Project

General

Profile

Actions
Copy link

Feature #14223

closed

Add change key zfs channel program

Added by Jason King 6 months ago. Updated 6 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason King
Category:
zfs - Zettabyte File System
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
1792

Description

Upstreaming Joyent OS-8115 and OS-8282.

This adds a zfs.sync.change_key function to zfs channel program. This only supports raw and hex key formats--the passphrase key format doesn't make sense in the context of a channel program.

Being a channel program, changing a dataset key can be combined with other functions available in a channel program -- most usefully updating user properties (such that this all occurs within a single txg, making the operations atomic). This will be useful for anything wishing to manage (and rotate) dataset keys in a robust manner (without imposing any specific policy on them other than the above limitations on key format).

Actions
Copy link
 #1

Updated by Electric Monk 6 months ago

  • Gerrit CR set to 1792
Actions
Copy link
 #2

Updated by Jason King 6 months ago

This change has been in SmartOS for over a year. The only changes for upstreaming were the pkg(5) additions and the zfs-program(1M) content.

For testing, I ran the zfs test suite. While the tests known to fail have failed, there were some additional zpool_import test failures that had in the past succeeded. These failures however appear to be unrelated to this change (they also fail on a BE without this change) and somehow seem to be some sort of sizing mismatch problem with the size of the test/scratch disk devices.

Additionally, the same zfs test suite was run on SmartOS at the time of integration into SmartOS (and passed at the time). Critically, the additional tests added as part of this change do pass.

Actions
Copy link
 #3

Updated by Electric Monk 6 months ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit d8f839f91e21bea2f5200f95df55608cbecdeeb9

commit  d8f839f91e21bea2f5200f95df55608cbecdeeb9
Author: Jason King <jason.brian.king@gmail.com>
Date:   2021-11-19T21:27:15.000Z

    14223 Add change key zfs channel program
    Portions contributed by: Alex Wilson <alex@cooperi.net>
    Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Reviewed by: Mike Zeller <mike.zeller@joyent.com>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Approved by: Dan McDonald <danmcd@joyent.com>

Actions
Copy link

Also available in: Atom PDF