diff options
| author | Tom Caputi <[email protected]> | 2018-05-02 18:36:20 -0400 |
|---|---|---|
| committer | Brian Behlendorf <[email protected]> | 2018-05-02 15:36:20 -0700 |
| commit | be9a5c355c819ac0f2aca1f8c30dc75164e10322 (patch) | |
| tree | de57c7d931764c3abfc94422c14311b12f83c5e3 /include/sys | |
| parent | 9464b9591ea5cd61a4d6ef8e29c4597b48d16a77 (diff) | |
Add support for decryption faults in zinject
This patch adds the ability for zinject to trigger decryption
and authentication faults in the ZIO and ARC layers. This
functionality is exposed via the new "decrypt" error type, which
may be provided for "data" object types.
This patch also refactors some of the core encryption / decryption
functions so that they have consistent prototypes, handle errors
consistently, and do not have unused arguments.
Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Tom Caputi <[email protected]>
Closes #7474
Diffstat (limited to 'include/sys')
| -rw-r--r-- | include/sys/arc_impl.h | 2 | ||||
| -rw-r--r-- | include/sys/dsl_crypt.h | 7 | ||||
| -rw-r--r-- | include/sys/zfs_ioctl.h | 1 | ||||
| -rw-r--r-- | include/sys/zio.h | 2 | ||||
| -rw-r--r-- | include/sys/zio_crypt.h | 13 |
5 files changed, 15 insertions, 10 deletions
diff --git a/include/sys/arc_impl.h b/include/sys/arc_impl.h index a923449d9..52863bba4 100644 --- a/include/sys/arc_impl.h +++ b/include/sys/arc_impl.h @@ -96,7 +96,7 @@ struct arc_callback { boolean_t acb_encrypted; boolean_t acb_compressed; boolean_t acb_noauth; - uint64_t acb_dsobj; + zbookmark_phys_t acb_zb; zio_t *acb_zio_dummy; zio_t *acb_zio_head; arc_callback_t *acb_next; diff --git a/include/sys/dsl_crypt.h b/include/sys/dsl_crypt.h index efa3839f4..e92ae364c 100644 --- a/include/sys/dsl_crypt.h +++ b/include/sys/dsl_crypt.h @@ -216,8 +216,9 @@ int spa_do_crypt_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj, abd_t *abd, uint_t datalen, uint8_t *mac); int spa_do_crypt_objset_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj, abd_t *abd, uint_t datalen, boolean_t byteswap); -int spa_do_crypt_abd(boolean_t encrypt, spa_t *spa, uint64_t dsobj, - const blkptr_t *bp, uint64_t txgid, uint_t datalen, abd_t *pabd, - abd_t *cabd, uint8_t *iv, uint8_t *mac, uint8_t *salt, boolean_t *no_crypt); +int spa_do_crypt_abd(boolean_t encrypt, spa_t *spa, const zbookmark_phys_t *zb, + dmu_object_type_t ot, boolean_t dedup, boolean_t bswap, uint8_t *salt, + uint8_t *iv, uint8_t *mac, uint_t datalen, abd_t *pabd, abd_t *cabd, + boolean_t *no_crypt); #endif diff --git a/include/sys/zfs_ioctl.h b/include/sys/zfs_ioctl.h index ab562d24b..06e3cb24a 100644 --- a/include/sys/zfs_ioctl.h +++ b/include/sys/zfs_ioctl.h @@ -391,6 +391,7 @@ typedef enum zinject_type { ZINJECT_IGNORED_WRITES, ZINJECT_PANIC, ZINJECT_DELAY_IO, + ZINJECT_DECRYPT_FAULT, } zinject_type_t; typedef struct zfs_share { diff --git a/include/sys/zio.h b/include/sys/zio.h index dc6841d83..25c12fbcc 100644 --- a/include/sys/zio.h +++ b/include/sys/zio.h @@ -640,6 +640,8 @@ extern int zio_inject_list_next(int *id, char *name, size_t buflen, struct zinject_record *record); extern int zio_clear_fault(int id); extern void zio_handle_panic_injection(spa_t *spa, char *tag, uint64_t type); +extern int zio_handle_decrypt_injection(spa_t *spa, const zbookmark_phys_t *zb, + uint64_t type, int error); extern int zio_handle_fault_injection(zio_t *zio, int error); extern int zio_handle_device_injection(vdev_t *vd, zio_t *zio, int error); extern int zio_handle_device_injections(vdev_t *vd, zio_t *zio, int err1, diff --git a/include/sys/zio_crypt.h b/include/sys/zio_crypt.h index 57b4c1e7c..d54e2fe19 100644 --- a/include/sys/zio_crypt.h +++ b/include/sys/zio_crypt.h @@ -132,12 +132,13 @@ int zio_crypt_do_hmac(zio_crypt_key_t *key, uint8_t *data, uint_t datalen, uint8_t *digestbuf, uint_t digestlen); int zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen, boolean_t byteswap, uint8_t *portable_mac, uint8_t *local_mac); -int zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt, - dmu_object_type_t ot, uint8_t *iv, uint8_t *mac, uint_t datalen, - boolean_t byteswap, uint8_t *plainbuf, uint8_t *cipherbuf, +int zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key, + dmu_object_type_t ot, boolean_t byteswap, uint8_t *salt, uint8_t *iv, + uint8_t *mac, uint_t datalen, uint8_t *plainbuf, uint8_t *cipherbuf, + boolean_t *no_crypt); +int zio_do_crypt_abd(boolean_t encrypt, zio_crypt_key_t *key, + dmu_object_type_t ot, boolean_t byteswap, uint8_t *salt, uint8_t *iv, + uint8_t *mac, uint_t datalen, abd_t *pabd, abd_t *cabd, boolean_t *no_crypt); -int zio_do_crypt_abd(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt, - dmu_object_type_t ot, uint8_t *iv, uint8_t *mac, uint_t datalen, - boolean_t byteswap, abd_t *pabd, abd_t *cabd, boolean_t *no_crypt); #endif |