dmu_send.c revision 288553
1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright 2011 Nexenta Systems, Inc. All rights reserved. 24 * Copyright (c) 2011, 2014 by Delphix. All rights reserved. 25 * Copyright (c) 2014, Joyent, Inc. All rights reserved. 26 * Copyright (c) 2012, Martin Matuska <mm@FreeBSD.org>. All rights reserved. 27 * Copyright 2014 HybridCluster. All rights reserved. 28 */ 29 30#include <sys/dmu.h> 31#include <sys/dmu_impl.h> 32#include <sys/dmu_tx.h> 33#include <sys/dbuf.h> 34#include <sys/dnode.h> 35#include <sys/zfs_context.h> 36#include <sys/dmu_objset.h> 37#include <sys/dmu_traverse.h> 38#include <sys/dsl_dataset.h> 39#include <sys/dsl_dir.h> 40#include <sys/dsl_prop.h> 41#include <sys/dsl_pool.h> 42#include <sys/dsl_synctask.h> 43#include <sys/zfs_ioctl.h> 44#include <sys/zap.h> 45#include <sys/zio_checksum.h> 46#include <sys/zfs_znode.h> 47#include <zfs_fletcher.h> 48#include <sys/avl.h> 49#include <sys/ddt.h> 50#include <sys/zfs_onexit.h> 51#include <sys/dmu_send.h> 52#include <sys/dsl_destroy.h> 53#include <sys/blkptr.h> 54#include <sys/dsl_bookmark.h> 55#include <sys/zfeature.h> 56 57#ifdef __FreeBSD__ 58#undef dump_write 59#define dump_write dmu_dump_write 60#endif 61 62/* Set this tunable to TRUE to replace corrupt data with 0x2f5baddb10c */ 63int zfs_send_corrupt_data = B_FALSE; 64 65static char *dmu_recv_tag = "dmu_recv_tag"; 66static const char *recv_clone_name = "%recv"; 67 68static int 69dump_bytes(dmu_sendarg_t *dsp, void *buf, int len) 70{ 71 dsl_dataset_t *ds = dsp->dsa_os->os_dsl_dataset; 72 struct uio auio; 73 struct iovec aiov; 74 ASSERT0(len % 8); 75 76 aiov.iov_base = buf; 77 aiov.iov_len = len; 78 auio.uio_iov = &aiov; 79 auio.uio_iovcnt = 1; 80 auio.uio_resid = len; 81 auio.uio_segflg = UIO_SYSSPACE; 82 auio.uio_rw = UIO_WRITE; 83 auio.uio_offset = (off_t)-1; 84 auio.uio_td = dsp->dsa_td; 85#ifdef _KERNEL 86 if (dsp->dsa_fp->f_type == DTYPE_VNODE) 87 bwillwrite(); 88 dsp->dsa_err = fo_write(dsp->dsa_fp, &auio, dsp->dsa_td->td_ucred, 0, 89 dsp->dsa_td); 90#else 91 fprintf(stderr, "%s: returning EOPNOTSUPP\n", __func__); 92 dsp->dsa_err = EOPNOTSUPP; 93#endif 94 mutex_enter(&ds->ds_sendstream_lock); 95 *dsp->dsa_off += len; 96 mutex_exit(&ds->ds_sendstream_lock); 97 98 return (dsp->dsa_err); 99} 100 101/* 102 * For all record types except BEGIN, fill in the checksum (overlaid in 103 * drr_u.drr_checksum.drr_checksum). The checksum verifies everything 104 * up to the start of the checksum itself. 105 */ 106static int 107dump_record(dmu_sendarg_t *dsp, void *payload, int payload_len) 108{ 109 ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), 110 ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t)); 111 fletcher_4_incremental_native(dsp->dsa_drr, 112 offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), 113 &dsp->dsa_zc); 114 if (dsp->dsa_drr->drr_type != DRR_BEGIN) { 115 ASSERT(ZIO_CHECKSUM_IS_ZERO(&dsp->dsa_drr->drr_u. 116 drr_checksum.drr_checksum)); 117 dsp->dsa_drr->drr_u.drr_checksum.drr_checksum = dsp->dsa_zc; 118 } 119 fletcher_4_incremental_native(&dsp->dsa_drr-> 120 drr_u.drr_checksum.drr_checksum, 121 sizeof (zio_cksum_t), &dsp->dsa_zc); 122 if (dump_bytes(dsp, dsp->dsa_drr, sizeof (dmu_replay_record_t)) != 0) 123 return (SET_ERROR(EINTR)); 124 if (payload_len != 0) { 125 fletcher_4_incremental_native(payload, payload_len, 126 &dsp->dsa_zc); 127 if (dump_bytes(dsp, payload, payload_len) != 0) 128 return (SET_ERROR(EINTR)); 129 } 130 return (0); 131} 132 133static int 134dump_free(dmu_sendarg_t *dsp, uint64_t object, uint64_t offset, 135 uint64_t length) 136{ 137 struct drr_free *drrf = &(dsp->dsa_drr->drr_u.drr_free); 138 139 /* 140 * When we receive a free record, dbuf_free_range() assumes 141 * that the receiving system doesn't have any dbufs in the range 142 * being freed. This is always true because there is a one-record 143 * constraint: we only send one WRITE record for any given 144 * object+offset. We know that the one-record constraint is 145 * true because we always send data in increasing order by 146 * object,offset. 147 * 148 * If the increasing-order constraint ever changes, we should find 149 * another way to assert that the one-record constraint is still 150 * satisfied. 151 */ 152 ASSERT(object > dsp->dsa_last_data_object || 153 (object == dsp->dsa_last_data_object && 154 offset > dsp->dsa_last_data_offset)); 155 156 /* 157 * If we are doing a non-incremental send, then there can't 158 * be any data in the dataset we're receiving into. Therefore 159 * a free record would simply be a no-op. Save space by not 160 * sending it to begin with. 161 */ 162 if (!dsp->dsa_incremental) 163 return (0); 164 165 if (length != -1ULL && offset + length < offset) 166 length = -1ULL; 167 168 /* 169 * If there is a pending op, but it's not PENDING_FREE, push it out, 170 * since free block aggregation can only be done for blocks of the 171 * same type (i.e., DRR_FREE records can only be aggregated with 172 * other DRR_FREE records. DRR_FREEOBJECTS records can only be 173 * aggregated with other DRR_FREEOBJECTS records. 174 */ 175 if (dsp->dsa_pending_op != PENDING_NONE && 176 dsp->dsa_pending_op != PENDING_FREE) { 177 if (dump_record(dsp, NULL, 0) != 0) 178 return (SET_ERROR(EINTR)); 179 dsp->dsa_pending_op = PENDING_NONE; 180 } 181 182 if (dsp->dsa_pending_op == PENDING_FREE) { 183 /* 184 * There should never be a PENDING_FREE if length is -1 185 * (because dump_dnode is the only place where this 186 * function is called with a -1, and only after flushing 187 * any pending record). 188 */ 189 ASSERT(length != -1ULL); 190 /* 191 * Check to see whether this free block can be aggregated 192 * with pending one. 193 */ 194 if (drrf->drr_object == object && drrf->drr_offset + 195 drrf->drr_length == offset) { 196 drrf->drr_length += length; 197 return (0); 198 } else { 199 /* not a continuation. Push out pending record */ 200 if (dump_record(dsp, NULL, 0) != 0) 201 return (SET_ERROR(EINTR)); 202 dsp->dsa_pending_op = PENDING_NONE; 203 } 204 } 205 /* create a FREE record and make it pending */ 206 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t)); 207 dsp->dsa_drr->drr_type = DRR_FREE; 208 drrf->drr_object = object; 209 drrf->drr_offset = offset; 210 drrf->drr_length = length; 211 drrf->drr_toguid = dsp->dsa_toguid; 212 if (length == -1ULL) { 213 if (dump_record(dsp, NULL, 0) != 0) 214 return (SET_ERROR(EINTR)); 215 } else { 216 dsp->dsa_pending_op = PENDING_FREE; 217 } 218 219 return (0); 220} 221 222static int 223dump_write(dmu_sendarg_t *dsp, dmu_object_type_t type, 224 uint64_t object, uint64_t offset, int blksz, const blkptr_t *bp, void *data) 225{ 226 struct drr_write *drrw = &(dsp->dsa_drr->drr_u.drr_write); 227 228 /* 229 * We send data in increasing object, offset order. 230 * See comment in dump_free() for details. 231 */ 232 ASSERT(object > dsp->dsa_last_data_object || 233 (object == dsp->dsa_last_data_object && 234 offset > dsp->dsa_last_data_offset)); 235 dsp->dsa_last_data_object = object; 236 dsp->dsa_last_data_offset = offset + blksz - 1; 237 238 /* 239 * If there is any kind of pending aggregation (currently either 240 * a grouping of free objects or free blocks), push it out to 241 * the stream, since aggregation can't be done across operations 242 * of different types. 243 */ 244 if (dsp->dsa_pending_op != PENDING_NONE) { 245 if (dump_record(dsp, NULL, 0) != 0) 246 return (SET_ERROR(EINTR)); 247 dsp->dsa_pending_op = PENDING_NONE; 248 } 249 /* write a WRITE record */ 250 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t)); 251 dsp->dsa_drr->drr_type = DRR_WRITE; 252 drrw->drr_object = object; 253 drrw->drr_type = type; 254 drrw->drr_offset = offset; 255 drrw->drr_length = blksz; 256 drrw->drr_toguid = dsp->dsa_toguid; 257 if (bp == NULL || BP_IS_EMBEDDED(bp)) { 258 /* 259 * There's no pre-computed checksum for partial-block 260 * writes or embedded BP's, so (like 261 * fletcher4-checkummed blocks) userland will have to 262 * compute a dedup-capable checksum itself. 263 */ 264 drrw->drr_checksumtype = ZIO_CHECKSUM_OFF; 265 } else { 266 drrw->drr_checksumtype = BP_GET_CHECKSUM(bp); 267 if (zio_checksum_table[drrw->drr_checksumtype].ci_dedup) 268 drrw->drr_checksumflags |= DRR_CHECKSUM_DEDUP; 269 DDK_SET_LSIZE(&drrw->drr_key, BP_GET_LSIZE(bp)); 270 DDK_SET_PSIZE(&drrw->drr_key, BP_GET_PSIZE(bp)); 271 DDK_SET_COMPRESS(&drrw->drr_key, BP_GET_COMPRESS(bp)); 272 drrw->drr_key.ddk_cksum = bp->blk_cksum; 273 } 274 275 if (dump_record(dsp, data, blksz) != 0) 276 return (SET_ERROR(EINTR)); 277 return (0); 278} 279 280static int 281dump_write_embedded(dmu_sendarg_t *dsp, uint64_t object, uint64_t offset, 282 int blksz, const blkptr_t *bp) 283{ 284 char buf[BPE_PAYLOAD_SIZE]; 285 struct drr_write_embedded *drrw = 286 &(dsp->dsa_drr->drr_u.drr_write_embedded); 287 288 if (dsp->dsa_pending_op != PENDING_NONE) { 289 if (dump_record(dsp, NULL, 0) != 0) 290 return (EINTR); 291 dsp->dsa_pending_op = PENDING_NONE; 292 } 293 294 ASSERT(BP_IS_EMBEDDED(bp)); 295 296 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t)); 297 dsp->dsa_drr->drr_type = DRR_WRITE_EMBEDDED; 298 drrw->drr_object = object; 299 drrw->drr_offset = offset; 300 drrw->drr_length = blksz; 301 drrw->drr_toguid = dsp->dsa_toguid; 302 drrw->drr_compression = BP_GET_COMPRESS(bp); 303 drrw->drr_etype = BPE_GET_ETYPE(bp); 304 drrw->drr_lsize = BPE_GET_LSIZE(bp); 305 drrw->drr_psize = BPE_GET_PSIZE(bp); 306 307 decode_embedded_bp_compressed(bp, buf); 308 309 if (dump_record(dsp, buf, P2ROUNDUP(drrw->drr_psize, 8)) != 0) 310 return (EINTR); 311 return (0); 312} 313 314static int 315dump_spill(dmu_sendarg_t *dsp, uint64_t object, int blksz, void *data) 316{ 317 struct drr_spill *drrs = &(dsp->dsa_drr->drr_u.drr_spill); 318 319 if (dsp->dsa_pending_op != PENDING_NONE) { 320 if (dump_record(dsp, NULL, 0) != 0) 321 return (SET_ERROR(EINTR)); 322 dsp->dsa_pending_op = PENDING_NONE; 323 } 324 325 /* write a SPILL record */ 326 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t)); 327 dsp->dsa_drr->drr_type = DRR_SPILL; 328 drrs->drr_object = object; 329 drrs->drr_length = blksz; 330 drrs->drr_toguid = dsp->dsa_toguid; 331 332 if (dump_record(dsp, data, blksz) != 0) 333 return (SET_ERROR(EINTR)); 334 return (0); 335} 336 337static int 338dump_freeobjects(dmu_sendarg_t *dsp, uint64_t firstobj, uint64_t numobjs) 339{ 340 struct drr_freeobjects *drrfo = &(dsp->dsa_drr->drr_u.drr_freeobjects); 341 342 /* See comment in dump_free(). */ 343 if (!dsp->dsa_incremental) 344 return (0); 345 346 /* 347 * If there is a pending op, but it's not PENDING_FREEOBJECTS, 348 * push it out, since free block aggregation can only be done for 349 * blocks of the same type (i.e., DRR_FREE records can only be 350 * aggregated with other DRR_FREE records. DRR_FREEOBJECTS records 351 * can only be aggregated with other DRR_FREEOBJECTS records. 352 */ 353 if (dsp->dsa_pending_op != PENDING_NONE && 354 dsp->dsa_pending_op != PENDING_FREEOBJECTS) { 355 if (dump_record(dsp, NULL, 0) != 0) 356 return (SET_ERROR(EINTR)); 357 dsp->dsa_pending_op = PENDING_NONE; 358 } 359 if (dsp->dsa_pending_op == PENDING_FREEOBJECTS) { 360 /* 361 * See whether this free object array can be aggregated 362 * with pending one 363 */ 364 if (drrfo->drr_firstobj + drrfo->drr_numobjs == firstobj) { 365 drrfo->drr_numobjs += numobjs; 366 return (0); 367 } else { 368 /* can't be aggregated. Push out pending record */ 369 if (dump_record(dsp, NULL, 0) != 0) 370 return (SET_ERROR(EINTR)); 371 dsp->dsa_pending_op = PENDING_NONE; 372 } 373 } 374 375 /* write a FREEOBJECTS record */ 376 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t)); 377 dsp->dsa_drr->drr_type = DRR_FREEOBJECTS; 378 drrfo->drr_firstobj = firstobj; 379 drrfo->drr_numobjs = numobjs; 380 drrfo->drr_toguid = dsp->dsa_toguid; 381 382 dsp->dsa_pending_op = PENDING_FREEOBJECTS; 383 384 return (0); 385} 386 387static int 388dump_dnode(dmu_sendarg_t *dsp, uint64_t object, dnode_phys_t *dnp) 389{ 390 struct drr_object *drro = &(dsp->dsa_drr->drr_u.drr_object); 391 392 if (dnp == NULL || dnp->dn_type == DMU_OT_NONE) 393 return (dump_freeobjects(dsp, object, 1)); 394 395 if (dsp->dsa_pending_op != PENDING_NONE) { 396 if (dump_record(dsp, NULL, 0) != 0) 397 return (SET_ERROR(EINTR)); 398 dsp->dsa_pending_op = PENDING_NONE; 399 } 400 401 /* write an OBJECT record */ 402 bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t)); 403 dsp->dsa_drr->drr_type = DRR_OBJECT; 404 drro->drr_object = object; 405 drro->drr_type = dnp->dn_type; 406 drro->drr_bonustype = dnp->dn_bonustype; 407 drro->drr_blksz = dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT; 408 drro->drr_bonuslen = dnp->dn_bonuslen; 409 drro->drr_checksumtype = dnp->dn_checksum; 410 drro->drr_compress = dnp->dn_compress; 411 drro->drr_toguid = dsp->dsa_toguid; 412 413 if (!(dsp->dsa_featureflags & DMU_BACKUP_FEATURE_LARGE_BLOCKS) && 414 drro->drr_blksz > SPA_OLD_MAXBLOCKSIZE) 415 drro->drr_blksz = SPA_OLD_MAXBLOCKSIZE; 416 417 if (dump_record(dsp, DN_BONUS(dnp), 418 P2ROUNDUP(dnp->dn_bonuslen, 8)) != 0) { 419 return (SET_ERROR(EINTR)); 420 } 421 422 /* Free anything past the end of the file. */ 423 if (dump_free(dsp, object, (dnp->dn_maxblkid + 1) * 424 (dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT), -1ULL) != 0) 425 return (SET_ERROR(EINTR)); 426 if (dsp->dsa_err != 0) 427 return (SET_ERROR(EINTR)); 428 return (0); 429} 430 431static boolean_t 432backup_do_embed(dmu_sendarg_t *dsp, const blkptr_t *bp) 433{ 434 if (!BP_IS_EMBEDDED(bp)) 435 return (B_FALSE); 436 437 /* 438 * Compression function must be legacy, or explicitly enabled. 439 */ 440 if ((BP_GET_COMPRESS(bp) >= ZIO_COMPRESS_LEGACY_FUNCTIONS && 441 !(dsp->dsa_featureflags & DMU_BACKUP_FEATURE_EMBED_DATA_LZ4))) 442 return (B_FALSE); 443 444 /* 445 * Embed type must be explicitly enabled. 446 */ 447 switch (BPE_GET_ETYPE(bp)) { 448 case BP_EMBEDDED_TYPE_DATA: 449 if (dsp->dsa_featureflags & DMU_BACKUP_FEATURE_EMBED_DATA) 450 return (B_TRUE); 451 break; 452 default: 453 return (B_FALSE); 454 } 455 return (B_FALSE); 456} 457 458#define BP_SPAN(dnp, level) \ 459 (((uint64_t)dnp->dn_datablkszsec) << (SPA_MINBLOCKSHIFT + \ 460 (level) * (dnp->dn_indblkshift - SPA_BLKPTRSHIFT))) 461 462/* ARGSUSED */ 463static int 464backup_cb(spa_t *spa, zilog_t *zilog, const blkptr_t *bp, 465 const zbookmark_phys_t *zb, const dnode_phys_t *dnp, void *arg) 466{ 467 dmu_sendarg_t *dsp = arg; 468 dmu_object_type_t type = bp ? BP_GET_TYPE(bp) : DMU_OT_NONE; 469 int err = 0; 470 471 if (issig(JUSTLOOKING) && issig(FORREAL)) 472 return (SET_ERROR(EINTR)); 473 474 if (zb->zb_object != DMU_META_DNODE_OBJECT && 475 DMU_OBJECT_IS_SPECIAL(zb->zb_object)) { 476 return (0); 477 } else if (zb->zb_level == ZB_ZIL_LEVEL) { 478 /* 479 * If we are sending a non-snapshot (which is allowed on 480 * read-only pools), it may have a ZIL, which must be ignored. 481 */ 482 return (0); 483 } else if (BP_IS_HOLE(bp) && 484 zb->zb_object == DMU_META_DNODE_OBJECT) { 485 uint64_t span = BP_SPAN(dnp, zb->zb_level); 486 uint64_t dnobj = (zb->zb_blkid * span) >> DNODE_SHIFT; 487 err = dump_freeobjects(dsp, dnobj, span >> DNODE_SHIFT); 488 } else if (BP_IS_HOLE(bp)) { 489 uint64_t span = BP_SPAN(dnp, zb->zb_level); 490 err = dump_free(dsp, zb->zb_object, zb->zb_blkid * span, span); 491 } else if (zb->zb_level > 0 || type == DMU_OT_OBJSET) { 492 return (0); 493 } else if (type == DMU_OT_DNODE) { 494 dnode_phys_t *blk; 495 int i; 496 int blksz = BP_GET_LSIZE(bp); 497 arc_flags_t aflags = ARC_FLAG_WAIT; 498 arc_buf_t *abuf; 499 500 if (arc_read(NULL, spa, bp, arc_getbuf_func, &abuf, 501 ZIO_PRIORITY_ASYNC_READ, ZIO_FLAG_CANFAIL, 502 &aflags, zb) != 0) 503 return (SET_ERROR(EIO)); 504 505 blk = abuf->b_data; 506 for (i = 0; i < blksz >> DNODE_SHIFT; i++) { 507 uint64_t dnobj = (zb->zb_blkid << 508 (DNODE_BLOCK_SHIFT - DNODE_SHIFT)) + i; 509 err = dump_dnode(dsp, dnobj, blk+i); 510 if (err != 0) 511 break; 512 } 513 (void) arc_buf_remove_ref(abuf, &abuf); 514 } else if (type == DMU_OT_SA) { 515 arc_flags_t aflags = ARC_FLAG_WAIT; 516 arc_buf_t *abuf; 517 int blksz = BP_GET_LSIZE(bp); 518 519 if (arc_read(NULL, spa, bp, arc_getbuf_func, &abuf, 520 ZIO_PRIORITY_ASYNC_READ, ZIO_FLAG_CANFAIL, 521 &aflags, zb) != 0) 522 return (SET_ERROR(EIO)); 523 524 err = dump_spill(dsp, zb->zb_object, blksz, abuf->b_data); 525 (void) arc_buf_remove_ref(abuf, &abuf); 526 } else if (backup_do_embed(dsp, bp)) { 527 /* it's an embedded level-0 block of a regular object */ 528 int blksz = dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT; 529 err = dump_write_embedded(dsp, zb->zb_object, 530 zb->zb_blkid * blksz, blksz, bp); 531 } else { /* it's a level-0 block of a regular object */ 532 arc_flags_t aflags = ARC_FLAG_WAIT; 533 arc_buf_t *abuf; 534 int blksz = BP_GET_LSIZE(bp); 535 uint64_t offset; 536 537 ASSERT3U(blksz, ==, dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT); 538 ASSERT0(zb->zb_level); 539 if (arc_read(NULL, spa, bp, arc_getbuf_func, &abuf, 540 ZIO_PRIORITY_ASYNC_READ, ZIO_FLAG_CANFAIL, 541 &aflags, zb) != 0) { 542 if (zfs_send_corrupt_data) { 543 /* Send a block filled with 0x"zfs badd bloc" */ 544 abuf = arc_buf_alloc(spa, blksz, &abuf, 545 ARC_BUFC_DATA); 546 uint64_t *ptr; 547 for (ptr = abuf->b_data; 548 (char *)ptr < (char *)abuf->b_data + blksz; 549 ptr++) 550 *ptr = 0x2f5baddb10cULL; 551 } else { 552 return (SET_ERROR(EIO)); 553 } 554 } 555 556 offset = zb->zb_blkid * blksz; 557 558 if (!(dsp->dsa_featureflags & 559 DMU_BACKUP_FEATURE_LARGE_BLOCKS) && 560 blksz > SPA_OLD_MAXBLOCKSIZE) { 561 char *buf = abuf->b_data; 562 while (blksz > 0 && err == 0) { 563 int n = MIN(blksz, SPA_OLD_MAXBLOCKSIZE); 564 err = dump_write(dsp, type, zb->zb_object, 565 offset, n, NULL, buf); 566 offset += n; 567 buf += n; 568 blksz -= n; 569 } 570 } else { 571 err = dump_write(dsp, type, zb->zb_object, 572 offset, blksz, bp, abuf->b_data); 573 } 574 (void) arc_buf_remove_ref(abuf, &abuf); 575 } 576 577 ASSERT(err == 0 || err == EINTR); 578 return (err); 579} 580 581/* 582 * Releases dp using the specified tag. 583 */ 584static int 585dmu_send_impl(void *tag, dsl_pool_t *dp, dsl_dataset_t *ds, 586 zfs_bookmark_phys_t *fromzb, boolean_t is_clone, boolean_t embedok, 587#ifdef illumos 588 boolean_t large_block_ok, int outfd, vnode_t *vp, offset_t *off) 589#else 590 boolean_t large_block_ok, int outfd, struct file *fp, offset_t *off) 591#endif 592{ 593 objset_t *os; 594 dmu_replay_record_t *drr; 595 dmu_sendarg_t *dsp; 596 int err; 597 uint64_t fromtxg = 0; 598 uint64_t featureflags = 0; 599 600 err = dmu_objset_from_ds(ds, &os); 601 if (err != 0) { 602 dsl_pool_rele(dp, tag); 603 return (err); 604 } 605 606 drr = kmem_zalloc(sizeof (dmu_replay_record_t), KM_SLEEP); 607 drr->drr_type = DRR_BEGIN; 608 drr->drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC; 609 DMU_SET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo, 610 DMU_SUBSTREAM); 611 612#ifdef _KERNEL 613 if (dmu_objset_type(os) == DMU_OST_ZFS) { 614 uint64_t version; 615 if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &version) != 0) { 616 kmem_free(drr, sizeof (dmu_replay_record_t)); 617 dsl_pool_rele(dp, tag); 618 return (SET_ERROR(EINVAL)); 619 } 620 if (version >= ZPL_VERSION_SA) { 621 featureflags |= DMU_BACKUP_FEATURE_SA_SPILL; 622 } 623 } 624#endif 625 626 if (large_block_ok && ds->ds_large_blocks) 627 featureflags |= DMU_BACKUP_FEATURE_LARGE_BLOCKS; 628 if (embedok && 629 spa_feature_is_active(dp->dp_spa, SPA_FEATURE_EMBEDDED_DATA)) { 630 featureflags |= DMU_BACKUP_FEATURE_EMBED_DATA; 631 if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_LZ4_COMPRESS)) 632 featureflags |= DMU_BACKUP_FEATURE_EMBED_DATA_LZ4; 633 } else { 634 embedok = B_FALSE; 635 } 636 637 DMU_SET_FEATUREFLAGS(drr->drr_u.drr_begin.drr_versioninfo, 638 featureflags); 639 640 drr->drr_u.drr_begin.drr_creation_time = 641 dsl_dataset_phys(ds)->ds_creation_time; 642 drr->drr_u.drr_begin.drr_type = dmu_objset_type(os); 643 if (is_clone) 644 drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_CLONE; 645 drr->drr_u.drr_begin.drr_toguid = dsl_dataset_phys(ds)->ds_guid; 646 if (dsl_dataset_phys(ds)->ds_flags & DS_FLAG_CI_DATASET) 647 drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_CI_DATA; 648 649 if (fromzb != NULL) { 650 drr->drr_u.drr_begin.drr_fromguid = fromzb->zbm_guid; 651 fromtxg = fromzb->zbm_creation_txg; 652 } 653 dsl_dataset_name(ds, drr->drr_u.drr_begin.drr_toname); 654 if (!ds->ds_is_snapshot) { 655 (void) strlcat(drr->drr_u.drr_begin.drr_toname, "@--head--", 656 sizeof (drr->drr_u.drr_begin.drr_toname)); 657 } 658 659 dsp = kmem_zalloc(sizeof (dmu_sendarg_t), KM_SLEEP); 660 661 dsp->dsa_drr = drr; 662 dsp->dsa_outfd = outfd; 663 dsp->dsa_proc = curproc; 664 dsp->dsa_td = curthread; 665 dsp->dsa_fp = fp; 666 dsp->dsa_os = os; 667 dsp->dsa_off = off; 668 dsp->dsa_toguid = dsl_dataset_phys(ds)->ds_guid; 669 dsp->dsa_pending_op = PENDING_NONE; 670 dsp->dsa_incremental = (fromzb != NULL); 671 dsp->dsa_featureflags = featureflags; 672 673 mutex_enter(&ds->ds_sendstream_lock); 674 list_insert_head(&ds->ds_sendstreams, dsp); 675 mutex_exit(&ds->ds_sendstream_lock); 676 677 dsl_dataset_long_hold(ds, FTAG); 678 dsl_pool_rele(dp, tag); 679 680 if (dump_record(dsp, NULL, 0) != 0) { 681 err = dsp->dsa_err; 682 goto out; 683 } 684 685 err = traverse_dataset(ds, fromtxg, TRAVERSE_PRE | TRAVERSE_PREFETCH, 686 backup_cb, dsp); 687 688 if (dsp->dsa_pending_op != PENDING_NONE) 689 if (dump_record(dsp, NULL, 0) != 0) 690 err = SET_ERROR(EINTR); 691 692 if (err != 0) { 693 if (err == EINTR && dsp->dsa_err != 0) 694 err = dsp->dsa_err; 695 goto out; 696 } 697 698 bzero(drr, sizeof (dmu_replay_record_t)); 699 drr->drr_type = DRR_END; 700 drr->drr_u.drr_end.drr_checksum = dsp->dsa_zc; 701 drr->drr_u.drr_end.drr_toguid = dsp->dsa_toguid; 702 703 if (dump_record(dsp, NULL, 0) != 0) { 704 err = dsp->dsa_err; 705 goto out; 706 } 707 708out: 709 mutex_enter(&ds->ds_sendstream_lock); 710 list_remove(&ds->ds_sendstreams, dsp); 711 mutex_exit(&ds->ds_sendstream_lock); 712 713 kmem_free(drr, sizeof (dmu_replay_record_t)); 714 kmem_free(dsp, sizeof (dmu_sendarg_t)); 715 716 dsl_dataset_long_rele(ds, FTAG); 717 718 return (err); 719} 720 721int 722dmu_send_obj(const char *pool, uint64_t tosnap, uint64_t fromsnap, 723 boolean_t embedok, boolean_t large_block_ok, 724#ifdef illumos 725 int outfd, vnode_t *vp, offset_t *off) 726#else 727 int outfd, struct file *fp, offset_t *off) 728#endif 729{ 730 dsl_pool_t *dp; 731 dsl_dataset_t *ds; 732 dsl_dataset_t *fromds = NULL; 733 int err; 734 735 err = dsl_pool_hold(pool, FTAG, &dp); 736 if (err != 0) 737 return (err); 738 739 err = dsl_dataset_hold_obj(dp, tosnap, FTAG, &ds); 740 if (err != 0) { 741 dsl_pool_rele(dp, FTAG); 742 return (err); 743 } 744 745 if (fromsnap != 0) { 746 zfs_bookmark_phys_t zb; 747 boolean_t is_clone; 748 749 err = dsl_dataset_hold_obj(dp, fromsnap, FTAG, &fromds); 750 if (err != 0) { 751 dsl_dataset_rele(ds, FTAG); 752 dsl_pool_rele(dp, FTAG); 753 return (err); 754 } 755 if (!dsl_dataset_is_before(ds, fromds, 0)) 756 err = SET_ERROR(EXDEV); 757 zb.zbm_creation_time = 758 dsl_dataset_phys(fromds)->ds_creation_time; 759 zb.zbm_creation_txg = dsl_dataset_phys(fromds)->ds_creation_txg; 760 zb.zbm_guid = dsl_dataset_phys(fromds)->ds_guid; 761 is_clone = (fromds->ds_dir != ds->ds_dir); 762 dsl_dataset_rele(fromds, FTAG); 763 err = dmu_send_impl(FTAG, dp, ds, &zb, is_clone, 764 embedok, large_block_ok, outfd, fp, off); 765 } else { 766 err = dmu_send_impl(FTAG, dp, ds, NULL, B_FALSE, 767 embedok, large_block_ok, outfd, fp, off); 768 } 769 dsl_dataset_rele(ds, FTAG); 770 return (err); 771} 772 773int 774dmu_send(const char *tosnap, const char *fromsnap, 775 boolean_t embedok, boolean_t large_block_ok, 776#ifdef illumos 777 int outfd, vnode_t *vp, offset_t *off) 778#else 779 int outfd, struct file *fp, offset_t *off) 780#endif 781{ 782 dsl_pool_t *dp; 783 dsl_dataset_t *ds; 784 int err; 785 boolean_t owned = B_FALSE; 786 787 if (fromsnap != NULL && strpbrk(fromsnap, "@#") == NULL) 788 return (SET_ERROR(EINVAL)); 789 790 err = dsl_pool_hold(tosnap, FTAG, &dp); 791 if (err != 0) 792 return (err); 793 794 if (strchr(tosnap, '@') == NULL && spa_writeable(dp->dp_spa)) { 795 /* 796 * We are sending a filesystem or volume. Ensure 797 * that it doesn't change by owning the dataset. 798 */ 799 err = dsl_dataset_own(dp, tosnap, FTAG, &ds); 800 owned = B_TRUE; 801 } else { 802 err = dsl_dataset_hold(dp, tosnap, FTAG, &ds); 803 } 804 if (err != 0) { 805 dsl_pool_rele(dp, FTAG); 806 return (err); 807 } 808 809 if (fromsnap != NULL) { 810 zfs_bookmark_phys_t zb; 811 boolean_t is_clone = B_FALSE; 812 int fsnamelen = strchr(tosnap, '@') - tosnap; 813 814 /* 815 * If the fromsnap is in a different filesystem, then 816 * mark the send stream as a clone. 817 */ 818 if (strncmp(tosnap, fromsnap, fsnamelen) != 0 || 819 (fromsnap[fsnamelen] != '@' && 820 fromsnap[fsnamelen] != '#')) { 821 is_clone = B_TRUE; 822 } 823 824 if (strchr(fromsnap, '@')) { 825 dsl_dataset_t *fromds; 826 err = dsl_dataset_hold(dp, fromsnap, FTAG, &fromds); 827 if (err == 0) { 828 if (!dsl_dataset_is_before(ds, fromds, 0)) 829 err = SET_ERROR(EXDEV); 830 zb.zbm_creation_time = 831 dsl_dataset_phys(fromds)->ds_creation_time; 832 zb.zbm_creation_txg = 833 dsl_dataset_phys(fromds)->ds_creation_txg; 834 zb.zbm_guid = dsl_dataset_phys(fromds)->ds_guid; 835 is_clone = (ds->ds_dir != fromds->ds_dir); 836 dsl_dataset_rele(fromds, FTAG); 837 } 838 } else { 839 err = dsl_bookmark_lookup(dp, fromsnap, ds, &zb); 840 } 841 if (err != 0) { 842 dsl_dataset_rele(ds, FTAG); 843 dsl_pool_rele(dp, FTAG); 844 return (err); 845 } 846 err = dmu_send_impl(FTAG, dp, ds, &zb, is_clone, 847 embedok, large_block_ok, outfd, fp, off); 848 } else { 849 err = dmu_send_impl(FTAG, dp, ds, NULL, B_FALSE, 850 embedok, large_block_ok, outfd, fp, off); 851 } 852 if (owned) 853 dsl_dataset_disown(ds, FTAG); 854 else 855 dsl_dataset_rele(ds, FTAG); 856 return (err); 857} 858 859int 860dmu_send_estimate(dsl_dataset_t *ds, dsl_dataset_t *fromds, uint64_t *sizep) 861{ 862 dsl_pool_t *dp = ds->ds_dir->dd_pool; 863 int err; 864 uint64_t size; 865 866 ASSERT(dsl_pool_config_held(dp)); 867 868 /* tosnap must be a snapshot */ 869 if (!ds->ds_is_snapshot) 870 return (SET_ERROR(EINVAL)); 871 872 /* fromsnap, if provided, must be a snapshot */ 873 if (fromds != NULL && !fromds->ds_is_snapshot) 874 return (SET_ERROR(EINVAL)); 875 876 /* 877 * fromsnap must be an earlier snapshot from the same fs as tosnap, 878 * or the origin's fs. 879 */ 880 if (fromds != NULL && !dsl_dataset_is_before(ds, fromds, 0)) 881 return (SET_ERROR(EXDEV)); 882 883 /* Get uncompressed size estimate of changed data. */ 884 if (fromds == NULL) { 885 size = dsl_dataset_phys(ds)->ds_uncompressed_bytes; 886 } else { 887 uint64_t used, comp; 888 err = dsl_dataset_space_written(fromds, ds, 889 &used, &comp, &size); 890 if (err != 0) 891 return (err); 892 } 893 894 /* 895 * Assume that space (both on-disk and in-stream) is dominated by 896 * data. We will adjust for indirect blocks and the copies property, 897 * but ignore per-object space used (eg, dnodes and DRR_OBJECT records). 898 */ 899 900 /* 901 * Subtract out approximate space used by indirect blocks. 902 * Assume most space is used by data blocks (non-indirect, non-dnode). 903 * Assume all blocks are recordsize. Assume ditto blocks and 904 * internal fragmentation counter out compression. 905 * 906 * Therefore, space used by indirect blocks is sizeof(blkptr_t) per 907 * block, which we observe in practice. 908 */ 909 uint64_t recordsize; 910 err = dsl_prop_get_int_ds(ds, "recordsize", &recordsize); 911 if (err != 0) 912 return (err); 913 size -= size / recordsize * sizeof (blkptr_t); 914 915 /* Add in the space for the record associated with each block. */ 916 size += size / recordsize * sizeof (dmu_replay_record_t); 917 918 *sizep = size; 919 920 return (0); 921} 922 923typedef struct dmu_recv_begin_arg { 924 const char *drba_origin; 925 dmu_recv_cookie_t *drba_cookie; 926 cred_t *drba_cred; 927 uint64_t drba_snapobj; 928} dmu_recv_begin_arg_t; 929 930static int 931recv_begin_check_existing_impl(dmu_recv_begin_arg_t *drba, dsl_dataset_t *ds, 932 uint64_t fromguid) 933{ 934 uint64_t val; 935 int error; 936 dsl_pool_t *dp = ds->ds_dir->dd_pool; 937 938 /* temporary clone name must not exist */ 939 error = zap_lookup(dp->dp_meta_objset, 940 dsl_dir_phys(ds->ds_dir)->dd_child_dir_zapobj, recv_clone_name, 941 8, 1, &val); 942 if (error != ENOENT) 943 return (error == 0 ? EBUSY : error); 944 945 /* new snapshot name must not exist */ 946 error = zap_lookup(dp->dp_meta_objset, 947 dsl_dataset_phys(ds)->ds_snapnames_zapobj, 948 drba->drba_cookie->drc_tosnap, 8, 1, &val); 949 if (error != ENOENT) 950 return (error == 0 ? EEXIST : error); 951 952 /* 953 * Check snapshot limit before receiving. We'll recheck again at the 954 * end, but might as well abort before receiving if we're already over 955 * the limit. 956 * 957 * Note that we do not check the file system limit with 958 * dsl_dir_fscount_check because the temporary %clones don't count 959 * against that limit. 960 */ 961 error = dsl_fs_ss_limit_check(ds->ds_dir, 1, ZFS_PROP_SNAPSHOT_LIMIT, 962 NULL, drba->drba_cred); 963 if (error != 0) 964 return (error); 965 966 if (fromguid != 0) { 967 dsl_dataset_t *snap; 968 uint64_t obj = dsl_dataset_phys(ds)->ds_prev_snap_obj; 969 970 /* Find snapshot in this dir that matches fromguid. */ 971 while (obj != 0) { 972 error = dsl_dataset_hold_obj(dp, obj, FTAG, 973 &snap); 974 if (error != 0) 975 return (SET_ERROR(ENODEV)); 976 if (snap->ds_dir != ds->ds_dir) { 977 dsl_dataset_rele(snap, FTAG); 978 return (SET_ERROR(ENODEV)); 979 } 980 if (dsl_dataset_phys(snap)->ds_guid == fromguid) 981 break; 982 obj = dsl_dataset_phys(snap)->ds_prev_snap_obj; 983 dsl_dataset_rele(snap, FTAG); 984 } 985 if (obj == 0) 986 return (SET_ERROR(ENODEV)); 987 988 if (drba->drba_cookie->drc_force) { 989 drba->drba_snapobj = obj; 990 } else { 991 /* 992 * If we are not forcing, there must be no 993 * changes since fromsnap. 994 */ 995 if (dsl_dataset_modified_since_snap(ds, snap)) { 996 dsl_dataset_rele(snap, FTAG); 997 return (SET_ERROR(ETXTBSY)); 998 } 999 drba->drba_snapobj = ds->ds_prev->ds_object; 1000 } 1001 1002 dsl_dataset_rele(snap, FTAG); 1003 } else { 1004 /* if full, then must be forced */ 1005 if (!drba->drba_cookie->drc_force) 1006 return (SET_ERROR(EEXIST)); 1007 /* start from $ORIGIN@$ORIGIN, if supported */ 1008 drba->drba_snapobj = dp->dp_origin_snap != NULL ? 1009 dp->dp_origin_snap->ds_object : 0; 1010 } 1011 1012 return (0); 1013 1014} 1015 1016static int 1017dmu_recv_begin_check(void *arg, dmu_tx_t *tx) 1018{ 1019 dmu_recv_begin_arg_t *drba = arg; 1020 dsl_pool_t *dp = dmu_tx_pool(tx); 1021 struct drr_begin *drrb = drba->drba_cookie->drc_drrb; 1022 uint64_t fromguid = drrb->drr_fromguid; 1023 int flags = drrb->drr_flags; 1024 int error; 1025 uint64_t featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo); 1026 dsl_dataset_t *ds; 1027 const char *tofs = drba->drba_cookie->drc_tofs; 1028 1029 /* already checked */ 1030 ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC); 1031 1032 if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) == 1033 DMU_COMPOUNDSTREAM || 1034 drrb->drr_type >= DMU_OST_NUMTYPES || 1035 ((flags & DRR_FLAG_CLONE) && drba->drba_origin == NULL)) 1036 return (SET_ERROR(EINVAL)); 1037 1038 /* Verify pool version supports SA if SA_SPILL feature set */ 1039 if ((featureflags & DMU_BACKUP_FEATURE_SA_SPILL) && 1040 spa_version(dp->dp_spa) < SPA_VERSION_SA) 1041 return (SET_ERROR(ENOTSUP)); 1042 1043 /* 1044 * The receiving code doesn't know how to translate a WRITE_EMBEDDED 1045 * record to a plan WRITE record, so the pool must have the 1046 * EMBEDDED_DATA feature enabled if the stream has WRITE_EMBEDDED 1047 * records. Same with WRITE_EMBEDDED records that use LZ4 compression. 1048 */ 1049 if ((featureflags & DMU_BACKUP_FEATURE_EMBED_DATA) && 1050 !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_EMBEDDED_DATA)) 1051 return (SET_ERROR(ENOTSUP)); 1052 if ((featureflags & DMU_BACKUP_FEATURE_EMBED_DATA_LZ4) && 1053 !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_LZ4_COMPRESS)) 1054 return (SET_ERROR(ENOTSUP)); 1055 1056 /* 1057 * The receiving code doesn't know how to translate large blocks 1058 * to smaller ones, so the pool must have the LARGE_BLOCKS 1059 * feature enabled if the stream has LARGE_BLOCKS. 1060 */ 1061 if ((featureflags & DMU_BACKUP_FEATURE_LARGE_BLOCKS) && 1062 !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_LARGE_BLOCKS)) 1063 return (SET_ERROR(ENOTSUP)); 1064 1065 error = dsl_dataset_hold(dp, tofs, FTAG, &ds); 1066 if (error == 0) { 1067 /* target fs already exists; recv into temp clone */ 1068 1069 /* Can't recv a clone into an existing fs */ 1070 if (flags & DRR_FLAG_CLONE) { 1071 dsl_dataset_rele(ds, FTAG); 1072 return (SET_ERROR(EINVAL)); 1073 } 1074 1075 error = recv_begin_check_existing_impl(drba, ds, fromguid); 1076 dsl_dataset_rele(ds, FTAG); 1077 } else if (error == ENOENT) { 1078 /* target fs does not exist; must be a full backup or clone */ 1079 char buf[MAXNAMELEN]; 1080 1081 /* 1082 * If it's a non-clone incremental, we are missing the 1083 * target fs, so fail the recv. 1084 */ 1085 if (fromguid != 0 && !(flags & DRR_FLAG_CLONE)) 1086 return (SET_ERROR(ENOENT)); 1087 1088 /* Open the parent of tofs */ 1089 ASSERT3U(strlen(tofs), <, MAXNAMELEN); 1090 (void) strlcpy(buf, tofs, strrchr(tofs, '/') - tofs + 1); 1091 error = dsl_dataset_hold(dp, buf, FTAG, &ds); 1092 if (error != 0) 1093 return (error); 1094 1095 /* 1096 * Check filesystem and snapshot limits before receiving. We'll 1097 * recheck snapshot limits again at the end (we create the 1098 * filesystems and increment those counts during begin_sync). 1099 */ 1100 error = dsl_fs_ss_limit_check(ds->ds_dir, 1, 1101 ZFS_PROP_FILESYSTEM_LIMIT, NULL, drba->drba_cred); 1102 if (error != 0) { 1103 dsl_dataset_rele(ds, FTAG); 1104 return (error); 1105 } 1106 1107 error = dsl_fs_ss_limit_check(ds->ds_dir, 1, 1108 ZFS_PROP_SNAPSHOT_LIMIT, NULL, drba->drba_cred); 1109 if (error != 0) { 1110 dsl_dataset_rele(ds, FTAG); 1111 return (error); 1112 } 1113 1114 if (drba->drba_origin != NULL) { 1115 dsl_dataset_t *origin; 1116 error = dsl_dataset_hold(dp, drba->drba_origin, 1117 FTAG, &origin); 1118 if (error != 0) { 1119 dsl_dataset_rele(ds, FTAG); 1120 return (error); 1121 } 1122 if (!origin->ds_is_snapshot) { 1123 dsl_dataset_rele(origin, FTAG); 1124 dsl_dataset_rele(ds, FTAG); 1125 return (SET_ERROR(EINVAL)); 1126 } 1127 if (dsl_dataset_phys(origin)->ds_guid != fromguid) { 1128 dsl_dataset_rele(origin, FTAG); 1129 dsl_dataset_rele(ds, FTAG); 1130 return (SET_ERROR(ENODEV)); 1131 } 1132 dsl_dataset_rele(origin, FTAG); 1133 } 1134 dsl_dataset_rele(ds, FTAG); 1135 error = 0; 1136 } 1137 return (error); 1138} 1139 1140static void 1141dmu_recv_begin_sync(void *arg, dmu_tx_t *tx) 1142{ 1143 dmu_recv_begin_arg_t *drba = arg; 1144 dsl_pool_t *dp = dmu_tx_pool(tx); 1145 struct drr_begin *drrb = drba->drba_cookie->drc_drrb; 1146 const char *tofs = drba->drba_cookie->drc_tofs; 1147 dsl_dataset_t *ds, *newds; 1148 uint64_t dsobj; 1149 int error; 1150 uint64_t crflags; 1151 1152 crflags = (drrb->drr_flags & DRR_FLAG_CI_DATA) ? 1153 DS_FLAG_CI_DATASET : 0; 1154 1155 error = dsl_dataset_hold(dp, tofs, FTAG, &ds); 1156 if (error == 0) { 1157 /* create temporary clone */ 1158 dsl_dataset_t *snap = NULL; 1159 if (drba->drba_snapobj != 0) { 1160 VERIFY0(dsl_dataset_hold_obj(dp, 1161 drba->drba_snapobj, FTAG, &snap)); 1162 } 1163 dsobj = dsl_dataset_create_sync(ds->ds_dir, recv_clone_name, 1164 snap, crflags, drba->drba_cred, tx); 1165 if (drba->drba_snapobj != 0) 1166 dsl_dataset_rele(snap, FTAG); 1167 dsl_dataset_rele(ds, FTAG); 1168 } else { 1169 dsl_dir_t *dd; 1170 const char *tail; 1171 dsl_dataset_t *origin = NULL; 1172 1173 VERIFY0(dsl_dir_hold(dp, tofs, FTAG, &dd, &tail)); 1174 1175 if (drba->drba_origin != NULL) { 1176 VERIFY0(dsl_dataset_hold(dp, drba->drba_origin, 1177 FTAG, &origin)); 1178 } 1179 1180 /* Create new dataset. */ 1181 dsobj = dsl_dataset_create_sync(dd, 1182 strrchr(tofs, '/') + 1, 1183 origin, crflags, drba->drba_cred, tx); 1184 if (origin != NULL) 1185 dsl_dataset_rele(origin, FTAG); 1186 dsl_dir_rele(dd, FTAG); 1187 drba->drba_cookie->drc_newfs = B_TRUE; 1188 } 1189 VERIFY0(dsl_dataset_own_obj(dp, dsobj, dmu_recv_tag, &newds)); 1190 1191 if ((DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) & 1192 DMU_BACKUP_FEATURE_LARGE_BLOCKS) && 1193 !newds->ds_large_blocks) { 1194 dsl_dataset_activate_large_blocks_sync_impl(dsobj, tx); 1195 newds->ds_large_blocks = B_TRUE; 1196 } 1197 1198 dmu_buf_will_dirty(newds->ds_dbuf, tx); 1199 dsl_dataset_phys(newds)->ds_flags |= DS_FLAG_INCONSISTENT; 1200 1201 /* 1202 * If we actually created a non-clone, we need to create the 1203 * objset in our new dataset. 1204 */ 1205 if (BP_IS_HOLE(dsl_dataset_get_blkptr(newds))) { 1206 (void) dmu_objset_create_impl(dp->dp_spa, 1207 newds, dsl_dataset_get_blkptr(newds), drrb->drr_type, tx); 1208 } 1209 1210 drba->drba_cookie->drc_ds = newds; 1211 1212 spa_history_log_internal_ds(newds, "receive", tx, ""); 1213} 1214 1215/* 1216 * NB: callers *MUST* call dmu_recv_stream() if dmu_recv_begin() 1217 * succeeds; otherwise we will leak the holds on the datasets. 1218 */ 1219int 1220dmu_recv_begin(char *tofs, char *tosnap, struct drr_begin *drrb, 1221 boolean_t force, char *origin, dmu_recv_cookie_t *drc) 1222{ 1223 dmu_recv_begin_arg_t drba = { 0 }; 1224 dmu_replay_record_t *drr; 1225 1226 bzero(drc, sizeof (dmu_recv_cookie_t)); 1227 drc->drc_drrb = drrb; 1228 drc->drc_tosnap = tosnap; 1229 drc->drc_tofs = tofs; 1230 drc->drc_force = force; 1231 drc->drc_cred = CRED(); 1232 1233 if (drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC)) 1234 drc->drc_byteswap = B_TRUE; 1235 else if (drrb->drr_magic != DMU_BACKUP_MAGIC) 1236 return (SET_ERROR(EINVAL)); 1237 1238 drr = kmem_zalloc(sizeof (dmu_replay_record_t), KM_SLEEP); 1239 drr->drr_type = DRR_BEGIN; 1240 drr->drr_u.drr_begin = *drc->drc_drrb; 1241 if (drc->drc_byteswap) { 1242 fletcher_4_incremental_byteswap(drr, 1243 sizeof (dmu_replay_record_t), &drc->drc_cksum); 1244 } else { 1245 fletcher_4_incremental_native(drr, 1246 sizeof (dmu_replay_record_t), &drc->drc_cksum); 1247 } 1248 kmem_free(drr, sizeof (dmu_replay_record_t)); 1249 1250 if (drc->drc_byteswap) { 1251 drrb->drr_magic = BSWAP_64(drrb->drr_magic); 1252 drrb->drr_versioninfo = BSWAP_64(drrb->drr_versioninfo); 1253 drrb->drr_creation_time = BSWAP_64(drrb->drr_creation_time); 1254 drrb->drr_type = BSWAP_32(drrb->drr_type); 1255 drrb->drr_toguid = BSWAP_64(drrb->drr_toguid); 1256 drrb->drr_fromguid = BSWAP_64(drrb->drr_fromguid); 1257 } 1258 1259 drba.drba_origin = origin; 1260 drba.drba_cookie = drc; 1261 drba.drba_cred = CRED(); 1262 1263 return (dsl_sync_task(tofs, dmu_recv_begin_check, dmu_recv_begin_sync, 1264 &drba, 5, ZFS_SPACE_CHECK_NORMAL)); 1265} 1266 1267struct restorearg { 1268 objset_t *os; 1269 int err; 1270 boolean_t byteswap; 1271 kthread_t *td; 1272 struct file *fp; 1273 uint64_t voff; 1274 int bufsize; /* amount of memory allocated for buf */ 1275 1276 dmu_replay_record_t *drr; 1277 dmu_replay_record_t *next_drr; 1278 char *buf; 1279 zio_cksum_t cksum; 1280 zio_cksum_t prev_cksum; 1281 1282 avl_tree_t *guid_to_ds_map; 1283}; 1284 1285typedef struct guid_map_entry { 1286 uint64_t guid; 1287 dsl_dataset_t *gme_ds; 1288 avl_node_t avlnode; 1289} guid_map_entry_t; 1290 1291static int 1292guid_compare(const void *arg1, const void *arg2) 1293{ 1294 const guid_map_entry_t *gmep1 = arg1; 1295 const guid_map_entry_t *gmep2 = arg2; 1296 1297 if (gmep1->guid < gmep2->guid) 1298 return (-1); 1299 else if (gmep1->guid > gmep2->guid) 1300 return (1); 1301 return (0); 1302} 1303 1304static void 1305free_guid_map_onexit(void *arg) 1306{ 1307 avl_tree_t *ca = arg; 1308 void *cookie = NULL; 1309 guid_map_entry_t *gmep; 1310 1311 while ((gmep = avl_destroy_nodes(ca, &cookie)) != NULL) { 1312 dsl_dataset_long_rele(gmep->gme_ds, gmep); 1313 dsl_dataset_rele(gmep->gme_ds, gmep); 1314 kmem_free(gmep, sizeof (guid_map_entry_t)); 1315 } 1316 avl_destroy(ca); 1317 kmem_free(ca, sizeof (avl_tree_t)); 1318} 1319 1320static int 1321restore_bytes(struct restorearg *ra, void *buf, int len, off_t off, ssize_t *resid) 1322{ 1323 struct uio auio; 1324 struct iovec aiov; 1325 int error; 1326 1327 aiov.iov_base = buf; 1328 aiov.iov_len = len; 1329 auio.uio_iov = &aiov; 1330 auio.uio_iovcnt = 1; 1331 auio.uio_resid = len; 1332 auio.uio_segflg = UIO_SYSSPACE; 1333 auio.uio_rw = UIO_READ; 1334 auio.uio_offset = off; 1335 auio.uio_td = ra->td; 1336#ifdef _KERNEL 1337 error = fo_read(ra->fp, &auio, ra->td->td_ucred, FOF_OFFSET, ra->td); 1338#else 1339 fprintf(stderr, "%s: returning EOPNOTSUPP\n", __func__); 1340 error = EOPNOTSUPP; 1341#endif 1342 *resid = auio.uio_resid; 1343 return (error); 1344} 1345 1346static int 1347restore_read(struct restorearg *ra, int len, void *buf) 1348{ 1349 int done = 0; 1350 1351 /* some things will require 8-byte alignment, so everything must */ 1352 ASSERT0(len % 8); 1353 ASSERT3U(len, <=, ra->bufsize); 1354 1355 while (done < len) { 1356 ssize_t resid; 1357 1358 ra->err = restore_bytes(ra, buf + done, 1359 len - done, ra->voff, &resid); 1360 1361 if (resid == len - done) 1362 ra->err = SET_ERROR(EINVAL); 1363 ra->voff += len - done - resid; 1364 done = len - resid; 1365 if (ra->err != 0) 1366 return (ra->err); 1367 } 1368 1369 ASSERT3U(done, ==, len); 1370 return (0); 1371} 1372 1373static void 1374byteswap_record(dmu_replay_record_t *drr) 1375{ 1376#define DO64(X) (drr->drr_u.X = BSWAP_64(drr->drr_u.X)) 1377#define DO32(X) (drr->drr_u.X = BSWAP_32(drr->drr_u.X)) 1378 drr->drr_type = BSWAP_32(drr->drr_type); 1379 drr->drr_payloadlen = BSWAP_32(drr->drr_payloadlen); 1380 1381 switch (drr->drr_type) { 1382 case DRR_BEGIN: 1383 DO64(drr_begin.drr_magic); 1384 DO64(drr_begin.drr_versioninfo); 1385 DO64(drr_begin.drr_creation_time); 1386 DO32(drr_begin.drr_type); 1387 DO32(drr_begin.drr_flags); 1388 DO64(drr_begin.drr_toguid); 1389 DO64(drr_begin.drr_fromguid); 1390 break; 1391 case DRR_OBJECT: 1392 DO64(drr_object.drr_object); 1393 DO32(drr_object.drr_type); 1394 DO32(drr_object.drr_bonustype); 1395 DO32(drr_object.drr_blksz); 1396 DO32(drr_object.drr_bonuslen); 1397 DO64(drr_object.drr_toguid); 1398 break; 1399 case DRR_FREEOBJECTS: 1400 DO64(drr_freeobjects.drr_firstobj); 1401 DO64(drr_freeobjects.drr_numobjs); 1402 DO64(drr_freeobjects.drr_toguid); 1403 break; 1404 case DRR_WRITE: 1405 DO64(drr_write.drr_object); 1406 DO32(drr_write.drr_type); 1407 DO64(drr_write.drr_offset); 1408 DO64(drr_write.drr_length); 1409 DO64(drr_write.drr_toguid); 1410 ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_write.drr_key.ddk_cksum); 1411 DO64(drr_write.drr_key.ddk_prop); 1412 break; 1413 case DRR_WRITE_BYREF: 1414 DO64(drr_write_byref.drr_object); 1415 DO64(drr_write_byref.drr_offset); 1416 DO64(drr_write_byref.drr_length); 1417 DO64(drr_write_byref.drr_toguid); 1418 DO64(drr_write_byref.drr_refguid); 1419 DO64(drr_write_byref.drr_refobject); 1420 DO64(drr_write_byref.drr_refoffset); 1421 ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_write_byref. 1422 drr_key.ddk_cksum); 1423 DO64(drr_write_byref.drr_key.ddk_prop); 1424 break; 1425 case DRR_WRITE_EMBEDDED: 1426 DO64(drr_write_embedded.drr_object); 1427 DO64(drr_write_embedded.drr_offset); 1428 DO64(drr_write_embedded.drr_length); 1429 DO64(drr_write_embedded.drr_toguid); 1430 DO32(drr_write_embedded.drr_lsize); 1431 DO32(drr_write_embedded.drr_psize); 1432 break; 1433 case DRR_FREE: 1434 DO64(drr_free.drr_object); 1435 DO64(drr_free.drr_offset); 1436 DO64(drr_free.drr_length); 1437 DO64(drr_free.drr_toguid); 1438 break; 1439 case DRR_SPILL: 1440 DO64(drr_spill.drr_object); 1441 DO64(drr_spill.drr_length); 1442 DO64(drr_spill.drr_toguid); 1443 break; 1444 case DRR_END: 1445 DO64(drr_end.drr_toguid); 1446 ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_end.drr_checksum); 1447 break; 1448 } 1449 1450 if (drr->drr_type != DRR_BEGIN) { 1451 ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_checksum.drr_checksum); 1452 } 1453 1454#undef DO64 1455#undef DO32 1456} 1457 1458static inline uint8_t 1459deduce_nblkptr(dmu_object_type_t bonus_type, uint64_t bonus_size) 1460{ 1461 if (bonus_type == DMU_OT_SA) { 1462 return (1); 1463 } else { 1464 return (1 + 1465 ((DN_MAX_BONUSLEN - bonus_size) >> SPA_BLKPTRSHIFT)); 1466 } 1467} 1468 1469static int 1470restore_object(struct restorearg *ra, struct drr_object *drro, void *data) 1471{ 1472 dmu_object_info_t doi; 1473 dmu_tx_t *tx; 1474 uint64_t object; 1475 int err; 1476 1477 if (drro->drr_type == DMU_OT_NONE || 1478 !DMU_OT_IS_VALID(drro->drr_type) || 1479 !DMU_OT_IS_VALID(drro->drr_bonustype) || 1480 drro->drr_checksumtype >= ZIO_CHECKSUM_FUNCTIONS || 1481 drro->drr_compress >= ZIO_COMPRESS_FUNCTIONS || 1482 P2PHASE(drro->drr_blksz, SPA_MINBLOCKSIZE) || 1483 drro->drr_blksz < SPA_MINBLOCKSIZE || 1484 drro->drr_blksz > spa_maxblocksize(dmu_objset_spa(ra->os)) || 1485 drro->drr_bonuslen > DN_MAX_BONUSLEN) { 1486 return (SET_ERROR(EINVAL)); 1487 } 1488 1489 err = dmu_object_info(ra->os, drro->drr_object, &doi); 1490 1491 if (err != 0 && err != ENOENT) 1492 return (SET_ERROR(EINVAL)); 1493 object = err == 0 ? drro->drr_object : DMU_NEW_OBJECT; 1494 1495 /* 1496 * If we are losing blkptrs or changing the block size this must 1497 * be a new file instance. We must clear out the previous file 1498 * contents before we can change this type of metadata in the dnode. 1499 */ 1500 if (err == 0) { 1501 int nblkptr; 1502 1503 nblkptr = deduce_nblkptr(drro->drr_bonustype, 1504 drro->drr_bonuslen); 1505 1506 if (drro->drr_blksz != doi.doi_data_block_size || 1507 nblkptr < doi.doi_nblkptr) { 1508 err = dmu_free_long_range(ra->os, drro->drr_object, 1509 0, DMU_OBJECT_END); 1510 if (err != 0) 1511 return (SET_ERROR(EINVAL)); 1512 } 1513 } 1514 1515 tx = dmu_tx_create(ra->os); 1516 dmu_tx_hold_bonus(tx, object); 1517 err = dmu_tx_assign(tx, TXG_WAIT); 1518 if (err != 0) { 1519 dmu_tx_abort(tx); 1520 return (err); 1521 } 1522 1523 if (object == DMU_NEW_OBJECT) { 1524 /* currently free, want to be allocated */ 1525 err = dmu_object_claim(ra->os, drro->drr_object, 1526 drro->drr_type, drro->drr_blksz, 1527 drro->drr_bonustype, drro->drr_bonuslen, tx); 1528 } else if (drro->drr_type != doi.doi_type || 1529 drro->drr_blksz != doi.doi_data_block_size || 1530 drro->drr_bonustype != doi.doi_bonus_type || 1531 drro->drr_bonuslen != doi.doi_bonus_size) { 1532 /* currently allocated, but with different properties */ 1533 err = dmu_object_reclaim(ra->os, drro->drr_object, 1534 drro->drr_type, drro->drr_blksz, 1535 drro->drr_bonustype, drro->drr_bonuslen, tx); 1536 } 1537 if (err != 0) { 1538 dmu_tx_commit(tx); 1539 return (SET_ERROR(EINVAL)); 1540 } 1541 1542 dmu_object_set_checksum(ra->os, drro->drr_object, 1543 drro->drr_checksumtype, tx); 1544 dmu_object_set_compress(ra->os, drro->drr_object, 1545 drro->drr_compress, tx); 1546 1547 if (data != NULL) { 1548 dmu_buf_t *db; 1549 1550 VERIFY0(dmu_bonus_hold(ra->os, drro->drr_object, FTAG, &db)); 1551 dmu_buf_will_dirty(db, tx); 1552 1553 ASSERT3U(db->db_size, >=, drro->drr_bonuslen); 1554 bcopy(data, db->db_data, drro->drr_bonuslen); 1555 if (ra->byteswap) { 1556 dmu_object_byteswap_t byteswap = 1557 DMU_OT_BYTESWAP(drro->drr_bonustype); 1558 dmu_ot_byteswap[byteswap].ob_func(db->db_data, 1559 drro->drr_bonuslen); 1560 } 1561 dmu_buf_rele(db, FTAG); 1562 } 1563 dmu_tx_commit(tx); 1564 return (0); 1565} 1566 1567/* ARGSUSED */ 1568static int 1569restore_freeobjects(struct restorearg *ra, 1570 struct drr_freeobjects *drrfo) 1571{ 1572 uint64_t obj; 1573 1574 if (drrfo->drr_firstobj + drrfo->drr_numobjs < drrfo->drr_firstobj) 1575 return (SET_ERROR(EINVAL)); 1576 1577 for (obj = drrfo->drr_firstobj; 1578 obj < drrfo->drr_firstobj + drrfo->drr_numobjs; 1579 (void) dmu_object_next(ra->os, &obj, FALSE, 0)) { 1580 int err; 1581 1582 if (dmu_object_info(ra->os, obj, NULL) != 0) 1583 continue; 1584 1585 err = dmu_free_long_object(ra->os, obj); 1586 if (err != 0) 1587 return (err); 1588 } 1589 return (0); 1590} 1591 1592static int 1593restore_write(struct restorearg *ra, struct drr_write *drrw, arc_buf_t *abuf) 1594{ 1595 dmu_tx_t *tx; 1596 int err; 1597 1598 if (drrw->drr_offset + drrw->drr_length < drrw->drr_offset || 1599 !DMU_OT_IS_VALID(drrw->drr_type)) 1600 return (SET_ERROR(EINVAL)); 1601 1602 if (dmu_object_info(ra->os, drrw->drr_object, NULL) != 0) 1603 return (SET_ERROR(EINVAL)); 1604 1605 tx = dmu_tx_create(ra->os); 1606 1607 dmu_tx_hold_write(tx, drrw->drr_object, 1608 drrw->drr_offset, drrw->drr_length); 1609 err = dmu_tx_assign(tx, TXG_WAIT); 1610 if (err != 0) { 1611 dmu_tx_abort(tx); 1612 return (err); 1613 } 1614 if (ra->byteswap) { 1615 dmu_object_byteswap_t byteswap = 1616 DMU_OT_BYTESWAP(drrw->drr_type); 1617 dmu_ot_byteswap[byteswap].ob_func(abuf->b_data, 1618 drrw->drr_length); 1619 } 1620 1621 dmu_buf_t *bonus; 1622 if (dmu_bonus_hold(ra->os, drrw->drr_object, FTAG, &bonus) != 0) 1623 return (SET_ERROR(EINVAL)); 1624 dmu_assign_arcbuf(bonus, drrw->drr_offset, abuf, tx); 1625 dmu_tx_commit(tx); 1626 dmu_buf_rele(bonus, FTAG); 1627 return (0); 1628} 1629 1630/* 1631 * Handle a DRR_WRITE_BYREF record. This record is used in dedup'ed 1632 * streams to refer to a copy of the data that is already on the 1633 * system because it came in earlier in the stream. This function 1634 * finds the earlier copy of the data, and uses that copy instead of 1635 * data from the stream to fulfill this write. 1636 */ 1637static int 1638restore_write_byref(struct restorearg *ra, struct drr_write_byref *drrwbr) 1639{ 1640 dmu_tx_t *tx; 1641 int err; 1642 guid_map_entry_t gmesrch; 1643 guid_map_entry_t *gmep; 1644 avl_index_t where; 1645 objset_t *ref_os = NULL; 1646 dmu_buf_t *dbp; 1647 1648 if (drrwbr->drr_offset + drrwbr->drr_length < drrwbr->drr_offset) 1649 return (SET_ERROR(EINVAL)); 1650 1651 /* 1652 * If the GUID of the referenced dataset is different from the 1653 * GUID of the target dataset, find the referenced dataset. 1654 */ 1655 if (drrwbr->drr_toguid != drrwbr->drr_refguid) { 1656 gmesrch.guid = drrwbr->drr_refguid; 1657 if ((gmep = avl_find(ra->guid_to_ds_map, &gmesrch, 1658 &where)) == NULL) { 1659 return (SET_ERROR(EINVAL)); 1660 } 1661 if (dmu_objset_from_ds(gmep->gme_ds, &ref_os)) 1662 return (SET_ERROR(EINVAL)); 1663 } else { 1664 ref_os = ra->os; 1665 } 1666 1667 err = dmu_buf_hold(ref_os, drrwbr->drr_refobject, 1668 drrwbr->drr_refoffset, FTAG, &dbp, DMU_READ_PREFETCH); 1669 if (err != 0) 1670 return (err); 1671 1672 tx = dmu_tx_create(ra->os); 1673 1674 dmu_tx_hold_write(tx, drrwbr->drr_object, 1675 drrwbr->drr_offset, drrwbr->drr_length); 1676 err = dmu_tx_assign(tx, TXG_WAIT); 1677 if (err != 0) { 1678 dmu_tx_abort(tx); 1679 return (err); 1680 } 1681 dmu_write(ra->os, drrwbr->drr_object, 1682 drrwbr->drr_offset, drrwbr->drr_length, dbp->db_data, tx); 1683 dmu_buf_rele(dbp, FTAG); 1684 dmu_tx_commit(tx); 1685 return (0); 1686} 1687 1688static int 1689restore_write_embedded(struct restorearg *ra, 1690 struct drr_write_embedded *drrwnp, void *data) 1691{ 1692 dmu_tx_t *tx; 1693 int err; 1694 1695 if (drrwnp->drr_offset + drrwnp->drr_length < drrwnp->drr_offset) 1696 return (EINVAL); 1697 1698 if (drrwnp->drr_psize > BPE_PAYLOAD_SIZE) 1699 return (EINVAL); 1700 1701 if (drrwnp->drr_etype >= NUM_BP_EMBEDDED_TYPES) 1702 return (EINVAL); 1703 if (drrwnp->drr_compression >= ZIO_COMPRESS_FUNCTIONS) 1704 return (EINVAL); 1705 1706 tx = dmu_tx_create(ra->os); 1707 1708 dmu_tx_hold_write(tx, drrwnp->drr_object, 1709 drrwnp->drr_offset, drrwnp->drr_length); 1710 err = dmu_tx_assign(tx, TXG_WAIT); 1711 if (err != 0) { 1712 dmu_tx_abort(tx); 1713 return (err); 1714 } 1715 1716 dmu_write_embedded(ra->os, drrwnp->drr_object, 1717 drrwnp->drr_offset, data, drrwnp->drr_etype, 1718 drrwnp->drr_compression, drrwnp->drr_lsize, drrwnp->drr_psize, 1719 ra->byteswap ^ ZFS_HOST_BYTEORDER, tx); 1720 1721 dmu_tx_commit(tx); 1722 return (0); 1723} 1724 1725static int 1726restore_spill(struct restorearg *ra, struct drr_spill *drrs, void *data) 1727{ 1728 dmu_tx_t *tx; 1729 dmu_buf_t *db, *db_spill; 1730 int err; 1731 1732 if (drrs->drr_length < SPA_MINBLOCKSIZE || 1733 drrs->drr_length > spa_maxblocksize(dmu_objset_spa(ra->os))) 1734 return (SET_ERROR(EINVAL)); 1735 1736 if (dmu_object_info(ra->os, drrs->drr_object, NULL) != 0) 1737 return (SET_ERROR(EINVAL)); 1738 1739 VERIFY0(dmu_bonus_hold(ra->os, drrs->drr_object, FTAG, &db)); 1740 if ((err = dmu_spill_hold_by_bonus(db, FTAG, &db_spill)) != 0) { 1741 dmu_buf_rele(db, FTAG); 1742 return (err); 1743 } 1744 1745 tx = dmu_tx_create(ra->os); 1746 1747 dmu_tx_hold_spill(tx, db->db_object); 1748 1749 err = dmu_tx_assign(tx, TXG_WAIT); 1750 if (err != 0) { 1751 dmu_buf_rele(db, FTAG); 1752 dmu_buf_rele(db_spill, FTAG); 1753 dmu_tx_abort(tx); 1754 return (err); 1755 } 1756 dmu_buf_will_dirty(db_spill, tx); 1757 1758 if (db_spill->db_size < drrs->drr_length) 1759 VERIFY(0 == dbuf_spill_set_blksz(db_spill, 1760 drrs->drr_length, tx)); 1761 bcopy(data, db_spill->db_data, drrs->drr_length); 1762 1763 dmu_buf_rele(db, FTAG); 1764 dmu_buf_rele(db_spill, FTAG); 1765 1766 dmu_tx_commit(tx); 1767 return (0); 1768} 1769 1770/* ARGSUSED */ 1771static int 1772restore_free(struct restorearg *ra, struct drr_free *drrf) 1773{ 1774 int err; 1775 1776 if (drrf->drr_length != -1ULL && 1777 drrf->drr_offset + drrf->drr_length < drrf->drr_offset) 1778 return (SET_ERROR(EINVAL)); 1779 1780 if (dmu_object_info(ra->os, drrf->drr_object, NULL) != 0) 1781 return (SET_ERROR(EINVAL)); 1782 1783 err = dmu_free_long_range(ra->os, drrf->drr_object, 1784 drrf->drr_offset, drrf->drr_length); 1785 return (err); 1786} 1787 1788/* used to destroy the drc_ds on error */ 1789static void 1790dmu_recv_cleanup_ds(dmu_recv_cookie_t *drc) 1791{ 1792 char name[MAXNAMELEN]; 1793 dsl_dataset_name(drc->drc_ds, name); 1794 dsl_dataset_disown(drc->drc_ds, dmu_recv_tag); 1795 (void) dsl_destroy_head(name); 1796} 1797 1798static void 1799restore_cksum(struct restorearg *ra, int len, void *buf) 1800{ 1801 if (ra->byteswap) { 1802 fletcher_4_incremental_byteswap(buf, len, &ra->cksum); 1803 } else { 1804 fletcher_4_incremental_native(buf, len, &ra->cksum); 1805 } 1806} 1807 1808/* 1809 * If len != 0, read payload into buf. 1810 * Read next record's header into ra->next_drr. 1811 * Verify checksum of payload and next record. 1812 */ 1813static int 1814restore_read_payload_and_next_header(struct restorearg *ra, int len, void *buf) 1815{ 1816 int err; 1817 1818 if (len != 0) { 1819 ASSERT3U(len, <=, ra->bufsize); 1820 err = restore_read(ra, len, buf); 1821 if (err != 0) 1822 return (err); 1823 restore_cksum(ra, len, buf); 1824 } 1825 1826 ra->prev_cksum = ra->cksum; 1827 1828 err = restore_read(ra, sizeof (*ra->next_drr), ra->next_drr); 1829 if (err != 0) 1830 return (err); 1831 if (ra->next_drr->drr_type == DRR_BEGIN) 1832 return (SET_ERROR(EINVAL)); 1833 1834 /* 1835 * Note: checksum is of everything up to but not including the 1836 * checksum itself. 1837 */ 1838 ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), 1839 ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t)); 1840 restore_cksum(ra, 1841 offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum), 1842 ra->next_drr); 1843 1844 zio_cksum_t cksum_orig = ra->next_drr->drr_u.drr_checksum.drr_checksum; 1845 zio_cksum_t *cksump = &ra->next_drr->drr_u.drr_checksum.drr_checksum; 1846 1847 if (ra->byteswap) 1848 byteswap_record(ra->next_drr); 1849 1850 if ((!ZIO_CHECKSUM_IS_ZERO(cksump)) && 1851 !ZIO_CHECKSUM_EQUAL(ra->cksum, *cksump)) 1852 return (SET_ERROR(ECKSUM)); 1853 1854 restore_cksum(ra, sizeof (cksum_orig), &cksum_orig); 1855 1856 return (0); 1857} 1858 1859static int 1860restore_process_record(struct restorearg *ra) 1861{ 1862 int err; 1863 1864 switch (ra->drr->drr_type) { 1865 case DRR_OBJECT: 1866 { 1867 struct drr_object *drro = &ra->drr->drr_u.drr_object; 1868 err = restore_read_payload_and_next_header(ra, 1869 P2ROUNDUP(drro->drr_bonuslen, 8), ra->buf); 1870 if (err != 0) 1871 return (err); 1872 return (restore_object(ra, drro, ra->buf)); 1873 } 1874 case DRR_FREEOBJECTS: 1875 { 1876 struct drr_freeobjects *drrfo = 1877 &ra->drr->drr_u.drr_freeobjects; 1878 err = restore_read_payload_and_next_header(ra, 0, NULL); 1879 if (err != 0) 1880 return (err); 1881 return (restore_freeobjects(ra, drrfo)); 1882 } 1883 case DRR_WRITE: 1884 { 1885 struct drr_write *drrw = &ra->drr->drr_u.drr_write; 1886 arc_buf_t *abuf = arc_loan_buf(dmu_objset_spa(ra->os), 1887 drrw->drr_length); 1888 1889 err = restore_read_payload_and_next_header(ra, 1890 drrw->drr_length, abuf->b_data); 1891 if (err != 0) 1892 return (err); 1893 err = restore_write(ra, drrw, abuf); 1894 /* if restore_write() is successful, it consumes the arc_buf */ 1895 if (err != 0) 1896 dmu_return_arcbuf(abuf); 1897 return (err); 1898 } 1899 case DRR_WRITE_BYREF: 1900 { 1901 struct drr_write_byref *drrwbr = 1902 &ra->drr->drr_u.drr_write_byref; 1903 err = restore_read_payload_and_next_header(ra, 0, NULL); 1904 if (err != 0) 1905 return (err); 1906 return (restore_write_byref(ra, drrwbr)); 1907 } 1908 case DRR_WRITE_EMBEDDED: 1909 { 1910 struct drr_write_embedded *drrwe = 1911 &ra->drr->drr_u.drr_write_embedded; 1912 err = restore_read_payload_and_next_header(ra, 1913 P2ROUNDUP(drrwe->drr_psize, 8), ra->buf); 1914 if (err != 0) 1915 return (err); 1916 return (restore_write_embedded(ra, drrwe, ra->buf)); 1917 } 1918 case DRR_FREE: 1919 { 1920 struct drr_free *drrf = &ra->drr->drr_u.drr_free; 1921 err = restore_read_payload_and_next_header(ra, 0, NULL); 1922 if (err != 0) 1923 return (err); 1924 return (restore_free(ra, drrf)); 1925 } 1926 case DRR_END: 1927 { 1928 struct drr_end *drre = &ra->drr->drr_u.drr_end; 1929 if (!ZIO_CHECKSUM_EQUAL(ra->prev_cksum, drre->drr_checksum)) 1930 return (SET_ERROR(EINVAL)); 1931 return (0); 1932 } 1933 case DRR_SPILL: 1934 { 1935 struct drr_spill *drrs = &ra->drr->drr_u.drr_spill; 1936 err = restore_read_payload_and_next_header(ra, 1937 drrs->drr_length, ra->buf); 1938 if (err != 0) 1939 return (err); 1940 return (restore_spill(ra, drrs, ra->buf)); 1941 } 1942 default: 1943 return (SET_ERROR(EINVAL)); 1944 } 1945} 1946 1947/* 1948 * NB: callers *must* call dmu_recv_end() if this succeeds. 1949 */ 1950int 1951dmu_recv_stream(dmu_recv_cookie_t *drc, struct file *fp, offset_t *voffp, 1952 int cleanup_fd, uint64_t *action_handlep) 1953{ 1954 int err = 0; 1955 struct restorearg ra = { 0 }; 1956 int featureflags; 1957 1958 ra.byteswap = drc->drc_byteswap; 1959 ra.cksum = drc->drc_cksum; 1960 ra.td = curthread; 1961 ra.fp = fp; 1962 ra.voff = *voffp; 1963 ra.bufsize = SPA_MAXBLOCKSIZE; 1964 ra.drr = kmem_alloc(sizeof (*ra.drr), KM_SLEEP); 1965 ra.buf = kmem_alloc(ra.bufsize, KM_SLEEP); 1966 ra.next_drr = kmem_alloc(sizeof (*ra.next_drr), KM_SLEEP); 1967 1968 /* these were verified in dmu_recv_begin */ 1969 ASSERT3U(DMU_GET_STREAM_HDRTYPE(drc->drc_drrb->drr_versioninfo), ==, 1970 DMU_SUBSTREAM); 1971 ASSERT3U(drc->drc_drrb->drr_type, <, DMU_OST_NUMTYPES); 1972 1973 /* 1974 * Open the objset we are modifying. 1975 */ 1976 VERIFY0(dmu_objset_from_ds(drc->drc_ds, &ra.os)); 1977 1978 ASSERT(dsl_dataset_phys(drc->drc_ds)->ds_flags & DS_FLAG_INCONSISTENT); 1979 1980 featureflags = DMU_GET_FEATUREFLAGS(drc->drc_drrb->drr_versioninfo); 1981 1982 /* if this stream is dedup'ed, set up the avl tree for guid mapping */ 1983 if (featureflags & DMU_BACKUP_FEATURE_DEDUP) { 1984 minor_t minor; 1985 1986 if (cleanup_fd == -1) { 1987 ra.err = SET_ERROR(EBADF); 1988 goto out; 1989 } 1990 ra.err = zfs_onexit_fd_hold(cleanup_fd, &minor); 1991 if (ra.err != 0) { 1992 cleanup_fd = -1; 1993 goto out; 1994 } 1995 1996 if (*action_handlep == 0) { 1997 ra.guid_to_ds_map = 1998 kmem_alloc(sizeof (avl_tree_t), KM_SLEEP); 1999 avl_create(ra.guid_to_ds_map, guid_compare, 2000 sizeof (guid_map_entry_t), 2001 offsetof(guid_map_entry_t, avlnode)); 2002 err = zfs_onexit_add_cb(minor, 2003 free_guid_map_onexit, ra.guid_to_ds_map, 2004 action_handlep); 2005 if (ra.err != 0) 2006 goto out; 2007 } else { 2008 err = zfs_onexit_cb_data(minor, *action_handlep, 2009 (void **)&ra.guid_to_ds_map); 2010 if (ra.err != 0) 2011 goto out; 2012 } 2013 2014 drc->drc_guid_to_ds_map = ra.guid_to_ds_map; 2015 } 2016 2017 err = restore_read_payload_and_next_header(&ra, 0, NULL); 2018 if (err != 0) 2019 goto out; 2020 for (;;) { 2021 void *tmp; 2022 2023 if (issig(JUSTLOOKING) && issig(FORREAL)) { 2024 err = SET_ERROR(EINTR); 2025 break; 2026 } 2027 2028 tmp = ra.next_drr; 2029 ra.next_drr = ra.drr; 2030 ra.drr = tmp; 2031 2032 /* process ra.drr, read in ra.next_drr */ 2033 err = restore_process_record(&ra); 2034 if (err != 0) 2035 break; 2036 if (ra.drr->drr_type == DRR_END) 2037 break; 2038 } 2039 2040out: 2041 if ((featureflags & DMU_BACKUP_FEATURE_DEDUP) && (cleanup_fd != -1)) 2042 zfs_onexit_fd_rele(cleanup_fd); 2043 2044 if (err != 0) { 2045 /* 2046 * destroy what we created, so we don't leave it in the 2047 * inconsistent restoring state. 2048 */ 2049 dmu_recv_cleanup_ds(drc); 2050 } 2051 2052 kmem_free(ra.drr, sizeof (*ra.drr)); 2053 kmem_free(ra.buf, ra.bufsize); 2054 kmem_free(ra.next_drr, sizeof (*ra.next_drr)); 2055 *voffp = ra.voff; 2056 return (err); 2057} 2058 2059static int 2060dmu_recv_end_check(void *arg, dmu_tx_t *tx) 2061{ 2062 dmu_recv_cookie_t *drc = arg; 2063 dsl_pool_t *dp = dmu_tx_pool(tx); 2064 int error; 2065 2066 ASSERT3P(drc->drc_ds->ds_owner, ==, dmu_recv_tag); 2067 2068 if (!drc->drc_newfs) { 2069 dsl_dataset_t *origin_head; 2070 2071 error = dsl_dataset_hold(dp, drc->drc_tofs, FTAG, &origin_head); 2072 if (error != 0) 2073 return (error); 2074 if (drc->drc_force) { 2075 /* 2076 * We will destroy any snapshots in tofs (i.e. before 2077 * origin_head) that are after the origin (which is 2078 * the snap before drc_ds, because drc_ds can not 2079 * have any snaps of its own). 2080 */ 2081 uint64_t obj; 2082 2083 obj = dsl_dataset_phys(origin_head)->ds_prev_snap_obj; 2084 while (obj != 2085 dsl_dataset_phys(drc->drc_ds)->ds_prev_snap_obj) { 2086 dsl_dataset_t *snap; 2087 error = dsl_dataset_hold_obj(dp, obj, FTAG, 2088 &snap); 2089 if (error != 0) 2090 break; 2091 if (snap->ds_dir != origin_head->ds_dir) 2092 error = SET_ERROR(EINVAL); 2093 if (error == 0) { 2094 error = dsl_destroy_snapshot_check_impl( 2095 snap, B_FALSE); 2096 } 2097 obj = dsl_dataset_phys(snap)->ds_prev_snap_obj; 2098 dsl_dataset_rele(snap, FTAG); 2099 if (error != 0) 2100 break; 2101 } 2102 if (error != 0) { 2103 dsl_dataset_rele(origin_head, FTAG); 2104 return (error); 2105 } 2106 } 2107 error = dsl_dataset_clone_swap_check_impl(drc->drc_ds, 2108 origin_head, drc->drc_force, drc->drc_owner, tx); 2109 if (error != 0) { 2110 dsl_dataset_rele(origin_head, FTAG); 2111 return (error); 2112 } 2113 error = dsl_dataset_snapshot_check_impl(origin_head, 2114 drc->drc_tosnap, tx, B_TRUE, 1, drc->drc_cred); 2115 dsl_dataset_rele(origin_head, FTAG); 2116 if (error != 0) 2117 return (error); 2118 2119 error = dsl_destroy_head_check_impl(drc->drc_ds, 1); 2120 } else { 2121 error = dsl_dataset_snapshot_check_impl(drc->drc_ds, 2122 drc->drc_tosnap, tx, B_TRUE, 1, drc->drc_cred); 2123 } 2124 return (error); 2125} 2126 2127static void 2128dmu_recv_end_sync(void *arg, dmu_tx_t *tx) 2129{ 2130 dmu_recv_cookie_t *drc = arg; 2131 dsl_pool_t *dp = dmu_tx_pool(tx); 2132 2133 spa_history_log_internal_ds(drc->drc_ds, "finish receiving", 2134 tx, "snap=%s", drc->drc_tosnap); 2135 2136 if (!drc->drc_newfs) { 2137 dsl_dataset_t *origin_head; 2138 2139 VERIFY0(dsl_dataset_hold(dp, drc->drc_tofs, FTAG, 2140 &origin_head)); 2141 2142 if (drc->drc_force) { 2143 /* 2144 * Destroy any snapshots of drc_tofs (origin_head) 2145 * after the origin (the snap before drc_ds). 2146 */ 2147 uint64_t obj; 2148 2149 obj = dsl_dataset_phys(origin_head)->ds_prev_snap_obj; 2150 while (obj != 2151 dsl_dataset_phys(drc->drc_ds)->ds_prev_snap_obj) { 2152 dsl_dataset_t *snap; 2153 VERIFY0(dsl_dataset_hold_obj(dp, obj, FTAG, 2154 &snap)); 2155 ASSERT3P(snap->ds_dir, ==, origin_head->ds_dir); 2156 obj = dsl_dataset_phys(snap)->ds_prev_snap_obj; 2157 dsl_destroy_snapshot_sync_impl(snap, 2158 B_FALSE, tx); 2159 dsl_dataset_rele(snap, FTAG); 2160 } 2161 } 2162 VERIFY3P(drc->drc_ds->ds_prev, ==, 2163 origin_head->ds_prev); 2164 2165 dsl_dataset_clone_swap_sync_impl(drc->drc_ds, 2166 origin_head, tx); 2167 dsl_dataset_snapshot_sync_impl(origin_head, 2168 drc->drc_tosnap, tx); 2169 2170 /* set snapshot's creation time and guid */ 2171 dmu_buf_will_dirty(origin_head->ds_prev->ds_dbuf, tx); 2172 dsl_dataset_phys(origin_head->ds_prev)->ds_creation_time = 2173 drc->drc_drrb->drr_creation_time; 2174 dsl_dataset_phys(origin_head->ds_prev)->ds_guid = 2175 drc->drc_drrb->drr_toguid; 2176 dsl_dataset_phys(origin_head->ds_prev)->ds_flags &= 2177 ~DS_FLAG_INCONSISTENT; 2178 2179 dmu_buf_will_dirty(origin_head->ds_dbuf, tx); 2180 dsl_dataset_phys(origin_head)->ds_flags &= 2181 ~DS_FLAG_INCONSISTENT; 2182 2183 dsl_dataset_rele(origin_head, FTAG); 2184 dsl_destroy_head_sync_impl(drc->drc_ds, tx); 2185 2186 if (drc->drc_owner != NULL) 2187 VERIFY3P(origin_head->ds_owner, ==, drc->drc_owner); 2188 } else { 2189 dsl_dataset_t *ds = drc->drc_ds; 2190 2191 dsl_dataset_snapshot_sync_impl(ds, drc->drc_tosnap, tx); 2192 2193 /* set snapshot's creation time and guid */ 2194 dmu_buf_will_dirty(ds->ds_prev->ds_dbuf, tx); 2195 dsl_dataset_phys(ds->ds_prev)->ds_creation_time = 2196 drc->drc_drrb->drr_creation_time; 2197 dsl_dataset_phys(ds->ds_prev)->ds_guid = 2198 drc->drc_drrb->drr_toguid; 2199 dsl_dataset_phys(ds->ds_prev)->ds_flags &= 2200 ~DS_FLAG_INCONSISTENT; 2201 2202 dmu_buf_will_dirty(ds->ds_dbuf, tx); 2203 dsl_dataset_phys(ds)->ds_flags &= ~DS_FLAG_INCONSISTENT; 2204 } 2205 drc->drc_newsnapobj = dsl_dataset_phys(drc->drc_ds)->ds_prev_snap_obj; 2206 /* 2207 * Release the hold from dmu_recv_begin. This must be done before 2208 * we return to open context, so that when we free the dataset's dnode, 2209 * we can evict its bonus buffer. 2210 */ 2211 dsl_dataset_disown(drc->drc_ds, dmu_recv_tag); 2212 drc->drc_ds = NULL; 2213} 2214 2215static int 2216add_ds_to_guidmap(const char *name, avl_tree_t *guid_map, uint64_t snapobj) 2217{ 2218 dsl_pool_t *dp; 2219 dsl_dataset_t *snapds; 2220 guid_map_entry_t *gmep; 2221 int err; 2222 2223 ASSERT(guid_map != NULL); 2224 2225 err = dsl_pool_hold(name, FTAG, &dp); 2226 if (err != 0) 2227 return (err); 2228 gmep = kmem_alloc(sizeof (*gmep), KM_SLEEP); 2229 err = dsl_dataset_hold_obj(dp, snapobj, gmep, &snapds); 2230 if (err == 0) { 2231 gmep->guid = dsl_dataset_phys(snapds)->ds_guid; 2232 gmep->gme_ds = snapds; 2233 avl_add(guid_map, gmep); 2234 dsl_dataset_long_hold(snapds, gmep); 2235 } else 2236 kmem_free(gmep, sizeof (*gmep)); 2237 2238 dsl_pool_rele(dp, FTAG); 2239 return (err); 2240} 2241 2242static int dmu_recv_end_modified_blocks = 3; 2243 2244static int 2245dmu_recv_existing_end(dmu_recv_cookie_t *drc) 2246{ 2247 int error; 2248 char name[MAXNAMELEN]; 2249 2250#ifdef _KERNEL 2251 /* 2252 * We will be destroying the ds; make sure its origin is unmounted if 2253 * necessary. 2254 */ 2255 dsl_dataset_name(drc->drc_ds, name); 2256 zfs_destroy_unmount_origin(name); 2257#endif 2258 2259 error = dsl_sync_task(drc->drc_tofs, 2260 dmu_recv_end_check, dmu_recv_end_sync, drc, 2261 dmu_recv_end_modified_blocks, ZFS_SPACE_CHECK_NORMAL); 2262 2263 if (error != 0) 2264 dmu_recv_cleanup_ds(drc); 2265 return (error); 2266} 2267 2268static int 2269dmu_recv_new_end(dmu_recv_cookie_t *drc) 2270{ 2271 int error; 2272 2273 error = dsl_sync_task(drc->drc_tofs, 2274 dmu_recv_end_check, dmu_recv_end_sync, drc, 2275 dmu_recv_end_modified_blocks, ZFS_SPACE_CHECK_NORMAL); 2276 2277 if (error != 0) { 2278 dmu_recv_cleanup_ds(drc); 2279 } else if (drc->drc_guid_to_ds_map != NULL) { 2280 (void) add_ds_to_guidmap(drc->drc_tofs, 2281 drc->drc_guid_to_ds_map, 2282 drc->drc_newsnapobj); 2283 } 2284 return (error); 2285} 2286 2287int 2288dmu_recv_end(dmu_recv_cookie_t *drc, void *owner) 2289{ 2290 drc->drc_owner = owner; 2291 2292 if (drc->drc_newfs) 2293 return (dmu_recv_new_end(drc)); 2294 else 2295 return (dmu_recv_existing_end(drc)); 2296} 2297 2298/* 2299 * Return TRUE if this objset is currently being received into. 2300 */ 2301boolean_t 2302dmu_objset_is_receiving(objset_t *os) 2303{ 2304 return (os->os_dsl_dataset != NULL && 2305 os->os_dsl_dataset->ds_owner == dmu_recv_tag); 2306} 2307