mds: deny access to directories with pool_ns layouts if feature is missing

If the client feature is missing, given them EIO.  Change check_access to
return an error code to distinguish this from EACCES.

Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/src/mds/Locker.cc b/src/mds/Locker.cc
index d500f4fb047bc28403011611ef433f81205f9b30..ec80aeb4a703f9edb1b5df23f6b76563289e42b2 100644 (file)
--- a/src/mds/Locker.cc
+++ b/src/mds/Locker.cc
@@ -3149,7 +3149,8 @@ bool Locker::_do_cap_update(CInode *in, Capability *cap,
     return false;
 
   Session *session = static_cast<Session *>(m->get_connection()->get_priv());
-  if (!session->check_access(in, MAY_WRITE, m->caller_uid, m->caller_gid, 0, 0)) {
+  if (session->check_access(in, MAY_WRITE,
+                           m->caller_uid, m->caller_gid, 0, 0) < 0) {
     dout(10) << "check_access failed, dropping cap update on " << *in << dendl;
     return false;
   }

diff --git a/src/mds/Server.cc b/src/mds/Server.cc
index 994462ea653a18024525748a5661ddfa940052aa..a5b087f652e506acbee04dd1047546d1f4ee0221 100644 (file)
--- a/src/mds/Server.cc
+++ b/src/mds/Server.cc
@@ -2132,14 +2132,17 @@ void Server::handle_slave_auth_pin_ack(MDRequestRef& mdr, MMDSSlaveRequest *ack)
  */
 bool Server::check_access(MDRequestRef& mdr, CInode *in, unsigned mask)
 {
- if (mdr->session && !mdr->session->check_access(
-       in, mask,
-       mdr->client_request->get_caller_uid(),
-       mdr->client_request->get_caller_gid(),
-       mdr->client_request->head.args.setattr.uid,
-       mdr->client_request->head.args.setattr.gid)) {
-    respond_to_request(mdr, -EACCES);
-    return false;
+  if (mdr->session) {
+    int r = mdr->session->check_access(
+      in, mask,
+      mdr->client_request->get_caller_uid(),
+      mdr->client_request->get_caller_gid(),
+      mdr->client_request->head.args.setattr.uid,
+      mdr->client_request->head.args.setattr.gid);
+    if (r < 0) {
+      respond_to_request(mdr, r);
+      return false;
+    }
   }
   return true;
 }

diff --git a/src/mds/SessionMap.cc b/src/mds/SessionMap.cc
index 9b4bc7fa2bec0beb33930b6805804c6760b90393..1e858e36d4068f5db2dca87d483a0c4df0d90402 100644 (file)
--- a/src/mds/SessionMap.cc
+++ b/src/mds/SessionMap.cc
@@ -842,9 +842,9 @@ void Session::decode(bufferlist::iterator &p)
   _update_human_name();
 }
 
-bool Session::check_access(CInode *in, unsigned mask,
-                          int caller_uid, int caller_gid,
-                          int new_uid, int new_gid)
+int Session::check_access(CInode *in, unsigned mask,
+                         int caller_uid, int caller_gid,
+                         int new_uid, int new_gid)
 {
   string path;
   CInode *diri = NULL;
@@ -860,12 +860,20 @@ bool Session::check_access(CInode *in, unsigned mask,
   if (path.length())
     path = path.substr(1);    // drop leading /
 
-  if (auth_caps.is_capable(path, in->inode.uid, in->inode.gid, in->inode.mode,
-                          caller_uid, caller_gid, mask,
-                          new_uid, new_gid)) {
-    return true;
+  if (in->inode.is_dir() &&
+      in->inode.has_layout() &&
+      in->inode.layout.pool_ns.length() &&
+      !connection->has_feature(CEPH_FEATURE_FS_FILE_LAYOUT_V2)) {
+    dout(10) << __func__ << " client doesn't support FS_FILE_LAYOUT_V2" << dendl;
+    return -EIO;
   }
-  return false;
+
+  if (!auth_caps.is_capable(path, in->inode.uid, in->inode.gid, in->inode.mode,
+                           caller_uid, caller_gid, mask,
+                           new_uid, new_gid)) {
+    return -EACCES;
+  }
+  return 0;
 }
 
 int SessionFilter::parse(

diff --git a/src/mds/SessionMap.h b/src/mds/SessionMap.h
index 75a7d0704e5550f2ef67506007742306010f4cf2..d03e16c85ac25931bc8bcf174d3a312040fba11f 100644 (file)
--- a/src/mds/SessionMap.h
+++ b/src/mds/SessionMap.h
@@ -303,8 +303,8 @@ public:
     completed_requests_dirty = false;
   }
 
-  bool check_access(CInode *in, unsigned mask, int caller_uid, int caller_gid,
-                   int new_uid, int new_gid);
+  int check_access(CInode *in, unsigned mask, int caller_uid, int caller_gid,
+                  int new_uid, int new_gid);
 
 
   Session() :