search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
3557 dumpvp_size is not updated correctly when a dump zvol's size is changed
[unleashed.git] / usr / src / uts / common / fs / zfs / zfs_ioctl.c
blob38adc1940ff8a397b592ce0fd97b1329b671cc90
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Portions Copyright 2011 Martin Matuska
25 * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
26 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
27 * Copyright (c) 2012 by Delphix. All rights reserved.
28 * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
29 */
30
31 /*
32 * ZFS ioctls.
33 *
34 * This file handles the ioctls to /dev/zfs, used for configuring ZFS storage
35 * pools and filesystems, e.g. with /sbin/zfs and /sbin/zpool.
36 *
37 * There are two ways that we handle ioctls: the legacy way where almost
38 * all of the logic is in the ioctl callback, and the new way where most
39 * of the marshalling is handled in the common entry point, zfsdev_ioctl().
40 *
41 * Non-legacy ioctls should be registered by calling
42 * zfs_ioctl_register() from zfs_ioctl_init(). The ioctl is invoked
43 * from userland by lzc_ioctl().
44 *
45 * The registration arguments are as follows:
46 *
47 * const char *name
48 * The name of the ioctl. This is used for history logging. If the
49 * ioctl returns successfully (the callback returns 0), and allow_log
50 * is true, then a history log entry will be recorded with the input &
51 * output nvlists. The log entry can be printed with "zpool history -i".
52 *
53 * zfs_ioc_t ioc
54 * The ioctl request number, which userland will pass to ioctl(2).
55 * The ioctl numbers can change from release to release, because
56 * the caller (libzfs) must be matched to the kernel.
57 *
58 * zfs_secpolicy_func_t *secpolicy
59 * This function will be called before the zfs_ioc_func_t, to
60 * determine if this operation is permitted. It should return EPERM
61 * on failure, and 0 on success. Checks include determining if the
62 * dataset is visible in this zone, and if the user has either all
63 * zfs privileges in the zone (SYS_MOUNT), or has been granted permission
64 * to do this operation on this dataset with "zfs allow".
65 *
66 * zfs_ioc_namecheck_t namecheck
67 * This specifies what to expect in the zfs_cmd_t:zc_name -- a pool
68 * name, a dataset name, or nothing. If the name is not well-formed,
69 * the ioctl will fail and the callback will not be called.
70 * Therefore, the callback can assume that the name is well-formed
71 * (e.g. is null-terminated, doesn't have more than one '@' character,
72 * doesn't have invalid characters).
73 *
74 * zfs_ioc_poolcheck_t pool_check
75 * This specifies requirements on the pool state. If the pool does
76 * not meet them (is suspended or is readonly), the ioctl will fail
77 * and the callback will not be called. If any checks are specified
78 * (i.e. it is not POOL_CHECK_NONE), namecheck must not be NO_NAME.
79 * Multiple checks can be or-ed together (e.g. POOL_CHECK_SUSPENDED |
80 * POOL_CHECK_READONLY).
81 *
82 * boolean_t smush_outnvlist
83 * If smush_outnvlist is true, then the output is presumed to be a
84 * list of errors, and it will be "smushed" down to fit into the
85 * caller's buffer, by removing some entries and replacing them with a
86 * single "N_MORE_ERRORS" entry indicating how many were removed. See
87 * nvlist_smush() for details. If smush_outnvlist is false, and the
88 * outnvlist does not fit into the userland-provided buffer, then the
89 * ioctl will fail with ENOMEM.
90 *
91 * zfs_ioc_func_t *func
92 * The callback function that will perform the operation.
93 *
94 * The callback should return 0 on success, or an error number on
95 * failure. If the function fails, the userland ioctl will return -1,
96 * and errno will be set to the callback's return value. The callback
97 * will be called with the following arguments:
98 *
99 * const char *name
100 * The name of the pool or dataset to operate on, from
101 * zfs_cmd_t:zc_name. The 'namecheck' argument specifies the
102 * expected type (pool, dataset, or none).
103 *
104 * nvlist_t *innvl
105 * The input nvlist, deserialized from zfs_cmd_t:zc_nvlist_src. Or
106 * NULL if no input nvlist was provided. Changes to this nvlist are
107 * ignored. If the input nvlist could not be deserialized, the
108 * ioctl will fail and the callback will not be called.
109 *
110 * nvlist_t *outnvl
111 * The output nvlist, initially empty. The callback can fill it in,
112 * and it will be returned to userland by serializing it into
113 * zfs_cmd_t:zc_nvlist_dst. If it is non-empty, and serialization
114 * fails (e.g. because the caller didn't supply a large enough
115 * buffer), then the overall ioctl will fail. See the
116 * 'smush_nvlist' argument above for additional behaviors.
117 *
118 * There are two typical uses of the output nvlist:
119 * - To return state, e.g. property values. In this case,
120 * smush_outnvlist should be false. If the buffer was not large
121 * enough, the caller will reallocate a larger buffer and try
122 * the ioctl again.
123 *
124 * - To return multiple errors from an ioctl which makes on-disk
125 * changes. In this case, smush_outnvlist should be true.
126 * Ioctls which make on-disk modifications should generally not
127 * use the outnvl if they succeed, because the caller can not
128 * distinguish between the operation failing, and
129 * deserialization failing.
130 */
131
132 #include <sys/types.h>
133 #include <sys/param.h>
134 #include <sys/errno.h>
135 #include <sys/uio.h>
136 #include <sys/buf.h>
137 #include <sys/modctl.h>
138 #include <sys/open.h>
139 #include <sys/file.h>
140 #include <sys/kmem.h>
141 #include <sys/conf.h>
142 #include <sys/cmn_err.h>
143 #include <sys/stat.h>
144 #include <sys/zfs_ioctl.h>
145 #include <sys/zfs_vfsops.h>
146 #include <sys/zfs_znode.h>
147 #include <sys/zap.h>
148 #include <sys/spa.h>
149 #include <sys/spa_impl.h>
150 #include <sys/vdev.h>
151 #include <sys/priv_impl.h>
152 #include <sys/dmu.h>
153 #include <sys/dsl_dir.h>
154 #include <sys/dsl_dataset.h>
155 #include <sys/dsl_prop.h>
156 #include <sys/dsl_deleg.h>
157 #include <sys/dmu_objset.h>
158 #include <sys/dmu_impl.h>
159 #include <sys/ddi.h>
160 #include <sys/sunddi.h>
161 #include <sys/sunldi.h>
162 #include <sys/policy.h>
163 #include <sys/zone.h>
164 #include <sys/nvpair.h>
165 #include <sys/pathname.h>
166 #include <sys/mount.h>
167 #include <sys/sdt.h>
168 #include <sys/fs/zfs.h>
169 #include <sys/zfs_ctldir.h>
170 #include <sys/zfs_dir.h>
171 #include <sys/zfs_onexit.h>
172 #include <sys/zvol.h>
173 #include <sys/dsl_scan.h>
174 #include <sharefs/share.h>
175 #include <sys/dmu_objset.h>
176 #include <sys/zfeature.h>
177
178 #include "zfs_namecheck.h"
179 #include "zfs_prop.h"
180 #include "zfs_deleg.h"
181 #include "zfs_comutil.h"
182
183 extern struct modlfs zfs_modlfs;
184
185 extern void zfs_init(void);
186 extern void zfs_fini(void);
187
188 ldi_ident_t zfs_li = NULL;
189 dev_info_t *zfs_dip;
190
191 uint_t zfs_fsyncer_key;
192 extern uint_t rrw_tsd_key;
193 static uint_t zfs_allow_log_key;
194
195 typedef int zfs_ioc_legacy_func_t(zfs_cmd_t *);
196 typedef int zfs_ioc_func_t(const char *, nvlist_t *, nvlist_t *);
197 typedef int zfs_secpolicy_func_t(zfs_cmd_t *, nvlist_t *, cred_t *);
198
199 typedef enum {
200 NO_NAME,
201 POOL_NAME,
202 DATASET_NAME
203 } zfs_ioc_namecheck_t;
204
205 typedef enum {
206 POOL_CHECK_NONE = 1 << 0,
207 POOL_CHECK_SUSPENDED = 1 << 1,
208 POOL_CHECK_READONLY = 1 << 2,
209 } zfs_ioc_poolcheck_t;
210
211 typedef struct zfs_ioc_vec {
212 zfs_ioc_legacy_func_t *zvec_legacy_func;
213 zfs_ioc_func_t *zvec_func;
214 zfs_secpolicy_func_t *zvec_secpolicy;
215 zfs_ioc_namecheck_t zvec_namecheck;
216 boolean_t zvec_allow_log;
217 zfs_ioc_poolcheck_t zvec_pool_check;
218 boolean_t zvec_smush_outnvlist;
219 const char *zvec_name;
220 } zfs_ioc_vec_t;
221
222 /* This array is indexed by zfs_userquota_prop_t */
223 static const char *userquota_perms[] = {
224 ZFS_DELEG_PERM_USERUSED,
225 ZFS_DELEG_PERM_USERQUOTA,
226 ZFS_DELEG_PERM_GROUPUSED,
227 ZFS_DELEG_PERM_GROUPQUOTA,
228 };
229
230 static int zfs_ioc_userspace_upgrade(zfs_cmd_t *zc);
231 static int zfs_check_settable(const char *name, nvpair_t *property,
232 cred_t *cr);
233 static int zfs_check_clearable(char *dataset, nvlist_t *props,
234 nvlist_t **errors);
235 static int zfs_fill_zplprops_root(uint64_t, nvlist_t *, nvlist_t *,
236 boolean_t *);
237 int zfs_set_prop_nvlist(const char *, zprop_source_t, nvlist_t *, nvlist_t *);
238 static int get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp);
239
240 static int zfs_prop_activate_feature(dsl_pool_t *dp, zfeature_info_t *feature);
241 static int zfs_prop_activate_feature_check(void *arg1, void *arg2,
242 dmu_tx_t *tx);
243 static void zfs_prop_activate_feature_sync(void *arg1, void *arg2,
244 dmu_tx_t *tx);
245
246 /* _NOTE(PRINTFLIKE(4)) - this is printf-like, but lint is too whiney */
247 void
248 __dprintf(const char *file, const char *func, int line, const char *fmt, ...)
249 {
250 const char *newfile;
251 char buf[512];
252 va_list adx;
253
254 /*
255 * Get rid of annoying "../common/" prefix to filename.
256 */
257 newfile = strrchr(file, '/');
258 if (newfile != NULL) {
259 newfile = newfile + 1; /* Get rid of leading / */
260 } else {
261 newfile = file;
262 }
263
264 va_start(adx, fmt);
265 (void) vsnprintf(buf, sizeof (buf), fmt, adx);
266 va_end(adx);
267
268 /*
269 * To get this data, use the zfs-dprintf probe as so:
270 * dtrace -q -n 'zfs-dprintf \
271 * /stringof(arg0) == "dbuf.c"/ \
272 * {printf("%s: %s", stringof(arg1), stringof(arg3))}'
273 * arg0 = file name
274 * arg1 = function name
275 * arg2 = line number
276 * arg3 = message
277 */
278 DTRACE_PROBE4(zfs__dprintf,
279 char *, newfile, char *, func, int, line, char *, buf);
280 }
281
282 static void
283 history_str_free(char *buf)
284 {
285 kmem_free(buf, HIS_MAX_RECORD_LEN);
286 }
287
288 static char *
289 history_str_get(zfs_cmd_t *zc)
290 {
291 char *buf;
292
293 if (zc->zc_history == NULL)
294 return (NULL);
295
296 buf = kmem_alloc(HIS_MAX_RECORD_LEN, KM_SLEEP);
297 if (copyinstr((void *)(uintptr_t)zc->zc_history,
298 buf, HIS_MAX_RECORD_LEN, NULL) != 0) {
299 history_str_free(buf);
300 return (NULL);
301 }
302
303 buf[HIS_MAX_RECORD_LEN -1] = '\0';
304
305 return (buf);
306 }
307
308 /*
309 * Check to see if the named dataset is currently defined as bootable
310 */
311 static boolean_t
312 zfs_is_bootfs(const char *name)
313 {
314 objset_t *os;
315
316 if (dmu_objset_hold(name, FTAG, &os) == 0) {
317 boolean_t ret;
318 ret = (dmu_objset_id(os) == spa_bootfs(dmu_objset_spa(os)));
319 dmu_objset_rele(os, FTAG);
320 return (ret);
321 }
322 return (B_FALSE);
323 }
324
325 /*
326 * zfs_earlier_version
327 *
328 * Return non-zero if the spa version is less than requested version.
329 */
330 static int
331 zfs_earlier_version(const char *name, int version)
332 {
333 spa_t *spa;
334
335 if (spa_open(name, &spa, FTAG) == 0) {
336 if (spa_version(spa) < version) {
337 spa_close(spa, FTAG);
338 return (1);
339 }
340 spa_close(spa, FTAG);
341 }
342 return (0);
343 }
344
345 /*
346 * zpl_earlier_version
347 *
348 * Return TRUE if the ZPL version is less than requested version.
349 */
350 static boolean_t
351 zpl_earlier_version(const char *name, int version)
352 {
353 objset_t *os;
354 boolean_t rc = B_TRUE;
355
356 if (dmu_objset_hold(name, FTAG, &os) == 0) {
357 uint64_t zplversion;
358
359 if (dmu_objset_type(os) != DMU_OST_ZFS) {
360 dmu_objset_rele(os, FTAG);
361 return (B_TRUE);
362 }
363 /* XXX reading from non-owned objset */
364 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &zplversion) == 0)
365 rc = zplversion < version;
366 dmu_objset_rele(os, FTAG);
367 }
368 return (rc);
369 }
370
371 static void
372 zfs_log_history(zfs_cmd_t *zc)
373 {
374 spa_t *spa;
375 char *buf;
376
377 if ((buf = history_str_get(zc)) == NULL)
378 return;
379
380 if (spa_open(zc->zc_name, &spa, FTAG) == 0) {
381 if (spa_version(spa) >= SPA_VERSION_ZPOOL_HISTORY)
382 (void) spa_history_log(spa, buf);
383 spa_close(spa, FTAG);
384 }
385 history_str_free(buf);
386 }
387
388 /*
389 * Policy for top-level read operations (list pools). Requires no privileges,
390 * and can be used in the local zone, as there is no associated dataset.
391 */
392 /* ARGSUSED */
393 static int
394 zfs_secpolicy_none(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
395 {
396 return (0);
397 }
398
399 /*
400 * Policy for dataset read operations (list children, get statistics). Requires
401 * no privileges, but must be visible in the local zone.
402 */
403 /* ARGSUSED */
404 static int
405 zfs_secpolicy_read(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
406 {
407 if (INGLOBALZONE(curproc) ||
408 zone_dataset_visible(zc->zc_name, NULL))
409 return (0);
410
411 return (ENOENT);
412 }
413
414 static int
415 zfs_dozonecheck_impl(const char *dataset, uint64_t zoned, cred_t *cr)
416 {
417 int writable = 1;
418
419 /*
420 * The dataset must be visible by this zone -- check this first
421 * so they don't see EPERM on something they shouldn't know about.
422 */
423 if (!INGLOBALZONE(curproc) &&
424 !zone_dataset_visible(dataset, &writable))
425 return (ENOENT);
426
427 if (INGLOBALZONE(curproc)) {
428 /*
429 * If the fs is zoned, only root can access it from the
430 * global zone.
431 */
432 if (secpolicy_zfs(cr) && zoned)
433 return (EPERM);
434 } else {
435 /*
436 * If we are in a local zone, the 'zoned' property must be set.
437 */
438 if (!zoned)
439 return (EPERM);
440
441 /* must be writable by this zone */
442 if (!writable)
443 return (EPERM);
444 }
445 return (0);
446 }
447
448 static int
449 zfs_dozonecheck(const char *dataset, cred_t *cr)
450 {
451 uint64_t zoned;
452
453 if (dsl_prop_get_integer(dataset, "zoned", &zoned, NULL))
454 return (ENOENT);
455
456 return (zfs_dozonecheck_impl(dataset, zoned, cr));
457 }
458
459 static int
460 zfs_dozonecheck_ds(const char *dataset, dsl_dataset_t *ds, cred_t *cr)
461 {
462 uint64_t zoned;
463
464 rw_enter(&ds->ds_dir->dd_pool->dp_config_rwlock, RW_READER);
465 if (dsl_prop_get_ds(ds, "zoned", 8, 1, &zoned, NULL)) {
466 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
467 return (ENOENT);
468 }
469 rw_exit(&ds->ds_dir->dd_pool->dp_config_rwlock);
470
471 return (zfs_dozonecheck_impl(dataset, zoned, cr));
472 }
473
474 static int
475 zfs_secpolicy_write_perms(const char *name, const char *perm, cred_t *cr)
476 {
477 int error;
478 dsl_dataset_t *ds;
479
480 error = dsl_dataset_hold(name, FTAG, &ds);
481 if (error != 0)
482 return (error);
483
484 error = zfs_dozonecheck_ds(name, ds, cr);
485 if (error == 0) {
486 error = secpolicy_zfs(cr);
487 if (error)
488 error = dsl_deleg_access_impl(ds, perm, cr);
489 }
490
491 dsl_dataset_rele(ds, FTAG);
492 return (error);
493 }
494
495 static int
496 zfs_secpolicy_write_perms_ds(const char *name, dsl_dataset_t *ds,
497 const char *perm, cred_t *cr)
498 {
499 int error;
500
501 error = zfs_dozonecheck_ds(name, ds, cr);
502 if (error == 0) {
503 error = secpolicy_zfs(cr);
504 if (error)
505 error = dsl_deleg_access_impl(ds, perm, cr);
506 }
507 return (error);
508 }
509
510 /*
511 * Policy for setting the security label property.
512 *
513 * Returns 0 for success, non-zero for access and other errors.
514 */
515 static int
516 zfs_set_slabel_policy(const char *name, char *strval, cred_t *cr)
517 {
518 char ds_hexsl[MAXNAMELEN];
519 bslabel_t ds_sl, new_sl;
520 boolean_t new_default = FALSE;
521 uint64_t zoned;
522 int needed_priv = -1;
523 int error;
524
525 /* First get the existing dataset label. */
526 error = dsl_prop_get(name, zfs_prop_to_name(ZFS_PROP_MLSLABEL),
527 1, sizeof (ds_hexsl), &ds_hexsl, NULL);
528 if (error)
529 return (EPERM);
530
531 if (strcasecmp(strval, ZFS_MLSLABEL_DEFAULT) == 0)
532 new_default = TRUE;
533
534 /* The label must be translatable */
535 if (!new_default && (hexstr_to_label(strval, &new_sl) != 0))
536 return (EINVAL);
537
538 /*
539 * In a non-global zone, disallow attempts to set a label that
540 * doesn't match that of the zone; otherwise no other checks
541 * are needed.
542 */
543 if (!INGLOBALZONE(curproc)) {
544 if (new_default || !blequal(&new_sl, CR_SL(CRED())))
545 return (EPERM);
546 return (0);
547 }
548
549 /*
550 * For global-zone datasets (i.e., those whose zoned property is
551 * "off", verify that the specified new label is valid for the
552 * global zone.
553 */
554 if (dsl_prop_get_integer(name,
555 zfs_prop_to_name(ZFS_PROP_ZONED), &zoned, NULL))
556 return (EPERM);
557 if (!zoned) {
558 if (zfs_check_global_label(name, strval) != 0)
559 return (EPERM);
560 }
561
562 /*
563 * If the existing dataset label is nondefault, check if the
564 * dataset is mounted (label cannot be changed while mounted).
565 * Get the zfsvfs; if there isn't one, then the dataset isn't
566 * mounted (or isn't a dataset, doesn't exist, ...).
567 */
568 if (strcasecmp(ds_hexsl, ZFS_MLSLABEL_DEFAULT) != 0) {
569 objset_t *os;
570 static char *setsl_tag = "setsl_tag";
571
572 /*
573 * Try to own the dataset; abort if there is any error,
574 * (e.g., already mounted, in use, or other error).
575 */
576 error = dmu_objset_own(name, DMU_OST_ZFS, B_TRUE,
577 setsl_tag, &os);
578 if (error)
579 return (EPERM);
580
581 dmu_objset_disown(os, setsl_tag);
582
583 if (new_default) {
584 needed_priv = PRIV_FILE_DOWNGRADE_SL;
585 goto out_check;
586 }
587
588 if (hexstr_to_label(strval, &new_sl) != 0)
589 return (EPERM);
590
591 if (blstrictdom(&ds_sl, &new_sl))
592 needed_priv = PRIV_FILE_DOWNGRADE_SL;
593 else if (blstrictdom(&new_sl, &ds_sl))
594 needed_priv = PRIV_FILE_UPGRADE_SL;
595 } else {
596 /* dataset currently has a default label */
597 if (!new_default)
598 needed_priv = PRIV_FILE_UPGRADE_SL;
599 }
600
601 out_check:
602 if (needed_priv != -1)
603 return (PRIV_POLICY(cr, needed_priv, B_FALSE, EPERM, NULL));
604 return (0);
605 }
606
607 static int
608 zfs_secpolicy_setprop(const char *dsname, zfs_prop_t prop, nvpair_t *propval,
609 cred_t *cr)
610 {
611 char *strval;
612
613 /*
614 * Check permissions for special properties.
615 */
616 switch (prop) {
617 case ZFS_PROP_ZONED:
618 /*
619 * Disallow setting of 'zoned' from within a local zone.
620 */
621 if (!INGLOBALZONE(curproc))
622 return (EPERM);
623 break;
624
625 case ZFS_PROP_QUOTA:
626 if (!INGLOBALZONE(curproc)) {
627 uint64_t zoned;
628 char setpoint[MAXNAMELEN];
629 /*
630 * Unprivileged users are allowed to modify the
631 * quota on things *under* (ie. contained by)
632 * the thing they own.
633 */
634 if (dsl_prop_get_integer(dsname, "zoned", &zoned,
635 setpoint))
636 return (EPERM);
637 if (!zoned || strlen(dsname) <= strlen(setpoint))
638 return (EPERM);
639 }
640 break;
641
642 case ZFS_PROP_MLSLABEL:
643 if (!is_system_labeled())
644 return (EPERM);
645
646 if (nvpair_value_string(propval, &strval) == 0) {
647 int err;
648
649 err = zfs_set_slabel_policy(dsname, strval, CRED());
650 if (err != 0)
651 return (err);
652 }
653 break;
654 }
655
656 return (zfs_secpolicy_write_perms(dsname, zfs_prop_to_name(prop), cr));
657 }
658
659 /* ARGSUSED */
660 static int
661 zfs_secpolicy_set_fsacl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
662 {
663 int error;
664
665 error = zfs_dozonecheck(zc->zc_name, cr);
666 if (error)
667 return (error);
668
669 /*
670 * permission to set permissions will be evaluated later in
671 * dsl_deleg_can_allow()
672 */
673 return (0);
674 }
675
676 /* ARGSUSED */
677 static int
678 zfs_secpolicy_rollback(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
679 {
680 return (zfs_secpolicy_write_perms(zc->zc_name,
681 ZFS_DELEG_PERM_ROLLBACK, cr));
682 }
683
684 /* ARGSUSED */
685 static int
686 zfs_secpolicy_send(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
687 {
688 spa_t *spa;
689 dsl_pool_t *dp;
690 dsl_dataset_t *ds;
691 char *cp;
692 int error;
693
694 /*
695 * Generate the current snapshot name from the given objsetid, then
696 * use that name for the secpolicy/zone checks.
697 */
698 cp = strchr(zc->zc_name, '@');
699 if (cp == NULL)
700 return (EINVAL);
701 error = spa_open(zc->zc_name, &spa, FTAG);
702 if (error)
703 return (error);
704
705 dp = spa_get_dsl(spa);
706 rw_enter(&dp->dp_config_rwlock, RW_READER);
707 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
708 rw_exit(&dp->dp_config_rwlock);
709 spa_close(spa, FTAG);
710 if (error)
711 return (error);
712
713 dsl_dataset_name(ds, zc->zc_name);
714
715 error = zfs_secpolicy_write_perms_ds(zc->zc_name, ds,
716 ZFS_DELEG_PERM_SEND, cr);
717 dsl_dataset_rele(ds, FTAG);
718
719 return (error);
720 }
721
722 /* ARGSUSED */
723 static int
724 zfs_secpolicy_send_new(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
725 {
726 return (zfs_secpolicy_write_perms(zc->zc_name,
727 ZFS_DELEG_PERM_SEND, cr));
728 }
729
730 /* ARGSUSED */
731 static int
732 zfs_secpolicy_deleg_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
733 {
734 vnode_t *vp;
735 int error;
736
737 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
738 NO_FOLLOW, NULL, &vp)) != 0)
739 return (error);
740
741 /* Now make sure mntpnt and dataset are ZFS */
742
743 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
744 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
745 zc->zc_name) != 0)) {
746 VN_RELE(vp);
747 return (EPERM);
748 }
749
750 VN_RELE(vp);
751 return (dsl_deleg_access(zc->zc_name,
752 ZFS_DELEG_PERM_SHARE, cr));
753 }
754
755 int
756 zfs_secpolicy_share(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
757 {
758 if (!INGLOBALZONE(curproc))
759 return (EPERM);
760
761 if (secpolicy_nfs(cr) == 0) {
762 return (0);
763 } else {
764 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
765 }
766 }
767
768 int
769 zfs_secpolicy_smb_acl(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
770 {
771 if (!INGLOBALZONE(curproc))
772 return (EPERM);
773
774 if (secpolicy_smb(cr) == 0) {
775 return (0);
776 } else {
777 return (zfs_secpolicy_deleg_share(zc, innvl, cr));
778 }
779 }
780
781 static int
782 zfs_get_parent(const char *datasetname, char *parent, int parentsize)
783 {
784 char *cp;
785
786 /*
787 * Remove the @bla or /bla from the end of the name to get the parent.
788 */
789 (void) strncpy(parent, datasetname, parentsize);
790 cp = strrchr(parent, '@');
791 if (cp != NULL) {
792 cp[0] = '\0';
793 } else {
794 cp = strrchr(parent, '/');
795 if (cp == NULL)
796 return (ENOENT);
797 cp[0] = '\0';
798 }
799
800 return (0);
801 }
802
803 int
804 zfs_secpolicy_destroy_perms(const char *name, cred_t *cr)
805 {
806 int error;
807
808 if ((error = zfs_secpolicy_write_perms(name,
809 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
810 return (error);
811
812 return (zfs_secpolicy_write_perms(name, ZFS_DELEG_PERM_DESTROY, cr));
813 }
814
815 /* ARGSUSED */
816 static int
817 zfs_secpolicy_destroy(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
818 {
819 return (zfs_secpolicy_destroy_perms(zc->zc_name, cr));
820 }
821
822 /*
823 * Destroying snapshots with delegated permissions requires
824 * descendant mount and destroy permissions.
825 */
826 /* ARGSUSED */
827 static int
828 zfs_secpolicy_destroy_snaps(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
829 {
830 nvlist_t *snaps;
831 nvpair_t *pair, *nextpair;
832 int error = 0;
833
834 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
835 return (EINVAL);
836 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
837 pair = nextpair) {
838 dsl_dataset_t *ds;
839
840 nextpair = nvlist_next_nvpair(snaps, pair);
841 error = dsl_dataset_hold(nvpair_name(pair), FTAG, &ds);
842 if (error == 0) {
843 dsl_dataset_rele(ds, FTAG);
844 } else if (error == ENOENT) {
845 /*
846 * Ignore any snapshots that don't exist (we consider
847 * them "already destroyed"). Remove the name from the
848 * nvl here in case the snapshot is created between
849 * now and when we try to destroy it (in which case
850 * we don't want to destroy it since we haven't
851 * checked for permission).
852 */
853 fnvlist_remove_nvpair(snaps, pair);
854 error = 0;
855 continue;
856 } else {
857 break;
858 }
859 error = zfs_secpolicy_destroy_perms(nvpair_name(pair), cr);
860 if (error != 0)
861 break;
862 }
863
864 return (error);
865 }
866
867 int
868 zfs_secpolicy_rename_perms(const char *from, const char *to, cred_t *cr)
869 {
870 char parentname[MAXNAMELEN];
871 int error;
872
873 if ((error = zfs_secpolicy_write_perms(from,
874 ZFS_DELEG_PERM_RENAME, cr)) != 0)
875 return (error);
876
877 if ((error = zfs_secpolicy_write_perms(from,
878 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
879 return (error);
880
881 if ((error = zfs_get_parent(to, parentname,
882 sizeof (parentname))) != 0)
883 return (error);
884
885 if ((error = zfs_secpolicy_write_perms(parentname,
886 ZFS_DELEG_PERM_CREATE, cr)) != 0)
887 return (error);
888
889 if ((error = zfs_secpolicy_write_perms(parentname,
890 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
891 return (error);
892
893 return (error);
894 }
895
896 /* ARGSUSED */
897 static int
898 zfs_secpolicy_rename(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
899 {
900 return (zfs_secpolicy_rename_perms(zc->zc_name, zc->zc_value, cr));
901 }
902
903 /* ARGSUSED */
904 static int
905 zfs_secpolicy_promote(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
906 {
907 char parentname[MAXNAMELEN];
908 objset_t *clone;
909 int error;
910
911 error = zfs_secpolicy_write_perms(zc->zc_name,
912 ZFS_DELEG_PERM_PROMOTE, cr);
913 if (error)
914 return (error);
915
916 error = dmu_objset_hold(zc->zc_name, FTAG, &clone);
917
918 if (error == 0) {
919 dsl_dataset_t *pclone = NULL;
920 dsl_dir_t *dd;
921 dd = clone->os_dsl_dataset->ds_dir;
922
923 rw_enter(&dd->dd_pool->dp_config_rwlock, RW_READER);
924 error = dsl_dataset_hold_obj(dd->dd_pool,
925 dd->dd_phys->dd_origin_obj, FTAG, &pclone);
926 rw_exit(&dd->dd_pool->dp_config_rwlock);
927 if (error) {
928 dmu_objset_rele(clone, FTAG);
929 return (error);
930 }
931
932 error = zfs_secpolicy_write_perms(zc->zc_name,
933 ZFS_DELEG_PERM_MOUNT, cr);
934
935 dsl_dataset_name(pclone, parentname);
936 dmu_objset_rele(clone, FTAG);
937 dsl_dataset_rele(pclone, FTAG);
938 if (error == 0)
939 error = zfs_secpolicy_write_perms(parentname,
940 ZFS_DELEG_PERM_PROMOTE, cr);
941 }
942 return (error);
943 }
944
945 /* ARGSUSED */
946 static int
947 zfs_secpolicy_recv(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
948 {
949 int error;
950
951 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
952 ZFS_DELEG_PERM_RECEIVE, cr)) != 0)
953 return (error);
954
955 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
956 ZFS_DELEG_PERM_MOUNT, cr)) != 0)
957 return (error);
958
959 return (zfs_secpolicy_write_perms(zc->zc_name,
960 ZFS_DELEG_PERM_CREATE, cr));
961 }
962
963 int
964 zfs_secpolicy_snapshot_perms(const char *name, cred_t *cr)
965 {
966 return (zfs_secpolicy_write_perms(name,
967 ZFS_DELEG_PERM_SNAPSHOT, cr));
968 }
969
970 /*
971 * Check for permission to create each snapshot in the nvlist.
972 */
973 /* ARGSUSED */
974 static int
975 zfs_secpolicy_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
976 {
977 nvlist_t *snaps;
978 int error = 0;
979 nvpair_t *pair;
980
981 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
982 return (EINVAL);
983 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
984 pair = nvlist_next_nvpair(snaps, pair)) {
985 char *name = nvpair_name(pair);
986 char *atp = strchr(name, '@');
987
988 if (atp == NULL) {
989 error = EINVAL;
990 break;
991 }
992 *atp = '\0';
993 error = zfs_secpolicy_snapshot_perms(name, cr);
994 *atp = '@';
995 if (error != 0)
996 break;
997 }
998 return (error);
999 }
1000
1001 /* ARGSUSED */
1002 static int
1003 zfs_secpolicy_log_history(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1004 {
1005 /*
1006 * Even root must have a proper TSD so that we know what pool
1007 * to log to.
1008 */
1009 if (tsd_get(zfs_allow_log_key) == NULL)
1010 return (EPERM);
1011 return (0);
1012 }
1013
1014 static int
1015 zfs_secpolicy_create_clone(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1016 {
1017 char parentname[MAXNAMELEN];
1018 int error;
1019 char *origin;
1020
1021 if ((error = zfs_get_parent(zc->zc_name, parentname,
1022 sizeof (parentname))) != 0)
1023 return (error);
1024
1025 if (nvlist_lookup_string(innvl, "origin", &origin) == 0 &&
1026 (error = zfs_secpolicy_write_perms(origin,
1027 ZFS_DELEG_PERM_CLONE, cr)) != 0)
1028 return (error);
1029
1030 if ((error = zfs_secpolicy_write_perms(parentname,
1031 ZFS_DELEG_PERM_CREATE, cr)) != 0)
1032 return (error);
1033
1034 return (zfs_secpolicy_write_perms(parentname,
1035 ZFS_DELEG_PERM_MOUNT, cr));
1036 }
1037
1038 /*
1039 * Policy for pool operations - create/destroy pools, add vdevs, etc. Requires
1040 * SYS_CONFIG privilege, which is not available in a local zone.
1041 */
1042 /* ARGSUSED */
1043 static int
1044 zfs_secpolicy_config(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1045 {
1046 if (secpolicy_sys_config(cr, B_FALSE) != 0)
1047 return (EPERM);
1048
1049 return (0);
1050 }
1051
1052 /*
1053 * Policy for object to name lookups.
1054 */
1055 /* ARGSUSED */
1056 static int
1057 zfs_secpolicy_diff(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1058 {
1059 int error;
1060
1061 if ((error = secpolicy_sys_config(cr, B_FALSE)) == 0)
1062 return (0);
1063
1064 error = zfs_secpolicy_write_perms(zc->zc_name, ZFS_DELEG_PERM_DIFF, cr);
1065 return (error);
1066 }
1067
1068 /*
1069 * Policy for fault injection. Requires all privileges.
1070 */
1071 /* ARGSUSED */
1072 static int
1073 zfs_secpolicy_inject(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1074 {
1075 return (secpolicy_zinject(cr));
1076 }
1077
1078 /* ARGSUSED */
1079 static int
1080 zfs_secpolicy_inherit_prop(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1081 {
1082 zfs_prop_t prop = zfs_name_to_prop(zc->zc_value);
1083
1084 if (prop == ZPROP_INVAL) {
1085 if (!zfs_prop_user(zc->zc_value))
1086 return (EINVAL);
1087 return (zfs_secpolicy_write_perms(zc->zc_name,
1088 ZFS_DELEG_PERM_USERPROP, cr));
1089 } else {
1090 return (zfs_secpolicy_setprop(zc->zc_name, prop,
1091 NULL, cr));
1092 }
1093 }
1094
1095 static int
1096 zfs_secpolicy_userspace_one(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1097 {
1098 int err = zfs_secpolicy_read(zc, innvl, cr);
1099 if (err)
1100 return (err);
1101
1102 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1103 return (EINVAL);
1104
1105 if (zc->zc_value[0] == 0) {
1106 /*
1107 * They are asking about a posix uid/gid. If it's
1108 * themself, allow it.
1109 */
1110 if (zc->zc_objset_type == ZFS_PROP_USERUSED ||
1111 zc->zc_objset_type == ZFS_PROP_USERQUOTA) {
1112 if (zc->zc_guid == crgetuid(cr))
1113 return (0);
1114 } else {
1115 if (groupmember(zc->zc_guid, cr))
1116 return (0);
1117 }
1118 }
1119
1120 return (zfs_secpolicy_write_perms(zc->zc_name,
1121 userquota_perms[zc->zc_objset_type], cr));
1122 }
1123
1124 static int
1125 zfs_secpolicy_userspace_many(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1126 {
1127 int err = zfs_secpolicy_read(zc, innvl, cr);
1128 if (err)
1129 return (err);
1130
1131 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
1132 return (EINVAL);
1133
1134 return (zfs_secpolicy_write_perms(zc->zc_name,
1135 userquota_perms[zc->zc_objset_type], cr));
1136 }
1137
1138 /* ARGSUSED */
1139 static int
1140 zfs_secpolicy_userspace_upgrade(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1141 {
1142 return (zfs_secpolicy_setprop(zc->zc_name, ZFS_PROP_VERSION,
1143 NULL, cr));
1144 }
1145
1146 /* ARGSUSED */
1147 static int
1148 zfs_secpolicy_hold(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1149 {
1150 return (zfs_secpolicy_write_perms(zc->zc_name,
1151 ZFS_DELEG_PERM_HOLD, cr));
1152 }
1153
1154 /* ARGSUSED */
1155 static int
1156 zfs_secpolicy_release(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1157 {
1158 return (zfs_secpolicy_write_perms(zc->zc_name,
1159 ZFS_DELEG_PERM_RELEASE, cr));
1160 }
1161
1162 /*
1163 * Policy for allowing temporary snapshots to be taken or released
1164 */
1165 static int
1166 zfs_secpolicy_tmp_snapshot(zfs_cmd_t *zc, nvlist_t *innvl, cred_t *cr)
1167 {
1168 /*
1169 * A temporary snapshot is the same as a snapshot,
1170 * hold, destroy and release all rolled into one.
1171 * Delegated diff alone is sufficient that we allow this.
1172 */
1173 int error;
1174
1175 if ((error = zfs_secpolicy_write_perms(zc->zc_name,
1176 ZFS_DELEG_PERM_DIFF, cr)) == 0)
1177 return (0);
1178
1179 error = zfs_secpolicy_snapshot_perms(zc->zc_name, cr);
1180 if (!error)
1181 error = zfs_secpolicy_hold(zc, innvl, cr);
1182 if (!error)
1183 error = zfs_secpolicy_release(zc, innvl, cr);
1184 if (!error)
1185 error = zfs_secpolicy_destroy(zc, innvl, cr);
1186 return (error);
1187 }
1188
1189 /*
1190 * Returns the nvlist as specified by the user in the zfs_cmd_t.
1191 */
1192 static int
1193 get_nvlist(uint64_t nvl, uint64_t size, int iflag, nvlist_t **nvp)
1194 {
1195 char *packed;
1196 int error;
1197 nvlist_t *list = NULL;
1198
1199 /*
1200 * Read in and unpack the user-supplied nvlist.
1201 */
1202 if (size == 0)
1203 return (EINVAL);
1204
1205 packed = kmem_alloc(size, KM_SLEEP);
1206
1207 if ((error = ddi_copyin((void *)(uintptr_t)nvl, packed, size,
1208 iflag)) != 0) {
1209 kmem_free(packed, size);
1210 return (error);
1211 }
1212
1213 if ((error = nvlist_unpack(packed, size, &list, 0)) != 0) {
1214 kmem_free(packed, size);
1215 return (error);
1216 }
1217
1218 kmem_free(packed, size);
1219
1220 *nvp = list;
1221 return (0);
1222 }
1223
1224 /*
1225 * Reduce the size of this nvlist until it can be serialized in 'max' bytes.
1226 * Entries will be removed from the end of the nvlist, and one int32 entry
1227 * named "N_MORE_ERRORS" will be added indicating how many entries were
1228 * removed.
1229 */
1230 static int
1231 nvlist_smush(nvlist_t *errors, size_t max)
1232 {
1233 size_t size;
1234
1235 size = fnvlist_size(errors);
1236
1237 if (size > max) {
1238 nvpair_t *more_errors;
1239 int n = 0;
1240
1241 if (max < 1024)
1242 return (ENOMEM);
1243
1244 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, 0);
1245 more_errors = nvlist_prev_nvpair(errors, NULL);
1246
1247 do {
1248 nvpair_t *pair = nvlist_prev_nvpair(errors,
1249 more_errors);
1250 fnvlist_remove_nvpair(errors, pair);
1251 n++;
1252 size = fnvlist_size(errors);
1253 } while (size > max);
1254
1255 fnvlist_remove_nvpair(errors, more_errors);
1256 fnvlist_add_int32(errors, ZPROP_N_MORE_ERRORS, n);
1257 ASSERT3U(fnvlist_size(errors), <=, max);
1258 }
1259
1260 return (0);
1261 }
1262
1263 static int
1264 put_nvlist(zfs_cmd_t *zc, nvlist_t *nvl)
1265 {
1266 char *packed = NULL;
1267 int error = 0;
1268 size_t size;
1269
1270 size = fnvlist_size(nvl);
1271
1272 if (size > zc->zc_nvlist_dst_size) {
1273 error = ENOMEM;
1274 } else {
1275 packed = fnvlist_pack(nvl, &size);
1276 if (ddi_copyout(packed, (void *)(uintptr_t)zc->zc_nvlist_dst,
1277 size, zc->zc_iflags) != 0)
1278 error = EFAULT;
1279 fnvlist_pack_free(packed, size);
1280 }
1281
1282 zc->zc_nvlist_dst_size = size;
1283 zc->zc_nvlist_dst_filled = B_TRUE;
1284 return (error);
1285 }
1286
1287 static int
1288 getzfsvfs(const char *dsname, zfsvfs_t **zfvp)
1289 {
1290 objset_t *os;
1291 int error;
1292
1293 error = dmu_objset_hold(dsname, FTAG, &os);
1294 if (error)
1295 return (error);
1296 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1297 dmu_objset_rele(os, FTAG);
1298 return (EINVAL);
1299 }
1300
1301 mutex_enter(&os->os_user_ptr_lock);
1302 *zfvp = dmu_objset_get_user(os);
1303 if (*zfvp) {
1304 VFS_HOLD((*zfvp)->z_vfs);
1305 } else {
1306 error = ESRCH;
1307 }
1308 mutex_exit(&os->os_user_ptr_lock);
1309 dmu_objset_rele(os, FTAG);
1310 return (error);
1311 }
1312
1313 /*
1314 * Find a zfsvfs_t for a mounted filesystem, or create our own, in which
1315 * case its z_vfs will be NULL, and it will be opened as the owner.
1316 * If 'writer' is set, the z_teardown_lock will be held for RW_WRITER,
1317 * which prevents all vnode ops from running.
1318 */
1319 static int
1320 zfsvfs_hold(const char *name, void *tag, zfsvfs_t **zfvp, boolean_t writer)
1321 {
1322 int error = 0;
1323
1324 if (getzfsvfs(name, zfvp) != 0)
1325 error = zfsvfs_create(name, zfvp);
1326 if (error == 0) {
1327 rrw_enter(&(*zfvp)->z_teardown_lock, (writer) ? RW_WRITER :
1328 RW_READER, tag);
1329 if ((*zfvp)->z_unmounted) {
1330 /*
1331 * XXX we could probably try again, since the unmounting
1332 * thread should be just about to disassociate the
1333 * objset from the zfsvfs.
1334 */
1335 rrw_exit(&(*zfvp)->z_teardown_lock, tag);
1336 return (EBUSY);
1337 }
1338 }
1339 return (error);
1340 }
1341
1342 static void
1343 zfsvfs_rele(zfsvfs_t *zfsvfs, void *tag)
1344 {
1345 rrw_exit(&zfsvfs->z_teardown_lock, tag);
1346
1347 if (zfsvfs->z_vfs) {
1348 VFS_RELE(zfsvfs->z_vfs);
1349 } else {
1350 dmu_objset_disown(zfsvfs->z_os, zfsvfs);
1351 zfsvfs_free(zfsvfs);
1352 }
1353 }
1354
1355 static int
1356 zfs_ioc_pool_create(zfs_cmd_t *zc)
1357 {
1358 int error;
1359 nvlist_t *config, *props = NULL;
1360 nvlist_t *rootprops = NULL;
1361 nvlist_t *zplprops = NULL;
1362
1363 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1364 zc->zc_iflags, &config))
1365 return (error);
1366
1367 if (zc->zc_nvlist_src_size != 0 && (error =
1368 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1369 zc->zc_iflags, &props))) {
1370 nvlist_free(config);
1371 return (error);
1372 }
1373
1374 if (props) {
1375 nvlist_t *nvl = NULL;
1376 uint64_t version = SPA_VERSION;
1377
1378 (void) nvlist_lookup_uint64(props,
1379 zpool_prop_to_name(ZPOOL_PROP_VERSION), &version);
1380 if (!SPA_VERSION_IS_SUPPORTED(version)) {
1381 error = EINVAL;
1382 goto pool_props_bad;
1383 }
1384 (void) nvlist_lookup_nvlist(props, ZPOOL_ROOTFS_PROPS, &nvl);
1385 if (nvl) {
1386 error = nvlist_dup(nvl, &rootprops, KM_SLEEP);
1387 if (error != 0) {
1388 nvlist_free(config);
1389 nvlist_free(props);
1390 return (error);
1391 }
1392 (void) nvlist_remove_all(props, ZPOOL_ROOTFS_PROPS);
1393 }
1394 VERIFY(nvlist_alloc(&zplprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1395 error = zfs_fill_zplprops_root(version, rootprops,
1396 zplprops, NULL);
1397 if (error)
1398 goto pool_props_bad;
1399 }
1400
1401 error = spa_create(zc->zc_name, config, props, zplprops);
1402
1403 /*
1404 * Set the remaining root properties
1405 */
1406 if (!error && (error = zfs_set_prop_nvlist(zc->zc_name,
1407 ZPROP_SRC_LOCAL, rootprops, NULL)) != 0)
1408 (void) spa_destroy(zc->zc_name);
1409
1410 pool_props_bad:
1411 nvlist_free(rootprops);
1412 nvlist_free(zplprops);
1413 nvlist_free(config);
1414 nvlist_free(props);
1415
1416 return (error);
1417 }
1418
1419 static int
1420 zfs_ioc_pool_destroy(zfs_cmd_t *zc)
1421 {
1422 int error;
1423 zfs_log_history(zc);
1424 error = spa_destroy(zc->zc_name);
1425 if (error == 0)
1426 zvol_remove_minors(zc->zc_name);
1427 return (error);
1428 }
1429
1430 static int
1431 zfs_ioc_pool_import(zfs_cmd_t *zc)
1432 {
1433 nvlist_t *config, *props = NULL;
1434 uint64_t guid;
1435 int error;
1436
1437 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1438 zc->zc_iflags, &config)) != 0)
1439 return (error);
1440
1441 if (zc->zc_nvlist_src_size != 0 && (error =
1442 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1443 zc->zc_iflags, &props))) {
1444 nvlist_free(config);
1445 return (error);
1446 }
1447
1448 if (nvlist_lookup_uint64(config, ZPOOL_CONFIG_POOL_GUID, &guid) != 0 ||
1449 guid != zc->zc_guid)
1450 error = EINVAL;
1451 else
1452 error = spa_import(zc->zc_name, config, props, zc->zc_cookie);
1453
1454 if (zc->zc_nvlist_dst != 0) {
1455 int err;
1456
1457 if ((err = put_nvlist(zc, config)) != 0)
1458 error = err;
1459 }
1460
1461 nvlist_free(config);
1462
1463 if (props)
1464 nvlist_free(props);
1465
1466 return (error);
1467 }
1468
1469 static int
1470 zfs_ioc_pool_export(zfs_cmd_t *zc)
1471 {
1472 int error;
1473 boolean_t force = (boolean_t)zc->zc_cookie;
1474 boolean_t hardforce = (boolean_t)zc->zc_guid;
1475
1476 zfs_log_history(zc);
1477 error = spa_export(zc->zc_name, NULL, force, hardforce);
1478 if (error == 0)
1479 zvol_remove_minors(zc->zc_name);
1480 return (error);
1481 }
1482
1483 static int
1484 zfs_ioc_pool_configs(zfs_cmd_t *zc)
1485 {
1486 nvlist_t *configs;
1487 int error;
1488
1489 if ((configs = spa_all_configs(&zc->zc_cookie)) == NULL)
1490 return (EEXIST);
1491
1492 error = put_nvlist(zc, configs);
1493
1494 nvlist_free(configs);
1495
1496 return (error);
1497 }
1498
1499 /*
1500 * inputs:
1501 * zc_name name of the pool
1502 *
1503 * outputs:
1504 * zc_cookie real errno
1505 * zc_nvlist_dst config nvlist
1506 * zc_nvlist_dst_size size of config nvlist
1507 */
1508 static int
1509 zfs_ioc_pool_stats(zfs_cmd_t *zc)
1510 {
1511 nvlist_t *config;
1512 int error;
1513 int ret = 0;
1514
1515 error = spa_get_stats(zc->zc_name, &config, zc->zc_value,
1516 sizeof (zc->zc_value));
1517
1518 if (config != NULL) {
1519 ret = put_nvlist(zc, config);
1520 nvlist_free(config);
1521
1522 /*
1523 * The config may be present even if 'error' is non-zero.
1524 * In this case we return success, and preserve the real errno
1525 * in 'zc_cookie'.
1526 */
1527 zc->zc_cookie = error;
1528 } else {
1529 ret = error;
1530 }
1531
1532 return (ret);
1533 }
1534
1535 /*
1536 * Try to import the given pool, returning pool stats as appropriate so that
1537 * user land knows which devices are available and overall pool health.
1538 */
1539 static int
1540 zfs_ioc_pool_tryimport(zfs_cmd_t *zc)
1541 {
1542 nvlist_t *tryconfig, *config;
1543 int error;
1544
1545 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1546 zc->zc_iflags, &tryconfig)) != 0)
1547 return (error);
1548
1549 config = spa_tryimport(tryconfig);
1550
1551 nvlist_free(tryconfig);
1552
1553 if (config == NULL)
1554 return (EINVAL);
1555
1556 error = put_nvlist(zc, config);
1557 nvlist_free(config);
1558
1559 return (error);
1560 }
1561
1562 /*
1563 * inputs:
1564 * zc_name name of the pool
1565 * zc_cookie scan func (pool_scan_func_t)
1566 */
1567 static int
1568 zfs_ioc_pool_scan(zfs_cmd_t *zc)
1569 {
1570 spa_t *spa;
1571 int error;
1572
1573 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1574 return (error);
1575
1576 if (zc->zc_cookie == POOL_SCAN_NONE)
1577 error = spa_scan_stop(spa);
1578 else
1579 error = spa_scan(spa, zc->zc_cookie);
1580
1581 spa_close(spa, FTAG);
1582
1583 return (error);
1584 }
1585
1586 static int
1587 zfs_ioc_pool_freeze(zfs_cmd_t *zc)
1588 {
1589 spa_t *spa;
1590 int error;
1591
1592 error = spa_open(zc->zc_name, &spa, FTAG);
1593 if (error == 0) {
1594 spa_freeze(spa);
1595 spa_close(spa, FTAG);
1596 }
1597 return (error);
1598 }
1599
1600 static int
1601 zfs_ioc_pool_upgrade(zfs_cmd_t *zc)
1602 {
1603 spa_t *spa;
1604 int error;
1605
1606 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1607 return (error);
1608
1609 if (zc->zc_cookie < spa_version(spa) ||
1610 !SPA_VERSION_IS_SUPPORTED(zc->zc_cookie)) {
1611 spa_close(spa, FTAG);
1612 return (EINVAL);
1613 }
1614
1615 spa_upgrade(spa, zc->zc_cookie);
1616 spa_close(spa, FTAG);
1617
1618 return (error);
1619 }
1620
1621 static int
1622 zfs_ioc_pool_get_history(zfs_cmd_t *zc)
1623 {
1624 spa_t *spa;
1625 char *hist_buf;
1626 uint64_t size;
1627 int error;
1628
1629 if ((size = zc->zc_history_len) == 0)
1630 return (EINVAL);
1631
1632 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1633 return (error);
1634
1635 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
1636 spa_close(spa, FTAG);
1637 return (ENOTSUP);
1638 }
1639
1640 hist_buf = kmem_alloc(size, KM_SLEEP);
1641 if ((error = spa_history_get(spa, &zc->zc_history_offset,
1642 &zc->zc_history_len, hist_buf)) == 0) {
1643 error = ddi_copyout(hist_buf,
1644 (void *)(uintptr_t)zc->zc_history,
1645 zc->zc_history_len, zc->zc_iflags);
1646 }
1647
1648 spa_close(spa, FTAG);
1649 kmem_free(hist_buf, size);
1650 return (error);
1651 }
1652
1653 static int
1654 zfs_ioc_pool_reguid(zfs_cmd_t *zc)
1655 {
1656 spa_t *spa;
1657 int error;
1658
1659 error = spa_open(zc->zc_name, &spa, FTAG);
1660 if (error == 0) {
1661 error = spa_change_guid(spa);
1662 spa_close(spa, FTAG);
1663 }
1664 return (error);
1665 }
1666
1667 static int
1668 zfs_ioc_dsobj_to_dsname(zfs_cmd_t *zc)
1669 {
1670 int error;
1671
1672 if (error = dsl_dsobj_to_dsname(zc->zc_name, zc->zc_obj, zc->zc_value))
1673 return (error);
1674
1675 return (0);
1676 }
1677
1678 /*
1679 * inputs:
1680 * zc_name name of filesystem
1681 * zc_obj object to find
1682 *
1683 * outputs:
1684 * zc_value name of object
1685 */
1686 static int
1687 zfs_ioc_obj_to_path(zfs_cmd_t *zc)
1688 {
1689 objset_t *os;
1690 int error;
1691
1692 /* XXX reading from objset not owned */
1693 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1694 return (error);
1695 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1696 dmu_objset_rele(os, FTAG);
1697 return (EINVAL);
1698 }
1699 error = zfs_obj_to_path(os, zc->zc_obj, zc->zc_value,
1700 sizeof (zc->zc_value));
1701 dmu_objset_rele(os, FTAG);
1702
1703 return (error);
1704 }
1705
1706 /*
1707 * inputs:
1708 * zc_name name of filesystem
1709 * zc_obj object to find
1710 *
1711 * outputs:
1712 * zc_stat stats on object
1713 * zc_value path to object
1714 */
1715 static int
1716 zfs_ioc_obj_to_stats(zfs_cmd_t *zc)
1717 {
1718 objset_t *os;
1719 int error;
1720
1721 /* XXX reading from objset not owned */
1722 if ((error = dmu_objset_hold(zc->zc_name, FTAG, &os)) != 0)
1723 return (error);
1724 if (dmu_objset_type(os) != DMU_OST_ZFS) {
1725 dmu_objset_rele(os, FTAG);
1726 return (EINVAL);
1727 }
1728 error = zfs_obj_to_stats(os, zc->zc_obj, &zc->zc_stat, zc->zc_value,
1729 sizeof (zc->zc_value));
1730 dmu_objset_rele(os, FTAG);
1731
1732 return (error);
1733 }
1734
1735 static int
1736 zfs_ioc_vdev_add(zfs_cmd_t *zc)
1737 {
1738 spa_t *spa;
1739 int error;
1740 nvlist_t *config, **l2cache, **spares;
1741 uint_t nl2cache = 0, nspares = 0;
1742
1743 error = spa_open(zc->zc_name, &spa, FTAG);
1744 if (error != 0)
1745 return (error);
1746
1747 error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1748 zc->zc_iflags, &config);
1749 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_L2CACHE,
1750 &l2cache, &nl2cache);
1751
1752 (void) nvlist_lookup_nvlist_array(config, ZPOOL_CONFIG_SPARES,
1753 &spares, &nspares);
1754
1755 /*
1756 * A root pool with concatenated devices is not supported.
1757 * Thus, can not add a device to a root pool.
1758 *
1759 * Intent log device can not be added to a rootpool because
1760 * during mountroot, zil is replayed, a seperated log device
1761 * can not be accessed during the mountroot time.
1762 *
1763 * l2cache and spare devices are ok to be added to a rootpool.
1764 */
1765 if (spa_bootfs(spa) != 0 && nl2cache == 0 && nspares == 0) {
1766 nvlist_free(config);
1767 spa_close(spa, FTAG);
1768 return (EDOM);
1769 }
1770
1771 if (error == 0) {
1772 error = spa_vdev_add(spa, config);
1773 nvlist_free(config);
1774 }
1775 spa_close(spa, FTAG);
1776 return (error);
1777 }
1778
1779 /*
1780 * inputs:
1781 * zc_name name of the pool
1782 * zc_nvlist_conf nvlist of devices to remove
1783 * zc_cookie to stop the remove?
1784 */
1785 static int
1786 zfs_ioc_vdev_remove(zfs_cmd_t *zc)
1787 {
1788 spa_t *spa;
1789 int error;
1790
1791 error = spa_open(zc->zc_name, &spa, FTAG);
1792 if (error != 0)
1793 return (error);
1794 error = spa_vdev_remove(spa, zc->zc_guid, B_FALSE);
1795 spa_close(spa, FTAG);
1796 return (error);
1797 }
1798
1799 static int
1800 zfs_ioc_vdev_set_state(zfs_cmd_t *zc)
1801 {
1802 spa_t *spa;
1803 int error;
1804 vdev_state_t newstate = VDEV_STATE_UNKNOWN;
1805
1806 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1807 return (error);
1808 switch (zc->zc_cookie) {
1809 case VDEV_STATE_ONLINE:
1810 error = vdev_online(spa, zc->zc_guid, zc->zc_obj, &newstate);
1811 break;
1812
1813 case VDEV_STATE_OFFLINE:
1814 error = vdev_offline(spa, zc->zc_guid, zc->zc_obj);
1815 break;
1816
1817 case VDEV_STATE_FAULTED:
1818 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1819 zc->zc_obj != VDEV_AUX_EXTERNAL)
1820 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1821
1822 error = vdev_fault(spa, zc->zc_guid, zc->zc_obj);
1823 break;
1824
1825 case VDEV_STATE_DEGRADED:
1826 if (zc->zc_obj != VDEV_AUX_ERR_EXCEEDED &&
1827 zc->zc_obj != VDEV_AUX_EXTERNAL)
1828 zc->zc_obj = VDEV_AUX_ERR_EXCEEDED;
1829
1830 error = vdev_degrade(spa, zc->zc_guid, zc->zc_obj);
1831 break;
1832
1833 default:
1834 error = EINVAL;
1835 }
1836 zc->zc_cookie = newstate;
1837 spa_close(spa, FTAG);
1838 return (error);
1839 }
1840
1841 static int
1842 zfs_ioc_vdev_attach(zfs_cmd_t *zc)
1843 {
1844 spa_t *spa;
1845 int replacing = zc->zc_cookie;
1846 nvlist_t *config;
1847 int error;
1848
1849 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1850 return (error);
1851
1852 if ((error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1853 zc->zc_iflags, &config)) == 0) {
1854 error = spa_vdev_attach(spa, zc->zc_guid, config, replacing);
1855 nvlist_free(config);
1856 }
1857
1858 spa_close(spa, FTAG);
1859 return (error);
1860 }
1861
1862 static int
1863 zfs_ioc_vdev_detach(zfs_cmd_t *zc)
1864 {
1865 spa_t *spa;
1866 int error;
1867
1868 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1869 return (error);
1870
1871 error = spa_vdev_detach(spa, zc->zc_guid, 0, B_FALSE);
1872
1873 spa_close(spa, FTAG);
1874 return (error);
1875 }
1876
1877 static int
1878 zfs_ioc_vdev_split(zfs_cmd_t *zc)
1879 {
1880 spa_t *spa;
1881 nvlist_t *config, *props = NULL;
1882 int error;
1883 boolean_t exp = !!(zc->zc_cookie & ZPOOL_EXPORT_AFTER_SPLIT);
1884
1885 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
1886 return (error);
1887
1888 if (error = get_nvlist(zc->zc_nvlist_conf, zc->zc_nvlist_conf_size,
1889 zc->zc_iflags, &config)) {
1890 spa_close(spa, FTAG);
1891 return (error);
1892 }
1893
1894 if (zc->zc_nvlist_src_size != 0 && (error =
1895 get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
1896 zc->zc_iflags, &props))) {
1897 spa_close(spa, FTAG);
1898 nvlist_free(config);
1899 return (error);
1900 }
1901
1902 error = spa_vdev_split_mirror(spa, zc->zc_string, config, props, exp);
1903
1904 spa_close(spa, FTAG);
1905
1906 nvlist_free(config);
1907 nvlist_free(props);
1908
1909 return (error);
1910 }
1911
1912 static int
1913 zfs_ioc_vdev_setpath(zfs_cmd_t *zc)
1914 {
1915 spa_t *spa;
1916 char *path = zc->zc_value;
1917 uint64_t guid = zc->zc_guid;
1918 int error;
1919
1920 error = spa_open(zc->zc_name, &spa, FTAG);
1921 if (error != 0)
1922 return (error);
1923
1924 error = spa_vdev_setpath(spa, guid, path);
1925 spa_close(spa, FTAG);
1926 return (error);
1927 }
1928
1929 static int
1930 zfs_ioc_vdev_setfru(zfs_cmd_t *zc)
1931 {
1932 spa_t *spa;
1933 char *fru = zc->zc_value;
1934 uint64_t guid = zc->zc_guid;
1935 int error;
1936
1937 error = spa_open(zc->zc_name, &spa, FTAG);
1938 if (error != 0)
1939 return (error);
1940
1941 error = spa_vdev_setfru(spa, guid, fru);
1942 spa_close(spa, FTAG);
1943 return (error);
1944 }
1945
1946 static int
1947 zfs_ioc_objset_stats_impl(zfs_cmd_t *zc, objset_t *os)
1948 {
1949 int error = 0;
1950 nvlist_t *nv;
1951
1952 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
1953
1954 if (zc->zc_nvlist_dst != 0 &&
1955 (error = dsl_prop_get_all(os, &nv)) == 0) {
1956 dmu_objset_stats(os, nv);
1957 /*
1958 * NB: zvol_get_stats() will read the objset contents,
1959 * which we aren't supposed to do with a
1960 * DS_MODE_USER hold, because it could be
1961 * inconsistent. So this is a bit of a workaround...
1962 * XXX reading with out owning
1963 */
1964 if (!zc->zc_objset_stats.dds_inconsistent &&
1965 dmu_objset_type(os) == DMU_OST_ZVOL) {
1966 error = zvol_get_stats(os, nv);
1967 if (error == EIO)
1968 return (error);
1969 VERIFY0(error);
1970 }
1971 error = put_nvlist(zc, nv);
1972 nvlist_free(nv);
1973 }
1974
1975 return (error);
1976 }
1977
1978 /*
1979 * inputs:
1980 * zc_name name of filesystem
1981 * zc_nvlist_dst_size size of buffer for property nvlist
1982 *
1983 * outputs:
1984 * zc_objset_stats stats
1985 * zc_nvlist_dst property nvlist
1986 * zc_nvlist_dst_size size of property nvlist
1987 */
1988 static int
1989 zfs_ioc_objset_stats(zfs_cmd_t *zc)
1990 {
1991 objset_t *os = NULL;
1992 int error;
1993
1994 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
1995 return (error);
1996
1997 error = zfs_ioc_objset_stats_impl(zc, os);
1998
1999 dmu_objset_rele(os, FTAG);
2000
2001 return (error);
2002 }
2003
2004 /*
2005 * inputs:
2006 * zc_name name of filesystem
2007 * zc_nvlist_dst_size size of buffer for property nvlist
2008 *
2009 * outputs:
2010 * zc_nvlist_dst received property nvlist
2011 * zc_nvlist_dst_size size of received property nvlist
2012 *
2013 * Gets received properties (distinct from local properties on or after
2014 * SPA_VERSION_RECVD_PROPS) for callers who want to differentiate received from
2015 * local property values.
2016 */
2017 static int
2018 zfs_ioc_objset_recvd_props(zfs_cmd_t *zc)
2019 {
2020 objset_t *os = NULL;
2021 int error;
2022 nvlist_t *nv;
2023
2024 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os))
2025 return (error);
2026
2027 /*
2028 * Without this check, we would return local property values if the
2029 * caller has not already received properties on or after
2030 * SPA_VERSION_RECVD_PROPS.
2031 */
2032 if (!dsl_prop_get_hasrecvd(os)) {
2033 dmu_objset_rele(os, FTAG);
2034 return (ENOTSUP);
2035 }
2036
2037 if (zc->zc_nvlist_dst != 0 &&
2038 (error = dsl_prop_get_received(os, &nv)) == 0) {
2039 error = put_nvlist(zc, nv);
2040 nvlist_free(nv);
2041 }
2042
2043 dmu_objset_rele(os, FTAG);
2044 return (error);
2045 }
2046
2047 static int
2048 nvl_add_zplprop(objset_t *os, nvlist_t *props, zfs_prop_t prop)
2049 {
2050 uint64_t value;
2051 int error;
2052
2053 /*
2054 * zfs_get_zplprop() will either find a value or give us
2055 * the default value (if there is one).
2056 */
2057 if ((error = zfs_get_zplprop(os, prop, &value)) != 0)
2058 return (error);
2059 VERIFY(nvlist_add_uint64(props, zfs_prop_to_name(prop), value) == 0);
2060 return (0);
2061 }
2062
2063 /*
2064 * inputs:
2065 * zc_name name of filesystem
2066 * zc_nvlist_dst_size size of buffer for zpl property nvlist
2067 *
2068 * outputs:
2069 * zc_nvlist_dst zpl property nvlist
2070 * zc_nvlist_dst_size size of zpl property nvlist
2071 */
2072 static int
2073 zfs_ioc_objset_zplprops(zfs_cmd_t *zc)
2074 {
2075 objset_t *os;
2076 int err;
2077
2078 /* XXX reading without owning */
2079 if (err = dmu_objset_hold(zc->zc_name, FTAG, &os))
2080 return (err);
2081
2082 dmu_objset_fast_stat(os, &zc->zc_objset_stats);
2083
2084 /*
2085 * NB: nvl_add_zplprop() will read the objset contents,
2086 * which we aren't supposed to do with a DS_MODE_USER
2087 * hold, because it could be inconsistent.
2088 */
2089 if (zc->zc_nvlist_dst != NULL &&
2090 !zc->zc_objset_stats.dds_inconsistent &&
2091 dmu_objset_type(os) == DMU_OST_ZFS) {
2092 nvlist_t *nv;
2093
2094 VERIFY(nvlist_alloc(&nv, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2095 if ((err = nvl_add_zplprop(os, nv, ZFS_PROP_VERSION)) == 0 &&
2096 (err = nvl_add_zplprop(os, nv, ZFS_PROP_NORMALIZE)) == 0 &&
2097 (err = nvl_add_zplprop(os, nv, ZFS_PROP_UTF8ONLY)) == 0 &&
2098 (err = nvl_add_zplprop(os, nv, ZFS_PROP_CASE)) == 0)
2099 err = put_nvlist(zc, nv);
2100 nvlist_free(nv);
2101 } else {
2102 err = ENOENT;
2103 }
2104 dmu_objset_rele(os, FTAG);
2105 return (err);
2106 }
2107
2108 static boolean_t
2109 dataset_name_hidden(const char *name)
2110 {
2111 /*
2112 * Skip over datasets that are not visible in this zone,
2113 * internal datasets (which have a $ in their name), and
2114 * temporary datasets (which have a % in their name).
2115 */
2116 if (strchr(name, '$') != NULL)
2117 return (B_TRUE);
2118 if (strchr(name, '%') != NULL)
2119 return (B_TRUE);
2120 if (!INGLOBALZONE(curproc) && !zone_dataset_visible(name, NULL))
2121 return (B_TRUE);
2122 return (B_FALSE);
2123 }
2124
2125 /*
2126 * inputs:
2127 * zc_name name of filesystem
2128 * zc_cookie zap cursor
2129 * zc_nvlist_dst_size size of buffer for property nvlist
2130 *
2131 * outputs:
2132 * zc_name name of next filesystem
2133 * zc_cookie zap cursor
2134 * zc_objset_stats stats
2135 * zc_nvlist_dst property nvlist
2136 * zc_nvlist_dst_size size of property nvlist
2137 */
2138 static int
2139 zfs_ioc_dataset_list_next(zfs_cmd_t *zc)
2140 {
2141 objset_t *os;
2142 int error;
2143 char *p;
2144 size_t orig_len = strlen(zc->zc_name);
2145
2146 top:
2147 if (error = dmu_objset_hold(zc->zc_name, FTAG, &os)) {
2148 if (error == ENOENT)
2149 error = ESRCH;
2150 return (error);
2151 }
2152
2153 p = strrchr(zc->zc_name, '/');
2154 if (p == NULL || p[1] != '\0')
2155 (void) strlcat(zc->zc_name, "/", sizeof (zc->zc_name));
2156 p = zc->zc_name + strlen(zc->zc_name);
2157
2158 /*
2159 * Pre-fetch the datasets. dmu_objset_prefetch() always returns 0
2160 * but is not declared void because its called by dmu_objset_find().
2161 */
2162 if (zc->zc_cookie == 0) {
2163 uint64_t cookie = 0;
2164 int len = sizeof (zc->zc_name) - (p - zc->zc_name);
2165
2166 while (dmu_dir_list_next(os, len, p, NULL, &cookie) == 0) {
2167 if (!dataset_name_hidden(zc->zc_name))
2168 (void) dmu_objset_prefetch(zc->zc_name, NULL);
2169 }
2170 }
2171
2172 do {
2173 error = dmu_dir_list_next(os,
2174 sizeof (zc->zc_name) - (p - zc->zc_name), p,
2175 NULL, &zc->zc_cookie);
2176 if (error == ENOENT)
2177 error = ESRCH;
2178 } while (error == 0 && dataset_name_hidden(zc->zc_name));
2179 dmu_objset_rele(os, FTAG);
2180
2181 /*
2182 * If it's an internal dataset (ie. with a '$' in its name),
2183 * don't try to get stats for it, otherwise we'll return ENOENT.
2184 */
2185 if (error == 0 && strchr(zc->zc_name, '$') == NULL) {
2186 error = zfs_ioc_objset_stats(zc); /* fill in the stats */
2187 if (error == ENOENT) {
2188 /* We lost a race with destroy, get the next one. */
2189 zc->zc_name[orig_len] = '\0';
2190 goto top;
2191 }
2192 }
2193 return (error);
2194 }
2195
2196 /*
2197 * inputs:
2198 * zc_name name of filesystem
2199 * zc_cookie zap cursor
2200 * zc_nvlist_dst_size size of buffer for property nvlist
2201 *
2202 * outputs:
2203 * zc_name name of next snapshot
2204 * zc_objset_stats stats
2205 * zc_nvlist_dst property nvlist
2206 * zc_nvlist_dst_size size of property nvlist
2207 */
2208 static int
2209 zfs_ioc_snapshot_list_next(zfs_cmd_t *zc)
2210 {
2211 objset_t *os;
2212 int error;
2213
2214 top:
2215 if (zc->zc_cookie == 0)
2216 (void) dmu_objset_find(zc->zc_name, dmu_objset_prefetch,
2217 NULL, DS_FIND_SNAPSHOTS);
2218
2219 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
2220 if (error)
2221 return (error == ENOENT ? ESRCH : error);
2222
2223 /*
2224 * A dataset name of maximum length cannot have any snapshots,
2225 * so exit immediately.
2226 */
2227 if (strlcat(zc->zc_name, "@", sizeof (zc->zc_name)) >= MAXNAMELEN) {
2228 dmu_objset_rele(os, FTAG);
2229 return (ESRCH);
2230 }
2231
2232 error = dmu_snapshot_list_next(os,
2233 sizeof (zc->zc_name) - strlen(zc->zc_name),
2234 zc->zc_name + strlen(zc->zc_name), &zc->zc_obj, &zc->zc_cookie,
2235 NULL);
2236
2237 if (error == 0) {
2238 dsl_dataset_t *ds;
2239 dsl_pool_t *dp = os->os_dsl_dataset->ds_dir->dd_pool;
2240
2241 /*
2242 * Since we probably don't have a hold on this snapshot,
2243 * it's possible that the objsetid could have been destroyed
2244 * and reused for a new objset. It's OK if this happens during
2245 * a zfs send operation, since the new createtxg will be
2246 * beyond the range we're interested in.
2247 */
2248 rw_enter(&dp->dp_config_rwlock, RW_READER);
2249 error = dsl_dataset_hold_obj(dp, zc->zc_obj, FTAG, &ds);
2250 rw_exit(&dp->dp_config_rwlock);
2251 if (error) {
2252 if (error == ENOENT) {
2253 /* Racing with destroy, get the next one. */
2254 *strchr(zc->zc_name, '@') = '\0';
2255 dmu_objset_rele(os, FTAG);
2256 goto top;
2257 }
2258 } else {
2259 objset_t *ossnap;
2260
2261 error = dmu_objset_from_ds(ds, &ossnap);
2262 if (error == 0)
2263 error = zfs_ioc_objset_stats_impl(zc, ossnap);
2264 dsl_dataset_rele(ds, FTAG);
2265 }
2266 } else if (error == ENOENT) {
2267 error = ESRCH;
2268 }
2269
2270 dmu_objset_rele(os, FTAG);
2271 /* if we failed, undo the @ that we tacked on to zc_name */
2272 if (error)
2273 *strchr(zc->zc_name, '@') = '\0';
2274 return (error);
2275 }
2276
2277 static int
2278 zfs_prop_set_userquota(const char *dsname, nvpair_t *pair)
2279 {
2280 const char *propname = nvpair_name(pair);
2281 uint64_t *valary;
2282 unsigned int vallen;
2283 const char *domain;
2284 char *dash;
2285 zfs_userquota_prop_t type;
2286 uint64_t rid;
2287 uint64_t quota;
2288 zfsvfs_t *zfsvfs;
2289 int err;
2290
2291 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2292 nvlist_t *attrs;
2293 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2294 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2295 &pair) != 0)
2296 return (EINVAL);
2297 }
2298
2299 /*
2300 * A correctly constructed propname is encoded as
2301 * userquota@<rid>-<domain>.
2302 */
2303 if ((dash = strchr(propname, '-')) == NULL ||
2304 nvpair_value_uint64_array(pair, &valary, &vallen) != 0 ||
2305 vallen != 3)
2306 return (EINVAL);
2307
2308 domain = dash + 1;
2309 type = valary[0];
2310 rid = valary[1];
2311 quota = valary[2];
2312
2313 err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_FALSE);
2314 if (err == 0) {
2315 err = zfs_set_userquota(zfsvfs, type, domain, rid, quota);
2316 zfsvfs_rele(zfsvfs, FTAG);
2317 }
2318
2319 return (err);
2320 }
2321
2322 /*
2323 * If the named property is one that has a special function to set its value,
2324 * return 0 on success and a positive error code on failure; otherwise if it is
2325 * not one of the special properties handled by this function, return -1.
2326 *
2327 * XXX: It would be better for callers of the property interface if we handled
2328 * these special cases in dsl_prop.c (in the dsl layer).
2329 */
2330 static int
2331 zfs_prop_set_special(const char *dsname, zprop_source_t source,
2332 nvpair_t *pair)
2333 {
2334 const char *propname = nvpair_name(pair);
2335 zfs_prop_t prop = zfs_name_to_prop(propname);
2336 uint64_t intval;
2337 int err;
2338
2339 if (prop == ZPROP_INVAL) {
2340 if (zfs_prop_userquota(propname))
2341 return (zfs_prop_set_userquota(dsname, pair));
2342 return (-1);
2343 }
2344
2345 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2346 nvlist_t *attrs;
2347 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
2348 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2349 &pair) == 0);
2350 }
2351
2352 if (zfs_prop_get_type(prop) == PROP_TYPE_STRING)
2353 return (-1);
2354
2355 VERIFY(0 == nvpair_value_uint64(pair, &intval));
2356
2357 switch (prop) {
2358 case ZFS_PROP_QUOTA:
2359 err = dsl_dir_set_quota(dsname, source, intval);
2360 break;
2361 case ZFS_PROP_REFQUOTA:
2362 err = dsl_dataset_set_quota(dsname, source, intval);
2363 break;
2364 case ZFS_PROP_RESERVATION:
2365 err = dsl_dir_set_reservation(dsname, source, intval);
2366 break;
2367 case ZFS_PROP_REFRESERVATION:
2368 err = dsl_dataset_set_reservation(dsname, source, intval);
2369 break;
2370 case ZFS_PROP_VOLSIZE:
2371 err = zvol_set_volsize(dsname, intval);
2372 break;
2373 case ZFS_PROP_VERSION:
2374 {
2375 zfsvfs_t *zfsvfs;
2376
2377 if ((err = zfsvfs_hold(dsname, FTAG, &zfsvfs, B_TRUE)) != 0)
2378 break;
2379
2380 err = zfs_set_version(zfsvfs, intval);
2381 zfsvfs_rele(zfsvfs, FTAG);
2382
2383 if (err == 0 && intval >= ZPL_VERSION_USERSPACE) {
2384 zfs_cmd_t *zc;
2385
2386 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
2387 (void) strcpy(zc->zc_name, dsname);
2388 (void) zfs_ioc_userspace_upgrade(zc);
2389 kmem_free(zc, sizeof (zfs_cmd_t));
2390 }
2391 break;
2392 }
2393 case ZFS_PROP_COMPRESSION:
2394 {
2395 if (intval == ZIO_COMPRESS_LZ4) {
2396 zfeature_info_t *feature =
2397 &spa_feature_table[SPA_FEATURE_LZ4_COMPRESS];
2398 spa_t *spa;
2399 dsl_pool_t *dp;
2400
2401 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
2402 return (err);
2403
2404 dp = spa->spa_dsl_pool;
2405
2406 /*
2407 * Setting the LZ4 compression algorithm activates
2408 * the feature.
2409 */
2410 if (!spa_feature_is_active(spa, feature)) {
2411 if ((err = zfs_prop_activate_feature(dp,
2412 feature)) != 0) {
2413 spa_close(spa, FTAG);
2414 return (err);
2415 }
2416 }
2417
2418 spa_close(spa, FTAG);
2419 }
2420 /*
2421 * We still want the default set action to be performed in the
2422 * caller, we only performed zfeature settings here.
2423 */
2424 err = -1;
2425 break;
2426 }
2427
2428 default:
2429 err = -1;
2430 }
2431
2432 return (err);
2433 }
2434
2435 /*
2436 * This function is best effort. If it fails to set any of the given properties,
2437 * it continues to set as many as it can and returns the last error
2438 * encountered. If the caller provides a non-NULL errlist, it will be filled in
2439 * with the list of names of all the properties that failed along with the
2440 * corresponding error numbers.
2441 *
2442 * If every property is set successfully, zero is returned and errlist is not
2443 * modified.
2444 */
2445 int
2446 zfs_set_prop_nvlist(const char *dsname, zprop_source_t source, nvlist_t *nvl,
2447 nvlist_t *errlist)
2448 {
2449 nvpair_t *pair;
2450 nvpair_t *propval;
2451 int rv = 0;
2452 uint64_t intval;
2453 char *strval;
2454 nvlist_t *genericnvl = fnvlist_alloc();
2455 nvlist_t *retrynvl = fnvlist_alloc();
2456
2457 retry:
2458 pair = NULL;
2459 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2460 const char *propname = nvpair_name(pair);
2461 zfs_prop_t prop = zfs_name_to_prop(propname);
2462 int err = 0;
2463
2464 /* decode the property value */
2465 propval = pair;
2466 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2467 nvlist_t *attrs;
2468 attrs = fnvpair_value_nvlist(pair);
2469 if (nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
2470 &propval) != 0)
2471 err = EINVAL;
2472 }
2473
2474 /* Validate value type */
2475 if (err == 0 && prop == ZPROP_INVAL) {
2476 if (zfs_prop_user(propname)) {
2477 if (nvpair_type(propval) != DATA_TYPE_STRING)
2478 err = EINVAL;
2479 } else if (zfs_prop_userquota(propname)) {
2480 if (nvpair_type(propval) !=
2481 DATA_TYPE_UINT64_ARRAY)
2482 err = EINVAL;
2483 } else {
2484 err = EINVAL;
2485 }
2486 } else if (err == 0) {
2487 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2488 if (zfs_prop_get_type(prop) != PROP_TYPE_STRING)
2489 err = EINVAL;
2490 } else if (nvpair_type(propval) == DATA_TYPE_UINT64) {
2491 const char *unused;
2492
2493 intval = fnvpair_value_uint64(propval);
2494
2495 switch (zfs_prop_get_type(prop)) {
2496 case PROP_TYPE_NUMBER:
2497 break;
2498 case PROP_TYPE_STRING:
2499 err = EINVAL;
2500 break;
2501 case PROP_TYPE_INDEX:
2502 if (zfs_prop_index_to_string(prop,
2503 intval, &unused) != 0)
2504 err = EINVAL;
2505 break;
2506 default:
2507 cmn_err(CE_PANIC,
2508 "unknown property type");
2509 }
2510 } else {
2511 err = EINVAL;
2512 }
2513 }
2514
2515 /* Validate permissions */
2516 if (err == 0)
2517 err = zfs_check_settable(dsname, pair, CRED());
2518
2519 if (err == 0) {
2520 err = zfs_prop_set_special(dsname, source, pair);
2521 if (err == -1) {
2522 /*
2523 * For better performance we build up a list of
2524 * properties to set in a single transaction.
2525 */
2526 err = nvlist_add_nvpair(genericnvl, pair);
2527 } else if (err != 0 && nvl != retrynvl) {
2528 /*
2529 * This may be a spurious error caused by
2530 * receiving quota and reservation out of order.
2531 * Try again in a second pass.
2532 */
2533 err = nvlist_add_nvpair(retrynvl, pair);
2534 }
2535 }
2536
2537 if (err != 0) {
2538 if (errlist != NULL)
2539 fnvlist_add_int32(errlist, propname, err);
2540 rv = err;
2541 }
2542 }
2543
2544 if (nvl != retrynvl && !nvlist_empty(retrynvl)) {
2545 nvl = retrynvl;
2546 goto retry;
2547 }
2548
2549 if (!nvlist_empty(genericnvl) &&
2550 dsl_props_set(dsname, source, genericnvl) != 0) {
2551 /*
2552 * If this fails, we still want to set as many properties as we
2553 * can, so try setting them individually.
2554 */
2555 pair = NULL;
2556 while ((pair = nvlist_next_nvpair(genericnvl, pair)) != NULL) {
2557 const char *propname = nvpair_name(pair);
2558 int err = 0;
2559
2560 propval = pair;
2561 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
2562 nvlist_t *attrs;
2563 attrs = fnvpair_value_nvlist(pair);
2564 propval = fnvlist_lookup_nvpair(attrs,
2565 ZPROP_VALUE);
2566 }
2567
2568 if (nvpair_type(propval) == DATA_TYPE_STRING) {
2569 strval = fnvpair_value_string(propval);
2570 err = dsl_prop_set(dsname, propname, source, 1,
2571 strlen(strval) + 1, strval);
2572 } else {
2573 intval = fnvpair_value_uint64(propval);
2574 err = dsl_prop_set(dsname, propname, source, 8,
2575 1, &intval);
2576 }
2577
2578 if (err != 0) {
2579 if (errlist != NULL) {
2580 fnvlist_add_int32(errlist, propname,
2581 err);
2582 }
2583 rv = err;
2584 }
2585 }
2586 }
2587 nvlist_free(genericnvl);
2588 nvlist_free(retrynvl);
2589
2590 return (rv);
2591 }
2592
2593 /*
2594 * Check that all the properties are valid user properties.
2595 */
2596 static int
2597 zfs_check_userprops(const char *fsname, nvlist_t *nvl)
2598 {
2599 nvpair_t *pair = NULL;
2600 int error = 0;
2601
2602 while ((pair = nvlist_next_nvpair(nvl, pair)) != NULL) {
2603 const char *propname = nvpair_name(pair);
2604 char *valstr;
2605
2606 if (!zfs_prop_user(propname) ||
2607 nvpair_type(pair) != DATA_TYPE_STRING)
2608 return (EINVAL);
2609
2610 if (error = zfs_secpolicy_write_perms(fsname,
2611 ZFS_DELEG_PERM_USERPROP, CRED()))
2612 return (error);
2613
2614 if (strlen(propname) >= ZAP_MAXNAMELEN)
2615 return (ENAMETOOLONG);
2616
2617 VERIFY(nvpair_value_string(pair, &valstr) == 0);
2618 if (strlen(valstr) >= ZAP_MAXVALUELEN)
2619 return (E2BIG);
2620 }
2621 return (0);
2622 }
2623
2624 static void
2625 props_skip(nvlist_t *props, nvlist_t *skipped, nvlist_t **newprops)
2626 {
2627 nvpair_t *pair;
2628
2629 VERIFY(nvlist_alloc(newprops, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2630
2631 pair = NULL;
2632 while ((pair = nvlist_next_nvpair(props, pair)) != NULL) {
2633 if (nvlist_exists(skipped, nvpair_name(pair)))
2634 continue;
2635
2636 VERIFY(nvlist_add_nvpair(*newprops, pair) == 0);
2637 }
2638 }
2639
2640 static int
2641 clear_received_props(objset_t *os, const char *fs, nvlist_t *props,
2642 nvlist_t *skipped)
2643 {
2644 int err = 0;
2645 nvlist_t *cleared_props = NULL;
2646 props_skip(props, skipped, &cleared_props);
2647 if (!nvlist_empty(cleared_props)) {
2648 /*
2649 * Acts on local properties until the dataset has received
2650 * properties at least once on or after SPA_VERSION_RECVD_PROPS.
2651 */
2652 zprop_source_t flags = (ZPROP_SRC_NONE |
2653 (dsl_prop_get_hasrecvd(os) ? ZPROP_SRC_RECEIVED : 0));
2654 err = zfs_set_prop_nvlist(fs, flags, cleared_props, NULL);
2655 }
2656 nvlist_free(cleared_props);
2657 return (err);
2658 }
2659
2660 /*
2661 * inputs:
2662 * zc_name name of filesystem
2663 * zc_value name of property to set
2664 * zc_nvlist_src{_size} nvlist of properties to apply
2665 * zc_cookie received properties flag
2666 *
2667 * outputs:
2668 * zc_nvlist_dst{_size} error for each unapplied received property
2669 */
2670 static int
2671 zfs_ioc_set_prop(zfs_cmd_t *zc)
2672 {
2673 nvlist_t *nvl;
2674 boolean_t received = zc->zc_cookie;
2675 zprop_source_t source = (received ? ZPROP_SRC_RECEIVED :
2676 ZPROP_SRC_LOCAL);
2677 nvlist_t *errors;
2678 int error;
2679
2680 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2681 zc->zc_iflags, &nvl)) != 0)
2682 return (error);
2683
2684 if (received) {
2685 nvlist_t *origprops;
2686 objset_t *os;
2687
2688 if (dmu_objset_hold(zc->zc_name, FTAG, &os) == 0) {
2689 if (dsl_prop_get_received(os, &origprops) == 0) {
2690 (void) clear_received_props(os,
2691 zc->zc_name, origprops, nvl);
2692 nvlist_free(origprops);
2693 }
2694
2695 dsl_prop_set_hasrecvd(os);
2696 dmu_objset_rele(os, FTAG);
2697 }
2698 }
2699
2700 errors = fnvlist_alloc();
2701 error = zfs_set_prop_nvlist(zc->zc_name, source, nvl, errors);
2702
2703 if (zc->zc_nvlist_dst != NULL && errors != NULL) {
2704 (void) put_nvlist(zc, errors);
2705 }
2706
2707 nvlist_free(errors);
2708 nvlist_free(nvl);
2709 return (error);
2710 }
2711
2712 /*
2713 * inputs:
2714 * zc_name name of filesystem
2715 * zc_value name of property to inherit
2716 * zc_cookie revert to received value if TRUE
2717 *
2718 * outputs: none
2719 */
2720 static int
2721 zfs_ioc_inherit_prop(zfs_cmd_t *zc)
2722 {
2723 const char *propname = zc->zc_value;
2724 zfs_prop_t prop = zfs_name_to_prop(propname);
2725 boolean_t received = zc->zc_cookie;
2726 zprop_source_t source = (received
2727 ? ZPROP_SRC_NONE /* revert to received value, if any */
2728 : ZPROP_SRC_INHERITED); /* explicitly inherit */
2729
2730 if (received) {
2731 nvlist_t *dummy;
2732 nvpair_t *pair;
2733 zprop_type_t type;
2734 int err;
2735
2736 /*
2737 * zfs_prop_set_special() expects properties in the form of an
2738 * nvpair with type info.
2739 */
2740 if (prop == ZPROP_INVAL) {
2741 if (!zfs_prop_user(propname))
2742 return (EINVAL);
2743
2744 type = PROP_TYPE_STRING;
2745 } else if (prop == ZFS_PROP_VOLSIZE ||
2746 prop == ZFS_PROP_VERSION) {
2747 return (EINVAL);
2748 } else {
2749 type = zfs_prop_get_type(prop);
2750 }
2751
2752 VERIFY(nvlist_alloc(&dummy, NV_UNIQUE_NAME, KM_SLEEP) == 0);
2753
2754 switch (type) {
2755 case PROP_TYPE_STRING:
2756 VERIFY(0 == nvlist_add_string(dummy, propname, ""));
2757 break;
2758 case PROP_TYPE_NUMBER:
2759 case PROP_TYPE_INDEX:
2760 VERIFY(0 == nvlist_add_uint64(dummy, propname, 0));
2761 break;
2762 default:
2763 nvlist_free(dummy);
2764 return (EINVAL);
2765 }
2766
2767 pair = nvlist_next_nvpair(dummy, NULL);
2768 err = zfs_prop_set_special(zc->zc_name, source, pair);
2769 nvlist_free(dummy);
2770 if (err != -1)
2771 return (err); /* special property already handled */
2772 } else {
2773 /*
2774 * Only check this in the non-received case. We want to allow
2775 * 'inherit -S' to revert non-inheritable properties like quota
2776 * and reservation to the received or default values even though
2777 * they are not considered inheritable.
2778 */
2779 if (prop != ZPROP_INVAL && !zfs_prop_inheritable(prop))
2780 return (EINVAL);
2781 }
2782
2783 /* property name has been validated by zfs_secpolicy_inherit_prop() */
2784 return (dsl_prop_set(zc->zc_name, zc->zc_value, source, 0, 0, NULL));
2785 }
2786
2787 static int
2788 zfs_ioc_pool_set_props(zfs_cmd_t *zc)
2789 {
2790 nvlist_t *props;
2791 spa_t *spa;
2792 int error;
2793 nvpair_t *pair;
2794
2795 if (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2796 zc->zc_iflags, &props))
2797 return (error);
2798
2799 /*
2800 * If the only property is the configfile, then just do a spa_lookup()
2801 * to handle the faulted case.
2802 */
2803 pair = nvlist_next_nvpair(props, NULL);
2804 if (pair != NULL && strcmp(nvpair_name(pair),
2805 zpool_prop_to_name(ZPOOL_PROP_CACHEFILE)) == 0 &&
2806 nvlist_next_nvpair(props, pair) == NULL) {
2807 mutex_enter(&spa_namespace_lock);
2808 if ((spa = spa_lookup(zc->zc_name)) != NULL) {
2809 spa_configfile_set(spa, props, B_FALSE);
2810 spa_config_sync(spa, B_FALSE, B_TRUE);
2811 }
2812 mutex_exit(&spa_namespace_lock);
2813 if (spa != NULL) {
2814 nvlist_free(props);
2815 return (0);
2816 }
2817 }
2818
2819 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2820 nvlist_free(props);
2821 return (error);
2822 }
2823
2824 error = spa_prop_set(spa, props);
2825
2826 nvlist_free(props);
2827 spa_close(spa, FTAG);
2828
2829 return (error);
2830 }
2831
2832 static int
2833 zfs_ioc_pool_get_props(zfs_cmd_t *zc)
2834 {
2835 spa_t *spa;
2836 int error;
2837 nvlist_t *nvp = NULL;
2838
2839 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0) {
2840 /*
2841 * If the pool is faulted, there may be properties we can still
2842 * get (such as altroot and cachefile), so attempt to get them
2843 * anyway.
2844 */
2845 mutex_enter(&spa_namespace_lock);
2846 if ((spa = spa_lookup(zc->zc_name)) != NULL)
2847 error = spa_prop_get(spa, &nvp);
2848 mutex_exit(&spa_namespace_lock);
2849 } else {
2850 error = spa_prop_get(spa, &nvp);
2851 spa_close(spa, FTAG);
2852 }
2853
2854 if (error == 0 && zc->zc_nvlist_dst != NULL)
2855 error = put_nvlist(zc, nvp);
2856 else
2857 error = EFAULT;
2858
2859 nvlist_free(nvp);
2860 return (error);
2861 }
2862
2863 /*
2864 * inputs:
2865 * zc_name name of filesystem
2866 * zc_nvlist_src{_size} nvlist of delegated permissions
2867 * zc_perm_action allow/unallow flag
2868 *
2869 * outputs: none
2870 */
2871 static int
2872 zfs_ioc_set_fsacl(zfs_cmd_t *zc)
2873 {
2874 int error;
2875 nvlist_t *fsaclnv = NULL;
2876
2877 if ((error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
2878 zc->zc_iflags, &fsaclnv)) != 0)
2879 return (error);
2880
2881 /*
2882 * Verify nvlist is constructed correctly
2883 */
2884 if ((error = zfs_deleg_verify_nvlist(fsaclnv)) != 0) {
2885 nvlist_free(fsaclnv);
2886 return (EINVAL);
2887 }
2888
2889 /*
2890 * If we don't have PRIV_SYS_MOUNT, then validate
2891 * that user is allowed to hand out each permission in
2892 * the nvlist(s)
2893 */
2894
2895 error = secpolicy_zfs(CRED());
2896 if (error) {
2897 if (zc->zc_perm_action == B_FALSE) {
2898 error = dsl_deleg_can_allow(zc->zc_name,
2899 fsaclnv, CRED());
2900 } else {
2901 error = dsl_deleg_can_unallow(zc->zc_name,
2902 fsaclnv, CRED());
2903 }
2904 }
2905
2906 if (error == 0)
2907 error = dsl_deleg_set(zc->zc_name, fsaclnv, zc->zc_perm_action);
2908
2909 nvlist_free(fsaclnv);
2910 return (error);
2911 }
2912
2913 /*
2914 * inputs:
2915 * zc_name name of filesystem
2916 *
2917 * outputs:
2918 * zc_nvlist_src{_size} nvlist of delegated permissions
2919 */
2920 static int
2921 zfs_ioc_get_fsacl(zfs_cmd_t *zc)
2922 {
2923 nvlist_t *nvp;
2924 int error;
2925
2926 if ((error = dsl_deleg_get(zc->zc_name, &nvp)) == 0) {
2927 error = put_nvlist(zc, nvp);
2928 nvlist_free(nvp);
2929 }
2930
2931 return (error);
2932 }
2933
2934 /*
2935 * Search the vfs list for a specified resource. Returns a pointer to it
2936 * or NULL if no suitable entry is found. The caller of this routine
2937 * is responsible for releasing the returned vfs pointer.
2938 */
2939 static vfs_t *
2940 zfs_get_vfs(const char *resource)
2941 {
2942 struct vfs *vfsp;
2943 struct vfs *vfs_found = NULL;
2944
2945 vfs_list_read_lock();
2946 vfsp = rootvfs;
2947 do {
2948 if (strcmp(refstr_value(vfsp->vfs_resource), resource) == 0) {
2949 VFS_HOLD(vfsp);
2950 vfs_found = vfsp;
2951 break;
2952 }
2953 vfsp = vfsp->vfs_next;
2954 } while (vfsp != rootvfs);
2955 vfs_list_unlock();
2956 return (vfs_found);
2957 }
2958
2959 /* ARGSUSED */
2960 static void
2961 zfs_create_cb(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx)
2962 {
2963 zfs_creat_t *zct = arg;
2964
2965 zfs_create_fs(os, cr, zct->zct_zplprops, tx);
2966 }
2967
2968 #define ZFS_PROP_UNDEFINED ((uint64_t)-1)
2969
2970 /*
2971 * inputs:
2972 * createprops list of properties requested by creator
2973 * default_zplver zpl version to use if unspecified in createprops
2974 * fuids_ok fuids allowed in this version of the spa?
2975 * os parent objset pointer (NULL if root fs)
2976 *
2977 * outputs:
2978 * zplprops values for the zplprops we attach to the master node object
2979 * is_ci true if requested file system will be purely case-insensitive
2980 *
2981 * Determine the settings for utf8only, normalization and
2982 * casesensitivity. Specific values may have been requested by the
2983 * creator and/or we can inherit values from the parent dataset. If
2984 * the file system is of too early a vintage, a creator can not
2985 * request settings for these properties, even if the requested
2986 * setting is the default value. We don't actually want to create dsl
2987 * properties for these, so remove them from the source nvlist after
2988 * processing.
2989 */
2990 static int
2991 zfs_fill_zplprops_impl(objset_t *os, uint64_t zplver,
2992 boolean_t fuids_ok, boolean_t sa_ok, nvlist_t *createprops,
2993 nvlist_t *zplprops, boolean_t *is_ci)
2994 {
2995 uint64_t sense = ZFS_PROP_UNDEFINED;
2996 uint64_t norm = ZFS_PROP_UNDEFINED;
2997 uint64_t u8 = ZFS_PROP_UNDEFINED;
2998
2999 ASSERT(zplprops != NULL);
3000
3001 /*
3002 * Pull out creator prop choices, if any.
3003 */
3004 if (createprops) {
3005 (void) nvlist_lookup_uint64(createprops,
3006 zfs_prop_to_name(ZFS_PROP_VERSION), &zplver);
3007 (void) nvlist_lookup_uint64(createprops,
3008 zfs_prop_to_name(ZFS_PROP_NORMALIZE), &norm);
3009 (void) nvlist_remove_all(createprops,
3010 zfs_prop_to_name(ZFS_PROP_NORMALIZE));
3011 (void) nvlist_lookup_uint64(createprops,
3012 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), &u8);
3013 (void) nvlist_remove_all(createprops,
3014 zfs_prop_to_name(ZFS_PROP_UTF8ONLY));
3015 (void) nvlist_lookup_uint64(createprops,
3016 zfs_prop_to_name(ZFS_PROP_CASE), &sense);
3017 (void) nvlist_remove_all(createprops,
3018 zfs_prop_to_name(ZFS_PROP_CASE));
3019 }
3020
3021 /*
3022 * If the zpl version requested is whacky or the file system
3023 * or pool is version is too "young" to support normalization
3024 * and the creator tried to set a value for one of the props,
3025 * error out.
3026 */
3027 if ((zplver < ZPL_VERSION_INITIAL || zplver > ZPL_VERSION) ||
3028 (zplver >= ZPL_VERSION_FUID && !fuids_ok) ||
3029 (zplver >= ZPL_VERSION_SA && !sa_ok) ||
3030 (zplver < ZPL_VERSION_NORMALIZATION &&
3031 (norm != ZFS_PROP_UNDEFINED || u8 != ZFS_PROP_UNDEFINED ||
3032 sense != ZFS_PROP_UNDEFINED)))
3033 return (ENOTSUP);
3034
3035 /*
3036 * Put the version in the zplprops
3037 */
3038 VERIFY(nvlist_add_uint64(zplprops,
3039 zfs_prop_to_name(ZFS_PROP_VERSION), zplver) == 0);
3040
3041 if (norm == ZFS_PROP_UNDEFINED)
3042 VERIFY(zfs_get_zplprop(os, ZFS_PROP_NORMALIZE, &norm) == 0);
3043 VERIFY(nvlist_add_uint64(zplprops,
3044 zfs_prop_to_name(ZFS_PROP_NORMALIZE), norm) == 0);
3045
3046 /*
3047 * If we're normalizing, names must always be valid UTF-8 strings.
3048 */
3049 if (norm)
3050 u8 = 1;
3051 if (u8 == ZFS_PROP_UNDEFINED)
3052 VERIFY(zfs_get_zplprop(os, ZFS_PROP_UTF8ONLY, &u8) == 0);
3053 VERIFY(nvlist_add_uint64(zplprops,
3054 zfs_prop_to_name(ZFS_PROP_UTF8ONLY), u8) == 0);
3055
3056 if (sense == ZFS_PROP_UNDEFINED)
3057 VERIFY(zfs_get_zplprop(os, ZFS_PROP_CASE, &sense) == 0);
3058 VERIFY(nvlist_add_uint64(zplprops,
3059 zfs_prop_to_name(ZFS_PROP_CASE), sense) == 0);
3060
3061 if (is_ci)
3062 *is_ci = (sense == ZFS_CASE_INSENSITIVE);
3063
3064 return (0);
3065 }
3066
3067 static int
3068 zfs_fill_zplprops(const char *dataset, nvlist_t *createprops,
3069 nvlist_t *zplprops, boolean_t *is_ci)
3070 {
3071 boolean_t fuids_ok, sa_ok;
3072 uint64_t zplver = ZPL_VERSION;
3073 objset_t *os = NULL;
3074 char parentname[MAXNAMELEN];
3075 char *cp;
3076 spa_t *spa;
3077 uint64_t spa_vers;
3078 int error;
3079
3080 (void) strlcpy(parentname, dataset, sizeof (parentname));
3081 cp = strrchr(parentname, '/');
3082 ASSERT(cp != NULL);
3083 cp[0] = '\0';
3084
3085 if ((error = spa_open(dataset, &spa, FTAG)) != 0)
3086 return (error);
3087
3088 spa_vers = spa_version(spa);
3089 spa_close(spa, FTAG);
3090
3091 zplver = zfs_zpl_version_map(spa_vers);
3092 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3093 sa_ok = (zplver >= ZPL_VERSION_SA);
3094
3095 /*
3096 * Open parent object set so we can inherit zplprop values.
3097 */
3098 if ((error = dmu_objset_hold(parentname, FTAG, &os)) != 0)
3099 return (error);
3100
3101 error = zfs_fill_zplprops_impl(os, zplver, fuids_ok, sa_ok, createprops,
3102 zplprops, is_ci);
3103 dmu_objset_rele(os, FTAG);
3104 return (error);
3105 }
3106
3107 static int
3108 zfs_fill_zplprops_root(uint64_t spa_vers, nvlist_t *createprops,
3109 nvlist_t *zplprops, boolean_t *is_ci)
3110 {
3111 boolean_t fuids_ok;
3112 boolean_t sa_ok;
3113 uint64_t zplver = ZPL_VERSION;
3114 int error;
3115
3116 zplver = zfs_zpl_version_map(spa_vers);
3117 fuids_ok = (zplver >= ZPL_VERSION_FUID);
3118 sa_ok = (zplver >= ZPL_VERSION_SA);
3119
3120 error = zfs_fill_zplprops_impl(NULL, zplver, fuids_ok, sa_ok,
3121 createprops, zplprops, is_ci);
3122 return (error);
3123 }
3124
3125 /*
3126 * innvl: {
3127 * "type" -> dmu_objset_type_t (int32)
3128 * (optional) "props" -> { prop -> value }
3129 * }
3130 *
3131 * outnvl: propname -> error code (int32)
3132 */
3133 static int
3134 zfs_ioc_create(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3135 {
3136 int error = 0;
3137 zfs_creat_t zct = { 0 };
3138 nvlist_t *nvprops = NULL;
3139 void (*cbfunc)(objset_t *os, void *arg, cred_t *cr, dmu_tx_t *tx);
3140 int32_t type32;
3141 dmu_objset_type_t type;
3142 boolean_t is_insensitive = B_FALSE;
3143
3144 if (nvlist_lookup_int32(innvl, "type", &type32) != 0)
3145 return (EINVAL);
3146 type = type32;
3147 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3148
3149 switch (type) {
3150 case DMU_OST_ZFS:
3151 cbfunc = zfs_create_cb;
3152 break;
3153
3154 case DMU_OST_ZVOL:
3155 cbfunc = zvol_create_cb;
3156 break;
3157
3158 default:
3159 cbfunc = NULL;
3160 break;
3161 }
3162 if (strchr(fsname, '@') ||
3163 strchr(fsname, '%'))
3164 return (EINVAL);
3165
3166 zct.zct_props = nvprops;
3167
3168 if (cbfunc == NULL)
3169 return (EINVAL);
3170
3171 if (type == DMU_OST_ZVOL) {
3172 uint64_t volsize, volblocksize;
3173
3174 if (nvprops == NULL)
3175 return (EINVAL);
3176 if (nvlist_lookup_uint64(nvprops,
3177 zfs_prop_to_name(ZFS_PROP_VOLSIZE), &volsize) != 0)
3178 return (EINVAL);
3179
3180 if ((error = nvlist_lookup_uint64(nvprops,
3181 zfs_prop_to_name(ZFS_PROP_VOLBLOCKSIZE),
3182 &volblocksize)) != 0 && error != ENOENT)
3183 return (EINVAL);
3184
3185 if (error != 0)
3186 volblocksize = zfs_prop_default_numeric(
3187 ZFS_PROP_VOLBLOCKSIZE);
3188
3189 if ((error = zvol_check_volblocksize(
3190 volblocksize)) != 0 ||
3191 (error = zvol_check_volsize(volsize,
3192 volblocksize)) != 0)
3193 return (error);
3194 } else if (type == DMU_OST_ZFS) {
3195 int error;
3196
3197 /*
3198 * We have to have normalization and
3199 * case-folding flags correct when we do the
3200 * file system creation, so go figure them out
3201 * now.
3202 */
3203 VERIFY(nvlist_alloc(&zct.zct_zplprops,
3204 NV_UNIQUE_NAME, KM_SLEEP) == 0);
3205 error = zfs_fill_zplprops(fsname, nvprops,
3206 zct.zct_zplprops, &is_insensitive);
3207 if (error != 0) {
3208 nvlist_free(zct.zct_zplprops);
3209 return (error);
3210 }
3211 }
3212
3213 error = dmu_objset_create(fsname, type,
3214 is_insensitive ? DS_FLAG_CI_DATASET : 0, cbfunc, &zct);
3215 nvlist_free(zct.zct_zplprops);
3216
3217 /*
3218 * It would be nice to do this atomically.
3219 */
3220 if (error == 0) {
3221 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3222 nvprops, outnvl);
3223 if (error != 0)
3224 (void) dmu_objset_destroy(fsname, B_FALSE);
3225 }
3226 return (error);
3227 }
3228
3229 /*
3230 * innvl: {
3231 * "origin" -> name of origin snapshot
3232 * (optional) "props" -> { prop -> value }
3233 * }
3234 *
3235 * outnvl: propname -> error code (int32)
3236 */
3237 static int
3238 zfs_ioc_clone(const char *fsname, nvlist_t *innvl, nvlist_t *outnvl)
3239 {
3240 int error = 0;
3241 nvlist_t *nvprops = NULL;
3242 char *origin_name;
3243 dsl_dataset_t *origin;
3244
3245 if (nvlist_lookup_string(innvl, "origin", &origin_name) != 0)
3246 return (EINVAL);
3247 (void) nvlist_lookup_nvlist(innvl, "props", &nvprops);
3248
3249 if (strchr(fsname, '@') ||
3250 strchr(fsname, '%'))
3251 return (EINVAL);
3252
3253 if (dataset_namecheck(origin_name, NULL, NULL) != 0)
3254 return (EINVAL);
3255
3256 error = dsl_dataset_hold(origin_name, FTAG, &origin);
3257 if (error)
3258 return (error);
3259
3260 error = dmu_objset_clone(fsname, origin, 0);
3261 dsl_dataset_rele(origin, FTAG);
3262 if (error)
3263 return (error);
3264
3265 /*
3266 * It would be nice to do this atomically.
3267 */
3268 if (error == 0) {
3269 error = zfs_set_prop_nvlist(fsname, ZPROP_SRC_LOCAL,
3270 nvprops, outnvl);
3271 if (error != 0)
3272 (void) dmu_objset_destroy(fsname, B_FALSE);
3273 }
3274 return (error);
3275 }
3276
3277 /*
3278 * innvl: {
3279 * "snaps" -> { snapshot1, snapshot2 }
3280 * (optional) "props" -> { prop -> value (string) }
3281 * }
3282 *
3283 * outnvl: snapshot -> error code (int32)
3284 *
3285 */
3286 static int
3287 zfs_ioc_snapshot(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3288 {
3289 nvlist_t *snaps;
3290 nvlist_t *props = NULL;
3291 int error, poollen;
3292 nvpair_t *pair;
3293
3294 (void) nvlist_lookup_nvlist(innvl, "props", &props);
3295 if ((error = zfs_check_userprops(poolname, props)) != 0)
3296 return (error);
3297
3298 if (!nvlist_empty(props) &&
3299 zfs_earlier_version(poolname, SPA_VERSION_SNAP_PROPS))
3300 return (ENOTSUP);
3301
3302 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3303 return (EINVAL);
3304 poollen = strlen(poolname);
3305 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3306 pair = nvlist_next_nvpair(snaps, pair)) {
3307 const char *name = nvpair_name(pair);
3308 const char *cp = strchr(name, '@');
3309
3310 /*
3311 * The snap name must contain an @, and the part after it must
3312 * contain only valid characters.
3313 */
3314 if (cp == NULL || snapshot_namecheck(cp + 1, NULL, NULL) != 0)
3315 return (EINVAL);
3316
3317 /*
3318 * The snap must be in the specified pool.
3319 */
3320 if (strncmp(name, poolname, poollen) != 0 ||
3321 (name[poollen] != '/' && name[poollen] != '@'))
3322 return (EXDEV);
3323
3324 /* This must be the only snap of this fs. */
3325 for (nvpair_t *pair2 = nvlist_next_nvpair(snaps, pair);
3326 pair2 != NULL; pair2 = nvlist_next_nvpair(snaps, pair2)) {
3327 if (strncmp(name, nvpair_name(pair2), cp - name + 1)
3328 == 0) {
3329 return (EXDEV);
3330 }
3331 }
3332 }
3333
3334 error = dmu_objset_snapshot(snaps, props, outnvl);
3335 return (error);
3336 }
3337
3338 /*
3339 * innvl: "message" -> string
3340 */
3341 /* ARGSUSED */
3342 static int
3343 zfs_ioc_log_history(const char *unused, nvlist_t *innvl, nvlist_t *outnvl)
3344 {
3345 char *message;
3346 spa_t *spa;
3347 int error;
3348 char *poolname;
3349
3350 /*
3351 * The poolname in the ioctl is not set, we get it from the TSD,
3352 * which was set at the end of the last successful ioctl that allows
3353 * logging. The secpolicy func already checked that it is set.
3354 * Only one log ioctl is allowed after each successful ioctl, so
3355 * we clear the TSD here.
3356 */
3357 poolname = tsd_get(zfs_allow_log_key);
3358 (void) tsd_set(zfs_allow_log_key, NULL);
3359 error = spa_open(poolname, &spa, FTAG);
3360 strfree(poolname);
3361 if (error != 0)
3362 return (error);
3363
3364 if (nvlist_lookup_string(innvl, "message", &message) != 0) {
3365 spa_close(spa, FTAG);
3366 return (EINVAL);
3367 }
3368
3369 if (spa_version(spa) < SPA_VERSION_ZPOOL_HISTORY) {
3370 spa_close(spa, FTAG);
3371 return (ENOTSUP);
3372 }
3373
3374 error = spa_history_log(spa, message);
3375 spa_close(spa, FTAG);
3376 return (error);
3377 }
3378
3379 /* ARGSUSED */
3380 int
3381 zfs_unmount_snap(const char *name, void *arg)
3382 {
3383 vfs_t *vfsp;
3384 int err;
3385
3386 if (strchr(name, '@') == NULL)
3387 return (0);
3388
3389 vfsp = zfs_get_vfs(name);
3390 if (vfsp == NULL)
3391 return (0);
3392
3393 if ((err = vn_vfswlock(vfsp->vfs_vnodecovered)) != 0) {
3394 VFS_RELE(vfsp);
3395 return (err);
3396 }
3397 VFS_RELE(vfsp);
3398
3399 /*
3400 * Always force the unmount for snapshots.
3401 */
3402 return (dounmount(vfsp, MS_FORCE, kcred));
3403 }
3404
3405 /*
3406 * innvl: {
3407 * "snaps" -> { snapshot1, snapshot2 }
3408 * (optional boolean) "defer"
3409 * }
3410 *
3411 * outnvl: snapshot -> error code (int32)
3412 *
3413 */
3414 static int
3415 zfs_ioc_destroy_snaps(const char *poolname, nvlist_t *innvl, nvlist_t *outnvl)
3416 {
3417 int poollen;
3418 nvlist_t *snaps;
3419 nvpair_t *pair;
3420 boolean_t defer;
3421
3422 if (nvlist_lookup_nvlist(innvl, "snaps", &snaps) != 0)
3423 return (EINVAL);
3424 defer = nvlist_exists(innvl, "defer");
3425
3426 poollen = strlen(poolname);
3427 for (pair = nvlist_next_nvpair(snaps, NULL); pair != NULL;
3428 pair = nvlist_next_nvpair(snaps, pair)) {
3429 const char *name = nvpair_name(pair);
3430
3431 /*
3432 * The snap must be in the specified pool.
3433 */
3434 if (strncmp(name, poolname, poollen) != 0 ||
3435 (name[poollen] != '/' && name[poollen] != '@'))
3436 return (EXDEV);
3437
3438 /*
3439 * Ignore failures to unmount; dmu_snapshots_destroy_nvl()
3440 * will deal with this gracefully (by filling in outnvl).
3441 */
3442 (void) zfs_unmount_snap(name, NULL);
3443 }
3444
3445 return (dmu_snapshots_destroy_nvl(snaps, defer, outnvl));
3446 }
3447
3448 /*
3449 * inputs:
3450 * zc_name name of dataset to destroy
3451 * zc_objset_type type of objset
3452 * zc_defer_destroy mark for deferred destroy
3453 *
3454 * outputs: none
3455 */
3456 static int
3457 zfs_ioc_destroy(zfs_cmd_t *zc)
3458 {
3459 int err;
3460 if (strchr(zc->zc_name, '@') && zc->zc_objset_type == DMU_OST_ZFS) {
3461 err = zfs_unmount_snap(zc->zc_name, NULL);
3462 if (err)
3463 return (err);
3464 }
3465
3466 err = dmu_objset_destroy(zc->zc_name, zc->zc_defer_destroy);
3467 if (zc->zc_objset_type == DMU_OST_ZVOL && err == 0)
3468 (void) zvol_remove_minor(zc->zc_name);
3469 return (err);
3470 }
3471
3472 /*
3473 * inputs:
3474 * zc_name name of dataset to rollback (to most recent snapshot)
3475 *
3476 * outputs: none
3477 */
3478 static int
3479 zfs_ioc_rollback(zfs_cmd_t *zc)
3480 {
3481 dsl_dataset_t *ds, *clone;
3482 int error;
3483 zfsvfs_t *zfsvfs;
3484 char *clone_name;
3485
3486 error = dsl_dataset_hold(zc->zc_name, FTAG, &ds);
3487 if (error)
3488 return (error);
3489
3490 /* must not be a snapshot */
3491 if (dsl_dataset_is_snapshot(ds)) {
3492 dsl_dataset_rele(ds, FTAG);
3493 return (EINVAL);
3494 }
3495
3496 /* must have a most recent snapshot */
3497 if (ds->ds_phys->ds_prev_snap_txg < TXG_INITIAL) {
3498 dsl_dataset_rele(ds, FTAG);
3499 return (EINVAL);
3500 }
3501
3502 /*
3503 * Create clone of most recent snapshot.
3504 */
3505 clone_name = kmem_asprintf("%s/%%rollback", zc->zc_name);
3506 error = dmu_objset_clone(clone_name, ds->ds_prev, DS_FLAG_INCONSISTENT);
3507 if (error)
3508 goto out;
3509
3510 error = dsl_dataset_own(clone_name, B_TRUE, FTAG, &clone);
3511 if (error)
3512 goto out;
3513
3514 /*
3515 * Do clone swap.
3516 */
3517 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
3518 error = zfs_suspend_fs(zfsvfs);
3519 if (error == 0) {
3520 int resume_err;
3521
3522 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3523 error = dsl_dataset_clone_swap(clone, ds,
3524 B_TRUE);
3525 dsl_dataset_disown(ds, FTAG);
3526 ds = NULL;
3527 } else {
3528 error = EBUSY;
3529 }
3530 resume_err = zfs_resume_fs(zfsvfs, zc->zc_name);
3531 error = error ? error : resume_err;
3532 }
3533 VFS_RELE(zfsvfs->z_vfs);
3534 } else {
3535 if (dsl_dataset_tryown(ds, B_FALSE, FTAG)) {
3536 error = dsl_dataset_clone_swap(clone, ds, B_TRUE);
3537 dsl_dataset_disown(ds, FTAG);
3538 ds = NULL;
3539 } else {
3540 error = EBUSY;
3541 }
3542 }
3543
3544 /*
3545 * Destroy clone (which also closes it).
3546 */
3547 (void) dsl_dataset_destroy(clone, FTAG, B_FALSE);
3548
3549 out:
3550 strfree(clone_name);
3551 if (ds)
3552 dsl_dataset_rele(ds, FTAG);
3553 return (error);
3554 }
3555
3556 /*
3557 * inputs:
3558 * zc_name old name of dataset
3559 * zc_value new name of dataset
3560 * zc_cookie recursive flag (only valid for snapshots)
3561 *
3562 * outputs: none
3563 */
3564 static int
3565 zfs_ioc_rename(zfs_cmd_t *zc)
3566 {
3567 boolean_t recursive = zc->zc_cookie & 1;
3568
3569 zc->zc_value[sizeof (zc->zc_value) - 1] = '\0';
3570 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3571 strchr(zc->zc_value, '%'))
3572 return (EINVAL);
3573
3574 /*
3575 * Unmount snapshot unless we're doing a recursive rename,
3576 * in which case the dataset code figures out which snapshots
3577 * to unmount.
3578 */
3579 if (!recursive && strchr(zc->zc_name, '@') != NULL &&
3580 zc->zc_objset_type == DMU_OST_ZFS) {
3581 int err = zfs_unmount_snap(zc->zc_name, NULL);
3582 if (err)
3583 return (err);
3584 }
3585 if (zc->zc_objset_type == DMU_OST_ZVOL)
3586 (void) zvol_remove_minor(zc->zc_name);
3587 return (dmu_objset_rename(zc->zc_name, zc->zc_value, recursive));
3588 }
3589
3590 static int
3591 zfs_check_settable(const char *dsname, nvpair_t *pair, cred_t *cr)
3592 {
3593 const char *propname = nvpair_name(pair);
3594 boolean_t issnap = (strchr(dsname, '@') != NULL);
3595 zfs_prop_t prop = zfs_name_to_prop(propname);
3596 uint64_t intval;
3597 int err;
3598
3599 if (prop == ZPROP_INVAL) {
3600 if (zfs_prop_user(propname)) {
3601 if (err = zfs_secpolicy_write_perms(dsname,
3602 ZFS_DELEG_PERM_USERPROP, cr))
3603 return (err);
3604 return (0);
3605 }
3606
3607 if (!issnap && zfs_prop_userquota(propname)) {
3608 const char *perm = NULL;
3609 const char *uq_prefix =
3610 zfs_userquota_prop_prefixes[ZFS_PROP_USERQUOTA];
3611 const char *gq_prefix =
3612 zfs_userquota_prop_prefixes[ZFS_PROP_GROUPQUOTA];
3613
3614 if (strncmp(propname, uq_prefix,
3615 strlen(uq_prefix)) == 0) {
3616 perm = ZFS_DELEG_PERM_USERQUOTA;
3617 } else if (strncmp(propname, gq_prefix,
3618 strlen(gq_prefix)) == 0) {
3619 perm = ZFS_DELEG_PERM_GROUPQUOTA;
3620 } else {
3621 /* USERUSED and GROUPUSED are read-only */
3622 return (EINVAL);
3623 }
3624
3625 if (err = zfs_secpolicy_write_perms(dsname, perm, cr))
3626 return (err);
3627 return (0);
3628 }
3629
3630 return (EINVAL);
3631 }
3632
3633 if (issnap)
3634 return (EINVAL);
3635
3636 if (nvpair_type(pair) == DATA_TYPE_NVLIST) {
3637 /*
3638 * dsl_prop_get_all_impl() returns properties in this
3639 * format.
3640 */
3641 nvlist_t *attrs;
3642 VERIFY(nvpair_value_nvlist(pair, &attrs) == 0);
3643 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3644 &pair) == 0);
3645 }
3646
3647 /*
3648 * Check that this value is valid for this pool version
3649 */
3650 switch (prop) {
3651 case ZFS_PROP_COMPRESSION:
3652 /*
3653 * If the user specified gzip compression, make sure
3654 * the SPA supports it. We ignore any errors here since
3655 * we'll catch them later.
3656 */
3657 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3658 nvpair_value_uint64(pair, &intval) == 0) {
3659 if (intval >= ZIO_COMPRESS_GZIP_1 &&
3660 intval <= ZIO_COMPRESS_GZIP_9 &&
3661 zfs_earlier_version(dsname,
3662 SPA_VERSION_GZIP_COMPRESSION)) {
3663 return (ENOTSUP);
3664 }
3665
3666 if (intval == ZIO_COMPRESS_ZLE &&
3667 zfs_earlier_version(dsname,
3668 SPA_VERSION_ZLE_COMPRESSION))
3669 return (ENOTSUP);
3670
3671 if (intval == ZIO_COMPRESS_LZ4) {
3672 zfeature_info_t *feature =
3673 &spa_feature_table[
3674 SPA_FEATURE_LZ4_COMPRESS];
3675 spa_t *spa;
3676
3677 if ((err = spa_open(dsname, &spa, FTAG)) != 0)
3678 return (err);
3679
3680 if (!spa_feature_is_enabled(spa, feature)) {
3681 spa_close(spa, FTAG);
3682 return (ENOTSUP);
3683 }
3684 spa_close(spa, FTAG);
3685 }
3686
3687 /*
3688 * If this is a bootable dataset then
3689 * verify that the compression algorithm
3690 * is supported for booting. We must return
3691 * something other than ENOTSUP since it
3692 * implies a downrev pool version.
3693 */
3694 if (zfs_is_bootfs(dsname) &&
3695 !BOOTFS_COMPRESS_VALID(intval)) {
3696 return (ERANGE);
3697 }
3698 }
3699 break;
3700
3701 case ZFS_PROP_COPIES:
3702 if (zfs_earlier_version(dsname, SPA_VERSION_DITTO_BLOCKS))
3703 return (ENOTSUP);
3704 break;
3705
3706 case ZFS_PROP_DEDUP:
3707 if (zfs_earlier_version(dsname, SPA_VERSION_DEDUP))
3708 return (ENOTSUP);
3709 break;
3710
3711 case ZFS_PROP_SHARESMB:
3712 if (zpl_earlier_version(dsname, ZPL_VERSION_FUID))
3713 return (ENOTSUP);
3714 break;
3715
3716 case ZFS_PROP_ACLINHERIT:
3717 if (nvpair_type(pair) == DATA_TYPE_UINT64 &&
3718 nvpair_value_uint64(pair, &intval) == 0) {
3719 if (intval == ZFS_ACL_PASSTHROUGH_X &&
3720 zfs_earlier_version(dsname,
3721 SPA_VERSION_PASSTHROUGH_X))
3722 return (ENOTSUP);
3723 }
3724 break;
3725 }
3726
3727 return (zfs_secpolicy_setprop(dsname, prop, pair, CRED()));
3728 }
3729
3730 /*
3731 * Activates a feature on a pool in response to a property setting. This
3732 * creates a new sync task which modifies the pool to reflect the feature
3733 * as being active.
3734 */
3735 static int
3736 zfs_prop_activate_feature(dsl_pool_t *dp, zfeature_info_t *feature)
3737 {
3738 int err;
3739
3740 /* EBUSY here indicates that the feature is already active */
3741 err = dsl_sync_task_do(dp, zfs_prop_activate_feature_check,
3742 zfs_prop_activate_feature_sync, dp->dp_spa, feature, 2);
3743
3744 if (err != 0 && err != EBUSY)
3745 return (err);
3746 else
3747 return (0);
3748 }
3749
3750 /*
3751 * Checks for a race condition to make sure we don't increment a feature flag
3752 * multiple times.
3753 */
3754 /*ARGSUSED*/
3755 static int
3756 zfs_prop_activate_feature_check(void *arg1, void *arg2, dmu_tx_t *tx)
3757 {
3758 spa_t *spa = arg1;
3759 zfeature_info_t *feature = arg2;
3760
3761 if (!spa_feature_is_active(spa, feature))
3762 return (0);
3763 else
3764 return (EBUSY);
3765 }
3766
3767 /*
3768 * The callback invoked on feature activation in the sync task caused by
3769 * zfs_prop_activate_feature.
3770 */
3771 static void
3772 zfs_prop_activate_feature_sync(void *arg1, void *arg2, dmu_tx_t *tx)
3773 {
3774 spa_t *spa = arg1;
3775 zfeature_info_t *feature = arg2;
3776
3777 spa_feature_incr(spa, feature, tx);
3778 }
3779
3780 /*
3781 * Removes properties from the given props list that fail permission checks
3782 * needed to clear them and to restore them in case of a receive error. For each
3783 * property, make sure we have both set and inherit permissions.
3784 *
3785 * Returns the first error encountered if any permission checks fail. If the
3786 * caller provides a non-NULL errlist, it also gives the complete list of names
3787 * of all the properties that failed a permission check along with the
3788 * corresponding error numbers. The caller is responsible for freeing the
3789 * returned errlist.
3790 *
3791 * If every property checks out successfully, zero is returned and the list
3792 * pointed at by errlist is NULL.
3793 */
3794 static int
3795 zfs_check_clearable(char *dataset, nvlist_t *props, nvlist_t **errlist)
3796 {
3797 zfs_cmd_t *zc;
3798 nvpair_t *pair, *next_pair;
3799 nvlist_t *errors;
3800 int err, rv = 0;
3801
3802 if (props == NULL)
3803 return (0);
3804
3805 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3806
3807 zc = kmem_alloc(sizeof (zfs_cmd_t), KM_SLEEP);
3808 (void) strcpy(zc->zc_name, dataset);
3809 pair = nvlist_next_nvpair(props, NULL);
3810 while (pair != NULL) {
3811 next_pair = nvlist_next_nvpair(props, pair);
3812
3813 (void) strcpy(zc->zc_value, nvpair_name(pair));
3814 if ((err = zfs_check_settable(dataset, pair, CRED())) != 0 ||
3815 (err = zfs_secpolicy_inherit_prop(zc, NULL, CRED())) != 0) {
3816 VERIFY(nvlist_remove_nvpair(props, pair) == 0);
3817 VERIFY(nvlist_add_int32(errors,
3818 zc->zc_value, err) == 0);
3819 }
3820 pair = next_pair;
3821 }
3822 kmem_free(zc, sizeof (zfs_cmd_t));
3823
3824 if ((pair = nvlist_next_nvpair(errors, NULL)) == NULL) {
3825 nvlist_free(errors);
3826 errors = NULL;
3827 } else {
3828 VERIFY(nvpair_value_int32(pair, &rv) == 0);
3829 }
3830
3831 if (errlist == NULL)
3832 nvlist_free(errors);
3833 else
3834 *errlist = errors;
3835
3836 return (rv);
3837 }
3838
3839 static boolean_t
3840 propval_equals(nvpair_t *p1, nvpair_t *p2)
3841 {
3842 if (nvpair_type(p1) == DATA_TYPE_NVLIST) {
3843 /* dsl_prop_get_all_impl() format */
3844 nvlist_t *attrs;
3845 VERIFY(nvpair_value_nvlist(p1, &attrs) == 0);
3846 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3847 &p1) == 0);
3848 }
3849
3850 if (nvpair_type(p2) == DATA_TYPE_NVLIST) {
3851 nvlist_t *attrs;
3852 VERIFY(nvpair_value_nvlist(p2, &attrs) == 0);
3853 VERIFY(nvlist_lookup_nvpair(attrs, ZPROP_VALUE,
3854 &p2) == 0);
3855 }
3856
3857 if (nvpair_type(p1) != nvpair_type(p2))
3858 return (B_FALSE);
3859
3860 if (nvpair_type(p1) == DATA_TYPE_STRING) {
3861 char *valstr1, *valstr2;
3862
3863 VERIFY(nvpair_value_string(p1, (char **)&valstr1) == 0);
3864 VERIFY(nvpair_value_string(p2, (char **)&valstr2) == 0);
3865 return (strcmp(valstr1, valstr2) == 0);
3866 } else {
3867 uint64_t intval1, intval2;
3868
3869 VERIFY(nvpair_value_uint64(p1, &intval1) == 0);
3870 VERIFY(nvpair_value_uint64(p2, &intval2) == 0);
3871 return (intval1 == intval2);
3872 }
3873 }
3874
3875 /*
3876 * Remove properties from props if they are not going to change (as determined
3877 * by comparison with origprops). Remove them from origprops as well, since we
3878 * do not need to clear or restore properties that won't change.
3879 */
3880 static void
3881 props_reduce(nvlist_t *props, nvlist_t *origprops)
3882 {
3883 nvpair_t *pair, *next_pair;
3884
3885 if (origprops == NULL)
3886 return; /* all props need to be received */
3887
3888 pair = nvlist_next_nvpair(props, NULL);
3889 while (pair != NULL) {
3890 const char *propname = nvpair_name(pair);
3891 nvpair_t *match;
3892
3893 next_pair = nvlist_next_nvpair(props, pair);
3894
3895 if ((nvlist_lookup_nvpair(origprops, propname,
3896 &match) != 0) || !propval_equals(pair, match))
3897 goto next; /* need to set received value */
3898
3899 /* don't clear the existing received value */
3900 (void) nvlist_remove_nvpair(origprops, match);
3901 /* don't bother receiving the property */
3902 (void) nvlist_remove_nvpair(props, pair);
3903 next:
3904 pair = next_pair;
3905 }
3906 }
3907
3908 #ifdef DEBUG
3909 static boolean_t zfs_ioc_recv_inject_err;
3910 #endif
3911
3912 /*
3913 * inputs:
3914 * zc_name name of containing filesystem
3915 * zc_nvlist_src{_size} nvlist of properties to apply
3916 * zc_value name of snapshot to create
3917 * zc_string name of clone origin (if DRR_FLAG_CLONE)
3918 * zc_cookie file descriptor to recv from
3919 * zc_begin_record the BEGIN record of the stream (not byteswapped)
3920 * zc_guid force flag
3921 * zc_cleanup_fd cleanup-on-exit file descriptor
3922 * zc_action_handle handle for this guid/ds mapping (or zero on first call)
3923 *
3924 * outputs:
3925 * zc_cookie number of bytes read
3926 * zc_nvlist_dst{_size} error for each unapplied received property
3927 * zc_obj zprop_errflags_t
3928 * zc_action_handle handle for this guid/ds mapping
3929 */
3930 static int
3931 zfs_ioc_recv(zfs_cmd_t *zc)
3932 {
3933 file_t *fp;
3934 objset_t *os;
3935 dmu_recv_cookie_t drc;
3936 boolean_t force = (boolean_t)zc->zc_guid;
3937 int fd;
3938 int error = 0;
3939 int props_error = 0;
3940 nvlist_t *errors;
3941 offset_t off;
3942 nvlist_t *props = NULL; /* sent properties */
3943 nvlist_t *origprops = NULL; /* existing properties */
3944 objset_t *origin = NULL;
3945 char *tosnap;
3946 char tofs[ZFS_MAXNAMELEN];
3947 boolean_t first_recvd_props = B_FALSE;
3948
3949 if (dataset_namecheck(zc->zc_value, NULL, NULL) != 0 ||
3950 strchr(zc->zc_value, '@') == NULL ||
3951 strchr(zc->zc_value, '%'))
3952 return (EINVAL);
3953
3954 (void) strcpy(tofs, zc->zc_value);
3955 tosnap = strchr(tofs, '@');
3956 *tosnap++ = '\0';
3957
3958 if (zc->zc_nvlist_src != NULL &&
3959 (error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
3960 zc->zc_iflags, &props)) != 0)
3961 return (error);
3962
3963 fd = zc->zc_cookie;
3964 fp = getf(fd);
3965 if (fp == NULL) {
3966 nvlist_free(props);
3967 return (EBADF);
3968 }
3969
3970 VERIFY(nvlist_alloc(&errors, NV_UNIQUE_NAME, KM_SLEEP) == 0);
3971
3972 if (props && dmu_objset_hold(tofs, FTAG, &os) == 0) {
3973 if ((spa_version(os->os_spa) >= SPA_VERSION_RECVD_PROPS) &&
3974 !dsl_prop_get_hasrecvd(os)) {
3975 first_recvd_props = B_TRUE;
3976 }
3977
3978 /*
3979 * If new received properties are supplied, they are to
3980 * completely replace the existing received properties, so stash
3981 * away the existing ones.
3982 */
3983 if (dsl_prop_get_received(os, &origprops) == 0) {
3984 nvlist_t *errlist = NULL;
3985 /*
3986 * Don't bother writing a property if its value won't
3987 * change (and avoid the unnecessary security checks).
3988 *
3989 * The first receive after SPA_VERSION_RECVD_PROPS is a
3990 * special case where we blow away all local properties
3991 * regardless.
3992 */
3993 if (!first_recvd_props)
3994 props_reduce(props, origprops);
3995 if (zfs_check_clearable(tofs, origprops,
3996 &errlist) != 0)
3997 (void) nvlist_merge(errors, errlist, 0);
3998 nvlist_free(errlist);
3999 }
4000
4001 dmu_objset_rele(os, FTAG);
4002 }
4003
4004 if (zc->zc_string[0]) {
4005 error = dmu_objset_hold(zc->zc_string, FTAG, &origin);
4006 if (error)
4007 goto out;
4008 }
4009
4010 error = dmu_recv_begin(tofs, tosnap, zc->zc_top_ds,
4011 &zc->zc_begin_record, force, origin, &drc);
4012 if (origin)
4013 dmu_objset_rele(origin, FTAG);
4014 if (error)
4015 goto out;
4016
4017 /*
4018 * Set properties before we receive the stream so that they are applied
4019 * to the new data. Note that we must call dmu_recv_stream() if
4020 * dmu_recv_begin() succeeds.
4021 */
4022 if (props) {
4023 if (dmu_objset_from_ds(drc.drc_logical_ds, &os) == 0) {
4024 if (drc.drc_newfs) {
4025 if (spa_version(os->os_spa) >=
4026 SPA_VERSION_RECVD_PROPS)
4027 first_recvd_props = B_TRUE;
4028 } else if (origprops != NULL) {
4029 if (clear_received_props(os, tofs, origprops,
4030 first_recvd_props ? NULL : props) != 0)
4031 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4032 } else {
4033 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4034 }
4035 dsl_prop_set_hasrecvd(os);
4036 } else if (!drc.drc_newfs) {
4037 zc->zc_obj |= ZPROP_ERR_NOCLEAR;
4038 }
4039
4040 (void) zfs_set_prop_nvlist(tofs, ZPROP_SRC_RECEIVED,
4041 props, errors);
4042 }
4043
4044 if (zc->zc_nvlist_dst_size != 0 &&
4045 (nvlist_smush(errors, zc->zc_nvlist_dst_size) != 0 ||
4046 put_nvlist(zc, errors) != 0)) {
4047 /*
4048 * Caller made zc->zc_nvlist_dst less than the minimum expected
4049 * size or supplied an invalid address.
4050 */
4051 props_error = EINVAL;
4052 }
4053
4054 off = fp->f_offset;
4055 error = dmu_recv_stream(&drc, fp->f_vnode, &off, zc->zc_cleanup_fd,
4056 &zc->zc_action_handle);
4057
4058 if (error == 0) {
4059 zfsvfs_t *zfsvfs = NULL;
4060
4061 if (getzfsvfs(tofs, &zfsvfs) == 0) {
4062 /* online recv */
4063 int end_err;
4064
4065 error = zfs_suspend_fs(zfsvfs);
4066 /*
4067 * If the suspend fails, then the recv_end will
4068 * likely also fail, and clean up after itself.
4069 */
4070 end_err = dmu_recv_end(&drc);
4071 if (error == 0)
4072 error = zfs_resume_fs(zfsvfs, tofs);
4073 error = error ? error : end_err;
4074 VFS_RELE(zfsvfs->z_vfs);
4075 } else {
4076 error = dmu_recv_end(&drc);
4077 }
4078 }
4079
4080 zc->zc_cookie = off - fp->f_offset;
4081 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4082 fp->f_offset = off;
4083
4084 #ifdef DEBUG
4085 if (zfs_ioc_recv_inject_err) {
4086 zfs_ioc_recv_inject_err = B_FALSE;
4087 error = 1;
4088 }
4089 #endif
4090 /*
4091 * On error, restore the original props.
4092 */
4093 if (error && props) {
4094 if (dmu_objset_hold(tofs, FTAG, &os) == 0) {
4095 if (clear_received_props(os, tofs, props, NULL) != 0) {
4096 /*
4097 * We failed to clear the received properties.
4098 * Since we may have left a $recvd value on the
4099 * system, we can't clear the $hasrecvd flag.
4100 */
4101 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4102 } else if (first_recvd_props) {
4103 dsl_prop_unset_hasrecvd(os);
4104 }
4105 dmu_objset_rele(os, FTAG);
4106 } else if (!drc.drc_newfs) {
4107 /* We failed to clear the received properties. */
4108 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4109 }
4110
4111 if (origprops == NULL && !drc.drc_newfs) {
4112 /* We failed to stash the original properties. */
4113 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4114 }
4115
4116 /*
4117 * dsl_props_set() will not convert RECEIVED to LOCAL on or
4118 * after SPA_VERSION_RECVD_PROPS, so we need to specify LOCAL
4119 * explictly if we're restoring local properties cleared in the
4120 * first new-style receive.
4121 */
4122 if (origprops != NULL &&
4123 zfs_set_prop_nvlist(tofs, (first_recvd_props ?
4124 ZPROP_SRC_LOCAL : ZPROP_SRC_RECEIVED),
4125 origprops, NULL) != 0) {
4126 /*
4127 * We stashed the original properties but failed to
4128 * restore them.
4129 */
4130 zc->zc_obj |= ZPROP_ERR_NORESTORE;
4131 }
4132 }
4133 out:
4134 nvlist_free(props);
4135 nvlist_free(origprops);
4136 nvlist_free(errors);
4137 releasef(fd);
4138
4139 if (error == 0)
4140 error = props_error;
4141
4142 return (error);
4143 }
4144
4145 /*
4146 * inputs:
4147 * zc_name name of snapshot to send
4148 * zc_cookie file descriptor to send stream to
4149 * zc_obj fromorigin flag (mutually exclusive with zc_fromobj)
4150 * zc_sendobj objsetid of snapshot to send
4151 * zc_fromobj objsetid of incremental fromsnap (may be zero)
4152 * zc_guid if set, estimate size of stream only. zc_cookie is ignored.
4153 * output size in zc_objset_type.
4154 *
4155 * outputs: none
4156 */
4157 static int
4158 zfs_ioc_send(zfs_cmd_t *zc)
4159 {
4160 objset_t *fromsnap = NULL;
4161 objset_t *tosnap;
4162 int error;
4163 offset_t off;
4164 dsl_dataset_t *ds;
4165 dsl_dataset_t *dsfrom = NULL;
4166 spa_t *spa;
4167 dsl_pool_t *dp;
4168 boolean_t estimate = (zc->zc_guid != 0);
4169
4170 error = spa_open(zc->zc_name, &spa, FTAG);
4171 if (error)
4172 return (error);
4173
4174 dp = spa_get_dsl(spa);
4175 rw_enter(&dp->dp_config_rwlock, RW_READER);
4176 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
4177 rw_exit(&dp->dp_config_rwlock);
4178 spa_close(spa, FTAG);
4179 if (error)
4180 return (error);
4181
4182 error = dmu_objset_from_ds(ds, &tosnap);
4183 if (error) {
4184 dsl_dataset_rele(ds, FTAG);
4185 return (error);
4186 }
4187
4188 if (zc->zc_fromobj != 0) {
4189 rw_enter(&dp->dp_config_rwlock, RW_READER);
4190 error = dsl_dataset_hold_obj(dp, zc->zc_fromobj, FTAG, &dsfrom);
4191 rw_exit(&dp->dp_config_rwlock);
4192 if (error) {
4193 dsl_dataset_rele(ds, FTAG);
4194 return (error);
4195 }
4196 error = dmu_objset_from_ds(dsfrom, &fromsnap);
4197 if (error) {
4198 dsl_dataset_rele(dsfrom, FTAG);
4199 dsl_dataset_rele(ds, FTAG);
4200 return (error);
4201 }
4202 }
4203
4204 if (zc->zc_obj) {
4205 dsl_pool_t *dp = ds->ds_dir->dd_pool;
4206
4207 if (fromsnap != NULL) {
4208 dsl_dataset_rele(dsfrom, FTAG);
4209 dsl_dataset_rele(ds, FTAG);
4210 return (EINVAL);
4211 }
4212
4213 if (dsl_dir_is_clone(ds->ds_dir)) {
4214 rw_enter(&dp->dp_config_rwlock, RW_READER);
4215 error = dsl_dataset_hold_obj(dp,
4216 ds->ds_dir->dd_phys->dd_origin_obj, FTAG, &dsfrom);
4217 rw_exit(&dp->dp_config_rwlock);
4218 if (error) {
4219 dsl_dataset_rele(ds, FTAG);
4220 return (error);
4221 }
4222 error = dmu_objset_from_ds(dsfrom, &fromsnap);
4223 if (error) {
4224 dsl_dataset_rele(dsfrom, FTAG);
4225 dsl_dataset_rele(ds, FTAG);
4226 return (error);
4227 }
4228 }
4229 }
4230
4231 if (estimate) {
4232 error = dmu_send_estimate(tosnap, fromsnap,
4233 &zc->zc_objset_type);
4234 } else {
4235 file_t *fp = getf(zc->zc_cookie);
4236 if (fp == NULL) {
4237 dsl_dataset_rele(ds, FTAG);
4238 if (dsfrom)
4239 dsl_dataset_rele(dsfrom, FTAG);
4240 return (EBADF);
4241 }
4242
4243 off = fp->f_offset;
4244 error = dmu_send(tosnap, fromsnap,
4245 zc->zc_cookie, fp->f_vnode, &off);
4246
4247 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4248 fp->f_offset = off;
4249 releasef(zc->zc_cookie);
4250 }
4251 if (dsfrom)
4252 dsl_dataset_rele(dsfrom, FTAG);
4253 dsl_dataset_rele(ds, FTAG);
4254 return (error);
4255 }
4256
4257 /*
4258 * inputs:
4259 * zc_name name of snapshot on which to report progress
4260 * zc_cookie file descriptor of send stream
4261 *
4262 * outputs:
4263 * zc_cookie number of bytes written in send stream thus far
4264 */
4265 static int
4266 zfs_ioc_send_progress(zfs_cmd_t *zc)
4267 {
4268 dsl_dataset_t *ds;
4269 dmu_sendarg_t *dsp = NULL;
4270 int error;
4271
4272 if ((error = dsl_dataset_hold(zc->zc_name, FTAG, &ds)) != 0)
4273 return (error);
4274
4275 mutex_enter(&ds->ds_sendstream_lock);
4276
4277 /*
4278 * Iterate over all the send streams currently active on this dataset.
4279 * If there's one which matches the specified file descriptor _and_ the
4280 * stream was started by the current process, return the progress of
4281 * that stream.
4282 */
4283 for (dsp = list_head(&ds->ds_sendstreams); dsp != NULL;
4284 dsp = list_next(&ds->ds_sendstreams, dsp)) {
4285 if (dsp->dsa_outfd == zc->zc_cookie &&
4286 dsp->dsa_proc == curproc)
4287 break;
4288 }
4289
4290 if (dsp != NULL)
4291 zc->zc_cookie = *(dsp->dsa_off);
4292 else
4293 error = ENOENT;
4294
4295 mutex_exit(&ds->ds_sendstream_lock);
4296 dsl_dataset_rele(ds, FTAG);
4297 return (error);
4298 }
4299
4300 static int
4301 zfs_ioc_inject_fault(zfs_cmd_t *zc)
4302 {
4303 int id, error;
4304
4305 error = zio_inject_fault(zc->zc_name, (int)zc->zc_guid, &id,
4306 &zc->zc_inject_record);
4307
4308 if (error == 0)
4309 zc->zc_guid = (uint64_t)id;
4310
4311 return (error);
4312 }
4313
4314 static int
4315 zfs_ioc_clear_fault(zfs_cmd_t *zc)
4316 {
4317 return (zio_clear_fault((int)zc->zc_guid));
4318 }
4319
4320 static int
4321 zfs_ioc_inject_list_next(zfs_cmd_t *zc)
4322 {
4323 int id = (int)zc->zc_guid;
4324 int error;
4325
4326 error = zio_inject_list_next(&id, zc->zc_name, sizeof (zc->zc_name),
4327 &zc->zc_inject_record);
4328
4329 zc->zc_guid = id;
4330
4331 return (error);
4332 }
4333
4334 static int
4335 zfs_ioc_error_log(zfs_cmd_t *zc)
4336 {
4337 spa_t *spa;
4338 int error;
4339 size_t count = (size_t)zc->zc_nvlist_dst_size;
4340
4341 if ((error = spa_open(zc->zc_name, &spa, FTAG)) != 0)
4342 return (error);
4343
4344 error = spa_get_errlog(spa, (void *)(uintptr_t)zc->zc_nvlist_dst,
4345 &count);
4346 if (error == 0)
4347 zc->zc_nvlist_dst_size = count;
4348 else
4349 zc->zc_nvlist_dst_size = spa_get_errlog_size(spa);
4350
4351 spa_close(spa, FTAG);
4352
4353 return (error);
4354 }
4355
4356 static int
4357 zfs_ioc_clear(zfs_cmd_t *zc)
4358 {
4359 spa_t *spa;
4360 vdev_t *vd;
4361 int error;
4362
4363 /*
4364 * On zpool clear we also fix up missing slogs
4365 */
4366 mutex_enter(&spa_namespace_lock);
4367 spa = spa_lookup(zc->zc_name);
4368 if (spa == NULL) {
4369 mutex_exit(&spa_namespace_lock);
4370 return (EIO);
4371 }
4372 if (spa_get_log_state(spa) == SPA_LOG_MISSING) {
4373 /* we need to let spa_open/spa_load clear the chains */
4374 spa_set_log_state(spa, SPA_LOG_CLEAR);
4375 }
4376 spa->spa_last_open_failed = 0;
4377 mutex_exit(&spa_namespace_lock);
4378
4379 if (zc->zc_cookie & ZPOOL_NO_REWIND) {
4380 error = spa_open(zc->zc_name, &spa, FTAG);
4381 } else {
4382 nvlist_t *policy;
4383 nvlist_t *config = NULL;
4384
4385 if (zc->zc_nvlist_src == NULL)
4386 return (EINVAL);
4387
4388 if ((error = get_nvlist(zc->zc_nvlist_src,
4389 zc->zc_nvlist_src_size, zc->zc_iflags, &policy)) == 0) {
4390 error = spa_open_rewind(zc->zc_name, &spa, FTAG,
4391 policy, &config);
4392 if (config != NULL) {
4393 int err;
4394
4395 if ((err = put_nvlist(zc, config)) != 0)
4396 error = err;
4397 nvlist_free(config);
4398 }
4399 nvlist_free(policy);
4400 }
4401 }
4402
4403 if (error)
4404 return (error);
4405
4406 spa_vdev_state_enter(spa, SCL_NONE);
4407
4408 if (zc->zc_guid == 0) {
4409 vd = NULL;
4410 } else {
4411 vd = spa_lookup_by_guid(spa, zc->zc_guid, B_TRUE);
4412 if (vd == NULL) {
4413 (void) spa_vdev_state_exit(spa, NULL, ENODEV);
4414 spa_close(spa, FTAG);
4415 return (ENODEV);
4416 }
4417 }
4418
4419 vdev_clear(spa, vd);
4420
4421 (void) spa_vdev_state_exit(spa, NULL, 0);
4422
4423 /*
4424 * Resume any suspended I/Os.
4425 */
4426 if (zio_resume(spa) != 0)
4427 error = EIO;
4428
4429 spa_close(spa, FTAG);
4430
4431 return (error);
4432 }
4433
4434 static int
4435 zfs_ioc_pool_reopen(zfs_cmd_t *zc)
4436 {
4437 spa_t *spa;
4438 int error;
4439
4440 error = spa_open(zc->zc_name, &spa, FTAG);
4441 if (error)
4442 return (error);
4443
4444 spa_vdev_state_enter(spa, SCL_NONE);
4445
4446 /*
4447 * If a resilver is already in progress then set the
4448 * spa_scrub_reopen flag to B_TRUE so that we don't restart
4449 * the scan as a side effect of the reopen. Otherwise, let
4450 * vdev_open() decided if a resilver is required.
4451 */
4452 spa->spa_scrub_reopen = dsl_scan_resilvering(spa->spa_dsl_pool);
4453 vdev_reopen(spa->spa_root_vdev);
4454 spa->spa_scrub_reopen = B_FALSE;
4455
4456 (void) spa_vdev_state_exit(spa, NULL, 0);
4457 spa_close(spa, FTAG);
4458 return (0);
4459 }
4460 /*
4461 * inputs:
4462 * zc_name name of filesystem
4463 * zc_value name of origin snapshot
4464 *
4465 * outputs:
4466 * zc_string name of conflicting snapshot, if there is one
4467 */
4468 static int
4469 zfs_ioc_promote(zfs_cmd_t *zc)
4470 {
4471 char *cp;
4472
4473 /*
4474 * We don't need to unmount *all* the origin fs's snapshots, but
4475 * it's easier.
4476 */
4477 cp = strchr(zc->zc_value, '@');
4478 if (cp)
4479 *cp = '\0';
4480 (void) dmu_objset_find(zc->zc_value,
4481 zfs_unmount_snap, NULL, DS_FIND_SNAPSHOTS);
4482 return (dsl_dataset_promote(zc->zc_name, zc->zc_string));
4483 }
4484
4485 /*
4486 * Retrieve a single {user|group}{used|quota}@... property.
4487 *
4488 * inputs:
4489 * zc_name name of filesystem
4490 * zc_objset_type zfs_userquota_prop_t
4491 * zc_value domain name (eg. "S-1-234-567-89")
4492 * zc_guid RID/UID/GID
4493 *
4494 * outputs:
4495 * zc_cookie property value
4496 */
4497 static int
4498 zfs_ioc_userspace_one(zfs_cmd_t *zc)
4499 {
4500 zfsvfs_t *zfsvfs;
4501 int error;
4502
4503 if (zc->zc_objset_type >= ZFS_NUM_USERQUOTA_PROPS)
4504 return (EINVAL);
4505
4506 error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4507 if (error)
4508 return (error);
4509
4510 error = zfs_userspace_one(zfsvfs,
4511 zc->zc_objset_type, zc->zc_value, zc->zc_guid, &zc->zc_cookie);
4512 zfsvfs_rele(zfsvfs, FTAG);
4513
4514 return (error);
4515 }
4516
4517 /*
4518 * inputs:
4519 * zc_name name of filesystem
4520 * zc_cookie zap cursor
4521 * zc_objset_type zfs_userquota_prop_t
4522 * zc_nvlist_dst[_size] buffer to fill (not really an nvlist)
4523 *
4524 * outputs:
4525 * zc_nvlist_dst[_size] data buffer (array of zfs_useracct_t)
4526 * zc_cookie zap cursor
4527 */
4528 static int
4529 zfs_ioc_userspace_many(zfs_cmd_t *zc)
4530 {
4531 zfsvfs_t *zfsvfs;
4532 int bufsize = zc->zc_nvlist_dst_size;
4533
4534 if (bufsize <= 0)
4535 return (ENOMEM);
4536
4537 int error = zfsvfs_hold(zc->zc_name, FTAG, &zfsvfs, B_FALSE);
4538 if (error)
4539 return (error);
4540
4541 void *buf = kmem_alloc(bufsize, KM_SLEEP);
4542
4543 error = zfs_userspace_many(zfsvfs, zc->zc_objset_type, &zc->zc_cookie,
4544 buf, &zc->zc_nvlist_dst_size);
4545
4546 if (error == 0) {
4547 error = xcopyout(buf,
4548 (void *)(uintptr_t)zc->zc_nvlist_dst,
4549 zc->zc_nvlist_dst_size);
4550 }
4551 kmem_free(buf, bufsize);
4552 zfsvfs_rele(zfsvfs, FTAG);
4553
4554 return (error);
4555 }
4556
4557 /*
4558 * inputs:
4559 * zc_name name of filesystem
4560 *
4561 * outputs:
4562 * none
4563 */
4564 static int
4565 zfs_ioc_userspace_upgrade(zfs_cmd_t *zc)
4566 {
4567 objset_t *os;
4568 int error = 0;
4569 zfsvfs_t *zfsvfs;
4570
4571 if (getzfsvfs(zc->zc_name, &zfsvfs) == 0) {
4572 if (!dmu_objset_userused_enabled(zfsvfs->z_os)) {
4573 /*
4574 * If userused is not enabled, it may be because the
4575 * objset needs to be closed & reopened (to grow the
4576 * objset_phys_t). Suspend/resume the fs will do that.
4577 */
4578 error = zfs_suspend_fs(zfsvfs);
4579 if (error == 0)
4580 error = zfs_resume_fs(zfsvfs, zc->zc_name);
4581 }
4582 if (error == 0)
4583 error = dmu_objset_userspace_upgrade(zfsvfs->z_os);
4584 VFS_RELE(zfsvfs->z_vfs);
4585 } else {
4586 /* XXX kind of reading contents without owning */
4587 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4588 if (error)
4589 return (error);
4590
4591 error = dmu_objset_userspace_upgrade(os);
4592 dmu_objset_rele(os, FTAG);
4593 }
4594
4595 return (error);
4596 }
4597
4598 /*
4599 * We don't want to have a hard dependency
4600 * against some special symbols in sharefs
4601 * nfs, and smbsrv. Determine them if needed when
4602 * the first file system is shared.
4603 * Neither sharefs, nfs or smbsrv are unloadable modules.
4604 */
4605 int (*znfsexport_fs)(void *arg);
4606 int (*zshare_fs)(enum sharefs_sys_op, share_t *, uint32_t);
4607 int (*zsmbexport_fs)(void *arg, boolean_t add_share);
4608
4609 int zfs_nfsshare_inited;
4610 int zfs_smbshare_inited;
4611
4612 ddi_modhandle_t nfs_mod;
4613 ddi_modhandle_t sharefs_mod;
4614 ddi_modhandle_t smbsrv_mod;
4615 kmutex_t zfs_share_lock;
4616
4617 static int
4618 zfs_init_sharefs()
4619 {
4620 int error;
4621
4622 ASSERT(MUTEX_HELD(&zfs_share_lock));
4623 /* Both NFS and SMB shares also require sharetab support. */
4624 if (sharefs_mod == NULL && ((sharefs_mod =
4625 ddi_modopen("fs/sharefs",
4626 KRTLD_MODE_FIRST, &error)) == NULL)) {
4627 return (ENOSYS);
4628 }
4629 if (zshare_fs == NULL && ((zshare_fs =
4630 (int (*)(enum sharefs_sys_op, share_t *, uint32_t))
4631 ddi_modsym(sharefs_mod, "sharefs_impl", &error)) == NULL)) {
4632 return (ENOSYS);
4633 }
4634 return (0);
4635 }
4636
4637 static int
4638 zfs_ioc_share(zfs_cmd_t *zc)
4639 {
4640 int error;
4641 int opcode;
4642
4643 switch (zc->zc_share.z_sharetype) {
4644 case ZFS_SHARE_NFS:
4645 case ZFS_UNSHARE_NFS:
4646 if (zfs_nfsshare_inited == 0) {
4647 mutex_enter(&zfs_share_lock);
4648 if (nfs_mod == NULL && ((nfs_mod = ddi_modopen("fs/nfs",
4649 KRTLD_MODE_FIRST, &error)) == NULL)) {
4650 mutex_exit(&zfs_share_lock);
4651 return (ENOSYS);
4652 }
4653 if (znfsexport_fs == NULL &&
4654 ((znfsexport_fs = (int (*)(void *))
4655 ddi_modsym(nfs_mod,
4656 "nfs_export", &error)) == NULL)) {
4657 mutex_exit(&zfs_share_lock);
4658 return (ENOSYS);
4659 }
4660 error = zfs_init_sharefs();
4661 if (error) {
4662 mutex_exit(&zfs_share_lock);
4663 return (ENOSYS);
4664 }
4665 zfs_nfsshare_inited = 1;
4666 mutex_exit(&zfs_share_lock);
4667 }
4668 break;
4669 case ZFS_SHARE_SMB:
4670 case ZFS_UNSHARE_SMB:
4671 if (zfs_smbshare_inited == 0) {
4672 mutex_enter(&zfs_share_lock);
4673 if (smbsrv_mod == NULL && ((smbsrv_mod =
4674 ddi_modopen("drv/smbsrv",
4675 KRTLD_MODE_FIRST, &error)) == NULL)) {
4676 mutex_exit(&zfs_share_lock);
4677 return (ENOSYS);
4678 }
4679 if (zsmbexport_fs == NULL && ((zsmbexport_fs =
4680 (int (*)(void *, boolean_t))ddi_modsym(smbsrv_mod,
4681 "smb_server_share", &error)) == NULL)) {
4682 mutex_exit(&zfs_share_lock);
4683 return (ENOSYS);
4684 }
4685 error = zfs_init_sharefs();
4686 if (error) {
4687 mutex_exit(&zfs_share_lock);
4688 return (ENOSYS);
4689 }
4690 zfs_smbshare_inited = 1;
4691 mutex_exit(&zfs_share_lock);
4692 }
4693 break;
4694 default:
4695 return (EINVAL);
4696 }
4697
4698 switch (zc->zc_share.z_sharetype) {
4699 case ZFS_SHARE_NFS:
4700 case ZFS_UNSHARE_NFS:
4701 if (error =
4702 znfsexport_fs((void *)
4703 (uintptr_t)zc->zc_share.z_exportdata))
4704 return (error);
4705 break;
4706 case ZFS_SHARE_SMB:
4707 case ZFS_UNSHARE_SMB:
4708 if (error = zsmbexport_fs((void *)
4709 (uintptr_t)zc->zc_share.z_exportdata,
4710 zc->zc_share.z_sharetype == ZFS_SHARE_SMB ?
4711 B_TRUE: B_FALSE)) {
4712 return (error);
4713 }
4714 break;
4715 }
4716
4717 opcode = (zc->zc_share.z_sharetype == ZFS_SHARE_NFS ||
4718 zc->zc_share.z_sharetype == ZFS_SHARE_SMB) ?
4719 SHAREFS_ADD : SHAREFS_REMOVE;
4720
4721 /*
4722 * Add or remove share from sharetab
4723 */
4724 error = zshare_fs(opcode,
4725 (void *)(uintptr_t)zc->zc_share.z_sharedata,
4726 zc->zc_share.z_sharemax);
4727
4728 return (error);
4729
4730 }
4731
4732 ace_t full_access[] = {
4733 {(uid_t)-1, ACE_ALL_PERMS, ACE_EVERYONE, 0}
4734 };
4735
4736 /*
4737 * inputs:
4738 * zc_name name of containing filesystem
4739 * zc_obj object # beyond which we want next in-use object #
4740 *
4741 * outputs:
4742 * zc_obj next in-use object #
4743 */
4744 static int
4745 zfs_ioc_next_obj(zfs_cmd_t *zc)
4746 {
4747 objset_t *os = NULL;
4748 int error;
4749
4750 error = dmu_objset_hold(zc->zc_name, FTAG, &os);
4751 if (error)
4752 return (error);
4753
4754 error = dmu_object_next(os, &zc->zc_obj, B_FALSE,
4755 os->os_dsl_dataset->ds_phys->ds_prev_snap_txg);
4756
4757 dmu_objset_rele(os, FTAG);
4758 return (error);
4759 }
4760
4761 /*
4762 * inputs:
4763 * zc_name name of filesystem
4764 * zc_value prefix name for snapshot
4765 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
4766 *
4767 * outputs:
4768 * zc_value short name of new snapshot
4769 */
4770 static int
4771 zfs_ioc_tmp_snapshot(zfs_cmd_t *zc)
4772 {
4773 char *snap_name;
4774 int error;
4775
4776 snap_name = kmem_asprintf("%s@%s-%016llx", zc->zc_name, zc->zc_value,
4777 (u_longlong_t)ddi_get_lbolt64());
4778
4779 if (strlen(snap_name) >= MAXPATHLEN) {
4780 strfree(snap_name);
4781 return (E2BIG);
4782 }
4783
4784 error = dmu_objset_snapshot_tmp(snap_name, "%temp", zc->zc_cleanup_fd);
4785 if (error != 0) {
4786 strfree(snap_name);
4787 return (error);
4788 }
4789
4790 (void) strcpy(zc->zc_value, strchr(snap_name, '@') + 1);
4791 strfree(snap_name);
4792 return (0);
4793 }
4794
4795 /*
4796 * inputs:
4797 * zc_name name of "to" snapshot
4798 * zc_value name of "from" snapshot
4799 * zc_cookie file descriptor to write diff data on
4800 *
4801 * outputs:
4802 * dmu_diff_record_t's to the file descriptor
4803 */
4804 static int
4805 zfs_ioc_diff(zfs_cmd_t *zc)
4806 {
4807 objset_t *fromsnap;
4808 objset_t *tosnap;
4809 file_t *fp;
4810 offset_t off;
4811 int error;
4812
4813 error = dmu_objset_hold(zc->zc_name, FTAG, &tosnap);
4814 if (error)
4815 return (error);
4816
4817 error = dmu_objset_hold(zc->zc_value, FTAG, &fromsnap);
4818 if (error) {
4819 dmu_objset_rele(tosnap, FTAG);
4820 return (error);
4821 }
4822
4823 fp = getf(zc->zc_cookie);
4824 if (fp == NULL) {
4825 dmu_objset_rele(fromsnap, FTAG);
4826 dmu_objset_rele(tosnap, FTAG);
4827 return (EBADF);
4828 }
4829
4830 off = fp->f_offset;
4831
4832 error = dmu_diff(tosnap, fromsnap, fp->f_vnode, &off);
4833
4834 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
4835 fp->f_offset = off;
4836 releasef(zc->zc_cookie);
4837
4838 dmu_objset_rele(fromsnap, FTAG);
4839 dmu_objset_rele(tosnap, FTAG);
4840 return (error);
4841 }
4842
4843 /*
4844 * Remove all ACL files in shares dir
4845 */
4846 static int
4847 zfs_smb_acl_purge(znode_t *dzp)
4848 {
4849 zap_cursor_t zc;
4850 zap_attribute_t zap;
4851 zfsvfs_t *zfsvfs = dzp->z_zfsvfs;
4852 int error;
4853
4854 for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id);
4855 (error = zap_cursor_retrieve(&zc, &zap)) == 0;
4856 zap_cursor_advance(&zc)) {
4857 if ((error = VOP_REMOVE(ZTOV(dzp), zap.za_name, kcred,
4858 NULL, 0)) != 0)
4859 break;
4860 }
4861 zap_cursor_fini(&zc);
4862 return (error);
4863 }
4864
4865 static int
4866 zfs_ioc_smb_acl(zfs_cmd_t *zc)
4867 {
4868 vnode_t *vp;
4869 znode_t *dzp;
4870 vnode_t *resourcevp = NULL;
4871 znode_t *sharedir;
4872 zfsvfs_t *zfsvfs;
4873 nvlist_t *nvlist;
4874 char *src, *target;
4875 vattr_t vattr;
4876 vsecattr_t vsec;
4877 int error = 0;
4878
4879 if ((error = lookupname(zc->zc_value, UIO_SYSSPACE,
4880 NO_FOLLOW, NULL, &vp)) != 0)
4881 return (error);
4882
4883 /* Now make sure mntpnt and dataset are ZFS */
4884
4885 if (vp->v_vfsp->vfs_fstype != zfsfstype ||
4886 (strcmp((char *)refstr_value(vp->v_vfsp->vfs_resource),
4887 zc->zc_name) != 0)) {
4888 VN_RELE(vp);
4889 return (EINVAL);
4890 }
4891
4892 dzp = VTOZ(vp);
4893 zfsvfs = dzp->z_zfsvfs;
4894 ZFS_ENTER(zfsvfs);
4895
4896 /*
4897 * Create share dir if its missing.
4898 */
4899 mutex_enter(&zfsvfs->z_lock);
4900 if (zfsvfs->z_shares_dir == 0) {
4901 dmu_tx_t *tx;
4902
4903 tx = dmu_tx_create(zfsvfs->z_os);
4904 dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, TRUE,
4905 ZFS_SHARES_DIR);
4906 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
4907 error = dmu_tx_assign(tx, TXG_WAIT);
4908 if (error) {
4909 dmu_tx_abort(tx);
4910 } else {
4911 error = zfs_create_share_dir(zfsvfs, tx);
4912 dmu_tx_commit(tx);
4913 }
4914 if (error) {
4915 mutex_exit(&zfsvfs->z_lock);
4916 VN_RELE(vp);
4917 ZFS_EXIT(zfsvfs);
4918 return (error);
4919 }
4920 }
4921 mutex_exit(&zfsvfs->z_lock);
4922
4923 ASSERT(zfsvfs->z_shares_dir);
4924 if ((error = zfs_zget(zfsvfs, zfsvfs->z_shares_dir, &sharedir)) != 0) {
4925 VN_RELE(vp);
4926 ZFS_EXIT(zfsvfs);
4927 return (error);
4928 }
4929
4930 switch (zc->zc_cookie) {
4931 case ZFS_SMB_ACL_ADD:
4932 vattr.va_mask = AT_MODE|AT_UID|AT_GID|AT_TYPE;
4933 vattr.va_type = VREG;
4934 vattr.va_mode = S_IFREG|0777;
4935 vattr.va_uid = 0;
4936 vattr.va_gid = 0;
4937
4938 vsec.vsa_mask = VSA_ACE;
4939 vsec.vsa_aclentp = &full_access;
4940 vsec.vsa_aclentsz = sizeof (full_access);
4941 vsec.vsa_aclcnt = 1;
4942
4943 error = VOP_CREATE(ZTOV(sharedir), zc->zc_string,
4944 &vattr, EXCL, 0, &resourcevp, kcred, 0, NULL, &vsec);
4945 if (resourcevp)
4946 VN_RELE(resourcevp);
4947 break;
4948
4949 case ZFS_SMB_ACL_REMOVE:
4950 error = VOP_REMOVE(ZTOV(sharedir), zc->zc_string, kcred,
4951 NULL, 0);
4952 break;
4953
4954 case ZFS_SMB_ACL_RENAME:
4955 if ((error = get_nvlist(zc->zc_nvlist_src,
4956 zc->zc_nvlist_src_size, zc->zc_iflags, &nvlist)) != 0) {
4957 VN_RELE(vp);
4958 ZFS_EXIT(zfsvfs);
4959 return (error);
4960 }
4961 if (nvlist_lookup_string(nvlist, ZFS_SMB_ACL_SRC, &src) ||
4962 nvlist_lookup_string(nvlist, ZFS_SMB_ACL_TARGET,
4963 &target)) {
4964 VN_RELE(vp);
4965 VN_RELE(ZTOV(sharedir));
4966 ZFS_EXIT(zfsvfs);
4967 nvlist_free(nvlist);
4968 return (error);
4969 }
4970 error = VOP_RENAME(ZTOV(sharedir), src, ZTOV(sharedir), target,
4971 kcred, NULL, 0);
4972 nvlist_free(nvlist);
4973 break;
4974
4975 case ZFS_SMB_ACL_PURGE:
4976 error = zfs_smb_acl_purge(sharedir);
4977 break;
4978
4979 default:
4980 error = EINVAL;
4981 break;
4982 }
4983
4984 VN_RELE(vp);
4985 VN_RELE(ZTOV(sharedir));
4986
4987 ZFS_EXIT(zfsvfs);
4988
4989 return (error);
4990 }
4991
4992 /*
4993 * inputs:
4994 * zc_name name of filesystem
4995 * zc_value short name of snap
4996 * zc_string user-supplied tag for this hold
4997 * zc_cookie recursive flag
4998 * zc_temphold set if hold is temporary
4999 * zc_cleanup_fd cleanup-on-exit file descriptor for calling process
5000 * zc_sendobj if non-zero, the objid for zc_name@zc_value
5001 * zc_createtxg if zc_sendobj is non-zero, snap must have zc_createtxg
5002 *
5003 * outputs: none
5004 */
5005 static int
5006 zfs_ioc_hold(zfs_cmd_t *zc)
5007 {
5008 boolean_t recursive = zc->zc_cookie;
5009 spa_t *spa;
5010 dsl_pool_t *dp;
5011 dsl_dataset_t *ds;
5012 int error;
5013 minor_t minor = 0;
5014
5015 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
5016 return (EINVAL);
5017
5018 if (zc->zc_sendobj == 0) {
5019 return (dsl_dataset_user_hold(zc->zc_name, zc->zc_value,
5020 zc->zc_string, recursive, zc->zc_temphold,
5021 zc->zc_cleanup_fd));
5022 }
5023
5024 if (recursive)
5025 return (EINVAL);
5026
5027 error = spa_open(zc->zc_name, &spa, FTAG);
5028 if (error)
5029 return (error);
5030
5031 dp = spa_get_dsl(spa);
5032 rw_enter(&dp->dp_config_rwlock, RW_READER);
5033 error = dsl_dataset_hold_obj(dp, zc->zc_sendobj, FTAG, &ds);
5034 rw_exit(&dp->dp_config_rwlock);
5035 spa_close(spa, FTAG);
5036 if (error)
5037 return (error);
5038
5039 /*
5040 * Until we have a hold on this snapshot, it's possible that
5041 * zc_sendobj could've been destroyed and reused as part
5042 * of a later txg. Make sure we're looking at the right object.
5043 */
5044 if (zc->zc_createtxg != ds->ds_phys->ds_creation_txg) {
5045 dsl_dataset_rele(ds, FTAG);
5046 return (ENOENT);
5047 }
5048
5049 if (zc->zc_cleanup_fd != -1 && zc->zc_temphold) {
5050 error = zfs_onexit_fd_hold(zc->zc_cleanup_fd, &minor);
5051 if (error) {
5052 dsl_dataset_rele(ds, FTAG);
5053 return (error);
5054 }
5055 }
5056
5057 error = dsl_dataset_user_hold_for_send(ds, zc->zc_string,
5058 zc->zc_temphold);
5059 if (minor != 0) {
5060 if (error == 0) {
5061 dsl_register_onexit_hold_cleanup(ds, zc->zc_string,
5062 minor);
5063 }
5064 zfs_onexit_fd_rele(zc->zc_cleanup_fd);
5065 }
5066 dsl_dataset_rele(ds, FTAG);
5067
5068 return (error);
5069 }
5070
5071 /*
5072 * inputs:
5073 * zc_name name of dataset from which we're releasing a user hold
5074 * zc_value short name of snap
5075 * zc_string user-supplied tag for this hold
5076 * zc_cookie recursive flag
5077 *
5078 * outputs: none
5079 */
5080 static int
5081 zfs_ioc_release(zfs_cmd_t *zc)
5082 {
5083 boolean_t recursive = zc->zc_cookie;
5084
5085 if (snapshot_namecheck(zc->zc_value, NULL, NULL) != 0)
5086 return (EINVAL);
5087
5088 return (dsl_dataset_user_release(zc->zc_name, zc->zc_value,
5089 zc->zc_string, recursive));
5090 }
5091
5092 /*
5093 * inputs:
5094 * zc_name name of filesystem
5095 *
5096 * outputs:
5097 * zc_nvlist_src{_size} nvlist of snapshot holds
5098 */
5099 static int
5100 zfs_ioc_get_holds(zfs_cmd_t *zc)
5101 {
5102 nvlist_t *nvp;
5103 int error;
5104
5105 if ((error = dsl_dataset_get_holds(zc->zc_name, &nvp)) == 0) {
5106 error = put_nvlist(zc, nvp);
5107 nvlist_free(nvp);
5108 }
5109
5110 return (error);
5111 }
5112
5113 /*
5114 * inputs:
5115 * zc_name name of new filesystem or snapshot
5116 * zc_value full name of old snapshot
5117 *
5118 * outputs:
5119 * zc_cookie space in bytes
5120 * zc_objset_type compressed space in bytes
5121 * zc_perm_action uncompressed space in bytes
5122 */
5123 static int
5124 zfs_ioc_space_written(zfs_cmd_t *zc)
5125 {
5126 int error;
5127 dsl_dataset_t *new, *old;
5128
5129 error = dsl_dataset_hold(zc->zc_name, FTAG, &new);
5130 if (error != 0)
5131 return (error);
5132 error = dsl_dataset_hold(zc->zc_value, FTAG, &old);
5133 if (error != 0) {
5134 dsl_dataset_rele(new, FTAG);
5135 return (error);
5136 }
5137
5138 error = dsl_dataset_space_written(old, new, &zc->zc_cookie,
5139 &zc->zc_objset_type, &zc->zc_perm_action);
5140 dsl_dataset_rele(old, FTAG);
5141 dsl_dataset_rele(new, FTAG);
5142 return (error);
5143 }
5144 /*
5145 * innvl: {
5146 * "firstsnap" -> snapshot name
5147 * }
5148 *
5149 * outnvl: {
5150 * "used" -> space in bytes
5151 * "compressed" -> compressed space in bytes
5152 * "uncompressed" -> uncompressed space in bytes
5153 * }
5154 */
5155 static int
5156 zfs_ioc_space_snaps(const char *lastsnap, nvlist_t *innvl, nvlist_t *outnvl)
5157 {
5158 int error;
5159 dsl_dataset_t *new, *old;
5160 char *firstsnap;
5161 uint64_t used, comp, uncomp;
5162
5163 if (nvlist_lookup_string(innvl, "firstsnap", &firstsnap) != 0)
5164 return (EINVAL);
5165
5166 error = dsl_dataset_hold(lastsnap, FTAG, &new);
5167 if (error != 0)
5168 return (error);
5169 error = dsl_dataset_hold(firstsnap, FTAG, &old);
5170 if (error != 0) {
5171 dsl_dataset_rele(new, FTAG);
5172 return (error);
5173 }
5174
5175 error = dsl_dataset_space_wouldfree(old, new, &used, &comp, &uncomp);
5176 dsl_dataset_rele(old, FTAG);
5177 dsl_dataset_rele(new, FTAG);
5178 fnvlist_add_uint64(outnvl, "used", used);
5179 fnvlist_add_uint64(outnvl, "compressed", comp);
5180 fnvlist_add_uint64(outnvl, "uncompressed", uncomp);
5181 return (error);
5182 }
5183
5184 /*
5185 * innvl: {
5186 * "fd" -> file descriptor to write stream to (int32)
5187 * (optional) "fromsnap" -> full snap name to send an incremental from
5188 * }
5189 *
5190 * outnvl is unused
5191 */
5192 /* ARGSUSED */
5193 static int
5194 zfs_ioc_send_new(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5195 {
5196 objset_t *fromsnap = NULL;
5197 objset_t *tosnap;
5198 int error;
5199 offset_t off;
5200 char *fromname;
5201 int fd;
5202
5203 error = nvlist_lookup_int32(innvl, "fd", &fd);
5204 if (error != 0)
5205 return (EINVAL);
5206
5207 error = dmu_objset_hold(snapname, FTAG, &tosnap);
5208 if (error)
5209 return (error);
5210
5211 error = nvlist_lookup_string(innvl, "fromsnap", &fromname);
5212 if (error == 0) {
5213 error = dmu_objset_hold(fromname, FTAG, &fromsnap);
5214 if (error) {
5215 dmu_objset_rele(tosnap, FTAG);
5216 return (error);
5217 }
5218 }
5219
5220 file_t *fp = getf(fd);
5221 if (fp == NULL) {
5222 dmu_objset_rele(tosnap, FTAG);
5223 if (fromsnap != NULL)
5224 dmu_objset_rele(fromsnap, FTAG);
5225 return (EBADF);
5226 }
5227
5228 off = fp->f_offset;
5229 error = dmu_send(tosnap, fromsnap, fd, fp->f_vnode, &off);
5230
5231 if (VOP_SEEK(fp->f_vnode, fp->f_offset, &off, NULL) == 0)
5232 fp->f_offset = off;
5233 releasef(fd);
5234 if (fromsnap != NULL)
5235 dmu_objset_rele(fromsnap, FTAG);
5236 dmu_objset_rele(tosnap, FTAG);
5237 return (error);
5238 }
5239
5240 /*
5241 * Determine approximately how large a zfs send stream will be -- the number
5242 * of bytes that will be written to the fd supplied to zfs_ioc_send_new().
5243 *
5244 * innvl: {
5245 * (optional) "fromsnap" -> full snap name to send an incremental from
5246 * }
5247 *
5248 * outnvl: {
5249 * "space" -> bytes of space (uint64)
5250 * }
5251 */
5252 static int
5253 zfs_ioc_send_space(const char *snapname, nvlist_t *innvl, nvlist_t *outnvl)
5254 {
5255 objset_t *fromsnap = NULL;
5256 objset_t *tosnap;
5257 int error;
5258 char *fromname;
5259 uint64_t space;
5260
5261 error = dmu_objset_hold(snapname, FTAG, &tosnap);
5262 if (error)
5263 return (error);
5264
5265 error = nvlist_lookup_string(innvl, "fromsnap", &fromname);
5266 if (error == 0) {
5267 error = dmu_objset_hold(fromname, FTAG, &fromsnap);
5268 if (error) {
5269 dmu_objset_rele(tosnap, FTAG);
5270 return (error);
5271 }
5272 }
5273
5274 error = dmu_send_estimate(tosnap, fromsnap, &space);
5275 fnvlist_add_uint64(outnvl, "space", space);
5276
5277 if (fromsnap != NULL)
5278 dmu_objset_rele(fromsnap, FTAG);
5279 dmu_objset_rele(tosnap, FTAG);
5280 return (error);
5281 }
5282
5283
5284 static zfs_ioc_vec_t zfs_ioc_vec[ZFS_IOC_LAST - ZFS_IOC_FIRST];
5285
5286 static void
5287 zfs_ioctl_register_legacy(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5288 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5289 boolean_t log_history, zfs_ioc_poolcheck_t pool_check)
5290 {
5291 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5292
5293 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5294 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5295 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5296 ASSERT3P(vec->zvec_func, ==, NULL);
5297
5298 vec->zvec_legacy_func = func;
5299 vec->zvec_secpolicy = secpolicy;
5300 vec->zvec_namecheck = namecheck;
5301 vec->zvec_allow_log = log_history;
5302 vec->zvec_pool_check = pool_check;
5303 }
5304
5305 /*
5306 * See the block comment at the beginning of this file for details on
5307 * each argument to this function.
5308 */
5309 static void
5310 zfs_ioctl_register(const char *name, zfs_ioc_t ioc, zfs_ioc_func_t *func,
5311 zfs_secpolicy_func_t *secpolicy, zfs_ioc_namecheck_t namecheck,
5312 zfs_ioc_poolcheck_t pool_check, boolean_t smush_outnvlist,
5313 boolean_t allow_log)
5314 {
5315 zfs_ioc_vec_t *vec = &zfs_ioc_vec[ioc - ZFS_IOC_FIRST];
5316
5317 ASSERT3U(ioc, >=, ZFS_IOC_FIRST);
5318 ASSERT3U(ioc, <, ZFS_IOC_LAST);
5319 ASSERT3P(vec->zvec_legacy_func, ==, NULL);
5320 ASSERT3P(vec->zvec_func, ==, NULL);
5321
5322 /* if we are logging, the name must be valid */
5323 ASSERT(!allow_log || namecheck != NO_NAME);
5324
5325 vec->zvec_name = name;
5326 vec->zvec_func = func;
5327 vec->zvec_secpolicy = secpolicy;
5328 vec->zvec_namecheck = namecheck;
5329 vec->zvec_pool_check = pool_check;
5330 vec->zvec_smush_outnvlist = smush_outnvlist;
5331 vec->zvec_allow_log = allow_log;
5332 }
5333
5334 static void
5335 zfs_ioctl_register_pool(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5336 zfs_secpolicy_func_t *secpolicy, boolean_t log_history,
5337 zfs_ioc_poolcheck_t pool_check)
5338 {
5339 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5340 POOL_NAME, log_history, pool_check);
5341 }
5342
5343 static void
5344 zfs_ioctl_register_dataset_nolog(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5345 zfs_secpolicy_func_t *secpolicy, zfs_ioc_poolcheck_t pool_check)
5346 {
5347 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5348 DATASET_NAME, B_FALSE, pool_check);
5349 }
5350
5351 static void
5352 zfs_ioctl_register_pool_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5353 {
5354 zfs_ioctl_register_legacy(ioc, func, zfs_secpolicy_config,
5355 POOL_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5356 }
5357
5358 static void
5359 zfs_ioctl_register_pool_meta(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5360 zfs_secpolicy_func_t *secpolicy)
5361 {
5362 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5363 NO_NAME, B_FALSE, POOL_CHECK_NONE);
5364 }
5365
5366 static void
5367 zfs_ioctl_register_dataset_read_secpolicy(zfs_ioc_t ioc,
5368 zfs_ioc_legacy_func_t *func, zfs_secpolicy_func_t *secpolicy)
5369 {
5370 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5371 DATASET_NAME, B_FALSE, POOL_CHECK_SUSPENDED);
5372 }
5373
5374 static void
5375 zfs_ioctl_register_dataset_read(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func)
5376 {
5377 zfs_ioctl_register_dataset_read_secpolicy(ioc, func,
5378 zfs_secpolicy_read);
5379 }
5380
5381 static void
5382 zfs_ioctl_register_dataset_modify(zfs_ioc_t ioc, zfs_ioc_legacy_func_t *func,
5383 zfs_secpolicy_func_t *secpolicy)
5384 {
5385 zfs_ioctl_register_legacy(ioc, func, secpolicy,
5386 DATASET_NAME, B_TRUE, POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5387 }
5388
5389 static void
5390 zfs_ioctl_init(void)
5391 {
5392 zfs_ioctl_register("snapshot", ZFS_IOC_SNAPSHOT,
5393 zfs_ioc_snapshot, zfs_secpolicy_snapshot, POOL_NAME,
5394 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5395
5396 zfs_ioctl_register("log_history", ZFS_IOC_LOG_HISTORY,
5397 zfs_ioc_log_history, zfs_secpolicy_log_history, NO_NAME,
5398 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_FALSE, B_FALSE);
5399
5400 zfs_ioctl_register("space_snaps", ZFS_IOC_SPACE_SNAPS,
5401 zfs_ioc_space_snaps, zfs_secpolicy_read, DATASET_NAME,
5402 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5403
5404 zfs_ioctl_register("send", ZFS_IOC_SEND_NEW,
5405 zfs_ioc_send_new, zfs_secpolicy_send_new, DATASET_NAME,
5406 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5407
5408 zfs_ioctl_register("send_space", ZFS_IOC_SEND_SPACE,
5409 zfs_ioc_send_space, zfs_secpolicy_read, DATASET_NAME,
5410 POOL_CHECK_SUSPENDED, B_FALSE, B_FALSE);
5411
5412 zfs_ioctl_register("create", ZFS_IOC_CREATE,
5413 zfs_ioc_create, zfs_secpolicy_create_clone, DATASET_NAME,
5414 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5415
5416 zfs_ioctl_register("clone", ZFS_IOC_CLONE,
5417 zfs_ioc_clone, zfs_secpolicy_create_clone, DATASET_NAME,
5418 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5419
5420 zfs_ioctl_register("destroy_snaps", ZFS_IOC_DESTROY_SNAPS,
5421 zfs_ioc_destroy_snaps, zfs_secpolicy_destroy_snaps, POOL_NAME,
5422 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY, B_TRUE, B_TRUE);
5423
5424 /* IOCTLS that use the legacy function signature */
5425
5426 zfs_ioctl_register_legacy(ZFS_IOC_POOL_FREEZE, zfs_ioc_pool_freeze,
5427 zfs_secpolicy_config, NO_NAME, B_FALSE, POOL_CHECK_READONLY);
5428
5429 zfs_ioctl_register_pool(ZFS_IOC_POOL_CREATE, zfs_ioc_pool_create,
5430 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5431 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SCAN,
5432 zfs_ioc_pool_scan);
5433 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_UPGRADE,
5434 zfs_ioc_pool_upgrade);
5435 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ADD,
5436 zfs_ioc_vdev_add);
5437 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_REMOVE,
5438 zfs_ioc_vdev_remove);
5439 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SET_STATE,
5440 zfs_ioc_vdev_set_state);
5441 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_ATTACH,
5442 zfs_ioc_vdev_attach);
5443 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_DETACH,
5444 zfs_ioc_vdev_detach);
5445 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETPATH,
5446 zfs_ioc_vdev_setpath);
5447 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SETFRU,
5448 zfs_ioc_vdev_setfru);
5449 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_SET_PROPS,
5450 zfs_ioc_pool_set_props);
5451 zfs_ioctl_register_pool_modify(ZFS_IOC_VDEV_SPLIT,
5452 zfs_ioc_vdev_split);
5453 zfs_ioctl_register_pool_modify(ZFS_IOC_POOL_REGUID,
5454 zfs_ioc_pool_reguid);
5455
5456 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_CONFIGS,
5457 zfs_ioc_pool_configs, zfs_secpolicy_none);
5458 zfs_ioctl_register_pool_meta(ZFS_IOC_POOL_TRYIMPORT,
5459 zfs_ioc_pool_tryimport, zfs_secpolicy_config);
5460 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_FAULT,
5461 zfs_ioc_inject_fault, zfs_secpolicy_inject);
5462 zfs_ioctl_register_pool_meta(ZFS_IOC_CLEAR_FAULT,
5463 zfs_ioc_clear_fault, zfs_secpolicy_inject);
5464 zfs_ioctl_register_pool_meta(ZFS_IOC_INJECT_LIST_NEXT,
5465 zfs_ioc_inject_list_next, zfs_secpolicy_inject);
5466
5467 /*
5468 * pool destroy, and export don't log the history as part of
5469 * zfsdev_ioctl, but rather zfs_ioc_pool_export
5470 * does the logging of those commands.
5471 */
5472 zfs_ioctl_register_pool(ZFS_IOC_POOL_DESTROY, zfs_ioc_pool_destroy,
5473 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5474 zfs_ioctl_register_pool(ZFS_IOC_POOL_EXPORT, zfs_ioc_pool_export,
5475 zfs_secpolicy_config, B_FALSE, POOL_CHECK_NONE);
5476
5477 zfs_ioctl_register_pool(ZFS_IOC_POOL_STATS, zfs_ioc_pool_stats,
5478 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5479 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_PROPS, zfs_ioc_pool_get_props,
5480 zfs_secpolicy_read, B_FALSE, POOL_CHECK_NONE);
5481
5482 zfs_ioctl_register_pool(ZFS_IOC_ERROR_LOG, zfs_ioc_error_log,
5483 zfs_secpolicy_inject, B_FALSE, POOL_CHECK_SUSPENDED);
5484 zfs_ioctl_register_pool(ZFS_IOC_DSOBJ_TO_DSNAME,
5485 zfs_ioc_dsobj_to_dsname,
5486 zfs_secpolicy_diff, B_FALSE, POOL_CHECK_SUSPENDED);
5487 zfs_ioctl_register_pool(ZFS_IOC_POOL_GET_HISTORY,
5488 zfs_ioc_pool_get_history,
5489 zfs_secpolicy_config, B_FALSE, POOL_CHECK_SUSPENDED);
5490
5491 zfs_ioctl_register_pool(ZFS_IOC_POOL_IMPORT, zfs_ioc_pool_import,
5492 zfs_secpolicy_config, B_TRUE, POOL_CHECK_NONE);
5493
5494 zfs_ioctl_register_pool(ZFS_IOC_CLEAR, zfs_ioc_clear,
5495 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5496 zfs_ioctl_register_pool(ZFS_IOC_POOL_REOPEN, zfs_ioc_pool_reopen,
5497 zfs_secpolicy_config, B_TRUE, POOL_CHECK_SUSPENDED);
5498
5499 zfs_ioctl_register_dataset_read(ZFS_IOC_SPACE_WRITTEN,
5500 zfs_ioc_space_written);
5501 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_HOLDS,
5502 zfs_ioc_get_holds);
5503 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_RECVD_PROPS,
5504 zfs_ioc_objset_recvd_props);
5505 zfs_ioctl_register_dataset_read(ZFS_IOC_NEXT_OBJ,
5506 zfs_ioc_next_obj);
5507 zfs_ioctl_register_dataset_read(ZFS_IOC_GET_FSACL,
5508 zfs_ioc_get_fsacl);
5509 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_STATS,
5510 zfs_ioc_objset_stats);
5511 zfs_ioctl_register_dataset_read(ZFS_IOC_OBJSET_ZPLPROPS,
5512 zfs_ioc_objset_zplprops);
5513 zfs_ioctl_register_dataset_read(ZFS_IOC_DATASET_LIST_NEXT,
5514 zfs_ioc_dataset_list_next);
5515 zfs_ioctl_register_dataset_read(ZFS_IOC_SNAPSHOT_LIST_NEXT,
5516 zfs_ioc_snapshot_list_next);
5517 zfs_ioctl_register_dataset_read(ZFS_IOC_SEND_PROGRESS,
5518 zfs_ioc_send_progress);
5519
5520 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_DIFF,
5521 zfs_ioc_diff, zfs_secpolicy_diff);
5522 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_STATS,
5523 zfs_ioc_obj_to_stats, zfs_secpolicy_diff);
5524 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_OBJ_TO_PATH,
5525 zfs_ioc_obj_to_path, zfs_secpolicy_diff);
5526 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_ONE,
5527 zfs_ioc_userspace_one, zfs_secpolicy_userspace_one);
5528 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_USERSPACE_MANY,
5529 zfs_ioc_userspace_many, zfs_secpolicy_userspace_many);
5530 zfs_ioctl_register_dataset_read_secpolicy(ZFS_IOC_SEND,
5531 zfs_ioc_send, zfs_secpolicy_send);
5532
5533 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_PROP, zfs_ioc_set_prop,
5534 zfs_secpolicy_none);
5535 zfs_ioctl_register_dataset_modify(ZFS_IOC_DESTROY, zfs_ioc_destroy,
5536 zfs_secpolicy_destroy);
5537 zfs_ioctl_register_dataset_modify(ZFS_IOC_ROLLBACK, zfs_ioc_rollback,
5538 zfs_secpolicy_rollback);
5539 zfs_ioctl_register_dataset_modify(ZFS_IOC_RENAME, zfs_ioc_rename,
5540 zfs_secpolicy_rename);
5541 zfs_ioctl_register_dataset_modify(ZFS_IOC_RECV, zfs_ioc_recv,
5542 zfs_secpolicy_recv);
5543 zfs_ioctl_register_dataset_modify(ZFS_IOC_PROMOTE, zfs_ioc_promote,
5544 zfs_secpolicy_promote);
5545 zfs_ioctl_register_dataset_modify(ZFS_IOC_HOLD, zfs_ioc_hold,
5546 zfs_secpolicy_hold);
5547 zfs_ioctl_register_dataset_modify(ZFS_IOC_RELEASE, zfs_ioc_release,
5548 zfs_secpolicy_release);
5549 zfs_ioctl_register_dataset_modify(ZFS_IOC_INHERIT_PROP,
5550 zfs_ioc_inherit_prop, zfs_secpolicy_inherit_prop);
5551 zfs_ioctl_register_dataset_modify(ZFS_IOC_SET_FSACL, zfs_ioc_set_fsacl,
5552 zfs_secpolicy_set_fsacl);
5553
5554 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SHARE, zfs_ioc_share,
5555 zfs_secpolicy_share, POOL_CHECK_NONE);
5556 zfs_ioctl_register_dataset_nolog(ZFS_IOC_SMB_ACL, zfs_ioc_smb_acl,
5557 zfs_secpolicy_smb_acl, POOL_CHECK_NONE);
5558 zfs_ioctl_register_dataset_nolog(ZFS_IOC_USERSPACE_UPGRADE,
5559 zfs_ioc_userspace_upgrade, zfs_secpolicy_userspace_upgrade,
5560 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5561 zfs_ioctl_register_dataset_nolog(ZFS_IOC_TMP_SNAPSHOT,
5562 zfs_ioc_tmp_snapshot, zfs_secpolicy_tmp_snapshot,
5563 POOL_CHECK_SUSPENDED | POOL_CHECK_READONLY);
5564 }
5565
5566 int
5567 pool_status_check(const char *name, zfs_ioc_namecheck_t type,
5568 zfs_ioc_poolcheck_t check)
5569 {
5570 spa_t *spa;
5571 int error;
5572
5573 ASSERT(type == POOL_NAME || type == DATASET_NAME);
5574
5575 if (check & POOL_CHECK_NONE)
5576 return (0);
5577
5578 error = spa_open(name, &spa, FTAG);
5579 if (error == 0) {
5580 if ((check & POOL_CHECK_SUSPENDED) && spa_suspended(spa))
5581 error = EAGAIN;
5582 else if ((check & POOL_CHECK_READONLY) && !spa_writeable(spa))
5583 error = EROFS;
5584 spa_close(spa, FTAG);
5585 }
5586 return (error);
5587 }
5588
5589 /*
5590 * Find a free minor number.
5591 */
5592 minor_t
5593 zfsdev_minor_alloc(void)
5594 {
5595 static minor_t last_minor;
5596 minor_t m;
5597
5598 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5599
5600 for (m = last_minor + 1; m != last_minor; m++) {
5601 if (m > ZFSDEV_MAX_MINOR)
5602 m = 1;
5603 if (ddi_get_soft_state(zfsdev_state, m) == NULL) {
5604 last_minor = m;
5605 return (m);
5606 }
5607 }
5608
5609 return (0);
5610 }
5611
5612 static int
5613 zfs_ctldev_init(dev_t *devp)
5614 {
5615 minor_t minor;
5616 zfs_soft_state_t *zs;
5617
5618 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5619 ASSERT(getminor(*devp) == 0);
5620
5621 minor = zfsdev_minor_alloc();
5622 if (minor == 0)
5623 return (ENXIO);
5624
5625 if (ddi_soft_state_zalloc(zfsdev_state, minor) != DDI_SUCCESS)
5626 return (EAGAIN);
5627
5628 *devp = makedevice(getemajor(*devp), minor);
5629
5630 zs = ddi_get_soft_state(zfsdev_state, minor);
5631 zs->zss_type = ZSST_CTLDEV;
5632 zfs_onexit_init((zfs_onexit_t **)&zs->zss_data);
5633
5634 return (0);
5635 }
5636
5637 static void
5638 zfs_ctldev_destroy(zfs_onexit_t *zo, minor_t minor)
5639 {
5640 ASSERT(MUTEX_HELD(&zfsdev_state_lock));
5641
5642 zfs_onexit_destroy(zo);
5643 ddi_soft_state_free(zfsdev_state, minor);
5644 }
5645
5646 void *
5647 zfsdev_get_soft_state(minor_t minor, enum zfs_soft_state_type which)
5648 {
5649 zfs_soft_state_t *zp;
5650
5651 zp = ddi_get_soft_state(zfsdev_state, minor);
5652 if (zp == NULL || zp->zss_type != which)
5653 return (NULL);
5654
5655 return (zp->zss_data);
5656 }
5657
5658 static int
5659 zfsdev_open(dev_t *devp, int flag, int otyp, cred_t *cr)
5660 {
5661 int error = 0;
5662
5663 if (getminor(*devp) != 0)
5664 return (zvol_open(devp, flag, otyp, cr));
5665
5666 /* This is the control device. Allocate a new minor if requested. */
5667 if (flag & FEXCL) {
5668 mutex_enter(&zfsdev_state_lock);
5669 error = zfs_ctldev_init(devp);
5670 mutex_exit(&zfsdev_state_lock);
5671 }
5672
5673 return (error);
5674 }
5675
5676 static int
5677 zfsdev_close(dev_t dev, int flag, int otyp, cred_t *cr)
5678 {
5679 zfs_onexit_t *zo;
5680 minor_t minor = getminor(dev);
5681
5682 if (minor == 0)
5683 return (0);
5684
5685 mutex_enter(&zfsdev_state_lock);
5686 zo = zfsdev_get_soft_state(minor, ZSST_CTLDEV);
5687 if (zo == NULL) {
5688 mutex_exit(&zfsdev_state_lock);
5689 return (zvol_close(dev, flag, otyp, cr));
5690 }
5691 zfs_ctldev_destroy(zo, minor);
5692 mutex_exit(&zfsdev_state_lock);
5693
5694 return (0);
5695 }
5696
5697 static int
5698 zfsdev_ioctl(dev_t dev, int cmd, intptr_t arg, int flag, cred_t *cr, int *rvalp)
5699 {
5700 zfs_cmd_t *zc;
5701 uint_t vecnum;
5702 int error, rc, len;
5703 minor_t minor = getminor(dev);
5704 const zfs_ioc_vec_t *vec;
5705 char *saved_poolname = NULL;
5706 nvlist_t *innvl = NULL;
5707
5708 if (minor != 0 &&
5709 zfsdev_get_soft_state(minor, ZSST_CTLDEV) == NULL)
5710 return (zvol_ioctl(dev, cmd, arg, flag, cr, rvalp));
5711
5712 vecnum = cmd - ZFS_IOC_FIRST;
5713 ASSERT3U(getmajor(dev), ==, ddi_driver_major(zfs_dip));
5714
5715 if (vecnum >= sizeof (zfs_ioc_vec) / sizeof (zfs_ioc_vec[0]))
5716 return (EINVAL);
5717 vec = &zfs_ioc_vec[vecnum];
5718
5719 zc = kmem_zalloc(sizeof (zfs_cmd_t), KM_SLEEP);
5720
5721 error = ddi_copyin((void *)arg, zc, sizeof (zfs_cmd_t), flag);
5722 if (error != 0) {
5723 error = EFAULT;
5724 goto out;
5725 }
5726
5727 zc->zc_iflags = flag & FKIOCTL;
5728 if (zc->zc_nvlist_src_size != 0) {
5729 error = get_nvlist(zc->zc_nvlist_src, zc->zc_nvlist_src_size,
5730 zc->zc_iflags, &innvl);
5731 if (error != 0)
5732 goto out;
5733 }
5734
5735 /*
5736 * Ensure that all pool/dataset names are valid before we pass down to
5737 * the lower layers.
5738 */
5739 zc->zc_name[sizeof (zc->zc_name) - 1] = '\0';
5740 switch (vec->zvec_namecheck) {
5741 case POOL_NAME:
5742 if (pool_namecheck(zc->zc_name, NULL, NULL) != 0)
5743 error = EINVAL;
5744 else
5745 error = pool_status_check(zc->zc_name,
5746 vec->zvec_namecheck, vec->zvec_pool_check);
5747 break;
5748
5749 case DATASET_NAME:
5750 if (dataset_namecheck(zc->zc_name, NULL, NULL) != 0)
5751 error = EINVAL;
5752 else
5753 error = pool_status_check(zc->zc_name,
5754 vec->zvec_namecheck, vec->zvec_pool_check);
5755 break;
5756
5757 case NO_NAME:
5758 break;
5759 }
5760
5761
5762 if (error == 0 && !(flag & FKIOCTL))
5763 error = vec->zvec_secpolicy(zc, innvl, cr);
5764
5765 if (error != 0)
5766 goto out;
5767
5768 /* legacy ioctls can modify zc_name */
5769 len = strcspn(zc->zc_name, "/@") + 1;
5770 saved_poolname = kmem_alloc(len, KM_SLEEP);
5771 (void) strlcpy(saved_poolname, zc->zc_name, len);
5772
5773 if (vec->zvec_func != NULL) {
5774 nvlist_t *outnvl;
5775 int puterror = 0;
5776 spa_t *spa;
5777 nvlist_t *lognv = NULL;
5778
5779 ASSERT(vec->zvec_legacy_func == NULL);
5780
5781 /*
5782 * Add the innvl to the lognv before calling the func,
5783 * in case the func changes the innvl.
5784 */
5785 if (vec->zvec_allow_log) {
5786 lognv = fnvlist_alloc();
5787 fnvlist_add_string(lognv, ZPOOL_HIST_IOCTL,
5788 vec->zvec_name);
5789 if (!nvlist_empty(innvl)) {
5790 fnvlist_add_nvlist(lognv, ZPOOL_HIST_INPUT_NVL,
5791 innvl);
5792 }
5793 }
5794
5795 outnvl = fnvlist_alloc();
5796 error = vec->zvec_func(zc->zc_name, innvl, outnvl);
5797
5798 if (error == 0 && vec->zvec_allow_log &&
5799 spa_open(zc->zc_name, &spa, FTAG) == 0) {
5800 if (!nvlist_empty(outnvl)) {
5801 fnvlist_add_nvlist(lognv, ZPOOL_HIST_OUTPUT_NVL,
5802 outnvl);
5803 }
5804 (void) spa_history_log_nvl(spa, lognv);
5805 spa_close(spa, FTAG);
5806 }
5807 fnvlist_free(lognv);
5808
5809 if (!nvlist_empty(outnvl) || zc->zc_nvlist_dst_size != 0) {
5810 int smusherror = 0;
5811 if (vec->zvec_smush_outnvlist) {
5812 smusherror = nvlist_smush(outnvl,
5813 zc->zc_nvlist_dst_size);
5814 }
5815 if (smusherror == 0)
5816 puterror = put_nvlist(zc, outnvl);
5817 }
5818
5819 if (puterror != 0)
5820 error = puterror;
5821
5822 nvlist_free(outnvl);
5823 } else {
5824 error = vec->zvec_legacy_func(zc);
5825 }
5826
5827 out:
5828 nvlist_free(innvl);
5829 rc = ddi_copyout(zc, (void *)arg, sizeof (zfs_cmd_t), flag);
5830 if (error == 0 && rc != 0)
5831 error = EFAULT;
5832 if (error == 0 && vec->zvec_allow_log) {
5833 char *s = tsd_get(zfs_allow_log_key);
5834 if (s != NULL)
5835 strfree(s);
5836 (void) tsd_set(zfs_allow_log_key, saved_poolname);
5837 } else {
5838 if (saved_poolname != NULL)
5839 strfree(saved_poolname);
5840 }
5841
5842 kmem_free(zc, sizeof (zfs_cmd_t));
5843 return (error);
5844 }
5845
5846 static int
5847 zfs_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
5848 {
5849 if (cmd != DDI_ATTACH)
5850 return (DDI_FAILURE);
5851
5852 if (ddi_create_minor_node(dip, "zfs", S_IFCHR, 0,
5853 DDI_PSEUDO, 0) == DDI_FAILURE)
5854 return (DDI_FAILURE);
5855
5856 zfs_dip = dip;
5857
5858 ddi_report_dev(dip);
5859
5860 return (DDI_SUCCESS);
5861 }
5862
5863 static int
5864 zfs_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
5865 {
5866 if (spa_busy() || zfs_busy() || zvol_busy())
5867 return (DDI_FAILURE);
5868
5869 if (cmd != DDI_DETACH)
5870 return (DDI_FAILURE);
5871
5872 zfs_dip = NULL;
5873
5874 ddi_prop_remove_all(dip);
5875 ddi_remove_minor_node(dip, NULL);
5876
5877 return (DDI_SUCCESS);
5878 }
5879
5880 /*ARGSUSED*/
5881 static int
5882 zfs_info(dev_info_t *dip, ddi_info_cmd_t infocmd, void *arg, void **result)
5883 {
5884 switch (infocmd) {
5885 case DDI_INFO_DEVT2DEVINFO:
5886 *result = zfs_dip;
5887 return (DDI_SUCCESS);
5888
5889 case DDI_INFO_DEVT2INSTANCE:
5890 *result = (void *)0;
5891 return (DDI_SUCCESS);
5892 }
5893
5894 return (DDI_FAILURE);
5895 }
5896
5897 /*
5898 * OK, so this is a little weird.
5899 *
5900 * /dev/zfs is the control node, i.e. minor 0.
5901 * /dev/zvol/[r]dsk/pool/dataset are the zvols, minor > 0.
5902 *
5903 * /dev/zfs has basically nothing to do except serve up ioctls,
5904 * so most of the standard driver entry points are in zvol.c.
5905 */
5906 static struct cb_ops zfs_cb_ops = {
5907 zfsdev_open, /* open */
5908 zfsdev_close, /* close */
5909 zvol_strategy, /* strategy */
5910 nodev, /* print */
5911 zvol_dump, /* dump */
5912 zvol_read, /* read */
5913 zvol_write, /* write */
5914 zfsdev_ioctl, /* ioctl */
5915 nodev, /* devmap */
5916 nodev, /* mmap */
5917 nodev, /* segmap */
5918 nochpoll, /* poll */
5919 ddi_prop_op, /* prop_op */
5920 NULL, /* streamtab */
5921 D_NEW | D_MP | D_64BIT, /* Driver compatibility flag */
5922 CB_REV, /* version */
5923 nodev, /* async read */
5924 nodev, /* async write */
5925 };
5926
5927 static struct dev_ops zfs_dev_ops = {
5928 DEVO_REV, /* version */
5929 0, /* refcnt */
5930 zfs_info, /* info */
5931 nulldev, /* identify */
5932 nulldev, /* probe */
5933 zfs_attach, /* attach */
5934 zfs_detach, /* detach */
5935 nodev, /* reset */
5936 &zfs_cb_ops, /* driver operations */
5937 NULL, /* no bus operations */
5938 NULL, /* power */
5939 ddi_quiesce_not_needed, /* quiesce */
5940 };
5941
5942 static struct modldrv zfs_modldrv = {
5943 &mod_driverops,
5944 "ZFS storage pool",
5945 &zfs_dev_ops
5946 };
5947
5948 static struct modlinkage modlinkage = {
5949 MODREV_1,
5950 (void *)&zfs_modlfs,
5951 (void *)&zfs_modldrv,
5952 NULL
5953 };
5954
5955 static void
5956 zfs_allow_log_destroy(void *arg)
5957 {
5958 char *poolname = arg;
5959 strfree(poolname);
5960 }
5961
5962 int
5963 _init(void)
5964 {
5965 int error;
5966
5967 spa_init(FREAD | FWRITE);
5968 zfs_init();
5969 zvol_init();
5970 zfs_ioctl_init();
5971
5972 if ((error = mod_install(&modlinkage)) != 0) {
5973 zvol_fini();
5974 zfs_fini();
5975 spa_fini();
5976 return (error);
5977 }
5978
5979 tsd_create(&zfs_fsyncer_key, NULL);
5980 tsd_create(&rrw_tsd_key, rrw_tsd_destroy);
5981 tsd_create(&zfs_allow_log_key, zfs_allow_log_destroy);
5982
5983 error = ldi_ident_from_mod(&modlinkage, &zfs_li);
5984 ASSERT(error == 0);
5985 mutex_init(&zfs_share_lock, NULL, MUTEX_DEFAULT, NULL);
5986
5987 return (0);
5988 }
5989
5990 int
5991 _fini(void)
5992 {
5993 int error;
5994
5995 if (spa_busy() || zfs_busy() || zvol_busy() || zio_injection_enabled)
5996 return (EBUSY);
5997
5998 if ((error = mod_remove(&modlinkage)) != 0)
5999 return (error);
6000
6001 zvol_fini();
6002 zfs_fini();
6003 spa_fini();
6004 if (zfs_nfsshare_inited)
6005 (void) ddi_modclose(nfs_mod);
6006 if (zfs_smbshare_inited)
6007 (void) ddi_modclose(smbsrv_mod);
6008 if (zfs_nfsshare_inited || zfs_smbshare_inited)
6009 (void) ddi_modclose(sharefs_mod);
6010
6011 tsd_destroy(&zfs_fsyncer_key);
6012 ldi_ident_release(zfs_li);
6013 zfs_li = NULL;
6014 mutex_destroy(&zfs_share_lock);
6015
6016 return (error);
6017 }
6018
6019 int
6020 _info(struct modinfo *modinfop)
6021 {
6022 return (mod_info(&modlinkage, modinfop));
6023 }
Unleashed OS