Project

General

Profile

Bug #23232

RGWCopyObj silently corrupts the object that was mulitpart-uploaded in SSE-C

Added by Jeegn Chen 11 months ago. Updated 10 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Target version:
-
Start date:
03/06/2018
Due date:
% Done:

0%

Source:
Tags:
Backport:
luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
rgw
Pull request ID:

Description

The issue was found in 12.2.2.

The step to reproduce the issue is that
  1. Create a bucket (Say A-bucket) and upload Object X through multipart upload in SSE-C.
  2. Create another bucket (Say B-Bucket) but B-Bucket and A-Bucket have different data pools
  3. Use s3cmd copy X in A-bucket to X_B in B-bucket
  4. Download X_B from B-bucket and notice that the data is corrupted
Per check through the code, the rationale is that
  • The encrypted data in X_B was in Multipart manner since it is copied from X
  • The mannifest in X_B has been changed to Atomic manner by the copy operation
  • The GET operation follow the X_B's manifest to to decrypt the data in atomic way while the data is in fact encrypted in multipart way

It seems that current implementation does not support this kind of copy operation.
Before we figure out a comprehensive implementation to make it fully functional (maybe the compression manner instead of relying on the volatile manifest is preferred?), I think we should reject the cross-pool copy operation for multipart SSE-C objects explicitly instead of failing silently. Any suggestion?


Related issues

Related to rgw - Bug #23264: Server side encryption support for s3 COPY operation New 03/07/2018
Copied to rgw - Backport #23346: luminous: RGWCopyObj silently corrupts the object that was mulitpart-uploaded in SSE-C Resolved

History

#1 Updated by Matt Benjamin 11 months ago

@jeegn chen, that seems potentially plausible, to me.

Matt

#3 Updated by Casey Bodley 11 months ago

  • Related to Bug #23264: Server side encryption support for s3 COPY operation added

#4 Updated by Yehuda Sadeh 11 months ago

  • Assignee set to Casey Bodley

#5 Updated by Yuri Weinstein 10 months ago

Jeegn Chen wrote:

PR: https://github.com/ceph/ceph/pull/20739

merged

#6 Updated by Casey Bodley 10 months ago

  • Status changed from New to Pending Backport
  • Backport set to luminous

#7 Updated by Nathan Cutler 10 months ago

  • Copied to Backport #23346: luminous: RGWCopyObj silently corrupts the object that was mulitpart-uploaded in SSE-C added

#8 Updated by Nathan Cutler 10 months ago

  • Status changed from Pending Backport to Resolved

Also available in: Atom PDF