From 3d81f70f181793c6b1fd6b53523158fd663b8c74 Mon Sep 17 00:00:00 2001

From: Amar Tumballi <amarts@redhat.com>

Date: Wed, 5 Sep 2018 19:03:08 +0530

Subject: [PATCH 373/385] posix: disable open/read/write on special files

In the file system, the responsibility w.r.to the block and char device

files is related to only support for 'creating' them (using mknod(2)).

Once the device files are created, the read/write syscalls for the specific

devices are handled by the device driver registered for the specific major

number, and depending on the minor number, it knows where to read from.

Hence, we are at risk of reading contents from devices which are handled

by the host kernel on server nodes.

By disabling open/read/write on the device file, we would be safe with

the bypass one can achieve from client side (using gfapi)

Upstream Fix

Upstream Patch: https://review.gluster.org/#/c/glusterfs/+/21069/

> Change-Id: I48c776b0af1cbd2a5240862826d3d8918601e47f

> BUG: 1625648

BUG: 1622649

Change-Id: I1135e89270fac05ccfb8a3faa9fdffb58eb51b15

Signed-off-by: Amar Tumballi <amarts@redhat.com>

Reviewed-on: https://code.engineering.redhat.com/gerrit/149667

Tested-by: RHGS Build Bot <nigelb@redhat.com>

Reviewed-by: Sunil Kumar Heggodu Gopala Acharya <sheggodu@redhat.com>

---

 xlators/storage/posix/src/posix.c | 34 ++++++++++++++++++++++++++++++++++

 1 file changed, 34 insertions(+)

diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c

index e0165f8..efbf804 100644

--- a/xlators/storage/posix/src/posix.c

+++ b/xlators/storage/posix/src/posix.c

@@ -3336,6 +3336,17 @@ posix_open (call_frame_t *frame, xlator_t *this,

         priv = this->private;

         VALIDATE_OR_GOTO (priv, out);

+        if (loc->inode &&

+            ((loc->inode->ia_type == IA_IFBLK) ||

+             (loc->inode->ia_type == IA_IFCHR))) {

+                gf_msg (this->name, GF_LOG_ERROR, EINVAL,

+                        P_MSG_INVALID_ARGUMENT,

+                        "open received on a block/char file (%s)",

+                        uuid_utoa (loc->inode->gfid));

+                op_errno = EINVAL;

+                goto out;

+        }

+

         if (flags & O_CREAT)

                 DISK_SPACE_CHECK_AND_GOTO (frame, priv, xdata, op_ret, op_errno, out);

@@ -3428,6 +3439,17 @@ posix_readv (call_frame_t *frame, xlator_t *this,

         priv = this->private;

         VALIDATE_OR_GOTO (priv, out);

+        if (fd->inode &&

+            ((fd->inode->ia_type == IA_IFBLK) ||

+             (fd->inode->ia_type == IA_IFCHR))) {

+                gf_msg (this->name, GF_LOG_ERROR, EINVAL,

+                        P_MSG_INVALID_ARGUMENT,

+                        "readv received on a block/char file (%s)",

+                        uuid_utoa (fd->inode->gfid));

+                op_errno = EINVAL;

+                goto out;

+        }

+

         ret = posix_fd_ctx_get (fd, this, &pfd, &op_errno);

         if (ret < 0) {

                 gf_msg (this->name, GF_LOG_WARNING, op_errno, P_MSG_PFD_NULL,

@@ -3674,6 +3696,18 @@ posix_writev (call_frame_t *frame, xlator_t *this, fd_t *fd,

         priv = this->private;

         VALIDATE_OR_GOTO (priv, out);

+

+        if (fd->inode &&

+            ((fd->inode->ia_type == IA_IFBLK) ||

+             (fd->inode->ia_type == IA_IFCHR))) {

+                gf_msg (this->name, GF_LOG_ERROR, EINVAL,

+                        P_MSG_INVALID_ARGUMENT,

+                        "writev received on a block/char file (%s)",

+                        uuid_utoa (fd->inode->gfid));

+                op_errno = EINVAL;

+                goto out;

+        }

+

         DISK_SPACE_CHECK_AND_GOTO (frame, priv, xdata, op_ret, op_errno, out);

         ret = posix_fd_ctx_get (fd, this, &pfd, &op_errno);

-- 

1.8.3.1