We found races in the fs subsystem in kernel v6.6 using a race testing tool we are developing based on modified KCSAN. We are reporting the races because they appear to be a potential bug. The races occur on inode->i_mode, which is updated in fs/posix_acl.c:722 posix_acl_update_mode and can race with reads in the following locations: security/selinux/hooks.c:3087 selinux_inode_permission include/linux/fsnotify.h:65 fsnotify_parent include/linux/device_cgroup.h:24 devcgroup_inode_permission fs/open.c:923,931 do_dentry_open fs/namei.c:342 acl_permission_check fs/namei.c:3242 may_open In cases where multiple threads are updating and accessing a single inode simultaneously, it seems like this could potentially lead to undefined behavior, if for example an access check is passed based on one i_mode setting, and then the inode->imode is modified by another thread. Best, Gabe
