) 713 { 714 int err = zfs_secpolicy_read(zc, cr); 715 if (err) 716 return (err); 717 718 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS) 719 return (EINVAL); 720 721 return (zfs_secpolicy_write_perms(zc->zc_name, 722 userquota_perms[zc->zc_objset_type], cr)); 723 } 724 725 static int 726 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, cred_t *cr) 727 { 728 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION, cr)); 729 } 730 731 static int 732 zfs_secpolicy_hold(zfs_cmd_t *zc, cred_t *cr) 733 { 734 return (zfs_secpolicy_write_perms(zc->zc_name, 735 ZFS_DELEG_PERM_HOLD, cr)); 736 } 737 738 static int 739 zfs_secpolicy_release(zfs_cmd_t *zc, cred_t *cr) 740 { 741 return (zfs_secpolicy_write_perms(zc->zc_name, 742 ZFS_DELEG_PERM_RELEASE, cr)); 743 } 744 745 /* 746 * Returns the nvlist as specified by the user in the zfs_cmd_t. 747 */ 748 static int 749 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp) 750 { 751 char *packed; 752 int error; 753 nvlist_t *list = NULL; 754 755 /* 756 * Read in and unpack the user-supplied nvlist. 757 */ 758 if (size == 0) 759 return (EINVAL); 760 761 packed = kmem_alloc(size, KM_SLEEP); 762 763 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size, 764 iflag)) != 0) { 765 kmem_free(packed, size); 766 return (error); 767 } 768 769 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) { 770 kmem_free(packed, size); 771 return (error); 772 } 773 774 kmem_free(packed, size); 775 776 *nvp = list; 777 return (0); 778 } 779 780 static int 781 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl) 782 { 783 char *packed = NULL; 784 size_t size; 785 int error; 786 787 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0); 788 789 if (size > zc->zc_nvlist_dst_size) { 790 error = ENOMEM; 791 } else { 792 packed = kmem_alloc(size, KM_SLEEP); 793 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE, 794 KM_SLEEP) == 0); 795 error = ddi_copyout(packed, 796 (void *)(uintptr_t)zc->zc_nvlist_dst, size, zc->zc_iflags); 797 kmem_free(packed, size); 798 } 799 800 zc->zc_nvlist_dst_size = size; 801 return (error); 802 } 803 804 static int 805 getzfsvfs(const char *dsname, zfsvfs_t **zvp) 806 { 807 objset_t *os; 808 int error; 809 810 error = dmu_objset_hold(dsname, FTAG, &os); 811 if (error) 812 return (error); 813 if (dmu_objset_type(os) != DMU_OST_ZFS) { 814 dmu_objset_rele(os, FTAG); 815 return (EINVAL); 816 } 817 818 mutex_enter(&os->os_user_ptr_lock); 819 *zvp = dmu_objset_get_user(os); 820 if (*zvp) { 821 VFS_HOLD((*zvp)->z_vfs); 822 } else { 823 error = ESRCH; 824 } 825 mutex_exit(&os->os_user_ptr_lock); 826 dmu_objset_rele(os, FTAG); 827 return (error); 828 } 829 830 /* 831 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which 832 * case its z_vfs will be NULL, and it will be opened as the owner. 833 */ 834 static int 835 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zvp) 836 { 837 int error = 0; 838 839 if (getzfsvfs(name, zvp) != 0) 840 error = zfsvfs_create(name, zvp); 841 if (error == 0) { 842 rrw_enter(&(*zvp)->z_teardown_lock, RW_READER, tag); 843 if ((*zvp)->z_unmounted) { 844 /* 845 * XXX we could probably try again, since the unmounting 846 * thread should be just about to disassociate the 847 * objset from the zfsvfs. 848 */ 849 rrw_exit(&(*zvp)->z_teardown_lock, tag); 850 return (EBUSY); 851 } 852 } 853 return (error); 854 } 855 856 static void 857 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag) 858 { 859 rrw_exit(&zfsvfs->z_teardown_lock, tag); 860 861 if (zfsvfs->z_vfs) { 862 VFS_RELE(zfsvfs->z_vfs); 863 } else { 864 dmu_objset_disown(zfsvfs->z_os, zfsvfs); 865 zfsvfs_free(zfsvfs); 866 } 867 } 868 869 static int 870 zfs_ioc_pool_create(zfs_cmd_t *zc) 871 { 872 int error; 873 nvlist_t *config, *props = NULL; 874 nvlist_t *rootprops = NULL; 875 nvlist_t *zplprops = NULL; 876 char *buf; 877 878 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 879 zc->zc_iflags, &config)) 880 return (error); 881 882 if (zc->zc_nvlist_src_size != 0 && (error = 883 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 884 zc->zc_iflags, &props))) { 885 nvlist_free(config); 886 return (error); 887 } 888 889 if (props) { 890 nvlist_t *nvl = NULL; 891 uint64_t version = SPA_VERSION; 892 893 (void) nvlist_lookup_uint64(props, 894 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version); 895 if (version < SPA_VERSION_INITIAL || version > SPA_VERSION) { 896 error = EINVAL; 897 goto pool_props_bad; 898 } 899 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl); 900 if (nvl) { 901 error = nvlist_dup(nvl, &rootprops, KM_SLEEP); 902 if (error != 0) { 903 nvlist_free(config); 904 nvlist_free(props); 905 return (error); 906 } 907 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS); 908 } 909 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0); 910 error = zfs_fill_zplprops_root(version, rootprops, 911 zplprops, NULL); 912 if (error) 913 goto pool_props_bad; 914 } 915 916 buf = history_str_get(zc); 917 918 error = spa_create(zc->zc_name, config, props, buf, zplprops); 919 920 /* 921 * Set the remaining root properties 922 */ 923 if (!error && 924 (error = zfs_set_prop_nvlist(zc->zc_name, rootprops)) != 0) 925 (void) spa_destroy(zc->zc_name); 926 927 if (buf != NULL) 928 history_str_free(buf); 929 930 pool_props_bad: 931 nvlist_free(rootprops); 932 nvlist_free(zplprops); 933 nvlist_free(config); 934 nvlist_free(props); 935 936 return (error); 937 } 938 939 static int 940 zfs_ioc_pool_destroy(zfs_cmd_t *zc) 941 { 942 int error; 943 zfs_log_history(zc); 944 error = spa_destroy(zc->zc_name); 945 if (error == 0) 946 zvol_remove_minors(zc->zc_name); 947 return (error); 948 } 949 950 static int 951 zfs_ioc_pool_import(zfs_cmd_t *zc) 952 { 953 int error; 954 nvlist_t *config, *props = NULL; 955 uint64_t guid; 956 957 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 958 zc->zc_iflags, &config)) != 0) 959 return (error); 960 961 if (zc->zc_nvlist_src_size != 0 && (error = 962 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 963 zc->zc_iflags, &props))) { 964 nvlist_free(config); 965 return (error); 966 } 967 968 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 || 969 guid != zc->zc_guid) 970 error = EINVAL; 971 else if (zc->zc_cookie) 972 error = spa_import_verbatim(zc->zc_name, config, 973 props); 974 else 975 error = spa_import(zc->zc_name, config, props); 976 977 nvlist_free(config); 978 979 if (props) 980 nvlist_free(props); 981 982 return (error); 983 } 984 985 static int 986 zfs_ioc_pool_export(zfs_cmd_t *zc) 987 { 988 int error; 989 boolean_t force = (boolean_t)zc->zc_cookie; 990 boolean_t hardforce = (boolean_t)zc->zc_guid; 991 992 zfs_log_history(zc); 993 error = spa_export(zc->zc_name, NULL, force, hardforce); 994 if (error == 0) 995 zvol_remove_minors(zc->zc_name); 996 return (error); 997 } 998 999 static int 1000 zfs_ioc_pool_configs(zfs_cmd_t *zc) 1001 { 1002 nvlist_t *configs; 1003 int error; 1004 1005 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL) 1006 return (EEXIST); 1007 1008 error = put_nvlist(zc, configs); 1009 1010 nvlist_free(configs); 1011 1012 return (error); 1013 } 1014 1015 static int 1016 zfs_ioc_pool_stats(zfs_cmd_t *zc) 1017 { 1018 nvlist_t *config; 1019 int error; 1020 int ret = 0; 1021 1022 error = spa_get_stats(zc->zc_name, &config, zc->zc_value, 1023 sizeof (zc->zc_value)); 1024 1025 if (config != NULL) { 1026 ret = put_nvlist(zc, config); 1027 nvlist_free(config); 1028 1029 /* 1030 * The config may be present even if 'error' is non-zero. 1031 * In this case we return success, and preserve the real errno 1032 * in 'zc_cookie'. 1033 */ 1034 zc->zc_cookie = error; 1035 } else { 1036 ret = error; 1037 } 1038 1039 return (ret); 1040 } 1041 1042 /* 1043 * Try to import the given pool, returning pool stats as appropriate so that 1044 * user land knows which devices are available and overall pool health. 1045 */ 1046 static int 1047 zfs_ioc_pool_tryimport(zfs_cmd_t *zc) 1048 { 1049 nvlist_t *tryconfig, *config; 1050 int error; 1051 1052 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 1053 zc->zc_iflags, &tryconfig)) != 0) 1054 return (error); 1055 1056 config = spa_tryimport(tryconfig); 1057 1058 nvlist_free(tryconfig); 1059 1060 if (config == NULL) 1061 return (EINVAL); 1062 1063 error = put_nvlist(zc, config); 1064 nvlist_free(config); 1065 1066 return (error); 1067 } 1068 1069 static int 1070 zfs_ioc_pool_scrub(zfs_cmd_t *zc) 1071 { 1072 spa_t *spa; 1073 int error; 1074 1075 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1076 return (error); 1077 1078 error = spa_scrub(spa, zc->zc_cookie); 1079 1080 spa_close(spa, FTAG); 1081 1082 return (error); 1083 } 1084 1085 static int 1086 zfs_ioc_pool_freeze(zfs_cmd_t *zc) 1087 { 1088 spa_t *spa; 1089 int error; 1090 1091 error = spa_open(zc->zc_name, &spa, FTAG); 1092 if (error == 0) { 1093 spa_freeze(spa); 1094 spa_close(spa, FTAG); 1095 } 1096 return (error); 1097 } 1098 1099 static int 1100 zfs_ioc_pool_upgrade(zfs_cmd_t *zc) 1101 { 1102 spa_t *spa; 1103 int error; 1104 1105 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1106 return (error); 1107 1108 if (zc->zc_cookie < spa_version(spa) || zc->zc_cookie > SPA_VERSION) { 1109 spa_close(spa, FTAG); 1110 return (EINVAL); 1111 } 1112 1113 spa_upgrade(spa, zc->zc_cookie); 1114 spa_close(spa, FTAG); 1115 1116 return (error); 1117 } 1118 1119 static int 1120 zfs_ioc_pool_get_history(zfs_cmd_t *zc) 1121 { 1122 spa_t *spa; 1123 char *hist_buf; 1124 uint64_t size; 1125 int error; 1126 1127 if ((size = zc->zc_history_len) == 0) 1128 return (EINVAL); 1129 1130 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1131 return (error); 1132 1133 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) { 1134 spa_close(spa, FTAG); 1135 return (ENOTSUP); 1136 } 1137 1138 hist_buf = kmem_alloc(size, KM_SLEEP); 1139 if ((error = spa_history_get(spa, &zc->zc_history_offset, 1140 &zc->zc_history_len, hist_buf)) == 0) { 1141 error = ddi_copyout(hist_buf, 1142 (void *)(uintptr_t)zc->zc_history, 1143 zc->zc_history_len, zc->zc_iflags); 1144 } 1145 1146 spa_close(spa, FTAG); 1147 kmem_free(hist_buf, size); 1148 return (error); 1149 } 1150 1151 static int 1152 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc) 1153 { 1154 int error; 1155 1156 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value)) 1157 return (error); 1158 1159 return (0); 1160 } 1161 1162 /* 1163 * inputs: 1164 * zc_name name of filesystem 1165 * zc_obj object to find 1166 * 1167 * outputs: 1168 * zc_value name of object 1169 */ 1170 static int 1171 zfs_ioc_obj_to_path(zfs_cmd_t *zc) 1172 { 1173 objset_t *os; 1174 int error; 1175 1176 /* XXX reading from objset not owned */ 1177 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0) 1178 return (error); 1179 if (dmu_objset_type(os) != DMU_OST_ZFS) { 1180 dmu_objset_rele(os, FTAG); 1181 return (EINVAL); 1182 } 1183 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value, 1184 sizeof (zc->zc_value)); 1185 dmu_objset_rele(os, FTAG); 1186 1187 return (error); 1188 } 1189 1190 static int 1191 zfs_ioc_vdev_add(zfs_cmd_t *zc) 1192 { 1193 spa_t *spa; 1194 int error; 1195 nvlist_t *config, **l2cache, **spares; 1196 uint_t nl2cache = 0, nspares = 0; 1197 1198 error = spa_open(zc->zc_name, &spa, FTAG); 1199 if (error != 0) 1200 return (error); 1201 1202 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 1203 zc->zc_iflags, &config); 1204 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE, 1205 &l2cache, &nl2cache); 1206 1207 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES, 1208 &spares, &nspares); 1209 1210 /* 1211 * A root pool with concatenated devices is not supported. 1212 * Thus, can not add a device to a root pool. 1213 * 1214 * Intent log device can not be added to a rootpool because 1215 * during mountroot, zil is replayed, a seperated log device 1216 * can not be accessed during the mountroot time. 1217 * 1218 * l2cache and spare devices are ok to be added to a rootpool. 1219 */ 1220 if (spa->spa_bootfs != 0 && nl2cache == 0 && nspares == 0) { 1221 spa_close(spa, FTAG); 1222 return (EDOM); 1223 } 1224 1225 if (error == 0) { 1226 error = spa_vdev_add(spa, config); 1227 nvlist_free(config); 1228 } 1229 spa_close(spa, FTAG); 1230 return (error); 1231 } 1232 1233 static int 1234 zfs_ioc_vdev_remove(zfs_cmd_t *zc) 1235 { 1236 spa_t *spa; 1237 int error; 1238 1239 error = spa_open(zc->zc_name, &spa, FTAG); 1240 if (error != 0) 1241 return (error); 1242 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE); 1243 spa_close(spa, FTAG); 1244 return (error); 1245 } 1246 1247 static int 1248 zfs_ioc_vdev_set_state(zfs_cmd_t *zc) 1249 { 1250 boolean_t nslock; 1251 spa_t *spa; 1252 int error; 1253 vdev_state_t newstate = VDEV_STATE_UNKNOWN; 1254 1255 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1256 return (error); 1257 nslock = spa_uses_zvols(spa); 1258 if (nslock) 1259 mutex_enter(&spa_namespace_lock); 1260 switch (zc->zc_cookie) { 1261 case VDEV_STATE_ONLINE: 1262 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate); 1263 break; 1264 1265 case VDEV_STATE_OFFLINE: 1266 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj); 1267 break; 1268 1269 case VDEV_STATE_FAULTED: 1270 error = vdev_fault(spa, zc->zc_guid); 1271 break; 1272 1273 case VDEV_STATE_DEGRADED: 1274 error = vdev_degrade(spa, zc->zc_guid); 1275 break; 1276 1277 default: 1278 error = EINVAL; 1279 } 1280 if (nslock) 1281 mutex_exit(&spa_namespace_lock); 1282 zc->zc_cookie = newstate; 1283 spa_close(spa, FTAG); 1284 return (error); 1285 } 1286 1287 static int 1288 zfs_ioc_vdev_attach(zfs_cmd_t *zc) 1289 { 1290 spa_t *spa; 1291 int replacing = zc->zc_cookie; 1292 nvlist_t *config; 1293 int error; 1294 1295 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1296 return (error); 1297 1298 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 1299 zc->zc_iflags, &config)) == 0) { 1300 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing); 1301 nvlist_free(config); 1302 } 1303 1304 spa_close(spa, FTAG); 1305 return (error); 1306 } 1307 1308 static int 1309 zfs_ioc_vdev_detach(zfs_cmd_t *zc) 1310 { 1311 spa_t *spa; 1312 int error; 1313 1314 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1315 return (error); 1316 1317 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE); 1318 1319 spa_close(spa, FTAG); 1320 return (error); 1321 } 1322 1323 static int 1324 zfs_ioc_vdev_setpath(zfs_cmd_t *zc) 1325 { 1326 spa_t *spa; 1327 char *path = zc->zc_value; 1328 uint64_t guid = zc->zc_guid; 1329 int error; 1330 1331 error = spa_open(zc->zc_name, &spa, FTAG); 1332 if (error != 0) 1333 return (error); 1334 1335 error = spa_vdev_setpath(spa, guid, path); 1336 spa_close(spa, FTAG); 1337 return (error); 1338 } 1339 1340 static int 1341 zfs_ioc_vdev_setfru(zfs_cmd_t *zc) 1342 { 1343 spa_t *spa; 1344 char *fru = zc->zc_value; 1345 uint64_t guid = zc->zc_guid; 1346 int error; 1347 1348 error = spa_open(zc->zc_name, &spa, FTAG); 1349 if (error != 0) 1350 return (error); 1351 1352 error = spa_vdev_setfru(spa, guid, fru); 1353 spa_close(spa, FTAG); 1354 return (error); 1355 } 1356 1357 /* 1358 * inputs: 1359 * zc_name name of filesystem 1360 * zc_nvlist_dst_size size of buffer for property nvlist 1361 * 1362 * outputs: 1363 * zc_objset_stats stats 1364 * zc_nvlist_dst property nvlist 1365 * zc_nvlist_dst_size size of property nvlist 1366 */ 1367 static int 1368 zfs_ioc_objset_stats(zfs_cmd_t *zc) 1369 { 1370 objset_t *os = NULL; 1371 int error; 1372 nvlist_t *nv; 1373 1374 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) 1375 return (error); 1376 1377 dmu_objset_fast_stat(os, &zc->zc_objset_stats); 1378 1379 if (zc->zc_nvlist_dst != 0 && 1380 (error = dsl_prop_get_all(os, &nv, FALSE)) == 0) { 1381 dmu_objset_stats(os, nv); 1382 /* 1383 * NB: zvol_get_stats() will read the objset contents, 1384 * which we aren't supposed to do with a 1385 * DS_MODE_USER hold, because it could be 1386 * inconsistent. So this is a bit of a workaround... 1387 * XXX reading with out owning 1388 */ 1389 if (!zc->zc_objset_stats.dds_inconsistent) { 1390 if (dmu_objset_type(os) == DMU_OST_ZVOL) 1391 VERIFY(zvol_get_stats(os, nv) == 0); 1392 } 1393 error = put_nvlist(zc, nv); 1394 nvlist_free(nv); 1395 } 1396 1397 dmu_objset_rele(os, FTAG); 1398 return (error); 1399 } 1400 1401 static int 1402 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop) 1403 { 1404 uint64_t value; 1405 int error; 1406 1407 /* 1408 * zfs_get_zplprop() will either find a value or give us 1409 * the default value (if there is one). 1410 */ 1411 if ((error = zfs_get_zplprop(os, prop, &value)) != 0) 1412 return (error); 1413 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0); 1414 return (0); 1415 } 1416 1417 /* 1418 * inputs: 1419 * zc_name name of filesystem 1420 * zc_nvlist_dst_size size of buffer for zpl property nvlist 1421 * 1422 * outputs: 1423 * zc_nvlist_dst zpl property nvlist 1424 * zc_nvlist_dst_size size of zpl property nvlist 1425 */ 1426 static int 1427 zfs_ioc_objset_zplprops(zfs_cmd_t *zc) 1428 { 1429 objset_t *os; 1430 int err; 1431 1432 /* XXX reading without owning */ 1433 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os)) 1434 return (err); 1435 1436 dmu_objset_fast_stat(os, &zc->zc_objset_stats); 1437 1438 /* 1439 * NB: nvl_add_zplprop() will read the objset contents, 1440 * which we aren't supposed to do with a DS_MODE_USER 1441 * hold, because it could be inconsistent. 1442 */ 1443 if (zc->zc_nvlist_dst != NULL && 1444 !zc->zc_objset_stats.dds_inconsistent && 1445 dmu_objset_type(os) == DMU_OST_ZFS) { 1446 nvlist_t *nv; 1447 1448 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0); 1449 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 && 1450 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 && 1451 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 && 1452 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0) 1453 err = put_nvlist(zc, nv); 1454 nvlist_free(nv); 1455 } else { 1456 err = ENOENT; 1457 } 1458 dmu_objset_rele(os, FTAG); 1459 return (err); 1460 } 1461 1462 static boolean_t 1463 dataset_name_hidden(const char *name) 1464 { 1465 /* 1466 * Skip over datasets that are not visible in this zone, 1467 * internal datasets (which have a $ in their name), and 1468 * temporary datasets (which have a % in their name). 1469 */ 1470 if (strchr(name, '$') != NULL) 1471 return (B_TRUE); 1472 if (strchr(name, '%') != NULL) 1473 return (B_TRUE); 1474 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL)) 1475 return (B_TRUE); 1476 return (B_FALSE); 1477 } 1478 1479 /* 1480 * inputs: 1481 * zc_name name of filesystem 1482 * zc_cookie zap cursor 1483 * zc_nvlist_dst_size size of buffer for property nvlist 1484 * 1485 * outputs: 1486 * zc_name name of next filesystem 1487 * zc_cookie zap cursor 1488 * zc_objset_stats stats 1489 * zc_nvlist_dst property nvlist 1490 * zc_nvlist_dst_size size of property nvlist 1491 */ 1492 static int 1493 zfs_ioc_dataset_list_next(zfs_cmd_t *zc) 1494 { 1495 objset_t *os; 1496 int error; 1497 char *p; 1498 1499 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) { 1500 if (error == ENOENT) 1501 error = ESRCH; 1502 return (error); 1503 } 1504 1505 p = strrchr(zc->zc_name, '/'); 1506 if (p == NULL || p[1] != '\0') 1507 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name)); 1508 p = zc->zc_name + strlen(zc->zc_name); 1509 1510 /* 1511 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0 1512 * but is not declared void because its called by dmu_objset_find(). 1513 */ 1514 if (zc->zc_cookie == 0) { 1515 uint64_t cookie = 0; 1516 int len = sizeof (zc->zc_name) - (p - zc->zc_name); 1517 1518 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0) 1519 (void) dmu_objset_prefetch(p, NULL); 1520 } 1521 1522 do { 1523 error = dmu_dir_list_next(os, 1524 sizeof (zc->zc_name) - (p - zc->zc_name), p, 1525 NULL, &zc->zc_cookie); 1526 if (error == ENOENT) 1527 error = ESRCH; 1528 } while (error == 0 && dataset_name_hidden(zc->zc_name) && 1529 !(zc->zc_iflags & FKIOCTL)); 1530 dmu_objset_rele(os, FTAG); 1531 1532 /* 1533 * If it's an internal dataset (ie. with a '$' in its name), 1534 * don't try to get stats for it, otherwise we'll return ENOENT. 1535 */ 1536 if (error == 0 && strchr(zc->zc_name, '$') == NULL) 1537 error = zfs_ioc_objset_stats(zc); /* fill in the stats */ 1538 return (error); 1539 } 1540 1541 /* 1542 * inputs: 1543 * zc_name name of filesystem 1544 * zc_cookie zap cursor 1545 * zc_nvlist_dst_size size of buffer for property nvlist 1546 * 1547 * outputs: 1548 * zc_name name of next snapshot 1549 * zc_objset_stats stats 1550 * zc_nvlist_dst property nvlist 1551 * zc_nvlist_dst_size size of property nvlist 1552 */ 1553 static int 1554 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc) 1555 { 1556 objset_t *os; 1557 int error; 1558 1559 if (zc->zc_cookie == 0) 1560 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch, 1561 NULL, DS_FIND_SNAPSHOTS); 1562 1563 error = dmu_objset_hold(zc->zc_name, FTAG, &os); 1564 if (error) 1565 return (error == ENOENT ? ESRCH : error); 1566 1567 /* 1568 * A dataset name of maximum length cannot have any snapshots, 1569 * so exit immediately. 1570 */ 1571 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) { 1572 dmu_objset_rele(os, FTAG); 1573 return (ESRCH); 1574 } 1575 1576 error = dmu_snapshot_list_next(os, 1577 sizeof (zc->zc_name) - strlen(zc->zc_name), 1578 zc->zc_name + strlen(zc->zc_name), NULL, &zc->zc_cookie, NULL); 1579 dmu_objset_rele(os, FTAG); 1580 if (error == 0) 1581 error = zfs_ioc_objset_stats(zc); /* fill in the stats */ 1582 else if (error == ENOENT) 1583 error = ESRCH; 1584 1585 /* if we failed, undo the @ that we tacked on to zc_name */ 1586 if (error) 1587 *strchr(zc->zc_name, '@') = '\0'; 1588 return (error); 1589 } 1590 1591 int 1592 zfs_set_prop_nvlist(const char *name, nvlist_t *nvl) 1593 { 1594 nvpair_t *elem; 1595 int error = 0; 1596 uint64_t intval; 1597 char *strval; 1598 nvlist_t *genericnvl; 1599 boolean_t issnap = (strchr(name, '@') != NULL); 1600 1601 /* 1602 * First validate permission to set all of the properties 1603 */ 1604 elem = NULL; 1605 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1606 const char *propname = nvpair_name(elem); 1607 zfs_prop_t prop = zfs_name_to_prop(propname); 1608 1609 if (prop == ZPROP_INVAL) { 1610 /* 1611 * If this is a user-defined property, it must be a 1612 * string, and there is no further validation to do. 1613 */ 1614 if (zfs_prop_user(propname) && 1615 nvpair_type(elem) == DATA_TYPE_STRING) { 1616 if (error = zfs_secpolicy_write_perms(name, 1617 ZFS_DELEG_PERM_USERPROP, CRED())) 1618 return (error); 1619 continue; 1620 } 1621 1622 if (!issnap && zfs_prop_userquota(propname) && 1623 nvpair_type(elem) == DATA_TYPE_UINT64_ARRAY) { 1624 const char *perm; 1625 const char *up = zfs_userquota_prop_prefixes 1626 [ZFS_PROP_USERQUOTA]; 1627 if (strncmp(propname, up, strlen(up)) == 0) 1628 perm = ZFS_DELEG_PERM_USERQUOTA; 1629 else 1630 perm = ZFS_DELEG_PERM_GROUPQUOTA; 1631 if (error = zfs_secpolicy_write_perms(name, 1632 perm, CRED())) 1633 return (error); 1634 continue; 1635 } 1636 1637 return (EINVAL); 1638 } 1639 1640 if (issnap) 1641 return (EINVAL); 1642 1643 if ((error = zfs_secpolicy_setprop(name, prop, CRED())) != 0) 1644 return (error); 1645 1646 /* 1647 * Check that this value is valid for this pool version 1648 */ 1649 switch (prop) { 1650 case ZFS_PROP_COMPRESSION: 1651 /* 1652 * If the user specified gzip compression, make sure 1653 * the SPA supports it. We ignore any errors here since 1654 * we'll catch them later. 1655 */ 1656 if (nvpair_type(elem) == DATA_TYPE_UINT64 && 1657 nvpair_value_uint64(elem, &intval) == 0) { 1658 if (intval >= ZIO_COMPRESS_GZIP_1 && 1659 intval <= ZIO_COMPRESS_GZIP_9 && 1660 zfs_earlier_version(name, 1661 SPA_VERSION_GZIP_COMPRESSION)) 1662 return (ENOTSUP); 1663 1664 /* 1665 * If this is a bootable dataset then 1666 * verify that the compression algorithm 1667 * is supported for booting. We must return 1668 * something other than ENOTSUP since it 1669 * implies a downrev pool version. 1670 */ 1671 if (zfs_is_bootfs(name) && 1672 !BOOTFS_COMPRESS_VALID(intval)) 1673 return (ERANGE); 1674 } 1675 break; 1676 1677 case ZFS_PROP_COPIES: 1678 if (zfs_earlier_version(name, SPA_VERSION_DITTO_BLOCKS)) 1679 return (ENOTSUP); 1680 break; 1681 1682 case ZFS_PROP_SHARESMB: 1683 if (zpl_earlier_version(name, ZPL_VERSION_FUID)) 1684 return (ENOTSUP); 1685 break; 1686 1687 case ZFS_PROP_ACLINHERIT: 1688 if (nvpair_type(elem) == DATA_TYPE_UINT64 && 1689 nvpair_value_uint64(elem, &intval) == 0) 1690 if (intval == ZFS_ACL_PASSTHROUGH_X && 1691 zfs_earlier_version(name, 1692 SPA_VERSION_PASSTHROUGH_X)) 1693 return (ENOTSUP); 1694 } 1695 } 1696 1697 VERIFY(nvlist_alloc(&genericnvl, NV_UNIQUE_NAME, KM_SLEEP) == 0); 1698 elem = NULL; 1699 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1700 const char *propname = nvpair_name(elem); 1701 zfs_prop_t prop = zfs_name_to_prop(propname); 1702 1703 if (prop == ZPROP_INVAL) { 1704 if (zfs_prop_userquota(propname)) { 1705 uint64_t *valary; 1706 unsigned int vallen; 1707 const char *domain; 1708 zfs_userquota_prop_t type; 1709 uint64_t rid; 1710 uint64_t quota; 1711 zfsvfs_t *zfsvfs; 1712 1713 VERIFY(nvpair_value_uint64_array(elem, 1714 &valary, &vallen) == 0); 1715 VERIFY(vallen == 3); 1716 type = valary[0]; 1717 rid = valary[1]; 1718 quota = valary[2]; 1719 domain = propname + 1720 strlen(zfs_userquota_prop_prefixes[type]); 1721 1722 error = zfsvfs_hold(name, FTAG, &zfsvfs); 1723 if (error == 0) { 1724 error = zfs_set_userquota(zfsvfs, 1725 type, domain, rid, quota); 1726 zfsvfs_rele(zfsvfs, FTAG); 1727 } 1728 if (error == 0) 1729 continue; 1730 else 1731 goto out; 1732 } else if (zfs_prop_user(propname)) { 1733 VERIFY(nvpair_value_string(elem, &strval) == 0); 1734 error = dsl_prop_set(name, propname, 1, 1735 strlen(strval) + 1, strval); 1736 if (error == 0) 1737 continue; 1738 else 1739 goto out; 1740 } 1741 } 1742 1743 switch (prop) { 1744 case ZFS_PROP_QUOTA: 1745 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1746 (error = dsl_dir_set_quota(name, intval)) != 0) 1747 goto out; 1748 break; 1749 1750 case ZFS_PROP_REFQUOTA: 1751 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1752 (error = dsl_dataset_set_quota(name, intval)) != 0) 1753 goto out; 1754 break; 1755 1756 case ZFS_PROP_RESERVATION: 1757 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1758 (error = dsl_dir_set_reservation(name, 1759 intval)) != 0) 1760 goto out; 1761 break; 1762 1763 case ZFS_PROP_REFRESERVATION: 1764 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1765 (error = dsl_dataset_set_reservation(name, 1766 intval)) != 0) 1767 goto out; 1768 break; 1769 1770 case ZFS_PROP_VOLSIZE: 1771 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1772 (error = zvol_set_volsize(name, 1773 ddi_driver_major(zfs_dip), intval)) != 0) 1774 goto out; 1775 break; 1776 1777 case ZFS_PROP_VERSION: 1778 { 1779 zfsvfs_t *zfsvfs; 1780 1781 if ((error = nvpair_value_uint64(elem, &intval)) != 0) 1782 goto out; 1783 if ((error = zfsvfs_hold(name, FTAG, &zfsvfs)) != 0) 1784 goto out; 1785 error = zfs_set_version(zfsvfs, intval); 1786 zfsvfs_rele(zfsvfs, FTAG); 1787 1788 if (error == 0 && intval >= ZPL_VERSION_USERSPACE) { 1789 zfs_cmd_t zc = { 0 }; 1790 (void) strcpy(zc.zc_name, name); 1791 (void) zfs_ioc_userspace_upgrade(&zc); 1792 } 1793 if (error) 1794 goto out; 1795 break; 1796 } 1797 1798 default: 1799 if (nvpair_type(elem) == DATA_TYPE_STRING) { 1800 if (zfs_prop_get_type(prop) != 1801 PROP_TYPE_STRING) { 1802 error = EINVAL; 1803 goto out; 1804 } 1805 } else if (nvpair_type(elem) == DATA_TYPE_UINT64) { 1806 const char *unused; 1807 1808 VERIFY(nvpair_value_uint64(elem, &intval) == 0); 1809 1810 switch (zfs_prop_get_type(prop)) { 1811 case PROP_TYPE_NUMBER: 1812 break; 1813 case PROP_TYPE_STRING: 1814 error = EINVAL; 1815 goto out; 1816 case PROP_TYPE_INDEX: 1817 if (zfs_prop_index_to_string(prop, 1818 intval, &unused) != 0) { 1819 error = EINVAL; 1820 goto out; 1821 } 1822 break; 1823 default: 1824 cmn_err(CE_PANIC, 1825 "unknown property type"); 1826 break; 1827 } 1828 } else { 1829 error = EINVAL; 1830 goto out; 1831 } 1832 if ((error = nvlist_add_nvpair(genericnvl, elem)) != 0) 1833 goto out; 1834 } 1835 } 1836 1837 if (nvlist_next_nvpair(genericnvl, NULL) != NULL) { 1838 error = dsl_props_set(name, genericnvl); 1839 } 1840 out: 1841 nvlist_free(genericnvl); 1842 return (error); 1843 } 1844 1845 /* 1846 * Check that all the properties are valid user properties. 1847 */ 1848 static int 1849 zfs_check_userprops(char *fsname, nvlist_t *nvl) 1850 { 1851 nvpair_t *elem = NULL; 1852 int error = 0; 1853 1854 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1855 const char *propname = nvpair_name(elem); 1856 char *valstr; 1857 1858 if (!zfs_prop_user(propname) || 1859 nvpair_type(elem) != DATA_TYPE_STRING) 1860 return (EINVAL); 1861 1862 if (error = zfs_secpolicy_write_perms(fsname, 1863 ZFS_DELEG_PERM_USERPROP, CRED())) 1864 return (error); 1865 1866 if (strlen(propname) >= ZAP_MAXNAMELEN) 1867 return (ENAMETOOLONG); 1868 1869 VERIFY(nvpair_value_string(elem, &valstr) == 0); 1870 if (strlen(valstr) >= ZAP_MAXVALUELEN) 1871 return (E2BIG); 1872 } 1873 return (0); 1874 } 1875 1876 /* 1877 * inputs: 1878 * zc_name name of filesystem 1879 * zc_value name of property to set 1880 * zc_nvlist_src{_size} nvlist of properties to apply 1881 * zc_cookie clear existing local props? 1882 * 1883 * outputs: none 1884 */ 1885 static int 1886 zfs_ioc_set_prop(zfs_cmd_t *zc) 1887 { 1888 nvlist_t *nvl; 1889 int error; 1890 1891 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1892 zc->zc_iflags, &nvl)) != 0) 1893 return (error); 1894 1895 if (zc->zc_cookie) { 1896 nvlist_t *origprops; 1897 objset_t *os; 1898 1899 if (dmu_objset_hold(zc->zc_name, FTAG, &os) == 0) { 1900 if (dsl_prop_get_all(os, &origprops, TRUE) == 0) { 1901 clear_props(zc->zc_name, origprops, nvl); 1902 nvlist_free(origprops); 1903 } 1904 dmu_objset_rele(os, FTAG); 1905 } 1906 1907 } 1908 1909 error = zfs_set_prop_nvlist(zc->zc_name, nvl); 1910 1911 nvlist_free(nvl); 1912 return (error); 1913 } 1914 1915 /* 1916 * inputs: 1917 * zc_name name of filesystem 1918 * zc_value name of property to inherit 1919 * 1920 * outputs: none 1921 */ 1922 static int 1923 zfs_ioc_inherit_prop(zfs_cmd_t *zc) 1924 { 1925 /* the property name has been validated by zfs_secpolicy_inherit() */ 1926 return (dsl_prop_set(zc->zc_name, zc->zc_value, 0, 0, NULL)); 1927 } 1928 1929 static int 1930 zfs_ioc_pool_set_props(zfs_cmd_t *zc) 1931 { 1932 nvlist_t *props; 1933 spa_t *spa; 1934 int error; 1935 nvpair_t *elem; 1936 1937 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1938 zc->zc_iflags, &props))) 1939 return (error); 1940 1941 /* 1942 * If the only property is the configfile, then just do a spa_lookup() 1943 * to handle the faulted case. 1944 */ 1945 elem = nvlist_next_nvpair(props, NULL); 1946 if (elem != NULL && strcmp(nvpair_name(elem), 1947 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 && 1948 nvlist_next_nvpair(props, elem) == NULL) { 1949 mutex_enter(&spa_namespace_lock); 1950 if ((spa = spa_lookup(zc->zc_name)) != NULL) { 1951 spa_configfile_set(spa, props, B_FALSE); 1952 spa_config_sync(spa, B_FALSE, B_TRUE); 1953 } 1954 mutex_exit(&spa_namespace_lock); 1955 if (spa != NULL) { 1956 nvlist_free(props); 1957 return (0); 1958 } 1959 } 1960 1961 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) { 1962 nvlist_free(props); 1963 return (error); 1964 } 1965 1966 error = spa_prop_set(spa, props); 1967 1968 nvlist_free(props); 1969 spa_close(spa, FTAG); 1970 1971 return (error); 1972 } 1973 1974 static int 1975 zfs_ioc_pool_get_props(zfs_cmd_t *zc) 1976 { 1977 spa_t *spa; 1978 int error; 1979 nvlist_t *nvp = NULL; 1980 1981 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) { 1982 /* 1983 * If the pool is faulted, there may be properties we can still 1984 * get (such as altroot and cachefile), so attempt to get them 1985 * anyway. 1986 */ 1987 mutex_enter(&spa_namespace_lock); 1988 if ((spa = spa_lookup(zc->zc_name)) != NULL) 1989 error = spa_prop_get(spa, &nvp); 1990 mutex_exit(&spa_namespace_lock); 1991 } else { 1992 error = spa_prop_get(spa, &nvp); 1993 spa_close(spa, FTAG); 1994 } 1995 1996 if (error == 0 && zc->zc_nvlist_dst != NULL) 1997 error = put_nvlist(zc, nvp); 1998 else 1999 error = EFAULT; 2000 2001 nvlist_free(nvp); 2002 return (error); 2003 } 2004 2005 static int 2006 zfs_ioc_iscsi_perm_check(zfs_cmd_t *zc) 2007 { 2008 nvlist_t *nvp; 2009 int error; 2010 uint32_t uid; 2011 uint32_t gid; 2012 uint32_t *groups; 2013 uint_t group_cnt; 2014 cred_t *usercred; 2015 2016 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2017 zc->zc_iflags, &nvp)) != 0) { 2018 return (error); 2019 } 2020 2021 if ((error = nvlist_lookup_uint32(nvp, 2022 ZFS_DELEG_PERM_UID, &uid)) != 0) { 2023 nvlist_free(nvp); 2024 return (EPERM); 2025 } 2026 2027 if ((error = nvlist_lookup_uint32(nvp, 2028 ZFS_DELEG_PERM_GID, &gid)) != 0) { 2029 nvlist_free(nvp); 2030 return (EPERM); 2031 } 2032 2033 if ((error = nvlist_lookup_uint32_array(nvp, ZFS_DELEG_PERM_GROUPS, 2034 &groups, &group_cnt)) != 0) { 2035 nvlist_free(nvp); 2036 return (EPERM); 2037 } 2038 usercred = cralloc(); 2039 if ((crsetugid(usercred, uid, gid) != 0) || 2040 (crsetgroups(usercred, group_cnt, (gid_t *)groups) != 0)) { 2041 nvlist_free(nvp); 2042 crfree(usercred); 2043 return (EPERM); 2044 } 2045 nvlist_free(nvp); 2046 error = dsl_deleg_access(zc->zc_name, 2047 zfs_prop_to_name(ZFS_PROP_SHAREISCSI), usercred); 2048 crfree(usercred); 2049 return (error); 2050 } 2051 2052 /* 2053 * inputs: 2054 * zc_name name of filesystem 2055 * zc_nvlist_src{_size} nvlist of delegated permissions 2056 * zc_perm_action allow/unallow flag 2057 * 2058 * outputs: none 2059 */ 2060 static int 2061 zfs_ioc_set_fsacl(zfs_cmd_t *zc) 2062 { 2063 int error; 2064 nvlist_t *fsaclnv = NULL; 2065 2066 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2067 zc->zc_iflags, &fsaclnv)) != 0) 2068 return (error); 2069 2070 /* 2071 * Verify nvlist is constructed correctly 2072 */ 2073 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) { 2074 nvlist_free(fsaclnv); 2075 return (EINVAL); 2076 } 2077 2078 /* 2079 * If we don't have PRIV_SYS_MOUNT, then validate 2080 * that user is allowed to hand out each permission in 2081 * the nvlist(s) 2082 */ 2083 2084 error = secpolicy_zfs(CRED()); 2085 if (error) { 2086 if (zc->zc_perm_action == B_FALSE) { 2087 error = dsl_deleg_can_allow(zc->zc_name, 2088 fsaclnv, CRED()); 2089 } else { 2090 error = dsl_deleg_can_unallow(zc->zc_name, 2091 fsaclnv, CRED()); 2092 } 2093 } 2094 2095 if (error == 0) 2096 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action); 2097 2098 nvlist_free(fsaclnv); 2099 return (error); 2100 } 2101 2102 /* 2103 * inputs: 2104 * zc_name name of filesystem 2105 * 2106 * outputs: 2107 * zc_nvlist_src{_size} nvlist of delegated permissions 2108 */ 2109 static int 2110 zfs_ioc_get_fsacl(zfs_cmd_t *zc) 2111 { 2112 nvlist_t *nvp; 2113 int error; 2114 2115 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) { 2116 error = put_nvlist(zc, nvp); 2117 nvlist_free(nvp); 2118 } 2119 2120 return (error); 2121 } 2122 2123 /* 2124 * Search the vfs list for a specified resource. Returns a pointer to it 2125 * or NULL if no suitable entry is found. The caller of this routine 2126 * is responsible for releasing the returned vfs pointer. 2127 */ 2128 static vfs_t * 2129 zfs_get_vfs(const char *resource) 2130 { 2131 struct vfs *vfsp; 2132 struct vfs *vfs_found = NULL; 2133 2134 vfs_list_read_lock(); 2135 vfsp = rootvfs; 2136 do { 2137 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) { 2138 VFS_HOLD(vfsp); 2139 vfs_found = vfsp; 2140 break; 2141 } 2142 vfsp = vfsp->vfs_next; 2143 } while (vfsp != rootvfs); 2144 vfs_list_unlock(); 2145 return (vfs_found); 2146 } 2147 2148 /* ARGSUSED */ 2149 static void 2150 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx) 2151 { 2152 zfs_creat_t *zct = arg; 2153 2154 zfs_create_fs(os, cr, zct->zct_zplprops, tx); 2155 } 2156 2157 #define ZFS_PROP_UNDEFINED ((uint64_t)-1) 2158 2159 /* 2160 * inputs: 2161 * createprops list of properties requested by creator 2162 * default_zplver zpl version to use if unspecified in createprops 2163 * fuids_ok fuids allowed in this version of the spa? 2164 * os parent objset pointer (NULL if root fs) 2165 * 2166 * outputs: 2167 * zplprops values for the zplprops we attach to the master node object 2168 * is_ci true if requested file system will be purely case-insensitive 2169 * 2170 * Determine the settings for utf8only, normalization and 2171 * casesensitivity. Specific values may have been requested by the 2172 * creator and/or we can inherit values from the parent dataset. If 2173 * the file system is of too early a vintage, a creator can not 2174 * request settings for these properties, even if the requested 2175 * setting is the default value. We don't actually want to create dsl 2176 * properties for these, so remove them from the source nvlist after 2177 * processing. 2178 */ 2179 static int 2180 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver, 2181 boolean_t fuids_ok, nvlist_t *createprops, nvlist_t *zplprops, 2182 boolean_t *is_ci) 2183 { 2184 uint64_t sense = ZFS_PROP_UNDEFINED; 2185 uint64_t norm = ZFS_PROP_UNDEFINED; 2186 uint64_t u8 = ZFS_PROP_UNDEFINED; 2187 2188 ASSERT(zplprops != NULL); 2189 2190 /* 2191 * Pull out creator prop choices, if any. 2192 */ 2193 if (createprops) { 2194 (void) nvlist_lookup_uint64(createprops, 2195 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver); 2196 (void) nvlist_lookup_uint64(createprops, 2197 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm); 2198 (void) nvlist_remove_all(createprops, 2199 zfs_prop_to_name(ZFS_PROP_NORMALIZE)); 2200 (void) nvlist_lookup_uint64(createprops, 2201 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8); 2202 (void) nvlist_remove_all(createprops, 2203 zfs_prop_to_name(ZFS_PROP_UTF8ONLY)); 2204 (void) nvlist_lookup_uint64(createprops, 2205 zfs_prop_to_name(ZFS_PROP_CASE), &sense); 2206 (void) nvlist_remove_all(createprops, 2207 zfs_prop_to_name(ZFS_PROP_CASE)); 2208 } 2209 2210 /* 2211 * If the zpl version requested is whacky or the file system 2212 * or pool is version is too "young" to support normalization 2213 * and the creator tried to set a value for one of the props, 2214 * error out. 2215 */ 2216 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) || 2217 (zplver >= ZPL_VERSION_FUID && !fuids_ok) || 2218 (zplver < ZPL_VERSION_NORMALIZATION && 2219 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED || 2220 sense != ZFS_PROP_UNDEFINED))) 2221 return (ENOTSUP); 2222 2223 /* 2224 * Put the version in the zplprops 2225 */ 2226 VERIFY(nvlist_add_uint64(zplprops, 2227 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0); 2228 2229 if (norm == ZFS_PROP_UNDEFINED) 2230 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0); 2231 VERIFY(nvlist_add_uint64(zplprops, 2232 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0); 2233 2234 /* 2235 * If we're normalizing, names must always be valid UTF-8 strings. 2236 */ 2237 if (norm) 2238 u8 = 1; 2239 if (u8 == ZFS_PROP_UNDEFINED) 2240 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0); 2241 VERIFY(nvlist_add_uint64(zplprops, 2242 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0); 2243 2244 if (sense == ZFS_PROP_UNDEFINED) 2245 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0); 2246 VERIFY(nvlist_add_uint64(zplprops, 2247 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0); 2248 2249 if (is_ci) 2250 *is_ci = (sense == ZFS_CASE_INSENSITIVE); 2251 2252 return (0); 2253 } 2254 2255 static int 2256 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops, 2257 nvlist_t *zplprops, boolean_t *is_ci) 2258 { 2259 boolean_t fuids_ok = B_TRUE; 2260 uint64_t zplver = ZPL_VERSION; 2261 objset_t *os = NULL; 2262 char parentname[MAXNAMELEN]; 2263 char *cp; 2264 int error; 2265 2266 (void) strlcpy(parentname, dataset, sizeof (parentname)); 2267 cp = strrchr(parentname, '/'); 2268 ASSERT(cp != NULL); 2269 cp[0] = '\0'; 2270 2271 if (zfs_earlier_version(dataset, SPA_VERSION_USERSPACE)) 2272 zplver = ZPL_VERSION_USERSPACE - 1; 2273 if (zfs_earlier_version(dataset, SPA_VERSION_FUID)) { 2274 zplver = ZPL_VERSION_FUID - 1; 2275 fuids_ok = B_FALSE; 2276 } 2277 2278 /* 2279 * Open parent object set so we can inherit zplprop values. 2280 */ 2281 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0) 2282 return (error); 2283 2284 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, createprops, 2285 zplprops, is_ci); 2286 dmu_objset_rele(os, FTAG); 2287 return (error); 2288 } 2289 2290 static int 2291 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops, 2292 nvlist_t *zplprops, boolean_t *is_ci) 2293 { 2294 boolean_t fuids_ok = B_TRUE; 2295 uint64_t zplver = ZPL_VERSION; 2296 int error; 2297 2298 if (spa_vers < SPA_VERSION_FUID) { 2299 zplver = ZPL_VERSION_FUID - 1; 2300 fuids_ok = B_FALSE; 2301 } 2302 2303 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, createprops, 2304 zplprops, is_ci); 2305 return (error); 2306 } 2307 2308 /* 2309 * inputs: 2310 * zc_objset_type type of objset to create (fs vs zvol) 2311 * zc_name name of new objset 2312 * zc_value name of snapshot to clone from (may be empty) 2313 * zc_nvlist_src{_size} nvlist of properties to apply 2314 * 2315 * outputs: none 2316 */ 2317 static int 2318 zfs_ioc_create(zfs_cmd_t *zc) 2319 { 2320 objset_t *clone; 2321 int error = 0; 2322 zfs_creat_t zct; 2323 nvlist_t *nvprops = NULL; 2324 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx); 2325 dmu_objset_type_t type = zc->zc_objset_type; 2326 2327 switch (type) { 2328 2329 case DMU_OST_ZFS: 2330 cbfunc = zfs_create_cb; 2331 break; 2332 2333 case DMU_OST_ZVOL: 2334 cbfunc = zvol_create_cb; 2335 break; 2336 2337 default: 2338 cbfunc = NULL; 2339 break; 2340 } 2341 if (strchr(zc->zc_name, '@') || 2342 strchr(zc->zc_name, '%')) 2343 return (EINVAL); 2344 2345 if (zc->zc_nvlist_src != NULL && 2346 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2347 zc->zc_iflags, &nvprops)) != 0) 2348 return (error); 2349 2350 zct.zct_zplprops = NULL; 2351 zct.zct_props = nvprops; 2352 2353 if (zc->zc_value[0] != '\0') { 2354 /* 2355 * We're creating a clone of an existing snapshot. 2356 */ 2357 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0'; 2358 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) { 2359 nvlist_free(nvprops); 2360 return (EINVAL); 2361 } 2362 2363 error = dmu_objset_hold(zc->zc_value, FTAG, &clone); 2364 if (error) { 2365 nvlist_free(nvprops); 2366 return (error); 2367 } 2368 2369 error = dmu_objset_clone(zc->zc_name, dmu_objset_ds(clone), 0); 2370 dmu_objset_rele(clone, FTAG); 2371 if (error) { 2372 nvlist_free(nvprops); 2373 return (error); 2374 } 2375 } else { 2376 boolean_t is_insensitive = B_FALSE; 2377 2378 if (cbfunc == NULL) { 2379 nvlist_free(nvprops); 2380 return (EINVAL); 2381 } 2382 2383 if (type == DMU_OST_ZVOL) { 2384 uint64_t volsize, volblocksize; 2385 2386 if (nvprops == NULL || 2387 nvlist_lookup_uint64(nvprops, 2388 zfs_prop_to_name(ZFS_PROP_VOLSIZE), 2389 &volsize) != 0) { 2390 nvlist_free(nvprops); 2391 return (EINVAL); 2392 } 2393 2394 if ((error = nvlist_lookup_uint64(nvprops, 2395 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE), 2396 &volblocksize)) != 0 && error != ENOENT) { 2397 nvlist_free(nvprops); 2398 return (EINVAL); 2399 } 2400 2401 if (error != 0) 2402 volblocksize = zfs_prop_default_numeric( 2403 ZFS_PROP_VOLBLOCKSIZE); 2404 2405 if ((error = zvol_check_volblocksize( 2406 volblocksize)) != 0 || 2407 (error = zvol_check_volsize(volsize, 2408 volblocksize)) != 0) { 2409 nvlist_free(nvprops); 2410 return (error); 2411 } 2412 } else if (type == DMU_OST_ZFS) { 2413 int error; 2414 2415 /* 2416 * We have to have normalization and 2417 * case-folding flags correct when we do the 2418 * file system creation, so go figure them out 2419 * now. 2420 */ 2421 VERIFY(nvlist_alloc(&zct.zct_zplprops, 2422 NV_UNIQUE_NAME, KM_SLEEP) == 0); 2423 error = zfs_fill_zplprops(zc->zc_name, nvprops, 2424 zct.zct_zplprops, &is_insensitive); 2425 if (error != 0) { 2426 nvlist_free(nvprops); 2427 nvlist_free(zct.zct_zplprops); 2428 return (error); 2429 } 2430 } 2431 error = dmu_objset_create(zc->zc_name, type, 2432 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct); 2433 nvlist_free(zct.zct_zplprops); 2434 } 2435 2436 /* 2437 * It would be nice to do this atomically. 2438 */ 2439 if (error == 0) { 2440 if ((error = zfs_set_prop_nvlist(zc->zc_name, nvprops)) != 0) 2441 (void) dmu_objset_destroy(zc->zc_name, B_FALSE); 2442 } 2443 nvlist_free(nvprops); 2444 return (error); 2445 } 2446 2447 /* 2448 * inputs: 2449 * zc_name name of filesystem 2450 * zc_value short name of snapshot 2451 * zc_cookie recursive flag 2452 * zc_nvlist_src[_size] property list 2453 * 2454 * outputs: 2455 * zc_value short snapname (i.e. part after the '@') 2456 */ 2457 static int 2458 zfs_ioc_snapshot(zfs_cmd_t *zc) 2459 { 2460 nvlist_t *nvprops = NULL; 2461 int error; 2462 boolean_t recursive = zc->zc_cookie; 2463 2464 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 2465 return (EINVAL); 2466 2467 if (zc->zc_nvlist_src != NULL && 2468 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2469 zc->zc_iflags, &nvprops)) != 0) 2470 return (error); 2471 2472 error = zfs_check_userprops(zc->zc_name, nvprops); 2473 if (error) 2474 goto out; 2475 2476 if (nvprops != NULL && nvlist_next_nvpair(nvprops, NULL) != NULL && 2477 zfs_earlier_version(zc->zc_name, SPA_VERSION_SNAP_PROPS)) { 2478 error = ENOTSUP; 2479 goto out; 2480 } 2481 2482 error = dmu_objset_snapshot(zc->zc_name, zc->zc_value, 2483 nvprops, recursive); 2484 2485 out: 2486 nvlist_free(nvprops); 2487 return (error); 2488 } 2489 2490 int 2491 zfs_unmount_snap(char *name, void *arg) 2492 { 2493 vfs_t *vfsp = NULL; 2494 2495 if (arg) { 2496 char *snapname = arg; 2497 int len = strlen(name) + strlen(snapname) + 2; 2498 char *buf = kmem_alloc(len, KM_SLEEP); 2499 2500 (void) strcpy(buf, name); 2501 (void) strcat(buf, "@"); 2502 (void) strcat(buf, snapname); 2503 vfsp = zfs_get_vfs(buf); 2504 kmem_free(buf, len); 2505 } else if (strchr(name, '@')) { 2506 vfsp = zfs_get_vfs(name); 2507 } 2508 2509 if (vfsp) { 2510 /* 2511 * Always force the unmount for snapshots. 2512 */ 2513 int flag = MS_FORCE; 2514 int err; 2515 2516 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) { 2517 VFS_RELE(vfsp); 2518 return (err); 2519 } 2520 VFS_RELE(vfsp); 2521 if ((err = dounmount(vfsp, flag, kcred)) != 0) 2522 return (err); 2523 } 2524 return (0); 2525 } 2526 2527 /* 2528 * inputs: 2529 * zc_name name of filesystem 2530 * zc_value short name of snapshot 2531 * zc_defer_destroy mark for deferred destroy 2532 * 2533 * outputs: none 2534 */ 2535 static int 2536 zfs_ioc_destroy_snaps(zfs_cmd_t *zc) 2537 { 2538 int err; 2539 2540 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 2541 return (EINVAL); 2542 err = dmu_objset_find(zc->zc_name, 2543 zfs_unmount_snap, zc->zc_value, DS_FIND_CHILDREN); 2544 if (err) 2545 return (err); 2546 return (dmu_snapshots_destroy(zc->zc_name, zc->zc_value, 2547 zc->zc_defer_destroy)); 2548 } 2549 2550 /* 2551 * inputs: 2552 * zc_name name of dataset to destroy 2553 * zc_objset_type type of objset 2554 * zc_defer_destroy mark for deferred destroy 2555 * 2556 * outputs: none 2557 */ 2558 static int 2559 zfs_ioc_destroy(zfs_cmd_t *zc) 2560 { 2561 int err; 2562 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) { 2563 err = zfs_unmount_snap(zc->zc_name, NULL); 2564 if (err) 2565 return (err); 2566 } 2567 2568 err = dmu_objset_destroy(zc->zc_name, zc->zc_defer_destroy); 2569 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0) 2570 zvol_remove_minor(zc->zc_name); 2571 return (err); 2572 } 2573 2574 /* 2575 * inputs: 2576 * zc_name name of dataset to rollback (to most recent snapshot) 2577 * 2578 * outputs: none 2579 */ 2580 static int 2581 zfs_ioc_rollback(zfs_cmd_t *zc) 2582 { 2583 dsl_dataset_t *ds, *clone; 2584 int error; 2585 zfsvfs_t *zfsvfs; 2586 char *clone_name; 2587 2588 error = dsl_dataset_hold(zc->zc_name, FTAG, &ds); 2589 if (error) 2590 return (error); 2591 2592 /* must not be a snapshot */ 2593 if (dsl_dataset_is_snapshot(ds)) { 2594 dsl_dataset_rele(ds, FTAG); 2595 return (EINVAL); 2596 } 2597 2598 /* must have a most recent snapshot */ 2599 if (ds->ds_phys->ds_prev_snap_txg < TXG_INITIAL) { 2600 dsl_dataset_rele(ds, FTAG); 2601 return (EINVAL); 2602 } 2603 2604 /* 2605 * Create clone of most recent snapshot. 2606 */ 2607 clone_name = kmem_asprintf("%s/%%rollback", zc->zc_name); 2608 error = dmu_objset_clone(clone_name, ds->ds_prev, DS_FLAG_INCONSISTENT); 2609 if (error) 2610 goto out; 2611 2612 error = dsl_dataset_own(clone_name, B_TRUE, FTAG, &clone); 2613 if (error) 2614 goto out; 2615 2616 /* 2617 * Do clone swap. 2618 */ 2619 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) { 2620 error = zfs_suspend_fs(zfsvfs); 2621 if (error == 0) { 2622 int resume_err; 2623 2624 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) { 2625 error = dsl_dataset_clone_swap(clone, ds, 2626 B_TRUE); 2627 dsl_dataset_disown(ds, FTAG); 2628 ds = NULL; 2629 } else { 2630 error = EBUSY; 2631 } 2632 resume_err = zfs_resume_fs(zfsvfs, zc->zc_name); 2633 error = error ? error : resume_err; 2634 } 2635 VFS_RELE(zfsvfs->z_vfs); 2636 } else { 2637 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) { 2638 error = dsl_dataset_clone_swap(clone, ds, B_TRUE); 2639 dsl_dataset_disown(ds, FTAG); 2640 ds = NULL; 2641 } else { 2642 error = EBUSY; 2643 } 2644 } 2645 2646 /* 2647 * Destroy clone (which also closes it). 2648 */ 2649 (void) dsl_dataset_destroy(clone, FTAG, B_FALSE); 2650 2651 out: 2652 strfree(clone_name); 2653 if (ds) 2654 dsl_dataset_rele(ds, FTAG); 2655 return (error); 2656 } 2657 2658 /* 2659 * inputs: 2660 * zc_name old name of dataset 2661 * zc_value new name of dataset 2662 * zc_cookie recursive flag (only valid for snapshots) 2663 * 2664 * outputs: none 2665 */ 2666 static int 2667 zfs_ioc_rename(zfs_cmd_t *zc) 2668 { 2669 boolean_t recursive = zc->zc_cookie & 1; 2670 2671 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0'; 2672 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 || 2673 strchr(zc->zc_value, '%')) 2674 return (EINVAL); 2675 2676 /* 2677 * Unmount snapshot unless we're doing a recursive rename, 2678 * in which case the dataset code figures out which snapshots 2679 * to unmount. 2680 */ 2681 if (!recursive && strchr(zc->zc_name, '@') != NULL && 2682 zc->zc_objset_type == DMU_OST_ZFS) { 2683 int err = zfs_unmount_snap(zc->zc_name, NULL); 2684 if (err) 2685 return (err); 2686 } 2687 if (zc->zc_objset_type == DMU_OST_ZVOL) 2688 (void) zvol_remove_minor(zc->zc_name); 2689 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive)); 2690 } 2691 2692 static void 2693 clear_props(char *dataset, nvlist_t *props, nvlist_t *newprops) 2694 { 2695 zfs_cmd_t *zc; 2696 nvpair_t *prop; 2697 2698 if (props == NULL) 2699 return; 2700 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP); 2701 (void) strcpy(zc->zc_name, dataset); 2702 for (prop = nvlist_next_nvpair(props, NULL); prop; 2703 prop = nvlist_next_nvpair(props, prop)) { 2704 if (newprops != NULL && 2705 nvlist_exists(newprops, nvpair_name(prop))) 2706 continue; 2707 (void) strcpy(zc->zc_value, nvpair_name(prop)); 2708 if (zfs_secpolicy_inherit(zc, CRED()) == 0) 2709 (void) zfs_ioc_inherit_prop(zc); 2710 } 2711 kmem_free(zc, sizeof (zfs_cmd_t)); 2712 } 2713 2714 /* 2715 * inputs: 2716 * zc_name name of containing filesystem 2717 * zc_nvlist_src{_size} nvlist of properties to apply 2718 * zc_value name of snapshot to create 2719 * zc_string name of clone origin (if DRR_FLAG_CLONE) 2720 * zc_cookie file descriptor to recv from 2721 * zc_begin_record the BEGIN record of the stream (not byteswapped) 2722 * zc_guid force flag 2723 * 2724 * outputs: 2725 * zc_cookie number of bytes read 2726 */ 2727 static int 2728 zfs_ioc_recv(zfs_cmd_t *zc) 2729 { 2730 file_t *fp; 2731 objset_t *os; 2732 dmu_recv_cookie_t drc; 2733 boolean_t force = (boolean_t)zc->zc_guid; 2734 int error, fd; 2735 offset_t off; 2736 nvlist_t *props = NULL; 2737 nvlist_t *origprops = NULL; 2738 objset_t *origin = NULL; 2739 char *tosnap; 2740 char tofs[ZFS_MAXNAMELEN]; 2741 2742 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 || 2743 strchr(zc->zc_value, '@') == NULL || 2744 strchr(zc->zc_value, '%')) 2745 return (EINVAL); 2746 2747 (void) strcpy(tofs, zc->zc_value); 2748 tosnap = strchr(tofs, '@'); 2749 *tosnap = '\0'; 2750 tosnap++; 2751 2752 if (zc->zc_nvlist_src != NULL && 2753 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2754 zc->zc_iflags, &props)) != 0) 2755 return (error); 2756 2757 fd = zc->zc_cookie; 2758 fp = getf(fd); 2759 if (fp == NULL) { 2760 nvlist_free(props); 2761 return (EBADF); 2762 } 2763 2764 if (props && dmu_objset_hold(tofs, FTAG, &os) == 0) { 2765 /* 2766 * If new properties are supplied, they are to completely 2767 * replace the existing ones, so stash away the existing ones. 2768 */ 2769 (void) dsl_prop_get_all(os, &origprops, B_TRUE); 2770 2771 dmu_objset_rele(os, FTAG); 2772 } 2773 2774 if (zc->zc_string[0]) { 2775 error = dmu_objset_hold(zc->zc_string, FTAG, &origin); 2776 if (error) 2777 goto out; 2778 } 2779 2780 error = dmu_recv_begin(tofs, tosnap, &zc->zc_begin_record, 2781 force, origin, &drc); 2782 if (origin) 2783 dmu_objset_rele(origin, FTAG); 2784 if (error) 2785 goto out; 2786 2787 /* 2788 * Reset properties. We do this before we receive the stream 2789 * so that the properties are applied to the new data. 2790 */ 2791 if (props) { 2792 clear_props(tofs, origprops, props); 2793 /* 2794 * XXX - Note, this is all-or-nothing; should be best-effort. 2795 */ 2796 (void) zfs_set_prop_nvlist(tofs, props); 2797 } 2798 2799 off = fp->f_offset; 2800 error = dmu_recv_stream(&drc, fp->f_vnode, &off); 2801 2802 if (error == 0) { 2803 zfsvfs_t *zfsvfs = NULL; 2804 2805 if (getzfsvfs(tofs, &zfsvfs) == 0) { 2806 /* online recv */ 2807 int end_err; 2808 2809 error = zfs_suspend_fs(zfsvfs); 2810 /* 2811 * If the suspend fails, then the recv_end will 2812 * likely also fail, and clean up after itself. 2813 */ 2814 end_err = dmu_recv_end(&drc); 2815 if (error == 0) { 2816 int resume_err = 2817 zfs_resume_fs(zfsvfs, tofs); 2818 error = error ? error : resume_err; 2819 } 2820 error = error ? error : end_err; 2821 VFS_RELE(zfsvfs->z_vfs); 2822 } else { 2823 error = dmu_recv_end(&drc); 2824 } 2825 } 2826 2827 zc->zc_cookie = off - fp->f_offset; 2828 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0) 2829 fp->f_offset = off; 2830 2831 /* 2832 * On error, restore the original props. 2833 */ 2834 if (error && props) { 2835 clear_props(tofs, props, NULL); 2836 (void) zfs_set_prop_nvlist(tofs, origprops); 2837 } 2838 out: 2839 nvlist_free(props); 2840 nvlist_free(origprops); 2841 releasef(fd); 2842 return (error); 2843 } 2844 2845 /* 2846 * inputs: 2847 * zc_name name of snapshot to send 2848 * zc_value short name of incremental fromsnap (may be empty) 2849 * zc_cookie file descriptor to send stream to 2850 * zc_obj fromorigin flag (mutually exclusive with zc_value) 2851 * 2852 * outputs: none 2853 */ 2854 static int 2855 zfs_ioc_send(zfs_cmd_t *zc) 2856 { 2857 objset_t *fromsnap = NULL; 2858 objset_t *tosnap; 2859 file_t *fp; 2860 int error; 2861 offset_t off; 2862 2863 error = dmu_objset_hold(zc->zc_name, FTAG, &tosnap); 2864 if (error) 2865 return (error); 2866 2867 if (zc->zc_value[0] != '\0') { 2868 char *buf; 2869 char *cp; 2870 2871 buf = kmem_alloc(MAXPATHLEN, KM_SLEEP); 2872 (void) strncpy(buf, zc->zc_name, MAXPATHLEN); 2873 cp = strchr(buf, '@'); 2874 if (cp) 2875 *(cp+1) = 0; 2876 (void) strncat(buf, zc->zc_value, MAXPATHLEN); 2877 error = dmu_objset_hold(buf, FTAG, &fromsnap); 2878 kmem_free(buf, MAXPATHLEN); 2879 if (error) { 2880 dmu_objset_rele(tosnap, FTAG); 2881 return (error); 2882 } 2883 } 2884 2885 fp = getf(zc->zc_cookie); 2886 if (fp == NULL) { 2887 dmu_objset_rele(tosnap, FTAG); 2888 if (fromsnap) 2889 dmu_objset_rele(fromsnap, FTAG); 2890 return (EBADF); 2891 } 2892 2893 off = fp->f_offset; 2894 error = dmu_sendbackup(tosnap, fromsnap, zc->zc_obj, fp->f_vnode, &off); 2895 2896 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0) 2897 fp->f_offset = off; 2898 releasef(zc->zc_cookie); 2899 if (fromsnap) 2900 dmu_objset_rele(fromsnap, FTAG); 2901 dmu_objset_rele(tosnap, FTAG); 2902 return (error); 2903 } 2904 2905 static int 2906 zfs_ioc_inject_fault(zfs_cmd_t *zc) 2907 { 2908 int id, error; 2909 2910 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id, 2911 &zc->zc_inject_record); 2912 2913 if (error == 0) 2914 zc->zc_guid = (uint64_t)id; 2915 2916 return (error); 2917 } 2918 2919 static int 2920 zfs_ioc_clear_fault(zfs_cmd_t *zc) 2921 { 2922 return (zio_clear_fault((int)zc->zc_guid)); 2923 } 2924 2925 static int 2926 zfs_ioc_inject_list_next(zfs_cmd_t *zc) 2927 { 2928 int id = (int)zc->zc_guid; 2929 int error; 2930 2931 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name), 2932 &zc->zc_inject_record); 2933 2934 zc->zc_guid = id; 2935 2936 return (error); 2937 } 2938 2939 static int 2940 zfs_ioc_error_log(zfs_cmd_t *zc) 2941 { 2942 spa_t *spa; 2943 int error; 2944 size_t count = (size_t)zc->zc_nvlist_dst_size; 2945 2946 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 2947 return (error); 2948 2949 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst, 2950 &count); 2951 if (error == 0) 2952 zc->zc_nvlist_dst_size = count; 2953 else 2954 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa); 2955 2956 spa_close(spa, FTAG); 2957 2958 return (error); 2959 } 2960 2961 static int 2962 zfs_ioc_clear(zfs_cmd_t *zc) 2963 { 2964 spa_t *spa; 2965 vdev_t *vd; 2966 int error; 2967 2968 /* 2969 * On zpool clear we also fix up missing slogs 2970 */ 2971 mutex_enter(&spa_namespace_lock); 2972 spa = spa_lookup(zc->zc_name); 2973 if (spa == NULL) { 2974 mutex_exit(&spa_namespace_lock); 2975 return (EIO); 2976 } 2977 if (spa->spa_log_state == SPA_LOG_MISSING) { 2978 /* we need to let spa_open/spa_load clear the chains */ 2979 spa->spa_log_state = SPA_LOG_CLEAR; 2980 } 2981 mutex_exit(&spa_namespace_lock); 2982 2983 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 2984 return (error); 2985 2986 spa_vdev_state_enter(spa, SCL_NONE); 2987 2988 if (zc->zc_guid == 0) { 2989 vd = NULL; 2990 } else { 2991 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE); 2992 if (vd == NULL) { 2993 (void) spa_vdev_state_exit(spa, NULL, ENODEV); 2994 spa_close(spa, FTAG); 2995 return (ENODEV); 2996 } 2997 } 2998 2999 vdev_clear(spa, vd); 3000 3001 (void) spa_vdev_state_exit(spa, NULL, 0); 3002 3003 /* 3004 * Resume any suspended I/Os. 3005 */ 3006 if (zio_resume(spa) != 0) 3007 error = EIO; 3008 3009 spa_close(spa, FTAG); 3010 3011 return (error); 3012 } 3013 3014 /* 3015 * inputs: 3016 * zc_name name of filesystem 3017 * zc_value name of origin snapshot 3018 * 3019 * outputs: 3020 * zc_string name of conflicting snapshot, if there is one 3021 */ 3022 static int 3023 zfs_ioc_promote(zfs_cmd_t *zc) 3024 { 3025 char *cp; 3026 3027 /* 3028 * We don't need to unmount *all* the origin fs's snapshots, but 3029 * it's easier. 3030 */ 3031 cp = strchr(zc->zc_value, '@'); 3032 if (cp) 3033 *cp = '\0'; 3034 (void) dmu_objset_find(zc->zc_value, 3035 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS); 3036 return (dsl_dataset_promote(zc->zc_name, zc->zc_string)); 3037 } 3038 3039 /* 3040 * Retrieve a single {user|group}{used|quota}@... property. 3041 * 3042 * inputs: 3043 * zc_name name of filesystem 3044 * zc_objset_type zfs_userquota_prop_t 3045 * zc_value domain name (eg. "S-1-234-567-89") 3046 * zc_guid RID/UID/GID 3047 * 3048 * outputs: 3049 * zc_cookie property value 3050 */ 3051 static int 3052 zfs_ioc_userspace_one(zfs_cmd_t *zc) 3053 { 3054 zfsvfs_t *zfsvfs; 3055 int error; 3056 3057 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS) 3058 return (EINVAL); 3059 3060 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs); 3061 if (error) 3062 return (error); 3063 3064 error = zfs_userspace_one(zfsvfs, 3065 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie); 3066 zfsvfs_rele(zfsvfs, FTAG); 3067 3068 return (error); 3069 } 3070 3071 /* 3072 * inputs: 3073 * zc_name name of filesystem 3074 * zc_cookie zap cursor 3075 * zc_objset_type zfs_userquota_prop_t 3076 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist) 3077 * 3078 * outputs: 3079 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t) 3080 * zc_cookie zap cursor 3081 */ 3082 static int 3083 zfs_ioc_userspace_many(zfs_cmd_t *zc) 3084 { 3085 zfsvfs_t *zfsvfs; 3086 int error; 3087 3088 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs); 3089 if (error) 3090 return (error); 3091 3092 int bufsize = zc->zc_nvlist_dst_size; 3093 void *buf = kmem_alloc(bufsize, KM_SLEEP); 3094 3095 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie, 3096 buf, &zc->zc_nvlist_dst_size); 3097 3098 if (error == 0) { 3099 error = xcopyout(buf, 3100 (void *)(uintptr_t)zc->zc_nvlist_dst, 3101 zc->zc_nvlist_dst_size); 3102 } 3103 kmem_free(buf, bufsize); 3104 zfsvfs_rele(zfsvfs, FTAG); 3105 3106 return (error); 3107 } 3108 3109 /* 3110 * inputs: 3111 * zc_name name of filesystem 3112 * 3113 * outputs: 3114 * none 3115 */ 3116 static int 3117 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc) 3118 { 3119 objset_t *os; 3120 int error; 3121 zfsvfs_t *zfsvfs; 3122 3123 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) { 3124 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) { 3125 /* 3126 * If userused is not enabled, it may be because the 3127 * objset needs to be closed & reopened (to grow the 3128 * objset_phys_t). Suspend/resume the fs will do that. 3129 */ 3130 error = zfs_suspend_fs(zfsvfs); 3131 if (error == 0) 3132 error = zfs_resume_fs(zfsvfs, zc->zc_name); 3133 } 3134 if (error == 0) 3135 error = dmu_objset_userspace_upgrade(zfsvfs->z_os); 3136 VFS_RELE(zfsvfs->z_vfs); 3137 } else { 3138 /* XXX kind of reading contents without owning */ 3139 error = dmu_objset_hold(zc->zc_name, FTAG, &os); 3140 if (error) 3141 return (error); 3142 3143 error = dmu_objset_userspace_upgrade(os); 3144 dmu_objset_rele(os, FTAG); 3145 } 3146 3147 return (error); 3148 } 3149 3150 /* 3151 * We don't want to have a hard dependency 3152 * against some special symbols in sharefs 3153 * nfs, and smbsrv. Determine them if needed when 3154 * the first file system is shared. 3155 * Neither sharefs, nfs or smbsrv are unloadable modules. 3156 */ 3157 int (*znfsexport_fs)(void *arg); 3158 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t); 3159 int (*zsmbexport_fs)(void *arg, boolean_t add_share); 3160 3161 int zfs_nfsshare_inited; 3162 int zfs_smbshare_inited; 3163 3164 ddi_modhandle_t nfs_mod; 3165 ddi_modhandle_t sharefs_mod; 3166 ddi_modhandle_t smbsrv_mod; 3167 kmutex_t zfs_share_lock; 3168 3169 static int 3170 zfs_init_sharefs() 3171 { 3172 int error; 3173 3174 ASSERT(MUTEX_HELD(&zfs_share_lock)); 3175 /* Both NFS and SMB shares also require sharetab support. */ 3176 if (sharefs_mod == NULL && ((sharefs_mod = 3177 ddi_modopen("fs/sharefs", 3178 KRTLD_MODE_FIRST, &error)) == NULL)) { 3179 return (ENOSYS); 3180 } 3181 if (zshare_fs == NULL && ((zshare_fs = 3182 (int (*)(enum sharefs_sys_op, share_t *, uint32_t)) 3183 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) { 3184 return (ENOSYS); 3185 } 3186 return (0); 3187 } 3188 3189 static int 3190 zfs_ioc_share(zfs_cmd_t *zc) 3191 { 3192 int error; 3193 int opcode; 3194 3195 switch (zc->zc_share.z_sharetype) { 3196 case ZFS_SHARE_NFS: 3197 case ZFS_UNSHARE_NFS: 3198 if (zfs_nfsshare_inited == 0) { 3199 mutex_enter(&zfs_share_lock); 3200 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs", 3201 KRTLD_MODE_FIRST, &error)) == NULL)) { 3202 mutex_exit(&zfs_share_lock); 3203 return (ENOSYS); 3204 } 3205 if (znfsexport_fs == NULL && 3206 ((znfsexport_fs = (int (*)(void *)) 3207 ddi_modsym(nfs_mod, 3208 "nfs_export", &error)) == NULL)) { 3209 mutex_exit(&zfs_share_lock); 3210 return (ENOSYS); 3211 } 3212 error = zfs_init_sharefs(); 3213 if (error) { 3214 mutex_exit(&zfs_share_lock); 3215 return (ENOSYS); 3216 } 3217 zfs_nfsshare_inited = 1; 3218 mutex_exit(&zfs_share_lock); 3219 } 3220 break; 3221 case ZFS_SHARE_SMB: 3222 case ZFS_UNSHARE_SMB: 3223 if (zfs_smbshare_inited == 0) { 3224 mutex_enter(&zfs_share_lock); 3225 if (smbsrv_mod == NULL && ((smbsrv_mod = 3226 ddi_modopen("drv/smbsrv", 3227 KRTLD_MODE_FIRST, &error)) == NULL)) { 3228 mutex_exit(&zfs_share_lock); 3229 return (ENOSYS); 3230 } 3231 if (zsmbexport_fs == NULL && ((zsmbexport_fs = 3232 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod, 3233 "smb_server_share", &error)) == NULL)) { 3234 mutex_exit(&zfs_share_lock); 3235 return (ENOSYS); 3236 } 3237 error = zfs_init_sharefs(); 3238 if (error) { 3239 mutex_exit(&zfs_share_lock); 3240 return (ENOSYS); 3241 } 3242 zfs_smbshare_inited = 1; 3243 mutex_exit(&zfs_share_lock); 3244 } 3245 break; 3246 default: 3247 return (EINVAL); 3248 } 3249 3250 switch (zc->zc_share.z_sharetype) { 3251 case ZFS_SHARE_NFS: 3252 case ZFS_UNSHARE_NFS: 3253 if (error = 3254 znfsexport_fs((void *) 3255 (uintptr_t)zc->zc_share.z_exportdata)) 3256 return (error); 3257 break; 3258 case ZFS_SHARE_SMB: 3259 case ZFS_UNSHARE_SMB: 3260 if (error = zsmbexport_fs((void *) 3261 (uintptr_t)zc->zc_share.z_exportdata, 3262 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ? 3263 B_TRUE: B_FALSE)) { 3264 return (error); 3265 } 3266 break; 3267 } 3268 3269 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS || 3270 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ? 3271 SHAREFS_ADD : SHAREFS_REMOVE; 3272 3273 /* 3274 * Add or remove share from sharetab 3275 */ 3276 error = zshare_fs(opcode, 3277 (void *)(uintptr_t)zc->zc_share.z_sharedata, 3278 zc->zc_share.z_sharemax); 3279 3280 return (error); 3281 3282 } 3283 3284 ace_t full_access[] = { 3285 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0} 3286 }; 3287 3288 /* 3289 * Remove all ACL files in shares dir 3290 */ 3291 static int 3292 zfs_smb_acl_purge(znode_t *dzp) 3293 { 3294 zap_cursor_t zc; 3295 zap_attribute_t zap; 3296 zfsvfs_t *zfsvfs = dzp->z_zfsvfs; 3297 int error; 3298 3299 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id); 3300 (error = zap_cursor_retrieve(&zc, &zap)) == 0; 3301 zap_cursor_advance(&zc)) { 3302 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred, 3303 NULL, 0)) != 0) 3304 break; 3305 } 3306 zap_cursor_fini(&zc); 3307 return (error); 3308 } 3309 3310 static int 3311 zfs_ioc_smb_acl(zfs_cmd_t *zc) 3312 { 3313 vnode_t *vp; 3314 znode_t *dzp; 3315 vnode_t *resourcevp = NULL; 3316 znode_t *sharedir; 3317 zfsvfs_t *zfsvfs; 3318 nvlist_t *nvlist; 3319 char *src, *target; 3320 vattr_t vattr; 3321 vsecattr_t vsec; 3322 int error = 0; 3323 3324 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE, 3325 NO_FOLLOW, NULL, &vp)) != 0) 3326 return (error); 3327 3328 /* Now make sure mntpnt and dataset are ZFS */ 3329 3330 if (vp->v_vfsp->vfs_fstype != zfsfstype || 3331 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource), 3332 zc->zc_name) != 0)) { 3333 VN_RELE(vp); 3334 return (EINVAL); 3335 } 3336 3337 dzp = VTOZ(vp); 3338 zfsvfs = dzp->z_zfsvfs; 3339 ZFS_ENTER(zfsvfs); 3340 3341 /* 3342 * Create share dir if its missing. 3343 */ 3344 mutex_enter(&zfsvfs->z_lock); 3345 if (zfsvfs->z_shares_dir == 0) { 3346 dmu_tx_t *tx; 3347 3348 tx = dmu_tx_create(zfsvfs->z_os); 3349 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE, 3350 ZFS_SHARES_DIR); 3351 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL); 3352 error = dmu_tx_assign(tx, TXG_WAIT); 3353 if (error) { 3354 dmu_tx_abort(tx); 3355 } else { 3356 error = zfs_create_share_dir(zfsvfs, tx); 3357 dmu_tx_commit(tx); 3358 } 3359 if (error) { 3360 mutex_exit(&zfsvfs->z_lock); 3361 VN_RELE(vp); 3362 ZFS_EXIT(zfsvfs); 3363 return (error); 3364 } 3365 } 3366 mutex_exit(&zfsvfs->z_lock); 3367 3368 ASSERT(zfsvfs->z_shares_dir); 3369 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) { 3370 VN_RELE(vp); 3371 ZFS_EXIT(zfsvfs); 3372 return (error); 3373 } 3374 3375 switch (zc->zc_cookie) { 3376 case ZFS_SMB_ACL_ADD: 3377 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE; 3378 vattr.va_type = VREG; 3379 vattr.va_mode = S_IFREG|0777; 3380 vattr.va_uid = 0; 3381 vattr.va_gid = 0; 3382 3383 vsec.vsa_mask = VSA_ACE; 3384 vsec.vsa_aclentp = &full_access; 3385 vsec.vsa_aclentsz = sizeof (full_access); 3386 vsec.vsa_aclcnt = 1; 3387 3388 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string, 3389 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec); 3390 if (resourcevp) 3391 VN_RELE(resourcevp); 3392 break; 3393 3394 case ZFS_SMB_ACL_REMOVE: 3395 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred, 3396 NULL, 0); 3397 break; 3398 3399 case ZFS_SMB_ACL_RENAME: 3400 if ((error = get_nvlist(zc->zc_nvlist_src, 3401 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) { 3402 VN_RELE(vp); 3403 ZFS_EXIT(zfsvfs); 3404 return (error); 3405 } 3406 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) || 3407 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET, 3408 &target)) { 3409 VN_RELE(vp); 3410 VN_RELE(ZTOV(sharedir)); 3411 ZFS_EXIT(zfsvfs); 3412 return (error); 3413 } 3414 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target, 3415 kcred, NULL, 0); 3416 nvlist_free(nvlist); 3417 break; 3418 3419 case ZFS_SMB_ACL_PURGE: 3420 error = zfs_smb_acl_purge(sharedir); 3421 break; 3422 3423 default: 3424 error = EINVAL; 3425 break; 3426 } 3427 3428 VN_RELE(vp); 3429 VN_RELE(ZTOV(sharedir)); 3430 3431 ZFS_EXIT(zfsvfs); 3432 3433 return (error); 3434 } 3435 3436 /* 3437 * inputs: 3438 * zc_name name of filesystem 3439 * zc_value short name of snap 3440 * zc_string user-supplied tag for this reference 3441 * zc_cookie recursive flag 3442 * zc_temphold set if hold is temporary 3443 * 3444 * outputs: none 3445 */ 3446 static int 3447 zfs_ioc_hold(zfs_cmd_t *zc) 3448 { 3449 boolean_t recursive = zc->zc_cookie; 3450 3451 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 3452 return (EINVAL); 3453 3454 return (dsl_dataset_user_hold(zc->zc_name, zc->zc_value, 3455 zc->zc_string, recursive, zc->zc_temphold)); 3456 } 3457 3458 /* 3459 * inputs: 3460 * zc_name name of dataset from which we're releasing a user reference 3461 * zc_value short name of snap 3462 * zc_string user-supplied tag for this reference 3463 * zc_cookie recursive flag 3464 * 3465 * outputs: none 3466 */ 3467 static int 3468 zfs_ioc_release(zfs_cmd_t *zc) 3469 { 3470 boolean_t recursive = zc->zc_cookie; 3471 3472 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 3473 return (EINVAL); 3474 3475 return (dsl_dataset_user_release(zc->zc_name, zc->zc_value, 3476 zc->zc_string, recursive)); 3477 } 3478 3479 /* 3480 * inputs: 3481 * zc_name name of filesystem 3482 * 3483 * outputs: 3484 * zc_nvlist_src{_size} nvlist of snapshot holds 3485 */ 3486 static int 3487 zfs_ioc_get_holds(zfs_cmd_t *zc) 3488 { 3489 nvlist_t *nvp; 3490 int error; 3491 3492 if ((error = dsl_dataset_get_holds(zc->zc_name, &nvp)) == 0) { 3493 error = put_nvlist(zc, nvp); 3494 nvlist_free(nvp); 3495 } 3496 3497 return (error); 3498 } 3499 3500 /* 3501 * pool create, destroy, and export don't log the history as part of 3502 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export 3503 * do the logging of those commands. 3504 */ 3505 static zfs_ioc_vec_t zfs_ioc_vec[] = { 3506 { zfs_ioc_pool_create, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3507 B_FALSE }, 3508 { zfs_ioc_pool_destroy, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3509 B_FALSE }, 3510 { zfs_ioc_pool_import, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3511 B_FALSE }, 3512 { zfs_ioc_pool_export, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3513 B_FALSE }, 3514 { zfs_ioc_pool_configs, zfs_secpolicy_none, NO_NAME, B_FALSE, 3515 B_FALSE }, 3516 { zfs_ioc_pool_stats, zfs_secpolicy_read, POOL_NAME, B_FALSE, 3517 B_FALSE }, 3518 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, NO_NAME, B_FALSE, 3519 B_FALSE }, 3520 { zfs_ioc_pool_scrub, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3521 B_TRUE }, 3522 { zfs_ioc_pool_freeze, zfs_secpolicy_config, NO_NAME, B_FALSE, 3523 B_FALSE }, 3524 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3525 B_TRUE }, 3526 { zfs_ioc_pool_get_history, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3527 B_FALSE }, 3528 { zfs_ioc_vdev_add, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3529 B_TRUE }, 3530 { zfs_ioc_vdev_remove, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3531 B_TRUE }, 3532 { zfs_ioc_vdev_set_state, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3533 B_FALSE }, 3534 { zfs_ioc_vdev_attach, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3535 B_TRUE }, 3536 { zfs_ioc_vdev_detach, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3537 B_TRUE }, 3538 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3539 B_TRUE }, 3540 { zfs_ioc_vdev_setfru, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3541 B_TRUE }, 3542 { zfs_ioc_objset_stats, zfs_secpolicy_read, DATASET_NAME, B_FALSE, 3543 B_FALSE }, 3544 { zfs_ioc_objset_zplprops, zfs_secpolicy_read, DATASET_NAME, B_FALSE, 3545 B_FALSE }, 3546 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE, 3547 B_FALSE }, 3548 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, DATASET_NAME, B_FALSE, 3549 B_FALSE }, 3550 { zfs_ioc_set_prop, zfs_secpolicy_none, DATASET_NAME, B_TRUE, B_TRUE }, 3551 { zfs_ioc_create, zfs_secpolicy_create, DATASET_NAME, B_TRUE, B_TRUE }, 3552 { zfs_ioc_destroy, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE, 3553 B_TRUE}, 3554 { zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME, B_TRUE, 3555 B_TRUE }, 3556 { zfs_ioc_rename, zfs_secpolicy_rename, DATASET_NAME, B_TRUE, B_TRUE }, 3557 { zfs_ioc_recv, zfs_secpolicy_receive, DATASET_NAME, B_TRUE, B_TRUE }, 3558 { zfs_ioc_send, zfs_secpolicy_send, DATASET_NAME, B_TRUE, B_FALSE }, 3559 { zfs_ioc_inject_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE, 3560 B_FALSE }, 3561 { zfs_ioc_clear_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE, 3562 B_FALSE }, 3563 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, NO_NAME, B_FALSE, 3564 B_FALSE }, 3565 { zfs_ioc_error_log, zfs_secpolicy_inject, POOL_NAME, B_FALSE, 3566 B_FALSE }, 3567 { zfs_ioc_clear, zfs_secpolicy_config, POOL_NAME, B_TRUE, B_FALSE }, 3568 { zfs_ioc_promote, zfs_secpolicy_promote, DATASET_NAME, B_TRUE, 3569 B_TRUE }, 3570 { zfs_ioc_destroy_snaps, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE, 3571 B_TRUE }, 3572 { zfs_ioc_snapshot, zfs_secpolicy_snapshot, DATASET_NAME, B_TRUE, 3573 B_TRUE }, 3574 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_config, POOL_NAME, B_FALSE, 3575 B_FALSE }, 3576 { zfs_ioc_obj_to_path, zfs_secpolicy_config, DATASET_NAME, B_FALSE, 3577 B_TRUE }, 3578 { zfs_ioc_pool_set_props, zfs_secpolicy_config, POOL_NAME, B_TRUE, 3579 B_TRUE }, 3580 { zfs_ioc_pool_get_props, zfs_secpolicy_read, POOL_NAME, B_FALSE, 3581 B_FALSE }, 3582 { zfs_ioc_set_fsacl, zfs_secpolicy_fsacl, DATASET_NAME, B_TRUE, 3583 B_TRUE }, 3584 { zfs_ioc_get_fsacl, zfs_secpolicy_read, DATASET_NAME, B_FALSE, 3585 B_FALSE }, 3586 { zfs_ioc_iscsi_perm_check, zfs_secpolicy_iscsi, DATASET_NAME, B_FALSE, 3587 B_FALSE }, 3588 { zfs_ioc_share, zfs_secpolicy_share, DATASET_NAME, B_FALSE, B_FALSE }, 3589 { zfs_ioc_inherit_prop, zfs_secpolicy_inherit, DATASET_NAME, B_TRUE, 3590 B_TRUE }, 3591 { zfs_ioc_smb_acl, zfs_secpolicy_smb_acl, DATASET_NAME, B_FALSE, 3592 B_FALSE }, 3593 { zfs_ioc_userspace_one, zfs_secpolicy_userspace_one, 3594 DATASET_NAME, B_FALSE, B_FALSE }, 3595 { zfs_ioc_userspace_many, zfs_secpolicy_userspace_many, 3596 DATASET_NAME, B_FALSE, B_FALSE }, 3597 { zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade, 3598 DATASET_NAME, B_FALSE, B_TRUE }, 3599 { zfs_ioc_hold, zfs_secpolicy_hold, DATASET_NAME, B_TRUE, B_TRUE }, 3600 { zfs_ioc_release, zfs_secpolicy_release, DATASET_NAME, B_TRUE, 3601 B_TRUE }, 3602 { zfs_ioc_get_holds, zfs_secpolicy_read, DATASET_NAME, B_FALSE, 3603 B_TRUE } 3604 }; 3605 3606 int 3607 pool_status_check(const char *name, zfs_ioc_namecheck_t type) 3608 { 3609 spa_t *spa; 3610 int error; 3611 3612 ASSERT(type == POOL_NAME || type == DATASET_NAME); 3613 3614 error = spa_open(name, &spa, FTAG); 3615 if (error == 0) { 3616 if (spa_suspended(spa)) 3617 error = EAGAIN; 3618 spa_close(spa, FTAG); 3619 } 3620 return (error); 3621 } 3622 3623 static int 3624 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp) 3625 { 3626 zfs_cmd_t *zc; 3627 uint_t vec; 3628 int error, rc; 3629 3630 if (getminor(dev) != 0) 3631 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp)); 3632 3633 vec = cmd - ZFS_IOC; 3634 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip)); 3635 3636 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0])) 3637 return (EINVAL); 3638 3639 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP); 3640 3641 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag); 3642 3643 if ((error == 0) && !(flag & FKIOCTL)) 3644 error = zfs_ioc_vec[vec].zvec_secpolicy(zc, cr); 3645 3646 /* 3647 * Ensure that all pool/dataset names are valid before we pass down to 3648 * the lower layers. 3649 */ 3650 if (error == 0) { 3651 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0'; 3652 zc->zc_iflags = flag & FKIOCTL; 3653 switch (zfs_ioc_vec[vec].zvec_namecheck) { 3654 case POOL_NAME: 3655 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0) 3656 error = EINVAL; 3657 if (zfs_ioc_vec[vec].zvec_pool_check) 3658 error = pool_status_check(zc->zc_name, 3659 zfs_ioc_vec[vec].zvec_namecheck); 3660 break; 3661 3662 case DATASET_NAME: 3663 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0) 3664 error = EINVAL; 3665 if (zfs_ioc_vec[vec].zvec_pool_check) 3666 error = pool_status_check(zc->zc_name, 3667 zfs_ioc_vec[vec].zvec_namecheck); 3668 break; 3669 3670 case NO_NAME: 3671 break; 3672 } 3673 } 3674 3675 if (error == 0) 3676 error = zfs_ioc_vec[vec].zvec_func(zc); 3677 3678 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag); 3679 if (error == 0) { 3680 error = rc; 3681 if (zfs_ioc_vec[vec].zvec_his_log) 3682 zfs_log_history(zc); 3683 } 3684 3685 kmem_free(zc, sizeof (zfs_cmd_t)); 3686 return (error); 3687 } 3688 3689 static int 3690 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd) 3691 { 3692 if (cmd != DDI_ATTACH) 3693 return (DDI_FAILURE); 3694 3695 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0, 3696 DDI_PSEUDO, 0) == DDI_FAILURE) 3697 return (DDI_FAILURE); 3698 3699 zfs_dip = dip; 3700 3701 ddi_report_dev(dip); 3702 3703 return (DDI_SUCCESS); 3704 } 3705 3706 static int 3707 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd) 3708 { 3709 if (spa_busy() || zfs_busy() || zvol_busy()) 3710 return (DDI_FAILURE); 3711 3712 if (cmd != DDI_DETACH) 3713 return (DDI_FAILURE); 3714 3715 zfs_dip = NULL; 3716 3717 ddi_prop_remove_all(dip); 3718 ddi_remove_minor_node(dip, NULL); 3719 3720 return (DDI_SUCCESS); 3721 } 3722 3723 /*ARGSUSED*/ 3724 static int 3725 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result) 3726 { 3727 switch (infocmd) { 3728 case DDI_INFO_DEVT2DEVINFO: 3729 *result = zfs_dip; 3730 return (DDI_SUCCESS); 3731 3732 case DDI_INFO_DEVT2INSTANCE: 3733 *result = (void *)0; 3734 return (DDI_SUCCESS); 3735 } 3736 3737 return (DDI_FAILURE); 3738 } 3739 3740 /* 3741 * OK, so this is a little weird. 3742 * 3743 * /dev/zfs is the control node, i.e. minor 0. 3744 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0. 3745 * 3746 * /dev/zfs has basically nothing to do except serve up ioctls, 3747 * so most of the standard driver entry points are in zvol.c. 3748 */ 3749 static struct cb_ops zfs_cb_ops = { 3750 zvol_open, /* open */ 3751 zvol_close, /* close */ 3752 zvol_strategy, /* strategy */ 3753 nodev, /* print */ 3754 zvol_dump, /* dump */ 3755 zvol_read, /* read */ 3756 zvol_write, /* write */ 3757 zfsdev_ioctl, /* ioctl */ 3758 nodev, /* devmap */ 3759 nodev, /* mmap */ 3760 nodev, /* segmap */ 3761 nochpoll, /* poll */ 3762 ddi_prop_op, /* prop_op */ 3763 NULL, /* streamtab */ 3764 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */ 3765 CB_REV, /* version */ 3766 nodev, /* async read */ 3767 nodev, /* async write */ 3768 }; 3769 3770 static struct dev_ops zfs_dev_ops = { 3771 DEVO_REV, /* version */ 3772 0, /* refcnt */ 3773 zfs_info, /* info */ 3774 nulldev, /* identify */ 3775 nulldev, /* probe */ 3776 zfs_attach, /* attach */ 3777 zfs_detach, /* detach */ 3778 nodev, /* reset */ 3779 &zfs_cb_ops, /* driver operations */ 3780 NULL, /* no bus operations */ 3781 NULL, /* power */ 3782 ddi_quiesce_not_needed, /* quiesce */ 3783 }; 3784 3785 static struct modldrv zfs_modldrv = { 3786 &mod_driverops, 3787 "ZFS storage pool", 3788 &zfs_dev_ops 3789 }; 3790 3791 static struct modlinkage modlinkage = { 3792 MODREV_1, 3793 (void *)&zfs_modlfs, 3794 (void *)&zfs_modldrv, 3795 NULL 3796 }; 3797 3798 3799 uint_t zfs_fsyncer_key; 3800 extern uint_t rrw_tsd_key; 3801 3802 int 3803 _init(void) 3804 { 3805 int error; 3806 3807 spa_init(FREAD | FWRITE); 3808 zfs_init(); 3809 zvol_init(); 3810 3811 if ((error = mod_install(&modlinkage)) != 0) { 3812 zvol_fini(); 3813 zfs_fini(); 3814 spa_fini(); 3815 return (error); 3816 } 3817 3818 tsd_create(&zfs_fsyncer_key, NULL); 3819 tsd_create(&rrw_tsd_key, NULL); 3820 3821 error = ldi_ident_from_mod(&modlinkage, &zfs_li); 3822 ASSERT(error == 0); 3823 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL); 3824 3825 return (0); 3826 } 3827 3828 int 3829 _fini(void) 3830 { 3831 int error; 3832 3833 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled) 3834 return (EBUSY); 3835 3836 if ((error = mod_remove(&modlinkage)) != 0) 3837 return (error); 3838 3839 zvol_fini(); 3840 zfs_fini(); 3841 spa_fini(); 3842 if (zfs_nfsshare_inited) 3843 (void) ddi_modclose(nfs_mod); 3844 if (zfs_smbshare_inited) 3845 (void) ddi_modclose(smbsrv_mod); 3846 if (zfs_nfsshare_inited || zfs_smbshare_inited) 3847 (void) ddi_modclose(sharefs_mod); 3848 3849 tsd_destroy(&zfs_fsyncer_key); 3850 ldi_ident_release(zfs_li); 3851 zfs_li = NULL; 3852 mutex_destroy(&zfs_share_lock); 3853 3854 return (error); 3855 } 3856 3857 int 3858 _info(struct modinfo *modinfop) 3859 { 3860 return (mod_info(&modlinkage, modinfop)); 3861 } 3862