1 // SPDX-License-Identifier: LGPL-2.1
2 /*
3  *
4  *   vfs operations that deal with files
5  *
6  *   Copyright (C) International Business Machines  Corp., 2002,2010
7  *   Author(s): Steve French (sfrench@us.ibm.com)
8  *              Jeremy Allison (jra@samba.org)
9  *
10  */
11 #include <linux/fs.h>
12 #include <linux/filelock.h>
13 #include <linux/backing-dev.h>
14 #include <linux/stat.h>
15 #include <linux/fcntl.h>
16 #include <linux/pagemap.h>
17 #include <linux/pagevec.h>
18 #include <linux/writeback.h>
19 #include <linux/task_io_accounting_ops.h>
20 #include <linux/delay.h>
21 #include <linux/mount.h>
22 #include <linux/slab.h>
23 #include <linux/swap.h>
24 #include <linux/mm.h>
25 #include <asm/div64.h>
26 #include "cifsfs.h"
27 #include "cifspdu.h"
28 #include "cifsglob.h"
29 #include "cifsproto.h"
30 #include "smb2proto.h"
31 #include "cifs_unicode.h"
32 #include "cifs_debug.h"
33 #include "cifs_fs_sb.h"
34 #include "fscache.h"
35 #include "smbdirect.h"
36 #include "fs_context.h"
37 #include "cifs_ioctl.h"
38 #include "cached_dir.h"
39 
40 /*
41  * Remove the dirty flags from a span of pages.
42  */
cifs_undirty_folios(struct inode * inode,loff_t start,unsigned int len)43 static void cifs_undirty_folios(struct inode *inode, loff_t start, unsigned int len)
44 {
45 	struct address_space *mapping = inode->i_mapping;
46 	struct folio *folio;
47 	pgoff_t end;
48 
49 	XA_STATE(xas, &mapping->i_pages, start / PAGE_SIZE);
50 
51 	rcu_read_lock();
52 
53 	end = (start + len - 1) / PAGE_SIZE;
54 	xas_for_each_marked(&xas, folio, end, PAGECACHE_TAG_DIRTY) {
55 		if (xas_retry(&xas, folio))
56 			continue;
57 		xas_pause(&xas);
58 		rcu_read_unlock();
59 		folio_lock(folio);
60 		folio_clear_dirty_for_io(folio);
61 		folio_unlock(folio);
62 		rcu_read_lock();
63 	}
64 
65 	rcu_read_unlock();
66 }
67 
68 /*
69  * Completion of write to server.
70  */
cifs_pages_written_back(struct inode * inode,loff_t start,unsigned int len)71 void cifs_pages_written_back(struct inode *inode, loff_t start, unsigned int len)
72 {
73 	struct address_space *mapping = inode->i_mapping;
74 	struct folio *folio;
75 	pgoff_t end;
76 
77 	XA_STATE(xas, &mapping->i_pages, start / PAGE_SIZE);
78 
79 	if (!len)
80 		return;
81 
82 	rcu_read_lock();
83 
84 	end = (start + len - 1) / PAGE_SIZE;
85 	xas_for_each(&xas, folio, end) {
86 		if (xas_retry(&xas, folio))
87 			continue;
88 		if (!folio_test_writeback(folio)) {
89 			WARN_ONCE(1, "bad %x @%llx page %lx %lx\n",
90 				  len, start, folio_index(folio), end);
91 			continue;
92 		}
93 
94 		folio_detach_private(folio);
95 		folio_end_writeback(folio);
96 	}
97 
98 	rcu_read_unlock();
99 }
100 
101 /*
102  * Failure of write to server.
103  */
cifs_pages_write_failed(struct inode * inode,loff_t start,unsigned int len)104 void cifs_pages_write_failed(struct inode *inode, loff_t start, unsigned int len)
105 {
106 	struct address_space *mapping = inode->i_mapping;
107 	struct folio *folio;
108 	pgoff_t end;
109 
110 	XA_STATE(xas, &mapping->i_pages, start / PAGE_SIZE);
111 
112 	if (!len)
113 		return;
114 
115 	rcu_read_lock();
116 
117 	end = (start + len - 1) / PAGE_SIZE;
118 	xas_for_each(&xas, folio, end) {
119 		if (xas_retry(&xas, folio))
120 			continue;
121 		if (!folio_test_writeback(folio)) {
122 			WARN_ONCE(1, "bad %x @%llx page %lx %lx\n",
123 				  len, start, folio_index(folio), end);
124 			continue;
125 		}
126 
127 		folio_set_error(folio);
128 		folio_end_writeback(folio);
129 	}
130 
131 	rcu_read_unlock();
132 }
133 
134 /*
135  * Redirty pages after a temporary failure.
136  */
cifs_pages_write_redirty(struct inode * inode,loff_t start,unsigned int len)137 void cifs_pages_write_redirty(struct inode *inode, loff_t start, unsigned int len)
138 {
139 	struct address_space *mapping = inode->i_mapping;
140 	struct folio *folio;
141 	pgoff_t end;
142 
143 	XA_STATE(xas, &mapping->i_pages, start / PAGE_SIZE);
144 
145 	if (!len)
146 		return;
147 
148 	rcu_read_lock();
149 
150 	end = (start + len - 1) / PAGE_SIZE;
151 	xas_for_each(&xas, folio, end) {
152 		if (!folio_test_writeback(folio)) {
153 			WARN_ONCE(1, "bad %x @%llx page %lx %lx\n",
154 				  len, start, folio_index(folio), end);
155 			continue;
156 		}
157 
158 		filemap_dirty_folio(folio->mapping, folio);
159 		folio_end_writeback(folio);
160 	}
161 
162 	rcu_read_unlock();
163 }
164 
165 /*
166  * Mark as invalid, all open files on tree connections since they
167  * were closed when session to server was lost.
168  */
169 void
cifs_mark_open_files_invalid(struct cifs_tcon * tcon)170 cifs_mark_open_files_invalid(struct cifs_tcon *tcon)
171 {
172 	struct cifsFileInfo *open_file = NULL;
173 	struct list_head *tmp;
174 	struct list_head *tmp1;
175 
176 	/* only send once per connect */
177 	spin_lock(&tcon->tc_lock);
178 	if (tcon->need_reconnect)
179 		tcon->status = TID_NEED_RECON;
180 
181 	if (tcon->status != TID_NEED_RECON) {
182 		spin_unlock(&tcon->tc_lock);
183 		return;
184 	}
185 	tcon->status = TID_IN_FILES_INVALIDATE;
186 	spin_unlock(&tcon->tc_lock);
187 
188 	/* list all files open on tree connection and mark them invalid */
189 	spin_lock(&tcon->open_file_lock);
190 	list_for_each_safe(tmp, tmp1, &tcon->openFileList) {
191 		open_file = list_entry(tmp, struct cifsFileInfo, tlist);
192 		open_file->invalidHandle = true;
193 		open_file->oplock_break_cancelled = true;
194 	}
195 	spin_unlock(&tcon->open_file_lock);
196 
197 	invalidate_all_cached_dirs(tcon);
198 	spin_lock(&tcon->tc_lock);
199 	if (tcon->status == TID_IN_FILES_INVALIDATE)
200 		tcon->status = TID_NEED_TCON;
201 	spin_unlock(&tcon->tc_lock);
202 
203 	/*
204 	 * BB Add call to invalidate_inodes(sb) for all superblocks mounted
205 	 * to this tcon.
206 	 */
207 }
208 
cifs_convert_flags(unsigned int flags)209 static inline int cifs_convert_flags(unsigned int flags)
210 {
211 	if ((flags & O_ACCMODE) == O_RDONLY)
212 		return GENERIC_READ;
213 	else if ((flags & O_ACCMODE) == O_WRONLY)
214 		return GENERIC_WRITE;
215 	else if ((flags & O_ACCMODE) == O_RDWR) {
216 		/* GENERIC_ALL is too much permission to request
217 		   can cause unnecessary access denied on create */
218 		/* return GENERIC_ALL; */
219 		return (GENERIC_READ | GENERIC_WRITE);
220 	}
221 
222 	return (READ_CONTROL | FILE_WRITE_ATTRIBUTES | FILE_READ_ATTRIBUTES |
223 		FILE_WRITE_EA | FILE_APPEND_DATA | FILE_WRITE_DATA |
224 		FILE_READ_DATA);
225 }
226 
227 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
cifs_posix_convert_flags(unsigned int flags)228 static u32 cifs_posix_convert_flags(unsigned int flags)
229 {
230 	u32 posix_flags = 0;
231 
232 	if ((flags & O_ACCMODE) == O_RDONLY)
233 		posix_flags = SMB_O_RDONLY;
234 	else if ((flags & O_ACCMODE) == O_WRONLY)
235 		posix_flags = SMB_O_WRONLY;
236 	else if ((flags & O_ACCMODE) == O_RDWR)
237 		posix_flags = SMB_O_RDWR;
238 
239 	if (flags & O_CREAT) {
240 		posix_flags |= SMB_O_CREAT;
241 		if (flags & O_EXCL)
242 			posix_flags |= SMB_O_EXCL;
243 	} else if (flags & O_EXCL)
244 		cifs_dbg(FYI, "Application %s pid %d has incorrectly set O_EXCL flag but not O_CREAT on file open. Ignoring O_EXCL\n",
245 			 current->comm, current->tgid);
246 
247 	if (flags & O_TRUNC)
248 		posix_flags |= SMB_O_TRUNC;
249 	/* be safe and imply O_SYNC for O_DSYNC */
250 	if (flags & O_DSYNC)
251 		posix_flags |= SMB_O_SYNC;
252 	if (flags & O_DIRECTORY)
253 		posix_flags |= SMB_O_DIRECTORY;
254 	if (flags & O_NOFOLLOW)
255 		posix_flags |= SMB_O_NOFOLLOW;
256 	if (flags & O_DIRECT)
257 		posix_flags |= SMB_O_DIRECT;
258 
259 	return posix_flags;
260 }
261 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
262 
cifs_get_disposition(unsigned int flags)263 static inline int cifs_get_disposition(unsigned int flags)
264 {
265 	if ((flags & (O_CREAT | O_EXCL)) == (O_CREAT | O_EXCL))
266 		return FILE_CREATE;
267 	else if ((flags & (O_CREAT | O_TRUNC)) == (O_CREAT | O_TRUNC))
268 		return FILE_OVERWRITE_IF;
269 	else if ((flags & O_CREAT) == O_CREAT)
270 		return FILE_OPEN_IF;
271 	else if ((flags & O_TRUNC) == O_TRUNC)
272 		return FILE_OVERWRITE;
273 	else
274 		return FILE_OPEN;
275 }
276 
277 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
cifs_posix_open(const char * full_path,struct inode ** pinode,struct super_block * sb,int mode,unsigned int f_flags,__u32 * poplock,__u16 * pnetfid,unsigned int xid)278 int cifs_posix_open(const char *full_path, struct inode **pinode,
279 			struct super_block *sb, int mode, unsigned int f_flags,
280 			__u32 *poplock, __u16 *pnetfid, unsigned int xid)
281 {
282 	int rc;
283 	FILE_UNIX_BASIC_INFO *presp_data;
284 	__u32 posix_flags = 0;
285 	struct cifs_sb_info *cifs_sb = CIFS_SB(sb);
286 	struct cifs_fattr fattr;
287 	struct tcon_link *tlink;
288 	struct cifs_tcon *tcon;
289 
290 	cifs_dbg(FYI, "posix open %s\n", full_path);
291 
292 	presp_data = kzalloc(sizeof(FILE_UNIX_BASIC_INFO), GFP_KERNEL);
293 	if (presp_data == NULL)
294 		return -ENOMEM;
295 
296 	tlink = cifs_sb_tlink(cifs_sb);
297 	if (IS_ERR(tlink)) {
298 		rc = PTR_ERR(tlink);
299 		goto posix_open_ret;
300 	}
301 
302 	tcon = tlink_tcon(tlink);
303 	mode &= ~current_umask();
304 
305 	posix_flags = cifs_posix_convert_flags(f_flags);
306 	rc = CIFSPOSIXCreate(xid, tcon, posix_flags, mode, pnetfid, presp_data,
307 			     poplock, full_path, cifs_sb->local_nls,
308 			     cifs_remap(cifs_sb));
309 	cifs_put_tlink(tlink);
310 
311 	if (rc)
312 		goto posix_open_ret;
313 
314 	if (presp_data->Type == cpu_to_le32(-1))
315 		goto posix_open_ret; /* open ok, caller does qpathinfo */
316 
317 	if (!pinode)
318 		goto posix_open_ret; /* caller does not need info */
319 
320 	cifs_unix_basic_to_fattr(&fattr, presp_data, cifs_sb);
321 
322 	/* get new inode and set it up */
323 	if (*pinode == NULL) {
324 		cifs_fill_uniqueid(sb, &fattr);
325 		*pinode = cifs_iget(sb, &fattr);
326 		if (!*pinode) {
327 			rc = -ENOMEM;
328 			goto posix_open_ret;
329 		}
330 	} else {
331 		cifs_revalidate_mapping(*pinode);
332 		rc = cifs_fattr_to_inode(*pinode, &fattr);
333 	}
334 
335 posix_open_ret:
336 	kfree(presp_data);
337 	return rc;
338 }
339 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
340 
cifs_nt_open(const char * full_path,struct inode * inode,struct cifs_sb_info * cifs_sb,struct cifs_tcon * tcon,unsigned int f_flags,__u32 * oplock,struct cifs_fid * fid,unsigned int xid,struct cifs_open_info_data * buf)341 static int cifs_nt_open(const char *full_path, struct inode *inode, struct cifs_sb_info *cifs_sb,
342 			struct cifs_tcon *tcon, unsigned int f_flags, __u32 *oplock,
343 			struct cifs_fid *fid, unsigned int xid, struct cifs_open_info_data *buf)
344 {
345 	int rc;
346 	int desired_access;
347 	int disposition;
348 	int create_options = CREATE_NOT_DIR;
349 	struct TCP_Server_Info *server = tcon->ses->server;
350 	struct cifs_open_parms oparms;
351 
352 	if (!server->ops->open)
353 		return -ENOSYS;
354 
355 	desired_access = cifs_convert_flags(f_flags);
356 
357 /*********************************************************************
358  *  open flag mapping table:
359  *
360  *	POSIX Flag            CIFS Disposition
361  *	----------            ----------------
362  *	O_CREAT               FILE_OPEN_IF
363  *	O_CREAT | O_EXCL      FILE_CREATE
364  *	O_CREAT | O_TRUNC     FILE_OVERWRITE_IF
365  *	O_TRUNC               FILE_OVERWRITE
366  *	none of the above     FILE_OPEN
367  *
368  *	Note that there is not a direct match between disposition
369  *	FILE_SUPERSEDE (ie create whether or not file exists although
370  *	O_CREAT | O_TRUNC is similar but truncates the existing
371  *	file rather than creating a new file as FILE_SUPERSEDE does
372  *	(which uses the attributes / metadata passed in on open call)
373  *?
374  *?  O_SYNC is a reasonable match to CIFS writethrough flag
375  *?  and the read write flags match reasonably.  O_LARGEFILE
376  *?  is irrelevant because largefile support is always used
377  *?  by this client. Flags O_APPEND, O_DIRECT, O_DIRECTORY,
378  *	 O_FASYNC, O_NOFOLLOW, O_NONBLOCK need further investigation
379  *********************************************************************/
380 
381 	disposition = cifs_get_disposition(f_flags);
382 
383 	/* BB pass O_SYNC flag through on file attributes .. BB */
384 
385 	/* O_SYNC also has bit for O_DSYNC so following check picks up either */
386 	if (f_flags & O_SYNC)
387 		create_options |= CREATE_WRITE_THROUGH;
388 
389 	if (f_flags & O_DIRECT)
390 		create_options |= CREATE_NO_BUFFER;
391 
392 	oparms = (struct cifs_open_parms) {
393 		.tcon = tcon,
394 		.cifs_sb = cifs_sb,
395 		.desired_access = desired_access,
396 		.create_options = cifs_create_options(cifs_sb, create_options),
397 		.disposition = disposition,
398 		.path = full_path,
399 		.fid = fid,
400 	};
401 
402 	rc = server->ops->open(xid, &oparms, oplock, buf);
403 	if (rc)
404 		return rc;
405 
406 	/* TODO: Add support for calling posix query info but with passing in fid */
407 	if (tcon->unix_ext)
408 		rc = cifs_get_inode_info_unix(&inode, full_path, inode->i_sb,
409 					      xid);
410 	else
411 		rc = cifs_get_inode_info(&inode, full_path, buf, inode->i_sb,
412 					 xid, fid);
413 
414 	if (rc) {
415 		server->ops->close(xid, tcon, fid);
416 		if (rc == -ESTALE)
417 			rc = -EOPENSTALE;
418 	}
419 
420 	return rc;
421 }
422 
423 static bool
cifs_has_mand_locks(struct cifsInodeInfo * cinode)424 cifs_has_mand_locks(struct cifsInodeInfo *cinode)
425 {
426 	struct cifs_fid_locks *cur;
427 	bool has_locks = false;
428 
429 	down_read(&cinode->lock_sem);
430 	list_for_each_entry(cur, &cinode->llist, llist) {
431 		if (!list_empty(&cur->locks)) {
432 			has_locks = true;
433 			break;
434 		}
435 	}
436 	up_read(&cinode->lock_sem);
437 	return has_locks;
438 }
439 
440 void
cifs_down_write(struct rw_semaphore * sem)441 cifs_down_write(struct rw_semaphore *sem)
442 {
443 	while (!down_write_trylock(sem))
444 		msleep(10);
445 }
446 
447 static void cifsFileInfo_put_work(struct work_struct *work);
448 
cifs_new_fileinfo(struct cifs_fid * fid,struct file * file,struct tcon_link * tlink,__u32 oplock,const char * symlink_target)449 struct cifsFileInfo *cifs_new_fileinfo(struct cifs_fid *fid, struct file *file,
450 				       struct tcon_link *tlink, __u32 oplock,
451 				       const char *symlink_target)
452 {
453 	struct dentry *dentry = file_dentry(file);
454 	struct inode *inode = d_inode(dentry);
455 	struct cifsInodeInfo *cinode = CIFS_I(inode);
456 	struct cifsFileInfo *cfile;
457 	struct cifs_fid_locks *fdlocks;
458 	struct cifs_tcon *tcon = tlink_tcon(tlink);
459 	struct TCP_Server_Info *server = tcon->ses->server;
460 
461 	cfile = kzalloc(sizeof(struct cifsFileInfo), GFP_KERNEL);
462 	if (cfile == NULL)
463 		return cfile;
464 
465 	fdlocks = kzalloc(sizeof(struct cifs_fid_locks), GFP_KERNEL);
466 	if (!fdlocks) {
467 		kfree(cfile);
468 		return NULL;
469 	}
470 
471 	if (symlink_target) {
472 		cfile->symlink_target = kstrdup(symlink_target, GFP_KERNEL);
473 		if (!cfile->symlink_target) {
474 			kfree(fdlocks);
475 			kfree(cfile);
476 			return NULL;
477 		}
478 	}
479 
480 	INIT_LIST_HEAD(&fdlocks->locks);
481 	fdlocks->cfile = cfile;
482 	cfile->llist = fdlocks;
483 
484 	cfile->count = 1;
485 	cfile->pid = current->tgid;
486 	cfile->uid = current_fsuid();
487 	cfile->dentry = dget(dentry);
488 	cfile->f_flags = file->f_flags;
489 	cfile->invalidHandle = false;
490 	cfile->deferred_close_scheduled = false;
491 	cfile->tlink = cifs_get_tlink(tlink);
492 	INIT_WORK(&cfile->oplock_break, cifs_oplock_break);
493 	INIT_WORK(&cfile->put, cifsFileInfo_put_work);
494 	INIT_DELAYED_WORK(&cfile->deferred, smb2_deferred_work_close);
495 	mutex_init(&cfile->fh_mutex);
496 	spin_lock_init(&cfile->file_info_lock);
497 
498 	cifs_sb_active(inode->i_sb);
499 
500 	/*
501 	 * If the server returned a read oplock and we have mandatory brlocks,
502 	 * set oplock level to None.
503 	 */
504 	if (server->ops->is_read_op(oplock) && cifs_has_mand_locks(cinode)) {
505 		cifs_dbg(FYI, "Reset oplock val from read to None due to mand locks\n");
506 		oplock = 0;
507 	}
508 
509 	cifs_down_write(&cinode->lock_sem);
510 	list_add(&fdlocks->llist, &cinode->llist);
511 	up_write(&cinode->lock_sem);
512 
513 	spin_lock(&tcon->open_file_lock);
514 	if (fid->pending_open->oplock != CIFS_OPLOCK_NO_CHANGE && oplock)
515 		oplock = fid->pending_open->oplock;
516 	list_del(&fid->pending_open->olist);
517 
518 	fid->purge_cache = false;
519 	server->ops->set_fid(cfile, fid, oplock);
520 
521 	list_add(&cfile->tlist, &tcon->openFileList);
522 	atomic_inc(&tcon->num_local_opens);
523 
524 	/* if readable file instance put first in list*/
525 	spin_lock(&cinode->open_file_lock);
526 	if (file->f_mode & FMODE_READ)
527 		list_add(&cfile->flist, &cinode->openFileList);
528 	else
529 		list_add_tail(&cfile->flist, &cinode->openFileList);
530 	spin_unlock(&cinode->open_file_lock);
531 	spin_unlock(&tcon->open_file_lock);
532 
533 	if (fid->purge_cache)
534 		cifs_zap_mapping(inode);
535 
536 	file->private_data = cfile;
537 	return cfile;
538 }
539 
540 struct cifsFileInfo *
cifsFileInfo_get(struct cifsFileInfo * cifs_file)541 cifsFileInfo_get(struct cifsFileInfo *cifs_file)
542 {
543 	spin_lock(&cifs_file->file_info_lock);
544 	cifsFileInfo_get_locked(cifs_file);
545 	spin_unlock(&cifs_file->file_info_lock);
546 	return cifs_file;
547 }
548 
cifsFileInfo_put_final(struct cifsFileInfo * cifs_file)549 static void cifsFileInfo_put_final(struct cifsFileInfo *cifs_file)
550 {
551 	struct inode *inode = d_inode(cifs_file->dentry);
552 	struct cifsInodeInfo *cifsi = CIFS_I(inode);
553 	struct cifsLockInfo *li, *tmp;
554 	struct super_block *sb = inode->i_sb;
555 
556 	/*
557 	 * Delete any outstanding lock records. We'll lose them when the file
558 	 * is closed anyway.
559 	 */
560 	cifs_down_write(&cifsi->lock_sem);
561 	list_for_each_entry_safe(li, tmp, &cifs_file->llist->locks, llist) {
562 		list_del(&li->llist);
563 		cifs_del_lock_waiters(li);
564 		kfree(li);
565 	}
566 	list_del(&cifs_file->llist->llist);
567 	kfree(cifs_file->llist);
568 	up_write(&cifsi->lock_sem);
569 
570 	cifs_put_tlink(cifs_file->tlink);
571 	dput(cifs_file->dentry);
572 	cifs_sb_deactive(sb);
573 	kfree(cifs_file->symlink_target);
574 	kfree(cifs_file);
575 }
576 
cifsFileInfo_put_work(struct work_struct * work)577 static void cifsFileInfo_put_work(struct work_struct *work)
578 {
579 	struct cifsFileInfo *cifs_file = container_of(work,
580 			struct cifsFileInfo, put);
581 
582 	cifsFileInfo_put_final(cifs_file);
583 }
584 
585 /**
586  * cifsFileInfo_put - release a reference of file priv data
587  *
588  * Always potentially wait for oplock handler. See _cifsFileInfo_put().
589  *
590  * @cifs_file:	cifs/smb3 specific info (eg refcounts) for an open file
591  */
cifsFileInfo_put(struct cifsFileInfo * cifs_file)592 void cifsFileInfo_put(struct cifsFileInfo *cifs_file)
593 {
594 	_cifsFileInfo_put(cifs_file, true, true);
595 }
596 
597 /**
598  * _cifsFileInfo_put - release a reference of file priv data
599  *
600  * This may involve closing the filehandle @cifs_file out on the
601  * server. Must be called without holding tcon->open_file_lock,
602  * cinode->open_file_lock and cifs_file->file_info_lock.
603  *
604  * If @wait_for_oplock_handler is true and we are releasing the last
605  * reference, wait for any running oplock break handler of the file
606  * and cancel any pending one.
607  *
608  * @cifs_file:	cifs/smb3 specific info (eg refcounts) for an open file
609  * @wait_oplock_handler: must be false if called from oplock_break_handler
610  * @offload:	not offloaded on close and oplock breaks
611  *
612  */
_cifsFileInfo_put(struct cifsFileInfo * cifs_file,bool wait_oplock_handler,bool offload)613 void _cifsFileInfo_put(struct cifsFileInfo *cifs_file,
614 		       bool wait_oplock_handler, bool offload)
615 {
616 	struct inode *inode = d_inode(cifs_file->dentry);
617 	struct cifs_tcon *tcon = tlink_tcon(cifs_file->tlink);
618 	struct TCP_Server_Info *server = tcon->ses->server;
619 	struct cifsInodeInfo *cifsi = CIFS_I(inode);
620 	struct super_block *sb = inode->i_sb;
621 	struct cifs_sb_info *cifs_sb = CIFS_SB(sb);
622 	struct cifs_fid fid = {};
623 	struct cifs_pending_open open;
624 	bool oplock_break_cancelled;
625 
626 	spin_lock(&tcon->open_file_lock);
627 	spin_lock(&cifsi->open_file_lock);
628 	spin_lock(&cifs_file->file_info_lock);
629 	if (--cifs_file->count > 0) {
630 		spin_unlock(&cifs_file->file_info_lock);
631 		spin_unlock(&cifsi->open_file_lock);
632 		spin_unlock(&tcon->open_file_lock);
633 		return;
634 	}
635 	spin_unlock(&cifs_file->file_info_lock);
636 
637 	if (server->ops->get_lease_key)
638 		server->ops->get_lease_key(inode, &fid);
639 
640 	/* store open in pending opens to make sure we don't miss lease break */
641 	cifs_add_pending_open_locked(&fid, cifs_file->tlink, &open);
642 
643 	/* remove it from the lists */
644 	list_del(&cifs_file->flist);
645 	list_del(&cifs_file->tlist);
646 	atomic_dec(&tcon->num_local_opens);
647 
648 	if (list_empty(&cifsi->openFileList)) {
649 		cifs_dbg(FYI, "closing last open instance for inode %p\n",
650 			 d_inode(cifs_file->dentry));
651 		/*
652 		 * In strict cache mode we need invalidate mapping on the last
653 		 * close  because it may cause a error when we open this file
654 		 * again and get at least level II oplock.
655 		 */
656 		if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_STRICT_IO)
657 			set_bit(CIFS_INO_INVALID_MAPPING, &cifsi->flags);
658 		cifs_set_oplock_level(cifsi, 0);
659 	}
660 
661 	spin_unlock(&cifsi->open_file_lock);
662 	spin_unlock(&tcon->open_file_lock);
663 
664 	oplock_break_cancelled = wait_oplock_handler ?
665 		cancel_work_sync(&cifs_file->oplock_break) : false;
666 
667 	if (!tcon->need_reconnect && !cifs_file->invalidHandle) {
668 		struct TCP_Server_Info *server = tcon->ses->server;
669 		unsigned int xid;
670 
671 		xid = get_xid();
672 		if (server->ops->close_getattr)
673 			server->ops->close_getattr(xid, tcon, cifs_file);
674 		else if (server->ops->close)
675 			server->ops->close(xid, tcon, &cifs_file->fid);
676 		_free_xid(xid);
677 	}
678 
679 	if (oplock_break_cancelled)
680 		cifs_done_oplock_break(cifsi);
681 
682 	cifs_del_pending_open(&open);
683 
684 	if (offload)
685 		queue_work(fileinfo_put_wq, &cifs_file->put);
686 	else
687 		cifsFileInfo_put_final(cifs_file);
688 }
689 
cifs_open(struct inode * inode,struct file * file)690 int cifs_open(struct inode *inode, struct file *file)
691 
692 {
693 	int rc = -EACCES;
694 	unsigned int xid;
695 	__u32 oplock;
696 	struct cifs_sb_info *cifs_sb;
697 	struct TCP_Server_Info *server;
698 	struct cifs_tcon *tcon;
699 	struct tcon_link *tlink;
700 	struct cifsFileInfo *cfile = NULL;
701 	void *page;
702 	const char *full_path;
703 	bool posix_open_ok = false;
704 	struct cifs_fid fid = {};
705 	struct cifs_pending_open open;
706 	struct cifs_open_info_data data = {};
707 
708 	xid = get_xid();
709 
710 	cifs_sb = CIFS_SB(inode->i_sb);
711 	if (unlikely(cifs_forced_shutdown(cifs_sb))) {
712 		free_xid(xid);
713 		return -EIO;
714 	}
715 
716 	tlink = cifs_sb_tlink(cifs_sb);
717 	if (IS_ERR(tlink)) {
718 		free_xid(xid);
719 		return PTR_ERR(tlink);
720 	}
721 	tcon = tlink_tcon(tlink);
722 	server = tcon->ses->server;
723 
724 	page = alloc_dentry_path();
725 	full_path = build_path_from_dentry(file_dentry(file), page);
726 	if (IS_ERR(full_path)) {
727 		rc = PTR_ERR(full_path);
728 		goto out;
729 	}
730 
731 	cifs_dbg(FYI, "inode = 0x%p file flags are 0x%x for %s\n",
732 		 inode, file->f_flags, full_path);
733 
734 	if (file->f_flags & O_DIRECT &&
735 	    cifs_sb->mnt_cifs_flags & CIFS_MOUNT_STRICT_IO) {
736 		if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_BRL)
737 			file->f_op = &cifs_file_direct_nobrl_ops;
738 		else
739 			file->f_op = &cifs_file_direct_ops;
740 	}
741 
742 	/* Get the cached handle as SMB2 close is deferred */
743 	rc = cifs_get_readable_path(tcon, full_path, &cfile);
744 	if (rc == 0) {
745 		if (file->f_flags == cfile->f_flags) {
746 			file->private_data = cfile;
747 			spin_lock(&CIFS_I(inode)->deferred_lock);
748 			cifs_del_deferred_close(cfile);
749 			spin_unlock(&CIFS_I(inode)->deferred_lock);
750 			goto use_cache;
751 		} else {
752 			_cifsFileInfo_put(cfile, true, false);
753 		}
754 	}
755 
756 	if (server->oplocks)
757 		oplock = REQ_OPLOCK;
758 	else
759 		oplock = 0;
760 
761 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
762 	if (!tcon->broken_posix_open && tcon->unix_ext &&
763 	    cap_unix(tcon->ses) && (CIFS_UNIX_POSIX_PATH_OPS_CAP &
764 				le64_to_cpu(tcon->fsUnixInfo.Capability))) {
765 		/* can not refresh inode info since size could be stale */
766 		rc = cifs_posix_open(full_path, &inode, inode->i_sb,
767 				cifs_sb->ctx->file_mode /* ignored */,
768 				file->f_flags, &oplock, &fid.netfid, xid);
769 		if (rc == 0) {
770 			cifs_dbg(FYI, "posix open succeeded\n");
771 			posix_open_ok = true;
772 		} else if ((rc == -EINVAL) || (rc == -EOPNOTSUPP)) {
773 			if (tcon->ses->serverNOS)
774 				cifs_dbg(VFS, "server %s of type %s returned unexpected error on SMB posix open, disabling posix open support. Check if server update available.\n",
775 					 tcon->ses->ip_addr,
776 					 tcon->ses->serverNOS);
777 			tcon->broken_posix_open = true;
778 		} else if ((rc != -EIO) && (rc != -EREMOTE) &&
779 			 (rc != -EOPNOTSUPP)) /* path not found or net err */
780 			goto out;
781 		/*
782 		 * Else fallthrough to retry open the old way on network i/o
783 		 * or DFS errors.
784 		 */
785 	}
786 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
787 
788 	if (server->ops->get_lease_key)
789 		server->ops->get_lease_key(inode, &fid);
790 
791 	cifs_add_pending_open(&fid, tlink, &open);
792 
793 	if (!posix_open_ok) {
794 		if (server->ops->get_lease_key)
795 			server->ops->get_lease_key(inode, &fid);
796 
797 		rc = cifs_nt_open(full_path, inode, cifs_sb, tcon, file->f_flags, &oplock, &fid,
798 				  xid, &data);
799 		if (rc) {
800 			cifs_del_pending_open(&open);
801 			goto out;
802 		}
803 	}
804 
805 	cfile = cifs_new_fileinfo(&fid, file, tlink, oplock, data.symlink_target);
806 	if (cfile == NULL) {
807 		if (server->ops->close)
808 			server->ops->close(xid, tcon, &fid);
809 		cifs_del_pending_open(&open);
810 		rc = -ENOMEM;
811 		goto out;
812 	}
813 
814 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
815 	if ((oplock & CIFS_CREATE_ACTION) && !posix_open_ok && tcon->unix_ext) {
816 		/*
817 		 * Time to set mode which we can not set earlier due to
818 		 * problems creating new read-only files.
819 		 */
820 		struct cifs_unix_set_info_args args = {
821 			.mode	= inode->i_mode,
822 			.uid	= INVALID_UID, /* no change */
823 			.gid	= INVALID_GID, /* no change */
824 			.ctime	= NO_CHANGE_64,
825 			.atime	= NO_CHANGE_64,
826 			.mtime	= NO_CHANGE_64,
827 			.device	= 0,
828 		};
829 		CIFSSMBUnixSetFileInfo(xid, tcon, &args, fid.netfid,
830 				       cfile->pid);
831 	}
832 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
833 
834 use_cache:
835 	fscache_use_cookie(cifs_inode_cookie(file_inode(file)),
836 			   file->f_mode & FMODE_WRITE);
837 	if (file->f_flags & O_DIRECT &&
838 	    (!((file->f_flags & O_ACCMODE) != O_RDONLY) ||
839 	     file->f_flags & O_APPEND))
840 		cifs_invalidate_cache(file_inode(file),
841 				      FSCACHE_INVAL_DIO_WRITE);
842 
843 out:
844 	free_dentry_path(page);
845 	free_xid(xid);
846 	cifs_put_tlink(tlink);
847 	cifs_free_open_info(&data);
848 	return rc;
849 }
850 
851 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
852 static int cifs_push_posix_locks(struct cifsFileInfo *cfile);
853 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
854 
855 /*
856  * Try to reacquire byte range locks that were released when session
857  * to server was lost.
858  */
859 static int
cifs_relock_file(struct cifsFileInfo * cfile)860 cifs_relock_file(struct cifsFileInfo *cfile)
861 {
862 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
863 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
864 	int rc = 0;
865 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
866 	struct cifs_sb_info *cifs_sb = CIFS_SB(cfile->dentry->d_sb);
867 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
868 
869 	down_read_nested(&cinode->lock_sem, SINGLE_DEPTH_NESTING);
870 	if (cinode->can_cache_brlcks) {
871 		/* can cache locks - no need to relock */
872 		up_read(&cinode->lock_sem);
873 		return rc;
874 	}
875 
876 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
877 	if (cap_unix(tcon->ses) &&
878 	    (CIFS_UNIX_FCNTL_CAP & le64_to_cpu(tcon->fsUnixInfo.Capability)) &&
879 	    ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) == 0))
880 		rc = cifs_push_posix_locks(cfile);
881 	else
882 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
883 		rc = tcon->ses->server->ops->push_mand_locks(cfile);
884 
885 	up_read(&cinode->lock_sem);
886 	return rc;
887 }
888 
889 static int
cifs_reopen_file(struct cifsFileInfo * cfile,bool can_flush)890 cifs_reopen_file(struct cifsFileInfo *cfile, bool can_flush)
891 {
892 	int rc = -EACCES;
893 	unsigned int xid;
894 	__u32 oplock;
895 	struct cifs_sb_info *cifs_sb;
896 	struct cifs_tcon *tcon;
897 	struct TCP_Server_Info *server;
898 	struct cifsInodeInfo *cinode;
899 	struct inode *inode;
900 	void *page;
901 	const char *full_path;
902 	int desired_access;
903 	int disposition = FILE_OPEN;
904 	int create_options = CREATE_NOT_DIR;
905 	struct cifs_open_parms oparms;
906 
907 	xid = get_xid();
908 	mutex_lock(&cfile->fh_mutex);
909 	if (!cfile->invalidHandle) {
910 		mutex_unlock(&cfile->fh_mutex);
911 		free_xid(xid);
912 		return 0;
913 	}
914 
915 	inode = d_inode(cfile->dentry);
916 	cifs_sb = CIFS_SB(inode->i_sb);
917 	tcon = tlink_tcon(cfile->tlink);
918 	server = tcon->ses->server;
919 
920 	/*
921 	 * Can not grab rename sem here because various ops, including those
922 	 * that already have the rename sem can end up causing writepage to get
923 	 * called and if the server was down that means we end up here, and we
924 	 * can never tell if the caller already has the rename_sem.
925 	 */
926 	page = alloc_dentry_path();
927 	full_path = build_path_from_dentry(cfile->dentry, page);
928 	if (IS_ERR(full_path)) {
929 		mutex_unlock(&cfile->fh_mutex);
930 		free_dentry_path(page);
931 		free_xid(xid);
932 		return PTR_ERR(full_path);
933 	}
934 
935 	cifs_dbg(FYI, "inode = 0x%p file flags 0x%x for %s\n",
936 		 inode, cfile->f_flags, full_path);
937 
938 	if (tcon->ses->server->oplocks)
939 		oplock = REQ_OPLOCK;
940 	else
941 		oplock = 0;
942 
943 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
944 	if (tcon->unix_ext && cap_unix(tcon->ses) &&
945 	    (CIFS_UNIX_POSIX_PATH_OPS_CAP &
946 				le64_to_cpu(tcon->fsUnixInfo.Capability))) {
947 		/*
948 		 * O_CREAT, O_EXCL and O_TRUNC already had their effect on the
949 		 * original open. Must mask them off for a reopen.
950 		 */
951 		unsigned int oflags = cfile->f_flags &
952 						~(O_CREAT | O_EXCL | O_TRUNC);
953 
954 		rc = cifs_posix_open(full_path, NULL, inode->i_sb,
955 				     cifs_sb->ctx->file_mode /* ignored */,
956 				     oflags, &oplock, &cfile->fid.netfid, xid);
957 		if (rc == 0) {
958 			cifs_dbg(FYI, "posix reopen succeeded\n");
959 			oparms.reconnect = true;
960 			goto reopen_success;
961 		}
962 		/*
963 		 * fallthrough to retry open the old way on errors, especially
964 		 * in the reconnect path it is important to retry hard
965 		 */
966 	}
967 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
968 
969 	desired_access = cifs_convert_flags(cfile->f_flags);
970 
971 	/* O_SYNC also has bit for O_DSYNC so following check picks up either */
972 	if (cfile->f_flags & O_SYNC)
973 		create_options |= CREATE_WRITE_THROUGH;
974 
975 	if (cfile->f_flags & O_DIRECT)
976 		create_options |= CREATE_NO_BUFFER;
977 
978 	if (server->ops->get_lease_key)
979 		server->ops->get_lease_key(inode, &cfile->fid);
980 
981 	oparms = (struct cifs_open_parms) {
982 		.tcon = tcon,
983 		.cifs_sb = cifs_sb,
984 		.desired_access = desired_access,
985 		.create_options = cifs_create_options(cifs_sb, create_options),
986 		.disposition = disposition,
987 		.path = full_path,
988 		.fid = &cfile->fid,
989 		.reconnect = true,
990 	};
991 
992 	/*
993 	 * Can not refresh inode by passing in file_info buf to be returned by
994 	 * ops->open and then calling get_inode_info with returned buf since
995 	 * file might have write behind data that needs to be flushed and server
996 	 * version of file size can be stale. If we knew for sure that inode was
997 	 * not dirty locally we could do this.
998 	 */
999 	rc = server->ops->open(xid, &oparms, &oplock, NULL);
1000 	if (rc == -ENOENT && oparms.reconnect == false) {
1001 		/* durable handle timeout is expired - open the file again */
1002 		rc = server->ops->open(xid, &oparms, &oplock, NULL);
1003 		/* indicate that we need to relock the file */
1004 		oparms.reconnect = true;
1005 	}
1006 
1007 	if (rc) {
1008 		mutex_unlock(&cfile->fh_mutex);
1009 		cifs_dbg(FYI, "cifs_reopen returned 0x%x\n", rc);
1010 		cifs_dbg(FYI, "oplock: %d\n", oplock);
1011 		goto reopen_error_exit;
1012 	}
1013 
1014 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1015 reopen_success:
1016 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1017 	cfile->invalidHandle = false;
1018 	mutex_unlock(&cfile->fh_mutex);
1019 	cinode = CIFS_I(inode);
1020 
1021 	if (can_flush) {
1022 		rc = filemap_write_and_wait(inode->i_mapping);
1023 		if (!is_interrupt_error(rc))
1024 			mapping_set_error(inode->i_mapping, rc);
1025 
1026 		if (tcon->posix_extensions)
1027 			rc = smb311_posix_get_inode_info(&inode, full_path, inode->i_sb, xid);
1028 		else if (tcon->unix_ext)
1029 			rc = cifs_get_inode_info_unix(&inode, full_path,
1030 						      inode->i_sb, xid);
1031 		else
1032 			rc = cifs_get_inode_info(&inode, full_path, NULL,
1033 						 inode->i_sb, xid, NULL);
1034 	}
1035 	/*
1036 	 * Else we are writing out data to server already and could deadlock if
1037 	 * we tried to flush data, and since we do not know if we have data that
1038 	 * would invalidate the current end of file on the server we can not go
1039 	 * to the server to get the new inode info.
1040 	 */
1041 
1042 	/*
1043 	 * If the server returned a read oplock and we have mandatory brlocks,
1044 	 * set oplock level to None.
1045 	 */
1046 	if (server->ops->is_read_op(oplock) && cifs_has_mand_locks(cinode)) {
1047 		cifs_dbg(FYI, "Reset oplock val from read to None due to mand locks\n");
1048 		oplock = 0;
1049 	}
1050 
1051 	server->ops->set_fid(cfile, &cfile->fid, oplock);
1052 	if (oparms.reconnect)
1053 		cifs_relock_file(cfile);
1054 
1055 reopen_error_exit:
1056 	free_dentry_path(page);
1057 	free_xid(xid);
1058 	return rc;
1059 }
1060 
smb2_deferred_work_close(struct work_struct * work)1061 void smb2_deferred_work_close(struct work_struct *work)
1062 {
1063 	struct cifsFileInfo *cfile = container_of(work,
1064 			struct cifsFileInfo, deferred.work);
1065 
1066 	spin_lock(&CIFS_I(d_inode(cfile->dentry))->deferred_lock);
1067 	cifs_del_deferred_close(cfile);
1068 	cfile->deferred_close_scheduled = false;
1069 	spin_unlock(&CIFS_I(d_inode(cfile->dentry))->deferred_lock);
1070 	_cifsFileInfo_put(cfile, true, false);
1071 }
1072 
cifs_close(struct inode * inode,struct file * file)1073 int cifs_close(struct inode *inode, struct file *file)
1074 {
1075 	struct cifsFileInfo *cfile;
1076 	struct cifsInodeInfo *cinode = CIFS_I(inode);
1077 	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
1078 	struct cifs_deferred_close *dclose;
1079 
1080 	cifs_fscache_unuse_inode_cookie(inode, file->f_mode & FMODE_WRITE);
1081 
1082 	if (file->private_data != NULL) {
1083 		cfile = file->private_data;
1084 		file->private_data = NULL;
1085 		dclose = kmalloc(sizeof(struct cifs_deferred_close), GFP_KERNEL);
1086 		if ((cifs_sb->ctx->closetimeo && cinode->oplock == CIFS_CACHE_RHW_FLG)
1087 		    && cinode->lease_granted &&
1088 		    !test_bit(CIFS_INO_CLOSE_ON_LOCK, &cinode->flags) &&
1089 		    dclose) {
1090 			if (test_and_clear_bit(CIFS_INO_MODIFIED_ATTR, &cinode->flags)) {
1091 				inode_set_mtime_to_ts(inode,
1092 						      inode_set_ctime_current(inode));
1093 			}
1094 			spin_lock(&cinode->deferred_lock);
1095 			cifs_add_deferred_close(cfile, dclose);
1096 			if (cfile->deferred_close_scheduled &&
1097 			    delayed_work_pending(&cfile->deferred)) {
1098 				/*
1099 				 * If there is no pending work, mod_delayed_work queues new work.
1100 				 * So, Increase the ref count to avoid use-after-free.
1101 				 */
1102 				if (!mod_delayed_work(deferredclose_wq,
1103 						&cfile->deferred, cifs_sb->ctx->closetimeo))
1104 					cifsFileInfo_get(cfile);
1105 			} else {
1106 				/* Deferred close for files */
1107 				queue_delayed_work(deferredclose_wq,
1108 						&cfile->deferred, cifs_sb->ctx->closetimeo);
1109 				cfile->deferred_close_scheduled = true;
1110 				spin_unlock(&cinode->deferred_lock);
1111 				return 0;
1112 			}
1113 			spin_unlock(&cinode->deferred_lock);
1114 			_cifsFileInfo_put(cfile, true, false);
1115 		} else {
1116 			_cifsFileInfo_put(cfile, true, false);
1117 			kfree(dclose);
1118 		}
1119 	}
1120 
1121 	/* return code from the ->release op is always ignored */
1122 	return 0;
1123 }
1124 
1125 void
cifs_reopen_persistent_handles(struct cifs_tcon * tcon)1126 cifs_reopen_persistent_handles(struct cifs_tcon *tcon)
1127 {
1128 	struct cifsFileInfo *open_file, *tmp;
1129 	struct list_head tmp_list;
1130 
1131 	if (!tcon->use_persistent || !tcon->need_reopen_files)
1132 		return;
1133 
1134 	tcon->need_reopen_files = false;
1135 
1136 	cifs_dbg(FYI, "Reopen persistent handles\n");
1137 	INIT_LIST_HEAD(&tmp_list);
1138 
1139 	/* list all files open on tree connection, reopen resilient handles  */
1140 	spin_lock(&tcon->open_file_lock);
1141 	list_for_each_entry(open_file, &tcon->openFileList, tlist) {
1142 		if (!open_file->invalidHandle)
1143 			continue;
1144 		cifsFileInfo_get(open_file);
1145 		list_add_tail(&open_file->rlist, &tmp_list);
1146 	}
1147 	spin_unlock(&tcon->open_file_lock);
1148 
1149 	list_for_each_entry_safe(open_file, tmp, &tmp_list, rlist) {
1150 		if (cifs_reopen_file(open_file, false /* do not flush */))
1151 			tcon->need_reopen_files = true;
1152 		list_del_init(&open_file->rlist);
1153 		cifsFileInfo_put(open_file);
1154 	}
1155 }
1156 
cifs_closedir(struct inode * inode,struct file * file)1157 int cifs_closedir(struct inode *inode, struct file *file)
1158 {
1159 	int rc = 0;
1160 	unsigned int xid;
1161 	struct cifsFileInfo *cfile = file->private_data;
1162 	struct cifs_tcon *tcon;
1163 	struct TCP_Server_Info *server;
1164 	char *buf;
1165 
1166 	cifs_dbg(FYI, "Closedir inode = 0x%p\n", inode);
1167 
1168 	if (cfile == NULL)
1169 		return rc;
1170 
1171 	xid = get_xid();
1172 	tcon = tlink_tcon(cfile->tlink);
1173 	server = tcon->ses->server;
1174 
1175 	cifs_dbg(FYI, "Freeing private data in close dir\n");
1176 	spin_lock(&cfile->file_info_lock);
1177 	if (server->ops->dir_needs_close(cfile)) {
1178 		cfile->invalidHandle = true;
1179 		spin_unlock(&cfile->file_info_lock);
1180 		if (server->ops->close_dir)
1181 			rc = server->ops->close_dir(xid, tcon, &cfile->fid);
1182 		else
1183 			rc = -ENOSYS;
1184 		cifs_dbg(FYI, "Closing uncompleted readdir with rc %d\n", rc);
1185 		/* not much we can do if it fails anyway, ignore rc */
1186 		rc = 0;
1187 	} else
1188 		spin_unlock(&cfile->file_info_lock);
1189 
1190 	buf = cfile->srch_inf.ntwrk_buf_start;
1191 	if (buf) {
1192 		cifs_dbg(FYI, "closedir free smb buf in srch struct\n");
1193 		cfile->srch_inf.ntwrk_buf_start = NULL;
1194 		if (cfile->srch_inf.smallBuf)
1195 			cifs_small_buf_release(buf);
1196 		else
1197 			cifs_buf_release(buf);
1198 	}
1199 
1200 	cifs_put_tlink(cfile->tlink);
1201 	kfree(file->private_data);
1202 	file->private_data = NULL;
1203 	/* BB can we lock the filestruct while this is going on? */
1204 	free_xid(xid);
1205 	return rc;
1206 }
1207 
1208 static struct cifsLockInfo *
cifs_lock_init(__u64 offset,__u64 length,__u8 type,__u16 flags)1209 cifs_lock_init(__u64 offset, __u64 length, __u8 type, __u16 flags)
1210 {
1211 	struct cifsLockInfo *lock =
1212 		kmalloc(sizeof(struct cifsLockInfo), GFP_KERNEL);
1213 	if (!lock)
1214 		return lock;
1215 	lock->offset = offset;
1216 	lock->length = length;
1217 	lock->type = type;
1218 	lock->pid = current->tgid;
1219 	lock->flags = flags;
1220 	INIT_LIST_HEAD(&lock->blist);
1221 	init_waitqueue_head(&lock->block_q);
1222 	return lock;
1223 }
1224 
1225 void
cifs_del_lock_waiters(struct cifsLockInfo * lock)1226 cifs_del_lock_waiters(struct cifsLockInfo *lock)
1227 {
1228 	struct cifsLockInfo *li, *tmp;
1229 	list_for_each_entry_safe(li, tmp, &lock->blist, blist) {
1230 		list_del_init(&li->blist);
1231 		wake_up(&li->block_q);
1232 	}
1233 }
1234 
1235 #define CIFS_LOCK_OP	0
1236 #define CIFS_READ_OP	1
1237 #define CIFS_WRITE_OP	2
1238 
1239 /* @rw_check : 0 - no op, 1 - read, 2 - write */
1240 static bool
cifs_find_fid_lock_conflict(struct cifs_fid_locks * fdlocks,__u64 offset,__u64 length,__u8 type,__u16 flags,struct cifsFileInfo * cfile,struct cifsLockInfo ** conf_lock,int rw_check)1241 cifs_find_fid_lock_conflict(struct cifs_fid_locks *fdlocks, __u64 offset,
1242 			    __u64 length, __u8 type, __u16 flags,
1243 			    struct cifsFileInfo *cfile,
1244 			    struct cifsLockInfo **conf_lock, int rw_check)
1245 {
1246 	struct cifsLockInfo *li;
1247 	struct cifsFileInfo *cur_cfile = fdlocks->cfile;
1248 	struct TCP_Server_Info *server = tlink_tcon(cfile->tlink)->ses->server;
1249 
1250 	list_for_each_entry(li, &fdlocks->locks, llist) {
1251 		if (offset + length <= li->offset ||
1252 		    offset >= li->offset + li->length)
1253 			continue;
1254 		if (rw_check != CIFS_LOCK_OP && current->tgid == li->pid &&
1255 		    server->ops->compare_fids(cfile, cur_cfile)) {
1256 			/* shared lock prevents write op through the same fid */
1257 			if (!(li->type & server->vals->shared_lock_type) ||
1258 			    rw_check != CIFS_WRITE_OP)
1259 				continue;
1260 		}
1261 		if ((type & server->vals->shared_lock_type) &&
1262 		    ((server->ops->compare_fids(cfile, cur_cfile) &&
1263 		     current->tgid == li->pid) || type == li->type))
1264 			continue;
1265 		if (rw_check == CIFS_LOCK_OP &&
1266 		    (flags & FL_OFDLCK) && (li->flags & FL_OFDLCK) &&
1267 		    server->ops->compare_fids(cfile, cur_cfile))
1268 			continue;
1269 		if (conf_lock)
1270 			*conf_lock = li;
1271 		return true;
1272 	}
1273 	return false;
1274 }
1275 
1276 bool
cifs_find_lock_conflict(struct cifsFileInfo * cfile,__u64 offset,__u64 length,__u8 type,__u16 flags,struct cifsLockInfo ** conf_lock,int rw_check)1277 cifs_find_lock_conflict(struct cifsFileInfo *cfile, __u64 offset, __u64 length,
1278 			__u8 type, __u16 flags,
1279 			struct cifsLockInfo **conf_lock, int rw_check)
1280 {
1281 	bool rc = false;
1282 	struct cifs_fid_locks *cur;
1283 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1284 
1285 	list_for_each_entry(cur, &cinode->llist, llist) {
1286 		rc = cifs_find_fid_lock_conflict(cur, offset, length, type,
1287 						 flags, cfile, conf_lock,
1288 						 rw_check);
1289 		if (rc)
1290 			break;
1291 	}
1292 
1293 	return rc;
1294 }
1295 
1296 /*
1297  * Check if there is another lock that prevents us to set the lock (mandatory
1298  * style). If such a lock exists, update the flock structure with its
1299  * properties. Otherwise, set the flock type to F_UNLCK if we can cache brlocks
1300  * or leave it the same if we can't. Returns 0 if we don't need to request to
1301  * the server or 1 otherwise.
1302  */
1303 static int
cifs_lock_test(struct cifsFileInfo * cfile,__u64 offset,__u64 length,__u8 type,struct file_lock * flock)1304 cifs_lock_test(struct cifsFileInfo *cfile, __u64 offset, __u64 length,
1305 	       __u8 type, struct file_lock *flock)
1306 {
1307 	int rc = 0;
1308 	struct cifsLockInfo *conf_lock;
1309 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1310 	struct TCP_Server_Info *server = tlink_tcon(cfile->tlink)->ses->server;
1311 	bool exist;
1312 
1313 	down_read(&cinode->lock_sem);
1314 
1315 	exist = cifs_find_lock_conflict(cfile, offset, length, type,
1316 					flock->fl_flags, &conf_lock,
1317 					CIFS_LOCK_OP);
1318 	if (exist) {
1319 		flock->fl_start = conf_lock->offset;
1320 		flock->fl_end = conf_lock->offset + conf_lock->length - 1;
1321 		flock->fl_pid = conf_lock->pid;
1322 		if (conf_lock->type & server->vals->shared_lock_type)
1323 			flock->fl_type = F_RDLCK;
1324 		else
1325 			flock->fl_type = F_WRLCK;
1326 	} else if (!cinode->can_cache_brlcks)
1327 		rc = 1;
1328 	else
1329 		flock->fl_type = F_UNLCK;
1330 
1331 	up_read(&cinode->lock_sem);
1332 	return rc;
1333 }
1334 
1335 static void
cifs_lock_add(struct cifsFileInfo * cfile,struct cifsLockInfo * lock)1336 cifs_lock_add(struct cifsFileInfo *cfile, struct cifsLockInfo *lock)
1337 {
1338 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1339 	cifs_down_write(&cinode->lock_sem);
1340 	list_add_tail(&lock->llist, &cfile->llist->locks);
1341 	up_write(&cinode->lock_sem);
1342 }
1343 
1344 /*
1345  * Set the byte-range lock (mandatory style). Returns:
1346  * 1) 0, if we set the lock and don't need to request to the server;
1347  * 2) 1, if no locks prevent us but we need to request to the server;
1348  * 3) -EACCES, if there is a lock that prevents us and wait is false.
1349  */
1350 static int
cifs_lock_add_if(struct cifsFileInfo * cfile,struct cifsLockInfo * lock,bool wait)1351 cifs_lock_add_if(struct cifsFileInfo *cfile, struct cifsLockInfo *lock,
1352 		 bool wait)
1353 {
1354 	struct cifsLockInfo *conf_lock;
1355 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1356 	bool exist;
1357 	int rc = 0;
1358 
1359 try_again:
1360 	exist = false;
1361 	cifs_down_write(&cinode->lock_sem);
1362 
1363 	exist = cifs_find_lock_conflict(cfile, lock->offset, lock->length,
1364 					lock->type, lock->flags, &conf_lock,
1365 					CIFS_LOCK_OP);
1366 	if (!exist && cinode->can_cache_brlcks) {
1367 		list_add_tail(&lock->llist, &cfile->llist->locks);
1368 		up_write(&cinode->lock_sem);
1369 		return rc;
1370 	}
1371 
1372 	if (!exist)
1373 		rc = 1;
1374 	else if (!wait)
1375 		rc = -EACCES;
1376 	else {
1377 		list_add_tail(&lock->blist, &conf_lock->blist);
1378 		up_write(&cinode->lock_sem);
1379 		rc = wait_event_interruptible(lock->block_q,
1380 					(lock->blist.prev == &lock->blist) &&
1381 					(lock->blist.next == &lock->blist));
1382 		if (!rc)
1383 			goto try_again;
1384 		cifs_down_write(&cinode->lock_sem);
1385 		list_del_init(&lock->blist);
1386 	}
1387 
1388 	up_write(&cinode->lock_sem);
1389 	return rc;
1390 }
1391 
1392 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1393 /*
1394  * Check if there is another lock that prevents us to set the lock (posix
1395  * style). If such a lock exists, update the flock structure with its
1396  * properties. Otherwise, set the flock type to F_UNLCK if we can cache brlocks
1397  * or leave it the same if we can't. Returns 0 if we don't need to request to
1398  * the server or 1 otherwise.
1399  */
1400 static int
cifs_posix_lock_test(struct file * file,struct file_lock * flock)1401 cifs_posix_lock_test(struct file *file, struct file_lock *flock)
1402 {
1403 	int rc = 0;
1404 	struct cifsInodeInfo *cinode = CIFS_I(file_inode(file));
1405 	unsigned char saved_type = flock->fl_type;
1406 
1407 	if ((flock->fl_flags & FL_POSIX) == 0)
1408 		return 1;
1409 
1410 	down_read(&cinode->lock_sem);
1411 	posix_test_lock(file, flock);
1412 
1413 	if (flock->fl_type == F_UNLCK && !cinode->can_cache_brlcks) {
1414 		flock->fl_type = saved_type;
1415 		rc = 1;
1416 	}
1417 
1418 	up_read(&cinode->lock_sem);
1419 	return rc;
1420 }
1421 
1422 /*
1423  * Set the byte-range lock (posix style). Returns:
1424  * 1) <0, if the error occurs while setting the lock;
1425  * 2) 0, if we set the lock and don't need to request to the server;
1426  * 3) FILE_LOCK_DEFERRED, if we will wait for some other file_lock;
1427  * 4) FILE_LOCK_DEFERRED + 1, if we need to request to the server.
1428  */
1429 static int
cifs_posix_lock_set(struct file * file,struct file_lock * flock)1430 cifs_posix_lock_set(struct file *file, struct file_lock *flock)
1431 {
1432 	struct cifsInodeInfo *cinode = CIFS_I(file_inode(file));
1433 	int rc = FILE_LOCK_DEFERRED + 1;
1434 
1435 	if ((flock->fl_flags & FL_POSIX) == 0)
1436 		return rc;
1437 
1438 	cifs_down_write(&cinode->lock_sem);
1439 	if (!cinode->can_cache_brlcks) {
1440 		up_write(&cinode->lock_sem);
1441 		return rc;
1442 	}
1443 
1444 	rc = posix_lock_file(file, flock, NULL);
1445 	up_write(&cinode->lock_sem);
1446 	return rc;
1447 }
1448 
1449 int
cifs_push_mandatory_locks(struct cifsFileInfo * cfile)1450 cifs_push_mandatory_locks(struct cifsFileInfo *cfile)
1451 {
1452 	unsigned int xid;
1453 	int rc = 0, stored_rc;
1454 	struct cifsLockInfo *li, *tmp;
1455 	struct cifs_tcon *tcon;
1456 	unsigned int num, max_num, max_buf;
1457 	LOCKING_ANDX_RANGE *buf, *cur;
1458 	static const int types[] = {
1459 		LOCKING_ANDX_LARGE_FILES,
1460 		LOCKING_ANDX_SHARED_LOCK | LOCKING_ANDX_LARGE_FILES
1461 	};
1462 	int i;
1463 
1464 	xid = get_xid();
1465 	tcon = tlink_tcon(cfile->tlink);
1466 
1467 	/*
1468 	 * Accessing maxBuf is racy with cifs_reconnect - need to store value
1469 	 * and check it before using.
1470 	 */
1471 	max_buf = tcon->ses->server->maxBuf;
1472 	if (max_buf < (sizeof(struct smb_hdr) + sizeof(LOCKING_ANDX_RANGE))) {
1473 		free_xid(xid);
1474 		return -EINVAL;
1475 	}
1476 
1477 	BUILD_BUG_ON(sizeof(struct smb_hdr) + sizeof(LOCKING_ANDX_RANGE) >
1478 		     PAGE_SIZE);
1479 	max_buf = min_t(unsigned int, max_buf - sizeof(struct smb_hdr),
1480 			PAGE_SIZE);
1481 	max_num = (max_buf - sizeof(struct smb_hdr)) /
1482 						sizeof(LOCKING_ANDX_RANGE);
1483 	buf = kcalloc(max_num, sizeof(LOCKING_ANDX_RANGE), GFP_KERNEL);
1484 	if (!buf) {
1485 		free_xid(xid);
1486 		return -ENOMEM;
1487 	}
1488 
1489 	for (i = 0; i < 2; i++) {
1490 		cur = buf;
1491 		num = 0;
1492 		list_for_each_entry_safe(li, tmp, &cfile->llist->locks, llist) {
1493 			if (li->type != types[i])
1494 				continue;
1495 			cur->Pid = cpu_to_le16(li->pid);
1496 			cur->LengthLow = cpu_to_le32((u32)li->length);
1497 			cur->LengthHigh = cpu_to_le32((u32)(li->length>>32));
1498 			cur->OffsetLow = cpu_to_le32((u32)li->offset);
1499 			cur->OffsetHigh = cpu_to_le32((u32)(li->offset>>32));
1500 			if (++num == max_num) {
1501 				stored_rc = cifs_lockv(xid, tcon,
1502 						       cfile->fid.netfid,
1503 						       (__u8)li->type, 0, num,
1504 						       buf);
1505 				if (stored_rc)
1506 					rc = stored_rc;
1507 				cur = buf;
1508 				num = 0;
1509 			} else
1510 				cur++;
1511 		}
1512 
1513 		if (num) {
1514 			stored_rc = cifs_lockv(xid, tcon, cfile->fid.netfid,
1515 					       (__u8)types[i], 0, num, buf);
1516 			if (stored_rc)
1517 				rc = stored_rc;
1518 		}
1519 	}
1520 
1521 	kfree(buf);
1522 	free_xid(xid);
1523 	return rc;
1524 }
1525 
1526 static __u32
hash_lockowner(fl_owner_t owner)1527 hash_lockowner(fl_owner_t owner)
1528 {
1529 	return cifs_lock_secret ^ hash32_ptr((const void *)owner);
1530 }
1531 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1532 
1533 struct lock_to_push {
1534 	struct list_head llist;
1535 	__u64 offset;
1536 	__u64 length;
1537 	__u32 pid;
1538 	__u16 netfid;
1539 	__u8 type;
1540 };
1541 
1542 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1543 static int
cifs_push_posix_locks(struct cifsFileInfo * cfile)1544 cifs_push_posix_locks(struct cifsFileInfo *cfile)
1545 {
1546 	struct inode *inode = d_inode(cfile->dentry);
1547 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
1548 	struct file_lock *flock;
1549 	struct file_lock_context *flctx = locks_inode_context(inode);
1550 	unsigned int count = 0, i;
1551 	int rc = 0, xid, type;
1552 	struct list_head locks_to_send, *el;
1553 	struct lock_to_push *lck, *tmp;
1554 	__u64 length;
1555 
1556 	xid = get_xid();
1557 
1558 	if (!flctx)
1559 		goto out;
1560 
1561 	spin_lock(&flctx->flc_lock);
1562 	list_for_each(el, &flctx->flc_posix) {
1563 		count++;
1564 	}
1565 	spin_unlock(&flctx->flc_lock);
1566 
1567 	INIT_LIST_HEAD(&locks_to_send);
1568 
1569 	/*
1570 	 * Allocating count locks is enough because no FL_POSIX locks can be
1571 	 * added to the list while we are holding cinode->lock_sem that
1572 	 * protects locking operations of this inode.
1573 	 */
1574 	for (i = 0; i < count; i++) {
1575 		lck = kmalloc(sizeof(struct lock_to_push), GFP_KERNEL);
1576 		if (!lck) {
1577 			rc = -ENOMEM;
1578 			goto err_out;
1579 		}
1580 		list_add_tail(&lck->llist, &locks_to_send);
1581 	}
1582 
1583 	el = locks_to_send.next;
1584 	spin_lock(&flctx->flc_lock);
1585 	list_for_each_entry(flock, &flctx->flc_posix, fl_list) {
1586 		if (el == &locks_to_send) {
1587 			/*
1588 			 * The list ended. We don't have enough allocated
1589 			 * structures - something is really wrong.
1590 			 */
1591 			cifs_dbg(VFS, "Can't push all brlocks!\n");
1592 			break;
1593 		}
1594 		length = cifs_flock_len(flock);
1595 		if (flock->fl_type == F_RDLCK || flock->fl_type == F_SHLCK)
1596 			type = CIFS_RDLCK;
1597 		else
1598 			type = CIFS_WRLCK;
1599 		lck = list_entry(el, struct lock_to_push, llist);
1600 		lck->pid = hash_lockowner(flock->fl_owner);
1601 		lck->netfid = cfile->fid.netfid;
1602 		lck->length = length;
1603 		lck->type = type;
1604 		lck->offset = flock->fl_start;
1605 	}
1606 	spin_unlock(&flctx->flc_lock);
1607 
1608 	list_for_each_entry_safe(lck, tmp, &locks_to_send, llist) {
1609 		int stored_rc;
1610 
1611 		stored_rc = CIFSSMBPosixLock(xid, tcon, lck->netfid, lck->pid,
1612 					     lck->offset, lck->length, NULL,
1613 					     lck->type, 0);
1614 		if (stored_rc)
1615 			rc = stored_rc;
1616 		list_del(&lck->llist);
1617 		kfree(lck);
1618 	}
1619 
1620 out:
1621 	free_xid(xid);
1622 	return rc;
1623 err_out:
1624 	list_for_each_entry_safe(lck, tmp, &locks_to_send, llist) {
1625 		list_del(&lck->llist);
1626 		kfree(lck);
1627 	}
1628 	goto out;
1629 }
1630 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1631 
1632 static int
cifs_push_locks(struct cifsFileInfo * cfile)1633 cifs_push_locks(struct cifsFileInfo *cfile)
1634 {
1635 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1636 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
1637 	int rc = 0;
1638 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1639 	struct cifs_sb_info *cifs_sb = CIFS_SB(cfile->dentry->d_sb);
1640 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1641 
1642 	/* we are going to update can_cache_brlcks here - need a write access */
1643 	cifs_down_write(&cinode->lock_sem);
1644 	if (!cinode->can_cache_brlcks) {
1645 		up_write(&cinode->lock_sem);
1646 		return rc;
1647 	}
1648 
1649 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1650 	if (cap_unix(tcon->ses) &&
1651 	    (CIFS_UNIX_FCNTL_CAP & le64_to_cpu(tcon->fsUnixInfo.Capability)) &&
1652 	    ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) == 0))
1653 		rc = cifs_push_posix_locks(cfile);
1654 	else
1655 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1656 		rc = tcon->ses->server->ops->push_mand_locks(cfile);
1657 
1658 	cinode->can_cache_brlcks = false;
1659 	up_write(&cinode->lock_sem);
1660 	return rc;
1661 }
1662 
1663 static void
cifs_read_flock(struct file_lock * flock,__u32 * type,int * lock,int * unlock,bool * wait_flag,struct TCP_Server_Info * server)1664 cifs_read_flock(struct file_lock *flock, __u32 *type, int *lock, int *unlock,
1665 		bool *wait_flag, struct TCP_Server_Info *server)
1666 {
1667 	if (flock->fl_flags & FL_POSIX)
1668 		cifs_dbg(FYI, "Posix\n");
1669 	if (flock->fl_flags & FL_FLOCK)
1670 		cifs_dbg(FYI, "Flock\n");
1671 	if (flock->fl_flags & FL_SLEEP) {
1672 		cifs_dbg(FYI, "Blocking lock\n");
1673 		*wait_flag = true;
1674 	}
1675 	if (flock->fl_flags & FL_ACCESS)
1676 		cifs_dbg(FYI, "Process suspended by mandatory locking - not implemented yet\n");
1677 	if (flock->fl_flags & FL_LEASE)
1678 		cifs_dbg(FYI, "Lease on file - not implemented yet\n");
1679 	if (flock->fl_flags &
1680 	    (~(FL_POSIX | FL_FLOCK | FL_SLEEP |
1681 	       FL_ACCESS | FL_LEASE | FL_CLOSE | FL_OFDLCK)))
1682 		cifs_dbg(FYI, "Unknown lock flags 0x%x\n", flock->fl_flags);
1683 
1684 	*type = server->vals->large_lock_type;
1685 	if (flock->fl_type == F_WRLCK) {
1686 		cifs_dbg(FYI, "F_WRLCK\n");
1687 		*type |= server->vals->exclusive_lock_type;
1688 		*lock = 1;
1689 	} else if (flock->fl_type == F_UNLCK) {
1690 		cifs_dbg(FYI, "F_UNLCK\n");
1691 		*type |= server->vals->unlock_lock_type;
1692 		*unlock = 1;
1693 		/* Check if unlock includes more than one lock range */
1694 	} else if (flock->fl_type == F_RDLCK) {
1695 		cifs_dbg(FYI, "F_RDLCK\n");
1696 		*type |= server->vals->shared_lock_type;
1697 		*lock = 1;
1698 	} else if (flock->fl_type == F_EXLCK) {
1699 		cifs_dbg(FYI, "F_EXLCK\n");
1700 		*type |= server->vals->exclusive_lock_type;
1701 		*lock = 1;
1702 	} else if (flock->fl_type == F_SHLCK) {
1703 		cifs_dbg(FYI, "F_SHLCK\n");
1704 		*type |= server->vals->shared_lock_type;
1705 		*lock = 1;
1706 	} else
1707 		cifs_dbg(FYI, "Unknown type of lock\n");
1708 }
1709 
1710 static int
cifs_getlk(struct file * file,struct file_lock * flock,__u32 type,bool wait_flag,bool posix_lck,unsigned int xid)1711 cifs_getlk(struct file *file, struct file_lock *flock, __u32 type,
1712 	   bool wait_flag, bool posix_lck, unsigned int xid)
1713 {
1714 	int rc = 0;
1715 	__u64 length = cifs_flock_len(flock);
1716 	struct cifsFileInfo *cfile = (struct cifsFileInfo *)file->private_data;
1717 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
1718 	struct TCP_Server_Info *server = tcon->ses->server;
1719 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1720 	__u16 netfid = cfile->fid.netfid;
1721 
1722 	if (posix_lck) {
1723 		int posix_lock_type;
1724 
1725 		rc = cifs_posix_lock_test(file, flock);
1726 		if (!rc)
1727 			return rc;
1728 
1729 		if (type & server->vals->shared_lock_type)
1730 			posix_lock_type = CIFS_RDLCK;
1731 		else
1732 			posix_lock_type = CIFS_WRLCK;
1733 		rc = CIFSSMBPosixLock(xid, tcon, netfid,
1734 				      hash_lockowner(flock->fl_owner),
1735 				      flock->fl_start, length, flock,
1736 				      posix_lock_type, wait_flag);
1737 		return rc;
1738 	}
1739 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1740 
1741 	rc = cifs_lock_test(cfile, flock->fl_start, length, type, flock);
1742 	if (!rc)
1743 		return rc;
1744 
1745 	/* BB we could chain these into one lock request BB */
1746 	rc = server->ops->mand_lock(xid, cfile, flock->fl_start, length, type,
1747 				    1, 0, false);
1748 	if (rc == 0) {
1749 		rc = server->ops->mand_lock(xid, cfile, flock->fl_start, length,
1750 					    type, 0, 1, false);
1751 		flock->fl_type = F_UNLCK;
1752 		if (rc != 0)
1753 			cifs_dbg(VFS, "Error unlocking previously locked range %d during test of lock\n",
1754 				 rc);
1755 		return 0;
1756 	}
1757 
1758 	if (type & server->vals->shared_lock_type) {
1759 		flock->fl_type = F_WRLCK;
1760 		return 0;
1761 	}
1762 
1763 	type &= ~server->vals->exclusive_lock_type;
1764 
1765 	rc = server->ops->mand_lock(xid, cfile, flock->fl_start, length,
1766 				    type | server->vals->shared_lock_type,
1767 				    1, 0, false);
1768 	if (rc == 0) {
1769 		rc = server->ops->mand_lock(xid, cfile, flock->fl_start, length,
1770 			type | server->vals->shared_lock_type, 0, 1, false);
1771 		flock->fl_type = F_RDLCK;
1772 		if (rc != 0)
1773 			cifs_dbg(VFS, "Error unlocking previously locked range %d during test of lock\n",
1774 				 rc);
1775 	} else
1776 		flock->fl_type = F_WRLCK;
1777 
1778 	return 0;
1779 }
1780 
1781 void
cifs_move_llist(struct list_head * source,struct list_head * dest)1782 cifs_move_llist(struct list_head *source, struct list_head *dest)
1783 {
1784 	struct list_head *li, *tmp;
1785 	list_for_each_safe(li, tmp, source)
1786 		list_move(li, dest);
1787 }
1788 
1789 void
cifs_free_llist(struct list_head * llist)1790 cifs_free_llist(struct list_head *llist)
1791 {
1792 	struct cifsLockInfo *li, *tmp;
1793 	list_for_each_entry_safe(li, tmp, llist, llist) {
1794 		cifs_del_lock_waiters(li);
1795 		list_del(&li->llist);
1796 		kfree(li);
1797 	}
1798 }
1799 
1800 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1801 int
cifs_unlock_range(struct cifsFileInfo * cfile,struct file_lock * flock,unsigned int xid)1802 cifs_unlock_range(struct cifsFileInfo *cfile, struct file_lock *flock,
1803 		  unsigned int xid)
1804 {
1805 	int rc = 0, stored_rc;
1806 	static const int types[] = {
1807 		LOCKING_ANDX_LARGE_FILES,
1808 		LOCKING_ANDX_SHARED_LOCK | LOCKING_ANDX_LARGE_FILES
1809 	};
1810 	unsigned int i;
1811 	unsigned int max_num, num, max_buf;
1812 	LOCKING_ANDX_RANGE *buf, *cur;
1813 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
1814 	struct cifsInodeInfo *cinode = CIFS_I(d_inode(cfile->dentry));
1815 	struct cifsLockInfo *li, *tmp;
1816 	__u64 length = cifs_flock_len(flock);
1817 	struct list_head tmp_llist;
1818 
1819 	INIT_LIST_HEAD(&tmp_llist);
1820 
1821 	/*
1822 	 * Accessing maxBuf is racy with cifs_reconnect - need to store value
1823 	 * and check it before using.
1824 	 */
1825 	max_buf = tcon->ses->server->maxBuf;
1826 	if (max_buf < (sizeof(struct smb_hdr) + sizeof(LOCKING_ANDX_RANGE)))
1827 		return -EINVAL;
1828 
1829 	BUILD_BUG_ON(sizeof(struct smb_hdr) + sizeof(LOCKING_ANDX_RANGE) >
1830 		     PAGE_SIZE);
1831 	max_buf = min_t(unsigned int, max_buf - sizeof(struct smb_hdr),
1832 			PAGE_SIZE);
1833 	max_num = (max_buf - sizeof(struct smb_hdr)) /
1834 						sizeof(LOCKING_ANDX_RANGE);
1835 	buf = kcalloc(max_num, sizeof(LOCKING_ANDX_RANGE), GFP_KERNEL);
1836 	if (!buf)
1837 		return -ENOMEM;
1838 
1839 	cifs_down_write(&cinode->lock_sem);
1840 	for (i = 0; i < 2; i++) {
1841 		cur = buf;
1842 		num = 0;
1843 		list_for_each_entry_safe(li, tmp, &cfile->llist->locks, llist) {
1844 			if (flock->fl_start > li->offset ||
1845 			    (flock->fl_start + length) <
1846 			    (li->offset + li->length))
1847 				continue;
1848 			if (current->tgid != li->pid)
1849 				continue;
1850 			if (types[i] != li->type)
1851 				continue;
1852 			if (cinode->can_cache_brlcks) {
1853 				/*
1854 				 * We can cache brlock requests - simply remove
1855 				 * a lock from the file's list.
1856 				 */
1857 				list_del(&li->llist);
1858 				cifs_del_lock_waiters(li);
1859 				kfree(li);
1860 				continue;
1861 			}
1862 			cur->Pid = cpu_to_le16(li->pid);
1863 			cur->LengthLow = cpu_to_le32((u32)li->length);
1864 			cur->LengthHigh = cpu_to_le32((u32)(li->length>>32));
1865 			cur->OffsetLow = cpu_to_le32((u32)li->offset);
1866 			cur->OffsetHigh = cpu_to_le32((u32)(li->offset>>32));
1867 			/*
1868 			 * We need to save a lock here to let us add it again to
1869 			 * the file's list if the unlock range request fails on
1870 			 * the server.
1871 			 */
1872 			list_move(&li->llist, &tmp_llist);
1873 			if (++num == max_num) {
1874 				stored_rc = cifs_lockv(xid, tcon,
1875 						       cfile->fid.netfid,
1876 						       li->type, num, 0, buf);
1877 				if (stored_rc) {
1878 					/*
1879 					 * We failed on the unlock range
1880 					 * request - add all locks from the tmp
1881 					 * list to the head of the file's list.
1882 					 */
1883 					cifs_move_llist(&tmp_llist,
1884 							&cfile->llist->locks);
1885 					rc = stored_rc;
1886 				} else
1887 					/*
1888 					 * The unlock range request succeed -
1889 					 * free the tmp list.
1890 					 */
1891 					cifs_free_llist(&tmp_llist);
1892 				cur = buf;
1893 				num = 0;
1894 			} else
1895 				cur++;
1896 		}
1897 		if (num) {
1898 			stored_rc = cifs_lockv(xid, tcon, cfile->fid.netfid,
1899 					       types[i], num, 0, buf);
1900 			if (stored_rc) {
1901 				cifs_move_llist(&tmp_llist,
1902 						&cfile->llist->locks);
1903 				rc = stored_rc;
1904 			} else
1905 				cifs_free_llist(&tmp_llist);
1906 		}
1907 	}
1908 
1909 	up_write(&cinode->lock_sem);
1910 	kfree(buf);
1911 	return rc;
1912 }
1913 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1914 
1915 static int
cifs_setlk(struct file * file,struct file_lock * flock,__u32 type,bool wait_flag,bool posix_lck,int lock,int unlock,unsigned int xid)1916 cifs_setlk(struct file *file, struct file_lock *flock, __u32 type,
1917 	   bool wait_flag, bool posix_lck, int lock, int unlock,
1918 	   unsigned int xid)
1919 {
1920 	int rc = 0;
1921 	__u64 length = cifs_flock_len(flock);
1922 	struct cifsFileInfo *cfile = (struct cifsFileInfo *)file->private_data;
1923 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
1924 	struct TCP_Server_Info *server = tcon->ses->server;
1925 	struct inode *inode = d_inode(cfile->dentry);
1926 
1927 #ifdef CONFIG_CIFS_ALLOW_INSECURE_LEGACY
1928 	if (posix_lck) {
1929 		int posix_lock_type;
1930 
1931 		rc = cifs_posix_lock_set(file, flock);
1932 		if (rc <= FILE_LOCK_DEFERRED)
1933 			return rc;
1934 
1935 		if (type & server->vals->shared_lock_type)
1936 			posix_lock_type = CIFS_RDLCK;
1937 		else
1938 			posix_lock_type = CIFS_WRLCK;
1939 
1940 		if (unlock == 1)
1941 			posix_lock_type = CIFS_UNLCK;
1942 
1943 		rc = CIFSSMBPosixLock(xid, tcon, cfile->fid.netfid,
1944 				      hash_lockowner(flock->fl_owner),
1945 				      flock->fl_start, length,
1946 				      NULL, posix_lock_type, wait_flag);
1947 		goto out;
1948 	}
1949 #endif /* CONFIG_CIFS_ALLOW_INSECURE_LEGACY */
1950 	if (lock) {
1951 		struct cifsLockInfo *lock;
1952 
1953 		lock = cifs_lock_init(flock->fl_start, length, type,
1954 				      flock->fl_flags);
1955 		if (!lock)
1956 			return -ENOMEM;
1957 
1958 		rc = cifs_lock_add_if(cfile, lock, wait_flag);
1959 		if (rc < 0) {
1960 			kfree(lock);
1961 			return rc;
1962 		}
1963 		if (!rc)
1964 			goto out;
1965 
1966 		/*
1967 		 * Windows 7 server can delay breaking lease from read to None
1968 		 * if we set a byte-range lock on a file - break it explicitly
1969 		 * before sending the lock to the server to be sure the next
1970 		 * read won't conflict with non-overlapted locks due to
1971 		 * pagereading.
1972 		 */
1973 		if (!CIFS_CACHE_WRITE(CIFS_I(inode)) &&
1974 					CIFS_CACHE_READ(CIFS_I(inode))) {
1975 			cifs_zap_mapping(inode);
1976 			cifs_dbg(FYI, "Set no oplock for inode=%p due to mand locks\n",
1977 				 inode);
1978 			CIFS_I(inode)->oplock = 0;
1979 		}
1980 
1981 		rc = server->ops->mand_lock(xid, cfile, flock->fl_start, length,
1982 					    type, 1, 0, wait_flag);
1983 		if (rc) {
1984 			kfree(lock);
1985 			return rc;
1986 		}
1987 
1988 		cifs_lock_add(cfile, lock);
1989 	} else if (unlock)
1990 		rc = server->ops->mand_unlock_range(cfile, flock, xid);
1991 
1992 out:
1993 	if ((flock->fl_flags & FL_POSIX) || (flock->fl_flags & FL_FLOCK)) {
1994 		/*
1995 		 * If this is a request to remove all locks because we
1996 		 * are closing the file, it doesn't matter if the
1997 		 * unlocking failed as both cifs.ko and the SMB server
1998 		 * remove the lock on file close
1999 		 */
2000 		if (rc) {
2001 			cifs_dbg(VFS, "%s failed rc=%d\n", __func__, rc);
2002 			if (!(flock->fl_flags & FL_CLOSE))
2003 				return rc;
2004 		}
2005 		rc = locks_lock_file_wait(file, flock);
2006 	}
2007 	return rc;
2008 }
2009 
cifs_flock(struct file * file,int cmd,struct file_lock * fl)2010 int cifs_flock(struct file *file, int cmd, struct file_lock *fl)
2011 {
2012 	int rc, xid;
2013 	int lock = 0, unlock = 0;
2014 	bool wait_flag = false;
2015 	bool posix_lck = false;
2016 	struct cifs_sb_info *cifs_sb;
2017 	struct cifs_tcon *tcon;
2018 	struct cifsFileInfo *cfile;
2019 	__u32 type;
2020 
2021 	xid = get_xid();
2022 
2023 	if (!(fl->fl_flags & FL_FLOCK)) {
2024 		rc = -ENOLCK;
2025 		free_xid(xid);
2026 		return rc;
2027 	}
2028 
2029 	cfile = (struct cifsFileInfo *)file->private_data;
2030 	tcon = tlink_tcon(cfile->tlink);
2031 
2032 	cifs_read_flock(fl, &type, &lock, &unlock, &wait_flag,
2033 			tcon->ses->server);
2034 	cifs_sb = CIFS_FILE_SB(file);
2035 
2036 	if (cap_unix(tcon->ses) &&
2037 	    (CIFS_UNIX_FCNTL_CAP & le64_to_cpu(tcon->fsUnixInfo.Capability)) &&
2038 	    ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) == 0))
2039 		posix_lck = true;
2040 
2041 	if (!lock && !unlock) {
2042 		/*
2043 		 * if no lock or unlock then nothing to do since we do not
2044 		 * know what it is
2045 		 */
2046 		rc = -EOPNOTSUPP;
2047 		free_xid(xid);
2048 		return rc;
2049 	}
2050 
2051 	rc = cifs_setlk(file, fl, type, wait_flag, posix_lck, lock, unlock,
2052 			xid);
2053 	free_xid(xid);
2054 	return rc;
2055 
2056 
2057 }
2058 
cifs_lock(struct file * file,int cmd,struct file_lock * flock)2059 int cifs_lock(struct file *file, int cmd, struct file_lock *flock)
2060 {
2061 	int rc, xid;
2062 	int lock = 0, unlock = 0;
2063 	bool wait_flag = false;
2064 	bool posix_lck = false;
2065 	struct cifs_sb_info *cifs_sb;
2066 	struct cifs_tcon *tcon;
2067 	struct cifsFileInfo *cfile;
2068 	__u32 type;
2069 
2070 	rc = -EACCES;
2071 	xid = get_xid();
2072 
2073 	cifs_dbg(FYI, "%s: %pD2 cmd=0x%x type=0x%x flags=0x%x r=%lld:%lld\n", __func__, file, cmd,
2074 		 flock->fl_flags, flock->fl_type, (long long)flock->fl_start,
2075 		 (long long)flock->fl_end);
2076 
2077 	cfile = (struct cifsFileInfo *)file->private_data;
2078 	tcon = tlink_tcon(cfile->tlink);
2079 
2080 	cifs_read_flock(flock, &type, &lock, &unlock, &wait_flag,
2081 			tcon->ses->server);
2082 	cifs_sb = CIFS_FILE_SB(file);
2083 	set_bit(CIFS_INO_CLOSE_ON_LOCK, &CIFS_I(d_inode(cfile->dentry))->flags);
2084 
2085 	if (cap_unix(tcon->ses) &&
2086 	    (CIFS_UNIX_FCNTL_CAP & le64_to_cpu(tcon->fsUnixInfo.Capability)) &&
2087 	    ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) == 0))
2088 		posix_lck = true;
2089 	/*
2090 	 * BB add code here to normalize offset and length to account for
2091 	 * negative length which we can not accept over the wire.
2092 	 */
2093 	if (IS_GETLK(cmd)) {
2094 		rc = cifs_getlk(file, flock, type, wait_flag, posix_lck, xid);
2095 		free_xid(xid);
2096 		return rc;
2097 	}
2098 
2099 	if (!lock && !unlock) {
2100 		/*
2101 		 * if no lock or unlock then nothing to do since we do not
2102 		 * know what it is
2103 		 */
2104 		free_xid(xid);
2105 		return -EOPNOTSUPP;
2106 	}
2107 
2108 	rc = cifs_setlk(file, flock, type, wait_flag, posix_lck, lock, unlock,
2109 			xid);
2110 	free_xid(xid);
2111 	return rc;
2112 }
2113 
2114 /*
2115  * update the file size (if needed) after a write. Should be called with
2116  * the inode->i_lock held
2117  */
2118 void
cifs_update_eof(struct cifsInodeInfo * cifsi,loff_t offset,unsigned int bytes_written)2119 cifs_update_eof(struct cifsInodeInfo *cifsi, loff_t offset,
2120 		      unsigned int bytes_written)
2121 {
2122 	loff_t end_of_write = offset + bytes_written;
2123 
2124 	if (end_of_write > cifsi->server_eof)
2125 		cifsi->server_eof = end_of_write;
2126 }
2127 
2128 static ssize_t
cifs_write(struct cifsFileInfo * open_file,__u32 pid,const char * write_data,size_t write_size,loff_t * offset)2129 cifs_write(struct cifsFileInfo *open_file, __u32 pid, const char *write_data,
2130 	   size_t write_size, loff_t *offset)
2131 {
2132 	int rc = 0;
2133 	unsigned int bytes_written = 0;
2134 	unsigned int total_written;
2135 	struct cifs_tcon *tcon;
2136 	struct TCP_Server_Info *server;
2137 	unsigned int xid;
2138 	struct dentry *dentry = open_file->dentry;
2139 	struct cifsInodeInfo *cifsi = CIFS_I(d_inode(dentry));
2140 	struct cifs_io_parms io_parms = {0};
2141 
2142 	cifs_dbg(FYI, "write %zd bytes to offset %lld of %pd\n",
2143 		 write_size, *offset, dentry);
2144 
2145 	tcon = tlink_tcon(open_file->tlink);
2146 	server = tcon->ses->server;
2147 
2148 	if (!server->ops->sync_write)
2149 		return -ENOSYS;
2150 
2151 	xid = get_xid();
2152 
2153 	for (total_written = 0; write_size > total_written;
2154 	     total_written += bytes_written) {
2155 		rc = -EAGAIN;
2156 		while (rc == -EAGAIN) {
2157 			struct kvec iov[2];
2158 			unsigned int len;
2159 
2160 			if (open_file->invalidHandle) {
2161 				/* we could deadlock if we called
2162 				   filemap_fdatawait from here so tell
2163 				   reopen_file not to flush data to
2164 				   server now */
2165 				rc = cifs_reopen_file(open_file, false);
2166 				if (rc != 0)
2167 					break;
2168 			}
2169 
2170 			len = min(server->ops->wp_retry_size(d_inode(dentry)),
2171 				  (unsigned int)write_size - total_written);
2172 			/* iov[0] is reserved for smb header */
2173 			iov[1].iov_base = (char *)write_data + total_written;
2174 			iov[1].iov_len = len;
2175 			io_parms.pid = pid;
2176 			io_parms.tcon = tcon;
2177 			io_parms.offset = *offset;
2178 			io_parms.length = len;
2179 			rc = server->ops->sync_write(xid, &open_file->fid,
2180 					&io_parms, &bytes_written, iov, 1);
2181 		}
2182 		if (rc || (bytes_written == 0)) {
2183 			if (total_written)
2184 				break;
2185 			else {
2186 				free_xid(xid);
2187 				return rc;
2188 			}
2189 		} else {
2190 			spin_lock(&d_inode(dentry)->i_lock);
2191 			cifs_update_eof(cifsi, *offset, bytes_written);
2192 			spin_unlock(&d_inode(dentry)->i_lock);
2193 			*offset += bytes_written;
2194 		}
2195 	}
2196 
2197 	cifs_stats_bytes_written(tcon, total_written);
2198 
2199 	if (total_written > 0) {
2200 		spin_lock(&d_inode(dentry)->i_lock);
2201 		if (*offset > d_inode(dentry)->i_size) {
2202 			i_size_write(d_inode(dentry), *offset);
2203 			d_inode(dentry)->i_blocks = (512 - 1 + *offset) >> 9;
2204 		}
2205 		spin_unlock(&d_inode(dentry)->i_lock);
2206 	}
2207 	mark_inode_dirty_sync(d_inode(dentry));
2208 	free_xid(xid);
2209 	return total_written;
2210 }
2211 
find_readable_file(struct cifsInodeInfo * cifs_inode,bool fsuid_only)2212 struct cifsFileInfo *find_readable_file(struct cifsInodeInfo *cifs_inode,
2213 					bool fsuid_only)
2214 {
2215 	struct cifsFileInfo *open_file = NULL;
2216 	struct cifs_sb_info *cifs_sb = CIFS_SB(cifs_inode->netfs.inode.i_sb);
2217 
2218 	/* only filter by fsuid on multiuser mounts */
2219 	if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
2220 		fsuid_only = false;
2221 
2222 	spin_lock(&cifs_inode->open_file_lock);
2223 	/* we could simply get the first_list_entry since write-only entries
2224 	   are always at the end of the list but since the first entry might
2225 	   have a close pending, we go through the whole list */
2226 	list_for_each_entry(open_file, &cifs_inode->openFileList, flist) {
2227 		if (fsuid_only && !uid_eq(open_file->uid, current_fsuid()))
2228 			continue;
2229 		if (OPEN_FMODE(open_file->f_flags) & FMODE_READ) {
2230 			if ((!open_file->invalidHandle)) {
2231 				/* found a good file */
2232 				/* lock it so it will not be closed on us */
2233 				cifsFileInfo_get(open_file);
2234 				spin_unlock(&cifs_inode->open_file_lock);
2235 				return open_file;
2236 			} /* else might as well continue, and look for
2237 			     another, or simply have the caller reopen it
2238 			     again rather than trying to fix this handle */
2239 		} else /* write only file */
2240 			break; /* write only files are last so must be done */
2241 	}
2242 	spin_unlock(&cifs_inode->open_file_lock);
2243 	return NULL;
2244 }
2245 
2246 /* Return -EBADF if no handle is found and general rc otherwise */
2247 int
cifs_get_writable_file(struct cifsInodeInfo * cifs_inode,int flags,struct cifsFileInfo ** ret_file)2248 cifs_get_writable_file(struct cifsInodeInfo *cifs_inode, int flags,
2249 		       struct cifsFileInfo **ret_file)
2250 {
2251 	struct cifsFileInfo *open_file, *inv_file = NULL;
2252 	struct cifs_sb_info *cifs_sb;
2253 	bool any_available = false;
2254 	int rc = -EBADF;
2255 	unsigned int refind = 0;
2256 	bool fsuid_only = flags & FIND_WR_FSUID_ONLY;
2257 	bool with_delete = flags & FIND_WR_WITH_DELETE;
2258 	*ret_file = NULL;
2259 
2260 	/*
2261 	 * Having a null inode here (because mapping->host was set to zero by
2262 	 * the VFS or MM) should not happen but we had reports of on oops (due
2263 	 * to it being zero) during stress testcases so we need to check for it
2264 	 */
2265 
2266 	if (cifs_inode == NULL) {
2267 		cifs_dbg(VFS, "Null inode passed to cifs_writeable_file\n");
2268 		dump_stack();
2269 		return rc;
2270 	}
2271 
2272 	cifs_sb = CIFS_SB(cifs_inode->netfs.inode.i_sb);
2273 
2274 	/* only filter by fsuid on multiuser mounts */
2275 	if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_MULTIUSER))
2276 		fsuid_only = false;
2277 
2278 	spin_lock(&cifs_inode->open_file_lock);
2279 refind_writable:
2280 	if (refind > MAX_REOPEN_ATT) {
2281 		spin_unlock(&cifs_inode->open_file_lock);
2282 		return rc;
2283 	}
2284 	list_for_each_entry(open_file, &cifs_inode->openFileList, flist) {
2285 		if (!any_available && open_file->pid != current->tgid)
2286 			continue;
2287 		if (fsuid_only && !uid_eq(open_file->uid, current_fsuid()))
2288 			continue;
2289 		if (with_delete && !(open_file->fid.access & DELETE))
2290 			continue;
2291 		if (OPEN_FMODE(open_file->f_flags) & FMODE_WRITE) {
2292 			if (!open_file->invalidHandle) {
2293 				/* found a good writable file */
2294 				cifsFileInfo_get(open_file);
2295 				spin_unlock(&cifs_inode->open_file_lock);
2296 				*ret_file = open_file;
2297 				return 0;
2298 			} else {
2299 				if (!inv_file)
2300 					inv_file = open_file;
2301 			}
2302 		}
2303 	}
2304 	/* couldn't find useable FH with same pid, try any available */
2305 	if (!any_available) {
2306 		any_available = true;
2307 		goto refind_writable;
2308 	}
2309 
2310 	if (inv_file) {
2311 		any_available = false;
2312 		cifsFileInfo_get(inv_file);
2313 	}
2314 
2315 	spin_unlock(&cifs_inode->open_file_lock);
2316 
2317 	if (inv_file) {
2318 		rc = cifs_reopen_file(inv_file, false);
2319 		if (!rc) {
2320 			*ret_file = inv_file;
2321 			return 0;
2322 		}
2323 
2324 		spin_lock(&cifs_inode->open_file_lock);
2325 		list_move_tail(&inv_file->flist, &cifs_inode->openFileList);
2326 		spin_unlock(&cifs_inode->open_file_lock);
2327 		cifsFileInfo_put(inv_file);
2328 		++refind;
2329 		inv_file = NULL;
2330 		spin_lock(&cifs_inode->open_file_lock);
2331 		goto refind_writable;
2332 	}
2333 
2334 	return rc;
2335 }
2336 
2337 struct cifsFileInfo *
find_writable_file(struct cifsInodeInfo * cifs_inode,int flags)2338 find_writable_file(struct cifsInodeInfo *cifs_inode, int flags)
2339 {
2340 	struct cifsFileInfo *cfile;
2341 	int rc;
2342 
2343 	rc = cifs_get_writable_file(cifs_inode, flags, &cfile);
2344 	if (rc)
2345 		cifs_dbg(FYI, "Couldn't find writable handle rc=%d\n", rc);
2346 
2347 	return cfile;
2348 }
2349 
2350 int
cifs_get_writable_path(struct cifs_tcon * tcon,const char * name,int flags,struct cifsFileInfo ** ret_file)2351 cifs_get_writable_path(struct cifs_tcon *tcon, const char *name,
2352 		       int flags,
2353 		       struct cifsFileInfo **ret_file)
2354 {
2355 	struct cifsFileInfo *cfile;
2356 	void *page = alloc_dentry_path();
2357 
2358 	*ret_file = NULL;
2359 
2360 	spin_lock(&tcon->open_file_lock);
2361 	list_for_each_entry(cfile, &tcon->openFileList, tlist) {
2362 		struct cifsInodeInfo *cinode;
2363 		const char *full_path = build_path_from_dentry(cfile->dentry, page);
2364 		if (IS_ERR(full_path)) {
2365 			spin_unlock(&tcon->open_file_lock);
2366 			free_dentry_path(page);
2367 			return PTR_ERR(full_path);
2368 		}
2369 		if (strcmp(full_path, name))
2370 			continue;
2371 
2372 		cinode = CIFS_I(d_inode(cfile->dentry));
2373 		spin_unlock(&tcon->open_file_lock);
2374 		free_dentry_path(page);
2375 		return cifs_get_writable_file(cinode, flags, ret_file);
2376 	}
2377 
2378 	spin_unlock(&tcon->open_file_lock);
2379 	free_dentry_path(page);
2380 	return -ENOENT;
2381 }
2382 
2383 int
cifs_get_readable_path(struct cifs_tcon * tcon,const char * name,struct cifsFileInfo ** ret_file)2384 cifs_get_readable_path(struct cifs_tcon *tcon, const char *name,
2385 		       struct cifsFileInfo **ret_file)
2386 {
2387 	struct cifsFileInfo *cfile;
2388 	void *page = alloc_dentry_path();
2389 
2390 	*ret_file = NULL;
2391 
2392 	spin_lock(&tcon->open_file_lock);
2393 	list_for_each_entry(cfile, &tcon->openFileList, tlist) {
2394 		struct cifsInodeInfo *cinode;
2395 		const char *full_path = build_path_from_dentry(cfile->dentry, page);
2396 		if (IS_ERR(full_path)) {
2397 			spin_unlock(&tcon->open_file_lock);
2398 			free_dentry_path(page);
2399 			return PTR_ERR(full_path);
2400 		}
2401 		if (strcmp(full_path, name))
2402 			continue;
2403 
2404 		cinode = CIFS_I(d_inode(cfile->dentry));
2405 		spin_unlock(&tcon->open_file_lock);
2406 		free_dentry_path(page);
2407 		*ret_file = find_readable_file(cinode, 0);
2408 		return *ret_file ? 0 : -ENOENT;
2409 	}
2410 
2411 	spin_unlock(&tcon->open_file_lock);
2412 	free_dentry_path(page);
2413 	return -ENOENT;
2414 }
2415 
2416 void
cifs_writedata_release(struct kref * refcount)2417 cifs_writedata_release(struct kref *refcount)
2418 {
2419 	struct cifs_writedata *wdata = container_of(refcount,
2420 					struct cifs_writedata, refcount);
2421 #ifdef CONFIG_CIFS_SMB_DIRECT
2422 	if (wdata->mr) {
2423 		smbd_deregister_mr(wdata->mr);
2424 		wdata->mr = NULL;
2425 	}
2426 #endif
2427 
2428 	if (wdata->cfile)
2429 		cifsFileInfo_put(wdata->cfile);
2430 
2431 	kfree(wdata);
2432 }
2433 
2434 /*
2435  * Write failed with a retryable error. Resend the write request. It's also
2436  * possible that the page was redirtied so re-clean the page.
2437  */
2438 static void
cifs_writev_requeue(struct cifs_writedata * wdata)2439 cifs_writev_requeue(struct cifs_writedata *wdata)
2440 {
2441 	int rc = 0;
2442 	struct inode *inode = d_inode(wdata->cfile->dentry);
2443 	struct TCP_Server_Info *server;
2444 	unsigned int rest_len = wdata->bytes;
2445 	loff_t fpos = wdata->offset;
2446 
2447 	server = tlink_tcon(wdata->cfile->tlink)->ses->server;
2448 	do {
2449 		struct cifs_writedata *wdata2;
2450 		unsigned int wsize, cur_len;
2451 
2452 		wsize = server->ops->wp_retry_size(inode);
2453 		if (wsize < rest_len) {
2454 			if (wsize < PAGE_SIZE) {
2455 				rc = -EOPNOTSUPP;
2456 				break;
2457 			}
2458 			cur_len = min(round_down(wsize, PAGE_SIZE), rest_len);
2459 		} else {
2460 			cur_len = rest_len;
2461 		}
2462 
2463 		wdata2 = cifs_writedata_alloc(cifs_writev_complete);
2464 		if (!wdata2) {
2465 			rc = -ENOMEM;
2466 			break;
2467 		}
2468 
2469 		wdata2->sync_mode = wdata->sync_mode;
2470 		wdata2->offset	= fpos;
2471 		wdata2->bytes	= cur_len;
2472 		wdata2->iter	= wdata->iter;
2473 
2474 		iov_iter_advance(&wdata2->iter, fpos - wdata->offset);
2475 		iov_iter_truncate(&wdata2->iter, wdata2->bytes);
2476 
2477 		if (iov_iter_is_xarray(&wdata2->iter))
2478 			/* Check for pages having been redirtied and clean
2479 			 * them.  We can do this by walking the xarray.  If
2480 			 * it's not an xarray, then it's a DIO and we shouldn't
2481 			 * be mucking around with the page bits.
2482 			 */
2483 			cifs_undirty_folios(inode, fpos, cur_len);
2484 
2485 		rc = cifs_get_writable_file(CIFS_I(inode), FIND_WR_ANY,
2486 					    &wdata2->cfile);
2487 		if (!wdata2->cfile) {
2488 			cifs_dbg(VFS, "No writable handle to retry writepages rc=%d\n",
2489 				 rc);
2490 			if (!is_retryable_error(rc))
2491 				rc = -EBADF;
2492 		} else {
2493 			wdata2->pid = wdata2->cfile->pid;
2494 			rc = server->ops->async_writev(wdata2,
2495 						       cifs_writedata_release);
2496 		}
2497 
2498 		kref_put(&wdata2->refcount, cifs_writedata_release);
2499 		if (rc) {
2500 			if (is_retryable_error(rc))
2501 				continue;
2502 			fpos += cur_len;
2503 			rest_len -= cur_len;
2504 			break;
2505 		}
2506 
2507 		fpos += cur_len;
2508 		rest_len -= cur_len;
2509 	} while (rest_len > 0);
2510 
2511 	/* Clean up remaining pages from the original wdata */
2512 	if (iov_iter_is_xarray(&wdata->iter))
2513 		cifs_pages_write_failed(inode, fpos, rest_len);
2514 
2515 	if (rc != 0 && !is_retryable_error(rc))
2516 		mapping_set_error(inode->i_mapping, rc);
2517 	kref_put(&wdata->refcount, cifs_writedata_release);
2518 }
2519 
2520 void
cifs_writev_complete(struct work_struct * work)2521 cifs_writev_complete(struct work_struct *work)
2522 {
2523 	struct cifs_writedata *wdata = container_of(work,
2524 						struct cifs_writedata, work);
2525 	struct inode *inode = d_inode(wdata->cfile->dentry);
2526 
2527 	if (wdata->result == 0) {
2528 		spin_lock(&inode->i_lock);
2529 		cifs_update_eof(CIFS_I(inode), wdata->offset, wdata->bytes);
2530 		spin_unlock(&inode->i_lock);
2531 		cifs_stats_bytes_written(tlink_tcon(wdata->cfile->tlink),
2532 					 wdata->bytes);
2533 	} else if (wdata->sync_mode == WB_SYNC_ALL && wdata->result == -EAGAIN)
2534 		return cifs_writev_requeue(wdata);
2535 
2536 	if (wdata->result == -EAGAIN)
2537 		cifs_pages_write_redirty(inode, wdata->offset, wdata->bytes);
2538 	else if (wdata->result < 0)
2539 		cifs_pages_write_failed(inode, wdata->offset, wdata->bytes);
2540 	else
2541 		cifs_pages_written_back(inode, wdata->offset, wdata->bytes);
2542 
2543 	if (wdata->result != -EAGAIN)
2544 		mapping_set_error(inode->i_mapping, wdata->result);
2545 	kref_put(&wdata->refcount, cifs_writedata_release);
2546 }
2547 
cifs_writedata_alloc(work_func_t complete)2548 struct cifs_writedata *cifs_writedata_alloc(work_func_t complete)
2549 {
2550 	struct cifs_writedata *wdata;
2551 
2552 	wdata = kzalloc(sizeof(*wdata), GFP_NOFS);
2553 	if (wdata != NULL) {
2554 		kref_init(&wdata->refcount);
2555 		INIT_LIST_HEAD(&wdata->list);
2556 		init_completion(&wdata->done);
2557 		INIT_WORK(&wdata->work, complete);
2558 	}
2559 	return wdata;
2560 }
2561 
cifs_partialpagewrite(struct page * page,unsigned from,unsigned to)2562 static int cifs_partialpagewrite(struct page *page, unsigned from, unsigned to)
2563 {
2564 	struct address_space *mapping = page->mapping;
2565 	loff_t offset = (loff_t)page->index << PAGE_SHIFT;
2566 	char *write_data;
2567 	int rc = -EFAULT;
2568 	int bytes_written = 0;
2569 	struct inode *inode;
2570 	struct cifsFileInfo *open_file;
2571 
2572 	if (!mapping || !mapping->host)
2573 		return -EFAULT;
2574 
2575 	inode = page->mapping->host;
2576 
2577 	offset += (loff_t)from;
2578 	write_data = kmap(page);
2579 	write_data += from;
2580 
2581 	if ((to > PAGE_SIZE) || (from > to)) {
2582 		kunmap(page);
2583 		return -EIO;
2584 	}
2585 
2586 	/* racing with truncate? */
2587 	if (offset > mapping->host->i_size) {
2588 		kunmap(page);
2589 		return 0; /* don't care */
2590 	}
2591 
2592 	/* check to make sure that we are not extending the file */
2593 	if (mapping->host->i_size - offset < (loff_t)to)
2594 		to = (unsigned)(mapping->host->i_size - offset);
2595 
2596 	rc = cifs_get_writable_file(CIFS_I(mapping->host), FIND_WR_ANY,
2597 				    &open_file);
2598 	if (!rc) {
2599 		bytes_written = cifs_write(open_file, open_file->pid,
2600 					   write_data, to - from, &offset);
2601 		cifsFileInfo_put(open_file);
2602 		/* Does mm or vfs already set times? */
2603 		simple_inode_init_ts(inode);
2604 		if ((bytes_written > 0) && (offset))
2605 			rc = 0;
2606 		else if (bytes_written < 0)
2607 			rc = bytes_written;
2608 		else
2609 			rc = -EFAULT;
2610 	} else {
2611 		cifs_dbg(FYI, "No writable handle for write page rc=%d\n", rc);
2612 		if (!is_retryable_error(rc))
2613 			rc = -EIO;
2614 	}
2615 
2616 	kunmap(page);
2617 	return rc;
2618 }
2619 
2620 /*
2621  * Extend the region to be written back to include subsequent contiguously
2622  * dirty pages if possible, but don't sleep while doing so.
2623  */
cifs_extend_writeback(struct address_space * mapping,long * _count,loff_t start,int max_pages,size_t max_len,unsigned int * _len)2624 static void cifs_extend_writeback(struct address_space *mapping,
2625 				  long *_count,
2626 				  loff_t start,
2627 				  int max_pages,
2628 				  size_t max_len,
2629 				  unsigned int *_len)
2630 {
2631 	struct folio_batch batch;
2632 	struct folio *folio;
2633 	unsigned int psize, nr_pages;
2634 	size_t len = *_len;
2635 	pgoff_t index = (start + len) / PAGE_SIZE;
2636 	bool stop = true;
2637 	unsigned int i;
2638 	XA_STATE(xas, &mapping->i_pages, index);
2639 
2640 	folio_batch_init(&batch);
2641 
2642 	do {
2643 		/* Firstly, we gather up a batch of contiguous dirty pages
2644 		 * under the RCU read lock - but we can't clear the dirty flags
2645 		 * there if any of those pages are mapped.
2646 		 */
2647 		rcu_read_lock();
2648 
2649 		xas_for_each(&xas, folio, ULONG_MAX) {
2650 			stop = true;
2651 			if (xas_retry(&xas, folio))
2652 				continue;
2653 			if (xa_is_value(folio))
2654 				break;
2655 			if (folio_index(folio) != index)
2656 				break;
2657 			if (!folio_try_get_rcu(folio)) {
2658 				xas_reset(&xas);
2659 				continue;
2660 			}
2661 			nr_pages = folio_nr_pages(folio);
2662 			if (nr_pages > max_pages)
2663 				break;
2664 
2665 			/* Has the page moved or been split? */
2666 			if (unlikely(folio != xas_reload(&xas))) {
2667 				folio_put(folio);
2668 				break;
2669 			}
2670 
2671 			if (!folio_trylock(folio)) {
2672 				folio_put(folio);
2673 				break;
2674 			}
2675 			if (!folio_test_dirty(folio) || folio_test_writeback(folio)) {
2676 				folio_unlock(folio);
2677 				folio_put(folio);
2678 				break;
2679 			}
2680 
2681 			max_pages -= nr_pages;
2682 			psize = folio_size(folio);
2683 			len += psize;
2684 			stop = false;
2685 			if (max_pages <= 0 || len >= max_len || *_count <= 0)
2686 				stop = true;
2687 
2688 			index += nr_pages;
2689 			if (!folio_batch_add(&batch, folio))
2690 				break;
2691 			if (stop)
2692 				break;
2693 		}
2694 
2695 		if (!stop)
2696 			xas_pause(&xas);
2697 		rcu_read_unlock();
2698 
2699 		/* Now, if we obtained any pages, we can shift them to being
2700 		 * writable and mark them for caching.
2701 		 */
2702 		if (!folio_batch_count(&batch))
2703 			break;
2704 
2705 		for (i = 0; i < folio_batch_count(&batch); i++) {
2706 			folio = batch.folios[i];
2707 			/* The folio should be locked, dirty and not undergoing
2708 			 * writeback from the loop above.
2709 			 */
2710 			if (!folio_clear_dirty_for_io(folio))
2711 				WARN_ON(1);
2712 			if (folio_start_writeback(folio))
2713 				WARN_ON(1);
2714 
2715 			*_count -= folio_nr_pages(folio);
2716 			folio_unlock(folio);
2717 		}
2718 
2719 		folio_batch_release(&batch);
2720 		cond_resched();
2721 	} while (!stop);
2722 
2723 	*_len = len;
2724 }
2725 
2726 /*
2727  * Write back the locked page and any subsequent non-locked dirty pages.
2728  */
cifs_write_back_from_locked_folio(struct address_space * mapping,struct writeback_control * wbc,struct folio * folio,loff_t start,loff_t end)2729 static ssize_t cifs_write_back_from_locked_folio(struct address_space *mapping,
2730 						 struct writeback_control *wbc,
2731 						 struct folio *folio,
2732 						 loff_t start, loff_t end)
2733 {
2734 	struct inode *inode = mapping->host;
2735 	struct TCP_Server_Info *server;
2736 	struct cifs_writedata *wdata;
2737 	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
2738 	struct cifs_credits credits_on_stack;
2739 	struct cifs_credits *credits = &credits_on_stack;
2740 	struct cifsFileInfo *cfile = NULL;
2741 	unsigned int xid, wsize, len;
2742 	loff_t i_size = i_size_read(inode);
2743 	size_t max_len;
2744 	long count = wbc->nr_to_write;
2745 	int rc;
2746 
2747 	/* The folio should be locked, dirty and not undergoing writeback. */
2748 	if (folio_start_writeback(folio))
2749 		WARN_ON(1);
2750 
2751 	count -= folio_nr_pages(folio);
2752 	len = folio_size(folio);
2753 
2754 	xid = get_xid();
2755 	server = cifs_pick_channel(cifs_sb_master_tcon(cifs_sb)->ses);
2756 
2757 	rc = cifs_get_writable_file(CIFS_I(inode), FIND_WR_ANY, &cfile);
2758 	if (rc) {
2759 		cifs_dbg(VFS, "No writable handle in writepages rc=%d\n", rc);
2760 		goto err_xid;
2761 	}
2762 
2763 	rc = server->ops->wait_mtu_credits(server, cifs_sb->ctx->wsize,
2764 					   &wsize, credits);
2765 	if (rc != 0)
2766 		goto err_close;
2767 
2768 	wdata = cifs_writedata_alloc(cifs_writev_complete);
2769 	if (!wdata) {
2770 		rc = -ENOMEM;
2771 		goto err_uncredit;
2772 	}
2773 
2774 	wdata->sync_mode = wbc->sync_mode;
2775 	wdata->offset = folio_pos(folio);
2776 	wdata->pid = cfile->pid;
2777 	wdata->credits = credits_on_stack;
2778 	wdata->cfile = cfile;
2779 	wdata->server = server;
2780 	cfile = NULL;
2781 
2782 	/* Find all consecutive lockable dirty pages, stopping when we find a
2783 	 * page that is not immediately lockable, is not dirty or is missing,
2784 	 * or we reach the end of the range.
2785 	 */
2786 	if (start < i_size) {
2787 		/* Trim the write to the EOF; the extra data is ignored.  Also
2788 		 * put an upper limit on the size of a single storedata op.
2789 		 */
2790 		max_len = wsize;
2791 		max_len = min_t(unsigned long long, max_len, end - start + 1);
2792 		max_len = min_t(unsigned long long, max_len, i_size - start);
2793 
2794 		if (len < max_len) {
2795 			int max_pages = INT_MAX;
2796 
2797 #ifdef CONFIG_CIFS_SMB_DIRECT
2798 			if (server->smbd_conn)
2799 				max_pages = server->smbd_conn->max_frmr_depth;
2800 #endif
2801 			max_pages -= folio_nr_pages(folio);
2802 
2803 			if (max_pages > 0)
2804 				cifs_extend_writeback(mapping, &count, start,
2805 						      max_pages, max_len, &len);
2806 		}
2807 		len = min_t(loff_t, len, max_len);
2808 	}
2809 
2810 	wdata->bytes = len;
2811 
2812 	/* We now have a contiguous set of dirty pages, each with writeback
2813 	 * set; the first page is still locked at this point, but all the rest
2814 	 * have been unlocked.
2815 	 */
2816 	folio_unlock(folio);
2817 
2818 	if (start < i_size) {
2819 		iov_iter_xarray(&wdata->iter, ITER_SOURCE, &mapping->i_pages,
2820 				start, len);
2821 
2822 		rc = adjust_credits(wdata->server, &wdata->credits, wdata->bytes);
2823 		if (rc)
2824 			goto err_wdata;
2825 
2826 		if (wdata->cfile->invalidHandle)
2827 			rc = -EAGAIN;
2828 		else
2829 			rc = wdata->server->ops->async_writev(wdata,
2830 							      cifs_writedata_release);
2831 		if (rc >= 0) {
2832 			kref_put(&wdata->refcount, cifs_writedata_release);
2833 			goto err_close;
2834 		}
2835 	} else {
2836 		/* The dirty region was entirely beyond the EOF. */
2837 		cifs_pages_written_back(inode, start, len);
2838 		rc = 0;
2839 	}
2840 
2841 err_wdata:
2842 	kref_put(&wdata->refcount, cifs_writedata_release);
2843 err_uncredit:
2844 	add_credits_and_wake_if(server, credits, 0);
2845 err_close:
2846 	if (cfile)
2847 		cifsFileInfo_put(cfile);
2848 err_xid:
2849 	free_xid(xid);
2850 	if (rc == 0) {
2851 		wbc->nr_to_write = count;
2852 		rc = len;
2853 	} else if (is_retryable_error(rc)) {
2854 		cifs_pages_write_redirty(inode, start, len);
2855 	} else {
2856 		cifs_pages_write_failed(inode, start, len);
2857 		mapping_set_error(mapping, rc);
2858 	}
2859 	/* Indication to update ctime and mtime as close is deferred */
2860 	set_bit(CIFS_INO_MODIFIED_ATTR, &CIFS_I(inode)->flags);
2861 	return rc;
2862 }
2863 
2864 /*
2865  * write a region of pages back to the server
2866  */
cifs_writepages_region(struct address_space * mapping,struct writeback_control * wbc,loff_t start,loff_t end,loff_t * _next)2867 static int cifs_writepages_region(struct address_space *mapping,
2868 				  struct writeback_control *wbc,
2869 				  loff_t start, loff_t end, loff_t *_next)
2870 {
2871 	struct folio_batch fbatch;
2872 	int skips = 0;
2873 
2874 	folio_batch_init(&fbatch);
2875 	do {
2876 		int nr;
2877 		pgoff_t index = start / PAGE_SIZE;
2878 
2879 		nr = filemap_get_folios_tag(mapping, &index, end / PAGE_SIZE,
2880 					    PAGECACHE_TAG_DIRTY, &fbatch);
2881 		if (!nr)
2882 			break;
2883 
2884 		for (int i = 0; i < nr; i++) {
2885 			ssize_t ret;
2886 			struct folio *folio = fbatch.folios[i];
2887 
2888 redo_folio:
2889 			start = folio_pos(folio); /* May regress with THPs */
2890 
2891 			/* At this point we hold neither the i_pages lock nor the
2892 			 * page lock: the page may be truncated or invalidated
2893 			 * (changing page->mapping to NULL), or even swizzled
2894 			 * back from swapper_space to tmpfs file mapping
2895 			 */
2896 			if (wbc->sync_mode != WB_SYNC_NONE) {
2897 				ret = folio_lock_killable(folio);
2898 				if (ret < 0)
2899 					goto write_error;
2900 			} else {
2901 				if (!folio_trylock(folio))
2902 					goto skip_write;
2903 			}
2904 
2905 			if (folio_mapping(folio) != mapping ||
2906 			    !folio_test_dirty(folio)) {
2907 				start += folio_size(folio);
2908 				folio_unlock(folio);
2909 				continue;
2910 			}
2911 
2912 			if (folio_test_writeback(folio) ||
2913 			    folio_test_fscache(folio)) {
2914 				folio_unlock(folio);
2915 				if (wbc->sync_mode == WB_SYNC_NONE)
2916 					goto skip_write;
2917 
2918 				folio_wait_writeback(folio);
2919 #ifdef CONFIG_CIFS_FSCACHE
2920 				folio_wait_fscache(folio);
2921 #endif
2922 				goto redo_folio;
2923 			}
2924 
2925 			if (!folio_clear_dirty_for_io(folio))
2926 				/* We hold the page lock - it should've been dirty. */
2927 				WARN_ON(1);
2928 
2929 			ret = cifs_write_back_from_locked_folio(mapping, wbc, folio, start, end);
2930 			if (ret < 0)
2931 				goto write_error;
2932 
2933 			start += ret;
2934 			continue;
2935 
2936 write_error:
2937 			folio_batch_release(&fbatch);
2938 			*_next = start;
2939 			return ret;
2940 
2941 skip_write:
2942 			/*
2943 			 * Too many skipped writes, or need to reschedule?
2944 			 * Treat it as a write error without an error code.
2945 			 */
2946 			if (skips >= 5 || need_resched()) {
2947 				ret = 0;
2948 				goto write_error;
2949 			}
2950 
2951 			/* Otherwise, just skip that folio and go on to the next */
2952 			skips++;
2953 			start += folio_size(folio);
2954 			continue;
2955 		}
2956 
2957 		folio_batch_release(&fbatch);
2958 		cond_resched();
2959 	} while (wbc->nr_to_write > 0);
2960 
2961 	*_next = start;
2962 	return 0;
2963 }
2964 
2965 /*
2966  * Write some of the pending data back to the server
2967  */
cifs_writepages(struct address_space * mapping,struct writeback_control * wbc)2968 static int cifs_writepages(struct address_space *mapping,
2969 			   struct writeback_control *wbc)
2970 {
2971 	loff_t start, next;
2972 	int ret;
2973 
2974 	/* We have to be careful as we can end up racing with setattr()
2975 	 * truncating the pagecache since the caller doesn't take a lock here
2976 	 * to prevent it.
2977 	 */
2978 
2979 	if (wbc->range_cyclic) {
2980 		start = mapping->writeback_index * PAGE_SIZE;
2981 		ret = cifs_writepages_region(mapping, wbc, start, LLONG_MAX, &next);
2982 		if (ret == 0) {
2983 			mapping->writeback_index = next / PAGE_SIZE;
2984 			if (start > 0 && wbc->nr_to_write > 0) {
2985 				ret = cifs_writepages_region(mapping, wbc, 0,
2986 							     start, &next);
2987 				if (ret == 0)
2988 					mapping->writeback_index =
2989 						next / PAGE_SIZE;
2990 			}
2991 		}
2992 	} else if (wbc->range_start == 0 && wbc->range_end == LLONG_MAX) {
2993 		ret = cifs_writepages_region(mapping, wbc, 0, LLONG_MAX, &next);
2994 		if (wbc->nr_to_write > 0 && ret == 0)
2995 			mapping->writeback_index = next / PAGE_SIZE;
2996 	} else {
2997 		ret = cifs_writepages_region(mapping, wbc,
2998 					     wbc->range_start, wbc->range_end, &next);
2999 	}
3000 
3001 	return ret;
3002 }
3003 
3004 static int
cifs_writepage_locked(struct page * page,struct writeback_control * wbc)3005 cifs_writepage_locked(struct page *page, struct writeback_control *wbc)
3006 {
3007 	int rc;
3008 	unsigned int xid;
3009 
3010 	xid = get_xid();
3011 /* BB add check for wbc flags */
3012 	get_page(page);
3013 	if (!PageUptodate(page))
3014 		cifs_dbg(FYI, "ppw - page not up to date\n");
3015 
3016 	/*
3017 	 * Set the "writeback" flag, and clear "dirty" in the radix tree.
3018 	 *
3019 	 * A writepage() implementation always needs to do either this,
3020 	 * or re-dirty the page with "redirty_page_for_writepage()" in
3021 	 * the case of a failure.
3022 	 *
3023 	 * Just unlocking the page will cause the radix tree tag-bits
3024 	 * to fail to update with the state of the page correctly.
3025 	 */
3026 	set_page_writeback(page);
3027 retry_write:
3028 	rc = cifs_partialpagewrite(page, 0, PAGE_SIZE);
3029 	if (is_retryable_error(rc)) {
3030 		if (wbc->sync_mode == WB_SYNC_ALL && rc == -EAGAIN)
3031 			goto retry_write;
3032 		redirty_page_for_writepage(wbc, page);
3033 	} else if (rc != 0) {
3034 		SetPageError(page);
3035 		mapping_set_error(page->mapping, rc);
3036 	} else {
3037 		SetPageUptodate(page);
3038 	}
3039 	end_page_writeback(page);
3040 	put_page(page);
3041 	free_xid(xid);
3042 	return rc;
3043 }
3044 
cifs_write_end(struct file * file,struct address_space * mapping,loff_t pos,unsigned len,unsigned copied,struct page * page,void * fsdata)3045 static int cifs_write_end(struct file *file, struct address_space *mapping,
3046 			loff_t pos, unsigned len, unsigned copied,
3047 			struct page *page, void *fsdata)
3048 {
3049 	int rc;
3050 	struct inode *inode = mapping->host;
3051 	struct cifsFileInfo *cfile = file->private_data;
3052 	struct cifs_sb_info *cifs_sb = CIFS_SB(cfile->dentry->d_sb);
3053 	struct folio *folio = page_folio(page);
3054 	__u32 pid;
3055 
3056 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
3057 		pid = cfile->pid;
3058 	else
3059 		pid = current->tgid;
3060 
3061 	cifs_dbg(FYI, "write_end for page %p from pos %lld with %d bytes\n",
3062 		 page, pos, copied);
3063 
3064 	if (folio_test_checked(folio)) {
3065 		if (copied == len)
3066 			folio_mark_uptodate(folio);
3067 		folio_clear_checked(folio);
3068 	} else if (!folio_test_uptodate(folio) && copied == PAGE_SIZE)
3069 		folio_mark_uptodate(folio);
3070 
3071 	if (!folio_test_uptodate(folio)) {
3072 		char *page_data;
3073 		unsigned offset = pos & (PAGE_SIZE - 1);
3074 		unsigned int xid;
3075 
3076 		xid = get_xid();
3077 		/* this is probably better than directly calling
3078 		   partialpage_write since in this function the file handle is
3079 		   known which we might as well	leverage */
3080 		/* BB check if anything else missing out of ppw
3081 		   such as updating last write time */
3082 		page_data = kmap(page);
3083 		rc = cifs_write(cfile, pid, page_data + offset, copied, &pos);
3084 		/* if (rc < 0) should we set writebehind rc? */
3085 		kunmap(page);
3086 
3087 		free_xid(xid);
3088 	} else {
3089 		rc = copied;
3090 		pos += copied;
3091 		set_page_dirty(page);
3092 	}
3093 
3094 	if (rc > 0) {
3095 		spin_lock(&inode->i_lock);
3096 		if (pos > inode->i_size) {
3097 			i_size_write(inode, pos);
3098 			inode->i_blocks = (512 - 1 + pos) >> 9;
3099 		}
3100 		spin_unlock(&inode->i_lock);
3101 	}
3102 
3103 	unlock_page(page);
3104 	put_page(page);
3105 	/* Indication to update ctime and mtime as close is deferred */
3106 	set_bit(CIFS_INO_MODIFIED_ATTR, &CIFS_I(inode)->flags);
3107 
3108 	return rc;
3109 }
3110 
cifs_strict_fsync(struct file * file,loff_t start,loff_t end,int datasync)3111 int cifs_strict_fsync(struct file *file, loff_t start, loff_t end,
3112 		      int datasync)
3113 {
3114 	unsigned int xid;
3115 	int rc = 0;
3116 	struct cifs_tcon *tcon;
3117 	struct TCP_Server_Info *server;
3118 	struct cifsFileInfo *smbfile = file->private_data;
3119 	struct inode *inode = file_inode(file);
3120 	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
3121 
3122 	rc = file_write_and_wait_range(file, start, end);
3123 	if (rc) {
3124 		trace_cifs_fsync_err(inode->i_ino, rc);
3125 		return rc;
3126 	}
3127 
3128 	xid = get_xid();
3129 
3130 	cifs_dbg(FYI, "Sync file - name: %pD datasync: 0x%x\n",
3131 		 file, datasync);
3132 
3133 	if (!CIFS_CACHE_READ(CIFS_I(inode))) {
3134 		rc = cifs_zap_mapping(inode);
3135 		if (rc) {
3136 			cifs_dbg(FYI, "rc: %d during invalidate phase\n", rc);
3137 			rc = 0; /* don't care about it in fsync */
3138 		}
3139 	}
3140 
3141 	tcon = tlink_tcon(smbfile->tlink);
3142 	if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOSSYNC)) {
3143 		server = tcon->ses->server;
3144 		if (server->ops->flush == NULL) {
3145 			rc = -ENOSYS;
3146 			goto strict_fsync_exit;
3147 		}
3148 
3149 		if ((OPEN_FMODE(smbfile->f_flags) & FMODE_WRITE) == 0) {
3150 			smbfile = find_writable_file(CIFS_I(inode), FIND_WR_ANY);
3151 			if (smbfile) {
3152 				rc = server->ops->flush(xid, tcon, &smbfile->fid);
3153 				cifsFileInfo_put(smbfile);
3154 			} else
3155 				cifs_dbg(FYI, "ignore fsync for file not open for write\n");
3156 		} else
3157 			rc = server->ops->flush(xid, tcon, &smbfile->fid);
3158 	}
3159 
3160 strict_fsync_exit:
3161 	free_xid(xid);
3162 	return rc;
3163 }
3164 
cifs_fsync(struct file * file,loff_t start,loff_t end,int datasync)3165 int cifs_fsync(struct file *file, loff_t start, loff_t end, int datasync)
3166 {
3167 	unsigned int xid;
3168 	int rc = 0;
3169 	struct cifs_tcon *tcon;
3170 	struct TCP_Server_Info *server;
3171 	struct cifsFileInfo *smbfile = file->private_data;
3172 	struct inode *inode = file_inode(file);
3173 	struct cifs_sb_info *cifs_sb = CIFS_FILE_SB(file);
3174 
3175 	rc = file_write_and_wait_range(file, start, end);
3176 	if (rc) {
3177 		trace_cifs_fsync_err(file_inode(file)->i_ino, rc);
3178 		return rc;
3179 	}
3180 
3181 	xid = get_xid();
3182 
3183 	cifs_dbg(FYI, "Sync file - name: %pD datasync: 0x%x\n",
3184 		 file, datasync);
3185 
3186 	tcon = tlink_tcon(smbfile->tlink);
3187 	if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOSSYNC)) {
3188 		server = tcon->ses->server;
3189 		if (server->ops->flush == NULL) {
3190 			rc = -ENOSYS;
3191 			goto fsync_exit;
3192 		}
3193 
3194 		if ((OPEN_FMODE(smbfile->f_flags) & FMODE_WRITE) == 0) {
3195 			smbfile = find_writable_file(CIFS_I(inode), FIND_WR_ANY);
3196 			if (smbfile) {
3197 				rc = server->ops->flush(xid, tcon, &smbfile->fid);
3198 				cifsFileInfo_put(smbfile);
3199 			} else
3200 				cifs_dbg(FYI, "ignore fsync for file not open for write\n");
3201 		} else
3202 			rc = server->ops->flush(xid, tcon, &smbfile->fid);
3203 	}
3204 
3205 fsync_exit:
3206 	free_xid(xid);
3207 	return rc;
3208 }
3209 
3210 /*
3211  * As file closes, flush all cached write data for this inode checking
3212  * for write behind errors.
3213  */
cifs_flush(struct file * file,fl_owner_t id)3214 int cifs_flush(struct file *file, fl_owner_t id)
3215 {
3216 	struct inode *inode = file_inode(file);
3217 	int rc = 0;
3218 
3219 	if (file->f_mode & FMODE_WRITE)
3220 		rc = filemap_write_and_wait(inode->i_mapping);
3221 
3222 	cifs_dbg(FYI, "Flush inode %p file %p rc %d\n", inode, file, rc);
3223 	if (rc) {
3224 		/* get more nuanced writeback errors */
3225 		rc = filemap_check_wb_err(file->f_mapping, 0);
3226 		trace_cifs_flush_err(inode->i_ino, rc);
3227 	}
3228 	return rc;
3229 }
3230 
3231 static void
cifs_uncached_writedata_release(struct kref * refcount)3232 cifs_uncached_writedata_release(struct kref *refcount)
3233 {
3234 	struct cifs_writedata *wdata = container_of(refcount,
3235 					struct cifs_writedata, refcount);
3236 
3237 	kref_put(&wdata->ctx->refcount, cifs_aio_ctx_release);
3238 	cifs_writedata_release(refcount);
3239 }
3240 
3241 static void collect_uncached_write_data(struct cifs_aio_ctx *ctx);
3242 
3243 static void
cifs_uncached_writev_complete(struct work_struct * work)3244 cifs_uncached_writev_complete(struct work_struct *work)
3245 {
3246 	struct cifs_writedata *wdata = container_of(work,
3247 					struct cifs_writedata, work);
3248 	struct inode *inode = d_inode(wdata->cfile->dentry);
3249 	struct cifsInodeInfo *cifsi = CIFS_I(inode);
3250 
3251 	spin_lock(&inode->i_lock);
3252 	cifs_update_eof(cifsi, wdata->offset, wdata->bytes);
3253 	if (cifsi->server_eof > inode->i_size)
3254 		i_size_write(inode, cifsi->server_eof);
3255 	spin_unlock(&inode->i_lock);
3256 
3257 	complete(&wdata->done);
3258 	collect_uncached_write_data(wdata->ctx);
3259 	/* the below call can possibly free the last ref to aio ctx */
3260 	kref_put(&wdata->refcount, cifs_uncached_writedata_release);
3261 }
3262 
3263 static int
cifs_resend_wdata(struct cifs_writedata * wdata,struct list_head * wdata_list,struct cifs_aio_ctx * ctx)3264 cifs_resend_wdata(struct cifs_writedata *wdata, struct list_head *wdata_list,
3265 	struct cifs_aio_ctx *ctx)
3266 {
3267 	unsigned int wsize;
3268 	struct cifs_credits credits;
3269 	int rc;
3270 	struct TCP_Server_Info *server = wdata->server;
3271 
3272 	do {
3273 		if (wdata->cfile->invalidHandle) {
3274 			rc = cifs_reopen_file(wdata->cfile, false);
3275 			if (rc == -EAGAIN)
3276 				continue;
3277 			else if (rc)
3278 				break;
3279 		}
3280 
3281 
3282 		/*
3283 		 * Wait for credits to resend this wdata.
3284 		 * Note: we are attempting to resend the whole wdata not in
3285 		 * segments
3286 		 */
3287 		do {
3288 			rc = server->ops->wait_mtu_credits(server, wdata->bytes,
3289 						&wsize, &credits);
3290 			if (rc)
3291 				goto fail;
3292 
3293 			if (wsize < wdata->bytes) {
3294 				add_credits_and_wake_if(server, &credits, 0);
3295 				msleep(1000);
3296 			}
3297 		} while (wsize < wdata->bytes);
3298 		wdata->credits = credits;
3299 
3300 		rc = adjust_credits(server, &wdata->credits, wdata->bytes);
3301 
3302 		if (!rc) {
3303 			if (wdata->cfile->invalidHandle)
3304 				rc = -EAGAIN;
3305 			else {
3306 #ifdef CONFIG_CIFS_SMB_DIRECT
3307 				if (wdata->mr) {
3308 					wdata->mr->need_invalidate = true;
3309 					smbd_deregister_mr(wdata->mr);
3310 					wdata->mr = NULL;
3311 				}
3312 #endif
3313 				rc = server->ops->async_writev(wdata,
3314 					cifs_uncached_writedata_release);
3315 			}
3316 		}
3317 
3318 		/* If the write was successfully sent, we are done */
3319 		if (!rc) {
3320 			list_add_tail(&wdata->list, wdata_list);
3321 			return 0;
3322 		}
3323 
3324 		/* Roll back credits and retry if needed */
3325 		add_credits_and_wake_if(server, &wdata->credits, 0);
3326 	} while (rc == -EAGAIN);
3327 
3328 fail:
3329 	kref_put(&wdata->refcount, cifs_uncached_writedata_release);
3330 	return rc;
3331 }
3332 
3333 /*
3334  * Select span of a bvec iterator we're going to use.  Limit it by both maximum
3335  * size and maximum number of segments.
3336  */
cifs_limit_bvec_subset(const struct iov_iter * iter,size_t max_size,size_t max_segs,unsigned int * _nsegs)3337 static size_t cifs_limit_bvec_subset(const struct iov_iter *iter, size_t max_size,
3338 				     size_t max_segs, unsigned int *_nsegs)
3339 {
3340 	const struct bio_vec *bvecs = iter->bvec;
3341 	unsigned int nbv = iter->nr_segs, ix = 0, nsegs = 0;
3342 	size_t len, span = 0, n = iter->count;
3343 	size_t skip = iter->iov_offset;
3344 
3345 	if (WARN_ON(!iov_iter_is_bvec(iter)) || n == 0)
3346 		return 0;
3347 
3348 	while (n && ix < nbv && skip) {
3349 		len = bvecs[ix].bv_len;
3350 		if (skip < len)
3351 			break;
3352 		skip -= len;
3353 		n -= len;
3354 		ix++;
3355 	}
3356 
3357 	while (n && ix < nbv) {
3358 		len = min3(n, bvecs[ix].bv_len - skip, max_size);
3359 		span += len;
3360 		max_size -= len;
3361 		nsegs++;
3362 		ix++;
3363 		if (max_size == 0 || nsegs >= max_segs)
3364 			break;
3365 		skip = 0;
3366 		n -= len;
3367 	}
3368 
3369 	*_nsegs = nsegs;
3370 	return span;
3371 }
3372 
3373 static int
cifs_write_from_iter(loff_t fpos,size_t len,struct iov_iter * from,struct cifsFileInfo * open_file,struct cifs_sb_info * cifs_sb,struct list_head * wdata_list,struct cifs_aio_ctx * ctx)3374 cifs_write_from_iter(loff_t fpos, size_t len, struct iov_iter *from,
3375 		     struct cifsFileInfo *open_file,
3376 		     struct cifs_sb_info *cifs_sb, struct list_head *wdata_list,
3377 		     struct cifs_aio_ctx *ctx)
3378 {
3379 	int rc = 0;
3380 	size_t cur_len, max_len;
3381 	struct cifs_writedata *wdata;
3382 	pid_t pid;
3383 	struct TCP_Server_Info *server;
3384 	unsigned int xid, max_segs = INT_MAX;
3385 
3386 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
3387 		pid = open_file->pid;
3388 	else
3389 		pid = current->tgid;
3390 
3391 	server = cifs_pick_channel(tlink_tcon(open_file->tlink)->ses);
3392 	xid = get_xid();
3393 
3394 #ifdef CONFIG_CIFS_SMB_DIRECT
3395 	if (server->smbd_conn)
3396 		max_segs = server->smbd_conn->max_frmr_depth;
3397 #endif
3398 
3399 	do {
3400 		struct cifs_credits credits_on_stack;
3401 		struct cifs_credits *credits = &credits_on_stack;
3402 		unsigned int wsize, nsegs = 0;
3403 
3404 		if (signal_pending(current)) {
3405 			rc = -EINTR;
3406 			break;
3407 		}
3408 
3409 		if (open_file->invalidHandle) {
3410 			rc = cifs_reopen_file(open_file, false);
3411 			if (rc == -EAGAIN)
3412 				continue;
3413 			else if (rc)
3414 				break;
3415 		}
3416 
3417 		rc = server->ops->wait_mtu_credits(server, cifs_sb->ctx->wsize,
3418 						   &wsize, credits);
3419 		if (rc)
3420 			break;
3421 
3422 		max_len = min_t(const size_t, len, wsize);
3423 		if (!max_len) {
3424 			rc = -EAGAIN;
3425 			add_credits_and_wake_if(server, credits, 0);
3426 			break;
3427 		}
3428 
3429 		cur_len = cifs_limit_bvec_subset(from, max_len, max_segs, &nsegs);
3430 		cifs_dbg(FYI, "write_from_iter len=%zx/%zx nsegs=%u/%lu/%u\n",
3431 			 cur_len, max_len, nsegs, from->nr_segs, max_segs);
3432 		if (cur_len == 0) {
3433 			rc = -EIO;
3434 			add_credits_and_wake_if(server, credits, 0);
3435 			break;
3436 		}
3437 
3438 		wdata = cifs_writedata_alloc(cifs_uncached_writev_complete);
3439 		if (!wdata) {
3440 			rc = -ENOMEM;
3441 			add_credits_and_wake_if(server, credits, 0);
3442 			break;
3443 		}
3444 
3445 		wdata->sync_mode = WB_SYNC_ALL;
3446 		wdata->offset	= (__u64)fpos;
3447 		wdata->cfile	= cifsFileInfo_get(open_file);
3448 		wdata->server	= server;
3449 		wdata->pid	= pid;
3450 		wdata->bytes	= cur_len;
3451 		wdata->credits	= credits_on_stack;
3452 		wdata->iter	= *from;
3453 		wdata->ctx	= ctx;
3454 		kref_get(&ctx->refcount);
3455 
3456 		iov_iter_truncate(&wdata->iter, cur_len);
3457 
3458 		rc = adjust_credits(server, &wdata->credits, wdata->bytes);
3459 
3460 		if (!rc) {
3461 			if (wdata->cfile->invalidHandle)
3462 				rc = -EAGAIN;
3463 			else
3464 				rc = server->ops->async_writev(wdata,
3465 					cifs_uncached_writedata_release);
3466 		}
3467 
3468 		if (rc) {
3469 			add_credits_and_wake_if(server, &wdata->credits, 0);
3470 			kref_put(&wdata->refcount,
3471 				 cifs_uncached_writedata_release);
3472 			if (rc == -EAGAIN)
3473 				continue;
3474 			break;
3475 		}
3476 
3477 		list_add_tail(&wdata->list, wdata_list);
3478 		iov_iter_advance(from, cur_len);
3479 		fpos += cur_len;
3480 		len -= cur_len;
3481 	} while (len > 0);
3482 
3483 	free_xid(xid);
3484 	return rc;
3485 }
3486 
collect_uncached_write_data(struct cifs_aio_ctx * ctx)3487 static void collect_uncached_write_data(struct cifs_aio_ctx *ctx)
3488 {
3489 	struct cifs_writedata *wdata, *tmp;
3490 	struct cifs_tcon *tcon;
3491 	struct cifs_sb_info *cifs_sb;
3492 	struct dentry *dentry = ctx->cfile->dentry;
3493 	ssize_t rc;
3494 
3495 	tcon = tlink_tcon(ctx->cfile->tlink);
3496 	cifs_sb = CIFS_SB(dentry->d_sb);
3497 
3498 	mutex_lock(&ctx->aio_mutex);
3499 
3500 	if (list_empty(&ctx->list)) {
3501 		mutex_unlock(&ctx->aio_mutex);
3502 		return;
3503 	}
3504 
3505 	rc = ctx->rc;
3506 	/*
3507 	 * Wait for and collect replies for any successful sends in order of
3508 	 * increasing offset. Once an error is hit, then return without waiting
3509 	 * for any more replies.
3510 	 */
3511 restart_loop:
3512 	list_for_each_entry_safe(wdata, tmp, &ctx->list, list) {
3513 		if (!rc) {
3514 			if (!try_wait_for_completion(&wdata->done)) {
3515 				mutex_unlock(&ctx->aio_mutex);
3516 				return;
3517 			}
3518 
3519 			if (wdata->result)
3520 				rc = wdata->result;
3521 			else
3522 				ctx->total_len += wdata->bytes;
3523 
3524 			/* resend call if it's a retryable error */
3525 			if (rc == -EAGAIN) {
3526 				struct list_head tmp_list;
3527 				struct iov_iter tmp_from = ctx->iter;
3528 
3529 				INIT_LIST_HEAD(&tmp_list);
3530 				list_del_init(&wdata->list);
3531 
3532 				if (ctx->direct_io)
3533 					rc = cifs_resend_wdata(
3534 						wdata, &tmp_list, ctx);
3535 				else {
3536 					iov_iter_advance(&tmp_from,
3537 						 wdata->offset - ctx->pos);
3538 
3539 					rc = cifs_write_from_iter(wdata->offset,
3540 						wdata->bytes, &tmp_from,
3541 						ctx->cfile, cifs_sb, &tmp_list,
3542 						ctx);
3543 
3544 					kref_put(&wdata->refcount,
3545 						cifs_uncached_writedata_release);
3546 				}
3547 
3548 				list_splice(&tmp_list, &ctx->list);
3549 				goto restart_loop;
3550 			}
3551 		}
3552 		list_del_init(&wdata->list);
3553 		kref_put(&wdata->refcount, cifs_uncached_writedata_release);
3554 	}
3555 
3556 	cifs_stats_bytes_written(tcon, ctx->total_len);
3557 	set_bit(CIFS_INO_INVALID_MAPPING, &CIFS_I(dentry->d_inode)->flags);
3558 
3559 	ctx->rc = (rc == 0) ? ctx->total_len : rc;
3560 
3561 	mutex_unlock(&ctx->aio_mutex);
3562 
3563 	if (ctx->iocb && ctx->iocb->ki_complete)
3564 		ctx->iocb->ki_complete(ctx->iocb, ctx->rc);
3565 	else
3566 		complete(&ctx->done);
3567 }
3568 
__cifs_writev(struct kiocb * iocb,struct iov_iter * from,bool direct)3569 static ssize_t __cifs_writev(
3570 	struct kiocb *iocb, struct iov_iter *from, bool direct)
3571 {
3572 	struct file *file = iocb->ki_filp;
3573 	ssize_t total_written = 0;
3574 	struct cifsFileInfo *cfile;
3575 	struct cifs_tcon *tcon;
3576 	struct cifs_sb_info *cifs_sb;
3577 	struct cifs_aio_ctx *ctx;
3578 	int rc;
3579 
3580 	rc = generic_write_checks(iocb, from);
3581 	if (rc <= 0)
3582 		return rc;
3583 
3584 	cifs_sb = CIFS_FILE_SB(file);
3585 	cfile = file->private_data;
3586 	tcon = tlink_tcon(cfile->tlink);
3587 
3588 	if (!tcon->ses->server->ops->async_writev)
3589 		return -ENOSYS;
3590 
3591 	ctx = cifs_aio_ctx_alloc();
3592 	if (!ctx)
3593 		return -ENOMEM;
3594 
3595 	ctx->cfile = cifsFileInfo_get(cfile);
3596 
3597 	if (!is_sync_kiocb(iocb))
3598 		ctx->iocb = iocb;
3599 
3600 	ctx->pos = iocb->ki_pos;
3601 	ctx->direct_io = direct;
3602 	ctx->nr_pinned_pages = 0;
3603 
3604 	if (user_backed_iter(from)) {
3605 		/*
3606 		 * Extract IOVEC/UBUF-type iterators to a BVEC-type iterator as
3607 		 * they contain references to the calling process's virtual
3608 		 * memory layout which won't be available in an async worker
3609 		 * thread.  This also takes a pin on every folio involved.
3610 		 */
3611 		rc = netfs_extract_user_iter(from, iov_iter_count(from),
3612 					     &ctx->iter, 0);
3613 		if (rc < 0) {
3614 			kref_put(&ctx->refcount, cifs_aio_ctx_release);
3615 			return rc;
3616 		}
3617 
3618 		ctx->nr_pinned_pages = rc;
3619 		ctx->bv = (void *)ctx->iter.bvec;
3620 		ctx->bv_need_unpin = iov_iter_extract_will_pin(from);
3621 	} else if ((iov_iter_is_bvec(from) || iov_iter_is_kvec(from)) &&
3622 		   !is_sync_kiocb(iocb)) {
3623 		/*
3624 		 * If the op is asynchronous, we need to copy the list attached
3625 		 * to a BVEC/KVEC-type iterator, but we assume that the storage
3626 		 * will be pinned by the caller; in any case, we may or may not
3627 		 * be able to pin the pages, so we don't try.
3628 		 */
3629 		ctx->bv = (void *)dup_iter(&ctx->iter, from, GFP_KERNEL);
3630 		if (!ctx->bv) {
3631 			kref_put(&ctx->refcount, cifs_aio_ctx_release);
3632 			return -ENOMEM;
3633 		}
3634 	} else {
3635 		/*
3636 		 * Otherwise, we just pass the iterator down as-is and rely on
3637 		 * the caller to make sure the pages referred to by the
3638 		 * iterator don't evaporate.
3639 		 */
3640 		ctx->iter = *from;
3641 	}
3642 
3643 	ctx->len = iov_iter_count(&ctx->iter);
3644 
3645 	/* grab a lock here due to read response handlers can access ctx */
3646 	mutex_lock(&ctx->aio_mutex);
3647 
3648 	rc = cifs_write_from_iter(iocb->ki_pos, ctx->len, &ctx->iter,
3649 				  cfile, cifs_sb, &ctx->list, ctx);
3650 
3651 	/*
3652 	 * If at least one write was successfully sent, then discard any rc
3653 	 * value from the later writes. If the other write succeeds, then
3654 	 * we'll end up returning whatever was written. If it fails, then
3655 	 * we'll get a new rc value from that.
3656 	 */
3657 	if (!list_empty(&ctx->list))
3658 		rc = 0;
3659 
3660 	mutex_unlock(&ctx->aio_mutex);
3661 
3662 	if (rc) {
3663 		kref_put(&ctx->refcount, cifs_aio_ctx_release);
3664 		return rc;
3665 	}
3666 
3667 	if (!is_sync_kiocb(iocb)) {
3668 		kref_put(&ctx->refcount, cifs_aio_ctx_release);
3669 		return -EIOCBQUEUED;
3670 	}
3671 
3672 	rc = wait_for_completion_killable(&ctx->done);
3673 	if (rc) {
3674 		mutex_lock(&ctx->aio_mutex);
3675 		ctx->rc = rc = -EINTR;
3676 		total_written = ctx->total_len;
3677 		mutex_unlock(&ctx->aio_mutex);
3678 	} else {
3679 		rc = ctx->rc;
3680 		total_written = ctx->total_len;
3681 	}
3682 
3683 	kref_put(&ctx->refcount, cifs_aio_ctx_release);
3684 
3685 	if (unlikely(!total_written))
3686 		return rc;
3687 
3688 	iocb->ki_pos += total_written;
3689 	return total_written;
3690 }
3691 
cifs_direct_writev(struct kiocb * iocb,struct iov_iter * from)3692 ssize_t cifs_direct_writev(struct kiocb *iocb, struct iov_iter *from)
3693 {
3694 	struct file *file = iocb->ki_filp;
3695 
3696 	cifs_revalidate_mapping(file->f_inode);
3697 	return __cifs_writev(iocb, from, true);
3698 }
3699 
cifs_user_writev(struct kiocb * iocb,struct iov_iter * from)3700 ssize_t cifs_user_writev(struct kiocb *iocb, struct iov_iter *from)
3701 {
3702 	return __cifs_writev(iocb, from, false);
3703 }
3704 
3705 static ssize_t
cifs_writev(struct kiocb * iocb,struct iov_iter * from)3706 cifs_writev(struct kiocb *iocb, struct iov_iter *from)
3707 {
3708 	struct file *file = iocb->ki_filp;
3709 	struct cifsFileInfo *cfile = (struct cifsFileInfo *)file->private_data;
3710 	struct inode *inode = file->f_mapping->host;
3711 	struct cifsInodeInfo *cinode = CIFS_I(inode);
3712 	struct TCP_Server_Info *server = tlink_tcon(cfile->tlink)->ses->server;
3713 	ssize_t rc;
3714 
3715 	inode_lock(inode);
3716 	/*
3717 	 * We need to hold the sem to be sure nobody modifies lock list
3718 	 * with a brlock that prevents writing.
3719 	 */
3720 	down_read(&cinode->lock_sem);
3721 
3722 	rc = generic_write_checks(iocb, from);
3723 	if (rc <= 0)
3724 		goto out;
3725 
3726 	if (!cifs_find_lock_conflict(cfile, iocb->ki_pos, iov_iter_count(from),
3727 				     server->vals->exclusive_lock_type, 0,
3728 				     NULL, CIFS_WRITE_OP))
3729 		rc = __generic_file_write_iter(iocb, from);
3730 	else
3731 		rc = -EACCES;
3732 out:
3733 	up_read(&cinode->lock_sem);
3734 	inode_unlock(inode);
3735 
3736 	if (rc > 0)
3737 		rc = generic_write_sync(iocb, rc);
3738 	return rc;
3739 }
3740 
3741 ssize_t
cifs_strict_writev(struct kiocb * iocb,struct iov_iter * from)3742 cifs_strict_writev(struct kiocb *iocb, struct iov_iter *from)
3743 {
3744 	struct inode *inode = file_inode(iocb->ki_filp);
3745 	struct cifsInodeInfo *cinode = CIFS_I(inode);
3746 	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
3747 	struct cifsFileInfo *cfile = (struct cifsFileInfo *)
3748 						iocb->ki_filp->private_data;
3749 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
3750 	ssize_t written;
3751 
3752 	written = cifs_get_writer(cinode);
3753 	if (written)
3754 		return written;
3755 
3756 	if (CIFS_CACHE_WRITE(cinode)) {
3757 		if (cap_unix(tcon->ses) &&
3758 		(CIFS_UNIX_FCNTL_CAP & le64_to_cpu(tcon->fsUnixInfo.Capability))
3759 		  && ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) == 0)) {
3760 			written = generic_file_write_iter(iocb, from);
3761 			goto out;
3762 		}
3763 		written = cifs_writev(iocb, from);
3764 		goto out;
3765 	}
3766 	/*
3767 	 * For non-oplocked files in strict cache mode we need to write the data
3768 	 * to the server exactly from the pos to pos+len-1 rather than flush all
3769 	 * affected pages because it may cause a error with mandatory locks on
3770 	 * these pages but not on the region from pos to ppos+len-1.
3771 	 */
3772 	written = cifs_user_writev(iocb, from);
3773 	if (CIFS_CACHE_READ(cinode)) {
3774 		/*
3775 		 * We have read level caching and we have just sent a write
3776 		 * request to the server thus making data in the cache stale.
3777 		 * Zap the cache and set oplock/lease level to NONE to avoid
3778 		 * reading stale data from the cache. All subsequent read
3779 		 * operations will read new data from the server.
3780 		 */
3781 		cifs_zap_mapping(inode);
3782 		cifs_dbg(FYI, "Set Oplock/Lease to NONE for inode=%p after write\n",
3783 			 inode);
3784 		cinode->oplock = 0;
3785 	}
3786 out:
3787 	cifs_put_writer(cinode);
3788 	return written;
3789 }
3790 
cifs_readdata_alloc(work_func_t complete)3791 static struct cifs_readdata *cifs_readdata_alloc(work_func_t complete)
3792 {
3793 	struct cifs_readdata *rdata;
3794 
3795 	rdata = kzalloc(sizeof(*rdata), GFP_KERNEL);
3796 	if (rdata) {
3797 		kref_init(&rdata->refcount);
3798 		INIT_LIST_HEAD(&rdata->list);
3799 		init_completion(&rdata->done);
3800 		INIT_WORK(&rdata->work, complete);
3801 	}
3802 
3803 	return rdata;
3804 }
3805 
3806 void
cifs_readdata_release(struct kref * refcount)3807 cifs_readdata_release(struct kref *refcount)
3808 {
3809 	struct cifs_readdata *rdata = container_of(refcount,
3810 					struct cifs_readdata, refcount);
3811 
3812 	if (rdata->ctx)
3813 		kref_put(&rdata->ctx->refcount, cifs_aio_ctx_release);
3814 #ifdef CONFIG_CIFS_SMB_DIRECT
3815 	if (rdata->mr) {
3816 		smbd_deregister_mr(rdata->mr);
3817 		rdata->mr = NULL;
3818 	}
3819 #endif
3820 	if (rdata->cfile)
3821 		cifsFileInfo_put(rdata->cfile);
3822 
3823 	kfree(rdata);
3824 }
3825 
3826 static void collect_uncached_read_data(struct cifs_aio_ctx *ctx);
3827 
3828 static void
cifs_uncached_readv_complete(struct work_struct * work)3829 cifs_uncached_readv_complete(struct work_struct *work)
3830 {
3831 	struct cifs_readdata *rdata = container_of(work,
3832 						struct cifs_readdata, work);
3833 
3834 	complete(&rdata->done);
3835 	collect_uncached_read_data(rdata->ctx);
3836 	/* the below call can possibly free the last ref to aio ctx */
3837 	kref_put(&rdata->refcount, cifs_readdata_release);
3838 }
3839 
cifs_resend_rdata(struct cifs_readdata * rdata,struct list_head * rdata_list,struct cifs_aio_ctx * ctx)3840 static int cifs_resend_rdata(struct cifs_readdata *rdata,
3841 			struct list_head *rdata_list,
3842 			struct cifs_aio_ctx *ctx)
3843 {
3844 	unsigned int rsize;
3845 	struct cifs_credits credits;
3846 	int rc;
3847 	struct TCP_Server_Info *server;
3848 
3849 	/* XXX: should we pick a new channel here? */
3850 	server = rdata->server;
3851 
3852 	do {
3853 		if (rdata->cfile->invalidHandle) {
3854 			rc = cifs_reopen_file(rdata->cfile, true);
3855 			if (rc == -EAGAIN)
3856 				continue;
3857 			else if (rc)
3858 				break;
3859 		}
3860 
3861 		/*
3862 		 * Wait for credits to resend this rdata.
3863 		 * Note: we are attempting to resend the whole rdata not in
3864 		 * segments
3865 		 */
3866 		do {
3867 			rc = server->ops->wait_mtu_credits(server, rdata->bytes,
3868 						&rsize, &credits);
3869 
3870 			if (rc)
3871 				goto fail;
3872 
3873 			if (rsize < rdata->bytes) {
3874 				add_credits_and_wake_if(server, &credits, 0);
3875 				msleep(1000);
3876 			}
3877 		} while (rsize < rdata->bytes);
3878 		rdata->credits = credits;
3879 
3880 		rc = adjust_credits(server, &rdata->credits, rdata->bytes);
3881 		if (!rc) {
3882 			if (rdata->cfile->invalidHandle)
3883 				rc = -EAGAIN;
3884 			else {
3885 #ifdef CONFIG_CIFS_SMB_DIRECT
3886 				if (rdata->mr) {
3887 					rdata->mr->need_invalidate = true;
3888 					smbd_deregister_mr(rdata->mr);
3889 					rdata->mr = NULL;
3890 				}
3891 #endif
3892 				rc = server->ops->async_readv(rdata);
3893 			}
3894 		}
3895 
3896 		/* If the read was successfully sent, we are done */
3897 		if (!rc) {
3898 			/* Add to aio pending list */
3899 			list_add_tail(&rdata->list, rdata_list);
3900 			return 0;
3901 		}
3902 
3903 		/* Roll back credits and retry if needed */
3904 		add_credits_and_wake_if(server, &rdata->credits, 0);
3905 	} while (rc == -EAGAIN);
3906 
3907 fail:
3908 	kref_put(&rdata->refcount, cifs_readdata_release);
3909 	return rc;
3910 }
3911 
3912 static int
cifs_send_async_read(loff_t fpos,size_t len,struct cifsFileInfo * open_file,struct cifs_sb_info * cifs_sb,struct list_head * rdata_list,struct cifs_aio_ctx * ctx)3913 cifs_send_async_read(loff_t fpos, size_t len, struct cifsFileInfo *open_file,
3914 		     struct cifs_sb_info *cifs_sb, struct list_head *rdata_list,
3915 		     struct cifs_aio_ctx *ctx)
3916 {
3917 	struct cifs_readdata *rdata;
3918 	unsigned int rsize, nsegs, max_segs = INT_MAX;
3919 	struct cifs_credits credits_on_stack;
3920 	struct cifs_credits *credits = &credits_on_stack;
3921 	size_t cur_len, max_len;
3922 	int rc;
3923 	pid_t pid;
3924 	struct TCP_Server_Info *server;
3925 
3926 	server = cifs_pick_channel(tlink_tcon(open_file->tlink)->ses);
3927 
3928 #ifdef CONFIG_CIFS_SMB_DIRECT
3929 	if (server->smbd_conn)
3930 		max_segs = server->smbd_conn->max_frmr_depth;
3931 #endif
3932 
3933 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
3934 		pid = open_file->pid;
3935 	else
3936 		pid = current->tgid;
3937 
3938 	do {
3939 		if (open_file->invalidHandle) {
3940 			rc = cifs_reopen_file(open_file, true);
3941 			if (rc == -EAGAIN)
3942 				continue;
3943 			else if (rc)
3944 				break;
3945 		}
3946 
3947 		if (cifs_sb->ctx->rsize == 0)
3948 			cifs_sb->ctx->rsize =
3949 				server->ops->negotiate_rsize(tlink_tcon(open_file->tlink),
3950 							     cifs_sb->ctx);
3951 
3952 		rc = server->ops->wait_mtu_credits(server, cifs_sb->ctx->rsize,
3953 						   &rsize, credits);
3954 		if (rc)
3955 			break;
3956 
3957 		max_len = min_t(size_t, len, rsize);
3958 
3959 		cur_len = cifs_limit_bvec_subset(&ctx->iter, max_len,
3960 						 max_segs, &nsegs);
3961 		cifs_dbg(FYI, "read-to-iter len=%zx/%zx nsegs=%u/%lu/%u\n",
3962 			 cur_len, max_len, nsegs, ctx->iter.nr_segs, max_segs);
3963 		if (cur_len == 0) {
3964 			rc = -EIO;
3965 			add_credits_and_wake_if(server, credits, 0);
3966 			break;
3967 		}
3968 
3969 		rdata = cifs_readdata_alloc(cifs_uncached_readv_complete);
3970 		if (!rdata) {
3971 			add_credits_and_wake_if(server, credits, 0);
3972 			rc = -ENOMEM;
3973 			break;
3974 		}
3975 
3976 		rdata->server	= server;
3977 		rdata->cfile	= cifsFileInfo_get(open_file);
3978 		rdata->offset	= fpos;
3979 		rdata->bytes	= cur_len;
3980 		rdata->pid	= pid;
3981 		rdata->credits	= credits_on_stack;
3982 		rdata->ctx	= ctx;
3983 		kref_get(&ctx->refcount);
3984 
3985 		rdata->iter	= ctx->iter;
3986 		iov_iter_truncate(&rdata->iter, cur_len);
3987 
3988 		rc = adjust_credits(server, &rdata->credits, rdata->bytes);
3989 
3990 		if (!rc) {
3991 			if (rdata->cfile->invalidHandle)
3992 				rc = -EAGAIN;
3993 			else
3994 				rc = server->ops->async_readv(rdata);
3995 		}
3996 
3997 		if (rc) {
3998 			add_credits_and_wake_if(server, &rdata->credits, 0);
3999 			kref_put(&rdata->refcount, cifs_readdata_release);
4000 			if (rc == -EAGAIN)
4001 				continue;
4002 			break;
4003 		}
4004 
4005 		list_add_tail(&rdata->list, rdata_list);
4006 		iov_iter_advance(&ctx->iter, cur_len);
4007 		fpos += cur_len;
4008 		len -= cur_len;
4009 	} while (len > 0);
4010 
4011 	return rc;
4012 }
4013 
4014 static void
collect_uncached_read_data(struct cifs_aio_ctx * ctx)4015 collect_uncached_read_data(struct cifs_aio_ctx *ctx)
4016 {
4017 	struct cifs_readdata *rdata, *tmp;
4018 	struct cifs_sb_info *cifs_sb;
4019 	int rc;
4020 
4021 	cifs_sb = CIFS_SB(ctx->cfile->dentry->d_sb);
4022 
4023 	mutex_lock(&ctx->aio_mutex);
4024 
4025 	if (list_empty(&ctx->list)) {
4026 		mutex_unlock(&ctx->aio_mutex);
4027 		return;
4028 	}
4029 
4030 	rc = ctx->rc;
4031 	/* the loop below should proceed in the order of increasing offsets */
4032 again:
4033 	list_for_each_entry_safe(rdata, tmp, &ctx->list, list) {
4034 		if (!rc) {
4035 			if (!try_wait_for_completion(&rdata->done)) {
4036 				mutex_unlock(&ctx->aio_mutex);
4037 				return;
4038 			}
4039 
4040 			if (rdata->result == -EAGAIN) {
4041 				/* resend call if it's a retryable error */
4042 				struct list_head tmp_list;
4043 				unsigned int got_bytes = rdata->got_bytes;
4044 
4045 				list_del_init(&rdata->list);
4046 				INIT_LIST_HEAD(&tmp_list);
4047 
4048 				if (ctx->direct_io) {
4049 					/*
4050 					 * Re-use rdata as this is a
4051 					 * direct I/O
4052 					 */
4053 					rc = cifs_resend_rdata(
4054 						rdata,
4055 						&tmp_list, ctx);
4056 				} else {
4057 					rc = cifs_send_async_read(
4058 						rdata->offset + got_bytes,
4059 						rdata->bytes - got_bytes,
4060 						rdata->cfile, cifs_sb,
4061 						&tmp_list, ctx);
4062 
4063 					kref_put(&rdata->refcount,
4064 						cifs_readdata_release);
4065 				}
4066 
4067 				list_splice(&tmp_list, &ctx->list);
4068 
4069 				goto again;
4070 			} else if (rdata->result)
4071 				rc = rdata->result;
4072 
4073 			/* if there was a short read -- discard anything left */
4074 			if (rdata->got_bytes && rdata->got_bytes < rdata->bytes)
4075 				rc = -ENODATA;
4076 
4077 			ctx->total_len += rdata->got_bytes;
4078 		}
4079 		list_del_init(&rdata->list);
4080 		kref_put(&rdata->refcount, cifs_readdata_release);
4081 	}
4082 
4083 	/* mask nodata case */
4084 	if (rc == -ENODATA)
4085 		rc = 0;
4086 
4087 	ctx->rc = (rc == 0) ? (ssize_t)ctx->total_len : rc;
4088 
4089 	mutex_unlock(&ctx->aio_mutex);
4090 
4091 	if (ctx->iocb && ctx->iocb->ki_complete)
4092 		ctx->iocb->ki_complete(ctx->iocb, ctx->rc);
4093 	else
4094 		complete(&ctx->done);
4095 }
4096 
__cifs_readv(struct kiocb * iocb,struct iov_iter * to,bool direct)4097 static ssize_t __cifs_readv(
4098 	struct kiocb *iocb, struct iov_iter *to, bool direct)
4099 {
4100 	size_t len;
4101 	struct file *file = iocb->ki_filp;
4102 	struct cifs_sb_info *cifs_sb;
4103 	struct cifsFileInfo *cfile;
4104 	struct cifs_tcon *tcon;
4105 	ssize_t rc, total_read = 0;
4106 	loff_t offset = iocb->ki_pos;
4107 	struct cifs_aio_ctx *ctx;
4108 
4109 	len = iov_iter_count(to);
4110 	if (!len)
4111 		return 0;
4112 
4113 	cifs_sb = CIFS_FILE_SB(file);
4114 	cfile = file->private_data;
4115 	tcon = tlink_tcon(cfile->tlink);
4116 
4117 	if (!tcon->ses->server->ops->async_readv)
4118 		return -ENOSYS;
4119 
4120 	if ((file->f_flags & O_ACCMODE) == O_WRONLY)
4121 		cifs_dbg(FYI, "attempting read on write only file instance\n");
4122 
4123 	ctx = cifs_aio_ctx_alloc();
4124 	if (!ctx)
4125 		return -ENOMEM;
4126 
4127 	ctx->pos	= offset;
4128 	ctx->direct_io	= direct;
4129 	ctx->len	= len;
4130 	ctx->cfile	= cifsFileInfo_get(cfile);
4131 	ctx->nr_pinned_pages = 0;
4132 
4133 	if (!is_sync_kiocb(iocb))
4134 		ctx->iocb = iocb;
4135 
4136 	if (user_backed_iter(to)) {
4137 		/*
4138 		 * Extract IOVEC/UBUF-type iterators to a BVEC-type iterator as
4139 		 * they contain references to the calling process's virtual
4140 		 * memory layout which won't be available in an async worker
4141 		 * thread.  This also takes a pin on every folio involved.
4142 		 */
4143 		rc = netfs_extract_user_iter(to, iov_iter_count(to),
4144 					     &ctx->iter, 0);
4145 		if (rc < 0) {
4146 			kref_put(&ctx->refcount, cifs_aio_ctx_release);
4147 			return rc;
4148 		}
4149 
4150 		ctx->nr_pinned_pages = rc;
4151 		ctx->bv = (void *)ctx->iter.bvec;
4152 		ctx->bv_need_unpin = iov_iter_extract_will_pin(to);
4153 		ctx->should_dirty = true;
4154 	} else if ((iov_iter_is_bvec(to) || iov_iter_is_kvec(to)) &&
4155 		   !is_sync_kiocb(iocb)) {
4156 		/*
4157 		 * If the op is asynchronous, we need to copy the list attached
4158 		 * to a BVEC/KVEC-type iterator, but we assume that the storage
4159 		 * will be retained by the caller; in any case, we may or may
4160 		 * not be able to pin the pages, so we don't try.
4161 		 */
4162 		ctx->bv = (void *)dup_iter(&ctx->iter, to, GFP_KERNEL);
4163 		if (!ctx->bv) {
4164 			kref_put(&ctx->refcount, cifs_aio_ctx_release);
4165 			return -ENOMEM;
4166 		}
4167 	} else {
4168 		/*
4169 		 * Otherwise, we just pass the iterator down as-is and rely on
4170 		 * the caller to make sure the pages referred to by the
4171 		 * iterator don't evaporate.
4172 		 */
4173 		ctx->iter = *to;
4174 	}
4175 
4176 	if (direct) {
4177 		rc = filemap_write_and_wait_range(file->f_inode->i_mapping,
4178 						  offset, offset + len - 1);
4179 		if (rc) {
4180 			kref_put(&ctx->refcount, cifs_aio_ctx_release);
4181 			return -EAGAIN;
4182 		}
4183 	}
4184 
4185 	/* grab a lock here due to read response handlers can access ctx */
4186 	mutex_lock(&ctx->aio_mutex);
4187 
4188 	rc = cifs_send_async_read(offset, len, cfile, cifs_sb, &ctx->list, ctx);
4189 
4190 	/* if at least one read request send succeeded, then reset rc */
4191 	if (!list_empty(&ctx->list))
4192 		rc = 0;
4193 
4194 	mutex_unlock(&ctx->aio_mutex);
4195 
4196 	if (rc) {
4197 		kref_put(&ctx->refcount, cifs_aio_ctx_release);
4198 		return rc;
4199 	}
4200 
4201 	if (!is_sync_kiocb(iocb)) {
4202 		kref_put(&ctx->refcount, cifs_aio_ctx_release);
4203 		return -EIOCBQUEUED;
4204 	}
4205 
4206 	rc = wait_for_completion_killable(&ctx->done);
4207 	if (rc) {
4208 		mutex_lock(&ctx->aio_mutex);
4209 		ctx->rc = rc = -EINTR;
4210 		total_read = ctx->total_len;
4211 		mutex_unlock(&ctx->aio_mutex);
4212 	} else {
4213 		rc = ctx->rc;
4214 		total_read = ctx->total_len;
4215 	}
4216 
4217 	kref_put(&ctx->refcount, cifs_aio_ctx_release);
4218 
4219 	if (total_read) {
4220 		iocb->ki_pos += total_read;
4221 		return total_read;
4222 	}
4223 	return rc;
4224 }
4225 
cifs_direct_readv(struct kiocb * iocb,struct iov_iter * to)4226 ssize_t cifs_direct_readv(struct kiocb *iocb, struct iov_iter *to)
4227 {
4228 	return __cifs_readv(iocb, to, true);
4229 }
4230 
cifs_user_readv(struct kiocb * iocb,struct iov_iter * to)4231 ssize_t cifs_user_readv(struct kiocb *iocb, struct iov_iter *to)
4232 {
4233 	return __cifs_readv(iocb, to, false);
4234 }
4235 
4236 ssize_t
cifs_strict_readv(struct kiocb * iocb,struct iov_iter * to)4237 cifs_strict_readv(struct kiocb *iocb, struct iov_iter *to)
4238 {
4239 	struct inode *inode = file_inode(iocb->ki_filp);
4240 	struct cifsInodeInfo *cinode = CIFS_I(inode);
4241 	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
4242 	struct cifsFileInfo *cfile = (struct cifsFileInfo *)
4243 						iocb->ki_filp->private_data;
4244 	struct cifs_tcon *tcon = tlink_tcon(cfile->tlink);
4245 	int rc = -EACCES;
4246 
4247 	/*
4248 	 * In strict cache mode we need to read from the server all the time
4249 	 * if we don't have level II oplock because the server can delay mtime
4250 	 * change - so we can't make a decision about inode invalidating.
4251 	 * And we can also fail with pagereading if there are mandatory locks
4252 	 * on pages affected by this read but not on the region from pos to
4253 	 * pos+len-1.
4254 	 */
4255 	if (!CIFS_CACHE_READ(cinode))
4256 		return cifs_user_readv(iocb, to);
4257 
4258 	if (cap_unix(tcon->ses) &&
4259 	    (CIFS_UNIX_FCNTL_CAP & le64_to_cpu(tcon->fsUnixInfo.Capability)) &&
4260 	    ((cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NOPOSIXBRL) == 0))
4261 		return generic_file_read_iter(iocb, to);
4262 
4263 	/*
4264 	 * We need to hold the sem to be sure nobody modifies lock list
4265 	 * with a brlock that prevents reading.
4266 	 */
4267 	down_read(&cinode->lock_sem);
4268 	if (!cifs_find_lock_conflict(cfile, iocb->ki_pos, iov_iter_count(to),
4269 				     tcon->ses->server->vals->shared_lock_type,
4270 				     0, NULL, CIFS_READ_OP))
4271 		rc = generic_file_read_iter(iocb, to);
4272 	up_read(&cinode->lock_sem);
4273 	return rc;
4274 }
4275 
4276 static ssize_t
cifs_read(struct file * file,char * read_data,size_t read_size,loff_t * offset)4277 cifs_read(struct file *file, char *read_data, size_t read_size, loff_t *offset)
4278 {
4279 	int rc = -EACCES;
4280 	unsigned int bytes_read = 0;
4281 	unsigned int total_read;
4282 	unsigned int current_read_size;
4283 	unsigned int rsize;
4284 	struct cifs_sb_info *cifs_sb;
4285 	struct cifs_tcon *tcon;
4286 	struct TCP_Server_Info *server;
4287 	unsigned int xid;
4288 	char *cur_offset;
4289 	struct cifsFileInfo *open_file;
4290 	struct cifs_io_parms io_parms = {0};
4291 	int buf_type = CIFS_NO_BUFFER;
4292 	__u32 pid;
4293 
4294 	xid = get_xid();
4295 	cifs_sb = CIFS_FILE_SB(file);
4296 
4297 	/* FIXME: set up handlers for larger reads and/or convert to async */
4298 	rsize = min_t(unsigned int, cifs_sb->ctx->rsize, CIFSMaxBufSize);
4299 
4300 	if (file->private_data == NULL) {
4301 		rc = -EBADF;
4302 		free_xid(xid);
4303 		return rc;
4304 	}
4305 	open_file = file->private_data;
4306 	tcon = tlink_tcon(open_file->tlink);
4307 	server = cifs_pick_channel(tcon->ses);
4308 
4309 	if (!server->ops->sync_read) {
4310 		free_xid(xid);
4311 		return -ENOSYS;
4312 	}
4313 
4314 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
4315 		pid = open_file->pid;
4316 	else
4317 		pid = current->tgid;
4318 
4319 	if ((file->f_flags & O_ACCMODE) == O_WRONLY)
4320 		cifs_dbg(FYI, "attempting read on write only file instance\n");
4321 
4322 	for (total_read = 0, cur_offset = read_data; read_size > total_read;
4323 	     total_read += bytes_read, cur_offset += bytes_read) {
4324 		do {
4325 			current_read_size = min_t(uint, read_size - total_read,
4326 						  rsize);
4327 			/*
4328 			 * For windows me and 9x we do not want to request more
4329 			 * than it negotiated since it will refuse the read
4330 			 * then.
4331 			 */
4332 			if (!(tcon->ses->capabilities &
4333 				tcon->ses->server->vals->cap_large_files)) {
4334 				current_read_size = min_t(uint,
4335 					current_read_size, CIFSMaxBufSize);
4336 			}
4337 			if (open_file->invalidHandle) {
4338 				rc = cifs_reopen_file(open_file, true);
4339 				if (rc != 0)
4340 					break;
4341 			}
4342 			io_parms.pid = pid;
4343 			io_parms.tcon = tcon;
4344 			io_parms.offset = *offset;
4345 			io_parms.length = current_read_size;
4346 			io_parms.server = server;
4347 			rc = server->ops->sync_read(xid, &open_file->fid, &io_parms,
4348 						    &bytes_read, &cur_offset,
4349 						    &buf_type);
4350 		} while (rc == -EAGAIN);
4351 
4352 		if (rc || (bytes_read == 0)) {
4353 			if (total_read) {
4354 				break;
4355 			} else {
4356 				free_xid(xid);
4357 				return rc;
4358 			}
4359 		} else {
4360 			cifs_stats_bytes_read(tcon, total_read);
4361 			*offset += bytes_read;
4362 		}
4363 	}
4364 	free_xid(xid);
4365 	return total_read;
4366 }
4367 
4368 /*
4369  * If the page is mmap'ed into a process' page tables, then we need to make
4370  * sure that it doesn't change while being written back.
4371  */
cifs_page_mkwrite(struct vm_fault * vmf)4372 static vm_fault_t cifs_page_mkwrite(struct vm_fault *vmf)
4373 {
4374 	struct folio *folio = page_folio(vmf->page);
4375 
4376 	/* Wait for the folio to be written to the cache before we allow it to
4377 	 * be modified.  We then assume the entire folio will need writing back.
4378 	 */
4379 #ifdef CONFIG_CIFS_FSCACHE
4380 	if (folio_test_fscache(folio) &&
4381 	    folio_wait_fscache_killable(folio) < 0)
4382 		return VM_FAULT_RETRY;
4383 #endif
4384 
4385 	folio_wait_writeback(folio);
4386 
4387 	if (folio_lock_killable(folio) < 0)
4388 		return VM_FAULT_RETRY;
4389 	return VM_FAULT_LOCKED;
4390 }
4391 
4392 static const struct vm_operations_struct cifs_file_vm_ops = {
4393 	.fault = filemap_fault,
4394 	.map_pages = filemap_map_pages,
4395 	.page_mkwrite = cifs_page_mkwrite,
4396 };
4397 
cifs_file_strict_mmap(struct file * file,struct vm_area_struct * vma)4398 int cifs_file_strict_mmap(struct file *file, struct vm_area_struct *vma)
4399 {
4400 	int xid, rc = 0;
4401 	struct inode *inode = file_inode(file);
4402 
4403 	xid = get_xid();
4404 
4405 	if (!CIFS_CACHE_READ(CIFS_I(inode)))
4406 		rc = cifs_zap_mapping(inode);
4407 	if (!rc)
4408 		rc = generic_file_mmap(file, vma);
4409 	if (!rc)
4410 		vma->vm_ops = &cifs_file_vm_ops;
4411 
4412 	free_xid(xid);
4413 	return rc;
4414 }
4415 
cifs_file_mmap(struct file * file,struct vm_area_struct * vma)4416 int cifs_file_mmap(struct file *file, struct vm_area_struct *vma)
4417 {
4418 	int rc, xid;
4419 
4420 	xid = get_xid();
4421 
4422 	rc = cifs_revalidate_file(file);
4423 	if (rc)
4424 		cifs_dbg(FYI, "Validation prior to mmap failed, error=%d\n",
4425 			 rc);
4426 	if (!rc)
4427 		rc = generic_file_mmap(file, vma);
4428 	if (!rc)
4429 		vma->vm_ops = &cifs_file_vm_ops;
4430 
4431 	free_xid(xid);
4432 	return rc;
4433 }
4434 
4435 /*
4436  * Unlock a bunch of folios in the pagecache.
4437  */
cifs_unlock_folios(struct address_space * mapping,pgoff_t first,pgoff_t last)4438 static void cifs_unlock_folios(struct address_space *mapping, pgoff_t first, pgoff_t last)
4439 {
4440 	struct folio *folio;
4441 	XA_STATE(xas, &mapping->i_pages, first);
4442 
4443 	rcu_read_lock();
4444 	xas_for_each(&xas, folio, last) {
4445 		folio_unlock(folio);
4446 	}
4447 	rcu_read_unlock();
4448 }
4449 
cifs_readahead_complete(struct work_struct * work)4450 static void cifs_readahead_complete(struct work_struct *work)
4451 {
4452 	struct cifs_readdata *rdata = container_of(work,
4453 						   struct cifs_readdata, work);
4454 	struct folio *folio;
4455 	pgoff_t last;
4456 	bool good = rdata->result == 0 || (rdata->result == -EAGAIN && rdata->got_bytes);
4457 
4458 	XA_STATE(xas, &rdata->mapping->i_pages, rdata->offset / PAGE_SIZE);
4459 
4460 	if (good)
4461 		cifs_readahead_to_fscache(rdata->mapping->host,
4462 					  rdata->offset, rdata->bytes);
4463 
4464 	if (iov_iter_count(&rdata->iter) > 0)
4465 		iov_iter_zero(iov_iter_count(&rdata->iter), &rdata->iter);
4466 
4467 	last = (rdata->offset + rdata->bytes - 1) / PAGE_SIZE;
4468 
4469 	rcu_read_lock();
4470 	xas_for_each(&xas, folio, last) {
4471 		if (good) {
4472 			flush_dcache_folio(folio);
4473 			folio_mark_uptodate(folio);
4474 		}
4475 		folio_unlock(folio);
4476 	}
4477 	rcu_read_unlock();
4478 
4479 	kref_put(&rdata->refcount, cifs_readdata_release);
4480 }
4481 
cifs_readahead(struct readahead_control * ractl)4482 static void cifs_readahead(struct readahead_control *ractl)
4483 {
4484 	struct cifsFileInfo *open_file = ractl->file->private_data;
4485 	struct cifs_sb_info *cifs_sb = CIFS_FILE_SB(ractl->file);
4486 	struct TCP_Server_Info *server;
4487 	unsigned int xid, nr_pages, cache_nr_pages = 0;
4488 	unsigned int ra_pages;
4489 	pgoff_t next_cached = ULONG_MAX, ra_index;
4490 	bool caching = fscache_cookie_enabled(cifs_inode_cookie(ractl->mapping->host)) &&
4491 		cifs_inode_cookie(ractl->mapping->host)->cache_priv;
4492 	bool check_cache = caching;
4493 	pid_t pid;
4494 	int rc = 0;
4495 
4496 	/* Note that readahead_count() lags behind our dequeuing of pages from
4497 	 * the ractl, wo we have to keep track for ourselves.
4498 	 */
4499 	ra_pages = readahead_count(ractl);
4500 	ra_index = readahead_index(ractl);
4501 
4502 	xid = get_xid();
4503 
4504 	if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
4505 		pid = open_file->pid;
4506 	else
4507 		pid = current->tgid;
4508 
4509 	server = cifs_pick_channel(tlink_tcon(open_file->tlink)->ses);
4510 
4511 	cifs_dbg(FYI, "%s: file=%p mapping=%p num_pages=%u\n",
4512 		 __func__, ractl->file, ractl->mapping, ra_pages);
4513 
4514 	/*
4515 	 * Chop the readahead request up into rsize-sized read requests.
4516 	 */
4517 	while ((nr_pages = ra_pages)) {
4518 		unsigned int i, rsize;
4519 		struct cifs_readdata *rdata;
4520 		struct cifs_credits credits_on_stack;
4521 		struct cifs_credits *credits = &credits_on_stack;
4522 		struct folio *folio;
4523 		pgoff_t fsize;
4524 
4525 		/*
4526 		 * Find out if we have anything cached in the range of
4527 		 * interest, and if so, where the next chunk of cached data is.
4528 		 */
4529 		if (caching) {
4530 			if (check_cache) {
4531 				rc = cifs_fscache_query_occupancy(
4532 					ractl->mapping->host, ra_index, nr_pages,
4533 					&next_cached, &cache_nr_pages);
4534 				if (rc < 0)
4535 					caching = false;
4536 				check_cache = false;
4537 			}
4538 
4539 			if (ra_index == next_cached) {
4540 				/*
4541 				 * TODO: Send a whole batch of pages to be read
4542 				 * by the cache.
4543 				 */
4544 				folio = readahead_folio(ractl);
4545 				fsize = folio_nr_pages(folio);
4546 				ra_pages -= fsize;
4547 				ra_index += fsize;
4548 				if (cifs_readpage_from_fscache(ractl->mapping->host,
4549 							       &folio->page) < 0) {
4550 					/*
4551 					 * TODO: Deal with cache read failure
4552 					 * here, but for the moment, delegate
4553 					 * that to readpage.
4554 					 */
4555 					caching = false;
4556 				}
4557 				folio_unlock(folio);
4558 				next_cached += fsize;
4559 				cache_nr_pages -= fsize;
4560 				if (cache_nr_pages == 0)
4561 					check_cache = true;
4562 				continue;
4563 			}
4564 		}
4565 
4566 		if (open_file->invalidHandle) {
4567 			rc = cifs_reopen_file(open_file, true);
4568 			if (rc) {
4569 				if (rc == -EAGAIN)
4570 					continue;
4571 				break;
4572 			}
4573 		}
4574 
4575 		if (cifs_sb->ctx->rsize == 0)
4576 			cifs_sb->ctx->rsize =
4577 				server->ops->negotiate_rsize(tlink_tcon(open_file->tlink),
4578 							     cifs_sb->ctx);
4579 
4580 		rc = server->ops->wait_mtu_credits(server, cifs_sb->ctx->rsize,
4581 						   &rsize, credits);
4582 		if (rc)
4583 			break;
4584 		nr_pages = min_t(size_t, rsize / PAGE_SIZE, ra_pages);
4585 		if (next_cached != ULONG_MAX)
4586 			nr_pages = min_t(size_t, nr_pages, next_cached - ra_index);
4587 
4588 		/*
4589 		 * Give up immediately if rsize is too small to read an entire
4590 		 * page. The VFS will fall back to readpage. We should never
4591 		 * reach this point however since we set ra_pages to 0 when the
4592 		 * rsize is smaller than a cache page.
4593 		 */
4594 		if (unlikely(!nr_pages)) {
4595 			add_credits_and_wake_if(server, credits, 0);
4596 			break;
4597 		}
4598 
4599 		rdata = cifs_readdata_alloc(cifs_readahead_complete);
4600 		if (!rdata) {
4601 			/* best to give up if we're out of mem */
4602 			add_credits_and_wake_if(server, credits, 0);
4603 			break;
4604 		}
4605 
4606 		rdata->offset	= ra_index * PAGE_SIZE;
4607 		rdata->bytes	= nr_pages * PAGE_SIZE;
4608 		rdata->cfile	= cifsFileInfo_get(open_file);
4609 		rdata->server	= server;
4610 		rdata->mapping	= ractl->mapping;
4611 		rdata->pid	= pid;
4612 		rdata->credits	= credits_on_stack;
4613 
4614 		for (i = 0; i < nr_pages; i++) {
4615 			if (!readahead_folio(ractl))
4616 				WARN_ON(1);
4617 		}
4618 		ra_pages -= nr_pages;
4619 		ra_index += nr_pages;
4620 
4621 		iov_iter_xarray(&rdata->iter, ITER_DEST, &rdata->mapping->i_pages,
4622 				rdata->offset, rdata->bytes);
4623 
4624 		rc = adjust_credits(server, &rdata->credits, rdata->bytes);
4625 		if (!rc) {
4626 			if (rdata->cfile->invalidHandle)
4627 				rc = -EAGAIN;
4628 			else
4629 				rc = server->ops->async_readv(rdata);
4630 		}
4631 
4632 		if (rc) {
4633 			add_credits_and_wake_if(server, &rdata->credits, 0);
4634 			cifs_unlock_folios(rdata->mapping,
4635 					   rdata->offset / PAGE_SIZE,
4636 					   (rdata->offset + rdata->bytes - 1) / PAGE_SIZE);
4637 			/* Fallback to the readpage in error/reconnect cases */
4638 			kref_put(&rdata->refcount, cifs_readdata_release);
4639 			break;
4640 		}
4641 
4642 		kref_put(&rdata->refcount, cifs_readdata_release);
4643 	}
4644 
4645 	free_xid(xid);
4646 }
4647 
4648 /*
4649  * cifs_readpage_worker must be called with the page pinned
4650  */
cifs_readpage_worker(struct file * file,struct page * page,loff_t * poffset)4651 static int cifs_readpage_worker(struct file *file, struct page *page,
4652 	loff_t *poffset)
4653 {
4654 	struct inode *inode = file_inode(file);
4655 	struct timespec64 atime, mtime;
4656 	char *read_data;
4657 	int rc;
4658 
4659 	/* Is the page cached? */
4660 	rc = cifs_readpage_from_fscache(inode, page);
4661 	if (rc == 0)
4662 		goto read_complete;
4663 
4664 	read_data = kmap(page);
4665 	/* for reads over a certain size could initiate async read ahead */
4666 
4667 	rc = cifs_read(file, read_data, PAGE_SIZE, poffset);
4668 
4669 	if (rc < 0)
4670 		goto io_error;
4671 	else
4672 		cifs_dbg(FYI, "Bytes read %d\n", rc);
4673 
4674 	/* we do not want atime to be less than mtime, it broke some apps */
4675 	atime = inode_set_atime_to_ts(inode, current_time(inode));
4676 	mtime = inode_get_mtime(inode);
4677 	if (timespec64_compare(&atime, &mtime) < 0)
4678 		inode_set_atime_to_ts(inode, inode_get_mtime(inode));
4679 
4680 	if (PAGE_SIZE > rc)
4681 		memset(read_data + rc, 0, PAGE_SIZE - rc);
4682 
4683 	flush_dcache_page(page);
4684 	SetPageUptodate(page);
4685 	rc = 0;
4686 
4687 io_error:
4688 	kunmap(page);
4689 
4690 read_complete:
4691 	unlock_page(page);
4692 	return rc;
4693 }
4694 
cifs_read_folio(struct file * file,struct folio * folio)4695 static int cifs_read_folio(struct file *file, struct folio *folio)
4696 {
4697 	struct page *page = &folio->page;
4698 	loff_t offset = page_file_offset(page);
4699 	int rc = -EACCES;
4700 	unsigned int xid;
4701 
4702 	xid = get_xid();
4703 
4704 	if (file->private_data == NULL) {
4705 		rc = -EBADF;
4706 		free_xid(xid);
4707 		return rc;
4708 	}
4709 
4710 	cifs_dbg(FYI, "read_folio %p at offset %d 0x%x\n",
4711 		 page, (int)offset, (int)offset);
4712 
4713 	rc = cifs_readpage_worker(file, page, &offset);
4714 
4715 	free_xid(xid);
4716 	return rc;
4717 }
4718 
is_inode_writable(struct cifsInodeInfo * cifs_inode)4719 static int is_inode_writable(struct cifsInodeInfo *cifs_inode)
4720 {
4721 	struct cifsFileInfo *open_file;
4722 
4723 	spin_lock(&cifs_inode->open_file_lock);
4724 	list_for_each_entry(open_file, &cifs_inode->openFileList, flist) {
4725 		if (OPEN_FMODE(open_file->f_flags) & FMODE_WRITE) {
4726 			spin_unlock(&cifs_inode->open_file_lock);
4727 			return 1;
4728 		}
4729 	}
4730 	spin_unlock(&cifs_inode->open_file_lock);
4731 	return 0;
4732 }
4733 
4734 /* We do not want to update the file size from server for inodes
4735    open for write - to avoid races with writepage extending
4736    the file - in the future we could consider allowing
4737    refreshing the inode only on increases in the file size
4738    but this is tricky to do without racing with writebehind
4739    page caching in the current Linux kernel design */
is_size_safe_to_change(struct cifsInodeInfo * cifsInode,__u64 end_of_file)4740 bool is_size_safe_to_change(struct cifsInodeInfo *cifsInode, __u64 end_of_file)
4741 {
4742 	if (!cifsInode)
4743 		return true;
4744 
4745 	if (is_inode_writable(cifsInode)) {
4746 		/* This inode is open for write at least once */
4747 		struct cifs_sb_info *cifs_sb;
4748 
4749 		cifs_sb = CIFS_SB(cifsInode->netfs.inode.i_sb);
4750 		if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_DIRECT_IO) {
4751 			/* since no page cache to corrupt on directio
4752 			we can change size safely */
4753 			return true;
4754 		}
4755 
4756 		if (i_size_read(&cifsInode->netfs.inode) < end_of_file)
4757 			return true;
4758 
4759 		return false;
4760 	} else
4761 		return true;
4762 }
4763 
cifs_write_begin(struct file * file,struct address_space * mapping,loff_t pos,unsigned len,struct page ** pagep,void ** fsdata)4764 static int cifs_write_begin(struct file *file, struct address_space *mapping,
4765 			loff_t pos, unsigned len,
4766 			struct page **pagep, void **fsdata)
4767 {
4768 	int oncethru = 0;
4769 	pgoff_t index = pos >> PAGE_SHIFT;
4770 	loff_t offset = pos & (PAGE_SIZE - 1);
4771 	loff_t page_start = pos & PAGE_MASK;
4772 	loff_t i_size;
4773 	struct page *page;
4774 	int rc = 0;
4775 
4776 	cifs_dbg(FYI, "write_begin from %lld len %d\n", (long long)pos, len);
4777 
4778 start:
4779 	page = grab_cache_page_write_begin(mapping, index);
4780 	if (!page) {
4781 		rc = -ENOMEM;
4782 		goto out;
4783 	}
4784 
4785 	if (PageUptodate(page))
4786 		goto out;
4787 
4788 	/*
4789 	 * If we write a full page it will be up to date, no need to read from
4790 	 * the server. If the write is short, we'll end up doing a sync write
4791 	 * instead.
4792 	 */
4793 	if (len == PAGE_SIZE)
4794 		goto out;
4795 
4796 	/*
4797 	 * optimize away the read when we have an oplock, and we're not
4798 	 * expecting to use any of the data we'd be reading in. That
4799 	 * is, when the page lies beyond the EOF, or straddles the EOF
4800 	 * and the write will cover all of the existing data.
4801 	 */
4802 	if (CIFS_CACHE_READ(CIFS_I(mapping->host))) {
4803 		i_size = i_size_read(mapping->host);
4804 		if (page_start >= i_size ||
4805 		    (offset == 0 && (pos + len) >= i_size)) {
4806 			zero_user_segments(page, 0, offset,
4807 					   offset + len,
4808 					   PAGE_SIZE);
4809 			/*
4810 			 * PageChecked means that the parts of the page
4811 			 * to which we're not writing are considered up
4812 			 * to date. Once the data is copied to the
4813 			 * page, it can be set uptodate.
4814 			 */
4815 			SetPageChecked(page);
4816 			goto out;
4817 		}
4818 	}
4819 
4820 	if ((file->f_flags & O_ACCMODE) != O_WRONLY && !oncethru) {
4821 		/*
4822 		 * might as well read a page, it is fast enough. If we get
4823 		 * an error, we don't need to return it. cifs_write_end will
4824 		 * do a sync write instead since PG_uptodate isn't set.
4825 		 */
4826 		cifs_readpage_worker(file, page, &page_start);
4827 		put_page(page);
4828 		oncethru = 1;
4829 		goto start;
4830 	} else {
4831 		/* we could try using another file handle if there is one -
4832 		   but how would we lock it to prevent close of that handle
4833 		   racing with this read? In any case
4834 		   this will be written out by write_end so is fine */
4835 	}
4836 out:
4837 	*pagep = page;
4838 	return rc;
4839 }
4840 
cifs_release_folio(struct folio * folio,gfp_t gfp)4841 static bool cifs_release_folio(struct folio *folio, gfp_t gfp)
4842 {
4843 	if (folio_test_private(folio))
4844 		return 0;
4845 	if (folio_test_fscache(folio)) {
4846 		if (current_is_kswapd() || !(gfp & __GFP_FS))
4847 			return false;
4848 		folio_wait_fscache(folio);
4849 	}
4850 	fscache_note_page_release(cifs_inode_cookie(folio->mapping->host));
4851 	return true;
4852 }
4853 
cifs_invalidate_folio(struct folio * folio,size_t offset,size_t length)4854 static void cifs_invalidate_folio(struct folio *folio, size_t offset,
4855 				 size_t length)
4856 {
4857 	folio_wait_fscache(folio);
4858 }
4859 
cifs_launder_folio(struct folio * folio)4860 static int cifs_launder_folio(struct folio *folio)
4861 {
4862 	int rc = 0;
4863 	loff_t range_start = folio_pos(folio);
4864 	loff_t range_end = range_start + folio_size(folio);
4865 	struct writeback_control wbc = {
4866 		.sync_mode = WB_SYNC_ALL,
4867 		.nr_to_write = 0,
4868 		.range_start = range_start,
4869 		.range_end = range_end,
4870 	};
4871 
4872 	cifs_dbg(FYI, "Launder page: %lu\n", folio->index);
4873 
4874 	if (folio_clear_dirty_for_io(folio))
4875 		rc = cifs_writepage_locked(&folio->page, &wbc);
4876 
4877 	folio_wait_fscache(folio);
4878 	return rc;
4879 }
4880 
cifs_oplock_break(struct work_struct * work)4881 void cifs_oplock_break(struct work_struct *work)
4882 {
4883 	struct cifsFileInfo *cfile = container_of(work, struct cifsFileInfo,
4884 						  oplock_break);
4885 	struct inode *inode = d_inode(cfile->dentry);
4886 	struct cifs_sb_info *cifs_sb = CIFS_SB(inode->i_sb);
4887 	struct cifsInodeInfo *cinode = CIFS_I(inode);
4888 	struct cifs_tcon *tcon;
4889 	struct TCP_Server_Info *server;
4890 	struct tcon_link *tlink;
4891 	int rc = 0;
4892 	bool purge_cache = false, oplock_break_cancelled;
4893 	__u64 persistent_fid, volatile_fid;
4894 	__u16 net_fid;
4895 
4896 	wait_on_bit(&cinode->flags, CIFS_INODE_PENDING_WRITERS,
4897 			TASK_UNINTERRUPTIBLE);
4898 
4899 	tlink = cifs_sb_tlink(cifs_sb);
4900 	if (IS_ERR(tlink))
4901 		goto out;
4902 	tcon = tlink_tcon(tlink);
4903 	server = tcon->ses->server;
4904 
4905 	server->ops->downgrade_oplock(server, cinode, cfile->oplock_level,
4906 				      cfile->oplock_epoch, &purge_cache);
4907 
4908 	if (!CIFS_CACHE_WRITE(cinode) && CIFS_CACHE_READ(cinode) &&
4909 						cifs_has_mand_locks(cinode)) {
4910 		cifs_dbg(FYI, "Reset oplock to None for inode=%p due to mand locks\n",
4911 			 inode);
4912 		cinode->oplock = 0;
4913 	}
4914 
4915 	if (inode && S_ISREG(inode->i_mode)) {
4916 		if (CIFS_CACHE_READ(cinode))
4917 			break_lease(inode, O_RDONLY);
4918 		else
4919 			break_lease(inode, O_WRONLY);
4920 		rc = filemap_fdatawrite(inode->i_mapping);
4921 		if (!CIFS_CACHE_READ(cinode) || purge_cache) {
4922 			rc = filemap_fdatawait(inode->i_mapping);
4923 			mapping_set_error(inode->i_mapping, rc);
4924 			cifs_zap_mapping(inode);
4925 		}
4926 		cifs_dbg(FYI, "Oplock flush inode %p rc %d\n", inode, rc);
4927 		if (CIFS_CACHE_WRITE(cinode))
4928 			goto oplock_break_ack;
4929 	}
4930 
4931 	rc = cifs_push_locks(cfile);
4932 	if (rc)
4933 		cifs_dbg(VFS, "Push locks rc = %d\n", rc);
4934 
4935 oplock_break_ack:
4936 	/*
4937 	 * When oplock break is received and there are no active
4938 	 * file handles but cached, then schedule deferred close immediately.
4939 	 * So, new open will not use cached handle.
4940 	 */
4941 
4942 	if (!CIFS_CACHE_HANDLE(cinode) && !list_empty(&cinode->deferred_closes))
4943 		cifs_close_deferred_file(cinode);
4944 
4945 	persistent_fid = cfile->fid.persistent_fid;
4946 	volatile_fid = cfile->fid.volatile_fid;
4947 	net_fid = cfile->fid.netfid;
4948 	oplock_break_cancelled = cfile->oplock_break_cancelled;
4949 
4950 	_cifsFileInfo_put(cfile, false /* do not wait for ourself */, false);
4951 	/*
4952 	 * MS-SMB2 3.2.5.19.1 and 3.2.5.19.2 (and MS-CIFS 3.2.5.42) do not require
4953 	 * an acknowledgment to be sent when the file has already been closed.
4954 	 */
4955 	spin_lock(&cinode->open_file_lock);
4956 	/* check list empty since can race with kill_sb calling tree disconnect */
4957 	if (!oplock_break_cancelled && !list_empty(&cinode->openFileList)) {
4958 		spin_unlock(&cinode->open_file_lock);
4959 		rc = server->ops->oplock_response(tcon, persistent_fid,
4960 						  volatile_fid, net_fid, cinode);
4961 		cifs_dbg(FYI, "Oplock release rc = %d\n", rc);
4962 	} else
4963 		spin_unlock(&cinode->open_file_lock);
4964 
4965 	cifs_put_tlink(tlink);
4966 out:
4967 	cifs_done_oplock_break(cinode);
4968 }
4969 
4970 /*
4971  * The presence of cifs_direct_io() in the address space ops vector
4972  * allowes open() O_DIRECT flags which would have failed otherwise.
4973  *
4974  * In the non-cached mode (mount with cache=none), we shunt off direct read and write requests
4975  * so this method should never be called.
4976  *
4977  * Direct IO is not yet supported in the cached mode.
4978  */
4979 static ssize_t
cifs_direct_io(struct kiocb * iocb,struct iov_iter * iter)4980 cifs_direct_io(struct kiocb *iocb, struct iov_iter *iter)
4981 {
4982         /*
4983          * FIXME
4984          * Eventually need to support direct IO for non forcedirectio mounts
4985          */
4986         return -EINVAL;
4987 }
4988 
cifs_swap_activate(struct swap_info_struct * sis,struct file * swap_file,sector_t * span)4989 static int cifs_swap_activate(struct swap_info_struct *sis,
4990 			      struct file *swap_file, sector_t *span)
4991 {
4992 	struct cifsFileInfo *cfile = swap_file->private_data;
4993 	struct inode *inode = swap_file->f_mapping->host;
4994 	unsigned long blocks;
4995 	long long isize;
4996 
4997 	cifs_dbg(FYI, "swap activate\n");
4998 
4999 	if (!swap_file->f_mapping->a_ops->swap_rw)
5000 		/* Cannot support swap */
5001 		return -EINVAL;
5002 
5003 	spin_lock(&inode->i_lock);
5004 	blocks = inode->i_blocks;
5005 	isize = inode->i_size;
5006 	spin_unlock(&inode->i_lock);
5007 	if (blocks*512 < isize) {
5008 		pr_warn("swap activate: swapfile has holes\n");
5009 		return -EINVAL;
5010 	}
5011 	*span = sis->pages;
5012 
5013 	pr_warn_once("Swap support over SMB3 is experimental\n");
5014 
5015 	/*
5016 	 * TODO: consider adding ACL (or documenting how) to prevent other
5017 	 * users (on this or other systems) from reading it
5018 	 */
5019 
5020 
5021 	/* TODO: add sk_set_memalloc(inet) or similar */
5022 
5023 	if (cfile)
5024 		cfile->swapfile = true;
5025 	/*
5026 	 * TODO: Since file already open, we can't open with DENY_ALL here
5027 	 * but we could add call to grab a byte range lock to prevent others
5028 	 * from reading or writing the file
5029 	 */
5030 
5031 	sis->flags |= SWP_FS_OPS;
5032 	return add_swap_extent(sis, 0, sis->max, 0);
5033 }
5034 
cifs_swap_deactivate(struct file * file)5035 static void cifs_swap_deactivate(struct file *file)
5036 {
5037 	struct cifsFileInfo *cfile = file->private_data;
5038 
5039 	cifs_dbg(FYI, "swap deactivate\n");
5040 
5041 	/* TODO: undo sk_set_memalloc(inet) will eventually be needed */
5042 
5043 	if (cfile)
5044 		cfile->swapfile = false;
5045 
5046 	/* do we need to unpin (or unlock) the file */
5047 }
5048 
5049 /*
5050  * Mark a page as having been made dirty and thus needing writeback.  We also
5051  * need to pin the cache object to write back to.
5052  */
5053 #ifdef CONFIG_CIFS_FSCACHE
cifs_dirty_folio(struct address_space * mapping,struct folio * folio)5054 static bool cifs_dirty_folio(struct address_space *mapping, struct folio *folio)
5055 {
5056 	return fscache_dirty_folio(mapping, folio,
5057 					cifs_inode_cookie(mapping->host));
5058 }
5059 #else
5060 #define cifs_dirty_folio filemap_dirty_folio
5061 #endif
5062 
5063 const struct address_space_operations cifs_addr_ops = {
5064 	.read_folio = cifs_read_folio,
5065 	.readahead = cifs_readahead,
5066 	.writepages = cifs_writepages,
5067 	.write_begin = cifs_write_begin,
5068 	.write_end = cifs_write_end,
5069 	.dirty_folio = cifs_dirty_folio,
5070 	.release_folio = cifs_release_folio,
5071 	.direct_IO = cifs_direct_io,
5072 	.invalidate_folio = cifs_invalidate_folio,
5073 	.launder_folio = cifs_launder_folio,
5074 	.migrate_folio = filemap_migrate_folio,
5075 	/*
5076 	 * TODO: investigate and if useful we could add an is_dirty_writeback
5077 	 * helper if needed
5078 	 */
5079 	.swap_activate = cifs_swap_activate,
5080 	.swap_deactivate = cifs_swap_deactivate,
5081 };
5082 
5083 /*
5084  * cifs_readahead requires the server to support a buffer large enough to
5085  * contain the header plus one complete page of data.  Otherwise, we need
5086  * to leave cifs_readahead out of the address space operations.
5087  */
5088 const struct address_space_operations cifs_addr_ops_smallbuf = {
5089 	.read_folio = cifs_read_folio,
5090 	.writepages = cifs_writepages,
5091 	.write_begin = cifs_write_begin,
5092 	.write_end = cifs_write_end,
5093 	.dirty_folio = cifs_dirty_folio,
5094 	.release_folio = cifs_release_folio,
5095 	.invalidate_folio = cifs_invalidate_folio,
5096 	.launder_folio = cifs_launder_folio,
5097 	.migrate_folio = filemap_migrate_folio,
5098 };
5099