1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #include <sys/types.h> 27 #include <sys/param.h> 28 #include <sys/errno.h> 29 #include <sys/uio.h> 30 #include <sys/buf.h> 31 #include <sys/modctl.h> 32 #include <sys/open.h> 33 #include <sys/file.h> 34 #include <sys/kmem.h> 35 #include <sys/conf.h> 36 #include <sys/cmn_err.h> 37 #include <sys/stat.h> 38 #include <sys/zfs_ioctl.h> 39 #include <sys/zfs_znode.h> 40 #include <sys/zap.h> 41 #include <sys/spa.h> 42 #include <sys/spa_impl.h> 43 #include <sys/vdev.h> 44 #include <sys/vdev_impl.h> 45 #include <sys/dmu.h> 46 #include <sys/dsl_dir.h> 47 #include <sys/dsl_dataset.h> 48 #include <sys/dsl_prop.h> 49 #include <sys/dsl_deleg.h> 50 #include <sys/dmu_objset.h> 51 #include <sys/ddi.h> 52 #include <sys/sunddi.h> 53 #include <sys/sunldi.h> 54 #include <sys/policy.h> 55 #include <sys/zone.h> 56 #include <sys/nvpair.h> 57 #include <sys/pathname.h> 58 #include <sys/mount.h> 59 #include <sys/sdt.h> 60 #include <sys/fs/zfs.h> 61 #include <sys/zfs_ctldir.h> 62 #include <sys/zfs_dir.h> 63 #include <sys/zvol.h> 64 #include <sharefs/share.h> 65 #include <sys/dmu_objset.h> 66 67 #include "zfs_namecheck.h" 68 #include "zfs_prop.h" 69 #include "zfs_deleg.h" 70 71 extern struct modlfs zfs_modlfs; 72 73 extern void zfs_init(void); 74 extern void zfs_fini(void); 75 76 ldi_ident_t zfs_li = NULL; 77 dev_info_t *zfs_dip; 78 79 typedef int zfs_ioc_func_t(zfs_cmd_t *); 80 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, cred_t *); 81 82 typedef struct zfs_ioc_vec { 83 zfs_ioc_func_t *zvec_func; 84 zfs_secpolicy_func_t *zvec_secpolicy; 85 enum { 86 NO_NAME, 87 POOL_NAME, 88 DATASET_NAME 89 } zvec_namecheck; 90 boolean_t zvec_his_log; 91 } zfs_ioc_vec_t; 92 93 static void clear_props(char *dataset, nvlist_t *props, nvlist_t *newprops); 94 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *, 95 boolean_t *); 96 int zfs_set_prop_nvlist(const char *, nvlist_t *); 97 98 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */ 99 void 100 __dprintf(const char *file, const char *func, int line, const char *fmt, ...) 101 { 102 const char *newfile; 103 char buf[256]; 104 va_list adx; 105 106 /* 107 * Get rid of annoying "../common/" prefix to filename. 108 */ 109 newfile = strrchr(file, '/'); 110 if (newfile != NULL) { 111 newfile = newfile + 1; /* Get rid of leading / */ 112 } else { 113 newfile = file; 114 } 115 116 va_start(adx, fmt); 117 (void) vsnprintf(buf, sizeof (buf), fmt, adx); 118 va_end(adx); 119 120 /* 121 * To get this data, use the zfs-dprintf probe as so: 122 * dtrace -q -n 'zfs-dprintf \ 123 * /stringof(arg0) == "dbuf.c"/ \ 124 * {printf("%s: %s", stringof(arg1), stringof(arg3))}' 125 * arg0 = file name 126 * arg1 = function name 127 * arg2 = line number 128 * arg3 = message 129 */ 130 DTRACE_PROBE4(zfs__dprintf, 131 char *, newfile, char *, func, int, line, char *, buf); 132 } 133 134 static void 135 history_str_free(char *buf) 136 { 137 kmem_free(buf, HIS_MAX_RECORD_LEN); 138 } 139 140 static char * 141 history_str_get(zfs_cmd_t *zc) 142 { 143 char *buf; 144 145 if (zc->zc_history == NULL) 146 return (NULL); 147 148 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP); 149 if (copyinstr((void *)(uintptr_t)zc->zc_history, 150 buf, HIS_MAX_RECORD_LEN, NULL) != 0) { 151 history_str_free(buf); 152 return (NULL); 153 } 154 155 buf[HIS_MAX_RECORD_LEN -1] = '\0'; 156 157 return (buf); 158 } 159 160 /* 161 * Check to see if the named dataset is currently defined as bootable 162 */ 163 static boolean_t 164 zfs_is_bootfs(const char *name) 165 { 166 spa_t *spa; 167 boolean_t ret = B_FALSE; 168 169 if (spa_open(name, &spa, FTAG) == 0) { 170 if (spa->spa_bootfs) { 171 objset_t *os; 172 173 if (dmu_objset_open(name, DMU_OST_ZFS, 174 DS_MODE_USER | DS_MODE_READONLY, &os) == 0) { 175 ret = (dmu_objset_id(os) == spa->spa_bootfs); 176 dmu_objset_close(os); 177 } 178 } 179 spa_close(spa, FTAG); 180 } 181 return (ret); 182 } 183 184 /* 185 * zfs_earlier_version 186 * 187 * Return non-zero if the spa version is less than requested version. 188 */ 189 static int 190 zfs_earlier_version(const char *name, int version) 191 { 192 spa_t *spa; 193 194 if (spa_open(name, &spa, FTAG) == 0) { 195 if (spa_version(spa) < version) { 196 spa_close(spa, FTAG); 197 return (1); 198 } 199 spa_close(spa, FTAG); 200 } 201 return (0); 202 } 203 204 /* 205 * zpl_earlier_version 206 * 207 * Return TRUE if the ZPL version is less than requested version. 208 */ 209 static boolean_t 210 zpl_earlier_version(const char *name, int version) 211 { 212 objset_t *os; 213 boolean_t rc = B_TRUE; 214 215 if (dmu_objset_open(name, DMU_OST_ANY, 216 DS_MODE_USER | DS_MODE_READONLY, &os) == 0) { 217 uint64_t zplversion; 218 219 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0) 220 rc = zplversion < version; 221 dmu_objset_close(os); 222 } 223 return (rc); 224 } 225 226 static void 227 zfs_log_history(zfs_cmd_t *zc) 228 { 229 spa_t *spa; 230 char *buf; 231 232 if ((buf = history_str_get(zc)) == NULL) 233 return; 234 235 if (spa_open(zc->zc_name, &spa, FTAG) == 0) { 236 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY) 237 (void) spa_history_log(spa, buf, LOG_CMD_NORMAL); 238 spa_close(spa, FTAG); 239 } 240 history_str_free(buf); 241 } 242 243 /* 244 * Policy for top-level read operations (list pools). Requires no privileges, 245 * and can be used in the local zone, as there is no associated dataset. 246 */ 247 /* ARGSUSED */ 248 static int 249 zfs_secpolicy_none(zfs_cmd_t *zc, cred_t *cr) 250 { 251 return (0); 252 } 253 254 /* 255 * Policy for dataset read operations (list children, get statistics). Requires 256 * no privileges, but must be visible in the local zone. 257 */ 258 /* ARGSUSED */ 259 static int 260 zfs_secpolicy_read(zfs_cmd_t *zc, cred_t *cr) 261 { 262 if (INGLOBALZONE(curproc) || 263 zone_dataset_visible(zc->zc_name, NULL)) 264 return (0); 265 266 return (ENOENT); 267 } 268 269 static int 270 zfs_dozonecheck(const char *dataset, cred_t *cr) 271 { 272 uint64_t zoned; 273 int writable = 1; 274 275 /* 276 * The dataset must be visible by this zone -- check this first 277 * so they don't see EPERM on something they shouldn't know about. 278 */ 279 if (!INGLOBALZONE(curproc) && 280 !zone_dataset_visible(dataset, &writable)) 281 return (ENOENT); 282 283 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL)) 284 return (ENOENT); 285 286 if (INGLOBALZONE(curproc)) { 287 /* 288 * If the fs is zoned, only root can access it from the 289 * global zone. 290 */ 291 if (secpolicy_zfs(cr) && zoned) 292 return (EPERM); 293 } else { 294 /* 295 * If we are in a local zone, the 'zoned' property must be set. 296 */ 297 if (!zoned) 298 return (EPERM); 299 300 /* must be writable by this zone */ 301 if (!writable) 302 return (EPERM); 303 } 304 return (0); 305 } 306 307 int 308 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr) 309 { 310 int error; 311 312 error = zfs_dozonecheck(name, cr); 313 if (error == 0) { 314 error = secpolicy_zfs(cr); 315 if (error) 316 error = dsl_deleg_access(name, perm, cr); 317 } 318 return (error); 319 } 320 321 static int 322 zfs_secpolicy_setprop(const char *name, zfs_prop_t prop, cred_t *cr) 323 { 324 /* 325 * Check permissions for special properties. 326 */ 327 switch (prop) { 328 case ZFS_PROP_ZONED: 329 /* 330 * Disallow setting of 'zoned' from within a local zone. 331 */ 332 if (!INGLOBALZONE(curproc)) 333 return (EPERM); 334 break; 335 336 case ZFS_PROP_QUOTA: 337 if (!INGLOBALZONE(curproc)) { 338 uint64_t zoned; 339 char setpoint[MAXNAMELEN]; 340 /* 341 * Unprivileged users are allowed to modify the 342 * quota on things *under* (ie. contained by) 343 * the thing they own. 344 */ 345 if (dsl_prop_get_integer(name, "zoned", &zoned, 346 setpoint)) 347 return (EPERM); 348 if (!zoned || strlen(name) <= strlen(setpoint)) 349 return (EPERM); 350 } 351 break; 352 } 353 354 return (zfs_secpolicy_write_perms(name, zfs_prop_to_name(prop), cr)); 355 } 356 357 int 358 zfs_secpolicy_fsacl(zfs_cmd_t *zc, cred_t *cr) 359 { 360 int error; 361 362 error = zfs_dozonecheck(zc->zc_name, cr); 363 if (error) 364 return (error); 365 366 /* 367 * permission to set permissions will be evaluated later in 368 * dsl_deleg_can_allow() 369 */ 370 return (0); 371 } 372 373 int 374 zfs_secpolicy_rollback(zfs_cmd_t *zc, cred_t *cr) 375 { 376 int error; 377 error = zfs_secpolicy_write_perms(zc->zc_name, 378 ZFS_DELEG_PERM_ROLLBACK, cr); 379 if (error == 0) 380 error = zfs_secpolicy_write_perms(zc->zc_name, 381 ZFS_DELEG_PERM_MOUNT, cr); 382 return (error); 383 } 384 385 int 386 zfs_secpolicy_send(zfs_cmd_t *zc, cred_t *cr) 387 { 388 return (zfs_secpolicy_write_perms(zc->zc_name, 389 ZFS_DELEG_PERM_SEND, cr)); 390 } 391 392 static int 393 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, cred_t *cr) 394 { 395 vnode_t *vp; 396 int error; 397 398 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE, 399 NO_FOLLOW, NULL, &vp)) != 0) 400 return (error); 401 402 /* Now make sure mntpnt and dataset are ZFS */ 403 404 if (vp->v_vfsp->vfs_fstype != zfsfstype || 405 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource), 406 zc->zc_name) != 0)) { 407 VN_RELE(vp); 408 return (EPERM); 409 } 410 411 VN_RELE(vp); 412 return (dsl_deleg_access(zc->zc_name, 413 ZFS_DELEG_PERM_SHARE, cr)); 414 } 415 416 int 417 zfs_secpolicy_share(zfs_cmd_t *zc, cred_t *cr) 418 { 419 if (!INGLOBALZONE(curproc)) 420 return (EPERM); 421 422 if (secpolicy_nfs(cr) == 0) { 423 return (0); 424 } else { 425 return (zfs_secpolicy_deleg_share(zc, cr)); 426 } 427 } 428 429 int 430 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, cred_t *cr) 431 { 432 if (!INGLOBALZONE(curproc)) 433 return (EPERM); 434 435 if (secpolicy_smb(cr) == 0) { 436 return (0); 437 } else { 438 return (zfs_secpolicy_deleg_share(zc, cr)); 439 } 440 } 441 442 static int 443 zfs_get_parent(const char *datasetname, char *parent, int parentsize) 444 { 445 char *cp; 446 447 /* 448 * Remove the @bla or /bla from the end of the name to get the parent. 449 */ 450 (void) strncpy(parent, datasetname, parentsize); 451 cp = strrchr(parent, '@'); 452 if (cp != NULL) { 453 cp[0] = '\0'; 454 } else { 455 cp = strrchr(parent, '/'); 456 if (cp == NULL) 457 return (ENOENT); 458 cp[0] = '\0'; 459 } 460 461 return (0); 462 } 463 464 int 465 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr) 466 { 467 int error; 468 469 if ((error = zfs_secpolicy_write_perms(name, 470 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 471 return (error); 472 473 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr)); 474 } 475 476 static int 477 zfs_secpolicy_destroy(zfs_cmd_t *zc, cred_t *cr) 478 { 479 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr)); 480 } 481 482 /* 483 * Must have sys_config privilege to check the iscsi permission 484 */ 485 /* ARGSUSED */ 486 static int 487 zfs_secpolicy_iscsi(zfs_cmd_t *zc, cred_t *cr) 488 { 489 return (secpolicy_zfs(cr)); 490 } 491 492 int 493 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr) 494 { 495 char parentname[MAXNAMELEN]; 496 int error; 497 498 if ((error = zfs_secpolicy_write_perms(from, 499 ZFS_DELEG_PERM_RENAME, cr)) != 0) 500 return (error); 501 502 if ((error = zfs_secpolicy_write_perms(from, 503 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 504 return (error); 505 506 if ((error = zfs_get_parent(to, parentname, 507 sizeof (parentname))) != 0) 508 return (error); 509 510 if ((error = zfs_secpolicy_write_perms(parentname, 511 ZFS_DELEG_PERM_CREATE, cr)) != 0) 512 return (error); 513 514 if ((error = zfs_secpolicy_write_perms(parentname, 515 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 516 return (error); 517 518 return (error); 519 } 520 521 static int 522 zfs_secpolicy_rename(zfs_cmd_t *zc, cred_t *cr) 523 { 524 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr)); 525 } 526 527 static int 528 zfs_secpolicy_promote(zfs_cmd_t *zc, cred_t *cr) 529 { 530 char parentname[MAXNAMELEN]; 531 objset_t *clone; 532 int error; 533 534 error = zfs_secpolicy_write_perms(zc->zc_name, 535 ZFS_DELEG_PERM_PROMOTE, cr); 536 if (error) 537 return (error); 538 539 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 540 DS_MODE_USER | DS_MODE_READONLY, &clone); 541 542 if (error == 0) { 543 dsl_dataset_t *pclone = NULL; 544 dsl_dir_t *dd; 545 dd = clone->os->os_dsl_dataset->ds_dir; 546 547 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER); 548 error = dsl_dataset_hold_obj(dd->dd_pool, 549 dd->dd_phys->dd_origin_obj, FTAG, &pclone); 550 rw_exit(&dd->dd_pool->dp_config_rwlock); 551 if (error) { 552 dmu_objset_close(clone); 553 return (error); 554 } 555 556 error = zfs_secpolicy_write_perms(zc->zc_name, 557 ZFS_DELEG_PERM_MOUNT, cr); 558 559 dsl_dataset_name(pclone, parentname); 560 dmu_objset_close(clone); 561 dsl_dataset_rele(pclone, FTAG); 562 if (error == 0) 563 error = zfs_secpolicy_write_perms(parentname, 564 ZFS_DELEG_PERM_PROMOTE, cr); 565 } 566 return (error); 567 } 568 569 static int 570 zfs_secpolicy_receive(zfs_cmd_t *zc, cred_t *cr) 571 { 572 int error; 573 574 if ((error = zfs_secpolicy_write_perms(zc->zc_name, 575 ZFS_DELEG_PERM_RECEIVE, cr)) != 0) 576 return (error); 577 578 if ((error = zfs_secpolicy_write_perms(zc->zc_name, 579 ZFS_DELEG_PERM_MOUNT, cr)) != 0) 580 return (error); 581 582 return (zfs_secpolicy_write_perms(zc->zc_name, 583 ZFS_DELEG_PERM_CREATE, cr)); 584 } 585 586 int 587 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr) 588 { 589 int error; 590 591 if ((error = zfs_secpolicy_write_perms(name, 592 ZFS_DELEG_PERM_SNAPSHOT, cr)) != 0) 593 return (error); 594 595 error = zfs_secpolicy_write_perms(name, 596 ZFS_DELEG_PERM_MOUNT, cr); 597 598 return (error); 599 } 600 601 static int 602 zfs_secpolicy_snapshot(zfs_cmd_t *zc, cred_t *cr) 603 { 604 605 return (zfs_secpolicy_snapshot_perms(zc->zc_name, cr)); 606 } 607 608 static int 609 zfs_secpolicy_create(zfs_cmd_t *zc, cred_t *cr) 610 { 611 char parentname[MAXNAMELEN]; 612 int error; 613 614 if ((error = zfs_get_parent(zc->zc_name, parentname, 615 sizeof (parentname))) != 0) 616 return (error); 617 618 if (zc->zc_value[0] != '\0') { 619 if ((error = zfs_secpolicy_write_perms(zc->zc_value, 620 ZFS_DELEG_PERM_CLONE, cr)) != 0) 621 return (error); 622 } 623 624 if ((error = zfs_secpolicy_write_perms(parentname, 625 ZFS_DELEG_PERM_CREATE, cr)) != 0) 626 return (error); 627 628 error = zfs_secpolicy_write_perms(parentname, 629 ZFS_DELEG_PERM_MOUNT, cr); 630 631 return (error); 632 } 633 634 static int 635 zfs_secpolicy_umount(zfs_cmd_t *zc, cred_t *cr) 636 { 637 int error; 638 639 error = secpolicy_fs_unmount(cr, NULL); 640 if (error) { 641 error = dsl_deleg_access(zc->zc_name, ZFS_DELEG_PERM_MOUNT, cr); 642 } 643 return (error); 644 } 645 646 /* 647 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires 648 * SYS_CONFIG privilege, which is not available in a local zone. 649 */ 650 /* ARGSUSED */ 651 static int 652 zfs_secpolicy_config(zfs_cmd_t *zc, cred_t *cr) 653 { 654 if (secpolicy_sys_config(cr, B_FALSE) != 0) 655 return (EPERM); 656 657 return (0); 658 } 659 660 /* 661 * Just like zfs_secpolicy_config, except that we will check for 662 * mount permission on the dataset for permission to create/remove 663 * the minor nodes. 664 */ 665 static int 666 zfs_secpolicy_minor(zfs_cmd_t *zc, cred_t *cr) 667 { 668 if (secpolicy_sys_config(cr, B_FALSE) != 0) { 669 return (dsl_deleg_access(zc->zc_name, 670 ZFS_DELEG_PERM_MOUNT, cr)); 671 } 672 673 return (0); 674 } 675 676 /* 677 * Policy for fault injection. Requires all privileges. 678 */ 679 /* ARGSUSED */ 680 static int 681 zfs_secpolicy_inject(zfs_cmd_t *zc, cred_t *cr) 682 { 683 return (secpolicy_zinject(cr)); 684 } 685 686 static int 687 zfs_secpolicy_inherit(zfs_cmd_t *zc, cred_t *cr) 688 { 689 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value); 690 691 if (prop == ZPROP_INVAL) { 692 if (!zfs_prop_user(zc->zc_value)) 693 return (EINVAL); 694 return (zfs_secpolicy_write_perms(zc->zc_name, 695 ZFS_DELEG_PERM_USERPROP, cr)); 696 } else { 697 if (!zfs_prop_inheritable(prop)) 698 return (EINVAL); 699 return (zfs_secpolicy_setprop(zc->zc_name, prop, cr)); 700 } 701 } 702 703 /* 704 * Returns the nvlist as specified by the user in the zfs_cmd_t. 705 */ 706 static int 707 get_nvlist(uint64_t nvl, uint64_t size, nvlist_t **nvp) 708 { 709 char *packed; 710 int error; 711 nvlist_t *list = NULL; 712 713 /* 714 * Read in and unpack the user-supplied nvlist. 715 */ 716 if (size == 0) 717 return (EINVAL); 718 719 packed = kmem_alloc(size, KM_SLEEP); 720 721 if ((error = xcopyin((void *)(uintptr_t)nvl, packed, size)) != 0) { 722 kmem_free(packed, size); 723 return (error); 724 } 725 726 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) { 727 kmem_free(packed, size); 728 return (error); 729 } 730 731 kmem_free(packed, size); 732 733 *nvp = list; 734 return (0); 735 } 736 737 static int 738 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl) 739 { 740 char *packed = NULL; 741 size_t size; 742 int error; 743 744 VERIFY(nvlist_size(nvl, &size, NV_ENCODE_NATIVE) == 0); 745 746 if (size > zc->zc_nvlist_dst_size) { 747 error = ENOMEM; 748 } else { 749 packed = kmem_alloc(size, KM_SLEEP); 750 VERIFY(nvlist_pack(nvl, &packed, &size, NV_ENCODE_NATIVE, 751 KM_SLEEP) == 0); 752 error = xcopyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst, 753 size); 754 kmem_free(packed, size); 755 } 756 757 zc->zc_nvlist_dst_size = size; 758 return (error); 759 } 760 761 static int 762 zfs_ioc_pool_create(zfs_cmd_t *zc) 763 { 764 int error; 765 nvlist_t *config, *props = NULL; 766 nvlist_t *rootprops = NULL; 767 nvlist_t *zplprops = NULL; 768 char *buf; 769 770 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 771 &config)) 772 return (error); 773 774 if (zc->zc_nvlist_src_size != 0 && (error = 775 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, &props))) { 776 nvlist_free(config); 777 return (error); 778 } 779 780 if (props) { 781 nvlist_t *nvl = NULL; 782 uint64_t version = SPA_VERSION; 783 784 (void) nvlist_lookup_uint64(props, 785 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version); 786 if (version < SPA_VERSION_INITIAL || version > SPA_VERSION) { 787 error = EINVAL; 788 goto pool_props_bad; 789 } 790 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl); 791 if (nvl) { 792 error = nvlist_dup(nvl, &rootprops, KM_SLEEP); 793 if (error != 0) { 794 nvlist_free(config); 795 nvlist_free(props); 796 return (error); 797 } 798 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS); 799 } 800 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0); 801 error = zfs_fill_zplprops_root(version, rootprops, 802 zplprops, NULL); 803 if (error) 804 goto pool_props_bad; 805 } 806 807 buf = history_str_get(zc); 808 809 error = spa_create(zc->zc_name, config, props, buf, zplprops); 810 811 /* 812 * Set the remaining root properties 813 */ 814 if (!error && 815 (error = zfs_set_prop_nvlist(zc->zc_name, rootprops)) != 0) 816 (void) spa_destroy(zc->zc_name); 817 818 if (buf != NULL) 819 history_str_free(buf); 820 821 pool_props_bad: 822 nvlist_free(rootprops); 823 nvlist_free(zplprops); 824 nvlist_free(config); 825 nvlist_free(props); 826 827 return (error); 828 } 829 830 static int 831 zfs_ioc_pool_destroy(zfs_cmd_t *zc) 832 { 833 int error; 834 zfs_log_history(zc); 835 error = spa_destroy(zc->zc_name); 836 return (error); 837 } 838 839 static int 840 zfs_ioc_pool_import(zfs_cmd_t *zc) 841 { 842 int error; 843 nvlist_t *config, *props = NULL; 844 uint64_t guid; 845 846 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 847 &config)) != 0) 848 return (error); 849 850 if (zc->zc_nvlist_src_size != 0 && (error = 851 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, &props))) { 852 nvlist_free(config); 853 return (error); 854 } 855 856 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 || 857 guid != zc->zc_guid) 858 error = EINVAL; 859 else if (zc->zc_cookie) 860 error = spa_import_faulted(zc->zc_name, config, 861 props); 862 else 863 error = spa_import(zc->zc_name, config, props); 864 865 nvlist_free(config); 866 867 if (props) 868 nvlist_free(props); 869 870 return (error); 871 } 872 873 static int 874 zfs_ioc_pool_export(zfs_cmd_t *zc) 875 { 876 int error; 877 boolean_t force = (boolean_t)zc->zc_cookie; 878 boolean_t hardforce = (boolean_t)zc->zc_guid; 879 880 zfs_log_history(zc); 881 error = spa_export(zc->zc_name, NULL, force, hardforce); 882 return (error); 883 } 884 885 static int 886 zfs_ioc_pool_configs(zfs_cmd_t *zc) 887 { 888 nvlist_t *configs; 889 int error; 890 891 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL) 892 return (EEXIST); 893 894 error = put_nvlist(zc, configs); 895 896 nvlist_free(configs); 897 898 return (error); 899 } 900 901 static int 902 zfs_ioc_pool_stats(zfs_cmd_t *zc) 903 { 904 nvlist_t *config; 905 int error; 906 int ret = 0; 907 908 error = spa_get_stats(zc->zc_name, &config, zc->zc_value, 909 sizeof (zc->zc_value)); 910 911 if (config != NULL) { 912 ret = put_nvlist(zc, config); 913 nvlist_free(config); 914 915 /* 916 * The config may be present even if 'error' is non-zero. 917 * In this case we return success, and preserve the real errno 918 * in 'zc_cookie'. 919 */ 920 zc->zc_cookie = error; 921 } else { 922 ret = error; 923 } 924 925 return (ret); 926 } 927 928 /* 929 * Try to import the given pool, returning pool stats as appropriate so that 930 * user land knows which devices are available and overall pool health. 931 */ 932 static int 933 zfs_ioc_pool_tryimport(zfs_cmd_t *zc) 934 { 935 nvlist_t *tryconfig, *config; 936 int error; 937 938 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 939 &tryconfig)) != 0) 940 return (error); 941 942 config = spa_tryimport(tryconfig); 943 944 nvlist_free(tryconfig); 945 946 if (config == NULL) 947 return (EINVAL); 948 949 error = put_nvlist(zc, config); 950 nvlist_free(config); 951 952 return (error); 953 } 954 955 static int 956 zfs_ioc_pool_scrub(zfs_cmd_t *zc) 957 { 958 spa_t *spa; 959 int error; 960 961 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 962 return (error); 963 964 error = spa_scrub(spa, zc->zc_cookie); 965 966 spa_close(spa, FTAG); 967 968 return (error); 969 } 970 971 static int 972 zfs_ioc_pool_freeze(zfs_cmd_t *zc) 973 { 974 spa_t *spa; 975 int error; 976 977 error = spa_open(zc->zc_name, &spa, FTAG); 978 if (error == 0) { 979 spa_freeze(spa); 980 spa_close(spa, FTAG); 981 } 982 return (error); 983 } 984 985 static int 986 zfs_ioc_pool_upgrade(zfs_cmd_t *zc) 987 { 988 spa_t *spa; 989 int error; 990 991 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 992 return (error); 993 994 if (zc->zc_cookie < spa_version(spa) || zc->zc_cookie > SPA_VERSION) { 995 spa_close(spa, FTAG); 996 return (EINVAL); 997 } 998 999 spa_upgrade(spa, zc->zc_cookie); 1000 spa_close(spa, FTAG); 1001 1002 return (error); 1003 } 1004 1005 static int 1006 zfs_ioc_pool_get_history(zfs_cmd_t *zc) 1007 { 1008 spa_t *spa; 1009 char *hist_buf; 1010 uint64_t size; 1011 int error; 1012 1013 if ((size = zc->zc_history_len) == 0) 1014 return (EINVAL); 1015 1016 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1017 return (error); 1018 1019 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) { 1020 spa_close(spa, FTAG); 1021 return (ENOTSUP); 1022 } 1023 1024 hist_buf = kmem_alloc(size, KM_SLEEP); 1025 if ((error = spa_history_get(spa, &zc->zc_history_offset, 1026 &zc->zc_history_len, hist_buf)) == 0) { 1027 error = xcopyout(hist_buf, 1028 (char *)(uintptr_t)zc->zc_history, 1029 zc->zc_history_len); 1030 } 1031 1032 spa_close(spa, FTAG); 1033 kmem_free(hist_buf, size); 1034 return (error); 1035 } 1036 1037 static int 1038 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc) 1039 { 1040 int error; 1041 1042 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value)) 1043 return (error); 1044 1045 return (0); 1046 } 1047 1048 static int 1049 zfs_ioc_obj_to_path(zfs_cmd_t *zc) 1050 { 1051 objset_t *osp; 1052 int error; 1053 1054 if ((error = dmu_objset_open(zc->zc_name, DMU_OST_ZFS, 1055 DS_MODE_USER | DS_MODE_READONLY, &osp)) != 0) 1056 return (error); 1057 error = zfs_obj_to_path(osp, zc->zc_obj, zc->zc_value, 1058 sizeof (zc->zc_value)); 1059 dmu_objset_close(osp); 1060 1061 return (error); 1062 } 1063 1064 static int 1065 zfs_ioc_vdev_add(zfs_cmd_t *zc) 1066 { 1067 spa_t *spa; 1068 int error; 1069 nvlist_t *config, **l2cache, **spares; 1070 uint_t nl2cache = 0, nspares = 0; 1071 1072 error = spa_open(zc->zc_name, &spa, FTAG); 1073 if (error != 0) 1074 return (error); 1075 1076 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 1077 &config); 1078 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE, 1079 &l2cache, &nl2cache); 1080 1081 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES, 1082 &spares, &nspares); 1083 1084 /* 1085 * A root pool with concatenated devices is not supported. 1086 * Thus, can not add a device to a root pool. 1087 * 1088 * Intent log device can not be added to a rootpool because 1089 * during mountroot, zil is replayed, a seperated log device 1090 * can not be accessed during the mountroot time. 1091 * 1092 * l2cache and spare devices are ok to be added to a rootpool. 1093 */ 1094 if (spa->spa_bootfs != 0 && nl2cache == 0 && nspares == 0) { 1095 spa_close(spa, FTAG); 1096 return (EDOM); 1097 } 1098 1099 if (error == 0) { 1100 error = spa_vdev_add(spa, config); 1101 nvlist_free(config); 1102 } 1103 spa_close(spa, FTAG); 1104 return (error); 1105 } 1106 1107 static int 1108 zfs_ioc_vdev_remove(zfs_cmd_t *zc) 1109 { 1110 spa_t *spa; 1111 int error; 1112 1113 error = spa_open(zc->zc_name, &spa, FTAG); 1114 if (error != 0) 1115 return (error); 1116 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE); 1117 spa_close(spa, FTAG); 1118 return (error); 1119 } 1120 1121 static int 1122 zfs_ioc_vdev_set_state(zfs_cmd_t *zc) 1123 { 1124 spa_t *spa; 1125 int error; 1126 vdev_state_t newstate = VDEV_STATE_UNKNOWN; 1127 1128 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1129 return (error); 1130 switch (zc->zc_cookie) { 1131 case VDEV_STATE_ONLINE: 1132 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate); 1133 break; 1134 1135 case VDEV_STATE_OFFLINE: 1136 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj); 1137 break; 1138 1139 case VDEV_STATE_FAULTED: 1140 error = vdev_fault(spa, zc->zc_guid); 1141 break; 1142 1143 case VDEV_STATE_DEGRADED: 1144 error = vdev_degrade(spa, zc->zc_guid); 1145 break; 1146 1147 default: 1148 error = EINVAL; 1149 } 1150 zc->zc_cookie = newstate; 1151 spa_close(spa, FTAG); 1152 return (error); 1153 } 1154 1155 static int 1156 zfs_ioc_vdev_attach(zfs_cmd_t *zc) 1157 { 1158 spa_t *spa; 1159 int replacing = zc->zc_cookie; 1160 nvlist_t *config; 1161 int error; 1162 1163 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1164 return (error); 1165 1166 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size, 1167 &config)) == 0) { 1168 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing); 1169 nvlist_free(config); 1170 } 1171 1172 spa_close(spa, FTAG); 1173 return (error); 1174 } 1175 1176 static int 1177 zfs_ioc_vdev_detach(zfs_cmd_t *zc) 1178 { 1179 spa_t *spa; 1180 int error; 1181 1182 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 1183 return (error); 1184 1185 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE); 1186 1187 spa_close(spa, FTAG); 1188 return (error); 1189 } 1190 1191 static int 1192 zfs_ioc_vdev_setpath(zfs_cmd_t *zc) 1193 { 1194 spa_t *spa; 1195 char *path = zc->zc_value; 1196 uint64_t guid = zc->zc_guid; 1197 int error; 1198 1199 error = spa_open(zc->zc_name, &spa, FTAG); 1200 if (error != 0) 1201 return (error); 1202 1203 error = spa_vdev_setpath(spa, guid, path); 1204 spa_close(spa, FTAG); 1205 return (error); 1206 } 1207 1208 /* 1209 * inputs: 1210 * zc_name name of filesystem 1211 * zc_nvlist_dst_size size of buffer for property nvlist 1212 * 1213 * outputs: 1214 * zc_objset_stats stats 1215 * zc_nvlist_dst property nvlist 1216 * zc_nvlist_dst_size size of property nvlist 1217 */ 1218 static int 1219 zfs_ioc_objset_stats(zfs_cmd_t *zc) 1220 { 1221 objset_t *os = NULL; 1222 int error; 1223 nvlist_t *nv; 1224 1225 if (error = dmu_objset_open(zc->zc_name, 1226 DMU_OST_ANY, DS_MODE_USER | DS_MODE_READONLY, &os)) 1227 return (error); 1228 1229 dmu_objset_fast_stat(os, &zc->zc_objset_stats); 1230 1231 if (zc->zc_nvlist_dst != 0 && 1232 (error = dsl_prop_get_all(os, &nv, FALSE)) == 0) { 1233 dmu_objset_stats(os, nv); 1234 /* 1235 * NB: zvol_get_stats() will read the objset contents, 1236 * which we aren't supposed to do with a 1237 * DS_MODE_USER hold, because it could be 1238 * inconsistent. So this is a bit of a workaround... 1239 */ 1240 if (!zc->zc_objset_stats.dds_inconsistent) { 1241 if (dmu_objset_type(os) == DMU_OST_ZVOL) 1242 VERIFY(zvol_get_stats(os, nv) == 0); 1243 } 1244 error = put_nvlist(zc, nv); 1245 nvlist_free(nv); 1246 } 1247 1248 dmu_objset_close(os); 1249 return (error); 1250 } 1251 1252 static int 1253 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop) 1254 { 1255 uint64_t value; 1256 int error; 1257 1258 /* 1259 * zfs_get_zplprop() will either find a value or give us 1260 * the default value (if there is one). 1261 */ 1262 if ((error = zfs_get_zplprop(os, prop, &value)) != 0) 1263 return (error); 1264 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0); 1265 return (0); 1266 } 1267 1268 /* 1269 * inputs: 1270 * zc_name name of filesystem 1271 * zc_nvlist_dst_size size of buffer for zpl property nvlist 1272 * 1273 * outputs: 1274 * zc_nvlist_dst zpl property nvlist 1275 * zc_nvlist_dst_size size of zpl property nvlist 1276 */ 1277 static int 1278 zfs_ioc_objset_zplprops(zfs_cmd_t *zc) 1279 { 1280 objset_t *os; 1281 int err; 1282 1283 if (err = dmu_objset_open(zc->zc_name, 1284 DMU_OST_ANY, DS_MODE_USER | DS_MODE_READONLY, &os)) 1285 return (err); 1286 1287 dmu_objset_fast_stat(os, &zc->zc_objset_stats); 1288 1289 /* 1290 * NB: nvl_add_zplprop() will read the objset contents, 1291 * which we aren't supposed to do with a DS_MODE_USER 1292 * hold, because it could be inconsistent. 1293 */ 1294 if (zc->zc_nvlist_dst != NULL && 1295 !zc->zc_objset_stats.dds_inconsistent && 1296 dmu_objset_type(os) == DMU_OST_ZFS) { 1297 nvlist_t *nv; 1298 1299 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0); 1300 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 && 1301 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 && 1302 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 && 1303 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0) 1304 err = put_nvlist(zc, nv); 1305 nvlist_free(nv); 1306 } else { 1307 err = ENOENT; 1308 } 1309 dmu_objset_close(os); 1310 return (err); 1311 } 1312 1313 /* 1314 * inputs: 1315 * zc_name name of filesystem 1316 * zc_cookie zap cursor 1317 * zc_nvlist_dst_size size of buffer for property nvlist 1318 * 1319 * outputs: 1320 * zc_name name of next filesystem 1321 * zc_objset_stats stats 1322 * zc_nvlist_dst property nvlist 1323 * zc_nvlist_dst_size size of property nvlist 1324 */ 1325 static int 1326 zfs_ioc_dataset_list_next(zfs_cmd_t *zc) 1327 { 1328 objset_t *os; 1329 int error; 1330 char *p; 1331 1332 if (error = dmu_objset_open(zc->zc_name, 1333 DMU_OST_ANY, DS_MODE_USER | DS_MODE_READONLY, &os)) { 1334 if (error == ENOENT) 1335 error = ESRCH; 1336 return (error); 1337 } 1338 1339 p = strrchr(zc->zc_name, '/'); 1340 if (p == NULL || p[1] != '\0') 1341 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name)); 1342 p = zc->zc_name + strlen(zc->zc_name); 1343 1344 /* 1345 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0 1346 * but is not declared void because its called by dmu_objset_find(). 1347 */ 1348 if (zc->zc_cookie == 0) { 1349 uint64_t cookie = 0; 1350 int len = sizeof (zc->zc_name) - (p - zc->zc_name); 1351 1352 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0) 1353 (void) dmu_objset_prefetch(p, NULL); 1354 } 1355 1356 do { 1357 error = dmu_dir_list_next(os, 1358 sizeof (zc->zc_name) - (p - zc->zc_name), p, 1359 NULL, &zc->zc_cookie); 1360 if (error == ENOENT) 1361 error = ESRCH; 1362 } while (error == 0 && !INGLOBALZONE(curproc) && 1363 !zone_dataset_visible(zc->zc_name, NULL)); 1364 dmu_objset_close(os); 1365 1366 /* 1367 * If it's a hidden dataset (ie. with a '$' in its name), don't 1368 * try to get stats for it. Userland will skip over it. 1369 */ 1370 if (error == 0 && strchr(zc->zc_name, '$') == NULL) 1371 error = zfs_ioc_objset_stats(zc); /* fill in the stats */ 1372 1373 return (error); 1374 } 1375 1376 /* 1377 * inputs: 1378 * zc_name name of filesystem 1379 * zc_cookie zap cursor 1380 * zc_nvlist_dst_size size of buffer for property nvlist 1381 * 1382 * outputs: 1383 * zc_name name of next snapshot 1384 * zc_objset_stats stats 1385 * zc_nvlist_dst property nvlist 1386 * zc_nvlist_dst_size size of property nvlist 1387 */ 1388 static int 1389 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc) 1390 { 1391 objset_t *os; 1392 int error; 1393 1394 error = dmu_objset_open(zc->zc_name, 1395 DMU_OST_ANY, DS_MODE_USER | DS_MODE_READONLY, &os); 1396 if (error) 1397 return (error == ENOENT ? ESRCH : error); 1398 1399 if (zc->zc_cookie == 0) 1400 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch, 1401 NULL, DS_FIND_SNAPSHOTS); 1402 /* 1403 * A dataset name of maximum length cannot have any snapshots, 1404 * so exit immediately. 1405 */ 1406 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) { 1407 dmu_objset_close(os); 1408 return (ESRCH); 1409 } 1410 1411 error = dmu_snapshot_list_next(os, 1412 sizeof (zc->zc_name) - strlen(zc->zc_name), 1413 zc->zc_name + strlen(zc->zc_name), NULL, &zc->zc_cookie, NULL); 1414 dmu_objset_close(os); 1415 if (error == 0) 1416 error = zfs_ioc_objset_stats(zc); /* fill in the stats */ 1417 else if (error == ENOENT) 1418 error = ESRCH; 1419 1420 /* if we failed, undo the @ that we tacked on to zc_name */ 1421 if (error) 1422 *strchr(zc->zc_name, '@') = '\0'; 1423 return (error); 1424 } 1425 1426 int 1427 zfs_set_prop_nvlist(const char *name, nvlist_t *nvl) 1428 { 1429 nvpair_t *elem; 1430 int error = 0; 1431 uint64_t intval; 1432 char *strval; 1433 nvlist_t *genericnvl; 1434 1435 /* 1436 * First validate permission to set all of the properties 1437 */ 1438 elem = NULL; 1439 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1440 const char *propname = nvpair_name(elem); 1441 zfs_prop_t prop = zfs_name_to_prop(propname); 1442 1443 if (prop == ZPROP_INVAL) { 1444 /* 1445 * If this is a user-defined property, it must be a 1446 * string, and there is no further validation to do. 1447 */ 1448 if (!zfs_prop_user(propname) || 1449 nvpair_type(elem) != DATA_TYPE_STRING) 1450 return (EINVAL); 1451 1452 if (error = zfs_secpolicy_write_perms(name, 1453 ZFS_DELEG_PERM_USERPROP, CRED())) 1454 return (error); 1455 continue; 1456 } 1457 1458 if ((error = zfs_secpolicy_setprop(name, prop, CRED())) != 0) 1459 return (error); 1460 1461 /* 1462 * Check that this value is valid for this pool version 1463 */ 1464 switch (prop) { 1465 case ZFS_PROP_COMPRESSION: 1466 /* 1467 * If the user specified gzip compression, make sure 1468 * the SPA supports it. We ignore any errors here since 1469 * we'll catch them later. 1470 */ 1471 if (nvpair_type(elem) == DATA_TYPE_UINT64 && 1472 nvpair_value_uint64(elem, &intval) == 0) { 1473 if (intval >= ZIO_COMPRESS_GZIP_1 && 1474 intval <= ZIO_COMPRESS_GZIP_9 && 1475 zfs_earlier_version(name, 1476 SPA_VERSION_GZIP_COMPRESSION)) 1477 return (ENOTSUP); 1478 1479 /* 1480 * If this is a bootable dataset then 1481 * verify that the compression algorithm 1482 * is supported for booting. We must return 1483 * something other than ENOTSUP since it 1484 * implies a downrev pool version. 1485 */ 1486 if (zfs_is_bootfs(name) && 1487 !BOOTFS_COMPRESS_VALID(intval)) 1488 return (ERANGE); 1489 } 1490 break; 1491 1492 case ZFS_PROP_COPIES: 1493 if (zfs_earlier_version(name, 1494 SPA_VERSION_DITTO_BLOCKS)) 1495 return (ENOTSUP); 1496 break; 1497 1498 case ZFS_PROP_SHARESMB: 1499 if (zpl_earlier_version(name, ZPL_VERSION_FUID)) 1500 return (ENOTSUP); 1501 break; 1502 1503 case ZFS_PROP_ACLINHERIT: 1504 if (nvpair_type(elem) == DATA_TYPE_UINT64 && 1505 nvpair_value_uint64(elem, &intval) == 0) 1506 if (intval == ZFS_ACL_PASSTHROUGH_X && 1507 zfs_earlier_version(name, 1508 SPA_VERSION_PASSTHROUGH_X)) 1509 return (ENOTSUP); 1510 } 1511 } 1512 1513 VERIFY(nvlist_alloc(&genericnvl, NV_UNIQUE_NAME, KM_SLEEP) == 0); 1514 elem = NULL; 1515 while ((elem = nvlist_next_nvpair(nvl, elem)) != NULL) { 1516 const char *propname = nvpair_name(elem); 1517 zfs_prop_t prop = zfs_name_to_prop(propname); 1518 1519 if (prop == ZPROP_INVAL) { 1520 VERIFY(nvpair_value_string(elem, &strval) == 0); 1521 error = dsl_prop_set(name, propname, 1, 1522 strlen(strval) + 1, strval); 1523 if (error == 0) 1524 continue; 1525 else 1526 goto out; 1527 } 1528 1529 switch (prop) { 1530 case ZFS_PROP_QUOTA: 1531 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1532 (error = dsl_dir_set_quota(name, intval)) != 0) 1533 goto out; 1534 break; 1535 1536 case ZFS_PROP_REFQUOTA: 1537 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1538 (error = dsl_dataset_set_quota(name, intval)) != 0) 1539 goto out; 1540 break; 1541 1542 case ZFS_PROP_RESERVATION: 1543 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1544 (error = dsl_dir_set_reservation(name, 1545 intval)) != 0) 1546 goto out; 1547 break; 1548 1549 case ZFS_PROP_REFRESERVATION: 1550 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1551 (error = dsl_dataset_set_reservation(name, 1552 intval)) != 0) 1553 goto out; 1554 break; 1555 1556 case ZFS_PROP_VOLSIZE: 1557 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1558 (error = zvol_set_volsize(name, 1559 ddi_driver_major(zfs_dip), intval)) != 0) 1560 goto out; 1561 break; 1562 1563 case ZFS_PROP_VOLBLOCKSIZE: 1564 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1565 (error = zvol_set_volblocksize(name, intval)) != 0) 1566 goto out; 1567 break; 1568 1569 case ZFS_PROP_VERSION: 1570 if ((error = nvpair_value_uint64(elem, &intval)) != 0 || 1571 (error = zfs_set_version(name, intval)) != 0) 1572 goto out; 1573 break; 1574 1575 default: 1576 if (nvpair_type(elem) == DATA_TYPE_STRING) { 1577 if (zfs_prop_get_type(prop) != 1578 PROP_TYPE_STRING) { 1579 error = EINVAL; 1580 goto out; 1581 } 1582 } else if (nvpair_type(elem) == DATA_TYPE_UINT64) { 1583 const char *unused; 1584 1585 VERIFY(nvpair_value_uint64(elem, &intval) == 0); 1586 1587 switch (zfs_prop_get_type(prop)) { 1588 case PROP_TYPE_NUMBER: 1589 break; 1590 case PROP_TYPE_STRING: 1591 error = EINVAL; 1592 goto out; 1593 case PROP_TYPE_INDEX: 1594 if (zfs_prop_index_to_string(prop, 1595 intval, &unused) != 0) { 1596 error = EINVAL; 1597 goto out; 1598 } 1599 break; 1600 default: 1601 cmn_err(CE_PANIC, 1602 "unknown property type"); 1603 break; 1604 } 1605 } else { 1606 error = EINVAL; 1607 goto out; 1608 } 1609 if ((error = nvlist_add_nvpair(genericnvl, elem)) != 0) 1610 goto out; 1611 } 1612 } 1613 1614 if (nvlist_next_nvpair(genericnvl, NULL) != NULL) { 1615 error = dsl_props_set(name, genericnvl); 1616 } 1617 out: 1618 nvlist_free(genericnvl); 1619 return (error); 1620 } 1621 1622 /* 1623 * inputs: 1624 * zc_name name of filesystem 1625 * zc_value name of property to set 1626 * zc_nvlist_src{_size} nvlist of properties to apply 1627 * zc_cookie clear existing local props? 1628 * 1629 * outputs: none 1630 */ 1631 static int 1632 zfs_ioc_set_prop(zfs_cmd_t *zc) 1633 { 1634 nvlist_t *nvl; 1635 int error; 1636 1637 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1638 &nvl)) != 0) 1639 return (error); 1640 1641 if (zc->zc_cookie) { 1642 nvlist_t *origprops; 1643 objset_t *os; 1644 1645 if (dmu_objset_open(zc->zc_name, DMU_OST_ANY, 1646 DS_MODE_USER | DS_MODE_READONLY, &os) == 0) { 1647 if (dsl_prop_get_all(os, &origprops, TRUE) == 0) { 1648 clear_props(zc->zc_name, origprops, nvl); 1649 nvlist_free(origprops); 1650 } 1651 dmu_objset_close(os); 1652 } 1653 1654 } 1655 1656 error = zfs_set_prop_nvlist(zc->zc_name, nvl); 1657 1658 nvlist_free(nvl); 1659 return (error); 1660 } 1661 1662 /* 1663 * inputs: 1664 * zc_name name of filesystem 1665 * zc_value name of property to inherit 1666 * 1667 * outputs: none 1668 */ 1669 static int 1670 zfs_ioc_inherit_prop(zfs_cmd_t *zc) 1671 { 1672 /* the property name has been validated by zfs_secpolicy_inherit() */ 1673 return (dsl_prop_set(zc->zc_name, zc->zc_value, 0, 0, NULL)); 1674 } 1675 1676 static int 1677 zfs_ioc_pool_set_props(zfs_cmd_t *zc) 1678 { 1679 nvlist_t *props; 1680 spa_t *spa; 1681 int error; 1682 nvpair_t *elem; 1683 1684 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1685 &props))) 1686 return (error); 1687 1688 /* 1689 * If the only property is the configfile, then just do a spa_lookup() 1690 * to handle the faulted case. 1691 */ 1692 elem = nvlist_next_nvpair(props, NULL); 1693 if (elem != NULL && strcmp(nvpair_name(elem), 1694 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 && 1695 nvlist_next_nvpair(props, elem) == NULL) { 1696 mutex_enter(&spa_namespace_lock); 1697 if ((spa = spa_lookup(zc->zc_name)) != NULL) { 1698 spa_configfile_set(spa, props, B_FALSE); 1699 spa_config_sync(spa, B_FALSE, B_TRUE); 1700 } 1701 mutex_exit(&spa_namespace_lock); 1702 if (spa != NULL) 1703 return (0); 1704 } 1705 1706 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) { 1707 nvlist_free(props); 1708 return (error); 1709 } 1710 1711 error = spa_prop_set(spa, props); 1712 1713 nvlist_free(props); 1714 spa_close(spa, FTAG); 1715 1716 return (error); 1717 } 1718 1719 static int 1720 zfs_ioc_pool_get_props(zfs_cmd_t *zc) 1721 { 1722 spa_t *spa; 1723 int error; 1724 nvlist_t *nvp = NULL; 1725 1726 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) { 1727 /* 1728 * If the pool is faulted, there may be properties we can still 1729 * get (such as altroot and cachefile), so attempt to get them 1730 * anyway. 1731 */ 1732 mutex_enter(&spa_namespace_lock); 1733 if ((spa = spa_lookup(zc->zc_name)) != NULL) 1734 error = spa_prop_get(spa, &nvp); 1735 mutex_exit(&spa_namespace_lock); 1736 } else { 1737 error = spa_prop_get(spa, &nvp); 1738 spa_close(spa, FTAG); 1739 } 1740 1741 if (error == 0 && zc->zc_nvlist_dst != NULL) 1742 error = put_nvlist(zc, nvp); 1743 else 1744 error = EFAULT; 1745 1746 nvlist_free(nvp); 1747 return (error); 1748 } 1749 1750 static int 1751 zfs_ioc_iscsi_perm_check(zfs_cmd_t *zc) 1752 { 1753 nvlist_t *nvp; 1754 int error; 1755 uint32_t uid; 1756 uint32_t gid; 1757 uint32_t *groups; 1758 uint_t group_cnt; 1759 cred_t *usercred; 1760 1761 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1762 &nvp)) != 0) { 1763 return (error); 1764 } 1765 1766 if ((error = nvlist_lookup_uint32(nvp, 1767 ZFS_DELEG_PERM_UID, &uid)) != 0) { 1768 nvlist_free(nvp); 1769 return (EPERM); 1770 } 1771 1772 if ((error = nvlist_lookup_uint32(nvp, 1773 ZFS_DELEG_PERM_GID, &gid)) != 0) { 1774 nvlist_free(nvp); 1775 return (EPERM); 1776 } 1777 1778 if ((error = nvlist_lookup_uint32_array(nvp, ZFS_DELEG_PERM_GROUPS, 1779 &groups, &group_cnt)) != 0) { 1780 nvlist_free(nvp); 1781 return (EPERM); 1782 } 1783 usercred = cralloc(); 1784 if ((crsetugid(usercred, uid, gid) != 0) || 1785 (crsetgroups(usercred, group_cnt, (gid_t *)groups) != 0)) { 1786 nvlist_free(nvp); 1787 crfree(usercred); 1788 return (EPERM); 1789 } 1790 nvlist_free(nvp); 1791 error = dsl_deleg_access(zc->zc_name, 1792 zfs_prop_to_name(ZFS_PROP_SHAREISCSI), usercred); 1793 crfree(usercred); 1794 return (error); 1795 } 1796 1797 /* 1798 * inputs: 1799 * zc_name name of filesystem 1800 * zc_nvlist_src{_size} nvlist of delegated permissions 1801 * zc_perm_action allow/unallow flag 1802 * 1803 * outputs: none 1804 */ 1805 static int 1806 zfs_ioc_set_fsacl(zfs_cmd_t *zc) 1807 { 1808 int error; 1809 nvlist_t *fsaclnv = NULL; 1810 1811 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 1812 &fsaclnv)) != 0) 1813 return (error); 1814 1815 /* 1816 * Verify nvlist is constructed correctly 1817 */ 1818 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) { 1819 nvlist_free(fsaclnv); 1820 return (EINVAL); 1821 } 1822 1823 /* 1824 * If we don't have PRIV_SYS_MOUNT, then validate 1825 * that user is allowed to hand out each permission in 1826 * the nvlist(s) 1827 */ 1828 1829 error = secpolicy_zfs(CRED()); 1830 if (error) { 1831 if (zc->zc_perm_action == B_FALSE) { 1832 error = dsl_deleg_can_allow(zc->zc_name, 1833 fsaclnv, CRED()); 1834 } else { 1835 error = dsl_deleg_can_unallow(zc->zc_name, 1836 fsaclnv, CRED()); 1837 } 1838 } 1839 1840 if (error == 0) 1841 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action); 1842 1843 nvlist_free(fsaclnv); 1844 return (error); 1845 } 1846 1847 /* 1848 * inputs: 1849 * zc_name name of filesystem 1850 * 1851 * outputs: 1852 * zc_nvlist_src{_size} nvlist of delegated permissions 1853 */ 1854 static int 1855 zfs_ioc_get_fsacl(zfs_cmd_t *zc) 1856 { 1857 nvlist_t *nvp; 1858 int error; 1859 1860 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) { 1861 error = put_nvlist(zc, nvp); 1862 nvlist_free(nvp); 1863 } 1864 1865 return (error); 1866 } 1867 1868 /* 1869 * inputs: 1870 * zc_name name of volume 1871 * 1872 * outputs: none 1873 */ 1874 static int 1875 zfs_ioc_create_minor(zfs_cmd_t *zc) 1876 { 1877 return (zvol_create_minor(zc->zc_name, ddi_driver_major(zfs_dip))); 1878 } 1879 1880 /* 1881 * inputs: 1882 * zc_name name of volume 1883 * 1884 * outputs: none 1885 */ 1886 static int 1887 zfs_ioc_remove_minor(zfs_cmd_t *zc) 1888 { 1889 return (zvol_remove_minor(zc->zc_name)); 1890 } 1891 1892 /* 1893 * Search the vfs list for a specified resource. Returns a pointer to it 1894 * or NULL if no suitable entry is found. The caller of this routine 1895 * is responsible for releasing the returned vfs pointer. 1896 */ 1897 static vfs_t * 1898 zfs_get_vfs(const char *resource) 1899 { 1900 struct vfs *vfsp; 1901 struct vfs *vfs_found = NULL; 1902 1903 vfs_list_read_lock(); 1904 vfsp = rootvfs; 1905 do { 1906 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) { 1907 VFS_HOLD(vfsp); 1908 vfs_found = vfsp; 1909 break; 1910 } 1911 vfsp = vfsp->vfs_next; 1912 } while (vfsp != rootvfs); 1913 vfs_list_unlock(); 1914 return (vfs_found); 1915 } 1916 1917 /* ARGSUSED */ 1918 static void 1919 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx) 1920 { 1921 zfs_creat_t *zct = arg; 1922 1923 zfs_create_fs(os, cr, zct->zct_zplprops, tx); 1924 } 1925 1926 #define ZFS_PROP_UNDEFINED ((uint64_t)-1) 1927 1928 /* 1929 * inputs: 1930 * createprops list of properties requested by creator 1931 * default_zplver zpl version to use if unspecified in createprops 1932 * fuids_ok fuids allowed in this version of the spa? 1933 * os parent objset pointer (NULL if root fs) 1934 * 1935 * outputs: 1936 * zplprops values for the zplprops we attach to the master node object 1937 * is_ci true if requested file system will be purely case-insensitive 1938 * 1939 * Determine the settings for utf8only, normalization and 1940 * casesensitivity. Specific values may have been requested by the 1941 * creator and/or we can inherit values from the parent dataset. If 1942 * the file system is of too early a vintage, a creator can not 1943 * request settings for these properties, even if the requested 1944 * setting is the default value. We don't actually want to create dsl 1945 * properties for these, so remove them from the source nvlist after 1946 * processing. 1947 */ 1948 static int 1949 zfs_fill_zplprops_impl(objset_t *os, uint64_t default_zplver, 1950 boolean_t fuids_ok, nvlist_t *createprops, nvlist_t *zplprops, 1951 boolean_t *is_ci) 1952 { 1953 uint64_t zplver = default_zplver; 1954 uint64_t sense = ZFS_PROP_UNDEFINED; 1955 uint64_t norm = ZFS_PROP_UNDEFINED; 1956 uint64_t u8 = ZFS_PROP_UNDEFINED; 1957 1958 ASSERT(zplprops != NULL); 1959 1960 /* 1961 * Pull out creator prop choices, if any. 1962 */ 1963 if (createprops) { 1964 (void) nvlist_lookup_uint64(createprops, 1965 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver); 1966 (void) nvlist_lookup_uint64(createprops, 1967 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm); 1968 (void) nvlist_remove_all(createprops, 1969 zfs_prop_to_name(ZFS_PROP_NORMALIZE)); 1970 (void) nvlist_lookup_uint64(createprops, 1971 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8); 1972 (void) nvlist_remove_all(createprops, 1973 zfs_prop_to_name(ZFS_PROP_UTF8ONLY)); 1974 (void) nvlist_lookup_uint64(createprops, 1975 zfs_prop_to_name(ZFS_PROP_CASE), &sense); 1976 (void) nvlist_remove_all(createprops, 1977 zfs_prop_to_name(ZFS_PROP_CASE)); 1978 } 1979 1980 /* 1981 * If the zpl version requested is whacky or the file system 1982 * or pool is version is too "young" to support normalization 1983 * and the creator tried to set a value for one of the props, 1984 * error out. 1985 */ 1986 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) || 1987 (zplver >= ZPL_VERSION_FUID && !fuids_ok) || 1988 (zplver < ZPL_VERSION_NORMALIZATION && 1989 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED || 1990 sense != ZFS_PROP_UNDEFINED))) 1991 return (ENOTSUP); 1992 1993 /* 1994 * Put the version in the zplprops 1995 */ 1996 VERIFY(nvlist_add_uint64(zplprops, 1997 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0); 1998 1999 if (norm == ZFS_PROP_UNDEFINED) 2000 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0); 2001 VERIFY(nvlist_add_uint64(zplprops, 2002 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0); 2003 2004 /* 2005 * If we're normalizing, names must always be valid UTF-8 strings. 2006 */ 2007 if (norm) 2008 u8 = 1; 2009 if (u8 == ZFS_PROP_UNDEFINED) 2010 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0); 2011 VERIFY(nvlist_add_uint64(zplprops, 2012 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0); 2013 2014 if (sense == ZFS_PROP_UNDEFINED) 2015 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0); 2016 VERIFY(nvlist_add_uint64(zplprops, 2017 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0); 2018 2019 if (is_ci) 2020 *is_ci = (sense == ZFS_CASE_INSENSITIVE); 2021 2022 return (0); 2023 } 2024 2025 static int 2026 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops, 2027 nvlist_t *zplprops, boolean_t *is_ci) 2028 { 2029 boolean_t fuids_ok = B_TRUE; 2030 uint64_t zplver = ZPL_VERSION; 2031 objset_t *os = NULL; 2032 char parentname[MAXNAMELEN]; 2033 char *cp; 2034 int error; 2035 2036 (void) strlcpy(parentname, dataset, sizeof (parentname)); 2037 cp = strrchr(parentname, '/'); 2038 ASSERT(cp != NULL); 2039 cp[0] = '\0'; 2040 2041 if (zfs_earlier_version(dataset, SPA_VERSION_FUID)) { 2042 zplver = ZPL_VERSION_FUID - 1; 2043 fuids_ok = B_FALSE; 2044 } 2045 2046 /* 2047 * Open parent object set so we can inherit zplprop values. 2048 */ 2049 if ((error = dmu_objset_open(parentname, DMU_OST_ANY, 2050 DS_MODE_USER | DS_MODE_READONLY, &os)) != 0) 2051 return (error); 2052 2053 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, createprops, 2054 zplprops, is_ci); 2055 dmu_objset_close(os); 2056 return (error); 2057 } 2058 2059 static int 2060 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops, 2061 nvlist_t *zplprops, boolean_t *is_ci) 2062 { 2063 boolean_t fuids_ok = B_TRUE; 2064 uint64_t zplver = ZPL_VERSION; 2065 int error; 2066 2067 if (spa_vers < SPA_VERSION_FUID) { 2068 zplver = ZPL_VERSION_FUID - 1; 2069 fuids_ok = B_FALSE; 2070 } 2071 2072 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, createprops, 2073 zplprops, is_ci); 2074 return (error); 2075 } 2076 2077 /* 2078 * inputs: 2079 * zc_objset_type type of objset to create (fs vs zvol) 2080 * zc_name name of new objset 2081 * zc_value name of snapshot to clone from (may be empty) 2082 * zc_nvlist_src{_size} nvlist of properties to apply 2083 * 2084 * outputs: none 2085 */ 2086 static int 2087 zfs_ioc_create(zfs_cmd_t *zc) 2088 { 2089 objset_t *clone; 2090 int error = 0; 2091 zfs_creat_t zct; 2092 nvlist_t *nvprops = NULL; 2093 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx); 2094 dmu_objset_type_t type = zc->zc_objset_type; 2095 2096 switch (type) { 2097 2098 case DMU_OST_ZFS: 2099 cbfunc = zfs_create_cb; 2100 break; 2101 2102 case DMU_OST_ZVOL: 2103 cbfunc = zvol_create_cb; 2104 break; 2105 2106 default: 2107 cbfunc = NULL; 2108 break; 2109 } 2110 if (strchr(zc->zc_name, '@') || 2111 strchr(zc->zc_name, '%')) 2112 return (EINVAL); 2113 2114 if (zc->zc_nvlist_src != NULL && 2115 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2116 &nvprops)) != 0) 2117 return (error); 2118 2119 zct.zct_zplprops = NULL; 2120 zct.zct_props = nvprops; 2121 2122 if (zc->zc_value[0] != '\0') { 2123 /* 2124 * We're creating a clone of an existing snapshot. 2125 */ 2126 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0'; 2127 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0) { 2128 nvlist_free(nvprops); 2129 return (EINVAL); 2130 } 2131 2132 error = dmu_objset_open(zc->zc_value, type, 2133 DS_MODE_USER | DS_MODE_READONLY, &clone); 2134 if (error) { 2135 nvlist_free(nvprops); 2136 return (error); 2137 } 2138 2139 error = dmu_objset_create(zc->zc_name, type, clone, 0, 2140 NULL, NULL); 2141 if (error) { 2142 dmu_objset_close(clone); 2143 nvlist_free(nvprops); 2144 return (error); 2145 } 2146 dmu_objset_close(clone); 2147 } else { 2148 boolean_t is_insensitive = B_FALSE; 2149 2150 if (cbfunc == NULL) { 2151 nvlist_free(nvprops); 2152 return (EINVAL); 2153 } 2154 2155 if (type == DMU_OST_ZVOL) { 2156 uint64_t volsize, volblocksize; 2157 2158 if (nvprops == NULL || 2159 nvlist_lookup_uint64(nvprops, 2160 zfs_prop_to_name(ZFS_PROP_VOLSIZE), 2161 &volsize) != 0) { 2162 nvlist_free(nvprops); 2163 return (EINVAL); 2164 } 2165 2166 if ((error = nvlist_lookup_uint64(nvprops, 2167 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE), 2168 &volblocksize)) != 0 && error != ENOENT) { 2169 nvlist_free(nvprops); 2170 return (EINVAL); 2171 } 2172 2173 if (error != 0) 2174 volblocksize = zfs_prop_default_numeric( 2175 ZFS_PROP_VOLBLOCKSIZE); 2176 2177 if ((error = zvol_check_volblocksize( 2178 volblocksize)) != 0 || 2179 (error = zvol_check_volsize(volsize, 2180 volblocksize)) != 0) { 2181 nvlist_free(nvprops); 2182 return (error); 2183 } 2184 } else if (type == DMU_OST_ZFS) { 2185 int error; 2186 2187 /* 2188 * We have to have normalization and 2189 * case-folding flags correct when we do the 2190 * file system creation, so go figure them out 2191 * now. 2192 */ 2193 VERIFY(nvlist_alloc(&zct.zct_zplprops, 2194 NV_UNIQUE_NAME, KM_SLEEP) == 0); 2195 error = zfs_fill_zplprops(zc->zc_name, nvprops, 2196 zct.zct_zplprops, &is_insensitive); 2197 if (error != 0) { 2198 nvlist_free(nvprops); 2199 nvlist_free(zct.zct_zplprops); 2200 return (error); 2201 } 2202 } 2203 error = dmu_objset_create(zc->zc_name, type, NULL, 2204 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct); 2205 nvlist_free(zct.zct_zplprops); 2206 } 2207 2208 /* 2209 * It would be nice to do this atomically. 2210 */ 2211 if (error == 0) { 2212 if ((error = zfs_set_prop_nvlist(zc->zc_name, nvprops)) != 0) 2213 (void) dmu_objset_destroy(zc->zc_name); 2214 } 2215 nvlist_free(nvprops); 2216 return (error); 2217 } 2218 2219 struct snap_prop_arg { 2220 nvlist_t *nvprops; 2221 const char *snapname; 2222 }; 2223 2224 static int 2225 set_snap_props(char *name, void *arg) 2226 { 2227 struct snap_prop_arg *snpa = arg; 2228 int len = strlen(name) + strlen(snpa->snapname) + 2; 2229 char *buf = kmem_alloc(len, KM_SLEEP); 2230 int err; 2231 2232 (void) snprintf(buf, len, "%s@%s", name, snpa->snapname); 2233 err = zfs_set_prop_nvlist(buf, snpa->nvprops); 2234 if (err) 2235 (void) dmu_objset_destroy(buf); 2236 kmem_free(buf, len); 2237 return (err); 2238 } 2239 2240 /* 2241 * inputs: 2242 * zc_name name of filesystem 2243 * zc_value short name of snapshot 2244 * zc_cookie recursive flag 2245 * 2246 * outputs: none 2247 */ 2248 static int 2249 zfs_ioc_snapshot(zfs_cmd_t *zc) 2250 { 2251 nvlist_t *nvprops = NULL; 2252 int error; 2253 boolean_t recursive = zc->zc_cookie; 2254 2255 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 2256 return (EINVAL); 2257 2258 if (zc->zc_nvlist_src != NULL && 2259 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2260 &nvprops)) != 0) 2261 return (error); 2262 2263 error = dmu_objset_snapshot(zc->zc_name, zc->zc_value, recursive); 2264 2265 /* 2266 * It would be nice to do this atomically. 2267 */ 2268 if (error == 0) { 2269 struct snap_prop_arg snpa; 2270 snpa.nvprops = nvprops; 2271 snpa.snapname = zc->zc_value; 2272 if (recursive) { 2273 error = dmu_objset_find(zc->zc_name, 2274 set_snap_props, &snpa, DS_FIND_CHILDREN); 2275 if (error) { 2276 (void) dmu_snapshots_destroy(zc->zc_name, 2277 zc->zc_value); 2278 } 2279 } else { 2280 error = set_snap_props(zc->zc_name, &snpa); 2281 } 2282 } 2283 nvlist_free(nvprops); 2284 return (error); 2285 } 2286 2287 int 2288 zfs_unmount_snap(char *name, void *arg) 2289 { 2290 vfs_t *vfsp = NULL; 2291 2292 if (arg) { 2293 char *snapname = arg; 2294 int len = strlen(name) + strlen(snapname) + 2; 2295 char *buf = kmem_alloc(len, KM_SLEEP); 2296 2297 (void) strcpy(buf, name); 2298 (void) strcat(buf, "@"); 2299 (void) strcat(buf, snapname); 2300 vfsp = zfs_get_vfs(buf); 2301 kmem_free(buf, len); 2302 } else if (strchr(name, '@')) { 2303 vfsp = zfs_get_vfs(name); 2304 } 2305 2306 if (vfsp) { 2307 /* 2308 * Always force the unmount for snapshots. 2309 */ 2310 int flag = MS_FORCE; 2311 int err; 2312 2313 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) { 2314 VFS_RELE(vfsp); 2315 return (err); 2316 } 2317 VFS_RELE(vfsp); 2318 if ((err = dounmount(vfsp, flag, kcred)) != 0) 2319 return (err); 2320 } 2321 return (0); 2322 } 2323 2324 /* 2325 * inputs: 2326 * zc_name name of filesystem 2327 * zc_value short name of snapshot 2328 * 2329 * outputs: none 2330 */ 2331 static int 2332 zfs_ioc_destroy_snaps(zfs_cmd_t *zc) 2333 { 2334 int err; 2335 2336 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0) 2337 return (EINVAL); 2338 err = dmu_objset_find(zc->zc_name, 2339 zfs_unmount_snap, zc->zc_value, DS_FIND_CHILDREN); 2340 if (err) 2341 return (err); 2342 return (dmu_snapshots_destroy(zc->zc_name, zc->zc_value)); 2343 } 2344 2345 /* 2346 * inputs: 2347 * zc_name name of dataset to destroy 2348 * zc_objset_type type of objset 2349 * 2350 * outputs: none 2351 */ 2352 static int 2353 zfs_ioc_destroy(zfs_cmd_t *zc) 2354 { 2355 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) { 2356 int err = zfs_unmount_snap(zc->zc_name, NULL); 2357 if (err) 2358 return (err); 2359 } 2360 2361 return (dmu_objset_destroy(zc->zc_name)); 2362 } 2363 2364 /* 2365 * inputs: 2366 * zc_name name of dataset to rollback (to most recent snapshot) 2367 * 2368 * outputs: none 2369 */ 2370 static int 2371 zfs_ioc_rollback(zfs_cmd_t *zc) 2372 { 2373 objset_t *os; 2374 int error; 2375 zfsvfs_t *zfsvfs = NULL; 2376 2377 /* 2378 * Get the zfsvfs for the receiving objset. There 2379 * won't be one if we're operating on a zvol, if the 2380 * objset doesn't exist yet, or is not mounted. 2381 */ 2382 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, DS_MODE_USER, &os); 2383 if (error) 2384 return (error); 2385 2386 if (dmu_objset_type(os) == DMU_OST_ZFS) { 2387 mutex_enter(&os->os->os_user_ptr_lock); 2388 zfsvfs = dmu_objset_get_user(os); 2389 if (zfsvfs != NULL) 2390 VFS_HOLD(zfsvfs->z_vfs); 2391 mutex_exit(&os->os->os_user_ptr_lock); 2392 } 2393 2394 if (zfsvfs != NULL) { 2395 char *osname; 2396 int mode; 2397 2398 osname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 2399 error = zfs_suspend_fs(zfsvfs, osname, &mode); 2400 if (error == 0) { 2401 int resume_err; 2402 2403 ASSERT(strcmp(osname, zc->zc_name) == 0); 2404 error = dmu_objset_rollback(os); 2405 resume_err = zfs_resume_fs(zfsvfs, osname, mode); 2406 error = error ? error : resume_err; 2407 } else { 2408 dmu_objset_close(os); 2409 } 2410 kmem_free(osname, MAXNAMELEN); 2411 VFS_RELE(zfsvfs->z_vfs); 2412 } else { 2413 error = dmu_objset_rollback(os); 2414 } 2415 /* Note, the dmu_objset_rollback() releases the objset for us. */ 2416 2417 return (error); 2418 } 2419 2420 /* 2421 * inputs: 2422 * zc_name old name of dataset 2423 * zc_value new name of dataset 2424 * zc_cookie recursive flag (only valid for snapshots) 2425 * 2426 * outputs: none 2427 */ 2428 static int 2429 zfs_ioc_rename(zfs_cmd_t *zc) 2430 { 2431 boolean_t recursive = zc->zc_cookie & 1; 2432 2433 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0'; 2434 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 || 2435 strchr(zc->zc_value, '%')) 2436 return (EINVAL); 2437 2438 /* 2439 * Unmount snapshot unless we're doing a recursive rename, 2440 * in which case the dataset code figures out which snapshots 2441 * to unmount. 2442 */ 2443 if (!recursive && strchr(zc->zc_name, '@') != NULL && 2444 zc->zc_objset_type == DMU_OST_ZFS) { 2445 int err = zfs_unmount_snap(zc->zc_name, NULL); 2446 if (err) 2447 return (err); 2448 } 2449 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive)); 2450 } 2451 2452 static void 2453 clear_props(char *dataset, nvlist_t *props, nvlist_t *newprops) 2454 { 2455 zfs_cmd_t *zc; 2456 nvpair_t *prop; 2457 2458 if (props == NULL) 2459 return; 2460 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP); 2461 (void) strcpy(zc->zc_name, dataset); 2462 for (prop = nvlist_next_nvpair(props, NULL); prop; 2463 prop = nvlist_next_nvpair(props, prop)) { 2464 if (newprops != NULL && 2465 nvlist_exists(newprops, nvpair_name(prop))) 2466 continue; 2467 (void) strcpy(zc->zc_value, nvpair_name(prop)); 2468 if (zfs_secpolicy_inherit(zc, CRED()) == 0) 2469 (void) zfs_ioc_inherit_prop(zc); 2470 } 2471 kmem_free(zc, sizeof (zfs_cmd_t)); 2472 } 2473 2474 /* 2475 * inputs: 2476 * zc_name name of containing filesystem 2477 * zc_nvlist_src{_size} nvlist of properties to apply 2478 * zc_value name of snapshot to create 2479 * zc_string name of clone origin (if DRR_FLAG_CLONE) 2480 * zc_cookie file descriptor to recv from 2481 * zc_begin_record the BEGIN record of the stream (not byteswapped) 2482 * zc_guid force flag 2483 * 2484 * outputs: 2485 * zc_cookie number of bytes read 2486 */ 2487 static int 2488 zfs_ioc_recv(zfs_cmd_t *zc) 2489 { 2490 file_t *fp; 2491 objset_t *os; 2492 dmu_recv_cookie_t drc; 2493 zfsvfs_t *zfsvfs = NULL; 2494 boolean_t force = (boolean_t)zc->zc_guid; 2495 int error, fd; 2496 offset_t off; 2497 nvlist_t *props = NULL; 2498 nvlist_t *origprops = NULL; 2499 objset_t *origin = NULL; 2500 char *tosnap; 2501 char tofs[ZFS_MAXNAMELEN]; 2502 2503 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 || 2504 strchr(zc->zc_value, '@') == NULL || 2505 strchr(zc->zc_value, '%')) 2506 return (EINVAL); 2507 2508 (void) strcpy(tofs, zc->zc_value); 2509 tosnap = strchr(tofs, '@'); 2510 *tosnap = '\0'; 2511 tosnap++; 2512 2513 if (zc->zc_nvlist_src != NULL && 2514 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size, 2515 &props)) != 0) 2516 return (error); 2517 2518 fd = zc->zc_cookie; 2519 fp = getf(fd); 2520 if (fp == NULL) { 2521 nvlist_free(props); 2522 return (EBADF); 2523 } 2524 2525 if (dmu_objset_open(tofs, DMU_OST_ANY, 2526 DS_MODE_USER | DS_MODE_READONLY, &os) == 0) { 2527 /* 2528 * Try to get the zfsvfs for the receiving objset. 2529 * There won't be one if we're operating on a zvol, 2530 * if the objset doesn't exist yet, or is not mounted. 2531 */ 2532 mutex_enter(&os->os->os_user_ptr_lock); 2533 if (zfsvfs = dmu_objset_get_user(os)) { 2534 if (!mutex_tryenter(&zfsvfs->z_online_recv_lock)) { 2535 mutex_exit(&os->os->os_user_ptr_lock); 2536 dmu_objset_close(os); 2537 zfsvfs = NULL; 2538 error = EBUSY; 2539 goto out; 2540 } 2541 VFS_HOLD(zfsvfs->z_vfs); 2542 } 2543 mutex_exit(&os->os->os_user_ptr_lock); 2544 2545 /* 2546 * If new properties are supplied, they are to completely 2547 * replace the existing ones, so stash away the existing ones. 2548 */ 2549 if (props) 2550 (void) dsl_prop_get_all(os, &origprops, TRUE); 2551 2552 dmu_objset_close(os); 2553 } 2554 2555 if (zc->zc_string[0]) { 2556 error = dmu_objset_open(zc->zc_string, DMU_OST_ANY, 2557 DS_MODE_USER | DS_MODE_READONLY, &origin); 2558 if (error) 2559 goto out; 2560 } 2561 2562 error = dmu_recv_begin(tofs, tosnap, &zc->zc_begin_record, 2563 force, origin, zfsvfs != NULL, &drc); 2564 if (origin) 2565 dmu_objset_close(origin); 2566 if (error) 2567 goto out; 2568 2569 /* 2570 * Reset properties. We do this before we receive the stream 2571 * so that the properties are applied to the new data. 2572 */ 2573 if (props) { 2574 clear_props(tofs, origprops, props); 2575 /* 2576 * XXX - Note, this is all-or-nothing; should be best-effort. 2577 */ 2578 (void) zfs_set_prop_nvlist(tofs, props); 2579 } 2580 2581 off = fp->f_offset; 2582 error = dmu_recv_stream(&drc, fp->f_vnode, &off); 2583 2584 if (error == 0 && zfsvfs) { 2585 char *osname; 2586 int mode; 2587 2588 /* online recv */ 2589 osname = kmem_alloc(MAXNAMELEN, KM_SLEEP); 2590 error = zfs_suspend_fs(zfsvfs, osname, &mode); 2591 if (error == 0) { 2592 int resume_err; 2593 2594 error = dmu_recv_end(&drc); 2595 resume_err = zfs_resume_fs(zfsvfs, osname, mode); 2596 error = error ? error : resume_err; 2597 } else { 2598 dmu_recv_abort_cleanup(&drc); 2599 } 2600 kmem_free(osname, MAXNAMELEN); 2601 } else if (error == 0) { 2602 error = dmu_recv_end(&drc); 2603 } 2604 2605 zc->zc_cookie = off - fp->f_offset; 2606 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0) 2607 fp->f_offset = off; 2608 2609 /* 2610 * On error, restore the original props. 2611 */ 2612 if (error && props) { 2613 clear_props(tofs, props, NULL); 2614 (void) zfs_set_prop_nvlist(tofs, origprops); 2615 } 2616 out: 2617 if (zfsvfs) { 2618 mutex_exit(&zfsvfs->z_online_recv_lock); 2619 VFS_RELE(zfsvfs->z_vfs); 2620 } 2621 nvlist_free(props); 2622 nvlist_free(origprops); 2623 releasef(fd); 2624 return (error); 2625 } 2626 2627 /* 2628 * inputs: 2629 * zc_name name of snapshot to send 2630 * zc_value short name of incremental fromsnap (may be empty) 2631 * zc_cookie file descriptor to send stream to 2632 * zc_obj fromorigin flag (mutually exclusive with zc_value) 2633 * 2634 * outputs: none 2635 */ 2636 static int 2637 zfs_ioc_send(zfs_cmd_t *zc) 2638 { 2639 objset_t *fromsnap = NULL; 2640 objset_t *tosnap; 2641 file_t *fp; 2642 int error; 2643 offset_t off; 2644 2645 error = dmu_objset_open(zc->zc_name, DMU_OST_ANY, 2646 DS_MODE_USER | DS_MODE_READONLY, &tosnap); 2647 if (error) 2648 return (error); 2649 2650 if (zc->zc_value[0] != '\0') { 2651 char *buf; 2652 char *cp; 2653 2654 buf = kmem_alloc(MAXPATHLEN, KM_SLEEP); 2655 (void) strncpy(buf, zc->zc_name, MAXPATHLEN); 2656 cp = strchr(buf, '@'); 2657 if (cp) 2658 *(cp+1) = 0; 2659 (void) strncat(buf, zc->zc_value, MAXPATHLEN); 2660 error = dmu_objset_open(buf, DMU_OST_ANY, 2661 DS_MODE_USER | DS_MODE_READONLY, &fromsnap); 2662 kmem_free(buf, MAXPATHLEN); 2663 if (error) { 2664 dmu_objset_close(tosnap); 2665 return (error); 2666 } 2667 } 2668 2669 fp = getf(zc->zc_cookie); 2670 if (fp == NULL) { 2671 dmu_objset_close(tosnap); 2672 if (fromsnap) 2673 dmu_objset_close(fromsnap); 2674 return (EBADF); 2675 } 2676 2677 off = fp->f_offset; 2678 error = dmu_sendbackup(tosnap, fromsnap, zc->zc_obj, fp->f_vnode, &off); 2679 2680 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0) 2681 fp->f_offset = off; 2682 releasef(zc->zc_cookie); 2683 if (fromsnap) 2684 dmu_objset_close(fromsnap); 2685 dmu_objset_close(tosnap); 2686 return (error); 2687 } 2688 2689 static int 2690 zfs_ioc_inject_fault(zfs_cmd_t *zc) 2691 { 2692 int id, error; 2693 2694 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id, 2695 &zc->zc_inject_record); 2696 2697 if (error == 0) 2698 zc->zc_guid = (uint64_t)id; 2699 2700 return (error); 2701 } 2702 2703 static int 2704 zfs_ioc_clear_fault(zfs_cmd_t *zc) 2705 { 2706 return (zio_clear_fault((int)zc->zc_guid)); 2707 } 2708 2709 static int 2710 zfs_ioc_inject_list_next(zfs_cmd_t *zc) 2711 { 2712 int id = (int)zc->zc_guid; 2713 int error; 2714 2715 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name), 2716 &zc->zc_inject_record); 2717 2718 zc->zc_guid = id; 2719 2720 return (error); 2721 } 2722 2723 static int 2724 zfs_ioc_error_log(zfs_cmd_t *zc) 2725 { 2726 spa_t *spa; 2727 int error; 2728 size_t count = (size_t)zc->zc_nvlist_dst_size; 2729 2730 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 2731 return (error); 2732 2733 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst, 2734 &count); 2735 if (error == 0) 2736 zc->zc_nvlist_dst_size = count; 2737 else 2738 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa); 2739 2740 spa_close(spa, FTAG); 2741 2742 return (error); 2743 } 2744 2745 static int 2746 zfs_ioc_clear(zfs_cmd_t *zc) 2747 { 2748 spa_t *spa; 2749 vdev_t *vd; 2750 int error; 2751 2752 /* 2753 * On zpool clear we also fix up missing slogs 2754 */ 2755 mutex_enter(&spa_namespace_lock); 2756 spa = spa_lookup(zc->zc_name); 2757 if (spa == NULL) { 2758 mutex_exit(&spa_namespace_lock); 2759 return (EIO); 2760 } 2761 if (spa->spa_log_state == SPA_LOG_MISSING) { 2762 /* we need to let spa_open/spa_load clear the chains */ 2763 spa->spa_log_state = SPA_LOG_CLEAR; 2764 } 2765 mutex_exit(&spa_namespace_lock); 2766 2767 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) 2768 return (error); 2769 2770 spa_vdev_state_enter(spa); 2771 2772 if (zc->zc_guid == 0) { 2773 vd = NULL; 2774 } else { 2775 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE); 2776 if (vd == NULL) { 2777 (void) spa_vdev_state_exit(spa, NULL, ENODEV); 2778 spa_close(spa, FTAG); 2779 return (ENODEV); 2780 } 2781 } 2782 2783 vdev_clear(spa, vd); 2784 2785 (void) spa_vdev_state_exit(spa, NULL, 0); 2786 2787 /* 2788 * Resume any suspended I/Os. 2789 */ 2790 zio_resume(spa); 2791 2792 spa_close(spa, FTAG); 2793 2794 return (0); 2795 } 2796 2797 /* 2798 * inputs: 2799 * zc_name name of filesystem 2800 * zc_value name of origin snapshot 2801 * 2802 * outputs: none 2803 */ 2804 static int 2805 zfs_ioc_promote(zfs_cmd_t *zc) 2806 { 2807 char *cp; 2808 2809 /* 2810 * We don't need to unmount *all* the origin fs's snapshots, but 2811 * it's easier. 2812 */ 2813 cp = strchr(zc->zc_value, '@'); 2814 if (cp) 2815 *cp = '\0'; 2816 (void) dmu_objset_find(zc->zc_value, 2817 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS); 2818 return (dsl_dataset_promote(zc->zc_name)); 2819 } 2820 2821 /* 2822 * We don't want to have a hard dependency 2823 * against some special symbols in sharefs 2824 * nfs, and smbsrv. Determine them if needed when 2825 * the first file system is shared. 2826 * Neither sharefs, nfs or smbsrv are unloadable modules. 2827 */ 2828 int (*znfsexport_fs)(void *arg); 2829 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t); 2830 int (*zsmbexport_fs)(void *arg, boolean_t add_share); 2831 2832 int zfs_nfsshare_inited; 2833 int zfs_smbshare_inited; 2834 2835 ddi_modhandle_t nfs_mod; 2836 ddi_modhandle_t sharefs_mod; 2837 ddi_modhandle_t smbsrv_mod; 2838 kmutex_t zfs_share_lock; 2839 2840 static int 2841 zfs_init_sharefs() 2842 { 2843 int error; 2844 2845 ASSERT(MUTEX_HELD(&zfs_share_lock)); 2846 /* Both NFS and SMB shares also require sharetab support. */ 2847 if (sharefs_mod == NULL && ((sharefs_mod = 2848 ddi_modopen("fs/sharefs", 2849 KRTLD_MODE_FIRST, &error)) == NULL)) { 2850 return (ENOSYS); 2851 } 2852 if (zshare_fs == NULL && ((zshare_fs = 2853 (int (*)(enum sharefs_sys_op, share_t *, uint32_t)) 2854 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) { 2855 return (ENOSYS); 2856 } 2857 return (0); 2858 } 2859 2860 static int 2861 zfs_ioc_share(zfs_cmd_t *zc) 2862 { 2863 int error; 2864 int opcode; 2865 2866 switch (zc->zc_share.z_sharetype) { 2867 case ZFS_SHARE_NFS: 2868 case ZFS_UNSHARE_NFS: 2869 if (zfs_nfsshare_inited == 0) { 2870 mutex_enter(&zfs_share_lock); 2871 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs", 2872 KRTLD_MODE_FIRST, &error)) == NULL)) { 2873 mutex_exit(&zfs_share_lock); 2874 return (ENOSYS); 2875 } 2876 if (znfsexport_fs == NULL && 2877 ((znfsexport_fs = (int (*)(void *)) 2878 ddi_modsym(nfs_mod, 2879 "nfs_export", &error)) == NULL)) { 2880 mutex_exit(&zfs_share_lock); 2881 return (ENOSYS); 2882 } 2883 error = zfs_init_sharefs(); 2884 if (error) { 2885 mutex_exit(&zfs_share_lock); 2886 return (ENOSYS); 2887 } 2888 zfs_nfsshare_inited = 1; 2889 mutex_exit(&zfs_share_lock); 2890 } 2891 break; 2892 case ZFS_SHARE_SMB: 2893 case ZFS_UNSHARE_SMB: 2894 if (zfs_smbshare_inited == 0) { 2895 mutex_enter(&zfs_share_lock); 2896 if (smbsrv_mod == NULL && ((smbsrv_mod = 2897 ddi_modopen("drv/smbsrv", 2898 KRTLD_MODE_FIRST, &error)) == NULL)) { 2899 mutex_exit(&zfs_share_lock); 2900 return (ENOSYS); 2901 } 2902 if (zsmbexport_fs == NULL && ((zsmbexport_fs = 2903 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod, 2904 "smb_server_share", &error)) == NULL)) { 2905 mutex_exit(&zfs_share_lock); 2906 return (ENOSYS); 2907 } 2908 error = zfs_init_sharefs(); 2909 if (error) { 2910 mutex_exit(&zfs_share_lock); 2911 return (ENOSYS); 2912 } 2913 zfs_smbshare_inited = 1; 2914 mutex_exit(&zfs_share_lock); 2915 } 2916 break; 2917 default: 2918 return (EINVAL); 2919 } 2920 2921 switch (zc->zc_share.z_sharetype) { 2922 case ZFS_SHARE_NFS: 2923 case ZFS_UNSHARE_NFS: 2924 if (error = 2925 znfsexport_fs((void *) 2926 (uintptr_t)zc->zc_share.z_exportdata)) 2927 return (error); 2928 break; 2929 case ZFS_SHARE_SMB: 2930 case ZFS_UNSHARE_SMB: 2931 if (error = zsmbexport_fs((void *) 2932 (uintptr_t)zc->zc_share.z_exportdata, 2933 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ? 2934 B_TRUE: B_FALSE)) { 2935 return (error); 2936 } 2937 break; 2938 } 2939 2940 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS || 2941 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ? 2942 SHAREFS_ADD : SHAREFS_REMOVE; 2943 2944 /* 2945 * Add or remove share from sharetab 2946 */ 2947 error = zshare_fs(opcode, 2948 (void *)(uintptr_t)zc->zc_share.z_sharedata, 2949 zc->zc_share.z_sharemax); 2950 2951 return (error); 2952 2953 } 2954 2955 ace_t full_access[] = { 2956 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0} 2957 }; 2958 2959 /* 2960 * Remove all ACL files in shares dir 2961 */ 2962 static int 2963 zfs_smb_acl_purge(znode_t *dzp) 2964 { 2965 zap_cursor_t zc; 2966 zap_attribute_t zap; 2967 zfsvfs_t *zfsvfs = dzp->z_zfsvfs; 2968 int error; 2969 2970 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id); 2971 (error = zap_cursor_retrieve(&zc, &zap)) == 0; 2972 zap_cursor_advance(&zc)) { 2973 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred, 2974 NULL, 0)) != 0) 2975 break; 2976 } 2977 zap_cursor_fini(&zc); 2978 return (error); 2979 } 2980 2981 static int 2982 zfs_ioc_smb_acl(zfs_cmd_t *zc) 2983 { 2984 vnode_t *vp; 2985 znode_t *dzp; 2986 vnode_t *resourcevp = NULL; 2987 znode_t *sharedir; 2988 zfsvfs_t *zfsvfs; 2989 nvlist_t *nvlist; 2990 char *src, *target; 2991 vattr_t vattr; 2992 vsecattr_t vsec; 2993 int error = 0; 2994 2995 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE, 2996 NO_FOLLOW, NULL, &vp)) != 0) 2997 return (error); 2998 2999 /* Now make sure mntpnt and dataset are ZFS */ 3000 3001 if (vp->v_vfsp->vfs_fstype != zfsfstype || 3002 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource), 3003 zc->zc_name) != 0)) { 3004 VN_RELE(vp); 3005 return (EINVAL); 3006 } 3007 3008 dzp = VTOZ(vp); 3009 zfsvfs = dzp->z_zfsvfs; 3010 ZFS_ENTER(zfsvfs); 3011 3012 /* 3013 * Create share dir if its missing. 3014 */ 3015 mutex_enter(&zfsvfs->z_lock); 3016 if (zfsvfs->z_shares_dir == 0) { 3017 dmu_tx_t *tx; 3018 3019 tx = dmu_tx_create(zfsvfs->z_os); 3020 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE, 3021 ZFS_SHARES_DIR); 3022 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL); 3023 error = dmu_tx_assign(tx, TXG_WAIT); 3024 if (error) { 3025 dmu_tx_abort(tx); 3026 } else { 3027 error = zfs_create_share_dir(zfsvfs, tx); 3028 dmu_tx_commit(tx); 3029 } 3030 if (error) { 3031 mutex_exit(&zfsvfs->z_lock); 3032 VN_RELE(vp); 3033 ZFS_EXIT(zfsvfs); 3034 return (error); 3035 } 3036 } 3037 mutex_exit(&zfsvfs->z_lock); 3038 3039 ASSERT(zfsvfs->z_shares_dir); 3040 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) { 3041 VN_RELE(vp); 3042 ZFS_EXIT(zfsvfs); 3043 return (error); 3044 } 3045 3046 switch (zc->zc_cookie) { 3047 case ZFS_SMB_ACL_ADD: 3048 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE; 3049 vattr.va_type = VREG; 3050 vattr.va_mode = S_IFREG|0777; 3051 vattr.va_uid = 0; 3052 vattr.va_gid = 0; 3053 3054 vsec.vsa_mask = VSA_ACE; 3055 vsec.vsa_aclentp = &full_access; 3056 vsec.vsa_aclentsz = sizeof (full_access); 3057 vsec.vsa_aclcnt = 1; 3058 3059 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string, 3060 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec); 3061 if (resourcevp) 3062 VN_RELE(resourcevp); 3063 break; 3064 3065 case ZFS_SMB_ACL_REMOVE: 3066 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred, 3067 NULL, 0); 3068 break; 3069 3070 case ZFS_SMB_ACL_RENAME: 3071 if ((error = get_nvlist(zc->zc_nvlist_src, 3072 zc->zc_nvlist_src_size, &nvlist)) != 0) { 3073 VN_RELE(vp); 3074 ZFS_EXIT(zfsvfs); 3075 return (error); 3076 } 3077 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) || 3078 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET, 3079 &target)) { 3080 VN_RELE(vp); 3081 VN_RELE(ZTOV(sharedir)); 3082 ZFS_EXIT(zfsvfs); 3083 return (error); 3084 } 3085 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target, 3086 kcred, NULL, 0); 3087 nvlist_free(nvlist); 3088 break; 3089 3090 case ZFS_SMB_ACL_PURGE: 3091 error = zfs_smb_acl_purge(sharedir); 3092 break; 3093 3094 default: 3095 error = EINVAL; 3096 break; 3097 } 3098 3099 VN_RELE(vp); 3100 VN_RELE(ZTOV(sharedir)); 3101 3102 ZFS_EXIT(zfsvfs); 3103 3104 return (error); 3105 } 3106 3107 /* 3108 * pool create, destroy, and export don't log the history as part of 3109 * zfsdev_ioctl, but rather zfs_ioc_pool_create, and zfs_ioc_pool_export 3110 * do the logging of those commands. 3111 */ 3112 static zfs_ioc_vec_t zfs_ioc_vec[] = { 3113 { zfs_ioc_pool_create, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 3114 { zfs_ioc_pool_destroy, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 3115 { zfs_ioc_pool_import, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3116 { zfs_ioc_pool_export, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 3117 { zfs_ioc_pool_configs, zfs_secpolicy_none, NO_NAME, B_FALSE }, 3118 { zfs_ioc_pool_stats, zfs_secpolicy_read, POOL_NAME, B_FALSE }, 3119 { zfs_ioc_pool_tryimport, zfs_secpolicy_config, NO_NAME, B_FALSE }, 3120 { zfs_ioc_pool_scrub, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3121 { zfs_ioc_pool_freeze, zfs_secpolicy_config, NO_NAME, B_FALSE }, 3122 { zfs_ioc_pool_upgrade, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3123 { zfs_ioc_pool_get_history, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 3124 { zfs_ioc_vdev_add, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3125 { zfs_ioc_vdev_remove, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3126 { zfs_ioc_vdev_set_state, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3127 { zfs_ioc_vdev_attach, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3128 { zfs_ioc_vdev_detach, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3129 { zfs_ioc_vdev_setpath, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 3130 { zfs_ioc_objset_stats, zfs_secpolicy_read, DATASET_NAME, B_FALSE }, 3131 { zfs_ioc_objset_zplprops, zfs_secpolicy_read, DATASET_NAME, B_FALSE }, 3132 { zfs_ioc_dataset_list_next, zfs_secpolicy_read, 3133 DATASET_NAME, B_FALSE }, 3134 { zfs_ioc_snapshot_list_next, zfs_secpolicy_read, 3135 DATASET_NAME, B_FALSE }, 3136 { zfs_ioc_set_prop, zfs_secpolicy_none, DATASET_NAME, B_TRUE }, 3137 { zfs_ioc_create_minor, zfs_secpolicy_minor, DATASET_NAME, B_FALSE }, 3138 { zfs_ioc_remove_minor, zfs_secpolicy_minor, DATASET_NAME, B_FALSE }, 3139 { zfs_ioc_create, zfs_secpolicy_create, DATASET_NAME, B_TRUE }, 3140 { zfs_ioc_destroy, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE }, 3141 { zfs_ioc_rollback, zfs_secpolicy_rollback, DATASET_NAME, B_TRUE }, 3142 { zfs_ioc_rename, zfs_secpolicy_rename, DATASET_NAME, B_TRUE }, 3143 { zfs_ioc_recv, zfs_secpolicy_receive, DATASET_NAME, B_TRUE }, 3144 { zfs_ioc_send, zfs_secpolicy_send, DATASET_NAME, B_TRUE }, 3145 { zfs_ioc_inject_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE }, 3146 { zfs_ioc_clear_fault, zfs_secpolicy_inject, NO_NAME, B_FALSE }, 3147 { zfs_ioc_inject_list_next, zfs_secpolicy_inject, NO_NAME, B_FALSE }, 3148 { zfs_ioc_error_log, zfs_secpolicy_inject, POOL_NAME, B_FALSE }, 3149 { zfs_ioc_clear, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3150 { zfs_ioc_promote, zfs_secpolicy_promote, DATASET_NAME, B_TRUE }, 3151 { zfs_ioc_destroy_snaps, zfs_secpolicy_destroy, DATASET_NAME, B_TRUE }, 3152 { zfs_ioc_snapshot, zfs_secpolicy_snapshot, DATASET_NAME, B_TRUE }, 3153 { zfs_ioc_dsobj_to_dsname, zfs_secpolicy_config, POOL_NAME, B_FALSE }, 3154 { zfs_ioc_obj_to_path, zfs_secpolicy_config, NO_NAME, B_FALSE }, 3155 { zfs_ioc_pool_set_props, zfs_secpolicy_config, POOL_NAME, B_TRUE }, 3156 { zfs_ioc_pool_get_props, zfs_secpolicy_read, POOL_NAME, B_FALSE }, 3157 { zfs_ioc_set_fsacl, zfs_secpolicy_fsacl, DATASET_NAME, B_TRUE }, 3158 { zfs_ioc_get_fsacl, zfs_secpolicy_read, DATASET_NAME, B_FALSE }, 3159 { zfs_ioc_iscsi_perm_check, zfs_secpolicy_iscsi, 3160 DATASET_NAME, B_FALSE }, 3161 { zfs_ioc_share, zfs_secpolicy_share, DATASET_NAME, B_FALSE }, 3162 { zfs_ioc_inherit_prop, zfs_secpolicy_inherit, DATASET_NAME, B_TRUE }, 3163 { zfs_ioc_smb_acl, zfs_secpolicy_smb_acl, DATASET_NAME, B_FALSE } 3164 }; 3165 3166 static int 3167 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp) 3168 { 3169 zfs_cmd_t *zc; 3170 uint_t vec; 3171 int error, rc; 3172 3173 if (getminor(dev) != 0) 3174 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp)); 3175 3176 vec = cmd - ZFS_IOC; 3177 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip)); 3178 3179 if (vec >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0])) 3180 return (EINVAL); 3181 3182 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP); 3183 3184 error = xcopyin((void *)arg, zc, sizeof (zfs_cmd_t)); 3185 3186 if (error == 0) 3187 error = zfs_ioc_vec[vec].zvec_secpolicy(zc, cr); 3188 3189 /* 3190 * Ensure that all pool/dataset names are valid before we pass down to 3191 * the lower layers. 3192 */ 3193 if (error == 0) { 3194 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0'; 3195 switch (zfs_ioc_vec[vec].zvec_namecheck) { 3196 case POOL_NAME: 3197 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0) 3198 error = EINVAL; 3199 break; 3200 3201 case DATASET_NAME: 3202 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0) 3203 error = EINVAL; 3204 break; 3205 3206 case NO_NAME: 3207 break; 3208 } 3209 } 3210 3211 if (error == 0) 3212 error = zfs_ioc_vec[vec].zvec_func(zc); 3213 3214 rc = xcopyout(zc, (void *)arg, sizeof (zfs_cmd_t)); 3215 if (error == 0) { 3216 error = rc; 3217 if (zfs_ioc_vec[vec].zvec_his_log == B_TRUE) 3218 zfs_log_history(zc); 3219 } 3220 3221 kmem_free(zc, sizeof (zfs_cmd_t)); 3222 return (error); 3223 } 3224 3225 static int 3226 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd) 3227 { 3228 if (cmd != DDI_ATTACH) 3229 return (DDI_FAILURE); 3230 3231 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0, 3232 DDI_PSEUDO, 0) == DDI_FAILURE) 3233 return (DDI_FAILURE); 3234 3235 zfs_dip = dip; 3236 3237 ddi_report_dev(dip); 3238 3239 return (DDI_SUCCESS); 3240 } 3241 3242 static int 3243 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd) 3244 { 3245 if (spa_busy() || zfs_busy() || zvol_busy()) 3246 return (DDI_FAILURE); 3247 3248 if (cmd != DDI_DETACH) 3249 return (DDI_FAILURE); 3250 3251 zfs_dip = NULL; 3252 3253 ddi_prop_remove_all(dip); 3254 ddi_remove_minor_node(dip, NULL); 3255 3256 return (DDI_SUCCESS); 3257 } 3258 3259 /*ARGSUSED*/ 3260 static int 3261 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result) 3262 { 3263 switch (infocmd) { 3264 case DDI_INFO_DEVT2DEVINFO: 3265 *result = zfs_dip; 3266 return (DDI_SUCCESS); 3267 3268 case DDI_INFO_DEVT2INSTANCE: 3269 *result = (void *)0; 3270 return (DDI_SUCCESS); 3271 } 3272 3273 return (DDI_FAILURE); 3274 } 3275 3276 /* 3277 * OK, so this is a little weird. 3278 * 3279 * /dev/zfs is the control node, i.e. minor 0. 3280 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0. 3281 * 3282 * /dev/zfs has basically nothing to do except serve up ioctls, 3283 * so most of the standard driver entry points are in zvol.c. 3284 */ 3285 static struct cb_ops zfs_cb_ops = { 3286 zvol_open, /* open */ 3287 zvol_close, /* close */ 3288 zvol_strategy, /* strategy */ 3289 nodev, /* print */ 3290 zvol_dump, /* dump */ 3291 zvol_read, /* read */ 3292 zvol_write, /* write */ 3293 zfsdev_ioctl, /* ioctl */ 3294 nodev, /* devmap */ 3295 nodev, /* mmap */ 3296 nodev, /* segmap */ 3297 nochpoll, /* poll */ 3298 ddi_prop_op, /* prop_op */ 3299 NULL, /* streamtab */ 3300 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */ 3301 CB_REV, /* version */ 3302 nodev, /* async read */ 3303 nodev, /* async write */ 3304 }; 3305 3306 static struct dev_ops zfs_dev_ops = { 3307 DEVO_REV, /* version */ 3308 0, /* refcnt */ 3309 zfs_info, /* info */ 3310 nulldev, /* identify */ 3311 nulldev, /* probe */ 3312 zfs_attach, /* attach */ 3313 zfs_detach, /* detach */ 3314 nodev, /* reset */ 3315 &zfs_cb_ops, /* driver operations */ 3316 NULL, /* no bus operations */ 3317 NULL, /* power */ 3318 ddi_quiesce_not_needed, /* quiesce */ 3319 }; 3320 3321 static struct modldrv zfs_modldrv = { 3322 &mod_driverops, 3323 "ZFS storage pool", 3324 &zfs_dev_ops 3325 }; 3326 3327 static struct modlinkage modlinkage = { 3328 MODREV_1, 3329 (void *)&zfs_modlfs, 3330 (void *)&zfs_modldrv, 3331 NULL 3332 }; 3333 3334 3335 uint_t zfs_fsyncer_key; 3336 extern uint_t rrw_tsd_key; 3337 3338 int 3339 _init(void) 3340 { 3341 int error; 3342 3343 spa_init(FREAD | FWRITE); 3344 zfs_init(); 3345 zvol_init(); 3346 3347 if ((error = mod_install(&modlinkage)) != 0) { 3348 zvol_fini(); 3349 zfs_fini(); 3350 spa_fini(); 3351 return (error); 3352 } 3353 3354 tsd_create(&zfs_fsyncer_key, NULL); 3355 tsd_create(&rrw_tsd_key, NULL); 3356 3357 error = ldi_ident_from_mod(&modlinkage, &zfs_li); 3358 ASSERT(error == 0); 3359 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL); 3360 3361 return (0); 3362 } 3363 3364 int 3365 _fini(void) 3366 { 3367 int error; 3368 3369 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled) 3370 return (EBUSY); 3371 3372 if ((error = mod_remove(&modlinkage)) != 0) 3373 return (error); 3374 3375 zvol_fini(); 3376 zfs_fini(); 3377 spa_fini(); 3378 if (zfs_nfsshare_inited) 3379 (void) ddi_modclose(nfs_mod); 3380 if (zfs_smbshare_inited) 3381 (void) ddi_modclose(smbsrv_mod); 3382 if (zfs_nfsshare_inited || zfs_smbshare_inited) 3383 (void) ddi_modclose(sharefs_mod); 3384 3385 tsd_destroy(&zfs_fsyncer_key); 3386 ldi_ident_release(zfs_li); 3387 zfs_li = NULL; 3388 mutex_destroy(&zfs_share_lock); 3389 3390 return (error); 3391 } 3392 3393 int 3394 _info(struct modinfo *modinfop) 3395 { 3396 return (mod_info(&modlinkage, modinfop)); 3397 } 3398