From 958b055986d779c58d4d8f8f01bd39d21dec86b9 Mon Sep 17 00:00:00 2001
From: Mykola Golub <mgolub@suse.com>
Date: Tue, 11 Sep 2018 15:56:15 +0300
Subject: [PATCH] librbd: restrict metadata set only allowed config overrides

Signed-off-by: Mykola Golub <mgolub@suse.com>
---
 src/librbd/Operations.cc       | 6 ++++++
 src/librbd/api/PoolMetadata.cc | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/src/librbd/Operations.cc b/src/librbd/Operations.cc
index e670b8523fb4c..66d6ed9e3cc7c 100644
--- a/src/librbd/Operations.cc
+++ b/src/librbd/Operations.cc
@@ -16,6 +16,7 @@
 #include "librbd/ObjectMap.h"
 #include "librbd/Types.h"
 #include "librbd/Utils.h"
+#include "librbd/api/Config.h"
 #include "librbd/journal/DisabledPolicy.h"
 #include "librbd/journal/StandardPolicy.h"
 #include "librbd/operation/DisableFeaturesRequest.h"
@@ -1434,6 +1435,11 @@ int Operations<I>::metadata_set(const std::string &key,
   bool config_override = util::is_metadata_config_override(key, &config_key);
   if (config_override) {
     // validate config setting
+    if (!librbd::api::Config<I>::is_option_name(&m_image_ctx, config_key)) {
+      lderr(cct) << "validation for " << key
+                 << " failed: not allowed image level override" << dendl;
+      return -EINVAL;
+    }
     int r = ConfigProxy{false}.set_val(config_key.c_str(), value);
     if (r < 0) {
       return r;
diff --git a/src/librbd/api/PoolMetadata.cc b/src/librbd/api/PoolMetadata.cc
index 4909d88db5541..2f65e0ad9b02f 100644
--- a/src/librbd/api/PoolMetadata.cc
+++ b/src/librbd/api/PoolMetadata.cc
@@ -6,6 +6,7 @@
 #include "common/dout.h"
 #include "common/errno.h"
 #include "librbd/Utils.h"
+#include "librbd/api/Config.h"
 
 #define dout_subsys ceph_subsys_rbd
 #undef dout_prefix
@@ -35,6 +36,11 @@ int PoolMetadata<I>::set(librados::IoCtx& io_ctx, const std::string &key,
 
   std::string config_key;
   if (util::is_metadata_config_override(key, &config_key)) {
+    if (!librbd::api::Config<I>::is_option_name(io_ctx, config_key)) {
+      lderr(cct) << "validation for " << key
+                 << " failed: not allowed pool level override" << dendl;
+      return -EINVAL;
+    }
     int r = ConfigProxy{false}.set_val(config_key.c_str(), value);
     if (r < 0) {
       lderr(cct) << "validation for " << key << " failed: " << cpp_strerror(r)
-- 
2.39.5