break;
case ZPOOL_ERRATA_ZOL_8308_ENCRYPTION:
- (void) printf(gettext(" action: Existing "
+ (void) printf(gettext(" action: Any existing "
"encrypted datasets contain an on-disk "
- "incompatibility which\n\tmay cause "
+ "incompatibility\n\twhich may cause "
"on-disk corruption with 'zfs recv' and "
- "which needs to be\n\tcorrected. Enable "
- "the bookmark_v2 feature and backup "
- "these datasets to new encrypted "
- "datasets and\n\tdestroy the "
- "old ones.\n"));
+ "which needs\n\tto be corrected. Enable "
+ "the bookmark_v2 feature, backup "
+ "these datasets\n\tto new encrypted "
+ "datasets, and destroy the old ones. "
+ "If this pool does\n\tnot contain any "
+ "encrypted datasets, simply enable the "
+ "bookmark_v2\n\tfeature.\n"));
break;
default:
/*
"contain an on-disk incompatibility\n\twhich "
"needs to be corrected.\n"));
(void) printf(gettext("action: To correct the issue "
- "enable the bookmark_v2 feature and "
- "backup\n\texisting encrypted datasets to new "
- "encrypted datasets and\n\tdestroy the old "
- "ones.\n"));
+ "enable the bookmark_v2 feature, backup\n\tany "
+ "existing encrypted datasets to new encrypted "
+ "datasets,\n\tand destroy the old ones. If this "
+ "pool does not contain any\n\tencrypted "
+ "datasets, simply enable the bookmark_v2 "
+ "feature.\n"));
break;
default:
return (SET_ERROR(EOPNOTSUPP));
}
+ /* Check for errata #4 (encryption enabled, bookmark_v2 disabled) */
+ if (parentdd != NULL &&
+ !spa_feature_is_enabled(parentdd->dd_pool->dp_spa,
+ SPA_FEATURE_BOOKMARK_V2)) {
+ return (SET_ERROR(EOPNOTSUPP));
+ }
+
/* handle inheritance */
if (dcp->cp_wkey == NULL) {
ASSERT3P(parentdd, !=, NULL);
spa->spa_feat_enabled_txg_obj, feature->fi_guid,
sizeof (uint64_t), 1, &enabling_txg, tx));
}
+
+ /*
+ * Errata #4 is mostly a problem with encrypted datasets, but it
+ * is also a problem where the old encryption feature did not
+ * depend on the bookmark_v2 feature. If the pool does not have
+ * any encrypted datasets we can resolve this issue simply by
+ * enabling this dependency.
+ */
+ if (spa->spa_errata == ZPOOL_ERRATA_ZOL_8308_ENCRYPTION &&
+ spa_feature_is_enabled(spa, SPA_FEATURE_ENCRYPTION) &&
+ !spa_feature_is_active(spa, SPA_FEATURE_ENCRYPTION) &&
+ feature->fi_feature == SPA_FEATURE_BOOKMARK_V2)
+ spa->spa_errata = 0;
}
static void
block_device_wait
log_mustnot dd if=/dev/zero of=/dev/zvol/$POOL_NAME/testvol bs=512 count=1
log_must dd if=/dev/zvol/$POOL_NAME/testvol of=/dev/null bs=512 count=1
+
+log_must zpool set feature@bookmark_v2=enabled $POOL_NAME # necessary for Errata #4
+
log_must eval "echo 'password' | zfs create \
-o encryption=on -o keyformat=passphrase -o keylocation=prompt \
- cryptv0/encroot"
+ $POOL_NAME/encroot"
log_mustnot eval "zfs send -w $POOL_NAME/testfs@snap1 | \
zfs recv $POOL_NAME/encroot/testfs"
log_mustnot eval "zfs send -w $POOL_NAME/testvol@snap1 | \
projects / zfs / commitdiff