Fix clone handling with encryption roots #9294

tcaputi · 2019-09-06T19:48:56Z

Currently, spa_keystore_change_key_sync_impl() does not recurse
into clones when updating encryption roots for either a call to
'zfs promote' or 'zfs change-key'. This can cause children of
these clones to end up in a state where they point to the wrong
dataset as the encryption root. It can also trigger ASSERTs in
some cases where the code checks reference counts on wrapping
keys. This patch fixes this issue by ensuring that this function
properly recurses into clones during processing.

Fixes: #9267

Signed-off-by: Tom Caputi [email protected]

How Has This Been Tested?

Test cases have been added to ZTS as part of this patch.

Types of changes

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Performance enhancement (non-breaking change which improves efficiency)
Code cleanup (non-breaking change which makes code smaller or more readable)
Breaking change (fix or feature that would cause existing functionality to change)
Documentation (a change to man pages or other documentation)

Checklist:

My code follows the ZFS on Linux code style requirements.
I have updated the documentation accordingly.
I have read the contributing document.
I have added tests to cover my changes.
All new and existing tests passed.
All commit messages are properly formatted and contain Signed-off-by.

Currently, spa_keystore_change_key_sync_impl() does not recurse into clones when updating encryption roots for either a call to 'zfs promote' or 'zfs change-key'. This can cause children of these clones to end up in a state where they point to the wrong dataset as the encryption root. It can also trigger ASSERTs in some cases where the code checks reference counts on wrapping keys. This patch fixes this issue by ensuring that this function properly recurses into clones during processing. Fixes: openzfs#9267 Signed-off-by: Tom Caputi <[email protected]>

codecov · 2019-09-07T03:36:13Z

Codecov Report

Merging #9294 into master will decrease coverage by 0.27%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #9294      +/-   ##
==========================================
- Coverage   79.12%   78.85%   -0.28%     
==========================================
  Files         401      401              
  Lines      122063   122063              
==========================================
- Hits        96587    96256     -331     
- Misses      25476    25807     +331

Flag	Coverage Δ
#kernel	`79.74% <100%> (-0.01%)`	⬇️
#user	`66.04% <0%> (-0.73%)`	⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4bbf047...b24c6a2. Read the comment docs.

Currently, spa_keystore_change_key_sync_impl() does not recurse into clones when updating encryption roots for either a call to 'zfs promote' or 'zfs change-key'. This can cause children of these clones to end up in a state where they point to the wrong dataset as the encryption root. It can also trigger ASSERTs in some cases where the code checks reference counts on wrapping keys. This patch fixes this issue by ensuring that this function properly recurses into clones during processing. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Alek Pinchuk <[email protected]> Signed-off-by: Tom Caputi <[email protected]> Closes openzfs#9267 Closes openzfs#9294

Currently, spa_keystore_change_key_sync_impl() does not recurse into clones when updating encryption roots for either a call to 'zfs promote' or 'zfs change-key'. This can cause children of these clones to end up in a state where they point to the wrong dataset as the encryption root. It can also trigger ASSERTs in some cases where the code checks reference counts on wrapping keys. This patch fixes this issue by ensuring that this function properly recurses into clones during processing. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Alek Pinchuk <[email protected]> Signed-off-by: Tom Caputi <[email protected]> Closes #9267 Closes #9294

tcaputi mentioned this pull request Sep 6, 2019

Key load error: Failed to get encryption root for dataset #9267

Closed

behlendorf added the Status: Code Review Needed Ready for review and testing label Sep 6, 2019

tcaputi force-pushed the fix_promote_encryption_root branch from d0b3f89 to b24c6a2 Compare September 6, 2019 20:29

behlendorf approved these changes Sep 9, 2019

View reviewed changes

behlendorf requested a review from alek-p September 9, 2019 23:25

behlendorf added Status: Accepted Ready to integrate (reviewed, tested) and removed Status: Code Review Needed Ready for review and testing labels Sep 10, 2019

behlendorf requested a review from ahrens September 10, 2019 21:36

alek-p approved these changes Sep 14, 2019

View reviewed changes

behlendorf merged commit 637f0c6 into openzfs:master Sep 16, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix clone handling with encryption roots #9294

Fix clone handling with encryption roots #9294

tcaputi commented Sep 6, 2019

codecov bot commented Sep 7, 2019 •

edited

Loading

Fix clone handling with encryption roots #9294

Fix clone handling with encryption roots #9294

Conversation

tcaputi commented Sep 6, 2019

How Has This Been Tested?

Types of changes

Checklist:

codecov bot commented Sep 7, 2019 • edited Loading

Codecov Report

codecov bot commented Sep 7, 2019 •

edited

Loading