git.proxmox.com Git - mirror_zfs.git/commit

author	Tom Caputi <tcaputi@datto.com>
	Thu, 28 Jun 2018 16:20:34 +0000 (12:20 -0400)
committer	Brian Behlendorf <behlendorf1@llnl.gov>
	Thu, 28 Jun 2018 16:20:34 +0000 (09:20 -0700)
commit	69830602de2d836013a91bd42cc8d36bbebb3aae
tree	6141db85a412b76160027e7f6280dd099baedcf1	tree
parent	3be1eb29dab4e96249de7832d9b3dae5740c33c8	commit \| diff

Raw receive fix and encrypted objset security fix

This patch fixes two problems with the encryption code. First, the
current code does not correctly prohibit the DMU from updating
dn_maxblkid during object truncation within a raw receive. This
usually only causes issues when the truncating DRR_FREE record is
aggregated with DRR_FREE records later in the receive, so it is
relatively hard to hit.

Second, this patch fixes a security issue where reading blocks
within an encrypted object did not guarantee that the dnode block
itself had ever been verified against its MAC. Usually the
verification happened anyway when the bonus buffer was read, but
some use cases (notably zvols) might never perform the check.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #7632

module/zfs/arc.c		diff \| blob \| blame \| history
module/zfs/dbuf.c		diff \| blob \| blame \| history
module/zfs/dnode_sync.c		diff \| blob \| blame \| history