This is the mail archive of the cluster-cvs@sourceware.org mailing list for the cluster.
Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]
cluster: RHEL5 - gfs2: randomize creation of temporary directoriesfor metafs mount more

From: Bob Peterson <rpeterso at fedoraproject dot org>
To: cluster-cvs-relay at redhat dot com
Date: Mon, 4 May 2009 19:31:02 +0000 (UTC)
Subject: cluster: RHEL5 - gfs2: randomize creation of temporary directoriesfor metafs mount more
Gitweb:        http://git.fedorahosted.org/git/cluster.git?p=cluster.git;a=commitdiff;h=1b7460050348c81c78c8ef46d33d17749f59b1bb
Commit:        1b7460050348c81c78c8ef46d33d17749f59b1bb
Parent:        1ea6d6c4680dfd0cdd43c4df8580d84789f75870
Author:        Bob Peterson <rpeterso@redhat.com>
AuthorDate:    Mon May 4 13:57:58 2009 -0500
Committer:     Bob Peterson <rpeterso@redhat.com>
CommitterDate: Mon May 4 13:57:58 2009 -0500

gfs2: randomize creation of temporary directories for metafs mount more

a07d8d56e945a265f3da2857ad1316f49c4ae157 didn't add enough security to
the whole random mount point.

This change:

- introduces a better randomness in mount_gfs2_meta by using mkdtemp
  (this is a required change for security reason).
- the use of mkdtemp makes the whole dir_exists code unrequired (hence
  removed by the patch).
- we force each tool to create its own meta mount. This fixes any
  possible race conditions between tools (and thanks to the use of mkdtemp
  that will guarantee the creation of a unique mount point). It also makes
  find_gfs2_meta function unrequired (hence removed by the patch).
- cleanup struct gfs2_sbd of unrequired fields.
- cleanup the cleanup_metafs code path.
- cleanup exit path from mount_gfs2_meta.
- simplify code around different tools by using mount_gfs2_meta only.
- turn lock_for_admin static.
---
 gfs2/libgfs2/libgfs2.h  |    4 --
 gfs2/libgfs2/misc.c     |  116 +++++++++++-----------------------------------
 gfs2/mkfs/main_grow.c   |    4 +-
 gfs2/mkfs/main_jadd.c   |    5 +--
 gfs2/quota/check.c      |    8 +---
 gfs2/quota/gfs2_quota.h |    2 -
 gfs2/quota/main.c       |   17 ++-----
 gfs2/tool/df.c          |    4 +-
 gfs2/tool/misc.c        |    4 +-
 9 files changed, 38 insertions(+), 126 deletions(-)

diff --git a/gfs2/libgfs2/libgfs2.h b/gfs2/libgfs2/libgfs2.h
index 57c8fd6..a458feb 100644
--- a/gfs2/libgfs2/libgfs2.h
+++ b/gfs2/libgfs2/libgfs2.h
@@ -257,7 +257,6 @@ struct gfs2_sbd {
 
 	unsigned int writes;
 	int metafs_fd;
-	int metafs_mounted; /* If metafs was already mounted */
 	char metafs_path[PATH_MAX]; /* where metafs is mounted */
 	struct special_blocks bad_blocks;
 	struct dup_blocks dup_blocks;
@@ -660,11 +659,8 @@ int gfs2_query(int *setonabort, struct gfs2_options *opts,
 uint32_t compute_heightsize(struct gfs2_sbd *sdp, uint64_t *heightsize,
 			    uint32_t bsize1, int diptrs, int inptrs);
 void compute_constants(struct gfs2_sbd *sdp);
-int find_gfs2_meta(struct gfs2_sbd *sdp);
-int dir_exists(const char *dir);
 void check_for_gfs2(struct gfs2_sbd *sdp);
 void mount_gfs2_meta(struct gfs2_sbd *sdp);
-void lock_for_admin(struct gfs2_sbd *sdp);
 void cleanup_metafs(struct gfs2_sbd *sdp);
 char *get_list(void);
 char **str2lines(char *str);
diff --git a/gfs2/libgfs2/misc.c b/gfs2/libgfs2/misc.c
index 7b6b1d1..60e807a 100644
--- a/gfs2/libgfs2/misc.c
+++ b/gfs2/libgfs2/misc.c
@@ -105,68 +105,6 @@ compute_constants(struct gfs2_sbd *sdp)
 						 sdp->sd_inptrs);
 }
 
-int 
-find_gfs2_meta(struct gfs2_sbd *sdp)
-{
-	FILE *fp = fopen("/proc/mounts", "r");
-	char name[] = "gfs2meta";
-	char buffer[PATH_MAX];
-	char fstype[80], mfsoptions[PATH_MAX];
-	char meta_device[PATH_MAX];
-	char meta_path[PATH_MAX];
-	int fsdump, fspass;
-
-	if (fp == NULL) {
-		perror("open: /proc/mounts");
-		exit(EXIT_FAILURE);
-	}
-	sdp->metafs_mounted = FALSE;
-	memset(sdp->metafs_path, 0, sizeof(sdp->metafs_path));
-	memset(meta_path, 0, sizeof(meta_path));
-	while ((fgets(buffer, PATH_MAX - 1, fp)) != NULL) {
-		buffer[PATH_MAX - 1] = '\0';
-		if (strstr(buffer, name) == 0)
-			continue;
-
-		if (sscanf(buffer, "%s %s %s %s %d %d", meta_device, 
-			   meta_path, fstype,mfsoptions, &fsdump, 
-			   &fspass) != 6)
-			continue;
-		
-		if (strcmp(meta_device, sdp->device_name) == 0 ||
-		    strcmp(meta_device, sdp->path_name) == 0) {
-			fclose(fp);
-			sdp->metafs_mounted = FALSE;
-			strcpy(sdp->metafs_path, meta_path);
-			return TRUE;
-		}
-	}
-	fclose(fp);
-	return FALSE;
-}
-
-int
-dir_exists(const char *dir)
-{
-	int fd, ret;
-	struct stat statbuf;
-	fd = open(dir, O_RDONLY);
-	if (fd<0) { 
-		if (errno == ENOENT)
-			return 0;
-		die("Couldn't open %s : %s\n", dir, strerror(errno));
-	}
-	ret = fstat(fd, &statbuf);
-	if (ret)
-		die("stat failed on %s : %s\n", dir, strerror(errno));
-	if (S_ISDIR(statbuf.st_mode)) {
-		close(fd);
-		return 1;
-	}
-	close(fd);
-	die("%s exists, but is not a directory. Cannot mount metafs here\n", dir);
-}
-
 void
 check_for_gfs2(struct gfs2_sbd *sdp)
 {
@@ -219,26 +157,7 @@ check_for_gfs2(struct gfs2_sbd *sdp)
 	die("gfs2 Filesystem %s is not mounted.\n", sdp->path_name);
 }
 
-void 
-mount_gfs2_meta(struct gfs2_sbd *sdp)
-{
-	int ret;
-	/* mount the meta fs */
-	strcpy(sdp->metafs_path, "/tmp/.gfs2meta");
-	if (!dir_exists(sdp->metafs_path)) {
-		ret = mkdir(sdp->metafs_path, 0700);
-		if (ret)
-			die("Couldn't create %s : %s\n", sdp->metafs_path,
-			    strerror(errno));
-	}
-		
-	ret = mount(sdp->path_name, sdp->metafs_path, "gfs2meta", 0, NULL);
-	if (ret)
-		die("Couldn't mount %s : %s\n", sdp->metafs_path,
-		    strerror(errno));
-}
-
-void
+static void
 lock_for_admin(struct gfs2_sbd *sdp)
 {
 	int error;
@@ -259,6 +178,27 @@ lock_for_admin(struct gfs2_sbd *sdp)
 }
 
 void
+mount_gfs2_meta(struct gfs2_sbd *sdp)
+{
+	int ret;
+
+	memset(sdp->metafs_path, 0, PATH_MAX);
+	snprintf(sdp->metafs_path, PATH_MAX - 1, "/tmp/.gfs2meta.XXXXXX");
+
+	if(!mkdtemp(sdp->metafs_path))
+		die("Couldn't create %s : %s\n", sdp->metafs_path,
+		    strerror(errno));
+
+	ret = mount(sdp->path_name, sdp->metafs_path, "gfs2meta", 0, NULL);
+	if (ret) {
+		rmdir(sdp->metafs_path);
+		die("Couldn't mount %s : %s\n", sdp->metafs_path,
+		    strerror(errno));
+	}
+	lock_for_admin(sdp);
+}
+
+void
 cleanup_metafs(struct gfs2_sbd *sdp)
 {
 	int ret;
@@ -268,12 +208,12 @@ cleanup_metafs(struct gfs2_sbd *sdp)
 
 	fsync(sdp->metafs_fd);
 	close(sdp->metafs_fd);
-	if (!sdp->metafs_mounted) { /* was mounted by us */
-		ret = umount(sdp->metafs_path);
-		if (ret)
-			fprintf(stderr, "Couldn't unmount %s : %s\n",
-				sdp->metafs_path, strerror(errno));
-	}
+	ret = umount(sdp->metafs_path);
+	if (ret)
+		fprintf(stderr, "Couldn't unmount %s : %s\n",
+			sdp->metafs_path, strerror(errno));
+	else
+		rmdir(sdp->metafs_path);
 }
 
 char *__get_sysfs(char *fsname, char *filename)
diff --git a/gfs2/mkfs/main_grow.c b/gfs2/mkfs/main_grow.c
index 39989e6..1fe9e63 100644
--- a/gfs2/mkfs/main_grow.c
+++ b/gfs2/mkfs/main_grow.c
@@ -294,9 +294,7 @@ main_grow(int argc, char *argv[])
 			die("gfs: Error reading superblock.\n");
 
 		fix_device_geometry(sdp);
-		if (!find_gfs2_meta(sdp))
-			mount_gfs2_meta(sdp);
-		lock_for_admin(sdp);
+		mount_gfs2_meta(sdp);
 
 		sprintf(rindex_name, "%s/rindex", sdp->metafs_path);
 		rindex_fd = open(rindex_name, (test ? O_RDONLY : O_RDWR));
diff --git a/gfs2/mkfs/main_jadd.c b/gfs2/mkfs/main_jadd.c
index 5066c4e..e2bea53 100644
--- a/gfs2/mkfs/main_jadd.c
+++ b/gfs2/mkfs/main_jadd.c
@@ -499,10 +499,7 @@ main_jadd(int argc, char *argv[])
 
 	gather_info(sdp);
 
-	find_gfs2_meta(sdp);
-	if (!sdp->metafs_mounted)
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	compute_constants(sdp);
 	find_current_journals(sdp);
diff --git a/gfs2/quota/check.c b/gfs2/quota/check.c
index 0fbced1..ae09cd0 100644
--- a/gfs2/quota/check.c
+++ b/gfs2/quota/check.c
@@ -194,9 +194,7 @@ read_quota_file(struct gfs2_sbd *sdp, commandline_t *comline,
 	strcpy(sdp->path_name, comline->filesystem);
 	check_for_gfs2(sdp);
 	read_superblock(&sdp->sd_sb, sdp);
-	if (!find_gfs2_meta(sdp))
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	strcpy(quota_file, sdp->metafs_path);
 	strcat(quota_file, "/quota");
@@ -468,9 +466,7 @@ set_list(struct gfs2_sbd *sdp, commandline_t *comline, int user,
 	strcpy(sdp->path_name, comline->filesystem);
 	check_for_gfs2(sdp);
 	read_superblock(&sdp->sd_sb, sdp);
-	if (!find_gfs2_meta(sdp))
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	strcpy(quota_file, sdp->metafs_path);
 	strcat(quota_file, "/quota");
diff --git a/gfs2/quota/gfs2_quota.h b/gfs2/quota/gfs2_quota.h
index fca7ce3..6c7c87f 100644
--- a/gfs2/quota/gfs2_quota.h
+++ b/gfs2/quota/gfs2_quota.h
@@ -79,8 +79,6 @@ extern char *prog_name;
 
 void do_get_super(int fd, struct gfs2_sb *sb);
 void do_sync(struct gfs2_sbd *sdp, commandline_t *comline);
-void lock_for_admin();
-void mount_gfs2_meta();
 void cleanup();
 void read_superblock(struct gfs2_sb *sb, struct gfs2_sbd *sdp);
 void get_last_quota_id(int fd, uint32_t *max_id);
diff --git a/gfs2/quota/main.c b/gfs2/quota/main.c
index 8c7335d..3b26a11 100644
--- a/gfs2/quota/main.c
+++ b/gfs2/quota/main.c
@@ -501,9 +501,7 @@ do_reset(struct gfs2_sbd *sdp, commandline_t *comline)
 	strcpy(sdp->path_name, comline->filesystem);
 	check_for_gfs2(sdp);
 	read_superblock(&sdp->sd_sb, sdp);
-	if (!find_gfs2_meta(sdp))
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	strcpy(quota_file, sdp->metafs_path);
 	strcat(quota_file, "/quota");
@@ -560,9 +558,7 @@ do_list(struct gfs2_sbd *sdp, commandline_t *comline)
 	strcpy(sdp->path_name, comline->filesystem);
 	check_for_gfs2(sdp);
 	read_superblock(&sdp->sd_sb, sdp);
-	if (!find_gfs2_meta(sdp))
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	strcpy(quota_file, sdp->metafs_path);
 	strcat(quota_file, "/quota");
@@ -649,9 +645,7 @@ do_get_one(struct gfs2_sbd *sdp, commandline_t *comline, char *filesystem)
 	strcpy(sdp->path_name, filesystem);
 	check_for_gfs2(sdp);
 	read_superblock(&sdp->sd_sb, sdp);
-	if (!find_gfs2_meta(sdp))
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	strcpy(quota_file, sdp->metafs_path);
 	strcat(quota_file, "/quota");
@@ -812,9 +806,7 @@ do_set(struct gfs2_sbd *sdp, commandline_t *comline)
 	strcpy(sdp->path_name, comline->filesystem);
 	check_for_gfs2(sdp);
 	read_superblock(&sdp->sd_sb, sdp);
-	if (!find_gfs2_meta(sdp))
-		mount_gfs2_meta(sdp);
-	lock_for_admin(sdp);
+	mount_gfs2_meta(sdp);
 	
 	strcpy(quota_file, sdp->metafs_path);
 	strcat(quota_file, "/quota");
@@ -972,7 +964,6 @@ main(int argc, char *argv[])
 	commandline_t comline;
 
 	prog_name = argv[0];
-	sdp->metafs_mounted = 0;
 
 	memset(sdp, 0, sizeof(struct gfs2_sbd));
 	memset(&comline, 0, sizeof(commandline_t));
diff --git a/gfs2/tool/df.c b/gfs2/tool/df.c
index 131e900..3dbfd46 100644
--- a/gfs2/tool/df.c
+++ b/gfs2/tool/df.c
@@ -162,9 +162,7 @@ do_df_one(char *path)
 		(get_sysfs_uint(fs, "args/localcaching")) ? "TRUE" : "FALSE");
 
 	/* Read the master statfs file */
-	if (!find_gfs2_meta(&sbd))
-		mount_gfs2_meta(&sbd);
-	lock_for_admin(&sbd);
+	mount_gfs2_meta(&sbd);
 
 	sprintf(statfs_fn, "%s/statfs", sbd.metafs_path);
 	statfs_fd = open(statfs_fn, O_RDONLY);
diff --git a/gfs2/tool/misc.c b/gfs2/tool/misc.c
index dec78d7..940c2b7 100644
--- a/gfs2/tool/misc.c
+++ b/gfs2/tool/misc.c
@@ -443,9 +443,7 @@ print_journals(int argc, char **argv)
 	if (sbd.device_fd < 0)
 		die("can't open device %s: %s\n",
 		    sbd.device_name, strerror(errno));
-	if (!find_gfs2_meta(&sbd))
-		mount_gfs2_meta(&sbd);
-	lock_for_admin(&sbd);
+	mount_gfs2_meta(&sbd);
 
 	sprintf(jindex_name, "%s/jindex", sbd.metafs_path);
 	jindex = opendir(jindex_name);
Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]