On Thu, Sep 22, 2022 at 05:17:05PM +0200, Christian Brauner wrote:
> +int v9fs_iop_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry,
> + struct posix_acl *acl, int type)
> +{
> + int retval;
> + void *value = NULL;
> + size_t size = 0;
> + struct v9fs_session_info *v9ses;
> + struct inode *inode = d_inode(dentry);
> +
> + v9ses = v9fs_dentry2v9ses(dentry);
> +
> + if (acl) {
> + retval = posix_acl_valid(inode->i_sb->s_user_ns, acl);
> + if (retval)
> + goto err_out;
> +
> + size = posix_acl_xattr_size(acl->a_count);
> +
> + value = kzalloc(size, GFP_NOFS);
> + if (!value) {
> + retval = -ENOMEM;
> + goto err_out;
> + }
> +
> + retval = posix_acl_to_xattr(&init_user_ns, acl, value, size);
> + if (retval < 0)
> + goto err_out;
> + }
> +
> + /*
> + * set the attribute on the remote. Without even looking at the
> + * xattr value. We leave it to the server to validate
> + */
> + if ((v9ses->flags & V9FS_ACCESS_MASK) != V9FS_ACCESS_CLIENT) {
> + retval = v9fs_xattr_set(dentry, posix_acl_xattr_name(type),
> + value, size, 0);
> + goto err_out;
> + }
> + if (S_ISLNK(inode->i_mode))
> + return -EOPNOTSUPP;
> + if (!inode_owner_or_capable(&init_user_ns, inode))
> + return -EPERM;
Shouldn't that chunk have been in the very beginning? As it is, you've
got a leak here...
