1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* AFS cell and server record management
3 *
4 * Copyright (C) 2002, 2017 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
6 */
7
8 #include <linux/slab.h>
9 #include <linux/key.h>
10 #include <linux/ctype.h>
11 #include <linux/dns_resolver.h>
12 #include <linux/sched.h>
13 #include <linux/inet.h>
14 #include <linux/namei.h>
15 #include <keys/rxrpc-type.h>
16 #include "internal.h"
17
18 static unsigned __read_mostly afs_cell_gc_delay = 10;
19 static unsigned __read_mostly afs_cell_min_ttl = 10 * 60;
20 static unsigned __read_mostly afs_cell_max_ttl = 24 * 60 * 60;
21 static atomic_t cell_debug_id;
22
23 static void afs_cell_timer(struct timer_list *timer);
24 static void afs_destroy_cell_work(struct work_struct *work);
25 static void afs_manage_cell_work(struct work_struct *work);
26
afs_dec_cells_outstanding(struct afs_net * net)27 static void afs_dec_cells_outstanding(struct afs_net *net)
28 {
29 if (atomic_dec_and_test(&net->cells_outstanding))
30 wake_up_var(&net->cells_outstanding);
31 }
32
afs_set_cell_state(struct afs_cell * cell,enum afs_cell_state state)33 static void afs_set_cell_state(struct afs_cell *cell, enum afs_cell_state state)
34 {
35 smp_store_release(&cell->state, state); /* Commit cell changes before state */
36 smp_wmb(); /* Set cell state before task state */
37 wake_up_var(&cell->state);
38 }
39
40 /*
41 * Look up and get an activation reference on a cell record. The caller must
42 * hold net->cells_lock at least read-locked.
43 */
afs_find_cell_locked(struct afs_net * net,const char * name,unsigned int namesz,enum afs_cell_trace reason)44 static struct afs_cell *afs_find_cell_locked(struct afs_net *net,
45 const char *name, unsigned int namesz,
46 enum afs_cell_trace reason)
47 {
48 struct afs_cell *cell = NULL;
49 struct rb_node *p;
50 int n;
51
52 _enter("%*.*s", namesz, namesz, name);
53
54 if (name && namesz == 0)
55 return ERR_PTR(-EINVAL);
56 if (namesz > AFS_MAXCELLNAME)
57 return ERR_PTR(-ENAMETOOLONG);
58
59 if (!name) {
60 cell = rcu_dereference_protected(net->ws_cell,
61 lockdep_is_held(&net->cells_lock));
62 if (!cell)
63 return ERR_PTR(-EDESTADDRREQ);
64 goto found;
65 }
66
67 p = net->cells.rb_node;
68 while (p) {
69 cell = rb_entry(p, struct afs_cell, net_node);
70
71 n = strncasecmp(cell->name, name,
72 min_t(size_t, cell->name_len, namesz));
73 if (n == 0)
74 n = cell->name_len - namesz;
75 if (n < 0)
76 p = p->rb_left;
77 else if (n > 0)
78 p = p->rb_right;
79 else
80 goto found;
81 }
82
83 return ERR_PTR(-ENOENT);
84
85 found:
86 return afs_use_cell(cell, reason);
87 }
88
89 /*
90 * Look up and get an activation reference on a cell record.
91 */
afs_find_cell(struct afs_net * net,const char * name,unsigned int namesz,enum afs_cell_trace reason)92 struct afs_cell *afs_find_cell(struct afs_net *net,
93 const char *name, unsigned int namesz,
94 enum afs_cell_trace reason)
95 {
96 struct afs_cell *cell;
97
98 down_read(&net->cells_lock);
99 cell = afs_find_cell_locked(net, name, namesz, reason);
100 up_read(&net->cells_lock);
101 return cell;
102 }
103
104 /*
105 * Set up a cell record and fill in its name, VL server address list and
106 * allocate an anonymous key
107 */
afs_alloc_cell(struct afs_net * net,const char * name,unsigned int namelen,const char * addresses)108 static struct afs_cell *afs_alloc_cell(struct afs_net *net,
109 const char *name, unsigned int namelen,
110 const char *addresses)
111 {
112 struct afs_vlserver_list *vllist = NULL;
113 struct afs_cell *cell;
114 int i, ret;
115
116 ASSERT(name);
117 if (namelen == 0)
118 return ERR_PTR(-EINVAL);
119 if (namelen > AFS_MAXCELLNAME) {
120 _leave(" = -ENAMETOOLONG");
121 return ERR_PTR(-ENAMETOOLONG);
122 }
123
124 /* Prohibit cell names that contain unprintable chars, '/' and '@' or
125 * that begin with a dot. This also precludes "@cell".
126 */
127 if (name[0] == '.')
128 return ERR_PTR(-EINVAL);
129 for (i = 0; i < namelen; i++) {
130 char ch = name[i];
131 if (!isprint(ch) || ch == '/' || ch == '@')
132 return ERR_PTR(-EINVAL);
133 }
134
135 _enter("%*.*s,%s", namelen, namelen, name, addresses);
136
137 cell = kzalloc(sizeof(struct afs_cell), GFP_KERNEL);
138 if (!cell) {
139 _leave(" = -ENOMEM");
140 return ERR_PTR(-ENOMEM);
141 }
142
143 cell->name = kmalloc(1 + namelen + 1, GFP_KERNEL);
144 if (!cell->name) {
145 kfree(cell);
146 return ERR_PTR(-ENOMEM);
147 }
148
149 cell->name[0] = '.';
150 cell->name++;
151 cell->name_len = namelen;
152 for (i = 0; i < namelen; i++)
153 cell->name[i] = tolower(name[i]);
154 cell->name[i] = 0;
155
156 cell->net = net;
157 refcount_set(&cell->ref, 1);
158 atomic_set(&cell->active, 0);
159 INIT_WORK(&cell->destroyer, afs_destroy_cell_work);
160 INIT_WORK(&cell->manager, afs_manage_cell_work);
161 timer_setup(&cell->management_timer, afs_cell_timer, 0);
162 init_rwsem(&cell->vs_lock);
163 cell->volumes = RB_ROOT;
164 INIT_HLIST_HEAD(&cell->proc_volumes);
165 seqlock_init(&cell->volume_lock);
166 cell->fs_servers = RB_ROOT;
167 init_rwsem(&cell->fs_lock);
168 rwlock_init(&cell->vl_servers_lock);
169 cell->flags = (1 << AFS_CELL_FL_CHECK_ALIAS);
170
171 /* Provide a VL server list, filling it in if we were given a list of
172 * addresses to use.
173 */
174 if (addresses) {
175 vllist = afs_parse_text_addrs(net,
176 addresses, strlen(addresses), ':',
177 VL_SERVICE, AFS_VL_PORT);
178 if (IS_ERR(vllist)) {
179 ret = PTR_ERR(vllist);
180 vllist = NULL;
181 goto parse_failed;
182 }
183
184 vllist->source = DNS_RECORD_FROM_CONFIG;
185 vllist->status = DNS_LOOKUP_NOT_DONE;
186 cell->dns_expiry = TIME64_MAX;
187 } else {
188 ret = -ENOMEM;
189 vllist = afs_alloc_vlserver_list(0);
190 if (!vllist)
191 goto error;
192 vllist->source = DNS_RECORD_UNAVAILABLE;
193 vllist->status = DNS_LOOKUP_NOT_DONE;
194 cell->dns_expiry = ktime_get_real_seconds();
195 }
196
197 rcu_assign_pointer(cell->vl_servers, vllist);
198
199 cell->dns_source = vllist->source;
200 cell->dns_status = vllist->status;
201 smp_store_release(&cell->dns_lookup_count, 1); /* vs source/status */
202 atomic_inc(&net->cells_outstanding);
203 ret = idr_alloc_cyclic(&net->cells_dyn_ino, cell,
204 2, INT_MAX / 2, GFP_KERNEL);
205 if (ret < 0)
206 goto error;
207 cell->dynroot_ino = ret;
208 cell->debug_id = atomic_inc_return(&cell_debug_id);
209
210 trace_afs_cell(cell->debug_id, 1, 0, afs_cell_trace_alloc);
211
212 _leave(" = %p", cell);
213 return cell;
214
215 parse_failed:
216 if (ret == -EINVAL)
217 printk(KERN_ERR "kAFS: bad VL server IP address\n");
218 error:
219 afs_put_vlserverlist(cell->net, vllist);
220 kfree(cell->name - 1);
221 kfree(cell);
222 _leave(" = %d", ret);
223 return ERR_PTR(ret);
224 }
225
226 /*
227 * afs_lookup_cell - Look up or create a cell record.
228 * @net: The network namespace
229 * @name: The name of the cell.
230 * @namesz: The strlen of the cell name.
231 * @vllist: A colon/comma separated list of numeric IP addresses or NULL.
232 * @reason: The reason we're doing the lookup
233 * @trace: The reason to be logged if the lookup is successful.
234 *
235 * Look up a cell record by name and query the DNS for VL server addresses if
236 * needed. Note that that actual DNS query is punted off to the manager thread
237 * so that this function can return immediately if interrupted whilst allowing
238 * cell records to be shared even if not yet fully constructed.
239 */
afs_lookup_cell(struct afs_net * net,const char * name,unsigned int namesz,const char * vllist,enum afs_lookup_cell_for reason,enum afs_cell_trace trace)240 struct afs_cell *afs_lookup_cell(struct afs_net *net,
241 const char *name, unsigned int namesz,
242 const char *vllist,
243 enum afs_lookup_cell_for reason,
244 enum afs_cell_trace trace)
245 {
246 struct afs_cell *cell, *candidate, *cursor;
247 struct rb_node *parent, **pp;
248 enum afs_cell_state state;
249 int ret, n;
250
251 _enter("%s,%s,%u", name, vllist, reason);
252
253 if (reason != AFS_LOOKUP_CELL_PRELOAD) {
254 cell = afs_find_cell(net, name, namesz, trace);
255 if (!IS_ERR(cell)) {
256 if (reason == AFS_LOOKUP_CELL_DYNROOT)
257 goto no_wait;
258 if (cell->state == AFS_CELL_SETTING_UP ||
259 cell->state == AFS_CELL_UNLOOKED)
260 goto lookup_cell;
261 goto wait_for_cell;
262 }
263 }
264
265 /* Assume we're probably going to create a cell and preallocate and
266 * mostly set up a candidate record. We can then use this to stash the
267 * name, the net namespace and VL server addresses.
268 *
269 * We also want to do this before we hold any locks as it may involve
270 * upcalling to userspace to make DNS queries.
271 */
272 candidate = afs_alloc_cell(net, name, namesz, vllist);
273 if (IS_ERR(candidate)) {
274 _leave(" = %ld", PTR_ERR(candidate));
275 return candidate;
276 }
277
278 /* Find the insertion point and check to see if someone else added a
279 * cell whilst we were allocating.
280 */
281 down_write(&net->cells_lock);
282
283 pp = &net->cells.rb_node;
284 parent = NULL;
285 while (*pp) {
286 parent = *pp;
287 cursor = rb_entry(parent, struct afs_cell, net_node);
288
289 n = strncasecmp(cursor->name, name,
290 min_t(size_t, cursor->name_len, namesz));
291 if (n == 0)
292 n = cursor->name_len - namesz;
293 if (n < 0)
294 pp = &(*pp)->rb_left;
295 else if (n > 0)
296 pp = &(*pp)->rb_right;
297 else
298 goto cell_already_exists;
299 }
300
301 cell = candidate;
302 candidate = NULL;
303 afs_use_cell(cell, trace);
304 rb_link_node_rcu(&cell->net_node, parent, pp);
305 rb_insert_color(&cell->net_node, &net->cells);
306 up_write(&net->cells_lock);
307
308 lookup_cell:
309 if (reason != AFS_LOOKUP_CELL_PRELOAD &&
310 reason != AFS_LOOKUP_CELL_ROOTCELL) {
311 set_bit(AFS_CELL_FL_DO_LOOKUP, &cell->flags);
312 afs_queue_cell(cell, afs_cell_trace_queue_new);
313 }
314
315 wait_for_cell:
316 state = smp_load_acquire(&cell->state); /* vs error */
317 switch (state) {
318 case AFS_CELL_ACTIVE:
319 case AFS_CELL_DEAD:
320 break;
321 case AFS_CELL_UNLOOKED:
322 default:
323 if (reason == AFS_LOOKUP_CELL_PRELOAD ||
324 reason == AFS_LOOKUP_CELL_ROOTCELL)
325 break;
326 _debug("wait_for_cell");
327 afs_see_cell(cell, afs_cell_trace_wait);
328 wait_var_event(&cell->state,
329 ({
330 state = smp_load_acquire(&cell->state); /* vs error */
331 state == AFS_CELL_ACTIVE || state == AFS_CELL_DEAD;
332 }));
333 _debug("waited_for_cell %d %d", cell->state, cell->error);
334 }
335
336 no_wait:
337 /* Check the state obtained from the wait check. */
338 state = smp_load_acquire(&cell->state); /* vs error */
339 if (state == AFS_CELL_DEAD) {
340 ret = cell->error;
341 goto error;
342 }
343 if (state == AFS_CELL_ACTIVE) {
344 switch (cell->dns_status) {
345 case DNS_LOOKUP_NOT_DONE:
346 if (cell->dns_source == DNS_RECORD_FROM_CONFIG) {
347 ret = 0;
348 break;
349 }
350 fallthrough;
351 default:
352 ret = -EIO;
353 goto error;
354 case DNS_LOOKUP_GOOD:
355 case DNS_LOOKUP_GOOD_WITH_BAD:
356 ret = 0;
357 break;
358 case DNS_LOOKUP_GOT_NOT_FOUND:
359 ret = -ENOENT;
360 goto error;
361 case DNS_LOOKUP_BAD:
362 ret = -EREMOTEIO;
363 goto error;
364 case DNS_LOOKUP_GOT_LOCAL_FAILURE:
365 case DNS_LOOKUP_GOT_TEMP_FAILURE:
366 case DNS_LOOKUP_GOT_NS_FAILURE:
367 ret = -EDESTADDRREQ;
368 goto error;
369 }
370 }
371
372 _leave(" = %p [cell]", cell);
373 return cell;
374
375 cell_already_exists:
376 _debug("cell exists");
377 cell = cursor;
378 if (reason == AFS_LOOKUP_CELL_PRELOAD) {
379 ret = -EEXIST;
380 } else {
381 afs_use_cell(cursor, trace);
382 ret = 0;
383 }
384 up_write(&net->cells_lock);
385 if (candidate)
386 afs_put_cell(candidate, afs_cell_trace_put_candidate);
387 if (ret == 0)
388 goto wait_for_cell;
389 goto error_noput;
390 error:
391 afs_unuse_cell(cell, afs_cell_trace_unuse_lookup_error);
392 error_noput:
393 _leave(" = %d [error]", ret);
394 return ERR_PTR(ret);
395 }
396
397 /*
398 * set the root cell information
399 * - can be called with a module parameter string
400 * - can be called from a write to /proc/fs/afs/rootcell
401 */
afs_cell_init(struct afs_net * net,const char * rootcell)402 int afs_cell_init(struct afs_net *net, const char *rootcell)
403 {
404 struct afs_cell *old_root, *new_root;
405 const char *cp, *vllist;
406 size_t len;
407
408 _enter("");
409
410 if (!rootcell) {
411 /* module is loaded with no parameters, or built statically.
412 * - in the future we might initialize cell DB here.
413 */
414 _leave(" = 0 [no root]");
415 return 0;
416 }
417
418 cp = strchr(rootcell, ':');
419 if (!cp) {
420 _debug("kAFS: no VL server IP addresses specified");
421 vllist = NULL;
422 len = strlen(rootcell);
423 } else {
424 vllist = cp + 1;
425 len = cp - rootcell;
426 }
427
428 if (len == 0 || !rootcell[0] || rootcell[0] == '.' || rootcell[len - 1] == '.')
429 return -EINVAL;
430 if (memchr(rootcell, '/', len))
431 return -EINVAL;
432 cp = strstr(rootcell, "..");
433 if (cp && cp < rootcell + len)
434 return -EINVAL;
435
436 /* allocate a cell record for the root/workstation cell */
437 new_root = afs_lookup_cell(net, rootcell, len, vllist,
438 AFS_LOOKUP_CELL_ROOTCELL,
439 afs_cell_trace_use_lookup_ws);
440 if (IS_ERR(new_root)) {
441 _leave(" = %ld", PTR_ERR(new_root));
442 return PTR_ERR(new_root);
443 }
444
445 if (!test_and_set_bit(AFS_CELL_FL_NO_GC, &new_root->flags))
446 afs_use_cell(new_root, afs_cell_trace_use_pin);
447
448 /* install the new cell */
449 down_write(&net->cells_lock);
450 old_root = rcu_replace_pointer(net->ws_cell, new_root,
451 lockdep_is_held(&net->cells_lock));
452 up_write(&net->cells_lock);
453
454 afs_unuse_cell(old_root, afs_cell_trace_unuse_ws);
455 _leave(" = 0");
456 return 0;
457 }
458
459 /*
460 * Update a cell's VL server address list from the DNS.
461 */
afs_update_cell(struct afs_cell * cell)462 static int afs_update_cell(struct afs_cell *cell)
463 {
464 struct afs_vlserver_list *vllist, *old = NULL, *p;
465 unsigned int min_ttl = READ_ONCE(afs_cell_min_ttl);
466 unsigned int max_ttl = READ_ONCE(afs_cell_max_ttl);
467 time64_t now, expiry = 0;
468 int ret = 0;
469
470 _enter("%s", cell->name);
471
472 vllist = afs_dns_query(cell, &expiry);
473 if (IS_ERR(vllist)) {
474 ret = PTR_ERR(vllist);
475
476 _debug("%s: fail %d", cell->name, ret);
477 if (ret == -ENOMEM)
478 goto out_wake;
479
480 vllist = afs_alloc_vlserver_list(0);
481 if (!vllist) {
482 if (ret >= 0)
483 ret = -ENOMEM;
484 goto out_wake;
485 }
486
487 switch (ret) {
488 case -ENODATA:
489 case -EDESTADDRREQ:
490 vllist->status = DNS_LOOKUP_GOT_NOT_FOUND;
491 break;
492 case -EAGAIN:
493 case -ECONNREFUSED:
494 vllist->status = DNS_LOOKUP_GOT_TEMP_FAILURE;
495 break;
496 default:
497 vllist->status = DNS_LOOKUP_GOT_LOCAL_FAILURE;
498 break;
499 }
500 }
501
502 _debug("%s: got list %d %d", cell->name, vllist->source, vllist->status);
503 cell->dns_status = vllist->status;
504
505 now = ktime_get_real_seconds();
506 if (min_ttl > max_ttl)
507 max_ttl = min_ttl;
508 if (expiry < now + min_ttl)
509 expiry = now + min_ttl;
510 else if (expiry > now + max_ttl)
511 expiry = now + max_ttl;
512
513 _debug("%s: status %d", cell->name, vllist->status);
514 if (vllist->source == DNS_RECORD_UNAVAILABLE) {
515 switch (vllist->status) {
516 case DNS_LOOKUP_GOT_NOT_FOUND:
517 /* The DNS said that the cell does not exist or there
518 * weren't any addresses to be had.
519 */
520 cell->dns_expiry = expiry;
521 break;
522
523 case DNS_LOOKUP_BAD:
524 case DNS_LOOKUP_GOT_LOCAL_FAILURE:
525 case DNS_LOOKUP_GOT_TEMP_FAILURE:
526 case DNS_LOOKUP_GOT_NS_FAILURE:
527 default:
528 cell->dns_expiry = now + 10;
529 break;
530 }
531 } else {
532 cell->dns_expiry = expiry;
533 }
534
535 /* Replace the VL server list if the new record has servers or the old
536 * record doesn't.
537 */
538 write_lock(&cell->vl_servers_lock);
539 p = rcu_dereference_protected(cell->vl_servers, true);
540 if (vllist->nr_servers > 0 || p->nr_servers == 0) {
541 rcu_assign_pointer(cell->vl_servers, vllist);
542 cell->dns_source = vllist->source;
543 old = p;
544 }
545 write_unlock(&cell->vl_servers_lock);
546 afs_put_vlserverlist(cell->net, old);
547
548 out_wake:
549 smp_store_release(&cell->dns_lookup_count,
550 cell->dns_lookup_count + 1); /* vs source/status */
551 wake_up_var(&cell->dns_lookup_count);
552 _leave(" = %d", ret);
553 return ret;
554 }
555
556 /*
557 * Destroy a cell record
558 */
afs_cell_destroy(struct rcu_head * rcu)559 static void afs_cell_destroy(struct rcu_head *rcu)
560 {
561 struct afs_cell *cell = container_of(rcu, struct afs_cell, rcu);
562 struct afs_net *net = cell->net;
563 int r;
564
565 _enter("%p{%s}", cell, cell->name);
566
567 r = refcount_read(&cell->ref);
568 ASSERTCMP(r, ==, 0);
569 trace_afs_cell(cell->debug_id, r, atomic_read(&cell->active), afs_cell_trace_free);
570
571 afs_put_vlserverlist(net, rcu_access_pointer(cell->vl_servers));
572 afs_unuse_cell(cell->alias_of, afs_cell_trace_unuse_alias);
573 key_put(cell->anonymous_key);
574 idr_remove(&net->cells_dyn_ino, cell->dynroot_ino);
575 kfree(cell->name - 1);
576 kfree(cell);
577
578 afs_dec_cells_outstanding(net);
579 _leave(" [destroyed]");
580 }
581
afs_destroy_cell_work(struct work_struct * work)582 static void afs_destroy_cell_work(struct work_struct *work)
583 {
584 struct afs_cell *cell = container_of(work, struct afs_cell, destroyer);
585
586 afs_see_cell(cell, afs_cell_trace_destroy);
587 timer_delete_sync(&cell->management_timer);
588 cancel_work_sync(&cell->manager);
589 call_rcu(&cell->rcu, afs_cell_destroy);
590 }
591
592 /*
593 * Get a reference on a cell record.
594 */
afs_get_cell(struct afs_cell * cell,enum afs_cell_trace reason)595 struct afs_cell *afs_get_cell(struct afs_cell *cell, enum afs_cell_trace reason)
596 {
597 int r;
598
599 __refcount_inc(&cell->ref, &r);
600 trace_afs_cell(cell->debug_id, r + 1, atomic_read(&cell->active), reason);
601 return cell;
602 }
603
604 /*
605 * Drop a reference on a cell record.
606 */
afs_put_cell(struct afs_cell * cell,enum afs_cell_trace reason)607 void afs_put_cell(struct afs_cell *cell, enum afs_cell_trace reason)
608 {
609 if (cell) {
610 unsigned int debug_id = cell->debug_id;
611 unsigned int a;
612 bool zero;
613 int r;
614
615 a = atomic_read(&cell->active);
616 zero = __refcount_dec_and_test(&cell->ref, &r);
617 trace_afs_cell(debug_id, r - 1, a, reason);
618 if (zero) {
619 a = atomic_read(&cell->active);
620 WARN(a != 0, "Cell active count %u > 0\n", a);
621 WARN_ON(!queue_work(afs_wq, &cell->destroyer));
622 }
623 }
624 }
625
626 /*
627 * Note a cell becoming more active.
628 */
afs_use_cell(struct afs_cell * cell,enum afs_cell_trace reason)629 struct afs_cell *afs_use_cell(struct afs_cell *cell, enum afs_cell_trace reason)
630 {
631 int r, a;
632
633 __refcount_inc(&cell->ref, &r);
634 a = atomic_inc_return(&cell->active);
635 trace_afs_cell(cell->debug_id, r + 1, a, reason);
636 return cell;
637 }
638
639 /*
640 * Record a cell becoming less active. When the active counter reaches 1, it
641 * is scheduled for destruction, but may get reactivated.
642 */
afs_unuse_cell(struct afs_cell * cell,enum afs_cell_trace reason)643 void afs_unuse_cell(struct afs_cell *cell, enum afs_cell_trace reason)
644 {
645 unsigned int debug_id;
646 time64_t now, expire_delay;
647 bool zero;
648 int r, a;
649
650 if (!cell)
651 return;
652
653 _enter("%s", cell->name);
654
655 now = ktime_get_real_seconds();
656 cell->last_inactive = now;
657 expire_delay = 0;
658 if (cell->vl_servers->nr_servers)
659 expire_delay = afs_cell_gc_delay;
660
661 debug_id = cell->debug_id;
662 a = atomic_dec_return(&cell->active);
663 if (!a)
664 /* 'cell' may now be garbage collected. */
665 afs_set_cell_timer(cell, expire_delay);
666
667 zero = __refcount_dec_and_test(&cell->ref, &r);
668 trace_afs_cell(debug_id, r - 1, a, reason);
669 if (zero)
670 WARN_ON(!queue_work(afs_wq, &cell->destroyer));
671 }
672
673 /*
674 * Note that a cell has been seen.
675 */
afs_see_cell(struct afs_cell * cell,enum afs_cell_trace reason)676 void afs_see_cell(struct afs_cell *cell, enum afs_cell_trace reason)
677 {
678 int r, a;
679
680 r = refcount_read(&cell->ref);
681 a = atomic_read(&cell->active);
682 trace_afs_cell(cell->debug_id, r, a, reason);
683 }
684
685 /*
686 * Queue a cell for management, giving the workqueue a ref to hold.
687 */
afs_queue_cell(struct afs_cell * cell,enum afs_cell_trace reason)688 void afs_queue_cell(struct afs_cell *cell, enum afs_cell_trace reason)
689 {
690 queue_work(afs_wq, &cell->manager);
691 }
692
693 /*
694 * Cell-specific management timer.
695 */
afs_cell_timer(struct timer_list * timer)696 static void afs_cell_timer(struct timer_list *timer)
697 {
698 struct afs_cell *cell = container_of(timer, struct afs_cell, management_timer);
699
700 afs_see_cell(cell, afs_cell_trace_see_mgmt_timer);
701 if (refcount_read(&cell->ref) > 0 && cell->net->live)
702 queue_work(afs_wq, &cell->manager);
703 }
704
705 /*
706 * Set/reduce the cell timer.
707 */
afs_set_cell_timer(struct afs_cell * cell,unsigned int delay_secs)708 void afs_set_cell_timer(struct afs_cell *cell, unsigned int delay_secs)
709 {
710 timer_reduce(&cell->management_timer, jiffies + delay_secs * HZ);
711 }
712
713 /*
714 * Allocate a key to use as a placeholder for anonymous user security.
715 */
afs_alloc_anon_key(struct afs_cell * cell)716 static int afs_alloc_anon_key(struct afs_cell *cell)
717 {
718 struct key *key;
719 char keyname[4 + AFS_MAXCELLNAME + 1], *cp, *dp;
720
721 /* Create a key to represent an anonymous user. */
722 memcpy(keyname, "afs@", 4);
723 dp = keyname + 4;
724 cp = cell->name;
725 do {
726 *dp++ = tolower(*cp);
727 } while (*cp++);
728
729 key = rxrpc_get_null_key(keyname);
730 if (IS_ERR(key))
731 return PTR_ERR(key);
732
733 cell->anonymous_key = key;
734
735 _debug("anon key %p{%x}",
736 cell->anonymous_key, key_serial(cell->anonymous_key));
737 return 0;
738 }
739
740 /*
741 * Activate a cell.
742 */
afs_activate_cell(struct afs_net * net,struct afs_cell * cell)743 static int afs_activate_cell(struct afs_net *net, struct afs_cell *cell)
744 {
745 struct hlist_node **p;
746 struct afs_cell *pcell;
747 int ret;
748
749 if (!cell->anonymous_key) {
750 ret = afs_alloc_anon_key(cell);
751 if (ret < 0)
752 return ret;
753 }
754
755 ret = afs_proc_cell_setup(cell);
756 if (ret < 0)
757 return ret;
758
759 mutex_lock(&net->proc_cells_lock);
760 for (p = &net->proc_cells.first; *p; p = &(*p)->next) {
761 pcell = hlist_entry(*p, struct afs_cell, proc_link);
762 if (strcmp(cell->name, pcell->name) < 0)
763 break;
764 }
765
766 cell->proc_link.pprev = p;
767 cell->proc_link.next = *p;
768 rcu_assign_pointer(*p, &cell->proc_link.next);
769 if (cell->proc_link.next)
770 cell->proc_link.next->pprev = &cell->proc_link.next;
771
772 mutex_unlock(&net->proc_cells_lock);
773 return 0;
774 }
775
776 /*
777 * Deactivate a cell.
778 */
afs_deactivate_cell(struct afs_net * net,struct afs_cell * cell)779 static void afs_deactivate_cell(struct afs_net *net, struct afs_cell *cell)
780 {
781 _enter("%s", cell->name);
782
783 afs_proc_cell_remove(cell);
784
785 mutex_lock(&net->proc_cells_lock);
786 if (!hlist_unhashed(&cell->proc_link))
787 hlist_del_rcu(&cell->proc_link);
788 mutex_unlock(&net->proc_cells_lock);
789
790 _leave("");
791 }
792
afs_has_cell_expired(struct afs_cell * cell,time64_t * _next_manage)793 static bool afs_has_cell_expired(struct afs_cell *cell, time64_t *_next_manage)
794 {
795 const struct afs_vlserver_list *vllist;
796 time64_t expire_at = cell->last_inactive;
797 time64_t now = ktime_get_real_seconds();
798
799 if (atomic_read(&cell->active))
800 return false;
801 if (!cell->net->live)
802 return true;
803
804 vllist = rcu_dereference_protected(cell->vl_servers, true);
805 if (vllist && vllist->nr_servers > 0)
806 expire_at += afs_cell_gc_delay;
807
808 if (expire_at <= now)
809 return true;
810 if (expire_at < *_next_manage)
811 *_next_manage = expire_at;
812 return false;
813 }
814
815 /*
816 * Manage a cell record, initialising and destroying it, maintaining its DNS
817 * records.
818 */
afs_manage_cell(struct afs_cell * cell)819 static bool afs_manage_cell(struct afs_cell *cell)
820 {
821 struct afs_net *net = cell->net;
822 time64_t next_manage = TIME64_MAX;
823 int ret;
824
825 _enter("%s", cell->name);
826
827 _debug("state %u", cell->state);
828 switch (cell->state) {
829 case AFS_CELL_SETTING_UP:
830 goto set_up_cell;
831 case AFS_CELL_UNLOOKED:
832 case AFS_CELL_ACTIVE:
833 goto cell_is_active;
834 case AFS_CELL_REMOVING:
835 WARN_ON_ONCE(1);
836 return false;
837 case AFS_CELL_DEAD:
838 return false;
839 default:
840 _debug("bad state %u", cell->state);
841 WARN_ON_ONCE(1); /* Unhandled state */
842 return false;
843 }
844
845 set_up_cell:
846 ret = afs_activate_cell(net, cell);
847 if (ret < 0) {
848 cell->error = ret;
849 goto remove_cell;
850 }
851
852 afs_set_cell_state(cell, AFS_CELL_UNLOOKED);
853
854 cell_is_active:
855 if (afs_has_cell_expired(cell, &next_manage))
856 goto remove_cell;
857
858 if (test_and_clear_bit(AFS_CELL_FL_DO_LOOKUP, &cell->flags)) {
859 ret = afs_update_cell(cell);
860 if (ret < 0)
861 cell->error = ret;
862 if (cell->state == AFS_CELL_UNLOOKED)
863 afs_set_cell_state(cell, AFS_CELL_ACTIVE);
864 }
865
866 if (next_manage < TIME64_MAX && cell->net->live) {
867 time64_t now = ktime_get_real_seconds();
868
869 if (next_manage - now <= 0)
870 afs_queue_cell(cell, afs_cell_trace_queue_again);
871 else
872 afs_set_cell_timer(cell, next_manage - now);
873 }
874 _leave(" [done %u]", cell->state);
875 return false;
876
877 remove_cell:
878 down_write(&net->cells_lock);
879
880 if (atomic_read(&cell->active)) {
881 up_write(&net->cells_lock);
882 goto cell_is_active;
883 }
884
885 /* Make sure that the expiring server records are going to see the fact
886 * that the cell is caput.
887 */
888 afs_set_cell_state(cell, AFS_CELL_REMOVING);
889
890 afs_deactivate_cell(net, cell);
891 afs_purge_servers(cell);
892
893 rb_erase(&cell->net_node, &net->cells);
894 afs_see_cell(cell, afs_cell_trace_unuse_delete);
895 up_write(&net->cells_lock);
896
897 /* The root volume is pinning the cell */
898 afs_put_volume(cell->root_volume, afs_volume_trace_put_cell_root);
899 cell->root_volume = NULL;
900
901 afs_set_cell_state(cell, AFS_CELL_DEAD);
902 return true;
903 }
904
afs_manage_cell_work(struct work_struct * work)905 static void afs_manage_cell_work(struct work_struct *work)
906 {
907 struct afs_cell *cell = container_of(work, struct afs_cell, manager);
908 bool final_put;
909
910 afs_see_cell(cell, afs_cell_trace_manage);
911 final_put = afs_manage_cell(cell);
912 afs_see_cell(cell, afs_cell_trace_managed);
913 if (final_put)
914 afs_put_cell(cell, afs_cell_trace_put_final);
915 }
916
917 /*
918 * Purge in-memory cell database.
919 */
afs_cell_purge(struct afs_net * net)920 void afs_cell_purge(struct afs_net *net)
921 {
922 struct afs_cell *ws;
923 struct rb_node *cursor;
924
925 _enter("");
926
927 down_write(&net->cells_lock);
928 ws = rcu_replace_pointer(net->ws_cell, NULL,
929 lockdep_is_held(&net->cells_lock));
930 up_write(&net->cells_lock);
931 afs_unuse_cell(ws, afs_cell_trace_unuse_ws);
932
933 _debug("kick cells");
934 down_read(&net->cells_lock);
935 for (cursor = rb_first(&net->cells); cursor; cursor = rb_next(cursor)) {
936 struct afs_cell *cell = rb_entry(cursor, struct afs_cell, net_node);
937
938 afs_see_cell(cell, afs_cell_trace_purge);
939
940 if (test_and_clear_bit(AFS_CELL_FL_NO_GC, &cell->flags))
941 afs_unuse_cell(cell, afs_cell_trace_unuse_pin);
942
943 afs_queue_cell(cell, afs_cell_trace_queue_purge);
944 }
945 up_read(&net->cells_lock);
946
947 _debug("wait");
948 wait_var_event(&net->cells_outstanding,
949 !atomic_read(&net->cells_outstanding));
950 _leave("");
951 }
952