diff options
| author | Susant Palai <spalai@redhat.com> | 2018-11-02 09:23:42 +0530 |
|---|---|---|
| committer | Amar Tumballi <amarts@redhat.com> | 2018-11-06 05:39:44 +0000 |
| commit | c2c70552188ee1b15bb748b4f2272062505c7696 (patch) | |
| tree | 929566938f72805aae9b2797464b8e0089d2dff4 /xlators/mount | |
| parent | 4c6b063463ae48b3509ff8e66cd391f8637a86af (diff) | |
lock: Do not allow meta-lock count to be more than one
In the current scheme of glusterfs where lock migration is
experimental, (ideally) the rebalance process which is migrating
the file should request for a metalock. Hence, the metalock count
should not be more than one for an inode. In future, if there is a
need for meta-lock from other clients, this patch can be reverted.
Since pl_metalk is called as part of setxattr operation, any client
process(non-rebalance) residing outside trusted network can exhaust
memory of the server node by issuing setxattr repetitively on the
metalock key. The current patch makes sure that more than
one metalock cannot be granted on an inode.
Fixes CVE-2018-14660
updates: bz#1644758
Change-Id: Ie1e697766388718804a9551bc58351808fe71069
Signed-off-by: Susant Palai <spalai@redhat.com>
Diffstat (limited to 'xlators/mount')
0 files changed, 0 insertions, 0 deletions