root/fs/locks.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. lease_breaking
  2. target_leasetype
  3. locks_get_lock_context
  4. locks_dump_ctx_list
  5. locks_check_ctx_lists
  6. locks_check_ctx_file_list
  7. locks_free_lock_context
  8. locks_init_lock_heads
  9. locks_alloc_lock
  10. locks_release_private
  11. locks_free_lock
  12. locks_dispose_list
  13. locks_init_lock
  14. locks_copy_conflock
  15. locks_copy_lock
  16. locks_move_blocks
  17. flock_translate_cmd
  18. flock_make_lock
  19. assign_type
  20. flock64_to_posix_lock
  21. flock_to_posix_lock
  22. lease_break_callback
  23. lease_setup
  24. lease_init
  25. lease_alloc
  26. locks_overlap
  27. posix_same_owner
  28. locks_insert_global_locks
  29. locks_delete_global_locks
  30. posix_owner_key
  31. locks_insert_global_blocked
  32. locks_delete_global_blocked
  33. __locks_delete_block
  34. __locks_wake_up_blocks
  35. locks_delete_block
  36. __locks_insert_block
  37. locks_insert_block
  38. locks_wake_up_blocks
  39. locks_insert_lock_ctx
  40. locks_unlink_lock_ctx
  41. locks_delete_lock_ctx
  42. locks_conflict
  43. posix_locks_conflict
  44. flock_locks_conflict
  45. posix_test_lock
  46. what_owner_is_waiting_for
  47. posix_locks_deadlock
  48. flock_lock_inode
  49. posix_lock_inode
  50. posix_lock_file
  51. posix_lock_inode_wait
  52. locks_mandatory_locked
  53. locks_mandatory_area
  54. lease_clear_pending
  55. lease_modify
  56. past_time
  57. time_out_leases
  58. leases_conflict
  59. any_leases_conflict
  60. __break_lease
  61. lease_get_mtime
  62. fcntl_getlease
  63. check_conflicting_open
  64. generic_add_lease
  65. generic_delete_lease
  66. generic_setlease
  67. lease_notifier_chain_init
  68. setlease_notifier
  69. lease_register_notifier
  70. lease_unregister_notifier
  71. lease_notifier_chain_init
  72. setlease_notifier
  73. lease_register_notifier
  74. lease_unregister_notifier
  75. vfs_setlease
  76. do_fcntl_add_lease
  77. fcntl_setlease
  78. flock_lock_inode_wait
  79. locks_lock_inode_wait
  80. SYSCALL_DEFINE2
  81. vfs_test_lock
  82. locks_translate_pid
  83. posix_lock_to_flock
  84. posix_lock_to_flock64
  85. fcntl_getlk
  86. vfs_lock_file
  87. do_lock_file_wait
  88. check_fmode_for_setlk
  89. fcntl_setlk
  90. fcntl_getlk64
  91. fcntl_setlk64
  92. locks_remove_posix
  93. locks_remove_flock
  94. locks_remove_lease
  95. locks_remove_file
  96. vfs_cancel_lock
  97. lock_get_status
  98. locks_show
  99. __show_fd_locks
  100. show_fd_locks
  101. locks_start
  102. locks_next
  103. locks_stop
  104. proc_locks_init
  105. filelock_init

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  *  linux/fs/locks.c
   4  *
   5  *  Provide support for fcntl()'s F_GETLK, F_SETLK, and F_SETLKW calls.
   6  *  Doug Evans (dje@spiff.uucp), August 07, 1992
   7  *
   8  *  Deadlock detection added.
   9  *  FIXME: one thing isn't handled yet:
  10  *      - mandatory locks (requires lots of changes elsewhere)
  11  *  Kelly Carmichael (kelly@[142.24.8.65]), September 17, 1994.
  12  *
  13  *  Miscellaneous edits, and a total rewrite of posix_lock_file() code.
  14  *  Kai Petzke (wpp@marie.physik.tu-berlin.de), 1994
  15  *
  16  *  Converted file_lock_table to a linked list from an array, which eliminates
  17  *  the limits on how many active file locks are open.
  18  *  Chad Page (pageone@netcom.com), November 27, 1994
  19  *
  20  *  Removed dependency on file descriptors. dup()'ed file descriptors now
  21  *  get the same locks as the original file descriptors, and a close() on
  22  *  any file descriptor removes ALL the locks on the file for the current
  23  *  process. Since locks still depend on the process id, locks are inherited
  24  *  after an exec() but not after a fork(). This agrees with POSIX, and both
  25  *  BSD and SVR4 practice.
  26  *  Andy Walker (andy@lysaker.kvaerner.no), February 14, 1995
  27  *
  28  *  Scrapped free list which is redundant now that we allocate locks
  29  *  dynamically with kmalloc()/kfree().
  30  *  Andy Walker (andy@lysaker.kvaerner.no), February 21, 1995
  31  *
  32  *  Implemented two lock personalities - FL_FLOCK and FL_POSIX.
  33  *
  34  *  FL_POSIX locks are created with calls to fcntl() and lockf() through the
  35  *  fcntl() system call. They have the semantics described above.
  36  *
  37  *  FL_FLOCK locks are created with calls to flock(), through the flock()
  38  *  system call, which is new. Old C libraries implement flock() via fcntl()
  39  *  and will continue to use the old, broken implementation.
  40  *
  41  *  FL_FLOCK locks follow the 4.4 BSD flock() semantics. They are associated
  42  *  with a file pointer (filp). As a result they can be shared by a parent
  43  *  process and its children after a fork(). They are removed when the last
  44  *  file descriptor referring to the file pointer is closed (unless explicitly
  45  *  unlocked).
  46  *
  47  *  FL_FLOCK locks never deadlock, an existing lock is always removed before
  48  *  upgrading from shared to exclusive (or vice versa). When this happens
  49  *  any processes blocked by the current lock are woken up and allowed to
  50  *  run before the new lock is applied.
  51  *  Andy Walker (andy@lysaker.kvaerner.no), June 09, 1995
  52  *
  53  *  Removed some race conditions in flock_lock_file(), marked other possible
  54  *  races. Just grep for FIXME to see them.
  55  *  Dmitry Gorodchanin (pgmdsg@ibi.com), February 09, 1996.
  56  *
  57  *  Addressed Dmitry's concerns. Deadlock checking no longer recursive.
  58  *  Lock allocation changed to GFP_ATOMIC as we can't afford to sleep
  59  *  once we've checked for blocking and deadlocking.
  60  *  Andy Walker (andy@lysaker.kvaerner.no), April 03, 1996.
  61  *
  62  *  Initial implementation of mandatory locks. SunOS turned out to be
  63  *  a rotten model, so I implemented the "obvious" semantics.
  64  *  See 'Documentation/filesystems/mandatory-locking.txt' for details.
  65  *  Andy Walker (andy@lysaker.kvaerner.no), April 06, 1996.
  66  *
  67  *  Don't allow mandatory locks on mmap()'ed files. Added simple functions to
  68  *  check if a file has mandatory locks, used by mmap(), open() and creat() to
  69  *  see if system call should be rejected. Ref. HP-UX/SunOS/Solaris Reference
  70  *  Manual, Section 2.
  71  *  Andy Walker (andy@lysaker.kvaerner.no), April 09, 1996.
  72  *
  73  *  Tidied up block list handling. Added '/proc/locks' interface.
  74  *  Andy Walker (andy@lysaker.kvaerner.no), April 24, 1996.
  75  *
  76  *  Fixed deadlock condition for pathological code that mixes calls to
  77  *  flock() and fcntl().
  78  *  Andy Walker (andy@lysaker.kvaerner.no), April 29, 1996.
  79  *
  80  *  Allow only one type of locking scheme (FL_POSIX or FL_FLOCK) to be in use
  81  *  for a given file at a time. Changed the CONFIG_LOCK_MANDATORY scheme to
  82  *  guarantee sensible behaviour in the case where file system modules might
  83  *  be compiled with different options than the kernel itself.
  84  *  Andy Walker (andy@lysaker.kvaerner.no), May 15, 1996.
  85  *
  86  *  Added a couple of missing wake_up() calls. Thanks to Thomas Meckel
  87  *  (Thomas.Meckel@mni.fh-giessen.de) for spotting this.
  88  *  Andy Walker (andy@lysaker.kvaerner.no), May 15, 1996.
  89  *
  90  *  Changed FL_POSIX locks to use the block list in the same way as FL_FLOCK
  91  *  locks. Changed process synchronisation to avoid dereferencing locks that
  92  *  have already been freed.
  93  *  Andy Walker (andy@lysaker.kvaerner.no), Sep 21, 1996.
  94  *
  95  *  Made the block list a circular list to minimise searching in the list.
  96  *  Andy Walker (andy@lysaker.kvaerner.no), Sep 25, 1996.
  97  *
  98  *  Made mandatory locking a mount option. Default is not to allow mandatory
  99  *  locking.
 100  *  Andy Walker (andy@lysaker.kvaerner.no), Oct 04, 1996.
 101  *
 102  *  Some adaptations for NFS support.
 103  *  Olaf Kirch (okir@monad.swb.de), Dec 1996,
 104  *
 105  *  Fixed /proc/locks interface so that we can't overrun the buffer we are handed.
 106  *  Andy Walker (andy@lysaker.kvaerner.no), May 12, 1997.
 107  *
 108  *  Use slab allocator instead of kmalloc/kfree.
 109  *  Use generic list implementation from <linux/list.h>.
 110  *  Sped up posix_locks_deadlock by only considering blocked locks.
 111  *  Matthew Wilcox <willy@debian.org>, March, 2000.
 112  *
 113  *  Leases and LOCK_MAND
 114  *  Matthew Wilcox <willy@debian.org>, June, 2000.
 115  *  Stephen Rothwell <sfr@canb.auug.org.au>, June, 2000.
 116  *
 117  * Locking conflicts and dependencies:
 118  * If multiple threads attempt to lock the same byte (or flock the same file)
 119  * only one can be granted the lock, and other must wait their turn.
 120  * The first lock has been "applied" or "granted", the others are "waiting"
 121  * and are "blocked" by the "applied" lock..
 122  *
 123  * Waiting and applied locks are all kept in trees whose properties are:
 124  *
 125  *      - the root of a tree may be an applied or waiting lock.
 126  *      - every other node in the tree is a waiting lock that
 127  *        conflicts with every ancestor of that node.
 128  *
 129  * Every such tree begins life as a waiting singleton which obviously
 130  * satisfies the above properties.
 131  *
 132  * The only ways we modify trees preserve these properties:
 133  *
 134  *      1. We may add a new leaf node, but only after first verifying that it
 135  *         conflicts with all of its ancestors.
 136  *      2. We may remove the root of a tree, creating a new singleton
 137  *         tree from the root and N new trees rooted in the immediate
 138  *         children.
 139  *      3. If the root of a tree is not currently an applied lock, we may
 140  *         apply it (if possible).
 141  *      4. We may upgrade the root of the tree (either extend its range,
 142  *         or upgrade its entire range from read to write).
 143  *
 144  * When an applied lock is modified in a way that reduces or downgrades any
 145  * part of its range, we remove all its children (2 above).  This particularly
 146  * happens when a lock is unlocked.
 147  *
 148  * For each of those child trees we "wake up" the thread which is
 149  * waiting for the lock so it can continue handling as follows: if the
 150  * root of the tree applies, we do so (3).  If it doesn't, it must
 151  * conflict with some applied lock.  We remove (wake up) all of its children
 152  * (2), and add it is a new leaf to the tree rooted in the applied
 153  * lock (1).  We then repeat the process recursively with those
 154  * children.
 155  *
 156  */
 157 
 158 #include <linux/capability.h>
 159 #include <linux/file.h>
 160 #include <linux/fdtable.h>
 161 #include <linux/fs.h>
 162 #include <linux/init.h>
 163 #include <linux/security.h>
 164 #include <linux/slab.h>
 165 #include <linux/syscalls.h>
 166 #include <linux/time.h>
 167 #include <linux/rcupdate.h>
 168 #include <linux/pid_namespace.h>
 169 #include <linux/hashtable.h>
 170 #include <linux/percpu.h>
 171 
 172 #define CREATE_TRACE_POINTS
 173 #include <trace/events/filelock.h>
 174 
 175 #include <linux/uaccess.h>
 176 
 177 #define IS_POSIX(fl)    (fl->fl_flags & FL_POSIX)
 178 #define IS_FLOCK(fl)    (fl->fl_flags & FL_FLOCK)
 179 #define IS_LEASE(fl)    (fl->fl_flags & (FL_LEASE|FL_DELEG|FL_LAYOUT))
 180 #define IS_OFDLCK(fl)   (fl->fl_flags & FL_OFDLCK)
 181 #define IS_REMOTELCK(fl)        (fl->fl_pid <= 0)
 182 
 183 static bool lease_breaking(struct file_lock *fl)
 184 {
 185         return fl->fl_flags & (FL_UNLOCK_PENDING | FL_DOWNGRADE_PENDING);
 186 }
 187 
 188 static int target_leasetype(struct file_lock *fl)
 189 {
 190         if (fl->fl_flags & FL_UNLOCK_PENDING)
 191                 return F_UNLCK;
 192         if (fl->fl_flags & FL_DOWNGRADE_PENDING)
 193                 return F_RDLCK;
 194         return fl->fl_type;
 195 }
 196 
 197 int leases_enable = 1;
 198 int lease_break_time = 45;
 199 
 200 /*
 201  * The global file_lock_list is only used for displaying /proc/locks, so we
 202  * keep a list on each CPU, with each list protected by its own spinlock.
 203  * Global serialization is done using file_rwsem.
 204  *
 205  * Note that alterations to the list also require that the relevant flc_lock is
 206  * held.
 207  */
 208 struct file_lock_list_struct {
 209         spinlock_t              lock;
 210         struct hlist_head       hlist;
 211 };
 212 static DEFINE_PER_CPU(struct file_lock_list_struct, file_lock_list);
 213 DEFINE_STATIC_PERCPU_RWSEM(file_rwsem);
 214 
 215 
 216 /*
 217  * The blocked_hash is used to find POSIX lock loops for deadlock detection.
 218  * It is protected by blocked_lock_lock.
 219  *
 220  * We hash locks by lockowner in order to optimize searching for the lock a
 221  * particular lockowner is waiting on.
 222  *
 223  * FIXME: make this value scale via some heuristic? We generally will want more
 224  * buckets when we have more lockowners holding locks, but that's a little
 225  * difficult to determine without knowing what the workload will look like.
 226  */
 227 #define BLOCKED_HASH_BITS       7
 228 static DEFINE_HASHTABLE(blocked_hash, BLOCKED_HASH_BITS);
 229 
 230 /*
 231  * This lock protects the blocked_hash. Generally, if you're accessing it, you
 232  * want to be holding this lock.
 233  *
 234  * In addition, it also protects the fl->fl_blocked_requests list, and the
 235  * fl->fl_blocker pointer for file_lock structures that are acting as lock
 236  * requests (in contrast to those that are acting as records of acquired locks).
 237  *
 238  * Note that when we acquire this lock in order to change the above fields,
 239  * we often hold the flc_lock as well. In certain cases, when reading the fields
 240  * protected by this lock, we can skip acquiring it iff we already hold the
 241  * flc_lock.
 242  */
 243 static DEFINE_SPINLOCK(blocked_lock_lock);
 244 
 245 static struct kmem_cache *flctx_cache __read_mostly;
 246 static struct kmem_cache *filelock_cache __read_mostly;
 247 
 248 static struct file_lock_context *
 249 locks_get_lock_context(struct inode *inode, int type)
 250 {
 251         struct file_lock_context *ctx;
 252 
 253         /* paired with cmpxchg() below */
 254         ctx = smp_load_acquire(&inode->i_flctx);
 255         if (likely(ctx) || type == F_UNLCK)
 256                 goto out;
 257 
 258         ctx = kmem_cache_alloc(flctx_cache, GFP_KERNEL);
 259         if (!ctx)
 260                 goto out;
 261 
 262         spin_lock_init(&ctx->flc_lock);
 263         INIT_LIST_HEAD(&ctx->flc_flock);
 264         INIT_LIST_HEAD(&ctx->flc_posix);
 265         INIT_LIST_HEAD(&ctx->flc_lease);
 266 
 267         /*
 268          * Assign the pointer if it's not already assigned. If it is, then
 269          * free the context we just allocated.
 270          */
 271         if (cmpxchg(&inode->i_flctx, NULL, ctx)) {
 272                 kmem_cache_free(flctx_cache, ctx);
 273                 ctx = smp_load_acquire(&inode->i_flctx);
 274         }
 275 out:
 276         trace_locks_get_lock_context(inode, type, ctx);
 277         return ctx;
 278 }
 279 
 280 static void
 281 locks_dump_ctx_list(struct list_head *list, char *list_type)
 282 {
 283         struct file_lock *fl;
 284 
 285         list_for_each_entry(fl, list, fl_list) {
 286                 pr_warn("%s: fl_owner=%p fl_flags=0x%x fl_type=0x%x fl_pid=%u\n", list_type, fl->fl_owner, fl->fl_flags, fl->fl_type, fl->fl_pid);
 287         }
 288 }
 289 
 290 static void
 291 locks_check_ctx_lists(struct inode *inode)
 292 {
 293         struct file_lock_context *ctx = inode->i_flctx;
 294 
 295         if (unlikely(!list_empty(&ctx->flc_flock) ||
 296                      !list_empty(&ctx->flc_posix) ||
 297                      !list_empty(&ctx->flc_lease))) {
 298                 pr_warn("Leaked locks on dev=0x%x:0x%x ino=0x%lx:\n",
 299                         MAJOR(inode->i_sb->s_dev), MINOR(inode->i_sb->s_dev),
 300                         inode->i_ino);
 301                 locks_dump_ctx_list(&ctx->flc_flock, "FLOCK");
 302                 locks_dump_ctx_list(&ctx->flc_posix, "POSIX");
 303                 locks_dump_ctx_list(&ctx->flc_lease, "LEASE");
 304         }
 305 }
 306 
 307 static void
 308 locks_check_ctx_file_list(struct file *filp, struct list_head *list,
 309                                 char *list_type)
 310 {
 311         struct file_lock *fl;
 312         struct inode *inode = locks_inode(filp);
 313 
 314         list_for_each_entry(fl, list, fl_list)
 315                 if (fl->fl_file == filp)
 316                         pr_warn("Leaked %s lock on dev=0x%x:0x%x ino=0x%lx "
 317                                 " fl_owner=%p fl_flags=0x%x fl_type=0x%x fl_pid=%u\n",
 318                                 list_type, MAJOR(inode->i_sb->s_dev),
 319                                 MINOR(inode->i_sb->s_dev), inode->i_ino,
 320                                 fl->fl_owner, fl->fl_flags, fl->fl_type, fl->fl_pid);
 321 }
 322 
 323 void
 324 locks_free_lock_context(struct inode *inode)
 325 {
 326         struct file_lock_context *ctx = inode->i_flctx;
 327 
 328         if (unlikely(ctx)) {
 329                 locks_check_ctx_lists(inode);
 330                 kmem_cache_free(flctx_cache, ctx);
 331         }
 332 }
 333 
 334 static void locks_init_lock_heads(struct file_lock *fl)
 335 {
 336         INIT_HLIST_NODE(&fl->fl_link);
 337         INIT_LIST_HEAD(&fl->fl_list);
 338         INIT_LIST_HEAD(&fl->fl_blocked_requests);
 339         INIT_LIST_HEAD(&fl->fl_blocked_member);
 340         init_waitqueue_head(&fl->fl_wait);
 341 }
 342 
 343 /* Allocate an empty lock structure. */
 344 struct file_lock *locks_alloc_lock(void)
 345 {
 346         struct file_lock *fl = kmem_cache_zalloc(filelock_cache, GFP_KERNEL);
 347 
 348         if (fl)
 349                 locks_init_lock_heads(fl);
 350 
 351         return fl;
 352 }
 353 EXPORT_SYMBOL_GPL(locks_alloc_lock);
 354 
 355 void locks_release_private(struct file_lock *fl)
 356 {
 357         BUG_ON(waitqueue_active(&fl->fl_wait));
 358         BUG_ON(!list_empty(&fl->fl_list));
 359         BUG_ON(!list_empty(&fl->fl_blocked_requests));
 360         BUG_ON(!list_empty(&fl->fl_blocked_member));
 361         BUG_ON(!hlist_unhashed(&fl->fl_link));
 362 
 363         if (fl->fl_ops) {
 364                 if (fl->fl_ops->fl_release_private)
 365                         fl->fl_ops->fl_release_private(fl);
 366                 fl->fl_ops = NULL;
 367         }
 368 
 369         if (fl->fl_lmops) {
 370                 if (fl->fl_lmops->lm_put_owner) {
 371                         fl->fl_lmops->lm_put_owner(fl->fl_owner);
 372                         fl->fl_owner = NULL;
 373                 }
 374                 fl->fl_lmops = NULL;
 375         }
 376 }
 377 EXPORT_SYMBOL_GPL(locks_release_private);
 378 
 379 /* Free a lock which is not in use. */
 380 void locks_free_lock(struct file_lock *fl)
 381 {
 382         locks_release_private(fl);
 383         kmem_cache_free(filelock_cache, fl);
 384 }
 385 EXPORT_SYMBOL(locks_free_lock);
 386 
 387 static void
 388 locks_dispose_list(struct list_head *dispose)
 389 {
 390         struct file_lock *fl;
 391 
 392         while (!list_empty(dispose)) {
 393                 fl = list_first_entry(dispose, struct file_lock, fl_list);
 394                 list_del_init(&fl->fl_list);
 395                 locks_free_lock(fl);
 396         }
 397 }
 398 
 399 void locks_init_lock(struct file_lock *fl)
 400 {
 401         memset(fl, 0, sizeof(struct file_lock));
 402         locks_init_lock_heads(fl);
 403 }
 404 EXPORT_SYMBOL(locks_init_lock);
 405 
 406 /*
 407  * Initialize a new lock from an existing file_lock structure.
 408  */
 409 void locks_copy_conflock(struct file_lock *new, struct file_lock *fl)
 410 {
 411         new->fl_owner = fl->fl_owner;
 412         new->fl_pid = fl->fl_pid;
 413         new->fl_file = NULL;
 414         new->fl_flags = fl->fl_flags;
 415         new->fl_type = fl->fl_type;
 416         new->fl_start = fl->fl_start;
 417         new->fl_end = fl->fl_end;
 418         new->fl_lmops = fl->fl_lmops;
 419         new->fl_ops = NULL;
 420 
 421         if (fl->fl_lmops) {
 422                 if (fl->fl_lmops->lm_get_owner)
 423                         fl->fl_lmops->lm_get_owner(fl->fl_owner);
 424         }
 425 }
 426 EXPORT_SYMBOL(locks_copy_conflock);
 427 
 428 void locks_copy_lock(struct file_lock *new, struct file_lock *fl)
 429 {
 430         /* "new" must be a freshly-initialized lock */
 431         WARN_ON_ONCE(new->fl_ops);
 432 
 433         locks_copy_conflock(new, fl);
 434 
 435         new->fl_file = fl->fl_file;
 436         new->fl_ops = fl->fl_ops;
 437 
 438         if (fl->fl_ops) {
 439                 if (fl->fl_ops->fl_copy_lock)
 440                         fl->fl_ops->fl_copy_lock(new, fl);
 441         }
 442 }
 443 EXPORT_SYMBOL(locks_copy_lock);
 444 
 445 static void locks_move_blocks(struct file_lock *new, struct file_lock *fl)
 446 {
 447         struct file_lock *f;
 448 
 449         /*
 450          * As ctx->flc_lock is held, new requests cannot be added to
 451          * ->fl_blocked_requests, so we don't need a lock to check if it
 452          * is empty.
 453          */
 454         if (list_empty(&fl->fl_blocked_requests))
 455                 return;
 456         spin_lock(&blocked_lock_lock);
 457         list_splice_init(&fl->fl_blocked_requests, &new->fl_blocked_requests);
 458         list_for_each_entry(f, &new->fl_blocked_requests, fl_blocked_member)
 459                 f->fl_blocker = new;
 460         spin_unlock(&blocked_lock_lock);
 461 }
 462 
 463 static inline int flock_translate_cmd(int cmd) {
 464         if (cmd & LOCK_MAND)
 465                 return cmd & (LOCK_MAND | LOCK_RW);
 466         switch (cmd) {
 467         case LOCK_SH:
 468                 return F_RDLCK;
 469         case LOCK_EX:
 470                 return F_WRLCK;
 471         case LOCK_UN:
 472                 return F_UNLCK;
 473         }
 474         return -EINVAL;
 475 }
 476 
 477 /* Fill in a file_lock structure with an appropriate FLOCK lock. */
 478 static struct file_lock *
 479 flock_make_lock(struct file *filp, unsigned int cmd, struct file_lock *fl)
 480 {
 481         int type = flock_translate_cmd(cmd);
 482 
 483         if (type < 0)
 484                 return ERR_PTR(type);
 485 
 486         if (fl == NULL) {
 487                 fl = locks_alloc_lock();
 488                 if (fl == NULL)
 489                         return ERR_PTR(-ENOMEM);
 490         } else {
 491                 locks_init_lock(fl);
 492         }
 493 
 494         fl->fl_file = filp;
 495         fl->fl_owner = filp;
 496         fl->fl_pid = current->tgid;
 497         fl->fl_flags = FL_FLOCK;
 498         fl->fl_type = type;
 499         fl->fl_end = OFFSET_MAX;
 500 
 501         return fl;
 502 }
 503 
 504 static int assign_type(struct file_lock *fl, long type)
 505 {
 506         switch (type) {
 507         case F_RDLCK:
 508         case F_WRLCK:
 509         case F_UNLCK:
 510                 fl->fl_type = type;
 511                 break;
 512         default:
 513                 return -EINVAL;
 514         }
 515         return 0;
 516 }
 517 
 518 static int flock64_to_posix_lock(struct file *filp, struct file_lock *fl,
 519                                  struct flock64 *l)
 520 {
 521         switch (l->l_whence) {
 522         case SEEK_SET:
 523                 fl->fl_start = 0;
 524                 break;
 525         case SEEK_CUR:
 526                 fl->fl_start = filp->f_pos;
 527                 break;
 528         case SEEK_END:
 529                 fl->fl_start = i_size_read(file_inode(filp));
 530                 break;
 531         default:
 532                 return -EINVAL;
 533         }
 534         if (l->l_start > OFFSET_MAX - fl->fl_start)
 535                 return -EOVERFLOW;
 536         fl->fl_start += l->l_start;
 537         if (fl->fl_start < 0)
 538                 return -EINVAL;
 539 
 540         /* POSIX-1996 leaves the case l->l_len < 0 undefined;
 541            POSIX-2001 defines it. */
 542         if (l->l_len > 0) {
 543                 if (l->l_len - 1 > OFFSET_MAX - fl->fl_start)
 544                         return -EOVERFLOW;
 545                 fl->fl_end = fl->fl_start + l->l_len - 1;
 546 
 547         } else if (l->l_len < 0) {
 548                 if (fl->fl_start + l->l_len < 0)
 549                         return -EINVAL;
 550                 fl->fl_end = fl->fl_start - 1;
 551                 fl->fl_start += l->l_len;
 552         } else
 553                 fl->fl_end = OFFSET_MAX;
 554 
 555         fl->fl_owner = current->files;
 556         fl->fl_pid = current->tgid;
 557         fl->fl_file = filp;
 558         fl->fl_flags = FL_POSIX;
 559         fl->fl_ops = NULL;
 560         fl->fl_lmops = NULL;
 561 
 562         return assign_type(fl, l->l_type);
 563 }
 564 
 565 /* Verify a "struct flock" and copy it to a "struct file_lock" as a POSIX
 566  * style lock.
 567  */
 568 static int flock_to_posix_lock(struct file *filp, struct file_lock *fl,
 569                                struct flock *l)
 570 {
 571         struct flock64 ll = {
 572                 .l_type = l->l_type,
 573                 .l_whence = l->l_whence,
 574                 .l_start = l->l_start,
 575                 .l_len = l->l_len,
 576         };
 577 
 578         return flock64_to_posix_lock(filp, fl, &ll);
 579 }
 580 
 581 /* default lease lock manager operations */
 582 static bool
 583 lease_break_callback(struct file_lock *fl)
 584 {
 585         kill_fasync(&fl->fl_fasync, SIGIO, POLL_MSG);
 586         return false;
 587 }
 588 
 589 static void
 590 lease_setup(struct file_lock *fl, void **priv)
 591 {
 592         struct file *filp = fl->fl_file;
 593         struct fasync_struct *fa = *priv;
 594 
 595         /*
 596          * fasync_insert_entry() returns the old entry if any. If there was no
 597          * old entry, then it used "priv" and inserted it into the fasync list.
 598          * Clear the pointer to indicate that it shouldn't be freed.
 599          */
 600         if (!fasync_insert_entry(fa->fa_fd, filp, &fl->fl_fasync, fa))
 601                 *priv = NULL;
 602 
 603         __f_setown(filp, task_pid(current), PIDTYPE_TGID, 0);
 604 }
 605 
 606 static const struct lock_manager_operations lease_manager_ops = {
 607         .lm_break = lease_break_callback,
 608         .lm_change = lease_modify,
 609         .lm_setup = lease_setup,
 610 };
 611 
 612 /*
 613  * Initialize a lease, use the default lock manager operations
 614  */
 615 static int lease_init(struct file *filp, long type, struct file_lock *fl)
 616 {
 617         if (assign_type(fl, type) != 0)
 618                 return -EINVAL;
 619 
 620         fl->fl_owner = filp;
 621         fl->fl_pid = current->tgid;
 622 
 623         fl->fl_file = filp;
 624         fl->fl_flags = FL_LEASE;
 625         fl->fl_start = 0;
 626         fl->fl_end = OFFSET_MAX;
 627         fl->fl_ops = NULL;
 628         fl->fl_lmops = &lease_manager_ops;
 629         return 0;
 630 }
 631 
 632 /* Allocate a file_lock initialised to this type of lease */
 633 static struct file_lock *lease_alloc(struct file *filp, long type)
 634 {
 635         struct file_lock *fl = locks_alloc_lock();
 636         int error = -ENOMEM;
 637 
 638         if (fl == NULL)
 639                 return ERR_PTR(error);
 640 
 641         error = lease_init(filp, type, fl);
 642         if (error) {
 643                 locks_free_lock(fl);
 644                 return ERR_PTR(error);
 645         }
 646         return fl;
 647 }
 648 
 649 /* Check if two locks overlap each other.
 650  */
 651 static inline int locks_overlap(struct file_lock *fl1, struct file_lock *fl2)
 652 {
 653         return ((fl1->fl_end >= fl2->fl_start) &&
 654                 (fl2->fl_end >= fl1->fl_start));
 655 }
 656 
 657 /*
 658  * Check whether two locks have the same owner.
 659  */
 660 static int posix_same_owner(struct file_lock *fl1, struct file_lock *fl2)
 661 {
 662         return fl1->fl_owner == fl2->fl_owner;
 663 }
 664 
 665 /* Must be called with the flc_lock held! */
 666 static void locks_insert_global_locks(struct file_lock *fl)
 667 {
 668         struct file_lock_list_struct *fll = this_cpu_ptr(&file_lock_list);
 669 
 670         percpu_rwsem_assert_held(&file_rwsem);
 671 
 672         spin_lock(&fll->lock);
 673         fl->fl_link_cpu = smp_processor_id();
 674         hlist_add_head(&fl->fl_link, &fll->hlist);
 675         spin_unlock(&fll->lock);
 676 }
 677 
 678 /* Must be called with the flc_lock held! */
 679 static void locks_delete_global_locks(struct file_lock *fl)
 680 {
 681         struct file_lock_list_struct *fll;
 682 
 683         percpu_rwsem_assert_held(&file_rwsem);
 684 
 685         /*
 686          * Avoid taking lock if already unhashed. This is safe since this check
 687          * is done while holding the flc_lock, and new insertions into the list
 688          * also require that it be held.
 689          */
 690         if (hlist_unhashed(&fl->fl_link))
 691                 return;
 692 
 693         fll = per_cpu_ptr(&file_lock_list, fl->fl_link_cpu);
 694         spin_lock(&fll->lock);
 695         hlist_del_init(&fl->fl_link);
 696         spin_unlock(&fll->lock);
 697 }
 698 
 699 static unsigned long
 700 posix_owner_key(struct file_lock *fl)
 701 {
 702         return (unsigned long)fl->fl_owner;
 703 }
 704 
 705 static void locks_insert_global_blocked(struct file_lock *waiter)
 706 {
 707         lockdep_assert_held(&blocked_lock_lock);
 708 
 709         hash_add(blocked_hash, &waiter->fl_link, posix_owner_key(waiter));
 710 }
 711 
 712 static void locks_delete_global_blocked(struct file_lock *waiter)
 713 {
 714         lockdep_assert_held(&blocked_lock_lock);
 715 
 716         hash_del(&waiter->fl_link);
 717 }
 718 
 719 /* Remove waiter from blocker's block list.
 720  * When blocker ends up pointing to itself then the list is empty.
 721  *
 722  * Must be called with blocked_lock_lock held.
 723  */
 724 static void __locks_delete_block(struct file_lock *waiter)
 725 {
 726         locks_delete_global_blocked(waiter);
 727         list_del_init(&waiter->fl_blocked_member);
 728 }
 729 
 730 static void __locks_wake_up_blocks(struct file_lock *blocker)
 731 {
 732         while (!list_empty(&blocker->fl_blocked_requests)) {
 733                 struct file_lock *waiter;
 734 
 735                 waiter = list_first_entry(&blocker->fl_blocked_requests,
 736                                           struct file_lock, fl_blocked_member);
 737                 __locks_delete_block(waiter);
 738                 if (waiter->fl_lmops && waiter->fl_lmops->lm_notify)
 739                         waiter->fl_lmops->lm_notify(waiter);
 740                 else
 741                         wake_up(&waiter->fl_wait);
 742 
 743                 /*
 744                  * The setting of fl_blocker to NULL marks the "done"
 745                  * point in deleting a block. Paired with acquire at the top
 746                  * of locks_delete_block().
 747                  */
 748                 smp_store_release(&waiter->fl_blocker, NULL);
 749         }
 750 }
 751 
 752 /**
 753  *      locks_delete_lock - stop waiting for a file lock
 754  *      @waiter: the lock which was waiting
 755  *
 756  *      lockd/nfsd need to disconnect the lock while working on it.
 757  */
 758 int locks_delete_block(struct file_lock *waiter)
 759 {
 760         int status = -ENOENT;
 761 
 762         /*
 763          * If fl_blocker is NULL, it won't be set again as this thread "owns"
 764          * the lock and is the only one that might try to claim the lock.
 765          *
 766          * We use acquire/release to manage fl_blocker so that we can
 767          * optimize away taking the blocked_lock_lock in many cases.
 768          *
 769          * The smp_load_acquire guarantees two things:
 770          *
 771          * 1/ that fl_blocked_requests can be tested locklessly. If something
 772          * was recently added to that list it must have been in a locked region
 773          * *before* the locked region when fl_blocker was set to NULL.
 774          *
 775          * 2/ that no other thread is accessing 'waiter', so it is safe to free
 776          * it.  __locks_wake_up_blocks is careful not to touch waiter after
 777          * fl_blocker is released.
 778          *
 779          * If a lockless check of fl_blocker shows it to be NULL, we know that
 780          * no new locks can be inserted into its fl_blocked_requests list, and
 781          * can avoid doing anything further if the list is empty.
 782          */
 783         if (!smp_load_acquire(&waiter->fl_blocker) &&
 784             list_empty(&waiter->fl_blocked_requests))
 785                 return status;
 786 
 787         spin_lock(&blocked_lock_lock);
 788         if (waiter->fl_blocker)
 789                 status = 0;
 790         __locks_wake_up_blocks(waiter);
 791         __locks_delete_block(waiter);
 792 
 793         /*
 794          * The setting of fl_blocker to NULL marks the "done" point in deleting
 795          * a block. Paired with acquire at the top of this function.
 796          */
 797         smp_store_release(&waiter->fl_blocker, NULL);
 798         spin_unlock(&blocked_lock_lock);
 799         return status;
 800 }
 801 EXPORT_SYMBOL(locks_delete_block);
 802 
 803 /* Insert waiter into blocker's block list.
 804  * We use a circular list so that processes can be easily woken up in
 805  * the order they blocked. The documentation doesn't require this but
 806  * it seems like the reasonable thing to do.
 807  *
 808  * Must be called with both the flc_lock and blocked_lock_lock held. The
 809  * fl_blocked_requests list itself is protected by the blocked_lock_lock,
 810  * but by ensuring that the flc_lock is also held on insertions we can avoid
 811  * taking the blocked_lock_lock in some cases when we see that the
 812  * fl_blocked_requests list is empty.
 813  *
 814  * Rather than just adding to the list, we check for conflicts with any existing
 815  * waiters, and add beneath any waiter that blocks the new waiter.
 816  * Thus wakeups don't happen until needed.
 817  */
 818 static void __locks_insert_block(struct file_lock *blocker,
 819                                  struct file_lock *waiter,
 820                                  bool conflict(struct file_lock *,
 821                                                struct file_lock *))
 822 {
 823         struct file_lock *fl;
 824         BUG_ON(!list_empty(&waiter->fl_blocked_member));
 825 
 826 new_blocker:
 827         list_for_each_entry(fl, &blocker->fl_blocked_requests, fl_blocked_member)
 828                 if (conflict(fl, waiter)) {
 829                         blocker =  fl;
 830                         goto new_blocker;
 831                 }
 832         waiter->fl_blocker = blocker;
 833         list_add_tail(&waiter->fl_blocked_member, &blocker->fl_blocked_requests);
 834         if (IS_POSIX(blocker) && !IS_OFDLCK(blocker))
 835                 locks_insert_global_blocked(waiter);
 836 
 837         /* The requests in waiter->fl_blocked are known to conflict with
 838          * waiter, but might not conflict with blocker, or the requests
 839          * and lock which block it.  So they all need to be woken.
 840          */
 841         __locks_wake_up_blocks(waiter);
 842 }
 843 
 844 /* Must be called with flc_lock held. */
 845 static void locks_insert_block(struct file_lock *blocker,
 846                                struct file_lock *waiter,
 847                                bool conflict(struct file_lock *,
 848                                              struct file_lock *))
 849 {
 850         spin_lock(&blocked_lock_lock);
 851         __locks_insert_block(blocker, waiter, conflict);
 852         spin_unlock(&blocked_lock_lock);
 853 }
 854 
 855 /*
 856  * Wake up processes blocked waiting for blocker.
 857  *
 858  * Must be called with the inode->flc_lock held!
 859  */
 860 static void locks_wake_up_blocks(struct file_lock *blocker)
 861 {
 862         /*
 863          * Avoid taking global lock if list is empty. This is safe since new
 864          * blocked requests are only added to the list under the flc_lock, and
 865          * the flc_lock is always held here. Note that removal from the
 866          * fl_blocked_requests list does not require the flc_lock, so we must
 867          * recheck list_empty() after acquiring the blocked_lock_lock.
 868          */
 869         if (list_empty(&blocker->fl_blocked_requests))
 870                 return;
 871 
 872         spin_lock(&blocked_lock_lock);
 873         __locks_wake_up_blocks(blocker);
 874         spin_unlock(&blocked_lock_lock);
 875 }
 876 
 877 static void
 878 locks_insert_lock_ctx(struct file_lock *fl, struct list_head *before)
 879 {
 880         list_add_tail(&fl->fl_list, before);
 881         locks_insert_global_locks(fl);
 882 }
 883 
 884 static void
 885 locks_unlink_lock_ctx(struct file_lock *fl)
 886 {
 887         locks_delete_global_locks(fl);
 888         list_del_init(&fl->fl_list);
 889         locks_wake_up_blocks(fl);
 890 }
 891 
 892 static void
 893 locks_delete_lock_ctx(struct file_lock *fl, struct list_head *dispose)
 894 {
 895         locks_unlink_lock_ctx(fl);
 896         if (dispose)
 897                 list_add(&fl->fl_list, dispose);
 898         else
 899                 locks_free_lock(fl);
 900 }
 901 
 902 /* Determine if lock sys_fl blocks lock caller_fl. Common functionality
 903  * checks for shared/exclusive status of overlapping locks.
 904  */
 905 static bool locks_conflict(struct file_lock *caller_fl,
 906                            struct file_lock *sys_fl)
 907 {
 908         if (sys_fl->fl_type == F_WRLCK)
 909                 return true;
 910         if (caller_fl->fl_type == F_WRLCK)
 911                 return true;
 912         return false;
 913 }
 914 
 915 /* Determine if lock sys_fl blocks lock caller_fl. POSIX specific
 916  * checking before calling the locks_conflict().
 917  */
 918 static bool posix_locks_conflict(struct file_lock *caller_fl,
 919                                  struct file_lock *sys_fl)
 920 {
 921         /* POSIX locks owned by the same process do not conflict with
 922          * each other.
 923          */
 924         if (posix_same_owner(caller_fl, sys_fl))
 925                 return false;
 926 
 927         /* Check whether they overlap */
 928         if (!locks_overlap(caller_fl, sys_fl))
 929                 return false;
 930 
 931         return locks_conflict(caller_fl, sys_fl);
 932 }
 933 
 934 /* Determine if lock sys_fl blocks lock caller_fl. FLOCK specific
 935  * checking before calling the locks_conflict().
 936  */
 937 static bool flock_locks_conflict(struct file_lock *caller_fl,
 938                                  struct file_lock *sys_fl)
 939 {
 940         /* FLOCK locks referring to the same filp do not conflict with
 941          * each other.
 942          */
 943         if (caller_fl->fl_file == sys_fl->fl_file)
 944                 return false;
 945         if ((caller_fl->fl_type & LOCK_MAND) || (sys_fl->fl_type & LOCK_MAND))
 946                 return false;
 947 
 948         return locks_conflict(caller_fl, sys_fl);
 949 }
 950 
 951 void
 952 posix_test_lock(struct file *filp, struct file_lock *fl)
 953 {
 954         struct file_lock *cfl;
 955         struct file_lock_context *ctx;
 956         struct inode *inode = locks_inode(filp);
 957 
 958         ctx = smp_load_acquire(&inode->i_flctx);
 959         if (!ctx || list_empty_careful(&ctx->flc_posix)) {
 960                 fl->fl_type = F_UNLCK;
 961                 return;
 962         }
 963 
 964         spin_lock(&ctx->flc_lock);
 965         list_for_each_entry(cfl, &ctx->flc_posix, fl_list) {
 966                 if (posix_locks_conflict(fl, cfl)) {
 967                         locks_copy_conflock(fl, cfl);
 968                         goto out;
 969                 }
 970         }
 971         fl->fl_type = F_UNLCK;
 972 out:
 973         spin_unlock(&ctx->flc_lock);
 974         return;
 975 }
 976 EXPORT_SYMBOL(posix_test_lock);
 977 
 978 /*
 979  * Deadlock detection:
 980  *
 981  * We attempt to detect deadlocks that are due purely to posix file
 982  * locks.
 983  *
 984  * We assume that a task can be waiting for at most one lock at a time.
 985  * So for any acquired lock, the process holding that lock may be
 986  * waiting on at most one other lock.  That lock in turns may be held by
 987  * someone waiting for at most one other lock.  Given a requested lock
 988  * caller_fl which is about to wait for a conflicting lock block_fl, we
 989  * follow this chain of waiters to ensure we are not about to create a
 990  * cycle.
 991  *
 992  * Since we do this before we ever put a process to sleep on a lock, we
 993  * are ensured that there is never a cycle; that is what guarantees that
 994  * the while() loop in posix_locks_deadlock() eventually completes.
 995  *
 996  * Note: the above assumption may not be true when handling lock
 997  * requests from a broken NFS client. It may also fail in the presence
 998  * of tasks (such as posix threads) sharing the same open file table.
 999  * To handle those cases, we just bail out after a few iterations.
1000  *
1001  * For FL_OFDLCK locks, the owner is the filp, not the files_struct.
1002  * Because the owner is not even nominally tied to a thread of
1003  * execution, the deadlock detection below can't reasonably work well. Just
1004  * skip it for those.
1005  *
1006  * In principle, we could do a more limited deadlock detection on FL_OFDLCK
1007  * locks that just checks for the case where two tasks are attempting to
1008  * upgrade from read to write locks on the same inode.
1009  */
1010 
1011 #define MAX_DEADLK_ITERATIONS 10
1012 
1013 /* Find a lock that the owner of the given block_fl is blocking on. */
1014 static struct file_lock *what_owner_is_waiting_for(struct file_lock *block_fl)
1015 {
1016         struct file_lock *fl;
1017 
1018         hash_for_each_possible(blocked_hash, fl, fl_link, posix_owner_key(block_fl)) {
1019                 if (posix_same_owner(fl, block_fl)) {
1020                         while (fl->fl_blocker)
1021                                 fl = fl->fl_blocker;
1022                         return fl;
1023                 }
1024         }
1025         return NULL;
1026 }
1027 
1028 /* Must be called with the blocked_lock_lock held! */
1029 static int posix_locks_deadlock(struct file_lock *caller_fl,
1030                                 struct file_lock *block_fl)
1031 {
1032         int i = 0;
1033 
1034         lockdep_assert_held(&blocked_lock_lock);
1035 
1036         /*
1037          * This deadlock detector can't reasonably detect deadlocks with
1038          * FL_OFDLCK locks, since they aren't owned by a process, per-se.
1039          */
1040         if (IS_OFDLCK(caller_fl))
1041                 return 0;
1042 
1043         while ((block_fl = what_owner_is_waiting_for(block_fl))) {
1044                 if (i++ > MAX_DEADLK_ITERATIONS)
1045                         return 0;
1046                 if (posix_same_owner(caller_fl, block_fl))
1047                         return 1;
1048         }
1049         return 0;
1050 }
1051 
1052 /* Try to create a FLOCK lock on filp. We always insert new FLOCK locks
1053  * after any leases, but before any posix locks.
1054  *
1055  * Note that if called with an FL_EXISTS argument, the caller may determine
1056  * whether or not a lock was successfully freed by testing the return
1057  * value for -ENOENT.
1058  */
1059 static int flock_lock_inode(struct inode *inode, struct file_lock *request)
1060 {
1061         struct file_lock *new_fl = NULL;
1062         struct file_lock *fl;
1063         struct file_lock_context *ctx;
1064         int error = 0;
1065         bool found = false;
1066         LIST_HEAD(dispose);
1067 
1068         ctx = locks_get_lock_context(inode, request->fl_type);
1069         if (!ctx) {
1070                 if (request->fl_type != F_UNLCK)
1071                         return -ENOMEM;
1072                 return (request->fl_flags & FL_EXISTS) ? -ENOENT : 0;
1073         }
1074 
1075         if (!(request->fl_flags & FL_ACCESS) && (request->fl_type != F_UNLCK)) {
1076                 new_fl = locks_alloc_lock();
1077                 if (!new_fl)
1078                         return -ENOMEM;
1079         }
1080 
1081         percpu_down_read(&file_rwsem);
1082         spin_lock(&ctx->flc_lock);
1083         if (request->fl_flags & FL_ACCESS)
1084                 goto find_conflict;
1085 
1086         list_for_each_entry(fl, &ctx->flc_flock, fl_list) {
1087                 if (request->fl_file != fl->fl_file)
1088                         continue;
1089                 if (request->fl_type == fl->fl_type)
1090                         goto out;
1091                 found = true;
1092                 locks_delete_lock_ctx(fl, &dispose);
1093                 break;
1094         }
1095 
1096         if (request->fl_type == F_UNLCK) {
1097                 if ((request->fl_flags & FL_EXISTS) && !found)
1098                         error = -ENOENT;
1099                 goto out;
1100         }
1101 
1102 find_conflict:
1103         list_for_each_entry(fl, &ctx->flc_flock, fl_list) {
1104                 if (!flock_locks_conflict(request, fl))
1105                         continue;
1106                 error = -EAGAIN;
1107                 if (!(request->fl_flags & FL_SLEEP))
1108                         goto out;
1109                 error = FILE_LOCK_DEFERRED;
1110                 locks_insert_block(fl, request, flock_locks_conflict);
1111                 goto out;
1112         }
1113         if (request->fl_flags & FL_ACCESS)
1114                 goto out;
1115         locks_copy_lock(new_fl, request);
1116         locks_move_blocks(new_fl, request);
1117         locks_insert_lock_ctx(new_fl, &ctx->flc_flock);
1118         new_fl = NULL;
1119         error = 0;
1120 
1121 out:
1122         spin_unlock(&ctx->flc_lock);
1123         percpu_up_read(&file_rwsem);
1124         if (new_fl)
1125                 locks_free_lock(new_fl);
1126         locks_dispose_list(&dispose);
1127         trace_flock_lock_inode(inode, request, error);
1128         return error;
1129 }
1130 
1131 static int posix_lock_inode(struct inode *inode, struct file_lock *request,
1132                             struct file_lock *conflock)
1133 {
1134         struct file_lock *fl, *tmp;
1135         struct file_lock *new_fl = NULL;
1136         struct file_lock *new_fl2 = NULL;
1137         struct file_lock *left = NULL;
1138         struct file_lock *right = NULL;
1139         struct file_lock_context *ctx;
1140         int error;
1141         bool added = false;
1142         LIST_HEAD(dispose);
1143 
1144         ctx = locks_get_lock_context(inode, request->fl_type);
1145         if (!ctx)
1146                 return (request->fl_type == F_UNLCK) ? 0 : -ENOMEM;
1147 
1148         /*
1149          * We may need two file_lock structures for this operation,
1150          * so we get them in advance to avoid races.
1151          *
1152          * In some cases we can be sure, that no new locks will be needed
1153          */
1154         if (!(request->fl_flags & FL_ACCESS) &&
1155             (request->fl_type != F_UNLCK ||
1156              request->fl_start != 0 || request->fl_end != OFFSET_MAX)) {
1157                 new_fl = locks_alloc_lock();
1158                 new_fl2 = locks_alloc_lock();
1159         }
1160 
1161         percpu_down_read(&file_rwsem);
1162         spin_lock(&ctx->flc_lock);
1163         /*
1164          * New lock request. Walk all POSIX locks and look for conflicts. If
1165          * there are any, either return error or put the request on the
1166          * blocker's list of waiters and the global blocked_hash.
1167          */
1168         if (request->fl_type != F_UNLCK) {
1169                 list_for_each_entry(fl, &ctx->flc_posix, fl_list) {
1170                         if (!posix_locks_conflict(request, fl))
1171                                 continue;
1172                         if (conflock)
1173                                 locks_copy_conflock(conflock, fl);
1174                         error = -EAGAIN;
1175                         if (!(request->fl_flags & FL_SLEEP))
1176                                 goto out;
1177                         /*
1178                          * Deadlock detection and insertion into the blocked
1179                          * locks list must be done while holding the same lock!
1180                          */
1181                         error = -EDEADLK;
1182                         spin_lock(&blocked_lock_lock);
1183                         /*
1184                          * Ensure that we don't find any locks blocked on this
1185                          * request during deadlock detection.
1186                          */
1187                         __locks_wake_up_blocks(request);
1188                         if (likely(!posix_locks_deadlock(request, fl))) {
1189                                 error = FILE_LOCK_DEFERRED;
1190                                 __locks_insert_block(fl, request,
1191                                                      posix_locks_conflict);
1192                         }
1193                         spin_unlock(&blocked_lock_lock);
1194                         goto out;
1195                 }
1196         }
1197 
1198         /* If we're just looking for a conflict, we're done. */
1199         error = 0;
1200         if (request->fl_flags & FL_ACCESS)
1201                 goto out;
1202 
1203         /* Find the first old lock with the same owner as the new lock */
1204         list_for_each_entry(fl, &ctx->flc_posix, fl_list) {
1205                 if (posix_same_owner(request, fl))
1206                         break;
1207         }
1208 
1209         /* Process locks with this owner. */
1210         list_for_each_entry_safe_from(fl, tmp, &ctx->flc_posix, fl_list) {
1211                 if (!posix_same_owner(request, fl))
1212                         break;
1213 
1214                 /* Detect adjacent or overlapping regions (if same lock type) */
1215                 if (request->fl_type == fl->fl_type) {
1216                         /* In all comparisons of start vs end, use
1217                          * "start - 1" rather than "end + 1". If end
1218                          * is OFFSET_MAX, end + 1 will become negative.
1219                          */
1220                         if (fl->fl_end < request->fl_start - 1)
1221                                 continue;
1222                         /* If the next lock in the list has entirely bigger
1223                          * addresses than the new one, insert the lock here.
1224                          */
1225                         if (fl->fl_start - 1 > request->fl_end)
1226                                 break;
1227 
1228                         /* If we come here, the new and old lock are of the
1229                          * same type and adjacent or overlapping. Make one
1230                          * lock yielding from the lower start address of both
1231                          * locks to the higher end address.
1232                          */
1233                         if (fl->fl_start > request->fl_start)
1234                                 fl->fl_start = request->fl_start;
1235                         else
1236                                 request->fl_start = fl->fl_start;
1237                         if (fl->fl_end < request->fl_end)
1238                                 fl->fl_end = request->fl_end;
1239                         else
1240                                 request->fl_end = fl->fl_end;
1241                         if (added) {
1242                                 locks_delete_lock_ctx(fl, &dispose);
1243                                 continue;
1244                         }
1245                         request = fl;
1246                         added = true;
1247                 } else {
1248                         /* Processing for different lock types is a bit
1249                          * more complex.
1250                          */
1251                         if (fl->fl_end < request->fl_start)
1252                                 continue;
1253                         if (fl->fl_start > request->fl_end)
1254                                 break;
1255                         if (request->fl_type == F_UNLCK)
1256                                 added = true;
1257                         if (fl->fl_start < request->fl_start)
1258                                 left = fl;
1259                         /* If the next lock in the list has a higher end
1260                          * address than the new one, insert the new one here.
1261                          */
1262                         if (fl->fl_end > request->fl_end) {
1263                                 right = fl;
1264                                 break;
1265                         }
1266                         if (fl->fl_start >= request->fl_start) {
1267                                 /* The new lock completely replaces an old
1268                                  * one (This may happen several times).
1269                                  */
1270                                 if (added) {
1271                                         locks_delete_lock_ctx(fl, &dispose);
1272                                         continue;
1273                                 }
1274                                 /*
1275                                  * Replace the old lock with new_fl, and
1276                                  * remove the old one. It's safe to do the
1277                                  * insert here since we know that we won't be
1278                                  * using new_fl later, and that the lock is
1279                                  * just replacing an existing lock.
1280                                  */
1281                                 error = -ENOLCK;
1282                                 if (!new_fl)
1283                                         goto out;
1284                                 locks_copy_lock(new_fl, request);
1285                                 request = new_fl;
1286                                 new_fl = NULL;
1287                                 locks_insert_lock_ctx(request, &fl->fl_list);
1288                                 locks_delete_lock_ctx(fl, &dispose);
1289                                 added = true;
1290                         }
1291                 }
1292         }
1293 
1294         /*
1295          * The above code only modifies existing locks in case of merging or
1296          * replacing. If new lock(s) need to be inserted all modifications are
1297          * done below this, so it's safe yet to bail out.
1298          */
1299         error = -ENOLCK; /* "no luck" */
1300         if (right && left == right && !new_fl2)
1301                 goto out;
1302 
1303         error = 0;
1304         if (!added) {
1305                 if (request->fl_type == F_UNLCK) {
1306                         if (request->fl_flags & FL_EXISTS)
1307                                 error = -ENOENT;
1308                         goto out;
1309                 }
1310 
1311                 if (!new_fl) {
1312                         error = -ENOLCK;
1313                         goto out;
1314                 }
1315                 locks_copy_lock(new_fl, request);
1316                 locks_move_blocks(new_fl, request);
1317                 locks_insert_lock_ctx(new_fl, &fl->fl_list);
1318                 fl = new_fl;
1319                 new_fl = NULL;
1320         }
1321         if (right) {
1322                 if (left == right) {
1323                         /* The new lock breaks the old one in two pieces,
1324                          * so we have to use the second new lock.
1325                          */
1326                         left = new_fl2;
1327                         new_fl2 = NULL;
1328                         locks_copy_lock(left, right);
1329                         locks_insert_lock_ctx(left, &fl->fl_list);
1330                 }
1331                 right->fl_start = request->fl_end + 1;
1332                 locks_wake_up_blocks(right);
1333         }
1334         if (left) {
1335                 left->fl_end = request->fl_start - 1;
1336                 locks_wake_up_blocks(left);
1337         }
1338  out:
1339         spin_unlock(&ctx->flc_lock);
1340         percpu_up_read(&file_rwsem);
1341         /*
1342          * Free any unused locks.
1343          */
1344         if (new_fl)
1345                 locks_free_lock(new_fl);
1346         if (new_fl2)
1347                 locks_free_lock(new_fl2);
1348         locks_dispose_list(&dispose);
1349         trace_posix_lock_inode(inode, request, error);
1350 
1351         return error;
1352 }
1353 
1354 /**
1355  * posix_lock_file - Apply a POSIX-style lock to a file
1356  * @filp: The file to apply the lock to
1357  * @fl: The lock to be applied
1358  * @conflock: Place to return a copy of the conflicting lock, if found.
1359  *
1360  * Add a POSIX style lock to a file.
1361  * We merge adjacent & overlapping locks whenever possible.
1362  * POSIX locks are sorted by owner task, then by starting address
1363  *
1364  * Note that if called with an FL_EXISTS argument, the caller may determine
1365  * whether or not a lock was successfully freed by testing the return
1366  * value for -ENOENT.
1367  */
1368 int posix_lock_file(struct file *filp, struct file_lock *fl,
1369                         struct file_lock *conflock)
1370 {
1371         return posix_lock_inode(locks_inode(filp), fl, conflock);
1372 }
1373 EXPORT_SYMBOL(posix_lock_file);
1374 
1375 /**
1376  * posix_lock_inode_wait - Apply a POSIX-style lock to a file
1377  * @inode: inode of file to which lock request should be applied
1378  * @fl: The lock to be applied
1379  *
1380  * Apply a POSIX style lock request to an inode.
1381  */
1382 static int posix_lock_inode_wait(struct inode *inode, struct file_lock *fl)
1383 {
1384         int error;
1385         might_sleep ();
1386         for (;;) {
1387                 error = posix_lock_inode(inode, fl, NULL);
1388                 if (error != FILE_LOCK_DEFERRED)
1389                         break;
1390                 error = wait_event_interruptible(fl->fl_wait,
1391                                         list_empty(&fl->fl_blocked_member));
1392                 if (error)
1393                         break;
1394         }
1395         locks_delete_block(fl);
1396         return error;
1397 }
1398 
1399 #ifdef CONFIG_MANDATORY_FILE_LOCKING
1400 /**
1401  * locks_mandatory_locked - Check for an active lock
1402  * @file: the file to check
1403  *
1404  * Searches the inode's list of locks to find any POSIX locks which conflict.
1405  * This function is called from locks_verify_locked() only.
1406  */
1407 int locks_mandatory_locked(struct file *file)
1408 {
1409         int ret;
1410         struct inode *inode = locks_inode(file);
1411         struct file_lock_context *ctx;
1412         struct file_lock *fl;
1413 
1414         ctx = smp_load_acquire(&inode->i_flctx);
1415         if (!ctx || list_empty_careful(&ctx->flc_posix))
1416                 return 0;
1417 
1418         /*
1419          * Search the lock list for this inode for any POSIX locks.
1420          */
1421         spin_lock(&ctx->flc_lock);
1422         ret = 0;
1423         list_for_each_entry(fl, &ctx->flc_posix, fl_list) {
1424                 if (fl->fl_owner != current->files &&
1425                     fl->fl_owner != file) {
1426                         ret = -EAGAIN;
1427                         break;
1428                 }
1429         }
1430         spin_unlock(&ctx->flc_lock);
1431         return ret;
1432 }
1433 
1434 /**
1435  * locks_mandatory_area - Check for a conflicting lock
1436  * @inode:      the file to check
1437  * @filp:       how the file was opened (if it was)
1438  * @start:      first byte in the file to check
1439  * @end:        lastbyte in the file to check
1440  * @type:       %F_WRLCK for a write lock, else %F_RDLCK
1441  *
1442  * Searches the inode's list of locks to find any POSIX locks which conflict.
1443  */
1444 int locks_mandatory_area(struct inode *inode, struct file *filp, loff_t start,
1445                          loff_t end, unsigned char type)
1446 {
1447         struct file_lock fl;
1448         int error;
1449         bool sleep = false;
1450 
1451         locks_init_lock(&fl);
1452         fl.fl_pid = current->tgid;
1453         fl.fl_file = filp;
1454         fl.fl_flags = FL_POSIX | FL_ACCESS;
1455         if (filp && !(filp->f_flags & O_NONBLOCK))
1456                 sleep = true;
1457         fl.fl_type = type;
1458         fl.fl_start = start;
1459         fl.fl_end = end;
1460 
1461         for (;;) {
1462                 if (filp) {
1463                         fl.fl_owner = filp;
1464                         fl.fl_flags &= ~FL_SLEEP;
1465                         error = posix_lock_inode(inode, &fl, NULL);
1466                         if (!error)
1467                                 break;
1468                 }
1469 
1470                 if (sleep)
1471                         fl.fl_flags |= FL_SLEEP;
1472                 fl.fl_owner = current->files;
1473                 error = posix_lock_inode(inode, &fl, NULL);
1474                 if (error != FILE_LOCK_DEFERRED)
1475                         break;
1476                 error = wait_event_interruptible(fl.fl_wait,
1477                                         list_empty(&fl.fl_blocked_member));
1478                 if (!error) {
1479                         /*
1480                          * If we've been sleeping someone might have
1481                          * changed the permissions behind our back.
1482                          */
1483                         if (__mandatory_lock(inode))
1484                                 continue;
1485                 }
1486 
1487                 break;
1488         }
1489         locks_delete_block(&fl);
1490 
1491         return error;
1492 }
1493 EXPORT_SYMBOL(locks_mandatory_area);
1494 #endif /* CONFIG_MANDATORY_FILE_LOCKING */
1495 
1496 static void lease_clear_pending(struct file_lock *fl, int arg)
1497 {
1498         switch (arg) {
1499         case F_UNLCK:
1500                 fl->fl_flags &= ~FL_UNLOCK_PENDING;
1501                 /* fall through */
1502         case F_RDLCK:
1503                 fl->fl_flags &= ~FL_DOWNGRADE_PENDING;
1504         }
1505 }
1506 
1507 /* We already had a lease on this file; just change its type */
1508 int lease_modify(struct file_lock *fl, int arg, struct list_head *dispose)
1509 {
1510         int error = assign_type(fl, arg);
1511 
1512         if (error)
1513                 return error;
1514         lease_clear_pending(fl, arg);
1515         locks_wake_up_blocks(fl);
1516         if (arg == F_UNLCK) {
1517                 struct file *filp = fl->fl_file;
1518 
1519                 f_delown(filp);
1520                 filp->f_owner.signum = 0;
1521                 fasync_helper(0, fl->fl_file, 0, &fl->fl_fasync);
1522                 if (fl->fl_fasync != NULL) {
1523                         printk(KERN_ERR "locks_delete_lock: fasync == %p\n", fl->fl_fasync);
1524                         fl->fl_fasync = NULL;
1525                 }
1526                 locks_delete_lock_ctx(fl, dispose);
1527         }
1528         return 0;
1529 }
1530 EXPORT_SYMBOL(lease_modify);
1531 
1532 static bool past_time(unsigned long then)
1533 {
1534         if (!then)
1535                 /* 0 is a special value meaning "this never expires": */
1536                 return false;
1537         return time_after(jiffies, then);
1538 }
1539 
1540 static void time_out_leases(struct inode *inode, struct list_head *dispose)
1541 {
1542         struct file_lock_context *ctx = inode->i_flctx;
1543         struct file_lock *fl, *tmp;
1544 
1545         lockdep_assert_held(&ctx->flc_lock);
1546 
1547         list_for_each_entry_safe(fl, tmp, &ctx->flc_lease, fl_list) {
1548                 trace_time_out_leases(inode, fl);
1549                 if (past_time(fl->fl_downgrade_time))
1550                         lease_modify(fl, F_RDLCK, dispose);
1551                 if (past_time(fl->fl_break_time))
1552                         lease_modify(fl, F_UNLCK, dispose);
1553         }
1554 }
1555 
1556 static bool leases_conflict(struct file_lock *lease, struct file_lock *breaker)
1557 {
1558         bool rc;
1559 
1560         if ((breaker->fl_flags & FL_LAYOUT) != (lease->fl_flags & FL_LAYOUT)) {
1561                 rc = false;
1562                 goto trace;
1563         }
1564         if ((breaker->fl_flags & FL_DELEG) && (lease->fl_flags & FL_LEASE)) {
1565                 rc = false;
1566                 goto trace;
1567         }
1568 
1569         rc = locks_conflict(breaker, lease);
1570 trace:
1571         trace_leases_conflict(rc, lease, breaker);
1572         return rc;
1573 }
1574 
1575 static bool
1576 any_leases_conflict(struct inode *inode, struct file_lock *breaker)
1577 {
1578         struct file_lock_context *ctx = inode->i_flctx;
1579         struct file_lock *fl;
1580 
1581         lockdep_assert_held(&ctx->flc_lock);
1582 
1583         list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
1584                 if (leases_conflict(fl, breaker))
1585                         return true;
1586         }
1587         return false;
1588 }
1589 
1590 /**
1591  *      __break_lease   -       revoke all outstanding leases on file
1592  *      @inode: the inode of the file to return
1593  *      @mode: O_RDONLY: break only write leases; O_WRONLY or O_RDWR:
1594  *          break all leases
1595  *      @type: FL_LEASE: break leases and delegations; FL_DELEG: break
1596  *          only delegations
1597  *
1598  *      break_lease (inlined for speed) has checked there already is at least
1599  *      some kind of lock (maybe a lease) on this file.  Leases are broken on
1600  *      a call to open() or truncate().  This function can sleep unless you
1601  *      specified %O_NONBLOCK to your open().
1602  */
1603 int __break_lease(struct inode *inode, unsigned int mode, unsigned int type)
1604 {
1605         int error = 0;
1606         struct file_lock_context *ctx;
1607         struct file_lock *new_fl, *fl, *tmp;
1608         unsigned long break_time;
1609         int want_write = (mode & O_ACCMODE) != O_RDONLY;
1610         LIST_HEAD(dispose);
1611 
1612         new_fl = lease_alloc(NULL, want_write ? F_WRLCK : F_RDLCK);
1613         if (IS_ERR(new_fl))
1614                 return PTR_ERR(new_fl);
1615         new_fl->fl_flags = type;
1616 
1617         /* typically we will check that ctx is non-NULL before calling */
1618         ctx = smp_load_acquire(&inode->i_flctx);
1619         if (!ctx) {
1620                 WARN_ON_ONCE(1);
1621                 goto free_lock;
1622         }
1623 
1624         percpu_down_read(&file_rwsem);
1625         spin_lock(&ctx->flc_lock);
1626 
1627         time_out_leases(inode, &dispose);
1628 
1629         if (!any_leases_conflict(inode, new_fl))
1630                 goto out;
1631 
1632         break_time = 0;
1633         if (lease_break_time > 0) {
1634                 break_time = jiffies + lease_break_time * HZ;
1635                 if (break_time == 0)
1636                         break_time++;   /* so that 0 means no break time */
1637         }
1638 
1639         list_for_each_entry_safe(fl, tmp, &ctx->flc_lease, fl_list) {
1640                 if (!leases_conflict(fl, new_fl))
1641                         continue;
1642                 if (want_write) {
1643                         if (fl->fl_flags & FL_UNLOCK_PENDING)
1644                                 continue;
1645                         fl->fl_flags |= FL_UNLOCK_PENDING;
1646                         fl->fl_break_time = break_time;
1647                 } else {
1648                         if (lease_breaking(fl))
1649                                 continue;
1650                         fl->fl_flags |= FL_DOWNGRADE_PENDING;
1651                         fl->fl_downgrade_time = break_time;
1652                 }
1653                 if (fl->fl_lmops->lm_break(fl))
1654                         locks_delete_lock_ctx(fl, &dispose);
1655         }
1656 
1657         if (list_empty(&ctx->flc_lease))
1658                 goto out;
1659 
1660         if (mode & O_NONBLOCK) {
1661                 trace_break_lease_noblock(inode, new_fl);
1662                 error = -EWOULDBLOCK;
1663                 goto out;
1664         }
1665 
1666 restart:
1667         fl = list_first_entry(&ctx->flc_lease, struct file_lock, fl_list);
1668         break_time = fl->fl_break_time;
1669         if (break_time != 0)
1670                 break_time -= jiffies;
1671         if (break_time == 0)
1672                 break_time++;
1673         locks_insert_block(fl, new_fl, leases_conflict);
1674         trace_break_lease_block(inode, new_fl);
1675         spin_unlock(&ctx->flc_lock);
1676         percpu_up_read(&file_rwsem);
1677 
1678         locks_dispose_list(&dispose);
1679         error = wait_event_interruptible_timeout(new_fl->fl_wait,
1680                                         list_empty(&new_fl->fl_blocked_member),
1681                                         break_time);
1682 
1683         percpu_down_read(&file_rwsem);
1684         spin_lock(&ctx->flc_lock);
1685         trace_break_lease_unblock(inode, new_fl);
1686         locks_delete_block(new_fl);
1687         if (error >= 0) {
1688                 /*
1689                  * Wait for the next conflicting lease that has not been
1690                  * broken yet
1691                  */
1692                 if (error == 0)
1693                         time_out_leases(inode, &dispose);
1694                 if (any_leases_conflict(inode, new_fl))
1695                         goto restart;
1696                 error = 0;
1697         }
1698 out:
1699         spin_unlock(&ctx->flc_lock);
1700         percpu_up_read(&file_rwsem);
1701         locks_dispose_list(&dispose);
1702 free_lock:
1703         locks_free_lock(new_fl);
1704         return error;
1705 }
1706 EXPORT_SYMBOL(__break_lease);
1707 
1708 /**
1709  *      lease_get_mtime - update modified time of an inode with exclusive lease
1710  *      @inode: the inode
1711  *      @time:  pointer to a timespec which contains the last modified time
1712  *
1713  * This is to force NFS clients to flush their caches for files with
1714  * exclusive leases.  The justification is that if someone has an
1715  * exclusive lease, then they could be modifying it.
1716  */
1717 void lease_get_mtime(struct inode *inode, struct timespec64 *time)
1718 {
1719         bool has_lease = false;
1720         struct file_lock_context *ctx;
1721         struct file_lock *fl;
1722 
1723         ctx = smp_load_acquire(&inode->i_flctx);
1724         if (ctx && !list_empty_careful(&ctx->flc_lease)) {
1725                 spin_lock(&ctx->flc_lock);
1726                 fl = list_first_entry_or_null(&ctx->flc_lease,
1727                                               struct file_lock, fl_list);
1728                 if (fl && (fl->fl_type == F_WRLCK))
1729                         has_lease = true;
1730                 spin_unlock(&ctx->flc_lock);
1731         }
1732 
1733         if (has_lease)
1734                 *time = current_time(inode);
1735 }
1736 EXPORT_SYMBOL(lease_get_mtime);
1737 
1738 /**
1739  *      fcntl_getlease - Enquire what lease is currently active
1740  *      @filp: the file
1741  *
1742  *      The value returned by this function will be one of
1743  *      (if no lease break is pending):
1744  *
1745  *      %F_RDLCK to indicate a shared lease is held.
1746  *
1747  *      %F_WRLCK to indicate an exclusive lease is held.
1748  *
1749  *      %F_UNLCK to indicate no lease is held.
1750  *
1751  *      (if a lease break is pending):
1752  *
1753  *      %F_RDLCK to indicate an exclusive lease needs to be
1754  *              changed to a shared lease (or removed).
1755  *
1756  *      %F_UNLCK to indicate the lease needs to be removed.
1757  *
1758  *      XXX: sfr & willy disagree over whether F_INPROGRESS
1759  *      should be returned to userspace.
1760  */
1761 int fcntl_getlease(struct file *filp)
1762 {
1763         struct file_lock *fl;
1764         struct inode *inode = locks_inode(filp);
1765         struct file_lock_context *ctx;
1766         int type = F_UNLCK;
1767         LIST_HEAD(dispose);
1768 
1769         ctx = smp_load_acquire(&inode->i_flctx);
1770         if (ctx && !list_empty_careful(&ctx->flc_lease)) {
1771                 percpu_down_read(&file_rwsem);
1772                 spin_lock(&ctx->flc_lock);
1773                 time_out_leases(inode, &dispose);
1774                 list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
1775                         if (fl->fl_file != filp)
1776                                 continue;
1777                         type = target_leasetype(fl);
1778                         break;
1779                 }
1780                 spin_unlock(&ctx->flc_lock);
1781                 percpu_up_read(&file_rwsem);
1782 
1783                 locks_dispose_list(&dispose);
1784         }
1785         return type;
1786 }
1787 
1788 /**
1789  * check_conflicting_open - see if the given file points to an inode that has
1790  *                          an existing open that would conflict with the
1791  *                          desired lease.
1792  * @filp:       file to check
1793  * @arg:        type of lease that we're trying to acquire
1794  * @flags:      current lock flags
1795  *
1796  * Check to see if there's an existing open fd on this file that would
1797  * conflict with the lease we're trying to set.
1798  */
1799 static int
1800 check_conflicting_open(struct file *filp, const long arg, int flags)
1801 {
1802         struct inode *inode = locks_inode(filp);
1803         int self_wcount = 0, self_rcount = 0;
1804 
1805         if (flags & FL_LAYOUT)
1806                 return 0;
1807 
1808         if (arg == F_RDLCK)
1809                 return inode_is_open_for_write(inode) ? -EAGAIN : 0;
1810         else if (arg != F_WRLCK)
1811                 return 0;
1812 
1813         /*
1814          * Make sure that only read/write count is from lease requestor.
1815          * Note that this will result in denying write leases when i_writecount
1816          * is negative, which is what we want.  (We shouldn't grant write leases
1817          * on files open for execution.)
1818          */
1819         if (filp->f_mode & FMODE_WRITE)
1820                 self_wcount = 1;
1821         else if (filp->f_mode & FMODE_READ)
1822                 self_rcount = 1;
1823 
1824         if (atomic_read(&inode->i_writecount) != self_wcount ||
1825             atomic_read(&inode->i_readcount) != self_rcount)
1826                 return -EAGAIN;
1827 
1828         return 0;
1829 }
1830 
1831 static int
1832 generic_add_lease(struct file *filp, long arg, struct file_lock **flp, void **priv)
1833 {
1834         struct file_lock *fl, *my_fl = NULL, *lease;
1835         struct inode *inode = locks_inode(filp);
1836         struct file_lock_context *ctx;
1837         bool is_deleg = (*flp)->fl_flags & FL_DELEG;
1838         int error;
1839         LIST_HEAD(dispose);
1840 
1841         lease = *flp;
1842         trace_generic_add_lease(inode, lease);
1843 
1844         /* Note that arg is never F_UNLCK here */
1845         ctx = locks_get_lock_context(inode, arg);
1846         if (!ctx)
1847                 return -ENOMEM;
1848 
1849         /*
1850          * In the delegation case we need mutual exclusion with
1851          * a number of operations that take the i_mutex.  We trylock
1852          * because delegations are an optional optimization, and if
1853          * there's some chance of a conflict--we'd rather not
1854          * bother, maybe that's a sign this just isn't a good file to
1855          * hand out a delegation on.
1856          */
1857         if (is_deleg && !inode_trylock(inode))
1858                 return -EAGAIN;
1859 
1860         if (is_deleg && arg == F_WRLCK) {
1861                 /* Write delegations are not currently supported: */
1862                 inode_unlock(inode);
1863                 WARN_ON_ONCE(1);
1864                 return -EINVAL;
1865         }
1866 
1867         percpu_down_read(&file_rwsem);
1868         spin_lock(&ctx->flc_lock);
1869         time_out_leases(inode, &dispose);
1870         error = check_conflicting_open(filp, arg, lease->fl_flags);
1871         if (error)
1872                 goto out;
1873 
1874         /*
1875          * At this point, we know that if there is an exclusive
1876          * lease on this file, then we hold it on this filp
1877          * (otherwise our open of this file would have blocked).
1878          * And if we are trying to acquire an exclusive lease,
1879          * then the file is not open by anyone (including us)
1880          * except for this filp.
1881          */
1882         error = -EAGAIN;
1883         list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
1884                 if (fl->fl_file == filp &&
1885                     fl->fl_owner == lease->fl_owner) {
1886                         my_fl = fl;
1887                         continue;
1888                 }
1889 
1890                 /*
1891                  * No exclusive leases if someone else has a lease on
1892                  * this file:
1893                  */
1894                 if (arg == F_WRLCK)
1895                         goto out;
1896                 /*
1897                  * Modifying our existing lease is OK, but no getting a
1898                  * new lease if someone else is opening for write:
1899                  */
1900                 if (fl->fl_flags & FL_UNLOCK_PENDING)
1901                         goto out;
1902         }
1903 
1904         if (my_fl != NULL) {
1905                 lease = my_fl;
1906                 error = lease->fl_lmops->lm_change(lease, arg, &dispose);
1907                 if (error)
1908                         goto out;
1909                 goto out_setup;
1910         }
1911 
1912         error = -EINVAL;
1913         if (!leases_enable)
1914                 goto out;
1915 
1916         locks_insert_lock_ctx(lease, &ctx->flc_lease);
1917         /*
1918          * The check in break_lease() is lockless. It's possible for another
1919          * open to race in after we did the earlier check for a conflicting
1920          * open but before the lease was inserted. Check again for a
1921          * conflicting open and cancel the lease if there is one.
1922          *
1923          * We also add a barrier here to ensure that the insertion of the lock
1924          * precedes these checks.
1925          */
1926         smp_mb();
1927         error = check_conflicting_open(filp, arg, lease->fl_flags);
1928         if (error) {
1929                 locks_unlink_lock_ctx(lease);
1930                 goto out;
1931         }
1932 
1933 out_setup:
1934         if (lease->fl_lmops->lm_setup)
1935                 lease->fl_lmops->lm_setup(lease, priv);
1936 out:
1937         spin_unlock(&ctx->flc_lock);
1938         percpu_up_read(&file_rwsem);
1939         locks_dispose_list(&dispose);
1940         if (is_deleg)
1941                 inode_unlock(inode);
1942         if (!error && !my_fl)
1943                 *flp = NULL;
1944         return error;
1945 }
1946 
1947 static int generic_delete_lease(struct file *filp, void *owner)
1948 {
1949         int error = -EAGAIN;
1950         struct file_lock *fl, *victim = NULL;
1951         struct inode *inode = locks_inode(filp);
1952         struct file_lock_context *ctx;
1953         LIST_HEAD(dispose);
1954 
1955         ctx = smp_load_acquire(&inode->i_flctx);
1956         if (!ctx) {
1957                 trace_generic_delete_lease(inode, NULL);
1958                 return error;
1959         }
1960 
1961         percpu_down_read(&file_rwsem);
1962         spin_lock(&ctx->flc_lock);
1963         list_for_each_entry(fl, &ctx->flc_lease, fl_list) {
1964                 if (fl->fl_file == filp &&
1965                     fl->fl_owner == owner) {
1966                         victim = fl;
1967                         break;
1968                 }
1969         }
1970         trace_generic_delete_lease(inode, victim);
1971         if (victim)
1972                 error = fl->fl_lmops->lm_change(victim, F_UNLCK, &dispose);
1973         spin_unlock(&ctx->flc_lock);
1974         percpu_up_read(&file_rwsem);
1975         locks_dispose_list(&dispose);
1976         return error;
1977 }
1978 
1979 /**
1980  *      generic_setlease        -       sets a lease on an open file
1981  *      @filp:  file pointer
1982  *      @arg:   type of lease to obtain
1983  *      @flp:   input - file_lock to use, output - file_lock inserted
1984  *      @priv:  private data for lm_setup (may be NULL if lm_setup
1985  *              doesn't require it)
1986  *
1987  *      The (input) flp->fl_lmops->lm_break function is required
1988  *      by break_lease().
1989  */
1990 int generic_setlease(struct file *filp, long arg, struct file_lock **flp,
1991                         void **priv)
1992 {
1993         struct inode *inode = locks_inode(filp);
1994         int error;
1995 
1996         if ((!uid_eq(current_fsuid(), inode->i_uid)) && !capable(CAP_LEASE))
1997                 return -EACCES;
1998         if (!S_ISREG(inode->i_mode))
1999                 return -EINVAL;
2000         error = security_file_lock(filp, arg);
2001         if (error)
2002                 return error;
2003 
2004         switch (arg) {
2005         case F_UNLCK:
2006                 return generic_delete_lease(filp, *priv);
2007         case F_RDLCK:
2008         case F_WRLCK:
2009                 if (!(*flp)->fl_lmops->lm_break) {
2010                         WARN_ON_ONCE(1);
2011                         return -ENOLCK;
2012                 }
2013 
2014                 return generic_add_lease(filp, arg, flp, priv);
2015         default:
2016                 return -EINVAL;
2017         }
2018 }
2019 EXPORT_SYMBOL(generic_setlease);
2020 
2021 #if IS_ENABLED(CONFIG_SRCU)
2022 /*
2023  * Kernel subsystems can register to be notified on any attempt to set
2024  * a new lease with the lease_notifier_chain. This is used by (e.g.) nfsd
2025  * to close files that it may have cached when there is an attempt to set a
2026  * conflicting lease.
2027  */
2028 static struct srcu_notifier_head lease_notifier_chain;
2029 
2030 static inline void
2031 lease_notifier_chain_init(void)
2032 {
2033         srcu_init_notifier_head(&lease_notifier_chain);
2034 }
2035 
2036 static inline void
2037 setlease_notifier(long arg, struct file_lock *lease)
2038 {
2039         if (arg != F_UNLCK)
2040                 srcu_notifier_call_chain(&lease_notifier_chain, arg, lease);
2041 }
2042 
2043 int lease_register_notifier(struct notifier_block *nb)
2044 {
2045         return srcu_notifier_chain_register(&lease_notifier_chain, nb);
2046 }
2047 EXPORT_SYMBOL_GPL(lease_register_notifier);
2048 
2049 void lease_unregister_notifier(struct notifier_block *nb)
2050 {
2051         srcu_notifier_chain_unregister(&lease_notifier_chain, nb);
2052 }
2053 EXPORT_SYMBOL_GPL(lease_unregister_notifier);
2054 
2055 #else /* !IS_ENABLED(CONFIG_SRCU) */
2056 static inline void
2057 lease_notifier_chain_init(void)
2058 {
2059 }
2060 
2061 static inline void
2062 setlease_notifier(long arg, struct file_lock *lease)
2063 {
2064 }
2065 
2066 int lease_register_notifier(struct notifier_block *nb)
2067 {
2068         return 0;
2069 }
2070 EXPORT_SYMBOL_GPL(lease_register_notifier);
2071 
2072 void lease_unregister_notifier(struct notifier_block *nb)
2073 {
2074 }
2075 EXPORT_SYMBOL_GPL(lease_unregister_notifier);
2076 
2077 #endif /* IS_ENABLED(CONFIG_SRCU) */
2078 
2079 /**
2080  * vfs_setlease        -       sets a lease on an open file
2081  * @filp:       file pointer
2082  * @arg:        type of lease to obtain
2083  * @lease:      file_lock to use when adding a lease
2084  * @priv:       private info for lm_setup when adding a lease (may be
2085  *              NULL if lm_setup doesn't require it)
2086  *
2087  * Call this to establish a lease on the file. The "lease" argument is not
2088  * used for F_UNLCK requests and may be NULL. For commands that set or alter
2089  * an existing lease, the ``(*lease)->fl_lmops->lm_break`` operation must be
2090  * set; if not, this function will return -ENOLCK (and generate a scary-looking
2091  * stack trace).
2092  *
2093  * The "priv" pointer is passed directly to the lm_setup function as-is. It
2094  * may be NULL if the lm_setup operation doesn't require it.
2095  */
2096 int
2097 vfs_setlease(struct file *filp, long arg, struct file_lock **lease, void **priv)
2098 {
2099         if (lease)
2100                 setlease_notifier(arg, *lease);
2101         if (filp->f_op->setlease)
2102                 return filp->f_op->setlease(filp, arg, lease, priv);
2103         else
2104                 return generic_setlease(filp, arg, lease, priv);
2105 }
2106 EXPORT_SYMBOL_GPL(vfs_setlease);
2107 
2108 static int do_fcntl_add_lease(unsigned int fd, struct file *filp, long arg)
2109 {
2110         struct file_lock *fl;
2111         struct fasync_struct *new;
2112         int error;
2113 
2114         fl = lease_alloc(filp, arg);
2115         if (IS_ERR(fl))
2116                 return PTR_ERR(fl);
2117 
2118         new = fasync_alloc();
2119         if (!new) {
2120                 locks_free_lock(fl);
2121                 return -ENOMEM;
2122         }
2123         new->fa_fd = fd;
2124 
2125         error = vfs_setlease(filp, arg, &fl, (void **)&new);
2126         if (fl)
2127                 locks_free_lock(fl);
2128         if (new)
2129                 fasync_free(new);
2130         return error;
2131 }
2132 
2133 /**
2134  *      fcntl_setlease  -       sets a lease on an open file
2135  *      @fd: open file descriptor
2136  *      @filp: file pointer
2137  *      @arg: type of lease to obtain
2138  *
2139  *      Call this fcntl to establish a lease on the file.
2140  *      Note that you also need to call %F_SETSIG to
2141  *      receive a signal when the lease is broken.
2142  */
2143 int fcntl_setlease(unsigned int fd, struct file *filp, long arg)
2144 {
2145         if (arg == F_UNLCK)
2146                 return vfs_setlease(filp, F_UNLCK, NULL, (void **)&filp);
2147         return do_fcntl_add_lease(fd, filp, arg);
2148 }
2149 
2150 /**
2151  * flock_lock_inode_wait - Apply a FLOCK-style lock to a file
2152  * @inode: inode of the file to apply to
2153  * @fl: The lock to be applied
2154  *
2155  * Apply a FLOCK style lock request to an inode.
2156  */
2157 static int flock_lock_inode_wait(struct inode *inode, struct file_lock *fl)
2158 {
2159         int error;
2160         might_sleep();
2161         for (;;) {
2162                 error = flock_lock_inode(inode, fl);
2163                 if (error != FILE_LOCK_DEFERRED)
2164                         break;
2165                 error = wait_event_interruptible(fl->fl_wait,
2166                                 list_empty(&fl->fl_blocked_member));
2167                 if (error)
2168                         break;
2169         }
2170         locks_delete_block(fl);
2171         return error;
2172 }
2173 
2174 /**
2175  * locks_lock_inode_wait - Apply a lock to an inode
2176  * @inode: inode of the file to apply to
2177  * @fl: The lock to be applied
2178  *
2179  * Apply a POSIX or FLOCK style lock request to an inode.
2180  */
2181 int locks_lock_inode_wait(struct inode *inode, struct file_lock *fl)
2182 {
2183         int res = 0;
2184         switch (fl->fl_flags & (FL_POSIX|FL_FLOCK)) {
2185                 case FL_POSIX:
2186                         res = posix_lock_inode_wait(inode, fl);
2187                         break;
2188                 case FL_FLOCK:
2189                         res = flock_lock_inode_wait(inode, fl);
2190                         break;
2191                 default:
2192                         BUG();
2193         }
2194         return res;
2195 }
2196 EXPORT_SYMBOL(locks_lock_inode_wait);
2197 
2198 /**
2199  *      sys_flock: - flock() system call.
2200  *      @fd: the file descriptor to lock.
2201  *      @cmd: the type of lock to apply.
2202  *
2203  *      Apply a %FL_FLOCK style lock to an open file descriptor.
2204  *      The @cmd can be one of:
2205  *
2206  *      - %LOCK_SH -- a shared lock.
2207  *      - %LOCK_EX -- an exclusive lock.
2208  *      - %LOCK_UN -- remove an existing lock.
2209  *      - %LOCK_MAND -- a 'mandatory' flock.
2210  *        This exists to emulate Windows Share Modes.
2211  *
2212  *      %LOCK_MAND can be combined with %LOCK_READ or %LOCK_WRITE to allow other
2213  *      processes read and write access respectively.
2214  */
2215 SYSCALL_DEFINE2(flock, unsigned int, fd, unsigned int, cmd)
2216 {
2217         struct fd f = fdget(fd);
2218         struct file_lock *lock;
2219         int can_sleep, unlock;
2220         int error;
2221 
2222         error = -EBADF;
2223         if (!f.file)
2224                 goto out;
2225 
2226         can_sleep = !(cmd & LOCK_NB);
2227         cmd &= ~LOCK_NB;
2228         unlock = (cmd == LOCK_UN);
2229 
2230         if (!unlock && !(cmd & LOCK_MAND) &&
2231             !(f.file->f_mode & (FMODE_READ|FMODE_WRITE)))
2232                 goto out_putf;
2233 
2234         lock = flock_make_lock(f.file, cmd, NULL);
2235         if (IS_ERR(lock)) {
2236                 error = PTR_ERR(lock);
2237                 goto out_putf;
2238         }
2239 
2240         if (can_sleep)
2241                 lock->fl_flags |= FL_SLEEP;
2242 
2243         error = security_file_lock(f.file, lock->fl_type);
2244         if (error)
2245                 goto out_free;
2246 
2247         if (f.file->f_op->flock)
2248                 error = f.file->f_op->flock(f.file,
2249                                           (can_sleep) ? F_SETLKW : F_SETLK,
2250                                           lock);
2251         else
2252                 error = locks_lock_file_wait(f.file, lock);
2253 
2254  out_free:
2255         locks_free_lock(lock);
2256 
2257  out_putf:
2258         fdput(f);
2259  out:
2260         return error;
2261 }
2262 
2263 /**
2264  * vfs_test_lock - test file byte range lock
2265  * @filp: The file to test lock for
2266  * @fl: The lock to test; also used to hold result
2267  *
2268  * Returns -ERRNO on failure.  Indicates presence of conflicting lock by
2269  * setting conf->fl_type to something other than F_UNLCK.
2270  */
2271 int vfs_test_lock(struct file *filp, struct file_lock *fl)
2272 {
2273         if (filp->f_op->lock)
2274                 return filp->f_op->lock(filp, F_GETLK, fl);
2275         posix_test_lock(filp, fl);
2276         return 0;
2277 }
2278 EXPORT_SYMBOL_GPL(vfs_test_lock);
2279 
2280 /**
2281  * locks_translate_pid - translate a file_lock's fl_pid number into a namespace
2282  * @fl: The file_lock who's fl_pid should be translated
2283  * @ns: The namespace into which the pid should be translated
2284  *
2285  * Used to tranlate a fl_pid into a namespace virtual pid number
2286  */
2287 static pid_t locks_translate_pid(struct file_lock *fl, struct pid_namespace *ns)
2288 {
2289         pid_t vnr;
2290         struct pid *pid;
2291 
2292         if (IS_OFDLCK(fl))
2293                 return -1;
2294         if (IS_REMOTELCK(fl))
2295                 return fl->fl_pid;
2296         /*
2297          * If the flock owner process is dead and its pid has been already
2298          * freed, the translation below won't work, but we still want to show
2299          * flock owner pid number in init pidns.
2300          */
2301         if (ns == &init_pid_ns)
2302                 return (pid_t)fl->fl_pid;
2303 
2304         rcu_read_lock();
2305         pid = find_pid_ns(fl->fl_pid, &init_pid_ns);
2306         vnr = pid_nr_ns(pid, ns);
2307         rcu_read_unlock();
2308         return vnr;
2309 }
2310 
2311 static int posix_lock_to_flock(struct flock *flock, struct file_lock *fl)
2312 {
2313         flock->l_pid = locks_translate_pid(fl, task_active_pid_ns(current));
2314 #if BITS_PER_LONG == 32
2315         /*
2316          * Make sure we can represent the posix lock via
2317          * legacy 32bit flock.
2318          */
2319         if (fl->fl_start > OFFT_OFFSET_MAX)
2320                 return -EOVERFLOW;
2321         if (fl->fl_end != OFFSET_MAX && fl->fl_end > OFFT_OFFSET_MAX)
2322                 return -EOVERFLOW;
2323 #endif
2324         flock->l_start = fl->fl_start;
2325         flock->l_len = fl->fl_end == OFFSET_MAX ? 0 :
2326                 fl->fl_end - fl->fl_start + 1;
2327         flock->l_whence = 0;
2328         flock->l_type = fl->fl_type;
2329         return 0;
2330 }
2331 
2332 #if BITS_PER_LONG == 32
2333 static void posix_lock_to_flock64(struct flock64 *flock, struct file_lock *fl)
2334 {
2335         flock->l_pid = locks_translate_pid(fl, task_active_pid_ns(current));
2336         flock->l_start = fl->fl_start;
2337         flock->l_len = fl->fl_end == OFFSET_MAX ? 0 :
2338                 fl->fl_end - fl->fl_start + 1;
2339         flock->l_whence = 0;
2340         flock->l_type = fl->fl_type;
2341 }
2342 #endif
2343 
2344 /* Report the first existing lock that would conflict with l.
2345  * This implements the F_GETLK command of fcntl().
2346  */
2347 int fcntl_getlk(struct file *filp, unsigned int cmd, struct flock *flock)
2348 {
2349         struct file_lock *fl;
2350         int error;
2351 
2352         fl = locks_alloc_lock();
2353         if (fl == NULL)
2354                 return -ENOMEM;
2355         error = -EINVAL;
2356         if (flock->l_type != F_RDLCK && flock->l_type != F_WRLCK)
2357                 goto out;
2358 
2359         error = flock_to_posix_lock(filp, fl, flock);
2360         if (error)
2361                 goto out;
2362 
2363         if (cmd == F_OFD_GETLK) {
2364                 error = -EINVAL;
2365                 if (flock->l_pid != 0)
2366                         goto out;
2367 
2368                 cmd = F_GETLK;
2369                 fl->fl_flags |= FL_OFDLCK;
2370                 fl->fl_owner = filp;
2371         }
2372 
2373         error = vfs_test_lock(filp, fl);
2374         if (error)
2375                 goto out;
2376 
2377         flock->l_type = fl->fl_type;
2378         if (fl->fl_type != F_UNLCK) {
2379                 error = posix_lock_to_flock(flock, fl);
2380                 if (error)
2381                         goto out;
2382         }
2383 out:
2384         locks_free_lock(fl);
2385         return error;
2386 }
2387 
2388 /**
2389  * vfs_lock_file - file byte range lock
2390  * @filp: The file to apply the lock to
2391  * @cmd: type of locking operation (F_SETLK, F_GETLK, etc.)
2392  * @fl: The lock to be applied
2393  * @conf: Place to return a copy of the conflicting lock, if found.
2394  *
2395  * A caller that doesn't care about the conflicting lock may pass NULL
2396  * as the final argument.
2397  *
2398  * If the filesystem defines a private ->lock() method, then @conf will
2399  * be left unchanged; so a caller that cares should initialize it to
2400  * some acceptable default.
2401  *
2402  * To avoid blocking kernel daemons, such as lockd, that need to acquire POSIX
2403  * locks, the ->lock() interface may return asynchronously, before the lock has
2404  * been granted or denied by the underlying filesystem, if (and only if)
2405  * lm_grant is set. Callers expecting ->lock() to return asynchronously
2406  * will only use F_SETLK, not F_SETLKW; they will set FL_SLEEP if (and only if)
2407  * the request is for a blocking lock. When ->lock() does return asynchronously,
2408  * it must return FILE_LOCK_DEFERRED, and call ->lm_grant() when the lock
2409  * request completes.
2410  * If the request is for non-blocking lock the file system should return
2411  * FILE_LOCK_DEFERRED then try to get the lock and call the callback routine
2412  * with the result. If the request timed out the callback routine will return a
2413  * nonzero return code and the file system should release the lock. The file
2414  * system is also responsible to keep a corresponding posix lock when it
2415  * grants a lock so the VFS can find out which locks are locally held and do
2416  * the correct lock cleanup when required.
2417  * The underlying filesystem must not drop the kernel lock or call
2418  * ->lm_grant() before returning to the caller with a FILE_LOCK_DEFERRED
2419  * return code.
2420  */
2421 int vfs_lock_file(struct file *filp, unsigned int cmd, struct file_lock *fl, struct file_lock *conf)
2422 {
2423         if (filp->f_op->lock)
2424                 return filp->f_op->lock(filp, cmd, fl);
2425         else
2426                 return posix_lock_file(filp, fl, conf);
2427 }
2428 EXPORT_SYMBOL_GPL(vfs_lock_file);
2429 
2430 static int do_lock_file_wait(struct file *filp, unsigned int cmd,
2431                              struct file_lock *fl)
2432 {
2433         int error;
2434 
2435         error = security_file_lock(filp, fl->fl_type);
2436         if (error)
2437                 return error;
2438 
2439         for (;;) {
2440                 error = vfs_lock_file(filp, cmd, fl, NULL);
2441                 if (error != FILE_LOCK_DEFERRED)
2442                         break;
2443                 error = wait_event_interruptible(fl->fl_wait,
2444                                         list_empty(&fl->fl_blocked_member));
2445                 if (error)
2446                         break;
2447         }
2448         locks_delete_block(fl);
2449 
2450         return error;
2451 }
2452 
2453 /* Ensure that fl->fl_file has compatible f_mode for F_SETLK calls */
2454 static int
2455 check_fmode_for_setlk(struct file_lock *fl)
2456 {
2457         switch (fl->fl_type) {
2458         case F_RDLCK:
2459                 if (!(fl->fl_file->f_mode & FMODE_READ))
2460                         return -EBADF;
2461                 break;
2462         case F_WRLCK:
2463                 if (!(fl->fl_file->f_mode & FMODE_WRITE))
2464                         return -EBADF;
2465         }
2466         return 0;
2467 }
2468 
2469 /* Apply the lock described by l to an open file descriptor.
2470  * This implements both the F_SETLK and F_SETLKW commands of fcntl().
2471  */
2472 int fcntl_setlk(unsigned int fd, struct file *filp, unsigned int cmd,
2473                 struct flock *flock)
2474 {
2475         struct file_lock *file_lock = locks_alloc_lock();
2476         struct inode *inode = locks_inode(filp);
2477         struct file *f;
2478         int error;
2479 
2480         if (file_lock == NULL)
2481                 return -ENOLCK;
2482 
2483         /* Don't allow mandatory locks on files that may be memory mapped
2484          * and shared.
2485          */
2486         if (mandatory_lock(inode) && mapping_writably_mapped(filp->f_mapping)) {
2487                 error = -EAGAIN;
2488                 goto out;
2489         }
2490 
2491         error = flock_to_posix_lock(filp, file_lock, flock);
2492         if (error)
2493                 goto out;
2494 
2495         error = check_fmode_for_setlk(file_lock);
2496         if (error)
2497                 goto out;
2498 
2499         /*
2500          * If the cmd is requesting file-private locks, then set the
2501          * FL_OFDLCK flag and override the owner.
2502          */
2503         switch (cmd) {
2504         case F_OFD_SETLK:
2505                 error = -EINVAL;
2506                 if (flock->l_pid != 0)
2507                         goto out;
2508 
2509                 cmd = F_SETLK;
2510                 file_lock->fl_flags |= FL_OFDLCK;
2511                 file_lock->fl_owner = filp;
2512                 break;
2513         case F_OFD_SETLKW:
2514                 error = -EINVAL;
2515                 if (flock->l_pid != 0)
2516                         goto out;
2517 
2518                 cmd = F_SETLKW;
2519                 file_lock->fl_flags |= FL_OFDLCK;
2520                 file_lock->fl_owner = filp;
2521                 /* Fallthrough */
2522         case F_SETLKW:
2523                 file_lock->fl_flags |= FL_SLEEP;
2524         }
2525 
2526         error = do_lock_file_wait(filp, cmd, file_lock);
2527 
2528         /*
2529          * Attempt to detect a close/fcntl race and recover by releasing the
2530          * lock that was just acquired. There is no need to do that when we're
2531          * unlocking though, or for OFD locks.
2532          */
2533         if (!error && file_lock->fl_type != F_UNLCK &&
2534             !(file_lock->fl_flags & FL_OFDLCK)) {
2535                 /*
2536                  * We need that spin_lock here - it prevents reordering between
2537                  * update of i_flctx->flc_posix and check for it done in
2538                  * close(). rcu_read_lock() wouldn't do.
2539                  */
2540                 spin_lock(&current->files->file_lock);
2541                 f = fcheck(fd);
2542                 spin_unlock(&current->files->file_lock);
2543                 if (f != filp) {
2544                         file_lock->fl_type = F_UNLCK;
2545                         error = do_lock_file_wait(filp, cmd, file_lock);
2546                         WARN_ON_ONCE(error);
2547                         error = -EBADF;
2548                 }
2549         }
2550 out:
2551         trace_fcntl_setlk(inode, file_lock, error);
2552         locks_free_lock(file_lock);
2553         return error;
2554 }
2555 
2556 #if BITS_PER_LONG == 32
2557 /* Report the first existing lock that would conflict with l.
2558  * This implements the F_GETLK command of fcntl().
2559  */
2560 int fcntl_getlk64(struct file *filp, unsigned int cmd, struct flock64 *flock)
2561 {
2562         struct file_lock *fl;
2563         int error;
2564 
2565         fl = locks_alloc_lock();
2566         if (fl == NULL)
2567                 return -ENOMEM;
2568 
2569         error = -EINVAL;
2570         if (flock->l_type != F_RDLCK && flock->l_type != F_WRLCK)
2571                 goto out;
2572 
2573         error = flock64_to_posix_lock(filp, fl, flock);
2574         if (error)
2575                 goto out;
2576 
2577         if (cmd == F_OFD_GETLK) {
2578                 error = -EINVAL;
2579                 if (flock->l_pid != 0)
2580                         goto out;
2581 
2582                 cmd = F_GETLK64;
2583                 fl->fl_flags |= FL_OFDLCK;
2584                 fl->fl_owner = filp;
2585         }
2586 
2587         error = vfs_test_lock(filp, fl);
2588         if (error)
2589                 goto out;
2590 
2591         flock->l_type = fl->fl_type;
2592         if (fl->fl_type != F_UNLCK)
2593                 posix_lock_to_flock64(flock, fl);
2594 
2595 out:
2596         locks_free_lock(fl);
2597         return error;
2598 }
2599 
2600 /* Apply the lock described by l to an open file descriptor.
2601  * This implements both the F_SETLK and F_SETLKW commands of fcntl().
2602  */
2603 int fcntl_setlk64(unsigned int fd, struct file *filp, unsigned int cmd,
2604                 struct flock64 *flock)
2605 {
2606         struct file_lock *file_lock = locks_alloc_lock();
2607         struct inode *inode = locks_inode(filp);
2608         struct file *f;
2609         int error;
2610 
2611         if (file_lock == NULL)
2612                 return -ENOLCK;
2613 
2614         /* Don't allow mandatory locks on files that may be memory mapped
2615          * and shared.
2616          */
2617         if (mandatory_lock(inode) && mapping_writably_mapped(filp->f_mapping)) {
2618                 error = -EAGAIN;
2619                 goto out;
2620         }
2621 
2622         error = flock64_to_posix_lock(filp, file_lock, flock);
2623         if (error)
2624                 goto out;
2625 
2626         error = check_fmode_for_setlk(file_lock);
2627         if (error)
2628                 goto out;
2629 
2630         /*
2631          * If the cmd is requesting file-private locks, then set the
2632          * FL_OFDLCK flag and override the owner.
2633          */
2634         switch (cmd) {
2635         case F_OFD_SETLK:
2636                 error = -EINVAL;
2637                 if (flock->l_pid != 0)
2638                         goto out;
2639 
2640                 cmd = F_SETLK64;
2641                 file_lock->fl_flags |= FL_OFDLCK;
2642                 file_lock->fl_owner = filp;
2643                 break;
2644         case F_OFD_SETLKW:
2645                 error = -EINVAL;
2646                 if (flock->l_pid != 0)
2647                         goto out;
2648 
2649                 cmd = F_SETLKW64;
2650                 file_lock->fl_flags |= FL_OFDLCK;
2651                 file_lock->fl_owner = filp;
2652                 /* Fallthrough */
2653         case F_SETLKW64:
2654                 file_lock->fl_flags |= FL_SLEEP;
2655         }
2656 
2657         error = do_lock_file_wait(filp, cmd, file_lock);
2658 
2659         /*
2660          * Attempt to detect a close/fcntl race and recover by releasing the
2661          * lock that was just acquired. There is no need to do that when we're
2662          * unlocking though, or for OFD locks.
2663          */
2664         if (!error && file_lock->fl_type != F_UNLCK &&
2665             !(file_lock->fl_flags & FL_OFDLCK)) {
2666                 /*
2667                  * We need that spin_lock here - it prevents reordering between
2668                  * update of i_flctx->flc_posix and check for it done in
2669                  * close(). rcu_read_lock() wouldn't do.
2670                  */
2671                 spin_lock(&current->files->file_lock);
2672                 f = fcheck(fd);
2673                 spin_unlock(&current->files->file_lock);
2674                 if (f != filp) {
2675                         file_lock->fl_type = F_UNLCK;
2676                         error = do_lock_file_wait(filp, cmd, file_lock);
2677                         WARN_ON_ONCE(error);
2678                         error = -EBADF;
2679                 }
2680         }
2681 out:
2682         locks_free_lock(file_lock);
2683         return error;
2684 }
2685 #endif /* BITS_PER_LONG == 32 */
2686 
2687 /*
2688  * This function is called when the file is being removed
2689  * from the task's fd array.  POSIX locks belonging to this task
2690  * are deleted at this time.
2691  */
2692 void locks_remove_posix(struct file *filp, fl_owner_t owner)
2693 {
2694         int error;
2695         struct inode *inode = locks_inode(filp);
2696         struct file_lock lock;
2697         struct file_lock_context *ctx;
2698 
2699         /*
2700          * If there are no locks held on this file, we don't need to call
2701          * posix_lock_file().  Another process could be setting a lock on this
2702          * file at the same time, but we wouldn't remove that lock anyway.
2703          */
2704         ctx =  smp_load_acquire(&inode->i_flctx);
2705         if (!ctx || list_empty(&ctx->flc_posix))
2706                 return;
2707 
2708         locks_init_lock(&lock);
2709         lock.fl_type = F_UNLCK;
2710         lock.fl_flags = FL_POSIX | FL_CLOSE;
2711         lock.fl_start = 0;
2712         lock.fl_end = OFFSET_MAX;
2713         lock.fl_owner = owner;
2714         lock.fl_pid = current->tgid;
2715         lock.fl_file = filp;
2716         lock.fl_ops = NULL;
2717         lock.fl_lmops = NULL;
2718 
2719         error = vfs_lock_file(filp, F_SETLK, &lock, NULL);
2720 
2721         if (lock.fl_ops && lock.fl_ops->fl_release_private)
2722                 lock.fl_ops->fl_release_private(&lock);
2723         trace_locks_remove_posix(inode, &lock, error);
2724 }
2725 EXPORT_SYMBOL(locks_remove_posix);
2726 
2727 /* The i_flctx must be valid when calling into here */
2728 static void
2729 locks_remove_flock(struct file *filp, struct file_lock_context *flctx)
2730 {
2731         struct file_lock fl;
2732         struct inode *inode = locks_inode(filp);
2733 
2734         if (list_empty(&flctx->flc_flock))
2735                 return;
2736 
2737         flock_make_lock(filp, LOCK_UN, &fl);
2738         fl.fl_flags |= FL_CLOSE;
2739 
2740         if (filp->f_op->flock)
2741                 filp->f_op->flock(filp, F_SETLKW, &fl);
2742         else
2743                 flock_lock_inode(inode, &fl);
2744 
2745         if (fl.fl_ops && fl.fl_ops->fl_release_private)
2746                 fl.fl_ops->fl_release_private(&fl);
2747 }
2748 
2749 /* The i_flctx must be valid when calling into here */
2750 static void
2751 locks_remove_lease(struct file *filp, struct file_lock_context *ctx)
2752 {
2753         struct file_lock *fl, *tmp;
2754         LIST_HEAD(dispose);
2755 
2756         if (list_empty(&ctx->flc_lease))
2757                 return;
2758 
2759         percpu_down_read(&file_rwsem);
2760         spin_lock(&ctx->flc_lock);
2761         list_for_each_entry_safe(fl, tmp, &ctx->flc_lease, fl_list)
2762                 if (filp == fl->fl_file)
2763                         lease_modify(fl, F_UNLCK, &dispose);
2764         spin_unlock(&ctx->flc_lock);
2765         percpu_up_read(&file_rwsem);
2766 
2767         locks_dispose_list(&dispose);
2768 }
2769 
2770 /*
2771  * This function is called on the last close of an open file.
2772  */
2773 void locks_remove_file(struct file *filp)
2774 {
2775         struct file_lock_context *ctx;
2776 
2777         ctx = smp_load_acquire(&locks_inode(filp)->i_flctx);
2778         if (!ctx)
2779                 return;
2780 
2781         /* remove any OFD locks */
2782         locks_remove_posix(filp, filp);
2783 
2784         /* remove flock locks */
2785         locks_remove_flock(filp, ctx);
2786 
2787         /* remove any leases */
2788         locks_remove_lease(filp, ctx);
2789 
2790         spin_lock(&ctx->flc_lock);
2791         locks_check_ctx_file_list(filp, &ctx->flc_posix, "POSIX");
2792         locks_check_ctx_file_list(filp, &ctx->flc_flock, "FLOCK");
2793         locks_check_ctx_file_list(filp, &ctx->flc_lease, "LEASE");
2794         spin_unlock(&ctx->flc_lock);
2795 }
2796 
2797 /**
2798  * vfs_cancel_lock - file byte range unblock lock
2799  * @filp: The file to apply the unblock to
2800  * @fl: The lock to be unblocked
2801  *
2802  * Used by lock managers to cancel blocked requests
2803  */
2804 int vfs_cancel_lock(struct file *filp, struct file_lock *fl)
2805 {
2806         if (filp->f_op->lock)
2807                 return filp->f_op->lock(filp, F_CANCELLK, fl);
2808         return 0;
2809 }
2810 EXPORT_SYMBOL_GPL(vfs_cancel_lock);
2811 
2812 #ifdef CONFIG_PROC_FS
2813 #include <linux/proc_fs.h>
2814 #include <linux/seq_file.h>
2815 
2816 struct locks_iterator {
2817         int     li_cpu;
2818         loff_t  li_pos;
2819 };
2820 
2821 static void lock_get_status(struct seq_file *f, struct file_lock *fl,
2822                             loff_t id, char *pfx)
2823 {
2824         struct inode *inode = NULL;
2825         unsigned int fl_pid;
2826         struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info;
2827 
2828         fl_pid = locks_translate_pid(fl, proc_pidns);
2829         /*
2830          * If lock owner is dead (and pid is freed) or not visible in current
2831          * pidns, zero is shown as a pid value. Check lock info from
2832          * init_pid_ns to get saved lock pid value.
2833          */
2834 
2835         if (fl->fl_file != NULL)
2836                 inode = locks_inode(fl->fl_file);
2837 
2838         seq_printf(f, "%lld:%s ", id, pfx);
2839         if (IS_POSIX(fl)) {
2840                 if (fl->fl_flags & FL_ACCESS)
2841                         seq_puts(f, "ACCESS");
2842                 else if (IS_OFDLCK(fl))
2843                         seq_puts(f, "OFDLCK");
2844                 else
2845                         seq_puts(f, "POSIX ");
2846 
2847                 seq_printf(f, " %s ",
2848                              (inode == NULL) ? "*NOINODE*" :
2849                              mandatory_lock(inode) ? "MANDATORY" : "ADVISORY ");
2850         } else if (IS_FLOCK(fl)) {
2851                 if (fl->fl_type & LOCK_MAND) {
2852                         seq_puts(f, "FLOCK  MSNFS     ");
2853                 } else {
2854                         seq_puts(f, "FLOCK  ADVISORY  ");
2855                 }
2856         } else if (IS_LEASE(fl)) {
2857                 if (fl->fl_flags & FL_DELEG)
2858                         seq_puts(f, "DELEG  ");
2859                 else
2860                         seq_puts(f, "LEASE  ");
2861 
2862                 if (lease_breaking(fl))
2863                         seq_puts(f, "BREAKING  ");
2864                 else if (fl->fl_file)
2865                         seq_puts(f, "ACTIVE    ");
2866                 else
2867                         seq_puts(f, "BREAKER   ");
2868         } else {
2869                 seq_puts(f, "UNKNOWN UNKNOWN  ");
2870         }
2871         if (fl->fl_type & LOCK_MAND) {
2872                 seq_printf(f, "%s ",
2873                                (fl->fl_type & LOCK_READ)
2874                                ? (fl->fl_type & LOCK_WRITE) ? "RW   " : "READ "
2875                                : (fl->fl_type & LOCK_WRITE) ? "WRITE" : "NONE ");
2876         } else {
2877                 int type = IS_LEASE(fl) ? target_leasetype(fl) : fl->fl_type;
2878 
2879                 seq_printf(f, "%s ", (type == F_WRLCK) ? "WRITE" :
2880                                      (type == F_RDLCK) ? "READ" : "UNLCK");
2881         }
2882         if (inode) {
2883                 /* userspace relies on this representation of dev_t */
2884                 seq_printf(f, "%d %02x:%02x:%lu ", fl_pid,
2885                                 MAJOR(inode->i_sb->s_dev),
2886                                 MINOR(inode->i_sb->s_dev), inode->i_ino);
2887         } else {
2888                 seq_printf(f, "%d <none>:0 ", fl_pid);
2889         }
2890         if (IS_POSIX(fl)) {
2891                 if (fl->fl_end == OFFSET_MAX)
2892                         seq_printf(f, "%Ld EOF\n", fl->fl_start);
2893                 else
2894                         seq_printf(f, "%Ld %Ld\n", fl->fl_start, fl->fl_end);
2895         } else {
2896                 seq_puts(f, "0 EOF\n");
2897         }
2898 }
2899 
2900 static int locks_show(struct seq_file *f, void *v)
2901 {
2902         struct locks_iterator *iter = f->private;
2903         struct file_lock *fl, *bfl;
2904         struct pid_namespace *proc_pidns = file_inode(f->file)->i_sb->s_fs_info;
2905 
2906         fl = hlist_entry(v, struct file_lock, fl_link);
2907 
2908         if (locks_translate_pid(fl, proc_pidns) == 0)
2909                 return 0;
2910 
2911         lock_get_status(f, fl, iter->li_pos, "");
2912 
2913         list_for_each_entry(bfl, &fl->fl_blocked_requests, fl_blocked_member)
2914                 lock_get_status(f, bfl, iter->li_pos, " ->");
2915 
2916         return 0;
2917 }
2918 
2919 static void __show_fd_locks(struct seq_file *f,
2920                         struct list_head *head, int *id,
2921                         struct file *filp, struct files_struct *files)
2922 {
2923         struct file_lock *fl;
2924 
2925         list_for_each_entry(fl, head, fl_list) {
2926 
2927                 if (filp != fl->fl_file)
2928                         continue;
2929                 if (fl->fl_owner != files &&
2930                     fl->fl_owner != filp)
2931                         continue;
2932 
2933                 (*id)++;
2934                 seq_puts(f, "lock:\t");
2935                 lock_get_status(f, fl, *id, "");
2936         }
2937 }
2938 
2939 void show_fd_locks(struct seq_file *f,
2940                   struct file *filp, struct files_struct *files)
2941 {
2942         struct inode *inode = locks_inode(filp);
2943         struct file_lock_context *ctx;
2944         int id = 0;
2945 
2946         ctx = smp_load_acquire(&inode->i_flctx);
2947         if (!ctx)
2948                 return;
2949 
2950         spin_lock(&ctx->flc_lock);
2951         __show_fd_locks(f, &ctx->flc_flock, &id, filp, files);
2952         __show_fd_locks(f, &ctx->flc_posix, &id, filp, files);
2953         __show_fd_locks(f, &ctx->flc_lease, &id, filp, files);
2954         spin_unlock(&ctx->flc_lock);
2955 }
2956 
2957 static void *locks_start(struct seq_file *f, loff_t *pos)
2958         __acquires(&blocked_lock_lock)
2959 {
2960         struct locks_iterator *iter = f->private;
2961 
2962         iter->li_pos = *pos + 1;
2963         percpu_down_write(&file_rwsem);
2964         spin_lock(&blocked_lock_lock);
2965         return seq_hlist_start_percpu(&file_lock_list.hlist, &iter->li_cpu, *pos);
2966 }
2967 
2968 static void *locks_next(struct seq_file *f, void *v, loff_t *pos)
2969 {
2970         struct locks_iterator *iter = f->private;
2971 
2972         ++iter->li_pos;
2973         return seq_hlist_next_percpu(v, &file_lock_list.hlist, &iter->li_cpu, pos);
2974 }
2975 
2976 static void locks_stop(struct seq_file *f, void *v)
2977         __releases(&blocked_lock_lock)
2978 {
2979         spin_unlock(&blocked_lock_lock);
2980         percpu_up_write(&file_rwsem);
2981 }
2982 
2983 static const struct seq_operations locks_seq_operations = {
2984         .start  = locks_start,
2985         .next   = locks_next,
2986         .stop   = locks_stop,
2987         .show   = locks_show,
2988 };
2989 
2990 static int __init proc_locks_init(void)
2991 {
2992         proc_create_seq_private("locks", 0, NULL, &locks_seq_operations,
2993                         sizeof(struct locks_iterator), NULL);
2994         return 0;
2995 }
2996 fs_initcall(proc_locks_init);
2997 #endif
2998 
2999 static int __init filelock_init(void)
3000 {
3001         int i;
3002 
3003         flctx_cache = kmem_cache_create("file_lock_ctx",
3004                         sizeof(struct file_lock_context), 0, SLAB_PANIC, NULL);
3005 
3006         filelock_cache = kmem_cache_create("file_lock_cache",
3007                         sizeof(struct file_lock), 0, SLAB_PANIC, NULL);
3008 
3009         for_each_possible_cpu(i) {
3010                 struct file_lock_list_struct *fll = per_cpu_ptr(&file_lock_list, i);
3011 
3012                 spin_lock_init(&fll->lock);
3013                 INIT_HLIST_HEAD(&fll->hlist);
3014         }
3015 
3016         lease_notifier_chain_init();
3017         return 0;
3018 }
3019 core_initcall(filelock_init);

/* [<][>][^][v][top][bottom][index][help] */