1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <linux/anon_inodes.h>
3 #include <linux/uio.h>
4 #include "internal.h"
5
6 struct ondemand_anon_file {
7 struct file *file;
8 int fd;
9 };
10
cachefiles_req_put(struct cachefiles_req * req)11 static inline void cachefiles_req_put(struct cachefiles_req *req)
12 {
13 if (refcount_dec_and_test(&req->ref))
14 kfree(req);
15 }
16
cachefiles_ondemand_fd_release(struct inode * inode,struct file * file)17 static int cachefiles_ondemand_fd_release(struct inode *inode,
18 struct file *file)
19 {
20 struct cachefiles_object *object = file->private_data;
21 struct cachefiles_cache *cache;
22 struct cachefiles_ondemand_info *info;
23 int object_id;
24 struct cachefiles_req *req;
25 XA_STATE(xas, NULL, 0);
26
27 if (!object)
28 return 0;
29
30 info = object->ondemand;
31 cache = object->volume->cache;
32 xas.xa = &cache->reqs;
33
34 xa_lock(&cache->reqs);
35 spin_lock(&info->lock);
36 object_id = info->ondemand_id;
37 info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
38 cachefiles_ondemand_set_object_close(object);
39 spin_unlock(&info->lock);
40
41 /* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
42 xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
43 if (req->msg.object_id == object_id &&
44 req->msg.opcode == CACHEFILES_OP_CLOSE) {
45 complete(&req->done);
46 xas_store(&xas, NULL);
47 }
48 }
49 xa_unlock(&cache->reqs);
50
51 xa_erase(&cache->ondemand_ids, object_id);
52 trace_cachefiles_ondemand_fd_release(object, object_id);
53 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
54 cachefiles_put_unbind_pincount(cache);
55 return 0;
56 }
57
cachefiles_ondemand_fd_write_iter(struct kiocb * kiocb,struct iov_iter * iter)58 static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
59 struct iov_iter *iter)
60 {
61 struct cachefiles_object *object = kiocb->ki_filp->private_data;
62 struct cachefiles_cache *cache = object->volume->cache;
63 struct file *file;
64 size_t len = iter->count, aligned_len = len;
65 loff_t pos = kiocb->ki_pos;
66 const struct cred *saved_cred;
67 int ret;
68
69 spin_lock(&object->lock);
70 file = object->file;
71 if (!file) {
72 spin_unlock(&object->lock);
73 return -ENOBUFS;
74 }
75 get_file(file);
76 spin_unlock(&object->lock);
77
78 cachefiles_begin_secure(cache, &saved_cred);
79 ret = __cachefiles_prepare_write(object, file, &pos, &aligned_len, len, true);
80 cachefiles_end_secure(cache, saved_cred);
81 if (ret < 0)
82 goto out;
83
84 trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
85 ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
86 if (ret > 0)
87 kiocb->ki_pos += ret;
88
89 out:
90 fput(file);
91 return ret;
92 }
93
cachefiles_ondemand_fd_llseek(struct file * filp,loff_t pos,int whence)94 static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
95 int whence)
96 {
97 struct cachefiles_object *object = filp->private_data;
98 struct file *file;
99 loff_t ret;
100
101 spin_lock(&object->lock);
102 file = object->file;
103 if (!file) {
104 spin_unlock(&object->lock);
105 return -ENOBUFS;
106 }
107 get_file(file);
108 spin_unlock(&object->lock);
109
110 ret = vfs_llseek(file, pos, whence);
111 fput(file);
112
113 return ret;
114 }
115
cachefiles_ondemand_fd_ioctl(struct file * filp,unsigned int ioctl,unsigned long id)116 static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
117 unsigned long id)
118 {
119 struct cachefiles_object *object = filp->private_data;
120 struct cachefiles_cache *cache = object->volume->cache;
121 struct cachefiles_req *req;
122 XA_STATE(xas, &cache->reqs, id);
123
124 if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
125 return -EINVAL;
126
127 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
128 return -EOPNOTSUPP;
129
130 xa_lock(&cache->reqs);
131 req = xas_load(&xas);
132 if (!req || req->msg.opcode != CACHEFILES_OP_READ ||
133 req->object != object) {
134 xa_unlock(&cache->reqs);
135 return -EINVAL;
136 }
137 xas_store(&xas, NULL);
138 xa_unlock(&cache->reqs);
139
140 trace_cachefiles_ondemand_cread(object, id);
141 complete(&req->done);
142 return 0;
143 }
144
145 static const struct file_operations cachefiles_ondemand_fd_fops = {
146 .owner = THIS_MODULE,
147 .release = cachefiles_ondemand_fd_release,
148 .write_iter = cachefiles_ondemand_fd_write_iter,
149 .llseek = cachefiles_ondemand_fd_llseek,
150 .unlocked_ioctl = cachefiles_ondemand_fd_ioctl,
151 };
152
153 /*
154 * OPEN request Completion (copen)
155 * - command: "copen <id>,<cache_size>"
156 * <cache_size> indicates the object size if >=0, error code if negative
157 */
cachefiles_ondemand_copen(struct cachefiles_cache * cache,char * args)158 int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
159 {
160 struct cachefiles_req *req;
161 struct fscache_cookie *cookie;
162 struct cachefiles_ondemand_info *info;
163 char *pid, *psize;
164 unsigned long id;
165 long size;
166 int ret;
167 XA_STATE(xas, &cache->reqs, 0);
168
169 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
170 return -EOPNOTSUPP;
171
172 if (!*args) {
173 pr_err("Empty id specified\n");
174 return -EINVAL;
175 }
176
177 pid = args;
178 psize = strchr(args, ',');
179 if (!psize) {
180 pr_err("Cache size is not specified\n");
181 return -EINVAL;
182 }
183
184 *psize = 0;
185 psize++;
186
187 ret = kstrtoul(pid, 0, &id);
188 if (ret)
189 return ret;
190
191 xa_lock(&cache->reqs);
192 xas.xa_index = id;
193 req = xas_load(&xas);
194 if (!req || req->msg.opcode != CACHEFILES_OP_OPEN ||
195 !req->object->ondemand->ondemand_id) {
196 xa_unlock(&cache->reqs);
197 return -EINVAL;
198 }
199 xas_store(&xas, NULL);
200 xa_unlock(&cache->reqs);
201
202 info = req->object->ondemand;
203 /* fail OPEN request if copen format is invalid */
204 ret = kstrtol(psize, 0, &size);
205 if (ret) {
206 req->error = ret;
207 goto out;
208 }
209
210 /* fail OPEN request if daemon reports an error */
211 if (size < 0) {
212 if (!IS_ERR_VALUE(size)) {
213 req->error = -EINVAL;
214 ret = -EINVAL;
215 } else {
216 req->error = size;
217 ret = 0;
218 }
219 goto out;
220 }
221
222 spin_lock(&info->lock);
223 /*
224 * The anonymous fd was closed before copen ? Fail the request.
225 *
226 * t1 | t2
227 * ---------------------------------------------------------
228 * cachefiles_ondemand_copen
229 * req = xa_erase(&cache->reqs, id)
230 * // Anon fd is maliciously closed.
231 * cachefiles_ondemand_fd_release
232 * xa_lock(&cache->reqs)
233 * cachefiles_ondemand_set_object_close(object)
234 * xa_unlock(&cache->reqs)
235 * cachefiles_ondemand_set_object_open
236 * // No one will ever close it again.
237 * cachefiles_ondemand_daemon_read
238 * cachefiles_ondemand_select_req
239 *
240 * Get a read req but its fd is already closed. The daemon can't
241 * issue a cread ioctl with an closed fd, then hung.
242 */
243 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED) {
244 spin_unlock(&info->lock);
245 req->error = -EBADFD;
246 goto out;
247 }
248 cookie = req->object->cookie;
249 cookie->object_size = size;
250 if (size)
251 clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
252 else
253 set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
254 trace_cachefiles_ondemand_copen(req->object, id, size);
255
256 cachefiles_ondemand_set_object_open(req->object);
257 spin_unlock(&info->lock);
258 wake_up_all(&cache->daemon_pollwq);
259
260 out:
261 spin_lock(&info->lock);
262 /* Need to set object close to avoid reopen status continuing */
263 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED)
264 cachefiles_ondemand_set_object_close(req->object);
265 spin_unlock(&info->lock);
266 complete(&req->done);
267 return ret;
268 }
269
cachefiles_ondemand_restore(struct cachefiles_cache * cache,char * args)270 int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
271 {
272 struct cachefiles_req *req;
273
274 XA_STATE(xas, &cache->reqs, 0);
275
276 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
277 return -EOPNOTSUPP;
278
279 /*
280 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
281 * requests have been processed halfway before the crash of the
282 * user daemon could be reprocessed after the recovery.
283 */
284 xas_lock(&xas);
285 xas_for_each(&xas, req, ULONG_MAX)
286 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
287 xas_unlock(&xas);
288
289 wake_up_all(&cache->daemon_pollwq);
290 return 0;
291 }
292
cachefiles_ondemand_get_fd(struct cachefiles_req * req,struct ondemand_anon_file * anon_file)293 static int cachefiles_ondemand_get_fd(struct cachefiles_req *req,
294 struct ondemand_anon_file *anon_file)
295 {
296 struct cachefiles_object *object;
297 struct cachefiles_cache *cache;
298 struct cachefiles_open *load;
299 u32 object_id;
300 int ret;
301
302 object = cachefiles_grab_object(req->object,
303 cachefiles_obj_get_ondemand_fd);
304 cache = object->volume->cache;
305
306 ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
307 XA_LIMIT(1, INT_MAX),
308 &cache->ondemand_id_next, GFP_KERNEL);
309 if (ret < 0)
310 goto err;
311
312 anon_file->fd = get_unused_fd_flags(O_WRONLY);
313 if (anon_file->fd < 0) {
314 ret = anon_file->fd;
315 goto err_free_id;
316 }
317
318 anon_file->file = anon_inode_getfile("[cachefiles]",
319 &cachefiles_ondemand_fd_fops, object, O_WRONLY);
320 if (IS_ERR(anon_file->file)) {
321 ret = PTR_ERR(anon_file->file);
322 goto err_put_fd;
323 }
324
325 spin_lock(&object->ondemand->lock);
326 if (object->ondemand->ondemand_id > 0) {
327 spin_unlock(&object->ondemand->lock);
328 /* Pair with check in cachefiles_ondemand_fd_release(). */
329 anon_file->file->private_data = NULL;
330 ret = -EEXIST;
331 goto err_put_file;
332 }
333
334 anon_file->file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
335
336 load = (void *)req->msg.data;
337 load->fd = anon_file->fd;
338 object->ondemand->ondemand_id = object_id;
339 spin_unlock(&object->ondemand->lock);
340
341 cachefiles_get_unbind_pincount(cache);
342 trace_cachefiles_ondemand_open(object, &req->msg, load);
343 return 0;
344
345 err_put_file:
346 fput(anon_file->file);
347 anon_file->file = NULL;
348 err_put_fd:
349 put_unused_fd(anon_file->fd);
350 anon_file->fd = ret;
351 err_free_id:
352 xa_erase(&cache->ondemand_ids, object_id);
353 err:
354 spin_lock(&object->ondemand->lock);
355 /* Avoid marking an opened object as closed. */
356 if (object->ondemand->ondemand_id <= 0)
357 cachefiles_ondemand_set_object_close(object);
358 spin_unlock(&object->ondemand->lock);
359 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
360 return ret;
361 }
362
ondemand_object_worker(struct work_struct * work)363 static void ondemand_object_worker(struct work_struct *work)
364 {
365 struct cachefiles_ondemand_info *info =
366 container_of(work, struct cachefiles_ondemand_info, ondemand_work);
367
368 cachefiles_ondemand_init_object(info->object);
369 }
370
371 /*
372 * If there are any inflight or subsequent READ requests on the
373 * closed object, reopen it.
374 * Skip read requests whose related object is reopening.
375 */
cachefiles_ondemand_select_req(struct xa_state * xas,unsigned long xa_max)376 static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
377 unsigned long xa_max)
378 {
379 struct cachefiles_req *req;
380 struct cachefiles_object *object;
381 struct cachefiles_ondemand_info *info;
382
383 xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
384 if (req->msg.opcode != CACHEFILES_OP_READ)
385 return req;
386 object = req->object;
387 info = object->ondemand;
388 if (cachefiles_ondemand_object_is_close(object)) {
389 cachefiles_ondemand_set_object_reopening(object);
390 queue_work(fscache_wq, &info->ondemand_work);
391 continue;
392 }
393 if (cachefiles_ondemand_object_is_reopening(object))
394 continue;
395 return req;
396 }
397 return NULL;
398 }
399
cachefiles_ondemand_finish_req(struct cachefiles_req * req,struct xa_state * xas,int err)400 static inline bool cachefiles_ondemand_finish_req(struct cachefiles_req *req,
401 struct xa_state *xas, int err)
402 {
403 if (unlikely(!xas || !req))
404 return false;
405
406 if (xa_cmpxchg(xas->xa, xas->xa_index, req, NULL, 0) != req)
407 return false;
408
409 req->error = err;
410 complete(&req->done);
411 return true;
412 }
413
cachefiles_ondemand_daemon_read(struct cachefiles_cache * cache,char __user * _buffer,size_t buflen)414 ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
415 char __user *_buffer, size_t buflen)
416 {
417 struct cachefiles_req *req;
418 struct cachefiles_msg *msg;
419 size_t n;
420 int ret = 0;
421 struct ondemand_anon_file anon_file;
422 XA_STATE(xas, &cache->reqs, cache->req_id_next);
423
424 xa_lock(&cache->reqs);
425 /*
426 * Cyclically search for a request that has not ever been processed,
427 * to prevent requests from being processed repeatedly, and make
428 * request distribution fair.
429 */
430 req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
431 if (!req && cache->req_id_next > 0) {
432 xas_set(&xas, 0);
433 req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
434 }
435 if (!req) {
436 xa_unlock(&cache->reqs);
437 return 0;
438 }
439
440 msg = &req->msg;
441 n = msg->len;
442
443 if (n > buflen) {
444 xa_unlock(&cache->reqs);
445 return -EMSGSIZE;
446 }
447
448 xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
449 cache->req_id_next = xas.xa_index + 1;
450 refcount_inc(&req->ref);
451 cachefiles_grab_object(req->object, cachefiles_obj_get_read_req);
452 xa_unlock(&cache->reqs);
453
454 if (msg->opcode == CACHEFILES_OP_OPEN) {
455 ret = cachefiles_ondemand_get_fd(req, &anon_file);
456 if (ret)
457 goto out;
458 }
459
460 msg->msg_id = xas.xa_index;
461 msg->object_id = req->object->ondemand->ondemand_id;
462
463 if (copy_to_user(_buffer, msg, n) != 0)
464 ret = -EFAULT;
465
466 if (msg->opcode == CACHEFILES_OP_OPEN) {
467 if (ret < 0) {
468 fput(anon_file.file);
469 put_unused_fd(anon_file.fd);
470 goto out;
471 }
472 fd_install(anon_file.fd, anon_file.file);
473 }
474 out:
475 cachefiles_put_object(req->object, cachefiles_obj_put_read_req);
476 /* Remove error request and CLOSE request has no reply */
477 if (ret || msg->opcode == CACHEFILES_OP_CLOSE)
478 cachefiles_ondemand_finish_req(req, &xas, ret);
479 cachefiles_req_put(req);
480 return ret ? ret : n;
481 }
482
483 typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
484
cachefiles_ondemand_send_req(struct cachefiles_object * object,enum cachefiles_opcode opcode,size_t data_len,init_req_fn init_req,void * private)485 static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
486 enum cachefiles_opcode opcode,
487 size_t data_len,
488 init_req_fn init_req,
489 void *private)
490 {
491 struct cachefiles_cache *cache = object->volume->cache;
492 struct cachefiles_req *req = NULL;
493 XA_STATE(xas, &cache->reqs, 0);
494 int ret;
495
496 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
497 return 0;
498
499 if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
500 ret = -EIO;
501 goto out;
502 }
503
504 req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
505 if (!req) {
506 ret = -ENOMEM;
507 goto out;
508 }
509
510 refcount_set(&req->ref, 1);
511 req->object = object;
512 init_completion(&req->done);
513 req->msg.opcode = opcode;
514 req->msg.len = sizeof(struct cachefiles_msg) + data_len;
515
516 ret = init_req(req, private);
517 if (ret)
518 goto out;
519
520 do {
521 /*
522 * Stop enqueuing the request when daemon is dying. The
523 * following two operations need to be atomic as a whole.
524 * 1) check cache state, and
525 * 2) enqueue request if cache is alive.
526 * Otherwise the request may be enqueued after xarray has been
527 * flushed, leaving the orphan request never being completed.
528 *
529 * CPU 1 CPU 2
530 * ===== =====
531 * test CACHEFILES_DEAD bit
532 * set CACHEFILES_DEAD bit
533 * flush requests in the xarray
534 * enqueue the request
535 */
536 xas_lock(&xas);
537
538 if (test_bit(CACHEFILES_DEAD, &cache->flags) ||
539 cachefiles_ondemand_object_is_dropping(object)) {
540 xas_unlock(&xas);
541 ret = -EIO;
542 goto out;
543 }
544
545 /* coupled with the barrier in cachefiles_flush_reqs() */
546 smp_mb();
547
548 if (opcode == CACHEFILES_OP_CLOSE &&
549 !cachefiles_ondemand_object_is_open(object)) {
550 WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
551 xas_unlock(&xas);
552 ret = -EIO;
553 goto out;
554 }
555
556 /*
557 * Cyclically find a free xas to avoid msg_id reuse that would
558 * cause the daemon to successfully copen a stale msg_id.
559 */
560 xas.xa_index = cache->msg_id_next;
561 xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
562 if (xas.xa_node == XAS_RESTART) {
563 xas.xa_index = 0;
564 xas_find_marked(&xas, cache->msg_id_next - 1, XA_FREE_MARK);
565 }
566 if (xas.xa_node == XAS_RESTART)
567 xas_set_err(&xas, -EBUSY);
568
569 xas_store(&xas, req);
570 if (xas_valid(&xas)) {
571 cache->msg_id_next = xas.xa_index + 1;
572 xas_clear_mark(&xas, XA_FREE_MARK);
573 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
574 }
575 xas_unlock(&xas);
576 } while (xas_nomem(&xas, GFP_KERNEL));
577
578 ret = xas_error(&xas);
579 if (ret)
580 goto out;
581
582 wake_up_all(&cache->daemon_pollwq);
583 wait:
584 ret = wait_for_completion_killable(&req->done);
585 if (!ret) {
586 ret = req->error;
587 } else {
588 ret = -EINTR;
589 if (!cachefiles_ondemand_finish_req(req, &xas, ret)) {
590 /* Someone will complete it soon. */
591 cpu_relax();
592 goto wait;
593 }
594 }
595 cachefiles_req_put(req);
596 return ret;
597 out:
598 /* Reset the object to close state in error handling path.
599 * If error occurs after creating the anonymous fd,
600 * cachefiles_ondemand_fd_release() will set object to close.
601 */
602 if (opcode == CACHEFILES_OP_OPEN &&
603 !cachefiles_ondemand_object_is_dropping(object))
604 cachefiles_ondemand_set_object_close(object);
605 kfree(req);
606 return ret;
607 }
608
cachefiles_ondemand_init_open_req(struct cachefiles_req * req,void * private)609 static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
610 void *private)
611 {
612 struct cachefiles_object *object = req->object;
613 struct fscache_cookie *cookie = object->cookie;
614 struct fscache_volume *volume = object->volume->vcookie;
615 struct cachefiles_open *load = (void *)req->msg.data;
616 size_t volume_key_size, cookie_key_size;
617 void *volume_key, *cookie_key;
618
619 /*
620 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
621 * string, followed by the content of the string (excluding '\0').
622 */
623 volume_key_size = volume->key[0] + 1;
624 volume_key = volume->key + 1;
625
626 /* Cookie key is binary data, which is netfs specific. */
627 cookie_key_size = cookie->key_len;
628 cookie_key = fscache_get_key(cookie);
629
630 if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
631 pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
632 return -EINVAL;
633 }
634
635 load->volume_key_size = volume_key_size;
636 load->cookie_key_size = cookie_key_size;
637 memcpy(load->data, volume_key, volume_key_size);
638 memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
639
640 return 0;
641 }
642
cachefiles_ondemand_init_close_req(struct cachefiles_req * req,void * private)643 static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
644 void *private)
645 {
646 struct cachefiles_object *object = req->object;
647
648 if (!cachefiles_ondemand_object_is_open(object))
649 return -ENOENT;
650
651 trace_cachefiles_ondemand_close(object, &req->msg);
652 return 0;
653 }
654
655 struct cachefiles_read_ctx {
656 loff_t off;
657 size_t len;
658 };
659
cachefiles_ondemand_init_read_req(struct cachefiles_req * req,void * private)660 static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
661 void *private)
662 {
663 struct cachefiles_object *object = req->object;
664 struct cachefiles_read *load = (void *)req->msg.data;
665 struct cachefiles_read_ctx *read_ctx = private;
666
667 load->off = read_ctx->off;
668 load->len = read_ctx->len;
669 trace_cachefiles_ondemand_read(object, &req->msg, load);
670 return 0;
671 }
672
cachefiles_ondemand_init_object(struct cachefiles_object * object)673 int cachefiles_ondemand_init_object(struct cachefiles_object *object)
674 {
675 struct fscache_cookie *cookie = object->cookie;
676 struct fscache_volume *volume = object->volume->vcookie;
677 size_t volume_key_size, cookie_key_size, data_len;
678
679 if (!object->ondemand)
680 return 0;
681
682 /*
683 * CacheFiles will firstly check the cache file under the root cache
684 * directory. If the coherency check failed, it will fallback to
685 * creating a new tmpfile as the cache file. Reuse the previously
686 * allocated object ID if any.
687 */
688 if (cachefiles_ondemand_object_is_open(object))
689 return 0;
690
691 volume_key_size = volume->key[0] + 1;
692 cookie_key_size = cookie->key_len;
693 data_len = sizeof(struct cachefiles_open) +
694 volume_key_size + cookie_key_size;
695
696 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
697 data_len, cachefiles_ondemand_init_open_req, NULL);
698 }
699
cachefiles_ondemand_clean_object(struct cachefiles_object * object)700 void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
701 {
702 unsigned long index;
703 struct cachefiles_req *req;
704 struct cachefiles_cache *cache;
705
706 if (!object->ondemand)
707 return;
708
709 cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
710 cachefiles_ondemand_init_close_req, NULL);
711
712 if (!object->ondemand->ondemand_id)
713 return;
714
715 /* Cancel all requests for the object that is being dropped. */
716 cache = object->volume->cache;
717 xa_lock(&cache->reqs);
718 cachefiles_ondemand_set_object_dropping(object);
719 xa_for_each(&cache->reqs, index, req) {
720 if (req->object == object) {
721 req->error = -EIO;
722 complete(&req->done);
723 __xa_erase(&cache->reqs, index);
724 }
725 }
726 xa_unlock(&cache->reqs);
727
728 /* Wait for ondemand_object_worker() to finish to avoid UAF. */
729 cancel_work_sync(&object->ondemand->ondemand_work);
730 }
731
cachefiles_ondemand_init_obj_info(struct cachefiles_object * object,struct cachefiles_volume * volume)732 int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
733 struct cachefiles_volume *volume)
734 {
735 if (!cachefiles_in_ondemand_mode(volume->cache))
736 return 0;
737
738 object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
739 GFP_KERNEL);
740 if (!object->ondemand)
741 return -ENOMEM;
742
743 object->ondemand->object = object;
744 spin_lock_init(&object->ondemand->lock);
745 INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
746 return 0;
747 }
748
cachefiles_ondemand_deinit_obj_info(struct cachefiles_object * object)749 void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
750 {
751 kfree(object->ondemand);
752 object->ondemand = NULL;
753 }
754
cachefiles_ondemand_read(struct cachefiles_object * object,loff_t pos,size_t len)755 int cachefiles_ondemand_read(struct cachefiles_object *object,
756 loff_t pos, size_t len)
757 {
758 struct cachefiles_read_ctx read_ctx = {pos, len};
759
760 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
761 sizeof(struct cachefiles_read),
762 cachefiles_ondemand_init_read_req, &read_ctx);
763 }
764