key lookup failure should always return EACCES

spa_do_crypt_abd() already maps a missing key to EACCES. However
spa_do_crypt_mac_abd(), spa_do_crypt_objset_mac_abd(), and
spa_crypt_get_salt() still return the raw
spa_keystore_lookup_key() error (ENOENT). This is inconsistent
As we want to treat all “no key” failures as a permission
failure. Standardize on EACCES for the unloaded-key case.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alek Pinchuk <alek.pinchuk@connectwise.com>
Closes #18448
This commit is contained in:
Alek P
2026-04-23 16:55:28 -04:00
committed by GitHub
parent 9dd3c653c2
commit 8da4729732
2 changed files with 18 additions and 37 deletions
+1 -1
View File
@@ -1874,7 +1874,7 @@ arc_hdr_authenticate(arc_buf_hdr_t *hdr, spa_t *spa, uint64_t dsobj)
if (ret == 0) if (ret == 0)
arc_hdr_clear_flags(hdr, ARC_FLAG_NOAUTH); arc_hdr_clear_flags(hdr, ARC_FLAG_NOAUTH);
else if (ret == ENOENT) else if (ret == EACCES)
ret = 0; ret = 0;
if (free_abd) if (free_abd)
+17 -36
View File
@@ -2677,23 +2677,16 @@ int
spa_crypt_get_salt(spa_t *spa, uint64_t dsobj, uint8_t *salt) spa_crypt_get_salt(spa_t *spa, uint64_t dsobj, uint8_t *salt)
{ {
int ret; int ret;
dsl_crypto_key_t *dck = NULL; dsl_crypto_key_t *dck;
/* look up the key from the spa's keystore */ /* look up the key from the spa's keystore */
ret = spa_keystore_lookup_key(spa, dsobj, FTAG, &dck); ret = spa_keystore_lookup_key(spa, dsobj, FTAG, &dck);
if (ret != 0) if (ret != 0)
goto error; return (SET_ERROR(EACCES));
ret = zio_crypt_key_get_salt(&dck->dck_key, salt); ret = zio_crypt_key_get_salt(&dck->dck_key, salt);
if (ret != 0)
goto error;
spa_keystore_dsl_key_rele(spa, dck, FTAG); spa_keystore_dsl_key_rele(spa, dck, FTAG);
return (0);
error:
if (dck != NULL)
spa_keystore_dsl_key_rele(spa, dck, FTAG);
return (ret); return (ret);
} }
@@ -2708,9 +2701,7 @@ spa_do_crypt_objset_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj,
abd_t *abd, uint_t datalen, boolean_t byteswap) abd_t *abd, uint_t datalen, boolean_t byteswap)
{ {
int ret; int ret;
dsl_crypto_key_t *dck = NULL; dsl_crypto_key_t *dck;
void *buf = abd_borrow_buf_copy(abd, datalen);
objset_phys_t *osp = buf;
uint8_t portable_mac[ZIO_OBJSET_MAC_LEN]; uint8_t portable_mac[ZIO_OBJSET_MAC_LEN];
uint8_t local_mac[ZIO_OBJSET_MAC_LEN]; uint8_t local_mac[ZIO_OBJSET_MAC_LEN];
const uint8_t zeroed_mac[ZIO_OBJSET_MAC_LEN] = {0}; const uint8_t zeroed_mac[ZIO_OBJSET_MAC_LEN] = {0};
@@ -2718,15 +2709,19 @@ spa_do_crypt_objset_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj,
/* look up the key from the spa's keystore */ /* look up the key from the spa's keystore */
ret = spa_keystore_lookup_key(spa, dsobj, FTAG, &dck); ret = spa_keystore_lookup_key(spa, dsobj, FTAG, &dck);
if (ret != 0) if (ret != 0)
goto error; return (SET_ERROR(EACCES));
void *buf = abd_borrow_buf_copy(abd, datalen);
objset_phys_t *osp = buf;
/* calculate both HMACs */ /* calculate both HMACs */
ret = zio_crypt_do_objset_hmacs(&dck->dck_key, buf, datalen, ret = zio_crypt_do_objset_hmacs(&dck->dck_key, buf, datalen,
byteswap, portable_mac, local_mac); byteswap, portable_mac, local_mac);
if (ret != 0)
goto error;
spa_keystore_dsl_key_rele(spa, dck, FTAG); spa_keystore_dsl_key_rele(spa, dck, FTAG);
if (ret != 0) {
abd_return_buf(abd, buf, datalen);
return (ret);
}
/* if we are generating encode the HMACs in the objset_phys_t */ /* if we are generating encode the HMACs in the objset_phys_t */
if (generate) { if (generate) {
@@ -2760,14 +2755,7 @@ spa_do_crypt_objset_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj,
} }
abd_return_buf(abd, buf, datalen); abd_return_buf(abd, buf, datalen);
return (0); return (0);
error:
if (dck != NULL)
spa_keystore_dsl_key_rele(spa, dck, FTAG);
abd_return_buf(abd, buf, datalen);
return (ret);
} }
int int
@@ -2775,23 +2763,22 @@ spa_do_crypt_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj, abd_t *abd,
uint_t datalen, uint8_t *mac) uint_t datalen, uint8_t *mac)
{ {
int ret; int ret;
dsl_crypto_key_t *dck = NULL; dsl_crypto_key_t *dck;
uint8_t *buf = abd_borrow_buf_copy(abd, datalen);
uint8_t digestbuf[ZIO_DATA_MAC_LEN]; uint8_t digestbuf[ZIO_DATA_MAC_LEN];
/* look up the key from the spa's keystore */ /* look up the key from the spa's keystore */
ret = spa_keystore_lookup_key(spa, dsobj, FTAG, &dck); ret = spa_keystore_lookup_key(spa, dsobj, FTAG, &dck);
if (ret != 0) if (ret != 0)
goto error; return (SET_ERROR(EACCES));
uint8_t *buf = abd_borrow_buf_copy(abd, datalen);
/* perform the hmac */ /* perform the hmac */
ret = zio_crypt_do_hmac(&dck->dck_key, buf, datalen, ret = zio_crypt_do_hmac(&dck->dck_key, buf, datalen,
digestbuf, ZIO_DATA_MAC_LEN); digestbuf, ZIO_DATA_MAC_LEN);
if (ret != 0)
goto error;
abd_return_buf(abd, buf, datalen);
spa_keystore_dsl_key_rele(spa, dck, FTAG); spa_keystore_dsl_key_rele(spa, dck, FTAG);
abd_return_buf(abd, buf, datalen);
if (ret != 0)
return (ret);
/* /*
* Truncate and fill in mac buffer if we were asked to generate a MAC. * Truncate and fill in mac buffer if we were asked to generate a MAC.
@@ -2806,12 +2793,6 @@ spa_do_crypt_mac_abd(boolean_t generate, spa_t *spa, uint64_t dsobj, abd_t *abd,
return (SET_ERROR(ECKSUM)); return (SET_ERROR(ECKSUM));
return (0); return (0);
error:
if (dck != NULL)
spa_keystore_dsl_key_rele(spa, dck, FTAG);
abd_return_buf(abd, buf, datalen);
return (ret);
} }
/* /*