1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
From ddbac9b2779172876ebd2d26b68b04b02350a125 Mon Sep 17 00:00:00 2001
From: Josh Durgin <jdurgin@redhat.com>
Date: Thu, 23 Apr 2020 00:22:10 -0400
Subject: [PATCH 2/3] mon: enforce caps for pre-octopus client tell commands
This affects only the commands whitelisted here - in particular
injectargs requires write access to the monitors.
Signed-off-by: Josh Durgin <jdurgin@redhat.com>
Upstream-status: Backport
[https://github.com/ceph/ceph/commit/fc5e56b75a97c4652c87e9959aad1c4dec45010d]
Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
---
src/mon/Monitor.cc | 56 +++++++++++++++++++++++-----------------------
1 file changed, 28 insertions(+), 28 deletions(-)
diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index b7cb3eae..eecd2f68 100644
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -3226,34 +3226,6 @@ void Monitor::handle_command(MonOpRequestRef op)
return;
}
- // compat kludge for legacy clients trying to tell commands that are
- // new. see bottom of MonCommands.h. we need to handle both (1)
- // pre-octopus clients and (2) octopus clients with a mix of pre-octopus
- // and octopus mons.
- if ((!HAVE_FEATURE(m->get_connection()->get_features(), SERVER_OCTOPUS) ||
- monmap->min_mon_release < ceph_release_t::octopus) &&
- (prefix == "injectargs" ||
- prefix == "smart" ||
- prefix == "mon_status" ||
- prefix == "heap")) {
- if (m->get_connection()->get_messenger() == 0) {
- // Prior to octopus, monitors might forward these messages
- // around. that was broken at baseline, and if we try to process
- // this message now, it will assert out when we try to send a
- // message in reply from the asok/tell worker (see
- // AnonConnection). Just reply with an error.
- dout(5) << __func__ << " failing forwarded command from a (presumably) "
- << "pre-octopus peer" << dendl;
- reply_command(
- op, -EBUSY,
- "failing forwarded tell command in mixed-version mon cluster", 0);
- return;
- }
- dout(5) << __func__ << " passing command to tell/asok" << dendl;
- cct->get_admin_socket()->queue_tell_command(m);
- return;
- }
-
string module;
string err;
@@ -3368,6 +3340,34 @@ void Monitor::handle_command(MonOpRequestRef op)
<< "entity='" << session->entity_name << "' "
<< "cmd=" << m->cmd << ": dispatch";
+ // compat kludge for legacy clients trying to tell commands that are
+ // new. see bottom of MonCommands.h. we need to handle both (1)
+ // pre-octopus clients and (2) octopus clients with a mix of pre-octopus
+ // and octopus mons.
+ if ((!HAVE_FEATURE(m->get_connection()->get_features(), SERVER_OCTOPUS) ||
+ monmap->min_mon_release < ceph_release_t::octopus) &&
+ (prefix == "injectargs" ||
+ prefix == "smart" ||
+ prefix == "mon_status" ||
+ prefix == "heap")) {
+ if (m->get_connection()->get_messenger() == 0) {
+ // Prior to octopus, monitors might forward these messages
+ // around. that was broken at baseline, and if we try to process
+ // this message now, it will assert out when we try to send a
+ // message in reply from the asok/tell worker (see
+ // AnonConnection). Just reply with an error.
+ dout(5) << __func__ << " failing forwarded command from a (presumably) "
+ << "pre-octopus peer" << dendl;
+ reply_command(
+ op, -EBUSY,
+ "failing forwarded tell command in mixed-version mon cluster", 0);
+ return;
+ }
+ dout(5) << __func__ << " passing command to tell/asok" << dendl;
+ cct->get_admin_socket()->queue_tell_command(m);
+ return;
+ }
+
if (mon_cmd->is_mgr()) {
const auto& hdr = m->get_header();
uint64_t size = hdr.front_len + hdr.middle_len + hdr.data_len;
--
2.25.1
|
