diff --git a/module/zfs/dmu_recv.c b/module/zfs/dmu_recv.c index 99eeceeb4139..98ca2b3bcec1 100644 --- a/module/zfs/dmu_recv.c +++ b/module/zfs/dmu_recv.c @@ -602,7 +602,7 @@ dmu_recv_begin_check(void *arg, dmu_tx_t *tx) * so add the DS_HOLD_FLAG_DECRYPT flag only if we are dealing * with a dataset we may encrypt. */ - if (drba->drba_dcp != NULL && + if (drba->drba_dcp == NULL || drba->drba_dcp->cp_crypt != ZIO_CRYPT_OFF) { dsflags |= DS_HOLD_FLAG_DECRYPT; } diff --git a/tests/zfs-tests/tests/functional/cli_root/zfs_receive/zfs_receive_to_encrypted.ksh b/tests/zfs-tests/tests/functional/cli_root/zfs_receive/zfs_receive_to_encrypted.ksh index 5d76c220fc45..8bd9a6854950 100755 --- a/tests/zfs-tests/tests/functional/cli_root/zfs_receive/zfs_receive_to_encrypted.ksh +++ b/tests/zfs-tests/tests/functional/cli_root/zfs_receive/zfs_receive_to_encrypted.ksh @@ -25,13 +25,16 @@ # ZFS should receive to an encrypted child dataset. # # STRATEGY: -# 1. Snapshot the default dataset -# 2. Create an encrypted dataset -# 3. Attempt to receive a stream to an encrypted child -# 4. Attempt to receive a stream with properties to an encrypted child -# 5. Attempt to receive a replication stream to an encrypted child -# 6. Unmount and unload the encrypted dataset keys -# 7. Attempt to receive a snapshot stream to an encrypted child +# 1. Snapshot the default dataset +# 2. Create an encrypted dataset +# 3. Attempt to receive a stream to an encrypted child +# 4. Unload the key +# 5. Attempt to receive an incremental stream to an encrypted child (must fail) +# 6. Attempt to receive a stream with properties to an unencrypted child +# 7. Attempt to receive an incremental stream to an unencrypted child +# 8. Attempt to receive with -o encryption=off to an unencrypted child +# 9. Attempt to receive a replication stream to an unencrypted child +# 10. Attempt to receive a snapshot stream to an encrypted child (must fail) # verify_runnable "both" @@ -39,6 +42,7 @@ verify_runnable "both" function cleanup { snapexists $snap && destroy_dataset $snap -f + snapexists $snap2 && destroy_dataset $snap2 -f datasetexists $TESTPOOL/$TESTFS1 && \ destroy_dataset $TESTPOOL/$TESTFS1 -r @@ -50,15 +54,17 @@ log_assert "ZFS should receive encrypted filesystems into child dataset" typeset passphrase="password" typeset snap="$TESTPOOL/$TESTFS@snap" +typeset snap2="$TESTPOOL/$TESTFS@snap2" typeset testfile="testfile" log_must zfs snapshot $snap +log_must zfs snapshot $snap2 log_must eval "echo $passphrase | zfs create -o encryption=on" \ "-o keyformat=passphrase $TESTPOOL/$TESTFS1" log_note "Verifying ZFS will receive to an encrypted child" -log_must eval "zfs send $snap | zfs receive $TESTPOOL/$TESTFS1/c1" +log_must eval "zfs send $snap | zfs receive -u $TESTPOOL/$TESTFS1/c1" log_must test "$(get_prop 'encryption' $TESTPOOL/$TESTFS1/c1)" != "off" # Unload the key, the following tests won't require it and we will test @@ -66,10 +72,17 @@ log_must test "$(get_prop 'encryption' $TESTPOOL/$TESTFS1/c1)" != "off" log_must zfs unmount $TESTPOOL/$TESTFS1 log_must zfs unload-key $TESTPOOL/$TESTFS1 +log_note "Verifying ZFS will not receive an incremental into an encrypted" \ + "dataset when the key is unloaded" +log_mustnot eval "zfs send -i $snap $snap2 | zfs receive $TESTPOOL/$TESTFS1/c1" + log_note "Verifying 'send -p' will receive to an unencrypted child" -log_must eval "zfs send -p $snap | zfs receive $TESTPOOL/$TESTFS1/c2" +log_must eval "zfs send -p $snap | zfs receive -u $TESTPOOL/$TESTFS1/c2" log_must test "$(get_prop 'encryption' $TESTPOOL/$TESTFS1/c2)" == "off" +log_note "Verifying 'send -i' will receive to an unencrypted child" +log_must eval "zfs send -i $snap $snap2 | zfs receive $TESTPOOL/$TESTFS1/c2" + # For completeness add the property override case. log_note "Verifying recv -o encyption=off' will receive to an unencrypted child" log_must eval "zfs send $snap | \