diff options
-rw-r--r-- | recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch | 297 | ||||
-rw-r--r-- | recipes-extended/glusterfs/glusterfs.inc | 1 |
2 files changed, 298 insertions, 0 deletions
diff --git a/recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch b/recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch new file mode 100644 index 00000000..d35ec485 --- /dev/null +++ b/recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch @@ -0,0 +1,297 @@ +From 76ee41dcb37d3c864d9cb70f957034c246de43ab Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 25 Sep 2018 16:31:14 +0800 +Subject: [PATCH 6/7] posix: remove not supported get/set content + +getting and setting a file's content using extended +attribute worked great as a GET/PUT alternative when +an object storage is supported on top of Gluster. But +it needs application changes, and also, it skips some +caching layers. It is not used over years, and not +supported any more. Remove the dead code. + +Fixes: bz#1625102 + +Change-Id: Ide3b3f1f644f6ca58558bbe45561f346f96b95b7 +Signed-off-by: Amar Tumballi <amarts@redhat.com> + +Upstream-Status: Backport + +Fix CVE-2018-10913 +Fix CVE-2018-10914 + +Modified to suite this old version. + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + libglusterfs/src/glusterfs.h | 6 -- + xlators/storage/posix/src/posix-helpers.c | 166 +----------------------------- + xlators/storage/posix/src/posix.c | 14 --- + xlators/storage/posix/src/posix.h | 4 - + 4 files changed, 1 insertion(+), 189 deletions(-) + +diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h +index 9047373..77cafcb 100644 +--- a/libglusterfs/src/glusterfs.h ++++ b/libglusterfs/src/glusterfs.h +@@ -152,9 +152,6 @@ + #define GLUSTERFS_INTERNAL_FOP_KEY "glusterfs-internal-fop" + #define DHT_CHANGELOG_RENAME_OP_KEY "changelog.rename-op" + +-#define ZR_FILE_CONTENT_STR "glusterfs.file." +-#define ZR_FILE_CONTENT_STRLEN 15 +- + #define GLUSTERFS_WRITE_IS_APPEND "glusterfs.write-is-append" + #define GLUSTERFS_WRITE_UPDATE_ATOMIC "glusterfs.write-update-atomic" + #define GLUSTERFS_OPEN_FD_COUNT "glusterfs.open-fd-count" +@@ -220,9 +217,6 @@ + + #define STARTING_EVENT_THREADS 1 + +-#define ZR_FILE_CONTENT_REQUEST(key) (!strncmp(key, ZR_FILE_CONTENT_STR, \ +- ZR_FILE_CONTENT_STRLEN)) +- + #define DEFAULT_VAR_RUN_DIRECTORY DATADIR "/run/gluster" + #define DEFAULT_GLUSTERFSD_MISC_DIRETORY DATADIR "/lib/misc/glusterfsd" + #ifdef GF_LINUX_HOST_OS +diff --git a/xlators/storage/posix/src/posix-helpers.c b/xlators/storage/posix/src/posix-helpers.c +index 69f61bf..f849845 100644 +--- a/xlators/storage/posix/src/posix-helpers.c ++++ b/xlators/storage/posix/src/posix-helpers.c +@@ -890,166 +890,6 @@ out: + return ret; + } + +- +-int +-posix_set_file_contents (xlator_t *this, const char *path, char *keyp, +- data_t *value, int flags) +-{ +- char * key = NULL; +- char real_path[PATH_MAX]; +- int32_t file_fd = -1; +- int op_ret = 0; +- int ret = -1; +- +- +- /* XXX: does not handle assigning GFID to created files */ +- return -1; +- +- key = &(keyp[15]); +- sprintf (real_path, "%s/%s", path, key); +- +- if (flags & XATTR_REPLACE) { +- /* if file exists, replace it +- * else, error out */ +- file_fd = open (real_path, O_TRUNC|O_WRONLY); +- +- if (file_fd == -1) { +- goto create; +- } +- +- if (value->len) { +- ret = sys_write (file_fd, value->data, value->len); +- if (ret == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, +- P_MSG_SET_FILE_CONTENTS, "write failed" +- "while doing setxattr for key %s on" +- "path%s", key, real_path); +- goto out; +- } +- +- ret = sys_close (file_fd); +- if (ret == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, +- P_MSG_SET_FILE_CONTENTS, +- "close failed on %s", +- real_path); +- goto out; +- } +- } +- +- create: /* we know file doesn't exist, create it */ +- +- file_fd = open (real_path, O_CREAT|O_WRONLY, 0644); +- +- if (file_fd == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, +- P_MSG_SET_FILE_CONTENTS, "failed to open file" +- "%s with O_CREAT", key); +- goto out; +- } +- +- ret = sys_write (file_fd, value->data, value->len); +- if (ret == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, +- P_MSG_SET_FILE_CONTENTS, "write failed on %s" +- "while setxattr with key %s", real_path, key); +- goto out; +- } +- +- ret = sys_close (file_fd); +- if (ret == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, +- P_MSG_SET_FILE_CONTENTS, "close failed on" +- " %s while setxattr with key %s", +- real_path, key); +- goto out; +- } +- } +- +-out: +- return op_ret; +-} +- +- +-int +-posix_get_file_contents (xlator_t *this, uuid_t pargfid, +- const char *name, char **contents) +-{ +- char *real_path = NULL; +- int32_t file_fd = -1; +- struct iatt stbuf = {0,}; +- int op_ret = 0; +- int ret = -1; +- +- +- MAKE_HANDLE_PATH (real_path, this, pargfid, name); +- if (!real_path) { +- op_ret = -ESTALE; +- gf_msg (this->name, GF_LOG_ERROR, ESTALE, +- P_MSG_XDATA_GETXATTR, +- "Failed to create handle path for %s/%s", +- uuid_utoa (pargfid), name); +- goto out; +- } +- +- op_ret = posix_istat (this, pargfid, name, &stbuf); +- if (op_ret == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR, +- "lstat failed on %s", real_path); +- goto out; +- } +- +- file_fd = open (real_path, O_RDONLY); +- +- if (file_fd == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR, +- "open failed on %s", real_path); +- goto out; +- } +- +- *contents = GF_CALLOC (stbuf.ia_size + 1, sizeof(char), +- gf_posix_mt_char); +- if (! *contents) { +- op_ret = -errno; +- goto out; +- } +- +- ret = sys_read (file_fd, *contents, stbuf.ia_size); +- if (ret <= 0) { +- op_ret = -1; +- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR, +- "read on %s failed", real_path); +- goto out; +- } +- +- *contents[stbuf.ia_size] = '\0'; +- +- op_ret = sys_close (file_fd); +- file_fd = -1; +- if (op_ret == -1) { +- op_ret = -errno; +- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR, +- "close on %s failed", real_path); +- goto out; +- } +- +-out: +- if (op_ret < 0) { +- GF_FREE (*contents); +- if (file_fd != -1) +- sys_close (file_fd); +- } +- +- return op_ret; +-} +- + #ifdef HAVE_SYS_ACL_H + int + posix_pacl_set (const char *path, const char *key, const char *acl_s) +@@ -1154,9 +994,6 @@ posix_handle_pair (xlator_t *this, const char *real_path, + if (XATTR_IS_PATHINFO (key)) { + ret = -EACCES; + goto out; +- } else if (ZR_FILE_CONTENT_REQUEST(key)) { +- ret = posix_set_file_contents (this, real_path, key, value, +- flags); + } else if (GF_POSIX_ACL_REQUEST (key)) { + if (stbuf && IS_DHT_LINKFILE_MODE (stbuf)) + goto out; +@@ -1609,8 +1446,7 @@ _handle_entry_create_keyvalue_pair (dict_t *d, char *k, data_t *v, + !strcmp ("gfid-req", k) || + !strcmp (POSIX_ACL_DEFAULT_XATTR, k) || + !strcmp (POSIX_ACL_ACCESS_XATTR, k) || +- posix_xattr_ignorable (k) || +- ZR_FILE_CONTENT_REQUEST(k)) { ++ posix_xattr_ignorable (k)) { + return 0; + } + +diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c +index 506ae91..a69e8f6 100644 +--- a/xlators/storage/posix/src/posix.c ++++ b/xlators/storage/posix/src/posix.c +@@ -4427,7 +4427,6 @@ posix_getxattr (call_frame_t *frame, xlator_t *this, + char *value = NULL; + char *real_path = NULL; + dict_t *dict = NULL; +- char *file_contents = NULL; + int ret = -1; + char *path = NULL; + char *rpath = NULL; +@@ -4458,19 +4457,6 @@ posix_getxattr (call_frame_t *frame, xlator_t *this, + goto out; + } + +- if (loc->inode && IA_ISDIR(loc->inode->ia_type) && name && +- ZR_FILE_CONTENT_REQUEST(name)) { +- ret = posix_get_file_contents (this, loc->gfid, &name[15], +- &file_contents); +- if (ret < 0) { +- op_errno = -ret; +- gf_msg (this->name, GF_LOG_ERROR, op_errno, +- P_MSG_FILE_FAILED, "getting file contents" +- "failed"); +- goto out; +- } +- } +- + dict = dict_new (); + if (!dict) { + op_errno = ENOMEM; +diff --git a/xlators/storage/posix/src/posix.h b/xlators/storage/posix/src/posix.h +index febd432..3d2566b 100644 +--- a/xlators/storage/posix/src/posix.h ++++ b/xlators/storage/posix/src/posix.h +@@ -250,10 +250,6 @@ int posix_handle_pair (xlator_t *this, const char *real_path, char *key, + int posix_fhandle_pair (xlator_t *this, int fd, char *key, data_t *value, + int flags, struct iatt *stbuf); + void posix_spawn_janitor_thread (xlator_t *this); +-int posix_get_file_contents (xlator_t *this, uuid_t pargfid, +- const char *name, char **contents); +-int posix_set_file_contents (xlator_t *this, const char *path, char *key, +- data_t *value, int flags); + int posix_acl_xattr_set (xlator_t *this, const char *path, dict_t *xattr_req); + int posix_gfid_heal (xlator_t *this, const char *path, loc_t *loc, dict_t *xattr_req); + int posix_entry_create_xattr_set (xlator_t *this, const char *path, +-- +2.7.4 + diff --git a/recipes-extended/glusterfs/glusterfs.inc b/recipes-extended/glusterfs/glusterfs.inc index 0ce2acd9..525b9050 100644 --- a/recipes-extended/glusterfs/glusterfs.inc +++ b/recipes-extended/glusterfs/glusterfs.inc @@ -28,6 +28,7 @@ SRC_URI += "file://glusterd.init \ file://0003-server-protocol-don-t-allow-.-path-in-name.patch \ file://0004-io-stats-dump-io-stats-info-in-var-run-gluster.patch \ file://0005-cluster-afr-Fix-dict-leak-in-pre-op.patch \ + file://0006-posix-remove-not-supported-get-set-content.patch \ " LICENSE = "(LGPLv3+ | GPLv2) & GPLv3+ & LGPLv3+ & GPLv2+ & LGPLv2+ & LGPLv2.1+ & Apache-2.0" |