11277 Loader cannot boot from root pool with encryption enabled

Review Request #2023 — Created June 26, 2019 and submitted

citrus
illumos-gate
master
11277
e90dc8f...
general
11277 Loader cannot boot from root pool with encryption enabled

From FreeBSD: https://svnweb.freebsd.org/base?view=revision&revision=349217

Tell loader to ignore newer features enabled on the root pool.

There are many new features in ZoF. Most, if not all, do not effect read only usage.
Encryption in particular is enabled at the pool level but used at the dataset level.
The loader obviously will not be able to boot if the boot dataset is encrypted, but
should not care if some other dataset in the root pool is encrypted.

Tested on OmniOS - used to fix a non-booting VM after creating a test encrypted dataset - rpool/enc

  • 0
  • 0
  • 1
  • 1
  • 2
Description From Last Updated
danmcd
  1. 
      
  2. usr/src/boot/lib/libstand/zfs/zfsimpl.c (Diff revision 1)
     
     

    Dumb question: Will features not yet in illumos but listed here cause problems? (I suspect "no", but would like to hear it explicitly.)

    1. No, the code just does a string comparison for each enabled feature on the pool to check if they are known or not. Unknown enabled features cause a boot failure but the other way around is not a problem.

      I think com.datto:resilver_defer is the only one that we don't have yet.

  3. 
      
danmcd
  1. Ship It!
  2. 
      
tsoome
  1. Ship It!
  2. 
      
domag02
  1. Ship It!
  2. 
      
jjelinek
  1. 
      
  2. usr/src/boot/lib/libstand/zfs/zfsimpl.c (Diff revision 1)
     
     

    feature@bookmark_v2 is required (and was added) with encryption. Should that be listed here?

    1. Specifically, to match the other changes here, the name is "com.datto:bookmark_v2".

    2. Actually yes since bookmark_v2 is not read-only compatible.

    3. If it's not read-only compatible, should it be added here?

    4. yes, that is what I meant.

    5. I apologize for my confusion on these responses. Could you definitively say "yes, add it" or "no, don't add it"? I'm just having a little trouble understanding the earlier responses, which might be because I don't understand the loader code at all.

    6. yes, add it:)

      Yep, the code there is confusing; we grab ZPOOL_CONFIG_FEATURES_FOR_READ or DMU_POOL_FEATURES_FOR_READ nvlist and check if there features listed in nvlist are in our features_for_read, if no match, we stop accessing this pool.

  3. 
      
citrus
jjelinek
  1. Ship It!
  2. 
      
danmcd
  1. Ship It!
  2. 
      
tsoome
  1. Ship It!
  2. 
      
citrus
Review request changed

Status: Closed (submitted)

Loading...