4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or https://opensource.org/licenses/CDDL-1.0.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2014, 2022 by Delphix. All rights reserved.
26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
27 * Copyright 2017 RackTop Systems.
28 * Copyright (c) 2018 Datto Inc.
29 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
33 * Routines to manage ZFS mounts. We separate all the nasty routines that have
34 * to deal with the OS. The following functions are the main entry points --
35 * they are used by mount and unmount and when changing a filesystem's
44 * This file also contains the functions used to manage sharing filesystems:
52 * The following functions are available for pool consumers, and will
53 * mount/unmount and share/unshare all datasets within pool:
55 * zpool_enable_datasets()
56 * zpool_disable_datasets()
70 #include <sys/mntent.h>
71 #include <sys/mount.h>
74 #include <sys/dsl_crypt.h>
78 #include "libzfs_impl.h"
79 #include <thread_pool.h>
82 #include <sys/systeminfo.h>
83 #define MAXISALEN 257 /* based on sysinfo(2) man page */
85 static int mount_tp_nthr
= 512; /* tpool threads for multi-threaded mounting */
87 static void zfs_mount_task(void *);
89 static const proto_table_t proto_table
[SA_PROTOCOL_COUNT
] = {
91 {ZFS_PROP_SHARENFS
, EZFS_SHARENFSFAILED
, EZFS_UNSHARENFSFAILED
},
93 {ZFS_PROP_SHARESMB
, EZFS_SHARESMBFAILED
, EZFS_UNSHARESMBFAILED
},
96 static const enum sa_protocol share_all_proto
[SA_PROTOCOL_COUNT
+ 1] = {
105 dir_is_empty_stat(const char *dirname
)
110 * We only want to return false if the given path is a non empty
111 * directory, all other errors are handled elsewhere.
113 if (stat(dirname
, &st
) < 0 || !S_ISDIR(st
.st_mode
)) {
118 * An empty directory will still have two entries in it, one
119 * entry for each of "." and "..".
121 if (st
.st_size
> 2) {
129 dir_is_empty_readdir(const char *dirname
)
135 if ((dirfd
= openat(AT_FDCWD
, dirname
,
136 O_RDONLY
| O_NDELAY
| O_LARGEFILE
| O_CLOEXEC
, 0)) < 0) {
140 if ((dirp
= fdopendir(dirfd
)) == NULL
) {
145 while ((dp
= readdir64(dirp
)) != NULL
) {
147 if (strcmp(dp
->d_name
, ".") == 0 ||
148 strcmp(dp
->d_name
, "..") == 0)
151 (void) closedir(dirp
);
155 (void) closedir(dirp
);
160 * Returns true if the specified directory is empty. If we can't open the
161 * directory at all, return true so that the mount can fail with a more
162 * informative error message.
165 dir_is_empty(const char *dirname
)
170 * If the statvfs call fails or the filesystem is not a ZFS
171 * filesystem, fall back to the slow path which uses readdir.
173 if ((statfs64(dirname
, &st
) != 0) ||
174 (st
.f_type
!= ZFS_SUPER_MAGIC
)) {
175 return (dir_is_empty_readdir(dirname
));
179 * At this point, we know the provided path is on a ZFS
180 * filesystem, so we can use stat instead of readdir to
181 * determine if the directory is empty or not. We try to avoid
182 * using readdir because that requires opening "dirname"; this
183 * open file descriptor can potentially end up in a child
184 * process if there's a concurrent fork, thus preventing the
185 * zfs_mount() from otherwise succeeding (the open file
186 * descriptor inherited by the child process will cause the
187 * parent's mount to fail with EBUSY). The performance
188 * implications of replacing the open, read, and close with a
189 * single stat is nice; but is not the main motivation for the
192 return (dir_is_empty_stat(dirname
));
196 * Checks to see if the mount is active. If the filesystem is mounted, we fill
197 * in 'where' with the current mountpoint, and return 1. Otherwise, we return
201 is_mounted(libzfs_handle_t
*zfs_hdl
, const char *special
, char **where
)
205 if (libzfs_mnttab_find(zfs_hdl
, special
, &entry
) != 0)
209 *where
= zfs_strdup(zfs_hdl
, entry
.mnt_mountp
);
215 zfs_is_mounted(zfs_handle_t
*zhp
, char **where
)
217 return (is_mounted(zhp
->zfs_hdl
, zfs_get_name(zhp
), where
));
221 * Checks any higher order concerns about whether the given dataset is
222 * mountable, false otherwise. zfs_is_mountable_internal specifically assumes
223 * that the caller has verified the sanity of mounting the dataset at
224 * its mountpoint to the extent the caller wants.
227 zfs_is_mountable_internal(zfs_handle_t
*zhp
)
229 if (zfs_prop_get_int(zhp
, ZFS_PROP_ZONED
) &&
230 getzoneid() == GLOBAL_ZONEID
)
237 * Returns true if the given dataset is mountable, false otherwise. Returns the
238 * mountpoint in 'buf'.
241 zfs_is_mountable(zfs_handle_t
*zhp
, char *buf
, size_t buflen
,
242 zprop_source_t
*source
, int flags
)
244 char sourceloc
[MAXNAMELEN
];
245 zprop_source_t sourcetype
;
247 if (!zfs_prop_valid_for_type(ZFS_PROP_MOUNTPOINT
, zhp
->zfs_type
,
251 verify(zfs_prop_get(zhp
, ZFS_PROP_MOUNTPOINT
, buf
, buflen
,
252 &sourcetype
, sourceloc
, sizeof (sourceloc
), B_FALSE
) == 0);
254 if (strcmp(buf
, ZFS_MOUNTPOINT_NONE
) == 0 ||
255 strcmp(buf
, ZFS_MOUNTPOINT_LEGACY
) == 0)
258 if (zfs_prop_get_int(zhp
, ZFS_PROP_CANMOUNT
) == ZFS_CANMOUNT_OFF
)
261 if (!zfs_is_mountable_internal(zhp
))
264 if (zfs_prop_get_int(zhp
, ZFS_PROP_REDACTED
) && !(flags
& MS_FORCE
))
268 *source
= sourcetype
;
274 * The filesystem is mounted by invoking the system mount utility rather
275 * than by the system call mount(2). This ensures that the /etc/mtab
276 * file is correctly locked for the update. Performing our own locking
277 * and /etc/mtab update requires making an unsafe assumption about how
278 * the mount utility performs its locking. Unfortunately, this also means
279 * in the case of a mount failure we do not have the exact errno. We must
280 * make due with return value from the mount process.
282 * In the long term a shared library called libmount is under development
283 * which provides a common API to address the locking and errno issues.
284 * Once the standard mount utility has been updated to use this library
285 * we can add an autoconf check to conditionally use it.
287 * http://www.kernel.org/pub/linux/utils/util-linux/libmount-docs/index.html
291 zfs_add_option(zfs_handle_t
*zhp
, char *options
, int len
,
292 zfs_prop_t prop
, const char *on
, const char *off
)
297 /* Skip adding duplicate default options */
298 if ((strstr(options
, on
) != NULL
) || (strstr(options
, off
) != NULL
))
302 * zfs_prop_get_int() is not used to ensure our mount options
303 * are not influenced by the current /proc/self/mounts contents.
305 value
= getprop_uint64(zhp
, prop
, &source
);
307 (void) strlcat(options
, ",", len
);
308 (void) strlcat(options
, value
? on
: off
, len
);
314 zfs_add_options(zfs_handle_t
*zhp
, char *options
, int len
)
318 error
= zfs_add_option(zhp
, options
, len
,
319 ZFS_PROP_ATIME
, MNTOPT_ATIME
, MNTOPT_NOATIME
);
321 * don't add relatime/strictatime when atime=off, otherwise strictatime
322 * will force atime=on
324 if (strstr(options
, MNTOPT_NOATIME
) == NULL
) {
325 error
= zfs_add_option(zhp
, options
, len
,
326 ZFS_PROP_RELATIME
, MNTOPT_RELATIME
, MNTOPT_STRICTATIME
);
328 error
= error
? error
: zfs_add_option(zhp
, options
, len
,
329 ZFS_PROP_DEVICES
, MNTOPT_DEVICES
, MNTOPT_NODEVICES
);
330 error
= error
? error
: zfs_add_option(zhp
, options
, len
,
331 ZFS_PROP_EXEC
, MNTOPT_EXEC
, MNTOPT_NOEXEC
);
332 error
= error
? error
: zfs_add_option(zhp
, options
, len
,
333 ZFS_PROP_READONLY
, MNTOPT_RO
, MNTOPT_RW
);
334 error
= error
? error
: zfs_add_option(zhp
, options
, len
,
335 ZFS_PROP_SETUID
, MNTOPT_SETUID
, MNTOPT_NOSETUID
);
336 error
= error
? error
: zfs_add_option(zhp
, options
, len
,
337 ZFS_PROP_NBMAND
, MNTOPT_NBMAND
, MNTOPT_NONBMAND
);
343 zfs_mount(zfs_handle_t
*zhp
, const char *options
, int flags
)
345 char mountpoint
[ZFS_MAXPROPLEN
];
347 if (!zfs_is_mountable(zhp
, mountpoint
, sizeof (mountpoint
), NULL
,
351 return (zfs_mount_at(zhp
, options
, flags
, mountpoint
));
355 * Mount the given filesystem.
358 zfs_mount_at(zfs_handle_t
*zhp
, const char *options
, int flags
,
359 const char *mountpoint
)
362 char mntopts
[MNT_LINE_MAX
];
363 char overlay
[ZFS_MAXPROPLEN
];
364 char prop_encroot
[MAXNAMELEN
];
365 boolean_t is_encroot
;
366 zfs_handle_t
*encroot_hp
= zhp
;
367 libzfs_handle_t
*hdl
= zhp
->zfs_hdl
;
371 if (options
== NULL
) {
372 (void) strlcpy(mntopts
, MNTOPT_DEFAULTS
, sizeof (mntopts
));
374 (void) strlcpy(mntopts
, options
, sizeof (mntopts
));
377 if (strstr(mntopts
, MNTOPT_REMOUNT
) != NULL
)
380 /* Potentially duplicates some checks if invoked by zfs_mount(). */
381 if (!zfs_is_mountable_internal(zhp
))
385 * If the pool is imported read-only then all mounts must be read-only
387 if (zpool_get_prop_int(zhp
->zpool_hdl
, ZPOOL_PROP_READONLY
, NULL
))
388 (void) strlcat(mntopts
, "," MNTOPT_RO
, sizeof (mntopts
));
391 * Append default mount options which apply to the mount point.
392 * This is done because under Linux (unlike Solaris) multiple mount
393 * points may reference a single super block. This means that just
394 * given a super block there is no back reference to update the per
395 * mount point options.
397 rc
= zfs_add_options(zhp
, mntopts
, sizeof (mntopts
));
399 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
400 "default options unavailable"));
401 return (zfs_error_fmt(hdl
, EZFS_MOUNTFAILED
,
402 dgettext(TEXT_DOMAIN
, "cannot mount '%s'"),
407 * If the filesystem is encrypted the key must be loaded in order to
408 * mount. If the key isn't loaded, the MS_CRYPT flag decides whether
409 * or not we attempt to load the keys. Note: we must call
410 * zfs_refresh_properties() here since some callers of this function
411 * (most notably zpool_enable_datasets()) may implicitly load our key
412 * by loading the parent's key first.
414 if (zfs_prop_get_int(zhp
, ZFS_PROP_ENCRYPTION
) != ZIO_CRYPT_OFF
) {
415 zfs_refresh_properties(zhp
);
416 keystatus
= zfs_prop_get_int(zhp
, ZFS_PROP_KEYSTATUS
);
419 * If the key is unavailable and MS_CRYPT is set give the
420 * user a chance to enter the key. Otherwise just fail
423 if (keystatus
== ZFS_KEYSTATUS_UNAVAILABLE
) {
424 if (flags
& MS_CRYPT
) {
425 rc
= zfs_crypto_get_encryption_root(zhp
,
426 &is_encroot
, prop_encroot
);
428 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
429 "Failed to get encryption root for "
430 "'%s'."), zfs_get_name(zhp
));
435 encroot_hp
= zfs_open(hdl
, prop_encroot
,
437 if (encroot_hp
== NULL
)
438 return (hdl
->libzfs_error
);
441 rc
= zfs_crypto_load_key(encroot_hp
,
445 zfs_close(encroot_hp
);
449 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
450 "encryption key not loaded"));
451 return (zfs_error_fmt(hdl
, EZFS_MOUNTFAILED
,
452 dgettext(TEXT_DOMAIN
, "cannot mount '%s'"),
460 * Append zfsutil option so the mount helper allow the mount
462 strlcat(mntopts
, "," MNTOPT_ZFSUTIL
, sizeof (mntopts
));
464 /* Create the directory if it doesn't already exist */
465 if (lstat(mountpoint
, &buf
) != 0) {
466 if (mkdirp(mountpoint
, 0755) != 0) {
467 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
468 "failed to create mountpoint: %s"),
470 return (zfs_error_fmt(hdl
, EZFS_MOUNTFAILED
,
471 dgettext(TEXT_DOMAIN
, "cannot mount '%s'"),
477 * Overlay mounts are enabled by default but may be disabled
478 * via the 'overlay' property. The -O flag remains for compatibility.
480 if (!(flags
& MS_OVERLAY
)) {
481 if (zfs_prop_get(zhp
, ZFS_PROP_OVERLAY
, overlay
,
482 sizeof (overlay
), NULL
, NULL
, 0, B_FALSE
) == 0) {
483 if (strcmp(overlay
, "on") == 0) {
490 * Determine if the mountpoint is empty. If so, refuse to perform the
491 * mount. We don't perform this check if 'remount' is
492 * specified or if overlay option (-O) is given
494 if ((flags
& MS_OVERLAY
) == 0 && !remount
&&
495 !dir_is_empty(mountpoint
)) {
496 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
497 "directory is not empty"));
498 return (zfs_error_fmt(hdl
, EZFS_MOUNTFAILED
,
499 dgettext(TEXT_DOMAIN
, "cannot mount '%s'"), mountpoint
));
502 /* perform the mount */
503 rc
= do_mount(zhp
, mountpoint
, mntopts
, flags
);
506 * Generic errors are nasty, but there are just way too many
507 * from mount(), and they're well-understood. We pick a few
508 * common ones to improve upon.
511 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
512 "mountpoint or dataset is busy"));
513 } else if (rc
== EPERM
) {
514 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
515 "Insufficient privileges"));
516 } else if (rc
== ENOTSUP
) {
519 VERIFY(zfs_spa_version(zhp
, &spa_version
) == 0);
520 zfs_error_aux(hdl
, dgettext(TEXT_DOMAIN
,
521 "Can't mount a version %llu "
522 "file system on a version %d pool. Pool must be"
523 " upgraded to mount this file system."),
524 (u_longlong_t
)zfs_prop_get_int(zhp
,
525 ZFS_PROP_VERSION
), spa_version
);
527 zfs_error_aux(hdl
, "%s", strerror(rc
));
529 return (zfs_error_fmt(hdl
, EZFS_MOUNTFAILED
,
530 dgettext(TEXT_DOMAIN
, "cannot mount '%s'"),
534 /* remove the mounted entry before re-adding on remount */
536 libzfs_mnttab_remove(hdl
, zhp
->zfs_name
);
538 /* add the mounted entry into our cache */
539 libzfs_mnttab_add(hdl
, zfs_get_name(zhp
), mountpoint
, mntopts
);
544 * Unmount a single filesystem.
547 unmount_one(zfs_handle_t
*zhp
, const char *mountpoint
, int flags
)
551 error
= do_unmount(zhp
, mountpoint
, flags
);
557 libzfs_err
= EZFS_BUSY
;
560 libzfs_err
= EZFS_IO
;
563 libzfs_err
= EZFS_NOENT
;
566 libzfs_err
= EZFS_NOMEM
;
569 libzfs_err
= EZFS_PERM
;
572 libzfs_err
= EZFS_UMOUNTFAILED
;
575 return (zfs_error_fmt(zhp
->zfs_hdl
, libzfs_err
,
576 dgettext(TEXT_DOMAIN
, "cannot unmount '%s'"),
587 * Unmount the given filesystem.
590 zfs_unmount(zfs_handle_t
*zhp
, const char *mountpoint
, int flags
)
592 libzfs_handle_t
*hdl
= zhp
->zfs_hdl
;
595 boolean_t encroot
, unmounted
= B_FALSE
;
597 /* check to see if we need to unmount the filesystem */
598 if (mountpoint
!= NULL
|| ((zfs_get_type(zhp
) == ZFS_TYPE_FILESYSTEM
) &&
599 libzfs_mnttab_find(hdl
, zhp
->zfs_name
, &entry
) == 0)) {
601 * mountpoint may have come from a call to
602 * getmnt/getmntany if it isn't NULL. If it is NULL,
603 * we know it comes from libzfs_mnttab_find which can
604 * then get freed later. We strdup it to play it safe.
606 if (mountpoint
== NULL
)
607 mntpt
= zfs_strdup(hdl
, entry
.mnt_mountp
);
609 mntpt
= zfs_strdup(hdl
, mountpoint
);
612 * Unshare and unmount the filesystem
614 if (zfs_unshare(zhp
, mntpt
, share_all_proto
) != 0) {
618 zfs_commit_shares(NULL
);
620 if (unmount_one(zhp
, mntpt
, flags
) != 0) {
622 (void) zfs_share(zhp
, NULL
);
623 zfs_commit_shares(NULL
);
627 libzfs_mnttab_remove(hdl
, zhp
->zfs_name
);
633 * If the MS_CRYPT flag is provided we must ensure we attempt to
634 * unload the dataset's key regardless of whether we did any work
635 * to unmount it. We only do this for encryption roots.
637 if ((flags
& MS_CRYPT
) != 0 &&
638 zfs_prop_get_int(zhp
, ZFS_PROP_ENCRYPTION
) != ZIO_CRYPT_OFF
) {
639 zfs_refresh_properties(zhp
);
641 if (zfs_crypto_get_encryption_root(zhp
, &encroot
, NULL
) != 0 &&
643 (void) zfs_mount(zhp
, NULL
, 0);
647 if (encroot
&& zfs_prop_get_int(zhp
, ZFS_PROP_KEYSTATUS
) ==
648 ZFS_KEYSTATUS_AVAILABLE
&&
649 zfs_crypto_unload_key(zhp
) != 0) {
650 (void) zfs_mount(zhp
, NULL
, 0);
655 zpool_disable_volume_os(zhp
->zfs_name
);
661 * Unmount this filesystem and any children inheriting the mountpoint property.
662 * To do this, just act like we're changing the mountpoint property, but don't
663 * remount the filesystems afterwards.
666 zfs_unmountall(zfs_handle_t
*zhp
, int flags
)
668 prop_changelist_t
*clp
;
671 clp
= changelist_gather(zhp
, ZFS_PROP_MOUNTPOINT
,
672 CL_GATHER_ITER_MOUNTED
, flags
);
676 ret
= changelist_prefix(clp
);
677 changelist_free(clp
);
683 * Unshare a filesystem by mountpoint.
686 unshare_one(libzfs_handle_t
*hdl
, const char *name
, const char *mountpoint
,
687 enum sa_protocol proto
)
689 int err
= sa_disable_share(mountpoint
, proto
);
691 return (zfs_error_fmt(hdl
, proto_table
[proto
].p_unshare_err
,
692 dgettext(TEXT_DOMAIN
, "cannot unshare '%s': %s"),
693 name
, sa_errorstr(err
)));
699 * Share the given filesystem according to the options in the specified
700 * protocol specific properties (sharenfs, sharesmb). We rely
701 * on "libshare" to do the dirty work for us.
704 zfs_share(zfs_handle_t
*zhp
, const enum sa_protocol
*proto
)
706 char mountpoint
[ZFS_MAXPROPLEN
];
707 char shareopts
[ZFS_MAXPROPLEN
];
708 char sourcestr
[ZFS_MAXPROPLEN
];
709 const enum sa_protocol
*curr_proto
;
710 zprop_source_t sourcetype
;
714 proto
= share_all_proto
;
716 if (!zfs_is_mountable(zhp
, mountpoint
, sizeof (mountpoint
), NULL
, 0))
719 for (curr_proto
= proto
; *curr_proto
!= SA_NO_PROTOCOL
; curr_proto
++) {
721 * Return success if there are no share options.
723 if (zfs_prop_get(zhp
, proto_table
[*curr_proto
].p_prop
,
724 shareopts
, sizeof (shareopts
), &sourcetype
, sourcestr
,
725 ZFS_MAXPROPLEN
, B_FALSE
) != 0 ||
726 strcmp(shareopts
, "off") == 0)
730 * If the 'zoned' property is set, then zfs_is_mountable()
731 * will have already bailed out if we are in the global zone.
732 * But local zones cannot be NFS servers, so we ignore it for
733 * local zones as well.
735 if (zfs_prop_get_int(zhp
, ZFS_PROP_ZONED
))
738 err
= sa_enable_share(zfs_get_name(zhp
), mountpoint
, shareopts
,
741 return (zfs_error_fmt(zhp
->zfs_hdl
,
742 proto_table
[*curr_proto
].p_share_err
,
743 dgettext(TEXT_DOMAIN
, "cannot share '%s: %s'"),
744 zfs_get_name(zhp
), sa_errorstr(err
)));
752 * Check to see if the filesystem is currently shared.
755 zfs_is_shared(zfs_handle_t
*zhp
, char **where
,
756 const enum sa_protocol
*proto
)
760 proto
= share_all_proto
;
762 if (ZFS_IS_VOLUME(zhp
))
765 if (!zfs_is_mounted(zhp
, &mountpoint
))
768 for (const enum sa_protocol
*p
= proto
; *p
!= SA_NO_PROTOCOL
; ++p
)
769 if (sa_is_shared(mountpoint
, *p
)) {
782 zfs_commit_shares(const enum sa_protocol
*proto
)
785 proto
= share_all_proto
;
787 for (const enum sa_protocol
*p
= proto
; *p
!= SA_NO_PROTOCOL
; ++p
)
788 sa_commit_shares(*p
);
792 zfs_truncate_shares(const enum sa_protocol
*proto
)
795 proto
= share_all_proto
;
797 for (const enum sa_protocol
*p
= proto
; *p
!= SA_NO_PROTOCOL
; ++p
)
798 sa_truncate_shares(*p
);
802 * Unshare the given filesystem.
805 zfs_unshare(zfs_handle_t
*zhp
, const char *mountpoint
,
806 const enum sa_protocol
*proto
)
808 libzfs_handle_t
*hdl
= zhp
->zfs_hdl
;
812 proto
= share_all_proto
;
814 if (mountpoint
!= NULL
|| ((zfs_get_type(zhp
) == ZFS_TYPE_FILESYSTEM
) &&
815 libzfs_mnttab_find(hdl
, zfs_get_name(zhp
), &entry
) == 0)) {
817 /* check to see if need to unmount the filesystem */
818 const char *mntpt
= mountpoint
?: entry
.mnt_mountp
;
820 for (const enum sa_protocol
*curr_proto
= proto
;
821 *curr_proto
!= SA_NO_PROTOCOL
; curr_proto
++)
822 if (sa_is_shared(mntpt
, *curr_proto
) &&
823 unshare_one(hdl
, zhp
->zfs_name
,
824 mntpt
, *curr_proto
) != 0)
832 * Same as zfs_unmountall(), but for NFS and SMB unshares.
835 zfs_unshareall(zfs_handle_t
*zhp
, const enum sa_protocol
*proto
)
837 prop_changelist_t
*clp
;
841 proto
= share_all_proto
;
843 clp
= changelist_gather(zhp
, ZFS_PROP_SHARENFS
, 0, 0);
847 ret
= changelist_unshare(clp
, proto
);
848 changelist_free(clp
);
854 * Remove the mountpoint associated with the current dataset, if necessary.
855 * We only remove the underlying directory if:
857 * - The mountpoint is not 'none' or 'legacy'
858 * - The mountpoint is non-empty
859 * - The mountpoint is the default or inherited
860 * - The 'zoned' property is set, or we're in a local zone
862 * Any other directories we leave alone.
865 remove_mountpoint(zfs_handle_t
*zhp
)
867 char mountpoint
[ZFS_MAXPROPLEN
];
868 zprop_source_t source
;
870 if (!zfs_is_mountable(zhp
, mountpoint
, sizeof (mountpoint
),
874 if (source
== ZPROP_SRC_DEFAULT
||
875 source
== ZPROP_SRC_INHERITED
) {
877 * Try to remove the directory, silently ignoring any errors.
878 * The filesystem may have since been removed or moved around,
879 * and this error isn't really useful to the administrator in
882 (void) rmdir(mountpoint
);
887 * Add the given zfs handle to the cb_handles array, dynamically reallocating
888 * the array if it is out of space.
891 libzfs_add_handle(get_all_cb_t
*cbp
, zfs_handle_t
*zhp
)
893 if (cbp
->cb_alloc
== cbp
->cb_used
) {
895 zfs_handle_t
**newhandles
;
897 newsz
= cbp
->cb_alloc
!= 0 ? cbp
->cb_alloc
* 2 : 64;
898 newhandles
= zfs_realloc(zhp
->zfs_hdl
,
899 cbp
->cb_handles
, cbp
->cb_alloc
* sizeof (zfs_handle_t
*),
900 newsz
* sizeof (zfs_handle_t
*));
901 cbp
->cb_handles
= newhandles
;
902 cbp
->cb_alloc
= newsz
;
904 cbp
->cb_handles
[cbp
->cb_used
++] = zhp
;
908 * Recursive helper function used during file system enumeration
911 zfs_iter_cb(zfs_handle_t
*zhp
, void *data
)
913 get_all_cb_t
*cbp
= data
;
915 if (!(zfs_get_type(zhp
) & ZFS_TYPE_FILESYSTEM
)) {
920 if (zfs_prop_get_int(zhp
, ZFS_PROP_CANMOUNT
) == ZFS_CANMOUNT_NOAUTO
) {
925 if (zfs_prop_get_int(zhp
, ZFS_PROP_KEYSTATUS
) ==
926 ZFS_KEYSTATUS_UNAVAILABLE
) {
932 * If this filesystem is inconsistent and has a receive resume
933 * token, we can not mount it.
935 if (zfs_prop_get_int(zhp
, ZFS_PROP_INCONSISTENT
) &&
936 zfs_prop_get(zhp
, ZFS_PROP_RECEIVE_RESUME_TOKEN
,
937 NULL
, 0, NULL
, NULL
, 0, B_TRUE
) == 0) {
942 libzfs_add_handle(cbp
, zhp
);
943 if (zfs_iter_filesystems(zhp
, 0, zfs_iter_cb
, cbp
) != 0) {
951 * Sort comparator that compares two mountpoint paths. We sort these paths so
952 * that subdirectories immediately follow their parents. This means that we
953 * effectively treat the '/' character as the lowest value non-nul char.
954 * Since filesystems from non-global zones can have the same mountpoint
955 * as other filesystems, the comparator sorts global zone filesystems to
956 * the top of the list. This means that the global zone will traverse the
957 * filesystem list in the correct order and can stop when it sees the
958 * first zoned filesystem. In a non-global zone, only the delegated
959 * filesystems are seen.
961 * An example sorted list using this comparator would look like:
971 * The mounting code depends on this ordering to deterministically iterate
972 * over filesystems in order to spawn parallel mount tasks.
975 mountpoint_cmp(const void *arga
, const void *argb
)
977 zfs_handle_t
*const *zap
= arga
;
978 zfs_handle_t
*za
= *zap
;
979 zfs_handle_t
*const *zbp
= argb
;
980 zfs_handle_t
*zb
= *zbp
;
981 char mounta
[MAXPATHLEN
];
982 char mountb
[MAXPATHLEN
];
983 const char *a
= mounta
;
984 const char *b
= mountb
;
985 boolean_t gota
, gotb
;
986 uint64_t zoneda
, zonedb
;
988 zoneda
= zfs_prop_get_int(za
, ZFS_PROP_ZONED
);
989 zonedb
= zfs_prop_get_int(zb
, ZFS_PROP_ZONED
);
990 if (zoneda
&& !zonedb
)
992 if (!zoneda
&& zonedb
)
995 gota
= (zfs_get_type(za
) == ZFS_TYPE_FILESYSTEM
);
997 verify(zfs_prop_get(za
, ZFS_PROP_MOUNTPOINT
, mounta
,
998 sizeof (mounta
), NULL
, NULL
, 0, B_FALSE
) == 0);
1000 gotb
= (zfs_get_type(zb
) == ZFS_TYPE_FILESYSTEM
);
1002 verify(zfs_prop_get(zb
, ZFS_PROP_MOUNTPOINT
, mountb
,
1003 sizeof (mountb
), NULL
, NULL
, 0, B_FALSE
) == 0);
1007 while (*a
!= '\0' && (*a
== *b
)) {
1021 return (*a
< *b
? -1 : *a
> *b
);
1030 * If neither filesystem has a mountpoint, revert to sorting by
1033 return (strcmp(zfs_get_name(za
), zfs_get_name(zb
)));
1037 * Return true if path2 is a child of path1 or path2 equals path1 or
1038 * path1 is "/" (path2 is always a child of "/").
1041 libzfs_path_contains(const char *path1
, const char *path2
)
1043 return (strcmp(path1
, path2
) == 0 || strcmp(path1
, "/") == 0 ||
1044 (strstr(path2
, path1
) == path2
&& path2
[strlen(path1
)] == '/'));
1048 * Given a mountpoint specified by idx in the handles array, find the first
1049 * non-descendent of that mountpoint and return its index. Descendant paths
1050 * start with the parent's path. This function relies on the ordering
1051 * enforced by mountpoint_cmp().
1054 non_descendant_idx(zfs_handle_t
**handles
, size_t num_handles
, int idx
)
1056 char parent
[ZFS_MAXPROPLEN
];
1057 char child
[ZFS_MAXPROPLEN
];
1060 verify(zfs_prop_get(handles
[idx
], ZFS_PROP_MOUNTPOINT
, parent
,
1061 sizeof (parent
), NULL
, NULL
, 0, B_FALSE
) == 0);
1063 for (i
= idx
+ 1; i
< num_handles
; i
++) {
1064 verify(zfs_prop_get(handles
[i
], ZFS_PROP_MOUNTPOINT
, child
,
1065 sizeof (child
), NULL
, NULL
, 0, B_FALSE
) == 0);
1066 if (!libzfs_path_contains(parent
, child
))
1072 typedef struct mnt_param
{
1073 libzfs_handle_t
*mnt_hdl
;
1075 zfs_handle_t
**mnt_zhps
; /* filesystems to mount */
1076 size_t mnt_num_handles
;
1077 int mnt_idx
; /* Index of selected entry to mount */
1078 zfs_iter_f mnt_func
;
1083 * Allocate and populate the parameter struct for mount function, and
1084 * schedule mounting of the entry selected by idx.
1087 zfs_dispatch_mount(libzfs_handle_t
*hdl
, zfs_handle_t
**handles
,
1088 size_t num_handles
, int idx
, zfs_iter_f func
, void *data
, tpool_t
*tp
)
1090 mnt_param_t
*mnt_param
= zfs_alloc(hdl
, sizeof (mnt_param_t
));
1092 mnt_param
->mnt_hdl
= hdl
;
1093 mnt_param
->mnt_tp
= tp
;
1094 mnt_param
->mnt_zhps
= handles
;
1095 mnt_param
->mnt_num_handles
= num_handles
;
1096 mnt_param
->mnt_idx
= idx
;
1097 mnt_param
->mnt_func
= func
;
1098 mnt_param
->mnt_data
= data
;
1100 (void) tpool_dispatch(tp
, zfs_mount_task
, (void*)mnt_param
);
1104 * This is the structure used to keep state of mounting or sharing operations
1105 * during a call to zpool_enable_datasets().
1107 typedef struct mount_state
{
1109 * ms_mntstatus is set to -1 if any mount fails. While multiple threads
1110 * could update this variable concurrently, no synchronization is
1111 * needed as it's only ever set to -1.
1115 const char *ms_mntopts
;
1119 zfs_mount_one(zfs_handle_t
*zhp
, void *arg
)
1121 mount_state_t
*ms
= arg
;
1125 * don't attempt to mount encrypted datasets with
1128 if (zfs_prop_get_int(zhp
, ZFS_PROP_KEYSTATUS
) ==
1129 ZFS_KEYSTATUS_UNAVAILABLE
)
1132 if (zfs_mount(zhp
, ms
->ms_mntopts
, ms
->ms_mntflags
) != 0)
1133 ret
= ms
->ms_mntstatus
= -1;
1138 zfs_share_one(zfs_handle_t
*zhp
, void *arg
)
1140 mount_state_t
*ms
= arg
;
1143 if (zfs_share(zhp
, NULL
) != 0)
1144 ret
= ms
->ms_mntstatus
= -1;
1149 * Thread pool function to mount one file system. On completion, it finds and
1150 * schedules its children to be mounted. This depends on the sorting done in
1151 * zfs_foreach_mountpoint(). Note that the degenerate case (chain of entries
1152 * each descending from the previous) will have no parallelism since we always
1153 * have to wait for the parent to finish mounting before we can schedule
1157 zfs_mount_task(void *arg
)
1159 mnt_param_t
*mp
= arg
;
1160 int idx
= mp
->mnt_idx
;
1161 zfs_handle_t
**handles
= mp
->mnt_zhps
;
1162 size_t num_handles
= mp
->mnt_num_handles
;
1163 char mountpoint
[ZFS_MAXPROPLEN
];
1165 verify(zfs_prop_get(handles
[idx
], ZFS_PROP_MOUNTPOINT
, mountpoint
,
1166 sizeof (mountpoint
), NULL
, NULL
, 0, B_FALSE
) == 0);
1168 if (mp
->mnt_func(handles
[idx
], mp
->mnt_data
) != 0)
1172 * We dispatch tasks to mount filesystems with mountpoints underneath
1173 * this one. We do this by dispatching the next filesystem with a
1174 * descendant mountpoint of the one we just mounted, then skip all of
1175 * its descendants, dispatch the next descendant mountpoint, and so on.
1176 * The non_descendant_idx() function skips over filesystems that are
1177 * descendants of the filesystem we just dispatched.
1179 for (int i
= idx
+ 1; i
< num_handles
;
1180 i
= non_descendant_idx(handles
, num_handles
, i
)) {
1181 char child
[ZFS_MAXPROPLEN
];
1182 verify(zfs_prop_get(handles
[i
], ZFS_PROP_MOUNTPOINT
,
1183 child
, sizeof (child
), NULL
, NULL
, 0, B_FALSE
) == 0);
1185 if (!libzfs_path_contains(mountpoint
, child
))
1186 break; /* not a descendant, return */
1187 zfs_dispatch_mount(mp
->mnt_hdl
, handles
, num_handles
, i
,
1188 mp
->mnt_func
, mp
->mnt_data
, mp
->mnt_tp
);
1196 * Issue the func callback for each ZFS handle contained in the handles
1197 * array. This function is used to mount all datasets, and so this function
1198 * guarantees that filesystems for parent mountpoints are called before their
1199 * children. As such, before issuing any callbacks, we first sort the array
1200 * of handles by mountpoint.
1202 * Callbacks are issued in one of two ways:
1204 * 1. Sequentially: If the parallel argument is B_FALSE or the ZFS_SERIAL_MOUNT
1205 * environment variable is set, then we issue callbacks sequentially.
1207 * 2. In parallel: If the parallel argument is B_TRUE and the ZFS_SERIAL_MOUNT
1208 * environment variable is not set, then we use a tpool to dispatch threads
1209 * to mount filesystems in parallel. This function dispatches tasks to mount
1210 * the filesystems at the top-level mountpoints, and these tasks in turn
1211 * are responsible for recursively mounting filesystems in their children
1215 zfs_foreach_mountpoint(libzfs_handle_t
*hdl
, zfs_handle_t
**handles
,
1216 size_t num_handles
, zfs_iter_f func
, void *data
, boolean_t parallel
)
1218 zoneid_t zoneid
= getzoneid();
1221 * The ZFS_SERIAL_MOUNT environment variable is an undocumented
1222 * variable that can be used as a convenience to do a/b comparison
1223 * of serial vs. parallel mounting.
1225 boolean_t serial_mount
= !parallel
||
1226 (getenv("ZFS_SERIAL_MOUNT") != NULL
);
1229 * Sort the datasets by mountpoint. See mountpoint_cmp for details
1230 * of how these are sorted.
1232 qsort(handles
, num_handles
, sizeof (zfs_handle_t
*), mountpoint_cmp
);
1235 for (int i
= 0; i
< num_handles
; i
++) {
1236 func(handles
[i
], data
);
1242 * Issue the callback function for each dataset using a parallel
1243 * algorithm that uses a thread pool to manage threads.
1245 tpool_t
*tp
= tpool_create(1, mount_tp_nthr
, 0, NULL
);
1248 * There may be multiple "top level" mountpoints outside of the pool's
1249 * root mountpoint, e.g.: /foo /bar. Dispatch a mount task for each of
1252 for (int i
= 0; i
< num_handles
;
1253 i
= non_descendant_idx(handles
, num_handles
, i
)) {
1255 * Since the mountpoints have been sorted so that the zoned
1256 * filesystems are at the end, a zoned filesystem seen from
1257 * the global zone means that we're done.
1259 if (zoneid
== GLOBAL_ZONEID
&&
1260 zfs_prop_get_int(handles
[i
], ZFS_PROP_ZONED
))
1262 zfs_dispatch_mount(hdl
, handles
, num_handles
, i
, func
, data
,
1266 tpool_wait(tp
); /* wait for all scheduled mounts to complete */
1271 * Mount and share all datasets within the given pool. This assumes that no
1272 * datasets within the pool are currently mounted.
1275 zpool_enable_datasets(zpool_handle_t
*zhp
, const char *mntopts
, int flags
)
1277 get_all_cb_t cb
= { 0 };
1278 mount_state_t ms
= { 0 };
1282 if ((zfsp
= zfs_open(zhp
->zpool_hdl
, zhp
->zpool_name
,
1283 ZFS_TYPE_DATASET
)) == NULL
)
1287 * Gather all non-snapshot datasets within the pool. Start by adding
1288 * the root filesystem for this pool to the list, and then iterate
1289 * over all child filesystems.
1291 libzfs_add_handle(&cb
, zfsp
);
1292 if (zfs_iter_filesystems(zfsp
, 0, zfs_iter_cb
, &cb
) != 0)
1296 * Mount all filesystems
1298 ms
.ms_mntopts
= mntopts
;
1299 ms
.ms_mntflags
= flags
;
1300 zfs_foreach_mountpoint(zhp
->zpool_hdl
, cb
.cb_handles
, cb
.cb_used
,
1301 zfs_mount_one
, &ms
, B_TRUE
);
1302 if (ms
.ms_mntstatus
!= 0)
1303 ret
= ms
.ms_mntstatus
;
1306 * Share all filesystems that need to be shared. This needs to be
1307 * a separate pass because libshare is not mt-safe, and so we need
1308 * to share serially.
1310 ms
.ms_mntstatus
= 0;
1311 zfs_foreach_mountpoint(zhp
->zpool_hdl
, cb
.cb_handles
, cb
.cb_used
,
1312 zfs_share_one
, &ms
, B_FALSE
);
1313 if (ms
.ms_mntstatus
!= 0)
1314 ret
= ms
.ms_mntstatus
;
1316 zfs_commit_shares(NULL
);
1319 for (int i
= 0; i
< cb
.cb_used
; i
++)
1320 zfs_close(cb
.cb_handles
[i
]);
1321 free(cb
.cb_handles
);
1328 zfs_handle_t
*dataset
;
1332 mountpoint_compare(const void *a
, const void *b
)
1334 const struct sets_s
*mounta
= (struct sets_s
*)a
;
1335 const struct sets_s
*mountb
= (struct sets_s
*)b
;
1337 return (strcmp(mountb
->mountpoint
, mounta
->mountpoint
));
1341 * Unshare and unmount all datasets within the given pool. We don't want to
1342 * rely on traversing the DSL to discover the filesystems within the pool,
1343 * because this may be expensive (if not all of them are mounted), and can fail
1344 * arbitrarily (on I/O error, for example). Instead, we walk /proc/self/mounts
1345 * and gather all the filesystems that are currently mounted.
1348 zpool_disable_datasets(zpool_handle_t
*zhp
, boolean_t force
)
1352 struct mnttab entry
;
1354 struct sets_s
*sets
= NULL
;
1355 libzfs_handle_t
*hdl
= zhp
->zpool_hdl
;
1358 int flags
= (force
? MS_FORCE
: 0);
1360 namelen
= strlen(zhp
->zpool_name
);
1362 if ((mnttab
= fopen(MNTTAB
, "re")) == NULL
)
1366 while (getmntent(mnttab
, &entry
) == 0) {
1368 * Ignore non-ZFS entries.
1370 if (entry
.mnt_fstype
== NULL
||
1371 strcmp(entry
.mnt_fstype
, MNTTYPE_ZFS
) != 0)
1375 * Ignore filesystems not within this pool.
1377 if (entry
.mnt_mountp
== NULL
||
1378 strncmp(entry
.mnt_special
, zhp
->zpool_name
, namelen
) != 0 ||
1379 (entry
.mnt_special
[namelen
] != '/' &&
1380 entry
.mnt_special
[namelen
] != '\0'))
1384 * At this point we've found a filesystem within our pool. Add
1385 * it to our growing list.
1387 if (used
== alloc
) {
1389 sets
= zfs_alloc(hdl
,
1390 8 * sizeof (struct sets_s
));
1393 sets
= zfs_realloc(hdl
, sets
,
1394 alloc
* sizeof (struct sets_s
),
1395 alloc
* 2 * sizeof (struct sets_s
));
1401 sets
[used
].mountpoint
= zfs_strdup(hdl
, entry
.mnt_mountp
);
1404 * This is allowed to fail, in case there is some I/O error. It
1405 * is only used to determine if we need to remove the underlying
1406 * mountpoint, so failure is not fatal.
1408 sets
[used
].dataset
= make_dataset_handle(hdl
,
1415 * At this point, we have the entire list of filesystems, so sort it by
1419 qsort(sets
, used
, sizeof (struct sets_s
), mountpoint_compare
);
1422 * Walk through and first unshare everything.
1424 for (i
= 0; i
< used
; i
++) {
1425 for (enum sa_protocol p
= 0; p
< SA_PROTOCOL_COUNT
; ++p
) {
1426 if (sa_is_shared(sets
[i
].mountpoint
, p
) &&
1427 unshare_one(hdl
, sets
[i
].mountpoint
,
1428 sets
[i
].mountpoint
, p
) != 0)
1432 zfs_commit_shares(NULL
);
1435 * Now unmount everything, removing the underlying directories as
1438 for (i
= 0; i
< used
; i
++) {
1439 if (unmount_one(sets
[i
].dataset
, sets
[i
].mountpoint
,
1444 for (i
= 0; i
< used
; i
++) {
1445 if (sets
[i
].dataset
)
1446 remove_mountpoint(sets
[i
].dataset
);
1449 zpool_disable_datasets_os(zhp
, force
);
1453 (void) fclose(mnttab
);
1454 for (i
= 0; i
< used
; i
++) {
1455 if (sets
[i
].dataset
)
1456 zfs_close(sets
[i
].dataset
);
1457 free(sets
[i
].mountpoint
);