New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
quincy: mds: prevent clients from exceeding the xattrs key/value limits #50981
base: quincy
Are you sure you want to change the base?
Conversation
jenkins test make check |
jenkins test api |
jenkins retest this please |
@rishabh-d-dave Could you investigate the sphinx failure? |
There's not enough to understand what part of patch caused this failure. Here's the failure messge -
|
I think sphinx is trying to auto-generate an rst based on mon command source. |
jenkins test make check |
jenkins test api |
jenkins test api |
jenkins test api |
e085ba1
to
8fb4119
Compare
@rishabh-d-dave Have you inspected the conflict resolution in the commits which might be the reason for the sphinx failures and other failures too? |
jenkins retest this please |
@mchangir Since Yuri removed the testing tag the QA run must've failed. Can you please post about the failure on this PR, so that I can try to fix it? Thanks! |
jenkins retest this please |
ping |
I think this was one of the PRs in the set of PRs being tested where there were 72 failed jobs. I don't have the link to the QA run any more. |
jenkins test make check |
https://jenkins.ceph.com/job/ceph-pull-requests/118142/
|
So, this backport is causing some jenkins test failure? What's needed to fix those? |
jenkins retest this |
jenkins retest this please |
@rishabh-d-dave ping? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
src/mon/MonCommands.h
Outdated
@@ -378,6 +378,7 @@ COMMAND("fs set " | |||
"|allow_new_snaps|inline_data|cluster_down|allow_dirfrags|balancer" | |||
"|standby_count_wanted|session_timeout|session_autoclose" | |||
"|allow_standby_replay|down|joinable|min_compat_client " | |||
"|refuse_client_session|max_xattr_size " |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
refuse_client_session
is wrong here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rishabh-d-dave pinging on this now that #50981 (comment) is resolved.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this has been taken care @rishabh-d-dave ?
Good to mark the comment as resolved?
@rishabh-d-dave ping? |
jenkins retest this please |
8fb4119
to
7ce300b
Compare
This new configuration option will allow to define the maximum size for a filesystem xattrs blob. This is a filesystem-wide knob that will replace the per-MDS mds_max_xattr_pairs_size option. Note: The kernel client patch to handle this new configuration was merged before the corresponding ceph-side pull-request. This was unfortunate because in the meantime PR ceph#43284 was merged and the encoding/decoding of 'bal_rank_mask' got in between. Hence the 'max_xattr_size' is being encoding/decoded before 'bal_rank_mask'. URL: https://tracker.ceph.com/issues/55725 Signed-off-by: Luís Henriques <lhenriques@suse.de> (cherry picked from commit 7b8def5) src/mds/MDSMap.cc - The change has been backported as it is but the lines surrounding the change are different in Quincy compared to main branch. src/mon/MonCommands.h - The change has been backported as it is but the lines surrounding the change are different in Quincy compared to main branch.
Commit eb915d0 ("cephfs: fix write_buf's _len overflow problem") added a limit to the total size of xattrs. This limit is respected by clients doing a "sync" operation, i.e. MDS_OP_SETXATTR. However, clients with CAP_XATTR_EXCL can still buffer these operations and ignore these limits. This patch prevents clients from crashing the MDSs by also imposing the xattr limits even when they have the Xx caps. Replaces the per-MDS knob "max_xattr_pairs_size" by the new mdsmap setting that the clients can access. Unfortunately, clients that misbehave, i.e. old clients that don't respect this xattrs limit and buffer their xattrs, will see them vanishing. URL: https://tracker.ceph.com/issues/55725 Signed-off-by: Luís Henriques <lhenriques@suse.de> (cherry picked from commit 13e07ff)
When doing a sync setxattr (MDS_OP_SETXATTR) to set the first xattr in an inode it is possible for the client to set a huge xattr key/value that would exceed the limit. Prevent this from from happening by checking the size against the maximum allowed size. URL: https://tracker.ceph.com/issues/55725 Signed-off-by: Luís Henriques <lhenriques@suse.de> (cherry picked from commit ca1a397)
…p schema Let the mdsmap schema know about the new field 'max_xattr_size'. This prevents the following error: tasks.mgr.dashboard.helper._ValError: \ In `input['fs_map']['filesystems'][0]['mdsmap']`: unknown keys: {'max_xattr_size'} URL: https://tracker.ceph.com/issues/55725 Signed-off-by: Luís Henriques <lhenriques@suse.de> (cherry picked from commit bf7ddd8)
7ce300b
to
dd3fa52
Compare
…ield Signed-off-by: Luís Henriques <lhenriques@suse.de> (cherry picked from commit b70c752)
dd3fa52
to
d76ce08
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
DNM #53340 (comment)
backport tracker: https://tracker.ceph.com/issues/59037
backport of #46357
parent tracker: https://tracker.ceph.com/issues/55725
this backport was staged using ceph-backport.sh version 16.0.0.6848
find the latest version at https://github.com/ceph/ceph/blob/master/src/script/ceph-backport.sh