From 6756245b1514374712136c8dc1f4ac2a19a6da21 Mon Sep 17 00:00:00 2001 From: Rajesh Amaravathi Date: Wed, 29 Feb 2012 15:16:53 +0530 Subject: fops/removexattr: prevent users from removing glusterfs xattrs * Each xlator prevents the user from removing xlator-specific xattrs like trusted.gfid by handling it in respective removexattr functions. * For xlators which did not define remove and fremovexattr, the functions have been implemented with appropriate checks. xlator | fops-added _______________|__________________________ | 1. stripe | removexattr and fremovexattr 2. quota | removexattr and fremovexattr Change-Id: I98e22109717978134378bc75b2eca83fefb2abba BUG: 783525 Signed-off-by: Rajesh Amaravathi Reviewed-on: http://review.gluster.com/2836 Tested-by: Gluster Build System Reviewed-by: Amar Tumballi Reviewed-by: Jeff Darcy --- libglusterfs/src/common-utils.h | 47 +++++++++++++++++++++++++++++------------ 1 file changed, 33 insertions(+), 14 deletions(-) (limited to 'libglusterfs') diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h index 67ad5ac8e83..8c9b26f76d9 100644 --- a/libglusterfs/src/common-utils.h +++ b/libglusterfs/src/common-utils.h @@ -128,7 +128,7 @@ extern char *gf_mgmt_list[GF_MGMT_MAXVALUE]; "invalid argument: " #arg); \ goto label; \ } \ - } while (0); + } while (0) #define GF_VALIDATE_OR_GOTO(name,arg,label) do { \ if (!arg) { \ @@ -137,7 +137,7 @@ extern char *gf_mgmt_list[GF_MGMT_MAXVALUE]; "invalid argument: " #arg); \ goto label; \ } \ - } while (0); + } while (0) #define GF_VALIDATE_OR_GOTO_WITH_ERROR(name, arg, label, errno, error) do { \ if (!arg) { \ @@ -146,15 +146,15 @@ extern char *gf_mgmt_list[GF_MGMT_MAXVALUE]; "invalid argument: " #arg); \ goto label; \ } \ - }while (0); + }while (0) #define GF_ASSERT_AND_GOTO_WITH_ERROR(name, arg, label, errno, error) do { \ if (!arg) { \ - GF_ASSERT (0) \ + GF_ASSERT (0); \ errno = error; \ goto label; \ } \ - }while (0); + }while (0) #define GF_VALIDATE_ABSOLUTE_PATH_OR_GOTO(name,arg,label) \ do { \ @@ -165,7 +165,7 @@ extern char *gf_mgmt_list[GF_MGMT_MAXVALUE]; "invalid argument: " #arg); \ goto label; \ } \ - } while (0); + } while (0) #define GF_REMOVE_SLASH_FROM_PATH(path, string) \ do { \ @@ -175,28 +175,47 @@ extern char *gf_mgmt_list[GF_MGMT_MAXVALUE]; if (string[i-1] == '/') \ string[i-1] = '-'; \ } \ - } while (0); \ + } while (0) #define GF_IF_INTERNAL_XATTR_GOTO(pattern, dict, trav, op_errno, label) \ - do{ \ + do { \ if (!dict) { \ - gf_log (THIS->name, GF_LOG_ERROR, \ + gf_log (this->name, GF_LOG_ERROR, \ "setxattr dict is null"); \ goto label; \ } \ trav = dict->members_list; \ while (trav) { \ if (!fnmatch (pattern, trav->key, 0)) { \ - gf_log (THIS->name, GF_LOG_ERROR, \ - "attempt to set internal" \ - " xattr: %s", trav->key); \ op_errno = EPERM; \ + gf_log (this->name, GF_LOG_ERROR, \ + "attempt to set internal" \ + " xattr: %s: %s", trav->key, \ + strerror (op_errno)); \ goto label; \ } \ trav = trav->next; \ } \ - } while(0); \ + } while (0) + +#define GF_IF_NATIVE_XATTR_GOTO(pattern, key, op_errno, label) \ + do { \ + if (!key) { \ + gf_log (this->name, GF_LOG_ERROR, \ + "no key for removexattr"); \ + goto label; \ + } \ + if (!fnmatch (pattern, key, 0)) { \ + op_errno = EPERM; \ + gf_log (this->name, GF_LOG_ERROR, \ + "attempt to remove internal " \ + "xattr: %s: %s", key, \ + strerror (op_errno)); \ + goto label; \ + } \ + } while (0) + #define GF_FILE_CONTENT_REQUESTED(_xattr_req,_content_limit) \ (dict_get_uint64 (_xattr_req, "glusterfs.content", _content_limit) == 0) @@ -210,7 +229,7 @@ extern char *gf_mgmt_list[GF_MGMT_MAXVALUE]; gf_log_callingfn ("", GF_LOG_ERROR, \ "Assertion failed: " #x); \ } \ - } while (0); + } while (0) #endif #define GF_UUID_ASSERT(u) \ -- cgit