1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <linux/fdtable.h>
3 #include <linux/anon_inodes.h>
4 #include <linux/uio.h>
5 #include "internal.h"
6
7 struct ondemand_anon_file {
8 struct file *file;
9 int fd;
10 };
11
cachefiles_req_put(struct cachefiles_req * req)12 static inline void cachefiles_req_put(struct cachefiles_req *req)
13 {
14 if (refcount_dec_and_test(&req->ref))
15 kfree(req);
16 }
17
cachefiles_ondemand_fd_release(struct inode * inode,struct file * file)18 static int cachefiles_ondemand_fd_release(struct inode *inode,
19 struct file *file)
20 {
21 struct cachefiles_object *object = file->private_data;
22 struct cachefiles_cache *cache;
23 struct cachefiles_ondemand_info *info;
24 int object_id;
25 struct cachefiles_req *req;
26 XA_STATE(xas, NULL, 0);
27
28 if (!object)
29 return 0;
30
31 info = object->ondemand;
32 cache = object->volume->cache;
33 xas.xa = &cache->reqs;
34
35 xa_lock(&cache->reqs);
36 spin_lock(&info->lock);
37 object_id = info->ondemand_id;
38 info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
39 cachefiles_ondemand_set_object_close(object);
40 spin_unlock(&info->lock);
41
42 /* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
43 xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
44 if (req->msg.object_id == object_id &&
45 req->msg.opcode == CACHEFILES_OP_CLOSE) {
46 complete(&req->done);
47 xas_store(&xas, NULL);
48 }
49 }
50 xa_unlock(&cache->reqs);
51
52 xa_erase(&cache->ondemand_ids, object_id);
53 trace_cachefiles_ondemand_fd_release(object, object_id);
54 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
55 cachefiles_put_unbind_pincount(cache);
56 return 0;
57 }
58
cachefiles_ondemand_fd_write_iter(struct kiocb * kiocb,struct iov_iter * iter)59 static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
60 struct iov_iter *iter)
61 {
62 struct cachefiles_object *object = kiocb->ki_filp->private_data;
63 struct cachefiles_cache *cache = object->volume->cache;
64 struct file *file;
65 size_t len = iter->count;
66 loff_t pos = kiocb->ki_pos;
67 const struct cred *saved_cred;
68 int ret;
69
70 spin_lock(&object->lock);
71 file = object->file;
72 if (!file) {
73 spin_unlock(&object->lock);
74 return -ENOBUFS;
75 }
76 get_file(file);
77 spin_unlock(&object->lock);
78
79 cachefiles_begin_secure(cache, &saved_cred);
80 ret = __cachefiles_prepare_write(object, file, &pos, &len, true);
81 cachefiles_end_secure(cache, saved_cred);
82 if (ret < 0)
83 goto out;
84
85 trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
86 ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
87 if (ret > 0)
88 kiocb->ki_pos += ret;
89
90 out:
91 fput(file);
92 return ret;
93 }
94
cachefiles_ondemand_fd_llseek(struct file * filp,loff_t pos,int whence)95 static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
96 int whence)
97 {
98 struct cachefiles_object *object = filp->private_data;
99 struct file *file;
100 loff_t ret;
101
102 spin_lock(&object->lock);
103 file = object->file;
104 if (!file) {
105 spin_unlock(&object->lock);
106 return -ENOBUFS;
107 }
108 get_file(file);
109 spin_unlock(&object->lock);
110
111 ret = vfs_llseek(file, pos, whence);
112 fput(file);
113
114 return ret;
115 }
116
cachefiles_ondemand_fd_ioctl(struct file * filp,unsigned int ioctl,unsigned long id)117 static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
118 unsigned long id)
119 {
120 struct cachefiles_object *object = filp->private_data;
121 struct cachefiles_cache *cache = object->volume->cache;
122 struct cachefiles_req *req;
123 XA_STATE(xas, &cache->reqs, id);
124
125 if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
126 return -EINVAL;
127
128 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
129 return -EOPNOTSUPP;
130
131 xa_lock(&cache->reqs);
132 req = xas_load(&xas);
133 if (!req || req->msg.opcode != CACHEFILES_OP_READ ||
134 req->object != object) {
135 xa_unlock(&cache->reqs);
136 return -EINVAL;
137 }
138 xas_store(&xas, NULL);
139 xa_unlock(&cache->reqs);
140
141 trace_cachefiles_ondemand_cread(object, id);
142 complete(&req->done);
143 return 0;
144 }
145
146 static const struct file_operations cachefiles_ondemand_fd_fops = {
147 .owner = THIS_MODULE,
148 .release = cachefiles_ondemand_fd_release,
149 .write_iter = cachefiles_ondemand_fd_write_iter,
150 .llseek = cachefiles_ondemand_fd_llseek,
151 .unlocked_ioctl = cachefiles_ondemand_fd_ioctl,
152 };
153
154 /*
155 * OPEN request Completion (copen)
156 * - command: "copen <id>,<cache_size>"
157 * <cache_size> indicates the object size if >=0, error code if negative
158 */
cachefiles_ondemand_copen(struct cachefiles_cache * cache,char * args)159 int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
160 {
161 struct cachefiles_req *req;
162 struct fscache_cookie *cookie;
163 struct cachefiles_ondemand_info *info;
164 char *pid, *psize;
165 unsigned long id;
166 long size;
167 int ret;
168 XA_STATE(xas, &cache->reqs, 0);
169
170 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
171 return -EOPNOTSUPP;
172
173 if (!*args) {
174 pr_err("Empty id specified\n");
175 return -EINVAL;
176 }
177
178 pid = args;
179 psize = strchr(args, ',');
180 if (!psize) {
181 pr_err("Cache size is not specified\n");
182 return -EINVAL;
183 }
184
185 *psize = 0;
186 psize++;
187
188 ret = kstrtoul(pid, 0, &id);
189 if (ret)
190 return ret;
191
192 xa_lock(&cache->reqs);
193 xas.xa_index = id;
194 req = xas_load(&xas);
195 if (!req || req->msg.opcode != CACHEFILES_OP_OPEN ||
196 !req->object->ondemand->ondemand_id) {
197 xa_unlock(&cache->reqs);
198 return -EINVAL;
199 }
200 xas_store(&xas, NULL);
201 xa_unlock(&cache->reqs);
202
203 info = req->object->ondemand;
204 /* fail OPEN request if copen format is invalid */
205 ret = kstrtol(psize, 0, &size);
206 if (ret) {
207 req->error = ret;
208 goto out;
209 }
210
211 /* fail OPEN request if daemon reports an error */
212 if (size < 0) {
213 if (!IS_ERR_VALUE(size)) {
214 req->error = -EINVAL;
215 ret = -EINVAL;
216 } else {
217 req->error = size;
218 ret = 0;
219 }
220 goto out;
221 }
222
223 spin_lock(&info->lock);
224 /*
225 * The anonymous fd was closed before copen ? Fail the request.
226 *
227 * t1 | t2
228 * ---------------------------------------------------------
229 * cachefiles_ondemand_copen
230 * req = xa_erase(&cache->reqs, id)
231 * // Anon fd is maliciously closed.
232 * cachefiles_ondemand_fd_release
233 * xa_lock(&cache->reqs)
234 * cachefiles_ondemand_set_object_close(object)
235 * xa_unlock(&cache->reqs)
236 * cachefiles_ondemand_set_object_open
237 * // No one will ever close it again.
238 * cachefiles_ondemand_daemon_read
239 * cachefiles_ondemand_select_req
240 *
241 * Get a read req but its fd is already closed. The daemon can't
242 * issue a cread ioctl with an closed fd, then hung.
243 */
244 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED) {
245 spin_unlock(&info->lock);
246 req->error = -EBADFD;
247 goto out;
248 }
249 cookie = req->object->cookie;
250 cookie->object_size = size;
251 if (size)
252 clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
253 else
254 set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
255 trace_cachefiles_ondemand_copen(req->object, id, size);
256
257 cachefiles_ondemand_set_object_open(req->object);
258 spin_unlock(&info->lock);
259 wake_up_all(&cache->daemon_pollwq);
260
261 out:
262 spin_lock(&info->lock);
263 /* Need to set object close to avoid reopen status continuing */
264 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED)
265 cachefiles_ondemand_set_object_close(req->object);
266 spin_unlock(&info->lock);
267 complete(&req->done);
268 return ret;
269 }
270
cachefiles_ondemand_restore(struct cachefiles_cache * cache,char * args)271 int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
272 {
273 struct cachefiles_req *req;
274
275 XA_STATE(xas, &cache->reqs, 0);
276
277 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
278 return -EOPNOTSUPP;
279
280 /*
281 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
282 * requests have been processed halfway before the crash of the
283 * user daemon could be reprocessed after the recovery.
284 */
285 xas_lock(&xas);
286 xas_for_each(&xas, req, ULONG_MAX)
287 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
288 xas_unlock(&xas);
289
290 wake_up_all(&cache->daemon_pollwq);
291 return 0;
292 }
293
cachefiles_ondemand_get_fd(struct cachefiles_req * req,struct ondemand_anon_file * anon_file)294 static int cachefiles_ondemand_get_fd(struct cachefiles_req *req,
295 struct ondemand_anon_file *anon_file)
296 {
297 struct cachefiles_object *object;
298 struct cachefiles_cache *cache;
299 struct cachefiles_open *load;
300 u32 object_id;
301 int ret;
302
303 object = cachefiles_grab_object(req->object,
304 cachefiles_obj_get_ondemand_fd);
305 cache = object->volume->cache;
306
307 ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
308 XA_LIMIT(1, INT_MAX),
309 &cache->ondemand_id_next, GFP_KERNEL);
310 if (ret < 0)
311 goto err;
312
313 anon_file->fd = get_unused_fd_flags(O_WRONLY);
314 if (anon_file->fd < 0) {
315 ret = anon_file->fd;
316 goto err_free_id;
317 }
318
319 anon_file->file = anon_inode_getfile("[cachefiles]",
320 &cachefiles_ondemand_fd_fops, object, O_WRONLY);
321 if (IS_ERR(anon_file->file)) {
322 ret = PTR_ERR(anon_file->file);
323 goto err_put_fd;
324 }
325
326 spin_lock(&object->ondemand->lock);
327 if (object->ondemand->ondemand_id > 0) {
328 spin_unlock(&object->ondemand->lock);
329 /* Pair with check in cachefiles_ondemand_fd_release(). */
330 anon_file->file->private_data = NULL;
331 ret = -EEXIST;
332 goto err_put_file;
333 }
334
335 anon_file->file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
336
337 load = (void *)req->msg.data;
338 load->fd = anon_file->fd;
339 object->ondemand->ondemand_id = object_id;
340 spin_unlock(&object->ondemand->lock);
341
342 cachefiles_get_unbind_pincount(cache);
343 trace_cachefiles_ondemand_open(object, &req->msg, load);
344 return 0;
345
346 err_put_file:
347 fput(anon_file->file);
348 anon_file->file = NULL;
349 err_put_fd:
350 put_unused_fd(anon_file->fd);
351 anon_file->fd = ret;
352 err_free_id:
353 xa_erase(&cache->ondemand_ids, object_id);
354 err:
355 spin_lock(&object->ondemand->lock);
356 /* Avoid marking an opened object as closed. */
357 if (object->ondemand->ondemand_id <= 0)
358 cachefiles_ondemand_set_object_close(object);
359 spin_unlock(&object->ondemand->lock);
360 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
361 return ret;
362 }
363
ondemand_object_worker(struct work_struct * work)364 static void ondemand_object_worker(struct work_struct *work)
365 {
366 struct cachefiles_ondemand_info *info =
367 container_of(work, struct cachefiles_ondemand_info, ondemand_work);
368
369 cachefiles_ondemand_init_object(info->object);
370 }
371
372 /*
373 * If there are any inflight or subsequent READ requests on the
374 * closed object, reopen it.
375 * Skip read requests whose related object is reopening.
376 */
cachefiles_ondemand_select_req(struct xa_state * xas,unsigned long xa_max)377 static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
378 unsigned long xa_max)
379 {
380 struct cachefiles_req *req;
381 struct cachefiles_object *object;
382 struct cachefiles_ondemand_info *info;
383
384 xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
385 if (req->msg.opcode != CACHEFILES_OP_READ)
386 return req;
387 object = req->object;
388 info = object->ondemand;
389 if (cachefiles_ondemand_object_is_close(object)) {
390 cachefiles_ondemand_set_object_reopening(object);
391 queue_work(fscache_wq, &info->ondemand_work);
392 continue;
393 }
394 if (cachefiles_ondemand_object_is_reopening(object))
395 continue;
396 return req;
397 }
398 return NULL;
399 }
400
cachefiles_ondemand_finish_req(struct cachefiles_req * req,struct xa_state * xas,int err)401 static inline bool cachefiles_ondemand_finish_req(struct cachefiles_req *req,
402 struct xa_state *xas, int err)
403 {
404 if (unlikely(!xas || !req))
405 return false;
406
407 if (xa_cmpxchg(xas->xa, xas->xa_index, req, NULL, 0) != req)
408 return false;
409
410 req->error = err;
411 complete(&req->done);
412 return true;
413 }
414
cachefiles_ondemand_daemon_read(struct cachefiles_cache * cache,char __user * _buffer,size_t buflen)415 ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
416 char __user *_buffer, size_t buflen)
417 {
418 struct cachefiles_req *req;
419 struct cachefiles_msg *msg;
420 size_t n;
421 int ret = 0;
422 struct ondemand_anon_file anon_file;
423 XA_STATE(xas, &cache->reqs, cache->req_id_next);
424
425 xa_lock(&cache->reqs);
426 /*
427 * Cyclically search for a request that has not ever been processed,
428 * to prevent requests from being processed repeatedly, and make
429 * request distribution fair.
430 */
431 req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
432 if (!req && cache->req_id_next > 0) {
433 xas_set(&xas, 0);
434 req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
435 }
436 if (!req) {
437 xa_unlock(&cache->reqs);
438 return 0;
439 }
440
441 msg = &req->msg;
442 n = msg->len;
443
444 if (n > buflen) {
445 xa_unlock(&cache->reqs);
446 return -EMSGSIZE;
447 }
448
449 xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
450 cache->req_id_next = xas.xa_index + 1;
451 refcount_inc(&req->ref);
452 cachefiles_grab_object(req->object, cachefiles_obj_get_read_req);
453 xa_unlock(&cache->reqs);
454
455 if (msg->opcode == CACHEFILES_OP_OPEN) {
456 ret = cachefiles_ondemand_get_fd(req, &anon_file);
457 if (ret)
458 goto out;
459 }
460
461 msg->msg_id = xas.xa_index;
462 msg->object_id = req->object->ondemand->ondemand_id;
463
464 if (copy_to_user(_buffer, msg, n) != 0)
465 ret = -EFAULT;
466
467 if (msg->opcode == CACHEFILES_OP_OPEN) {
468 if (ret < 0) {
469 fput(anon_file.file);
470 put_unused_fd(anon_file.fd);
471 goto out;
472 }
473 fd_install(anon_file.fd, anon_file.file);
474 }
475 out:
476 cachefiles_put_object(req->object, cachefiles_obj_put_read_req);
477 /* Remove error request and CLOSE request has no reply */
478 if (ret || msg->opcode == CACHEFILES_OP_CLOSE)
479 cachefiles_ondemand_finish_req(req, &xas, ret);
480 cachefiles_req_put(req);
481 return ret ? ret : n;
482 }
483
484 typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
485
cachefiles_ondemand_send_req(struct cachefiles_object * object,enum cachefiles_opcode opcode,size_t data_len,init_req_fn init_req,void * private)486 static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
487 enum cachefiles_opcode opcode,
488 size_t data_len,
489 init_req_fn init_req,
490 void *private)
491 {
492 struct cachefiles_cache *cache = object->volume->cache;
493 struct cachefiles_req *req = NULL;
494 XA_STATE(xas, &cache->reqs, 0);
495 int ret;
496
497 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
498 return 0;
499
500 if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
501 ret = -EIO;
502 goto out;
503 }
504
505 req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
506 if (!req) {
507 ret = -ENOMEM;
508 goto out;
509 }
510
511 refcount_set(&req->ref, 1);
512 req->object = object;
513 init_completion(&req->done);
514 req->msg.opcode = opcode;
515 req->msg.len = sizeof(struct cachefiles_msg) + data_len;
516
517 ret = init_req(req, private);
518 if (ret)
519 goto out;
520
521 do {
522 /*
523 * Stop enqueuing the request when daemon is dying. The
524 * following two operations need to be atomic as a whole.
525 * 1) check cache state, and
526 * 2) enqueue request if cache is alive.
527 * Otherwise the request may be enqueued after xarray has been
528 * flushed, leaving the orphan request never being completed.
529 *
530 * CPU 1 CPU 2
531 * ===== =====
532 * test CACHEFILES_DEAD bit
533 * set CACHEFILES_DEAD bit
534 * flush requests in the xarray
535 * enqueue the request
536 */
537 xas_lock(&xas);
538
539 if (test_bit(CACHEFILES_DEAD, &cache->flags) ||
540 cachefiles_ondemand_object_is_dropping(object)) {
541 xas_unlock(&xas);
542 ret = -EIO;
543 goto out;
544 }
545
546 /* coupled with the barrier in cachefiles_flush_reqs() */
547 smp_mb();
548
549 if (opcode == CACHEFILES_OP_CLOSE &&
550 !cachefiles_ondemand_object_is_open(object)) {
551 WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
552 xas_unlock(&xas);
553 ret = -EIO;
554 goto out;
555 }
556
557 /*
558 * Cyclically find a free xas to avoid msg_id reuse that would
559 * cause the daemon to successfully copen a stale msg_id.
560 */
561 xas.xa_index = cache->msg_id_next;
562 xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
563 if (xas.xa_node == XAS_RESTART) {
564 xas.xa_index = 0;
565 xas_find_marked(&xas, cache->msg_id_next - 1, XA_FREE_MARK);
566 }
567 if (xas.xa_node == XAS_RESTART)
568 xas_set_err(&xas, -EBUSY);
569
570 xas_store(&xas, req);
571 if (xas_valid(&xas)) {
572 cache->msg_id_next = xas.xa_index + 1;
573 xas_clear_mark(&xas, XA_FREE_MARK);
574 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
575 }
576 xas_unlock(&xas);
577 } while (xas_nomem(&xas, GFP_KERNEL));
578
579 ret = xas_error(&xas);
580 if (ret)
581 goto out;
582
583 wake_up_all(&cache->daemon_pollwq);
584 wait:
585 ret = wait_for_completion_killable(&req->done);
586 if (!ret) {
587 ret = req->error;
588 } else {
589 ret = -EINTR;
590 if (!cachefiles_ondemand_finish_req(req, &xas, ret)) {
591 /* Someone will complete it soon. */
592 cpu_relax();
593 goto wait;
594 }
595 }
596 cachefiles_req_put(req);
597 return ret;
598 out:
599 /* Reset the object to close state in error handling path.
600 * If error occurs after creating the anonymous fd,
601 * cachefiles_ondemand_fd_release() will set object to close.
602 */
603 if (opcode == CACHEFILES_OP_OPEN &&
604 !cachefiles_ondemand_object_is_dropping(object))
605 cachefiles_ondemand_set_object_close(object);
606 kfree(req);
607 return ret;
608 }
609
cachefiles_ondemand_init_open_req(struct cachefiles_req * req,void * private)610 static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
611 void *private)
612 {
613 struct cachefiles_object *object = req->object;
614 struct fscache_cookie *cookie = object->cookie;
615 struct fscache_volume *volume = object->volume->vcookie;
616 struct cachefiles_open *load = (void *)req->msg.data;
617 size_t volume_key_size, cookie_key_size;
618 void *volume_key, *cookie_key;
619
620 /*
621 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
622 * string, followed by the content of the string (excluding '\0').
623 */
624 volume_key_size = volume->key[0] + 1;
625 volume_key = volume->key + 1;
626
627 /* Cookie key is binary data, which is netfs specific. */
628 cookie_key_size = cookie->key_len;
629 cookie_key = fscache_get_key(cookie);
630
631 if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
632 pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
633 return -EINVAL;
634 }
635
636 load->volume_key_size = volume_key_size;
637 load->cookie_key_size = cookie_key_size;
638 memcpy(load->data, volume_key, volume_key_size);
639 memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
640
641 return 0;
642 }
643
cachefiles_ondemand_init_close_req(struct cachefiles_req * req,void * private)644 static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
645 void *private)
646 {
647 struct cachefiles_object *object = req->object;
648
649 if (!cachefiles_ondemand_object_is_open(object))
650 return -ENOENT;
651
652 trace_cachefiles_ondemand_close(object, &req->msg);
653 return 0;
654 }
655
656 struct cachefiles_read_ctx {
657 loff_t off;
658 size_t len;
659 };
660
cachefiles_ondemand_init_read_req(struct cachefiles_req * req,void * private)661 static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
662 void *private)
663 {
664 struct cachefiles_object *object = req->object;
665 struct cachefiles_read *load = (void *)req->msg.data;
666 struct cachefiles_read_ctx *read_ctx = private;
667
668 load->off = read_ctx->off;
669 load->len = read_ctx->len;
670 trace_cachefiles_ondemand_read(object, &req->msg, load);
671 return 0;
672 }
673
cachefiles_ondemand_init_object(struct cachefiles_object * object)674 int cachefiles_ondemand_init_object(struct cachefiles_object *object)
675 {
676 struct fscache_cookie *cookie = object->cookie;
677 struct fscache_volume *volume = object->volume->vcookie;
678 size_t volume_key_size, cookie_key_size, data_len;
679
680 if (!object->ondemand)
681 return 0;
682
683 /*
684 * CacheFiles will firstly check the cache file under the root cache
685 * directory. If the coherency check failed, it will fallback to
686 * creating a new tmpfile as the cache file. Reuse the previously
687 * allocated object ID if any.
688 */
689 if (cachefiles_ondemand_object_is_open(object))
690 return 0;
691
692 volume_key_size = volume->key[0] + 1;
693 cookie_key_size = cookie->key_len;
694 data_len = sizeof(struct cachefiles_open) +
695 volume_key_size + cookie_key_size;
696
697 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
698 data_len, cachefiles_ondemand_init_open_req, NULL);
699 }
700
cachefiles_ondemand_clean_object(struct cachefiles_object * object)701 void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
702 {
703 unsigned long index;
704 struct cachefiles_req *req;
705 struct cachefiles_cache *cache;
706
707 if (!object->ondemand)
708 return;
709
710 cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
711 cachefiles_ondemand_init_close_req, NULL);
712
713 if (!object->ondemand->ondemand_id)
714 return;
715
716 /* Cancel all requests for the object that is being dropped. */
717 cache = object->volume->cache;
718 xa_lock(&cache->reqs);
719 cachefiles_ondemand_set_object_dropping(object);
720 xa_for_each(&cache->reqs, index, req) {
721 if (req->object == object) {
722 req->error = -EIO;
723 complete(&req->done);
724 __xa_erase(&cache->reqs, index);
725 }
726 }
727 xa_unlock(&cache->reqs);
728
729 /* Wait for ondemand_object_worker() to finish to avoid UAF. */
730 cancel_work_sync(&object->ondemand->ondemand_work);
731 }
732
cachefiles_ondemand_init_obj_info(struct cachefiles_object * object,struct cachefiles_volume * volume)733 int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
734 struct cachefiles_volume *volume)
735 {
736 if (!cachefiles_in_ondemand_mode(volume->cache))
737 return 0;
738
739 object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
740 GFP_KERNEL);
741 if (!object->ondemand)
742 return -ENOMEM;
743
744 object->ondemand->object = object;
745 spin_lock_init(&object->ondemand->lock);
746 INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
747 return 0;
748 }
749
cachefiles_ondemand_deinit_obj_info(struct cachefiles_object * object)750 void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
751 {
752 kfree(object->ondemand);
753 object->ondemand = NULL;
754 }
755
cachefiles_ondemand_read(struct cachefiles_object * object,loff_t pos,size_t len)756 int cachefiles_ondemand_read(struct cachefiles_object *object,
757 loff_t pos, size_t len)
758 {
759 struct cachefiles_read_ctx read_ctx = {pos, len};
760
761 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
762 sizeof(struct cachefiles_read),
763 cachefiles_ondemand_init_read_req, &read_ctx);
764 }
765