* [PATCH] ceph: don't rely on error_string to validate blocklisted session.
@ 2021-09-23 13:26 khiremat
2021-09-24 10:21 ` Jeff Layton
0 siblings, 1 reply; 2+ messages in thread
From: khiremat @ 2021-09-23 13:26 UTC (permalink / raw)
To: jlayton; +Cc: idryomov, pdonnell, vshankar, ceph-devel, Kotresh HR
From: Kotresh HR <khiremat@redhat.com>
The "error_string" in the metadata of MClientSession is being
parsed by kclient to validate whether the session is blocklisted.
The "error_string" is for humans and shouldn't be relied on it.
Hence added the flag to MClientsession to indicate the session
is blocklisted.
URL: https://tracker.ceph.com/issues/47450
Signed-off-by: Kotresh HR <khiremat@redhat.com>
---
fs/ceph/mds_client.c | 13 +++++++++++++
include/linux/ceph/ceph_fs.h | 2 ++
2 files changed, 15 insertions(+)
diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
index 44bc780b2b0e..f3c023c17963 100644
--- a/fs/ceph/mds_client.c
+++ b/fs/ceph/mds_client.c
@@ -3407,6 +3407,19 @@ static void handle_session(struct ceph_mds_session *session,
}
}
+ if (msg_version >= 5) {
+ u32 len;
+ u32 flags;
+ /* version >= 4, metric_spec (struct_v, struct_cv, len, metric_flag) */
+ ceph_decode_skip_n(&p, end, 2 + sizeof(u32) * 2, bad);
+ /* version >= 5, flags */
+ ceph_decode_32_safe(&p, end, flags, bad);
+ if (flags & CEPH_SESSION_BLOCKLISTED) {
+ pr_info("mds%d session blocklisted\n", session->s_mds);
+ blocklisted = true;
+ }
+ }
+
mutex_lock(&mdsc->mutex);
if (op == CEPH_SESSION_CLOSE) {
ceph_get_mds_session(session);
diff --git a/include/linux/ceph/ceph_fs.h b/include/linux/ceph/ceph_fs.h
index bc2699feddbe..7ad6c3d0db7d 100644
--- a/include/linux/ceph/ceph_fs.h
+++ b/include/linux/ceph/ceph_fs.h
@@ -302,6 +302,8 @@ enum {
CEPH_SESSION_REQUEST_FLUSH_MDLOG,
};
+#define CEPH_SESSION_BLOCKLISTED (1 << 0) /* session blocklisted */
+
extern const char *ceph_session_op_name(int op);
struct ceph_mds_session_head {
--
2.25.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] ceph: don't rely on error_string to validate blocklisted session.
2021-09-23 13:26 [PATCH] ceph: don't rely on error_string to validate blocklisted session khiremat
@ 2021-09-24 10:21 ` Jeff Layton
0 siblings, 0 replies; 2+ messages in thread
From: Jeff Layton @ 2021-09-24 10:21 UTC (permalink / raw)
To: khiremat; +Cc: idryomov, pdonnell, vshankar, ceph-devel
On Thu, 2021-09-23 at 18:56 +0530, khiremat@redhat.com wrote:
> From: Kotresh HR <khiremat@redhat.com>
>
> The "error_string" in the metadata of MClientSession is being
> parsed by kclient to validate whether the session is blocklisted.
> The "error_string" is for humans and shouldn't be relied on it.
> Hence added the flag to MClientsession to indicate the session
> is blocklisted.
>
> URL: https://tracker.ceph.com/issues/47450
> Signed-off-by: Kotresh HR <khiremat@redhat.com>
> ---
> fs/ceph/mds_client.c | 13 +++++++++++++
> include/linux/ceph/ceph_fs.h | 2 ++
> 2 files changed, 15 insertions(+)
>
> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> index 44bc780b2b0e..f3c023c17963 100644
> --- a/fs/ceph/mds_client.c
> +++ b/fs/ceph/mds_client.c
> @@ -3407,6 +3407,19 @@ static void handle_session(struct ceph_mds_session *session,
> }
> }
>
> + if (msg_version >= 5) {
> + u32 len;
> + u32 flags;
> + /* version >= 4, metric_spec (struct_v, struct_cv, len, metric_flag) */
> + ceph_decode_skip_n(&p, end, 2 + sizeof(u32) * 2, bad);
> + /* version >= 5, flags */
> + ceph_decode_32_safe(&p, end, flags, bad);
> + if (flags & CEPH_SESSION_BLOCKLISTED) {
> + pr_info("mds%d session blocklisted\n", session->s_mds);
Things are likely to not work well if this flag is set. Maybe this
should be a pr_warn?
> + blocklisted = true;
> + }
> + }
> +
> mutex_lock(&mdsc->mutex);
> if (op == CEPH_SESSION_CLOSE) {
> ceph_get_mds_session(session);
> diff --git a/include/linux/ceph/ceph_fs.h b/include/linux/ceph/ceph_fs.h
> index bc2699feddbe..7ad6c3d0db7d 100644
> --- a/include/linux/ceph/ceph_fs.h
> +++ b/include/linux/ceph/ceph_fs.h
> @@ -302,6 +302,8 @@ enum {
> CEPH_SESSION_REQUEST_FLUSH_MDLOG,
> };
>
> +#define CEPH_SESSION_BLOCKLISTED (1 << 0) /* session blocklisted */
> +
> extern const char *ceph_session_op_name(int op);
>
> struct ceph_mds_session_head {
This looks reasonable, but incomplete.
If the msg_version >= 5, then we probably also don't need to scan for
"blacklisted" in the strings, right? In fact, it looks like we can avoid
doing most of __decode_session_metadata in that case and can just skip
over the text blob section.
--
Jeff Layton <jlayton@kernel.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-09-24 10:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-23 13:26 [PATCH] ceph: don't rely on error_string to validate blocklisted session khiremat
2021-09-24 10:21 ` Jeff Layton
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).