From 66250799805edf735f4135b4958daa1484d8aad8 Mon Sep 17 00:00:00 2001 From: Yehuda Sadeh Date: Mon, 26 Oct 2009 12:55:00 -0700 Subject: [PATCH] auth: filter mon paxos requests according to caps --- src/mon/MonCaps.h | 3 +++ src/mon/Monitor.cc | 29 +++++++++++++++++++++++++++-- src/vstart.sh | 10 +++++----- 3 files changed, 35 insertions(+), 7 deletions(-) diff --git a/src/mon/MonCaps.h b/src/mon/MonCaps.h index 3ac1f601a9e23..e5bbde7e5f95e 100644 --- a/src/mon/MonCaps.h +++ b/src/mon/MonCaps.h @@ -21,6 +21,9 @@ #define MON_CAP_W 0x2 #define MON_CAP_X 0x4 +#define MON_CAP_RW (MON_CAP_R | MON_CAP_W) +#define MON_CAP_RX (MON_CAP_R | MON_CAP_X) + typedef __u8 rwx_t; struct MonServiceCap { diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc index 774f5d452ed71..9faefdb59fe44 100644 --- a/src/mon/Monitor.cc +++ b/src/mon/Monitor.cc @@ -510,6 +510,21 @@ bool Monitor::ms_dispatch(Message *m) } } + int c = s->caps.get_caps(PAXOS_MONMAP); + if ((c & (MON_CAP_RW)) == (MON_CAP_RW)) { + dout(0) << "has rw caps" << dendl; + } +#define ALLOW_CAPS(service_id, allow_caps) \ +do { \ + int c = s->caps.get_caps(service_id); \ + if ((c & (allow_caps)) != (allow_caps)) { \ + dout(0) << "filtered out request due to caps " \ + << " allowing=" << #allow_caps << " message=" << *m << dendl; \ + delete m; \ + break; \ + } \ +} while (0) + { switch (m->get_type()) { @@ -537,24 +552,31 @@ bool Monitor::ms_dispatch(Message *m) case MSG_OSD_OUT: case MSG_OSD_ALIVE: case MSG_OSD_PGTEMP: + ALLOW_CAPS(PAXOS_OSDMAP, MON_CAP_R); + paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m); + break; + case MSG_REMOVE_SNAPS: + ALLOW_CAPS(PAXOS_OSDMAP, MON_CAP_RW); paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m); break; - // MDSs case MSG_MDS_BEACON: case MSG_MDS_OFFLOAD_TARGETS: + ALLOW_CAPS(PAXOS_MDSMAP, MON_CAP_RW); paxos_service[PAXOS_MDSMAP]->dispatch((PaxosServiceMessage*)m); break; // auth case CEPH_MSG_AUTH: + /* no need to check caps here */ paxos_service[PAXOS_AUTH]->dispatch((PaxosServiceMessage*)m); break; // clients case CEPH_MSG_CLIENT_MOUNT: + ALLOW_CAPS(PAXOS_CLIENTMAP, MON_CAP_RW); paxos_service[PAXOS_CLIENTMAP]->dispatch((PaxosServiceMessage*)m); break; @@ -562,15 +584,18 @@ bool Monitor::ms_dispatch(Message *m) case CEPH_MSG_STATFS: case MSG_PGSTATS: case MSG_GETPOOLSTATS: + ALLOW_CAPS(PAXOS_CLIENTMAP, MON_CAP_R); paxos_service[PAXOS_PGMAP]->dispatch((PaxosServiceMessage*)m); break; case MSG_POOLOP: - paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m); + ALLOW_CAPS(PAXOS_OSDMAP, MON_CAP_RX); + paxos_service[PAXOS_OSDMAP]->dispatch((PaxosServiceMessage*)m); break; // log case MSG_LOG: + ALLOW_CAPS(PAXOS_LOG, MON_CAP_RW); paxos_service[PAXOS_LOG]->dispatch((PaxosServiceMessage*)m); break; diff --git a/src/vstart.sh b/src/vstart.sh index cbde4f59b2a2d..11cd3c2fe1557 100755 --- a/src/vstart.sh +++ b/src/vstart.sh @@ -228,7 +228,7 @@ EOF cat < $admin_caps ; generated by vstart.sh on `date` - mon = "allow rw" + mon = "allow rwx" osd = "allow rwx" mds = "allow" EOF @@ -285,8 +285,8 @@ EOF key_fn=dev/osd$osd/osd$osd.keys.bin cat < $osd_caps ; generated by vstart.sh on `date` - mon = "allow" - osd = "allow rw" + mon = "allow rwx" + osd = "allow rwx" EOF $SUDO $CEPH_BIN/authtool --gen-key --name=osd.$osd --caps=$osd_caps $key_fn $SUDO $CEPH_ADM -i $key_fn auth add osd.$osd @@ -309,8 +309,8 @@ if [ "$start_mds" -eq 1 ]; then EOF cat < $mds_caps ; generated by vstart.sh on `date` - mon = "allow" - osd = "allow rw" + mon = "allow rwx" + osd = "allow rwx" mds = "allow" EOF $SUDO $CEPH_BIN/authtool --gen-key --name=mds.$name --caps=$mds_caps $key_fn -- 2.39.5