1789Sahrens /* 2789Sahrens * CDDL HEADER START 3789Sahrens * 4789Sahrens * The contents of this file are subject to the terms of the 51484Sek110237 * Common Development and Distribution License (the "License"). 61484Sek110237 * You may not use this file except in compliance with the License. 7789Sahrens * 8789Sahrens * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9789Sahrens * or http://www.opensolaris.org/os/licensing. 10789Sahrens * See the License for the specific language governing permissions 11789Sahrens * and limitations under the License. 12789Sahrens * 13789Sahrens * When distributing Covered Code, include this CDDL HEADER in each 14789Sahrens * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15789Sahrens * If applicable, add the following below this CDDL HEADER, with the 16789Sahrens * fields enclosed by brackets "[]" replaced with your own identifying 17789Sahrens * information: Portions Copyright [yyyy] [name of copyright owner] 18789Sahrens * 19789Sahrens * CDDL HEADER END 20789Sahrens */ 21789Sahrens /* 22*11935SMark.Shellenbaum@Sun.COM * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23789Sahrens * Use is subject to license terms. 24789Sahrens */ 25789Sahrens 26789Sahrens #include <sys/types.h> 27789Sahrens #include <sys/param.h> 28789Sahrens #include <sys/time.h> 29789Sahrens #include <sys/systm.h> 30789Sahrens #include <sys/sysmacros.h> 31789Sahrens #include <sys/resource.h> 32789Sahrens #include <sys/vfs.h> 33789Sahrens #include <sys/vnode.h> 34789Sahrens #include <sys/file.h> 35789Sahrens #include <sys/mode.h> 36789Sahrens #include <sys/kmem.h> 37789Sahrens #include <sys/uio.h> 38789Sahrens #include <sys/pathname.h> 39789Sahrens #include <sys/cmn_err.h> 40789Sahrens #include <sys/errno.h> 41789Sahrens #include <sys/stat.h> 42789Sahrens #include <sys/unistd.h> 435498Stimh #include <sys/sunddi.h> 44789Sahrens #include <sys/random.h> 45789Sahrens #include <sys/policy.h> 46789Sahrens #include <sys/zfs_dir.h> 47789Sahrens #include <sys/zfs_acl.h> 48789Sahrens #include <sys/fs/zfs.h> 49789Sahrens #include "fs/fs_subr.h" 50789Sahrens #include <sys/zap.h> 51789Sahrens #include <sys/dmu.h> 52789Sahrens #include <sys/atomic.h> 53789Sahrens #include <sys/zfs_ctldir.h> 545331Samw #include <sys/zfs_fuid.h> 55*11935SMark.Shellenbaum@Sun.COM #include <sys/sa.h> 56*11935SMark.Shellenbaum@Sun.COM #include <sys/zfs_sa.h> 571484Sek110237 #include <sys/dnlc.h> 585331Samw #include <sys/extdirent.h> 595331Samw 605331Samw /* 615331Samw * zfs_match_find() is used by zfs_dirent_lock() to peform zap lookups 625331Samw * of names after deciding which is the appropriate lookup interface. 635331Samw */ 645331Samw static int 655331Samw zfs_match_find(zfsvfs_t *zfsvfs, znode_t *dzp, char *name, boolean_t exact, 665331Samw boolean_t update, int *deflags, pathname_t *rpnp, uint64_t *zoid) 675331Samw { 685331Samw int error; 695331Samw 705331Samw if (zfsvfs->z_norm) { 715331Samw matchtype_t mt = MT_FIRST; 725331Samw boolean_t conflict = B_FALSE; 735331Samw size_t bufsz = 0; 745331Samw char *buf = NULL; 755331Samw 765331Samw if (rpnp) { 776492Stimh buf = rpnp->pn_buf; 785331Samw bufsz = rpnp->pn_bufsize; 795331Samw } 805331Samw if (exact) 815331Samw mt = MT_EXACT; 825331Samw /* 835331Samw * In the non-mixed case we only expect there would ever 845331Samw * be one match, but we need to use the normalizing lookup. 855331Samw */ 865331Samw error = zap_lookup_norm(zfsvfs->z_os, dzp->z_id, name, 8, 1, 875331Samw zoid, mt, buf, bufsz, &conflict); 886492Stimh if (!error && deflags) 895331Samw *deflags = conflict ? ED_CASE_CONFLICT : 0; 905331Samw } else { 915331Samw error = zap_lookup(zfsvfs->z_os, dzp->z_id, name, 8, 1, zoid); 925331Samw } 935331Samw *zoid = ZFS_DIRENT_OBJ(*zoid); 945331Samw 955331Samw if (error == ENOENT && update) 965331Samw dnlc_update(ZTOV(dzp), name, DNLC_NO_VNODE); 975331Samw 985331Samw return (error); 995331Samw } 100789Sahrens 101789Sahrens /* 102789Sahrens * Lock a directory entry. A dirlock on <dzp, name> protects that name 103789Sahrens * in dzp's directory zap object. As long as you hold a dirlock, you can 104789Sahrens * assume two things: (1) dzp cannot be reaped, and (2) no other thread 105789Sahrens * can change the zap entry for (i.e. link or unlink) this name. 106789Sahrens * 107789Sahrens * Input arguments: 108789Sahrens * dzp - znode for directory 109789Sahrens * name - name of entry to lock 110789Sahrens * flag - ZNEW: if the entry already exists, fail with EEXIST. 111789Sahrens * ZEXISTS: if the entry does not exist, fail with ENOENT. 112789Sahrens * ZSHARED: allow concurrent access with other ZSHARED callers. 113789Sahrens * ZXATTR: we want dzp's xattr directory 1145331Samw * ZCILOOK: On a mixed sensitivity file system, 1155331Samw * this lookup should be case-insensitive. 1165331Samw * ZCIEXACT: On a purely case-insensitive file system, 1175331Samw * this lookup should be case-sensitive. 1185331Samw * ZRENAMING: we are locking for renaming, force narrow locks 11911321SSanjeev.Bagewadi@Sun.COM * ZHAVELOCK: Don't grab the z_name_lock for this call. The 12011321SSanjeev.Bagewadi@Sun.COM * current thread already holds it. 121789Sahrens * 122789Sahrens * Output arguments: 123789Sahrens * zpp - pointer to the znode for the entry (NULL if there isn't one) 124789Sahrens * dlpp - pointer to the dirlock for this entry (NULL on error) 1255331Samw * direntflags - (case-insensitive lookup only) 1265331Samw * flags if multiple case-sensitive matches exist in directory 1275331Samw * realpnp - (case-insensitive lookup only) 1285331Samw * actual name matched within the directory 129789Sahrens * 130789Sahrens * Return value: 0 on success or errno on failure. 131789Sahrens * 132789Sahrens * NOTE: Always checks for, and rejects, '.' and '..'. 1335331Samw * NOTE: For case-insensitive file systems we take wide locks (see below), 1345331Samw * but return znode pointers to a single match. 135789Sahrens */ 136789Sahrens int 137789Sahrens zfs_dirent_lock(zfs_dirlock_t **dlpp, znode_t *dzp, char *name, znode_t **zpp, 1385331Samw int flag, int *direntflags, pathname_t *realpnp) 139789Sahrens { 140789Sahrens zfsvfs_t *zfsvfs = dzp->z_zfsvfs; 141789Sahrens zfs_dirlock_t *dl; 1425331Samw boolean_t update; 1435331Samw boolean_t exact; 144789Sahrens uint64_t zoid; 1455331Samw vnode_t *vp = NULL; 1465331Samw int error = 0; 1475331Samw int cmpflags; 148789Sahrens 149789Sahrens *zpp = NULL; 150789Sahrens *dlpp = NULL; 151789Sahrens 152789Sahrens /* 153789Sahrens * Verify that we are not trying to lock '.', '..', or '.zfs' 154789Sahrens */ 155789Sahrens if (name[0] == '.' && 156789Sahrens (name[1] == '\0' || (name[1] == '.' && name[2] == '\0')) || 157789Sahrens zfs_has_ctldir(dzp) && strcmp(name, ZFS_CTLDIR_NAME) == 0) 158789Sahrens return (EEXIST); 159789Sahrens 160789Sahrens /* 1615331Samw * Case sensitivity and normalization preferences are set when 1625331Samw * the file system is created. These are stored in the 1635331Samw * zfsvfs->z_case and zfsvfs->z_norm fields. These choices 1645331Samw * affect what vnodes can be cached in the DNLC, how we 1655331Samw * perform zap lookups, and the "width" of our dirlocks. 1665331Samw * 1675331Samw * A normal dirlock locks a single name. Note that with 1685331Samw * normalization a name can be composed multiple ways, but 1695331Samw * when normalized, these names all compare equal. A wide 1705331Samw * dirlock locks multiple names. We need these when the file 1715331Samw * system is supporting mixed-mode access. It is sometimes 1725331Samw * necessary to lock all case permutations of file name at 1735331Samw * once so that simultaneous case-insensitive/case-sensitive 1745331Samw * behaves as rationally as possible. 1755331Samw */ 1765331Samw 1775331Samw /* 1785331Samw * Decide if exact matches should be requested when performing 1795331Samw * a zap lookup on file systems supporting case-insensitive 1805331Samw * access. 1815331Samw */ 1825498Stimh exact = 1835498Stimh ((zfsvfs->z_case == ZFS_CASE_INSENSITIVE) && (flag & ZCIEXACT)) || 1845498Stimh ((zfsvfs->z_case == ZFS_CASE_MIXED) && !(flag & ZCILOOK)); 1855331Samw 1865331Samw /* 1875331Samw * Only look in or update the DNLC if we are looking for the 1885331Samw * name on a file system that does not require normalization 1895331Samw * or case folding. We can also look there if we happen to be 1905331Samw * on a non-normalizing, mixed sensitivity file system IF we 1915331Samw * are looking for the exact name. 1925331Samw * 1935331Samw * Maybe can add TO-UPPERed version of name to dnlc in ci-only 1945331Samw * case for performance improvement? 1955331Samw */ 1965331Samw update = !zfsvfs->z_norm || 1975498Stimh ((zfsvfs->z_case == ZFS_CASE_MIXED) && 1985331Samw !(zfsvfs->z_norm & ~U8_TEXTPREP_TOUPPER) && !(flag & ZCILOOK)); 1995331Samw 2005331Samw /* 2015331Samw * ZRENAMING indicates we are in a situation where we should 2025331Samw * take narrow locks regardless of the file system's 2035331Samw * preferences for normalizing and case folding. This will 2045331Samw * prevent us deadlocking trying to grab the same wide lock 2055331Samw * twice if the two names happen to be case-insensitive 2065331Samw * matches. 2075331Samw */ 2085331Samw if (flag & ZRENAMING) 2095331Samw cmpflags = 0; 2105331Samw else 2115331Samw cmpflags = zfsvfs->z_norm; 2125331Samw 2135331Samw /* 214789Sahrens * Wait until there are no locks on this name. 21511321SSanjeev.Bagewadi@Sun.COM * 21611321SSanjeev.Bagewadi@Sun.COM * Don't grab the the lock if it is already held. However, cannot 21711321SSanjeev.Bagewadi@Sun.COM * have both ZSHARED and ZHAVELOCK together. 218789Sahrens */ 21911321SSanjeev.Bagewadi@Sun.COM ASSERT(!(flag & ZSHARED) || !(flag & ZHAVELOCK)); 22011321SSanjeev.Bagewadi@Sun.COM if (!(flag & ZHAVELOCK)) 22111321SSanjeev.Bagewadi@Sun.COM rw_enter(&dzp->z_name_lock, RW_READER); 22211321SSanjeev.Bagewadi@Sun.COM 223789Sahrens mutex_enter(&dzp->z_lock); 224789Sahrens for (;;) { 2253461Sahrens if (dzp->z_unlinked) { 226789Sahrens mutex_exit(&dzp->z_lock); 22711321SSanjeev.Bagewadi@Sun.COM if (!(flag & ZHAVELOCK)) 22811321SSanjeev.Bagewadi@Sun.COM rw_exit(&dzp->z_name_lock); 229789Sahrens return (ENOENT); 230789Sahrens } 2315331Samw for (dl = dzp->z_dirlocks; dl != NULL; dl = dl->dl_next) { 2325331Samw if ((u8_strcmp(name, dl->dl_name, 0, cmpflags, 2335331Samw U8_UNICODE_LATEST, &error) == 0) || error != 0) 234789Sahrens break; 2355331Samw } 2365331Samw if (error != 0) { 2375331Samw mutex_exit(&dzp->z_lock); 23811321SSanjeev.Bagewadi@Sun.COM if (!(flag & ZHAVELOCK)) 23911321SSanjeev.Bagewadi@Sun.COM rw_exit(&dzp->z_name_lock); 2405331Samw return (ENOENT); 2415331Samw } 242789Sahrens if (dl == NULL) { 243789Sahrens /* 244789Sahrens * Allocate a new dirlock and add it to the list. 245789Sahrens */ 246789Sahrens dl = kmem_alloc(sizeof (zfs_dirlock_t), KM_SLEEP); 247789Sahrens cv_init(&dl->dl_cv, NULL, CV_DEFAULT, NULL); 248789Sahrens dl->dl_name = name; 249789Sahrens dl->dl_sharecnt = 0; 25011321SSanjeev.Bagewadi@Sun.COM dl->dl_namelock = 0; 251789Sahrens dl->dl_namesize = 0; 252789Sahrens dl->dl_dzp = dzp; 253789Sahrens dl->dl_next = dzp->z_dirlocks; 254789Sahrens dzp->z_dirlocks = dl; 255789Sahrens break; 256789Sahrens } 257789Sahrens if ((flag & ZSHARED) && dl->dl_sharecnt != 0) 258789Sahrens break; 259789Sahrens cv_wait(&dl->dl_cv, &dzp->z_lock); 260789Sahrens } 261789Sahrens 26211321SSanjeev.Bagewadi@Sun.COM /* 26311321SSanjeev.Bagewadi@Sun.COM * If the z_name_lock was NOT held for this dirlock record it. 26411321SSanjeev.Bagewadi@Sun.COM */ 26511321SSanjeev.Bagewadi@Sun.COM if (flag & ZHAVELOCK) 26611321SSanjeev.Bagewadi@Sun.COM dl->dl_namelock = 1; 26711321SSanjeev.Bagewadi@Sun.COM 268789Sahrens if ((flag & ZSHARED) && ++dl->dl_sharecnt > 1 && dl->dl_namesize == 0) { 269789Sahrens /* 270789Sahrens * We're the second shared reference to dl. Make a copy of 271789Sahrens * dl_name in case the first thread goes away before we do. 272789Sahrens * Note that we initialize the new name before storing its 273789Sahrens * pointer into dl_name, because the first thread may load 274789Sahrens * dl->dl_name at any time. He'll either see the old value, 275789Sahrens * which is his, or the new shared copy; either is OK. 276789Sahrens */ 277789Sahrens dl->dl_namesize = strlen(dl->dl_name) + 1; 278789Sahrens name = kmem_alloc(dl->dl_namesize, KM_SLEEP); 279789Sahrens bcopy(dl->dl_name, name, dl->dl_namesize); 280789Sahrens dl->dl_name = name; 281789Sahrens } 282789Sahrens 283789Sahrens mutex_exit(&dzp->z_lock); 284789Sahrens 285789Sahrens /* 286789Sahrens * We have a dirlock on the name. (Note that it is the dirlock, 287789Sahrens * not the dzp's z_lock, that protects the name in the zap object.) 288789Sahrens * See if there's an object by this name; if so, put a hold on it. 289789Sahrens */ 290789Sahrens if (flag & ZXATTR) { 291*11935SMark.Shellenbaum@Sun.COM error = sa_lookup(dzp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs), &zoid, 292*11935SMark.Shellenbaum@Sun.COM sizeof (zoid)); 293*11935SMark.Shellenbaum@Sun.COM if (error == 0) 294*11935SMark.Shellenbaum@Sun.COM error = (zoid == 0 ? ENOENT : 0); 295789Sahrens } else { 2965331Samw if (update) 2975331Samw vp = dnlc_lookup(ZTOV(dzp), name); 2981484Sek110237 if (vp == DNLC_NO_VNODE) { 2991484Sek110237 VN_RELE(vp); 3001484Sek110237 error = ENOENT; 3011484Sek110237 } else if (vp) { 3021484Sek110237 if (flag & ZNEW) { 3031484Sek110237 zfs_dirent_unlock(dl); 3041484Sek110237 VN_RELE(vp); 3051484Sek110237 return (EEXIST); 3061484Sek110237 } 3071484Sek110237 *dlpp = dl; 3081484Sek110237 *zpp = VTOZ(vp); 3091484Sek110237 return (0); 3101484Sek110237 } else { 3115331Samw error = zfs_match_find(zfsvfs, dzp, name, exact, 3125331Samw update, direntflags, realpnp, &zoid); 3131484Sek110237 } 314789Sahrens } 315789Sahrens if (error) { 316789Sahrens if (error != ENOENT || (flag & ZEXISTS)) { 317789Sahrens zfs_dirent_unlock(dl); 318789Sahrens return (error); 319789Sahrens } 320789Sahrens } else { 321789Sahrens if (flag & ZNEW) { 322789Sahrens zfs_dirent_unlock(dl); 323789Sahrens return (EEXIST); 324789Sahrens } 325789Sahrens error = zfs_zget(zfsvfs, zoid, zpp); 326789Sahrens if (error) { 327789Sahrens zfs_dirent_unlock(dl); 328789Sahrens return (error); 329789Sahrens } 3305331Samw if (!(flag & ZXATTR) && update) 3311484Sek110237 dnlc_update(ZTOV(dzp), name, ZTOV(*zpp)); 332789Sahrens } 333789Sahrens 334789Sahrens *dlpp = dl; 335789Sahrens 336789Sahrens return (0); 337789Sahrens } 338789Sahrens 339789Sahrens /* 340789Sahrens * Unlock this directory entry and wake anyone who was waiting for it. 341789Sahrens */ 342789Sahrens void 343789Sahrens zfs_dirent_unlock(zfs_dirlock_t *dl) 344789Sahrens { 345789Sahrens znode_t *dzp = dl->dl_dzp; 346789Sahrens zfs_dirlock_t **prev_dl, *cur_dl; 347789Sahrens 348789Sahrens mutex_enter(&dzp->z_lock); 34911321SSanjeev.Bagewadi@Sun.COM 35011321SSanjeev.Bagewadi@Sun.COM if (!dl->dl_namelock) 35111321SSanjeev.Bagewadi@Sun.COM rw_exit(&dzp->z_name_lock); 35211321SSanjeev.Bagewadi@Sun.COM 353789Sahrens if (dl->dl_sharecnt > 1) { 354789Sahrens dl->dl_sharecnt--; 355789Sahrens mutex_exit(&dzp->z_lock); 356789Sahrens return; 357789Sahrens } 358789Sahrens prev_dl = &dzp->z_dirlocks; 359789Sahrens while ((cur_dl = *prev_dl) != dl) 360789Sahrens prev_dl = &cur_dl->dl_next; 361789Sahrens *prev_dl = dl->dl_next; 362789Sahrens cv_broadcast(&dl->dl_cv); 363789Sahrens mutex_exit(&dzp->z_lock); 364789Sahrens 365789Sahrens if (dl->dl_namesize != 0) 366789Sahrens kmem_free(dl->dl_name, dl->dl_namesize); 367789Sahrens cv_destroy(&dl->dl_cv); 368789Sahrens kmem_free(dl, sizeof (*dl)); 369789Sahrens } 370789Sahrens 371789Sahrens /* 372789Sahrens * Look up an entry in a directory. 373789Sahrens * 374789Sahrens * NOTE: '.' and '..' are handled as special cases because 375789Sahrens * no directory entries are actually stored for them. If this is 376789Sahrens * the root of a filesystem, then '.zfs' is also treated as a 377789Sahrens * special pseudo-directory. 378789Sahrens */ 379789Sahrens int 3805331Samw zfs_dirlook(znode_t *dzp, char *name, vnode_t **vpp, int flags, 3815331Samw int *deflg, pathname_t *rpnp) 382789Sahrens { 383789Sahrens zfs_dirlock_t *dl; 384789Sahrens znode_t *zp; 385789Sahrens int error = 0; 386*11935SMark.Shellenbaum@Sun.COM uint64_t parent; 387789Sahrens 388789Sahrens if (name[0] == 0 || (name[0] == '.' && name[1] == 0)) { 389789Sahrens *vpp = ZTOV(dzp); 390789Sahrens VN_HOLD(*vpp); 391789Sahrens } else if (name[0] == '.' && name[1] == '.' && name[2] == 0) { 392789Sahrens zfsvfs_t *zfsvfs = dzp->z_zfsvfs; 393*11935SMark.Shellenbaum@Sun.COM 394789Sahrens /* 395789Sahrens * If we are a snapshot mounted under .zfs, return 396789Sahrens * the vp for the snapshot directory. 397789Sahrens */ 398*11935SMark.Shellenbaum@Sun.COM if ((error = sa_lookup(dzp->z_sa_hdl, 399*11935SMark.Shellenbaum@Sun.COM SA_ZPL_PARENT(zfsvfs), &parent, sizeof (parent))) != 0) 400*11935SMark.Shellenbaum@Sun.COM return (error); 401*11935SMark.Shellenbaum@Sun.COM if (parent == dzp->z_id && zfsvfs->z_parent != zfsvfs) { 402789Sahrens error = zfsctl_root_lookup(zfsvfs->z_parent->z_ctldir, 4035331Samw "snapshot", vpp, NULL, 0, NULL, kcred, 4045331Samw NULL, NULL, NULL); 405789Sahrens return (error); 406789Sahrens } 407789Sahrens rw_enter(&dzp->z_parent_lock, RW_READER); 408*11935SMark.Shellenbaum@Sun.COM error = zfs_zget(zfsvfs, parent, &zp); 409789Sahrens if (error == 0) 410789Sahrens *vpp = ZTOV(zp); 411789Sahrens rw_exit(&dzp->z_parent_lock); 412789Sahrens } else if (zfs_has_ctldir(dzp) && strcmp(name, ZFS_CTLDIR_NAME) == 0) { 413789Sahrens *vpp = zfsctl_root(dzp); 414789Sahrens } else { 4155331Samw int zf; 4165331Samw 4175331Samw zf = ZEXISTS | ZSHARED; 4185331Samw if (flags & FIGNORECASE) 4195331Samw zf |= ZCILOOK; 4205331Samw 4215331Samw error = zfs_dirent_lock(&dl, dzp, name, &zp, zf, deflg, rpnp); 422789Sahrens if (error == 0) { 423789Sahrens *vpp = ZTOV(zp); 424789Sahrens zfs_dirent_unlock(dl); 425869Sperrin dzp->z_zn_prefetch = B_TRUE; /* enable prefetching */ 426789Sahrens } 4275331Samw rpnp = NULL; 428789Sahrens } 429789Sahrens 4306492Stimh if ((flags & FIGNORECASE) && rpnp && !error) 4316492Stimh (void) strlcpy(rpnp->pn_buf, name, rpnp->pn_bufsize); 4325331Samw 433789Sahrens return (error); 434789Sahrens } 435789Sahrens 4361544Seschrock /* 4373461Sahrens * unlinked Set (formerly known as the "delete queue") Error Handling 4381544Seschrock * 4393461Sahrens * When dealing with the unlinked set, we dmu_tx_hold_zap(), but we 4401544Seschrock * don't specify the name of the entry that we will be manipulating. We 4411544Seschrock * also fib and say that we won't be adding any new entries to the 4423461Sahrens * unlinked set, even though we might (this is to lower the minimum file 4431544Seschrock * size that can be deleted in a full filesystem). So on the small 4443461Sahrens * chance that the nlink list is using a fat zap (ie. has more than 4451544Seschrock * 2000 entries), we *may* not pre-read a block that's needed. 4461544Seschrock * Therefore it is remotely possible for some of the assertions 4473461Sahrens * regarding the unlinked set below to fail due to i/o error. On a 4481544Seschrock * nondebug system, this will result in the space being leaked. 4491544Seschrock */ 450789Sahrens void 4513461Sahrens zfs_unlinked_add(znode_t *zp, dmu_tx_t *tx) 452789Sahrens { 453789Sahrens zfsvfs_t *zfsvfs = zp->z_zfsvfs; 454789Sahrens 4553461Sahrens ASSERT(zp->z_unlinked); 456*11935SMark.Shellenbaum@Sun.COM ASSERT(zp->z_links == 0); 457789Sahrens 4587046Sahrens VERIFY3U(0, ==, 4597046Sahrens zap_add_int(zfsvfs->z_os, zfsvfs->z_unlinkedobj, zp->z_id, tx)); 4606992Smaybee } 4616992Smaybee 462789Sahrens /* 4633461Sahrens * Clean up any znodes that had no links when we either crashed or 4643461Sahrens * (force) umounted the file system. 4653461Sahrens */ 4663461Sahrens void 4673461Sahrens zfs_unlinked_drain(zfsvfs_t *zfsvfs) 4683461Sahrens { 4693461Sahrens zap_cursor_t zc; 4703461Sahrens zap_attribute_t zap; 4713461Sahrens dmu_object_info_t doi; 4723461Sahrens znode_t *zp; 4733461Sahrens int error; 4743461Sahrens 4753461Sahrens /* 4763461Sahrens * Interate over the contents of the unlinked set. 4773461Sahrens */ 4783461Sahrens for (zap_cursor_init(&zc, zfsvfs->z_os, zfsvfs->z_unlinkedobj); 4793461Sahrens zap_cursor_retrieve(&zc, &zap) == 0; 4803461Sahrens zap_cursor_advance(&zc)) { 4813461Sahrens 4823461Sahrens /* 4833461Sahrens * See what kind of object we have in list 4843461Sahrens */ 4853461Sahrens 4863461Sahrens error = dmu_object_info(zfsvfs->z_os, 4873461Sahrens zap.za_first_integer, &doi); 4883461Sahrens if (error != 0) 4893461Sahrens continue; 4903461Sahrens 4913461Sahrens ASSERT((doi.doi_type == DMU_OT_PLAIN_FILE_CONTENTS) || 4923461Sahrens (doi.doi_type == DMU_OT_DIRECTORY_CONTENTS)); 4933461Sahrens /* 4943461Sahrens * We need to re-mark these list entries for deletion, 4953461Sahrens * so we pull them back into core and set zp->z_unlinked. 4963461Sahrens */ 4973461Sahrens error = zfs_zget(zfsvfs, zap.za_first_integer, &zp); 4983461Sahrens 4993461Sahrens /* 5003461Sahrens * We may pick up znodes that are already marked for deletion. 5013461Sahrens * This could happen during the purge of an extended attribute 5023461Sahrens * directory. All we need to do is skip over them, since they 5033461Sahrens * are already in the system marked z_unlinked. 5043461Sahrens */ 5053461Sahrens if (error != 0) 5063461Sahrens continue; 5073461Sahrens 5083461Sahrens zp->z_unlinked = B_TRUE; 5093461Sahrens VN_RELE(ZTOV(zp)); 5103461Sahrens } 5113461Sahrens zap_cursor_fini(&zc); 5123461Sahrens } 5133461Sahrens 5143461Sahrens /* 515789Sahrens * Delete the entire contents of a directory. Return a count 5165860Sck153898 * of the number of entries that could not be deleted. If we encounter 5175860Sck153898 * an error, return a count of at least one so that the directory stays 5185860Sck153898 * in the unlinked set. 519789Sahrens * 520789Sahrens * NOTE: this function assumes that the directory is inactive, 521789Sahrens * so there is no need to lock its entries before deletion. 522789Sahrens * Also, it assumes the directory contents is *only* regular 523789Sahrens * files. 524789Sahrens */ 525789Sahrens static int 526789Sahrens zfs_purgedir(znode_t *dzp) 527789Sahrens { 528789Sahrens zap_cursor_t zc; 529789Sahrens zap_attribute_t zap; 530789Sahrens znode_t *xzp; 531789Sahrens dmu_tx_t *tx; 532789Sahrens zfsvfs_t *zfsvfs = dzp->z_zfsvfs; 533789Sahrens zfs_dirlock_t dl; 534789Sahrens int skipped = 0; 535789Sahrens int error; 536789Sahrens 537789Sahrens for (zap_cursor_init(&zc, zfsvfs->z_os, dzp->z_id); 538789Sahrens (error = zap_cursor_retrieve(&zc, &zap)) == 0; 539789Sahrens zap_cursor_advance(&zc)) { 5403912Slling error = zfs_zget(zfsvfs, 5413912Slling ZFS_DIRENT_OBJ(zap.za_first_integer), &xzp); 5425860Sck153898 if (error) { 5435860Sck153898 skipped += 1; 5445860Sck153898 continue; 5455860Sck153898 } 546789Sahrens 547789Sahrens ASSERT((ZTOV(xzp)->v_type == VREG) || 548789Sahrens (ZTOV(xzp)->v_type == VLNK)); 549789Sahrens 550789Sahrens tx = dmu_tx_create(zfsvfs->z_os); 551*11935SMark.Shellenbaum@Sun.COM dmu_tx_hold_sa(tx, dzp->z_sa_hdl, B_FALSE); 5521544Seschrock dmu_tx_hold_zap(tx, dzp->z_id, FALSE, zap.za_name); 553*11935SMark.Shellenbaum@Sun.COM dmu_tx_hold_sa(tx, xzp->z_sa_hdl, B_FALSE); 5543461Sahrens dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL); 555*11935SMark.Shellenbaum@Sun.COM /* Is this really needed ? */ 556*11935SMark.Shellenbaum@Sun.COM zfs_sa_upgrade_txholds(tx, xzp); 557789Sahrens error = dmu_tx_assign(tx, TXG_WAIT); 558789Sahrens if (error) { 559789Sahrens dmu_tx_abort(tx); 560789Sahrens VN_RELE(ZTOV(xzp)); 561789Sahrens skipped += 1; 562789Sahrens continue; 563789Sahrens } 564789Sahrens bzero(&dl, sizeof (dl)); 565789Sahrens dl.dl_dzp = dzp; 566789Sahrens dl.dl_name = zap.za_name; 567789Sahrens 568789Sahrens error = zfs_link_destroy(&dl, xzp, tx, 0, NULL); 5695860Sck153898 if (error) 5705860Sck153898 skipped += 1; 571789Sahrens dmu_tx_commit(tx); 572789Sahrens 573789Sahrens VN_RELE(ZTOV(xzp)); 574789Sahrens } 575885Sahrens zap_cursor_fini(&zc); 5765860Sck153898 if (error != ENOENT) 5775860Sck153898 skipped += 1; 578789Sahrens return (skipped); 579789Sahrens } 580789Sahrens 581789Sahrens void 582789Sahrens zfs_rmnode(znode_t *zp) 583789Sahrens { 584789Sahrens zfsvfs_t *zfsvfs = zp->z_zfsvfs; 585789Sahrens objset_t *os = zfsvfs->z_os; 586789Sahrens znode_t *xzp = NULL; 587789Sahrens dmu_tx_t *tx; 588789Sahrens uint64_t acl_obj; 589*11935SMark.Shellenbaum@Sun.COM uint64_t xattr_obj; 590789Sahrens int error; 591789Sahrens 592*11935SMark.Shellenbaum@Sun.COM ASSERT(zp->z_links == 0); 593789Sahrens ASSERT(ZTOV(zp)->v_count == 0); 594789Sahrens 595789Sahrens /* 596789Sahrens * If this is an attribute directory, purge its contents. 597789Sahrens */ 598*11935SMark.Shellenbaum@Sun.COM if (ZTOV(zp)->v_type == VDIR && (zp->z_pflags & ZFS_XATTR)) { 599789Sahrens if (zfs_purgedir(zp) != 0) { 600789Sahrens /* 6013461Sahrens * Not enough space to delete some xattrs. 6026992Smaybee * Leave it in the unlinked set. 603789Sahrens */ 6045745Smaybee zfs_znode_dmu_fini(zp); 6055745Smaybee zfs_znode_free(zp); 606789Sahrens return; 607789Sahrens } 6083461Sahrens } 609789Sahrens 610789Sahrens /* 6116992Smaybee * Free up all the data in the file. 6126992Smaybee */ 6136992Smaybee error = dmu_free_long_range(os, zp->z_id, 0, DMU_OBJECT_END); 6146992Smaybee if (error) { 6156992Smaybee /* 6166992Smaybee * Not enough space. Leave the file in the unlinked set. 6176992Smaybee */ 6186992Smaybee zfs_znode_dmu_fini(zp); 6196992Smaybee zfs_znode_free(zp); 6206992Smaybee return; 6216992Smaybee } 6226992Smaybee 6236992Smaybee /* 6243461Sahrens * If the file has extended attributes, we're going to unlink 6253461Sahrens * the xattr dir. 626789Sahrens */ 627*11935SMark.Shellenbaum@Sun.COM error = sa_lookup(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs), 628*11935SMark.Shellenbaum@Sun.COM &xattr_obj, sizeof (xattr_obj)); 629*11935SMark.Shellenbaum@Sun.COM if (error == 0 && xattr_obj) { 630*11935SMark.Shellenbaum@Sun.COM error = zfs_zget(zfsvfs, xattr_obj, &xzp); 631789Sahrens ASSERT(error == 0); 632789Sahrens } 633789Sahrens 634*11935SMark.Shellenbaum@Sun.COM acl_obj = ZFS_EXTERNAL_ACL(zp); 635789Sahrens 636789Sahrens /* 6376992Smaybee * Set up the final transaction. 638789Sahrens */ 639789Sahrens tx = dmu_tx_create(os); 640789Sahrens dmu_tx_hold_free(tx, zp->z_id, 0, DMU_OBJECT_END); 6413461Sahrens dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, FALSE, NULL); 642789Sahrens if (xzp) { 6433461Sahrens dmu_tx_hold_zap(tx, zfsvfs->z_unlinkedobj, TRUE, NULL); 644*11935SMark.Shellenbaum@Sun.COM dmu_tx_hold_sa(tx, xzp->z_sa_hdl, B_FALSE); 645789Sahrens } 646789Sahrens if (acl_obj) 647789Sahrens dmu_tx_hold_free(tx, acl_obj, 0, DMU_OBJECT_END); 648*11935SMark.Shellenbaum@Sun.COM 649*11935SMark.Shellenbaum@Sun.COM zfs_sa_upgrade_txholds(tx, zp); 650789Sahrens error = dmu_tx_assign(tx, TXG_WAIT); 651789Sahrens if (error) { 6523461Sahrens /* 6533461Sahrens * Not enough space to delete the file. Leave it in the 6543461Sahrens * unlinked set, leaking it until the fs is remounted (at 6553461Sahrens * which point we'll call zfs_unlinked_drain() to process it). 6563461Sahrens */ 657789Sahrens dmu_tx_abort(tx); 6585745Smaybee zfs_znode_dmu_fini(zp); 6595745Smaybee zfs_znode_free(zp); 6605745Smaybee goto out; 661789Sahrens } 662789Sahrens 663789Sahrens if (xzp) { 664*11935SMark.Shellenbaum@Sun.COM ASSERT(error == 0); 665789Sahrens mutex_enter(&xzp->z_lock); 6663461Sahrens xzp->z_unlinked = B_TRUE; /* mark xzp for deletion */ 667*11935SMark.Shellenbaum@Sun.COM xzp->z_links = 0; /* no more links to it */ 668*11935SMark.Shellenbaum@Sun.COM VERIFY(0 == sa_update(xzp->z_sa_hdl, SA_ZPL_LINKS(zfsvfs), 669*11935SMark.Shellenbaum@Sun.COM &xzp->z_links, sizeof (xzp->z_links), tx)); 670789Sahrens mutex_exit(&xzp->z_lock); 6713461Sahrens zfs_unlinked_add(xzp, tx); 672789Sahrens } 673789Sahrens 6743461Sahrens /* Remove this znode from the unlinked set */ 6757046Sahrens VERIFY3U(0, ==, 6767046Sahrens zap_remove_int(zfsvfs->z_os, zfsvfs->z_unlinkedobj, zp->z_id, tx)); 677789Sahrens 678789Sahrens zfs_znode_delete(zp, tx); 679789Sahrens 680789Sahrens dmu_tx_commit(tx); 6815745Smaybee out: 682789Sahrens if (xzp) 683789Sahrens VN_RELE(ZTOV(xzp)); 684789Sahrens } 685789Sahrens 6864577Sahrens static uint64_t 687*11935SMark.Shellenbaum@Sun.COM zfs_dirent(znode_t *zp, uint64_t mode) 6884577Sahrens { 6894577Sahrens uint64_t de = zp->z_id; 690*11935SMark.Shellenbaum@Sun.COM 6914577Sahrens if (zp->z_zfsvfs->z_version >= ZPL_VERSION_DIRENT_TYPE) 692*11935SMark.Shellenbaum@Sun.COM de |= IFTODT(mode) << 60; 6934577Sahrens return (de); 6944577Sahrens } 6954577Sahrens 696789Sahrens /* 6973461Sahrens * Link zp into dl. Can only fail if zp has been unlinked. 698789Sahrens */ 699789Sahrens int 700789Sahrens zfs_link_create(zfs_dirlock_t *dl, znode_t *zp, dmu_tx_t *tx, int flag) 701789Sahrens { 702789Sahrens znode_t *dzp = dl->dl_dzp; 703*11935SMark.Shellenbaum@Sun.COM zfsvfs_t *zfsvfs = zp->z_zfsvfs; 704789Sahrens vnode_t *vp = ZTOV(zp); 7053912Slling uint64_t value; 706789Sahrens int zp_is_dir = (vp->v_type == VDIR); 707*11935SMark.Shellenbaum@Sun.COM sa_bulk_attr_t bulk[5]; 708*11935SMark.Shellenbaum@Sun.COM uint64_t mtime[2], ctime[2]; 709*11935SMark.Shellenbaum@Sun.COM int count = 0; 710789Sahrens int error; 711789Sahrens 712789Sahrens mutex_enter(&zp->z_lock); 713789Sahrens 714789Sahrens if (!(flag & ZRENAMING)) { 7153461Sahrens if (zp->z_unlinked) { /* no new links to unlinked zp */ 716789Sahrens ASSERT(!(flag & (ZNEW | ZEXISTS))); 717789Sahrens mutex_exit(&zp->z_lock); 718789Sahrens return (ENOENT); 719789Sahrens } 720*11935SMark.Shellenbaum@Sun.COM zp->z_links++; 721*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_LINKS(zfsvfs), NULL, 722*11935SMark.Shellenbaum@Sun.COM &zp->z_links, sizeof (zp->z_links)); 723*11935SMark.Shellenbaum@Sun.COM 724789Sahrens } 725*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_PARENT(zfsvfs), NULL, 726*11935SMark.Shellenbaum@Sun.COM &dzp->z_id, sizeof (dzp->z_id)); 727*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL, 728*11935SMark.Shellenbaum@Sun.COM &zp->z_pflags, sizeof (zp->z_pflags)); 729789Sahrens 730*11935SMark.Shellenbaum@Sun.COM if (!(flag & ZNEW)) { 731*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, 732*11935SMark.Shellenbaum@Sun.COM ctime, sizeof (ctime)); 733*11935SMark.Shellenbaum@Sun.COM zfs_tstamp_update_setup(zp, STATE_CHANGED, mtime, 734*11935SMark.Shellenbaum@Sun.COM ctime, B_TRUE); 735*11935SMark.Shellenbaum@Sun.COM } 736*11935SMark.Shellenbaum@Sun.COM error = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx); 737*11935SMark.Shellenbaum@Sun.COM ASSERT(error == 0); 738*11935SMark.Shellenbaum@Sun.COM 739789Sahrens mutex_exit(&zp->z_lock); 740789Sahrens 741789Sahrens mutex_enter(&dzp->z_lock); 742*11935SMark.Shellenbaum@Sun.COM dzp->z_size++; 743*11935SMark.Shellenbaum@Sun.COM dzp->z_links += zp_is_dir; 744*11935SMark.Shellenbaum@Sun.COM count = 0; 745*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), NULL, 746*11935SMark.Shellenbaum@Sun.COM &dzp->z_size, sizeof (dzp->z_size)); 747*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_LINKS(zfsvfs), NULL, 748*11935SMark.Shellenbaum@Sun.COM &dzp->z_links, sizeof (dzp->z_links)); 749*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), NULL, 750*11935SMark.Shellenbaum@Sun.COM mtime, sizeof (mtime)); 751*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), NULL, 752*11935SMark.Shellenbaum@Sun.COM ctime, sizeof (ctime)); 753*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), NULL, 754*11935SMark.Shellenbaum@Sun.COM &dzp->z_pflags, sizeof (dzp->z_pflags)); 755*11935SMark.Shellenbaum@Sun.COM zfs_tstamp_update_setup(dzp, CONTENT_MODIFIED, mtime, ctime, B_TRUE); 756*11935SMark.Shellenbaum@Sun.COM error = sa_bulk_update(dzp->z_sa_hdl, bulk, count, tx); 757*11935SMark.Shellenbaum@Sun.COM ASSERT(error == 0); 758789Sahrens mutex_exit(&dzp->z_lock); 759789Sahrens 760*11935SMark.Shellenbaum@Sun.COM value = zfs_dirent(zp, zp->z_mode); 761789Sahrens error = zap_add(zp->z_zfsvfs->z_os, dzp->z_id, dl->dl_name, 7623912Slling 8, 1, &value, tx); 763789Sahrens ASSERT(error == 0); 764789Sahrens 7651484Sek110237 dnlc_update(ZTOV(dzp), dl->dl_name, vp); 7661484Sek110237 767789Sahrens return (0); 768789Sahrens } 769789Sahrens 770789Sahrens /* 7713461Sahrens * Unlink zp from dl, and mark zp for deletion if this was the last link. 772789Sahrens * Can fail if zp is a mount point (EBUSY) or a non-empty directory (EEXIST). 7733461Sahrens * If 'unlinkedp' is NULL, we put unlinked znodes on the unlinked list. 7743461Sahrens * If it's non-NULL, we use it to indicate whether the znode needs deletion, 775789Sahrens * and it's the caller's job to do it. 776789Sahrens */ 777789Sahrens int 778789Sahrens zfs_link_destroy(zfs_dirlock_t *dl, znode_t *zp, dmu_tx_t *tx, int flag, 7793461Sahrens boolean_t *unlinkedp) 780789Sahrens { 781789Sahrens znode_t *dzp = dl->dl_dzp; 782*11935SMark.Shellenbaum@Sun.COM zfsvfs_t *zfsvfs = dzp->z_zfsvfs; 783789Sahrens vnode_t *vp = ZTOV(zp); 784789Sahrens int zp_is_dir = (vp->v_type == VDIR); 7853461Sahrens boolean_t unlinked = B_FALSE; 786*11935SMark.Shellenbaum@Sun.COM sa_bulk_attr_t bulk[5]; 787*11935SMark.Shellenbaum@Sun.COM uint64_t mtime[2], ctime[2]; 788*11935SMark.Shellenbaum@Sun.COM int count = 0; 789789Sahrens int error; 790789Sahrens 7911484Sek110237 dnlc_remove(ZTOV(dzp), dl->dl_name); 7921484Sek110237 793789Sahrens if (!(flag & ZRENAMING)) { 794789Sahrens if (vn_vfswlock(vp)) /* prevent new mounts on zp */ 795789Sahrens return (EBUSY); 796789Sahrens 797789Sahrens if (vn_ismntpt(vp)) { /* don't remove mount point */ 798789Sahrens vn_vfsunlock(vp); 799789Sahrens return (EBUSY); 800789Sahrens } 801789Sahrens 802789Sahrens mutex_enter(&zp->z_lock); 803*11935SMark.Shellenbaum@Sun.COM 804*11935SMark.Shellenbaum@Sun.COM if (zp_is_dir && !zfs_dirempty(zp)) { 805789Sahrens mutex_exit(&zp->z_lock); 806789Sahrens vn_vfsunlock(vp); 807789Sahrens return (EEXIST); 808789Sahrens } 809*11935SMark.Shellenbaum@Sun.COM 810*11935SMark.Shellenbaum@Sun.COM if (zp->z_links <= zp_is_dir) { 8113713Sahrens zfs_panic_recover("zfs: link count on %s is %u, " 8123713Sahrens "should be at least %u", 8133713Sahrens zp->z_vnode->v_path ? zp->z_vnode->v_path : 814*11935SMark.Shellenbaum@Sun.COM "<unknown>", (int)zp->z_links, 8153713Sahrens zp_is_dir + 1); 816*11935SMark.Shellenbaum@Sun.COM zp->z_links = zp_is_dir + 1; 8173713Sahrens } 818*11935SMark.Shellenbaum@Sun.COM if (--zp->z_links == zp_is_dir) { 8193461Sahrens zp->z_unlinked = B_TRUE; 820*11935SMark.Shellenbaum@Sun.COM zp->z_links = 0; 8213461Sahrens unlinked = B_TRUE; 822789Sahrens } else { 823*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), 824*11935SMark.Shellenbaum@Sun.COM NULL, &ctime, sizeof (ctime)); 825*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), 826*11935SMark.Shellenbaum@Sun.COM NULL, &zp->z_pflags, sizeof (zp->z_pflags)); 827*11935SMark.Shellenbaum@Sun.COM zfs_tstamp_update_setup(zp, STATE_CHANGED, mtime, ctime, 828*11935SMark.Shellenbaum@Sun.COM B_TRUE); 829789Sahrens } 830*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_LINKS(zfsvfs), 831*11935SMark.Shellenbaum@Sun.COM NULL, &zp->z_links, sizeof (zp->z_links)); 832*11935SMark.Shellenbaum@Sun.COM error = sa_bulk_update(zp->z_sa_hdl, bulk, count, tx); 833*11935SMark.Shellenbaum@Sun.COM count = 0; 834*11935SMark.Shellenbaum@Sun.COM ASSERT(error == 0); 835789Sahrens mutex_exit(&zp->z_lock); 836789Sahrens vn_vfsunlock(vp); 837789Sahrens } 838789Sahrens 839789Sahrens mutex_enter(&dzp->z_lock); 840*11935SMark.Shellenbaum@Sun.COM dzp->z_size--; /* one dirent removed */ 841*11935SMark.Shellenbaum@Sun.COM dzp->z_links -= zp_is_dir; /* ".." link from zp */ 842*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_LINKS(zfsvfs), 843*11935SMark.Shellenbaum@Sun.COM NULL, &dzp->z_links, sizeof (dzp->z_links)); 844*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_SIZE(zfsvfs), 845*11935SMark.Shellenbaum@Sun.COM NULL, &dzp->z_size, sizeof (dzp->z_size)); 846*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_CTIME(zfsvfs), 847*11935SMark.Shellenbaum@Sun.COM NULL, ctime, sizeof (ctime)); 848*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_MTIME(zfsvfs), 849*11935SMark.Shellenbaum@Sun.COM NULL, mtime, sizeof (mtime)); 850*11935SMark.Shellenbaum@Sun.COM SA_ADD_BULK_ATTR(bulk, count, SA_ZPL_FLAGS(zfsvfs), 851*11935SMark.Shellenbaum@Sun.COM NULL, &dzp->z_pflags, sizeof (dzp->z_pflags)); 852*11935SMark.Shellenbaum@Sun.COM zfs_tstamp_update_setup(dzp, CONTENT_MODIFIED, mtime, ctime, B_TRUE); 853*11935SMark.Shellenbaum@Sun.COM error = sa_bulk_update(dzp->z_sa_hdl, bulk, count, tx); 854*11935SMark.Shellenbaum@Sun.COM ASSERT(error == 0); 855789Sahrens mutex_exit(&dzp->z_lock); 856789Sahrens 8575331Samw if (zp->z_zfsvfs->z_norm) { 8585498Stimh if (((zp->z_zfsvfs->z_case == ZFS_CASE_INSENSITIVE) && 8595331Samw (flag & ZCIEXACT)) || 8605498Stimh ((zp->z_zfsvfs->z_case == ZFS_CASE_MIXED) && 8615331Samw !(flag & ZCILOOK))) 8625331Samw error = zap_remove_norm(zp->z_zfsvfs->z_os, 8635331Samw dzp->z_id, dl->dl_name, MT_EXACT, tx); 8645331Samw else 8655331Samw error = zap_remove_norm(zp->z_zfsvfs->z_os, 8665331Samw dzp->z_id, dl->dl_name, MT_FIRST, tx); 8675331Samw } else { 8685331Samw error = zap_remove(zp->z_zfsvfs->z_os, 8695331Samw dzp->z_id, dl->dl_name, tx); 8705331Samw } 871789Sahrens ASSERT(error == 0); 872789Sahrens 8733461Sahrens if (unlinkedp != NULL) 8743461Sahrens *unlinkedp = unlinked; 8753461Sahrens else if (unlinked) 8763461Sahrens zfs_unlinked_add(zp, tx); 877789Sahrens 878789Sahrens return (0); 879789Sahrens } 880789Sahrens 881789Sahrens /* 882789Sahrens * Indicate whether the directory is empty. Works with or without z_lock 883789Sahrens * held, but can only be consider a hint in the latter case. Returns true 884789Sahrens * if only "." and ".." remain and there's no work in progress. 885789Sahrens */ 886789Sahrens boolean_t 887789Sahrens zfs_dirempty(znode_t *dzp) 888789Sahrens { 889*11935SMark.Shellenbaum@Sun.COM return (dzp->z_size == 2 && dzp->z_dirlocks == 0); 890789Sahrens } 891789Sahrens 892789Sahrens int 893789Sahrens zfs_make_xattrdir(znode_t *zp, vattr_t *vap, vnode_t **xvpp, cred_t *cr) 894789Sahrens { 895789Sahrens zfsvfs_t *zfsvfs = zp->z_zfsvfs; 896789Sahrens znode_t *xzp; 897789Sahrens dmu_tx_t *tx; 898789Sahrens int error; 8999179SMark.Shellenbaum@Sun.COM zfs_acl_ids_t acl_ids; 9009179SMark.Shellenbaum@Sun.COM boolean_t fuid_dirtied; 901*11935SMark.Shellenbaum@Sun.COM uint64_t parent; 902789Sahrens 903789Sahrens *xvpp = NULL; 904789Sahrens 9055331Samw if (error = zfs_zaccess(zp, ACE_WRITE_NAMED_ATTRS, 0, B_FALSE, cr)) 906789Sahrens return (error); 907789Sahrens 9089179SMark.Shellenbaum@Sun.COM if ((error = zfs_acl_ids_create(zp, IS_XATTR, vap, cr, NULL, 9099179SMark.Shellenbaum@Sun.COM &acl_ids)) != 0) 9109179SMark.Shellenbaum@Sun.COM return (error); 9119396SMatthew.Ahrens@Sun.COM if (zfs_acl_ids_overquota(zfsvfs, &acl_ids)) { 9129396SMatthew.Ahrens@Sun.COM zfs_acl_ids_free(&acl_ids); 9139396SMatthew.Ahrens@Sun.COM return (EDQUOT); 9149396SMatthew.Ahrens@Sun.COM } 9159179SMark.Shellenbaum@Sun.COM 916789Sahrens tx = dmu_tx_create(zfsvfs->z_os); 917*11935SMark.Shellenbaum@Sun.COM dmu_tx_hold_sa_create(tx, acl_ids.z_aclp->z_acl_bytes + 918*11935SMark.Shellenbaum@Sun.COM ZFS_SA_BASE_ATTR_SIZE); 919*11935SMark.Shellenbaum@Sun.COM dmu_tx_hold_sa(tx, zp->z_sa_hdl, B_TRUE); 9201544Seschrock dmu_tx_hold_zap(tx, DMU_NEW_OBJECT, FALSE, NULL); 9219179SMark.Shellenbaum@Sun.COM fuid_dirtied = zfsvfs->z_fuid_dirty; 9229396SMatthew.Ahrens@Sun.COM if (fuid_dirtied) 9239396SMatthew.Ahrens@Sun.COM zfs_fuid_txhold(zfsvfs, tx); 9248227SNeil.Perrin@Sun.COM error = dmu_tx_assign(tx, TXG_NOWAIT); 925789Sahrens if (error) { 9269179SMark.Shellenbaum@Sun.COM zfs_acl_ids_free(&acl_ids); 9278227SNeil.Perrin@Sun.COM if (error == ERESTART) 9282113Sahrens dmu_tx_wait(tx); 929789Sahrens dmu_tx_abort(tx); 930789Sahrens return (error); 931789Sahrens } 932*11935SMark.Shellenbaum@Sun.COM zfs_mknode(zp, vap, tx, cr, IS_XATTR, &xzp, &acl_ids); 9339179SMark.Shellenbaum@Sun.COM 9349179SMark.Shellenbaum@Sun.COM if (fuid_dirtied) 9359179SMark.Shellenbaum@Sun.COM zfs_fuid_sync(zfsvfs, tx); 9369179SMark.Shellenbaum@Sun.COM 937*11935SMark.Shellenbaum@Sun.COM if ((error = sa_lookup(xzp->z_sa_hdl, SA_ZPL_PARENT(zfsvfs), 938*11935SMark.Shellenbaum@Sun.COM &parent, sizeof (parent))) != 0) 939*11935SMark.Shellenbaum@Sun.COM return (0); 940*11935SMark.Shellenbaum@Sun.COM 941*11935SMark.Shellenbaum@Sun.COM ASSERT(parent == zp->z_id); 942*11935SMark.Shellenbaum@Sun.COM VERIFY(0 == sa_update(zp->z_sa_hdl, SA_ZPL_XATTR(zfsvfs), &xzp->z_id, 943*11935SMark.Shellenbaum@Sun.COM sizeof (xzp->z_id), tx)); 944789Sahrens 9455331Samw (void) zfs_log_create(zfsvfs->z_log, tx, TX_MKXATTR, zp, 9469179SMark.Shellenbaum@Sun.COM xzp, "", NULL, acl_ids.z_fuidp, vap); 9479179SMark.Shellenbaum@Sun.COM 9489179SMark.Shellenbaum@Sun.COM zfs_acl_ids_free(&acl_ids); 949789Sahrens dmu_tx_commit(tx); 950789Sahrens 951789Sahrens *xvpp = ZTOV(xzp); 952789Sahrens 953789Sahrens return (0); 954789Sahrens } 955789Sahrens 956789Sahrens /* 957789Sahrens * Return a znode for the extended attribute directory for zp. 958789Sahrens * ** If the directory does not already exist, it is created ** 959789Sahrens * 960789Sahrens * IN: zp - znode to obtain attribute directory from 961789Sahrens * cr - credentials of caller 9623280Sck153898 * flags - flags from the VOP_LOOKUP call 963789Sahrens * 964789Sahrens * OUT: xzpp - pointer to extended attribute znode 965789Sahrens * 966789Sahrens * RETURN: 0 on success 967789Sahrens * error number on failure 968789Sahrens */ 969789Sahrens int 9703280Sck153898 zfs_get_xattrdir(znode_t *zp, vnode_t **xvpp, cred_t *cr, int flags) 971789Sahrens { 972789Sahrens zfsvfs_t *zfsvfs = zp->z_zfsvfs; 973789Sahrens znode_t *xzp; 974789Sahrens zfs_dirlock_t *dl; 975789Sahrens vattr_t va; 976789Sahrens int error; 977789Sahrens top: 9785331Samw error = zfs_dirent_lock(&dl, zp, "", &xzp, ZXATTR, NULL, NULL); 979789Sahrens if (error) 980789Sahrens return (error); 981789Sahrens 982789Sahrens if (xzp != NULL) { 983789Sahrens *xvpp = ZTOV(xzp); 984789Sahrens zfs_dirent_unlock(dl); 985789Sahrens return (0); 986789Sahrens } 987789Sahrens 988789Sahrens 9893280Sck153898 if (!(flags & CREATE_XATTR_DIR)) { 9903280Sck153898 zfs_dirent_unlock(dl); 9913280Sck153898 return (ENOENT); 9923280Sck153898 } 9933280Sck153898 994789Sahrens if (zfsvfs->z_vfs->vfs_flag & VFS_RDONLY) { 995789Sahrens zfs_dirent_unlock(dl); 996789Sahrens return (EROFS); 997789Sahrens } 998789Sahrens 999789Sahrens /* 1000789Sahrens * The ability to 'create' files in an attribute 1001789Sahrens * directory comes from the write_xattr permission on the base file. 1002789Sahrens * 1003789Sahrens * The ability to 'search' an attribute directory requires 1004789Sahrens * read_xattr permission on the base file. 1005789Sahrens * 1006789Sahrens * Once in a directory the ability to read/write attributes 1007789Sahrens * is controlled by the permissions on the attribute file. 1008789Sahrens */ 1009789Sahrens va.va_mask = AT_TYPE | AT_MODE | AT_UID | AT_GID; 1010789Sahrens va.va_type = VDIR; 10111231Smarks va.va_mode = S_IFDIR | S_ISVTX | 0777; 10125771Sjp151216 zfs_fuid_map_ids(zp, cr, &va.va_uid, &va.va_gid); 1013789Sahrens 1014789Sahrens error = zfs_make_xattrdir(zp, &va, xvpp, cr); 1015789Sahrens zfs_dirent_unlock(dl); 1016789Sahrens 10178227SNeil.Perrin@Sun.COM if (error == ERESTART) { 10182113Sahrens /* NB: we already did dmu_tx_wait() if necessary */ 1019789Sahrens goto top; 1020789Sahrens } 1021789Sahrens 1022789Sahrens return (error); 1023789Sahrens } 1024789Sahrens 1025789Sahrens /* 1026789Sahrens * Decide whether it is okay to remove within a sticky directory. 1027789Sahrens * 1028789Sahrens * In sticky directories, write access is not sufficient; 1029789Sahrens * you can remove entries from a directory only if: 1030789Sahrens * 1031789Sahrens * you own the directory, 1032789Sahrens * you own the entry, 1033789Sahrens * the entry is a plain file and you have write access, 1034789Sahrens * or you are privileged (checked in secpolicy...). 1035789Sahrens * 1036789Sahrens * The function returns 0 if remove access is granted. 1037789Sahrens */ 1038789Sahrens int 1039789Sahrens zfs_sticky_remove_access(znode_t *zdp, znode_t *zp, cred_t *cr) 1040789Sahrens { 1041789Sahrens uid_t uid; 1042789Sahrens 10438227SNeil.Perrin@Sun.COM if (zdp->z_zfsvfs->z_replay) 1044789Sahrens return (0); 1045789Sahrens 1046*11935SMark.Shellenbaum@Sun.COM if ((zdp->z_mode & S_ISVTX) == 0) 10475331Samw return (0); 10485331Samw 1049*11935SMark.Shellenbaum@Sun.COM if ((uid = crgetuid(cr)) == zdp->z_uid || uid == zp->z_uid || 1050789Sahrens (ZTOV(zp)->v_type == VREG && 10515331Samw zfs_zaccess(zp, ACE_WRITE_DATA, 0, B_FALSE, cr) == 0)) 1052789Sahrens return (0); 1053789Sahrens else 1054789Sahrens return (secpolicy_vnode_remove(cr)); 1055789Sahrens } 1056