xref: /openbmc/linux/fs/cachefiles/ondemand.c (revision e5242c5f) 
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <linux/fdtable.h>
3 #include <linux/anon_inodes.h>
4 #include <linux/uio.h>
5 #include "internal.h"
6 
7 struct ondemand_anon_file {
8 	struct file *file;
9 	int fd;
10 };
11 
12 static inline void cachefiles_req_put(struct cachefiles_req *req)
13 {
14 	if (refcount_dec_and_test(&req->ref))
15 		kfree(req);
16 }
17 
18 static int cachefiles_ondemand_fd_release(struct inode *inode,
19 					  struct file *file)
20 {
21 	struct cachefiles_object *object = file->private_data;
22 	struct cachefiles_cache *cache;
23 	struct cachefiles_ondemand_info *info;
24 	int object_id;
25 	struct cachefiles_req *req;
26 	XA_STATE(xas, NULL, 0);
27 
28 	if (!object)
29 		return 0;
30 
31 	info = object->ondemand;
32 	cache = object->volume->cache;
33 	xas.xa = &cache->reqs;
34 
35 	xa_lock(&cache->reqs);
36 	spin_lock(&info->lock);
37 	object_id = info->ondemand_id;
38 	info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
39 	cachefiles_ondemand_set_object_close(object);
40 	spin_unlock(&info->lock);
41 
42 	/* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
43 	xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
44 		if (req->msg.object_id == object_id &&
45 		    req->msg.opcode == CACHEFILES_OP_CLOSE) {
46 			complete(&req->done);
47 			xas_store(&xas, NULL);
48 		}
49 	}
50 	xa_unlock(&cache->reqs);
51 
52 	xa_erase(&cache->ondemand_ids, object_id);
53 	trace_cachefiles_ondemand_fd_release(object, object_id);
54 	cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
55 	cachefiles_put_unbind_pincount(cache);
56 	return 0;
57 }
58 
59 static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
60 						 struct iov_iter *iter)
61 {
62 	struct cachefiles_object *object = kiocb->ki_filp->private_data;
63 	struct cachefiles_cache *cache = object->volume->cache;
64 	struct file *file = object->file;
65 	size_t len = iter->count;
66 	loff_t pos = kiocb->ki_pos;
67 	const struct cred *saved_cred;
68 	int ret;
69 
70 	if (!file)
71 		return -ENOBUFS;
72 
73 	cachefiles_begin_secure(cache, &saved_cred);
74 	ret = __cachefiles_prepare_write(object, file, &pos, &len, true);
75 	cachefiles_end_secure(cache, saved_cred);
76 	if (ret < 0)
77 		return ret;
78 
79 	trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
80 	ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
81 	if (!ret) {
82 		ret = len;
83 		kiocb->ki_pos += ret;
84 	}
85 
86 	return ret;
87 }
88 
89 static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
90 					    int whence)
91 {
92 	struct cachefiles_object *object = filp->private_data;
93 	struct file *file = object->file;
94 
95 	if (!file)
96 		return -ENOBUFS;
97 
98 	return vfs_llseek(file, pos, whence);
99 }
100 
101 static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
102 					 unsigned long id)
103 {
104 	struct cachefiles_object *object = filp->private_data;
105 	struct cachefiles_cache *cache = object->volume->cache;
106 	struct cachefiles_req *req;
107 	XA_STATE(xas, &cache->reqs, id);
108 
109 	if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
110 		return -EINVAL;
111 
112 	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
113 		return -EOPNOTSUPP;
114 
115 	xa_lock(&cache->reqs);
116 	req = xas_load(&xas);
117 	if (!req || req->msg.opcode != CACHEFILES_OP_READ ||
118 	    req->object != object) {
119 		xa_unlock(&cache->reqs);
120 		return -EINVAL;
121 	}
122 	xas_store(&xas, NULL);
123 	xa_unlock(&cache->reqs);
124 
125 	trace_cachefiles_ondemand_cread(object, id);
126 	complete(&req->done);
127 	return 0;
128 }
129 
130 static const struct file_operations cachefiles_ondemand_fd_fops = {
131 	.owner		= THIS_MODULE,
132 	.release	= cachefiles_ondemand_fd_release,
133 	.write_iter	= cachefiles_ondemand_fd_write_iter,
134 	.llseek		= cachefiles_ondemand_fd_llseek,
135 	.unlocked_ioctl	= cachefiles_ondemand_fd_ioctl,
136 };
137 
138 /*
139  * OPEN request Completion (copen)
140  * - command: "copen <id>,<cache_size>"
141  *   <cache_size> indicates the object size if >=0, error code if negative
142  */
143 int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
144 {
145 	struct cachefiles_req *req;
146 	struct fscache_cookie *cookie;
147 	struct cachefiles_ondemand_info *info;
148 	char *pid, *psize;
149 	unsigned long id;
150 	long size;
151 	int ret;
152 	XA_STATE(xas, &cache->reqs, 0);
153 
154 	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
155 		return -EOPNOTSUPP;
156 
157 	if (!*args) {
158 		pr_err("Empty id specified\n");
159 		return -EINVAL;
160 	}
161 
162 	pid = args;
163 	psize = strchr(args, ',');
164 	if (!psize) {
165 		pr_err("Cache size is not specified\n");
166 		return -EINVAL;
167 	}
168 
169 	*psize = 0;
170 	psize++;
171 
172 	ret = kstrtoul(pid, 0, &id);
173 	if (ret)
174 		return ret;
175 
176 	xa_lock(&cache->reqs);
177 	xas.xa_index = id;
178 	req = xas_load(&xas);
179 	if (!req || req->msg.opcode != CACHEFILES_OP_OPEN ||
180 	    !req->object->ondemand->ondemand_id) {
181 		xa_unlock(&cache->reqs);
182 		return -EINVAL;
183 	}
184 	xas_store(&xas, NULL);
185 	xa_unlock(&cache->reqs);
186 
187 	info = req->object->ondemand;
188 	/* fail OPEN request if copen format is invalid */
189 	ret = kstrtol(psize, 0, &size);
190 	if (ret) {
191 		req->error = ret;
192 		goto out;
193 	}
194 
195 	/* fail OPEN request if daemon reports an error */
196 	if (size < 0) {
197 		if (!IS_ERR_VALUE(size)) {
198 			req->error = -EINVAL;
199 			ret = -EINVAL;
200 		} else {
201 			req->error = size;
202 			ret = 0;
203 		}
204 		goto out;
205 	}
206 
207 	spin_lock(&info->lock);
208 	/*
209 	 * The anonymous fd was closed before copen ? Fail the request.
210 	 *
211 	 *             t1             |             t2
212 	 * ---------------------------------------------------------
213 	 *                             cachefiles_ondemand_copen
214 	 *                             req = xa_erase(&cache->reqs, id)
215 	 * // Anon fd is maliciously closed.
216 	 * cachefiles_ondemand_fd_release
217 	 * xa_lock(&cache->reqs)
218 	 * cachefiles_ondemand_set_object_close(object)
219 	 * xa_unlock(&cache->reqs)
220 	 *                             cachefiles_ondemand_set_object_open
221 	 *                             // No one will ever close it again.
222 	 * cachefiles_ondemand_daemon_read
223 	 * cachefiles_ondemand_select_req
224 	 *
225 	 * Get a read req but its fd is already closed. The daemon can't
226 	 * issue a cread ioctl with an closed fd, then hung.
227 	 */
228 	if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED) {
229 		spin_unlock(&info->lock);
230 		req->error = -EBADFD;
231 		goto out;
232 	}
233 	cookie = req->object->cookie;
234 	cookie->object_size = size;
235 	if (size)
236 		clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
237 	else
238 		set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
239 	trace_cachefiles_ondemand_copen(req->object, id, size);
240 
241 	cachefiles_ondemand_set_object_open(req->object);
242 	spin_unlock(&info->lock);
243 	wake_up_all(&cache->daemon_pollwq);
244 
245 out:
246 	spin_lock(&info->lock);
247 	/* Need to set object close to avoid reopen status continuing */
248 	if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED)
249 		cachefiles_ondemand_set_object_close(req->object);
250 	spin_unlock(&info->lock);
251 	complete(&req->done);
252 	return ret;
253 }
254 
255 int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
256 {
257 	struct cachefiles_req *req;
258 
259 	XA_STATE(xas, &cache->reqs, 0);
260 
261 	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
262 		return -EOPNOTSUPP;
263 
264 	/*
265 	 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
266 	 * requests have been processed halfway before the crash of the
267 	 * user daemon could be reprocessed after the recovery.
268 	 */
269 	xas_lock(&xas);
270 	xas_for_each(&xas, req, ULONG_MAX)
271 		xas_set_mark(&xas, CACHEFILES_REQ_NEW);
272 	xas_unlock(&xas);
273 
274 	wake_up_all(&cache->daemon_pollwq);
275 	return 0;
276 }
277 
278 static int cachefiles_ondemand_get_fd(struct cachefiles_req *req,
279 				      struct ondemand_anon_file *anon_file)
280 {
281 	struct cachefiles_object *object;
282 	struct cachefiles_cache *cache;
283 	struct cachefiles_open *load;
284 	u32 object_id;
285 	int ret;
286 
287 	object = cachefiles_grab_object(req->object,
288 			cachefiles_obj_get_ondemand_fd);
289 	cache = object->volume->cache;
290 
291 	ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
292 			      XA_LIMIT(1, INT_MAX),
293 			      &cache->ondemand_id_next, GFP_KERNEL);
294 	if (ret < 0)
295 		goto err;
296 
297 	anon_file->fd = get_unused_fd_flags(O_WRONLY);
298 	if (anon_file->fd < 0) {
299 		ret = anon_file->fd;
300 		goto err_free_id;
301 	}
302 
303 	anon_file->file = anon_inode_getfile("[cachefiles]",
304 				&cachefiles_ondemand_fd_fops, object, O_WRONLY);
305 	if (IS_ERR(anon_file->file)) {
306 		ret = PTR_ERR(anon_file->file);
307 		goto err_put_fd;
308 	}
309 
310 	spin_lock(&object->ondemand->lock);
311 	if (object->ondemand->ondemand_id > 0) {
312 		spin_unlock(&object->ondemand->lock);
313 		/* Pair with check in cachefiles_ondemand_fd_release(). */
314 		anon_file->file->private_data = NULL;
315 		ret = -EEXIST;
316 		goto err_put_file;
317 	}
318 
319 	anon_file->file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
320 
321 	load = (void *)req->msg.data;
322 	load->fd = anon_file->fd;
323 	object->ondemand->ondemand_id = object_id;
324 	spin_unlock(&object->ondemand->lock);
325 
326 	cachefiles_get_unbind_pincount(cache);
327 	trace_cachefiles_ondemand_open(object, &req->msg, load);
328 	return 0;
329 
330 err_put_file:
331 	fput(anon_file->file);
332 	anon_file->file = NULL;
333 err_put_fd:
334 	put_unused_fd(anon_file->fd);
335 	anon_file->fd = ret;
336 err_free_id:
337 	xa_erase(&cache->ondemand_ids, object_id);
338 err:
339 	spin_lock(&object->ondemand->lock);
340 	/* Avoid marking an opened object as closed. */
341 	if (object->ondemand->ondemand_id <= 0)
342 		cachefiles_ondemand_set_object_close(object);
343 	spin_unlock(&object->ondemand->lock);
344 	cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
345 	return ret;
346 }
347 
348 static void ondemand_object_worker(struct work_struct *work)
349 {
350 	struct cachefiles_ondemand_info *info =
351 		container_of(work, struct cachefiles_ondemand_info, ondemand_work);
352 
353 	cachefiles_ondemand_init_object(info->object);
354 }
355 
356 /*
357  * If there are any inflight or subsequent READ requests on the
358  * closed object, reopen it.
359  * Skip read requests whose related object is reopening.
360  */
361 static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
362 							      unsigned long xa_max)
363 {
364 	struct cachefiles_req *req;
365 	struct cachefiles_object *object;
366 	struct cachefiles_ondemand_info *info;
367 
368 	xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
369 		if (req->msg.opcode != CACHEFILES_OP_READ)
370 			return req;
371 		object = req->object;
372 		info = object->ondemand;
373 		if (cachefiles_ondemand_object_is_close(object)) {
374 			cachefiles_ondemand_set_object_reopening(object);
375 			queue_work(fscache_wq, &info->ondemand_work);
376 			continue;
377 		}
378 		if (cachefiles_ondemand_object_is_reopening(object))
379 			continue;
380 		return req;
381 	}
382 	return NULL;
383 }
384 
385 static inline bool cachefiles_ondemand_finish_req(struct cachefiles_req *req,
386 						  struct xa_state *xas, int err)
387 {
388 	if (unlikely(!xas || !req))
389 		return false;
390 
391 	if (xa_cmpxchg(xas->xa, xas->xa_index, req, NULL, 0) != req)
392 		return false;
393 
394 	req->error = err;
395 	complete(&req->done);
396 	return true;
397 }
398 
399 ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
400 					char __user *_buffer, size_t buflen)
401 {
402 	struct cachefiles_req *req;
403 	struct cachefiles_msg *msg;
404 	size_t n;
405 	int ret = 0;
406 	struct ondemand_anon_file anon_file;
407 	XA_STATE(xas, &cache->reqs, cache->req_id_next);
408 
409 	xa_lock(&cache->reqs);
410 	/*
411 	 * Cyclically search for a request that has not ever been processed,
412 	 * to prevent requests from being processed repeatedly, and make
413 	 * request distribution fair.
414 	 */
415 	req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
416 	if (!req && cache->req_id_next > 0) {
417 		xas_set(&xas, 0);
418 		req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
419 	}
420 	if (!req) {
421 		xa_unlock(&cache->reqs);
422 		return 0;
423 	}
424 
425 	msg = &req->msg;
426 	n = msg->len;
427 
428 	if (n > buflen) {
429 		xa_unlock(&cache->reqs);
430 		return -EMSGSIZE;
431 	}
432 
433 	xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
434 	cache->req_id_next = xas.xa_index + 1;
435 	refcount_inc(&req->ref);
436 	cachefiles_grab_object(req->object, cachefiles_obj_get_read_req);
437 	xa_unlock(&cache->reqs);
438 
439 	if (msg->opcode == CACHEFILES_OP_OPEN) {
440 		ret = cachefiles_ondemand_get_fd(req, &anon_file);
441 		if (ret)
442 			goto out;
443 	}
444 
445 	msg->msg_id = xas.xa_index;
446 	msg->object_id = req->object->ondemand->ondemand_id;
447 
448 	if (copy_to_user(_buffer, msg, n) != 0)
449 		ret = -EFAULT;
450 
451 	if (msg->opcode == CACHEFILES_OP_OPEN) {
452 		if (ret < 0) {
453 			fput(anon_file.file);
454 			put_unused_fd(anon_file.fd);
455 			goto out;
456 		}
457 		fd_install(anon_file.fd, anon_file.file);
458 	}
459 out:
460 	cachefiles_put_object(req->object, cachefiles_obj_put_read_req);
461 	/* Remove error request and CLOSE request has no reply */
462 	if (ret || msg->opcode == CACHEFILES_OP_CLOSE)
463 		cachefiles_ondemand_finish_req(req, &xas, ret);
464 	cachefiles_req_put(req);
465 	return ret ? ret : n;
466 }
467 
468 typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
469 
470 static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
471 					enum cachefiles_opcode opcode,
472 					size_t data_len,
473 					init_req_fn init_req,
474 					void *private)
475 {
476 	struct cachefiles_cache *cache = object->volume->cache;
477 	struct cachefiles_req *req = NULL;
478 	XA_STATE(xas, &cache->reqs, 0);
479 	int ret;
480 
481 	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
482 		return 0;
483 
484 	if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
485 		ret = -EIO;
486 		goto out;
487 	}
488 
489 	req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
490 	if (!req) {
491 		ret = -ENOMEM;
492 		goto out;
493 	}
494 
495 	refcount_set(&req->ref, 1);
496 	req->object = object;
497 	init_completion(&req->done);
498 	req->msg.opcode = opcode;
499 	req->msg.len = sizeof(struct cachefiles_msg) + data_len;
500 
501 	ret = init_req(req, private);
502 	if (ret)
503 		goto out;
504 
505 	do {
506 		/*
507 		 * Stop enqueuing the request when daemon is dying. The
508 		 * following two operations need to be atomic as a whole.
509 		 *   1) check cache state, and
510 		 *   2) enqueue request if cache is alive.
511 		 * Otherwise the request may be enqueued after xarray has been
512 		 * flushed, leaving the orphan request never being completed.
513 		 *
514 		 * CPU 1			CPU 2
515 		 * =====			=====
516 		 *				test CACHEFILES_DEAD bit
517 		 * set CACHEFILES_DEAD bit
518 		 * flush requests in the xarray
519 		 *				enqueue the request
520 		 */
521 		xas_lock(&xas);
522 
523 		if (test_bit(CACHEFILES_DEAD, &cache->flags) ||
524 		    cachefiles_ondemand_object_is_dropping(object)) {
525 			xas_unlock(&xas);
526 			ret = -EIO;
527 			goto out;
528 		}
529 
530 		/* coupled with the barrier in cachefiles_flush_reqs() */
531 		smp_mb();
532 
533 		if (opcode == CACHEFILES_OP_CLOSE &&
534 		    !cachefiles_ondemand_object_is_open(object)) {
535 			WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
536 			xas_unlock(&xas);
537 			ret = -EIO;
538 			goto out;
539 		}
540 
541 		/*
542 		 * Cyclically find a free xas to avoid msg_id reuse that would
543 		 * cause the daemon to successfully copen a stale msg_id.
544 		 */
545 		xas.xa_index = cache->msg_id_next;
546 		xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
547 		if (xas.xa_node == XAS_RESTART) {
548 			xas.xa_index = 0;
549 			xas_find_marked(&xas, cache->msg_id_next - 1, XA_FREE_MARK);
550 		}
551 		if (xas.xa_node == XAS_RESTART)
552 			xas_set_err(&xas, -EBUSY);
553 
554 		xas_store(&xas, req);
555 		if (xas_valid(&xas)) {
556 			cache->msg_id_next = xas.xa_index + 1;
557 			xas_clear_mark(&xas, XA_FREE_MARK);
558 			xas_set_mark(&xas, CACHEFILES_REQ_NEW);
559 		}
560 		xas_unlock(&xas);
561 	} while (xas_nomem(&xas, GFP_KERNEL));
562 
563 	ret = xas_error(&xas);
564 	if (ret)
565 		goto out;
566 
567 	wake_up_all(&cache->daemon_pollwq);
568 wait:
569 	ret = wait_for_completion_killable(&req->done);
570 	if (!ret) {
571 		ret = req->error;
572 	} else {
573 		ret = -EINTR;
574 		if (!cachefiles_ondemand_finish_req(req, &xas, ret)) {
575 			/* Someone will complete it soon. */
576 			cpu_relax();
577 			goto wait;
578 		}
579 	}
580 	cachefiles_req_put(req);
581 	return ret;
582 out:
583 	/* Reset the object to close state in error handling path.
584 	 * If error occurs after creating the anonymous fd,
585 	 * cachefiles_ondemand_fd_release() will set object to close.
586 	 */
587 	if (opcode == CACHEFILES_OP_OPEN &&
588 	    !cachefiles_ondemand_object_is_dropping(object))
589 		cachefiles_ondemand_set_object_close(object);
590 	kfree(req);
591 	return ret;
592 }
593 
594 static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
595 					     void *private)
596 {
597 	struct cachefiles_object *object = req->object;
598 	struct fscache_cookie *cookie = object->cookie;
599 	struct fscache_volume *volume = object->volume->vcookie;
600 	struct cachefiles_open *load = (void *)req->msg.data;
601 	size_t volume_key_size, cookie_key_size;
602 	void *volume_key, *cookie_key;
603 
604 	/*
605 	 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
606 	 * string, followed by the content of the string (excluding '\0').
607 	 */
608 	volume_key_size = volume->key[0] + 1;
609 	volume_key = volume->key + 1;
610 
611 	/* Cookie key is binary data, which is netfs specific. */
612 	cookie_key_size = cookie->key_len;
613 	cookie_key = fscache_get_key(cookie);
614 
615 	if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
616 		pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
617 		return -EINVAL;
618 	}
619 
620 	load->volume_key_size = volume_key_size;
621 	load->cookie_key_size = cookie_key_size;
622 	memcpy(load->data, volume_key, volume_key_size);
623 	memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
624 
625 	return 0;
626 }
627 
628 static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
629 					      void *private)
630 {
631 	struct cachefiles_object *object = req->object;
632 
633 	if (!cachefiles_ondemand_object_is_open(object))
634 		return -ENOENT;
635 
636 	trace_cachefiles_ondemand_close(object, &req->msg);
637 	return 0;
638 }
639 
640 struct cachefiles_read_ctx {
641 	loff_t off;
642 	size_t len;
643 };
644 
645 static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
646 					     void *private)
647 {
648 	struct cachefiles_object *object = req->object;
649 	struct cachefiles_read *load = (void *)req->msg.data;
650 	struct cachefiles_read_ctx *read_ctx = private;
651 
652 	load->off = read_ctx->off;
653 	load->len = read_ctx->len;
654 	trace_cachefiles_ondemand_read(object, &req->msg, load);
655 	return 0;
656 }
657 
658 int cachefiles_ondemand_init_object(struct cachefiles_object *object)
659 {
660 	struct fscache_cookie *cookie = object->cookie;
661 	struct fscache_volume *volume = object->volume->vcookie;
662 	size_t volume_key_size, cookie_key_size, data_len;
663 
664 	if (!object->ondemand)
665 		return 0;
666 
667 	/*
668 	 * CacheFiles will firstly check the cache file under the root cache
669 	 * directory. If the coherency check failed, it will fallback to
670 	 * creating a new tmpfile as the cache file. Reuse the previously
671 	 * allocated object ID if any.
672 	 */
673 	if (cachefiles_ondemand_object_is_open(object))
674 		return 0;
675 
676 	volume_key_size = volume->key[0] + 1;
677 	cookie_key_size = cookie->key_len;
678 	data_len = sizeof(struct cachefiles_open) +
679 		   volume_key_size + cookie_key_size;
680 
681 	return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
682 			data_len, cachefiles_ondemand_init_open_req, NULL);
683 }
684 
685 void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
686 {
687 	unsigned long index;
688 	struct cachefiles_req *req;
689 	struct cachefiles_cache *cache;
690 
691 	if (!object->ondemand)
692 		return;
693 
694 	cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
695 			cachefiles_ondemand_init_close_req, NULL);
696 
697 	if (!object->ondemand->ondemand_id)
698 		return;
699 
700 	/* Cancel all requests for the object that is being dropped. */
701 	cache = object->volume->cache;
702 	xa_lock(&cache->reqs);
703 	cachefiles_ondemand_set_object_dropping(object);
704 	xa_for_each(&cache->reqs, index, req) {
705 		if (req->object == object) {
706 			req->error = -EIO;
707 			complete(&req->done);
708 			__xa_erase(&cache->reqs, index);
709 		}
710 	}
711 	xa_unlock(&cache->reqs);
712 
713 	/* Wait for ondemand_object_worker() to finish to avoid UAF. */
714 	cancel_work_sync(&object->ondemand->ondemand_work);
715 }
716 
717 int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
718 				struct cachefiles_volume *volume)
719 {
720 	if (!cachefiles_in_ondemand_mode(volume->cache))
721 		return 0;
722 
723 	object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
724 					GFP_KERNEL);
725 	if (!object->ondemand)
726 		return -ENOMEM;
727 
728 	object->ondemand->object = object;
729 	spin_lock_init(&object->ondemand->lock);
730 	INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
731 	return 0;
732 }
733 
734 void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
735 {
736 	kfree(object->ondemand);
737 	object->ondemand = NULL;
738 }
739 
740 int cachefiles_ondemand_read(struct cachefiles_object *object,
741 			     loff_t pos, size_t len)
742 {
743 	struct cachefiles_read_ctx read_ctx = {pos, len};
744 
745 	return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
746 			sizeof(struct cachefiles_read),
747 			cachefiles_ondemand_init_read_req, &read_ctx);
748 }
749