Linux Audio

Check our new training course

Loading...
v6.8
  1// SPDX-License-Identifier: GPL-2.0-or-later
  2#include <linux/fdtable.h>
  3#include <linux/anon_inodes.h>
  4#include <linux/uio.h>
  5#include "internal.h"
  6
 
 
 
 
 
 
 
 
 
 
 
  7static int cachefiles_ondemand_fd_release(struct inode *inode,
  8					  struct file *file)
  9{
 10	struct cachefiles_object *object = file->private_data;
 11	struct cachefiles_cache *cache = object->volume->cache;
 12	struct cachefiles_ondemand_info *info = object->ondemand;
 13	int object_id = info->ondemand_id;
 14	struct cachefiles_req *req;
 15	XA_STATE(xas, &cache->reqs, 0);
 
 
 
 
 
 
 
 16
 17	xa_lock(&cache->reqs);
 
 
 18	info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
 19	cachefiles_ondemand_set_object_close(object);
 
 20
 21	/* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
 22	xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
 23		if (req->msg.object_id == object_id &&
 24		    req->msg.opcode == CACHEFILES_OP_CLOSE) {
 25			complete(&req->done);
 26			xas_store(&xas, NULL);
 27		}
 28	}
 29	xa_unlock(&cache->reqs);
 30
 31	xa_erase(&cache->ondemand_ids, object_id);
 32	trace_cachefiles_ondemand_fd_release(object, object_id);
 33	cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
 34	cachefiles_put_unbind_pincount(cache);
 35	return 0;
 36}
 37
 38static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
 39						 struct iov_iter *iter)
 40{
 41	struct cachefiles_object *object = kiocb->ki_filp->private_data;
 42	struct cachefiles_cache *cache = object->volume->cache;
 43	struct file *file = object->file;
 44	size_t len = iter->count;
 45	loff_t pos = kiocb->ki_pos;
 46	const struct cred *saved_cred;
 47	int ret;
 48
 49	if (!file)
 
 
 
 50		return -ENOBUFS;
 
 
 
 51
 52	cachefiles_begin_secure(cache, &saved_cred);
 53	ret = __cachefiles_prepare_write(object, file, &pos, &len, len, true);
 54	cachefiles_end_secure(cache, saved_cred);
 55	if (ret < 0)
 56		return ret;
 57
 58	trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
 59	ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
 60	if (!ret)
 61		ret = len;
 
 
 62
 
 
 63	return ret;
 64}
 65
 66static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
 67					    int whence)
 68{
 69	struct cachefiles_object *object = filp->private_data;
 70	struct file *file = object->file;
 
 71
 72	if (!file)
 
 
 
 73		return -ENOBUFS;
 
 
 
 74
 75	return vfs_llseek(file, pos, whence);
 
 
 
 76}
 77
 78static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
 79					 unsigned long arg)
 80{
 81	struct cachefiles_object *object = filp->private_data;
 82	struct cachefiles_cache *cache = object->volume->cache;
 83	struct cachefiles_req *req;
 84	unsigned long id;
 85
 86	if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
 87		return -EINVAL;
 88
 89	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
 90		return -EOPNOTSUPP;
 91
 92	id = arg;
 93	req = xa_erase(&cache->reqs, id);
 94	if (!req)
 
 
 95		return -EINVAL;
 
 
 
 96
 97	trace_cachefiles_ondemand_cread(object, id);
 98	complete(&req->done);
 99	return 0;
100}
101
102static const struct file_operations cachefiles_ondemand_fd_fops = {
103	.owner		= THIS_MODULE,
104	.release	= cachefiles_ondemand_fd_release,
105	.write_iter	= cachefiles_ondemand_fd_write_iter,
106	.llseek		= cachefiles_ondemand_fd_llseek,
107	.unlocked_ioctl	= cachefiles_ondemand_fd_ioctl,
108};
109
110/*
111 * OPEN request Completion (copen)
112 * - command: "copen <id>,<cache_size>"
113 *   <cache_size> indicates the object size if >=0, error code if negative
114 */
115int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
116{
117	struct cachefiles_req *req;
118	struct fscache_cookie *cookie;
 
119	char *pid, *psize;
120	unsigned long id;
121	long size;
122	int ret;
 
123
124	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
125		return -EOPNOTSUPP;
126
127	if (!*args) {
128		pr_err("Empty id specified\n");
129		return -EINVAL;
130	}
131
132	pid = args;
133	psize = strchr(args, ',');
134	if (!psize) {
135		pr_err("Cache size is not specified\n");
136		return -EINVAL;
137	}
138
139	*psize = 0;
140	psize++;
141
142	ret = kstrtoul(pid, 0, &id);
143	if (ret)
144		return ret;
145
146	req = xa_erase(&cache->reqs, id);
147	if (!req)
 
 
 
 
148		return -EINVAL;
 
 
 
149
 
150	/* fail OPEN request if copen format is invalid */
151	ret = kstrtol(psize, 0, &size);
152	if (ret) {
153		req->error = ret;
154		goto out;
155	}
156
157	/* fail OPEN request if daemon reports an error */
158	if (size < 0) {
159		if (!IS_ERR_VALUE(size)) {
160			req->error = -EINVAL;
161			ret = -EINVAL;
162		} else {
163			req->error = size;
164			ret = 0;
165		}
166		goto out;
167	}
168
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
169	cookie = req->object->cookie;
170	cookie->object_size = size;
171	if (size)
172		clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
173	else
174		set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
175	trace_cachefiles_ondemand_copen(req->object, id, size);
176
177	cachefiles_ondemand_set_object_open(req->object);
 
178	wake_up_all(&cache->daemon_pollwq);
179
180out:
 
 
 
 
 
181	complete(&req->done);
182	return ret;
183}
184
185int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
186{
187	struct cachefiles_req *req;
188
189	XA_STATE(xas, &cache->reqs, 0);
190
191	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
192		return -EOPNOTSUPP;
193
194	/*
195	 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
196	 * requests have been processed halfway before the crash of the
197	 * user daemon could be reprocessed after the recovery.
198	 */
199	xas_lock(&xas);
200	xas_for_each(&xas, req, ULONG_MAX)
201		xas_set_mark(&xas, CACHEFILES_REQ_NEW);
202	xas_unlock(&xas);
203
204	wake_up_all(&cache->daemon_pollwq);
205	return 0;
206}
207
208static int cachefiles_ondemand_get_fd(struct cachefiles_req *req)
 
209{
210	struct cachefiles_object *object;
211	struct cachefiles_cache *cache;
212	struct cachefiles_open *load;
213	struct file *file;
214	u32 object_id;
215	int ret, fd;
216
217	object = cachefiles_grab_object(req->object,
218			cachefiles_obj_get_ondemand_fd);
219	cache = object->volume->cache;
220
221	ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
222			      XA_LIMIT(1, INT_MAX),
223			      &cache->ondemand_id_next, GFP_KERNEL);
224	if (ret < 0)
225		goto err;
226
227	fd = get_unused_fd_flags(O_WRONLY);
228	if (fd < 0) {
229		ret = fd;
230		goto err_free_id;
231	}
232
233	file = anon_inode_getfile("[cachefiles]", &cachefiles_ondemand_fd_fops,
234				  object, O_WRONLY);
235	if (IS_ERR(file)) {
236		ret = PTR_ERR(file);
237		goto err_put_fd;
238	}
239
240	file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
241	fd_install(fd, file);
 
 
 
 
 
 
 
 
242
243	load = (void *)req->msg.data;
244	load->fd = fd;
245	object->ondemand->ondemand_id = object_id;
 
246
247	cachefiles_get_unbind_pincount(cache);
248	trace_cachefiles_ondemand_open(object, &req->msg, load);
249	return 0;
250
 
 
 
251err_put_fd:
252	put_unused_fd(fd);
 
253err_free_id:
254	xa_erase(&cache->ondemand_ids, object_id);
255err:
 
 
 
 
 
256	cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
257	return ret;
258}
259
260static void ondemand_object_worker(struct work_struct *work)
261{
262	struct cachefiles_ondemand_info *info =
263		container_of(work, struct cachefiles_ondemand_info, ondemand_work);
264
265	cachefiles_ondemand_init_object(info->object);
266}
267
268/*
269 * If there are any inflight or subsequent READ requests on the
270 * closed object, reopen it.
271 * Skip read requests whose related object is reopening.
272 */
273static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
274							      unsigned long xa_max)
275{
276	struct cachefiles_req *req;
277	struct cachefiles_object *object;
278	struct cachefiles_ondemand_info *info;
279
280	xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
281		if (req->msg.opcode != CACHEFILES_OP_READ)
282			return req;
283		object = req->object;
284		info = object->ondemand;
285		if (cachefiles_ondemand_object_is_close(object)) {
286			cachefiles_ondemand_set_object_reopening(object);
287			queue_work(fscache_wq, &info->ondemand_work);
288			continue;
289		}
290		if (cachefiles_ondemand_object_is_reopening(object))
291			continue;
292		return req;
293	}
294	return NULL;
295}
296
 
 
 
 
 
 
 
 
 
 
 
 
 
 
297ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
298					char __user *_buffer, size_t buflen)
299{
300	struct cachefiles_req *req;
301	struct cachefiles_msg *msg;
302	unsigned long id = 0;
303	size_t n;
304	int ret = 0;
 
305	XA_STATE(xas, &cache->reqs, cache->req_id_next);
306
307	xa_lock(&cache->reqs);
308	/*
309	 * Cyclically search for a request that has not ever been processed,
310	 * to prevent requests from being processed repeatedly, and make
311	 * request distribution fair.
312	 */
313	req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
314	if (!req && cache->req_id_next > 0) {
315		xas_set(&xas, 0);
316		req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
317	}
318	if (!req) {
319		xa_unlock(&cache->reqs);
320		return 0;
321	}
322
323	msg = &req->msg;
324	n = msg->len;
325
326	if (n > buflen) {
327		xa_unlock(&cache->reqs);
328		return -EMSGSIZE;
329	}
330
331	xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
332	cache->req_id_next = xas.xa_index + 1;
 
 
333	xa_unlock(&cache->reqs);
334
335	id = xas.xa_index;
336
337	if (msg->opcode == CACHEFILES_OP_OPEN) {
338		ret = cachefiles_ondemand_get_fd(req);
339		if (ret) {
340			cachefiles_ondemand_set_object_close(req->object);
341			goto error;
342		}
343	}
344
345	msg->msg_id = id;
346	msg->object_id = req->object->ondemand->ondemand_id;
347
348	if (copy_to_user(_buffer, msg, n) != 0) {
349		ret = -EFAULT;
350		goto err_put_fd;
351	}
352
353	/* CLOSE request has no reply */
354	if (msg->opcode == CACHEFILES_OP_CLOSE) {
355		xa_erase(&cache->reqs, id);
356		complete(&req->done);
 
 
 
357	}
358
359	return n;
360
361err_put_fd:
362	if (msg->opcode == CACHEFILES_OP_OPEN)
363		close_fd(((struct cachefiles_open *)msg->data)->fd);
364error:
365	xa_erase(&cache->reqs, id);
366	req->error = ret;
367	complete(&req->done);
368	return ret;
369}
370
371typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
372
373static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
374					enum cachefiles_opcode opcode,
375					size_t data_len,
376					init_req_fn init_req,
377					void *private)
378{
379	struct cachefiles_cache *cache = object->volume->cache;
380	struct cachefiles_req *req = NULL;
381	XA_STATE(xas, &cache->reqs, 0);
382	int ret;
383
384	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
385		return 0;
386
387	if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
388		ret = -EIO;
389		goto out;
390	}
391
392	req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
393	if (!req) {
394		ret = -ENOMEM;
395		goto out;
396	}
397
 
398	req->object = object;
399	init_completion(&req->done);
400	req->msg.opcode = opcode;
401	req->msg.len = sizeof(struct cachefiles_msg) + data_len;
402
403	ret = init_req(req, private);
404	if (ret)
405		goto out;
406
407	do {
408		/*
409		 * Stop enqueuing the request when daemon is dying. The
410		 * following two operations need to be atomic as a whole.
411		 *   1) check cache state, and
412		 *   2) enqueue request if cache is alive.
413		 * Otherwise the request may be enqueued after xarray has been
414		 * flushed, leaving the orphan request never being completed.
415		 *
416		 * CPU 1			CPU 2
417		 * =====			=====
418		 *				test CACHEFILES_DEAD bit
419		 * set CACHEFILES_DEAD bit
420		 * flush requests in the xarray
421		 *				enqueue the request
422		 */
423		xas_lock(&xas);
424
425		if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
 
426			xas_unlock(&xas);
427			ret = -EIO;
428			goto out;
429		}
430
431		/* coupled with the barrier in cachefiles_flush_reqs() */
432		smp_mb();
433
434		if (opcode == CACHEFILES_OP_CLOSE &&
435			!cachefiles_ondemand_object_is_open(object)) {
436			WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
437			xas_unlock(&xas);
438			ret = -EIO;
439			goto out;
440		}
441
442		xas.xa_index = 0;
 
 
 
 
443		xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
 
 
 
 
444		if (xas.xa_node == XAS_RESTART)
445			xas_set_err(&xas, -EBUSY);
 
446		xas_store(&xas, req);
447		xas_clear_mark(&xas, XA_FREE_MARK);
448		xas_set_mark(&xas, CACHEFILES_REQ_NEW);
 
 
 
449		xas_unlock(&xas);
450	} while (xas_nomem(&xas, GFP_KERNEL));
451
452	ret = xas_error(&xas);
453	if (ret)
454		goto out;
455
456	wake_up_all(&cache->daemon_pollwq);
457	wait_for_completion(&req->done);
458	ret = req->error;
459	kfree(req);
 
 
 
 
 
 
 
 
 
 
460	return ret;
461out:
462	/* Reset the object to close state in error handling path.
463	 * If error occurs after creating the anonymous fd,
464	 * cachefiles_ondemand_fd_release() will set object to close.
465	 */
466	if (opcode == CACHEFILES_OP_OPEN)
 
467		cachefiles_ondemand_set_object_close(object);
468	kfree(req);
469	return ret;
470}
471
472static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
473					     void *private)
474{
475	struct cachefiles_object *object = req->object;
476	struct fscache_cookie *cookie = object->cookie;
477	struct fscache_volume *volume = object->volume->vcookie;
478	struct cachefiles_open *load = (void *)req->msg.data;
479	size_t volume_key_size, cookie_key_size;
480	void *volume_key, *cookie_key;
481
482	/*
483	 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
484	 * string, followed by the content of the string (excluding '\0').
485	 */
486	volume_key_size = volume->key[0] + 1;
487	volume_key = volume->key + 1;
488
489	/* Cookie key is binary data, which is netfs specific. */
490	cookie_key_size = cookie->key_len;
491	cookie_key = fscache_get_key(cookie);
492
493	if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
494		pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
495		return -EINVAL;
496	}
497
498	load->volume_key_size = volume_key_size;
499	load->cookie_key_size = cookie_key_size;
500	memcpy(load->data, volume_key, volume_key_size);
501	memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
502
503	return 0;
504}
505
506static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
507					      void *private)
508{
509	struct cachefiles_object *object = req->object;
510
511	if (!cachefiles_ondemand_object_is_open(object))
512		return -ENOENT;
513
514	trace_cachefiles_ondemand_close(object, &req->msg);
515	return 0;
516}
517
518struct cachefiles_read_ctx {
519	loff_t off;
520	size_t len;
521};
522
523static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
524					     void *private)
525{
526	struct cachefiles_object *object = req->object;
527	struct cachefiles_read *load = (void *)req->msg.data;
528	struct cachefiles_read_ctx *read_ctx = private;
529
530	load->off = read_ctx->off;
531	load->len = read_ctx->len;
532	trace_cachefiles_ondemand_read(object, &req->msg, load);
533	return 0;
534}
535
536int cachefiles_ondemand_init_object(struct cachefiles_object *object)
537{
538	struct fscache_cookie *cookie = object->cookie;
539	struct fscache_volume *volume = object->volume->vcookie;
540	size_t volume_key_size, cookie_key_size, data_len;
541
542	if (!object->ondemand)
543		return 0;
544
545	/*
546	 * CacheFiles will firstly check the cache file under the root cache
547	 * directory. If the coherency check failed, it will fallback to
548	 * creating a new tmpfile as the cache file. Reuse the previously
549	 * allocated object ID if any.
550	 */
551	if (cachefiles_ondemand_object_is_open(object))
552		return 0;
553
554	volume_key_size = volume->key[0] + 1;
555	cookie_key_size = cookie->key_len;
556	data_len = sizeof(struct cachefiles_open) +
557		   volume_key_size + cookie_key_size;
558
559	return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
560			data_len, cachefiles_ondemand_init_open_req, NULL);
561}
562
563void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
564{
 
 
 
 
 
 
 
565	cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
566			cachefiles_ondemand_init_close_req, NULL);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
567}
568
569int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
570				struct cachefiles_volume *volume)
571{
572	if (!cachefiles_in_ondemand_mode(volume->cache))
573		return 0;
574
575	object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
576					GFP_KERNEL);
577	if (!object->ondemand)
578		return -ENOMEM;
579
580	object->ondemand->object = object;
 
581	INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
582	return 0;
583}
584
585void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
586{
587	kfree(object->ondemand);
588	object->ondemand = NULL;
589}
590
591int cachefiles_ondemand_read(struct cachefiles_object *object,
592			     loff_t pos, size_t len)
593{
594	struct cachefiles_read_ctx read_ctx = {pos, len};
595
596	return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
597			sizeof(struct cachefiles_read),
598			cachefiles_ondemand_init_read_req, &read_ctx);
599}
v6.13.7
  1// SPDX-License-Identifier: GPL-2.0-or-later
 
  2#include <linux/anon_inodes.h>
  3#include <linux/uio.h>
  4#include "internal.h"
  5
  6struct ondemand_anon_file {
  7	struct file *file;
  8	int fd;
  9};
 10
 11static inline void cachefiles_req_put(struct cachefiles_req *req)
 12{
 13	if (refcount_dec_and_test(&req->ref))
 14		kfree(req);
 15}
 16
 17static int cachefiles_ondemand_fd_release(struct inode *inode,
 18					  struct file *file)
 19{
 20	struct cachefiles_object *object = file->private_data;
 21	struct cachefiles_cache *cache;
 22	struct cachefiles_ondemand_info *info;
 23	int object_id;
 24	struct cachefiles_req *req;
 25	XA_STATE(xas, NULL, 0);
 26
 27	if (!object)
 28		return 0;
 29
 30	info = object->ondemand;
 31	cache = object->volume->cache;
 32	xas.xa = &cache->reqs;
 33
 34	xa_lock(&cache->reqs);
 35	spin_lock(&info->lock);
 36	object_id = info->ondemand_id;
 37	info->ondemand_id = CACHEFILES_ONDEMAND_ID_CLOSED;
 38	cachefiles_ondemand_set_object_close(object);
 39	spin_unlock(&info->lock);
 40
 41	/* Only flush CACHEFILES_REQ_NEW marked req to avoid race with daemon_read */
 42	xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
 43		if (req->msg.object_id == object_id &&
 44		    req->msg.opcode == CACHEFILES_OP_CLOSE) {
 45			complete(&req->done);
 46			xas_store(&xas, NULL);
 47		}
 48	}
 49	xa_unlock(&cache->reqs);
 50
 51	xa_erase(&cache->ondemand_ids, object_id);
 52	trace_cachefiles_ondemand_fd_release(object, object_id);
 53	cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
 54	cachefiles_put_unbind_pincount(cache);
 55	return 0;
 56}
 57
 58static ssize_t cachefiles_ondemand_fd_write_iter(struct kiocb *kiocb,
 59						 struct iov_iter *iter)
 60{
 61	struct cachefiles_object *object = kiocb->ki_filp->private_data;
 62	struct cachefiles_cache *cache = object->volume->cache;
 63	struct file *file;
 64	size_t len = iter->count, aligned_len = len;
 65	loff_t pos = kiocb->ki_pos;
 66	const struct cred *saved_cred;
 67	int ret;
 68
 69	spin_lock(&object->lock);
 70	file = object->file;
 71	if (!file) {
 72		spin_unlock(&object->lock);
 73		return -ENOBUFS;
 74	}
 75	get_file(file);
 76	spin_unlock(&object->lock);
 77
 78	cachefiles_begin_secure(cache, &saved_cred);
 79	ret = __cachefiles_prepare_write(object, file, &pos, &aligned_len, len, true);
 80	cachefiles_end_secure(cache, saved_cred);
 81	if (ret < 0)
 82		goto out;
 83
 84	trace_cachefiles_ondemand_fd_write(object, file_inode(file), pos, len);
 85	ret = __cachefiles_write(object, file, pos, iter, NULL, NULL);
 86	if (!ret) {
 87		ret = len;
 88		kiocb->ki_pos += ret;
 89	}
 90
 91out:
 92	fput(file);
 93	return ret;
 94}
 95
 96static loff_t cachefiles_ondemand_fd_llseek(struct file *filp, loff_t pos,
 97					    int whence)
 98{
 99	struct cachefiles_object *object = filp->private_data;
100	struct file *file;
101	loff_t ret;
102
103	spin_lock(&object->lock);
104	file = object->file;
105	if (!file) {
106		spin_unlock(&object->lock);
107		return -ENOBUFS;
108	}
109	get_file(file);
110	spin_unlock(&object->lock);
111
112	ret = vfs_llseek(file, pos, whence);
113	fput(file);
114
115	return ret;
116}
117
118static long cachefiles_ondemand_fd_ioctl(struct file *filp, unsigned int ioctl,
119					 unsigned long id)
120{
121	struct cachefiles_object *object = filp->private_data;
122	struct cachefiles_cache *cache = object->volume->cache;
123	struct cachefiles_req *req;
124	XA_STATE(xas, &cache->reqs, id);
125
126	if (ioctl != CACHEFILES_IOC_READ_COMPLETE)
127		return -EINVAL;
128
129	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
130		return -EOPNOTSUPP;
131
132	xa_lock(&cache->reqs);
133	req = xas_load(&xas);
134	if (!req || req->msg.opcode != CACHEFILES_OP_READ ||
135	    req->object != object) {
136		xa_unlock(&cache->reqs);
137		return -EINVAL;
138	}
139	xas_store(&xas, NULL);
140	xa_unlock(&cache->reqs);
141
142	trace_cachefiles_ondemand_cread(object, id);
143	complete(&req->done);
144	return 0;
145}
146
147static const struct file_operations cachefiles_ondemand_fd_fops = {
148	.owner		= THIS_MODULE,
149	.release	= cachefiles_ondemand_fd_release,
150	.write_iter	= cachefiles_ondemand_fd_write_iter,
151	.llseek		= cachefiles_ondemand_fd_llseek,
152	.unlocked_ioctl	= cachefiles_ondemand_fd_ioctl,
153};
154
155/*
156 * OPEN request Completion (copen)
157 * - command: "copen <id>,<cache_size>"
158 *   <cache_size> indicates the object size if >=0, error code if negative
159 */
160int cachefiles_ondemand_copen(struct cachefiles_cache *cache, char *args)
161{
162	struct cachefiles_req *req;
163	struct fscache_cookie *cookie;
164	struct cachefiles_ondemand_info *info;
165	char *pid, *psize;
166	unsigned long id;
167	long size;
168	int ret;
169	XA_STATE(xas, &cache->reqs, 0);
170
171	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
172		return -EOPNOTSUPP;
173
174	if (!*args) {
175		pr_err("Empty id specified\n");
176		return -EINVAL;
177	}
178
179	pid = args;
180	psize = strchr(args, ',');
181	if (!psize) {
182		pr_err("Cache size is not specified\n");
183		return -EINVAL;
184	}
185
186	*psize = 0;
187	psize++;
188
189	ret = kstrtoul(pid, 0, &id);
190	if (ret)
191		return ret;
192
193	xa_lock(&cache->reqs);
194	xas.xa_index = id;
195	req = xas_load(&xas);
196	if (!req || req->msg.opcode != CACHEFILES_OP_OPEN ||
197	    !req->object->ondemand->ondemand_id) {
198		xa_unlock(&cache->reqs);
199		return -EINVAL;
200	}
201	xas_store(&xas, NULL);
202	xa_unlock(&cache->reqs);
203
204	info = req->object->ondemand;
205	/* fail OPEN request if copen format is invalid */
206	ret = kstrtol(psize, 0, &size);
207	if (ret) {
208		req->error = ret;
209		goto out;
210	}
211
212	/* fail OPEN request if daemon reports an error */
213	if (size < 0) {
214		if (!IS_ERR_VALUE(size)) {
215			req->error = -EINVAL;
216			ret = -EINVAL;
217		} else {
218			req->error = size;
219			ret = 0;
220		}
221		goto out;
222	}
223
224	spin_lock(&info->lock);
225	/*
226	 * The anonymous fd was closed before copen ? Fail the request.
227	 *
228	 *             t1             |             t2
229	 * ---------------------------------------------------------
230	 *                             cachefiles_ondemand_copen
231	 *                             req = xa_erase(&cache->reqs, id)
232	 * // Anon fd is maliciously closed.
233	 * cachefiles_ondemand_fd_release
234	 * xa_lock(&cache->reqs)
235	 * cachefiles_ondemand_set_object_close(object)
236	 * xa_unlock(&cache->reqs)
237	 *                             cachefiles_ondemand_set_object_open
238	 *                             // No one will ever close it again.
239	 * cachefiles_ondemand_daemon_read
240	 * cachefiles_ondemand_select_req
241	 *
242	 * Get a read req but its fd is already closed. The daemon can't
243	 * issue a cread ioctl with an closed fd, then hung.
244	 */
245	if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED) {
246		spin_unlock(&info->lock);
247		req->error = -EBADFD;
248		goto out;
249	}
250	cookie = req->object->cookie;
251	cookie->object_size = size;
252	if (size)
253		clear_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
254	else
255		set_bit(FSCACHE_COOKIE_NO_DATA_TO_READ, &cookie->flags);
256	trace_cachefiles_ondemand_copen(req->object, id, size);
257
258	cachefiles_ondemand_set_object_open(req->object);
259	spin_unlock(&info->lock);
260	wake_up_all(&cache->daemon_pollwq);
261
262out:
263	spin_lock(&info->lock);
264	/* Need to set object close to avoid reopen status continuing */
265	if (info->ondemand_id == CACHEFILES_ONDEMAND_ID_CLOSED)
266		cachefiles_ondemand_set_object_close(req->object);
267	spin_unlock(&info->lock);
268	complete(&req->done);
269	return ret;
270}
271
272int cachefiles_ondemand_restore(struct cachefiles_cache *cache, char *args)
273{
274	struct cachefiles_req *req;
275
276	XA_STATE(xas, &cache->reqs, 0);
277
278	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
279		return -EOPNOTSUPP;
280
281	/*
282	 * Reset the requests to CACHEFILES_REQ_NEW state, so that the
283	 * requests have been processed halfway before the crash of the
284	 * user daemon could be reprocessed after the recovery.
285	 */
286	xas_lock(&xas);
287	xas_for_each(&xas, req, ULONG_MAX)
288		xas_set_mark(&xas, CACHEFILES_REQ_NEW);
289	xas_unlock(&xas);
290
291	wake_up_all(&cache->daemon_pollwq);
292	return 0;
293}
294
295static int cachefiles_ondemand_get_fd(struct cachefiles_req *req,
296				      struct ondemand_anon_file *anon_file)
297{
298	struct cachefiles_object *object;
299	struct cachefiles_cache *cache;
300	struct cachefiles_open *load;
 
301	u32 object_id;
302	int ret;
303
304	object = cachefiles_grab_object(req->object,
305			cachefiles_obj_get_ondemand_fd);
306	cache = object->volume->cache;
307
308	ret = xa_alloc_cyclic(&cache->ondemand_ids, &object_id, NULL,
309			      XA_LIMIT(1, INT_MAX),
310			      &cache->ondemand_id_next, GFP_KERNEL);
311	if (ret < 0)
312		goto err;
313
314	anon_file->fd = get_unused_fd_flags(O_WRONLY);
315	if (anon_file->fd < 0) {
316		ret = anon_file->fd;
317		goto err_free_id;
318	}
319
320	anon_file->file = anon_inode_getfile("[cachefiles]",
321				&cachefiles_ondemand_fd_fops, object, O_WRONLY);
322	if (IS_ERR(anon_file->file)) {
323		ret = PTR_ERR(anon_file->file);
324		goto err_put_fd;
325	}
326
327	spin_lock(&object->ondemand->lock);
328	if (object->ondemand->ondemand_id > 0) {
329		spin_unlock(&object->ondemand->lock);
330		/* Pair with check in cachefiles_ondemand_fd_release(). */
331		anon_file->file->private_data = NULL;
332		ret = -EEXIST;
333		goto err_put_file;
334	}
335
336	anon_file->file->f_mode |= FMODE_PWRITE | FMODE_LSEEK;
337
338	load = (void *)req->msg.data;
339	load->fd = anon_file->fd;
340	object->ondemand->ondemand_id = object_id;
341	spin_unlock(&object->ondemand->lock);
342
343	cachefiles_get_unbind_pincount(cache);
344	trace_cachefiles_ondemand_open(object, &req->msg, load);
345	return 0;
346
347err_put_file:
348	fput(anon_file->file);
349	anon_file->file = NULL;
350err_put_fd:
351	put_unused_fd(anon_file->fd);
352	anon_file->fd = ret;
353err_free_id:
354	xa_erase(&cache->ondemand_ids, object_id);
355err:
356	spin_lock(&object->ondemand->lock);
357	/* Avoid marking an opened object as closed. */
358	if (object->ondemand->ondemand_id <= 0)
359		cachefiles_ondemand_set_object_close(object);
360	spin_unlock(&object->ondemand->lock);
361	cachefiles_put_object(object, cachefiles_obj_put_ondemand_fd);
362	return ret;
363}
364
365static void ondemand_object_worker(struct work_struct *work)
366{
367	struct cachefiles_ondemand_info *info =
368		container_of(work, struct cachefiles_ondemand_info, ondemand_work);
369
370	cachefiles_ondemand_init_object(info->object);
371}
372
373/*
374 * If there are any inflight or subsequent READ requests on the
375 * closed object, reopen it.
376 * Skip read requests whose related object is reopening.
377 */
378static struct cachefiles_req *cachefiles_ondemand_select_req(struct xa_state *xas,
379							      unsigned long xa_max)
380{
381	struct cachefiles_req *req;
382	struct cachefiles_object *object;
383	struct cachefiles_ondemand_info *info;
384
385	xas_for_each_marked(xas, req, xa_max, CACHEFILES_REQ_NEW) {
386		if (req->msg.opcode != CACHEFILES_OP_READ)
387			return req;
388		object = req->object;
389		info = object->ondemand;
390		if (cachefiles_ondemand_object_is_close(object)) {
391			cachefiles_ondemand_set_object_reopening(object);
392			queue_work(fscache_wq, &info->ondemand_work);
393			continue;
394		}
395		if (cachefiles_ondemand_object_is_reopening(object))
396			continue;
397		return req;
398	}
399	return NULL;
400}
401
402static inline bool cachefiles_ondemand_finish_req(struct cachefiles_req *req,
403						  struct xa_state *xas, int err)
404{
405	if (unlikely(!xas || !req))
406		return false;
407
408	if (xa_cmpxchg(xas->xa, xas->xa_index, req, NULL, 0) != req)
409		return false;
410
411	req->error = err;
412	complete(&req->done);
413	return true;
414}
415
416ssize_t cachefiles_ondemand_daemon_read(struct cachefiles_cache *cache,
417					char __user *_buffer, size_t buflen)
418{
419	struct cachefiles_req *req;
420	struct cachefiles_msg *msg;
 
421	size_t n;
422	int ret = 0;
423	struct ondemand_anon_file anon_file;
424	XA_STATE(xas, &cache->reqs, cache->req_id_next);
425
426	xa_lock(&cache->reqs);
427	/*
428	 * Cyclically search for a request that has not ever been processed,
429	 * to prevent requests from being processed repeatedly, and make
430	 * request distribution fair.
431	 */
432	req = cachefiles_ondemand_select_req(&xas, ULONG_MAX);
433	if (!req && cache->req_id_next > 0) {
434		xas_set(&xas, 0);
435		req = cachefiles_ondemand_select_req(&xas, cache->req_id_next - 1);
436	}
437	if (!req) {
438		xa_unlock(&cache->reqs);
439		return 0;
440	}
441
442	msg = &req->msg;
443	n = msg->len;
444
445	if (n > buflen) {
446		xa_unlock(&cache->reqs);
447		return -EMSGSIZE;
448	}
449
450	xas_clear_mark(&xas, CACHEFILES_REQ_NEW);
451	cache->req_id_next = xas.xa_index + 1;
452	refcount_inc(&req->ref);
453	cachefiles_grab_object(req->object, cachefiles_obj_get_read_req);
454	xa_unlock(&cache->reqs);
455
 
 
456	if (msg->opcode == CACHEFILES_OP_OPEN) {
457		ret = cachefiles_ondemand_get_fd(req, &anon_file);
458		if (ret)
459			goto out;
 
 
460	}
461
462	msg->msg_id = xas.xa_index;
463	msg->object_id = req->object->ondemand->ondemand_id;
464
465	if (copy_to_user(_buffer, msg, n) != 0)
466		ret = -EFAULT;
 
 
467
468	if (msg->opcode == CACHEFILES_OP_OPEN) {
469		if (ret < 0) {
470			fput(anon_file.file);
471			put_unused_fd(anon_file.fd);
472			goto out;
473		}
474		fd_install(anon_file.fd, anon_file.file);
475	}
476out:
477	cachefiles_put_object(req->object, cachefiles_obj_put_read_req);
478	/* Remove error request and CLOSE request has no reply */
479	if (ret || msg->opcode == CACHEFILES_OP_CLOSE)
480		cachefiles_ondemand_finish_req(req, &xas, ret);
481	cachefiles_req_put(req);
482	return ret ? ret : n;
 
 
 
 
483}
484
485typedef int (*init_req_fn)(struct cachefiles_req *req, void *private);
486
487static int cachefiles_ondemand_send_req(struct cachefiles_object *object,
488					enum cachefiles_opcode opcode,
489					size_t data_len,
490					init_req_fn init_req,
491					void *private)
492{
493	struct cachefiles_cache *cache = object->volume->cache;
494	struct cachefiles_req *req = NULL;
495	XA_STATE(xas, &cache->reqs, 0);
496	int ret;
497
498	if (!test_bit(CACHEFILES_ONDEMAND_MODE, &cache->flags))
499		return 0;
500
501	if (test_bit(CACHEFILES_DEAD, &cache->flags)) {
502		ret = -EIO;
503		goto out;
504	}
505
506	req = kzalloc(sizeof(*req) + data_len, GFP_KERNEL);
507	if (!req) {
508		ret = -ENOMEM;
509		goto out;
510	}
511
512	refcount_set(&req->ref, 1);
513	req->object = object;
514	init_completion(&req->done);
515	req->msg.opcode = opcode;
516	req->msg.len = sizeof(struct cachefiles_msg) + data_len;
517
518	ret = init_req(req, private);
519	if (ret)
520		goto out;
521
522	do {
523		/*
524		 * Stop enqueuing the request when daemon is dying. The
525		 * following two operations need to be atomic as a whole.
526		 *   1) check cache state, and
527		 *   2) enqueue request if cache is alive.
528		 * Otherwise the request may be enqueued after xarray has been
529		 * flushed, leaving the orphan request never being completed.
530		 *
531		 * CPU 1			CPU 2
532		 * =====			=====
533		 *				test CACHEFILES_DEAD bit
534		 * set CACHEFILES_DEAD bit
535		 * flush requests in the xarray
536		 *				enqueue the request
537		 */
538		xas_lock(&xas);
539
540		if (test_bit(CACHEFILES_DEAD, &cache->flags) ||
541		    cachefiles_ondemand_object_is_dropping(object)) {
542			xas_unlock(&xas);
543			ret = -EIO;
544			goto out;
545		}
546
547		/* coupled with the barrier in cachefiles_flush_reqs() */
548		smp_mb();
549
550		if (opcode == CACHEFILES_OP_CLOSE &&
551		    !cachefiles_ondemand_object_is_open(object)) {
552			WARN_ON_ONCE(object->ondemand->ondemand_id == 0);
553			xas_unlock(&xas);
554			ret = -EIO;
555			goto out;
556		}
557
558		/*
559		 * Cyclically find a free xas to avoid msg_id reuse that would
560		 * cause the daemon to successfully copen a stale msg_id.
561		 */
562		xas.xa_index = cache->msg_id_next;
563		xas_find_marked(&xas, UINT_MAX, XA_FREE_MARK);
564		if (xas.xa_node == XAS_RESTART) {
565			xas.xa_index = 0;
566			xas_find_marked(&xas, cache->msg_id_next - 1, XA_FREE_MARK);
567		}
568		if (xas.xa_node == XAS_RESTART)
569			xas_set_err(&xas, -EBUSY);
570
571		xas_store(&xas, req);
572		if (xas_valid(&xas)) {
573			cache->msg_id_next = xas.xa_index + 1;
574			xas_clear_mark(&xas, XA_FREE_MARK);
575			xas_set_mark(&xas, CACHEFILES_REQ_NEW);
576		}
577		xas_unlock(&xas);
578	} while (xas_nomem(&xas, GFP_KERNEL));
579
580	ret = xas_error(&xas);
581	if (ret)
582		goto out;
583
584	wake_up_all(&cache->daemon_pollwq);
585wait:
586	ret = wait_for_completion_killable(&req->done);
587	if (!ret) {
588		ret = req->error;
589	} else {
590		ret = -EINTR;
591		if (!cachefiles_ondemand_finish_req(req, &xas, ret)) {
592			/* Someone will complete it soon. */
593			cpu_relax();
594			goto wait;
595		}
596	}
597	cachefiles_req_put(req);
598	return ret;
599out:
600	/* Reset the object to close state in error handling path.
601	 * If error occurs after creating the anonymous fd,
602	 * cachefiles_ondemand_fd_release() will set object to close.
603	 */
604	if (opcode == CACHEFILES_OP_OPEN &&
605	    !cachefiles_ondemand_object_is_dropping(object))
606		cachefiles_ondemand_set_object_close(object);
607	kfree(req);
608	return ret;
609}
610
611static int cachefiles_ondemand_init_open_req(struct cachefiles_req *req,
612					     void *private)
613{
614	struct cachefiles_object *object = req->object;
615	struct fscache_cookie *cookie = object->cookie;
616	struct fscache_volume *volume = object->volume->vcookie;
617	struct cachefiles_open *load = (void *)req->msg.data;
618	size_t volume_key_size, cookie_key_size;
619	void *volume_key, *cookie_key;
620
621	/*
622	 * Volume key is a NUL-terminated string. key[0] stores strlen() of the
623	 * string, followed by the content of the string (excluding '\0').
624	 */
625	volume_key_size = volume->key[0] + 1;
626	volume_key = volume->key + 1;
627
628	/* Cookie key is binary data, which is netfs specific. */
629	cookie_key_size = cookie->key_len;
630	cookie_key = fscache_get_key(cookie);
631
632	if (!(object->cookie->advice & FSCACHE_ADV_WANT_CACHE_SIZE)) {
633		pr_err("WANT_CACHE_SIZE is needed for on-demand mode\n");
634		return -EINVAL;
635	}
636
637	load->volume_key_size = volume_key_size;
638	load->cookie_key_size = cookie_key_size;
639	memcpy(load->data, volume_key, volume_key_size);
640	memcpy(load->data + volume_key_size, cookie_key, cookie_key_size);
641
642	return 0;
643}
644
645static int cachefiles_ondemand_init_close_req(struct cachefiles_req *req,
646					      void *private)
647{
648	struct cachefiles_object *object = req->object;
649
650	if (!cachefiles_ondemand_object_is_open(object))
651		return -ENOENT;
652
653	trace_cachefiles_ondemand_close(object, &req->msg);
654	return 0;
655}
656
657struct cachefiles_read_ctx {
658	loff_t off;
659	size_t len;
660};
661
662static int cachefiles_ondemand_init_read_req(struct cachefiles_req *req,
663					     void *private)
664{
665	struct cachefiles_object *object = req->object;
666	struct cachefiles_read *load = (void *)req->msg.data;
667	struct cachefiles_read_ctx *read_ctx = private;
668
669	load->off = read_ctx->off;
670	load->len = read_ctx->len;
671	trace_cachefiles_ondemand_read(object, &req->msg, load);
672	return 0;
673}
674
675int cachefiles_ondemand_init_object(struct cachefiles_object *object)
676{
677	struct fscache_cookie *cookie = object->cookie;
678	struct fscache_volume *volume = object->volume->vcookie;
679	size_t volume_key_size, cookie_key_size, data_len;
680
681	if (!object->ondemand)
682		return 0;
683
684	/*
685	 * CacheFiles will firstly check the cache file under the root cache
686	 * directory. If the coherency check failed, it will fallback to
687	 * creating a new tmpfile as the cache file. Reuse the previously
688	 * allocated object ID if any.
689	 */
690	if (cachefiles_ondemand_object_is_open(object))
691		return 0;
692
693	volume_key_size = volume->key[0] + 1;
694	cookie_key_size = cookie->key_len;
695	data_len = sizeof(struct cachefiles_open) +
696		   volume_key_size + cookie_key_size;
697
698	return cachefiles_ondemand_send_req(object, CACHEFILES_OP_OPEN,
699			data_len, cachefiles_ondemand_init_open_req, NULL);
700}
701
702void cachefiles_ondemand_clean_object(struct cachefiles_object *object)
703{
704	unsigned long index;
705	struct cachefiles_req *req;
706	struct cachefiles_cache *cache;
707
708	if (!object->ondemand)
709		return;
710
711	cachefiles_ondemand_send_req(object, CACHEFILES_OP_CLOSE, 0,
712			cachefiles_ondemand_init_close_req, NULL);
713
714	if (!object->ondemand->ondemand_id)
715		return;
716
717	/* Cancel all requests for the object that is being dropped. */
718	cache = object->volume->cache;
719	xa_lock(&cache->reqs);
720	cachefiles_ondemand_set_object_dropping(object);
721	xa_for_each(&cache->reqs, index, req) {
722		if (req->object == object) {
723			req->error = -EIO;
724			complete(&req->done);
725			__xa_erase(&cache->reqs, index);
726		}
727	}
728	xa_unlock(&cache->reqs);
729
730	/* Wait for ondemand_object_worker() to finish to avoid UAF. */
731	cancel_work_sync(&object->ondemand->ondemand_work);
732}
733
734int cachefiles_ondemand_init_obj_info(struct cachefiles_object *object,
735				struct cachefiles_volume *volume)
736{
737	if (!cachefiles_in_ondemand_mode(volume->cache))
738		return 0;
739
740	object->ondemand = kzalloc(sizeof(struct cachefiles_ondemand_info),
741					GFP_KERNEL);
742	if (!object->ondemand)
743		return -ENOMEM;
744
745	object->ondemand->object = object;
746	spin_lock_init(&object->ondemand->lock);
747	INIT_WORK(&object->ondemand->ondemand_work, ondemand_object_worker);
748	return 0;
749}
750
751void cachefiles_ondemand_deinit_obj_info(struct cachefiles_object *object)
752{
753	kfree(object->ondemand);
754	object->ondemand = NULL;
755}
756
757int cachefiles_ondemand_read(struct cachefiles_object *object,
758			     loff_t pos, size_t len)
759{
760	struct cachefiles_read_ctx read_ctx = {pos, len};
761
762	return cachefiles_ondemand_send_req(object, CACHEFILES_OP_READ,
763			sizeof(struct cachefiles_read),
764			cachefiles_ondemand_init_read_req, &read_ctx);
765}