Commit c2a7650d authored by Andreas Gruenbacher's avatar Andreas Gruenbacher Committed by Linus Torvalds

[PATCH] Long-standing xattr sharing bug

When looking for identical xattr blocks to share, we were not comparing the
name_index fields.  This could lead to false sharing when two xattr blocks
ended up with identical attribute names and values, and the only default
acls.  Because acls are cached, the bug was hidden until the next reload of
the affected inode.

  $ mkdir -m 700 a b
  $ setfacl -m u:bin:rwx a
	< acl of a goes in the mbcache

  $ setfacl -dm u:bin:rwx b
	< acl of b differs only in name_index, so a's acl is reused

  $ getfacl b
	< shows the result from the inode cache

  < empty inode cache (remount, etc.)

  $ getfacl b
	< shows an access acl instead of a default acl.
Signed-off-by: default avatarAndreas Gruenbacher <agruen@suse.de>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 315cbe59
...@@ -881,6 +881,7 @@ ext2_xattr_cmp(struct ext2_xattr_header *header1, ...@@ -881,6 +881,7 @@ ext2_xattr_cmp(struct ext2_xattr_header *header1,
if (IS_LAST_ENTRY(entry2)) if (IS_LAST_ENTRY(entry2))
return 1; return 1;
if (entry1->e_hash != entry2->e_hash || if (entry1->e_hash != entry2->e_hash ||
entry1->e_name_index != entry2->e_name_index ||
entry1->e_name_len != entry2->e_name_len || entry1->e_name_len != entry2->e_name_len ||
entry1->e_value_size != entry2->e_value_size || entry1->e_value_size != entry2->e_value_size ||
memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len)) memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len))
......
...@@ -1162,6 +1162,7 @@ ext3_xattr_cmp(struct ext3_xattr_header *header1, ...@@ -1162,6 +1162,7 @@ ext3_xattr_cmp(struct ext3_xattr_header *header1,
if (IS_LAST_ENTRY(entry2)) if (IS_LAST_ENTRY(entry2))
return 1; return 1;
if (entry1->e_hash != entry2->e_hash || if (entry1->e_hash != entry2->e_hash ||
entry1->e_name_index != entry2->e_name_index ||
entry1->e_name_len != entry2->e_name_len || entry1->e_name_len != entry2->e_name_len ||
entry1->e_value_size != entry2->e_value_size || entry1->e_value_size != entry2->e_value_size ||
memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len)) memcmp(entry1->e_name, entry2->e_name, entry1->e_name_len))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment