2130901 – Do not abort MDS on unknown messages

Bug 2130901 - Do not abort MDS on unknown messages

Summary: Do not abort MDS on unknown messages

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	CephFS
Sub Component:
Version:	5.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Target Release:	5.3z1
Assignee:	Dhairya Parmar
QA Contact:	julpark
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2130984
TreeView+	depends on / blocked

Reported:	2022-09-29 11:39 UTC by Dhairya Parmar
Modified:	2023-02-28 10:06 UTC (History)
CC List:	5 users (show)
Fixed In Version:	ceph-16.2.10-108.el8cp
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	2130984 (view as bug list)
Environment:
Last Closed:	2023-02-28 10:06:16 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHCEPH-5385	0	None	None	None	2022-09-29 11:41:29 UTC
Red Hat Product Errata	RHSA-2023:0980	0	None	None	None	2023-02-28 10:06:51 UTC

Description Dhairya Parmar 2022-09-29 11:39:13 UTC

Description of problem:
Right now, in Server::dispatch(), we abort the MDS if we get a message type we don't understand.

This is horrible: it means that any malicious client can crash the server by just sending a message of a new type to the server! That's a trivial denial of service.
Besides malicious clients, it also means that when there's a protocol issue such as a new client erroneously sending new messages to the server, it crashes the whole system instead of just the new client.

Need to make sure MDS closes the session and blocklists the client on receiving unknown messages.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 12 errata-xmlrpc 2023-02-28 10:06:16 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Ceph Storage 5.3 Bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:0980

Note You need to log in before you can comment on or make changes to this bug.