diff options
| author | Rajesh Amaravathi <rajesh@redhat.com> | 2012-02-29 15:16:53 +0530 |
|---|---|---|
| committer | Vijay Bellur <vijay@gluster.com> | 2012-03-05 09:17:47 -0800 |
| commit | 6756245b1514374712136c8dc1f4ac2a19a6da21 (patch) | |
| tree | f2620650880325ac3d0b280c349372cd50d3382d /xlators/cluster/afr/src | |
| parent | 33b9f156e6b6137e33bd9becfe640166986ecc55 (diff) | |
fops/removexattr: prevent users from removing glusterfs xattrs
* Each xlator prevents the user from removing xlator-specific
xattrs like trusted.gfid by handling it in respective removexattr
functions.
* For xlators which did not define remove and fremovexattr,
the functions have been implemented with appropriate checks.
xlator | fops-added
_______________|__________________________
|
1. stripe | removexattr and fremovexattr
2. quota | removexattr and fremovexattr
Change-Id: I98e22109717978134378bc75b2eca83fefb2abba
BUG: 783525
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2836
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Diffstat (limited to 'xlators/cluster/afr/src')
| -rw-r--r-- | xlators/cluster/afr/src/afr-inode-write.c | 33 | ||||
| -rw-r--r-- | xlators/cluster/afr/src/pump.c | 14 |
2 files changed, 37 insertions, 10 deletions
diff --git a/xlators/cluster/afr/src/afr-inode-write.c b/xlators/cluster/afr/src/afr-inode-write.c index 3dc1a418624..1d25949db71 100644 --- a/xlators/cluster/afr/src/afr-inode-write.c +++ b/xlators/cluster/afr/src/afr-inode-write.c @@ -1474,9 +1474,7 @@ afr_setxattr (call_frame_t *frame, xlator_t *this, int ret = -1; int op_errno = EINVAL; - VALIDATE_OR_GOTO (frame, out); VALIDATE_OR_GOTO (this, out); - VALIDATE_OR_GOTO (this->private, out); GF_IF_INTERNAL_XATTR_GOTO ("trusted.afr.*", dict, trav, op_errno, out); @@ -1484,6 +1482,9 @@ afr_setxattr (call_frame_t *frame, xlator_t *this, GF_IF_INTERNAL_XATTR_GOTO ("trusted.glusterfs.afr.*", dict, trav, op_errno, out); + VALIDATE_OR_GOTO (frame, out); + VALIDATE_OR_GOTO (this->private, out); + priv = this->private; QUORUM_CHECK(setxattr,out); @@ -1844,14 +1845,21 @@ int afr_removexattr (call_frame_t *frame, xlator_t *this, loc_t *loc, const char *name) { - afr_private_t * priv = NULL; - afr_local_t * local = NULL; - call_frame_t *transaction_frame = NULL; - int ret = -1; - int op_errno = 0; + afr_private_t *priv = NULL; + afr_local_t *local = NULL; + call_frame_t *transaction_frame = NULL; + int ret = -1; + int op_errno = 0; - VALIDATE_OR_GOTO (frame, out); VALIDATE_OR_GOTO (this, out); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.afr.*", + name, op_errno, out); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.glusterfs.afr.*", + name, op_errno, out); + + VALIDATE_OR_GOTO (frame, out); VALIDATE_OR_GOTO (this->private, out); VALIDATE_OR_GOTO (loc, out); @@ -2027,8 +2035,15 @@ afr_fremovexattr (call_frame_t *frame, xlator_t *this, int op_ret = -1; int op_errno = 0; - VALIDATE_OR_GOTO (frame, out); VALIDATE_OR_GOTO (this, out); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.afr.*", + name, op_errno, out); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.glusterfs.afr.*", + name, op_errno, out); + + VALIDATE_OR_GOTO (frame, out); VALIDATE_OR_GOTO (this->private, out); priv = this->private; diff --git a/xlators/cluster/afr/src/pump.c b/xlators/cluster/afr/src/pump.c index e795c38e096..9c6f9a52aee 100644 --- a/xlators/cluster/afr/src/pump.c +++ b/xlators/cluster/afr/src/pump.c @@ -2165,7 +2165,15 @@ pump_removexattr (call_frame_t *frame, loc_t *loc, const char *name) { - afr_private_t *priv = NULL; + afr_private_t *priv = NULL; + int op_errno = -1; + + VALIDATE_OR_GOTO (this, out); + + GF_IF_NATIVE_XATTR_GOTO ("trusted.glusterfs.pump*", + name, op_errno, out); + + op_errno = 0; priv = this->private; if (!priv->use_afr_in_pump) { STACK_WIND (frame, @@ -2177,6 +2185,10 @@ pump_removexattr (call_frame_t *frame, return 0; } afr_removexattr (frame, this, loc, name); + + out: + if (op_errno) + AFR_STACK_UNWIND (removexattr, frame, -1, op_errno); return 0; } |