1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2000-2003 Silicon Graphics, Inc. 4 * All Rights Reserved. 5 */ 6 #include "xfs.h" 7 #include "xfs_fs.h" 8 #include "xfs_format.h" 9 #include "xfs_log_format.h" 10 #include "xfs_shared.h" 11 #include "xfs_trans_resv.h" 12 #include "xfs_bit.h" 13 #include "xfs_mount.h" 14 #include "xfs_defer.h" 15 #include "xfs_inode.h" 16 #include "xfs_bmap.h" 17 #include "xfs_quota.h" 18 #include "xfs_trans.h" 19 #include "xfs_buf_item.h" 20 #include "xfs_trans_space.h" 21 #include "xfs_trans_priv.h" 22 #include "xfs_qm.h" 23 #include "xfs_trace.h" 24 #include "xfs_log.h" 25 #include "xfs_bmap_btree.h" 26 #include "xfs_error.h" 27 #include "xfs_health.h" 28 29 /* 30 * Lock order: 31 * 32 * ip->i_lock 33 * qi->qi_tree_lock 34 * dquot->q_qlock (xfs_dqlock() and friends) 35 * dquot->q_flush (xfs_dqflock() and friends) 36 * qi->qi_lru_lock 37 * 38 * If two dquots need to be locked the order is user before group/project, 39 * otherwise by the lowest id first, see xfs_dqlock2. 40 */ 41 42 struct kmem_cache *xfs_dqtrx_cache; 43 static struct kmem_cache *xfs_dquot_cache; 44 45 static struct lock_class_key xfs_dquot_group_class; 46 static struct lock_class_key xfs_dquot_project_class; 47 48 /* Record observations of quota corruption with the health tracking system. */ 49 static void 50 xfs_dquot_mark_sick( 51 struct xfs_dquot *dqp) 52 { 53 struct xfs_mount *mp = dqp->q_mount; 54 55 switch (dqp->q_type) { 56 case XFS_DQTYPE_USER: 57 xfs_fs_mark_sick(mp, XFS_SICK_FS_UQUOTA); 58 break; 59 case XFS_DQTYPE_GROUP: 60 xfs_fs_mark_sick(mp, XFS_SICK_FS_GQUOTA); 61 break; 62 case XFS_DQTYPE_PROJ: 63 xfs_fs_mark_sick(mp, XFS_SICK_FS_PQUOTA); 64 break; 65 default: 66 ASSERT(0); 67 break; 68 } 69 } 70 71 /* 72 * This is called to free all the memory associated with a dquot 73 */ 74 void 75 xfs_qm_dqdestroy( 76 struct xfs_dquot *dqp) 77 { 78 ASSERT(list_empty(&dqp->q_lru)); 79 80 kvfree(dqp->q_logitem.qli_item.li_lv_shadow); 81 mutex_destroy(&dqp->q_qlock); 82 83 XFS_STATS_DEC(dqp->q_mount, xs_qm_dquot); 84 kmem_cache_free(xfs_dquot_cache, dqp); 85 } 86 87 /* 88 * If default limits are in force, push them into the dquot now. 89 * We overwrite the dquot limits only if they are zero and this 90 * is not the root dquot. 91 */ 92 void 93 xfs_qm_adjust_dqlimits( 94 struct xfs_dquot *dq) 95 { 96 struct xfs_mount *mp = dq->q_mount; 97 struct xfs_quotainfo *q = mp->m_quotainfo; 98 struct xfs_def_quota *defq; 99 int prealloc = 0; 100 101 ASSERT(dq->q_id); 102 defq = xfs_get_defquota(q, xfs_dquot_type(dq)); 103 104 if (!dq->q_blk.softlimit) { 105 dq->q_blk.softlimit = defq->blk.soft; 106 prealloc = 1; 107 } 108 if (!dq->q_blk.hardlimit) { 109 dq->q_blk.hardlimit = defq->blk.hard; 110 prealloc = 1; 111 } 112 if (!dq->q_ino.softlimit) 113 dq->q_ino.softlimit = defq->ino.soft; 114 if (!dq->q_ino.hardlimit) 115 dq->q_ino.hardlimit = defq->ino.hard; 116 if (!dq->q_rtb.softlimit) 117 dq->q_rtb.softlimit = defq->rtb.soft; 118 if (!dq->q_rtb.hardlimit) 119 dq->q_rtb.hardlimit = defq->rtb.hard; 120 121 if (prealloc) 122 xfs_dquot_set_prealloc_limits(dq); 123 } 124 125 /* Set the expiration time of a quota's grace period. */ 126 time64_t 127 xfs_dquot_set_timeout( 128 struct xfs_mount *mp, 129 time64_t timeout) 130 { 131 struct xfs_quotainfo *qi = mp->m_quotainfo; 132 133 return clamp_t(time64_t, timeout, qi->qi_expiry_min, 134 qi->qi_expiry_max); 135 } 136 137 /* Set the length of the default grace period. */ 138 time64_t 139 xfs_dquot_set_grace_period( 140 time64_t grace) 141 { 142 return clamp_t(time64_t, grace, XFS_DQ_GRACE_MIN, XFS_DQ_GRACE_MAX); 143 } 144 145 /* 146 * Determine if this quota counter is over either limit and set the quota 147 * timers as appropriate. 148 */ 149 static inline void 150 xfs_qm_adjust_res_timer( 151 struct xfs_mount *mp, 152 struct xfs_dquot_res *res, 153 struct xfs_quota_limits *qlim) 154 { 155 ASSERT(res->hardlimit == 0 || res->softlimit <= res->hardlimit); 156 157 if ((res->softlimit && res->count > res->softlimit) || 158 (res->hardlimit && res->count > res->hardlimit)) { 159 if (res->timer == 0) 160 res->timer = xfs_dquot_set_timeout(mp, 161 ktime_get_real_seconds() + qlim->time); 162 } else { 163 res->timer = 0; 164 } 165 } 166 167 /* 168 * Check the limits and timers of a dquot and start or reset timers 169 * if necessary. 170 * This gets called even when quota enforcement is OFF, which makes our 171 * life a little less complicated. (We just don't reject any quota 172 * reservations in that case, when enforcement is off). 173 * We also return 0 as the values of the timers in Q_GETQUOTA calls, when 174 * enforcement's off. 175 * In contrast, warnings are a little different in that they don't 176 * 'automatically' get started when limits get exceeded. They do 177 * get reset to zero, however, when we find the count to be under 178 * the soft limit (they are only ever set non-zero via userspace). 179 */ 180 void 181 xfs_qm_adjust_dqtimers( 182 struct xfs_dquot *dq) 183 { 184 struct xfs_mount *mp = dq->q_mount; 185 struct xfs_quotainfo *qi = mp->m_quotainfo; 186 struct xfs_def_quota *defq; 187 188 ASSERT(dq->q_id); 189 defq = xfs_get_defquota(qi, xfs_dquot_type(dq)); 190 191 xfs_qm_adjust_res_timer(dq->q_mount, &dq->q_blk, &defq->blk); 192 xfs_qm_adjust_res_timer(dq->q_mount, &dq->q_ino, &defq->ino); 193 xfs_qm_adjust_res_timer(dq->q_mount, &dq->q_rtb, &defq->rtb); 194 } 195 196 /* 197 * initialize a buffer full of dquots and log the whole thing 198 */ 199 void 200 xfs_qm_init_dquot_blk( 201 struct xfs_trans *tp, 202 xfs_dqid_t id, 203 xfs_dqtype_t type, 204 struct xfs_buf *bp) 205 { 206 struct xfs_mount *mp = tp->t_mountp; 207 struct xfs_quotainfo *q = mp->m_quotainfo; 208 struct xfs_dqblk *d; 209 xfs_dqid_t curid; 210 unsigned int qflag; 211 unsigned int blftype; 212 int i; 213 214 ASSERT(tp); 215 ASSERT(xfs_buf_islocked(bp)); 216 217 switch (type) { 218 case XFS_DQTYPE_USER: 219 qflag = XFS_UQUOTA_CHKD; 220 blftype = XFS_BLF_UDQUOT_BUF; 221 break; 222 case XFS_DQTYPE_PROJ: 223 qflag = XFS_PQUOTA_CHKD; 224 blftype = XFS_BLF_PDQUOT_BUF; 225 break; 226 case XFS_DQTYPE_GROUP: 227 qflag = XFS_GQUOTA_CHKD; 228 blftype = XFS_BLF_GDQUOT_BUF; 229 break; 230 default: 231 ASSERT(0); 232 return; 233 } 234 235 d = bp->b_addr; 236 237 /* 238 * ID of the first dquot in the block - id's are zero based. 239 */ 240 curid = id - (id % q->qi_dqperchunk); 241 memset(d, 0, BBTOB(q->qi_dqchunklen)); 242 for (i = 0; i < q->qi_dqperchunk; i++, d++, curid++) { 243 d->dd_diskdq.d_magic = cpu_to_be16(XFS_DQUOT_MAGIC); 244 d->dd_diskdq.d_version = XFS_DQUOT_VERSION; 245 d->dd_diskdq.d_id = cpu_to_be32(curid); 246 d->dd_diskdq.d_type = type; 247 if (curid > 0 && xfs_has_bigtime(mp)) 248 d->dd_diskdq.d_type |= XFS_DQTYPE_BIGTIME; 249 if (xfs_has_crc(mp)) { 250 uuid_copy(&d->dd_uuid, &mp->m_sb.sb_meta_uuid); 251 xfs_update_cksum((char *)d, sizeof(struct xfs_dqblk), 252 XFS_DQUOT_CRC_OFF); 253 } 254 } 255 256 xfs_trans_dquot_buf(tp, bp, blftype); 257 258 /* 259 * quotacheck uses delayed writes to update all the dquots on disk in an 260 * efficient manner instead of logging the individual dquot changes as 261 * they are made. However if we log the buffer allocated here and crash 262 * after quotacheck while the logged initialisation is still in the 263 * active region of the log, log recovery can replay the dquot buffer 264 * initialisation over the top of the checked dquots and corrupt quota 265 * accounting. 266 * 267 * To avoid this problem, quotacheck cannot log the initialised buffer. 268 * We must still dirty the buffer and write it back before the 269 * allocation transaction clears the log. Therefore, mark the buffer as 270 * ordered instead of logging it directly. This is safe for quotacheck 271 * because it detects and repairs allocated but initialized dquot blocks 272 * in the quota inodes. 273 */ 274 if (!(mp->m_qflags & qflag)) 275 xfs_trans_ordered_buf(tp, bp); 276 else 277 xfs_trans_log_buf(tp, bp, 0, BBTOB(q->qi_dqchunklen) - 1); 278 } 279 280 static void 281 xfs_dquot_set_prealloc( 282 struct xfs_dquot_pre *pre, 283 const struct xfs_dquot_res *res) 284 { 285 xfs_qcnt_t space; 286 287 pre->q_prealloc_hi_wmark = res->hardlimit; 288 pre->q_prealloc_lo_wmark = res->softlimit; 289 290 space = div_u64(pre->q_prealloc_hi_wmark, 100); 291 if (!pre->q_prealloc_lo_wmark) 292 pre->q_prealloc_lo_wmark = space * 95; 293 294 pre->q_low_space[XFS_QLOWSP_1_PCNT] = space; 295 pre->q_low_space[XFS_QLOWSP_3_PCNT] = space * 3; 296 pre->q_low_space[XFS_QLOWSP_5_PCNT] = space * 5; 297 } 298 299 /* 300 * Initialize the dynamic speculative preallocation thresholds. The lo/hi 301 * watermarks correspond to the soft and hard limits by default. If a soft limit 302 * is not specified, we use 95% of the hard limit. 303 */ 304 void 305 xfs_dquot_set_prealloc_limits(struct xfs_dquot *dqp) 306 { 307 xfs_dquot_set_prealloc(&dqp->q_blk_prealloc, &dqp->q_blk); 308 xfs_dquot_set_prealloc(&dqp->q_rtb_prealloc, &dqp->q_rtb); 309 } 310 311 /* 312 * Ensure that the given in-core dquot has a buffer on disk backing it, and 313 * return the buffer locked and held. This is called when the bmapi finds a 314 * hole. 315 */ 316 STATIC int 317 xfs_dquot_disk_alloc( 318 struct xfs_dquot *dqp, 319 struct xfs_buf **bpp) 320 { 321 struct xfs_bmbt_irec map; 322 struct xfs_trans *tp; 323 struct xfs_mount *mp = dqp->q_mount; 324 struct xfs_buf *bp; 325 xfs_dqtype_t qtype = xfs_dquot_type(dqp); 326 struct xfs_inode *quotip = xfs_quota_inode(mp, qtype); 327 int nmaps = 1; 328 int error; 329 330 trace_xfs_dqalloc(dqp); 331 332 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_qm_dqalloc, 333 XFS_QM_DQALLOC_SPACE_RES(mp), 0, 0, &tp); 334 if (error) 335 return error; 336 337 xfs_ilock(quotip, XFS_ILOCK_EXCL); 338 xfs_trans_ijoin(tp, quotip, 0); 339 340 if (!xfs_this_quota_on(dqp->q_mount, qtype)) { 341 /* 342 * Return if this type of quotas is turned off while we didn't 343 * have an inode lock 344 */ 345 error = -ESRCH; 346 goto err_cancel; 347 } 348 349 error = xfs_iext_count_extend(tp, quotip, XFS_DATA_FORK, 350 XFS_IEXT_ADD_NOSPLIT_CNT); 351 if (error) 352 goto err_cancel; 353 354 /* Create the block mapping. */ 355 error = xfs_bmapi_write(tp, quotip, dqp->q_fileoffset, 356 XFS_DQUOT_CLUSTER_SIZE_FSB, XFS_BMAPI_METADATA, 0, &map, 357 &nmaps); 358 if (error) 359 goto err_cancel; 360 361 ASSERT(map.br_blockcount == XFS_DQUOT_CLUSTER_SIZE_FSB); 362 ASSERT((map.br_startblock != DELAYSTARTBLOCK) && 363 (map.br_startblock != HOLESTARTBLOCK)); 364 365 /* 366 * Keep track of the blkno to save a lookup later 367 */ 368 dqp->q_blkno = XFS_FSB_TO_DADDR(mp, map.br_startblock); 369 370 /* now we can just get the buffer (there's nothing to read yet) */ 371 error = xfs_trans_get_buf(tp, mp->m_ddev_targp, dqp->q_blkno, 372 mp->m_quotainfo->qi_dqchunklen, 0, &bp); 373 if (error) 374 goto err_cancel; 375 bp->b_ops = &xfs_dquot_buf_ops; 376 377 /* 378 * Make a chunk of dquots out of this buffer and log 379 * the entire thing. 380 */ 381 xfs_qm_init_dquot_blk(tp, dqp->q_id, qtype, bp); 382 xfs_buf_set_ref(bp, XFS_DQUOT_REF); 383 384 /* 385 * Hold the buffer and join it to the dfops so that we'll still own 386 * the buffer when we return to the caller. The buffer disposal on 387 * error must be paid attention to very carefully, as it has been 388 * broken since commit efa092f3d4c6 "[XFS] Fixes a bug in the quota 389 * code when allocating a new dquot record" in 2005, and the later 390 * conversion to xfs_defer_ops in commit 310a75a3c6c747 failed to keep 391 * the buffer locked across the _defer_finish call. We can now do 392 * this correctly with xfs_defer_bjoin. 393 * 394 * Above, we allocated a disk block for the dquot information and used 395 * get_buf to initialize the dquot. If the _defer_finish fails, the old 396 * transaction is gone but the new buffer is not joined or held to any 397 * transaction, so we must _buf_relse it. 398 * 399 * If everything succeeds, the caller of this function is returned a 400 * buffer that is locked and held to the transaction. The caller 401 * is responsible for unlocking any buffer passed back, either 402 * manually or by committing the transaction. On error, the buffer is 403 * released and not passed back. 404 * 405 * Keep the quota inode ILOCKed until after the transaction commit to 406 * maintain the atomicity of bmap/rmap updates. 407 */ 408 xfs_trans_bhold(tp, bp); 409 error = xfs_trans_commit(tp); 410 xfs_iunlock(quotip, XFS_ILOCK_EXCL); 411 if (error) { 412 xfs_buf_relse(bp); 413 return error; 414 } 415 416 *bpp = bp; 417 return 0; 418 419 err_cancel: 420 xfs_trans_cancel(tp); 421 xfs_iunlock(quotip, XFS_ILOCK_EXCL); 422 return error; 423 } 424 425 /* 426 * Read in the in-core dquot's on-disk metadata and return the buffer. 427 * Returns ENOENT to signal a hole. 428 */ 429 STATIC int 430 xfs_dquot_disk_read( 431 struct xfs_mount *mp, 432 struct xfs_dquot *dqp, 433 struct xfs_buf **bpp) 434 { 435 struct xfs_bmbt_irec map; 436 struct xfs_buf *bp; 437 xfs_dqtype_t qtype = xfs_dquot_type(dqp); 438 struct xfs_inode *quotip = xfs_quota_inode(mp, qtype); 439 uint lock_mode; 440 int nmaps = 1; 441 int error; 442 443 lock_mode = xfs_ilock_data_map_shared(quotip); 444 if (!xfs_this_quota_on(mp, qtype)) { 445 /* 446 * Return if this type of quotas is turned off while we 447 * didn't have the quota inode lock. 448 */ 449 xfs_iunlock(quotip, lock_mode); 450 return -ESRCH; 451 } 452 453 /* 454 * Find the block map; no allocations yet 455 */ 456 error = xfs_bmapi_read(quotip, dqp->q_fileoffset, 457 XFS_DQUOT_CLUSTER_SIZE_FSB, &map, &nmaps, 0); 458 xfs_iunlock(quotip, lock_mode); 459 if (error) 460 return error; 461 462 ASSERT(nmaps == 1); 463 ASSERT(map.br_blockcount >= 1); 464 ASSERT(map.br_startblock != DELAYSTARTBLOCK); 465 if (map.br_startblock == HOLESTARTBLOCK) 466 return -ENOENT; 467 468 trace_xfs_dqtobp_read(dqp); 469 470 /* 471 * store the blkno etc so that we don't have to do the 472 * mapping all the time 473 */ 474 dqp->q_blkno = XFS_FSB_TO_DADDR(mp, map.br_startblock); 475 476 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp, dqp->q_blkno, 477 mp->m_quotainfo->qi_dqchunklen, 0, &bp, 478 &xfs_dquot_buf_ops); 479 if (xfs_metadata_is_sick(error)) 480 xfs_dquot_mark_sick(dqp); 481 if (error) { 482 ASSERT(bp == NULL); 483 return error; 484 } 485 486 ASSERT(xfs_buf_islocked(bp)); 487 xfs_buf_set_ref(bp, XFS_DQUOT_REF); 488 *bpp = bp; 489 490 return 0; 491 } 492 493 /* Allocate and initialize everything we need for an incore dquot. */ 494 STATIC struct xfs_dquot * 495 xfs_dquot_alloc( 496 struct xfs_mount *mp, 497 xfs_dqid_t id, 498 xfs_dqtype_t type) 499 { 500 struct xfs_dquot *dqp; 501 502 dqp = kmem_cache_zalloc(xfs_dquot_cache, GFP_KERNEL | __GFP_NOFAIL); 503 504 dqp->q_type = type; 505 dqp->q_id = id; 506 dqp->q_mount = mp; 507 INIT_LIST_HEAD(&dqp->q_lru); 508 mutex_init(&dqp->q_qlock); 509 init_waitqueue_head(&dqp->q_pinwait); 510 dqp->q_fileoffset = (xfs_fileoff_t)id / mp->m_quotainfo->qi_dqperchunk; 511 /* 512 * Offset of dquot in the (fixed sized) dquot chunk. 513 */ 514 dqp->q_bufoffset = (id % mp->m_quotainfo->qi_dqperchunk) * 515 sizeof(struct xfs_dqblk); 516 517 /* 518 * Because we want to use a counting completion, complete 519 * the flush completion once to allow a single access to 520 * the flush completion without blocking. 521 */ 522 init_completion(&dqp->q_flush); 523 complete(&dqp->q_flush); 524 525 /* 526 * Make sure group quotas have a different lock class than user 527 * quotas. 528 */ 529 switch (type) { 530 case XFS_DQTYPE_USER: 531 /* uses the default lock class */ 532 break; 533 case XFS_DQTYPE_GROUP: 534 lockdep_set_class(&dqp->q_qlock, &xfs_dquot_group_class); 535 break; 536 case XFS_DQTYPE_PROJ: 537 lockdep_set_class(&dqp->q_qlock, &xfs_dquot_project_class); 538 break; 539 default: 540 ASSERT(0); 541 break; 542 } 543 544 xfs_qm_dquot_logitem_init(dqp); 545 546 XFS_STATS_INC(mp, xs_qm_dquot); 547 return dqp; 548 } 549 550 /* Check the ondisk dquot's id and type match what the incore dquot expects. */ 551 static bool 552 xfs_dquot_check_type( 553 struct xfs_dquot *dqp, 554 struct xfs_disk_dquot *ddqp) 555 { 556 uint8_t ddqp_type; 557 uint8_t dqp_type; 558 559 ddqp_type = ddqp->d_type & XFS_DQTYPE_REC_MASK; 560 dqp_type = xfs_dquot_type(dqp); 561 562 if (be32_to_cpu(ddqp->d_id) != dqp->q_id) 563 return false; 564 565 /* 566 * V5 filesystems always expect an exact type match. V4 filesystems 567 * expect an exact match for user dquots and for non-root group and 568 * project dquots. 569 */ 570 if (xfs_has_crc(dqp->q_mount) || 571 dqp_type == XFS_DQTYPE_USER || dqp->q_id != 0) 572 return ddqp_type == dqp_type; 573 574 /* 575 * V4 filesystems support either group or project quotas, but not both 576 * at the same time. The non-user quota file can be switched between 577 * group and project quota uses depending on the mount options, which 578 * means that we can encounter the other type when we try to load quota 579 * defaults. Quotacheck will soon reset the entire quota file 580 * (including the root dquot) anyway, but don't log scary corruption 581 * reports to dmesg. 582 */ 583 return ddqp_type == XFS_DQTYPE_GROUP || ddqp_type == XFS_DQTYPE_PROJ; 584 } 585 586 /* Copy the in-core quota fields in from the on-disk buffer. */ 587 STATIC int 588 xfs_dquot_from_disk( 589 struct xfs_dquot *dqp, 590 struct xfs_buf *bp) 591 { 592 struct xfs_dqblk *dqb = xfs_buf_offset(bp, dqp->q_bufoffset); 593 struct xfs_disk_dquot *ddqp = &dqb->dd_diskdq; 594 595 /* 596 * Ensure that we got the type and ID we were looking for. 597 * Everything else was checked by the dquot buffer verifier. 598 */ 599 if (!xfs_dquot_check_type(dqp, ddqp)) { 600 xfs_alert_tag(bp->b_mount, XFS_PTAG_VERIFIER_ERROR, 601 "Metadata corruption detected at %pS, quota %u", 602 __this_address, dqp->q_id); 603 xfs_alert(bp->b_mount, "Unmount and run xfs_repair"); 604 xfs_dquot_mark_sick(dqp); 605 return -EFSCORRUPTED; 606 } 607 608 /* copy everything from disk dquot to the incore dquot */ 609 dqp->q_type = ddqp->d_type; 610 dqp->q_blk.hardlimit = be64_to_cpu(ddqp->d_blk_hardlimit); 611 dqp->q_blk.softlimit = be64_to_cpu(ddqp->d_blk_softlimit); 612 dqp->q_ino.hardlimit = be64_to_cpu(ddqp->d_ino_hardlimit); 613 dqp->q_ino.softlimit = be64_to_cpu(ddqp->d_ino_softlimit); 614 dqp->q_rtb.hardlimit = be64_to_cpu(ddqp->d_rtb_hardlimit); 615 dqp->q_rtb.softlimit = be64_to_cpu(ddqp->d_rtb_softlimit); 616 617 dqp->q_blk.count = be64_to_cpu(ddqp->d_bcount); 618 dqp->q_ino.count = be64_to_cpu(ddqp->d_icount); 619 dqp->q_rtb.count = be64_to_cpu(ddqp->d_rtbcount); 620 621 dqp->q_blk.timer = xfs_dquot_from_disk_ts(ddqp, ddqp->d_btimer); 622 dqp->q_ino.timer = xfs_dquot_from_disk_ts(ddqp, ddqp->d_itimer); 623 dqp->q_rtb.timer = xfs_dquot_from_disk_ts(ddqp, ddqp->d_rtbtimer); 624 625 /* 626 * Reservation counters are defined as reservation plus current usage 627 * to avoid having to add every time. 628 */ 629 dqp->q_blk.reserved = dqp->q_blk.count; 630 dqp->q_ino.reserved = dqp->q_ino.count; 631 dqp->q_rtb.reserved = dqp->q_rtb.count; 632 633 /* initialize the dquot speculative prealloc thresholds */ 634 xfs_dquot_set_prealloc_limits(dqp); 635 return 0; 636 } 637 638 /* Copy the in-core quota fields into the on-disk buffer. */ 639 void 640 xfs_dquot_to_disk( 641 struct xfs_disk_dquot *ddqp, 642 struct xfs_dquot *dqp) 643 { 644 ddqp->d_magic = cpu_to_be16(XFS_DQUOT_MAGIC); 645 ddqp->d_version = XFS_DQUOT_VERSION; 646 ddqp->d_type = dqp->q_type; 647 ddqp->d_id = cpu_to_be32(dqp->q_id); 648 ddqp->d_pad0 = 0; 649 ddqp->d_pad = 0; 650 651 ddqp->d_blk_hardlimit = cpu_to_be64(dqp->q_blk.hardlimit); 652 ddqp->d_blk_softlimit = cpu_to_be64(dqp->q_blk.softlimit); 653 ddqp->d_ino_hardlimit = cpu_to_be64(dqp->q_ino.hardlimit); 654 ddqp->d_ino_softlimit = cpu_to_be64(dqp->q_ino.softlimit); 655 ddqp->d_rtb_hardlimit = cpu_to_be64(dqp->q_rtb.hardlimit); 656 ddqp->d_rtb_softlimit = cpu_to_be64(dqp->q_rtb.softlimit); 657 658 ddqp->d_bcount = cpu_to_be64(dqp->q_blk.count); 659 ddqp->d_icount = cpu_to_be64(dqp->q_ino.count); 660 ddqp->d_rtbcount = cpu_to_be64(dqp->q_rtb.count); 661 662 ddqp->d_bwarns = 0; 663 ddqp->d_iwarns = 0; 664 ddqp->d_rtbwarns = 0; 665 666 ddqp->d_btimer = xfs_dquot_to_disk_ts(dqp, dqp->q_blk.timer); 667 ddqp->d_itimer = xfs_dquot_to_disk_ts(dqp, dqp->q_ino.timer); 668 ddqp->d_rtbtimer = xfs_dquot_to_disk_ts(dqp, dqp->q_rtb.timer); 669 } 670 671 /* 672 * Read in the ondisk dquot using dqtobp() then copy it to an incore version, 673 * and release the buffer immediately. If @can_alloc is true, fill any 674 * holes in the on-disk metadata. 675 */ 676 static int 677 xfs_qm_dqread( 678 struct xfs_mount *mp, 679 xfs_dqid_t id, 680 xfs_dqtype_t type, 681 bool can_alloc, 682 struct xfs_dquot **dqpp) 683 { 684 struct xfs_dquot *dqp; 685 struct xfs_buf *bp; 686 int error; 687 688 dqp = xfs_dquot_alloc(mp, id, type); 689 trace_xfs_dqread(dqp); 690 691 /* Try to read the buffer, allocating if necessary. */ 692 error = xfs_dquot_disk_read(mp, dqp, &bp); 693 if (error == -ENOENT && can_alloc) 694 error = xfs_dquot_disk_alloc(dqp, &bp); 695 if (error) 696 goto err; 697 698 /* 699 * At this point we should have a clean locked buffer. Copy the data 700 * to the incore dquot and release the buffer since the incore dquot 701 * has its own locking protocol so we needn't tie up the buffer any 702 * further. 703 */ 704 ASSERT(xfs_buf_islocked(bp)); 705 error = xfs_dquot_from_disk(dqp, bp); 706 xfs_buf_relse(bp); 707 if (error) 708 goto err; 709 710 *dqpp = dqp; 711 return error; 712 713 err: 714 trace_xfs_dqread_fail(dqp); 715 xfs_qm_dqdestroy(dqp); 716 *dqpp = NULL; 717 return error; 718 } 719 720 /* 721 * Advance to the next id in the current chunk, or if at the 722 * end of the chunk, skip ahead to first id in next allocated chunk 723 * using the SEEK_DATA interface. 724 */ 725 static int 726 xfs_dq_get_next_id( 727 struct xfs_mount *mp, 728 xfs_dqtype_t type, 729 xfs_dqid_t *id) 730 { 731 struct xfs_inode *quotip = xfs_quota_inode(mp, type); 732 xfs_dqid_t next_id = *id + 1; /* simple advance */ 733 uint lock_flags; 734 struct xfs_bmbt_irec got; 735 struct xfs_iext_cursor cur; 736 xfs_fsblock_t start; 737 int error = 0; 738 739 /* If we'd wrap past the max ID, stop */ 740 if (next_id < *id) 741 return -ENOENT; 742 743 /* If new ID is within the current chunk, advancing it sufficed */ 744 if (next_id % mp->m_quotainfo->qi_dqperchunk) { 745 *id = next_id; 746 return 0; 747 } 748 749 /* Nope, next_id is now past the current chunk, so find the next one */ 750 start = (xfs_fsblock_t)next_id / mp->m_quotainfo->qi_dqperchunk; 751 752 lock_flags = xfs_ilock_data_map_shared(quotip); 753 error = xfs_iread_extents(NULL, quotip, XFS_DATA_FORK); 754 if (error) 755 return error; 756 757 if (xfs_iext_lookup_extent(quotip, "ip->i_df, start, &cur, &got)) { 758 /* contiguous chunk, bump startoff for the id calculation */ 759 if (got.br_startoff < start) 760 got.br_startoff = start; 761 *id = got.br_startoff * mp->m_quotainfo->qi_dqperchunk; 762 } else { 763 error = -ENOENT; 764 } 765 766 xfs_iunlock(quotip, lock_flags); 767 768 return error; 769 } 770 771 /* 772 * Look up the dquot in the in-core cache. If found, the dquot is returned 773 * locked and ready to go. 774 */ 775 static struct xfs_dquot * 776 xfs_qm_dqget_cache_lookup( 777 struct xfs_mount *mp, 778 struct xfs_quotainfo *qi, 779 struct radix_tree_root *tree, 780 xfs_dqid_t id) 781 { 782 struct xfs_dquot *dqp; 783 784 restart: 785 mutex_lock(&qi->qi_tree_lock); 786 dqp = radix_tree_lookup(tree, id); 787 if (!dqp) { 788 mutex_unlock(&qi->qi_tree_lock); 789 XFS_STATS_INC(mp, xs_qm_dqcachemisses); 790 return NULL; 791 } 792 793 xfs_dqlock(dqp); 794 if (dqp->q_flags & XFS_DQFLAG_FREEING) { 795 xfs_dqunlock(dqp); 796 mutex_unlock(&qi->qi_tree_lock); 797 trace_xfs_dqget_freeing(dqp); 798 delay(1); 799 goto restart; 800 } 801 802 dqp->q_nrefs++; 803 mutex_unlock(&qi->qi_tree_lock); 804 805 trace_xfs_dqget_hit(dqp); 806 XFS_STATS_INC(mp, xs_qm_dqcachehits); 807 return dqp; 808 } 809 810 /* 811 * Try to insert a new dquot into the in-core cache. If an error occurs the 812 * caller should throw away the dquot and start over. Otherwise, the dquot 813 * is returned locked (and held by the cache) as if there had been a cache 814 * hit. 815 * 816 * The insert needs to be done under memalloc_nofs context because the radix 817 * tree can do memory allocation during insert. The qi->qi_tree_lock is taken in 818 * memory reclaim when freeing unused dquots, so we cannot have the radix tree 819 * node allocation recursing into filesystem reclaim whilst we hold the 820 * qi_tree_lock. 821 */ 822 static int 823 xfs_qm_dqget_cache_insert( 824 struct xfs_mount *mp, 825 struct xfs_quotainfo *qi, 826 struct radix_tree_root *tree, 827 xfs_dqid_t id, 828 struct xfs_dquot *dqp) 829 { 830 unsigned int nofs_flags; 831 int error; 832 833 nofs_flags = memalloc_nofs_save(); 834 mutex_lock(&qi->qi_tree_lock); 835 error = radix_tree_insert(tree, id, dqp); 836 if (unlikely(error)) { 837 /* Duplicate found! Caller must try again. */ 838 trace_xfs_dqget_dup(dqp); 839 goto out_unlock; 840 } 841 842 /* Return a locked dquot to the caller, with a reference taken. */ 843 xfs_dqlock(dqp); 844 dqp->q_nrefs = 1; 845 qi->qi_dquots++; 846 847 out_unlock: 848 mutex_unlock(&qi->qi_tree_lock); 849 memalloc_nofs_restore(nofs_flags); 850 return error; 851 } 852 853 /* Check our input parameters. */ 854 static int 855 xfs_qm_dqget_checks( 856 struct xfs_mount *mp, 857 xfs_dqtype_t type) 858 { 859 switch (type) { 860 case XFS_DQTYPE_USER: 861 if (!XFS_IS_UQUOTA_ON(mp)) 862 return -ESRCH; 863 return 0; 864 case XFS_DQTYPE_GROUP: 865 if (!XFS_IS_GQUOTA_ON(mp)) 866 return -ESRCH; 867 return 0; 868 case XFS_DQTYPE_PROJ: 869 if (!XFS_IS_PQUOTA_ON(mp)) 870 return -ESRCH; 871 return 0; 872 default: 873 WARN_ON_ONCE(0); 874 return -EINVAL; 875 } 876 } 877 878 /* 879 * Given the file system, id, and type (UDQUOT/GDQUOT/PDQUOT), return a 880 * locked dquot, doing an allocation (if requested) as needed. 881 */ 882 int 883 xfs_qm_dqget( 884 struct xfs_mount *mp, 885 xfs_dqid_t id, 886 xfs_dqtype_t type, 887 bool can_alloc, 888 struct xfs_dquot **O_dqpp) 889 { 890 struct xfs_quotainfo *qi = mp->m_quotainfo; 891 struct radix_tree_root *tree = xfs_dquot_tree(qi, type); 892 struct xfs_dquot *dqp; 893 int error; 894 895 error = xfs_qm_dqget_checks(mp, type); 896 if (error) 897 return error; 898 899 restart: 900 dqp = xfs_qm_dqget_cache_lookup(mp, qi, tree, id); 901 if (dqp) { 902 *O_dqpp = dqp; 903 return 0; 904 } 905 906 error = xfs_qm_dqread(mp, id, type, can_alloc, &dqp); 907 if (error) 908 return error; 909 910 error = xfs_qm_dqget_cache_insert(mp, qi, tree, id, dqp); 911 if (error) { 912 /* 913 * Duplicate found. Just throw away the new dquot and start 914 * over. 915 */ 916 xfs_qm_dqdestroy(dqp); 917 XFS_STATS_INC(mp, xs_qm_dquot_dups); 918 goto restart; 919 } 920 921 trace_xfs_dqget_miss(dqp); 922 *O_dqpp = dqp; 923 return 0; 924 } 925 926 /* 927 * Given a dquot id and type, read and initialize a dquot from the on-disk 928 * metadata. This function is only for use during quota initialization so 929 * it ignores the dquot cache assuming that the dquot shrinker isn't set up. 930 * The caller is responsible for _qm_dqdestroy'ing the returned dquot. 931 */ 932 int 933 xfs_qm_dqget_uncached( 934 struct xfs_mount *mp, 935 xfs_dqid_t id, 936 xfs_dqtype_t type, 937 struct xfs_dquot **dqpp) 938 { 939 int error; 940 941 error = xfs_qm_dqget_checks(mp, type); 942 if (error) 943 return error; 944 945 return xfs_qm_dqread(mp, id, type, 0, dqpp); 946 } 947 948 /* Return the quota id for a given inode and type. */ 949 xfs_dqid_t 950 xfs_qm_id_for_quotatype( 951 struct xfs_inode *ip, 952 xfs_dqtype_t type) 953 { 954 switch (type) { 955 case XFS_DQTYPE_USER: 956 return i_uid_read(VFS_I(ip)); 957 case XFS_DQTYPE_GROUP: 958 return i_gid_read(VFS_I(ip)); 959 case XFS_DQTYPE_PROJ: 960 return ip->i_projid; 961 } 962 ASSERT(0); 963 return 0; 964 } 965 966 /* 967 * Return the dquot for a given inode and type. If @can_alloc is true, then 968 * allocate blocks if needed. The inode's ILOCK must be held and it must not 969 * have already had an inode attached. 970 */ 971 int 972 xfs_qm_dqget_inode( 973 struct xfs_inode *ip, 974 xfs_dqtype_t type, 975 bool can_alloc, 976 struct xfs_dquot **O_dqpp) 977 { 978 struct xfs_mount *mp = ip->i_mount; 979 struct xfs_quotainfo *qi = mp->m_quotainfo; 980 struct radix_tree_root *tree = xfs_dquot_tree(qi, type); 981 struct xfs_dquot *dqp; 982 xfs_dqid_t id; 983 int error; 984 985 error = xfs_qm_dqget_checks(mp, type); 986 if (error) 987 return error; 988 989 xfs_assert_ilocked(ip, XFS_ILOCK_EXCL); 990 ASSERT(xfs_inode_dquot(ip, type) == NULL); 991 ASSERT(!xfs_is_metadir_inode(ip)); 992 993 id = xfs_qm_id_for_quotatype(ip, type); 994 995 restart: 996 dqp = xfs_qm_dqget_cache_lookup(mp, qi, tree, id); 997 if (dqp) { 998 *O_dqpp = dqp; 999 return 0; 1000 } 1001 1002 /* 1003 * Dquot cache miss. We don't want to keep the inode lock across 1004 * a (potential) disk read. Also we don't want to deal with the lock 1005 * ordering between quotainode and this inode. OTOH, dropping the inode 1006 * lock here means dealing with a chown that can happen before 1007 * we re-acquire the lock. 1008 */ 1009 xfs_iunlock(ip, XFS_ILOCK_EXCL); 1010 error = xfs_qm_dqread(mp, id, type, can_alloc, &dqp); 1011 xfs_ilock(ip, XFS_ILOCK_EXCL); 1012 if (error) 1013 return error; 1014 1015 /* 1016 * A dquot could be attached to this inode by now, since we had 1017 * dropped the ilock. 1018 */ 1019 if (xfs_this_quota_on(mp, type)) { 1020 struct xfs_dquot *dqp1; 1021 1022 dqp1 = xfs_inode_dquot(ip, type); 1023 if (dqp1) { 1024 xfs_qm_dqdestroy(dqp); 1025 dqp = dqp1; 1026 xfs_dqlock(dqp); 1027 goto dqret; 1028 } 1029 } else { 1030 /* inode stays locked on return */ 1031 xfs_qm_dqdestroy(dqp); 1032 return -ESRCH; 1033 } 1034 1035 error = xfs_qm_dqget_cache_insert(mp, qi, tree, id, dqp); 1036 if (error) { 1037 /* 1038 * Duplicate found. Just throw away the new dquot and start 1039 * over. 1040 */ 1041 xfs_qm_dqdestroy(dqp); 1042 XFS_STATS_INC(mp, xs_qm_dquot_dups); 1043 goto restart; 1044 } 1045 1046 dqret: 1047 xfs_assert_ilocked(ip, XFS_ILOCK_EXCL); 1048 trace_xfs_dqget_miss(dqp); 1049 *O_dqpp = dqp; 1050 return 0; 1051 } 1052 1053 /* 1054 * Starting at @id and progressing upwards, look for an initialized incore 1055 * dquot, lock it, and return it. 1056 */ 1057 int 1058 xfs_qm_dqget_next( 1059 struct xfs_mount *mp, 1060 xfs_dqid_t id, 1061 xfs_dqtype_t type, 1062 struct xfs_dquot **dqpp) 1063 { 1064 struct xfs_dquot *dqp; 1065 int error = 0; 1066 1067 *dqpp = NULL; 1068 for (; !error; error = xfs_dq_get_next_id(mp, type, &id)) { 1069 error = xfs_qm_dqget(mp, id, type, false, &dqp); 1070 if (error == -ENOENT) 1071 continue; 1072 else if (error != 0) 1073 break; 1074 1075 if (!XFS_IS_DQUOT_UNINITIALIZED(dqp)) { 1076 *dqpp = dqp; 1077 return 0; 1078 } 1079 1080 xfs_qm_dqput(dqp); 1081 } 1082 1083 return error; 1084 } 1085 1086 /* 1087 * Release a reference to the dquot (decrement ref-count) and unlock it. 1088 * 1089 * If there is a group quota attached to this dquot, carefully release that 1090 * too without tripping over deadlocks'n'stuff. 1091 */ 1092 void 1093 xfs_qm_dqput( 1094 struct xfs_dquot *dqp) 1095 { 1096 ASSERT(dqp->q_nrefs > 0); 1097 ASSERT(XFS_DQ_IS_LOCKED(dqp)); 1098 1099 trace_xfs_dqput(dqp); 1100 1101 if (--dqp->q_nrefs == 0) { 1102 struct xfs_quotainfo *qi = dqp->q_mount->m_quotainfo; 1103 trace_xfs_dqput_free(dqp); 1104 1105 if (list_lru_add_obj(&qi->qi_lru, &dqp->q_lru)) 1106 XFS_STATS_INC(dqp->q_mount, xs_qm_dquot_unused); 1107 } 1108 xfs_dqunlock(dqp); 1109 } 1110 1111 /* 1112 * Release a dquot. Flush it if dirty, then dqput() it. 1113 * dquot must not be locked. 1114 */ 1115 void 1116 xfs_qm_dqrele( 1117 struct xfs_dquot *dqp) 1118 { 1119 if (!dqp) 1120 return; 1121 1122 trace_xfs_dqrele(dqp); 1123 1124 xfs_dqlock(dqp); 1125 /* 1126 * We don't care to flush it if the dquot is dirty here. 1127 * That will create stutters that we want to avoid. 1128 * Instead we do a delayed write when we try to reclaim 1129 * a dirty dquot. Also xfs_sync will take part of the burden... 1130 */ 1131 xfs_qm_dqput(dqp); 1132 } 1133 1134 /* 1135 * This is the dquot flushing I/O completion routine. It is called 1136 * from interrupt level when the buffer containing the dquot is 1137 * flushed to disk. It is responsible for removing the dquot logitem 1138 * from the AIL if it has not been re-logged, and unlocking the dquot's 1139 * flush lock. This behavior is very similar to that of inodes.. 1140 */ 1141 static void 1142 xfs_qm_dqflush_done( 1143 struct xfs_log_item *lip) 1144 { 1145 struct xfs_dq_logitem *qip = (struct xfs_dq_logitem *)lip; 1146 struct xfs_dquot *dqp = qip->qli_dquot; 1147 struct xfs_ail *ailp = lip->li_ailp; 1148 xfs_lsn_t tail_lsn; 1149 1150 /* 1151 * We only want to pull the item from the AIL if its 1152 * location in the log has not changed since we started the flush. 1153 * Thus, we only bother if the dquot's lsn has 1154 * not changed. First we check the lsn outside the lock 1155 * since it's cheaper, and then we recheck while 1156 * holding the lock before removing the dquot from the AIL. 1157 */ 1158 if (test_bit(XFS_LI_IN_AIL, &lip->li_flags) && 1159 ((lip->li_lsn == qip->qli_flush_lsn) || 1160 test_bit(XFS_LI_FAILED, &lip->li_flags))) { 1161 1162 spin_lock(&ailp->ail_lock); 1163 xfs_clear_li_failed(lip); 1164 if (lip->li_lsn == qip->qli_flush_lsn) { 1165 /* xfs_ail_update_finish() drops the AIL lock */ 1166 tail_lsn = xfs_ail_delete_one(ailp, lip); 1167 xfs_ail_update_finish(ailp, tail_lsn); 1168 } else { 1169 spin_unlock(&ailp->ail_lock); 1170 } 1171 } 1172 1173 /* 1174 * Release the dq's flush lock since we're done with it. 1175 */ 1176 xfs_dqfunlock(dqp); 1177 } 1178 1179 void 1180 xfs_buf_dquot_iodone( 1181 struct xfs_buf *bp) 1182 { 1183 struct xfs_log_item *lip, *n; 1184 1185 list_for_each_entry_safe(lip, n, &bp->b_li_list, li_bio_list) { 1186 list_del_init(&lip->li_bio_list); 1187 xfs_qm_dqflush_done(lip); 1188 } 1189 } 1190 1191 void 1192 xfs_buf_dquot_io_fail( 1193 struct xfs_buf *bp) 1194 { 1195 struct xfs_log_item *lip; 1196 1197 spin_lock(&bp->b_mount->m_ail->ail_lock); 1198 list_for_each_entry(lip, &bp->b_li_list, li_bio_list) 1199 xfs_set_li_failed(lip, bp); 1200 spin_unlock(&bp->b_mount->m_ail->ail_lock); 1201 } 1202 1203 /* Check incore dquot for errors before we flush. */ 1204 static xfs_failaddr_t 1205 xfs_qm_dqflush_check( 1206 struct xfs_dquot *dqp) 1207 { 1208 xfs_dqtype_t type = xfs_dquot_type(dqp); 1209 1210 if (type != XFS_DQTYPE_USER && 1211 type != XFS_DQTYPE_GROUP && 1212 type != XFS_DQTYPE_PROJ) 1213 return __this_address; 1214 1215 if (dqp->q_id == 0) 1216 return NULL; 1217 1218 if (dqp->q_blk.softlimit && dqp->q_blk.count > dqp->q_blk.softlimit && 1219 !dqp->q_blk.timer) 1220 return __this_address; 1221 1222 if (dqp->q_ino.softlimit && dqp->q_ino.count > dqp->q_ino.softlimit && 1223 !dqp->q_ino.timer) 1224 return __this_address; 1225 1226 if (dqp->q_rtb.softlimit && dqp->q_rtb.count > dqp->q_rtb.softlimit && 1227 !dqp->q_rtb.timer) 1228 return __this_address; 1229 1230 /* bigtime flag should never be set on root dquots */ 1231 if (dqp->q_type & XFS_DQTYPE_BIGTIME) { 1232 if (!xfs_has_bigtime(dqp->q_mount)) 1233 return __this_address; 1234 if (dqp->q_id == 0) 1235 return __this_address; 1236 } 1237 1238 return NULL; 1239 } 1240 1241 /* 1242 * Write a modified dquot to disk. 1243 * The dquot must be locked and the flush lock too taken by caller. 1244 * The flush lock will not be unlocked until the dquot reaches the disk, 1245 * but the dquot is free to be unlocked and modified by the caller 1246 * in the interim. Dquot is still locked on return. This behavior is 1247 * identical to that of inodes. 1248 */ 1249 int 1250 xfs_qm_dqflush( 1251 struct xfs_dquot *dqp, 1252 struct xfs_buf **bpp) 1253 { 1254 struct xfs_mount *mp = dqp->q_mount; 1255 struct xfs_log_item *lip = &dqp->q_logitem.qli_item; 1256 struct xfs_buf *bp; 1257 struct xfs_dqblk *dqblk; 1258 xfs_failaddr_t fa; 1259 int error; 1260 1261 ASSERT(XFS_DQ_IS_LOCKED(dqp)); 1262 ASSERT(!completion_done(&dqp->q_flush)); 1263 1264 trace_xfs_dqflush(dqp); 1265 1266 *bpp = NULL; 1267 1268 xfs_qm_dqunpin_wait(dqp); 1269 1270 /* 1271 * Get the buffer containing the on-disk dquot 1272 */ 1273 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp, dqp->q_blkno, 1274 mp->m_quotainfo->qi_dqchunklen, XBF_TRYLOCK, 1275 &bp, &xfs_dquot_buf_ops); 1276 if (error == -EAGAIN) 1277 goto out_unlock; 1278 if (xfs_metadata_is_sick(error)) 1279 xfs_dquot_mark_sick(dqp); 1280 if (error) 1281 goto out_abort; 1282 1283 fa = xfs_qm_dqflush_check(dqp); 1284 if (fa) { 1285 xfs_alert(mp, "corrupt dquot ID 0x%x in memory at %pS", 1286 dqp->q_id, fa); 1287 xfs_buf_relse(bp); 1288 xfs_dquot_mark_sick(dqp); 1289 error = -EFSCORRUPTED; 1290 goto out_abort; 1291 } 1292 1293 /* Flush the incore dquot to the ondisk buffer. */ 1294 dqblk = xfs_buf_offset(bp, dqp->q_bufoffset); 1295 xfs_dquot_to_disk(&dqblk->dd_diskdq, dqp); 1296 1297 /* 1298 * Clear the dirty field and remember the flush lsn for later use. 1299 */ 1300 dqp->q_flags &= ~XFS_DQFLAG_DIRTY; 1301 1302 xfs_trans_ail_copy_lsn(mp->m_ail, &dqp->q_logitem.qli_flush_lsn, 1303 &dqp->q_logitem.qli_item.li_lsn); 1304 1305 /* 1306 * copy the lsn into the on-disk dquot now while we have the in memory 1307 * dquot here. This can't be done later in the write verifier as we 1308 * can't get access to the log item at that point in time. 1309 * 1310 * We also calculate the CRC here so that the on-disk dquot in the 1311 * buffer always has a valid CRC. This ensures there is no possibility 1312 * of a dquot without an up-to-date CRC getting to disk. 1313 */ 1314 if (xfs_has_crc(mp)) { 1315 dqblk->dd_lsn = cpu_to_be64(dqp->q_logitem.qli_item.li_lsn); 1316 xfs_update_cksum((char *)dqblk, sizeof(struct xfs_dqblk), 1317 XFS_DQUOT_CRC_OFF); 1318 } 1319 1320 /* 1321 * Attach the dquot to the buffer so that we can remove this dquot from 1322 * the AIL and release the flush lock once the dquot is synced to disk. 1323 */ 1324 bp->b_flags |= _XBF_DQUOTS; 1325 list_add_tail(&dqp->q_logitem.qli_item.li_bio_list, &bp->b_li_list); 1326 1327 /* 1328 * If the buffer is pinned then push on the log so we won't 1329 * get stuck waiting in the write for too long. 1330 */ 1331 if (xfs_buf_ispinned(bp)) { 1332 trace_xfs_dqflush_force(dqp); 1333 xfs_log_force(mp, 0); 1334 } 1335 1336 trace_xfs_dqflush_done(dqp); 1337 *bpp = bp; 1338 return 0; 1339 1340 out_abort: 1341 dqp->q_flags &= ~XFS_DQFLAG_DIRTY; 1342 xfs_trans_ail_delete(lip, 0); 1343 xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_INCORE); 1344 out_unlock: 1345 xfs_dqfunlock(dqp); 1346 return error; 1347 } 1348 1349 /* 1350 * Lock two xfs_dquot structures. 1351 * 1352 * To avoid deadlocks we always lock the quota structure with 1353 * the lowerd id first. 1354 */ 1355 void 1356 xfs_dqlock2( 1357 struct xfs_dquot *d1, 1358 struct xfs_dquot *d2) 1359 { 1360 if (d1 && d2) { 1361 ASSERT(d1 != d2); 1362 if (d1->q_id > d2->q_id) { 1363 mutex_lock(&d2->q_qlock); 1364 mutex_lock_nested(&d1->q_qlock, XFS_QLOCK_NESTED); 1365 } else { 1366 mutex_lock(&d1->q_qlock); 1367 mutex_lock_nested(&d2->q_qlock, XFS_QLOCK_NESTED); 1368 } 1369 } else if (d1) { 1370 mutex_lock(&d1->q_qlock); 1371 } else if (d2) { 1372 mutex_lock(&d2->q_qlock); 1373 } 1374 } 1375 1376 static int 1377 xfs_dqtrx_cmp( 1378 const void *a, 1379 const void *b) 1380 { 1381 const struct xfs_dqtrx *qa = a; 1382 const struct xfs_dqtrx *qb = b; 1383 1384 if (qa->qt_dquot->q_id > qb->qt_dquot->q_id) 1385 return 1; 1386 if (qa->qt_dquot->q_id < qb->qt_dquot->q_id) 1387 return -1; 1388 return 0; 1389 } 1390 1391 void 1392 xfs_dqlockn( 1393 struct xfs_dqtrx *q) 1394 { 1395 unsigned int i; 1396 1397 BUILD_BUG_ON(XFS_QM_TRANS_MAXDQS > MAX_LOCKDEP_SUBCLASSES); 1398 1399 /* Sort in order of dquot id, do not allow duplicates */ 1400 for (i = 0; i < XFS_QM_TRANS_MAXDQS && q[i].qt_dquot != NULL; i++) { 1401 unsigned int j; 1402 1403 for (j = 0; j < i; j++) 1404 ASSERT(q[i].qt_dquot != q[j].qt_dquot); 1405 } 1406 if (i == 0) 1407 return; 1408 1409 sort(q, i, sizeof(struct xfs_dqtrx), xfs_dqtrx_cmp, NULL); 1410 1411 mutex_lock(&q[0].qt_dquot->q_qlock); 1412 for (i = 1; i < XFS_QM_TRANS_MAXDQS && q[i].qt_dquot != NULL; i++) 1413 mutex_lock_nested(&q[i].qt_dquot->q_qlock, 1414 XFS_QLOCK_NESTED + i - 1); 1415 } 1416 1417 int __init 1418 xfs_qm_init(void) 1419 { 1420 xfs_dquot_cache = kmem_cache_create("xfs_dquot", 1421 sizeof(struct xfs_dquot), 1422 0, 0, NULL); 1423 if (!xfs_dquot_cache) 1424 goto out; 1425 1426 xfs_dqtrx_cache = kmem_cache_create("xfs_dqtrx", 1427 sizeof(struct xfs_dquot_acct), 1428 0, 0, NULL); 1429 if (!xfs_dqtrx_cache) 1430 goto out_free_dquot_cache; 1431 1432 return 0; 1433 1434 out_free_dquot_cache: 1435 kmem_cache_destroy(xfs_dquot_cache); 1436 out: 1437 return -ENOMEM; 1438 } 1439 1440 void 1441 xfs_qm_exit(void) 1442 { 1443 kmem_cache_destroy(xfs_dqtrx_cache); 1444 kmem_cache_destroy(xfs_dquot_cache); 1445 } 1446