From e6a0157bd84d61fdb98a0be99fdc38c9d0213317 Mon Sep 17 00:00:00 2001 From: josh Date: Wed, 18 Apr 2007 18:08:06 +0000 Subject: [PATCH] FIX: fixed security bug and also a problem with resource policy ExtendViolationTime git-svn-id: svn://opensvn.adaptivecomputing.com/maui/trunk@86 3f5042e3-fb1d-0410-be18-d6ca2573e517 --- CHANGELOG | 4 ++++ include/moab.h | 3 ++- src/moab/MLimit.c | 17 +++++++++++++++-- src/moab/MPBSI.c | 34 ++++++++++++++++++++++++++-------- 4 files changed, 47 insertions(+), 11 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 6e99cc9..1aa682a 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,7 @@ +Maui 3.2.6p20 + - Fixed a potential security issue when Maui is used with some PBS configurations. + - Fixed a bug pertaining to Maui's resource policy ExtendedViolation time (thanks goes to Nick Sonneveld). + Maui 3.2.6p19 - Implemented fixes for a segfault, FSPOLICY loading, and workload traces submitted by Ake Sandgren diff --git a/include/moab.h b/include/moab.h index b72971a..c81d2ed 100644 --- a/include/moab.h +++ b/include/moab.h @@ -341,7 +341,8 @@ enum MHoldReasonEnum { mhrAPIFailure, mhrRMReject, mhrPolicyViolation, - mhrQOSAccess }; + mhrQOSAccess, + mhrCredAccess }; /* node states */ diff --git a/src/moab/MLimit.c b/src/moab/MLimit.c index c748b79..c7fe451 100644 --- a/src/moab/MLimit.c +++ b/src/moab/MLimit.c @@ -31,7 +31,8 @@ int MLimitEnforceAll( mjob_t *J; mreq_t *RQ; - int ResourceLimitsExceeded; /* boolean */ + mbool_t ResourceLimitsExceeded; + mbool_t JobExceedsLimits; int VRes = -1; int VLimit = -1; @@ -105,6 +106,7 @@ int MLimitEnforceAll( /* enforce CRes utilization limits */ ResourceLimitsExceeded = FALSE; + JobExceedsLimits = FALSE; RQ = J->Req[0]; /* FIXME */ @@ -121,6 +123,7 @@ int MLimitEnforceAll( VVal = RQ->URes.Procs; ResourceLimitsExceeded = TRUE; + JobExceedsLimits = TRUE; } else if ((P->ResourceLimitPolicy[mrMem] != mrlpNONE) && (RQ->DRes.Mem > 0) && @@ -136,6 +139,7 @@ int MLimitEnforceAll( VVal = RQ->URes.Mem; ResourceLimitsExceeded = TRUE; + JobExceedsLimits = TRUE; } else if ((P->ResourceLimitPolicy[mrSwap] != mrlpNONE) && (RQ->DRes.Swap > 0) && @@ -151,6 +155,7 @@ int MLimitEnforceAll( VVal = RQ->URes.Swap; ResourceLimitsExceeded = TRUE; + JobExceedsLimits = TRUE; } else if ((P->ResourceLimitPolicy[mrDisk] != mrlpNONE) && (RQ->DRes.Disk > 0) && @@ -166,6 +171,7 @@ int MLimitEnforceAll( VVal = RQ->URes.Disk; ResourceLimitsExceeded = TRUE; + JobExceedsLimits = TRUE; } if (ResourceLimitsExceeded == FALSE) @@ -175,7 +181,7 @@ int MLimitEnforceAll( /* job is using more resources than requested */ - J->RULVTime += MSched.Iteration; + J->RULVTime += (mulong)((MSched.Interval + 50) / 100); switch (P->ResourceLimitPolicy[VRes]) { @@ -274,6 +280,13 @@ int MLimitEnforceAll( DBG(1,fSCHED) DPrint("ALERT: limit violation action %s %s\n", MPolicyAction[P->ResourceLimitViolationAction[VRes]], (rc == SUCCESS) ? "succeeded" : "failed"); + + if (JobExceedsLimits == FALSE) + { + /* clear job violation time */ + + J->RULVTime = 0; + } } /* END for (jindex) */ return(SUCCESS); diff --git a/src/moab/MPBSI.c b/src/moab/MPBSI.c index 497e501..a961746 100644 --- a/src/moab/MPBSI.c +++ b/src/moab/MPBSI.c @@ -5430,15 +5430,33 @@ int MPBSJobSetAttr( return(FAILURE); } - if (MUserAdd(ptr,&J->Cred.U) == FAILURE) + if ((J->Cred.U == NULL) || !strcmp(AP->name,ATTR_owner)) { - DBG(1,fPBS) DPrint("ERROR: cannot add user for job %s (Name: %s)\n", - J->Name, - ptr); - - MJobRemove(J); - - return(FAILURE); + if (MUserAdd(ptr,&J->Cred.U) == FAILURE) + { + DBG(1,fPBS) DPrint("ERROR: cannot add user for job %s (Name: %s)\n", + J->Name, + ptr); + + MJobRemove(J); + + return(FAILURE); + } + } + + if ((J->Cred.U != NULL) && (!strcmp(AP->name,ATTR_euser))) + { + if (strcmp(J->Cred.U->Name,ptr)) + { + /* effective user requested which does not match job owner */ + + MJobSetHold( + J, + (1 << mhBatch), + 0, + mhrCredAccess, + "job not authorized to use proxy credentials"); + } } } else if (!strcmp(AP->name,ATTR_egroup))