Details
-
Bug
-
Resolution: Fixed
-
Critical
-
Lustre 2.5.0
-
3
-
11016
Description
In mdt_reint_setxattr() the permissions checking is all dead code because we first test to see if the xattr name starts with "user" then we compare it to the "trusted.xxx" names:
if (strncmp(xattr_name, XATTR_USER_PREFIX,
sizeof(XATTR_USER_PREFIX) - 1) == 0) {
if (!(exp_connect_flags(req->rq_export) & OBD_CONNECT_XATTR))
GOTO(out, rc = -EOPNOTSUPP);
if (strcmp(xattr_name, XATTR_NAME_LOV) == 0)
GOTO(out, rc = -EACCES);
if (strcmp(xattr_name, XATTR_NAME_LMA) == 0)
GOTO(out, rc = 0);
if (strcmp(xattr_name, XATTR_NAME_LINK) == 0)
GOTO(out, rc = 0);
# touch f0 # getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.link=0s3/HqEQEAAAAsAAAAAAAAAAAAAAAAAAAAABQAAAACAAAABwAAAAEAAAAAZjA= trusted.lma=0sAAAAAAAAAAAABAAAAgAAAA8AAAAAAAAA trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= # setfattr -x trusted.link f0 # getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.lma=0sAAAAAAAAAAAABAAAAgAAAA8AAAAAAAAA trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= # lfs path2fid f0 [0x200000400:0xf:0x0] # lfs fid2path /mnt/lustre 0x200000400:0xf:0x0 ioctl err -61: No data available (61) fid2path: error on FID 0x200000400:0xf:0x0: No data available t:lustre# getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.lma=0sAAAAAAAAAAAABAAAAgAAAA8AAAAAAAAA trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= t:lustre# setfattr -x trusted.lma f0 t:lustre# getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= t:lustre# lfs hsm_archive f0 t:lustre# getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.hsm=0sAAAAAAEAAAABAAAAAAAAAAAAAAAAAAAA trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= t:lustre# setfattr -x trusted.hsm f0 t:lustre# getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= # cd /mnt/lustre2 t:lustre2# getfattr -d -m- f0 # file: f0 lustre.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= trusted.lov=0s0AvRCwEAAAAPAAAAAAAAAAAEAAACAAAAAAAQAAEAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=