1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * FUSE: Filesystem in Userspace 4 * Copyright (c) 2023-2024 DataDirect Networks. 5 */ 6 7 #include "dev.h" 8 #include "args.h" 9 #include "dev_uring_i.h" 10 #include "fuse_trace.h" 11 12 #include <linux/fs.h> 13 #include <linux/io_uring/cmd.h> 14 15 static bool __read_mostly enable_uring; 16 module_param(enable_uring, bool, 0644); 17 MODULE_PARM_DESC(enable_uring, 18 "Enable userspace communication through io-uring"); 19 20 #define FUSE_URING_IOV_SEGS 2 /* header and payload */ 21 #define FUSE_URING_IOV_HEADERS 0 22 #define FUSE_URING_IOV_PAYLOAD 1 23 24 bool fuse_uring_enabled(void) 25 { 26 return enable_uring; 27 } 28 29 struct fuse_uring_pdu { 30 struct fuse_ring_ent *ent; 31 }; 32 33 static const struct fuse_iqueue_ops fuse_io_uring_ops; 34 35 enum fuse_uring_header_type { 36 /* struct fuse_in_header / struct fuse_out_header */ 37 FUSE_URING_HEADER_IN_OUT, 38 /* per op code header */ 39 FUSE_URING_HEADER_OP, 40 /* struct fuse_uring_ent_in_out header */ 41 FUSE_URING_HEADER_RING_ENT, 42 }; 43 44 static void uring_cmd_set_ring_ent(struct io_uring_cmd *cmd, 45 struct fuse_ring_ent *ring_ent) 46 { 47 struct fuse_uring_pdu *pdu = 48 io_uring_cmd_to_pdu(cmd, struct fuse_uring_pdu); 49 50 pdu->ent = ring_ent; 51 } 52 53 static struct fuse_ring_ent *uring_cmd_to_ring_ent(struct io_uring_cmd *cmd) 54 { 55 struct fuse_uring_pdu *pdu = 56 io_uring_cmd_to_pdu(cmd, struct fuse_uring_pdu); 57 58 return pdu->ent; 59 } 60 61 static void fuse_uring_flush_bg(struct fuse_ring_queue *queue) 62 { 63 struct fuse_ring *ring = queue->ring; 64 struct fuse_chan *fch = ring->chan; 65 66 lockdep_assert_held(&queue->lock); 67 lockdep_assert_held(&fch->bg_lock); 68 69 /* 70 * Allow one bg request per queue, ignoring global fc limits. 71 * This prevents a single queue from consuming all resources and 72 * eliminates the need for remote queue wake-ups when global 73 * limits are met but this queue has no more waiting requests. 74 */ 75 while ((fch->active_background < fch->max_background || 76 !queue->active_background) && 77 (!list_empty(&queue->fuse_req_bg_queue))) { 78 struct fuse_req *req; 79 80 req = list_first_entry(&queue->fuse_req_bg_queue, 81 struct fuse_req, list); 82 fch->active_background++; 83 queue->active_background++; 84 85 list_move_tail(&req->list, &queue->fuse_req_queue); 86 } 87 } 88 89 static void fuse_uring_req_end(struct fuse_ring_ent *ent, struct fuse_req *req, 90 int error) 91 { 92 struct fuse_ring_queue *queue = ent->queue; 93 struct fuse_ring *ring = queue->ring; 94 struct fuse_chan *fch = ring->chan; 95 96 lockdep_assert_not_held(&queue->lock); 97 spin_lock(&queue->lock); 98 ent->fuse_req = NULL; 99 list_del_init(&req->list); 100 if (test_bit(FR_BACKGROUND, &req->flags)) { 101 queue->active_background--; 102 spin_lock(&fch->bg_lock); 103 fuse_request_bg_finish(fch, req); 104 fuse_uring_flush_bg(queue); 105 spin_unlock(&fch->bg_lock); 106 } 107 108 spin_unlock(&queue->lock); 109 110 if (error) 111 req->out.h.error = error; 112 113 clear_bit(FR_SENT, &req->flags); 114 fuse_request_end(req); 115 } 116 117 /* Abort all list queued request on the given ring queue */ 118 static void fuse_uring_abort_end_queue_requests(struct fuse_ring_queue *queue) 119 { 120 struct fuse_req *req; 121 LIST_HEAD(req_list); 122 123 spin_lock(&queue->lock); 124 list_for_each_entry(req, &queue->fuse_req_queue, list) 125 clear_bit(FR_PENDING, &req->flags); 126 list_splice_init(&queue->fuse_req_queue, &req_list); 127 spin_unlock(&queue->lock); 128 129 /* must not hold queue lock to avoid order issues with fi->lock */ 130 fuse_dev_end_requests(&req_list); 131 } 132 133 void fuse_uring_abort_end_requests(struct fuse_ring *ring) 134 { 135 int qid; 136 struct fuse_ring_queue *queue; 137 struct fuse_chan *fch = ring->chan; 138 139 for (qid = 0; qid < ring->nr_queues; qid++) { 140 queue = READ_ONCE(ring->queues[qid]); 141 if (!queue) 142 continue; 143 144 WARN_ON_ONCE(fch->max_background != UINT_MAX); 145 spin_lock(&queue->lock); 146 queue->stopped = true; 147 spin_lock(&fch->bg_lock); 148 fuse_uring_flush_bg(queue); 149 spin_unlock(&fch->bg_lock); 150 spin_unlock(&queue->lock); 151 fuse_uring_abort_end_queue_requests(queue); 152 } 153 } 154 155 static bool ent_list_request_expired(struct fuse_chan *fch, struct list_head *list) 156 { 157 struct fuse_ring_ent *ent; 158 struct fuse_req *req; 159 160 ent = list_first_entry_or_null(list, struct fuse_ring_ent, list); 161 if (!ent) 162 return false; 163 164 req = ent->fuse_req; 165 166 return time_is_before_jiffies(req->create_time + 167 fch->timeout.req_timeout); 168 } 169 170 bool fuse_uring_request_expired(struct fuse_chan *fch) 171 { 172 struct fuse_ring *ring = fch->ring; 173 struct fuse_ring_queue *queue; 174 int qid; 175 176 if (!ring) 177 return false; 178 179 for (qid = 0; qid < ring->nr_queues; qid++) { 180 queue = READ_ONCE(ring->queues[qid]); 181 if (!queue) 182 continue; 183 184 spin_lock(&queue->lock); 185 if (fuse_request_expired(fch, &queue->fuse_req_queue) || 186 fuse_request_expired(fch, &queue->fuse_req_bg_queue) || 187 ent_list_request_expired(fch, &queue->ent_w_req_queue) || 188 ent_list_request_expired(fch, &queue->ent_in_userspace)) { 189 spin_unlock(&queue->lock); 190 return true; 191 } 192 spin_unlock(&queue->lock); 193 } 194 195 return false; 196 } 197 198 void fuse_uring_destruct(struct fuse_chan *fch) 199 { 200 struct fuse_ring *ring = fch->ring; 201 int qid; 202 203 if (!ring) 204 return; 205 206 for (qid = 0; qid < ring->nr_queues; qid++) { 207 struct fuse_ring_queue *queue = ring->queues[qid]; 208 struct fuse_ring_ent *ent, *next; 209 210 if (!queue) 211 continue; 212 213 WARN_ON(!list_empty(&queue->ent_avail_queue)); 214 WARN_ON(!list_empty(&queue->ent_w_req_queue)); 215 WARN_ON(!list_empty(&queue->ent_commit_queue)); 216 WARN_ON(!list_empty(&queue->ent_in_userspace)); 217 218 list_for_each_entry_safe(ent, next, &queue->ent_released, 219 list) { 220 list_del_init(&ent->list); 221 kfree(ent); 222 } 223 224 kfree(queue->fpq.processing); 225 kfree(queue); 226 ring->queues[qid] = NULL; 227 } 228 229 kfree(ring->queues); 230 kfree(ring); 231 fch->ring = NULL; 232 } 233 234 /* 235 * Basic ring setup for this connection based on the provided configuration 236 */ 237 static struct fuse_ring *fuse_uring_create(struct fuse_chan *fch) 238 { 239 struct fuse_ring *ring; 240 size_t nr_queues = num_possible_cpus(); 241 struct fuse_ring *res = NULL; 242 size_t max_payload_size; 243 244 ring = kzalloc_obj(*ring, GFP_KERNEL_ACCOUNT); 245 if (!ring) 246 return NULL; 247 248 ring->queues = kzalloc_objs(struct fuse_ring_queue *, nr_queues, 249 GFP_KERNEL_ACCOUNT); 250 if (!ring->queues) 251 goto out_err; 252 253 max_payload_size = max(FUSE_MIN_READ_BUFFER, fch->max_write); 254 max_payload_size = max(max_payload_size, fch->max_pages * PAGE_SIZE); 255 256 spin_lock(&fch->lock); 257 if (!fch->connected) { 258 spin_unlock(&fch->lock); 259 goto out_err; 260 } 261 if (fch->ring) { 262 /* race, another thread created the ring in the meantime */ 263 spin_unlock(&fch->lock); 264 res = fch->ring; 265 goto out_err; 266 } 267 268 init_waitqueue_head(&ring->stop_waitq); 269 270 ring->nr_queues = nr_queues; 271 ring->chan = fch; 272 ring->max_payload_sz = max_payload_size; 273 smp_store_release(&fch->ring, ring); 274 275 spin_unlock(&fch->lock); 276 return ring; 277 278 out_err: 279 kfree(ring->queues); 280 kfree(ring); 281 return res; 282 } 283 284 static struct fuse_ring_queue *fuse_uring_create_queue(struct fuse_ring *ring, 285 int qid) 286 { 287 struct fuse_chan *fch = ring->chan; 288 struct fuse_ring_queue *queue; 289 struct list_head *pq; 290 291 queue = kzalloc_obj(*queue, GFP_KERNEL_ACCOUNT); 292 if (!queue) 293 return NULL; 294 pq = fuse_pqueue_alloc(); 295 if (!pq) { 296 kfree(queue); 297 return NULL; 298 } 299 300 queue->qid = qid; 301 queue->ring = ring; 302 spin_lock_init(&queue->lock); 303 304 INIT_LIST_HEAD(&queue->ent_avail_queue); 305 INIT_LIST_HEAD(&queue->ent_commit_queue); 306 INIT_LIST_HEAD(&queue->ent_w_req_queue); 307 INIT_LIST_HEAD(&queue->ent_in_userspace); 308 INIT_LIST_HEAD(&queue->fuse_req_queue); 309 INIT_LIST_HEAD(&queue->fuse_req_bg_queue); 310 INIT_LIST_HEAD(&queue->ent_released); 311 312 fuse_pqueue_init(&queue->fpq); 313 queue->fpq.processing = pq; 314 315 spin_lock(&fch->lock); 316 if (ring->queues[qid]) { 317 spin_unlock(&fch->lock); 318 kfree(queue->fpq.processing); 319 kfree(queue); 320 return ring->queues[qid]; 321 } 322 323 /* 324 * write_once and lock as the caller mostly doesn't take the lock at all 325 */ 326 WRITE_ONCE(ring->queues[qid], queue); 327 spin_unlock(&fch->lock); 328 329 return queue; 330 } 331 332 static void fuse_uring_stop_fuse_req_end(struct fuse_req *req) 333 { 334 clear_bit(FR_SENT, &req->flags); 335 req->out.h.error = -ECONNABORTED; 336 fuse_request_end(req); 337 } 338 339 /* 340 * Release a request/entry on connection tear down 341 */ 342 static void fuse_uring_entry_teardown(struct fuse_ring_ent *ent) 343 { 344 struct fuse_req *req; 345 struct io_uring_cmd *cmd; 346 347 struct fuse_ring_queue *queue = ent->queue; 348 349 spin_lock(&queue->lock); 350 cmd = ent->cmd; 351 ent->cmd = NULL; 352 req = ent->fuse_req; 353 ent->fuse_req = NULL; 354 if (req) { 355 /* remove entry from queue->fpq->processing */ 356 list_del_init(&req->list); 357 } 358 359 /* 360 * The entry must not be freed immediately, due to access of direct 361 * pointer access of entries through IO_URING_F_CANCEL - there is a risk 362 * of race between daemon termination (which triggers IO_URING_F_CANCEL 363 * and accesses entries without checking the list state first 364 */ 365 list_move(&ent->list, &queue->ent_released); 366 ent->state = FRRS_RELEASED; 367 spin_unlock(&queue->lock); 368 369 if (cmd) 370 io_uring_cmd_done(cmd, -ENOTCONN, IO_URING_F_UNLOCKED); 371 372 if (req) 373 fuse_uring_stop_fuse_req_end(req); 374 } 375 376 static void fuse_uring_stop_list_entries(struct list_head *head, 377 struct fuse_ring_queue *queue, 378 enum fuse_ring_req_state exp_state) 379 { 380 struct fuse_ring *ring = queue->ring; 381 struct fuse_ring_ent *ent, *next; 382 ssize_t queue_refs = SSIZE_MAX; 383 LIST_HEAD(to_teardown); 384 385 spin_lock(&queue->lock); 386 list_for_each_entry_safe(ent, next, head, list) { 387 if (ent->state != exp_state) { 388 pr_warn("entry teardown qid=%d state=%d expected=%d", 389 queue->qid, ent->state, exp_state); 390 continue; 391 } 392 393 ent->state = FRRS_TEARDOWN; 394 list_move(&ent->list, &to_teardown); 395 } 396 spin_unlock(&queue->lock); 397 398 /* no queue lock to avoid lock order issues */ 399 list_for_each_entry_safe(ent, next, &to_teardown, list) { 400 fuse_uring_entry_teardown(ent); 401 queue_refs = atomic_dec_return(&ring->queue_refs); 402 WARN_ON_ONCE(queue_refs < 0); 403 } 404 } 405 406 static void fuse_uring_teardown_entries(struct fuse_ring_queue *queue) 407 { 408 fuse_uring_stop_list_entries(&queue->ent_in_userspace, queue, 409 FRRS_USERSPACE); 410 fuse_uring_stop_list_entries(&queue->ent_avail_queue, queue, 411 FRRS_AVAILABLE); 412 } 413 414 static void fuse_uring_teardown_all_queues(struct fuse_ring *ring) 415 { 416 int qid; 417 418 for (qid = 0; qid < ring->nr_queues; qid++) { 419 struct fuse_ring_queue *queue = READ_ONCE(ring->queues[qid]); 420 421 if (!queue) 422 continue; 423 424 fuse_uring_teardown_entries(queue); 425 } 426 } 427 428 /* 429 * Log state debug info 430 */ 431 static void fuse_uring_log_ent_state(struct fuse_ring *ring) 432 { 433 int qid; 434 struct fuse_ring_ent *ent; 435 436 for (qid = 0; qid < ring->nr_queues; qid++) { 437 struct fuse_ring_queue *queue = ring->queues[qid]; 438 439 if (!queue) 440 continue; 441 442 spin_lock(&queue->lock); 443 /* 444 * Log entries from the intermediate queue, the other queues 445 * should be empty 446 */ 447 list_for_each_entry(ent, &queue->ent_w_req_queue, list) { 448 pr_info(" ent-req-queue ring=%p qid=%d ent=%p state=%d\n", 449 ring, qid, ent, ent->state); 450 } 451 list_for_each_entry(ent, &queue->ent_commit_queue, list) { 452 pr_info(" ent-commit-queue ring=%p qid=%d ent=%p state=%d\n", 453 ring, qid, ent, ent->state); 454 } 455 spin_unlock(&queue->lock); 456 } 457 ring->stop_debug_log = 1; 458 } 459 460 static void fuse_uring_async_stop_queues(struct work_struct *work) 461 { 462 struct fuse_ring *ring = 463 container_of(work, struct fuse_ring, async_teardown_work.work); 464 465 fuse_uring_teardown_all_queues(ring); 466 467 /* 468 * Some ring entries might be in the middle of IO operations, 469 * i.e. in process to get handled by file_operations::uring_cmd 470 * or on the way to userspace - we could handle that with conditions in 471 * run time code, but easier/cleaner to have an async tear down handler 472 * If there are still queue references left 473 */ 474 if (atomic_read(&ring->queue_refs) > 0) { 475 if (time_after(jiffies, 476 ring->teardown_time + FUSE_URING_TEARDOWN_TIMEOUT)) 477 fuse_uring_log_ent_state(ring); 478 479 schedule_delayed_work(&ring->async_teardown_work, 480 FUSE_URING_TEARDOWN_INTERVAL); 481 } else { 482 wake_up_all(&ring->stop_waitq); 483 fuse_conn_put(ring->chan->conn); 484 } 485 } 486 487 /* 488 * Stop the ring queues 489 */ 490 void fuse_uring_stop_queues(struct fuse_ring *ring) 491 { 492 fuse_uring_teardown_all_queues(ring); 493 494 if (atomic_read(&ring->queue_refs) > 0) { 495 fuse_conn_get(ring->chan->conn); 496 ring->teardown_time = jiffies; 497 INIT_DELAYED_WORK(&ring->async_teardown_work, 498 fuse_uring_async_stop_queues); 499 schedule_delayed_work(&ring->async_teardown_work, 500 FUSE_URING_TEARDOWN_INTERVAL); 501 } else { 502 wake_up_all(&ring->stop_waitq); 503 } 504 } 505 506 /* 507 * Handle IO_URING_F_CANCEL, typically should come on daemon termination. 508 * 509 * Releasing the last entry should trigger fuse_dev_release() if 510 * the daemon was terminated 511 */ 512 static void fuse_uring_cancel(struct io_uring_cmd *cmd, 513 unsigned int issue_flags) 514 { 515 struct fuse_ring_ent *ent = uring_cmd_to_ring_ent(cmd); 516 struct fuse_ring_queue *queue; 517 bool need_cmd_done = false; 518 519 /* 520 * direct access on ent - it must not be destructed as long as 521 * IO_URING_F_CANCEL might come up 522 */ 523 queue = ent->queue; 524 spin_lock(&queue->lock); 525 if (ent->state == FRRS_AVAILABLE) { 526 list_del_init(&ent->list); 527 need_cmd_done = true; 528 ent->cmd = NULL; 529 } 530 spin_unlock(&queue->lock); 531 532 if (need_cmd_done) { 533 /* no queue lock to avoid lock order issues */ 534 io_uring_cmd_done(cmd, -ENOTCONN, issue_flags); 535 kfree(ent); 536 if (atomic_dec_and_test(&queue->ring->queue_refs)) 537 wake_up_all(&queue->ring->stop_waitq); 538 } 539 } 540 541 static void fuse_uring_prepare_cancel(struct io_uring_cmd *cmd, int issue_flags, 542 struct fuse_ring_ent *ring_ent) 543 { 544 uring_cmd_set_ring_ent(cmd, ring_ent); 545 io_uring_cmd_mark_cancelable(cmd, issue_flags); 546 } 547 548 /* 549 * Checks for errors and stores it into the request 550 */ 551 static int fuse_uring_out_header_has_err(struct fuse_out_header *oh, 552 struct fuse_req *req) 553 { 554 int err; 555 556 err = -EINVAL; 557 if (oh->unique == 0) { 558 /* Not supported through io-uring yet */ 559 pr_warn_once("notify through fuse-io-uring not supported\n"); 560 goto err; 561 } 562 563 if (oh->error <= -ERESTARTSYS || oh->error > 0) 564 goto err; 565 566 if (oh->error) { 567 err = oh->error; 568 goto err; 569 } 570 571 err = -ENOENT; 572 if ((oh->unique & ~FUSE_INT_REQ_BIT) != req->in.h.unique) { 573 pr_warn_ratelimited("unique mismatch, expected: %llu got %llu\n", 574 req->in.h.unique, 575 oh->unique & ~FUSE_INT_REQ_BIT); 576 goto err; 577 } 578 579 /* 580 * Is it an interrupt reply ID? 581 * XXX: Not supported through fuse-io-uring yet, it should not even 582 * find the request - should not happen. 583 */ 584 WARN_ON_ONCE(oh->unique & FUSE_INT_REQ_BIT); 585 586 err = 0; 587 err: 588 return err; 589 } 590 591 static int ring_header_type_offset(enum fuse_uring_header_type type) 592 { 593 switch (type) { 594 case FUSE_URING_HEADER_IN_OUT: 595 return 0; 596 case FUSE_URING_HEADER_OP: 597 return offsetof(struct fuse_uring_req_header, op_in); 598 case FUSE_URING_HEADER_RING_ENT: 599 return offsetof(struct fuse_uring_req_header, ring_ent_in_out); 600 default: 601 WARN_ONCE(1, "Invalid header type: %d\n", type); 602 return -EINVAL; 603 } 604 } 605 606 static int copy_header_to_ring(struct fuse_ring_ent *ent, 607 enum fuse_uring_header_type type, 608 const void *header, size_t header_size) 609 { 610 int offset = ring_header_type_offset(type); 611 void __user *ring; 612 613 if (offset < 0) 614 return offset; 615 616 ring = (void __user *)ent->headers + offset; 617 618 if (copy_to_user(ring, header, header_size)) { 619 pr_info_ratelimited("Copying header to ring failed.\n"); 620 return -EFAULT; 621 } 622 623 return 0; 624 } 625 626 static int copy_header_from_ring(struct fuse_ring_ent *ent, 627 enum fuse_uring_header_type type, void *header, 628 size_t header_size) 629 { 630 int offset = ring_header_type_offset(type); 631 const void __user *ring; 632 633 if (offset < 0) 634 return offset; 635 636 ring = (void __user *)ent->headers + offset; 637 638 if (copy_from_user(header, ring, header_size)) { 639 pr_info_ratelimited("Copying header from ring failed.\n"); 640 return -EFAULT; 641 } 642 643 return 0; 644 } 645 646 static int setup_fuse_copy_state(struct fuse_copy_state *cs, 647 struct fuse_ring *ring, struct fuse_req *req, 648 struct fuse_ring_ent *ent, int dir, 649 struct iov_iter *iter) 650 { 651 int err; 652 653 err = import_ubuf(dir, ent->payload, ring->max_payload_sz, iter); 654 if (err) { 655 pr_info_ratelimited("fuse: Import of user buffer failed\n"); 656 return err; 657 } 658 659 fuse_copy_init(cs, dir == ITER_DEST, iter); 660 661 cs->is_uring = true; 662 cs->req = req; 663 664 return 0; 665 } 666 667 static int fuse_uring_copy_from_ring(struct fuse_ring *ring, 668 struct fuse_req *req, 669 struct fuse_ring_ent *ent) 670 { 671 struct fuse_copy_state cs; 672 struct fuse_args *args = req->args; 673 struct iov_iter iter; 674 int err; 675 struct fuse_uring_ent_in_out ring_in_out; 676 677 err = copy_header_from_ring(ent, FUSE_URING_HEADER_RING_ENT, 678 &ring_in_out, sizeof(ring_in_out)); 679 if (err) 680 return err; 681 682 err = setup_fuse_copy_state(&cs, ring, req, ent, ITER_SOURCE, &iter); 683 if (err) 684 return err; 685 686 err = fuse_copy_out_args(&cs, args, ring_in_out.payload_sz); 687 fuse_copy_finish(&cs); 688 return err; 689 } 690 691 /* 692 * Copy data from the req to the ring buffer 693 */ 694 static int fuse_uring_args_to_ring(struct fuse_ring *ring, struct fuse_req *req, 695 struct fuse_ring_ent *ent) 696 { 697 struct fuse_copy_state cs; 698 struct fuse_args *args = req->args; 699 struct fuse_in_arg *in_args = args->in_args; 700 int num_args = args->in_numargs; 701 int err; 702 struct iov_iter iter; 703 struct fuse_uring_ent_in_out ent_in_out = { 704 .flags = 0, 705 .commit_id = req->in.h.unique, 706 }; 707 708 err = setup_fuse_copy_state(&cs, ring, req, ent, ITER_DEST, &iter); 709 if (err) 710 return err; 711 712 if (num_args > 0) { 713 /* 714 * Expectation is that the first argument is the per op header. 715 * Some op code have that as zero size. 716 */ 717 if (args->in_args[0].size > 0) { 718 err = copy_header_to_ring(ent, FUSE_URING_HEADER_OP, 719 in_args->value, 720 in_args->size); 721 if (err) 722 return err; 723 } 724 in_args++; 725 num_args--; 726 } 727 728 /* copy the payload */ 729 err = fuse_copy_args(&cs, num_args, args->in_pages, 730 (struct fuse_arg *)in_args, 0); 731 fuse_copy_finish(&cs); 732 if (err) { 733 pr_info_ratelimited("%s fuse_copy_args failed\n", __func__); 734 return err; 735 } 736 737 ent_in_out.payload_sz = cs.ring.copied_sz; 738 return copy_header_to_ring(ent, FUSE_URING_HEADER_RING_ENT, 739 &ent_in_out, sizeof(ent_in_out)); 740 } 741 742 static int fuse_uring_copy_to_ring(struct fuse_ring_ent *ent, 743 struct fuse_req *req) 744 { 745 struct fuse_ring_queue *queue = ent->queue; 746 struct fuse_ring *ring = queue->ring; 747 int err; 748 749 err = -EIO; 750 if (WARN_ON(ent->state != FRRS_FUSE_REQ)) { 751 pr_err("qid=%d ring-req=%p invalid state %d on send\n", 752 queue->qid, ent, ent->state); 753 return err; 754 } 755 756 err = -EINVAL; 757 if (WARN_ON(req->in.h.unique == 0)) 758 return err; 759 760 /* copy the request */ 761 err = fuse_uring_args_to_ring(ring, req, ent); 762 if (unlikely(err)) { 763 pr_info_ratelimited("Copy to ring failed: %d\n", err); 764 return err; 765 } 766 767 /* copy fuse_in_header */ 768 return copy_header_to_ring(ent, FUSE_URING_HEADER_IN_OUT, &req->in.h, 769 sizeof(req->in.h)); 770 } 771 772 static int fuse_uring_prepare_send(struct fuse_ring_ent *ent, 773 struct fuse_req *req) 774 { 775 int err; 776 777 err = fuse_uring_copy_to_ring(ent, req); 778 if (!err) { 779 set_bit(FR_SENT, &req->flags); 780 trace_fuse_request_sent(req); 781 } else { 782 /* 783 * Copying the request failed. Remove the entry from the 784 * ent_w_req_queue list and terminate the request 785 */ 786 spin_lock(&ent->queue->lock); 787 list_del_init(&ent->list); 788 ent->state = FRRS_INVALID; 789 spin_unlock(&ent->queue->lock); 790 791 fuse_uring_req_end(ent, req, err); 792 } 793 794 return err; 795 } 796 797 /* Used to find the request on SQE commit */ 798 static void fuse_uring_add_to_pq(struct fuse_ring_ent *ent) 799 { 800 struct fuse_ring_queue *queue = ent->queue; 801 struct fuse_pqueue *fpq = &queue->fpq; 802 unsigned int hash; 803 struct fuse_req *req = ent->fuse_req; 804 805 req->ring_entry = ent; 806 hash = fuse_req_hash(req->in.h.unique); 807 list_move_tail(&req->list, &fpq->processing[hash]); 808 } 809 810 /* 811 * Make a ring entry available for fuse_req assignment 812 */ 813 static void fuse_uring_ent_avail(struct fuse_ring_ent *ent, 814 struct fuse_ring_queue *queue) 815 { 816 WARN_ON_ONCE(!ent->cmd); 817 list_move(&ent->list, &queue->ent_avail_queue); 818 ent->state = FRRS_AVAILABLE; 819 } 820 821 /* 822 * Assign a fuse queue entry to the given entry 823 */ 824 static void fuse_uring_add_req_to_ring_ent(struct fuse_ring_ent *ent, 825 struct fuse_req *req) 826 { 827 struct fuse_ring_queue *queue = ent->queue; 828 829 lockdep_assert_held(&queue->lock); 830 831 if (WARN_ON_ONCE(ent->state != FRRS_AVAILABLE && 832 ent->state != FRRS_COMMIT)) { 833 pr_warn("%s qid=%d state=%d\n", __func__, ent->queue->qid, 834 ent->state); 835 } 836 837 clear_bit(FR_PENDING, &req->flags); 838 839 /* Until fuse_uring_add_to_pq() the req is not attached to any list */ 840 list_del_init(&req->list); 841 842 ent->fuse_req = req; 843 ent->state = FRRS_FUSE_REQ; 844 list_move_tail(&ent->list, &queue->ent_w_req_queue); 845 } 846 847 /* Fetch the next fuse request if available */ 848 static struct fuse_req *fuse_uring_ent_assign_req(struct fuse_ring_ent *ent) 849 __must_hold(&queue->lock) 850 { 851 struct fuse_req *req; 852 struct fuse_ring_queue *queue = ent->queue; 853 struct list_head *req_queue = &queue->fuse_req_queue; 854 855 lockdep_assert_held(&queue->lock); 856 857 /* get and assign the next entry while it is still holding the lock */ 858 req = list_first_entry_or_null(req_queue, struct fuse_req, list); 859 if (req) 860 fuse_uring_add_req_to_ring_ent(ent, req); 861 862 return req; 863 } 864 865 /* 866 * Read data from the ring buffer, which user space has written to 867 * This is comparible with handling of classical write(/dev/fuse). 868 * Also make the ring request available again for new fuse requests. 869 */ 870 static void fuse_uring_commit(struct fuse_ring_ent *ent, struct fuse_req *req, 871 unsigned int issue_flags) 872 { 873 struct fuse_ring *ring = ent->queue->ring; 874 ssize_t err = -EFAULT; 875 876 if (copy_header_from_ring(ent, FUSE_URING_HEADER_IN_OUT, &req->out.h, 877 sizeof(req->out.h))) 878 goto out; 879 880 err = fuse_uring_out_header_has_err(&req->out.h, req); 881 if (err) { 882 /* req->out.h.error already set */ 883 goto out; 884 } 885 886 err = fuse_uring_copy_from_ring(ring, req, ent); 887 out: 888 fuse_uring_req_end(ent, req, err); 889 } 890 891 /* 892 * Get the next fuse req. 893 * 894 * Returns true if the next fuse request has been assigned to the ent. 895 * Else, there is no next fuse request and this returns false. 896 */ 897 static bool fuse_uring_get_next_fuse_req(struct fuse_ring_ent *ent, 898 struct fuse_ring_queue *queue) 899 { 900 int err; 901 struct fuse_req *req; 902 903 retry: 904 spin_lock(&queue->lock); 905 fuse_uring_ent_avail(ent, queue); 906 req = fuse_uring_ent_assign_req(ent); 907 spin_unlock(&queue->lock); 908 909 if (req) { 910 err = fuse_uring_prepare_send(ent, req); 911 if (err) 912 goto retry; 913 } 914 915 return req != NULL; 916 } 917 918 static int fuse_ring_ent_set_commit(struct fuse_ring_ent *ent) 919 { 920 struct fuse_ring_queue *queue = ent->queue; 921 922 lockdep_assert_held(&queue->lock); 923 924 if (WARN_ON_ONCE(ent->state != FRRS_USERSPACE)) 925 return -EIO; 926 927 ent->state = FRRS_COMMIT; 928 list_move(&ent->list, &queue->ent_commit_queue); 929 930 return 0; 931 } 932 933 static void fuse_uring_send(struct fuse_ring_ent *ent, struct io_uring_cmd *cmd, 934 ssize_t ret, unsigned int issue_flags) 935 { 936 struct fuse_ring_queue *queue = ent->queue; 937 938 spin_lock(&queue->lock); 939 ent->state = FRRS_USERSPACE; 940 list_move_tail(&ent->list, &queue->ent_in_userspace); 941 ent->cmd = NULL; 942 fuse_uring_add_to_pq(ent); 943 spin_unlock(&queue->lock); 944 945 io_uring_cmd_done(cmd, ret, issue_flags); 946 } 947 948 /* FUSE_URING_CMD_COMMIT_AND_FETCH handler */ 949 static int fuse_uring_commit_fetch(struct io_uring_cmd *cmd, int issue_flags, 950 struct fuse_chan *fch) 951 { 952 const struct fuse_uring_cmd_req *cmd_req = io_uring_sqe128_cmd(cmd->sqe, 953 struct fuse_uring_cmd_req); 954 struct fuse_ring_ent *ent; 955 int err; 956 struct fuse_ring *ring = fch->ring; 957 struct fuse_ring_queue *queue; 958 uint64_t commit_id = READ_ONCE(cmd_req->commit_id); 959 unsigned int qid = READ_ONCE(cmd_req->qid); 960 struct fuse_pqueue *fpq; 961 struct fuse_req *req; 962 963 err = -ENOTCONN; 964 if (!ring) 965 return err; 966 967 if (qid >= ring->nr_queues) 968 return -EINVAL; 969 970 queue = ring->queues[qid]; 971 if (!queue) 972 return err; 973 fpq = &queue->fpq; 974 975 if (!READ_ONCE(fch->connected)) 976 return err; 977 978 spin_lock(&queue->lock); 979 if (unlikely(queue->stopped)) { 980 spin_unlock(&queue->lock); 981 return err; 982 } 983 984 /* Find a request based on the unique ID of the fuse request 985 * This should get revised, as it needs a hash calculation and list 986 * search. And full struct fuse_pqueue is needed (memory overhead). 987 * As well as the link from req to ring_ent. 988 */ 989 req = fuse_request_find(fpq, commit_id); 990 err = -ENOENT; 991 if (!req) { 992 pr_info("qid=%d commit_id %llu not found\n", queue->qid, 993 commit_id); 994 spin_unlock(&queue->lock); 995 return err; 996 } 997 list_del_init(&req->list); 998 ent = req->ring_entry; 999 req->ring_entry = NULL; 1000 1001 err = fuse_ring_ent_set_commit(ent); 1002 if (err != 0) { 1003 pr_info_ratelimited("qid=%d commit_id %llu state %d", 1004 queue->qid, commit_id, ent->state); 1005 spin_unlock(&queue->lock); 1006 fuse_uring_req_end(ent, req, err); 1007 return err; 1008 } 1009 1010 ent->cmd = cmd; 1011 spin_unlock(&queue->lock); 1012 1013 /* without the queue lock, as other locks are taken */ 1014 fuse_uring_prepare_cancel(cmd, issue_flags, ent); 1015 fuse_uring_commit(ent, req, issue_flags); 1016 1017 /* 1018 * Fetching the next request is absolutely required as queued 1019 * fuse requests would otherwise not get processed - committing 1020 * and fetching is done in one step vs legacy fuse, which has separated 1021 * read (fetch request) and write (commit result). 1022 */ 1023 if (fuse_uring_get_next_fuse_req(ent, queue)) 1024 fuse_uring_send(ent, cmd, 0, issue_flags); 1025 return 0; 1026 } 1027 1028 static bool is_ring_ready(struct fuse_ring *ring, int current_qid) 1029 { 1030 int qid; 1031 struct fuse_ring_queue *queue; 1032 bool ready = true; 1033 1034 for (qid = 0; qid < ring->nr_queues && ready; qid++) { 1035 if (current_qid == qid) 1036 continue; 1037 1038 queue = ring->queues[qid]; 1039 if (!queue) { 1040 ready = false; 1041 break; 1042 } 1043 1044 spin_lock(&queue->lock); 1045 if (list_empty(&queue->ent_avail_queue)) 1046 ready = false; 1047 spin_unlock(&queue->lock); 1048 } 1049 1050 return ready; 1051 } 1052 1053 /* 1054 * fuse_uring_req_fetch command handling 1055 */ 1056 static int fuse_uring_do_register(struct fuse_ring_ent *ent, 1057 struct io_uring_cmd *cmd, 1058 unsigned int issue_flags) 1059 { 1060 struct fuse_ring_queue *queue = ent->queue; 1061 struct fuse_ring *ring = queue->ring; 1062 struct fuse_chan *fch = ring->chan; 1063 struct fuse_iqueue *fiq = &fch->iq; 1064 1065 spin_lock(&fch->lock); 1066 /* abort teardown path is running or has run */ 1067 if (!fch->connected) { 1068 spin_unlock(&fch->lock); 1069 if (atomic_dec_and_test(&ring->queue_refs)) 1070 wake_up_all(&ring->stop_waitq); 1071 kfree(ent); 1072 return -ECONNABORTED; 1073 } 1074 spin_unlock(&fch->lock); 1075 1076 fuse_uring_prepare_cancel(cmd, issue_flags, ent); 1077 1078 spin_lock(&queue->lock); 1079 ent->cmd = cmd; 1080 fuse_uring_ent_avail(ent, queue); 1081 spin_unlock(&queue->lock); 1082 1083 if (!READ_ONCE(ring->ready)) { 1084 bool ready = is_ring_ready(ring, queue->qid); 1085 1086 if (ready) { 1087 WRITE_ONCE(fiq->ops, &fuse_io_uring_ops); 1088 smp_store_release(&ring->ready, true); 1089 wake_up_all(&fch->blocked_waitq); 1090 } 1091 } 1092 return 0; 1093 } 1094 1095 /* 1096 * sqe->addr is a ptr to an iovec array, iov[FUSE_URING_IOV_HEADERS] has the 1097 * headers, iov[FUSE_URING_IOV_PAYLOAD] the payload 1098 */ 1099 static int fuse_uring_get_iovec_from_sqe(const struct io_uring_sqe *sqe, 1100 struct iovec iov[FUSE_URING_IOV_SEGS]) 1101 { 1102 struct iovec __user *uiov = u64_to_user_ptr(READ_ONCE(sqe->addr)); 1103 struct iov_iter iter; 1104 ssize_t ret; 1105 1106 if (sqe->len != FUSE_URING_IOV_SEGS) 1107 return -EINVAL; 1108 1109 /* 1110 * Direction for buffer access will actually be READ and WRITE, 1111 * using write for the import should include READ access as well. 1112 */ 1113 ret = import_iovec(WRITE, uiov, FUSE_URING_IOV_SEGS, 1114 FUSE_URING_IOV_SEGS, &iov, &iter); 1115 if (ret < 0) 1116 return ret; 1117 1118 return 0; 1119 } 1120 1121 static struct fuse_ring_ent * 1122 fuse_uring_create_ring_ent(struct io_uring_cmd *cmd, 1123 struct fuse_ring_queue *queue) 1124 { 1125 struct fuse_ring *ring = queue->ring; 1126 struct fuse_ring_ent *ent; 1127 struct iovec iov[FUSE_URING_IOV_SEGS]; 1128 struct iovec *headers, *payload; 1129 int err; 1130 1131 err = fuse_uring_get_iovec_from_sqe(cmd->sqe, iov); 1132 if (err) { 1133 pr_info_ratelimited("Failed to get iovec from sqe, err=%d\n", 1134 err); 1135 return ERR_PTR(err); 1136 } 1137 1138 err = -EINVAL; 1139 headers = &iov[FUSE_URING_IOV_HEADERS]; 1140 if (headers->iov_len < sizeof(struct fuse_uring_req_header)) { 1141 pr_info_ratelimited("Invalid header len %zu\n", headers->iov_len); 1142 return ERR_PTR(err); 1143 } 1144 1145 payload = &iov[FUSE_URING_IOV_PAYLOAD]; 1146 if (payload->iov_len < ring->max_payload_sz) { 1147 pr_info_ratelimited("Invalid req payload len %zu\n", 1148 payload->iov_len); 1149 return ERR_PTR(err); 1150 } 1151 1152 err = -ENOMEM; 1153 ent = kzalloc_obj(*ent, GFP_KERNEL_ACCOUNT); 1154 if (!ent) 1155 return ERR_PTR(err); 1156 1157 INIT_LIST_HEAD(&ent->list); 1158 1159 ent->queue = queue; 1160 ent->headers = headers->iov_base; 1161 ent->payload = payload->iov_base; 1162 1163 atomic_inc(&ring->queue_refs); 1164 return ent; 1165 } 1166 1167 /* 1168 * Register header and payload buffer with the kernel and puts the 1169 * entry as "ready to get fuse requests" on the queue 1170 */ 1171 static int fuse_uring_register(struct io_uring_cmd *cmd, 1172 unsigned int issue_flags, struct fuse_chan *fch) 1173 { 1174 const struct fuse_uring_cmd_req *cmd_req = io_uring_sqe128_cmd(cmd->sqe, 1175 struct fuse_uring_cmd_req); 1176 struct fuse_ring *ring = smp_load_acquire(&fch->ring); 1177 struct fuse_ring_queue *queue; 1178 struct fuse_ring_ent *ent; 1179 int err; 1180 unsigned int qid = READ_ONCE(cmd_req->qid); 1181 1182 err = -ENOMEM; 1183 if (!ring) { 1184 ring = fuse_uring_create(fch); 1185 if (!ring) 1186 return err; 1187 } 1188 1189 if (qid >= ring->nr_queues) { 1190 pr_info_ratelimited("fuse: Invalid ring qid %u\n", qid); 1191 return -EINVAL; 1192 } 1193 1194 queue = ring->queues[qid]; 1195 if (!queue) { 1196 queue = fuse_uring_create_queue(ring, qid); 1197 if (!queue) 1198 return err; 1199 } 1200 1201 /* 1202 * The created queue above does not need to be destructed in 1203 * case of entry errors below, will be done at ring destruction time. 1204 */ 1205 1206 ent = fuse_uring_create_ring_ent(cmd, queue); 1207 if (IS_ERR(ent)) 1208 return PTR_ERR(ent); 1209 1210 return fuse_uring_do_register(ent, cmd, issue_flags); 1211 } 1212 1213 /* 1214 * Entry function from io_uring to handle the given passthrough command 1215 * (op code IORING_OP_URING_CMD) 1216 */ 1217 int fuse_uring_cmd(struct io_uring_cmd *cmd, unsigned int issue_flags) 1218 { 1219 struct fuse_dev *fud; 1220 struct fuse_chan *fch; 1221 u32 cmd_op = cmd->cmd_op; 1222 int err; 1223 1224 if ((unlikely(issue_flags & IO_URING_F_CANCEL))) { 1225 fuse_uring_cancel(cmd, issue_flags); 1226 return 0; 1227 } 1228 1229 /* This extra SQE size holds struct fuse_uring_cmd_req */ 1230 if (!(issue_flags & IO_URING_F_SQE128)) 1231 return -EINVAL; 1232 1233 fud = fuse_get_dev(cmd->file); 1234 if (IS_ERR(fud)) { 1235 pr_info_ratelimited("No fuse device found\n"); 1236 return PTR_ERR(fud); 1237 } 1238 fch = fud->chan; 1239 1240 /* Once a connection has io-uring enabled on it, it can't be disabled */ 1241 if (!enable_uring && !fch->io_uring) { 1242 pr_info_ratelimited("fuse-io-uring is disabled\n"); 1243 return -EOPNOTSUPP; 1244 } 1245 1246 if (fch->abort_with_err) 1247 return -ECONNABORTED; 1248 if (!fch->connected) 1249 return -ENOTCONN; 1250 1251 /* 1252 * fuse_uring_register() needs the ring to be initialized, 1253 * we need to know the max payload size 1254 */ 1255 if (!fch->initialized) 1256 return -EAGAIN; 1257 1258 switch (cmd_op) { 1259 case FUSE_IO_URING_CMD_REGISTER: 1260 err = fuse_uring_register(cmd, issue_flags, fch); 1261 if (err) { 1262 pr_info_once("FUSE_IO_URING_CMD_REGISTER failed err=%d\n", 1263 err); 1264 fch->io_uring = 0; 1265 wake_up_all(&fch->blocked_waitq); 1266 return err; 1267 } 1268 break; 1269 case FUSE_IO_URING_CMD_COMMIT_AND_FETCH: 1270 err = fuse_uring_commit_fetch(cmd, issue_flags, fch); 1271 if (err) { 1272 pr_info_once("FUSE_IO_URING_COMMIT_AND_FETCH failed err=%d\n", 1273 err); 1274 return err; 1275 } 1276 break; 1277 default: 1278 return -EINVAL; 1279 } 1280 1281 return -EIOCBQUEUED; 1282 } 1283 1284 /* 1285 * This prepares and sends the ring request in fuse-uring task context. 1286 * User buffers are not mapped yet - the application does not have permission 1287 * to write to it - this has to be executed in ring task context. 1288 */ 1289 static void fuse_uring_send_in_task(struct io_tw_req tw_req, io_tw_token_t tw) 1290 { 1291 unsigned int issue_flags = IO_URING_CMD_TASK_WORK_ISSUE_FLAGS; 1292 struct io_uring_cmd *cmd = io_uring_cmd_from_tw(tw_req); 1293 struct fuse_ring_ent *ent = uring_cmd_to_ring_ent(cmd); 1294 struct fuse_ring_queue *queue = ent->queue; 1295 int err; 1296 1297 if (!tw.cancel) { 1298 err = fuse_uring_prepare_send(ent, ent->fuse_req); 1299 if (err) { 1300 if (!fuse_uring_get_next_fuse_req(ent, queue)) 1301 return; 1302 err = 0; 1303 } 1304 fuse_uring_send(ent, cmd, err, issue_flags); 1305 } else { 1306 err = -ECANCELED; 1307 1308 spin_lock(&queue->lock); 1309 list_del_init(&ent->list); 1310 spin_unlock(&queue->lock); 1311 1312 io_uring_cmd_done(cmd, err, issue_flags); 1313 1314 fuse_uring_req_end(ent, ent->fuse_req, err); 1315 kfree(ent); 1316 if (atomic_dec_and_test(&queue->ring->queue_refs)) 1317 wake_up_all(&queue->ring->stop_waitq); 1318 } 1319 } 1320 1321 static struct fuse_ring_queue *fuse_uring_task_to_queue(struct fuse_ring *ring) 1322 { 1323 unsigned int qid; 1324 struct fuse_ring_queue *queue; 1325 1326 qid = task_cpu(current); 1327 1328 if (WARN_ONCE(qid >= ring->nr_queues, 1329 "Core number (%u) exceeds nr queues (%zu)\n", qid, 1330 ring->nr_queues)) 1331 qid = 0; 1332 1333 queue = ring->queues[qid]; 1334 WARN_ONCE(!queue, "Missing queue for qid %d\n", qid); 1335 1336 return queue; 1337 } 1338 1339 static void fuse_uring_dispatch_ent(struct fuse_ring_ent *ent) 1340 { 1341 struct io_uring_cmd *cmd = ent->cmd; 1342 1343 uring_cmd_set_ring_ent(cmd, ent); 1344 io_uring_cmd_complete_in_task(cmd, fuse_uring_send_in_task); 1345 } 1346 1347 /* queue a fuse request and send it if a ring entry is available */ 1348 void fuse_uring_queue_fuse_req(struct fuse_iqueue *fiq, struct fuse_req *req) 1349 { 1350 struct fuse_ring *ring = req->chan->ring; 1351 struct fuse_ring_queue *queue; 1352 struct fuse_ring_ent *ent = NULL; 1353 int err; 1354 1355 err = -EINVAL; 1356 queue = fuse_uring_task_to_queue(ring); 1357 if (!queue) 1358 goto err; 1359 1360 fuse_request_assign_unique(fiq, req); 1361 1362 spin_lock(&queue->lock); 1363 err = -ENOTCONN; 1364 if (unlikely(queue->stopped)) 1365 goto err_unlock; 1366 1367 set_bit(FR_URING, &req->flags); 1368 req->ring_queue = queue; 1369 ent = list_first_entry_or_null(&queue->ent_avail_queue, 1370 struct fuse_ring_ent, list); 1371 if (ent) 1372 fuse_uring_add_req_to_ring_ent(ent, req); 1373 else 1374 list_add_tail(&req->list, &queue->fuse_req_queue); 1375 spin_unlock(&queue->lock); 1376 1377 if (ent) 1378 fuse_uring_dispatch_ent(ent); 1379 1380 return; 1381 1382 err_unlock: 1383 spin_unlock(&queue->lock); 1384 err: 1385 req->out.h.error = err; 1386 clear_bit(FR_PENDING, &req->flags); 1387 fuse_request_end(req); 1388 } 1389 1390 bool fuse_uring_queue_bq_req(struct fuse_req *req) 1391 { 1392 struct fuse_chan *fch = req->chan; 1393 struct fuse_ring *ring = fch->ring; 1394 struct fuse_ring_queue *queue; 1395 struct fuse_ring_ent *ent = NULL; 1396 1397 queue = fuse_uring_task_to_queue(ring); 1398 if (!queue) 1399 return false; 1400 1401 spin_lock(&queue->lock); 1402 if (unlikely(queue->stopped)) { 1403 spin_unlock(&queue->lock); 1404 return false; 1405 } 1406 1407 set_bit(FR_URING, &req->flags); 1408 req->ring_queue = queue; 1409 list_add_tail(&req->list, &queue->fuse_req_bg_queue); 1410 1411 ent = list_first_entry_or_null(&queue->ent_avail_queue, 1412 struct fuse_ring_ent, list); 1413 spin_lock(&fch->bg_lock); 1414 fch->num_background++; 1415 if (fch->num_background == fch->max_background) 1416 fch->blocked = 1; 1417 fuse_uring_flush_bg(queue); 1418 spin_unlock(&fch->bg_lock); 1419 1420 /* 1421 * Due to bg_queue flush limits there might be other bg requests 1422 * in the queue that need to be handled first. Or no further req 1423 * might be available. 1424 */ 1425 req = list_first_entry_or_null(&queue->fuse_req_queue, struct fuse_req, 1426 list); 1427 if (ent && req) { 1428 fuse_uring_add_req_to_ring_ent(ent, req); 1429 spin_unlock(&queue->lock); 1430 1431 fuse_uring_dispatch_ent(ent); 1432 } else { 1433 spin_unlock(&queue->lock); 1434 } 1435 1436 return true; 1437 } 1438 1439 bool fuse_uring_remove_pending_req(struct fuse_req *req) 1440 { 1441 struct fuse_ring_queue *queue = req->ring_queue; 1442 1443 return fuse_remove_pending_req(req, &queue->lock); 1444 } 1445 1446 static const struct fuse_iqueue_ops fuse_io_uring_ops = { 1447 /* should be send over io-uring as enhancement */ 1448 .send_forget = fuse_dev_queue_forget, 1449 1450 /* 1451 * could be send over io-uring, but interrupts should be rare, 1452 * no need to make the code complex 1453 */ 1454 .send_interrupt = fuse_dev_queue_interrupt, 1455 .send_req = fuse_uring_queue_fuse_req, 1456 }; 1457