• Brian Foster's avatar
    xfs: remove racy hasattr check from attr ops · aab858da
    Brian Foster authored
    commit 5a93790d upstream.
    
    xfs_attr_[get|remove]() have unlocked attribute fork checks to optimize
    away a lock cycle in cases where the fork does not exist or is otherwise
    empty. This check is not safe, however, because an attribute fork short
    form to extent format conversion includes a transient state that causes
    the xfs_inode_hasattr() check to fail. Specifically,
    xfs_attr_shortform_to_leaf() creates an empty extent format attribute
    fork and then adds the existing shortform attributes to it.
    
    This means that lookup of an existing xattr can spuriously return
    -ENOATTR when racing against a setxattr that causes the associated
    format conversion. This was originally reproduced by an untar on a
    particularly configured glusterfs volume, but can also be reproduced on
    demand with properly crafted xattr requests.
    
    The format conversion occurs under the exclusive ilock. xfs_attr_get()
    and xfs_attr_remove() already have the proper locking and checks further
    down in the functions to handle this situation correctly. Drop the
    unlocked checks to avoid the spurious failure and rely on the existing
    logic.
    Signed-off-by: default avatarBrian Foster <bfoster@redhat.com>
    Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
    Reviewed-by: default avatarDarrick J. Wong <darrick.wong@oracle.com>
    Signed-off-by: default avatarDarrick J. Wong <darrick.wong@oracle.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    aab858da
xfs_attr.c 33.1 KB