From 115510a8d094752c305ddba818c0b3acb919b2a9 Mon Sep 17 00:00:00 2001 From: "Andrew J. Stone" Date: Fri, 29 Sep 2023 22:14:59 +0000 Subject: [PATCH] wip --- illumos-utils/Cargo.toml | 3 +++ illumos-utils/src/zfs.rs | 35 +++++++++++++++++++++++++++-------- sled-storage/Cargo.toml | 1 + sled-storage/src/keyfile.rs | 8 -------- 4 files changed, 31 insertions(+), 16 deletions(-) diff --git a/illumos-utils/Cargo.toml b/illumos-utils/Cargo.toml index 3c0c2e7fc9..573d0be14b 100644 --- a/illumos-utils/Cargo.toml +++ b/illumos-utils/Cargo.toml @@ -42,3 +42,6 @@ toml.workspace = true [features] # Enable to generate MockZones testing = ["mockall"] +# Useful for tests that want real functionality and ability to run without +# pfexec +tmp_keypath = [] diff --git a/illumos-utils/src/zfs.rs b/illumos-utils/src/zfs.rs index ba8cd8c84a..382c01f9aa 100644 --- a/illumos-utils/src/zfs.rs +++ b/illumos-utils/src/zfs.rs @@ -20,7 +20,16 @@ pub const ZONE_ZFS_RAMDISK_DATASET_MOUNTPOINT: &str = "/zone"; pub const ZONE_ZFS_RAMDISK_DATASET: &str = "rpool/zone"; pub const ZFS: &str = "/usr/sbin/zfs"; + +/// This path is intentionally on a `tmpfs` to prevent copy-on-write behavior +/// and to ensure it goes away on power off. +/// +/// We want minimize the time the key files are in memory, and so we rederive +/// the keys and recreate the files on demand when creating and mounting +/// encrypted filesystems. We then zero them and unlink them. pub const KEYPATH_ROOT: &str = "/var/run/oxide/"; +// Use /tmp so we don't have to worry about running tests with pfexec +pub const TEST_KEYPATH_ROOT: &str = "/tmp"; /// Error returned by [`Zfs::list_datasets`]. #[derive(thiserror::Error, Debug)] @@ -135,19 +144,29 @@ impl fmt::Display for Keypath { } } +#[cfg(not(feature = "tmp_keypath"))] +impl From<&DiskIdentity> for Keypath { + fn from(id: &DiskIdentity) -> Self { + build_keypath(id, KEYPATH_ROOT) + } +} + +#[cfg(feature = "tmp_keypath")] impl From<&DiskIdentity> for Keypath { fn from(id: &DiskIdentity) -> Self { - let filename = format!( - "{}-{}-{}-zfs-aes-256-gcm.key", - id.vendor, id.serial, id.model - ); - let mut path = Utf8PathBuf::new(); - path.push(KEYPATH_ROOT); - path.push(filename); - Keypath(path) + build_keypath(id, TEST_KEYPATH_ROOT) } } +fn build_keypath(id: &DiskIdentity, root: &str) -> Keypath { + let filename = + format!("{}-{}-{}-zfs-aes-256-gcm.key", id.vendor, id.serial, id.model); + let mut path = Utf8PathBuf::new(); + path.push(root); + path.push(filename); + Keypath(path) +} + #[derive(Debug)] pub struct EncryptionDetails { pub keypath: Keypath, diff --git a/sled-storage/Cargo.toml b/sled-storage/Cargo.toml index e1ba21db93..11bd502183 100644 --- a/sled-storage/Cargo.toml +++ b/sled-storage/Cargo.toml @@ -28,5 +28,6 @@ tokio.workspace = true uuid.workspace = true [dev-dependencies] +illumos-utils = { workspace = true, features = ["tmp_keypath"] } omicron-test-utils.workspace = true camino-tempfile.workspace = true \ No newline at end of file diff --git a/sled-storage/src/keyfile.rs b/sled-storage/src/keyfile.rs index 396c860fc5..fcdbf8b3bf 100644 --- a/sled-storage/src/keyfile.rs +++ b/sled-storage/src/keyfile.rs @@ -9,14 +9,6 @@ use slog::{info, Logger}; use tokio::fs::{remove_file, File}; use tokio::io::{AsyncSeekExt, AsyncWriteExt, SeekFrom}; -/// This path is intentionally on a `tmpfs` to prevent copy-on-write behavior -/// and to ensure it goes away on power off. -/// -/// We want minimize the time the key files are in memory, and so we rederive -/// the keys and recreate the files on demand when creating and mounting -/// encrypted filesystems. We then zero them and unlink them. -pub const KEYPATH_ROOT: &str = "/var/run/oxide/"; - /// A file that wraps a zfs encryption key. /// /// We put this in a RAM backed filesystem and zero and delete it when we are