summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorTom Caputi <[email protected]>2020-01-14 15:25:20 -0500
committerBrian Behlendorf <[email protected]>2020-01-14 12:25:20 -0800
commit61152d1069595db08f9b53ee518683382caf313e (patch)
tree94c02406bced0e296a795506f504361aab935529 /include
parentf744f36ce583ed27dcfcda93ecd0af1df994a891 (diff)
Fix errata #4 handling for resuming streams
Currently, the handling for errata #4 has two issues which allow the checks for this issue to be bypassed using resumable sends. The first issue is that drc->drc_fromsnapobj is not set in the resuming code as it is in the non-resuming code. This causes dsl_crypto_recv_key_check() to skip its checks for the from_ivset_guid. The second issue is that resumable sends do not clean up their on-disk state if they fail the checks in dmu_recv_stream() that happen before any data is received. As a result of these two bugs, a user can attempt a resumable send of a dataset without a from_ivset_guid. This will fail the initial dmu_recv_stream() checks, leaving a valid resume state. The send can then be resumed, which skips those checks, allowing the receive to be completed. This commit fixes these issues by setting drc->drc_fromsnapobj in the resuming receive path and by ensuring that resumablereceives are properly cleaned up if they fail the initial dmu_recv_stream() checks. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Tom Caputi <[email protected]> Closes #9818 Closes #9829
Diffstat (limited to 'include')
-rw-r--r--include/sys/dmu_recv.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/sys/dmu_recv.h b/include/sys/dmu_recv.h
index 2cbe49c49..e3b54e3d1 100644
--- a/include/sys/dmu_recv.h
+++ b/include/sys/dmu_recv.h
@@ -49,6 +49,7 @@ typedef struct dmu_recv_cookie {
uint64_t drc_featureflags;
boolean_t drc_force;
boolean_t drc_resumable;
+ boolean_t drc_should_save;
boolean_t drc_raw;
boolean_t drc_clone;
boolean_t drc_spill;