int
dsl_pool_open(dsl_pool_t *dp)
{
int err;
dsl_dir_t *dd;
dsl_dataset_t *ds;
uint64_t obj;
rrw_enter(&dp->dp_config_rwlock, RW_WRITER, FTAG);
err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
DMU_POOL_ROOT_DATASET, sizeof (uint64_t), 1,
&dp->dp_root_dir_obj);
if (err)
goto out;
err = dsl_dir_hold_obj(dp, dp->dp_root_dir_obj,
NULL, dp, &dp->dp_root_dir);
if (err)
goto out;
err = dsl_pool_open_special_dir(dp, MOS_DIR_NAME, &dp->dp_mos_dir);
if (err)
goto out;
if (spa_version(dp->dp_spa) >= SPA_VERSION_ORIGIN) {
err = dsl_pool_open_special_dir(dp, ORIGIN_DIR_NAME, &dd);
if (err)
goto out;
err = dsl_dataset_hold_obj(dp,
dsl_dir_phys(dd)->dd_head_dataset_obj, FTAG, &ds);
if (err == 0) {
err = dsl_dataset_hold_obj(dp,
dsl_dataset_phys(ds)->ds_prev_snap_obj, dp,
&dp->dp_origin_snap);
dsl_dataset_rele(ds, FTAG);
}
dsl_dir_rele(dd, dp);
if (err)
goto out;
}
if (spa_version(dp->dp_spa) >= SPA_VERSION_DEADLISTS) {
err = dsl_pool_open_special_dir(dp, FREE_DIR_NAME,
&dp->dp_free_dir);
if (err)
goto out;
err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
DMU_POOL_FREE_BPOBJ, sizeof (uint64_t), 1, &obj);
if (err)
goto out;
VERIFY0(bpobj_open(&dp->dp_free_bpobj,
dp->dp_meta_objset, obj));
}
if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_OBSOLETE_COUNTS)) {
err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
DMU_POOL_OBSOLETE_BPOBJ, sizeof (uint64_t), 1, &obj);
if (err == 0) {
VERIFY0(bpobj_open(&dp->dp_obsolete_bpobj,
dp->dp_meta_objset, obj));
} else if (err == ENOENT) {
/*
* We might not have created the remap bpobj yet.
*/
err = 0;
} else {
goto out;
}
}
/*
* Note: errors ignored, because the these special dirs, used for
* space accounting, are only created on demand.
*/
(void) dsl_pool_open_special_dir(dp, LEAK_DIR_NAME,
&dp->dp_leak_dir);
if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_ASYNC_DESTROY)) {
err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
DMU_POOL_BPTREE_OBJ, sizeof (uint64_t), 1,
&dp->dp_bptree_obj);
if (err != 0)
goto out;
}
if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_EMPTY_BPOBJ)) {
err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
DMU_POOL_EMPTY_BPOBJ, sizeof (uint64_t), 1,
&dp->dp_empty_bpobj);
if (err != 0)
goto out;
}
err = zap_lookup(dp->dp_meta_objset, DMU_POOL_DIRECTORY_OBJECT,
DMU_POOL_TMP_USERREFS, sizeof (uint64_t), 1,
&dp->dp_tmp_userrefs_obj);
if (err == ENOENT)
err = 0;
if (err)
goto out;
err = dsl_scan_init(dp, dp->dp_tx.tx_open_txg);
out:
rrw_exit(&dp->dp_config_rwlock, FTAG);
return (err);
}
int
dsl_prop_get_dd(dsl_dir_t *dd, const char *propname,
int intsz, int numints, void *buf, char *setpoint, boolean_t snapshot)
{
int err = ENOENT;
dsl_dir_t *target = dd;
objset_t *mos = dd->dd_pool->dp_meta_objset;
zfs_prop_t prop;
boolean_t inheritable;
boolean_t inheriting = B_FALSE;
char *inheritstr;
char *recvdstr;
ASSERT(dsl_pool_config_held(dd->dd_pool));
if (setpoint)
setpoint[0] = '\0';
prop = zfs_name_to_prop(propname);
inheritable = (prop == ZPROP_INVAL || zfs_prop_inheritable(prop));
inheritstr = kmem_asprintf("%s%s", propname, ZPROP_INHERIT_SUFFIX);
recvdstr = kmem_asprintf("%s%s", propname, ZPROP_RECVD_SUFFIX);
/*
* Note: dd may become NULL, therefore we shouldn't dereference it
* after this loop.
*/
for (; dd != NULL; dd = dd->dd_parent) {
if (dd != target || snapshot) {
if (!inheritable)
break;
inheriting = B_TRUE;
}
/* Check for a local value. */
err = zap_lookup(mos, dsl_dir_phys(dd)->dd_props_zapobj,
propname, intsz, numints, buf);
if (err != ENOENT) {
if (setpoint != NULL && err == 0)
dsl_dir_name(dd, setpoint);
break;
}
/*
* Skip the check for a received value if there is an explicit
* inheritance entry.
*/
err = zap_contains(mos, dsl_dir_phys(dd)->dd_props_zapobj,
inheritstr);
if (err != 0 && err != ENOENT)
break;
if (err == ENOENT) {
/* Check for a received value. */
err = zap_lookup(mos, dsl_dir_phys(dd)->dd_props_zapobj,
recvdstr, intsz, numints, buf);
if (err != ENOENT) {
if (setpoint != NULL && err == 0) {
if (inheriting) {
dsl_dir_name(dd, setpoint);
} else {
(void) strcpy(setpoint,
ZPROP_SOURCE_VAL_RECVD);
}
}
break;
}
}
/*
* If we found an explicit inheritance entry, err is zero even
* though we haven't yet found the value, so reinitializing err
* at the end of the loop (instead of at the beginning) ensures
* that err has a valid post-loop value.
*/
err = SET_ERROR(ENOENT);
}
if (err == ENOENT)
err = dodefault(prop, intsz, numints, buf);
strfree(inheritstr);
strfree(recvdstr);
return (err);
}
/*
* Predict the effective value of the given special property if it were set with
* the given value and source. This is not a general purpose function. It exists
* only to handle the special requirements of the quota and reservation
* properties. The fact that these properties are non-inheritable greatly
* simplifies the prediction logic.
*
* Returns 0 on success, a positive error code on failure, or -1 if called with
* a property not handled by this function.
*/
int
dsl_prop_predict(dsl_dir_t *dd, const char *propname,
zprop_source_t source, uint64_t value, uint64_t *newvalp)
{
zfs_prop_t prop = zfs_name_to_prop(propname);
objset_t *mos;
uint64_t zapobj;
uint64_t version;
char *recvdstr;
int err = 0;
switch (prop) {
case ZFS_PROP_QUOTA:
case ZFS_PROP_RESERVATION:
case ZFS_PROP_REFQUOTA:
case ZFS_PROP_REFRESERVATION:
break;
default:
return (-1);
}
mos = dd->dd_pool->dp_meta_objset;
zapobj = dsl_dir_phys(dd)->dd_props_zapobj;
recvdstr = kmem_asprintf("%s%s", propname, ZPROP_RECVD_SUFFIX);
version = spa_version(dd->dd_pool->dp_spa);
if (version < SPA_VERSION_RECVD_PROPS) {
if (source & ZPROP_SRC_NONE)
source = ZPROP_SRC_NONE;
else if (source & ZPROP_SRC_RECEIVED)
source = ZPROP_SRC_LOCAL;
}
switch ((int)source) {
case ZPROP_SRC_NONE:
/* Revert to the received value, if any. */
err = zap_lookup(mos, zapobj, recvdstr, 8, 1, newvalp);
if (err == ENOENT)
*newvalp = 0;
break;
case ZPROP_SRC_LOCAL:
*newvalp = value;
break;
case ZPROP_SRC_RECEIVED:
/*
* If there's no local setting, then the new received value will
* be the effective value.
*/
err = zap_lookup(mos, zapobj, propname, 8, 1, newvalp);
if (err == ENOENT)
*newvalp = value;
break;
case (ZPROP_SRC_NONE | ZPROP_SRC_RECEIVED):
/*
* We're clearing the received value, so the local setting (if
* it exists) remains the effective value.
*/
err = zap_lookup(mos, zapobj, propname, 8, 1, newvalp);
if (err == ENOENT)
*newvalp = 0;
break;
default:
panic("unexpected property source: %d", source);
}
strfree(recvdstr);
if (err == ENOENT)
return (0);
return (err);
}
/*
* Check if user has requested permission.
*/
int
dsl_deleg_access_impl(dsl_dataset_t *ds, const char *perm, cred_t *cr)
{
dsl_dir_t *dd;
dsl_pool_t *dp;
void *cookie;
int error;
char checkflag;
objset_t *mos;
avl_tree_t permsets;
perm_set_t *setnode;
dp = ds->ds_dir->dd_pool;
mos = dp->dp_meta_objset;
if (dsl_delegation_on(mos) == B_FALSE)
return (SET_ERROR(ECANCELED));
if (spa_version(dmu_objset_spa(dp->dp_meta_objset)) <
SPA_VERSION_DELEGATED_PERMS)
return (SET_ERROR(EPERM));
if (ds->ds_is_snapshot) {
/*
* Snapshots are treated as descendents only,
* local permissions do not apply.
*/
checkflag = ZFS_DELEG_DESCENDENT;
} else {
checkflag = ZFS_DELEG_LOCAL;
}
avl_create(&permsets, perm_set_compare, sizeof (perm_set_t),
offsetof(perm_set_t, p_node));
ASSERT(dsl_pool_config_held(dp));
for (dd = ds->ds_dir; dd != NULL; dd = dd->dd_parent,
checkflag = ZFS_DELEG_DESCENDENT) {
uint64_t zapobj;
boolean_t expanded;
/*
* If not in global zone then make sure
* the zoned property is set
*/
if (!INGLOBALZONE(curthread)) {
uint64_t zoned;
if (dsl_prop_get_dd(dd,
zfs_prop_to_name(ZFS_PROP_ZONED),
8, 1, &zoned, NULL, B_FALSE) != 0)
break;
if (!zoned)
break;
}
zapobj = dsl_dir_phys(dd)->dd_deleg_zapobj;
if (zapobj == 0)
continue;
dsl_load_user_sets(mos, zapobj, &permsets, checkflag, cr);
again:
expanded = B_FALSE;
for (setnode = avl_first(&permsets); setnode;
setnode = AVL_NEXT(&permsets, setnode)) {
if (setnode->p_matched == B_TRUE)
continue;
/* See if this set directly grants this permission */
error = dsl_check_access(mos, zapobj,
ZFS_DELEG_NAMED_SET, 0, setnode->p_setname, perm);
if (error == 0)
goto success;
if (error == EPERM)
setnode->p_matched = B_TRUE;
/* See if this set includes other sets */
error = dsl_load_sets(mos, zapobj,
ZFS_DELEG_NAMED_SET_SETS, 0,
setnode->p_setname, &permsets);
if (error == 0)
setnode->p_matched = expanded = B_TRUE;
}
/*
* If we expanded any sets, that will define more sets,
* which we need to check.
*/
if (expanded)
goto again;
error = dsl_check_user_access(mos, zapobj, perm, checkflag, cr);
if (error == 0)
goto success;
}
error = SET_ERROR(EPERM);
success:
cookie = NULL;
while ((setnode = avl_destroy_nodes(&permsets, &cookie)) != NULL)
kmem_free(setnode, sizeof (perm_set_t));
return (error);
}
/*
* Find all 'allow' permissions from a given point and then continue
* traversing up to the root.
*
* This function constructs an nvlist of nvlists.
* each setpoint is an nvlist composed of an nvlist of an nvlist
* of the individual * users/groups/everyone/create
* permissions.
*
* The nvlist will look like this.
*
* { source fsname -> { whokeys { permissions,...}, ...}}
*
* The fsname nvpairs will be arranged in a bottom up order. For example,
* if we have the following structure a/b/c then the nvpairs for the fsnames
* will be ordered a/b/c, a/b, a.
*/
int
dsl_deleg_get(const char *ddname, nvlist_t **nvp)
{
dsl_dir_t *dd, *startdd;
dsl_pool_t *dp;
int error;
objset_t *mos;
error = dsl_pool_hold(ddname, FTAG, &dp);
if (error != 0)
return (error);
error = dsl_dir_hold(dp, ddname, FTAG, &startdd, NULL);
if (error != 0) {
dsl_pool_rele(dp, FTAG);
return (error);
}
dp = startdd->dd_pool;
mos = dp->dp_meta_objset;
VERIFY(nvlist_alloc(nvp, NV_UNIQUE_NAME, KM_SLEEP) == 0);
for (dd = startdd; dd != NULL; dd = dd->dd_parent) {
zap_cursor_t basezc;
zap_attribute_t baseza;
nvlist_t *sp_nvp;
uint64_t n;
char source[ZFS_MAX_DATASET_NAME_LEN];
if (dsl_dir_phys(dd)->dd_deleg_zapobj == 0 ||
zap_count(mos,
dsl_dir_phys(dd)->dd_deleg_zapobj, &n) != 0 || n == 0)
continue;
sp_nvp = fnvlist_alloc();
for (zap_cursor_init(&basezc, mos,
dsl_dir_phys(dd)->dd_deleg_zapobj);
zap_cursor_retrieve(&basezc, &baseza) == 0;
zap_cursor_advance(&basezc)) {
zap_cursor_t zc;
zap_attribute_t za;
nvlist_t *perms_nvp;
ASSERT(baseza.za_integer_length == 8);
ASSERT(baseza.za_num_integers == 1);
perms_nvp = fnvlist_alloc();
for (zap_cursor_init(&zc, mos, baseza.za_first_integer);
zap_cursor_retrieve(&zc, &za) == 0;
zap_cursor_advance(&zc)) {
fnvlist_add_boolean(perms_nvp, za.za_name);
}
zap_cursor_fini(&zc);
fnvlist_add_nvlist(sp_nvp, baseza.za_name, perms_nvp);
fnvlist_free(perms_nvp);
}
zap_cursor_fini(&basezc);
dsl_dir_name(dd, source);
fnvlist_add_nvlist(*nvp, source, sp_nvp);
nvlist_free(sp_nvp);
}
dsl_dir_rele(startdd, FTAG);
dsl_pool_rele(dp, FTAG);
return (0);
}
/*
* Find all 'allow' permissions from a given point and then continue
* traversing up to the root.
*
* This function constructs an nvlist of nvlists.
* each setpoint is an nvlist composed of an nvlist of an nvlist
* of the individual * users/groups/everyone/create
* permissions.
*
* The nvlist will look like this.
*
* { source fsname -> { whokeys { permissions,...}, ...}}
*
* The fsname nvpairs will be arranged in a bottom up order. For example,
* if we have the following structure a/b/c then the nvpairs for the fsnames
* will be ordered a/b/c, a/b, a.
*/
int
dsl_deleg_get(const char *ddname, nvlist_t **nvp)
{
dsl_dir_t *dd, *startdd;
dsl_pool_t *dp;
int error;
objset_t *mos;
zap_cursor_t *basezc, *zc;
zap_attribute_t *baseza, *za;
char *source;
error = dsl_pool_hold(ddname, FTAG, &dp);
if (error != 0)
return (error);
error = dsl_dir_hold(dp, ddname, FTAG, &startdd, NULL);
if (error != 0) {
dsl_pool_rele(dp, FTAG);
return (error);
}
dp = startdd->dd_pool;
mos = dp->dp_meta_objset;
zc = kmem_alloc(sizeof (zap_cursor_t), KM_SLEEP);
za = kmem_alloc(sizeof (zap_attribute_t), KM_SLEEP);
basezc = kmem_alloc(sizeof (zap_cursor_t), KM_SLEEP);
baseza = kmem_alloc(sizeof (zap_attribute_t), KM_SLEEP);
source = kmem_alloc(MAXNAMELEN + strlen(MOS_DIR_NAME) + 1, KM_SLEEP);
VERIFY(nvlist_alloc(nvp, NV_UNIQUE_NAME, KM_SLEEP) == 0);
for (dd = startdd; dd != NULL; dd = dd->dd_parent) {
nvlist_t *sp_nvp;
uint64_t n;
if (dsl_dir_phys(dd)->dd_deleg_zapobj == 0 ||
zap_count(mos,
dsl_dir_phys(dd)->dd_deleg_zapobj, &n) != 0 || n == 0)
continue;
sp_nvp = fnvlist_alloc();
for (zap_cursor_init(basezc, mos,
dsl_dir_phys(dd)->dd_deleg_zapobj);
zap_cursor_retrieve(basezc, baseza) == 0;
zap_cursor_advance(basezc)) {
nvlist_t *perms_nvp;
ASSERT(baseza->za_integer_length == 8);
ASSERT(baseza->za_num_integers == 1);
perms_nvp = fnvlist_alloc();
for (zap_cursor_init(zc, mos, baseza->za_first_integer);
zap_cursor_retrieve(zc, za) == 0;
zap_cursor_advance(zc)) {
fnvlist_add_boolean(perms_nvp, za->za_name);
}
zap_cursor_fini(zc);
fnvlist_add_nvlist(sp_nvp, baseza->za_name, perms_nvp);
fnvlist_free(perms_nvp);
}
zap_cursor_fini(basezc);
dsl_dir_name(dd, source);
fnvlist_add_nvlist(*nvp, source, sp_nvp);
nvlist_free(sp_nvp);
}
kmem_free(source, MAXNAMELEN + strlen(MOS_DIR_NAME) + 1);
kmem_free(baseza, sizeof (zap_attribute_t));
kmem_free(basezc, sizeof (zap_cursor_t));
kmem_free(za, sizeof (zap_attribute_t));
kmem_free(zc, sizeof (zap_cursor_t));
dsl_dir_rele(startdd, FTAG);
dsl_pool_rele(dp, FTAG);
return (0);
}