LCOV - code coverage report
Current view: top level - fs - locks.c (source / functions) Hit Total Coverage
Test: combined.info Lines: 421 1200 35.1 %
Date: 2022-04-01 13:59:58 Functions: 35 79 44.3 %
Branches: 150 758 19.8 %

           Branch data     Line data    Source code
       1                 :            : // SPDX-License-Identifier: GPL-2.0-only
       2                 :            : /*
       3                 :            :  *  linux/fs/locks.c
       4                 :            :  *
       5                 :            :  *  Provide support for fcntl()'s F_GETLK, F_SETLK, and F_SETLKW calls.
       6                 :            :  *  Doug Evans (dje@spiff.uucp), August 07, 1992
       7                 :            :  *
       8                 :            :  *  Deadlock detection added.
       9                 :            :  *  FIXME: one thing isn't handled yet:
      10                 :            :  *      - mandatory locks (requires lots of changes elsewhere)
      11                 :            :  *  Kelly Carmichael (kelly@[142.24.8.65]), September 17, 1994.
      12                 :            :  *
      13                 :            :  *  Miscellaneous edits, and a total rewrite of posix_lock_file() code.
      14                 :            :  *  Kai Petzke (wpp@marie.physik.tu-berlin.de), 1994
      15                 :            :  *
      16                 :            :  *  Converted file_lock_table to a linked list from an array, which eliminates
      17                 :            :  *  the limits on how many active file locks are open.
      18                 :            :  *  Chad Page (pageone@netcom.com), November 27, 1994
      19                 :            :  *
      20                 :            :  *  Removed dependency on file descriptors. dup()'ed file descriptors now
      21                 :            :  *  get the same locks as the original file descriptors, and a close() on
      22                 :            :  *  any file descriptor removes ALL the locks on the file for the current
      23                 :            :  *  process. Since locks still depend on the process id, locks are inherited
      24                 :            :  *  after an exec() but not after a fork(). This agrees with POSIX, and both
      25                 :            :  *  BSD and SVR4 practice.
      26                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), February 14, 1995
      27                 :            :  *
      28                 :            :  *  Scrapped free list which is redundant now that we allocate locks
      29                 :            :  *  dynamically with kmalloc()/kfree().
      30                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), February 21, 1995
      31                 :            :  *
      32                 :            :  *  Implemented two lock personalities - FL_FLOCK and FL_POSIX.
      33                 :            :  *
      34                 :            :  *  FL_POSIX locks are created with calls to fcntl() and lockf() through the
      35                 :            :  *  fcntl() system call. They have the semantics described above.
      36                 :            :  *
      37                 :            :  *  FL_FLOCK locks are created with calls to flock(), through the flock()
      38                 :            :  *  system call, which is new. Old C libraries implement flock() via fcntl()
      39                 :            :  *  and will continue to use the old, broken implementation.
      40                 :            :  *
      41                 :            :  *  FL_FLOCK locks follow the 4.4 BSD flock() semantics. They are associated
      42                 :            :  *  with a file pointer (filp). As a result they can be shared by a parent
      43                 :            :  *  process and its children after a fork(). They are removed when the last
      44                 :            :  *  file descriptor referring to the file pointer is closed (unless explicitly
      45                 :            :  *  unlocked).
      46                 :            :  *
      47                 :            :  *  FL_FLOCK locks never deadlock, an existing lock is always removed before
      48                 :            :  *  upgrading from shared to exclusive (or vice versa). When this happens
      49                 :            :  *  any processes blocked by the current lock are woken up and allowed to
      50                 :            :  *  run before the new lock is applied.
      51                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), June 09, 1995
      52                 :            :  *
      53                 :            :  *  Removed some race conditions in flock_lock_file(), marked other possible
      54                 :            :  *  races. Just grep for FIXME to see them.
      55                 :            :  *  Dmitry Gorodchanin (pgmdsg@ibi.com), February 09, 1996.
      56                 :            :  *
      57                 :            :  *  Addressed Dmitry's concerns. Deadlock checking no longer recursive.
      58                 :            :  *  Lock allocation changed to GFP_ATOMIC as we can't afford to sleep
      59                 :            :  *  once we've checked for blocking and deadlocking.
      60                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), April 03, 1996.
      61                 :            :  *
      62                 :            :  *  Initial implementation of mandatory locks. SunOS turned out to be
      63                 :            :  *  a rotten model, so I implemented the "obvious" semantics.
      64                 :            :  *  See 'Documentation/filesystems/mandatory-locking.txt' for details.
      65                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), April 06, 1996.
      66                 :            :  *
      67                 :            :  *  Don't allow mandatory locks on mmap()'ed files. Added simple functions to
      68                 :            :  *  check if a file has mandatory locks, used by mmap(), open() and creat() to
      69                 :            :  *  see if system call should be rejected. Ref. HP-UX/SunOS/Solaris Reference
      70                 :            :  *  Manual, Section 2.
      71                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), April 09, 1996.
      72                 :            :  *
      73                 :            :  *  Tidied up block list handling. Added '/proc/locks' interface.
      74                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), April 24, 1996.
      75                 :            :  *
      76                 :            :  *  Fixed deadlock condition for pathological code that mixes calls to
      77                 :            :  *  flock() and fcntl().
      78                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), April 29, 1996.
      79                 :            :  *
      80                 :            :  *  Allow only one type of locking scheme (FL_POSIX or FL_FLOCK) to be in use
      81                 :            :  *  for a given file at a time. Changed the CONFIG_LOCK_MANDATORY scheme to
      82                 :            :  *  guarantee sensible behaviour in the case where file system modules might
      83                 :            :  *  be compiled with different options than the kernel itself.
      84                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), May 15, 1996.
      85                 :            :  *
      86                 :            :  *  Added a couple of missing wake_up() calls. Thanks to Thomas Meckel
      87                 :            :  *  (Thomas.Meckel@mni.fh-giessen.de) for spotting this.
      88                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), May 15, 1996.
      89                 :            :  *
      90                 :            :  *  Changed FL_POSIX locks to use the block list in the same way as FL_FLOCK
      91                 :            :  *  locks. Changed process synchronisation to avoid dereferencing locks that
      92                 :            :  *  have already been freed.
      93                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), Sep 21, 1996.
      94                 :            :  *
      95                 :            :  *  Made the block list a circular list to minimise searching in the list.
      96                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), Sep 25, 1996.
      97                 :            :  *
      98                 :            :  *  Made mandatory locking a mount option. Default is not to allow mandatory
      99                 :            :  *  locking.
     100                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), Oct 04, 1996.
     101                 :            :  *
     102                 :            :  *  Some adaptations for NFS support.
     103                 :            :  *  Olaf Kirch (okir@monad.swb.de), Dec 1996,
     104                 :            :  *
     105                 :            :  *  Fixed /proc/locks interface so that we can't overrun the buffer we are handed.
     106                 :            :  *  Andy Walker (andy@lysaker.kvaerner.no), May 12, 1997.
     107                 :            :  *
     108                 :            :  *  Use slab allocator instead of kmalloc/kfree.
     109                 :            :  *  Use generic list implementation from <linux/list.h>.
     110                 :            :  *  Sped up posix_locks_deadlock by only considering blocked locks.
     111                 :            :  *  Matthew Wilcox <willy@debian.org>, March, 2000.
     112                 :            :  *
     113                 :            :  *  Leases and LOCK_MAND
     114                 :            :  *  Matthew Wilcox <willy@debian.org>, June, 2000.
     115                 :            :  *  Stephen Rothwell <sfr@canb.auug.org.au>, June, 2000.
     116                 :            :  *
     117                 :            :  * Locking conflicts and dependencies:
     118                 :            :  * If multiple threads attempt to lock the same byte (or flock the same file)
     119                 :            :  * only one can be granted the lock, and other must wait their turn.
     120                 :            :  * The first lock has been "applied" or "granted", the others are "waiting"
     121                 :            :  * and are "blocked" by the "applied" lock..
     122                 :            :  *
     123                 :            :  * Waiting and applied locks are all kept in trees whose properties are:
     124                 :            :  *
     125                 :            :  *      - the root of a tree may be an applied or waiting lock.
     126                 :            :  *      - every other node in the tree is a waiting lock that
     127                 :            :  *        conflicts with every ancestor of that node.
     128                 :            :  *
     129                 :            :  * Every such tree begins life as a waiting singleton which obviously
     130                 :            :  * satisfies the above properties.
     131                 :            :  *
     132                 :            :  * The only ways we modify trees preserve these properties:
     133                 :            :  *
     134                 :            :  *      1. We may add a new leaf node, but only after first verifying that it
     135                 :            :  *         conflicts with all of its ancestors.
     136                 :            :  *      2. We may remove the root of a tree, creating a new singleton
     137                 :            :  *         tree from the root and N new trees rooted in the immediate
     138                 :            :  *         children.
     139                 :            :  *      3. If the root of a tree is not currently an applied lock, we may
     140                 :            :  *         apply it (if possible).
     141                 :            :  *      4. We may upgrade the root of the tree (either extend its range,
     142                 :            :  *         or upgrade its entire range from read to write).
     143                 :            :  *
     144                 :            :  * When an applied lock is modified in a way that reduces or downgrades any
     145                 :            :  * part of its range, we remove all its children (2 above).  This particularly
     146                 :            :  * happens when a lock is unlocked.
     147                 :            :  *
     148                 :            :  * For each of those child trees we "wake up" the thread which is
     149                 :            :  * waiting for the lock so it can continue handling as follows: if the
     150                 :            :  * root of the tree applies, we do so (3).  If it doesn't, it must
     151                 :            :  * conflict with some applied lock.  We remove (wake up) all of its children
     152                 :            :  * (2), and add it is a new leaf to the tree rooted in the applied
     153                 :            :  * lock (1).  We then repeat the process recursively with those
     154                 :            :  * children.
     155                 :            :  *
     156                 :            :  */
     157                 :            : 
     158                 :            : #include <linux/capability.h>
     159                 :            : #include <linux/file.h>
     160                 :            : #include <linux/fdtable.h>
     161                 :            : #include <linux/fs.h>
     162                 :            : #include <linux/init.h>
     163                 :            : #include <linux/security.h>
     164                 :            : #include <linux/slab.h>
     165                 :            : #include <linux/syscalls.h>
     166                 :            : #include <linux/time.h>
     167                 :            : #include <linux/rcupdate.h>
     168                 :            : #include <linux/pid_namespace.h>
     169                 :            : #include <linux/hashtable.h>
     170                 :            : #include <linux/percpu.h>
     171                 :            : 
     172                 :            : #define CREATE_TRACE_POINTS
     173                 :            : #include <trace/events/filelock.h>
     174                 :            : 
     175                 :            : #include <linux/uaccess.h>
     176                 :            : 
     177                 :            : #define IS_POSIX(fl)    (fl->fl_flags & FL_POSIX)
     178                 :            : #define IS_FLOCK(fl)    (fl->fl_flags & FL_FLOCK)
     179                 :            : #define IS_LEASE(fl)    (fl->fl_flags & (FL_LEASE|FL_DELEG|FL_LAYOUT))
     180                 :            : #define IS_OFDLCK(fl)   (fl->fl_flags & FL_OFDLCK)
     181                 :            : #define IS_REMOTELCK(fl)        (fl->fl_pid <= 0)
     182                 :            : 
     183                 :          0 : static bool lease_breaking(struct file_lock *fl)
     184                 :            : {
     185                 :          0 :         return fl->fl_flags & (FL_UNLOCK_PENDING | FL_DOWNGRADE_PENDING);
     186                 :            : }
     187                 :            : 
     188                 :          0 : static int target_leasetype(struct file_lock *fl)
     189                 :            : {
     190         [ #  # ]:          0 :         if (fl->fl_flags & FL_UNLOCK_PENDING)
     191                 :            :                 return F_UNLCK;
     192   [ #  #  #  # ]:          0 :         if (fl->fl_flags & FL_DOWNGRADE_PENDING)
     193                 :            :                 return F_RDLCK;
     194                 :          0 :         return fl->fl_type;
     195                 :            : }
     196                 :            : 
     197                 :            : int leases_enable = 1;
     198                 :            : int lease_break_time = 45;
     199                 :            : 
     200                 :            : /*
     201                 :            :  * The global file_lock_list is only used for displaying /proc/locks, so we
     202                 :            :  * keep a list on each CPU, with each list protected by its own spinlock.
     203                 :            :  * Global serialization is done using file_rwsem.
     204                 :            :  *
     205                 :            :  * Note that alterations to the list also require that the relevant flc_lock is
     206                 :            :  * held.
     207                 :            :  */
     208                 :            : struct file_lock_list_struct {
     209                 :            :         spinlock_t              lock;
     210                 :            :         struct hlist_head       hlist;
     211                 :            : };
     212                 :            : static DEFINE_PER_CPU(struct file_lock_list_struct, file_lock_list);
     213                 :            : DEFINE_STATIC_PERCPU_RWSEM(file_rwsem);
     214                 :            : 
     215                 :            : 
     216                 :            : /*
     217                 :            :  * The blocked_hash is used to find POSIX lock loops for deadlock detection.
     218                 :            :  * It is protected by blocked_lock_lock.
     219                 :            :  *
     220                 :            :  * We hash locks by lockowner in order to optimize searching for the lock a
     221                 :            :  * particular lockowner is waiting on.
     222                 :            :  *
     223                 :            :  * FIXME: make this value scale via some heuristic? We generally will want more
     224                 :            :  * buckets when we have more lockowners holding locks, but that's a little
     225                 :            :  * difficult to determine without knowing what the workload will look like.
     226                 :            :  */
     227                 :            : #define BLOCKED_HASH_BITS       7
     228                 :            : static DEFINE_HASHTABLE(blocked_hash, BLOCKED_HASH_BITS);
     229                 :            : 
     230                 :            : /*
     231                 :            :  * This lock protects the blocked_hash. Generally, if you're accessing it, you
     232                 :            :  * want to be holding this lock.
     233                 :            :  *
     234                 :            :  * In addition, it also protects the fl->fl_blocked_requests list, and the
     235                 :            :  * fl->fl_blocker pointer for file_lock structures that are acting as lock
     236                 :            :  * requests (in contrast to those that are acting as records of acquired locks).
     237                 :            :  *
     238                 :            :  * Note that when we acquire this lock in order to change the above fields,
     239                 :            :  * we often hold the flc_lock as well. In certain cases, when reading the fields
     240                 :            :  * protected by this lock, we can skip acquiring it iff we already hold the
     241                 :            :  * flc_lock.
     242                 :            :  */
     243                 :            : static DEFINE_SPINLOCK(blocked_lock_lock);
     244                 :            : 
     245                 :            : static struct kmem_cache *flctx_cache __read_mostly;
     246                 :            : static struct kmem_cache *filelock_cache __read_mostly;
     247                 :            : 
     248                 :            : static struct file_lock_context *
     249                 :       4290 : locks_get_lock_context(struct inode *inode, int type)
     250                 :            : {
     251                 :       4290 :         struct file_lock_context *ctx;
     252                 :            : 
     253                 :            :         /* paired with cmpxchg() below */
     254                 :       4290 :         ctx = smp_load_acquire(&inode->i_flctx);
     255   [ +  +  -  + ]:       4290 :         if (likely(ctx) || type == F_UNLCK)
     256                 :       2886 :                 goto out;
     257                 :            : 
     258                 :       1404 :         ctx = kmem_cache_alloc(flctx_cache, GFP_KERNEL);
     259         [ -  + ]:       1404 :         if (!ctx)
     260                 :          0 :                 goto out;
     261                 :            : 
     262                 :       1404 :         spin_lock_init(&ctx->flc_lock);
     263                 :       1404 :         INIT_LIST_HEAD(&ctx->flc_flock);
     264                 :       1404 :         INIT_LIST_HEAD(&ctx->flc_posix);
     265                 :       1404 :         INIT_LIST_HEAD(&ctx->flc_lease);
     266                 :            : 
     267                 :            :         /*
     268                 :            :          * Assign the pointer if it's not already assigned. If it is, then
     269                 :            :          * free the context we just allocated.
     270                 :            :          */
     271         [ +  - ]:       1404 :         if (cmpxchg(&inode->i_flctx, NULL, ctx)) {
     272                 :          0 :                 kmem_cache_free(flctx_cache, ctx);
     273                 :          0 :                 ctx = smp_load_acquire(&inode->i_flctx);
     274                 :            :         }
     275                 :       1404 : out:
     276                 :       4290 :         trace_locks_get_lock_context(inode, type, ctx);
     277                 :       4290 :         return ctx;
     278                 :            : }
     279                 :            : 
     280                 :            : static void
     281                 :          0 : locks_dump_ctx_list(struct list_head *list, char *list_type)
     282                 :            : {
     283                 :          0 :         struct file_lock *fl;
     284                 :            : 
     285         [ #  # ]:          0 :         list_for_each_entry(fl, list, fl_list) {
     286                 :          0 :                 pr_warn("%s: fl_owner=%p fl_flags=0x%x fl_type=0x%x fl_pid=%u\n", list_type, fl->fl_owner, fl->fl_flags, fl->fl_type, fl->fl_pid);
     287                 :            :         }
     288                 :          0 : }
     289                 :            : 
     290                 :            : static void
     291                 :        156 : locks_check_ctx_lists(struct inode *inode)
     292                 :            : {
     293                 :        156 :         struct file_lock_context *ctx = inode->i_flctx;
     294                 :            : 
     295   [ +  -  +  -  :        156 :         if (unlikely(!list_empty(&ctx->flc_flock) ||
                   -  + ]
     296                 :            :                      !list_empty(&ctx->flc_posix) ||
     297                 :            :                      !list_empty(&ctx->flc_lease))) {
     298                 :          0 :                 pr_warn("Leaked locks on dev=0x%x:0x%x ino=0x%lx:\n",
     299                 :            :                         MAJOR(inode->i_sb->s_dev), MINOR(inode->i_sb->s_dev),
     300                 :            :                         inode->i_ino);
     301                 :          0 :                 locks_dump_ctx_list(&ctx->flc_flock, "FLOCK");
     302                 :          0 :                 locks_dump_ctx_list(&ctx->flc_posix, "POSIX");
     303                 :          0 :                 locks_dump_ctx_list(&ctx->flc_lease, "LEASE");
     304                 :            :         }
     305                 :        156 : }
     306                 :            : 
     307                 :            : static void
     308                 :       7722 : locks_check_ctx_file_list(struct file *filp, struct list_head *list,
     309                 :            :                                 char *list_type)
     310                 :            : {
     311                 :       7722 :         struct file_lock *fl;
     312                 :       7722 :         struct inode *inode = locks_inode(filp);
     313                 :            : 
     314         [ +  + ]:       8814 :         list_for_each_entry(fl, list, fl_list)
     315         [ -  + ]:       1092 :                 if (fl->fl_file == filp)
     316                 :          0 :                         pr_warn("Leaked %s lock on dev=0x%x:0x%x ino=0x%lx "
     317                 :            :                                 " fl_owner=%p fl_flags=0x%x fl_type=0x%x fl_pid=%u\n",
     318                 :            :                                 list_type, MAJOR(inode->i_sb->s_dev),
     319                 :            :                                 MINOR(inode->i_sb->s_dev), inode->i_ino,
     320                 :            :                                 fl->fl_owner, fl->fl_flags, fl->fl_type, fl->fl_pid);
     321                 :       7722 : }
     322                 :            : 
     323                 :            : void
     324                 :     142609 : locks_free_lock_context(struct inode *inode)
     325                 :            : {
     326                 :     142609 :         struct file_lock_context *ctx = inode->i_flctx;
     327                 :            : 
     328         [ +  + ]:     142609 :         if (unlikely(ctx)) {
     329                 :        156 :                 locks_check_ctx_lists(inode);
     330                 :        156 :                 kmem_cache_free(flctx_cache, ctx);
     331                 :            :         }
     332                 :     142609 : }
     333                 :            : 
     334                 :       6318 : static void locks_init_lock_heads(struct file_lock *fl)
     335                 :            : {
     336                 :       6318 :         INIT_HLIST_NODE(&fl->fl_link);
     337                 :       6318 :         INIT_LIST_HEAD(&fl->fl_list);
     338                 :       6318 :         INIT_LIST_HEAD(&fl->fl_blocked_requests);
     339                 :       6318 :         INIT_LIST_HEAD(&fl->fl_blocked_member);
     340                 :       6318 :         init_waitqueue_head(&fl->fl_wait);
     341                 :       3588 : }
     342                 :            : 
     343                 :            : /* Allocate an empty lock structure. */
     344                 :       3588 : struct file_lock *locks_alloc_lock(void)
     345                 :            : {
     346                 :       3588 :         struct file_lock *fl = kmem_cache_zalloc(filelock_cache, GFP_KERNEL);
     347                 :            : 
     348         [ +  - ]:       3588 :         if (fl)
     349                 :       3588 :                 locks_init_lock_heads(fl);
     350                 :            : 
     351                 :       3588 :         return fl;
     352                 :            : }
     353                 :            : EXPORT_SYMBOL_GPL(locks_alloc_lock);
     354                 :            : 
     355                 :       3510 : void locks_release_private(struct file_lock *fl)
     356                 :            : {
     357         [ -  + ]:       3510 :         BUG_ON(waitqueue_active(&fl->fl_wait));
     358         [ -  + ]:       3510 :         BUG_ON(!list_empty(&fl->fl_list));
     359         [ -  + ]:       3510 :         BUG_ON(!list_empty(&fl->fl_blocked_requests));
     360         [ -  + ]:       3510 :         BUG_ON(!list_empty(&fl->fl_blocked_member));
     361         [ -  + ]:       3510 :         BUG_ON(!hlist_unhashed(&fl->fl_link));
     362                 :            : 
     363         [ -  + ]:       3510 :         if (fl->fl_ops) {
     364         [ #  # ]:          0 :                 if (fl->fl_ops->fl_release_private)
     365                 :          0 :                         fl->fl_ops->fl_release_private(fl);
     366                 :          0 :                 fl->fl_ops = NULL;
     367                 :            :         }
     368                 :            : 
     369         [ -  + ]:       3510 :         if (fl->fl_lmops) {
     370         [ #  # ]:          0 :                 if (fl->fl_lmops->lm_put_owner) {
     371                 :          0 :                         fl->fl_lmops->lm_put_owner(fl->fl_owner);
     372                 :          0 :                         fl->fl_owner = NULL;
     373                 :            :                 }
     374                 :          0 :                 fl->fl_lmops = NULL;
     375                 :            :         }
     376                 :       3510 : }
     377                 :            : EXPORT_SYMBOL_GPL(locks_release_private);
     378                 :            : 
     379                 :            : /* Free a lock which is not in use. */
     380                 :       3510 : void locks_free_lock(struct file_lock *fl)
     381                 :            : {
     382                 :          0 :         locks_release_private(fl);
     383                 :       2886 :         kmem_cache_free(filelock_cache, fl);
     384                 :       2886 : }
     385                 :            : EXPORT_SYMBOL(locks_free_lock);
     386                 :            : 
     387                 :            : static void
     388                 :       4290 : locks_dispose_list(struct list_head *dispose)
     389                 :            : {
     390                 :       4290 :         struct file_lock *fl;
     391                 :            : 
     392         [ +  + ]:       5694 :         while (!list_empty(dispose)) {
     393                 :       1404 :                 fl = list_first_entry(dispose, struct file_lock, fl_list);
     394                 :       1404 :                 list_del_init(&fl->fl_list);
     395                 :       1404 :                 locks_free_lock(fl);
     396                 :            :         }
     397                 :       4290 : }
     398                 :            : 
     399                 :       2730 : void locks_init_lock(struct file_lock *fl)
     400                 :            : {
     401                 :       2730 :         memset(fl, 0, sizeof(struct file_lock));
     402                 :       2730 :         locks_init_lock_heads(fl);
     403                 :       2730 : }
     404                 :            : EXPORT_SYMBOL(locks_init_lock);
     405                 :            : 
     406                 :            : /*
     407                 :            :  * Initialize a new lock from an existing file_lock structure.
     408                 :            :  */
     409                 :       1482 : void locks_copy_conflock(struct file_lock *new, struct file_lock *fl)
     410                 :            : {
     411                 :       1482 :         new->fl_owner = fl->fl_owner;
     412                 :       1482 :         new->fl_pid = fl->fl_pid;
     413                 :       1482 :         new->fl_file = NULL;
     414                 :       1482 :         new->fl_flags = fl->fl_flags;
     415                 :       1482 :         new->fl_type = fl->fl_type;
     416                 :       1482 :         new->fl_start = fl->fl_start;
     417                 :       1482 :         new->fl_end = fl->fl_end;
     418                 :       1482 :         new->fl_lmops = fl->fl_lmops;
     419                 :       1482 :         new->fl_ops = NULL;
     420                 :            : 
     421         [ -  + ]:       1482 :         if (fl->fl_lmops) {
     422         [ #  # ]:          0 :                 if (fl->fl_lmops->lm_get_owner)
     423                 :          0 :                         fl->fl_lmops->lm_get_owner(fl->fl_owner);
     424                 :            :         }
     425                 :       1482 : }
     426                 :            : EXPORT_SYMBOL(locks_copy_conflock);
     427                 :            : 
     428                 :       1482 : void locks_copy_lock(struct file_lock *new, struct file_lock *fl)
     429                 :            : {
     430                 :            :         /* "new" must be a freshly-initialized lock */
     431         [ -  + ]:       1482 :         WARN_ON_ONCE(new->fl_ops);
     432                 :            : 
     433                 :       1482 :         locks_copy_conflock(new, fl);
     434                 :            : 
     435                 :       1482 :         new->fl_file = fl->fl_file;
     436                 :       1482 :         new->fl_ops = fl->fl_ops;
     437                 :            : 
     438         [ -  + ]:       1482 :         if (fl->fl_ops) {
     439         [ #  # ]:          0 :                 if (fl->fl_ops->fl_copy_lock)
     440                 :          0 :                         fl->fl_ops->fl_copy_lock(new, fl);
     441                 :            :         }
     442                 :       1482 : }
     443                 :            : EXPORT_SYMBOL(locks_copy_lock);
     444                 :            : 
     445                 :       1482 : static void locks_move_blocks(struct file_lock *new, struct file_lock *fl)
     446                 :            : {
     447                 :       1482 :         struct file_lock *f;
     448                 :            : 
     449                 :            :         /*
     450                 :            :          * As ctx->flc_lock is held, new requests cannot be added to
     451                 :            :          * ->fl_blocked_requests, so we don't need a lock to check if it
     452                 :            :          * is empty.
     453                 :            :          */
     454         [ -  + ]:       1482 :         if (list_empty(&fl->fl_blocked_requests))
     455                 :            :                 return;
     456                 :          0 :         spin_lock(&blocked_lock_lock);
     457         [ #  # ]:          0 :         list_splice_init(&fl->fl_blocked_requests, &new->fl_blocked_requests);
     458         [ #  # ]:          0 :         list_for_each_entry(f, &new->fl_blocked_requests, fl_blocked_member)
     459                 :          0 :                 f->fl_blocker = new;
     460                 :          0 :         spin_unlock(&blocked_lock_lock);
     461                 :            : }
     462                 :            : 
     463                 :       2886 : static inline int flock_translate_cmd(int cmd) {
     464                 :       2886 :         if (cmd & LOCK_MAND)
     465                 :          0 :                 return cmd & (LOCK_MAND | LOCK_RW);
     466         [ +  - ]:       2886 :         switch (cmd) {
     467                 :            :         case LOCK_SH:
     468                 :            :                 return F_RDLCK;
     469                 :            :         case LOCK_EX:
     470                 :            :                 return F_WRLCK;
     471                 :            :         case LOCK_UN:
     472                 :            :                 return F_UNLCK;
     473                 :            :         }
     474                 :            :         return -EINVAL;
     475                 :            : }
     476                 :            : 
     477                 :            : /* Fill in a file_lock structure with an appropriate FLOCK lock. */
     478                 :            : static struct file_lock *
     479                 :       2886 : flock_make_lock(struct file *filp, unsigned int cmd, struct file_lock *fl)
     480                 :            : {
     481         [ -  + ]:       2886 :         int type = flock_translate_cmd(cmd);
     482                 :            : 
     483         [ -  + ]:       2886 :         if (type < 0)
     484                 :          0 :                 return ERR_PTR(type);
     485                 :            : 
     486         [ +  + ]:       2886 :         if (fl == NULL) {
     487                 :        936 :                 fl = locks_alloc_lock();
     488         [ +  - ]:        936 :                 if (fl == NULL)
     489                 :            :                         return ERR_PTR(-ENOMEM);
     490                 :            :         } else {
     491                 :       1950 :                 locks_init_lock(fl);
     492                 :            :         }
     493                 :            : 
     494                 :       2886 :         fl->fl_file = filp;
     495                 :       2886 :         fl->fl_owner = filp;
     496                 :       2886 :         fl->fl_pid = current->tgid;
     497                 :       2886 :         fl->fl_flags = FL_FLOCK;
     498                 :       2886 :         fl->fl_type = type;
     499                 :       2886 :         fl->fl_end = OFFSET_MAX;
     500                 :            : 
     501                 :       2886 :         return fl;
     502                 :            : }
     503                 :            : 
     504                 :        624 : static int assign_type(struct file_lock *fl, long type)
     505                 :            : {
     506                 :        624 :         switch (type) {
     507                 :        624 :         case F_RDLCK:
     508                 :            :         case F_WRLCK:
     509                 :            :         case F_UNLCK:
     510                 :        624 :                 fl->fl_type = type;
     511                 :        624 :                 break;
     512                 :            :         default:
     513                 :            :                 return -EINVAL;
     514                 :            :         }
     515                 :        624 :         return 0;
     516                 :            : }
     517                 :            : 
     518                 :        624 : static int flock64_to_posix_lock(struct file *filp, struct file_lock *fl,
     519                 :            :                                  struct flock64 *l)
     520                 :            : {
     521   [ +  -  -  - ]:        624 :         switch (l->l_whence) {
     522                 :        624 :         case SEEK_SET:
     523                 :        624 :                 fl->fl_start = 0;
     524                 :        624 :                 break;
     525                 :          0 :         case SEEK_CUR:
     526                 :          0 :                 fl->fl_start = filp->f_pos;
     527                 :          0 :                 break;
     528                 :          0 :         case SEEK_END:
     529                 :          0 :                 fl->fl_start = i_size_read(file_inode(filp));
     530                 :          0 :                 break;
     531                 :            :         default:
     532                 :            :                 return -EINVAL;
     533                 :            :         }
     534         [ +  - ]:        624 :         if (l->l_start > OFFSET_MAX - fl->fl_start)
     535                 :            :                 return -EOVERFLOW;
     536                 :        624 :         fl->fl_start += l->l_start;
     537         [ +  - ]:        624 :         if (fl->fl_start < 0)
     538                 :            :                 return -EINVAL;
     539                 :            : 
     540                 :            :         /* POSIX-1996 leaves the case l->l_len < 0 undefined;
     541                 :            :            POSIX-2001 defines it. */
     542         [ -  + ]:        624 :         if (l->l_len > 0) {
     543         [ #  # ]:          0 :                 if (l->l_len - 1 > OFFSET_MAX - fl->fl_start)
     544                 :            :                         return -EOVERFLOW;
     545                 :          0 :                 fl->fl_end = fl->fl_start + l->l_len - 1;
     546                 :            : 
     547         [ -  + ]:        624 :         } else if (l->l_len < 0) {
     548         [ #  # ]:          0 :                 if (fl->fl_start + l->l_len < 0)
     549                 :            :                         return -EINVAL;
     550                 :          0 :                 fl->fl_end = fl->fl_start - 1;
     551                 :          0 :                 fl->fl_start += l->l_len;
     552                 :            :         } else
     553                 :        624 :                 fl->fl_end = OFFSET_MAX;
     554                 :            : 
     555         [ +  - ]:        624 :         fl->fl_owner = current->files;
     556                 :        624 :         fl->fl_pid = current->tgid;
     557                 :        624 :         fl->fl_file = filp;
     558                 :        624 :         fl->fl_flags = FL_POSIX;
     559                 :        624 :         fl->fl_ops = NULL;
     560                 :        624 :         fl->fl_lmops = NULL;
     561                 :            : 
     562         [ +  - ]:        624 :         return assign_type(fl, l->l_type);
     563                 :            : }
     564                 :            : 
     565                 :            : /* Verify a "struct flock" and copy it to a "struct file_lock" as a POSIX
     566                 :            :  * style lock.
     567                 :            :  */
     568                 :        624 : static int flock_to_posix_lock(struct file *filp, struct file_lock *fl,
     569                 :            :                                struct flock *l)
     570                 :            : {
     571                 :        624 :         struct flock64 ll = {
     572                 :        624 :                 .l_type = l->l_type,
     573                 :        624 :                 .l_whence = l->l_whence,
     574                 :        624 :                 .l_start = l->l_start,
     575                 :        624 :                 .l_len = l->l_len,
     576                 :            :         };
     577                 :            : 
     578                 :        624 :         return flock64_to_posix_lock(filp, fl, &ll);
     579                 :            : }
     580                 :            : 
     581                 :            : /* default lease lock manager operations */
     582                 :            : static bool
     583                 :          0 : lease_break_callback(struct file_lock *fl)
     584                 :            : {
     585                 :          0 :         kill_fasync(&fl->fl_fasync, SIGIO, POLL_MSG);
     586                 :          0 :         return false;
     587                 :            : }
     588                 :            : 
     589                 :            : static void
     590                 :          0 : lease_setup(struct file_lock *fl, void **priv)
     591                 :            : {
     592                 :          0 :         struct file *filp = fl->fl_file;
     593                 :          0 :         struct fasync_struct *fa = *priv;
     594                 :            : 
     595                 :            :         /*
     596                 :            :          * fasync_insert_entry() returns the old entry if any. If there was no
     597                 :            :          * old entry, then it used "priv" and inserted it into the fasync list.
     598                 :            :          * Clear the pointer to indicate that it shouldn't be freed.
     599                 :            :          */
     600         [ #  # ]:          0 :         if (!fasync_insert_entry(fa->fa_fd, filp, &fl->fl_fasync, fa))
     601                 :          0 :                 *priv = NULL;
     602                 :            : 
     603                 :          0 :         __f_setown(filp, task_pid(current), PIDTYPE_TGID, 0);
     604                 :          0 : }
     605                 :            : 
     606                 :            : static const struct lock_manager_operations lease_manager_ops = {
     607                 :            :         .lm_break = lease_break_callback,
     608                 :            :         .lm_change = lease_modify,
     609                 :            :         .lm_setup = lease_setup,
     610                 :            : };
     611                 :            : 
     612                 :            : /*
     613                 :            :  * Initialize a lease, use the default lock manager operations
     614                 :            :  */
     615                 :          0 : static int lease_init(struct file *filp, long type, struct file_lock *fl)
     616                 :            : {
     617                 :          0 :         if (assign_type(fl, type) != 0)
     618                 :            :                 return -EINVAL;
     619                 :            : 
     620                 :          0 :         fl->fl_owner = filp;
     621                 :          0 :         fl->fl_pid = current->tgid;
     622                 :            : 
     623                 :          0 :         fl->fl_file = filp;
     624                 :          0 :         fl->fl_flags = FL_LEASE;
     625                 :          0 :         fl->fl_start = 0;
     626                 :          0 :         fl->fl_end = OFFSET_MAX;
     627                 :          0 :         fl->fl_ops = NULL;
     628                 :          0 :         fl->fl_lmops = &lease_manager_ops;
     629                 :          0 :         return 0;
     630                 :            : }
     631                 :            : 
     632                 :            : /* Allocate a file_lock initialised to this type of lease */
     633                 :          0 : static struct file_lock *lease_alloc(struct file *filp, long type)
     634                 :            : {
     635                 :          0 :         struct file_lock *fl = locks_alloc_lock();
     636                 :          0 :         int error = -ENOMEM;
     637                 :            : 
     638         [ #  # ]:          0 :         if (fl == NULL)
     639                 :            :                 return ERR_PTR(error);
     640                 :            : 
     641         [ #  # ]:          0 :         error = lease_init(filp, type, fl);
     642                 :          0 :         if (error) {
     643                 :          0 :                 locks_free_lock(fl);
     644                 :          0 :                 return ERR_PTR(error);
     645                 :            :         }
     646                 :            :         return fl;
     647                 :            : }
     648                 :            : 
     649                 :            : /* Check if two locks overlap each other.
     650                 :            :  */
     651                 :          0 : static inline int locks_overlap(struct file_lock *fl1, struct file_lock *fl2)
     652                 :            : {
     653                 :          0 :         return ((fl1->fl_end >= fl2->fl_start) &&
     654   [ #  #  #  #  :          0 :                 (fl2->fl_end >= fl1->fl_start));
                   #  # ]
     655                 :            : }
     656                 :            : 
     657                 :            : /*
     658                 :            :  * Check whether two locks have the same owner.
     659                 :            :  */
     660                 :       1404 : static int posix_same_owner(struct file_lock *fl1, struct file_lock *fl2)
     661                 :            : {
     662                 :       1404 :         return fl1->fl_owner == fl2->fl_owner;
     663                 :            : }
     664                 :            : 
     665                 :            : /* Must be called with the flc_lock held! */
     666                 :       1482 : static void locks_insert_global_locks(struct file_lock *fl)
     667                 :            : {
     668                 :       1482 :         struct file_lock_list_struct *fll = this_cpu_ptr(&file_lock_list);
     669                 :            : 
     670                 :       1482 :         percpu_rwsem_assert_held(&file_rwsem);
     671                 :            : 
     672                 :       1482 :         spin_lock(&fll->lock);
     673         [ +  + ]:       1482 :         fl->fl_link_cpu = smp_processor_id();
     674         [ +  + ]:       1482 :         hlist_add_head(&fl->fl_link, &fll->hlist);
     675                 :       1482 :         spin_unlock(&fll->lock);
     676                 :       1482 : }
     677                 :            : 
     678                 :            : /* Must be called with the flc_lock held! */
     679                 :       1404 : static void locks_delete_global_locks(struct file_lock *fl)
     680                 :            : {
     681                 :       1404 :         struct file_lock_list_struct *fll;
     682                 :            : 
     683                 :       1404 :         percpu_rwsem_assert_held(&file_rwsem);
     684                 :            : 
     685                 :            :         /*
     686                 :            :          * Avoid taking lock if already unhashed. This is safe since this check
     687                 :            :          * is done while holding the flc_lock, and new insertions into the list
     688                 :            :          * also require that it be held.
     689                 :            :          */
     690         [ +  - ]:       1404 :         if (hlist_unhashed(&fl->fl_link))
     691                 :            :                 return;
     692                 :            : 
     693                 :       1404 :         fll = per_cpu_ptr(&file_lock_list, fl->fl_link_cpu);
     694                 :       1404 :         spin_lock(&fll->lock);
     695         [ +  - ]:       1404 :         hlist_del_init(&fl->fl_link);
     696                 :       1404 :         spin_unlock(&fll->lock);
     697                 :            : }
     698                 :            : 
     699                 :            : static unsigned long
     700                 :          0 : posix_owner_key(struct file_lock *fl)
     701                 :            : {
     702                 :          0 :         return (unsigned long)fl->fl_owner;
     703                 :            : }
     704                 :            : 
     705                 :          0 : static void locks_insert_global_blocked(struct file_lock *waiter)
     706                 :            : {
     707                 :          0 :         lockdep_assert_held(&blocked_lock_lock);
     708                 :            : 
     709                 :          0 :         hash_add(blocked_hash, &waiter->fl_link, posix_owner_key(waiter));
     710                 :          0 : }
     711                 :            : 
     712                 :          0 : static void locks_delete_global_blocked(struct file_lock *waiter)
     713                 :            : {
     714                 :          0 :         lockdep_assert_held(&blocked_lock_lock);
     715                 :            : 
     716                 :          0 :         hash_del(&waiter->fl_link);
     717                 :            : }
     718                 :            : 
     719                 :            : /* Remove waiter from blocker's block list.
     720                 :            :  * When blocker ends up pointing to itself then the list is empty.
     721                 :            :  *
     722                 :            :  * Must be called with blocked_lock_lock held.
     723                 :            :  */
     724                 :          0 : static void __locks_delete_block(struct file_lock *waiter)
     725                 :            : {
     726                 :          0 :         locks_delete_global_blocked(waiter);
     727         [ #  # ]:          0 :         list_del_init(&waiter->fl_blocked_member);
     728                 :            : }
     729                 :            : 
     730                 :          0 : static void __locks_wake_up_blocks(struct file_lock *blocker)
     731                 :            : {
     732                 :          0 :         while (!list_empty(&blocker->fl_blocked_requests)) {
     733                 :          0 :                 struct file_lock *waiter;
     734                 :            : 
     735                 :          0 :                 waiter = list_first_entry(&blocker->fl_blocked_requests,
     736                 :            :                                           struct file_lock, fl_blocked_member);
     737         [ #  # ]:          0 :                 __locks_delete_block(waiter);
     738   [ #  #  #  # ]:          0 :                 if (waiter->fl_lmops && waiter->fl_lmops->lm_notify)
     739                 :          0 :                         waiter->fl_lmops->lm_notify(waiter);
     740                 :            :                 else
     741                 :          0 :                         wake_up(&waiter->fl_wait);
     742                 :            : 
     743                 :            :                 /*
     744                 :            :                  * The setting of fl_blocker to NULL marks the "done"
     745                 :            :                  * point in deleting a block. Paired with acquire at the top
     746                 :            :                  * of locks_delete_block().
     747                 :            :                  */
     748         [ #  # ]:          0 :                 smp_store_release(&waiter->fl_blocker, NULL);
     749                 :            :         }
     750                 :          0 : }
     751                 :            : 
     752                 :            : /**
     753                 :            :  *      locks_delete_lock - stop waiting for a file lock
     754                 :            :  *      @waiter: the lock which was waiting
     755                 :            :  *
     756                 :            :  *      lockd/nfsd need to disconnect the lock while working on it.
     757                 :            :  */
     758                 :       1560 : int locks_delete_block(struct file_lock *waiter)
     759                 :            : {
     760                 :       1560 :         int status = -ENOENT;
     761                 :            : 
     762                 :            :         /*
     763                 :            :          * If fl_blocker is NULL, it won't be set again as this thread "owns"
     764                 :            :          * the lock and is the only one that might try to claim the lock.
     765                 :            :          *
     766                 :            :          * We use acquire/release to manage fl_blocker so that we can
     767                 :            :          * optimize away taking the blocked_lock_lock in many cases.
     768                 :            :          *
     769                 :            :          * The smp_load_acquire guarantees two things:
     770                 :            :          *
     771                 :            :          * 1/ that fl_blocked_requests can be tested locklessly. If something
     772                 :            :          * was recently added to that list it must have been in a locked region
     773                 :            :          * *before* the locked region when fl_blocker was set to NULL.
     774                 :            :          *
     775                 :            :          * 2/ that no other thread is accessing 'waiter', so it is safe to free
     776                 :            :          * it.  __locks_wake_up_blocks is careful not to touch waiter after
     777                 :            :          * fl_blocker is released.
     778                 :            :          *
     779                 :            :          * If a lockless check of fl_blocker shows it to be NULL, we know that
     780                 :            :          * no new locks can be inserted into its fl_blocked_requests list, and
     781                 :            :          * can avoid doing anything further if the list is empty.
     782                 :            :          */
     783   [ +  -  -  + ]:       1560 :         if (!smp_load_acquire(&waiter->fl_blocker) &&
     784         [ -  + ]:       1560 :             list_empty(&waiter->fl_blocked_requests))
     785                 :            :                 return status;
     786                 :            : 
     787                 :          0 :         spin_lock(&blocked_lock_lock);
     788         [ #  # ]:          0 :         if (waiter->fl_blocker)
     789                 :          0 :                 status = 0;
     790                 :          0 :         __locks_wake_up_blocks(waiter);
     791         [ #  # ]:          0 :         __locks_delete_block(waiter);
     792                 :            : 
     793                 :            :         /*
     794                 :            :          * The setting of fl_blocker to NULL marks the "done" point in deleting
     795                 :            :          * a block. Paired with acquire at the top of this function.
     796                 :            :          */
     797                 :          0 :         smp_store_release(&waiter->fl_blocker, NULL);
     798                 :          0 :         spin_unlock(&blocked_lock_lock);
     799                 :          0 :         return status;
     800                 :            : }
     801                 :            : EXPORT_SYMBOL(locks_delete_block);
     802                 :            : 
     803                 :            : /* Insert waiter into blocker's block list.
     804                 :            :  * We use a circular list so that processes can be easily woken up in
     805                 :            :  * the order they blocked. The documentation doesn't require this but
     806                 :            :  * it seems like the reasonable thing to do.
     807                 :            :  *
     808                 :            :  * Must be called with both the flc_lock and blocked_lock_lock held. The
     809                 :            :  * fl_blocked_requests list itself is protected by the blocked_lock_lock,
     810                 :            :  * but by ensuring that the flc_lock is also held on insertions we can avoid
     811                 :            :  * taking the blocked_lock_lock in some cases when we see that the
     812                 :            :  * fl_blocked_requests list is empty.
     813                 :            :  *
     814                 :            :  * Rather than just adding to the list, we check for conflicts with any existing
     815                 :            :  * waiters, and add beneath any waiter that blocks the new waiter.
     816                 :            :  * Thus wakeups don't happen until needed.
     817                 :            :  */
     818                 :          0 : static void __locks_insert_block(struct file_lock *blocker,
     819                 :            :                                  struct file_lock *waiter,
     820                 :            :                                  bool conflict(struct file_lock *,
     821                 :            :                                                struct file_lock *))
     822                 :            : {
     823                 :          0 :         struct file_lock *fl;
     824         [ #  # ]:          0 :         BUG_ON(!list_empty(&waiter->fl_blocked_member));
     825                 :            : 
     826                 :          0 : new_blocker:
     827         [ #  # ]:          0 :         list_for_each_entry(fl, &blocker->fl_blocked_requests, fl_blocked_member)
     828         [ #  # ]:          0 :                 if (conflict(fl, waiter)) {
     829                 :          0 :                         blocker =  fl;
     830                 :          0 :                         goto new_blocker;
     831                 :            :                 }
     832                 :          0 :         waiter->fl_blocker = blocker;
     833         [ #  # ]:          0 :         list_add_tail(&waiter->fl_blocked_member, &blocker->fl_blocked_requests);
     834         [ #  # ]:          0 :         if (IS_POSIX(blocker) && !IS_OFDLCK(blocker))
     835         [ #  # ]:          0 :                 locks_insert_global_blocked(waiter);
     836                 :            : 
     837                 :            :         /* The requests in waiter->fl_blocked are known to conflict with
     838                 :            :          * waiter, but might not conflict with blocker, or the requests
     839                 :            :          * and lock which block it.  So they all need to be woken.
     840                 :            :          */
     841                 :          0 :         __locks_wake_up_blocks(waiter);
     842                 :          0 : }
     843                 :            : 
     844                 :            : /* Must be called with flc_lock held. */
     845                 :          0 : static void locks_insert_block(struct file_lock *blocker,
     846                 :            :                                struct file_lock *waiter,
     847                 :            :                                bool conflict(struct file_lock *,
     848                 :            :                                              struct file_lock *))
     849                 :            : {
     850                 :          0 :         spin_lock(&blocked_lock_lock);
     851                 :          0 :         __locks_insert_block(blocker, waiter, conflict);
     852                 :          0 :         spin_unlock(&blocked_lock_lock);
     853                 :          0 : }
     854                 :            : 
     855                 :            : /*
     856                 :            :  * Wake up processes blocked waiting for blocker.
     857                 :            :  *
     858                 :            :  * Must be called with the inode->flc_lock held!
     859                 :            :  */
     860                 :       1404 : static void locks_wake_up_blocks(struct file_lock *blocker)
     861                 :            : {
     862                 :            :         /*
     863                 :            :          * Avoid taking global lock if list is empty. This is safe since new
     864                 :            :          * blocked requests are only added to the list under the flc_lock, and
     865                 :            :          * the flc_lock is always held here. Note that removal from the
     866                 :            :          * fl_blocked_requests list does not require the flc_lock, so we must
     867                 :            :          * recheck list_empty() after acquiring the blocked_lock_lock.
     868                 :            :          */
     869         [ -  + ]:       1404 :         if (list_empty(&blocker->fl_blocked_requests))
     870                 :            :                 return;
     871                 :            : 
     872                 :          0 :         spin_lock(&blocked_lock_lock);
     873                 :          0 :         __locks_wake_up_blocks(blocker);
     874                 :          0 :         spin_unlock(&blocked_lock_lock);
     875                 :            : }
     876                 :            : 
     877                 :            : static void
     878                 :       1482 : locks_insert_lock_ctx(struct file_lock *fl, struct list_head *before)
     879                 :            : {
     880                 :       1482 :         list_add_tail(&fl->fl_list, before);
     881                 :          0 :         locks_insert_global_locks(fl);
     882                 :          0 : }
     883                 :            : 
     884                 :            : static void
     885                 :       1404 : locks_unlink_lock_ctx(struct file_lock *fl)
     886                 :            : {
     887                 :       1404 :         locks_delete_global_locks(fl);
     888                 :       1404 :         list_del_init(&fl->fl_list);
     889                 :       1404 :         locks_wake_up_blocks(fl);
     890                 :       1404 : }
     891                 :            : 
     892                 :            : static void
     893                 :       1404 : locks_delete_lock_ctx(struct file_lock *fl, struct list_head *dispose)
     894                 :            : {
     895                 :          0 :         locks_unlink_lock_ctx(fl);
     896         [ #  # ]:          0 :         if (dispose)
     897                 :       1404 :                 list_add(&fl->fl_list, dispose);
     898                 :            :         else
     899                 :          0 :                 locks_free_lock(fl);
     900                 :          0 : }
     901                 :            : 
     902                 :            : /* Determine if lock sys_fl blocks lock caller_fl. Common functionality
     903                 :            :  * checks for shared/exclusive status of overlapping locks.
     904                 :            :  */
     905                 :          0 : static bool locks_conflict(struct file_lock *caller_fl,
     906                 :            :                            struct file_lock *sys_fl)
     907                 :            : {
     908                 :          0 :         if (sys_fl->fl_type == F_WRLCK)
     909                 :            :                 return true;
     910   [ #  #  #  #  :          0 :         if (caller_fl->fl_type == F_WRLCK)
          #  #  #  #  #  
                #  #  # ]
     911                 :          0 :                 return true;
     912                 :            :         return false;
     913                 :            : }
     914                 :            : 
     915                 :            : /* Determine if lock sys_fl blocks lock caller_fl. POSIX specific
     916                 :            :  * checking before calling the locks_conflict().
     917                 :            :  */
     918                 :          0 : static bool posix_locks_conflict(struct file_lock *caller_fl,
     919                 :            :                                  struct file_lock *sys_fl)
     920                 :            : {
     921                 :            :         /* POSIX locks owned by the same process do not conflict with
     922                 :            :          * each other.
     923                 :            :          */
     924         [ #  # ]:          0 :         if (posix_same_owner(caller_fl, sys_fl))
     925                 :            :                 return false;
     926                 :            : 
     927                 :            :         /* Check whether they overlap */
     928   [ #  #  #  #  :          0 :         if (!locks_overlap(caller_fl, sys_fl))
                   #  # ]
     929                 :            :                 return false;
     930                 :            : 
     931   [ #  #  #  #  :          0 :         return locks_conflict(caller_fl, sys_fl);
                   #  # ]
     932                 :            : }
     933                 :            : 
     934                 :            : /* Determine if lock sys_fl blocks lock caller_fl. FLOCK specific
     935                 :            :  * checking before calling the locks_conflict().
     936                 :            :  */
     937                 :          0 : static bool flock_locks_conflict(struct file_lock *caller_fl,
     938                 :            :                                  struct file_lock *sys_fl)
     939                 :            : {
     940                 :            :         /* FLOCK locks referring to the same filp do not conflict with
     941                 :            :          * each other.
     942                 :            :          */
     943         [ #  # ]:          0 :         if (caller_fl->fl_file == sys_fl->fl_file)
     944                 :            :                 return false;
     945   [ #  #  #  #  :          0 :         if ((caller_fl->fl_type & LOCK_MAND) || (sys_fl->fl_type & LOCK_MAND))
             #  #  #  # ]
     946                 :            :                 return false;
     947                 :            : 
     948   [ #  #  #  # ]:          0 :         return locks_conflict(caller_fl, sys_fl);
     949                 :            : }
     950                 :            : 
     951                 :            : void
     952                 :          0 : posix_test_lock(struct file *filp, struct file_lock *fl)
     953                 :            : {
     954                 :          0 :         struct file_lock *cfl;
     955                 :          0 :         struct file_lock_context *ctx;
     956                 :          0 :         struct inode *inode = locks_inode(filp);
     957                 :            : 
     958                 :          0 :         ctx = smp_load_acquire(&inode->i_flctx);
     959   [ #  #  #  # ]:          0 :         if (!ctx || list_empty_careful(&ctx->flc_posix)) {
     960                 :          0 :                 fl->fl_type = F_UNLCK;
     961                 :          0 :                 return;
     962                 :            :         }
     963                 :            : 
     964                 :          0 :         spin_lock(&ctx->flc_lock);
     965         [ #  # ]:          0 :         list_for_each_entry(cfl, &ctx->flc_posix, fl_list) {
     966         [ #  # ]:          0 :                 if (posix_locks_conflict(fl, cfl)) {
     967                 :          0 :                         locks_copy_conflock(fl, cfl);
     968                 :          0 :                         goto out;
     969                 :            :                 }
     970                 :            :         }
     971                 :          0 :         fl->fl_type = F_UNLCK;
     972                 :          0 : out:
     973                 :          0 :         spin_unlock(&ctx->flc_lock);
     974                 :            :         return;
     975                 :            : }
     976                 :            : EXPORT_SYMBOL(posix_test_lock);
     977                 :            : 
     978                 :            : /*
     979                 :            :  * Deadlock detection:
     980                 :            :  *
     981                 :            :  * We attempt to detect deadlocks that are due purely to posix file
     982                 :            :  * locks.
     983                 :            :  *
     984                 :            :  * We assume that a task can be waiting for at most one lock at a time.
     985                 :            :  * So for any acquired lock, the process holding that lock may be
     986                 :            :  * waiting on at most one other lock.  That lock in turns may be held by
     987                 :            :  * someone waiting for at most one other lock.  Given a requested lock
     988                 :            :  * caller_fl which is about to wait for a conflicting lock block_fl, we
     989                 :            :  * follow this chain of waiters to ensure we are not about to create a
     990                 :            :  * cycle.
     991                 :            :  *
     992                 :            :  * Since we do this before we ever put a process to sleep on a lock, we
     993                 :            :  * are ensured that there is never a cycle; that is what guarantees that
     994                 :            :  * the while() loop in posix_locks_deadlock() eventually completes.
     995                 :            :  *
     996                 :            :  * Note: the above assumption may not be true when handling lock
     997                 :            :  * requests from a broken NFS client. It may also fail in the presence
     998                 :            :  * of tasks (such as posix threads) sharing the same open file table.
     999                 :            :  * To handle those cases, we just bail out after a few iterations.
    1000                 :            :  *
    1001                 :            :  * For FL_OFDLCK locks, the owner is the filp, not the files_struct.
    1002                 :            :  * Because the owner is not even nominally tied to a thread of
    1003                 :            :  * execution, the deadlock detection below can't reasonably work well. Just
    1004                 :            :  * skip it for those.
    1005                 :            :  *
    1006                 :            :  * In principle, we could do a more limited deadlock detection on FL_OFDLCK
    1007                 :            :  * locks that just checks for the case where two tasks are attempting to
    1008                 :            :  * upgrade from read to write locks on the same inode.
    1009                 :            :  */
    1010                 :            : 
    1011                 :            : #define MAX_DEADLK_ITERATIONS 10
    1012                 :            : 
    1013                 :            : /* Find a lock that the owner of the given block_fl is blocking on. */
    1014                 :          0 : static struct file_lock *what_owner_is_waiting_for(struct file_lock *block_fl)
    1015                 :            : {
    1016                 :          0 :         struct file_lock *fl;
    1017                 :            : 
    1018   [ #  #  #  #  :          0 :         hash_for_each_possible(blocked_hash, fl, fl_link, posix_owner_key(block_fl)) {
                   #  # ]
    1019         [ #  # ]:          0 :                 if (posix_same_owner(fl, block_fl)) {
    1020         [ #  # ]:          0 :                         while (fl->fl_blocker)
    1021                 :            :                                 fl = fl->fl_blocker;
    1022                 :          0 :                         return fl;
    1023                 :            :                 }
    1024                 :            :         }
    1025                 :            :         return NULL;
    1026                 :            : }
    1027                 :            : 
    1028                 :            : /* Must be called with the blocked_lock_lock held! */
    1029                 :          0 : static int posix_locks_deadlock(struct file_lock *caller_fl,
    1030                 :            :                                 struct file_lock *block_fl)
    1031                 :            : {
    1032                 :          0 :         int i = 0;
    1033                 :            : 
    1034                 :          0 :         lockdep_assert_held(&blocked_lock_lock);
    1035                 :            : 
    1036                 :            :         /*
    1037                 :            :          * This deadlock detector can't reasonably detect deadlocks with
    1038                 :            :          * FL_OFDLCK locks, since they aren't owned by a process, per-se.
    1039                 :            :          */
    1040         [ #  # ]:          0 :         if (IS_OFDLCK(caller_fl))
    1041                 :            :                 return 0;
    1042                 :            : 
    1043         [ #  # ]:          0 :         while ((block_fl = what_owner_is_waiting_for(block_fl))) {
    1044         [ #  # ]:          0 :                 if (i++ > MAX_DEADLK_ITERATIONS)
    1045                 :            :                         return 0;
    1046         [ #  # ]:          0 :                 if (posix_same_owner(caller_fl, block_fl))
    1047                 :            :                         return 1;
    1048                 :            :         }
    1049                 :            :         return 0;
    1050                 :            : }
    1051                 :            : 
    1052                 :            : /* Try to create a FLOCK lock on filp. We always insert new FLOCK locks
    1053                 :            :  * after any leases, but before any posix locks.
    1054                 :            :  *
    1055                 :            :  * Note that if called with an FL_EXISTS argument, the caller may determine
    1056                 :            :  * whether or not a lock was successfully freed by testing the return
    1057                 :            :  * value for -ENOENT.
    1058                 :            :  */
    1059                 :       2886 : static int flock_lock_inode(struct inode *inode, struct file_lock *request)
    1060                 :            : {
    1061                 :       2886 :         struct file_lock *new_fl = NULL;
    1062                 :       2886 :         struct file_lock *fl;
    1063                 :       2886 :         struct file_lock_context *ctx;
    1064                 :       2886 :         int error = 0;
    1065                 :       2886 :         bool found = false;
    1066                 :       2886 :         LIST_HEAD(dispose);
    1067                 :            : 
    1068                 :       2886 :         ctx = locks_get_lock_context(inode, request->fl_type);
    1069         [ -  + ]:       2886 :         if (!ctx) {
    1070         [ #  # ]:          0 :                 if (request->fl_type != F_UNLCK)
    1071                 :            :                         return -ENOMEM;
    1072         [ #  # ]:          0 :                 return (request->fl_flags & FL_EXISTS) ? -ENOENT : 0;
    1073                 :            :         }
    1074                 :            : 
    1075   [ +  -  +  + ]:       2886 :         if (!(request->fl_flags & FL_ACCESS) && (request->fl_type != F_UNLCK)) {
    1076                 :        936 :                 new_fl = locks_alloc_lock();
    1077         [ +  - ]:        936 :                 if (!new_fl)
    1078                 :            :                         return -ENOMEM;
    1079                 :            :         }
    1080                 :            : 
    1081                 :       2886 :         percpu_down_read(&file_rwsem);
    1082                 :       2886 :         spin_lock(&ctx->flc_lock);
    1083         [ -  + ]:       2886 :         if (request->fl_flags & FL_ACCESS)
    1084                 :          0 :                 goto find_conflict;
    1085                 :            : 
    1086         [ +  + ]:       3978 :         list_for_each_entry(fl, &ctx->flc_flock, fl_list) {
    1087         [ +  + ]:       1950 :                 if (request->fl_file != fl->fl_file)
    1088                 :       1092 :                         continue;
    1089         [ -  + ]:        858 :                 if (request->fl_type == fl->fl_type)
    1090                 :          0 :                         goto out;
    1091                 :        858 :                 found = true;
    1092                 :        858 :                 locks_delete_lock_ctx(fl, &dispose);
    1093                 :            :                 break;
    1094                 :            :         }
    1095                 :            : 
    1096         [ +  + ]:       2886 :         if (request->fl_type == F_UNLCK) {
    1097   [ -  +  -  - ]:       1950 :                 if ((request->fl_flags & FL_EXISTS) && !found)
    1098                 :          0 :                         error = -ENOENT;
    1099                 :       1950 :                 goto out;
    1100                 :            :         }
    1101                 :            : 
    1102                 :        936 : find_conflict:
    1103         [ -  + ]:        936 :         list_for_each_entry(fl, &ctx->flc_flock, fl_list) {
    1104         [ #  # ]:          0 :                 if (!flock_locks_conflict(request, fl))
    1105                 :          0 :                         continue;
    1106                 :          0 :                 error = -EAGAIN;
    1107         [ #  # ]:          0 :                 if (!(request->fl_flags & FL_SLEEP))
    1108                 :          0 :                         goto out;
    1109                 :          0 :                 error = FILE_LOCK_DEFERRED;
    1110                 :          0 :                 locks_insert_block(fl, request, flock_locks_conflict);
    1111                 :          0 :                 goto out;
    1112                 :            :         }
    1113         [ -  + ]:        936 :         if (request->fl_flags & FL_ACCESS)
    1114                 :          0 :                 goto out;
    1115                 :        936 :         locks_copy_lock(new_fl, request);
    1116                 :        936 :         locks_move_blocks(new_fl, request);
    1117                 :        936 :         locks_insert_lock_ctx(new_fl, &ctx->flc_flock);
    1118                 :        936 :         new_fl = NULL;
    1119                 :        936 :         error = 0;
    1120                 :            : 
    1121                 :       2886 : out:
    1122                 :       2886 :         spin_unlock(&ctx->flc_lock);
    1123                 :       2886 :         percpu_up_read(&file_rwsem);
    1124         [ -  + ]:       2886 :         if (new_fl)
    1125                 :          0 :                 locks_free_lock(new_fl);
    1126                 :       2886 :         locks_dispose_list(&dispose);
    1127                 :       2886 :         trace_flock_lock_inode(inode, request, error);
    1128                 :       2886 :         return error;
    1129                 :            : }
    1130                 :            : 
    1131                 :       1404 : static int posix_lock_inode(struct inode *inode, struct file_lock *request,
    1132                 :            :                             struct file_lock *conflock)
    1133                 :            : {
    1134                 :       1404 :         struct file_lock *fl, *tmp;
    1135                 :       1404 :         struct file_lock *new_fl = NULL;
    1136                 :       1404 :         struct file_lock *new_fl2 = NULL;
    1137                 :       1404 :         struct file_lock *left = NULL;
    1138                 :       1404 :         struct file_lock *right = NULL;
    1139                 :       1404 :         struct file_lock_context *ctx;
    1140                 :       1404 :         int error;
    1141                 :       1404 :         bool added = false;
    1142                 :       1404 :         LIST_HEAD(dispose);
    1143                 :            : 
    1144                 :       1404 :         ctx = locks_get_lock_context(inode, request->fl_type);
    1145         [ -  + ]:       1404 :         if (!ctx)
    1146         [ #  # ]:          0 :                 return (request->fl_type == F_UNLCK) ? 0 : -ENOMEM;
    1147                 :            : 
    1148                 :            :         /*
    1149                 :            :          * We may need two file_lock structures for this operation,
    1150                 :            :          * so we get them in advance to avoid races.
    1151                 :            :          *
    1152                 :            :          * In some cases we can be sure, that no new locks will be needed
    1153                 :            :          */
    1154         [ +  - ]:       1404 :         if (!(request->fl_flags & FL_ACCESS) &&
    1155         [ +  + ]:       1404 :             (request->fl_type != F_UNLCK ||
    1156   [ +  -  -  + ]:        858 :              request->fl_start != 0 || request->fl_end != OFFSET_MAX)) {
    1157                 :        546 :                 new_fl = locks_alloc_lock();
    1158                 :        546 :                 new_fl2 = locks_alloc_lock();
    1159                 :            :         }
    1160                 :            : 
    1161                 :       1404 :         percpu_down_read(&file_rwsem);
    1162                 :       1404 :         spin_lock(&ctx->flc_lock);
    1163                 :            :         /*
    1164                 :            :          * New lock request. Walk all POSIX locks and look for conflicts. If
    1165                 :            :          * there are any, either return error or put the request on the
    1166                 :            :          * blocker's list of waiters and the global blocked_hash.
    1167                 :            :          */
    1168         [ +  + ]:       1404 :         if (request->fl_type != F_UNLCK) {
    1169         [ -  + ]:        546 :                 list_for_each_entry(fl, &ctx->flc_posix, fl_list) {
    1170         [ #  # ]:          0 :                         if (!posix_locks_conflict(request, fl))
    1171                 :          0 :                                 continue;
    1172         [ #  # ]:          0 :                         if (conflock)
    1173                 :          0 :                                 locks_copy_conflock(conflock, fl);
    1174                 :          0 :                         error = -EAGAIN;
    1175         [ #  # ]:          0 :                         if (!(request->fl_flags & FL_SLEEP))
    1176                 :          0 :                                 goto out;
    1177                 :            :                         /*
    1178                 :            :                          * Deadlock detection and insertion into the blocked
    1179                 :            :                          * locks list must be done while holding the same lock!
    1180                 :            :                          */
    1181                 :          0 :                         error = -EDEADLK;
    1182                 :          0 :                         spin_lock(&blocked_lock_lock);
    1183                 :            :                         /*
    1184                 :            :                          * Ensure that we don't find any locks blocked on this
    1185                 :            :                          * request during deadlock detection.
    1186                 :            :                          */
    1187                 :          0 :                         __locks_wake_up_blocks(request);
    1188         [ #  # ]:          0 :                         if (likely(!posix_locks_deadlock(request, fl))) {
    1189                 :          0 :                                 error = FILE_LOCK_DEFERRED;
    1190                 :          0 :                                 __locks_insert_block(fl, request,
    1191                 :            :                                                      posix_locks_conflict);
    1192                 :            :                         }
    1193                 :          0 :                         spin_unlock(&blocked_lock_lock);
    1194                 :          0 :                         goto out;
    1195                 :            :                 }
    1196                 :            :         }
    1197                 :            : 
    1198                 :            :         /* If we're just looking for a conflict, we're done. */
    1199                 :       1404 :         error = 0;
    1200         [ -  + ]:       1404 :         if (request->fl_flags & FL_ACCESS)
    1201                 :          0 :                 goto out;
    1202                 :            : 
    1203                 :            :         /* Find the first old lock with the same owner as the new lock */
    1204         [ +  + ]:       1716 :         list_for_each_entry(fl, &ctx->flc_posix, fl_list) {
    1205         [ +  + ]:        858 :                 if (posix_same_owner(request, fl))
    1206                 :            :                         break;
    1207                 :            :         }
    1208                 :            : 
    1209                 :            :         /* Process locks with this owner. */
    1210         [ +  + ]:       1950 :         list_for_each_entry_safe_from(fl, tmp, &ctx->flc_posix, fl_list) {
    1211         [ +  - ]:        546 :                 if (!posix_same_owner(request, fl))
    1212                 :            :                         break;
    1213                 :            : 
    1214                 :            :                 /* Detect adjacent or overlapping regions (if same lock type) */
    1215         [ -  + ]:        546 :                 if (request->fl_type == fl->fl_type) {
    1216                 :            :                         /* In all comparisons of start vs end, use
    1217                 :            :                          * "start - 1" rather than "end + 1". If end
    1218                 :            :                          * is OFFSET_MAX, end + 1 will become negative.
    1219                 :            :                          */
    1220         [ #  # ]:          0 :                         if (fl->fl_end < request->fl_start - 1)
    1221                 :          0 :                                 continue;
    1222                 :            :                         /* If the next lock in the list has entirely bigger
    1223                 :            :                          * addresses than the new one, insert the lock here.
    1224                 :            :                          */
    1225         [ #  # ]:          0 :                         if (fl->fl_start - 1 > request->fl_end)
    1226                 :            :                                 break;
    1227                 :            : 
    1228                 :            :                         /* If we come here, the new and old lock are of the
    1229                 :            :                          * same type and adjacent or overlapping. Make one
    1230                 :            :                          * lock yielding from the lower start address of both
    1231                 :            :                          * locks to the higher end address.
    1232                 :            :                          */
    1233         [ #  # ]:          0 :                         if (fl->fl_start > request->fl_start)
    1234                 :          0 :                                 fl->fl_start = request->fl_start;
    1235                 :            :                         else
    1236                 :          0 :                                 request->fl_start = fl->fl_start;
    1237         [ #  # ]:          0 :                         if (fl->fl_end < request->fl_end)
    1238                 :          0 :                                 fl->fl_end = request->fl_end;
    1239                 :            :                         else
    1240                 :          0 :                                 request->fl_end = fl->fl_end;
    1241         [ #  # ]:          0 :                         if (added) {
    1242                 :          0 :                                 locks_delete_lock_ctx(fl, &dispose);
    1243                 :          0 :                                 continue;
    1244                 :            :                         }
    1245                 :            :                         request = fl;
    1246                 :            :                         added = true;
    1247                 :            :                 } else {
    1248                 :            :                         /* Processing for different lock types is a bit
    1249                 :            :                          * more complex.
    1250                 :            :                          */
    1251         [ -  + ]:        546 :                         if (fl->fl_end < request->fl_start)
    1252                 :          0 :                                 continue;
    1253         [ +  - ]:        546 :                         if (fl->fl_start > request->fl_end)
    1254                 :            :                                 break;
    1255         [ +  - ]:        546 :                         if (request->fl_type == F_UNLCK)
    1256                 :        546 :                                 added = true;
    1257         [ -  + ]:        546 :                         if (fl->fl_start < request->fl_start)
    1258                 :          0 :                                 left = fl;
    1259                 :            :                         /* If the next lock in the list has a higher end
    1260                 :            :                          * address than the new one, insert the new one here.
    1261                 :            :                          */
    1262         [ +  - ]:        546 :                         if (fl->fl_end > request->fl_end) {
    1263                 :            :                                 right = fl;
    1264                 :            :                                 break;
    1265                 :            :                         }
    1266         [ +  - ]:        546 :                         if (fl->fl_start >= request->fl_start) {
    1267                 :            :                                 /* The new lock completely replaces an old
    1268                 :            :                                  * one (This may happen several times).
    1269                 :            :                                  */
    1270         [ +  - ]:        546 :                                 if (added) {
    1271                 :        546 :                                         locks_delete_lock_ctx(fl, &dispose);
    1272                 :        546 :                                         continue;
    1273                 :            :                                 }
    1274                 :            :                                 /*
    1275                 :            :                                  * Replace the old lock with new_fl, and
    1276                 :            :                                  * remove the old one. It's safe to do the
    1277                 :            :                                  * insert here since we know that we won't be
    1278                 :            :                                  * using new_fl later, and that the lock is
    1279                 :            :                                  * just replacing an existing lock.
    1280                 :            :                                  */
    1281                 :          0 :                                 error = -ENOLCK;
    1282         [ #  # ]:          0 :                                 if (!new_fl)
    1283                 :          0 :                                         goto out;
    1284                 :          0 :                                 locks_copy_lock(new_fl, request);
    1285                 :          0 :                                 request = new_fl;
    1286                 :          0 :                                 new_fl = NULL;
    1287                 :          0 :                                 locks_insert_lock_ctx(request, &fl->fl_list);
    1288                 :          0 :                                 locks_delete_lock_ctx(fl, &dispose);
    1289                 :          0 :                                 added = true;
    1290                 :            :                         }
    1291                 :            :                 }
    1292                 :            :         }
    1293                 :            : 
    1294                 :            :         /*
    1295                 :            :          * The above code only modifies existing locks in case of merging or
    1296                 :            :          * replacing. If new lock(s) need to be inserted all modifications are
    1297                 :            :          * done below this, so it's safe yet to bail out.
    1298                 :            :          */
    1299                 :       1404 :         error = -ENOLCK; /* "no luck" */
    1300   [ -  +  -  - ]:       1404 :         if (right && left == right && !new_fl2)
    1301                 :          0 :                 goto out;
    1302                 :            : 
    1303                 :       1404 :         error = 0;
    1304         [ +  + ]:       1404 :         if (!added) {
    1305         [ +  + ]:        858 :                 if (request->fl_type == F_UNLCK) {
    1306         [ -  + ]:        312 :                         if (request->fl_flags & FL_EXISTS)
    1307                 :          0 :                                 error = -ENOENT;
    1308                 :        312 :                         goto out;
    1309                 :            :                 }
    1310                 :            : 
    1311         [ -  + ]:        546 :                 if (!new_fl) {
    1312                 :          0 :                         error = -ENOLCK;
    1313                 :          0 :                         goto out;
    1314                 :            :                 }
    1315                 :        546 :                 locks_copy_lock(new_fl, request);
    1316                 :        546 :                 locks_move_blocks(new_fl, request);
    1317                 :        546 :                 locks_insert_lock_ctx(new_fl, &fl->fl_list);
    1318                 :        546 :                 fl = new_fl;
    1319                 :        546 :                 new_fl = NULL;
    1320                 :            :         }
    1321         [ -  + ]:       1092 :         if (right) {
    1322         [ #  # ]:          0 :                 if (left == right) {
    1323                 :            :                         /* The new lock breaks the old one in two pieces,
    1324                 :            :                          * so we have to use the second new lock.
    1325                 :            :                          */
    1326                 :          0 :                         left = new_fl2;
    1327                 :          0 :                         new_fl2 = NULL;
    1328                 :          0 :                         locks_copy_lock(left, right);
    1329                 :          0 :                         locks_insert_lock_ctx(left, &fl->fl_list);
    1330                 :            :                 }
    1331                 :          0 :                 right->fl_start = request->fl_end + 1;
    1332                 :          0 :                 locks_wake_up_blocks(right);
    1333                 :            :         }
    1334         [ +  - ]:       1092 :         if (left) {
    1335                 :          0 :                 left->fl_end = request->fl_start - 1;
    1336                 :          0 :                 locks_wake_up_blocks(left);
    1337                 :            :         }
    1338                 :       1092 :  out:
    1339                 :       1404 :         spin_unlock(&ctx->flc_lock);
    1340                 :       1404 :         percpu_up_read(&file_rwsem);
    1341                 :            :         /*
    1342                 :            :          * Free any unused locks.
    1343                 :            :          */
    1344         [ -  + ]:       1404 :         if (new_fl)
    1345                 :          0 :                 locks_free_lock(new_fl);
    1346         [ +  + ]:       1404 :         if (new_fl2)
    1347                 :        546 :                 locks_free_lock(new_fl2);
    1348                 :       1404 :         locks_dispose_list(&dispose);
    1349                 :       1404 :         trace_posix_lock_inode(inode, request, error);
    1350                 :            : 
    1351                 :       1404 :         return error;
    1352                 :            : }
    1353                 :            : 
    1354                 :            : /**
    1355                 :            :  * posix_lock_file - Apply a POSIX-style lock to a file
    1356                 :            :  * @filp: The file to apply the lock to
    1357                 :            :  * @fl: The lock to be applied
    1358                 :            :  * @conflock: Place to return a copy of the conflicting lock, if found.
    1359                 :            :  *
    1360                 :            :  * Add a POSIX style lock to a file.
    1361                 :            :  * We merge adjacent & overlapping locks whenever possible.
    1362                 :            :  * POSIX locks are sorted by owner task, then by starting address
    1363                 :            :  *
    1364                 :            :  * Note that if called with an FL_EXISTS argument, the caller may determine
    1365                 :            :  * whether or not a lock was successfully freed by testing the return
    1366                 :            :  * value for -ENOENT.
    1367                 :            :  */
    1368                 :       1404 : int posix_lock_file(struct file *filp, struct file_lock *fl,
    1369                 :            :                         struct file_lock *conflock)
    1370                 :            : {
    1371                 :          0 :         return posix_lock_inode(locks_inode(filp), fl, conflock);
    1372                 :            : }
    1373                 :            : EXPORT_SYMBOL(posix_lock_file);
    1374                 :            : 
    1375                 :            : /**
    1376                 :            :  * posix_lock_inode_wait - Apply a POSIX-style lock to a file
    1377                 :            :  * @inode: inode of file to which lock request should be applied
    1378                 :            :  * @fl: The lock to be applied
    1379                 :            :  *
    1380                 :            :  * Apply a POSIX style lock request to an inode.
    1381                 :            :  */
    1382                 :          0 : static int posix_lock_inode_wait(struct inode *inode, struct file_lock *fl)
    1383                 :            : {
    1384                 :          0 :         int error;
    1385                 :          0 :         might_sleep ();
    1386                 :          0 :         for (;;) {
    1387                 :          0 :                 error = posix_lock_inode(inode, fl, NULL);
    1388         [ #  # ]:          0 :                 if (error != FILE_LOCK_DEFERRED)
    1389                 :            :                         break;
    1390   [ #  #  #  #  :          0 :                 error = wait_event_interruptible(fl->fl_wait,
                   #  # ]
    1391                 :            :                                         list_empty(&fl->fl_blocked_member));
    1392         [ #  # ]:          0 :                 if (error)
    1393                 :            :                         break;
    1394                 :            :         }
    1395                 :          0 :         locks_delete_block(fl);
    1396                 :          0 :         return error;
    1397                 :            : }
    1398                 :            : 
    1399                 :            : #ifdef CONFIG_MANDATORY_FILE_LOCKING
    1400                 :            : /**
    1401                 :            :  * locks_mandatory_locked - Check for an active lock
    1402                 :            :  * @file: the file to check
    1403                 :            :  *
    1404                 :            :  * Searches the inode's list of locks to find any POSIX locks which conflict.
    1405                 :            :  * This function is called from locks_verify_locked() only.
    1406                 :            :  */
    1407                 :          0 : int locks_mandatory_locked(struct file *file)
    1408                 :            : {
    1409                 :          0 :         int ret;
    1410                 :          0 :         struct inode *inode = locks_inode(file);
    1411                 :          0 :         struct file_lock_context *ctx;
    1412                 :          0 :         struct file_lock *fl;
    1413                 :            : 
    1414                 :          0 :         ctx = smp_load_acquire(&inode->i_flctx);
    1415   [ #  #  #  # ]:          0 :         if (!ctx || list_empty_careful(&ctx->flc_posix))
    1416                 :            :                 return 0;
    1417                 :            : 
    1418                 :            :         /*
    1419                 :            :          * Search the lock list for this inode for any POSIX locks.
    1420                 :            :          */
    1421                 :          0 :         spin_lock(&ctx->flc_lock);
    1422                 :          0 :         ret = 0;
    1423         [ #  # ]:          0 :         list_for_each_entry(fl, &ctx->flc_posix, fl_list) {
    1424   [ #  #  #  # ]:          0 :                 if (fl->fl_owner != current->files &&
    1425                 :            :                     fl->fl_owner != file) {
    1426                 :            :                         ret = -EAGAIN;
    1427                 :            :                         break;
    1428                 :            :                 }
    1429                 :            :         }
    1430                 :          0 :         spin_unlock(&ctx->flc_lock);
    1431                 :          0 :         return ret;
    1432                 :            : }
    1433                 :            : 
    1434                 :            : /**
    1435                 :            :  * locks_mandatory_area - Check for a conflicting lock
    1436                 :            :  * @inode:      the file to check
    1437                 :            :  * @filp:       how the file was opened (if it was)
    1438                 :            :  * @start:      first byte in the file to check
    1439                 :            :  * @end:        lastbyte in the file to check
    1440                 :            :  * @type:       %F_WRLCK for a write lock, else %F_RDLCK
    1441                 :            :  *
    1442                 :            :  * Searches the inode's list of locks to find any POSIX locks which conflict.
    1443                 :            :  */
    1444                 :          0 : int locks_mandatory_area(struct inode *inode, struct file *filp, loff_t start,
    1445                 :            :                          loff_t end, unsigned char type)
    1446                 :            : {
    1447                 :          0 :         struct file_lock fl;
    1448                 :          0 :         int error;
    1449                 :          0 :         bool sleep = false;
    1450                 :            : 
    1451                 :          0 :         locks_init_lock(&fl);
    1452         [ #  # ]:          0 :         fl.fl_pid = current->tgid;
    1453                 :          0 :         fl.fl_file = filp;
    1454                 :          0 :         fl.fl_flags = FL_POSIX | FL_ACCESS;
    1455   [ #  #  #  # ]:          0 :         if (filp && !(filp->f_flags & O_NONBLOCK))
    1456                 :          0 :                 sleep = true;
    1457                 :          0 :         fl.fl_type = type;
    1458                 :          0 :         fl.fl_start = start;
    1459                 :          0 :         fl.fl_end = end;
    1460                 :            : 
    1461                 :          0 :         for (;;) {
    1462         [ #  # ]:          0 :                 if (filp) {
    1463                 :          0 :                         fl.fl_owner = filp;
    1464                 :          0 :                         fl.fl_flags &= ~FL_SLEEP;
    1465                 :          0 :                         error = posix_lock_inode(inode, &fl, NULL);
    1466         [ #  # ]:          0 :                         if (!error)
    1467                 :            :                                 break;
    1468                 :            :                 }
    1469                 :            : 
    1470         [ #  # ]:          0 :                 if (sleep)
    1471                 :          0 :                         fl.fl_flags |= FL_SLEEP;
    1472                 :          0 :                 fl.fl_owner = current->files;
    1473                 :          0 :                 error = posix_lock_inode(inode, &fl, NULL);
    1474         [ #  # ]:          0 :                 if (error != FILE_LOCK_DEFERRED)
    1475                 :            :                         break;
    1476   [ #  #  #  #  :          0 :                 error = wait_event_interruptible(fl.fl_wait,
                   #  # ]
    1477                 :            :                                         list_empty(&fl.fl_blocked_member));
    1478         [ #  # ]:          0 :                 if (!error) {
    1479                 :            :                         /*
    1480                 :            :                          * If we've been sleeping someone might have
    1481                 :            :                          * changed the permissions behind our back.
    1482                 :            :                          */
    1483         [ #  # ]:          0 :                         if (__mandatory_lock(inode))
    1484                 :          0 :                                 continue;
    1485                 :            :                 }
    1486                 :            : 
    1487                 :            :                 break;
    1488                 :            :         }
    1489                 :          0 :         locks_delete_block(&fl);
    1490                 :            : 
    1491                 :          0 :         return error;
    1492                 :            : }
    1493                 :            : EXPORT_SYMBOL(locks_mandatory_area);
    1494                 :            : #endif /* CONFIG_MANDATORY_FILE_LOCKING */
    1495                 :            : 
    1496                 :          0 : static void lease_clear_pending(struct file_lock *fl, int arg)
    1497                 :            : {
    1498                 :          0 :         switch (arg) {
    1499                 :          0 :         case F_UNLCK:
    1500                 :          0 :                 fl->fl_flags &= ~FL_UNLOCK_PENDING;
    1501                 :            :                 /* fall through */
    1502                 :          0 :         case F_RDLCK:
    1503                 :          0 :                 fl->fl_flags &= ~FL_DOWNGRADE_PENDING;
    1504                 :            :         }
    1505                 :            : }
    1506                 :            : 
    1507                 :            : /* We already had a lease on this file; just change its type */
    1508                 :          0 : int lease_modify(struct file_lock *fl, int arg, struct list_head *dispose)
    1509                 :            : {
    1510         [ #  # ]:          0 :         int error = assign_type(fl, arg);
    1511                 :            : 
    1512                 :          0 :         if (error)
    1513                 :            :                 return error;
    1514      [ #  #  # ]:          0 :         lease_clear_pending(fl, arg);
    1515                 :          0 :         locks_wake_up_blocks(fl);
    1516         [ #  # ]:          0 :         if (arg == F_UNLCK) {
    1517                 :          0 :                 struct file *filp = fl->fl_file;
    1518                 :            : 
    1519                 :          0 :                 f_delown(filp);
    1520                 :          0 :                 filp->f_owner.signum = 0;
    1521                 :          0 :                 fasync_helper(0, fl->fl_file, 0, &fl->fl_fasync);
    1522         [ #  # ]:          0 :                 if (fl->fl_fasync != NULL) {
    1523                 :          0 :                         printk(KERN_ERR "locks_delete_lock: fasync == %p\n", fl->fl_fasync);
    1524                 :          0 :                         fl->fl_fasync = NULL;
    1525                 :            :                 }
    1526                 :          0 :                 locks_delete_lock_ctx(fl, dispose);
    1527                 :            :         }
    1528                 :            :         return 0;
    1529                 :            : }
    1530                 :            : EXPORT_SYMBOL(lease_modify);
    1531                 :            : 
    1532                 :          0 : static bool past_time(unsigned long then)
    1533                 :            : {
    1534                 :          0 :         if (!then)
    1535                 :            :                 /* 0 is a special value meaning "this never expires": */
    1536                 :            :                 return false;
    1537   [ #  #  #  # ]:          0 :         return time_after(jiffies, then);
    1538                 :            : }
    1539                 :            : 
    1540                 :          0 : static void time_out_leases(struct inode *inode, struct list_head *dispose)
    1541                 :            : {
    1542                 :          0 :         struct file_lock_context *ctx = inode->i_flctx;
    1543                 :          0 :         struct file_lock *fl, *tmp;
    1544                 :            : 
    1545                 :          0 :         lockdep_assert_held(&ctx->flc_lock);
    1546                 :            : 
    1547         [ #  # ]:          0 :         list_for_each_entry_safe(fl, tmp, &ctx->flc_lease, fl_list) {
    1548                 :          0 :                 trace_time_out_leases(inode, fl);
    1549   [ #  #  #  # ]:          0 :                 if (past_time(fl->fl_downgrade_time))
    1550                 :          0 :                         lease_modify(fl, F_RDLCK, dispose);
    1551   [ #  #  #  # ]:          0 :                 if (past_time(fl->fl_break_time))
    1552                 :          0 :                         lease_modify(fl, F_UNLCK, dispose);
    1553                 :            :         }
    1554                 :          0 : }
    1555                 :            : 
    1556                 :          0 : static bool leases_conflict(struct file_lock *lease, struct file_lock *breaker)
    1557                 :            : {
    1558                 :          0 :         bool rc;
    1559                 :            : 
    1560         [ #  # ]:          0 :         if ((breaker->fl_flags & FL_LAYOUT) != (lease->fl_flags & FL_LAYOUT)) {
    1561                 :          0 :                 rc = false;
    1562                 :          0 :                 goto trace;
    1563                 :            :         }
    1564   [ #  #  #  # ]:          0 :         if ((breaker->fl_flags & FL_DELEG) && (lease->fl_flags & FL_LEASE)) {
    1565                 :          0 :                 rc = false;
    1566                 :          0 :                 goto trace;
    1567                 :            :         }
    1568                 :            : 
    1569         [ #  # ]:          0 :         rc = locks_conflict(breaker, lease);
    1570                 :          0 : trace:
    1571                 :          0 :         trace_leases_conflict(rc, lease, breaker);
    1572                 :          0 :         return rc;
    1573                 :            : }
    1574                 :            : 
    1575                 :            : static bool
    1576                 :            : any_leases_conflict(struct inode *inode, struct file_lock *breaker)
    1577                 :            : {
    1578                 :            :         struct file_lock_context *ctx = inode->i_flctx;
    1579                 :            :         struct file_lock *fl;
    1580                 :            : 
    1581                 :            :         lockdep_assert_held(&ctx->flc_lock);
    1582                 :            : 
    1583                 :            :         list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
    1584                 :            :                 if (leases_conflict(fl, breaker))
    1585                 :            :                         return true;
    1586                 :            :         }
    1587                 :            :         return false;
    1588                 :            : }
    1589                 :            : 
    1590                 :            : /**
    1591                 :            :  *      __break_lease   -       revoke all outstanding leases on file
    1592                 :            :  *      @inode: the inode of the file to return
    1593                 :            :  *      @mode: O_RDONLY: break only write leases; O_WRONLY or O_RDWR:
    1594                 :            :  *          break all leases
    1595                 :            :  *      @type: FL_LEASE: break leases and delegations; FL_DELEG: break
    1596                 :            :  *          only delegations
    1597                 :            :  *
    1598                 :            :  *      break_lease (inlined for speed) has checked there already is at least
    1599                 :            :  *      some kind of lock (maybe a lease) on this file.  Leases are broken on
    1600                 :            :  *      a call to open() or truncate().  This function can sleep unless you
    1601                 :            :  *      specified %O_NONBLOCK to your open().
    1602                 :            :  */
    1603                 :          0 : int __break_lease(struct inode *inode, unsigned int mode, unsigned int type)
    1604                 :            : {
    1605                 :          0 :         int error = 0;
    1606                 :          0 :         struct file_lock_context *ctx;
    1607                 :          0 :         struct file_lock *new_fl, *fl, *tmp;
    1608                 :          0 :         unsigned long break_time;
    1609                 :          0 :         int want_write = (mode & O_ACCMODE) != O_RDONLY;
    1610                 :          0 :         LIST_HEAD(dispose);
    1611                 :            : 
    1612                 :          0 :         new_fl = lease_alloc(NULL, want_write ? F_WRLCK : F_RDLCK);
    1613         [ #  # ]:          0 :         if (IS_ERR(new_fl))
    1614                 :          0 :                 return PTR_ERR(new_fl);
    1615                 :          0 :         new_fl->fl_flags = type;
    1616                 :            : 
    1617                 :            :         /* typically we will check that ctx is non-NULL before calling */
    1618                 :          0 :         ctx = smp_load_acquire(&inode->i_flctx);
    1619         [ #  # ]:          0 :         if (!ctx) {
    1620                 :          0 :                 WARN_ON_ONCE(1);
    1621                 :          0 :                 goto free_lock;
    1622                 :            :         }
    1623                 :            : 
    1624                 :          0 :         percpu_down_read(&file_rwsem);
    1625                 :          0 :         spin_lock(&ctx->flc_lock);
    1626                 :            : 
    1627                 :          0 :         time_out_leases(inode, &dispose);
    1628                 :            : 
    1629         [ #  # ]:          0 :         if (!any_leases_conflict(inode, new_fl))
    1630                 :          0 :                 goto out;
    1631                 :            : 
    1632                 :          0 :         break_time = 0;
    1633         [ #  # ]:          0 :         if (lease_break_time > 0) {
    1634                 :          0 :                 break_time = jiffies + lease_break_time * HZ;
    1635                 :          0 :                 if (break_time == 0)
    1636                 :            :                         break_time++;   /* so that 0 means no break time */
    1637                 :            :         }
    1638                 :            : 
    1639         [ #  # ]:          0 :         list_for_each_entry_safe(fl, tmp, &ctx->flc_lease, fl_list) {
    1640         [ #  # ]:          0 :                 if (!leases_conflict(fl, new_fl))
    1641                 :          0 :                         continue;
    1642         [ #  # ]:          0 :                 if (want_write) {
    1643         [ #  # ]:          0 :                         if (fl->fl_flags & FL_UNLOCK_PENDING)
    1644                 :          0 :                                 continue;
    1645                 :          0 :                         fl->fl_flags |= FL_UNLOCK_PENDING;
    1646                 :          0 :                         fl->fl_break_time = break_time;
    1647                 :            :                 } else {
    1648         [ #  # ]:          0 :                         if (lease_breaking(fl))
    1649                 :          0 :                                 continue;
    1650                 :          0 :                         fl->fl_flags |= FL_DOWNGRADE_PENDING;
    1651                 :          0 :                         fl->fl_downgrade_time = break_time;
    1652                 :            :                 }
    1653         [ #  # ]:          0 :                 if (fl->fl_lmops->lm_break(fl))
    1654                 :          0 :                         locks_delete_lock_ctx(fl, &dispose);
    1655                 :            :         }
    1656                 :            : 
    1657         [ #  # ]:          0 :         if (list_empty(&ctx->flc_lease))
    1658                 :          0 :                 goto out;
    1659                 :            : 
    1660         [ #  # ]:          0 :         if (mode & O_NONBLOCK) {
    1661                 :          0 :                 trace_break_lease_noblock(inode, new_fl);
    1662                 :          0 :                 error = -EWOULDBLOCK;
    1663                 :          0 :                 goto out;
    1664                 :            :         }
    1665                 :            : 
    1666                 :          0 : restart:
    1667                 :          0 :         fl = list_first_entry(&ctx->flc_lease, struct file_lock, fl_list);
    1668                 :          0 :         break_time = fl->fl_break_time;
    1669         [ #  # ]:          0 :         if (break_time != 0)
    1670                 :          0 :                 break_time -= jiffies;
    1671                 :          0 :         if (break_time == 0)
    1672                 :            :                 break_time++;
    1673                 :          0 :         locks_insert_block(fl, new_fl, leases_conflict);
    1674                 :          0 :         trace_break_lease_block(inode, new_fl);
    1675                 :          0 :         spin_unlock(&ctx->flc_lock);
    1676                 :          0 :         percpu_up_read(&file_rwsem);
    1677                 :            : 
    1678                 :          0 :         locks_dispose_list(&dispose);
    1679   [ #  #  #  #  :          0 :         error = wait_event_interruptible_timeout(new_fl->fl_wait,
          #  #  #  #  #  
                      # ]
    1680                 :            :                                         list_empty(&new_fl->fl_blocked_member),
    1681                 :            :                                         break_time);
    1682                 :            : 
    1683                 :          0 :         percpu_down_read(&file_rwsem);
    1684                 :          0 :         spin_lock(&ctx->flc_lock);
    1685                 :          0 :         trace_break_lease_unblock(inode, new_fl);
    1686                 :          0 :         locks_delete_block(new_fl);
    1687         [ #  # ]:          0 :         if (error >= 0) {
    1688                 :            :                 /*
    1689                 :            :                  * Wait for the next conflicting lease that has not been
    1690                 :            :                  * broken yet
    1691                 :            :                  */
    1692         [ #  # ]:          0 :                 if (error == 0)
    1693                 :          0 :                         time_out_leases(inode, &dispose);
    1694         [ #  # ]:          0 :                 if (any_leases_conflict(inode, new_fl))
    1695                 :          0 :                         goto restart;
    1696                 :            :                 error = 0;
    1697                 :            :         }
    1698                 :          0 : out:
    1699                 :          0 :         spin_unlock(&ctx->flc_lock);
    1700                 :          0 :         percpu_up_read(&file_rwsem);
    1701                 :          0 :         locks_dispose_list(&dispose);
    1702                 :          0 : free_lock:
    1703                 :          0 :         locks_free_lock(new_fl);
    1704                 :          0 :         return error;
    1705                 :            : }
    1706                 :            : EXPORT_SYMBOL(__break_lease);
    1707                 :            : 
    1708                 :            : /**
    1709                 :            :  *      lease_get_mtime - update modified time of an inode with exclusive lease
    1710                 :            :  *      @inode: the inode
    1711                 :            :  *      @time:  pointer to a timespec which contains the last modified time
    1712                 :            :  *
    1713                 :            :  * This is to force NFS clients to flush their caches for files with
    1714                 :            :  * exclusive leases.  The justification is that if someone has an
    1715                 :            :  * exclusive lease, then they could be modifying it.
    1716                 :            :  */
    1717                 :          0 : void lease_get_mtime(struct inode *inode, struct timespec64 *time)
    1718                 :            : {
    1719                 :          0 :         bool has_lease = false;
    1720                 :          0 :         struct file_lock_context *ctx;
    1721                 :          0 :         struct file_lock *fl;
    1722                 :            : 
    1723                 :          0 :         ctx = smp_load_acquire(&inode->i_flctx);
    1724   [ #  #  #  # ]:          0 :         if (ctx && !list_empty_careful(&ctx->flc_lease)) {
    1725                 :          0 :                 spin_lock(&ctx->flc_lock);
    1726         [ #  # ]:          0 :                 fl = list_first_entry_or_null(&ctx->flc_lease,
    1727                 :            :                                               struct file_lock, fl_list);
    1728   [ #  #  #  # ]:          0 :                 if (fl && (fl->fl_type == F_WRLCK))
    1729                 :          0 :                         has_lease = true;
    1730                 :          0 :                 spin_unlock(&ctx->flc_lock);
    1731                 :            :         }
    1732                 :            : 
    1733         [ #  # ]:          0 :         if (has_lease)
    1734                 :          0 :                 *time = current_time(inode);
    1735                 :          0 : }
    1736                 :            : EXPORT_SYMBOL(lease_get_mtime);
    1737                 :            : 
    1738                 :            : /**
    1739                 :            :  *      fcntl_getlease - Enquire what lease is currently active
    1740                 :            :  *      @filp: the file
    1741                 :            :  *
    1742                 :            :  *      The value returned by this function will be one of
    1743                 :            :  *      (if no lease break is pending):
    1744                 :            :  *
    1745                 :            :  *      %F_RDLCK to indicate a shared lease is held.
    1746                 :            :  *
    1747                 :            :  *      %F_WRLCK to indicate an exclusive lease is held.
    1748                 :            :  *
    1749                 :            :  *      %F_UNLCK to indicate no lease is held.
    1750                 :            :  *
    1751                 :            :  *      (if a lease break is pending):
    1752                 :            :  *
    1753                 :            :  *      %F_RDLCK to indicate an exclusive lease needs to be
    1754                 :            :  *              changed to a shared lease (or removed).
    1755                 :            :  *
    1756                 :            :  *      %F_UNLCK to indicate the lease needs to be removed.
    1757                 :            :  *
    1758                 :            :  *      XXX: sfr & willy disagree over whether F_INPROGRESS
    1759                 :            :  *      should be returned to userspace.
    1760                 :            :  */
    1761                 :          0 : int fcntl_getlease(struct file *filp)
    1762                 :            : {
    1763                 :          0 :         struct file_lock *fl;
    1764                 :          0 :         struct inode *inode = locks_inode(filp);
    1765                 :          0 :         struct file_lock_context *ctx;
    1766                 :          0 :         int type = F_UNLCK;
    1767                 :          0 :         LIST_HEAD(dispose);
    1768                 :            : 
    1769                 :          0 :         ctx = smp_load_acquire(&inode->i_flctx);
    1770   [ #  #  #  # ]:          0 :         if (ctx && !list_empty_careful(&ctx->flc_lease)) {
    1771                 :          0 :                 percpu_down_read(&file_rwsem);
    1772                 :          0 :                 spin_lock(&ctx->flc_lock);
    1773                 :          0 :                 time_out_leases(inode, &dispose);
    1774         [ #  # ]:          0 :                 list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
    1775         [ #  # ]:          0 :                         if (fl->fl_file != filp)
    1776                 :          0 :                                 continue;
    1777         [ #  # ]:          0 :                         type = target_leasetype(fl);
    1778                 :            :                         break;
    1779                 :            :                 }
    1780                 :          0 :                 spin_unlock(&ctx->flc_lock);
    1781                 :          0 :                 percpu_up_read(&file_rwsem);
    1782                 :            : 
    1783                 :          0 :                 locks_dispose_list(&dispose);
    1784                 :            :         }
    1785                 :          0 :         return type;
    1786                 :            : }
    1787                 :            : 
    1788                 :            : /**
    1789                 :            :  * check_conflicting_open - see if the given file points to an inode that has
    1790                 :            :  *                          an existing open that would conflict with the
    1791                 :            :  *                          desired lease.
    1792                 :            :  * @filp:       file to check
    1793                 :            :  * @arg:        type of lease that we're trying to acquire
    1794                 :            :  * @flags:      current lock flags
    1795                 :            :  *
    1796                 :            :  * Check to see if there's an existing open fd on this file that would
    1797                 :            :  * conflict with the lease we're trying to set.
    1798                 :            :  */
    1799                 :            : static int
    1800                 :          0 : check_conflicting_open(struct file *filp, const long arg, int flags)
    1801                 :            : {
    1802         [ #  # ]:          0 :         struct inode *inode = locks_inode(filp);
    1803                 :          0 :         int self_wcount = 0, self_rcount = 0;
    1804                 :            : 
    1805         [ #  # ]:          0 :         if (flags & FL_LAYOUT)
    1806                 :            :                 return 0;
    1807                 :            : 
    1808         [ #  # ]:          0 :         if (arg == F_RDLCK)
    1809         [ #  # ]:          0 :                 return inode_is_open_for_write(inode) ? -EAGAIN : 0;
    1810         [ #  # ]:          0 :         else if (arg != F_WRLCK)
    1811                 :            :                 return 0;
    1812                 :            : 
    1813                 :            :         /*
    1814                 :            :          * Make sure that only read/write count is from lease requestor.
    1815                 :            :          * Note that this will result in denying write leases when i_writecount
    1816                 :            :          * is negative, which is what we want.  (We shouldn't grant write leases
    1817                 :            :          * on files open for execution.)
    1818                 :            :          */
    1819         [ #  # ]:          0 :         if (filp->f_mode & FMODE_WRITE)
    1820                 :            :                 self_wcount = 1;
    1821                 :          0 :         else if (filp->f_mode & FMODE_READ)
    1822                 :            :                 self_rcount = 1;
    1823                 :            : 
    1824   [ #  #  #  # ]:          0 :         if (atomic_read(&inode->i_writecount) != self_wcount ||
    1825                 :          0 :             atomic_read(&inode->i_readcount) != self_rcount)
    1826                 :          0 :                 return -EAGAIN;
    1827                 :            : 
    1828                 :            :         return 0;
    1829                 :            : }
    1830                 :            : 
    1831                 :            : static int
    1832                 :          0 : generic_add_lease(struct file *filp, long arg, struct file_lock **flp, void **priv)
    1833                 :            : {
    1834                 :          0 :         struct file_lock *fl, *my_fl = NULL, *lease;
    1835                 :          0 :         struct inode *inode = locks_inode(filp);
    1836                 :          0 :         struct file_lock_context *ctx;
    1837                 :          0 :         bool is_deleg = (*flp)->fl_flags & FL_DELEG;
    1838                 :          0 :         int error;
    1839                 :          0 :         LIST_HEAD(dispose);
    1840                 :            : 
    1841                 :          0 :         lease = *flp;
    1842                 :          0 :         trace_generic_add_lease(inode, lease);
    1843                 :            : 
    1844                 :            :         /* Note that arg is never F_UNLCK here */
    1845                 :          0 :         ctx = locks_get_lock_context(inode, arg);
    1846         [ #  # ]:          0 :         if (!ctx)
    1847                 :            :                 return -ENOMEM;
    1848                 :            : 
    1849                 :            :         /*
    1850                 :            :          * In the delegation case we need mutual exclusion with
    1851                 :            :          * a number of operations that take the i_mutex.  We trylock
    1852                 :            :          * because delegations are an optional optimization, and if
    1853                 :            :          * there's some chance of a conflict--we'd rather not
    1854                 :            :          * bother, maybe that's a sign this just isn't a good file to
    1855                 :            :          * hand out a delegation on.
    1856                 :            :          */
    1857   [ #  #  #  # ]:          0 :         if (is_deleg && !inode_trylock(inode))
    1858                 :            :                 return -EAGAIN;
    1859                 :            : 
    1860         [ #  # ]:          0 :         if (is_deleg && arg == F_WRLCK) {
    1861                 :            :                 /* Write delegations are not currently supported: */
    1862                 :          0 :                 inode_unlock(inode);
    1863                 :          0 :                 WARN_ON_ONCE(1);
    1864                 :          0 :                 return -EINVAL;
    1865                 :            :         }
    1866                 :            : 
    1867                 :          0 :         percpu_down_read(&file_rwsem);
    1868                 :          0 :         spin_lock(&ctx->flc_lock);
    1869                 :          0 :         time_out_leases(inode, &dispose);
    1870                 :          0 :         error = check_conflicting_open(filp, arg, lease->fl_flags);
    1871         [ #  # ]:          0 :         if (error)
    1872                 :          0 :                 goto out;
    1873                 :            : 
    1874                 :            :         /*
    1875                 :            :          * At this point, we know that if there is an exclusive
    1876                 :            :          * lease on this file, then we hold it on this filp
    1877                 :            :          * (otherwise our open of this file would have blocked).
    1878                 :            :          * And if we are trying to acquire an exclusive lease,
    1879                 :            :          * then the file is not open by anyone (including us)
    1880                 :            :          * except for this filp.
    1881                 :            :          */
    1882                 :          0 :         error = -EAGAIN;
    1883         [ #  # ]:          0 :         list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
    1884         [ #  # ]:          0 :                 if (fl->fl_file == filp &&
    1885         [ #  # ]:          0 :                     fl->fl_owner == lease->fl_owner) {
    1886                 :          0 :                         my_fl = fl;
    1887                 :          0 :                         continue;
    1888                 :            :                 }
    1889                 :            : 
    1890                 :            :                 /*
    1891                 :            :                  * No exclusive leases if someone else has a lease on
    1892                 :            :                  * this file:
    1893                 :            :                  */
    1894         [ #  # ]:          0 :                 if (arg == F_WRLCK)
    1895                 :          0 :                         goto out;
    1896                 :            :                 /*
    1897                 :            :                  * Modifying our existing lease is OK, but no getting a
    1898                 :            :                  * new lease if someone else is opening for write:
    1899                 :            :                  */
    1900         [ #  # ]:          0 :                 if (fl->fl_flags & FL_UNLOCK_PENDING)
    1901                 :          0 :                         goto out;
    1902                 :            :         }
    1903                 :            : 
    1904         [ #  # ]:          0 :         if (my_fl != NULL) {
    1905                 :          0 :                 lease = my_fl;
    1906                 :          0 :                 error = lease->fl_lmops->lm_change(lease, arg, &dispose);
    1907         [ #  # ]:          0 :                 if (error)
    1908                 :          0 :                         goto out;
    1909                 :          0 :                 goto out_setup;
    1910                 :            :         }
    1911                 :            : 
    1912                 :          0 :         error = -EINVAL;
    1913         [ #  # ]:          0 :         if (!leases_enable)
    1914                 :          0 :                 goto out;
    1915                 :            : 
    1916                 :          0 :         locks_insert_lock_ctx(lease, &ctx->flc_lease);
    1917                 :            :         /*
    1918                 :            :          * The check in break_lease() is lockless. It's possible for another
    1919                 :            :          * open to race in after we did the earlier check for a conflicting
    1920                 :            :          * open but before the lease was inserted. Check again for a
    1921                 :            :          * conflicting open and cancel the lease if there is one.
    1922                 :            :          *
    1923                 :            :          * We also add a barrier here to ensure that the insertion of the lock
    1924                 :            :          * precedes these checks.
    1925                 :            :          */
    1926                 :          0 :         smp_mb();
    1927                 :          0 :         error = check_conflicting_open(filp, arg, lease->fl_flags);
    1928         [ #  # ]:          0 :         if (error) {
    1929                 :          0 :                 locks_unlink_lock_ctx(lease);
    1930                 :          0 :                 goto out;
    1931                 :            :         }
    1932                 :            : 
    1933                 :          0 : out_setup:
    1934         [ #  # ]:          0 :         if (lease->fl_lmops->lm_setup)
    1935                 :          0 :                 lease->fl_lmops->lm_setup(lease, priv);
    1936                 :          0 : out:
    1937                 :          0 :         spin_unlock(&ctx->flc_lock);
    1938                 :          0 :         percpu_up_read(&file_rwsem);
    1939                 :          0 :         locks_dispose_list(&dispose);
    1940         [ #  # ]:          0 :         if (is_deleg)
    1941                 :          0 :                 inode_unlock(inode);
    1942         [ #  # ]:          0 :         if (!error && !my_fl)
    1943                 :          0 :                 *flp = NULL;
    1944                 :            :         return error;
    1945                 :            : }
    1946                 :            : 
    1947                 :          0 : static int generic_delete_lease(struct file *filp, void *owner)
    1948                 :            : {
    1949                 :          0 :         int error = -EAGAIN;
    1950                 :          0 :         struct file_lock *fl, *victim = NULL;
    1951                 :          0 :         struct inode *inode = locks_inode(filp);
    1952                 :          0 :         struct file_lock_context *ctx;
    1953                 :          0 :         LIST_HEAD(dispose);
    1954                 :            : 
    1955                 :          0 :         ctx = smp_load_acquire(&inode->i_flctx);
    1956         [ #  # ]:          0 :         if (!ctx) {
    1957                 :          0 :                 trace_generic_delete_lease(inode, NULL);
    1958                 :          0 :                 return error;
    1959                 :            :         }
    1960                 :            : 
    1961                 :          0 :         percpu_down_read(&file_rwsem);
    1962                 :          0 :         spin_lock(&ctx->flc_lock);
    1963         [ #  # ]:          0 :         list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
    1964         [ #  # ]:          0 :                 if (fl->fl_file == filp &&
    1965         [ #  # ]:          0 :                     fl->fl_owner == owner) {
    1966                 :            :                         victim = fl;
    1967                 :            :                         break;
    1968                 :            :                 }
    1969                 :            :         }
    1970                 :          0 :         trace_generic_delete_lease(inode, victim);
    1971         [ #  # ]:          0 :         if (victim)
    1972                 :          0 :                 error = fl->fl_lmops->lm_change(victim, F_UNLCK, &dispose);
    1973                 :          0 :         spin_unlock(&ctx->flc_lock);
    1974                 :          0 :         percpu_up_read(&file_rwsem);
    1975                 :          0 :         locks_dispose_list(&dispose);
    1976                 :          0 :         return error;
    1977                 :            : }
    1978                 :            : 
    1979                 :            : /**
    1980                 :            :  *      generic_setlease        -       sets a lease on an open file
    1981                 :            :  *      @filp:  file pointer
    1982                 :            :  *      @arg:   type of lease to obtain
    1983                 :            :  *      @flp:   input - file_lock to use, output - file_lock inserted
    1984                 :            :  *      @priv:  private data for lm_setup (may be NULL if lm_setup
    1985                 :            :  *              doesn't require it)
    1986                 :            :  *
    1987                 :            :  *      The (input) flp->fl_lmops->lm_break function is required
    1988                 :            :  *      by break_lease().
    1989                 :            :  */
    1990                 :          0 : int generic_setlease(struct file *filp, long arg, struct file_lock **flp,
    1991                 :            :                         void **priv)
    1992                 :            : {
    1993         [ #  # ]:          0 :         struct inode *inode = locks_inode(filp);
    1994                 :          0 :         int error;
    1995                 :            : 
    1996   [ #  #  #  # ]:          0 :         if ((!uid_eq(current_fsuid(), inode->i_uid)) && !capable(CAP_LEASE))
    1997                 :            :                 return -EACCES;
    1998         [ #  # ]:          0 :         if (!S_ISREG(inode->i_mode))
    1999                 :            :                 return -EINVAL;
    2000                 :          0 :         error = security_file_lock(filp, arg);
    2001         [ #  # ]:          0 :         if (error)
    2002                 :            :                 return error;
    2003                 :            : 
    2004      [ #  #  # ]:          0 :         switch (arg) {
    2005                 :          0 :         case F_UNLCK:
    2006                 :          0 :                 return generic_delete_lease(filp, *priv);
    2007                 :          0 :         case F_RDLCK:
    2008                 :            :         case F_WRLCK:
    2009         [ #  # ]:          0 :                 if (!(*flp)->fl_lmops->lm_break) {
    2010                 :          0 :                         WARN_ON_ONCE(1);
    2011                 :          0 :                         return -ENOLCK;
    2012                 :            :                 }
    2013                 :            : 
    2014                 :          0 :                 return generic_add_lease(filp, arg, flp, priv);
    2015                 :            :         default:
    2016                 :            :                 return -EINVAL;
    2017                 :            :         }
    2018                 :            : }
    2019                 :            : EXPORT_SYMBOL(generic_setlease);
    2020                 :            : 
    2021                 :            : #if IS_ENABLED(CONFIG_SRCU)
    2022                 :            : /*
    2023                 :            :  * Kernel subsystems can register to be notified on any attempt to set
    2024                 :            :  * a new lease with the lease_notifier_chain. This is used by (e.g.) nfsd
    2025                 :            :  * to close files that it may have cached when there is an attempt to set a
    2026                 :            :  * conflicting lease.
    2027                 :            :  */
    2028                 :            : static struct srcu_notifier_head lease_notifier_chain;
    2029                 :            : 
    2030                 :            : static inline void
    2031                 :         78 : lease_notifier_chain_init(void)
    2032                 :            : {
    2033                 :         78 :         srcu_init_notifier_head(&lease_notifier_chain);
    2034                 :            : }
    2035                 :            : 
    2036                 :            : static inline void
    2037                 :          0 : setlease_notifier(long arg, struct file_lock *lease)
    2038                 :            : {
    2039                 :          0 :         if (arg != F_UNLCK)
    2040                 :          0 :                 srcu_notifier_call_chain(&lease_notifier_chain, arg, lease);
    2041                 :            : }
    2042                 :            : 
    2043                 :          0 : int lease_register_notifier(struct notifier_block *nb)
    2044                 :            : {
    2045                 :          0 :         return srcu_notifier_chain_register(&lease_notifier_chain, nb);
    2046                 :            : }
    2047                 :            : EXPORT_SYMBOL_GPL(lease_register_notifier);
    2048                 :            : 
    2049                 :          0 : void lease_unregister_notifier(struct notifier_block *nb)
    2050                 :            : {
    2051                 :          0 :         srcu_notifier_chain_unregister(&lease_notifier_chain, nb);
    2052                 :          0 : }
    2053                 :            : EXPORT_SYMBOL_GPL(lease_unregister_notifier);
    2054                 :            : 
    2055                 :            : #else /* !IS_ENABLED(CONFIG_SRCU) */
    2056                 :            : static inline void
    2057                 :            : lease_notifier_chain_init(void)
    2058                 :            : {
    2059                 :            : }
    2060                 :            : 
    2061                 :            : static inline void
    2062                 :            : setlease_notifier(long arg, struct file_lock *lease)
    2063                 :            : {
    2064                 :            : }
    2065                 :            : 
    2066                 :            : int lease_register_notifier(struct notifier_block *nb)
    2067                 :            : {
    2068                 :            :         return 0;
    2069                 :            : }
    2070                 :            : EXPORT_SYMBOL_GPL(lease_register_notifier);
    2071                 :            : 
    2072                 :            : void lease_unregister_notifier(struct notifier_block *nb)
    2073                 :            : {
    2074                 :            : }
    2075                 :            : EXPORT_SYMBOL_GPL(lease_unregister_notifier);
    2076                 :            : 
    2077                 :            : #endif /* IS_ENABLED(CONFIG_SRCU) */
    2078                 :            : 
    2079                 :            : /**
    2080                 :            :  * vfs_setlease        -       sets a lease on an open file
    2081                 :            :  * @filp:       file pointer
    2082                 :            :  * @arg:        type of lease to obtain
    2083                 :            :  * @lease:      file_lock to use when adding a lease
    2084                 :            :  * @priv:       private info for lm_setup when adding a lease (may be
    2085                 :            :  *              NULL if lm_setup doesn't require it)
    2086                 :            :  *
    2087                 :            :  * Call this to establish a lease on the file. The "lease" argument is not
    2088                 :            :  * used for F_UNLCK requests and may be NULL. For commands that set or alter
    2089                 :            :  * an existing lease, the ``(*lease)->fl_lmops->lm_break`` operation must be
    2090                 :            :  * set; if not, this function will return -ENOLCK (and generate a scary-looking
    2091                 :            :  * stack trace).
    2092                 :            :  *
    2093                 :            :  * The "priv" pointer is passed directly to the lm_setup function as-is. It
    2094                 :            :  * may be NULL if the lm_setup operation doesn't require it.
    2095                 :            :  */
    2096                 :            : int
    2097                 :          0 : vfs_setlease(struct file *filp, long arg, struct file_lock **lease, void **priv)
    2098                 :            : {
    2099         [ #  # ]:          0 :         if (lease)
    2100         [ #  # ]:          0 :                 setlease_notifier(arg, *lease);
    2101         [ #  # ]:          0 :         if (filp->f_op->setlease)
    2102                 :          0 :                 return filp->f_op->setlease(filp, arg, lease, priv);
    2103                 :            :         else
    2104                 :          0 :                 return generic_setlease(filp, arg, lease, priv);
    2105                 :            : }
    2106                 :            : EXPORT_SYMBOL_GPL(vfs_setlease);
    2107                 :            : 
    2108                 :          0 : static int do_fcntl_add_lease(unsigned int fd, struct file *filp, long arg)
    2109                 :            : {
    2110                 :          0 :         struct file_lock *fl;
    2111                 :          0 :         struct fasync_struct *new;
    2112                 :          0 :         int error;
    2113                 :            : 
    2114                 :          0 :         fl = lease_alloc(filp, arg);
    2115         [ #  # ]:          0 :         if (IS_ERR(fl))
    2116                 :          0 :                 return PTR_ERR(fl);
    2117                 :            : 
    2118                 :          0 :         new = fasync_alloc();
    2119         [ #  # ]:          0 :         if (!new) {
    2120                 :          0 :                 locks_free_lock(fl);
    2121                 :          0 :                 return -ENOMEM;
    2122                 :            :         }
    2123                 :          0 :         new->fa_fd = fd;
    2124                 :            : 
    2125                 :          0 :         error = vfs_setlease(filp, arg, &fl, (void **)&new);
    2126         [ #  # ]:          0 :         if (fl)
    2127                 :          0 :                 locks_free_lock(fl);
    2128         [ #  # ]:          0 :         if (new)
    2129                 :          0 :                 fasync_free(new);
    2130                 :            :         return error;
    2131                 :            : }
    2132                 :            : 
    2133                 :            : /**
    2134                 :            :  *      fcntl_setlease  -       sets a lease on an open file
    2135                 :            :  *      @fd: open file descriptor
    2136                 :            :  *      @filp: file pointer
    2137                 :            :  *      @arg: type of lease to obtain
    2138                 :            :  *
    2139                 :            :  *      Call this fcntl to establish a lease on the file.
    2140                 :            :  *      Note that you also need to call %F_SETSIG to
    2141                 :            :  *      receive a signal when the lease is broken.
    2142                 :            :  */
    2143                 :          0 : int fcntl_setlease(unsigned int fd, struct file *filp, long arg)
    2144                 :            : {
    2145         [ #  # ]:          0 :         if (arg == F_UNLCK)
    2146                 :          0 :                 return vfs_setlease(filp, F_UNLCK, NULL, (void **)&filp);
    2147                 :          0 :         return do_fcntl_add_lease(fd, filp, arg);
    2148                 :            : }
    2149                 :            : 
    2150                 :            : /**
    2151                 :            :  * flock_lock_inode_wait - Apply a FLOCK-style lock to a file
    2152                 :            :  * @inode: inode of the file to apply to
    2153                 :            :  * @fl: The lock to be applied
    2154                 :            :  *
    2155                 :            :  * Apply a FLOCK style lock request to an inode.
    2156                 :            :  */
    2157                 :        936 : static int flock_lock_inode_wait(struct inode *inode, struct file_lock *fl)
    2158                 :            : {
    2159                 :        936 :         int error;
    2160                 :        936 :         might_sleep();
    2161                 :        936 :         for (;;) {
    2162                 :        936 :                 error = flock_lock_inode(inode, fl);
    2163         [ -  + ]:        936 :                 if (error != FILE_LOCK_DEFERRED)
    2164                 :            :                         break;
    2165   [ #  #  #  #  :          0 :                 error = wait_event_interruptible(fl->fl_wait,
                   #  # ]
    2166                 :            :                                 list_empty(&fl->fl_blocked_member));
    2167         [ #  # ]:          0 :                 if (error)
    2168                 :            :                         break;
    2169                 :            :         }
    2170                 :        936 :         locks_delete_block(fl);
    2171                 :        936 :         return error;
    2172                 :            : }
    2173                 :            : 
    2174                 :            : /**
    2175                 :            :  * locks_lock_inode_wait - Apply a lock to an inode
    2176                 :            :  * @inode: inode of the file to apply to
    2177                 :            :  * @fl: The lock to be applied
    2178                 :            :  *
    2179                 :            :  * Apply a POSIX or FLOCK style lock request to an inode.
    2180                 :            :  */
    2181                 :        936 : int locks_lock_inode_wait(struct inode *inode, struct file_lock *fl)
    2182                 :            : {
    2183                 :        936 :         int res = 0;
    2184      [ -  +  - ]:        936 :         switch (fl->fl_flags & (FL_POSIX|FL_FLOCK)) {
    2185                 :          0 :                 case FL_POSIX:
    2186                 :          0 :                         res = posix_lock_inode_wait(inode, fl);
    2187                 :          0 :                         break;
    2188                 :        936 :                 case FL_FLOCK:
    2189                 :        936 :                         res = flock_lock_inode_wait(inode, fl);
    2190                 :        936 :                         break;
    2191                 :          0 :                 default:
    2192                 :          0 :                         BUG();
    2193                 :            :         }
    2194                 :        936 :         return res;
    2195                 :            : }
    2196                 :            : EXPORT_SYMBOL(locks_lock_inode_wait);
    2197                 :            : 
    2198                 :            : /**
    2199                 :            :  *      sys_flock: - flock() system call.
    2200                 :            :  *      @fd: the file descriptor to lock.
    2201                 :            :  *      @cmd: the type of lock to apply.
    2202                 :            :  *
    2203                 :            :  *      Apply a %FL_FLOCK style lock to an open file descriptor.
    2204                 :            :  *      The @cmd can be one of:
    2205                 :            :  *
    2206                 :            :  *      - %LOCK_SH -- a shared lock.
    2207                 :            :  *      - %LOCK_EX -- an exclusive lock.
    2208                 :            :  *      - %LOCK_UN -- remove an existing lock.
    2209                 :            :  *      - %LOCK_MAND -- a 'mandatory' flock.
    2210                 :            :  *        This exists to emulate Windows Share Modes.
    2211                 :            :  *
    2212                 :            :  *      %LOCK_MAND can be combined with %LOCK_READ or %LOCK_WRITE to allow other
    2213                 :            :  *      processes read and write access respectively.
    2214                 :            :  */
    2215                 :       1872 : SYSCALL_DEFINE2(flock, unsigned int, fd, unsigned int, cmd)
    2216                 :            : {
    2217                 :        936 :         struct fd f = fdget(fd);
    2218                 :        936 :         struct file_lock *lock;
    2219                 :        936 :         int can_sleep, unlock;
    2220                 :        936 :         int error;
    2221                 :            : 
    2222                 :        936 :         error = -EBADF;
    2223         [ -  + ]:        936 :         if (!f.file)
    2224                 :          0 :                 goto out;
    2225                 :            : 
    2226                 :        936 :         can_sleep = !(cmd & LOCK_NB);
    2227                 :        936 :         cmd &= ~LOCK_NB;
    2228                 :        936 :         unlock = (cmd == LOCK_UN);
    2229                 :            : 
    2230   [ +  -  +  - ]:        936 :         if (!unlock && !(cmd & LOCK_MAND) &&
    2231         [ -  + ]:        936 :             !(f.file->f_mode & (FMODE_READ|FMODE_WRITE)))
    2232                 :          0 :                 goto out_putf;
    2233                 :            : 
    2234                 :        936 :         lock = flock_make_lock(f.file, cmd, NULL);
    2235         [ -  + ]:        936 :         if (IS_ERR(lock)) {
    2236                 :          0 :                 error = PTR_ERR(lock);
    2237                 :          0 :                 goto out_putf;
    2238                 :            :         }
    2239                 :            : 
    2240         [ -  + ]:        936 :         if (can_sleep)
    2241                 :          0 :                 lock->fl_flags |= FL_SLEEP;
    2242                 :            : 
    2243                 :        936 :         error = security_file_lock(f.file, lock->fl_type);
    2244         [ -  + ]:        936 :         if (error)
    2245                 :          0 :                 goto out_free;
    2246                 :            : 
    2247         [ -  + ]:        936 :         if (f.file->f_op->flock)
    2248         [ #  # ]:          0 :                 error = f.file->f_op->flock(f.file,
    2249                 :            :                                           (can_sleep) ? F_SETLKW : F_SETLK,
    2250                 :            :                                           lock);
    2251                 :            :         else
    2252                 :        936 :                 error = locks_lock_file_wait(f.file, lock);
    2253                 :            : 
    2254                 :        936 :  out_free:
    2255                 :        936 :         locks_free_lock(lock);
    2256                 :            : 
    2257                 :        936 :  out_putf:
    2258         [ -  + ]:        936 :         fdput(f);
    2259                 :        936 :  out:
    2260                 :        936 :         return error;
    2261                 :            : }
    2262                 :            : 
    2263                 :            : /**
    2264                 :            :  * vfs_test_lock - test file byte range lock
    2265                 :            :  * @filp: The file to test lock for
    2266                 :            :  * @fl: The lock to test; also used to hold result
    2267                 :            :  *
    2268                 :            :  * Returns -ERRNO on failure.  Indicates presence of conflicting lock by
    2269                 :            :  * setting conf->fl_type to something other than F_UNLCK.
    2270                 :            :  */
    2271                 :          0 : int vfs_test_lock(struct file *filp, struct file_lock *fl)
    2272                 :            : {
    2273         [ #  # ]:          0 :         if (filp->f_op->lock)
    2274                 :          0 :                 return filp->f_op->lock(filp, F_GETLK, fl);
    2275                 :          0 :         posix_test_lock(filp, fl);
    2276                 :          0 :         return 0;
    2277                 :            : }
    2278                 :            : EXPORT_SYMBOL_GPL(vfs_test_lock);
    2279                 :            : 
    2280                 :            : /**
    2281                 :            :  * locks_translate_pid - translate a file_lock's fl_pid number into a namespace
    2282                 :            :  * @fl: The file_lock who's fl_pid should be translated
    2283                 :            :  * @ns: The namespace into which the pid should be translated
    2284                 :            :  *
    2285                 :            :  * Used to tranlate a fl_pid into a namespace virtual pid number
    2286                 :            :  */
    2287                 :            : static pid_t locks_translate_pid(struct file_lock *fl, struct pid_namespace *ns)
    2288                 :            : {
    2289                 :            :         pid_t vnr;
    2290                 :            :         struct pid *pid;
    2291                 :            : 
    2292                 :            :         if (IS_OFDLCK(fl))
    2293                 :            :                 return -1;
    2294                 :            :         if (IS_REMOTELCK(fl))
    2295                 :            :                 return fl->fl_pid;
    2296                 :            :         /*
    2297                 :            :          * If the flock owner process is dead and its pid has been already
    2298                 :            :          * freed, the translation below won't work, but we still want to show
    2299                 :            :          * flock owner pid number in init pidns.
    2300                 :            :          */
    2301                 :            :         if (ns == &init_pid_ns)
    2302                 :            :                 return (pid_t)fl->fl_pid;
    2303                 :            : 
    2304                 :            :         rcu_read_lock();
    2305                 :            :         pid = find_pid_ns(fl->fl_pid, &init_pid_ns);
    2306                 :            :         vnr = pid_nr_ns(pid, ns);
    2307                 :            :         rcu_read_unlock();
    2308                 :            :         return vnr;
    2309                 :            : }
    2310                 :            : 
    2311                 :          0 : static int posix_lock_to_flock(struct flock *flock, struct file_lock *fl)
    2312                 :            : {
    2313                 :          0 :         flock->l_pid = locks_translate_pid(fl, task_active_pid_ns(current));
    2314                 :            : #if BITS_PER_LONG == 32
    2315                 :            :         /*
    2316                 :            :          * Make sure we can represent the posix lock via
    2317                 :            :          * legacy 32bit flock.
    2318                 :            :          */
    2319                 :            :         if (fl->fl_start > OFFT_OFFSET_MAX)
    2320                 :            :                 return -EOVERFLOW;
    2321                 :            :         if (fl->fl_end != OFFSET_MAX && fl->fl_end > OFFT_OFFSET_MAX)
    2322                 :            :                 return -EOVERFLOW;
    2323                 :            : #endif
    2324                 :          0 :         flock->l_start = fl->fl_start;
    2325         [ #  # ]:          0 :         flock->l_len = fl->fl_end == OFFSET_MAX ? 0 :
    2326                 :          0 :                 fl->fl_end - fl->fl_start + 1;
    2327                 :          0 :         flock->l_whence = 0;
    2328                 :          0 :         flock->l_type = fl->fl_type;
    2329                 :          0 :         return 0;
    2330                 :            : }
    2331                 :            : 
    2332                 :            : #if BITS_PER_LONG == 32
    2333                 :            : static void posix_lock_to_flock64(struct flock64 *flock, struct file_lock *fl)
    2334                 :            : {
    2335                 :            :         flock->l_pid = locks_translate_pid(fl, task_active_pid_ns(current));
    2336                 :            :         flock->l_start = fl->fl_start;
    2337                 :            :         flock->l_len = fl->fl_end == OFFSET_MAX ? 0 :
    2338                 :            :                 fl->fl_end - fl->fl_start + 1;
    2339                 :            :         flock->l_whence = 0;
    2340                 :            :         flock->l_type = fl->fl_type;
    2341                 :            : }
    2342                 :            : #endif
    2343                 :            : 
    2344                 :            : /* Report the first existing lock that would conflict with l.
    2345                 :            :  * This implements the F_GETLK command of fcntl().
    2346                 :            :  */
    2347                 :          0 : int fcntl_getlk(struct file *filp, unsigned int cmd, struct flock *flock)
    2348                 :            : {
    2349                 :          0 :         struct file_lock *fl;
    2350                 :          0 :         int error;
    2351                 :            : 
    2352                 :          0 :         fl = locks_alloc_lock();
    2353         [ #  # ]:          0 :         if (fl == NULL)
    2354                 :            :                 return -ENOMEM;
    2355                 :          0 :         error = -EINVAL;
    2356         [ #  # ]:          0 :         if (flock->l_type != F_RDLCK && flock->l_type != F_WRLCK)
    2357                 :          0 :                 goto out;
    2358                 :            : 
    2359                 :          0 :         error = flock_to_posix_lock(filp, fl, flock);
    2360         [ #  # ]:          0 :         if (error)
    2361                 :          0 :                 goto out;
    2362                 :            : 
    2363         [ #  # ]:          0 :         if (cmd == F_OFD_GETLK) {
    2364                 :          0 :                 error = -EINVAL;
    2365         [ #  # ]:          0 :                 if (flock->l_pid != 0)
    2366                 :          0 :                         goto out;
    2367                 :            : 
    2368                 :          0 :                 cmd = F_GETLK;
    2369                 :          0 :                 fl->fl_flags |= FL_OFDLCK;
    2370                 :          0 :                 fl->fl_owner = filp;
    2371                 :            :         }
    2372                 :            : 
    2373                 :          0 :         error = vfs_test_lock(filp, fl);
    2374         [ #  # ]:          0 :         if (error)
    2375                 :          0 :                 goto out;
    2376                 :            : 
    2377                 :          0 :         flock->l_type = fl->fl_type;
    2378         [ #  # ]:          0 :         if (fl->fl_type != F_UNLCK) {
    2379                 :          0 :                 error = posix_lock_to_flock(flock, fl);
    2380         [ #  # ]:          0 :                 if (error)
    2381                 :          0 :                         goto out;
    2382                 :            :         }
    2383                 :          0 : out:
    2384                 :          0 :         locks_free_lock(fl);
    2385                 :          0 :         return error;
    2386                 :            : }
    2387                 :            : 
    2388                 :            : /**
    2389                 :            :  * vfs_lock_file - file byte range lock
    2390                 :            :  * @filp: The file to apply the lock to
    2391                 :            :  * @cmd: type of locking operation (F_SETLK, F_GETLK, etc.)
    2392                 :            :  * @fl: The lock to be applied
    2393                 :            :  * @conf: Place to return a copy of the conflicting lock, if found.
    2394                 :            :  *
    2395                 :            :  * A caller that doesn't care about the conflicting lock may pass NULL
    2396                 :            :  * as the final argument.
    2397                 :            :  *
    2398                 :            :  * If the filesystem defines a private ->lock() method, then @conf will
    2399                 :            :  * be left unchanged; so a caller that cares should initialize it to
    2400                 :            :  * some acceptable default.
    2401                 :            :  *
    2402                 :            :  * To avoid blocking kernel daemons, such as lockd, that need to acquire POSIX
    2403                 :            :  * locks, the ->lock() interface may return asynchronously, before the lock has
    2404                 :            :  * been granted or denied by the underlying filesystem, if (and only if)
    2405                 :            :  * lm_grant is set. Callers expecting ->lock() to return asynchronously
    2406                 :            :  * will only use F_SETLK, not F_SETLKW; they will set FL_SLEEP if (and only if)
    2407                 :            :  * the request is for a blocking lock. When ->lock() does return asynchronously,
    2408                 :            :  * it must return FILE_LOCK_DEFERRED, and call ->lm_grant() when the lock
    2409                 :            :  * request completes.
    2410                 :            :  * If the request is for non-blocking lock the file system should return
    2411                 :            :  * FILE_LOCK_DEFERRED then try to get the lock and call the callback routine
    2412                 :            :  * with the result. If the request timed out the callback routine will return a
    2413                 :            :  * nonzero return code and the file system should release the lock. The file
    2414                 :            :  * system is also responsible to keep a corresponding posix lock when it
    2415                 :            :  * grants a lock so the VFS can find out which locks are locally held and do
    2416                 :            :  * the correct lock cleanup when required.
    2417                 :            :  * The underlying filesystem must not drop the kernel lock or call
    2418                 :            :  * ->lm_grant() before returning to the caller with a FILE_LOCK_DEFERRED
    2419                 :            :  * return code.
    2420                 :            :  */
    2421                 :       1404 : int vfs_lock_file(struct file *filp, unsigned int cmd, struct file_lock *fl, struct file_lock *conf)
    2422                 :            : {
    2423         [ -  + ]:       1404 :         if (filp->f_op->lock)
    2424                 :          0 :                 return filp->f_op->lock(filp, cmd, fl);
    2425                 :            :         else
    2426                 :       1404 :                 return posix_lock_file(filp, fl, conf);
    2427                 :            : }
    2428                 :            : EXPORT_SYMBOL_GPL(vfs_lock_file);
    2429                 :            : 
    2430                 :        624 : static int do_lock_file_wait(struct file *filp, unsigned int cmd,
    2431                 :            :                              struct file_lock *fl)
    2432                 :            : {
    2433                 :        624 :         int error;
    2434                 :            : 
    2435                 :        624 :         error = security_file_lock(filp, fl->fl_type);
    2436         [ +  - ]:        624 :         if (error)
    2437                 :            :                 return error;
    2438                 :            : 
    2439                 :        624 :         for (;;) {
    2440                 :        624 :                 error = vfs_lock_file(filp, cmd, fl, NULL);
    2441         [ -  + ]:        624 :                 if (error != FILE_LOCK_DEFERRED)
    2442                 :            :                         break;
    2443   [ #  #  #  #  :          0 :                 error = wait_event_interruptible(fl->fl_wait,
                   #  # ]
    2444                 :            :                                         list_empty(&fl->fl_blocked_member));
    2445         [ #  # ]:          0 :                 if (error)
    2446                 :            :                         break;
    2447                 :            :         }
    2448                 :        624 :         locks_delete_block(fl);
    2449                 :            : 
    2450                 :        624 :         return error;
    2451                 :            : }
    2452                 :            : 
    2453                 :            : /* Ensure that fl->fl_file has compatible f_mode for F_SETLK calls */
    2454                 :            : static int
    2455                 :        624 : check_fmode_for_setlk(struct file_lock *fl)
    2456                 :            : {
    2457                 :        624 :         switch (fl->fl_type) {
    2458                 :          0 :         case F_RDLCK:
    2459         [ #  # ]:          0 :                 if (!(fl->fl_file->f_mode & FMODE_READ))
    2460                 :            :                         return -EBADF;
    2461                 :            :                 break;
    2462                 :        546 :         case F_WRLCK:
    2463         [ -  + ]:        546 :                 if (!(fl->fl_file->f_mode & FMODE_WRITE))
    2464                 :            :                         return -EBADF;
    2465                 :            :         }
    2466                 :            :         return 0;
    2467                 :            : }
    2468                 :            : 
    2469                 :            : /* Apply the lock described by l to an open file descriptor.
    2470                 :            :  * This implements both the F_SETLK and F_SETLKW commands of fcntl().
    2471                 :            :  */
    2472                 :        624 : int fcntl_setlk(unsigned int fd, struct file *filp, unsigned int cmd,
    2473                 :            :                 struct flock *flock)
    2474                 :            : {
    2475                 :        624 :         struct file_lock *file_lock = locks_alloc_lock();
    2476         [ +  - ]:        624 :         struct inode *inode = locks_inode(filp);
    2477                 :        624 :         struct file *f;
    2478                 :        624 :         int error;
    2479                 :            : 
    2480         [ +  - ]:        624 :         if (file_lock == NULL)
    2481                 :            :                 return -ENOLCK;
    2482                 :            : 
    2483                 :            :         /* Don't allow mandatory locks on files that may be memory mapped
    2484                 :            :          * and shared.
    2485                 :            :          */
    2486   [ -  +  -  - ]:        624 :         if (mandatory_lock(inode) && mapping_writably_mapped(filp->f_mapping)) {
    2487                 :          0 :                 error = -EAGAIN;
    2488                 :          0 :                 goto out;
    2489                 :            :         }
    2490                 :            : 
    2491                 :        624 :         error = flock_to_posix_lock(filp, file_lock, flock);
    2492         [ -  + ]:        624 :         if (error)
    2493                 :          0 :                 goto out;
    2494                 :            : 
    2495      [ -  +  + ]:        624 :         error = check_fmode_for_setlk(file_lock);
    2496                 :            :         if (error)
    2497                 :          0 :                 goto out;
    2498                 :            : 
    2499                 :            :         /*
    2500                 :            :          * If the cmd is requesting file-private locks, then set the
    2501                 :            :          * FL_OFDLCK flag and override the owner.
    2502                 :            :          */
    2503   [ -  -  +  + ]:        624 :         switch (cmd) {
    2504                 :          0 :         case F_OFD_SETLK:
    2505                 :          0 :                 error = -EINVAL;
    2506         [ #  # ]:          0 :                 if (flock->l_pid != 0)
    2507                 :          0 :                         goto out;
    2508                 :            : 
    2509                 :          0 :                 cmd = F_SETLK;
    2510                 :          0 :                 file_lock->fl_flags |= FL_OFDLCK;
    2511                 :          0 :                 file_lock->fl_owner = filp;
    2512                 :          0 :                 break;
    2513                 :          0 :         case F_OFD_SETLKW:
    2514                 :          0 :                 error = -EINVAL;
    2515         [ #  # ]:          0 :                 if (flock->l_pid != 0)
    2516                 :          0 :                         goto out;
    2517                 :            : 
    2518                 :          0 :                 cmd = F_SETLKW;
    2519                 :          0 :                 file_lock->fl_flags |= FL_OFDLCK;
    2520                 :          0 :                 file_lock->fl_owner = filp;
    2521                 :            :                 /* Fallthrough */
    2522                 :        546 :         case F_SETLKW:
    2523                 :        546 :                 file_lock->fl_flags |= FL_SLEEP;
    2524                 :            :         }
    2525                 :            : 
    2526                 :        624 :         error = do_lock_file_wait(filp, cmd, file_lock);
    2527                 :            : 
    2528                 :            :         /*
    2529                 :            :          * Attempt to detect a close/fcntl race and recover by releasing the
    2530                 :            :          * lock that was just acquired. There is no need to do that when we're
    2531                 :            :          * unlocking though, or for OFD locks.
    2532                 :            :          */
    2533   [ -  +  +  + ]:        624 :         if (!error && file_lock->fl_type != F_UNLCK &&
    2534         [ -  + ]:        546 :             !(file_lock->fl_flags & FL_OFDLCK)) {
    2535                 :            :                 /*
    2536                 :            :                  * We need that spin_lock here - it prevents reordering between
    2537                 :            :                  * update of i_flctx->flc_posix and check for it done in
    2538                 :            :                  * close(). rcu_read_lock() wouldn't do.
    2539                 :            :                  */
    2540                 :        546 :                 spin_lock(&current->files->file_lock);
    2541         [ +  - ]:        546 :                 f = fcheck(fd);
    2542                 :        546 :                 spin_unlock(&current->files->file_lock);
    2543         [ +  - ]:        546 :                 if (f != filp) {
    2544                 :          0 :                         file_lock->fl_type = F_UNLCK;
    2545                 :          0 :                         error = do_lock_file_wait(filp, cmd, file_lock);
    2546         [ #  # ]:          0 :                         WARN_ON_ONCE(error);
    2547                 :            :                         error = -EBADF;
    2548                 :            :                 }
    2549                 :            :         }
    2550                 :        624 : out:
    2551                 :        624 :         trace_fcntl_setlk(inode, file_lock, error);
    2552                 :        624 :         locks_free_lock(file_lock);
    2553                 :        624 :         return error;
    2554                 :            : }
    2555                 :            : 
    2556                 :            : #if BITS_PER_LONG == 32
    2557                 :            : /* Report the first existing lock that would conflict with l.
    2558                 :            :  * This implements the F_GETLK command of fcntl().
    2559                 :            :  */
    2560                 :            : int fcntl_getlk64(struct file *filp, unsigned int cmd, struct flock64 *flock)
    2561                 :            : {
    2562                 :            :         struct file_lock *fl;
    2563                 :            :         int error;
    2564                 :            : 
    2565                 :            :         fl = locks_alloc_lock();
    2566                 :            :         if (fl == NULL)
    2567                 :            :                 return -ENOMEM;
    2568                 :            : 
    2569                 :            :         error = -EINVAL;
    2570                 :            :         if (flock->l_type != F_RDLCK && flock->l_type != F_WRLCK)
    2571                 :            :                 goto out;
    2572                 :            : 
    2573                 :            :         error = flock64_to_posix_lock(filp, fl, flock);
    2574                 :            :         if (error)
    2575                 :            :                 goto out;
    2576                 :            : 
    2577                 :            :         if (cmd == F_OFD_GETLK) {
    2578                 :            :                 error = -EINVAL;
    2579                 :            :                 if (flock->l_pid != 0)
    2580                 :            :                         goto out;
    2581                 :            : 
    2582                 :            :                 cmd = F_GETLK64;
    2583                 :            :                 fl->fl_flags |= FL_OFDLCK;
    2584                 :            :                 fl->fl_owner = filp;
    2585                 :            :         }
    2586                 :            : 
    2587                 :            :         error = vfs_test_lock(filp, fl);
    2588                 :            :         if (error)
    2589                 :            :                 goto out;
    2590                 :            : 
    2591                 :            :         flock->l_type = fl->fl_type;
    2592                 :            :         if (fl->fl_type != F_UNLCK)
    2593                 :            :                 posix_lock_to_flock64(flock, fl);
    2594                 :            : 
    2595                 :            : out:
    2596                 :            :         locks_free_lock(fl);
    2597                 :            :         return error;
    2598                 :            : }
    2599                 :            : 
    2600                 :            : /* Apply the lock described by l to an open file descriptor.
    2601                 :            :  * This implements both the F_SETLK and F_SETLKW commands of fcntl().
    2602                 :            :  */
    2603                 :            : int fcntl_setlk64(unsigned int fd, struct file *filp, unsigned int cmd,
    2604                 :            :                 struct flock64 *flock)
    2605                 :            : {
    2606                 :            :         struct file_lock *file_lock = locks_alloc_lock();
    2607                 :            :         struct inode *inode = locks_inode(filp);
    2608                 :            :         struct file *f;
    2609                 :            :         int error;
    2610                 :            : 
    2611                 :            :         if (file_lock == NULL)
    2612                 :            :                 return -ENOLCK;
    2613                 :            : 
    2614                 :            :         /* Don't allow mandatory locks on files that may be memory mapped
    2615                 :            :          * and shared.
    2616                 :            :          */
    2617                 :            :         if (mandatory_lock(inode) && mapping_writably_mapped(filp->f_mapping)) {
    2618                 :            :                 error = -EAGAIN;
    2619                 :            :                 goto out;
    2620                 :            :         }
    2621                 :            : 
    2622                 :            :         error = flock64_to_posix_lock(filp, file_lock, flock);
    2623                 :            :         if (error)
    2624                 :            :                 goto out;
    2625                 :            : 
    2626                 :            :         error = check_fmode_for_setlk(file_lock);
    2627                 :            :         if (error)
    2628                 :            :                 goto out;
    2629                 :            : 
    2630                 :            :         /*
    2631                 :            :          * If the cmd is requesting file-private locks, then set the
    2632                 :            :          * FL_OFDLCK flag and override the owner.
    2633                 :            :          */
    2634                 :            :         switch (cmd) {
    2635                 :            :         case F_OFD_SETLK:
    2636                 :            :                 error = -EINVAL;
    2637                 :            :                 if (flock->l_pid != 0)
    2638                 :            :                         goto out;
    2639                 :            : 
    2640                 :            :                 cmd = F_SETLK64;
    2641                 :            :                 file_lock->fl_flags |= FL_OFDLCK;
    2642                 :            :                 file_lock->fl_owner = filp;
    2643                 :            :                 break;
    2644                 :            :         case F_OFD_SETLKW:
    2645                 :            :                 error = -EINVAL;
    2646                 :            :                 if (flock->l_pid != 0)
    2647                 :            :                         goto out;
    2648                 :            : 
    2649                 :            :                 cmd = F_SETLKW64;
    2650                 :            :                 file_lock->fl_flags |= FL_OFDLCK;
    2651                 :            :                 file_lock->fl_owner = filp;
    2652                 :            :                 /* Fallthrough */
    2653                 :            :         case F_SETLKW64:
    2654                 :            :                 file_lock->fl_flags |= FL_SLEEP;
    2655                 :            :         }
    2656                 :            : 
    2657                 :            :         error = do_lock_file_wait(filp, cmd, file_lock);
    2658                 :            : 
    2659                 :            :         /*
    2660                 :            :          * Attempt to detect a close/fcntl race and recover by releasing the
    2661                 :            :          * lock that was just acquired. There is no need to do that when we're
    2662                 :            :          * unlocking though, or for OFD locks.
    2663                 :            :          */
    2664                 :            :         if (!error && file_lock->fl_type != F_UNLCK &&
    2665                 :            :             !(file_lock->fl_flags & FL_OFDLCK)) {
    2666                 :            :                 /*
    2667                 :            :                  * We need that spin_lock here - it prevents reordering between
    2668                 :            :                  * update of i_flctx->flc_posix and check for it done in
    2669                 :            :                  * close(). rcu_read_lock() wouldn't do.
    2670                 :            :                  */
    2671                 :            :                 spin_lock(&current->files->file_lock);
    2672                 :            :                 f = fcheck(fd);
    2673                 :            :                 spin_unlock(&current->files->file_lock);
    2674                 :            :                 if (f != filp) {
    2675                 :            :                         file_lock->fl_type = F_UNLCK;
    2676                 :            :                         error = do_lock_file_wait(filp, cmd, file_lock);
    2677                 :            :                         WARN_ON_ONCE(error);
    2678                 :            :                         error = -EBADF;
    2679                 :            :                 }
    2680                 :            :         }
    2681                 :            : out:
    2682                 :            :         locks_free_lock(file_lock);
    2683                 :            :         return error;
    2684                 :            : }
    2685                 :            : #endif /* BITS_PER_LONG == 32 */
    2686                 :            : 
    2687                 :            : /*
    2688                 :            :  * This function is called when the file is being removed
    2689                 :            :  * from the task's fd array.  POSIX locks belonging to this task
    2690                 :            :  * are deleted at this time.
    2691                 :            :  */
    2692                 :    2316260 : void locks_remove_posix(struct file *filp, fl_owner_t owner)
    2693                 :            : {
    2694                 :    2316260 :         int error;
    2695                 :    2316260 :         struct inode *inode = locks_inode(filp);
    2696                 :    2316260 :         struct file_lock lock;
    2697                 :    2316260 :         struct file_lock_context *ctx;
    2698                 :            : 
    2699                 :            :         /*
    2700                 :            :          * If there are no locks held on this file, we don't need to call
    2701                 :            :          * posix_lock_file().  Another process could be setting a lock on this
    2702                 :            :          * file at the same time, but we wouldn't remove that lock anyway.
    2703                 :            :          */
    2704                 :    2316260 :         ctx =  smp_load_acquire(&inode->i_flctx);
    2705   [ +  +  +  + ]:    2316260 :         if (!ctx || list_empty(&ctx->flc_posix))
    2706                 :    2315480 :                 return;
    2707                 :            : 
    2708                 :        780 :         locks_init_lock(&lock);
    2709                 :        780 :         lock.fl_type = F_UNLCK;
    2710                 :        780 :         lock.fl_flags = FL_POSIX | FL_CLOSE;
    2711                 :        780 :         lock.fl_start = 0;
    2712                 :        780 :         lock.fl_end = OFFSET_MAX;
    2713                 :        780 :         lock.fl_owner = owner;
    2714                 :        780 :         lock.fl_pid = current->tgid;
    2715                 :        780 :         lock.fl_file = filp;
    2716                 :        780 :         lock.fl_ops = NULL;
    2717                 :        780 :         lock.fl_lmops = NULL;
    2718                 :            : 
    2719                 :        780 :         error = vfs_lock_file(filp, F_SETLK, &lock, NULL);
    2720                 :            : 
    2721   [ -  +  -  - ]:        780 :         if (lock.fl_ops && lock.fl_ops->fl_release_private)
    2722                 :          0 :                 lock.fl_ops->fl_release_private(&lock);
    2723                 :        780 :         trace_locks_remove_posix(inode, &lock, error);
    2724                 :            : }
    2725                 :            : EXPORT_SYMBOL(locks_remove_posix);
    2726                 :            : 
    2727                 :            : /* The i_flctx must be valid when calling into here */
    2728                 :            : static void
    2729                 :       2574 : locks_remove_flock(struct file *filp, struct file_lock_context *flctx)
    2730                 :            : {
    2731                 :       2574 :         struct file_lock fl;
    2732         [ +  + ]:       2574 :         struct inode *inode = locks_inode(filp);
    2733                 :            : 
    2734         [ +  + ]:       2574 :         if (list_empty(&flctx->flc_flock))
    2735                 :        624 :                 return;
    2736                 :            : 
    2737                 :       1950 :         flock_make_lock(filp, LOCK_UN, &fl);
    2738                 :       1950 :         fl.fl_flags |= FL_CLOSE;
    2739                 :            : 
    2740         [ -  + ]:       1950 :         if (filp->f_op->flock)
    2741                 :          0 :                 filp->f_op->flock(filp, F_SETLKW, &fl);
    2742                 :            :         else
    2743                 :       1950 :                 flock_lock_inode(inode, &fl);
    2744                 :            : 
    2745   [ -  +  -  - ]:       1950 :         if (fl.fl_ops && fl.fl_ops->fl_release_private)
    2746                 :          0 :                 fl.fl_ops->fl_release_private(&fl);
    2747                 :            : }
    2748                 :            : 
    2749                 :            : /* The i_flctx must be valid when calling into here */
    2750                 :            : static void
    2751                 :       2574 : locks_remove_lease(struct file *filp, struct file_lock_context *ctx)
    2752                 :            : {
    2753                 :       2574 :         struct file_lock *fl, *tmp;
    2754                 :       2574 :         LIST_HEAD(dispose);
    2755                 :            : 
    2756         [ +  - ]:       2574 :         if (list_empty(&ctx->flc_lease))
    2757                 :       2574 :                 return;
    2758                 :            : 
    2759                 :          0 :         percpu_down_read(&file_rwsem);
    2760                 :          0 :         spin_lock(&ctx->flc_lock);
    2761         [ #  # ]:          0 :         list_for_each_entry_safe(fl, tmp, &ctx->flc_lease, fl_list)
    2762         [ #  # ]:          0 :                 if (filp == fl->fl_file)
    2763                 :          0 :                         lease_modify(fl, F_UNLCK, &dispose);
    2764                 :          0 :         spin_unlock(&ctx->flc_lock);
    2765                 :          0 :         percpu_up_read(&file_rwsem);
    2766                 :            : 
    2767                 :          0 :         locks_dispose_list(&dispose);
    2768                 :            : }
    2769                 :            : 
    2770                 :            : /*
    2771                 :            :  * This function is called on the last close of an open file.
    2772                 :            :  */
    2773                 :    3351823 : void locks_remove_file(struct file *filp)
    2774                 :            : {
    2775                 :    3351823 :         struct file_lock_context *ctx;
    2776                 :            : 
    2777                 :    3351823 :         ctx = smp_load_acquire(&locks_inode(filp)->i_flctx);
    2778         [ +  + ]:    3351823 :         if (!ctx)
    2779                 :            :                 return;
    2780                 :            : 
    2781                 :            :         /* remove any OFD locks */
    2782                 :       2574 :         locks_remove_posix(filp, filp);
    2783                 :            : 
    2784                 :            :         /* remove flock locks */
    2785                 :       2574 :         locks_remove_flock(filp, ctx);
    2786                 :            : 
    2787                 :            :         /* remove any leases */
    2788                 :       2574 :         locks_remove_lease(filp, ctx);
    2789                 :            : 
    2790                 :       2574 :         spin_lock(&ctx->flc_lock);
    2791                 :       2574 :         locks_check_ctx_file_list(filp, &ctx->flc_posix, "POSIX");
    2792                 :       2574 :         locks_check_ctx_file_list(filp, &ctx->flc_flock, "FLOCK");
    2793                 :       2574 :         locks_check_ctx_file_list(filp, &ctx->flc_lease, "LEASE");
    2794                 :       2574 :         spin_unlock(&ctx->flc_lock);
    2795                 :            : }
    2796                 :            : 
    2797                 :            : /**
    2798                 :            :  * vfs_cancel_lock - file byte range unblock lock
    2799                 :            :  * @filp: The file to apply the unblock to
    2800                 :            :  * @fl: The lock to be unblocked
    2801                 :            :  *
    2802                 :            :  * Used by lock managers to cancel blocked requests
    2803                 :            :  */
    2804                 :          0 : int vfs_cancel_lock(struct file *filp, struct file_lock *fl)
    2805                 :            : {
    2806         [ #  # ]:          0 :         if (filp->f_op->lock)
    2807                 :          0 :                 return filp->f_op->lock(filp, F_CANCELLK, fl);
    2808                 :            :         return 0;
    2809                 :            : }
    2810                 :            : EXPORT_SYMBOL_GPL(vfs_cancel_lock);
    2811                 :            : 
    2812                 :            : #ifdef CONFIG_PROC_FS
    2813                 :            : #include <linux/proc_fs.h>
    2814                 :            : #include <linux/seq_file.h>
    2815                 :            : 
    2816                 :            : struct locks_iterator {
    2817                 :            :         int     li_cpu;
    2818                 :            :         loff_t  li_pos;
    2819                 :            : };
    2820                 :            : 
    2821                 :          0 : static void lock_get_status(struct seq_file *f, struct file_lock *fl,
    2822                 :            :                             loff_t id, char *pfx)
    2823                 :            : {
    2824                 :          0 :         struct inode *inode = NULL;
    2825                 :          0 :         unsigned int fl_pid;
    2826                 :          0 :         struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info;
    2827                 :            : 
    2828                 :          0 :         fl_pid = locks_translate_pid(fl, proc_pidns);
    2829                 :            :         /*
    2830                 :            :          * If lock owner is dead (and pid is freed) or not visible in current
    2831                 :            :          * pidns, zero is shown as a pid value. Check lock info from
    2832                 :            :          * init_pid_ns to get saved lock pid value.
    2833                 :            :          */
    2834                 :            : 
    2835         [ #  # ]:          0 :         if (fl->fl_file != NULL)
    2836                 :          0 :                 inode = locks_inode(fl->fl_file);
    2837                 :            : 
    2838                 :          0 :         seq_printf(f, "%lld:%s ", id, pfx);
    2839         [ #  # ]:          0 :         if (IS_POSIX(fl)) {
    2840         [ #  # ]:          0 :                 if (fl->fl_flags & FL_ACCESS)
    2841                 :          0 :                         seq_puts(f, "ACCESS");
    2842         [ #  # ]:          0 :                 else if (IS_OFDLCK(fl))
    2843                 :          0 :                         seq_puts(f, "OFDLCK");
    2844                 :            :                 else
    2845                 :          0 :                         seq_puts(f, "POSIX ");
    2846                 :            : 
    2847         [ #  # ]:          0 :                 seq_printf(f, " %s ",
    2848                 :            :                              (inode == NULL) ? "*NOINODE*" :
    2849                 :            :                              mandatory_lock(inode) ? "MANDATORY" : "ADVISORY ");
    2850         [ #  # ]:          0 :         } else if (IS_FLOCK(fl)) {
    2851         [ #  # ]:          0 :                 if (fl->fl_type & LOCK_MAND) {
    2852                 :          0 :                         seq_puts(f, "FLOCK  MSNFS     ");
    2853                 :            :                 } else {
    2854                 :          0 :                         seq_puts(f, "FLOCK  ADVISORY  ");
    2855                 :            :                 }
    2856         [ #  # ]:          0 :         } else if (IS_LEASE(fl)) {
    2857         [ #  # ]:          0 :                 if (fl->fl_flags & FL_DELEG)
    2858                 :          0 :                         seq_puts(f, "DELEG  ");
    2859                 :            :                 else
    2860                 :          0 :                         seq_puts(f, "LEASE  ");
    2861                 :            : 
    2862         [ #  # ]:          0 :                 if (lease_breaking(fl))
    2863                 :          0 :                         seq_puts(f, "BREAKING  ");
    2864         [ #  # ]:          0 :                 else if (fl->fl_file)
    2865                 :          0 :                         seq_puts(f, "ACTIVE    ");
    2866                 :            :                 else
    2867                 :          0 :                         seq_puts(f, "BREAKER   ");
    2868                 :            :         } else {
    2869                 :          0 :                 seq_puts(f, "UNKNOWN UNKNOWN  ");
    2870                 :            :         }
    2871         [ #  # ]:          0 :         if (fl->fl_type & LOCK_MAND) {
    2872         [ #  # ]:          0 :                 seq_printf(f, "%s ",
    2873                 :            :                                (fl->fl_type & LOCK_READ)
    2874         [ #  # ]:          0 :                                ? (fl->fl_type & LOCK_WRITE) ? "RW   " : "READ "
    2875         [ #  # ]:          0 :                                : (fl->fl_type & LOCK_WRITE) ? "WRITE" : "NONE ");
    2876                 :            :         } else {
    2877         [ #  # ]:          0 :                 int type = IS_LEASE(fl) ? target_leasetype(fl) : fl->fl_type;
    2878                 :            : 
    2879         [ #  # ]:          0 :                 seq_printf(f, "%s ", (type == F_WRLCK) ? "WRITE" :
    2880         [ #  # ]:          0 :                                      (type == F_RDLCK) ? "READ" : "UNLCK");
    2881                 :            :         }
    2882         [ #  # ]:          0 :         if (inode) {
    2883                 :            :                 /* userspace relies on this representation of dev_t */
    2884                 :          0 :                 seq_printf(f, "%d %02x:%02x:%lu ", fl_pid,
    2885                 :          0 :                                 MAJOR(inode->i_sb->s_dev),
    2886                 :          0 :                                 MINOR(inode->i_sb->s_dev), inode->i_ino);
    2887                 :            :         } else {
    2888                 :          0 :                 seq_printf(f, "%d <none>:0 ", fl_pid);
    2889                 :            :         }
    2890         [ #  # ]:          0 :         if (IS_POSIX(fl)) {
    2891         [ #  # ]:          0 :                 if (fl->fl_end == OFFSET_MAX)
    2892                 :          0 :                         seq_printf(f, "%Ld EOF\n", fl->fl_start);
    2893                 :            :                 else
    2894                 :          0 :                         seq_printf(f, "%Ld %Ld\n", fl->fl_start, fl->fl_end);
    2895                 :            :         } else {
    2896                 :          0 :                 seq_puts(f, "0 EOF\n");
    2897                 :            :         }
    2898                 :          0 : }
    2899                 :            : 
    2900                 :          0 : static int locks_show(struct seq_file *f, void *v)
    2901                 :            : {
    2902                 :          0 :         struct locks_iterator *iter = f->private;
    2903                 :          0 :         struct file_lock *fl, *bfl;
    2904                 :          0 :         struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info;
    2905                 :            : 
    2906                 :          0 :         fl = hlist_entry(v, struct file_lock, fl_link);
    2907                 :            : 
    2908         [ #  # ]:          0 :         if (locks_translate_pid(fl, proc_pidns) == 0)
    2909                 :            :                 return 0;
    2910                 :            : 
    2911                 :          0 :         lock_get_status(f, fl, iter->li_pos, "");
    2912                 :            : 
    2913         [ #  # ]:          0 :         list_for_each_entry(bfl, &fl->fl_blocked_requests, fl_blocked_member)
    2914                 :          0 :                 lock_get_status(f, bfl, iter->li_pos, " ->");
    2915                 :            : 
    2916                 :            :         return 0;
    2917                 :            : }
    2918                 :            : 
    2919                 :          0 : static void __show_fd_locks(struct seq_file *f,
    2920                 :            :                         struct list_head *head, int *id,
    2921                 :            :                         struct file *filp, struct files_struct *files)
    2922                 :            : {
    2923                 :          0 :         struct file_lock *fl;
    2924                 :            : 
    2925         [ #  # ]:          0 :         list_for_each_entry(fl, head, fl_list) {
    2926                 :            : 
    2927         [ #  # ]:          0 :                 if (filp != fl->fl_file)
    2928                 :          0 :                         continue;
    2929   [ #  #  #  # ]:          0 :                 if (fl->fl_owner != files &&
    2930                 :            :                     fl->fl_owner != filp)
    2931                 :          0 :                         continue;
    2932                 :            : 
    2933                 :          0 :                 (*id)++;
    2934                 :          0 :                 seq_puts(f, "lock:\t");
    2935                 :          0 :                 lock_get_status(f, fl, *id, "");
    2936                 :            :         }
    2937                 :          0 : }
    2938                 :            : 
    2939                 :       4680 : void show_fd_locks(struct seq_file *f,
    2940                 :            :                   struct file *filp, struct files_struct *files)
    2941                 :            : {
    2942                 :       4680 :         struct inode *inode = locks_inode(filp);
    2943                 :       4680 :         struct file_lock_context *ctx;
    2944                 :       4680 :         int id = 0;
    2945                 :            : 
    2946                 :       4680 :         ctx = smp_load_acquire(&inode->i_flctx);
    2947         [ +  - ]:       4680 :         if (!ctx)
    2948                 :       4680 :                 return;
    2949                 :            : 
    2950                 :          0 :         spin_lock(&ctx->flc_lock);
    2951                 :          0 :         __show_fd_locks(f, &ctx->flc_flock, &id, filp, files);
    2952                 :          0 :         __show_fd_locks(f, &ctx->flc_posix, &id, filp, files);
    2953                 :          0 :         __show_fd_locks(f, &ctx->flc_lease, &id, filp, files);
    2954                 :          0 :         spin_unlock(&ctx->flc_lock);
    2955                 :            : }
    2956                 :            : 
    2957                 :          0 : static void *locks_start(struct seq_file *f, loff_t *pos)
    2958                 :            :         __acquires(&blocked_lock_lock)
    2959                 :            : {
    2960                 :          0 :         struct locks_iterator *iter = f->private;
    2961                 :            : 
    2962                 :          0 :         iter->li_pos = *pos + 1;
    2963                 :          0 :         percpu_down_write(&file_rwsem);
    2964                 :          0 :         spin_lock(&blocked_lock_lock);
    2965                 :          0 :         return seq_hlist_start_percpu(&file_lock_list.hlist, &iter->li_cpu, *pos);
    2966                 :            : }
    2967                 :            : 
    2968                 :          0 : static void *locks_next(struct seq_file *f, void *v, loff_t *pos)
    2969                 :            : {
    2970                 :          0 :         struct locks_iterator *iter = f->private;
    2971                 :            : 
    2972                 :          0 :         ++iter->li_pos;
    2973                 :          0 :         return seq_hlist_next_percpu(v, &file_lock_list.hlist, &iter->li_cpu, pos);
    2974                 :            : }
    2975                 :            : 
    2976                 :          0 : static void locks_stop(struct seq_file *f, void *v)
    2977                 :            :         __releases(&blocked_lock_lock)
    2978                 :            : {
    2979                 :          0 :         spin_unlock(&blocked_lock_lock);
    2980                 :          0 :         percpu_up_write(&file_rwsem);
    2981                 :          0 : }
    2982                 :            : 
    2983                 :            : static const struct seq_operations locks_seq_operations = {
    2984                 :            :         .start  = locks_start,
    2985                 :            :         .next   = locks_next,
    2986                 :            :         .stop   = locks_stop,
    2987                 :            :         .show   = locks_show,
    2988                 :            : };
    2989                 :            : 
    2990                 :         78 : static int __init proc_locks_init(void)
    2991                 :            : {
    2992                 :         78 :         proc_create_seq_private("locks", 0, NULL, &locks_seq_operations,
    2993                 :            :                         sizeof(struct locks_iterator), NULL);
    2994                 :         78 :         return 0;
    2995                 :            : }
    2996                 :            : fs_initcall(proc_locks_init);
    2997                 :            : #endif
    2998                 :            : 
    2999                 :         78 : static int __init filelock_init(void)
    3000                 :            : {
    3001                 :         78 :         int i;
    3002                 :            : 
    3003                 :         78 :         flctx_cache = kmem_cache_create("file_lock_ctx",
    3004                 :            :                         sizeof(struct file_lock_context), 0, SLAB_PANIC, NULL);
    3005                 :            : 
    3006                 :         78 :         filelock_cache = kmem_cache_create("file_lock_cache",
    3007                 :            :                         sizeof(struct file_lock), 0, SLAB_PANIC, NULL);
    3008                 :            : 
    3009         [ +  + ]:        156 :         for_each_possible_cpu(i) {
    3010                 :         78 :                 struct file_lock_list_struct *fll = per_cpu_ptr(&file_lock_list, i);
    3011                 :            : 
    3012                 :         78 :                 spin_lock_init(&fll->lock);
    3013                 :         78 :                 INIT_HLIST_HEAD(&fll->hlist);
    3014                 :            :         }
    3015                 :            : 
    3016                 :         78 :         lease_notifier_chain_init();
    3017                 :         78 :         return 0;
    3018                 :            : }
    3019                 :            : core_initcall(filelock_init);

Generated by: LCOV version 1.14