]> git.ipfire.org Git - thirdparty/kernel/stable.git/blob - fs/smb/server/oplock.c
projects / thirdparty / kernel / stable.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'kvm-x86-generic-6.8' of https://github.com/kvm-x86/linux into HEAD
[thirdparty/kernel/stable.git] / fs / smb / server / oplock.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org>
4 * Copyright (C) 2018 Samsung Electronics Co., Ltd.
5 */
6
7 #include <linux/moduleparam.h>
8
9 #include "glob.h"
10 #include "oplock.h"
11
12 #include "smb_common.h"
13 #include "smbstatus.h"
14 #include "connection.h"
15 #include "mgmt/user_session.h"
16 #include "mgmt/share_config.h"
17 #include "mgmt/tree_connect.h"
18
19 static LIST_HEAD(lease_table_list);
20 static DEFINE_RWLOCK(lease_list_lock);
21
22 /**
23 * alloc_opinfo() - allocate a new opinfo object for oplock info
24 * @work: smb work
25 * @id: fid of open file
26 * @Tid: tree id of connection
27 *
28 * Return: allocated opinfo object on success, otherwise NULL
29 */
30 static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
31 u64 id, __u16 Tid)
32 {
33 struct ksmbd_conn *conn = work->conn;
34 struct ksmbd_session *sess = work->sess;
35 struct oplock_info *opinfo;
36
37 opinfo = kzalloc(sizeof(struct oplock_info), GFP_KERNEL);
38 if (!opinfo)
39 return NULL;
40
41 opinfo->sess = sess;
42 opinfo->conn = conn;
43 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
44 opinfo->op_state = OPLOCK_STATE_NONE;
45 opinfo->pending_break = 0;
46 opinfo->fid = id;
47 opinfo->Tid = Tid;
48 INIT_LIST_HEAD(&opinfo->op_entry);
49 INIT_LIST_HEAD(&opinfo->interim_list);
50 init_waitqueue_head(&opinfo->oplock_q);
51 init_waitqueue_head(&opinfo->oplock_brk);
52 atomic_set(&opinfo->refcount, 1);
53 atomic_set(&opinfo->breaking_cnt, 0);
54
55 return opinfo;
56 }
57
58 static void lease_add_list(struct oplock_info *opinfo)
59 {
60 struct lease_table *lb = opinfo->o_lease->l_lb;
61
62 spin_lock(&lb->lb_lock);
63 list_add_rcu(&opinfo->lease_entry, &lb->lease_list);
64 spin_unlock(&lb->lb_lock);
65 }
66
67 static void lease_del_list(struct oplock_info *opinfo)
68 {
69 struct lease_table *lb = opinfo->o_lease->l_lb;
70
71 if (!lb)
72 return;
73
74 spin_lock(&lb->lb_lock);
75 if (list_empty(&opinfo->lease_entry)) {
76 spin_unlock(&lb->lb_lock);
77 return;
78 }
79
80 list_del_init(&opinfo->lease_entry);
81 opinfo->o_lease->l_lb = NULL;
82 spin_unlock(&lb->lb_lock);
83 }
84
85 static void lb_add(struct lease_table *lb)
86 {
87 write_lock(&lease_list_lock);
88 list_add(&lb->l_entry, &lease_table_list);
89 write_unlock(&lease_list_lock);
90 }
91
92 static int alloc_lease(struct oplock_info *opinfo, struct lease_ctx_info *lctx)
93 {
94 struct lease *lease;
95
96 lease = kmalloc(sizeof(struct lease), GFP_KERNEL);
97 if (!lease)
98 return -ENOMEM;
99
100 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
101 lease->state = lctx->req_state;
102 lease->new_state = 0;
103 lease->flags = lctx->flags;
104 lease->duration = lctx->duration;
105 lease->is_dir = lctx->is_dir;
106 memcpy(lease->parent_lease_key, lctx->parent_lease_key, SMB2_LEASE_KEY_SIZE);
107 lease->version = lctx->version;
108 lease->epoch = le16_to_cpu(lctx->epoch);
109 INIT_LIST_HEAD(&opinfo->lease_entry);
110 opinfo->o_lease = lease;
111
112 return 0;
113 }
114
115 static void free_lease(struct oplock_info *opinfo)
116 {
117 struct lease *lease;
118
119 lease = opinfo->o_lease;
120 kfree(lease);
121 }
122
123 static void free_opinfo(struct oplock_info *opinfo)
124 {
125 if (opinfo->is_lease)
126 free_lease(opinfo);
127 kfree(opinfo);
128 }
129
130 static inline void opinfo_free_rcu(struct rcu_head *rcu_head)
131 {
132 struct oplock_info *opinfo;
133
134 opinfo = container_of(rcu_head, struct oplock_info, rcu_head);
135 free_opinfo(opinfo);
136 }
137
138 struct oplock_info *opinfo_get(struct ksmbd_file *fp)
139 {
140 struct oplock_info *opinfo;
141
142 rcu_read_lock();
143 opinfo = rcu_dereference(fp->f_opinfo);
144 if (opinfo && !atomic_inc_not_zero(&opinfo->refcount))
145 opinfo = NULL;
146 rcu_read_unlock();
147
148 return opinfo;
149 }
150
151 static struct oplock_info *opinfo_get_list(struct ksmbd_inode *ci)
152 {
153 struct oplock_info *opinfo;
154
155 if (list_empty(&ci->m_op_list))
156 return NULL;
157
158 rcu_read_lock();
159 opinfo = list_first_or_null_rcu(&ci->m_op_list, struct oplock_info,
160 op_entry);
161 if (opinfo) {
162 if (!atomic_inc_not_zero(&opinfo->refcount))
163 opinfo = NULL;
164 else {
165 atomic_inc(&opinfo->conn->r_count);
166 if (ksmbd_conn_releasing(opinfo->conn)) {
167 atomic_dec(&opinfo->conn->r_count);
168 atomic_dec(&opinfo->refcount);
169 opinfo = NULL;
170 }
171 }
172 }
173
174 rcu_read_unlock();
175
176 return opinfo;
177 }
178
179 static void opinfo_conn_put(struct oplock_info *opinfo)
180 {
181 struct ksmbd_conn *conn;
182
183 if (!opinfo)
184 return;
185
186 conn = opinfo->conn;
187 /*
188 * Checking waitqueue to dropping pending requests on
189 * disconnection. waitqueue_active is safe because it
190 * uses atomic operation for condition.
191 */
192 if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q))
193 wake_up(&conn->r_count_q);
194 opinfo_put(opinfo);
195 }
196
197 void opinfo_put(struct oplock_info *opinfo)
198 {
199 if (!atomic_dec_and_test(&opinfo->refcount))
200 return;
201
202 call_rcu(&opinfo->rcu_head, opinfo_free_rcu);
203 }
204
205 static void opinfo_add(struct oplock_info *opinfo)
206 {
207 struct ksmbd_inode *ci = opinfo->o_fp->f_ci;
208
209 write_lock(&ci->m_lock);
210 list_add_rcu(&opinfo->op_entry, &ci->m_op_list);
211 write_unlock(&ci->m_lock);
212 }
213
214 static void opinfo_del(struct oplock_info *opinfo)
215 {
216 struct ksmbd_inode *ci = opinfo->o_fp->f_ci;
217
218 if (opinfo->is_lease) {
219 write_lock(&lease_list_lock);
220 lease_del_list(opinfo);
221 write_unlock(&lease_list_lock);
222 }
223 write_lock(&ci->m_lock);
224 list_del_rcu(&opinfo->op_entry);
225 write_unlock(&ci->m_lock);
226 }
227
228 static unsigned long opinfo_count(struct ksmbd_file *fp)
229 {
230 if (ksmbd_stream_fd(fp))
231 return atomic_read(&fp->f_ci->sop_count);
232 else
233 return atomic_read(&fp->f_ci->op_count);
234 }
235
236 static void opinfo_count_inc(struct ksmbd_file *fp)
237 {
238 if (ksmbd_stream_fd(fp))
239 return atomic_inc(&fp->f_ci->sop_count);
240 else
241 return atomic_inc(&fp->f_ci->op_count);
242 }
243
244 static void opinfo_count_dec(struct ksmbd_file *fp)
245 {
246 if (ksmbd_stream_fd(fp))
247 return atomic_dec(&fp->f_ci->sop_count);
248 else
249 return atomic_dec(&fp->f_ci->op_count);
250 }
251
252 /**
253 * opinfo_write_to_read() - convert a write oplock to read oplock
254 * @opinfo: current oplock info
255 *
256 * Return: 0 on success, otherwise -EINVAL
257 */
258 int opinfo_write_to_read(struct oplock_info *opinfo)
259 {
260 struct lease *lease = opinfo->o_lease;
261
262 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
263 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
264 pr_err("bad oplock(0x%x)\n", opinfo->level);
265 if (opinfo->is_lease)
266 pr_err("lease state(0x%x)\n", lease->state);
267 return -EINVAL;
268 }
269 opinfo->level = SMB2_OPLOCK_LEVEL_II;
270
271 if (opinfo->is_lease)
272 lease->state = lease->new_state;
273 return 0;
274 }
275
276 /**
277 * opinfo_read_handle_to_read() - convert a read/handle oplock to read oplock
278 * @opinfo: current oplock info
279 *
280 * Return: 0 on success, otherwise -EINVAL
281 */
282 int opinfo_read_handle_to_read(struct oplock_info *opinfo)
283 {
284 struct lease *lease = opinfo->o_lease;
285
286 lease->state = lease->new_state;
287 opinfo->level = SMB2_OPLOCK_LEVEL_II;
288 return 0;
289 }
290
291 /**
292 * opinfo_write_to_none() - convert a write oplock to none
293 * @opinfo: current oplock info
294 *
295 * Return: 0 on success, otherwise -EINVAL
296 */
297 int opinfo_write_to_none(struct oplock_info *opinfo)
298 {
299 struct lease *lease = opinfo->o_lease;
300
301 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
302 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
303 pr_err("bad oplock(0x%x)\n", opinfo->level);
304 if (opinfo->is_lease)
305 pr_err("lease state(0x%x)\n", lease->state);
306 return -EINVAL;
307 }
308 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
309 if (opinfo->is_lease)
310 lease->state = lease->new_state;
311 return 0;
312 }
313
314 /**
315 * opinfo_read_to_none() - convert a write read to none
316 * @opinfo: current oplock info
317 *
318 * Return: 0 on success, otherwise -EINVAL
319 */
320 int opinfo_read_to_none(struct oplock_info *opinfo)
321 {
322 struct lease *lease = opinfo->o_lease;
323
324 if (opinfo->level != SMB2_OPLOCK_LEVEL_II) {
325 pr_err("bad oplock(0x%x)\n", opinfo->level);
326 if (opinfo->is_lease)
327 pr_err("lease state(0x%x)\n", lease->state);
328 return -EINVAL;
329 }
330 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
331 if (opinfo->is_lease)
332 lease->state = lease->new_state;
333 return 0;
334 }
335
336 /**
337 * lease_read_to_write() - upgrade lease state from read to write
338 * @opinfo: current lease info
339 *
340 * Return: 0 on success, otherwise -EINVAL
341 */
342 int lease_read_to_write(struct oplock_info *opinfo)
343 {
344 struct lease *lease = opinfo->o_lease;
345
346 if (!(lease->state & SMB2_LEASE_READ_CACHING_LE)) {
347 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state);
348 return -EINVAL;
349 }
350
351 lease->new_state = SMB2_LEASE_NONE_LE;
352 lease->state |= SMB2_LEASE_WRITE_CACHING_LE;
353 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
354 opinfo->level = SMB2_OPLOCK_LEVEL_BATCH;
355 else
356 opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
357 return 0;
358 }
359
360 /**
361 * lease_none_upgrade() - upgrade lease state from none
362 * @opinfo: current lease info
363 * @new_state: new lease state
364 *
365 * Return: 0 on success, otherwise -EINVAL
366 */
367 static int lease_none_upgrade(struct oplock_info *opinfo, __le32 new_state)
368 {
369 struct lease *lease = opinfo->o_lease;
370
371 if (!(lease->state == SMB2_LEASE_NONE_LE)) {
372 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state);
373 return -EINVAL;
374 }
375
376 lease->new_state = SMB2_LEASE_NONE_LE;
377 lease->state = new_state;
378 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
379 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
380 opinfo->level = SMB2_OPLOCK_LEVEL_BATCH;
381 else
382 opinfo->level = SMB2_OPLOCK_LEVEL_II;
383 else if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
384 opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
385 else if (lease->state & SMB2_LEASE_READ_CACHING_LE)
386 opinfo->level = SMB2_OPLOCK_LEVEL_II;
387
388 return 0;
389 }
390
391 /**
392 * close_id_del_oplock() - release oplock object at file close time
393 * @fp: ksmbd file pointer
394 */
395 void close_id_del_oplock(struct ksmbd_file *fp)
396 {
397 struct oplock_info *opinfo;
398
399 if (fp->reserve_lease_break)
400 smb_lazy_parent_lease_break_close(fp);
401
402 opinfo = opinfo_get(fp);
403 if (!opinfo)
404 return;
405
406 opinfo_del(opinfo);
407
408 rcu_assign_pointer(fp->f_opinfo, NULL);
409 if (opinfo->op_state == OPLOCK_ACK_WAIT) {
410 opinfo->op_state = OPLOCK_CLOSING;
411 wake_up_interruptible_all(&opinfo->oplock_q);
412 if (opinfo->is_lease) {
413 atomic_set(&opinfo->breaking_cnt, 0);
414 wake_up_interruptible_all(&opinfo->oplock_brk);
415 }
416 }
417
418 opinfo_count_dec(fp);
419 atomic_dec(&opinfo->refcount);
420 opinfo_put(opinfo);
421 }
422
423 /**
424 * grant_write_oplock() - grant exclusive/batch oplock or write lease
425 * @opinfo_new: new oplock info object
426 * @req_oplock: request oplock
427 * @lctx: lease context information
428 *
429 * Return: 0
430 */
431 static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
432 struct lease_ctx_info *lctx)
433 {
434 struct lease *lease = opinfo_new->o_lease;
435
436 if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH)
437 opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH;
438 else
439 opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
440
441 if (lctx) {
442 lease->state = lctx->req_state;
443 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
444 }
445 }
446
447 /**
448 * grant_read_oplock() - grant level2 oplock or read lease
449 * @opinfo_new: new oplock info object
450 * @lctx: lease context information
451 *
452 * Return: 0
453 */
454 static void grant_read_oplock(struct oplock_info *opinfo_new,
455 struct lease_ctx_info *lctx)
456 {
457 struct lease *lease = opinfo_new->o_lease;
458
459 opinfo_new->level = SMB2_OPLOCK_LEVEL_II;
460
461 if (lctx) {
462 lease->state = SMB2_LEASE_READ_CACHING_LE;
463 if (lctx->req_state & SMB2_LEASE_HANDLE_CACHING_LE)
464 lease->state |= SMB2_LEASE_HANDLE_CACHING_LE;
465 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
466 }
467 }
468
469 /**
470 * grant_none_oplock() - grant none oplock or none lease
471 * @opinfo_new: new oplock info object
472 * @lctx: lease context information
473 *
474 * Return: 0
475 */
476 static void grant_none_oplock(struct oplock_info *opinfo_new,
477 struct lease_ctx_info *lctx)
478 {
479 struct lease *lease = opinfo_new->o_lease;
480
481 opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE;
482
483 if (lctx) {
484 lease->state = 0;
485 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
486 }
487 }
488
489 static inline int compare_guid_key(struct oplock_info *opinfo,
490 const char *guid1, const char *key1)
491 {
492 const char *guid2, *key2;
493
494 guid2 = opinfo->conn->ClientGUID;
495 key2 = opinfo->o_lease->lease_key;
496 if (!memcmp(guid1, guid2, SMB2_CLIENT_GUID_SIZE) &&
497 !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE))
498 return 1;
499
500 return 0;
501 }
502
503 /**
504 * same_client_has_lease() - check whether current lease request is
505 * from lease owner of file
506 * @ci: master file pointer
507 * @client_guid: Client GUID
508 * @lctx: lease context information
509 *
510 * Return: oplock(lease) object on success, otherwise NULL
511 */
512 static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
513 char *client_guid,
514 struct lease_ctx_info *lctx)
515 {
516 int ret;
517 struct lease *lease;
518 struct oplock_info *opinfo;
519 struct oplock_info *m_opinfo = NULL;
520
521 if (!lctx)
522 return NULL;
523
524 /*
525 * Compare lease key and client_guid to know request from same owner
526 * of same client
527 */
528 read_lock(&ci->m_lock);
529 list_for_each_entry(opinfo, &ci->m_op_list, op_entry) {
530 if (!opinfo->is_lease)
531 continue;
532 read_unlock(&ci->m_lock);
533 lease = opinfo->o_lease;
534
535 ret = compare_guid_key(opinfo, client_guid, lctx->lease_key);
536 if (ret) {
537 m_opinfo = opinfo;
538 /* skip upgrading lease about breaking lease */
539 if (atomic_read(&opinfo->breaking_cnt)) {
540 read_lock(&ci->m_lock);
541 continue;
542 }
543
544 /* upgrading lease */
545 if ((atomic_read(&ci->op_count) +
546 atomic_read(&ci->sop_count)) == 1) {
547 if (lease->state != SMB2_LEASE_NONE_LE &&
548 lease->state == (lctx->req_state & lease->state)) {
549 lease->state |= lctx->req_state;
550 if (lctx->req_state &
551 SMB2_LEASE_WRITE_CACHING_LE)
552 lease_read_to_write(opinfo);
553
554 }
555 } else if ((atomic_read(&ci->op_count) +
556 atomic_read(&ci->sop_count)) > 1) {
557 if (lctx->req_state ==
558 (SMB2_LEASE_READ_CACHING_LE |
559 SMB2_LEASE_HANDLE_CACHING_LE))
560 lease->state = lctx->req_state;
561 }
562
563 if (lctx->req_state && lease->state ==
564 SMB2_LEASE_NONE_LE)
565 lease_none_upgrade(opinfo, lctx->req_state);
566 }
567 read_lock(&ci->m_lock);
568 }
569 read_unlock(&ci->m_lock);
570
571 return m_opinfo;
572 }
573
574 static void wait_for_break_ack(struct oplock_info *opinfo)
575 {
576 int rc = 0;
577
578 rc = wait_event_interruptible_timeout(opinfo->oplock_q,
579 opinfo->op_state == OPLOCK_STATE_NONE ||
580 opinfo->op_state == OPLOCK_CLOSING,
581 OPLOCK_WAIT_TIME);
582
583 /* is this a timeout ? */
584 if (!rc) {
585 if (opinfo->is_lease)
586 opinfo->o_lease->state = SMB2_LEASE_NONE_LE;
587 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
588 opinfo->op_state = OPLOCK_STATE_NONE;
589 }
590 }
591
592 static void wake_up_oplock_break(struct oplock_info *opinfo)
593 {
594 clear_bit_unlock(0, &opinfo->pending_break);
595 /* memory barrier is needed for wake_up_bit() */
596 smp_mb__after_atomic();
597 wake_up_bit(&opinfo->pending_break, 0);
598 }
599
600 static int oplock_break_pending(struct oplock_info *opinfo, int req_op_level)
601 {
602 while (test_and_set_bit(0, &opinfo->pending_break)) {
603 wait_on_bit(&opinfo->pending_break, 0, TASK_UNINTERRUPTIBLE);
604
605 /* Not immediately break to none. */
606 opinfo->open_trunc = 0;
607
608 if (opinfo->op_state == OPLOCK_CLOSING)
609 return -ENOENT;
610 else if (!opinfo->is_lease && opinfo->level <= req_op_level)
611 return 1;
612 }
613
614 if (!opinfo->is_lease && opinfo->level <= req_op_level) {
615 wake_up_oplock_break(opinfo);
616 return 1;
617 }
618 return 0;
619 }
620
621 /**
622 * __smb2_oplock_break_noti() - send smb2 oplock break cmd from conn
623 * to client
624 * @wk: smb work object
625 *
626 * There are two ways this function can be called. 1- while file open we break
627 * from exclusive/batch lock to levelII oplock and 2- while file write/truncate
628 * we break from levelII oplock no oplock.
629 * work->request_buf contains oplock_info.
630 */
631 static void __smb2_oplock_break_noti(struct work_struct *wk)
632 {
633 struct smb2_oplock_break *rsp = NULL;
634 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
635 struct oplock_break_info *br_info = work->request_buf;
636 struct smb2_hdr *rsp_hdr;
637 struct ksmbd_file *fp;
638
639 fp = ksmbd_lookup_durable_fd(br_info->fid);
640 if (!fp)
641 goto out;
642
643 if (allocate_interim_rsp_buf(work)) {
644 pr_err("smb2_allocate_rsp_buf failed! ");
645 ksmbd_fd_put(work, fp);
646 goto out;
647 }
648
649 rsp_hdr = smb2_get_msg(work->response_buf);
650 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
651 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
652 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
653 rsp_hdr->CreditRequest = cpu_to_le16(0);
654 rsp_hdr->Command = SMB2_OPLOCK_BREAK;
655 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
656 rsp_hdr->NextCommand = 0;
657 rsp_hdr->MessageId = cpu_to_le64(-1);
658 rsp_hdr->Id.SyncId.ProcessId = 0;
659 rsp_hdr->Id.SyncId.TreeId = 0;
660 rsp_hdr->SessionId = 0;
661 memset(rsp_hdr->Signature, 0, 16);
662
663 rsp = smb2_get_msg(work->response_buf);
664
665 rsp->StructureSize = cpu_to_le16(24);
666 if (!br_info->open_trunc &&
667 (br_info->level == SMB2_OPLOCK_LEVEL_BATCH ||
668 br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
669 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_II;
670 else
671 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE;
672 rsp->Reserved = 0;
673 rsp->Reserved2 = 0;
674 rsp->PersistentFid = fp->persistent_id;
675 rsp->VolatileFid = fp->volatile_id;
676
677 ksmbd_fd_put(work, fp);
678 if (ksmbd_iov_pin_rsp(work, (void *)rsp,
679 sizeof(struct smb2_oplock_break)))
680 goto out;
681
682 ksmbd_debug(OPLOCK,
683 "sending oplock break v_id %llu p_id = %llu lock level = %d\n",
684 rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel);
685
686 ksmbd_conn_write(work);
687
688 out:
689 ksmbd_free_work_struct(work);
690 }
691
692 /**
693 * smb2_oplock_break_noti() - send smb2 exclusive/batch to level2 oplock
694 * break command from server to client
695 * @opinfo: oplock info object
696 *
697 * Return: 0 on success, otherwise error
698 */
699 static int smb2_oplock_break_noti(struct oplock_info *opinfo)
700 {
701 struct ksmbd_conn *conn = opinfo->conn;
702 struct oplock_break_info *br_info;
703 int ret = 0;
704 struct ksmbd_work *work = ksmbd_alloc_work_struct();
705
706 if (!work)
707 return -ENOMEM;
708
709 br_info = kmalloc(sizeof(struct oplock_break_info), GFP_KERNEL);
710 if (!br_info) {
711 ksmbd_free_work_struct(work);
712 return -ENOMEM;
713 }
714
715 br_info->level = opinfo->level;
716 br_info->fid = opinfo->fid;
717 br_info->open_trunc = opinfo->open_trunc;
718
719 work->request_buf = (char *)br_info;
720 work->conn = conn;
721 work->sess = opinfo->sess;
722
723 if (opinfo->op_state == OPLOCK_ACK_WAIT) {
724 INIT_WORK(&work->work, __smb2_oplock_break_noti);
725 ksmbd_queue_work(work);
726
727 wait_for_break_ack(opinfo);
728 } else {
729 __smb2_oplock_break_noti(&work->work);
730 if (opinfo->level == SMB2_OPLOCK_LEVEL_II)
731 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
732 }
733 return ret;
734 }
735
736 /**
737 * __smb2_lease_break_noti() - send lease break command from server
738 * to client
739 * @wk: smb work object
740 */
741 static void __smb2_lease_break_noti(struct work_struct *wk)
742 {
743 struct smb2_lease_break *rsp = NULL;
744 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
745 struct lease_break_info *br_info = work->request_buf;
746 struct smb2_hdr *rsp_hdr;
747
748 if (allocate_interim_rsp_buf(work)) {
749 ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! ");
750 goto out;
751 }
752
753 rsp_hdr = smb2_get_msg(work->response_buf);
754 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
755 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
756 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
757 rsp_hdr->CreditRequest = cpu_to_le16(0);
758 rsp_hdr->Command = SMB2_OPLOCK_BREAK;
759 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
760 rsp_hdr->NextCommand = 0;
761 rsp_hdr->MessageId = cpu_to_le64(-1);
762 rsp_hdr->Id.SyncId.ProcessId = 0;
763 rsp_hdr->Id.SyncId.TreeId = 0;
764 rsp_hdr->SessionId = 0;
765 memset(rsp_hdr->Signature, 0, 16);
766
767 rsp = smb2_get_msg(work->response_buf);
768 rsp->StructureSize = cpu_to_le16(44);
769 rsp->Epoch = br_info->epoch;
770 rsp->Flags = 0;
771
772 if (br_info->curr_state & (SMB2_LEASE_WRITE_CACHING_LE |
773 SMB2_LEASE_HANDLE_CACHING_LE))
774 rsp->Flags = SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED;
775
776 memcpy(rsp->LeaseKey, br_info->lease_key, SMB2_LEASE_KEY_SIZE);
777 rsp->CurrentLeaseState = br_info->curr_state;
778 rsp->NewLeaseState = br_info->new_state;
779 rsp->BreakReason = 0;
780 rsp->AccessMaskHint = 0;
781 rsp->ShareMaskHint = 0;
782
783 if (ksmbd_iov_pin_rsp(work, (void *)rsp,
784 sizeof(struct smb2_lease_break)))
785 goto out;
786
787 ksmbd_conn_write(work);
788
789 out:
790 ksmbd_free_work_struct(work);
791 }
792
793 /**
794 * smb2_lease_break_noti() - break lease when a new client request
795 * write lease
796 * @opinfo: conains lease state information
797 *
798 * Return: 0 on success, otherwise error
799 */
800 static int smb2_lease_break_noti(struct oplock_info *opinfo)
801 {
802 struct ksmbd_conn *conn = opinfo->conn;
803 struct list_head *tmp, *t;
804 struct ksmbd_work *work;
805 struct lease_break_info *br_info;
806 struct lease *lease = opinfo->o_lease;
807
808 work = ksmbd_alloc_work_struct();
809 if (!work)
810 return -ENOMEM;
811
812 br_info = kmalloc(sizeof(struct lease_break_info), GFP_KERNEL);
813 if (!br_info) {
814 ksmbd_free_work_struct(work);
815 return -ENOMEM;
816 }
817
818 br_info->curr_state = lease->state;
819 br_info->new_state = lease->new_state;
820 if (lease->version == 2)
821 br_info->epoch = cpu_to_le16(++lease->epoch);
822 else
823 br_info->epoch = 0;
824 memcpy(br_info->lease_key, lease->lease_key, SMB2_LEASE_KEY_SIZE);
825
826 work->request_buf = (char *)br_info;
827 work->conn = conn;
828 work->sess = opinfo->sess;
829
830 if (opinfo->op_state == OPLOCK_ACK_WAIT) {
831 list_for_each_safe(tmp, t, &opinfo->interim_list) {
832 struct ksmbd_work *in_work;
833
834 in_work = list_entry(tmp, struct ksmbd_work,
835 interim_entry);
836 setup_async_work(in_work, NULL, NULL);
837 smb2_send_interim_resp(in_work, STATUS_PENDING);
838 list_del_init(&in_work->interim_entry);
839 release_async_work(in_work);
840 }
841 INIT_WORK(&work->work, __smb2_lease_break_noti);
842 ksmbd_queue_work(work);
843 wait_for_break_ack(opinfo);
844 } else {
845 __smb2_lease_break_noti(&work->work);
846 if (opinfo->o_lease->new_state == SMB2_LEASE_NONE_LE) {
847 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
848 opinfo->o_lease->state = SMB2_LEASE_NONE_LE;
849 }
850 }
851 return 0;
852 }
853
854 static void wait_lease_breaking(struct oplock_info *opinfo)
855 {
856 if (!opinfo->is_lease)
857 return;
858
859 wake_up_interruptible_all(&opinfo->oplock_brk);
860 if (atomic_read(&opinfo->breaking_cnt)) {
861 int ret = 0;
862
863 ret = wait_event_interruptible_timeout(opinfo->oplock_brk,
864 atomic_read(&opinfo->breaking_cnt) == 0,
865 HZ);
866 if (!ret)
867 atomic_set(&opinfo->breaking_cnt, 0);
868 }
869 }
870
871 static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level)
872 {
873 int err = 0;
874
875 /* Need to break exclusive/batch oplock, write lease or overwrite_if */
876 ksmbd_debug(OPLOCK,
877 "request to send oplock(level : 0x%x) break notification\n",
878 brk_opinfo->level);
879
880 if (brk_opinfo->is_lease) {
881 struct lease *lease = brk_opinfo->o_lease;
882
883 atomic_inc(&brk_opinfo->breaking_cnt);
884
885 err = oplock_break_pending(brk_opinfo, req_op_level);
886 if (err)
887 return err < 0 ? err : 0;
888
889 if (brk_opinfo->open_trunc) {
890 /*
891 * Create overwrite break trigger the lease break to
892 * none.
893 */
894 lease->new_state = SMB2_LEASE_NONE_LE;
895 } else {
896 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) {
897 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
898 lease->new_state =
899 SMB2_LEASE_READ_CACHING_LE |
900 SMB2_LEASE_HANDLE_CACHING_LE;
901 else
902 lease->new_state =
903 SMB2_LEASE_READ_CACHING_LE;
904 } else {
905 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE &&
906 !lease->is_dir)
907 lease->new_state =
908 SMB2_LEASE_READ_CACHING_LE;
909 else
910 lease->new_state = SMB2_LEASE_NONE_LE;
911 }
912 }
913
914 if (lease->state & (SMB2_LEASE_WRITE_CACHING_LE |
915 SMB2_LEASE_HANDLE_CACHING_LE))
916 brk_opinfo->op_state = OPLOCK_ACK_WAIT;
917 else
918 atomic_dec(&brk_opinfo->breaking_cnt);
919 } else {
920 err = oplock_break_pending(brk_opinfo, req_op_level);
921 if (err)
922 return err < 0 ? err : 0;
923
924 if (brk_opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
925 brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
926 brk_opinfo->op_state = OPLOCK_ACK_WAIT;
927 }
928
929 if (brk_opinfo->is_lease)
930 err = smb2_lease_break_noti(brk_opinfo);
931 else
932 err = smb2_oplock_break_noti(brk_opinfo);
933
934 ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level);
935 if (brk_opinfo->op_state == OPLOCK_CLOSING)
936 err = -ENOENT;
937 wake_up_oplock_break(brk_opinfo);
938
939 wait_lease_breaking(brk_opinfo);
940
941 return err;
942 }
943
944 void destroy_lease_table(struct ksmbd_conn *conn)
945 {
946 struct lease_table *lb, *lbtmp;
947 struct oplock_info *opinfo;
948
949 write_lock(&lease_list_lock);
950 if (list_empty(&lease_table_list)) {
951 write_unlock(&lease_list_lock);
952 return;
953 }
954
955 list_for_each_entry_safe(lb, lbtmp, &lease_table_list, l_entry) {
956 if (conn && memcmp(lb->client_guid, conn->ClientGUID,
957 SMB2_CLIENT_GUID_SIZE))
958 continue;
959 again:
960 rcu_read_lock();
961 list_for_each_entry_rcu(opinfo, &lb->lease_list,
962 lease_entry) {
963 rcu_read_unlock();
964 lease_del_list(opinfo);
965 goto again;
966 }
967 rcu_read_unlock();
968 list_del(&lb->l_entry);
969 kfree(lb);
970 }
971 write_unlock(&lease_list_lock);
972 }
973
974 int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
975 struct lease_ctx_info *lctx)
976 {
977 struct oplock_info *opinfo;
978 int err = 0;
979 struct lease_table *lb;
980
981 if (!lctx)
982 return err;
983
984 read_lock(&lease_list_lock);
985 if (list_empty(&lease_table_list)) {
986 read_unlock(&lease_list_lock);
987 return 0;
988 }
989
990 list_for_each_entry(lb, &lease_table_list, l_entry) {
991 if (!memcmp(lb->client_guid, sess->ClientGUID,
992 SMB2_CLIENT_GUID_SIZE))
993 goto found;
994 }
995 read_unlock(&lease_list_lock);
996
997 return 0;
998
999 found:
1000 rcu_read_lock();
1001 list_for_each_entry_rcu(opinfo, &lb->lease_list, lease_entry) {
1002 if (!atomic_inc_not_zero(&opinfo->refcount))
1003 continue;
1004 rcu_read_unlock();
1005 if (opinfo->o_fp->f_ci == ci)
1006 goto op_next;
1007 err = compare_guid_key(opinfo, sess->ClientGUID,
1008 lctx->lease_key);
1009 if (err) {
1010 err = -EINVAL;
1011 ksmbd_debug(OPLOCK,
1012 "found same lease key is already used in other files\n");
1013 opinfo_put(opinfo);
1014 goto out;
1015 }
1016 op_next:
1017 opinfo_put(opinfo);
1018 rcu_read_lock();
1019 }
1020 rcu_read_unlock();
1021
1022 out:
1023 read_unlock(&lease_list_lock);
1024 return err;
1025 }
1026
1027 static void copy_lease(struct oplock_info *op1, struct oplock_info *op2)
1028 {
1029 struct lease *lease1 = op1->o_lease;
1030 struct lease *lease2 = op2->o_lease;
1031
1032 op2->level = op1->level;
1033 lease2->state = lease1->state;
1034 memcpy(lease2->lease_key, lease1->lease_key,
1035 SMB2_LEASE_KEY_SIZE);
1036 lease2->duration = lease1->duration;
1037 lease2->flags = lease1->flags;
1038 lease2->epoch = lease1->epoch++;
1039 }
1040
1041 static int add_lease_global_list(struct oplock_info *opinfo)
1042 {
1043 struct lease_table *lb;
1044
1045 read_lock(&lease_list_lock);
1046 list_for_each_entry(lb, &lease_table_list, l_entry) {
1047 if (!memcmp(lb->client_guid, opinfo->conn->ClientGUID,
1048 SMB2_CLIENT_GUID_SIZE)) {
1049 opinfo->o_lease->l_lb = lb;
1050 lease_add_list(opinfo);
1051 read_unlock(&lease_list_lock);
1052 return 0;
1053 }
1054 }
1055 read_unlock(&lease_list_lock);
1056
1057 lb = kmalloc(sizeof(struct lease_table), GFP_KERNEL);
1058 if (!lb)
1059 return -ENOMEM;
1060
1061 memcpy(lb->client_guid, opinfo->conn->ClientGUID,
1062 SMB2_CLIENT_GUID_SIZE);
1063 INIT_LIST_HEAD(&lb->lease_list);
1064 spin_lock_init(&lb->lb_lock);
1065 opinfo->o_lease->l_lb = lb;
1066 lease_add_list(opinfo);
1067 lb_add(lb);
1068 return 0;
1069 }
1070
1071 static void set_oplock_level(struct oplock_info *opinfo, int level,
1072 struct lease_ctx_info *lctx)
1073 {
1074 switch (level) {
1075 case SMB2_OPLOCK_LEVEL_BATCH:
1076 case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
1077 grant_write_oplock(opinfo, level, lctx);
1078 break;
1079 case SMB2_OPLOCK_LEVEL_II:
1080 grant_read_oplock(opinfo, lctx);
1081 break;
1082 default:
1083 grant_none_oplock(opinfo, lctx);
1084 break;
1085 }
1086 }
1087
1088 void smb_send_parent_lease_break_noti(struct ksmbd_file *fp,
1089 struct lease_ctx_info *lctx)
1090 {
1091 struct oplock_info *opinfo;
1092 struct ksmbd_inode *p_ci = NULL;
1093
1094 if (lctx->version != 2)
1095 return;
1096
1097 p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent);
1098 if (!p_ci)
1099 return;
1100
1101 read_lock(&p_ci->m_lock);
1102 list_for_each_entry(opinfo, &p_ci->m_op_list, op_entry) {
1103 if (!opinfo->is_lease)
1104 continue;
1105
1106 if (opinfo->o_lease->state != SMB2_OPLOCK_LEVEL_NONE &&
1107 (!(lctx->flags & SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE) ||
1108 !compare_guid_key(opinfo, fp->conn->ClientGUID,
1109 lctx->parent_lease_key))) {
1110 if (!atomic_inc_not_zero(&opinfo->refcount))
1111 continue;
1112
1113 atomic_inc(&opinfo->conn->r_count);
1114 if (ksmbd_conn_releasing(opinfo->conn)) {
1115 atomic_dec(&opinfo->conn->r_count);
1116 continue;
1117 }
1118
1119 read_unlock(&p_ci->m_lock);
1120 oplock_break(opinfo, SMB2_OPLOCK_LEVEL_NONE);
1121 opinfo_conn_put(opinfo);
1122 read_lock(&p_ci->m_lock);
1123 }
1124 }
1125 read_unlock(&p_ci->m_lock);
1126
1127 ksmbd_inode_put(p_ci);
1128 }
1129
1130 void smb_lazy_parent_lease_break_close(struct ksmbd_file *fp)
1131 {
1132 struct oplock_info *opinfo;
1133 struct ksmbd_inode *p_ci = NULL;
1134
1135 rcu_read_lock();
1136 opinfo = rcu_dereference(fp->f_opinfo);
1137 rcu_read_unlock();
1138
1139 if (!opinfo->is_lease || opinfo->o_lease->version != 2)
1140 return;
1141
1142 p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent);
1143 if (!p_ci)
1144 return;
1145
1146 read_lock(&p_ci->m_lock);
1147 list_for_each_entry(opinfo, &p_ci->m_op_list, op_entry) {
1148 if (!opinfo->is_lease)
1149 continue;
1150
1151 if (opinfo->o_lease->state != SMB2_OPLOCK_LEVEL_NONE) {
1152 if (!atomic_inc_not_zero(&opinfo->refcount))
1153 continue;
1154
1155 atomic_inc(&opinfo->conn->r_count);
1156 if (ksmbd_conn_releasing(opinfo->conn)) {
1157 atomic_dec(&opinfo->conn->r_count);
1158 continue;
1159 }
1160 read_unlock(&p_ci->m_lock);
1161 oplock_break(opinfo, SMB2_OPLOCK_LEVEL_NONE);
1162 opinfo_conn_put(opinfo);
1163 read_lock(&p_ci->m_lock);
1164 }
1165 }
1166 read_unlock(&p_ci->m_lock);
1167
1168 ksmbd_inode_put(p_ci);
1169 }
1170
1171 /**
1172 * smb_grant_oplock() - handle oplock/lease request on file open
1173 * @work: smb work
1174 * @req_op_level: oplock level
1175 * @pid: id of open file
1176 * @fp: ksmbd file pointer
1177 * @tid: Tree id of connection
1178 * @lctx: lease context information on file open
1179 * @share_ret: share mode
1180 *
1181 * Return: 0 on success, otherwise error
1182 */
1183 int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
1184 struct ksmbd_file *fp, __u16 tid,
1185 struct lease_ctx_info *lctx, int share_ret)
1186 {
1187 struct ksmbd_session *sess = work->sess;
1188 int err = 0;
1189 struct oplock_info *opinfo = NULL, *prev_opinfo = NULL;
1190 struct ksmbd_inode *ci = fp->f_ci;
1191 bool prev_op_has_lease;
1192 __le32 prev_op_state = 0;
1193
1194 opinfo = alloc_opinfo(work, pid, tid);
1195 if (!opinfo)
1196 return -ENOMEM;
1197
1198 if (lctx) {
1199 err = alloc_lease(opinfo, lctx);
1200 if (err)
1201 goto err_out;
1202 opinfo->is_lease = 1;
1203 }
1204
1205 /* ci does not have any oplock */
1206 if (!opinfo_count(fp))
1207 goto set_lev;
1208
1209 /* grant none-oplock if second open is trunc */
1210 if (fp->attrib_only && fp->cdoption != FILE_OVERWRITE_IF_LE &&
1211 fp->cdoption != FILE_OVERWRITE_LE &&
1212 fp->cdoption != FILE_SUPERSEDE_LE) {
1213 req_op_level = SMB2_OPLOCK_LEVEL_NONE;
1214 goto set_lev;
1215 }
1216
1217 if (lctx) {
1218 struct oplock_info *m_opinfo;
1219
1220 /* is lease already granted ? */
1221 m_opinfo = same_client_has_lease(ci, sess->ClientGUID,
1222 lctx);
1223 if (m_opinfo) {
1224 copy_lease(m_opinfo, opinfo);
1225 if (atomic_read(&m_opinfo->breaking_cnt))
1226 opinfo->o_lease->flags =
1227 SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE;
1228 goto out;
1229 }
1230 }
1231 prev_opinfo = opinfo_get_list(ci);
1232 if (!prev_opinfo ||
1233 (prev_opinfo->level == SMB2_OPLOCK_LEVEL_NONE && lctx)) {
1234 opinfo_conn_put(prev_opinfo);
1235 goto set_lev;
1236 }
1237 prev_op_has_lease = prev_opinfo->is_lease;
1238 if (prev_op_has_lease)
1239 prev_op_state = prev_opinfo->o_lease->state;
1240
1241 if (share_ret < 0 &&
1242 prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
1243 err = share_ret;
1244 opinfo_conn_put(prev_opinfo);
1245 goto err_out;
1246 }
1247
1248 if (prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
1249 prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
1250 opinfo_conn_put(prev_opinfo);
1251 goto op_break_not_needed;
1252 }
1253
1254 list_add(&work->interim_entry, &prev_opinfo->interim_list);
1255 err = oplock_break(prev_opinfo, SMB2_OPLOCK_LEVEL_II);
1256 opinfo_conn_put(prev_opinfo);
1257 if (err == -ENOENT)
1258 goto set_lev;
1259 /* Check all oplock was freed by close */
1260 else if (err < 0)
1261 goto err_out;
1262
1263 op_break_not_needed:
1264 if (share_ret < 0) {
1265 err = share_ret;
1266 goto err_out;
1267 }
1268
1269 if (req_op_level != SMB2_OPLOCK_LEVEL_NONE)
1270 req_op_level = SMB2_OPLOCK_LEVEL_II;
1271
1272 /* grant fixed oplock on stacked locking between lease and oplock */
1273 if (prev_op_has_lease && !lctx)
1274 if (prev_op_state & SMB2_LEASE_HANDLE_CACHING_LE)
1275 req_op_level = SMB2_OPLOCK_LEVEL_NONE;
1276
1277 if (!prev_op_has_lease && lctx) {
1278 req_op_level = SMB2_OPLOCK_LEVEL_II;
1279 lctx->req_state = SMB2_LEASE_READ_CACHING_LE;
1280 }
1281
1282 set_lev:
1283 set_oplock_level(opinfo, req_op_level, lctx);
1284
1285 out:
1286 rcu_assign_pointer(fp->f_opinfo, opinfo);
1287 opinfo->o_fp = fp;
1288
1289 opinfo_count_inc(fp);
1290 opinfo_add(opinfo);
1291 if (opinfo->is_lease) {
1292 err = add_lease_global_list(opinfo);
1293 if (err)
1294 goto err_out;
1295 }
1296
1297 return 0;
1298 err_out:
1299 free_opinfo(opinfo);
1300 return err;
1301 }
1302
1303 /**
1304 * smb_break_all_write_oplock() - break batch/exclusive oplock to level2
1305 * @work: smb work
1306 * @fp: ksmbd file pointer
1307 * @is_trunc: truncate on open
1308 */
1309 static void smb_break_all_write_oplock(struct ksmbd_work *work,
1310 struct ksmbd_file *fp, int is_trunc)
1311 {
1312 struct oplock_info *brk_opinfo;
1313
1314 brk_opinfo = opinfo_get_list(fp->f_ci);
1315 if (!brk_opinfo)
1316 return;
1317 if (brk_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
1318 brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
1319 opinfo_conn_put(brk_opinfo);
1320 return;
1321 }
1322
1323 brk_opinfo->open_trunc = is_trunc;
1324 list_add(&work->interim_entry, &brk_opinfo->interim_list);
1325 oplock_break(brk_opinfo, SMB2_OPLOCK_LEVEL_II);
1326 opinfo_conn_put(brk_opinfo);
1327 }
1328
1329 /**
1330 * smb_break_all_levII_oplock() - send level2 oplock or read lease break command
1331 * from server to client
1332 * @work: smb work
1333 * @fp: ksmbd file pointer
1334 * @is_trunc: truncate on open
1335 */
1336 void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
1337 int is_trunc)
1338 {
1339 struct oplock_info *op, *brk_op;
1340 struct ksmbd_inode *ci;
1341 struct ksmbd_conn *conn = work->conn;
1342
1343 if (!test_share_config_flag(work->tcon->share_conf,
1344 KSMBD_SHARE_FLAG_OPLOCKS))
1345 return;
1346
1347 ci = fp->f_ci;
1348 op = opinfo_get(fp);
1349
1350 rcu_read_lock();
1351 list_for_each_entry_rcu(brk_op, &ci->m_op_list, op_entry) {
1352 if (!atomic_inc_not_zero(&brk_op->refcount))
1353 continue;
1354
1355 atomic_inc(&brk_op->conn->r_count);
1356 if (ksmbd_conn_releasing(brk_op->conn)) {
1357 atomic_dec(&brk_op->conn->r_count);
1358 continue;
1359 }
1360
1361 rcu_read_unlock();
1362 if (brk_op->is_lease && (brk_op->o_lease->state &
1363 (~(SMB2_LEASE_READ_CACHING_LE |
1364 SMB2_LEASE_HANDLE_CACHING_LE)))) {
1365 ksmbd_debug(OPLOCK, "unexpected lease state(0x%x)\n",
1366 brk_op->o_lease->state);
1367 goto next;
1368 } else if (brk_op->level !=
1369 SMB2_OPLOCK_LEVEL_II) {
1370 ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n",
1371 brk_op->level);
1372 goto next;
1373 }
1374
1375 /* Skip oplock being break to none */
1376 if (brk_op->is_lease &&
1377 brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE &&
1378 atomic_read(&brk_op->breaking_cnt))
1379 goto next;
1380
1381 if (op && op->is_lease && brk_op->is_lease &&
1382 !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID,
1383 SMB2_CLIENT_GUID_SIZE) &&
1384 !memcmp(op->o_lease->lease_key, brk_op->o_lease->lease_key,
1385 SMB2_LEASE_KEY_SIZE))
1386 goto next;
1387 brk_op->open_trunc = is_trunc;
1388 oplock_break(brk_op, SMB2_OPLOCK_LEVEL_NONE);
1389 next:
1390 opinfo_conn_put(brk_op);
1391 rcu_read_lock();
1392 }
1393 rcu_read_unlock();
1394
1395 if (op)
1396 opinfo_put(op);
1397 }
1398
1399 /**
1400 * smb_break_all_oplock() - break both batch/exclusive and level2 oplock
1401 * @work: smb work
1402 * @fp: ksmbd file pointer
1403 */
1404 void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp)
1405 {
1406 if (!test_share_config_flag(work->tcon->share_conf,
1407 KSMBD_SHARE_FLAG_OPLOCKS))
1408 return;
1409
1410 smb_break_all_write_oplock(work, fp, 1);
1411 smb_break_all_levII_oplock(work, fp, 1);
1412 }
1413
1414 /**
1415 * smb2_map_lease_to_oplock() - map lease state to corresponding oplock type
1416 * @lease_state: lease type
1417 *
1418 * Return: 0 if no mapping, otherwise corresponding oplock type
1419 */
1420 __u8 smb2_map_lease_to_oplock(__le32 lease_state)
1421 {
1422 if (lease_state == (SMB2_LEASE_HANDLE_CACHING_LE |
1423 SMB2_LEASE_READ_CACHING_LE |
1424 SMB2_LEASE_WRITE_CACHING_LE)) {
1425 return SMB2_OPLOCK_LEVEL_BATCH;
1426 } else if (lease_state != SMB2_LEASE_WRITE_CACHING_LE &&
1427 lease_state & SMB2_LEASE_WRITE_CACHING_LE) {
1428 if (!(lease_state & SMB2_LEASE_HANDLE_CACHING_LE))
1429 return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
1430 } else if (lease_state & SMB2_LEASE_READ_CACHING_LE) {
1431 return SMB2_OPLOCK_LEVEL_II;
1432 }
1433 return 0;
1434 }
1435
1436 /**
1437 * create_lease_buf() - create lease context for open cmd response
1438 * @rbuf: buffer to create lease context response
1439 * @lease: buffer to stored parsed lease state information
1440 */
1441 void create_lease_buf(u8 *rbuf, struct lease *lease)
1442 {
1443 if (lease->version == 2) {
1444 struct create_lease_v2 *buf = (struct create_lease_v2 *)rbuf;
1445
1446 memset(buf, 0, sizeof(struct create_lease_v2));
1447 memcpy(buf->lcontext.LeaseKey, lease->lease_key,
1448 SMB2_LEASE_KEY_SIZE);
1449 buf->lcontext.LeaseFlags = lease->flags;
1450 buf->lcontext.Epoch = cpu_to_le16(++lease->epoch);
1451 buf->lcontext.LeaseState = lease->state;
1452 memcpy(buf->lcontext.ParentLeaseKey, lease->parent_lease_key,
1453 SMB2_LEASE_KEY_SIZE);
1454 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1455 (struct create_lease_v2, lcontext));
1456 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2));
1457 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1458 (struct create_lease_v2, Name));
1459 buf->ccontext.NameLength = cpu_to_le16(4);
1460 buf->Name[0] = 'R';
1461 buf->Name[1] = 'q';
1462 buf->Name[2] = 'L';
1463 buf->Name[3] = 's';
1464 } else {
1465 struct create_lease *buf = (struct create_lease *)rbuf;
1466
1467 memset(buf, 0, sizeof(struct create_lease));
1468 memcpy(buf->lcontext.LeaseKey, lease->lease_key, SMB2_LEASE_KEY_SIZE);
1469 buf->lcontext.LeaseFlags = lease->flags;
1470 buf->lcontext.LeaseState = lease->state;
1471 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1472 (struct create_lease, lcontext));
1473 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context));
1474 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1475 (struct create_lease, Name));
1476 buf->ccontext.NameLength = cpu_to_le16(4);
1477 buf->Name[0] = 'R';
1478 buf->Name[1] = 'q';
1479 buf->Name[2] = 'L';
1480 buf->Name[3] = 's';
1481 }
1482 }
1483
1484 /**
1485 * parse_lease_state() - parse lease context containted in file open request
1486 * @open_req: buffer containing smb2 file open(create) request
1487 * @is_dir: whether leasing file is directory
1488 *
1489 * Return: oplock state, -ENOENT if create lease context not found
1490 */
1491 struct lease_ctx_info *parse_lease_state(void *open_req, bool is_dir)
1492 {
1493 struct create_context *cc;
1494 struct smb2_create_req *req = (struct smb2_create_req *)open_req;
1495 struct lease_ctx_info *lreq;
1496
1497 cc = smb2_find_context_vals(req, SMB2_CREATE_REQUEST_LEASE, 4);
1498 if (IS_ERR_OR_NULL(cc))
1499 return NULL;
1500
1501 lreq = kzalloc(sizeof(struct lease_ctx_info), GFP_KERNEL);
1502 if (!lreq)
1503 return NULL;
1504
1505 if (sizeof(struct lease_context_v2) == le32_to_cpu(cc->DataLength)) {
1506 struct create_lease_v2 *lc = (struct create_lease_v2 *)cc;
1507
1508 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
1509 if (is_dir) {
1510 lreq->req_state = lc->lcontext.LeaseState &
1511 ~SMB2_LEASE_WRITE_CACHING_LE;
1512 lreq->is_dir = true;
1513 } else
1514 lreq->req_state = lc->lcontext.LeaseState;
1515 lreq->flags = lc->lcontext.LeaseFlags;
1516 lreq->epoch = lc->lcontext.Epoch;
1517 lreq->duration = lc->lcontext.LeaseDuration;
1518 memcpy(lreq->parent_lease_key, lc->lcontext.ParentLeaseKey,
1519 SMB2_LEASE_KEY_SIZE);
1520 lreq->version = 2;
1521 } else {
1522 struct create_lease *lc = (struct create_lease *)cc;
1523
1524 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
1525 lreq->req_state = lc->lcontext.LeaseState;
1526 lreq->flags = lc->lcontext.LeaseFlags;
1527 lreq->duration = lc->lcontext.LeaseDuration;
1528 lreq->version = 1;
1529 }
1530 return lreq;
1531 }
1532
1533 /**
1534 * smb2_find_context_vals() - find a particular context info in open request
1535 * @open_req: buffer containing smb2 file open(create) request
1536 * @tag: context name to search for
1537 * @tag_len: the length of tag
1538 *
1539 * Return: pointer to requested context, NULL if @str context not found
1540 * or error pointer if name length is invalid.
1541 */
1542 struct create_context *smb2_find_context_vals(void *open_req, const char *tag, int tag_len)
1543 {
1544 struct create_context *cc;
1545 unsigned int next = 0;
1546 char *name;
1547 struct smb2_create_req *req = (struct smb2_create_req *)open_req;
1548 unsigned int remain_len, name_off, name_len, value_off, value_len,
1549 cc_len;
1550
1551 /*
1552 * CreateContextsOffset and CreateContextsLength are guaranteed to
1553 * be valid because of ksmbd_smb2_check_message().
1554 */
1555 cc = (struct create_context *)((char *)req +
1556 le32_to_cpu(req->CreateContextsOffset));
1557 remain_len = le32_to_cpu(req->CreateContextsLength);
1558 do {
1559 cc = (struct create_context *)((char *)cc + next);
1560 if (remain_len < offsetof(struct create_context, Buffer))
1561 return ERR_PTR(-EINVAL);
1562
1563 next = le32_to_cpu(cc->Next);
1564 name_off = le16_to_cpu(cc->NameOffset);
1565 name_len = le16_to_cpu(cc->NameLength);
1566 value_off = le16_to_cpu(cc->DataOffset);
1567 value_len = le32_to_cpu(cc->DataLength);
1568 cc_len = next ? next : remain_len;
1569
1570 if ((next & 0x7) != 0 ||
1571 next > remain_len ||
1572 name_off != offsetof(struct create_context, Buffer) ||
1573 name_len < 4 ||
1574 name_off + name_len > cc_len ||
1575 (value_off & 0x7) != 0 ||
1576 (value_len && value_off < name_off + (name_len < 8 ? 8 : name_len)) ||
1577 ((u64)value_off + value_len > cc_len))
1578 return ERR_PTR(-EINVAL);
1579
1580 name = (char *)cc + name_off;
1581 if (name_len == tag_len && !memcmp(name, tag, name_len))
1582 return cc;
1583
1584 remain_len -= next;
1585 } while (next != 0);
1586
1587 return NULL;
1588 }
1589
1590 /**
1591 * create_durable_rsp_buf() - create durable handle context
1592 * @cc: buffer to create durable context response
1593 */
1594 void create_durable_rsp_buf(char *cc)
1595 {
1596 struct create_durable_rsp *buf;
1597
1598 buf = (struct create_durable_rsp *)cc;
1599 memset(buf, 0, sizeof(struct create_durable_rsp));
1600 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1601 (struct create_durable_rsp, Data));
1602 buf->ccontext.DataLength = cpu_to_le32(8);
1603 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1604 (struct create_durable_rsp, Name));
1605 buf->ccontext.NameLength = cpu_to_le16(4);
1606 /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE is "DHnQ" */
1607 buf->Name[0] = 'D';
1608 buf->Name[1] = 'H';
1609 buf->Name[2] = 'n';
1610 buf->Name[3] = 'Q';
1611 }
1612
1613 /**
1614 * create_durable_v2_rsp_buf() - create durable handle v2 context
1615 * @cc: buffer to create durable context response
1616 * @fp: ksmbd file pointer
1617 */
1618 void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp)
1619 {
1620 struct create_durable_v2_rsp *buf;
1621
1622 buf = (struct create_durable_v2_rsp *)cc;
1623 memset(buf, 0, sizeof(struct create_durable_rsp));
1624 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1625 (struct create_durable_rsp, Data));
1626 buf->ccontext.DataLength = cpu_to_le32(8);
1627 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1628 (struct create_durable_rsp, Name));
1629 buf->ccontext.NameLength = cpu_to_le16(4);
1630 /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2 is "DH2Q" */
1631 buf->Name[0] = 'D';
1632 buf->Name[1] = 'H';
1633 buf->Name[2] = '2';
1634 buf->Name[3] = 'Q';
1635
1636 buf->Timeout = cpu_to_le32(fp->durable_timeout);
1637 }
1638
1639 /**
1640 * create_mxac_rsp_buf() - create query maximal access context
1641 * @cc: buffer to create maximal access context response
1642 * @maximal_access: maximal access
1643 */
1644 void create_mxac_rsp_buf(char *cc, int maximal_access)
1645 {
1646 struct create_mxac_rsp *buf;
1647
1648 buf = (struct create_mxac_rsp *)cc;
1649 memset(buf, 0, sizeof(struct create_mxac_rsp));
1650 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1651 (struct create_mxac_rsp, QueryStatus));
1652 buf->ccontext.DataLength = cpu_to_le32(8);
1653 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1654 (struct create_mxac_rsp, Name));
1655 buf->ccontext.NameLength = cpu_to_le16(4);
1656 /* SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE is "MxAc" */
1657 buf->Name[0] = 'M';
1658 buf->Name[1] = 'x';
1659 buf->Name[2] = 'A';
1660 buf->Name[3] = 'c';
1661
1662 buf->QueryStatus = STATUS_SUCCESS;
1663 buf->MaximalAccess = cpu_to_le32(maximal_access);
1664 }
1665
1666 void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id)
1667 {
1668 struct create_disk_id_rsp *buf;
1669
1670 buf = (struct create_disk_id_rsp *)cc;
1671 memset(buf, 0, sizeof(struct create_disk_id_rsp));
1672 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1673 (struct create_disk_id_rsp, DiskFileId));
1674 buf->ccontext.DataLength = cpu_to_le32(32);
1675 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1676 (struct create_mxac_rsp, Name));
1677 buf->ccontext.NameLength = cpu_to_le16(4);
1678 /* SMB2_CREATE_QUERY_ON_DISK_ID_RESPONSE is "QFid" */
1679 buf->Name[0] = 'Q';
1680 buf->Name[1] = 'F';
1681 buf->Name[2] = 'i';
1682 buf->Name[3] = 'd';
1683
1684 buf->DiskFileId = cpu_to_le64(file_id);
1685 buf->VolumeId = cpu_to_le64(vol_id);
1686 }
1687
1688 /**
1689 * create_posix_rsp_buf() - create posix extension context
1690 * @cc: buffer to create posix on posix response
1691 * @fp: ksmbd file pointer
1692 */
1693 void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
1694 {
1695 struct create_posix_rsp *buf;
1696 struct inode *inode = file_inode(fp->filp);
1697 struct mnt_idmap *idmap = file_mnt_idmap(fp->filp);
1698 vfsuid_t vfsuid = i_uid_into_vfsuid(idmap, inode);
1699 vfsgid_t vfsgid = i_gid_into_vfsgid(idmap, inode);
1700
1701 buf = (struct create_posix_rsp *)cc;
1702 memset(buf, 0, sizeof(struct create_posix_rsp));
1703 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1704 (struct create_posix_rsp, nlink));
1705 /*
1706 * DataLength = nlink(4) + reparse_tag(4) + mode(4) +
1707 * domain sid(28) + unix group sid(16).
1708 */
1709 buf->ccontext.DataLength = cpu_to_le32(56);
1710 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1711 (struct create_posix_rsp, Name));
1712 buf->ccontext.NameLength = cpu_to_le16(POSIX_CTXT_DATA_LEN);
1713 /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */
1714 buf->Name[0] = 0x93;
1715 buf->Name[1] = 0xAD;
1716 buf->Name[2] = 0x25;
1717 buf->Name[3] = 0x50;
1718 buf->Name[4] = 0x9C;
1719 buf->Name[5] = 0xB4;
1720 buf->Name[6] = 0x11;
1721 buf->Name[7] = 0xE7;
1722 buf->Name[8] = 0xB4;
1723 buf->Name[9] = 0x23;
1724 buf->Name[10] = 0x83;
1725 buf->Name[11] = 0xDE;
1726 buf->Name[12] = 0x96;
1727 buf->Name[13] = 0x8B;
1728 buf->Name[14] = 0xCD;
1729 buf->Name[15] = 0x7C;
1730
1731 buf->nlink = cpu_to_le32(inode->i_nlink);
1732 buf->reparse_tag = cpu_to_le32(fp->volatile_id);
1733 buf->mode = cpu_to_le32(inode->i_mode & 0777);
1734 /*
1735 * SidBuffer(44) contain two sids(Domain sid(28), UNIX group sid(16)).
1736 * Domain sid(28) = revision(1) + num_subauth(1) + authority(6) +
1737 * sub_auth(4 * 4(num_subauth)) + RID(4).
1738 * UNIX group id(16) = revision(1) + num_subauth(1) + authority(6) +
1739 * sub_auth(4 * 1(num_subauth)) + RID(4).
1740 */
1741 id_to_sid(from_kuid_munged(&init_user_ns, vfsuid_into_kuid(vfsuid)),
1742 SIDOWNER, (struct smb_sid *)&buf->SidBuffer[0]);
1743 id_to_sid(from_kgid_munged(&init_user_ns, vfsgid_into_kgid(vfsgid)),
1744 SIDUNIX_GROUP, (struct smb_sid *)&buf->SidBuffer[28]);
1745 }
1746
1747 /*
1748 * Find lease object(opinfo) for given lease key/fid from lease
1749 * break/file close path.
1750 */
1751 /**
1752 * lookup_lease_in_table() - find a matching lease info object
1753 * @conn: connection instance
1754 * @lease_key: lease key to be searched for
1755 *
1756 * Return: opinfo if found matching opinfo, otherwise NULL
1757 */
1758 struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
1759 char *lease_key)
1760 {
1761 struct oplock_info *opinfo = NULL, *ret_op = NULL;
1762 struct lease_table *lt;
1763 int ret;
1764
1765 read_lock(&lease_list_lock);
1766 list_for_each_entry(lt, &lease_table_list, l_entry) {
1767 if (!memcmp(lt->client_guid, conn->ClientGUID,
1768 SMB2_CLIENT_GUID_SIZE))
1769 goto found;
1770 }
1771
1772 read_unlock(&lease_list_lock);
1773 return NULL;
1774
1775 found:
1776 rcu_read_lock();
1777 list_for_each_entry_rcu(opinfo, &lt->lease_list, lease_entry) {
1778 if (!atomic_inc_not_zero(&opinfo->refcount))
1779 continue;
1780 rcu_read_unlock();
1781 if (!opinfo->op_state || opinfo->op_state == OPLOCK_CLOSING)
1782 goto op_next;
1783 if (!(opinfo->o_lease->state &
1784 (SMB2_LEASE_HANDLE_CACHING_LE |
1785 SMB2_LEASE_WRITE_CACHING_LE)))
1786 goto op_next;
1787 ret = compare_guid_key(opinfo, conn->ClientGUID,
1788 lease_key);
1789 if (ret) {
1790 ksmbd_debug(OPLOCK, "found opinfo\n");
1791 ret_op = opinfo;
1792 goto out;
1793 }
1794 op_next:
1795 opinfo_put(opinfo);
1796 rcu_read_lock();
1797 }
1798 rcu_read_unlock();
1799
1800 out:
1801 read_unlock(&lease_list_lock);
1802 return ret_op;
1803 }
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git