http://defect.opensolaris.org/bz/show_bug.cgi?id=2074
Summary: zvol_encrypt_001 leaking data that should be encrypted
Classification: Development
Product: zfs-crypto
Version: unspecified
Platform: Other
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: other
AssignedTo: ajscarp at yahoo.com
ReportedBy: ajscarp at yahoo.com
QAContact: hua.tang at sun.com
CC: zfs-crypto-discuss at opensolaris.org
Estimated Hours: 0.0
stdout| 1571| /usr/sbin/mkfile 1g /export/home/vdev_file_1
stdout| 1571| /usr/sbin/zpool create -f -o
keysource=hex,file:///net/borg/cube/b
uilds/izick/zfscrypto-test/proto/suites/security/zfs-crypto/etc/hex_key_file
poo
l_1571_1 /export/home/vdev_file_1
stdout| 1571| DEBUG: use_key_material salt (0)
stdout| DEBUG: use_key_material outkey
(843720)=9adf6ac44655ccc414a5e9197a34c527
31f5fe8d9191a7cd3811ab6f69f1078
stdout| DEBUG: use_key_material zic_keylen (32)
stdout| DEBUG: use_key_material zic_key (843720)
stdout| DEBUG: zic_keydata (843720)
stdout| DEBUG: create salt = 0
stdout| DEBUG: cry->key_data_len = 0
stdout| DEBUG: zc->zc_crypto.zic_keydatalen = 32
stdout| DEBUG:
keydata=9adf6ac44655ccc414a5e9197a34c52731f5fe8d9191a7cd3811ab6f6
9f1078
stdout| 1571| /usr/sbin/zfs create -o encryption=on -V 200m pool_1571_1/vol_1
stdout| 1571| /usr/sbin/zpool create -f vol_pool_1
/dev/zvol/dsk/pool_1571_1/vol
_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file1.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file2.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file3.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file4.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file5.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file6.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/file7.txt /vol_pool_1
stdout| 1571| cp
/net/borg/cube/builds/izick/zfscrypto-test/proto/suites/securit
y/zfs-crypto/etc/Hamlet.txt /vol_pool_1
stdout| 1571| /usr/sbin/zpool export vol_pool_1
stdout| 1571| /usr/sbin/zpool export pool_1571_1
Msg| 1571 | [ - Progress ]
Msg| 1571 | Testing data on ZVOL is encrypted
Msg| 1571 |
stdout| 1571| Checking data on the disk. It may take several minutes. Please be
patient.
stdout| 1571| Error: clear text was found in the strings output
Msg| 1571 | [ - Result ]
Msg| 1571 | RESULT: FAIL
----
Doing a strings one vdev_file_1, there are a lot of A's as if one of the files
containing "A" was not encrypted..
The part that is curious about this is a clear text dataset (/vol_pool_1) is
contained in an encrypted volume pool_1571_1/vol_1. Is it possible the kernel
is clear text dataset is overriding the encryption?
It would appear not to be a result of residual data on the hard disk since
mkfile zero's the file
--
Configure bugmail: http://defect.opensolaris.org/bz/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
