-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libzfs: add keylocation=https://, backed by fetch(3) or libcurl #11956
Conversation
b9cb6a5
to
1b2241e
Compare
abigail has decided that |
What's about backward compatibility? Look's like we need a feature flag here. Hope that I've missed something and we don't. |
When a raw replication stream is zfs-received, you get "cannot set property for 'filling/test__': invalid keylocation", and it falls back to keylocation=prompt, but everything else works as desired. Importing a pool with a keylocation=https:// dataset works as expected, but doing So this behaves as expected and shouldn't need special a feature gate. Plus, AFAIUI, features are only for on-disk format changes, and this remains compatible and rectangularly in userspace. |
5e64ad0
to
511ff80
Compare
da1f7b3
to
2964cb8
Compare
@jasonbking @kithrup since this builds on the changes from #10218 would you mind reviewing it. |
From an administrative PoV: what should the https:// URLs in the ZTS point at? I have them point at raw files on the |
2964cb8
to
2411bf8
Compare
One thing we could do is split the change which adds the PASSPHRASE, HEXKEY, and RAWKEY in to its own commit. Then merge that independently to the master branch and reference that commit form the test cases. That way even in the unlikely case we change these files on the master branch it won't break the test cases in previous releases. One other minor concern is that the test suite may be run in an environment without network access. In which case it'd be nice if these tests didn't just fail. We can skip the tests by calling |
6faa3bb
to
12d0625
Compare
Right, gated the bits that use the network on Regarding the URL bit – I was mostly thinking about using some URL under OpenZFS' namespace and/or control, like |
12d0625
to
600ffc7
Compare
These seem to get skipped on GHA, so that works as expected. checkstyle fails due to an abigail classic:
|
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue: openzfs#11956 Closes openzfs#11976
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue: openzfs#11956 Closes openzfs#11976
Afterward, git grep ZoL matches: * README.md: * [ZoL Site](https://zfsonlinux.org) - Correct * etc/default/zfs.in:# ZoL userland configuration. - Changing this would induce a needless upgrade-check, if the user has modified the configuration; this can be updated the next time the defaults change * module/zfs/dmu_send.c: * ZoL < 0.7 does not handle [...] - Before 0.7 is ZoL, so fair enough Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#11956
Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#11956
Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
This also removes empty Wants= and After=s from they key-load services, with no ill effect, since we already set DefaultDependencies=no Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
Signed-off-by: Ahelenia Ziemiańska <[email protected]> Ref: openzfs#11956
Also simplify RequiresMountsFor= handling Ref: openzfs#11956 Signed-off-by: Ahelenia Ziemiańska <[email protected]>
…]:// * etc/systemd/zfs-mount-generator: serialise The wins for a relatively normal workload are rather slim: real 0.02119s/0.00985s=2.15029x user 0.02130s/0.00346s=6.15560x sys 0.03858s/0.00643s=6.00062x wall-total 0.014518s/0.005925s=2.45009x wall-init 0.014518s/0.002457s=5.90684x wall-real 0.014518s/0.003467s=4.18668x But this is a big win on machines with a lot of datasets and expensive forks. For example, the gain on a VM on my work laptop with 900+ legacy-mount Docker datasets, the original gains from the C rewrite were only five-fold: real 0.516s/0.102s=5.05882x user 0.237s/0.143s=1.65734x sys 0.287s/0.100s=2.87x And this serial variant gains this back there as well: real 0.102s/0.008s=12.75x user 0.143s/0.007s=20.42857 sys 0.100s/0.001s=100x wall-total 0.09717s/0.00319s=30.40255x wall-init 0.00203s/0.00200s=1.015941x wall-real 0.09513s/0.00118s=80.02043x For a total of real 0.516s/0.008s=64.5x user 0.237s/0.007s=33.85714x sys 0.287s/0.001s=287x Suggested-by: Richard Laager <[email protected]> * etc/systemd/zfs-mount-generator: pull in network for keylocation=https Also simplify RequiresMountsFor= handling Ref: #11956 Reviewed-by: Richard Laager <[email protected]> Reviewed-by: Tony Nguyen <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes #12138
Add support for http and https to the keylocation properly to allow encryption keys to be fetched from the specified URL. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#9543 Closes openzfs#9947 Closes openzfs#11956
Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue: openzfs#11956 Closes openzfs#11976
Add support for http and https to the keylocation properly to allow encryption keys to be fetched from the specified URL. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#9543 Closes openzfs#9947 Closes openzfs#11956
Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue: openzfs#11956 Closes openzfs#11976
Add support for http and https to the keylocation properly to allow encryption keys to be fetched from the specified URL. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#9543 Closes openzfs#9947 Closes openzfs#11956
Add support for http and https to the keylocation properly to allow encryption keys to be fetched from the specified URL. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Ryan Moeller <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Issue openzfs#9543 Closes openzfs#9947 Closes openzfs#11956
The get_key_material_https() function error code path had a bogus free() call, either resulting in double-free or free() of undefined pointer. Fixes: openzfs#11956 Signed-off-by: Harry Sintonen <[email protected]>
…]:// * etc/systemd/zfs-mount-generator: serialise The wins for a relatively normal workload are rather slim: real 0.02119s/0.00985s=2.15029x user 0.02130s/0.00346s=6.15560x sys 0.03858s/0.00643s=6.00062x wall-total 0.014518s/0.005925s=2.45009x wall-init 0.014518s/0.002457s=5.90684x wall-real 0.014518s/0.003467s=4.18668x But this is a big win on machines with a lot of datasets and expensive forks. For example, the gain on a VM on my work laptop with 900+ legacy-mount Docker datasets, the original gains from the C rewrite were only five-fold: real 0.516s/0.102s=5.05882x user 0.237s/0.143s=1.65734x sys 0.287s/0.100s=2.87x And this serial variant gains this back there as well: real 0.102s/0.008s=12.75x user 0.143s/0.007s=20.42857 sys 0.100s/0.001s=100x wall-total 0.09717s/0.00319s=30.40255x wall-init 0.00203s/0.00200s=1.015941x wall-real 0.09513s/0.00118s=80.02043x For a total of real 0.516s/0.008s=64.5x user 0.237s/0.007s=33.85714x sys 0.287s/0.001s=287x Suggested-by: Richard Laager <[email protected]> * etc/systemd/zfs-mount-generator: pull in network for keylocation=https Also simplify RequiresMountsFor= handling Ref: openzfs#11956 Reviewed-by: Richard Laager <[email protected]> Reviewed-by: Tony Nguyen <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Upstream-commit: 4325de0 Closes openzfs#12138
…]:// * etc/systemd/zfs-mount-generator: serialise The wins for a relatively normal workload are rather slim: real 0.02119s/0.00985s=2.15029x user 0.02130s/0.00346s=6.15560x sys 0.03858s/0.00643s=6.00062x wall-total 0.014518s/0.005925s=2.45009x wall-init 0.014518s/0.002457s=5.90684x wall-real 0.014518s/0.003467s=4.18668x But this is a big win on machines with a lot of datasets and expensive forks. For example, the gain on a VM on my work laptop with 900+ legacy-mount Docker datasets, the original gains from the C rewrite were only five-fold: real 0.516s/0.102s=5.05882x user 0.237s/0.143s=1.65734x sys 0.287s/0.100s=2.87x And this serial variant gains this back there as well: real 0.102s/0.008s=12.75x user 0.143s/0.007s=20.42857 sys 0.100s/0.001s=100x wall-total 0.09717s/0.00319s=30.40255x wall-init 0.00203s/0.00200s=1.015941x wall-real 0.09513s/0.00118s=80.02043x For a total of real 0.516s/0.008s=64.5x user 0.237s/0.007s=33.85714x sys 0.287s/0.001s=287x Suggested-by: Richard Laager <[email protected]> * etc/systemd/zfs-mount-generator: pull in network for keylocation=https Also simplify RequiresMountsFor= handling Ref: #11956 Reviewed-by: Richard Laager <[email protected]> Reviewed-by: Tony Nguyen <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Upstream-commit: 4325de0 Closes #12138
…]:// * etc/systemd/zfs-mount-generator: serialise The wins for a relatively normal workload are rather slim: real 0.02119s/0.00985s=2.15029x user 0.02130s/0.00346s=6.15560x sys 0.03858s/0.00643s=6.00062x wall-total 0.014518s/0.005925s=2.45009x wall-init 0.014518s/0.002457s=5.90684x wall-real 0.014518s/0.003467s=4.18668x But this is a big win on machines with a lot of datasets and expensive forks. For example, the gain on a VM on my work laptop with 900+ legacy-mount Docker datasets, the original gains from the C rewrite were only five-fold: real 0.516s/0.102s=5.05882x user 0.237s/0.143s=1.65734x sys 0.287s/0.100s=2.87x And this serial variant gains this back there as well: real 0.102s/0.008s=12.75x user 0.143s/0.007s=20.42857 sys 0.100s/0.001s=100x wall-total 0.09717s/0.00319s=30.40255x wall-init 0.00203s/0.00200s=1.015941x wall-real 0.09513s/0.00118s=80.02043x For a total of real 0.516s/0.008s=64.5x user 0.237s/0.007s=33.85714x sys 0.287s/0.001s=287x Suggested-by: Richard Laager <[email protected]> * etc/systemd/zfs-mount-generator: pull in network for keylocation=https Also simplify RequiresMountsFor= handling Ref: openzfs#11956 Reviewed-by: Richard Laager <[email protected]> Reviewed-by: Tony Nguyen <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes openzfs#12138
…]:// * etc/systemd/zfs-mount-generator: serialise The wins for a relatively normal workload are rather slim: real 0.02119s/0.00985s=2.15029x user 0.02130s/0.00346s=6.15560x sys 0.03858s/0.00643s=6.00062x wall-total 0.014518s/0.005925s=2.45009x wall-init 0.014518s/0.002457s=5.90684x wall-real 0.014518s/0.003467s=4.18668x But this is a big win on machines with a lot of datasets and expensive forks. For example, the gain on a VM on my work laptop with 900+ legacy-mount Docker datasets, the original gains from the C rewrite were only five-fold: real 0.516s/0.102s=5.05882x user 0.237s/0.143s=1.65734x sys 0.287s/0.100s=2.87x And this serial variant gains this back there as well: real 0.102s/0.008s=12.75x user 0.143s/0.007s=20.42857 sys 0.100s/0.001s=100x wall-total 0.09717s/0.00319s=30.40255x wall-init 0.00203s/0.00200s=1.015941x wall-real 0.09513s/0.00118s=80.02043x For a total of real 0.516s/0.008s=64.5x user 0.237s/0.007s=33.85714x sys 0.287s/0.001s=287x Suggested-by: Richard Laager <[email protected]> * etc/systemd/zfs-mount-generator: pull in network for keylocation=https Also simplify RequiresMountsFor= handling Ref: openzfs#11956 Reviewed-by: Richard Laager <[email protected]> Reviewed-by: Tony Nguyen <[email protected]> Signed-off-by: Ahelenia Ziemiańska <[email protected]> Closes openzfs#12138
Motivation and Context
#9947
Description
Also needs ZTS entries, but not today.Might also be best to installThe GitHub ones have it, see openzfs/zfs-buildbot#224 for buildbotlibcurl-dev
on the buildds.The key difference from #9543 is that it only allows
https://
and not whatever's on tap. This is better for security (no plaintext passwords), and, once you extend this thought to libcurl, you could, theoretically, download keys off IMAP, telnet, or CIFS. This cannot be backed byfetch(3)
, nor should it. Anything more complex and/or not required for feature parity with Solaris is really better served by something better adjusted for it (like #11731 or facsimiles thereof).How Has This Been Tested?
Ran'er through libcurl-dynamic, libcurl-static (well, it's still the .so, but linked directly in), and none.
Also fetch(3) ex situ, rest should be covered by buildds.
I haven't tried this on FreeBSD, but it builds, though I'm not perfectly sure of the error path there. Should be easy enough to test for a FreeBSD user.Works.I'm also not sure of the availability of the libfetch.so soname, but that is also a question for a FreeBSD enjoyer.Went with libfetch.so.6, available since 8.0-RELEASE.No back-end: http://build.zfsonlinux.org/builders/Debian%2010%20x86_64%20%28TEST%29/builds/7659/steps/shell_4/logs/log
404: http://build.zfsonlinux.org/builders/FreeBSD%20stable%2F13%20amd64%20%28TEST%29/builds/608/steps/shell_4/logs/log
Types of changes
struct libzfs_handle
Checklist:
Signed-off-by
.