From: John Spray Date: Fri, 13 Nov 2015 14:13:33 +0000 (+0000) Subject: mds: add MAY_SET_POOL in MDSAuthCaps X-Git-Tag: v10.0.2~93^2~2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=eee4b8f976008542def7d58fdb1b26c52bc5e46e;p=ceph.git mds: add MAY_SET_POOL in MDSAuthCaps For controlling whether a client is allowed to modify the pool field in file/dir layouts. Signed-off-by: John Spray --- diff --git a/src/mds/MDSAuthCaps.cc b/src/mds/MDSAuthCaps.cc index 42d01aff0a03..ccabe0017a89 100644 --- a/src/mds/MDSAuthCaps.cc +++ b/src/mds/MDSAuthCaps.cc @@ -70,11 +70,13 @@ struct MDSCapParser : qi::grammar // capspec = * | r[w] capspec = spaces >> ( - lit("*")[_val = MDSCapSpec(true, true, true)] + lit("*")[_val = MDSCapSpec(true, true, true, true)] | - (lit("rw"))[_val = MDSCapSpec(true, true, false)] + (lit("rwp"))[_val = MDSCapSpec(true, true, false, true)] | - (lit("r"))[_val = MDSCapSpec(true, false, false)] + (lit("rw"))[_val = MDSCapSpec(true, true, false, false)] + | + (lit("r"))[_val = MDSCapSpec(true, false, false, false)] ); grant = lit("allow") >> (capspec >> match)[_val = phoenix::construct(_1, _2)]; @@ -159,6 +161,13 @@ bool MDSAuthCaps::is_capable(const std::string &inode_path, if (i->match.match(inode_path, caller_uid, caller_gid) && i->spec.allows(mask & (MAY_READ|MAY_EXECUTE), mask & MAY_WRITE)) { + // Spec is non-allowing if caller asked for set pool but spec forbids it + if (mask & MAY_SET_POOL) { + if (!i->spec.allows_set_pool()) { + continue; + } + } + // check unix permissions? if (i->match.uid == MDSCapMatch::MDS_AUTH_UID_ANY) { return true; @@ -209,7 +218,9 @@ bool MDSAuthCaps::is_capable(const std::string &inode_path, void MDSAuthCaps::set_allow_all() { grants.clear(); - grants.push_back(MDSCapGrant(MDSCapSpec(true, true, true), MDSCapMatch())); + grants.push_back(MDSCapGrant( + MDSCapSpec(true, true, true, true), + MDSCapMatch())); } bool MDSAuthCaps::parse(CephContext *c, const std::string& str, ostream *err) @@ -217,7 +228,7 @@ bool MDSAuthCaps::parse(CephContext *c, const std::string& str, ostream *err) // Special case for legacy caps if (str == "allow") { grants.clear(); - grants.push_back(MDSCapGrant(MDSCapSpec(true, true, false), MDSCapMatch())); + grants.push_back(MDSCapGrant(MDSCapSpec(true, true, false, true), MDSCapMatch())); return true; } diff --git a/src/mds/MDSAuthCaps.h b/src/mds/MDSAuthCaps.h index 112a7fb12aef..e75e7e7f6912 100644 --- a/src/mds/MDSAuthCaps.h +++ b/src/mds/MDSAuthCaps.h @@ -28,7 +28,8 @@ enum { MAY_WRITE = 2, MAY_EXECUTE = 4, MAY_CHOWN = 16, - MAY_CHGRP = 32 + MAY_CHGRP = 32, + MAY_SET_POOL = 64, }; class CephContext; @@ -37,12 +38,17 @@ class CephContext; struct MDSCapSpec { bool read, write, any; - MDSCapSpec() : read(false), write(false), any(false) {} - MDSCapSpec(bool r, bool w, bool a) : read(r), write(w), any(a) {} + // True if the capability permits modifying the pool on file layouts + bool layout_pool; + + MDSCapSpec() : read(false), write(false), any(false), layout_pool(false) {} + MDSCapSpec(bool r, bool w, bool a, bool lop) + : read(r), write(w), any(a), layout_pool(lop) {} bool allow_all() const { return any; } + bool allows(bool r, bool w) const { if (any) return true; @@ -52,6 +58,10 @@ struct MDSCapSpec { return false; return true; } + + bool allows_set_pool() const { + return layout_pool; + } }; // conditions before we are allowed to do it