From 11eb8ba870457337c6067284dde4277e09764c0a Mon Sep 17 00:00:00 2001 From: Pranith Kumar K Date: Wed, 12 Jul 2017 09:18:02 +0530 Subject: storage/posix: Don't allow gfid/volume-id xattr to be removed Problem: Bulk xattr removal doesn't check if the xattrs that are coming in xdata have gfid/volume-id xattrs, so there is potential for bulkremovexattr removing gfid/volume-id. I also observed that bulkremovexattr is not available for fremovexattr. Fix: Do proper checks in bulk removexattr to remove gfid/volume-id. Refactor [f]removexattr to reduce the differences. BUG: 1470489 Change-Id: Ia845b31846a149500111c0996646e648f72cdce6 Signed-off-by: Pranith Kumar K Reviewed-on: https://review.gluster.org/17765 Smoke: Gluster Build System Reviewed-by: Jeff Darcy CentOS-regression: Gluster Build System Reviewed-by: Anuradha Talur Reviewed-by: Niels de Vos Reviewed-by: Krutika Dhananjay --- .../posix/disallow-gfid-volumeid-fremovexattr.c | 98 ++++++++++++++++++++++ .../posix/disallow-gfid-volumeid-fremovexattr.t | 21 +++++ .../posix/disallow-gfid-volumeid-removexattr.t | 26 ++++++ 3 files changed, 145 insertions(+) create mode 100644 tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.c create mode 100755 tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.t create mode 100644 tests/bugs/posix/disallow-gfid-volumeid-removexattr.t (limited to 'tests/bugs') diff --git a/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.c b/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.c new file mode 100644 index 00000000000..325edbbed97 --- /dev/null +++ b/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.c @@ -0,0 +1,98 @@ +#include +#include +#include +#include +#include + +int +main (int argc, char *argv[]) +{ + glfs_t *fs = NULL; + int ret = 0; + int i = 0; + glfs_fd_t *fd = NULL; + char *logfile = NULL; + char *hostname = NULL; + + if (argc != 4) { + fprintf (stderr, + "Expect following args %s \n" + , argv[0]); + return -1; + } + + hostname = argv[1]; + logfile = argv[3]; + + fs = glfs_new (argv[2]); + if (!fs) { + fprintf (stderr, "glfs_new: returned NULL (%s)\n", + strerror (errno)); + return -1; + } + + ret = glfs_set_volfile_server (fs, "tcp", hostname, 24007); + if (ret < 0) { + fprintf (stderr, "glfs_set_volfile_server failed ret:%d (%s)\n", + ret, strerror (errno)); + return -1; + } + + ret = glfs_set_logging (fs, logfile, 7); + if (ret < 0) { + fprintf (stderr, "glfs_set_logging failed with ret: %d (%s)\n", + ret, strerror (errno)); + return -1; + } + + ret = glfs_init (fs); + if (ret < 0) { + fprintf (stderr, "glfs_init failed with ret: %d (%s)\n", + ret, strerror (errno)); + return -1; + } + + fd = glfs_opendir (fs, "/"); + if (!fd) { + fprintf (stderr, "glfs_opendir failed with (%s)\n", + strerror (errno)); + return -1; + } + + ret = glfs_fremovexattr (fd, "trusted.gfid"); + if (ret == 0 || errno != EPERM) { + fprintf (stderr, "glfs_fremovexattr gfid exited with ret: " + "%d (%s)\n", ret, strerror (errno)); + return -1; + } + + ret = glfs_fremovexattr (fd, "trusted.glusterfs.volume-id"); + if (ret == 0 || errno != EPERM) { + fprintf (stderr, "glfs_fremovexattr volume-id exited with ret: " + "%d (%s)\n", ret, strerror (errno)); + return -1; + } + + ret = glfs_fsetxattr (fd, "trusted.abc", "abc", 3, 0); + if (ret < 0) { + fprintf (stderr, "glfs_fsetxattr trusted.abc exited with ret: " + "%d (%s)\n", ret, strerror (errno)); + return -1; + } + + ret = glfs_fremovexattr (fd, "trusted.abc"); + if (ret < 0) { + fprintf (stderr, "glfs_fremovexattr trusted.abc exited with " + "ret: %d (%s)\n", ret, strerror (errno)); + return -1; + } + + (void) glfs_closedir(fd); + ret = glfs_fini (fs); + if (ret < 0) { + fprintf (stderr, "glfs_fini failed with ret: %d (%s)\n", + ret, strerror (errno)); + return -1; + } + return 0; +} diff --git a/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.t b/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.t new file mode 100755 index 00000000000..b9fd44ae0d7 --- /dev/null +++ b/tests/bugs/posix/disallow-gfid-volumeid-fremovexattr.t @@ -0,0 +1,21 @@ +#!/bin/bash +. $(dirname $0)/../../include.rc +. $(dirname $0)/../../volume.rc + +cleanup; + +## Start and create a volume +TEST glusterd; +TEST pidof glusterd; +TEST $CLI volume info; + +TEST $CLI volume create $V0 $H0:$B0/${V0}; +TEST $CLI volume start $V0; +logdir=`gluster --print-logdir` + + +TEST build_tester $(dirname $0)/disallow-gfid-volumeid-fremovexattr.c -lgfapi +TEST $(dirname $0)/disallow-gfid-volumeid-fremovexattr $H0 $V0 $logdir/disallow-gfid-volumeid-fremovexattr.log + +cleanup_tester $(dirname $0)/disallow-gfid-volumeid-fremovexattr +cleanup; diff --git a/tests/bugs/posix/disallow-gfid-volumeid-removexattr.t b/tests/bugs/posix/disallow-gfid-volumeid-removexattr.t new file mode 100644 index 00000000000..d26eb21ccc5 --- /dev/null +++ b/tests/bugs/posix/disallow-gfid-volumeid-removexattr.t @@ -0,0 +1,26 @@ +#!/bin/bash + +#This test checks that gfid/volume-id removexattrs are not allowed. +. $(dirname $0)/../../include.rc +. $(dirname $0)/../../volume.rc + +cleanup; + +#Basic checks +TEST glusterd +TEST pidof glusterd +TEST $CLI volume info + +#Create a distributed volume +TEST $CLI volume create $V0 $H0:$B0/${V0}{1..2}; +TEST $CLI volume start $V0 + +# Mount FUSE +TEST glusterfs -s $H0 --volfile-id $V0 $M0 + +TEST ! setfattr -x trusted.gfid $M0 +TEST ! setfattr -x trusted.glusterfs.volume-id $M0 +TEST setfattr -n trusted.abc -v abc $M0 +TEST setfattr -x trusted.abc $M0 + +cleanup; -- cgit