From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-fsdevel-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:41614 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1750762AbcGGOMF (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Thu, 7 Jul 2016 10:12:05 -0400
From: David Howells <dhowells@redhat.com>
In-Reply-To: <1467762904-4241-1-git-send-email-jlayton@redhat.com>
References: <1467762904-4241-1-git-send-email-jlayton@redhat.com>
To: Jeff Layton <jlayton@redhat.com>
Cc: dhowells@redhat.com, Al Viro <viro@zeniv.linux.org.uk>,
	Andreas Gruenbacher <agruenba@redhat.com>,
	linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] posix_acl: de-union a_refcount and a_rcu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <1425.1467900668.1@warthog.procyon.org.uk>
Date: Thu, 07 Jul 2016 15:11:08 +0100
Message-ID: <1426.1467900668@warthog.procyon.org.uk>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

Jeff Layton <jlayton@redhat.com> wrote:

> Currently the two are unioned together, but I don't think that's safe.
> 
> It looks like get_cached_acl could race with the last put in
> posix_acl_release. get_cached_acl calls atomic_inc_not_zero on
> a_refcount, but that field could have already been clobbered by
> call_rcu, and may no longer be zero. Fix this by de-unioning the two
> fields.
> 
> Fixes: b8a7a3a66747 (posix_acl: Inode acl caching fixes)
> Signed-off-by: Jeff Layton <jlayton@redhat.com>

Acked-by: David Howells <dhowells@redhat.com>