0001
0002
0003
0004
0005
0006
0007 #include <linux/moduleparam.h>
0008
0009 #include "glob.h"
0010 #include "oplock.h"
0011
0012 #include "smb_common.h"
0013 #include "smbstatus.h"
0014 #include "connection.h"
0015 #include "mgmt/user_session.h"
0016 #include "mgmt/share_config.h"
0017 #include "mgmt/tree_connect.h"
0018
0019 static LIST_HEAD(lease_table_list);
0020 static DEFINE_RWLOCK(lease_list_lock);
0021
0022
0023
0024
0025
0026
0027
0028
0029
0030 static struct oplock_info *alloc_opinfo(struct ksmbd_work *work,
0031 u64 id, __u16 Tid)
0032 {
0033 struct ksmbd_conn *conn = work->conn;
0034 struct ksmbd_session *sess = work->sess;
0035 struct oplock_info *opinfo;
0036
0037 opinfo = kzalloc(sizeof(struct oplock_info), GFP_KERNEL);
0038 if (!opinfo)
0039 return NULL;
0040
0041 opinfo->sess = sess;
0042 opinfo->conn = conn;
0043 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
0044 opinfo->op_state = OPLOCK_STATE_NONE;
0045 opinfo->pending_break = 0;
0046 opinfo->fid = id;
0047 opinfo->Tid = Tid;
0048 INIT_LIST_HEAD(&opinfo->op_entry);
0049 INIT_LIST_HEAD(&opinfo->interim_list);
0050 init_waitqueue_head(&opinfo->oplock_q);
0051 init_waitqueue_head(&opinfo->oplock_brk);
0052 atomic_set(&opinfo->refcount, 1);
0053 atomic_set(&opinfo->breaking_cnt, 0);
0054
0055 return opinfo;
0056 }
0057
0058 static void lease_add_list(struct oplock_info *opinfo)
0059 {
0060 struct lease_table *lb = opinfo->o_lease->l_lb;
0061
0062 spin_lock(&lb->lb_lock);
0063 list_add_rcu(&opinfo->lease_entry, &lb->lease_list);
0064 spin_unlock(&lb->lb_lock);
0065 }
0066
0067 static void lease_del_list(struct oplock_info *opinfo)
0068 {
0069 struct lease_table *lb = opinfo->o_lease->l_lb;
0070
0071 if (!lb)
0072 return;
0073
0074 spin_lock(&lb->lb_lock);
0075 if (list_empty(&opinfo->lease_entry)) {
0076 spin_unlock(&lb->lb_lock);
0077 return;
0078 }
0079
0080 list_del_init(&opinfo->lease_entry);
0081 opinfo->o_lease->l_lb = NULL;
0082 spin_unlock(&lb->lb_lock);
0083 }
0084
0085 static void lb_add(struct lease_table *lb)
0086 {
0087 write_lock(&lease_list_lock);
0088 list_add(&lb->l_entry, &lease_table_list);
0089 write_unlock(&lease_list_lock);
0090 }
0091
0092 static int alloc_lease(struct oplock_info *opinfo, struct lease_ctx_info *lctx)
0093 {
0094 struct lease *lease;
0095
0096 lease = kmalloc(sizeof(struct lease), GFP_KERNEL);
0097 if (!lease)
0098 return -ENOMEM;
0099
0100 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
0101 lease->state = lctx->req_state;
0102 lease->new_state = 0;
0103 lease->flags = lctx->flags;
0104 lease->duration = lctx->duration;
0105 memcpy(lease->parent_lease_key, lctx->parent_lease_key, SMB2_LEASE_KEY_SIZE);
0106 lease->version = lctx->version;
0107 lease->epoch = 0;
0108 INIT_LIST_HEAD(&opinfo->lease_entry);
0109 opinfo->o_lease = lease;
0110
0111 return 0;
0112 }
0113
0114 static void free_lease(struct oplock_info *opinfo)
0115 {
0116 struct lease *lease;
0117
0118 lease = opinfo->o_lease;
0119 kfree(lease);
0120 }
0121
0122 static void free_opinfo(struct oplock_info *opinfo)
0123 {
0124 if (opinfo->is_lease)
0125 free_lease(opinfo);
0126 kfree(opinfo);
0127 }
0128
0129 static inline void opinfo_free_rcu(struct rcu_head *rcu_head)
0130 {
0131 struct oplock_info *opinfo;
0132
0133 opinfo = container_of(rcu_head, struct oplock_info, rcu_head);
0134 free_opinfo(opinfo);
0135 }
0136
0137 struct oplock_info *opinfo_get(struct ksmbd_file *fp)
0138 {
0139 struct oplock_info *opinfo;
0140
0141 rcu_read_lock();
0142 opinfo = rcu_dereference(fp->f_opinfo);
0143 if (opinfo && !atomic_inc_not_zero(&opinfo->refcount))
0144 opinfo = NULL;
0145 rcu_read_unlock();
0146
0147 return opinfo;
0148 }
0149
0150 static struct oplock_info *opinfo_get_list(struct ksmbd_inode *ci)
0151 {
0152 struct oplock_info *opinfo;
0153
0154 if (list_empty(&ci->m_op_list))
0155 return NULL;
0156
0157 rcu_read_lock();
0158 opinfo = list_first_or_null_rcu(&ci->m_op_list, struct oplock_info,
0159 op_entry);
0160 if (opinfo && !atomic_inc_not_zero(&opinfo->refcount))
0161 opinfo = NULL;
0162 rcu_read_unlock();
0163
0164 return opinfo;
0165 }
0166
0167 void opinfo_put(struct oplock_info *opinfo)
0168 {
0169 if (!atomic_dec_and_test(&opinfo->refcount))
0170 return;
0171
0172 call_rcu(&opinfo->rcu_head, opinfo_free_rcu);
0173 }
0174
0175 static void opinfo_add(struct oplock_info *opinfo)
0176 {
0177 struct ksmbd_inode *ci = opinfo->o_fp->f_ci;
0178
0179 write_lock(&ci->m_lock);
0180 list_add_rcu(&opinfo->op_entry, &ci->m_op_list);
0181 write_unlock(&ci->m_lock);
0182 }
0183
0184 static void opinfo_del(struct oplock_info *opinfo)
0185 {
0186 struct ksmbd_inode *ci = opinfo->o_fp->f_ci;
0187
0188 if (opinfo->is_lease) {
0189 write_lock(&lease_list_lock);
0190 lease_del_list(opinfo);
0191 write_unlock(&lease_list_lock);
0192 }
0193 write_lock(&ci->m_lock);
0194 list_del_rcu(&opinfo->op_entry);
0195 write_unlock(&ci->m_lock);
0196 }
0197
0198 static unsigned long opinfo_count(struct ksmbd_file *fp)
0199 {
0200 if (ksmbd_stream_fd(fp))
0201 return atomic_read(&fp->f_ci->sop_count);
0202 else
0203 return atomic_read(&fp->f_ci->op_count);
0204 }
0205
0206 static void opinfo_count_inc(struct ksmbd_file *fp)
0207 {
0208 if (ksmbd_stream_fd(fp))
0209 return atomic_inc(&fp->f_ci->sop_count);
0210 else
0211 return atomic_inc(&fp->f_ci->op_count);
0212 }
0213
0214 static void opinfo_count_dec(struct ksmbd_file *fp)
0215 {
0216 if (ksmbd_stream_fd(fp))
0217 return atomic_dec(&fp->f_ci->sop_count);
0218 else
0219 return atomic_dec(&fp->f_ci->op_count);
0220 }
0221
0222
0223
0224
0225
0226
0227
0228 int opinfo_write_to_read(struct oplock_info *opinfo)
0229 {
0230 struct lease *lease = opinfo->o_lease;
0231
0232 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
0233 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
0234 pr_err("bad oplock(0x%x)\n", opinfo->level);
0235 if (opinfo->is_lease)
0236 pr_err("lease state(0x%x)\n", lease->state);
0237 return -EINVAL;
0238 }
0239 opinfo->level = SMB2_OPLOCK_LEVEL_II;
0240
0241 if (opinfo->is_lease)
0242 lease->state = lease->new_state;
0243 return 0;
0244 }
0245
0246
0247
0248
0249
0250
0251
0252 int opinfo_read_handle_to_read(struct oplock_info *opinfo)
0253 {
0254 struct lease *lease = opinfo->o_lease;
0255
0256 lease->state = lease->new_state;
0257 opinfo->level = SMB2_OPLOCK_LEVEL_II;
0258 return 0;
0259 }
0260
0261
0262
0263
0264
0265
0266
0267 int opinfo_write_to_none(struct oplock_info *opinfo)
0268 {
0269 struct lease *lease = opinfo->o_lease;
0270
0271 if (!(opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
0272 opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)) {
0273 pr_err("bad oplock(0x%x)\n", opinfo->level);
0274 if (opinfo->is_lease)
0275 pr_err("lease state(0x%x)\n", lease->state);
0276 return -EINVAL;
0277 }
0278 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
0279 if (opinfo->is_lease)
0280 lease->state = lease->new_state;
0281 return 0;
0282 }
0283
0284
0285
0286
0287
0288
0289
0290 int opinfo_read_to_none(struct oplock_info *opinfo)
0291 {
0292 struct lease *lease = opinfo->o_lease;
0293
0294 if (opinfo->level != SMB2_OPLOCK_LEVEL_II) {
0295 pr_err("bad oplock(0x%x)\n", opinfo->level);
0296 if (opinfo->is_lease)
0297 pr_err("lease state(0x%x)\n", lease->state);
0298 return -EINVAL;
0299 }
0300 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
0301 if (opinfo->is_lease)
0302 lease->state = lease->new_state;
0303 return 0;
0304 }
0305
0306
0307
0308
0309
0310
0311
0312 int lease_read_to_write(struct oplock_info *opinfo)
0313 {
0314 struct lease *lease = opinfo->o_lease;
0315
0316 if (!(lease->state & SMB2_LEASE_READ_CACHING_LE)) {
0317 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state);
0318 return -EINVAL;
0319 }
0320
0321 lease->new_state = SMB2_LEASE_NONE_LE;
0322 lease->state |= SMB2_LEASE_WRITE_CACHING_LE;
0323 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
0324 opinfo->level = SMB2_OPLOCK_LEVEL_BATCH;
0325 else
0326 opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
0327 return 0;
0328 }
0329
0330
0331
0332
0333
0334
0335
0336
0337 static int lease_none_upgrade(struct oplock_info *opinfo, __le32 new_state)
0338 {
0339 struct lease *lease = opinfo->o_lease;
0340
0341 if (!(lease->state == SMB2_LEASE_NONE_LE)) {
0342 ksmbd_debug(OPLOCK, "bad lease state(0x%x)\n", lease->state);
0343 return -EINVAL;
0344 }
0345
0346 lease->new_state = SMB2_LEASE_NONE_LE;
0347 lease->state = new_state;
0348 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
0349 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
0350 opinfo->level = SMB2_OPLOCK_LEVEL_BATCH;
0351 else
0352 opinfo->level = SMB2_OPLOCK_LEVEL_II;
0353 else if (lease->state & SMB2_LEASE_WRITE_CACHING_LE)
0354 opinfo->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
0355 else if (lease->state & SMB2_LEASE_READ_CACHING_LE)
0356 opinfo->level = SMB2_OPLOCK_LEVEL_II;
0357
0358 return 0;
0359 }
0360
0361
0362
0363
0364
0365 void close_id_del_oplock(struct ksmbd_file *fp)
0366 {
0367 struct oplock_info *opinfo;
0368
0369 if (S_ISDIR(file_inode(fp->filp)->i_mode))
0370 return;
0371
0372 opinfo = opinfo_get(fp);
0373 if (!opinfo)
0374 return;
0375
0376 opinfo_del(opinfo);
0377
0378 rcu_assign_pointer(fp->f_opinfo, NULL);
0379 if (opinfo->op_state == OPLOCK_ACK_WAIT) {
0380 opinfo->op_state = OPLOCK_CLOSING;
0381 wake_up_interruptible_all(&opinfo->oplock_q);
0382 if (opinfo->is_lease) {
0383 atomic_set(&opinfo->breaking_cnt, 0);
0384 wake_up_interruptible_all(&opinfo->oplock_brk);
0385 }
0386 }
0387
0388 opinfo_count_dec(fp);
0389 atomic_dec(&opinfo->refcount);
0390 opinfo_put(opinfo);
0391 }
0392
0393
0394
0395
0396
0397
0398
0399
0400
0401 static void grant_write_oplock(struct oplock_info *opinfo_new, int req_oplock,
0402 struct lease_ctx_info *lctx)
0403 {
0404 struct lease *lease = opinfo_new->o_lease;
0405
0406 if (req_oplock == SMB2_OPLOCK_LEVEL_BATCH)
0407 opinfo_new->level = SMB2_OPLOCK_LEVEL_BATCH;
0408 else
0409 opinfo_new->level = SMB2_OPLOCK_LEVEL_EXCLUSIVE;
0410
0411 if (lctx) {
0412 lease->state = lctx->req_state;
0413 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
0414 }
0415 }
0416
0417
0418
0419
0420
0421
0422
0423
0424 static void grant_read_oplock(struct oplock_info *opinfo_new,
0425 struct lease_ctx_info *lctx)
0426 {
0427 struct lease *lease = opinfo_new->o_lease;
0428
0429 opinfo_new->level = SMB2_OPLOCK_LEVEL_II;
0430
0431 if (lctx) {
0432 lease->state = SMB2_LEASE_READ_CACHING_LE;
0433 if (lctx->req_state & SMB2_LEASE_HANDLE_CACHING_LE)
0434 lease->state |= SMB2_LEASE_HANDLE_CACHING_LE;
0435 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
0436 }
0437 }
0438
0439
0440
0441
0442
0443
0444
0445
0446 static void grant_none_oplock(struct oplock_info *opinfo_new,
0447 struct lease_ctx_info *lctx)
0448 {
0449 struct lease *lease = opinfo_new->o_lease;
0450
0451 opinfo_new->level = SMB2_OPLOCK_LEVEL_NONE;
0452
0453 if (lctx) {
0454 lease->state = 0;
0455 memcpy(lease->lease_key, lctx->lease_key, SMB2_LEASE_KEY_SIZE);
0456 }
0457 }
0458
0459 static inline int compare_guid_key(struct oplock_info *opinfo,
0460 const char *guid1, const char *key1)
0461 {
0462 const char *guid2, *key2;
0463
0464 guid2 = opinfo->conn->ClientGUID;
0465 key2 = opinfo->o_lease->lease_key;
0466 if (!memcmp(guid1, guid2, SMB2_CLIENT_GUID_SIZE) &&
0467 !memcmp(key1, key2, SMB2_LEASE_KEY_SIZE))
0468 return 1;
0469
0470 return 0;
0471 }
0472
0473
0474
0475
0476
0477
0478
0479
0480
0481
0482 static struct oplock_info *same_client_has_lease(struct ksmbd_inode *ci,
0483 char *client_guid,
0484 struct lease_ctx_info *lctx)
0485 {
0486 int ret;
0487 struct lease *lease;
0488 struct oplock_info *opinfo;
0489 struct oplock_info *m_opinfo = NULL;
0490
0491 if (!lctx)
0492 return NULL;
0493
0494
0495
0496
0497
0498 read_lock(&ci->m_lock);
0499 list_for_each_entry(opinfo, &ci->m_op_list, op_entry) {
0500 if (!opinfo->is_lease)
0501 continue;
0502 read_unlock(&ci->m_lock);
0503 lease = opinfo->o_lease;
0504
0505 ret = compare_guid_key(opinfo, client_guid, lctx->lease_key);
0506 if (ret) {
0507 m_opinfo = opinfo;
0508
0509 if (atomic_read(&opinfo->breaking_cnt)) {
0510 read_lock(&ci->m_lock);
0511 continue;
0512 }
0513
0514
0515 if ((atomic_read(&ci->op_count) +
0516 atomic_read(&ci->sop_count)) == 1) {
0517 if (lease->state ==
0518 (lctx->req_state & lease->state)) {
0519 lease->state |= lctx->req_state;
0520 if (lctx->req_state &
0521 SMB2_LEASE_WRITE_CACHING_LE)
0522 lease_read_to_write(opinfo);
0523 }
0524 } else if ((atomic_read(&ci->op_count) +
0525 atomic_read(&ci->sop_count)) > 1) {
0526 if (lctx->req_state ==
0527 (SMB2_LEASE_READ_CACHING_LE |
0528 SMB2_LEASE_HANDLE_CACHING_LE))
0529 lease->state = lctx->req_state;
0530 }
0531
0532 if (lctx->req_state && lease->state ==
0533 SMB2_LEASE_NONE_LE)
0534 lease_none_upgrade(opinfo, lctx->req_state);
0535 }
0536 read_lock(&ci->m_lock);
0537 }
0538 read_unlock(&ci->m_lock);
0539
0540 return m_opinfo;
0541 }
0542
0543 static void wait_for_break_ack(struct oplock_info *opinfo)
0544 {
0545 int rc = 0;
0546
0547 rc = wait_event_interruptible_timeout(opinfo->oplock_q,
0548 opinfo->op_state == OPLOCK_STATE_NONE ||
0549 opinfo->op_state == OPLOCK_CLOSING,
0550 OPLOCK_WAIT_TIME);
0551
0552
0553 if (!rc) {
0554 if (opinfo->is_lease)
0555 opinfo->o_lease->state = SMB2_LEASE_NONE_LE;
0556 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
0557 opinfo->op_state = OPLOCK_STATE_NONE;
0558 }
0559 }
0560
0561 static void wake_up_oplock_break(struct oplock_info *opinfo)
0562 {
0563 clear_bit_unlock(0, &opinfo->pending_break);
0564
0565 smp_mb__after_atomic();
0566 wake_up_bit(&opinfo->pending_break, 0);
0567 }
0568
0569 static int oplock_break_pending(struct oplock_info *opinfo, int req_op_level)
0570 {
0571 while (test_and_set_bit(0, &opinfo->pending_break)) {
0572 wait_on_bit(&opinfo->pending_break, 0, TASK_UNINTERRUPTIBLE);
0573
0574
0575 opinfo->open_trunc = 0;
0576
0577 if (opinfo->op_state == OPLOCK_CLOSING)
0578 return -ENOENT;
0579 else if (!opinfo->is_lease && opinfo->level <= req_op_level)
0580 return 1;
0581 }
0582
0583 if (!opinfo->is_lease && opinfo->level <= req_op_level) {
0584 wake_up_oplock_break(opinfo);
0585 return 1;
0586 }
0587 return 0;
0588 }
0589
0590 static inline int allocate_oplock_break_buf(struct ksmbd_work *work)
0591 {
0592 work->response_buf = kzalloc(MAX_CIFS_SMALL_BUFFER_SIZE, GFP_KERNEL);
0593 if (!work->response_buf)
0594 return -ENOMEM;
0595 work->response_sz = MAX_CIFS_SMALL_BUFFER_SIZE;
0596 return 0;
0597 }
0598
0599
0600
0601
0602
0603
0604
0605
0606
0607
0608
0609 static void __smb2_oplock_break_noti(struct work_struct *wk)
0610 {
0611 struct smb2_oplock_break *rsp = NULL;
0612 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
0613 struct ksmbd_conn *conn = work->conn;
0614 struct oplock_break_info *br_info = work->request_buf;
0615 struct smb2_hdr *rsp_hdr;
0616 struct ksmbd_file *fp;
0617
0618 fp = ksmbd_lookup_durable_fd(br_info->fid);
0619 if (!fp)
0620 goto out;
0621
0622 if (allocate_oplock_break_buf(work)) {
0623 pr_err("smb2_allocate_rsp_buf failed! ");
0624 ksmbd_fd_put(work, fp);
0625 goto out;
0626 }
0627
0628 rsp_hdr = smb2_get_msg(work->response_buf);
0629 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
0630 *(__be32 *)work->response_buf =
0631 cpu_to_be32(conn->vals->header_size);
0632 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
0633 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
0634 rsp_hdr->CreditRequest = cpu_to_le16(0);
0635 rsp_hdr->Command = SMB2_OPLOCK_BREAK;
0636 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
0637 rsp_hdr->NextCommand = 0;
0638 rsp_hdr->MessageId = cpu_to_le64(-1);
0639 rsp_hdr->Id.SyncId.ProcessId = 0;
0640 rsp_hdr->Id.SyncId.TreeId = 0;
0641 rsp_hdr->SessionId = 0;
0642 memset(rsp_hdr->Signature, 0, 16);
0643
0644 rsp = smb2_get_msg(work->response_buf);
0645
0646 rsp->StructureSize = cpu_to_le16(24);
0647 if (!br_info->open_trunc &&
0648 (br_info->level == SMB2_OPLOCK_LEVEL_BATCH ||
0649 br_info->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE))
0650 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_II;
0651 else
0652 rsp->OplockLevel = SMB2_OPLOCK_LEVEL_NONE;
0653 rsp->Reserved = 0;
0654 rsp->Reserved2 = 0;
0655 rsp->PersistentFid = fp->persistent_id;
0656 rsp->VolatileFid = fp->volatile_id;
0657
0658 inc_rfc1001_len(work->response_buf, 24);
0659
0660 ksmbd_debug(OPLOCK,
0661 "sending oplock break v_id %llu p_id = %llu lock level = %d\n",
0662 rsp->VolatileFid, rsp->PersistentFid, rsp->OplockLevel);
0663
0664 ksmbd_fd_put(work, fp);
0665 ksmbd_conn_write(work);
0666
0667 out:
0668 ksmbd_free_work_struct(work);
0669
0670
0671
0672
0673
0674 if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q))
0675 wake_up(&conn->r_count_q);
0676 }
0677
0678
0679
0680
0681
0682
0683
0684
0685 static int smb2_oplock_break_noti(struct oplock_info *opinfo)
0686 {
0687 struct ksmbd_conn *conn = opinfo->conn;
0688 struct oplock_break_info *br_info;
0689 int ret = 0;
0690 struct ksmbd_work *work = ksmbd_alloc_work_struct();
0691
0692 if (!work)
0693 return -ENOMEM;
0694
0695 br_info = kmalloc(sizeof(struct oplock_break_info), GFP_KERNEL);
0696 if (!br_info) {
0697 ksmbd_free_work_struct(work);
0698 return -ENOMEM;
0699 }
0700
0701 br_info->level = opinfo->level;
0702 br_info->fid = opinfo->fid;
0703 br_info->open_trunc = opinfo->open_trunc;
0704
0705 work->request_buf = (char *)br_info;
0706 work->conn = conn;
0707 work->sess = opinfo->sess;
0708
0709 atomic_inc(&conn->r_count);
0710 if (opinfo->op_state == OPLOCK_ACK_WAIT) {
0711 INIT_WORK(&work->work, __smb2_oplock_break_noti);
0712 ksmbd_queue_work(work);
0713
0714 wait_for_break_ack(opinfo);
0715 } else {
0716 __smb2_oplock_break_noti(&work->work);
0717 if (opinfo->level == SMB2_OPLOCK_LEVEL_II)
0718 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
0719 }
0720 return ret;
0721 }
0722
0723
0724
0725
0726
0727
0728 static void __smb2_lease_break_noti(struct work_struct *wk)
0729 {
0730 struct smb2_lease_break *rsp = NULL;
0731 struct ksmbd_work *work = container_of(wk, struct ksmbd_work, work);
0732 struct lease_break_info *br_info = work->request_buf;
0733 struct ksmbd_conn *conn = work->conn;
0734 struct smb2_hdr *rsp_hdr;
0735
0736 if (allocate_oplock_break_buf(work)) {
0737 ksmbd_debug(OPLOCK, "smb2_allocate_rsp_buf failed! ");
0738 goto out;
0739 }
0740
0741 rsp_hdr = smb2_get_msg(work->response_buf);
0742 memset(rsp_hdr, 0, sizeof(struct smb2_hdr) + 2);
0743 *(__be32 *)work->response_buf =
0744 cpu_to_be32(conn->vals->header_size);
0745 rsp_hdr->ProtocolId = SMB2_PROTO_NUMBER;
0746 rsp_hdr->StructureSize = SMB2_HEADER_STRUCTURE_SIZE;
0747 rsp_hdr->CreditRequest = cpu_to_le16(0);
0748 rsp_hdr->Command = SMB2_OPLOCK_BREAK;
0749 rsp_hdr->Flags = (SMB2_FLAGS_SERVER_TO_REDIR);
0750 rsp_hdr->NextCommand = 0;
0751 rsp_hdr->MessageId = cpu_to_le64(-1);
0752 rsp_hdr->Id.SyncId.ProcessId = 0;
0753 rsp_hdr->Id.SyncId.TreeId = 0;
0754 rsp_hdr->SessionId = 0;
0755 memset(rsp_hdr->Signature, 0, 16);
0756
0757 rsp = smb2_get_msg(work->response_buf);
0758 rsp->StructureSize = cpu_to_le16(44);
0759 rsp->Epoch = br_info->epoch;
0760 rsp->Flags = 0;
0761
0762 if (br_info->curr_state & (SMB2_LEASE_WRITE_CACHING_LE |
0763 SMB2_LEASE_HANDLE_CACHING_LE))
0764 rsp->Flags = SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED;
0765
0766 memcpy(rsp->LeaseKey, br_info->lease_key, SMB2_LEASE_KEY_SIZE);
0767 rsp->CurrentLeaseState = br_info->curr_state;
0768 rsp->NewLeaseState = br_info->new_state;
0769 rsp->BreakReason = 0;
0770 rsp->AccessMaskHint = 0;
0771 rsp->ShareMaskHint = 0;
0772
0773 inc_rfc1001_len(work->response_buf, 44);
0774
0775 ksmbd_conn_write(work);
0776
0777 out:
0778 ksmbd_free_work_struct(work);
0779
0780
0781
0782
0783
0784 if (!atomic_dec_return(&conn->r_count) && waitqueue_active(&conn->r_count_q))
0785 wake_up(&conn->r_count_q);
0786 }
0787
0788
0789
0790
0791
0792
0793
0794
0795 static int smb2_lease_break_noti(struct oplock_info *opinfo)
0796 {
0797 struct ksmbd_conn *conn = opinfo->conn;
0798 struct list_head *tmp, *t;
0799 struct ksmbd_work *work;
0800 struct lease_break_info *br_info;
0801 struct lease *lease = opinfo->o_lease;
0802
0803 work = ksmbd_alloc_work_struct();
0804 if (!work)
0805 return -ENOMEM;
0806
0807 br_info = kmalloc(sizeof(struct lease_break_info), GFP_KERNEL);
0808 if (!br_info) {
0809 ksmbd_free_work_struct(work);
0810 return -ENOMEM;
0811 }
0812
0813 br_info->curr_state = lease->state;
0814 br_info->new_state = lease->new_state;
0815 if (lease->version == 2)
0816 br_info->epoch = cpu_to_le16(++lease->epoch);
0817 else
0818 br_info->epoch = 0;
0819 memcpy(br_info->lease_key, lease->lease_key, SMB2_LEASE_KEY_SIZE);
0820
0821 work->request_buf = (char *)br_info;
0822 work->conn = conn;
0823 work->sess = opinfo->sess;
0824
0825 atomic_inc(&conn->r_count);
0826 if (opinfo->op_state == OPLOCK_ACK_WAIT) {
0827 list_for_each_safe(tmp, t, &opinfo->interim_list) {
0828 struct ksmbd_work *in_work;
0829
0830 in_work = list_entry(tmp, struct ksmbd_work,
0831 interim_entry);
0832 setup_async_work(in_work, NULL, NULL);
0833 smb2_send_interim_resp(in_work, STATUS_PENDING);
0834 list_del(&in_work->interim_entry);
0835 }
0836 INIT_WORK(&work->work, __smb2_lease_break_noti);
0837 ksmbd_queue_work(work);
0838 wait_for_break_ack(opinfo);
0839 } else {
0840 __smb2_lease_break_noti(&work->work);
0841 if (opinfo->o_lease->new_state == SMB2_LEASE_NONE_LE) {
0842 opinfo->level = SMB2_OPLOCK_LEVEL_NONE;
0843 opinfo->o_lease->state = SMB2_LEASE_NONE_LE;
0844 }
0845 }
0846 return 0;
0847 }
0848
0849 static void wait_lease_breaking(struct oplock_info *opinfo)
0850 {
0851 if (!opinfo->is_lease)
0852 return;
0853
0854 wake_up_interruptible_all(&opinfo->oplock_brk);
0855 if (atomic_read(&opinfo->breaking_cnt)) {
0856 int ret = 0;
0857
0858 ret = wait_event_interruptible_timeout(opinfo->oplock_brk,
0859 atomic_read(&opinfo->breaking_cnt) == 0,
0860 HZ);
0861 if (!ret)
0862 atomic_set(&opinfo->breaking_cnt, 0);
0863 }
0864 }
0865
0866 static int oplock_break(struct oplock_info *brk_opinfo, int req_op_level)
0867 {
0868 int err = 0;
0869
0870
0871 ksmbd_debug(OPLOCK,
0872 "request to send oplock(level : 0x%x) break notification\n",
0873 brk_opinfo->level);
0874
0875 if (brk_opinfo->is_lease) {
0876 struct lease *lease = brk_opinfo->o_lease;
0877
0878 atomic_inc(&brk_opinfo->breaking_cnt);
0879
0880 err = oplock_break_pending(brk_opinfo, req_op_level);
0881 if (err)
0882 return err < 0 ? err : 0;
0883
0884 if (brk_opinfo->open_trunc) {
0885
0886
0887
0888
0889 lease->new_state = SMB2_LEASE_NONE_LE;
0890 } else {
0891 if (lease->state & SMB2_LEASE_WRITE_CACHING_LE) {
0892 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
0893 lease->new_state =
0894 SMB2_LEASE_READ_CACHING_LE |
0895 SMB2_LEASE_HANDLE_CACHING_LE;
0896 else
0897 lease->new_state =
0898 SMB2_LEASE_READ_CACHING_LE;
0899 } else {
0900 if (lease->state & SMB2_LEASE_HANDLE_CACHING_LE)
0901 lease->new_state =
0902 SMB2_LEASE_READ_CACHING_LE;
0903 else
0904 lease->new_state = SMB2_LEASE_NONE_LE;
0905 }
0906 }
0907
0908 if (lease->state & (SMB2_LEASE_WRITE_CACHING_LE |
0909 SMB2_LEASE_HANDLE_CACHING_LE))
0910 brk_opinfo->op_state = OPLOCK_ACK_WAIT;
0911 else
0912 atomic_dec(&brk_opinfo->breaking_cnt);
0913 } else {
0914 err = oplock_break_pending(brk_opinfo, req_op_level);
0915 if (err)
0916 return err < 0 ? err : 0;
0917
0918 if (brk_opinfo->level == SMB2_OPLOCK_LEVEL_BATCH ||
0919 brk_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE)
0920 brk_opinfo->op_state = OPLOCK_ACK_WAIT;
0921 }
0922
0923 if (brk_opinfo->is_lease)
0924 err = smb2_lease_break_noti(brk_opinfo);
0925 else
0926 err = smb2_oplock_break_noti(brk_opinfo);
0927
0928 ksmbd_debug(OPLOCK, "oplock granted = %d\n", brk_opinfo->level);
0929 if (brk_opinfo->op_state == OPLOCK_CLOSING)
0930 err = -ENOENT;
0931 wake_up_oplock_break(brk_opinfo);
0932
0933 wait_lease_breaking(brk_opinfo);
0934
0935 return err;
0936 }
0937
0938 void destroy_lease_table(struct ksmbd_conn *conn)
0939 {
0940 struct lease_table *lb, *lbtmp;
0941 struct oplock_info *opinfo;
0942
0943 write_lock(&lease_list_lock);
0944 if (list_empty(&lease_table_list)) {
0945 write_unlock(&lease_list_lock);
0946 return;
0947 }
0948
0949 list_for_each_entry_safe(lb, lbtmp, &lease_table_list, l_entry) {
0950 if (conn && memcmp(lb->client_guid, conn->ClientGUID,
0951 SMB2_CLIENT_GUID_SIZE))
0952 continue;
0953 again:
0954 rcu_read_lock();
0955 list_for_each_entry_rcu(opinfo, &lb->lease_list,
0956 lease_entry) {
0957 rcu_read_unlock();
0958 lease_del_list(opinfo);
0959 goto again;
0960 }
0961 rcu_read_unlock();
0962 list_del(&lb->l_entry);
0963 kfree(lb);
0964 }
0965 write_unlock(&lease_list_lock);
0966 }
0967
0968 int find_same_lease_key(struct ksmbd_session *sess, struct ksmbd_inode *ci,
0969 struct lease_ctx_info *lctx)
0970 {
0971 struct oplock_info *opinfo;
0972 int err = 0;
0973 struct lease_table *lb;
0974
0975 if (!lctx)
0976 return err;
0977
0978 read_lock(&lease_list_lock);
0979 if (list_empty(&lease_table_list)) {
0980 read_unlock(&lease_list_lock);
0981 return 0;
0982 }
0983
0984 list_for_each_entry(lb, &lease_table_list, l_entry) {
0985 if (!memcmp(lb->client_guid, sess->ClientGUID,
0986 SMB2_CLIENT_GUID_SIZE))
0987 goto found;
0988 }
0989 read_unlock(&lease_list_lock);
0990
0991 return 0;
0992
0993 found:
0994 rcu_read_lock();
0995 list_for_each_entry_rcu(opinfo, &lb->lease_list, lease_entry) {
0996 if (!atomic_inc_not_zero(&opinfo->refcount))
0997 continue;
0998 rcu_read_unlock();
0999 if (opinfo->o_fp->f_ci == ci)
1000 goto op_next;
1001 err = compare_guid_key(opinfo, sess->ClientGUID,
1002 lctx->lease_key);
1003 if (err) {
1004 err = -EINVAL;
1005 ksmbd_debug(OPLOCK,
1006 "found same lease key is already used in other files\n");
1007 opinfo_put(opinfo);
1008 goto out;
1009 }
1010 op_next:
1011 opinfo_put(opinfo);
1012 rcu_read_lock();
1013 }
1014 rcu_read_unlock();
1015
1016 out:
1017 read_unlock(&lease_list_lock);
1018 return err;
1019 }
1020
1021 static void copy_lease(struct oplock_info *op1, struct oplock_info *op2)
1022 {
1023 struct lease *lease1 = op1->o_lease;
1024 struct lease *lease2 = op2->o_lease;
1025
1026 op2->level = op1->level;
1027 lease2->state = lease1->state;
1028 memcpy(lease2->lease_key, lease1->lease_key,
1029 SMB2_LEASE_KEY_SIZE);
1030 lease2->duration = lease1->duration;
1031 lease2->flags = lease1->flags;
1032 }
1033
1034 static int add_lease_global_list(struct oplock_info *opinfo)
1035 {
1036 struct lease_table *lb;
1037
1038 read_lock(&lease_list_lock);
1039 list_for_each_entry(lb, &lease_table_list, l_entry) {
1040 if (!memcmp(lb->client_guid, opinfo->conn->ClientGUID,
1041 SMB2_CLIENT_GUID_SIZE)) {
1042 opinfo->o_lease->l_lb = lb;
1043 lease_add_list(opinfo);
1044 read_unlock(&lease_list_lock);
1045 return 0;
1046 }
1047 }
1048 read_unlock(&lease_list_lock);
1049
1050 lb = kmalloc(sizeof(struct lease_table), GFP_KERNEL);
1051 if (!lb)
1052 return -ENOMEM;
1053
1054 memcpy(lb->client_guid, opinfo->conn->ClientGUID,
1055 SMB2_CLIENT_GUID_SIZE);
1056 INIT_LIST_HEAD(&lb->lease_list);
1057 spin_lock_init(&lb->lb_lock);
1058 opinfo->o_lease->l_lb = lb;
1059 lease_add_list(opinfo);
1060 lb_add(lb);
1061 return 0;
1062 }
1063
1064 static void set_oplock_level(struct oplock_info *opinfo, int level,
1065 struct lease_ctx_info *lctx)
1066 {
1067 switch (level) {
1068 case SMB2_OPLOCK_LEVEL_BATCH:
1069 case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
1070 grant_write_oplock(opinfo, level, lctx);
1071 break;
1072 case SMB2_OPLOCK_LEVEL_II:
1073 grant_read_oplock(opinfo, lctx);
1074 break;
1075 default:
1076 grant_none_oplock(opinfo, lctx);
1077 break;
1078 }
1079 }
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093 int smb_grant_oplock(struct ksmbd_work *work, int req_op_level, u64 pid,
1094 struct ksmbd_file *fp, __u16 tid,
1095 struct lease_ctx_info *lctx, int share_ret)
1096 {
1097 struct ksmbd_session *sess = work->sess;
1098 int err = 0;
1099 struct oplock_info *opinfo = NULL, *prev_opinfo = NULL;
1100 struct ksmbd_inode *ci = fp->f_ci;
1101 bool prev_op_has_lease;
1102 __le32 prev_op_state = 0;
1103
1104
1105 if (S_ISDIR(file_inode(fp->filp)->i_mode))
1106 return 0;
1107
1108 opinfo = alloc_opinfo(work, pid, tid);
1109 if (!opinfo)
1110 return -ENOMEM;
1111
1112 if (lctx) {
1113 err = alloc_lease(opinfo, lctx);
1114 if (err)
1115 goto err_out;
1116 opinfo->is_lease = 1;
1117 }
1118
1119
1120 if (!opinfo_count(fp))
1121 goto set_lev;
1122
1123
1124 if (fp->attrib_only && fp->cdoption != FILE_OVERWRITE_IF_LE &&
1125 fp->cdoption != FILE_OVERWRITE_LE &&
1126 fp->cdoption != FILE_SUPERSEDE_LE) {
1127 req_op_level = SMB2_OPLOCK_LEVEL_NONE;
1128 goto set_lev;
1129 }
1130
1131 if (lctx) {
1132 struct oplock_info *m_opinfo;
1133
1134
1135 m_opinfo = same_client_has_lease(ci, sess->ClientGUID,
1136 lctx);
1137 if (m_opinfo) {
1138 copy_lease(m_opinfo, opinfo);
1139 if (atomic_read(&m_opinfo->breaking_cnt))
1140 opinfo->o_lease->flags =
1141 SMB2_LEASE_FLAG_BREAK_IN_PROGRESS_LE;
1142 goto out;
1143 }
1144 }
1145 prev_opinfo = opinfo_get_list(ci);
1146 if (!prev_opinfo ||
1147 (prev_opinfo->level == SMB2_OPLOCK_LEVEL_NONE && lctx))
1148 goto set_lev;
1149 prev_op_has_lease = prev_opinfo->is_lease;
1150 if (prev_op_has_lease)
1151 prev_op_state = prev_opinfo->o_lease->state;
1152
1153 if (share_ret < 0 &&
1154 prev_opinfo->level == SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
1155 err = share_ret;
1156 opinfo_put(prev_opinfo);
1157 goto err_out;
1158 }
1159
1160 if (prev_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
1161 prev_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
1162 opinfo_put(prev_opinfo);
1163 goto op_break_not_needed;
1164 }
1165
1166 list_add(&work->interim_entry, &prev_opinfo->interim_list);
1167 err = oplock_break(prev_opinfo, SMB2_OPLOCK_LEVEL_II);
1168 opinfo_put(prev_opinfo);
1169 if (err == -ENOENT)
1170 goto set_lev;
1171
1172 else if (err < 0)
1173 goto err_out;
1174
1175 op_break_not_needed:
1176 if (share_ret < 0) {
1177 err = share_ret;
1178 goto err_out;
1179 }
1180
1181 if (req_op_level != SMB2_OPLOCK_LEVEL_NONE)
1182 req_op_level = SMB2_OPLOCK_LEVEL_II;
1183
1184
1185 if (prev_op_has_lease && !lctx)
1186 if (prev_op_state & SMB2_LEASE_HANDLE_CACHING_LE)
1187 req_op_level = SMB2_OPLOCK_LEVEL_NONE;
1188
1189 if (!prev_op_has_lease && lctx) {
1190 req_op_level = SMB2_OPLOCK_LEVEL_II;
1191 lctx->req_state = SMB2_LEASE_READ_CACHING_LE;
1192 }
1193
1194 set_lev:
1195 set_oplock_level(opinfo, req_op_level, lctx);
1196
1197 out:
1198 rcu_assign_pointer(fp->f_opinfo, opinfo);
1199 opinfo->o_fp = fp;
1200
1201 opinfo_count_inc(fp);
1202 opinfo_add(opinfo);
1203 if (opinfo->is_lease) {
1204 err = add_lease_global_list(opinfo);
1205 if (err)
1206 goto err_out;
1207 }
1208
1209 return 0;
1210 err_out:
1211 free_opinfo(opinfo);
1212 return err;
1213 }
1214
1215
1216
1217
1218
1219
1220
1221 static void smb_break_all_write_oplock(struct ksmbd_work *work,
1222 struct ksmbd_file *fp, int is_trunc)
1223 {
1224 struct oplock_info *brk_opinfo;
1225
1226 brk_opinfo = opinfo_get_list(fp->f_ci);
1227 if (!brk_opinfo)
1228 return;
1229 if (brk_opinfo->level != SMB2_OPLOCK_LEVEL_BATCH &&
1230 brk_opinfo->level != SMB2_OPLOCK_LEVEL_EXCLUSIVE) {
1231 opinfo_put(brk_opinfo);
1232 return;
1233 }
1234
1235 brk_opinfo->open_trunc = is_trunc;
1236 list_add(&work->interim_entry, &brk_opinfo->interim_list);
1237 oplock_break(brk_opinfo, SMB2_OPLOCK_LEVEL_II);
1238 opinfo_put(brk_opinfo);
1239 }
1240
1241
1242
1243
1244
1245
1246
1247
1248 void smb_break_all_levII_oplock(struct ksmbd_work *work, struct ksmbd_file *fp,
1249 int is_trunc)
1250 {
1251 struct oplock_info *op, *brk_op;
1252 struct ksmbd_inode *ci;
1253 struct ksmbd_conn *conn = work->conn;
1254
1255 if (!test_share_config_flag(work->tcon->share_conf,
1256 KSMBD_SHARE_FLAG_OPLOCKS))
1257 return;
1258
1259 ci = fp->f_ci;
1260 op = opinfo_get(fp);
1261
1262 rcu_read_lock();
1263 list_for_each_entry_rcu(brk_op, &ci->m_op_list, op_entry) {
1264 if (!atomic_inc_not_zero(&brk_op->refcount))
1265 continue;
1266 rcu_read_unlock();
1267 if (brk_op->is_lease && (brk_op->o_lease->state &
1268 (~(SMB2_LEASE_READ_CACHING_LE |
1269 SMB2_LEASE_HANDLE_CACHING_LE)))) {
1270 ksmbd_debug(OPLOCK, "unexpected lease state(0x%x)\n",
1271 brk_op->o_lease->state);
1272 goto next;
1273 } else if (brk_op->level !=
1274 SMB2_OPLOCK_LEVEL_II) {
1275 ksmbd_debug(OPLOCK, "unexpected oplock(0x%x)\n",
1276 brk_op->level);
1277 goto next;
1278 }
1279
1280
1281 if (brk_op->is_lease &&
1282 brk_op->o_lease->new_state == SMB2_LEASE_NONE_LE &&
1283 atomic_read(&brk_op->breaking_cnt))
1284 goto next;
1285
1286 if (op && op->is_lease && brk_op->is_lease &&
1287 !memcmp(conn->ClientGUID, brk_op->conn->ClientGUID,
1288 SMB2_CLIENT_GUID_SIZE) &&
1289 !memcmp(op->o_lease->lease_key, brk_op->o_lease->lease_key,
1290 SMB2_LEASE_KEY_SIZE))
1291 goto next;
1292 brk_op->open_trunc = is_trunc;
1293 oplock_break(brk_op, SMB2_OPLOCK_LEVEL_NONE);
1294 next:
1295 opinfo_put(brk_op);
1296 rcu_read_lock();
1297 }
1298 rcu_read_unlock();
1299
1300 if (op)
1301 opinfo_put(op);
1302 }
1303
1304
1305
1306
1307
1308
1309 void smb_break_all_oplock(struct ksmbd_work *work, struct ksmbd_file *fp)
1310 {
1311 if (!test_share_config_flag(work->tcon->share_conf,
1312 KSMBD_SHARE_FLAG_OPLOCKS))
1313 return;
1314
1315 smb_break_all_write_oplock(work, fp, 1);
1316 smb_break_all_levII_oplock(work, fp, 1);
1317 }
1318
1319
1320
1321
1322
1323
1324
1325 __u8 smb2_map_lease_to_oplock(__le32 lease_state)
1326 {
1327 if (lease_state == (SMB2_LEASE_HANDLE_CACHING_LE |
1328 SMB2_LEASE_READ_CACHING_LE |
1329 SMB2_LEASE_WRITE_CACHING_LE)) {
1330 return SMB2_OPLOCK_LEVEL_BATCH;
1331 } else if (lease_state != SMB2_LEASE_WRITE_CACHING_LE &&
1332 lease_state & SMB2_LEASE_WRITE_CACHING_LE) {
1333 if (!(lease_state & SMB2_LEASE_HANDLE_CACHING_LE))
1334 return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
1335 } else if (lease_state & SMB2_LEASE_READ_CACHING_LE) {
1336 return SMB2_OPLOCK_LEVEL_II;
1337 }
1338 return 0;
1339 }
1340
1341
1342
1343
1344
1345
1346 void create_lease_buf(u8 *rbuf, struct lease *lease)
1347 {
1348 if (lease->version == 2) {
1349 struct create_lease_v2 *buf = (struct create_lease_v2 *)rbuf;
1350
1351 memset(buf, 0, sizeof(struct create_lease_v2));
1352 memcpy(buf->lcontext.LeaseKey, lease->lease_key,
1353 SMB2_LEASE_KEY_SIZE);
1354 buf->lcontext.LeaseFlags = lease->flags;
1355 buf->lcontext.LeaseState = lease->state;
1356 memcpy(buf->lcontext.ParentLeaseKey, lease->parent_lease_key,
1357 SMB2_LEASE_KEY_SIZE);
1358 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1359 (struct create_lease_v2, lcontext));
1360 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context_v2));
1361 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1362 (struct create_lease_v2, Name));
1363 buf->ccontext.NameLength = cpu_to_le16(4);
1364 buf->Name[0] = 'R';
1365 buf->Name[1] = 'q';
1366 buf->Name[2] = 'L';
1367 buf->Name[3] = 's';
1368 } else {
1369 struct create_lease *buf = (struct create_lease *)rbuf;
1370
1371 memset(buf, 0, sizeof(struct create_lease));
1372 memcpy(buf->lcontext.LeaseKey, lease->lease_key, SMB2_LEASE_KEY_SIZE);
1373 buf->lcontext.LeaseFlags = lease->flags;
1374 buf->lcontext.LeaseState = lease->state;
1375 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1376 (struct create_lease, lcontext));
1377 buf->ccontext.DataLength = cpu_to_le32(sizeof(struct lease_context));
1378 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1379 (struct create_lease, Name));
1380 buf->ccontext.NameLength = cpu_to_le16(4);
1381 buf->Name[0] = 'R';
1382 buf->Name[1] = 'q';
1383 buf->Name[2] = 'L';
1384 buf->Name[3] = 's';
1385 }
1386 }
1387
1388
1389
1390
1391
1392
1393
1394 struct lease_ctx_info *parse_lease_state(void *open_req)
1395 {
1396 char *data_offset;
1397 struct create_context *cc;
1398 unsigned int next = 0;
1399 char *name;
1400 bool found = false;
1401 struct smb2_create_req *req = (struct smb2_create_req *)open_req;
1402 struct lease_ctx_info *lreq = kzalloc(sizeof(struct lease_ctx_info),
1403 GFP_KERNEL);
1404 if (!lreq)
1405 return NULL;
1406
1407 data_offset = (char *)req + le32_to_cpu(req->CreateContextsOffset);
1408 cc = (struct create_context *)data_offset;
1409 do {
1410 cc = (struct create_context *)((char *)cc + next);
1411 name = le16_to_cpu(cc->NameOffset) + (char *)cc;
1412 if (le16_to_cpu(cc->NameLength) != 4 ||
1413 strncmp(name, SMB2_CREATE_REQUEST_LEASE, 4)) {
1414 next = le32_to_cpu(cc->Next);
1415 continue;
1416 }
1417 found = true;
1418 break;
1419 } while (next != 0);
1420
1421 if (found) {
1422 if (sizeof(struct lease_context_v2) == le32_to_cpu(cc->DataLength)) {
1423 struct create_lease_v2 *lc = (struct create_lease_v2 *)cc;
1424
1425 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
1426 lreq->req_state = lc->lcontext.LeaseState;
1427 lreq->flags = lc->lcontext.LeaseFlags;
1428 lreq->duration = lc->lcontext.LeaseDuration;
1429 memcpy(lreq->parent_lease_key, lc->lcontext.ParentLeaseKey,
1430 SMB2_LEASE_KEY_SIZE);
1431 lreq->version = 2;
1432 } else {
1433 struct create_lease *lc = (struct create_lease *)cc;
1434
1435 memcpy(lreq->lease_key, lc->lcontext.LeaseKey, SMB2_LEASE_KEY_SIZE);
1436 lreq->req_state = lc->lcontext.LeaseState;
1437 lreq->flags = lc->lcontext.LeaseFlags;
1438 lreq->duration = lc->lcontext.LeaseDuration;
1439 lreq->version = 1;
1440 }
1441 return lreq;
1442 }
1443
1444 kfree(lreq);
1445 return NULL;
1446 }
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456 struct create_context *smb2_find_context_vals(void *open_req, const char *tag)
1457 {
1458 struct create_context *cc;
1459 unsigned int next = 0;
1460 char *name;
1461 struct smb2_create_req *req = (struct smb2_create_req *)open_req;
1462 unsigned int remain_len, name_off, name_len, value_off, value_len,
1463 cc_len;
1464
1465
1466
1467
1468
1469 cc = (struct create_context *)((char *)req +
1470 le32_to_cpu(req->CreateContextsOffset));
1471 remain_len = le32_to_cpu(req->CreateContextsLength);
1472 do {
1473 cc = (struct create_context *)((char *)cc + next);
1474 if (remain_len < offsetof(struct create_context, Buffer))
1475 return ERR_PTR(-EINVAL);
1476
1477 next = le32_to_cpu(cc->Next);
1478 name_off = le16_to_cpu(cc->NameOffset);
1479 name_len = le16_to_cpu(cc->NameLength);
1480 value_off = le16_to_cpu(cc->DataOffset);
1481 value_len = le32_to_cpu(cc->DataLength);
1482 cc_len = next ? next : remain_len;
1483
1484 if ((next & 0x7) != 0 ||
1485 next > remain_len ||
1486 name_off != offsetof(struct create_context, Buffer) ||
1487 name_len < 4 ||
1488 name_off + name_len > cc_len ||
1489 (value_off & 0x7) != 0 ||
1490 (value_off && (value_off < name_off + name_len)) ||
1491 ((u64)value_off + value_len > cc_len))
1492 return ERR_PTR(-EINVAL);
1493
1494 name = (char *)cc + name_off;
1495 if (memcmp(name, tag, name_len) == 0)
1496 return cc;
1497
1498 remain_len -= next;
1499 } while (next != 0);
1500
1501 return NULL;
1502 }
1503
1504
1505
1506
1507
1508 void create_durable_rsp_buf(char *cc)
1509 {
1510 struct create_durable_rsp *buf;
1511
1512 buf = (struct create_durable_rsp *)cc;
1513 memset(buf, 0, sizeof(struct create_durable_rsp));
1514 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1515 (struct create_durable_rsp, Data));
1516 buf->ccontext.DataLength = cpu_to_le32(8);
1517 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1518 (struct create_durable_rsp, Name));
1519 buf->ccontext.NameLength = cpu_to_le16(4);
1520
1521 buf->Name[0] = 'D';
1522 buf->Name[1] = 'H';
1523 buf->Name[2] = 'n';
1524 buf->Name[3] = 'Q';
1525 }
1526
1527
1528
1529
1530
1531
1532 void create_durable_v2_rsp_buf(char *cc, struct ksmbd_file *fp)
1533 {
1534 struct create_durable_v2_rsp *buf;
1535
1536 buf = (struct create_durable_v2_rsp *)cc;
1537 memset(buf, 0, sizeof(struct create_durable_rsp));
1538 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1539 (struct create_durable_rsp, Data));
1540 buf->ccontext.DataLength = cpu_to_le32(8);
1541 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1542 (struct create_durable_rsp, Name));
1543 buf->ccontext.NameLength = cpu_to_le16(4);
1544
1545 buf->Name[0] = 'D';
1546 buf->Name[1] = 'H';
1547 buf->Name[2] = '2';
1548 buf->Name[3] = 'Q';
1549
1550 buf->Timeout = cpu_to_le32(fp->durable_timeout);
1551 }
1552
1553
1554
1555
1556
1557
1558 void create_mxac_rsp_buf(char *cc, int maximal_access)
1559 {
1560 struct create_mxac_rsp *buf;
1561
1562 buf = (struct create_mxac_rsp *)cc;
1563 memset(buf, 0, sizeof(struct create_mxac_rsp));
1564 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1565 (struct create_mxac_rsp, QueryStatus));
1566 buf->ccontext.DataLength = cpu_to_le32(8);
1567 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1568 (struct create_mxac_rsp, Name));
1569 buf->ccontext.NameLength = cpu_to_le16(4);
1570
1571 buf->Name[0] = 'M';
1572 buf->Name[1] = 'x';
1573 buf->Name[2] = 'A';
1574 buf->Name[3] = 'c';
1575
1576 buf->QueryStatus = STATUS_SUCCESS;
1577 buf->MaximalAccess = cpu_to_le32(maximal_access);
1578 }
1579
1580 void create_disk_id_rsp_buf(char *cc, __u64 file_id, __u64 vol_id)
1581 {
1582 struct create_disk_id_rsp *buf;
1583
1584 buf = (struct create_disk_id_rsp *)cc;
1585 memset(buf, 0, sizeof(struct create_disk_id_rsp));
1586 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1587 (struct create_disk_id_rsp, DiskFileId));
1588 buf->ccontext.DataLength = cpu_to_le32(32);
1589 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1590 (struct create_mxac_rsp, Name));
1591 buf->ccontext.NameLength = cpu_to_le16(4);
1592
1593 buf->Name[0] = 'Q';
1594 buf->Name[1] = 'F';
1595 buf->Name[2] = 'i';
1596 buf->Name[3] = 'd';
1597
1598 buf->DiskFileId = cpu_to_le64(file_id);
1599 buf->VolumeId = cpu_to_le64(vol_id);
1600 }
1601
1602
1603
1604
1605
1606
1607 void create_posix_rsp_buf(char *cc, struct ksmbd_file *fp)
1608 {
1609 struct create_posix_rsp *buf;
1610 struct inode *inode = file_inode(fp->filp);
1611 struct user_namespace *user_ns = file_mnt_user_ns(fp->filp);
1612
1613 buf = (struct create_posix_rsp *)cc;
1614 memset(buf, 0, sizeof(struct create_posix_rsp));
1615 buf->ccontext.DataOffset = cpu_to_le16(offsetof
1616 (struct create_posix_rsp, nlink));
1617 buf->ccontext.DataLength = cpu_to_le32(52);
1618 buf->ccontext.NameOffset = cpu_to_le16(offsetof
1619 (struct create_posix_rsp, Name));
1620 buf->ccontext.NameLength = cpu_to_le16(POSIX_CTXT_DATA_LEN);
1621
1622 buf->Name[0] = 0x93;
1623 buf->Name[1] = 0xAD;
1624 buf->Name[2] = 0x25;
1625 buf->Name[3] = 0x50;
1626 buf->Name[4] = 0x9C;
1627 buf->Name[5] = 0xB4;
1628 buf->Name[6] = 0x11;
1629 buf->Name[7] = 0xE7;
1630 buf->Name[8] = 0xB4;
1631 buf->Name[9] = 0x23;
1632 buf->Name[10] = 0x83;
1633 buf->Name[11] = 0xDE;
1634 buf->Name[12] = 0x96;
1635 buf->Name[13] = 0x8B;
1636 buf->Name[14] = 0xCD;
1637 buf->Name[15] = 0x7C;
1638
1639 buf->nlink = cpu_to_le32(inode->i_nlink);
1640 buf->reparse_tag = cpu_to_le32(fp->volatile_id);
1641 buf->mode = cpu_to_le32(inode->i_mode);
1642 id_to_sid(from_kuid_munged(&init_user_ns,
1643 i_uid_into_mnt(user_ns, inode)),
1644 SIDNFS_USER, (struct smb_sid *)&buf->SidBuffer[0]);
1645 id_to_sid(from_kgid_munged(&init_user_ns,
1646 i_gid_into_mnt(user_ns, inode)),
1647 SIDNFS_GROUP, (struct smb_sid *)&buf->SidBuffer[20]);
1648 }
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661 struct oplock_info *lookup_lease_in_table(struct ksmbd_conn *conn,
1662 char *lease_key)
1663 {
1664 struct oplock_info *opinfo = NULL, *ret_op = NULL;
1665 struct lease_table *lt;
1666 int ret;
1667
1668 read_lock(&lease_list_lock);
1669 list_for_each_entry(lt, &lease_table_list, l_entry) {
1670 if (!memcmp(lt->client_guid, conn->ClientGUID,
1671 SMB2_CLIENT_GUID_SIZE))
1672 goto found;
1673 }
1674
1675 read_unlock(&lease_list_lock);
1676 return NULL;
1677
1678 found:
1679 rcu_read_lock();
1680 list_for_each_entry_rcu(opinfo, <->lease_list, lease_entry) {
1681 if (!atomic_inc_not_zero(&opinfo->refcount))
1682 continue;
1683 rcu_read_unlock();
1684 if (!opinfo->op_state || opinfo->op_state == OPLOCK_CLOSING)
1685 goto op_next;
1686 if (!(opinfo->o_lease->state &
1687 (SMB2_LEASE_HANDLE_CACHING_LE |
1688 SMB2_LEASE_WRITE_CACHING_LE)))
1689 goto op_next;
1690 ret = compare_guid_key(opinfo, conn->ClientGUID,
1691 lease_key);
1692 if (ret) {
1693 ksmbd_debug(OPLOCK, "found opinfo\n");
1694 ret_op = opinfo;
1695 goto out;
1696 }
1697 op_next:
1698 opinfo_put(opinfo);
1699 rcu_read_lock();
1700 }
1701 rcu_read_unlock();
1702
1703 out:
1704 read_unlock(&lease_list_lock);
1705 return ret_op;
1706 }
