Reassigning to Ryan Ohara because he now has bug #307431 and this is really the same issue.
Fixed. Removed calls to permission() from xattr ops. The permission() checks are handled in the VFS layer, so there is no need for gfs to repeat this step. Also note that checking permission() is incorrect for SELinux xattrs. The correct permission check is done via the security_inode_getxattr(), etc. calls, which are also done in the VFS layer.
Planning on removing GFS-kernel. Moving all bugs to gfs-kmod.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0348.html