1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright (c) 2012, 2018 by Delphix. All rights reserved.
25 * Copyright (c) 2015 by Chunwei Chen. All rights reserved.
26 * Copyright 2017 Nexenta Systems, Inc.
27 */
28
29 /* Portions Copyright 2007 Jeremy Teo */
30 /* Portions Copyright 2010 Robert Milkowski */
31
32
33 #include <sys/types.h>
34 #include <sys/param.h>
35 #include <sys/time.h>
36 #include <sys/sysmacros.h>
37 #include <sys/vfs.h>
38 #include <sys/file.h>
39 #include <sys/stat.h>
40 #include <sys/kmem.h>
41 #include <sys/taskq.h>
42 #include <sys/uio.h>
43 #include <sys/vmsystm.h>
44 #include <sys/atomic.h>
45 #include <sys/pathname.h>
46 #include <sys/cmn_err.h>
47 #include <sys/errno.h>
48 #include <sys/zfs_dir.h>
49 #include <sys/zfs_acl.h>
50 #include <sys/zfs_ioctl.h>
51 #include <sys/fs/zfs.h>
52 #include <sys/dmu.h>
53 #include <sys/dmu_objset.h>
54 #include <sys/spa.h>
55 #include <sys/txg.h>
56 #include <sys/dbuf.h>
57 #include <sys/zap.h>
58 #include <sys/sa.h>
59 #include <sys/policy.h>
60 #include <sys/sunddi.h>
61 #include <sys/sid.h>
62 #include <sys/zfs_ctldir.h>
63 #include <sys/zfs_fuid.h>
64 #include <sys/zfs_quota.h>
65 #include <sys/zfs_sa.h>
66 #include <sys/zfs_vnops.h>
67 #include <sys/zfs_rlock.h>
68 #include <sys/cred.h>
69 #include <sys/zpl.h>
70 #include <sys/zil.h>
71 #include <sys/sa_impl.h>
72
73 /*
74 * Programming rules.
75 *
76 * Each vnode op performs some logical unit of work. To do this, the ZPL must
77 * properly lock its in-core state, create a DMU transaction, do the work,
78 * record this work in the intent log (ZIL), commit the DMU transaction,
79 * and wait for the intent log to commit if it is a synchronous operation.
80 * Moreover, the vnode ops must work in both normal and log replay context.
81 * The ordering of events is important to avoid deadlocks and references
82 * to freed memory. The example below illustrates the following Big Rules:
83 *
84 * (1) A check must be made in each zfs thread for a mounted file system.
85 * This is done avoiding races using ZFS_ENTER(zfsvfs).
86 * A ZFS_EXIT(zfsvfs) is needed before all returns. Any znodes
87 * must be checked with ZFS_VERIFY_ZP(zp). Both of these macros
88 * can return EIO from the calling function.
89 *
90 * (2) zrele() should always be the last thing except for zil_commit()
91 * (if necessary) and ZFS_EXIT(). This is for 3 reasons:
92 * First, if it's the last reference, the vnode/znode
93 * can be freed, so the zp may point to freed memory. Second, the last
94 * reference will call zfs_zinactive(), which may induce a lot of work --
95 * pushing cached pages (which acquires range locks) and syncing out
96 * cached atime changes. Third, zfs_zinactive() may require a new tx,
97 * which could deadlock the system if you were already holding one.
98 * If you must call zrele() within a tx then use zfs_zrele_async().
99 *
100 * (3) All range locks must be grabbed before calling dmu_tx_assign(),
101 * as they can span dmu_tx_assign() calls.
102 *
103 * (4) If ZPL locks are held, pass TXG_NOWAIT as the second argument to
104 * dmu_tx_assign(). This is critical because we don't want to block
105 * while holding locks.
106 *
107 * If no ZPL locks are held (aside from ZFS_ENTER()), use TXG_WAIT. This
108 * reduces lock contention and CPU usage when we must wait (note that if
109 * throughput is constrained by the storage, nearly every transaction
110 * must wait).
111 *
112 * Note, in particular, that if a lock is sometimes acquired before
113 * the tx assigns, and sometimes after (e.g. z_lock), then failing
114 * to use a non-blocking assign can deadlock the system. The scenario:
115 *
116 * Thread A has grabbed a lock before calling dmu_tx_assign().
117 * Thread B is in an already-assigned tx, and blocks for this lock.
118 * Thread A calls dmu_tx_assign(TXG_WAIT) and blocks in txg_wait_open()
119 * forever, because the previous txg can't quiesce until B's tx commits.
120 *
121 * If dmu_tx_assign() returns ERESTART and zfsvfs->z_assign is TXG_NOWAIT,
122 * then drop all locks, call dmu_tx_wait(), and try again. On subsequent
123 * calls to dmu_tx_assign(), pass TXG_NOTHROTTLE in addition to TXG_NOWAIT,
124 * to indicate that this operation has already called dmu_tx_wait().
125 * This will ensure that we don't retry forever, waiting a short bit
126 * each time.
127 *
128 * (5) If the operation succeeded, generate the intent log entry for it
129 * before dropping locks. This ensures that the ordering of events
130 * in the intent log matches the order in which they actually occurred.
131 * During ZIL replay the zfs_log_* functions will update the sequence
132 * number to indicate the zil transaction has replayed.
133 *
134 * (6) At the end of each vnode op, the DMU tx must always commit,
135 * regardless of whether there were any errors.
136 *
137 * (7) After dropping all locks, invoke zil_commit(zilog, foid)
138 * to ensure that synchronous semantics are provided when necessary.
139 *
140 * In general, this is how things should be ordered in each vnode op:
141 *
142 * ZFS_ENTER(zfsvfs); // exit if unmounted
143 * top:
144 * zfs_dirent_lock(&dl, ...) // lock directory entry (may igrab())
145 * rw_enter(...); // grab any other locks you need
146 * tx = dmu_tx_create(...); // get DMU tx
147 * dmu_tx_hold_*(); // hold each object you might modify
148 * error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
149 * if (error) {
150 * rw_exit(...); // drop locks
151 * zfs_dirent_unlock(dl); // unlock directory entry
152 * zrele(...); // release held znodes
153 * if (error == ERESTART) {
154 * waited = B_TRUE;
155 * dmu_tx_wait(tx);
156 * dmu_tx_abort(tx);
157 * goto top;
158 * }
159 * dmu_tx_abort(tx); // abort DMU tx
160 * ZFS_EXIT(zfsvfs); // finished in zfs
161 * return (error); // really out of space
162 * }
163 * error = do_real_work(); // do whatever this VOP does
164 * if (error == 0)
165 * zfs_log_*(...); // on success, make ZIL entry
166 * dmu_tx_commit(tx); // commit DMU tx -- error or not
167 * rw_exit(...); // drop locks
168 * zfs_dirent_unlock(dl); // unlock directory entry
169 * zrele(...); // release held znodes
170 * zil_commit(zilog, foid); // synchronous when necessary
171 * ZFS_EXIT(zfsvfs); // finished in zfs
172 * return (error); // done, report error
173 */
174
175 /*
176 * Virus scanning is unsupported. It would be possible to add a hook
177 * here to performance the required virus scan. This could be done
178 * entirely in the kernel or potentially as an update to invoke a
179 * scanning utility.
180 */
181 static int
zfs_vscan(struct inode * ip,cred_t * cr,int async)182 zfs_vscan(struct inode *ip, cred_t *cr, int async)
183 {
184 return (0);
185 }
186
187 /* ARGSUSED */
188 int
zfs_open(struct inode * ip,int mode,int flag,cred_t * cr)189 zfs_open(struct inode *ip, int mode, int flag, cred_t *cr)
190 {
191 znode_t *zp = ITOZ(ip);
192 zfsvfs_t *zfsvfs = ITOZSB(ip);
193
194 ZFS_ENTER(zfsvfs);
195 ZFS_VERIFY_ZP(zp);
196
197 /* Honor ZFS_APPENDONLY file attribute */
198 if ((mode & FMODE_WRITE) && (zp->z_pflags & ZFS_APPENDONLY) &&
199 ((flag & O_APPEND) == 0)) {
200 ZFS_EXIT(zfsvfs);
201 return (SET_ERROR(EPERM));
202 }
203
204 /* Virus scan eligible files on open */
205 if (!zfs_has_ctldir(zp) && zfsvfs->z_vscan && S_ISREG(ip->i_mode) &&
206 !(zp->z_pflags & ZFS_AV_QUARANTINED) && zp->z_size > 0) {
207 if (zfs_vscan(ip, cr, 0) != 0) {
208 ZFS_EXIT(zfsvfs);
209 return (SET_ERROR(EACCES));
210 }
211 }
212
213 /* Keep a count of the synchronous opens in the znode */
214 if (flag & O_SYNC)
215 atomic_inc_32(&zp->z_sync_cnt);
216
217 ZFS_EXIT(zfsvfs);
218 return (0);
219 }
220
221 /* ARGSUSED */
222 int
zfs_close(struct inode * ip,int flag,cred_t * cr)223 zfs_close(struct inode *ip, int flag, cred_t *cr)
224 {
225 znode_t *zp = ITOZ(ip);
226 zfsvfs_t *zfsvfs = ITOZSB(ip);
227
228 ZFS_ENTER(zfsvfs);
229 ZFS_VERIFY_ZP(zp);
230
231 /* Decrement the synchronous opens in the znode */
232 if (flag & O_SYNC)
233 atomic_dec_32(&zp->z_sync_cnt);
234
235 if (!zfs_has_ctldir(zp) && zfsvfs->z_vscan && S_ISREG(ip->i_mode) &&
236 !(zp->z_pflags & ZFS_AV_QUARANTINED) && zp->z_size > 0)
237 VERIFY(zfs_vscan(ip, cr, 1) == 0);
238
239 ZFS_EXIT(zfsvfs);
240 return (0);
241 }
242
243 #if defined(_KERNEL)
244 /*
245 * When a file is memory mapped, we must keep the IO data synchronized
246 * between the DMU cache and the memory mapped pages. What this means:
247 *
248 * On Write: If we find a memory mapped page, we write to *both*
249 * the page and the dmu buffer.
250 */
251 void
update_pages(znode_t * zp,int64_t start,int len,objset_t * os)252 update_pages(znode_t *zp, int64_t start, int len, objset_t *os)
253 {
254 struct inode *ip = ZTOI(zp);
255 struct address_space *mp = ip->i_mapping;
256 struct page *pp;
257 uint64_t nbytes;
258 int64_t off;
259 void *pb;
260
261 off = start & (PAGE_SIZE-1);
262 for (start &= PAGE_MASK; len > 0; start += PAGE_SIZE) {
263 nbytes = MIN(PAGE_SIZE - off, len);
264
265 pp = find_lock_page(mp, start >> PAGE_SHIFT);
266 if (pp) {
267 if (mapping_writably_mapped(mp))
268 flush_dcache_page(pp);
269
270 pb = kmap(pp);
271 (void) dmu_read(os, zp->z_id, start + off, nbytes,
272 pb + off, DMU_READ_PREFETCH);
273 kunmap(pp);
274
275 if (mapping_writably_mapped(mp))
276 flush_dcache_page(pp);
277
278 mark_page_accessed(pp);
279 SetPageUptodate(pp);
280 ClearPageError(pp);
281 unlock_page(pp);
282 put_page(pp);
283 }
284
285 len -= nbytes;
286 off = 0;
287 }
288 }
289
290 /*
291 * When a file is memory mapped, we must keep the IO data synchronized
292 * between the DMU cache and the memory mapped pages. What this means:
293 *
294 * On Read: We "read" preferentially from memory mapped pages,
295 * else we default from the dmu buffer.
296 *
297 * NOTE: We will always "break up" the IO into PAGESIZE uiomoves when
298 * the file is memory mapped.
299 */
300 int
mappedread(znode_t * zp,int nbytes,uio_t * uio)301 mappedread(znode_t *zp, int nbytes, uio_t *uio)
302 {
303 struct inode *ip = ZTOI(zp);
304 struct address_space *mp = ip->i_mapping;
305 struct page *pp;
306 int64_t start, off;
307 uint64_t bytes;
308 int len = nbytes;
309 int error = 0;
310 void *pb;
311
312 start = uio->uio_loffset;
313 off = start & (PAGE_SIZE-1);
314 for (start &= PAGE_MASK; len > 0; start += PAGE_SIZE) {
315 bytes = MIN(PAGE_SIZE - off, len);
316
317 pp = find_lock_page(mp, start >> PAGE_SHIFT);
318 if (pp) {
319 ASSERT(PageUptodate(pp));
320 unlock_page(pp);
321
322 pb = kmap(pp);
323 error = uiomove(pb + off, bytes, UIO_READ, uio);
324 kunmap(pp);
325
326 if (mapping_writably_mapped(mp))
327 flush_dcache_page(pp);
328
329 mark_page_accessed(pp);
330 put_page(pp);
331 } else {
332 error = dmu_read_uio_dbuf(sa_get_db(zp->z_sa_hdl),
333 uio, bytes);
334 }
335
336 len -= bytes;
337 off = 0;
338 if (error)
339 break;
340 }
341 return (error);
342 }
343 #endif /* _KERNEL */
344
345 unsigned long zfs_delete_blocks = DMU_MAX_DELETEBLKCNT;
346
347 /*
348 * Write the bytes to a file.
349 *
350 * IN: zp - znode of file to be written to
351 * data - bytes to write
352 * len - number of bytes to write
353 * pos - offset to start writing at
354 *
355 * OUT: resid - remaining bytes to write
356 *
357 * RETURN: 0 if success
358 * positive error code if failure. EIO is returned
359 * for a short write when residp isn't provided.
360 *
361 * Timestamps:
362 * zp - ctime|mtime updated if byte count > 0
363 */
364 int
zfs_write_simple(znode_t * zp,const void * data,size_t len,loff_t pos,size_t * residp)365 zfs_write_simple(znode_t *zp, const void *data, size_t len,
366 loff_t pos, size_t *residp)
367 {
368 fstrans_cookie_t cookie;
369 int error;
370
371 struct iovec iov;
372 iov.iov_base = (void *)data;
373 iov.iov_len = len;
374
375 uio_t uio;
376 uio_iovec_init(&uio, &iov, 1, pos, UIO_SYSSPACE, len, 0);
377
378 cookie = spl_fstrans_mark();
379 error = zfs_write(zp, &uio, 0, kcred);
380 spl_fstrans_unmark(cookie);
381
382 if (error == 0) {
383 if (residp != NULL)
384 *residp = uio_resid(&uio);
385 else if (uio_resid(&uio) != 0)
386 error = SET_ERROR(EIO);
387 }
388
389 return (error);
390 }
391
392 void
zfs_zrele_async(znode_t * zp)393 zfs_zrele_async(znode_t *zp)
394 {
395 struct inode *ip = ZTOI(zp);
396 objset_t *os = ITOZSB(ip)->z_os;
397
398 ASSERT(atomic_read(&ip->i_count) > 0);
399 ASSERT(os != NULL);
400
401 if (atomic_read(&ip->i_count) == 1)
402 VERIFY(taskq_dispatch(dsl_pool_zrele_taskq(dmu_objset_pool(os)),
403 (task_func_t *)iput, ip, TQ_SLEEP) != TASKQID_INVALID);
404 else
405 zrele(zp);
406 }
407
408
409 /*
410 * Lookup an entry in a directory, or an extended attribute directory.
411 * If it exists, return a held inode reference for it.
412 *
413 * IN: zdp - znode of directory to search.
414 * nm - name of entry to lookup.
415 * flags - LOOKUP_XATTR set if looking for an attribute.
416 * cr - credentials of caller.
417 * direntflags - directory lookup flags
418 * realpnp - returned pathname.
419 *
420 * OUT: zpp - znode of located entry, NULL if not found.
421 *
422 * RETURN: 0 on success, error code on failure.
423 *
424 * Timestamps:
425 * NA
426 */
427 /* ARGSUSED */
428 int
zfs_lookup(znode_t * zdp,char * nm,znode_t ** zpp,int flags,cred_t * cr,int * direntflags,pathname_t * realpnp)429 zfs_lookup(znode_t *zdp, char *nm, znode_t **zpp, int flags, cred_t *cr,
430 int *direntflags, pathname_t *realpnp)
431 {
432 zfsvfs_t *zfsvfs = ZTOZSB(zdp);
433 int error = 0;
434
435 /*
436 * Fast path lookup, however we must skip DNLC lookup
437 * for case folding or normalizing lookups because the
438 * DNLC code only stores the passed in name. This means
439 * creating 'a' and removing 'A' on a case insensitive
440 * file system would work, but DNLC still thinks 'a'
441 * exists and won't let you create it again on the next
442 * pass through fast path.
443 */
444 if (!(flags & (LOOKUP_XATTR | FIGNORECASE))) {
445
446 if (!S_ISDIR(ZTOI(zdp)->i_mode)) {
447 return (SET_ERROR(ENOTDIR));
448 } else if (zdp->z_sa_hdl == NULL) {
449 return (SET_ERROR(EIO));
450 }
451
452 if (nm[0] == 0 || (nm[0] == '.' && nm[1] == '\0')) {
453 error = zfs_fastaccesschk_execute(zdp, cr);
454 if (!error) {
455 *zpp = zdp;
456 zhold(*zpp);
457 return (0);
458 }
459 return (error);
460 }
461 }
462
463 ZFS_ENTER(zfsvfs);
464 ZFS_VERIFY_ZP(zdp);
465
466 *zpp = NULL;
467
468 if (flags & LOOKUP_XATTR) {
469 /*
470 * We don't allow recursive attributes..
471 * Maybe someday we will.
472 */
473 if (zdp->z_pflags & ZFS_XATTR) {
474 ZFS_EXIT(zfsvfs);
475 return (SET_ERROR(EINVAL));
476 }
477
478 if ((error = zfs_get_xattrdir(zdp, zpp, cr, flags))) {
479 ZFS_EXIT(zfsvfs);
480 return (error);
481 }
482
483 /*
484 * Do we have permission to get into attribute directory?
485 */
486
487 if ((error = zfs_zaccess(*zpp, ACE_EXECUTE, 0,
488 B_FALSE, cr))) {
489 zrele(*zpp);
490 *zpp = NULL;
491 }
492
493 ZFS_EXIT(zfsvfs);
494 return (error);
495 }
496
497 if (!S_ISDIR(ZTOI(zdp)->i_mode)) {
498 ZFS_EXIT(zfsvfs);
499 return (SET_ERROR(ENOTDIR));
500 }
501
502 /*
503 * Check accessibility of directory.
504 */
505
506 if ((error = zfs_zaccess(zdp, ACE_EXECUTE, 0, B_FALSE, cr))) {
507 ZFS_EXIT(zfsvfs);
508 return (error);
509 }
510
511 if (zfsvfs->z_utf8 && u8_validate(nm, strlen(nm),
512 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
513 ZFS_EXIT(zfsvfs);
514 return (SET_ERROR(EILSEQ));
515 }
516
517 error = zfs_dirlook(zdp, nm, zpp, flags, direntflags, realpnp);
518 if ((error == 0) && (*zpp))
519 zfs_inode_update(*zpp);
520
521 ZFS_EXIT(zfsvfs);
522 return (error);
523 }
524
525 /*
526 * Attempt to create a new entry in a directory. If the entry
527 * already exists, truncate the file if permissible, else return
528 * an error. Return the ip of the created or trunc'd file.
529 *
530 * IN: dzp - znode of directory to put new file entry in.
531 * name - name of new file entry.
532 * vap - attributes of new file.
533 * excl - flag indicating exclusive or non-exclusive mode.
534 * mode - mode to open file with.
535 * cr - credentials of caller.
536 * flag - file flag.
537 * vsecp - ACL to be set
538 *
539 * OUT: zpp - znode of created or trunc'd entry.
540 *
541 * RETURN: 0 on success, error code on failure.
542 *
543 * Timestamps:
544 * dzp - ctime|mtime updated if new entry created
545 * zp - ctime|mtime always, atime if new
546 */
547
548 /* ARGSUSED */
549 int
zfs_create(znode_t * dzp,char * name,vattr_t * vap,int excl,int mode,znode_t ** zpp,cred_t * cr,int flag,vsecattr_t * vsecp)550 zfs_create(znode_t *dzp, char *name, vattr_t *vap, int excl,
551 int mode, znode_t **zpp, cred_t *cr, int flag, vsecattr_t *vsecp)
552 {
553 znode_t *zp;
554 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
555 zilog_t *zilog;
556 objset_t *os;
557 zfs_dirlock_t *dl;
558 dmu_tx_t *tx;
559 int error;
560 uid_t uid;
561 gid_t gid;
562 zfs_acl_ids_t acl_ids;
563 boolean_t fuid_dirtied;
564 boolean_t have_acl = B_FALSE;
565 boolean_t waited = B_FALSE;
566
567 /*
568 * If we have an ephemeral id, ACL, or XVATTR then
569 * make sure file system is at proper version
570 */
571
572 gid = crgetgid(cr);
573 uid = crgetuid(cr);
574
575 if (zfsvfs->z_use_fuids == B_FALSE &&
576 (vsecp || IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
577 return (SET_ERROR(EINVAL));
578
579 if (name == NULL)
580 return (SET_ERROR(EINVAL));
581
582 ZFS_ENTER(zfsvfs);
583 ZFS_VERIFY_ZP(dzp);
584 os = zfsvfs->z_os;
585 zilog = zfsvfs->z_log;
586
587 if (zfsvfs->z_utf8 && u8_validate(name, strlen(name),
588 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
589 ZFS_EXIT(zfsvfs);
590 return (SET_ERROR(EILSEQ));
591 }
592
593 if (vap->va_mask & ATTR_XVATTR) {
594 if ((error = secpolicy_xvattr((xvattr_t *)vap,
595 crgetuid(cr), cr, vap->va_mode)) != 0) {
596 ZFS_EXIT(zfsvfs);
597 return (error);
598 }
599 }
600
601 top:
602 *zpp = NULL;
603 if (*name == '\0') {
604 /*
605 * Null component name refers to the directory itself.
606 */
607 zhold(dzp);
608 zp = dzp;
609 dl = NULL;
610 error = 0;
611 } else {
612 /* possible igrab(zp) */
613 int zflg = 0;
614
615 if (flag & FIGNORECASE)
616 zflg |= ZCILOOK;
617
618 error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg,
619 NULL, NULL);
620 if (error) {
621 if (have_acl)
622 zfs_acl_ids_free(&acl_ids);
623 if (strcmp(name, "..") == 0)
624 error = SET_ERROR(EISDIR);
625 ZFS_EXIT(zfsvfs);
626 return (error);
627 }
628 }
629
630 if (zp == NULL) {
631 uint64_t txtype;
632 uint64_t projid = ZFS_DEFAULT_PROJID;
633
634 /*
635 * Create a new file object and update the directory
636 * to reference it.
637 */
638 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
639 if (have_acl)
640 zfs_acl_ids_free(&acl_ids);
641 goto out;
642 }
643
644 /*
645 * We only support the creation of regular files in
646 * extended attribute directories.
647 */
648
649 if ((dzp->z_pflags & ZFS_XATTR) && !S_ISREG(vap->va_mode)) {
650 if (have_acl)
651 zfs_acl_ids_free(&acl_ids);
652 error = SET_ERROR(EINVAL);
653 goto out;
654 }
655
656 if (!have_acl && (error = zfs_acl_ids_create(dzp, 0, vap,
657 cr, vsecp, &acl_ids)) != 0)
658 goto out;
659 have_acl = B_TRUE;
660
661 if (S_ISREG(vap->va_mode) || S_ISDIR(vap->va_mode))
662 projid = zfs_inherit_projid(dzp);
663 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, projid)) {
664 zfs_acl_ids_free(&acl_ids);
665 error = SET_ERROR(EDQUOT);
666 goto out;
667 }
668
669 tx = dmu_tx_create(os);
670
671 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
672 ZFS_SA_BASE_ATTR_SIZE);
673
674 fuid_dirtied = zfsvfs->z_fuid_dirty;
675 if (fuid_dirtied)
676 zfs_fuid_txhold(zfsvfs, tx);
677 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, name);
678 dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE);
679 if (!zfsvfs->z_use_sa &&
680 acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
681 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
682 0, acl_ids.z_aclp->z_acl_bytes);
683 }
684
685 error = dmu_tx_assign(tx,
686 (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
687 if (error) {
688 zfs_dirent_unlock(dl);
689 if (error == ERESTART) {
690 waited = B_TRUE;
691 dmu_tx_wait(tx);
692 dmu_tx_abort(tx);
693 goto top;
694 }
695 zfs_acl_ids_free(&acl_ids);
696 dmu_tx_abort(tx);
697 ZFS_EXIT(zfsvfs);
698 return (error);
699 }
700 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
701
702 error = zfs_link_create(dl, zp, tx, ZNEW);
703 if (error != 0) {
704 /*
705 * Since, we failed to add the directory entry for it,
706 * delete the newly created dnode.
707 */
708 zfs_znode_delete(zp, tx);
709 remove_inode_hash(ZTOI(zp));
710 zfs_acl_ids_free(&acl_ids);
711 dmu_tx_commit(tx);
712 goto out;
713 }
714
715 if (fuid_dirtied)
716 zfs_fuid_sync(zfsvfs, tx);
717
718 txtype = zfs_log_create_txtype(Z_FILE, vsecp, vap);
719 if (flag & FIGNORECASE)
720 txtype |= TX_CI;
721 zfs_log_create(zilog, tx, txtype, dzp, zp, name,
722 vsecp, acl_ids.z_fuidp, vap);
723 zfs_acl_ids_free(&acl_ids);
724 dmu_tx_commit(tx);
725 } else {
726 int aflags = (flag & O_APPEND) ? V_APPEND : 0;
727
728 if (have_acl)
729 zfs_acl_ids_free(&acl_ids);
730 have_acl = B_FALSE;
731
732 /*
733 * A directory entry already exists for this name.
734 */
735 /*
736 * Can't truncate an existing file if in exclusive mode.
737 */
738 if (excl) {
739 error = SET_ERROR(EEXIST);
740 goto out;
741 }
742 /*
743 * Can't open a directory for writing.
744 */
745 if (S_ISDIR(ZTOI(zp)->i_mode)) {
746 error = SET_ERROR(EISDIR);
747 goto out;
748 }
749 /*
750 * Verify requested access to file.
751 */
752 if (mode && (error = zfs_zaccess_rwx(zp, mode, aflags, cr))) {
753 goto out;
754 }
755
756 mutex_enter(&dzp->z_lock);
757 dzp->z_seq++;
758 mutex_exit(&dzp->z_lock);
759
760 /*
761 * Truncate regular files if requested.
762 */
763 if (S_ISREG(ZTOI(zp)->i_mode) &&
764 (vap->va_mask & ATTR_SIZE) && (vap->va_size == 0)) {
765 /* we can't hold any locks when calling zfs_freesp() */
766 if (dl) {
767 zfs_dirent_unlock(dl);
768 dl = NULL;
769 }
770 error = zfs_freesp(zp, 0, 0, mode, TRUE);
771 }
772 }
773 out:
774
775 if (dl)
776 zfs_dirent_unlock(dl);
777
778 if (error) {
779 if (zp)
780 zrele(zp);
781 } else {
782 zfs_inode_update(dzp);
783 zfs_inode_update(zp);
784 *zpp = zp;
785 }
786
787 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
788 zil_commit(zilog, 0);
789
790 ZFS_EXIT(zfsvfs);
791 return (error);
792 }
793
794 /* ARGSUSED */
795 int
zfs_tmpfile(struct inode * dip,vattr_t * vap,int excl,int mode,struct inode ** ipp,cred_t * cr,int flag,vsecattr_t * vsecp)796 zfs_tmpfile(struct inode *dip, vattr_t *vap, int excl,
797 int mode, struct inode **ipp, cred_t *cr, int flag, vsecattr_t *vsecp)
798 {
799 znode_t *zp = NULL, *dzp = ITOZ(dip);
800 zfsvfs_t *zfsvfs = ITOZSB(dip);
801 objset_t *os;
802 dmu_tx_t *tx;
803 int error;
804 uid_t uid;
805 gid_t gid;
806 zfs_acl_ids_t acl_ids;
807 uint64_t projid = ZFS_DEFAULT_PROJID;
808 boolean_t fuid_dirtied;
809 boolean_t have_acl = B_FALSE;
810 boolean_t waited = B_FALSE;
811
812 /*
813 * If we have an ephemeral id, ACL, or XVATTR then
814 * make sure file system is at proper version
815 */
816
817 gid = crgetgid(cr);
818 uid = crgetuid(cr);
819
820 if (zfsvfs->z_use_fuids == B_FALSE &&
821 (vsecp || IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
822 return (SET_ERROR(EINVAL));
823
824 ZFS_ENTER(zfsvfs);
825 ZFS_VERIFY_ZP(dzp);
826 os = zfsvfs->z_os;
827
828 if (vap->va_mask & ATTR_XVATTR) {
829 if ((error = secpolicy_xvattr((xvattr_t *)vap,
830 crgetuid(cr), cr, vap->va_mode)) != 0) {
831 ZFS_EXIT(zfsvfs);
832 return (error);
833 }
834 }
835
836 top:
837 *ipp = NULL;
838
839 /*
840 * Create a new file object and update the directory
841 * to reference it.
842 */
843 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
844 if (have_acl)
845 zfs_acl_ids_free(&acl_ids);
846 goto out;
847 }
848
849 if (!have_acl && (error = zfs_acl_ids_create(dzp, 0, vap,
850 cr, vsecp, &acl_ids)) != 0)
851 goto out;
852 have_acl = B_TRUE;
853
854 if (S_ISREG(vap->va_mode) || S_ISDIR(vap->va_mode))
855 projid = zfs_inherit_projid(dzp);
856 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, projid)) {
857 zfs_acl_ids_free(&acl_ids);
858 error = SET_ERROR(EDQUOT);
859 goto out;
860 }
861
862 tx = dmu_tx_create(os);
863
864 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
865 ZFS_SA_BASE_ATTR_SIZE);
866 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
867
868 fuid_dirtied = zfsvfs->z_fuid_dirty;
869 if (fuid_dirtied)
870 zfs_fuid_txhold(zfsvfs, tx);
871 if (!zfsvfs->z_use_sa &&
872 acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
873 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
874 0, acl_ids.z_aclp->z_acl_bytes);
875 }
876 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
877 if (error) {
878 if (error == ERESTART) {
879 waited = B_TRUE;
880 dmu_tx_wait(tx);
881 dmu_tx_abort(tx);
882 goto top;
883 }
884 zfs_acl_ids_free(&acl_ids);
885 dmu_tx_abort(tx);
886 ZFS_EXIT(zfsvfs);
887 return (error);
888 }
889 zfs_mknode(dzp, vap, tx, cr, IS_TMPFILE, &zp, &acl_ids);
890
891 if (fuid_dirtied)
892 zfs_fuid_sync(zfsvfs, tx);
893
894 /* Add to unlinked set */
895 zp->z_unlinked = B_TRUE;
896 zfs_unlinked_add(zp, tx);
897 zfs_acl_ids_free(&acl_ids);
898 dmu_tx_commit(tx);
899 out:
900
901 if (error) {
902 if (zp)
903 zrele(zp);
904 } else {
905 zfs_inode_update(dzp);
906 zfs_inode_update(zp);
907 *ipp = ZTOI(zp);
908 }
909
910 ZFS_EXIT(zfsvfs);
911 return (error);
912 }
913
914 /*
915 * Remove an entry from a directory.
916 *
917 * IN: dzp - znode of directory to remove entry from.
918 * name - name of entry to remove.
919 * cr - credentials of caller.
920 * flags - case flags.
921 *
922 * RETURN: 0 if success
923 * error code if failure
924 *
925 * Timestamps:
926 * dzp - ctime|mtime
927 * ip - ctime (if nlink > 0)
928 */
929
930 uint64_t null_xattr = 0;
931
932 /*ARGSUSED*/
933 int
zfs_remove(znode_t * dzp,char * name,cred_t * cr,int flags)934 zfs_remove(znode_t *dzp, char *name, cred_t *cr, int flags)
935 {
936 znode_t *zp;
937 znode_t *xzp;
938 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
939 zilog_t *zilog;
940 uint64_t acl_obj, xattr_obj;
941 uint64_t xattr_obj_unlinked = 0;
942 uint64_t obj = 0;
943 uint64_t links;
944 zfs_dirlock_t *dl;
945 dmu_tx_t *tx;
946 boolean_t may_delete_now, delete_now = FALSE;
947 boolean_t unlinked, toobig = FALSE;
948 uint64_t txtype;
949 pathname_t *realnmp = NULL;
950 pathname_t realnm;
951 int error;
952 int zflg = ZEXISTS;
953 boolean_t waited = B_FALSE;
954
955 if (name == NULL)
956 return (SET_ERROR(EINVAL));
957
958 ZFS_ENTER(zfsvfs);
959 ZFS_VERIFY_ZP(dzp);
960 zilog = zfsvfs->z_log;
961
962 if (flags & FIGNORECASE) {
963 zflg |= ZCILOOK;
964 pn_alloc(&realnm);
965 realnmp = &realnm;
966 }
967
968 top:
969 xattr_obj = 0;
970 xzp = NULL;
971 /*
972 * Attempt to lock directory; fail if entry doesn't exist.
973 */
974 if ((error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg,
975 NULL, realnmp))) {
976 if (realnmp)
977 pn_free(realnmp);
978 ZFS_EXIT(zfsvfs);
979 return (error);
980 }
981
982 if ((error = zfs_zaccess_delete(dzp, zp, cr))) {
983 goto out;
984 }
985
986 /*
987 * Need to use rmdir for removing directories.
988 */
989 if (S_ISDIR(ZTOI(zp)->i_mode)) {
990 error = SET_ERROR(EPERM);
991 goto out;
992 }
993
994 mutex_enter(&zp->z_lock);
995 may_delete_now = atomic_read(&ZTOI(zp)->i_count) == 1 &&
996 !(zp->z_is_mapped);
997 mutex_exit(&zp->z_lock);
998
999 /*
1000 * We may delete the znode now, or we may put it in the unlinked set;
1001 * it depends on whether we're the last link, and on whether there are
1002 * other holds on the inode. So we dmu_tx_hold() the right things to
1003 * allow for either case.
1004 */
1005 obj = zp->z_id;
1006 tx = dmu_tx_create(zfsvfs->z_os);
1007 dmu_tx_hold_zap(tx, dzp->z_id, FALSE, name);
1008 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
1009 zfs_sa_upgrade_txholds(tx, zp);
1010 zfs_sa_upgrade_txholds(tx, dzp);
1011 if (may_delete_now) {
1012 toobig = zp->z_size > zp->z_blksz * zfs_delete_blocks;
1013 /* if the file is too big, only hold_free a token amount */
1014 dmu_tx_hold_free(tx, zp->z_id, 0,
1015 (toobig ? DMU_MAX_ACCESS : DMU_OBJECT_END));
1016 }
1017
1018 /* are there any extended attributes? */
1019 error = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
1020 &xattr_obj, sizeof (xattr_obj));
1021 if (error == 0 && xattr_obj) {
1022 error = zfs_zget(zfsvfs, xattr_obj, &xzp);
1023 ASSERT0(error);
1024 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
1025 dmu_tx_hold_sa(tx, xzp->z_sa_hdl, B_FALSE);
1026 }
1027
1028 mutex_enter(&zp->z_lock);
1029 if ((acl_obj = zfs_external_acl(zp)) != 0 && may_delete_now)
1030 dmu_tx_hold_free(tx, acl_obj, 0, DMU_OBJECT_END);
1031 mutex_exit(&zp->z_lock);
1032
1033 /* charge as an update -- would be nice not to charge at all */
1034 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
1035
1036 /*
1037 * Mark this transaction as typically resulting in a net free of space
1038 */
1039 dmu_tx_mark_netfree(tx);
1040
1041 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
1042 if (error) {
1043 zfs_dirent_unlock(dl);
1044 if (error == ERESTART) {
1045 waited = B_TRUE;
1046 dmu_tx_wait(tx);
1047 dmu_tx_abort(tx);
1048 zrele(zp);
1049 if (xzp)
1050 zrele(xzp);
1051 goto top;
1052 }
1053 if (realnmp)
1054 pn_free(realnmp);
1055 dmu_tx_abort(tx);
1056 zrele(zp);
1057 if (xzp)
1058 zrele(xzp);
1059 ZFS_EXIT(zfsvfs);
1060 return (error);
1061 }
1062
1063 /*
1064 * Remove the directory entry.
1065 */
1066 error = zfs_link_destroy(dl, zp, tx, zflg, &unlinked);
1067
1068 if (error) {
1069 dmu_tx_commit(tx);
1070 goto out;
1071 }
1072
1073 if (unlinked) {
1074 /*
1075 * Hold z_lock so that we can make sure that the ACL obj
1076 * hasn't changed. Could have been deleted due to
1077 * zfs_sa_upgrade().
1078 */
1079 mutex_enter(&zp->z_lock);
1080 (void) sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
1081 &xattr_obj_unlinked, sizeof (xattr_obj_unlinked));
1082 delete_now = may_delete_now && !toobig &&
1083 atomic_read(&ZTOI(zp)->i_count) == 1 &&
1084 !(zp->z_is_mapped) && xattr_obj == xattr_obj_unlinked &&
1085 zfs_external_acl(zp) == acl_obj;
1086 }
1087
1088 if (delete_now) {
1089 if (xattr_obj_unlinked) {
1090 ASSERT3U(ZTOI(xzp)->i_nlink, ==, 2);
1091 mutex_enter(&xzp->z_lock);
1092 xzp->z_unlinked = B_TRUE;
1093 clear_nlink(ZTOI(xzp));
1094 links = 0;
1095 error = sa_update(xzp->z_sa_hdl, SA_ZPL_LINKS(zfsvfs),
1096 &links, sizeof (links), tx);
1097 ASSERT3U(error, ==, 0);
1098 mutex_exit(&xzp->z_lock);
1099 zfs_unlinked_add(xzp, tx);
1100
1101 if (zp->z_is_sa)
1102 error = sa_remove(zp->z_sa_hdl,
1103 SA_ZPL_XATTR(zfsvfs), tx);
1104 else
1105 error = sa_update(zp->z_sa_hdl,
1106 SA_ZPL_XATTR(zfsvfs), &null_xattr,
1107 sizeof (uint64_t), tx);
1108 ASSERT0(error);
1109 }
1110 /*
1111 * Add to the unlinked set because a new reference could be
1112 * taken concurrently resulting in a deferred destruction.
1113 */
1114 zfs_unlinked_add(zp, tx);
1115 mutex_exit(&zp->z_lock);
1116 } else if (unlinked) {
1117 mutex_exit(&zp->z_lock);
1118 zfs_unlinked_add(zp, tx);
1119 }
1120
1121 txtype = TX_REMOVE;
1122 if (flags & FIGNORECASE)
1123 txtype |= TX_CI;
1124 zfs_log_remove(zilog, tx, txtype, dzp, name, obj, unlinked);
1125
1126 dmu_tx_commit(tx);
1127 out:
1128 if (realnmp)
1129 pn_free(realnmp);
1130
1131 zfs_dirent_unlock(dl);
1132 zfs_inode_update(dzp);
1133 zfs_inode_update(zp);
1134
1135 if (delete_now)
1136 zrele(zp);
1137 else
1138 zfs_zrele_async(zp);
1139
1140 if (xzp) {
1141 zfs_inode_update(xzp);
1142 zfs_zrele_async(xzp);
1143 }
1144
1145 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1146 zil_commit(zilog, 0);
1147
1148 ZFS_EXIT(zfsvfs);
1149 return (error);
1150 }
1151
1152 /*
1153 * Create a new directory and insert it into dzp using the name
1154 * provided. Return a pointer to the inserted directory.
1155 *
1156 * IN: dzp - znode of directory to add subdir to.
1157 * dirname - name of new directory.
1158 * vap - attributes of new directory.
1159 * cr - credentials of caller.
1160 * flags - case flags.
1161 * vsecp - ACL to be set
1162 *
1163 * OUT: zpp - znode of created directory.
1164 *
1165 * RETURN: 0 if success
1166 * error code if failure
1167 *
1168 * Timestamps:
1169 * dzp - ctime|mtime updated
1170 * zpp - ctime|mtime|atime updated
1171 */
1172 /*ARGSUSED*/
1173 int
zfs_mkdir(znode_t * dzp,char * dirname,vattr_t * vap,znode_t ** zpp,cred_t * cr,int flags,vsecattr_t * vsecp)1174 zfs_mkdir(znode_t *dzp, char *dirname, vattr_t *vap, znode_t **zpp,
1175 cred_t *cr, int flags, vsecattr_t *vsecp)
1176 {
1177 znode_t *zp;
1178 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
1179 zilog_t *zilog;
1180 zfs_dirlock_t *dl;
1181 uint64_t txtype;
1182 dmu_tx_t *tx;
1183 int error;
1184 int zf = ZNEW;
1185 uid_t uid;
1186 gid_t gid = crgetgid(cr);
1187 zfs_acl_ids_t acl_ids;
1188 boolean_t fuid_dirtied;
1189 boolean_t waited = B_FALSE;
1190
1191 ASSERT(S_ISDIR(vap->va_mode));
1192
1193 /*
1194 * If we have an ephemeral id, ACL, or XVATTR then
1195 * make sure file system is at proper version
1196 */
1197
1198 uid = crgetuid(cr);
1199 if (zfsvfs->z_use_fuids == B_FALSE &&
1200 (vsecp || IS_EPHEMERAL(uid) || IS_EPHEMERAL(gid)))
1201 return (SET_ERROR(EINVAL));
1202
1203 if (dirname == NULL)
1204 return (SET_ERROR(EINVAL));
1205
1206 ZFS_ENTER(zfsvfs);
1207 ZFS_VERIFY_ZP(dzp);
1208 zilog = zfsvfs->z_log;
1209
1210 if (dzp->z_pflags & ZFS_XATTR) {
1211 ZFS_EXIT(zfsvfs);
1212 return (SET_ERROR(EINVAL));
1213 }
1214
1215 if (zfsvfs->z_utf8 && u8_validate(dirname,
1216 strlen(dirname), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
1217 ZFS_EXIT(zfsvfs);
1218 return (SET_ERROR(EILSEQ));
1219 }
1220 if (flags & FIGNORECASE)
1221 zf |= ZCILOOK;
1222
1223 if (vap->va_mask & ATTR_XVATTR) {
1224 if ((error = secpolicy_xvattr((xvattr_t *)vap,
1225 crgetuid(cr), cr, vap->va_mode)) != 0) {
1226 ZFS_EXIT(zfsvfs);
1227 return (error);
1228 }
1229 }
1230
1231 if ((error = zfs_acl_ids_create(dzp, 0, vap, cr,
1232 vsecp, &acl_ids)) != 0) {
1233 ZFS_EXIT(zfsvfs);
1234 return (error);
1235 }
1236 /*
1237 * First make sure the new directory doesn't exist.
1238 *
1239 * Existence is checked first to make sure we don't return
1240 * EACCES instead of EEXIST which can cause some applications
1241 * to fail.
1242 */
1243 top:
1244 *zpp = NULL;
1245
1246 if ((error = zfs_dirent_lock(&dl, dzp, dirname, &zp, zf,
1247 NULL, NULL))) {
1248 zfs_acl_ids_free(&acl_ids);
1249 ZFS_EXIT(zfsvfs);
1250 return (error);
1251 }
1252
1253 if ((error = zfs_zaccess(dzp, ACE_ADD_SUBDIRECTORY, 0, B_FALSE, cr))) {
1254 zfs_acl_ids_free(&acl_ids);
1255 zfs_dirent_unlock(dl);
1256 ZFS_EXIT(zfsvfs);
1257 return (error);
1258 }
1259
1260 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, zfs_inherit_projid(dzp))) {
1261 zfs_acl_ids_free(&acl_ids);
1262 zfs_dirent_unlock(dl);
1263 ZFS_EXIT(zfsvfs);
1264 return (SET_ERROR(EDQUOT));
1265 }
1266
1267 /*
1268 * Add a new entry to the directory.
1269 */
1270 tx = dmu_tx_create(zfsvfs->z_os);
1271 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, dirname);
1272 dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL);
1273 fuid_dirtied = zfsvfs->z_fuid_dirty;
1274 if (fuid_dirtied)
1275 zfs_fuid_txhold(zfsvfs, tx);
1276 if (!zfsvfs->z_use_sa && acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
1277 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
1278 acl_ids.z_aclp->z_acl_bytes);
1279 }
1280
1281 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
1282 ZFS_SA_BASE_ATTR_SIZE);
1283
1284 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
1285 if (error) {
1286 zfs_dirent_unlock(dl);
1287 if (error == ERESTART) {
1288 waited = B_TRUE;
1289 dmu_tx_wait(tx);
1290 dmu_tx_abort(tx);
1291 goto top;
1292 }
1293 zfs_acl_ids_free(&acl_ids);
1294 dmu_tx_abort(tx);
1295 ZFS_EXIT(zfsvfs);
1296 return (error);
1297 }
1298
1299 /*
1300 * Create new node.
1301 */
1302 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
1303
1304 /*
1305 * Now put new name in parent dir.
1306 */
1307 error = zfs_link_create(dl, zp, tx, ZNEW);
1308 if (error != 0) {
1309 zfs_znode_delete(zp, tx);
1310 remove_inode_hash(ZTOI(zp));
1311 goto out;
1312 }
1313
1314 if (fuid_dirtied)
1315 zfs_fuid_sync(zfsvfs, tx);
1316
1317 *zpp = zp;
1318
1319 txtype = zfs_log_create_txtype(Z_DIR, vsecp, vap);
1320 if (flags & FIGNORECASE)
1321 txtype |= TX_CI;
1322 zfs_log_create(zilog, tx, txtype, dzp, zp, dirname, vsecp,
1323 acl_ids.z_fuidp, vap);
1324
1325 out:
1326 zfs_acl_ids_free(&acl_ids);
1327
1328 dmu_tx_commit(tx);
1329
1330 zfs_dirent_unlock(dl);
1331
1332 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1333 zil_commit(zilog, 0);
1334
1335 if (error != 0) {
1336 zrele(zp);
1337 } else {
1338 zfs_inode_update(dzp);
1339 zfs_inode_update(zp);
1340 }
1341 ZFS_EXIT(zfsvfs);
1342 return (error);
1343 }
1344
1345 /*
1346 * Remove a directory subdir entry. If the current working
1347 * directory is the same as the subdir to be removed, the
1348 * remove will fail.
1349 *
1350 * IN: dzp - znode of directory to remove from.
1351 * name - name of directory to be removed.
1352 * cwd - inode of current working directory.
1353 * cr - credentials of caller.
1354 * flags - case flags
1355 *
1356 * RETURN: 0 on success, error code on failure.
1357 *
1358 * Timestamps:
1359 * dzp - ctime|mtime updated
1360 */
1361 /*ARGSUSED*/
1362 int
zfs_rmdir(znode_t * dzp,char * name,znode_t * cwd,cred_t * cr,int flags)1363 zfs_rmdir(znode_t *dzp, char *name, znode_t *cwd, cred_t *cr,
1364 int flags)
1365 {
1366 znode_t *zp;
1367 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
1368 zilog_t *zilog;
1369 zfs_dirlock_t *dl;
1370 dmu_tx_t *tx;
1371 int error;
1372 int zflg = ZEXISTS;
1373 boolean_t waited = B_FALSE;
1374
1375 if (name == NULL)
1376 return (SET_ERROR(EINVAL));
1377
1378 ZFS_ENTER(zfsvfs);
1379 ZFS_VERIFY_ZP(dzp);
1380 zilog = zfsvfs->z_log;
1381
1382 if (flags & FIGNORECASE)
1383 zflg |= ZCILOOK;
1384 top:
1385 zp = NULL;
1386
1387 /*
1388 * Attempt to lock directory; fail if entry doesn't exist.
1389 */
1390 if ((error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg,
1391 NULL, NULL))) {
1392 ZFS_EXIT(zfsvfs);
1393 return (error);
1394 }
1395
1396 if ((error = zfs_zaccess_delete(dzp, zp, cr))) {
1397 goto out;
1398 }
1399
1400 if (!S_ISDIR(ZTOI(zp)->i_mode)) {
1401 error = SET_ERROR(ENOTDIR);
1402 goto out;
1403 }
1404
1405 if (zp == cwd) {
1406 error = SET_ERROR(EINVAL);
1407 goto out;
1408 }
1409
1410 /*
1411 * Grab a lock on the directory to make sure that no one is
1412 * trying to add (or lookup) entries while we are removing it.
1413 */
1414 rw_enter(&zp->z_name_lock, RW_WRITER);
1415
1416 /*
1417 * Grab a lock on the parent pointer to make sure we play well
1418 * with the treewalk and directory rename code.
1419 */
1420 rw_enter(&zp->z_parent_lock, RW_WRITER);
1421
1422 tx = dmu_tx_create(zfsvfs->z_os);
1423 dmu_tx_hold_zap(tx, dzp->z_id, FALSE, name);
1424 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
1425 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
1426 zfs_sa_upgrade_txholds(tx, zp);
1427 zfs_sa_upgrade_txholds(tx, dzp);
1428 dmu_tx_mark_netfree(tx);
1429 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
1430 if (error) {
1431 rw_exit(&zp->z_parent_lock);
1432 rw_exit(&zp->z_name_lock);
1433 zfs_dirent_unlock(dl);
1434 if (error == ERESTART) {
1435 waited = B_TRUE;
1436 dmu_tx_wait(tx);
1437 dmu_tx_abort(tx);
1438 zrele(zp);
1439 goto top;
1440 }
1441 dmu_tx_abort(tx);
1442 zrele(zp);
1443 ZFS_EXIT(zfsvfs);
1444 return (error);
1445 }
1446
1447 error = zfs_link_destroy(dl, zp, tx, zflg, NULL);
1448
1449 if (error == 0) {
1450 uint64_t txtype = TX_RMDIR;
1451 if (flags & FIGNORECASE)
1452 txtype |= TX_CI;
1453 zfs_log_remove(zilog, tx, txtype, dzp, name, ZFS_NO_OBJECT,
1454 B_FALSE);
1455 }
1456
1457 dmu_tx_commit(tx);
1458
1459 rw_exit(&zp->z_parent_lock);
1460 rw_exit(&zp->z_name_lock);
1461 out:
1462 zfs_dirent_unlock(dl);
1463
1464 zfs_inode_update(dzp);
1465 zfs_inode_update(zp);
1466 zrele(zp);
1467
1468 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
1469 zil_commit(zilog, 0);
1470
1471 ZFS_EXIT(zfsvfs);
1472 return (error);
1473 }
1474
1475 /*
1476 * Read directory entries from the given directory cursor position and emit
1477 * name and position for each entry.
1478 *
1479 * IN: ip - inode of directory to read.
1480 * ctx - directory entry context.
1481 * cr - credentials of caller.
1482 *
1483 * RETURN: 0 if success
1484 * error code if failure
1485 *
1486 * Timestamps:
1487 * ip - atime updated
1488 *
1489 * Note that the low 4 bits of the cookie returned by zap is always zero.
1490 * This allows us to use the low range for "special" directory entries:
1491 * We use 0 for '.', and 1 for '..'. If this is the root of the filesystem,
1492 * we use the offset 2 for the '.zfs' directory.
1493 */
1494 /* ARGSUSED */
1495 int
zfs_readdir(struct inode * ip,zpl_dir_context_t * ctx,cred_t * cr)1496 zfs_readdir(struct inode *ip, zpl_dir_context_t *ctx, cred_t *cr)
1497 {
1498 znode_t *zp = ITOZ(ip);
1499 zfsvfs_t *zfsvfs = ITOZSB(ip);
1500 objset_t *os;
1501 zap_cursor_t zc;
1502 zap_attribute_t zap;
1503 int error;
1504 uint8_t prefetch;
1505 uint8_t type;
1506 int done = 0;
1507 uint64_t parent;
1508 uint64_t offset; /* must be unsigned; checks for < 1 */
1509
1510 ZFS_ENTER(zfsvfs);
1511 ZFS_VERIFY_ZP(zp);
1512
1513 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
1514 &parent, sizeof (parent))) != 0)
1515 goto out;
1516
1517 /*
1518 * Quit if directory has been removed (posix)
1519 */
1520 if (zp->z_unlinked)
1521 goto out;
1522
1523 error = 0;
1524 os = zfsvfs->z_os;
1525 offset = ctx->pos;
1526 prefetch = zp->z_zn_prefetch;
1527
1528 /*
1529 * Initialize the iterator cursor.
1530 */
1531 if (offset <= 3) {
1532 /*
1533 * Start iteration from the beginning of the directory.
1534 */
1535 zap_cursor_init(&zc, os, zp->z_id);
1536 } else {
1537 /*
1538 * The offset is a serialized cursor.
1539 */
1540 zap_cursor_init_serialized(&zc, os, zp->z_id, offset);
1541 }
1542
1543 /*
1544 * Transform to file-system independent format
1545 */
1546 while (!done) {
1547 uint64_t objnum;
1548 /*
1549 * Special case `.', `..', and `.zfs'.
1550 */
1551 if (offset == 0) {
1552 (void) strcpy(zap.za_name, ".");
1553 zap.za_normalization_conflict = 0;
1554 objnum = zp->z_id;
1555 type = DT_DIR;
1556 } else if (offset == 1) {
1557 (void) strcpy(zap.za_name, "..");
1558 zap.za_normalization_conflict = 0;
1559 objnum = parent;
1560 type = DT_DIR;
1561 } else if (offset == 2 && zfs_show_ctldir(zp)) {
1562 (void) strcpy(zap.za_name, ZFS_CTLDIR_NAME);
1563 zap.za_normalization_conflict = 0;
1564 objnum = ZFSCTL_INO_ROOT;
1565 type = DT_DIR;
1566 } else {
1567 /*
1568 * Grab next entry.
1569 */
1570 if ((error = zap_cursor_retrieve(&zc, &zap))) {
1571 if (error == ENOENT)
1572 break;
1573 else
1574 goto update;
1575 }
1576
1577 /*
1578 * Allow multiple entries provided the first entry is
1579 * the object id. Non-zpl consumers may safely make
1580 * use of the additional space.
1581 *
1582 * XXX: This should be a feature flag for compatibility
1583 */
1584 if (zap.za_integer_length != 8 ||
1585 zap.za_num_integers == 0) {
1586 cmn_err(CE_WARN, "zap_readdir: bad directory "
1587 "entry, obj = %lld, offset = %lld, "
1588 "length = %d, num = %lld\n",
1589 (u_longlong_t)zp->z_id,
1590 (u_longlong_t)offset,
1591 zap.za_integer_length,
1592 (u_longlong_t)zap.za_num_integers);
1593 error = SET_ERROR(ENXIO);
1594 goto update;
1595 }
1596
1597 objnum = ZFS_DIRENT_OBJ(zap.za_first_integer);
1598 type = ZFS_DIRENT_TYPE(zap.za_first_integer);
1599 }
1600
1601 done = !zpl_dir_emit(ctx, zap.za_name, strlen(zap.za_name),
1602 objnum, type);
1603 if (done)
1604 break;
1605
1606 /* Prefetch znode */
1607 if (prefetch) {
1608 dmu_prefetch(os, objnum, 0, 0, 0,
1609 ZIO_PRIORITY_SYNC_READ);
1610 }
1611
1612 /*
1613 * Move to the next entry, fill in the previous offset.
1614 */
1615 if (offset > 2 || (offset == 2 && !zfs_show_ctldir(zp))) {
1616 zap_cursor_advance(&zc);
1617 offset = zap_cursor_serialize(&zc);
1618 } else {
1619 offset += 1;
1620 }
1621 ctx->pos = offset;
1622 }
1623 zp->z_zn_prefetch = B_FALSE; /* a lookup will re-enable pre-fetching */
1624
1625 update:
1626 zap_cursor_fini(&zc);
1627 if (error == ENOENT)
1628 error = 0;
1629 out:
1630 ZFS_EXIT(zfsvfs);
1631
1632 return (error);
1633 }
1634
1635 /*
1636 * Get the basic file attributes and place them in the provided kstat
1637 * structure. The inode is assumed to be the authoritative source
1638 * for most of the attributes. However, the znode currently has the
1639 * authoritative atime, blksize, and block count.
1640 *
1641 * IN: ip - inode of file.
1642 *
1643 * OUT: sp - kstat values.
1644 *
1645 * RETURN: 0 (always succeeds)
1646 */
1647 /* ARGSUSED */
1648 int
zfs_getattr_fast(struct inode * ip,struct kstat * sp)1649 zfs_getattr_fast(struct inode *ip, struct kstat *sp)
1650 {
1651 znode_t *zp = ITOZ(ip);
1652 zfsvfs_t *zfsvfs = ITOZSB(ip);
1653 uint32_t blksize;
1654 u_longlong_t nblocks;
1655
1656 ZFS_ENTER(zfsvfs);
1657 ZFS_VERIFY_ZP(zp);
1658
1659 mutex_enter(&zp->z_lock);
1660
1661 generic_fillattr(ip, sp);
1662 /*
1663 * +1 link count for root inode with visible '.zfs' directory.
1664 */
1665 if ((zp->z_id == zfsvfs->z_root) && zfs_show_ctldir(zp))
1666 if (sp->nlink < ZFS_LINK_MAX)
1667 sp->nlink++;
1668
1669 sa_object_size(zp->z_sa_hdl, &blksize, &nblocks);
1670 sp->blksize = blksize;
1671 sp->blocks = nblocks;
1672
1673 if (unlikely(zp->z_blksz == 0)) {
1674 /*
1675 * Block size hasn't been set; suggest maximal I/O transfers.
1676 */
1677 sp->blksize = zfsvfs->z_max_blksz;
1678 }
1679
1680 mutex_exit(&zp->z_lock);
1681
1682 /*
1683 * Required to prevent NFS client from detecting different inode
1684 * numbers of snapshot root dentry before and after snapshot mount.
1685 */
1686 if (zfsvfs->z_issnap) {
1687 if (ip->i_sb->s_root->d_inode == ip)
1688 sp->ino = ZFSCTL_INO_SNAPDIRS -
1689 dmu_objset_id(zfsvfs->z_os);
1690 }
1691
1692 ZFS_EXIT(zfsvfs);
1693
1694 return (0);
1695 }
1696
1697 /*
1698 * For the operation of changing file's user/group/project, we need to
1699 * handle not only the main object that is assigned to the file directly,
1700 * but also the ones that are used by the file via hidden xattr directory.
1701 *
1702 * Because the xattr directory may contains many EA entries, as to it may
1703 * be impossible to change all of them via the transaction of changing the
1704 * main object's user/group/project attributes. Then we have to change them
1705 * via other multiple independent transactions one by one. It may be not good
1706 * solution, but we have no better idea yet.
1707 */
1708 static int
zfs_setattr_dir(znode_t * dzp)1709 zfs_setattr_dir(znode_t *dzp)
1710 {
1711 struct inode *dxip = ZTOI(dzp);
1712 struct inode *xip = NULL;
1713 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
1714 objset_t *os = zfsvfs->z_os;
1715 zap_cursor_t zc;
1716 zap_attribute_t zap;
1717 zfs_dirlock_t *dl;
1718 znode_t *zp = NULL;
1719 dmu_tx_t *tx = NULL;
1720 uint64_t uid, gid;
1721 sa_bulk_attr_t bulk[4];
1722 int count;
1723 int err;
1724
1725 zap_cursor_init(&zc, os, dzp->z_id);
1726 while ((err = zap_cursor_retrieve(&zc, &zap)) == 0) {
1727 count = 0;
1728 if (zap.za_integer_length != 8 || zap.za_num_integers != 1) {
1729 err = ENXIO;
1730 break;
1731 }
1732
1733 err = zfs_dirent_lock(&dl, dzp, (char *)zap.za_name, &zp,
1734 ZEXISTS, NULL, NULL);
1735 if (err == ENOENT)
1736 goto next;
1737 if (err)
1738 break;
1739
1740 xip = ZTOI(zp);
1741 if (KUID_TO_SUID(xip->i_uid) == KUID_TO_SUID(dxip->i_uid) &&
1742 KGID_TO_SGID(xip->i_gid) == KGID_TO_SGID(dxip->i_gid) &&
1743 zp->z_projid == dzp->z_projid)
1744 goto next;
1745
1746 tx = dmu_tx_create(os);
1747 if (!(zp->z_pflags & ZFS_PROJID))
1748 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
1749 else
1750 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
1751
1752 err = dmu_tx_assign(tx, TXG_WAIT);
1753 if (err)
1754 break;
1755
1756 mutex_enter(&dzp->z_lock);
1757
1758 if (KUID_TO_SUID(xip->i_uid) != KUID_TO_SUID(dxip->i_uid)) {
1759 xip->i_uid = dxip->i_uid;
1760 uid = zfs_uid_read(dxip);
1761 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zfsvfs), NULL,
1762 &uid, sizeof (uid));
1763 }
1764
1765 if (KGID_TO_SGID(xip->i_gid) != KGID_TO_SGID(dxip->i_gid)) {
1766 xip->i_gid = dxip->i_gid;
1767 gid = zfs_gid_read(dxip);
1768 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zfsvfs), NULL,
1769 &gid, sizeof (gid));
1770 }
1771
1772 if (zp->z_projid != dzp->z_projid) {
1773 if (!(zp->z_pflags & ZFS_PROJID)) {
1774 zp->z_pflags |= ZFS_PROJID;
1775 SA_ADD_BULK_ATTR(bulk, count,
1776 SA_ZPL_FLAGS(zfsvfs), NULL, &zp->z_pflags,
1777 sizeof (zp->z_pflags));
1778 }
1779
1780 zp->z_projid = dzp->z_projid;
1781 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_PROJID(zfsvfs),
1782 NULL, &zp->z_projid, sizeof (zp->z_projid));
1783 }
1784
1785 mutex_exit(&dzp->z_lock);
1786
1787 if (likely(count > 0)) {
1788 err = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
1789 dmu_tx_commit(tx);
1790 } else {
1791 dmu_tx_abort(tx);
1792 }
1793 tx = NULL;
1794 if (err != 0 && err != ENOENT)
1795 break;
1796
1797 next:
1798 if (zp) {
1799 zrele(zp);
1800 zp = NULL;
1801 zfs_dirent_unlock(dl);
1802 }
1803 zap_cursor_advance(&zc);
1804 }
1805
1806 if (tx)
1807 dmu_tx_abort(tx);
1808 if (zp) {
1809 zrele(zp);
1810 zfs_dirent_unlock(dl);
1811 }
1812 zap_cursor_fini(&zc);
1813
1814 return (err == ENOENT ? 0 : err);
1815 }
1816
1817 /*
1818 * Set the file attributes to the values contained in the
1819 * vattr structure.
1820 *
1821 * IN: zp - znode of file to be modified.
1822 * vap - new attribute values.
1823 * If ATTR_XVATTR set, then optional attrs are being set
1824 * flags - ATTR_UTIME set if non-default time values provided.
1825 * - ATTR_NOACLCHECK (CIFS context only).
1826 * cr - credentials of caller.
1827 *
1828 * RETURN: 0 if success
1829 * error code if failure
1830 *
1831 * Timestamps:
1832 * ip - ctime updated, mtime updated if size changed.
1833 */
1834 /* ARGSUSED */
1835 int
zfs_setattr(znode_t * zp,vattr_t * vap,int flags,cred_t * cr)1836 zfs_setattr(znode_t *zp, vattr_t *vap, int flags, cred_t *cr)
1837 {
1838 struct inode *ip;
1839 zfsvfs_t *zfsvfs = ZTOZSB(zp);
1840 objset_t *os = zfsvfs->z_os;
1841 zilog_t *zilog;
1842 dmu_tx_t *tx;
1843 vattr_t oldva;
1844 xvattr_t *tmpxvattr;
1845 uint_t mask = vap->va_mask;
1846 uint_t saved_mask = 0;
1847 int trim_mask = 0;
1848 uint64_t new_mode;
1849 uint64_t new_kuid = 0, new_kgid = 0, new_uid, new_gid;
1850 uint64_t xattr_obj;
1851 uint64_t mtime[2], ctime[2], atime[2];
1852 uint64_t projid = ZFS_INVALID_PROJID;
1853 znode_t *attrzp;
1854 int need_policy = FALSE;
1855 int err, err2 = 0;
1856 zfs_fuid_info_t *fuidp = NULL;
1857 xvattr_t *xvap = (xvattr_t *)vap; /* vap may be an xvattr_t * */
1858 xoptattr_t *xoap;
1859 zfs_acl_t *aclp;
1860 boolean_t skipaclchk = (flags & ATTR_NOACLCHECK) ? B_TRUE : B_FALSE;
1861 boolean_t fuid_dirtied = B_FALSE;
1862 boolean_t handle_eadir = B_FALSE;
1863 sa_bulk_attr_t *bulk, *xattr_bulk;
1864 int count = 0, xattr_count = 0, bulks = 8;
1865
1866 if (mask == 0)
1867 return (0);
1868
1869 ZFS_ENTER(zfsvfs);
1870 ZFS_VERIFY_ZP(zp);
1871 ip = ZTOI(zp);
1872
1873 /*
1874 * If this is a xvattr_t, then get a pointer to the structure of
1875 * optional attributes. If this is NULL, then we have a vattr_t.
1876 */
1877 xoap = xva_getxoptattr(xvap);
1878 if (xoap != NULL && (mask & ATTR_XVATTR)) {
1879 if (XVA_ISSET_REQ(xvap, XAT_PROJID)) {
1880 if (!dmu_objset_projectquota_enabled(os) ||
1881 (!S_ISREG(ip->i_mode) && !S_ISDIR(ip->i_mode))) {
1882 ZFS_EXIT(zfsvfs);
1883 return (SET_ERROR(ENOTSUP));
1884 }
1885
1886 projid = xoap->xoa_projid;
1887 if (unlikely(projid == ZFS_INVALID_PROJID)) {
1888 ZFS_EXIT(zfsvfs);
1889 return (SET_ERROR(EINVAL));
1890 }
1891
1892 if (projid == zp->z_projid && zp->z_pflags & ZFS_PROJID)
1893 projid = ZFS_INVALID_PROJID;
1894 else
1895 need_policy = TRUE;
1896 }
1897
1898 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT) &&
1899 (xoap->xoa_projinherit !=
1900 ((zp->z_pflags & ZFS_PROJINHERIT) != 0)) &&
1901 (!dmu_objset_projectquota_enabled(os) ||
1902 (!S_ISREG(ip->i_mode) && !S_ISDIR(ip->i_mode)))) {
1903 ZFS_EXIT(zfsvfs);
1904 return (SET_ERROR(ENOTSUP));
1905 }
1906 }
1907
1908 zilog = zfsvfs->z_log;
1909
1910 /*
1911 * Make sure that if we have ephemeral uid/gid or xvattr specified
1912 * that file system is at proper version level
1913 */
1914
1915 if (zfsvfs->z_use_fuids == B_FALSE &&
1916 (((mask & ATTR_UID) && IS_EPHEMERAL(vap->va_uid)) ||
1917 ((mask & ATTR_GID) && IS_EPHEMERAL(vap->va_gid)) ||
1918 (mask & ATTR_XVATTR))) {
1919 ZFS_EXIT(zfsvfs);
1920 return (SET_ERROR(EINVAL));
1921 }
1922
1923 if (mask & ATTR_SIZE && S_ISDIR(ip->i_mode)) {
1924 ZFS_EXIT(zfsvfs);
1925 return (SET_ERROR(EISDIR));
1926 }
1927
1928 if (mask & ATTR_SIZE && !S_ISREG(ip->i_mode) && !S_ISFIFO(ip->i_mode)) {
1929 ZFS_EXIT(zfsvfs);
1930 return (SET_ERROR(EINVAL));
1931 }
1932
1933 tmpxvattr = kmem_alloc(sizeof (xvattr_t), KM_SLEEP);
1934 xva_init(tmpxvattr);
1935
1936 bulk = kmem_alloc(sizeof (sa_bulk_attr_t) * bulks, KM_SLEEP);
1937 xattr_bulk = kmem_alloc(sizeof (sa_bulk_attr_t) * bulks, KM_SLEEP);
1938
1939 /*
1940 * Immutable files can only alter immutable bit and atime
1941 */
1942 if ((zp->z_pflags & ZFS_IMMUTABLE) &&
1943 ((mask & (ATTR_SIZE|ATTR_UID|ATTR_GID|ATTR_MTIME|ATTR_MODE)) ||
1944 ((mask & ATTR_XVATTR) && XVA_ISSET_REQ(xvap, XAT_CREATETIME)))) {
1945 err = SET_ERROR(EPERM);
1946 goto out3;
1947 }
1948
1949 if ((mask & ATTR_SIZE) && (zp->z_pflags & ZFS_READONLY)) {
1950 err = SET_ERROR(EPERM);
1951 goto out3;
1952 }
1953
1954 /*
1955 * Verify timestamps doesn't overflow 32 bits.
1956 * ZFS can handle large timestamps, but 32bit syscalls can't
1957 * handle times greater than 2039. This check should be removed
1958 * once large timestamps are fully supported.
1959 */
1960 if (mask & (ATTR_ATIME | ATTR_MTIME)) {
1961 if (((mask & ATTR_ATIME) &&
1962 TIMESPEC_OVERFLOW(&vap->va_atime)) ||
1963 ((mask & ATTR_MTIME) &&
1964 TIMESPEC_OVERFLOW(&vap->va_mtime))) {
1965 err = SET_ERROR(EOVERFLOW);
1966 goto out3;
1967 }
1968 }
1969
1970 top:
1971 attrzp = NULL;
1972 aclp = NULL;
1973
1974 /* Can this be moved to before the top label? */
1975 if (zfs_is_readonly(zfsvfs)) {
1976 err = SET_ERROR(EROFS);
1977 goto out3;
1978 }
1979
1980 /*
1981 * First validate permissions
1982 */
1983
1984 if (mask & ATTR_SIZE) {
1985 err = zfs_zaccess(zp, ACE_WRITE_DATA, 0, skipaclchk, cr);
1986 if (err)
1987 goto out3;
1988
1989 /*
1990 * XXX - Note, we are not providing any open
1991 * mode flags here (like FNDELAY), so we may
1992 * block if there are locks present... this
1993 * should be addressed in openat().
1994 */
1995 /* XXX - would it be OK to generate a log record here? */
1996 err = zfs_freesp(zp, vap->va_size, 0, 0, FALSE);
1997 if (err)
1998 goto out3;
1999 }
2000
2001 if (mask & (ATTR_ATIME|ATTR_MTIME) ||
2002 ((mask & ATTR_XVATTR) && (XVA_ISSET_REQ(xvap, XAT_HIDDEN) ||
2003 XVA_ISSET_REQ(xvap, XAT_READONLY) ||
2004 XVA_ISSET_REQ(xvap, XAT_ARCHIVE) ||
2005 XVA_ISSET_REQ(xvap, XAT_OFFLINE) ||
2006 XVA_ISSET_REQ(xvap, XAT_SPARSE) ||
2007 XVA_ISSET_REQ(xvap, XAT_CREATETIME) ||
2008 XVA_ISSET_REQ(xvap, XAT_SYSTEM)))) {
2009 need_policy = zfs_zaccess(zp, ACE_WRITE_ATTRIBUTES, 0,
2010 skipaclchk, cr);
2011 }
2012
2013 if (mask & (ATTR_UID|ATTR_GID)) {
2014 int idmask = (mask & (ATTR_UID|ATTR_GID));
2015 int take_owner;
2016 int take_group;
2017
2018 /*
2019 * NOTE: even if a new mode is being set,
2020 * we may clear S_ISUID/S_ISGID bits.
2021 */
2022
2023 if (!(mask & ATTR_MODE))
2024 vap->va_mode = zp->z_mode;
2025
2026 /*
2027 * Take ownership or chgrp to group we are a member of
2028 */
2029
2030 take_owner = (mask & ATTR_UID) && (vap->va_uid == crgetuid(cr));
2031 take_group = (mask & ATTR_GID) &&
2032 zfs_groupmember(zfsvfs, vap->va_gid, cr);
2033
2034 /*
2035 * If both ATTR_UID and ATTR_GID are set then take_owner and
2036 * take_group must both be set in order to allow taking
2037 * ownership.
2038 *
2039 * Otherwise, send the check through secpolicy_vnode_setattr()
2040 *
2041 */
2042
2043 if (((idmask == (ATTR_UID|ATTR_GID)) &&
2044 take_owner && take_group) ||
2045 ((idmask == ATTR_UID) && take_owner) ||
2046 ((idmask == ATTR_GID) && take_group)) {
2047 if (zfs_zaccess(zp, ACE_WRITE_OWNER, 0,
2048 skipaclchk, cr) == 0) {
2049 /*
2050 * Remove setuid/setgid for non-privileged users
2051 */
2052 (void) secpolicy_setid_clear(vap, cr);
2053 trim_mask = (mask & (ATTR_UID|ATTR_GID));
2054 } else {
2055 need_policy = TRUE;
2056 }
2057 } else {
2058 need_policy = TRUE;
2059 }
2060 }
2061
2062 mutex_enter(&zp->z_lock);
2063 oldva.va_mode = zp->z_mode;
2064 zfs_fuid_map_ids(zp, cr, &oldva.va_uid, &oldva.va_gid);
2065 if (mask & ATTR_XVATTR) {
2066 /*
2067 * Update xvattr mask to include only those attributes
2068 * that are actually changing.
2069 *
2070 * the bits will be restored prior to actually setting
2071 * the attributes so the caller thinks they were set.
2072 */
2073 if (XVA_ISSET_REQ(xvap, XAT_APPENDONLY)) {
2074 if (xoap->xoa_appendonly !=
2075 ((zp->z_pflags & ZFS_APPENDONLY) != 0)) {
2076 need_policy = TRUE;
2077 } else {
2078 XVA_CLR_REQ(xvap, XAT_APPENDONLY);
2079 XVA_SET_REQ(tmpxvattr, XAT_APPENDONLY);
2080 }
2081 }
2082
2083 if (XVA_ISSET_REQ(xvap, XAT_PROJINHERIT)) {
2084 if (xoap->xoa_projinherit !=
2085 ((zp->z_pflags & ZFS_PROJINHERIT) != 0)) {
2086 need_policy = TRUE;
2087 } else {
2088 XVA_CLR_REQ(xvap, XAT_PROJINHERIT);
2089 XVA_SET_REQ(tmpxvattr, XAT_PROJINHERIT);
2090 }
2091 }
2092
2093 if (XVA_ISSET_REQ(xvap, XAT_NOUNLINK)) {
2094 if (xoap->xoa_nounlink !=
2095 ((zp->z_pflags & ZFS_NOUNLINK) != 0)) {
2096 need_policy = TRUE;
2097 } else {
2098 XVA_CLR_REQ(xvap, XAT_NOUNLINK);
2099 XVA_SET_REQ(tmpxvattr, XAT_NOUNLINK);
2100 }
2101 }
2102
2103 if (XVA_ISSET_REQ(xvap, XAT_IMMUTABLE)) {
2104 if (xoap->xoa_immutable !=
2105 ((zp->z_pflags & ZFS_IMMUTABLE) != 0)) {
2106 need_policy = TRUE;
2107 } else {
2108 XVA_CLR_REQ(xvap, XAT_IMMUTABLE);
2109 XVA_SET_REQ(tmpxvattr, XAT_IMMUTABLE);
2110 }
2111 }
2112
2113 if (XVA_ISSET_REQ(xvap, XAT_NODUMP)) {
2114 if (xoap->xoa_nodump !=
2115 ((zp->z_pflags & ZFS_NODUMP) != 0)) {
2116 need_policy = TRUE;
2117 } else {
2118 XVA_CLR_REQ(xvap, XAT_NODUMP);
2119 XVA_SET_REQ(tmpxvattr, XAT_NODUMP);
2120 }
2121 }
2122
2123 if (XVA_ISSET_REQ(xvap, XAT_AV_MODIFIED)) {
2124 if (xoap->xoa_av_modified !=
2125 ((zp->z_pflags & ZFS_AV_MODIFIED) != 0)) {
2126 need_policy = TRUE;
2127 } else {
2128 XVA_CLR_REQ(xvap, XAT_AV_MODIFIED);
2129 XVA_SET_REQ(tmpxvattr, XAT_AV_MODIFIED);
2130 }
2131 }
2132
2133 if (XVA_ISSET_REQ(xvap, XAT_AV_QUARANTINED)) {
2134 if ((!S_ISREG(ip->i_mode) &&
2135 xoap->xoa_av_quarantined) ||
2136 xoap->xoa_av_quarantined !=
2137 ((zp->z_pflags & ZFS_AV_QUARANTINED) != 0)) {
2138 need_policy = TRUE;
2139 } else {
2140 XVA_CLR_REQ(xvap, XAT_AV_QUARANTINED);
2141 XVA_SET_REQ(tmpxvattr, XAT_AV_QUARANTINED);
2142 }
2143 }
2144
2145 if (XVA_ISSET_REQ(xvap, XAT_REPARSE)) {
2146 mutex_exit(&zp->z_lock);
2147 err = SET_ERROR(EPERM);
2148 goto out3;
2149 }
2150
2151 if (need_policy == FALSE &&
2152 (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP) ||
2153 XVA_ISSET_REQ(xvap, XAT_OPAQUE))) {
2154 need_policy = TRUE;
2155 }
2156 }
2157
2158 mutex_exit(&zp->z_lock);
2159
2160 if (mask & ATTR_MODE) {
2161 if (zfs_zaccess(zp, ACE_WRITE_ACL, 0, skipaclchk, cr) == 0) {
2162 err = secpolicy_setid_setsticky_clear(ip, vap,
2163 &oldva, cr);
2164 if (err)
2165 goto out3;
2166
2167 trim_mask |= ATTR_MODE;
2168 } else {
2169 need_policy = TRUE;
2170 }
2171 }
2172
2173 if (need_policy) {
2174 /*
2175 * If trim_mask is set then take ownership
2176 * has been granted or write_acl is present and user
2177 * has the ability to modify mode. In that case remove
2178 * UID|GID and or MODE from mask so that
2179 * secpolicy_vnode_setattr() doesn't revoke it.
2180 */
2181
2182 if (trim_mask) {
2183 saved_mask = vap->va_mask;
2184 vap->va_mask &= ~trim_mask;
2185 }
2186 err = secpolicy_vnode_setattr(cr, ip, vap, &oldva, flags,
2187 (int (*)(void *, int, cred_t *))zfs_zaccess_unix, zp);
2188 if (err)
2189 goto out3;
2190
2191 if (trim_mask)
2192 vap->va_mask |= saved_mask;
2193 }
2194
2195 /*
2196 * secpolicy_vnode_setattr, or take ownership may have
2197 * changed va_mask
2198 */
2199 mask = vap->va_mask;
2200
2201 if ((mask & (ATTR_UID | ATTR_GID)) || projid != ZFS_INVALID_PROJID) {
2202 handle_eadir = B_TRUE;
2203 err = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs),
2204 &xattr_obj, sizeof (xattr_obj));
2205
2206 if (err == 0 && xattr_obj) {
2207 err = zfs_zget(ZTOZSB(zp), xattr_obj, &attrzp);
2208 if (err)
2209 goto out2;
2210 }
2211 if (mask & ATTR_UID) {
2212 new_kuid = zfs_fuid_create(zfsvfs,
2213 (uint64_t)vap->va_uid, cr, ZFS_OWNER, &fuidp);
2214 if (new_kuid != KUID_TO_SUID(ZTOI(zp)->i_uid) &&
2215 zfs_id_overquota(zfsvfs, DMU_USERUSED_OBJECT,
2216 new_kuid)) {
2217 if (attrzp)
2218 zrele(attrzp);
2219 err = SET_ERROR(EDQUOT);
2220 goto out2;
2221 }
2222 }
2223
2224 if (mask & ATTR_GID) {
2225 new_kgid = zfs_fuid_create(zfsvfs,
2226 (uint64_t)vap->va_gid, cr, ZFS_GROUP, &fuidp);
2227 if (new_kgid != KGID_TO_SGID(ZTOI(zp)->i_gid) &&
2228 zfs_id_overquota(zfsvfs, DMU_GROUPUSED_OBJECT,
2229 new_kgid)) {
2230 if (attrzp)
2231 zrele(attrzp);
2232 err = SET_ERROR(EDQUOT);
2233 goto out2;
2234 }
2235 }
2236
2237 if (projid != ZFS_INVALID_PROJID &&
2238 zfs_id_overquota(zfsvfs, DMU_PROJECTUSED_OBJECT, projid)) {
2239 if (attrzp)
2240 zrele(attrzp);
2241 err = EDQUOT;
2242 goto out2;
2243 }
2244 }
2245 tx = dmu_tx_create(os);
2246
2247 if (mask & ATTR_MODE) {
2248 uint64_t pmode = zp->z_mode;
2249 uint64_t acl_obj;
2250 new_mode = (pmode & S_IFMT) | (vap->va_mode & ~S_IFMT);
2251
2252 if (ZTOZSB(zp)->z_acl_mode == ZFS_ACL_RESTRICTED &&
2253 !(zp->z_pflags & ZFS_ACL_TRIVIAL)) {
2254 err = EPERM;
2255 goto out;
2256 }
2257
2258 if ((err = zfs_acl_chmod_setattr(zp, &aclp, new_mode)))
2259 goto out;
2260
2261 mutex_enter(&zp->z_lock);
2262 if (!zp->z_is_sa && ((acl_obj = zfs_external_acl(zp)) != 0)) {
2263 /*
2264 * Are we upgrading ACL from old V0 format
2265 * to V1 format?
2266 */
2267 if (zfsvfs->z_version >= ZPL_VERSION_FUID &&
2268 zfs_znode_acl_version(zp) ==
2269 ZFS_ACL_VERSION_INITIAL) {
2270 dmu_tx_hold_free(tx, acl_obj, 0,
2271 DMU_OBJECT_END);
2272 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
2273 0, aclp->z_acl_bytes);
2274 } else {
2275 dmu_tx_hold_write(tx, acl_obj, 0,
2276 aclp->z_acl_bytes);
2277 }
2278 } else if (!zp->z_is_sa && aclp->z_acl_bytes > ZFS_ACE_SPACE) {
2279 dmu_tx_hold_write(tx, DMU_NEW_OBJECT,
2280 0, aclp->z_acl_bytes);
2281 }
2282 mutex_exit(&zp->z_lock);
2283 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2284 } else {
2285 if (((mask & ATTR_XVATTR) &&
2286 XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP)) ||
2287 (projid != ZFS_INVALID_PROJID &&
2288 !(zp->z_pflags & ZFS_PROJID)))
2289 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE);
2290 else
2291 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
2292 }
2293
2294 if (attrzp) {
2295 dmu_tx_hold_sa(tx, attrzp->z_sa_hdl, B_FALSE);
2296 }
2297
2298 fuid_dirtied = zfsvfs->z_fuid_dirty;
2299 if (fuid_dirtied)
2300 zfs_fuid_txhold(zfsvfs, tx);
2301
2302 zfs_sa_upgrade_txholds(tx, zp);
2303
2304 err = dmu_tx_assign(tx, TXG_WAIT);
2305 if (err)
2306 goto out;
2307
2308 count = 0;
2309 /*
2310 * Set each attribute requested.
2311 * We group settings according to the locks they need to acquire.
2312 *
2313 * Note: you cannot set ctime directly, although it will be
2314 * updated as a side-effect of calling this function.
2315 */
2316
2317 if (projid != ZFS_INVALID_PROJID && !(zp->z_pflags & ZFS_PROJID)) {
2318 /*
2319 * For the existed object that is upgraded from old system,
2320 * its on-disk layout has no slot for the project ID attribute.
2321 * But quota accounting logic needs to access related slots by
2322 * offset directly. So we need to adjust old objects' layout
2323 * to make the project ID to some unified and fixed offset.
2324 */
2325 if (attrzp)
2326 err = sa_add_projid(attrzp->z_sa_hdl, tx, projid);
2327 if (err == 0)
2328 err = sa_add_projid(zp->z_sa_hdl, tx, projid);
2329
2330 if (unlikely(err == EEXIST))
2331 err = 0;
2332 else if (err != 0)
2333 goto out;
2334 else
2335 projid = ZFS_INVALID_PROJID;
2336 }
2337
2338 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
2339 mutex_enter(&zp->z_acl_lock);
2340 mutex_enter(&zp->z_lock);
2341
2342 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL,
2343 &zp->z_pflags, sizeof (zp->z_pflags));
2344
2345 if (attrzp) {
2346 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
2347 mutex_enter(&attrzp->z_acl_lock);
2348 mutex_enter(&attrzp->z_lock);
2349 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2350 SA_ZPL_FLAGS(zfsvfs), NULL, &attrzp->z_pflags,
2351 sizeof (attrzp->z_pflags));
2352 if (projid != ZFS_INVALID_PROJID) {
2353 attrzp->z_projid = projid;
2354 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2355 SA_ZPL_PROJID(zfsvfs), NULL, &attrzp->z_projid,
2356 sizeof (attrzp->z_projid));
2357 }
2358 }
2359
2360 if (mask & (ATTR_UID|ATTR_GID)) {
2361
2362 if (mask & ATTR_UID) {
2363 ZTOI(zp)->i_uid = SUID_TO_KUID(new_kuid);
2364 new_uid = zfs_uid_read(ZTOI(zp));
2365 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_UID(zfsvfs), NULL,
2366 &new_uid, sizeof (new_uid));
2367 if (attrzp) {
2368 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2369 SA_ZPL_UID(zfsvfs), NULL, &new_uid,
2370 sizeof (new_uid));
2371 ZTOI(attrzp)->i_uid = SUID_TO_KUID(new_uid);
2372 }
2373 }
2374
2375 if (mask & ATTR_GID) {
2376 ZTOI(zp)->i_gid = SGID_TO_KGID(new_kgid);
2377 new_gid = zfs_gid_read(ZTOI(zp));
2378 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_GID(zfsvfs),
2379 NULL, &new_gid, sizeof (new_gid));
2380 if (attrzp) {
2381 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2382 SA_ZPL_GID(zfsvfs), NULL, &new_gid,
2383 sizeof (new_gid));
2384 ZTOI(attrzp)->i_gid = SGID_TO_KGID(new_kgid);
2385 }
2386 }
2387 if (!(mask & ATTR_MODE)) {
2388 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zfsvfs),
2389 NULL, &new_mode, sizeof (new_mode));
2390 new_mode = zp->z_mode;
2391 }
2392 err = zfs_acl_chown_setattr(zp);
2393 ASSERT(err == 0);
2394 if (attrzp) {
2395 err = zfs_acl_chown_setattr(attrzp);
2396 ASSERT(err == 0);
2397 }
2398 }
2399
2400 if (mask & ATTR_MODE) {
2401 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MODE(zfsvfs), NULL,
2402 &new_mode, sizeof (new_mode));
2403 zp->z_mode = ZTOI(zp)->i_mode = new_mode;
2404 ASSERT3P(aclp, !=, NULL);
2405 err = zfs_aclset_common(zp, aclp, cr, tx);
2406 ASSERT0(err);
2407 if (zp->z_acl_cached)
2408 zfs_acl_free(zp->z_acl_cached);
2409 zp->z_acl_cached = aclp;
2410 aclp = NULL;
2411 }
2412
2413 if ((mask & ATTR_ATIME) || zp->z_atime_dirty) {
2414 zp->z_atime_dirty = B_FALSE;
2415 ZFS_TIME_ENCODE(&ip->i_atime, atime);
2416 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_ATIME(zfsvfs), NULL,
2417 &atime, sizeof (atime));
2418 }
2419
2420 if (mask & (ATTR_MTIME | ATTR_SIZE)) {
2421 ZFS_TIME_ENCODE(&vap->va_mtime, mtime);
2422 ZTOI(zp)->i_mtime = zpl_inode_timestamp_truncate(
2423 vap->va_mtime, ZTOI(zp));
2424
2425 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL,
2426 mtime, sizeof (mtime));
2427 }
2428
2429 if (mask & (ATTR_CTIME | ATTR_SIZE)) {
2430 ZFS_TIME_ENCODE(&vap->va_ctime, ctime);
2431 ZTOI(zp)->i_ctime = zpl_inode_timestamp_truncate(vap->va_ctime,
2432 ZTOI(zp));
2433 SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL,
2434 ctime, sizeof (ctime));
2435 }
2436
2437 if (projid != ZFS_INVALID_PROJID) {
2438 zp->z_projid = projid;
2439 SA_ADD_BULK_ATTR(bulk, count,
2440 SA_ZPL_PROJID(zfsvfs), NULL, &zp->z_projid,
2441 sizeof (zp->z_projid));
2442 }
2443
2444 if (attrzp && mask) {
2445 SA_ADD_BULK_ATTR(xattr_bulk, xattr_count,
2446 SA_ZPL_CTIME(zfsvfs), NULL, &ctime,
2447 sizeof (ctime));
2448 }
2449
2450 /*
2451 * Do this after setting timestamps to prevent timestamp
2452 * update from toggling bit
2453 */
2454
2455 if (xoap && (mask & ATTR_XVATTR)) {
2456
2457 /*
2458 * restore trimmed off masks
2459 * so that return masks can be set for caller.
2460 */
2461
2462 if (XVA_ISSET_REQ(tmpxvattr, XAT_APPENDONLY)) {
2463 XVA_SET_REQ(xvap, XAT_APPENDONLY);
2464 }
2465 if (XVA_ISSET_REQ(tmpxvattr, XAT_NOUNLINK)) {
2466 XVA_SET_REQ(xvap, XAT_NOUNLINK);
2467 }
2468 if (XVA_ISSET_REQ(tmpxvattr, XAT_IMMUTABLE)) {
2469 XVA_SET_REQ(xvap, XAT_IMMUTABLE);
2470 }
2471 if (XVA_ISSET_REQ(tmpxvattr, XAT_NODUMP)) {
2472 XVA_SET_REQ(xvap, XAT_NODUMP);
2473 }
2474 if (XVA_ISSET_REQ(tmpxvattr, XAT_AV_MODIFIED)) {
2475 XVA_SET_REQ(xvap, XAT_AV_MODIFIED);
2476 }
2477 if (XVA_ISSET_REQ(tmpxvattr, XAT_AV_QUARANTINED)) {
2478 XVA_SET_REQ(xvap, XAT_AV_QUARANTINED);
2479 }
2480 if (XVA_ISSET_REQ(tmpxvattr, XAT_PROJINHERIT)) {
2481 XVA_SET_REQ(xvap, XAT_PROJINHERIT);
2482 }
2483
2484 if (XVA_ISSET_REQ(xvap, XAT_AV_SCANSTAMP))
2485 ASSERT(S_ISREG(ip->i_mode));
2486
2487 zfs_xvattr_set(zp, xvap, tx);
2488 }
2489
2490 if (fuid_dirtied)
2491 zfs_fuid_sync(zfsvfs, tx);
2492
2493 if (mask != 0)
2494 zfs_log_setattr(zilog, tx, TX_SETATTR, zp, vap, mask, fuidp);
2495
2496 mutex_exit(&zp->z_lock);
2497 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
2498 mutex_exit(&zp->z_acl_lock);
2499
2500 if (attrzp) {
2501 if (mask & (ATTR_UID|ATTR_GID|ATTR_MODE))
2502 mutex_exit(&attrzp->z_acl_lock);
2503 mutex_exit(&attrzp->z_lock);
2504 }
2505 out:
2506 if (err == 0 && xattr_count > 0) {
2507 err2 = sa_bulk_update(attrzp->z_sa_hdl, xattr_bulk,
2508 xattr_count, tx);
2509 ASSERT(err2 == 0);
2510 }
2511
2512 if (aclp)
2513 zfs_acl_free(aclp);
2514
2515 if (fuidp) {
2516 zfs_fuid_info_free(fuidp);
2517 fuidp = NULL;
2518 }
2519
2520 if (err) {
2521 dmu_tx_abort(tx);
2522 if (attrzp)
2523 zrele(attrzp);
2524 if (err == ERESTART)
2525 goto top;
2526 } else {
2527 if (count > 0)
2528 err2 = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx);
2529 dmu_tx_commit(tx);
2530 if (attrzp) {
2531 if (err2 == 0 && handle_eadir)
2532 err2 = zfs_setattr_dir(attrzp);
2533 zrele(attrzp);
2534 }
2535 zfs_inode_update(zp);
2536 }
2537
2538 out2:
2539 if (os->os_sync == ZFS_SYNC_ALWAYS)
2540 zil_commit(zilog, 0);
2541
2542 out3:
2543 kmem_free(xattr_bulk, sizeof (sa_bulk_attr_t) * bulks);
2544 kmem_free(bulk, sizeof (sa_bulk_attr_t) * bulks);
2545 kmem_free(tmpxvattr, sizeof (xvattr_t));
2546 ZFS_EXIT(zfsvfs);
2547 return (err);
2548 }
2549
2550 typedef struct zfs_zlock {
2551 krwlock_t *zl_rwlock; /* lock we acquired */
2552 znode_t *zl_znode; /* znode we held */
2553 struct zfs_zlock *zl_next; /* next in list */
2554 } zfs_zlock_t;
2555
2556 /*
2557 * Drop locks and release vnodes that were held by zfs_rename_lock().
2558 */
2559 static void
zfs_rename_unlock(zfs_zlock_t ** zlpp)2560 zfs_rename_unlock(zfs_zlock_t **zlpp)
2561 {
2562 zfs_zlock_t *zl;
2563
2564 while ((zl = *zlpp) != NULL) {
2565 if (zl->zl_znode != NULL)
2566 zfs_zrele_async(zl->zl_znode);
2567 rw_exit(zl->zl_rwlock);
2568 *zlpp = zl->zl_next;
2569 kmem_free(zl, sizeof (*zl));
2570 }
2571 }
2572
2573 /*
2574 * Search back through the directory tree, using the ".." entries.
2575 * Lock each directory in the chain to prevent concurrent renames.
2576 * Fail any attempt to move a directory into one of its own descendants.
2577 * XXX - z_parent_lock can overlap with map or grow locks
2578 */
2579 static int
zfs_rename_lock(znode_t * szp,znode_t * tdzp,znode_t * sdzp,zfs_zlock_t ** zlpp)2580 zfs_rename_lock(znode_t *szp, znode_t *tdzp, znode_t *sdzp, zfs_zlock_t **zlpp)
2581 {
2582 zfs_zlock_t *zl;
2583 znode_t *zp = tdzp;
2584 uint64_t rootid = ZTOZSB(zp)->z_root;
2585 uint64_t oidp = zp->z_id;
2586 krwlock_t *rwlp = &szp->z_parent_lock;
2587 krw_t rw = RW_WRITER;
2588
2589 /*
2590 * First pass write-locks szp and compares to zp->z_id.
2591 * Later passes read-lock zp and compare to zp->z_parent.
2592 */
2593 do {
2594 if (!rw_tryenter(rwlp, rw)) {
2595 /*
2596 * Another thread is renaming in this path.
2597 * Note that if we are a WRITER, we don't have any
2598 * parent_locks held yet.
2599 */
2600 if (rw == RW_READER && zp->z_id > szp->z_id) {
2601 /*
2602 * Drop our locks and restart
2603 */
2604 zfs_rename_unlock(&zl);
2605 *zlpp = NULL;
2606 zp = tdzp;
2607 oidp = zp->z_id;
2608 rwlp = &szp->z_parent_lock;
2609 rw = RW_WRITER;
2610 continue;
2611 } else {
2612 /*
2613 * Wait for other thread to drop its locks
2614 */
2615 rw_enter(rwlp, rw);
2616 }
2617 }
2618
2619 zl = kmem_alloc(sizeof (*zl), KM_SLEEP);
2620 zl->zl_rwlock = rwlp;
2621 zl->zl_znode = NULL;
2622 zl->zl_next = *zlpp;
2623 *zlpp = zl;
2624
2625 if (oidp == szp->z_id) /* We're a descendant of szp */
2626 return (SET_ERROR(EINVAL));
2627
2628 if (oidp == rootid) /* We've hit the top */
2629 return (0);
2630
2631 if (rw == RW_READER) { /* i.e. not the first pass */
2632 int error = zfs_zget(ZTOZSB(zp), oidp, &zp);
2633 if (error)
2634 return (error);
2635 zl->zl_znode = zp;
2636 }
2637 (void) sa_lookup(zp->z_sa_hdl, SA_ZPL_PARENT(ZTOZSB(zp)),
2638 &oidp, sizeof (oidp));
2639 rwlp = &zp->z_parent_lock;
2640 rw = RW_READER;
2641
2642 } while (zp->z_id != sdzp->z_id);
2643
2644 return (0);
2645 }
2646
2647 /*
2648 * Move an entry from the provided source directory to the target
2649 * directory. Change the entry name as indicated.
2650 *
2651 * IN: sdzp - Source directory containing the "old entry".
2652 * snm - Old entry name.
2653 * tdzp - Target directory to contain the "new entry".
2654 * tnm - New entry name.
2655 * cr - credentials of caller.
2656 * flags - case flags
2657 *
2658 * RETURN: 0 on success, error code on failure.
2659 *
2660 * Timestamps:
2661 * sdzp,tdzp - ctime|mtime updated
2662 */
2663 /*ARGSUSED*/
2664 int
zfs_rename(znode_t * sdzp,char * snm,znode_t * tdzp,char * tnm,cred_t * cr,int flags)2665 zfs_rename(znode_t *sdzp, char *snm, znode_t *tdzp, char *tnm,
2666 cred_t *cr, int flags)
2667 {
2668 znode_t *szp, *tzp;
2669 zfsvfs_t *zfsvfs = ZTOZSB(sdzp);
2670 zilog_t *zilog;
2671 zfs_dirlock_t *sdl, *tdl;
2672 dmu_tx_t *tx;
2673 zfs_zlock_t *zl;
2674 int cmp, serr, terr;
2675 int error = 0;
2676 int zflg = 0;
2677 boolean_t waited = B_FALSE;
2678
2679 if (snm == NULL || tnm == NULL)
2680 return (SET_ERROR(EINVAL));
2681
2682 ZFS_ENTER(zfsvfs);
2683 ZFS_VERIFY_ZP(sdzp);
2684 zilog = zfsvfs->z_log;
2685
2686 ZFS_VERIFY_ZP(tdzp);
2687
2688 /*
2689 * We check i_sb because snapshots and the ctldir must have different
2690 * super blocks.
2691 */
2692 if (ZTOI(tdzp)->i_sb != ZTOI(sdzp)->i_sb ||
2693 zfsctl_is_node(ZTOI(tdzp))) {
2694 ZFS_EXIT(zfsvfs);
2695 return (SET_ERROR(EXDEV));
2696 }
2697
2698 if (zfsvfs->z_utf8 && u8_validate(tnm,
2699 strlen(tnm), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
2700 ZFS_EXIT(zfsvfs);
2701 return (SET_ERROR(EILSEQ));
2702 }
2703
2704 if (flags & FIGNORECASE)
2705 zflg |= ZCILOOK;
2706
2707 top:
2708 szp = NULL;
2709 tzp = NULL;
2710 zl = NULL;
2711
2712 /*
2713 * This is to prevent the creation of links into attribute space
2714 * by renaming a linked file into/outof an attribute directory.
2715 * See the comment in zfs_link() for why this is considered bad.
2716 */
2717 if ((tdzp->z_pflags & ZFS_XATTR) != (sdzp->z_pflags & ZFS_XATTR)) {
2718 ZFS_EXIT(zfsvfs);
2719 return (SET_ERROR(EINVAL));
2720 }
2721
2722 /*
2723 * Lock source and target directory entries. To prevent deadlock,
2724 * a lock ordering must be defined. We lock the directory with
2725 * the smallest object id first, or if it's a tie, the one with
2726 * the lexically first name.
2727 */
2728 if (sdzp->z_id < tdzp->z_id) {
2729 cmp = -1;
2730 } else if (sdzp->z_id > tdzp->z_id) {
2731 cmp = 1;
2732 } else {
2733 /*
2734 * First compare the two name arguments without
2735 * considering any case folding.
2736 */
2737 int nofold = (zfsvfs->z_norm & ~U8_TEXTPREP_TOUPPER);
2738
2739 cmp = u8_strcmp(snm, tnm, 0, nofold, U8_UNICODE_LATEST, &error);
2740 ASSERT(error == 0 || !zfsvfs->z_utf8);
2741 if (cmp == 0) {
2742 /*
2743 * POSIX: "If the old argument and the new argument
2744 * both refer to links to the same existing file,
2745 * the rename() function shall return successfully
2746 * and perform no other action."
2747 */
2748 ZFS_EXIT(zfsvfs);
2749 return (0);
2750 }
2751 /*
2752 * If the file system is case-folding, then we may
2753 * have some more checking to do. A case-folding file
2754 * system is either supporting mixed case sensitivity
2755 * access or is completely case-insensitive. Note
2756 * that the file system is always case preserving.
2757 *
2758 * In mixed sensitivity mode case sensitive behavior
2759 * is the default. FIGNORECASE must be used to
2760 * explicitly request case insensitive behavior.
2761 *
2762 * If the source and target names provided differ only
2763 * by case (e.g., a request to rename 'tim' to 'Tim'),
2764 * we will treat this as a special case in the
2765 * case-insensitive mode: as long as the source name
2766 * is an exact match, we will allow this to proceed as
2767 * a name-change request.
2768 */
2769 if ((zfsvfs->z_case == ZFS_CASE_INSENSITIVE ||
2770 (zfsvfs->z_case == ZFS_CASE_MIXED &&
2771 flags & FIGNORECASE)) &&
2772 u8_strcmp(snm, tnm, 0, zfsvfs->z_norm, U8_UNICODE_LATEST,
2773 &error) == 0) {
2774 /*
2775 * case preserving rename request, require exact
2776 * name matches
2777 */
2778 zflg |= ZCIEXACT;
2779 zflg &= ~ZCILOOK;
2780 }
2781 }
2782
2783 /*
2784 * If the source and destination directories are the same, we should
2785 * grab the z_name_lock of that directory only once.
2786 */
2787 if (sdzp == tdzp) {
2788 zflg |= ZHAVELOCK;
2789 rw_enter(&sdzp->z_name_lock, RW_READER);
2790 }
2791
2792 if (cmp < 0) {
2793 serr = zfs_dirent_lock(&sdl, sdzp, snm, &szp,
2794 ZEXISTS | zflg, NULL, NULL);
2795 terr = zfs_dirent_lock(&tdl,
2796 tdzp, tnm, &tzp, ZRENAMING | zflg, NULL, NULL);
2797 } else {
2798 terr = zfs_dirent_lock(&tdl,
2799 tdzp, tnm, &tzp, zflg, NULL, NULL);
2800 serr = zfs_dirent_lock(&sdl,
2801 sdzp, snm, &szp, ZEXISTS | ZRENAMING | zflg,
2802 NULL, NULL);
2803 }
2804
2805 if (serr) {
2806 /*
2807 * Source entry invalid or not there.
2808 */
2809 if (!terr) {
2810 zfs_dirent_unlock(tdl);
2811 if (tzp)
2812 zrele(tzp);
2813 }
2814
2815 if (sdzp == tdzp)
2816 rw_exit(&sdzp->z_name_lock);
2817
2818 if (strcmp(snm, "..") == 0)
2819 serr = EINVAL;
2820 ZFS_EXIT(zfsvfs);
2821 return (serr);
2822 }
2823 if (terr) {
2824 zfs_dirent_unlock(sdl);
2825 zrele(szp);
2826
2827 if (sdzp == tdzp)
2828 rw_exit(&sdzp->z_name_lock);
2829
2830 if (strcmp(tnm, "..") == 0)
2831 terr = EINVAL;
2832 ZFS_EXIT(zfsvfs);
2833 return (terr);
2834 }
2835
2836 /*
2837 * If we are using project inheritance, means if the directory has
2838 * ZFS_PROJINHERIT set, then its descendant directories will inherit
2839 * not only the project ID, but also the ZFS_PROJINHERIT flag. Under
2840 * such case, we only allow renames into our tree when the project
2841 * IDs are the same.
2842 */
2843 if (tdzp->z_pflags & ZFS_PROJINHERIT &&
2844 tdzp->z_projid != szp->z_projid) {
2845 error = SET_ERROR(EXDEV);
2846 goto out;
2847 }
2848
2849 /*
2850 * Must have write access at the source to remove the old entry
2851 * and write access at the target to create the new entry.
2852 * Note that if target and source are the same, this can be
2853 * done in a single check.
2854 */
2855
2856 if ((error = zfs_zaccess_rename(sdzp, szp, tdzp, tzp, cr)))
2857 goto out;
2858
2859 if (S_ISDIR(ZTOI(szp)->i_mode)) {
2860 /*
2861 * Check to make sure rename is valid.
2862 * Can't do a move like this: /usr/a/b to /usr/a/b/c/d
2863 */
2864 if ((error = zfs_rename_lock(szp, tdzp, sdzp, &zl)))
2865 goto out;
2866 }
2867
2868 /*
2869 * Does target exist?
2870 */
2871 if (tzp) {
2872 /*
2873 * Source and target must be the same type.
2874 */
2875 if (S_ISDIR(ZTOI(szp)->i_mode)) {
2876 if (!S_ISDIR(ZTOI(tzp)->i_mode)) {
2877 error = SET_ERROR(ENOTDIR);
2878 goto out;
2879 }
2880 } else {
2881 if (S_ISDIR(ZTOI(tzp)->i_mode)) {
2882 error = SET_ERROR(EISDIR);
2883 goto out;
2884 }
2885 }
2886 /*
2887 * POSIX dictates that when the source and target
2888 * entries refer to the same file object, rename
2889 * must do nothing and exit without error.
2890 */
2891 if (szp->z_id == tzp->z_id) {
2892 error = 0;
2893 goto out;
2894 }
2895 }
2896
2897 tx = dmu_tx_create(zfsvfs->z_os);
2898 dmu_tx_hold_sa(tx, szp->z_sa_hdl, B_FALSE);
2899 dmu_tx_hold_sa(tx, sdzp->z_sa_hdl, B_FALSE);
2900 dmu_tx_hold_zap(tx, sdzp->z_id, FALSE, snm);
2901 dmu_tx_hold_zap(tx, tdzp->z_id, TRUE, tnm);
2902 if (sdzp != tdzp) {
2903 dmu_tx_hold_sa(tx, tdzp->z_sa_hdl, B_FALSE);
2904 zfs_sa_upgrade_txholds(tx, tdzp);
2905 }
2906 if (tzp) {
2907 dmu_tx_hold_sa(tx, tzp->z_sa_hdl, B_FALSE);
2908 zfs_sa_upgrade_txholds(tx, tzp);
2909 }
2910
2911 zfs_sa_upgrade_txholds(tx, szp);
2912 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
2913 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
2914 if (error) {
2915 if (zl != NULL)
2916 zfs_rename_unlock(&zl);
2917 zfs_dirent_unlock(sdl);
2918 zfs_dirent_unlock(tdl);
2919
2920 if (sdzp == tdzp)
2921 rw_exit(&sdzp->z_name_lock);
2922
2923 if (error == ERESTART) {
2924 waited = B_TRUE;
2925 dmu_tx_wait(tx);
2926 dmu_tx_abort(tx);
2927 zrele(szp);
2928 if (tzp)
2929 zrele(tzp);
2930 goto top;
2931 }
2932 dmu_tx_abort(tx);
2933 zrele(szp);
2934 if (tzp)
2935 zrele(tzp);
2936 ZFS_EXIT(zfsvfs);
2937 return (error);
2938 }
2939
2940 if (tzp) /* Attempt to remove the existing target */
2941 error = zfs_link_destroy(tdl, tzp, tx, zflg, NULL);
2942
2943 if (error == 0) {
2944 error = zfs_link_create(tdl, szp, tx, ZRENAMING);
2945 if (error == 0) {
2946 szp->z_pflags |= ZFS_AV_MODIFIED;
2947 if (tdzp->z_pflags & ZFS_PROJINHERIT)
2948 szp->z_pflags |= ZFS_PROJINHERIT;
2949
2950 error = sa_update(szp->z_sa_hdl, SA_ZPL_FLAGS(zfsvfs),
2951 (void *)&szp->z_pflags, sizeof (uint64_t), tx);
2952 ASSERT0(error);
2953
2954 error = zfs_link_destroy(sdl, szp, tx, ZRENAMING, NULL);
2955 if (error == 0) {
2956 zfs_log_rename(zilog, tx, TX_RENAME |
2957 (flags & FIGNORECASE ? TX_CI : 0), sdzp,
2958 sdl->dl_name, tdzp, tdl->dl_name, szp);
2959 } else {
2960 /*
2961 * At this point, we have successfully created
2962 * the target name, but have failed to remove
2963 * the source name. Since the create was done
2964 * with the ZRENAMING flag, there are
2965 * complications; for one, the link count is
2966 * wrong. The easiest way to deal with this
2967 * is to remove the newly created target, and
2968 * return the original error. This must
2969 * succeed; fortunately, it is very unlikely to
2970 * fail, since we just created it.
2971 */
2972 VERIFY3U(zfs_link_destroy(tdl, szp, tx,
2973 ZRENAMING, NULL), ==, 0);
2974 }
2975 } else {
2976 /*
2977 * If we had removed the existing target, subsequent
2978 * call to zfs_link_create() to add back the same entry
2979 * but, the new dnode (szp) should not fail.
2980 */
2981 ASSERT(tzp == NULL);
2982 }
2983 }
2984
2985 dmu_tx_commit(tx);
2986 out:
2987 if (zl != NULL)
2988 zfs_rename_unlock(&zl);
2989
2990 zfs_dirent_unlock(sdl);
2991 zfs_dirent_unlock(tdl);
2992
2993 zfs_inode_update(sdzp);
2994 if (sdzp == tdzp)
2995 rw_exit(&sdzp->z_name_lock);
2996
2997 if (sdzp != tdzp)
2998 zfs_inode_update(tdzp);
2999
3000 zfs_inode_update(szp);
3001 zrele(szp);
3002 if (tzp) {
3003 zfs_inode_update(tzp);
3004 zrele(tzp);
3005 }
3006
3007 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3008 zil_commit(zilog, 0);
3009
3010 ZFS_EXIT(zfsvfs);
3011 return (error);
3012 }
3013
3014 /*
3015 * Insert the indicated symbolic reference entry into the directory.
3016 *
3017 * IN: dzp - Directory to contain new symbolic link.
3018 * name - Name of directory entry in dip.
3019 * vap - Attributes of new entry.
3020 * link - Name for new symlink entry.
3021 * cr - credentials of caller.
3022 * flags - case flags
3023 *
3024 * OUT: zpp - Znode for new symbolic link.
3025 *
3026 * RETURN: 0 on success, error code on failure.
3027 *
3028 * Timestamps:
3029 * dip - ctime|mtime updated
3030 */
3031 /*ARGSUSED*/
3032 int
zfs_symlink(znode_t * dzp,char * name,vattr_t * vap,char * link,znode_t ** zpp,cred_t * cr,int flags)3033 zfs_symlink(znode_t *dzp, char *name, vattr_t *vap, char *link,
3034 znode_t **zpp, cred_t *cr, int flags)
3035 {
3036 znode_t *zp;
3037 zfs_dirlock_t *dl;
3038 dmu_tx_t *tx;
3039 zfsvfs_t *zfsvfs = ZTOZSB(dzp);
3040 zilog_t *zilog;
3041 uint64_t len = strlen(link);
3042 int error;
3043 int zflg = ZNEW;
3044 zfs_acl_ids_t acl_ids;
3045 boolean_t fuid_dirtied;
3046 uint64_t txtype = TX_SYMLINK;
3047 boolean_t waited = B_FALSE;
3048
3049 ASSERT(S_ISLNK(vap->va_mode));
3050
3051 if (name == NULL)
3052 return (SET_ERROR(EINVAL));
3053
3054 ZFS_ENTER(zfsvfs);
3055 ZFS_VERIFY_ZP(dzp);
3056 zilog = zfsvfs->z_log;
3057
3058 if (zfsvfs->z_utf8 && u8_validate(name, strlen(name),
3059 NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3060 ZFS_EXIT(zfsvfs);
3061 return (SET_ERROR(EILSEQ));
3062 }
3063 if (flags & FIGNORECASE)
3064 zflg |= ZCILOOK;
3065
3066 if (len > MAXPATHLEN) {
3067 ZFS_EXIT(zfsvfs);
3068 return (SET_ERROR(ENAMETOOLONG));
3069 }
3070
3071 if ((error = zfs_acl_ids_create(dzp, 0,
3072 vap, cr, NULL, &acl_ids)) != 0) {
3073 ZFS_EXIT(zfsvfs);
3074 return (error);
3075 }
3076 top:
3077 *zpp = NULL;
3078
3079 /*
3080 * Attempt to lock directory; fail if entry already exists.
3081 */
3082 error = zfs_dirent_lock(&dl, dzp, name, &zp, zflg, NULL, NULL);
3083 if (error) {
3084 zfs_acl_ids_free(&acl_ids);
3085 ZFS_EXIT(zfsvfs);
3086 return (error);
3087 }
3088
3089 if ((error = zfs_zaccess(dzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
3090 zfs_acl_ids_free(&acl_ids);
3091 zfs_dirent_unlock(dl);
3092 ZFS_EXIT(zfsvfs);
3093 return (error);
3094 }
3095
3096 if (zfs_acl_ids_overquota(zfsvfs, &acl_ids, ZFS_DEFAULT_PROJID)) {
3097 zfs_acl_ids_free(&acl_ids);
3098 zfs_dirent_unlock(dl);
3099 ZFS_EXIT(zfsvfs);
3100 return (SET_ERROR(EDQUOT));
3101 }
3102 tx = dmu_tx_create(zfsvfs->z_os);
3103 fuid_dirtied = zfsvfs->z_fuid_dirty;
3104 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0, MAX(1, len));
3105 dmu_tx_hold_zap(tx, dzp->z_id, TRUE, name);
3106 dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes +
3107 ZFS_SA_BASE_ATTR_SIZE + len);
3108 dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE);
3109 if (!zfsvfs->z_use_sa && acl_ids.z_aclp->z_acl_bytes > ZFS_ACE_SPACE) {
3110 dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
3111 acl_ids.z_aclp->z_acl_bytes);
3112 }
3113 if (fuid_dirtied)
3114 zfs_fuid_txhold(zfsvfs, tx);
3115 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
3116 if (error) {
3117 zfs_dirent_unlock(dl);
3118 if (error == ERESTART) {
3119 waited = B_TRUE;
3120 dmu_tx_wait(tx);
3121 dmu_tx_abort(tx);
3122 goto top;
3123 }
3124 zfs_acl_ids_free(&acl_ids);
3125 dmu_tx_abort(tx);
3126 ZFS_EXIT(zfsvfs);
3127 return (error);
3128 }
3129
3130 /*
3131 * Create a new object for the symlink.
3132 * for version 4 ZPL datsets the symlink will be an SA attribute
3133 */
3134 zfs_mknode(dzp, vap, tx, cr, 0, &zp, &acl_ids);
3135
3136 if (fuid_dirtied)
3137 zfs_fuid_sync(zfsvfs, tx);
3138
3139 mutex_enter(&zp->z_lock);
3140 if (zp->z_is_sa)
3141 error = sa_update(zp->z_sa_hdl, SA_ZPL_SYMLINK(zfsvfs),
3142 link, len, tx);
3143 else
3144 zfs_sa_symlink(zp, link, len, tx);
3145 mutex_exit(&zp->z_lock);
3146
3147 zp->z_size = len;
3148 (void) sa_update(zp->z_sa_hdl, SA_ZPL_SIZE(zfsvfs),
3149 &zp->z_size, sizeof (zp->z_size), tx);
3150 /*
3151 * Insert the new object into the directory.
3152 */
3153 error = zfs_link_create(dl, zp, tx, ZNEW);
3154 if (error != 0) {
3155 zfs_znode_delete(zp, tx);
3156 remove_inode_hash(ZTOI(zp));
3157 } else {
3158 if (flags & FIGNORECASE)
3159 txtype |= TX_CI;
3160 zfs_log_symlink(zilog, tx, txtype, dzp, zp, name, link);
3161
3162 zfs_inode_update(dzp);
3163 zfs_inode_update(zp);
3164 }
3165
3166 zfs_acl_ids_free(&acl_ids);
3167
3168 dmu_tx_commit(tx);
3169
3170 zfs_dirent_unlock(dl);
3171
3172 if (error == 0) {
3173 *zpp = zp;
3174
3175 if (zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3176 zil_commit(zilog, 0);
3177 } else {
3178 zrele(zp);
3179 }
3180
3181 ZFS_EXIT(zfsvfs);
3182 return (error);
3183 }
3184
3185 /*
3186 * Return, in the buffer contained in the provided uio structure,
3187 * the symbolic path referred to by ip.
3188 *
3189 * IN: ip - inode of symbolic link
3190 * uio - structure to contain the link path.
3191 * cr - credentials of caller.
3192 *
3193 * RETURN: 0 if success
3194 * error code if failure
3195 *
3196 * Timestamps:
3197 * ip - atime updated
3198 */
3199 /* ARGSUSED */
3200 int
zfs_readlink(struct inode * ip,uio_t * uio,cred_t * cr)3201 zfs_readlink(struct inode *ip, uio_t *uio, cred_t *cr)
3202 {
3203 znode_t *zp = ITOZ(ip);
3204 zfsvfs_t *zfsvfs = ITOZSB(ip);
3205 int error;
3206
3207 ZFS_ENTER(zfsvfs);
3208 ZFS_VERIFY_ZP(zp);
3209
3210 mutex_enter(&zp->z_lock);
3211 if (zp->z_is_sa)
3212 error = sa_lookup_uio(zp->z_sa_hdl,
3213 SA_ZPL_SYMLINK(zfsvfs), uio);
3214 else
3215 error = zfs_sa_readlink(zp, uio);
3216 mutex_exit(&zp->z_lock);
3217
3218 ZFS_EXIT(zfsvfs);
3219 return (error);
3220 }
3221
3222 /*
3223 * Insert a new entry into directory tdzp referencing szp.
3224 *
3225 * IN: tdzp - Directory to contain new entry.
3226 * szp - znode of new entry.
3227 * name - name of new entry.
3228 * cr - credentials of caller.
3229 * flags - case flags.
3230 *
3231 * RETURN: 0 if success
3232 * error code if failure
3233 *
3234 * Timestamps:
3235 * tdzp - ctime|mtime updated
3236 * szp - ctime updated
3237 */
3238 /* ARGSUSED */
3239 int
zfs_link(znode_t * tdzp,znode_t * szp,char * name,cred_t * cr,int flags)3240 zfs_link(znode_t *tdzp, znode_t *szp, char *name, cred_t *cr,
3241 int flags)
3242 {
3243 struct inode *sip = ZTOI(szp);
3244 znode_t *tzp;
3245 zfsvfs_t *zfsvfs = ZTOZSB(tdzp);
3246 zilog_t *zilog;
3247 zfs_dirlock_t *dl;
3248 dmu_tx_t *tx;
3249 int error;
3250 int zf = ZNEW;
3251 uint64_t parent;
3252 uid_t owner;
3253 boolean_t waited = B_FALSE;
3254 boolean_t is_tmpfile = 0;
3255 uint64_t txg;
3256 #ifdef HAVE_TMPFILE
3257 is_tmpfile = (sip->i_nlink == 0 && (sip->i_state & I_LINKABLE));
3258 #endif
3259 ASSERT(S_ISDIR(ZTOI(tdzp)->i_mode));
3260
3261 if (name == NULL)
3262 return (SET_ERROR(EINVAL));
3263
3264 ZFS_ENTER(zfsvfs);
3265 ZFS_VERIFY_ZP(tdzp);
3266 zilog = zfsvfs->z_log;
3267
3268 /*
3269 * POSIX dictates that we return EPERM here.
3270 * Better choices include ENOTSUP or EISDIR.
3271 */
3272 if (S_ISDIR(sip->i_mode)) {
3273 ZFS_EXIT(zfsvfs);
3274 return (SET_ERROR(EPERM));
3275 }
3276
3277 ZFS_VERIFY_ZP(szp);
3278
3279 /*
3280 * If we are using project inheritance, means if the directory has
3281 * ZFS_PROJINHERIT set, then its descendant directories will inherit
3282 * not only the project ID, but also the ZFS_PROJINHERIT flag. Under
3283 * such case, we only allow hard link creation in our tree when the
3284 * project IDs are the same.
3285 */
3286 if (tdzp->z_pflags & ZFS_PROJINHERIT &&
3287 tdzp->z_projid != szp->z_projid) {
3288 ZFS_EXIT(zfsvfs);
3289 return (SET_ERROR(EXDEV));
3290 }
3291
3292 /*
3293 * We check i_sb because snapshots and the ctldir must have different
3294 * super blocks.
3295 */
3296 if (sip->i_sb != ZTOI(tdzp)->i_sb || zfsctl_is_node(sip)) {
3297 ZFS_EXIT(zfsvfs);
3298 return (SET_ERROR(EXDEV));
3299 }
3300
3301 /* Prevent links to .zfs/shares files */
3302
3303 if ((error = sa_lookup(szp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs),
3304 &parent, sizeof (uint64_t))) != 0) {
3305 ZFS_EXIT(zfsvfs);
3306 return (error);
3307 }
3308 if (parent == zfsvfs->z_shares_dir) {
3309 ZFS_EXIT(zfsvfs);
3310 return (SET_ERROR(EPERM));
3311 }
3312
3313 if (zfsvfs->z_utf8 && u8_validate(name,
3314 strlen(name), NULL, U8_VALIDATE_ENTIRE, &error) < 0) {
3315 ZFS_EXIT(zfsvfs);
3316 return (SET_ERROR(EILSEQ));
3317 }
3318 if (flags & FIGNORECASE)
3319 zf |= ZCILOOK;
3320
3321 /*
3322 * We do not support links between attributes and non-attributes
3323 * because of the potential security risk of creating links
3324 * into "normal" file space in order to circumvent restrictions
3325 * imposed in attribute space.
3326 */
3327 if ((szp->z_pflags & ZFS_XATTR) != (tdzp->z_pflags & ZFS_XATTR)) {
3328 ZFS_EXIT(zfsvfs);
3329 return (SET_ERROR(EINVAL));
3330 }
3331
3332 owner = zfs_fuid_map_id(zfsvfs, KUID_TO_SUID(sip->i_uid),
3333 cr, ZFS_OWNER);
3334 if (owner != crgetuid(cr) && secpolicy_basic_link(cr) != 0) {
3335 ZFS_EXIT(zfsvfs);
3336 return (SET_ERROR(EPERM));
3337 }
3338
3339 if ((error = zfs_zaccess(tdzp, ACE_ADD_FILE, 0, B_FALSE, cr))) {
3340 ZFS_EXIT(zfsvfs);
3341 return (error);
3342 }
3343
3344 top:
3345 /*
3346 * Attempt to lock directory; fail if entry already exists.
3347 */
3348 error = zfs_dirent_lock(&dl, tdzp, name, &tzp, zf, NULL, NULL);
3349 if (error) {
3350 ZFS_EXIT(zfsvfs);
3351 return (error);
3352 }
3353
3354 tx = dmu_tx_create(zfsvfs->z_os);
3355 dmu_tx_hold_sa(tx, szp->z_sa_hdl, B_FALSE);
3356 dmu_tx_hold_zap(tx, tdzp->z_id, TRUE, name);
3357 if (is_tmpfile)
3358 dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL);
3359
3360 zfs_sa_upgrade_txholds(tx, szp);
3361 zfs_sa_upgrade_txholds(tx, tdzp);
3362 error = dmu_tx_assign(tx, (waited ? TXG_NOTHROTTLE : 0) | TXG_NOWAIT);
3363 if (error) {
3364 zfs_dirent_unlock(dl);
3365 if (error == ERESTART) {
3366 waited = B_TRUE;
3367 dmu_tx_wait(tx);
3368 dmu_tx_abort(tx);
3369 goto top;
3370 }
3371 dmu_tx_abort(tx);
3372 ZFS_EXIT(zfsvfs);
3373 return (error);
3374 }
3375 /* unmark z_unlinked so zfs_link_create will not reject */
3376 if (is_tmpfile)
3377 szp->z_unlinked = B_FALSE;
3378 error = zfs_link_create(dl, szp, tx, 0);
3379
3380 if (error == 0) {
3381 uint64_t txtype = TX_LINK;
3382 /*
3383 * tmpfile is created to be in z_unlinkedobj, so remove it.
3384 * Also, we don't log in ZIL, because all previous file
3385 * operation on the tmpfile are ignored by ZIL. Instead we
3386 * always wait for txg to sync to make sure all previous
3387 * operation are sync safe.
3388 */
3389 if (is_tmpfile) {
3390 VERIFY(zap_remove_int(zfsvfs->z_os,
3391 zfsvfs->z_unlinkedobj, szp->z_id, tx) == 0);
3392 } else {
3393 if (flags & FIGNORECASE)
3394 txtype |= TX_CI;
3395 zfs_log_link(zilog, tx, txtype, tdzp, szp, name);
3396 }
3397 } else if (is_tmpfile) {
3398 /* restore z_unlinked since when linking failed */
3399 szp->z_unlinked = B_TRUE;
3400 }
3401 txg = dmu_tx_get_txg(tx);
3402 dmu_tx_commit(tx);
3403
3404 zfs_dirent_unlock(dl);
3405
3406 if (!is_tmpfile && zfsvfs->z_os->os_sync == ZFS_SYNC_ALWAYS)
3407 zil_commit(zilog, 0);
3408
3409 if (is_tmpfile && zfsvfs->z_os->os_sync != ZFS_SYNC_DISABLED)
3410 txg_wait_synced(dmu_objset_pool(zfsvfs->z_os), txg);
3411
3412 zfs_inode_update(tdzp);
3413 zfs_inode_update(szp);
3414 ZFS_EXIT(zfsvfs);
3415 return (error);
3416 }
3417
3418 static void
zfs_putpage_commit_cb(void * arg)3419 zfs_putpage_commit_cb(void *arg)
3420 {
3421 struct page *pp = arg;
3422
3423 ClearPageError(pp);
3424 end_page_writeback(pp);
3425 }
3426
3427 /*
3428 * Push a page out to disk, once the page is on stable storage the
3429 * registered commit callback will be run as notification of completion.
3430 *
3431 * IN: ip - page mapped for inode.
3432 * pp - page to push (page is locked)
3433 * wbc - writeback control data
3434 *
3435 * RETURN: 0 if success
3436 * error code if failure
3437 *
3438 * Timestamps:
3439 * ip - ctime|mtime updated
3440 */
3441 /* ARGSUSED */
3442 int
zfs_putpage(struct inode * ip,struct page * pp,struct writeback_control * wbc)3443 zfs_putpage(struct inode *ip, struct page *pp, struct writeback_control *wbc)
3444 {
3445 znode_t *zp = ITOZ(ip);
3446 zfsvfs_t *zfsvfs = ITOZSB(ip);
3447 loff_t offset;
3448 loff_t pgoff;
3449 unsigned int pglen;
3450 dmu_tx_t *tx;
3451 caddr_t va;
3452 int err = 0;
3453 uint64_t mtime[2], ctime[2];
3454 sa_bulk_attr_t bulk[3];
3455 int cnt = 0;
3456 struct address_space *mapping;
3457
3458 ZFS_ENTER(zfsvfs);
3459 ZFS_VERIFY_ZP(zp);
3460
3461 ASSERT(PageLocked(pp));
3462
3463 pgoff = page_offset(pp); /* Page byte-offset in file */
3464 offset = i_size_read(ip); /* File length in bytes */
3465 pglen = MIN(PAGE_SIZE, /* Page length in bytes */
3466 P2ROUNDUP(offset, PAGE_SIZE)-pgoff);
3467
3468 /* Page is beyond end of file */
3469 if (pgoff >= offset) {
3470 unlock_page(pp);
3471 ZFS_EXIT(zfsvfs);
3472 return (0);
3473 }
3474
3475 /* Truncate page length to end of file */
3476 if (pgoff + pglen > offset)
3477 pglen = offset - pgoff;
3478
3479 #if 0
3480 /*
3481 * FIXME: Allow mmap writes past its quota. The correct fix
3482 * is to register a page_mkwrite() handler to count the page
3483 * against its quota when it is about to be dirtied.
3484 */
3485 if (zfs_id_overblockquota(zfsvfs, DMU_USERUSED_OBJECT,
3486 KUID_TO_SUID(ip->i_uid)) ||
3487 zfs_id_overblockquota(zfsvfs, DMU_GROUPUSED_OBJECT,
3488 KGID_TO_SGID(ip->i_gid)) ||
3489 (zp->z_projid != ZFS_DEFAULT_PROJID &&
3490 zfs_id_overblockquota(zfsvfs, DMU_PROJECTUSED_OBJECT,
3491 zp->z_projid))) {
3492 err = EDQUOT;
3493 }
3494 #endif
3495
3496 /*
3497 * The ordering here is critical and must adhere to the following
3498 * rules in order to avoid deadlocking in either zfs_read() or
3499 * zfs_free_range() due to a lock inversion.
3500 *
3501 * 1) The page must be unlocked prior to acquiring the range lock.
3502 * This is critical because zfs_read() calls find_lock_page()
3503 * which may block on the page lock while holding the range lock.
3504 *
3505 * 2) Before setting or clearing write back on a page the range lock
3506 * must be held in order to prevent a lock inversion with the
3507 * zfs_free_range() function.
3508 *
3509 * This presents a problem because upon entering this function the
3510 * page lock is already held. To safely acquire the range lock the
3511 * page lock must be dropped. This creates a window where another
3512 * process could truncate, invalidate, dirty, or write out the page.
3513 *
3514 * Therefore, after successfully reacquiring the range and page locks
3515 * the current page state is checked. In the common case everything
3516 * will be as is expected and it can be written out. However, if
3517 * the page state has changed it must be handled accordingly.
3518 */
3519 mapping = pp->mapping;
3520 redirty_page_for_writepage(wbc, pp);
3521 unlock_page(pp);
3522
3523 zfs_locked_range_t *lr = zfs_rangelock_enter(&zp->z_rangelock,
3524 pgoff, pglen, RL_WRITER);
3525 lock_page(pp);
3526
3527 /* Page mapping changed or it was no longer dirty, we're done */
3528 if (unlikely((mapping != pp->mapping) || !PageDirty(pp))) {
3529 unlock_page(pp);
3530 zfs_rangelock_exit(lr);
3531 ZFS_EXIT(zfsvfs);
3532 return (0);
3533 }
3534
3535 /* Another process started write block if required */
3536 if (PageWriteback(pp)) {
3537 unlock_page(pp);
3538 zfs_rangelock_exit(lr);
3539
3540 if (wbc->sync_mode != WB_SYNC_NONE) {
3541 if (PageWriteback(pp))
3542 wait_on_page_bit(pp, PG_writeback);
3543 }
3544
3545 ZFS_EXIT(zfsvfs);
3546 return (0);
3547 }
3548
3549 /* Clear the dirty flag the required locks are held */
3550 if (!clear_page_dirty_for_io(pp)) {
3551 unlock_page(pp);
3552 zfs_rangelock_exit(lr);
3553 ZFS_EXIT(zfsvfs);
3554 return (0);
3555 }
3556
3557 /*
3558 * Counterpart for redirty_page_for_writepage() above. This page
3559 * was in fact not skipped and should not be counted as if it were.
3560 */
3561 wbc->pages_skipped--;
3562 set_page_writeback(pp);
3563 unlock_page(pp);
3564
3565 tx = dmu_tx_create(zfsvfs->z_os);
3566 dmu_tx_hold_write(tx, zp->z_id, pgoff, pglen);
3567 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
3568 zfs_sa_upgrade_txholds(tx, zp);
3569
3570 err = dmu_tx_assign(tx, TXG_NOWAIT);
3571 if (err != 0) {
3572 if (err == ERESTART)
3573 dmu_tx_wait(tx);
3574
3575 dmu_tx_abort(tx);
3576 __set_page_dirty_nobuffers(pp);
3577 ClearPageError(pp);
3578 end_page_writeback(pp);
3579 zfs_rangelock_exit(lr);
3580 ZFS_EXIT(zfsvfs);
3581 return (err);
3582 }
3583
3584 va = kmap(pp);
3585 ASSERT3U(pglen, <=, PAGE_SIZE);
3586 dmu_write(zfsvfs->z_os, zp->z_id, pgoff, pglen, va, tx);
3587 kunmap(pp);
3588
3589 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
3590 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
3591 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_FLAGS(zfsvfs), NULL,
3592 &zp->z_pflags, 8);
3593
3594 /* Preserve the mtime and ctime provided by the inode */
3595 ZFS_TIME_ENCODE(&ip->i_mtime, mtime);
3596 ZFS_TIME_ENCODE(&ip->i_ctime, ctime);
3597 zp->z_atime_dirty = B_FALSE;
3598 zp->z_seq++;
3599
3600 err = sa_bulk_update(zp->z_sa_hdl, bulk, cnt, tx);
3601
3602 zfs_log_write(zfsvfs->z_log, tx, TX_WRITE, zp, pgoff, pglen, 0,
3603 zfs_putpage_commit_cb, pp);
3604 dmu_tx_commit(tx);
3605
3606 zfs_rangelock_exit(lr);
3607
3608 if (wbc->sync_mode != WB_SYNC_NONE) {
3609 /*
3610 * Note that this is rarely called under writepages(), because
3611 * writepages() normally handles the entire commit for
3612 * performance reasons.
3613 */
3614 zil_commit(zfsvfs->z_log, zp->z_id);
3615 }
3616
3617 ZFS_EXIT(zfsvfs);
3618 return (err);
3619 }
3620
3621 /*
3622 * Update the system attributes when the inode has been dirtied. For the
3623 * moment we only update the mode, atime, mtime, and ctime.
3624 */
3625 int
zfs_dirty_inode(struct inode * ip,int flags)3626 zfs_dirty_inode(struct inode *ip, int flags)
3627 {
3628 znode_t *zp = ITOZ(ip);
3629 zfsvfs_t *zfsvfs = ITOZSB(ip);
3630 dmu_tx_t *tx;
3631 uint64_t mode, atime[2], mtime[2], ctime[2];
3632 sa_bulk_attr_t bulk[4];
3633 int error = 0;
3634 int cnt = 0;
3635
3636 if (zfs_is_readonly(zfsvfs) || dmu_objset_is_snapshot(zfsvfs->z_os))
3637 return (0);
3638
3639 ZFS_ENTER(zfsvfs);
3640 ZFS_VERIFY_ZP(zp);
3641
3642 #ifdef I_DIRTY_TIME
3643 /*
3644 * This is the lazytime semantic introduced in Linux 4.0
3645 * This flag will only be called from update_time when lazytime is set.
3646 * (Note, I_DIRTY_SYNC will also set if not lazytime)
3647 * Fortunately mtime and ctime are managed within ZFS itself, so we
3648 * only need to dirty atime.
3649 */
3650 if (flags == I_DIRTY_TIME) {
3651 zp->z_atime_dirty = B_TRUE;
3652 goto out;
3653 }
3654 #endif
3655
3656 tx = dmu_tx_create(zfsvfs->z_os);
3657
3658 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
3659 zfs_sa_upgrade_txholds(tx, zp);
3660
3661 error = dmu_tx_assign(tx, TXG_WAIT);
3662 if (error) {
3663 dmu_tx_abort(tx);
3664 goto out;
3665 }
3666
3667 mutex_enter(&zp->z_lock);
3668 zp->z_atime_dirty = B_FALSE;
3669
3670 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_MODE(zfsvfs), NULL, &mode, 8);
3671 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_ATIME(zfsvfs), NULL, &atime, 16);
3672 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_MTIME(zfsvfs), NULL, &mtime, 16);
3673 SA_ADD_BULK_ATTR(bulk, cnt, SA_ZPL_CTIME(zfsvfs), NULL, &ctime, 16);
3674
3675 /* Preserve the mode, mtime and ctime provided by the inode */
3676 ZFS_TIME_ENCODE(&ip->i_atime, atime);
3677 ZFS_TIME_ENCODE(&ip->i_mtime, mtime);
3678 ZFS_TIME_ENCODE(&ip->i_ctime, ctime);
3679 mode = ip->i_mode;
3680
3681 zp->z_mode = mode;
3682
3683 error = sa_bulk_update(zp->z_sa_hdl, bulk, cnt, tx);
3684 mutex_exit(&zp->z_lock);
3685
3686 dmu_tx_commit(tx);
3687 out:
3688 ZFS_EXIT(zfsvfs);
3689 return (error);
3690 }
3691
3692 /*ARGSUSED*/
3693 void
zfs_inactive(struct inode * ip)3694 zfs_inactive(struct inode *ip)
3695 {
3696 znode_t *zp = ITOZ(ip);
3697 zfsvfs_t *zfsvfs = ITOZSB(ip);
3698 uint64_t atime[2];
3699 int error;
3700 int need_unlock = 0;
3701
3702 /* Only read lock if we haven't already write locked, e.g. rollback */
3703 if (!RW_WRITE_HELD(&zfsvfs->z_teardown_inactive_lock)) {
3704 need_unlock = 1;
3705 rw_enter(&zfsvfs->z_teardown_inactive_lock, RW_READER);
3706 }
3707 if (zp->z_sa_hdl == NULL) {
3708 if (need_unlock)
3709 rw_exit(&zfsvfs->z_teardown_inactive_lock);
3710 return;
3711 }
3712
3713 if (zp->z_atime_dirty && zp->z_unlinked == B_FALSE) {
3714 dmu_tx_t *tx = dmu_tx_create(zfsvfs->z_os);
3715
3716 dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_FALSE);
3717 zfs_sa_upgrade_txholds(tx, zp);
3718 error = dmu_tx_assign(tx, TXG_WAIT);
3719 if (error) {
3720 dmu_tx_abort(tx);
3721 } else {
3722 ZFS_TIME_ENCODE(&ip->i_atime, atime);
3723 mutex_enter(&zp->z_lock);
3724 (void) sa_update(zp->z_sa_hdl, SA_ZPL_ATIME(zfsvfs),
3725 (void *)&atime, sizeof (atime), tx);
3726 zp->z_atime_dirty = B_FALSE;
3727 mutex_exit(&zp->z_lock);
3728 dmu_tx_commit(tx);
3729 }
3730 }
3731
3732 zfs_zinactive(zp);
3733 if (need_unlock)
3734 rw_exit(&zfsvfs->z_teardown_inactive_lock);
3735 }
3736
3737 /*
3738 * Fill pages with data from the disk.
3739 */
3740 static int
zfs_fillpage(struct inode * ip,struct page * pl[],int nr_pages)3741 zfs_fillpage(struct inode *ip, struct page *pl[], int nr_pages)
3742 {
3743 znode_t *zp = ITOZ(ip);
3744 zfsvfs_t *zfsvfs = ITOZSB(ip);
3745 objset_t *os;
3746 struct page *cur_pp;
3747 u_offset_t io_off, total;
3748 size_t io_len;
3749 loff_t i_size;
3750 unsigned page_idx;
3751 int err;
3752
3753 os = zfsvfs->z_os;
3754 io_len = nr_pages << PAGE_SHIFT;
3755 i_size = i_size_read(ip);
3756 io_off = page_offset(pl[0]);
3757
3758 if (io_off + io_len > i_size)
3759 io_len = i_size - io_off;
3760
3761 /*
3762 * Iterate over list of pages and read each page individually.
3763 */
3764 page_idx = 0;
3765 for (total = io_off + io_len; io_off < total; io_off += PAGESIZE) {
3766 caddr_t va;
3767
3768 cur_pp = pl[page_idx++];
3769 va = kmap(cur_pp);
3770 err = dmu_read(os, zp->z_id, io_off, PAGESIZE, va,
3771 DMU_READ_PREFETCH);
3772 kunmap(cur_pp);
3773 if (err) {
3774 /* convert checksum errors into IO errors */
3775 if (err == ECKSUM)
3776 err = SET_ERROR(EIO);
3777 return (err);
3778 }
3779 }
3780
3781 return (0);
3782 }
3783
3784 /*
3785 * Uses zfs_fillpage to read data from the file and fill the pages.
3786 *
3787 * IN: ip - inode of file to get data from.
3788 * pl - list of pages to read
3789 * nr_pages - number of pages to read
3790 *
3791 * RETURN: 0 on success, error code on failure.
3792 *
3793 * Timestamps:
3794 * vp - atime updated
3795 */
3796 /* ARGSUSED */
3797 int
zfs_getpage(struct inode * ip,struct page * pl[],int nr_pages)3798 zfs_getpage(struct inode *ip, struct page *pl[], int nr_pages)
3799 {
3800 znode_t *zp = ITOZ(ip);
3801 zfsvfs_t *zfsvfs = ITOZSB(ip);
3802 int err;
3803
3804 if (pl == NULL)
3805 return (0);
3806
3807 ZFS_ENTER(zfsvfs);
3808 ZFS_VERIFY_ZP(zp);
3809
3810 err = zfs_fillpage(ip, pl, nr_pages);
3811
3812 ZFS_EXIT(zfsvfs);
3813 return (err);
3814 }
3815
3816 /*
3817 * Check ZFS specific permissions to memory map a section of a file.
3818 *
3819 * IN: ip - inode of the file to mmap
3820 * off - file offset
3821 * addrp - start address in memory region
3822 * len - length of memory region
3823 * vm_flags- address flags
3824 *
3825 * RETURN: 0 if success
3826 * error code if failure
3827 */
3828 /*ARGSUSED*/
3829 int
zfs_map(struct inode * ip,offset_t off,caddr_t * addrp,size_t len,unsigned long vm_flags)3830 zfs_map(struct inode *ip, offset_t off, caddr_t *addrp, size_t len,
3831 unsigned long vm_flags)
3832 {
3833 znode_t *zp = ITOZ(ip);
3834 zfsvfs_t *zfsvfs = ITOZSB(ip);
3835
3836 ZFS_ENTER(zfsvfs);
3837 ZFS_VERIFY_ZP(zp);
3838
3839 if ((vm_flags & VM_WRITE) && (zp->z_pflags &
3840 (ZFS_IMMUTABLE | ZFS_READONLY | ZFS_APPENDONLY))) {
3841 ZFS_EXIT(zfsvfs);
3842 return (SET_ERROR(EPERM));
3843 }
3844
3845 if ((vm_flags & (VM_READ | VM_EXEC)) &&
3846 (zp->z_pflags & ZFS_AV_QUARANTINED)) {
3847 ZFS_EXIT(zfsvfs);
3848 return (SET_ERROR(EACCES));
3849 }
3850
3851 if (off < 0 || len > MAXOFFSET_T - off) {
3852 ZFS_EXIT(zfsvfs);
3853 return (SET_ERROR(ENXIO));
3854 }
3855
3856 ZFS_EXIT(zfsvfs);
3857 return (0);
3858 }
3859
3860 /*
3861 * Free or allocate space in a file. Currently, this function only
3862 * supports the `F_FREESP' command. However, this command is somewhat
3863 * misnamed, as its functionality includes the ability to allocate as
3864 * well as free space.
3865 *
3866 * IN: zp - znode of file to free data in.
3867 * cmd - action to take (only F_FREESP supported).
3868 * bfp - section of file to free/alloc.
3869 * flag - current file open mode flags.
3870 * offset - current file offset.
3871 * cr - credentials of caller.
3872 *
3873 * RETURN: 0 on success, error code on failure.
3874 *
3875 * Timestamps:
3876 * zp - ctime|mtime updated
3877 */
3878 /* ARGSUSED */
3879 int
zfs_space(znode_t * zp,int cmd,flock64_t * bfp,int flag,offset_t offset,cred_t * cr)3880 zfs_space(znode_t *zp, int cmd, flock64_t *bfp, int flag,
3881 offset_t offset, cred_t *cr)
3882 {
3883 zfsvfs_t *zfsvfs = ZTOZSB(zp);
3884 uint64_t off, len;
3885 int error;
3886
3887 ZFS_ENTER(zfsvfs);
3888 ZFS_VERIFY_ZP(zp);
3889
3890 if (cmd != F_FREESP) {
3891 ZFS_EXIT(zfsvfs);
3892 return (SET_ERROR(EINVAL));
3893 }
3894
3895 /*
3896 * Callers might not be able to detect properly that we are read-only,
3897 * so check it explicitly here.
3898 */
3899 if (zfs_is_readonly(zfsvfs)) {
3900 ZFS_EXIT(zfsvfs);
3901 return (SET_ERROR(EROFS));
3902 }
3903
3904 if (bfp->l_len < 0) {
3905 ZFS_EXIT(zfsvfs);
3906 return (SET_ERROR(EINVAL));
3907 }
3908
3909 /*
3910 * Permissions aren't checked on Solaris because on this OS
3911 * zfs_space() can only be called with an opened file handle.
3912 * On Linux we can get here through truncate_range() which
3913 * operates directly on inodes, so we need to check access rights.
3914 */
3915 if ((error = zfs_zaccess(zp, ACE_WRITE_DATA, 0, B_FALSE, cr))) {
3916 ZFS_EXIT(zfsvfs);
3917 return (error);
3918 }
3919
3920 off = bfp->l_start;
3921 len = bfp->l_len; /* 0 means from off to end of file */
3922
3923 error = zfs_freesp(zp, off, len, flag, TRUE);
3924
3925 ZFS_EXIT(zfsvfs);
3926 return (error);
3927 }
3928
3929 /*ARGSUSED*/
3930 int
zfs_fid(struct inode * ip,fid_t * fidp)3931 zfs_fid(struct inode *ip, fid_t *fidp)
3932 {
3933 znode_t *zp = ITOZ(ip);
3934 zfsvfs_t *zfsvfs = ITOZSB(ip);
3935 uint32_t gen;
3936 uint64_t gen64;
3937 uint64_t object = zp->z_id;
3938 zfid_short_t *zfid;
3939 int size, i, error;
3940
3941 ZFS_ENTER(zfsvfs);
3942 ZFS_VERIFY_ZP(zp);
3943
3944 if ((error = sa_lookup(zp->z_sa_hdl, SA_ZPL_GEN(zfsvfs),
3945 &gen64, sizeof (uint64_t))) != 0) {
3946 ZFS_EXIT(zfsvfs);
3947 return (error);
3948 }
3949
3950 gen = (uint32_t)gen64;
3951
3952 size = SHORT_FID_LEN;
3953
3954 zfid = (zfid_short_t *)fidp;
3955
3956 zfid->zf_len = size;
3957
3958 for (i = 0; i < sizeof (zfid->zf_object); i++)
3959 zfid->zf_object[i] = (uint8_t)(object >> (8 * i));
3960
3961 /* Must have a non-zero generation number to distinguish from .zfs */
3962 if (gen == 0)
3963 gen = 1;
3964 for (i = 0; i < sizeof (zfid->zf_gen); i++)
3965 zfid->zf_gen[i] = (uint8_t)(gen >> (8 * i));
3966
3967 ZFS_EXIT(zfsvfs);
3968 return (0);
3969 }
3970
3971 #if defined(_KERNEL)
3972 EXPORT_SYMBOL(zfs_open);
3973 EXPORT_SYMBOL(zfs_close);
3974 EXPORT_SYMBOL(zfs_lookup);
3975 EXPORT_SYMBOL(zfs_create);
3976 EXPORT_SYMBOL(zfs_tmpfile);
3977 EXPORT_SYMBOL(zfs_remove);
3978 EXPORT_SYMBOL(zfs_mkdir);
3979 EXPORT_SYMBOL(zfs_rmdir);
3980 EXPORT_SYMBOL(zfs_readdir);
3981 EXPORT_SYMBOL(zfs_getattr_fast);
3982 EXPORT_SYMBOL(zfs_setattr);
3983 EXPORT_SYMBOL(zfs_rename);
3984 EXPORT_SYMBOL(zfs_symlink);
3985 EXPORT_SYMBOL(zfs_readlink);
3986 EXPORT_SYMBOL(zfs_link);
3987 EXPORT_SYMBOL(zfs_inactive);
3988 EXPORT_SYMBOL(zfs_space);
3989 EXPORT_SYMBOL(zfs_fid);
3990 EXPORT_SYMBOL(zfs_getpage);
3991 EXPORT_SYMBOL(zfs_putpage);
3992 EXPORT_SYMBOL(zfs_dirty_inode);
3993 EXPORT_SYMBOL(zfs_map);
3994
3995 /* BEGIN CSTYLED */
3996 module_param(zfs_delete_blocks, ulong, 0644);
3997 MODULE_PARM_DESC(zfs_delete_blocks, "Delete files larger than N blocks async");
3998 /* END CSTYLED */
3999
4000 #endif
4001