c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2026-05-22 10:37:35 +03:00
Code Issues Packages Projects Releases Wiki Activity

zdb: add ZFS_KEYFORMAT_RAW support for -K option

Browse Source 
This change adds support for ZFS_KEYFORMAT_RAW to zdb_derive_key in 
zdb.c. The implementation reads the raw key from the file specified 
by the -K option which is consistent with how raw keys are handled in 
the other parts of ZFS, along with a check to ensure that the keyfile 
doesn't have too many bytes.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Patrick Xia <patrickx@google.com>
Closes #17783
This commit is contained in:
patrickxia
2025-09-25 15:05:42 -04:00
committed by GitHub
parent 26b0f561be
commit 5c38029f4b
4 changed files with 100 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/zdb/zdb.c
+20
View File
@@ -3301,6 +3301,7 @@ zdb_derive_key(dsl_dir_t *dd, uint8_t *key_out)
uint64_t keyformat, salt, iters;
int i;
unsigned char c;
FILE *f;
VERIFY0(zap_lookup(dd->dd_pool->dp_meta_objset, dd->dd_crypto_obj,
zfs_prop_to_name(ZFS_PROP_KEYFORMAT), sizeof (uint64_t),
@@ -3333,6 +3334,25 @@ zdb_derive_key(dsl_dir_t *dd, uint8_t *key_out)
break;
case ZFS_KEYFORMAT_RAW:
if ((f = fopen(key_material, "r")) == NULL)
return (B_FALSE);
if (fread(key_out, 1, WRAPPING_KEY_LEN, f) !=
WRAPPING_KEY_LEN) {
(void) fclose(f);
return (B_FALSE);
}
/* Check the key length */
if (fgetc(f) != EOF) {
(void) fclose(f);
return (B_FALSE);
}
(void) fclose(f);
break;
default:
fatal("no support for key format %u\n",
(unsigned int) keyformat);