Skip to content

Commit

Permalink
Revert "Fix raw sends on encrypted datasets when copying back snapshots"
Browse files Browse the repository at this point in the history
Commit d1d4769 takes into account the encryption key version to
decide if the local_mac could be zeroed out. However, this could lead
to failure mounting encrypted datasets created with intermediate
versions of ZFS encryption available in master between major releases.
In order to prevent this situation revert d1d4769 pending a more
comprehensive fix which addresses the mount failure case.

Reviewed-by: George Amanakis <[email protected]>
Signed-off-by: Brian Behlendorf <[email protected]>
Issue #11294
Issue #12025
Issue #12300
Closes #12033
  • Loading branch information
behlendorf authored May 13, 2021
1 parent 618a65c commit 6217656
Show file tree
Hide file tree
Showing 6 changed files with 12 additions and 143 deletions.
15 changes: 1 addition & 14 deletions module/os/freebsd/zfs/zio_crypt.c
Original file line number Diff line number Diff line change
Expand Up @@ -1076,16 +1076,6 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen,

bcopy(raw_portable_mac, portable_mac, ZIO_OBJSET_MAC_LEN);

/*
* This is necessary here as we check next whether
* OBJSET_FLAG_USERACCOUNTING_COMPLETE or
* OBJSET_FLAG_USEROBJACCOUNTING are set in order to
* decide if the local_mac should be zeroed out.
*/
intval = osp->os_flags;
if (should_bswap)
intval = BSWAP_64(intval);

/*
* The local MAC protects the user, group and project accounting.
* If these objects are not present, the local MAC is zeroed out.
Expand All @@ -1097,10 +1087,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen,
(datalen >= OBJSET_PHYS_SIZE_V2 &&
osp->os_userused_dnode.dn_type == DMU_OT_NONE &&
osp->os_groupused_dnode.dn_type == DMU_OT_NONE) ||
(datalen <= OBJSET_PHYS_SIZE_V1) ||
(((intval & OBJSET_FLAG_USERACCOUNTING_COMPLETE) == 0 ||
(intval & OBJSET_FLAG_USEROBJACCOUNTING_COMPLETE) == 0) &&
key->zk_version > 0)) {
(datalen <= OBJSET_PHYS_SIZE_V1)) {
bzero(local_mac, ZIO_OBJSET_MAC_LEN);
return (0);
}
Expand Down
15 changes: 1 addition & 14 deletions module/os/linux/zfs/zio_crypt.c
Original file line number Diff line number Diff line change
Expand Up @@ -1197,16 +1197,6 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen,

bcopy(raw_portable_mac, portable_mac, ZIO_OBJSET_MAC_LEN);

/*
* This is necessary here as we check next whether
* OBJSET_FLAG_USERACCOUNTING_COMPLETE or
* OBJSET_FLAG_USEROBJACCOUNTING are set in order to
* decide if the local_mac should be zeroed out.
*/
intval = osp->os_flags;
if (should_bswap)
intval = BSWAP_64(intval);

/*
* The local MAC protects the user, group and project accounting.
* If these objects are not present, the local MAC is zeroed out.
Expand All @@ -1218,10 +1208,7 @@ zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen,
(datalen >= OBJSET_PHYS_SIZE_V2 &&
osp->os_userused_dnode.dn_type == DMU_OT_NONE &&
osp->os_groupused_dnode.dn_type == DMU_OT_NONE) ||
(datalen <= OBJSET_PHYS_SIZE_V1) ||
(((intval & OBJSET_FLAG_USERACCOUNTING_COMPLETE) == 0 ||
(intval & OBJSET_FLAG_USEROBJACCOUNTING_COMPLETE) == 0) &&
key->zk_version > 0)) {
(datalen <= OBJSET_PHYS_SIZE_V1)) {
bzero(local_mac, ZIO_OBJSET_MAC_LEN);
return (0);
}
Expand Down
11 changes: 8 additions & 3 deletions module/zfs/dsl_crypt.c
Original file line number Diff line number Diff line change
Expand Up @@ -2007,6 +2007,14 @@ dsl_crypto_recv_raw_objset_check(dsl_dataset_t *ds, dsl_dataset_t *fromds,
if (ret != 0)
return (ret);

/*
* Useraccounting is not portable and must be done with the keys loaded.
* Therefore, whenever we do any kind of receive the useraccounting
* must not be present.
*/
ASSERT0(os->os_flags & OBJSET_FLAG_USERACCOUNTING_COMPLETE);
ASSERT0(os->os_flags & OBJSET_FLAG_USEROBJACCOUNTING_COMPLETE);

mdn = DMU_META_DNODE(os);

/*
Expand Down Expand Up @@ -2097,9 +2105,6 @@ dsl_crypto_recv_raw_objset_sync(dsl_dataset_t *ds, dmu_objset_type_t ostype,
*/
arc_release(os->os_phys_buf, &os->os_phys_buf);
bcopy(portable_mac, os->os_phys->os_portable_mac, ZIO_OBJSET_MAC_LEN);
os->os_phys->os_flags &= ~OBJSET_FLAG_USERACCOUNTING_COMPLETE;
os->os_phys->os_flags &= ~OBJSET_FLAG_USEROBJACCOUNTING_COMPLETE;
os->os_flags = os->os_phys->os_flags;
bzero(os->os_phys->os_local_mac, ZIO_OBJSET_MAC_LEN);
os->os_next_write_raw[tx->tx_txg & TXG_MASK] = B_TRUE;

Expand Down
3 changes: 1 addition & 2 deletions tests/runfiles/common.run
Original file line number Diff line number Diff line change
Expand Up @@ -884,8 +884,7 @@ tests = [
'userquota_004_pos', 'userquota_005_neg', 'userquota_006_pos',
'userquota_007_pos', 'userquota_008_pos', 'userquota_009_pos',
'userquota_010_pos', 'userquota_011_pos', 'userquota_012_neg',
'userspace_001_pos', 'userspace_002_pos', 'userspace_encrypted',
'userspace_send_encrypted']
'userspace_001_pos', 'userspace_002_pos', 'userspace_encrypted']
tags = ['functional', 'userquota']

[tests/functional/vdev_zaps]
Expand Down
3 changes: 1 addition & 2 deletions tests/zfs-tests/tests/functional/userquota/Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,7 @@ dist_pkgdata_SCRIPTS = \
userspace_001_pos.ksh \
userspace_002_pos.ksh \
userspace_003_pos.ksh \
userspace_encrypted.ksh \
userspace_send_encrypted.ksh
userspace_encrypted.ksh

dist_pkgdata_DATA = \
userquota.cfg \
Expand Down

This file was deleted.

0 comments on commit 6217656

Please sign in to comment.