mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2026-05-23 02:44:41 +03:00
Post-Encryption Followup
This PR includes fixes for bugs and documentation issues found after the encryption patch was merged and general code improvements for long-term maintainability. Reviewed-by: Jorgen Lundman <lundman@lundman.net> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Tom Caputi <tcaputi@datto.com> Issue #6526 Closes #6639 Closes #6703 Cloese #6706 Closes #6714 Closes #6595
This commit is contained in:
Brian Behlendorf
@@ -35,6 +35,7 @@ COMMON_H = \
|
||||
$(top_srcdir)/include/sys/dsl_userhold.h \
|
||||
$(top_srcdir)/include/sys/edonr.h \
|
||||
$(top_srcdir)/include/sys/efi_partition.h \
|
||||
$(top_srcdir)/include/sys/hkdf.h \
|
||||
$(top_srcdir)/include/sys/metaslab.h \
|
||||
$(top_srcdir)/include/sys/metaslab_impl.h \
|
||||
$(top_srcdir)/include/sys/mmp.h \
|
||||
|
||||
@@ -96,6 +96,7 @@ struct arc_callback {
|
||||
boolean_t acb_encrypted;
|
||||
boolean_t acb_compressed;
|
||||
boolean_t acb_noauth;
|
||||
uint64_t acb_dsobj;
|
||||
zio_t *acb_zio_dummy;
|
||||
arc_callback_t *acb_next;
|
||||
};
|
||||
|
||||
+10
-6
@@ -759,10 +759,13 @@ void dmu_tx_callback_register(dmu_tx_t *tx, dmu_tx_callback_func_t *dcb_func,
|
||||
* -1, the range from offset to end-of-file is freed.
|
||||
*/
|
||||
int dmu_free_range(objset_t *os, uint64_t object, uint64_t offset,
|
||||
uint64_t size, dmu_tx_t *tx);
|
||||
uint64_t size, dmu_tx_t *tx);
|
||||
int dmu_free_long_range(objset_t *os, uint64_t object, uint64_t offset,
|
||||
uint64_t size);
|
||||
uint64_t size);
|
||||
int dmu_free_long_range_raw(objset_t *os, uint64_t object, uint64_t offset,
|
||||
uint64_t size);
|
||||
int dmu_free_long_object(objset_t *os, uint64_t object);
|
||||
int dmu_free_long_object_raw(objset_t *os, uint64_t object);
|
||||
|
||||
/*
|
||||
* Convenience functions.
|
||||
@@ -797,10 +800,11 @@ int dmu_write_uio_dnode(dnode_t *dn, struct uio *uio, uint64_t size,
|
||||
#endif
|
||||
struct arc_buf *dmu_request_arcbuf(dmu_buf_t *handle, int size);
|
||||
void dmu_return_arcbuf(struct arc_buf *buf);
|
||||
void dmu_assign_arcbuf(dmu_buf_t *handle, uint64_t offset, struct arc_buf *buf,
|
||||
dmu_tx_t *tx);
|
||||
void dmu_assign_arcbuf_impl(dmu_buf_t *handle, struct arc_buf *buf,
|
||||
dmu_tx_t *tx);
|
||||
void dmu_assign_arcbuf_by_dnode(dnode_t *dn, uint64_t offset,
|
||||
struct arc_buf *buf, dmu_tx_t *tx);
|
||||
void dmu_assign_arcbuf_by_dbuf(dmu_buf_t *handle, uint64_t offset,
|
||||
struct arc_buf *buf, dmu_tx_t *tx);
|
||||
#define dmu_assign_arcbuf dmu_assign_arcbuf_by_dbuf
|
||||
void dmu_convert_to_raw(dmu_buf_t *handle, boolean_t byteorder,
|
||||
const uint8_t *salt, const uint8_t *iv, const uint8_t *mac, dmu_tx_t *tx);
|
||||
void dmu_copy_from_buf(objset_t *os, uint64_t object, uint64_t offset,
|
||||
|
||||
@@ -0,0 +1,29 @@
|
||||
/*
|
||||
* CDDL HEADER START
|
||||
*
|
||||
* This file and its contents are supplied under the terms of the
|
||||
* Common Development and Distribution License ("CDDL"), version 1.0.
|
||||
* You may only use this file in accordance with the terms of version
|
||||
* 1.0 of the CDDL.
|
||||
*
|
||||
* A full copy of the text of the CDDL should have accompanied this
|
||||
* source. A copy of the CDDL is also available via the Internet at
|
||||
* http://www.illumos.org/license/CDDL.
|
||||
*
|
||||
* CDDL HEADER END
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2017, Datto, Inc. All rights reserved.
|
||||
*/
|
||||
|
||||
#ifndef _SYS_HKDF_H_
|
||||
#define _SYS_HKDF_H_
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
int hkdf_sha512(uint8_t *key_material, uint_t km_len, uint8_t *salt,
|
||||
uint_t salt_len, uint8_t *info, uint_t info_len, uint8_t *output_key,
|
||||
uint_t out_len);
|
||||
|
||||
#endif /* _SYS_HKDF_H_ */
|
||||
+3
-12
@@ -32,18 +32,9 @@ struct zbookmark_phys;
|
||||
|
||||
#define WRAPPING_KEY_LEN 32
|
||||
#define WRAPPING_IV_LEN ZIO_DATA_IV_LEN
|
||||
#define WRAPPING_MAC_LEN 16
|
||||
|
||||
#define SHA1_DIGEST_LEN 20
|
||||
#define SHA512_DIGEST_LEN 64
|
||||
#define SHA512_HMAC_KEYLEN 64
|
||||
|
||||
#define WRAPPING_MAC_LEN ZIO_DATA_MAC_LEN
|
||||
#define MASTER_KEY_MAX_LEN 32
|
||||
#define L2ARC_DEFAULT_CRYPT ZIO_CRYPT_AES_256_CCM
|
||||
|
||||
/* utility macros */
|
||||
#define BITS_TO_BYTES(x) ((x + NBBY - 1) / NBBY)
|
||||
#define BYTES_TO_BITS(x) (x * NBBY)
|
||||
#define SHA512_HMAC_KEYLEN 64
|
||||
|
||||
typedef enum zio_crypt_type {
|
||||
ZC_TYPE_NONE = 0,
|
||||
@@ -133,7 +124,7 @@ int zio_crypt_do_indirect_mac_checksum(boolean_t generate, void *buf,
|
||||
int zio_crypt_do_indirect_mac_checksum_abd(boolean_t generate, abd_t *abd,
|
||||
uint_t datalen, boolean_t byteswap, uint8_t *cksum);
|
||||
int zio_crypt_do_hmac(zio_crypt_key_t *key, uint8_t *data, uint_t datalen,
|
||||
uint8_t *digestbuf);
|
||||
uint8_t *digestbuf, uint_t digestlen);
|
||||
int zio_crypt_do_objset_hmacs(zio_crypt_key_t *key, void *data, uint_t datalen,
|
||||
boolean_t byteswap, uint8_t *portable_mac, uint8_t *local_mac);
|
||||
int zio_do_crypt_data(boolean_t encrypt, zio_crypt_key_t *key, uint8_t *salt,
|
||||
|
||||
Reference in New Issue
Block a user