1 /*
2 * Implementation of the diskquota system for the LINUX operating system. QUOTA
3 * is implemented using the BSD system call interface as the means of
4 * communication with the user level. This file contains the generic routines
5 * called by the different filesystems on allocation of an inode or block.
6 * These routines take care of the administration needed to have a consistent
7 * diskquota tracking system. The ideas of both user and group quotas are based
8 * on the Melbourne quota system as used on BSD derived systems. The internal
9 * implementation is based on one of the several variants of the LINUX
10 * inode-subsystem with added complexity of the diskquota system.
11 *
12 * Author: Marco van Wieringen <mvw@planets.elm.net>
13 *
14 * Fixes: Dmitry Gorodchanin <pgmdsg@ibi.com>, 11 Feb 96
15 *
16 * Revised list management to avoid races
17 * -- Bill Hawes, <whawes@star.net>, 9/98
18 *
19 * Fixed races in dquot_transfer(), dqget() and dquot_alloc_...().
20 * As the consequence the locking was moved from dquot_decr_...(),
21 * dquot_incr_...() to calling functions.
22 * invalidate_dquots() now writes modified dquots.
23 * Serialized quota_off() and quota_on() for mount point.
24 * Fixed a few bugs in grow_dquots().
25 * Fixed deadlock in write_dquot() - we no longer account quotas on
26 * quota files
27 * remove_dquot_ref() moved to inode.c - it now traverses through inodes
28 * add_dquot_ref() restarts after blocking
29 * Added check for bogus uid and fixed check for group in quotactl.
30 * Jan Kara, <jack@suse.cz>, sponsored by SuSE CR, 10-11/99
31 *
32 * Used struct list_head instead of own list struct
33 * Invalidation of referenced dquots is no longer possible
34 * Improved free_dquots list management
35 * Quota and i_blocks are now updated in one place to avoid races
36 * Warnings are now delayed so we won't block in critical section
37 * Write updated not to require dquot lock
38 * Jan Kara, <jack@suse.cz>, 9/2000
39 *
40 * Added dynamic quota structure allocation
41 * Jan Kara <jack@suse.cz> 12/2000
42 *
43 * Rewritten quota interface. Implemented new quota format and
44 * formats registering.
45 * Jan Kara, <jack@suse.cz>, 2001,2002
46 *
47 * New SMP locking.
48 * Jan Kara, <jack@suse.cz>, 10/2002
49 *
50 * Added journalled quota support, fix lock inversion problems
51 * Jan Kara, <jack@suse.cz>, 2003,2004
52 *
53 * (C) Copyright 1994 - 1997 Marco van Wieringen
54 */
55
56 #include <linux/errno.h>
57 #include <linux/kernel.h>
58 #include <linux/fs.h>
59 #include <linux/mount.h>
60 #include <linux/mm.h>
61 #include <linux/time.h>
62 #include <linux/types.h>
63 #include <linux/string.h>
64 #include <linux/fcntl.h>
65 #include <linux/stat.h>
66 #include <linux/tty.h>
67 #include <linux/file.h>
68 #include <linux/slab.h>
69 #include <linux/sysctl.h>
70 #include <linux/init.h>
71 #include <linux/module.h>
72 #include <linux/proc_fs.h>
73 #include <linux/security.h>
74 #include <linux/sched.h>
75 #include <linux/kmod.h>
76 #include <linux/namei.h>
77 #include <linux/capability.h>
78 #include <linux/quotaops.h>
79 #include "../internal.h" /* ugh */
80
81 #include <linux/uaccess.h>
82
83 /*
84 * There are three quota SMP locks. dq_list_lock protects all lists with quotas
85 * and quota formats.
86 * dq_data_lock protects data from dq_dqb and also mem_dqinfo structures and
87 * also guards consistency of dquot->dq_dqb with inode->i_blocks, i_bytes.
88 * i_blocks and i_bytes updates itself are guarded by i_lock acquired directly
89 * in inode_add_bytes() and inode_sub_bytes(). dq_state_lock protects
90 * modifications of quota state (on quotaon and quotaoff) and readers who care
91 * about latest values take it as well.
92 *
93 * The spinlock ordering is hence: dq_data_lock > dq_list_lock > i_lock,
94 * dq_list_lock > dq_state_lock
95 *
96 * Note that some things (eg. sb pointer, type, id) doesn't change during
97 * the life of the dquot structure and so needn't to be protected by a lock
98 *
99 * Any operation working on dquots via inode pointers must hold dqptr_sem. If
100 * operation is just reading pointers from inode (or not using them at all) the
101 * read lock is enough. If pointers are altered function must hold write lock.
102 * Special care needs to be taken about S_NOQUOTA inode flag (marking that
103 * inode is a quota file). Functions adding pointers from inode to dquots have
104 * to check this flag under dqptr_sem and then (if S_NOQUOTA is not set) they
105 * have to do all pointer modifications before dropping dqptr_sem. This makes
106 * sure they cannot race with quotaon which first sets S_NOQUOTA flag and
107 * then drops all pointers to dquots from an inode.
108 *
109 * Each dquot has its dq_lock mutex. Locked dquots might not be referenced
110 * from inodes (dquot_alloc_space() and such don't check the dq_lock).
111 * Currently dquot is locked only when it is being read to memory (or space for
112 * it is being allocated) on the first dqget() and when it is being released on
113 * the last dqput(). The allocation and release oparations are serialized by
114 * the dq_lock and by checking the use count in dquot_release(). Write
115 * operations on dquots don't hold dq_lock as they copy data under dq_data_lock
116 * spinlock to internal buffers before writing.
117 *
118 * Lock ordering (including related VFS locks) is the following:
119 * dqonoff_mutex > i_mutex > journal_lock > dqptr_sem > dquot->dq_lock >
120 * dqio_mutex
121 * dqonoff_mutex > i_mutex comes from dquot_quota_sync, dquot_enable, etc.
122 * The lock ordering of dqptr_sem imposed by quota code is only dqonoff_sem >
123 * dqptr_sem. But filesystem has to count with the fact that functions such as
124 * dquot_alloc_space() acquire dqptr_sem and they usually have to be called
125 * from inside a transaction to keep filesystem consistency after a crash. Also
126 * filesystems usually want to do some IO on dquot from ->mark_dirty which is
127 * called with dqptr_sem held.
128 */
129
130 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_list_lock);
131 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_state_lock);
132 __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_data_lock);
133 EXPORT_SYMBOL(dq_data_lock);
134
__quota_error(struct super_block * sb,const char * func,const char * fmt,...)135 void __quota_error(struct super_block *sb, const char *func,
136 const char *fmt, ...)
137 {
138 if (printk_ratelimit()) {
139 va_list args;
140 struct va_format vaf;
141
142 va_start(args, fmt);
143
144 vaf.fmt = fmt;
145 vaf.va = &args;
146
147 printk(KERN_ERR "Quota error (device %s): %s: %pV\n",
148 sb->s_id, func, &vaf);
149
150 va_end(args);
151 }
152 }
153 EXPORT_SYMBOL(__quota_error);
154
155 #if defined(CONFIG_QUOTA_DEBUG) || defined(CONFIG_PRINT_QUOTA_WARNING)
156 static char *quotatypes[] = INITQFNAMES;
157 #endif
158 static struct quota_format_type *quota_formats; /* List of registered formats */
159 static struct quota_module_name module_names[] = INIT_QUOTA_MODULE_NAMES;
160
161 /* SLAB cache for dquot structures */
162 static struct kmem_cache *dquot_cachep;
163
register_quota_format(struct quota_format_type * fmt)164 int register_quota_format(struct quota_format_type *fmt)
165 {
166 spin_lock(&dq_list_lock);
167 fmt->qf_next = quota_formats;
168 quota_formats = fmt;
169 spin_unlock(&dq_list_lock);
170 return 0;
171 }
172 EXPORT_SYMBOL(register_quota_format);
173
unregister_quota_format(struct quota_format_type * fmt)174 void unregister_quota_format(struct quota_format_type *fmt)
175 {
176 struct quota_format_type **actqf;
177
178 spin_lock(&dq_list_lock);
179 for (actqf = "a_formats; *actqf && *actqf != fmt;
180 actqf = &(*actqf)->qf_next)
181 ;
182 if (*actqf)
183 *actqf = (*actqf)->qf_next;
184 spin_unlock(&dq_list_lock);
185 }
186 EXPORT_SYMBOL(unregister_quota_format);
187
find_quota_format(int id)188 static struct quota_format_type *find_quota_format(int id)
189 {
190 struct quota_format_type *actqf;
191
192 spin_lock(&dq_list_lock);
193 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id;
194 actqf = actqf->qf_next)
195 ;
196 if (!actqf || !try_module_get(actqf->qf_owner)) {
197 int qm;
198
199 spin_unlock(&dq_list_lock);
200
201 for (qm = 0; module_names[qm].qm_fmt_id &&
202 module_names[qm].qm_fmt_id != id; qm++)
203 ;
204 if (!module_names[qm].qm_fmt_id ||
205 request_module(module_names[qm].qm_mod_name))
206 return NULL;
207
208 spin_lock(&dq_list_lock);
209 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id;
210 actqf = actqf->qf_next)
211 ;
212 if (actqf && !try_module_get(actqf->qf_owner))
213 actqf = NULL;
214 }
215 spin_unlock(&dq_list_lock);
216 return actqf;
217 }
218
put_quota_format(struct quota_format_type * fmt)219 static void put_quota_format(struct quota_format_type *fmt)
220 {
221 module_put(fmt->qf_owner);
222 }
223
224 /*
225 * Dquot List Management:
226 * The quota code uses three lists for dquot management: the inuse_list,
227 * free_dquots, and dquot_hash[] array. A single dquot structure may be
228 * on all three lists, depending on its current state.
229 *
230 * All dquots are placed to the end of inuse_list when first created, and this
231 * list is used for invalidate operation, which must look at every dquot.
232 *
233 * Unused dquots (dq_count == 0) are added to the free_dquots list when freed,
234 * and this list is searched whenever we need an available dquot. Dquots are
235 * removed from the list as soon as they are used again, and
236 * dqstats.free_dquots gives the number of dquots on the list. When
237 * dquot is invalidated it's completely released from memory.
238 *
239 * Dquots with a specific identity (device, type and id) are placed on
240 * one of the dquot_hash[] hash chains. The provides an efficient search
241 * mechanism to locate a specific dquot.
242 */
243
244 static LIST_HEAD(inuse_list);
245 static LIST_HEAD(free_dquots);
246 static unsigned int dq_hash_bits, dq_hash_mask;
247 static struct hlist_head *dquot_hash;
248
249 struct dqstats dqstats;
250 EXPORT_SYMBOL(dqstats);
251
252 static qsize_t inode_get_rsv_space(struct inode *inode);
253 static void __dquot_initialize(struct inode *inode, int type);
254
255 static inline unsigned int
hashfn(const struct super_block * sb,struct kqid qid)256 hashfn(const struct super_block *sb, struct kqid qid)
257 {
258 unsigned int id = from_kqid(&init_user_ns, qid);
259 int type = qid.type;
260 unsigned long tmp;
261
262 tmp = (((unsigned long)sb>>L1_CACHE_SHIFT) ^ id) * (MAXQUOTAS - type);
263 return (tmp + (tmp >> dq_hash_bits)) & dq_hash_mask;
264 }
265
266 /*
267 * Following list functions expect dq_list_lock to be held
268 */
insert_dquot_hash(struct dquot * dquot)269 static inline void insert_dquot_hash(struct dquot *dquot)
270 {
271 struct hlist_head *head;
272 head = dquot_hash + hashfn(dquot->dq_sb, dquot->dq_id);
273 hlist_add_head(&dquot->dq_hash, head);
274 }
275
remove_dquot_hash(struct dquot * dquot)276 static inline void remove_dquot_hash(struct dquot *dquot)
277 {
278 hlist_del_init(&dquot->dq_hash);
279 }
280
find_dquot(unsigned int hashent,struct super_block * sb,struct kqid qid)281 static struct dquot *find_dquot(unsigned int hashent, struct super_block *sb,
282 struct kqid qid)
283 {
284 struct hlist_node *node;
285 struct dquot *dquot;
286
287 hlist_for_each (node, dquot_hash+hashent) {
288 dquot = hlist_entry(node, struct dquot, dq_hash);
289 if (dquot->dq_sb == sb && qid_eq(dquot->dq_id, qid))
290 return dquot;
291 }
292 return NULL;
293 }
294
295 /* Add a dquot to the tail of the free list */
put_dquot_last(struct dquot * dquot)296 static inline void put_dquot_last(struct dquot *dquot)
297 {
298 list_add_tail(&dquot->dq_free, &free_dquots);
299 dqstats_inc(DQST_FREE_DQUOTS);
300 }
301
remove_free_dquot(struct dquot * dquot)302 static inline void remove_free_dquot(struct dquot *dquot)
303 {
304 if (list_empty(&dquot->dq_free))
305 return;
306 list_del_init(&dquot->dq_free);
307 dqstats_dec(DQST_FREE_DQUOTS);
308 }
309
put_inuse(struct dquot * dquot)310 static inline void put_inuse(struct dquot *dquot)
311 {
312 /* We add to the back of inuse list so we don't have to restart
313 * when traversing this list and we block */
314 list_add_tail(&dquot->dq_inuse, &inuse_list);
315 dqstats_inc(DQST_ALLOC_DQUOTS);
316 }
317
remove_inuse(struct dquot * dquot)318 static inline void remove_inuse(struct dquot *dquot)
319 {
320 dqstats_dec(DQST_ALLOC_DQUOTS);
321 list_del(&dquot->dq_inuse);
322 }
323 /*
324 * End of list functions needing dq_list_lock
325 */
326
wait_on_dquot(struct dquot * dquot)327 static void wait_on_dquot(struct dquot *dquot)
328 {
329 mutex_lock(&dquot->dq_lock);
330 mutex_unlock(&dquot->dq_lock);
331 }
332
dquot_dirty(struct dquot * dquot)333 static inline int dquot_dirty(struct dquot *dquot)
334 {
335 return test_bit(DQ_MOD_B, &dquot->dq_flags);
336 }
337
mark_dquot_dirty(struct dquot * dquot)338 static inline int mark_dquot_dirty(struct dquot *dquot)
339 {
340 return dquot->dq_sb->dq_op->mark_dirty(dquot);
341 }
342
343 /* Mark dquot dirty in atomic manner, and return it's old dirty flag state */
dquot_mark_dquot_dirty(struct dquot * dquot)344 int dquot_mark_dquot_dirty(struct dquot *dquot)
345 {
346 int ret = 1;
347
348 /* If quota is dirty already, we don't have to acquire dq_list_lock */
349 if (test_bit(DQ_MOD_B, &dquot->dq_flags))
350 return 1;
351
352 spin_lock(&dq_list_lock);
353 if (!test_and_set_bit(DQ_MOD_B, &dquot->dq_flags)) {
354 list_add(&dquot->dq_dirty, &sb_dqopt(dquot->dq_sb)->
355 info[dquot->dq_id.type].dqi_dirty_list);
356 ret = 0;
357 }
358 spin_unlock(&dq_list_lock);
359 return ret;
360 }
361 EXPORT_SYMBOL(dquot_mark_dquot_dirty);
362
363 /* Dirtify all the dquots - this can block when journalling */
mark_all_dquot_dirty(struct dquot * const * dquot)364 static inline int mark_all_dquot_dirty(struct dquot * const *dquot)
365 {
366 int ret, err, cnt;
367
368 ret = err = 0;
369 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
370 if (dquot[cnt])
371 /* Even in case of error we have to continue */
372 ret = mark_dquot_dirty(dquot[cnt]);
373 if (!err)
374 err = ret;
375 }
376 return err;
377 }
378
dqput_all(struct dquot ** dquot)379 static inline void dqput_all(struct dquot **dquot)
380 {
381 unsigned int cnt;
382
383 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
384 dqput(dquot[cnt]);
385 }
386
387 /* This function needs dq_list_lock */
clear_dquot_dirty(struct dquot * dquot)388 static inline int clear_dquot_dirty(struct dquot *dquot)
389 {
390 if (!test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags))
391 return 0;
392 list_del_init(&dquot->dq_dirty);
393 return 1;
394 }
395
mark_info_dirty(struct super_block * sb,int type)396 void mark_info_dirty(struct super_block *sb, int type)
397 {
398 set_bit(DQF_INFO_DIRTY_B, &sb_dqopt(sb)->info[type].dqi_flags);
399 }
400 EXPORT_SYMBOL(mark_info_dirty);
401
402 /*
403 * Read dquot from disk and alloc space for it
404 */
405
dquot_acquire(struct dquot * dquot)406 int dquot_acquire(struct dquot *dquot)
407 {
408 int ret = 0, ret2 = 0;
409 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
410
411 mutex_lock(&dquot->dq_lock);
412 mutex_lock(&dqopt->dqio_mutex);
413 if (!test_bit(DQ_READ_B, &dquot->dq_flags))
414 ret = dqopt->ops[dquot->dq_id.type]->read_dqblk(dquot);
415 if (ret < 0)
416 goto out_iolock;
417 set_bit(DQ_READ_B, &dquot->dq_flags);
418 /* Instantiate dquot if needed */
419 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && !dquot->dq_off) {
420 ret = dqopt->ops[dquot->dq_id.type]->commit_dqblk(dquot);
421 /* Write the info if needed */
422 if (info_dirty(&dqopt->info[dquot->dq_id.type])) {
423 ret2 = dqopt->ops[dquot->dq_id.type]->write_file_info(
424 dquot->dq_sb, dquot->dq_id.type);
425 }
426 if (ret < 0)
427 goto out_iolock;
428 if (ret2 < 0) {
429 ret = ret2;
430 goto out_iolock;
431 }
432 }
433 set_bit(DQ_ACTIVE_B, &dquot->dq_flags);
434 out_iolock:
435 mutex_unlock(&dqopt->dqio_mutex);
436 mutex_unlock(&dquot->dq_lock);
437 return ret;
438 }
439 EXPORT_SYMBOL(dquot_acquire);
440
441 /*
442 * Write dquot to disk
443 */
dquot_commit(struct dquot * dquot)444 int dquot_commit(struct dquot *dquot)
445 {
446 int ret = 0;
447 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
448
449 mutex_lock(&dqopt->dqio_mutex);
450 spin_lock(&dq_list_lock);
451 if (!clear_dquot_dirty(dquot)) {
452 spin_unlock(&dq_list_lock);
453 goto out_sem;
454 }
455 spin_unlock(&dq_list_lock);
456 /* Inactive dquot can be only if there was error during read/init
457 * => we have better not writing it */
458 if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags))
459 ret = dqopt->ops[dquot->dq_id.type]->commit_dqblk(dquot);
460 else
461 ret = -EIO;
462 out_sem:
463 mutex_unlock(&dqopt->dqio_mutex);
464 return ret;
465 }
466 EXPORT_SYMBOL(dquot_commit);
467
468 /*
469 * Release dquot
470 */
dquot_release(struct dquot * dquot)471 int dquot_release(struct dquot *dquot)
472 {
473 int ret = 0, ret2 = 0;
474 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
475
476 mutex_lock(&dquot->dq_lock);
477 /* Check whether we are not racing with some other dqget() */
478 if (atomic_read(&dquot->dq_count) > 1)
479 goto out_dqlock;
480 mutex_lock(&dqopt->dqio_mutex);
481 if (dqopt->ops[dquot->dq_id.type]->release_dqblk) {
482 ret = dqopt->ops[dquot->dq_id.type]->release_dqblk(dquot);
483 /* Write the info */
484 if (info_dirty(&dqopt->info[dquot->dq_id.type])) {
485 ret2 = dqopt->ops[dquot->dq_id.type]->write_file_info(
486 dquot->dq_sb, dquot->dq_id.type);
487 }
488 if (ret >= 0)
489 ret = ret2;
490 }
491 clear_bit(DQ_ACTIVE_B, &dquot->dq_flags);
492 mutex_unlock(&dqopt->dqio_mutex);
493 out_dqlock:
494 mutex_unlock(&dquot->dq_lock);
495 return ret;
496 }
497 EXPORT_SYMBOL(dquot_release);
498
dquot_destroy(struct dquot * dquot)499 void dquot_destroy(struct dquot *dquot)
500 {
501 kmem_cache_free(dquot_cachep, dquot);
502 }
503 EXPORT_SYMBOL(dquot_destroy);
504
do_destroy_dquot(struct dquot * dquot)505 static inline void do_destroy_dquot(struct dquot *dquot)
506 {
507 dquot->dq_sb->dq_op->destroy_dquot(dquot);
508 }
509
510 /* Invalidate all dquots on the list. Note that this function is called after
511 * quota is disabled and pointers from inodes removed so there cannot be new
512 * quota users. There can still be some users of quotas due to inodes being
513 * just deleted or pruned by prune_icache() (those are not attached to any
514 * list) or parallel quotactl call. We have to wait for such users.
515 */
invalidate_dquots(struct super_block * sb,int type)516 static void invalidate_dquots(struct super_block *sb, int type)
517 {
518 struct dquot *dquot, *tmp;
519
520 restart:
521 spin_lock(&dq_list_lock);
522 list_for_each_entry_safe(dquot, tmp, &inuse_list, dq_inuse) {
523 if (dquot->dq_sb != sb)
524 continue;
525 if (dquot->dq_id.type != type)
526 continue;
527 /* Wait for dquot users */
528 if (atomic_read(&dquot->dq_count)) {
529 DEFINE_WAIT(wait);
530
531 atomic_inc(&dquot->dq_count);
532 prepare_to_wait(&dquot->dq_wait_unused, &wait,
533 TASK_UNINTERRUPTIBLE);
534 spin_unlock(&dq_list_lock);
535 /* Once dqput() wakes us up, we know it's time to free
536 * the dquot.
537 * IMPORTANT: we rely on the fact that there is always
538 * at most one process waiting for dquot to free.
539 * Otherwise dq_count would be > 1 and we would never
540 * wake up.
541 */
542 if (atomic_read(&dquot->dq_count) > 1)
543 schedule();
544 finish_wait(&dquot->dq_wait_unused, &wait);
545 dqput(dquot);
546 /* At this moment dquot() need not exist (it could be
547 * reclaimed by prune_dqcache(). Hence we must
548 * restart. */
549 goto restart;
550 }
551 /*
552 * Quota now has no users and it has been written on last
553 * dqput()
554 */
555 remove_dquot_hash(dquot);
556 remove_free_dquot(dquot);
557 remove_inuse(dquot);
558 do_destroy_dquot(dquot);
559 }
560 spin_unlock(&dq_list_lock);
561 }
562
563 /* Call callback for every active dquot on given filesystem */
dquot_scan_active(struct super_block * sb,int (* fn)(struct dquot * dquot,unsigned long priv),unsigned long priv)564 int dquot_scan_active(struct super_block *sb,
565 int (*fn)(struct dquot *dquot, unsigned long priv),
566 unsigned long priv)
567 {
568 struct dquot *dquot, *old_dquot = NULL;
569 int ret = 0;
570
571 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
572 spin_lock(&dq_list_lock);
573 list_for_each_entry(dquot, &inuse_list, dq_inuse) {
574 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags))
575 continue;
576 if (dquot->dq_sb != sb)
577 continue;
578 /* Now we have active dquot so we can just increase use count */
579 atomic_inc(&dquot->dq_count);
580 spin_unlock(&dq_list_lock);
581 dqstats_inc(DQST_LOOKUPS);
582 dqput(old_dquot);
583 old_dquot = dquot;
584 ret = fn(dquot, priv);
585 if (ret < 0)
586 goto out;
587 spin_lock(&dq_list_lock);
588 /* We are safe to continue now because our dquot could not
589 * be moved out of the inuse list while we hold the reference */
590 }
591 spin_unlock(&dq_list_lock);
592 out:
593 dqput(old_dquot);
594 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
595 return ret;
596 }
597 EXPORT_SYMBOL(dquot_scan_active);
598
599 /* Write all dquot structures to quota files */
dquot_writeback_dquots(struct super_block * sb,int type)600 int dquot_writeback_dquots(struct super_block *sb, int type)
601 {
602 struct list_head *dirty;
603 struct dquot *dquot;
604 struct quota_info *dqopt = sb_dqopt(sb);
605 int cnt;
606 int err, ret = 0;
607
608 mutex_lock(&dqopt->dqonoff_mutex);
609 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
610 if (type != -1 && cnt != type)
611 continue;
612 if (!sb_has_quota_active(sb, cnt))
613 continue;
614 spin_lock(&dq_list_lock);
615 dirty = &dqopt->info[cnt].dqi_dirty_list;
616 while (!list_empty(dirty)) {
617 dquot = list_first_entry(dirty, struct dquot,
618 dq_dirty);
619 /* Dirty and inactive can be only bad dquot... */
620 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
621 clear_dquot_dirty(dquot);
622 continue;
623 }
624 /* Now we have active dquot from which someone is
625 * holding reference so we can safely just increase
626 * use count */
627 atomic_inc(&dquot->dq_count);
628 spin_unlock(&dq_list_lock);
629 dqstats_inc(DQST_LOOKUPS);
630 err = sb->dq_op->write_dquot(dquot);
631 if (!ret && err)
632 err = ret;
633 dqput(dquot);
634 spin_lock(&dq_list_lock);
635 }
636 spin_unlock(&dq_list_lock);
637 }
638
639 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
640 if ((cnt == type || type == -1) && sb_has_quota_active(sb, cnt)
641 && info_dirty(&dqopt->info[cnt]))
642 sb->dq_op->write_info(sb, cnt);
643 dqstats_inc(DQST_SYNCS);
644 mutex_unlock(&dqopt->dqonoff_mutex);
645
646 return ret;
647 }
648 EXPORT_SYMBOL(dquot_writeback_dquots);
649
650 /* Write all dquot structures to disk and make them visible from userspace */
dquot_quota_sync(struct super_block * sb,int type)651 int dquot_quota_sync(struct super_block *sb, int type)
652 {
653 struct quota_info *dqopt = sb_dqopt(sb);
654 int cnt;
655 int ret;
656
657 ret = dquot_writeback_dquots(sb, type);
658 if (ret)
659 return ret;
660 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
661 return 0;
662
663 /* This is not very clever (and fast) but currently I don't know about
664 * any other simple way of getting quota data to disk and we must get
665 * them there for userspace to be visible... */
666 if (sb->s_op->sync_fs)
667 sb->s_op->sync_fs(sb, 1);
668 sync_blockdev(sb->s_bdev);
669
670 /*
671 * Now when everything is written we can discard the pagecache so
672 * that userspace sees the changes.
673 */
674 mutex_lock(&dqopt->dqonoff_mutex);
675 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
676 if (type != -1 && cnt != type)
677 continue;
678 if (!sb_has_quota_active(sb, cnt))
679 continue;
680 mutex_lock(&dqopt->files[cnt]->i_mutex);
681 truncate_inode_pages(&dqopt->files[cnt]->i_data, 0);
682 mutex_unlock(&dqopt->files[cnt]->i_mutex);
683 }
684 mutex_unlock(&dqopt->dqonoff_mutex);
685
686 return 0;
687 }
688 EXPORT_SYMBOL(dquot_quota_sync);
689
690 /* Free unused dquots from cache */
prune_dqcache(int count)691 static void prune_dqcache(int count)
692 {
693 struct list_head *head;
694 struct dquot *dquot;
695
696 head = free_dquots.prev;
697 while (head != &free_dquots && count) {
698 dquot = list_entry(head, struct dquot, dq_free);
699 remove_dquot_hash(dquot);
700 remove_free_dquot(dquot);
701 remove_inuse(dquot);
702 do_destroy_dquot(dquot);
703 count--;
704 head = free_dquots.prev;
705 }
706 }
707
708 /*
709 * This is called from kswapd when we think we need some
710 * more memory
711 */
shrink_dqcache_memory(struct shrinker * shrink,struct shrink_control * sc)712 static int shrink_dqcache_memory(struct shrinker *shrink,
713 struct shrink_control *sc)
714 {
715 int nr = sc->nr_to_scan;
716
717 if (nr) {
718 spin_lock(&dq_list_lock);
719 prune_dqcache(nr);
720 spin_unlock(&dq_list_lock);
721 }
722 return ((unsigned)
723 percpu_counter_read_positive(&dqstats.counter[DQST_FREE_DQUOTS])
724 /100) * sysctl_vfs_cache_pressure;
725 }
726
727 static struct shrinker dqcache_shrinker = {
728 .shrink = shrink_dqcache_memory,
729 .seeks = DEFAULT_SEEKS,
730 };
731
732 /*
733 * Put reference to dquot
734 * NOTE: If you change this function please check whether dqput_blocks() works right...
735 */
dqput(struct dquot * dquot)736 void dqput(struct dquot *dquot)
737 {
738 int ret;
739
740 if (!dquot)
741 return;
742 #ifdef CONFIG_QUOTA_DEBUG
743 if (!atomic_read(&dquot->dq_count)) {
744 quota_error(dquot->dq_sb, "trying to free free dquot of %s %d",
745 quotatypes[dquot->dq_id.type],
746 from_kqid(&init_user_ns, dquot->dq_id));
747 BUG();
748 }
749 #endif
750 dqstats_inc(DQST_DROPS);
751 we_slept:
752 spin_lock(&dq_list_lock);
753 if (atomic_read(&dquot->dq_count) > 1) {
754 /* We have more than one user... nothing to do */
755 atomic_dec(&dquot->dq_count);
756 /* Releasing dquot during quotaoff phase? */
757 if (!sb_has_quota_active(dquot->dq_sb, dquot->dq_id.type) &&
758 atomic_read(&dquot->dq_count) == 1)
759 wake_up(&dquot->dq_wait_unused);
760 spin_unlock(&dq_list_lock);
761 return;
762 }
763 /* Need to release dquot? */
764 if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && dquot_dirty(dquot)) {
765 spin_unlock(&dq_list_lock);
766 /* Commit dquot before releasing */
767 ret = dquot->dq_sb->dq_op->write_dquot(dquot);
768 if (ret < 0) {
769 quota_error(dquot->dq_sb, "Can't write quota structure"
770 " (error %d). Quota may get out of sync!",
771 ret);
772 /*
773 * We clear dirty bit anyway, so that we avoid
774 * infinite loop here
775 */
776 spin_lock(&dq_list_lock);
777 clear_dquot_dirty(dquot);
778 spin_unlock(&dq_list_lock);
779 }
780 goto we_slept;
781 }
782 /* Clear flag in case dquot was inactive (something bad happened) */
783 clear_dquot_dirty(dquot);
784 if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
785 spin_unlock(&dq_list_lock);
786 dquot->dq_sb->dq_op->release_dquot(dquot);
787 goto we_slept;
788 }
789 atomic_dec(&dquot->dq_count);
790 #ifdef CONFIG_QUOTA_DEBUG
791 /* sanity check */
792 BUG_ON(!list_empty(&dquot->dq_free));
793 #endif
794 put_dquot_last(dquot);
795 spin_unlock(&dq_list_lock);
796 }
797 EXPORT_SYMBOL(dqput);
798
dquot_alloc(struct super_block * sb,int type)799 struct dquot *dquot_alloc(struct super_block *sb, int type)
800 {
801 return kmem_cache_zalloc(dquot_cachep, GFP_NOFS);
802 }
803 EXPORT_SYMBOL(dquot_alloc);
804
get_empty_dquot(struct super_block * sb,int type)805 static struct dquot *get_empty_dquot(struct super_block *sb, int type)
806 {
807 struct dquot *dquot;
808
809 dquot = sb->dq_op->alloc_dquot(sb, type);
810 if(!dquot)
811 return NULL;
812
813 mutex_init(&dquot->dq_lock);
814 INIT_LIST_HEAD(&dquot->dq_free);
815 INIT_LIST_HEAD(&dquot->dq_inuse);
816 INIT_HLIST_NODE(&dquot->dq_hash);
817 INIT_LIST_HEAD(&dquot->dq_dirty);
818 init_waitqueue_head(&dquot->dq_wait_unused);
819 dquot->dq_sb = sb;
820 dquot->dq_id = make_kqid_invalid(type);
821 atomic_set(&dquot->dq_count, 1);
822
823 return dquot;
824 }
825
826 /*
827 * Get reference to dquot
828 *
829 * Locking is slightly tricky here. We are guarded from parallel quotaoff()
830 * destroying our dquot by:
831 * a) checking for quota flags under dq_list_lock and
832 * b) getting a reference to dquot before we release dq_list_lock
833 */
dqget(struct super_block * sb,struct kqid qid)834 struct dquot *dqget(struct super_block *sb, struct kqid qid)
835 {
836 unsigned int hashent = hashfn(sb, qid);
837 struct dquot *dquot = NULL, *empty = NULL;
838
839 if (!sb_has_quota_active(sb, qid.type))
840 return NULL;
841 we_slept:
842 spin_lock(&dq_list_lock);
843 spin_lock(&dq_state_lock);
844 if (!sb_has_quota_active(sb, qid.type)) {
845 spin_unlock(&dq_state_lock);
846 spin_unlock(&dq_list_lock);
847 goto out;
848 }
849 spin_unlock(&dq_state_lock);
850
851 dquot = find_dquot(hashent, sb, qid);
852 if (!dquot) {
853 if (!empty) {
854 spin_unlock(&dq_list_lock);
855 empty = get_empty_dquot(sb, qid.type);
856 if (!empty)
857 schedule(); /* Try to wait for a moment... */
858 goto we_slept;
859 }
860 dquot = empty;
861 empty = NULL;
862 dquot->dq_id = qid;
863 /* all dquots go on the inuse_list */
864 put_inuse(dquot);
865 /* hash it first so it can be found */
866 insert_dquot_hash(dquot);
867 spin_unlock(&dq_list_lock);
868 dqstats_inc(DQST_LOOKUPS);
869 } else {
870 if (!atomic_read(&dquot->dq_count))
871 remove_free_dquot(dquot);
872 atomic_inc(&dquot->dq_count);
873 spin_unlock(&dq_list_lock);
874 dqstats_inc(DQST_CACHE_HITS);
875 dqstats_inc(DQST_LOOKUPS);
876 }
877 /* Wait for dq_lock - after this we know that either dquot_release() is
878 * already finished or it will be canceled due to dq_count > 1 test */
879 wait_on_dquot(dquot);
880 /* Read the dquot / allocate space in quota file */
881 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags) &&
882 sb->dq_op->acquire_dquot(dquot) < 0) {
883 dqput(dquot);
884 dquot = NULL;
885 goto out;
886 }
887 #ifdef CONFIG_QUOTA_DEBUG
888 BUG_ON(!dquot->dq_sb); /* Has somebody invalidated entry under us? */
889 #endif
890 out:
891 if (empty)
892 do_destroy_dquot(empty);
893
894 return dquot;
895 }
896 EXPORT_SYMBOL(dqget);
897
dqinit_needed(struct inode * inode,int type)898 static int dqinit_needed(struct inode *inode, int type)
899 {
900 int cnt;
901
902 if (IS_NOQUOTA(inode))
903 return 0;
904 if (type != -1)
905 return !inode->i_dquot[type];
906 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
907 if (!inode->i_dquot[cnt])
908 return 1;
909 return 0;
910 }
911
912 /* This routine is guarded by dqonoff_mutex mutex */
add_dquot_ref(struct super_block * sb,int type)913 static void add_dquot_ref(struct super_block *sb, int type)
914 {
915 struct inode *inode, *old_inode = NULL;
916 #ifdef CONFIG_QUOTA_DEBUG
917 int reserved = 0;
918 #endif
919
920 spin_lock(&inode_sb_list_lock);
921 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
922 spin_lock(&inode->i_lock);
923 if ((inode->i_state & (I_FREEING|I_WILL_FREE|I_NEW)) ||
924 !atomic_read(&inode->i_writecount) ||
925 !dqinit_needed(inode, type)) {
926 spin_unlock(&inode->i_lock);
927 continue;
928 }
929 __iget(inode);
930 spin_unlock(&inode->i_lock);
931 spin_unlock(&inode_sb_list_lock);
932
933 #ifdef CONFIG_QUOTA_DEBUG
934 if (unlikely(inode_get_rsv_space(inode) > 0))
935 reserved = 1;
936 #endif
937 iput(old_inode);
938 __dquot_initialize(inode, type);
939
940 /*
941 * We hold a reference to 'inode' so it couldn't have been
942 * removed from s_inodes list while we dropped the
943 * inode_sb_list_lock We cannot iput the inode now as we can be
944 * holding the last reference and we cannot iput it under
945 * inode_sb_list_lock. So we keep the reference and iput it
946 * later.
947 */
948 old_inode = inode;
949 spin_lock(&inode_sb_list_lock);
950 }
951 spin_unlock(&inode_sb_list_lock);
952 iput(old_inode);
953
954 #ifdef CONFIG_QUOTA_DEBUG
955 if (reserved) {
956 quota_error(sb, "Writes happened before quota was turned on "
957 "thus quota information is probably inconsistent. "
958 "Please run quotacheck(8)");
959 }
960 #endif
961 }
962
963 /*
964 * Return 0 if dqput() won't block.
965 * (note that 1 doesn't necessarily mean blocking)
966 */
dqput_blocks(struct dquot * dquot)967 static inline int dqput_blocks(struct dquot *dquot)
968 {
969 if (atomic_read(&dquot->dq_count) <= 1)
970 return 1;
971 return 0;
972 }
973
974 /*
975 * Remove references to dquots from inode and add dquot to list for freeing
976 * if we have the last reference to dquot
977 * We can't race with anybody because we hold dqptr_sem for writing...
978 */
remove_inode_dquot_ref(struct inode * inode,int type,struct list_head * tofree_head)979 static int remove_inode_dquot_ref(struct inode *inode, int type,
980 struct list_head *tofree_head)
981 {
982 struct dquot *dquot = inode->i_dquot[type];
983
984 inode->i_dquot[type] = NULL;
985 if (dquot) {
986 if (dqput_blocks(dquot)) {
987 #ifdef CONFIG_QUOTA_DEBUG
988 if (atomic_read(&dquot->dq_count) != 1)
989 quota_error(inode->i_sb, "Adding dquot with "
990 "dq_count %d to dispose list",
991 atomic_read(&dquot->dq_count));
992 #endif
993 spin_lock(&dq_list_lock);
994 /* As dquot must have currently users it can't be on
995 * the free list... */
996 list_add(&dquot->dq_free, tofree_head);
997 spin_unlock(&dq_list_lock);
998 return 1;
999 }
1000 else
1001 dqput(dquot); /* We have guaranteed we won't block */
1002 }
1003 return 0;
1004 }
1005
1006 /*
1007 * Free list of dquots
1008 * Dquots are removed from inodes and no new references can be got so we are
1009 * the only ones holding reference
1010 */
put_dquot_list(struct list_head * tofree_head)1011 static void put_dquot_list(struct list_head *tofree_head)
1012 {
1013 struct list_head *act_head;
1014 struct dquot *dquot;
1015
1016 act_head = tofree_head->next;
1017 while (act_head != tofree_head) {
1018 dquot = list_entry(act_head, struct dquot, dq_free);
1019 act_head = act_head->next;
1020 /* Remove dquot from the list so we won't have problems... */
1021 list_del_init(&dquot->dq_free);
1022 dqput(dquot);
1023 }
1024 }
1025
remove_dquot_ref(struct super_block * sb,int type,struct list_head * tofree_head)1026 static void remove_dquot_ref(struct super_block *sb, int type,
1027 struct list_head *tofree_head)
1028 {
1029 struct inode *inode;
1030 int reserved = 0;
1031
1032 spin_lock(&inode_sb_list_lock);
1033 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
1034 /*
1035 * We have to scan also I_NEW inodes because they can already
1036 * have quota pointer initialized. Luckily, we need to touch
1037 * only quota pointers and these have separate locking
1038 * (dqptr_sem).
1039 */
1040 if (!IS_NOQUOTA(inode)) {
1041 if (unlikely(inode_get_rsv_space(inode) > 0))
1042 reserved = 1;
1043 remove_inode_dquot_ref(inode, type, tofree_head);
1044 }
1045 }
1046 spin_unlock(&inode_sb_list_lock);
1047 #ifdef CONFIG_QUOTA_DEBUG
1048 if (reserved) {
1049 printk(KERN_WARNING "VFS (%s): Writes happened after quota"
1050 " was disabled thus quota information is probably "
1051 "inconsistent. Please run quotacheck(8).\n", sb->s_id);
1052 }
1053 #endif
1054 }
1055
1056 /* Gather all references from inodes and drop them */
drop_dquot_ref(struct super_block * sb,int type)1057 static void drop_dquot_ref(struct super_block *sb, int type)
1058 {
1059 LIST_HEAD(tofree_head);
1060
1061 if (sb->dq_op) {
1062 down_write(&sb_dqopt(sb)->dqptr_sem);
1063 remove_dquot_ref(sb, type, &tofree_head);
1064 up_write(&sb_dqopt(sb)->dqptr_sem);
1065 put_dquot_list(&tofree_head);
1066 }
1067 }
1068
dquot_incr_inodes(struct dquot * dquot,qsize_t number)1069 static inline void dquot_incr_inodes(struct dquot *dquot, qsize_t number)
1070 {
1071 dquot->dq_dqb.dqb_curinodes += number;
1072 }
1073
dquot_incr_space(struct dquot * dquot,qsize_t number)1074 static inline void dquot_incr_space(struct dquot *dquot, qsize_t number)
1075 {
1076 dquot->dq_dqb.dqb_curspace += number;
1077 }
1078
dquot_resv_space(struct dquot * dquot,qsize_t number)1079 static inline void dquot_resv_space(struct dquot *dquot, qsize_t number)
1080 {
1081 dquot->dq_dqb.dqb_rsvspace += number;
1082 }
1083
1084 /*
1085 * Claim reserved quota space
1086 */
dquot_claim_reserved_space(struct dquot * dquot,qsize_t number)1087 static void dquot_claim_reserved_space(struct dquot *dquot, qsize_t number)
1088 {
1089 if (dquot->dq_dqb.dqb_rsvspace < number) {
1090 WARN_ON_ONCE(1);
1091 number = dquot->dq_dqb.dqb_rsvspace;
1092 }
1093 dquot->dq_dqb.dqb_curspace += number;
1094 dquot->dq_dqb.dqb_rsvspace -= number;
1095 }
1096
1097 static inline
dquot_free_reserved_space(struct dquot * dquot,qsize_t number)1098 void dquot_free_reserved_space(struct dquot *dquot, qsize_t number)
1099 {
1100 if (dquot->dq_dqb.dqb_rsvspace >= number)
1101 dquot->dq_dqb.dqb_rsvspace -= number;
1102 else {
1103 WARN_ON_ONCE(1);
1104 dquot->dq_dqb.dqb_rsvspace = 0;
1105 }
1106 }
1107
dquot_decr_inodes(struct dquot * dquot,qsize_t number)1108 static void dquot_decr_inodes(struct dquot *dquot, qsize_t number)
1109 {
1110 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NEGATIVE_USAGE ||
1111 dquot->dq_dqb.dqb_curinodes >= number)
1112 dquot->dq_dqb.dqb_curinodes -= number;
1113 else
1114 dquot->dq_dqb.dqb_curinodes = 0;
1115 if (dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit)
1116 dquot->dq_dqb.dqb_itime = (time_t) 0;
1117 clear_bit(DQ_INODES_B, &dquot->dq_flags);
1118 }
1119
dquot_decr_space(struct dquot * dquot,qsize_t number)1120 static void dquot_decr_space(struct dquot *dquot, qsize_t number)
1121 {
1122 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NEGATIVE_USAGE ||
1123 dquot->dq_dqb.dqb_curspace >= number)
1124 dquot->dq_dqb.dqb_curspace -= number;
1125 else
1126 dquot->dq_dqb.dqb_curspace = 0;
1127 if (dquot->dq_dqb.dqb_curspace <= dquot->dq_dqb.dqb_bsoftlimit)
1128 dquot->dq_dqb.dqb_btime = (time_t) 0;
1129 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1130 }
1131
1132 struct dquot_warn {
1133 struct super_block *w_sb;
1134 struct kqid w_dq_id;
1135 short w_type;
1136 };
1137
warning_issued(struct dquot * dquot,const int warntype)1138 static int warning_issued(struct dquot *dquot, const int warntype)
1139 {
1140 int flag = (warntype == QUOTA_NL_BHARDWARN ||
1141 warntype == QUOTA_NL_BSOFTLONGWARN) ? DQ_BLKS_B :
1142 ((warntype == QUOTA_NL_IHARDWARN ||
1143 warntype == QUOTA_NL_ISOFTLONGWARN) ? DQ_INODES_B : 0);
1144
1145 if (!flag)
1146 return 0;
1147 return test_and_set_bit(flag, &dquot->dq_flags);
1148 }
1149
1150 #ifdef CONFIG_PRINT_QUOTA_WARNING
1151 static int flag_print_warnings = 1;
1152
need_print_warning(struct dquot_warn * warn)1153 static int need_print_warning(struct dquot_warn *warn)
1154 {
1155 if (!flag_print_warnings)
1156 return 0;
1157
1158 switch (warn->w_dq_id.type) {
1159 case USRQUOTA:
1160 return uid_eq(current_fsuid(), warn->w_dq_id.uid);
1161 case GRPQUOTA:
1162 return in_group_p(warn->w_dq_id.gid);
1163 case PRJQUOTA: /* Never taken... Just make gcc happy */
1164 return 0;
1165 }
1166 return 0;
1167 }
1168
1169 /* Print warning to user which exceeded quota */
print_warning(struct dquot_warn * warn)1170 static void print_warning(struct dquot_warn *warn)
1171 {
1172 char *msg = NULL;
1173 struct tty_struct *tty;
1174 int warntype = warn->w_type;
1175
1176 if (warntype == QUOTA_NL_IHARDBELOW ||
1177 warntype == QUOTA_NL_ISOFTBELOW ||
1178 warntype == QUOTA_NL_BHARDBELOW ||
1179 warntype == QUOTA_NL_BSOFTBELOW || !need_print_warning(warn))
1180 return;
1181
1182 tty = get_current_tty();
1183 if (!tty)
1184 return;
1185 tty_write_message(tty, warn->w_sb->s_id);
1186 if (warntype == QUOTA_NL_ISOFTWARN || warntype == QUOTA_NL_BSOFTWARN)
1187 tty_write_message(tty, ": warning, ");
1188 else
1189 tty_write_message(tty, ": write failed, ");
1190 tty_write_message(tty, quotatypes[warn->w_dq_id.type]);
1191 switch (warntype) {
1192 case QUOTA_NL_IHARDWARN:
1193 msg = " file limit reached.\r\n";
1194 break;
1195 case QUOTA_NL_ISOFTLONGWARN:
1196 msg = " file quota exceeded too long.\r\n";
1197 break;
1198 case QUOTA_NL_ISOFTWARN:
1199 msg = " file quota exceeded.\r\n";
1200 break;
1201 case QUOTA_NL_BHARDWARN:
1202 msg = " block limit reached.\r\n";
1203 break;
1204 case QUOTA_NL_BSOFTLONGWARN:
1205 msg = " block quota exceeded too long.\r\n";
1206 break;
1207 case QUOTA_NL_BSOFTWARN:
1208 msg = " block quota exceeded.\r\n";
1209 break;
1210 }
1211 tty_write_message(tty, msg);
1212 tty_kref_put(tty);
1213 }
1214 #endif
1215
prepare_warning(struct dquot_warn * warn,struct dquot * dquot,int warntype)1216 static void prepare_warning(struct dquot_warn *warn, struct dquot *dquot,
1217 int warntype)
1218 {
1219 if (warning_issued(dquot, warntype))
1220 return;
1221 warn->w_type = warntype;
1222 warn->w_sb = dquot->dq_sb;
1223 warn->w_dq_id = dquot->dq_id;
1224 }
1225
1226 /*
1227 * Write warnings to the console and send warning messages over netlink.
1228 *
1229 * Note that this function can call into tty and networking code.
1230 */
flush_warnings(struct dquot_warn * warn)1231 static void flush_warnings(struct dquot_warn *warn)
1232 {
1233 int i;
1234
1235 for (i = 0; i < MAXQUOTAS; i++) {
1236 if (warn[i].w_type == QUOTA_NL_NOWARN)
1237 continue;
1238 #ifdef CONFIG_PRINT_QUOTA_WARNING
1239 print_warning(&warn[i]);
1240 #endif
1241 quota_send_warning(warn[i].w_dq_id,
1242 warn[i].w_sb->s_dev, warn[i].w_type);
1243 }
1244 }
1245
ignore_hardlimit(struct dquot * dquot)1246 static int ignore_hardlimit(struct dquot *dquot)
1247 {
1248 struct mem_dqinfo *info = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
1249
1250 return capable(CAP_SYS_RESOURCE) &&
1251 (info->dqi_format->qf_fmt_id != QFMT_VFS_OLD ||
1252 !(info->dqi_flags & V1_DQF_RSQUASH));
1253 }
1254
1255 /* needs dq_data_lock */
check_idq(struct dquot * dquot,qsize_t inodes,struct dquot_warn * warn)1256 static int check_idq(struct dquot *dquot, qsize_t inodes,
1257 struct dquot_warn *warn)
1258 {
1259 qsize_t newinodes = dquot->dq_dqb.dqb_curinodes + inodes;
1260
1261 if (!sb_has_quota_limits_enabled(dquot->dq_sb, dquot->dq_id.type) ||
1262 test_bit(DQ_FAKE_B, &dquot->dq_flags))
1263 return 0;
1264
1265 if (dquot->dq_dqb.dqb_ihardlimit &&
1266 newinodes > dquot->dq_dqb.dqb_ihardlimit &&
1267 !ignore_hardlimit(dquot)) {
1268 prepare_warning(warn, dquot, QUOTA_NL_IHARDWARN);
1269 return -EDQUOT;
1270 }
1271
1272 if (dquot->dq_dqb.dqb_isoftlimit &&
1273 newinodes > dquot->dq_dqb.dqb_isoftlimit &&
1274 dquot->dq_dqb.dqb_itime &&
1275 get_seconds() >= dquot->dq_dqb.dqb_itime &&
1276 !ignore_hardlimit(dquot)) {
1277 prepare_warning(warn, dquot, QUOTA_NL_ISOFTLONGWARN);
1278 return -EDQUOT;
1279 }
1280
1281 if (dquot->dq_dqb.dqb_isoftlimit &&
1282 newinodes > dquot->dq_dqb.dqb_isoftlimit &&
1283 dquot->dq_dqb.dqb_itime == 0) {
1284 prepare_warning(warn, dquot, QUOTA_NL_ISOFTWARN);
1285 dquot->dq_dqb.dqb_itime = get_seconds() +
1286 sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type].dqi_igrace;
1287 }
1288
1289 return 0;
1290 }
1291
1292 /* needs dq_data_lock */
check_bdq(struct dquot * dquot,qsize_t space,int prealloc,struct dquot_warn * warn)1293 static int check_bdq(struct dquot *dquot, qsize_t space, int prealloc,
1294 struct dquot_warn *warn)
1295 {
1296 qsize_t tspace;
1297 struct super_block *sb = dquot->dq_sb;
1298
1299 if (!sb_has_quota_limits_enabled(sb, dquot->dq_id.type) ||
1300 test_bit(DQ_FAKE_B, &dquot->dq_flags))
1301 return 0;
1302
1303 tspace = dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace
1304 + space;
1305
1306 if (dquot->dq_dqb.dqb_bhardlimit &&
1307 tspace > dquot->dq_dqb.dqb_bhardlimit &&
1308 !ignore_hardlimit(dquot)) {
1309 if (!prealloc)
1310 prepare_warning(warn, dquot, QUOTA_NL_BHARDWARN);
1311 return -EDQUOT;
1312 }
1313
1314 if (dquot->dq_dqb.dqb_bsoftlimit &&
1315 tspace > dquot->dq_dqb.dqb_bsoftlimit &&
1316 dquot->dq_dqb.dqb_btime &&
1317 get_seconds() >= dquot->dq_dqb.dqb_btime &&
1318 !ignore_hardlimit(dquot)) {
1319 if (!prealloc)
1320 prepare_warning(warn, dquot, QUOTA_NL_BSOFTLONGWARN);
1321 return -EDQUOT;
1322 }
1323
1324 if (dquot->dq_dqb.dqb_bsoftlimit &&
1325 tspace > dquot->dq_dqb.dqb_bsoftlimit &&
1326 dquot->dq_dqb.dqb_btime == 0) {
1327 if (!prealloc) {
1328 prepare_warning(warn, dquot, QUOTA_NL_BSOFTWARN);
1329 dquot->dq_dqb.dqb_btime = get_seconds() +
1330 sb_dqopt(sb)->info[dquot->dq_id.type].dqi_bgrace;
1331 }
1332 else
1333 /*
1334 * We don't allow preallocation to exceed softlimit so exceeding will
1335 * be always printed
1336 */
1337 return -EDQUOT;
1338 }
1339
1340 return 0;
1341 }
1342
info_idq_free(struct dquot * dquot,qsize_t inodes)1343 static int info_idq_free(struct dquot *dquot, qsize_t inodes)
1344 {
1345 qsize_t newinodes;
1346
1347 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1348 dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit ||
1349 !sb_has_quota_limits_enabled(dquot->dq_sb, dquot->dq_id.type))
1350 return QUOTA_NL_NOWARN;
1351
1352 newinodes = dquot->dq_dqb.dqb_curinodes - inodes;
1353 if (newinodes <= dquot->dq_dqb.dqb_isoftlimit)
1354 return QUOTA_NL_ISOFTBELOW;
1355 if (dquot->dq_dqb.dqb_curinodes >= dquot->dq_dqb.dqb_ihardlimit &&
1356 newinodes < dquot->dq_dqb.dqb_ihardlimit)
1357 return QUOTA_NL_IHARDBELOW;
1358 return QUOTA_NL_NOWARN;
1359 }
1360
info_bdq_free(struct dquot * dquot,qsize_t space)1361 static int info_bdq_free(struct dquot *dquot, qsize_t space)
1362 {
1363 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1364 dquot->dq_dqb.dqb_curspace <= dquot->dq_dqb.dqb_bsoftlimit)
1365 return QUOTA_NL_NOWARN;
1366
1367 if (dquot->dq_dqb.dqb_curspace - space <= dquot->dq_dqb.dqb_bsoftlimit)
1368 return QUOTA_NL_BSOFTBELOW;
1369 if (dquot->dq_dqb.dqb_curspace >= dquot->dq_dqb.dqb_bhardlimit &&
1370 dquot->dq_dqb.dqb_curspace - space < dquot->dq_dqb.dqb_bhardlimit)
1371 return QUOTA_NL_BHARDBELOW;
1372 return QUOTA_NL_NOWARN;
1373 }
1374
dquot_active(const struct inode * inode)1375 static int dquot_active(const struct inode *inode)
1376 {
1377 struct super_block *sb = inode->i_sb;
1378
1379 if (IS_NOQUOTA(inode))
1380 return 0;
1381 return sb_any_quota_loaded(sb) & ~sb_any_quota_suspended(sb);
1382 }
1383
1384 /*
1385 * Initialize quota pointers in inode
1386 *
1387 * We do things in a bit complicated way but by that we avoid calling
1388 * dqget() and thus filesystem callbacks under dqptr_sem.
1389 *
1390 * It is better to call this function outside of any transaction as it
1391 * might need a lot of space in journal for dquot structure allocation.
1392 */
__dquot_initialize(struct inode * inode,int type)1393 static void __dquot_initialize(struct inode *inode, int type)
1394 {
1395 int cnt;
1396 struct dquot *got[MAXQUOTAS];
1397 struct super_block *sb = inode->i_sb;
1398 qsize_t rsv;
1399
1400 /* First test before acquiring mutex - solves deadlocks when we
1401 * re-enter the quota code and are already holding the mutex */
1402 if (!dquot_active(inode))
1403 return;
1404
1405 /* First get references to structures we might need. */
1406 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1407 struct kqid qid;
1408 got[cnt] = NULL;
1409 if (type != -1 && cnt != type)
1410 continue;
1411 switch (cnt) {
1412 case USRQUOTA:
1413 qid = make_kqid_uid(inode->i_uid);
1414 break;
1415 case GRPQUOTA:
1416 qid = make_kqid_gid(inode->i_gid);
1417 break;
1418 }
1419 got[cnt] = dqget(sb, qid);
1420 }
1421
1422 down_write(&sb_dqopt(sb)->dqptr_sem);
1423 if (IS_NOQUOTA(inode))
1424 goto out_err;
1425 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1426 if (type != -1 && cnt != type)
1427 continue;
1428 /* Avoid races with quotaoff() */
1429 if (!sb_has_quota_active(sb, cnt))
1430 continue;
1431 /* We could race with quotaon or dqget() could have failed */
1432 if (!got[cnt])
1433 continue;
1434 if (!inode->i_dquot[cnt]) {
1435 inode->i_dquot[cnt] = got[cnt];
1436 got[cnt] = NULL;
1437 /*
1438 * Make quota reservation system happy if someone
1439 * did a write before quota was turned on
1440 */
1441 rsv = inode_get_rsv_space(inode);
1442 if (unlikely(rsv)) {
1443 spin_lock(&dq_data_lock);
1444 dquot_resv_space(inode->i_dquot[cnt], rsv);
1445 spin_unlock(&dq_data_lock);
1446 }
1447 }
1448 }
1449 out_err:
1450 up_write(&sb_dqopt(sb)->dqptr_sem);
1451 /* Drop unused references */
1452 dqput_all(got);
1453 }
1454
dquot_initialize(struct inode * inode)1455 void dquot_initialize(struct inode *inode)
1456 {
1457 __dquot_initialize(inode, -1);
1458 }
1459 EXPORT_SYMBOL(dquot_initialize);
1460
1461 /*
1462 * Release all quotas referenced by inode
1463 */
__dquot_drop(struct inode * inode)1464 static void __dquot_drop(struct inode *inode)
1465 {
1466 int cnt;
1467 struct dquot *put[MAXQUOTAS];
1468
1469 down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1470 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1471 put[cnt] = inode->i_dquot[cnt];
1472 inode->i_dquot[cnt] = NULL;
1473 }
1474 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1475 dqput_all(put);
1476 }
1477
dquot_drop(struct inode * inode)1478 void dquot_drop(struct inode *inode)
1479 {
1480 int cnt;
1481
1482 if (IS_NOQUOTA(inode))
1483 return;
1484
1485 /*
1486 * Test before calling to rule out calls from proc and such
1487 * where we are not allowed to block. Note that this is
1488 * actually reliable test even without the lock - the caller
1489 * must assure that nobody can come after the DQUOT_DROP and
1490 * add quota pointers back anyway.
1491 */
1492 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1493 if (inode->i_dquot[cnt])
1494 break;
1495 }
1496
1497 if (cnt < MAXQUOTAS)
1498 __dquot_drop(inode);
1499 }
1500 EXPORT_SYMBOL(dquot_drop);
1501
1502 /*
1503 * inode_reserved_space is managed internally by quota, and protected by
1504 * i_lock similar to i_blocks+i_bytes.
1505 */
inode_reserved_space(struct inode * inode)1506 static qsize_t *inode_reserved_space(struct inode * inode)
1507 {
1508 /* Filesystem must explicitly define it's own method in order to use
1509 * quota reservation interface */
1510 BUG_ON(!inode->i_sb->dq_op->get_reserved_space);
1511 return inode->i_sb->dq_op->get_reserved_space(inode);
1512 }
1513
inode_add_rsv_space(struct inode * inode,qsize_t number)1514 void inode_add_rsv_space(struct inode *inode, qsize_t number)
1515 {
1516 spin_lock(&inode->i_lock);
1517 *inode_reserved_space(inode) += number;
1518 spin_unlock(&inode->i_lock);
1519 }
1520 EXPORT_SYMBOL(inode_add_rsv_space);
1521
inode_claim_rsv_space(struct inode * inode,qsize_t number)1522 void inode_claim_rsv_space(struct inode *inode, qsize_t number)
1523 {
1524 spin_lock(&inode->i_lock);
1525 *inode_reserved_space(inode) -= number;
1526 __inode_add_bytes(inode, number);
1527 spin_unlock(&inode->i_lock);
1528 }
1529 EXPORT_SYMBOL(inode_claim_rsv_space);
1530
inode_sub_rsv_space(struct inode * inode,qsize_t number)1531 void inode_sub_rsv_space(struct inode *inode, qsize_t number)
1532 {
1533 spin_lock(&inode->i_lock);
1534 *inode_reserved_space(inode) -= number;
1535 spin_unlock(&inode->i_lock);
1536 }
1537 EXPORT_SYMBOL(inode_sub_rsv_space);
1538
inode_get_rsv_space(struct inode * inode)1539 static qsize_t inode_get_rsv_space(struct inode *inode)
1540 {
1541 qsize_t ret;
1542
1543 if (!inode->i_sb->dq_op->get_reserved_space)
1544 return 0;
1545 spin_lock(&inode->i_lock);
1546 ret = *inode_reserved_space(inode);
1547 spin_unlock(&inode->i_lock);
1548 return ret;
1549 }
1550
inode_incr_space(struct inode * inode,qsize_t number,int reserve)1551 static void inode_incr_space(struct inode *inode, qsize_t number,
1552 int reserve)
1553 {
1554 if (reserve)
1555 inode_add_rsv_space(inode, number);
1556 else
1557 inode_add_bytes(inode, number);
1558 }
1559
inode_decr_space(struct inode * inode,qsize_t number,int reserve)1560 static void inode_decr_space(struct inode *inode, qsize_t number, int reserve)
1561 {
1562 if (reserve)
1563 inode_sub_rsv_space(inode, number);
1564 else
1565 inode_sub_bytes(inode, number);
1566 }
1567
1568 /*
1569 * This functions updates i_blocks+i_bytes fields and quota information
1570 * (together with appropriate checks).
1571 *
1572 * NOTE: We absolutely rely on the fact that caller dirties the inode
1573 * (usually helpers in quotaops.h care about this) and holds a handle for
1574 * the current transaction so that dquot write and inode write go into the
1575 * same transaction.
1576 */
1577
1578 /*
1579 * This operation can block, but only after everything is updated
1580 */
__dquot_alloc_space(struct inode * inode,qsize_t number,int flags)1581 int __dquot_alloc_space(struct inode *inode, qsize_t number, int flags)
1582 {
1583 int cnt, ret = 0;
1584 struct dquot_warn warn[MAXQUOTAS];
1585 struct dquot **dquots = inode->i_dquot;
1586 int reserve = flags & DQUOT_SPACE_RESERVE;
1587
1588 /*
1589 * First test before acquiring mutex - solves deadlocks when we
1590 * re-enter the quota code and are already holding the mutex
1591 */
1592 if (!dquot_active(inode)) {
1593 inode_incr_space(inode, number, reserve);
1594 goto out;
1595 }
1596
1597 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1598 warn[cnt].w_type = QUOTA_NL_NOWARN;
1599
1600 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1601 spin_lock(&dq_data_lock);
1602 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1603 if (!dquots[cnt])
1604 continue;
1605 ret = check_bdq(dquots[cnt], number,
1606 !(flags & DQUOT_SPACE_WARN), &warn[cnt]);
1607 if (ret && !(flags & DQUOT_SPACE_NOFAIL)) {
1608 spin_unlock(&dq_data_lock);
1609 goto out_flush_warn;
1610 }
1611 }
1612 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1613 if (!dquots[cnt])
1614 continue;
1615 if (reserve)
1616 dquot_resv_space(dquots[cnt], number);
1617 else
1618 dquot_incr_space(dquots[cnt], number);
1619 }
1620 inode_incr_space(inode, number, reserve);
1621 spin_unlock(&dq_data_lock);
1622
1623 if (reserve)
1624 goto out_flush_warn;
1625 mark_all_dquot_dirty(dquots);
1626 out_flush_warn:
1627 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1628 flush_warnings(warn);
1629 out:
1630 return ret;
1631 }
1632 EXPORT_SYMBOL(__dquot_alloc_space);
1633
1634 /*
1635 * This operation can block, but only after everything is updated
1636 */
dquot_alloc_inode(const struct inode * inode)1637 int dquot_alloc_inode(const struct inode *inode)
1638 {
1639 int cnt, ret = 0;
1640 struct dquot_warn warn[MAXQUOTAS];
1641 struct dquot * const *dquots = inode->i_dquot;
1642
1643 /* First test before acquiring mutex - solves deadlocks when we
1644 * re-enter the quota code and are already holding the mutex */
1645 if (!dquot_active(inode))
1646 return 0;
1647 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1648 warn[cnt].w_type = QUOTA_NL_NOWARN;
1649 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1650 spin_lock(&dq_data_lock);
1651 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1652 if (!dquots[cnt])
1653 continue;
1654 ret = check_idq(dquots[cnt], 1, &warn[cnt]);
1655 if (ret)
1656 goto warn_put_all;
1657 }
1658
1659 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1660 if (!dquots[cnt])
1661 continue;
1662 dquot_incr_inodes(dquots[cnt], 1);
1663 }
1664
1665 warn_put_all:
1666 spin_unlock(&dq_data_lock);
1667 if (ret == 0)
1668 mark_all_dquot_dirty(dquots);
1669 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1670 flush_warnings(warn);
1671 return ret;
1672 }
1673 EXPORT_SYMBOL(dquot_alloc_inode);
1674
1675 /*
1676 * Convert in-memory reserved quotas to real consumed quotas
1677 */
dquot_claim_space_nodirty(struct inode * inode,qsize_t number)1678 int dquot_claim_space_nodirty(struct inode *inode, qsize_t number)
1679 {
1680 int cnt;
1681
1682 if (!dquot_active(inode)) {
1683 inode_claim_rsv_space(inode, number);
1684 return 0;
1685 }
1686
1687 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1688 spin_lock(&dq_data_lock);
1689 /* Claim reserved quotas to allocated quotas */
1690 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1691 if (inode->i_dquot[cnt])
1692 dquot_claim_reserved_space(inode->i_dquot[cnt],
1693 number);
1694 }
1695 /* Update inode bytes */
1696 inode_claim_rsv_space(inode, number);
1697 spin_unlock(&dq_data_lock);
1698 mark_all_dquot_dirty(inode->i_dquot);
1699 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1700 return 0;
1701 }
1702 EXPORT_SYMBOL(dquot_claim_space_nodirty);
1703
1704 /*
1705 * This operation can block, but only after everything is updated
1706 */
__dquot_free_space(struct inode * inode,qsize_t number,int flags)1707 void __dquot_free_space(struct inode *inode, qsize_t number, int flags)
1708 {
1709 unsigned int cnt;
1710 struct dquot_warn warn[MAXQUOTAS];
1711 struct dquot **dquots = inode->i_dquot;
1712 int reserve = flags & DQUOT_SPACE_RESERVE;
1713
1714 /* First test before acquiring mutex - solves deadlocks when we
1715 * re-enter the quota code and are already holding the mutex */
1716 if (!dquot_active(inode)) {
1717 inode_decr_space(inode, number, reserve);
1718 return;
1719 }
1720
1721 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1722 spin_lock(&dq_data_lock);
1723 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1724 int wtype;
1725
1726 warn[cnt].w_type = QUOTA_NL_NOWARN;
1727 if (!dquots[cnt])
1728 continue;
1729 wtype = info_bdq_free(dquots[cnt], number);
1730 if (wtype != QUOTA_NL_NOWARN)
1731 prepare_warning(&warn[cnt], dquots[cnt], wtype);
1732 if (reserve)
1733 dquot_free_reserved_space(dquots[cnt], number);
1734 else
1735 dquot_decr_space(dquots[cnt], number);
1736 }
1737 inode_decr_space(inode, number, reserve);
1738 spin_unlock(&dq_data_lock);
1739
1740 if (reserve)
1741 goto out_unlock;
1742 mark_all_dquot_dirty(dquots);
1743 out_unlock:
1744 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1745 flush_warnings(warn);
1746 }
1747 EXPORT_SYMBOL(__dquot_free_space);
1748
1749 /*
1750 * This operation can block, but only after everything is updated
1751 */
dquot_free_inode(const struct inode * inode)1752 void dquot_free_inode(const struct inode *inode)
1753 {
1754 unsigned int cnt;
1755 struct dquot_warn warn[MAXQUOTAS];
1756 struct dquot * const *dquots = inode->i_dquot;
1757
1758 /* First test before acquiring mutex - solves deadlocks when we
1759 * re-enter the quota code and are already holding the mutex */
1760 if (!dquot_active(inode))
1761 return;
1762
1763 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1764 spin_lock(&dq_data_lock);
1765 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1766 int wtype;
1767
1768 warn[cnt].w_type = QUOTA_NL_NOWARN;
1769 if (!dquots[cnt])
1770 continue;
1771 wtype = info_idq_free(dquots[cnt], 1);
1772 if (wtype != QUOTA_NL_NOWARN)
1773 prepare_warning(&warn[cnt], dquots[cnt], wtype);
1774 dquot_decr_inodes(dquots[cnt], 1);
1775 }
1776 spin_unlock(&dq_data_lock);
1777 mark_all_dquot_dirty(dquots);
1778 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1779 flush_warnings(warn);
1780 }
1781 EXPORT_SYMBOL(dquot_free_inode);
1782
1783 /*
1784 * Transfer the number of inode and blocks from one diskquota to an other.
1785 * On success, dquot references in transfer_to are consumed and references
1786 * to original dquots that need to be released are placed there. On failure,
1787 * references are kept untouched.
1788 *
1789 * This operation can block, but only after everything is updated
1790 * A transaction must be started when entering this function.
1791 *
1792 */
__dquot_transfer(struct inode * inode,struct dquot ** transfer_to)1793 int __dquot_transfer(struct inode *inode, struct dquot **transfer_to)
1794 {
1795 qsize_t space, cur_space;
1796 qsize_t rsv_space = 0;
1797 struct dquot *transfer_from[MAXQUOTAS] = {};
1798 int cnt, ret = 0;
1799 char is_valid[MAXQUOTAS] = {};
1800 struct dquot_warn warn_to[MAXQUOTAS];
1801 struct dquot_warn warn_from_inodes[MAXQUOTAS];
1802 struct dquot_warn warn_from_space[MAXQUOTAS];
1803
1804 /* First test before acquiring mutex - solves deadlocks when we
1805 * re-enter the quota code and are already holding the mutex */
1806 if (IS_NOQUOTA(inode))
1807 return 0;
1808 /* Initialize the arrays */
1809 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1810 warn_to[cnt].w_type = QUOTA_NL_NOWARN;
1811 warn_from_inodes[cnt].w_type = QUOTA_NL_NOWARN;
1812 warn_from_space[cnt].w_type = QUOTA_NL_NOWARN;
1813 }
1814 down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1815 if (IS_NOQUOTA(inode)) { /* File without quota accounting? */
1816 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1817 return 0;
1818 }
1819 spin_lock(&dq_data_lock);
1820 cur_space = inode_get_bytes(inode);
1821 rsv_space = inode_get_rsv_space(inode);
1822 space = cur_space + rsv_space;
1823 /* Build the transfer_from list and check the limits */
1824 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1825 /*
1826 * Skip changes for same uid or gid or for turned off quota-type.
1827 */
1828 if (!transfer_to[cnt])
1829 continue;
1830 /* Avoid races with quotaoff() */
1831 if (!sb_has_quota_active(inode->i_sb, cnt))
1832 continue;
1833 is_valid[cnt] = 1;
1834 transfer_from[cnt] = inode->i_dquot[cnt];
1835 ret = check_idq(transfer_to[cnt], 1, &warn_to[cnt]);
1836 if (ret)
1837 goto over_quota;
1838 ret = check_bdq(transfer_to[cnt], space, 0, &warn_to[cnt]);
1839 if (ret)
1840 goto over_quota;
1841 }
1842
1843 /*
1844 * Finally perform the needed transfer from transfer_from to transfer_to
1845 */
1846 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1847 if (!is_valid[cnt])
1848 continue;
1849 /* Due to IO error we might not have transfer_from[] structure */
1850 if (transfer_from[cnt]) {
1851 int wtype;
1852 wtype = info_idq_free(transfer_from[cnt], 1);
1853 if (wtype != QUOTA_NL_NOWARN)
1854 prepare_warning(&warn_from_inodes[cnt],
1855 transfer_from[cnt], wtype);
1856 wtype = info_bdq_free(transfer_from[cnt], space);
1857 if (wtype != QUOTA_NL_NOWARN)
1858 prepare_warning(&warn_from_space[cnt],
1859 transfer_from[cnt], wtype);
1860 dquot_decr_inodes(transfer_from[cnt], 1);
1861 dquot_decr_space(transfer_from[cnt], cur_space);
1862 dquot_free_reserved_space(transfer_from[cnt],
1863 rsv_space);
1864 }
1865
1866 dquot_incr_inodes(transfer_to[cnt], 1);
1867 dquot_incr_space(transfer_to[cnt], cur_space);
1868 dquot_resv_space(transfer_to[cnt], rsv_space);
1869
1870 inode->i_dquot[cnt] = transfer_to[cnt];
1871 }
1872 spin_unlock(&dq_data_lock);
1873 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1874
1875 mark_all_dquot_dirty(transfer_from);
1876 mark_all_dquot_dirty(transfer_to);
1877 flush_warnings(warn_to);
1878 flush_warnings(warn_from_inodes);
1879 flush_warnings(warn_from_space);
1880 /* Pass back references to put */
1881 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1882 if (is_valid[cnt])
1883 transfer_to[cnt] = transfer_from[cnt];
1884 return 0;
1885 over_quota:
1886 spin_unlock(&dq_data_lock);
1887 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1888 flush_warnings(warn_to);
1889 return ret;
1890 }
1891 EXPORT_SYMBOL(__dquot_transfer);
1892
1893 /* Wrapper for transferring ownership of an inode for uid/gid only
1894 * Called from FSXXX_setattr()
1895 */
dquot_transfer(struct inode * inode,struct iattr * iattr)1896 int dquot_transfer(struct inode *inode, struct iattr *iattr)
1897 {
1898 struct dquot *transfer_to[MAXQUOTAS] = {};
1899 struct super_block *sb = inode->i_sb;
1900 int ret;
1901
1902 if (!dquot_active(inode))
1903 return 0;
1904
1905 if (iattr->ia_valid & ATTR_UID && !uid_eq(iattr->ia_uid, inode->i_uid))
1906 transfer_to[USRQUOTA] = dqget(sb, make_kqid_uid(iattr->ia_uid));
1907 if (iattr->ia_valid & ATTR_GID && !gid_eq(iattr->ia_gid, inode->i_gid))
1908 transfer_to[GRPQUOTA] = dqget(sb, make_kqid_gid(iattr->ia_gid));
1909
1910 ret = __dquot_transfer(inode, transfer_to);
1911 dqput_all(transfer_to);
1912 return ret;
1913 }
1914 EXPORT_SYMBOL(dquot_transfer);
1915
1916 /*
1917 * Write info of quota file to disk
1918 */
dquot_commit_info(struct super_block * sb,int type)1919 int dquot_commit_info(struct super_block *sb, int type)
1920 {
1921 int ret;
1922 struct quota_info *dqopt = sb_dqopt(sb);
1923
1924 mutex_lock(&dqopt->dqio_mutex);
1925 ret = dqopt->ops[type]->write_file_info(sb, type);
1926 mutex_unlock(&dqopt->dqio_mutex);
1927 return ret;
1928 }
1929 EXPORT_SYMBOL(dquot_commit_info);
1930
1931 /*
1932 * Definitions of diskquota operations.
1933 */
1934 const struct dquot_operations dquot_operations = {
1935 .write_dquot = dquot_commit,
1936 .acquire_dquot = dquot_acquire,
1937 .release_dquot = dquot_release,
1938 .mark_dirty = dquot_mark_dquot_dirty,
1939 .write_info = dquot_commit_info,
1940 .alloc_dquot = dquot_alloc,
1941 .destroy_dquot = dquot_destroy,
1942 };
1943 EXPORT_SYMBOL(dquot_operations);
1944
1945 /*
1946 * Generic helper for ->open on filesystems supporting disk quotas.
1947 */
dquot_file_open(struct inode * inode,struct file * file)1948 int dquot_file_open(struct inode *inode, struct file *file)
1949 {
1950 int error;
1951
1952 error = generic_file_open(inode, file);
1953 if (!error && (file->f_mode & FMODE_WRITE))
1954 dquot_initialize(inode);
1955 return error;
1956 }
1957 EXPORT_SYMBOL(dquot_file_open);
1958
1959 /*
1960 * Turn quota off on a device. type == -1 ==> quotaoff for all types (umount)
1961 */
dquot_disable(struct super_block * sb,int type,unsigned int flags)1962 int dquot_disable(struct super_block *sb, int type, unsigned int flags)
1963 {
1964 int cnt, ret = 0;
1965 struct quota_info *dqopt = sb_dqopt(sb);
1966 struct inode *toputinode[MAXQUOTAS];
1967
1968 /* Cannot turn off usage accounting without turning off limits, or
1969 * suspend quotas and simultaneously turn quotas off. */
1970 if ((flags & DQUOT_USAGE_ENABLED && !(flags & DQUOT_LIMITS_ENABLED))
1971 || (flags & DQUOT_SUSPENDED && flags & (DQUOT_LIMITS_ENABLED |
1972 DQUOT_USAGE_ENABLED)))
1973 return -EINVAL;
1974
1975 /* We need to serialize quota_off() for device */
1976 mutex_lock(&dqopt->dqonoff_mutex);
1977
1978 /*
1979 * Skip everything if there's nothing to do. We have to do this because
1980 * sometimes we are called when fill_super() failed and calling
1981 * sync_fs() in such cases does no good.
1982 */
1983 if (!sb_any_quota_loaded(sb)) {
1984 mutex_unlock(&dqopt->dqonoff_mutex);
1985 return 0;
1986 }
1987 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1988 toputinode[cnt] = NULL;
1989 if (type != -1 && cnt != type)
1990 continue;
1991 if (!sb_has_quota_loaded(sb, cnt))
1992 continue;
1993
1994 if (flags & DQUOT_SUSPENDED) {
1995 spin_lock(&dq_state_lock);
1996 dqopt->flags |=
1997 dquot_state_flag(DQUOT_SUSPENDED, cnt);
1998 spin_unlock(&dq_state_lock);
1999 } else {
2000 spin_lock(&dq_state_lock);
2001 dqopt->flags &= ~dquot_state_flag(flags, cnt);
2002 /* Turning off suspended quotas? */
2003 if (!sb_has_quota_loaded(sb, cnt) &&
2004 sb_has_quota_suspended(sb, cnt)) {
2005 dqopt->flags &= ~dquot_state_flag(
2006 DQUOT_SUSPENDED, cnt);
2007 spin_unlock(&dq_state_lock);
2008 iput(dqopt->files[cnt]);
2009 dqopt->files[cnt] = NULL;
2010 continue;
2011 }
2012 spin_unlock(&dq_state_lock);
2013 }
2014
2015 /* We still have to keep quota loaded? */
2016 if (sb_has_quota_loaded(sb, cnt) && !(flags & DQUOT_SUSPENDED))
2017 continue;
2018
2019 /* Note: these are blocking operations */
2020 drop_dquot_ref(sb, cnt);
2021 invalidate_dquots(sb, cnt);
2022 /*
2023 * Now all dquots should be invalidated, all writes done so we
2024 * should be only users of the info. No locks needed.
2025 */
2026 if (info_dirty(&dqopt->info[cnt]))
2027 sb->dq_op->write_info(sb, cnt);
2028 if (dqopt->ops[cnt]->free_file_info)
2029 dqopt->ops[cnt]->free_file_info(sb, cnt);
2030 put_quota_format(dqopt->info[cnt].dqi_format);
2031
2032 toputinode[cnt] = dqopt->files[cnt];
2033 if (!sb_has_quota_loaded(sb, cnt))
2034 dqopt->files[cnt] = NULL;
2035 dqopt->info[cnt].dqi_flags = 0;
2036 dqopt->info[cnt].dqi_igrace = 0;
2037 dqopt->info[cnt].dqi_bgrace = 0;
2038 dqopt->ops[cnt] = NULL;
2039 }
2040 mutex_unlock(&dqopt->dqonoff_mutex);
2041
2042 /* Skip syncing and setting flags if quota files are hidden */
2043 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
2044 goto put_inodes;
2045
2046 /* Sync the superblock so that buffers with quota data are written to
2047 * disk (and so userspace sees correct data afterwards). */
2048 if (sb->s_op->sync_fs)
2049 sb->s_op->sync_fs(sb, 1);
2050 sync_blockdev(sb->s_bdev);
2051 /* Now the quota files are just ordinary files and we can set the
2052 * inode flags back. Moreover we discard the pagecache so that
2053 * userspace sees the writes we did bypassing the pagecache. We
2054 * must also discard the blockdev buffers so that we see the
2055 * changes done by userspace on the next quotaon() */
2056 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2057 if (toputinode[cnt]) {
2058 mutex_lock(&dqopt->dqonoff_mutex);
2059 /* If quota was reenabled in the meantime, we have
2060 * nothing to do */
2061 if (!sb_has_quota_loaded(sb, cnt)) {
2062 mutex_lock(&toputinode[cnt]->i_mutex);
2063 toputinode[cnt]->i_flags &= ~(S_IMMUTABLE |
2064 S_NOATIME | S_NOQUOTA);
2065 truncate_inode_pages(&toputinode[cnt]->i_data,
2066 0);
2067 mutex_unlock(&toputinode[cnt]->i_mutex);
2068 mark_inode_dirty_sync(toputinode[cnt]);
2069 }
2070 mutex_unlock(&dqopt->dqonoff_mutex);
2071 }
2072 if (sb->s_bdev)
2073 invalidate_bdev(sb->s_bdev);
2074 put_inodes:
2075 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2076 if (toputinode[cnt]) {
2077 /* On remount RO, we keep the inode pointer so that we
2078 * can reenable quota on the subsequent remount RW. We
2079 * have to check 'flags' variable and not use sb_has_
2080 * function because another quotaon / quotaoff could
2081 * change global state before we got here. We refuse
2082 * to suspend quotas when there is pending delete on
2083 * the quota file... */
2084 if (!(flags & DQUOT_SUSPENDED))
2085 iput(toputinode[cnt]);
2086 else if (!toputinode[cnt]->i_nlink)
2087 ret = -EBUSY;
2088 }
2089 return ret;
2090 }
2091 EXPORT_SYMBOL(dquot_disable);
2092
dquot_quota_off(struct super_block * sb,int type)2093 int dquot_quota_off(struct super_block *sb, int type)
2094 {
2095 return dquot_disable(sb, type,
2096 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2097 }
2098 EXPORT_SYMBOL(dquot_quota_off);
2099
2100 /*
2101 * Turn quotas on on a device
2102 */
2103
2104 /*
2105 * Helper function to turn quotas on when we already have the inode of
2106 * quota file and no quota information is loaded.
2107 */
vfs_load_quota_inode(struct inode * inode,int type,int format_id,unsigned int flags)2108 static int vfs_load_quota_inode(struct inode *inode, int type, int format_id,
2109 unsigned int flags)
2110 {
2111 struct quota_format_type *fmt = find_quota_format(format_id);
2112 struct super_block *sb = inode->i_sb;
2113 struct quota_info *dqopt = sb_dqopt(sb);
2114 int error;
2115 int oldflags = -1;
2116
2117 if (!fmt)
2118 return -ESRCH;
2119 if (!S_ISREG(inode->i_mode)) {
2120 error = -EACCES;
2121 goto out_fmt;
2122 }
2123 if (IS_RDONLY(inode)) {
2124 error = -EROFS;
2125 goto out_fmt;
2126 }
2127 if (!sb->s_op->quota_write || !sb->s_op->quota_read) {
2128 error = -EINVAL;
2129 goto out_fmt;
2130 }
2131 /* Usage always has to be set... */
2132 if (!(flags & DQUOT_USAGE_ENABLED)) {
2133 error = -EINVAL;
2134 goto out_fmt;
2135 }
2136
2137 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2138 /* As we bypass the pagecache we must now flush all the
2139 * dirty data and invalidate caches so that kernel sees
2140 * changes from userspace. It is not enough to just flush
2141 * the quota file since if blocksize < pagesize, invalidation
2142 * of the cache could fail because of other unrelated dirty
2143 * data */
2144 sync_filesystem(sb);
2145 invalidate_bdev(sb->s_bdev);
2146 }
2147 mutex_lock(&dqopt->dqonoff_mutex);
2148 if (sb_has_quota_loaded(sb, type)) {
2149 error = -EBUSY;
2150 goto out_lock;
2151 }
2152
2153 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2154 /* We don't want quota and atime on quota files (deadlocks
2155 * possible) Also nobody should write to the file - we use
2156 * special IO operations which ignore the immutable bit. */
2157 mutex_lock(&inode->i_mutex);
2158 oldflags = inode->i_flags & (S_NOATIME | S_IMMUTABLE |
2159 S_NOQUOTA);
2160 inode->i_flags |= S_NOQUOTA | S_NOATIME | S_IMMUTABLE;
2161 mutex_unlock(&inode->i_mutex);
2162 /*
2163 * When S_NOQUOTA is set, remove dquot references as no more
2164 * references can be added
2165 */
2166 __dquot_drop(inode);
2167 }
2168
2169 error = -EIO;
2170 dqopt->files[type] = igrab(inode);
2171 if (!dqopt->files[type])
2172 goto out_lock;
2173 error = -EINVAL;
2174 if (!fmt->qf_ops->check_quota_file(sb, type))
2175 goto out_file_init;
2176
2177 dqopt->ops[type] = fmt->qf_ops;
2178 dqopt->info[type].dqi_format = fmt;
2179 dqopt->info[type].dqi_fmt_id = format_id;
2180 INIT_LIST_HEAD(&dqopt->info[type].dqi_dirty_list);
2181 mutex_lock(&dqopt->dqio_mutex);
2182 error = dqopt->ops[type]->read_file_info(sb, type);
2183 if (error < 0) {
2184 mutex_unlock(&dqopt->dqio_mutex);
2185 goto out_file_init;
2186 }
2187 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
2188 dqopt->info[type].dqi_flags |= DQF_SYS_FILE;
2189 mutex_unlock(&dqopt->dqio_mutex);
2190 spin_lock(&dq_state_lock);
2191 dqopt->flags |= dquot_state_flag(flags, type);
2192 spin_unlock(&dq_state_lock);
2193
2194 add_dquot_ref(sb, type);
2195 mutex_unlock(&dqopt->dqonoff_mutex);
2196
2197 return 0;
2198
2199 out_file_init:
2200 dqopt->files[type] = NULL;
2201 iput(inode);
2202 out_lock:
2203 if (oldflags != -1) {
2204 mutex_lock(&inode->i_mutex);
2205 /* Set the flags back (in the case of accidental quotaon()
2206 * on a wrong file we don't want to mess up the flags) */
2207 inode->i_flags &= ~(S_NOATIME | S_NOQUOTA | S_IMMUTABLE);
2208 inode->i_flags |= oldflags;
2209 mutex_unlock(&inode->i_mutex);
2210 }
2211 mutex_unlock(&dqopt->dqonoff_mutex);
2212 out_fmt:
2213 put_quota_format(fmt);
2214
2215 return error;
2216 }
2217
2218 /* Reenable quotas on remount RW */
dquot_resume(struct super_block * sb,int type)2219 int dquot_resume(struct super_block *sb, int type)
2220 {
2221 struct quota_info *dqopt = sb_dqopt(sb);
2222 struct inode *inode;
2223 int ret = 0, cnt;
2224 unsigned int flags;
2225
2226 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2227 if (type != -1 && cnt != type)
2228 continue;
2229
2230 mutex_lock(&dqopt->dqonoff_mutex);
2231 if (!sb_has_quota_suspended(sb, cnt)) {
2232 mutex_unlock(&dqopt->dqonoff_mutex);
2233 continue;
2234 }
2235 inode = dqopt->files[cnt];
2236 dqopt->files[cnt] = NULL;
2237 spin_lock(&dq_state_lock);
2238 flags = dqopt->flags & dquot_state_flag(DQUOT_USAGE_ENABLED |
2239 DQUOT_LIMITS_ENABLED,
2240 cnt);
2241 dqopt->flags &= ~dquot_state_flag(DQUOT_STATE_FLAGS, cnt);
2242 spin_unlock(&dq_state_lock);
2243 mutex_unlock(&dqopt->dqonoff_mutex);
2244
2245 flags = dquot_generic_flag(flags, cnt);
2246 ret = vfs_load_quota_inode(inode, cnt,
2247 dqopt->info[cnt].dqi_fmt_id, flags);
2248 iput(inode);
2249 }
2250
2251 return ret;
2252 }
2253 EXPORT_SYMBOL(dquot_resume);
2254
dquot_quota_on(struct super_block * sb,int type,int format_id,struct path * path)2255 int dquot_quota_on(struct super_block *sb, int type, int format_id,
2256 struct path *path)
2257 {
2258 int error = security_quota_on(path->dentry);
2259 if (error)
2260 return error;
2261 /* Quota file not on the same filesystem? */
2262 if (path->dentry->d_sb != sb)
2263 error = -EXDEV;
2264 else
2265 error = vfs_load_quota_inode(path->dentry->d_inode, type,
2266 format_id, DQUOT_USAGE_ENABLED |
2267 DQUOT_LIMITS_ENABLED);
2268 return error;
2269 }
2270 EXPORT_SYMBOL(dquot_quota_on);
2271
2272 /*
2273 * More powerful function for turning on quotas allowing setting
2274 * of individual quota flags
2275 */
dquot_enable(struct inode * inode,int type,int format_id,unsigned int flags)2276 int dquot_enable(struct inode *inode, int type, int format_id,
2277 unsigned int flags)
2278 {
2279 int ret = 0;
2280 struct super_block *sb = inode->i_sb;
2281 struct quota_info *dqopt = sb_dqopt(sb);
2282
2283 /* Just unsuspend quotas? */
2284 BUG_ON(flags & DQUOT_SUSPENDED);
2285
2286 if (!flags)
2287 return 0;
2288 /* Just updating flags needed? */
2289 if (sb_has_quota_loaded(sb, type)) {
2290 mutex_lock(&dqopt->dqonoff_mutex);
2291 /* Now do a reliable test... */
2292 if (!sb_has_quota_loaded(sb, type)) {
2293 mutex_unlock(&dqopt->dqonoff_mutex);
2294 goto load_quota;
2295 }
2296 if (flags & DQUOT_USAGE_ENABLED &&
2297 sb_has_quota_usage_enabled(sb, type)) {
2298 ret = -EBUSY;
2299 goto out_lock;
2300 }
2301 if (flags & DQUOT_LIMITS_ENABLED &&
2302 sb_has_quota_limits_enabled(sb, type)) {
2303 ret = -EBUSY;
2304 goto out_lock;
2305 }
2306 spin_lock(&dq_state_lock);
2307 sb_dqopt(sb)->flags |= dquot_state_flag(flags, type);
2308 spin_unlock(&dq_state_lock);
2309 out_lock:
2310 mutex_unlock(&dqopt->dqonoff_mutex);
2311 return ret;
2312 }
2313
2314 load_quota:
2315 return vfs_load_quota_inode(inode, type, format_id, flags);
2316 }
2317 EXPORT_SYMBOL(dquot_enable);
2318
2319 /*
2320 * This function is used when filesystem needs to initialize quotas
2321 * during mount time.
2322 */
dquot_quota_on_mount(struct super_block * sb,char * qf_name,int format_id,int type)2323 int dquot_quota_on_mount(struct super_block *sb, char *qf_name,
2324 int format_id, int type)
2325 {
2326 struct dentry *dentry;
2327 int error;
2328
2329 mutex_lock(&sb->s_root->d_inode->i_mutex);
2330 dentry = lookup_one_len(qf_name, sb->s_root, strlen(qf_name));
2331 mutex_unlock(&sb->s_root->d_inode->i_mutex);
2332 if (IS_ERR(dentry))
2333 return PTR_ERR(dentry);
2334
2335 if (!dentry->d_inode) {
2336 error = -ENOENT;
2337 goto out;
2338 }
2339
2340 error = security_quota_on(dentry);
2341 if (!error)
2342 error = vfs_load_quota_inode(dentry->d_inode, type, format_id,
2343 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2344
2345 out:
2346 dput(dentry);
2347 return error;
2348 }
2349 EXPORT_SYMBOL(dquot_quota_on_mount);
2350
qbtos(qsize_t blocks)2351 static inline qsize_t qbtos(qsize_t blocks)
2352 {
2353 return blocks << QIF_DQBLKSIZE_BITS;
2354 }
2355
stoqb(qsize_t space)2356 static inline qsize_t stoqb(qsize_t space)
2357 {
2358 return (space + QIF_DQBLKSIZE - 1) >> QIF_DQBLKSIZE_BITS;
2359 }
2360
2361 /* Generic routine for getting common part of quota structure */
do_get_dqblk(struct dquot * dquot,struct fs_disk_quota * di)2362 static void do_get_dqblk(struct dquot *dquot, struct fs_disk_quota *di)
2363 {
2364 struct mem_dqblk *dm = &dquot->dq_dqb;
2365
2366 memset(di, 0, sizeof(*di));
2367 di->d_version = FS_DQUOT_VERSION;
2368 di->d_flags = dquot->dq_id.type == USRQUOTA ?
2369 FS_USER_QUOTA : FS_GROUP_QUOTA;
2370 di->d_id = from_kqid_munged(current_user_ns(), dquot->dq_id);
2371
2372 spin_lock(&dq_data_lock);
2373 di->d_blk_hardlimit = stoqb(dm->dqb_bhardlimit);
2374 di->d_blk_softlimit = stoqb(dm->dqb_bsoftlimit);
2375 di->d_ino_hardlimit = dm->dqb_ihardlimit;
2376 di->d_ino_softlimit = dm->dqb_isoftlimit;
2377 di->d_bcount = dm->dqb_curspace + dm->dqb_rsvspace;
2378 di->d_icount = dm->dqb_curinodes;
2379 di->d_btimer = dm->dqb_btime;
2380 di->d_itimer = dm->dqb_itime;
2381 spin_unlock(&dq_data_lock);
2382 }
2383
dquot_get_dqblk(struct super_block * sb,struct kqid qid,struct fs_disk_quota * di)2384 int dquot_get_dqblk(struct super_block *sb, struct kqid qid,
2385 struct fs_disk_quota *di)
2386 {
2387 struct dquot *dquot;
2388
2389 dquot = dqget(sb, qid);
2390 if (!dquot)
2391 return -ESRCH;
2392 do_get_dqblk(dquot, di);
2393 dqput(dquot);
2394
2395 return 0;
2396 }
2397 EXPORT_SYMBOL(dquot_get_dqblk);
2398
2399 #define VFS_FS_DQ_MASK \
2400 (FS_DQ_BCOUNT | FS_DQ_BSOFT | FS_DQ_BHARD | \
2401 FS_DQ_ICOUNT | FS_DQ_ISOFT | FS_DQ_IHARD | \
2402 FS_DQ_BTIMER | FS_DQ_ITIMER)
2403
2404 /* Generic routine for setting common part of quota structure */
do_set_dqblk(struct dquot * dquot,struct fs_disk_quota * di)2405 static int do_set_dqblk(struct dquot *dquot, struct fs_disk_quota *di)
2406 {
2407 struct mem_dqblk *dm = &dquot->dq_dqb;
2408 int check_blim = 0, check_ilim = 0;
2409 struct mem_dqinfo *dqi = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
2410
2411 if (di->d_fieldmask & ~VFS_FS_DQ_MASK)
2412 return -EINVAL;
2413
2414 if (((di->d_fieldmask & FS_DQ_BSOFT) &&
2415 (di->d_blk_softlimit > dqi->dqi_maxblimit)) ||
2416 ((di->d_fieldmask & FS_DQ_BHARD) &&
2417 (di->d_blk_hardlimit > dqi->dqi_maxblimit)) ||
2418 ((di->d_fieldmask & FS_DQ_ISOFT) &&
2419 (di->d_ino_softlimit > dqi->dqi_maxilimit)) ||
2420 ((di->d_fieldmask & FS_DQ_IHARD) &&
2421 (di->d_ino_hardlimit > dqi->dqi_maxilimit)))
2422 return -ERANGE;
2423
2424 spin_lock(&dq_data_lock);
2425 if (di->d_fieldmask & FS_DQ_BCOUNT) {
2426 dm->dqb_curspace = di->d_bcount - dm->dqb_rsvspace;
2427 check_blim = 1;
2428 set_bit(DQ_LASTSET_B + QIF_SPACE_B, &dquot->dq_flags);
2429 }
2430
2431 if (di->d_fieldmask & FS_DQ_BSOFT)
2432 dm->dqb_bsoftlimit = qbtos(di->d_blk_softlimit);
2433 if (di->d_fieldmask & FS_DQ_BHARD)
2434 dm->dqb_bhardlimit = qbtos(di->d_blk_hardlimit);
2435 if (di->d_fieldmask & (FS_DQ_BSOFT | FS_DQ_BHARD)) {
2436 check_blim = 1;
2437 set_bit(DQ_LASTSET_B + QIF_BLIMITS_B, &dquot->dq_flags);
2438 }
2439
2440 if (di->d_fieldmask & FS_DQ_ICOUNT) {
2441 dm->dqb_curinodes = di->d_icount;
2442 check_ilim = 1;
2443 set_bit(DQ_LASTSET_B + QIF_INODES_B, &dquot->dq_flags);
2444 }
2445
2446 if (di->d_fieldmask & FS_DQ_ISOFT)
2447 dm->dqb_isoftlimit = di->d_ino_softlimit;
2448 if (di->d_fieldmask & FS_DQ_IHARD)
2449 dm->dqb_ihardlimit = di->d_ino_hardlimit;
2450 if (di->d_fieldmask & (FS_DQ_ISOFT | FS_DQ_IHARD)) {
2451 check_ilim = 1;
2452 set_bit(DQ_LASTSET_B + QIF_ILIMITS_B, &dquot->dq_flags);
2453 }
2454
2455 if (di->d_fieldmask & FS_DQ_BTIMER) {
2456 dm->dqb_btime = di->d_btimer;
2457 check_blim = 1;
2458 set_bit(DQ_LASTSET_B + QIF_BTIME_B, &dquot->dq_flags);
2459 }
2460
2461 if (di->d_fieldmask & FS_DQ_ITIMER) {
2462 dm->dqb_itime = di->d_itimer;
2463 check_ilim = 1;
2464 set_bit(DQ_LASTSET_B + QIF_ITIME_B, &dquot->dq_flags);
2465 }
2466
2467 if (check_blim) {
2468 if (!dm->dqb_bsoftlimit ||
2469 dm->dqb_curspace < dm->dqb_bsoftlimit) {
2470 dm->dqb_btime = 0;
2471 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
2472 } else if (!(di->d_fieldmask & FS_DQ_BTIMER))
2473 /* Set grace only if user hasn't provided his own... */
2474 dm->dqb_btime = get_seconds() + dqi->dqi_bgrace;
2475 }
2476 if (check_ilim) {
2477 if (!dm->dqb_isoftlimit ||
2478 dm->dqb_curinodes < dm->dqb_isoftlimit) {
2479 dm->dqb_itime = 0;
2480 clear_bit(DQ_INODES_B, &dquot->dq_flags);
2481 } else if (!(di->d_fieldmask & FS_DQ_ITIMER))
2482 /* Set grace only if user hasn't provided his own... */
2483 dm->dqb_itime = get_seconds() + dqi->dqi_igrace;
2484 }
2485 if (dm->dqb_bhardlimit || dm->dqb_bsoftlimit || dm->dqb_ihardlimit ||
2486 dm->dqb_isoftlimit)
2487 clear_bit(DQ_FAKE_B, &dquot->dq_flags);
2488 else
2489 set_bit(DQ_FAKE_B, &dquot->dq_flags);
2490 spin_unlock(&dq_data_lock);
2491 mark_dquot_dirty(dquot);
2492
2493 return 0;
2494 }
2495
dquot_set_dqblk(struct super_block * sb,struct kqid qid,struct fs_disk_quota * di)2496 int dquot_set_dqblk(struct super_block *sb, struct kqid qid,
2497 struct fs_disk_quota *di)
2498 {
2499 struct dquot *dquot;
2500 int rc;
2501
2502 dquot = dqget(sb, qid);
2503 if (!dquot) {
2504 rc = -ESRCH;
2505 goto out;
2506 }
2507 rc = do_set_dqblk(dquot, di);
2508 dqput(dquot);
2509 out:
2510 return rc;
2511 }
2512 EXPORT_SYMBOL(dquot_set_dqblk);
2513
2514 /* Generic routine for getting common part of quota file information */
dquot_get_dqinfo(struct super_block * sb,int type,struct if_dqinfo * ii)2515 int dquot_get_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii)
2516 {
2517 struct mem_dqinfo *mi;
2518
2519 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
2520 if (!sb_has_quota_active(sb, type)) {
2521 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
2522 return -ESRCH;
2523 }
2524 mi = sb_dqopt(sb)->info + type;
2525 spin_lock(&dq_data_lock);
2526 ii->dqi_bgrace = mi->dqi_bgrace;
2527 ii->dqi_igrace = mi->dqi_igrace;
2528 ii->dqi_flags = mi->dqi_flags & DQF_GETINFO_MASK;
2529 ii->dqi_valid = IIF_ALL;
2530 spin_unlock(&dq_data_lock);
2531 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
2532 return 0;
2533 }
2534 EXPORT_SYMBOL(dquot_get_dqinfo);
2535
2536 /* Generic routine for setting common part of quota file information */
dquot_set_dqinfo(struct super_block * sb,int type,struct if_dqinfo * ii)2537 int dquot_set_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii)
2538 {
2539 struct mem_dqinfo *mi;
2540 int err = 0;
2541
2542 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
2543 if (!sb_has_quota_active(sb, type)) {
2544 err = -ESRCH;
2545 goto out;
2546 }
2547 mi = sb_dqopt(sb)->info + type;
2548 spin_lock(&dq_data_lock);
2549 if (ii->dqi_valid & IIF_BGRACE)
2550 mi->dqi_bgrace = ii->dqi_bgrace;
2551 if (ii->dqi_valid & IIF_IGRACE)
2552 mi->dqi_igrace = ii->dqi_igrace;
2553 if (ii->dqi_valid & IIF_FLAGS)
2554 mi->dqi_flags = (mi->dqi_flags & ~DQF_SETINFO_MASK) |
2555 (ii->dqi_flags & DQF_SETINFO_MASK);
2556 spin_unlock(&dq_data_lock);
2557 mark_info_dirty(sb, type);
2558 /* Force write to disk */
2559 sb->dq_op->write_info(sb, type);
2560 out:
2561 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
2562 return err;
2563 }
2564 EXPORT_SYMBOL(dquot_set_dqinfo);
2565
2566 const struct quotactl_ops dquot_quotactl_ops = {
2567 .quota_on = dquot_quota_on,
2568 .quota_off = dquot_quota_off,
2569 .quota_sync = dquot_quota_sync,
2570 .get_info = dquot_get_dqinfo,
2571 .set_info = dquot_set_dqinfo,
2572 .get_dqblk = dquot_get_dqblk,
2573 .set_dqblk = dquot_set_dqblk
2574 };
2575 EXPORT_SYMBOL(dquot_quotactl_ops);
2576
do_proc_dqstats(struct ctl_table * table,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2577 static int do_proc_dqstats(struct ctl_table *table, int write,
2578 void __user *buffer, size_t *lenp, loff_t *ppos)
2579 {
2580 unsigned int type = (int *)table->data - dqstats.stat;
2581
2582 /* Update global table */
2583 dqstats.stat[type] =
2584 percpu_counter_sum_positive(&dqstats.counter[type]);
2585 return proc_dointvec(table, write, buffer, lenp, ppos);
2586 }
2587
2588 static ctl_table fs_dqstats_table[] = {
2589 {
2590 .procname = "lookups",
2591 .data = &dqstats.stat[DQST_LOOKUPS],
2592 .maxlen = sizeof(int),
2593 .mode = 0444,
2594 .proc_handler = do_proc_dqstats,
2595 },
2596 {
2597 .procname = "drops",
2598 .data = &dqstats.stat[DQST_DROPS],
2599 .maxlen = sizeof(int),
2600 .mode = 0444,
2601 .proc_handler = do_proc_dqstats,
2602 },
2603 {
2604 .procname = "reads",
2605 .data = &dqstats.stat[DQST_READS],
2606 .maxlen = sizeof(int),
2607 .mode = 0444,
2608 .proc_handler = do_proc_dqstats,
2609 },
2610 {
2611 .procname = "writes",
2612 .data = &dqstats.stat[DQST_WRITES],
2613 .maxlen = sizeof(int),
2614 .mode = 0444,
2615 .proc_handler = do_proc_dqstats,
2616 },
2617 {
2618 .procname = "cache_hits",
2619 .data = &dqstats.stat[DQST_CACHE_HITS],
2620 .maxlen = sizeof(int),
2621 .mode = 0444,
2622 .proc_handler = do_proc_dqstats,
2623 },
2624 {
2625 .procname = "allocated_dquots",
2626 .data = &dqstats.stat[DQST_ALLOC_DQUOTS],
2627 .maxlen = sizeof(int),
2628 .mode = 0444,
2629 .proc_handler = do_proc_dqstats,
2630 },
2631 {
2632 .procname = "free_dquots",
2633 .data = &dqstats.stat[DQST_FREE_DQUOTS],
2634 .maxlen = sizeof(int),
2635 .mode = 0444,
2636 .proc_handler = do_proc_dqstats,
2637 },
2638 {
2639 .procname = "syncs",
2640 .data = &dqstats.stat[DQST_SYNCS],
2641 .maxlen = sizeof(int),
2642 .mode = 0444,
2643 .proc_handler = do_proc_dqstats,
2644 },
2645 #ifdef CONFIG_PRINT_QUOTA_WARNING
2646 {
2647 .procname = "warnings",
2648 .data = &flag_print_warnings,
2649 .maxlen = sizeof(int),
2650 .mode = 0644,
2651 .proc_handler = proc_dointvec,
2652 },
2653 #endif
2654 { },
2655 };
2656
2657 static ctl_table fs_table[] = {
2658 {
2659 .procname = "quota",
2660 .mode = 0555,
2661 .child = fs_dqstats_table,
2662 },
2663 { },
2664 };
2665
2666 static ctl_table sys_table[] = {
2667 {
2668 .procname = "fs",
2669 .mode = 0555,
2670 .child = fs_table,
2671 },
2672 { },
2673 };
2674
dquot_init(void)2675 static int __init dquot_init(void)
2676 {
2677 int i, ret;
2678 unsigned long nr_hash, order;
2679
2680 printk(KERN_NOTICE "VFS: Disk quotas %s\n", __DQUOT_VERSION__);
2681
2682 register_sysctl_table(sys_table);
2683
2684 dquot_cachep = kmem_cache_create("dquot",
2685 sizeof(struct dquot), sizeof(unsigned long) * 4,
2686 (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT|
2687 SLAB_MEM_SPREAD|SLAB_PANIC),
2688 NULL);
2689
2690 order = 0;
2691 dquot_hash = (struct hlist_head *)__get_free_pages(GFP_ATOMIC, order);
2692 if (!dquot_hash)
2693 panic("Cannot create dquot hash table");
2694
2695 for (i = 0; i < _DQST_DQSTAT_LAST; i++) {
2696 ret = percpu_counter_init(&dqstats.counter[i], 0);
2697 if (ret)
2698 panic("Cannot create dquot stat counters");
2699 }
2700
2701 /* Find power-of-two hlist_heads which can fit into allocation */
2702 nr_hash = (1UL << order) * PAGE_SIZE / sizeof(struct hlist_head);
2703 dq_hash_bits = 0;
2704 do {
2705 dq_hash_bits++;
2706 } while (nr_hash >> dq_hash_bits);
2707 dq_hash_bits--;
2708
2709 nr_hash = 1UL << dq_hash_bits;
2710 dq_hash_mask = nr_hash - 1;
2711 for (i = 0; i < nr_hash; i++)
2712 INIT_HLIST_HEAD(dquot_hash + i);
2713
2714 printk("Dquot-cache hash table entries: %ld (order %ld, %ld bytes)\n",
2715 nr_hash, order, (PAGE_SIZE << order));
2716
2717 register_shrinker(&dqcache_shrinker);
2718
2719 return 0;
2720 }
2721 module_init(dquot_init);
2722