1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Copyright (c) 2000-2002 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6 #include "xfs.h"
7 #include "xfs_fs.h"
8 #include "xfs_shared.h"
9 #include "xfs_format.h"
10 #include "xfs_log_format.h"
11 #include "xfs_trans_resv.h"
12 #include "xfs_mount.h"
13 #include "xfs_inode.h"
14 #include "xfs_trans.h"
15 #include "xfs_trans_priv.h"
16 #include "xfs_quota.h"
17 #include "xfs_qm.h"
18 #include "xfs_trace.h"
19 #include "xfs_error.h"
20 #include "xfs_health.h"
21
22 STATIC void xfs_trans_alloc_dqinfo(xfs_trans_t *);
23
24 /*
25 * Add the locked dquot to the transaction.
26 * The dquot must be locked, and it cannot be associated with any
27 * transaction.
28 */
29 void
xfs_trans_dqjoin(struct xfs_trans * tp,struct xfs_dquot * dqp)30 xfs_trans_dqjoin(
31 struct xfs_trans *tp,
32 struct xfs_dquot *dqp)
33 {
34 ASSERT(XFS_DQ_IS_LOCKED(dqp));
35 ASSERT(dqp->q_logitem.qli_dquot == dqp);
36
37 /*
38 * Get a log_item_desc to point at the new item.
39 */
40 xfs_trans_add_item(tp, &dqp->q_logitem.qli_item);
41 }
42
43 /*
44 * This is called to mark the dquot as needing
45 * to be logged when the transaction is committed. The dquot must
46 * already be associated with the given transaction.
47 * Note that it marks the entire transaction as dirty. In the ordinary
48 * case, this gets called via xfs_trans_commit, after the transaction
49 * is already dirty. However, there's nothing stop this from getting
50 * called directly, as done by xfs_qm_scall_setqlim. Hence, the TRANS_DIRTY
51 * flag.
52 */
53 void
xfs_trans_log_dquot(struct xfs_trans * tp,struct xfs_dquot * dqp)54 xfs_trans_log_dquot(
55 struct xfs_trans *tp,
56 struct xfs_dquot *dqp)
57 {
58 ASSERT(XFS_DQ_IS_LOCKED(dqp));
59
60 /* Upgrade the dquot to bigtime format if possible. */
61 if (dqp->q_id != 0 &&
62 xfs_has_bigtime(tp->t_mountp) &&
63 !(dqp->q_type & XFS_DQTYPE_BIGTIME))
64 dqp->q_type |= XFS_DQTYPE_BIGTIME;
65
66 tp->t_flags |= XFS_TRANS_DIRTY;
67 set_bit(XFS_LI_DIRTY, &dqp->q_logitem.qli_item.li_flags);
68 }
69
70 /*
71 * Carry forward whatever is left of the quota blk reservation to
72 * the spanky new transaction
73 */
74 void
xfs_trans_dup_dqinfo(struct xfs_trans * otp,struct xfs_trans * ntp)75 xfs_trans_dup_dqinfo(
76 struct xfs_trans *otp,
77 struct xfs_trans *ntp)
78 {
79 struct xfs_dqtrx *oq, *nq;
80 int i, j;
81 struct xfs_dqtrx *oqa, *nqa;
82 uint64_t blk_res_used;
83
84 if (!otp->t_dqinfo)
85 return;
86
87 xfs_trans_alloc_dqinfo(ntp);
88
89 for (j = 0; j < XFS_QM_TRANS_DQTYPES; j++) {
90 oqa = otp->t_dqinfo->dqs[j];
91 nqa = ntp->t_dqinfo->dqs[j];
92 for (i = 0; i < XFS_QM_TRANS_MAXDQS; i++) {
93 blk_res_used = 0;
94
95 if (oqa[i].qt_dquot == NULL)
96 break;
97 oq = &oqa[i];
98 nq = &nqa[i];
99
100 if (oq->qt_blk_res && oq->qt_bcount_delta > 0)
101 blk_res_used = oq->qt_bcount_delta;
102
103 nq->qt_dquot = oq->qt_dquot;
104 nq->qt_bcount_delta = nq->qt_icount_delta = 0;
105 nq->qt_rtbcount_delta = 0;
106
107 /*
108 * Transfer whatever is left of the reservations.
109 */
110 nq->qt_blk_res = oq->qt_blk_res - blk_res_used;
111 oq->qt_blk_res = blk_res_used;
112
113 nq->qt_rtblk_res = oq->qt_rtblk_res -
114 oq->qt_rtblk_res_used;
115 oq->qt_rtblk_res = oq->qt_rtblk_res_used;
116
117 nq->qt_ino_res = oq->qt_ino_res - oq->qt_ino_res_used;
118 oq->qt_ino_res = oq->qt_ino_res_used;
119
120 }
121 }
122 }
123
124 #ifdef CONFIG_XFS_LIVE_HOOKS
125 /*
126 * Use a static key here to reduce the overhead of quota live updates. If the
127 * compiler supports jump labels, the static branch will be replaced by a nop
128 * sled when there are no hook users. Online fsck is currently the only
129 * caller, so this is a reasonable tradeoff.
130 *
131 * Note: Patching the kernel code requires taking the cpu hotplug lock. Other
132 * parts of the kernel allocate memory with that lock held, which means that
133 * XFS callers cannot hold any locks that might be used by memory reclaim or
134 * writeback when calling the static_branch_{inc,dec} functions.
135 */
136 DEFINE_STATIC_XFS_HOOK_SWITCH(xfs_dqtrx_hooks_switch);
137
138 void
xfs_dqtrx_hook_disable(void)139 xfs_dqtrx_hook_disable(void)
140 {
141 xfs_hooks_switch_off(&xfs_dqtrx_hooks_switch);
142 }
143
144 void
xfs_dqtrx_hook_enable(void)145 xfs_dqtrx_hook_enable(void)
146 {
147 xfs_hooks_switch_on(&xfs_dqtrx_hooks_switch);
148 }
149
150 /* Schedule a transactional dquot update on behalf of an inode. */
151 void
xfs_trans_mod_ino_dquot(struct xfs_trans * tp,struct xfs_inode * ip,struct xfs_dquot * dqp,unsigned int field,int64_t delta)152 xfs_trans_mod_ino_dquot(
153 struct xfs_trans *tp,
154 struct xfs_inode *ip,
155 struct xfs_dquot *dqp,
156 unsigned int field,
157 int64_t delta)
158 {
159 ASSERT(!xfs_is_metadir_inode(ip) || XFS_IS_DQDETACHED(ip));
160
161 xfs_trans_mod_dquot(tp, dqp, field, delta);
162
163 if (xfs_hooks_switched_on(&xfs_dqtrx_hooks_switch)) {
164 struct xfs_mod_ino_dqtrx_params p = {
165 .tx_id = (uintptr_t)tp,
166 .ino = ip->i_ino,
167 .q_type = xfs_dquot_type(dqp),
168 .q_id = dqp->q_id,
169 .delta = delta
170 };
171 struct xfs_quotainfo *qi = tp->t_mountp->m_quotainfo;
172
173 xfs_hooks_call(&qi->qi_mod_ino_dqtrx_hooks, field, &p);
174 }
175 }
176
177 /* Call the specified functions during a dquot counter update. */
178 int
xfs_dqtrx_hook_add(struct xfs_quotainfo * qi,struct xfs_dqtrx_hook * hook)179 xfs_dqtrx_hook_add(
180 struct xfs_quotainfo *qi,
181 struct xfs_dqtrx_hook *hook)
182 {
183 int error;
184
185 /*
186 * Transactional dquot updates first call the mod hook when changes
187 * are attached to the transaction and then call the apply hook when
188 * those changes are committed (or canceled).
189 *
190 * The apply hook must be installed before the mod hook so that we
191 * never fail to catch the end of a quota update sequence.
192 */
193 error = xfs_hooks_add(&qi->qi_apply_dqtrx_hooks, &hook->apply_hook);
194 if (error)
195 goto out;
196
197 error = xfs_hooks_add(&qi->qi_mod_ino_dqtrx_hooks, &hook->mod_hook);
198 if (error)
199 goto out_apply;
200
201 return 0;
202
203 out_apply:
204 xfs_hooks_del(&qi->qi_apply_dqtrx_hooks, &hook->apply_hook);
205 out:
206 return error;
207 }
208
209 /* Stop calling the specified function during a dquot counter update. */
210 void
xfs_dqtrx_hook_del(struct xfs_quotainfo * qi,struct xfs_dqtrx_hook * hook)211 xfs_dqtrx_hook_del(
212 struct xfs_quotainfo *qi,
213 struct xfs_dqtrx_hook *hook)
214 {
215 /*
216 * The mod hook must be removed before apply hook to avoid giving the
217 * hook consumer with an incomplete update. No hooks should be running
218 * after these functions return.
219 */
220 xfs_hooks_del(&qi->qi_mod_ino_dqtrx_hooks, &hook->mod_hook);
221 xfs_hooks_del(&qi->qi_apply_dqtrx_hooks, &hook->apply_hook);
222 }
223
224 /* Configure dquot update hook functions. */
225 void
xfs_dqtrx_hook_setup(struct xfs_dqtrx_hook * hook,notifier_fn_t mod_fn,notifier_fn_t apply_fn)226 xfs_dqtrx_hook_setup(
227 struct xfs_dqtrx_hook *hook,
228 notifier_fn_t mod_fn,
229 notifier_fn_t apply_fn)
230 {
231 xfs_hook_setup(&hook->mod_hook, mod_fn);
232 xfs_hook_setup(&hook->apply_hook, apply_fn);
233 }
234 #endif /* CONFIG_XFS_LIVE_HOOKS */
235
236 /*
237 * Wrap around mod_dquot to account for both user and group quotas.
238 */
239 void
xfs_trans_mod_dquot_byino(xfs_trans_t * tp,xfs_inode_t * ip,uint field,int64_t delta)240 xfs_trans_mod_dquot_byino(
241 xfs_trans_t *tp,
242 xfs_inode_t *ip,
243 uint field,
244 int64_t delta)
245 {
246 xfs_mount_t *mp = tp->t_mountp;
247
248 if (!XFS_IS_QUOTA_ON(mp) ||
249 xfs_is_quota_inode(&mp->m_sb, ip->i_ino))
250 return;
251
252 ASSERT(!xfs_is_metadir_inode(ip) || XFS_IS_DQDETACHED(ip));
253
254 if (XFS_IS_UQUOTA_ON(mp) && ip->i_udquot)
255 xfs_trans_mod_ino_dquot(tp, ip, ip->i_udquot, field, delta);
256 if (XFS_IS_GQUOTA_ON(mp) && ip->i_gdquot)
257 xfs_trans_mod_ino_dquot(tp, ip, ip->i_gdquot, field, delta);
258 if (XFS_IS_PQUOTA_ON(mp) && ip->i_pdquot)
259 xfs_trans_mod_ino_dquot(tp, ip, ip->i_pdquot, field, delta);
260 }
261
262 STATIC struct xfs_dqtrx *
xfs_trans_get_dqtrx(struct xfs_trans * tp,struct xfs_dquot * dqp)263 xfs_trans_get_dqtrx(
264 struct xfs_trans *tp,
265 struct xfs_dquot *dqp)
266 {
267 int i;
268 struct xfs_dqtrx *qa;
269
270 switch (xfs_dquot_type(dqp)) {
271 case XFS_DQTYPE_USER:
272 qa = tp->t_dqinfo->dqs[XFS_QM_TRANS_USR];
273 break;
274 case XFS_DQTYPE_GROUP:
275 qa = tp->t_dqinfo->dqs[XFS_QM_TRANS_GRP];
276 break;
277 case XFS_DQTYPE_PROJ:
278 qa = tp->t_dqinfo->dqs[XFS_QM_TRANS_PRJ];
279 break;
280 default:
281 return NULL;
282 }
283
284 for (i = 0; i < XFS_QM_TRANS_MAXDQS; i++) {
285 if (qa[i].qt_dquot == NULL ||
286 qa[i].qt_dquot == dqp)
287 return &qa[i];
288 }
289
290 return NULL;
291 }
292
293 /*
294 * Make the changes in the transaction structure.
295 * The moral equivalent to xfs_trans_mod_sb().
296 * We don't touch any fields in the dquot, so we don't care
297 * if it's locked or not (most of the time it won't be).
298 */
299 void
xfs_trans_mod_dquot(struct xfs_trans * tp,struct xfs_dquot * dqp,uint field,int64_t delta)300 xfs_trans_mod_dquot(
301 struct xfs_trans *tp,
302 struct xfs_dquot *dqp,
303 uint field,
304 int64_t delta)
305 {
306 struct xfs_dqtrx *qtrx;
307
308 ASSERT(tp);
309 ASSERT(XFS_IS_QUOTA_ON(tp->t_mountp));
310 qtrx = NULL;
311
312 if (!delta)
313 return;
314
315 if (tp->t_dqinfo == NULL)
316 xfs_trans_alloc_dqinfo(tp);
317 /*
318 * Find either the first free slot or the slot that belongs
319 * to this dquot.
320 */
321 qtrx = xfs_trans_get_dqtrx(tp, dqp);
322 ASSERT(qtrx);
323 if (qtrx->qt_dquot == NULL)
324 qtrx->qt_dquot = dqp;
325
326 trace_xfs_trans_mod_dquot_before(qtrx);
327 trace_xfs_trans_mod_dquot(tp, dqp, field, delta);
328
329 switch (field) {
330 /* regular disk blk reservation */
331 case XFS_TRANS_DQ_RES_BLKS:
332 qtrx->qt_blk_res += delta;
333 break;
334
335 /* inode reservation */
336 case XFS_TRANS_DQ_RES_INOS:
337 qtrx->qt_ino_res += delta;
338 break;
339
340 /* disk blocks used. */
341 case XFS_TRANS_DQ_BCOUNT:
342 qtrx->qt_bcount_delta += delta;
343 break;
344
345 case XFS_TRANS_DQ_DELBCOUNT:
346 qtrx->qt_delbcnt_delta += delta;
347 break;
348
349 /* Inode Count */
350 case XFS_TRANS_DQ_ICOUNT:
351 if (qtrx->qt_ino_res && delta > 0) {
352 qtrx->qt_ino_res_used += delta;
353 ASSERT(qtrx->qt_ino_res >= qtrx->qt_ino_res_used);
354 }
355 qtrx->qt_icount_delta += delta;
356 break;
357
358 /* rtblk reservation */
359 case XFS_TRANS_DQ_RES_RTBLKS:
360 qtrx->qt_rtblk_res += delta;
361 break;
362
363 /* rtblk count */
364 case XFS_TRANS_DQ_RTBCOUNT:
365 if (qtrx->qt_rtblk_res && delta > 0) {
366 qtrx->qt_rtblk_res_used += delta;
367 ASSERT(qtrx->qt_rtblk_res >= qtrx->qt_rtblk_res_used);
368 }
369 qtrx->qt_rtbcount_delta += delta;
370 break;
371
372 case XFS_TRANS_DQ_DELRTBCOUNT:
373 qtrx->qt_delrtb_delta += delta;
374 break;
375
376 default:
377 ASSERT(0);
378 }
379
380 trace_xfs_trans_mod_dquot_after(qtrx);
381 }
382
383
384 /*
385 * Given an array of dqtrx structures, lock all the dquots associated and join
386 * them to the transaction, provided they have been modified.
387 */
388 STATIC void
xfs_trans_dqlockedjoin(struct xfs_trans * tp,struct xfs_dqtrx * q)389 xfs_trans_dqlockedjoin(
390 struct xfs_trans *tp,
391 struct xfs_dqtrx *q)
392 {
393 unsigned int i;
394 ASSERT(q[0].qt_dquot != NULL);
395 if (q[1].qt_dquot == NULL) {
396 xfs_dqlock(q[0].qt_dquot);
397 xfs_trans_dqjoin(tp, q[0].qt_dquot);
398 } else if (q[2].qt_dquot == NULL) {
399 xfs_dqlock2(q[0].qt_dquot, q[1].qt_dquot);
400 xfs_trans_dqjoin(tp, q[0].qt_dquot);
401 xfs_trans_dqjoin(tp, q[1].qt_dquot);
402 } else {
403 xfs_dqlockn(q);
404 for (i = 0; i < XFS_QM_TRANS_MAXDQS; i++) {
405 if (q[i].qt_dquot == NULL)
406 break;
407 xfs_trans_dqjoin(tp, q[i].qt_dquot);
408 }
409 }
410 }
411
412 /* Apply dqtrx changes to the quota reservation counters. */
413 static inline void
xfs_apply_quota_reservation_deltas(struct xfs_dquot_res * res,uint64_t reserved,int64_t res_used,int64_t count_delta)414 xfs_apply_quota_reservation_deltas(
415 struct xfs_dquot_res *res,
416 uint64_t reserved,
417 int64_t res_used,
418 int64_t count_delta)
419 {
420 if (reserved != 0) {
421 /*
422 * Subtle math here: If reserved > res_used (the normal case),
423 * we're simply subtracting the unused transaction quota
424 * reservation from the dquot reservation.
425 *
426 * If, however, res_used > reserved, then we have allocated
427 * more quota blocks than were reserved for the transaction.
428 * We must add that excess to the dquot reservation since it
429 * tracks (usage + resv) and by definition we didn't reserve
430 * that excess.
431 */
432 res->reserved -= abs(reserved - res_used);
433 } else if (count_delta != 0) {
434 /*
435 * These blks were never reserved, either inside a transaction
436 * or outside one (in a delayed allocation). Also, this isn't
437 * always a negative number since we sometimes deliberately
438 * skip quota reservations.
439 */
440 res->reserved += count_delta;
441 }
442 }
443
444 #ifdef CONFIG_XFS_LIVE_HOOKS
445 /* Call downstream hooks now that it's time to apply dquot deltas. */
446 static inline void
xfs_trans_apply_dquot_deltas_hook(struct xfs_trans * tp,struct xfs_dquot * dqp)447 xfs_trans_apply_dquot_deltas_hook(
448 struct xfs_trans *tp,
449 struct xfs_dquot *dqp)
450 {
451 if (xfs_hooks_switched_on(&xfs_dqtrx_hooks_switch)) {
452 struct xfs_apply_dqtrx_params p = {
453 .tx_id = (uintptr_t)tp,
454 .q_type = xfs_dquot_type(dqp),
455 .q_id = dqp->q_id,
456 };
457 struct xfs_quotainfo *qi = tp->t_mountp->m_quotainfo;
458
459 xfs_hooks_call(&qi->qi_apply_dqtrx_hooks,
460 XFS_APPLY_DQTRX_COMMIT, &p);
461 }
462 }
463 #else
464 # define xfs_trans_apply_dquot_deltas_hook(tp, dqp) ((void)0)
465 #endif /* CONFIG_XFS_LIVE_HOOKS */
466
467 /*
468 * Called by xfs_trans_commit() and similar in spirit to
469 * xfs_trans_apply_sb_deltas().
470 * Go thru all the dquots belonging to this transaction and modify the
471 * INCORE dquot to reflect the actual usages.
472 * Unreserve just the reservations done by this transaction.
473 * dquot is still left locked at exit.
474 */
475 void
xfs_trans_apply_dquot_deltas(struct xfs_trans * tp)476 xfs_trans_apply_dquot_deltas(
477 struct xfs_trans *tp)
478 {
479 int i, j;
480 struct xfs_dquot *dqp;
481 struct xfs_dqtrx *qtrx, *qa;
482 int64_t totalbdelta;
483 int64_t totalrtbdelta;
484
485 if (!tp->t_dqinfo)
486 return;
487
488 ASSERT(tp->t_dqinfo);
489 for (j = 0; j < XFS_QM_TRANS_DQTYPES; j++) {
490 qa = tp->t_dqinfo->dqs[j];
491 if (qa[0].qt_dquot == NULL)
492 continue;
493
494 /*
495 * Lock all of the dquots and join them to the transaction.
496 */
497 xfs_trans_dqlockedjoin(tp, qa);
498
499 for (i = 0; i < XFS_QM_TRANS_MAXDQS; i++) {
500 uint64_t blk_res_used;
501
502 qtrx = &qa[i];
503 /*
504 * The array of dquots is filled
505 * sequentially, not sparsely.
506 */
507 if ((dqp = qtrx->qt_dquot) == NULL)
508 break;
509
510 ASSERT(XFS_DQ_IS_LOCKED(dqp));
511
512 xfs_trans_apply_dquot_deltas_hook(tp, dqp);
513
514 /*
515 * adjust the actual number of blocks used
516 */
517
518 /*
519 * The issue here is - sometimes we don't make a blkquota
520 * reservation intentionally to be fair to users
521 * (when the amount is small). On the other hand,
522 * delayed allocs do make reservations, but that's
523 * outside of a transaction, so we have no
524 * idea how much was really reserved.
525 * So, here we've accumulated delayed allocation blks and
526 * non-delay blks. The assumption is that the
527 * delayed ones are always reserved (outside of a
528 * transaction), and the others may or may not have
529 * quota reservations.
530 */
531 totalbdelta = qtrx->qt_bcount_delta +
532 qtrx->qt_delbcnt_delta;
533 totalrtbdelta = qtrx->qt_rtbcount_delta +
534 qtrx->qt_delrtb_delta;
535
536 if (totalbdelta != 0 || totalrtbdelta != 0 ||
537 qtrx->qt_icount_delta != 0) {
538 trace_xfs_trans_apply_dquot_deltas_before(dqp);
539 trace_xfs_trans_apply_dquot_deltas(qtrx);
540 }
541
542 #ifdef DEBUG
543 if (totalbdelta < 0)
544 ASSERT(dqp->q_blk.count >= -totalbdelta);
545
546 if (totalrtbdelta < 0)
547 ASSERT(dqp->q_rtb.count >= -totalrtbdelta);
548
549 if (qtrx->qt_icount_delta < 0)
550 ASSERT(dqp->q_ino.count >= -qtrx->qt_icount_delta);
551 #endif
552 if (totalbdelta)
553 dqp->q_blk.count += totalbdelta;
554
555 if (qtrx->qt_icount_delta)
556 dqp->q_ino.count += qtrx->qt_icount_delta;
557
558 if (totalrtbdelta)
559 dqp->q_rtb.count += totalrtbdelta;
560
561 if (totalbdelta != 0 || totalrtbdelta != 0 ||
562 qtrx->qt_icount_delta != 0)
563 trace_xfs_trans_apply_dquot_deltas_after(dqp);
564
565 /*
566 * Get any default limits in use.
567 * Start/reset the timer(s) if needed.
568 */
569 if (dqp->q_id) {
570 xfs_qm_adjust_dqlimits(dqp);
571 xfs_qm_adjust_dqtimers(dqp);
572 }
573
574 dqp->q_flags |= XFS_DQFLAG_DIRTY;
575 /*
576 * add this to the list of items to get logged
577 */
578 xfs_trans_log_dquot(tp, dqp);
579 /*
580 * Take off what's left of the original reservation.
581 * In case of delayed allocations, there's no
582 * reservation that a transaction structure knows of.
583 */
584 blk_res_used = max_t(int64_t, 0, qtrx->qt_bcount_delta);
585 xfs_apply_quota_reservation_deltas(&dqp->q_blk,
586 qtrx->qt_blk_res, blk_res_used,
587 qtrx->qt_bcount_delta);
588
589 /*
590 * Adjust the RT reservation.
591 */
592 xfs_apply_quota_reservation_deltas(&dqp->q_rtb,
593 qtrx->qt_rtblk_res,
594 qtrx->qt_rtblk_res_used,
595 qtrx->qt_rtbcount_delta);
596
597 /*
598 * Adjust the inode reservation.
599 */
600 ASSERT(qtrx->qt_ino_res >= qtrx->qt_ino_res_used);
601 xfs_apply_quota_reservation_deltas(&dqp->q_ino,
602 qtrx->qt_ino_res,
603 qtrx->qt_ino_res_used,
604 qtrx->qt_icount_delta);
605
606 ASSERT(dqp->q_blk.reserved >= dqp->q_blk.count);
607 ASSERT(dqp->q_ino.reserved >= dqp->q_ino.count);
608 ASSERT(dqp->q_rtb.reserved >= dqp->q_rtb.count);
609
610 /*
611 * We've applied the count changes and given back
612 * whatever reservation we didn't use. Zero out the
613 * dqtrx fields.
614 */
615 qtrx->qt_blk_res = 0;
616 qtrx->qt_bcount_delta = 0;
617 qtrx->qt_delbcnt_delta = 0;
618
619 qtrx->qt_rtblk_res = 0;
620 qtrx->qt_rtblk_res_used = 0;
621 qtrx->qt_rtbcount_delta = 0;
622 qtrx->qt_delrtb_delta = 0;
623
624 qtrx->qt_ino_res = 0;
625 qtrx->qt_ino_res_used = 0;
626 qtrx->qt_icount_delta = 0;
627 }
628 }
629 }
630
631 #ifdef CONFIG_XFS_LIVE_HOOKS
632 /* Call downstream hooks now that it's time to cancel dquot deltas. */
633 static inline void
xfs_trans_unreserve_and_mod_dquots_hook(struct xfs_trans * tp,struct xfs_dquot * dqp)634 xfs_trans_unreserve_and_mod_dquots_hook(
635 struct xfs_trans *tp,
636 struct xfs_dquot *dqp)
637 {
638 if (xfs_hooks_switched_on(&xfs_dqtrx_hooks_switch)) {
639 struct xfs_apply_dqtrx_params p = {
640 .tx_id = (uintptr_t)tp,
641 .q_type = xfs_dquot_type(dqp),
642 .q_id = dqp->q_id,
643 };
644 struct xfs_quotainfo *qi = tp->t_mountp->m_quotainfo;
645
646 xfs_hooks_call(&qi->qi_apply_dqtrx_hooks,
647 XFS_APPLY_DQTRX_UNRESERVE, &p);
648 }
649 }
650 #else
651 # define xfs_trans_unreserve_and_mod_dquots_hook(tp, dqp) ((void)0)
652 #endif /* CONFIG_XFS_LIVE_HOOKS */
653
654 /*
655 * Release the reservations, and adjust the dquots accordingly.
656 * This is called only when the transaction is being aborted. If by
657 * any chance we have done dquot modifications incore (ie. deltas) already,
658 * we simply throw those away, since that's the expected behavior
659 * when a transaction is curtailed without a commit.
660 */
661 void
xfs_trans_unreserve_and_mod_dquots(struct xfs_trans * tp,bool already_locked)662 xfs_trans_unreserve_and_mod_dquots(
663 struct xfs_trans *tp,
664 bool already_locked)
665 {
666 int i, j;
667 struct xfs_dquot *dqp;
668 struct xfs_dqtrx *qtrx, *qa;
669 bool locked;
670
671 if (!tp->t_dqinfo)
672 return;
673
674 for (j = 0; j < XFS_QM_TRANS_DQTYPES; j++) {
675 qa = tp->t_dqinfo->dqs[j];
676
677 for (i = 0; i < XFS_QM_TRANS_MAXDQS; i++) {
678 qtrx = &qa[i];
679 /*
680 * We assume that the array of dquots is filled
681 * sequentially, not sparsely.
682 */
683 if ((dqp = qtrx->qt_dquot) == NULL)
684 break;
685
686 xfs_trans_unreserve_and_mod_dquots_hook(tp, dqp);
687
688 /*
689 * Unreserve the original reservation. We don't care
690 * about the number of blocks used field, or deltas.
691 * Also we don't bother to zero the fields.
692 */
693 locked = already_locked;
694 if (qtrx->qt_blk_res) {
695 if (!locked) {
696 xfs_dqlock(dqp);
697 locked = true;
698 }
699 dqp->q_blk.reserved -=
700 (xfs_qcnt_t)qtrx->qt_blk_res;
701 }
702 if (qtrx->qt_ino_res) {
703 if (!locked) {
704 xfs_dqlock(dqp);
705 locked = true;
706 }
707 dqp->q_ino.reserved -=
708 (xfs_qcnt_t)qtrx->qt_ino_res;
709 }
710
711 if (qtrx->qt_rtblk_res) {
712 if (!locked) {
713 xfs_dqlock(dqp);
714 locked = true;
715 }
716 dqp->q_rtb.reserved -=
717 (xfs_qcnt_t)qtrx->qt_rtblk_res;
718 }
719 if (locked && !already_locked)
720 xfs_dqunlock(dqp);
721
722 }
723 }
724 }
725
726 STATIC void
xfs_quota_warn(struct xfs_mount * mp,struct xfs_dquot * dqp,int type)727 xfs_quota_warn(
728 struct xfs_mount *mp,
729 struct xfs_dquot *dqp,
730 int type)
731 {
732 enum quota_type qtype;
733
734 switch (xfs_dquot_type(dqp)) {
735 case XFS_DQTYPE_PROJ:
736 qtype = PRJQUOTA;
737 break;
738 case XFS_DQTYPE_USER:
739 qtype = USRQUOTA;
740 break;
741 case XFS_DQTYPE_GROUP:
742 qtype = GRPQUOTA;
743 break;
744 default:
745 return;
746 }
747
748 quota_send_warning(make_kqid(&init_user_ns, qtype, dqp->q_id),
749 mp->m_super->s_dev, type);
750 }
751
752 /*
753 * Decide if we can make an additional reservation against a quota resource.
754 * Returns an inode QUOTA_NL_ warning code and whether or not it's fatal.
755 *
756 * Note that we assume that the numeric difference between the inode and block
757 * warning codes will always be 3 since it's userspace ABI now, and will never
758 * decrease the quota reservation, so the *BELOW messages are irrelevant.
759 */
760 static inline int
xfs_dqresv_check(struct xfs_dquot_res * res,struct xfs_quota_limits * qlim,int64_t delta,bool * fatal)761 xfs_dqresv_check(
762 struct xfs_dquot_res *res,
763 struct xfs_quota_limits *qlim,
764 int64_t delta,
765 bool *fatal)
766 {
767 xfs_qcnt_t hardlimit = res->hardlimit;
768 xfs_qcnt_t softlimit = res->softlimit;
769 xfs_qcnt_t total_count = res->reserved + delta;
770
771 BUILD_BUG_ON(QUOTA_NL_BHARDWARN != QUOTA_NL_IHARDWARN + 3);
772 BUILD_BUG_ON(QUOTA_NL_BSOFTLONGWARN != QUOTA_NL_ISOFTLONGWARN + 3);
773 BUILD_BUG_ON(QUOTA_NL_BSOFTWARN != QUOTA_NL_ISOFTWARN + 3);
774
775 *fatal = false;
776 if (delta <= 0)
777 return QUOTA_NL_NOWARN;
778
779 if (!hardlimit)
780 hardlimit = qlim->hard;
781 if (!softlimit)
782 softlimit = qlim->soft;
783
784 if (hardlimit && total_count > hardlimit) {
785 *fatal = true;
786 return QUOTA_NL_IHARDWARN;
787 }
788
789 if (softlimit && total_count > softlimit) {
790 time64_t now = ktime_get_real_seconds();
791
792 if (res->timer != 0 && now > res->timer) {
793 *fatal = true;
794 return QUOTA_NL_ISOFTLONGWARN;
795 }
796
797 return QUOTA_NL_ISOFTWARN;
798 }
799
800 return QUOTA_NL_NOWARN;
801 }
802
803 /*
804 * This reserves disk blocks and inodes against a dquot.
805 * Flags indicate if the dquot is to be locked here and also
806 * if the blk reservation is for RT or regular blocks.
807 * Sending in XFS_QMOPT_FORCE_RES flag skips the quota check.
808 */
809 STATIC int
xfs_trans_dqresv(struct xfs_trans * tp,struct xfs_mount * mp,struct xfs_dquot * dqp,int64_t nblks,long ninos,uint flags)810 xfs_trans_dqresv(
811 struct xfs_trans *tp,
812 struct xfs_mount *mp,
813 struct xfs_dquot *dqp,
814 int64_t nblks,
815 long ninos,
816 uint flags)
817 {
818 struct xfs_quotainfo *q = mp->m_quotainfo;
819 struct xfs_def_quota *defq;
820 struct xfs_dquot_res *blkres;
821 struct xfs_quota_limits *qlim;
822
823 xfs_dqlock(dqp);
824
825 defq = xfs_get_defquota(q, xfs_dquot_type(dqp));
826
827 if (flags & XFS_TRANS_DQ_RES_BLKS) {
828 blkres = &dqp->q_blk;
829 qlim = &defq->blk;
830 } else {
831 blkres = &dqp->q_rtb;
832 qlim = &defq->rtb;
833 }
834
835 if ((flags & XFS_QMOPT_FORCE_RES) == 0 && dqp->q_id &&
836 xfs_dquot_is_enforced(dqp)) {
837 int quota_nl;
838 bool fatal;
839
840 /*
841 * dquot is locked already. See if we'd go over the hardlimit
842 * or exceed the timelimit if we'd reserve resources.
843 */
844 quota_nl = xfs_dqresv_check(blkres, qlim, nblks, &fatal);
845 if (quota_nl != QUOTA_NL_NOWARN) {
846 /*
847 * Quota block warning codes are 3 more than the inode
848 * codes, which we check above.
849 */
850 xfs_quota_warn(mp, dqp, quota_nl + 3);
851 if (fatal)
852 goto error_return;
853 }
854
855 quota_nl = xfs_dqresv_check(&dqp->q_ino, &defq->ino, ninos,
856 &fatal);
857 if (quota_nl != QUOTA_NL_NOWARN) {
858 xfs_quota_warn(mp, dqp, quota_nl);
859 if (fatal)
860 goto error_return;
861 }
862 }
863
864 /*
865 * Change the reservation, but not the actual usage.
866 * Note that q_blk.reserved = q_blk.count + resv
867 */
868 blkres->reserved += (xfs_qcnt_t)nblks;
869 dqp->q_ino.reserved += (xfs_qcnt_t)ninos;
870
871 /*
872 * note the reservation amt in the trans struct too,
873 * so that the transaction knows how much was reserved by
874 * it against this particular dquot.
875 * We don't do this when we are reserving for a delayed allocation,
876 * because we don't have the luxury of a transaction envelope then.
877 */
878 if (tp) {
879 ASSERT(flags & XFS_QMOPT_RESBLK_MASK);
880 xfs_trans_mod_dquot(tp, dqp, flags & XFS_QMOPT_RESBLK_MASK,
881 nblks);
882 xfs_trans_mod_dquot(tp, dqp, XFS_TRANS_DQ_RES_INOS, ninos);
883 }
884
885 if (XFS_IS_CORRUPT(mp, dqp->q_blk.reserved < dqp->q_blk.count) ||
886 XFS_IS_CORRUPT(mp, dqp->q_rtb.reserved < dqp->q_rtb.count) ||
887 XFS_IS_CORRUPT(mp, dqp->q_ino.reserved < dqp->q_ino.count))
888 goto error_corrupt;
889
890 xfs_dqunlock(dqp);
891 return 0;
892
893 error_return:
894 xfs_dqunlock(dqp);
895 if (xfs_dquot_type(dqp) == XFS_DQTYPE_PROJ)
896 return -ENOSPC;
897 return -EDQUOT;
898 error_corrupt:
899 xfs_dqunlock(dqp);
900 xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_INCORE);
901 xfs_fs_mark_sick(mp, XFS_SICK_FS_QUOTACHECK);
902 return -EFSCORRUPTED;
903 }
904
905
906 /*
907 * Given dquot(s), make disk block and/or inode reservations against them.
908 * The fact that this does the reservation against user, group and
909 * project quotas is important, because this follows a all-or-nothing
910 * approach.
911 *
912 * flags = XFS_QMOPT_FORCE_RES evades limit enforcement. Used by chown.
913 * XFS_QMOPT_ENOSPC returns ENOSPC not EDQUOT. Used by pquota.
914 * XFS_TRANS_DQ_RES_BLKS reserves regular disk blocks
915 * XFS_TRANS_DQ_RES_RTBLKS reserves realtime disk blocks
916 * dquots are unlocked on return, if they were not locked by caller.
917 */
918 int
xfs_trans_reserve_quota_bydquots(struct xfs_trans * tp,struct xfs_mount * mp,struct xfs_dquot * udqp,struct xfs_dquot * gdqp,struct xfs_dquot * pdqp,int64_t nblks,long ninos,uint flags)919 xfs_trans_reserve_quota_bydquots(
920 struct xfs_trans *tp,
921 struct xfs_mount *mp,
922 struct xfs_dquot *udqp,
923 struct xfs_dquot *gdqp,
924 struct xfs_dquot *pdqp,
925 int64_t nblks,
926 long ninos,
927 uint flags)
928 {
929 int error;
930
931 if (!XFS_IS_QUOTA_ON(mp))
932 return 0;
933
934 ASSERT(flags & XFS_QMOPT_RESBLK_MASK);
935
936 if (udqp) {
937 error = xfs_trans_dqresv(tp, mp, udqp, nblks, ninos, flags);
938 if (error)
939 return error;
940 }
941
942 if (gdqp) {
943 error = xfs_trans_dqresv(tp, mp, gdqp, nblks, ninos, flags);
944 if (error)
945 goto unwind_usr;
946 }
947
948 if (pdqp) {
949 error = xfs_trans_dqresv(tp, mp, pdqp, nblks, ninos, flags);
950 if (error)
951 goto unwind_grp;
952 }
953
954 /*
955 * Didn't change anything critical, so, no need to log
956 */
957 return 0;
958
959 unwind_grp:
960 flags |= XFS_QMOPT_FORCE_RES;
961 if (gdqp)
962 xfs_trans_dqresv(tp, mp, gdqp, -nblks, -ninos, flags);
963 unwind_usr:
964 flags |= XFS_QMOPT_FORCE_RES;
965 if (udqp)
966 xfs_trans_dqresv(tp, mp, udqp, -nblks, -ninos, flags);
967 return error;
968 }
969
970
971 /*
972 * Lock the dquot and change the reservation if we can.
973 * This doesn't change the actual usage, just the reservation.
974 * The inode sent in is locked.
975 */
976 int
xfs_trans_reserve_quota_nblks(struct xfs_trans * tp,struct xfs_inode * ip,int64_t dblocks,int64_t rblocks,bool force)977 xfs_trans_reserve_quota_nblks(
978 struct xfs_trans *tp,
979 struct xfs_inode *ip,
980 int64_t dblocks,
981 int64_t rblocks,
982 bool force)
983 {
984 struct xfs_mount *mp = ip->i_mount;
985 unsigned int qflags = 0;
986 int error;
987
988 if (!XFS_IS_QUOTA_ON(mp))
989 return 0;
990 if (xfs_is_metadir_inode(ip))
991 return 0;
992
993 ASSERT(!xfs_is_quota_inode(&mp->m_sb, ip->i_ino));
994 xfs_assert_ilocked(ip, XFS_ILOCK_EXCL);
995
996 if (force)
997 qflags |= XFS_QMOPT_FORCE_RES;
998
999 /* Reserve data device quota against the inode's dquots. */
1000 error = xfs_trans_reserve_quota_bydquots(tp, mp, ip->i_udquot,
1001 ip->i_gdquot, ip->i_pdquot, dblocks, 0,
1002 XFS_QMOPT_RES_REGBLKS | qflags);
1003 if (error)
1004 return error;
1005
1006 /* Do the same but for realtime blocks. */
1007 error = xfs_trans_reserve_quota_bydquots(tp, mp, ip->i_udquot,
1008 ip->i_gdquot, ip->i_pdquot, rblocks, 0,
1009 XFS_QMOPT_RES_RTBLKS | qflags);
1010 if (error) {
1011 xfs_trans_reserve_quota_bydquots(tp, mp, ip->i_udquot,
1012 ip->i_gdquot, ip->i_pdquot, -dblocks, 0,
1013 XFS_QMOPT_RES_REGBLKS);
1014 return error;
1015 }
1016
1017 return 0;
1018 }
1019
1020 /* Change the quota reservations for an inode creation activity. */
1021 int
xfs_trans_reserve_quota_icreate(struct xfs_trans * tp,struct xfs_dquot * udqp,struct xfs_dquot * gdqp,struct xfs_dquot * pdqp,int64_t dblocks)1022 xfs_trans_reserve_quota_icreate(
1023 struct xfs_trans *tp,
1024 struct xfs_dquot *udqp,
1025 struct xfs_dquot *gdqp,
1026 struct xfs_dquot *pdqp,
1027 int64_t dblocks)
1028 {
1029 struct xfs_mount *mp = tp->t_mountp;
1030
1031 if (!XFS_IS_QUOTA_ON(mp))
1032 return 0;
1033
1034 return xfs_trans_reserve_quota_bydquots(tp, mp, udqp, gdqp, pdqp,
1035 dblocks, 1, XFS_QMOPT_RES_REGBLKS);
1036 }
1037
1038 STATIC void
xfs_trans_alloc_dqinfo(xfs_trans_t * tp)1039 xfs_trans_alloc_dqinfo(
1040 xfs_trans_t *tp)
1041 {
1042 tp->t_dqinfo = kmem_cache_zalloc(xfs_dqtrx_cache,
1043 GFP_KERNEL | __GFP_NOFAIL);
1044 }
1045
1046 void
xfs_trans_free_dqinfo(xfs_trans_t * tp)1047 xfs_trans_free_dqinfo(
1048 xfs_trans_t *tp)
1049 {
1050 if (!tp->t_dqinfo)
1051 return;
1052 kmem_cache_free(xfs_dqtrx_cache, tp->t_dqinfo);
1053 tp->t_dqinfo = NULL;
1054 }
1055
1056 int
xfs_quota_reserve_blkres(struct xfs_inode * ip,int64_t blocks)1057 xfs_quota_reserve_blkres(
1058 struct xfs_inode *ip,
1059 int64_t blocks)
1060 {
1061 if (XFS_IS_REALTIME_INODE(ip))
1062 return xfs_trans_reserve_quota_nblks(NULL, ip, 0, blocks,
1063 false);
1064 return xfs_trans_reserve_quota_nblks(NULL, ip, blocks, 0, false);
1065 }
1066