diff options
author | Jeff Layton <jlayton@kernel.org> | 2021-04-01 13:55:11 -0400 |
---|---|---|
committer | Ilya Dryomov <idryomov@gmail.com> | 2021-04-27 23:52:23 +0200 |
commit | d4f6b31d721779d91b5e2f8072478af73b196c34 (patch) | |
tree | 9d33cb37f6afc7d1e1f2f3299aa03c591f37e26e /fs/ceph/export.c | |
parent | 2d6795fbb8c34ed5eb44db2a99960614424585f8 (diff) | |
download | lwn-d4f6b31d721779d91b5e2f8072478af73b196c34.tar.gz lwn-d4f6b31d721779d91b5e2f8072478af73b196c34.zip |
ceph: don't allow access to MDS-private inodes
The MDS reserves a set of inodes for its own usage, and these should
never be accessible to clients. Add a new helper to vet a proposed
inode number against that range, and complain loudly and refuse to
create or look it up if it's in it.
Also, ensure that the MDS doesn't try to delegate inodes that are in
that range or lower. Print a warning if it does, and don't save the
range in the xarray.
URL: https://tracker.ceph.com/issues/49922
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Xiubo Li <xiubli@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Diffstat (limited to 'fs/ceph/export.c')
-rw-r--r-- | fs/ceph/export.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/ceph/export.c b/fs/ceph/export.c index baa6368bece5..042bb4a02c0a 100644 --- a/fs/ceph/export.c +++ b/fs/ceph/export.c @@ -129,6 +129,10 @@ static struct inode *__lookup_inode(struct super_block *sb, u64 ino) vino.ino = ino; vino.snap = CEPH_NOSNAP; + + if (ceph_vino_is_reserved(vino)) + return ERR_PTR(-ESTALE); + inode = ceph_find_inode(sb, vino); if (!inode) { struct ceph_mds_request *req; @@ -214,6 +218,10 @@ static struct dentry *__snapfh_to_dentry(struct super_block *sb, vino.ino = sfh->ino; vino.snap = sfh->snapid; } + + if (ceph_vino_is_reserved(vino)) + return ERR_PTR(-ESTALE); + inode = ceph_find_inode(sb, vino); if (inode) return d_obtain_alias(inode); |