Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-18030

ll_set_acl eats permissions if they could be expressed with mode bits

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • Lustre 2.16.0
    • Lustre 2.16.0
    • None
    • 3
    • 9223372036854775807

      ll_set_acl() has this code:

             switch (type) {
        case ACL_TYPE_ACCESS:
                name = XATTR_NAME_POSIX_ACL_ACCESS;
                if (acl)
                        rc = posix_acl_update_mode(map, inode,
                                                   &inode->i_mode, &acl);
                break;

...
       }
       if (acl) {
                value_size = posix_acl_xattr_size(acl->a_count);
                value = kmalloc(value_size, GFP_NOFS);
                if (value == NULL)
                        GOTO(out, rc = -ENOMEM);
                rc = posix_acl_to_xattr(&init_user_ns, acl, value, value_size);
                if (rc < 0)
                        GOTO(out_value, rc);
        }
        rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode),
                         value ? OBD_MD_FLXATTR : OBD_MD_FLXATTRRM,
                         name, value, value_size, 0, 0, &req);

      But posix_acl_update_mode() is setting the acl argument to NULL if the passed in ACL is expressible as just mode bits.

      This code path apparently is only used via NFS server reexport path, direct setfacl calls go straght into setxattr.

      So we either need to catch this and do setattr_md call to transfer the updated mode information, or I guess we invalidate the permission bits anyway on setattr so might as well skip the posix_acl_update_mode() call altogether and let the server tell us the new permissions next time we refresh?

            green Oleg Drokin
            green Oleg Drokin
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: