static int
zfs_domount(vfs_t *vfsp, char *osname, cred_t *cr)
{
dev_t mount_dev;
uint64_t recordsize, readonly;
int error = 0;
int mode;
zfsvfs_t *zfsvfs;
znode_t *zp = NULL;
ASSERT(vfsp);
ASSERT(osname);
/*
* Initialize the zfs-specific filesystem structure.
* Should probably make this a kmem cache, shuffle fields,
* and just bzero up to z_hold_mtx[].
*/
zfsvfs = kmem_zalloc(sizeof (zfsvfs_t), KM_SLEEP);
zfsvfs->z_vfs = vfsp;
zfsvfs->z_parent = zfsvfs;
zfsvfs->z_assign = TXG_NOWAIT;
zfsvfs->z_max_blksz = SPA_MAXBLOCKSIZE;
zfsvfs->z_show_ctldir = ZFS_SNAPDIR_VISIBLE;
mutex_init(&zfsvfs->z_znodes_lock, NULL, MUTEX_DEFAULT, NULL);
list_create(&zfsvfs->z_all_znodes, sizeof (znode_t),
offsetof(znode_t, z_link_node));
rw_init(&zfsvfs->z_um_lock, NULL, RW_DEFAULT, NULL);
/* Initialize the generic filesystem structure. */
vfsp->vfs_bcount = 0;
vfsp->vfs_data = NULL;
if (zfs_create_unique_device(&mount_dev) == -1) {
error = ENODEV;
goto out;
}
ASSERT(vfs_devismounted(mount_dev) == 0);
if (error = dsl_prop_get_integer(osname, "recordsize", &recordsize,
NULL))
goto out;
vfsp->vfs_dev = mount_dev;
vfsp->vfs_fstype = zfsfstype;
vfsp->vfs_bsize = recordsize;
vfsp->vfs_flag |= VFS_NOTRUNC;
vfsp->vfs_data = zfsvfs;
if (error = dsl_prop_get_integer(osname, "readonly", &readonly, NULL))
goto out;
if (readonly)
mode = DS_MODE_PRIMARY | DS_MODE_READONLY;
else
mode = DS_MODE_PRIMARY;
error = dmu_objset_open(osname, DMU_OST_ZFS, mode, &zfsvfs->z_os);
if (error == EROFS) {
mode = DS_MODE_PRIMARY | DS_MODE_READONLY;
error = dmu_objset_open(osname, DMU_OST_ZFS, mode,
&zfsvfs->z_os);
}
if (error)
goto out;
if (error = zfs_init_fs(zfsvfs, &zp, cr))
goto out;
/* The call to zfs_init_fs leaves the vnode held, release it here. */
VN_RELE(ZTOV(zp));
if (dmu_objset_is_snapshot(zfsvfs->z_os)) {
ASSERT(mode & DS_MODE_READONLY);
atime_changed_cb(zfsvfs, B_FALSE);
readonly_changed_cb(zfsvfs, B_TRUE);
zfsvfs->z_issnap = B_TRUE;
} else {
error = zfs_register_callbacks(vfsp);
if (error)
goto out;
/*
* Start a delete thread running.
*/
(void) zfs_delete_thread_target(zfsvfs, 1);
/*
* Parse and replay the intent log.
*/
zil_replay(zfsvfs->z_os, zfsvfs, &zfsvfs->z_assign,
zfs_replay_vector, (void (*)(void *))zfs_delete_wait_empty);
if (!zil_disable)
zfsvfs->z_log = zil_open(zfsvfs->z_os, zfs_get_data);
}
if (!zfsvfs->z_issnap)
zfsctl_create(zfsvfs);
out:
if (error) {
if (zfsvfs->z_os)
dmu_objset_close(zfsvfs->z_os);
kmem_free(zfsvfs, sizeof (zfsvfs_t));
} else {
atomic_add_32(&zfs_active_fs_count, 1);
}
return (error);
}
int
zfs_sb_setup(zfs_sb_t *zsb, boolean_t mounting)
{
int error;
error = zfs_register_callbacks(zsb);
if (error)
return (error);
/*
* Set the objset user_ptr to track its zsb.
*/
mutex_enter(&zsb->z_os->os_user_ptr_lock);
dmu_objset_set_user(zsb->z_os, zsb);
mutex_exit(&zsb->z_os->os_user_ptr_lock);
zsb->z_log = zil_open(zsb->z_os, zfs_get_data);
/*
* If we are not mounting (ie: online recv), then we don't
* have to worry about replaying the log as we blocked all
* operations out since we closed the ZIL.
*/
if (mounting) {
boolean_t readonly;
/*
* During replay we remove the read only flag to
* allow replays to succeed.
*/
readonly = zfs_is_readonly(zsb);
if (readonly != 0)
readonly_changed_cb(zsb, B_FALSE);
else
zfs_unlinked_drain(zsb);
/*
* Parse and replay the intent log.
*
* Because of ziltest, this must be done after
* zfs_unlinked_drain(). (Further note: ziltest
* doesn't use readonly mounts, where
* zfs_unlinked_drain() isn't called.) This is because
* ziltest causes spa_sync() to think it's committed,
* but actually it is not, so the intent log contains
* many txg's worth of changes.
*
* In particular, if object N is in the unlinked set in
* the last txg to actually sync, then it could be
* actually freed in a later txg and then reallocated
* in a yet later txg. This would write a "create
* object N" record to the intent log. Normally, this
* would be fine because the spa_sync() would have
* written out the fact that object N is free, before
* we could write the "create object N" intent log
* record.
*
* But when we are in ziltest mode, we advance the "open
* txg" without actually spa_sync()-ing the changes to
* disk. So we would see that object N is still
* allocated and in the unlinked set, and there is an
* intent log record saying to allocate it.
*/
if (spa_writeable(dmu_objset_spa(zsb->z_os))) {
if (zil_replay_disable) {
zil_destroy(zsb->z_log, B_FALSE);
} else {
zsb->z_replay = B_TRUE;
zil_replay(zsb->z_os, zsb,
zfs_replay_vector);
zsb->z_replay = B_FALSE;
}
}
/* restore readonly bit */
if (readonly != 0)
readonly_changed_cb(zsb, B_TRUE);
}
return (0);
}
/*ARGSUSED*/
static int
zfs_mount(vfs_t *vfsp)
{
kthread_t *td = curthread;
vnode_t *mvp = vfsp->mnt_vnodecovered;
cred_t *cr = td->td_ucred;
char *osname;
int error = 0;
int canwrite;
if (vfs_getopt(vfsp->mnt_optnew, "from", (void **)&osname, NULL))
return (EINVAL);
/*
* If full-owner-access is enabled and delegated administration is
* turned on, we must set nosuid.
*/
if (zfs_super_owner &&
dsl_deleg_access(osname, ZFS_DELEG_PERM_MOUNT, cr) != ECANCELED) {
secpolicy_fs_mount_clearopts(cr, vfsp);
}
/*
* Check for mount privilege?
*
* If we don't have privilege then see if
* we have local permission to allow it
*/
error = secpolicy_fs_mount(cr, mvp, vfsp);
if (error) {
error = dsl_deleg_access(osname, ZFS_DELEG_PERM_MOUNT, cr);
if (error != 0)
goto out;
if (!(vfsp->vfs_flag & MS_REMOUNT)) {
vattr_t vattr;
/*
* Make sure user is the owner of the mount point
* or has sufficient privileges.
*/
vattr.va_mask = AT_UID;
vn_lock(mvp, LK_SHARED | LK_RETRY);
if (error = VOP_GETATTR(mvp, &vattr, cr)) {
VOP_UNLOCK(mvp, 0);
goto out;
}
#if 0 /* CHECK THIS! Is probably needed for zfs_suser. */
if (secpolicy_vnode_owner(mvp, cr, vattr.va_uid) != 0 &&
VOP_ACCESS(mvp, VWRITE, cr, td) != 0) {
error = EPERM;
goto out;
}
#else
if (error = secpolicy_vnode_owner(mvp, cr, vattr.va_uid)) {
VOP_UNLOCK(mvp, 0);
goto out;
}
if (error = VOP_ACCESS(mvp, VWRITE, cr, td)) {
VOP_UNLOCK(mvp, 0);
goto out;
}
VOP_UNLOCK(mvp, 0);
#endif
}
secpolicy_fs_mount_clearopts(cr, vfsp);
}
/*
* Refuse to mount a filesystem if we are in a local zone and the
* dataset is not visible.
*/
if (!INGLOBALZONE(curthread) &&
(!zone_dataset_visible(osname, &canwrite) || !canwrite)) {
error = EPERM;
goto out;
}
/*
* When doing a remount, we simply refresh our temporary properties
* according to those options set in the current VFS options.
*/
if (vfsp->vfs_flag & MS_REMOUNT) {
/* refresh mount options */
zfs_unregister_callbacks(vfsp->vfs_data);
error = zfs_register_callbacks(vfsp);
goto out;
}
DROP_GIANT();
error = zfs_domount(vfsp, osname);
PICKUP_GIANT();
out:
return (error);
}
