mirror of
https://github.com/versity/scoutfs.git
synced 2026-02-09 04:00:10 +00:00
c9c428589d
In el9.6, the kernel VFS no longer goes through xattr handlers to retreive ACLs, but instead goes through the inode ops .get_acl, or, alternatively, .get_inode_acl. When I initially implemented the compatibility, I opted to implement .get_acl as the interface was simpler. Unfortunately, using .get_acl has the side effect that permission checking may rcu the acl as we're traversing a chain of directories, causing a cold cache traversal of nested directories to "lose" acl entries, as the traversal of directories requires permission checks on each of the steps, and that clashes with the getacl(1) lookup. The added test case exposes this issue. We can opt to implement our own sentinel, as some fs drivers have done. The alternative is to follow the path that all the other fs drivers have done, which is to implement .get_inode_acl, which is already guarded by a sentinel by the VFS, and can be explicitly told to not be called in rcu. To complete this, we're changing KC_GET_ACL_DENTRY, which is no longer used to KC_SET_ACL_DENTRY which was previously tacked on for the set_acl vfs parameter change from inode to dentry. Signed-off-by: Auke Kok <auke.kok@versity.com>