aboutsummaryrefslogtreecommitdiffstats
path: root/lib/libzfs/libzfs_pool.c
diff options
context:
space:
mode:
authorTom Caputi <[email protected]>2018-06-28 12:20:34 -0400
committerBrian Behlendorf <[email protected]>2018-06-28 09:20:34 -0700
commit69830602de2d836013a91bd42cc8d36bbebb3aae (patch)
tree6141db85a412b76160027e7f6280dd099baedcf1 /lib/libzfs/libzfs_pool.c
parent3be1eb29dab4e96249de7832d9b3dae5740c33c8 (diff)
Raw receive fix and encrypted objset security fix
This patch fixes two problems with the encryption code. First, the current code does not correctly prohibit the DMU from updating dn_maxblkid during object truncation within a raw receive. This usually only causes issues when the truncating DRR_FREE record is aggregated with DRR_FREE records later in the receive, so it is relatively hard to hit. Second, this patch fixes a security issue where reading blocks within an encrypted object did not guarantee that the dnode block itself had ever been verified against its MAC. Usually the verification happened anyway when the bonus buffer was read, but some use cases (notably zvols) might never perform the check. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed by: Matthew Ahrens <[email protected]> Signed-off-by: Tom Caputi <[email protected]> Closes #7632
Diffstat (limited to 'lib/libzfs/libzfs_pool.c')
0 files changed, 0 insertions, 0 deletions