Bug 2130901

Summary: Do not abort MDS on unknown messages
Product: [Red Hat Storage] Red Hat Ceph Storage Reporter: Dhairya Parmar <dparmar>
Component: CephFSAssignee: Dhairya Parmar <dparmar>
Status: CLOSED ERRATA QA Contact: julpark
Severity: urgent Docs Contact:
Priority: urgent    
Version: 5.2CC: ceph-eng-bugs, cephqe-warriors, hyelloji, tserlin, vshankar
Target Milestone: ---   
Target Release: 5.3z1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ceph-16.2.10-108.el8cp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 2130984 (view as bug list) Environment:
Last Closed: 2023-02-28 10:06:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2130984    

Description Dhairya Parmar 2022-09-29 11:39:13 UTC 
Description of problem:
Right now, in Server::dispatch(), we abort the MDS if we get a message type we don't understand.

This is horrible: it means that any malicious client can crash the server by just sending a message of a new type to the server! That's a trivial denial of service.
Besides malicious clients, it also means that when there's a protocol issue such as a new client erroneously sending new messages to the server, it crashes the whole system instead of just the new client.

Need to make sure MDS closes the session and blocklists the client on receiving unknown messages.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 12 errata-xmlrpc 2023-02-28 10:06:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Ceph Storage 5.3 Bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:0980