glusterfs.git, branch v4.1.4 GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. doc: Release notes for v4.1.4 2018-09-06T16:11:39+00:00 Jiffin Tony Thottan jthottan@redhat.com 2018-09-06T15:46:06+00:00 deafd5a4f8440fa2a6f54595722e6fd1d4b6ed55 Change-Id: Idfce8b9ec79303b92045e68ab98765f7e2f98940 fixes: bz#1623161 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> 
Change-Id: Idfce8b9ec79303b92045e68ab98765f7e2f98940
fixes: bz#1623161
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
posix: disable open/read/write on special files 2018-09-06T15:03:55+00:00 Amar Tumballi amarts@redhat.com 2018-09-05T13:33:08+00:00 39db09af1de261ef3b80ce354e8b1b89a599fd40 In the file system, the responsibility w.r.to the block and char device files is related to only support for 'creating' them (using mknod(2)). Once the device files are created, the read/write syscalls for the specific devices are handled by the device driver registered for the specific major number, and depending on the minor number, it knows where to read from. Hence, we are at risk of reading contents from devices which are handled by the host kernel on server nodes. By disabling open/read/write on the device file, we would be safe with the bypass one can achieve from client side (using gfapi) Fixes: bz#1625096 Change-Id: I48c776b0af1cbd2a5240862826d3d8918601e47f Signed-off-by: Amar Tumballi <amarts@redhat.com> 
In the file system, the responsibility w.r.to the block and char device
files is related to only support for 'creating' them (using mknod(2)).

Once the device files are created, the read/write syscalls for the specific
devices are handled by the device driver registered for the specific major
number, and depending on the minor number, it knows where to read from.
Hence, we are at risk of reading contents from devices which are handled
by the host kernel on server nodes.

By disabling open/read/write on the device file, we would be safe with
the bypass one can achieve from client side (using gfapi)

Fixes: bz#1625096

Change-Id: I48c776b0af1cbd2a5240862826d3d8918601e47f
Signed-off-by: Amar Tumballi <amarts@redhat.com>
protocol: don't use alloca 2018-09-06T15:02:15+00:00 Amar Tumballi amarts@redhat.com 2018-07-24T08:26:56+00:00 3c66ee967cf7377595c714693e6e9a70861cf822 current implementation of alloca can cause issues when strings larger than the allocated buffer is passed to the xdr. Hence it makes sense to allow XDR decode functions to deal with memory allocations, which we can free later. Fixes: bz#1625097 Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
current implementation of alloca can cause issues when strings larger
than the allocated buffer is passed to the xdr. Hence it makes sense
to allow XDR decode functions to deal with memory allocations, which
we can free later.

Fixes: bz#1625097

Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94
Signed-off-by: Amar Tumballi <amarts@redhat.com>
io-stats: dump io-stats info in /var/run/gluster 2018-09-06T15:01:36+00:00 Amar Tumballi amarts@redhat.com 2018-07-24T10:12:28+00:00 1f46f2ada2d3365aa9252068fd970ae14bcc6d28 It wouldn't make sense to allow iostats file to be written in *any* directory. While the formating makes sure we try to append io-stats-name for the file, so overwriting existing file is slim, but in any case it makes sense to restrict dumping to one directory. Below are the sample commands, and files created for the corresponding values: $ setfattr -n trusted.io-stats-dump -v file-for-dump $M0 In this case, the file would be in /var/run/gluster/file-for-dump $ setfattr -n trusted.io-stats-dump -v /dir1/dir2/file-for-dump $M0 In this case, then the dump file is in /var/run/gluster/dir1-dir2-file-for-dump Note that the value passed for this virtual xattr would be treated as a file, and even if the value has '/' in it, it would be changed to '-' for sanity. Fixes: bz#1625106 Change-Id: Id9ae6a40a190b8937c51662e6e1c2a0f6c86a0e0 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
It wouldn't make sense to allow iostats file to be written in
*any* directory. While the formating makes sure we try to append
io-stats-name for the file, so overwriting existing file is slim,
but in any case it makes sense to restrict dumping to one directory.

Below are the sample commands, and files created for the corresponding
values:

 $ setfattr -n trusted.io-stats-dump -v file-for-dump $M0

In this case, the file would be in /var/run/gluster/file-for-dump

 $ setfattr -n trusted.io-stats-dump -v /dir1/dir2/file-for-dump $M0

In this case, then the dump file is in /var/run/gluster/dir1-dir2-file-for-dump

Note that the value passed for this virtual xattr would be treated as a
file, and even if the value has '/' in it, it would be changed to '-'
for sanity.

Fixes: bz#1625106

Change-Id: Id9ae6a40a190b8937c51662e6e1c2a0f6c86a0e0
Signed-off-by: Amar Tumballi <amarts@redhat.com>
server-protocol: don't allow '../' path in 'name' 2018-09-06T15:00:58+00:00 Amar Tumballi amarts@redhat.com 2018-08-09T07:30:01+00:00 2af8e50a55085df7ede57184558029afc46fb8f9 This will prevent any arbitrary file creation through glusterfs by modifying the client bits. Also check for the similar flaw inside posix too, so we prevent any changes in layers in-between. Fixes: bz#1625095 Signed-off-by: Amar Tumballi <amarts@redhat.com> Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e 
This will prevent any arbitrary file creation through glusterfs
by modifying the client bits.

Also check for the similar flaw inside posix too, so we prevent any
changes in layers in-between.

Fixes: bz#1625095

Signed-off-by: Amar Tumballi <amarts@redhat.com>
Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e
dict: handle negative key/value length while unserialize 2018-09-06T14:45:30+00:00 Amar Tumballi amarts@redhat.com 2018-07-24T07:55:12+00:00 46fce2e458f09606e7ebeca31d2f04b4d25621d2 Fixes: bz#1625089 Change-Id: Ie56df0da46c242846a1ba51ccb9e011af118b119 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
Fixes: bz#1625089
Change-Id: Ie56df0da46c242846a1ba51ccb9e011af118b119
Signed-off-by: Amar Tumballi <amarts@redhat.com>
posix: remove not supported get/set content 2018-09-06T14:43:27+00:00 Amar Tumballi amarts@redhat.com 2018-07-24T11:44:31+00:00 045a2493704cd3000260a52fc67d06582b2566ef getting and setting a file's content using extended attribute worked great as a GET/PUT alternative when an object storage is supported on top of Gluster. But it needs application changes, and also, it skips some caching layers. It is not used over years, and not supported any more. Removing the dead code. Fixes: bz#1625102 Change-Id: Ide3b3f1f644f6ca58558bbe45561f346f96b95b7 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
getting and setting a file's content using extended
attribute worked great as a GET/PUT alternative when
an object storage is supported on top of Gluster. But
it needs application changes, and also, it skips some
caching layers.

It is not used over years, and not supported any more.
Removing the dead code.

Fixes: bz#1625102

Change-Id: Ide3b3f1f644f6ca58558bbe45561f346f96b95b7
Signed-off-by: Amar Tumballi <amarts@redhat.com>
storage/posix: Increment trusted.pgfid in posix_mknod 2018-08-29T03:41:38+00:00 N Balachandran nbalacha@redhat.com 2018-08-21T15:27:52+00:00 9c0e55e061dcba0fadd3a381c974f10bb7dc14fd The value of trusted.pgfid.xx was always set to 1 in posix_mknod. This is incorrect if posix_mknod calls posix_create_link_if_gfid_exists. Change-Id: Ibe87ca6f155846b9a7c7abbfb1eb8b6a99a5eb68 fixes: bz#1623317 Signed-off-by: N Balachandran <nbalacha@redhat.com> 
The value of trusted.pgfid.xx was always set to 1
in posix_mknod. This is incorrect if posix_mknod
calls posix_create_link_if_gfid_exists.

Change-Id: Ibe87ca6f155846b9a7c7abbfb1eb8b6a99a5eb68
fixes: bz#1623317
Signed-off-by: N Balachandran <nbalacha@redhat.com>
doc: Release notes for v4.1.3 2018-08-27T13:03:24+00:00 ShyamsundarR srangana@redhat.com 2018-08-27T13:02:28+00:00 7ddcf035b8aa34ccf25ae6a04143a54998673eac Change-Id: Ia944a2353f0a89b61f66bde7f270489dff3793b4 fixes: bz#1607945 Signed-off-by: ShyamsundarR <srangana@redhat.com> 
Change-Id: Ia944a2353f0a89b61f66bde7f270489dff3793b4
fixes: bz#1607945
Signed-off-by: ShyamsundarR <srangana@redhat.com>
gfapi : Handle the path == "" glfs_resolve_at 2018-08-22T01:05:53+00:00 Jiffin Tony Thottan jthottan@redhat.com 2018-07-31T09:22:51+00:00 95608a9d454fbc83f92aedac400b9580b95dbecc Currently there is no check for path = "" in glfs_resolve_at. So if application sends an empty path, then the function resolves into the parent inode which is incorrect. Plus modified possible of "path" with "origpath" in the same function. Change-Id: Ie5ff9ce4b771607b7dbb3fe00704fe670421792a fixes: bz#1618347 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> (cherry picked from commit febee007bb1a99d65300630c2a98cbb642b1c8dc) 
Currently there is no check for path = "" in glfs_resolve_at.
So if application sends an empty path, then the function resolves
into the parent inode which is incorrect. Plus modified possible
of "path" with "origpath" in the same function.

Change-Id: Ie5ff9ce4b771607b7dbb3fe00704fe670421792a
fixes: bz#1618347
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
(cherry picked from commit febee007bb1a99d65300630c2a98cbb642b1c8dc)