From: Sage Weil Date: Tue, 7 Mar 2017 21:12:22 +0000 (-0500) Subject: mon/MgrMonitor: enforce mgr caps X-Git-Tag: v12.0.2~252^2~38 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=588629a1891edb1e284cf39a1b8d98552e5bf1cc;p=ceph.git mon/MgrMonitor: enforce mgr caps Require 'allow x' for mgr beacon. Verify fsid. Signed-off-by: Sage Weil --- diff --git a/src/mon/MgrMonitor.cc b/src/mon/MgrMonitor.cc index 871478a7b3e..3e59d0ecb36 100644 --- a/src/mon/MgrMonitor.cc +++ b/src/mon/MgrMonitor.cc @@ -67,6 +67,24 @@ void MgrMonitor::encode_pending(MonitorDBStore::TransactionRef t) put_last_committed(t, pending_map.epoch); } +bool MgrMonitor::check_caps(MonOpRequestRef op, const uuid_d& fsid) +{ + // check permissions + MonSession *session = op->get_session(); + if (!session) + return false; + if (!session->is_capable("mgr", MON_CAP_X)) { + dout(1) << __func__ << " insufficient caps " << session->caps << dendl; + return false; + } + if (fsid != mon->monmap->fsid) { + dout(1) << __func__ << " op fsid " << fsid + << " != " << mon->monmap->fsid << dendl; + return false; + } + return true; +} + bool MgrMonitor::preprocess_query(MonOpRequestRef op) { PaxosServiceMessage *m = static_cast(op->get_req()); @@ -123,6 +141,10 @@ bool MgrMonitor::preprocess_beacon(MonOpRequestRef op) MMgrBeacon *m = static_cast(op->get_req()); dout(4) << "beacon from " << m->get_gid() << dendl; + if (!check_caps(op, m->get_fsid())) { + return true; + } + last_beacon[m->get_gid()] = ceph_clock_now(); if (pending_map.active_gid == m->get_gid() diff --git a/src/mon/MgrMonitor.h b/src/mon/MgrMonitor.h index bfddba5943a..7e5fbce5438 100644 --- a/src/mon/MgrMonitor.h +++ b/src/mon/MgrMonitor.h @@ -36,6 +36,8 @@ class MgrMonitor : public PaxosService Context *digest_callback; + bool check_caps(MonOpRequestRef op, const uuid_d& fsid); + public: MgrMonitor(Monitor *mn, Paxos *p, const string& service_name) : PaxosService(mn, p, service_name), digest_callback(nullptr)