From 3d81f70f181793c6b1fd6b53523158fd663b8c74 Mon Sep 17 00:00:00 2001
From: Amar Tumballi <amarts@redhat.com>
Date: Wed, 5 Sep 2018 19:03:08 +0530
Subject: [PATCH 373/385] posix: disable open/read/write on special files
In the file system, the responsibility w.r.to the block and char device
files is related to only support for 'creating' them (using mknod(2)).
Once the device files are created, the read/write syscalls for the specific
devices are handled by the device driver registered for the specific major
number, and depending on the minor number, it knows where to read from.
Hence, we are at risk of reading contents from devices which are handled
by the host kernel on server nodes.
By disabling open/read/write on the device file, we would be safe with
the bypass one can achieve from client side (using gfapi)
Upstream Fix
Upstream Patch: https://review.gluster.org/#/c/glusterfs/+/21069/
> Change-Id: I48c776b0af1cbd2a5240862826d3d8918601e47f
> BUG: 1625648
BUG: 1622649
Change-Id: I1135e89270fac05ccfb8a3faa9fdffb58eb51b15
Signed-off-by: Amar Tumballi <amarts@redhat.com>
Reviewed-on: https://code.engineering.redhat.com/gerrit/149667
Tested-by: RHGS Build Bot <nigelb@redhat.com>
Reviewed-by: Sunil Kumar Heggodu Gopala Acharya <sheggodu@redhat.com>
---
xlators/storage/posix/src/posix.c | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c
index e0165f8..efbf804 100644
--- a/xlators/storage/posix/src/posix.c
+++ b/xlators/storage/posix/src/posix.c
@@ -3336,6 +3336,17 @@ posix_open (call_frame_t *frame, xlator_t *this,
priv = this->private;
VALIDATE_OR_GOTO (priv, out);
+ if (loc->inode &&
+ ((loc->inode->ia_type == IA_IFBLK) ||
+ (loc->inode->ia_type == IA_IFCHR))) {
+ gf_msg (this->name, GF_LOG_ERROR, EINVAL,
+ P_MSG_INVALID_ARGUMENT,
+ "open received on a block/char file (%s)",
+ uuid_utoa (loc->inode->gfid));
+ op_errno = EINVAL;
+ goto out;
+ }
+
if (flags & O_CREAT)
DISK_SPACE_CHECK_AND_GOTO (frame, priv, xdata, op_ret, op_errno, out);
@@ -3428,6 +3439,17 @@ posix_readv (call_frame_t *frame, xlator_t *this,
priv = this->private;
VALIDATE_OR_GOTO (priv, out);
+ if (fd->inode &&
+ ((fd->inode->ia_type == IA_IFBLK) ||
+ (fd->inode->ia_type == IA_IFCHR))) {
+ gf_msg (this->name, GF_LOG_ERROR, EINVAL,
+ P_MSG_INVALID_ARGUMENT,
+ "readv received on a block/char file (%s)",
+ uuid_utoa (fd->inode->gfid));
+ op_errno = EINVAL;
+ goto out;
+ }
+
ret = posix_fd_ctx_get (fd, this, &pfd, &op_errno);
if (ret < 0) {
gf_msg (this->name, GF_LOG_WARNING, op_errno, P_MSG_PFD_NULL,
@@ -3674,6 +3696,18 @@ posix_writev (call_frame_t *frame, xlator_t *this, fd_t *fd,
priv = this->private;
VALIDATE_OR_GOTO (priv, out);
+
+ if (fd->inode &&
+ ((fd->inode->ia_type == IA_IFBLK) ||
+ (fd->inode->ia_type == IA_IFCHR))) {
+ gf_msg (this->name, GF_LOG_ERROR, EINVAL,
+ P_MSG_INVALID_ARGUMENT,
+ "writev received on a block/char file (%s)",
+ uuid_utoa (fd->inode->gfid));
+ op_errno = EINVAL;
+ goto out;
+ }
+
DISK_SPACE_CHECK_AND_GOTO (frame, priv, xdata, op_ret, op_errno, out);
ret = posix_fd_ctx_get (fd, this, &pfd, &op_errno);
--
1.8.3.1