1 files changed, 0 insertions, 70 deletions
diff --git a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch b/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
deleted file mode 100644
index 0e24c56..0000000
--- a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From d1936056d77abcfda14386235a88ed553341a429 Mon Sep 17 00:00:00 2001
-From: Mohammed Rafi KC <rkavunga@redhat.com>
-Date: Mon, 26 Mar 2018 20:27:34 +0530
-Subject: [PATCH 1/3] shared storage: Prevent mounting shared storage from
- non-trusted client
-gluster shared storage is a volume used for internal storage for
-various features including ganesha, geo-rep, snapshot.
-So this volume should not be exposed to the client, as it is
-a special volume for internal use.
-This fix wont't generate non trusted volfile for shared storage volume.
-Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c
-fixes: bz#1568844
-BUG: 1568844
-Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
-Upstream-Status: Backport
-Fix CVE-2018-1088
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
- xlators/mgmt/glusterd/src/glusterd-volgen.c | 21 +++++++++++++++++++++
- 1 file changed, 21 insertions(+)
-diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
-index 0a0668e..308c41f 100644
--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
-+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
-@@ -5721,6 +5721,7 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
-         int                i                  = 0;
-         int                ret                = -1;
-         char               filepath[PATH_MAX] = {0,};
-+        char               *volname           = NULL;
-         char               *types[]           = {NULL, NULL, NULL};
-         dict_t             *dict              = NULL;
-         xlator_t           *this              = NULL;
-@@ -5728,6 +5729,26 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
- 
-         this = THIS;
- 
-+        volname = volinfo->is_snap_volume ?
-+                  volinfo->parent_volname : volinfo->volname;
-+
-+
-+        if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE) &&
-+             client_type != GF_CLIENT_TRUSTED) {
-+                /*
-+                 * shared storage volume cannot be mounted from non trusted
-+                 * nodes. So we are not creating volfiles for non-trusted
-+                 * clients for shared volumes as well as snapshot of shared
-+                 * volumes.
-+                 */
-+
-+                ret = 0;
-+                gf_msg_debug ("glusterd", 0, "Skipping the non-trusted volfile"
-+                               "creation for shared storage volume. Volume %s",
-+                               volname);
-+                goto out;
-+        }
-+
-         enumerate_transport_reqs (volinfo->transport_type, types);
-         dict = dict_new ();
-         if (!dict)
-- 
-2.7.4

diff --git a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch b/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch deleted file mode 100644 index 0e24c56..0000000 --- a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch +++ /dev/null
@@ -1,70 +0,0 @@
1	From d1936056d77abcfda14386235a88ed553341a429 Mon Sep 17 00:00:00 2001
2	From: Mohammed Rafi KC <rkavunga@redhat.com>
3	Date: Mon, 26 Mar 2018 20:27:34 +0530
4	Subject: [PATCH 1/3] shared storage: Prevent mounting shared storage from
5	non-trusted client
6
7	gluster shared storage is a volume used for internal storage for
8	various features including ganesha, geo-rep, snapshot.
9
10	So this volume should not be exposed to the client, as it is
11	a special volume for internal use.
12
13	This fix wont't generate non trusted volfile for shared storage volume.
14
15	Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c
16	fixes: bz#1568844
17	BUG: 1568844
18	Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
19
20	Upstream-Status: Backport
21	Fix CVE-2018-1088
22
23	Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
24
25	---
26	xlators/mgmt/glusterd/src/glusterd-volgen.c \| 21 +++++++++++++++++++++
27	1 file changed, 21 insertions(+)
28
29	diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
30	index 0a0668e..308c41f 100644
31	--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
32	+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
33	@@ -5721,6 +5721,7 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
34	int i = 0;
35	int ret = -1;
36	char filepath[PATH_MAX] = {0,};
37	+ char *volname = NULL;
38	char *types[] = {NULL, NULL, NULL};
39	dict_t *dict = NULL;
40	xlator_t *this = NULL;
41	@@ -5728,6 +5729,26 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
42
43	this = THIS;
44
45	+ volname = volinfo->is_snap_volume ?
46	+ volinfo->parent_volname : volinfo->volname;
47	+
48	+
49	+ if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE) &&
50	+ client_type != GF_CLIENT_TRUSTED) {
51	+ /*
52	+ * shared storage volume cannot be mounted from non trusted
53	+ * nodes. So we are not creating volfiles for non-trusted
54	+ * clients for shared volumes as well as snapshot of shared
55	+ * volumes.
56	+ */
57	+
58	+ ret = 0;
59	+ gf_msg_debug ("glusterd", 0, "Skipping the non-trusted volfile"
60	+ "creation for shared storage volume. Volume %s",
61	+ volname);
62	+ goto out;
63	+ }
64	+
65	enumerate_transport_reqs (volinfo->transport_type, types);
66	dict = dict_new ();
67	if (!dict)
68	--
69	2.7.4
70