From: piaojun <piao...@huawei.com>

[ Upstream commit 16c8d569f5704a84164f30ff01b29879f3438065 ]

The race between *set_acl and *get_acl will cause getting incomplete
xattr data as below:

  processA                                    processB

  ocfs2_set_acl
    ocfs2_xattr_set
      __ocfs2_xattr_set_handle

                                              ocfs2_get_acl_nolock
                                                ocfs2_xattr_get_nolock:

processB may get incomplete xattr data if processA hasn't set_acl done.

So we should use 'ip_xattr_sem' to protect getting extended attribute in
ocfs2_get_acl_nolock(), as other processes could be changing it
concurrently.

Link: http://lkml.kernel.org/r/5a5ddcff.7030...@huawei.com
Signed-off-by: Jun Piao <piao...@huawei.com>
Reviewed-by: Alex Chen <alex.c...@huawei.com>
Cc: Mark Fasheh <mfas...@versity.com>
Cc: Joel Becker <jl...@evilplan.org>
Cc: Junxiao Bi <junxiao...@oracle.com>
Cc: Joseph Qi <jiangqi...@gmail.com>
Cc: Changwei Ge <ge.chang...@h3c.com>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
Signed-off-by: Linus Torvalds <torva...@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.le...@microsoft.com>
---
 fs/ocfs2/acl.c   | 6 ++++++
 fs/ocfs2/xattr.c | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/fs/ocfs2/acl.c b/fs/ocfs2/acl.c
index 164307b99405..1e0d8da0d3cd 100644
--- a/fs/ocfs2/acl.c
+++ b/fs/ocfs2/acl.c
@@ -314,7 +314,9 @@ struct posix_acl *ocfs2_iop_get_acl(struct inode *inode, 
int type)
                return ERR_PTR(ret);
        }
 
+       down_read(&OCFS2_I(inode)->ip_xattr_sem);
        acl = ocfs2_get_acl_nolock(inode, type, di_bh);
+       up_read(&OCFS2_I(inode)->ip_xattr_sem);
 
        ocfs2_inode_unlock(inode, 0);
        brelse(di_bh);
@@ -333,7 +335,9 @@ int ocfs2_acl_chmod(struct inode *inode, struct buffer_head 
*bh)
        if (!(osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL))
                return 0;
 
+       down_read(&OCFS2_I(inode)->ip_xattr_sem);
        acl = ocfs2_get_acl_nolock(inode, ACL_TYPE_ACCESS, bh);
+       up_read(&OCFS2_I(inode)->ip_xattr_sem);
        if (IS_ERR(acl) || !acl)
                return PTR_ERR(acl);
        ret = __posix_acl_chmod(&acl, GFP_KERNEL, inode->i_mode);
@@ -364,8 +368,10 @@ int ocfs2_init_acl(handle_t *handle,
 
        if (!S_ISLNK(inode->i_mode)) {
                if (osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL) {
+                       down_read(&OCFS2_I(dir)->ip_xattr_sem);
                        acl = ocfs2_get_acl_nolock(dir, ACL_TYPE_DEFAULT,
                                                   dir_bh);
+                       up_read(&OCFS2_I(dir)->ip_xattr_sem);
                        if (IS_ERR(acl))
                                return PTR_ERR(acl);
                }
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
index d2b7192c0937..7f78daf88f35 100644
--- a/fs/ocfs2/xattr.c
+++ b/fs/ocfs2/xattr.c
@@ -639,9 +639,11 @@ int ocfs2_calc_xattr_init(struct inode *dir,
                                                     si->value_len);
 
        if (osb->s_mount_opt & OCFS2_MOUNT_POSIX_ACL) {
+               down_read(&OCFS2_I(dir)->ip_xattr_sem);
                acl_len = ocfs2_xattr_get_nolock(dir, dir_bh,
                                        OCFS2_XATTR_INDEX_POSIX_ACL_DEFAULT,
                                        "", NULL, 0);
+               up_read(&OCFS2_I(dir)->ip_xattr_sem);
                if (acl_len > 0) {
                        a_size = ocfs2_xattr_entry_real_size(0, acl_len);
                        if (S_ISDIR(mode))
-- 
2.15.1

Reply via email to