"mount -l -a" Will prompt for multiple passphrases at once

[Rain]

System information

Type	Version/Name
Distribution Name	Debian
Distribution Version	9 (Stretch)
Linux Kernel	4.9.0-9-amd64
Architecture	AMD64
ZFS Version	0.8.0-rc5
SPL Version	0.8.0-rc5

Describe the problem you're observing

zfs mount -l -a will prompt for the passphrase of multiple encrypted filesystems at the same time. This seems to be a bug; it's confusing and can lead to passphrases being printed on the terminal while being typed.

When there are multiple encrypted filesystems with passphrase prompts, zfs mount -l -a should prompt for the passphrase for each filesystem separately and one-after-another. zfs load-key -a functions this way and prompts for the passphrases individually.

Describe how to reproduce the problem

# zpool create tank /dev/sdb
# zfs create -o encryption=on -o keyformat=passphrase tank/fs1
# zfs create -o encryption=on -o keyformat=passphrase tank/fs2
# zfs umount -a
# zfs unload-key tank/fs1
# zfs unload-key tank/fs2
# zfs mount -l -a
Enter passphrase for 'tank/fs1': Enter passphrase for 'tank/fs2':

Note the two "Enter passphrase for..." messages printed on top of one another. If the passphrase for tank/fs2 is entered correctly (followed by pressing Enter), everything seems to hang. tank/fs2 was actually unlocked and the process is actually waiting for the passphrase for tank/fs1. If the passphrase for tank/fs1 is then entered it will be displayed as typed in the
terminal.

This also occurs if there are multiple zpools that have encrypted root filesystems.

Include any warning/errors/backtraces from the system logs

(Not applicable)

[Rain]

Not that this is really anything major, but just to follow up: This issue exists in the final (non-RC) 0.8.0 release as well.

[tcaputi]

ill take a look at this tomorrow.

[Rain]

I had some time and looked into this a bit further. This appears to be happening because share_mount(...) mounts filesystems in parallel. If any of the filesystems require passphrases, they are all prompted for at once.

A simple fix would be to assume that, if the -l flag was given, some number of filesystems are encrypted and to not mount in parallel.

https://github.com/zfsonlinux/zfs/blob/2d0077da6ded46fb9c8fc646904d23a54ad4d352/cmd/zfs/zfs_main.c#L6626-L6627

zfs_foreach_mountpoint(g_zfs, cb.cb_handles, cb.cb_used,
-    share_mount_one_cb, &share_mount_state, op == OP_MOUNT);
+    share_mount_one_cb, &share_mount_state, op == OP_MOUNT && !(flags & MS_CRYPT));

[tcaputi]

@Rain Yeah, I agree this is the problem and that might be the best solution. However, if you have a system that only has keylocation=file://... datasets then you probably still want the parallel mount. Another solution would be to add locking to the passphrase acceptance code s that you only get one prompt at a time. However, this would mean that you could get your prompts in a different order every time.

Update: I just spoke to @behlendorf and we agreed to go with your solution. If people wish to get the full mounting performance they can use zfs load-key before zfs mount. I will make a PR in just a minute.

[tcaputi]

@Rain the PR has been made (#8811). I didn't see any contact info for you on your github profile. If you would like me to add your name to the commit line let me know and I'll update the commit.

[Rain]

@tcaputi No need to attribute me; thanks though!