1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org> 4 * Copyright (C) 2018 Samsung Electronics Co., Ltd. 5 */ 6 7#include <linux/moduleparam.h> 8 9#include "glob.h" 10#include "oplock.h" 11 12#include "smb_common.h" 13#include "smbstatus.h" 14#include "connection.h" 15#include "mgmt/user_session.h" 16#include "mgmt/share_config.h" 17#include "mgmt/tree_connect.h" 18 19static LIST_HEAD(lease_table_list); 20static DEFINE_RWLOCK(lease_list_lock); 21 22/** 23 * alloc_opinfo() - allocate a new opinfo object for oplock info 24 * @work: smb work 25 * @id: fid of open file 26 * @Tid: tree id of connection 27 * 28 * Return: allocated opinfo object on success, otherwise NULL 29 */ 30static struct oplock_info *alloc_opinfo(struct ksmbd_work *work, 31 u64 id, __u16 Tid) 32{ 33 struct ksmbd_conn *conn = work->conn; 34 struct ksmbd_session *sess = work->sess; 35 struct oplock_info *opinfo; 36 37 opinfo = kzalloc(sizeof(struct oplock_info), GFP_KERNEL); 38 if (!opinfo) 39 return NULL; 40 41 opinfo->sess = sess; 42 opinfo->conn = conn; 43 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 44 opinfo->op_state = OPLOCK_STATE_NONE; 45 opinfo->pending_break = 0; 46 opinfo->fid = id; 47 opinfo->Tid = Tid; 48 INIT_LIST_HEAD(&opinfo->op_entry); 49 INIT_LIST_HEAD(&opinfo->interim_list); 50 init_waitqueue_head(&opinfo->oplock_q); 51 init_waitqueue_head(&opinfo->oplock_brk); 52 atomic_set(&opinfo->refcount, 1); 53 atomic_set(&opinfo->breaking_cnt, 0); 54 55 return opinfo; 56} 57 58static void lease_add_list(struct oplock_info *opinfo) 59{ 60 struct lease_table *lb = opinfo->o_lease->l_lb; 61 62 spin_lock(&lb->lb_lock); 63 list_add_rcu(&opinfo->lease_entry, &lb->lease_list); 64 spin_unlock(&lb->lb_lock); 65} 66 67static void lease_del_list(struct oplock_info *opinfo) 68{ 69 struct lease_table *lb = opinfo->o_lease->l_lb; 70 71 if (!lb) 72 return; 73 74 spin_lock(&lb->lb_lock); 75 if (list_empty(&opinfo->lease_entry)) { 76 spin_unlock(&lb->lb_lock); 77 return; 78 } 79 80 list_del_init(&opinfo->lease_entry); 81 opinfo->o_lease->l_lb = NULL; 82 spin_unlock(&lb->lb_lock); 83} 84 85static void lb_add(struct lease_table *lb) 86{ 87 write_lock(&lease_list_lock); 88 list_add(&lb->l_entry, &lease_table_list); 89 write_unlock(&lease_list_lock); 90} 91 92static int alloc_lease(struct oplock_info *opinfo, struct lease_ctx_info *lctx) 93{ 94 struct lease *lease; 95 96 lease = kmalloc(sizeof(struct lease), GFP_KERNEL); 97 if (!lease) 98 return -ENOMEM; 99 100 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 101 lease->state = lctx->req_state; 102 lease->new_state = 0; 103 lease->flags = lctx->flags; 104 lease->duration = lctx->duration; 105 lease->is_dir = lctx->is_dir; 106 memcpy(lease->parent_lease_key, lctx->parent_lease_key, SMB2_LEASE_KEY_SIZE); 107 lease->version = lctx->version; 108 lease->epoch = le16_to_cpu(lctx->epoch) + 1; 109 INIT_LIST_HEAD(&opinfo->lease_entry); 110 opinfo->o_lease = lease; 111 112 return 0; 113} 114 115static void free_lease(struct oplock_info *opinfo) 116{ 117 struct lease *lease; 118 119 lease = opinfo->o_lease; 120 kfree(lease); 121} 122 123static void free_opinfo(struct oplock_info *opinfo) 124{ 125 if (opinfo->is_lease) 126 free_lease(opinfo); 127 kfree(opinfo); 128} 129 130static inline void opinfo_free_rcu(struct rcu_head *rcu_head) 131{ 132 struct oplock_info *opinfo; 133 134 opinfo = container_of(rcu_head, struct oplock_info, rcu_head); 135 free_opinfo(opinfo); 136} 137 138struct oplock_info *opinfo_get(struct ksmbd_file *fp) 139{ 140 struct oplock_info *opinfo; 141 142 rcu_read_lock(); 143 opinfo = rcu_dereference(fp->f_opinfo); 144 if (opinfo && !atomic_inc_not_zero(&opinfo->refcount)) 145 opinfo = NULL; 146 rcu_read_unlock(); 147 148 return opinfo; 149} 150 151static struct oplock_info *opinfo_get_list(struct ksmbd_inode *ci) 152{ 153 struct oplock_info *opinfo; 154 155 if (list_empty(&ci->m_op_list)) 156 return NULL; 157 158 rcu_read_lock(); 159 opinfo = list_first_or_null_rcu(&ci->m_op_list, struct oplock_info, 160 op_entry); 161 if (opinfo) { 162 if (opinfo->conn == NULL || 163 !atomic_inc_not_zero(&opinfo->refcount)) 164 opinfo = NULL; 165 else { 166 atomic_inc(&opinfo->conn->r_count); 167 if (ksmbd_conn_releasing(opinfo->conn)) { 168 atomic_dec(&opinfo->conn->r_count); 169 atomic_dec(&opinfo->refcount); 170 opinfo = NULL; 171 } 172 } 173 } 174 175 rcu_read_unlock(); 176 177 return opinfo; 178} 179 180static void opinfo_conn_put(struct oplock_info *opinfo) 181{ 182 struct ksmbd_conn *conn; 183 184 if (!opinfo) 185 return; 186 187 conn = opinfo->conn; 188 /* 189 * Checking waitqueue to dropping pending requests on 190 * disconnection. waitqueue_active is safe because it 191 * uses atomic operation for condition. 192 */ 193 if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q)) 194 wake_up(&conn->r_count_q); 195 opinfo_put(opinfo); 196} 197 198void opinfo_put(struct oplock_info *opinfo) 199{ 200 if (!atomic_dec_and_test(&opinfo->refcount)) 201 return; 202 203 call_rcu(&opinfo->rcu_head, opinfo_free_rcu); 204} 205 206static void opinfo_add(struct oplock_info *opinfo) 207{ 208 struct ksmbd_inode *ci = opinfo->o_fp->f_ci; 209 210 write_lock(&ci->m_lock); 211 list_add_rcu(&opinfo->op_entry, &ci->m_op_list); 212 write_unlock(&ci->m_lock); 213} 214 215static void opinfo_del(struct oplock_info *opinfo) 216{ 217 struct ksmbd_inode *ci = opinfo->o_fp->f_ci; 218 219 if (opinfo->is_lease) { 220 write_lock(&lease_list_lock); 221 lease_del_list(opinfo); 222 write_unlock(&lease_list_lock); 223 } 224 write_lock(&ci->m_lock); 225 list_del_rcu(&opinfo->op_entry); 226 write_unlock(&ci->m_lock); 227} 228 229static unsigned long opinfo_count(struct ksmbd_file *fp) 230{ 231 if (ksmbd_stream_fd(fp)) 232 return atomic_read(&fp->f_ci->sop_count); 233 else 234 return atomic_read(&fp->f_ci->op_count); 235} 236 237static void opinfo_count_inc(struct ksmbd_file *fp) 238{ 239 if (ksmbd_stream_fd(fp)) 240 return atomic_inc(&fp->f_ci->sop_count); 241 else 242 return atomic_inc(&fp->f_ci->op_count); 243} 244 245static void opinfo_count_dec(struct ksmbd_file *fp) 246{ 247 if (ksmbd_stream_fd(fp)) 248 return atomic_dec(&fp->f_ci->sop_count); 249 else 250 return atomic_dec(&fp->f_ci->op_count); 251} 252 253/** 254 * opinfo_write_to_read() - convert a write oplock to read oplock 255 * @opinfo: current oplock info 256 * 257 * Return: 0 on success, otherwise -EINVAL 258 */ 259int opinfo_write_to_read(struct oplock_info *opinfo) 260{ 261 struct lease *lease = opinfo->o_lease; 262 263 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH || 264 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) { 265 pr_err("bad oplock(0x%x)\n", opinfo->level); 266 if (opinfo->is_lease) 267 pr_err("lease state(0x%x)\n", lease->state); 268 return -EINVAL; 269 } 270 opinfo->level = SMB2_OPLOCK_LEVEL_II; 271 272 if (opinfo->is_lease) 273 lease->state = lease->new_state; 274 return 0; 275} 276 277/** 278 * opinfo_read_handle_to_read() - convert a read/handle oplock to read oplock 279 * @opinfo: current oplock info 280 * 281 * Return: 0 on success, otherwise -EINVAL 282 */ 283int opinfo_read_handle_to_read(struct oplock_info *opinfo) 284{ 285 struct lease *lease = opinfo->o_lease; 286 287 lease->state = lease->new_state; 288 opinfo->level = SMB2_OPLOCK_LEVEL_II; 289 return 0; 290} 291 292/** 293 * opinfo_write_to_none() - convert a write oplock to none 294 * @opinfo: current oplock info 295 * 296 * Return: 0 on success, otherwise -EINVAL 297 */ 298int opinfo_write_to_none(struct oplock_info *opinfo) 299{ 300 struct lease *lease = opinfo->o_lease; 301 302 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH || 303 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) { 304 pr_err("bad oplock(0x%x)\n", opinfo->level); 305 if (opinfo->is_lease) 306 pr_err("lease state(0x%x)\n", lease->state); 307 return -EINVAL; 308 } 309 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 310 if (opinfo->is_lease) 311 lease->state = lease->new_state; 312 return 0; 313} 314 315/** 316 * opinfo_read_to_none() - convert a write read to none 317 * @opinfo: current oplock info 318 * 319 * Return: 0 on success, otherwise -EINVAL 320 */ 321int opinfo_read_to_none(struct oplock_info *opinfo) 322{ 323 struct lease *lease = opinfo->o_lease; 324 325 if (opinfo->level != SMB2_OPLOCK_LEVEL_II) { 326 pr_err("bad oplock(0x%x)\n", opinfo->level); 327 if (opinfo->is_lease) 328 pr_err("lease state(0x%x)\n", lease->state); 329 return -EINVAL; 330 } 331 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 332 if (opinfo->is_lease) 333 lease->state = lease->new_state; 334 return 0; 335} 336 337/** 338 * lease_read_to_write() - upgrade lease state from read to write 339 * @opinfo: current lease info 340 * 341 * Return: 0 on success, otherwise -EINVAL 342 */ 343int lease_read_to_write(struct oplock_info *opinfo) 344{ 345 struct lease *lease = opinfo->o_lease; 346 347 if (!(lease->state & SMB2_LEASE_READ_CACHING_LE)) { 348 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state); 349 return -EINVAL; 350 } 351 352 lease->new_state = SMB2_LEASE_NONE_LE; 353 lease->state |= SMB2_LEASE_WRITE_CACHING_LE; 354 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE) 355 opinfo->level = SMB2_OPLOCK_LEVEL_BATCH; 356 else 357 opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE; 358 return 0; 359} 360 361/** 362 * lease_none_upgrade() - upgrade lease state from none 363 * @opinfo: current lease info 364 * @new_state: new lease state 365 * 366 * Return: 0 on success, otherwise -EINVAL 367 */ 368static int lease_none_upgrade(struct oplock_info *opinfo, __le32 new_state) 369{ 370 struct lease *lease = opinfo->o_lease; 371 372 if (!(lease->state == SMB2_LEASE_NONE_LE)) { 373 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state); 374 return -EINVAL; 375 } 376 377 lease->new_state = SMB2_LEASE_NONE_LE; 378 lease->state = new_state; 379 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE) 380 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) 381 opinfo->level = SMB2_OPLOCK_LEVEL_BATCH; 382 else 383 opinfo->level = SMB2_OPLOCK_LEVEL_II; 384 else if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) 385 opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE; 386 else if (lease->state & SMB2_LEASE_READ_CACHING_LE) 387 opinfo->level = SMB2_OPLOCK_LEVEL_II; 388 389 return 0; 390} 391 392/** 393 * close_id_del_oplock() - release oplock object at file close time 394 * @fp: ksmbd file pointer 395 */ 396void close_id_del_oplock(struct ksmbd_file *fp) 397{ 398 struct oplock_info *opinfo; 399 400 if (fp->reserve_lease_break) 401 smb_lazy_parent_lease_break_close(fp); 402 403 opinfo = opinfo_get(fp); 404 if (!opinfo) 405 return; 406 407 opinfo_del(opinfo); 408 409 rcu_assign_pointer(fp->f_opinfo, NULL); 410 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 411 opinfo->op_state = OPLOCK_CLOSING; 412 wake_up_interruptible_all(&opinfo->oplock_q); 413 if (opinfo->is_lease) { 414 atomic_set(&opinfo->breaking_cnt, 0); 415 wake_up_interruptible_all(&opinfo->oplock_brk); 416 } 417 } 418 419 opinfo_count_dec(fp); 420 atomic_dec(&opinfo->refcount); 421 opinfo_put(opinfo); 422} 423 424/** 425 * grant_write_oplock() - grant exclusive/batch oplock or write lease 426 * @opinfo_new: new oplock info object 427 * @req_oplock: request oplock 428 * @lctx: lease context information 429 * 430 * Return: 0 431 */ 432static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock, 433 struct lease_ctx_info *lctx) 434{ 435 struct lease *lease = opinfo_new->o_lease; 436 437 if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH) 438 opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH; 439 else 440 opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE; 441 442 if (lctx) { 443 lease->state = lctx->req_state; 444 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 445 } 446} 447 448/** 449 * grant_read_oplock() - grant level2 oplock or read lease 450 * @opinfo_new: new oplock info object 451 * @lctx: lease context information 452 * 453 * Return: 0 454 */ 455static void grant_read_oplock(struct oplock_info *opinfo_new, 456 struct lease_ctx_info *lctx) 457{ 458 struct lease *lease = opinfo_new->o_lease; 459 460 opinfo_new->level = SMB2_OPLOCK_LEVEL_II; 461 462 if (lctx) { 463 lease->state = SMB2_LEASE_READ_CACHING_LE; 464 if (lctx->req_state & SMB2_LEASE_HANDLE_CACHING_LE) 465 lease->state |= SMB2_LEASE_HANDLE_CACHING_LE; 466 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 467 } 468} 469 470/** 471 * grant_none_oplock() - grant none oplock or none lease 472 * @opinfo_new: new oplock info object 473 * @lctx: lease context information 474 * 475 * Return: 0 476 */ 477static void grant_none_oplock(struct oplock_info *opinfo_new, 478 struct lease_ctx_info *lctx) 479{ 480 struct lease *lease = opinfo_new->o_lease; 481 482 opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE; 483 484 if (lctx) { 485 lease->state = 0; 486 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 487 } 488} 489 490static inline int compare_guid_key(struct oplock_info *opinfo, 491 const char *guid1, const char *key1) 492{ 493 const char *guid2, *key2; 494 495 guid2 = opinfo->conn->ClientGUID; 496 key2 = opinfo->o_lease->lease_key; 497 if (!memcmp(guid1, guid2, SMB2_CLIENT_GUID_SIZE) && 498 !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE)) 499 return 1; 500 501 return 0; 502} 503 504/** 505 * same_client_has_lease() - check whether current lease request is 506 * from lease owner of file 507 * @ci: master file pointer 508 * @client_guid: Client GUID 509 * @lctx: lease context information 510 * 511 * Return: oplock(lease) object on success, otherwise NULL 512 */ 513static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci, 514 char *client_guid, 515 struct lease_ctx_info *lctx) 516{ 517 int ret; 518 struct lease *lease; 519 struct oplock_info *opinfo; 520 struct oplock_info *m_opinfo = NULL; 521 522 if (!lctx) 523 return NULL; 524 525 /* 526 * Compare lease key and client_guid to know request from same owner 527 * of same client 528 */ 529 read_lock(&ci->m_lock); 530 list_for_each_entry(opinfo, &ci->m_op_list, op_entry) { 531 if (!opinfo->is_lease || !opinfo->conn) 532 continue; 533 read_unlock(&ci->m_lock); 534 lease = opinfo->o_lease; 535 536 ret = compare_guid_key(opinfo, client_guid, lctx->lease_key); 537 if (ret) { 538 m_opinfo = opinfo; 539 /* skip upgrading lease about breaking lease */ 540 if (atomic_read(&opinfo->breaking_cnt)) { 541 read_lock(&ci->m_lock); 542 continue; 543 } 544 545 /* upgrading lease */ 546 if ((atomic_read(&ci->op_count) + 547 atomic_read(&ci->sop_count)) == 1) { 548 if (lease->state != SMB2_LEASE_NONE_LE && 549 lease->state == (lctx->req_state & lease->state)) { 550 lease->epoch++; 551 lease->state |= lctx->req_state; 552 if (lctx->req_state & 553 SMB2_LEASE_WRITE_CACHING_LE) 554 lease_read_to_write(opinfo); 555 556 } 557 } else if ((atomic_read(&ci->op_count) + 558 atomic_read(&ci->sop_count)) > 1) { 559 if (lctx->req_state == 560 (SMB2_LEASE_READ_CACHING_LE | 561 SMB2_LEASE_HANDLE_CACHING_LE)) { 562 lease->epoch++; 563 lease->state = lctx->req_state; 564 } 565 } 566 567 if (lctx->req_state && lease->state == 568 SMB2_LEASE_NONE_LE) { 569 lease->epoch++; 570 lease_none_upgrade(opinfo, lctx->req_state); 571 } 572 } 573 read_lock(&ci->m_lock); 574 } 575 read_unlock(&ci->m_lock); 576 577 return m_opinfo; 578} 579 580static void wait_for_break_ack(struct oplock_info *opinfo) 581{ 582 int rc = 0; 583 584 rc = wait_event_interruptible_timeout(opinfo->oplock_q, 585 opinfo->op_state == OPLOCK_STATE_NONE || 586 opinfo->op_state == OPLOCK_CLOSING, 587 OPLOCK_WAIT_TIME); 588 589 /* is this a timeout ? */ 590 if (!rc) { 591 if (opinfo->is_lease) 592 opinfo->o_lease->state = SMB2_LEASE_NONE_LE; 593 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 594 opinfo->op_state = OPLOCK_STATE_NONE; 595 } 596} 597 598static void wake_up_oplock_break(struct oplock_info *opinfo) 599{ 600 clear_bit_unlock(0, &opinfo->pending_break); 601 /* memory barrier is needed for wake_up_bit() */ 602 smp_mb__after_atomic(); 603 wake_up_bit(&opinfo->pending_break, 0); 604} 605 606static int oplock_break_pending(struct oplock_info *opinfo, int req_op_level) 607{ 608 while (test_and_set_bit(0, &opinfo->pending_break)) { 609 wait_on_bit(&opinfo->pending_break, 0, TASK_UNINTERRUPTIBLE); 610 611 /* Not immediately break to none. */ 612 opinfo->open_trunc = 0; 613 614 if (opinfo->op_state == OPLOCK_CLOSING) 615 return -ENOENT; 616 else if (!opinfo->is_lease && opinfo->level <= req_op_level) 617 return 1; 618 } 619 620 if (!opinfo->is_lease && opinfo->level <= req_op_level) { 621 wake_up_oplock_break(opinfo); 622 return 1; 623 } 624 return 0; 625} 626 627/** 628 * __smb2_oplock_break_noti() - send smb2 oplock break cmd from conn 629 * to client 630 * @wk: smb work object 631 * 632 * There are two ways this function can be called. 1- while file open we break 633 * from exclusive/batch lock to levelII oplock and 2- while file write/truncate 634 * we break from levelII oplock no oplock. 635 * work->request_buf contains oplock_info. 636 */ 637static void __smb2_oplock_break_noti(struct work_struct *wk) 638{ 639 struct smb2_oplock_break *rsp = NULL; 640 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work); 641 struct oplock_break_info *br_info = work->request_buf; 642 struct smb2_hdr *rsp_hdr; 643 struct ksmbd_file *fp; 644 645 fp = ksmbd_lookup_global_fd(br_info->fid); 646 if (!fp) 647 goto out; 648 649 if (allocate_interim_rsp_buf(work)) { 650 pr_err("smb2_allocate_rsp_buf failed! "); 651 ksmbd_fd_put(work, fp); 652 goto out; 653 } 654 655 rsp_hdr = smb2_get_msg(work->response_buf); 656 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); 657 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; 658 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; 659 rsp_hdr->CreditRequest = cpu_to_le16(0); 660 rsp_hdr->Command = SMB2_OPLOCK_BREAK; 661 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR); 662 rsp_hdr->NextCommand = 0; 663 rsp_hdr->MessageId = cpu_to_le64(-1); 664 rsp_hdr->Id.SyncId.ProcessId = 0; 665 rsp_hdr->Id.SyncId.TreeId = 0; 666 rsp_hdr->SessionId = 0; 667 memset(rsp_hdr->Signature, 0, 16); 668 669 rsp = smb2_get_msg(work->response_buf); 670 671 rsp->StructureSize = cpu_to_le16(24); 672 if (!br_info->open_trunc && 673 (br_info->level == SMB2_OPLOCK_LEVEL_BATCH || 674 br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) 675 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_II; 676 else 677 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE; 678 rsp->Reserved = 0; 679 rsp->Reserved2 = 0; 680 rsp->PersistentFid = fp->persistent_id; 681 rsp->VolatileFid = fp->volatile_id; 682 683 ksmbd_fd_put(work, fp); 684 if (ksmbd_iov_pin_rsp(work, (void *)rsp, 685 sizeof(struct smb2_oplock_break))) 686 goto out; 687 688 ksmbd_debug(OPLOCK, 689 "sending oplock break v_id %llu p_id = %llu lock level = %d\n", 690 rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel); 691 692 ksmbd_conn_write(work); 693 694out: 695 ksmbd_free_work_struct(work); 696} 697 698/** 699 * smb2_oplock_break_noti() - send smb2 exclusive/batch to level2 oplock 700 * break command from server to client 701 * @opinfo: oplock info object 702 * 703 * Return: 0 on success, otherwise error 704 */ 705static int smb2_oplock_break_noti(struct oplock_info *opinfo) 706{ 707 struct ksmbd_conn *conn = opinfo->conn; 708 struct oplock_break_info *br_info; 709 int ret = 0; 710 struct ksmbd_work *work = ksmbd_alloc_work_struct(); 711 712 if (!work) 713 return -ENOMEM; 714 715 br_info = kmalloc(sizeof(struct oplock_break_info), GFP_KERNEL); 716 if (!br_info) { 717 ksmbd_free_work_struct(work); 718 return -ENOMEM; 719 } 720 721 br_info->level = opinfo->level; 722 br_info->fid = opinfo->fid; 723 br_info->open_trunc = opinfo->open_trunc; 724 725 work->request_buf = (char *)br_info; 726 work->conn = conn; 727 work->sess = opinfo->sess; 728 729 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 730 INIT_WORK(&work->work, __smb2_oplock_break_noti); 731 ksmbd_queue_work(work); 732 733 wait_for_break_ack(opinfo); 734 } else { 735 __smb2_oplock_break_noti(&work->work); 736 if (opinfo->level == SMB2_OPLOCK_LEVEL_II) 737 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 738 } 739 return ret; 740} 741 742/** 743 * __smb2_lease_break_noti() - send lease break command from server 744 * to client 745 * @wk: smb work object 746 */ 747static void __smb2_lease_break_noti(struct work_struct *wk) 748{ 749 struct smb2_lease_break *rsp = NULL; 750 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work); 751 struct lease_break_info *br_info = work->request_buf; 752 struct smb2_hdr *rsp_hdr; 753 754 if (allocate_interim_rsp_buf(work)) { 755 ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! "); 756 goto out; 757 } 758 759 rsp_hdr = smb2_get_msg(work->response_buf); 760 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); 761 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; 762 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; 763 rsp_hdr->CreditRequest = cpu_to_le16(0); 764 rsp_hdr->Command = SMB2_OPLOCK_BREAK; 765 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR); 766 rsp_hdr->NextCommand = 0; 767 rsp_hdr->MessageId = cpu_to_le64(-1); 768 rsp_hdr->Id.SyncId.ProcessId = 0; 769 rsp_hdr->Id.SyncId.TreeId = 0; 770 rsp_hdr->SessionId = 0; 771 memset(rsp_hdr->Signature, 0, 16); 772 773 rsp = smb2_get_msg(work->response_buf); 774 rsp->StructureSize = cpu_to_le16(44); 775 rsp->Epoch = br_info->epoch; 776 rsp->Flags = 0; 777 778 if (br_info->curr_state & (SMB2_LEASE_WRITE_CACHING_LE | 779 SMB2_LEASE_HANDLE_CACHING_LE)) 780 rsp->Flags = SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED; 781 782 memcpy(rsp->LeaseKey, br_info->lease_key, SMB2_LEASE_KEY_SIZE); 783 rsp->CurrentLeaseState = br_info->curr_state; 784 rsp->NewLeaseState = br_info->new_state; 785 rsp->BreakReason = 0; 786 rsp->AccessMaskHint = 0; 787 rsp->ShareMaskHint = 0; 788 789 if (ksmbd_iov_pin_rsp(work, (void *)rsp, 790 sizeof(struct smb2_lease_break))) 791 goto out; 792 793 ksmbd_conn_write(work); 794 795out: 796 ksmbd_free_work_struct(work); 797} 798 799/** 800 * smb2_lease_break_noti() - break lease when a new client request 801 * write lease 802 * @opinfo: conains lease state information 803 * 804 * Return: 0 on success, otherwise error 805 */ 806static int smb2_lease_break_noti(struct oplock_info *opinfo) 807{ 808 struct ksmbd_conn *conn = opinfo->conn; 809 struct list_head *tmp, *t; 810 struct ksmbd_work *work; 811 struct lease_break_info *br_info; 812 struct lease *lease = opinfo->o_lease; 813 814 work = ksmbd_alloc_work_struct(); 815 if (!work) 816 return -ENOMEM; 817 818 br_info = kmalloc(sizeof(struct lease_break_info), GFP_KERNEL); 819 if (!br_info) { 820 ksmbd_free_work_struct(work); 821 return -ENOMEM; 822 } 823 824 br_info->curr_state = lease->state; 825 br_info->new_state = lease->new_state; 826 if (lease->version == 2) 827 br_info->epoch = cpu_to_le16(++lease->epoch); 828 else 829 br_info->epoch = 0; 830 memcpy(br_info->lease_key, lease->lease_key, SMB2_LEASE_KEY_SIZE); 831 832 work->request_buf = (char *)br_info; 833 work->conn = conn; 834 work->sess = opinfo->sess; 835 836 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 837 list_for_each_safe(tmp, t, &opinfo->interim_list) { 838 struct ksmbd_work *in_work; 839 840 in_work = list_entry(tmp, struct ksmbd_work, 841 interim_entry); 842 setup_async_work(in_work, NULL, NULL); 843 smb2_send_interim_resp(in_work, STATUS_PENDING); 844 list_del_init(&in_work->interim_entry); 845 release_async_work(in_work); 846 } 847 INIT_WORK(&work->work, __smb2_lease_break_noti); 848 ksmbd_queue_work(work); 849 wait_for_break_ack(opinfo); 850 } else { 851 __smb2_lease_break_noti(&work->work); 852 if (opinfo->o_lease->new_state == SMB2_LEASE_NONE_LE) { 853 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 854 opinfo->o_lease->state = SMB2_LEASE_NONE_LE; 855 } 856 } 857 return 0; 858} 859 860static void wait_lease_breaking(struct oplock_info *opinfo) 861{ 862 if (!opinfo->is_lease) 863 return; 864 865 wake_up_interruptible_all(&opinfo->oplock_brk); 866 if (atomic_read(&opinfo->breaking_cnt)) { 867 int ret = 0; 868 869 ret = wait_event_interruptible_timeout(opinfo->oplock_brk, 870 atomic_read(&opinfo->breaking_cnt) == 0, 871 HZ); 872 if (!ret) 873 atomic_set(&opinfo->breaking_cnt, 0); 874 } 875} 876 877static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level) 878{ 879 int err = 0; 880 881 /* Need to break exclusive/batch oplock, write lease or overwrite_if */ 882 ksmbd_debug(OPLOCK, 883 "request to send oplock(level : 0x%x) break notification\n", 884 brk_opinfo->level); 885 886 if (brk_opinfo->is_lease) { 887 struct lease *lease = brk_opinfo->o_lease; 888 889 atomic_inc(&brk_opinfo->breaking_cnt); 890 891 err = oplock_break_pending(brk_opinfo, req_op_level); 892 if (err) 893 return err < 0 ? err : 0; 894 895 if (brk_opinfo->open_trunc) { 896 /* 897 * Create overwrite break trigger the lease break to 898 * none. 899 */ 900 lease->new_state = SMB2_LEASE_NONE_LE; 901 } else { 902 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) { 903 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE) 904 lease->new_state = 905 SMB2_LEASE_READ_CACHING_LE | 906 SMB2_LEASE_HANDLE_CACHING_LE; 907 else 908 lease->new_state = 909 SMB2_LEASE_READ_CACHING_LE; 910 } else { 911 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE && 912 !lease->is_dir) 913 lease->new_state = 914 SMB2_LEASE_READ_CACHING_LE; 915 else 916 lease->new_state = SMB2_LEASE_NONE_LE; 917 } 918 } 919 920 if (lease->state & (SMB2_LEASE_WRITE_CACHING_LE | 921 SMB2_LEASE_HANDLE_CACHING_LE)) 922 brk_opinfo->op_state = OPLOCK_ACK_WAIT; 923 else 924 atomic_dec(&brk_opinfo->breaking_cnt); 925 } else { 926 err = oplock_break_pending(brk_opinfo, req_op_level); 927 if (err) 928 return err < 0 ? err : 0; 929 930 if (brk_opinfo->level == SMB2_OPLOCK_LEVEL_BATCH || 931 brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) 932 brk_opinfo->op_state = OPLOCK_ACK_WAIT; 933 } 934 935 if (brk_opinfo->is_lease) 936 err = smb2_lease_break_noti(brk_opinfo); 937 else 938 err = smb2_oplock_break_noti(brk_opinfo); 939 940 ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level); 941 if (brk_opinfo->op_state == OPLOCK_CLOSING) 942 err = -ENOENT; 943 wake_up_oplock_break(brk_opinfo); 944 945 wait_lease_breaking(brk_opinfo); 946 947 return err; 948} 949 950void destroy_lease_table(struct ksmbd_conn *conn) 951{ 952 struct lease_table *lb, *lbtmp; 953 struct oplock_info *opinfo; 954 955 write_lock(&lease_list_lock); 956 if (list_empty(&lease_table_list)) { 957 write_unlock(&lease_list_lock); 958 return; 959 } 960 961 list_for_each_entry_safe(lb, lbtmp, &lease_table_list, l_entry) { 962 if (conn && memcmp(lb->client_guid, conn->ClientGUID, 963 SMB2_CLIENT_GUID_SIZE)) 964 continue; 965again: 966 rcu_read_lock(); 967 list_for_each_entry_rcu(opinfo, &lb->lease_list, 968 lease_entry) { 969 rcu_read_unlock(); 970 lease_del_list(opinfo); 971 goto again; 972 } 973 rcu_read_unlock(); 974 list_del(&lb->l_entry); 975 kfree(lb); 976 } 977 write_unlock(&lease_list_lock); 978} 979 980int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci, 981 struct lease_ctx_info *lctx) 982{ 983 struct oplock_info *opinfo; 984 int err = 0; 985 struct lease_table *lb; 986 987 if (!lctx) 988 return err; 989 990 read_lock(&lease_list_lock); 991 if (list_empty(&lease_table_list)) { 992 read_unlock(&lease_list_lock); 993 return 0; 994 } 995 996 list_for_each_entry(lb, &lease_table_list, l_entry) { 997 if (!memcmp(lb->client_guid, sess->ClientGUID, 998 SMB2_CLIENT_GUID_SIZE)) 999 goto found; 1000 } 1001 read_unlock(&lease_list_lock); 1002 1003 return 0; 1004 1005found: 1006 rcu_read_lock(); 1007 list_for_each_entry_rcu(opinfo, &lb->lease_list, lease_entry) { 1008 if (!atomic_inc_not_zero(&opinfo->refcount)) 1009 continue; 1010 rcu_read_unlock(); 1011 if (opinfo->o_fp->f_ci == ci) 1012 goto op_next; 1013 err = compare_guid_key(opinfo, sess->ClientGUID, 1014 lctx->lease_key); 1015 if (err) { 1016 err = -EINVAL; 1017 ksmbd_debug(OPLOCK, 1018 "found same lease key is already used in other files\n"); 1019 opinfo_put(opinfo); 1020 goto out; 1021 } 1022op_next: 1023 opinfo_put(opinfo); 1024 rcu_read_lock(); 1025 } 1026 rcu_read_unlock(); 1027 1028out: 1029 read_unlock(&lease_list_lock); 1030 return err; 1031} 1032 1033static void copy_lease(struct oplock_info *op1, struct oplock_info *op2) 1034{ 1035 struct lease *lease1 = op1->o_lease; 1036 struct lease *lease2 = op2->o_lease; 1037 1038 op2->level = op1->level; 1039 lease2->state = lease1->state; 1040 memcpy(lease2->lease_key, lease1->lease_key, 1041 SMB2_LEASE_KEY_SIZE); 1042 lease2->duration = lease1->duration; 1043 lease2->flags = lease1->flags; 1044 lease2->epoch = lease1->epoch; 1045 lease2->version = lease1->version; 1046} 1047 1048static int add_lease_global_list(struct oplock_info *opinfo) 1049{ 1050 struct lease_table *lb; 1051 1052 read_lock(&lease_list_lock); 1053 list_for_each_entry(lb, &lease_table_list, l_entry) { 1054 if (!memcmp(lb->client_guid, opinfo->conn->ClientGUID, 1055 SMB2_CLIENT_GUID_SIZE)) { 1056 opinfo->o_lease->l_lb = lb; 1057 lease_add_list(opinfo); 1058 read_unlock(&lease_list_lock); 1059 return 0; 1060 } 1061 } 1062 read_unlock(&lease_list_lock); 1063 1064 lb = kmalloc(sizeof(struct lease_table), GFP_KERNEL); 1065 if (!lb) 1066 return -ENOMEM; 1067 1068 memcpy(lb->client_guid, opinfo->conn->ClientGUID, 1069 SMB2_CLIENT_GUID_SIZE); 1070 INIT_LIST_HEAD(&lb->lease_list); 1071 spin_lock_init(&lb->lb_lock); 1072 opinfo->o_lease->l_lb = lb; 1073 lease_add_list(opinfo); 1074 lb_add(lb); 1075 return 0; 1076} 1077 1078static void set_oplock_level(struct oplock_info *opinfo, int level, 1079 struct lease_ctx_info *lctx) 1080{ 1081 switch (level) { 1082 case SMB2_OPLOCK_LEVEL_BATCH: 1083 case SMB2_OPLOCK_LEVEL_EXCLUSIVE: 1084 grant_write_oplock(opinfo, level, lctx); 1085 break; 1086 case SMB2_OPLOCK_LEVEL_II: 1087 grant_read_oplock(opinfo, lctx); 1088 break; 1089 default: 1090 grant_none_oplock(opinfo, lctx); 1091 break; 1092 } 1093} 1094 1095void smb_send_parent_lease_break_noti(struct ksmbd_file *fp, 1096 struct lease_ctx_info *lctx) 1097{ 1098 struct oplock_info *opinfo; 1099 struct ksmbd_inode *p_ci = NULL; 1100 1101 if (lctx->version != 2) 1102 return; 1103 1104 p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent); 1105 if (!p_ci) 1106 return; 1107 1108 read_lock(&p_ci->m_lock); 1109 list_for_each_entry(opinfo, &p_ci->m_op_list, op_entry) { 1110 if (opinfo->conn == NULL || !opinfo->is_lease) 1111 continue; 1112 1113 if (opinfo->o_lease->state != SMB2_OPLOCK_LEVEL_NONE && 1114 (!(lctx->flags & SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE) || 1115 !compare_guid_key(opinfo, fp->conn->ClientGUID, 1116 lctx->parent_lease_key))) { 1117 if (!atomic_inc_not_zero(&opinfo->refcount)) 1118 continue; 1119 1120 atomic_inc(&opinfo->conn->r_count); 1121 if (ksmbd_conn_releasing(opinfo->conn)) { 1122 atomic_dec(&opinfo->conn->r_count); 1123 continue; 1124 } 1125 1126 read_unlock(&p_ci->m_lock); 1127 oplock_break(opinfo, SMB2_OPLOCK_LEVEL_NONE); 1128 opinfo_conn_put(opinfo); 1129 read_lock(&p_ci->m_lock); 1130 } 1131 } 1132 read_unlock(&p_ci->m_lock); 1133 1134 ksmbd_inode_put(p_ci); 1135} 1136 1137void smb_lazy_parent_lease_break_close(struct ksmbd_file *fp) 1138{ 1139 struct oplock_info *opinfo; 1140 struct ksmbd_inode *p_ci = NULL; 1141 1142 rcu_read_lock(); 1143 opinfo = rcu_dereference(fp->f_opinfo); 1144 rcu_read_unlock(); 1145 1146 if (!opinfo || !opinfo->is_lease || opinfo->o_lease->version != 2) 1147 return; 1148 1149 p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent); 1150 if (!p_ci) 1151 return; 1152 1153 read_lock(&p_ci->m_lock); 1154 list_for_each_entry(opinfo, &p_ci->m_op_list, op_entry) { 1155 if (opinfo->conn == NULL || !opinfo->is_lease) 1156 continue; 1157 1158 if (opinfo->o_lease->state != SMB2_OPLOCK_LEVEL_NONE) { 1159 if (!atomic_inc_not_zero(&opinfo->refcount)) 1160 continue; 1161 1162 atomic_inc(&opinfo->conn->r_count); 1163 if (ksmbd_conn_releasing(opinfo->conn)) { 1164 atomic_dec(&opinfo->conn->r_count); 1165 continue; 1166 } 1167 read_unlock(&p_ci->m_lock); 1168 oplock_break(opinfo, SMB2_OPLOCK_LEVEL_NONE); 1169 opinfo_conn_put(opinfo); 1170 read_lock(&p_ci->m_lock); 1171 } 1172 } 1173 read_unlock(&p_ci->m_lock); 1174 1175 ksmbd_inode_put(p_ci); 1176} 1177 1178/** 1179 * smb_grant_oplock() - handle oplock/lease request on file open 1180 * @work: smb work 1181 * @req_op_level: oplock level 1182 * @pid: id of open file 1183 * @fp: ksmbd file pointer 1184 * @tid: Tree id of connection 1185 * @lctx: lease context information on file open 1186 * @share_ret: share mode 1187 * 1188 * Return: 0 on success, otherwise error 1189 */ 1190int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid, 1191 struct ksmbd_file *fp, __u16 tid, 1192 struct lease_ctx_info *lctx, int share_ret) 1193{ 1194 struct ksmbd_session *sess = work->sess; 1195 int err = 0; 1196 struct oplock_info *opinfo = NULL, *prev_opinfo = NULL; 1197 struct ksmbd_inode *ci = fp->f_ci; 1198 bool prev_op_has_lease; 1199 __le32 prev_op_state = 0; 1200 1201 /* Only v2 leases handle the directory */ 1202 if (S_ISDIR(file_inode(fp->filp)->i_mode)) { 1203 if (!lctx || lctx->version != 2) 1204 return 0; 1205 } 1206 1207 opinfo = alloc_opinfo(work, pid, tid); 1208 if (!opinfo) 1209 return -ENOMEM; 1210 1211 if (lctx) { 1212 err = alloc_lease(opinfo, lctx); 1213 if (err) 1214 goto err_out; 1215 opinfo->is_lease = 1; 1216 } 1217 1218 /* ci does not have any oplock */ 1219 if (!opinfo_count(fp)) 1220 goto set_lev; 1221 1222 /* grant none-oplock if second open is trunc */ 1223 if (fp->attrib_only && fp->cdoption != FILE_OVERWRITE_IF_LE && 1224 fp->cdoption != FILE_OVERWRITE_LE && 1225 fp->cdoption != FILE_SUPERSEDE_LE) { 1226 req_op_level = SMB2_OPLOCK_LEVEL_NONE; 1227 goto set_lev; 1228 } 1229 1230 if (lctx) { 1231 struct oplock_info *m_opinfo; 1232 1233 /* is lease already granted ? */ 1234 m_opinfo = same_client_has_lease(ci, sess->ClientGUID, 1235 lctx); 1236 if (m_opinfo) { 1237 copy_lease(m_opinfo, opinfo); 1238 if (atomic_read(&m_opinfo->breaking_cnt)) 1239 opinfo->o_lease->flags = 1240 SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE; 1241 goto out; 1242 } 1243 } 1244 prev_opinfo = opinfo_get_list(ci); 1245 if (!prev_opinfo || 1246 (prev_opinfo->level == SMB2_OPLOCK_LEVEL_NONE && lctx)) { 1247 opinfo_conn_put(prev_opinfo); 1248 goto set_lev; 1249 } 1250 prev_op_has_lease = prev_opinfo->is_lease; 1251 if (prev_op_has_lease) 1252 prev_op_state = prev_opinfo->o_lease->state; 1253 1254 if (share_ret < 0 && 1255 prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) { 1256 err = share_ret; 1257 opinfo_conn_put(prev_opinfo); 1258 goto err_out; 1259 } 1260 1261 if (prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH && 1262 prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) { 1263 opinfo_conn_put(prev_opinfo); 1264 goto op_break_not_needed; 1265 } 1266 1267 list_add(&work->interim_entry, &prev_opinfo->interim_list); 1268 err = oplock_break(prev_opinfo, SMB2_OPLOCK_LEVEL_II); 1269 opinfo_conn_put(prev_opinfo); 1270 if (err == -ENOENT) 1271 goto set_lev; 1272 /* Check all oplock was freed by close */ 1273 else if (err < 0) 1274 goto err_out; 1275 1276op_break_not_needed: 1277 if (share_ret < 0) { 1278 err = share_ret; 1279 goto err_out; 1280 } 1281 1282 if (req_op_level != SMB2_OPLOCK_LEVEL_NONE) 1283 req_op_level = SMB2_OPLOCK_LEVEL_II; 1284 1285 /* grant fixed oplock on stacked locking between lease and oplock */ 1286 if (prev_op_has_lease && !lctx) 1287 if (prev_op_state & SMB2_LEASE_HANDLE_CACHING_LE) 1288 req_op_level = SMB2_OPLOCK_LEVEL_NONE; 1289 1290 if (!prev_op_has_lease && lctx) { 1291 req_op_level = SMB2_OPLOCK_LEVEL_II; 1292 lctx->req_state = SMB2_LEASE_READ_CACHING_LE; 1293 } 1294 1295set_lev: 1296 set_oplock_level(opinfo, req_op_level, lctx); 1297 1298out: 1299 rcu_assign_pointer(fp->f_opinfo, opinfo); 1300 opinfo->o_fp = fp; 1301 1302 opinfo_count_inc(fp); 1303 opinfo_add(opinfo); 1304 if (opinfo->is_lease) { 1305 err = add_lease_global_list(opinfo); 1306 if (err) 1307 goto err_out; 1308 } 1309 1310 return 0; 1311err_out: 1312 free_opinfo(opinfo); 1313 return err; 1314} 1315 1316/** 1317 * smb_break_all_write_oplock() - break batch/exclusive oplock to level2 1318 * @work: smb work 1319 * @fp: ksmbd file pointer 1320 * @is_trunc: truncate on open 1321 */ 1322static void smb_break_all_write_oplock(struct ksmbd_work *work, 1323 struct ksmbd_file *fp, int is_trunc) 1324{ 1325 struct oplock_info *brk_opinfo; 1326 1327 brk_opinfo = opinfo_get_list(fp->f_ci); 1328 if (!brk_opinfo) 1329 return; 1330 if (brk_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH && 1331 brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) { 1332 opinfo_conn_put(brk_opinfo); 1333 return; 1334 } 1335 1336 brk_opinfo->open_trunc = is_trunc; 1337 list_add(&work->interim_entry, &brk_opinfo->interim_list); 1338 oplock_break(brk_opinfo, SMB2_OPLOCK_LEVEL_II); 1339 opinfo_conn_put(brk_opinfo); 1340} 1341 1342/** 1343 * smb_break_all_levII_oplock() - send level2 oplock or read lease break command 1344 * from server to client 1345 * @work: smb work 1346 * @fp: ksmbd file pointer 1347 * @is_trunc: truncate on open 1348 */ 1349void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp, 1350 int is_trunc) 1351{ 1352 struct oplock_info *op, *brk_op; 1353 struct ksmbd_inode *ci; 1354 struct ksmbd_conn *conn = work->conn; 1355 1356 if (!test_share_config_flag(work->tcon->share_conf, 1357 KSMBD_SHARE_FLAG_OPLOCKS)) 1358 return; 1359 1360 ci = fp->f_ci; 1361 op = opinfo_get(fp); 1362 1363 rcu_read_lock(); 1364 list_for_each_entry_rcu(brk_op, &ci->m_op_list, op_entry) { 1365 if (brk_op->conn == NULL) 1366 continue; 1367 1368 if (!atomic_inc_not_zero(&brk_op->refcount)) 1369 continue; 1370 1371 atomic_inc(&brk_op->conn->r_count); 1372 if (ksmbd_conn_releasing(brk_op->conn)) { 1373 atomic_dec(&brk_op->conn->r_count); 1374 continue; 1375 } 1376 1377 rcu_read_unlock(); 1378 if (brk_op->is_lease && (brk_op->o_lease->state & 1379 (~(SMB2_LEASE_READ_CACHING_LE | 1380 SMB2_LEASE_HANDLE_CACHING_LE)))) { 1381 ksmbd_debug(OPLOCK, "unexpected lease state(0x%x)\n", 1382 brk_op->o_lease->state); 1383 goto next; 1384 } else if (brk_op->level != 1385 SMB2_OPLOCK_LEVEL_II) { 1386 ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n", 1387 brk_op->level); 1388 goto next; 1389 } 1390 1391 /* Skip oplock being break to none */ 1392 if (brk_op->is_lease && 1393 brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE && 1394 atomic_read(&brk_op->breaking_cnt)) 1395 goto next; 1396 1397 if (op && op->is_lease && brk_op->is_lease && 1398 !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID, 1399 SMB2_CLIENT_GUID_SIZE) && 1400 !memcmp(op->o_lease->lease_key, brk_op->o_lease->lease_key, 1401 SMB2_LEASE_KEY_SIZE)) 1402 goto next; 1403 brk_op->open_trunc = is_trunc; 1404 oplock_break(brk_op, SMB2_OPLOCK_LEVEL_NONE); 1405next: 1406 opinfo_conn_put(brk_op); 1407 rcu_read_lock(); 1408 } 1409 rcu_read_unlock(); 1410 1411 if (op) 1412 opinfo_put(op); 1413} 1414 1415/** 1416 * smb_break_all_oplock() - break both batch/exclusive and level2 oplock 1417 * @work: smb work 1418 * @fp: ksmbd file pointer 1419 */ 1420void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp) 1421{ 1422 if (!test_share_config_flag(work->tcon->share_conf, 1423 KSMBD_SHARE_FLAG_OPLOCKS)) 1424 return; 1425 1426 smb_break_all_write_oplock(work, fp, 1); 1427 smb_break_all_levII_oplock(work, fp, 1); 1428} 1429 1430/** 1431 * smb2_map_lease_to_oplock() - map lease state to corresponding oplock type 1432 * @lease_state: lease type 1433 * 1434 * Return: 0 if no mapping, otherwise corresponding oplock type 1435 */ 1436__u8 smb2_map_lease_to_oplock(__le32 lease_state) 1437{ 1438 if (lease_state == (SMB2_LEASE_HANDLE_CACHING_LE | 1439 SMB2_LEASE_READ_CACHING_LE | 1440 SMB2_LEASE_WRITE_CACHING_LE)) { 1441 return SMB2_OPLOCK_LEVEL_BATCH; 1442 } else if (lease_state != SMB2_LEASE_WRITE_CACHING_LE && 1443 lease_state & SMB2_LEASE_WRITE_CACHING_LE) { 1444 if (!(lease_state & SMB2_LEASE_HANDLE_CACHING_LE)) 1445 return SMB2_OPLOCK_LEVEL_EXCLUSIVE; 1446 } else if (lease_state & SMB2_LEASE_READ_CACHING_LE) { 1447 return SMB2_OPLOCK_LEVEL_II; 1448 } 1449 return 0; 1450} 1451 1452/** 1453 * create_lease_buf() - create lease context for open cmd response 1454 * @rbuf: buffer to create lease context response 1455 * @lease: buffer to stored parsed lease state information 1456 */ 1457void create_lease_buf(u8 *rbuf, struct lease *lease) 1458{ 1459 if (lease->version == 2) { 1460 struct create_lease_v2 *buf = (struct create_lease_v2 *)rbuf; 1461 1462 memset(buf, 0, sizeof(struct create_lease_v2)); 1463 memcpy(buf->lcontext.LeaseKey, lease->lease_key, 1464 SMB2_LEASE_KEY_SIZE); 1465 buf->lcontext.LeaseFlags = lease->flags; 1466 buf->lcontext.Epoch = cpu_to_le16(lease->epoch); 1467 buf->lcontext.LeaseState = lease->state; 1468 memcpy(buf->lcontext.ParentLeaseKey, lease->parent_lease_key, 1469 SMB2_LEASE_KEY_SIZE); 1470 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1471 (struct create_lease_v2, lcontext)); 1472 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2)); 1473 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1474 (struct create_lease_v2, Name)); 1475 buf->ccontext.NameLength = cpu_to_le16(4); 1476 buf->Name[0] = 'R'; 1477 buf->Name[1] = 'q'; 1478 buf->Name[2] = 'L'; 1479 buf->Name[3] = 's'; 1480 } else { 1481 struct create_lease *buf = (struct create_lease *)rbuf; 1482 1483 memset(buf, 0, sizeof(struct create_lease)); 1484 memcpy(buf->lcontext.LeaseKey, lease->lease_key, SMB2_LEASE_KEY_SIZE); 1485 buf->lcontext.LeaseFlags = lease->flags; 1486 buf->lcontext.LeaseState = lease->state; 1487 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1488 (struct create_lease, lcontext)); 1489 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context)); 1490 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1491 (struct create_lease, Name)); 1492 buf->ccontext.NameLength = cpu_to_le16(4); 1493 buf->Name[0] = 'R'; 1494 buf->Name[1] = 'q'; 1495 buf->Name[2] = 'L'; 1496 buf->Name[3] = 's'; 1497 } 1498} 1499 1500/** 1501 * parse_lease_state() - parse lease context containted in file open request 1502 * @open_req: buffer containing smb2 file open(create) request 1503 * 1504 * Return: oplock state, -ENOENT if create lease context not found 1505 */ 1506struct lease_ctx_info *parse_lease_state(void *open_req) 1507{ 1508 struct create_context *cc; 1509 struct smb2_create_req *req = (struct smb2_create_req *)open_req; 1510 struct lease_ctx_info *lreq; 1511 1512 cc = smb2_find_context_vals(req, SMB2_CREATE_REQUEST_LEASE, 4); 1513 if (IS_ERR_OR_NULL(cc)) 1514 return NULL; 1515 1516 lreq = kzalloc(sizeof(struct lease_ctx_info), GFP_KERNEL); 1517 if (!lreq) 1518 return NULL; 1519 1520 if (sizeof(struct lease_context_v2) == le32_to_cpu(cc->DataLength)) { 1521 struct create_lease_v2 *lc = (struct create_lease_v2 *)cc; 1522 1523 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE); 1524 lreq->req_state = lc->lcontext.LeaseState; 1525 lreq->flags = lc->lcontext.LeaseFlags; 1526 lreq->epoch = lc->lcontext.Epoch; 1527 lreq->duration = lc->lcontext.LeaseDuration; 1528 memcpy(lreq->parent_lease_key, lc->lcontext.ParentLeaseKey, 1529 SMB2_LEASE_KEY_SIZE); 1530 lreq->version = 2; 1531 } else { 1532 struct create_lease *lc = (struct create_lease *)cc; 1533 1534 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE); 1535 lreq->req_state = lc->lcontext.LeaseState; 1536 lreq->flags = lc->lcontext.LeaseFlags; 1537 lreq->duration = lc->lcontext.LeaseDuration; 1538 lreq->version = 1; 1539 } 1540 return lreq; 1541} 1542 1543/** 1544 * smb2_find_context_vals() - find a particular context info in open request 1545 * @open_req: buffer containing smb2 file open(create) request 1546 * @tag: context name to search for 1547 * @tag_len: the length of tag 1548 * 1549 * Return: pointer to requested context, NULL if @str context not found 1550 * or error pointer if name length is invalid. 1551 */ 1552struct create_context *smb2_find_context_vals(void *open_req, const char *tag, int tag_len) 1553{ 1554 struct create_context *cc; 1555 unsigned int next = 0; 1556 char *name; 1557 struct smb2_create_req *req = (struct smb2_create_req *)open_req; 1558 unsigned int remain_len, name_off, name_len, value_off, value_len, 1559 cc_len; 1560 1561 /* 1562 * CreateContextsOffset and CreateContextsLength are guaranteed to 1563 * be valid because of ksmbd_smb2_check_message(). 1564 */ 1565 cc = (struct create_context *)((char *)req + 1566 le32_to_cpu(req->CreateContextsOffset)); 1567 remain_len = le32_to_cpu(req->CreateContextsLength); 1568 do { 1569 cc = (struct create_context *)((char *)cc + next); 1570 if (remain_len < offsetof(struct create_context, Buffer)) 1571 return ERR_PTR(-EINVAL); 1572 1573 next = le32_to_cpu(cc->Next); 1574 name_off = le16_to_cpu(cc->NameOffset); 1575 name_len = le16_to_cpu(cc->NameLength); 1576 value_off = le16_to_cpu(cc->DataOffset); 1577 value_len = le32_to_cpu(cc->DataLength); 1578 cc_len = next ? next : remain_len; 1579 1580 if ((next & 0x7) != 0 || 1581 next > remain_len || 1582 name_off != offsetof(struct create_context, Buffer) || 1583 name_len < 4 || 1584 name_off + name_len > cc_len || 1585 (value_off & 0x7) != 0 || 1586 (value_len && value_off < name_off + (name_len < 8 ? 8 : name_len)) || 1587 ((u64)value_off + value_len > cc_len)) 1588 return ERR_PTR(-EINVAL); 1589 1590 name = (char *)cc + name_off; 1591 if (name_len == tag_len && !memcmp(name, tag, name_len)) 1592 return cc; 1593 1594 remain_len -= next; 1595 } while (next != 0); 1596 1597 return NULL; 1598} 1599 1600/** 1601 * create_durable_rsp_buf() - create durable handle context 1602 * @cc: buffer to create durable context response 1603 */ 1604void create_durable_rsp_buf(char *cc) 1605{ 1606 struct create_durable_rsp *buf; 1607 1608 buf = (struct create_durable_rsp *)cc; 1609 memset(buf, 0, sizeof(struct create_durable_rsp)); 1610 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1611 (struct create_durable_rsp, Data)); 1612 buf->ccontext.DataLength = cpu_to_le32(8); 1613 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1614 (struct create_durable_rsp, Name)); 1615 buf->ccontext.NameLength = cpu_to_le16(4); 1616 /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE is "DHnQ" */ 1617 buf->Name[0] = 'D'; 1618 buf->Name[1] = 'H'; 1619 buf->Name[2] = 'n'; 1620 buf->Name[3] = 'Q'; 1621} 1622 1623/** 1624 * create_durable_v2_rsp_buf() - create durable handle v2 context 1625 * @cc: buffer to create durable context response 1626 * @fp: ksmbd file pointer 1627 */ 1628void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp) 1629{ 1630 struct create_durable_v2_rsp *buf; 1631 1632 buf = (struct create_durable_v2_rsp *)cc; 1633 memset(buf, 0, sizeof(struct create_durable_rsp)); 1634 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1635 (struct create_durable_rsp, Data)); 1636 buf->ccontext.DataLength = cpu_to_le32(8); 1637 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1638 (struct create_durable_rsp, Name)); 1639 buf->ccontext.NameLength = cpu_to_le16(4); 1640 /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2 is "DH2Q" */ 1641 buf->Name[0] = 'D'; 1642 buf->Name[1] = 'H'; 1643 buf->Name[2] = '2'; 1644 buf->Name[3] = 'Q'; 1645 1646 buf->Timeout = cpu_to_le32(fp->durable_timeout); 1647 if (fp->is_persistent) 1648 buf->Flags = cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT); 1649} 1650 1651/** 1652 * create_mxac_rsp_buf() - create query maximal access context 1653 * @cc: buffer to create maximal access context response 1654 * @maximal_access: maximal access 1655 */ 1656void create_mxac_rsp_buf(char *cc, int maximal_access) 1657{ 1658 struct create_mxac_rsp *buf; 1659 1660 buf = (struct create_mxac_rsp *)cc; 1661 memset(buf, 0, sizeof(struct create_mxac_rsp)); 1662 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1663 (struct create_mxac_rsp, QueryStatus)); 1664 buf->ccontext.DataLength = cpu_to_le32(8); 1665 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1666 (struct create_mxac_rsp, Name)); 1667 buf->ccontext.NameLength = cpu_to_le16(4); 1668 /* SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE is "MxAc" */ 1669 buf->Name[0] = 'M'; 1670 buf->Name[1] = 'x'; 1671 buf->Name[2] = 'A'; 1672 buf->Name[3] = 'c'; 1673 1674 buf->QueryStatus = STATUS_SUCCESS; 1675 buf->MaximalAccess = cpu_to_le32(maximal_access); 1676} 1677 1678void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id) 1679{ 1680 struct create_disk_id_rsp *buf; 1681 1682 buf = (struct create_disk_id_rsp *)cc; 1683 memset(buf, 0, sizeof(struct create_disk_id_rsp)); 1684 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1685 (struct create_disk_id_rsp, DiskFileId)); 1686 buf->ccontext.DataLength = cpu_to_le32(32); 1687 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1688 (struct create_mxac_rsp, Name)); 1689 buf->ccontext.NameLength = cpu_to_le16(4); 1690 /* SMB2_CREATE_QUERY_ON_DISK_ID_RESPONSE is "QFid" */ 1691 buf->Name[0] = 'Q'; 1692 buf->Name[1] = 'F'; 1693 buf->Name[2] = 'i'; 1694 buf->Name[3] = 'd'; 1695 1696 buf->DiskFileId = cpu_to_le64(file_id); 1697 buf->VolumeId = cpu_to_le64(vol_id); 1698} 1699 1700/** 1701 * create_posix_rsp_buf() - create posix extension context 1702 * @cc: buffer to create posix on posix response 1703 * @fp: ksmbd file pointer 1704 */ 1705void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp) 1706{ 1707 struct create_posix_rsp *buf; 1708 struct inode *inode = file_inode(fp->filp); 1709 struct mnt_idmap *idmap = file_mnt_idmap(fp->filp); 1710 vfsuid_t vfsuid = i_uid_into_vfsuid(idmap, inode); 1711 vfsgid_t vfsgid = i_gid_into_vfsgid(idmap, inode); 1712 1713 buf = (struct create_posix_rsp *)cc; 1714 memset(buf, 0, sizeof(struct create_posix_rsp)); 1715 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1716 (struct create_posix_rsp, nlink)); 1717 /* 1718 * DataLength = nlink(4) + reparse_tag(4) + mode(4) + 1719 * domain sid(28) + unix group sid(16). 1720 */ 1721 buf->ccontext.DataLength = cpu_to_le32(56); 1722 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1723 (struct create_posix_rsp, Name)); 1724 buf->ccontext.NameLength = cpu_to_le16(POSIX_CTXT_DATA_LEN); 1725 /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */ 1726 buf->Name[0] = 0x93; 1727 buf->Name[1] = 0xAD; 1728 buf->Name[2] = 0x25; 1729 buf->Name[3] = 0x50; 1730 buf->Name[4] = 0x9C; 1731 buf->Name[5] = 0xB4; 1732 buf->Name[6] = 0x11; 1733 buf->Name[7] = 0xE7; 1734 buf->Name[8] = 0xB4; 1735 buf->Name[9] = 0x23; 1736 buf->Name[10] = 0x83; 1737 buf->Name[11] = 0xDE; 1738 buf->Name[12] = 0x96; 1739 buf->Name[13] = 0x8B; 1740 buf->Name[14] = 0xCD; 1741 buf->Name[15] = 0x7C; 1742 1743 buf->nlink = cpu_to_le32(inode->i_nlink); 1744 buf->reparse_tag = cpu_to_le32(fp->volatile_id); 1745 buf->mode = cpu_to_le32(inode->i_mode & 0777); 1746 /* 1747 * SidBuffer(44) contain two sids(Domain sid(28), UNIX group sid(16)). 1748 * Domain sid(28) = revision(1) + num_subauth(1) + authority(6) + 1749 * sub_auth(4 * 4(num_subauth)) + RID(4). 1750 * UNIX group id(16) = revision(1) + num_subauth(1) + authority(6) + 1751 * sub_auth(4 * 1(num_subauth)) + RID(4). 1752 */ 1753 id_to_sid(from_kuid_munged(&init_user_ns, vfsuid_into_kuid(vfsuid)), 1754 SIDOWNER, (struct smb_sid *)&buf->SidBuffer[0]); 1755 id_to_sid(from_kgid_munged(&init_user_ns, vfsgid_into_kgid(vfsgid)), 1756 SIDUNIX_GROUP, (struct smb_sid *)&buf->SidBuffer[28]); 1757} 1758 1759/* 1760 * Find lease object(opinfo) for given lease key/fid from lease 1761 * break/file close path. 1762 */ 1763/** 1764 * lookup_lease_in_table() - find a matching lease info object 1765 * @conn: connection instance 1766 * @lease_key: lease key to be searched for 1767 * 1768 * Return: opinfo if found matching opinfo, otherwise NULL 1769 */ 1770struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn, 1771 char *lease_key) 1772{ 1773 struct oplock_info *opinfo = NULL, *ret_op = NULL; 1774 struct lease_table *lt; 1775 int ret; 1776 1777 read_lock(&lease_list_lock); 1778 list_for_each_entry(lt, &lease_table_list, l_entry) { 1779 if (!memcmp(lt->client_guid, conn->ClientGUID, 1780 SMB2_CLIENT_GUID_SIZE)) 1781 goto found; 1782 } 1783 1784 read_unlock(&lease_list_lock); 1785 return NULL; 1786 1787found: 1788 rcu_read_lock(); 1789 list_for_each_entry_rcu(opinfo, <->lease_list, lease_entry) { 1790 if (!atomic_inc_not_zero(&opinfo->refcount)) 1791 continue; 1792 rcu_read_unlock(); 1793 if (!opinfo->op_state || opinfo->op_state == OPLOCK_CLOSING) 1794 goto op_next; 1795 if (!(opinfo->o_lease->state & 1796 (SMB2_LEASE_HANDLE_CACHING_LE | 1797 SMB2_LEASE_WRITE_CACHING_LE))) 1798 goto op_next; 1799 ret = compare_guid_key(opinfo, conn->ClientGUID, 1800 lease_key); 1801 if (ret) { 1802 ksmbd_debug(OPLOCK, "found opinfo\n"); 1803 ret_op = opinfo; 1804 goto out; 1805 } 1806op_next: 1807 opinfo_put(opinfo); 1808 rcu_read_lock(); 1809 } 1810 rcu_read_unlock(); 1811 1812out: 1813 read_unlock(&lease_list_lock); 1814 return ret_op; 1815} 1816 1817int smb2_check_durable_oplock(struct ksmbd_conn *conn, 1818 struct ksmbd_share_config *share, 1819 struct ksmbd_file *fp, 1820 struct lease_ctx_info *lctx, 1821 char *name) 1822{ 1823 struct oplock_info *opinfo = opinfo_get(fp); 1824 int ret = 0; 1825 1826 if (!opinfo) 1827 return 0; 1828 1829 if (opinfo->is_lease == false) { 1830 if (lctx) { 1831 pr_err("create context include lease\n"); 1832 ret = -EBADF; 1833 goto out; 1834 } 1835 1836 if (opinfo->level != SMB2_OPLOCK_LEVEL_BATCH) { 1837 pr_err("oplock level is not equal to SMB2_OPLOCK_LEVEL_BATCH\n"); 1838 ret = -EBADF; 1839 } 1840 1841 goto out; 1842 } 1843 1844 if (memcmp(conn->ClientGUID, fp->client_guid, 1845 SMB2_CLIENT_GUID_SIZE)) { 1846 ksmbd_debug(SMB, "Client guid of fp is not equal to the one of connection\n"); 1847 ret = -EBADF; 1848 goto out; 1849 } 1850 1851 if (!lctx) { 1852 ksmbd_debug(SMB, "create context does not include lease\n"); 1853 ret = -EBADF; 1854 goto out; 1855 } 1856 1857 if (memcmp(opinfo->o_lease->lease_key, lctx->lease_key, 1858 SMB2_LEASE_KEY_SIZE)) { 1859 ksmbd_debug(SMB, 1860 "lease key of fp does not match lease key in create context\n"); 1861 ret = -EBADF; 1862 goto out; 1863 } 1864 1865 if (!(opinfo->o_lease->state & SMB2_LEASE_HANDLE_CACHING_LE)) { 1866 ksmbd_debug(SMB, "lease state does not contain SMB2_LEASE_HANDLE_CACHING\n"); 1867 ret = -EBADF; 1868 goto out; 1869 } 1870 1871 if (opinfo->o_lease->version != lctx->version) { 1872 ksmbd_debug(SMB, 1873 "lease version of fp does not match the one in create context\n"); 1874 ret = -EBADF; 1875 goto out; 1876 } 1877 1878 if (!ksmbd_inode_pending_delete(fp)) 1879 ret = ksmbd_validate_name_reconnect(share, fp, name); 1880out: 1881 opinfo_put(opinfo); 1882 return ret; 1883} 1884