mds: require MAY_SET_POOL to set pool_ns

The intent of that flag is to enable admins to limit a client
to setting layouts to put objects within the OSD auth caps that
it has been given, so we should apply it to namespace as well
as pool ID.

Fixes: http://tracker.ceph.com/issues/17798
Signed-off-by: John Spray <john.spray@redhat.com>

diff --git a/src/mds/Server.cc b/src/mds/Server.cc
index 9207cde01a4289a51b6962b6bdd1ea8acd56a5cc..bce73cde3361dba8dc1b304b9024895df9b69a1e 100644 (file)
--- a/src/mds/Server.cc
+++ b/src/mds/Server.cc
@@ -3183,9 +3183,8 @@ void Server::handle_client_openc(MDRequestRef& mdr)
     // file would have inherited anyway from its parent.
     CDir *parent = dn->get_dir();
     CInode *parent_in = parent->get_inode();
-    int64_t parent_pool = parent_in->inode.layout.pool_id;
-
-    if (layout.pool_id != parent_pool) {
+    if (layout.pool_id != parent_in->inode.layout.pool_id
+        || layout.pool_ns != parent_in->inode.layout.pool_ns) {
       access |= MAY_SET_POOL;
     }
 
@@ -4297,7 +4296,8 @@ void Server::handle_set_vxattr(MDRequestRef& mdr, CInode *cur,
     if (!mds->locker->acquire_locks(mdr, rdlocks, wrlocks, xlocks))
       return;
 
-    if (cur->inode.layout.pool_id != layout.pool_id) {
+    if (cur->inode.layout.pool_id != layout.pool_id
+        || cur->inode.layout.pool_ns != layout.pool_ns) {
       if (!check_access(mdr, cur, MAY_SET_POOL)) {
         return;
       }
@@ -4324,7 +4324,8 @@ void Server::handle_set_vxattr(MDRequestRef& mdr, CInode *cur,
     if (!mds->locker->acquire_locks(mdr, rdlocks, wrlocks, xlocks))
       return;
 
-    if (cur->inode.layout.pool_id != layout.pool_id) {
+    if (cur->inode.layout.pool_id != layout.pool_id
+        || cur->inode.layout.pool_ns != layout.pool_ns) {
       if (!check_access(mdr, cur, MAY_SET_POOL)) {
         return;
       }