4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
24 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
25 * Copyright (c) 2014, 2021 by Delphix. All rights reserved.
26 * Copyright 2016 Igor Kozhukhov <ikozhukhov@gmail.com>
27 * Copyright 2017 RackTop Systems.
28 * Copyright (c) 2018 Datto Inc.
29 * Copyright 2018 OmniOS Community Edition (OmniOSce) Association.
33 * Routines to manage ZFS mounts. We separate all the nasty routines that have
34 * to deal with the OS. The following functions are the main entry points --
35 * they are used by mount and unmount and when changing a filesystem's
44 * This file also contains the functions used to manage sharing filesystems via
57 * zfs_unshareall_nfs()
58 * zfs_unshareall_smb()
60 * zfs_unshareall_bypath()
62 * The following functions are available for pool consumers, and will
63 * mount/unmount and share/unshare all datasets within pool:
65 * zpool_enable_datasets()
66 * zpool_disable_datasets()
80 #include <sys/mntent.h>
81 #include <sys/mount.h>
84 #include <sys/dsl_crypt.h>
88 #include "libzfs_impl.h"
89 #include <thread_pool.h>
92 #include <sys/systeminfo.h>
93 #define MAXISALEN 257 /* based on sysinfo(2) man page */
95 static int mount_tp_nthr = 512; /* tpool threads for multi-threaded mounting */
97 static void zfs_mount_task(void *);
98 zfs_share_type_t zfs_is_shared_proto(zfs_handle_t *, char **,
102 * The share protocols table must be in the same order as the zfs_share_proto_t
103 * enum in libzfs_impl.h
105 proto_table_t proto_table[PROTO_END] = {
106 {ZFS_PROP_SHARENFS, "nfs", EZFS_SHARENFSFAILED, EZFS_UNSHARENFSFAILED},
107 {ZFS_PROP_SHARESMB, "smb", EZFS_SHARESMBFAILED, EZFS_UNSHARESMBFAILED},
110 zfs_share_proto_t nfs_only[] = {
115 zfs_share_proto_t smb_only[] = {
119 zfs_share_proto_t share_all_proto[] = {
128 dir_is_empty_stat(const char *dirname)
133 * We only want to return false if the given path is a non empty
134 * directory, all other errors are handled elsewhere.
136 if (stat(dirname, &st) < 0 || !S_ISDIR(st.st_mode)) {
141 * An empty directory will still have two entries in it, one
142 * entry for each of "." and "..".
144 if (st.st_size > 2) {
152 dir_is_empty_readdir(const char *dirname)
158 if ((dirfd = openat(AT_FDCWD, dirname,
159 O_RDONLY | O_NDELAY | O_LARGEFILE | O_CLOEXEC, 0)) < 0) {
163 if ((dirp = fdopendir(dirfd)) == NULL) {
168 while ((dp = readdir64(dirp)) != NULL) {
170 if (strcmp(dp->d_name, ".") == 0 ||
171 strcmp(dp->d_name, "..") == 0)
174 (void) closedir(dirp);
178 (void) closedir(dirp);
183 * Returns true if the specified directory is empty. If we can't open the
184 * directory at all, return true so that the mount can fail with a more
185 * informative error message.
188 dir_is_empty(const char *dirname)
193 * If the statvfs call fails or the filesystem is not a ZFS
194 * filesystem, fall back to the slow path which uses readdir.
196 if ((statfs64(dirname, &st) != 0) ||
197 (st.f_type != ZFS_SUPER_MAGIC)) {
198 return (dir_is_empty_readdir(dirname));
202 * At this point, we know the provided path is on a ZFS
203 * filesystem, so we can use stat instead of readdir to
204 * determine if the directory is empty or not. We try to avoid
205 * using readdir because that requires opening "dirname"; this
206 * open file descriptor can potentially end up in a child
207 * process if there's a concurrent fork, thus preventing the
208 * zfs_mount() from otherwise succeeding (the open file
209 * descriptor inherited by the child process will cause the
210 * parent's mount to fail with EBUSY). The performance
211 * implications of replacing the open, read, and close with a
212 * single stat is nice; but is not the main motivation for the
215 return (dir_is_empty_stat(dirname));
219 * Checks to see if the mount is active. If the filesystem is mounted, we fill
220 * in 'where' with the current mountpoint, and return 1. Otherwise, we return
224 is_mounted(libzfs_handle_t *zfs_hdl, const char *special, char **where)
228 if (libzfs_mnttab_find(zfs_hdl, special, &entry) != 0)
232 *where = zfs_strdup(zfs_hdl, entry.mnt_mountp);
238 zfs_is_mounted(zfs_handle_t *zhp, char **where)
240 return (is_mounted(zhp->zfs_hdl, zfs_get_name(zhp), where));
244 * Checks any higher order concerns about whether the given dataset is
245 * mountable, false otherwise. zfs_is_mountable_internal specifically assumes
246 * that the caller has verified the sanity of mounting the dataset at
247 * mountpoint to the extent the caller wants.
250 zfs_is_mountable_internal(zfs_handle_t *zhp, const char *mountpoint)
253 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED) &&
254 getzoneid() == GLOBAL_ZONEID)
261 * Returns true if the given dataset is mountable, false otherwise. Returns the
262 * mountpoint in 'buf'.
265 zfs_is_mountable(zfs_handle_t *zhp, char *buf, size_t buflen,
266 zprop_source_t *source, int flags)
268 char sourceloc[MAXNAMELEN];
269 zprop_source_t sourcetype;
271 if (!zfs_prop_valid_for_type(ZFS_PROP_MOUNTPOINT, zhp->zfs_type,
275 verify(zfs_prop_get(zhp, ZFS_PROP_MOUNTPOINT, buf, buflen,
276 &sourcetype, sourceloc, sizeof (sourceloc), B_FALSE) == 0);
278 if (strcmp(buf, ZFS_MOUNTPOINT_NONE) == 0 ||
279 strcmp(buf, ZFS_MOUNTPOINT_LEGACY) == 0)
282 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_OFF)
285 if (!zfs_is_mountable_internal(zhp, buf))
288 if (zfs_prop_get_int(zhp, ZFS_PROP_REDACTED) && !(flags & MS_FORCE))
292 *source = sourcetype;
298 * The filesystem is mounted by invoking the system mount utility rather
299 * than by the system call mount(2). This ensures that the /etc/mtab
300 * file is correctly locked for the update. Performing our own locking
301 * and /etc/mtab update requires making an unsafe assumption about how
302 * the mount utility performs its locking. Unfortunately, this also means
303 * in the case of a mount failure we do not have the exact errno. We must
304 * make due with return value from the mount process.
306 * In the long term a shared library called libmount is under development
307 * which provides a common API to address the locking and errno issues.
308 * Once the standard mount utility has been updated to use this library
309 * we can add an autoconf check to conditionally use it.
311 * http://www.kernel.org/pub/linux/utils/util-linux/libmount-docs/index.html
315 zfs_add_option(zfs_handle_t *zhp, char *options, int len,
316 zfs_prop_t prop, char *on, char *off)
321 /* Skip adding duplicate default options */
322 if ((strstr(options, on) != NULL) || (strstr(options, off) != NULL))
326 * zfs_prop_get_int() is not used to ensure our mount options
327 * are not influenced by the current /proc/self/mounts contents.
329 value = getprop_uint64(zhp, prop, &source);
331 (void) strlcat(options, ",", len);
332 (void) strlcat(options, value ? on : off, len);
338 zfs_add_options(zfs_handle_t *zhp, char *options, int len)
342 error = zfs_add_option(zhp, options, len,
343 ZFS_PROP_ATIME, MNTOPT_ATIME, MNTOPT_NOATIME);
345 * don't add relatime/strictatime when atime=off, otherwise strictatime
346 * will force atime=on
348 if (strstr(options, MNTOPT_NOATIME) == NULL) {
349 error = zfs_add_option(zhp, options, len,
350 ZFS_PROP_RELATIME, MNTOPT_RELATIME, MNTOPT_STRICTATIME);
352 error = error ? error : zfs_add_option(zhp, options, len,
353 ZFS_PROP_DEVICES, MNTOPT_DEVICES, MNTOPT_NODEVICES);
354 error = error ? error : zfs_add_option(zhp, options, len,
355 ZFS_PROP_EXEC, MNTOPT_EXEC, MNTOPT_NOEXEC);
356 error = error ? error : zfs_add_option(zhp, options, len,
357 ZFS_PROP_READONLY, MNTOPT_RO, MNTOPT_RW);
358 error = error ? error : zfs_add_option(zhp, options, len,
359 ZFS_PROP_SETUID, MNTOPT_SETUID, MNTOPT_NOSETUID);
360 error = error ? error : zfs_add_option(zhp, options, len,
361 ZFS_PROP_NBMAND, MNTOPT_NBMAND, MNTOPT_NONBMAND);
367 zfs_mount(zfs_handle_t *zhp, const char *options, int flags)
369 char mountpoint[ZFS_MAXPROPLEN];
371 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL,
375 return (zfs_mount_at(zhp, options, flags, mountpoint));
379 * Mount the given filesystem.
382 zfs_mount_at(zfs_handle_t *zhp, const char *options, int flags,
383 const char *mountpoint)
386 char mntopts[MNT_LINE_MAX];
387 char overlay[ZFS_MAXPROPLEN];
388 libzfs_handle_t *hdl = zhp->zfs_hdl;
392 if (options == NULL) {
393 (void) strlcpy(mntopts, MNTOPT_DEFAULTS, sizeof (mntopts));
395 (void) strlcpy(mntopts, options, sizeof (mntopts));
398 if (strstr(mntopts, MNTOPT_REMOUNT) != NULL)
401 /* Potentially duplicates some checks if invoked by zfs_mount(). */
402 if (!zfs_is_mountable_internal(zhp, mountpoint))
406 * If the pool is imported read-only then all mounts must be read-only
408 if (zpool_get_prop_int(zhp->zpool_hdl, ZPOOL_PROP_READONLY, NULL))
409 (void) strlcat(mntopts, "," MNTOPT_RO, sizeof (mntopts));
412 * Append default mount options which apply to the mount point.
413 * This is done because under Linux (unlike Solaris) multiple mount
414 * points may reference a single super block. This means that just
415 * given a super block there is no back reference to update the per
416 * mount point options.
418 rc = zfs_add_options(zhp, mntopts, sizeof (mntopts));
420 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
421 "default options unavailable"));
422 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
423 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
428 * If the filesystem is encrypted the key must be loaded in order to
429 * mount. If the key isn't loaded, the MS_CRYPT flag decides whether
430 * or not we attempt to load the keys. Note: we must call
431 * zfs_refresh_properties() here since some callers of this function
432 * (most notably zpool_enable_datasets()) may implicitly load our key
433 * by loading the parent's key first.
435 if (zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
436 zfs_refresh_properties(zhp);
437 keystatus = zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS);
440 * If the key is unavailable and MS_CRYPT is set give the
441 * user a chance to enter the key. Otherwise just fail
444 if (keystatus == ZFS_KEYSTATUS_UNAVAILABLE) {
445 if (flags & MS_CRYPT) {
446 rc = zfs_crypto_load_key(zhp, B_FALSE, NULL);
450 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
451 "encryption key not loaded"));
452 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
453 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
461 * Append zfsutil option so the mount helper allow the mount
463 strlcat(mntopts, "," MNTOPT_ZFSUTIL, sizeof (mntopts));
465 /* Create the directory if it doesn't already exist */
466 if (lstat(mountpoint, &buf) != 0) {
467 if (mkdirp(mountpoint, 0755) != 0) {
468 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
469 "failed to create mountpoint: %s"),
471 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
472 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
478 * Overlay mounts are enabled by default but may be disabled
479 * via the 'overlay' property. The -O flag remains for compatibility.
481 if (!(flags & MS_OVERLAY)) {
482 if (zfs_prop_get(zhp, ZFS_PROP_OVERLAY, overlay,
483 sizeof (overlay), NULL, NULL, 0, B_FALSE) == 0) {
484 if (strcmp(overlay, "on") == 0) {
491 * Determine if the mountpoint is empty. If so, refuse to perform the
492 * mount. We don't perform this check if 'remount' is
493 * specified or if overlay option (-O) is given
495 if ((flags & MS_OVERLAY) == 0 && !remount &&
496 !dir_is_empty(mountpoint)) {
497 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
498 "directory is not empty"));
499 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
500 dgettext(TEXT_DOMAIN, "cannot mount '%s'"), mountpoint));
503 /* perform the mount */
504 rc = do_mount(zhp, mountpoint, mntopts, flags);
507 * Generic errors are nasty, but there are just way too many
508 * from mount(), and they're well-understood. We pick a few
509 * common ones to improve upon.
512 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
513 "mountpoint or dataset is busy"));
514 } else if (rc == EPERM) {
515 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN,
516 "Insufficient privileges"));
517 } else if (rc == ENOTSUP) {
521 VERIFY(zfs_spa_version(zhp, &spa_version) == 0);
522 (void) snprintf(buf, sizeof (buf),
523 dgettext(TEXT_DOMAIN, "Can't mount a version %lld "
524 "file system on a version %d pool. Pool must be"
525 " upgraded to mount this file system."),
526 (u_longlong_t)zfs_prop_get_int(zhp,
527 ZFS_PROP_VERSION), spa_version);
528 zfs_error_aux(hdl, dgettext(TEXT_DOMAIN, buf));
530 zfs_error_aux(hdl, strerror(rc));
532 return (zfs_error_fmt(hdl, EZFS_MOUNTFAILED,
533 dgettext(TEXT_DOMAIN, "cannot mount '%s'"),
537 /* remove the mounted entry before re-adding on remount */
539 libzfs_mnttab_remove(hdl, zhp->zfs_name);
541 /* add the mounted entry into our cache */
542 libzfs_mnttab_add(hdl, zfs_get_name(zhp), mountpoint, mntopts);
547 * Unmount a single filesystem.
550 unmount_one(libzfs_handle_t *hdl, const char *mountpoint, int flags)
554 error = do_unmount(mountpoint, flags);
560 libzfs_err = EZFS_BUSY;
563 libzfs_err = EZFS_IO;
566 libzfs_err = EZFS_NOENT;
569 libzfs_err = EZFS_NOMEM;
572 libzfs_err = EZFS_PERM;
575 libzfs_err = EZFS_UMOUNTFAILED;
577 return (zfs_error_fmt(hdl, libzfs_err,
578 dgettext(TEXT_DOMAIN, "cannot unmount '%s'"),
586 * Unmount the given filesystem.
589 zfs_unmount(zfs_handle_t *zhp, const char *mountpoint, int flags)
591 libzfs_handle_t *hdl = zhp->zfs_hdl;
594 boolean_t encroot, unmounted = B_FALSE;
596 /* check to see if we need to unmount the filesystem */
597 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) &&
598 libzfs_mnttab_find(hdl, zhp->zfs_name, &entry) == 0)) {
600 * mountpoint may have come from a call to
601 * getmnt/getmntany if it isn't NULL. If it is NULL,
602 * we know it comes from libzfs_mnttab_find which can
603 * then get freed later. We strdup it to play it safe.
605 if (mountpoint == NULL)
606 mntpt = zfs_strdup(hdl, entry.mnt_mountp);
608 mntpt = zfs_strdup(hdl, mountpoint);
611 * Unshare and unmount the filesystem
613 if (zfs_unshare_proto(zhp, mntpt, share_all_proto) != 0) {
617 zfs_commit_all_shares();
619 if (unmount_one(hdl, mntpt, flags) != 0) {
621 (void) zfs_shareall(zhp);
622 zfs_commit_all_shares();
626 libzfs_mnttab_remove(hdl, zhp->zfs_name);
632 * If the MS_CRYPT flag is provided we must ensure we attempt to
633 * unload the dataset's key regardless of whether we did any work
634 * to unmount it. We only do this for encryption roots.
636 if ((flags & MS_CRYPT) != 0 &&
637 zfs_prop_get_int(zhp, ZFS_PROP_ENCRYPTION) != ZIO_CRYPT_OFF) {
638 zfs_refresh_properties(zhp);
640 if (zfs_crypto_get_encryption_root(zhp, &encroot, NULL) != 0 &&
642 (void) zfs_mount(zhp, NULL, 0);
646 if (encroot && zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
647 ZFS_KEYSTATUS_AVAILABLE &&
648 zfs_crypto_unload_key(zhp) != 0) {
649 (void) zfs_mount(zhp, NULL, 0);
658 * Unmount this filesystem and any children inheriting the mountpoint property.
659 * To do this, just act like we're changing the mountpoint property, but don't
660 * remount the filesystems afterwards.
663 zfs_unmountall(zfs_handle_t *zhp, int flags)
665 prop_changelist_t *clp;
668 clp = changelist_gather(zhp, ZFS_PROP_MOUNTPOINT,
669 CL_GATHER_ITER_MOUNTED, flags);
673 ret = changelist_prefix(clp);
674 changelist_free(clp);
680 zfs_is_shared(zfs_handle_t *zhp)
682 zfs_share_type_t rc = 0;
683 zfs_share_proto_t *curr_proto;
685 if (ZFS_IS_VOLUME(zhp))
688 for (curr_proto = share_all_proto; *curr_proto != PROTO_END;
690 rc |= zfs_is_shared_proto(zhp, NULL, *curr_proto);
692 return (rc ? B_TRUE : B_FALSE);
696 * Unshare a filesystem by mountpoint.
699 unshare_one(libzfs_handle_t *hdl, const char *name, const char *mountpoint,
700 zfs_share_proto_t proto)
704 err = sa_disable_share(mountpoint, proto_table[proto].p_name);
706 return (zfs_error_fmt(hdl, proto_table[proto].p_unshare_err,
707 dgettext(TEXT_DOMAIN, "cannot unshare '%s': %s"),
708 name, sa_errorstr(err)));
714 * Query libshare for the given mountpoint and protocol, returning
715 * a zfs_share_type_t value.
718 is_shared(const char *mountpoint, zfs_share_proto_t proto)
720 if (sa_is_shared(mountpoint, proto_table[proto].p_name)) {
727 return (SHARED_NOT_SHARED);
730 return (SHARED_NOT_SHARED);
734 * Share the given filesystem according to the options in the specified
735 * protocol specific properties (sharenfs, sharesmb). We rely
736 * on "libshare" to do the dirty work for us.
739 zfs_share_proto(zfs_handle_t *zhp, zfs_share_proto_t *proto)
741 char mountpoint[ZFS_MAXPROPLEN];
742 char shareopts[ZFS_MAXPROPLEN];
743 char sourcestr[ZFS_MAXPROPLEN];
744 zfs_share_proto_t *curr_proto;
745 zprop_source_t sourcetype;
748 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint), NULL, 0))
751 for (curr_proto = proto; *curr_proto != PROTO_END; curr_proto++) {
753 * Return success if there are no share options.
755 if (zfs_prop_get(zhp, proto_table[*curr_proto].p_prop,
756 shareopts, sizeof (shareopts), &sourcetype, sourcestr,
757 ZFS_MAXPROPLEN, B_FALSE) != 0 ||
758 strcmp(shareopts, "off") == 0)
762 * If the 'zoned' property is set, then zfs_is_mountable()
763 * will have already bailed out if we are in the global zone.
764 * But local zones cannot be NFS servers, so we ignore it for
765 * local zones as well.
767 if (zfs_prop_get_int(zhp, ZFS_PROP_ZONED))
770 err = sa_enable_share(zfs_get_name(zhp), mountpoint, shareopts,
771 proto_table[*curr_proto].p_name);
773 return (zfs_error_fmt(zhp->zfs_hdl,
774 proto_table[*curr_proto].p_share_err,
775 dgettext(TEXT_DOMAIN, "cannot share '%s: %s'"),
776 zfs_get_name(zhp), sa_errorstr(err)));
784 zfs_share(zfs_handle_t *zhp)
786 assert(!ZFS_IS_VOLUME(zhp));
787 return (zfs_share_proto(zhp, share_all_proto));
791 zfs_unshare(zfs_handle_t *zhp)
793 assert(!ZFS_IS_VOLUME(zhp));
794 return (zfs_unshareall(zhp));
798 * Check to see if the filesystem is currently shared.
801 zfs_is_shared_proto(zfs_handle_t *zhp, char **where, zfs_share_proto_t proto)
806 if (!zfs_is_mounted(zhp, &mountpoint))
807 return (SHARED_NOT_SHARED);
809 if ((rc = is_shared(mountpoint, proto))
810 != SHARED_NOT_SHARED) {
818 return (SHARED_NOT_SHARED);
823 zfs_is_shared_nfs(zfs_handle_t *zhp, char **where)
825 return (zfs_is_shared_proto(zhp, where,
826 PROTO_NFS) != SHARED_NOT_SHARED);
830 zfs_is_shared_smb(zfs_handle_t *zhp, char **where)
832 return (zfs_is_shared_proto(zhp, where,
833 PROTO_SMB) != SHARED_NOT_SHARED);
837 * zfs_parse_options(options, proto)
839 * Call the legacy parse interface to get the protocol specific
840 * options using the NULL arg to indicate that this is a "parse" only.
843 zfs_parse_options(char *options, zfs_share_proto_t proto)
845 return (sa_validate_shareopts(options, proto_table[proto].p_name));
849 zfs_commit_proto(zfs_share_proto_t *proto)
851 zfs_share_proto_t *curr_proto;
852 for (curr_proto = proto; *curr_proto != PROTO_END; curr_proto++) {
853 sa_commit_shares(proto_table[*curr_proto].p_name);
858 zfs_commit_nfs_shares(void)
860 zfs_commit_proto(nfs_only);
864 zfs_commit_smb_shares(void)
866 zfs_commit_proto(smb_only);
870 zfs_commit_all_shares(void)
872 zfs_commit_proto(share_all_proto);
876 zfs_commit_shares(const char *proto)
879 zfs_commit_proto(share_all_proto);
880 else if (strcmp(proto, "nfs") == 0)
881 zfs_commit_proto(nfs_only);
882 else if (strcmp(proto, "smb") == 0)
883 zfs_commit_proto(smb_only);
887 zfs_share_nfs(zfs_handle_t *zhp)
889 return (zfs_share_proto(zhp, nfs_only));
893 zfs_share_smb(zfs_handle_t *zhp)
895 return (zfs_share_proto(zhp, smb_only));
899 zfs_shareall(zfs_handle_t *zhp)
901 return (zfs_share_proto(zhp, share_all_proto));
905 * Unshare the given filesystem.
908 zfs_unshare_proto(zfs_handle_t *zhp, const char *mountpoint,
909 zfs_share_proto_t *proto)
911 libzfs_handle_t *hdl = zhp->zfs_hdl;
915 /* check to see if need to unmount the filesystem */
916 if (mountpoint != NULL)
917 mntpt = zfs_strdup(hdl, mountpoint);
919 if (mountpoint != NULL || ((zfs_get_type(zhp) == ZFS_TYPE_FILESYSTEM) &&
920 libzfs_mnttab_find(hdl, zfs_get_name(zhp), &entry) == 0)) {
921 zfs_share_proto_t *curr_proto;
923 if (mountpoint == NULL)
924 mntpt = zfs_strdup(zhp->zfs_hdl, entry.mnt_mountp);
926 for (curr_proto = proto; *curr_proto != PROTO_END;
929 if (is_shared(mntpt, *curr_proto)) {
930 if (unshare_one(hdl, zhp->zfs_name,
931 mntpt, *curr_proto) != 0) {
946 zfs_unshare_nfs(zfs_handle_t *zhp, const char *mountpoint)
948 return (zfs_unshare_proto(zhp, mountpoint, nfs_only));
952 zfs_unshare_smb(zfs_handle_t *zhp, const char *mountpoint)
954 return (zfs_unshare_proto(zhp, mountpoint, smb_only));
958 * Same as zfs_unmountall(), but for NFS and SMB unshares.
961 zfs_unshareall_proto(zfs_handle_t *zhp, zfs_share_proto_t *proto)
963 prop_changelist_t *clp;
966 clp = changelist_gather(zhp, ZFS_PROP_SHARENFS, 0, 0);
970 ret = changelist_unshare(clp, proto);
971 changelist_free(clp);
977 zfs_unshareall_nfs(zfs_handle_t *zhp)
979 return (zfs_unshareall_proto(zhp, nfs_only));
983 zfs_unshareall_smb(zfs_handle_t *zhp)
985 return (zfs_unshareall_proto(zhp, smb_only));
989 zfs_unshareall(zfs_handle_t *zhp)
991 return (zfs_unshareall_proto(zhp, share_all_proto));
995 zfs_unshareall_bypath(zfs_handle_t *zhp, const char *mountpoint)
997 return (zfs_unshare_proto(zhp, mountpoint, share_all_proto));
1001 zfs_unshareall_bytype(zfs_handle_t *zhp, const char *mountpoint,
1005 return (zfs_unshare_proto(zhp, mountpoint, share_all_proto));
1006 if (strcmp(proto, "nfs") == 0)
1007 return (zfs_unshare_proto(zhp, mountpoint, nfs_only));
1008 else if (strcmp(proto, "smb") == 0)
1009 return (zfs_unshare_proto(zhp, mountpoint, smb_only));
1015 * Remove the mountpoint associated with the current dataset, if necessary.
1016 * We only remove the underlying directory if:
1018 * - The mountpoint is not 'none' or 'legacy'
1019 * - The mountpoint is non-empty
1020 * - The mountpoint is the default or inherited
1021 * - The 'zoned' property is set, or we're in a local zone
1023 * Any other directories we leave alone.
1026 remove_mountpoint(zfs_handle_t *zhp)
1028 char mountpoint[ZFS_MAXPROPLEN];
1029 zprop_source_t source;
1031 if (!zfs_is_mountable(zhp, mountpoint, sizeof (mountpoint),
1035 if (source == ZPROP_SRC_DEFAULT ||
1036 source == ZPROP_SRC_INHERITED) {
1038 * Try to remove the directory, silently ignoring any errors.
1039 * The filesystem may have since been removed or moved around,
1040 * and this error isn't really useful to the administrator in
1043 (void) rmdir(mountpoint);
1048 * Add the given zfs handle to the cb_handles array, dynamically reallocating
1049 * the array if it is out of space.
1052 libzfs_add_handle(get_all_cb_t *cbp, zfs_handle_t *zhp)
1054 if (cbp->cb_alloc == cbp->cb_used) {
1056 zfs_handle_t **newhandles;
1058 newsz = cbp->cb_alloc != 0 ? cbp->cb_alloc * 2 : 64;
1059 newhandles = zfs_realloc(zhp->zfs_hdl,
1060 cbp->cb_handles, cbp->cb_alloc * sizeof (zfs_handle_t *),
1061 newsz * sizeof (zfs_handle_t *));
1062 cbp->cb_handles = newhandles;
1063 cbp->cb_alloc = newsz;
1065 cbp->cb_handles[cbp->cb_used++] = zhp;
1069 * Recursive helper function used during file system enumeration
1072 zfs_iter_cb(zfs_handle_t *zhp, void *data)
1074 get_all_cb_t *cbp = data;
1076 if (!(zfs_get_type(zhp) & ZFS_TYPE_FILESYSTEM)) {
1081 if (zfs_prop_get_int(zhp, ZFS_PROP_CANMOUNT) == ZFS_CANMOUNT_NOAUTO) {
1086 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
1087 ZFS_KEYSTATUS_UNAVAILABLE) {
1093 * If this filesystem is inconsistent and has a receive resume
1094 * token, we can not mount it.
1096 if (zfs_prop_get_int(zhp, ZFS_PROP_INCONSISTENT) &&
1097 zfs_prop_get(zhp, ZFS_PROP_RECEIVE_RESUME_TOKEN,
1098 NULL, 0, NULL, NULL, 0, B_TRUE) == 0) {
1103 libzfs_add_handle(cbp, zhp);
1104 if (zfs_iter_filesystems(zhp, zfs_iter_cb, cbp) != 0) {
1112 * Sort comparator that compares two mountpoint paths. We sort these paths so
1113 * that subdirectories immediately follow their parents. This means that we
1114 * effectively treat the '/' character as the lowest value non-nul char.
1115 * Since filesystems from non-global zones can have the same mountpoint
1116 * as other filesystems, the comparator sorts global zone filesystems to
1117 * the top of the list. This means that the global zone will traverse the
1118 * filesystem list in the correct order and can stop when it sees the
1119 * first zoned filesystem. In a non-global zone, only the delegated
1120 * filesystems are seen.
1122 * An example sorted list using this comparator would look like:
1132 * The mounting code depends on this ordering to deterministically iterate
1133 * over filesystems in order to spawn parallel mount tasks.
1136 mountpoint_cmp(const void *arga, const void *argb)
1138 zfs_handle_t *const *zap = arga;
1139 zfs_handle_t *za = *zap;
1140 zfs_handle_t *const *zbp = argb;
1141 zfs_handle_t *zb = *zbp;
1142 char mounta[MAXPATHLEN];
1143 char mountb[MAXPATHLEN];
1144 const char *a = mounta;
1145 const char *b = mountb;
1146 boolean_t gota, gotb;
1147 uint64_t zoneda, zonedb;
1149 zoneda = zfs_prop_get_int(za, ZFS_PROP_ZONED);
1150 zonedb = zfs_prop_get_int(zb, ZFS_PROP_ZONED);
1151 if (zoneda && !zonedb)
1153 if (!zoneda && zonedb)
1156 gota = (zfs_get_type(za) == ZFS_TYPE_FILESYSTEM);
1158 verify(zfs_prop_get(za, ZFS_PROP_MOUNTPOINT, mounta,
1159 sizeof (mounta), NULL, NULL, 0, B_FALSE) == 0);
1161 gotb = (zfs_get_type(zb) == ZFS_TYPE_FILESYSTEM);
1163 verify(zfs_prop_get(zb, ZFS_PROP_MOUNTPOINT, mountb,
1164 sizeof (mountb), NULL, NULL, 0, B_FALSE) == 0);
1168 while (*a != '\0' && (*a == *b)) {
1182 return (*a < *b ? -1 : *a > *b);
1191 * If neither filesystem has a mountpoint, revert to sorting by
1194 return (strcmp(zfs_get_name(za), zfs_get_name(zb)));
1198 * Return true if path2 is a child of path1 or path2 equals path1 or
1199 * path1 is "/" (path2 is always a child of "/").
1202 libzfs_path_contains(const char *path1, const char *path2)
1204 return (strcmp(path1, path2) == 0 || strcmp(path1, "/") == 0 ||
1205 (strstr(path2, path1) == path2 && path2[strlen(path1)] == '/'));
1209 * Given a mountpoint specified by idx in the handles array, find the first
1210 * non-descendent of that mountpoint and return its index. Descendant paths
1211 * start with the parent's path. This function relies on the ordering
1212 * enforced by mountpoint_cmp().
1215 non_descendant_idx(zfs_handle_t **handles, size_t num_handles, int idx)
1217 char parent[ZFS_MAXPROPLEN];
1218 char child[ZFS_MAXPROPLEN];
1221 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, parent,
1222 sizeof (parent), NULL, NULL, 0, B_FALSE) == 0);
1224 for (i = idx + 1; i < num_handles; i++) {
1225 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT, child,
1226 sizeof (child), NULL, NULL, 0, B_FALSE) == 0);
1227 if (!libzfs_path_contains(parent, child))
1233 typedef struct mnt_param {
1234 libzfs_handle_t *mnt_hdl;
1236 zfs_handle_t **mnt_zhps; /* filesystems to mount */
1237 size_t mnt_num_handles;
1238 int mnt_idx; /* Index of selected entry to mount */
1239 zfs_iter_f mnt_func;
1244 * Allocate and populate the parameter struct for mount function, and
1245 * schedule mounting of the entry selected by idx.
1248 zfs_dispatch_mount(libzfs_handle_t *hdl, zfs_handle_t **handles,
1249 size_t num_handles, int idx, zfs_iter_f func, void *data, tpool_t *tp)
1251 mnt_param_t *mnt_param = zfs_alloc(hdl, sizeof (mnt_param_t));
1253 mnt_param->mnt_hdl = hdl;
1254 mnt_param->mnt_tp = tp;
1255 mnt_param->mnt_zhps = handles;
1256 mnt_param->mnt_num_handles = num_handles;
1257 mnt_param->mnt_idx = idx;
1258 mnt_param->mnt_func = func;
1259 mnt_param->mnt_data = data;
1261 (void) tpool_dispatch(tp, zfs_mount_task, (void*)mnt_param);
1265 * This is the structure used to keep state of mounting or sharing operations
1266 * during a call to zpool_enable_datasets().
1268 typedef struct mount_state {
1270 * ms_mntstatus is set to -1 if any mount fails. While multiple threads
1271 * could update this variable concurrently, no synchronization is
1272 * needed as it's only ever set to -1.
1276 const char *ms_mntopts;
1280 zfs_mount_one(zfs_handle_t *zhp, void *arg)
1282 mount_state_t *ms = arg;
1286 * don't attempt to mount encrypted datasets with
1289 if (zfs_prop_get_int(zhp, ZFS_PROP_KEYSTATUS) ==
1290 ZFS_KEYSTATUS_UNAVAILABLE)
1293 if (zfs_mount(zhp, ms->ms_mntopts, ms->ms_mntflags) != 0)
1294 ret = ms->ms_mntstatus = -1;
1299 zfs_share_one(zfs_handle_t *zhp, void *arg)
1301 mount_state_t *ms = arg;
1304 if (zfs_share(zhp) != 0)
1305 ret = ms->ms_mntstatus = -1;
1310 * Thread pool function to mount one file system. On completion, it finds and
1311 * schedules its children to be mounted. This depends on the sorting done in
1312 * zfs_foreach_mountpoint(). Note that the degenerate case (chain of entries
1313 * each descending from the previous) will have no parallelism since we always
1314 * have to wait for the parent to finish mounting before we can schedule
1318 zfs_mount_task(void *arg)
1320 mnt_param_t *mp = arg;
1321 int idx = mp->mnt_idx;
1322 zfs_handle_t **handles = mp->mnt_zhps;
1323 size_t num_handles = mp->mnt_num_handles;
1324 char mountpoint[ZFS_MAXPROPLEN];
1326 verify(zfs_prop_get(handles[idx], ZFS_PROP_MOUNTPOINT, mountpoint,
1327 sizeof (mountpoint), NULL, NULL, 0, B_FALSE) == 0);
1329 if (mp->mnt_func(handles[idx], mp->mnt_data) != 0)
1333 * We dispatch tasks to mount filesystems with mountpoints underneath
1334 * this one. We do this by dispatching the next filesystem with a
1335 * descendant mountpoint of the one we just mounted, then skip all of
1336 * its descendants, dispatch the next descendant mountpoint, and so on.
1337 * The non_descendant_idx() function skips over filesystems that are
1338 * descendants of the filesystem we just dispatched.
1340 for (int i = idx + 1; i < num_handles;
1341 i = non_descendant_idx(handles, num_handles, i)) {
1342 char child[ZFS_MAXPROPLEN];
1343 verify(zfs_prop_get(handles[i], ZFS_PROP_MOUNTPOINT,
1344 child, sizeof (child), NULL, NULL, 0, B_FALSE) == 0);
1346 if (!libzfs_path_contains(mountpoint, child))
1347 break; /* not a descendant, return */
1348 zfs_dispatch_mount(mp->mnt_hdl, handles, num_handles, i,
1349 mp->mnt_func, mp->mnt_data, mp->mnt_tp);
1355 * Issue the func callback for each ZFS handle contained in the handles
1356 * array. This function is used to mount all datasets, and so this function
1357 * guarantees that filesystems for parent mountpoints are called before their
1358 * children. As such, before issuing any callbacks, we first sort the array
1359 * of handles by mountpoint.
1361 * Callbacks are issued in one of two ways:
1363 * 1. Sequentially: If the parallel argument is B_FALSE or the ZFS_SERIAL_MOUNT
1364 * environment variable is set, then we issue callbacks sequentially.
1366 * 2. In parallel: If the parallel argument is B_TRUE and the ZFS_SERIAL_MOUNT
1367 * environment variable is not set, then we use a tpool to dispatch threads
1368 * to mount filesystems in parallel. This function dispatches tasks to mount
1369 * the filesystems at the top-level mountpoints, and these tasks in turn
1370 * are responsible for recursively mounting filesystems in their children
1374 zfs_foreach_mountpoint(libzfs_handle_t *hdl, zfs_handle_t **handles,
1375 size_t num_handles, zfs_iter_f func, void *data, boolean_t parallel)
1377 zoneid_t zoneid = getzoneid();
1380 * The ZFS_SERIAL_MOUNT environment variable is an undocumented
1381 * variable that can be used as a convenience to do a/b comparison
1382 * of serial vs. parallel mounting.
1384 boolean_t serial_mount = !parallel ||
1385 (getenv("ZFS_SERIAL_MOUNT") != NULL);
1388 * Sort the datasets by mountpoint. See mountpoint_cmp for details
1389 * of how these are sorted.
1391 qsort(handles, num_handles, sizeof (zfs_handle_t *), mountpoint_cmp);
1394 for (int i = 0; i < num_handles; i++) {
1395 func(handles[i], data);
1401 * Issue the callback function for each dataset using a parallel
1402 * algorithm that uses a thread pool to manage threads.
1404 tpool_t *tp = tpool_create(1, mount_tp_nthr, 0, NULL);
1407 * There may be multiple "top level" mountpoints outside of the pool's
1408 * root mountpoint, e.g.: /foo /bar. Dispatch a mount task for each of
1411 for (int i = 0; i < num_handles;
1412 i = non_descendant_idx(handles, num_handles, i)) {
1414 * Since the mountpoints have been sorted so that the zoned
1415 * filesystems are at the end, a zoned filesystem seen from
1416 * the global zone means that we're done.
1418 if (zoneid == GLOBAL_ZONEID &&
1419 zfs_prop_get_int(handles[i], ZFS_PROP_ZONED))
1421 zfs_dispatch_mount(hdl, handles, num_handles, i, func, data,
1425 tpool_wait(tp); /* wait for all scheduled mounts to complete */
1430 * Mount and share all datasets within the given pool. This assumes that no
1431 * datasets within the pool are currently mounted.
1433 #pragma weak zpool_mount_datasets = zpool_enable_datasets
1435 zpool_enable_datasets(zpool_handle_t *zhp, const char *mntopts, int flags)
1437 get_all_cb_t cb = { 0 };
1438 mount_state_t ms = { 0 };
1442 if ((zfsp = zfs_open(zhp->zpool_hdl, zhp->zpool_name,
1443 ZFS_TYPE_DATASET)) == NULL)
1447 * Gather all non-snapshot datasets within the pool. Start by adding
1448 * the root filesystem for this pool to the list, and then iterate
1449 * over all child filesystems.
1451 libzfs_add_handle(&cb, zfsp);
1452 if (zfs_iter_filesystems(zfsp, zfs_iter_cb, &cb) != 0)
1456 * Mount all filesystems
1458 ms.ms_mntopts = mntopts;
1459 ms.ms_mntflags = flags;
1460 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used,
1461 zfs_mount_one, &ms, B_TRUE);
1462 if (ms.ms_mntstatus != 0)
1463 ret = ms.ms_mntstatus;
1466 * Share all filesystems that need to be shared. This needs to be
1467 * a separate pass because libshare is not mt-safe, and so we need
1468 * to share serially.
1470 ms.ms_mntstatus = 0;
1471 zfs_foreach_mountpoint(zhp->zpool_hdl, cb.cb_handles, cb.cb_used,
1472 zfs_share_one, &ms, B_FALSE);
1473 if (ms.ms_mntstatus != 0)
1474 ret = ms.ms_mntstatus;
1476 zfs_commit_all_shares();
1479 for (int i = 0; i < cb.cb_used; i++)
1480 zfs_close(cb.cb_handles[i]);
1481 free(cb.cb_handles);
1487 mountpoint_compare(const void *a, const void *b)
1489 const char *mounta = *((char **)a);
1490 const char *mountb = *((char **)b);
1492 return (strcmp(mountb, mounta));
1495 /* alias for 2002/240 */
1496 #pragma weak zpool_unmount_datasets = zpool_disable_datasets
1498 * Unshare and unmount all datasets within the given pool. We don't want to
1499 * rely on traversing the DSL to discover the filesystems within the pool,
1500 * because this may be expensive (if not all of them are mounted), and can fail
1501 * arbitrarily (on I/O error, for example). Instead, we walk /proc/self/mounts
1502 * and gather all the filesystems that are currently mounted.
1505 zpool_disable_datasets(zpool_handle_t *zhp, boolean_t force)
1508 struct mnttab entry;
1510 char **mountpoints = NULL;
1511 zfs_handle_t **datasets = NULL;
1512 libzfs_handle_t *hdl = zhp->zpool_hdl;
1515 int flags = (force ? MS_FORCE : 0);
1517 namelen = strlen(zhp->zpool_name);
1519 /* Reopen MNTTAB to prevent reading stale data from open file */
1520 if (freopen(MNTTAB, "r", hdl->libzfs_mnttab) == NULL)
1524 while (getmntent(hdl->libzfs_mnttab, &entry) == 0) {
1526 * Ignore non-ZFS entries.
1528 if (entry.mnt_fstype == NULL ||
1529 strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0)
1533 * Ignore filesystems not within this pool.
1535 if (entry.mnt_mountp == NULL ||
1536 strncmp(entry.mnt_special, zhp->zpool_name, namelen) != 0 ||
1537 (entry.mnt_special[namelen] != '/' &&
1538 entry.mnt_special[namelen] != '\0'))
1542 * At this point we've found a filesystem within our pool. Add
1543 * it to our growing list.
1545 if (used == alloc) {
1547 if ((mountpoints = zfs_alloc(hdl,
1548 8 * sizeof (void *))) == NULL)
1551 if ((datasets = zfs_alloc(hdl,
1552 8 * sizeof (void *))) == NULL)
1559 if ((ptr = zfs_realloc(hdl, mountpoints,
1560 alloc * sizeof (void *),
1561 alloc * 2 * sizeof (void *))) == NULL)
1565 if ((ptr = zfs_realloc(hdl, datasets,
1566 alloc * sizeof (void *),
1567 alloc * 2 * sizeof (void *))) == NULL)
1575 if ((mountpoints[used] = zfs_strdup(hdl,
1576 entry.mnt_mountp)) == NULL)
1580 * This is allowed to fail, in case there is some I/O error. It
1581 * is only used to determine if we need to remove the underlying
1582 * mountpoint, so failure is not fatal.
1584 datasets[used] = make_dataset_handle(hdl, entry.mnt_special);
1590 * At this point, we have the entire list of filesystems, so sort it by
1593 qsort(mountpoints, used, sizeof (char *), mountpoint_compare);
1596 * Walk through and first unshare everything.
1598 for (i = 0; i < used; i++) {
1599 zfs_share_proto_t *curr_proto;
1600 for (curr_proto = share_all_proto; *curr_proto != PROTO_END;
1602 if (is_shared(mountpoints[i], *curr_proto) &&
1603 unshare_one(hdl, mountpoints[i],
1604 mountpoints[i], *curr_proto) != 0)
1608 zfs_commit_all_shares();
1611 * Now unmount everything, removing the underlying directories as
1614 for (i = 0; i < used; i++) {
1615 if (unmount_one(hdl, mountpoints[i], flags) != 0)
1619 for (i = 0; i < used; i++) {
1621 remove_mountpoint(datasets[i]);
1626 for (i = 0; i < used; i++) {
1628 zfs_close(datasets[i]);
1629 free(mountpoints[i]);