4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright (c) 2012, 2017 by Delphix. All rights reserved.
24 * Copyright (c) 2013 Steven Hartland. All rights reserved.
25 * Copyright (c) 2017 Datto Inc.
26 * Copyright 2017 RackTop Systems.
27 * Copyright (c) 2017 Open-E, Inc. All Rights Reserved.
31 * LibZFS_Core (lzc) is intended to replace most functionality in libzfs.
32 * It has the following characteristics:
34 * - Thread Safe. libzfs_core is accessible concurrently from multiple
35 * threads. This is accomplished primarily by avoiding global data
36 * (e.g. caching). Since it's thread-safe, there is no reason for a
37 * process to have multiple libzfs "instances". Therefore, we store
38 * our few pieces of data (e.g. the file descriptor) in global
39 * variables. The fd is reference-counted so that the libzfs_core
40 * library can be "initialized" multiple times (e.g. by different
41 * consumers within the same process).
43 * - Committed Interface. The libzfs_core interface will be committed,
44 * therefore consumers can compile against it and be confident that
45 * their code will continue to work on future releases of this code.
46 * Currently, the interface is Evolving (not Committed), but we intend
47 * to commit to it once it is more complete and we determine that it
48 * meets the needs of all consumers.
50 * - Programmatic Error Handling. libzfs_core communicates errors with
51 * defined error numbers, and doesn't print anything to stdout/stderr.
53 * - Thin Layer. libzfs_core is a thin layer, marshaling arguments
54 * to/from the kernel ioctls. There is generally a 1:1 correspondence
55 * between libzfs_core functions and ioctls to /dev/zfs.
57 * - Clear Atomicity. Because libzfs_core functions are generally 1:1
58 * with kernel ioctls, and kernel ioctls are general atomic, each
59 * libzfs_core function is atomic. For example, creating multiple
60 * snapshots with a single call to lzc_snapshot() is atomic -- it
61 * can't fail with only some of the requested snapshots created, even
62 * in the event of power loss or system crash.
64 * - Continued libzfs Support. Some higher-level operations (e.g.
65 * support for "zfs send -R") are too complicated to fit the scope of
66 * libzfs_core. This functionality will continue to live in libzfs.
67 * Where appropriate, libzfs will use the underlying atomic operations
68 * of libzfs_core. For example, libzfs may implement "zfs send -R |
69 * zfs receive" by using individual "send one snapshot", rename,
70 * destroy, and "receive one snapshot" operations in libzfs_core.
71 * /sbin/zfs and /zbin/zpool will link with both libzfs and
72 * libzfs_core. Other consumers should aim to use only libzfs_core,
73 * since that will be the supported, stable interface going forwards.
76 #include <libzfs_core.h>
84 #include <sys/nvpair.h>
85 #include <sys/param.h>
86 #include <sys/types.h>
88 #include <sys/zfs_ioctl.h>
91 static pthread_mutex_t g_lock = PTHREAD_MUTEX_INITIALIZER;
92 static int g_refcount;
95 libzfs_core_init(void)
97 (void) pthread_mutex_lock(&g_lock);
98 if (g_refcount == 0) {
99 g_fd = open("/dev/zfs", O_RDWR);
101 (void) pthread_mutex_unlock(&g_lock);
106 (void) pthread_mutex_unlock(&g_lock);
111 libzfs_core_fini(void)
113 (void) pthread_mutex_lock(&g_lock);
114 ASSERT3S(g_refcount, >, 0);
119 if (g_refcount == 0 && g_fd != -1) {
123 (void) pthread_mutex_unlock(&g_lock);
127 lzc_ioctl(zfs_ioc_t ioc, const char *name,
128 nvlist_t *source, nvlist_t **resultp)
130 zfs_cmd_t zc = {"\0"};
135 ASSERT3S(g_refcount, >, 0);
136 VERIFY3S(g_fd, !=, -1);
139 (void) strlcpy(zc.zc_name, name, sizeof (zc.zc_name));
141 if (source != NULL) {
142 packed = fnvlist_pack(source, &size);
143 zc.zc_nvlist_src = (uint64_t)(uintptr_t)packed;
144 zc.zc_nvlist_src_size = size;
147 if (resultp != NULL) {
149 if (ioc == ZFS_IOC_CHANNEL_PROGRAM) {
150 zc.zc_nvlist_dst_size = fnvlist_lookup_uint64(source,
153 zc.zc_nvlist_dst_size = MAX(size * 2, 128 * 1024);
155 zc.zc_nvlist_dst = (uint64_t)(uintptr_t)
156 malloc(zc.zc_nvlist_dst_size);
157 if (zc.zc_nvlist_dst == (uint64_t)0) {
163 while (ioctl(g_fd, ioc, &zc) != 0) {
165 * If ioctl exited with ENOMEM, we retry the ioctl after
166 * increasing the size of the destination nvlist.
168 * Channel programs that exit with ENOMEM ran over the
169 * lua memory sandbox; they should not be retried.
171 if (errno == ENOMEM && resultp != NULL &&
172 ioc != ZFS_IOC_CHANNEL_PROGRAM) {
173 free((void *)(uintptr_t)zc.zc_nvlist_dst);
174 zc.zc_nvlist_dst_size *= 2;
175 zc.zc_nvlist_dst = (uint64_t)(uintptr_t)
176 malloc(zc.zc_nvlist_dst_size);
177 if (zc.zc_nvlist_dst == (uint64_t)0) {
186 if (zc.zc_nvlist_dst_filled) {
187 *resultp = fnvlist_unpack((void *)(uintptr_t)zc.zc_nvlist_dst,
188 zc.zc_nvlist_dst_size);
193 fnvlist_pack_free(packed, size);
194 free((void *)(uintptr_t)zc.zc_nvlist_dst);
199 lzc_create(const char *fsname, enum lzc_dataset_type type, nvlist_t *props,
200 uint8_t *wkeydata, uint_t wkeylen)
203 nvlist_t *hidden_args = NULL;
204 nvlist_t *args = fnvlist_alloc();
206 fnvlist_add_int32(args, "type", (dmu_objset_type_t)type);
208 fnvlist_add_nvlist(args, "props", props);
210 if (wkeydata != NULL) {
211 hidden_args = fnvlist_alloc();
212 fnvlist_add_uint8_array(hidden_args, "wkeydata", wkeydata,
214 fnvlist_add_nvlist(args, ZPOOL_HIDDEN_ARGS, hidden_args);
217 error = lzc_ioctl(ZFS_IOC_CREATE, fsname, args, NULL);
218 nvlist_free(hidden_args);
224 lzc_clone(const char *fsname, const char *origin, nvlist_t *props)
227 nvlist_t *hidden_args = NULL;
228 nvlist_t *args = fnvlist_alloc();
230 fnvlist_add_string(args, "origin", origin);
232 fnvlist_add_nvlist(args, "props", props);
233 error = lzc_ioctl(ZFS_IOC_CLONE, fsname, args, NULL);
234 nvlist_free(hidden_args);
240 lzc_promote(const char *fsname, char *snapnamebuf, int snapnamelen)
243 * The promote ioctl is still legacy, so we need to construct our
244 * own zfs_cmd_t rather than using lzc_ioctl().
246 zfs_cmd_t zc = { "\0" };
248 ASSERT3S(g_refcount, >, 0);
249 VERIFY3S(g_fd, !=, -1);
251 (void) strlcpy(zc.zc_name, fsname, sizeof (zc.zc_name));
252 if (ioctl(g_fd, ZFS_IOC_PROMOTE, &zc) != 0) {
254 if (error == EEXIST && snapnamebuf != NULL)
255 (void) strlcpy(snapnamebuf, zc.zc_string, snapnamelen);
264 * The keys in the snaps nvlist are the snapshots to be created.
265 * They must all be in the same pool.
267 * The props nvlist is properties to set. Currently only user properties
268 * are supported. { user:prop_name -> string value }
270 * The returned results nvlist will have an entry for each snapshot that failed.
271 * The value will be the (int32) error code.
273 * The return value will be 0 if all snapshots were created, otherwise it will
274 * be the errno of a (unspecified) snapshot that failed.
277 lzc_snapshot(nvlist_t *snaps, nvlist_t *props, nvlist_t **errlist)
282 char pool[ZFS_MAX_DATASET_NAME_LEN];
286 /* determine the pool name */
287 elem = nvlist_next_nvpair(snaps, NULL);
290 (void) strlcpy(pool, nvpair_name(elem), sizeof (pool));
291 pool[strcspn(pool, "/@")] = '\0';
293 args = fnvlist_alloc();
294 fnvlist_add_nvlist(args, "snaps", snaps);
296 fnvlist_add_nvlist(args, "props", props);
298 error = lzc_ioctl(ZFS_IOC_SNAPSHOT, pool, args, errlist);
305 * Destroys snapshots.
307 * The keys in the snaps nvlist are the snapshots to be destroyed.
308 * They must all be in the same pool.
310 * Snapshots that do not exist will be silently ignored.
312 * If 'defer' is not set, and a snapshot has user holds or clones, the
313 * destroy operation will fail and none of the snapshots will be
316 * If 'defer' is set, and a snapshot has user holds or clones, it will be
317 * marked for deferred destruction, and will be destroyed when the last hold
318 * or clone is removed/destroyed.
320 * The return value will be 0 if all snapshots were destroyed (or marked for
321 * later destruction if 'defer' is set) or didn't exist to begin with.
323 * Otherwise the return value will be the errno of a (unspecified) snapshot
324 * that failed, no snapshots will be destroyed, and the errlist will have an
325 * entry for each snapshot that failed. The value in the errlist will be
326 * the (int32) error code.
329 lzc_destroy_snaps(nvlist_t *snaps, boolean_t defer, nvlist_t **errlist)
334 char pool[ZFS_MAX_DATASET_NAME_LEN];
336 /* determine the pool name */
337 elem = nvlist_next_nvpair(snaps, NULL);
340 (void) strlcpy(pool, nvpair_name(elem), sizeof (pool));
341 pool[strcspn(pool, "/@")] = '\0';
343 args = fnvlist_alloc();
344 fnvlist_add_nvlist(args, "snaps", snaps);
346 fnvlist_add_boolean(args, "defer");
348 error = lzc_ioctl(ZFS_IOC_DESTROY_SNAPS, pool, args, errlist);
355 lzc_snaprange_space(const char *firstsnap, const char *lastsnap,
361 char fs[ZFS_MAX_DATASET_NAME_LEN];
364 /* determine the fs name */
365 (void) strlcpy(fs, firstsnap, sizeof (fs));
366 atp = strchr(fs, '@');
371 args = fnvlist_alloc();
372 fnvlist_add_string(args, "firstsnap", firstsnap);
374 err = lzc_ioctl(ZFS_IOC_SPACE_SNAPS, lastsnap, args, &result);
377 *usedp = fnvlist_lookup_uint64(result, "used");
378 fnvlist_free(result);
384 lzc_exists(const char *dataset)
387 * The objset_stats ioctl is still legacy, so we need to construct our
388 * own zfs_cmd_t rather than using lzc_ioctl().
390 zfs_cmd_t zc = {"\0"};
392 ASSERT3S(g_refcount, >, 0);
393 VERIFY3S(g_fd, !=, -1);
395 (void) strlcpy(zc.zc_name, dataset, sizeof (zc.zc_name));
396 return (ioctl(g_fd, ZFS_IOC_OBJSET_STATS, &zc) == 0);
401 * It was added to preserve the function signature in case it is
402 * needed in the future.
406 lzc_sync(const char *pool_name, nvlist_t *innvl, nvlist_t **outnvl)
408 return (lzc_ioctl(ZFS_IOC_POOL_SYNC, pool_name, innvl, NULL));
412 * Create "user holds" on snapshots. If there is a hold on a snapshot,
413 * the snapshot can not be destroyed. (However, it can be marked for deletion
414 * by lzc_destroy_snaps(defer=B_TRUE).)
416 * The keys in the nvlist are snapshot names.
417 * The snapshots must all be in the same pool.
418 * The value is the name of the hold (string type).
420 * If cleanup_fd is not -1, it must be the result of open("/dev/zfs", O_EXCL).
421 * In this case, when the cleanup_fd is closed (including on process
422 * termination), the holds will be released. If the system is shut down
423 * uncleanly, the holds will be released when the pool is next opened
426 * Holds for snapshots which don't exist will be skipped and have an entry
427 * added to errlist, but will not cause an overall failure.
429 * The return value will be 0 if all holds, for snapshots that existed,
430 * were successfully created.
432 * Otherwise the return value will be the errno of a (unspecified) hold that
433 * failed and no holds will be created.
435 * In all cases the errlist will have an entry for each hold that failed
436 * (name = snapshot), with its value being the error code (int32).
439 lzc_hold(nvlist_t *holds, int cleanup_fd, nvlist_t **errlist)
441 char pool[ZFS_MAX_DATASET_NAME_LEN];
446 /* determine the pool name */
447 elem = nvlist_next_nvpair(holds, NULL);
450 (void) strlcpy(pool, nvpair_name(elem), sizeof (pool));
451 pool[strcspn(pool, "/@")] = '\0';
453 args = fnvlist_alloc();
454 fnvlist_add_nvlist(args, "holds", holds);
455 if (cleanup_fd != -1)
456 fnvlist_add_int32(args, "cleanup_fd", cleanup_fd);
458 error = lzc_ioctl(ZFS_IOC_HOLD, pool, args, errlist);
464 * Release "user holds" on snapshots. If the snapshot has been marked for
465 * deferred destroy (by lzc_destroy_snaps(defer=B_TRUE)), it does not have
466 * any clones, and all the user holds are removed, then the snapshot will be
469 * The keys in the nvlist are snapshot names.
470 * The snapshots must all be in the same pool.
471 * The value is an nvlist whose keys are the holds to remove.
473 * Holds which failed to release because they didn't exist will have an entry
474 * added to errlist, but will not cause an overall failure.
476 * The return value will be 0 if the nvl holds was empty or all holds that
477 * existed, were successfully removed.
479 * Otherwise the return value will be the errno of a (unspecified) hold that
480 * failed to release and no holds will be released.
482 * In all cases the errlist will have an entry for each hold that failed to
486 lzc_release(nvlist_t *holds, nvlist_t **errlist)
488 char pool[ZFS_MAX_DATASET_NAME_LEN];
491 /* determine the pool name */
492 elem = nvlist_next_nvpair(holds, NULL);
495 (void) strlcpy(pool, nvpair_name(elem), sizeof (pool));
496 pool[strcspn(pool, "/@")] = '\0';
498 return (lzc_ioctl(ZFS_IOC_RELEASE, pool, holds, errlist));
502 * Retrieve list of user holds on the specified snapshot.
504 * On success, *holdsp will be set to an nvlist which the caller must free.
505 * The keys are the names of the holds, and the value is the creation time
506 * of the hold (uint64) in seconds since the epoch.
509 lzc_get_holds(const char *snapname, nvlist_t **holdsp)
511 return (lzc_ioctl(ZFS_IOC_GET_HOLDS, snapname, NULL, holdsp));
515 * Generate a zfs send stream for the specified snapshot and write it to
516 * the specified file descriptor.
518 * "snapname" is the full name of the snapshot to send (e.g. "pool/fs@snap")
520 * If "from" is NULL, a full (non-incremental) stream will be sent.
521 * If "from" is non-NULL, it must be the full name of a snapshot or
522 * bookmark to send an incremental from (e.g. "pool/fs@earlier_snap" or
523 * "pool/fs#earlier_bmark"). If non-NULL, the specified snapshot or
524 * bookmark must represent an earlier point in the history of "snapname").
525 * It can be an earlier snapshot in the same filesystem or zvol as "snapname",
526 * or it can be the origin of "snapname"'s filesystem, or an earlier
527 * snapshot in the origin, etc.
529 * "fd" is the file descriptor to write the send stream to.
531 * If "flags" contains LZC_SEND_FLAG_LARGE_BLOCK, the stream is permitted
532 * to contain DRR_WRITE records with drr_length > 128K, and DRR_OBJECT
533 * records with drr_blksz > 128K.
535 * If "flags" contains LZC_SEND_FLAG_EMBED_DATA, the stream is permitted
536 * to contain DRR_WRITE_EMBEDDED records with drr_etype==BP_EMBEDDED_TYPE_DATA,
537 * which the receiving system must support (as indicated by support
538 * for the "embedded_data" feature).
541 lzc_send(const char *snapname, const char *from, int fd,
542 enum lzc_send_flags flags)
544 return (lzc_send_resume(snapname, from, fd, flags, 0, 0));
548 lzc_send_resume(const char *snapname, const char *from, int fd,
549 enum lzc_send_flags flags, uint64_t resumeobj, uint64_t resumeoff)
554 args = fnvlist_alloc();
555 fnvlist_add_int32(args, "fd", fd);
557 fnvlist_add_string(args, "fromsnap", from);
558 if (flags & LZC_SEND_FLAG_LARGE_BLOCK)
559 fnvlist_add_boolean(args, "largeblockok");
560 if (flags & LZC_SEND_FLAG_EMBED_DATA)
561 fnvlist_add_boolean(args, "embedok");
562 if (flags & LZC_SEND_FLAG_COMPRESS)
563 fnvlist_add_boolean(args, "compressok");
564 if (flags & LZC_SEND_FLAG_RAW)
565 fnvlist_add_boolean(args, "rawok");
566 if (resumeobj != 0 || resumeoff != 0) {
567 fnvlist_add_uint64(args, "resume_object", resumeobj);
568 fnvlist_add_uint64(args, "resume_offset", resumeoff);
570 err = lzc_ioctl(ZFS_IOC_SEND_NEW, snapname, args, NULL);
576 * "from" can be NULL, a snapshot, or a bookmark.
578 * If from is NULL, a full (non-incremental) stream will be estimated. This
579 * is calculated very efficiently.
581 * If from is a snapshot, lzc_send_space uses the deadlists attached to
582 * each snapshot to efficiently estimate the stream size.
584 * If from is a bookmark, the indirect blocks in the destination snapshot
585 * are traversed, looking for blocks with a birth time since the creation TXG of
586 * the snapshot this bookmark was created from. This will result in
587 * significantly more I/O and be less efficient than a send space estimation on
588 * an equivalent snapshot.
591 lzc_send_space(const char *snapname, const char *from,
592 enum lzc_send_flags flags, uint64_t *spacep)
598 args = fnvlist_alloc();
600 fnvlist_add_string(args, "from", from);
601 if (flags & LZC_SEND_FLAG_LARGE_BLOCK)
602 fnvlist_add_boolean(args, "largeblockok");
603 if (flags & LZC_SEND_FLAG_EMBED_DATA)
604 fnvlist_add_boolean(args, "embedok");
605 if (flags & LZC_SEND_FLAG_COMPRESS)
606 fnvlist_add_boolean(args, "compressok");
607 if (flags & LZC_SEND_FLAG_RAW)
608 fnvlist_add_boolean(args, "rawok");
609 err = lzc_ioctl(ZFS_IOC_SEND_SPACE, snapname, args, &result);
612 *spacep = fnvlist_lookup_uint64(result, "space");
618 recv_read(int fd, void *buf, int ilen)
625 rv = read(fd, cp, len);
630 if (rv < 0 || len != 0)
637 * Linux adds ZFS_IOC_RECV_NEW for resumable and raw streams and preserves the
638 * legacy ZFS_IOC_RECV user/kernel interface. The new interface supports all
639 * stream options but is currently only used for resumable streams. This way
640 * updated user space utilities will interoperate with older kernel modules.
642 * Non-Linux OpenZFS platforms have opted to modify the legacy interface.
645 recv_impl(const char *snapname, nvlist_t *recvdprops, nvlist_t *localprops,
646 const char *origin, boolean_t force, boolean_t resumable, boolean_t raw,
647 int input_fd, const dmu_replay_record_t *begin_record, int cleanup_fd,
648 uint64_t *read_bytes, uint64_t *errflags, uint64_t *action_handle,
651 dmu_replay_record_t drr;
652 char fsname[MAXPATHLEN];
656 ASSERT3S(g_refcount, >, 0);
657 VERIFY3S(g_fd, !=, -1);
659 /* Set 'fsname' to the name of containing filesystem */
660 (void) strlcpy(fsname, snapname, sizeof (fsname));
661 atp = strchr(fsname, '@');
666 /* If the fs does not exist, try its parent. */
667 if (!lzc_exists(fsname)) {
668 char *slashp = strrchr(fsname, '/');
675 * The begin_record is normally a non-byteswapped BEGIN record.
676 * For resumable streams it may be set to any non-byteswapped
677 * dmu_replay_record_t.
679 if (begin_record == NULL) {
680 error = recv_read(input_fd, &drr, sizeof (drr));
687 if (resumable || raw) {
688 nvlist_t *outnvl = NULL;
689 nvlist_t *innvl = fnvlist_alloc();
691 fnvlist_add_string(innvl, "snapname", snapname);
693 if (recvdprops != NULL)
694 fnvlist_add_nvlist(innvl, "props", recvdprops);
696 if (localprops != NULL)
697 fnvlist_add_nvlist(innvl, "localprops", localprops);
699 if (origin != NULL && strlen(origin))
700 fnvlist_add_string(innvl, "origin", origin);
702 fnvlist_add_byte_array(innvl, "begin_record",
703 (uchar_t *)&drr, sizeof (drr));
705 fnvlist_add_int32(innvl, "input_fd", input_fd);
708 fnvlist_add_boolean(innvl, "force");
711 fnvlist_add_boolean(innvl, "resumable");
714 fnvlist_add_int32(innvl, "cleanup_fd", cleanup_fd);
716 if (action_handle != NULL)
717 fnvlist_add_uint64(innvl, "action_handle",
720 error = lzc_ioctl(ZFS_IOC_RECV_NEW, fsname, innvl, &outnvl);
722 if (error == 0 && read_bytes != NULL)
723 error = nvlist_lookup_uint64(outnvl, "read_bytes",
726 if (error == 0 && errflags != NULL)
727 error = nvlist_lookup_uint64(outnvl, "error_flags",
730 if (error == 0 && action_handle != NULL)
731 error = nvlist_lookup_uint64(outnvl, "action_handle",
734 if (error == 0 && errors != NULL) {
736 error = nvlist_lookup_nvlist(outnvl, "errors", &nvl);
738 *errors = fnvlist_dup(nvl);
742 fnvlist_free(outnvl);
744 zfs_cmd_t zc = {"\0"};
748 ASSERT3S(g_refcount, >, 0);
750 (void) strlcpy(zc.zc_name, fsname, sizeof (zc.zc_value));
751 (void) strlcpy(zc.zc_value, snapname, sizeof (zc.zc_value));
753 if (recvdprops != NULL) {
754 packed = fnvlist_pack(recvdprops, &size);
755 zc.zc_nvlist_src = (uint64_t)(uintptr_t)packed;
756 zc.zc_nvlist_src_size = size;
759 if (localprops != NULL) {
760 packed = fnvlist_pack(localprops, &size);
761 zc.zc_nvlist_conf = (uint64_t)(uintptr_t)packed;
762 zc.zc_nvlist_conf_size = size;
766 (void) strlcpy(zc.zc_string, origin,
767 sizeof (zc.zc_string));
769 ASSERT3S(drr.drr_type, ==, DRR_BEGIN);
770 zc.zc_begin_record = drr.drr_u.drr_begin;
772 zc.zc_cookie = input_fd;
773 zc.zc_cleanup_fd = -1;
774 zc.zc_action_handle = 0;
777 zc.zc_cleanup_fd = cleanup_fd;
779 if (action_handle != NULL)
780 zc.zc_action_handle = *action_handle;
782 zc.zc_nvlist_dst_size = 128 * 1024;
783 zc.zc_nvlist_dst = (uint64_t)(uintptr_t)
784 malloc(zc.zc_nvlist_dst_size);
786 error = ioctl(g_fd, ZFS_IOC_RECV, &zc);
790 if (read_bytes != NULL)
791 *read_bytes = zc.zc_cookie;
793 if (errflags != NULL)
794 *errflags = zc.zc_obj;
796 if (action_handle != NULL)
797 *action_handle = zc.zc_action_handle;
800 VERIFY0(nvlist_unpack(
801 (void *)(uintptr_t)zc.zc_nvlist_dst,
802 zc.zc_nvlist_dst_size, errors, KM_SLEEP));
806 fnvlist_pack_free(packed, size);
807 free((void *)(uintptr_t)zc.zc_nvlist_dst);
814 * The simplest receive case: receive from the specified fd, creating the
815 * specified snapshot. Apply the specified properties as "received" properties
816 * (which can be overridden by locally-set properties). If the stream is a
817 * clone, its origin snapshot must be specified by 'origin'. The 'force'
818 * flag will cause the target filesystem to be rolled back or destroyed if
819 * necessary to receive.
821 * Return 0 on success or an errno on failure.
823 * Note: this interface does not work on dedup'd streams
824 * (those with DMU_BACKUP_FEATURE_DEDUP).
827 lzc_receive(const char *snapname, nvlist_t *props, const char *origin,
828 boolean_t force, boolean_t raw, int fd)
830 return (recv_impl(snapname, props, NULL, origin, force, B_FALSE, raw,
831 fd, NULL, -1, NULL, NULL, NULL, NULL));
835 * Like lzc_receive, but if the receive fails due to premature stream
836 * termination, the intermediate state will be preserved on disk. In this
837 * case, ECKSUM will be returned. The receive may subsequently be resumed
838 * with a resuming send stream generated by lzc_send_resume().
841 lzc_receive_resumable(const char *snapname, nvlist_t *props, const char *origin,
842 boolean_t force, boolean_t raw, int fd)
844 return (recv_impl(snapname, props, NULL, origin, force, B_TRUE, raw,
845 fd, NULL, -1, NULL, NULL, NULL, NULL));
849 * Like lzc_receive, but allows the caller to read the begin record and then to
850 * pass it in. That could be useful if the caller wants to derive, for example,
851 * the snapname or the origin parameters based on the information contained in
853 * The begin record must be in its original form as read from the stream,
854 * in other words, it should not be byteswapped.
856 * The 'resumable' parameter allows to obtain the same behavior as with
857 * lzc_receive_resumable.
860 lzc_receive_with_header(const char *snapname, nvlist_t *props,
861 const char *origin, boolean_t force, boolean_t resumable, boolean_t raw,
862 int fd, const dmu_replay_record_t *begin_record)
864 if (begin_record == NULL)
867 return (recv_impl(snapname, props, NULL, origin, force, resumable, raw,
868 fd, begin_record, -1, NULL, NULL, NULL, NULL));
872 * Like lzc_receive, but allows the caller to pass all supported arguments
873 * and retrieve all values returned. The only additional input parameter
874 * is 'cleanup_fd' which is used to set a cleanup-on-exit file descriptor.
876 * The following parameters all provide return values. Several may be set
877 * in the failure case and will contain additional information.
879 * The 'read_bytes' value will be set to the total number of bytes read.
881 * The 'errflags' value will contain zprop_errflags_t flags which are
882 * used to describe any failures.
884 * The 'action_handle' is used to pass the handle for this guid/ds mapping.
885 * It should be set to zero on first call and will contain an updated handle
886 * on success, it should be passed in subsequent calls.
888 * The 'errors' nvlist contains an entry for each unapplied received
889 * property. Callers are responsible for freeing this nvlist.
891 int lzc_receive_one(const char *snapname, nvlist_t *props,
892 const char *origin, boolean_t force, boolean_t resumable, boolean_t raw,
893 int input_fd, const dmu_replay_record_t *begin_record, int cleanup_fd,
894 uint64_t *read_bytes, uint64_t *errflags, uint64_t *action_handle,
897 return (recv_impl(snapname, props, NULL, origin, force, resumable,
898 raw, input_fd, begin_record, cleanup_fd, read_bytes, errflags,
899 action_handle, errors));
903 * Like lzc_receive_one, but allows the caller to pass an additional 'cmdprops'
906 * The 'cmdprops' nvlist contains both override ('zfs receive -o') and
907 * exclude ('zfs receive -x') properties. Callers are responsible for freeing
910 int lzc_receive_with_cmdprops(const char *snapname, nvlist_t *props,
911 nvlist_t *cmdprops, const char *origin, boolean_t force,
912 boolean_t resumable, boolean_t raw, int input_fd,
913 const dmu_replay_record_t *begin_record, int cleanup_fd,
914 uint64_t *read_bytes, uint64_t *errflags, uint64_t *action_handle,
917 return (recv_impl(snapname, props, cmdprops, origin, force, resumable,
918 raw, input_fd, begin_record, cleanup_fd, read_bytes, errflags,
919 action_handle, errors));
923 * Roll back this filesystem or volume to its most recent snapshot.
924 * If snapnamebuf is not NULL, it will be filled in with the name
925 * of the most recent snapshot.
926 * Note that the latest snapshot may change if a new one is concurrently
927 * created or the current one is destroyed. lzc_rollback_to can be used
928 * to roll back to a specific latest snapshot.
930 * Return 0 on success or an errno on failure.
933 lzc_rollback(const char *fsname, char *snapnamebuf, int snapnamelen)
939 args = fnvlist_alloc();
940 err = lzc_ioctl(ZFS_IOC_ROLLBACK, fsname, args, &result);
942 if (err == 0 && snapnamebuf != NULL) {
943 const char *snapname = fnvlist_lookup_string(result, "target");
944 (void) strlcpy(snapnamebuf, snapname, snapnamelen);
952 * Roll back this filesystem or volume to the specified snapshot,
955 * Return 0 on success or an errno on failure.
958 lzc_rollback_to(const char *fsname, const char *snapname)
964 args = fnvlist_alloc();
965 fnvlist_add_string(args, "target", snapname);
966 err = lzc_ioctl(ZFS_IOC_ROLLBACK, fsname, args, &result);
975 * The bookmarks nvlist maps from name of the bookmark (e.g. "pool/fs#bmark") to
976 * the name of the snapshot (e.g. "pool/fs@snap"). All the bookmarks and
977 * snapshots must be in the same pool.
979 * The returned results nvlist will have an entry for each bookmark that failed.
980 * The value will be the (int32) error code.
982 * The return value will be 0 if all bookmarks were created, otherwise it will
983 * be the errno of a (undetermined) bookmarks that failed.
986 lzc_bookmark(nvlist_t *bookmarks, nvlist_t **errlist)
990 char pool[ZFS_MAX_DATASET_NAME_LEN];
992 /* determine the pool name */
993 elem = nvlist_next_nvpair(bookmarks, NULL);
996 (void) strlcpy(pool, nvpair_name(elem), sizeof (pool));
997 pool[strcspn(pool, "/#")] = '\0';
999 error = lzc_ioctl(ZFS_IOC_BOOKMARK, pool, bookmarks, errlist);
1005 * Retrieve bookmarks.
1007 * Retrieve the list of bookmarks for the given file system. The props
1008 * parameter is an nvlist of property names (with no values) that will be
1009 * returned for each bookmark.
1011 * The following are valid properties on bookmarks, all of which are numbers
1012 * (represented as uint64 in the nvlist)
1014 * "guid" - globally unique identifier of the snapshot it refers to
1015 * "createtxg" - txg when the snapshot it refers to was created
1016 * "creation" - timestamp when the snapshot it refers to was created
1018 * The format of the returned nvlist as follows:
1019 * <short name of bookmark> -> {
1020 * <name of property> -> {
1026 lzc_get_bookmarks(const char *fsname, nvlist_t *props, nvlist_t **bmarks)
1028 return (lzc_ioctl(ZFS_IOC_GET_BOOKMARKS, fsname, props, bmarks));
1032 * Destroys bookmarks.
1034 * The keys in the bmarks nvlist are the bookmarks to be destroyed.
1035 * They must all be in the same pool. Bookmarks are specified as
1038 * Bookmarks that do not exist will be silently ignored.
1040 * The return value will be 0 if all bookmarks that existed were destroyed.
1042 * Otherwise the return value will be the errno of a (undetermined) bookmark
1043 * that failed, no bookmarks will be destroyed, and the errlist will have an
1044 * entry for each bookmarks that failed. The value in the errlist will be
1045 * the (int32) error code.
1048 lzc_destroy_bookmarks(nvlist_t *bmarks, nvlist_t **errlist)
1052 char pool[ZFS_MAX_DATASET_NAME_LEN];
1054 /* determine the pool name */
1055 elem = nvlist_next_nvpair(bmarks, NULL);
1058 (void) strlcpy(pool, nvpair_name(elem), sizeof (pool));
1059 pool[strcspn(pool, "/#")] = '\0';
1061 error = lzc_ioctl(ZFS_IOC_DESTROY_BOOKMARKS, pool, bmarks, errlist);
1067 * Executes a channel program.
1069 * If this function returns 0 the channel program was successfully loaded and
1070 * ran without failing. Note that individual commands the channel program ran
1071 * may have failed and the channel program is responsible for reporting such
1072 * errors through outnvl if they are important.
1074 * This method may also return:
1076 * EINVAL The program contains syntax errors, or an invalid memory or time
1077 * limit was given. No part of the channel program was executed.
1078 * If caused by syntax errors, 'outnvl' contains information about the
1081 * ECHRNG The program was executed, but encountered a runtime error, such as
1082 * calling a function with incorrect arguments, invoking the error()
1083 * function directly, failing an assert() command, etc. Some portion
1084 * of the channel program may have executed and committed changes.
1085 * Information about the failure can be found in 'outnvl'.
1087 * ENOMEM The program fully executed, but the output buffer was not large
1088 * enough to store the returned value. No output is returned through
1091 * ENOSPC The program was terminated because it exceeded its memory usage
1092 * limit. Some portion of the channel program may have executed and
1093 * committed changes to disk. No output is returned through 'outnvl'.
1095 * ETIME The program was terminated because it exceeded its Lua instruction
1096 * limit. Some portion of the channel program may have executed and
1097 * committed changes to disk. No output is returned through 'outnvl'.
1100 lzc_channel_program(const char *pool, const char *program, uint64_t instrlimit,
1101 uint64_t memlimit, nvlist_t *argnvl, nvlist_t **outnvl)
1106 args = fnvlist_alloc();
1107 fnvlist_add_string(args, ZCP_ARG_PROGRAM, program);
1108 fnvlist_add_nvlist(args, ZCP_ARG_ARGLIST, argnvl);
1109 fnvlist_add_uint64(args, ZCP_ARG_INSTRLIMIT, instrlimit);
1110 fnvlist_add_uint64(args, ZCP_ARG_MEMLIMIT, memlimit);
1111 error = lzc_ioctl(ZFS_IOC_CHANNEL_PROGRAM, pool, args, outnvl);
1118 * Performs key management functions
1120 * crypto_cmd should be a value from zfs_ioc_crypto_cmd_t. If the command
1121 * specifies to load or change a wrapping key, the key should be specified in
1122 * the hidden_args nvlist so that it is not logged
1125 lzc_load_key(const char *fsname, boolean_t noop, uint8_t *wkeydata,
1130 nvlist_t *hidden_args;
1132 if (wkeydata == NULL)
1135 ioc_args = fnvlist_alloc();
1136 hidden_args = fnvlist_alloc();
1137 fnvlist_add_uint8_array(hidden_args, "wkeydata", wkeydata, wkeylen);
1138 fnvlist_add_nvlist(ioc_args, ZPOOL_HIDDEN_ARGS, hidden_args);
1140 fnvlist_add_boolean(ioc_args, "noop");
1141 error = lzc_ioctl(ZFS_IOC_LOAD_KEY, fsname, ioc_args, NULL);
1142 nvlist_free(hidden_args);
1143 nvlist_free(ioc_args);
1149 lzc_unload_key(const char *fsname)
1151 return (lzc_ioctl(ZFS_IOC_UNLOAD_KEY, fsname, NULL, NULL));
1155 lzc_change_key(const char *fsname, uint64_t crypt_cmd, nvlist_t *props,
1156 uint8_t *wkeydata, uint_t wkeylen)
1159 nvlist_t *ioc_args = fnvlist_alloc();
1160 nvlist_t *hidden_args = NULL;
1162 fnvlist_add_uint64(ioc_args, "crypt_cmd", crypt_cmd);
1164 if (wkeydata != NULL) {
1165 hidden_args = fnvlist_alloc();
1166 fnvlist_add_uint8_array(hidden_args, "wkeydata", wkeydata,
1168 fnvlist_add_nvlist(ioc_args, ZPOOL_HIDDEN_ARGS, hidden_args);
1172 fnvlist_add_nvlist(ioc_args, "props", props);
1174 error = lzc_ioctl(ZFS_IOC_CHANGE_KEY, fsname, ioc_args, NULL);
1175 nvlist_free(hidden_args);
1176 nvlist_free(ioc_args);
1182 lzc_reopen(const char *pool_name, boolean_t scrub_restart)
1184 nvlist_t *args = fnvlist_alloc();
1187 fnvlist_add_boolean_value(args, "scrub_restart", scrub_restart);
1189 error = lzc_ioctl(ZFS_IOC_POOL_REOPEN, pool_name, args, NULL);