Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-4101

mdt_reint_setxattr allows removal of trusted xattrs

Details

    • 3
    • 11016

    Description

      In mdt_reint_setxattr() the permissions checking is all dead code because we first test to see if the xattr name starts with "user" then we compare it to the "trusted.xxx" names:

              if (strncmp(xattr_name, XATTR_USER_PREFIX,
                    sizeof(XATTR_USER_PREFIX) - 1) == 0) {
                if (!(exp_connect_flags(req->rq_export) & OBD_CONNECT_XATTR))
                        GOTO(out, rc = -EOPNOTSUPP);
                if (strcmp(xattr_name, XATTR_NAME_LOV) == 0)
                        GOTO(out, rc = -EACCES);
                if (strcmp(xattr_name, XATTR_NAME_LMA) == 0)
                        GOTO(out, rc = 0);
                if (strcmp(xattr_name, XATTR_NAME_LINK) == 0)
                        GOTO(out, rc = 0);

      # touch f0
# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.link=0s3/HqEQEAAAAsAAAAAAAAAAAAAAAAAAAAABQAAAACAAAABwAAAAEAAAAAZjA=
trusted.lma=0sAAAAAAAAAAAABAAAAgAAAA8AAAAAAAAA
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

# setfattr -x trusted.link f0
# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.lma=0sAAAAAAAAAAAABAAAAgAAAA8AAAAAAAAA
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

# lfs path2fid f0
[0x200000400:0xf:0x0]
# lfs fid2path /mnt/lustre 0x200000400:0xf:0x0
ioctl err -61: No data available (61)
fid2path: error on FID 0x200000400:0xf:0x0: No data available
t:lustre# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.lma=0sAAAAAAAAAAAABAAAAgAAAA8AAAAAAAAA
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

t:lustre# setfattr -x trusted.lma f0
t:lustre# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
t:lustre# lfs hsm_archive f0
t:lustre# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.hsm=0sAAAAAAEAAAABAAAAAAAAAAAAAAAAAAAA
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

t:lustre# setfattr -x trusted.hsm f0
t:lustre# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
# cd /mnt/lustre2
t:lustre2# getfattr -d -m- f0
# file: f0
lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

      Attachments

        Activity

          [LU-4101] mdt_reint_setxattr allows removal of trusted xattrs
          pjones Peter Jones made changes -
          Fix Version/s New: Lustre 2.4.3 [ 10652 ]
          pjones Peter Jones made changes -
          Labels Original: mdt mn4 New: mdt
          pjones Peter Jones made changes -
          Labels Original: mdt mn4 mq214 New: mdt mn4
          pjones Peter Jones made changes -
          Fix Version/s New: Lustre 2.5.1 [ 10608 ]
          Fix Version/s Original: Lustre 2.5.2 [ 10645 ]
          adilger Andreas Dilger made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: In Progress [ 3 ] New: Resolved [ 5 ]
          adilger Andreas Dilger made changes -
          Fix Version/s New: Lustre 2.5.2 [ 10645 ]
          adilger Andreas Dilger made changes -
          Labels Original: mdt New: mdt mn4 mq214
          pjones Peter Jones made changes -
          Fix Version/s Original: Lustre 2.5.1 [ 10608 ]
          jhammond John Hammond made changes -
          Fix Version/s New: Lustre 2.6.0 [ 10595 ]
          jhammond John Hammond made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]

          People

            jhammond John Hammond
            jhammond John Hammond
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: