diff options
author | Rajesh Amaravathi <rajesh@redhat.com> | 2012-02-29 15:16:53 +0530 |
---|---|---|
committer | Vijay Bellur <vijay@gluster.com> | 2012-03-05 09:17:47 -0800 |
commit | 6756245b1514374712136c8dc1f4ac2a19a6da21 (patch) | |
tree | f2620650880325ac3d0b280c349372cd50d3382d /xlators/cluster/stripe | |
parent | 33b9f156e6b6137e33bd9becfe640166986ecc55 (diff) |
fops/removexattr: prevent users from removing glusterfs xattrs
* Each xlator prevents the user from removing xlator-specific
xattrs like trusted.gfid by handling it in respective removexattr
functions.
* For xlators which did not define remove and fremovexattr,
the functions have been implemented with appropriate checks.
xlator | fops-added
_______________|__________________________
|
1. stripe | removexattr and fremovexattr
2. quota | removexattr and fremovexattr
Change-Id: I98e22109717978134378bc75b2eca83fefb2abba
BUG: 783525
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2836
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Diffstat (limited to 'xlators/cluster/stripe')
-rw-r--r-- | xlators/cluster/stripe/src/stripe.c | 128 |
1 files changed, 98 insertions, 30 deletions
diff --git a/xlators/cluster/stripe/src/stripe.c b/xlators/cluster/stripe/src/stripe.c index 227af8c9e..5b1610724 100644 --- a/xlators/cluster/stripe/src/stripe.c +++ b/xlators/cluster/stripe/src/stripe.c @@ -4042,10 +4042,76 @@ stripe_fsetxattr (call_frame_t *frame, xlator_t *this, fd_t *fd, return 0; } +int +stripe_removexattr_cbk (call_frame_t *frame, void *cookie, + xlator_t *this, int32_t op_ret, int32_t op_errno) +{ + STRIPE_STACK_UNWIND (removexattr, frame, op_ret, op_errno); + return 0; +} + +int +stripe_removexattr (call_frame_t *frame, xlator_t *this, + loc_t *loc, const char *name) +{ + int32_t op_errno = EINVAL; + + VALIDATE_OR_GOTO (this, err); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.*stripe*", + name, op_errno, err); + + VALIDATE_OR_GOTO (frame, err); + VALIDATE_OR_GOTO (loc, err); + + STACK_WIND (frame, stripe_removexattr_cbk, + FIRST_CHILD(this), + FIRST_CHILD(this)->fops->removexattr, + loc, name); + return 0; +err: + STRIPE_STACK_UNWIND (removexattr, frame, -1, op_errno); + return 0; +} + + +int +stripe_fremovexattr_cbk (call_frame_t *frame, void *cookie, + xlator_t *this, int32_t op_ret, int32_t op_errno) +{ + STRIPE_STACK_UNWIND (fremovexattr, frame, op_ret, op_errno); + return 0; +} + +int +stripe_fremovexattr (call_frame_t *frame, xlator_t *this, + fd_t *fd, const char *name) +{ + int32_t op_ret = -1; + int32_t op_errno = EINVAL; + + VALIDATE_OR_GOTO (frame, err); + VALIDATE_OR_GOTO (this, err); + VALIDATE_OR_GOTO (fd, err); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.*stripe*", + name, op_errno, err); + + STACK_WIND (frame, stripe_fremovexattr_cbk, + FIRST_CHILD(this), + FIRST_CHILD(this)->fops->fremovexattr, + fd, name); + return 0; + err: + STRIPE_STACK_UNWIND (fremovexattr, frame, op_ret, op_errno); + return 0; +} + int32_t -stripe_readdirp_lookup_cbk (call_frame_t *frame, void *cookie, xlator_t *this, - int op_ret, int op_errno, inode_t *inode, - struct iatt *stbuf, dict_t *xattr, struct iatt *parent) +stripe_readdirp_lookup_cbk (call_frame_t *frame, void *cookie, + xlator_t *this, int op_ret, int op_errno, + inode_t *inode, struct iatt *stbuf, + dict_t *xattr, struct iatt *parent) { stripe_local_t *local = NULL; call_frame_t *main_frame = NULL; @@ -4961,33 +5027,35 @@ out: } struct xlator_fops fops = { - .stat = stripe_stat, - .unlink = stripe_unlink, - .rename = stripe_rename, - .link = stripe_link, - .truncate = stripe_truncate, - .create = stripe_create, - .open = stripe_open, - .readv = stripe_readv, - .writev = stripe_writev, - .statfs = stripe_statfs, - .flush = stripe_flush, - .fsync = stripe_fsync, - .ftruncate = stripe_ftruncate, - .fstat = stripe_fstat, - .mkdir = stripe_mkdir, - .rmdir = stripe_rmdir, - .lk = stripe_lk, - .opendir = stripe_opendir, - .fsyncdir = stripe_fsyncdir, - .setattr = stripe_setattr, - .fsetattr = stripe_fsetattr, - .lookup = stripe_lookup, - .mknod = stripe_mknod, - .setxattr = stripe_setxattr, - .fsetxattr = stripe_fsetxattr, - .getxattr = stripe_getxattr, - .readdirp = stripe_readdirp, + .stat = stripe_stat, + .unlink = stripe_unlink, + .rename = stripe_rename, + .link = stripe_link, + .truncate = stripe_truncate, + .create = stripe_create, + .open = stripe_open, + .readv = stripe_readv, + .writev = stripe_writev, + .statfs = stripe_statfs, + .flush = stripe_flush, + .fsync = stripe_fsync, + .ftruncate = stripe_ftruncate, + .fstat = stripe_fstat, + .mkdir = stripe_mkdir, + .rmdir = stripe_rmdir, + .lk = stripe_lk, + .opendir = stripe_opendir, + .fsyncdir = stripe_fsyncdir, + .setattr = stripe_setattr, + .fsetattr = stripe_fsetattr, + .lookup = stripe_lookup, + .mknod = stripe_mknod, + .setxattr = stripe_setxattr, + .fsetxattr = stripe_fsetxattr, + .getxattr = stripe_getxattr, + .removexattr = stripe_removexattr, + .fremovexattr = stripe_fremovexattr, + .readdirp = stripe_readdirp, }; struct xlator_cbks cbks = { |