The branch main has been updated by kevans:
URL:
https://cgit.FreeBSD.org/src/commit/?id=181549c37f1913f5ca292d8515a6e5e0068a9fe7
commit 181549c37f1913f5ca292d8515a6e5e0068a9fe7
Author: Kyle Evans <kev...@freebsd.org>
AuthorDate: 2025-02-26 22:23:24 +0000
Commit: Kyle Evans <kev...@freebsd.org>
CommitDate: 2025-02-26 22:24:24 +0000
libbe: avoid copying encryption-related props
libzfs insists that these be cloned from the origin, so avoid making a
deep copy of them ourselves to unbreak creating a new BE from a BE with
encrypted components -- in today's environment, without a loader that
does encryption, this means a deep BE setup where something underneath
the BE (e.g., home directories) are encrypted.
Reported and tested by: arrowd
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D48464
---
lib/libbe/be.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/lib/libbe/be.c b/lib/libbe/be.c
index 62563a33d975..e0ced1c5bcfc 100644
--- a/lib/libbe/be.c
+++ b/lib/libbe/be.c
@@ -680,8 +680,20 @@ be_deep_clone_prop(int prop, void *cb)
dccb = cb;
/* Skip some properties we don't want to touch */
- if (prop == ZFS_PROP_CANMOUNT)
+ switch (prop) {
+ /*
+ * libzfs insists on these being naturally inherited in the
+ * cloning process.
+ */
+ case ZFS_PROP_KEYFORMAT:
+ case ZFS_PROP_KEYLOCATION:
+ case ZFS_PROP_ENCRYPTION:
+ case ZFS_PROP_PBKDF2_ITERS:
+
+ /* FALLTHROUGH */
+ case ZFS_PROP_CANMOUNT: /* Forced by libbe */
return (ZPROP_CONT);
+ }
/* Don't copy readonly properties */
if (zfs_prop_readonly(prop))
