1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2016 Namjae Jeon <linkinjeon@kernel.org> 4 * Copyright (C) 2018 Samsung Electronics Co., Ltd. 5 */ 6 7 #include <linux/moduleparam.h> 8 #include <linux/err.h> 9 10 #include "glob.h" 11 #include "oplock.h" 12 13 #include "smb_common.h" 14 #include "../common/smb2status.h" 15 #include "connection.h" 16 #include "mgmt/user_session.h" 17 #include "mgmt/share_config.h" 18 #include "mgmt/tree_connect.h" 19 20 static LIST_HEAD(lease_table_list); 21 static DEFINE_RWLOCK(lease_list_lock); 22 23 #define SMB2_LEASE_STATE_MASK_LE (SMB2_LEASE_READ_CACHING_LE | \ 24 SMB2_LEASE_HANDLE_CACHING_LE | \ 25 SMB2_LEASE_WRITE_CACHING_LE) 26 27 static bool lease_state_valid(__le32 state) 28 { 29 return !(state & ~SMB2_LEASE_STATE_MASK_LE); 30 } 31 32 static __le32 lease_state_grantable(__le32 state) 33 { 34 if (state == SMB2_LEASE_READ_CACHING_LE || 35 state == (SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_HANDLE_CACHING_LE) || 36 state == (SMB2_LEASE_READ_CACHING_LE | SMB2_LEASE_WRITE_CACHING_LE) || 37 state == SMB2_LEASE_STATE_MASK_LE) 38 return state; 39 40 return 0; 41 } 42 43 static bool lease_v2_flags_valid(__le32 flags) 44 { 45 return !(flags & ~SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE); 46 } 47 48 static bool lease_has_parent_key(struct lease *lease) 49 { 50 return lease->flags & SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE; 51 } 52 53 static bool lease_break_in_progress(struct lease *lease) 54 { 55 struct oplock_info *opinfo; 56 bool ret = false; 57 58 spin_lock(&lease->lock); 59 list_for_each_entry(opinfo, &lease->open_list, lease_entry) { 60 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 61 ret = true; 62 break; 63 } 64 } 65 spin_unlock(&lease->lock); 66 67 return ret; 68 } 69 70 /** 71 * alloc_opinfo() - allocate a new opinfo object for oplock info 72 * @work: smb work 73 * @id: fid of open file 74 * @Tid: tree id of connection 75 * 76 * Return: allocated opinfo object on success, otherwise NULL 77 */ 78 static struct oplock_info *alloc_opinfo(struct ksmbd_work *work, 79 u64 id, __u16 Tid) 80 { 81 struct ksmbd_session *sess = work->sess; 82 struct oplock_info *opinfo; 83 84 opinfo = kzalloc_obj(struct oplock_info, KSMBD_DEFAULT_GFP); 85 if (!opinfo) 86 return NULL; 87 88 opinfo->sess = sess; 89 opinfo->conn = ksmbd_conn_get(work->conn); 90 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 91 opinfo->op_state = OPLOCK_STATE_NONE; 92 opinfo->pending_break = 0; 93 opinfo->fid = id; 94 opinfo->Tid = Tid; 95 INIT_LIST_HEAD(&opinfo->op_entry); 96 INIT_LIST_HEAD(&opinfo->lease_entry); 97 init_waitqueue_head(&opinfo->oplock_q); 98 init_waitqueue_head(&opinfo->oplock_brk); 99 atomic_set(&opinfo->refcount, 1); 100 atomic_set(&opinfo->breaking_cnt, 0); 101 102 return opinfo; 103 } 104 105 static void lease_get(struct lease *lease) 106 { 107 atomic_inc(&lease->refcount); 108 } 109 110 static void lease_put(struct lease *lease) 111 { 112 if (lease && atomic_dec_and_test(&lease->refcount)) 113 kfree(lease); 114 } 115 116 static void lease_add_table(struct lease *lease, struct lease_table *lb) 117 { 118 lease_get(lease); 119 lease->l_lb = lb; 120 spin_lock(&lb->lb_lock); 121 list_add_rcu(&lease->l_entry, &lb->lease_list); 122 spin_unlock(&lb->lb_lock); 123 } 124 125 static void lease_del_table(struct lease *lease) 126 { 127 struct lease_table *lb = lease->l_lb; 128 129 if (!lb) 130 return; 131 132 spin_lock(&lb->lb_lock); 133 if (list_empty(&lease->l_entry)) { 134 spin_unlock(&lb->lb_lock); 135 return; 136 } 137 138 list_del_init(&lease->l_entry); 139 lease->l_lb = NULL; 140 spin_unlock(&lb->lb_lock); 141 142 lease_put(lease); 143 } 144 145 static struct lease_table *alloc_lease_table(struct oplock_info *opinfo) 146 { 147 struct lease_table *lb; 148 149 lb = kmalloc_obj(struct lease_table, KSMBD_DEFAULT_GFP); 150 if (!lb) 151 return NULL; 152 153 memcpy(lb->client_guid, opinfo->conn->ClientGUID, 154 SMB2_CLIENT_GUID_SIZE); 155 lb->conn = ksmbd_conn_get(opinfo->conn); 156 INIT_LIST_HEAD(&lb->lease_list); 157 spin_lock_init(&lb->lb_lock); 158 return lb; 159 } 160 161 static void free_lease_table(struct lease_table *lb) 162 { 163 if (!lb) 164 return; 165 166 ksmbd_conn_put(lb->conn); 167 kfree(lb); 168 } 169 170 static struct lease *alloc_lease(struct lease_ctx_info *lctx, 171 struct ksmbd_inode *ci) 172 { 173 struct lease *lease; 174 175 lease = kmalloc_obj(struct lease, KSMBD_DEFAULT_GFP); 176 if (!lease) 177 return NULL; 178 179 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 180 lease->state = lctx->req_state; 181 lease->new_state = 0; 182 lease->flags = lctx->flags; 183 lease->duration = lctx->duration; 184 lease->is_dir = lctx->is_dir; 185 memcpy(lease->parent_lease_key, lctx->parent_lease_key, SMB2_LEASE_KEY_SIZE); 186 lease->version = lctx->version; 187 lease->epoch = lctx->version == 2 ? le16_to_cpu(lctx->epoch) + 1 : 0; 188 lease->ci = ci; 189 lease->reuse_epoch = false; 190 lease->l_lb = NULL; 191 INIT_LIST_HEAD(&lease->l_entry); 192 INIT_LIST_HEAD(&lease->open_list); 193 spin_lock_init(&lease->lock); 194 atomic_set(&lease->refcount, 1); 195 196 return lease; 197 } 198 199 static void lease_add_open(struct lease *lease, struct oplock_info *opinfo) 200 { 201 spin_lock(&lease->lock); 202 list_add(&opinfo->lease_entry, &lease->open_list); 203 spin_unlock(&lease->lock); 204 } 205 206 static void lease_del_open(struct oplock_info *opinfo) 207 { 208 struct lease *lease = opinfo->o_lease; 209 bool remove_table = false; 210 211 if (!lease) 212 return; 213 214 spin_lock(&lease->lock); 215 if (!list_empty(&opinfo->lease_entry)) { 216 list_del_init(&opinfo->lease_entry); 217 remove_table = list_empty(&lease->open_list); 218 } 219 spin_unlock(&lease->lock); 220 221 if (remove_table) { 222 write_lock(&lease_list_lock); 223 lease_del_table(lease); 224 write_unlock(&lease_list_lock); 225 } 226 } 227 228 static void free_lease(struct oplock_info *opinfo) 229 { 230 lease_put(opinfo->o_lease); 231 } 232 233 static void __free_opinfo(struct oplock_info *opinfo) 234 { 235 if (opinfo->is_lease) 236 free_lease(opinfo); 237 ksmbd_conn_put(opinfo->conn); 238 kfree(opinfo); 239 } 240 241 static void free_opinfo_rcu(struct rcu_head *rcu) 242 { 243 struct oplock_info *opinfo = container_of(rcu, struct oplock_info, rcu); 244 245 __free_opinfo(opinfo); 246 } 247 248 static void free_opinfo(struct oplock_info *opinfo) 249 { 250 call_rcu(&opinfo->rcu, free_opinfo_rcu); 251 } 252 253 void lease_update_oplock_levels(struct lease *lease) 254 { 255 struct oplock_info *opinfo; 256 __u8 level; 257 258 if (!lease) 259 return; 260 261 level = smb2_map_lease_to_oplock(lease->state); 262 spin_lock(&lease->lock); 263 list_for_each_entry(opinfo, &lease->open_list, lease_entry) 264 opinfo->level = level; 265 spin_unlock(&lease->lock); 266 } 267 268 struct oplock_info *opinfo_get(struct ksmbd_file *fp) 269 { 270 struct oplock_info *opinfo; 271 272 rcu_read_lock(); 273 opinfo = rcu_dereference(fp->f_opinfo); 274 if (opinfo && !atomic_inc_not_zero(&opinfo->refcount)) 275 opinfo = NULL; 276 rcu_read_unlock(); 277 278 return opinfo; 279 } 280 281 static struct oplock_info *opinfo_get_list(struct ksmbd_inode *ci) 282 { 283 struct oplock_info *opinfo; 284 285 down_read(&ci->m_lock); 286 opinfo = list_first_entry_or_null(&ci->m_op_list, struct oplock_info, 287 op_entry); 288 if (opinfo) { 289 if (opinfo->conn == NULL || 290 !atomic_inc_not_zero(&opinfo->refcount)) 291 opinfo = NULL; 292 else { 293 if (ksmbd_conn_releasing(opinfo->conn)) { 294 atomic_dec(&opinfo->refcount); 295 opinfo = NULL; 296 } 297 } 298 } 299 up_read(&ci->m_lock); 300 301 return opinfo; 302 } 303 304 void opinfo_put(struct oplock_info *opinfo) 305 { 306 if (!opinfo) 307 return; 308 309 if (!atomic_dec_and_test(&opinfo->refcount)) 310 return; 311 312 free_opinfo(opinfo); 313 } 314 315 static bool ksmbd_inode_has_lease(struct ksmbd_inode *ci) 316 { 317 struct oplock_info *opinfo = opinfo_get_list(ci); 318 bool is_lease; 319 320 if (!opinfo) 321 return false; 322 is_lease = opinfo->is_lease; 323 opinfo_put(opinfo); 324 return is_lease; 325 } 326 327 static void opinfo_add(struct oplock_info *opinfo, struct ksmbd_file *fp) 328 { 329 struct ksmbd_inode *ci = fp->f_ci; 330 331 down_write(&ci->m_lock); 332 list_add(&opinfo->op_entry, &ci->m_op_list); 333 up_write(&ci->m_lock); 334 } 335 336 static void opinfo_del(struct oplock_info *opinfo) 337 { 338 struct ksmbd_inode *ci = opinfo->o_fp->f_ci; 339 340 if (opinfo->is_lease) 341 lease_del_open(opinfo); 342 343 down_write(&ci->m_lock); 344 list_del(&opinfo->op_entry); 345 up_write(&ci->m_lock); 346 } 347 348 static unsigned long opinfo_count(struct ksmbd_file *fp) 349 { 350 if (ksmbd_stream_fd(fp)) 351 return atomic_read(&fp->f_ci->sop_count); 352 else 353 return atomic_read(&fp->f_ci->op_count); 354 } 355 356 static void opinfo_count_inc(struct ksmbd_file *fp) 357 { 358 if (ksmbd_stream_fd(fp)) 359 return atomic_inc(&fp->f_ci->sop_count); 360 else 361 return atomic_inc(&fp->f_ci->op_count); 362 } 363 364 static void opinfo_count_dec(struct ksmbd_file *fp) 365 { 366 if (ksmbd_stream_fd(fp)) 367 return atomic_dec(&fp->f_ci->sop_count); 368 else 369 return atomic_dec(&fp->f_ci->op_count); 370 } 371 372 /** 373 * opinfo_write_to_read() - convert a write oplock to read oplock 374 * @opinfo: current oplock info 375 * 376 * Return: 0 on success, otherwise -EINVAL 377 */ 378 int opinfo_write_to_read(struct oplock_info *opinfo) 379 { 380 struct lease *lease = opinfo->o_lease; 381 382 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH || 383 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) { 384 pr_err("bad oplock(0x%x)\n", opinfo->level); 385 if (opinfo->is_lease) 386 pr_err("lease state(0x%x)\n", lease->state); 387 return -EINVAL; 388 } 389 opinfo->level = SMB2_OPLOCK_LEVEL_II; 390 391 if (opinfo->is_lease) { 392 lease->state = lease->new_state; 393 lease_update_oplock_levels(lease); 394 } 395 return 0; 396 } 397 398 /** 399 * opinfo_read_handle_to_read() - convert a read/handle oplock to read oplock 400 * @opinfo: current oplock info 401 * 402 * Return: 0 on success, otherwise -EINVAL 403 */ 404 int opinfo_read_handle_to_read(struct oplock_info *opinfo) 405 { 406 struct lease *lease = opinfo->o_lease; 407 408 lease->state = lease->new_state; 409 lease_update_oplock_levels(lease); 410 return 0; 411 } 412 413 /** 414 * opinfo_write_to_none() - convert a write oplock to none 415 * @opinfo: current oplock info 416 * 417 * Return: 0 on success, otherwise -EINVAL 418 */ 419 int opinfo_write_to_none(struct oplock_info *opinfo) 420 { 421 struct lease *lease = opinfo->o_lease; 422 423 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH || 424 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) { 425 pr_err("bad oplock(0x%x)\n", opinfo->level); 426 if (opinfo->is_lease) 427 pr_err("lease state(0x%x)\n", lease->state); 428 return -EINVAL; 429 } 430 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 431 if (opinfo->is_lease) { 432 lease->state = lease->new_state; 433 lease_update_oplock_levels(lease); 434 } 435 return 0; 436 } 437 438 /** 439 * opinfo_read_to_none() - convert a write read to none 440 * @opinfo: current oplock info 441 * 442 * Return: 0 on success, otherwise -EINVAL 443 */ 444 int opinfo_read_to_none(struct oplock_info *opinfo) 445 { 446 struct lease *lease = opinfo->o_lease; 447 448 if (opinfo->level != SMB2_OPLOCK_LEVEL_II) { 449 pr_err("bad oplock(0x%x)\n", opinfo->level); 450 if (opinfo->is_lease) 451 pr_err("lease state(0x%x)\n", lease->state); 452 return -EINVAL; 453 } 454 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 455 if (opinfo->is_lease) { 456 lease->state = lease->new_state; 457 lease_update_oplock_levels(lease); 458 } 459 return 0; 460 } 461 462 /** 463 * lease_read_to_write() - upgrade lease state from read to write 464 * @opinfo: current lease info 465 * 466 * Return: 0 on success, otherwise -EINVAL 467 */ 468 int lease_read_to_write(struct oplock_info *opinfo) 469 { 470 struct lease *lease = opinfo->o_lease; 471 472 if (!(lease->state & SMB2_LEASE_READ_CACHING_LE)) { 473 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state); 474 return -EINVAL; 475 } 476 477 lease->new_state = SMB2_LEASE_NONE_LE; 478 lease->state |= SMB2_LEASE_WRITE_CACHING_LE; 479 lease_update_oplock_levels(lease); 480 return 0; 481 } 482 483 /** 484 * lease_none_upgrade() - upgrade lease state from none 485 * @opinfo: current lease info 486 * @new_state: new lease state 487 * 488 * Return: 0 on success, otherwise -EINVAL 489 */ 490 static int lease_none_upgrade(struct oplock_info *opinfo, __le32 new_state) 491 { 492 struct lease *lease = opinfo->o_lease; 493 494 if (!(lease->state == SMB2_LEASE_NONE_LE)) { 495 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state); 496 return -EINVAL; 497 } 498 499 lease->new_state = SMB2_LEASE_NONE_LE; 500 lease->state = new_state; 501 lease_update_oplock_levels(lease); 502 503 return 0; 504 } 505 506 /** 507 * close_id_del_oplock() - release oplock object at file close time 508 * @fp: ksmbd file pointer 509 */ 510 void close_id_del_oplock(struct ksmbd_file *fp) 511 { 512 struct oplock_info *opinfo; 513 514 if (fp->reserve_lease_break) 515 smb_lazy_parent_lease_break_close(fp); 516 517 opinfo = opinfo_get(fp); 518 if (!opinfo) 519 return; 520 521 opinfo_del(opinfo); 522 523 rcu_assign_pointer(fp->f_opinfo, NULL); 524 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 525 opinfo->op_state = OPLOCK_CLOSING; 526 wake_up_interruptible_all(&opinfo->oplock_q); 527 if (opinfo->is_lease) { 528 atomic_set(&opinfo->breaking_cnt, 0); 529 wake_up_interruptible_all(&opinfo->oplock_brk); 530 } 531 } 532 533 opinfo_count_dec(fp); 534 atomic_dec(&opinfo->refcount); 535 opinfo_put(opinfo); 536 } 537 538 /** 539 * grant_write_oplock() - grant exclusive/batch oplock or write lease 540 * @opinfo_new: new oplock info object 541 * @req_oplock: request oplock 542 * @lctx: lease context information 543 * 544 * Return: 0 545 */ 546 static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock, 547 struct lease_ctx_info *lctx) 548 { 549 struct lease *lease = opinfo_new->o_lease; 550 551 if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH) 552 opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH; 553 else 554 opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE; 555 556 if (lctx) { 557 lease->state = lctx->req_state; 558 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 559 } 560 } 561 562 /** 563 * grant_read_oplock() - grant level2 oplock or read lease 564 * @opinfo_new: new oplock info object 565 * @lctx: lease context information 566 * 567 * Return: 0 568 */ 569 static void grant_read_oplock(struct oplock_info *opinfo_new, 570 struct lease_ctx_info *lctx) 571 { 572 struct lease *lease = opinfo_new->o_lease; 573 574 opinfo_new->level = SMB2_OPLOCK_LEVEL_II; 575 576 if (lctx) { 577 lease->state = SMB2_LEASE_READ_CACHING_LE; 578 if (lctx->req_state & SMB2_LEASE_HANDLE_CACHING_LE) 579 lease->state |= SMB2_LEASE_HANDLE_CACHING_LE; 580 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 581 } 582 } 583 584 /** 585 * grant_none_oplock() - grant none oplock or none lease 586 * @opinfo_new: new oplock info object 587 * @lctx: lease context information 588 * 589 * Return: 0 590 */ 591 static void grant_none_oplock(struct oplock_info *opinfo_new, 592 struct lease_ctx_info *lctx) 593 { 594 struct lease *lease = opinfo_new->o_lease; 595 596 opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE; 597 598 if (lctx) { 599 lease->state = 0; 600 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE); 601 } 602 } 603 604 static inline int compare_guid_key(struct oplock_info *opinfo, 605 const char *guid1, const char *key1) 606 { 607 const char *guid2, *key2; 608 struct ksmbd_conn *conn; 609 610 conn = READ_ONCE(opinfo->conn); 611 if (!conn) 612 return 0; 613 guid2 = conn->ClientGUID; 614 key2 = opinfo->o_lease->lease_key; 615 if (!memcmp(guid1, guid2, SMB2_CLIENT_GUID_SIZE) && 616 !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE)) 617 return 1; 618 619 return 0; 620 } 621 622 /** 623 * same_client_has_lease() - check whether current lease request is 624 * from lease owner of file 625 * @ci: master file pointer 626 * @client_guid: Client GUID 627 * @lctx: lease context information 628 * 629 * Return: oplock(lease) object on success, otherwise NULL 630 */ 631 static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci, 632 const char *client_guid, 633 struct lease_ctx_info *lctx) 634 { 635 int ret; 636 struct lease *lease; 637 struct oplock_info *opinfo; 638 struct oplock_info *m_opinfo = NULL; 639 640 if (!lctx) 641 return NULL; 642 643 /* 644 * Compare lease key and client_guid to know request from same owner 645 * of same client 646 */ 647 down_read(&ci->m_lock); 648 list_for_each_entry(opinfo, &ci->m_op_list, op_entry) { 649 if (!opinfo->is_lease || !opinfo->conn) 650 continue; 651 lease = opinfo->o_lease; 652 653 ret = compare_guid_key(opinfo, client_guid, lctx->lease_key); 654 if (ret) { 655 if (!atomic_inc_not_zero(&opinfo->refcount)) 656 continue; 657 if (m_opinfo) 658 opinfo_put(m_opinfo); 659 m_opinfo = opinfo; 660 661 /* skip upgrading lease about breaking lease */ 662 if (atomic_read(&opinfo->breaking_cnt)) 663 continue; 664 665 /* upgrading lease */ 666 if ((atomic_read(&ci->op_count) + 667 atomic_read(&ci->sop_count)) == 1) { 668 if (lease->state != SMB2_LEASE_NONE_LE && 669 lease->state == (lctx->req_state & lease->state)) { 670 lease->epoch++; 671 lease->state |= lctx->req_state; 672 if (lctx->req_state & 673 SMB2_LEASE_WRITE_CACHING_LE) 674 lease_read_to_write(opinfo); 675 676 } 677 } else if ((atomic_read(&ci->op_count) + 678 atomic_read(&ci->sop_count)) > 1) { 679 if (lctx->req_state == 680 (SMB2_LEASE_READ_CACHING_LE | 681 SMB2_LEASE_HANDLE_CACHING_LE)) { 682 if (lease->state != lctx->req_state) { 683 lease->epoch++; 684 lease->state = lctx->req_state; 685 lease_update_oplock_levels(lease); 686 } 687 } 688 } 689 690 if (lctx->req_state && lease->state == 691 SMB2_LEASE_NONE_LE) { 692 lease->epoch++; 693 lease_none_upgrade(opinfo, lctx->req_state); 694 } 695 } 696 } 697 up_read(&ci->m_lock); 698 699 return m_opinfo; 700 } 701 702 static bool wait_for_break_ack(struct oplock_info *opinfo) 703 { 704 int rc = 0; 705 706 rc = wait_event_interruptible_timeout(opinfo->oplock_q, 707 opinfo->op_state == OPLOCK_STATE_NONE || 708 opinfo->op_state == OPLOCK_CLOSING, 709 OPLOCK_WAIT_TIME); 710 711 /* is this a timeout ? */ 712 if (!rc) { 713 if (opinfo->is_lease) { 714 opinfo->o_lease->state = SMB2_LEASE_NONE_LE; 715 lease_update_oplock_levels(opinfo->o_lease); 716 } 717 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 718 opinfo->op_state = OPLOCK_STATE_NONE; 719 return true; 720 } 721 722 return false; 723 } 724 725 static void wake_up_oplock_break(struct oplock_info *opinfo) 726 { 727 clear_bit_unlock(0, &opinfo->pending_break); 728 /* memory barrier is needed for wake_up_bit() */ 729 smp_mb__after_atomic(); 730 wake_up_bit(&opinfo->pending_break, 0); 731 } 732 733 static int oplock_break_pending(struct oplock_info *opinfo, int req_op_level) 734 { 735 while (test_and_set_bit(0, &opinfo->pending_break)) { 736 if (opinfo->is_lease) 737 opinfo->o_lease->reuse_epoch = true; 738 739 wait_on_bit(&opinfo->pending_break, 0, TASK_UNINTERRUPTIBLE); 740 741 /* Not immediately break to none. */ 742 opinfo->open_trunc = 0; 743 744 if (opinfo->op_state == OPLOCK_CLOSING) 745 return -ENOENT; 746 else if (opinfo->level <= req_op_level) { 747 if (opinfo->is_lease == false) 748 return 1; 749 750 if (opinfo->o_lease->state != 751 (SMB2_LEASE_HANDLE_CACHING_LE | 752 SMB2_LEASE_READ_CACHING_LE)) 753 return 1; 754 } 755 } 756 757 if (opinfo->level <= req_op_level) { 758 if (opinfo->is_lease == false) { 759 wake_up_oplock_break(opinfo); 760 return 1; 761 } 762 if (opinfo->o_lease->state != 763 (SMB2_LEASE_HANDLE_CACHING_LE | 764 SMB2_LEASE_READ_CACHING_LE)) { 765 wake_up_oplock_break(opinfo); 766 return 1; 767 } 768 } 769 return 0; 770 } 771 772 static bool lease_break_needed(struct oplock_info *opinfo, int req_op_level, 773 bool open_trunc) 774 { 775 struct lease *lease = opinfo->o_lease; 776 777 if (open_trunc) 778 return lease->state != SMB2_LEASE_NONE_LE; 779 780 return opinfo->level > req_op_level; 781 } 782 783 /** 784 * __smb2_oplock_break_noti() - send smb2 oplock break cmd from conn 785 * to client 786 * @wk: smb work object 787 * 788 * There are two ways this function can be called. 1- while file open we break 789 * from exclusive/batch lock to levelII oplock and 2- while file write/truncate 790 * we break from levelII oplock no oplock. 791 * work->request_buf contains oplock_info. 792 */ 793 static void __smb2_oplock_break_noti(struct work_struct *wk) 794 { 795 struct smb2_oplock_break *rsp = NULL; 796 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work); 797 struct ksmbd_conn *conn = work->conn; 798 struct oplock_break_info *br_info = work->request_buf; 799 struct smb2_hdr *rsp_hdr; 800 struct ksmbd_file *fp; 801 802 fp = ksmbd_lookup_global_fd(br_info->fid); 803 if (!fp) 804 goto out; 805 806 if (allocate_interim_rsp_buf(work)) { 807 pr_err("smb2_allocate_rsp_buf failed! "); 808 ksmbd_fd_put(work, fp); 809 goto out; 810 } 811 812 rsp_hdr = smb_get_msg(work->response_buf); 813 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); 814 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; 815 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; 816 rsp_hdr->CreditRequest = cpu_to_le16(0); 817 rsp_hdr->Command = SMB2_OPLOCK_BREAK; 818 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR); 819 rsp_hdr->NextCommand = 0; 820 rsp_hdr->MessageId = cpu_to_le64(-1); 821 rsp_hdr->Id.SyncId.ProcessId = 0; 822 rsp_hdr->Id.SyncId.TreeId = 0; 823 rsp_hdr->SessionId = 0; 824 memset(rsp_hdr->Signature, 0, 16); 825 826 rsp = smb_get_msg(work->response_buf); 827 828 rsp->StructureSize = cpu_to_le16(24); 829 if (!br_info->open_trunc && 830 (br_info->level == SMB2_OPLOCK_LEVEL_BATCH || 831 br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) 832 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_II; 833 else 834 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE; 835 rsp->Reserved = 0; 836 rsp->Reserved2 = 0; 837 rsp->PersistentFid = fp->persistent_id; 838 rsp->VolatileFid = fp->volatile_id; 839 840 ksmbd_fd_put(work, fp); 841 if (ksmbd_iov_pin_rsp(work, (void *)rsp, 842 sizeof(struct smb2_oplock_break))) 843 goto out; 844 845 ksmbd_debug(OPLOCK, 846 "sending oplock break v_id %llu p_id = %llu lock level = %d\n", 847 rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel); 848 849 ksmbd_conn_write(work); 850 851 out: 852 ksmbd_free_work_struct(work); 853 ksmbd_conn_r_count_dec(conn); 854 } 855 856 /** 857 * smb2_oplock_break_noti() - send smb2 exclusive/batch to level2 oplock 858 * break command from server to client 859 * @opinfo: oplock info object 860 * 861 * Return: 0 on success, otherwise error 862 */ 863 static int smb2_oplock_break_noti(struct oplock_info *opinfo) 864 { 865 struct ksmbd_conn *conn; 866 struct oplock_break_info *br_info; 867 int ret = 0; 868 struct ksmbd_work *work; 869 870 conn = READ_ONCE(opinfo->conn); 871 if (!conn) 872 return ksmbd_invalidate_durable_fd(opinfo->fid); 873 874 work = ksmbd_alloc_work_struct(); 875 if (!work) 876 return -ENOMEM; 877 878 br_info = kmalloc_obj(struct oplock_break_info, KSMBD_DEFAULT_GFP); 879 if (!br_info) { 880 ksmbd_free_work_struct(work); 881 return -ENOMEM; 882 } 883 884 br_info->level = opinfo->level; 885 br_info->fid = opinfo->fid; 886 br_info->open_trunc = opinfo->open_trunc; 887 888 work->request_buf = (char *)br_info; 889 work->conn = conn; 890 work->sess = opinfo->sess; 891 892 ksmbd_conn_r_count_inc(conn); 893 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 894 INIT_WORK(&work->work, __smb2_oplock_break_noti); 895 ksmbd_queue_work(work); 896 897 if (wait_for_break_ack(opinfo)) 898 ret = ksmbd_invalidate_durable_fd(opinfo->fid); 899 } else { 900 __smb2_oplock_break_noti(&work->work); 901 if (opinfo->level == SMB2_OPLOCK_LEVEL_II) 902 opinfo->level = SMB2_OPLOCK_LEVEL_NONE; 903 } 904 return ret; 905 } 906 907 /** 908 * __smb2_lease_break_noti() - send lease break command from server 909 * to client 910 * @wk: smb work object 911 */ 912 static void __smb2_lease_break_noti(struct work_struct *wk) 913 { 914 struct smb2_lease_break *rsp = NULL; 915 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work); 916 struct ksmbd_conn *conn = work->conn; 917 struct lease_break_info *br_info = work->request_buf; 918 struct smb2_hdr *rsp_hdr; 919 920 if (allocate_interim_rsp_buf(work)) { 921 ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! "); 922 goto out; 923 } 924 925 rsp_hdr = smb_get_msg(work->response_buf); 926 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2); 927 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER; 928 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE; 929 rsp_hdr->CreditRequest = cpu_to_le16(0); 930 rsp_hdr->Command = SMB2_OPLOCK_BREAK; 931 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR); 932 rsp_hdr->NextCommand = 0; 933 rsp_hdr->MessageId = cpu_to_le64(-1); 934 rsp_hdr->Id.SyncId.ProcessId = 0; 935 rsp_hdr->Id.SyncId.TreeId = 0; 936 rsp_hdr->SessionId = 0; 937 memset(rsp_hdr->Signature, 0, 16); 938 939 rsp = smb_get_msg(work->response_buf); 940 rsp->StructureSize = cpu_to_le16(44); 941 rsp->Epoch = br_info->epoch; 942 rsp->Flags = 0; 943 944 if (br_info->curr_state & (SMB2_LEASE_WRITE_CACHING_LE | 945 SMB2_LEASE_HANDLE_CACHING_LE)) 946 rsp->Flags = SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED; 947 948 memcpy(rsp->LeaseKey, br_info->lease_key, SMB2_LEASE_KEY_SIZE); 949 rsp->CurrentLeaseState = br_info->curr_state; 950 rsp->NewLeaseState = br_info->new_state; 951 rsp->BreakReason = 0; 952 rsp->AccessMaskHint = 0; 953 rsp->ShareMaskHint = 0; 954 955 if (ksmbd_iov_pin_rsp(work, (void *)rsp, 956 sizeof(struct smb2_lease_break))) 957 goto out; 958 959 ksmbd_conn_write(work); 960 961 out: 962 ksmbd_free_work_struct(work); 963 ksmbd_conn_r_count_dec(conn); 964 } 965 966 /** 967 * smb2_lease_break_noti() - break lease when a new client request 968 * write lease 969 * @opinfo: contains lease state information 970 * @wait_ack: wait for lease break acknowledgment from the client 971 * @inc_epoch: increment the lease epoch before sending the break 972 * 973 * Return: 0 on success, otherwise error 974 */ 975 static int smb2_lease_break_noti(struct oplock_info *opinfo, bool wait_ack, 976 bool inc_epoch) 977 { 978 struct ksmbd_conn *conn; 979 struct ksmbd_work *work; 980 struct lease_break_info *br_info; 981 struct lease *lease = opinfo->o_lease; 982 int ret = 0; 983 984 conn = READ_ONCE(opinfo->conn); 985 if (lease->version == 2 && lease->l_lb && lease->l_lb->conn && 986 !ksmbd_conn_releasing(lease->l_lb->conn)) 987 conn = lease->l_lb->conn; 988 if (!conn) 989 return ksmbd_invalidate_durable_fd(opinfo->fid); 990 991 work = ksmbd_alloc_work_struct(); 992 if (!work) 993 return -ENOMEM; 994 995 br_info = kmalloc_obj(struct lease_break_info, KSMBD_DEFAULT_GFP); 996 if (!br_info) { 997 ksmbd_free_work_struct(work); 998 return -ENOMEM; 999 } 1000 1001 br_info->curr_state = lease->state; 1002 br_info->new_state = lease->new_state; 1003 if (lease->version == 2) { 1004 if (inc_epoch) 1005 lease->epoch++; 1006 br_info->epoch = cpu_to_le16(lease->epoch); 1007 } else { 1008 br_info->epoch = 0; 1009 } 1010 memcpy(br_info->lease_key, lease->lease_key, SMB2_LEASE_KEY_SIZE); 1011 1012 work->request_buf = (char *)br_info; 1013 work->conn = conn; 1014 work->sess = opinfo->sess; 1015 1016 ksmbd_conn_r_count_inc(conn); 1017 if (opinfo->op_state == OPLOCK_ACK_WAIT) { 1018 INIT_WORK(&work->work, __smb2_lease_break_noti); 1019 ksmbd_queue_work(work); 1020 if (wait_ack) { 1021 if (wait_for_break_ack(opinfo)) 1022 ret = ksmbd_invalidate_durable_fd(opinfo->fid); 1023 } 1024 } else { 1025 __smb2_lease_break_noti(&work->work); 1026 if (opinfo->o_lease->new_state == SMB2_LEASE_NONE_LE) { 1027 opinfo->o_lease->state = SMB2_LEASE_NONE_LE; 1028 lease_update_oplock_levels(opinfo->o_lease); 1029 } 1030 } 1031 return ret; 1032 } 1033 1034 static void wait_lease_breaking(struct oplock_info *opinfo) 1035 { 1036 if (!opinfo->is_lease) 1037 return; 1038 1039 wake_up_interruptible_all(&opinfo->oplock_brk); 1040 if (atomic_read(&opinfo->breaking_cnt)) { 1041 int ret = 0; 1042 1043 ret = wait_event_interruptible_timeout(opinfo->oplock_brk, 1044 atomic_read(&opinfo->breaking_cnt) == 0, 1045 HZ); 1046 if (!ret) 1047 atomic_set(&opinfo->breaking_cnt, 0); 1048 } 1049 } 1050 1051 static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level, 1052 struct ksmbd_work *in_work, bool share_break) 1053 { 1054 int err = 0; 1055 bool sent_interim = false; 1056 1057 /* Need to break exclusive/batch oplock, write lease or overwrite_if */ 1058 ksmbd_debug(OPLOCK, 1059 "request to send oplock(level : 0x%x) break notification\n", 1060 brk_opinfo->level); 1061 1062 if (brk_opinfo->is_lease) { 1063 struct lease *lease = brk_opinfo->o_lease; 1064 bool open_trunc = brk_opinfo->open_trunc; 1065 bool was_pending = test_bit(0, &brk_opinfo->pending_break); 1066 bool wait_ack; 1067 bool inc_epoch = true; 1068 1069 if (in_work && was_pending) { 1070 setup_async_work(in_work, NULL, NULL); 1071 smb2_send_interim_resp(in_work, STATUS_PENDING); 1072 release_async_work(in_work); 1073 sent_interim = true; 1074 } 1075 1076 err = oplock_break_pending(brk_opinfo, req_op_level); 1077 if (err) 1078 return err < 0 ? err : 0; 1079 if (was_pending) 1080 open_trunc = brk_opinfo->open_trunc; 1081 1082 again: 1083 atomic_inc(&brk_opinfo->breaking_cnt); 1084 if (open_trunc) { 1085 /* 1086 * Create overwrite break trigger the lease break to 1087 * none. 1088 */ 1089 lease->new_state = SMB2_LEASE_NONE_LE; 1090 } else if (share_break && 1091 lease->state & SMB2_LEASE_HANDLE_CACHING_LE) { 1092 lease->new_state = 1093 lease->state & ~SMB2_LEASE_HANDLE_CACHING_LE; 1094 } else { 1095 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) { 1096 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE) 1097 lease->new_state = 1098 SMB2_LEASE_READ_CACHING_LE | 1099 SMB2_LEASE_HANDLE_CACHING_LE; 1100 else 1101 lease->new_state = 1102 SMB2_LEASE_READ_CACHING_LE; 1103 } else { 1104 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE && 1105 !lease->is_dir) 1106 lease->new_state = 1107 SMB2_LEASE_READ_CACHING_LE; 1108 else 1109 lease->new_state = SMB2_LEASE_NONE_LE; 1110 } 1111 } 1112 1113 if (in_work && !sent_interim) { 1114 setup_async_work(in_work, NULL, NULL); 1115 smb2_send_interim_resp(in_work, STATUS_PENDING); 1116 release_async_work(in_work); 1117 sent_interim = true; 1118 } 1119 1120 if (lease->state & (SMB2_LEASE_WRITE_CACHING_LE | 1121 SMB2_LEASE_HANDLE_CACHING_LE)) { 1122 brk_opinfo->op_state = OPLOCK_ACK_WAIT; 1123 } else 1124 atomic_dec(&brk_opinfo->breaking_cnt); 1125 1126 wait_ack = !(open_trunc && 1127 lease->state == (SMB2_LEASE_READ_CACHING_LE | 1128 SMB2_LEASE_HANDLE_CACHING_LE)); 1129 if (lease->reuse_epoch) { 1130 inc_epoch = false; 1131 lease->reuse_epoch = false; 1132 } 1133 err = smb2_lease_break_noti(brk_opinfo, wait_ack, inc_epoch); 1134 inc_epoch = false; 1135 1136 ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level); 1137 if (brk_opinfo->op_state == OPLOCK_CLOSING) 1138 err = -ENOENT; 1139 1140 if (wait_ack) 1141 wait_lease_breaking(brk_opinfo); 1142 /* 1143 * A share-mode conflict break only drops the conflicting 1144 * caching bit; the triggering open fails with a sharing 1145 * violation, so keep it to a single break. 1146 * 1147 * Otherwise chain another break while the lease is still 1148 * incompatible with this open (req_op_level), or while a 1149 * truncating waiter that arrived during the break still needs 1150 * the lease dropped to none. open_trunc snapshotted for this 1151 * break stays cleared, so the next state is computed from the 1152 * lease state and the cascade steps down (e.g. RH->R->none) 1153 * instead of collapsing straight to none. 1154 */ 1155 if (wait_ack && !err && !share_break && 1156 (lease_break_needed(brk_opinfo, req_op_level, open_trunc) || 1157 (brk_opinfo->open_trunc && 1158 lease->state != SMB2_LEASE_NONE_LE))) 1159 goto again; 1160 1161 wake_up_oplock_break(brk_opinfo); 1162 return err; 1163 } else { 1164 err = oplock_break_pending(brk_opinfo, req_op_level); 1165 if (err) 1166 return err < 0 ? err : 0; 1167 1168 if (brk_opinfo->level == SMB2_OPLOCK_LEVEL_BATCH || 1169 brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) 1170 brk_opinfo->op_state = OPLOCK_ACK_WAIT; 1171 } 1172 1173 err = smb2_oplock_break_noti(brk_opinfo); 1174 1175 ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level); 1176 if (brk_opinfo->op_state == OPLOCK_CLOSING) 1177 err = -EAGAIN; 1178 wake_up_oplock_break(brk_opinfo); 1179 1180 return err; 1181 } 1182 1183 void destroy_lease_table(struct ksmbd_conn *conn) 1184 { 1185 struct lease_table *lb, *lbtmp; 1186 struct lease *lease, *ltmp; 1187 1188 write_lock(&lease_list_lock); 1189 if (list_empty(&lease_table_list)) { 1190 write_unlock(&lease_list_lock); 1191 return; 1192 } 1193 1194 list_for_each_entry_safe(lb, lbtmp, &lease_table_list, l_entry) { 1195 if (conn && memcmp(lb->client_guid, conn->ClientGUID, 1196 SMB2_CLIENT_GUID_SIZE)) 1197 continue; 1198 list_for_each_entry_safe(lease, ltmp, &lb->lease_list, l_entry) 1199 lease_del_table(lease); 1200 list_del(&lb->l_entry); 1201 free_lease_table(lb); 1202 } 1203 write_unlock(&lease_list_lock); 1204 } 1205 1206 int find_same_lease_key(struct ksmbd_conn *conn, struct ksmbd_inode *ci, 1207 struct lease_ctx_info *lctx) 1208 { 1209 struct lease *lease; 1210 int err = 0; 1211 struct lease_table *lb; 1212 1213 if (!lctx) 1214 return err; 1215 1216 read_lock(&lease_list_lock); 1217 if (list_empty(&lease_table_list)) { 1218 read_unlock(&lease_list_lock); 1219 return 0; 1220 } 1221 1222 list_for_each_entry(lb, &lease_table_list, l_entry) { 1223 if (!memcmp(lb->client_guid, conn->ClientGUID, 1224 SMB2_CLIENT_GUID_SIZE)) 1225 goto found; 1226 } 1227 read_unlock(&lease_list_lock); 1228 1229 return 0; 1230 1231 found: 1232 list_for_each_entry(lease, &lb->lease_list, l_entry) { 1233 if (lease->ci == ci) 1234 continue; 1235 if (!memcmp(lease->lease_key, lctx->lease_key, 1236 SMB2_LEASE_KEY_SIZE)) { 1237 err = -EINVAL; 1238 ksmbd_debug(OPLOCK, 1239 "found same lease key is already used in other files\n"); 1240 goto out; 1241 } 1242 } 1243 1244 out: 1245 read_unlock(&lease_list_lock); 1246 return err; 1247 } 1248 1249 static void add_lease_global_list(struct lease *lease, struct ksmbd_conn *conn, 1250 struct lease_table *new_lb) 1251 { 1252 struct lease_table *lb; 1253 1254 write_lock(&lease_list_lock); 1255 list_for_each_entry(lb, &lease_table_list, l_entry) { 1256 if (!memcmp(lb->client_guid, conn->ClientGUID, 1257 SMB2_CLIENT_GUID_SIZE)) { 1258 lease_add_table(lease, lb); 1259 write_unlock(&lease_list_lock); 1260 free_lease_table(new_lb); 1261 return; 1262 } 1263 } 1264 1265 lease_add_table(lease, new_lb); 1266 list_add(&new_lb->l_entry, &lease_table_list); 1267 write_unlock(&lease_list_lock); 1268 } 1269 1270 static void set_oplock_level(struct oplock_info *opinfo, int level, 1271 struct lease_ctx_info *lctx) 1272 { 1273 switch (level) { 1274 case SMB2_OPLOCK_LEVEL_BATCH: 1275 case SMB2_OPLOCK_LEVEL_EXCLUSIVE: 1276 grant_write_oplock(opinfo, level, lctx); 1277 break; 1278 case SMB2_OPLOCK_LEVEL_II: 1279 grant_read_oplock(opinfo, lctx); 1280 break; 1281 default: 1282 grant_none_oplock(opinfo, lctx); 1283 break; 1284 } 1285 } 1286 1287 void smb_send_parent_lease_break_noti(struct ksmbd_file *fp, 1288 struct lease_ctx_info *lctx) 1289 { 1290 struct oplock_info *opinfo; 1291 struct ksmbd_inode *p_ci = NULL; 1292 1293 if (lctx->version != 2) 1294 return; 1295 1296 p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent); 1297 if (!p_ci) 1298 return; 1299 1300 down_read(&p_ci->m_lock); 1301 list_for_each_entry(opinfo, &p_ci->m_op_list, op_entry) { 1302 if (opinfo->conn == NULL || !opinfo->is_lease) 1303 continue; 1304 1305 if (opinfo->o_lease->state != SMB2_OPLOCK_LEVEL_NONE && 1306 (!(lctx->flags & SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE) || 1307 !compare_guid_key(opinfo, fp->conn->ClientGUID, 1308 lctx->parent_lease_key))) { 1309 if (!atomic_inc_not_zero(&opinfo->refcount)) 1310 continue; 1311 1312 if (ksmbd_conn_releasing(opinfo->conn)) { 1313 opinfo_put(opinfo); 1314 continue; 1315 } 1316 1317 oplock_break(opinfo, SMB2_OPLOCK_LEVEL_NONE, NULL, false); 1318 opinfo_put(opinfo); 1319 } 1320 } 1321 up_read(&p_ci->m_lock); 1322 1323 ksmbd_inode_put(p_ci); 1324 } 1325 1326 void smb_lazy_parent_lease_break_close(struct ksmbd_file *fp) 1327 { 1328 struct oplock_info *opinfo; 1329 struct ksmbd_inode *p_ci = NULL; 1330 1331 rcu_read_lock(); 1332 opinfo = rcu_dereference(fp->f_opinfo); 1333 1334 if (!opinfo || !opinfo->is_lease || opinfo->o_lease->version != 2) { 1335 rcu_read_unlock(); 1336 return; 1337 } 1338 rcu_read_unlock(); 1339 1340 p_ci = ksmbd_inode_lookup_lock(fp->filp->f_path.dentry->d_parent); 1341 if (!p_ci) 1342 return; 1343 1344 down_read(&p_ci->m_lock); 1345 list_for_each_entry(opinfo, &p_ci->m_op_list, op_entry) { 1346 if (opinfo->conn == NULL || !opinfo->is_lease) 1347 continue; 1348 1349 if (opinfo->o_lease->state != SMB2_OPLOCK_LEVEL_NONE) { 1350 if (!atomic_inc_not_zero(&opinfo->refcount)) 1351 continue; 1352 1353 if (ksmbd_conn_releasing(opinfo->conn)) { 1354 opinfo_put(opinfo); 1355 continue; 1356 } 1357 1358 oplock_break(opinfo, SMB2_OPLOCK_LEVEL_NONE, NULL, false); 1359 opinfo_put(opinfo); 1360 } 1361 } 1362 up_read(&p_ci->m_lock); 1363 1364 ksmbd_inode_put(p_ci); 1365 } 1366 1367 /** 1368 * smb_grant_oplock() - handle oplock/lease request on file open 1369 * @work: smb work 1370 * @req_op_level: oplock level 1371 * @pid: id of open file 1372 * @fp: ksmbd file pointer 1373 * @tid: Tree id of connection 1374 * @lctx: lease context information on file open 1375 * @share_ret: share mode 1376 * 1377 * Return: 0 on success, otherwise error 1378 */ 1379 int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid, 1380 struct ksmbd_file *fp, __u16 tid, 1381 struct lease_ctx_info *lctx, int share_ret) 1382 { 1383 int err = 0; 1384 int break_level = SMB2_OPLOCK_LEVEL_II; 1385 struct oplock_info *opinfo = NULL, *prev_opinfo = NULL; 1386 struct ksmbd_inode *ci = fp->f_ci; 1387 struct lease_table *new_lb = NULL; 1388 bool prev_op_has_lease; 1389 bool prev_durable_open = false; 1390 bool prev_durable_detached = false; 1391 unsigned long long prev_fid = KSMBD_NO_FID; 1392 bool new_lease = false; 1393 __le32 prev_op_state = 0; 1394 1395 /* Only v2 leases handle the directory */ 1396 if (S_ISDIR(file_inode(fp->filp)->i_mode)) { 1397 if (!lctx || lctx->version != 2) 1398 return 0; 1399 } 1400 1401 opinfo = alloc_opinfo(work, pid, tid); 1402 if (!opinfo) 1403 return -ENOMEM; 1404 1405 if (lctx) { 1406 opinfo->o_lease = alloc_lease(lctx, ci); 1407 if (!opinfo->o_lease) { 1408 err = -ENOMEM; 1409 goto err_out; 1410 } 1411 opinfo->is_lease = 1; 1412 new_lease = true; 1413 } 1414 1415 /* ci does not have any oplock */ 1416 if (!opinfo_count(fp)) 1417 goto set_lev; 1418 1419 /* 1420 * A stat open that only requests metadata access must not break the 1421 * existing caching state. READ_CONTROL (reading the security 1422 * descriptor) does not conflict with a lease, but it does conflict 1423 * with an oplock, so only treat a read-control-only open as a stat 1424 * open when the existing holder is a lease. 1425 */ 1426 if (fp->cdoption != FILE_OVERWRITE_IF_LE && 1427 fp->cdoption != FILE_OVERWRITE_LE && 1428 fp->cdoption != FILE_SUPERSEDE_LE && 1429 (fp->attrib_only || 1430 (!(fp->daccess & ~(FILE_READ_ATTRIBUTES_LE | 1431 FILE_WRITE_ATTRIBUTES_LE | 1432 FILE_SYNCHRONIZE_LE | 1433 FILE_READ_CONTROL_LE)) && 1434 ksmbd_inode_has_lease(ci)))) { 1435 req_op_level = SMB2_OPLOCK_LEVEL_NONE; 1436 goto set_lev; 1437 } 1438 1439 if (lctx) { 1440 struct oplock_info *m_opinfo; 1441 1442 /* is lease already granted ? */ 1443 m_opinfo = same_client_has_lease(ci, work->conn->ClientGUID, 1444 lctx); 1445 if (m_opinfo) { 1446 lease_put(opinfo->o_lease); 1447 lease_get(m_opinfo->o_lease); 1448 opinfo->o_lease = m_opinfo->o_lease; 1449 opinfo->level = m_opinfo->level; 1450 new_lease = false; 1451 opinfo_put(m_opinfo); 1452 goto out; 1453 } 1454 } 1455 prev_opinfo = opinfo_get_list(ci); 1456 if (!prev_opinfo || 1457 (prev_opinfo->level == SMB2_OPLOCK_LEVEL_NONE && lctx)) { 1458 opinfo_put(prev_opinfo); 1459 goto set_lev; 1460 } 1461 prev_op_has_lease = prev_opinfo->is_lease; 1462 if (prev_op_has_lease) 1463 prev_op_state = prev_opinfo->o_lease->state; 1464 if (share_ret < 0 && 1465 prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) { 1466 err = share_ret; 1467 opinfo_put(prev_opinfo); 1468 goto err_out; 1469 } 1470 1471 if (prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH && 1472 prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) { 1473 opinfo_put(prev_opinfo); 1474 goto op_break_not_needed; 1475 } 1476 1477 if (prev_opinfo->o_fp && prev_opinfo->o_fp != fp && 1478 prev_opinfo->o_fp->is_durable) { 1479 prev_durable_open = true; 1480 prev_durable_detached = !prev_opinfo->o_fp->conn || 1481 !prev_opinfo->o_fp->tcon; 1482 prev_fid = prev_opinfo->fid; 1483 } 1484 1485 err = oplock_break(prev_opinfo, break_level, work, 1486 share_ret < 0 && prev_opinfo->is_lease); 1487 if (prev_durable_detached || (prev_durable_open && err == -ENOENT)) 1488 ksmbd_invalidate_durable_fd(prev_fid); 1489 opinfo_put(prev_opinfo); 1490 if (err == -EAGAIN) { 1491 share_ret = ksmbd_smb_check_shared_mode(fp->filp, fp); 1492 if (share_ret < 0) { 1493 err = share_ret; 1494 goto err_out; 1495 } 1496 goto set_lev; 1497 } 1498 if (err == -ENOENT) { 1499 if (req_op_level != SMB2_OPLOCK_LEVEL_NONE) 1500 req_op_level = SMB2_OPLOCK_LEVEL_II; 1501 goto set_lev; 1502 } 1503 /* Check all oplock was freed by close */ 1504 else if (err < 0) 1505 goto err_out; 1506 1507 op_break_not_needed: 1508 if (share_ret < 0) { 1509 err = share_ret; 1510 goto err_out; 1511 } 1512 1513 if (req_op_level != SMB2_OPLOCK_LEVEL_NONE) 1514 req_op_level = SMB2_OPLOCK_LEVEL_II; 1515 1516 /* grant fixed oplock on stacked locking between lease and oplock */ 1517 if (prev_op_has_lease && !lctx) 1518 if (prev_op_state & SMB2_LEASE_HANDLE_CACHING_LE) 1519 req_op_level = SMB2_OPLOCK_LEVEL_NONE; 1520 1521 if (!prev_op_has_lease && lctx) { 1522 req_op_level = SMB2_OPLOCK_LEVEL_II; 1523 lctx->req_state = SMB2_LEASE_READ_CACHING_LE; 1524 } 1525 1526 set_lev: 1527 set_oplock_level(opinfo, req_op_level, lctx); 1528 1529 out: 1530 /* 1531 * Keep the original publication order so concurrent opens can 1532 * still observe the in-flight grant via ci->m_op_list, but make 1533 * everything after opinfo_add() no-fail by preallocating any new 1534 * lease_table first. 1535 */ 1536 opinfo->o_fp = fp; 1537 if (new_lease) { 1538 new_lb = alloc_lease_table(opinfo); 1539 if (!new_lb) { 1540 err = -ENOMEM; 1541 goto err_out; 1542 } 1543 } 1544 1545 opinfo_count_inc(fp); 1546 opinfo_add(opinfo, fp); 1547 1548 if (new_lease) 1549 add_lease_global_list(opinfo->o_lease, opinfo->conn, new_lb); 1550 if (opinfo->is_lease) 1551 lease_add_open(opinfo->o_lease, opinfo); 1552 1553 rcu_assign_pointer(fp->f_opinfo, opinfo); 1554 1555 return 0; 1556 err_out: 1557 kfree(new_lb); 1558 opinfo_put(opinfo); 1559 return err; 1560 } 1561 1562 /** 1563 * smb_break_all_write_oplock() - break batch/exclusive oplock to level2 1564 * @work: smb work 1565 * @fp: ksmbd file pointer 1566 * @is_trunc: truncate on open 1567 */ 1568 static bool smb_break_all_write_oplock(struct ksmbd_work *work, 1569 struct ksmbd_file *fp, int is_trunc) 1570 { 1571 struct oplock_info *brk_opinfo; 1572 bool sent_break = false; 1573 1574 brk_opinfo = opinfo_get_list(fp->f_ci); 1575 if (!brk_opinfo) 1576 return false; 1577 if (brk_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH && 1578 brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) { 1579 opinfo_put(brk_opinfo); 1580 return false; 1581 } 1582 1583 brk_opinfo->open_trunc = is_trunc; 1584 oplock_break(brk_opinfo, SMB2_OPLOCK_LEVEL_II, work, false); 1585 sent_break = true; 1586 opinfo_put(brk_opinfo); 1587 1588 return sent_break; 1589 } 1590 1591 /** 1592 * __smb_break_all_levII_oplock() - send level2 oplock or read lease break command 1593 * from server to client 1594 * @work: smb work 1595 * @fp: ksmbd file pointer 1596 * @is_trunc: truncate on open 1597 * @send_interim: send interim response to the client 1598 * @send_oplock_break: send oplock break notification to the client 1599 */ 1600 static void __smb_break_all_levII_oplock(struct ksmbd_work *work, 1601 struct ksmbd_file *fp, int is_trunc, 1602 bool send_interim, bool send_oplock_break) 1603 { 1604 struct oplock_info *op, *brk_op; 1605 struct ksmbd_inode *ci; 1606 struct ksmbd_conn *conn = work->conn; 1607 bool sent_interim = false; 1608 1609 if (!test_share_config_flag(work->tcon->share_conf, 1610 KSMBD_SHARE_FLAG_OPLOCKS)) 1611 return; 1612 1613 ci = fp->f_ci; 1614 op = opinfo_get(fp); 1615 1616 down_read(&ci->m_lock); 1617 list_for_each_entry(brk_op, &ci->m_op_list, op_entry) { 1618 if (brk_op->conn == NULL) 1619 continue; 1620 1621 if (!atomic_inc_not_zero(&brk_op->refcount)) 1622 continue; 1623 1624 if (ksmbd_conn_releasing(brk_op->conn)) { 1625 opinfo_put(brk_op); 1626 continue; 1627 } 1628 1629 if (!brk_op->is_lease && 1630 brk_op->level != SMB2_OPLOCK_LEVEL_II) { 1631 ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n", 1632 brk_op->level); 1633 goto next; 1634 } 1635 1636 /* Skip oplock being break to none */ 1637 if (brk_op->is_lease && 1638 brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE && 1639 atomic_read(&brk_op->breaking_cnt)) 1640 goto next; 1641 1642 if (op && op->is_lease && brk_op->is_lease && 1643 !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID, 1644 SMB2_CLIENT_GUID_SIZE) && 1645 !memcmp(op->o_lease->lease_key, brk_op->o_lease->lease_key, 1646 SMB2_LEASE_KEY_SIZE)) 1647 goto next; 1648 brk_op->open_trunc = is_trunc; 1649 if (!brk_op->is_lease && !send_oplock_break) { 1650 brk_op->level = SMB2_OPLOCK_LEVEL_NONE; 1651 brk_op->op_state = OPLOCK_STATE_NONE; 1652 } else { 1653 oplock_break(brk_op, 1654 brk_op->is_lease && !is_trunc ? 1655 SMB2_OPLOCK_LEVEL_II : SMB2_OPLOCK_LEVEL_NONE, 1656 send_interim && !sent_interim ? work : NULL, 1657 false); 1658 } 1659 sent_interim = true; 1660 next: 1661 opinfo_put(brk_op); 1662 } 1663 up_read(&ci->m_lock); 1664 1665 if (op) 1666 opinfo_put(op); 1667 } 1668 1669 void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp, 1670 int is_trunc) 1671 { 1672 __smb_break_all_levII_oplock(work, fp, is_trunc, true, true); 1673 } 1674 1675 void smb_break_all_levII_oplock_no_interim(struct ksmbd_work *work, 1676 struct ksmbd_file *fp, int is_trunc) 1677 { 1678 __smb_break_all_levII_oplock(work, fp, is_trunc, false, true); 1679 } 1680 1681 void smb_break_all_levII_oplock_for_delete(struct ksmbd_work *work, 1682 struct ksmbd_file *fp) 1683 { 1684 __smb_break_all_levII_oplock(work, fp, 0, false, false); 1685 } 1686 1687 /** 1688 * smb_break_all_oplock() - break both batch/exclusive and level2 oplock 1689 * @work: smb work 1690 * @fp: ksmbd file pointer 1691 */ 1692 void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp) 1693 { 1694 bool sent_break; 1695 1696 if (!test_share_config_flag(work->tcon->share_conf, 1697 KSMBD_SHARE_FLAG_OPLOCKS)) 1698 return; 1699 1700 sent_break = smb_break_all_write_oplock(work, fp, 1); 1701 __smb_break_all_levII_oplock(work, fp, 1, !sent_break, true); 1702 } 1703 1704 /** 1705 * smb2_map_lease_to_oplock() - map lease state to corresponding oplock type 1706 * @lease_state: lease type 1707 * 1708 * Return: 0 if no mapping, otherwise corresponding oplock type 1709 */ 1710 __u8 smb2_map_lease_to_oplock(__le32 lease_state) 1711 { 1712 if ((lease_state & SMB2_LEASE_WRITE_CACHING_LE) && 1713 (lease_state & SMB2_LEASE_HANDLE_CACHING_LE)) { 1714 return SMB2_OPLOCK_LEVEL_BATCH; 1715 } else if (lease_state & SMB2_LEASE_WRITE_CACHING_LE) { 1716 return SMB2_OPLOCK_LEVEL_EXCLUSIVE; 1717 } else if (lease_state & (SMB2_LEASE_READ_CACHING_LE | 1718 SMB2_LEASE_HANDLE_CACHING_LE)) { 1719 return SMB2_OPLOCK_LEVEL_II; 1720 } 1721 return 0; 1722 } 1723 1724 /** 1725 * create_lease_buf() - create lease context for open cmd response 1726 * @rbuf: buffer to create lease context response 1727 * @lease: buffer to stored parsed lease state information 1728 */ 1729 void create_lease_buf(u8 *rbuf, struct lease *lease) 1730 { 1731 if (lease->version == 2) { 1732 struct create_lease_v2 *buf = (struct create_lease_v2 *)rbuf; 1733 __le32 flags = 0; 1734 1735 memset(buf, 0, sizeof(struct create_lease_v2)); 1736 memcpy(buf->lcontext.LeaseKey, lease->lease_key, 1737 SMB2_LEASE_KEY_SIZE); 1738 if (lease_has_parent_key(lease)) 1739 flags |= SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE; 1740 if (lease_break_in_progress(lease)) 1741 flags |= SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE; 1742 buf->lcontext.LeaseFlags = flags; 1743 buf->lcontext.Epoch = cpu_to_le16(lease->epoch); 1744 buf->lcontext.LeaseState = lease->state; 1745 if (lease_has_parent_key(lease)) 1746 memcpy(buf->lcontext.ParentLeaseKey, lease->parent_lease_key, 1747 SMB2_LEASE_KEY_SIZE); 1748 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1749 (struct create_lease_v2, lcontext)); 1750 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2)); 1751 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1752 (struct create_lease_v2, Name)); 1753 buf->ccontext.NameLength = cpu_to_le16(4); 1754 buf->Name[0] = 'R'; 1755 buf->Name[1] = 'q'; 1756 buf->Name[2] = 'L'; 1757 buf->Name[3] = 's'; 1758 } else { 1759 struct create_lease *buf = (struct create_lease *)rbuf; 1760 1761 memset(buf, 0, sizeof(struct create_lease)); 1762 memcpy(buf->lcontext.LeaseKey, lease->lease_key, SMB2_LEASE_KEY_SIZE); 1763 if (lease_break_in_progress(lease)) 1764 buf->lcontext.LeaseFlags = 1765 SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE; 1766 buf->lcontext.LeaseState = lease->state; 1767 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1768 (struct create_lease, lcontext)); 1769 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context)); 1770 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1771 (struct create_lease, Name)); 1772 buf->ccontext.NameLength = cpu_to_le16(4); 1773 buf->Name[0] = 'R'; 1774 buf->Name[1] = 'q'; 1775 buf->Name[2] = 'L'; 1776 buf->Name[3] = 's'; 1777 } 1778 } 1779 1780 /** 1781 * parse_lease_state() - parse lease context contained in file open request 1782 * @open_req: buffer containing smb2 file open(create) request 1783 * 1784 * Return: allocated lease context object on success, otherwise NULL 1785 */ 1786 struct lease_ctx_info *parse_lease_state(void *open_req) 1787 { 1788 struct create_context *cc; 1789 struct smb2_create_req *req = (struct smb2_create_req *)open_req; 1790 struct lease_ctx_info *lreq; 1791 1792 cc = smb2_find_context_vals(req, SMB2_CREATE_REQUEST_LEASE, 4); 1793 if (IS_ERR(cc)) 1794 return ERR_CAST(cc); 1795 if (!cc) 1796 return NULL; 1797 1798 lreq = kzalloc_obj(struct lease_ctx_info, KSMBD_DEFAULT_GFP); 1799 if (!lreq) 1800 return ERR_PTR(-ENOMEM); 1801 1802 if (sizeof(struct lease_context_v2) == le32_to_cpu(cc->DataLength)) { 1803 struct create_lease_v2 *lc = (struct create_lease_v2 *)cc; 1804 1805 if (le16_to_cpu(cc->DataOffset) + le32_to_cpu(cc->DataLength) < 1806 sizeof(struct create_lease_v2) - 4) 1807 goto err_out; 1808 1809 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE); 1810 lreq->req_state = lc->lcontext.LeaseState; 1811 lreq->flags = lc->lcontext.LeaseFlags; 1812 lreq->epoch = lc->lcontext.Epoch; 1813 lreq->duration = lc->lcontext.LeaseDuration; 1814 if (!lease_state_valid(lreq->req_state) || 1815 !lease_v2_flags_valid(lreq->flags)) 1816 goto err_out; 1817 lreq->req_state = lease_state_grantable(lreq->req_state); 1818 if (lreq->flags == SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET_LE) 1819 memcpy(lreq->parent_lease_key, lc->lcontext.ParentLeaseKey, 1820 SMB2_LEASE_KEY_SIZE); 1821 lreq->version = 2; 1822 } else if (sizeof(struct lease_context) == le32_to_cpu(cc->DataLength)) { 1823 struct create_lease *lc = (struct create_lease *)cc; 1824 1825 if (le16_to_cpu(cc->DataOffset) + le32_to_cpu(cc->DataLength) < 1826 sizeof(struct create_lease)) 1827 goto err_out; 1828 1829 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE); 1830 lreq->req_state = lc->lcontext.LeaseState; 1831 lreq->flags = 0; 1832 lreq->duration = lc->lcontext.LeaseDuration; 1833 if (!lease_state_valid(lreq->req_state)) 1834 goto err_out; 1835 lreq->req_state = lease_state_grantable(lreq->req_state); 1836 lreq->version = 1; 1837 } else 1838 goto err_out; 1839 return lreq; 1840 err_out: 1841 kfree(lreq); 1842 return ERR_PTR(-EINVAL); 1843 } 1844 1845 /** 1846 * smb2_find_context_vals() - find a particular context info in open request 1847 * @open_req: buffer containing smb2 file open(create) request 1848 * @tag: context name to search for 1849 * @tag_len: the length of tag 1850 * 1851 * Return: pointer to requested context, NULL if @str context not found 1852 * or error pointer if name length is invalid. 1853 */ 1854 struct create_context *smb2_find_context_vals(void *open_req, const char *tag, int tag_len) 1855 { 1856 struct create_context *cc; 1857 unsigned int next = 0; 1858 char *name; 1859 struct smb2_create_req *req = (struct smb2_create_req *)open_req; 1860 unsigned int remain_len, name_off, name_len, value_off, value_len, 1861 cc_len; 1862 1863 /* 1864 * CreateContextsOffset and CreateContextsLength are guaranteed to 1865 * be valid because of ksmbd_smb2_check_message(). 1866 */ 1867 if (!req->CreateContextsOffset || !req->CreateContextsLength) 1868 return NULL; 1869 1870 cc = (struct create_context *)((char *)req + 1871 le32_to_cpu(req->CreateContextsOffset)); 1872 remain_len = le32_to_cpu(req->CreateContextsLength); 1873 do { 1874 cc = (struct create_context *)((char *)cc + next); 1875 if (remain_len < offsetof(struct create_context, Buffer)) 1876 return ERR_PTR(-EINVAL); 1877 1878 next = le32_to_cpu(cc->Next); 1879 name_off = le16_to_cpu(cc->NameOffset); 1880 name_len = le16_to_cpu(cc->NameLength); 1881 value_off = le16_to_cpu(cc->DataOffset); 1882 value_len = le32_to_cpu(cc->DataLength); 1883 cc_len = next ? next : remain_len; 1884 1885 if ((next & 0x7) != 0 || 1886 next > remain_len || 1887 name_off != offsetof(struct create_context, Buffer) || 1888 name_len < 4 || 1889 name_off + name_len > cc_len || 1890 (value_off & 0x7) != 0 || 1891 (value_len && value_off < name_off + (name_len < 8 ? 8 : name_len)) || 1892 ((u64)value_off + value_len > cc_len)) 1893 return ERR_PTR(-EINVAL); 1894 1895 name = (char *)cc + name_off; 1896 if (name_len == tag_len && !memcmp(name, tag, name_len)) 1897 return cc; 1898 1899 remain_len -= next; 1900 } while (next != 0); 1901 1902 return NULL; 1903 } 1904 1905 /** 1906 * create_durable_rsp_buf() - create durable handle context 1907 * @cc: buffer to create durable context response 1908 */ 1909 void create_durable_rsp_buf(char *cc) 1910 { 1911 struct create_durable_rsp *buf; 1912 1913 buf = (struct create_durable_rsp *)cc; 1914 memset(buf, 0, sizeof(struct create_durable_rsp)); 1915 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1916 (struct create_durable_rsp, Data)); 1917 buf->ccontext.DataLength = cpu_to_le32(8); 1918 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1919 (struct create_durable_rsp, Name)); 1920 buf->ccontext.NameLength = cpu_to_le16(4); 1921 /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE is "DHnQ" */ 1922 buf->Name[0] = 'D'; 1923 buf->Name[1] = 'H'; 1924 buf->Name[2] = 'n'; 1925 buf->Name[3] = 'Q'; 1926 } 1927 1928 /** 1929 * create_durable_v2_rsp_buf() - create durable handle v2 context 1930 * @cc: buffer to create durable context response 1931 * @fp: ksmbd file pointer 1932 */ 1933 void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp) 1934 { 1935 struct create_durable_rsp_v2 *buf; 1936 1937 buf = (struct create_durable_rsp_v2 *)cc; 1938 memset(buf, 0, sizeof(struct create_durable_rsp)); 1939 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1940 (struct create_durable_rsp, Data)); 1941 buf->ccontext.DataLength = cpu_to_le32(8); 1942 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1943 (struct create_durable_rsp, Name)); 1944 buf->ccontext.NameLength = cpu_to_le16(4); 1945 /* SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2 is "DH2Q" */ 1946 buf->Name[0] = 'D'; 1947 buf->Name[1] = 'H'; 1948 buf->Name[2] = '2'; 1949 buf->Name[3] = 'Q'; 1950 1951 buf->dcontext.Timeout = cpu_to_le32(fp->durable_timeout); 1952 if (fp->is_persistent) 1953 buf->dcontext.Flags = cpu_to_le32(SMB2_DHANDLE_FLAG_PERSISTENT); 1954 } 1955 1956 /** 1957 * create_mxac_rsp_buf() - create query maximal access context 1958 * @cc: buffer to create maximal access context response 1959 * @maximal_access: maximal access 1960 */ 1961 void create_mxac_rsp_buf(char *cc, int maximal_access) 1962 { 1963 struct create_mxac_rsp *buf; 1964 1965 buf = (struct create_mxac_rsp *)cc; 1966 memset(buf, 0, sizeof(struct create_mxac_rsp)); 1967 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1968 (struct create_mxac_rsp, QueryStatus)); 1969 buf->ccontext.DataLength = cpu_to_le32(8); 1970 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1971 (struct create_mxac_rsp, Name)); 1972 buf->ccontext.NameLength = cpu_to_le16(4); 1973 /* SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE is "MxAc" */ 1974 buf->Name[0] = 'M'; 1975 buf->Name[1] = 'x'; 1976 buf->Name[2] = 'A'; 1977 buf->Name[3] = 'c'; 1978 1979 buf->QueryStatus = STATUS_SUCCESS; 1980 buf->MaximalAccess = cpu_to_le32(maximal_access); 1981 } 1982 1983 void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id) 1984 { 1985 struct create_disk_id_rsp *buf; 1986 1987 buf = (struct create_disk_id_rsp *)cc; 1988 memset(buf, 0, sizeof(struct create_disk_id_rsp)); 1989 buf->ccontext.DataOffset = cpu_to_le16(offsetof 1990 (struct create_disk_id_rsp, DiskFileId)); 1991 buf->ccontext.DataLength = cpu_to_le32(32); 1992 buf->ccontext.NameOffset = cpu_to_le16(offsetof 1993 (struct create_mxac_rsp, Name)); 1994 buf->ccontext.NameLength = cpu_to_le16(4); 1995 /* SMB2_CREATE_QUERY_ON_DISK_ID_RESPONSE is "QFid" */ 1996 buf->Name[0] = 'Q'; 1997 buf->Name[1] = 'F'; 1998 buf->Name[2] = 'i'; 1999 buf->Name[3] = 'd'; 2000 2001 buf->DiskFileId = cpu_to_le64(file_id); 2002 buf->VolumeId = cpu_to_le64(vol_id); 2003 } 2004 2005 /** 2006 * create_posix_rsp_buf() - create posix extension context 2007 * @cc: buffer to create posix on posix response 2008 * @fp: ksmbd file pointer 2009 */ 2010 void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp) 2011 { 2012 struct create_posix_rsp *buf; 2013 struct inode *inode = file_inode(fp->filp); 2014 struct mnt_idmap *idmap = file_mnt_idmap(fp->filp); 2015 vfsuid_t vfsuid = i_uid_into_vfsuid(idmap, inode); 2016 vfsgid_t vfsgid = i_gid_into_vfsgid(idmap, inode); 2017 2018 buf = (struct create_posix_rsp *)cc; 2019 memset(buf, 0, sizeof(struct create_posix_rsp)); 2020 buf->ccontext.DataOffset = cpu_to_le16(offsetof 2021 (struct create_posix_rsp, nlink)); 2022 /* 2023 * DataLength = nlink(4) + reparse_tag(4) + mode(4) + 2024 * domain sid(28) + unix group sid(16). 2025 */ 2026 buf->ccontext.DataLength = cpu_to_le32(56); 2027 buf->ccontext.NameOffset = cpu_to_le16(offsetof 2028 (struct create_posix_rsp, Name)); 2029 buf->ccontext.NameLength = cpu_to_le16(POSIX_CTXT_DATA_LEN); 2030 /* SMB2_CREATE_TAG_POSIX is "0x93AD25509CB411E7B42383DE968BCD7C" */ 2031 buf->Name[0] = 0x93; 2032 buf->Name[1] = 0xAD; 2033 buf->Name[2] = 0x25; 2034 buf->Name[3] = 0x50; 2035 buf->Name[4] = 0x9C; 2036 buf->Name[5] = 0xB4; 2037 buf->Name[6] = 0x11; 2038 buf->Name[7] = 0xE7; 2039 buf->Name[8] = 0xB4; 2040 buf->Name[9] = 0x23; 2041 buf->Name[10] = 0x83; 2042 buf->Name[11] = 0xDE; 2043 buf->Name[12] = 0x96; 2044 buf->Name[13] = 0x8B; 2045 buf->Name[14] = 0xCD; 2046 buf->Name[15] = 0x7C; 2047 2048 buf->nlink = cpu_to_le32(inode->i_nlink); 2049 buf->reparse_tag = cpu_to_le32(fp->volatile_id); 2050 buf->mode = cpu_to_le32(inode->i_mode & 0777); 2051 /* 2052 * SidBuffer(44) contain two sids(Domain sid(28), UNIX group sid(16)). 2053 * Domain sid(28) = revision(1) + num_subauth(1) + authority(6) + 2054 * sub_auth(4 * 4(num_subauth)) + RID(4). 2055 * UNIX group id(16) = revision(1) + num_subauth(1) + authority(6) + 2056 * sub_auth(4 * 1(num_subauth)) + RID(4). 2057 */ 2058 id_to_sid(from_kuid_munged(&init_user_ns, vfsuid_into_kuid(vfsuid)), 2059 SIDOWNER, (struct smb_sid *)&buf->SidBuffer[0]); 2060 id_to_sid(from_kgid_munged(&init_user_ns, vfsgid_into_kgid(vfsgid)), 2061 SIDUNIX_GROUP, (struct smb_sid *)&buf->SidBuffer[28]); 2062 } 2063 2064 /* 2065 * Find lease object(opinfo) for given lease key/fid from lease 2066 * break/file close path. 2067 */ 2068 /** 2069 * lookup_lease_in_table() - find a matching lease info object 2070 * @conn: connection instance 2071 * @lease_key: lease key to be searched for 2072 * 2073 * Return: opinfo if found matching opinfo, otherwise NULL 2074 */ 2075 struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn, 2076 char *lease_key) 2077 { 2078 struct oplock_info *opinfo = NULL, *ret_op = NULL; 2079 struct lease *lease; 2080 struct lease_table *lt; 2081 2082 read_lock(&lease_list_lock); 2083 list_for_each_entry(lt, &lease_table_list, l_entry) { 2084 if (!memcmp(lt->client_guid, conn->ClientGUID, 2085 SMB2_CLIENT_GUID_SIZE)) 2086 goto found; 2087 } 2088 2089 read_unlock(&lease_list_lock); 2090 return NULL; 2091 2092 found: 2093 list_for_each_entry(lease, <->lease_list, l_entry) { 2094 if (memcmp(lease->lease_key, lease_key, SMB2_LEASE_KEY_SIZE)) 2095 continue; 2096 if (!(lease->state & (SMB2_LEASE_HANDLE_CACHING_LE | 2097 SMB2_LEASE_WRITE_CACHING_LE))) 2098 break; 2099 2100 spin_lock(&lease->lock); 2101 list_for_each_entry(opinfo, &lease->open_list, lease_entry) { 2102 if (!opinfo->op_state || 2103 opinfo->op_state == OPLOCK_CLOSING) 2104 continue; 2105 if (!atomic_inc_not_zero(&opinfo->refcount)) 2106 continue; 2107 ret_op = opinfo; 2108 break; 2109 } 2110 spin_unlock(&lease->lock); 2111 if (ret_op) { 2112 ksmbd_debug(OPLOCK, "found opinfo\n"); 2113 goto out; 2114 } 2115 break; 2116 } 2117 2118 out: 2119 read_unlock(&lease_list_lock); 2120 return ret_op; 2121 } 2122 2123 int smb2_check_durable_oplock(struct ksmbd_conn *conn, 2124 struct ksmbd_share_config *share, 2125 struct ksmbd_file *fp, 2126 struct lease_ctx_info *lctx, 2127 struct ksmbd_user *user, 2128 char *name) 2129 { 2130 struct oplock_info *opinfo = opinfo_get(fp); 2131 int ret = 0; 2132 2133 if (!opinfo) 2134 return 0; 2135 2136 if (ksmbd_has_other_active_fd(fp)) { 2137 ksmbd_debug(SMB, "Durable handle reconnect failed: competing open\n"); 2138 ret = -EBADF; 2139 goto out; 2140 } 2141 2142 if (ksmbd_vfs_compare_durable_owner(fp, user) == false) { 2143 ksmbd_debug(SMB, "Durable handle reconnect failed: owner mismatch\n"); 2144 ret = -EBADF; 2145 goto out; 2146 } 2147 2148 if (opinfo->is_lease == false) { 2149 if (lctx) { 2150 pr_err("create context include lease\n"); 2151 ret = -EBADF; 2152 goto out; 2153 } 2154 2155 if (opinfo->level != SMB2_OPLOCK_LEVEL_BATCH) { 2156 pr_err("oplock level is not equal to SMB2_OPLOCK_LEVEL_BATCH\n"); 2157 ret = -EBADF; 2158 } 2159 2160 goto out; 2161 } 2162 2163 if (memcmp(conn->ClientGUID, fp->client_guid, 2164 SMB2_CLIENT_GUID_SIZE)) { 2165 ksmbd_debug(SMB, "Client guid of fp is not equal to the one of connection\n"); 2166 ret = -EBADF; 2167 goto out; 2168 } 2169 2170 if (!lctx) { 2171 ksmbd_debug(SMB, "create context does not include lease\n"); 2172 ret = -EBADF; 2173 goto out; 2174 } 2175 2176 if (memcmp(opinfo->o_lease->lease_key, lctx->lease_key, 2177 SMB2_LEASE_KEY_SIZE)) { 2178 ksmbd_debug(SMB, 2179 "lease key of fp does not match lease key in create context\n"); 2180 ret = -EBADF; 2181 goto out; 2182 } 2183 2184 if (!(opinfo->o_lease->state & SMB2_LEASE_HANDLE_CACHING_LE)) { 2185 ksmbd_debug(SMB, "lease state does not contain SMB2_LEASE_HANDLE_CACHING\n"); 2186 ret = -EBADF; 2187 goto out; 2188 } 2189 2190 if (opinfo->o_lease->version != lctx->version) { 2191 ksmbd_debug(SMB, 2192 "lease version of fp does not match the one in create context\n"); 2193 ret = -EBADF; 2194 goto out; 2195 } 2196 2197 if (!ksmbd_inode_pending_delete(fp)) 2198 ret = ksmbd_validate_name_reconnect(share, fp, name); 2199 out: 2200 opinfo_put(opinfo); 2201 return ret; 2202 } 2203