xref: /titanic_50/usr/src/lib/libzfs/common/libzfs_dataset.c (revision 44cd46cadd9aab751dae6a4023c1cb5bf316d274)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <assert.h>
29 #include <ctype.h>
30 #include <errno.h>
31 #include <libdevinfo.h>
32 #include <libintl.h>
33 #include <math.h>
34 #include <stdio.h>
35 #include <stdlib.h>
36 #include <strings.h>
37 #include <unistd.h>
38 #include <zone.h>
39 #include <sys/mntent.h>
40 #include <sys/mnttab.h>
41 #include <sys/mount.h>
42 
43 #include <sys/spa.h>
44 #include <sys/zio.h>
45 #include <libzfs.h>
46 
47 #include "zfs_namecheck.h"
48 #include "zfs_prop.h"
49 #include "libzfs_impl.h"
50 
51 /*
52  * Given a single type (not a mask of types), return the type in a human
53  * readable form.
54  */
55 const char *
56 zfs_type_to_name(zfs_type_t type)
57 {
58 	switch (type) {
59 	case ZFS_TYPE_FILESYSTEM:
60 		return (dgettext(TEXT_DOMAIN, "filesystem"));
61 	case ZFS_TYPE_SNAPSHOT:
62 		return (dgettext(TEXT_DOMAIN, "snapshot"));
63 	case ZFS_TYPE_VOLUME:
64 		return (dgettext(TEXT_DOMAIN, "volume"));
65 	}
66 
67 	zfs_baderror(type);
68 	return (NULL);
69 }
70 
71 /*
72  * Given a path and mask of ZFS types, return a string describing this dataset.
73  * This is used when we fail to open a dataset and we cannot get an exact type.
74  * We guess what the type would have been based on the path and the mask of
75  * acceptable types.
76  */
77 static const char *
78 path_to_str(const char *path, int types)
79 {
80 	/*
81 	 * When given a single type, always report the exact type.
82 	 */
83 	if (types == ZFS_TYPE_SNAPSHOT)
84 		return (dgettext(TEXT_DOMAIN, "snapshot"));
85 	if (types == ZFS_TYPE_FILESYSTEM)
86 		return (dgettext(TEXT_DOMAIN, "filesystem"));
87 	if (types == ZFS_TYPE_VOLUME)
88 		return (dgettext(TEXT_DOMAIN, "volume"));
89 
90 	/*
91 	 * The user is requesting more than one type of dataset.  If this is the
92 	 * case, consult the path itself.  If we're looking for a snapshot, and
93 	 * a '@' is found, then report it as "snapshot".  Otherwise, remove the
94 	 * snapshot attribute and try again.
95 	 */
96 	if (types & ZFS_TYPE_SNAPSHOT) {
97 		if (strchr(path, '@') != NULL)
98 			return (dgettext(TEXT_DOMAIN, "snapshot"));
99 		return (path_to_str(path, types & ~ZFS_TYPE_SNAPSHOT));
100 	}
101 
102 
103 	/*
104 	 * The user has requested either filesystems or volumes.
105 	 * We have no way of knowing a priori what type this would be, so always
106 	 * report it as "filesystem" or "volume", our two primitive types.
107 	 */
108 	if (types & ZFS_TYPE_FILESYSTEM)
109 		return (dgettext(TEXT_DOMAIN, "filesystem"));
110 
111 	assert(types & ZFS_TYPE_VOLUME);
112 	return (dgettext(TEXT_DOMAIN, "volume"));
113 }
114 
115 /*
116  * Validate a ZFS path.  This is used even before trying to open the dataset, to
117  * provide a more meaningful error message.  We place a more useful message in
118  * 'buf' detailing exactly why the name was not valid.
119  */
120 static int
121 zfs_validate_name(const char *path, int type, char *buf, size_t buflen)
122 {
123 	namecheck_err_t why;
124 	char what;
125 
126 	if (dataset_namecheck(path, &why, &what) != 0) {
127 		if (buf != NULL) {
128 			switch (why) {
129 			case NAME_ERR_TOOLONG:
130 				(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
131 				    "name is too long"), buflen);
132 				break;
133 
134 			case NAME_ERR_LEADING_SLASH:
135 				(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
136 				    "leading slash"), buflen);
137 				break;
138 
139 			case NAME_ERR_EMPTY_COMPONENT:
140 				(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
141 				    "empty component"), buflen);
142 				break;
143 
144 			case NAME_ERR_TRAILING_SLASH:
145 				(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
146 				    "trailing slash"), buflen);
147 				break;
148 
149 			case NAME_ERR_INVALCHAR:
150 				(void) snprintf(buf, buflen,
151 				    dgettext(TEXT_DOMAIN, "invalid character "
152 				    "'%c'"), what);
153 				break;
154 
155 			case NAME_ERR_MULTIPLE_AT:
156 				(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
157 				    "multiple '@' delimiters"), buflen);
158 				break;
159 			}
160 		}
161 
162 		return (0);
163 	}
164 
165 	if (!(type & ZFS_TYPE_SNAPSHOT) && strchr(path, '@') != NULL) {
166 		if (buf != NULL)
167 			(void) strlcpy(buf,
168 			    dgettext(TEXT_DOMAIN,
169 			    "snapshot delimiter '@'"), buflen);
170 		return (0);
171 	}
172 
173 	return (1);
174 }
175 
176 int
177 zfs_name_valid(const char *name, zfs_type_t type)
178 {
179 	return (zfs_validate_name(name, type, NULL, NULL));
180 }
181 
182 /*
183  * Utility function to gather stats (objset and zpl) for the given object.
184  */
185 static int
186 get_stats(zfs_handle_t *zhp)
187 {
188 	zfs_cmd_t zc = { 0 };
189 
190 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
191 
192 	zc.zc_config_src = (uint64_t)(uintptr_t)zfs_malloc(1024);
193 	zc.zc_config_src_size = 1024;
194 
195 	while (zfs_ioctl(ZFS_IOC_OBJSET_STATS, &zc) != 0) {
196 		if (errno == ENOMEM) {
197 			zc.zc_config_src = (uint64_t)(uintptr_t)
198 			    zfs_malloc(zc.zc_config_src_size);
199 		} else {
200 			free((void *)(uintptr_t)zc.zc_config_src);
201 			return (-1);
202 		}
203 	}
204 
205 	bcopy(&zc.zc_objset_stats, &zhp->zfs_dmustats,
206 	    sizeof (zc.zc_objset_stats));
207 
208 	(void) strcpy(zhp->zfs_root, zc.zc_root);
209 
210 	verify(nvlist_unpack((void *)(uintptr_t)zc.zc_config_src,
211 	    zc.zc_config_src_size, &zhp->zfs_props, 0) == 0);
212 
213 	zhp->zfs_volsize = zc.zc_volsize;
214 	zhp->zfs_volblocksize = zc.zc_volblocksize;
215 
216 	return (0);
217 }
218 
219 /*
220  * Refresh the properties currently stored in the handle.
221  */
222 void
223 zfs_refresh_properties(zfs_handle_t *zhp)
224 {
225 	(void) get_stats(zhp);
226 }
227 
228 /*
229  * Makes a handle from the given dataset name.  Used by zfs_open() and
230  * zfs_iter_* to create child handles on the fly.
231  */
232 zfs_handle_t *
233 make_dataset_handle(const char *path)
234 {
235 	zfs_handle_t *zhp = zfs_malloc(sizeof (zfs_handle_t));
236 
237 top:
238 	(void) strlcpy(zhp->zfs_name, path, sizeof (zhp->zfs_name));
239 
240 	if (get_stats(zhp) != 0) {
241 		free(zhp);
242 		return (NULL);
243 	}
244 
245 	if (zhp->zfs_dmustats.dds_inconsistent) {
246 		zfs_cmd_t zc = { 0 };
247 
248 		/*
249 		 * If it is dds_inconsistent, then we've caught it in
250 		 * the middle of a 'zfs receive' or 'zfs destroy', and
251 		 * it is inconsistent from the ZPL's point of view, so
252 		 * can't be mounted.  However, it could also be that we
253 		 * have crashed in the middle of one of those
254 		 * operations, in which case we need to get rid of the
255 		 * inconsistent state.  We do that by either rolling
256 		 * back to the previous snapshot (which will fail if
257 		 * there is none), or destroying the filesystem.  Note
258 		 * that if we are still in the middle of an active
259 		 * 'receive' or 'destroy', then the rollback and destroy
260 		 * will fail with EBUSY and we will drive on as usual.
261 		 */
262 
263 		(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
264 
265 		if (zhp->zfs_type == ZFS_TYPE_VOLUME) {
266 			(void) zvol_remove_link(zhp->zfs_name);
267 			zc.zc_objset_type = DMU_OST_ZVOL;
268 		} else {
269 			zc.zc_objset_type = DMU_OST_ZFS;
270 		}
271 
272 		/* If we can successfully roll it back, reget the stats */
273 		if (zfs_ioctl(ZFS_IOC_ROLLBACK, &zc) == 0)
274 			goto top;
275 		/*
276 		 * If we can sucessfully destroy it, pretend that it
277 		 * never existed.
278 		 */
279 		if (zfs_ioctl(ZFS_IOC_DESTROY, &zc) == 0) {
280 			free(zhp);
281 			errno = ENOENT;
282 			return (NULL);
283 		}
284 	}
285 
286 	/*
287 	 * We've managed to open the dataset and gather statistics.  Determine
288 	 * the high-level type.
289 	 */
290 	if (zhp->zfs_dmustats.dds_is_snapshot)
291 		zhp->zfs_type = ZFS_TYPE_SNAPSHOT;
292 	else if (zhp->zfs_dmustats.dds_type == DMU_OST_ZVOL)
293 		zhp->zfs_type = ZFS_TYPE_VOLUME;
294 	else if (zhp->zfs_dmustats.dds_type == DMU_OST_ZFS)
295 		zhp->zfs_type = ZFS_TYPE_FILESYSTEM;
296 	else
297 		/* we should never see any other dataset types */
298 		zfs_baderror(zhp->zfs_dmustats.dds_type);
299 
300 	return (zhp);
301 }
302 
303 /*
304  * Opens the given snapshot, filesystem, or volume.   The 'types'
305  * argument is a mask of acceptable types.  The function will print an
306  * appropriate error message and return NULL if it can't be opened.
307  */
308 zfs_handle_t *
309 zfs_open(const char *path, int types)
310 {
311 	zfs_handle_t *zhp;
312 
313 	/*
314 	 * Validate the name before we even try to open it.  We don't care about
315 	 * the verbose invalid messages here; just report a generic error.
316 	 */
317 	if (!zfs_validate_name(path, types, NULL, 0)) {
318 		zfs_error(dgettext(TEXT_DOMAIN,
319 		    "cannot open '%s': invalid %s name"), path,
320 		    path_to_str(path, types));
321 		return (NULL);
322 	}
323 
324 	/*
325 	 * Try to get stats for the dataset, which will tell us if it exists.
326 	 */
327 	errno = 0;
328 	if ((zhp = make_dataset_handle(path)) == NULL) {
329 		switch (errno) {
330 		case ENOENT:
331 			/*
332 			 * The dataset doesn't exist.
333 			 */
334 			zfs_error(dgettext(TEXT_DOMAIN,
335 			    "cannot open '%s': no such %s"), path,
336 			    path_to_str(path, types));
337 			break;
338 
339 		case EBUSY:
340 			/*
341 			 * We were able to open the dataset but couldn't
342 			 * get the stats.
343 			 */
344 			zfs_error(dgettext(TEXT_DOMAIN,
345 			    "cannot open '%s': %s is busy"), path,
346 			    path_to_str(path, types));
347 			break;
348 
349 		case ENXIO:
350 		case EIO:
351 			/*
352 			 * I/O error from the underlying pool.
353 			 */
354 			zfs_error(dgettext(TEXT_DOMAIN,
355 			    "cannot open '%s': I/O error"), path,
356 			    path_to_str(path, types));
357 			break;
358 
359 		default:
360 			zfs_baderror(errno);
361 
362 		}
363 		return (NULL);
364 	}
365 
366 	if (!(types & zhp->zfs_type)) {
367 		zfs_error(dgettext(TEXT_DOMAIN, "cannot open '%s': operation "
368 		    "not supported for %ss"), path,
369 		    zfs_type_to_name(zhp->zfs_type));
370 		free(zhp);
371 		return (NULL);
372 	}
373 
374 	return (zhp);
375 }
376 
377 /*
378  * Release a ZFS handle.  Nothing to do but free the associated memory.
379  */
380 void
381 zfs_close(zfs_handle_t *zhp)
382 {
383 	if (zhp->zfs_mntopts)
384 		free(zhp->zfs_mntopts);
385 	free(zhp);
386 }
387 
388 struct {
389 	const char *name;
390 	uint64_t value;
391 } checksum_table[] = {
392 	{ "on",		ZIO_CHECKSUM_ON },
393 	{ "off",	ZIO_CHECKSUM_OFF },
394 	{ "fletcher2",	ZIO_CHECKSUM_FLETCHER_2 },
395 	{ "fletcher4",	ZIO_CHECKSUM_FLETCHER_4 },
396 	{ "sha256",	ZIO_CHECKSUM_SHA256 },
397 	{ NULL }
398 };
399 
400 struct {
401 	const char *name;
402 	uint64_t value;
403 } compress_table[] = {
404 	{ "on",		ZIO_COMPRESS_ON },
405 	{ "off",	ZIO_COMPRESS_OFF },
406 	{ "lzjb",	ZIO_COMPRESS_LZJB },
407 	{ NULL }
408 };
409 
410 struct {
411 	const char *name;
412 	uint64_t value;
413 } snapdir_table[] = {
414 	{ "hidden",	ZFS_SNAPDIR_HIDDEN },
415 	{ "visible",	ZFS_SNAPDIR_VISIBLE },
416 	{ NULL }
417 };
418 
419 struct {
420 	const char *name;
421 	uint64_t value;
422 } acl_mode_table[] = {
423 	{ "discard",	DISCARD },
424 	{ "groupmask",	GROUPMASK },
425 	{ "passthrough", PASSTHROUGH },
426 	{ NULL }
427 };
428 
429 struct {
430 	const char *name;
431 	uint64_t value;
432 } acl_inherit_table[] = {
433 	{ "discard",	DISCARD },
434 	{ "noallow",	NOALLOW },
435 	{ "secure",	SECURE },
436 	{ "passthrough", PASSTHROUGH },
437 	{ NULL }
438 };
439 
440 
441 /*
442  * Given a numeric suffix, convert the value into a number of bits that the
443  * resulting value must be shifted.
444  */
445 static int
446 str2shift(const char *buf, char *reason, size_t len)
447 {
448 	const char *ends = "BKMGTPEZ";
449 	int i;
450 
451 	if (buf[0] == '\0')
452 		return (0);
453 	for (i = 0; i < strlen(ends); i++) {
454 		if (toupper(buf[0]) == ends[i])
455 			break;
456 	}
457 	if (i == strlen(ends)) {
458 		(void) snprintf(reason, len, dgettext(TEXT_DOMAIN, "invalid "
459 		    "numeric suffix '%s'"), buf);
460 		return (-1);
461 	}
462 
463 	/*
464 	 * We want to allow trailing 'b' characters for 'GB' or 'Mb'.  But don't
465 	 * allow 'BB' - that's just weird.
466 	 */
467 	if (buf[1] == '\0' || (toupper(buf[1]) == 'B' && buf[2] == '\0' &&
468 	    toupper(buf[0]) != 'B')) {
469 		return (10*i);
470 	}
471 
472 	(void) snprintf(reason, len, dgettext(TEXT_DOMAIN, "invalid numeric "
473 	    "suffix '%s'"), buf);
474 	return (-1);
475 }
476 
477 /*
478  * Convert a string of the form '100G' into a real number.  Used when setting
479  * properties or creating a volume.  'buf' is used to place an extended error
480  * message for the caller to use.
481  */
482 static int
483 nicestrtonum(const char *value, uint64_t *num, char *buf, size_t buflen)
484 {
485 	char *end;
486 	int shift;
487 
488 	*num = 0;
489 
490 	/* Check to see if this looks like a number.  */
491 	if ((value[0] < '0' || value[0] > '9') && value[0] != '.') {
492 		(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
493 		    "must be a numeric value"), buflen);
494 		return (-1);
495 	}
496 
497 	/* Rely on stroll() to process the numeric portion.  */
498 	errno = 0;
499 	*num = strtoll(value, &end, 10);
500 
501 	/*
502 	 * Check for ERANGE, which indicates that the value is too large to fit
503 	 * in a 64-bit value.
504 	 */
505 	if (errno == ERANGE) {
506 		(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
507 		    "value is too large"), buflen);
508 		return (-1);
509 	}
510 
511 	/*
512 	 * If we have a decimal value, then do the computation with floating
513 	 * point arithmetic.  Otherwise, use standard arithmetic.
514 	 */
515 	if (*end == '.') {
516 		double fval = strtod(value, &end);
517 
518 		if ((shift = str2shift(end, buf, buflen)) == -1)
519 			return (-1);
520 
521 		fval *= pow(2, shift);
522 
523 		if (fval > UINT64_MAX) {
524 			(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
525 			    "value is too large"), buflen);
526 			return (-1);
527 		}
528 
529 		*num = (uint64_t)fval;
530 	} else {
531 		if ((shift = str2shift(end, buf, buflen)) == -1)
532 			return (-1);
533 
534 		/* Check for overflow */
535 		if (shift >= 64 || (*num << shift) >> shift != *num) {
536 			(void) strlcpy(buf, dgettext(TEXT_DOMAIN,
537 			    "value is too large"), buflen);
538 			return (-1);
539 		}
540 
541 		*num <<= shift;
542 	}
543 
544 	return (0);
545 }
546 
547 int
548 zfs_nicestrtonum(const char *str, uint64_t *val)
549 {
550 	char buf[1];
551 
552 	return (nicestrtonum(str, val, buf, sizeof (buf)));
553 }
554 
555 /*
556  * Given a property type and value, verify that the value is appropriate.  Used
557  * by zfs_prop_set() and some libzfs consumers.
558  */
559 int
560 zfs_prop_validate(zfs_prop_t prop, const char *value, uint64_t *intval)
561 {
562 	const char *propname = zfs_prop_to_name(prop);
563 	uint64_t number;
564 	char reason[64];
565 	int i;
566 
567 	/*
568 	 * Check to see if this a read-only property.
569 	 */
570 	if (zfs_prop_readonly(prop)) {
571 		zfs_error(dgettext(TEXT_DOMAIN,
572 		    "cannot set %s property: read-only property"), propname);
573 		return (-1);
574 	}
575 
576 	/* See if the property value is too long */
577 	if (strlen(value) >= ZFS_MAXPROPLEN) {
578 		zfs_error(dgettext(TEXT_DOMAIN,
579 		    "bad %s value '%s': value is too long"), propname,
580 		    value);
581 		return (-1);
582 	}
583 
584 	/* Perform basic checking based on property type */
585 	switch (zfs_prop_get_type(prop)) {
586 	case prop_type_boolean:
587 		if (strcmp(value, "on") == 0) {
588 			number = 1;
589 		} else if (strcmp(value, "off") == 0) {
590 			number = 0;
591 		} else {
592 			zfs_error(dgettext(TEXT_DOMAIN,
593 			    "bad %s value '%s': must be 'on' or 'off'"),
594 			    propname, value);
595 			return (-1);
596 		}
597 		break;
598 
599 	case prop_type_number:
600 		/* treat 'none' as 0 */
601 		if (strcmp(value, "none") == 0) {
602 			number = 0;
603 			break;
604 		}
605 
606 		if (nicestrtonum(value, &number, reason,
607 		    sizeof (reason)) != 0) {
608 			zfs_error(dgettext(TEXT_DOMAIN,
609 			    "bad %s value '%s': %s"), propname, value,
610 			    reason);
611 			return (-1);
612 		}
613 
614 		/* don't allow 0 for quota, use 'none' instead */
615 		if (prop == ZFS_PROP_QUOTA && number == 0 &&
616 		    strcmp(value, "none") != 0) {
617 			zfs_error(dgettext(TEXT_DOMAIN,
618 			    "bad %s value '%s': use '%s=none' to disable"),
619 			    propname, value, propname);
620 			return (-1);
621 		}
622 
623 		/* must be power of two within SPA_{MIN,MAX}BLOCKSIZE */
624 		if (prop == ZFS_PROP_RECORDSIZE ||
625 		    prop == ZFS_PROP_VOLBLOCKSIZE) {
626 			if (number < SPA_MINBLOCKSIZE ||
627 			    number > SPA_MAXBLOCKSIZE || !ISP2(number)) {
628 				zfs_error(dgettext(TEXT_DOMAIN,
629 				    "bad %s value '%s': "
630 				    "must be power of 2 from %u to %uk"),
631 				    propname, value,
632 				    (uint_t)SPA_MINBLOCKSIZE,
633 				    (uint_t)SPA_MAXBLOCKSIZE >> 10);
634 				return (-1);
635 			}
636 		}
637 
638 		break;
639 
640 	case prop_type_string:
641 	case prop_type_index:
642 		/*
643 		 * The two writable string values, 'mountpoint' and
644 		 * 'checksum' need special consideration.  The 'index' types are
645 		 * specified as strings by the user, but passed to the kernel as
646 		 * integers.
647 		 */
648 		switch (prop) {
649 		case ZFS_PROP_MOUNTPOINT:
650 			if (strcmp(value, ZFS_MOUNTPOINT_NONE) == 0 ||
651 			    strcmp(value, ZFS_MOUNTPOINT_LEGACY) == 0)
652 				break;
653 
654 			if (value[0] != '/') {
655 				zfs_error(dgettext(TEXT_DOMAIN,
656 				    "bad %s value '%s': must be an absolute "
657 				    "path, 'none', or 'legacy'"),
658 				    propname, value);
659 				return (-1);
660 			}
661 			break;
662 
663 		case ZFS_PROP_CHECKSUM:
664 			for (i = 0; checksum_table[i].name != NULL; i++) {
665 				if (strcmp(value, checksum_table[i].name)
666 				    == 0) {
667 					number = checksum_table[i].value;
668 					break;
669 				}
670 			}
671 
672 			if (checksum_table[i].name == NULL) {
673 				zfs_error(dgettext(TEXT_DOMAIN,
674 				    "bad %s value '%s': must be 'on', 'off', "
675 				    "'fletcher2', 'fletcher4', or 'sha256'"),
676 				    propname, value);
677 				return (-1);
678 			}
679 			break;
680 
681 		case ZFS_PROP_COMPRESSION:
682 			for (i = 0; compress_table[i].name != NULL; i++) {
683 				if (strcmp(value, compress_table[i].name)
684 				    == 0) {
685 					number = compress_table[i].value;
686 					break;
687 				}
688 			}
689 
690 			if (compress_table[i].name == NULL) {
691 				zfs_error(dgettext(TEXT_DOMAIN,
692 				    "bad %s value '%s': must be 'on', 'off', "
693 				    "or 'lzjb'"),
694 				    propname, value);
695 				return (-1);
696 			}
697 			break;
698 
699 		case ZFS_PROP_SNAPDIR:
700 			for (i = 0; snapdir_table[i].name != NULL; i++) {
701 				if (strcmp(value, snapdir_table[i].name) == 0) {
702 					number = snapdir_table[i].value;
703 					break;
704 				}
705 			}
706 
707 			if (snapdir_table[i].name == NULL) {
708 				zfs_error(dgettext(TEXT_DOMAIN,
709 				    "bad %s value '%s': must be 'hidden' "
710 				    "or 'visible'"),
711 				    propname, value);
712 				return (-1);
713 			}
714 			break;
715 
716 		case ZFS_PROP_ACLMODE:
717 			for (i = 0; acl_mode_table[i].name != NULL; i++) {
718 				if (strcmp(value, acl_mode_table[i].name)
719 				    == 0) {
720 					number = acl_mode_table[i].value;
721 					break;
722 				}
723 			}
724 
725 			if (acl_mode_table[i].name == NULL) {
726 				zfs_error(dgettext(TEXT_DOMAIN,
727 				    "bad %s value '%s': must be 'discard', "
728 				    "'groupmask' or 'passthrough'"),
729 				    propname, value);
730 				return (-1);
731 			}
732 			break;
733 
734 		case ZFS_PROP_ACLINHERIT:
735 			for (i = 0; acl_inherit_table[i].name != NULL; i++) {
736 				if (strcmp(value, acl_inherit_table[i].name)
737 				    == 0) {
738 					number = acl_inherit_table[i].value;
739 					break;
740 				}
741 			}
742 
743 			if (acl_inherit_table[i].name == NULL) {
744 				zfs_error(dgettext(TEXT_DOMAIN,
745 				    "bad %s value '%s': must be 'discard', "
746 				    "'noallow', 'secure' or 'passthrough'"),
747 				    propname, value);
748 				return (-1);
749 			}
750 			break;
751 
752 		case ZFS_PROP_SHARENFS:
753 			/*
754 			 * Nothing to do for 'sharenfs', this gets passed on to
755 			 * share(1M) verbatim.
756 			 */
757 			break;
758 		}
759 	}
760 
761 	if (intval != NULL)
762 		*intval = number;
763 
764 	return (0);
765 }
766 
767 /*
768  * Given a property name and value, set the property for the given dataset.
769  */
770 int
771 zfs_prop_set(zfs_handle_t *zhp, zfs_prop_t prop, const char *propval)
772 {
773 	const char *propname = zfs_prop_to_name(prop);
774 	uint64_t number;
775 	zfs_cmd_t zc = { 0 };
776 	int ret;
777 	prop_changelist_t *cl;
778 
779 	if (zfs_prop_validate(prop, propval, &number) != 0)
780 		return (-1);
781 
782 	/*
783 	 * Check to see if the value applies to this type
784 	 */
785 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type)) {
786 		zfs_error(dgettext(TEXT_DOMAIN,
787 		    "cannot set %s for '%s': property does not apply to %ss"),
788 		    propname, zhp->zfs_name, zfs_type_to_name(zhp->zfs_type));
789 		return (-1);
790 	}
791 
792 	/*
793 	 * For the mountpoint and sharenfs properties, check if it can be set
794 	 * in a global/non-global zone based on the zoned property value:
795 	 *
796 	 *		global zone	    non-global zone
797 	 * -----------------------------------------------------
798 	 * zoned=on	mountpoint (no)	    mountpoint (yes)
799 	 *		sharenfs (no)	    sharenfs (no)
800 	 *
801 	 * zoned=off	mountpoint (yes)	N/A
802 	 *		sharenfs (yes)
803 	 */
804 	if (prop == ZFS_PROP_MOUNTPOINT || prop == ZFS_PROP_SHARENFS) {
805 		if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) {
806 			if (getzoneid() == GLOBAL_ZONEID) {
807 				zfs_error(dgettext(TEXT_DOMAIN,
808 				    "cannot set %s for '%s': "
809 				    "dataset is used in a non-global zone"),
810 				    propname, zhp->zfs_name);
811 				return (-1);
812 			} else if (prop == ZFS_PROP_SHARENFS) {
813 				zfs_error(dgettext(TEXT_DOMAIN,
814 				    "cannot set %s for '%s': filesystems "
815 				    "cannot be shared in a non-global zone"),
816 				    propname, zhp->zfs_name);
817 				return (-1);
818 			}
819 		} else if (getzoneid() != GLOBAL_ZONEID) {
820 			/*
821 			 * If zoned property is 'off', this must be in
822 			 * a globle zone. If not, something is wrong.
823 			 */
824 			zfs_error(dgettext(TEXT_DOMAIN,
825 			    "cannot set %s for '%s': dataset is "
826 			    "used in a non-global zone, but 'zoned' "
827 			    "property is not set"),
828 			    propname, zhp->zfs_name);
829 			return (-1);
830 		}
831 	}
832 
833 	if ((cl = changelist_gather(zhp, prop, 0)) == NULL)
834 		return (-1);
835 
836 	if (prop == ZFS_PROP_MOUNTPOINT && changelist_haszonedchild(cl)) {
837 		zfs_error(dgettext(TEXT_DOMAIN, "cannot set %s for '%s', "
838 			"child dataset with inherited mountpoint is used "
839 			"in a non-global zone"),
840 			propname, zhp->zfs_name);
841 		ret = -1;
842 		goto error;
843 	}
844 
845 	if ((ret = changelist_prefix(cl)) != 0)
846 		goto error;
847 
848 	/*
849 	 * Execute the corresponding ioctl() to set this property.
850 	 */
851 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
852 
853 	switch (prop) {
854 	case ZFS_PROP_QUOTA:
855 		zc.zc_cookie = number;
856 		ret = zfs_ioctl(ZFS_IOC_SET_QUOTA, &zc);
857 		break;
858 	case ZFS_PROP_RESERVATION:
859 		zc.zc_cookie = number;
860 		ret = zfs_ioctl(ZFS_IOC_SET_RESERVATION, &zc);
861 		break;
862 	case ZFS_PROP_MOUNTPOINT:
863 	case ZFS_PROP_SHARENFS:
864 		/*
865 		 * These properties are passed down as real strings.
866 		 */
867 		(void) strlcpy(zc.zc_prop_name, propname,
868 		    sizeof (zc.zc_prop_name));
869 		(void) strlcpy(zc.zc_prop_value, propval,
870 		    sizeof (zc.zc_prop_value));
871 		zc.zc_intsz = 1;
872 		zc.zc_numints = strlen(propval) + 1;
873 		ret = zfs_ioctl(ZFS_IOC_SET_PROP, &zc);
874 		break;
875 	case ZFS_PROP_VOLSIZE:
876 		zc.zc_volsize = number;
877 		ret = zfs_ioctl(ZFS_IOC_SET_VOLSIZE, &zc);
878 		break;
879 	case ZFS_PROP_VOLBLOCKSIZE:
880 		zc.zc_volblocksize = number;
881 		ret = zfs_ioctl(ZFS_IOC_SET_VOLBLOCKSIZE, &zc);
882 		break;
883 	default:
884 		(void) strlcpy(zc.zc_prop_name, propname,
885 		    sizeof (zc.zc_prop_name));
886 		/* LINTED - alignment */
887 		*(uint64_t *)zc.zc_prop_value = number;
888 		zc.zc_intsz = 8;
889 		zc.zc_numints = 1;
890 		ret = zfs_ioctl(ZFS_IOC_SET_PROP, &zc);
891 		break;
892 	}
893 
894 	if (ret != 0) {
895 		switch (errno) {
896 
897 		case EPERM:
898 			zfs_error(dgettext(TEXT_DOMAIN,
899 			    "cannot set %s for '%s': permission "
900 			    "denied"), propname, zhp->zfs_name);
901 			break;
902 
903 		case ENOENT:
904 			zfs_error(dgettext(TEXT_DOMAIN,
905 			    "cannot open '%s': no such %s"), zhp->zfs_name,
906 			    zfs_type_to_name(zhp->zfs_type));
907 			break;
908 
909 		case ENOSPC:
910 			/*
911 			 * For quotas and reservations, ENOSPC indicates
912 			 * something different; setting a quota or reservation
913 			 * doesn't use any disk space.
914 			 */
915 			switch (prop) {
916 			case ZFS_PROP_QUOTA:
917 				zfs_error(dgettext(TEXT_DOMAIN, "cannot set %s "
918 				    "for '%s': size is less than current "
919 				    "used or reserved space"), propname,
920 				    zhp->zfs_name);
921 				break;
922 
923 			case ZFS_PROP_RESERVATION:
924 				zfs_error(dgettext(TEXT_DOMAIN, "cannot set %s "
925 				    "for '%s': size is greater than available "
926 				    "space"), propname, zhp->zfs_name);
927 				break;
928 
929 			default:
930 				zfs_error(dgettext(TEXT_DOMAIN,
931 				    "cannot set %s for '%s': out of space"),
932 				    propname, zhp->zfs_name);
933 				break;
934 			}
935 			break;
936 
937 		case EBUSY:
938 			if (prop == ZFS_PROP_VOLBLOCKSIZE) {
939 				zfs_error(dgettext(TEXT_DOMAIN,
940 				    "cannot set %s for '%s': "
941 				    "volume already contains data"),
942 				    propname, zhp->zfs_name);
943 			} else {
944 				zfs_baderror(errno);
945 			}
946 			break;
947 
948 		case EROFS:
949 			zfs_error(dgettext(TEXT_DOMAIN, "cannot set %s for "
950 			    "'%s': read only %s"), propname, zhp->zfs_name,
951 			    zfs_type_to_name(zhp->zfs_type));
952 			break;
953 
954 		case EOVERFLOW:
955 			/*
956 			 * This platform can't address a volume this big.
957 			 */
958 #ifdef _ILP32
959 			if (prop == ZFS_PROP_VOLSIZE) {
960 				zfs_error(dgettext(TEXT_DOMAIN,
961 				    "cannot set %s for '%s': "
962 				    "max volume size is 1TB on 32-bit systems"),
963 				    propname, zhp->zfs_name);
964 				break;
965 			}
966 #endif
967 			zfs_baderror(errno);
968 		default:
969 			zfs_baderror(errno);
970 		}
971 	} else {
972 		/*
973 		 * Refresh the statistics so the new property value
974 		 * is reflected.
975 		 */
976 		if ((ret = changelist_postfix(cl)) != 0)
977 			goto error;
978 
979 		(void) get_stats(zhp);
980 	}
981 
982 error:
983 	changelist_free(cl);
984 	return (ret);
985 }
986 
987 /*
988  * Given a property, inherit the value from the parent dataset.
989  */
990 int
991 zfs_prop_inherit(zfs_handle_t *zhp, zfs_prop_t prop)
992 {
993 	const char *propname = zfs_prop_to_name(prop);
994 	zfs_cmd_t zc = { 0 };
995 	int ret;
996 	prop_changelist_t *cl;
997 
998 	/*
999 	 * Verify that this property is inheritable.
1000 	 */
1001 	if (zfs_prop_readonly(prop)) {
1002 		zfs_error(dgettext(TEXT_DOMAIN,
1003 		    "cannot inherit %s for '%s': property is read-only"),
1004 		    propname, zhp->zfs_name);
1005 		return (-1);
1006 	}
1007 
1008 	if (!zfs_prop_inheritable(prop)) {
1009 		zfs_error(dgettext(TEXT_DOMAIN,
1010 		    "cannot inherit %s for '%s': property is not inheritable"),
1011 		    propname, zhp->zfs_name);
1012 		return (-1);
1013 	}
1014 
1015 	/*
1016 	 * Check to see if the value applies to this type
1017 	 */
1018 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type)) {
1019 		zfs_error(dgettext(TEXT_DOMAIN,
1020 		    "cannot inherit %s for '%s': property does "
1021 		    "not apply to %ss"), propname, zhp->zfs_name,
1022 		    zfs_type_to_name(zhp->zfs_type));
1023 		return (-1);
1024 	}
1025 
1026 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1027 	(void) strlcpy(zc.zc_prop_name, propname, sizeof (zc.zc_prop_name));
1028 
1029 	if (prop == ZFS_PROP_MOUNTPOINT && getzoneid() == GLOBAL_ZONEID &&
1030 	    zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) {
1031 		zfs_error(dgettext(TEXT_DOMAIN, "cannot inherit %s for '%s', "
1032 		    "dataset is used in a non-global zone"), propname,
1033 		    zhp->zfs_name);
1034 		return (-1);
1035 	}
1036 
1037 	/*
1038 	 * Determine datasets which will be affected by this change, if any.
1039 	 */
1040 	if ((cl = changelist_gather(zhp, prop, 0)) == NULL)
1041 		return (-1);
1042 
1043 	if (prop == ZFS_PROP_MOUNTPOINT && changelist_haszonedchild(cl)) {
1044 		zfs_error(dgettext(TEXT_DOMAIN, "cannot inherit %s for '%s', "
1045 			"child dataset with inherited mountpoint is "
1046 			"used in a non-global zone"),
1047 			propname, zhp->zfs_name);
1048 		ret = -1;
1049 		goto error;
1050 	}
1051 
1052 	if ((ret = changelist_prefix(cl)) != 0)
1053 		goto error;
1054 
1055 	zc.zc_numints = 0;
1056 
1057 	if ((ret = zfs_ioctl(ZFS_IOC_SET_PROP, &zc)) != 0) {
1058 		switch (errno) {
1059 		case EPERM:
1060 			zfs_error(dgettext(TEXT_DOMAIN,
1061 			    "cannot inherit %s for '%s': permission "
1062 			    "denied"), propname, zhp->zfs_name);
1063 			break;
1064 		case ENOENT:
1065 			zfs_error(dgettext(TEXT_DOMAIN,
1066 			    "cannot open '%s': no such %s"), zhp->zfs_name,
1067 			    zfs_type_to_name(zhp->zfs_type));
1068 			break;
1069 		case ENOSPC:
1070 			zfs_error(dgettext(TEXT_DOMAIN,
1071 			    "cannot inherit %s for '%s': "
1072 			    "out of space"), propname, zhp->zfs_name);
1073 			break;
1074 		default:
1075 			zfs_baderror(errno);
1076 		}
1077 
1078 	} else {
1079 
1080 		if ((ret = changelist_postfix(cl)) != 0)
1081 			goto error;
1082 
1083 		/*
1084 		 * Refresh the statistics so the new property is reflected.
1085 		 */
1086 		(void) get_stats(zhp);
1087 	}
1088 
1089 
1090 error:
1091 	changelist_free(cl);
1092 	return (ret);
1093 }
1094 
1095 static void
1096 nicebool(int value, char *buf, size_t buflen)
1097 {
1098 	if (value)
1099 		(void) strlcpy(buf, "on", buflen);
1100 	else
1101 		(void) strlcpy(buf, "off", buflen);
1102 }
1103 
1104 /*
1105  * True DSL properties are stored in an nvlist.  The following two functions
1106  * extract them appropriately.
1107  */
1108 static uint64_t
1109 getprop_uint64(zfs_handle_t *zhp, zfs_prop_t prop, char **source)
1110 {
1111 	nvlist_t *nv;
1112 	uint64_t value;
1113 
1114 	if (nvlist_lookup_nvlist(zhp->zfs_props,
1115 	    zfs_prop_to_name(prop), &nv) == 0) {
1116 		verify(nvlist_lookup_uint64(nv, ZFS_PROP_VALUE, &value) == 0);
1117 		verify(nvlist_lookup_string(nv, ZFS_PROP_SOURCE, source) == 0);
1118 	} else {
1119 		value = zfs_prop_default_numeric(prop);
1120 		*source = "";
1121 	}
1122 
1123 	return (value);
1124 }
1125 
1126 static char *
1127 getprop_string(zfs_handle_t *zhp, zfs_prop_t prop, char **source)
1128 {
1129 	nvlist_t *nv;
1130 	char *value;
1131 
1132 	if (nvlist_lookup_nvlist(zhp->zfs_props,
1133 	    zfs_prop_to_name(prop), &nv) == 0) {
1134 		verify(nvlist_lookup_string(nv, ZFS_PROP_VALUE, &value) == 0);
1135 		verify(nvlist_lookup_string(nv, ZFS_PROP_SOURCE, source) == 0);
1136 	} else {
1137 		if ((value = (char *)zfs_prop_default_string(prop)) == NULL)
1138 			value = "";
1139 		*source = "";
1140 	}
1141 
1142 	return (value);
1143 }
1144 
1145 /*
1146  * Internal function for getting a numeric property.  Both zfs_prop_get() and
1147  * zfs_prop_get_int() are built using this interface.
1148  *
1149  * Certain properties can be overridden using 'mount -o'.  In this case, scan
1150  * the contents of the /etc/mnttab entry, searching for the appropriate options.
1151  * If they differ from the on-disk values, report the current values and mark
1152  * the source "temporary".
1153  */
1154 static uint64_t
1155 get_numeric_property(zfs_handle_t *zhp, zfs_prop_t prop, zfs_source_t *src,
1156     char **source)
1157 {
1158 	uint64_t val;
1159 	struct mnttab mnt;
1160 
1161 	*source = NULL;
1162 
1163 	if (zhp->zfs_mntopts == NULL)
1164 		mnt.mnt_mntopts = "";
1165 	else
1166 		mnt.mnt_mntopts = zhp->zfs_mntopts;
1167 
1168 	switch (prop) {
1169 	case ZFS_PROP_ATIME:
1170 		val = getprop_uint64(zhp, prop, source);
1171 
1172 		if (hasmntopt(&mnt, MNTOPT_ATIME) && !val) {
1173 			val = TRUE;
1174 			if (src)
1175 				*src = ZFS_SRC_TEMPORARY;
1176 		} else if (hasmntopt(&mnt, MNTOPT_NOATIME) && val) {
1177 			val = FALSE;
1178 			if (src)
1179 				*src = ZFS_SRC_TEMPORARY;
1180 		}
1181 		return (val);
1182 
1183 	case ZFS_PROP_AVAILABLE:
1184 		return (zhp->zfs_dmustats.dds_available);
1185 
1186 	case ZFS_PROP_DEVICES:
1187 		val = getprop_uint64(zhp, prop, source);
1188 
1189 		if (hasmntopt(&mnt, MNTOPT_DEVICES) && !val) {
1190 			val = TRUE;
1191 			if (src)
1192 				*src = ZFS_SRC_TEMPORARY;
1193 		} else if (hasmntopt(&mnt, MNTOPT_NODEVICES) && val) {
1194 			val = FALSE;
1195 			if (src)
1196 				*src = ZFS_SRC_TEMPORARY;
1197 		}
1198 		return (val);
1199 
1200 	case ZFS_PROP_EXEC:
1201 		val = getprop_uint64(zhp, prop, source);
1202 
1203 		if (hasmntopt(&mnt, MNTOPT_EXEC) && !val) {
1204 			val = TRUE;
1205 			if (src)
1206 				*src = ZFS_SRC_TEMPORARY;
1207 		} else if (hasmntopt(&mnt, MNTOPT_NOEXEC) && val) {
1208 			val = FALSE;
1209 			if (src)
1210 				*src = ZFS_SRC_TEMPORARY;
1211 		}
1212 		return (val);
1213 
1214 	case ZFS_PROP_RECORDSIZE:
1215 	case ZFS_PROP_COMPRESSION:
1216 	case ZFS_PROP_ZONED:
1217 		val = getprop_uint64(zhp, prop, source);
1218 		return (val);
1219 
1220 	case ZFS_PROP_READONLY:
1221 		val = getprop_uint64(zhp, prop, source);
1222 
1223 		if (hasmntopt(&mnt, MNTOPT_RO) && !val) {
1224 			val = TRUE;
1225 			if (src)
1226 				*src = ZFS_SRC_TEMPORARY;
1227 		} else if (hasmntopt(&mnt, MNTOPT_RW) && val) {
1228 			val = FALSE;
1229 			if (src)
1230 				*src = ZFS_SRC_TEMPORARY;
1231 		}
1232 		return (val);
1233 
1234 	case ZFS_PROP_CREATION:
1235 		return (zhp->zfs_dmustats.dds_creation_time);
1236 
1237 	case ZFS_PROP_QUOTA:
1238 		if (zhp->zfs_dmustats.dds_quota == 0)
1239 			*source = "";	/* default */
1240 		else
1241 			*source = zhp->zfs_name;
1242 		return (zhp->zfs_dmustats.dds_quota);
1243 
1244 	case ZFS_PROP_RESERVATION:
1245 		if (zhp->zfs_dmustats.dds_reserved == 0)
1246 			*source = "";	/* default */
1247 		else
1248 			*source = zhp->zfs_name;
1249 		return (zhp->zfs_dmustats.dds_reserved);
1250 
1251 	case ZFS_PROP_COMPRESSRATIO:
1252 		/*
1253 		 * Using physical space and logical space, calculate the
1254 		 * compression ratio.  We return the number as a multiple of
1255 		 * 100, so '2.5x' would be returned as 250.
1256 		 */
1257 		if (zhp->zfs_dmustats.dds_compressed_bytes == 0)
1258 			return (100ULL);
1259 		else
1260 			return (zhp->zfs_dmustats.dds_uncompressed_bytes * 100 /
1261 			    zhp->zfs_dmustats.dds_compressed_bytes);
1262 
1263 	case ZFS_PROP_REFERENCED:
1264 		/*
1265 		 * 'referenced' refers to the amount of physical space
1266 		 * referenced (possibly shared) by this object.
1267 		 */
1268 		return (zhp->zfs_dmustats.dds_space_refd);
1269 
1270 	case ZFS_PROP_SETUID:
1271 		val = getprop_uint64(zhp, prop, source);
1272 
1273 		if (hasmntopt(&mnt, MNTOPT_SETUID) && !val) {
1274 			val = TRUE;
1275 			if (src)
1276 				*src = ZFS_SRC_TEMPORARY;
1277 		} else if (hasmntopt(&mnt, MNTOPT_NOSETUID) && val) {
1278 			val = FALSE;
1279 			if (src)
1280 				*src = ZFS_SRC_TEMPORARY;
1281 		}
1282 		return (val);
1283 
1284 	case ZFS_PROP_VOLSIZE:
1285 		return (zhp->zfs_volsize);
1286 
1287 	case ZFS_PROP_VOLBLOCKSIZE:
1288 		return (zhp->zfs_volblocksize);
1289 
1290 	case ZFS_PROP_USED:
1291 		return (zhp->zfs_dmustats.dds_space_used);
1292 
1293 	case ZFS_PROP_CREATETXG:
1294 		return (zhp->zfs_dmustats.dds_creation_txg);
1295 
1296 	case ZFS_PROP_MOUNTED:
1297 		/*
1298 		 * Unlike other properties, we defer calculation of 'MOUNTED'
1299 		 * until actually requested.  This is because the getmntany()
1300 		 * call can be extremely expensive on systems with a large
1301 		 * number of filesystems, and the property isn't needed in
1302 		 * normal use cases.
1303 		 */
1304 		if (zhp->zfs_mntopts == NULL) {
1305 			struct mnttab search = { 0 }, entry;
1306 
1307 			search.mnt_special = (char *)zhp->zfs_name;
1308 			search.mnt_fstype = MNTTYPE_ZFS;
1309 			rewind(zfs_mnttab());
1310 
1311 			if (getmntany(zfs_mnttab(), &entry, &search) == 0)
1312 				zhp->zfs_mntopts =
1313 				    zfs_strdup(entry.mnt_mntopts);
1314 		}
1315 		return (zhp->zfs_mntopts != NULL);
1316 
1317 	default:
1318 		zfs_baderror(EINVAL);
1319 	}
1320 
1321 	return (0);
1322 }
1323 
1324 /*
1325  * Calculate the source type, given the raw source string.
1326  */
1327 static void
1328 get_source(zfs_handle_t *zhp, zfs_source_t *srctype, char *source,
1329     char *statbuf, size_t statlen)
1330 {
1331 	if (statbuf == NULL || *srctype == ZFS_SRC_TEMPORARY)
1332 		return;
1333 
1334 	if (source == NULL) {
1335 		*srctype = ZFS_SRC_NONE;
1336 	} else if (source[0] == '\0') {
1337 		*srctype = ZFS_SRC_DEFAULT;
1338 	} else {
1339 		if (strcmp(source, zhp->zfs_name) == 0) {
1340 			*srctype = ZFS_SRC_LOCAL;
1341 		} else {
1342 			(void) strlcpy(statbuf, source, statlen);
1343 			*srctype = ZFS_SRC_INHERITED;
1344 		}
1345 	}
1346 
1347 }
1348 
1349 /*
1350  * Retrieve a property from the given object.  If 'literal' is specified, then
1351  * numbers are left as exact values.  Otherwise, numbers are converted to a
1352  * human-readable form.
1353  *
1354  * Returns 0 on success, or -1 on error.
1355  */
1356 int
1357 zfs_prop_get(zfs_handle_t *zhp, zfs_prop_t prop, char *propbuf, size_t proplen,
1358     zfs_source_t *src, char *statbuf, size_t statlen, int literal)
1359 {
1360 	char *source = NULL;
1361 	uint64_t val;
1362 	char *str;
1363 	int i;
1364 	const char *root;
1365 
1366 	/*
1367 	 * Check to see if this property applies to our object
1368 	 */
1369 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type))
1370 		return (-1);
1371 
1372 	if (src)
1373 		*src = ZFS_SRC_NONE;
1374 
1375 	switch (prop) {
1376 	case ZFS_PROP_ATIME:
1377 	case ZFS_PROP_READONLY:
1378 	case ZFS_PROP_SETUID:
1379 	case ZFS_PROP_ZONED:
1380 	case ZFS_PROP_DEVICES:
1381 	case ZFS_PROP_EXEC:
1382 		/*
1383 		 * Basic boolean values are built on top of
1384 		 * get_numeric_property().
1385 		 */
1386 		nicebool(get_numeric_property(zhp, prop, src, &source),
1387 		    propbuf, proplen);
1388 
1389 		break;
1390 
1391 	case ZFS_PROP_AVAILABLE:
1392 	case ZFS_PROP_RECORDSIZE:
1393 	case ZFS_PROP_CREATETXG:
1394 	case ZFS_PROP_REFERENCED:
1395 	case ZFS_PROP_USED:
1396 	case ZFS_PROP_VOLSIZE:
1397 	case ZFS_PROP_VOLBLOCKSIZE:
1398 		/*
1399 		 * Basic numeric values are built on top of
1400 		 * get_numeric_property().
1401 		 */
1402 		val = get_numeric_property(zhp, prop, src, &source);
1403 		if (literal)
1404 			(void) snprintf(propbuf, proplen, "%llu", val);
1405 		else
1406 			zfs_nicenum(val, propbuf, proplen);
1407 		break;
1408 
1409 	case ZFS_PROP_COMPRESSION:
1410 		val = getprop_uint64(zhp, prop, &source);
1411 		for (i = 0; compress_table[i].name != NULL; i++) {
1412 			if (compress_table[i].value == val)
1413 				break;
1414 		}
1415 		assert(compress_table[i].name != NULL);
1416 		(void) strlcpy(propbuf, compress_table[i].name, proplen);
1417 		break;
1418 
1419 	case ZFS_PROP_CHECKSUM:
1420 		val = getprop_uint64(zhp, prop, &source);
1421 		for (i = 0; checksum_table[i].name != NULL; i++) {
1422 			if (checksum_table[i].value == val)
1423 				break;
1424 		}
1425 		assert(checksum_table[i].name != NULL);
1426 		(void) strlcpy(propbuf, checksum_table[i].name, proplen);
1427 		break;
1428 
1429 	case ZFS_PROP_SNAPDIR:
1430 		val = getprop_uint64(zhp, prop, &source);
1431 		for (i = 0; snapdir_table[i].name != NULL; i++) {
1432 			if (snapdir_table[i].value == val)
1433 				break;
1434 		}
1435 		assert(snapdir_table[i].name != NULL);
1436 		(void) strlcpy(propbuf, snapdir_table[i].name, proplen);
1437 		break;
1438 
1439 	case ZFS_PROP_ACLMODE:
1440 		val = getprop_uint64(zhp, prop, &source);
1441 		for (i = 0; acl_mode_table[i].name != NULL; i++) {
1442 			if (acl_mode_table[i].value == val)
1443 				break;
1444 		}
1445 		assert(acl_mode_table[i].name != NULL);
1446 		(void) strlcpy(propbuf, acl_mode_table[i].name, proplen);
1447 		break;
1448 
1449 	case ZFS_PROP_ACLINHERIT:
1450 		val = getprop_uint64(zhp, prop, &source);
1451 		for (i = 0; acl_inherit_table[i].name != NULL; i++) {
1452 			if (acl_inherit_table[i].value == val)
1453 				break;
1454 		}
1455 		assert(acl_inherit_table[i].name != NULL);
1456 		(void) strlcpy(propbuf, acl_inherit_table[i].name, proplen);
1457 		break;
1458 
1459 	case ZFS_PROP_CREATION:
1460 		/*
1461 		 * 'creation' is a time_t stored in the statistics.  We convert
1462 		 * this into a string unless 'literal' is specified.
1463 		 */
1464 		{
1465 			time_t time = (time_t)
1466 			    zhp->zfs_dmustats.dds_creation_time;
1467 			struct tm t;
1468 
1469 			if (literal ||
1470 			    localtime_r(&time, &t) == NULL ||
1471 			    strftime(propbuf, proplen, "%a %b %e %k:%M %Y",
1472 			    &t) == 0)
1473 				(void) snprintf(propbuf, proplen, "%llu",
1474 				    zhp->zfs_dmustats.dds_creation_time);
1475 		}
1476 		break;
1477 
1478 	case ZFS_PROP_MOUNTPOINT:
1479 		/*
1480 		 * Getting the precise mountpoint can be tricky.
1481 		 *
1482 		 *  - for 'none' or 'legacy', return those values.
1483 		 *  - for default mountpoints, construct it as /zfs/<dataset>
1484 		 *  - for inherited mountpoints, we want to take everything
1485 		 *    after our ancestor and append it to the inherited value.
1486 		 *
1487 		 * If the pool has an alternate root, we want to prepend that
1488 		 * root to any values we return.
1489 		 */
1490 		root = zhp->zfs_root;
1491 		str = getprop_string(zhp, prop, &source);
1492 
1493 		if (str[0] == '\0') {
1494 			(void) snprintf(propbuf, proplen, "%s/zfs/%s",
1495 			    root, zhp->zfs_name);
1496 		} else if (str[0] == '/') {
1497 			const char *relpath = zhp->zfs_name + strlen(source);
1498 
1499 			if (relpath[0] == '/')
1500 				relpath++;
1501 			if (str[1] == '\0')
1502 				str++;
1503 
1504 			if (relpath[0] == '\0')
1505 				(void) snprintf(propbuf, proplen, "%s%s",
1506 				    root, str);
1507 			else
1508 				(void) snprintf(propbuf, proplen, "%s%s%s%s",
1509 				    root, str, relpath[0] == '@' ? "" : "/",
1510 				    relpath);
1511 		} else {
1512 			/* 'legacy' or 'none' */
1513 			(void) strlcpy(propbuf, str, proplen);
1514 		}
1515 
1516 		break;
1517 
1518 	case ZFS_PROP_SHARENFS:
1519 		(void) strlcpy(propbuf, getprop_string(zhp, prop, &source),
1520 		    proplen);
1521 		break;
1522 
1523 	case ZFS_PROP_ORIGIN:
1524 		(void) strlcpy(propbuf, zhp->zfs_dmustats.dds_clone_of,
1525 		    proplen);
1526 		/*
1527 		 * If there is no parent at all, return failure to indicate that
1528 		 * it doesn't apply to this dataset.
1529 		 */
1530 		if (propbuf[0] == '\0')
1531 			return (-1);
1532 		break;
1533 
1534 	case ZFS_PROP_QUOTA:
1535 	case ZFS_PROP_RESERVATION:
1536 		val = get_numeric_property(zhp, prop, src, &source);
1537 
1538 		/*
1539 		 * If quota or reservation is 0, we translate this into 'none'
1540 		 * (unless literal is set), and indicate that it's the default
1541 		 * value.  Otherwise, we print the number nicely and indicate
1542 		 * that its set locally.
1543 		 */
1544 		if (val == 0) {
1545 			if (literal)
1546 				(void) strlcpy(propbuf, "0", proplen);
1547 			else
1548 				(void) strlcpy(propbuf, "none", proplen);
1549 		} else {
1550 			if (literal)
1551 				(void) snprintf(propbuf, proplen, "%llu", val);
1552 			else
1553 				zfs_nicenum(val, propbuf, proplen);
1554 		}
1555 		break;
1556 
1557 	case ZFS_PROP_COMPRESSRATIO:
1558 		val = get_numeric_property(zhp, prop, src, &source);
1559 		(void) snprintf(propbuf, proplen, "%lld.%02lldx", val / 100,
1560 		    val % 100);
1561 		break;
1562 
1563 	case ZFS_PROP_TYPE:
1564 		switch (zhp->zfs_type) {
1565 		case ZFS_TYPE_FILESYSTEM:
1566 			str = "filesystem";
1567 			break;
1568 		case ZFS_TYPE_VOLUME:
1569 			str = "volume";
1570 			break;
1571 		case ZFS_TYPE_SNAPSHOT:
1572 			str = "snapshot";
1573 			break;
1574 		default:
1575 			zfs_baderror(zhp->zfs_type);
1576 		}
1577 		(void) snprintf(propbuf, proplen, "%s", str);
1578 		break;
1579 
1580 	case ZFS_PROP_MOUNTED:
1581 		/*
1582 		 * The 'mounted' property is a pseudo-property that described
1583 		 * whether the filesystem is currently mounted.  Even though
1584 		 * it's a boolean value, the typical values of "on" and "off"
1585 		 * don't make sense, so we translate to "yes" and "no".
1586 		 */
1587 		if (get_numeric_property(zhp, ZFS_PROP_MOUNTED, src, &source))
1588 			(void) strlcpy(propbuf, "yes", proplen);
1589 		else
1590 			(void) strlcpy(propbuf, "no", proplen);
1591 		break;
1592 
1593 	case ZFS_PROP_NAME:
1594 		/*
1595 		 * The 'name' property is a pseudo-property derived from the
1596 		 * dataset name.  It is presented as a real property to simplify
1597 		 * consumers.
1598 		 */
1599 		(void) strlcpy(propbuf, zhp->zfs_name, proplen);
1600 		break;
1601 
1602 	default:
1603 		zfs_baderror(EINVAL);
1604 	}
1605 
1606 	get_source(zhp, src, source, statbuf, statlen);
1607 
1608 	return (0);
1609 }
1610 
1611 /*
1612  * Utility function to get the given numeric property.  Does no validation that
1613  * the given property is the appropriate type; should only be used with
1614  * hard-coded property types.
1615  */
1616 uint64_t
1617 zfs_prop_get_int(zfs_handle_t *zhp, zfs_prop_t prop)
1618 {
1619 	char *source;
1620 	zfs_source_t sourcetype = ZFS_SRC_NONE;
1621 
1622 	return (get_numeric_property(zhp, prop, &sourcetype, &source));
1623 }
1624 
1625 /*
1626  * Similar to zfs_prop_get(), but returns the value as an integer.
1627  */
1628 int
1629 zfs_prop_get_numeric(zfs_handle_t *zhp, zfs_prop_t prop, uint64_t *value,
1630     zfs_source_t *src, char *statbuf, size_t statlen)
1631 {
1632 	char *source;
1633 
1634 	/*
1635 	 * Check to see if this property applies to our object
1636 	 */
1637 	if (!zfs_prop_valid_for_type(prop, zhp->zfs_type))
1638 		return (-1);
1639 
1640 	if (src)
1641 		*src = ZFS_SRC_NONE;
1642 
1643 	*value = get_numeric_property(zhp, prop, src, &source);
1644 
1645 	get_source(zhp, src, source, statbuf, statlen);
1646 
1647 	return (0);
1648 }
1649 
1650 /*
1651  * Returns the name of the given zfs handle.
1652  */
1653 const char *
1654 zfs_get_name(const zfs_handle_t *zhp)
1655 {
1656 	return (zhp->zfs_name);
1657 }
1658 
1659 /*
1660  * Returns the type of the given zfs handle.
1661  */
1662 zfs_type_t
1663 zfs_get_type(const zfs_handle_t *zhp)
1664 {
1665 	return (zhp->zfs_type);
1666 }
1667 
1668 /*
1669  * Iterate over all child filesystems
1670  */
1671 int
1672 zfs_iter_filesystems(zfs_handle_t *zhp, zfs_iter_f func, void *data)
1673 {
1674 	zfs_cmd_t zc = { 0 };
1675 	zfs_handle_t *nzhp;
1676 	int ret;
1677 
1678 	for ((void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1679 	    zfs_ioctl(ZFS_IOC_DATASET_LIST_NEXT, &zc) == 0;
1680 	    (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name))) {
1681 		/*
1682 		 * Ignore private dataset names.
1683 		 */
1684 		if (dataset_name_hidden(zc.zc_name))
1685 			continue;
1686 
1687 		/*
1688 		 * Silently ignore errors, as the only plausible explanation is
1689 		 * that the pool has since been removed.
1690 		 */
1691 		if ((nzhp = make_dataset_handle(zc.zc_name)) == NULL)
1692 			continue;
1693 
1694 		if ((ret = func(nzhp, data)) != 0)
1695 			return (ret);
1696 	}
1697 
1698 	/*
1699 	 * An errno value of ESRCH indicates normal completion.  If ENOENT is
1700 	 * returned, then the underlying dataset has been removed since we
1701 	 * obtained the handle.
1702 	 */
1703 	if (errno != ESRCH && errno != ENOENT)
1704 		zfs_baderror(errno);
1705 
1706 	return (0);
1707 }
1708 
1709 /*
1710  * Iterate over all snapshots
1711  */
1712 int
1713 zfs_iter_snapshots(zfs_handle_t *zhp, zfs_iter_f func, void *data)
1714 {
1715 	zfs_cmd_t zc = { 0 };
1716 	zfs_handle_t *nzhp;
1717 	int ret;
1718 
1719 	for ((void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
1720 	    zfs_ioctl(ZFS_IOC_SNAPSHOT_LIST_NEXT, &zc) == 0;
1721 	    (void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name))) {
1722 
1723 		if ((nzhp = make_dataset_handle(zc.zc_name)) == NULL)
1724 			continue;
1725 
1726 		if ((ret = func(nzhp, data)) != 0)
1727 			return (ret);
1728 	}
1729 
1730 	/*
1731 	 * An errno value of ESRCH indicates normal completion.  If ENOENT is
1732 	 * returned, then the underlying dataset has been removed since we
1733 	 * obtained the handle.  Silently ignore this case, and return success.
1734 	 */
1735 	if (errno != ESRCH && errno != ENOENT)
1736 		zfs_baderror(errno);
1737 
1738 	return (0);
1739 }
1740 
1741 /*
1742  * Iterate over all children, snapshots and filesystems
1743  */
1744 int
1745 zfs_iter_children(zfs_handle_t *zhp, zfs_iter_f func, void *data)
1746 {
1747 	int ret;
1748 
1749 	if ((ret = zfs_iter_filesystems(zhp, func, data)) != 0)
1750 		return (ret);
1751 
1752 	return (zfs_iter_snapshots(zhp, func, data));
1753 }
1754 
1755 /*
1756  * Given a complete name, return just the portion that refers to the parent.
1757  * Can return NULL if this is a pool.
1758  */
1759 static int
1760 parent_name(const char *path, char *buf, size_t buflen)
1761 {
1762 	char *loc;
1763 
1764 	if ((loc = strrchr(path, '/')) == NULL)
1765 		return (-1);
1766 
1767 	(void) strncpy(buf, path, MIN(buflen, loc - path));
1768 	buf[loc - path] = '\0';
1769 
1770 	return (0);
1771 }
1772 
1773 /*
1774  * Checks to make sure that the given path has a parent, and that it exists.
1775  */
1776 static int
1777 check_parents(const char *path, zfs_type_t type)
1778 {
1779 	zfs_cmd_t zc = { 0 };
1780 	char parent[ZFS_MAXNAMELEN];
1781 	char *slash;
1782 	zfs_handle_t *zhp;
1783 
1784 	/* get parent, and check to see if this is just a pool */
1785 	if (parent_name(path, parent, sizeof (parent)) != 0) {
1786 		zfs_error(dgettext(TEXT_DOMAIN,
1787 		    "cannot create '%s': missing dataset name"),
1788 		    path, zfs_type_to_name(type));
1789 		zfs_error(dgettext(TEXT_DOMAIN,
1790 		    "use 'zpool create' to create a storage pool"));
1791 		return (-1);
1792 	}
1793 
1794 	/* check to see if the pool exists */
1795 	if ((slash = strchr(parent, '/')) == NULL)
1796 		slash = parent + strlen(parent);
1797 	(void) strncpy(zc.zc_name, parent, slash - parent);
1798 	zc.zc_name[slash - parent] = '\0';
1799 	if (zfs_ioctl(ZFS_IOC_OBJSET_STATS, &zc) != 0 &&
1800 	    errno == ENOENT) {
1801 		zfs_error(dgettext(TEXT_DOMAIN,
1802 		    "cannot create '%s': no such pool '%s'"), path, zc.zc_name);
1803 		return (-1);
1804 	}
1805 
1806 	/* check to see if the parent dataset exists */
1807 	if ((zhp = make_dataset_handle(parent)) == NULL) {
1808 		switch (errno) {
1809 		case ENOENT:
1810 			zfs_error(dgettext(TEXT_DOMAIN,
1811 			    "cannot create '%s': parent does not exist"), path);
1812 			return (-1);
1813 
1814 		default:
1815 			zfs_baderror(errno);
1816 		}
1817 	}
1818 
1819 	/* we are in a non-global zone, but parent is in the global zone */
1820 	if (getzoneid() != GLOBAL_ZONEID &&
1821 	    !zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) {
1822 		zfs_error(dgettext(TEXT_DOMAIN,
1823 		    "cannot create '%s': permission denied"), path);
1824 		zfs_close(zhp);
1825 		return (-1);
1826 	}
1827 
1828 	/* make sure parent is a filesystem */
1829 	if (zfs_get_type(zhp) != ZFS_TYPE_FILESYSTEM) {
1830 		zfs_error(dgettext(TEXT_DOMAIN,
1831 		    "cannot create '%s': parent is not a filesystem"),
1832 		    path);
1833 		zfs_close(zhp);
1834 		return (-1);
1835 	}
1836 
1837 	zfs_close(zhp);
1838 	return (0);
1839 }
1840 
1841 /*
1842  * Create a new filesystem or volume.  'sizestr' and 'blocksizestr' are used
1843  * only for volumes, and indicate the size and blocksize of the volume.
1844  */
1845 int
1846 zfs_create(const char *path, zfs_type_t type,
1847 	const char *sizestr, const char *blocksizestr)
1848 {
1849 	char reason[64];
1850 	zfs_cmd_t zc = { 0 };
1851 	int ret;
1852 	uint64_t size = 0;
1853 	uint64_t blocksize = zfs_prop_default_numeric(ZFS_PROP_VOLBLOCKSIZE);
1854 
1855 	/* convert sizestr into integer size */
1856 	if (sizestr != NULL && nicestrtonum(sizestr, &size,
1857 	    reason, sizeof (reason)) != 0) {
1858 		zfs_error(dgettext(TEXT_DOMAIN,
1859 		    "bad volume size '%s': %s"), sizestr, reason);
1860 		return (-1);
1861 	}
1862 
1863 	/* convert blocksizestr into integer blocksize */
1864 	if (blocksizestr != NULL && nicestrtonum(blocksizestr, &blocksize,
1865 	    reason, sizeof (reason)) != 0) {
1866 		zfs_error(dgettext(TEXT_DOMAIN,
1867 		    "bad volume blocksize '%s': %s"), blocksizestr, reason);
1868 		return (-1);
1869 	}
1870 
1871 	/* validate the path, taking care to note the extended error message */
1872 	if (!zfs_validate_name(path, type, reason, sizeof (reason))) {
1873 		zfs_error(dgettext(TEXT_DOMAIN,
1874 		    "cannot create '%s': %s in %s name"), path, reason,
1875 		    zfs_type_to_name(type));
1876 		if (strstr(reason, "snapshot") != NULL)
1877 			zfs_error(dgettext(TEXT_DOMAIN,
1878 			    "use 'zfs snapshot' to create a snapshot"));
1879 		return (-1);
1880 	}
1881 
1882 	/* validate parents exist */
1883 	if (check_parents(path, type) != 0)
1884 		return (-1);
1885 
1886 	/*
1887 	 * The failure modes when creating a dataset of a different type over
1888 	 * one that already exists is a little strange.  In particular, if you
1889 	 * try to create a dataset on top of an existing dataset, the ioctl()
1890 	 * will return ENOENT, not EEXIST.  To prevent this from happening, we
1891 	 * first try to see if the dataset exists.
1892 	 */
1893 	(void) strlcpy(zc.zc_name, path, sizeof (zc.zc_name));
1894 	if (zfs_ioctl(ZFS_IOC_OBJSET_STATS, &zc) == 0) {
1895 		zfs_error(dgettext(TEXT_DOMAIN,
1896 		    "cannot create '%s': dataset exists"), path);
1897 		return (-1);
1898 	}
1899 
1900 	if (type == ZFS_TYPE_VOLUME)
1901 		zc.zc_objset_type = DMU_OST_ZVOL;
1902 	else
1903 		zc.zc_objset_type = DMU_OST_ZFS;
1904 
1905 	if (type == ZFS_TYPE_VOLUME) {
1906 		/*
1907 		 * If we are creating a volume, the size and block size must
1908 		 * satisfy a few restraints.  First, the blocksize must be a
1909 		 * valid block size between SPA_{MIN,MAX}BLOCKSIZE.  Second, the
1910 		 * volsize must be a multiple of the block size, and cannot be
1911 		 * zero.
1912 		 */
1913 		if (size == 0) {
1914 			zfs_error(dgettext(TEXT_DOMAIN,
1915 			    "bad volume size '%s': cannot be zero"), sizestr);
1916 			return (-1);
1917 		}
1918 
1919 		if (blocksize < SPA_MINBLOCKSIZE ||
1920 		    blocksize > SPA_MAXBLOCKSIZE || !ISP2(blocksize)) {
1921 			zfs_error(dgettext(TEXT_DOMAIN,
1922 			    "bad volume block size '%s': "
1923 			    "must be power of 2 from %u to %uk"),
1924 			    blocksizestr,
1925 			    (uint_t)SPA_MINBLOCKSIZE,
1926 			    (uint_t)SPA_MAXBLOCKSIZE >> 10);
1927 			return (-1);
1928 		}
1929 
1930 		if (size % blocksize != 0) {
1931 			char buf[64];
1932 			zfs_nicenum(blocksize, buf, sizeof (buf));
1933 			zfs_error(dgettext(TEXT_DOMAIN,
1934 			    "bad volume size '%s': "
1935 			    "must be multiple of volume block size (%s)"),
1936 			    sizestr, buf);
1937 			return (-1);
1938 		}
1939 
1940 		zc.zc_volsize = size;
1941 		zc.zc_volblocksize = blocksize;
1942 	}
1943 
1944 	/* create the dataset */
1945 	ret = zfs_ioctl(ZFS_IOC_CREATE, &zc);
1946 
1947 	if (ret == 0 && type == ZFS_TYPE_VOLUME)
1948 		ret = zvol_create_link(path);
1949 
1950 	/* check for failure */
1951 	if (ret != 0) {
1952 		char parent[ZFS_MAXNAMELEN];
1953 		(void) parent_name(path, parent, sizeof (parent));
1954 
1955 		switch (errno) {
1956 		case ENOENT:
1957 			/*
1958 			 * The parent dataset has been deleted since our
1959 			 * previous check.
1960 			 */
1961 			zfs_error(dgettext(TEXT_DOMAIN,
1962 			    "cannot create '%s': no such parent '%s'"),
1963 			    path, parent);
1964 			break;
1965 
1966 		case EPERM:
1967 			/*
1968 			 * The user doesn't have permission to create a new
1969 			 * dataset here.
1970 			 */
1971 			zfs_error(dgettext(TEXT_DOMAIN,
1972 			    "cannot create '%s': permission denied"), path);
1973 			break;
1974 
1975 		case EDQUOT:
1976 		case ENOSPC:
1977 			/*
1978 			 * The parent dataset does not have enough free space
1979 			 * to create a new dataset.
1980 			 */
1981 			zfs_error(dgettext(TEXT_DOMAIN,
1982 			    "cannot create '%s': not enough space in '%s'"),
1983 			    path, parent);
1984 			break;
1985 
1986 		case EEXIST:
1987 			/*
1988 			 * The target dataset already exists.  We should have
1989 			 * caught this above, but there may be some unexplained
1990 			 * race condition.
1991 			 */
1992 			zfs_error(dgettext(TEXT_DOMAIN,
1993 			    "cannot create '%s': dataset exists"), path);
1994 			break;
1995 
1996 		case EINVAL:
1997 			/*
1998 			 * The target dataset does not support children.
1999 			 */
2000 			zfs_error(dgettext(TEXT_DOMAIN,
2001 			    "cannot create '%s': children unsupported in '%s'"),
2002 			    path, parent);
2003 			break;
2004 
2005 		case EDOM:
2006 			zfs_error(dgettext(TEXT_DOMAIN, "bad %s value '%s': "
2007 			    "must be power of 2 from %u to %uk"),
2008 			    zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
2009 			    blocksizestr ? blocksizestr : "<unknown>",
2010 			    (uint_t)SPA_MINBLOCKSIZE,
2011 			    (uint_t)SPA_MAXBLOCKSIZE >> 10);
2012 			break;
2013 #ifdef _ILP32
2014 		case EOVERFLOW:
2015 			/*
2016 			 * This platform can't address a volume this big.
2017 			 */
2018 			if (type == ZFS_TYPE_VOLUME) {
2019 				zfs_error(dgettext(TEXT_DOMAIN,
2020 				    "cannot create '%s': "
2021 				    "max volume size is 1TB on 32-bit systems"),
2022 				    path);
2023 				break;
2024 			}
2025 #endif
2026 
2027 		default:
2028 			zfs_baderror(errno);
2029 		}
2030 
2031 		return (-1);
2032 	}
2033 
2034 	return (0);
2035 }
2036 
2037 /*
2038  * Destroys the given dataset.  The caller must make sure that the filesystem
2039  * isn't mounted, and that there are no active dependents.
2040  */
2041 int
2042 zfs_destroy(zfs_handle_t *zhp)
2043 {
2044 	zfs_cmd_t zc = { 0 };
2045 	int ret;
2046 
2047 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
2048 
2049 	/*
2050 	 * We use the check for 'zfs_volblocksize' instead of ZFS_TYPE_VOLUME
2051 	 * so that we do the right thing for snapshots of volumes.
2052 	 */
2053 	if (zhp->zfs_volblocksize != 0) {
2054 		if (zvol_remove_link(zhp->zfs_name) != 0)
2055 			return (-1);
2056 
2057 		zc.zc_objset_type = DMU_OST_ZVOL;
2058 	} else {
2059 		zc.zc_objset_type = DMU_OST_ZFS;
2060 	}
2061 
2062 	ret = zfs_ioctl(ZFS_IOC_DESTROY, &zc);
2063 
2064 	if (ret != 0) {
2065 		switch (errno) {
2066 
2067 		case EPERM:
2068 			/*
2069 			 * We don't have permission to destroy this dataset.
2070 			 */
2071 			zfs_error(dgettext(TEXT_DOMAIN,
2072 			    "cannot destroy '%s': permission denied"),
2073 			    zhp->zfs_name);
2074 			break;
2075 
2076 		case ENOENT:
2077 			/*
2078 			 * We've hit a race condition where the dataset has been
2079 			 * destroyed since we opened it.
2080 			 */
2081 			zfs_error(dgettext(TEXT_DOMAIN,
2082 			    "cannot destroy '%s': no such %s"),
2083 			    zhp->zfs_name, zfs_type_to_name(zhp->zfs_type));
2084 			break;
2085 
2086 		case EBUSY:
2087 			/*
2088 			 * Even if we destroy all children, there is a chance we
2089 			 * can hit this case if:
2090 			 *
2091 			 * 	- A child dataset has since been created
2092 			 * 	- A filesystem is mounted
2093 			 *
2094 			 * This error message is awful, but hopefully we've
2095 			 * already caught the common cases (and aborted more
2096 			 * appropriately) before calling this function.  There's
2097 			 * nothing else we can do at this point.
2098 			 */
2099 			zfs_error(dgettext(TEXT_DOMAIN,
2100 			    "cannot destroy '%s': %s is busy"),
2101 			    zhp->zfs_name, zfs_type_to_name(zhp->zfs_type));
2102 			break;
2103 
2104 		default:
2105 			zfs_baderror(errno);
2106 		}
2107 
2108 		return (-1);
2109 	}
2110 
2111 	remove_mountpoint(zhp);
2112 
2113 	return (0);
2114 }
2115 
2116 /*
2117  * Clones the given dataset.  The target must be of the same type as the source.
2118  */
2119 int
2120 zfs_clone(zfs_handle_t *zhp, const char *target)
2121 {
2122 	char reason[64];
2123 	zfs_cmd_t zc = { 0 };
2124 	char parent[ZFS_MAXNAMELEN];
2125 	int ret;
2126 
2127 	assert(zhp->zfs_type == ZFS_TYPE_SNAPSHOT);
2128 
2129 	/* validate the target name */
2130 	if (!zfs_validate_name(target, ZFS_TYPE_FILESYSTEM, reason,
2131 	    sizeof (reason))) {
2132 		zfs_error(dgettext(TEXT_DOMAIN,
2133 		    "cannot create '%s': %s in filesystem name"), target,
2134 		    reason, zfs_type_to_name(ZFS_TYPE_FILESYSTEM));
2135 		return (-1);
2136 	}
2137 
2138 	/* validate parents exist */
2139 	if (check_parents(target, zhp->zfs_type) != 0)
2140 		return (-1);
2141 
2142 	(void) parent_name(target, parent, sizeof (parent));
2143 
2144 	/* do the clone */
2145 	if (zhp->zfs_volblocksize != 0)
2146 		zc.zc_objset_type = DMU_OST_ZVOL;
2147 	else
2148 		zc.zc_objset_type = DMU_OST_ZFS;
2149 
2150 	(void) strlcpy(zc.zc_name, target, sizeof (zc.zc_name));
2151 	(void) strlcpy(zc.zc_filename, zhp->zfs_name, sizeof (zc.zc_filename));
2152 	ret = zfs_ioctl(ZFS_IOC_CREATE, &zc);
2153 
2154 	if (ret != 0) {
2155 		switch (errno) {
2156 		case EPERM:
2157 			/*
2158 			 * The user doesn't have permission to create the clone.
2159 			 */
2160 			zfs_error(dgettext(TEXT_DOMAIN,
2161 			    "cannot create '%s': permission denied"),
2162 			    target);
2163 			break;
2164 
2165 		case ENOENT:
2166 			/*
2167 			 * The parent doesn't exist.  We should have caught this
2168 			 * above, but there may a race condition that has since
2169 			 * destroyed the parent.
2170 			 *
2171 			 * At this point, we don't know whether it's the source
2172 			 * that doesn't exist anymore, or whether the target
2173 			 * dataset doesn't exist.
2174 			 */
2175 			zfs_error(dgettext(TEXT_DOMAIN,
2176 			    "cannot create '%s': no such parent '%s'"),
2177 			    target, parent);
2178 			break;
2179 
2180 		case EDQUOT:
2181 		case ENOSPC:
2182 			/*
2183 			 * There is not enough space in the target dataset
2184 			 */
2185 			zfs_error(dgettext(TEXT_DOMAIN,
2186 			    "cannot create '%s': not enough space in '%s'"),
2187 			    target, parent);
2188 			break;
2189 
2190 		case EEXIST:
2191 			/*
2192 			 * The target already exists.
2193 			 */
2194 			zfs_error(dgettext(TEXT_DOMAIN,
2195 			    "cannot create '%s': dataset exists"), target);
2196 			break;
2197 
2198 		case EXDEV:
2199 			/*
2200 			 * The source and target pools differ.
2201 			 */
2202 			zfs_error(dgettext(TEXT_DOMAIN, "cannot create '%s': "
2203 			    "source and target pools differ"), target);
2204 			break;
2205 
2206 		default:
2207 			zfs_baderror(errno);
2208 		}
2209 	} else if (zhp->zfs_volblocksize != 0) {
2210 		ret = zvol_create_link(target);
2211 	}
2212 
2213 	return (ret);
2214 }
2215 
2216 /*
2217  * Takes a snapshot of the given dataset
2218  */
2219 int
2220 zfs_snapshot(const char *path)
2221 {
2222 	char reason[64];
2223 	const char *delim;
2224 	char *parent;
2225 	zfs_handle_t *zhp;
2226 	zfs_cmd_t zc = { 0 };
2227 	int ret;
2228 
2229 	/* validate the snapshot name */
2230 	if (!zfs_validate_name(path, ZFS_TYPE_SNAPSHOT, reason,
2231 	    sizeof (reason))) {
2232 		zfs_error(dgettext(TEXT_DOMAIN,
2233 		    "cannot snapshot '%s': %s in snapshot name"), path,
2234 		    reason);
2235 		return (-1);
2236 	}
2237 
2238 	/* make sure we have a snapshot */
2239 	if ((delim = strchr(path, '@')) == NULL) {
2240 		zfs_error(dgettext(TEXT_DOMAIN,
2241 		    "cannot snapshot '%s': missing '@' delim in snapshot "
2242 		    "name"), path);
2243 		zfs_error(dgettext(TEXT_DOMAIN,
2244 		    "use 'zfs create' to create a filesystem"));
2245 		return (-1);
2246 	}
2247 
2248 	/* make sure the parent exists and is of the appropriate type */
2249 	parent = zfs_malloc(delim - path + 1);
2250 	(void) strncpy(parent, path, delim - path);
2251 	parent[delim - path] = '\0';
2252 
2253 	if ((zhp = zfs_open(parent, ZFS_TYPE_FILESYSTEM |
2254 	    ZFS_TYPE_VOLUME)) == NULL) {
2255 		free(parent);
2256 		return (-1);
2257 	}
2258 
2259 	(void) strlcpy(zc.zc_name, path, sizeof (zc.zc_name));
2260 
2261 	if (zhp->zfs_type == ZFS_TYPE_VOLUME)
2262 		zc.zc_objset_type = DMU_OST_ZVOL;
2263 	else
2264 		zc.zc_objset_type = DMU_OST_ZFS;
2265 
2266 	ret = zfs_ioctl(ZFS_IOC_CREATE, &zc);
2267 
2268 	if (ret == 0 && zhp->zfs_type == ZFS_TYPE_VOLUME) {
2269 		ret = zvol_create_link(path);
2270 		if (ret != 0)
2271 			(void) zfs_ioctl(ZFS_IOC_DESTROY, &zc);
2272 	}
2273 
2274 	if (ret != 0) {
2275 		switch (errno) {
2276 		case EPERM:
2277 			/*
2278 			 * User doesn't have permission to create a snapshot
2279 			 */
2280 			zfs_error(dgettext(TEXT_DOMAIN, "cannot create '%s': "
2281 			    "permission denied"), path);
2282 			break;
2283 
2284 		case EDQUOT:
2285 		case ENOSPC:
2286 			/*
2287 			 * Out of space in parent.
2288 			 */
2289 			zfs_error(dgettext(TEXT_DOMAIN, "cannot create '%s': "
2290 			    "not enough space in '%s'"), path, parent);
2291 			break;
2292 
2293 		case EEXIST:
2294 			/*
2295 			 * Snapshot already exists.
2296 			 */
2297 			zfs_error(dgettext(TEXT_DOMAIN, "cannot create '%s': "
2298 			    "snapshot exists"), path);
2299 			break;
2300 
2301 		case ENOENT:
2302 			/*
2303 			 * Shouldn't happen because we verified the parent
2304 			 * above.  But there may be a race condition where it
2305 			 * has since been removed.
2306 			 */
2307 			zfs_error(dgettext(TEXT_DOMAIN, "cannot open '%s': "
2308 			    "no such %s"), parent,
2309 			    zfs_type_to_name(zhp->zfs_type));
2310 			break;
2311 
2312 		default:
2313 			zfs_baderror(errno);
2314 		}
2315 	}
2316 
2317 	free(parent);
2318 	zfs_close(zhp);
2319 
2320 	return (ret);
2321 }
2322 
2323 /*
2324  * Dumps a backup of tosnap, incremental from fromsnap if it isn't NULL.
2325  */
2326 int
2327 zfs_send(zfs_handle_t *zhp_to, zfs_handle_t *zhp_from)
2328 {
2329 	zfs_cmd_t zc = { 0 };
2330 	int ret;
2331 
2332 	/* do the ioctl() */
2333 	(void) strlcpy(zc.zc_name, zhp_to->zfs_name, sizeof (zc.zc_name));
2334 	if (zhp_from) {
2335 		(void) strlcpy(zc.zc_prop_value, zhp_from->zfs_name,
2336 		    sizeof (zc.zc_name));
2337 	} else {
2338 		zc.zc_prop_value[0] = '\0';
2339 	}
2340 	zc.zc_cookie = STDOUT_FILENO;
2341 
2342 	ret = zfs_ioctl(ZFS_IOC_SENDBACKUP, &zc);
2343 	if (ret != 0) {
2344 		switch (errno) {
2345 		case EPERM:
2346 			/*
2347 			 * User doesn't have permission to do a send
2348 			 */
2349 			zfs_error(dgettext(TEXT_DOMAIN, "cannot send '%s': "
2350 			    "permission denied"), zhp_to->zfs_name);
2351 			break;
2352 
2353 		case EXDEV:
2354 			zfs_error(dgettext(TEXT_DOMAIN,
2355 			    "cannot send incremental from %s:\n"
2356 			    "it is not an earlier snapshot from the "
2357 			    "same fs as %s"),
2358 			    zhp_from->zfs_name, zhp_to->zfs_name);
2359 			break;
2360 
2361 		case ENOENT:
2362 			/*
2363 			 * Shouldn't happen because we verified the parent
2364 			 * above.  But there may be a race condition where it
2365 			 * has since been removed.
2366 			 */
2367 			zfs_error(dgettext(TEXT_DOMAIN, "cannot open: "
2368 			    "no such snapshot"));
2369 			break;
2370 
2371 		case EDQUOT:
2372 		case EFBIG:
2373 		case EIO:
2374 		case ENOLINK:
2375 		case ENOSPC:
2376 		case ENOSTR:
2377 		case ENXIO:
2378 		case EPIPE:
2379 		case ERANGE:
2380 		case EFAULT:
2381 		case EROFS:
2382 			zfs_error(dgettext(TEXT_DOMAIN,
2383 			    "cannot write stream: %s"),
2384 			    strerror(errno));
2385 			break;
2386 
2387 		case EINTR:
2388 			zfs_error(dgettext(TEXT_DOMAIN,
2389 			    "send failed: signal received"));
2390 			break;
2391 
2392 		default:
2393 			zfs_baderror(errno);
2394 		}
2395 	}
2396 
2397 	return (ret);
2398 }
2399 
2400 /*
2401  * Restores a backup of tosnap from stdin.
2402  */
2403 int
2404 zfs_receive(const char *tosnap, int isprefix, int verbose, int dryrun)
2405 {
2406 	zfs_cmd_t zc = { 0 };
2407 	time_t begin_time;
2408 	int ioctl_err, err, bytes, size;
2409 	char *cp;
2410 	dmu_replay_record_t drr;
2411 	struct drr_begin *drrb = &zc.zc_begin_record;
2412 
2413 	begin_time = time(NULL);
2414 
2415 	/* trim off snapname, if any */
2416 	(void) strcpy(zc.zc_name, tosnap);
2417 	cp = strchr(zc.zc_name, '@');
2418 	if (cp)
2419 		*cp = '\0';
2420 
2421 	/* read in the BEGIN record */
2422 	cp = (char *)&drr;
2423 	bytes = 0;
2424 	do {
2425 		size = read(STDIN_FILENO, cp, sizeof (drr) - bytes);
2426 		cp += size;
2427 		bytes += size;
2428 	} while (size > 0);
2429 
2430 	if (size < 0 || bytes != sizeof (drr)) {
2431 		zfs_error(dgettext(TEXT_DOMAIN,
2432 		    "cannot receive: invalid stream "
2433 		    "(couldn't read first record)"));
2434 		return (-1);
2435 	}
2436 
2437 	zc.zc_begin_record = drr.drr_u.drr_begin;
2438 
2439 	if (drrb->drr_magic != DMU_BACKUP_MAGIC &&
2440 	    drrb->drr_magic != BSWAP_64(DMU_BACKUP_MAGIC)) {
2441 		zfs_error(dgettext(TEXT_DOMAIN,
2442 		    "cannot receive: invalid stream "
2443 		    "(invalid magic number)"));
2444 		return (-1);
2445 	}
2446 
2447 	if (drrb->drr_version != DMU_BACKUP_VERSION &&
2448 	    drrb->drr_version != BSWAP_64(DMU_BACKUP_VERSION)) {
2449 		if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC))
2450 			drrb->drr_version = BSWAP_64(drrb->drr_version);
2451 		zfs_error(dgettext(TEXT_DOMAIN,
2452 		    "cannot receive: only stream version 0x%llx is supported, "
2453 		    "stream is version %llx."),
2454 		    DMU_BACKUP_VERSION, drrb->drr_version);
2455 		return (-1);
2456 	}
2457 
2458 	/*
2459 	 * Determine name of destination snapshot.
2460 	 */
2461 	(void) strcpy(zc.zc_filename, tosnap);
2462 	if (isprefix) {
2463 		if (strchr(tosnap, '@') != NULL) {
2464 			zfs_error(dgettext(TEXT_DOMAIN,
2465 			    "cannot receive: "
2466 			    "argument to -d must be a filesystem"));
2467 			return (-1);
2468 		}
2469 
2470 		cp = strchr(drr.drr_u.drr_begin.drr_toname, '/');
2471 		if (cp == NULL)
2472 			cp = drr.drr_u.drr_begin.drr_toname;
2473 		else
2474 			cp++;
2475 
2476 		(void) strcat(zc.zc_filename, "/");
2477 		(void) strcat(zc.zc_filename, cp);
2478 	} else if (strchr(tosnap, '@') == NULL) {
2479 		/*
2480 		 * they specified just a filesystem; tack on the
2481 		 * snapname from the backup.
2482 		 */
2483 		cp = strchr(drr.drr_u.drr_begin.drr_toname, '@');
2484 		if (cp == NULL || strlen(tosnap) + strlen(cp) >= MAXNAMELEN) {
2485 			zfs_error(dgettext(TEXT_DOMAIN,
2486 			    "cannot receive: invalid snapshot name"));
2487 			return (-1);
2488 		}
2489 		(void) strcat(zc.zc_filename, cp);
2490 	}
2491 
2492 	if (drrb->drr_fromguid) {
2493 		zfs_handle_t *h;
2494 		/* incremental backup stream */
2495 
2496 		/* do the ioctl to the containing fs */
2497 		(void) strcpy(zc.zc_name, zc.zc_filename);
2498 		cp = strchr(zc.zc_name, '@');
2499 		*cp = '\0';
2500 
2501 		/* make sure destination fs exists */
2502 		h = zfs_open(zc.zc_name, ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
2503 		if (h == NULL) {
2504 			zfs_error(dgettext(TEXT_DOMAIN,
2505 			    "cannot receive incrememtal stream: destination\n"
2506 			    "filesystem %s does not exist"),
2507 			    zc.zc_name);
2508 			return (-1);
2509 		}
2510 		if (!dryrun) {
2511 			/* unmount destination fs or remove device link. */
2512 			if (h->zfs_type == ZFS_TYPE_FILESYSTEM) {
2513 				(void) zfs_unmount(h, NULL, 0);
2514 			} else {
2515 				(void) zvol_remove_link(h->zfs_name);
2516 			}
2517 		}
2518 		zfs_close(h);
2519 	} else {
2520 		/* full backup stream */
2521 
2522 		(void) strcpy(zc.zc_name, zc.zc_filename);
2523 
2524 		/* make sure they aren't trying to receive into the root */
2525 		if (strchr(zc.zc_name, '/') == NULL) {
2526 			cp = strchr(zc.zc_name, '@');
2527 			if (cp)
2528 				*cp = '\0';
2529 			zfs_error(dgettext(TEXT_DOMAIN,
2530 			    "cannot receive: destination fs %s already exists"),
2531 			    zc.zc_name);
2532 			return (-1);
2533 		}
2534 
2535 		if (isprefix) {
2536 			zfs_handle_t *h;
2537 
2538 			/* make sure prefix exists */
2539 			h = zfs_open(tosnap, ZFS_TYPE_FILESYSTEM);
2540 			if (h == NULL) {
2541 				zfs_error(dgettext(TEXT_DOMAIN,
2542 				    "cannot receive: "
2543 				    "%s is an invalid destination"),
2544 				    tosnap);
2545 				return (-1);
2546 			}
2547 			zfs_close(h);
2548 
2549 			/* create any necessary ancestors up to prefix */
2550 			zc.zc_objset_type = DMU_OST_ZFS;
2551 
2552 			/*
2553 			 * zc.zc_name is now the full name of the snap
2554 			 * we're restoring into.  Attempt to create,
2555 			 * mount, and share any ancestor filesystems, up
2556 			 * to the one that was named.
2557 			 */
2558 			for (cp = zc.zc_name + strlen(tosnap) + 1;
2559 			    cp = strchr(cp, '/'); *cp = '/', cp++) {
2560 				const char *opname;
2561 				*cp = '\0';
2562 
2563 				opname = "create";
2564 				if (zfs_create(zc.zc_name, ZFS_TYPE_FILESYSTEM,
2565 				    NULL, NULL) != 0) {
2566 					if (errno == EEXIST)
2567 						continue;
2568 					goto ancestorerr;
2569 				}
2570 
2571 				opname = "open";
2572 				h = zfs_open(zc.zc_name, ZFS_TYPE_FILESYSTEM);
2573 				if (h == NULL)
2574 					goto ancestorerr;
2575 
2576 				opname = "mount";
2577 				if (zfs_mount(h, NULL, 0) != 0)
2578 					goto ancestorerr;
2579 
2580 				opname = "share";
2581 				if (zfs_share(h) != 0)
2582 					goto ancestorerr;
2583 
2584 				zfs_close(h);
2585 
2586 				continue;
2587 ancestorerr:
2588 				zfs_error(dgettext(TEXT_DOMAIN,
2589 				    "cannot receive: couldn't %s ancestor %s"),
2590 				    opname, zc.zc_name);
2591 				return (-1);
2592 			}
2593 		}
2594 
2595 		/* Make sure destination fs does not exist */
2596 		cp = strchr(zc.zc_name, '@');
2597 		*cp = '\0';
2598 		if (zfs_ioctl(ZFS_IOC_OBJSET_STATS, &zc) == 0) {
2599 			zfs_error(dgettext(TEXT_DOMAIN,
2600 			    "cannot receive full stream: "
2601 			    "destination filesystem %s already exists"),
2602 			    zc.zc_name);
2603 			return (-1);
2604 		}
2605 
2606 		/* Do the recvbackup ioctl to the fs's parent. */
2607 		cp = strrchr(zc.zc_name, '/');
2608 		*cp = '\0';
2609 	}
2610 
2611 	(void) strcpy(zc.zc_prop_value, tosnap);
2612 	zc.zc_cookie = STDIN_FILENO;
2613 	zc.zc_intsz = isprefix;
2614 	if (verbose) {
2615 		(void) printf("%s %s stream of %s into %s\n",
2616 		    dryrun ? "would receive" : "receiving",
2617 		    drrb->drr_fromguid ? "incremental" : "full",
2618 		    drr.drr_u.drr_begin.drr_toname,
2619 		    zc.zc_filename);
2620 		(void) fflush(stdout);
2621 	}
2622 	if (dryrun)
2623 		return (0);
2624 	err = ioctl_err = zfs_ioctl(ZFS_IOC_RECVBACKUP, &zc);
2625 	if (ioctl_err != 0) {
2626 		switch (errno) {
2627 		case ENODEV:
2628 			zfs_error(dgettext(TEXT_DOMAIN,
2629 			    "cannot receive: "
2630 			    "most recent snapshot does not "
2631 			    "match incremental source"));
2632 			break;
2633 		case ETXTBSY:
2634 			zfs_error(dgettext(TEXT_DOMAIN,
2635 			    "cannot receive: "
2636 			    "destination has been modified since "
2637 			    "most recent snapshot --\n"
2638 			    "use 'zfs rollback' to discard changes"));
2639 			break;
2640 		case EEXIST:
2641 			if (drrb->drr_fromguid == 0) {
2642 				/* it's the containing fs that exists */
2643 				cp = strchr(zc.zc_filename, '@');
2644 				*cp = '\0';
2645 			}
2646 			zfs_error(dgettext(TEXT_DOMAIN,
2647 			    "cannot receive to %s: destination already exists"),
2648 			    zc.zc_filename);
2649 			break;
2650 		case ENOENT:
2651 			zfs_error(dgettext(TEXT_DOMAIN,
2652 			    "cannot receive: destination does not exist"));
2653 			break;
2654 		case EBUSY:
2655 			zfs_error(dgettext(TEXT_DOMAIN,
2656 			    "cannot receive: destination is in use"));
2657 			break;
2658 		case ENOSPC:
2659 			zfs_error(dgettext(TEXT_DOMAIN,
2660 			    "cannot receive: out of space"));
2661 			break;
2662 		case EDQUOT:
2663 			zfs_error(dgettext(TEXT_DOMAIN,
2664 			    "cannot receive: quota exceeded"));
2665 			break;
2666 		case EINTR:
2667 			zfs_error(dgettext(TEXT_DOMAIN,
2668 			    "receive failed: signal received"));
2669 			break;
2670 		case EINVAL:
2671 			zfs_error(dgettext(TEXT_DOMAIN,
2672 			    "cannot receive: invalid stream"));
2673 			break;
2674 		case ECKSUM:
2675 			zfs_error(dgettext(TEXT_DOMAIN,
2676 			    "cannot receive: invalid stream "
2677 			    "(checksum mismatch)"));
2678 			break;
2679 		case EPERM:
2680 			zfs_error(dgettext(TEXT_DOMAIN,
2681 			    "cannot receive: permission denied"));
2682 			break;
2683 		default:
2684 			zfs_baderror(errno);
2685 		}
2686 	}
2687 
2688 	/*
2689 	 * Mount or recreate the /dev links for the target filesystem
2690 	 * (if created, or if we tore them down to do an incremental
2691 	 * restore), and the /dev links for the new snapshot (if
2692 	 * created).
2693 	 */
2694 	cp = strchr(zc.zc_filename, '@');
2695 	if (cp && (ioctl_err == 0 || drrb->drr_fromguid)) {
2696 		zfs_handle_t *h;
2697 
2698 		*cp = '\0';
2699 		h = zfs_open(zc.zc_filename,
2700 		    ZFS_TYPE_FILESYSTEM | ZFS_TYPE_VOLUME);
2701 		*cp = '@';
2702 		if (h) {
2703 			if (h->zfs_type == ZFS_TYPE_FILESYSTEM) {
2704 				err = zfs_mount(h, NULL, 0);
2705 			} else {
2706 				err = zvol_create_link(h->zfs_name);
2707 				if (err == 0 && ioctl_err == 0)
2708 					err = zvol_create_link(zc.zc_filename);
2709 			}
2710 			zfs_close(h);
2711 		}
2712 	}
2713 
2714 	if (err || ioctl_err)
2715 		return (-1);
2716 
2717 	if (verbose) {
2718 		char buf1[64];
2719 		char buf2[64];
2720 		uint64_t bytes = zc.zc_cookie;
2721 		time_t delta = time(NULL) - begin_time;
2722 		if (delta == 0)
2723 			delta = 1;
2724 		zfs_nicenum(bytes, buf1, sizeof (buf1));
2725 		zfs_nicenum(bytes/delta, buf2, sizeof (buf1));
2726 
2727 		(void) printf("received %sb stream in %lu seconds (%sb/sec)\n",
2728 		    buf1, delta, buf2);
2729 	}
2730 	return (0);
2731 }
2732 
2733 /*
2734  * Destroy any more recent snapshots.  We invoke this callback on any dependents
2735  * of the snapshot first.  If the 'cb_dependent' member is non-zero, then this
2736  * is a dependent and we should just destroy it without checking the transaction
2737  * group.
2738  */
2739 typedef struct rollback_data {
2740 	const char	*cb_target;		/* the snapshot */
2741 	uint64_t	cb_create;		/* creation time reference */
2742 	prop_changelist_t *cb_clp;		/* changelist pointer */
2743 	int		cb_error;
2744 	int		cb_dependent;
2745 } rollback_data_t;
2746 
2747 static int
2748 rollback_destroy(zfs_handle_t *zhp, void *data)
2749 {
2750 	rollback_data_t *cbp = data;
2751 
2752 	if (!cbp->cb_dependent) {
2753 		if (strcmp(zhp->zfs_name, cbp->cb_target) != 0 &&
2754 		    zfs_get_type(zhp) == ZFS_TYPE_SNAPSHOT &&
2755 		    zfs_prop_get_int(zhp, ZFS_PROP_CREATETXG) >
2756 		    cbp->cb_create) {
2757 
2758 			cbp->cb_dependent = TRUE;
2759 			(void) zfs_iter_dependents(zhp, rollback_destroy, cbp);
2760 			cbp->cb_dependent = FALSE;
2761 
2762 			if (zfs_destroy(zhp) != 0)
2763 				cbp->cb_error = 1;
2764 			else
2765 				changelist_remove(zhp, cbp->cb_clp);
2766 		}
2767 	} else {
2768 		if (zfs_destroy(zhp) != 0)
2769 			cbp->cb_error = 1;
2770 		else
2771 			changelist_remove(zhp, cbp->cb_clp);
2772 	}
2773 
2774 	zfs_close(zhp);
2775 	return (0);
2776 }
2777 
2778 /*
2779  * Rollback the dataset to its latest snapshot.
2780  */
2781 static int
2782 do_rollback(zfs_handle_t *zhp)
2783 {
2784 	int ret;
2785 	zfs_cmd_t zc = { 0 };
2786 
2787 	assert(zhp->zfs_type == ZFS_TYPE_FILESYSTEM ||
2788 	    zhp->zfs_type == ZFS_TYPE_VOLUME);
2789 
2790 	if (zhp->zfs_type == ZFS_TYPE_VOLUME &&
2791 	    zvol_remove_link(zhp->zfs_name) != 0)
2792 		return (-1);
2793 
2794 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
2795 
2796 	if (zhp->zfs_volblocksize != 0)
2797 		zc.zc_objset_type = DMU_OST_ZVOL;
2798 	else
2799 		zc.zc_objset_type = DMU_OST_ZFS;
2800 
2801 	/*
2802 	 * We rely on the consumer to verify that there are no newer snapshots
2803 	 * for the given dataset.  Given these constraints, we can simply pass
2804 	 * the name on to the ioctl() call.  There is still an unlikely race
2805 	 * condition where the user has taken a snapshot since we verified that
2806 	 * this was the most recent.
2807 	 */
2808 	if ((ret = zfs_ioctl(ZFS_IOC_ROLLBACK, &zc)) != 0) {
2809 		switch (errno) {
2810 		case EPERM:
2811 			/*
2812 			 * The user doesn't have permission to rollback the
2813 			 * given dataset.
2814 			 */
2815 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rollback '%s': "
2816 			    "permission denied"), zhp->zfs_name);
2817 			break;
2818 
2819 		case EDQUOT:
2820 		case ENOSPC:
2821 			/*
2822 			 * The parent dataset doesn't have enough space to
2823 			 * rollback to the last snapshot.
2824 			 */
2825 			{
2826 				char parent[ZFS_MAXNAMELEN];
2827 				(void) parent_name(zhp->zfs_name, parent,
2828 				    sizeof (parent));
2829 				zfs_error(dgettext(TEXT_DOMAIN, "cannot "
2830 				    "rollback '%s': out of space"), parent);
2831 			}
2832 			break;
2833 
2834 		case ENOENT:
2835 			/*
2836 			 * The dataset doesn't exist.  This shouldn't happen
2837 			 * except in race conditions.
2838 			 */
2839 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rollback '%s': "
2840 			    "no such %s"), zhp->zfs_name,
2841 			    zfs_type_to_name(zhp->zfs_type));
2842 			break;
2843 
2844 		case EBUSY:
2845 			/*
2846 			 * The filesystem is busy.  This should have been caught
2847 			 * by the caller before getting here, but there may be
2848 			 * an unexpected problem.
2849 			 */
2850 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rollback '%s': "
2851 			    "%s is busy"), zhp->zfs_name,
2852 			    zfs_type_to_name(zhp->zfs_type));
2853 			break;
2854 
2855 		default:
2856 			zfs_baderror(errno);
2857 		}
2858 	} else if (zhp->zfs_type == ZFS_TYPE_VOLUME) {
2859 		ret = zvol_create_link(zhp->zfs_name);
2860 	}
2861 
2862 	return (ret);
2863 }
2864 
2865 /*
2866  * Given a dataset, rollback to a specific snapshot, discarding any
2867  * data changes since then and making it the active dataset.
2868  *
2869  * Any snapshots more recent than the target are destroyed, along with
2870  * their dependents.
2871  */
2872 int
2873 zfs_rollback(zfs_handle_t *zhp, zfs_handle_t *snap, int flag)
2874 {
2875 	int ret;
2876 	rollback_data_t cb = { 0 };
2877 	prop_changelist_t *clp;
2878 
2879 	/*
2880 	 * Unmount all dependendents of the dataset and the dataset itself.
2881 	 * The list we need to gather is the same as for doing rename
2882 	 */
2883 	clp = changelist_gather(zhp, ZFS_PROP_NAME, flag ? MS_FORCE: 0);
2884 	if (clp == NULL)
2885 		return (-1);
2886 
2887 	if ((ret = changelist_prefix(clp)) != 0)
2888 		goto out;
2889 
2890 	/*
2891 	 * Destroy all recent snapshots and its dependends.
2892 	 */
2893 	cb.cb_target = snap->zfs_name;
2894 	cb.cb_create = zfs_prop_get_int(snap, ZFS_PROP_CREATETXG);
2895 	cb.cb_clp = clp;
2896 	(void) zfs_iter_children(zhp, rollback_destroy, &cb);
2897 
2898 	if ((ret = cb.cb_error) != 0) {
2899 		(void) changelist_postfix(clp);
2900 		goto out;
2901 	}
2902 
2903 	/*
2904 	 * Now that we have verified that the snapshot is the latest,
2905 	 * rollback to the given snapshot.
2906 	 */
2907 	ret = do_rollback(zhp);
2908 
2909 	if (ret != 0) {
2910 		(void) changelist_postfix(clp);
2911 		goto out;
2912 	}
2913 
2914 	/*
2915 	 * We only want to re-mount the filesystem if it was mounted in the
2916 	 * first place.
2917 	 */
2918 	ret = changelist_postfix(clp);
2919 
2920 out:
2921 	changelist_free(clp);
2922 	return (ret);
2923 }
2924 
2925 /*
2926  * Iterate over all dependents for a given dataset.  This includes both
2927  * hierarchical dependents (children) and data dependents (snapshots and
2928  * clones).  The bulk of the processing occurs in get_dependents() in
2929  * libzfs_graph.c.
2930  */
2931 int
2932 zfs_iter_dependents(zfs_handle_t *zhp, zfs_iter_f func, void *data)
2933 {
2934 	char **dependents;
2935 	size_t count;
2936 	int i;
2937 	zfs_handle_t *child;
2938 	int ret = 0;
2939 
2940 	dependents = get_dependents(zhp->zfs_name, &count);
2941 	for (i = 0; i < count; i++) {
2942 		if ((child = make_dataset_handle(dependents[i])) == NULL)
2943 			continue;
2944 
2945 		if ((ret = func(child, data)) != 0)
2946 			break;
2947 	}
2948 
2949 	for (i = 0; i < count; i++)
2950 		free(dependents[i]);
2951 	free(dependents);
2952 
2953 	return (ret);
2954 }
2955 
2956 /*
2957  * Renames the given dataset.
2958  */
2959 int
2960 zfs_rename(zfs_handle_t *zhp, const char *target)
2961 {
2962 	int ret;
2963 	zfs_cmd_t zc = { 0 };
2964 	char reason[64];
2965 	char *delim;
2966 	prop_changelist_t *cl;
2967 	char parent[ZFS_MAXNAMELEN];
2968 
2969 	(void) strlcpy(zc.zc_name, zhp->zfs_name, sizeof (zc.zc_name));
2970 	(void) strlcpy(zc.zc_prop_value, target, sizeof (zc.zc_prop_value));
2971 
2972 	/* if we have the same exact name, just return success */
2973 	if (strcmp(zhp->zfs_name, target) == 0)
2974 		return (0);
2975 
2976 	/*
2977 	 * Make sure the target name is valid
2978 	 */
2979 	if (!zfs_validate_name(target, zhp->zfs_type, reason,
2980 	    sizeof (reason))) {
2981 		zfs_error(dgettext(TEXT_DOMAIN,
2982 		    "cannot create '%s': %s in %s name"), target, reason,
2983 		    zfs_type_to_name(zhp->zfs_type));
2984 		return (-1);
2985 	}
2986 
2987 	if (zhp->zfs_type == ZFS_TYPE_SNAPSHOT) {
2988 		if ((delim = strchr(target, '@')) == NULL) {
2989 			zfs_error(dgettext(TEXT_DOMAIN,
2990 			    "cannot rename to '%s': not a snapshot"), target);
2991 			return (-1);
2992 		}
2993 
2994 		/*
2995 		 * Make sure we're renaming within the same dataset.
2996 		 */
2997 		if (strncmp(zhp->zfs_name, target, delim - target) != 0 ||
2998 		    zhp->zfs_name[delim - target] != '@') {
2999 			zfs_error(dgettext(TEXT_DOMAIN,
3000 			    "cannot rename to '%s': snapshots must be part "
3001 			    "of same dataset"), target);
3002 			return (-1);
3003 		}
3004 
3005 		(void) strncpy(parent, target, delim - target);
3006 		parent[delim - target] = '\0';
3007 	} else {
3008 		/* validate parents */
3009 		if (check_parents(target, zhp->zfs_type) != 0)
3010 			return (-1);
3011 
3012 		(void) parent_name(target, parent, sizeof (parent));
3013 
3014 		/* make sure we're in the same pool */
3015 		verify((delim = strchr(target, '/')) != NULL);
3016 		if (strncmp(zhp->zfs_name, target, delim - target) != 0 ||
3017 		    zhp->zfs_name[delim - target] != '/') {
3018 			zfs_error(dgettext(TEXT_DOMAIN,
3019 			    "cannot rename to '%s': "
3020 			    "datasets must be within same pool"), target);
3021 			return (-1);
3022 		}
3023 	}
3024 
3025 	if (getzoneid() == GLOBAL_ZONEID &&
3026 	    zfs_prop_get_int(zhp, ZFS_PROP_ZONED)) {
3027 		zfs_error(dgettext(TEXT_DOMAIN, "cannot rename %s, "
3028 		    "dataset is used in a non-global zone"), zhp->zfs_name);
3029 		return (-1);
3030 	}
3031 
3032 	if ((cl = changelist_gather(zhp, ZFS_PROP_NAME, 0)) == NULL)
3033 		return (1);
3034 
3035 	if (changelist_haszonedchild(cl)) {
3036 		zfs_error(dgettext(TEXT_DOMAIN,
3037 		    "cannot rename '%s': child dataset with inherited "
3038 		    "mountpoint is used in a non-global zone"), zhp->zfs_name);
3039 		ret = -1;
3040 		goto error;
3041 	}
3042 
3043 	if ((ret = changelist_prefix(cl)) != 0)
3044 		goto error;
3045 
3046 	if (zhp->zfs_volblocksize != 0)
3047 		zc.zc_objset_type = DMU_OST_ZVOL;
3048 	else
3049 		zc.zc_objset_type = DMU_OST_ZFS;
3050 
3051 	if ((ret = zfs_ioctl(ZFS_IOC_RENAME, &zc)) != 0) {
3052 		switch (errno) {
3053 		case EPERM:
3054 			/*
3055 			 * The user doesn't have permission to rename the
3056 			 * given dataset.
3057 			 */
3058 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rename '%s': "
3059 			    "permission denied"), zhp->zfs_name);
3060 			break;
3061 
3062 		case EDQUOT:
3063 		case ENOSPC:
3064 			/*
3065 			 * Not enough space in the parent dataset.
3066 			 */
3067 			zfs_error(dgettext(TEXT_DOMAIN, "cannot "
3068 			    "rename '%s': not enough space in '%s'"),
3069 			    zhp->zfs_name, parent);
3070 			break;
3071 
3072 		case ENOENT:
3073 			/*
3074 			 * The destination doesn't exist.
3075 			 */
3076 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rename '%s' "
3077 			    "to '%s': destination doesn't exist"),
3078 			    zhp->zfs_name, target);
3079 			break;
3080 
3081 		case EEXIST:
3082 			/*
3083 			 * The destination already exists.
3084 			 */
3085 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rename '%s' "
3086 			    "to '%s': destination already exists"),
3087 			    zhp->zfs_name, target);
3088 			break;
3089 
3090 		case EBUSY:
3091 			/*
3092 			 * The filesystem is busy.  This should have been caught
3093 			 * by the caller before getting here, but there may be
3094 			 * an unexpected problem.
3095 			 */
3096 			zfs_error(dgettext(TEXT_DOMAIN, "cannot rename '%s': "
3097 			    "%s is busy"), zhp->zfs_name,
3098 			    zfs_type_to_name(zhp->zfs_type));
3099 			break;
3100 
3101 		default:
3102 			zfs_baderror(errno);
3103 		}
3104 
3105 		/*
3106 		 * On failure, we still want to remount any filesystems that
3107 		 * were previously mounted, so we don't alter the system state.
3108 		 */
3109 		(void) changelist_postfix(cl);
3110 	} else {
3111 		changelist_rename(cl, zfs_get_name(zhp), target);
3112 
3113 		ret = changelist_postfix(cl);
3114 	}
3115 
3116 error:
3117 	changelist_free(cl);
3118 	return (ret);
3119 }
3120 
3121 /*
3122  * Given a zvol dataset, issue the ioctl to create the appropriate minor node,
3123  * poke devfsadm to create the /dev link, and then wait for the link to appear.
3124  */
3125 int
3126 zvol_create_link(const char *dataset)
3127 {
3128 	zfs_cmd_t zc = { 0 };
3129 	di_devlink_handle_t hdl;
3130 
3131 	(void) strlcpy(zc.zc_name, dataset, sizeof (zc.zc_name));
3132 
3133 	/*
3134 	 * Issue the appropriate ioctl.
3135 	 */
3136 	if (zfs_ioctl(ZFS_IOC_CREATE_MINOR, &zc) != 0) {
3137 		switch (errno) {
3138 		case EPERM:
3139 			zfs_error(dgettext(TEXT_DOMAIN, "cannot create "
3140 			    "device links for '%s': permission denied"),
3141 			    dataset);
3142 			break;
3143 
3144 		case EEXIST:
3145 			/*
3146 			 * Silently ignore the case where the link already
3147 			 * exists.  This allows 'zfs volinit' to be run multiple
3148 			 * times without errors.
3149 			 */
3150 			return (0);
3151 
3152 		default:
3153 			zfs_baderror(errno);
3154 		}
3155 
3156 		return (-1);
3157 	}
3158 
3159 	/*
3160 	 * Call devfsadm and wait for the links to magically appear.
3161 	 */
3162 	if ((hdl = di_devlink_init(ZFS_DRIVER, DI_MAKE_LINK)) == NULL) {
3163 		zfs_error(dgettext(TEXT_DOMAIN,
3164 		    "cannot create device links for '%s'"), dataset);
3165 		(void) zfs_ioctl(ZFS_IOC_REMOVE_MINOR, &zc);
3166 		return (-1);
3167 	} else {
3168 		(void) di_devlink_fini(&hdl);
3169 	}
3170 
3171 	return (0);
3172 }
3173 
3174 /*
3175  * Remove a minor node for the given zvol and the associated /dev links.
3176  */
3177 int
3178 zvol_remove_link(const char *dataset)
3179 {
3180 	zfs_cmd_t zc = { 0 };
3181 
3182 	(void) strlcpy(zc.zc_name, dataset, sizeof (zc.zc_name));
3183 
3184 	if (zfs_ioctl(ZFS_IOC_REMOVE_MINOR, &zc) != 0) {
3185 		switch (errno) {
3186 		case EPERM:
3187 			zfs_error(dgettext(TEXT_DOMAIN, "cannot remove "
3188 			    "device links for '%s': permission denied"),
3189 			    dataset);
3190 			break;
3191 
3192 		case EBUSY:
3193 			zfs_error(dgettext(TEXT_DOMAIN, "cannot remove "
3194 			    "device links for '%s': volume is in use"),
3195 			    dataset);
3196 			break;
3197 
3198 		case ENXIO:
3199 			/*
3200 			 * Silently ignore the case where the link no longer
3201 			 * exists, so that 'zfs volfini' can be run multiple
3202 			 * times without errors.
3203 			 */
3204 			return (0);
3205 
3206 		default:
3207 			zfs_baderror(errno);
3208 		}
3209 
3210 		return (-1);
3211 	}
3212 
3213 	return (0);
3214 }
3215