Inconsistencies with trusted.SGI_ACL_{FILE,DEFAULT}

[Andreas Gruenbacher]

On Mon, Oct 26, 2015 at 10:32 PM, Dave Chinner <david at fromorbit.com> wrote:
> Really, I'm struggling to understand what the problem is with XFS
> doing translation to it's own special xattr names for ACLs
> underneath the posix layer.

Right now, setting one of the SGI_ACL attributes leads to stale i_acl
/ i_default_acl fields and in the case of SGI_ACL_FILE, possibly to
outdated permissions in i_mode. You would get different information
from getfacl than what's stored on disk.

> Yes, there's a caching issue when someone directly manipulates
> the underlying xattr,

"Directly manipulating" could be doing a setxattr of an attribute that
was previously retrieved by getxattr, like restoring a backup.

> but you need root to shoot yourself in the foot that way, and that is easily
> solveable.

What do you mean, it's easily solvable?

Thanks,
Andreas