Skip permission checks for POSIX ACL type

zfs_zaccess_trivial() calls the generic_permission() to read xattr attributes. This may cause a deadlock if the xattr and dent locks were already held. This commit adds a workaround to skip permission checks for POSIX ACL type. Signed-off-by: Ameer Hamza <ahamza@ixsystems.com>
truenas · Nov 28, 2022 · 465cef1 · 465cef1
1 parent 99347bd
commit 465cef1
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/module/os/linux/zfs/zfs_acl.c b/module/os/linux/zfs/zfs_acl.c
@@ -2608,8 +2608,13 @@ zfs_zaccess_common(znode_t *zp, uint32_t v4_mode, uint32_t *working_mode,
 		return (SET_ERROR(EPERM));
 	}
 
-	if (zp->z_pflags & ZFS_ACL_TRIVIAL)
+	/*
+	 * Workaround for POSIX ACL type to avoid deadlock
+	 */
+	if ((zp->z_pflags & ZFS_ACL_TRIVIAL) &&
+	    zfsvfs->z_acl_type != ZFS_ACLTYPE_POSIX) {
 		return (zfs_zaccess_trivial(zp, working_mode, cr));
+	}
 
 	return (zfs_zaccess_aces_check(zp, working_mode, B_FALSE, cr));
 }