Monday, June 18, 2018
ZFS Raw Send
This got finally integrated into 11.3 SRU 11.3.33.5.0
zfs send compressed data (Bug 15387669)
Tuesday, June 12, 2018
Extracting ZFS Wrapping Key
Thanks to Victor Latushkin, below is a procedure on how to extract ZFS wrapping key for a given dataset.
Notice that key length is encoded in number of bits so it needs to be converted.
# cat /tmp/p aaaaaaaaaabbbbbbbbbbccccccccccz # zfs create -o encryption=aes-256-ccm -o keysource="raw,file:///tmp/p" test-0/testp # zfs get objsetid test-0/testp NAME PROPERTY VALUE SOURCE test-0/testp objsetid 192 - # mdb -k Loading modules: [ unix genunix specfs dtrace mac cpu.generic uppc apix zvpsm scsi_vhci iommu zfs lsc sd ip hook neti arp usba kssl stmf stmf_sbd sockfs lofs random idm nvme sata ufs cpc crypto fcip fctl fcp smbsrv nfs zvmm logindmux nsmb ptm sppp ipc ] > ::spa ADDR STATE NAME REALNAME ffffa1c13a33b000 ACTIVE test-0 - ffffa1c13a38b000 ACTIVE test-1 - ffffa1c13a097000 ACTIVE rpool - > ffffa1c13a33b000::spa |::print spa spa_keystore->sk_dslkeys|::walk avl|::if zcrypt_keystore_node_t skn_os = 0t192|::print zcrypt_keystore_node_t skn_wrapkey->zk_key.cku_data.cku_key_value.cku_v_length skn_wrapkey->zk_key.cku_data.cku_key_value.cku_v_length = 0x100 > 0x100 % 8 = X 20 > ffffa1c13a33b000::spa |::print spa spa_keystore->sk_dslkeys|::walk avl|::if zcrypt_keystore_node_t skn_os = 0t192|::print zcrypt_keystore_node_t skn_wrapkey->zk_key.cku_data.cku_key_value.cku_v_data|::dump -un 0x20 0 1 2 3 4 5 6 7 8 9 a b c d e f 0123456789abcdef ffffa1c149dcdd20: 61616161 61616161 61616262 62626262 aaaaaaaaaabbbbbb ffffa1c149dcdd30: 62626262 63636363 63636363 63637a0a bbbbccccccccccz.
Friday, June 08, 2018
Utilizing CTF in MDB from a binary
Having CTF compiled into binaries is very useful for debugging.
Recently I wanted to print some structures by utilizing mdb and ctf from a binary which is not running and I didn't have a core file either.
Helpful folks from Oracle suggested the below nice workaround:
# mdb /path/to/bin > main:b > ::run > ::print -at rx_call ...It sets a breakpoint at main(), then executes it but it stops when calling main(), at this stage CTF data is already loaded by linker.
Support for CTF in Userland in DTrace
I wish Solaris 11 supported CTF in DTrace in user-land in a similar manner as Illumos does.