From 36cedb338ec1d021e189379f30100f0d983e3e01 Mon Sep 17 00:00:00 2001
From: Rajesh Amaravathi <rajesh@redhat.com>
Date: Tue, 6 Dec 2011 11:35:33 +0530
Subject: core/setxattr: prevent users from setting glusterfs xattrs

* Each xlator prevents the user from setting glusterfs-internal
xattrs like trusted.gfid by handling it in respective setxattr
functions. The speacial case of trusted.gfid is handled in
fuse (Not in posix because posix_setxattr is used to set gfid).

* For xlators which did not define setxattr and/or fsetxattr,
the functions have been implemented with appropriate checks.

xlator         |     fops-added
_______________|__________________________
               |
1. afr         |     fsetxattr
2. stripe      |     setxatrr and fsetxattr
3. quota       |     setxattr and fsetxattr

Change-Id: Ib62abb7067415b23a708002f884d30e8866fbf48
BUG: 765487
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/685
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amar@gluster.com>
---
 xlators/cluster/dht/src/dht-common.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'xlators/cluster/dht/src/dht-common.c')

diff --git a/xlators/cluster/dht/src/dht-common.c b/xlators/cluster/dht/src/dht-common.c
index 16bb2c9cc7d..785ecbc615c 100644
--- a/xlators/cluster/dht/src/dht-common.c
+++ b/xlators/cluster/dht/src/dht-common.c
@@ -1706,12 +1706,16 @@ dht_fsetxattr (call_frame_t *frame, xlator_t *this,
         xlator_t     *subvol   = NULL;
         dht_local_t  *local    = NULL;
         int           op_errno = EINVAL;
+        data_pair_t  *trav     = NULL;
 
         VALIDATE_OR_GOTO (frame, err);
         VALIDATE_OR_GOTO (this, err);
         VALIDATE_OR_GOTO (fd, err);
         VALIDATE_OR_GOTO (fd->inode, err);
 
+        GF_IF_INTERNAL_XATTR_GOTO ("trusted.glusterfs.dht*", xattr,
+                                   trav, op_errno, err);
+
         local = dht_local_init (frame, NULL, fd, GF_FOP_FSETXATTR);
         if (!local) {
                 op_errno = ENOMEM;
@@ -1806,6 +1810,7 @@ dht_setxattr (call_frame_t *frame, xlator_t *this,
         char          value[4096] = {0,};
         int           forced_rebalance = 0;
         int           call_cnt = 0;
+        data_pair_t  *trav     = NULL;
 
 
         VALIDATE_OR_GOTO (frame, err);
@@ -1814,6 +1819,9 @@ dht_setxattr (call_frame_t *frame, xlator_t *this,
         VALIDATE_OR_GOTO (loc->inode, err);
         VALIDATE_OR_GOTO (loc->path, err);
 
+        GF_IF_INTERNAL_XATTR_GOTO ("trusted.glusterfs.dht*", xattr,
+                                   trav, op_errno, err);
+
         conf   = this->private;
         local = dht_local_init (frame, loc, NULL, GF_FOP_SETXATTR);
         if (!local) {
-- 
cgit