Add ASSERT to debug encryption key mapping issues

This patch simply adds an ASSERT that confirms that the last decrypting reference on a dataset waits until the dataset is no longer dirty. This should help to debug issues where the ZIO layer cannot find encryption keys after a dataset has been disowned. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Tom Caputi <[email protected]> Closes #7637
author: Tom Caputi <[email protected]> 2018-06-18 17:10:54 -0400
committer: Brian Behlendorf <[email protected]> 2018-06-18 14:10:54 -0700
commit: cd32e5db8bb4411533dc21cfc12a5af5f3b56701 (patch)
tree: 4e0d5b1cda63b2c5603c3995c066aaf2ffcea200 /module/zfs/dsl_dataset.c
parent: 517d2471921fc44622dc737b09b655829b8c9c6f (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/module/zfs/dsl_dataset.c b/module/zfs/dsl_dataset.c
index 7a4721e17..9db6d1e0b 100644
--- a/module/zfs/dsl_dataset.c
+++ b/module/zfs/dsl_dataset.c
@@ -791,6 +791,15 @@ dsl_dataset_rele_flags(dsl_dataset_t *ds, ds_hold_flags_t flags, void *tag)
 	    (flags & DS_HOLD_FLAG_DECRYPT)) {
 		(void) spa_keystore_remove_mapping(ds->ds_dir->dd_pool->dp_spa,
 		    ds->ds_object, ds);
+
+		/*
+		 * Encrypted datasets require that users only release their
+		 * decrypting reference after the dirty data has actually
+		 * been written out. This ensures that the mapping exists
+		 * when it is needed to write out dirty data.
+		 */
+		ASSERT(dmu_buf_user_refcount(ds->ds_dbuf) != 0 ||
+		    !dsl_dataset_is_dirty(ds));
 	}
 
 	dmu_buf_rele(ds->ds_dbuf, tag);
author	Tom Caputi <[email protected]>	2018-06-18 17:10:54 -0400
committer	Brian Behlendorf <[email protected]>	2018-06-18 14:10:54 -0700
commit	cd32e5db8bb4411533dc21cfc12a5af5f3b56701 (patch)
tree	4e0d5b1cda63b2c5603c3995c066aaf2ffcea200 /module/zfs/dsl_dataset.c
parent	517d2471921fc44622dc737b09b655829b8c9c6f (diff)