1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2007 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 #include <sys/types.h> 29 #include <sys/param.h> 30 #include <sys/errno.h> 31 #include <sys/uio.h> 32 #include <sys/buf.h> 33 #include <sys/modctl.h> 34 #include <sys/open.h> 35 #include <sys/file.h> 36 #include <sys/kmem.h> 37 #include <sys/conf.h> 38 #include <sys/cmn_err.h> 39 #include <sys/stat.h> 40 #include <sys/zfs_ioctl.h> 41 #include <sys/zap.h> 42 #include <sys/spa.h> 43 #include <sys/spa_impl.h> 44 #include <sys/vdev.h> 45 #include <sys/vdev_impl.h> 46 #include <sys/dmu.h> 47 #include <sys/dsl_dir.h> 48 #include <sys/dsl_dataset.h> 49 #include <sys/dsl_prop.h> 50 #include <sys/dsl_deleg.h> 51 #include <sys/dmu_objset.h> 52 #include <sys/ddi.h> 53 #include <sys/sunddi.h> 54 #include <sys/sunldi.h> 55 #include <sys/policy.h> 56 #include <sys/zone.h> 57 #include <sys/nvpair.h> 58 #include <sys/pathname.h> 59 #include <sys/mount.h> 60 #include <sys/sdt.h> 61 #include <sys/fs/zfs.h> 62 #include <sys/zfs_ctldir.h> 63 #include <sys/zvol.h> 64 #include <sharefs/share.h> 65 #include <sys/zfs_znode.h> 66 #include <sys/zfs_vfsops.h> 67 #include <sys/dmu_objset.h> 68 69 #include "zfs_namecheck.h" 70 #include "zfs_prop.h" 71 #include "zfs_deleg.h" 72 73 extern struct modlfs zfs_modlfs; 74 75 extern void zfs_init(void); 76 extern void zfs_fini(void); 77 78 ldi_ident_t zfs_li = NULL; 79 dev_info_t *zfs_dip; 80 81 typedef int zfs_ioc_func_t(zfs_cmd_t *); 82 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, cred_t *); 83 84 typedef struct zfs_ioc_vec { 85 zfs_ioc_func_t *zvec_func; 86 zfs_secpolicy_func_t *zvec_secpolicy; 87 enum { 88 NO_NAME, 89 POOL_NAME, 90 DATASET_NAME 91 } zvec_namecheck; 92 boolean_t zvec_his_log; 93 } zfs_ioc_vec_t; 94 95 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */ 96 void 97 __dprintf(const char *file, const char *func, int line, const char *fmt, ...) 98 { 99 const char *newfile; 100 char buf[256]; 101 va_list adx; 102 103 /* 104 * Get rid of annoying "../common/" prefix to filename. 105 */ 106 newfile = strrchr(file, '/'); 107 if (newfile != NULL) { 108 newfile = newfile + 1; /* Get rid of leading / */ 109 } else { 110 newfile = file; 111 } 112 113 va_start(adx, fmt); 114 (void) vsnprintf(buf, sizeof (buf), fmt, adx); 115 va_end(adx); 116 117 /* 118 * To get this data, use the zfs-dprintf probe as so: 119 * dtrace -q -n 'zfs-dprintf \ 120 * /stringof(arg0) == "dbuf.c"/ \ 121 * {printf("%s: %s", stringof(arg1), stringof(arg3))}' 122 * arg0 = file name 123 * arg1 = function name 124 * arg2 = line number 125 * arg3 = message 126 */ 127 DTRACE_PROBE4(zfs__dprintf, 128 char *, newfile, char *, func, int, line, char *, buf); 129 } 130 131 static void 132 history_str_free(char *buf) 133 { 134 kmem_free(buf, HIS_MAX_RECORD_LEN); 135 } 136 137 static char * 138 history_str_get(zfs_cmd_t *zc) 139 { 140 char *buf; 141 142 if (zc->zc_history == NULL) 143 return (NULL); 144 145 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP); 146 if (copyinstr((void *)(uintptr_t)zc->zc_history, 147 buf, HIS_MAX_RECORD_LEN, NULL) != 0) { 148 history_str_free(buf); 149 return (NULL); 150 } 151 152 buf[HIS_MAX_RECORD_LEN -1] = '\0'; 153 154 return (buf); 155 } 156 157 static void 158 zfs_log_history(zfs_cmd_t *zc) 159 { 160 spa_t *spa; 161 char *buf; 162 163 if ((buf = history_str_get(zc)) == NULL) 164 return; 165 166 if (spa_open(zc->zc_name, &spa, FTAG) == 0) { 167 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY) 168 (void) spa_history_log(spa, buf, LOG_CMD_NORMAL); 169 spa_close(spa, FTAG); 170 } 171 history_str_free(buf); 172 } 173 174 /* 175 * Policy for top-level read operations (list pools). Requires no privileges, 176 * and can be used in the local zone, as there is no associated dataset. 177 */ 178 /* ARGSUSED */ 179 static int 180 zfs_secpolicy_none(zfs_cmd_t *zc, cred_t *cr) 181 { 182 return (0); 183 } 184 185 /* 186 * Policy for dataset read operations (list children, get statistics). Requires 187 * no privileges, but must be visible in the local zone. 188 */ 189 /* ARGSUSED */ 190 static int 191 zfs_secpolicy_read(zfs_cmd_t *zc, cred_t *cr) 192 { 193 if (INGLOBALZONE(curproc) || 194 zone_dataset_visible(zc->zc_name, NULL)) 195 return (0); 196 197 return (ENOENT); 198 } 199 200 static int 201 zfs_dozonecheck(const char *dataset, cred_t *cr) 202 { 203 uint64_t zoned; 204 int writable = 1; 205 206 /* 207 * The dataset must be visible by this zone -- check this first 208 * so they don't see EPERM on something they shouldn't know about. 209 */ 210 if (!INGLOBALZONE(curproc) && 211 !zone_dataset_visible(dataset, &writable)) 212 return (ENOENT); 213 214 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL)) 215 return (ENOENT); 216 217 if (INGLOBALZONE(curproc)) { 218 /* 219 * If the fs is zoned, only root can access it from the 220 * global zone. 221 */ 222 if (secpolicy_zfs(cr) && zoned) 223 return (EPERM); 224 } else { 225 /* 226 * If we are in a local zone, the 'zoned' property must be set. 227 */ 228 if (!zoned) 229 return (EPERM); 230 231 /* must be writable by this zone */ 232 if (!writable) 233 return (EPERM); 234 } 235 return (0); 236 } 237 238 int 239 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr) 240 { 241 int error; 242 243 error = zfs_dozonecheck(name, cr); 244 if (error == 0) { 245 error = secpolicy_zfs(cr); 246 if (error) 247 error = dsl_deleg_access(name, perm, cr); 248 } 249 return (error); 250 } 251 252 static int 253 zfs_secpolicy_setprop(const char *name, zfs_prop_t prop, cred_t *cr) 254 { 255 /* 256 * Check permissions for special properties. 257 */ 258 switch (prop) { 259 case ZFS_PROP_ZONED: 260 /* 261 * Disallow setting of 'zoned' from within a local zone. 262 */ 263 if (!INGLOBALZONE(curproc)) 264 return (EPERM); 265 break; 266 267 case ZFS_PROP_QUOTA: 268 if (!INGLOBALZONE(curproc)) { 269 uint64_t zoned; 270 char setpoint[MAXNAMELEN]; 271 /* 272 * Unprivileged users are allowed to modify the 273 * quota on things *under* (ie. contained by) 274 * the thing they own. 275 */ 276 if (dsl_prop_get_integer(name, "zoned", &zoned, 277 setpoint)) 278 return (EPERM); 279 if (!zoned || strlen(name) <= strlen(setpoint)) 280 return (EPERM); 281 } 282 break; 283 } 284 285 return (zfs_secpolicy_write_perms(name, zfs_prop_to_name(prop), cr)); 286 } 287 288 int 289 zfs_secpolicy_fsacl(zfs_cmd_t *zc, cred_t *cr) 290 { 291 int error; 292 293 error = zfs_dozonecheck(zc->zc_name, cr); 294 if (error) 295 return (error); 296 297 /* 298 * permission to set permissions will be evaluated later in 299 * dsl_deleg_can_allow() 300 */ 301 return (0); 302 } 303 304 int 305 zfs_secpolicy_rollback(zfs_cmd_t *zc, cred_t *cr) 306 { 307 int error; 308 error = zfs_secpolicy_write_perms(zc->zc_name, 309 ZFS_DELEG_PERM_ROLLBACK, cr); 310 if (error == 0) 311 error = zfs_secpolicy_write_perms(zc->zc_name, 312 ZFS_DELEG_PERM_MOUNT, cr); 313 return (error); 314 } 315 316 int 317 zfs_secpolicy_send(zfs_cmd_t *zc, cred_t *cr) 318 { 319 return (zfs_secpolicy_write_perms(zc->zc_name, 320 ZFS_DELEG_PERM_SEND, cr)); 321 } 322 323 int 324 zfs_secpolicy_share(zfs_cmd_t *zc, cred_t *cr) 325 { 326 if (!INGLOBALZONE(curproc)) 327 return (EPERM); 328 329 if (secpolicy_nfs(CRED()) == 0) { 330 return (0); 331 } else { 332 vnode_t *vp; 333 int error; 334 335 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE, 336 NO_FOLLOW, NULL, &vp)) != 0) 337 return (error); 338 339 /* Now make sure mntpnt and dataset are ZFS */ 340 341 if (vp->v_vfsp->vfs_fstype != zfsfstype || 342 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource), 343 zc->zc_name) != 0)) { 344 VN_RELE(vp); 345 return (EPERM); 346 } 347 348 VN_RELE(vp); 349 return (dsl_deleg_access(zc->zc_name, 350 ZFS_DELEG_PERM_SHARE, cr)); 351 } 352 } 353 354 static int 355 zfs_get_parent(const char *datasetname, char *parent, int parentsize) 356 { 357 char *cp; 358 359 /* 360 * Remove the @bla or /bla from the end of the name to get the parent. 361 */ 362 (void) strncpy(parent, datasetname, parentsize); 363 cp = strrchr(parent, '@'); 364 if (cp != NULL) { 365 cp[0] = '\0'; 366 } else { 367 cp = strrchr(parent, '/'); 368 if (cp == NULL) 369 return (ENOENT); 370 cp[0] = '\0'; 371 } 372 373 return (0); 374 } 375 376 int 377 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr) 378 { 379 int error; 380 381 if ((error = zfs_secpolicy_write_perms(name, 382 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 383 return (error); 384 385 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr)); 386 } 387 388 static int 389 zfs_secpolicy_destroy(zfs_cmd_t *zc, cred_t *cr) 390 { 391 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr)); 392 } 393 394 /* 395 * Must have sys_config privilege to check the iscsi permission 396 */ 397 /* ARGSUSED */ 398 static int 399 zfs_secpolicy_iscsi(zfs_cmd_t *zc, cred_t *cr) 400 { 401 return (secpolicy_zfs(cr)); 402 } 403 404 int 405 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr) 406 { 407 char parentname[MAXNAMELEN]; 408 int error; 409 410 if ((error = zfs_secpolicy_write_perms(from, 411 ZFS_DELEG_PERM_RENAME, cr)) != 0) 412 return (error); 413 414 if ((error = zfs_secpolicy_write_perms(from, 415 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 416 return (error); 417 418 if ((error = zfs_get_parent(to, parentname, 419 sizeof (parentname))) != 0) 420 return (error); 421 422 if ((error = zfs_secpolicy_write_perms(parentname, 423 ZFS_DELEG_PERM_CREATE, cr)) != 0) 424 return (error); 425 426 if ((error = zfs_secpolicy_write_perms(parentname, 427 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 428 return (error); 429 430 return (error); 431 } 432 433 static int 434 zfs_secpolicy_rename(zfs_cmd_t *zc, cred_t *cr) 435 { 436 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr)); 437 } 438 439 static int 440 zfs_secpolicy_promote(zfs_cmd_t *zc, cred_t *cr) 441 { 442 char parentname[MAXNAMELEN]; 443 objset_t *clone; 444 int error; 445 446 error = zfs_secpolicy_write_perms(zc->zc_name, 447 ZFS_DELEG_PERM_PROMOTE, cr); 448 if (error) 449 return (error); 450 451 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 452 DS_MODE_STANDARD | DS_MODE_READONLY, &clone); 453 454 if (error == 0) { 455 dsl_dataset_t *pclone = NULL; 456 dsl_dir_t *dd; 457 dd = clone->os->os_dsl_dataset->ds_dir; 458 459 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER); 460 error = dsl_dataset_open_obj(dd->dd_pool, 461 dd->dd_phys->dd_clone_parent_obj, NULL, 462 DS_MODE_NONE, FTAG, &pclone); 463 rw_exit(&dd->dd_pool->dp_config_rwlock); 464 if (error) { 465 dmu_objset_close(clone); 466 return (error); 467 } 468 469 error = zfs_secpolicy_write_perms(zc->zc_name, 470 ZFS_DELEG_PERM_MOUNT, cr); 471 472 dsl_dataset_name(pclone, parentname); 473 dmu_objset_close(clone); 474 dsl_dataset_close(pclone, DS_MODE_NONE, FTAG); 475 if (error == 0) 476 error = zfs_secpolicy_write_perms(parentname, 477 ZFS_DELEG_PERM_PROMOTE, cr); 478 } 479 return (error); 480 } 481 482 static int 483 zfs_secpolicy_receive(zfs_cmd_t *zc, cred_t *cr) 484 { 485 int error; 486 487 if ((error = zfs_secpolicy_write_perms(zc->zc_name, 488 ZFS_DELEG_PERM_RECEIVE, cr)) != 0) 489 return (error); 490 491 if ((error = zfs_secpolicy_write_perms(zc->zc_name, 492 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 493 return (error); 494 495 return (zfs_secpolicy_write_perms(zc->zc_name, 496 ZFS_DELEG_PERM_CREATE, cr)); 497 } 498 499 int 500 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr) 501 { 502 int error; 503 504 if ((error = zfs_secpolicy_write_perms(name, 505 ZFS_DELEG_PERM_SNAPSHOT, cr)) != 0) 506 return (error); 507 508 error = zfs_secpolicy_write_perms(name, 509 ZFS_DELEG_PERM_MOUNT, cr); 510 511 return (error); 512 } 513 514 static int 515 zfs_secpolicy_snapshot(zfs_cmd_t *zc, cred_t *cr) 516 { 517 518 return (zfs_secpolicy_snapshot_perms(zc->zc_name, cr)); 519 } 520 521 static int 522 zfs_secpolicy_create(zfs_cmd_t *zc, cred_t *cr) 523 { 524 char parentname[MAXNAMELEN]; 525 int error; 526 527 if ((error = zfs_get_parent(zc->zc_name, parentname, 528 sizeof (parentname))) != 0) 529 return (error); 530 531 if (zc->zc_value[0] != '\0') { 532 if ((error = zfs_secpolicy_write_perms(zc->zc_value, 533 ZFS_DELEG_PERM_CLONE, cr)) != 0) 534 return (error); 535 } 536 537 if ((error = zfs_secpolicy_write_perms(parentname, 538 ZFS_DELEG_PERM_CREATE, cr)) != 0) 539 return (error); 540 541 error = zfs_secpolicy_write_perms(parentname, 542 ZFS_DELEG_PERM_MOUNT, cr); 543 544 return (error); 545 } 546 547 static int 548 zfs_secpolicy_umount(zfs_cmd_t *zc, cred_t *cr) 549 { 550 int error; 551 552 error = secpolicy_fs_unmount(cr, NULL); 553 if (error) { 554 error = dsl_deleg_access(zc->zc_name, ZFS_DELEG_PERM_MOUNT, cr); 555 } 556 return (error); 557 } 558 559 /* 560 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires 561 * SYS_CONFIG privilege, which is not available in a local zone. 562 */ 563 /* ARGSUSED */ 564 static int 565 zfs_secpolicy_config(zfs_cmd_t *zc, cred_t *cr) 566 { 567 if (secpolicy_sys_config(cr, B_FALSE) != 0) 568 return (EPERM); 569 570 return (0); 571 } 572 573 /* 574 * Just like zfs_secpolicy_config, except that we will check for 575 * mount permission on the dataset for permission to create/remove 576 * the minor nodes. 577 */ 578 static int 579 zfs_secpolicy_minor(zfs_cmd_t *zc, cred_t *cr) 580 { 581 if (secpolicy_sys_config(cr, B_FALSE) != 0) { 582 return (dsl_deleg_access(zc->zc_name, 583 ZFS_DELEG_PERM_MOUNT, cr)); 584 } 585 586 return (0); 587 } 588 589 /* 590 * Policy for fault injection. Requires all privileges. 591 */ 592 /* ARGSUSED */ 593 static int 594 zfs_secpolicy_inject(zfs_cmd_t *zc, cred_t *cr) 595 { 596 return (secpolicy_zinject(cr)); 597 } 598 599 static int 600 zfs_secpolicy_inherit(zfs_cmd_t *zc, cred_t *cr) 601 { 602 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value); 603 604 if (prop == ZPROP_INVAL) { 605 if (!zfs_prop_user(zc->zc_value)) 606 return (EINVAL); 607 return (zfs_secpolicy_write_perms(zc->zc_name, 608 ZFS_DELEG_PERM_USERPROP, cr)); 609 } else { 610 if (!zfs_prop_inheritable(prop)) 611 return (EINVAL); 612 return (zfs_secpolicy_setprop(zc->zc_name, prop, cr)); 613 } 614 } 615 616 /* 617 * Returns the nvlist as specified by the user in the zfs_cmd_t. 618 */ 619 static int 620 get_nvlist(uint64_t nvl, uint64_t size, nvlist_t **nvp) 621 { 622 char *packed; 623 int error; 624 nvlist_t *list = NULL; 625 626 /* 627 * Read in and unpack the user-supplied nvlist. 628 */ 629 if (size == 0) 630 return (EINVAL); 631 632 packed = kmem_alloc(size, KM_SLEEP); 633 634 if ((error = xcopyin((void *)(uintptr_t)nvl, packed, size)) != 0) { 635 kmem_free(packed, size); 636 return (error); 637 } 638 639 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) { 640 kmem_free(packed, size); 641 return (error); 642 } 643 644 kmem_free(packed, size); 645 646 *nvp = list; 647 return (0); 648 } 649 650 static int 651 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl) 652 { 653 char *packed = NULL; 654 size_t size; 655 int error; 656 657 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0); 658 659 if (size > zc->zc_nvlist_dst_size) { 660 error = ENOMEM; 661 } else { 662 packed = kmem_alloc(size, KM_SLEEP); 663 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE, 664 KM_SLEEP) == 0); 665 error = xcopyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst, 666 size); 667 kmem_free(packed, size); 668 } 669 670 zc->zc_nvlist_dst_size = size; 671 return (error); 672 } 673 674 static int 675 zfs_ioc_pool_create(zfs_cmd_t *zc) 676 { 677 int error; 678 nvlist_t *config, *props = NULL; 679 char *buf; 680 681 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 682 &config)) 683 return (error); 684 685 if (zc->zc_nvlist_src_size != 0 && (error = 686 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, &props))) { 687 nvlist_free(config); 688 return (error); 689 } 690 691 buf = history_str_get(zc); 692 693 error = spa_create(zc->zc_name, config, props, buf); 694 695 if (buf != NULL) 696 history_str_free(buf); 697 698 nvlist_free(config); 699 700 if (props) 701 nvlist_free(props); 702 703 return (error); 704 } 705 706 static int 707 zfs_ioc_pool_destroy(zfs_cmd_t *zc) 708 { 709 int error; 710 zfs_log_history(zc); 711 error = spa_destroy(zc->zc_name); 712 return (error); 713 } 714 715 static int 716 zfs_ioc_pool_import(zfs_cmd_t *zc) 717 { 718 int error; 719 nvlist_t *config, *props = NULL; 720 uint64_t guid; 721 722 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 723 &config)) != 0) 724 return (error); 725 726 if (zc->zc_nvlist_src_size != 0 && (error = 727 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, &props))) { 728 nvlist_free(config); 729 return (error); 730 } 731 732 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 || 733 guid != zc->zc_guid) 734 error = EINVAL; 735 else 736 error = spa_import(zc->zc_name, config, props); 737 738 nvlist_free(config); 739 740 if (props) 741 nvlist_free(props); 742 743 return (error); 744 } 745 746 static int 747 zfs_ioc_pool_export(zfs_cmd_t *zc) 748 { 749 int error; 750 zfs_log_history(zc); 751 error = spa_export(zc->zc_name, NULL); 752 return (error); 753 } 754 755 static int 756 zfs_ioc_pool_configs(zfs_cmd_t *zc) 757 { 758 nvlist_t *configs; 759 int error; 760 761 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL) 762 return (EEXIST); 763 764 error = put_nvlist(zc, configs); 765 766 nvlist_free(configs); 767 768 return (error); 769 } 770 771 static int 772 zfs_ioc_pool_stats(zfs_cmd_t *zc) 773 { 774 nvlist_t *config; 775 int error; 776 int ret = 0; 777 778 error = spa_get_stats(zc->zc_name, &config, zc->zc_value, 779 sizeof (zc->zc_value)); 780 781 if (config != NULL) { 782 ret = put_nvlist(zc, config); 783 nvlist_free(config); 784 785 /* 786 * The config may be present even if 'error' is non-zero. 787 * In this case we return success, and preserve the real errno 788 * in 'zc_cookie'. 789 */ 790 zc->zc_cookie = error; 791 } else { 792 ret = error; 793 } 794 795 return (ret); 796 } 797 798 /* 799 * Try to import the given pool, returning pool stats as appropriate so that 800 * user land knows which devices are available and overall pool health. 801 */ 802 static int 803 zfs_ioc_pool_tryimport(zfs_cmd_t *zc) 804 { 805 nvlist_t *tryconfig, *config; 806 int error; 807 808 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 809 &tryconfig)) != 0) 810 return (error); 811 812 config = spa_tryimport(tryconfig); 813 814 nvlist_free(tryconfig); 815 816 if (config == NULL) 817 return (EINVAL); 818 819 error = put_nvlist(zc, config); 820 nvlist_free(config); 821 822 return (error); 823 } 824 825 static int 826 zfs_ioc_pool_scrub(zfs_cmd_t *zc) 827 { 828 spa_t *spa; 829 int error; 830 831 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 832 return (error); 833 834 mutex_enter(&spa_namespace_lock); 835 error = spa_scrub(spa, zc->zc_cookie, B_FALSE); 836 mutex_exit(&spa_namespace_lock); 837 838 spa_close(spa, FTAG); 839 840 return (error); 841 } 842 843 static int 844 zfs_ioc_pool_freeze(zfs_cmd_t *zc) 845 { 846 spa_t *spa; 847 int error; 848 849 error = spa_open(zc->zc_name, &spa, FTAG); 850 if (error == 0) { 851 spa_freeze(spa); 852 spa_close(spa, FTAG); 853 } 854 return (error); 855 } 856 857 static int 858 zfs_ioc_pool_upgrade(zfs_cmd_t *zc) 859 { 860 spa_t *spa; 861 int error; 862 863 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 864 return (error); 865 866 if (zc->zc_cookie < spa_version(spa) || zc->zc_cookie > SPA_VERSION) { 867 spa_close(spa, FTAG); 868 return (EINVAL); 869 } 870 871 spa_upgrade(spa, zc->zc_cookie); 872 spa_close(spa, FTAG); 873 874 return (error); 875 } 876 877 static int 878 zfs_ioc_pool_get_history(zfs_cmd_t *zc) 879 { 880 spa_t *spa; 881 char *hist_buf; 882 uint64_t size; 883 int error; 884 885 if ((size = zc->zc_history_len) == 0) 886 return (EINVAL); 887 888 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 889 return (error); 890 891 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) { 892 spa_close(spa, FTAG); 893 return (ENOTSUP); 894 } 895 896 hist_buf = kmem_alloc(size, KM_SLEEP); 897 if ((error = spa_history_get(spa, &zc->zc_history_offset, 898 &zc->zc_history_len, hist_buf)) == 0) { 899 error = xcopyout(hist_buf, 900 (char *)(uintptr_t)zc->zc_history, 901 zc->zc_history_len); 902 } 903 904 spa_close(spa, FTAG); 905 kmem_free(hist_buf, size); 906 return (error); 907 } 908 909 static int 910 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc) 911 { 912 int error; 913 914 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value)) 915 return (error); 916 917 return (0); 918 } 919 920 static int 921 zfs_ioc_obj_to_path(zfs_cmd_t *zc) 922 { 923 objset_t *osp; 924 int error; 925 926 if ((error = dmu_objset_open(zc->zc_name, DMU_OST_ZFS, 927 DS_MODE_NONE | DS_MODE_READONLY, &osp)) != 0) 928 return (error); 929 930 error = zfs_obj_to_path(osp, zc->zc_obj, zc->zc_value, 931 sizeof (zc->zc_value)); 932 dmu_objset_close(osp); 933 934 return (error); 935 } 936 937 static int 938 zfs_ioc_vdev_add(zfs_cmd_t *zc) 939 { 940 spa_t *spa; 941 int error; 942 nvlist_t *config; 943 944 error = spa_open(zc->zc_name, &spa, FTAG); 945 if (error != 0) 946 return (error); 947 948 /* 949 * A root pool with concatenated devices is not supported. 950 * Thus, can not add a device to a root pool with one device. 951 */ 952 if (spa->spa_root_vdev->vdev_children == 1 && spa->spa_bootfs != 0) { 953 spa_close(spa, FTAG); 954 return (EDOM); 955 } 956 957 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 958 &config)) == 0) { 959 error = spa_vdev_add(spa, config); 960 nvlist_free(config); 961 } 962 spa_close(spa, FTAG); 963 return (error); 964 } 965 966 static int 967 zfs_ioc_vdev_remove(zfs_cmd_t *zc) 968 { 969 spa_t *spa; 970 int error; 971 972 error = spa_open(zc->zc_name, &spa, FTAG); 973 if (error != 0) 974 return (error); 975 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE); 976 spa_close(spa, FTAG); 977 return (error); 978 } 979 980 static int 981 zfs_ioc_vdev_set_state(zfs_cmd_t *zc) 982 { 983 spa_t *spa; 984 int error; 985 vdev_state_t newstate = VDEV_STATE_UNKNOWN; 986 987 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 988 return (error); 989 switch (zc->zc_cookie) { 990 case VDEV_STATE_ONLINE: 991 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate); 992 break; 993 994 case VDEV_STATE_OFFLINE: 995 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj); 996 break; 997 998 case VDEV_STATE_FAULTED: 999 error = vdev_fault(spa, zc->zc_guid); 1000 break; 1001 1002 case VDEV_STATE_DEGRADED: 1003 error = vdev_degrade(spa, zc->zc_guid); 1004 break; 1005 1006 default: 1007 error = EINVAL; 1008 } 1009 zc->zc_cookie = newstate; 1010 spa_close(spa, FTAG); 1011 return (error); 1012 } 1013 1014 static int 1015 zfs_ioc_vdev_attach(zfs_cmd_t *zc) 1016 { 1017 spa_t *spa; 1018 int replacing = zc->zc_cookie; 1019 nvlist_t *config; 1020 int error; 1021 1022 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1023 return (error); 1024 1025 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 1026 &config)) == 0) { 1027 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing); 1028 nvlist_free(config); 1029 } 1030 1031 spa_close(spa, FTAG); 1032 return (error); 1033 } 1034 1035 static int 1036 zfs_ioc_vdev_detach(zfs_cmd_t *zc) 1037 { 1038 spa_t *spa; 1039 int error; 1040 1041 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1042 return (error); 1043 1044 error = spa_vdev_detach(spa, zc->zc_guid, B_FALSE); 1045 1046 spa_close(spa, FTAG); 1047 return (error); 1048 } 1049 1050 static int 1051 zfs_ioc_vdev_setpath(zfs_cmd_t *zc) 1052 { 1053 spa_t *spa; 1054 char *path = zc->zc_value; 1055 uint64_t guid = zc->zc_guid; 1056 int error; 1057 1058 error = spa_open(zc->zc_name, &spa, FTAG); 1059 if (error != 0) 1060 return (error); 1061 1062 error = spa_vdev_setpath(spa, guid, path); 1063 spa_close(spa, FTAG); 1064 return (error); 1065 } 1066 1067 static int 1068 zfs_ioc_objset_stats(zfs_cmd_t *zc) 1069 { 1070 objset_t *os = NULL; 1071 int error; 1072 nvlist_t *nv; 1073 1074 retry: 1075 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 1076 DS_MODE_STANDARD | DS_MODE_READONLY, &os); 1077 if (error != 0) { 1078 /* 1079 * This is ugly: dmu_objset_open() can return EBUSY if 1080 * the objset is held exclusively. Fortunately this hold is 1081 * only for a short while, so we retry here. 1082 * This avoids user code having to handle EBUSY, 1083 * for example for a "zfs list". 1084 */ 1085 if (error == EBUSY) { 1086 delay(1); 1087 goto retry; 1088 } 1089 return (error); 1090 } 1091 1092 dmu_objset_fast_stat(os, &zc->zc_objset_stats); 1093 1094 if (zc->zc_nvlist_dst != 0 && 1095 (error = dsl_prop_get_all(os, &nv)) == 0) { 1096 dmu_objset_stats(os, nv); 1097 /* 1098 * NB: zvol_get_stats() will read the objset contents, 1099 * which we aren't supposed to do with a 1100 * DS_MODE_STANDARD open, because it could be 1101 * inconsistent. So this is a bit of a workaround... 1102 */ 1103 if (!zc->zc_objset_stats.dds_inconsistent) { 1104 if (dmu_objset_type(os) == DMU_OST_ZVOL) 1105 VERIFY(zvol_get_stats(os, nv) == 0); 1106 } 1107 error = put_nvlist(zc, nv); 1108 nvlist_free(nv); 1109 } 1110 1111 spa_altroot(dmu_objset_spa(os), zc->zc_value, sizeof (zc->zc_value)); 1112 1113 dmu_objset_close(os); 1114 return (error); 1115 } 1116 1117 static int 1118 zfs_ioc_objset_version(zfs_cmd_t *zc) 1119 { 1120 objset_t *os = NULL; 1121 int error; 1122 1123 retry: 1124 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 1125 DS_MODE_STANDARD | DS_MODE_READONLY, &os); 1126 if (error != 0) { 1127 /* 1128 * This is ugly: dmu_objset_open() can return EBUSY if 1129 * the objset is held exclusively. Fortunately this hold is 1130 * only for a short while, so we retry here. 1131 * This avoids user code having to handle EBUSY, 1132 * for example for a "zfs list". 1133 */ 1134 if (error == EBUSY) { 1135 delay(1); 1136 goto retry; 1137 } 1138 return (error); 1139 } 1140 1141 dmu_objset_fast_stat(os, &zc->zc_objset_stats); 1142 1143 /* 1144 * NB: zfs_get_version() will read the objset contents, 1145 * which we aren't supposed to do with a 1146 * DS_MODE_STANDARD open, because it could be 1147 * inconsistent. So this is a bit of a workaround... 1148 */ 1149 zc->zc_cookie = 0; 1150 if (!zc->zc_objset_stats.dds_inconsistent) 1151 if (dmu_objset_type(os) == DMU_OST_ZFS) 1152 (void) zfs_get_version(os, &zc->zc_cookie); 1153 1154 dmu_objset_close(os); 1155 return (0); 1156 } 1157 1158 static int 1159 zfs_ioc_dataset_list_next(zfs_cmd_t *zc) 1160 { 1161 objset_t *os; 1162 int error; 1163 char *p; 1164 1165 retry: 1166 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 1167 DS_MODE_STANDARD | DS_MODE_READONLY, &os); 1168 if (error != 0) { 1169 /* 1170 * This is ugly: dmu_objset_open() can return EBUSY if 1171 * the objset is held exclusively. Fortunately this hold is 1172 * only for a short while, so we retry here. 1173 * This avoids user code having to handle EBUSY, 1174 * for example for a "zfs list". 1175 */ 1176 if (error == EBUSY) { 1177 delay(1); 1178 goto retry; 1179 } 1180 if (error == ENOENT) 1181 error = ESRCH; 1182 return (error); 1183 } 1184 1185 p = strrchr(zc->zc_name, '/'); 1186 if (p == NULL || p[1] != '\0') 1187 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name)); 1188 p = zc->zc_name + strlen(zc->zc_name); 1189 1190 do { 1191 error = dmu_dir_list_next(os, 1192 sizeof (zc->zc_name) - (p - zc->zc_name), p, 1193 NULL, &zc->zc_cookie); 1194 if (error == ENOENT) 1195 error = ESRCH; 1196 } while (error == 0 && !INGLOBALZONE(curproc) && 1197 !zone_dataset_visible(zc->zc_name, NULL)); 1198 1199 /* 1200 * If it's a hidden dataset (ie. with a '$' in its name), don't 1201 * try to get stats for it. Userland will skip over it. 1202 */ 1203 if (error == 0 && strchr(zc->zc_name, '$') == NULL) 1204 error = zfs_ioc_objset_stats(zc); /* fill in the stats */ 1205 1206 dmu_objset_close(os); 1207 return (error); 1208 } 1209 1210 static int 1211 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc) 1212 { 1213 objset_t *os; 1214 int error; 1215 1216 retry: 1217 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 1218 DS_MODE_STANDARD | DS_MODE_READONLY, &os); 1219 if (error != 0) { 1220 /* 1221 * This is ugly: dmu_objset_open() can return EBUSY if 1222 * the objset is held exclusively. Fortunately this hold is 1223 * only for a short while, so we retry here. 1224 * This avoids user code having to handle EBUSY, 1225 * for example for a "zfs list". 1226 */ 1227 if (error == EBUSY) { 1228 delay(1); 1229 goto retry; 1230 } 1231 if (error == ENOENT) 1232 error = ESRCH; 1233 return (error); 1234 } 1235 1236 /* 1237 * A dataset name of maximum length cannot have any snapshots, 1238 * so exit immediately. 1239 */ 1240 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) { 1241 dmu_objset_close(os); 1242 return (ESRCH); 1243 } 1244 1245 error = dmu_snapshot_list_next(os, 1246 sizeof (zc->zc_name) - strlen(zc->zc_name), 1247 zc->zc_name + strlen(zc->zc_name), NULL, &zc->zc_cookie); 1248 if (error == ENOENT) 1249 error = ESRCH; 1250 1251 if (error == 0) 1252 error = zfs_ioc_objset_stats(zc); /* fill in the stats */ 1253 1254 dmu_objset_close(os); 1255 return (error); 1256 } 1257 1258 static int 1259 zfs_set_prop_nvlist(const char *name, nvlist_t *nvl) 1260 { 1261 nvpair_t *elem; 1262 int error; 1263 uint64_t intval; 1264 char *strval; 1265 1266 /* 1267 * First validate permission to set all of the properties 1268 */ 1269 elem = NULL; 1270 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1271 const char *propname = nvpair_name(elem); 1272 zfs_prop_t prop = zfs_name_to_prop(propname); 1273 1274 if (prop == ZPROP_INVAL) { 1275 /* 1276 * If this is a user-defined property, it must be a 1277 * string, and there is no further validation to do. 1278 */ 1279 if (!zfs_prop_user(propname) || 1280 nvpair_type(elem) != DATA_TYPE_STRING) 1281 return (EINVAL); 1282 1283 error = zfs_secpolicy_write_perms(name, 1284 ZFS_DELEG_PERM_USERPROP, CRED()); 1285 if (error) 1286 return (error); 1287 continue; 1288 } 1289 1290 if ((error = zfs_secpolicy_setprop(name, prop, CRED())) != 0) 1291 return (error); 1292 1293 /* 1294 * Check that this value is valid for this pool version 1295 */ 1296 switch (prop) { 1297 case ZFS_PROP_COMPRESSION: 1298 /* 1299 * If the user specified gzip compression, make sure 1300 * the SPA supports it. We ignore any errors here since 1301 * we'll catch them later. 1302 */ 1303 if (nvpair_type(elem) == DATA_TYPE_UINT64 && 1304 nvpair_value_uint64(elem, &intval) == 0 && 1305 intval >= ZIO_COMPRESS_GZIP_1 && 1306 intval <= ZIO_COMPRESS_GZIP_9) { 1307 spa_t *spa; 1308 1309 if (spa_open(name, &spa, FTAG) == 0) { 1310 if (spa_version(spa) < 1311 SPA_VERSION_GZIP_COMPRESSION) { 1312 spa_close(spa, FTAG); 1313 return (ENOTSUP); 1314 } 1315 1316 spa_close(spa, FTAG); 1317 } 1318 } 1319 break; 1320 1321 case ZFS_PROP_COPIES: 1322 { 1323 spa_t *spa; 1324 1325 if (spa_open(name, &spa, FTAG) == 0) { 1326 if (spa_version(spa) < 1327 SPA_VERSION_DITTO_BLOCKS) { 1328 spa_close(spa, FTAG); 1329 return (ENOTSUP); 1330 } 1331 spa_close(spa, FTAG); 1332 } 1333 break; 1334 } 1335 } 1336 } 1337 1338 elem = NULL; 1339 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1340 const char *propname = nvpair_name(elem); 1341 zfs_prop_t prop = zfs_name_to_prop(propname); 1342 1343 if (prop == ZPROP_INVAL) { 1344 VERIFY(nvpair_value_string(elem, &strval) == 0); 1345 error = dsl_prop_set(name, propname, 1, 1346 strlen(strval) + 1, strval); 1347 if (error == 0) 1348 continue; 1349 else 1350 return (error); 1351 } 1352 1353 switch (prop) { 1354 case ZFS_PROP_QUOTA: 1355 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1356 (error = dsl_dir_set_quota(name, intval)) != 0) 1357 return (error); 1358 break; 1359 1360 case ZFS_PROP_RESERVATION: 1361 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1362 (error = dsl_dir_set_reservation(name, 1363 intval)) != 0) 1364 return (error); 1365 break; 1366 1367 case ZFS_PROP_VOLSIZE: 1368 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1369 (error = zvol_set_volsize(name, 1370 ddi_driver_major(zfs_dip), intval)) != 0) 1371 return (error); 1372 break; 1373 1374 case ZFS_PROP_VOLBLOCKSIZE: 1375 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1376 (error = zvol_set_volblocksize(name, intval)) != 0) 1377 return (error); 1378 break; 1379 1380 case ZFS_PROP_VERSION: 1381 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1382 (error = zfs_set_version(name, intval)) != 0) 1383 return (error); 1384 break; 1385 1386 default: 1387 if (nvpair_type(elem) == DATA_TYPE_STRING) { 1388 if (zfs_prop_get_type(prop) != 1389 PROP_TYPE_STRING) 1390 return (EINVAL); 1391 VERIFY(nvpair_value_string(elem, &strval) == 0); 1392 if ((error = dsl_prop_set(name, 1393 nvpair_name(elem), 1, strlen(strval) + 1, 1394 strval)) != 0) 1395 return (error); 1396 } else if (nvpair_type(elem) == DATA_TYPE_UINT64) { 1397 const char *unused; 1398 1399 VERIFY(nvpair_value_uint64(elem, &intval) == 0); 1400 1401 switch (zfs_prop_get_type(prop)) { 1402 case PROP_TYPE_NUMBER: 1403 break; 1404 case PROP_TYPE_STRING: 1405 return (EINVAL); 1406 case PROP_TYPE_INDEX: 1407 if (zfs_prop_index_to_string(prop, 1408 intval, &unused) != 0) 1409 return (EINVAL); 1410 break; 1411 default: 1412 cmn_err(CE_PANIC, 1413 "unknown property type"); 1414 break; 1415 } 1416 1417 if ((error = dsl_prop_set(name, propname, 1418 8, 1, &intval)) != 0) 1419 return (error); 1420 } else { 1421 return (EINVAL); 1422 } 1423 break; 1424 } 1425 } 1426 1427 return (0); 1428 } 1429 1430 static int 1431 zfs_ioc_set_prop(zfs_cmd_t *zc) 1432 { 1433 nvlist_t *nvl; 1434 int error; 1435 1436 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1437 &nvl)) != 0) 1438 return (error); 1439 1440 error = zfs_set_prop_nvlist(zc->zc_name, nvl); 1441 1442 nvlist_free(nvl); 1443 return (error); 1444 } 1445 1446 static int 1447 zfs_ioc_inherit_prop(zfs_cmd_t *zc) 1448 { 1449 /* the property name has been validated by zfs_secpolicy_inherit() */ 1450 return (dsl_prop_set(zc->zc_name, zc->zc_value, 0, 0, NULL)); 1451 } 1452 1453 static int 1454 zfs_ioc_pool_set_props(zfs_cmd_t *zc) 1455 { 1456 nvlist_t *props; 1457 spa_t *spa; 1458 int error; 1459 1460 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1461 &props))) 1462 return (error); 1463 1464 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) { 1465 nvlist_free(props); 1466 return (error); 1467 } 1468 1469 error = spa_prop_set(spa, props); 1470 1471 nvlist_free(props); 1472 spa_close(spa, FTAG); 1473 1474 return (error); 1475 } 1476 1477 static int 1478 zfs_ioc_pool_get_props(zfs_cmd_t *zc) 1479 { 1480 spa_t *spa; 1481 int error; 1482 nvlist_t *nvp = NULL; 1483 1484 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1485 return (error); 1486 1487 error = spa_prop_get(spa, &nvp); 1488 1489 if (error == 0 && zc->zc_nvlist_dst != NULL) 1490 error = put_nvlist(zc, nvp); 1491 else 1492 error = EFAULT; 1493 1494 spa_close(spa, FTAG); 1495 1496 if (nvp) 1497 nvlist_free(nvp); 1498 return (error); 1499 } 1500 1501 static int 1502 zfs_ioc_iscsi_perm_check(zfs_cmd_t *zc) 1503 { 1504 nvlist_t *nvp; 1505 int error; 1506 uint32_t uid; 1507 uint32_t gid; 1508 uint32_t *groups; 1509 uint_t group_cnt; 1510 cred_t *usercred; 1511 1512 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1513 &nvp)) != 0) { 1514 return (error); 1515 } 1516 1517 if ((error = nvlist_lookup_uint32(nvp, 1518 ZFS_DELEG_PERM_UID, &uid)) != 0) { 1519 nvlist_free(nvp); 1520 return (EPERM); 1521 } 1522 1523 if ((error = nvlist_lookup_uint32(nvp, 1524 ZFS_DELEG_PERM_GID, &gid)) != 0) { 1525 nvlist_free(nvp); 1526 return (EPERM); 1527 } 1528 1529 if ((error = nvlist_lookup_uint32_array(nvp, ZFS_DELEG_PERM_GROUPS, 1530 &groups, &group_cnt)) != 0) { 1531 nvlist_free(nvp); 1532 return (EPERM); 1533 } 1534 usercred = cralloc(); 1535 if ((crsetugid(usercred, uid, gid) != 0) || 1536 (crsetgroups(usercred, group_cnt, (gid_t *)groups) != 0)) { 1537 nvlist_free(nvp); 1538 crfree(usercred); 1539 return (EPERM); 1540 } 1541 nvlist_free(nvp); 1542 error = dsl_deleg_access(zc->zc_name, 1543 zfs_prop_to_name(ZFS_PROP_SHAREISCSI), usercred); 1544 crfree(usercred); 1545 return (error); 1546 } 1547 1548 static int 1549 zfs_ioc_set_fsacl(zfs_cmd_t *zc) 1550 { 1551 int error; 1552 nvlist_t *fsaclnv = NULL; 1553 1554 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1555 &fsaclnv)) != 0) 1556 return (error); 1557 1558 /* 1559 * Verify nvlist is constructed correctly 1560 */ 1561 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) { 1562 nvlist_free(fsaclnv); 1563 return (EINVAL); 1564 } 1565 1566 /* 1567 * If we don't have PRIV_SYS_MOUNT, then validate 1568 * that user is allowed to hand out each permission in 1569 * the nvlist(s) 1570 */ 1571 1572 error = secpolicy_zfs(CRED()); 1573 if (error) { 1574 if (zc->zc_perm_action == B_FALSE) { 1575 error = dsl_deleg_can_allow(zc->zc_name, 1576 fsaclnv, CRED()); 1577 } else { 1578 error = dsl_deleg_can_unallow(zc->zc_name, 1579 fsaclnv, CRED()); 1580 } 1581 } 1582 1583 if (error == 0) 1584 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action); 1585 1586 nvlist_free(fsaclnv); 1587 return (error); 1588 } 1589 1590 static int 1591 zfs_ioc_get_fsacl(zfs_cmd_t *zc) 1592 { 1593 nvlist_t *nvp; 1594 int error; 1595 1596 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) { 1597 error = put_nvlist(zc, nvp); 1598 nvlist_free(nvp); 1599 } 1600 1601 return (error); 1602 } 1603 1604 static int 1605 zfs_ioc_create_minor(zfs_cmd_t *zc) 1606 { 1607 return (zvol_create_minor(zc->zc_name, ddi_driver_major(zfs_dip))); 1608 } 1609 1610 static int 1611 zfs_ioc_remove_minor(zfs_cmd_t *zc) 1612 { 1613 return (zvol_remove_minor(zc->zc_name)); 1614 } 1615 1616 /* 1617 * Search the vfs list for a specified resource. Returns a pointer to it 1618 * or NULL if no suitable entry is found. The caller of this routine 1619 * is responsible for releasing the returned vfs pointer. 1620 */ 1621 static vfs_t * 1622 zfs_get_vfs(const char *resource) 1623 { 1624 struct vfs *vfsp; 1625 struct vfs *vfs_found = NULL; 1626 1627 vfs_list_read_lock(); 1628 vfsp = rootvfs; 1629 do { 1630 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) { 1631 VFS_HOLD(vfsp); 1632 vfs_found = vfsp; 1633 break; 1634 } 1635 vfsp = vfsp->vfs_next; 1636 } while (vfsp != rootvfs); 1637 vfs_list_unlock(); 1638 return (vfs_found); 1639 } 1640 1641 /* ARGSUSED */ 1642 static void 1643 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx) 1644 { 1645 nvlist_t *nvprops = arg; 1646 uint64_t version = ZPL_VERSION; 1647 1648 (void) nvlist_lookup_uint64(nvprops, 1649 zfs_prop_to_name(ZFS_PROP_VERSION), &version); 1650 1651 zfs_create_fs(os, cr, version, tx); 1652 } 1653 1654 static int 1655 zfs_ioc_create(zfs_cmd_t *zc) 1656 { 1657 objset_t *clone; 1658 int error = 0; 1659 nvlist_t *nvprops = NULL; 1660 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx); 1661 dmu_objset_type_t type = zc->zc_objset_type; 1662 1663 switch (type) { 1664 1665 case DMU_OST_ZFS: 1666 cbfunc = zfs_create_cb; 1667 break; 1668 1669 case DMU_OST_ZVOL: 1670 cbfunc = zvol_create_cb; 1671 break; 1672 1673 default: 1674 cbfunc = NULL; 1675 } 1676 if (strchr(zc->zc_name, '@') || 1677 strchr(zc->zc_name, '%')) 1678 return (EINVAL); 1679 1680 if (zc->zc_nvlist_src != NULL && 1681 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1682 &nvprops)) != 0) 1683 return (error); 1684 1685 if (zc->zc_value[0] != '\0') { 1686 /* 1687 * We're creating a clone of an existing snapshot. 1688 */ 1689 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0'; 1690 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) { 1691 nvlist_free(nvprops); 1692 return (EINVAL); 1693 } 1694 1695 error = dmu_objset_open(zc->zc_value, type, 1696 DS_MODE_STANDARD | DS_MODE_READONLY, &clone); 1697 if (error) { 1698 nvlist_free(nvprops); 1699 return (error); 1700 } 1701 error = dmu_objset_create(zc->zc_name, type, clone, NULL, NULL); 1702 dmu_objset_close(clone); 1703 } else { 1704 if (cbfunc == NULL) { 1705 nvlist_free(nvprops); 1706 return (EINVAL); 1707 } 1708 1709 if (type == DMU_OST_ZVOL) { 1710 uint64_t volsize, volblocksize; 1711 1712 if (nvprops == NULL || 1713 nvlist_lookup_uint64(nvprops, 1714 zfs_prop_to_name(ZFS_PROP_VOLSIZE), 1715 &volsize) != 0) { 1716 nvlist_free(nvprops); 1717 return (EINVAL); 1718 } 1719 1720 if ((error = nvlist_lookup_uint64(nvprops, 1721 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE), 1722 &volblocksize)) != 0 && error != ENOENT) { 1723 nvlist_free(nvprops); 1724 return (EINVAL); 1725 } 1726 1727 if (error != 0) 1728 volblocksize = zfs_prop_default_numeric( 1729 ZFS_PROP_VOLBLOCKSIZE); 1730 1731 if ((error = zvol_check_volblocksize( 1732 volblocksize)) != 0 || 1733 (error = zvol_check_volsize(volsize, 1734 volblocksize)) != 0) { 1735 nvlist_free(nvprops); 1736 return (error); 1737 } 1738 } else if (type == DMU_OST_ZFS) { 1739 uint64_t version; 1740 1741 if (0 == nvlist_lookup_uint64(nvprops, 1742 zfs_prop_to_name(ZFS_PROP_VERSION), &version) && 1743 (version < ZPL_VERSION_INITIAL || 1744 version > ZPL_VERSION)) { 1745 nvlist_free(nvprops); 1746 return (EINVAL); 1747 } 1748 } 1749 1750 error = dmu_objset_create(zc->zc_name, type, NULL, cbfunc, 1751 nvprops); 1752 } 1753 1754 /* 1755 * It would be nice to do this atomically. 1756 */ 1757 if (error == 0) { 1758 if ((error = zfs_set_prop_nvlist(zc->zc_name, nvprops)) != 0) 1759 (void) dmu_objset_destroy(zc->zc_name); 1760 } 1761 1762 nvlist_free(nvprops); 1763 return (error); 1764 } 1765 1766 static int 1767 zfs_ioc_snapshot(zfs_cmd_t *zc) 1768 { 1769 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 1770 return (EINVAL); 1771 return (dmu_objset_snapshot(zc->zc_name, 1772 zc->zc_value, zc->zc_cookie)); 1773 } 1774 1775 int 1776 zfs_unmount_snap(char *name, void *arg) 1777 { 1778 char *snapname = arg; 1779 char *cp; 1780 vfs_t *vfsp = NULL; 1781 1782 /* 1783 * Snapshots (which are under .zfs control) must be unmounted 1784 * before they can be destroyed. 1785 */ 1786 1787 if (snapname) { 1788 (void) strcat(name, "@"); 1789 (void) strcat(name, snapname); 1790 vfsp = zfs_get_vfs(name); 1791 cp = strchr(name, '@'); 1792 *cp = '\0'; 1793 } else if (strchr(name, '@')) { 1794 vfsp = zfs_get_vfs(name); 1795 } 1796 1797 if (vfsp) { 1798 /* 1799 * Always force the unmount for snapshots. 1800 */ 1801 int flag = MS_FORCE; 1802 int err; 1803 1804 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) { 1805 VFS_RELE(vfsp); 1806 return (err); 1807 } 1808 VFS_RELE(vfsp); 1809 if ((err = dounmount(vfsp, flag, kcred)) != 0) 1810 return (err); 1811 } 1812 return (0); 1813 } 1814 1815 static int 1816 zfs_ioc_destroy_snaps(zfs_cmd_t *zc) 1817 { 1818 int err; 1819 1820 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 1821 return (EINVAL); 1822 err = dmu_objset_find(zc->zc_name, 1823 zfs_unmount_snap, zc->zc_value, DS_FIND_CHILDREN); 1824 if (err) 1825 return (err); 1826 return (dmu_snapshots_destroy(zc->zc_name, zc->zc_value)); 1827 } 1828 1829 static int 1830 zfs_ioc_destroy(zfs_cmd_t *zc) 1831 { 1832 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) { 1833 int err = zfs_unmount_snap(zc->zc_name, NULL); 1834 if (err) 1835 return (err); 1836 } 1837 1838 return (dmu_objset_destroy(zc->zc_name)); 1839 } 1840 1841 static int 1842 zfs_ioc_rollback(zfs_cmd_t *zc) 1843 { 1844 return (dmu_objset_rollback(zc->zc_name)); 1845 } 1846 1847 static int 1848 zfs_ioc_rename(zfs_cmd_t *zc) 1849 { 1850 boolean_t recursive = zc->zc_cookie & 1; 1851 1852 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0'; 1853 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 || 1854 strchr(zc->zc_value, '%')) 1855 return (EINVAL); 1856 1857 /* 1858 * Unmount snapshot unless we're doing a recursive rename, 1859 * in which case the dataset code figures out which snapshots 1860 * to unmount. 1861 */ 1862 if (!recursive && strchr(zc->zc_name, '@') != NULL && 1863 zc->zc_objset_type == DMU_OST_ZFS) { 1864 int err = zfs_unmount_snap(zc->zc_name, NULL); 1865 if (err) 1866 return (err); 1867 } 1868 1869 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive)); 1870 } 1871 1872 static int 1873 zfs_ioc_recvbackup(zfs_cmd_t *zc) 1874 { 1875 file_t *fp; 1876 offset_t new_off; 1877 objset_t *os; 1878 zfsvfs_t *zfsvfs = NULL; 1879 char *cp; 1880 char cosname[MAXNAMELEN]; 1881 boolean_t force = (boolean_t)zc->zc_guid; 1882 int error, fd; 1883 1884 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 || 1885 strchr(zc->zc_value, '@') == NULL || 1886 strchr(zc->zc_value, '%')) 1887 return (EINVAL); 1888 1889 fd = zc->zc_cookie; 1890 fp = getf(fd); 1891 if (fp == NULL) 1892 return (EBADF); 1893 1894 /* 1895 * Get the zfsvfs for the receiving objset. There 1896 * won't be one if we're operating on a zvol, if the 1897 * objset doesn't exist yet, or is not mounted. 1898 */ 1899 cp = strchr(zc->zc_value, '@'); 1900 *cp = '\0'; 1901 error = dmu_objset_open(zc->zc_value, DMU_OST_ANY, 1902 DS_MODE_STANDARD | DS_MODE_READONLY, &os); 1903 *cp = '@'; 1904 if (!error) { 1905 if (dmu_objset_type(os) == DMU_OST_ZFS) { 1906 mutex_enter(&os->os->os_user_ptr_lock); 1907 zfsvfs = dmu_objset_get_user(os); 1908 if (zfsvfs != NULL) 1909 VFS_HOLD(zfsvfs->z_vfs); 1910 mutex_exit(&os->os->os_user_ptr_lock); 1911 } 1912 dmu_objset_close(os); 1913 } 1914 1915 error = dmu_recvbackup(zc->zc_value, &zc->zc_begin_record, 1916 &zc->zc_cookie, force, zfsvfs != NULL, fp->f_vnode, 1917 fp->f_offset, cosname); 1918 1919 /* 1920 * For incremental snapshots where we created a 1921 * temporary clone, we now swap zfsvfs::z_os with 1922 * the newly created and received "cosname". 1923 */ 1924 if (!error && zfsvfs != NULL) { 1925 char osname[MAXNAMELEN]; 1926 int mode; 1927 1928 error = zfs_suspend_fs(zfsvfs, osname, &mode); 1929 if (!error) { 1930 int swap_err; 1931 int snap_err = 0; 1932 1933 swap_err = dsl_dataset_clone_swap(cosname, force); 1934 if (!swap_err) { 1935 char *cp = strrchr(zc->zc_value, '@'); 1936 1937 *cp = '\0'; 1938 snap_err = dmu_replay_end_snapshot(zc->zc_value, 1939 &zc->zc_begin_record); 1940 *cp = '@'; 1941 } 1942 error = zfs_resume_fs(zfsvfs, osname, mode); 1943 if (!error) 1944 error = swap_err; 1945 if (!error) 1946 error = snap_err; 1947 } 1948 1949 /* destroy the clone we created */ 1950 (void) dmu_objset_destroy(cosname); 1951 } 1952 if (zfsvfs != NULL) 1953 VFS_RELE(zfsvfs->z_vfs); 1954 new_off = fp->f_offset + zc->zc_cookie; 1955 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &new_off) == 0) 1956 fp->f_offset = new_off; 1957 1958 releasef(fd); 1959 return (error); 1960 } 1961 1962 static int 1963 zfs_ioc_sendbackup(zfs_cmd_t *zc) 1964 { 1965 objset_t *fromsnap = NULL; 1966 objset_t *tosnap; 1967 file_t *fp; 1968 int error; 1969 1970 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 1971 DS_MODE_STANDARD | DS_MODE_READONLY, &tosnap); 1972 if (error) 1973 return (error); 1974 1975 if (zc->zc_value[0] != '\0') { 1976 char buf[MAXPATHLEN]; 1977 char *cp; 1978 1979 (void) strncpy(buf, zc->zc_name, sizeof (buf)); 1980 cp = strchr(buf, '@'); 1981 if (cp) 1982 *(cp+1) = 0; 1983 (void) strncat(buf, zc->zc_value, sizeof (buf)); 1984 error = dmu_objset_open(buf, DMU_OST_ANY, 1985 DS_MODE_STANDARD | DS_MODE_READONLY, &fromsnap); 1986 if (error) { 1987 dmu_objset_close(tosnap); 1988 return (error); 1989 } 1990 } 1991 1992 fp = getf(zc->zc_cookie); 1993 if (fp == NULL) { 1994 dmu_objset_close(tosnap); 1995 if (fromsnap) 1996 dmu_objset_close(fromsnap); 1997 return (EBADF); 1998 } 1999 2000 error = dmu_sendbackup(tosnap, fromsnap, fp->f_vnode); 2001 2002 releasef(zc->zc_cookie); 2003 if (fromsnap) 2004 dmu_objset_close(fromsnap); 2005 dmu_objset_close(tosnap); 2006 return (error); 2007 } 2008 2009 static int 2010 zfs_ioc_inject_fault(zfs_cmd_t *zc) 2011 { 2012 int id, error; 2013 2014 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id, 2015 &zc->zc_inject_record); 2016 2017 if (error == 0) 2018 zc->zc_guid = (uint64_t)id; 2019 2020 return (error); 2021 } 2022 2023 static int 2024 zfs_ioc_clear_fault(zfs_cmd_t *zc) 2025 { 2026 return (zio_clear_fault((int)zc->zc_guid)); 2027 } 2028 2029 static int 2030 zfs_ioc_inject_list_next(zfs_cmd_t *zc) 2031 { 2032 int id = (int)zc->zc_guid; 2033 int error; 2034 2035 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name), 2036 &zc->zc_inject_record); 2037 2038 zc->zc_guid = id; 2039 2040 return (error); 2041 } 2042 2043 static int 2044 zfs_ioc_error_log(zfs_cmd_t *zc) 2045 { 2046 spa_t *spa; 2047 int error; 2048 size_t count = (size_t)zc->zc_nvlist_dst_size; 2049 2050 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 2051 return (error); 2052 2053 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst, 2054 &count); 2055 if (error == 0) 2056 zc->zc_nvlist_dst_size = count; 2057 else 2058 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa); 2059 2060 spa_close(spa, FTAG); 2061 2062 return (error); 2063 } 2064 2065 static int 2066 zfs_ioc_clear(zfs_cmd_t *zc) 2067 { 2068 spa_t *spa; 2069 vdev_t *vd; 2070 uint64_t txg; 2071 int error; 2072 2073 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 2074 return (error); 2075 2076 txg = spa_vdev_enter(spa); 2077 2078 if (zc->zc_guid == 0) { 2079 vd = NULL; 2080 } else if ((vd = spa_lookup_by_guid(spa, zc->zc_guid)) == NULL) { 2081 (void) spa_vdev_exit(spa, NULL, txg, ENODEV); 2082 spa_close(spa, FTAG); 2083 return (ENODEV); 2084 } 2085 2086 vdev_clear(spa, vd); 2087 2088 (void) spa_vdev_exit(spa, NULL, txg, 0); 2089 2090 spa_close(spa, FTAG); 2091 2092 return (0); 2093 } 2094 2095 static int 2096 zfs_ioc_promote(zfs_cmd_t *zc) 2097 { 2098 char *cp; 2099 2100 /* 2101 * We don't need to unmount *all* the origin fs's snapshots, but 2102 * it's easier. 2103 */ 2104 cp = strchr(zc->zc_value, '@'); 2105 if (cp) 2106 *cp = '\0'; 2107 (void) dmu_objset_find(zc->zc_value, 2108 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS); 2109 return (dsl_dataset_promote(zc->zc_name)); 2110 } 2111 2112 /* 2113 * We don't want to have a hard dependency 2114 * against some special symbols in sharefs 2115 * and nfs. Determine them if needed when 2116 * the first file system is shared. 2117 * Neither sharefs or nfs are unloadable modules. 2118 */ 2119 int (*zexport_fs)(void *arg); 2120 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t); 2121 2122 int zfs_share_inited; 2123 ddi_modhandle_t nfs_mod; 2124 ddi_modhandle_t sharefs_mod; 2125 kmutex_t zfs_share_lock; 2126 2127 static int 2128 zfs_ioc_share(zfs_cmd_t *zc) 2129 { 2130 int error; 2131 int opcode; 2132 2133 if (zfs_share_inited == 0) { 2134 mutex_enter(&zfs_share_lock); 2135 nfs_mod = ddi_modopen("fs/nfs", KRTLD_MODE_FIRST, &error); 2136 sharefs_mod = ddi_modopen("fs/sharefs", 2137 KRTLD_MODE_FIRST, &error); 2138 if (nfs_mod == NULL || sharefs_mod == NULL) { 2139 mutex_exit(&zfs_share_lock); 2140 return (ENOSYS); 2141 } 2142 if (zexport_fs == NULL && ((zexport_fs = (int (*)(void *)) 2143 ddi_modsym(nfs_mod, "nfs_export", &error)) == NULL)) { 2144 mutex_exit(&zfs_share_lock); 2145 return (ENOSYS); 2146 } 2147 2148 if (zshare_fs == NULL && ((zshare_fs = 2149 (int (*)(enum sharefs_sys_op, share_t *, uint32_t)) 2150 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) { 2151 mutex_exit(&zfs_share_lock); 2152 return (ENOSYS); 2153 } 2154 zfs_share_inited = 1; 2155 mutex_exit(&zfs_share_lock); 2156 } 2157 2158 if (error = zexport_fs((void *)(uintptr_t)zc->zc_share.z_exportdata)) 2159 return (error); 2160 2161 opcode = (zc->zc_share.z_sharetype == B_TRUE) ? 2162 SHAREFS_ADD : SHAREFS_REMOVE; 2163 2164 error = zshare_fs(opcode, 2165 (void *)(uintptr_t)zc->zc_share.z_sharedata, 2166 zc->zc_share.z_sharemax); 2167 2168 return (error); 2169 2170 } 2171 2172 /* 2173 * pool create, destroy, and export don't log the history as part of 2174 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export 2175 * do the logging of those commands. 2176 */ 2177 static zfs_ioc_vec_t zfs_ioc_vec[] = { 2178 { zfs_ioc_pool_create, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 2179 { zfs_ioc_pool_destroy, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 2180 { zfs_ioc_pool_import, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2181 { zfs_ioc_pool_export, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 2182 { zfs_ioc_pool_configs, zfs_secpolicy_none, NO_NAME, B_FALSE }, 2183 { zfs_ioc_pool_stats, zfs_secpolicy_read, POOL_NAME, B_FALSE }, 2184 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, NO_NAME, B_FALSE }, 2185 { zfs_ioc_pool_scrub, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2186 { zfs_ioc_pool_freeze, zfs_secpolicy_config, NO_NAME, B_FALSE }, 2187 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2188 { zfs_ioc_pool_get_history, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 2189 { zfs_ioc_vdev_add, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2190 { zfs_ioc_vdev_remove, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2191 { zfs_ioc_vdev_set_state, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2192 { zfs_ioc_vdev_attach, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2193 { zfs_ioc_vdev_detach, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2194 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 2195 { zfs_ioc_objset_stats, zfs_secpolicy_read, DATASET_NAME, B_FALSE }, 2196 { zfs_ioc_objset_version, zfs_secpolicy_read, DATASET_NAME, B_FALSE }, 2197 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, 2198 DATASET_NAME, B_FALSE }, 2199 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, 2200 DATASET_NAME, B_FALSE }, 2201 { zfs_ioc_set_prop, zfs_secpolicy_none, DATASET_NAME, B_TRUE }, 2202 { zfs_ioc_create_minor, zfs_secpolicy_minor, DATASET_NAME, B_FALSE }, 2203 { zfs_ioc_remove_minor, zfs_secpolicy_minor, DATASET_NAME, B_FALSE }, 2204 { zfs_ioc_create, zfs_secpolicy_create, DATASET_NAME, B_TRUE }, 2205 { zfs_ioc_destroy, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE }, 2206 { zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME, B_TRUE }, 2207 { zfs_ioc_rename, zfs_secpolicy_rename, DATASET_NAME, B_TRUE }, 2208 { zfs_ioc_recvbackup, zfs_secpolicy_receive, DATASET_NAME, B_TRUE }, 2209 { zfs_ioc_sendbackup, zfs_secpolicy_send, DATASET_NAME, B_TRUE }, 2210 { zfs_ioc_inject_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE }, 2211 { zfs_ioc_clear_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE }, 2212 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, NO_NAME, B_FALSE }, 2213 { zfs_ioc_error_log, zfs_secpolicy_inject, POOL_NAME, B_FALSE }, 2214 { zfs_ioc_clear, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2215 { zfs_ioc_promote, zfs_secpolicy_promote, DATASET_NAME, B_TRUE }, 2216 { zfs_ioc_destroy_snaps, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE }, 2217 { zfs_ioc_snapshot, zfs_secpolicy_snapshot, DATASET_NAME, B_TRUE }, 2218 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 2219 { zfs_ioc_obj_to_path, zfs_secpolicy_config, NO_NAME, B_FALSE }, 2220 { zfs_ioc_pool_set_props, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 2221 { zfs_ioc_pool_get_props, zfs_secpolicy_read, POOL_NAME, B_FALSE }, 2222 { zfs_ioc_set_fsacl, zfs_secpolicy_fsacl, DATASET_NAME, B_TRUE }, 2223 { zfs_ioc_get_fsacl, zfs_secpolicy_read, DATASET_NAME, B_FALSE }, 2224 { zfs_ioc_iscsi_perm_check, zfs_secpolicy_iscsi, 2225 DATASET_NAME, B_FALSE }, 2226 { zfs_ioc_share, zfs_secpolicy_share, DATASET_NAME, B_FALSE }, 2227 { zfs_ioc_inherit_prop, zfs_secpolicy_inherit, DATASET_NAME, B_TRUE }, 2228 }; 2229 2230 static int 2231 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp) 2232 { 2233 zfs_cmd_t *zc; 2234 uint_t vec; 2235 int error, rc; 2236 2237 if (getminor(dev) != 0) 2238 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp)); 2239 2240 vec = cmd - ZFS_IOC; 2241 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip)); 2242 2243 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0])) 2244 return (EINVAL); 2245 2246 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP); 2247 2248 error = xcopyin((void *)arg, zc, sizeof (zfs_cmd_t)); 2249 2250 if (error == 0) 2251 error = zfs_ioc_vec[vec].zvec_secpolicy(zc, cr); 2252 2253 /* 2254 * Ensure that all pool/dataset names are valid before we pass down to 2255 * the lower layers. 2256 */ 2257 if (error == 0) { 2258 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0'; 2259 switch (zfs_ioc_vec[vec].zvec_namecheck) { 2260 case POOL_NAME: 2261 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0) 2262 error = EINVAL; 2263 break; 2264 2265 case DATASET_NAME: 2266 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0) 2267 error = EINVAL; 2268 break; 2269 2270 case NO_NAME: 2271 break; 2272 } 2273 } 2274 2275 if (error == 0) 2276 error = zfs_ioc_vec[vec].zvec_func(zc); 2277 2278 rc = xcopyout(zc, (void *)arg, sizeof (zfs_cmd_t)); 2279 if (error == 0) { 2280 error = rc; 2281 if (zfs_ioc_vec[vec].zvec_his_log == B_TRUE) 2282 zfs_log_history(zc); 2283 } 2284 2285 kmem_free(zc, sizeof (zfs_cmd_t)); 2286 return (error); 2287 } 2288 2289 static int 2290 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd) 2291 { 2292 if (cmd != DDI_ATTACH) 2293 return (DDI_FAILURE); 2294 2295 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0, 2296 DDI_PSEUDO, 0) == DDI_FAILURE) 2297 return (DDI_FAILURE); 2298 2299 zfs_dip = dip; 2300 2301 ddi_report_dev(dip); 2302 2303 return (DDI_SUCCESS); 2304 } 2305 2306 static int 2307 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd) 2308 { 2309 if (spa_busy() || zfs_busy() || zvol_busy()) 2310 return (DDI_FAILURE); 2311 2312 if (cmd != DDI_DETACH) 2313 return (DDI_FAILURE); 2314 2315 zfs_dip = NULL; 2316 2317 ddi_prop_remove_all(dip); 2318 ddi_remove_minor_node(dip, NULL); 2319 2320 return (DDI_SUCCESS); 2321 } 2322 2323 /*ARGSUSED*/ 2324 static int 2325 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result) 2326 { 2327 switch (infocmd) { 2328 case DDI_INFO_DEVT2DEVINFO: 2329 *result = zfs_dip; 2330 return (DDI_SUCCESS); 2331 2332 case DDI_INFO_DEVT2INSTANCE: 2333 *result = (void *)0; 2334 return (DDI_SUCCESS); 2335 } 2336 2337 return (DDI_FAILURE); 2338 } 2339 2340 /* 2341 * OK, so this is a little weird. 2342 * 2343 * /dev/zfs is the control node, i.e. minor 0. 2344 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0. 2345 * 2346 * /dev/zfs has basically nothing to do except serve up ioctls, 2347 * so most of the standard driver entry points are in zvol.c. 2348 */ 2349 static struct cb_ops zfs_cb_ops = { 2350 zvol_open, /* open */ 2351 zvol_close, /* close */ 2352 zvol_strategy, /* strategy */ 2353 nodev, /* print */ 2354 nodev, /* dump */ 2355 zvol_read, /* read */ 2356 zvol_write, /* write */ 2357 zfsdev_ioctl, /* ioctl */ 2358 nodev, /* devmap */ 2359 nodev, /* mmap */ 2360 nodev, /* segmap */ 2361 nochpoll, /* poll */ 2362 ddi_prop_op, /* prop_op */ 2363 NULL, /* streamtab */ 2364 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */ 2365 CB_REV, /* version */ 2366 nodev, /* async read */ 2367 nodev, /* async write */ 2368 }; 2369 2370 static struct dev_ops zfs_dev_ops = { 2371 DEVO_REV, /* version */ 2372 0, /* refcnt */ 2373 zfs_info, /* info */ 2374 nulldev, /* identify */ 2375 nulldev, /* probe */ 2376 zfs_attach, /* attach */ 2377 zfs_detach, /* detach */ 2378 nodev, /* reset */ 2379 &zfs_cb_ops, /* driver operations */ 2380 NULL /* no bus operations */ 2381 }; 2382 2383 static struct modldrv zfs_modldrv = { 2384 &mod_driverops, "ZFS storage pool version " SPA_VERSION_STRING, 2385 &zfs_dev_ops 2386 }; 2387 2388 static struct modlinkage modlinkage = { 2389 MODREV_1, 2390 (void *)&zfs_modlfs, 2391 (void *)&zfs_modldrv, 2392 NULL 2393 }; 2394 2395 2396 uint_t zfs_fsyncer_key; 2397 extern uint_t rrw_tsd_key; 2398 2399 int 2400 _init(void) 2401 { 2402 int error; 2403 2404 spa_init(FREAD | FWRITE); 2405 zfs_init(); 2406 zvol_init(); 2407 2408 if ((error = mod_install(&modlinkage)) != 0) { 2409 zvol_fini(); 2410 zfs_fini(); 2411 spa_fini(); 2412 return (error); 2413 } 2414 2415 tsd_create(&zfs_fsyncer_key, NULL); 2416 tsd_create(&rrw_tsd_key, NULL); 2417 2418 error = ldi_ident_from_mod(&modlinkage, &zfs_li); 2419 ASSERT(error == 0); 2420 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL); 2421 2422 return (0); 2423 } 2424 2425 int 2426 _fini(void) 2427 { 2428 int error; 2429 2430 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled) 2431 return (EBUSY); 2432 2433 if ((error = mod_remove(&modlinkage)) != 0) 2434 return (error); 2435 2436 zvol_fini(); 2437 zfs_fini(); 2438 spa_fini(); 2439 if (zfs_share_inited) { 2440 (void) ddi_modclose(nfs_mod); 2441 (void) ddi_modclose(sharefs_mod); 2442 } 2443 2444 tsd_destroy(&zfs_fsyncer_key); 2445 ldi_ident_release(zfs_li); 2446 zfs_li = NULL; 2447 mutex_destroy(&zfs_share_lock); 2448 2449 return (error); 2450 } 2451 2452 int 2453 _info(struct modinfo *modinfop) 2454 { 2455 return (mod_info(&modlinkage, modinfop)); 2456 } 2457