From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001 From: takeshi_hoshina Date: Mon, 2 Nov 2020 11:07:33 +0900 Subject: basesystem-jj recipes --- ...re-all-caps-for-pre-octopus-tell-commands.patch | 100 +++++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch (limited to 'external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch') diff --git a/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch new file mode 100644 index 00000000..de191bf8 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/ceph/ceph/0001-mgr-require-all-caps-for-pre-octopus-tell-commands.patch @@ -0,0 +1,100 @@ +From de67c1dab5597c91538970421b25f6ec667af492 Mon Sep 17 00:00:00 2001 +From: Josh Durgin +Date: Mon, 4 May 2020 17:03:35 -0400 +Subject: [PATCH 1/3] mgr: require all caps for pre-octopus tell commands + +This matches the requirements for admin socket commands +sent via tell elsewhere. + +Signed-off-by: Josh Durgin + +Upstream-status: Backport +[https://github.com/ceph/ceph/commit/347003e13167c428187a5450517850f4d85e09ad] + +Signed-off-by: Liu Haitao +--- + src/mgr/DaemonServer.cc | 37 ++++++++++++++++++++++--------------- + 1 file changed, 22 insertions(+), 15 deletions(-) + +diff --git a/src/mgr/DaemonServer.cc b/src/mgr/DaemonServer.cc +index becd428a..527326e3 100644 +--- a/src/mgr/DaemonServer.cc ++++ b/src/mgr/DaemonServer.cc +@@ -808,20 +808,12 @@ public: + bool DaemonServer::handle_command(const ref_t& m) + { + std::lock_guard l(lock); +- // a blank fsid in MCommand signals a legacy client sending a "mon-mgr" CLI +- // command. +- if (m->fsid != uuid_d()) { +- cct->get_admin_socket()->queue_tell_command(m); ++ auto cmdctx = std::make_shared(m); ++ try { ++ return _handle_command(cmdctx); ++ } catch (const bad_cmd_get& e) { ++ cmdctx->reply(-EINVAL, e.what()); + return true; +- } else { +- // legacy client; send to CLI processing +- auto cmdctx = std::make_shared(m); +- try { +- return _handle_command(cmdctx); +- } catch (const bad_cmd_get& e) { +- cmdctx->reply(-EINVAL, e.what()); +- return true; +- } + } + } + +@@ -853,8 +845,12 @@ bool DaemonServer::_handle_command( + std::shared_ptr& cmdctx) + { + MessageRef m; ++ bool admin_socket_cmd = false; + if (cmdctx->m_tell) { + m = cmdctx->m_tell; ++ // a blank fsid in MCommand signals a legacy client sending a "mon-mgr" CLI ++ // command. ++ admin_socket_cmd = (cmdctx->m_tell->fsid != uuid_d()); + } else { + m = cmdctx->m_mgr; + } +@@ -888,7 +884,10 @@ bool DaemonServer::_handle_command( + + dout(10) << "decoded-size=" << cmdctx->cmdmap.size() << " prefix=" << prefix << dendl; + +- if (prefix == "get_command_descriptions") { ++ // this is just for mgr commands - admin socket commands will fall ++ // through and use the admin socket version of ++ // get_command_descriptions ++ if (prefix == "get_command_descriptions" && !admin_socket_cmd) { + dout(10) << "reading commands from python modules" << dendl; + const auto py_commands = py_modules.get_commands(); + +@@ -925,7 +924,10 @@ bool DaemonServer::_handle_command( + + bool is_allowed = false; + ModuleCommand py_command; +- if (!mgr_cmd) { ++ if (admin_socket_cmd) { ++ // admin socket commands require all capabilities ++ is_allowed = session->caps.is_allow_all(); ++ } else if (!mgr_cmd) { + // Resolve the command to the name of the module that will + // handle it (if the command exists) + auto py_commands = py_modules.get_py_commands(); +@@ -958,6 +960,11 @@ bool DaemonServer::_handle_command( + << "entity='" << session->entity_name << "' " + << "cmd=" << cmdctx->cmd << ": dispatch"; + ++ if (admin_socket_cmd) { ++ cct->get_admin_socket()->queue_tell_command(cmdctx->m_tell); ++ return true; ++ } ++ + // ---------------- + // service map commands + if (prefix == "service dump") { +-- +2.25.1 + -- cgit 1.2.3-korg