aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch')
-rw-r--r--recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch70
1 files changed, 0 insertions, 70 deletions
diff --git a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch b/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
deleted file mode 100644
index 0e24c56b..00000000
--- a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From d1936056d77abcfda14386235a88ed553341a429 Mon Sep 17 00:00:00 2001
-From: Mohammed Rafi KC <rkavunga@redhat.com>
-Date: Mon, 26 Mar 2018 20:27:34 +0530
-Subject: [PATCH 1/3] shared storage: Prevent mounting shared storage from
- non-trusted client
-
-gluster shared storage is a volume used for internal storage for
-various features including ganesha, geo-rep, snapshot.
-
-So this volume should not be exposed to the client, as it is
-a special volume for internal use.
-
-This fix wont't generate non trusted volfile for shared storage volume.
-
-Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c
-fixes: bz#1568844
-BUG: 1568844
-Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
-
-Upstream-Status: Backport
-Fix CVE-2018-1088
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
-
----
- xlators/mgmt/glusterd/src/glusterd-volgen.c | 21 +++++++++++++++++++++
- 1 file changed, 21 insertions(+)
-
-diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
-index 0a0668e..308c41f 100644
---- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
-+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
-@@ -5721,6 +5721,7 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
- int i = 0;
- int ret = -1;
- char filepath[PATH_MAX] = {0,};
-+ char *volname = NULL;
- char *types[] = {NULL, NULL, NULL};
- dict_t *dict = NULL;
- xlator_t *this = NULL;
-@@ -5728,6 +5729,26 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
-
- this = THIS;
-
-+ volname = volinfo->is_snap_volume ?
-+ volinfo->parent_volname : volinfo->volname;
-+
-+
-+ if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE) &&
-+ client_type != GF_CLIENT_TRUSTED) {
-+ /*
-+ * shared storage volume cannot be mounted from non trusted
-+ * nodes. So we are not creating volfiles for non-trusted
-+ * clients for shared volumes as well as snapshot of shared
-+ * volumes.
-+ */
-+
-+ ret = 0;
-+ gf_msg_debug ("glusterd", 0, "Skipping the non-trusted volfile"
-+ "creation for shared storage volume. Volume %s",
-+ volname);
-+ goto out;
-+ }
-+
- enumerate_transport_reqs (volinfo->transport_type, types);
- dict = dict_new ();
- if (!dict)
---
-2.7.4
-