rpms/glusterfs
5
0
Fork 0
Code Issues Pull Requests Releases Activity
0f566d005f
glusterfs/0398-lock-Do-not-allow-meta-lock-count-to-be-more-than-on.patch
Milind Changire 86e0efee73 autobuild v3.12.2-22 
Resolves: bz#1631329 bz#1631372
Signed-off-by: Milind Changire <mchangir@redhat.com>
2018-10-09 08:21:30 -04:00

89 lines
3.6 KiB
Diff
Raw Blame History

From 2334f5b162e81d81673b59555baaf0a26189e603 Mon Sep 17 00:00:00 2001
From: Susant Palai <spalai@redhat.com>
Date: Mon, 8 Oct 2018 11:38:09 +0530
Subject: [PATCH 398/399] lock: Do not allow meta-lock count to be more than
one
In the current scheme of glusterfs where lock migration is
experimental, (ideally) the rebalance process which is migrating
the file should request for a metalock. Hence, the metalock count
should not be more than one for an inode. In future, if there is a
need for meta-lock from other clients, this patch can be reverted.
Since pl_metalk is called as part of setxattr operation, any client
process(non-rebalance) residing outside trusted network can exhaust
memory of the server node by issuing setxattr repetitively on the
metalock key. The current patch makes sure that more than
one metalock cannot be granted on an inode.
Fixes: CVE-2018-14660
Change-Id: I5a1dde0b24b0aedcfb29cc89dffc04ccc5a88bcb
BUG: 1636308
Signed-off-by: Susant Palai <spalai@redhat.com>
Reviewed-on: https://code.engineering.redhat.com/gerrit/152041
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Tested-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Sunil Kumar Heggodu Gopala Acharya <sheggodu@redhat.com>
---
xlators/features/locks/src/posix.c | 36 +++++++++++++++++++++++++++++++++++-
1 file changed, 35 insertions(+), 1 deletion(-)
diff --git a/xlators/features/locks/src/posix.c b/xlators/features/locks/src/posix.c
index 63f914c..c58e6ba 100644
--- a/xlators/features/locks/src/posix.c
+++ b/xlators/features/locks/src/posix.c
@@ -2938,6 +2938,40 @@ pl_metalk (call_frame_t *frame, xlator_t *this, inode_t *inode)
goto out;
}
+ /* Non rebalance process trying to do metalock */
+ if (frame->root->pid != GF_CLIENT_PID_DEFRAG) {
+ ret = -1;
+ goto out;
+ }
+
+
+ /* Note: In the current scheme of glusterfs where lock migration is
+ * experimental, (ideally) the rebalance process which is migrating
+ * the file should request for a metalock. Hence, the metalock count
+ * should not be more than one for an inode. In future, if there is a
+ * need for meta-lock from other clients, the following block can be
+ * removed.
+ *
+ * Since pl_metalk is called as part of setxattr operation, any client
+ * process(non-rebalance) residing outside trusted network can exhaust
+ * memory of the server node by issuing setxattr repetitively on the
+ * metalock key. The following code makes sure that more than
+ * one metalock cannot be granted on an inode*/
+ pthread_mutex_lock (&pl_inode->mutex);
+ {
+ if (pl_metalock_is_active(pl_inode)) {
+ gf_msg (this->name, GF_LOG_WARNING, EINVAL, 0,
+ "More than one meta-lock can not be granted on"
+ "the inode");
+ ret = -1;
+ }
+ }
+ pthread_mutex_lock (&pl_inode->mutex);
+
+ if (ret == -1) {
+ goto out;
+ }
+
if (frame->root->client) {
ctx = pl_ctx_get (frame->root->client, this);
if (!ctx) {
@@ -3118,7 +3152,7 @@ pl_setxattr (call_frame_t *frame, xlator_t *this,
loc_t *loc, dict_t *dict, int flags, dict_t *xdata)
{
int op_ret = 0;
- int op_errno = 0;
+ int op_errno = EINVAL;
dict_t *xdata_rsp = NULL;
PL_LOCAL_GET_REQUESTS (frame, this, xdata, NULL, loc, NULL);
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink