RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2024-12-17 00:46:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
2cc76bcd12
ceph/src
History
Josh Durgin 2cc76bcd12 auth: add rwlock to AuthClientHandler to prevent races 
For cephx, build_authorizer reads a bunch of state (especially the
current session_key) which can be updated by the MonClient. With no
locks held, Pipe::connect() calls SimpleMessenger::get_authorizer()
which ends up calling RadosClient::get_authorizer() and then
AuthClientHandler::bulid_authorizer(). This unsafe usage can lead to
crashes like:

Program terminated with signal 11, Segmentation fault.
0x00007fa0d2ddb7cb in ceph::buffer::ptr::release (this=0x7f987a5e3070) at common/buffer.cc:370
370 common/buffer.cc: No such file or directory.
in common/buffer.cc
(gdb) bt
0x00007fa0d2ddb7cb in ceph::buffer::ptr::release (this=0x7f987a5e3070) at common/buffer.cc:370
0x00007fa0d2ddec00 in ~ptr (this=0x7f989c03b830) at ./include/buffer.h:171
ceph::buffer::list::rebuild (this=0x7f989c03b830) at common/buffer.cc:817
0x00007fa0d2ddecb9 in ceph::buffer::list::c_str (this=0x7f989c03b830) at common/buffer.cc:1045
0x00007fa0d2ea4dc2 in Pipe::connect (this=0x7fa0c4307340) at msg/Pipe.cc:907
0x00007fa0d2ea7d73 in Pipe::writer (this=0x7fa0c4307340) at msg/Pipe.cc:1518
0x00007fa0d2eb44dd in Pipe::Writer::entry (this=<value optimized out>) at msg/Pipe.h:59
0x00007fa0e0f5f9d1 in start_thread (arg=0x7f987a5e4700) at pthread_create.c:301
0x00007fa0de560b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

and

Error in `qemu-system-x86_64': invalid fastbin entry (free): 0x00007ff12887ff20
*** ======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x80a46)[0x7ff3dea1fa46]
/usr/lib/librados.so.2(+0x29eb03)[0x7ff3e3d43b03]
/usr/lib/librados.so.2(_ZNK9CryptoKey7encryptEP11CephContextRKN4ceph6buffer4listERS4_RSs+0x71)[0x7ff3e3d42661]
/usr/lib/librados.so.2(_Z21encode_encrypt_enc_blIN4ceph6buffer4listEEvP11CephContextRKT_RK9CryptoKeyRS2_RSs+0xfe)[0x7ff3e3d417de]
/usr/lib/librados.so.2(_Z14encode_encryptIN4ceph6buffer4listEEiP11CephContextRKT_RK9CryptoKeyRS2_RSs+0xa2)[0x7ff3e3d41912]
/usr/lib/librados.so.2(_ZN19CephxSessionHandler12sign_messageEP7Message+0x242)[0x7ff3e3d40de2]
/usr/lib/librados.so.2(_ZN4Pipe6writerEv+0x92b)[0x7ff3e3e61b2b]
/usr/lib/librados.so.2(_ZN4Pipe6Writer5entryEv+0xd)[0x7ff3e3e6c7fd]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x7f8e)[0x7ff3ded6ff8e]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7ff3dea99a0d]

Fix this by adding an rwlock to AuthClientHandler. A simpler fix would
be to move RadosClient::get_authorizer() into the MonClient() under
the MonClient lock, but this would not catch all uses of other
Authorizer, e.g. for verify_authorizer() and it would serialize
independent connection attempts.

This mainly matters for cephx, but none and unknown can have the
global_id reset as well.

Partially-fixes: #6480
Backport: dumpling, emperor
Signed-off-by: Josh Durgin <josh.durgin@inktank.com>
2014-04-09 14:29:23 -07:00
..
arch arch: add SSE3, SSSE3, SSSE41 and PCLMUL intel features 2014-03-27 14:27:23 +01:00
auth auth: add rwlock to AuthClientHandler to prevent races 2014-04-09 14:29:23 -07:00
bash_completion
brag Merge branch 'master' of https://github.com/enovance/ceph-brag into firefly 2014-03-10 06:12:58 +00:00
civetweb@041bebf7a3
client client: release clean pages if no open file want RDCACHE 2014-04-05 10:35:22 +08:00
cls rgw: add data_extra pool to bucket 2014-03-24 14:58:05 -07:00
common msgr: add ms_dump_on_send option 2014-04-06 13:19:11 -07:00
crush mon/OSDMonitor: disallow crush buckets of type 0 2014-03-05 13:15:58 -08:00
doc
erasure-code erasure-code: thread-safe initialization of gf-complete 2014-04-08 09:47:33 +02:00
global lockdep: do not initialize if already started 2014-04-02 16:46:30 -07:00
gtest
include include/memory: add static_pointer_cast 2014-04-04 10:38:52 -07:00
java java/test: ceph.file.layout xattr is still not there now 2014-03-31 14:05:37 -07:00
jobs
json_spirit
key_value_store
librados librados: Add missing C variants for alignment 2014-04-01 11:53:50 -07:00
librbd librbd: skip zeroes when copying an image 2014-03-31 15:04:28 -07:00
libs3@9dc3a9c683
log
mds mds: fix shared_ptr MDRequest bugs 2014-04-08 16:29:43 +08:00
messages mds: fix uninit val in MMDSSlaveRequest 2014-04-07 08:22:32 -07:00
mon mon: MonCommands: have all 'auth' commands require 'execute' caps 2014-04-07 18:17:54 +01:00
mount
msg pipe: only read AuthSessionHandler under pipe_lock 2014-04-08 15:40:28 -07:00
objclass
objsync
ocf
os os/FileStore: reset journal state on umount 2014-04-08 11:02:40 -07:00
osd osd_types: fix pg_stat_t::encode, object_stat_sum_t::decode version 2014-04-07 17:04:15 -07:00
osdc ObjectCacher: assert no waiter when remove buffer head 2014-04-05 00:49:37 +08:00
perfglue
pybind Merge pull request #1312 from cernceph/master 2014-03-19 11:00:58 -07:00
rbd_fuse rbd-fuse: fix signed/unsigned warning 2014-03-13 11:24:48 -07:00
rgw rgw: only look at next placement rule if we're not at the last rule 2014-04-03 15:15:41 -07:00
script
test ceph_test_rados_api_misc: print osd_max_attr_size 2014-04-07 16:31:16 -07:00
tools ceph-conf: use global_pre_init to avoid starting logging 2014-03-29 22:00:47 -07:00
upstart rbdmap: bugfix upstart script 2014-03-10 08:54:37 -07:00
.gitignore tools: Create ceph-client-debug 2014-03-13 18:33:01 +00:00
btrfs_ioc_test.c
ceph_common.sh
ceph_fuse.cc
ceph_mds.cc
ceph_mon.cc ceph-mon: be a bit more verbose on error 2014-03-14 11:00:36 -07:00
ceph_osd.cc
ceph_syn.cc
ceph_ver.c
ceph-clsinfo
ceph-coverage.in
ceph-create-keys
ceph-crush-location.in
ceph-debugpack.in
ceph-disk
ceph-disk-activate
ceph-disk-prepare
ceph-disk-udev
ceph-post-file.in ceph-post-file: use getopt for multiple options, add longopts to help 2014-04-04 15:26:42 -07:00
ceph-rbdnamer
ceph-rest-api
ceph-run
ceph.conf.twoosds
ceph.in ceph.in: do not allow using 'tell' with interactive mode 2014-03-17 14:44:50 +00:00
cephfs.cc
check_version
cls_acl.cc
cls_crypto.cc
cmonctl
fetch_config
init-ceph.in init: fix OSD startup issue 2014-03-29 12:06:37 +11:00
init-radosgw minor init.d scripts lintianisation: 2014-03-25 22:10:48 +11:00
init-radosgw.sysv
init-rbdmap init.d: correcting rbdmap init order: 2014-04-03 01:25:28 +11:00
libcephfs.cc libcephfs: add ceph_ll_lookup_inode 2014-03-13 18:33:01 +00:00
librados-config.cc
loadclass.sh
logrotate.conf logrotate improvement: do not rotate empty logs 2014-03-27 12:12:19 +11:00
make_version Add NO_VERSION to avoid rebuilding ceph_ver.h and relinking 2014-03-18 19:05:19 -07:00
Makefile-env.am Makefiles: remove libkeyutils from every binary except two 2014-03-18 19:04:41 -07:00
Makefile.am Merge pull request #1499 from ceph/wip-no-version 2014-03-18 21:03:01 -07:00
mkcephfs.in
mount.fuse.ceph
multi-dump.sh
ps-ceph.pl
push_to_qemu.pl
rbd.cc rbd.cc: tolerate lack of NUL-termination on block_name_prefix 2014-03-28 17:56:35 -07:00
rbdmap
README
sample.ceph.conf
stop.sh stop.sh: unmap rbd images when stopping the whole cluster 2014-04-03 18:14:57 +04:00
TODO
unittest_bufferlist.sh
valgrind.supp
verify-mds-journal.sh
vstart.sh vstart.sh: make crush location match up with what init-ceph does 2014-04-08 11:02:40 -07:00
yasm-wrapper

README 

Sage Weil <sage@newdream.net>
Ceph - scalable distributed storage system