1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <linux/fdtable.h>
3 #include <linux/anon_inodes.h>
4 #include <linux/uio.h>
5 #include "internal.h"
6
7 struct ondemand_anon_file {
8 struct file *file;
9 int fd;
10 };
11
cachefiles_req_put(struct cachefiles_req * req)12 static inline void cachefiles_req_put(struct cachefiles_req *req)
13 {
14 if (refcount_dec_and_test(&req->ref))
15 kfree(req);
16 }
17
cachefiles_ondemand_fd_release(struct inode * inode,struct file * file)18 static int cachefiles_ondemand_fd_release(struct inode *inode,
19 struct file *file)
20 {
21 struct cachefiles_object *object = file->private_data;
22 struct cachefiles_cache *cache;
23 struct cachefiles_ondemand_info *info;
24 int object_id;
25 struct cachefiles_req *req;
26 XA_STATE(xas, NULL, 0);
27
28 if (!object)
29 return 0;
30
31 info = object->ondemand;
32 cache = object->volume->cache;
33 xas.xa = &cache->reqs;
34
35 xa_lock(&cache->reqs);
36 spin_lock(&info->lock);
37 object_id = info->ondemand_id;
38 info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
39 cachefiles_ondemand_set_object_close(object);
40 spin_unlock(&info->lock);
41
42 /* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
43 xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
44 if (req->msg.object_id == object_id &&
45 req->msg.opcode == CACHEFILES_OP_CLOSE) {
46 complete(&req->done);
47 xas_store(&xas, NULL);
48 }
49 }
50 xa_unlock(&cache->reqs);
51
52 xa_erase(&cache->ondemand_ids, object_id);
53 trace_cachefiles_ondemand_fd_release(object, object_id);
54 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
55 cachefiles_put_unbind_pincount(cache);
56 return 0;
57 }
58
cachefiles_ondemand_fd_write_iter(struct kiocb * kiocb,struct iov_iter * iter)59 static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
60 struct iov_iter *iter)
61 {
62 struct cachefiles_object *object = kiocb->ki_filp->private_data;
63 struct cachefiles_cache *cache = object->volume->cache;
64 struct file *file = object->file;
65 size_t len = iter->count;
66 loff_t pos = kiocb->ki_pos;
67 const struct cred *saved_cred;
68 int ret;
69
70 if (!file)
71 return -ENOBUFS;
72
73 cachefiles_begin_secure(cache, &saved_cred);
74 ret = __cachefiles_prepare_write(object, file, &pos, &len, true);
75 cachefiles_end_secure(cache, saved_cred);
76 if (ret < 0)
77 return ret;
78
79 trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
80 ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
81 if (!ret)
82 ret = len;
83
84 return ret;
85 }
86
cachefiles_ondemand_fd_llseek(struct file * filp,loff_t pos,int whence)87 static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
88 int whence)
89 {
90 struct cachefiles_object *object = filp->private_data;
91 struct file *file = object->file;
92
93 if (!file)
94 return -ENOBUFS;
95
96 return vfs_llseek(file, pos, whence);
97 }
98
cachefiles_ondemand_fd_ioctl(struct file * filp,unsigned int ioctl,unsigned long id)99 static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
100 unsigned long id)
101 {
102 struct cachefiles_object *object = filp->private_data;
103 struct cachefiles_cache *cache = object->volume->cache;
104 struct cachefiles_req *req;
105 XA_STATE(xas, &cache->reqs, id);
106
107 if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
108 return -EINVAL;
109
110 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
111 return -EOPNOTSUPP;
112
113 xa_lock(&cache->reqs);
114 req = xas_load(&xas);
115 if (!req || req->msg.opcode != CACHEFILES_OP_READ ||
116 req->object != object) {
117 xa_unlock(&cache->reqs);
118 return -EINVAL;
119 }
120 xas_store(&xas, NULL);
121 xa_unlock(&cache->reqs);
122
123 trace_cachefiles_ondemand_cread(object, id);
124 complete(&req->done);
125 return 0;
126 }
127
128 static const struct file_operations cachefiles_ondemand_fd_fops = {
129 .owner = THIS_MODULE,
130 .release = cachefiles_ondemand_fd_release,
131 .write_iter = cachefiles_ondemand_fd_write_iter,
132 .llseek = cachefiles_ondemand_fd_llseek,
133 .unlocked_ioctl = cachefiles_ondemand_fd_ioctl,
134 };
135
136 /*
137 * OPEN request Completion (copen)
138 * - command: "copen <id>,<cache_size>"
139 * <cache_size> indicates the object size if >=0, error code if negative
140 */
cachefiles_ondemand_copen(struct cachefiles_cache * cache,char * args)141 int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
142 {
143 struct cachefiles_req *req;
144 struct fscache_cookie *cookie;
145 struct cachefiles_ondemand_info *info;
146 char *pid, *psize;
147 unsigned long id;
148 long size;
149 int ret;
150 XA_STATE(xas, &cache->reqs, 0);
151
152 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
153 return -EOPNOTSUPP;
154
155 if (!*args) {
156 pr_err("Empty id specified\n");
157 return -EINVAL;
158 }
159
160 pid = args;
161 psize = strchr(args, ',');
162 if (!psize) {
163 pr_err("Cache size is not specified\n");
164 return -EINVAL;
165 }
166
167 *psize = 0;
168 psize++;
169
170 ret = kstrtoul(pid, 0, &id);
171 if (ret)
172 return ret;
173
174 xa_lock(&cache->reqs);
175 xas.xa_index = id;
176 req = xas_load(&xas);
177 if (!req || req->msg.opcode != CACHEFILES_OP_OPEN ||
178 !req->object->ondemand->ondemand_id) {
179 xa_unlock(&cache->reqs);
180 return -EINVAL;
181 }
182 xas_store(&xas, NULL);
183 xa_unlock(&cache->reqs);
184
185 info = req->object->ondemand;
186 /* fail OPEN request if copen format is invalid */
187 ret = kstrtol(psize, 0, &size);
188 if (ret) {
189 req->error = ret;
190 goto out;
191 }
192
193 /* fail OPEN request if daemon reports an error */
194 if (size < 0) {
195 if (!IS_ERR_VALUE(size)) {
196 req->error = -EINVAL;
197 ret = -EINVAL;
198 } else {
199 req->error = size;
200 ret = 0;
201 }
202 goto out;
203 }
204
205 spin_lock(&info->lock);
206 /*
207 * The anonymous fd was closed before copen ? Fail the request.
208 *
209 * t1 | t2
210 * ---------------------------------------------------------
211 * cachefiles_ondemand_copen
212 * req = xa_erase(&cache->reqs, id)
213 * // Anon fd is maliciously closed.
214 * cachefiles_ondemand_fd_release
215 * xa_lock(&cache->reqs)
216 * cachefiles_ondemand_set_object_close(object)
217 * xa_unlock(&cache->reqs)
218 * cachefiles_ondemand_set_object_open
219 * // No one will ever close it again.
220 * cachefiles_ondemand_daemon_read
221 * cachefiles_ondemand_select_req
222 *
223 * Get a read req but its fd is already closed. The daemon can't
224 * issue a cread ioctl with an closed fd, then hung.
225 */
226 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED) {
227 spin_unlock(&info->lock);
228 req->error = -EBADFD;
229 goto out;
230 }
231 cookie = req->object->cookie;
232 cookie->object_size = size;
233 if (size)
234 clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
235 else
236 set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
237 trace_cachefiles_ondemand_copen(req->object, id, size);
238
239 cachefiles_ondemand_set_object_open(req->object);
240 spin_unlock(&info->lock);
241 wake_up_all(&cache->daemon_pollwq);
242
243 out:
244 spin_lock(&info->lock);
245 /* Need to set object close to avoid reopen status continuing */
246 if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED)
247 cachefiles_ondemand_set_object_close(req->object);
248 spin_unlock(&info->lock);
249 complete(&req->done);
250 return ret;
251 }
252
cachefiles_ondemand_restore(struct cachefiles_cache * cache,char * args)253 int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
254 {
255 struct cachefiles_req *req;
256
257 XA_STATE(xas, &cache->reqs, 0);
258
259 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
260 return -EOPNOTSUPP;
261
262 /*
263 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
264 * requests have been processed halfway before the crash of the
265 * user daemon could be reprocessed after the recovery.
266 */
267 xas_lock(&xas);
268 xas_for_each(&xas, req, ULONG_MAX)
269 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
270 xas_unlock(&xas);
271
272 wake_up_all(&cache->daemon_pollwq);
273 return 0;
274 }
275
cachefiles_ondemand_get_fd(struct cachefiles_req * req,struct ondemand_anon_file * anon_file)276 static int cachefiles_ondemand_get_fd(struct cachefiles_req *req,
277 struct ondemand_anon_file *anon_file)
278 {
279 struct cachefiles_object *object;
280 struct cachefiles_cache *cache;
281 struct cachefiles_open *load;
282 u32 object_id;
283 int ret;
284
285 object = cachefiles_grab_object(req->object,
286 cachefiles_obj_get_ondemand_fd);
287 cache = object->volume->cache;
288
289 ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
290 XA_LIMIT(1, INT_MAX),
291 &cache->ondemand_id_next, GFP_KERNEL);
292 if (ret < 0)
293 goto err;
294
295 anon_file->fd = get_unused_fd_flags(O_WRONLY);
296 if (anon_file->fd < 0) {
297 ret = anon_file->fd;
298 goto err_free_id;
299 }
300
301 anon_file->file = anon_inode_getfile("[cachefiles]",
302 &cachefiles_ondemand_fd_fops, object, O_WRONLY);
303 if (IS_ERR(anon_file->file)) {
304 ret = PTR_ERR(anon_file->file);
305 goto err_put_fd;
306 }
307
308 spin_lock(&object->ondemand->lock);
309 if (object->ondemand->ondemand_id > 0) {
310 spin_unlock(&object->ondemand->lock);
311 /* Pair with check in cachefiles_ondemand_fd_release(). */
312 anon_file->file->private_data = NULL;
313 ret = -EEXIST;
314 goto err_put_file;
315 }
316
317 anon_file->file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
318
319 load = (void *)req->msg.data;
320 load->fd = anon_file->fd;
321 object->ondemand->ondemand_id = object_id;
322 spin_unlock(&object->ondemand->lock);
323
324 cachefiles_get_unbind_pincount(cache);
325 trace_cachefiles_ondemand_open(object, &req->msg, load);
326 return 0;
327
328 err_put_file:
329 fput(anon_file->file);
330 anon_file->file = NULL;
331 err_put_fd:
332 put_unused_fd(anon_file->fd);
333 anon_file->fd = ret;
334 err_free_id:
335 xa_erase(&cache->ondemand_ids, object_id);
336 err:
337 spin_lock(&object->ondemand->lock);
338 /* Avoid marking an opened object as closed. */
339 if (object->ondemand->ondemand_id <= 0)
340 cachefiles_ondemand_set_object_close(object);
341 spin_unlock(&object->ondemand->lock);
342 cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
343 return ret;
344 }
345
ondemand_object_worker(struct work_struct * work)346 static void ondemand_object_worker(struct work_struct *work)
347 {
348 struct cachefiles_ondemand_info *info =
349 container_of(work, struct cachefiles_ondemand_info, ondemand_work);
350
351 cachefiles_ondemand_init_object(info->object);
352 }
353
354 /*
355 * If there are any inflight or subsequent READ requests on the
356 * closed object, reopen it.
357 * Skip read requests whose related object is reopening.
358 */
cachefiles_ondemand_select_req(struct xa_state * xas,unsigned long xa_max)359 static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
360 unsigned long xa_max)
361 {
362 struct cachefiles_req *req;
363 struct cachefiles_object *object;
364 struct cachefiles_ondemand_info *info;
365
366 xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
367 if (req->msg.opcode != CACHEFILES_OP_READ)
368 return req;
369 object = req->object;
370 info = object->ondemand;
371 if (cachefiles_ondemand_object_is_close(object)) {
372 cachefiles_ondemand_set_object_reopening(object);
373 queue_work(fscache_wq, &info->ondemand_work);
374 continue;
375 }
376 if (cachefiles_ondemand_object_is_reopening(object))
377 continue;
378 return req;
379 }
380 return NULL;
381 }
382
cachefiles_ondemand_finish_req(struct cachefiles_req * req,struct xa_state * xas,int err)383 static inline bool cachefiles_ondemand_finish_req(struct cachefiles_req *req,
384 struct xa_state *xas, int err)
385 {
386 if (unlikely(!xas || !req))
387 return false;
388
389 if (xa_cmpxchg(xas->xa, xas->xa_index, req, NULL, 0) != req)
390 return false;
391
392 req->error = err;
393 complete(&req->done);
394 return true;
395 }
396
cachefiles_ondemand_daemon_read(struct cachefiles_cache * cache,char __user * _buffer,size_t buflen)397 ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
398 char __user *_buffer, size_t buflen)
399 {
400 struct cachefiles_req *req;
401 struct cachefiles_msg *msg;
402 size_t n;
403 int ret = 0;
404 struct ondemand_anon_file anon_file;
405 XA_STATE(xas, &cache->reqs, cache->req_id_next);
406
407 xa_lock(&cache->reqs);
408 /*
409 * Cyclically search for a request that has not ever been processed,
410 * to prevent requests from being processed repeatedly, and make
411 * request distribution fair.
412 */
413 req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
414 if (!req && cache->req_id_next > 0) {
415 xas_set(&xas, 0);
416 req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
417 }
418 if (!req) {
419 xa_unlock(&cache->reqs);
420 return 0;
421 }
422
423 msg = &req->msg;
424 n = msg->len;
425
426 if (n > buflen) {
427 xa_unlock(&cache->reqs);
428 return -EMSGSIZE;
429 }
430
431 xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
432 cache->req_id_next = xas.xa_index + 1;
433 refcount_inc(&req->ref);
434 cachefiles_grab_object(req->object, cachefiles_obj_get_read_req);
435 xa_unlock(&cache->reqs);
436
437 if (msg->opcode == CACHEFILES_OP_OPEN) {
438 ret = cachefiles_ondemand_get_fd(req, &anon_file);
439 if (ret)
440 goto out;
441 }
442
443 msg->msg_id = xas.xa_index;
444 msg->object_id = req->object->ondemand->ondemand_id;
445
446 if (copy_to_user(_buffer, msg, n) != 0)
447 ret = -EFAULT;
448
449 if (msg->opcode == CACHEFILES_OP_OPEN) {
450 if (ret < 0) {
451 fput(anon_file.file);
452 put_unused_fd(anon_file.fd);
453 goto out;
454 }
455 fd_install(anon_file.fd, anon_file.file);
456 }
457 out:
458 cachefiles_put_object(req->object, cachefiles_obj_put_read_req);
459 /* Remove error request and CLOSE request has no reply */
460 if (ret || msg->opcode == CACHEFILES_OP_CLOSE)
461 cachefiles_ondemand_finish_req(req, &xas, ret);
462 cachefiles_req_put(req);
463 return ret ? ret : n;
464 }
465
466 typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
467
cachefiles_ondemand_send_req(struct cachefiles_object * object,enum cachefiles_opcode opcode,size_t data_len,init_req_fn init_req,void * private)468 static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
469 enum cachefiles_opcode opcode,
470 size_t data_len,
471 init_req_fn init_req,
472 void *private)
473 {
474 struct cachefiles_cache *cache = object->volume->cache;
475 struct cachefiles_req *req = NULL;
476 XA_STATE(xas, &cache->reqs, 0);
477 int ret;
478
479 if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
480 return 0;
481
482 if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
483 ret = -EIO;
484 goto out;
485 }
486
487 req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
488 if (!req) {
489 ret = -ENOMEM;
490 goto out;
491 }
492
493 refcount_set(&req->ref, 1);
494 req->object = object;
495 init_completion(&req->done);
496 req->msg.opcode = opcode;
497 req->msg.len = sizeof(struct cachefiles_msg) + data_len;
498
499 ret = init_req(req, private);
500 if (ret)
501 goto out;
502
503 do {
504 /*
505 * Stop enqueuing the request when daemon is dying. The
506 * following two operations need to be atomic as a whole.
507 * 1) check cache state, and
508 * 2) enqueue request if cache is alive.
509 * Otherwise the request may be enqueued after xarray has been
510 * flushed, leaving the orphan request never being completed.
511 *
512 * CPU 1 CPU 2
513 * ===== =====
514 * test CACHEFILES_DEAD bit
515 * set CACHEFILES_DEAD bit
516 * flush requests in the xarray
517 * enqueue the request
518 */
519 xas_lock(&xas);
520
521 if (test_bit(CACHEFILES_DEAD, &cache->flags) ||
522 cachefiles_ondemand_object_is_dropping(object)) {
523 xas_unlock(&xas);
524 ret = -EIO;
525 goto out;
526 }
527
528 /* coupled with the barrier in cachefiles_flush_reqs() */
529 smp_mb();
530
531 if (opcode == CACHEFILES_OP_CLOSE &&
532 !cachefiles_ondemand_object_is_open(object)) {
533 WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
534 xas_unlock(&xas);
535 ret = -EIO;
536 goto out;
537 }
538
539 /*
540 * Cyclically find a free xas to avoid msg_id reuse that would
541 * cause the daemon to successfully copen a stale msg_id.
542 */
543 xas.xa_index = cache->msg_id_next;
544 xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
545 if (xas.xa_node == XAS_RESTART) {
546 xas.xa_index = 0;
547 xas_find_marked(&xas, cache->msg_id_next - 1, XA_FREE_MARK);
548 }
549 if (xas.xa_node == XAS_RESTART)
550 xas_set_err(&xas, -EBUSY);
551
552 xas_store(&xas, req);
553 if (xas_valid(&xas)) {
554 cache->msg_id_next = xas.xa_index + 1;
555 xas_clear_mark(&xas, XA_FREE_MARK);
556 xas_set_mark(&xas, CACHEFILES_REQ_NEW);
557 }
558 xas_unlock(&xas);
559 } while (xas_nomem(&xas, GFP_KERNEL));
560
561 ret = xas_error(&xas);
562 if (ret)
563 goto out;
564
565 wake_up_all(&cache->daemon_pollwq);
566 wait:
567 ret = wait_for_completion_killable(&req->done);
568 if (!ret) {
569 ret = req->error;
570 } else {
571 ret = -EINTR;
572 if (!cachefiles_ondemand_finish_req(req, &xas, ret)) {
573 /* Someone will complete it soon. */
574 cpu_relax();
575 goto wait;
576 }
577 }
578 cachefiles_req_put(req);
579 return ret;
580 out:
581 /* Reset the object to close state in error handling path.
582 * If error occurs after creating the anonymous fd,
583 * cachefiles_ondemand_fd_release() will set object to close.
584 */
585 if (opcode == CACHEFILES_OP_OPEN &&
586 !cachefiles_ondemand_object_is_dropping(object))
587 cachefiles_ondemand_set_object_close(object);
588 kfree(req);
589 return ret;
590 }
591
cachefiles_ondemand_init_open_req(struct cachefiles_req * req,void * private)592 static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
593 void *private)
594 {
595 struct cachefiles_object *object = req->object;
596 struct fscache_cookie *cookie = object->cookie;
597 struct fscache_volume *volume = object->volume->vcookie;
598 struct cachefiles_open *load = (void *)req->msg.data;
599 size_t volume_key_size, cookie_key_size;
600 void *volume_key, *cookie_key;
601
602 /*
603 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
604 * string, followed by the content of the string (excluding '\0').
605 */
606 volume_key_size = volume->key[0] + 1;
607 volume_key = volume->key + 1;
608
609 /* Cookie key is binary data, which is netfs specific. */
610 cookie_key_size = cookie->key_len;
611 cookie_key = fscache_get_key(cookie);
612
613 if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
614 pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
615 return -EINVAL;
616 }
617
618 load->volume_key_size = volume_key_size;
619 load->cookie_key_size = cookie_key_size;
620 memcpy(load->data, volume_key, volume_key_size);
621 memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
622
623 return 0;
624 }
625
cachefiles_ondemand_init_close_req(struct cachefiles_req * req,void * private)626 static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
627 void *private)
628 {
629 struct cachefiles_object *object = req->object;
630
631 if (!cachefiles_ondemand_object_is_open(object))
632 return -ENOENT;
633
634 trace_cachefiles_ondemand_close(object, &req->msg);
635 return 0;
636 }
637
638 struct cachefiles_read_ctx {
639 loff_t off;
640 size_t len;
641 };
642
cachefiles_ondemand_init_read_req(struct cachefiles_req * req,void * private)643 static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
644 void *private)
645 {
646 struct cachefiles_object *object = req->object;
647 struct cachefiles_read *load = (void *)req->msg.data;
648 struct cachefiles_read_ctx *read_ctx = private;
649
650 load->off = read_ctx->off;
651 load->len = read_ctx->len;
652 trace_cachefiles_ondemand_read(object, &req->msg, load);
653 return 0;
654 }
655
cachefiles_ondemand_init_object(struct cachefiles_object * object)656 int cachefiles_ondemand_init_object(struct cachefiles_object *object)
657 {
658 struct fscache_cookie *cookie = object->cookie;
659 struct fscache_volume *volume = object->volume->vcookie;
660 size_t volume_key_size, cookie_key_size, data_len;
661
662 if (!object->ondemand)
663 return 0;
664
665 /*
666 * CacheFiles will firstly check the cache file under the root cache
667 * directory. If the coherency check failed, it will fallback to
668 * creating a new tmpfile as the cache file. Reuse the previously
669 * allocated object ID if any.
670 */
671 if (cachefiles_ondemand_object_is_open(object))
672 return 0;
673
674 volume_key_size = volume->key[0] + 1;
675 cookie_key_size = cookie->key_len;
676 data_len = sizeof(struct cachefiles_open) +
677 volume_key_size + cookie_key_size;
678
679 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
680 data_len, cachefiles_ondemand_init_open_req, NULL);
681 }
682
cachefiles_ondemand_clean_object(struct cachefiles_object * object)683 void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
684 {
685 unsigned long index;
686 struct cachefiles_req *req;
687 struct cachefiles_cache *cache;
688
689 if (!object->ondemand)
690 return;
691
692 cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
693 cachefiles_ondemand_init_close_req, NULL);
694
695 if (!object->ondemand->ondemand_id)
696 return;
697
698 /* Cancel all requests for the object that is being dropped. */
699 cache = object->volume->cache;
700 xa_lock(&cache->reqs);
701 cachefiles_ondemand_set_object_dropping(object);
702 xa_for_each(&cache->reqs, index, req) {
703 if (req->object == object) {
704 req->error = -EIO;
705 complete(&req->done);
706 __xa_erase(&cache->reqs, index);
707 }
708 }
709 xa_unlock(&cache->reqs);
710
711 /* Wait for ondemand_object_worker() to finish to avoid UAF. */
712 cancel_work_sync(&object->ondemand->ondemand_work);
713 }
714
cachefiles_ondemand_init_obj_info(struct cachefiles_object * object,struct cachefiles_volume * volume)715 int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
716 struct cachefiles_volume *volume)
717 {
718 if (!cachefiles_in_ondemand_mode(volume->cache))
719 return 0;
720
721 object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
722 GFP_KERNEL);
723 if (!object->ondemand)
724 return -ENOMEM;
725
726 object->ondemand->object = object;
727 spin_lock_init(&object->ondemand->lock);
728 INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
729 return 0;
730 }
731
cachefiles_ondemand_deinit_obj_info(struct cachefiles_object * object)732 void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
733 {
734 kfree(object->ondemand);
735 object->ondemand = NULL;
736 }
737
cachefiles_ondemand_read(struct cachefiles_object * object,loff_t pos,size_t len)738 int cachefiles_ondemand_read(struct cachefiles_object *object,
739 loff_t pos, size_t len)
740 {
741 struct cachefiles_read_ctx read_ctx = {pos, len};
742
743 return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
744 sizeof(struct cachefiles_read),
745 cachefiles_ondemand_init_read_req, &read_ctx);
746 }
747