2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* CDDL HEADER START
|
|
|
|
*
|
|
|
|
* The contents of this file are subject to the terms of the
|
|
|
|
* Common Development and Distribution License (the "License").
|
|
|
|
* You may not use this file except in compliance with the License.
|
|
|
|
*
|
|
|
|
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
|
|
|
|
* or http://www.opensolaris.org/os/licensing.
|
|
|
|
* See the License for the specific language governing permissions
|
|
|
|
* and limitations under the License.
|
|
|
|
*
|
|
|
|
* When distributing Covered Code, include this CDDL HEADER in each
|
|
|
|
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
|
|
|
* If applicable, add the following below this CDDL HEADER, with the
|
|
|
|
* fields enclosed by brackets "[]" replaced with your own identifying
|
|
|
|
* information: Portions Copyright [yyyy] [name of copyright owner]
|
|
|
|
*
|
|
|
|
* CDDL HEADER END
|
|
|
|
*/
|
|
|
|
/*
|
2010-05-29 00:45:14 +04:00
|
|
|
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <sys/zfs_context.h>
|
|
|
|
#include <sys/dmu.h>
|
|
|
|
#include <sys/avl.h>
|
|
|
|
#include <sys/zap.h>
|
|
|
|
#include <sys/nvpair.h>
|
|
|
|
#ifdef _KERNEL
|
|
|
|
#include <sys/sid.h>
|
|
|
|
#include <sys/zfs_vfsops.h>
|
|
|
|
#include <sys/zfs_znode.h>
|
|
|
|
#endif
|
|
|
|
#include <sys/zfs_fuid.h>
|
|
|
|
|
|
|
|
/*
|
|
|
|
* FUID Domain table(s).
|
|
|
|
*
|
|
|
|
* The FUID table is stored as a packed nvlist of an array
|
|
|
|
* of nvlists which contain an index, domain string and offset
|
|
|
|
*
|
|
|
|
* During file system initialization the nvlist(s) are read and
|
|
|
|
* two AVL trees are created. One tree is keyed by the index number
|
|
|
|
* and the other by the domain string. Nodes are never removed from
|
2009-07-03 02:44:48 +04:00
|
|
|
* trees, but new entries may be added. If a new entry is added then
|
2017-03-08 03:21:37 +03:00
|
|
|
* the zfsvfs->z_fuid_dirty flag is set to true and the caller will then
|
2009-07-03 02:44:48 +04:00
|
|
|
* be responsible for calling zfs_fuid_sync() to sync the changes to disk.
|
|
|
|
*
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
#define FUID_IDX "fuid_idx"
|
|
|
|
#define FUID_DOMAIN "fuid_domain"
|
|
|
|
#define FUID_OFFSET "fuid_offset"
|
|
|
|
#define FUID_NVP_ARRAY "fuid_nvlist"
|
|
|
|
|
|
|
|
typedef struct fuid_domain {
|
|
|
|
avl_node_t f_domnode;
|
|
|
|
avl_node_t f_idxnode;
|
|
|
|
ksiddomain_t *f_ksid;
|
|
|
|
uint64_t f_idx;
|
|
|
|
} fuid_domain_t;
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
static char *nulldomain = "";
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Compare two indexes.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
idx_compare(const void *arg1, const void *arg2)
|
|
|
|
{
|
2016-08-27 21:12:53 +03:00
|
|
|
const fuid_domain_t *node1 = (const fuid_domain_t *)arg1;
|
|
|
|
const fuid_domain_t *node2 = (const fuid_domain_t *)arg2;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
Reduce loaded range tree memory usage
This patch implements a new tree structure for ZFS, and uses it to
store range trees more efficiently.
The new structure is approximately a B-tree, though there are some
small differences from the usual characterizations. The tree has core
nodes and leaf nodes; each contain data elements, which the elements
in the core nodes acting as separators between its children. The
difference between core and leaf nodes is that the core nodes have an
array of children, while leaf nodes don't. Every node in the tree may
be only partially full; in most cases, they are all at least 50% full
(in terms of element count) except for the root node, which can be
less full. Underfull nodes will steal from their neighbors or merge to
remain full enough, while overfull nodes will split in two. The data
elements are contained in tree-controlled buffers; they are copied
into these on insertion, and overwritten on deletion. This means that
the elements are not independently allocated, which reduces overhead,
but also means they can't be shared between trees (and also that
pointers to them are only valid until a side-effectful tree operation
occurs). The overhead varies based on how dense the tree is, but is
usually on the order of about 50% of the element size; the per-node
overheads are very small, and so don't make a significant difference.
The trees can accept arbitrary records; they accept a size and a
comparator to allow them to be used for a variety of purposes.
The new trees replace the AVL trees used in the range trees today.
Currently, the range_seg_t structure contains three 8 byte integers
of payload and two 24 byte avl_tree_node_ts to handle its storage in
both an offset-sorted tree and a size-sorted tree (total size: 64
bytes). In the new model, the range seg structures are usually two 4
byte integers, but a separate one needs to exist for the size-sorted
and offset-sorted tree. Between the raw size, the 50% overhead, and
the double storage, the new btrees are expected to use 8*1.5*2 = 24
bytes per record, or 33.3% as much memory as the AVL trees (this is
for the purposes of storing metaslab range trees; for other purposes,
like scrubs, they use ~50% as much memory).
We reduced the size of the payload in the range segments by teaching
range trees about starting offsets and shifts; since metaslabs have a
fixed starting offset, and they all operate in terms of disk sectors,
we can store the ranges using 4-byte integers as long as the size of
the metaslab divided by the sector size is less than 2^32. For 512-byte
sectors, this is a 2^41 (or 2TB) metaslab, which with the default
settings corresponds to a 256PB disk. 4k sector disks can handle
metaslabs up to 2^46 bytes, or 2^63 byte disks. Since we do not
anticipate disks of this size in the near future, there should be
almost no cases where metaslabs need 64-byte integers to store their
ranges. We do still have the capability to store 64-byte integer ranges
to account for cases where we are storing per-vdev (or per-dnode) trees,
which could reasonably go above the limits discussed. We also do not
store fill information in the compact version of the node, since it
is only used for sorted scrub.
We also optimized the metaslab loading process in various other ways
to offset some inefficiencies in the btree model. While individual
operations (find, insert, remove_from) are faster for the btree than
they are for the avl tree, remove usually requires a find operation,
while in the AVL tree model the element itself suffices. Some clever
changes actually caused an overall speedup in metaslab loading; we use
approximately 40% less cpu to load metaslabs in our tests on Illumos.
Another memory and performance optimization was achieved by changing
what is stored in the size-sorted trees. When a disk is heavily
fragmented, the df algorithm used by default in ZFS will almost always
find a number of small regions in its initial cursor-based search; it
will usually only fall back to the size-sorted tree to find larger
regions. If we increase the size of the cursor-based search slightly,
and don't store segments that are smaller than a tunable size floor
in the size-sorted tree, we can further cut memory usage down to
below 20% of what the AVL trees store. This also results in further
reductions in CPU time spent loading metaslabs.
The 16KiB size floor was chosen because it results in substantial memory
usage reduction while not usually resulting in situations where we can't
find an appropriate chunk with the cursor and are forced to use an
oversized chunk from the size-sorted tree. In addition, even if we do
have to use an oversized chunk from the size-sorted tree, the chunk
would be too small to use for ZIL allocations, so it isn't as big of a
loss as it might otherwise be. And often, more small allocations will
follow the initial one, and the cursor search will now find the
remainder of the chunk we didn't use all of and use it for subsequent
allocations. Practical testing has shown little or no change in
fragmentation as a result of this change.
If the size-sorted tree becomes empty while the offset sorted one still
has entries, it will load all the entries from the offset sorted tree
and disregard the size floor until it is unloaded again. This operation
occurs rarely with the default setting, only on incredibly thoroughly
fragmented pools.
There are some other small changes to zdb to teach it to handle btrees,
but nothing major.
Reviewed-by: George Wilson <gwilson@delphix.com>
Reviewed-by: Matt Ahrens <matt@delphix.com>
Reviewed by: Sebastien Roy seb@delphix.com
Reviewed-by: Igor Kozhukhov <igor@dilos.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Paul Dagnelie <pcd@delphix.com>
Closes #9181
2019-10-09 20:36:03 +03:00
|
|
|
return (TREE_CMP(node1->f_idx, node2->f_idx));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Compare two domain strings.
|
|
|
|
*/
|
|
|
|
static int
|
|
|
|
domain_compare(const void *arg1, const void *arg2)
|
|
|
|
{
|
2016-08-27 21:12:53 +03:00
|
|
|
const fuid_domain_t *node1 = (const fuid_domain_t *)arg1;
|
|
|
|
const fuid_domain_t *node2 = (const fuid_domain_t *)arg2;
|
2008-11-20 23:01:55 +03:00
|
|
|
int val;
|
|
|
|
|
|
|
|
val = strcmp(node1->f_ksid->kd_name, node2->f_ksid->kd_name);
|
2016-08-27 21:12:53 +03:00
|
|
|
|
Reduce loaded range tree memory usage
This patch implements a new tree structure for ZFS, and uses it to
store range trees more efficiently.
The new structure is approximately a B-tree, though there are some
small differences from the usual characterizations. The tree has core
nodes and leaf nodes; each contain data elements, which the elements
in the core nodes acting as separators between its children. The
difference between core and leaf nodes is that the core nodes have an
array of children, while leaf nodes don't. Every node in the tree may
be only partially full; in most cases, they are all at least 50% full
(in terms of element count) except for the root node, which can be
less full. Underfull nodes will steal from their neighbors or merge to
remain full enough, while overfull nodes will split in two. The data
elements are contained in tree-controlled buffers; they are copied
into these on insertion, and overwritten on deletion. This means that
the elements are not independently allocated, which reduces overhead,
but also means they can't be shared between trees (and also that
pointers to them are only valid until a side-effectful tree operation
occurs). The overhead varies based on how dense the tree is, but is
usually on the order of about 50% of the element size; the per-node
overheads are very small, and so don't make a significant difference.
The trees can accept arbitrary records; they accept a size and a
comparator to allow them to be used for a variety of purposes.
The new trees replace the AVL trees used in the range trees today.
Currently, the range_seg_t structure contains three 8 byte integers
of payload and two 24 byte avl_tree_node_ts to handle its storage in
both an offset-sorted tree and a size-sorted tree (total size: 64
bytes). In the new model, the range seg structures are usually two 4
byte integers, but a separate one needs to exist for the size-sorted
and offset-sorted tree. Between the raw size, the 50% overhead, and
the double storage, the new btrees are expected to use 8*1.5*2 = 24
bytes per record, or 33.3% as much memory as the AVL trees (this is
for the purposes of storing metaslab range trees; for other purposes,
like scrubs, they use ~50% as much memory).
We reduced the size of the payload in the range segments by teaching
range trees about starting offsets and shifts; since metaslabs have a
fixed starting offset, and they all operate in terms of disk sectors,
we can store the ranges using 4-byte integers as long as the size of
the metaslab divided by the sector size is less than 2^32. For 512-byte
sectors, this is a 2^41 (or 2TB) metaslab, which with the default
settings corresponds to a 256PB disk. 4k sector disks can handle
metaslabs up to 2^46 bytes, or 2^63 byte disks. Since we do not
anticipate disks of this size in the near future, there should be
almost no cases where metaslabs need 64-byte integers to store their
ranges. We do still have the capability to store 64-byte integer ranges
to account for cases where we are storing per-vdev (or per-dnode) trees,
which could reasonably go above the limits discussed. We also do not
store fill information in the compact version of the node, since it
is only used for sorted scrub.
We also optimized the metaslab loading process in various other ways
to offset some inefficiencies in the btree model. While individual
operations (find, insert, remove_from) are faster for the btree than
they are for the avl tree, remove usually requires a find operation,
while in the AVL tree model the element itself suffices. Some clever
changes actually caused an overall speedup in metaslab loading; we use
approximately 40% less cpu to load metaslabs in our tests on Illumos.
Another memory and performance optimization was achieved by changing
what is stored in the size-sorted trees. When a disk is heavily
fragmented, the df algorithm used by default in ZFS will almost always
find a number of small regions in its initial cursor-based search; it
will usually only fall back to the size-sorted tree to find larger
regions. If we increase the size of the cursor-based search slightly,
and don't store segments that are smaller than a tunable size floor
in the size-sorted tree, we can further cut memory usage down to
below 20% of what the AVL trees store. This also results in further
reductions in CPU time spent loading metaslabs.
The 16KiB size floor was chosen because it results in substantial memory
usage reduction while not usually resulting in situations where we can't
find an appropriate chunk with the cursor and are forced to use an
oversized chunk from the size-sorted tree. In addition, even if we do
have to use an oversized chunk from the size-sorted tree, the chunk
would be too small to use for ZIL allocations, so it isn't as big of a
loss as it might otherwise be. And often, more small allocations will
follow the initial one, and the cursor search will now find the
remainder of the chunk we didn't use all of and use it for subsequent
allocations. Practical testing has shown little or no change in
fragmentation as a result of this change.
If the size-sorted tree becomes empty while the offset sorted one still
has entries, it will load all the entries from the offset sorted tree
and disregard the size floor until it is unloaded again. This operation
occurs rarely with the default setting, only on incredibly thoroughly
fragmented pools.
There are some other small changes to zdb to teach it to handle btrees,
but nothing major.
Reviewed-by: George Wilson <gwilson@delphix.com>
Reviewed-by: Matt Ahrens <matt@delphix.com>
Reviewed by: Sebastien Roy seb@delphix.com
Reviewed-by: Igor Kozhukhov <igor@dilos.org>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Paul Dagnelie <pcd@delphix.com>
Closes #9181
2019-10-09 20:36:03 +03:00
|
|
|
return (TREE_ISIGN(val));
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
void
|
|
|
|
zfs_fuid_avl_tree_create(avl_tree_t *idx_tree, avl_tree_t *domain_tree)
|
|
|
|
{
|
|
|
|
avl_create(idx_tree, idx_compare,
|
|
|
|
sizeof (fuid_domain_t), offsetof(fuid_domain_t, f_idxnode));
|
|
|
|
avl_create(domain_tree, domain_compare,
|
|
|
|
sizeof (fuid_domain_t), offsetof(fuid_domain_t, f_domnode));
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* load initial fuid domain and idx trees. This function is used by
|
|
|
|
* both the kernel and zdb.
|
|
|
|
*/
|
|
|
|
uint64_t
|
|
|
|
zfs_fuid_table_load(objset_t *os, uint64_t fuid_obj, avl_tree_t *idx_tree,
|
|
|
|
avl_tree_t *domain_tree)
|
|
|
|
{
|
|
|
|
dmu_buf_t *db;
|
|
|
|
uint64_t fuid_size;
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
ASSERT(fuid_obj != 0);
|
|
|
|
VERIFY(0 == dmu_bonus_hold(os, fuid_obj,
|
|
|
|
FTAG, &db));
|
2008-11-20 23:01:55 +03:00
|
|
|
fuid_size = *(uint64_t *)db->db_data;
|
|
|
|
dmu_buf_rele(db, FTAG);
|
|
|
|
|
|
|
|
if (fuid_size) {
|
|
|
|
nvlist_t **fuidnvp;
|
|
|
|
nvlist_t *nvp = NULL;
|
|
|
|
uint_t count;
|
|
|
|
char *packed;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
packed = kmem_alloc(fuid_size, KM_SLEEP);
|
2009-07-03 02:44:48 +04:00
|
|
|
VERIFY(dmu_read(os, fuid_obj, 0,
|
|
|
|
fuid_size, packed, DMU_READ_PREFETCH) == 0);
|
2008-11-20 23:01:55 +03:00
|
|
|
VERIFY(nvlist_unpack(packed, fuid_size,
|
|
|
|
&nvp, 0) == 0);
|
|
|
|
VERIFY(nvlist_lookup_nvlist_array(nvp, FUID_NVP_ARRAY,
|
|
|
|
&fuidnvp, &count) == 0);
|
|
|
|
|
|
|
|
for (i = 0; i != count; i++) {
|
|
|
|
fuid_domain_t *domnode;
|
|
|
|
char *domain;
|
|
|
|
uint64_t idx;
|
|
|
|
|
|
|
|
VERIFY(nvlist_lookup_string(fuidnvp[i], FUID_DOMAIN,
|
|
|
|
&domain) == 0);
|
|
|
|
VERIFY(nvlist_lookup_uint64(fuidnvp[i], FUID_IDX,
|
|
|
|
&idx) == 0);
|
|
|
|
|
|
|
|
domnode = kmem_alloc(sizeof (fuid_domain_t), KM_SLEEP);
|
|
|
|
|
|
|
|
domnode->f_idx = idx;
|
|
|
|
domnode->f_ksid = ksid_lookupdomain(domain);
|
|
|
|
avl_add(idx_tree, domnode);
|
|
|
|
avl_add(domain_tree, domnode);
|
|
|
|
}
|
|
|
|
nvlist_free(nvp);
|
|
|
|
kmem_free(packed, fuid_size);
|
|
|
|
}
|
|
|
|
return (fuid_size);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
zfs_fuid_table_destroy(avl_tree_t *idx_tree, avl_tree_t *domain_tree)
|
|
|
|
{
|
|
|
|
fuid_domain_t *domnode;
|
|
|
|
void *cookie;
|
|
|
|
|
|
|
|
cookie = NULL;
|
2010-08-26 20:52:42 +04:00
|
|
|
while ((domnode = avl_destroy_nodes(domain_tree, &cookie)))
|
2008-11-20 23:01:55 +03:00
|
|
|
ksiddomain_rele(domnode->f_ksid);
|
|
|
|
|
|
|
|
avl_destroy(domain_tree);
|
|
|
|
cookie = NULL;
|
2010-08-26 20:52:42 +04:00
|
|
|
while ((domnode = avl_destroy_nodes(idx_tree, &cookie)))
|
2008-11-20 23:01:55 +03:00
|
|
|
kmem_free(domnode, sizeof (fuid_domain_t));
|
|
|
|
avl_destroy(idx_tree);
|
|
|
|
}
|
|
|
|
|
|
|
|
char *
|
|
|
|
zfs_fuid_idx_domain(avl_tree_t *idx_tree, uint32_t idx)
|
|
|
|
{
|
|
|
|
fuid_domain_t searchnode, *findnode;
|
|
|
|
avl_index_t loc;
|
|
|
|
|
|
|
|
searchnode.f_idx = idx;
|
|
|
|
|
|
|
|
findnode = avl_find(idx_tree, &searchnode, &loc);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
return (findnode ? findnode->f_ksid->kd_name : nulldomain);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef _KERNEL
|
|
|
|
/*
|
|
|
|
* Load the fuid table(s) into memory.
|
|
|
|
*/
|
|
|
|
static void
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_init(zfsvfs_t *zfsvfs)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_enter(&zfsvfs->z_fuid_lock, RW_WRITER);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_loaded) {
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_avl_tree_create(&zfsvfs->z_fuid_idx, &zfsvfs->z_fuid_domain);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
(void) zap_lookup(zfsvfs->z_os, MASTER_NODE_OBJ,
|
|
|
|
ZFS_FUID_TABLES, 8, 1, &zfsvfs->z_fuid_obj);
|
|
|
|
if (zfsvfs->z_fuid_obj != 0) {
|
|
|
|
zfsvfs->z_fuid_size = zfs_fuid_table_load(zfsvfs->z_os,
|
|
|
|
zfsvfs->z_fuid_obj, &zfsvfs->z_fuid_idx,
|
|
|
|
&zfsvfs->z_fuid_domain);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_loaded = B_TRUE;
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* sync out AVL trees to persistent storage.
|
|
|
|
*/
|
|
|
|
void
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_sync(zfsvfs_t *zfsvfs, dmu_tx_t *tx)
|
2009-07-03 02:44:48 +04:00
|
|
|
{
|
|
|
|
nvlist_t *nvp;
|
|
|
|
nvlist_t **fuids;
|
|
|
|
size_t nvsize = 0;
|
|
|
|
char *packed;
|
|
|
|
dmu_buf_t *db;
|
|
|
|
fuid_domain_t *domnode;
|
|
|
|
int numnodes;
|
|
|
|
int i;
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (!zfsvfs->z_fuid_dirty) {
|
2009-07-03 02:44:48 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_enter(&zfsvfs->z_fuid_lock, RW_WRITER);
|
2009-07-03 02:44:48 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* First see if table needs to be created?
|
|
|
|
*/
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_obj == 0) {
|
|
|
|
zfsvfs->z_fuid_obj = dmu_object_alloc(zfsvfs->z_os,
|
2009-07-03 02:44:48 +04:00
|
|
|
DMU_OT_FUID, 1 << 14, DMU_OT_FUID_SIZE,
|
|
|
|
sizeof (uint64_t), tx);
|
2017-03-08 03:21:37 +03:00
|
|
|
VERIFY(zap_add(zfsvfs->z_os, MASTER_NODE_OBJ,
|
2009-07-03 02:44:48 +04:00
|
|
|
ZFS_FUID_TABLES, sizeof (uint64_t), 1,
|
2017-03-08 03:21:37 +03:00
|
|
|
&zfsvfs->z_fuid_obj, tx) == 0);
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
VERIFY(nvlist_alloc(&nvp, NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
numnodes = avl_numnodes(&zfsvfs->z_fuid_idx);
|
2009-07-03 02:44:48 +04:00
|
|
|
fuids = kmem_alloc(numnodes * sizeof (void *), KM_SLEEP);
|
2017-03-08 03:21:37 +03:00
|
|
|
for (i = 0, domnode = avl_first(&zfsvfs->z_fuid_domain); domnode; i++,
|
|
|
|
domnode = AVL_NEXT(&zfsvfs->z_fuid_domain, domnode)) {
|
2009-07-03 02:44:48 +04:00
|
|
|
VERIFY(nvlist_alloc(&fuids[i], NV_UNIQUE_NAME, KM_SLEEP) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(fuids[i], FUID_IDX,
|
|
|
|
domnode->f_idx) == 0);
|
|
|
|
VERIFY(nvlist_add_uint64(fuids[i], FUID_OFFSET, 0) == 0);
|
|
|
|
VERIFY(nvlist_add_string(fuids[i], FUID_DOMAIN,
|
|
|
|
domnode->f_ksid->kd_name) == 0);
|
|
|
|
}
|
|
|
|
VERIFY(nvlist_add_nvlist_array(nvp, FUID_NVP_ARRAY,
|
|
|
|
fuids, numnodes) == 0);
|
|
|
|
for (i = 0; i != numnodes; i++)
|
|
|
|
nvlist_free(fuids[i]);
|
|
|
|
kmem_free(fuids, numnodes * sizeof (void *));
|
|
|
|
VERIFY(nvlist_size(nvp, &nvsize, NV_ENCODE_XDR) == 0);
|
|
|
|
packed = kmem_alloc(nvsize, KM_SLEEP);
|
|
|
|
VERIFY(nvlist_pack(nvp, &packed, &nvsize,
|
|
|
|
NV_ENCODE_XDR, KM_SLEEP) == 0);
|
|
|
|
nvlist_free(nvp);
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_size = nvsize;
|
|
|
|
dmu_write(zfsvfs->z_os, zfsvfs->z_fuid_obj, 0,
|
|
|
|
zfsvfs->z_fuid_size, packed, tx);
|
|
|
|
kmem_free(packed, zfsvfs->z_fuid_size);
|
|
|
|
VERIFY(0 == dmu_bonus_hold(zfsvfs->z_os, zfsvfs->z_fuid_obj,
|
2009-07-03 02:44:48 +04:00
|
|
|
FTAG, &db));
|
|
|
|
dmu_buf_will_dirty(db, tx);
|
2017-03-08 03:21:37 +03:00
|
|
|
*(uint64_t *)db->db_data = zfsvfs->z_fuid_size;
|
2009-07-03 02:44:48 +04:00
|
|
|
dmu_buf_rele(db, FTAG);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
zfsvfs->z_fuid_dirty = B_FALSE;
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Query domain table for a given domain.
|
|
|
|
*
|
2009-07-03 02:44:48 +04:00
|
|
|
* If domain isn't found and addok is set, it is added to AVL trees and
|
2017-03-08 03:21:37 +03:00
|
|
|
* the zfsvfs->z_fuid_dirty flag will be set to TRUE. It will then be
|
2009-07-03 02:44:48 +04:00
|
|
|
* necessary for the caller or another thread to detect the dirty table
|
|
|
|
* and sync out the changes.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
int
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_find_by_domain(zfsvfs_t *zfsvfs, const char *domain,
|
2009-07-03 02:44:48 +04:00
|
|
|
char **retdomain, boolean_t addok)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
fuid_domain_t searchnode, *findnode;
|
|
|
|
avl_index_t loc;
|
2008-12-03 23:09:06 +03:00
|
|
|
krw_t rw = RW_READER;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If the dummy "nobody" domain then return an index of 0
|
|
|
|
* to cause the created FUID to be a standard POSIX id
|
|
|
|
* for the user nobody.
|
|
|
|
*/
|
|
|
|
if (domain[0] == '\0') {
|
2009-07-03 02:44:48 +04:00
|
|
|
if (retdomain)
|
|
|
|
*retdomain = nulldomain;
|
2008-11-20 23:01:55 +03:00
|
|
|
return (0);
|
|
|
|
}
|
|
|
|
|
|
|
|
searchnode.f_ksid = ksid_lookupdomain(domain);
|
2009-07-03 02:44:48 +04:00
|
|
|
if (retdomain)
|
2008-11-20 23:01:55 +03:00
|
|
|
*retdomain = searchnode.f_ksid->kd_name;
|
2017-03-08 03:21:37 +03:00
|
|
|
if (!zfsvfs->z_fuid_loaded)
|
|
|
|
zfs_fuid_init(zfsvfs);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
retry:
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_enter(&zfsvfs->z_fuid_lock, rw);
|
|
|
|
findnode = avl_find(&zfsvfs->z_fuid_domain, &searchnode, &loc);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
if (findnode) {
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
ksiddomain_rele(searchnode.f_ksid);
|
|
|
|
return (findnode->f_idx);
|
2009-07-03 02:44:48 +04:00
|
|
|
} else if (addok) {
|
2008-11-20 23:01:55 +03:00
|
|
|
fuid_domain_t *domnode;
|
|
|
|
uint64_t retidx;
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (rw == RW_READER && !rw_tryupgrade(&zfsvfs->z_fuid_lock)) {
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-12-03 23:09:06 +03:00
|
|
|
rw = RW_WRITER;
|
|
|
|
goto retry;
|
|
|
|
}
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
domnode = kmem_alloc(sizeof (fuid_domain_t), KM_SLEEP);
|
|
|
|
domnode->f_ksid = searchnode.f_ksid;
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
retidx = domnode->f_idx = avl_numnodes(&zfsvfs->z_fuid_idx) + 1;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
avl_add(&zfsvfs->z_fuid_domain, domnode);
|
|
|
|
avl_add(&zfsvfs->z_fuid_idx, domnode);
|
|
|
|
zfsvfs->z_fuid_dirty = B_TRUE;
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (retidx);
|
2009-07-03 02:44:48 +04:00
|
|
|
} else {
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2009-07-03 02:44:48 +04:00
|
|
|
return (-1);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Query domain table by index, returning domain string
|
|
|
|
*
|
|
|
|
* Returns a pointer from an avl node of the domain string.
|
|
|
|
*
|
|
|
|
*/
|
2009-07-03 02:44:48 +04:00
|
|
|
const char *
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_find_by_idx(zfsvfs_t *zfsvfs, uint32_t idx)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
char *domain;
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (idx == 0 || !zfsvfs->z_use_fuids)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (NULL);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (!zfsvfs->z_fuid_loaded)
|
|
|
|
zfs_fuid_init(zfsvfs);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_enter(&zfsvfs->z_fuid_lock, RW_READER);
|
2008-12-03 23:09:06 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_obj || zfsvfs->z_fuid_dirty)
|
|
|
|
domain = zfs_fuid_idx_domain(&zfsvfs->z_fuid_idx, idx);
|
2008-12-03 23:09:06 +03:00
|
|
|
else
|
|
|
|
domain = nulldomain;
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
ASSERT(domain);
|
|
|
|
return (domain);
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
zfs_fuid_map_ids(znode_t *zp, cred_t *cr, uid_t *uidp, uid_t *gidp)
|
|
|
|
{
|
2019-10-02 19:15:12 +03:00
|
|
|
*uidp = zfs_fuid_map_id(ZTOZSB(zp), KUID_TO_SUID(ZTOUID(zp)),
|
2016-05-22 14:15:57 +03:00
|
|
|
cr, ZFS_OWNER);
|
2019-10-02 19:15:12 +03:00
|
|
|
*gidp = zfs_fuid_map_id(ZTOZSB(zp), KGID_TO_SGID(ZTOGID(zp)),
|
2016-05-22 14:15:57 +03:00
|
|
|
cr, ZFS_GROUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
uid_t
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_map_id(zfsvfs_t *zfsvfs, uint64_t fuid,
|
2008-11-20 23:01:55 +03:00
|
|
|
cred_t *cr, zfs_fuid_type_t type)
|
|
|
|
{
|
2010-12-18 02:21:18 +03:00
|
|
|
#ifdef HAVE_KSID
|
2008-11-20 23:01:55 +03:00
|
|
|
uint32_t index = FUID_INDEX(fuid);
|
2009-07-03 02:44:48 +04:00
|
|
|
const char *domain;
|
2008-11-20 23:01:55 +03:00
|
|
|
uid_t id;
|
|
|
|
|
|
|
|
if (index == 0)
|
|
|
|
return (fuid);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
domain = zfs_fuid_find_by_idx(zfsvfs, index);
|
2008-11-20 23:01:55 +03:00
|
|
|
ASSERT(domain != NULL);
|
|
|
|
|
|
|
|
if (type == ZFS_OWNER || type == ZFS_ACE_USER) {
|
|
|
|
(void) kidmap_getuidbysid(crgetzone(cr), domain,
|
|
|
|
FUID_RID(fuid), &id);
|
|
|
|
} else {
|
|
|
|
(void) kidmap_getgidbysid(crgetzone(cr), domain,
|
|
|
|
FUID_RID(fuid), &id);
|
|
|
|
}
|
|
|
|
return (id);
|
2010-12-18 02:21:18 +03:00
|
|
|
#else
|
2011-03-01 23:24:09 +03:00
|
|
|
/*
|
|
|
|
* The Linux port only supports POSIX IDs, use the passed id.
|
|
|
|
*/
|
|
|
|
return (fuid);
|
2010-12-18 02:21:18 +03:00
|
|
|
#endif /* HAVE_KSID */
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Add a FUID node to the list of fuid's being created for this
|
|
|
|
* ACL
|
|
|
|
*
|
|
|
|
* If ACL has multiple domains, then keep only one copy of each unique
|
|
|
|
* domain.
|
|
|
|
*/
|
2010-05-29 00:45:14 +04:00
|
|
|
void
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_fuid_node_add(zfs_fuid_info_t **fuidpp, const char *domain, uint32_t rid,
|
|
|
|
uint64_t idx, uint64_t id, zfs_fuid_type_t type)
|
|
|
|
{
|
|
|
|
zfs_fuid_t *fuid;
|
|
|
|
zfs_fuid_domain_t *fuid_domain;
|
|
|
|
zfs_fuid_info_t *fuidp;
|
|
|
|
uint64_t fuididx;
|
|
|
|
boolean_t found = B_FALSE;
|
|
|
|
|
|
|
|
if (*fuidpp == NULL)
|
|
|
|
*fuidpp = zfs_fuid_info_alloc();
|
|
|
|
|
|
|
|
fuidp = *fuidpp;
|
|
|
|
/*
|
|
|
|
* First find fuid domain index in linked list
|
|
|
|
*
|
|
|
|
* If one isn't found then create an entry.
|
|
|
|
*/
|
|
|
|
|
|
|
|
for (fuididx = 1, fuid_domain = list_head(&fuidp->z_domains);
|
|
|
|
fuid_domain; fuid_domain = list_next(&fuidp->z_domains,
|
|
|
|
fuid_domain), fuididx++) {
|
|
|
|
if (idx == fuid_domain->z_domidx) {
|
|
|
|
found = B_TRUE;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!found) {
|
|
|
|
fuid_domain = kmem_alloc(sizeof (zfs_fuid_domain_t), KM_SLEEP);
|
|
|
|
fuid_domain->z_domain = domain;
|
|
|
|
fuid_domain->z_domidx = idx;
|
|
|
|
list_insert_tail(&fuidp->z_domains, fuid_domain);
|
|
|
|
fuidp->z_domain_str_sz += strlen(domain) + 1;
|
|
|
|
fuidp->z_domain_cnt++;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (type == ZFS_ACE_USER || type == ZFS_ACE_GROUP) {
|
2009-07-03 02:44:48 +04:00
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Now allocate fuid entry and add it on the end of the list
|
|
|
|
*/
|
|
|
|
|
|
|
|
fuid = kmem_alloc(sizeof (zfs_fuid_t), KM_SLEEP);
|
|
|
|
fuid->z_id = id;
|
|
|
|
fuid->z_domidx = idx;
|
|
|
|
fuid->z_logfuid = FUID_ENCODE(fuididx, rid);
|
|
|
|
|
|
|
|
list_insert_tail(&fuidp->z_fuids, fuid);
|
|
|
|
fuidp->z_fuid_cnt++;
|
|
|
|
} else {
|
|
|
|
if (type == ZFS_OWNER)
|
|
|
|
fuidp->z_fuid_owner = FUID_ENCODE(fuididx, rid);
|
|
|
|
else
|
|
|
|
fuidp->z_fuid_group = FUID_ENCODE(fuididx, rid);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-06-18 03:36:01 +03:00
|
|
|
#ifdef HAVE_KSID
|
2008-11-20 23:01:55 +03:00
|
|
|
/*
|
|
|
|
* Create a file system FUID, based on information in the users cred
|
2010-05-29 00:45:14 +04:00
|
|
|
*
|
|
|
|
* If cred contains KSID_OWNER then it should be used to determine
|
|
|
|
* the uid otherwise cred's uid will be used. By default cred's gid
|
|
|
|
* is used unless it's an ephemeral ID in which case KSID_GROUP will
|
|
|
|
* be used if it exists.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
uint64_t
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_create_cred(zfsvfs_t *zfsvfs, zfs_fuid_type_t type,
|
2009-07-03 02:44:48 +04:00
|
|
|
cred_t *cr, zfs_fuid_info_t **fuidp)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
|
|
|
uint64_t idx;
|
|
|
|
ksid_t *ksid;
|
|
|
|
uint32_t rid;
|
2011-02-08 22:16:06 +03:00
|
|
|
char *kdomain;
|
2008-11-20 23:01:55 +03:00
|
|
|
const char *domain;
|
|
|
|
uid_t id;
|
|
|
|
|
|
|
|
VERIFY(type == ZFS_OWNER || type == ZFS_GROUP);
|
|
|
|
|
2008-12-03 23:09:06 +03:00
|
|
|
ksid = crgetsid(cr, (type == ZFS_OWNER) ? KSID_OWNER : KSID_GROUP);
|
2010-05-29 00:45:14 +04:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (!zfsvfs->z_use_fuids || (ksid == NULL)) {
|
2010-05-29 00:45:14 +04:00
|
|
|
id = (type == ZFS_OWNER) ? crgetuid(cr) : crgetgid(cr);
|
|
|
|
|
|
|
|
if (IS_EPHEMERAL(id))
|
|
|
|
return ((type == ZFS_OWNER) ? UID_NOBODY : GID_NOBODY);
|
|
|
|
|
|
|
|
return ((uint64_t)id);
|
2008-12-03 23:09:06 +03:00
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
/*
|
|
|
|
* ksid is present and FUID is supported
|
|
|
|
*/
|
|
|
|
id = (type == ZFS_OWNER) ? ksid_getid(ksid) : crgetgid(cr);
|
|
|
|
|
|
|
|
if (!IS_EPHEMERAL(id))
|
2008-11-20 23:01:55 +03:00
|
|
|
return ((uint64_t)id);
|
|
|
|
|
2010-05-29 00:45:14 +04:00
|
|
|
if (type == ZFS_GROUP)
|
|
|
|
id = ksid_getid(ksid);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
rid = ksid_getrid(ksid);
|
|
|
|
domain = ksid_getdomain(ksid);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
idx = zfs_fuid_find_by_domain(zfsvfs, domain, &kdomain, B_TRUE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
zfs_fuid_node_add(fuidp, kdomain, rid, idx, id, type);
|
|
|
|
|
|
|
|
return (FUID_ENCODE(idx, rid));
|
2016-06-07 19:16:52 +03:00
|
|
|
}
|
2016-06-18 03:36:01 +03:00
|
|
|
#endif /* HAVE_KSID */
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Create a file system FUID for an ACL ace
|
|
|
|
* or a chown/chgrp of the file.
|
|
|
|
* This is similar to zfs_fuid_create_cred, except that
|
|
|
|
* we can't find the domain + rid information in the
|
|
|
|
* cred. Instead we have to query Winchester for the
|
|
|
|
* domain and rid.
|
|
|
|
*
|
|
|
|
* During replay operations the domain+rid information is
|
|
|
|
* found in the zfs_fuid_info_t that the replay code has
|
2017-03-08 03:21:37 +03:00
|
|
|
* attached to the zfsvfs of the file system.
|
2008-11-20 23:01:55 +03:00
|
|
|
*/
|
|
|
|
uint64_t
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_create(zfsvfs_t *zfsvfs, uint64_t id, cred_t *cr,
|
2009-07-03 02:44:48 +04:00
|
|
|
zfs_fuid_type_t type, zfs_fuid_info_t **fuidpp)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2010-12-18 02:21:18 +03:00
|
|
|
#ifdef HAVE_KSID
|
2008-11-20 23:01:55 +03:00
|
|
|
const char *domain;
|
|
|
|
char *kdomain;
|
|
|
|
uint32_t fuid_idx = FUID_INDEX(id);
|
|
|
|
uint32_t rid;
|
|
|
|
idmap_stat status;
|
2013-02-11 10:21:05 +04:00
|
|
|
uint64_t idx = 0;
|
2008-11-20 23:01:55 +03:00
|
|
|
zfs_fuid_t *zfuid = NULL;
|
2013-02-11 10:21:05 +04:00
|
|
|
zfs_fuid_info_t *fuidp = NULL;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If POSIX ID, or entry is already a FUID then
|
|
|
|
* just return the id
|
|
|
|
*
|
|
|
|
* We may also be handed an already FUID'ized id via
|
|
|
|
* chmod.
|
|
|
|
*/
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (!zfsvfs->z_use_fuids || !IS_EPHEMERAL(id) || fuid_idx != 0)
|
2008-11-20 23:01:55 +03:00
|
|
|
return (id);
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_replay) {
|
|
|
|
fuidp = zfsvfs->z_fuid_replay;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* If we are passed an ephemeral id, but no
|
|
|
|
* fuid_info was logged then return NOBODY.
|
|
|
|
* This is most likely a result of idmap service
|
|
|
|
* not being available.
|
|
|
|
*/
|
|
|
|
if (fuidp == NULL)
|
|
|
|
return (UID_NOBODY);
|
|
|
|
|
2013-02-11 10:21:05 +04:00
|
|
|
VERIFY3U(type, >=, ZFS_OWNER);
|
|
|
|
VERIFY3U(type, <=, ZFS_ACE_GROUP);
|
|
|
|
|
2008-11-20 23:01:55 +03:00
|
|
|
switch (type) {
|
|
|
|
case ZFS_ACE_USER:
|
|
|
|
case ZFS_ACE_GROUP:
|
|
|
|
zfuid = list_head(&fuidp->z_fuids);
|
|
|
|
rid = FUID_RID(zfuid->z_logfuid);
|
|
|
|
idx = FUID_INDEX(zfuid->z_logfuid);
|
|
|
|
break;
|
|
|
|
case ZFS_OWNER:
|
|
|
|
rid = FUID_RID(fuidp->z_fuid_owner);
|
|
|
|
idx = FUID_INDEX(fuidp->z_fuid_owner);
|
|
|
|
break;
|
|
|
|
case ZFS_GROUP:
|
|
|
|
rid = FUID_RID(fuidp->z_fuid_group);
|
|
|
|
idx = FUID_INDEX(fuidp->z_fuid_group);
|
|
|
|
break;
|
|
|
|
};
|
2013-02-11 10:21:05 +04:00
|
|
|
domain = fuidp->z_domain_table[idx - 1];
|
2008-11-20 23:01:55 +03:00
|
|
|
} else {
|
|
|
|
if (type == ZFS_OWNER || type == ZFS_ACE_USER)
|
|
|
|
status = kidmap_getsidbyuid(crgetzone(cr), id,
|
|
|
|
&domain, &rid);
|
|
|
|
else
|
|
|
|
status = kidmap_getsidbygid(crgetzone(cr), id,
|
|
|
|
&domain, &rid);
|
|
|
|
|
|
|
|
if (status != 0) {
|
|
|
|
/*
|
|
|
|
* When returning nobody we will need to
|
|
|
|
* make a dummy fuid table entry for logging
|
|
|
|
* purposes.
|
|
|
|
*/
|
|
|
|
rid = UID_NOBODY;
|
2008-12-03 23:09:06 +03:00
|
|
|
domain = nulldomain;
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
idx = zfs_fuid_find_by_domain(zfsvfs, domain, &kdomain, B_TRUE);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
if (!zfsvfs->z_replay)
|
2009-07-03 02:44:48 +04:00
|
|
|
zfs_fuid_node_add(fuidpp, kdomain,
|
|
|
|
rid, idx, id, type);
|
2008-11-20 23:01:55 +03:00
|
|
|
else if (zfuid != NULL) {
|
|
|
|
list_remove(&fuidp->z_fuids, zfuid);
|
|
|
|
kmem_free(zfuid, sizeof (zfs_fuid_t));
|
|
|
|
}
|
|
|
|
return (FUID_ENCODE(idx, rid));
|
2010-12-18 02:21:18 +03:00
|
|
|
#else
|
2011-02-18 01:17:44 +03:00
|
|
|
/*
|
|
|
|
* The Linux port only supports POSIX IDs, use the passed id.
|
|
|
|
*/
|
|
|
|
return (id);
|
2010-12-18 02:21:18 +03:00
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_destroy(zfsvfs_t *zfsvfs)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2017-03-08 03:21:37 +03:00
|
|
|
rw_enter(&zfsvfs->z_fuid_lock, RW_WRITER);
|
|
|
|
if (!zfsvfs->z_fuid_loaded) {
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
return;
|
|
|
|
}
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_table_destroy(&zfsvfs->z_fuid_idx, &zfsvfs->z_fuid_domain);
|
|
|
|
rw_exit(&zfsvfs->z_fuid_lock);
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Allocate zfs_fuid_info for tracking FUIDs created during
|
|
|
|
* zfs_mknode, VOP_SETATTR() or VOP_SETSECATTR()
|
|
|
|
*/
|
|
|
|
zfs_fuid_info_t *
|
|
|
|
zfs_fuid_info_alloc(void)
|
|
|
|
{
|
|
|
|
zfs_fuid_info_t *fuidp;
|
|
|
|
|
|
|
|
fuidp = kmem_zalloc(sizeof (zfs_fuid_info_t), KM_SLEEP);
|
|
|
|
list_create(&fuidp->z_domains, sizeof (zfs_fuid_domain_t),
|
|
|
|
offsetof(zfs_fuid_domain_t, z_next));
|
|
|
|
list_create(&fuidp->z_fuids, sizeof (zfs_fuid_t),
|
|
|
|
offsetof(zfs_fuid_t, z_next));
|
|
|
|
return (fuidp);
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Release all memory associated with zfs_fuid_info_t
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
zfs_fuid_info_free(zfs_fuid_info_t *fuidp)
|
|
|
|
{
|
|
|
|
zfs_fuid_t *zfuid;
|
|
|
|
zfs_fuid_domain_t *zdomain;
|
|
|
|
|
|
|
|
while ((zfuid = list_head(&fuidp->z_fuids)) != NULL) {
|
|
|
|
list_remove(&fuidp->z_fuids, zfuid);
|
|
|
|
kmem_free(zfuid, sizeof (zfs_fuid_t));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (fuidp->z_domain_table != NULL)
|
|
|
|
kmem_free(fuidp->z_domain_table,
|
2016-09-22 04:09:00 +03:00
|
|
|
(sizeof (char *)) * fuidp->z_domain_cnt);
|
2008-11-20 23:01:55 +03:00
|
|
|
|
|
|
|
while ((zdomain = list_head(&fuidp->z_domains)) != NULL) {
|
|
|
|
list_remove(&fuidp->z_domains, zdomain);
|
|
|
|
kmem_free(zdomain, sizeof (zfs_fuid_domain_t));
|
|
|
|
}
|
|
|
|
|
|
|
|
kmem_free(fuidp, sizeof (zfs_fuid_info_t));
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Check to see if id is a groupmember. If cred
|
|
|
|
* has ksid info then sidlist is checked first
|
|
|
|
* and if still not found then POSIX groups are checked
|
|
|
|
*
|
|
|
|
* Will use a straight FUID compare when possible.
|
|
|
|
*/
|
|
|
|
boolean_t
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_groupmember(zfsvfs_t *zfsvfs, uint64_t id, cred_t *cr)
|
2008-11-20 23:01:55 +03:00
|
|
|
{
|
2010-12-18 02:21:18 +03:00
|
|
|
#ifdef HAVE_KSID
|
2008-11-20 23:01:55 +03:00
|
|
|
ksid_t *ksid = crgetsid(cr, KSID_GROUP);
|
2009-07-03 02:44:48 +04:00
|
|
|
ksidlist_t *ksidlist = crgetsidlist(cr);
|
2008-11-20 23:01:55 +03:00
|
|
|
uid_t gid;
|
|
|
|
|
2009-07-03 02:44:48 +04:00
|
|
|
if (ksid && ksidlist) {
|
2011-02-08 22:16:06 +03:00
|
|
|
int i;
|
2008-11-20 23:01:55 +03:00
|
|
|
ksid_t *ksid_groups;
|
|
|
|
uint32_t idx = FUID_INDEX(id);
|
|
|
|
uint32_t rid = FUID_RID(id);
|
|
|
|
|
|
|
|
ksid_groups = ksidlist->ksl_sids;
|
|
|
|
|
|
|
|
for (i = 0; i != ksidlist->ksl_nsid; i++) {
|
|
|
|
if (idx == 0) {
|
|
|
|
if (id != IDMAP_WK_CREATOR_GROUP_GID &&
|
|
|
|
id == ksid_groups[i].ks_id) {
|
|
|
|
return (B_TRUE);
|
|
|
|
}
|
|
|
|
} else {
|
2009-07-03 02:44:48 +04:00
|
|
|
const char *domain;
|
2008-11-20 23:01:55 +03:00
|
|
|
|
2017-03-08 03:21:37 +03:00
|
|
|
domain = zfs_fuid_find_by_idx(zfsvfs, idx);
|
2008-11-20 23:01:55 +03:00
|
|
|
ASSERT(domain != NULL);
|
|
|
|
|
|
|
|
if (strcmp(domain,
|
|
|
|
IDMAP_WK_CREATOR_SID_AUTHORITY) == 0)
|
|
|
|
return (B_FALSE);
|
|
|
|
|
|
|
|
if ((strcmp(domain,
|
|
|
|
ksid_groups[i].ks_domain->kd_name) == 0) &&
|
|
|
|
rid == ksid_groups[i].ks_rid)
|
|
|
|
return (B_TRUE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Not found in ksidlist, check posix groups
|
|
|
|
*/
|
2017-03-08 03:21:37 +03:00
|
|
|
gid = zfs_fuid_map_id(zfsvfs, id, cr, ZFS_GROUP);
|
2008-11-20 23:01:55 +03:00
|
|
|
return (groupmember(gid, cr));
|
2010-12-18 02:21:18 +03:00
|
|
|
#else
|
|
|
|
return (B_TRUE);
|
|
|
|
#endif
|
2008-11-20 23:01:55 +03:00
|
|
|
}
|
2009-07-03 02:44:48 +04:00
|
|
|
|
|
|
|
void
|
2017-03-08 03:21:37 +03:00
|
|
|
zfs_fuid_txhold(zfsvfs_t *zfsvfs, dmu_tx_t *tx)
|
2009-07-03 02:44:48 +04:00
|
|
|
{
|
2017-03-08 03:21:37 +03:00
|
|
|
if (zfsvfs->z_fuid_obj == 0) {
|
2009-07-03 02:44:48 +04:00
|
|
|
dmu_tx_hold_bonus(tx, DMU_NEW_OBJECT);
|
|
|
|
dmu_tx_hold_write(tx, DMU_NEW_OBJECT, 0,
|
2017-03-08 03:21:37 +03:00
|
|
|
FUID_SIZE_ESTIMATE(zfsvfs));
|
2009-07-03 02:44:48 +04:00
|
|
|
dmu_tx_hold_zap(tx, MASTER_NODE_OBJ, FALSE, NULL);
|
|
|
|
} else {
|
2017-03-08 03:21:37 +03:00
|
|
|
dmu_tx_hold_bonus(tx, zfsvfs->z_fuid_obj);
|
|
|
|
dmu_tx_hold_write(tx, zfsvfs->z_fuid_obj, 0,
|
|
|
|
FUID_SIZE_ESTIMATE(zfsvfs));
|
2009-07-03 02:44:48 +04:00
|
|
|
}
|
|
|
|
}
|
2019-12-11 23:12:08 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* buf must be big enough (eg, 32 bytes)
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
zfs_id_to_fuidstr(zfsvfs_t *zfsvfs, const char *domain, uid_t rid,
|
2020-06-07 21:42:12 +03:00
|
|
|
char *buf, size_t len, boolean_t addok)
|
2019-12-11 23:12:08 +03:00
|
|
|
{
|
|
|
|
uint64_t fuid;
|
|
|
|
int domainid = 0;
|
|
|
|
|
|
|
|
if (domain && domain[0]) {
|
|
|
|
domainid = zfs_fuid_find_by_domain(zfsvfs, domain, NULL, addok);
|
|
|
|
if (domainid == -1)
|
|
|
|
return (SET_ERROR(ENOENT));
|
|
|
|
}
|
|
|
|
fuid = FUID_ENCODE(domainid, rid);
|
2020-06-07 21:42:12 +03:00
|
|
|
(void) snprintf(buf, len, "%llx", (longlong_t)fuid);
|
2019-12-11 23:12:08 +03:00
|
|
|
return (0);
|
|
|
|
}
|
2008-11-20 23:01:55 +03:00
|
|
|
#endif
|