1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2013 by Delphix. All rights reserved.
24 * Copyright (c) 2013 Martin Matuska. All rights reserved.
25 */
26
27#include <sys/dmu.h>
28#include <sys/dmu_objset.h>
29#include <sys/dmu_tx.h>
30#include <sys/dsl_dataset.h>
31#include <sys/dsl_dir.h>
32#include <sys/dsl_prop.h>
33#include <sys/dsl_synctask.h>
34#include <sys/dsl_deleg.h>
35#include <sys/dmu_impl.h>
36#include <sys/spa.h>
37#include <sys/metaslab.h>
38#include <sys/zap.h>
39#include <sys/zio.h>
40#include <sys/arc.h>
41#include <sys/sunddi.h>
42#include "zfs_namecheck.h"
43
44static uint64_t dsl_dir_space_towrite(dsl_dir_t *dd);
45
46/* ARGSUSED */
47static void
48dsl_dir_evict(dmu_buf_t *db, void *arg)
49{
50	dsl_dir_t *dd = arg;
51	dsl_pool_t *dp = dd->dd_pool;
52	int t;
53
54	for (t = 0; t < TXG_SIZE; t++) {
55		ASSERT(!txg_list_member(&dp->dp_dirty_dirs, dd, t));
56		ASSERT(dd->dd_tempreserved[t] == 0);
57		ASSERT(dd->dd_space_towrite[t] == 0);
58	}
59
60	if (dd->dd_parent)
61		dsl_dir_rele(dd->dd_parent, dd);
62
63	spa_close(dd->dd_pool->dp_spa, dd);
64
65	/*
66	 * The props callback list should have been cleaned up by
67	 * objset_evict().
68	 */
69	list_destroy(&dd->dd_prop_cbs);
70	mutex_destroy(&dd->dd_lock);
71	kmem_free(dd, sizeof (dsl_dir_t));
72}
73
74int
75dsl_dir_hold_obj(dsl_pool_t *dp, uint64_t ddobj,
76    const char *tail, void *tag, dsl_dir_t **ddp)
77{
78	dmu_buf_t *dbuf;
79	dsl_dir_t *dd;
80	int err;
81
82	ASSERT(dsl_pool_config_held(dp));
83
84	err = dmu_bonus_hold(dp->dp_meta_objset, ddobj, tag, &dbuf);
85	if (err != 0)
86		return (err);
87	dd = dmu_buf_get_user(dbuf);
88#ifdef ZFS_DEBUG
89	{
90		dmu_object_info_t doi;
91		dmu_object_info_from_db(dbuf, &doi);
92		ASSERT3U(doi.doi_bonus_type, ==, DMU_OT_DSL_DIR);
93		ASSERT3U(doi.doi_bonus_size, >=, sizeof (dsl_dir_phys_t));
94	}
95#endif
96	if (dd == NULL) {
97		dsl_dir_t *winner;
98
99		dd = kmem_zalloc(sizeof (dsl_dir_t), KM_SLEEP);
100		dd->dd_object = ddobj;
101		dd->dd_dbuf = dbuf;
102		dd->dd_pool = dp;
103		dd->dd_phys = dbuf->db_data;
104		mutex_init(&dd->dd_lock, NULL, MUTEX_DEFAULT, NULL);
105
106		list_create(&dd->dd_prop_cbs, sizeof (dsl_prop_cb_record_t),
107		    offsetof(dsl_prop_cb_record_t, cbr_node));
108
109		dsl_dir_snap_cmtime_update(dd);
110
111		if (dd->dd_phys->dd_parent_obj) {
112			err = dsl_dir_hold_obj(dp, dd->dd_phys->dd_parent_obj,
113			    NULL, dd, &dd->dd_parent);
114			if (err != 0)
115				goto errout;
116			if (tail) {
117#ifdef ZFS_DEBUG
118				uint64_t foundobj;
119
120				err = zap_lookup(dp->dp_meta_objset,
121				    dd->dd_parent->dd_phys->dd_child_dir_zapobj,
122				    tail, sizeof (foundobj), 1, &foundobj);
123				ASSERT(err || foundobj == ddobj);
124#endif
125				(void) strcpy(dd->dd_myname, tail);
126			} else {
127				err = zap_value_search(dp->dp_meta_objset,
128				    dd->dd_parent->dd_phys->dd_child_dir_zapobj,
129				    ddobj, 0, dd->dd_myname);
130			}
131			if (err != 0)
132				goto errout;
133		} else {
134			(void) strcpy(dd->dd_myname, spa_name(dp->dp_spa));
135		}
136
137		if (dsl_dir_is_clone(dd)) {
138			dmu_buf_t *origin_bonus;
139			dsl_dataset_phys_t *origin_phys;
140
141			/*
142			 * We can't open the origin dataset, because
143			 * that would require opening this dsl_dir.
144			 * Just look at its phys directly instead.
145			 */
146			err = dmu_bonus_hold(dp->dp_meta_objset,
147			    dd->dd_phys->dd_origin_obj, FTAG, &origin_bonus);
148			if (err != 0)
149				goto errout;
150			origin_phys = origin_bonus->db_data;
151			dd->dd_origin_txg =
152			    origin_phys->ds_creation_txg;
153			dmu_buf_rele(origin_bonus, FTAG);
154		}
155
156		winner = dmu_buf_set_user_ie(dbuf, dd, &dd->dd_phys,
157		    dsl_dir_evict);
158		if (winner) {
159			if (dd->dd_parent)
160				dsl_dir_rele(dd->dd_parent, dd);
161			mutex_destroy(&dd->dd_lock);
162			kmem_free(dd, sizeof (dsl_dir_t));
163			dd = winner;
164		} else {
165			spa_open_ref(dp->dp_spa, dd);
166		}
167	}
168
169	/*
170	 * The dsl_dir_t has both open-to-close and instantiate-to-evict
171	 * holds on the spa.  We need the open-to-close holds because
172	 * otherwise the spa_refcnt wouldn't change when we open a
173	 * dir which the spa also has open, so we could incorrectly
174	 * think it was OK to unload/export/destroy the pool.  We need
175	 * the instantiate-to-evict hold because the dsl_dir_t has a
176	 * pointer to the dd_pool, which has a pointer to the spa_t.
177	 */
178	spa_open_ref(dp->dp_spa, tag);
179	ASSERT3P(dd->dd_pool, ==, dp);
180	ASSERT3U(dd->dd_object, ==, ddobj);
181	ASSERT3P(dd->dd_dbuf, ==, dbuf);
182	*ddp = dd;
183	return (0);
184
185errout:
186	if (dd->dd_parent)
187		dsl_dir_rele(dd->dd_parent, dd);
188	mutex_destroy(&dd->dd_lock);
189	kmem_free(dd, sizeof (dsl_dir_t));
190	dmu_buf_rele(dbuf, tag);
191	return (err);
192}
193
194void
195dsl_dir_rele(dsl_dir_t *dd, void *tag)
196{
197	dprintf_dd(dd, "%s\n", "");
198	spa_close(dd->dd_pool->dp_spa, tag);
199	dmu_buf_rele(dd->dd_dbuf, tag);
200}
201
202/* buf must be long enough (MAXNAMELEN + strlen(MOS_DIR_NAME) + 1 should do) */
203void
204dsl_dir_name(dsl_dir_t *dd, char *buf)
205{
206	if (dd->dd_parent) {
207		dsl_dir_name(dd->dd_parent, buf);
208		(void) strcat(buf, "/");
209	} else {
210		buf[0] = '\0';
211	}
212	if (!MUTEX_HELD(&dd->dd_lock)) {
213		/*
214		 * recursive mutex so that we can use
215		 * dprintf_dd() with dd_lock held
216		 */
217		mutex_enter(&dd->dd_lock);
218		(void) strcat(buf, dd->dd_myname);
219		mutex_exit(&dd->dd_lock);
220	} else {
221		(void) strcat(buf, dd->dd_myname);
222	}
223}
224
225/* Calculate name length, avoiding all the strcat calls of dsl_dir_name */
226int
227dsl_dir_namelen(dsl_dir_t *dd)
228{
229	int result = 0;
230
231	if (dd->dd_parent) {
232		/* parent's name + 1 for the "/" */
233		result = dsl_dir_namelen(dd->dd_parent) + 1;
234	}
235
236	if (!MUTEX_HELD(&dd->dd_lock)) {
237		/* see dsl_dir_name */
238		mutex_enter(&dd->dd_lock);
239		result += strlen(dd->dd_myname);
240		mutex_exit(&dd->dd_lock);
241	} else {
242		result += strlen(dd->dd_myname);
243	}
244
245	return (result);
246}
247
248static int
249getcomponent(const char *path, char *component, const char **nextp)
250{
251	char *p;
252
253	if ((path == NULL) || (path[0] == '\0'))
254		return (SET_ERROR(ENOENT));
255	/* This would be a good place to reserve some namespace... */
256	p = strpbrk(path, "/@");
257	if (p && (p[1] == '/' || p[1] == '@')) {
258		/* two separators in a row */
259		return (SET_ERROR(EINVAL));
260	}
261	if (p == NULL || p == path) {
262		/*
263		 * if the first thing is an @ or /, it had better be an
264		 * @ and it had better not have any more ats or slashes,
265		 * and it had better have something after the @.
266		 */
267		if (p != NULL &&
268		    (p[0] != '@' || strpbrk(path+1, "/@") || p[1] == '\0'))
269			return (SET_ERROR(EINVAL));
270		if (strlen(path) >= MAXNAMELEN)
271			return (SET_ERROR(ENAMETOOLONG));
272		(void) strcpy(component, path);
273		p = NULL;
274	} else if (p[0] == '/') {
275		if (p - path >= MAXNAMELEN)
276			return (SET_ERROR(ENAMETOOLONG));
277		(void) strncpy(component, path, p - path);
278		component[p - path] = '\0';
279		p++;
280	} else if (p[0] == '@') {
281		/*
282		 * if the next separator is an @, there better not be
283		 * any more slashes.
284		 */
285		if (strchr(path, '/'))
286			return (SET_ERROR(EINVAL));
287		if (p - path >= MAXNAMELEN)
288			return (SET_ERROR(ENAMETOOLONG));
289		(void) strncpy(component, path, p - path);
290		component[p - path] = '\0';
291	} else {
292		panic("invalid p=%p", (void *)p);
293	}
294	*nextp = p;
295	return (0);
296}
297
298/*
299 * Return the dsl_dir_t, and possibly the last component which couldn't
300 * be found in *tail.  The name must be in the specified dsl_pool_t.  This
301 * thread must hold the dp_config_rwlock for the pool.  Returns NULL if the
302 * path is bogus, or if tail==NULL and we couldn't parse the whole name.
303 * (*tail)[0] == '@' means that the last component is a snapshot.
304 */
305int
306dsl_dir_hold(dsl_pool_t *dp, const char *name, void *tag,
307    dsl_dir_t **ddp, const char **tailp)
308{
309	char buf[MAXNAMELEN];
310	const char *spaname, *next, *nextnext = NULL;
311	int err;
312	dsl_dir_t *dd;
313	uint64_t ddobj;
314
315	err = getcomponent(name, buf, &next);
316	if (err != 0)
317		return (err);
318
319	/* Make sure the name is in the specified pool. */
320	spaname = spa_name(dp->dp_spa);
321	if (strcmp(buf, spaname) != 0)
322		return (SET_ERROR(EINVAL));
323
324	ASSERT(dsl_pool_config_held(dp));
325
326	err = dsl_dir_hold_obj(dp, dp->dp_root_dir_obj, NULL, tag, &dd);
327	if (err != 0) {
328		return (err);
329	}
330
331	while (next != NULL) {
332		dsl_dir_t *child_ds;
333		err = getcomponent(next, buf, &nextnext);
334		if (err != 0)
335			break;
336		ASSERT(next[0] != '\0');
337		if (next[0] == '@')
338			break;
339		dprintf("looking up %s in obj%lld\n",
340		    buf, dd->dd_phys->dd_child_dir_zapobj);
341
342		err = zap_lookup(dp->dp_meta_objset,
343		    dd->dd_phys->dd_child_dir_zapobj,
344		    buf, sizeof (ddobj), 1, &ddobj);
345		if (err != 0) {
346			if (err == ENOENT)
347				err = 0;
348			break;
349		}
350
351		err = dsl_dir_hold_obj(dp, ddobj, buf, tag, &child_ds);
352		if (err != 0)
353			break;
354		dsl_dir_rele(dd, tag);
355		dd = child_ds;
356		next = nextnext;
357	}
358
359	if (err != 0) {
360		dsl_dir_rele(dd, tag);
361		return (err);
362	}
363
364	/*
365	 * It's an error if there's more than one component left, or
366	 * tailp==NULL and there's any component left.
367	 */
368	if (next != NULL &&
369	    (tailp == NULL || (nextnext && nextnext[0] != '\0'))) {
370		/* bad path name */
371		dsl_dir_rele(dd, tag);
372		dprintf("next=%p (%s) tail=%p\n", next, next?next:"", tailp);
373		err = SET_ERROR(ENOENT);
374	}
375	if (tailp != NULL)
376		*tailp = next;
377	*ddp = dd;
378	return (err);
379}
380
381uint64_t
382dsl_dir_create_sync(dsl_pool_t *dp, dsl_dir_t *pds, const char *name,
383    dmu_tx_t *tx)
384{
385	objset_t *mos = dp->dp_meta_objset;
386	uint64_t ddobj;
387	dsl_dir_phys_t *ddphys;
388	dmu_buf_t *dbuf;
389
390	ddobj = dmu_object_alloc(mos, DMU_OT_DSL_DIR, 0,
391	    DMU_OT_DSL_DIR, sizeof (dsl_dir_phys_t), tx);
392	if (pds) {
393		VERIFY(0 == zap_add(mos, pds->dd_phys->dd_child_dir_zapobj,
394		    name, sizeof (uint64_t), 1, &ddobj, tx));
395	} else {
396		/* it's the root dir */
397		VERIFY(0 == zap_add(mos, DMU_POOL_DIRECTORY_OBJECT,
398		    DMU_POOL_ROOT_DATASET, sizeof (uint64_t), 1, &ddobj, tx));
399	}
400	VERIFY(0 == dmu_bonus_hold(mos, ddobj, FTAG, &dbuf));
401	dmu_buf_will_dirty(dbuf, tx);
402	ddphys = dbuf->db_data;
403
404	ddphys->dd_creation_time = gethrestime_sec();
405	if (pds)
406		ddphys->dd_parent_obj = pds->dd_object;
407	ddphys->dd_props_zapobj = zap_create(mos,
408	    DMU_OT_DSL_PROPS, DMU_OT_NONE, 0, tx);
409	ddphys->dd_child_dir_zapobj = zap_create(mos,
410	    DMU_OT_DSL_DIR_CHILD_MAP, DMU_OT_NONE, 0, tx);
411	if (spa_version(dp->dp_spa) >= SPA_VERSION_USED_BREAKDOWN)
412		ddphys->dd_flags |= DD_FLAG_USED_BREAKDOWN;
413	dmu_buf_rele(dbuf, FTAG);
414
415	return (ddobj);
416}
417
418boolean_t
419dsl_dir_is_clone(dsl_dir_t *dd)
420{
421	return (dd->dd_phys->dd_origin_obj &&
422	    (dd->dd_pool->dp_origin_snap == NULL ||
423	    dd->dd_phys->dd_origin_obj !=
424	    dd->dd_pool->dp_origin_snap->ds_object));
425}
426
427void
428dsl_dir_stats(dsl_dir_t *dd, nvlist_t *nv)
429{
430	mutex_enter(&dd->dd_lock);
431	dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_USED,
432	    dd->dd_phys->dd_used_bytes);
433	dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_QUOTA, dd->dd_phys->dd_quota);
434	dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_RESERVATION,
435	    dd->dd_phys->dd_reserved);
436	dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_COMPRESSRATIO,
437	    dd->dd_phys->dd_compressed_bytes == 0 ? 100 :
438	    (dd->dd_phys->dd_uncompressed_bytes * 100 /
439	    dd->dd_phys->dd_compressed_bytes));
440	dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_LOGICALUSED,
441	    dd->dd_phys->dd_uncompressed_bytes);
442	if (dd->dd_phys->dd_flags & DD_FLAG_USED_BREAKDOWN) {
443		dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_USEDSNAP,
444		    dd->dd_phys->dd_used_breakdown[DD_USED_SNAP]);
445		dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_USEDDS,
446		    dd->dd_phys->dd_used_breakdown[DD_USED_HEAD]);
447		dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_USEDREFRESERV,
448		    dd->dd_phys->dd_used_breakdown[DD_USED_REFRSRV]);
449		dsl_prop_nvlist_add_uint64(nv, ZFS_PROP_USEDCHILD,
450		    dd->dd_phys->dd_used_breakdown[DD_USED_CHILD] +
451		    dd->dd_phys->dd_used_breakdown[DD_USED_CHILD_RSRV]);
452	}
453	mutex_exit(&dd->dd_lock);
454
455	if (dsl_dir_is_clone(dd)) {
456		dsl_dataset_t *ds;
457		char buf[MAXNAMELEN];
458
459		VERIFY0(dsl_dataset_hold_obj(dd->dd_pool,
460		    dd->dd_phys->dd_origin_obj, FTAG, &ds));
461		dsl_dataset_name(ds, buf);
462		dsl_dataset_rele(ds, FTAG);
463		dsl_prop_nvlist_add_string(nv, ZFS_PROP_ORIGIN, buf);
464	}
465}
466
467void
468dsl_dir_dirty(dsl_dir_t *dd, dmu_tx_t *tx)
469{
470	dsl_pool_t *dp = dd->dd_pool;
471
472	ASSERT(dd->dd_phys);
473
474	if (txg_list_add(&dp->dp_dirty_dirs, dd, tx->tx_txg)) {
475		/* up the hold count until we can be written out */
476		dmu_buf_add_ref(dd->dd_dbuf, dd);
477	}
478}
479
480static int64_t
481parent_delta(dsl_dir_t *dd, uint64_t used, int64_t delta)
482{
483	uint64_t old_accounted = MAX(used, dd->dd_phys->dd_reserved);
484	uint64_t new_accounted = MAX(used + delta, dd->dd_phys->dd_reserved);
485	return (new_accounted - old_accounted);
486}
487
488void
489dsl_dir_sync(dsl_dir_t *dd, dmu_tx_t *tx)
490{
491	ASSERT(dmu_tx_is_syncing(tx));
492
493	mutex_enter(&dd->dd_lock);
494	ASSERT0(dd->dd_tempreserved[tx->tx_txg&TXG_MASK]);
495	dprintf_dd(dd, "txg=%llu towrite=%lluK\n", tx->tx_txg,
496	    dd->dd_space_towrite[tx->tx_txg&TXG_MASK] / 1024);
497	dd->dd_space_towrite[tx->tx_txg&TXG_MASK] = 0;
498	mutex_exit(&dd->dd_lock);
499
500	/* release the hold from dsl_dir_dirty */
501	dmu_buf_rele(dd->dd_dbuf, dd);
502}
503
504static uint64_t
505dsl_dir_space_towrite(dsl_dir_t *dd)
506{
507	uint64_t space = 0;
508	int i;
509
510	ASSERT(MUTEX_HELD(&dd->dd_lock));
511
512	for (i = 0; i < TXG_SIZE; i++) {
513		space += dd->dd_space_towrite[i&TXG_MASK];
514		ASSERT3U(dd->dd_space_towrite[i&TXG_MASK], >=, 0);
515	}
516	return (space);
517}
518
519/*
520 * How much space would dd have available if ancestor had delta applied
521 * to it?  If ondiskonly is set, we're only interested in what's
522 * on-disk, not estimated pending changes.
523 */
524uint64_t
525dsl_dir_space_available(dsl_dir_t *dd,
526    dsl_dir_t *ancestor, int64_t delta, int ondiskonly)
527{
528	uint64_t parentspace, myspace, quota, used;
529
530	/*
531	 * If there are no restrictions otherwise, assume we have
532	 * unlimited space available.
533	 */
534	quota = UINT64_MAX;
535	parentspace = UINT64_MAX;
536
537	if (dd->dd_parent != NULL) {
538		parentspace = dsl_dir_space_available(dd->dd_parent,
539		    ancestor, delta, ondiskonly);
540	}
541
542	mutex_enter(&dd->dd_lock);
543	if (dd->dd_phys->dd_quota != 0)
544		quota = dd->dd_phys->dd_quota;
545	used = dd->dd_phys->dd_used_bytes;
546	if (!ondiskonly)
547		used += dsl_dir_space_towrite(dd);
548
549	if (dd->dd_parent == NULL) {
550		uint64_t poolsize = dsl_pool_adjustedsize(dd->dd_pool, FALSE);
551		quota = MIN(quota, poolsize);
552	}
553
554	if (dd->dd_phys->dd_reserved > used && parentspace != UINT64_MAX) {
555		/*
556		 * We have some space reserved, in addition to what our
557		 * parent gave us.
558		 */
559		parentspace += dd->dd_phys->dd_reserved - used;
560	}
561
562	if (dd == ancestor) {
563		ASSERT(delta <= 0);
564		ASSERT(used >= -delta);
565		used += delta;
566		if (parentspace != UINT64_MAX)
567			parentspace -= delta;
568	}
569
570	if (used > quota) {
571		/* over quota */
572		myspace = 0;
573	} else {
574		/*
575		 * the lesser of the space provided by our parent and
576		 * the space left in our quota
577		 */
578		myspace = MIN(parentspace, quota - used);
579	}
580
581	mutex_exit(&dd->dd_lock);
582
583	return (myspace);
584}
585
586struct tempreserve {
587	list_node_t tr_node;
588	dsl_dir_t *tr_ds;
589	uint64_t tr_size;
590};
591
592static int
593dsl_dir_tempreserve_impl(dsl_dir_t *dd, uint64_t asize, boolean_t netfree,
594    boolean_t ignorequota, boolean_t checkrefquota, list_t *tr_list,
595    dmu_tx_t *tx, boolean_t first)
596{
597	uint64_t txg = tx->tx_txg;
598	uint64_t est_inflight, used_on_disk, quota, parent_rsrv;
599	uint64_t deferred = 0;
600	struct tempreserve *tr;
601	int retval = EDQUOT;
602	int txgidx = txg & TXG_MASK;
603	int i;
604	uint64_t ref_rsrv = 0;
605
606	ASSERT3U(txg, !=, 0);
607	ASSERT3S(asize, >, 0);
608
609	mutex_enter(&dd->dd_lock);
610
611	/*
612	 * Check against the dsl_dir's quota.  We don't add in the delta
613	 * when checking for over-quota because they get one free hit.
614	 */
615	est_inflight = dsl_dir_space_towrite(dd);
616	for (i = 0; i < TXG_SIZE; i++)
617		est_inflight += dd->dd_tempreserved[i];
618	used_on_disk = dd->dd_phys->dd_used_bytes;
619
620	/*
621	 * On the first iteration, fetch the dataset's used-on-disk and
622	 * refreservation values. Also, if checkrefquota is set, test if
623	 * allocating this space would exceed the dataset's refquota.
624	 */
625	if (first && tx->tx_objset) {
626		int error;
627		dsl_dataset_t *ds = tx->tx_objset->os_dsl_dataset;
628
629		error = dsl_dataset_check_quota(ds, checkrefquota,
630		    asize, est_inflight, &used_on_disk, &ref_rsrv);
631		if (error) {
632			mutex_exit(&dd->dd_lock);
633			return (error);
634		}
635	}
636
637	/*
638	 * If this transaction will result in a net free of space,
639	 * we want to let it through.
640	 */
641	if (ignorequota || netfree || dd->dd_phys->dd_quota == 0)
642		quota = UINT64_MAX;
643	else
644		quota = dd->dd_phys->dd_quota;
645
646	/*
647	 * Adjust the quota against the actual pool size at the root
648	 * minus any outstanding deferred frees.
649	 * To ensure that it's possible to remove files from a full
650	 * pool without inducing transient overcommits, we throttle
651	 * netfree transactions against a quota that is slightly larger,
652	 * but still within the pool's allocation slop.  In cases where
653	 * we're very close to full, this will allow a steady trickle of
654	 * removes to get through.
655	 */
656	if (dd->dd_parent == NULL) {
657		spa_t *spa = dd->dd_pool->dp_spa;
658		uint64_t poolsize = dsl_pool_adjustedsize(dd->dd_pool, netfree);
659		deferred = metaslab_class_get_deferred(spa_normal_class(spa));
660		if (poolsize - deferred < quota) {
661			quota = poolsize - deferred;
662			retval = ENOSPC;
663		}
664	}
665
666	/*
667	 * If they are requesting more space, and our current estimate
668	 * is over quota, they get to try again unless the actual
669	 * on-disk is over quota and there are no pending changes (which
670	 * may free up space for us).
671	 */
672	if (used_on_disk + est_inflight >= quota) {
673		if (est_inflight > 0 || used_on_disk < quota ||
674		    (retval == ENOSPC && used_on_disk < quota + deferred))
675			retval = ERESTART;
676		dprintf_dd(dd, "failing: used=%lluK inflight = %lluK "
677		    "quota=%lluK tr=%lluK err=%d\n",
678		    used_on_disk>>10, est_inflight>>10,
679		    quota>>10, asize>>10, retval);
680		mutex_exit(&dd->dd_lock);
681		return (SET_ERROR(retval));
682	}
683
684	/* We need to up our estimated delta before dropping dd_lock */
685	dd->dd_tempreserved[txgidx] += asize;
686
687	parent_rsrv = parent_delta(dd, used_on_disk + est_inflight,
688	    asize - ref_rsrv);
689	mutex_exit(&dd->dd_lock);
690
691	tr = kmem_zalloc(sizeof (struct tempreserve), KM_SLEEP);
692	tr->tr_ds = dd;
693	tr->tr_size = asize;
694	list_insert_tail(tr_list, tr);
695
696	/* see if it's OK with our parent */
697	if (dd->dd_parent && parent_rsrv) {
698		boolean_t ismos = (dd->dd_phys->dd_head_dataset_obj == 0);
699
700		return (dsl_dir_tempreserve_impl(dd->dd_parent,
701		    parent_rsrv, netfree, ismos, TRUE, tr_list, tx, FALSE));
702	} else {
703		return (0);
704	}
705}
706
707/*
708 * Reserve space in this dsl_dir, to be used in this tx's txg.
709 * After the space has been dirtied (and dsl_dir_willuse_space()
710 * has been called), the reservation should be canceled, using
711 * dsl_dir_tempreserve_clear().
712 */
713int
714dsl_dir_tempreserve_space(dsl_dir_t *dd, uint64_t lsize, uint64_t asize,
715    uint64_t fsize, uint64_t usize, void **tr_cookiep, dmu_tx_t *tx)
716{
717	int err;
718	list_t *tr_list;
719
720	if (asize == 0) {
721		*tr_cookiep = NULL;
722		return (0);
723	}
724
725	tr_list = kmem_alloc(sizeof (list_t), KM_SLEEP);
726	list_create(tr_list, sizeof (struct tempreserve),
727	    offsetof(struct tempreserve, tr_node));
728	ASSERT3S(asize, >, 0);
729	ASSERT3S(fsize, >=, 0);
730
731	err = arc_tempreserve_space(lsize, tx->tx_txg);
732	if (err == 0) {
733		struct tempreserve *tr;
734
735		tr = kmem_zalloc(sizeof (struct tempreserve), KM_SLEEP);
736		tr->tr_size = lsize;
737		list_insert_tail(tr_list, tr);
738	} else {
739		if (err == EAGAIN) {
740			/*
741			 * If arc_memory_throttle() detected that pageout
742			 * is running and we are low on memory, we delay new
743			 * non-pageout transactions to give pageout an
744			 * advantage.
745			 *
746			 * It is unfortunate to be delaying while the caller's
747			 * locks are held.
748			 */
749			txg_delay(dd->dd_pool, tx->tx_txg,
750			    MSEC2NSEC(10), MSEC2NSEC(10));
751			err = SET_ERROR(ERESTART);
752		}
753	}
754
755	if (err == 0) {
756		err = dsl_dir_tempreserve_impl(dd, asize, fsize >= asize,
757		    FALSE, asize > usize, tr_list, tx, TRUE);
758	}
759
760	if (err != 0)
761		dsl_dir_tempreserve_clear(tr_list, tx);
762	else
763		*tr_cookiep = tr_list;
764
765	return (err);
766}
767
768/*
769 * Clear a temporary reservation that we previously made with
770 * dsl_dir_tempreserve_space().
771 */
772void
773dsl_dir_tempreserve_clear(void *tr_cookie, dmu_tx_t *tx)
774{
775	int txgidx = tx->tx_txg & TXG_MASK;
776	list_t *tr_list = tr_cookie;
777	struct tempreserve *tr;
778
779	ASSERT3U(tx->tx_txg, !=, 0);
780
781	if (tr_cookie == NULL)
782		return;
783
784	while ((tr = list_head(tr_list)) != NULL) {
785		if (tr->tr_ds) {
786			mutex_enter(&tr->tr_ds->dd_lock);
787			ASSERT3U(tr->tr_ds->dd_tempreserved[txgidx], >=,
788			    tr->tr_size);
789			tr->tr_ds->dd_tempreserved[txgidx] -= tr->tr_size;
790			mutex_exit(&tr->tr_ds->dd_lock);
791		} else {
792			arc_tempreserve_clear(tr->tr_size);
793		}
794		list_remove(tr_list, tr);
795		kmem_free(tr, sizeof (struct tempreserve));
796	}
797
798	kmem_free(tr_list, sizeof (list_t));
799}
800
801/*
802 * This should be called from open context when we think we're going to write
803 * or free space, for example when dirtying data. Be conservative; it's okay
804 * to write less space or free more, but we don't want to write more or free
805 * less than the amount specified.
806 */
807void
808dsl_dir_willuse_space(dsl_dir_t *dd, int64_t space, dmu_tx_t *tx)
809{
810	int64_t parent_space;
811	uint64_t est_used;
812
813	mutex_enter(&dd->dd_lock);
814	if (space > 0)
815		dd->dd_space_towrite[tx->tx_txg & TXG_MASK] += space;
816
817	est_used = dsl_dir_space_towrite(dd) + dd->dd_phys->dd_used_bytes;
818	parent_space = parent_delta(dd, est_used, space);
819	mutex_exit(&dd->dd_lock);
820
821	/* Make sure that we clean up dd_space_to* */
822	dsl_dir_dirty(dd, tx);
823
824	/* XXX this is potentially expensive and unnecessary... */
825	if (parent_space && dd->dd_parent)
826		dsl_dir_willuse_space(dd->dd_parent, parent_space, tx);
827}
828
829/* call from syncing context when we actually write/free space for this dd */
830void
831dsl_dir_diduse_space(dsl_dir_t *dd, dd_used_t type,
832    int64_t used, int64_t compressed, int64_t uncompressed, dmu_tx_t *tx)
833{
834	int64_t accounted_delta;
835
836	/*
837	 * dsl_dataset_set_refreservation_sync_impl() calls this with
838	 * dd_lock held, so that it can atomically update
839	 * ds->ds_reserved and the dsl_dir accounting, so that
840	 * dsl_dataset_check_quota() can see dataset and dir accounting
841	 * consistently.
842	 */
843	boolean_t needlock = !MUTEX_HELD(&dd->dd_lock);
844
845	ASSERT(dmu_tx_is_syncing(tx));
846	ASSERT(type < DD_USED_NUM);
847
848	dmu_buf_will_dirty(dd->dd_dbuf, tx);
849
850	if (needlock)
851		mutex_enter(&dd->dd_lock);
852	accounted_delta = parent_delta(dd, dd->dd_phys->dd_used_bytes, used);
853	ASSERT(used >= 0 || dd->dd_phys->dd_used_bytes >= -used);
854	ASSERT(compressed >= 0 ||
855	    dd->dd_phys->dd_compressed_bytes >= -compressed);
856	ASSERT(uncompressed >= 0 ||
857	    dd->dd_phys->dd_uncompressed_bytes >= -uncompressed);
858	dd->dd_phys->dd_used_bytes += used;
859	dd->dd_phys->dd_uncompressed_bytes += uncompressed;
860	dd->dd_phys->dd_compressed_bytes += compressed;
861
862	if (dd->dd_phys->dd_flags & DD_FLAG_USED_BREAKDOWN) {
863		ASSERT(used > 0 ||
864		    dd->dd_phys->dd_used_breakdown[type] >= -used);
865		dd->dd_phys->dd_used_breakdown[type] += used;
866#ifdef DEBUG
867		dd_used_t t;
868		uint64_t u = 0;
869		for (t = 0; t < DD_USED_NUM; t++)
870			u += dd->dd_phys->dd_used_breakdown[t];
871		ASSERT3U(u, ==, dd->dd_phys->dd_used_bytes);
872#endif
873	}
874	if (needlock)
875		mutex_exit(&dd->dd_lock);
876
877	if (dd->dd_parent != NULL) {
878		dsl_dir_diduse_space(dd->dd_parent, DD_USED_CHILD,
879		    accounted_delta, compressed, uncompressed, tx);
880		dsl_dir_transfer_space(dd->dd_parent,
881		    used - accounted_delta,
882		    DD_USED_CHILD_RSRV, DD_USED_CHILD, tx);
883	}
884}
885
886void
887dsl_dir_transfer_space(dsl_dir_t *dd, int64_t delta,
888    dd_used_t oldtype, dd_used_t newtype, dmu_tx_t *tx)
889{
890	ASSERT(dmu_tx_is_syncing(tx));
891	ASSERT(oldtype < DD_USED_NUM);
892	ASSERT(newtype < DD_USED_NUM);
893
894	if (delta == 0 || !(dd->dd_phys->dd_flags & DD_FLAG_USED_BREAKDOWN))
895		return;
896
897	dmu_buf_will_dirty(dd->dd_dbuf, tx);
898	mutex_enter(&dd->dd_lock);
899	ASSERT(delta > 0 ?
900	    dd->dd_phys->dd_used_breakdown[oldtype] >= delta :
901	    dd->dd_phys->dd_used_breakdown[newtype] >= -delta);
902	ASSERT(dd->dd_phys->dd_used_bytes >= ABS(delta));
903	dd->dd_phys->dd_used_breakdown[oldtype] -= delta;
904	dd->dd_phys->dd_used_breakdown[newtype] += delta;
905	mutex_exit(&dd->dd_lock);
906}
907
908typedef struct dsl_dir_set_qr_arg {
909	const char *ddsqra_name;
910	zprop_source_t ddsqra_source;
911	uint64_t ddsqra_value;
912} dsl_dir_set_qr_arg_t;
913
914static int
915dsl_dir_set_quota_check(void *arg, dmu_tx_t *tx)
916{
917	dsl_dir_set_qr_arg_t *ddsqra = arg;
918	dsl_pool_t *dp = dmu_tx_pool(tx);
919	dsl_dataset_t *ds;
920	int error;
921	uint64_t towrite, newval;
922
923	error = dsl_dataset_hold(dp, ddsqra->ddsqra_name, FTAG, &ds);
924	if (error != 0)
925		return (error);
926
927	error = dsl_prop_predict(ds->ds_dir, "quota",
928	    ddsqra->ddsqra_source, ddsqra->ddsqra_value, &newval);
929	if (error != 0) {
930		dsl_dataset_rele(ds, FTAG);
931		return (error);
932	}
933
934	if (newval == 0) {
935		dsl_dataset_rele(ds, FTAG);
936		return (0);
937	}
938
939	mutex_enter(&ds->ds_dir->dd_lock);
940	/*
941	 * If we are doing the preliminary check in open context, and
942	 * there are pending changes, then don't fail it, since the
943	 * pending changes could under-estimate the amount of space to be
944	 * freed up.
945	 */
946	towrite = dsl_dir_space_towrite(ds->ds_dir);
947	if ((dmu_tx_is_syncing(tx) || towrite == 0) &&
948	    (newval < ds->ds_dir->dd_phys->dd_reserved ||
949	    newval < ds->ds_dir->dd_phys->dd_used_bytes + towrite)) {
950		error = SET_ERROR(ENOSPC);
951	}
952	mutex_exit(&ds->ds_dir->dd_lock);
953	dsl_dataset_rele(ds, FTAG);
954	return (error);
955}
956
957static void
958dsl_dir_set_quota_sync(void *arg, dmu_tx_t *tx)
959{
960	dsl_dir_set_qr_arg_t *ddsqra = arg;
961	dsl_pool_t *dp = dmu_tx_pool(tx);
962	dsl_dataset_t *ds;
963	uint64_t newval;
964
965	VERIFY0(dsl_dataset_hold(dp, ddsqra->ddsqra_name, FTAG, &ds));
966
967	if (spa_version(dp->dp_spa) >= SPA_VERSION_RECVD_PROPS) {
968		dsl_prop_set_sync_impl(ds, zfs_prop_to_name(ZFS_PROP_QUOTA),
969		    ddsqra->ddsqra_source, sizeof (ddsqra->ddsqra_value), 1,
970		    &ddsqra->ddsqra_value, tx);
971
972		VERIFY0(dsl_prop_get_int_ds(ds,
973		    zfs_prop_to_name(ZFS_PROP_QUOTA), &newval));
974	} else {
975		newval = ddsqra->ddsqra_value;
976		spa_history_log_internal_ds(ds, "set", tx, "%s=%lld",
977		    zfs_prop_to_name(ZFS_PROP_QUOTA), (longlong_t)newval);
978	}
979
980	dmu_buf_will_dirty(ds->ds_dir->dd_dbuf, tx);
981	mutex_enter(&ds->ds_dir->dd_lock);
982	ds->ds_dir->dd_phys->dd_quota = newval;
983	mutex_exit(&ds->ds_dir->dd_lock);
984	dsl_dataset_rele(ds, FTAG);
985}
986
987int
988dsl_dir_set_quota(const char *ddname, zprop_source_t source, uint64_t quota)
989{
990	dsl_dir_set_qr_arg_t ddsqra;
991
992	ddsqra.ddsqra_name = ddname;
993	ddsqra.ddsqra_source = source;
994	ddsqra.ddsqra_value = quota;
995
996	return (dsl_sync_task(ddname, dsl_dir_set_quota_check,
997	    dsl_dir_set_quota_sync, &ddsqra, 0));
998}
999
1000int
1001dsl_dir_set_reservation_check(void *arg, dmu_tx_t *tx)
1002{
1003	dsl_dir_set_qr_arg_t *ddsqra = arg;
1004	dsl_pool_t *dp = dmu_tx_pool(tx);
1005	dsl_dataset_t *ds;
1006	dsl_dir_t *dd;
1007	uint64_t newval, used, avail;
1008	int error;
1009
1010	error = dsl_dataset_hold(dp, ddsqra->ddsqra_name, FTAG, &ds);
1011	if (error != 0)
1012		return (error);
1013	dd = ds->ds_dir;
1014
1015	/*
1016	 * If we are doing the preliminary check in open context, the
1017	 * space estimates may be inaccurate.
1018	 */
1019	if (!dmu_tx_is_syncing(tx)) {
1020		dsl_dataset_rele(ds, FTAG);
1021		return (0);
1022	}
1023
1024	error = dsl_prop_predict(ds->ds_dir,
1025	    zfs_prop_to_name(ZFS_PROP_RESERVATION),
1026	    ddsqra->ddsqra_source, ddsqra->ddsqra_value, &newval);
1027	if (error != 0) {
1028		dsl_dataset_rele(ds, FTAG);
1029		return (error);
1030	}
1031
1032	mutex_enter(&dd->dd_lock);
1033	used = dd->dd_phys->dd_used_bytes;
1034	mutex_exit(&dd->dd_lock);
1035
1036	if (dd->dd_parent) {
1037		avail = dsl_dir_space_available(dd->dd_parent,
1038		    NULL, 0, FALSE);
1039	} else {
1040		avail = dsl_pool_adjustedsize(dd->dd_pool, B_FALSE) - used;
1041	}
1042
1043	if (MAX(used, newval) > MAX(used, dd->dd_phys->dd_reserved)) {
1044		uint64_t delta = MAX(used, newval) -
1045		    MAX(used, dd->dd_phys->dd_reserved);
1046
1047		if (delta > avail ||
1048		    (dd->dd_phys->dd_quota > 0 &&
1049		    newval > dd->dd_phys->dd_quota))
1050			error = SET_ERROR(ENOSPC);
1051	}
1052
1053	dsl_dataset_rele(ds, FTAG);
1054	return (error);
1055}
1056
1057void
1058dsl_dir_set_reservation_sync_impl(dsl_dir_t *dd, uint64_t value, dmu_tx_t *tx)
1059{
1060	uint64_t used;
1061	int64_t delta;
1062
1063	dmu_buf_will_dirty(dd->dd_dbuf, tx);
1064
1065	mutex_enter(&dd->dd_lock);
1066	used = dd->dd_phys->dd_used_bytes;
1067	delta = MAX(used, value) - MAX(used, dd->dd_phys->dd_reserved);
1068	dd->dd_phys->dd_reserved = value;
1069
1070	if (dd->dd_parent != NULL) {
1071		/* Roll up this additional usage into our ancestors */
1072		dsl_dir_diduse_space(dd->dd_parent, DD_USED_CHILD_RSRV,
1073		    delta, 0, 0, tx);
1074	}
1075	mutex_exit(&dd->dd_lock);
1076}
1077
1078
1079static void
1080dsl_dir_set_reservation_sync(void *arg, dmu_tx_t *tx)
1081{
1082	dsl_dir_set_qr_arg_t *ddsqra = arg;
1083	dsl_pool_t *dp = dmu_tx_pool(tx);
1084	dsl_dataset_t *ds;
1085	uint64_t newval;
1086
1087	VERIFY0(dsl_dataset_hold(dp, ddsqra->ddsqra_name, FTAG, &ds));
1088
1089	if (spa_version(dp->dp_spa) >= SPA_VERSION_RECVD_PROPS) {
1090		dsl_prop_set_sync_impl(ds,
1091		    zfs_prop_to_name(ZFS_PROP_RESERVATION),
1092		    ddsqra->ddsqra_source, sizeof (ddsqra->ddsqra_value), 1,
1093		    &ddsqra->ddsqra_value, tx);
1094
1095		VERIFY0(dsl_prop_get_int_ds(ds,
1096		    zfs_prop_to_name(ZFS_PROP_RESERVATION), &newval));
1097	} else {
1098		newval = ddsqra->ddsqra_value;
1099		spa_history_log_internal_ds(ds, "set", tx, "%s=%lld",
1100		    zfs_prop_to_name(ZFS_PROP_RESERVATION),
1101		    (longlong_t)newval);
1102	}
1103
1104	dsl_dir_set_reservation_sync_impl(ds->ds_dir, newval, tx);
1105	dsl_dataset_rele(ds, FTAG);
1106}
1107
1108int
1109dsl_dir_set_reservation(const char *ddname, zprop_source_t source,
1110    uint64_t reservation)
1111{
1112	dsl_dir_set_qr_arg_t ddsqra;
1113
1114	ddsqra.ddsqra_name = ddname;
1115	ddsqra.ddsqra_source = source;
1116	ddsqra.ddsqra_value = reservation;
1117
1118	return (dsl_sync_task(ddname, dsl_dir_set_reservation_check,
1119	    dsl_dir_set_reservation_sync, &ddsqra, 0));
1120}
1121
1122static dsl_dir_t *
1123closest_common_ancestor(dsl_dir_t *ds1, dsl_dir_t *ds2)
1124{
1125	for (; ds1; ds1 = ds1->dd_parent) {
1126		dsl_dir_t *dd;
1127		for (dd = ds2; dd; dd = dd->dd_parent) {
1128			if (ds1 == dd)
1129				return (dd);
1130		}
1131	}
1132	return (NULL);
1133}
1134
1135/*
1136 * If delta is applied to dd, how much of that delta would be applied to
1137 * ancestor?  Syncing context only.
1138 */
1139static int64_t
1140would_change(dsl_dir_t *dd, int64_t delta, dsl_dir_t *ancestor)
1141{
1142	if (dd == ancestor)
1143		return (delta);
1144
1145	mutex_enter(&dd->dd_lock);
1146	delta = parent_delta(dd, dd->dd_phys->dd_used_bytes, delta);
1147	mutex_exit(&dd->dd_lock);
1148	return (would_change(dd->dd_parent, delta, ancestor));
1149}
1150
1151typedef struct dsl_dir_rename_arg {
1152	const char *ddra_oldname;
1153	const char *ddra_newname;
1154} dsl_dir_rename_arg_t;
1155
1156/* ARGSUSED */
1157static int
1158dsl_valid_rename(dsl_pool_t *dp, dsl_dataset_t *ds, void *arg)
1159{
1160	int *deltap = arg;
1161	char namebuf[MAXNAMELEN];
1162
1163	dsl_dataset_name(ds, namebuf);
1164
1165	if (strlen(namebuf) + *deltap >= MAXNAMELEN)
1166		return (SET_ERROR(ENAMETOOLONG));
1167	return (0);
1168}
1169
1170static int
1171dsl_dir_rename_check(void *arg, dmu_tx_t *tx)
1172{
1173	dsl_dir_rename_arg_t *ddra = arg;
1174	dsl_pool_t *dp = dmu_tx_pool(tx);
1175	dsl_dir_t *dd, *newparent;
1176	const char *mynewname;
1177	int error;
1178	int delta = strlen(ddra->ddra_newname) - strlen(ddra->ddra_oldname);
1179
1180	/* target dir should exist */
1181	error = dsl_dir_hold(dp, ddra->ddra_oldname, FTAG, &dd, NULL);
1182	if (error != 0)
1183		return (error);
1184
1185	/* new parent should exist */
1186	error = dsl_dir_hold(dp, ddra->ddra_newname, FTAG,
1187	    &newparent, &mynewname);
1188	if (error != 0) {
1189		dsl_dir_rele(dd, FTAG);
1190		return (error);
1191	}
1192
1193	/* can't rename to different pool */
1194	if (dd->dd_pool != newparent->dd_pool) {
1195		dsl_dir_rele(newparent, FTAG);
1196		dsl_dir_rele(dd, FTAG);
1197		return (SET_ERROR(ENXIO));
1198	}
1199
1200	/* new name should not already exist */
1201	if (mynewname == NULL) {
1202		dsl_dir_rele(newparent, FTAG);
1203		dsl_dir_rele(dd, FTAG);
1204		return (SET_ERROR(EEXIST));
1205	}
1206
1207	/* if the name length is growing, validate child name lengths */
1208	if (delta > 0) {
1209		error = dmu_objset_find_dp(dp, dd->dd_object, dsl_valid_rename,
1210		    &delta, DS_FIND_CHILDREN | DS_FIND_SNAPSHOTS);
1211		if (error != 0) {
1212			dsl_dir_rele(newparent, FTAG);
1213			dsl_dir_rele(dd, FTAG);
1214			return (error);
1215		}
1216	}
1217
1218	if (newparent != dd->dd_parent) {
1219		/* is there enough space? */
1220		uint64_t myspace =
1221		    MAX(dd->dd_phys->dd_used_bytes, dd->dd_phys->dd_reserved);
1222
1223		/* no rename into our descendant */
1224		if (closest_common_ancestor(dd, newparent) == dd) {
1225			dsl_dir_rele(newparent, FTAG);
1226			dsl_dir_rele(dd, FTAG);
1227			return (SET_ERROR(EINVAL));
1228		}
1229
1230		error = dsl_dir_transfer_possible(dd->dd_parent,
1231		    newparent, myspace);
1232		if (error != 0) {
1233			dsl_dir_rele(newparent, FTAG);
1234			dsl_dir_rele(dd, FTAG);
1235			return (error);
1236		}
1237	}
1238
1239	dsl_dir_rele(newparent, FTAG);
1240	dsl_dir_rele(dd, FTAG);
1241	return (0);
1242}
1243
1244static void
1245dsl_dir_rename_sync(void *arg, dmu_tx_t *tx)
1246{
1247	dsl_dir_rename_arg_t *ddra = arg;
1248	dsl_pool_t *dp = dmu_tx_pool(tx);
1249	dsl_dir_t *dd, *newparent;
1250	const char *mynewname;
1251	int error;
1252	objset_t *mos = dp->dp_meta_objset;
1253
1254	VERIFY0(dsl_dir_hold(dp, ddra->ddra_oldname, FTAG, &dd, NULL));
1255	VERIFY0(dsl_dir_hold(dp, ddra->ddra_newname, FTAG, &newparent,
1256	    &mynewname));
1257
1258	/* Log this before we change the name. */
1259	spa_history_log_internal_dd(dd, "rename", tx,
1260	    "-> %s", ddra->ddra_newname);
1261
1262	if (newparent != dd->dd_parent) {
1263		dsl_dir_diduse_space(dd->dd_parent, DD_USED_CHILD,
1264		    -dd->dd_phys->dd_used_bytes,
1265		    -dd->dd_phys->dd_compressed_bytes,
1266		    -dd->dd_phys->dd_uncompressed_bytes, tx);
1267		dsl_dir_diduse_space(newparent, DD_USED_CHILD,
1268		    dd->dd_phys->dd_used_bytes,
1269		    dd->dd_phys->dd_compressed_bytes,
1270		    dd->dd_phys->dd_uncompressed_bytes, tx);
1271
1272		if (dd->dd_phys->dd_reserved > dd->dd_phys->dd_used_bytes) {
1273			uint64_t unused_rsrv = dd->dd_phys->dd_reserved -
1274			    dd->dd_phys->dd_used_bytes;
1275
1276			dsl_dir_diduse_space(dd->dd_parent, DD_USED_CHILD_RSRV,
1277			    -unused_rsrv, 0, 0, tx);
1278			dsl_dir_diduse_space(newparent, DD_USED_CHILD_RSRV,
1279			    unused_rsrv, 0, 0, tx);
1280		}
1281	}
1282
1283	dmu_buf_will_dirty(dd->dd_dbuf, tx);
1284
1285	/* remove from old parent zapobj */
1286	error = zap_remove(mos, dd->dd_parent->dd_phys->dd_child_dir_zapobj,
1287	    dd->dd_myname, tx);
1288	ASSERT0(error);
1289
1290	(void) strcpy(dd->dd_myname, mynewname);
1291	dsl_dir_rele(dd->dd_parent, dd);
1292	dd->dd_phys->dd_parent_obj = newparent->dd_object;
1293	VERIFY0(dsl_dir_hold_obj(dp,
1294	    newparent->dd_object, NULL, dd, &dd->dd_parent));
1295
1296	/* add to new parent zapobj */
1297	VERIFY0(zap_add(mos, newparent->dd_phys->dd_child_dir_zapobj,
1298	    dd->dd_myname, 8, 1, &dd->dd_object, tx));
1299
1300	dsl_prop_notify_all(dd);
1301
1302	dsl_dir_rele(newparent, FTAG);
1303	dsl_dir_rele(dd, FTAG);
1304}
1305
1306int
1307dsl_dir_rename(const char *oldname, const char *newname)
1308{
1309	dsl_dir_rename_arg_t ddra;
1310
1311	ddra.ddra_oldname = oldname;
1312	ddra.ddra_newname = newname;
1313
1314	return (dsl_sync_task(oldname,
1315	    dsl_dir_rename_check, dsl_dir_rename_sync, &ddra, 3));
1316}
1317
1318int
1319dsl_dir_transfer_possible(dsl_dir_t *sdd, dsl_dir_t *tdd, uint64_t space)
1320{
1321	dsl_dir_t *ancestor;
1322	int64_t adelta;
1323	uint64_t avail;
1324
1325	ancestor = closest_common_ancestor(sdd, tdd);
1326	adelta = would_change(sdd, -space, ancestor);
1327	avail = dsl_dir_space_available(tdd, ancestor, adelta, FALSE);
1328	if (avail < space)
1329		return (SET_ERROR(ENOSPC));
1330
1331	return (0);
1332}
1333
1334timestruc_t
1335dsl_dir_snap_cmtime(dsl_dir_t *dd)
1336{
1337	timestruc_t t;
1338
1339	mutex_enter(&dd->dd_lock);
1340	t = dd->dd_snap_cmtime;
1341	mutex_exit(&dd->dd_lock);
1342
1343	return (t);
1344}
1345
1346void
1347dsl_dir_snap_cmtime_update(dsl_dir_t *dd)
1348{
1349	timestruc_t t;
1350
1351	gethrestime(&t);
1352	mutex_enter(&dd->dd_lock);
1353	dd->dd_snap_cmtime = t;
1354	mutex_exit(&dd->dd_lock);
1355}
1356
1357void
1358dsl_dir_zapify(dsl_dir_t *dd, dmu_tx_t *tx)
1359{
1360	objset_t *mos = dd->dd_pool->dp_meta_objset;
1361	dmu_object_zapify(mos, dd->dd_object, DMU_OT_DSL_DIR, tx);
1362}
1363