Commit Graph

104 Commits

Author SHA1 Message Date
John Grafton
8e933d9c59 libbe: Avoid double printing cloning errors.
be_clone calls be_clone_cb and both call set_error on the return
error path.  set_error prints the error resulting in a double print.
be_clone_cb should just return the error code and allow be_clone
to print it.

PR: 265248
Reported by: Graham Perrin
Reviewed by: imp, kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/685
2023-03-14 21:15:17 -06:00
Martin Matuska
15f0b8c309 zfs: merge openzfs/zfs@9cd71c860 (master)
Notable upstream pull request merges:
  #13805 Configure zed's diagnosis engine with vdev properties
  #14110 zfs list: Allow more fields in ZFS_ITER_SIMPLE mode
  #14121 Batch enqueue/dequeue for bqueue
  #14123 arc_read()/arc_access() refactoring and cleanup
  #14159 Bypass metaslab throttle for removal allocations
  #14243 Implement uncached prefetch
  #14251 Cache dbuf_hash() calculation
  #14253 Allow reciever to override encryption property in case of replication
  #14254 Restrict visibility of per-dataset kstats inside FreeBSD jails
  #14255 Zero end of embedded block buffer in dump_write_embedded()
  #14263 Cleanups identified by CodeQL and Coverity
  #14264 Miscellaneous fixes
  #14272 Change ZEVENT_POOL_GUID to ZEVENT_POOL to display pool names
  #14287 FreeBSD: Remove stray debug printf
  #14288 Colorize zfs diff output
  #14289 deadlock between spa_errlog_lock and dp_config_rwlock
  #14291 FreeBSD: Fix potential boot panic with bad label
  #14292 Add tunable to allow changing micro ZAP's max size
  #14293 Turn default_bs and default_ibs into ZFS_MODULE_PARAMs
  #14295 zed: add hotplug support for spare vdevs
  #14304 Activate filesystem features only in syncing context
  #14311 zpool: do guid-based comparison in is_vdev_cb()
  #14317 Pack zrlock_t by 8 bytes
  #14320 Update arc_summary and arcstat outputs
  #14328 FreeBSD: catch up to 1400077
  #14376 Use setproctitle to report progress of zfs send
  #14340 Remove some dead ARC code
  #14358 Wait for txg sync if the last DRR_FREEOBJECTS might result in a hole
  #14360 libzpool: fix ddi_strtoull to update nptr
  #14364 Fix unprotected zfs_znode_dmu_fini
  #14379 zfs_receive_one: Check for the more likely error first
  #14380 Cleanup of dead code suggested by Clang Static Analyzer
  #14397 Avoid passing an uninitialized index to dsl_prop_known_index
  #14404 Fix reading uninitialized variable in receive_read
  #14407 free_blocks(): Fix reports from 2016 PVS Studio FreeBSD report
  #14418 Introduce minimal ZIL block commit delay
  #14422 x86 assembly: fix .size placement and replace .align with .balign

Obtained from:	OpenZFS
OpenZFS commit:	9cd71c8604
2023-01-25 19:50:29 +01:00
Emmanuel Vadot
a71ea7bea0 pkgbase: Put zfs utilities and lib in their own package
It is useful to have zfs utilities and lib in a separate package as
it allow users to create image that can support ZFS (i.e. not with
WITHOUT_ZFS in src.conf set) without bloating the default image with
all zfs tools (for example for jails).

Differential Revision:	https://reviews.freebsd.org/D36225
2022-10-26 19:46:30 +02:00
Kyle Evans
dadb9c7093 bectl: push space-in-name check down into libbe
This check was previously in `create` only, not applying to renames.  It
should really be applied at the libbe level, so that we can avoid
writing about this restriction over and over again.

While we're here: `bectl rename` always succeeds, even when it doesn't.
Start returning the error.

Reported By:	Christian McDonald <cmcdonald netgate com>
Reviewed by:	rew, jwmaag_gmail.com (earlier version)
Differential Revision:	https://reviews.freebsd.org/D34605
2022-04-02 21:04:31 -05:00
Kyle Evans
31190aa02e libbe: pull props for the correct dataset in be_mounted_at()
The props feature to this API was added as a "just in case", with no
planned consumer.  It turns out that it was implemented incorrectly,
tapping out props for the BE root (BE's parent) rather than the BE
itself in all cases.

Fetch properties for the dataset that's actually mounted at the queried
path.

Reported by:	Christian McDonald <cmcdonald netgate com>
MFC after:	3 days
2022-03-31 14:23:57 -05:00
Kyle Evans
d155d8e138 libbe: fix be_mounted_at() with props after bootonce
propinfo.bootonce was filled with garbage, leading to a segfault later
during prop building.  Initialize it to NULL.

MFC after:	3 days
2022-03-31 14:23:57 -05:00
Martin Matuska
e92ffd9b62 zfs: merge openzfs/zfs@17b2ae0b2 (master) into main
Notable upstream pull request merges:
  #12766 Fix error propagation from lzc_send_redacted
  #12805 Updated the lz4 decompressor
  #12851 FreeBSD: Provide correct file generation number
  #12857 Verify dRAID empty sectors
  #12874 FreeBSD: Update argument types for VOP_READDIR
  #12896 Reduce number of arc_prune threads
  #12934 FreeBSD: Fix zvol_*_open() locking
  #12947 lz4: Cherrypick fix for CVE-2021-3520
  #12961 FreeBSD: Fix leaked strings in libspl mnttab
  #12964 Fix handling of errors from dmu_write_uio_dbuf() on FreeBSD
  #12981 Introduce a flag to skip comparing the local mac when raw sending
  #12985 Avoid memory allocations in the ARC eviction thread

Obtained from:	OpenZFS
OpenZFS commit:	17b2ae0b24
2022-01-22 23:05:15 +01:00
Martin Matuska
f20893853e zfs: unbreak build broken in 160388166 2021-06-08 22:21:11 +02:00
Gleb Smirnoff
7edc1bd9dc When be_activate() turns on a new boot environment, it always deactivates
the current one first. And if it fails to do so, it abandons activation.
However, with the new bootonce feature, there is a legitimate case when
a pool doesn't have "bootfs" property set. Check for this case before
calling be_deactivate().

Reviewed by:	kevans
2021-01-08 09:23:16 -08:00
Emmanuel Vadot
2d486ba15f pkgbase: Move bectl to the runtime package
runtime contain what is needed to boot in single user and repair a
system, bectl could be handy to have in this situation.

Differential Revision:	https://reviews.freebsd.org/D27708
2021-01-04 16:17:12 +01:00
Kyle Evans
07335072e2 libbe(3): install MLINKS for all of the functions provided
MFC after:	1 week
2020-10-18 23:58:40 +00:00
Kyle Evans
513bd2fc81 libbe(3): document be_snapshot()
While toying around with lua bindings for libbe(3), I discovered that I
apparently never documented this, despite having documented
be_is_auto_snapshot_name that references it.

MFC after:	1 week
2020-10-18 23:42:00 +00:00
Kyle Evans
5773e924e7 libbe(3): const'ify a couple arguments
libbe will never need to mutate these as we either process them into a local
buffer or we just don't touch them and write to a separate out argument.

MFC after:	1 week
2020-10-18 23:32:47 +00:00
Toomas Soome
e307eb94ae loader: zfs should support bootonce an nextboot
bootonce feature is temporary, one time boot, activated by
"bectl activate -t BE", "bectl activate -T BE" will reset the bootonce flag.

By default, the bootonce setting is reset on attempt to boot and the next
boot will use previously active BE.

By setting zfs_bootonce_activate="YES" in rc.conf, the bootonce BE will
be set permanently active.

bootonce dataset name is recorded in boot pool labels, bootenv area.

in case of nextboot, the nextboot_enable boolean variable is recorded in
freebsd:nvstore nvlist, also stored in boot pool label bootenv area.
On boot, the loader will process /boot/nextboot.conf if nextboot_enable
is "YES", and will set nextboot_enable to "NO", preventing /boot/nextboot.conf
processing on next boot.

bootonce and nextboot features are usable in both UEFI and BIOS boot.

To use bootonce/nextboot features, the boot loader needs to be updated on disk;
if loader.efi is stored on ESP, then ESP needs to be updated and
for BIOS boot, stage2 (zfsboot or gptzfsboot) needs to be updated
(gpart or other tools).

At this time, only lua loader is updated.

Sponsored by:	Netflix, Klara Inc.
Differential Revision:	https://reviews.freebsd.org/D25512
2020-09-21 09:01:10 +00:00
Edward Tomasz Napierala
2ccf8a827c Skip armv7 bectl tests on CI; they deadlock (""KSTACK_PAGES is 2").
PR:		249229
Sponsored by:	DARPA
2020-09-14 10:35:39 +00:00
Matt Macy
eac7052fde ZFS: MFV 2.0-rc1-gfd20a8
- fixes jail delegation
- fixes raw kstat unsupported complaints
- exposes dbgmsg, dbuf, and checksum benchmark stats
- restore rename -u support
2020-09-04 22:25:14 +00:00
Li-Wen Hsu
0932ee9fa0 Temporarily skip tests panic i386 kernel in CI
lib.libbe.be_create.libbe_create
sbin.bectl.bectl_test.bectl_create

PR:		249055
Sponsored by:	The FreeBSD Foundation
2020-09-02 19:18:27 +00:00
Kyle Evans
5e6a7bc6c1 libbe: lift the WARNS post-OpenZFS merge
sys/ccompile.h no longer uses #pragma ident, so we no longer need to worry
about unknown pragmas.

I fixed one WARNS issue in r363409 by annotating be_is_auto_snapshot_name's
lbh parameter __unused, then upstreamed the following changes to OpenZFS
that rode in with the merge:
- zfs_path_to_zhandle now takes a const char *path rather than a char *path,
  since it won't be mutating the string it receives and I had no reason to
  believe it will need to in the future. [OpenZFS PR #10605]
- Annotated some unused parameters on definitions inlined into headers as
  such. [OpenZFS PR #10606]
2020-08-25 18:16:40 +00:00
Matt Macy
9e5787d228 Merge OpenZFS support in to HEAD.
The primary benefit is maintaining a completely shared
code base with the community allowing FreeBSD to receive
new features sooner and with less effort.

I would advise against doing 'zpool upgrade'
or creating indispensable pools using new
features until this change has had a month+
to soak.

Work on merging FreeBSD support in to what was
at the time "ZFS on Linux" began in August 2018.
I first publicly proposed transitioning FreeBSD
to (new) OpenZFS on December 18th, 2018. FreeBSD
support in OpenZFS was finally completed in December
2019. A CFT for downstreaming OpenZFS support in
to FreeBSD was first issued on July 8th. All issues
that were reported have been addressed or, for
a couple of less critical matters there are
pull requests in progress with OpenZFS. iXsystems
has tested and dogfooded extensively internally.
The TrueNAS 12 release is based on OpenZFS with
some additional features that have not yet made
it upstream.

Improvements include:
  project quotas, encrypted datasets,
  allocation classes, vectorized raidz,
  vectorized checksums, various command line
  improvements, zstd compression.

Thanks to those who have helped along the way:
Ryan Moeller, Allan Jude, Zack Welch, and many
others.

Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D25872
2020-08-25 02:21:27 +00:00
Kyle Evans
9d6d8bf8c7 libbe: annotate lbh as __unused in be_is_auto_snapshot_name
lbh is included for consistency with other functions and in case
future work needs to use it, but it is currently unused. Mark it,
and a post-OpenZFS-import world will be able to raise WARNS of
libbe to the default (pending some minor changes to openzfs libzfs).

MFC after:	3 days
2020-07-22 02:09:10 +00:00
Kyle Evans
6966ac055c Drop "All Rights Reserved" from all libbe/bectl files
I sent out an e-mail on 2020/01/21 with a plan to do this to Kyle, Rob, and
Wes; all parties have responded in the affirmative that it's OK to drop it
from these files.
2020-01-24 02:18:09 +00:00
Kyle Evans
c7a19fd70a libbe: use the new zfs_mount_at()
More background is available in r356876, but this new interface is more
portable across ZFS implementations and cleaner for what libbe is attempting
to achieve anyways.

MFC after:	3 days
2020-01-19 02:48:56 +00:00
Kyle Evans
8f5c6c31ae libbe(3): promote dependent clones when destroying an environment
When removing a boot environment iterate over the dependents and process the
snapshots by grabbing any clones. Promote the clones we found and then
remove the target environment.

This fixes the ability to destroy a boot environment when it has been used
to spawn one or more other boot environments.

PR:		242592
Submitted by:	Wes Maag <jwmaag gmail com> (with changes by myself)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D22953
2020-01-02 18:46:33 +00:00
Simon J. Gerraty
2c9a9dfc18 Update Makefile.depend files
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files

Reviewed by:	 bdrewery
MFC after:	1 week
Sponsored by:   Juniper Networks
Differential Revision:  https://reviews.freebsd.org/D22494
2019-12-11 17:37:53 +00:00
Kyle Evans
485172f537 libbe: fix build against sysutils/openzfs, part 1
This is the half of the changes required that work as-is with both in-tree
ZFS and the new hotness, sysutils/openzfs.  Highlights are less dependency
on header pollution (from somewhere) and using 'mnttab' instead of
'extmnttab'.   In the in-tree ZFS, the latter is a #define for the former,
but in the port extmnttab is actually a distinct struct that's a super-set
of mnttab.  We really want mnttab here anyways, so just use it.
2019-12-06 19:33:39 +00:00
Alan Somers
cefbdf3eaa Commit missing file from r354116
Pointy-hat-to:	Me
Reported by:	Dan Mack
MFC after:	2 weeks
MFC-With:	354116
2019-10-26 19:20:59 +00:00
Kyle Evans
1dc8556358 libbe(3): Fix destroy of imported BE w/ AUTOORIGIN
Imported BE, much like the activated BE, will not have an origin that we can
fetch/examine for destruction. be_destroy should not return BE_ERR_NOORIGIN
for failure to get the origin property for BE_DESTROY_AUTOORIGIN, because
we don't really know going into it that there's even an origin to be
destroyed.

BE_DESTROY_NEEDORIGIN has been renamed to BE_DESTROY_WANTORIGIN because only
a subset of it *needs* the origin, so 'need' is too strong of verbiage.

This was caught by jenkins and the bectl tests, but kevans failed to run the
bectl tests prior to commit.

Reported by:	lwhsu
2019-10-16 18:33:31 +00:00
Kyle Evans
455d8009b4 libbe(3): add needed bits for be_destroy to auto-destroy some origins
New BEs can be created from either an existing snapshot or an existing BE.
If an existing BE is chosen (either implicitly via 'bectl create' or
explicitly via 'bectl create -e foo bar', for instance), then bectl will
create a snapshot of the current BE or "foo" with be_snapshot, with a name
formatted like: strftime("%F-%T") and a serial added to it.

This commit adds the needed bits for libbe or consumers to determine if a
snapshot names matches one of these auto-created snapshots (with some light
validation of the date/time/serial), and also a be_destroy flag to specify
that the origin should be automatically destroyed if possible.

A future commit to bectl will specify BE_DESTROY_AUTOORIGIN by default so we
clean up the origin in the most common case, non-user-managed snapshots.
2019-10-16 14:43:05 +00:00
Andriy Gapon
8569a95e76 fixup up fallout from r352447 in libbe
I totally forgot that we now have another in-tree consumer of libzfs.

MFC after:	3 days
X-MFC with:	r352447
2019-09-17 14:15:48 +00:00
Emmanuel Vadot
4c1a82cea5 pkgbase: Create a FreeBSD-utilities package and make it the default one
The default package use to be FreeBSD-runtime but it should only contain
binaries and libs enough to boot to single user and repair the system, it
is also very handy to have a package that can be tranform to a small mfsroot.
So create a new package named FreeBSD-utilities and make it the default one.
Also move a few binaries and lib into this package when it make sense.
Reviewed by:	bapt, gjb
Differential Revision:	https://reviews.freebsd.org/D21506
2019-09-05 14:15:47 +00:00
Kyle Evans
3afb4dc28a libbe(3): restructure be_mount, skip canmount check for BE dataset
Further cleanup after r349380; loader and kernel will both ignore canmount
on the root dataset as well, so we should not be so strict about it when
mounting it. be_mount is restructured to make it more clear that depth==0 is
special, and to not try fetching these properties that we won't care about.

MFC after:	3 days
2019-06-25 18:47:40 +00:00
Kyle Evans
b335f799ac libbe(3): mount: the BE dataset is mounted at /
Other parts of libbe(3) were fairly strict on the mountpoint property of the
BE dataset, and be_mount was not much better. It was improved in r347027 to
allow mountpoint=none for depth==0, but this bit was still sensitive to
mountpoint != / and mountpoint != none. Given that other parts of libbe(3)
no longer restrict the mountpoint property here, and the rest of the base
system is generally OK and will assume that a BE is mounted at /, let's do
the same.

Reported by:	ler
MFC after:	3 days
2019-06-25 18:13:39 +00:00
Kyle Evans
88a950762a libbe(3): Descend into children of datasets w/ mountpoint=none
These datasets will generally be canmount=noauto,mountpoint=none (e.g.
zroot/var) but have children that may need to be mounted. Instead of
skipping that segment for no good reason, descend.

Submitted by:	Wes Maag
Reported by:	Wes Maag
MFC after:	3 days
2019-05-16 02:11:33 +00:00
Kyle Evans
ac34fe239d libbe: set mountpoint=none in be_import
If we're going to set a mountpoint at all, mountpoint=none makes more sense
than mountpoint=/.

MFC after:	 3 days
2019-05-02 17:50:56 +00:00
Kyle Evans
011fdcbf1c libbe(3): Properly mount BEs with mountpoint=none
Instead of pretending to successfully mount them while not actually
mounting anything, we'll now actually mount them *and* claim we mounted them
successfully.

Reported by:	ler
MFC after:	3 days
2019-05-02 17:44:46 +00:00
Kyle Evans
f0baac9e32 libbe(3): Fix libcompat build
SHLIBDIR should still be optionally set, just before src.opts.mk is included
so that libcompat can properly override it. This fixes lib32 failures
reported by both Jenkins and Michael Butler.

Reported by:	Michael Butler <imb@protected-networks.net>
MFC after:	3 days
X-MFC-With:	r346546
2019-04-25 20:48:25 +00:00
Kyle Evans
0b24d24d80 libbe(3): Fix mis-application of patch (SHLIBDIR)
Rob's patch in D18564 cemented the SHLIBDIR because bsd.own.mk (included by
src.opts.mk) sets it to /usr/lib. r346546 did somehow not apply this part of
the patch, leaving it to get installed to the wrong place and subsequently
removed via ObsoleteFiles.

Reported by:	jkim
MFC after:	3 days
X-MFC-With:	r346546
2019-04-25 20:02:11 +00:00
Kyle Evans
be13d48c66 libbe(3): Copy received properties as well
This was inherently broken on send|recv datasets.

Reported and tested by:	Wes Maag <jwmaag gmail com>
MFC after:	3 days
2019-04-25 15:51:09 +00:00
Kyle Evans
cddbc3b408 libbe(3): Add a test for be creation
Submitted by:	Rob Fairbanks <rob.fx907 gmail com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18564
2019-04-22 13:45:08 +00:00
Kyle Evans
fa30d9ed75 libbe(3): allow creation of arbitrary depth boot environments
libbe currently only provides an API to create a recursive boot environment,
without any formal support for intentionally limiting the depth. This
changeset adds an API, be_create_depth, that may be used to arbitrarily
restrict the depth of the new BE.

Submitted by:	Rob Fairbanks <rob.fx907 gmail com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18564
2019-04-22 13:43:38 +00:00
Kyle Evans
fcb47c42ec libbe(3): use libzfs name validation for datasets/snapshot names
Our home-rolled solution didn't quite capture all of the details, and we
didn't actually validate snapshot names at all. zfs_name_valid captures the
important details, but it doesn't necessarily expose the errors that we're
wanting to see in the be_validate_* functions. Validating lengths
independently, then the names, should make this a non-issue.
2019-04-10 14:00:03 +00:00
Kyle Evans
90cf61e8a5 libbe(3): Add a serial to the generated snapshot names
To use bectl in an example, when one creates a new boot environment with
either `bectl create <be>` or `bectl create -e <otherbe> <be>`, libbe will
take a snapshot of the original boot environment to clone. Previously, this
used %F-%T date format as the snapshot name, but this has some limitations-
attempting to create multiple boot environments in quick succession may
collide if done within the same second.

Tack a serial onto it to reduce the chances of a collision... we could still
collide if multiple processes/threads are creating boot environments at the
same time, but this is likely not a big concern as this has only been
reported as occurring in freebsd-ci setup.

MFC after:	3 days
2019-04-03 17:04:38 +00:00
Kyle Evans
e1ee62302a libbe: Fix zfs_is_mounted check w/ snapshots
'be_destroy' can destroy a boot environment (by name) or a given snapshot.
If the target to be destroyed is a dataset, check if it's mounted. We don't
want to check if the origin dataset is mounted when destroying a snapshot.

PR:		236043
Submitted by:	Rob Fairbanks <rob.fx907 gmail com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19650
2019-04-01 17:44:20 +00:00
Kyle Evans
be7dd42376 libbe(3): Fix be_destroy behavior w.r.t. deep BE snapshots and -o
be_destroy is documented to recursively destroy a boot environment.  In the
case of snapshots, one would take this to mean that these are also
recursively destroyed.  However, this was previously not the case.
be_destroy would descend into the be_destroy callback and attempt to
zfs_iter_children on the top-level snapshot, which is bogus.

Our alternative approach is to take note of the snapshot name and iterate
through all of fs children of the BE to try destruction in the children.

The -o option is also fixed to work properly with deep BEs.  If the BE was
created with `bectl create -e otherDeepBE newDeepBE`, for instance, then a
recursive snapshot of otherDeepBE would have been taken for construction of
newDeepBE but a subsequent destroy with BE_DESTROY_ORIGIN set would only
clean up the snapshot at the root of otherDeepBE: ${BEROOT}/otherDeepBE@...

The most recent iteration instead pretends not to know how these things
work, verifies that the origin is another BE and then passes that back
through be_destroy to DTRT when snapshots and deep BEs may be in play.

MFC after:	1 week
2019-02-13 04:19:08 +00:00
Kyle Evans
446ae812b0 libbe(3): Belatedly note the BE_DESTROY_ORIGIN option added in r343977
X-MFC-With: r343977
2019-02-12 02:16:21 +00:00
Kyle Evans
13c62c50e3 libbe(3): Add a destroy option for removing the origin
Currently origin snapshots are left behind when a BE is destroyed, whether
it was an auto-created snapshot or explicitly specified via, for example,
`bectl create -e be@mysnap ...`.

Removing it automatically could be argued as a POLA violation in some
circumstances, so provide a flag to be_destroy for it. An accompanying
option will be added to bectl(8) to utilize this.

Some minor style/consistency nits in the affected areas also addressed.

Reported by:	Shawn Webb
MFC after:	1 week
2019-02-10 21:19:09 +00:00
Kyle Evans
16ac070581 libbe(3): simplify import, allow replication streams
Previously, we directly used libzfs_core's lzc_receive to import to a
temporary snapshot, then cloned the snapshot and setup the properties. This
failed when attempting to import replication streams with questionable
error.

libzfs's zfs_receive is a much better fit here, so we now use it instead
with the destination dataset and let libzfs take care of the dirty details.
be_import is greatly simplified as a result.

Reported by:	Marie Helene Kvello-Aune <freebsd@mhka.no>
MFC after:	1 week
2019-01-23 02:09:15 +00:00
Kyle Evans
0a603a6ece libbe(3): Change be_mount to mount/unmount child datasets
This set of changes is geared towards making bectl respect deep boot
environments when they exist and are mounted. The deep BE composition
functionality (`bectl add`) remains disabled for the time being. This set of
changes has no effect for the average user. but allows deep BE users to
upgrade properly with their current setup.

libbe(3): Open the target boot environment and get a zfs handle, then pass
that with the target mountpoint to be_mount_iter; If the BE_MNT_DEEP flag is
set call zfs_iter_filesystems and mount the child datasets.

Similar logic is employed when unmounting the datasets, save for children
are unmounted first.

bectl(8): Change bectl_cmd_jail to pass the BE_MNT_DEEP flag when
calling be_mount as well as call be_unmount when cleaning up after the
jail has exited instead of umount(2) directly.

PR:		234795
Submitted by:	Wes Maag <jwmaag_gmail.com> (test additions by kevans)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18796
2019-01-10 03:27:20 +00:00
Kyle Evans
fc13fc1c3a libbe(3): move altroot augmentation bits around a little bit
We could perhaps have a method that does this given a dataset, but it's yet
clear that we'll always want to bypass the altroot when we grab the
mountpoint. For now, we'll refactor things a bit so we grab the altroot
length when libbe is initialized and have a common method that does the
necessary augmentation (replace with / if it's the root, return a pointer to
later in the string if not).

This will be used in some upcoming work to make be_mount work properly for
deep BEs.

MFC after:	1 week
2019-01-09 22:31:10 +00:00
Kyle Evans
f08dac4e90 libbe(3): Don't allow bootfs to be destroyed
Previously, the following sequence of events was feasible under some
circumstance:

bectl create test
bectl activate test
# the test BE dataset gets promoted and set as bootfs
bectl destroy test

I was unable to reproduce the destroy succeeding, but we should be rejecting
this before it even gets to libzfs because it would leave the system in an
inconsistent state. Forcing the user to be explicit as to which environment
should be activated instead is much better.

Reported by:	Graham Perrin <grahamperrin@gmail.com>
MFC after:	3 days
2019-01-07 16:16:47 +00:00