module: zfs: receive checks should allow unencrypted child datasets. #13076

AttilaFueloep · 2022-02-07T20:14:56Z

Motivation and Context

dmu_recv_begin_check() unconditionally sets the DS_HOLD_FLAG_DECRYPT
flag before calling dsl_dataset_hold_flags(). If the key on the
receiving side isn't loaded or the send stream contains embedded
blocks, the receive check fail for a stream which is perfectly
valid and could be received without any problems. This seems like
a remnant of the initial design, where unencrypted datasets below
encrypted ones weren't allowed.

Description

Add a condition to set DS_HOLD_FLAG_DECRYPT only for encrypted
datasets, modify an existing test to detect this regression and add
a test for raw replication streams.

Closes #13033

How Has This Been Tested?

Verified that the modified regression tests fail on current master and pass with this PR applied.

Types of changes

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Performance enhancement (non-breaking change which improves efficiency)
Code cleanup (non-breaking change which makes code smaller or more readable)
Breaking change (fix or feature that would cause existing functionality to change)
Library ABI change (libzfs, libzfs_core, libnvpair, libuutil and libzfsbootenv)
Documentation (a change to man pages or other documentation)

Checklist:

My code follows the OpenZFS code style requirements.
I have updated the documentation accordingly.
I have read the contributing document.
I have added tests to cover my changes.
I have run the ZFS Test Suite with this change applied.
All commit messages are properly formatted and contain Signed-off-by.

gamanakis · 2022-02-08T07:24:58Z

The core tests (checkstyle, zfs-sanity-tests, zfs-tests-functional) are failing because of add15e9. If you rebase to master, this will get them going.

dmu_recv_begin_check() unconditionally sets the DS_HOLD_FLAG_DECRYPT flag before calling dsl_dataset_hold_flags(). If the key on the receiving side isn't loaded or the send stream contains embedded blocks, the receive check fails for a stream which is perfectly valid and could be received without any problem. This seems like a remnant of the initial design, where unencrypted datasets below encrypted ones weren't allowed. Add a condition to set `DS_HOLD_FLAG_DECRYPT` only for encrypted datasets, modify an existing test to detect this regression and add a test for raw replication streams. Co-authored-by: George Amanakis <[email protected]> Signed-off-by: Attila Fülöp <[email protected]>

AttilaFueloep · 2022-02-08T09:52:45Z

Thanks for the hint, rebased. Fixed two typos in the commit message as well.

behlendorf

Makes sense, thanks for running this down.

behlendorf · 2022-02-08T23:25:48Z

tests/zfs-tests/tests/functional/cli_root/zfs_receive/zfs_receive_-wR-encrypted-mix.ksh

+#
+# STRATEGY:
+# 1. Create the dataset hierarchy
+# 3. Snapshot the dataset hierarchy


nit: 2., 3., 4.

behlendorf · 2022-02-08T23:26:29Z

tests/zfs-tests/tests/functional/cli_root/zfs_receive/zfs_receive_-wR-encrypted-mix.ksh

+# STRATEGY:
+# 1. Create the dataset hierarchy
+# 3. Snapshot the dataset hierarchy
+# 5. Send -Rw the dataset hierarchy and receive uinto a toplevel dataset


Suggested change

# 5. Send -Rw the dataset hierarchy and receive uinto a toplevel dataset

# 5. Send -Rw the dataset hierarchy and receive into a top-level dataset

AttilaFueloep · 2022-02-09T07:31:36Z

Sorry, accidentally omitted the signed-off in the last commit, that's why checkstyle fails. Will fix when squashing.

behlendorf · 2022-02-09T21:09:08Z

No problem, if you prefer I can fix is when squashing the commits for the merge,

behlendorf · 2022-02-09T21:10:48Z

@gamanakis would you mind also reviewing this.

dmu_recv_begin_check() unconditionally sets the DS_HOLD_FLAG_DECRYPT flag before calling dsl_dataset_hold_flags(). If the key on the receiving side isn't loaded or the send stream contains embedded blocks, the receive check fails for a stream which is perfectly valid and could be received without any problem. This seems like a remnant of the initial design, where unencrypted datasets below encrypted ones weren't allowed. Add a condition to set `DS_HOLD_FLAG_DECRYPT` only for encrypted datasets, modify an existing test to detect this regression and add a test for raw replication streams. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: George Amanakis <[email protected]> Co-authored-by: George Amanakis <[email protected]> Signed-off-by: Attila Fülöp <[email protected]> Closes openzfs#13033 Closes openzfs#13076

AttilaFueloep mentioned this pull request Feb 7, 2022

Cannot zfs receive unencrypted dataset as a child of encrypted dataset ('cannot receive new filesystem stream: inherited key must be loaded') #13033

Closed

AttilaFueloep force-pushed the zfs-fix-13033 branch from c8c8a8d to 70a3eba Compare February 8, 2022 09:51

behlendorf approved these changes Feb 8, 2022

View reviewed changes

behlendorf added the Status: Code Review Needed Ready for review and testing label Feb 8, 2022

address review feedback

920e080

behlendorf added Status: Accepted Ready to integrate (reviewed, tested) and removed Status: Code Review Needed Ready for review and testing labels Feb 9, 2022

gamanakis approved these changes Feb 9, 2022

View reviewed changes

behlendorf merged commit 68ddc06 into openzfs:master Feb 9, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

module: zfs: receive checks should allow unencrypted child datasets. #13076

module: zfs: receive checks should allow unencrypted child datasets. #13076

AttilaFueloep commented Feb 7, 2022

gamanakis commented Feb 8, 2022

AttilaFueloep commented Feb 8, 2022

behlendorf left a comment

behlendorf Feb 8, 2022

AttilaFueloep Feb 9, 2022

behlendorf Feb 8, 2022

AttilaFueloep Feb 9, 2022

AttilaFueloep commented Feb 9, 2022

behlendorf commented Feb 9, 2022

behlendorf commented Feb 9, 2022

	# 5. Send -Rw the dataset hierarchy and receive uinto a toplevel dataset
	# 5. Send -Rw the dataset hierarchy and receive into a top-level dataset

module: zfs: receive checks should allow unencrypted child datasets. #13076

module: zfs: receive checks should allow unencrypted child datasets. #13076

Conversation

AttilaFueloep commented Feb 7, 2022

Motivation and Context

Description

How Has This Been Tested?

Types of changes

Checklist:

gamanakis commented Feb 8, 2022

AttilaFueloep commented Feb 8, 2022

behlendorf left a comment

Choose a reason for hiding this comment

behlendorf Feb 8, 2022

Choose a reason for hiding this comment

AttilaFueloep Feb 9, 2022

Choose a reason for hiding this comment

behlendorf Feb 8, 2022

Choose a reason for hiding this comment

AttilaFueloep Feb 9, 2022

Choose a reason for hiding this comment

AttilaFueloep commented Feb 9, 2022

behlendorf commented Feb 9, 2022

behlendorf commented Feb 9, 2022