Skip to content

ZTS: testing for leaked key mappings in encrypted non-raw send #17366

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 24, 2025
Merged

ZTS: testing for leaked key mappings in encrypted non-raw send #17366

merged 1 commit into from
May 24, 2025

Conversation

gamanakis
Copy link
Contributor

@gamanakis gamanakis commented May 22, 2025
edited
Loading

Motivation and Context

See issue #12014.

Description

This test covers a bug fixed by commit ea74cde: performing an incremental non-raw send from an encrypted filesystem followed by exporting the pool. Before that commit, exporting the sending pool in this scenario would trigger a panic.

VERIFY(avl_is_empty(&sk->sk_dsl_keys)) failed
PANIC at dsl_crypt.c:353:spa_keystore_fini()
Call Trace:
spl_dumpstack+0x29/0x2f [spl]
spl_panic+0xd1/0xe9 [spl]
spl_assert.constprop.0+0x1a/0x30 [zfs]
spa_keystore_fini+0xc2/0xf0 [zfs]
spa_deactivate+0x25f/0x610 [zfs]
spa_evict_all+0xf4/0x200 [zfs]
spa_fini+0x13/0x140 [zfs]
zfs_kmod_fini+0x72/0xc0 [zfs]
openzfs_fini_os+0x13/0x3a [zfs]
openzfs_fini+0x9/0x6b8 [zfs]

How Has This Been Tested?

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Performance enhancement (non-breaking change which improves efficiency)
  • Code cleanup (non-breaking change which makes code smaller or more readable)
  • Quality assurance (non-breaking change which makes the code more robust against bugs)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Library ABI change (libzfs, libzfs_core, libnvpair, libuutil and libzfsbootenv)
  • Documentation (a change to man pages or other documentation)

Checklist:

@github-actions github-actions bot added the Status: Work in Progress Not yet ready for general review label May 22, 2025
@gamanakis gamanakis force-pushed the pr12014_zts branch 2 times, most recently from 09168cd to fc9eaca Compare May 22, 2025 07:29
@gamanakis gamanakis marked this pull request as ready for review May 22, 2025 07:30
@github-actions github-actions bot added Status: Code Review Needed Ready for review and testing and removed Status: Work in Progress Not yet ready for general review labels May 22, 2025
@gamanakis gamanakis marked this pull request as draft May 22, 2025 09:43
@github-actions github-actions bot added Status: Work in Progress Not yet ready for general review and removed Status: Code Review Needed Ready for review and testing labels May 22, 2025
@gamanakis gamanakis force-pushed the pr12014_zts branch 2 times, most recently from 82cde04 to b48b4cd Compare May 22, 2025 15:52
behlendorf
behlendorf approved these changes May 22, 2025
View reviewed changes
Copy link
Contributor

@behlendorf behlendorf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for following up with a test case for this leak.

@gamanakis gamanakis marked this pull request as ready for review May 22, 2025 17:11
@github-actions github-actions bot added Status: Code Review Needed Ready for review and testing and removed Status: Work in Progress Not yet ready for general review labels May 22, 2025
@behlendorf behlendorf added Status: Accepted Ready to integrate (reviewed, tested) and removed Status: Code Review Needed Ready for review and testing labels May 22, 2025
@github-actions github-actions bot removed the Status: Accepted Ready to integrate (reviewed, tested) label May 23, 2025
@gamanakis
Copy link
Contributor Author

@behlendorf I noticed the FreeBSDs were failing, due to dsync in dd.
306399e: removed dsync in dd.

amotin
amotin reviewed May 23, 2025
View reviewed changes
Copy link
Member

@amotin amotin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this would be cleaner:

@amotin amotin added the Status: Code Review Needed Ready for review and testing label May 23, 2025
@gamanakis
ZTS: testing for leaked key mappings in encrypted non-raw send
523ed28 
This test covers a bug fixed by commit ea74cde: performing an
incremental non-raw send from an encrypted filesystem followed by
exporting the pool. Before that commit, exporting the sending pool
in this scenario would trigger a panic:

VERIFY(avl_is_empty(&sk->sk_dsl_keys)) failed
PANIC at dsl_crypt.c:353:spa_keystore_fini()
Call Trace:
 spl_dumpstack+0x29/0x2f [spl]
 spl_panic+0xd1/0xe9 [spl]
 spl_assert.constprop.0+0x1a/0x30 [zfs]
 spa_keystore_fini+0xc2/0xf0 [zfs]
 spa_deactivate+0x25f/0x610 [zfs]
 spa_evict_all+0xf4/0x200 [zfs]
 spa_fini+0x13/0x140 [zfs]
 zfs_kmod_fini+0x72/0xc0 [zfs]
 openzfs_fini_os+0x13/0x3a [zfs]
 openzfs_fini+0x9/0x6b8 [zfs]

Signed-off-by: George Amanakis <[email protected]>
@gamanakis
Copy link
Contributor Author

523ed28: echo converted to log_note

@behlendorf behlendorf added Status: Accepted Ready to integrate (reviewed, tested) and removed Status: Code Review Needed Ready for review and testing labels May 23, 2025
@amotin amotin merged commit b01d7bd into openzfs:master May 24, 2025
22 of 24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@behlendorf behlendorf behlendorf approved these changes

@amotin amotin amotin approved these changes

Assignees
No one assigned
Labels
Status: Accepted Ready to integrate (reviewed, tested)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gamanakis @behlendorf @amotin