DragonFlyBSD Kernel Audit
← dashboard
DF-0187

vacl_get_acl/aclcheck call VOPs without vnode lock, inconsistent with set/delete

Summary

vacl_set_acl(:79) and vacl_delete(:114) wrap VOP in vn_lock/vn_unlock. vacl_get_acl(:97) and vacl_aclcheck(:135) do NOT. Race vs concurrent rename/reclaim/setacl. Torn read acl_cnt vs acl_entry[]. Latent.