1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2008 Dag-Erling Coïdan Smørgrav 5 * Copyright (c) 2008 Marshall Kirk McKusick 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer 13 * in this position and unchanged. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * $FreeBSD$ 31 */ 32 33 #include <sys/types.h> 34 #include <sys/endian.h> 35 #include <sys/mount.h> 36 #include <sys/stat.h> 37 38 #include <ufs/ufs/quota.h> 39 40 #include <errno.h> 41 #include <fcntl.h> 42 #include <fstab.h> 43 #include <grp.h> 44 #include <pwd.h> 45 #include <libutil.h> 46 #include <stdint.h> 47 #include <stdio.h> 48 #include <stdlib.h> 49 #include <string.h> 50 #include <unistd.h> 51 52 struct quotafile { 53 int fd; /* -1 means using quotactl for access */ 54 int accmode; /* access mode */ 55 int wordsize; /* 32-bit or 64-bit limits */ 56 int quotatype; /* USRQUOTA or GRPQUOTA */ 57 dev_t dev; /* device */ 58 char fsname[MAXPATHLEN + 1]; /* mount point of filesystem */ 59 char qfname[MAXPATHLEN + 1]; /* quota file if not using quotactl */ 60 }; 61 62 static const char *qfextension[] = INITQFNAMES; 63 64 /* 65 * Check to see if a particular quota is to be enabled. 66 */ 67 static int 68 hasquota(struct fstab *fs, int type, char *qfnamep, int qfbufsize) 69 { 70 char *opt; 71 char *cp; 72 struct statfs sfb; 73 char buf[BUFSIZ]; 74 static char initname, usrname[100], grpname[100]; 75 76 /* 77 * 1) we only need one of these 78 * 2) fstab may specify a different filename 79 */ 80 if (!initname) { 81 (void)snprintf(usrname, sizeof(usrname), "%s%s", 82 qfextension[USRQUOTA], QUOTAFILENAME); 83 (void)snprintf(grpname, sizeof(grpname), "%s%s", 84 qfextension[GRPQUOTA], QUOTAFILENAME); 85 initname = 1; 86 } 87 strcpy(buf, fs->fs_mntops); 88 for (opt = strtok(buf, ","); opt; opt = strtok(NULL, ",")) { 89 if ((cp = strchr(opt, '='))) 90 *cp++ = '\0'; 91 if (type == USRQUOTA && strcmp(opt, usrname) == 0) 92 break; 93 if (type == GRPQUOTA && strcmp(opt, grpname) == 0) 94 break; 95 } 96 if (!opt) 97 return (0); 98 /* 99 * Ensure that the filesystem is mounted. 100 */ 101 if (statfs(fs->fs_file, &sfb) != 0 || 102 strcmp(fs->fs_file, sfb.f_mntonname)) { 103 return (0); 104 } 105 if (cp) { 106 strncpy(qfnamep, cp, qfbufsize); 107 } else { 108 (void)snprintf(qfnamep, qfbufsize, "%s/%s.%s", fs->fs_file, 109 QUOTAFILENAME, qfextension[type]); 110 } 111 return (1); 112 } 113 114 struct quotafile * 115 quota_open(struct fstab *fs, int quotatype, int openflags) 116 { 117 struct quotafile *qf; 118 struct dqhdr64 dqh; 119 struct group *grp; 120 struct stat st; 121 int qcmd, serrno; 122 123 if ((qf = calloc(1, sizeof(*qf))) == NULL) 124 return (NULL); 125 qf->fd = -1; 126 qf->quotatype = quotatype; 127 strlcpy(qf->fsname, fs->fs_file, sizeof(qf->fsname)); 128 if (stat(qf->fsname, &st) != 0) 129 goto error; 130 qf->dev = st.st_dev; 131 qcmd = QCMD(Q_GETQUOTASIZE, quotatype); 132 if (quotactl(qf->fsname, qcmd, 0, &qf->wordsize) == 0) 133 return (qf); 134 /* We only check the quota file for ufs */ 135 if (strcmp(fs->fs_vfstype, "ufs")) { 136 errno = 0; 137 goto error; 138 } 139 serrno = hasquota(fs, quotatype, qf->qfname, sizeof(qf->qfname)); 140 if (serrno == 0) { 141 errno = EOPNOTSUPP; 142 goto error; 143 } 144 qf->accmode = openflags & O_ACCMODE; 145 if ((qf->fd = open(qf->qfname, qf->accmode|O_CLOEXEC)) < 0 && 146 (openflags & O_CREAT) != O_CREAT) 147 goto error; 148 /* File open worked, so process it */ 149 if (qf->fd != -1) { 150 qf->wordsize = 32; 151 switch (read(qf->fd, &dqh, sizeof(dqh))) { 152 case -1: 153 goto error; 154 case sizeof(dqh): 155 if (strcmp(dqh.dqh_magic, Q_DQHDR64_MAGIC) != 0) { 156 /* no magic, assume 32 bits */ 157 qf->wordsize = 32; 158 return (qf); 159 } 160 if (be32toh(dqh.dqh_version) != Q_DQHDR64_VERSION || 161 be32toh(dqh.dqh_hdrlen) != sizeof(struct dqhdr64) || 162 be32toh(dqh.dqh_reclen) != sizeof(struct dqblk64)) { 163 /* correct magic, wrong version / lengths */ 164 errno = EINVAL; 165 goto error; 166 } 167 qf->wordsize = 64; 168 return (qf); 169 default: 170 qf->wordsize = 32; 171 return (qf); 172 } 173 /* not reached */ 174 } 175 /* open failed, but O_CREAT was specified, so create a new file */ 176 if ((qf->fd = open(qf->qfname, O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC, 0)) < 177 0) 178 goto error; 179 qf->wordsize = 64; 180 memset(&dqh, 0, sizeof(dqh)); 181 memcpy(dqh.dqh_magic, Q_DQHDR64_MAGIC, sizeof(dqh.dqh_magic)); 182 dqh.dqh_version = htobe32(Q_DQHDR64_VERSION); 183 dqh.dqh_hdrlen = htobe32(sizeof(struct dqhdr64)); 184 dqh.dqh_reclen = htobe32(sizeof(struct dqblk64)); 185 if (write(qf->fd, &dqh, sizeof(dqh)) != sizeof(dqh)) { 186 /* it was one we created ourselves */ 187 unlink(qf->qfname); 188 goto error; 189 } 190 grp = getgrnam(QUOTAGROUP); 191 fchown(qf->fd, 0, grp ? grp->gr_gid : 0); 192 fchmod(qf->fd, 0640); 193 return (qf); 194 error: 195 serrno = errno; 196 /* did we have an open file? */ 197 if (qf->fd != -1) 198 close(qf->fd); 199 free(qf); 200 errno = serrno; 201 return (NULL); 202 } 203 204 void 205 quota_close(struct quotafile *qf) 206 { 207 208 if (qf->fd != -1) 209 close(qf->fd); 210 free(qf); 211 } 212 213 int 214 quota_on(struct quotafile *qf) 215 { 216 int qcmd; 217 218 qcmd = QCMD(Q_QUOTAON, qf->quotatype); 219 return (quotactl(qf->fsname, qcmd, 0, qf->qfname)); 220 } 221 222 int 223 quota_off(struct quotafile *qf) 224 { 225 226 return (quotactl(qf->fsname, QCMD(Q_QUOTAOFF, qf->quotatype), 0, 0)); 227 } 228 229 const char * 230 quota_fsname(const struct quotafile *qf) 231 { 232 233 return (qf->fsname); 234 } 235 236 const char * 237 quota_qfname(const struct quotafile *qf) 238 { 239 240 return (qf->qfname); 241 } 242 243 int 244 quota_check_path(const struct quotafile *qf, const char *path) 245 { 246 struct stat st; 247 248 if (stat(path, &st) == -1) 249 return (-1); 250 return (st.st_dev == qf->dev); 251 } 252 253 int 254 quota_maxid(struct quotafile *qf) 255 { 256 struct stat st; 257 int maxid; 258 259 if (stat(qf->qfname, &st) < 0) 260 return (0); 261 switch (qf->wordsize) { 262 case 32: 263 maxid = st.st_size / sizeof(struct dqblk32) - 1; 264 break; 265 case 64: 266 maxid = st.st_size / sizeof(struct dqblk64) - 2; 267 break; 268 default: 269 maxid = 0; 270 break; 271 } 272 return (maxid > 0 ? maxid : 0); 273 } 274 275 static int 276 quota_read32(struct quotafile *qf, struct dqblk *dqb, int id) 277 { 278 struct dqblk32 dqb32; 279 off_t off; 280 281 off = id * sizeof(struct dqblk32); 282 if (lseek(qf->fd, off, SEEK_SET) == -1) 283 return (-1); 284 switch (read(qf->fd, &dqb32, sizeof(dqb32))) { 285 case 0: 286 memset(dqb, 0, sizeof(*dqb)); 287 return (0); 288 case sizeof(dqb32): 289 dqb->dqb_bhardlimit = dqb32.dqb_bhardlimit; 290 dqb->dqb_bsoftlimit = dqb32.dqb_bsoftlimit; 291 dqb->dqb_curblocks = dqb32.dqb_curblocks; 292 dqb->dqb_ihardlimit = dqb32.dqb_ihardlimit; 293 dqb->dqb_isoftlimit = dqb32.dqb_isoftlimit; 294 dqb->dqb_curinodes = dqb32.dqb_curinodes; 295 dqb->dqb_btime = dqb32.dqb_btime; 296 dqb->dqb_itime = dqb32.dqb_itime; 297 return (0); 298 default: 299 return (-1); 300 } 301 } 302 303 static int 304 quota_read64(struct quotafile *qf, struct dqblk *dqb, int id) 305 { 306 struct dqblk64 dqb64; 307 off_t off; 308 309 off = sizeof(struct dqhdr64) + id * sizeof(struct dqblk64); 310 if (lseek(qf->fd, off, SEEK_SET) == -1) 311 return (-1); 312 switch (read(qf->fd, &dqb64, sizeof(dqb64))) { 313 case 0: 314 memset(dqb, 0, sizeof(*dqb)); 315 return (0); 316 case sizeof(dqb64): 317 dqb->dqb_bhardlimit = be64toh(dqb64.dqb_bhardlimit); 318 dqb->dqb_bsoftlimit = be64toh(dqb64.dqb_bsoftlimit); 319 dqb->dqb_curblocks = be64toh(dqb64.dqb_curblocks); 320 dqb->dqb_ihardlimit = be64toh(dqb64.dqb_ihardlimit); 321 dqb->dqb_isoftlimit = be64toh(dqb64.dqb_isoftlimit); 322 dqb->dqb_curinodes = be64toh(dqb64.dqb_curinodes); 323 dqb->dqb_btime = be64toh(dqb64.dqb_btime); 324 dqb->dqb_itime = be64toh(dqb64.dqb_itime); 325 return (0); 326 default: 327 return (-1); 328 } 329 } 330 331 int 332 quota_read(struct quotafile *qf, struct dqblk *dqb, int id) 333 { 334 int qcmd; 335 336 if (qf->fd == -1) { 337 qcmd = QCMD(Q_GETQUOTA, qf->quotatype); 338 return (quotactl(qf->fsname, qcmd, id, dqb)); 339 } 340 switch (qf->wordsize) { 341 case 32: 342 return (quota_read32(qf, dqb, id)); 343 case 64: 344 return (quota_read64(qf, dqb, id)); 345 default: 346 errno = EINVAL; 347 return (-1); 348 } 349 /* not reached */ 350 } 351 352 #define CLIP32(u64) ((u64) > UINT32_MAX ? UINT32_MAX : (uint32_t)(u64)) 353 354 static int 355 quota_write32(struct quotafile *qf, const struct dqblk *dqb, int id) 356 { 357 struct dqblk32 dqb32; 358 off_t off; 359 360 dqb32.dqb_bhardlimit = CLIP32(dqb->dqb_bhardlimit); 361 dqb32.dqb_bsoftlimit = CLIP32(dqb->dqb_bsoftlimit); 362 dqb32.dqb_curblocks = CLIP32(dqb->dqb_curblocks); 363 dqb32.dqb_ihardlimit = CLIP32(dqb->dqb_ihardlimit); 364 dqb32.dqb_isoftlimit = CLIP32(dqb->dqb_isoftlimit); 365 dqb32.dqb_curinodes = CLIP32(dqb->dqb_curinodes); 366 dqb32.dqb_btime = CLIP32(dqb->dqb_btime); 367 dqb32.dqb_itime = CLIP32(dqb->dqb_itime); 368 369 off = id * sizeof(struct dqblk32); 370 if (lseek(qf->fd, off, SEEK_SET) == -1) 371 return (-1); 372 if (write(qf->fd, &dqb32, sizeof(dqb32)) == sizeof(dqb32)) 373 return (0); 374 return (-1); 375 } 376 377 static int 378 quota_write64(struct quotafile *qf, const struct dqblk *dqb, int id) 379 { 380 struct dqblk64 dqb64; 381 off_t off; 382 383 dqb64.dqb_bhardlimit = htobe64(dqb->dqb_bhardlimit); 384 dqb64.dqb_bsoftlimit = htobe64(dqb->dqb_bsoftlimit); 385 dqb64.dqb_curblocks = htobe64(dqb->dqb_curblocks); 386 dqb64.dqb_ihardlimit = htobe64(dqb->dqb_ihardlimit); 387 dqb64.dqb_isoftlimit = htobe64(dqb->dqb_isoftlimit); 388 dqb64.dqb_curinodes = htobe64(dqb->dqb_curinodes); 389 dqb64.dqb_btime = htobe64(dqb->dqb_btime); 390 dqb64.dqb_itime = htobe64(dqb->dqb_itime); 391 392 off = sizeof(struct dqhdr64) + id * sizeof(struct dqblk64); 393 if (lseek(qf->fd, off, SEEK_SET) == -1) 394 return (-1); 395 if (write(qf->fd, &dqb64, sizeof(dqb64)) == sizeof(dqb64)) 396 return (0); 397 return (-1); 398 } 399 400 int 401 quota_write_usage(struct quotafile *qf, struct dqblk *dqb, int id) 402 { 403 struct dqblk dqbuf; 404 int qcmd; 405 406 if (qf->fd == -1) { 407 qcmd = QCMD(Q_SETUSE, qf->quotatype); 408 return (quotactl(qf->fsname, qcmd, id, dqb)); 409 } 410 /* 411 * Have to do read-modify-write of quota in file. 412 */ 413 if ((qf->accmode & O_RDWR) != O_RDWR) { 414 errno = EBADF; 415 return (-1); 416 } 417 if (quota_read(qf, &dqbuf, id) != 0) 418 return (-1); 419 /* 420 * Reset time limit if have a soft limit and were 421 * previously under it, but are now over it. 422 */ 423 if (dqbuf.dqb_bsoftlimit && id != 0 && 424 dqbuf.dqb_curblocks < dqbuf.dqb_bsoftlimit && 425 dqb->dqb_curblocks >= dqbuf.dqb_bsoftlimit) 426 dqbuf.dqb_btime = 0; 427 if (dqbuf.dqb_isoftlimit && id != 0 && 428 dqbuf.dqb_curinodes < dqbuf.dqb_isoftlimit && 429 dqb->dqb_curinodes >= dqbuf.dqb_isoftlimit) 430 dqbuf.dqb_itime = 0; 431 dqbuf.dqb_curinodes = dqb->dqb_curinodes; 432 dqbuf.dqb_curblocks = dqb->dqb_curblocks; 433 /* 434 * Write it back. 435 */ 436 switch (qf->wordsize) { 437 case 32: 438 return (quota_write32(qf, &dqbuf, id)); 439 case 64: 440 return (quota_write64(qf, &dqbuf, id)); 441 default: 442 errno = EINVAL; 443 return (-1); 444 } 445 /* not reached */ 446 } 447 448 int 449 quota_write_limits(struct quotafile *qf, struct dqblk *dqb, int id) 450 { 451 struct dqblk dqbuf; 452 int qcmd; 453 454 if (qf->fd == -1) { 455 qcmd = QCMD(Q_SETQUOTA, qf->quotatype); 456 return (quotactl(qf->fsname, qcmd, id, dqb)); 457 } 458 /* 459 * Have to do read-modify-write of quota in file. 460 */ 461 if ((qf->accmode & O_RDWR) != O_RDWR) { 462 errno = EBADF; 463 return (-1); 464 } 465 if (quota_read(qf, &dqbuf, id) != 0) 466 return (-1); 467 /* 468 * Reset time limit if have a soft limit and were 469 * previously under it, but are now over it 470 * or if there previously was no soft limit, but 471 * now have one and are over it. 472 */ 473 if (dqbuf.dqb_bsoftlimit && id != 0 && 474 dqbuf.dqb_curblocks < dqbuf.dqb_bsoftlimit && 475 dqbuf.dqb_curblocks >= dqb->dqb_bsoftlimit) 476 dqb->dqb_btime = 0; 477 if (dqbuf.dqb_bsoftlimit == 0 && id != 0 && 478 dqb->dqb_bsoftlimit > 0 && 479 dqbuf.dqb_curblocks >= dqb->dqb_bsoftlimit) 480 dqb->dqb_btime = 0; 481 if (dqbuf.dqb_isoftlimit && id != 0 && 482 dqbuf.dqb_curinodes < dqbuf.dqb_isoftlimit && 483 dqbuf.dqb_curinodes >= dqb->dqb_isoftlimit) 484 dqb->dqb_itime = 0; 485 if (dqbuf.dqb_isoftlimit == 0 && id !=0 && 486 dqb->dqb_isoftlimit > 0 && 487 dqbuf.dqb_curinodes >= dqb->dqb_isoftlimit) 488 dqb->dqb_itime = 0; 489 dqb->dqb_curinodes = dqbuf.dqb_curinodes; 490 dqb->dqb_curblocks = dqbuf.dqb_curblocks; 491 /* 492 * Write it back. 493 */ 494 switch (qf->wordsize) { 495 case 32: 496 return (quota_write32(qf, dqb, id)); 497 case 64: 498 return (quota_write64(qf, dqb, id)); 499 default: 500 errno = EINVAL; 501 return (-1); 502 } 503 /* not reached */ 504 } 505 506 /* 507 * Convert a quota file from one format to another. 508 */ 509 int 510 quota_convert(struct quotafile *qf, int wordsize) 511 { 512 struct quotafile *newqf; 513 struct dqhdr64 dqh; 514 struct dqblk dqblk; 515 struct group *grp; 516 int serrno, maxid, id, fd; 517 518 /* 519 * Quotas must not be active and quotafile must be open 520 * for reading and writing. 521 */ 522 if ((qf->accmode & O_RDWR) != O_RDWR || qf->fd == -1) { 523 errno = EBADF; 524 return (-1); 525 } 526 if ((wordsize != 32 && wordsize != 64) || 527 wordsize == qf->wordsize) { 528 errno = EINVAL; 529 return (-1); 530 } 531 maxid = quota_maxid(qf); 532 if ((newqf = calloc(1, sizeof(*qf))) == NULL) { 533 errno = ENOMEM; 534 return (-1); 535 } 536 *newqf = *qf; 537 snprintf(newqf->qfname, MAXPATHLEN + 1, "%s_%d.orig", qf->qfname, 538 qf->wordsize); 539 if (rename(qf->qfname, newqf->qfname) < 0) { 540 free(newqf); 541 return (-1); 542 } 543 if ((newqf->fd = open(qf->qfname, O_RDWR|O_CREAT|O_TRUNC|O_CLOEXEC, 544 0)) < 0) { 545 serrno = errno; 546 goto error; 547 } 548 newqf->wordsize = wordsize; 549 if (wordsize == 64) { 550 memset(&dqh, 0, sizeof(dqh)); 551 memcpy(dqh.dqh_magic, Q_DQHDR64_MAGIC, sizeof(dqh.dqh_magic)); 552 dqh.dqh_version = htobe32(Q_DQHDR64_VERSION); 553 dqh.dqh_hdrlen = htobe32(sizeof(struct dqhdr64)); 554 dqh.dqh_reclen = htobe32(sizeof(struct dqblk64)); 555 if (write(newqf->fd, &dqh, sizeof(dqh)) != sizeof(dqh)) { 556 serrno = errno; 557 goto error; 558 } 559 } 560 grp = getgrnam(QUOTAGROUP); 561 fchown(newqf->fd, 0, grp ? grp->gr_gid : 0); 562 fchmod(newqf->fd, 0640); 563 for (id = 0; id <= maxid; id++) { 564 if ((quota_read(qf, &dqblk, id)) < 0) 565 break; 566 switch (newqf->wordsize) { 567 case 32: 568 if ((quota_write32(newqf, &dqblk, id)) < 0) 569 break; 570 continue; 571 case 64: 572 if ((quota_write64(newqf, &dqblk, id)) < 0) 573 break; 574 continue; 575 default: 576 errno = EINVAL; 577 break; 578 } 579 } 580 if (id < maxid) { 581 serrno = errno; 582 goto error; 583 } 584 /* 585 * Update the passed in quotafile to reference the new file 586 * of the converted format size. 587 */ 588 fd = qf->fd; 589 qf->fd = newqf->fd; 590 newqf->fd = fd; 591 qf->wordsize = newqf->wordsize; 592 quota_close(newqf); 593 return (0); 594 error: 595 /* put back the original file */ 596 (void) rename(newqf->qfname, qf->qfname); 597 quota_close(newqf); 598 errno = serrno; 599 return (-1); 600 } 601