diff options
| author | Kotresh HR <khiremat@redhat.com> | 2017-07-10 10:31:27 -0400 |
|---|---|---|
| committer | Jeff Darcy <jeff@pl.atyp.us> | 2017-07-24 13:05:48 +0000 |
| commit | 96eece8abbb9c06f0b91f37e718ac9e337a3f714 (patch) | |
| tree | c5d3498254327ef314ae29c038592ae35df22387 /xlators | |
| parent | 668df4e7e452aa26f0e0fbd15691fab0edc83014 (diff) | |
posix/gfid2path: Block access to gfid2path xattr via mount
gfid2path xattr is an internal xattr and should not be
allowed to modify by other applications via gluster
mount. This patch blocks the same.
Updates: #139
Change-Id: Id2cb29797ee1bd77e0e0d2203a47469fd7203355
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Reviewed-on: https://review.gluster.org/17744
Smoke: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-by: Aravinda VK <avishwan@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Diffstat (limited to 'xlators')
| -rw-r--r-- | xlators/storage/posix/src/posix-gfid-path.c | 17 | ||||
| -rw-r--r-- | xlators/storage/posix/src/posix-gfid-path.h | 2 | ||||
| -rw-r--r-- | xlators/storage/posix/src/posix-helpers.c | 10 | ||||
| -rw-r--r-- | xlators/storage/posix/src/posix.c | 17 |
4 files changed, 44 insertions, 2 deletions
diff --git a/xlators/storage/posix/src/posix-gfid-path.c b/xlators/storage/posix/src/posix-gfid-path.c index 500f4d81c24..7529f559fc7 100644 --- a/xlators/storage/posix/src/posix-gfid-path.c +++ b/xlators/storage/posix/src/posix-gfid-path.c @@ -32,7 +32,8 @@ posix_set_gfid2path_xattr (xlator_t *this, const char *path, uuid_t pgfid, bname); gf_xxh64_wrapper ((unsigned char *) pgfid_bname, strlen(pgfid_bname), GF_XXHSUM64_DEFAULT_SEED, xxh64); - key_size = strlen(GFID2PATH_XATTR_KEY_PREFIX) + GF_XXH64_DIGEST_LENGTH*2+1; + key_size = GFID2PATH_XATTR_KEY_PREFIX_LENGTH + + GF_XXH64_DIGEST_LENGTH*2 + 1; key = alloca (key_size); snprintf (key, key_size, GFID2PATH_XATTR_KEY_PREFIX"%s", xxh64); @@ -68,7 +69,8 @@ posix_remove_gfid2path_xattr (xlator_t *this, const char *path, bname); gf_xxh64_wrapper ((unsigned char *) pgfid_bname, strlen(pgfid_bname), GF_XXHSUM64_DEFAULT_SEED, xxh64); - key_size = strlen(GFID2PATH_XATTR_KEY_PREFIX) + GF_XXH64_DIGEST_LENGTH*2+1; + key_size = GFID2PATH_XATTR_KEY_PREFIX_LENGTH + + GF_XXH64_DIGEST_LENGTH*2 + 1; key = alloca (key_size); snprintf (key, key_size, GFID2PATH_XATTR_KEY_PREFIX"%s", xxh64); @@ -83,3 +85,14 @@ posix_remove_gfid2path_xattr (xlator_t *this, const char *path, err: return -1; } + +gf_boolean_t +posix_is_gfid2path_xattr (const char *name) +{ + if (name && strncmp (GFID2PATH_XATTR_KEY_PREFIX, name, + GFID2PATH_XATTR_KEY_PREFIX_LENGTH) == 0) { + return _gf_true; + } else { + return _gf_false; + } +} diff --git a/xlators/storage/posix/src/posix-gfid-path.h b/xlators/storage/posix/src/posix-gfid-path.h index dbe0c59540d..b1a23752e8f 100644 --- a/xlators/storage/posix/src/posix-gfid-path.h +++ b/xlators/storage/posix/src/posix-gfid-path.h @@ -22,4 +22,6 @@ posix_set_gfid2path_xattr (xlator_t *, const char *, uuid_t, int32_t posix_remove_gfid2path_xattr (xlator_t *, const char *, uuid_t, const char *); +gf_boolean_t +posix_is_gfid2path_xattr (const char *name); #endif /* _POSIX_GFID_PATH_H */ diff --git a/xlators/storage/posix/src/posix-helpers.c b/xlators/storage/posix/src/posix-helpers.c index 1047c2d6247..e4cd5d6050b 100644 --- a/xlators/storage/posix/src/posix-helpers.c +++ b/xlators/storage/posix/src/posix-helpers.c @@ -50,6 +50,7 @@ #include "glusterfs3-xdr.h" #include "hashfn.h" #include "glusterfs-acl.h" +#include "posix-gfid-path.h" #include "events.h" #include "glusterfsd.h" #include <sys/types.h> @@ -756,6 +757,9 @@ _handle_list_xattr (dict_t *xattr_req, const char *real_path, int fdnum, if (posix_handle_georep_xattrs (NULL, key, NULL, _gf_false)) goto next; + if (posix_is_gfid2path_xattr (key)) + goto next; + if (dict_get (filler->xattr, key)) goto next; @@ -1139,6 +1143,9 @@ posix_handle_pair (xlator_t *this, const char *real_path, if (XATTR_IS_PATHINFO (key)) { ret = -EACCES; goto out; + } else if (posix_is_gfid2path_xattr (key)) { + ret = -ENOTSUP; + goto out; } else if (ZR_FILE_CONTENT_REQUEST(key)) { ret = posix_set_file_contents (this, real_path, key, value, flags); @@ -1198,6 +1205,9 @@ posix_fhandle_pair (xlator_t *this, int fd, if (XATTR_IS_PATHINFO (key)) { ret = -EACCES; goto out; + } else if (posix_is_gfid2path_xattr (key)) { + ret = -ENOTSUP; + goto out; } else if (!strncmp(key, POSIX_ACL_ACCESS_XATTR, strlen(key)) && stbuf && IS_DHT_LINKFILE_MODE (stbuf)) { goto out; diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c index e8ef510ea07..dc8a129cacb 100644 --- a/xlators/storage/posix/src/posix.c +++ b/xlators/storage/posix/src/posix.c @@ -4516,6 +4516,12 @@ posix_getxattr (call_frame_t *frame, xlator_t *this, goto out; } + if (name && posix_is_gfid2path_xattr (name)) { + op_ret = -1; + op_errno = ENOATTR; + goto out; + } + if (loc->inode && IA_ISDIR(loc->inode->ia_type) && name && ZR_FILE_CONTENT_REQUEST(name)) { ret = posix_get_file_contents (this, loc->gfid, &name[15], @@ -4862,6 +4868,11 @@ posix_getxattr (call_frame_t *frame, xlator_t *this, _gf_false); if (ret == -1) goto ignore; + + if (posix_is_gfid2path_xattr (keybuffer)) { + goto ignore; + } + memset (value_buf, '\0', sizeof(value_buf)); have_val = _gf_false; size = sys_lgetxattr (real_path, keybuffer, value_buf, @@ -5422,6 +5433,12 @@ posix_common_removexattr (call_frame_t *frame, loc_t *loc, fd_t *fd, inode = fd->inode; } + if (posix_is_gfid2path_xattr (name)) { + op_ret = -1; + *op_errno = ENOATTR; + goto out; + } + if (gf_get_index_by_elem (disallow_removexattrs, (char *)name) >= 0) { gf_msg (this->name, GF_LOG_WARNING, 0, P_MSG_XATTR_NOT_REMOVED, "Remove xattr called on %s for file/dir %s with gfid: " |