1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* CacheFiles path walking and related routines
4 * Copyright (C) 2021 Red Hat, Inc. All Rights Reserved.
5 * Written by David Howells (dhowells@redhat.com)
9 #include <linux/namei.h>
13 * Mark the backing file as being a cache file if it's not already in use. The
14 * mark tells the culling request command that it's not allowed to cull the
15 * file or directory. The caller must hold the inode lock.
17 static bool __cachefiles_mark_inode_in_use(struct cachefiles_object *object,
18 struct dentry *dentry)
20 struct inode *inode = d_backing_inode(dentry);
23 if (!(inode->i_flags & S_KERNEL_FILE)) {
24 inode->i_flags |= S_KERNEL_FILE;
25 trace_cachefiles_mark_active(object, inode);
28 trace_cachefiles_mark_failed(object, inode);
29 pr_notice("cachefiles: Inode already in use: %pd (B=%lx)\n",
30 dentry, inode->i_ino);
36 static bool cachefiles_mark_inode_in_use(struct cachefiles_object *object,
37 struct dentry *dentry)
39 struct inode *inode = d_backing_inode(dentry);
43 can_use = __cachefiles_mark_inode_in_use(object, dentry);
49 * Unmark a backing inode. The caller must hold the inode lock.
51 static void __cachefiles_unmark_inode_in_use(struct cachefiles_object *object,
52 struct dentry *dentry)
54 struct inode *inode = d_backing_inode(dentry);
56 inode->i_flags &= ~S_KERNEL_FILE;
57 trace_cachefiles_mark_inactive(object, inode);
61 * Unmark a backing inode and tell cachefilesd that there's something that can
64 void cachefiles_unmark_inode_in_use(struct cachefiles_object *object,
67 struct cachefiles_cache *cache = object->volume->cache;
68 struct inode *inode = file_inode(file);
72 __cachefiles_unmark_inode_in_use(object, file->f_path.dentry);
75 if (!test_bit(CACHEFILES_OBJECT_USING_TMPFILE, &object->flags)) {
76 atomic_long_add(inode->i_blocks, &cache->b_released);
77 if (atomic_inc_return(&cache->f_released))
78 cachefiles_state_changed(cache);
86 struct dentry *cachefiles_get_directory(struct cachefiles_cache *cache,
91 struct dentry *subdir;
95 _enter(",,%s", dirname);
97 /* search the current directory for the element name */
98 inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
101 ret = cachefiles_inject_read_error();
103 subdir = lookup_one_len(dirname, dir, strlen(dirname));
105 subdir = ERR_PTR(ret);
106 trace_cachefiles_lookup(NULL, dir, subdir);
107 if (IS_ERR(subdir)) {
108 trace_cachefiles_vfs_error(NULL, d_backing_inode(dir),
110 cachefiles_trace_lookup_error);
111 if (PTR_ERR(subdir) == -ENOMEM)
116 _debug("subdir -> %pd %s",
117 subdir, d_backing_inode(subdir) ? "positive" : "negative");
119 /* we need to create the subdir if it doesn't exist yet */
120 if (d_is_negative(subdir)) {
121 ret = cachefiles_has_space(cache, 1, 0,
122 cachefiles_has_space_for_create);
126 _debug("attempt mkdir");
128 path.mnt = cache->mnt;
130 ret = security_path_mkdir(&path, subdir, 0700);
133 ret = cachefiles_inject_write_error();
135 ret = vfs_mkdir(&init_user_ns, d_inode(dir), subdir, 0700);
137 trace_cachefiles_vfs_error(NULL, d_inode(dir), ret,
138 cachefiles_trace_mkdir_error);
141 trace_cachefiles_mkdir(dir, subdir);
143 if (unlikely(d_unhashed(subdir))) {
144 cachefiles_put_directory(subdir);
147 ASSERT(d_backing_inode(subdir));
149 _debug("mkdir -> %pd{ino=%lu}",
150 subdir, d_backing_inode(subdir)->i_ino);
155 /* Tell rmdir() it's not allowed to delete the subdir */
156 inode_lock(d_inode(subdir));
157 inode_unlock(d_inode(dir));
159 if (!__cachefiles_mark_inode_in_use(NULL, subdir))
162 inode_unlock(d_inode(subdir));
164 /* we need to make sure the subdir is a directory */
165 ASSERT(d_backing_inode(subdir));
167 if (!d_can_lookup(subdir)) {
168 pr_err("%s is not a directory\n", dirname);
174 if (!(d_backing_inode(subdir)->i_opflags & IOP_XATTR) ||
175 !d_backing_inode(subdir)->i_op->lookup ||
176 !d_backing_inode(subdir)->i_op->mkdir ||
177 !d_backing_inode(subdir)->i_op->rename ||
178 !d_backing_inode(subdir)->i_op->rmdir ||
179 !d_backing_inode(subdir)->i_op->unlink)
182 _leave(" = [%lu]", d_backing_inode(subdir)->i_ino);
186 cachefiles_put_directory(subdir);
187 _leave(" = %d [check]", ret);
191 inode_unlock(d_inode(subdir));
193 return ERR_PTR(-EBUSY);
196 inode_unlock(d_inode(dir));
198 pr_err("mkdir %s failed with error %d\n", dirname, ret);
202 inode_unlock(d_inode(dir));
203 ret = PTR_ERR(subdir);
204 pr_err("Lookup %s failed with error %d\n", dirname, ret);
208 inode_unlock(d_inode(dir));
209 _leave(" = -ENOMEM");
210 return ERR_PTR(-ENOMEM);
214 * Put a subdirectory.
216 void cachefiles_put_directory(struct dentry *dir)
219 inode_lock(dir->d_inode);
220 __cachefiles_unmark_inode_in_use(NULL, dir);
221 inode_unlock(dir->d_inode);
227 * Remove a regular file from the cache.
229 static int cachefiles_unlink(struct cachefiles_cache *cache,
230 struct cachefiles_object *object,
231 struct dentry *dir, struct dentry *dentry,
232 enum fscache_why_object_killed why)
240 trace_cachefiles_unlink(object, d_inode(dentry)->i_ino, why);
241 ret = security_path_unlink(&path, dentry);
243 cachefiles_io_error(cache, "Unlink security error");
247 ret = cachefiles_inject_remove_error();
249 ret = vfs_unlink(&init_user_ns, d_backing_inode(dir), dentry, NULL);
251 cachefiles_io_error(cache, "Unlink failed");
254 trace_cachefiles_vfs_error(object, d_backing_inode(dir), ret,
255 cachefiles_trace_unlink_error);
260 * Delete an object representation from the cache
261 * - File backed objects are unlinked
262 * - Directory backed objects are stuffed into the graveyard for userspace to
265 int cachefiles_bury_object(struct cachefiles_cache *cache,
266 struct cachefiles_object *object,
269 enum fscache_why_object_killed why)
271 struct dentry *grave, *trap;
272 struct path path, path_to_graveyard;
273 char nbuffer[8 + 8 + 1];
276 _enter(",'%pd','%pd'", dir, rep);
278 if (rep->d_parent != dir) {
279 inode_unlock(d_inode(dir));
280 _leave(" = -ESTALE");
284 /* non-directories can just be unlinked */
285 if (!d_is_dir(rep)) {
286 dget(rep); /* Stop the dentry being negated if it's only pinned
289 ret = cachefiles_unlink(cache, object, dir, rep, why);
292 inode_unlock(d_inode(dir));
293 _leave(" = %d", ret);
297 /* directories have to be moved to the graveyard */
298 _debug("move stale object to graveyard");
299 inode_unlock(d_inode(dir));
302 /* first step is to make up a grave dentry in the graveyard */
303 sprintf(nbuffer, "%08x%08x",
304 (uint32_t) ktime_get_real_seconds(),
305 (uint32_t) atomic_inc_return(&cache->gravecounter));
307 /* do the multiway lock magic */
308 trap = lock_rename(cache->graveyard, dir);
310 /* do some checks before getting the grave dentry */
311 if (rep->d_parent != dir || IS_DEADDIR(d_inode(rep))) {
312 /* the entry was probably culled when we dropped the parent dir
314 unlock_rename(cache->graveyard, dir);
315 _leave(" = 0 [culled?]");
319 if (!d_can_lookup(cache->graveyard)) {
320 unlock_rename(cache->graveyard, dir);
321 cachefiles_io_error(cache, "Graveyard no longer a directory");
326 unlock_rename(cache->graveyard, dir);
327 cachefiles_io_error(cache, "May not make directory loop");
331 if (d_mountpoint(rep)) {
332 unlock_rename(cache->graveyard, dir);
333 cachefiles_io_error(cache, "Mountpoint in cache");
337 grave = lookup_one_len(nbuffer, cache->graveyard, strlen(nbuffer));
339 unlock_rename(cache->graveyard, dir);
340 trace_cachefiles_vfs_error(object, d_inode(cache->graveyard),
342 cachefiles_trace_lookup_error);
344 if (PTR_ERR(grave) == -ENOMEM) {
345 _leave(" = -ENOMEM");
349 cachefiles_io_error(cache, "Lookup error %ld", PTR_ERR(grave));
353 if (d_is_positive(grave)) {
354 unlock_rename(cache->graveyard, dir);
361 if (d_mountpoint(grave)) {
362 unlock_rename(cache->graveyard, dir);
364 cachefiles_io_error(cache, "Mountpoint in graveyard");
368 /* target should not be an ancestor of source */
370 unlock_rename(cache->graveyard, dir);
372 cachefiles_io_error(cache, "May not make directory loop");
376 /* attempt the rename */
377 path.mnt = cache->mnt;
379 path_to_graveyard.mnt = cache->mnt;
380 path_to_graveyard.dentry = cache->graveyard;
381 ret = security_path_rename(&path, rep, &path_to_graveyard, grave, 0);
383 cachefiles_io_error(cache, "Rename security error %d", ret);
385 struct renamedata rd = {
386 .old_mnt_userns = &init_user_ns,
387 .old_dir = d_inode(dir),
389 .new_mnt_userns = &init_user_ns,
390 .new_dir = d_inode(cache->graveyard),
393 trace_cachefiles_rename(object, d_inode(rep)->i_ino, why);
394 ret = cachefiles_inject_read_error();
396 ret = vfs_rename(&rd);
398 trace_cachefiles_vfs_error(object, d_inode(dir), ret,
399 cachefiles_trace_rename_error);
400 if (ret != 0 && ret != -ENOMEM)
401 cachefiles_io_error(cache,
402 "Rename failed with error %d", ret);
405 __cachefiles_unmark_inode_in_use(object, rep);
406 unlock_rename(cache->graveyard, dir);
413 * Delete a cache file.
415 int cachefiles_delete_object(struct cachefiles_object *object,
416 enum fscache_why_object_killed why)
418 struct cachefiles_volume *volume = object->volume;
419 struct dentry *dentry = object->file->f_path.dentry;
420 struct dentry *fan = volume->fanout[(u8)object->cookie->key_hash];
423 _enter(",OBJ%x{%pD}", object->debug_id, object->file);
425 /* Stop the dentry being negated if it's only pinned by a file struct. */
428 inode_lock_nested(d_backing_inode(fan), I_MUTEX_PARENT);
429 ret = cachefiles_unlink(volume->cache, object, fan, dentry, why);
430 inode_unlock(d_backing_inode(fan));
436 * Create a temporary file and leave it unattached and un-xattr'd until the
437 * time comes to discard the object from memory.
439 struct file *cachefiles_create_tmpfile(struct cachefiles_object *object)
441 struct cachefiles_volume *volume = object->volume;
442 struct cachefiles_cache *cache = volume->cache;
443 const struct cred *saved_cred;
444 struct dentry *fan = volume->fanout[(u8)object->cookie->key_hash];
447 uint64_t ni_size = object->cookie->object_size;
450 ni_size = round_up(ni_size, CACHEFILES_DIO_BLOCK_SIZE);
452 cachefiles_begin_secure(cache, &saved_cred);
454 path.mnt = cache->mnt;
455 ret = cachefiles_inject_write_error();
457 path.dentry = vfs_tmpfile(&init_user_ns, fan, S_IFREG, O_RDWR);
459 path.dentry = ERR_PTR(ret);
460 if (IS_ERR(path.dentry)) {
461 trace_cachefiles_vfs_error(object, d_inode(fan), PTR_ERR(path.dentry),
462 cachefiles_trace_tmpfile_error);
463 if (PTR_ERR(path.dentry) == -EIO)
464 cachefiles_io_error_obj(object, "Failed to create tmpfile");
465 file = ERR_CAST(path.dentry);
469 trace_cachefiles_tmpfile(object, d_backing_inode(path.dentry));
471 if (!cachefiles_mark_inode_in_use(object, path.dentry)) {
472 file = ERR_PTR(-EBUSY);
477 trace_cachefiles_trunc(object, d_backing_inode(path.dentry), 0, ni_size,
478 cachefiles_trunc_expand_tmpfile);
479 ret = cachefiles_inject_write_error();
481 ret = vfs_truncate(&path, ni_size);
483 trace_cachefiles_vfs_error(
484 object, d_backing_inode(path.dentry), ret,
485 cachefiles_trace_trunc_error);
491 file = open_with_fake_path(&path, O_RDWR | O_LARGEFILE | O_DIRECT,
492 d_backing_inode(path.dentry), cache->cache_cred);
494 trace_cachefiles_vfs_error(object, d_backing_inode(path.dentry),
496 cachefiles_trace_open_error);
499 if (unlikely(!file->f_op->read_iter) ||
500 unlikely(!file->f_op->write_iter)) {
502 pr_notice("Cache does not support read_iter and write_iter\n");
503 file = ERR_PTR(-EINVAL);
509 cachefiles_end_secure(cache, saved_cred);
516 static bool cachefiles_create_file(struct cachefiles_object *object)
521 ret = cachefiles_has_space(object->volume->cache, 1, 0,
522 cachefiles_has_space_for_create);
526 file = cachefiles_create_tmpfile(object);
530 set_bit(FSCACHE_COOKIE_NEEDS_UPDATE, &object->cookie->flags);
531 set_bit(CACHEFILES_OBJECT_USING_TMPFILE, &object->flags);
532 _debug("create -> %pD{ino=%lu}", file, file_inode(file)->i_ino);
538 * Open an existing file, checking its attributes and replacing it if it is
541 static bool cachefiles_open_file(struct cachefiles_object *object,
542 struct dentry *dentry)
544 struct cachefiles_cache *cache = object->volume->cache;
549 _enter("%pd", dentry);
551 if (!cachefiles_mark_inode_in_use(object, dentry))
554 /* We need to open a file interface onto a data file now as we can't do
555 * it on demand because writeback called from do_exit() sees
556 * current->fs == NULL - which breaks d_path() called from ext4 open.
558 path.mnt = cache->mnt;
559 path.dentry = dentry;
560 file = open_with_fake_path(&path, O_RDWR | O_LARGEFILE | O_DIRECT,
561 d_backing_inode(dentry), cache->cache_cred);
563 trace_cachefiles_vfs_error(object, d_backing_inode(dentry),
565 cachefiles_trace_open_error);
569 if (unlikely(!file->f_op->read_iter) ||
570 unlikely(!file->f_op->write_iter)) {
571 pr_notice("Cache does not support read_iter and write_iter\n");
574 _debug("file -> %pd positive", dentry);
576 ret = cachefiles_check_auxdata(object, file);
582 /* Always update the atime on an object we've just looked up (this is
583 * used to keep track of culling, and atimes are only updated by read,
584 * write and readdir but not lookup or open).
586 touch_atime(&file->f_path);
591 fscache_cookie_lookup_negative(object->cookie);
592 cachefiles_unmark_inode_in_use(object, file);
593 if (ret == -ESTALE) {
596 return cachefiles_create_file(object);
606 * walk from the parent object to the child object through the backing
607 * filesystem, creating directories as we go
609 bool cachefiles_look_up_object(struct cachefiles_object *object)
611 struct cachefiles_volume *volume = object->volume;
612 struct dentry *dentry, *fan = volume->fanout[(u8)object->cookie->key_hash];
615 _enter("OBJ%x,%s,", object->debug_id, object->d_name);
617 /* Look up path "cache/vol/fanout/file". */
618 ret = cachefiles_inject_read_error();
620 dentry = lookup_positive_unlocked(object->d_name, fan,
623 dentry = ERR_PTR(ret);
624 trace_cachefiles_lookup(object, fan, dentry);
625 if (IS_ERR(dentry)) {
626 if (dentry == ERR_PTR(-ENOENT))
628 if (dentry == ERR_PTR(-EIO))
629 cachefiles_io_error_obj(object, "Lookup failed");
633 if (!d_is_reg(dentry)) {
634 pr_err("%pd is not a file\n", dentry);
635 inode_lock_nested(d_inode(fan), I_MUTEX_PARENT);
636 ret = cachefiles_bury_object(volume->cache, object, fan, dentry,
637 FSCACHE_OBJECT_IS_WEIRD);
644 if (!cachefiles_open_file(object, dentry))
647 _leave(" = t [%lu]", file_inode(object->file)->i_ino);
651 fscache_cookie_lookup_negative(object->cookie);
652 return cachefiles_create_file(object);
656 * Attempt to link a temporary file into its rightful place in the cache.
658 bool cachefiles_commit_tmpfile(struct cachefiles_cache *cache,
659 struct cachefiles_object *object)
661 struct cachefiles_volume *volume = object->volume;
662 struct dentry *dentry, *fan = volume->fanout[(u8)object->cookie->key_hash];
663 bool success = false;
666 _enter(",%pD", object->file);
668 inode_lock_nested(d_inode(fan), I_MUTEX_PARENT);
669 ret = cachefiles_inject_read_error();
671 dentry = lookup_one_len(object->d_name, fan, object->d_name_len);
673 dentry = ERR_PTR(ret);
674 if (IS_ERR(dentry)) {
675 trace_cachefiles_vfs_error(object, d_inode(fan), PTR_ERR(dentry),
676 cachefiles_trace_lookup_error);
677 _debug("lookup fail %ld", PTR_ERR(dentry));
681 if (!d_is_negative(dentry)) {
682 if (d_backing_inode(dentry) == file_inode(object->file)) {
687 ret = cachefiles_unlink(volume->cache, object, fan, dentry,
688 FSCACHE_OBJECT_IS_STALE);
693 ret = cachefiles_inject_read_error();
695 dentry = lookup_one_len(object->d_name, fan, object->d_name_len);
697 dentry = ERR_PTR(ret);
698 if (IS_ERR(dentry)) {
699 trace_cachefiles_vfs_error(object, d_inode(fan), PTR_ERR(dentry),
700 cachefiles_trace_lookup_error);
701 _debug("lookup fail %ld", PTR_ERR(dentry));
706 ret = cachefiles_inject_read_error();
708 ret = vfs_link(object->file->f_path.dentry, &init_user_ns,
709 d_inode(fan), dentry, NULL);
711 trace_cachefiles_vfs_error(object, d_inode(fan), ret,
712 cachefiles_trace_link_error);
713 _debug("link fail %d", ret);
715 trace_cachefiles_link(object, file_inode(object->file));
716 spin_lock(&object->lock);
717 /* TODO: Do we want to switch the file pointer to the new dentry? */
718 clear_bit(CACHEFILES_OBJECT_USING_TMPFILE, &object->flags);
719 spin_unlock(&object->lock);
726 inode_unlock(d_inode(fan));
727 _leave(" = %u", success);
732 * Look up an inode to be checked or culled. Return -EBUSY if the inode is
735 static struct dentry *cachefiles_lookup_for_cull(struct cachefiles_cache *cache,
739 struct dentry *victim;
742 inode_lock_nested(d_inode(dir), I_MUTEX_PARENT);
744 victim = lookup_one_len(filename, dir, strlen(filename));
747 if (d_is_negative(victim))
749 if (d_inode(victim)->i_flags & S_KERNEL_FILE)
756 inode_unlock(d_inode(dir));
761 inode_unlock(d_inode(dir));
762 ret = PTR_ERR(victim);
764 return ERR_PTR(-ESTALE); /* Probably got retired by the netfs */
767 cachefiles_io_error(cache, "Lookup failed");
768 } else if (ret != -ENOMEM) {
769 pr_err("Internal error: %d\n", ret);
777 * Cull an object if it's not in use
778 * - called only by cache manager daemon
780 int cachefiles_cull(struct cachefiles_cache *cache, struct dentry *dir,
783 struct dentry *victim;
787 _enter(",%pd/,%s", dir, filename);
789 victim = cachefiles_lookup_for_cull(cache, dir, filename);
791 return PTR_ERR(victim);
793 /* check to see if someone is using this object */
794 inode = d_inode(victim);
796 if (inode->i_flags & S_KERNEL_FILE) {
799 /* Stop the cache from picking it back up */
800 inode->i_flags |= S_KERNEL_FILE;
807 ret = cachefiles_bury_object(cache, NULL, dir, victim,
808 FSCACHE_OBJECT_WAS_CULLED);
812 fscache_count_culled();
818 inode_unlock(d_inode(dir));
822 return -ESTALE; /* Probably got retired by the netfs */
824 if (ret != -ENOMEM) {
825 pr_err("Internal error: %d\n", ret);
829 _leave(" = %d", ret);
834 * Find out if an object is in use or not
835 * - called only by cache manager daemon
836 * - returns -EBUSY or 0 to indicate whether an object is in use or not
838 int cachefiles_check_in_use(struct cachefiles_cache *cache, struct dentry *dir,
841 struct dentry *victim;
844 victim = cachefiles_lookup_for_cull(cache, dir, filename);
846 return PTR_ERR(victim);
848 inode_unlock(d_inode(dir));