mds: reject client sessions with bad root metadata

author John Spray <john.spray@redhat.com>

Tue, 13 Oct 2015 10:12:54 +0000 (11:12 +0100)

committer John Spray <john.spray@redhat.com>

Tue, 5 Jan 2016 14:05:04 +0000 (14:05 +0000)
author John Spray <john.spray@redhat.com>
Tue, 13 Oct 2015 10:12:54 +0000 (11:12 +0100)
committer John Spray <john.spray@redhat.com>
Tue, 5 Jan 2016 14:05:04 +0000 (14:05 +0000)
diff --git a/src/mds/Server.cc b/src/mds/Server.cc

index 2616a251d6327ab9462d43300d5518ee142efecb..62cf62f1b28022b142e60bdc48f3bfa770d377ce 100644 (file)
--- a/src/mds/Server.cc
+++ b/src/mds/Server.cc
@@ -287,7 +287,13 @@ void Server::handle_client_session(MClientSession *m)
        if (!session->auth_caps.path_capable(claimed_root)) {
          derr << __func__ << " forbidden path claimed as mount root: "
               << claimed_root << " by " << m->get_source() << dendl;
-        session->info.client_metadata.erase("root");
+        // Tell the client we're rejecting their open
+        mds->send_message_client(new MClientSession(CEPH_SESSION_REJECT), session);
+        mds->clog->warn() << "client session with invalid root '" <<
+          claimed_root << "' denied (" << session->info.inst << ")";
+        session->clear();
+        // Drop out; don't record this session in SessionMap or journal it.
+        break;
        }
      }
author	John Spray <john.spray@redhat.com>
	Tue, 13 Oct 2015 10:12:54 +0000 (11:12 +0100)
committer	John Spray <john.spray@redhat.com>
	Tue, 5 Jan 2016 14:05:04 +0000 (14:05 +0000)