1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <linux/fdtable.h>
3 #include <linux/anon_inodes.h>
4 #include <linux/uio.h>
5 #include "internal.h"
6
7 struct ondemand_anon_file {
8 struct file *file;
9 int fd;
10 };
11
cachefiles_req_put(struct cachefiles_req * req)12 static inline void cachefiles_req_put(struct cachefiles_req *req)
13 {
14 if (refcount_dec_and_test(&req->ref))
15 kfree(req);
16 }
17
cachefiles_ondemand_fd_release(struct inode * inode,struct file * file)18 static int cachefiles_ondemand_fd_release(struct inode *inode,
19 struct file *file)
20 {
21 struct cachefiles_object *object = file->private_data;
22 struct cachefiles_cache *cache;
23 struct cachefiles_ondemand_info *info;
24 int object_id;
25 struct cachefiles_req *req;
26 XA_STATE(xas, NULL, 0);
27
28 if (!object)
29 return 0;
30
31 info = object->ondemand;
32 cache = object->volume->cache;
33 xas.xa = &cache->reqs;
34
35 xa_lock(&cache->reqs);
36 spin_lock(&info->lock);
37 object_id = info->ondemand_id;
38 info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
39 cachefiles_ondemand_set_object_close(object);
40 spin_unlock(&info->lock);
41
42 /* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
43 xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
44 if (req->msg.object_id == object_id &&
45 req->msg.opcode == CACHEFILES_OP_CLOSE) {
46 complete(&req->done);
47 xas_store(&xas, NULL);
48 }
49 }
50 xa_unlock(&cache->reqs);
51
52 xa_erase(&cache->ondemand_ids, object_id);
53 trace_cachefiles_ondemand_fd_release(object, object_id);
54 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
55 cachefiles_put_unbind_pincount(cache);
56 return 0;
57 }
58
cachefiles_ondemand_fd_write_iter(struct kiocb * kiocb,struct iov_iter * iter)59 static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
60 struct iov_iter *iter)
61 {
62 struct cachefiles_object *object = kiocb->ki_filp->private_data;
63 struct cachefiles_cache *cache = object->volume->cache;
64 struct file *file;
65 size_t len = iter->count;
66 loff_t pos = kiocb->ki_pos;
67 const struct cred *saved_cred;
68 int ret;
69
70 spin_lock(&object->lock);
71 file = object->file;
72 if (!file) {
73 spin_unlock(&object->lock);
74 return -ENOBUFS;
75 }
76 get_file(file);
77 spin_unlock(&object->lock);
78
79 cachefiles_begin_secure(cache, &saved_cred);
80 ret = __cachefiles_prepare_write(object, file, &pos, &len, true);
81 cachefiles_end_secure(cache, saved_cred);
82 if (ret < 0)
83 goto out;
84
85 trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
86 ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
87 if (!ret) {
88 ret = len;
89 kiocb->ki_pos += ret;
90 }
91
92 out:
93 fput(file);
94 return ret;
95 }
96
cachefiles_ondemand_fd_llseek(struct file * filp,loff_t pos,int whence)97 static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
98 int whence)
99 {
100 struct cachefiles_object *object = filp->private_data;
101 struct file *file;
102 loff_t ret;
103
104 spin_lock(&object->lock);
105 file = object->file;
106 if (!file) {
107 spin_unlock(&object->lock);
108 return -ENOBUFS;
109 }
110 get_file(file);
111 spin_unlock(&object->lock);
112
113 ret = vfs_llseek(file, pos, whence);
114 fput(file);
115
116 return ret;
117 }
118
cachefiles_ondemand_fd_ioctl(struct file * filp,unsigned int ioctl,unsigned long id)119 static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
120 unsigned long id)
121 {
122 struct cachefiles_object *object = filp->private_data;
123 struct cachefiles_cache *cache = object->volume->cache;
124 struct cachefiles_req *req;
125 XA_STATE(xas, &cache->reqs, id);
126
127 if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
128 return -EINVAL;
129
130 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
131 return -EOPNOTSUPP;
132
133 xa_lock(&cache->reqs);
134 req = xas_load(&xas);
135 if (!req || req->msg.opcode != CACHEFILES_OP_READ ||
136 req->object != object) {
137 xa_unlock(&cache->reqs);
138 return -EINVAL;
139 }
140 xas_store(&xas, NULL);
141 xa_unlock(&cache->reqs);
142
143 trace_cachefiles_ondemand_cread(object, id);
144 complete(&req->done);
145 return 0;
146 }
147
148 static const struct file_operations cachefiles_ondemand_fd_fops = {
149 .owner = THIS_MODULE,
150 .release = cachefiles_ondemand_fd_release,
151 .write_iter = cachefiles_ondemand_fd_write_iter,
152 .llseek = cachefiles_ondemand_fd_llseek,
153 .unlocked_ioctl = cachefiles_ondemand_fd_ioctl,
154 };
155
156 /*
157 * OPEN request Completion (copen)
158 * - command: "copen <id>,<cache_size>"
159 * <cache_size> indicates the object size if >=0, error code if negative
160 */
cachefiles_ondemand_copen(struct cachefiles_cache * cache,char * args)161 int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
162 {
163 struct cachefiles_req *req;
164 struct fscache_cookie *cookie;
165 struct cachefiles_ondemand_info *info;
166 char *pid, *psize;
167 unsigned long id;
168 long size;
169 int ret;
170 XA_STATE(xas, &cache->reqs, 0);
171
172 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
173 return -EOPNOTSUPP;
174
175 if (!*args) {
176 pr_err("Empty id specified\n");
177 return -EINVAL;
178 }
179
180 pid = args;
181 psize = strchr(args, ',');
182 if (!psize) {
183 pr_err("Cache size is not specified\n");
184 return -EINVAL;
185 }
186
187 *psize = 0;
188 psize++;
189
190 ret = kstrtoul(pid, 0, &id);
191 if (ret)
192 return ret;
193
194 xa_lock(&cache->reqs);
195 xas.xa_index = id;
196 req = xas_load(&xas);
197 if (!req || req->msg.opcode != CACHEFILES_OP_OPEN ||
198 !req->object->ondemand->ondemand_id) {
199 xa_unlock(&cache->reqs);
200 return -EINVAL;
201 }
202 xas_store(&xas, NULL);
203 xa_unlock(&cache->reqs);
204
205 info = req->object->ondemand;
206 /* fail OPEN request if copen format is invalid */
207 ret = kstrtol(psize, 0, &size);
208 if (ret) {
209 req->error = ret;
210 goto out;
211 }
212
213 /* fail OPEN request if daemon reports an error */
214 if (size < 0) {
215 if (!IS_ERR_VALUE(size)) {
216 req->error = -EINVAL;
217 ret = -EINVAL;
218 } else {
219 req->error = size;
220 ret = 0;
221 }
222 goto out;
223 }
224
225 spin_lock(&info->lock);
226 /*
227 * The anonymous fd was closed before copen ? Fail the request.
228 *
229 * t1 | t2
230 * ---------------------------------------------------------
231 * cachefiles_ondemand_copen
232 * req = xa_erase(&cache->reqs, id)
233 * // Anon fd is maliciously closed.
234 * cachefiles_ondemand_fd_release
235 * xa_lock(&cache->reqs)
236 * cachefiles_ondemand_set_object_close(object)
237 * xa_unlock(&cache->reqs)
238 * cachefiles_ondemand_set_object_open
239 * // No one will ever close it again.
240 * cachefiles_ondemand_daemon_read
241 * cachefiles_ondemand_select_req
242 *
243 * Get a read req but its fd is already closed. The daemon can't
244 * issue a cread ioctl with an closed fd, then hung.
245 */
246 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED) {
247 spin_unlock(&info->lock);
248 req->error = -EBADFD;
249 goto out;
250 }
251 cookie = req->object->cookie;
252 cookie->object_size = size;
253 if (size)
254 clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
255 else
256 set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
257 trace_cachefiles_ondemand_copen(req->object, id, size);
258
259 cachefiles_ondemand_set_object_open(req->object);
260 spin_unlock(&info->lock);
261 wake_up_all(&cache->daemon_pollwq);
262
263 out:
264 spin_lock(&info->lock);
265 /* Need to set object close to avoid reopen status continuing */
266 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED)
267 cachefiles_ondemand_set_object_close(req->object);
268 spin_unlock(&info->lock);
269 complete(&req->done);
270 return ret;
271 }
272
cachefiles_ondemand_restore(struct cachefiles_cache * cache,char * args)273 int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
274 {
275 struct cachefiles_req *req;
276
277 XA_STATE(xas, &cache->reqs, 0);
278
279 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
280 return -EOPNOTSUPP;
281
282 /*
283 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
284 * requests have been processed halfway before the crash of the
285 * user daemon could be reprocessed after the recovery.
286 */
287 xas_lock(&xas);
288 xas_for_each(&xas, req, ULONG_MAX)
289 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
290 xas_unlock(&xas);
291
292 wake_up_all(&cache->daemon_pollwq);
293 return 0;
294 }
295
cachefiles_ondemand_get_fd(struct cachefiles_req * req,struct ondemand_anon_file * anon_file)296 static int cachefiles_ondemand_get_fd(struct cachefiles_req *req,
297 struct ondemand_anon_file *anon_file)
298 {
299 struct cachefiles_object *object;
300 struct cachefiles_cache *cache;
301 struct cachefiles_open *load;
302 u32 object_id;
303 int ret;
304
305 object = cachefiles_grab_object(req->object,
306 cachefiles_obj_get_ondemand_fd);
307 cache = object->volume->cache;
308
309 ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
310 XA_LIMIT(1, INT_MAX),
311 &cache->ondemand_id_next, GFP_KERNEL);
312 if (ret < 0)
313 goto err;
314
315 anon_file->fd = get_unused_fd_flags(O_WRONLY);
316 if (anon_file->fd < 0) {
317 ret = anon_file->fd;
318 goto err_free_id;
319 }
320
321 anon_file->file = anon_inode_getfile("[cachefiles]",
322 &cachefiles_ondemand_fd_fops, object, O_WRONLY);
323 if (IS_ERR(anon_file->file)) {
324 ret = PTR_ERR(anon_file->file);
325 goto err_put_fd;
326 }
327
328 spin_lock(&object->ondemand->lock);
329 if (object->ondemand->ondemand_id > 0) {
330 spin_unlock(&object->ondemand->lock);
331 /* Pair with check in cachefiles_ondemand_fd_release(). */
332 anon_file->file->private_data = NULL;
333 ret = -EEXIST;
334 goto err_put_file;
335 }
336
337 anon_file->file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
338
339 load = (void *)req->msg.data;
340 load->fd = anon_file->fd;
341 object->ondemand->ondemand_id = object_id;
342 spin_unlock(&object->ondemand->lock);
343
344 cachefiles_get_unbind_pincount(cache);
345 trace_cachefiles_ondemand_open(object, &req->msg, load);
346 return 0;
347
348 err_put_file:
349 fput(anon_file->file);
350 anon_file->file = NULL;
351 err_put_fd:
352 put_unused_fd(anon_file->fd);
353 anon_file->fd = ret;
354 err_free_id:
355 xa_erase(&cache->ondemand_ids, object_id);
356 err:
357 spin_lock(&object->ondemand->lock);
358 /* Avoid marking an opened object as closed. */
359 if (object->ondemand->ondemand_id <= 0)
360 cachefiles_ondemand_set_object_close(object);
361 spin_unlock(&object->ondemand->lock);
362 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
363 return ret;
364 }
365
ondemand_object_worker(struct work_struct * work)366 static void ondemand_object_worker(struct work_struct *work)
367 {
368 struct cachefiles_ondemand_info *info =
369 container_of(work, struct cachefiles_ondemand_info, ondemand_work);
370
371 cachefiles_ondemand_init_object(info->object);
372 }
373
374 /*
375 * If there are any inflight or subsequent READ requests on the
376 * closed object, reopen it.
377 * Skip read requests whose related object is reopening.
378 */
cachefiles_ondemand_select_req(struct xa_state * xas,unsigned long xa_max)379 static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
380 unsigned long xa_max)
381 {
382 struct cachefiles_req *req;
383 struct cachefiles_object *object;
384 struct cachefiles_ondemand_info *info;
385
386 xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
387 if (req->msg.opcode != CACHEFILES_OP_READ)
388 return req;
389 object = req->object;
390 info = object->ondemand;
391 if (cachefiles_ondemand_object_is_close(object)) {
392 cachefiles_ondemand_set_object_reopening(object);
393 queue_work(fscache_wq, &info->ondemand_work);
394 continue;
395 }
396 if (cachefiles_ondemand_object_is_reopening(object))
397 continue;
398 return req;
399 }
400 return NULL;
401 }
402
cachefiles_ondemand_finish_req(struct cachefiles_req * req,struct xa_state * xas,int err)403 static inline bool cachefiles_ondemand_finish_req(struct cachefiles_req *req,
404 struct xa_state *xas, int err)
405 {
406 if (unlikely(!xas || !req))
407 return false;
408
409 if (xa_cmpxchg(xas->xa, xas->xa_index, req, NULL, 0) != req)
410 return false;
411
412 req->error = err;
413 complete(&req->done);
414 return true;
415 }
416
cachefiles_ondemand_daemon_read(struct cachefiles_cache * cache,char __user * _buffer,size_t buflen)417 ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
418 char __user *_buffer, size_t buflen)
419 {
420 struct cachefiles_req *req;
421 struct cachefiles_msg *msg;
422 size_t n;
423 int ret = 0;
424 struct ondemand_anon_file anon_file;
425 XA_STATE(xas, &cache->reqs, cache->req_id_next);
426
427 xa_lock(&cache->reqs);
428 /*
429 * Cyclically search for a request that has not ever been processed,
430 * to prevent requests from being processed repeatedly, and make
431 * request distribution fair.
432 */
433 req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
434 if (!req && cache->req_id_next > 0) {
435 xas_set(&xas, 0);
436 req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
437 }
438 if (!req) {
439 xa_unlock(&cache->reqs);
440 return 0;
441 }
442
443 msg = &req->msg;
444 n = msg->len;
445
446 if (n > buflen) {
447 xa_unlock(&cache->reqs);
448 return -EMSGSIZE;
449 }
450
451 xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
452 cache->req_id_next = xas.xa_index + 1;
453 refcount_inc(&req->ref);
454 cachefiles_grab_object(req->object, cachefiles_obj_get_read_req);
455 xa_unlock(&cache->reqs);
456
457 if (msg->opcode == CACHEFILES_OP_OPEN) {
458 ret = cachefiles_ondemand_get_fd(req, &anon_file);
459 if (ret)
460 goto out;
461 }
462
463 msg->msg_id = xas.xa_index;
464 msg->object_id = req->object->ondemand->ondemand_id;
465
466 if (copy_to_user(_buffer, msg, n) != 0)
467 ret = -EFAULT;
468
469 if (msg->opcode == CACHEFILES_OP_OPEN) {
470 if (ret < 0) {
471 fput(anon_file.file);
472 put_unused_fd(anon_file.fd);
473 goto out;
474 }
475 fd_install(anon_file.fd, anon_file.file);
476 }
477 out:
478 cachefiles_put_object(req->object, cachefiles_obj_put_read_req);
479 /* Remove error request and CLOSE request has no reply */
480 if (ret || msg->opcode == CACHEFILES_OP_CLOSE)
481 cachefiles_ondemand_finish_req(req, &xas, ret);
482 cachefiles_req_put(req);
483 return ret ? ret : n;
484 }
485
486 typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
487
cachefiles_ondemand_send_req(struct cachefiles_object * object,enum cachefiles_opcode opcode,size_t data_len,init_req_fn init_req,void * private)488 static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
489 enum cachefiles_opcode opcode,
490 size_t data_len,
491 init_req_fn init_req,
492 void *private)
493 {
494 struct cachefiles_cache *cache = object->volume->cache;
495 struct cachefiles_req *req = NULL;
496 XA_STATE(xas, &cache->reqs, 0);
497 int ret;
498
499 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
500 return 0;
501
502 if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
503 ret = -EIO;
504 goto out;
505 }
506
507 req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
508 if (!req) {
509 ret = -ENOMEM;
510 goto out;
511 }
512
513 refcount_set(&req->ref, 1);
514 req->object = object;
515 init_completion(&req->done);
516 req->msg.opcode = opcode;
517 req->msg.len = sizeof(struct cachefiles_msg) + data_len;
518
519 ret = init_req(req, private);
520 if (ret)
521 goto out;
522
523 do {
524 /*
525 * Stop enqueuing the request when daemon is dying. The
526 * following two operations need to be atomic as a whole.
527 * 1) check cache state, and
528 * 2) enqueue request if cache is alive.
529 * Otherwise the request may be enqueued after xarray has been
530 * flushed, leaving the orphan request never being completed.
531 *
532 * CPU 1 CPU 2
533 * ===== =====
534 * test CACHEFILES_DEAD bit
535 * set CACHEFILES_DEAD bit
536 * flush requests in the xarray
537 * enqueue the request
538 */
539 xas_lock(&xas);
540
541 if (test_bit(CACHEFILES_DEAD, &cache->flags) ||
542 cachefiles_ondemand_object_is_dropping(object)) {
543 xas_unlock(&xas);
544 ret = -EIO;
545 goto out;
546 }
547
548 /* coupled with the barrier in cachefiles_flush_reqs() */
549 smp_mb();
550
551 if (opcode == CACHEFILES_OP_CLOSE &&
552 !cachefiles_ondemand_object_is_open(object)) {
553 WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
554 xas_unlock(&xas);
555 ret = -EIO;
556 goto out;
557 }
558
559 /*
560 * Cyclically find a free xas to avoid msg_id reuse that would
561 * cause the daemon to successfully copen a stale msg_id.
562 */
563 xas.xa_index = cache->msg_id_next;
564 xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
565 if (xas.xa_node == XAS_RESTART) {
566 xas.xa_index = 0;
567 xas_find_marked(&xas, cache->msg_id_next - 1, XA_FREE_MARK);
568 }
569 if (xas.xa_node == XAS_RESTART)
570 xas_set_err(&xas, -EBUSY);
571
572 xas_store(&xas, req);
573 if (xas_valid(&xas)) {
574 cache->msg_id_next = xas.xa_index + 1;
575 xas_clear_mark(&xas, XA_FREE_MARK);
576 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
577 }
578 xas_unlock(&xas);
579 } while (xas_nomem(&xas, GFP_KERNEL));
580
581 ret = xas_error(&xas);
582 if (ret)
583 goto out;
584
585 wake_up_all(&cache->daemon_pollwq);
586 wait:
587 ret = wait_for_completion_killable(&req->done);
588 if (!ret) {
589 ret = req->error;
590 } else {
591 ret = -EINTR;
592 if (!cachefiles_ondemand_finish_req(req, &xas, ret)) {
593 /* Someone will complete it soon. */
594 cpu_relax();
595 goto wait;
596 }
597 }
598 cachefiles_req_put(req);
599 return ret;
600 out:
601 /* Reset the object to close state in error handling path.
602 * If error occurs after creating the anonymous fd,
603 * cachefiles_ondemand_fd_release() will set object to close.
604 */
605 if (opcode == CACHEFILES_OP_OPEN &&
606 !cachefiles_ondemand_object_is_dropping(object))
607 cachefiles_ondemand_set_object_close(object);
608 kfree(req);
609 return ret;
610 }
611
cachefiles_ondemand_init_open_req(struct cachefiles_req * req,void * private)612 static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
613 void *private)
614 {
615 struct cachefiles_object *object = req->object;
616 struct fscache_cookie *cookie = object->cookie;
617 struct fscache_volume *volume = object->volume->vcookie;
618 struct cachefiles_open *load = (void *)req->msg.data;
619 size_t volume_key_size, cookie_key_size;
620 void *volume_key, *cookie_key;
621
622 /*
623 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
624 * string, followed by the content of the string (excluding '\0').
625 */
626 volume_key_size = volume->key[0] + 1;
627 volume_key = volume->key + 1;
628
629 /* Cookie key is binary data, which is netfs specific. */
630 cookie_key_size = cookie->key_len;
631 cookie_key = fscache_get_key(cookie);
632
633 if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
634 pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
635 return -EINVAL;
636 }
637
638 load->volume_key_size = volume_key_size;
639 load->cookie_key_size = cookie_key_size;
640 memcpy(load->data, volume_key, volume_key_size);
641 memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
642
643 return 0;
644 }
645
cachefiles_ondemand_init_close_req(struct cachefiles_req * req,void * private)646 static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
647 void *private)
648 {
649 struct cachefiles_object *object = req->object;
650
651 if (!cachefiles_ondemand_object_is_open(object))
652 return -ENOENT;
653
654 trace_cachefiles_ondemand_close(object, &req->msg);
655 return 0;
656 }
657
658 struct cachefiles_read_ctx {
659 loff_t off;
660 size_t len;
661 };
662
cachefiles_ondemand_init_read_req(struct cachefiles_req * req,void * private)663 static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
664 void *private)
665 {
666 struct cachefiles_object *object = req->object;
667 struct cachefiles_read *load = (void *)req->msg.data;
668 struct cachefiles_read_ctx *read_ctx = private;
669
670 load->off = read_ctx->off;
671 load->len = read_ctx->len;
672 trace_cachefiles_ondemand_read(object, &req->msg, load);
673 return 0;
674 }
675
cachefiles_ondemand_init_object(struct cachefiles_object * object)676 int cachefiles_ondemand_init_object(struct cachefiles_object *object)
677 {
678 struct fscache_cookie *cookie = object->cookie;
679 struct fscache_volume *volume = object->volume->vcookie;
680 size_t volume_key_size, cookie_key_size, data_len;
681
682 if (!object->ondemand)
683 return 0;
684
685 /*
686 * CacheFiles will firstly check the cache file under the root cache
687 * directory. If the coherency check failed, it will fallback to
688 * creating a new tmpfile as the cache file. Reuse the previously
689 * allocated object ID if any.
690 */
691 if (cachefiles_ondemand_object_is_open(object))
692 return 0;
693
694 volume_key_size = volume->key[0] + 1;
695 cookie_key_size = cookie->key_len;
696 data_len = sizeof(struct cachefiles_open) +
697 volume_key_size + cookie_key_size;
698
699 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
700 data_len, cachefiles_ondemand_init_open_req, NULL);
701 }
702
cachefiles_ondemand_clean_object(struct cachefiles_object * object)703 void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
704 {
705 unsigned long index;
706 struct cachefiles_req *req;
707 struct cachefiles_cache *cache;
708
709 if (!object->ondemand)
710 return;
711
712 cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
713 cachefiles_ondemand_init_close_req, NULL);
714
715 if (!object->ondemand->ondemand_id)
716 return;
717
718 /* Cancel all requests for the object that is being dropped. */
719 cache = object->volume->cache;
720 xa_lock(&cache->reqs);
721 cachefiles_ondemand_set_object_dropping(object);
722 xa_for_each(&cache->reqs, index, req) {
723 if (req->object == object) {
724 req->error = -EIO;
725 complete(&req->done);
726 __xa_erase(&cache->reqs, index);
727 }
728 }
729 xa_unlock(&cache->reqs);
730
731 /* Wait for ondemand_object_worker() to finish to avoid UAF. */
732 cancel_work_sync(&object->ondemand->ondemand_work);
733 }
734
cachefiles_ondemand_init_obj_info(struct cachefiles_object * object,struct cachefiles_volume * volume)735 int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
736 struct cachefiles_volume *volume)
737 {
738 if (!cachefiles_in_ondemand_mode(volume->cache))
739 return 0;
740
741 object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
742 GFP_KERNEL);
743 if (!object->ondemand)
744 return -ENOMEM;
745
746 object->ondemand->object = object;
747 spin_lock_init(&object->ondemand->lock);
748 INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
749 return 0;
750 }
751
cachefiles_ondemand_deinit_obj_info(struct cachefiles_object * object)752 void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
753 {
754 kfree(object->ondemand);
755 object->ondemand = NULL;
756 }
757
cachefiles_ondemand_read(struct cachefiles_object * object,loff_t pos,size_t len)758 int cachefiles_ondemand_read(struct cachefiles_object *object,
759 loff_t pos, size_t len)
760 {
761 struct cachefiles_read_ctx read_ctx = {pos, len};
762
763 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
764 sizeof(struct cachefiles_read),
765 cachefiles_ondemand_init_read_req, &read_ctx);
766 }
767