1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2012, 2015 by Delphix. All rights reserved.
24 * Copyright 2015, OmniTI Computer Consulting, Inc. All rights reserved.
25 */
26
27 /*
28 * ZFS control directory (a.k.a. ".zfs")
29 *
30 * This directory provides a common location for all ZFS meta-objects.
31 * Currently, this is only the 'snapshot' directory, but this may expand in the
32 * future. The elements are built using the GFS primitives, as the hierarchy
33 * does not actually exist on disk.
34 *
35 * For 'snapshot', we don't want to have all snapshots always mounted, because
36 * this would take up a huge amount of space in /etc/mnttab. We have three
37 * types of objects:
38 *
39 * ctldir ------> snapshotdir -------> snapshot
40 * |
41 * |
42 * V
43 * mounted fs
44 *
45 * The 'snapshot' node contains just enough information to lookup '..' and act
46 * as a mountpoint for the snapshot. Whenever we lookup a specific snapshot, we
47 * perform an automount of the underlying filesystem and return the
48 * corresponding vnode.
49 *
50 * All mounts are handled automatically by the kernel, but unmounts are
51 * (currently) handled from user land. The main reason is that there is no
52 * reliable way to auto-unmount the filesystem when it's "no longer in use".
53 * When the user unmounts a filesystem, we call zfsctl_unmount(), which
54 * unmounts any snapshots within the snapshot directory.
55 *
56 * The '.zfs', '.zfs/snapshot', and all directories created under
57 * '.zfs/snapshot' (ie: '.zfs/snapshot/<snapname>') are all GFS nodes and
58 * share the same vfs_t as the head filesystem (what '.zfs' lives under).
59 *
60 * File systems mounted ontop of the GFS nodes '.zfs/snapshot/<snapname>'
61 * (ie: snapshots) are ZFS nodes and have their own unique vfs_t.
62 * However, vnodes within these mounted on file systems have their v_vfsp
63 * fields set to the head filesystem to make NFS happy (see
64 * zfsctl_snapdir_lookup()). We VFS_HOLD the head filesystem's vfs_t
65 * so that it cannot be freed until all snapshots have been unmounted.
66 */
67
68 #include <sys/zfs_context.h>
69 #include <sys/zfs_ctldir.h>
70 #include <sys/zfs_ioctl.h>
71 #include <sys/zfs_vfsops.h>
72 #include <sys/namei.h>
73 #include <sys/stat.h>
74 #include <sys/dmu.h>
75 #include <sys/dsl_dataset.h>
76 #include <sys/dsl_destroy.h>
77 #include <sys/dsl_deleg.h>
78 #include <sys/mount.h>
79 #include <sys/zap.h>
80
81 #include "zfs_namecheck.h"
82
83 /* Common access mode for all virtual directories under the ctldir */
84 const u_short zfsctl_ctldir_mode = S_IRUSR | S_IXUSR | S_IRGRP | S_IXGRP |
85 S_IROTH | S_IXOTH;
86
87 /*
88 * "Synthetic" filesystem implementation.
89 */
90
91 /*
92 * Assert that A implies B.
93 */
94 #define KASSERT_IMPLY(A, B, msg) KASSERT(!(A) || (B), (msg));
95
96 static MALLOC_DEFINE(M_SFSNODES, "sfs_nodes", "synthetic-fs nodes");
97
98 typedef struct sfs_node {
99 char sn_name[ZFS_MAX_DATASET_NAME_LEN];
100 uint64_t sn_parent_id;
101 uint64_t sn_id;
102 } sfs_node_t;
103
104 /*
105 * Check the parent's ID as well as the node's to account for a chance
106 * that IDs originating from different domains (snapshot IDs, artifical
107 * IDs, znode IDs) may clash.
108 */
109 static int
sfs_compare_ids(struct vnode * vp,void * arg)110 sfs_compare_ids(struct vnode *vp, void *arg)
111 {
112 sfs_node_t *n1 = vp->v_data;
113 sfs_node_t *n2 = arg;
114 bool equal;
115
116 equal = n1->sn_id == n2->sn_id &&
117 n1->sn_parent_id == n2->sn_parent_id;
118
119 /* Zero means equality. */
120 return (!equal);
121 }
122
123 static int
sfs_vnode_get(const struct mount * mp,int flags,uint64_t parent_id,uint64_t id,struct vnode ** vpp)124 sfs_vnode_get(const struct mount *mp, int flags, uint64_t parent_id,
125 uint64_t id, struct vnode **vpp)
126 {
127 sfs_node_t search;
128 int err;
129
130 search.sn_id = id;
131 search.sn_parent_id = parent_id;
132 err = vfs_hash_get(mp, (u_int)id, flags, curthread, vpp,
133 sfs_compare_ids, &search);
134 return (err);
135 }
136
137 static int
sfs_vnode_insert(struct vnode * vp,int flags,uint64_t parent_id,uint64_t id,struct vnode ** vpp)138 sfs_vnode_insert(struct vnode *vp, int flags, uint64_t parent_id,
139 uint64_t id, struct vnode **vpp)
140 {
141 int err;
142
143 KASSERT(vp->v_data != NULL, ("sfs_vnode_insert with NULL v_data"));
144 err = vfs_hash_insert(vp, (u_int)id, flags, curthread, vpp,
145 sfs_compare_ids, vp->v_data);
146 return (err);
147 }
148
149 static void
sfs_vnode_remove(struct vnode * vp)150 sfs_vnode_remove(struct vnode *vp)
151 {
152 vfs_hash_remove(vp);
153 }
154
155 typedef void sfs_vnode_setup_fn(vnode_t *vp, void *arg);
156
157 static int
sfs_vgetx(struct mount * mp,int flags,uint64_t parent_id,uint64_t id,const char * tag,struct vop_vector * vops,sfs_vnode_setup_fn setup,void * arg,struct vnode ** vpp)158 sfs_vgetx(struct mount *mp, int flags, uint64_t parent_id, uint64_t id,
159 const char *tag, struct vop_vector *vops,
160 sfs_vnode_setup_fn setup, void *arg,
161 struct vnode **vpp)
162 {
163 struct vnode *vp;
164 int error;
165
166 error = sfs_vnode_get(mp, flags, parent_id, id, vpp);
167 if (error != 0 || *vpp != NULL) {
168 KASSERT_IMPLY(error == 0, (*vpp)->v_data != NULL,
169 "sfs vnode with no data");
170 return (error);
171 }
172
173 /* Allocate a new vnode/inode. */
174 error = getnewvnode(tag, mp, vops, &vp);
175 if (error != 0) {
176 *vpp = NULL;
177 return (error);
178 }
179
180 /*
181 * Exclusively lock the vnode vnode while it's being constructed.
182 */
183 lockmgr(vp->v_vnlock, LK_EXCLUSIVE, NULL);
184 error = insmntque(vp, mp);
185 if (error != 0) {
186 *vpp = NULL;
187 return (error);
188 }
189
190 setup(vp, arg);
191
192 error = sfs_vnode_insert(vp, flags, parent_id, id, vpp);
193 if (error != 0 || *vpp != NULL) {
194 KASSERT_IMPLY(error == 0, (*vpp)->v_data != NULL,
195 "sfs vnode with no data");
196 return (error);
197 }
198
199 *vpp = vp;
200 return (0);
201 }
202
203 static void
sfs_print_node(sfs_node_t * node)204 sfs_print_node(sfs_node_t *node)
205 {
206 printf("\tname = %s\n", node->sn_name);
207 printf("\tparent_id = %ju\n", (uintmax_t)node->sn_parent_id);
208 printf("\tid = %ju\n", (uintmax_t)node->sn_id);
209 }
210
211 static sfs_node_t *
sfs_alloc_node(size_t size,const char * name,uint64_t parent_id,uint64_t id)212 sfs_alloc_node(size_t size, const char *name, uint64_t parent_id, uint64_t id)
213 {
214 struct sfs_node *node;
215
216 KASSERT(strlen(name) < sizeof(node->sn_name),
217 ("sfs node name is too long"));
218 KASSERT(size >= sizeof(*node), ("sfs node size is too small"));
219 node = malloc(size, M_SFSNODES, M_WAITOK | M_ZERO);
220 strlcpy(node->sn_name, name, sizeof(node->sn_name));
221 node->sn_parent_id = parent_id;
222 node->sn_id = id;
223
224 return (node);
225 }
226
227 static void
sfs_destroy_node(sfs_node_t * node)228 sfs_destroy_node(sfs_node_t *node)
229 {
230 free(node, M_SFSNODES);
231 }
232
233 static void *
sfs_reclaim_vnode(vnode_t * vp)234 sfs_reclaim_vnode(vnode_t *vp)
235 {
236 sfs_node_t *node;
237 void *data;
238
239 sfs_vnode_remove(vp);
240 data = vp->v_data;
241 vp->v_data = NULL;
242 return (data);
243 }
244
245 static int
sfs_readdir_common(uint64_t parent_id,uint64_t id,struct vop_readdir_args * ap,uio_t * uio,off_t * offp)246 sfs_readdir_common(uint64_t parent_id, uint64_t id, struct vop_readdir_args *ap,
247 uio_t *uio, off_t *offp)
248 {
249 struct dirent entry;
250 int error;
251
252 /* Reset ncookies for subsequent use of vfs_read_dirent. */
253 if (ap->a_ncookies != NULL)
254 *ap->a_ncookies = 0;
255
256 if (uio->uio_resid < sizeof(entry))
257 return (SET_ERROR(EINVAL));
258
259 if (uio->uio_offset < 0)
260 return (SET_ERROR(EINVAL));
261 if (uio->uio_offset == 0) {
262 entry.d_fileno = id;
263 entry.d_type = DT_DIR;
264 entry.d_name[0] = '.';
265 entry.d_namlen = 1;
266 entry.d_reclen = sizeof(entry);
267 dirent_terminate(&entry);
268 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
269 if (error != 0)
270 return (SET_ERROR(error));
271 }
272
273 if (uio->uio_offset < sizeof(entry))
274 return (SET_ERROR(EINVAL));
275 if (uio->uio_offset == sizeof(entry)) {
276 entry.d_fileno = parent_id;
277 entry.d_type = DT_DIR;
278 entry.d_name[0] = '.';
279 entry.d_name[1] = '.';
280 entry.d_namlen = 2;
281 entry.d_reclen = sizeof(entry);
282 dirent_terminate(&entry);
283 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
284 if (error != 0)
285 return (SET_ERROR(error));
286 }
287
288 if (offp != NULL)
289 *offp = 2 * sizeof(entry);
290 return (0);
291 }
292
293
294 /*
295 * .zfs inode namespace
296 *
297 * We need to generate unique inode numbers for all files and directories
298 * within the .zfs pseudo-filesystem. We use the following scheme:
299 *
300 * ENTRY ZFSCTL_INODE
301 * .zfs 1
302 * .zfs/snapshot 2
303 * .zfs/snapshot/<snap> objectid(snap)
304 */
305 #define ZFSCTL_INO_SNAP(id) (id)
306
307 static struct vop_vector zfsctl_ops_root;
308 static struct vop_vector zfsctl_ops_snapdir;
309 static struct vop_vector zfsctl_ops_snapshot;
310 static struct vop_vector zfsctl_ops_shares_dir;
311
312 void
zfsctl_init(void)313 zfsctl_init(void)
314 {
315 }
316
317 void
zfsctl_fini(void)318 zfsctl_fini(void)
319 {
320 }
321
322 boolean_t
zfsctl_is_node(vnode_t * vp)323 zfsctl_is_node(vnode_t *vp)
324 {
325 return (vn_matchops(vp, zfsctl_ops_root) ||
326 vn_matchops(vp, zfsctl_ops_snapdir) ||
327 vn_matchops(vp, zfsctl_ops_snapshot) ||
328 vn_matchops(vp, zfsctl_ops_shares_dir));
329
330 }
331
332 typedef struct zfsctl_root {
333 sfs_node_t node;
334 sfs_node_t *snapdir;
335 timestruc_t cmtime;
336 } zfsctl_root_t;
337
338
339 /*
340 * Create the '.zfs' directory.
341 */
342 void
zfsctl_create(zfsvfs_t * zfsvfs)343 zfsctl_create(zfsvfs_t *zfsvfs)
344 {
345 zfsctl_root_t *dot_zfs;
346 sfs_node_t *snapdir;
347 vnode_t *rvp;
348 uint64_t crtime[2];
349
350 ASSERT(zfsvfs->z_ctldir == NULL);
351
352 snapdir = sfs_alloc_node(sizeof(*snapdir), "snapshot", ZFSCTL_INO_ROOT,
353 ZFSCTL_INO_SNAPDIR);
354 dot_zfs = (zfsctl_root_t *)sfs_alloc_node(sizeof(*dot_zfs), ".zfs", 0,
355 ZFSCTL_INO_ROOT);
356 dot_zfs->snapdir = snapdir;
357
358 VERIFY(VFS_ROOT(zfsvfs->z_vfs, LK_EXCLUSIVE, &rvp) == 0);
359 VERIFY(0 == sa_lookup(VTOZ(rvp)->z_sa_hdl, SA_ZPL_CRTIME(zfsvfs),
360 &crtime, sizeof(crtime)));
361 ZFS_TIME_DECODE(&dot_zfs->cmtime, crtime);
362 vput(rvp);
363
364 zfsvfs->z_ctldir = dot_zfs;
365 }
366
367 /*
368 * Destroy the '.zfs' directory. Only called when the filesystem is unmounted.
369 * The nodes must not have any associated vnodes by now as they should be
370 * vflush-ed.
371 */
372 void
zfsctl_destroy(zfsvfs_t * zfsvfs)373 zfsctl_destroy(zfsvfs_t *zfsvfs)
374 {
375 sfs_destroy_node(zfsvfs->z_ctldir->snapdir);
376 sfs_destroy_node((sfs_node_t *)zfsvfs->z_ctldir);
377 zfsvfs->z_ctldir = NULL;
378 }
379
380 static int
zfsctl_fs_root_vnode(struct mount * mp,void * arg __unused,int flags,struct vnode ** vpp)381 zfsctl_fs_root_vnode(struct mount *mp, void *arg __unused, int flags,
382 struct vnode **vpp)
383 {
384 return (VFS_ROOT(mp, flags, vpp));
385 }
386
387 static void
zfsctl_common_vnode_setup(vnode_t * vp,void * arg)388 zfsctl_common_vnode_setup(vnode_t *vp, void *arg)
389 {
390 ASSERT_VOP_ELOCKED(vp, __func__);
391
392 /* We support shared locking. */
393 VN_LOCK_ASHARE(vp);
394 vp->v_type = VDIR;
395 vp->v_data = arg;
396 }
397
398 static int
zfsctl_root_vnode(struct mount * mp,void * arg __unused,int flags,struct vnode ** vpp)399 zfsctl_root_vnode(struct mount *mp, void *arg __unused, int flags,
400 struct vnode **vpp)
401 {
402 void *node;
403 int err;
404
405 node = ((zfsvfs_t*)mp->mnt_data)->z_ctldir;
406 err = sfs_vgetx(mp, flags, 0, ZFSCTL_INO_ROOT, "zfs", &zfsctl_ops_root,
407 zfsctl_common_vnode_setup, node, vpp);
408 return (err);
409 }
410
411 static int
zfsctl_snapdir_vnode(struct mount * mp,void * arg __unused,int flags,struct vnode ** vpp)412 zfsctl_snapdir_vnode(struct mount *mp, void *arg __unused, int flags,
413 struct vnode **vpp)
414 {
415 void *node;
416 int err;
417
418 node = ((zfsvfs_t*)mp->mnt_data)->z_ctldir->snapdir;
419 err = sfs_vgetx(mp, flags, ZFSCTL_INO_ROOT, ZFSCTL_INO_SNAPDIR, "zfs",
420 &zfsctl_ops_snapdir, zfsctl_common_vnode_setup, node, vpp);
421 return (err);
422 }
423
424 /*
425 * Given a root znode, retrieve the associated .zfs directory.
426 * Add a hold to the vnode and return it.
427 */
428 int
zfsctl_root(zfsvfs_t * zfsvfs,int flags,vnode_t ** vpp)429 zfsctl_root(zfsvfs_t *zfsvfs, int flags, vnode_t **vpp)
430 {
431 vnode_t *vp;
432 int error;
433
434 error = zfsctl_root_vnode(zfsvfs->z_vfs, NULL, flags, vpp);
435 return (error);
436 }
437
438 /*
439 * Common open routine. Disallow any write access.
440 */
441 static int
zfsctl_common_open(struct vop_open_args * ap)442 zfsctl_common_open(struct vop_open_args *ap)
443 {
444 int flags = ap->a_mode;
445
446 if (flags & FWRITE)
447 return (SET_ERROR(EACCES));
448
449 return (0);
450 }
451
452 /*
453 * Common close routine. Nothing to do here.
454 */
455 /* ARGSUSED */
456 static int
zfsctl_common_close(struct vop_close_args * ap)457 zfsctl_common_close(struct vop_close_args *ap)
458 {
459 return (0);
460 }
461
462 /*
463 * Common access routine. Disallow writes.
464 */
465 static int
zfsctl_common_access(ap)466 zfsctl_common_access(ap)
467 struct vop_access_args /* {
468 struct vnode *a_vp;
469 accmode_t a_accmode;
470 struct ucred *a_cred;
471 struct thread *a_td;
472 } */ *ap;
473 {
474 accmode_t accmode = ap->a_accmode;
475
476 if (accmode & VWRITE)
477 return (SET_ERROR(EACCES));
478 return (0);
479 }
480
481 /*
482 * Common getattr function. Fill in basic information.
483 */
484 static void
zfsctl_common_getattr(vnode_t * vp,vattr_t * vap)485 zfsctl_common_getattr(vnode_t *vp, vattr_t *vap)
486 {
487 timestruc_t now;
488 sfs_node_t *node;
489
490 node = vp->v_data;
491
492 vap->va_uid = 0;
493 vap->va_gid = 0;
494 vap->va_rdev = 0;
495 /*
496 * We are a purely virtual object, so we have no
497 * blocksize or allocated blocks.
498 */
499 vap->va_blksize = 0;
500 vap->va_nblocks = 0;
501 vap->va_seq = 0;
502 vap->va_fsid = vp->v_mount->mnt_stat.f_fsid.val[0];
503 vap->va_mode = zfsctl_ctldir_mode;
504 vap->va_type = VDIR;
505 /*
506 * We live in the now (for atime).
507 */
508 gethrestime(&now);
509 vap->va_atime = now;
510 /* FreeBSD: Reset chflags(2) flags. */
511 vap->va_flags = 0;
512
513 vap->va_nodeid = node->sn_id;
514
515 /* At least '.' and '..'. */
516 vap->va_nlink = 2;
517 }
518
519 static int
zfsctl_common_fid(ap)520 zfsctl_common_fid(ap)
521 struct vop_fid_args /* {
522 struct vnode *a_vp;
523 struct fid *a_fid;
524 } */ *ap;
525 {
526 vnode_t *vp = ap->a_vp;
527 fid_t *fidp = (void *)ap->a_fid;
528 sfs_node_t *node = vp->v_data;
529 uint64_t object = node->sn_id;
530 zfid_short_t *zfid;
531 int i;
532
533 zfid = (zfid_short_t *)fidp;
534 zfid->zf_len = SHORT_FID_LEN;
535
536 for (i = 0; i < sizeof(zfid->zf_object); i++)
537 zfid->zf_object[i] = (uint8_t)(object >> (8 * i));
538
539 /* .zfs nodes always have a generation number of 0 */
540 for (i = 0; i < sizeof(zfid->zf_gen); i++)
541 zfid->zf_gen[i] = 0;
542
543 return (0);
544 }
545
546 static int
zfsctl_common_reclaim(ap)547 zfsctl_common_reclaim(ap)
548 struct vop_reclaim_args /* {
549 struct vnode *a_vp;
550 struct thread *a_td;
551 } */ *ap;
552 {
553 vnode_t *vp = ap->a_vp;
554
555 (void) sfs_reclaim_vnode(vp);
556 return (0);
557 }
558
559 static int
zfsctl_common_print(ap)560 zfsctl_common_print(ap)
561 struct vop_print_args /* {
562 struct vnode *a_vp;
563 } */ *ap;
564 {
565 sfs_print_node(ap->a_vp->v_data);
566 return (0);
567 }
568
569 /*
570 * Get root directory attributes.
571 */
572 static int
zfsctl_root_getattr(ap)573 zfsctl_root_getattr(ap)
574 struct vop_getattr_args /* {
575 struct vnode *a_vp;
576 struct vattr *a_vap;
577 struct ucred *a_cred;
578 } */ *ap;
579 {
580 struct vnode *vp = ap->a_vp;
581 struct vattr *vap = ap->a_vap;
582 zfsctl_root_t *node = vp->v_data;
583
584 zfsctl_common_getattr(vp, vap);
585 vap->va_ctime = node->cmtime;
586 vap->va_mtime = vap->va_ctime;
587 vap->va_birthtime = vap->va_ctime;
588 vap->va_nlink += 1; /* snapdir */
589 vap->va_size = vap->va_nlink;
590 return (0);
591 }
592
593 /*
594 * When we lookup "." we still can be asked to lock it
595 * differently, can't we?
596 */
597 int
zfsctl_relock_dot(vnode_t * dvp,int ltype)598 zfsctl_relock_dot(vnode_t *dvp, int ltype)
599 {
600 vref(dvp);
601 if (ltype != VOP_ISLOCKED(dvp)) {
602 if (ltype == LK_EXCLUSIVE)
603 vn_lock(dvp, LK_UPGRADE | LK_RETRY);
604 else /* if (ltype == LK_SHARED) */
605 vn_lock(dvp, LK_DOWNGRADE | LK_RETRY);
606
607 /* Relock for the "." case may left us with reclaimed vnode. */
608 if ((dvp->v_iflag & VI_DOOMED) != 0) {
609 vrele(dvp);
610 return (SET_ERROR(ENOENT));
611 }
612 }
613 return (0);
614 }
615
616 /*
617 * Special case the handling of "..".
618 */
619 int
zfsctl_root_lookup(ap)620 zfsctl_root_lookup(ap)
621 struct vop_lookup_args /* {
622 struct vnode *a_dvp;
623 struct vnode **a_vpp;
624 struct componentname *a_cnp;
625 } */ *ap;
626 {
627 struct componentname *cnp = ap->a_cnp;
628 vnode_t *dvp = ap->a_dvp;
629 vnode_t **vpp = ap->a_vpp;
630 cred_t *cr = ap->a_cnp->cn_cred;
631 int flags = ap->a_cnp->cn_flags;
632 int lkflags = ap->a_cnp->cn_lkflags;
633 int nameiop = ap->a_cnp->cn_nameiop;
634 int err;
635 int ltype;
636
637 ASSERT(dvp->v_type == VDIR);
638
639 if ((flags & ISLASTCN) != 0 && nameiop != LOOKUP)
640 return (SET_ERROR(ENOTSUP));
641
642 if (cnp->cn_namelen == 1 && *cnp->cn_nameptr == '.') {
643 err = zfsctl_relock_dot(dvp, lkflags & LK_TYPE_MASK);
644 if (err == 0)
645 *vpp = dvp;
646 } else if ((flags & ISDOTDOT) != 0) {
647 err = vn_vget_ino_gen(dvp, zfsctl_fs_root_vnode, NULL,
648 lkflags, vpp);
649 } else if (strncmp(cnp->cn_nameptr, "snapshot", cnp->cn_namelen) == 0) {
650 err = zfsctl_snapdir_vnode(dvp->v_mount, NULL, lkflags, vpp);
651 } else {
652 err = SET_ERROR(ENOENT);
653 }
654 if (err != 0)
655 *vpp = NULL;
656 return (err);
657 }
658
659 static int
zfsctl_root_readdir(ap)660 zfsctl_root_readdir(ap)
661 struct vop_readdir_args /* {
662 struct vnode *a_vp;
663 struct uio *a_uio;
664 struct ucred *a_cred;
665 int *a_eofflag;
666 int *ncookies;
667 u_long **a_cookies;
668 } */ *ap;
669 {
670 struct dirent entry;
671 vnode_t *vp = ap->a_vp;
672 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
673 zfsctl_root_t *node = vp->v_data;
674 uio_t *uio = ap->a_uio;
675 int *eofp = ap->a_eofflag;
676 off_t dots_offset;
677 int error;
678
679 ASSERT(vp->v_type == VDIR);
680
681 error = sfs_readdir_common(zfsvfs->z_root, ZFSCTL_INO_ROOT, ap, uio,
682 &dots_offset);
683 if (error != 0) {
684 if (error == ENAMETOOLONG) /* ran out of destination space */
685 error = 0;
686 return (error);
687 }
688 if (uio->uio_offset != dots_offset)
689 return (SET_ERROR(EINVAL));
690
691 CTASSERT(sizeof(node->snapdir->sn_name) <= sizeof(entry.d_name));
692 entry.d_fileno = node->snapdir->sn_id;
693 entry.d_type = DT_DIR;
694 strcpy(entry.d_name, node->snapdir->sn_name);
695 entry.d_namlen = strlen(entry.d_name);
696 entry.d_reclen = sizeof(entry);
697 dirent_terminate(&entry);
698 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
699 if (error != 0) {
700 if (error == ENAMETOOLONG)
701 error = 0;
702 return (SET_ERROR(error));
703 }
704 if (eofp != NULL)
705 *eofp = 1;
706 return (0);
707 }
708
709 static int
zfsctl_root_vptocnp(struct vop_vptocnp_args * ap)710 zfsctl_root_vptocnp(struct vop_vptocnp_args *ap)
711 {
712 static const char dotzfs_name[4] = ".zfs";
713 vnode_t *dvp;
714 int error;
715
716 if (*ap->a_buflen < sizeof (dotzfs_name))
717 return (SET_ERROR(ENOMEM));
718
719 error = vn_vget_ino_gen(ap->a_vp, zfsctl_fs_root_vnode, NULL,
720 LK_SHARED, &dvp);
721 if (error != 0)
722 return (SET_ERROR(error));
723
724 VOP_UNLOCK(dvp, 0);
725 *ap->a_vpp = dvp;
726 *ap->a_buflen -= sizeof (dotzfs_name);
727 bcopy(dotzfs_name, ap->a_buf + *ap->a_buflen, sizeof (dotzfs_name));
728 return (0);
729 }
730
731 static int
zfsctl_common_pathconf(ap)732 zfsctl_common_pathconf(ap)
733 struct vop_pathconf_args /* {
734 struct vnode *a_vp;
735 int a_name;
736 int *a_retval;
737 } */ *ap;
738 {
739 /*
740 * We care about ACL variables so that user land utilities like ls
741 * can display them correctly. Since the ctldir's st_dev is set to be
742 * the same as the parent dataset, we must support all variables that
743 * it supports.
744 */
745 switch (ap->a_name) {
746 case _PC_LINK_MAX:
747 *ap->a_retval = INT_MAX;
748 return (0);
749
750 case _PC_FILESIZEBITS:
751 *ap->a_retval = 64;
752 return (0);
753
754 case _PC_MIN_HOLE_SIZE:
755 *ap->a_retval = (int)SPA_MINBLOCKSIZE;
756 return (0);
757
758 case _PC_ACL_NFS4:
759 *ap->a_retval = 1;
760 return (0);
761
762 case _PC_ACL_PATH_MAX:
763 *ap->a_retval = ACL_MAX_ENTRIES;
764 return (0);
765
766 case _PC_NAME_MAX:
767 *ap->a_retval = NAME_MAX;
768 return (0);
769
770 default:
771 return (vop_stdpathconf(ap));
772 }
773 }
774
775 /**
776 * Returns a trivial ACL
777 */
778 int
zfsctl_common_getacl(ap)779 zfsctl_common_getacl(ap)
780 struct vop_getacl_args /* {
781 struct vnode *vp;
782 acl_type_t a_type;
783 struct acl *a_aclp;
784 struct ucred *cred;
785 struct thread *td;
786 } */ *ap;
787 {
788 int i;
789
790 if (ap->a_type != ACL_TYPE_NFS4)
791 return (EINVAL);
792
793 acl_nfs4_sync_acl_from_mode(ap->a_aclp, zfsctl_ctldir_mode, 0);
794 /*
795 * acl_nfs4_sync_acl_from_mode assumes that the owner can always modify
796 * attributes. That is not the case for the ctldir, so we must clear
797 * those bits. We also must clear ACL_READ_NAMED_ATTRS, because xattrs
798 * aren't supported by the ctldir.
799 */
800 for (i = 0; i < ap->a_aclp->acl_cnt; i++) {
801 struct acl_entry *entry;
802 entry = &(ap->a_aclp->acl_entry[i]);
803 uint32_t old_perm = entry->ae_perm;
804 entry->ae_perm &= ~(ACL_WRITE_ACL | ACL_WRITE_OWNER |
805 ACL_WRITE_ATTRIBUTES | ACL_WRITE_NAMED_ATTRS |
806 ACL_READ_NAMED_ATTRS );
807 }
808
809 return (0);
810 }
811
812 static struct vop_vector zfsctl_ops_root = {
813 .vop_default = &default_vnodeops,
814 .vop_open = zfsctl_common_open,
815 .vop_close = zfsctl_common_close,
816 .vop_ioctl = VOP_EINVAL,
817 .vop_getattr = zfsctl_root_getattr,
818 .vop_access = zfsctl_common_access,
819 .vop_readdir = zfsctl_root_readdir,
820 .vop_lookup = zfsctl_root_lookup,
821 .vop_inactive = VOP_NULL,
822 .vop_reclaim = zfsctl_common_reclaim,
823 .vop_fid = zfsctl_common_fid,
824 .vop_print = zfsctl_common_print,
825 .vop_vptocnp = zfsctl_root_vptocnp,
826 .vop_pathconf = zfsctl_common_pathconf,
827 .vop_getacl = zfsctl_common_getacl,
828 };
829
830 static int
zfsctl_snapshot_zname(vnode_t * vp,const char * name,int len,char * zname)831 zfsctl_snapshot_zname(vnode_t *vp, const char *name, int len, char *zname)
832 {
833 objset_t *os = ((zfsvfs_t *)((vp)->v_vfsp->vfs_data))->z_os;
834
835 dmu_objset_name(os, zname);
836 if (strlen(zname) + 1 + strlen(name) >= len)
837 return (SET_ERROR(ENAMETOOLONG));
838 (void) strcat(zname, "@");
839 (void) strcat(zname, name);
840 return (0);
841 }
842
843 static int
zfsctl_snapshot_lookup(vnode_t * vp,const char * name,uint64_t * id)844 zfsctl_snapshot_lookup(vnode_t *vp, const char *name, uint64_t *id)
845 {
846 objset_t *os = ((zfsvfs_t *)((vp)->v_vfsp->vfs_data))->z_os;
847 int err;
848
849 err = dsl_dataset_snap_lookup(dmu_objset_ds(os), name, id);
850 return (err);
851 }
852
853 /*
854 * Given a vnode get a root vnode of a filesystem mounted on top of
855 * the vnode, if any. The root vnode is referenced and locked.
856 * If no filesystem is mounted then the orinal vnode remains referenced
857 * and locked. If any error happens the orinal vnode is unlocked and
858 * released.
859 */
860 static int
zfsctl_mounted_here(vnode_t ** vpp,int flags)861 zfsctl_mounted_here(vnode_t **vpp, int flags)
862 {
863 struct mount *mp;
864 int err;
865
866 ASSERT_VOP_LOCKED(*vpp, __func__);
867 ASSERT3S((*vpp)->v_type, ==, VDIR);
868
869 if ((mp = (*vpp)->v_mountedhere) != NULL) {
870 err = vfs_busy(mp, 0);
871 KASSERT(err == 0, ("vfs_busy(mp, 0) failed with %d", err));
872 KASSERT(vrefcnt(*vpp) > 1, ("unreferenced mountpoint"));
873 vput(*vpp);
874 err = VFS_ROOT(mp, flags, vpp);
875 vfs_unbusy(mp);
876 return (err);
877 }
878 return (EJUSTRETURN);
879 }
880
881 typedef struct {
882 const char *snap_name;
883 uint64_t snap_id;
884 } snapshot_setup_arg_t;
885
886 static void
zfsctl_snapshot_vnode_setup(vnode_t * vp,void * arg)887 zfsctl_snapshot_vnode_setup(vnode_t *vp, void *arg)
888 {
889 snapshot_setup_arg_t *ssa = arg;
890 sfs_node_t *node;
891
892 ASSERT_VOP_ELOCKED(vp, __func__);
893
894 node = sfs_alloc_node(sizeof(sfs_node_t),
895 ssa->snap_name, ZFSCTL_INO_SNAPDIR, ssa->snap_id);
896 zfsctl_common_vnode_setup(vp, node);
897
898 /* We have to support recursive locking. */
899 VN_LOCK_AREC(vp);
900 }
901
902 /*
903 * Lookup entry point for the 'snapshot' directory. Try to open the
904 * snapshot if it exist, creating the pseudo filesystem vnode as necessary.
905 * Perform a mount of the associated dataset on top of the vnode.
906 * There are four possibilities:
907 * - the snapshot node and vnode do not exist
908 * - the snapshot vnode is covered by the mounted snapshot
909 * - the snapshot vnode is not covered yet, the mount operation is in progress
910 * - the snapshot vnode is not covered, because the snapshot has been unmounted
911 * The last two states are transient and should be relatively short-lived.
912 */
913 int
zfsctl_snapdir_lookup(ap)914 zfsctl_snapdir_lookup(ap)
915 struct vop_lookup_args /* {
916 struct vnode *a_dvp;
917 struct vnode **a_vpp;
918 struct componentname *a_cnp;
919 } */ *ap;
920 {
921 vnode_t *dvp = ap->a_dvp;
922 vnode_t **vpp = ap->a_vpp;
923 struct componentname *cnp = ap->a_cnp;
924 char name[NAME_MAX + 1];
925 char fullname[ZFS_MAX_DATASET_NAME_LEN];
926 char *mountpoint;
927 size_t mountpoint_len;
928 zfsvfs_t *zfsvfs = dvp->v_vfsp->vfs_data;
929 uint64_t snap_id;
930 int nameiop = cnp->cn_nameiop;
931 int lkflags = cnp->cn_lkflags;
932 int flags = cnp->cn_flags;
933 int err;
934
935 ASSERT(dvp->v_type == VDIR);
936
937 if ((flags & ISLASTCN) != 0 && nameiop != LOOKUP)
938 return (SET_ERROR(ENOTSUP));
939
940 if (cnp->cn_namelen == 1 && *cnp->cn_nameptr == '.') {
941 err = zfsctl_relock_dot(dvp, lkflags & LK_TYPE_MASK);
942 if (err == 0)
943 *vpp = dvp;
944 return (err);
945 }
946 if (flags & ISDOTDOT) {
947 err = vn_vget_ino_gen(dvp, zfsctl_root_vnode, NULL, lkflags,
948 vpp);
949 return (err);
950 }
951
952 if (cnp->cn_namelen >= sizeof(name))
953 return (SET_ERROR(ENAMETOOLONG));
954
955 strlcpy(name, ap->a_cnp->cn_nameptr, ap->a_cnp->cn_namelen + 1);
956 err = zfsctl_snapshot_lookup(dvp, name, &snap_id);
957 if (err != 0)
958 return (SET_ERROR(ENOENT));
959
960 for (;;) {
961 snapshot_setup_arg_t ssa;
962
963 ssa.snap_name = name;
964 ssa.snap_id = snap_id;
965 err = sfs_vgetx(dvp->v_mount, LK_SHARED, ZFSCTL_INO_SNAPDIR,
966 snap_id, "zfs", &zfsctl_ops_snapshot,
967 zfsctl_snapshot_vnode_setup, &ssa, vpp);
968 if (err != 0)
969 return (err);
970
971 /* Check if a new vnode has just been created. */
972 if (VOP_ISLOCKED(*vpp) == LK_EXCLUSIVE)
973 break;
974
975 /*
976 * Check if a snapshot is already mounted on top of the vnode.
977 */
978 err = zfsctl_mounted_here(vpp, lkflags);
979 if (err != EJUSTRETURN)
980 return (err);
981
982 /*
983 * If the vnode is not covered, then either the mount operation
984 * is in progress or the snapshot has already been unmounted
985 * but the vnode hasn't been inactivated and reclaimed yet.
986 * We can try to re-use the vnode in the latter case.
987 */
988 VI_LOCK(*vpp);
989 if (((*vpp)->v_iflag & VI_MOUNT) == 0) {
990 /* Upgrade to exclusive lock in order to:
991 * - avoid race conditions
992 * - satisfy the contract of mount_snapshot()
993 */
994 err = VOP_LOCK(*vpp, LK_TRYUPGRADE | LK_INTERLOCK);
995 if (err == 0)
996 break;
997 } else {
998 VI_UNLOCK(*vpp);
999 }
1000
1001 /*
1002 * In this state we can loop on uncontested locks and starve
1003 * the thread doing the lengthy, non-trivial mount operation.
1004 * So, yield to prevent that from happening.
1005 */
1006 vput(*vpp);
1007 kern_yield(PRI_USER);
1008 }
1009
1010 VERIFY0(zfsctl_snapshot_zname(dvp, name, sizeof(fullname), fullname));
1011
1012 mountpoint_len = strlen(dvp->v_vfsp->mnt_stat.f_mntonname) +
1013 strlen("/" ZFS_CTLDIR_NAME "/snapshot/") + strlen(name) + 1;
1014 mountpoint = kmem_alloc(mountpoint_len, KM_SLEEP);
1015 (void) snprintf(mountpoint, mountpoint_len,
1016 "%s/" ZFS_CTLDIR_NAME "/snapshot/%s",
1017 dvp->v_vfsp->mnt_stat.f_mntonname, name);
1018
1019 err = mount_snapshot(curthread, vpp, "zfs", mountpoint, fullname, 0);
1020 kmem_free(mountpoint, mountpoint_len);
1021 if (err == 0) {
1022 /*
1023 * Fix up the root vnode mounted on .zfs/snapshot/<snapname>.
1024 *
1025 * This is where we lie about our v_vfsp in order to
1026 * make .zfs/snapshot/<snapname> accessible over NFS
1027 * without requiring manual mounts of <snapname>.
1028 */
1029 ASSERT(VTOZ(*vpp)->z_zfsvfs != zfsvfs);
1030 VTOZ(*vpp)->z_zfsvfs->z_parent = zfsvfs;
1031
1032 /* Clear the root flag (set via VFS_ROOT) as well. */
1033 (*vpp)->v_vflag &= ~VV_ROOT;
1034 }
1035
1036 if (err != 0)
1037 *vpp = NULL;
1038 return (err);
1039 }
1040
1041 static int
zfsctl_snapdir_readdir(ap)1042 zfsctl_snapdir_readdir(ap)
1043 struct vop_readdir_args /* {
1044 struct vnode *a_vp;
1045 struct uio *a_uio;
1046 struct ucred *a_cred;
1047 int *a_eofflag;
1048 int *ncookies;
1049 u_long **a_cookies;
1050 } */ *ap;
1051 {
1052 char snapname[ZFS_MAX_DATASET_NAME_LEN];
1053 struct dirent entry;
1054 vnode_t *vp = ap->a_vp;
1055 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
1056 uio_t *uio = ap->a_uio;
1057 int *eofp = ap->a_eofflag;
1058 off_t dots_offset;
1059 int error;
1060
1061 ASSERT(vp->v_type == VDIR);
1062
1063 error = sfs_readdir_common(ZFSCTL_INO_ROOT, ZFSCTL_INO_SNAPDIR, ap, uio,
1064 &dots_offset);
1065 if (error != 0) {
1066 if (error == ENAMETOOLONG) /* ran out of destination space */
1067 error = 0;
1068 return (error);
1069 }
1070
1071 ZFS_ENTER(zfsvfs);
1072 for (;;) {
1073 uint64_t cookie;
1074 uint64_t id;
1075
1076 cookie = uio->uio_offset - dots_offset;
1077
1078 dsl_pool_config_enter(dmu_objset_pool(zfsvfs->z_os), FTAG);
1079 error = dmu_snapshot_list_next(zfsvfs->z_os, sizeof(snapname),
1080 snapname, &id, &cookie, NULL);
1081 dsl_pool_config_exit(dmu_objset_pool(zfsvfs->z_os), FTAG);
1082 if (error != 0) {
1083 if (error == ENOENT) {
1084 if (eofp != NULL)
1085 *eofp = 1;
1086 error = 0;
1087 }
1088 ZFS_EXIT(zfsvfs);
1089 return (error);
1090 }
1091
1092 entry.d_fileno = id;
1093 entry.d_type = DT_DIR;
1094 strcpy(entry.d_name, snapname);
1095 entry.d_namlen = strlen(entry.d_name);
1096 entry.d_reclen = sizeof(entry);
1097 dirent_terminate(&entry);
1098 error = vfs_read_dirent(ap, &entry, uio->uio_offset);
1099 if (error != 0) {
1100 if (error == ENAMETOOLONG)
1101 error = 0;
1102 ZFS_EXIT(zfsvfs);
1103 return (SET_ERROR(error));
1104 }
1105 uio->uio_offset = cookie + dots_offset;
1106 }
1107 /* NOTREACHED */
1108 }
1109
1110 static int
zfsctl_snapdir_getattr(ap)1111 zfsctl_snapdir_getattr(ap)
1112 struct vop_getattr_args /* {
1113 struct vnode *a_vp;
1114 struct vattr *a_vap;
1115 struct ucred *a_cred;
1116 } */ *ap;
1117 {
1118 vnode_t *vp = ap->a_vp;
1119 vattr_t *vap = ap->a_vap;
1120 zfsvfs_t *zfsvfs = vp->v_vfsp->vfs_data;
1121 dsl_dataset_t *ds;
1122 sfs_node_t *node = vp->v_data;
1123 uint64_t snap_count;
1124 int err;
1125
1126 ZFS_ENTER(zfsvfs);
1127 ds = dmu_objset_ds(zfsvfs->z_os);
1128 zfsctl_common_getattr(vp, vap);
1129 vap->va_ctime = dmu_objset_snap_cmtime(zfsvfs->z_os);
1130 vap->va_mtime = vap->va_ctime;
1131 vap->va_birthtime = vap->va_ctime;
1132 if (dsl_dataset_phys(ds)->ds_snapnames_zapobj != 0) {
1133 err = zap_count(dmu_objset_pool(ds->ds_objset)->dp_meta_objset,
1134 dsl_dataset_phys(ds)->ds_snapnames_zapobj, &snap_count);
1135 if (err != 0) {
1136 ZFS_EXIT(zfsvfs);
1137 return (err);
1138 }
1139 vap->va_nlink += snap_count;
1140 }
1141 vap->va_size = vap->va_nlink;
1142
1143 ZFS_EXIT(zfsvfs);
1144 return (0);
1145 }
1146
1147 static struct vop_vector zfsctl_ops_snapdir = {
1148 .vop_default = &default_vnodeops,
1149 .vop_open = zfsctl_common_open,
1150 .vop_close = zfsctl_common_close,
1151 .vop_getattr = zfsctl_snapdir_getattr,
1152 .vop_access = zfsctl_common_access,
1153 .vop_readdir = zfsctl_snapdir_readdir,
1154 .vop_lookup = zfsctl_snapdir_lookup,
1155 .vop_reclaim = zfsctl_common_reclaim,
1156 .vop_fid = zfsctl_common_fid,
1157 .vop_print = zfsctl_common_print,
1158 .vop_pathconf = zfsctl_common_pathconf,
1159 .vop_getacl = zfsctl_common_getacl,
1160 };
1161
1162 static int
zfsctl_snapshot_inactive(ap)1163 zfsctl_snapshot_inactive(ap)
1164 struct vop_inactive_args /* {
1165 struct vnode *a_vp;
1166 struct thread *a_td;
1167 } */ *ap;
1168 {
1169 vnode_t *vp = ap->a_vp;
1170
1171 VERIFY(vrecycle(vp) == 1);
1172 return (0);
1173 }
1174
1175 static int
zfsctl_snapshot_reclaim(ap)1176 zfsctl_snapshot_reclaim(ap)
1177 struct vop_reclaim_args /* {
1178 struct vnode *a_vp;
1179 struct thread *a_td;
1180 } */ *ap;
1181 {
1182 vnode_t *vp = ap->a_vp;
1183 void *data = vp->v_data;
1184
1185 sfs_reclaim_vnode(vp);
1186 sfs_destroy_node(data);
1187 return (0);
1188 }
1189
1190 static int
zfsctl_snapshot_vptocnp(struct vop_vptocnp_args * ap)1191 zfsctl_snapshot_vptocnp(struct vop_vptocnp_args *ap)
1192 {
1193 struct mount *mp;
1194 vnode_t *dvp;
1195 vnode_t *vp;
1196 sfs_node_t *node;
1197 size_t len;
1198 int locked;
1199 int error;
1200
1201 vp = ap->a_vp;
1202 node = vp->v_data;
1203 len = strlen(node->sn_name);
1204 if (*ap->a_buflen < len)
1205 return (SET_ERROR(ENOMEM));
1206
1207 /*
1208 * Prevent unmounting of the snapshot while the vnode lock
1209 * is not held. That is not strictly required, but allows
1210 * us to assert that an uncovered snapshot vnode is never
1211 * "leaked".
1212 */
1213 mp = vp->v_mountedhere;
1214 if (mp == NULL)
1215 return (SET_ERROR(ENOENT));
1216 error = vfs_busy(mp, 0);
1217 KASSERT(error == 0, ("vfs_busy(mp, 0) failed with %d", error));
1218
1219 /*
1220 * We can vput the vnode as we can now depend on the reference owned
1221 * by the busied mp. But we also need to hold the vnode, because
1222 * the reference may go after vfs_unbusy() which has to be called
1223 * before we can lock the vnode again.
1224 */
1225 locked = VOP_ISLOCKED(vp);
1226 vhold(vp);
1227 vput(vp);
1228
1229 /* Look up .zfs/snapshot, our parent. */
1230 error = zfsctl_snapdir_vnode(vp->v_mount, NULL, LK_SHARED, &dvp);
1231 if (error == 0) {
1232 VOP_UNLOCK(dvp, 0);
1233 *ap->a_vpp = dvp;
1234 *ap->a_buflen -= len;
1235 bcopy(node->sn_name, ap->a_buf + *ap->a_buflen, len);
1236 }
1237 vfs_unbusy(mp);
1238 vget(vp, locked | LK_VNHELD | LK_RETRY, curthread);
1239 return (error);
1240 }
1241
1242 /*
1243 * These VP's should never see the light of day. They should always
1244 * be covered.
1245 */
1246 static struct vop_vector zfsctl_ops_snapshot = {
1247 .vop_default = NULL, /* ensure very restricted access */
1248 .vop_inactive = zfsctl_snapshot_inactive,
1249 .vop_reclaim = zfsctl_snapshot_reclaim,
1250 .vop_vptocnp = zfsctl_snapshot_vptocnp,
1251 .vop_lock1 = vop_stdlock,
1252 .vop_unlock = vop_stdunlock,
1253 .vop_islocked = vop_stdislocked,
1254 .vop_advlockpurge = vop_stdadvlockpurge, /* called by vgone */
1255 .vop_print = zfsctl_common_print,
1256 };
1257
1258 int
zfsctl_lookup_objset(vfs_t * vfsp,uint64_t objsetid,zfsvfs_t ** zfsvfsp)1259 zfsctl_lookup_objset(vfs_t *vfsp, uint64_t objsetid, zfsvfs_t **zfsvfsp)
1260 {
1261 struct mount *mp;
1262 zfsvfs_t *zfsvfs = vfsp->vfs_data;
1263 vnode_t *vp;
1264 int error;
1265
1266 ASSERT(zfsvfs->z_ctldir != NULL);
1267 *zfsvfsp = NULL;
1268 error = sfs_vnode_get(vfsp, LK_EXCLUSIVE,
1269 ZFSCTL_INO_SNAPDIR, objsetid, &vp);
1270 if (error == 0 && vp != NULL) {
1271 /*
1272 * XXX Probably need to at least reference, if not busy, the mp.
1273 */
1274 if (vp->v_mountedhere != NULL)
1275 *zfsvfsp = vp->v_mountedhere->mnt_data;
1276 vput(vp);
1277 }
1278 if (*zfsvfsp == NULL)
1279 return (SET_ERROR(EINVAL));
1280 return (0);
1281 }
1282
1283 /*
1284 * Unmount any snapshots for the given filesystem. This is called from
1285 * zfs_umount() - if we have a ctldir, then go through and unmount all the
1286 * snapshots.
1287 */
1288 int
zfsctl_umount_snapshots(vfs_t * vfsp,int fflags,cred_t * cr)1289 zfsctl_umount_snapshots(vfs_t *vfsp, int fflags, cred_t *cr)
1290 {
1291 char snapname[ZFS_MAX_DATASET_NAME_LEN];
1292 zfsvfs_t *zfsvfs = vfsp->vfs_data;
1293 struct mount *mp;
1294 vnode_t *dvp;
1295 vnode_t *vp;
1296 sfs_node_t *node;
1297 sfs_node_t *snap;
1298 uint64_t cookie;
1299 int error;
1300
1301 ASSERT(zfsvfs->z_ctldir != NULL);
1302
1303 cookie = 0;
1304 for (;;) {
1305 uint64_t id;
1306
1307 dsl_pool_config_enter(dmu_objset_pool(zfsvfs->z_os), FTAG);
1308 error = dmu_snapshot_list_next(zfsvfs->z_os, sizeof(snapname),
1309 snapname, &id, &cookie, NULL);
1310 dsl_pool_config_exit(dmu_objset_pool(zfsvfs->z_os), FTAG);
1311 if (error != 0) {
1312 if (error == ENOENT)
1313 error = 0;
1314 break;
1315 }
1316
1317 for (;;) {
1318 error = sfs_vnode_get(vfsp, LK_EXCLUSIVE,
1319 ZFSCTL_INO_SNAPDIR, id, &vp);
1320 if (error != 0 || vp == NULL)
1321 break;
1322
1323 mp = vp->v_mountedhere;
1324
1325 /*
1326 * v_mountedhere being NULL means that the
1327 * (uncovered) vnode is in a transient state
1328 * (mounting or unmounting), so loop until it
1329 * settles down.
1330 */
1331 if (mp != NULL)
1332 break;
1333 vput(vp);
1334 }
1335 if (error != 0)
1336 break;
1337 if (vp == NULL)
1338 continue; /* no mountpoint, nothing to do */
1339
1340 /*
1341 * The mount-point vnode is kept locked to avoid spurious EBUSY
1342 * from a concurrent umount.
1343 * The vnode lock must have recursive locking enabled.
1344 */
1345 vfs_ref(mp);
1346 error = dounmount(mp, fflags, curthread);
1347 KASSERT_IMPLY(error == 0, vrefcnt(vp) == 1,
1348 ("extra references after unmount"));
1349 vput(vp);
1350 if (error != 0)
1351 break;
1352 }
1353 KASSERT_IMPLY((fflags & MS_FORCE) != 0, error == 0,
1354 ("force unmounting failed"));
1355 return (error);
1356 }
1357
1358