zdb: zero-pad checksum output follow up
[zfs.git] / lib / libzfs / libzfs_mount.c
blob8612e082ba3447fe810ce3a030466b1de6602864
1 /*
2 * CDDL HEADER START
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or https://opensource.org/licenses/CDDL-1.0.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
19 * CDDL HEADER END
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2014, 2022 by Delphix. All rights reserved.
26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
27 * Copyright 2017 RackTop Systems.
28 * Copyright (c) 2018 Datto Inc.
29 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
33 * Routines to manage ZFS mounts. We separate all the nasty routines that have
34 * to deal with the OS. The following functions are the main entry points --
35 * they are used by mount and unmount and when changing a filesystem's
36 * mountpoint.
38 * zfs_is_mounted()
39 * zfs_mount()
40 * zfs_mount_at()
41 * zfs_unmount()
42 * zfs_unmountall()
44 * This file also contains the functions used to manage sharing filesystems:
46 * zfs_is_shared()
47 * zfs_share()
48 * zfs_unshare()
49 * zfs_unshareall()
50 * zfs_commit_shares()
52 * The following functions are available for pool consumers, and will
53 * mount/unmount and share/unshare all datasets within pool:
55 * zpool_enable_datasets()
56 * zpool_disable_datasets()
59 #include <dirent.h>
60 #include <dlfcn.h>
61 #include <errno.h>
62 #include <fcntl.h>
63 #include <libgen.h>
64 #include <libintl.h>
65 #include <stdio.h>
66 #include <stdlib.h>
67 #include <string.h>
68 #include <unistd.h>
69 #include <zone.h>
70 #include <sys/mntent.h>
71 #include <sys/mount.h>
72 #include <sys/stat.h>
73 #include <sys/vfs.h>
74 #include <sys/dsl_crypt.h>
76 #include <libzfs.h>
78 #include "libzfs_impl.h"
79 #include <thread_pool.h>
81 #include <libshare.h>
82 #include <sys/systeminfo.h>
83 #define MAXISALEN 257 /* based on sysinfo(2) man page */
85 static int mount_tp_nthr = 512; /* tpool threads for multi-threaded mounting */
87 static void zfs_mount_task(void *);
89 static const proto_table_t proto_table[SA_PROTOCOL_COUNT] = {
90 [SA_PROTOCOL_NFS] =
91 {ZFS_PROP_SHARENFS, EZFS_SHARENFSFAILED, EZFS_UNSHARENFSFAILED},
92 [SA_PROTOCOL_SMB] =
93 {ZFS_PROP_SHARESMB, EZFS_SHARESMBFAILED, EZFS_UNSHARESMBFAILED},
96 static const enum sa_protocol share_all_proto[SA_PROTOCOL_COUNT + 1] = {
97 SA_PROTOCOL_NFS,
98 SA_PROTOCOL_SMB,
99 SA_NO_PROTOCOL
104 static boolean_t
105 dir_is_empty_stat(const char *dirname)
107 struct stat st;
110 * We only want to return false if the given path is a non empty
111 * directory, all other errors are handled elsewhere.
113 if (stat(dirname, &st) < 0 || !S_ISDIR(st.st_mode)) {
114 return (B_TRUE);
118 * An empty directory will still have two entries in it, one
119 * entry for each of "." and "..".
121 if (st.st_size > 2) {
122 return (B_FALSE);
125 return (B_TRUE);
128 static boolean_t
129 dir_is_empty_readdir(const char *dirname)
131 DIR *dirp;
132 struct dirent64 *dp;
133 int dirfd;
135 if ((dirfd = openat(AT_FDCWD, dirname,
136 O_RDONLY | O_NDELAY | O_LARGEFILE | O_CLOEXEC, 0)) < 0) {
137 return (B_TRUE);
140 if ((dirp = fdopendir(dirfd)) == NULL) {
141 (void) close(dirfd);
142 return (B_TRUE);
145 while ((dp = readdir64(dirp)) != NULL) {
147 if (strcmp(dp->d_name, ".") == 0 ||
148 strcmp(dp->d_name, "..") == 0)
149 continue;
151 (void) closedir(dirp);
152 return (B_FALSE);
155 (void) closedir(dirp);
156 return (B_TRUE);
160 * Returns true if the specified directory is empty. If we can't open the
161 * directory at all, return true so that the mount can fail with a more
162 * informative error message.
164 static boolean_t
165 dir_is_empty(const char *dirname)
167 struct statfs64 st;
170 * If the statvfs call fails or the filesystem is not a ZFS
171 * filesystem, fall back to the slow path which uses readdir.
173 if ((statfs64(dirname, &st) != 0) ||
174 (st.f_type != ZFS_SUPER_MAGIC)) {
175 return (dir_is_empty_readdir(dirname));
179 * At this point, we know the provided path is on a ZFS
180 * filesystem, so we can use stat instead of readdir to
181 * determine if the directory is empty or not. We try to avoid
182 * using readdir because that requires opening "dirname"; this
183 * open file descriptor can potentially end up in a child
184 * process if there's a concurrent fork, thus preventing the
185 * zfs_mount() from otherwise succeeding (the open file
186 * descriptor inherited by the child process will cause the
187 * parent's mount to fail with EBUSY). The performance
188 * implications of replacing the open, read, and close with a
189 * single stat is nice; but is not the main motivation for the
190 * added complexity.
192 return (dir_is_empty_stat(dirname));
196 * Checks to see if the mount is active. If the filesystem is mounted, we fill
197 * in 'where' with the current mountpoint, and return 1. Otherwise, we return
198 * 0.
200 boolean_t
201 is_mounted(libzfs_handle_t *zfs_hdl, const char *special, char **where)
203 struct mnttab entry;
205 if (libzfs_mnttab_find(zfs_hdl, special, &entry) != 0)
206 return (B_FALSE);
208 if (where != NULL)
209 *where = zfs_strdup(zfs_hdl, entry.mnt_mountp);
211 return (B_TRUE);
214 boolean_t
215 zfs_is_mounted(zfs_handle_t *zhp, char **where)
217 return (is_mounted(zhp->zfs_hdl, zfs_get_name(zhp), where));
221 * Checks any higher order concerns about whether the given dataset is
222 * mountable, false otherwise. zfs_is_mountable_internal specifically assumes
223 * that the caller has verified the sanity of mounting the dataset at
224 * its mountpoint to the extent the caller wants.
226 static boolean_t
227 zfs_is_mountable_internal(zfs_handle_t *zhp)
229 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED) &&
230 getzoneid() == GLOBAL_ZONEID)
231 return (B_FALSE);
233 return (B_TRUE);
237 * Returns true if the given dataset is mountable, false otherwise. Returns the
238 * mountpoint in 'buf'.
240 static boolean_t
241 zfs_is_mountable(zfs_handle_t *zhp, char *buf, size_t buflen,
242 zprop_source_t *source, int flags)
244 char sourceloc[MAXNAMELEN];
245 zprop_source_t sourcetype;
247 if (!zfs_prop_valid_for_type(ZFS_PROP_MOUNTPOINT, zhp->zfs_type,
248 B_FALSE))
249 return (B_FALSE);
251 verify(zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, buf, buflen,
252 &sourcetype, sourceloc, sizeof (sourceloc), B_FALSE) == 0);
254 if (strcmp(buf, ZFS_MOUNTPOINT_NONE) == 0 ||
255 strcmp(buf, ZFS_MOUNTPOINT_LEGACY) == 0)
256 return (B_FALSE);
258 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_OFF)
259 return (B_FALSE);
261 if (!zfs_is_mountable_internal(zhp))
262 return (B_FALSE);
264 if (zfs_prop_get_int(zhp, ZFS_PROP_REDACTED) && !(flags & MS_FORCE))
265 return (B_FALSE);
267 if (source)
268 *source = sourcetype;
270 return (B_TRUE);
274 * The filesystem is mounted by invoking the system mount utility rather
275 * than by the system call mount(2). This ensures that the /etc/mtab
276 * file is correctly locked for the update. Performing our own locking
277 * and /etc/mtab update requires making an unsafe assumption about how
278 * the mount utility performs its locking. Unfortunately, this also means
279 * in the case of a mount failure we do not have the exact errno. We must
280 * make due with return value from the mount process.
282 * In the long term a shared library called libmount is under development
283 * which provides a common API to address the locking and errno issues.
284 * Once the standard mount utility has been updated to use this library
285 * we can add an autoconf check to conditionally use it.
287 * http://www.kernel.org/pub/linux/utils/util-linux/libmount-docs/index.html
290 static int
291 zfs_add_option(zfs_handle_t *zhp, char *options, int len,
292 zfs_prop_t prop, const char *on, const char *off)
294 char *source;
295 uint64_t value;
297 /* Skip adding duplicate default options */
298 if ((strstr(options, on) != NULL) || (strstr(options, off) != NULL))
299 return (0);
302 * zfs_prop_get_int() is not used to ensure our mount options
303 * are not influenced by the current /proc/self/mounts contents.
305 value = getprop_uint64(zhp, prop, &source);
307 (void) strlcat(options, ",", len);
308 (void) strlcat(options, value ? on : off, len);
310 return (0);
313 static int
314 zfs_add_options(zfs_handle_t *zhp, char *options, int len)
316 int error = 0;
318 error = zfs_add_option(zhp, options, len,
319 ZFS_PROP_ATIME, MNTOPT_ATIME, MNTOPT_NOATIME);
321 * don't add relatime/strictatime when atime=off, otherwise strictatime
322 * will force atime=on
324 if (strstr(options, MNTOPT_NOATIME) == NULL) {
325 error = zfs_add_option(zhp, options, len,
326 ZFS_PROP_RELATIME, MNTOPT_RELATIME, MNTOPT_STRICTATIME);
328 error = error ? error : zfs_add_option(zhp, options, len,
329 ZFS_PROP_DEVICES, MNTOPT_DEVICES, MNTOPT_NODEVICES);
330 error = error ? error : zfs_add_option(zhp, options, len,
331 ZFS_PROP_EXEC, MNTOPT_EXEC, MNTOPT_NOEXEC);
332 error = error ? error : zfs_add_option(zhp, options, len,
333 ZFS_PROP_READONLY, MNTOPT_RO, MNTOPT_RW);
334 error = error ? error : zfs_add_option(zhp, options, len,
335 ZFS_PROP_SETUID, MNTOPT_SETUID, MNTOPT_NOSETUID);
336 error = error ? error : zfs_add_option(zhp, options, len,
337 ZFS_PROP_NBMAND, MNTOPT_NBMAND, MNTOPT_NONBMAND);
339 return (error);
343 zfs_mount(zfs_handle_t *zhp, const char *options, int flags)
345 char mountpoint[ZFS_MAXPROPLEN];
347 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL,
348 flags))
349 return (0);
351 return (zfs_mount_at(zhp, options, flags, mountpoint));
355 * Mount the given filesystem.
358 zfs_mount_at(zfs_handle_t *zhp, const char *options, int flags,
359 const char *mountpoint)
361 struct stat buf;
362 char mntopts[MNT_LINE_MAX];
363 char overlay[ZFS_MAXPROPLEN];
364 char prop_encroot[MAXNAMELEN];
365 boolean_t is_encroot;
366 zfs_handle_t *encroot_hp = zhp;
367 libzfs_handle_t *hdl = zhp->zfs_hdl;
368 uint64_t keystatus;
369 int remount = 0, rc;
371 if (options == NULL) {
372 (void) strlcpy(mntopts, MNTOPT_DEFAULTS, sizeof (mntopts));
373 } else {
374 (void) strlcpy(mntopts, options, sizeof (mntopts));
377 if (strstr(mntopts, MNTOPT_REMOUNT) != NULL)
378 remount = 1;
380 /* Potentially duplicates some checks if invoked by zfs_mount(). */
381 if (!zfs_is_mountable_internal(zhp))
382 return (0);
385 * If the pool is imported read-only then all mounts must be read-only
387 if (zpool_get_prop_int(zhp->zpool_hdl, ZPOOL_PROP_READONLY, NULL))
388 (void) strlcat(mntopts, "," MNTOPT_RO, sizeof (mntopts));
391 * Append default mount options which apply to the mount point.
392 * This is done because under Linux (unlike Solaris) multiple mount
393 * points may reference a single super block. This means that just
394 * given a super block there is no back reference to update the per
395 * mount point options.
397 rc = zfs_add_options(zhp, mntopts, sizeof (mntopts));
398 if (rc) {
399 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
400 "default options unavailable"));
401 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
402 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
403 mountpoint));
407 * If the filesystem is encrypted the key must be loaded in order to
408 * mount. If the key isn't loaded, the MS_CRYPT flag decides whether
409 * or not we attempt to load the keys. Note: we must call
410 * zfs_refresh_properties() here since some callers of this function
411 * (most notably zpool_enable_datasets()) may implicitly load our key
412 * by loading the parent's key first.
414 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
415 zfs_refresh_properties(zhp);
416 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS);
419 * If the key is unavailable and MS_CRYPT is set give the
420 * user a chance to enter the key. Otherwise just fail
421 * immediately.
423 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) {
424 if (flags & MS_CRYPT) {
425 rc = zfs_crypto_get_encryption_root(zhp,
426 &is_encroot, prop_encroot);
427 if (rc) {
428 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
429 "Failed to get encryption root for "
430 "'%s'."), zfs_get_name(zhp));
431 return (rc);
434 if (!is_encroot) {
435 encroot_hp = zfs_open(hdl, prop_encroot,
436 ZFS_TYPE_DATASET);
437 if (encroot_hp == NULL)
438 return (hdl->libzfs_error);
441 rc = zfs_crypto_load_key(encroot_hp,
442 B_FALSE, NULL);
444 if (!is_encroot)
445 zfs_close(encroot_hp);
446 if (rc)
447 return (rc);
448 } else {
449 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
450 "encryption key not loaded"));
451 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
452 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
453 mountpoint));
460 * Append zfsutil option so the mount helper allow the mount
462 strlcat(mntopts, "," MNTOPT_ZFSUTIL, sizeof (mntopts));
464 /* Create the directory if it doesn't already exist */
465 if (lstat(mountpoint, &buf) != 0) {
466 if (mkdirp(mountpoint, 0755) != 0) {
467 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
468 "failed to create mountpoint: %s"),
469 strerror(errno));
470 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
471 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
472 mountpoint));
477 * Overlay mounts are enabled by default but may be disabled
478 * via the 'overlay' property. The -O flag remains for compatibility.
480 if (!(flags & MS_OVERLAY)) {
481 if (zfs_prop_get(zhp, ZFS_PROP_OVERLAY, overlay,
482 sizeof (overlay), NULL, NULL, 0, B_FALSE) == 0) {
483 if (strcmp(overlay, "on") == 0) {
484 flags |= MS_OVERLAY;
490 * Determine if the mountpoint is empty. If so, refuse to perform the
491 * mount. We don't perform this check if 'remount' is
492 * specified or if overlay option (-O) is given
494 if ((flags & MS_OVERLAY) == 0 && !remount &&
495 !dir_is_empty(mountpoint)) {
496 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
497 "directory is not empty"));
498 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
499 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint));
502 /* perform the mount */
503 rc = do_mount(zhp, mountpoint, mntopts, flags);
504 if (rc) {
506 * Generic errors are nasty, but there are just way too many
507 * from mount(), and they're well-understood. We pick a few
508 * common ones to improve upon.
510 if (rc == EBUSY) {
511 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
512 "mountpoint or dataset is busy"));
513 } else if (rc == EPERM) {
514 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
515 "Insufficient privileges"));
516 } else if (rc == ENOTSUP) {
517 int spa_version;
519 VERIFY(zfs_spa_version(zhp, &spa_version) == 0);
520 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
521 "Can't mount a version %llu "
522 "file system on a version %d pool. Pool must be"
523 " upgraded to mount this file system."),
524 (u_longlong_t)zfs_prop_get_int(zhp,
525 ZFS_PROP_VERSION), spa_version);
526 } else {
527 zfs_error_aux(hdl, "%s", strerror(rc));
529 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
530 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
531 zhp->zfs_name));
534 /* remove the mounted entry before re-adding on remount */
535 if (remount)
536 libzfs_mnttab_remove(hdl, zhp->zfs_name);
538 /* add the mounted entry into our cache */
539 libzfs_mnttab_add(hdl, zfs_get_name(zhp), mountpoint, mntopts);
540 return (0);
544 * Unmount a single filesystem.
546 static int
547 unmount_one(zfs_handle_t *zhp, const char *mountpoint, int flags)
549 int error;
551 error = do_unmount(zhp, mountpoint, flags);
552 if (error != 0) {
553 int libzfs_err;
555 switch (error) {
556 case EBUSY:
557 libzfs_err = EZFS_BUSY;
558 break;
559 case EIO:
560 libzfs_err = EZFS_IO;
561 break;
562 case ENOENT:
563 libzfs_err = EZFS_NOENT;
564 break;
565 case ENOMEM:
566 libzfs_err = EZFS_NOMEM;
567 break;
568 case EPERM:
569 libzfs_err = EZFS_PERM;
570 break;
571 default:
572 libzfs_err = EZFS_UMOUNTFAILED;
574 if (zhp) {
575 return (zfs_error_fmt(zhp->zfs_hdl, libzfs_err,
576 dgettext(TEXT_DOMAIN, "cannot unmount '%s'"),
577 mountpoint));
578 } else {
579 return (-1);
583 return (0);
587 * Unmount the given filesystem.
590 zfs_unmount(zfs_handle_t *zhp, const char *mountpoint, int flags)
592 libzfs_handle_t *hdl = zhp->zfs_hdl;
593 struct mnttab entry;
594 char *mntpt = NULL;
595 boolean_t encroot, unmounted = B_FALSE;
597 /* check to see if we need to unmount the filesystem */
598 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) &&
599 libzfs_mnttab_find(hdl, zhp->zfs_name, &entry) == 0)) {
601 * mountpoint may have come from a call to
602 * getmnt/getmntany if it isn't NULL. If it is NULL,
603 * we know it comes from libzfs_mnttab_find which can
604 * then get freed later. We strdup it to play it safe.
606 if (mountpoint == NULL)
607 mntpt = zfs_strdup(hdl, entry.mnt_mountp);
608 else
609 mntpt = zfs_strdup(hdl, mountpoint);
612 * Unshare and unmount the filesystem
614 if (zfs_unshare(zhp, mntpt, share_all_proto) != 0) {
615 free(mntpt);
616 return (-1);
618 zfs_commit_shares(NULL);
620 if (unmount_one(zhp, mntpt, flags) != 0) {
621 free(mntpt);
622 (void) zfs_share(zhp, NULL);
623 zfs_commit_shares(NULL);
624 return (-1);
627 libzfs_mnttab_remove(hdl, zhp->zfs_name);
628 free(mntpt);
629 unmounted = B_TRUE;
633 * If the MS_CRYPT flag is provided we must ensure we attempt to
634 * unload the dataset's key regardless of whether we did any work
635 * to unmount it. We only do this for encryption roots.
637 if ((flags & MS_CRYPT) != 0 &&
638 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
639 zfs_refresh_properties(zhp);
641 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0 &&
642 unmounted) {
643 (void) zfs_mount(zhp, NULL, 0);
644 return (-1);
647 if (encroot && zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
648 ZFS_KEYSTATUS_AVAILABLE &&
649 zfs_crypto_unload_key(zhp) != 0) {
650 (void) zfs_mount(zhp, NULL, 0);
651 return (-1);
655 zpool_disable_volume_os(zhp->zfs_name);
657 return (0);
661 * Unmount this filesystem and any children inheriting the mountpoint property.
662 * To do this, just act like we're changing the mountpoint property, but don't
663 * remount the filesystems afterwards.
666 zfs_unmountall(zfs_handle_t *zhp, int flags)
668 prop_changelist_t *clp;
669 int ret;
671 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT,
672 CL_GATHER_ITER_MOUNTED, flags);
673 if (clp == NULL)
674 return (-1);
676 ret = changelist_prefix(clp);
677 changelist_free(clp);
679 return (ret);
683 * Unshare a filesystem by mountpoint.
685 static int
686 unshare_one(libzfs_handle_t *hdl, const char *name, const char *mountpoint,
687 enum sa_protocol proto)
689 int err = sa_disable_share(mountpoint, proto);
690 if (err != SA_OK)
691 return (zfs_error_fmt(hdl, proto_table[proto].p_unshare_err,
692 dgettext(TEXT_DOMAIN, "cannot unshare '%s': %s"),
693 name, sa_errorstr(err)));
695 return (0);
699 * Share the given filesystem according to the options in the specified
700 * protocol specific properties (sharenfs, sharesmb). We rely
701 * on "libshare" to do the dirty work for us.
704 zfs_share(zfs_handle_t *zhp, const enum sa_protocol *proto)
706 char mountpoint[ZFS_MAXPROPLEN];
707 char shareopts[ZFS_MAXPROPLEN];
708 char sourcestr[ZFS_MAXPROPLEN];
709 const enum sa_protocol *curr_proto;
710 zprop_source_t sourcetype;
711 int err = 0;
713 if (proto == NULL)
714 proto = share_all_proto;
716 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL, 0))
717 return (0);
719 for (curr_proto = proto; *curr_proto != SA_NO_PROTOCOL; curr_proto++) {
721 * Return success if there are no share options.
723 if (zfs_prop_get(zhp, proto_table[*curr_proto].p_prop,
724 shareopts, sizeof (shareopts), &sourcetype, sourcestr,
725 ZFS_MAXPROPLEN, B_FALSE) != 0 ||
726 strcmp(shareopts, "off") == 0)
727 continue;
730 * If the 'zoned' property is set, then zfs_is_mountable()
731 * will have already bailed out if we are in the global zone.
732 * But local zones cannot be NFS servers, so we ignore it for
733 * local zones as well.
735 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED))
736 continue;
738 err = sa_enable_share(zfs_get_name(zhp), mountpoint, shareopts,
739 *curr_proto);
740 if (err != SA_OK) {
741 return (zfs_error_fmt(zhp->zfs_hdl,
742 proto_table[*curr_proto].p_share_err,
743 dgettext(TEXT_DOMAIN, "cannot share '%s: %s'"),
744 zfs_get_name(zhp), sa_errorstr(err)));
748 return (0);
752 * Check to see if the filesystem is currently shared.
754 boolean_t
755 zfs_is_shared(zfs_handle_t *zhp, char **where,
756 const enum sa_protocol *proto)
758 char *mountpoint;
759 if (proto == NULL)
760 proto = share_all_proto;
762 if (ZFS_IS_VOLUME(zhp))
763 return (B_FALSE);
765 if (!zfs_is_mounted(zhp, &mountpoint))
766 return (B_FALSE);
768 for (const enum sa_protocol *p = proto; *p != SA_NO_PROTOCOL; ++p)
769 if (sa_is_shared(mountpoint, *p)) {
770 if (where != NULL)
771 *where = mountpoint;
772 else
773 free(mountpoint);
774 return (B_TRUE);
777 free(mountpoint);
778 return (B_FALSE);
781 void
782 zfs_commit_shares(const enum sa_protocol *proto)
784 if (proto == NULL)
785 proto = share_all_proto;
787 for (const enum sa_protocol *p = proto; *p != SA_NO_PROTOCOL; ++p)
788 sa_commit_shares(*p);
791 void
792 zfs_truncate_shares(const enum sa_protocol *proto)
794 if (proto == NULL)
795 proto = share_all_proto;
797 for (const enum sa_protocol *p = proto; *p != SA_NO_PROTOCOL; ++p)
798 sa_truncate_shares(*p);
802 * Unshare the given filesystem.
805 zfs_unshare(zfs_handle_t *zhp, const char *mountpoint,
806 const enum sa_protocol *proto)
808 libzfs_handle_t *hdl = zhp->zfs_hdl;
809 struct mnttab entry;
811 if (proto == NULL)
812 proto = share_all_proto;
814 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) &&
815 libzfs_mnttab_find(hdl, zfs_get_name(zhp), &entry) == 0)) {
817 /* check to see if need to unmount the filesystem */
818 const char *mntpt = mountpoint ?: entry.mnt_mountp;
820 for (const enum sa_protocol *curr_proto = proto;
821 *curr_proto != SA_NO_PROTOCOL; curr_proto++)
822 if (sa_is_shared(mntpt, *curr_proto) &&
823 unshare_one(hdl, zhp->zfs_name,
824 mntpt, *curr_proto) != 0)
825 return (-1);
828 return (0);
832 * Same as zfs_unmountall(), but for NFS and SMB unshares.
835 zfs_unshareall(zfs_handle_t *zhp, const enum sa_protocol *proto)
837 prop_changelist_t *clp;
838 int ret;
840 if (proto == NULL)
841 proto = share_all_proto;
843 clp = changelist_gather(zhp, ZFS_PROP_SHARENFS, 0, 0);
844 if (clp == NULL)
845 return (-1);
847 ret = changelist_unshare(clp, proto);
848 changelist_free(clp);
850 return (ret);
854 * Remove the mountpoint associated with the current dataset, if necessary.
855 * We only remove the underlying directory if:
857 * - The mountpoint is not 'none' or 'legacy'
858 * - The mountpoint is non-empty
859 * - The mountpoint is the default or inherited
860 * - The 'zoned' property is set, or we're in a local zone
862 * Any other directories we leave alone.
864 void
865 remove_mountpoint(zfs_handle_t *zhp)
867 char mountpoint[ZFS_MAXPROPLEN];
868 zprop_source_t source;
870 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint),
871 &source, 0))
872 return;
874 if (source == ZPROP_SRC_DEFAULT ||
875 source == ZPROP_SRC_INHERITED) {
877 * Try to remove the directory, silently ignoring any errors.
878 * The filesystem may have since been removed or moved around,
879 * and this error isn't really useful to the administrator in
880 * any way.
882 (void) rmdir(mountpoint);
887 * Add the given zfs handle to the cb_handles array, dynamically reallocating
888 * the array if it is out of space.
890 void
891 libzfs_add_handle(get_all_cb_t *cbp, zfs_handle_t *zhp)
893 if (cbp->cb_alloc == cbp->cb_used) {
894 size_t newsz;
895 zfs_handle_t **newhandles;
897 newsz = cbp->cb_alloc != 0 ? cbp->cb_alloc * 2 : 64;
898 newhandles = zfs_realloc(zhp->zfs_hdl,
899 cbp->cb_handles, cbp->cb_alloc * sizeof (zfs_handle_t *),
900 newsz * sizeof (zfs_handle_t *));
901 cbp->cb_handles = newhandles;
902 cbp->cb_alloc = newsz;
904 cbp->cb_handles[cbp->cb_used++] = zhp;
908 * Recursive helper function used during file system enumeration
910 static int
911 zfs_iter_cb(zfs_handle_t *zhp, void *data)
913 get_all_cb_t *cbp = data;
915 if (!(zfs_get_type(zhp) & ZFS_TYPE_FILESYSTEM)) {
916 zfs_close(zhp);
917 return (0);
920 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_NOAUTO) {
921 zfs_close(zhp);
922 return (0);
925 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
926 ZFS_KEYSTATUS_UNAVAILABLE) {
927 zfs_close(zhp);
928 return (0);
932 * If this filesystem is inconsistent and has a receive resume
933 * token, we can not mount it.
935 if (zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT) &&
936 zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
937 NULL, 0, NULL, NULL, 0, B_TRUE) == 0) {
938 zfs_close(zhp);
939 return (0);
942 libzfs_add_handle(cbp, zhp);
943 if (zfs_iter_filesystems(zhp, 0, zfs_iter_cb, cbp) != 0) {
944 zfs_close(zhp);
945 return (-1);
947 return (0);
951 * Sort comparator that compares two mountpoint paths. We sort these paths so
952 * that subdirectories immediately follow their parents. This means that we
953 * effectively treat the '/' character as the lowest value non-nul char.
954 * Since filesystems from non-global zones can have the same mountpoint
955 * as other filesystems, the comparator sorts global zone filesystems to
956 * the top of the list. This means that the global zone will traverse the
957 * filesystem list in the correct order and can stop when it sees the
958 * first zoned filesystem. In a non-global zone, only the delegated
959 * filesystems are seen.
961 * An example sorted list using this comparator would look like:
963 * /foo
964 * /foo/bar
965 * /foo/bar/baz
966 * /foo/baz
967 * /foo.bar
968 * /foo (NGZ1)
969 * /foo (NGZ2)
971 * The mounting code depends on this ordering to deterministically iterate
972 * over filesystems in order to spawn parallel mount tasks.
974 static int
975 mountpoint_cmp(const void *arga, const void *argb)
977 zfs_handle_t *const *zap = arga;
978 zfs_handle_t *za = *zap;
979 zfs_handle_t *const *zbp = argb;
980 zfs_handle_t *zb = *zbp;
981 char mounta[MAXPATHLEN];
982 char mountb[MAXPATHLEN];
983 const char *a = mounta;
984 const char *b = mountb;
985 boolean_t gota, gotb;
986 uint64_t zoneda, zonedb;
988 zoneda = zfs_prop_get_int(za, ZFS_PROP_ZONED);
989 zonedb = zfs_prop_get_int(zb, ZFS_PROP_ZONED);
990 if (zoneda && !zonedb)
991 return (1);
992 if (!zoneda && zonedb)
993 return (-1);
995 gota = (zfs_get_type(za) == ZFS_TYPE_FILESYSTEM);
996 if (gota) {
997 verify(zfs_prop_get(za, ZFS_PROP_MOUNTPOINT, mounta,
998 sizeof (mounta), NULL, NULL, 0, B_FALSE) == 0);
1000 gotb = (zfs_get_type(zb) == ZFS_TYPE_FILESYSTEM);
1001 if (gotb) {
1002 verify(zfs_prop_get(zb, ZFS_PROP_MOUNTPOINT, mountb,
1003 sizeof (mountb), NULL, NULL, 0, B_FALSE) == 0);
1006 if (gota && gotb) {
1007 while (*a != '\0' && (*a == *b)) {
1008 a++;
1009 b++;
1011 if (*a == *b)
1012 return (0);
1013 if (*a == '\0')
1014 return (-1);
1015 if (*b == '\0')
1016 return (1);
1017 if (*a == '/')
1018 return (-1);
1019 if (*b == '/')
1020 return (1);
1021 return (*a < *b ? -1 : *a > *b);
1024 if (gota)
1025 return (-1);
1026 if (gotb)
1027 return (1);
1030 * If neither filesystem has a mountpoint, revert to sorting by
1031 * dataset name.
1033 return (strcmp(zfs_get_name(za), zfs_get_name(zb)));
1037 * Return true if path2 is a child of path1 or path2 equals path1 or
1038 * path1 is "/" (path2 is always a child of "/").
1040 static boolean_t
1041 libzfs_path_contains(const char *path1, const char *path2)
1043 return (strcmp(path1, path2) == 0 || strcmp(path1, "/") == 0 ||
1044 (strstr(path2, path1) == path2 && path2[strlen(path1)] == '/'));
1048 * Given a mountpoint specified by idx in the handles array, find the first
1049 * non-descendent of that mountpoint and return its index. Descendant paths
1050 * start with the parent's path. This function relies on the ordering
1051 * enforced by mountpoint_cmp().
1053 static int
1054 non_descendant_idx(zfs_handle_t **handles, size_t num_handles, int idx)
1056 char parent[ZFS_MAXPROPLEN];
1057 char child[ZFS_MAXPROPLEN];
1058 int i;
1060 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, parent,
1061 sizeof (parent), NULL, NULL, 0, B_FALSE) == 0);
1063 for (i = idx + 1; i < num_handles; i++) {
1064 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT, child,
1065 sizeof (child), NULL, NULL, 0, B_FALSE) == 0);
1066 if (!libzfs_path_contains(parent, child))
1067 break;
1069 return (i);
1072 typedef struct mnt_param {
1073 libzfs_handle_t *mnt_hdl;
1074 tpool_t *mnt_tp;
1075 zfs_handle_t **mnt_zhps; /* filesystems to mount */
1076 size_t mnt_num_handles;
1077 int mnt_idx; /* Index of selected entry to mount */
1078 zfs_iter_f mnt_func;
1079 void *mnt_data;
1080 } mnt_param_t;
1083 * Allocate and populate the parameter struct for mount function, and
1084 * schedule mounting of the entry selected by idx.
1086 static void
1087 zfs_dispatch_mount(libzfs_handle_t *hdl, zfs_handle_t **handles,
1088 size_t num_handles, int idx, zfs_iter_f func, void *data, tpool_t *tp)
1090 mnt_param_t *mnt_param = zfs_alloc(hdl, sizeof (mnt_param_t));
1092 mnt_param->mnt_hdl = hdl;
1093 mnt_param->mnt_tp = tp;
1094 mnt_param->mnt_zhps = handles;
1095 mnt_param->mnt_num_handles = num_handles;
1096 mnt_param->mnt_idx = idx;
1097 mnt_param->mnt_func = func;
1098 mnt_param->mnt_data = data;
1100 (void) tpool_dispatch(tp, zfs_mount_task, (void*)mnt_param);
1104 * This is the structure used to keep state of mounting or sharing operations
1105 * during a call to zpool_enable_datasets().
1107 typedef struct mount_state {
1109 * ms_mntstatus is set to -1 if any mount fails. While multiple threads
1110 * could update this variable concurrently, no synchronization is
1111 * needed as it's only ever set to -1.
1113 int ms_mntstatus;
1114 int ms_mntflags;
1115 const char *ms_mntopts;
1116 } mount_state_t;
1118 static int
1119 zfs_mount_one(zfs_handle_t *zhp, void *arg)
1121 mount_state_t *ms = arg;
1122 int ret = 0;
1125 * don't attempt to mount encrypted datasets with
1126 * unloaded keys
1128 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
1129 ZFS_KEYSTATUS_UNAVAILABLE)
1130 return (0);
1132 if (zfs_mount(zhp, ms->ms_mntopts, ms->ms_mntflags) != 0)
1133 ret = ms->ms_mntstatus = -1;
1134 return (ret);
1137 static int
1138 zfs_share_one(zfs_handle_t *zhp, void *arg)
1140 mount_state_t *ms = arg;
1141 int ret = 0;
1143 if (zfs_share(zhp, NULL) != 0)
1144 ret = ms->ms_mntstatus = -1;
1145 return (ret);
1149 * Thread pool function to mount one file system. On completion, it finds and
1150 * schedules its children to be mounted. This depends on the sorting done in
1151 * zfs_foreach_mountpoint(). Note that the degenerate case (chain of entries
1152 * each descending from the previous) will have no parallelism since we always
1153 * have to wait for the parent to finish mounting before we can schedule
1154 * its children.
1156 static void
1157 zfs_mount_task(void *arg)
1159 mnt_param_t *mp = arg;
1160 int idx = mp->mnt_idx;
1161 zfs_handle_t **handles = mp->mnt_zhps;
1162 size_t num_handles = mp->mnt_num_handles;
1163 char mountpoint[ZFS_MAXPROPLEN];
1165 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, mountpoint,
1166 sizeof (mountpoint), NULL, NULL, 0, B_FALSE) == 0);
1168 if (mp->mnt_func(handles[idx], mp->mnt_data) != 0)
1169 goto out;
1172 * We dispatch tasks to mount filesystems with mountpoints underneath
1173 * this one. We do this by dispatching the next filesystem with a
1174 * descendant mountpoint of the one we just mounted, then skip all of
1175 * its descendants, dispatch the next descendant mountpoint, and so on.
1176 * The non_descendant_idx() function skips over filesystems that are
1177 * descendants of the filesystem we just dispatched.
1179 for (int i = idx + 1; i < num_handles;
1180 i = non_descendant_idx(handles, num_handles, i)) {
1181 char child[ZFS_MAXPROPLEN];
1182 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT,
1183 child, sizeof (child), NULL, NULL, 0, B_FALSE) == 0);
1185 if (!libzfs_path_contains(mountpoint, child))
1186 break; /* not a descendant, return */
1187 zfs_dispatch_mount(mp->mnt_hdl, handles, num_handles, i,
1188 mp->mnt_func, mp->mnt_data, mp->mnt_tp);
1191 out:
1192 free(mp);
1196 * Issue the func callback for each ZFS handle contained in the handles
1197 * array. This function is used to mount all datasets, and so this function
1198 * guarantees that filesystems for parent mountpoints are called before their
1199 * children. As such, before issuing any callbacks, we first sort the array
1200 * of handles by mountpoint.
1202 * Callbacks are issued in one of two ways:
1204 * 1. Sequentially: If the parallel argument is B_FALSE or the ZFS_SERIAL_MOUNT
1205 * environment variable is set, then we issue callbacks sequentially.
1207 * 2. In parallel: If the parallel argument is B_TRUE and the ZFS_SERIAL_MOUNT
1208 * environment variable is not set, then we use a tpool to dispatch threads
1209 * to mount filesystems in parallel. This function dispatches tasks to mount
1210 * the filesystems at the top-level mountpoints, and these tasks in turn
1211 * are responsible for recursively mounting filesystems in their children
1212 * mountpoints.
1214 void
1215 zfs_foreach_mountpoint(libzfs_handle_t *hdl, zfs_handle_t **handles,
1216 size_t num_handles, zfs_iter_f func, void *data, boolean_t parallel)
1218 zoneid_t zoneid = getzoneid();
1221 * The ZFS_SERIAL_MOUNT environment variable is an undocumented
1222 * variable that can be used as a convenience to do a/b comparison
1223 * of serial vs. parallel mounting.
1225 boolean_t serial_mount = !parallel ||
1226 (getenv("ZFS_SERIAL_MOUNT") != NULL);
1229 * Sort the datasets by mountpoint. See mountpoint_cmp for details
1230 * of how these are sorted.
1232 qsort(handles, num_handles, sizeof (zfs_handle_t *), mountpoint_cmp);
1234 if (serial_mount) {
1235 for (int i = 0; i < num_handles; i++) {
1236 func(handles[i], data);
1238 return;
1242 * Issue the callback function for each dataset using a parallel
1243 * algorithm that uses a thread pool to manage threads.
1245 tpool_t *tp = tpool_create(1, mount_tp_nthr, 0, NULL);
1248 * There may be multiple "top level" mountpoints outside of the pool's
1249 * root mountpoint, e.g.: /foo /bar. Dispatch a mount task for each of
1250 * these.
1252 for (int i = 0; i < num_handles;
1253 i = non_descendant_idx(handles, num_handles, i)) {
1255 * Since the mountpoints have been sorted so that the zoned
1256 * filesystems are at the end, a zoned filesystem seen from
1257 * the global zone means that we're done.
1259 if (zoneid == GLOBAL_ZONEID &&
1260 zfs_prop_get_int(handles[i], ZFS_PROP_ZONED))
1261 break;
1262 zfs_dispatch_mount(hdl, handles, num_handles, i, func, data,
1263 tp);
1266 tpool_wait(tp); /* wait for all scheduled mounts to complete */
1267 tpool_destroy(tp);
1271 * Mount and share all datasets within the given pool. This assumes that no
1272 * datasets within the pool are currently mounted.
1275 zpool_enable_datasets(zpool_handle_t *zhp, const char *mntopts, int flags)
1277 get_all_cb_t cb = { 0 };
1278 mount_state_t ms = { 0 };
1279 zfs_handle_t *zfsp;
1280 int ret = 0;
1282 if ((zfsp = zfs_open(zhp->zpool_hdl, zhp->zpool_name,
1283 ZFS_TYPE_DATASET)) == NULL)
1284 goto out;
1287 * Gather all non-snapshot datasets within the pool. Start by adding
1288 * the root filesystem for this pool to the list, and then iterate
1289 * over all child filesystems.
1291 libzfs_add_handle(&cb, zfsp);
1292 if (zfs_iter_filesystems(zfsp, 0, zfs_iter_cb, &cb) != 0)
1293 goto out;
1296 * Mount all filesystems
1298 ms.ms_mntopts = mntopts;
1299 ms.ms_mntflags = flags;
1300 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used,
1301 zfs_mount_one, &ms, B_TRUE);
1302 if (ms.ms_mntstatus != 0)
1303 ret = ms.ms_mntstatus;
1306 * Share all filesystems that need to be shared. This needs to be
1307 * a separate pass because libshare is not mt-safe, and so we need
1308 * to share serially.
1310 ms.ms_mntstatus = 0;
1311 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used,
1312 zfs_share_one, &ms, B_FALSE);
1313 if (ms.ms_mntstatus != 0)
1314 ret = ms.ms_mntstatus;
1315 else
1316 zfs_commit_shares(NULL);
1318 out:
1319 for (int i = 0; i < cb.cb_used; i++)
1320 zfs_close(cb.cb_handles[i]);
1321 free(cb.cb_handles);
1323 return (ret);
1326 struct sets_s {
1327 char *mountpoint;
1328 zfs_handle_t *dataset;
1331 static int
1332 mountpoint_compare(const void *a, const void *b)
1334 const struct sets_s *mounta = (struct sets_s *)a;
1335 const struct sets_s *mountb = (struct sets_s *)b;
1337 return (strcmp(mountb->mountpoint, mounta->mountpoint));
1341 * Unshare and unmount all datasets within the given pool. We don't want to
1342 * rely on traversing the DSL to discover the filesystems within the pool,
1343 * because this may be expensive (if not all of them are mounted), and can fail
1344 * arbitrarily (on I/O error, for example). Instead, we walk /proc/self/mounts
1345 * and gather all the filesystems that are currently mounted.
1348 zpool_disable_datasets(zpool_handle_t *zhp, boolean_t force)
1350 int used, alloc;
1351 FILE *mnttab;
1352 struct mnttab entry;
1353 size_t namelen;
1354 struct sets_s *sets = NULL;
1355 libzfs_handle_t *hdl = zhp->zpool_hdl;
1356 int i;
1357 int ret = -1;
1358 int flags = (force ? MS_FORCE : 0);
1360 namelen = strlen(zhp->zpool_name);
1362 if ((mnttab = fopen(MNTTAB, "re")) == NULL)
1363 return (ENOENT);
1365 used = alloc = 0;
1366 while (getmntent(mnttab, &entry) == 0) {
1368 * Ignore non-ZFS entries.
1370 if (entry.mnt_fstype == NULL ||
1371 strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0)
1372 continue;
1375 * Ignore filesystems not within this pool.
1377 if (entry.mnt_mountp == NULL ||
1378 strncmp(entry.mnt_special, zhp->zpool_name, namelen) != 0 ||
1379 (entry.mnt_special[namelen] != '/' &&
1380 entry.mnt_special[namelen] != '\0'))
1381 continue;
1384 * At this point we've found a filesystem within our pool. Add
1385 * it to our growing list.
1387 if (used == alloc) {
1388 if (alloc == 0) {
1389 sets = zfs_alloc(hdl,
1390 8 * sizeof (struct sets_s));
1391 alloc = 8;
1392 } else {
1393 sets = zfs_realloc(hdl, sets,
1394 alloc * sizeof (struct sets_s),
1395 alloc * 2 * sizeof (struct sets_s));
1397 alloc *= 2;
1401 sets[used].mountpoint = zfs_strdup(hdl, entry.mnt_mountp);
1404 * This is allowed to fail, in case there is some I/O error. It
1405 * is only used to determine if we need to remove the underlying
1406 * mountpoint, so failure is not fatal.
1408 sets[used].dataset = make_dataset_handle(hdl,
1409 entry.mnt_special);
1411 used++;
1415 * At this point, we have the entire list of filesystems, so sort it by
1416 * mountpoint.
1418 if (used != 0)
1419 qsort(sets, used, sizeof (struct sets_s), mountpoint_compare);
1422 * Walk through and first unshare everything.
1424 for (i = 0; i < used; i++) {
1425 for (enum sa_protocol p = 0; p < SA_PROTOCOL_COUNT; ++p) {
1426 if (sa_is_shared(sets[i].mountpoint, p) &&
1427 unshare_one(hdl, sets[i].mountpoint,
1428 sets[i].mountpoint, p) != 0)
1429 goto out;
1432 zfs_commit_shares(NULL);
1435 * Now unmount everything, removing the underlying directories as
1436 * appropriate.
1438 for (i = 0; i < used; i++) {
1439 if (unmount_one(sets[i].dataset, sets[i].mountpoint,
1440 flags) != 0)
1441 goto out;
1444 for (i = 0; i < used; i++) {
1445 if (sets[i].dataset)
1446 remove_mountpoint(sets[i].dataset);
1449 zpool_disable_datasets_os(zhp, force);
1451 ret = 0;
1452 out:
1453 (void) fclose(mnttab);
1454 for (i = 0; i < used; i++) {
1455 if (sets[i].dataset)
1456 zfs_close(sets[i].dataset);
1457 free(sets[i].mountpoint);
1459 free(sets);
1461 return (ret);