fs/zfs/dmu_send.c

168404Spjd/*
168404Spjd * CDDL HEADER START
168404Spjd *
168404Spjd * The contents of this file are subject to the terms of the
168404Spjd * Common Development and Distribution License (the "License").
168404Spjd * You may not use this file except in compliance with the License.
168404Spjd *
168404Spjd * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
168404Spjd * or http://www.opensolaris.org/os/licensing.
168404Spjd * See the License for the specific language governing permissions
168404Spjd * and limitations under the License.
168404Spjd *
168404Spjd * When distributing Covered Code, include this CDDL HEADER in each
168404Spjd * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
168404Spjd * If applicable, add the following below this CDDL HEADER, with the
168404Spjd * fields enclosed by brackets "[]" replaced with your own identifying
168404Spjd * information: Portions Copyright [yyyy] [name of copyright owner]
168404Spjd *
168404Spjd * CDDL HEADER END
168404Spjd */
168404Spjd/*
219089Spjd * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
221263Smm * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
286708Smav * Copyright (c) 2011, 2015 by Delphix. All rights reserved.
264835Sdelphij * Copyright (c) 2014, Joyent, Inc. All rights reserved.
235222Smm * Copyright (c) 2012, Martin Matuska <mm@FreeBSD.org>. All rights reserved.
272810Sdelphij * Copyright 2014 HybridCluster. All rights reserved.
296516Smav * Copyright 2016 RackTop Systems.
296519Smav * Copyright (c) 2014 Integros [integros.com]
221263Smm */
168404Spjd
168404Spjd#include <sys/dmu.h>
168404Spjd#include <sys/dmu_impl.h>
168404Spjd#include <sys/dmu_tx.h>
168404Spjd#include <sys/dbuf.h>
168404Spjd#include <sys/dnode.h>
168404Spjd#include <sys/zfs_context.h>
168404Spjd#include <sys/dmu_objset.h>
168404Spjd#include <sys/dmu_traverse.h>
168404Spjd#include <sys/dsl_dataset.h>
168404Spjd#include <sys/dsl_dir.h>
219089Spjd#include <sys/dsl_prop.h>
168404Spjd#include <sys/dsl_pool.h>
168404Spjd#include <sys/dsl_synctask.h>
168404Spjd#include <sys/zfs_ioctl.h>
168404Spjd#include <sys/zap.h>
168404Spjd#include <sys/zio_checksum.h>
219089Spjd#include <sys/zfs_znode.h>
219089Spjd#include <zfs_fletcher.h>
219089Spjd#include <sys/avl.h>
219089Spjd#include <sys/ddt.h>
219089Spjd#include <sys/zfs_onexit.h>
248571Smm#include <sys/dmu_send.h>
248571Smm#include <sys/dsl_destroy.h>
268075Sdelphij#include <sys/blkptr.h>
260183Sdelphij#include <sys/dsl_bookmark.h>
268075Sdelphij#include <sys/zfeature.h>
286705Smav#include <sys/bqueue.h>
168404Spjd
268075Sdelphij#ifdef __FreeBSD__
268075Sdelphij#undef dump_write
268075Sdelphij#define dump_write dmu_dump_write
268075Sdelphij#endif
268075Sdelphij
228103Smm/* Set this tunable to TRUE to replace corrupt data with 0x2f5baddb10c */
228103Smmint zfs_send_corrupt_data = B_FALSE;
286705Smavint zfs_send_queue_length = 16 * 1024 * 1024;
286705Smavint zfs_recv_queue_length = 16 * 1024 * 1024;
296516Smav/* Set this tunable to FALSE to disable setting of DRR_FLAG_FREERECORDS */
296516Smavint zfs_send_set_freerecords_bit = B_TRUE;
228103Smm
296516Smav#ifdef _KERNEL
296516SmavTUNABLE_INT("vfs.zfs.send_set_freerecords_bit", &zfs_send_set_freerecords_bit);
296516Smav#endif
296516Smav
185029Spjdstatic char *dmu_recv_tag = "dmu_recv_tag";
289362Smavconst char *recv_clone_name = "%recv";
185029Spjd
286705Smav#define	BP_SPAN(datablkszsec, indblkshift, level) \
286705Smav	(((uint64_t)datablkszsec) << (SPA_MINBLOCKSHIFT + \
286705Smav	(level) * (indblkshift - SPA_BLKPTRSHIFT)))
286705Smav
289362Smavstatic void byteswap_record(dmu_replay_record_t *drr);
289362Smav
286705Smavstruct send_thread_arg {
286705Smav	bqueue_t	q;
286705Smav	dsl_dataset_t	*ds;		/* Dataset to traverse */
286705Smav	uint64_t	fromtxg;	/* Traverse from this txg */
286705Smav	int		flags;		/* flags to pass to traverse_dataset */
286705Smav	int		error_code;
286705Smav	boolean_t	cancel;
289362Smav	zbookmark_phys_t resume;
286705Smav};
286705Smav
286705Smavstruct send_block_record {
286705Smav	boolean_t		eos_marker; /* Marks the end of the stream */
286705Smav	blkptr_t		bp;
286705Smav	zbookmark_phys_t	zb;
286705Smav	uint8_t			indblkshift;
286705Smav	uint16_t		datablkszsec;
286705Smav	bqueue_node_t		ln;
286705Smav};
286705Smav
168404Spjdstatic int
235222Smmdump_bytes(dmu_sendarg_t *dsp, void *buf, int len)
168404Spjd{
289362Smav	dsl_dataset_t *ds = dmu_objset_ds(dsp->dsa_os);
168404Spjd	struct uio auio;
168404Spjd	struct iovec aiov;
297509Smav
297509Smav	/*
297509Smav	 * The code does not rely on this (len being a multiple of 8).  We keep
297509Smav	 * this assertion because of the corresponding assertion in
297509Smav	 * receive_read().  Keeping this assertion ensures that we do not
297509Smav	 * inadvertently break backwards compatibility (causing the assertion
297509Smav	 * in receive_read() to trigger on old software).
297509Smav	 *
297509Smav	 * Removing the assertions could be rolled into a new feature that uses
297509Smav	 * data that isn't 8-byte aligned; if the assertions were removed, a
297509Smav	 * feature flag would have to be added.
297509Smav	 */
297509Smav
240415Smm	ASSERT0(len % 8);
168404Spjd
168404Spjd	aiov.iov_base = buf;
168404Spjd	aiov.iov_len = len;
168404Spjd	auio.uio_iov = &aiov;
168404Spjd	auio.uio_iovcnt = 1;
168404Spjd	auio.uio_resid = len;
169170Spjd	auio.uio_segflg = UIO_SYSSPACE;
168404Spjd	auio.uio_rw = UIO_WRITE;
168404Spjd	auio.uio_offset = (off_t)-1;
235222Smm	auio.uio_td = dsp->dsa_td;
168404Spjd#ifdef _KERNEL
235222Smm	if (dsp->dsa_fp->f_type == DTYPE_VNODE)
168404Spjd		bwillwrite();
235222Smm	dsp->dsa_err = fo_write(dsp->dsa_fp, &auio, dsp->dsa_td->td_ucred, 0,
235222Smm	    dsp->dsa_td);
168404Spjd#else
168404Spjd	fprintf(stderr, "%s: returning EOPNOTSUPP\n", __func__);
235222Smm	dsp->dsa_err = EOPNOTSUPP;
168404Spjd#endif
235222Smm	mutex_enter(&ds->ds_sendstream_lock);
235222Smm	*dsp->dsa_off += len;
235222Smm	mutex_exit(&ds->ds_sendstream_lock);
235222Smm
235222Smm	return (dsp->dsa_err);
168404Spjd}
168404Spjd
286587Smav/*
286587Smav * For all record types except BEGIN, fill in the checksum (overlaid in
286587Smav * drr_u.drr_checksum.drr_checksum).  The checksum verifies everything
286587Smav * up to the start of the checksum itself.
286587Smav */
168404Spjdstatic int
286587Smavdump_record(dmu_sendarg_t *dsp, void *payload, int payload_len)
286587Smav{
286587Smav	ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
286587Smav	    ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t));
286587Smav	fletcher_4_incremental_native(dsp->dsa_drr,
286587Smav	    offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
286587Smav	    &dsp->dsa_zc);
307284Smav	if (dsp->dsa_drr->drr_type == DRR_BEGIN) {
307284Smav		dsp->dsa_sent_begin = B_TRUE;
307284Smav	} else {
286587Smav		ASSERT(ZIO_CHECKSUM_IS_ZERO(&dsp->dsa_drr->drr_u.
286587Smav		    drr_checksum.drr_checksum));
286587Smav		dsp->dsa_drr->drr_u.drr_checksum.drr_checksum = dsp->dsa_zc;
286587Smav	}
307284Smav	if (dsp->dsa_drr->drr_type == DRR_END) {
307284Smav		dsp->dsa_sent_end = B_TRUE;
307284Smav	}
286587Smav	fletcher_4_incremental_native(&dsp->dsa_drr->
286587Smav	    drr_u.drr_checksum.drr_checksum,
286587Smav	    sizeof (zio_cksum_t), &dsp->dsa_zc);
286587Smav	if (dump_bytes(dsp, dsp->dsa_drr, sizeof (dmu_replay_record_t)) != 0)
286587Smav		return (SET_ERROR(EINTR));
286587Smav	if (payload_len != 0) {
286587Smav		fletcher_4_incremental_native(payload, payload_len,
286587Smav		    &dsp->dsa_zc);
286587Smav		if (dump_bytes(dsp, payload, payload_len) != 0)
286587Smav			return (SET_ERROR(EINTR));
286587Smav	}
286587Smav	return (0);
286587Smav}
286587Smav
294815Smav/*
294815Smav * Fill in the drr_free struct, or perform aggregation if the previous record is
294815Smav * also a free record, and the two are adjacent.
294815Smav *
294815Smav * Note that we send free records even for a full send, because we want to be
294815Smav * able to receive a full send as a clone, which requires a list of all the free
294815Smav * and freeobject records that were generated on the source.
294815Smav */
286587Smavstatic int
235222Smmdump_free(dmu_sendarg_t *dsp, uint64_t object, uint64_t offset,
168404Spjd    uint64_t length)
168404Spjd{
235222Smm	struct drr_free *drrf = &(dsp->dsa_drr->drr_u.drr_free);
219089Spjd
253821Sdelphij	/*
253821Sdelphij	 * When we receive a free record, dbuf_free_range() assumes
253821Sdelphij	 * that the receiving system doesn't have any dbufs in the range
253821Sdelphij	 * being freed.  This is always true because there is a one-record
253821Sdelphij	 * constraint: we only send one WRITE record for any given
289362Smav	 * object,offset.  We know that the one-record constraint is
253821Sdelphij	 * true because we always send data in increasing order by
253821Sdelphij	 * object,offset.
253821Sdelphij	 *
253821Sdelphij	 * If the increasing-order constraint ever changes, we should find
253821Sdelphij	 * another way to assert that the one-record constraint is still
253821Sdelphij	 * satisfied.
253821Sdelphij	 */
253821Sdelphij	ASSERT(object > dsp->dsa_last_data_object ||
253821Sdelphij	    (object == dsp->dsa_last_data_object &&
253821Sdelphij	    offset > dsp->dsa_last_data_offset));
253821Sdelphij
237458Smm	if (length != -1ULL && offset + length < offset)
237458Smm		length = -1ULL;
237458Smm
219089Spjd	/*
219089Spjd	 * If there is a pending op, but it's not PENDING_FREE, push it out,
219089Spjd	 * since free block aggregation can only be done for blocks of the
219089Spjd	 * same type (i.e., DRR_FREE records can only be aggregated with
219089Spjd	 * other DRR_FREE records.  DRR_FREEOBJECTS records can only be
219089Spjd	 * aggregated with other DRR_FREEOBJECTS records.
219089Spjd	 */
235222Smm	if (dsp->dsa_pending_op != PENDING_NONE &&
235222Smm	    dsp->dsa_pending_op != PENDING_FREE) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			return (SET_ERROR(EINTR));
235222Smm		dsp->dsa_pending_op = PENDING_NONE;
219089Spjd	}
219089Spjd
235222Smm	if (dsp->dsa_pending_op == PENDING_FREE) {
219089Spjd		/*
219089Spjd		 * There should never be a PENDING_FREE if length is -1
219089Spjd		 * (because dump_dnode is the only place where this
219089Spjd		 * function is called with a -1, and only after flushing
219089Spjd		 * any pending record).
219089Spjd		 */
219089Spjd		ASSERT(length != -1ULL);
219089Spjd		/*
219089Spjd		 * Check to see whether this free block can be aggregated
219089Spjd		 * with pending one.
219089Spjd		 */
219089Spjd		if (drrf->drr_object == object && drrf->drr_offset +
219089Spjd		    drrf->drr_length == offset) {
219089Spjd			drrf->drr_length += length;
219089Spjd			return (0);
219089Spjd		} else {
219089Spjd			/* not a continuation.  Push out pending record */
286587Smav			if (dump_record(dsp, NULL, 0) != 0)
249195Smm				return (SET_ERROR(EINTR));
235222Smm			dsp->dsa_pending_op = PENDING_NONE;
219089Spjd		}
219089Spjd	}
219089Spjd	/* create a FREE record and make it pending */
235222Smm	bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
235222Smm	dsp->dsa_drr->drr_type = DRR_FREE;
219089Spjd	drrf->drr_object = object;
219089Spjd	drrf->drr_offset = offset;
219089Spjd	drrf->drr_length = length;
235222Smm	drrf->drr_toguid = dsp->dsa_toguid;
219089Spjd	if (length == -1ULL) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			return (SET_ERROR(EINTR));
219089Spjd	} else {
235222Smm		dsp->dsa_pending_op = PENDING_FREE;
219089Spjd	}
168404Spjd
168404Spjd	return (0);
168404Spjd}
168404Spjd
168404Spjdstatic int
268075Sdelphijdump_write(dmu_sendarg_t *dsp, dmu_object_type_t type,
219089Spjd    uint64_t object, uint64_t offset, int blksz, const blkptr_t *bp, void *data)
168404Spjd{
235222Smm	struct drr_write *drrw = &(dsp->dsa_drr->drr_u.drr_write);
219089Spjd
253821Sdelphij	/*
253821Sdelphij	 * We send data in increasing object, offset order.
253821Sdelphij	 * See comment in dump_free() for details.
253821Sdelphij	 */
253821Sdelphij	ASSERT(object > dsp->dsa_last_data_object ||
253821Sdelphij	    (object == dsp->dsa_last_data_object &&
253821Sdelphij	    offset > dsp->dsa_last_data_offset));
253821Sdelphij	dsp->dsa_last_data_object = object;
253821Sdelphij	dsp->dsa_last_data_offset = offset + blksz - 1;
219089Spjd
219089Spjd	/*
219089Spjd	 * If there is any kind of pending aggregation (currently either
219089Spjd	 * a grouping of free objects or free blocks), push it out to
219089Spjd	 * the stream, since aggregation can't be done across operations
219089Spjd	 * of different types.
219089Spjd	 */
235222Smm	if (dsp->dsa_pending_op != PENDING_NONE) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			return (SET_ERROR(EINTR));
235222Smm		dsp->dsa_pending_op = PENDING_NONE;
219089Spjd	}
286587Smav	/* write a WRITE record */
235222Smm	bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
235222Smm	dsp->dsa_drr->drr_type = DRR_WRITE;
219089Spjd	drrw->drr_object = object;
219089Spjd	drrw->drr_type = type;
219089Spjd	drrw->drr_offset = offset;
219089Spjd	drrw->drr_length = blksz;
235222Smm	drrw->drr_toguid = dsp->dsa_toguid;
274337Sdelphij	if (bp == NULL || BP_IS_EMBEDDED(bp)) {
268075Sdelphij		/*
274337Sdelphij		 * There's no pre-computed checksum for partial-block
274337Sdelphij		 * writes or embedded BP's, so (like
274337Sdelphij		 * fletcher4-checkummed blocks) userland will have to
274337Sdelphij		 * compute a dedup-capable checksum itself.
268075Sdelphij		 */
268075Sdelphij		drrw->drr_checksumtype = ZIO_CHECKSUM_OFF;
268075Sdelphij	} else {
268075Sdelphij		drrw->drr_checksumtype = BP_GET_CHECKSUM(bp);
289422Smav		if (zio_checksum_table[drrw->drr_checksumtype].ci_flags &
289422Smav		    ZCHECKSUM_FLAG_DEDUP)
268075Sdelphij			drrw->drr_checksumflags |= DRR_CHECKSUM_DEDUP;
268075Sdelphij		DDK_SET_LSIZE(&drrw->drr_key, BP_GET_LSIZE(bp));
268075Sdelphij		DDK_SET_PSIZE(&drrw->drr_key, BP_GET_PSIZE(bp));
268075Sdelphij		DDK_SET_COMPRESS(&drrw->drr_key, BP_GET_COMPRESS(bp));
268075Sdelphij		drrw->drr_key.ddk_cksum = bp->blk_cksum;
268075Sdelphij	}
168404Spjd
286587Smav	if (dump_record(dsp, data, blksz) != 0)
249195Smm		return (SET_ERROR(EINTR));
219089Spjd	return (0);
219089Spjd}
219089Spjd
219089Spjdstatic int
268075Sdelphijdump_write_embedded(dmu_sendarg_t *dsp, uint64_t object, uint64_t offset,
268075Sdelphij    int blksz, const blkptr_t *bp)
268075Sdelphij{
268075Sdelphij	char buf[BPE_PAYLOAD_SIZE];
268075Sdelphij	struct drr_write_embedded *drrw =
268075Sdelphij	    &(dsp->dsa_drr->drr_u.drr_write_embedded);
268075Sdelphij
268075Sdelphij	if (dsp->dsa_pending_op != PENDING_NONE) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
268075Sdelphij			return (EINTR);
268075Sdelphij		dsp->dsa_pending_op = PENDING_NONE;
268075Sdelphij	}
268075Sdelphij
268075Sdelphij	ASSERT(BP_IS_EMBEDDED(bp));
268075Sdelphij
268075Sdelphij	bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
268075Sdelphij	dsp->dsa_drr->drr_type = DRR_WRITE_EMBEDDED;
268075Sdelphij	drrw->drr_object = object;
268075Sdelphij	drrw->drr_offset = offset;
268075Sdelphij	drrw->drr_length = blksz;
268075Sdelphij	drrw->drr_toguid = dsp->dsa_toguid;
268075Sdelphij	drrw->drr_compression = BP_GET_COMPRESS(bp);
268075Sdelphij	drrw->drr_etype = BPE_GET_ETYPE(bp);
268075Sdelphij	drrw->drr_lsize = BPE_GET_LSIZE(bp);
268075Sdelphij	drrw->drr_psize = BPE_GET_PSIZE(bp);
268075Sdelphij
268075Sdelphij	decode_embedded_bp_compressed(bp, buf);
268075Sdelphij
286587Smav	if (dump_record(dsp, buf, P2ROUNDUP(drrw->drr_psize, 8)) != 0)
268075Sdelphij		return (EINTR);
268075Sdelphij	return (0);
268075Sdelphij}
268075Sdelphij
268075Sdelphijstatic int
235222Smmdump_spill(dmu_sendarg_t *dsp, uint64_t object, int blksz, void *data)
219089Spjd{
235222Smm	struct drr_spill *drrs = &(dsp->dsa_drr->drr_u.drr_spill);
219089Spjd
235222Smm	if (dsp->dsa_pending_op != PENDING_NONE) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			return (SET_ERROR(EINTR));
235222Smm		dsp->dsa_pending_op = PENDING_NONE;
219089Spjd	}
219089Spjd
219089Spjd	/* write a SPILL record */
235222Smm	bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
235222Smm	dsp->dsa_drr->drr_type = DRR_SPILL;
219089Spjd	drrs->drr_object = object;
219089Spjd	drrs->drr_length = blksz;
235222Smm	drrs->drr_toguid = dsp->dsa_toguid;
219089Spjd
286587Smav	if (dump_record(dsp, data, blksz) != 0)
249195Smm		return (SET_ERROR(EINTR));
168404Spjd	return (0);
168404Spjd}
168404Spjd
168404Spjdstatic int
235222Smmdump_freeobjects(dmu_sendarg_t *dsp, uint64_t firstobj, uint64_t numobjs)
168404Spjd{
235222Smm	struct drr_freeobjects *drrfo = &(dsp->dsa_drr->drr_u.drr_freeobjects);
219089Spjd
219089Spjd	/*
219089Spjd	 * If there is a pending op, but it's not PENDING_FREEOBJECTS,
219089Spjd	 * push it out, since free block aggregation can only be done for
219089Spjd	 * blocks of the same type (i.e., DRR_FREE records can only be
219089Spjd	 * aggregated with other DRR_FREE records.  DRR_FREEOBJECTS records
219089Spjd	 * can only be aggregated with other DRR_FREEOBJECTS records.
219089Spjd	 */
235222Smm	if (dsp->dsa_pending_op != PENDING_NONE &&
235222Smm	    dsp->dsa_pending_op != PENDING_FREEOBJECTS) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			return (SET_ERROR(EINTR));
235222Smm		dsp->dsa_pending_op = PENDING_NONE;
219089Spjd	}
235222Smm	if (dsp->dsa_pending_op == PENDING_FREEOBJECTS) {
219089Spjd		/*
219089Spjd		 * See whether this free object array can be aggregated
219089Spjd		 * with pending one
219089Spjd		 */
219089Spjd		if (drrfo->drr_firstobj + drrfo->drr_numobjs == firstobj) {
219089Spjd			drrfo->drr_numobjs += numobjs;
219089Spjd			return (0);
219089Spjd		} else {
219089Spjd			/* can't be aggregated.  Push out pending record */
286587Smav			if (dump_record(dsp, NULL, 0) != 0)
249195Smm				return (SET_ERROR(EINTR));
235222Smm			dsp->dsa_pending_op = PENDING_NONE;
219089Spjd		}
219089Spjd	}
219089Spjd
168404Spjd	/* write a FREEOBJECTS record */
235222Smm	bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
235222Smm	dsp->dsa_drr->drr_type = DRR_FREEOBJECTS;
219089Spjd	drrfo->drr_firstobj = firstobj;
219089Spjd	drrfo->drr_numobjs = numobjs;
235222Smm	drrfo->drr_toguid = dsp->dsa_toguid;
168404Spjd
235222Smm	dsp->dsa_pending_op = PENDING_FREEOBJECTS;
219089Spjd
168404Spjd	return (0);
168404Spjd}
168404Spjd
168404Spjdstatic int
235222Smmdump_dnode(dmu_sendarg_t *dsp, uint64_t object, dnode_phys_t *dnp)
168404Spjd{
235222Smm	struct drr_object *drro = &(dsp->dsa_drr->drr_u.drr_object);
219089Spjd
289362Smav	if (object < dsp->dsa_resume_object) {
289362Smav		/*
289362Smav		 * Note: when resuming, we will visit all the dnodes in
289362Smav		 * the block of dnodes that we are resuming from.  In
289362Smav		 * this case it's unnecessary to send the dnodes prior to
289362Smav		 * the one we are resuming from.  We should be at most one
289362Smav		 * block's worth of dnodes behind the resume point.
289362Smav		 */
289362Smav		ASSERT3U(dsp->dsa_resume_object - object, <,
289362Smav		    1 << (DNODE_BLOCK_SHIFT - DNODE_SHIFT));
289362Smav		return (0);
289362Smav	}
289362Smav
168404Spjd	if (dnp == NULL || dnp->dn_type == DMU_OT_NONE)
235222Smm		return (dump_freeobjects(dsp, object, 1));
168404Spjd
235222Smm	if (dsp->dsa_pending_op != PENDING_NONE) {
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			return (SET_ERROR(EINTR));
235222Smm		dsp->dsa_pending_op = PENDING_NONE;
219089Spjd	}
219089Spjd
168404Spjd	/* write an OBJECT record */
235222Smm	bzero(dsp->dsa_drr, sizeof (dmu_replay_record_t));
235222Smm	dsp->dsa_drr->drr_type = DRR_OBJECT;
219089Spjd	drro->drr_object = object;
219089Spjd	drro->drr_type = dnp->dn_type;
219089Spjd	drro->drr_bonustype = dnp->dn_bonustype;
219089Spjd	drro->drr_blksz = dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT;
219089Spjd	drro->drr_bonuslen = dnp->dn_bonuslen;
219089Spjd	drro->drr_checksumtype = dnp->dn_checksum;
219089Spjd	drro->drr_compress = dnp->dn_compress;
235222Smm	drro->drr_toguid = dsp->dsa_toguid;
168404Spjd
274337Sdelphij	if (!(dsp->dsa_featureflags & DMU_BACKUP_FEATURE_LARGE_BLOCKS) &&
274337Sdelphij	    drro->drr_blksz > SPA_OLD_MAXBLOCKSIZE)
274337Sdelphij		drro->drr_blksz = SPA_OLD_MAXBLOCKSIZE;
274337Sdelphij
286587Smav	if (dump_record(dsp, DN_BONUS(dnp),
286587Smav	    P2ROUNDUP(dnp->dn_bonuslen, 8)) != 0) {
249195Smm		return (SET_ERROR(EINTR));
286587Smav	}
168404Spjd
253821Sdelphij	/* Free anything past the end of the file. */
235222Smm	if (dump_free(dsp, object, (dnp->dn_maxblkid + 1) *
253821Sdelphij	    (dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT), -1ULL) != 0)
249195Smm		return (SET_ERROR(EINTR));
248571Smm	if (dsp->dsa_err != 0)
249195Smm		return (SET_ERROR(EINTR));
168404Spjd	return (0);
168404Spjd}
168404Spjd
268075Sdelphijstatic boolean_t
268075Sdelphijbackup_do_embed(dmu_sendarg_t *dsp, const blkptr_t *bp)
268075Sdelphij{
268075Sdelphij	if (!BP_IS_EMBEDDED(bp))
268075Sdelphij		return (B_FALSE);
268075Sdelphij
268075Sdelphij	/*
268075Sdelphij	 * Compression function must be legacy, or explicitly enabled.
268075Sdelphij	 */
268075Sdelphij	if ((BP_GET_COMPRESS(bp) >= ZIO_COMPRESS_LEGACY_FUNCTIONS &&
268075Sdelphij	    !(dsp->dsa_featureflags & DMU_BACKUP_FEATURE_EMBED_DATA_LZ4)))
268075Sdelphij		return (B_FALSE);
268075Sdelphij
268075Sdelphij	/*
268075Sdelphij	 * Embed type must be explicitly enabled.
268075Sdelphij	 */
268075Sdelphij	switch (BPE_GET_ETYPE(bp)) {
268075Sdelphij	case BP_EMBEDDED_TYPE_DATA:
268075Sdelphij		if (dsp->dsa_featureflags & DMU_BACKUP_FEATURE_EMBED_DATA)
268075Sdelphij			return (B_TRUE);
268075Sdelphij		break;
268075Sdelphij	default:
268075Sdelphij		return (B_FALSE);
268075Sdelphij	}
268075Sdelphij	return (B_FALSE);
268075Sdelphij}
268075Sdelphij
286705Smav/*
286705Smav * This is the callback function to traverse_dataset that acts as the worker
286705Smav * thread for dmu_send_impl.
286705Smav */
286705Smav/*ARGSUSED*/
286705Smavstatic int
286705Smavsend_cb(spa_t *spa, zilog_t *zilog, const blkptr_t *bp,
286705Smav    const zbookmark_phys_t *zb, const struct dnode_phys *dnp, void *arg)
286705Smav{
286705Smav	struct send_thread_arg *sta = arg;
286705Smav	struct send_block_record *record;
286705Smav	uint64_t record_size;
286705Smav	int err = 0;
168404Spjd
289362Smav	ASSERT(zb->zb_object == DMU_META_DNODE_OBJECT ||
289362Smav	    zb->zb_object >= sta->resume.zb_object);
289362Smav
286705Smav	if (sta->cancel)
286705Smav		return (SET_ERROR(EINTR));
286705Smav
286705Smav	if (bp == NULL) {
286705Smav		ASSERT3U(zb->zb_level, ==, ZB_DNODE_LEVEL);
286705Smav		return (0);
286705Smav	} else if (zb->zb_level < 0) {
286705Smav		return (0);
286705Smav	}
286705Smav
286705Smav	record = kmem_zalloc(sizeof (struct send_block_record), KM_SLEEP);
286705Smav	record->eos_marker = B_FALSE;
286705Smav	record->bp = *bp;
286705Smav	record->zb = *zb;
286705Smav	record->indblkshift = dnp->dn_indblkshift;
286705Smav	record->datablkszsec = dnp->dn_datablkszsec;
286705Smav	record_size = dnp->dn_datablkszsec << SPA_MINBLOCKSHIFT;
286705Smav	bqueue_enqueue(&sta->q, record, record_size);
286705Smav
286705Smav	return (err);
286705Smav}
286705Smav
286705Smav/*
286705Smav * This function kicks off the traverse_dataset.  It also handles setting the
286705Smav * error code of the thread in case something goes wrong, and pushes the End of
286705Smav * Stream record when the traverse_dataset call has finished.  If there is no
286705Smav * dataset to traverse, the thread immediately pushes End of Stream marker.
286705Smav */
286705Smavstatic void
286705Smavsend_traverse_thread(void *arg)
286705Smav{
286705Smav	struct send_thread_arg *st_arg = arg;
286705Smav	int err;
286705Smav	struct send_block_record *data;
286705Smav
286705Smav	if (st_arg->ds != NULL) {
289362Smav		err = traverse_dataset_resume(st_arg->ds,
289362Smav		    st_arg->fromtxg, &st_arg->resume,
289362Smav		    st_arg->flags, send_cb, st_arg);
289362Smav
286705Smav		if (err != EINTR)
286705Smav			st_arg->error_code = err;
286705Smav	}
286705Smav	data = kmem_zalloc(sizeof (*data), KM_SLEEP);
286705Smav	data->eos_marker = B_TRUE;
286705Smav	bqueue_enqueue(&st_arg->q, data, 1);
286705Smav	thread_exit();
286705Smav}
286705Smav
286705Smav/*
286705Smav * This function actually handles figuring out what kind of record needs to be
286705Smav * dumped, reading the data (which has hopefully been prefetched), and calling
286705Smav * the appropriate helper function.
286705Smav */
168404Spjdstatic int
286705Smavdo_dump(dmu_sendarg_t *dsa, struct send_block_record *data)
168404Spjd{
286705Smav	dsl_dataset_t *ds = dmu_objset_ds(dsa->dsa_os);
286705Smav	const blkptr_t *bp = &data->bp;
286705Smav	const zbookmark_phys_t *zb = &data->zb;
286705Smav	uint8_t indblkshift = data->indblkshift;
286705Smav	uint16_t dblkszsec = data->datablkszsec;
286705Smav	spa_t *spa = ds->ds_dir->dd_pool->dp_spa;
168404Spjd	dmu_object_type_t type = bp ? BP_GET_TYPE(bp) : DMU_OT_NONE;
168404Spjd	int err = 0;
168404Spjd
286705Smav	ASSERT3U(zb->zb_level, >=, 0);
168404Spjd
289362Smav	ASSERT(zb->zb_object == DMU_META_DNODE_OBJECT ||
289362Smav	    zb->zb_object >= dsa->dsa_resume_object);
289362Smav
219089Spjd	if (zb->zb_object != DMU_META_DNODE_OBJECT &&
219089Spjd	    DMU_OBJECT_IS_SPECIAL(zb->zb_object)) {
209962Smm		return (0);
260150Sdelphij	} else if (BP_IS_HOLE(bp) &&
260150Sdelphij	    zb->zb_object == DMU_META_DNODE_OBJECT) {
286705Smav		uint64_t span = BP_SPAN(dblkszsec, indblkshift, zb->zb_level);
208047Smm		uint64_t dnobj = (zb->zb_blkid * span) >> DNODE_SHIFT;
286705Smav		err = dump_freeobjects(dsa, dnobj, span >> DNODE_SHIFT);
260150Sdelphij	} else if (BP_IS_HOLE(bp)) {
286705Smav		uint64_t span = BP_SPAN(dblkszsec, indblkshift, zb->zb_level);
286705Smav		uint64_t offset = zb->zb_blkid * span;
286705Smav		err = dump_free(dsa, zb->zb_object, offset, span);
208047Smm	} else if (zb->zb_level > 0 || type == DMU_OT_OBJSET) {
208047Smm		return (0);
208047Smm	} else if (type == DMU_OT_DNODE) {
168404Spjd		int blksz = BP_GET_LSIZE(bp);
275811Sdelphij		arc_flags_t aflags = ARC_FLAG_WAIT;
208047Smm		arc_buf_t *abuf;
168404Spjd
286705Smav		ASSERT0(zb->zb_level);
286705Smav
246666Smm		if (arc_read(NULL, spa, bp, arc_getbuf_func, &abuf,
246666Smm		    ZIO_PRIORITY_ASYNC_READ, ZIO_FLAG_CANFAIL,
246666Smm		    &aflags, zb) != 0)
249195Smm			return (SET_ERROR(EIO));
208047Smm
286705Smav		dnode_phys_t *blk = abuf->b_data;
286705Smav		uint64_t dnobj = zb->zb_blkid * (blksz >> DNODE_SHIFT);
286705Smav		for (int i = 0; i < blksz >> DNODE_SHIFT; i++) {
286705Smav			err = dump_dnode(dsa, dnobj + i, blk + i);
248571Smm			if (err != 0)
168404Spjd				break;
168404Spjd		}
307265Smav		arc_buf_destroy(abuf, &abuf);
219089Spjd	} else if (type == DMU_OT_SA) {
275811Sdelphij		arc_flags_t aflags = ARC_FLAG_WAIT;
208047Smm		arc_buf_t *abuf;
168404Spjd		int blksz = BP_GET_LSIZE(bp);
168404Spjd
246666Smm		if (arc_read(NULL, spa, bp, arc_getbuf_func, &abuf,
246666Smm		    ZIO_PRIORITY_ASYNC_READ, ZIO_FLAG_CANFAIL,
246666Smm		    &aflags, zb) != 0)
249195Smm			return (SET_ERROR(EIO));
168404Spjd
286705Smav		err = dump_spill(dsa, zb->zb_object, blksz, abuf->b_data);
307265Smav		arc_buf_destroy(abuf, &abuf);
286705Smav	} else if (backup_do_embed(dsa, bp)) {
268075Sdelphij		/* it's an embedded level-0 block of a regular object */
286705Smav		int blksz = dblkszsec << SPA_MINBLOCKSHIFT;
286705Smav		ASSERT0(zb->zb_level);
286705Smav		err = dump_write_embedded(dsa, zb->zb_object,
268075Sdelphij		    zb->zb_blkid * blksz, blksz, bp);
286705Smav	} else {
286705Smav		/* it's a level-0 block of a regular object */
275811Sdelphij		arc_flags_t aflags = ARC_FLAG_WAIT;
219089Spjd		arc_buf_t *abuf;
286705Smav		int blksz = dblkszsec << SPA_MINBLOCKSHIFT;
274337Sdelphij		uint64_t offset;
219089Spjd
260183Sdelphij		ASSERT0(zb->zb_level);
289362Smav		ASSERT(zb->zb_object > dsa->dsa_resume_object ||
289362Smav		    (zb->zb_object == dsa->dsa_resume_object &&
289362Smav		    zb->zb_blkid * blksz >= dsa->dsa_resume_offset));
289362Smav
246666Smm		if (arc_read(NULL, spa, bp, arc_getbuf_func, &abuf,
246666Smm		    ZIO_PRIORITY_ASYNC_READ, ZIO_FLAG_CANFAIL,
246666Smm		    &aflags, zb) != 0) {
228103Smm			if (zfs_send_corrupt_data) {
228103Smm				/* Send a block filled with 0x"zfs badd bloc" */
307265Smav				abuf = arc_alloc_buf(spa, blksz, &abuf,
228103Smm				    ARC_BUFC_DATA);
228103Smm				uint64_t *ptr;
228103Smm				for (ptr = abuf->b_data;
228103Smm				    (char *)ptr < (char *)abuf->b_data + blksz;
228103Smm				    ptr++)
286554Smav					*ptr = 0x2f5baddb10cULL;
228103Smm			} else {
249195Smm				return (SET_ERROR(EIO));
228103Smm			}
228103Smm		}
219089Spjd
274337Sdelphij		offset = zb->zb_blkid * blksz;
274337Sdelphij
286705Smav		if (!(dsa->dsa_featureflags &
274337Sdelphij		    DMU_BACKUP_FEATURE_LARGE_BLOCKS) &&
274337Sdelphij		    blksz > SPA_OLD_MAXBLOCKSIZE) {
274337Sdelphij			char *buf = abuf->b_data;
274337Sdelphij			while (blksz > 0 && err == 0) {
274337Sdelphij				int n = MIN(blksz, SPA_OLD_MAXBLOCKSIZE);
286705Smav				err = dump_write(dsa, type, zb->zb_object,
274337Sdelphij				    offset, n, NULL, buf);
274337Sdelphij				offset += n;
274337Sdelphij				buf += n;
274337Sdelphij				blksz -= n;
274337Sdelphij			}
274337Sdelphij		} else {
286705Smav			err = dump_write(dsa, type, zb->zb_object,
274337Sdelphij			    offset, blksz, bp, abuf->b_data);
274337Sdelphij		}
307265Smav		arc_buf_destroy(abuf, &abuf);
168404Spjd	}
168404Spjd
168404Spjd	ASSERT(err == 0 || err == EINTR);
168404Spjd	return (err);
168404Spjd}
168404Spjd
248571Smm/*
286705Smav * Pop the new data off the queue, and free the old data.
248571Smm */
286705Smavstatic struct send_block_record *
286705Smavget_next_record(bqueue_t *bq, struct send_block_record *data)
286705Smav{
286705Smav	struct send_block_record *tmp = bqueue_dequeue(bq);
286705Smav	kmem_free(data, sizeof (*data));
286705Smav	return (tmp);
286705Smav}
286705Smav
286705Smav/*
286705Smav * Actually do the bulk of the work in a zfs send.
286705Smav *
286705Smav * Note: Releases dp using the specified tag.
286705Smav */
248571Smmstatic int
286705Smavdmu_send_impl(void *tag, dsl_pool_t *dp, dsl_dataset_t *to_ds,
289362Smav    zfs_bookmark_phys_t *ancestor_zb,
289362Smav    boolean_t is_clone, boolean_t embedok, boolean_t large_block_ok, int outfd,
289362Smav    uint64_t resumeobj, uint64_t resumeoff,
248571Smm#ifdef illumos
289362Smav    vnode_t *vp, offset_t *off)
248571Smm#else
289362Smav    struct file *fp, offset_t *off)
248571Smm#endif
168404Spjd{
248571Smm	objset_t *os;
168404Spjd	dmu_replay_record_t *drr;
235222Smm	dmu_sendarg_t *dsp;
168404Spjd	int err;
185029Spjd	uint64_t fromtxg = 0;
268075Sdelphij	uint64_t featureflags = 0;
289362Smav	struct send_thread_arg to_arg = { 0 };
168404Spjd
286705Smav	err = dmu_objset_from_ds(to_ds, &os);
248571Smm	if (err != 0) {
248571Smm		dsl_pool_rele(dp, tag);
248571Smm		return (err);
185029Spjd	}
185029Spjd
168404Spjd	drr = kmem_zalloc(sizeof (dmu_replay_record_t), KM_SLEEP);
168404Spjd	drr->drr_type = DRR_BEGIN;
168404Spjd	drr->drr_u.drr_begin.drr_magic = DMU_BACKUP_MAGIC;
219089Spjd	DMU_SET_STREAM_HDRTYPE(drr->drr_u.drr_begin.drr_versioninfo,
219089Spjd	    DMU_SUBSTREAM);
219089Spjd
219089Spjd#ifdef _KERNEL
248571Smm	if (dmu_objset_type(os) == DMU_OST_ZFS) {
219089Spjd		uint64_t version;
248571Smm		if (zfs_get_zplprop(os, ZFS_PROP_VERSION, &version) != 0) {
235222Smm			kmem_free(drr, sizeof (dmu_replay_record_t));
248571Smm			dsl_pool_rele(dp, tag);
249195Smm			return (SET_ERROR(EINVAL));
235222Smm		}
248571Smm		if (version >= ZPL_VERSION_SA) {
268075Sdelphij			featureflags |= DMU_BACKUP_FEATURE_SA_SPILL;
219089Spjd		}
219089Spjd	}
219089Spjd#endif
219089Spjd
286708Smav	if (large_block_ok && to_ds->ds_feature_inuse[SPA_FEATURE_LARGE_BLOCKS])
274337Sdelphij		featureflags |= DMU_BACKUP_FEATURE_LARGE_BLOCKS;
268075Sdelphij	if (embedok &&
268075Sdelphij	    spa_feature_is_active(dp->dp_spa, SPA_FEATURE_EMBEDDED_DATA)) {
268075Sdelphij		featureflags |= DMU_BACKUP_FEATURE_EMBED_DATA;
268075Sdelphij		if (spa_feature_is_active(dp->dp_spa, SPA_FEATURE_LZ4_COMPRESS))
268075Sdelphij			featureflags |= DMU_BACKUP_FEATURE_EMBED_DATA_LZ4;
268075Sdelphij	}
268075Sdelphij
289362Smav	if (resumeobj != 0 || resumeoff != 0) {
289362Smav		featureflags |= DMU_BACKUP_FEATURE_RESUMING;
289362Smav	}
289362Smav
268075Sdelphij	DMU_SET_FEATUREFLAGS(drr->drr_u.drr_begin.drr_versioninfo,
268075Sdelphij	    featureflags);
268075Sdelphij
168404Spjd	drr->drr_u.drr_begin.drr_creation_time =
286705Smav	    dsl_dataset_phys(to_ds)->ds_creation_time;
248571Smm	drr->drr_u.drr_begin.drr_type = dmu_objset_type(os);
260183Sdelphij	if (is_clone)
185029Spjd		drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_CLONE;
286705Smav	drr->drr_u.drr_begin.drr_toguid = dsl_dataset_phys(to_ds)->ds_guid;
286705Smav	if (dsl_dataset_phys(to_ds)->ds_flags & DS_FLAG_CI_DATASET)
185029Spjd		drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_CI_DATA;
296516Smav	if (zfs_send_set_freerecords_bit)
296516Smav		drr->drr_u.drr_begin.drr_flags |= DRR_FLAG_FREERECORDS;
185029Spjd
286705Smav	if (ancestor_zb != NULL) {
286705Smav		drr->drr_u.drr_begin.drr_fromguid =
286705Smav		    ancestor_zb->zbm_guid;
286705Smav		fromtxg = ancestor_zb->zbm_creation_txg;
260183Sdelphij	}
286705Smav	dsl_dataset_name(to_ds, drr->drr_u.drr_begin.drr_toname);
286705Smav	if (!to_ds->ds_is_snapshot) {
260183Sdelphij		(void) strlcat(drr->drr_u.drr_begin.drr_toname, "@--head--",
260183Sdelphij		    sizeof (drr->drr_u.drr_begin.drr_toname));
248571Smm	}
185029Spjd
235222Smm	dsp = kmem_zalloc(sizeof (dmu_sendarg_t), KM_SLEEP);
168404Spjd
235222Smm	dsp->dsa_drr = drr;
235222Smm	dsp->dsa_outfd = outfd;
235222Smm	dsp->dsa_proc = curproc;
235222Smm	dsp->dsa_td = curthread;
235222Smm	dsp->dsa_fp = fp;
248571Smm	dsp->dsa_os = os;
235222Smm	dsp->dsa_off = off;
286705Smav	dsp->dsa_toguid = dsl_dataset_phys(to_ds)->ds_guid;
235222Smm	dsp->dsa_pending_op = PENDING_NONE;
268075Sdelphij	dsp->dsa_featureflags = featureflags;
289362Smav	dsp->dsa_resume_object = resumeobj;
289362Smav	dsp->dsa_resume_offset = resumeoff;
235222Smm
286705Smav	mutex_enter(&to_ds->ds_sendstream_lock);
286705Smav	list_insert_head(&to_ds->ds_sendstreams, dsp);
286705Smav	mutex_exit(&to_ds->ds_sendstream_lock);
235222Smm
286705Smav	dsl_dataset_long_hold(to_ds, FTAG);
249042Smm	dsl_pool_rele(dp, tag);
249042Smm
289362Smav	void *payload = NULL;
289362Smav	size_t payload_len = 0;
289362Smav	if (resumeobj != 0 || resumeoff != 0) {
289362Smav		dmu_object_info_t to_doi;
289362Smav		err = dmu_object_info(os, resumeobj, &to_doi);
289362Smav		if (err != 0)
289362Smav			goto out;
289362Smav		SET_BOOKMARK(&to_arg.resume, to_ds->ds_object, resumeobj, 0,
289362Smav		    resumeoff / to_doi.doi_data_block_size);
289362Smav
289362Smav		nvlist_t *nvl = fnvlist_alloc();
289362Smav		fnvlist_add_uint64(nvl, "resume_object", resumeobj);
289362Smav		fnvlist_add_uint64(nvl, "resume_offset", resumeoff);
289362Smav		payload = fnvlist_pack(nvl, &payload_len);
289362Smav		drr->drr_payloadlen = payload_len;
289362Smav		fnvlist_free(nvl);
289362Smav	}
289362Smav
289362Smav	err = dump_record(dsp, payload, payload_len);
289362Smav	fnvlist_pack_free(payload, payload_len);
289362Smav	if (err != 0) {
235222Smm		err = dsp->dsa_err;
235222Smm		goto out;
168404Spjd	}
168404Spjd
286705Smav	err = bqueue_init(&to_arg.q, zfs_send_queue_length,
286705Smav	    offsetof(struct send_block_record, ln));
286705Smav	to_arg.error_code = 0;
286705Smav	to_arg.cancel = B_FALSE;
286705Smav	to_arg.ds = to_ds;
286705Smav	to_arg.fromtxg = fromtxg;
286705Smav	to_arg.flags = TRAVERSE_PRE | TRAVERSE_PREFETCH;
287280Sdelphij	(void) thread_create(NULL, 0, send_traverse_thread, &to_arg, 0, &p0,
286705Smav	    TS_RUN, minclsyspri);
168404Spjd
286705Smav	struct send_block_record *to_data;
286705Smav	to_data = bqueue_dequeue(&to_arg.q);
286705Smav
286705Smav	while (!to_data->eos_marker && err == 0) {
286705Smav		err = do_dump(dsp, to_data);
286705Smav		to_data = get_next_record(&to_arg.q, to_data);
286705Smav		if (issig(JUSTLOOKING) && issig(FORREAL))
286705Smav			err = EINTR;
286705Smav	}
286705Smav
286705Smav	if (err != 0) {
286705Smav		to_arg.cancel = B_TRUE;
286705Smav		while (!to_data->eos_marker) {
286705Smav			to_data = get_next_record(&to_arg.q, to_data);
286705Smav		}
286705Smav	}
286705Smav	kmem_free(to_data, sizeof (*to_data));
286705Smav
286705Smav	bqueue_destroy(&to_arg.q);
286705Smav
286705Smav	if (err == 0 && to_arg.error_code != 0)
286705Smav		err = to_arg.error_code;
286705Smav
286705Smav	if (err != 0)
286705Smav		goto out;
286705Smav
235222Smm	if (dsp->dsa_pending_op != PENDING_NONE)
286587Smav		if (dump_record(dsp, NULL, 0) != 0)
249195Smm			err = SET_ERROR(EINTR);
219089Spjd
248571Smm	if (err != 0) {
248571Smm		if (err == EINTR && dsp->dsa_err != 0)
235222Smm			err = dsp->dsa_err;
235222Smm		goto out;
168404Spjd	}
168404Spjd
168404Spjd	bzero(drr, sizeof (dmu_replay_record_t));
168404Spjd	drr->drr_type = DRR_END;
235222Smm	drr->drr_u.drr_end.drr_checksum = dsp->dsa_zc;
235222Smm	drr->drr_u.drr_end.drr_toguid = dsp->dsa_toguid;
168404Spjd
286705Smav	if (dump_record(dsp, NULL, 0) != 0)
235222Smm		err = dsp->dsa_err;
168404Spjd
235222Smmout:
286705Smav	mutex_enter(&to_ds->ds_sendstream_lock);
286705Smav	list_remove(&to_ds->ds_sendstreams, dsp);
286705Smav	mutex_exit(&to_ds->ds_sendstream_lock);
235222Smm
307284Smav	VERIFY(err != 0 || (dsp->dsa_sent_begin && dsp->dsa_sent_end));
307284Smav
168404Spjd	kmem_free(drr, sizeof (dmu_replay_record_t));
235222Smm	kmem_free(dsp, sizeof (dmu_sendarg_t));
168404Spjd
286705Smav	dsl_dataset_long_rele(to_ds, FTAG);
248571Smm
235222Smm	return (err);
168404Spjd}
168404Spjd
228103Smmint
248571Smmdmu_send_obj(const char *pool, uint64_t tosnap, uint64_t fromsnap,
274337Sdelphij    boolean_t embedok, boolean_t large_block_ok,
248571Smm#ifdef illumos
274337Sdelphij    int outfd, vnode_t *vp, offset_t *off)
248571Smm#else
274337Sdelphij    int outfd, struct file *fp, offset_t *off)
248571Smm#endif
228103Smm{
248571Smm	dsl_pool_t *dp;
248571Smm	dsl_dataset_t *ds;
248571Smm	dsl_dataset_t *fromds = NULL;
248571Smm	int err;
248571Smm
248571Smm	err = dsl_pool_hold(pool, FTAG, &dp);
248571Smm	if (err != 0)
248571Smm		return (err);
248571Smm
248571Smm	err = dsl_dataset_hold_obj(dp, tosnap, FTAG, &ds);
248571Smm	if (err != 0) {
248571Smm		dsl_pool_rele(dp, FTAG);
248571Smm		return (err);
248571Smm	}
248571Smm
248571Smm	if (fromsnap != 0) {
260183Sdelphij		zfs_bookmark_phys_t zb;
260183Sdelphij		boolean_t is_clone;
260183Sdelphij
248571Smm		err = dsl_dataset_hold_obj(dp, fromsnap, FTAG, &fromds);
248571Smm		if (err != 0) {
248571Smm			dsl_dataset_rele(ds, FTAG);
248571Smm			dsl_pool_rele(dp, FTAG);
248571Smm			return (err);
248571Smm		}
260183Sdelphij		if (!dsl_dataset_is_before(ds, fromds, 0))
260183Sdelphij			err = SET_ERROR(EXDEV);
275782Sdelphij		zb.zbm_creation_time =
275782Sdelphij		    dsl_dataset_phys(fromds)->ds_creation_time;
275782Sdelphij		zb.zbm_creation_txg = dsl_dataset_phys(fromds)->ds_creation_txg;
275782Sdelphij		zb.zbm_guid = dsl_dataset_phys(fromds)->ds_guid;
260183Sdelphij		is_clone = (fromds->ds_dir != ds->ds_dir);
260183Sdelphij		dsl_dataset_rele(fromds, FTAG);
274337Sdelphij		err = dmu_send_impl(FTAG, dp, ds, &zb, is_clone,
289362Smav		    embedok, large_block_ok, outfd, 0, 0, fp, off);
260183Sdelphij	} else {
274337Sdelphij		err = dmu_send_impl(FTAG, dp, ds, NULL, B_FALSE,
289362Smav		    embedok, large_block_ok, outfd, 0, 0, fp, off);
248571Smm	}
260183Sdelphij	dsl_dataset_rele(ds, FTAG);
260183Sdelphij	return (err);
248571Smm}
248571Smm
248571Smmint
289362Smavdmu_send(const char *tosnap, const char *fromsnap, boolean_t embedok,
289362Smav    boolean_t large_block_ok, int outfd, uint64_t resumeobj, uint64_t resumeoff,
248571Smm#ifdef illumos
289362Smav    vnode_t *vp, offset_t *off)
248571Smm#else
289362Smav    struct file *fp, offset_t *off)
248571Smm#endif
248571Smm{
248571Smm	dsl_pool_t *dp;
248571Smm	dsl_dataset_t *ds;
248571Smm	int err;
260183Sdelphij	boolean_t owned = B_FALSE;
248571Smm
260183Sdelphij	if (fromsnap != NULL && strpbrk(fromsnap, "@#") == NULL)
249195Smm		return (SET_ERROR(EINVAL));
248571Smm
248571Smm	err = dsl_pool_hold(tosnap, FTAG, &dp);
248571Smm	if (err != 0)
248571Smm		return (err);
248571Smm
260183Sdelphij	if (strchr(tosnap, '@') == NULL && spa_writeable(dp->dp_spa)) {
260183Sdelphij		/*
260183Sdelphij		 * We are sending a filesystem or volume.  Ensure
260183Sdelphij		 * that it doesn't change by owning the dataset.
260183Sdelphij		 */
260183Sdelphij		err = dsl_dataset_own(dp, tosnap, FTAG, &ds);
260183Sdelphij		owned = B_TRUE;
260183Sdelphij	} else {
260183Sdelphij		err = dsl_dataset_hold(dp, tosnap, FTAG, &ds);
260183Sdelphij	}
248571Smm	if (err != 0) {
248571Smm		dsl_pool_rele(dp, FTAG);
248571Smm		return (err);
248571Smm	}
248571Smm
248571Smm	if (fromsnap != NULL) {
260183Sdelphij		zfs_bookmark_phys_t zb;
260183Sdelphij		boolean_t is_clone = B_FALSE;
260183Sdelphij		int fsnamelen = strchr(tosnap, '@') - tosnap;
260183Sdelphij
260183Sdelphij		/*
260183Sdelphij		 * If the fromsnap is in a different filesystem, then
260183Sdelphij		 * mark the send stream as a clone.
260183Sdelphij		 */
260183Sdelphij		if (strncmp(tosnap, fromsnap, fsnamelen) != 0 ||
260183Sdelphij		    (fromsnap[fsnamelen] != '@' &&
260183Sdelphij		    fromsnap[fsnamelen] != '#')) {
260183Sdelphij			is_clone = B_TRUE;
260183Sdelphij		}
260183Sdelphij
260183Sdelphij		if (strchr(fromsnap, '@')) {
260183Sdelphij			dsl_dataset_t *fromds;
260183Sdelphij			err = dsl_dataset_hold(dp, fromsnap, FTAG, &fromds);
260183Sdelphij			if (err == 0) {
260183Sdelphij				if (!dsl_dataset_is_before(ds, fromds, 0))
260183Sdelphij					err = SET_ERROR(EXDEV);
260183Sdelphij				zb.zbm_creation_time =
275782Sdelphij				    dsl_dataset_phys(fromds)->ds_creation_time;
260183Sdelphij				zb.zbm_creation_txg =
275782Sdelphij				    dsl_dataset_phys(fromds)->ds_creation_txg;
275782Sdelphij				zb.zbm_guid = dsl_dataset_phys(fromds)->ds_guid;
260183Sdelphij				is_clone = (ds->ds_dir != fromds->ds_dir);
260183Sdelphij				dsl_dataset_rele(fromds, FTAG);
260183Sdelphij			}
260183Sdelphij		} else {
260183Sdelphij			err = dsl_bookmark_lookup(dp, fromsnap, ds, &zb);
260183Sdelphij		}
248571Smm		if (err != 0) {
248571Smm			dsl_dataset_rele(ds, FTAG);
248571Smm			dsl_pool_rele(dp, FTAG);
248571Smm			return (err);
248571Smm		}
274337Sdelphij		err = dmu_send_impl(FTAG, dp, ds, &zb, is_clone,
289362Smav		    embedok, large_block_ok,
289362Smav		    outfd, resumeobj, resumeoff, fp, off);
260183Sdelphij	} else {
274337Sdelphij		err = dmu_send_impl(FTAG, dp, ds, NULL, B_FALSE,
289362Smav		    embedok, large_block_ok,
289362Smav		    outfd, resumeobj, resumeoff, fp, off);
248571Smm	}
260183Sdelphij	if (owned)
260183Sdelphij		dsl_dataset_disown(ds, FTAG);
260183Sdelphij	else
260183Sdelphij		dsl_dataset_rele(ds, FTAG);
260183Sdelphij	return (err);
248571Smm}
248571Smm
286683Smavstatic int
286683Smavdmu_adjust_send_estimate_for_indirects(dsl_dataset_t *ds, uint64_t size,
286683Smav    uint64_t *sizep)
286683Smav{
286683Smav	int err;
286683Smav	/*
286683Smav	 * Assume that space (both on-disk and in-stream) is dominated by
286683Smav	 * data.  We will adjust for indirect blocks and the copies property,
286683Smav	 * but ignore per-object space used (eg, dnodes and DRR_OBJECT records).
286683Smav	 */
286683Smav
286683Smav	/*
286683Smav	 * Subtract out approximate space used by indirect blocks.
286683Smav	 * Assume most space is used by data blocks (non-indirect, non-dnode).
286683Smav	 * Assume all blocks are recordsize.  Assume ditto blocks and
286683Smav	 * internal fragmentation counter out compression.
286683Smav	 *
286683Smav	 * Therefore, space used by indirect blocks is sizeof(blkptr_t) per
286683Smav	 * block, which we observe in practice.
286683Smav	 */
286683Smav	uint64_t recordsize;
286683Smav	err = dsl_prop_get_int_ds(ds, "recordsize", &recordsize);
286683Smav	if (err != 0)
286683Smav		return (err);
286683Smav	size -= size / recordsize * sizeof (blkptr_t);
286683Smav
286683Smav	/* Add in the space for the record associated with each block. */
286683Smav	size += size / recordsize * sizeof (dmu_replay_record_t);
286683Smav
286683Smav	*sizep = size;
286683Smav
286683Smav	return (0);
286683Smav}
286683Smav
248571Smmint
248571Smmdmu_send_estimate(dsl_dataset_t *ds, dsl_dataset_t *fromds, uint64_t *sizep)
248571Smm{
228103Smm	dsl_pool_t *dp = ds->ds_dir->dd_pool;
228103Smm	int err;
228103Smm	uint64_t size;
228103Smm
248571Smm	ASSERT(dsl_pool_config_held(dp));
248571Smm
228103Smm	/* tosnap must be a snapshot */
286575Smav	if (!ds->ds_is_snapshot)
249195Smm		return (SET_ERROR(EINVAL));
228103Smm
284301Savg	/* fromsnap, if provided, must be a snapshot */
286575Smav	if (fromds != NULL && !fromds->ds_is_snapshot)
284301Savg		return (SET_ERROR(EINVAL));
284301Savg
248571Smm	/*
248571Smm	 * fromsnap must be an earlier snapshot from the same fs as tosnap,
248571Smm	 * or the origin's fs.
248571Smm	 */
260183Sdelphij	if (fromds != NULL && !dsl_dataset_is_before(ds, fromds, 0))
249195Smm		return (SET_ERROR(EXDEV));
228103Smm
228103Smm	/* Get uncompressed size estimate of changed data. */
228103Smm	if (fromds == NULL) {
275782Sdelphij		size = dsl_dataset_phys(ds)->ds_uncompressed_bytes;
228103Smm	} else {
228103Smm		uint64_t used, comp;
228103Smm		err = dsl_dataset_space_written(fromds, ds,
228103Smm		    &used, &comp, &size);
248571Smm		if (err != 0)
228103Smm			return (err);
228103Smm	}
228103Smm
286683Smav	err = dmu_adjust_send_estimate_for_indirects(ds, size, sizep);
286683Smav	return (err);
286683Smav}
228103Smm
286683Smav/*
286683Smav * Simple callback used to traverse the blocks of a snapshot and sum their
286683Smav * uncompressed size
286683Smav */
286683Smav/* ARGSUSED */
286683Smavstatic int
286683Smavdmu_calculate_send_traversal(spa_t *spa, zilog_t *zilog, const blkptr_t *bp,
286683Smav    const zbookmark_phys_t *zb, const dnode_phys_t *dnp, void *arg)
286683Smav{
286683Smav	uint64_t *spaceptr = arg;
286683Smav	if (bp != NULL && !BP_IS_HOLE(bp)) {
286683Smav		*spaceptr += BP_GET_UCSIZE(bp);
286683Smav	}
286683Smav	return (0);
286683Smav}
286683Smav
286683Smav/*
286683Smav * Given a desination snapshot and a TXG, calculate the approximate size of a
286683Smav * send stream sent from that TXG. from_txg may be zero, indicating that the
286683Smav * whole snapshot will be sent.
286683Smav */
286683Smavint
286683Smavdmu_send_estimate_from_txg(dsl_dataset_t *ds, uint64_t from_txg,
286683Smav    uint64_t *sizep)
286683Smav{
286683Smav	dsl_pool_t *dp = ds->ds_dir->dd_pool;
286683Smav	int err;
286683Smav	uint64_t size = 0;
286683Smav
286683Smav	ASSERT(dsl_pool_config_held(dp));
286683Smav
286683Smav	/* tosnap must be a snapshot */
286683Smav	if (!dsl_dataset_is_snapshot(ds))
286683Smav		return (SET_ERROR(EINVAL));
286683Smav
286683Smav	/* verify that from_txg is before the provided snapshot was taken */
286683Smav	if (from_txg >= dsl_dataset_phys(ds)->ds_creation_txg) {
286683Smav		return (SET_ERROR(EXDEV));
286683Smav	}
286683Smav
228103Smm	/*
286683Smav	 * traverse the blocks of the snapshot with birth times after
286683Smav	 * from_txg, summing their uncompressed size
228103Smm	 */
286683Smav	err = traverse_dataset(ds, from_txg, TRAVERSE_POST,
286683Smav	    dmu_calculate_send_traversal, &size);
286683Smav	if (err)
228103Smm		return (err);
228103Smm
286683Smav	err = dmu_adjust_send_estimate_for_indirects(ds, size, sizep);
286683Smav	return (err);
228103Smm}
228103Smm
248571Smmtypedef struct dmu_recv_begin_arg {
248571Smm	const char *drba_origin;
248571Smm	dmu_recv_cookie_t *drba_cookie;
248571Smm	cred_t *drba_cred;
253820Sdelphij	uint64_t drba_snapobj;
248571Smm} dmu_recv_begin_arg_t;
168404Spjd
168404Spjdstatic int
248571Smmrecv_begin_check_existing_impl(dmu_recv_begin_arg_t *drba, dsl_dataset_t *ds,
248571Smm    uint64_t fromguid)
168404Spjd{
185029Spjd	uint64_t val;
248571Smm	int error;
248571Smm	dsl_pool_t *dp = ds->ds_dir->dd_pool;
185029Spjd
248571Smm	/* temporary clone name must not exist */
248571Smm	error = zap_lookup(dp->dp_meta_objset,
275782Sdelphij	    dsl_dir_phys(ds->ds_dir)->dd_child_dir_zapobj, recv_clone_name,
248571Smm	    8, 1, &val);
248571Smm	if (error != ENOENT)
248571Smm		return (error == 0 ? EBUSY : error);
248571Smm
219089Spjd	/* new snapshot name must not exist */
248571Smm	error = zap_lookup(dp->dp_meta_objset,
275782Sdelphij	    dsl_dataset_phys(ds)->ds_snapnames_zapobj,
275782Sdelphij	    drba->drba_cookie->drc_tosnap, 8, 1, &val);
248571Smm	if (error != ENOENT)
248571Smm		return (error == 0 ? EEXIST : error);
168404Spjd
264835Sdelphij	/*
264835Sdelphij	 * Check snapshot limit before receiving. We'll recheck again at the
264835Sdelphij	 * end, but might as well abort before receiving if we're already over
264835Sdelphij	 * the limit.
264835Sdelphij	 *
264835Sdelphij	 * Note that we do not check the file system limit with
264835Sdelphij	 * dsl_dir_fscount_check because the temporary %clones don't count
264835Sdelphij	 * against that limit.
264835Sdelphij	 */
264835Sdelphij	error = dsl_fs_ss_limit_check(ds->ds_dir, 1, ZFS_PROP_SNAPSHOT_LIMIT,
264835Sdelphij	    NULL, drba->drba_cred);
264835Sdelphij	if (error != 0)
264835Sdelphij		return (error);
264835Sdelphij
248571Smm	if (fromguid != 0) {
253820Sdelphij		dsl_dataset_t *snap;
275782Sdelphij		uint64_t obj = dsl_dataset_phys(ds)->ds_prev_snap_obj;
253820Sdelphij
253820Sdelphij		/* Find snapshot in this dir that matches fromguid. */
253820Sdelphij		while (obj != 0) {
253820Sdelphij			error = dsl_dataset_hold_obj(dp, obj, FTAG,
253820Sdelphij			    &snap);
253820Sdelphij			if (error != 0)
253820Sdelphij				return (SET_ERROR(ENODEV));
253820Sdelphij			if (snap->ds_dir != ds->ds_dir) {
253820Sdelphij				dsl_dataset_rele(snap, FTAG);
253820Sdelphij				return (SET_ERROR(ENODEV));
253820Sdelphij			}
275782Sdelphij			if (dsl_dataset_phys(snap)->ds_guid == fromguid)
253820Sdelphij				break;
275782Sdelphij			obj = dsl_dataset_phys(snap)->ds_prev_snap_obj;
253820Sdelphij			dsl_dataset_rele(snap, FTAG);
253820Sdelphij		}
253820Sdelphij		if (obj == 0)
249195Smm			return (SET_ERROR(ENODEV));
168404Spjd
253820Sdelphij		if (drba->drba_cookie->drc_force) {
253820Sdelphij			drba->drba_snapobj = obj;
253820Sdelphij		} else {
253820Sdelphij			/*
253820Sdelphij			 * If we are not forcing, there must be no
253820Sdelphij			 * changes since fromsnap.
253820Sdelphij			 */
253820Sdelphij			if (dsl_dataset_modified_since_snap(ds, snap)) {
219089Spjd				dsl_dataset_rele(snap, FTAG);
253820Sdelphij				return (SET_ERROR(ETXTBSY));
219089Spjd			}
253820Sdelphij			drba->drba_snapobj = ds->ds_prev->ds_object;
219089Spjd		}
253820Sdelphij
253820Sdelphij		dsl_dataset_rele(snap, FTAG);
219089Spjd	} else {
283525Savg		/* if full, then must be forced */
283525Savg		if (!drba->drba_cookie->drc_force)
283525Savg			return (SET_ERROR(EEXIST));
283525Savg		/* start from $ORIGIN@$ORIGIN, if supported */
283525Savg		drba->drba_snapobj = dp->dp_origin_snap != NULL ?
283525Savg		    dp->dp_origin_snap->ds_object : 0;
219089Spjd	}
219089Spjd
248571Smm	return (0);
168404Spjd
168404Spjd}
168404Spjd
248571Smmstatic int
248571Smmdmu_recv_begin_check(void *arg, dmu_tx_t *tx)
248571Smm{
248571Smm	dmu_recv_begin_arg_t *drba = arg;
248571Smm	dsl_pool_t *dp = dmu_tx_pool(tx);
248571Smm	struct drr_begin *drrb = drba->drba_cookie->drc_drrb;
248571Smm	uint64_t fromguid = drrb->drr_fromguid;
248571Smm	int flags = drrb->drr_flags;
248571Smm	int error;
268075Sdelphij	uint64_t featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
248571Smm	dsl_dataset_t *ds;
248571Smm	const char *tofs = drba->drba_cookie->drc_tofs;
248571Smm
248571Smm	/* already checked */
248571Smm	ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC);
289362Smav	ASSERT(!(featureflags & DMU_BACKUP_FEATURE_RESUMING));
248571Smm
248571Smm	if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) ==
248571Smm	    DMU_COMPOUNDSTREAM ||
248571Smm	    drrb->drr_type >= DMU_OST_NUMTYPES ||
248571Smm	    ((flags & DRR_FLAG_CLONE) && drba->drba_origin == NULL))
249195Smm		return (SET_ERROR(EINVAL));
248571Smm
248571Smm	/* Verify pool version supports SA if SA_SPILL feature set */
268075Sdelphij	if ((featureflags & DMU_BACKUP_FEATURE_SA_SPILL) &&
268075Sdelphij	    spa_version(dp->dp_spa) < SPA_VERSION_SA)
249195Smm		return (SET_ERROR(ENOTSUP));
248571Smm
289362Smav	if (drba->drba_cookie->drc_resumable &&
289362Smav	    !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_EXTENSIBLE_DATASET))
289362Smav		return (SET_ERROR(ENOTSUP));
289362Smav
268075Sdelphij	/*
268075Sdelphij	 * The receiving code doesn't know how to translate a WRITE_EMBEDDED
268075Sdelphij	 * record to a plan WRITE record, so the pool must have the
268075Sdelphij	 * EMBEDDED_DATA feature enabled if the stream has WRITE_EMBEDDED
268075Sdelphij	 * records.  Same with WRITE_EMBEDDED records that use LZ4 compression.
268075Sdelphij	 */
268075Sdelphij	if ((featureflags & DMU_BACKUP_FEATURE_EMBED_DATA) &&
268075Sdelphij	    !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_EMBEDDED_DATA))
268075Sdelphij		return (SET_ERROR(ENOTSUP));
268075Sdelphij	if ((featureflags & DMU_BACKUP_FEATURE_EMBED_DATA_LZ4) &&
268075Sdelphij	    !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_LZ4_COMPRESS))
268075Sdelphij		return (SET_ERROR(ENOTSUP));
268075Sdelphij
274337Sdelphij	/*
274337Sdelphij	 * The receiving code doesn't know how to translate large blocks
274337Sdelphij	 * to smaller ones, so the pool must have the LARGE_BLOCKS
274337Sdelphij	 * feature enabled if the stream has LARGE_BLOCKS.
274337Sdelphij	 */
274337Sdelphij	if ((featureflags & DMU_BACKUP_FEATURE_LARGE_BLOCKS) &&
274337Sdelphij	    !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_LARGE_BLOCKS))
274337Sdelphij		return (SET_ERROR(ENOTSUP));
274337Sdelphij
248571Smm	error = dsl_dataset_hold(dp, tofs, FTAG, &ds);
248571Smm	if (error == 0) {
248571Smm		/* target fs already exists; recv into temp clone */
248571Smm
248571Smm		/* Can't recv a clone into an existing fs */
294815Smav		if (flags & DRR_FLAG_CLONE || drba->drba_origin) {
248571Smm			dsl_dataset_rele(ds, FTAG);
249195Smm			return (SET_ERROR(EINVAL));
248571Smm		}
248571Smm
248571Smm		error = recv_begin_check_existing_impl(drba, ds, fromguid);
248571Smm		dsl_dataset_rele(ds, FTAG);
248571Smm	} else if (error == ENOENT) {
248571Smm		/* target fs does not exist; must be a full backup or clone */
307108Smav		char buf[ZFS_MAX_DATASET_NAME_LEN];
248571Smm
248571Smm		/*
248571Smm		 * If it's a non-clone incremental, we are missing the
248571Smm		 * target fs, so fail the recv.
248571Smm		 */
286705Smav		if (fromguid != 0 && !(flags & DRR_FLAG_CLONE ||
286705Smav		    drba->drba_origin))
249195Smm			return (SET_ERROR(ENOENT));
248571Smm
294815Smav		/*
294815Smav		 * If we're receiving a full send as a clone, and it doesn't
294815Smav		 * contain all the necessary free records and freeobject
294815Smav		 * records, reject it.
294815Smav		 */
294815Smav		if (fromguid == 0 && drba->drba_origin &&
294815Smav		    !(flags & DRR_FLAG_FREERECORDS))
294815Smav			return (SET_ERROR(EINVAL));
294815Smav
248571Smm		/* Open the parent of tofs */
307108Smav		ASSERT3U(strlen(tofs), <, sizeof (buf));
248571Smm		(void) strlcpy(buf, tofs, strrchr(tofs, '/') - tofs + 1);
248571Smm		error = dsl_dataset_hold(dp, buf, FTAG, &ds);
248571Smm		if (error != 0)
248571Smm			return (error);
248571Smm
264835Sdelphij		/*
264835Sdelphij		 * Check filesystem and snapshot limits before receiving. We'll
264835Sdelphij		 * recheck snapshot limits again at the end (we create the
264835Sdelphij		 * filesystems and increment those counts during begin_sync).
264835Sdelphij		 */
264835Sdelphij		error = dsl_fs_ss_limit_check(ds->ds_dir, 1,
264835Sdelphij		    ZFS_PROP_FILESYSTEM_LIMIT, NULL, drba->drba_cred);
264835Sdelphij		if (error != 0) {
264835Sdelphij			dsl_dataset_rele(ds, FTAG);
264835Sdelphij			return (error);
264835Sdelphij		}
264835Sdelphij
264835Sdelphij		error = dsl_fs_ss_limit_check(ds->ds_dir, 1,
264835Sdelphij		    ZFS_PROP_SNAPSHOT_LIMIT, NULL, drba->drba_cred);
264835Sdelphij		if (error != 0) {
264835Sdelphij			dsl_dataset_rele(ds, FTAG);
264835Sdelphij			return (error);
264835Sdelphij		}
264835Sdelphij
248571Smm		if (drba->drba_origin != NULL) {
248571Smm			dsl_dataset_t *origin;
248571Smm			error = dsl_dataset_hold(dp, drba->drba_origin,
248571Smm			    FTAG, &origin);
248571Smm			if (error != 0) {
248571Smm				dsl_dataset_rele(ds, FTAG);
248571Smm				return (error);
248571Smm			}
286575Smav			if (!origin->ds_is_snapshot) {
248571Smm				dsl_dataset_rele(origin, FTAG);
248571Smm				dsl_dataset_rele(ds, FTAG);
249195Smm				return (SET_ERROR(EINVAL));
248571Smm			}
294815Smav			if (dsl_dataset_phys(origin)->ds_guid != fromguid &&
294815Smav			    fromguid != 0) {
248571Smm				dsl_dataset_rele(origin, FTAG);
248571Smm				dsl_dataset_rele(ds, FTAG);
249195Smm				return (SET_ERROR(ENODEV));
248571Smm			}
248571Smm			dsl_dataset_rele(origin, FTAG);
248571Smm		}
248571Smm		dsl_dataset_rele(ds, FTAG);
248571Smm		error = 0;
248571Smm	}
248571Smm	return (error);
248571Smm}
248571Smm
168404Spjdstatic void
248571Smmdmu_recv_begin_sync(void *arg, dmu_tx_t *tx)
168404Spjd{
248571Smm	dmu_recv_begin_arg_t *drba = arg;
248571Smm	dsl_pool_t *dp = dmu_tx_pool(tx);
289362Smav	objset_t *mos = dp->dp_meta_objset;
248571Smm	struct drr_begin *drrb = drba->drba_cookie->drc_drrb;
248571Smm	const char *tofs = drba->drba_cookie->drc_tofs;
248571Smm	dsl_dataset_t *ds, *newds;
185029Spjd	uint64_t dsobj;
248571Smm	int error;
289362Smav	uint64_t crflags = 0;
168404Spjd
289362Smav	if (drrb->drr_flags & DRR_FLAG_CI_DATA)
289362Smav		crflags |= DS_FLAG_CI_DATASET;
168404Spjd
248571Smm	error = dsl_dataset_hold(dp, tofs, FTAG, &ds);
248571Smm	if (error == 0) {
248571Smm		/* create temporary clone */
253820Sdelphij		dsl_dataset_t *snap = NULL;
253820Sdelphij		if (drba->drba_snapobj != 0) {
253820Sdelphij			VERIFY0(dsl_dataset_hold_obj(dp,
253820Sdelphij			    drba->drba_snapobj, FTAG, &snap));
253820Sdelphij		}
248571Smm		dsobj = dsl_dataset_create_sync(ds->ds_dir, recv_clone_name,
253820Sdelphij		    snap, crflags, drba->drba_cred, tx);
282632Savg		if (drba->drba_snapobj != 0)
282632Savg			dsl_dataset_rele(snap, FTAG);
248571Smm		dsl_dataset_rele(ds, FTAG);
248571Smm	} else {
248571Smm		dsl_dir_t *dd;
248571Smm		const char *tail;
248571Smm		dsl_dataset_t *origin = NULL;
248571Smm
248571Smm		VERIFY0(dsl_dir_hold(dp, tofs, FTAG, &dd, &tail));
248571Smm
248571Smm		if (drba->drba_origin != NULL) {
248571Smm			VERIFY0(dsl_dataset_hold(dp, drba->drba_origin,
248571Smm			    FTAG, &origin));
248571Smm		}
248571Smm
248571Smm		/* Create new dataset. */
248571Smm		dsobj = dsl_dataset_create_sync(dd,
248571Smm		    strrchr(tofs, '/') + 1,
248571Smm		    origin, crflags, drba->drba_cred, tx);
248571Smm		if (origin != NULL)
248571Smm			dsl_dataset_rele(origin, FTAG);
248571Smm		dsl_dir_rele(dd, FTAG);
248571Smm		drba->drba_cookie->drc_newfs = B_TRUE;
248571Smm	}
248571Smm	VERIFY0(dsl_dataset_own_obj(dp, dsobj, dmu_recv_tag, &newds));
248571Smm
289362Smav	if (drba->drba_cookie->drc_resumable) {
289362Smav		dsl_dataset_zapify(newds, tx);
289362Smav		if (drrb->drr_fromguid != 0) {
289362Smav			VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_FROMGUID,
289362Smav			    8, 1, &drrb->drr_fromguid, tx));
289362Smav		}
289362Smav		VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_TOGUID,
289362Smav		    8, 1, &drrb->drr_toguid, tx));
289362Smav		VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_TONAME,
289362Smav		    1, strlen(drrb->drr_toname) + 1, drrb->drr_toname, tx));
289362Smav		uint64_t one = 1;
289362Smav		uint64_t zero = 0;
289362Smav		VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_OBJECT,
289362Smav		    8, 1, &one, tx));
289362Smav		VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_OFFSET,
289362Smav		    8, 1, &zero, tx));
289362Smav		VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_BYTES,
289362Smav		    8, 1, &zero, tx));
289362Smav		if (DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo) &
289362Smav		    DMU_BACKUP_FEATURE_EMBED_DATA) {
289362Smav			VERIFY0(zap_add(mos, dsobj, DS_FIELD_RESUME_EMBEDOK,
289362Smav			    8, 1, &one, tx));
289362Smav		}
289362Smav	}
289362Smav
248571Smm	dmu_buf_will_dirty(newds->ds_dbuf, tx);
275782Sdelphij	dsl_dataset_phys(newds)->ds_flags |= DS_FLAG_INCONSISTENT;
248571Smm
219089Spjd	/*
219089Spjd	 * If we actually created a non-clone, we need to create the
219089Spjd	 * objset in our new dataset.
219089Spjd	 */
308082Smav	rrw_enter(&newds->ds_bp_rwlock, RW_READER, FTAG);
248571Smm	if (BP_IS_HOLE(dsl_dataset_get_blkptr(newds))) {
219089Spjd		(void) dmu_objset_create_impl(dp->dp_spa,
248571Smm		    newds, dsl_dataset_get_blkptr(newds), drrb->drr_type, tx);
219089Spjd	}
308082Smav	rrw_exit(&newds->ds_bp_rwlock, FTAG);
168404Spjd
248571Smm	drba->drba_cookie->drc_ds = newds;
185029Spjd
248571Smm	spa_history_log_internal_ds(newds, "receive", tx, "");
168404Spjd}
168404Spjd
289362Smavstatic int
289362Smavdmu_recv_resume_begin_check(void *arg, dmu_tx_t *tx)
289362Smav{
289362Smav	dmu_recv_begin_arg_t *drba = arg;
289362Smav	dsl_pool_t *dp = dmu_tx_pool(tx);
289362Smav	struct drr_begin *drrb = drba->drba_cookie->drc_drrb;
289362Smav	int error;
289362Smav	uint64_t featureflags = DMU_GET_FEATUREFLAGS(drrb->drr_versioninfo);
289362Smav	dsl_dataset_t *ds;
289362Smav	const char *tofs = drba->drba_cookie->drc_tofs;
289362Smav
289362Smav	/* already checked */
289362Smav	ASSERT3U(drrb->drr_magic, ==, DMU_BACKUP_MAGIC);
289362Smav	ASSERT(featureflags & DMU_BACKUP_FEATURE_RESUMING);
289362Smav
289362Smav	if (DMU_GET_STREAM_HDRTYPE(drrb->drr_versioninfo) ==
289362Smav	    DMU_COMPOUNDSTREAM ||
289362Smav	    drrb->drr_type >= DMU_OST_NUMTYPES)
289362Smav		return (SET_ERROR(EINVAL));
289362Smav
289362Smav	/* Verify pool version supports SA if SA_SPILL feature set */
289362Smav	if ((featureflags & DMU_BACKUP_FEATURE_SA_SPILL) &&
289362Smav	    spa_version(dp->dp_spa) < SPA_VERSION_SA)
289362Smav		return (SET_ERROR(ENOTSUP));
289362Smav
289362Smav	/*
289362Smav	 * The receiving code doesn't know how to translate a WRITE_EMBEDDED
289362Smav	 * record to a plain WRITE record, so the pool must have the
289362Smav	 * EMBEDDED_DATA feature enabled if the stream has WRITE_EMBEDDED
289362Smav	 * records.  Same with WRITE_EMBEDDED records that use LZ4 compression.
289362Smav	 */
289362Smav	if ((featureflags & DMU_BACKUP_FEATURE_EMBED_DATA) &&
289362Smav	    !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_EMBEDDED_DATA))
289362Smav		return (SET_ERROR(ENOTSUP));
289362Smav	if ((featureflags & DMU_BACKUP_FEATURE_EMBED_DATA_LZ4) &&
289362Smav	    !spa_feature_is_enabled(dp->dp_spa, SPA_FEATURE_LZ4_COMPRESS))
289362Smav		return (SET_ERROR(ENOTSUP));
289362Smav
307108Smav	/* 6 extra bytes for /%recv */
307108Smav	char recvname[ZFS_MAX_DATASET_NAME_LEN + 6];
289362Smav
289362Smav	(void) snprintf(recvname, sizeof (recvname), "%s/%s",
289362Smav	    tofs, recv_clone_name);
289362Smav
289362Smav	if (dsl_dataset_hold(dp, recvname, FTAG, &ds) != 0) {
289362Smav		/* %recv does not exist; continue in tofs */
289362Smav		error = dsl_dataset_hold(dp, tofs, FTAG, &ds);
289362Smav		if (error != 0)
289362Smav			return (error);
289362Smav	}
289362Smav
289362Smav	/* check that ds is marked inconsistent */
289362Smav	if (!DS_IS_INCONSISTENT(ds)) {
289362Smav		dsl_dataset_rele(ds, FTAG);
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav
289362Smav	/* check that there is resuming data, and that the toguid matches */
289362Smav	if (!dsl_dataset_is_zapified(ds)) {
289362Smav		dsl_dataset_rele(ds, FTAG);
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav	uint64_t val;
289362Smav	error = zap_lookup(dp->dp_meta_objset, ds->ds_object,
289362Smav	    DS_FIELD_RESUME_TOGUID, sizeof (val), 1, &val);
289362Smav	if (error != 0 || drrb->drr_toguid != val) {
289362Smav		dsl_dataset_rele(ds, FTAG);
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav
289362Smav	/*
289362Smav	 * Check if the receive is still running.  If so, it will be owned.
289362Smav	 * Note that nothing else can own the dataset (e.g. after the receive
289362Smav	 * fails) because it will be marked inconsistent.
289362Smav	 */
289362Smav	if (dsl_dataset_has_owner(ds)) {
289362Smav		dsl_dataset_rele(ds, FTAG);
289362Smav		return (SET_ERROR(EBUSY));
289362Smav	}
289362Smav
289362Smav	/* There should not be any snapshots of this fs yet. */
289362Smav	if (ds->ds_prev != NULL && ds->ds_prev->ds_dir == ds->ds_dir) {
289362Smav		dsl_dataset_rele(ds, FTAG);
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav
289362Smav	/*
289362Smav	 * Note: resume point will be checked when we process the first WRITE
289362Smav	 * record.
289362Smav	 */
289362Smav
289362Smav	/* check that the origin matches */
289362Smav	val = 0;
289362Smav	(void) zap_lookup(dp->dp_meta_objset, ds->ds_object,
289362Smav	    DS_FIELD_RESUME_FROMGUID, sizeof (val), 1, &val);
289362Smav	if (drrb->drr_fromguid != val) {
289362Smav		dsl_dataset_rele(ds, FTAG);
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav
289362Smav	dsl_dataset_rele(ds, FTAG);
289362Smav	return (0);
289362Smav}
289362Smav
289362Smavstatic void
289362Smavdmu_recv_resume_begin_sync(void *arg, dmu_tx_t *tx)
289362Smav{
289362Smav	dmu_recv_begin_arg_t *drba = arg;
289362Smav	dsl_pool_t *dp = dmu_tx_pool(tx);
289362Smav	const char *tofs = drba->drba_cookie->drc_tofs;
289362Smav	dsl_dataset_t *ds;
289362Smav	uint64_t dsobj;
307108Smav	/* 6 extra bytes for /%recv */
307108Smav	char recvname[ZFS_MAX_DATASET_NAME_LEN + 6];
289362Smav
289362Smav	(void) snprintf(recvname, sizeof (recvname), "%s/%s",
289362Smav	    tofs, recv_clone_name);
289362Smav
289362Smav	if (dsl_dataset_hold(dp, recvname, FTAG, &ds) != 0) {
289362Smav		/* %recv does not exist; continue in tofs */
289362Smav		VERIFY0(dsl_dataset_hold(dp, tofs, FTAG, &ds));
289362Smav		drba->drba_cookie->drc_newfs = B_TRUE;
289362Smav	}
289362Smav
289362Smav	/* clear the inconsistent flag so that we can own it */
289362Smav	ASSERT(DS_IS_INCONSISTENT(ds));
289362Smav	dmu_buf_will_dirty(ds->ds_dbuf, tx);
289362Smav	dsl_dataset_phys(ds)->ds_flags &= ~DS_FLAG_INCONSISTENT;
289362Smav	dsobj = ds->ds_object;
289362Smav	dsl_dataset_rele(ds, FTAG);
289362Smav
289362Smav	VERIFY0(dsl_dataset_own_obj(dp, dsobj, dmu_recv_tag, &ds));
289362Smav
289362Smav	dmu_buf_will_dirty(ds->ds_dbuf, tx);
289362Smav	dsl_dataset_phys(ds)->ds_flags |= DS_FLAG_INCONSISTENT;
289362Smav
308082Smav	rrw_enter(&ds->ds_bp_rwlock, RW_READER, FTAG);
289362Smav	ASSERT(!BP_IS_HOLE(dsl_dataset_get_blkptr(ds)));
308082Smav	rrw_exit(&ds->ds_bp_rwlock, FTAG);
289362Smav
289362Smav	drba->drba_cookie->drc_ds = ds;
289362Smav
289362Smav	spa_history_log_internal_ds(ds, "resume receive", tx, "");
289362Smav}
289362Smav
185029Spjd/*
185029Spjd * NB: callers *MUST* call dmu_recv_stream() if dmu_recv_begin()
185029Spjd * succeeds; otherwise we will leak the holds on the datasets.
185029Spjd */
185029Spjdint
289362Smavdmu_recv_begin(char *tofs, char *tosnap, dmu_replay_record_t *drr_begin,
289362Smav    boolean_t force, boolean_t resumable, char *origin, dmu_recv_cookie_t *drc)
168404Spjd{
248571Smm	dmu_recv_begin_arg_t drba = { 0 };
168404Spjd
185029Spjd	bzero(drc, sizeof (dmu_recv_cookie_t));
289362Smav	drc->drc_drr_begin = drr_begin;
289362Smav	drc->drc_drrb = &drr_begin->drr_u.drr_begin;
185029Spjd	drc->drc_tosnap = tosnap;
248571Smm	drc->drc_tofs = tofs;
185029Spjd	drc->drc_force = force;
289362Smav	drc->drc_resumable = resumable;
264835Sdelphij	drc->drc_cred = CRED();
168404Spjd
289362Smav	if (drc->drc_drrb->drr_magic == BSWAP_64(DMU_BACKUP_MAGIC)) {
248571Smm		drc->drc_byteswap = B_TRUE;
289362Smav		fletcher_4_incremental_byteswap(drr_begin,
248571Smm		    sizeof (dmu_replay_record_t), &drc->drc_cksum);
289362Smav		byteswap_record(drr_begin);
289362Smav	} else if (drc->drc_drrb->drr_magic == DMU_BACKUP_MAGIC) {
289362Smav		fletcher_4_incremental_native(drr_begin,
289362Smav		    sizeof (dmu_replay_record_t), &drc->drc_cksum);
248571Smm	} else {
289362Smav		return (SET_ERROR(EINVAL));
248571Smm	}
219089Spjd
248571Smm	drba.drba_origin = origin;
248571Smm	drba.drba_cookie = drc;
248571Smm	drba.drba_cred = CRED();
219089Spjd
289362Smav	if (DMU_GET_FEATUREFLAGS(drc->drc_drrb->drr_versioninfo) &
289362Smav	    DMU_BACKUP_FEATURE_RESUMING) {
289362Smav		return (dsl_sync_task(tofs,
289362Smav		    dmu_recv_resume_begin_check, dmu_recv_resume_begin_sync,
289362Smav		    &drba, 5, ZFS_SPACE_CHECK_NORMAL));
289362Smav	} else  {
289362Smav		return (dsl_sync_task(tofs,
289362Smav		    dmu_recv_begin_check, dmu_recv_begin_sync,
289362Smav		    &drba, 5, ZFS_SPACE_CHECK_NORMAL));
289362Smav	}
168404Spjd}
168404Spjd
286705Smavstruct receive_record_arg {
286705Smav	dmu_replay_record_t header;
286705Smav	void *payload; /* Pointer to a buffer containing the payload */
286705Smav	/*
286705Smav	 * If the record is a write, pointer to the arc_buf_t containing the
286705Smav	 * payload.
286705Smav	 */
286705Smav	arc_buf_t *write_buf;
286705Smav	int payload_size;
289362Smav	uint64_t bytes_read; /* bytes read from stream when record created */
286705Smav	boolean_t eos_marker; /* Marks the end of the stream */
286705Smav	bqueue_node_t node;
286705Smav};
286705Smav
286705Smavstruct receive_writer_arg {
286587Smav	objset_t *os;
286705Smav	boolean_t byteswap;
286705Smav	bqueue_t q;
289362Smav
286705Smav	/*
286705Smav	 * These three args are used to signal to the main thread that we're
286705Smav	 * done.
286705Smav	 */
286705Smav	kmutex_t mutex;
286705Smav	kcondvar_t cv;
286705Smav	boolean_t done;
289362Smav
185029Spjd	int err;
286705Smav	/* A map from guid to dataset to help handle dedup'd streams. */
286705Smav	avl_tree_t *guid_to_ds_map;
289362Smav	boolean_t resumable;
289362Smav	uint64_t last_object, last_offset;
289362Smav	uint64_t bytes_read; /* bytes read when current record created */
286705Smav};
286705Smav
294815Smavstruct objlist {
294815Smav	list_t list; /* List of struct receive_objnode. */
294815Smav	/*
294815Smav	 * Last object looked up. Used to assert that objects are being looked
294815Smav	 * up in ascending order.
294815Smav	 */
294815Smav	uint64_t last_lookup;
294815Smav};
294815Smav
294815Smavstruct receive_objnode {
294815Smav	list_node_t node;
294815Smav	uint64_t object;
294815Smav};
294815Smav
286705Smavstruct receive_arg  {
286705Smav	objset_t *os;
185029Spjd	kthread_t *td;
185029Spjd	struct file *fp;
286705Smav	uint64_t voff; /* The current offset in the stream */
289362Smav	uint64_t bytes_read;
286705Smav	/*
286705Smav	 * A record that has had its payload read in, but hasn't yet been handed
286705Smav	 * off to the worker thread.
286705Smav	 */
286705Smav	struct receive_record_arg *rrd;
286705Smav	/* A record that has had its header read in, but not its payload. */
286705Smav	struct receive_record_arg *next_rrd;
185029Spjd	zio_cksum_t cksum;
286587Smav	zio_cksum_t prev_cksum;
286705Smav	int err;
286705Smav	boolean_t byteswap;
286705Smav	/* Sorted list of objects not to issue prefetches for. */
294815Smav	struct objlist ignore_objlist;
286705Smav};
286587Smav
219089Spjdtypedef struct guid_map_entry {
219089Spjd	uint64_t	guid;
219089Spjd	dsl_dataset_t	*gme_ds;
219089Spjd	avl_node_t	avlnode;
219089Spjd} guid_map_entry_t;
219089Spjd
168404Spjdstatic int
219089Spjdguid_compare(const void *arg1, const void *arg2)
168404Spjd{
219089Spjd	const guid_map_entry_t *gmep1 = arg1;
219089Spjd	const guid_map_entry_t *gmep2 = arg2;
219089Spjd
219089Spjd	if (gmep1->guid < gmep2->guid)
219089Spjd		return (-1);
219089Spjd	else if (gmep1->guid > gmep2->guid)
219089Spjd		return (1);
219089Spjd	return (0);
219089Spjd}
219089Spjd
219089Spjdstatic void
219089Spjdfree_guid_map_onexit(void *arg)
219089Spjd{
219089Spjd	avl_tree_t *ca = arg;
219089Spjd	void *cookie = NULL;
219089Spjd	guid_map_entry_t *gmep;
219089Spjd
219089Spjd	while ((gmep = avl_destroy_nodes(ca, &cookie)) != NULL) {
248571Smm		dsl_dataset_long_rele(gmep->gme_ds, gmep);
249196Smm		dsl_dataset_rele(gmep->gme_ds, gmep);
219089Spjd		kmem_free(gmep, sizeof (guid_map_entry_t));
219089Spjd	}
219089Spjd	avl_destroy(ca);
219089Spjd	kmem_free(ca, sizeof (avl_tree_t));
219089Spjd}
219089Spjd
219089Spjdstatic int
286705Smavrestore_bytes(struct receive_arg *ra, void *buf, int len, off_t off, ssize_t *resid)
219089Spjd{
168404Spjd	struct uio auio;
168404Spjd	struct iovec aiov;
168404Spjd	int error;
168404Spjd
168404Spjd	aiov.iov_base = buf;
168404Spjd	aiov.iov_len = len;
168404Spjd	auio.uio_iov = &aiov;
168404Spjd	auio.uio_iovcnt = 1;
168404Spjd	auio.uio_resid = len;
169170Spjd	auio.uio_segflg = UIO_SYSSPACE;
168404Spjd	auio.uio_rw = UIO_READ;
168404Spjd	auio.uio_offset = off;
168404Spjd	auio.uio_td = ra->td;
168404Spjd#ifdef _KERNEL
168404Spjd	error = fo_read(ra->fp, &auio, ra->td->td_ucred, FOF_OFFSET, ra->td);
168404Spjd#else
168404Spjd	fprintf(stderr, "%s: returning EOPNOTSUPP\n", __func__);
168404Spjd	error = EOPNOTSUPP;
168404Spjd#endif
168404Spjd	*resid = auio.uio_resid;
168404Spjd	return (error);
168404Spjd}
168404Spjd
286587Smavstatic int
286705Smavreceive_read(struct receive_arg *ra, int len, void *buf)
168404Spjd{
185029Spjd	int done = 0;
168404Spjd
297509Smav	/*
297509Smav	 * The code doesn't rely on this (lengths being multiples of 8).  See
297509Smav	 * comment in dump_bytes.
297509Smav	 */
240415Smm	ASSERT0(len % 8);
168404Spjd
185029Spjd	while (done < len) {
219089Spjd		ssize_t resid;
168404Spjd
272601Sdelphij		ra->err = restore_bytes(ra, buf + done,
185029Spjd		    len - done, ra->voff, &resid);
168404Spjd
289362Smav		if (resid == len - done) {
289362Smav			/*
289362Smav			 * Note: ECKSUM indicates that the receive
289362Smav			 * was interrupted and can potentially be resumed.
289362Smav			 */
289362Smav			ra->err = SET_ERROR(ECKSUM);
289362Smav		}
185029Spjd		ra->voff += len - done - resid;
185029Spjd		done = len - resid;
248571Smm		if (ra->err != 0)
286587Smav			return (ra->err);
168404Spjd	}
168404Spjd
289362Smav	ra->bytes_read += len;
289362Smav
185029Spjd	ASSERT3U(done, ==, len);
286587Smav	return (0);
168404Spjd}
168404Spjd
168404Spjdstatic void
286587Smavbyteswap_record(dmu_replay_record_t *drr)
168404Spjd{
168404Spjd#define	DO64(X) (drr->drr_u.X = BSWAP_64(drr->drr_u.X))
168404Spjd#define	DO32(X) (drr->drr_u.X = BSWAP_32(drr->drr_u.X))
168404Spjd	drr->drr_type = BSWAP_32(drr->drr_type);
185029Spjd	drr->drr_payloadlen = BSWAP_32(drr->drr_payloadlen);
286587Smav
168404Spjd	switch (drr->drr_type) {
168404Spjd	case DRR_BEGIN:
168404Spjd		DO64(drr_begin.drr_magic);
219089Spjd		DO64(drr_begin.drr_versioninfo);
168404Spjd		DO64(drr_begin.drr_creation_time);
168404Spjd		DO32(drr_begin.drr_type);
185029Spjd		DO32(drr_begin.drr_flags);
168404Spjd		DO64(drr_begin.drr_toguid);
168404Spjd		DO64(drr_begin.drr_fromguid);
168404Spjd		break;
168404Spjd	case DRR_OBJECT:
168404Spjd		DO64(drr_object.drr_object);
168404Spjd		DO32(drr_object.drr_type);
168404Spjd		DO32(drr_object.drr_bonustype);
168404Spjd		DO32(drr_object.drr_blksz);
168404Spjd		DO32(drr_object.drr_bonuslen);
219089Spjd		DO64(drr_object.drr_toguid);
168404Spjd		break;
168404Spjd	case DRR_FREEOBJECTS:
168404Spjd		DO64(drr_freeobjects.drr_firstobj);
168404Spjd		DO64(drr_freeobjects.drr_numobjs);
219089Spjd		DO64(drr_freeobjects.drr_toguid);
168404Spjd		break;
168404Spjd	case DRR_WRITE:
168404Spjd		DO64(drr_write.drr_object);
168404Spjd		DO32(drr_write.drr_type);
168404Spjd		DO64(drr_write.drr_offset);
168404Spjd		DO64(drr_write.drr_length);
219089Spjd		DO64(drr_write.drr_toguid);
286587Smav		ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_write.drr_key.ddk_cksum);
219089Spjd		DO64(drr_write.drr_key.ddk_prop);
168404Spjd		break;
219089Spjd	case DRR_WRITE_BYREF:
219089Spjd		DO64(drr_write_byref.drr_object);
219089Spjd		DO64(drr_write_byref.drr_offset);
219089Spjd		DO64(drr_write_byref.drr_length);
219089Spjd		DO64(drr_write_byref.drr_toguid);
219089Spjd		DO64(drr_write_byref.drr_refguid);
219089Spjd		DO64(drr_write_byref.drr_refobject);
219089Spjd		DO64(drr_write_byref.drr_refoffset);
286587Smav		ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_write_byref.
286587Smav		    drr_key.ddk_cksum);
219089Spjd		DO64(drr_write_byref.drr_key.ddk_prop);
219089Spjd		break;
268075Sdelphij	case DRR_WRITE_EMBEDDED:
268075Sdelphij		DO64(drr_write_embedded.drr_object);
268075Sdelphij		DO64(drr_write_embedded.drr_offset);
268075Sdelphij		DO64(drr_write_embedded.drr_length);
268075Sdelphij		DO64(drr_write_embedded.drr_toguid);
268075Sdelphij		DO32(drr_write_embedded.drr_lsize);
268075Sdelphij		DO32(drr_write_embedded.drr_psize);
268075Sdelphij		break;
168404Spjd	case DRR_FREE:
168404Spjd		DO64(drr_free.drr_object);
168404Spjd		DO64(drr_free.drr_offset);
168404Spjd		DO64(drr_free.drr_length);
219089Spjd		DO64(drr_free.drr_toguid);
168404Spjd		break;
219089Spjd	case DRR_SPILL:
219089Spjd		DO64(drr_spill.drr_object);
219089Spjd		DO64(drr_spill.drr_length);
219089Spjd		DO64(drr_spill.drr_toguid);
219089Spjd		break;
168404Spjd	case DRR_END:
219089Spjd		DO64(drr_end.drr_toguid);
286587Smav		ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_end.drr_checksum);
168404Spjd		break;
168404Spjd	}
286587Smav
286587Smav	if (drr->drr_type != DRR_BEGIN) {
286587Smav		ZIO_CHECKSUM_BSWAP(&drr->drr_u.drr_checksum.drr_checksum);
286587Smav	}
286587Smav
168404Spjd#undef DO64
168404Spjd#undef DO32
168404Spjd}
168404Spjd
272810Sdelphijstatic inline uint8_t
272810Sdelphijdeduce_nblkptr(dmu_object_type_t bonus_type, uint64_t bonus_size)
272810Sdelphij{
272810Sdelphij	if (bonus_type == DMU_OT_SA) {
272810Sdelphij		return (1);
272810Sdelphij	} else {
272810Sdelphij		return (1 +
272810Sdelphij		    ((DN_MAX_BONUSLEN - bonus_size) >> SPA_BLKPTRSHIFT));
272810Sdelphij	}
272810Sdelphij}
272810Sdelphij
289362Smavstatic void
289362Smavsave_resume_state(struct receive_writer_arg *rwa,
289362Smav    uint64_t object, uint64_t offset, dmu_tx_t *tx)
289362Smav{
289362Smav	int txgoff = dmu_tx_get_txg(tx) & TXG_MASK;
289362Smav
289362Smav	if (!rwa->resumable)
289362Smav		return;
289362Smav
289362Smav	/*
289362Smav	 * We use ds_resume_bytes[] != 0 to indicate that we need to
289362Smav	 * update this on disk, so it must not be 0.
289362Smav	 */
289362Smav	ASSERT(rwa->bytes_read != 0);
289362Smav
289362Smav	/*
289362Smav	 * We only resume from write records, which have a valid
289362Smav	 * (non-meta-dnode) object number.
289362Smav	 */
289362Smav	ASSERT(object != 0);
289362Smav
289362Smav	/*
289362Smav	 * For resuming to work correctly, we must receive records in order,
289362Smav	 * sorted by object,offset.  This is checked by the callers, but
289362Smav	 * assert it here for good measure.
289362Smav	 */
289362Smav	ASSERT3U(object, >=, rwa->os->os_dsl_dataset->ds_resume_object[txgoff]);
289362Smav	ASSERT(object != rwa->os->os_dsl_dataset->ds_resume_object[txgoff] ||
289362Smav	    offset >= rwa->os->os_dsl_dataset->ds_resume_offset[txgoff]);
289362Smav	ASSERT3U(rwa->bytes_read, >=,
289362Smav	    rwa->os->os_dsl_dataset->ds_resume_bytes[txgoff]);
289362Smav
289362Smav	rwa->os->os_dsl_dataset->ds_resume_object[txgoff] = object;
289362Smav	rwa->os->os_dsl_dataset->ds_resume_offset[txgoff] = offset;
289362Smav	rwa->os->os_dsl_dataset->ds_resume_bytes[txgoff] = rwa->bytes_read;
289362Smav}
289362Smav
168404Spjdstatic int
286705Smavreceive_object(struct receive_writer_arg *rwa, struct drr_object *drro,
286705Smav    void *data)
168404Spjd{
272810Sdelphij	dmu_object_info_t doi;
168404Spjd	dmu_tx_t *tx;
272810Sdelphij	uint64_t object;
272810Sdelphij	int err;
168404Spjd
168404Spjd	if (drro->drr_type == DMU_OT_NONE ||
236884Smm	    !DMU_OT_IS_VALID(drro->drr_type) ||
236884Smm	    !DMU_OT_IS_VALID(drro->drr_bonustype) ||
219089Spjd	    drro->drr_checksumtype >= ZIO_CHECKSUM_FUNCTIONS ||
168404Spjd	    drro->drr_compress >= ZIO_COMPRESS_FUNCTIONS ||
168404Spjd	    P2PHASE(drro->drr_blksz, SPA_MINBLOCKSIZE) ||
168404Spjd	    drro->drr_blksz < SPA_MINBLOCKSIZE ||
286705Smav	    drro->drr_blksz > spa_maxblocksize(dmu_objset_spa(rwa->os)) ||
168404Spjd	    drro->drr_bonuslen > DN_MAX_BONUSLEN) {
249195Smm		return (SET_ERROR(EINVAL));
168404Spjd	}
168404Spjd
286705Smav	err = dmu_object_info(rwa->os, drro->drr_object, &doi);
168404Spjd
200726Sdelphij	if (err != 0 && err != ENOENT)
249195Smm		return (SET_ERROR(EINVAL));
272810Sdelphij	object = err == 0 ? drro->drr_object : DMU_NEW_OBJECT;
200726Sdelphij
272810Sdelphij	/*
272810Sdelphij	 * If we are losing blkptrs or changing the block size this must
272810Sdelphij	 * be a new file instance.  We must clear out the previous file
272810Sdelphij	 * contents before we can change this type of metadata in the dnode.
272810Sdelphij	 */
272810Sdelphij	if (err == 0) {
272810Sdelphij		int nblkptr;
272810Sdelphij
272810Sdelphij		nblkptr = deduce_nblkptr(drro->drr_bonustype,
272810Sdelphij		    drro->drr_bonuslen);
272810Sdelphij
272810Sdelphij		if (drro->drr_blksz != doi.doi_data_block_size ||
272810Sdelphij		    nblkptr < doi.doi_nblkptr) {
286705Smav			err = dmu_free_long_range(rwa->os, drro->drr_object,
272810Sdelphij			    0, DMU_OBJECT_END);
272810Sdelphij			if (err != 0)
272810Sdelphij				return (SET_ERROR(EINVAL));
272810Sdelphij		}
272810Sdelphij	}
272810Sdelphij
286705Smav	tx = dmu_tx_create(rwa->os);
272810Sdelphij	dmu_tx_hold_bonus(tx, object);
272810Sdelphij	err = dmu_tx_assign(tx, TXG_WAIT);
272810Sdelphij	if (err != 0) {
272810Sdelphij		dmu_tx_abort(tx);
272810Sdelphij		return (err);
272810Sdelphij	}
272810Sdelphij
272810Sdelphij	if (object == DMU_NEW_OBJECT) {
168404Spjd		/* currently free, want to be allocated */
286705Smav		err = dmu_object_claim(rwa->os, drro->drr_object,
168404Spjd		    drro->drr_type, drro->drr_blksz,
168404Spjd		    drro->drr_bonustype, drro->drr_bonuslen, tx);
272810Sdelphij	} else if (drro->drr_type != doi.doi_type ||
272810Sdelphij	    drro->drr_blksz != doi.doi_data_block_size ||
272810Sdelphij	    drro->drr_bonustype != doi.doi_bonus_type ||
272810Sdelphij	    drro->drr_bonuslen != doi.doi_bonus_size) {
272810Sdelphij		/* currently allocated, but with different properties */
286705Smav		err = dmu_object_reclaim(rwa->os, drro->drr_object,
168404Spjd		    drro->drr_type, drro->drr_blksz,
272810Sdelphij		    drro->drr_bonustype, drro->drr_bonuslen, tx);
168404Spjd	}
248571Smm	if (err != 0) {
272810Sdelphij		dmu_tx_commit(tx);
249195Smm		return (SET_ERROR(EINVAL));
219089Spjd	}
200726Sdelphij
286705Smav	dmu_object_set_checksum(rwa->os, drro->drr_object,
286587Smav	    drro->drr_checksumtype, tx);
286705Smav	dmu_object_set_compress(rwa->os, drro->drr_object,
286587Smav	    drro->drr_compress, tx);
168404Spjd
200727Sdelphij	if (data != NULL) {
168404Spjd		dmu_buf_t *db;
200727Sdelphij
286705Smav		VERIFY0(dmu_bonus_hold(rwa->os, drro->drr_object, FTAG, &db));
168404Spjd		dmu_buf_will_dirty(db, tx);
168404Spjd
185029Spjd		ASSERT3U(db->db_size, >=, drro->drr_bonuslen);
185029Spjd		bcopy(data, db->db_data, drro->drr_bonuslen);
286705Smav		if (rwa->byteswap) {
236884Smm			dmu_object_byteswap_t byteswap =
236884Smm			    DMU_OT_BYTESWAP(drro->drr_bonustype);
236884Smm			dmu_ot_byteswap[byteswap].ob_func(db->db_data,
168404Spjd			    drro->drr_bonuslen);
168404Spjd		}
168404Spjd		dmu_buf_rele(db, FTAG);
168404Spjd	}
168404Spjd	dmu_tx_commit(tx);
289362Smav
168404Spjd	return (0);
168404Spjd}
168404Spjd
168404Spjd/* ARGSUSED */
168404Spjdstatic int
286705Smavreceive_freeobjects(struct receive_writer_arg *rwa,
168404Spjd    struct drr_freeobjects *drrfo)
168404Spjd{
168404Spjd	uint64_t obj;
294815Smav	int next_err = 0;
168404Spjd
168404Spjd	if (drrfo->drr_firstobj + drrfo->drr_numobjs < drrfo->drr_firstobj)
249195Smm		return (SET_ERROR(EINVAL));
168404Spjd
168404Spjd	for (obj = drrfo->drr_firstobj;
294815Smav	    obj < drrfo->drr_firstobj + drrfo->drr_numobjs && next_err == 0;
294815Smav	    next_err = dmu_object_next(rwa->os, &obj, FALSE, 0)) {
168404Spjd		int err;
168404Spjd
286705Smav		if (dmu_object_info(rwa->os, obj, NULL) != 0)
168404Spjd			continue;
168404Spjd
286705Smav		err = dmu_free_long_object(rwa->os, obj);
248571Smm		if (err != 0)
168404Spjd			return (err);
168404Spjd	}
294815Smav	if (next_err != ESRCH)
294815Smav		return (next_err);
168404Spjd	return (0);
168404Spjd}
168404Spjd
168404Spjdstatic int
286705Smavreceive_write(struct receive_writer_arg *rwa, struct drr_write *drrw,
286705Smav    arc_buf_t *abuf)
168404Spjd{
168404Spjd	dmu_tx_t *tx;
168404Spjd	int err;
168404Spjd
168404Spjd	if (drrw->drr_offset + drrw->drr_length < drrw->drr_offset ||
236884Smm	    !DMU_OT_IS_VALID(drrw->drr_type))
249195Smm		return (SET_ERROR(EINVAL));
168404Spjd
289362Smav	/*
289362Smav	 * For resuming to work, records must be in increasing order
289362Smav	 * by (object, offset).
289362Smav	 */
289362Smav	if (drrw->drr_object < rwa->last_object ||
289362Smav	    (drrw->drr_object == rwa->last_object &&
289362Smav	    drrw->drr_offset < rwa->last_offset)) {
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav	rwa->last_object = drrw->drr_object;
289362Smav	rwa->last_offset = drrw->drr_offset;
289362Smav
286705Smav	if (dmu_object_info(rwa->os, drrw->drr_object, NULL) != 0)
249195Smm		return (SET_ERROR(EINVAL));
168404Spjd
286705Smav	tx = dmu_tx_create(rwa->os);
272601Sdelphij
168404Spjd	dmu_tx_hold_write(tx, drrw->drr_object,
168404Spjd	    drrw->drr_offset, drrw->drr_length);
168404Spjd	err = dmu_tx_assign(tx, TXG_WAIT);
248571Smm	if (err != 0) {
168404Spjd		dmu_tx_abort(tx);
168404Spjd		return (err);
168404Spjd	}
286705Smav	if (rwa->byteswap) {
236884Smm		dmu_object_byteswap_t byteswap =
236884Smm		    DMU_OT_BYTESWAP(drrw->drr_type);
286587Smav		dmu_ot_byteswap[byteswap].ob_func(abuf->b_data,
286587Smav		    drrw->drr_length);
236884Smm	}
286587Smav
286587Smav	dmu_buf_t *bonus;
286705Smav	if (dmu_bonus_hold(rwa->os, drrw->drr_object, FTAG, &bonus) != 0)
286587Smav		return (SET_ERROR(EINVAL));
272601Sdelphij	dmu_assign_arcbuf(bonus, drrw->drr_offset, abuf, tx);
289362Smav
289362Smav	/*
289362Smav	 * Note: If the receive fails, we want the resume stream to start
289362Smav	 * with the same record that we last successfully received (as opposed
289362Smav	 * to the next record), so that we can verify that we are
289362Smav	 * resuming from the correct location.
289362Smav	 */
289362Smav	save_resume_state(rwa, drrw->drr_object, drrw->drr_offset, tx);
168404Spjd	dmu_tx_commit(tx);
272601Sdelphij	dmu_buf_rele(bonus, FTAG);
289362Smav
168404Spjd	return (0);
168404Spjd}
168404Spjd
219089Spjd/*
219089Spjd * Handle a DRR_WRITE_BYREF record.  This record is used in dedup'ed
219089Spjd * streams to refer to a copy of the data that is already on the
219089Spjd * system because it came in earlier in the stream.  This function
219089Spjd * finds the earlier copy of the data, and uses that copy instead of
219089Spjd * data from the stream to fulfill this write.
219089Spjd */
219089Spjdstatic int
286705Smavreceive_write_byref(struct receive_writer_arg *rwa,
286705Smav    struct drr_write_byref *drrwbr)
219089Spjd{
219089Spjd	dmu_tx_t *tx;
219089Spjd	int err;
219089Spjd	guid_map_entry_t gmesrch;
219089Spjd	guid_map_entry_t *gmep;
268075Sdelphij	avl_index_t where;
219089Spjd	objset_t *ref_os = NULL;
219089Spjd	dmu_buf_t *dbp;
219089Spjd
219089Spjd	if (drrwbr->drr_offset + drrwbr->drr_length < drrwbr->drr_offset)
249195Smm		return (SET_ERROR(EINVAL));
219089Spjd
219089Spjd	/*
219089Spjd	 * If the GUID of the referenced dataset is different from the
219089Spjd	 * GUID of the target dataset, find the referenced dataset.
219089Spjd	 */
219089Spjd	if (drrwbr->drr_toguid != drrwbr->drr_refguid) {
219089Spjd		gmesrch.guid = drrwbr->drr_refguid;
286705Smav		if ((gmep = avl_find(rwa->guid_to_ds_map, &gmesrch,
219089Spjd		    &where)) == NULL) {
249195Smm			return (SET_ERROR(EINVAL));
219089Spjd		}
219089Spjd		if (dmu_objset_from_ds(gmep->gme_ds, &ref_os))
249195Smm			return (SET_ERROR(EINVAL));
219089Spjd	} else {
286705Smav		ref_os = rwa->os;
219089Spjd	}
219089Spjd
268075Sdelphij	err = dmu_buf_hold(ref_os, drrwbr->drr_refobject,
268075Sdelphij	    drrwbr->drr_refoffset, FTAG, &dbp, DMU_READ_PREFETCH);
268075Sdelphij	if (err != 0)
219089Spjd		return (err);
219089Spjd
286705Smav	tx = dmu_tx_create(rwa->os);
219089Spjd
219089Spjd	dmu_tx_hold_write(tx, drrwbr->drr_object,
219089Spjd	    drrwbr->drr_offset, drrwbr->drr_length);
219089Spjd	err = dmu_tx_assign(tx, TXG_WAIT);
248571Smm	if (err != 0) {
219089Spjd		dmu_tx_abort(tx);
219089Spjd		return (err);
219089Spjd	}
286705Smav	dmu_write(rwa->os, drrwbr->drr_object,
219089Spjd	    drrwbr->drr_offset, drrwbr->drr_length, dbp->db_data, tx);
219089Spjd	dmu_buf_rele(dbp, FTAG);
289362Smav
289362Smav	/* See comment in restore_write. */
289362Smav	save_resume_state(rwa, drrwbr->drr_object, drrwbr->drr_offset, tx);
219089Spjd	dmu_tx_commit(tx);
219089Spjd	return (0);
219089Spjd}
219089Spjd
219089Spjdstatic int
286705Smavreceive_write_embedded(struct receive_writer_arg *rwa,
289362Smav    struct drr_write_embedded *drrwe, void *data)
268075Sdelphij{
268075Sdelphij	dmu_tx_t *tx;
268075Sdelphij	int err;
268075Sdelphij
289362Smav	if (drrwe->drr_offset + drrwe->drr_length < drrwe->drr_offset)
268075Sdelphij		return (EINVAL);
268075Sdelphij
289362Smav	if (drrwe->drr_psize > BPE_PAYLOAD_SIZE)
268075Sdelphij		return (EINVAL);
268075Sdelphij
289362Smav	if (drrwe->drr_etype >= NUM_BP_EMBEDDED_TYPES)
268075Sdelphij		return (EINVAL);
289362Smav	if (drrwe->drr_compression >= ZIO_COMPRESS_FUNCTIONS)
268075Sdelphij		return (EINVAL);
268075Sdelphij
286705Smav	tx = dmu_tx_create(rwa->os);
268075Sdelphij
289362Smav	dmu_tx_hold_write(tx, drrwe->drr_object,
289362Smav	    drrwe->drr_offset, drrwe->drr_length);
268075Sdelphij	err = dmu_tx_assign(tx, TXG_WAIT);
268075Sdelphij	if (err != 0) {
268075Sdelphij		dmu_tx_abort(tx);
268075Sdelphij		return (err);
268075Sdelphij	}
268075Sdelphij
289362Smav	dmu_write_embedded(rwa->os, drrwe->drr_object,
289362Smav	    drrwe->drr_offset, data, drrwe->drr_etype,
289362Smav	    drrwe->drr_compression, drrwe->drr_lsize, drrwe->drr_psize,
286705Smav	    rwa->byteswap ^ ZFS_HOST_BYTEORDER, tx);
268075Sdelphij
289362Smav	/* See comment in restore_write. */
289362Smav	save_resume_state(rwa, drrwe->drr_object, drrwe->drr_offset, tx);
268075Sdelphij	dmu_tx_commit(tx);
268075Sdelphij	return (0);
268075Sdelphij}
268075Sdelphij
268075Sdelphijstatic int
286705Smavreceive_spill(struct receive_writer_arg *rwa, struct drr_spill *drrs,
286705Smav    void *data)
219089Spjd{
219089Spjd	dmu_tx_t *tx;
219089Spjd	dmu_buf_t *db, *db_spill;
219089Spjd	int err;
219089Spjd
219089Spjd	if (drrs->drr_length < SPA_MINBLOCKSIZE ||
286705Smav	    drrs->drr_length > spa_maxblocksize(dmu_objset_spa(rwa->os)))
249195Smm		return (SET_ERROR(EINVAL));
219089Spjd
286705Smav	if (dmu_object_info(rwa->os, drrs->drr_object, NULL) != 0)
249195Smm		return (SET_ERROR(EINVAL));
219089Spjd
286705Smav	VERIFY0(dmu_bonus_hold(rwa->os, drrs->drr_object, FTAG, &db));
219089Spjd	if ((err = dmu_spill_hold_by_bonus(db, FTAG, &db_spill)) != 0) {
219089Spjd		dmu_buf_rele(db, FTAG);
219089Spjd		return (err);
219089Spjd	}
219089Spjd
286705Smav	tx = dmu_tx_create(rwa->os);
219089Spjd
219089Spjd	dmu_tx_hold_spill(tx, db->db_object);
219089Spjd
219089Spjd	err = dmu_tx_assign(tx, TXG_WAIT);
248571Smm	if (err != 0) {
219089Spjd		dmu_buf_rele(db, FTAG);
219089Spjd		dmu_buf_rele(db_spill, FTAG);
219089Spjd		dmu_tx_abort(tx);
219089Spjd		return (err);
219089Spjd	}
219089Spjd	dmu_buf_will_dirty(db_spill, tx);
219089Spjd
219089Spjd	if (db_spill->db_size < drrs->drr_length)
219089Spjd		VERIFY(0 == dbuf_spill_set_blksz(db_spill,
219089Spjd		    drrs->drr_length, tx));
219089Spjd	bcopy(data, db_spill->db_data, drrs->drr_length);
219089Spjd
219089Spjd	dmu_buf_rele(db, FTAG);
219089Spjd	dmu_buf_rele(db_spill, FTAG);
219089Spjd
219089Spjd	dmu_tx_commit(tx);
219089Spjd	return (0);
219089Spjd}
219089Spjd
168404Spjd/* ARGSUSED */
168404Spjdstatic int
286705Smavreceive_free(struct receive_writer_arg *rwa, struct drr_free *drrf)
168404Spjd{
168404Spjd	int err;
168404Spjd
168404Spjd	if (drrf->drr_length != -1ULL &&
168404Spjd	    drrf->drr_offset + drrf->drr_length < drrf->drr_offset)
249195Smm		return (SET_ERROR(EINVAL));
168404Spjd
286705Smav	if (dmu_object_info(rwa->os, drrf->drr_object, NULL) != 0)
249195Smm		return (SET_ERROR(EINVAL));
168404Spjd
286705Smav	err = dmu_free_long_range(rwa->os, drrf->drr_object,
168404Spjd	    drrf->drr_offset, drrf->drr_length);
286705Smav
168404Spjd	return (err);
168404Spjd}
168404Spjd
248571Smm/* used to destroy the drc_ds on error */
248571Smmstatic void
248571Smmdmu_recv_cleanup_ds(dmu_recv_cookie_t *drc)
248571Smm{
289362Smav	if (drc->drc_resumable) {
289362Smav		/* wait for our resume state to be written to disk */
289362Smav		txg_wait_synced(drc->drc_ds->ds_dir->dd_pool, 0);
289362Smav		dsl_dataset_disown(drc->drc_ds, dmu_recv_tag);
289362Smav	} else {
307108Smav		char name[ZFS_MAX_DATASET_NAME_LEN];
289362Smav		dsl_dataset_name(drc->drc_ds, name);
289362Smav		dsl_dataset_disown(drc->drc_ds, dmu_recv_tag);
289362Smav		(void) dsl_destroy_head(name);
289362Smav	}
248571Smm}
248571Smm
286587Smavstatic void
286705Smavreceive_cksum(struct receive_arg *ra, int len, void *buf)
286587Smav{
286587Smav	if (ra->byteswap) {
286587Smav		fletcher_4_incremental_byteswap(buf, len, &ra->cksum);
286587Smav	} else {
286587Smav		fletcher_4_incremental_native(buf, len, &ra->cksum);
286587Smav	}
286587Smav}
286587Smav
185029Spjd/*
286705Smav * Read the payload into a buffer of size len, and update the current record's
286705Smav * payload field.
286705Smav * Allocate ra->next_rrd and read the next record's header into
286705Smav * ra->next_rrd->header.
286587Smav * Verify checksum of payload and next record.
286587Smav */
286587Smavstatic int
286705Smavreceive_read_payload_and_next_header(struct receive_arg *ra, int len, void *buf)
286587Smav{
286587Smav	int err;
286587Smav
286587Smav	if (len != 0) {
286705Smav		ASSERT3U(len, <=, SPA_MAXBLOCKSIZE);
289362Smav		err = receive_read(ra, len, buf);
286587Smav		if (err != 0)
286587Smav			return (err);
289362Smav		receive_cksum(ra, len, buf);
289362Smav
289362Smav		/* note: rrd is NULL when reading the begin record's payload */
289362Smav		if (ra->rrd != NULL) {
289362Smav			ra->rrd->payload = buf;
289362Smav			ra->rrd->payload_size = len;
289362Smav			ra->rrd->bytes_read = ra->bytes_read;
289362Smav		}
286587Smav	}
286587Smav
286587Smav	ra->prev_cksum = ra->cksum;
286587Smav
286705Smav	ra->next_rrd = kmem_zalloc(sizeof (*ra->next_rrd), KM_SLEEP);
286705Smav	err = receive_read(ra, sizeof (ra->next_rrd->header),
286705Smav	    &ra->next_rrd->header);
289362Smav	ra->next_rrd->bytes_read = ra->bytes_read;
286705Smav	if (err != 0) {
286705Smav		kmem_free(ra->next_rrd, sizeof (*ra->next_rrd));
286705Smav		ra->next_rrd = NULL;
286587Smav		return (err);
286705Smav	}
286705Smav	if (ra->next_rrd->header.drr_type == DRR_BEGIN) {
286705Smav		kmem_free(ra->next_rrd, sizeof (*ra->next_rrd));
286705Smav		ra->next_rrd = NULL;
286587Smav		return (SET_ERROR(EINVAL));
286705Smav	}
286587Smav
286587Smav	/*
286587Smav	 * Note: checksum is of everything up to but not including the
286587Smav	 * checksum itself.
286587Smav	 */
286587Smav	ASSERT3U(offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
286587Smav	    ==, sizeof (dmu_replay_record_t) - sizeof (zio_cksum_t));
286705Smav	receive_cksum(ra,
286587Smav	    offsetof(dmu_replay_record_t, drr_u.drr_checksum.drr_checksum),
286705Smav	    &ra->next_rrd->header);
286587Smav
286705Smav	zio_cksum_t cksum_orig =
286705Smav	    ra->next_rrd->header.drr_u.drr_checksum.drr_checksum;
286705Smav	zio_cksum_t *cksump =
286705Smav	    &ra->next_rrd->header.drr_u.drr_checksum.drr_checksum;
286587Smav
286587Smav	if (ra->byteswap)
286705Smav		byteswap_record(&ra->next_rrd->header);
286587Smav
286587Smav	if ((!ZIO_CHECKSUM_IS_ZERO(cksump)) &&
286705Smav	    !ZIO_CHECKSUM_EQUAL(ra->cksum, *cksump)) {
286705Smav		kmem_free(ra->next_rrd, sizeof (*ra->next_rrd));
286705Smav		ra->next_rrd = NULL;
286587Smav		return (SET_ERROR(ECKSUM));
286705Smav	}
286587Smav
286705Smav	receive_cksum(ra, sizeof (cksum_orig), &cksum_orig);
286587Smav
286587Smav	return (0);
286587Smav}
286587Smav
294815Smavstatic void
294815Smavobjlist_create(struct objlist *list)
294815Smav{
294815Smav	list_create(&list->list, sizeof (struct receive_objnode),
294815Smav	    offsetof(struct receive_objnode, node));
294815Smav	list->last_lookup = 0;
294815Smav}
294815Smav
294815Smavstatic void
294815Smavobjlist_destroy(struct objlist *list)
294815Smav{
294815Smav	for (struct receive_objnode *n = list_remove_head(&list->list);
294815Smav	    n != NULL; n = list_remove_head(&list->list)) {
294815Smav		kmem_free(n, sizeof (*n));
294815Smav	}
294815Smav	list_destroy(&list->list);
294815Smav}
294815Smav
286705Smav/*
294815Smav * This function looks through the objlist to see if the specified object number
294815Smav * is contained in the objlist.  In the process, it will remove all object
294815Smav * numbers in the list that are smaller than the specified object number.  Thus,
294815Smav * any lookup of an object number smaller than a previously looked up object
294815Smav * number will always return false; therefore, all lookups should be done in
294815Smav * ascending order.
294815Smav */
294815Smavstatic boolean_t
294815Smavobjlist_exists(struct objlist *list, uint64_t object)
294815Smav{
294815Smav	struct receive_objnode *node = list_head(&list->list);
294815Smav	ASSERT3U(object, >=, list->last_lookup);
294815Smav	list->last_lookup = object;
294815Smav	while (node != NULL && node->object < object) {
294815Smav		VERIFY3P(node, ==, list_remove_head(&list->list));
294815Smav		kmem_free(node, sizeof (*node));
294815Smav		node = list_head(&list->list);
294815Smav	}
294815Smav	return (node != NULL && node->object == object);
294815Smav}
294815Smav
294815Smav/*
294815Smav * The objlist is a list of object numbers stored in ascending order.  However,
294815Smav * the insertion of new object numbers does not seek out the correct location to
294815Smav * store a new object number; instead, it appends it to the list for simplicity.
294815Smav * Thus, any users must take care to only insert new object numbers in ascending
294815Smav * order.
294815Smav */
294815Smavstatic void
294815Smavobjlist_insert(struct objlist *list, uint64_t object)
294815Smav{
294815Smav	struct receive_objnode *node = kmem_zalloc(sizeof (*node), KM_SLEEP);
294815Smav	node->object = object;
294815Smav#ifdef ZFS_DEBUG
294815Smav	struct receive_objnode *last_object = list_tail(&list->list);
294815Smav	uint64_t last_objnum = (last_object != NULL ? last_object->object : 0);
294815Smav	ASSERT3U(node->object, >, last_objnum);
294815Smav#endif
294815Smav	list_insert_tail(&list->list, node);
294815Smav}
294815Smav
294815Smav/*
286705Smav * Issue the prefetch reads for any necessary indirect blocks.
286705Smav *
286705Smav * We use the object ignore list to tell us whether or not to issue prefetches
286705Smav * for a given object.  We do this for both correctness (in case the blocksize
286705Smav * of an object has changed) and performance (if the object doesn't exist, don't
286705Smav * needlessly try to issue prefetches).  We also trim the list as we go through
286705Smav * the stream to prevent it from growing to an unbounded size.
286705Smav *
286705Smav * The object numbers within will always be in sorted order, and any write
286705Smav * records we see will also be in sorted order, but they're not sorted with
286705Smav * respect to each other (i.e. we can get several object records before
286705Smav * receiving each object's write records).  As a result, once we've reached a
286705Smav * given object number, we can safely remove any reference to lower object
286705Smav * numbers in the ignore list. In practice, we receive up to 32 object records
286705Smav * before receiving write records, so the list can have up to 32 nodes in it.
286705Smav */
286705Smav/* ARGSUSED */
286705Smavstatic void
286705Smavreceive_read_prefetch(struct receive_arg *ra,
286705Smav    uint64_t object, uint64_t offset, uint64_t length)
286705Smav{
294815Smav	if (!objlist_exists(&ra->ignore_objlist, object)) {
286705Smav		dmu_prefetch(ra->os, object, 1, offset, length,
286705Smav		    ZIO_PRIORITY_SYNC_READ);
286705Smav	}
286705Smav}
286705Smav
286705Smav/*
286705Smav * Read records off the stream, issuing any necessary prefetches.
286705Smav */
286587Smavstatic int
286705Smavreceive_read_record(struct receive_arg *ra)
286587Smav{
286587Smav	int err;
286587Smav
286705Smav	switch (ra->rrd->header.drr_type) {
286587Smav	case DRR_OBJECT:
286587Smav	{
286705Smav		struct drr_object *drro = &ra->rrd->header.drr_u.drr_object;
286705Smav		uint32_t size = P2ROUNDUP(drro->drr_bonuslen, 8);
286705Smav		void *buf = kmem_zalloc(size, KM_SLEEP);
286705Smav		dmu_object_info_t doi;
286705Smav		err = receive_read_payload_and_next_header(ra, size, buf);
286705Smav		if (err != 0) {
286705Smav			kmem_free(buf, size);
286587Smav			return (err);
286705Smav		}
286705Smav		err = dmu_object_info(ra->os, drro->drr_object, &doi);
286705Smav		/*
286705Smav		 * See receive_read_prefetch for an explanation why we're
286705Smav		 * storing this object in the ignore_obj_list.
286705Smav		 */
286705Smav		if (err == ENOENT ||
286705Smav		    (err == 0 && doi.doi_data_block_size != drro->drr_blksz)) {
294815Smav			objlist_insert(&ra->ignore_objlist, drro->drr_object);
286705Smav			err = 0;
286705Smav		}
286705Smav		return (err);
286587Smav	}
286587Smav	case DRR_FREEOBJECTS:
286587Smav	{
286705Smav		err = receive_read_payload_and_next_header(ra, 0, NULL);
286705Smav		return (err);
286587Smav	}
286587Smav	case DRR_WRITE:
286587Smav	{
286705Smav		struct drr_write *drrw = &ra->rrd->header.drr_u.drr_write;
286587Smav		arc_buf_t *abuf = arc_loan_buf(dmu_objset_spa(ra->os),
286587Smav		    drrw->drr_length);
286587Smav
286705Smav		err = receive_read_payload_and_next_header(ra,
286587Smav		    drrw->drr_length, abuf->b_data);
286705Smav		if (err != 0) {
286705Smav			dmu_return_arcbuf(abuf);
286587Smav			return (err);
286705Smav		}
286705Smav		ra->rrd->write_buf = abuf;
286705Smav		receive_read_prefetch(ra, drrw->drr_object, drrw->drr_offset,
286705Smav		    drrw->drr_length);
286587Smav		return (err);
286587Smav	}
286587Smav	case DRR_WRITE_BYREF:
286587Smav	{
286705Smav		struct drr_write_byref *drrwb =
286705Smav		    &ra->rrd->header.drr_u.drr_write_byref;
286705Smav		err = receive_read_payload_and_next_header(ra, 0, NULL);
286705Smav		receive_read_prefetch(ra, drrwb->drr_object, drrwb->drr_offset,
286705Smav		    drrwb->drr_length);
286705Smav		return (err);
286587Smav	}
286587Smav	case DRR_WRITE_EMBEDDED:
286587Smav	{
286587Smav		struct drr_write_embedded *drrwe =
286705Smav		    &ra->rrd->header.drr_u.drr_write_embedded;
286705Smav		uint32_t size = P2ROUNDUP(drrwe->drr_psize, 8);
286705Smav		void *buf = kmem_zalloc(size, KM_SLEEP);
286705Smav
286705Smav		err = receive_read_payload_and_next_header(ra, size, buf);
286705Smav		if (err != 0) {
286705Smav			kmem_free(buf, size);
286587Smav			return (err);
286705Smav		}
286705Smav
286705Smav		receive_read_prefetch(ra, drrwe->drr_object, drrwe->drr_offset,
286705Smav		    drrwe->drr_length);
286705Smav		return (err);
286587Smav	}
286587Smav	case DRR_FREE:
286587Smav	{
286705Smav		/*
286705Smav		 * It might be beneficial to prefetch indirect blocks here, but
286705Smav		 * we don't really have the data to decide for sure.
286705Smav		 */
286705Smav		err = receive_read_payload_and_next_header(ra, 0, NULL);
286705Smav		return (err);
286587Smav	}
286587Smav	case DRR_END:
286587Smav	{
286705Smav		struct drr_end *drre = &ra->rrd->header.drr_u.drr_end;
286587Smav		if (!ZIO_CHECKSUM_EQUAL(ra->prev_cksum, drre->drr_checksum))
289362Smav			return (SET_ERROR(ECKSUM));
286587Smav		return (0);
286587Smav	}
286587Smav	case DRR_SPILL:
286587Smav	{
286705Smav		struct drr_spill *drrs = &ra->rrd->header.drr_u.drr_spill;
286705Smav		void *buf = kmem_zalloc(drrs->drr_length, KM_SLEEP);
286705Smav		err = receive_read_payload_and_next_header(ra, drrs->drr_length,
286705Smav		    buf);
286587Smav		if (err != 0)
286705Smav			kmem_free(buf, drrs->drr_length);
286705Smav		return (err);
286587Smav	}
286587Smav	default:
286587Smav		return (SET_ERROR(EINVAL));
286587Smav	}
286587Smav}
286587Smav
286587Smav/*
286705Smav * Commit the records to the pool.
286705Smav */
286705Smavstatic int
286705Smavreceive_process_record(struct receive_writer_arg *rwa,
286705Smav    struct receive_record_arg *rrd)
286705Smav{
286705Smav	int err;
286705Smav
289362Smav	/* Processing in order, therefore bytes_read should be increasing. */
289362Smav	ASSERT3U(rrd->bytes_read, >=, rwa->bytes_read);
289362Smav	rwa->bytes_read = rrd->bytes_read;
289362Smav
286705Smav	switch (rrd->header.drr_type) {
286705Smav	case DRR_OBJECT:
286705Smav	{
286705Smav		struct drr_object *drro = &rrd->header.drr_u.drr_object;
286705Smav		err = receive_object(rwa, drro, rrd->payload);
286705Smav		kmem_free(rrd->payload, rrd->payload_size);
286705Smav		rrd->payload = NULL;
286705Smav		return (err);
286705Smav	}
286705Smav	case DRR_FREEOBJECTS:
286705Smav	{
286705Smav		struct drr_freeobjects *drrfo =
286705Smav		    &rrd->header.drr_u.drr_freeobjects;
286705Smav		return (receive_freeobjects(rwa, drrfo));
286705Smav	}
286705Smav	case DRR_WRITE:
286705Smav	{
286705Smav		struct drr_write *drrw = &rrd->header.drr_u.drr_write;
286705Smav		err = receive_write(rwa, drrw, rrd->write_buf);
286705Smav		/* if receive_write() is successful, it consumes the arc_buf */
286705Smav		if (err != 0)
286705Smav			dmu_return_arcbuf(rrd->write_buf);
286705Smav		rrd->write_buf = NULL;
286705Smav		rrd->payload = NULL;
286705Smav		return (err);
286705Smav	}
286705Smav	case DRR_WRITE_BYREF:
286705Smav	{
286705Smav		struct drr_write_byref *drrwbr =
286705Smav		    &rrd->header.drr_u.drr_write_byref;
286705Smav		return (receive_write_byref(rwa, drrwbr));
286705Smav	}
286705Smav	case DRR_WRITE_EMBEDDED:
286705Smav	{
286705Smav		struct drr_write_embedded *drrwe =
286705Smav		    &rrd->header.drr_u.drr_write_embedded;
286705Smav		err = receive_write_embedded(rwa, drrwe, rrd->payload);
286705Smav		kmem_free(rrd->payload, rrd->payload_size);
286705Smav		rrd->payload = NULL;
286705Smav		return (err);
286705Smav	}
286705Smav	case DRR_FREE:
286705Smav	{
286705Smav		struct drr_free *drrf = &rrd->header.drr_u.drr_free;
286705Smav		return (receive_free(rwa, drrf));
286705Smav	}
286705Smav	case DRR_SPILL:
286705Smav	{
286705Smav		struct drr_spill *drrs = &rrd->header.drr_u.drr_spill;
286705Smav		err = receive_spill(rwa, drrs, rrd->payload);
286705Smav		kmem_free(rrd->payload, rrd->payload_size);
286705Smav		rrd->payload = NULL;
286705Smav		return (err);
286705Smav	}
286705Smav	default:
286705Smav		return (SET_ERROR(EINVAL));
286705Smav	}
286705Smav}
286705Smav
286705Smav/*
286705Smav * dmu_recv_stream's worker thread; pull records off the queue, and then call
286705Smav * receive_process_record  When we're done, signal the main thread and exit.
286705Smav */
286705Smavstatic void
286705Smavreceive_writer_thread(void *arg)
286705Smav{
286705Smav	struct receive_writer_arg *rwa = arg;
286705Smav	struct receive_record_arg *rrd;
286705Smav	for (rrd = bqueue_dequeue(&rwa->q); !rrd->eos_marker;
286705Smav	    rrd = bqueue_dequeue(&rwa->q)) {
286705Smav		/*
286705Smav		 * If there's an error, the main thread will stop putting things
286705Smav		 * on the queue, but we need to clear everything in it before we
286705Smav		 * can exit.
286705Smav		 */
286705Smav		if (rwa->err == 0) {
286705Smav			rwa->err = receive_process_record(rwa, rrd);
286705Smav		} else if (rrd->write_buf != NULL) {
286705Smav			dmu_return_arcbuf(rrd->write_buf);
286705Smav			rrd->write_buf = NULL;
286705Smav			rrd->payload = NULL;
286705Smav		} else if (rrd->payload != NULL) {
286705Smav			kmem_free(rrd->payload, rrd->payload_size);
286705Smav			rrd->payload = NULL;
286705Smav		}
286705Smav		kmem_free(rrd, sizeof (*rrd));
286705Smav	}
286705Smav	kmem_free(rrd, sizeof (*rrd));
286705Smav	mutex_enter(&rwa->mutex);
286705Smav	rwa->done = B_TRUE;
286705Smav	cv_signal(&rwa->cv);
286705Smav	mutex_exit(&rwa->mutex);
286705Smav	thread_exit();
286705Smav}
286705Smav
289362Smavstatic int
289362Smavresume_check(struct receive_arg *ra, nvlist_t *begin_nvl)
289362Smav{
289362Smav	uint64_t val;
289362Smav	objset_t *mos = dmu_objset_pool(ra->os)->dp_meta_objset;
289362Smav	uint64_t dsobj = dmu_objset_id(ra->os);
289362Smav	uint64_t resume_obj, resume_off;
289362Smav
289362Smav	if (nvlist_lookup_uint64(begin_nvl,
289362Smav	    "resume_object", &resume_obj) != 0 ||
289362Smav	    nvlist_lookup_uint64(begin_nvl,
289362Smav	    "resume_offset", &resume_off) != 0) {
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	}
289362Smav	VERIFY0(zap_lookup(mos, dsobj,
289362Smav	    DS_FIELD_RESUME_OBJECT, sizeof (val), 1, &val));
289362Smav	if (resume_obj != val)
289362Smav		return (SET_ERROR(EINVAL));
289362Smav	VERIFY0(zap_lookup(mos, dsobj,
289362Smav	    DS_FIELD_RESUME_OFFSET, sizeof (val), 1, &val));
289362Smav	if (resume_off != val)
289362Smav		return (SET_ERROR(EINVAL));
289362Smav
289362Smav	return (0);
289362Smav}
289362Smav
286705Smav/*
286705Smav * Read in the stream's records, one by one, and apply them to the pool.  There
286705Smav * are two threads involved; the thread that calls this function will spin up a
286705Smav * worker thread, read the records off the stream one by one, and issue
286705Smav * prefetches for any necessary indirect blocks.  It will then push the records
286705Smav * onto an internal blocking queue.  The worker thread will pull the records off
286705Smav * the queue, and actually write the data into the DMU.  This way, the worker
286705Smav * thread doesn't have to wait for reads to complete, since everything it needs
286705Smav * (the indirect blocks) will be prefetched.
286705Smav *
185029Spjd * NB: callers *must* call dmu_recv_end() if this succeeds.
185029Spjd */
168404Spjdint
219089Spjddmu_recv_stream(dmu_recv_cookie_t *drc, struct file *fp, offset_t *voffp,
219089Spjd    int cleanup_fd, uint64_t *action_handlep)
168404Spjd{
286587Smav	int err = 0;
286705Smav	struct receive_arg ra = { 0 };
286705Smav	struct receive_writer_arg rwa = { 0 };
219089Spjd	int featureflags;
289362Smav	nvlist_t *begin_nvl = NULL;
168404Spjd
248571Smm	ra.byteswap = drc->drc_byteswap;
248571Smm	ra.cksum = drc->drc_cksum;
219089Spjd	ra.td = curthread;
185029Spjd	ra.fp = fp;
185029Spjd	ra.voff = *voffp;
289362Smav
289362Smav	if (dsl_dataset_is_zapified(drc->drc_ds)) {
289362Smav		(void) zap_lookup(drc->drc_ds->ds_dir->dd_pool->dp_meta_objset,
289362Smav		    drc->drc_ds->ds_object, DS_FIELD_RESUME_BYTES,
289362Smav		    sizeof (ra.bytes_read), 1, &ra.bytes_read);
289362Smav	}
289362Smav
294815Smav	objlist_create(&ra.ignore_objlist);
168404Spjd
185029Spjd	/* these were verified in dmu_recv_begin */
248571Smm	ASSERT3U(DMU_GET_STREAM_HDRTYPE(drc->drc_drrb->drr_versioninfo), ==,
219089Spjd	    DMU_SUBSTREAM);
248571Smm	ASSERT3U(drc->drc_drrb->drr_type, <, DMU_OST_NUMTYPES);
168404Spjd
168404Spjd	/*
168404Spjd	 * Open the objset we are modifying.
168404Spjd	 */
286587Smav	VERIFY0(dmu_objset_from_ds(drc->drc_ds, &ra.os));
168404Spjd
275782Sdelphij	ASSERT(dsl_dataset_phys(drc->drc_ds)->ds_flags & DS_FLAG_INCONSISTENT);
168404Spjd
219089Spjd	featureflags = DMU_GET_FEATUREFLAGS(drc->drc_drrb->drr_versioninfo);
219089Spjd
219089Spjd	/* if this stream is dedup'ed, set up the avl tree for guid mapping */
219089Spjd	if (featureflags & DMU_BACKUP_FEATURE_DEDUP) {
219089Spjd		minor_t minor;
219089Spjd
219089Spjd		if (cleanup_fd == -1) {
249195Smm			ra.err = SET_ERROR(EBADF);
219089Spjd			goto out;
219089Spjd		}
219089Spjd		ra.err = zfs_onexit_fd_hold(cleanup_fd, &minor);
248571Smm		if (ra.err != 0) {
219089Spjd			cleanup_fd = -1;
219089Spjd			goto out;
219089Spjd		}
219089Spjd
219089Spjd		if (*action_handlep == 0) {
286705Smav			rwa.guid_to_ds_map =
219089Spjd			    kmem_alloc(sizeof (avl_tree_t), KM_SLEEP);
286705Smav			avl_create(rwa.guid_to_ds_map, guid_compare,
219089Spjd			    sizeof (guid_map_entry_t),
219089Spjd			    offsetof(guid_map_entry_t, avlnode));
286587Smav			err = zfs_onexit_add_cb(minor,
286705Smav			    free_guid_map_onexit, rwa.guid_to_ds_map,
219089Spjd			    action_handlep);
248571Smm			if (ra.err != 0)
219089Spjd				goto out;
219089Spjd		} else {
286587Smav			err = zfs_onexit_cb_data(minor, *action_handlep,
286705Smav			    (void **)&rwa.guid_to_ds_map);
248571Smm			if (ra.err != 0)
219089Spjd				goto out;
219089Spjd		}
221263Smm
286705Smav		drc->drc_guid_to_ds_map = rwa.guid_to_ds_map;
219089Spjd	}
219089Spjd
289362Smav	uint32_t payloadlen = drc->drc_drr_begin->drr_payloadlen;
289362Smav	void *payload = NULL;
289362Smav	if (payloadlen != 0)
289362Smav		payload = kmem_alloc(payloadlen, KM_SLEEP);
289362Smav
289362Smav	err = receive_read_payload_and_next_header(&ra, payloadlen, payload);
289362Smav	if (err != 0) {
289362Smav		if (payloadlen != 0)
289362Smav			kmem_free(payload, payloadlen);
286587Smav		goto out;
289362Smav	}
289362Smav	if (payloadlen != 0) {
289362Smav		err = nvlist_unpack(payload, payloadlen, &begin_nvl, KM_SLEEP);
289362Smav		kmem_free(payload, payloadlen);
289362Smav		if (err != 0)
289362Smav			goto out;
289362Smav	}
286587Smav
289362Smav	if (featureflags & DMU_BACKUP_FEATURE_RESUMING) {
289362Smav		err = resume_check(&ra, begin_nvl);
289362Smav		if (err != 0)
289362Smav			goto out;
289362Smav	}
289362Smav
286705Smav	(void) bqueue_init(&rwa.q, zfs_recv_queue_length,
286705Smav	    offsetof(struct receive_record_arg, node));
286705Smav	cv_init(&rwa.cv, NULL, CV_DEFAULT, NULL);
286705Smav	mutex_init(&rwa.mutex, NULL, MUTEX_DEFAULT, NULL);
286705Smav	rwa.os = ra.os;
286705Smav	rwa.byteswap = drc->drc_byteswap;
289362Smav	rwa.resumable = drc->drc_resumable;
286705Smav
287280Sdelphij	(void) thread_create(NULL, 0, receive_writer_thread, &rwa, 0, &p0,
286705Smav	    TS_RUN, minclsyspri);
286705Smav	/*
286705Smav	 * We're reading rwa.err without locks, which is safe since we are the
286705Smav	 * only reader, and the worker thread is the only writer.  It's ok if we
286705Smav	 * miss a write for an iteration or two of the loop, since the writer
286705Smav	 * thread will keep freeing records we send it until we send it an eos
286705Smav	 * marker.
286705Smav	 *
286705Smav	 * We can leave this loop in 3 ways:  First, if rwa.err is
286705Smav	 * non-zero.  In that case, the writer thread will free the rrd we just
286705Smav	 * pushed.  Second, if  we're interrupted; in that case, either it's the
286705Smav	 * first loop and ra.rrd was never allocated, or it's later, and ra.rrd
286705Smav	 * has been handed off to the writer thread who will free it.  Finally,
286705Smav	 * if receive_read_record fails or we're at the end of the stream, then
286705Smav	 * we free ra.rrd and exit.
286705Smav	 */
286705Smav	while (rwa.err == 0) {
185029Spjd		if (issig(JUSTLOOKING) && issig(FORREAL)) {
286587Smav			err = SET_ERROR(EINTR);
286587Smav			break;
168404Spjd		}
168404Spjd
286705Smav		ASSERT3P(ra.rrd, ==, NULL);
286705Smav		ra.rrd = ra.next_rrd;
286705Smav		ra.next_rrd = NULL;
286705Smav		/* Allocates and loads header into ra.next_rrd */
286705Smav		err = receive_read_record(&ra);
168404Spjd
286705Smav		if (ra.rrd->header.drr_type == DRR_END || err != 0) {
286705Smav			kmem_free(ra.rrd, sizeof (*ra.rrd));
286705Smav			ra.rrd = NULL;
168404Spjd			break;
286705Smav		}
286705Smav
286705Smav		bqueue_enqueue(&rwa.q, ra.rrd,
286705Smav		    sizeof (struct receive_record_arg) + ra.rrd->payload_size);
286705Smav		ra.rrd = NULL;
168404Spjd	}
286705Smav	if (ra.next_rrd == NULL)
286705Smav		ra.next_rrd = kmem_zalloc(sizeof (*ra.next_rrd), KM_SLEEP);
286705Smav	ra.next_rrd->eos_marker = B_TRUE;
286705Smav	bqueue_enqueue(&rwa.q, ra.next_rrd, 1);
168404Spjd
286705Smav	mutex_enter(&rwa.mutex);
286705Smav	while (!rwa.done) {
286705Smav		cv_wait(&rwa.cv, &rwa.mutex);
286705Smav	}
286705Smav	mutex_exit(&rwa.mutex);
286705Smav
286705Smav	cv_destroy(&rwa.cv);
286705Smav	mutex_destroy(&rwa.mutex);
286705Smav	bqueue_destroy(&rwa.q);
286705Smav	if (err == 0)
286705Smav		err = rwa.err;
286705Smav
168404Spjdout:
289362Smav	nvlist_free(begin_nvl);
219089Spjd	if ((featureflags & DMU_BACKUP_FEATURE_DEDUP) && (cleanup_fd != -1))
219089Spjd		zfs_onexit_fd_rele(cleanup_fd);
168404Spjd
286587Smav	if (err != 0) {
168404Spjd		/*
289362Smav		 * Clean up references. If receive is not resumable,
289362Smav		 * destroy what we created, so we don't leave it in
289362Smav		 * the inconsistent state.
168404Spjd		 */
248571Smm		dmu_recv_cleanup_ds(drc);
168404Spjd	}
168404Spjd
185029Spjd	*voffp = ra.voff;
294815Smav	objlist_destroy(&ra.ignore_objlist);
286587Smav	return (err);
168404Spjd}
185029Spjd
185029Spjdstatic int
248571Smmdmu_recv_end_check(void *arg, dmu_tx_t *tx)
185029Spjd{
248571Smm	dmu_recv_cookie_t *drc = arg;
248571Smm	dsl_pool_t *dp = dmu_tx_pool(tx);
248571Smm	int error;
185029Spjd
248571Smm	ASSERT3P(drc->drc_ds->ds_owner, ==, dmu_recv_tag);
248571Smm
248571Smm	if (!drc->drc_newfs) {
248571Smm		dsl_dataset_t *origin_head;
248571Smm
248571Smm		error = dsl_dataset_hold(dp, drc->drc_tofs, FTAG, &origin_head);
248571Smm		if (error != 0)
248571Smm			return (error);
253820Sdelphij		if (drc->drc_force) {
253820Sdelphij			/*
253820Sdelphij			 * We will destroy any snapshots in tofs (i.e. before
253820Sdelphij			 * origin_head) that are after the origin (which is
253820Sdelphij			 * the snap before drc_ds, because drc_ds can not
253820Sdelphij			 * have any snaps of its own).
253820Sdelphij			 */
275782Sdelphij			uint64_t obj;
275782Sdelphij
275782Sdelphij			obj = dsl_dataset_phys(origin_head)->ds_prev_snap_obj;
275782Sdelphij			while (obj !=
275782Sdelphij			    dsl_dataset_phys(drc->drc_ds)->ds_prev_snap_obj) {
253820Sdelphij				dsl_dataset_t *snap;
253820Sdelphij				error = dsl_dataset_hold_obj(dp, obj, FTAG,
253820Sdelphij				    &snap);
253820Sdelphij				if (error != 0)
282473Savg					break;
253820Sdelphij				if (snap->ds_dir != origin_head->ds_dir)
253820Sdelphij					error = SET_ERROR(EINVAL);
253820Sdelphij				if (error == 0)  {
253820Sdelphij					error = dsl_destroy_snapshot_check_impl(
253820Sdelphij					    snap, B_FALSE);
253820Sdelphij				}
275782Sdelphij				obj = dsl_dataset_phys(snap)->ds_prev_snap_obj;
253820Sdelphij				dsl_dataset_rele(snap, FTAG);
253820Sdelphij				if (error != 0)
282473Savg					break;
253820Sdelphij			}
282473Savg			if (error != 0) {
282473Savg				dsl_dataset_rele(origin_head, FTAG);
282473Savg				return (error);
282473Savg			}
253820Sdelphij		}
248571Smm		error = dsl_dataset_clone_swap_check_impl(drc->drc_ds,
253816Sdelphij		    origin_head, drc->drc_force, drc->drc_owner, tx);
248571Smm		if (error != 0) {
248571Smm			dsl_dataset_rele(origin_head, FTAG);
248571Smm			return (error);
248571Smm		}
248571Smm		error = dsl_dataset_snapshot_check_impl(origin_head,
264835Sdelphij		    drc->drc_tosnap, tx, B_TRUE, 1, drc->drc_cred);
248571Smm		dsl_dataset_rele(origin_head, FTAG);
248571Smm		if (error != 0)
248571Smm			return (error);
248571Smm
248571Smm		error = dsl_destroy_head_check_impl(drc->drc_ds, 1);
248571Smm	} else {
248571Smm		error = dsl_dataset_snapshot_check_impl(drc->drc_ds,
264835Sdelphij		    drc->drc_tosnap, tx, B_TRUE, 1, drc->drc_cred);
248571Smm	}
248571Smm	return (error);
185029Spjd}
185029Spjd
185029Spjdstatic void
248571Smmdmu_recv_end_sync(void *arg, dmu_tx_t *tx)
185029Spjd{
248571Smm	dmu_recv_cookie_t *drc = arg;
248571Smm	dsl_pool_t *dp = dmu_tx_pool(tx);
185029Spjd
248571Smm	spa_history_log_internal_ds(drc->drc_ds, "finish receiving",
248571Smm	    tx, "snap=%s", drc->drc_tosnap);
185029Spjd
248571Smm	if (!drc->drc_newfs) {
248571Smm		dsl_dataset_t *origin_head;
185029Spjd
248571Smm		VERIFY0(dsl_dataset_hold(dp, drc->drc_tofs, FTAG,
248571Smm		    &origin_head));
253820Sdelphij
253820Sdelphij		if (drc->drc_force) {
253820Sdelphij			/*
253820Sdelphij			 * Destroy any snapshots of drc_tofs (origin_head)
253820Sdelphij			 * after the origin (the snap before drc_ds).
253820Sdelphij			 */
275782Sdelphij			uint64_t obj;
275782Sdelphij
275782Sdelphij			obj = dsl_dataset_phys(origin_head)->ds_prev_snap_obj;
275782Sdelphij			while (obj !=
275782Sdelphij			    dsl_dataset_phys(drc->drc_ds)->ds_prev_snap_obj) {
253820Sdelphij				dsl_dataset_t *snap;
253820Sdelphij				VERIFY0(dsl_dataset_hold_obj(dp, obj, FTAG,
253820Sdelphij				    &snap));
253820Sdelphij				ASSERT3P(snap->ds_dir, ==, origin_head->ds_dir);
275782Sdelphij				obj = dsl_dataset_phys(snap)->ds_prev_snap_obj;
253820Sdelphij				dsl_destroy_snapshot_sync_impl(snap,
253820Sdelphij				    B_FALSE, tx);
253820Sdelphij				dsl_dataset_rele(snap, FTAG);
253820Sdelphij			}
253820Sdelphij		}
253820Sdelphij		VERIFY3P(drc->drc_ds->ds_prev, ==,
253820Sdelphij		    origin_head->ds_prev);
253820Sdelphij
248571Smm		dsl_dataset_clone_swap_sync_impl(drc->drc_ds,
248571Smm		    origin_head, tx);
248571Smm		dsl_dataset_snapshot_sync_impl(origin_head,
248571Smm		    drc->drc_tosnap, tx);
248571Smm
248571Smm		/* set snapshot's creation time and guid */
248571Smm		dmu_buf_will_dirty(origin_head->ds_prev->ds_dbuf, tx);
275782Sdelphij		dsl_dataset_phys(origin_head->ds_prev)->ds_creation_time =
248571Smm		    drc->drc_drrb->drr_creation_time;
275782Sdelphij		dsl_dataset_phys(origin_head->ds_prev)->ds_guid =
248571Smm		    drc->drc_drrb->drr_toguid;
275782Sdelphij		dsl_dataset_phys(origin_head->ds_prev)->ds_flags &=
248571Smm		    ~DS_FLAG_INCONSISTENT;
248571Smm
248571Smm		dmu_buf_will_dirty(origin_head->ds_dbuf, tx);
275782Sdelphij		dsl_dataset_phys(origin_head)->ds_flags &=
275782Sdelphij		    ~DS_FLAG_INCONSISTENT;
248571Smm
307288Smav		drc->drc_newsnapobj =
307288Smav		    dsl_dataset_phys(origin_head)->ds_prev_snap_obj;
307288Smav
248571Smm		dsl_dataset_rele(origin_head, FTAG);
248571Smm		dsl_destroy_head_sync_impl(drc->drc_ds, tx);
253816Sdelphij
253816Sdelphij		if (drc->drc_owner != NULL)
253816Sdelphij			VERIFY3P(origin_head->ds_owner, ==, drc->drc_owner);
248571Smm	} else {
248571Smm		dsl_dataset_t *ds = drc->drc_ds;
248571Smm
248571Smm		dsl_dataset_snapshot_sync_impl(ds, drc->drc_tosnap, tx);
248571Smm
248571Smm		/* set snapshot's creation time and guid */
248571Smm		dmu_buf_will_dirty(ds->ds_prev->ds_dbuf, tx);
275782Sdelphij		dsl_dataset_phys(ds->ds_prev)->ds_creation_time =
248571Smm		    drc->drc_drrb->drr_creation_time;
275782Sdelphij		dsl_dataset_phys(ds->ds_prev)->ds_guid =
275782Sdelphij		    drc->drc_drrb->drr_toguid;
275782Sdelphij		dsl_dataset_phys(ds->ds_prev)->ds_flags &=
275782Sdelphij		    ~DS_FLAG_INCONSISTENT;
248571Smm
248571Smm		dmu_buf_will_dirty(ds->ds_dbuf, tx);
275782Sdelphij		dsl_dataset_phys(ds)->ds_flags &= ~DS_FLAG_INCONSISTENT;
289362Smav		if (dsl_dataset_has_resume_receive_state(ds)) {
289362Smav			(void) zap_remove(dp->dp_meta_objset, ds->ds_object,
289362Smav			    DS_FIELD_RESUME_FROMGUID, tx);
289362Smav			(void) zap_remove(dp->dp_meta_objset, ds->ds_object,
289362Smav			    DS_FIELD_RESUME_OBJECT, tx);
289362Smav			(void) zap_remove(dp->dp_meta_objset, ds->ds_object,
289362Smav			    DS_FIELD_RESUME_OFFSET, tx);
289362Smav			(void) zap_remove(dp->dp_meta_objset, ds->ds_object,
289362Smav			    DS_FIELD_RESUME_BYTES, tx);
289362Smav			(void) zap_remove(dp->dp_meta_objset, ds->ds_object,
289362Smav			    DS_FIELD_RESUME_TOGUID, tx);
289362Smav			(void) zap_remove(dp->dp_meta_objset, ds->ds_object,
289362Smav			    DS_FIELD_RESUME_TONAME, tx);
289362Smav		}
307288Smav		drc->drc_newsnapobj =
307288Smav		    dsl_dataset_phys(drc->drc_ds)->ds_prev_snap_obj;
248571Smm	}
248571Smm	/*
248571Smm	 * Release the hold from dmu_recv_begin.  This must be done before
248571Smm	 * we return to open context, so that when we free the dataset's dnode,
248571Smm	 * we can evict its bonus buffer.
248571Smm	 */
248571Smm	dsl_dataset_disown(drc->drc_ds, dmu_recv_tag);
248571Smm	drc->drc_ds = NULL;
185029Spjd}
185029Spjd
219089Spjdstatic int
248571Smmadd_ds_to_guidmap(const char *name, avl_tree_t *guid_map, uint64_t snapobj)
221263Smm{
248571Smm	dsl_pool_t *dp;
221263Smm	dsl_dataset_t *snapds;
221263Smm	guid_map_entry_t *gmep;
221263Smm	int err;
221263Smm
221263Smm	ASSERT(guid_map != NULL);
221263Smm
248571Smm	err = dsl_pool_hold(name, FTAG, &dp);
248571Smm	if (err != 0)
248571Smm		return (err);
249356Smm	gmep = kmem_alloc(sizeof (*gmep), KM_SLEEP);
249196Smm	err = dsl_dataset_hold_obj(dp, snapobj, gmep, &snapds);
221263Smm	if (err == 0) {
275782Sdelphij		gmep->guid = dsl_dataset_phys(snapds)->ds_guid;
221263Smm		gmep->gme_ds = snapds;
221263Smm		avl_add(guid_map, gmep);
248571Smm		dsl_dataset_long_hold(snapds, gmep);
249196Smm	} else
249356Smm		kmem_free(gmep, sizeof (*gmep));
221263Smm
248571Smm	dsl_pool_rele(dp, FTAG);
221263Smm	return (err);
221263Smm}
221263Smm
248571Smmstatic int dmu_recv_end_modified_blocks = 3;
248571Smm
221263Smmstatic int
219089Spjddmu_recv_existing_end(dmu_recv_cookie_t *drc)
185029Spjd{
248571Smm#ifdef _KERNEL
248571Smm	/*
248571Smm	 * We will be destroying the ds; make sure its origin is unmounted if
248571Smm	 * necessary.
248571Smm	 */
307108Smav	char name[ZFS_MAX_DATASET_NAME_LEN];
248571Smm	dsl_dataset_name(drc->drc_ds, name);
248571Smm	zfs_destroy_unmount_origin(name);
248571Smm#endif
185029Spjd
307288Smav	return (dsl_sync_task(drc->drc_tofs,
248571Smm	    dmu_recv_end_check, dmu_recv_end_sync, drc,
307288Smav	    dmu_recv_end_modified_blocks, ZFS_SPACE_CHECK_NORMAL));
185029Spjd}
219089Spjd
219089Spjdstatic int
219089Spjddmu_recv_new_end(dmu_recv_cookie_t *drc)
219089Spjd{
307288Smav	return (dsl_sync_task(drc->drc_tofs,
307288Smav	    dmu_recv_end_check, dmu_recv_end_sync, drc,
307288Smav	    dmu_recv_end_modified_blocks, ZFS_SPACE_CHECK_NORMAL));
307288Smav}
307288Smav
307288Smavint
307288Smavdmu_recv_end(dmu_recv_cookie_t *drc, void *owner)
307288Smav{
248571Smm	int error;
219089Spjd
307288Smav	drc->drc_owner = owner;
219089Spjd
307288Smav	if (drc->drc_newfs)
307288Smav		error = dmu_recv_new_end(drc);
307288Smav	else
307288Smav		error = dmu_recv_existing_end(drc);
307288Smav
248571Smm	if (error != 0) {
248571Smm		dmu_recv_cleanup_ds(drc);
248571Smm	} else if (drc->drc_guid_to_ds_map != NULL) {
248571Smm		(void) add_ds_to_guidmap(drc->drc_tofs,
248571Smm		    drc->drc_guid_to_ds_map,
248571Smm		    drc->drc_newsnapobj);
219089Spjd	}
248571Smm	return (error);
219089Spjd}
219089Spjd
253821Sdelphij/*
253821Sdelphij * Return TRUE if this objset is currently being received into.
253821Sdelphij */
253821Sdelphijboolean_t
253821Sdelphijdmu_objset_is_receiving(objset_t *os)
253821Sdelphij{
253821Sdelphij	return (os->os_dsl_dataset != NULL &&
253821Sdelphij	    os->os_dsl_dataset->ds_owner == dmu_recv_tag);
253821Sdelphij}