| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
Addresses CID 1396292
Change-Id: I9141502a12fb3e18c04d07c79da87a5ebb2cfc23
updates: bz#789278
Signed-off-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem: pmap is showing stale brick entries after down the brick
because of glusterd_brick_rpc_notify call gf_is_service_running
before call pmap_registry_remove to ensure about brick instance.
Solutiom: 1) Change the condition in gf_is_pid_running to ensure about
process existence, use open instead of access to achieve
the same
2) Call search_brick_path_from_proc in __glusterd_brick_rpc_notify
along with gf_is_service_running
Change-Id: Ia663ac61c01fdee6c12f47c0300cdf93f19b6a19
fixes: bz#1646892
Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch does following.
1. Enable ctime feature by default.
2. Earlier, to enable the ctime feature, two options
needed to be enabled
a. gluster vol set <volname> utime on
b. gluster vol set <volname> ctime on
This is inconvenient from the usability point of
view. Hence changed it to following single option
a. gluster vol set <volname> ctime on
fixes: bz#1624724
Change-Id: I04af0e5de1ea6126c58a06ba8a26e22f9f06344e
Signed-off-by: Kotresh HR <khiremat@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With commit 44e4db, we are not allowing user to create a volume
using glusterd's working directory as a brick or any sub directory
under glusterd's working directory as a brick.This has broken
shared-storage since the volume "gluster-shared-storage" is
created using the bricks under glusterd's working directory.
With this patch, we let the "gluster-shared-storage" volume
to use bricks under glusterd's working directory.
fixes: bz#1647029
Change-Id: Ifcbcf4576eea12cf46f199dea287b29bd3ec3bfd
Signed-off-by: Sanju Rakonde <srakonde@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Based on the proposal to remove few features as they are not
actively maintained [1], removed BD (block device) translator
from the build.
[1] - https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html
Updates: bz#1635688
Change-Id: Ia96db406c58a7aef355dde6bc33523bb2492b1a9
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
| |
Fixes CID 1396581
Change-Id: Ic04091b5783a75d8e1e605a9c1c28b77fea048d3
updates: bz#789278
Signed-off-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the proposal to remove few features as they are not
actively maintained [1], removing 'glupy' translator from the
build.
[1] https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html
This patch aims at clearing the translator from build and tests.
A followup is needed to remove the code from repository.
Updates: bz#1642810
Change-Id: I41d0c1956330c3bbca62c540ccf9ab01bbf3a092
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the proposal to remove few features as they are not
actively maintained [1], removing all experimental translators
from the build.
[1] https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html
Note that as followup patch, there would be a patch to remove the code.
Updates: bz#1635688
Change-Id: I8ebc256517feb37fc7580104e8bebe27d047f959
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
| |
Updates bz#1193929
Change-Id: I1b312dabffac7e101df8ce15557527fd28a2c61f
Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
|
| |
|
|
|
|
| |
Change-Id: I020ab08dba48f13cf7b8908e96280f1e92e9b9db
Updates: bz#1634220
Signed-off-by: Kinglong Mee <mijinlong@open-fs.com>
|
| |
|
|
|
|
| |
Change-Id: I8e3ad961164815683776850e3a5fd4f510003690
Updates: bz#1634220
Signed-off-by: Kinglong Mee <mijinlong@open-fs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Some operations like read/write only update iatt and ia_time,
without any operion request xattrs from glusterfsd,
the xa_time is timeout before ia_time always.
This patch updates xa_time when update ia_ttime.
Change-Id: I77e3984f38c1c4dbebfde9729b8117fbacde9674
Updates: bz#1634220
Signed-off-by: Kinglong Mee <mijinlong@open-fs.com>
|
| |
|
|
|
|
|
|
|
| |
Fops of creating file does not request cached xattrs,
the xattr in reply is not cached xattrs.
Change-Id: Iab2db686e92466e72cfee8ac494e851d797c10b3
Updates: bz#1634220
Signed-off-by: Kinglong Mee <mijinlong@open-fs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Note: The problem is seen when we disable bd xlator.
Problem: When we create a volume, volume info file is having
caps value as 15 in nodes which hosts bricks for that volume.
Remainig nodes in cluster are not having caps field. When
glusterd is restarted, peers are going into rejected state,
because of this mismacth in configuration files.
Cause: In glusterd_op_create_volume(), we initialise caps
value as 15 in the beginning. Later, we check whether brick
belongs to the same node or not. If brick doesn't belong to
the same node, caps value will be set to 0. If brick belongs
to the same node, we will change the caps value inside
Solution: If brick doesn't belongs to the same node,caps is
set to 0 and if brick belongs to same brick caps value is
changed inside #ifdef HAVE_BD_XLATOR block. So, to have the
consistency across the cluster, we need to initialise caps
value inside #ifdef HAVE_BD_XLATOR block, only when brick
belongs to the same node.
fixes: bz#1645986
Change-Id: I2648f420b21d6e69e7c38b0f4736d41e0f15a7f5
Signed-off-by: Sanju Rakonde <srakonde@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the current scheme of glusterfs where lock migration is
experimental, (ideally) the rebalance process which is migrating
the file should request for a metalock. Hence, the metalock count
should not be more than one for an inode. In future, if there is a
need for meta-lock from other clients, this patch can be reverted.
Since pl_metalk is called as part of setxattr operation, any client
process(non-rebalance) residing outside trusted network can exhaust
memory of the server node by issuing setxattr repetitively on the
metalock key. The current patch makes sure that more than
one metalock cannot be granted on an inode.
Fixes CVE-2018-14660
updates: bz#1644758
Change-Id: Ie1e697766388718804a9551bc58351808fe71069
Signed-off-by: Susant Palai <spalai@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We add dummy interrupt handling for the FLUSH
fuse message. It can be enabled by the
"--fuse-flush-handle-interrupt" hidden command line
option, or "-ofuse-flush-handle-interrupt=yes"
mount option.
It serves no other than diagnostic & demonstational
purposes -- to exercise the interrupt handling framework
a bit and to give an usage example.
Documentation is also provided that showcases interrupt
handling via FLUSH.
Change-Id: I522f1e798501d06b74ac3592a5f73c1ab0590c60
updates: #465
Signed-off-by: Csaba Henk <csaba@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- add sub-framework to send timed responses to kernel
- add interrupt handler queue
- implement INTERRUPT
fuse_interrupt looks up handlers for interrupted messages
in the queue. If found, it invokes the handler function.
Else responds with EAGAIN with a delay.
See spec at
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/filesystems/fuse.txt?h=v4.17#n148
and explanation in comments.
Change-Id: I1a79d3679b31f36e14b4ac8f60b7f2c1ea2badfb
updates: #465
Signed-off-by: Csaba Henk <csaba@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, there are possibilities in few places, where a user-controlled
(like filename, program parameter etc) string can be passed as 'fmt' for
printf(), which can lead to segfault, if the user's string contains '%s',
'%d' in it.
While fixing it, makes sense to make the explicit check for such issues
across the codebase, by making the format call properly.
Fixes: CVE-2018-14661
Fixes: bz#1644763
Change-Id: Ib547293f2d9eb618594cbff0df3b9c800e88bde4
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'getspec' operation is not used between 'client' and 'server' ever since
we have off-loaded volfile management to glusterd, ie, at least 7 years.
No reason to keep the dead code! The removed option had no meaning,
as glusterd didn't provide a way to set (or unset) this option. So,
no regression should be observed from any of the existing glusterfs
deployment, supported or unsupported.
Updates: CVE-2018-14653
Updates: bz#1644756
Change-Id: I4a2e0f673c5bcd4644976a61dbd2d37003a428eb
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Server stack needs to have all the sort of validation, assuming
clients can be compromized. It is possible for a compromized
client to send basenames with paths with '/', and with that
create files without permission on server. By sanitizing the basename,
and not allowing anything other than actual directory as the parent
for any entry creation, we can mitigate the effects of clients
not able to exploit the server.
Fixes: CVE-2018-14651
Fixes: bz#1644755
Change-Id: I5dc0da0da2713452ff2b65ac2ddbccf1a267dc20
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
By allowing clients taking dump in a file on brick process, we are
allowing compromised clients to create io-stats dumps on server,
which can exhaust all the available inodes.
Fixes: CVE-2018-14659
Fixes: bz#1644757
Change-Id: I32bfde9d4fe646d819a45e627805b928cae2e1ca
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This patch fixes CID : 1174824 : RESOURCE_LEAK
updates: bz#789278
Change-Id: I2a4f8b508995de112fa16e1094e44ecd4b625312
Signed-off-by: Sunny Kumar <sunkumar@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem:
A compromised client can set arbitrary values for the GF_XATTROP_ENTRY_IN_KEY
and GF_XATTROP_ENTRY_OUT_KEY during xattrop fop. These values are
consumed by index as a filename to be created/deleted according to the key.
Thus it is possible to create/delete random files even outside the gluster
volume boundary.
Fix:
Index expects the filename to be a basename, i.e. it must not contain any
pathname components like "/" or "../". Enforce this.
Fixes: CVE-2018-14654
Fixes: bz#1644760
Change-Id: I35f2a39257b5917d17283d0a4f575b92f783f143
Signed-off-by: Ravishankar N <ravishankar@redhat.com>
|
| |
|
|
|
|
| |
Change-Id: Ib8bdf210a896423abcd7413dd4896d424ac0f561
fixes: bz#1626610
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The frame is freed when linkfile exist in dht_rmdir_is_subvol_empty(),
the following message use the freed local.
Change-Id: I41191e8bd477f031a2444d5f15e578dc4f086e6b
Updates: bz#1640489
Signed-off-by: Kinglong Mee <mijinlong@open-fs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Addresses CIDs : 1124769, 1124852, 1124864, 1134024, 1229876, 1382382
Also addressed a spurious failure in
tests/bugs/glusterd/df-results-post-replace-brick-operations.t to ensure
post replace brick operation and before triggering 'df' from mount,
client has connection to the newly replaced bricks.
Change-Id: Ie5d7e02f89400a661491d7fc2a120d6f6a83a1cc
Updates: bz#789278
Signed-off-by: Atin Mukherjee <amukherj@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes CID:
1. 1389762 : Explicit null dereferenced
2. 1390462 : Argument cannot be negative
3. 1124552 : Explicit null dereferenced
4. 1356522 : Argument cannot be negative
updates: bz#789278
Change-Id: I1262f3b4b61a6e65bb34884f46df9a24b8dd03f1
Signed-off-by: Sunny Kumar <sunkumar@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch fixes CID 1224305, 1202395, 1202394, 1174824, 1174825, 1174826
and 1202397.
All issues are of RESOURCE_LEAK type.
Change-Id: Ie9944d5bdd0bd2788afdb1b6bb329aa3c44b90d0
updates: bz#789278
Signed-off-by: Sunny Kumar <sunkumar@redhat.com>
|
| |
|
|
|
|
| |
Change-Id: I53a583ec14bce65e8914bc496123dee3abe61f6c
Updates: bz#1634220
Signed-off-by: Kinglong Mee <mijinlong@open-fs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the proposal to remove few features as they are not
actively maintained [1], removing tier translator from the
build. Also make sure there are no regression tests involving
tiering feature are present.
[1] https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html
Change-Id: I2c177f711f9b54b7b24e1a13525ff3132bd9a9c5
updates: bz#1642807
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
While performing the replace-brick operation, we should set
fsid value to the new brick.
fixes: bz#1637196
Change-Id: I9e9a4962fc0c2f5dff43e4ac11767814a0c0beaf
Signed-off-by: Sanju Rakonde <srakonde@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This patch fixes the unchecked return value, coverity issue.
CID: 1391412
Change-Id: If85f4afdf8c6d37602c62fbf4d7c730e18be81e7
updates: bz#789278
Signed-off-by: Varsha Rao <varao@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
posix_update_utime_in_mdata() unconditionally logs an error if
consistent time attributes features is not enabled. This log
does not add any value, prints an incorrect errno & floods
the log file. Hence nuking this log message in this patch.
fixes: bz#1644129
Change-Id: I9a1f9e7ada3366d2830f18d81f16a1461040092e
Signed-off-by: Kotresh HR <khiremat@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
as key size in xdr can be anything, it can be bigger than the
'NAME_MAX' allowed in the structure, which can allow for service denial
attacks.
Fixes: CVE-2018-14653
Fixes: bz#1644756
Change-Id: I2dc5e99af27ddf44c12c94b07e51adb8674cce80
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was a problem in commit 7f81067 that caused infinite loop when
full heal was triggered.
The previous commit was made to prevent self-heal to go idle after a
replace brick operation. One of the changes consisted on setting a
flag to force an immediate scan of the dirty directory if a heal on
a directory succeeded (assuming it could have generated newer entries).
However that change was causing an issue with a full self-heal, since
every time an already healed directory was checked and it returned
suceessfully, it was also setting the flag, forcing self-heal to start
over again.
This patch fixes this issue by only setting the flag if the heal is not
full. It's assumed that a full self-heal will already traverse all
entries automatically, so there's no need to force a new scan later.
Change-Id: Id12dbfc04e622b18183e796cc6cc87ccc30a6d55
fixes: bz#1636631
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Dereferencing NUll pointers this,local and stbuf.
1.Replaced this->name with "dht".
2.Removed GF_VALIDATE_OR_GOTO.
3.Removed the check for "stbuf" and "this".
Updates: bz#1622665
Change-Id: Id2fb2270d5ec37b76fa2aae1f1c8dca72dcc728a
Signed-off-by: Harpreet Lalwani <hlalwani@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As lookup is not a locked fop, we can not trust the
data received in this to be same.
Changing the log level to DEBUG in case lookup finds any
difference.
Change-Id: I39499c44688a2455c7c6c69a798762d045d21b39
updates: bz#1640066
BUG: 1640066
Signed-off-by: Ashish Pandey <aspandey@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on the proposal to remove few features as they are not
actively maintained [1], removing stripe translator from the
build. Also make sure there are no regression tests involving
stripe translator.
[1] https://lists.gluster.org/pipermail/gluster-users/2018-July/034400.html
Note that this patch aims at removing the translator from build, and
a followup patch is needed to remove the code from repository.
Updates: bz#1364707
Change-Id: I235b305338f138e29e9f30cba65bc0dadbebbbd5
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
| |
Added a description for auth.ssl-allow
Change-Id: I50cd7c738007c3d7a1b333dae62dbb5e46a7ee67
fixes: bz#1643349
Signed-off-by: Harpreet Kaur Lalwani <hlalwani@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This will allow proper printing of exact 'fop' type to be logged in
string, not number, during backtraces.
Considering this was not done on brick processes, we have no easy
way to glance and understand which fops were pending.
What gets changed:
After a crash, most of the core-dumps logged were of the form:
```
pending frames:
frame : type(0) op(18)
frame : type(0) op(18)
frame : type(0) op(28)
```
would change to
```
pending frames:
frame : type(1) op(SETXATTR)
frame : type(1) op(SETXATTR)
frame : type(1) op(READDIR)
```
updates: bz#1639599
Change-Id: I0e3d2a8dee9cfde7ed0112a948f5213f546efb80
Signed-off-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Added a check for "top"
Updates: bz#1622665
Change-Id: I354fdc7150b2f1eb452702ddb653e2d6ed609c10
Signed-off-by: Harpreet Lalwani <hlalwani@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
For lease operation, we allocate and store child nodes
data in lease structure. Use the same in afr_lease_cbk()
while checking for the quorum.
Change-Id: If1fdd5a0798888afd39ad3df57d96487baf9d1e6
updates: #350
Signed-off-by: Soumya Koduri <skoduri@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
2 domain locking + xattrop for write-txn failures:
--------------------------------------------------
- A post-op wound on TA takes AFR_TA_DOM_NOTIFY range lock and
AFR_TA_DOM_MODIFY full lock, does xattrop on TA and releases
AFR_TA_DOM_MODIFY lock and stores in-memory which brick is bad.
- All further write txn failures are handled based on this in-memory
value without querying the TA.
- When shd heals the files, it does so by requesting full lock on
AFR_TA_DOM_NOTIFY domain. Client uses this as a cue (via upcall),
releases AFR_TA_DOM_NOTIFY range lock and invalidates its in-memory
notion of which brick is bad. The next write txn failure is wound on TA
to again update the in-memory state.
- Any incomplete write txns before the AFR_TA_DOM_NOTIFY upcall release
request is got is completed before the lock is released.
- Any write txns got after the release request are maintained in a ta_waitq.
- After the release is complete, the ta_waitq elements are spliced to a
separate queue which is then processed one by one.
- For fops that come in parallel when the in-memory bad brick is still
unknown, only one is wound to TA on wire. The other ones are maintained
in a ta_onwireq which is then processed after we get the response from
TA.
Change-Id: I32c7b61a61776663601ab0040e2f0767eca1fd64
updates: bz#1579788
Signed-off-by: Ravishankar N <ravishankar@redhat.com>
Signed-off-by: Ashish Pandey <aspandey@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With the commit febf5ed4848, during the volume create op,
we are setting volinfo->caps to 0, only if any of the bricks
belong to the same node and brickinfo->vg[0] is null.
Previously, we used to set volinfo->caps to 0, when
either brick doesn't belong to the same node or brickinfo->vg[0]
is null.
With this patch, we set volinfo->caps to 0, when either brick
doesn't belong to the same node or brickinfo->vg[0] is null.
(as we do earlier without commit febf5ed4848).
fixes: bz#1635820
Change-Id: I00a97415786b775fb088ac45566ad52b402f1a49
Signed-off-by: Sanju Rakonde <srakonde@redhat.com>
|
| |
|
|
|
|
|
|
| |
This patch fixes CID: 1356526 and 1382369 : Argument cannot be negative
Change-Id: I1aab5be2d217479db9f67a26b62854a0b38c1747
updates: bz#789278
Signed-off-by: Sunny Kumar <sunkumar@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Removed VALIDATE_OR_GOTO check on "this"
Updates: bz#1622665
Change-Id: Ie0d74525901ebf9daa1a5e788a035db6dc5d8c06
Signed-off-by: Sheetal Pamecha <sheetal.pamecha08@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes CID:
1394664 : CHECKED_RETURN
1356534 : Macro compares unsigned to 0 (NO_EFFECT)
1356532 : Macro compares unsigned to 0 (NO_EFFECT)
updates: bz#789278
Change-Id: I04d64fd8c007627611710dc56109b76eeb59333a
Signed-off-by: Sunny Kumar <sunkumar@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Change check condition from
"[[:space:]+]${mount_point}[[:space:]+]fuse" to
"[[:space:]+]${mount_point}[[:space:]+]fuse.glusterfs". Fix false
postive check result for mount points of other FUSEes, such as "fuse.sshfs".
Change-Id: I13898b50a651a8f5ecc3a94d01b3b5de37ec4cbc
fixes: bz#1640026
Signed-off-by: Han Han <hhan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Glusterfs leases expects lease_id to be set and sent
for each fop to determine conflict resolution with the
existing lease.
Incase if not set (most likely if there is an older
client in a mixed cluster), it makes sense to consider
it as conflicitng fop and recall the lease.
Also fixed the return status check for __remove_lease(),
wherein non-negative value is considered as success case.
Change-Id: I5bcfba4f7c71a5af7cdedeb03436d0b818e85783
updates: #350
Signed-off-by: Soumya Koduri <skoduri@redhat.com>
|
| |
|
|
|
|
|
|
| |
The patch fixes CID: 1325520
Change-Id: Ic7d3fac6adabe96d1d44f13b57d6dc67da0476d1
updates: bz#789278
Signed-off-by: Arjun <arjsharm@redhat.com>
|
