1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 #include "xfs.h" 19 #include "xfs_fs.h" 20 #include "xfs_shared.h" 21 #include "xfs_format.h" 22 #include "xfs_log_format.h" 23 #include "xfs_trans_resv.h" 24 #include "xfs_bit.h" 25 #include "xfs_sb.h" 26 #include "xfs_mount.h" 27 #include "xfs_inode.h" 28 #include "xfs_ialloc.h" 29 #include "xfs_itable.h" 30 #include "xfs_quota.h" 31 #include "xfs_error.h" 32 #include "xfs_bmap.h" 33 #include "xfs_bmap_btree.h" 34 #include "xfs_trans.h" 35 #include "xfs_trans_space.h" 36 #include "xfs_qm.h" 37 #include "xfs_trace.h" 38 #include "xfs_icache.h" 39 #include "xfs_cksum.h" 40 41 /* 42 * The global quota manager. There is only one of these for the entire 43 * system, _not_ one per file system. XQM keeps track of the overall 44 * quota functionality, including maintaining the freelist and hash 45 * tables of dquots. 46 */ 47 STATIC int xfs_qm_init_quotainos(xfs_mount_t *); 48 STATIC int xfs_qm_init_quotainfo(xfs_mount_t *); 49 50 51 STATIC void xfs_qm_dqfree_one(struct xfs_dquot *dqp); 52 /* 53 * We use the batch lookup interface to iterate over the dquots as it 54 * currently is the only interface into the radix tree code that allows 55 * fuzzy lookups instead of exact matches. Holding the lock over multiple 56 * operations is fine as all callers are used either during mount/umount 57 * or quotaoff. 58 */ 59 #define XFS_DQ_LOOKUP_BATCH 32 60 61 STATIC int 62 xfs_qm_dquot_walk( 63 struct xfs_mount *mp, 64 int type, 65 int (*execute)(struct xfs_dquot *dqp, void *data), 66 void *data) 67 { 68 struct xfs_quotainfo *qi = mp->m_quotainfo; 69 struct radix_tree_root *tree = xfs_dquot_tree(qi, type); 70 uint32_t next_index; 71 int last_error = 0; 72 int skipped; 73 int nr_found; 74 75 restart: 76 skipped = 0; 77 next_index = 0; 78 nr_found = 0; 79 80 while (1) { 81 struct xfs_dquot *batch[XFS_DQ_LOOKUP_BATCH]; 82 int error = 0; 83 int i; 84 85 mutex_lock(&qi->qi_tree_lock); 86 nr_found = radix_tree_gang_lookup(tree, (void **)batch, 87 next_index, XFS_DQ_LOOKUP_BATCH); 88 if (!nr_found) { 89 mutex_unlock(&qi->qi_tree_lock); 90 break; 91 } 92 93 for (i = 0; i < nr_found; i++) { 94 struct xfs_dquot *dqp = batch[i]; 95 96 next_index = be32_to_cpu(dqp->q_core.d_id) + 1; 97 98 error = execute(batch[i], data); 99 if (error == -EAGAIN) { 100 skipped++; 101 continue; 102 } 103 if (error && last_error != -EFSCORRUPTED) 104 last_error = error; 105 } 106 107 mutex_unlock(&qi->qi_tree_lock); 108 109 /* bail out if the filesystem is corrupted. */ 110 if (last_error == -EFSCORRUPTED) { 111 skipped = 0; 112 break; 113 } 114 } 115 116 if (skipped) { 117 delay(1); 118 goto restart; 119 } 120 121 return last_error; 122 } 123 124 125 /* 126 * Purge a dquot from all tracking data structures and free it. 127 */ 128 STATIC int 129 xfs_qm_dqpurge( 130 struct xfs_dquot *dqp, 131 void *data) 132 { 133 struct xfs_mount *mp = dqp->q_mount; 134 struct xfs_quotainfo *qi = mp->m_quotainfo; 135 136 xfs_dqlock(dqp); 137 if ((dqp->dq_flags & XFS_DQ_FREEING) || dqp->q_nrefs != 0) { 138 xfs_dqunlock(dqp); 139 return -EAGAIN; 140 } 141 142 dqp->dq_flags |= XFS_DQ_FREEING; 143 144 xfs_dqflock(dqp); 145 146 /* 147 * If we are turning this type of quotas off, we don't care 148 * about the dirty metadata sitting in this dquot. OTOH, if 149 * we're unmounting, we do care, so we flush it and wait. 150 */ 151 if (XFS_DQ_IS_DIRTY(dqp)) { 152 struct xfs_buf *bp = NULL; 153 int error; 154 155 /* 156 * We don't care about getting disk errors here. We need 157 * to purge this dquot anyway, so we go ahead regardless. 158 */ 159 error = xfs_qm_dqflush(dqp, &bp); 160 if (error) { 161 xfs_warn(mp, "%s: dquot %p flush failed", 162 __func__, dqp); 163 } else { 164 error = xfs_bwrite(bp); 165 xfs_buf_relse(bp); 166 } 167 xfs_dqflock(dqp); 168 } 169 170 ASSERT(atomic_read(&dqp->q_pincount) == 0); 171 ASSERT(XFS_FORCED_SHUTDOWN(mp) || 172 !(dqp->q_logitem.qli_item.li_flags & XFS_LI_IN_AIL)); 173 174 xfs_dqfunlock(dqp); 175 xfs_dqunlock(dqp); 176 177 radix_tree_delete(xfs_dquot_tree(qi, dqp->q_core.d_flags), 178 be32_to_cpu(dqp->q_core.d_id)); 179 qi->qi_dquots--; 180 181 /* 182 * We move dquots to the freelist as soon as their reference count 183 * hits zero, so it really should be on the freelist here. 184 */ 185 ASSERT(!list_empty(&dqp->q_lru)); 186 list_lru_del(&qi->qi_lru, &dqp->q_lru); 187 XFS_STATS_DEC(xs_qm_dquot_unused); 188 189 xfs_qm_dqdestroy(dqp); 190 return 0; 191 } 192 193 /* 194 * Purge the dquot cache. 195 */ 196 void 197 xfs_qm_dqpurge_all( 198 struct xfs_mount *mp, 199 uint flags) 200 { 201 if (flags & XFS_QMOPT_UQUOTA) 202 xfs_qm_dquot_walk(mp, XFS_DQ_USER, xfs_qm_dqpurge, NULL); 203 if (flags & XFS_QMOPT_GQUOTA) 204 xfs_qm_dquot_walk(mp, XFS_DQ_GROUP, xfs_qm_dqpurge, NULL); 205 if (flags & XFS_QMOPT_PQUOTA) 206 xfs_qm_dquot_walk(mp, XFS_DQ_PROJ, xfs_qm_dqpurge, NULL); 207 } 208 209 /* 210 * Just destroy the quotainfo structure. 211 */ 212 void 213 xfs_qm_unmount( 214 struct xfs_mount *mp) 215 { 216 if (mp->m_quotainfo) { 217 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL); 218 xfs_qm_destroy_quotainfo(mp); 219 } 220 } 221 222 /* 223 * Called from the vfsops layer. 224 */ 225 void 226 xfs_qm_unmount_quotas( 227 xfs_mount_t *mp) 228 { 229 /* 230 * Release the dquots that root inode, et al might be holding, 231 * before we flush quotas and blow away the quotainfo structure. 232 */ 233 ASSERT(mp->m_rootip); 234 xfs_qm_dqdetach(mp->m_rootip); 235 if (mp->m_rbmip) 236 xfs_qm_dqdetach(mp->m_rbmip); 237 if (mp->m_rsumip) 238 xfs_qm_dqdetach(mp->m_rsumip); 239 240 /* 241 * Release the quota inodes. 242 */ 243 if (mp->m_quotainfo) { 244 if (mp->m_quotainfo->qi_uquotaip) { 245 IRELE(mp->m_quotainfo->qi_uquotaip); 246 mp->m_quotainfo->qi_uquotaip = NULL; 247 } 248 if (mp->m_quotainfo->qi_gquotaip) { 249 IRELE(mp->m_quotainfo->qi_gquotaip); 250 mp->m_quotainfo->qi_gquotaip = NULL; 251 } 252 if (mp->m_quotainfo->qi_pquotaip) { 253 IRELE(mp->m_quotainfo->qi_pquotaip); 254 mp->m_quotainfo->qi_pquotaip = NULL; 255 } 256 } 257 } 258 259 STATIC int 260 xfs_qm_dqattach_one( 261 xfs_inode_t *ip, 262 xfs_dqid_t id, 263 uint type, 264 uint doalloc, 265 xfs_dquot_t **IO_idqpp) 266 { 267 xfs_dquot_t *dqp; 268 int error; 269 270 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 271 error = 0; 272 273 /* 274 * See if we already have it in the inode itself. IO_idqpp is &i_udquot 275 * or &i_gdquot. This made the code look weird, but made the logic a lot 276 * simpler. 277 */ 278 dqp = *IO_idqpp; 279 if (dqp) { 280 trace_xfs_dqattach_found(dqp); 281 return 0; 282 } 283 284 /* 285 * Find the dquot from somewhere. This bumps the reference count of 286 * dquot and returns it locked. This can return ENOENT if dquot didn't 287 * exist on disk and we didn't ask it to allocate; ESRCH if quotas got 288 * turned off suddenly. 289 */ 290 error = xfs_qm_dqget(ip->i_mount, ip, id, type, 291 doalloc | XFS_QMOPT_DOWARN, &dqp); 292 if (error) 293 return error; 294 295 trace_xfs_dqattach_get(dqp); 296 297 /* 298 * dqget may have dropped and re-acquired the ilock, but it guarantees 299 * that the dquot returned is the one that should go in the inode. 300 */ 301 *IO_idqpp = dqp; 302 xfs_dqunlock(dqp); 303 return 0; 304 } 305 306 static bool 307 xfs_qm_need_dqattach( 308 struct xfs_inode *ip) 309 { 310 struct xfs_mount *mp = ip->i_mount; 311 312 if (!XFS_IS_QUOTA_RUNNING(mp)) 313 return false; 314 if (!XFS_IS_QUOTA_ON(mp)) 315 return false; 316 if (!XFS_NOT_DQATTACHED(mp, ip)) 317 return false; 318 if (xfs_is_quota_inode(&mp->m_sb, ip->i_ino)) 319 return false; 320 return true; 321 } 322 323 /* 324 * Given a locked inode, attach dquot(s) to it, taking U/G/P-QUOTAON 325 * into account. 326 * If XFS_QMOPT_DQALLOC, the dquot(s) will be allocated if needed. 327 * Inode may get unlocked and relocked in here, and the caller must deal with 328 * the consequences. 329 */ 330 int 331 xfs_qm_dqattach_locked( 332 xfs_inode_t *ip, 333 uint flags) 334 { 335 xfs_mount_t *mp = ip->i_mount; 336 int error = 0; 337 338 if (!xfs_qm_need_dqattach(ip)) 339 return 0; 340 341 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 342 343 if (XFS_IS_UQUOTA_ON(mp) && !ip->i_udquot) { 344 error = xfs_qm_dqattach_one(ip, ip->i_d.di_uid, XFS_DQ_USER, 345 flags & XFS_QMOPT_DQALLOC, 346 &ip->i_udquot); 347 if (error) 348 goto done; 349 ASSERT(ip->i_udquot); 350 } 351 352 if (XFS_IS_GQUOTA_ON(mp) && !ip->i_gdquot) { 353 error = xfs_qm_dqattach_one(ip, ip->i_d.di_gid, XFS_DQ_GROUP, 354 flags & XFS_QMOPT_DQALLOC, 355 &ip->i_gdquot); 356 if (error) 357 goto done; 358 ASSERT(ip->i_gdquot); 359 } 360 361 if (XFS_IS_PQUOTA_ON(mp) && !ip->i_pdquot) { 362 error = xfs_qm_dqattach_one(ip, xfs_get_projid(ip), XFS_DQ_PROJ, 363 flags & XFS_QMOPT_DQALLOC, 364 &ip->i_pdquot); 365 if (error) 366 goto done; 367 ASSERT(ip->i_pdquot); 368 } 369 370 done: 371 /* 372 * Don't worry about the dquots that we may have attached before any 373 * error - they'll get detached later if it has not already been done. 374 */ 375 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 376 return error; 377 } 378 379 int 380 xfs_qm_dqattach( 381 struct xfs_inode *ip, 382 uint flags) 383 { 384 int error; 385 386 if (!xfs_qm_need_dqattach(ip)) 387 return 0; 388 389 xfs_ilock(ip, XFS_ILOCK_EXCL); 390 error = xfs_qm_dqattach_locked(ip, flags); 391 xfs_iunlock(ip, XFS_ILOCK_EXCL); 392 393 return error; 394 } 395 396 /* 397 * Release dquots (and their references) if any. 398 * The inode should be locked EXCL except when this's called by 399 * xfs_ireclaim. 400 */ 401 void 402 xfs_qm_dqdetach( 403 xfs_inode_t *ip) 404 { 405 if (!(ip->i_udquot || ip->i_gdquot || ip->i_pdquot)) 406 return; 407 408 trace_xfs_dquot_dqdetach(ip); 409 410 ASSERT(!xfs_is_quota_inode(&ip->i_mount->m_sb, ip->i_ino)); 411 if (ip->i_udquot) { 412 xfs_qm_dqrele(ip->i_udquot); 413 ip->i_udquot = NULL; 414 } 415 if (ip->i_gdquot) { 416 xfs_qm_dqrele(ip->i_gdquot); 417 ip->i_gdquot = NULL; 418 } 419 if (ip->i_pdquot) { 420 xfs_qm_dqrele(ip->i_pdquot); 421 ip->i_pdquot = NULL; 422 } 423 } 424 425 struct xfs_qm_isolate { 426 struct list_head buffers; 427 struct list_head dispose; 428 }; 429 430 static enum lru_status 431 xfs_qm_dquot_isolate( 432 struct list_head *item, 433 struct list_lru_one *lru, 434 spinlock_t *lru_lock, 435 void *arg) 436 __releases(lru_lock) __acquires(lru_lock) 437 { 438 struct xfs_dquot *dqp = container_of(item, 439 struct xfs_dquot, q_lru); 440 struct xfs_qm_isolate *isol = arg; 441 442 if (!xfs_dqlock_nowait(dqp)) 443 goto out_miss_busy; 444 445 /* 446 * This dquot has acquired a reference in the meantime remove it from 447 * the freelist and try again. 448 */ 449 if (dqp->q_nrefs) { 450 xfs_dqunlock(dqp); 451 XFS_STATS_INC(xs_qm_dqwants); 452 453 trace_xfs_dqreclaim_want(dqp); 454 list_lru_isolate(lru, &dqp->q_lru); 455 XFS_STATS_DEC(xs_qm_dquot_unused); 456 return LRU_REMOVED; 457 } 458 459 /* 460 * If the dquot is dirty, flush it. If it's already being flushed, just 461 * skip it so there is time for the IO to complete before we try to 462 * reclaim it again on the next LRU pass. 463 */ 464 if (!xfs_dqflock_nowait(dqp)) { 465 xfs_dqunlock(dqp); 466 goto out_miss_busy; 467 } 468 469 if (XFS_DQ_IS_DIRTY(dqp)) { 470 struct xfs_buf *bp = NULL; 471 int error; 472 473 trace_xfs_dqreclaim_dirty(dqp); 474 475 /* we have to drop the LRU lock to flush the dquot */ 476 spin_unlock(lru_lock); 477 478 error = xfs_qm_dqflush(dqp, &bp); 479 if (error) { 480 xfs_warn(dqp->q_mount, "%s: dquot %p flush failed", 481 __func__, dqp); 482 goto out_unlock_dirty; 483 } 484 485 xfs_buf_delwri_queue(bp, &isol->buffers); 486 xfs_buf_relse(bp); 487 goto out_unlock_dirty; 488 } 489 xfs_dqfunlock(dqp); 490 491 /* 492 * Prevent lookups now that we are past the point of no return. 493 */ 494 dqp->dq_flags |= XFS_DQ_FREEING; 495 xfs_dqunlock(dqp); 496 497 ASSERT(dqp->q_nrefs == 0); 498 list_lru_isolate_move(lru, &dqp->q_lru, &isol->dispose); 499 XFS_STATS_DEC(xs_qm_dquot_unused); 500 trace_xfs_dqreclaim_done(dqp); 501 XFS_STATS_INC(xs_qm_dqreclaims); 502 return LRU_REMOVED; 503 504 out_miss_busy: 505 trace_xfs_dqreclaim_busy(dqp); 506 XFS_STATS_INC(xs_qm_dqreclaim_misses); 507 return LRU_SKIP; 508 509 out_unlock_dirty: 510 trace_xfs_dqreclaim_busy(dqp); 511 XFS_STATS_INC(xs_qm_dqreclaim_misses); 512 xfs_dqunlock(dqp); 513 spin_lock(lru_lock); 514 return LRU_RETRY; 515 } 516 517 static unsigned long 518 xfs_qm_shrink_scan( 519 struct shrinker *shrink, 520 struct shrink_control *sc) 521 { 522 struct xfs_quotainfo *qi = container_of(shrink, 523 struct xfs_quotainfo, qi_shrinker); 524 struct xfs_qm_isolate isol; 525 unsigned long freed; 526 int error; 527 528 if ((sc->gfp_mask & (__GFP_FS|__GFP_WAIT)) != (__GFP_FS|__GFP_WAIT)) 529 return 0; 530 531 INIT_LIST_HEAD(&isol.buffers); 532 INIT_LIST_HEAD(&isol.dispose); 533 534 freed = list_lru_shrink_walk(&qi->qi_lru, sc, 535 xfs_qm_dquot_isolate, &isol); 536 537 error = xfs_buf_delwri_submit(&isol.buffers); 538 if (error) 539 xfs_warn(NULL, "%s: dquot reclaim failed", __func__); 540 541 while (!list_empty(&isol.dispose)) { 542 struct xfs_dquot *dqp; 543 544 dqp = list_first_entry(&isol.dispose, struct xfs_dquot, q_lru); 545 list_del_init(&dqp->q_lru); 546 xfs_qm_dqfree_one(dqp); 547 } 548 549 return freed; 550 } 551 552 static unsigned long 553 xfs_qm_shrink_count( 554 struct shrinker *shrink, 555 struct shrink_control *sc) 556 { 557 struct xfs_quotainfo *qi = container_of(shrink, 558 struct xfs_quotainfo, qi_shrinker); 559 560 return list_lru_shrink_count(&qi->qi_lru, sc); 561 } 562 563 /* 564 * This initializes all the quota information that's kept in the 565 * mount structure 566 */ 567 STATIC int 568 xfs_qm_init_quotainfo( 569 xfs_mount_t *mp) 570 { 571 xfs_quotainfo_t *qinf; 572 int error; 573 xfs_dquot_t *dqp; 574 575 ASSERT(XFS_IS_QUOTA_RUNNING(mp)); 576 577 qinf = mp->m_quotainfo = kmem_zalloc(sizeof(xfs_quotainfo_t), KM_SLEEP); 578 579 error = list_lru_init(&qinf->qi_lru); 580 if (error) 581 goto out_free_qinf; 582 583 /* 584 * See if quotainodes are setup, and if not, allocate them, 585 * and change the superblock accordingly. 586 */ 587 error = xfs_qm_init_quotainos(mp); 588 if (error) 589 goto out_free_lru; 590 591 INIT_RADIX_TREE(&qinf->qi_uquota_tree, GFP_NOFS); 592 INIT_RADIX_TREE(&qinf->qi_gquota_tree, GFP_NOFS); 593 INIT_RADIX_TREE(&qinf->qi_pquota_tree, GFP_NOFS); 594 mutex_init(&qinf->qi_tree_lock); 595 596 /* mutex used to serialize quotaoffs */ 597 mutex_init(&qinf->qi_quotaofflock); 598 599 /* Precalc some constants */ 600 qinf->qi_dqchunklen = XFS_FSB_TO_BB(mp, XFS_DQUOT_CLUSTER_SIZE_FSB); 601 qinf->qi_dqperchunk = xfs_calc_dquots_per_chunk(qinf->qi_dqchunklen); 602 603 mp->m_qflags |= (mp->m_sb.sb_qflags & XFS_ALL_QUOTA_CHKD); 604 605 /* 606 * We try to get the limits from the superuser's limits fields. 607 * This is quite hacky, but it is standard quota practice. 608 * 609 * We look at the USR dquot with id == 0 first, but if user quotas 610 * are not enabled we goto the GRP dquot with id == 0. 611 * We don't really care to keep separate default limits for user 612 * and group quotas, at least not at this point. 613 * 614 * Since we may not have done a quotacheck by this point, just read 615 * the dquot without attaching it to any hashtables or lists. 616 */ 617 error = xfs_qm_dqread(mp, 0, 618 XFS_IS_UQUOTA_RUNNING(mp) ? XFS_DQ_USER : 619 (XFS_IS_GQUOTA_RUNNING(mp) ? XFS_DQ_GROUP : 620 XFS_DQ_PROJ), 621 XFS_QMOPT_DOWARN, &dqp); 622 if (!error) { 623 xfs_disk_dquot_t *ddqp = &dqp->q_core; 624 625 /* 626 * The warnings and timers set the grace period given to 627 * a user or group before he or she can not perform any 628 * more writing. If it is zero, a default is used. 629 */ 630 qinf->qi_btimelimit = ddqp->d_btimer ? 631 be32_to_cpu(ddqp->d_btimer) : XFS_QM_BTIMELIMIT; 632 qinf->qi_itimelimit = ddqp->d_itimer ? 633 be32_to_cpu(ddqp->d_itimer) : XFS_QM_ITIMELIMIT; 634 qinf->qi_rtbtimelimit = ddqp->d_rtbtimer ? 635 be32_to_cpu(ddqp->d_rtbtimer) : XFS_QM_RTBTIMELIMIT; 636 qinf->qi_bwarnlimit = ddqp->d_bwarns ? 637 be16_to_cpu(ddqp->d_bwarns) : XFS_QM_BWARNLIMIT; 638 qinf->qi_iwarnlimit = ddqp->d_iwarns ? 639 be16_to_cpu(ddqp->d_iwarns) : XFS_QM_IWARNLIMIT; 640 qinf->qi_rtbwarnlimit = ddqp->d_rtbwarns ? 641 be16_to_cpu(ddqp->d_rtbwarns) : XFS_QM_RTBWARNLIMIT; 642 qinf->qi_bhardlimit = be64_to_cpu(ddqp->d_blk_hardlimit); 643 qinf->qi_bsoftlimit = be64_to_cpu(ddqp->d_blk_softlimit); 644 qinf->qi_ihardlimit = be64_to_cpu(ddqp->d_ino_hardlimit); 645 qinf->qi_isoftlimit = be64_to_cpu(ddqp->d_ino_softlimit); 646 qinf->qi_rtbhardlimit = be64_to_cpu(ddqp->d_rtb_hardlimit); 647 qinf->qi_rtbsoftlimit = be64_to_cpu(ddqp->d_rtb_softlimit); 648 649 xfs_qm_dqdestroy(dqp); 650 } else { 651 qinf->qi_btimelimit = XFS_QM_BTIMELIMIT; 652 qinf->qi_itimelimit = XFS_QM_ITIMELIMIT; 653 qinf->qi_rtbtimelimit = XFS_QM_RTBTIMELIMIT; 654 qinf->qi_bwarnlimit = XFS_QM_BWARNLIMIT; 655 qinf->qi_iwarnlimit = XFS_QM_IWARNLIMIT; 656 qinf->qi_rtbwarnlimit = XFS_QM_RTBWARNLIMIT; 657 } 658 659 qinf->qi_shrinker.count_objects = xfs_qm_shrink_count; 660 qinf->qi_shrinker.scan_objects = xfs_qm_shrink_scan; 661 qinf->qi_shrinker.seeks = DEFAULT_SEEKS; 662 qinf->qi_shrinker.flags = SHRINKER_NUMA_AWARE; 663 register_shrinker(&qinf->qi_shrinker); 664 return 0; 665 666 out_free_lru: 667 list_lru_destroy(&qinf->qi_lru); 668 out_free_qinf: 669 kmem_free(qinf); 670 mp->m_quotainfo = NULL; 671 return error; 672 } 673 674 675 /* 676 * Gets called when unmounting a filesystem or when all quotas get 677 * turned off. 678 * This purges the quota inodes, destroys locks and frees itself. 679 */ 680 void 681 xfs_qm_destroy_quotainfo( 682 xfs_mount_t *mp) 683 { 684 xfs_quotainfo_t *qi; 685 686 qi = mp->m_quotainfo; 687 ASSERT(qi != NULL); 688 689 unregister_shrinker(&qi->qi_shrinker); 690 list_lru_destroy(&qi->qi_lru); 691 692 if (qi->qi_uquotaip) { 693 IRELE(qi->qi_uquotaip); 694 qi->qi_uquotaip = NULL; /* paranoia */ 695 } 696 if (qi->qi_gquotaip) { 697 IRELE(qi->qi_gquotaip); 698 qi->qi_gquotaip = NULL; 699 } 700 if (qi->qi_pquotaip) { 701 IRELE(qi->qi_pquotaip); 702 qi->qi_pquotaip = NULL; 703 } 704 mutex_destroy(&qi->qi_quotaofflock); 705 kmem_free(qi); 706 mp->m_quotainfo = NULL; 707 } 708 709 /* 710 * Create an inode and return with a reference already taken, but unlocked 711 * This is how we create quota inodes 712 */ 713 STATIC int 714 xfs_qm_qino_alloc( 715 xfs_mount_t *mp, 716 xfs_inode_t **ip, 717 uint flags) 718 { 719 xfs_trans_t *tp; 720 int error; 721 int committed; 722 bool need_alloc = true; 723 724 *ip = NULL; 725 /* 726 * With superblock that doesn't have separate pquotino, we 727 * share an inode between gquota and pquota. If the on-disk 728 * superblock has GQUOTA and the filesystem is now mounted 729 * with PQUOTA, just use sb_gquotino for sb_pquotino and 730 * vice-versa. 731 */ 732 if (!xfs_sb_version_has_pquotino(&mp->m_sb) && 733 (flags & (XFS_QMOPT_PQUOTA|XFS_QMOPT_GQUOTA))) { 734 xfs_ino_t ino = NULLFSINO; 735 736 if ((flags & XFS_QMOPT_PQUOTA) && 737 (mp->m_sb.sb_gquotino != NULLFSINO)) { 738 ino = mp->m_sb.sb_gquotino; 739 ASSERT(mp->m_sb.sb_pquotino == NULLFSINO); 740 } else if ((flags & XFS_QMOPT_GQUOTA) && 741 (mp->m_sb.sb_pquotino != NULLFSINO)) { 742 ino = mp->m_sb.sb_pquotino; 743 ASSERT(mp->m_sb.sb_gquotino == NULLFSINO); 744 } 745 if (ino != NULLFSINO) { 746 error = xfs_iget(mp, NULL, ino, 0, 0, ip); 747 if (error) 748 return error; 749 mp->m_sb.sb_gquotino = NULLFSINO; 750 mp->m_sb.sb_pquotino = NULLFSINO; 751 need_alloc = false; 752 } 753 } 754 755 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QINOCREATE); 756 error = xfs_trans_reserve(tp, &M_RES(mp)->tr_create, 757 XFS_QM_QINOCREATE_SPACE_RES(mp), 0); 758 if (error) { 759 xfs_trans_cancel(tp); 760 return error; 761 } 762 763 if (need_alloc) { 764 error = xfs_dir_ialloc(&tp, NULL, S_IFREG, 1, 0, 0, 1, ip, 765 &committed); 766 if (error) { 767 xfs_trans_cancel(tp); 768 return error; 769 } 770 } 771 772 /* 773 * Make the changes in the superblock, and log those too. 774 * sbfields arg may contain fields other than *QUOTINO; 775 * VERSIONNUM for example. 776 */ 777 spin_lock(&mp->m_sb_lock); 778 if (flags & XFS_QMOPT_SBVERSION) { 779 ASSERT(!xfs_sb_version_hasquota(&mp->m_sb)); 780 781 xfs_sb_version_addquota(&mp->m_sb); 782 mp->m_sb.sb_uquotino = NULLFSINO; 783 mp->m_sb.sb_gquotino = NULLFSINO; 784 mp->m_sb.sb_pquotino = NULLFSINO; 785 786 /* qflags will get updated fully _after_ quotacheck */ 787 mp->m_sb.sb_qflags = mp->m_qflags & XFS_ALL_QUOTA_ACCT; 788 } 789 if (flags & XFS_QMOPT_UQUOTA) 790 mp->m_sb.sb_uquotino = (*ip)->i_ino; 791 else if (flags & XFS_QMOPT_GQUOTA) 792 mp->m_sb.sb_gquotino = (*ip)->i_ino; 793 else 794 mp->m_sb.sb_pquotino = (*ip)->i_ino; 795 spin_unlock(&mp->m_sb_lock); 796 xfs_log_sb(tp); 797 798 error = xfs_trans_commit(tp); 799 if (error) { 800 ASSERT(XFS_FORCED_SHUTDOWN(mp)); 801 xfs_alert(mp, "%s failed (error %d)!", __func__, error); 802 } 803 if (need_alloc) 804 xfs_finish_inode_setup(*ip); 805 return error; 806 } 807 808 809 STATIC void 810 xfs_qm_reset_dqcounts( 811 xfs_mount_t *mp, 812 xfs_buf_t *bp, 813 xfs_dqid_t id, 814 uint type) 815 { 816 struct xfs_dqblk *dqb; 817 int j; 818 819 trace_xfs_reset_dqcounts(bp, _RET_IP_); 820 821 /* 822 * Reset all counters and timers. They'll be 823 * started afresh by xfs_qm_quotacheck. 824 */ 825 #ifdef DEBUG 826 j = XFS_FSB_TO_B(mp, XFS_DQUOT_CLUSTER_SIZE_FSB); 827 do_div(j, sizeof(xfs_dqblk_t)); 828 ASSERT(mp->m_quotainfo->qi_dqperchunk == j); 829 #endif 830 dqb = bp->b_addr; 831 for (j = 0; j < mp->m_quotainfo->qi_dqperchunk; j++) { 832 struct xfs_disk_dquot *ddq; 833 834 ddq = (struct xfs_disk_dquot *)&dqb[j]; 835 836 /* 837 * Do a sanity check, and if needed, repair the dqblk. Don't 838 * output any warnings because it's perfectly possible to 839 * find uninitialised dquot blks. See comment in xfs_dqcheck. 840 */ 841 xfs_dqcheck(mp, ddq, id+j, type, XFS_QMOPT_DQREPAIR, 842 "xfs_quotacheck"); 843 /* 844 * Reset type in case we are reusing group quota file for 845 * project quotas or vice versa 846 */ 847 ddq->d_flags = type; 848 ddq->d_bcount = 0; 849 ddq->d_icount = 0; 850 ddq->d_rtbcount = 0; 851 ddq->d_btimer = 0; 852 ddq->d_itimer = 0; 853 ddq->d_rtbtimer = 0; 854 ddq->d_bwarns = 0; 855 ddq->d_iwarns = 0; 856 ddq->d_rtbwarns = 0; 857 858 if (xfs_sb_version_hascrc(&mp->m_sb)) { 859 xfs_update_cksum((char *)&dqb[j], 860 sizeof(struct xfs_dqblk), 861 XFS_DQUOT_CRC_OFF); 862 } 863 } 864 } 865 866 STATIC int 867 xfs_qm_dqiter_bufs( 868 struct xfs_mount *mp, 869 xfs_dqid_t firstid, 870 xfs_fsblock_t bno, 871 xfs_filblks_t blkcnt, 872 uint flags, 873 struct list_head *buffer_list) 874 { 875 struct xfs_buf *bp; 876 int error; 877 int type; 878 879 ASSERT(blkcnt > 0); 880 type = flags & XFS_QMOPT_UQUOTA ? XFS_DQ_USER : 881 (flags & XFS_QMOPT_PQUOTA ? XFS_DQ_PROJ : XFS_DQ_GROUP); 882 error = 0; 883 884 /* 885 * Blkcnt arg can be a very big number, and might even be 886 * larger than the log itself. So, we have to break it up into 887 * manageable-sized transactions. 888 * Note that we don't start a permanent transaction here; we might 889 * not be able to get a log reservation for the whole thing up front, 890 * and we don't really care to either, because we just discard 891 * everything if we were to crash in the middle of this loop. 892 */ 893 while (blkcnt--) { 894 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp, 895 XFS_FSB_TO_DADDR(mp, bno), 896 mp->m_quotainfo->qi_dqchunklen, 0, &bp, 897 &xfs_dquot_buf_ops); 898 899 /* 900 * CRC and validation errors will return a EFSCORRUPTED here. If 901 * this occurs, re-read without CRC validation so that we can 902 * repair the damage via xfs_qm_reset_dqcounts(). This process 903 * will leave a trace in the log indicating corruption has 904 * been detected. 905 */ 906 if (error == -EFSCORRUPTED) { 907 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp, 908 XFS_FSB_TO_DADDR(mp, bno), 909 mp->m_quotainfo->qi_dqchunklen, 0, &bp, 910 NULL); 911 } 912 913 if (error) 914 break; 915 916 /* 917 * A corrupt buffer might not have a verifier attached, so 918 * make sure we have the correct one attached before writeback 919 * occurs. 920 */ 921 bp->b_ops = &xfs_dquot_buf_ops; 922 xfs_qm_reset_dqcounts(mp, bp, firstid, type); 923 xfs_buf_delwri_queue(bp, buffer_list); 924 xfs_buf_relse(bp); 925 926 /* goto the next block. */ 927 bno++; 928 firstid += mp->m_quotainfo->qi_dqperchunk; 929 } 930 931 return error; 932 } 933 934 /* 935 * Iterate over all allocated USR/GRP/PRJ dquots in the system, calling a 936 * caller supplied function for every chunk of dquots that we find. 937 */ 938 STATIC int 939 xfs_qm_dqiterate( 940 struct xfs_mount *mp, 941 struct xfs_inode *qip, 942 uint flags, 943 struct list_head *buffer_list) 944 { 945 struct xfs_bmbt_irec *map; 946 int i, nmaps; /* number of map entries */ 947 int error; /* return value */ 948 xfs_fileoff_t lblkno; 949 xfs_filblks_t maxlblkcnt; 950 xfs_dqid_t firstid; 951 xfs_fsblock_t rablkno; 952 xfs_filblks_t rablkcnt; 953 954 error = 0; 955 /* 956 * This looks racy, but we can't keep an inode lock across a 957 * trans_reserve. But, this gets called during quotacheck, and that 958 * happens only at mount time which is single threaded. 959 */ 960 if (qip->i_d.di_nblocks == 0) 961 return 0; 962 963 map = kmem_alloc(XFS_DQITER_MAP_SIZE * sizeof(*map), KM_SLEEP); 964 965 lblkno = 0; 966 maxlblkcnt = XFS_B_TO_FSB(mp, mp->m_super->s_maxbytes); 967 do { 968 uint lock_mode; 969 970 nmaps = XFS_DQITER_MAP_SIZE; 971 /* 972 * We aren't changing the inode itself. Just changing 973 * some of its data. No new blocks are added here, and 974 * the inode is never added to the transaction. 975 */ 976 lock_mode = xfs_ilock_data_map_shared(qip); 977 error = xfs_bmapi_read(qip, lblkno, maxlblkcnt - lblkno, 978 map, &nmaps, 0); 979 xfs_iunlock(qip, lock_mode); 980 if (error) 981 break; 982 983 ASSERT(nmaps <= XFS_DQITER_MAP_SIZE); 984 for (i = 0; i < nmaps; i++) { 985 ASSERT(map[i].br_startblock != DELAYSTARTBLOCK); 986 ASSERT(map[i].br_blockcount); 987 988 989 lblkno += map[i].br_blockcount; 990 991 if (map[i].br_startblock == HOLESTARTBLOCK) 992 continue; 993 994 firstid = (xfs_dqid_t) map[i].br_startoff * 995 mp->m_quotainfo->qi_dqperchunk; 996 /* 997 * Do a read-ahead on the next extent. 998 */ 999 if ((i+1 < nmaps) && 1000 (map[i+1].br_startblock != HOLESTARTBLOCK)) { 1001 rablkcnt = map[i+1].br_blockcount; 1002 rablkno = map[i+1].br_startblock; 1003 while (rablkcnt--) { 1004 xfs_buf_readahead(mp->m_ddev_targp, 1005 XFS_FSB_TO_DADDR(mp, rablkno), 1006 mp->m_quotainfo->qi_dqchunklen, 1007 &xfs_dquot_buf_ops); 1008 rablkno++; 1009 } 1010 } 1011 /* 1012 * Iterate thru all the blks in the extent and 1013 * reset the counters of all the dquots inside them. 1014 */ 1015 error = xfs_qm_dqiter_bufs(mp, firstid, 1016 map[i].br_startblock, 1017 map[i].br_blockcount, 1018 flags, buffer_list); 1019 if (error) 1020 goto out; 1021 } 1022 } while (nmaps > 0); 1023 1024 out: 1025 kmem_free(map); 1026 return error; 1027 } 1028 1029 /* 1030 * Called by dqusage_adjust in doing a quotacheck. 1031 * 1032 * Given the inode, and a dquot id this updates both the incore dqout as well 1033 * as the buffer copy. This is so that once the quotacheck is done, we can 1034 * just log all the buffers, as opposed to logging numerous updates to 1035 * individual dquots. 1036 */ 1037 STATIC int 1038 xfs_qm_quotacheck_dqadjust( 1039 struct xfs_inode *ip, 1040 xfs_dqid_t id, 1041 uint type, 1042 xfs_qcnt_t nblks, 1043 xfs_qcnt_t rtblks) 1044 { 1045 struct xfs_mount *mp = ip->i_mount; 1046 struct xfs_dquot *dqp; 1047 int error; 1048 1049 error = xfs_qm_dqget(mp, ip, id, type, 1050 XFS_QMOPT_DQALLOC | XFS_QMOPT_DOWARN, &dqp); 1051 if (error) { 1052 /* 1053 * Shouldn't be able to turn off quotas here. 1054 */ 1055 ASSERT(error != -ESRCH); 1056 ASSERT(error != -ENOENT); 1057 return error; 1058 } 1059 1060 trace_xfs_dqadjust(dqp); 1061 1062 /* 1063 * Adjust the inode count and the block count to reflect this inode's 1064 * resource usage. 1065 */ 1066 be64_add_cpu(&dqp->q_core.d_icount, 1); 1067 dqp->q_res_icount++; 1068 if (nblks) { 1069 be64_add_cpu(&dqp->q_core.d_bcount, nblks); 1070 dqp->q_res_bcount += nblks; 1071 } 1072 if (rtblks) { 1073 be64_add_cpu(&dqp->q_core.d_rtbcount, rtblks); 1074 dqp->q_res_rtbcount += rtblks; 1075 } 1076 1077 /* 1078 * Set default limits, adjust timers (since we changed usages) 1079 * 1080 * There are no timers for the default values set in the root dquot. 1081 */ 1082 if (dqp->q_core.d_id) { 1083 xfs_qm_adjust_dqlimits(mp, dqp); 1084 xfs_qm_adjust_dqtimers(mp, &dqp->q_core); 1085 } 1086 1087 dqp->dq_flags |= XFS_DQ_DIRTY; 1088 xfs_qm_dqput(dqp); 1089 return 0; 1090 } 1091 1092 STATIC int 1093 xfs_qm_get_rtblks( 1094 xfs_inode_t *ip, 1095 xfs_qcnt_t *O_rtblks) 1096 { 1097 xfs_filblks_t rtblks; /* total rt blks */ 1098 xfs_extnum_t idx; /* extent record index */ 1099 xfs_ifork_t *ifp; /* inode fork pointer */ 1100 xfs_extnum_t nextents; /* number of extent entries */ 1101 int error; 1102 1103 ASSERT(XFS_IS_REALTIME_INODE(ip)); 1104 ifp = XFS_IFORK_PTR(ip, XFS_DATA_FORK); 1105 if (!(ifp->if_flags & XFS_IFEXTENTS)) { 1106 if ((error = xfs_iread_extents(NULL, ip, XFS_DATA_FORK))) 1107 return error; 1108 } 1109 rtblks = 0; 1110 nextents = ifp->if_bytes / (uint)sizeof(xfs_bmbt_rec_t); 1111 for (idx = 0; idx < nextents; idx++) 1112 rtblks += xfs_bmbt_get_blockcount(xfs_iext_get_ext(ifp, idx)); 1113 *O_rtblks = (xfs_qcnt_t)rtblks; 1114 return 0; 1115 } 1116 1117 /* 1118 * callback routine supplied to bulkstat(). Given an inumber, find its 1119 * dquots and update them to account for resources taken by that inode. 1120 */ 1121 /* ARGSUSED */ 1122 STATIC int 1123 xfs_qm_dqusage_adjust( 1124 xfs_mount_t *mp, /* mount point for filesystem */ 1125 xfs_ino_t ino, /* inode number to get data for */ 1126 void __user *buffer, /* not used */ 1127 int ubsize, /* not used */ 1128 int *ubused, /* not used */ 1129 int *res) /* result code value */ 1130 { 1131 xfs_inode_t *ip; 1132 xfs_qcnt_t nblks, rtblks = 0; 1133 int error; 1134 1135 ASSERT(XFS_IS_QUOTA_RUNNING(mp)); 1136 1137 /* 1138 * rootino must have its resources accounted for, not so with the quota 1139 * inodes. 1140 */ 1141 if (xfs_is_quota_inode(&mp->m_sb, ino)) { 1142 *res = BULKSTAT_RV_NOTHING; 1143 return -EINVAL; 1144 } 1145 1146 /* 1147 * We don't _need_ to take the ilock EXCL. However, the xfs_qm_dqget 1148 * interface expects the inode to be exclusively locked because that's 1149 * the case in all other instances. It's OK that we do this because 1150 * quotacheck is done only at mount time. 1151 */ 1152 error = xfs_iget(mp, NULL, ino, 0, XFS_ILOCK_EXCL, &ip); 1153 if (error) { 1154 *res = BULKSTAT_RV_NOTHING; 1155 return error; 1156 } 1157 1158 ASSERT(ip->i_delayed_blks == 0); 1159 1160 if (XFS_IS_REALTIME_INODE(ip)) { 1161 /* 1162 * Walk thru the extent list and count the realtime blocks. 1163 */ 1164 error = xfs_qm_get_rtblks(ip, &rtblks); 1165 if (error) 1166 goto error0; 1167 } 1168 1169 nblks = (xfs_qcnt_t)ip->i_d.di_nblocks - rtblks; 1170 1171 /* 1172 * Add the (disk blocks and inode) resources occupied by this 1173 * inode to its dquots. We do this adjustment in the incore dquot, 1174 * and also copy the changes to its buffer. 1175 * We don't care about putting these changes in a transaction 1176 * envelope because if we crash in the middle of a 'quotacheck' 1177 * we have to start from the beginning anyway. 1178 * Once we're done, we'll log all the dquot bufs. 1179 * 1180 * The *QUOTA_ON checks below may look pretty racy, but quotachecks 1181 * and quotaoffs don't race. (Quotachecks happen at mount time only). 1182 */ 1183 if (XFS_IS_UQUOTA_ON(mp)) { 1184 error = xfs_qm_quotacheck_dqadjust(ip, ip->i_d.di_uid, 1185 XFS_DQ_USER, nblks, rtblks); 1186 if (error) 1187 goto error0; 1188 } 1189 1190 if (XFS_IS_GQUOTA_ON(mp)) { 1191 error = xfs_qm_quotacheck_dqadjust(ip, ip->i_d.di_gid, 1192 XFS_DQ_GROUP, nblks, rtblks); 1193 if (error) 1194 goto error0; 1195 } 1196 1197 if (XFS_IS_PQUOTA_ON(mp)) { 1198 error = xfs_qm_quotacheck_dqadjust(ip, xfs_get_projid(ip), 1199 XFS_DQ_PROJ, nblks, rtblks); 1200 if (error) 1201 goto error0; 1202 } 1203 1204 xfs_iunlock(ip, XFS_ILOCK_EXCL); 1205 IRELE(ip); 1206 *res = BULKSTAT_RV_DIDONE; 1207 return 0; 1208 1209 error0: 1210 xfs_iunlock(ip, XFS_ILOCK_EXCL); 1211 IRELE(ip); 1212 *res = BULKSTAT_RV_GIVEUP; 1213 return error; 1214 } 1215 1216 STATIC int 1217 xfs_qm_flush_one( 1218 struct xfs_dquot *dqp, 1219 void *data) 1220 { 1221 struct list_head *buffer_list = data; 1222 struct xfs_buf *bp = NULL; 1223 int error = 0; 1224 1225 xfs_dqlock(dqp); 1226 if (dqp->dq_flags & XFS_DQ_FREEING) 1227 goto out_unlock; 1228 if (!XFS_DQ_IS_DIRTY(dqp)) 1229 goto out_unlock; 1230 1231 xfs_dqflock(dqp); 1232 error = xfs_qm_dqflush(dqp, &bp); 1233 if (error) 1234 goto out_unlock; 1235 1236 xfs_buf_delwri_queue(bp, buffer_list); 1237 xfs_buf_relse(bp); 1238 out_unlock: 1239 xfs_dqunlock(dqp); 1240 return error; 1241 } 1242 1243 /* 1244 * Walk thru all the filesystem inodes and construct a consistent view 1245 * of the disk quota world. If the quotacheck fails, disable quotas. 1246 */ 1247 STATIC int 1248 xfs_qm_quotacheck( 1249 xfs_mount_t *mp) 1250 { 1251 int done, count, error, error2; 1252 xfs_ino_t lastino; 1253 size_t structsz; 1254 uint flags; 1255 LIST_HEAD (buffer_list); 1256 struct xfs_inode *uip = mp->m_quotainfo->qi_uquotaip; 1257 struct xfs_inode *gip = mp->m_quotainfo->qi_gquotaip; 1258 struct xfs_inode *pip = mp->m_quotainfo->qi_pquotaip; 1259 1260 count = INT_MAX; 1261 structsz = 1; 1262 lastino = 0; 1263 flags = 0; 1264 1265 ASSERT(uip || gip || pip); 1266 ASSERT(XFS_IS_QUOTA_RUNNING(mp)); 1267 1268 xfs_notice(mp, "Quotacheck needed: Please wait."); 1269 1270 /* 1271 * First we go thru all the dquots on disk, USR and GRP/PRJ, and reset 1272 * their counters to zero. We need a clean slate. 1273 * We don't log our changes till later. 1274 */ 1275 if (uip) { 1276 error = xfs_qm_dqiterate(mp, uip, XFS_QMOPT_UQUOTA, 1277 &buffer_list); 1278 if (error) 1279 goto error_return; 1280 flags |= XFS_UQUOTA_CHKD; 1281 } 1282 1283 if (gip) { 1284 error = xfs_qm_dqiterate(mp, gip, XFS_QMOPT_GQUOTA, 1285 &buffer_list); 1286 if (error) 1287 goto error_return; 1288 flags |= XFS_GQUOTA_CHKD; 1289 } 1290 1291 if (pip) { 1292 error = xfs_qm_dqiterate(mp, pip, XFS_QMOPT_PQUOTA, 1293 &buffer_list); 1294 if (error) 1295 goto error_return; 1296 flags |= XFS_PQUOTA_CHKD; 1297 } 1298 1299 do { 1300 /* 1301 * Iterate thru all the inodes in the file system, 1302 * adjusting the corresponding dquot counters in core. 1303 */ 1304 error = xfs_bulkstat(mp, &lastino, &count, 1305 xfs_qm_dqusage_adjust, 1306 structsz, NULL, &done); 1307 if (error) 1308 break; 1309 1310 } while (!done); 1311 1312 /* 1313 * We've made all the changes that we need to make incore. Flush them 1314 * down to disk buffers if everything was updated successfully. 1315 */ 1316 if (XFS_IS_UQUOTA_ON(mp)) { 1317 error = xfs_qm_dquot_walk(mp, XFS_DQ_USER, xfs_qm_flush_one, 1318 &buffer_list); 1319 } 1320 if (XFS_IS_GQUOTA_ON(mp)) { 1321 error2 = xfs_qm_dquot_walk(mp, XFS_DQ_GROUP, xfs_qm_flush_one, 1322 &buffer_list); 1323 if (!error) 1324 error = error2; 1325 } 1326 if (XFS_IS_PQUOTA_ON(mp)) { 1327 error2 = xfs_qm_dquot_walk(mp, XFS_DQ_PROJ, xfs_qm_flush_one, 1328 &buffer_list); 1329 if (!error) 1330 error = error2; 1331 } 1332 1333 error2 = xfs_buf_delwri_submit(&buffer_list); 1334 if (!error) 1335 error = error2; 1336 1337 /* 1338 * We can get this error if we couldn't do a dquot allocation inside 1339 * xfs_qm_dqusage_adjust (via bulkstat). We don't care about the 1340 * dirty dquots that might be cached, we just want to get rid of them 1341 * and turn quotaoff. The dquots won't be attached to any of the inodes 1342 * at this point (because we intentionally didn't in dqget_noattach). 1343 */ 1344 if (error) { 1345 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL); 1346 goto error_return; 1347 } 1348 1349 /* 1350 * If one type of quotas is off, then it will lose its 1351 * quotachecked status, since we won't be doing accounting for 1352 * that type anymore. 1353 */ 1354 mp->m_qflags &= ~XFS_ALL_QUOTA_CHKD; 1355 mp->m_qflags |= flags; 1356 1357 error_return: 1358 while (!list_empty(&buffer_list)) { 1359 struct xfs_buf *bp = 1360 list_first_entry(&buffer_list, struct xfs_buf, b_list); 1361 list_del_init(&bp->b_list); 1362 xfs_buf_relse(bp); 1363 } 1364 1365 if (error) { 1366 xfs_warn(mp, 1367 "Quotacheck: Unsuccessful (Error %d): Disabling quotas.", 1368 error); 1369 /* 1370 * We must turn off quotas. 1371 */ 1372 ASSERT(mp->m_quotainfo != NULL); 1373 xfs_qm_destroy_quotainfo(mp); 1374 if (xfs_mount_reset_sbqflags(mp)) { 1375 xfs_warn(mp, 1376 "Quotacheck: Failed to reset quota flags."); 1377 } 1378 } else 1379 xfs_notice(mp, "Quotacheck: Done."); 1380 return error; 1381 } 1382 1383 /* 1384 * This is called from xfs_mountfs to start quotas and initialize all 1385 * necessary data structures like quotainfo. This is also responsible for 1386 * running a quotacheck as necessary. We are guaranteed that the superblock 1387 * is consistently read in at this point. 1388 * 1389 * If we fail here, the mount will continue with quota turned off. We don't 1390 * need to inidicate success or failure at all. 1391 */ 1392 void 1393 xfs_qm_mount_quotas( 1394 struct xfs_mount *mp) 1395 { 1396 int error = 0; 1397 uint sbf; 1398 1399 /* 1400 * If quotas on realtime volumes is not supported, we disable 1401 * quotas immediately. 1402 */ 1403 if (mp->m_sb.sb_rextents) { 1404 xfs_notice(mp, "Cannot turn on quotas for realtime filesystem"); 1405 mp->m_qflags = 0; 1406 goto write_changes; 1407 } 1408 1409 ASSERT(XFS_IS_QUOTA_RUNNING(mp)); 1410 1411 /* 1412 * Allocate the quotainfo structure inside the mount struct, and 1413 * create quotainode(s), and change/rev superblock if necessary. 1414 */ 1415 error = xfs_qm_init_quotainfo(mp); 1416 if (error) { 1417 /* 1418 * We must turn off quotas. 1419 */ 1420 ASSERT(mp->m_quotainfo == NULL); 1421 mp->m_qflags = 0; 1422 goto write_changes; 1423 } 1424 /* 1425 * If any of the quotas are not consistent, do a quotacheck. 1426 */ 1427 if (XFS_QM_NEED_QUOTACHECK(mp)) { 1428 error = xfs_qm_quotacheck(mp); 1429 if (error) { 1430 /* Quotacheck failed and disabled quotas. */ 1431 return; 1432 } 1433 } 1434 /* 1435 * If one type of quotas is off, then it will lose its 1436 * quotachecked status, since we won't be doing accounting for 1437 * that type anymore. 1438 */ 1439 if (!XFS_IS_UQUOTA_ON(mp)) 1440 mp->m_qflags &= ~XFS_UQUOTA_CHKD; 1441 if (!XFS_IS_GQUOTA_ON(mp)) 1442 mp->m_qflags &= ~XFS_GQUOTA_CHKD; 1443 if (!XFS_IS_PQUOTA_ON(mp)) 1444 mp->m_qflags &= ~XFS_PQUOTA_CHKD; 1445 1446 write_changes: 1447 /* 1448 * We actually don't have to acquire the m_sb_lock at all. 1449 * This can only be called from mount, and that's single threaded. XXX 1450 */ 1451 spin_lock(&mp->m_sb_lock); 1452 sbf = mp->m_sb.sb_qflags; 1453 mp->m_sb.sb_qflags = mp->m_qflags & XFS_MOUNT_QUOTA_ALL; 1454 spin_unlock(&mp->m_sb_lock); 1455 1456 if (sbf != (mp->m_qflags & XFS_MOUNT_QUOTA_ALL)) { 1457 if (xfs_sync_sb(mp, false)) { 1458 /* 1459 * We could only have been turning quotas off. 1460 * We aren't in very good shape actually because 1461 * the incore structures are convinced that quotas are 1462 * off, but the on disk superblock doesn't know that ! 1463 */ 1464 ASSERT(!(XFS_IS_QUOTA_RUNNING(mp))); 1465 xfs_alert(mp, "%s: Superblock update failed!", 1466 __func__); 1467 } 1468 } 1469 1470 if (error) { 1471 xfs_warn(mp, "Failed to initialize disk quotas."); 1472 return; 1473 } 1474 } 1475 1476 /* 1477 * This is called after the superblock has been read in and we're ready to 1478 * iget the quota inodes. 1479 */ 1480 STATIC int 1481 xfs_qm_init_quotainos( 1482 xfs_mount_t *mp) 1483 { 1484 struct xfs_inode *uip = NULL; 1485 struct xfs_inode *gip = NULL; 1486 struct xfs_inode *pip = NULL; 1487 int error; 1488 uint flags = 0; 1489 1490 ASSERT(mp->m_quotainfo); 1491 1492 /* 1493 * Get the uquota and gquota inodes 1494 */ 1495 if (xfs_sb_version_hasquota(&mp->m_sb)) { 1496 if (XFS_IS_UQUOTA_ON(mp) && 1497 mp->m_sb.sb_uquotino != NULLFSINO) { 1498 ASSERT(mp->m_sb.sb_uquotino > 0); 1499 error = xfs_iget(mp, NULL, mp->m_sb.sb_uquotino, 1500 0, 0, &uip); 1501 if (error) 1502 return error; 1503 } 1504 if (XFS_IS_GQUOTA_ON(mp) && 1505 mp->m_sb.sb_gquotino != NULLFSINO) { 1506 ASSERT(mp->m_sb.sb_gquotino > 0); 1507 error = xfs_iget(mp, NULL, mp->m_sb.sb_gquotino, 1508 0, 0, &gip); 1509 if (error) 1510 goto error_rele; 1511 } 1512 if (XFS_IS_PQUOTA_ON(mp) && 1513 mp->m_sb.sb_pquotino != NULLFSINO) { 1514 ASSERT(mp->m_sb.sb_pquotino > 0); 1515 error = xfs_iget(mp, NULL, mp->m_sb.sb_pquotino, 1516 0, 0, &pip); 1517 if (error) 1518 goto error_rele; 1519 } 1520 } else { 1521 flags |= XFS_QMOPT_SBVERSION; 1522 } 1523 1524 /* 1525 * Create the three inodes, if they don't exist already. The changes 1526 * made above will get added to a transaction and logged in one of 1527 * the qino_alloc calls below. If the device is readonly, 1528 * temporarily switch to read-write to do this. 1529 */ 1530 if (XFS_IS_UQUOTA_ON(mp) && uip == NULL) { 1531 error = xfs_qm_qino_alloc(mp, &uip, 1532 flags | XFS_QMOPT_UQUOTA); 1533 if (error) 1534 goto error_rele; 1535 1536 flags &= ~XFS_QMOPT_SBVERSION; 1537 } 1538 if (XFS_IS_GQUOTA_ON(mp) && gip == NULL) { 1539 error = xfs_qm_qino_alloc(mp, &gip, 1540 flags | XFS_QMOPT_GQUOTA); 1541 if (error) 1542 goto error_rele; 1543 1544 flags &= ~XFS_QMOPT_SBVERSION; 1545 } 1546 if (XFS_IS_PQUOTA_ON(mp) && pip == NULL) { 1547 error = xfs_qm_qino_alloc(mp, &pip, 1548 flags | XFS_QMOPT_PQUOTA); 1549 if (error) 1550 goto error_rele; 1551 } 1552 1553 mp->m_quotainfo->qi_uquotaip = uip; 1554 mp->m_quotainfo->qi_gquotaip = gip; 1555 mp->m_quotainfo->qi_pquotaip = pip; 1556 1557 return 0; 1558 1559 error_rele: 1560 if (uip) 1561 IRELE(uip); 1562 if (gip) 1563 IRELE(gip); 1564 if (pip) 1565 IRELE(pip); 1566 return error; 1567 } 1568 1569 STATIC void 1570 xfs_qm_dqfree_one( 1571 struct xfs_dquot *dqp) 1572 { 1573 struct xfs_mount *mp = dqp->q_mount; 1574 struct xfs_quotainfo *qi = mp->m_quotainfo; 1575 1576 mutex_lock(&qi->qi_tree_lock); 1577 radix_tree_delete(xfs_dquot_tree(qi, dqp->q_core.d_flags), 1578 be32_to_cpu(dqp->q_core.d_id)); 1579 1580 qi->qi_dquots--; 1581 mutex_unlock(&qi->qi_tree_lock); 1582 1583 xfs_qm_dqdestroy(dqp); 1584 } 1585 1586 /* --------------- utility functions for vnodeops ---------------- */ 1587 1588 1589 /* 1590 * Given an inode, a uid, gid and prid make sure that we have 1591 * allocated relevant dquot(s) on disk, and that we won't exceed inode 1592 * quotas by creating this file. 1593 * This also attaches dquot(s) to the given inode after locking it, 1594 * and returns the dquots corresponding to the uid and/or gid. 1595 * 1596 * in : inode (unlocked) 1597 * out : udquot, gdquot with references taken and unlocked 1598 */ 1599 int 1600 xfs_qm_vop_dqalloc( 1601 struct xfs_inode *ip, 1602 xfs_dqid_t uid, 1603 xfs_dqid_t gid, 1604 prid_t prid, 1605 uint flags, 1606 struct xfs_dquot **O_udqpp, 1607 struct xfs_dquot **O_gdqpp, 1608 struct xfs_dquot **O_pdqpp) 1609 { 1610 struct xfs_mount *mp = ip->i_mount; 1611 struct xfs_dquot *uq = NULL; 1612 struct xfs_dquot *gq = NULL; 1613 struct xfs_dquot *pq = NULL; 1614 int error; 1615 uint lockflags; 1616 1617 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp)) 1618 return 0; 1619 1620 lockflags = XFS_ILOCK_EXCL; 1621 xfs_ilock(ip, lockflags); 1622 1623 if ((flags & XFS_QMOPT_INHERIT) && XFS_INHERIT_GID(ip)) 1624 gid = ip->i_d.di_gid; 1625 1626 /* 1627 * Attach the dquot(s) to this inode, doing a dquot allocation 1628 * if necessary. The dquot(s) will not be locked. 1629 */ 1630 if (XFS_NOT_DQATTACHED(mp, ip)) { 1631 error = xfs_qm_dqattach_locked(ip, XFS_QMOPT_DQALLOC); 1632 if (error) { 1633 xfs_iunlock(ip, lockflags); 1634 return error; 1635 } 1636 } 1637 1638 if ((flags & XFS_QMOPT_UQUOTA) && XFS_IS_UQUOTA_ON(mp)) { 1639 if (ip->i_d.di_uid != uid) { 1640 /* 1641 * What we need is the dquot that has this uid, and 1642 * if we send the inode to dqget, the uid of the inode 1643 * takes priority over what's sent in the uid argument. 1644 * We must unlock inode here before calling dqget if 1645 * we're not sending the inode, because otherwise 1646 * we'll deadlock by doing trans_reserve while 1647 * holding ilock. 1648 */ 1649 xfs_iunlock(ip, lockflags); 1650 error = xfs_qm_dqget(mp, NULL, uid, 1651 XFS_DQ_USER, 1652 XFS_QMOPT_DQALLOC | 1653 XFS_QMOPT_DOWARN, 1654 &uq); 1655 if (error) { 1656 ASSERT(error != -ENOENT); 1657 return error; 1658 } 1659 /* 1660 * Get the ilock in the right order. 1661 */ 1662 xfs_dqunlock(uq); 1663 lockflags = XFS_ILOCK_SHARED; 1664 xfs_ilock(ip, lockflags); 1665 } else { 1666 /* 1667 * Take an extra reference, because we'll return 1668 * this to caller 1669 */ 1670 ASSERT(ip->i_udquot); 1671 uq = xfs_qm_dqhold(ip->i_udquot); 1672 } 1673 } 1674 if ((flags & XFS_QMOPT_GQUOTA) && XFS_IS_GQUOTA_ON(mp)) { 1675 if (ip->i_d.di_gid != gid) { 1676 xfs_iunlock(ip, lockflags); 1677 error = xfs_qm_dqget(mp, NULL, gid, 1678 XFS_DQ_GROUP, 1679 XFS_QMOPT_DQALLOC | 1680 XFS_QMOPT_DOWARN, 1681 &gq); 1682 if (error) { 1683 ASSERT(error != -ENOENT); 1684 goto error_rele; 1685 } 1686 xfs_dqunlock(gq); 1687 lockflags = XFS_ILOCK_SHARED; 1688 xfs_ilock(ip, lockflags); 1689 } else { 1690 ASSERT(ip->i_gdquot); 1691 gq = xfs_qm_dqhold(ip->i_gdquot); 1692 } 1693 } 1694 if ((flags & XFS_QMOPT_PQUOTA) && XFS_IS_PQUOTA_ON(mp)) { 1695 if (xfs_get_projid(ip) != prid) { 1696 xfs_iunlock(ip, lockflags); 1697 error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)prid, 1698 XFS_DQ_PROJ, 1699 XFS_QMOPT_DQALLOC | 1700 XFS_QMOPT_DOWARN, 1701 &pq); 1702 if (error) { 1703 ASSERT(error != -ENOENT); 1704 goto error_rele; 1705 } 1706 xfs_dqunlock(pq); 1707 lockflags = XFS_ILOCK_SHARED; 1708 xfs_ilock(ip, lockflags); 1709 } else { 1710 ASSERT(ip->i_pdquot); 1711 pq = xfs_qm_dqhold(ip->i_pdquot); 1712 } 1713 } 1714 if (uq) 1715 trace_xfs_dquot_dqalloc(ip); 1716 1717 xfs_iunlock(ip, lockflags); 1718 if (O_udqpp) 1719 *O_udqpp = uq; 1720 else 1721 xfs_qm_dqrele(uq); 1722 if (O_gdqpp) 1723 *O_gdqpp = gq; 1724 else 1725 xfs_qm_dqrele(gq); 1726 if (O_pdqpp) 1727 *O_pdqpp = pq; 1728 else 1729 xfs_qm_dqrele(pq); 1730 return 0; 1731 1732 error_rele: 1733 xfs_qm_dqrele(gq); 1734 xfs_qm_dqrele(uq); 1735 return error; 1736 } 1737 1738 /* 1739 * Actually transfer ownership, and do dquot modifications. 1740 * These were already reserved. 1741 */ 1742 xfs_dquot_t * 1743 xfs_qm_vop_chown( 1744 xfs_trans_t *tp, 1745 xfs_inode_t *ip, 1746 xfs_dquot_t **IO_olddq, 1747 xfs_dquot_t *newdq) 1748 { 1749 xfs_dquot_t *prevdq; 1750 uint bfield = XFS_IS_REALTIME_INODE(ip) ? 1751 XFS_TRANS_DQ_RTBCOUNT : XFS_TRANS_DQ_BCOUNT; 1752 1753 1754 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 1755 ASSERT(XFS_IS_QUOTA_RUNNING(ip->i_mount)); 1756 1757 /* old dquot */ 1758 prevdq = *IO_olddq; 1759 ASSERT(prevdq); 1760 ASSERT(prevdq != newdq); 1761 1762 xfs_trans_mod_dquot(tp, prevdq, bfield, -(ip->i_d.di_nblocks)); 1763 xfs_trans_mod_dquot(tp, prevdq, XFS_TRANS_DQ_ICOUNT, -1); 1764 1765 /* the sparkling new dquot */ 1766 xfs_trans_mod_dquot(tp, newdq, bfield, ip->i_d.di_nblocks); 1767 xfs_trans_mod_dquot(tp, newdq, XFS_TRANS_DQ_ICOUNT, 1); 1768 1769 /* 1770 * Take an extra reference, because the inode is going to keep 1771 * this dquot pointer even after the trans_commit. 1772 */ 1773 *IO_olddq = xfs_qm_dqhold(newdq); 1774 1775 return prevdq; 1776 } 1777 1778 /* 1779 * Quota reservations for setattr(AT_UID|AT_GID|AT_PROJID). 1780 */ 1781 int 1782 xfs_qm_vop_chown_reserve( 1783 struct xfs_trans *tp, 1784 struct xfs_inode *ip, 1785 struct xfs_dquot *udqp, 1786 struct xfs_dquot *gdqp, 1787 struct xfs_dquot *pdqp, 1788 uint flags) 1789 { 1790 struct xfs_mount *mp = ip->i_mount; 1791 uint delblks, blkflags, prjflags = 0; 1792 struct xfs_dquot *udq_unres = NULL; 1793 struct xfs_dquot *gdq_unres = NULL; 1794 struct xfs_dquot *pdq_unres = NULL; 1795 struct xfs_dquot *udq_delblks = NULL; 1796 struct xfs_dquot *gdq_delblks = NULL; 1797 struct xfs_dquot *pdq_delblks = NULL; 1798 int error; 1799 1800 1801 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL|XFS_ILOCK_SHARED)); 1802 ASSERT(XFS_IS_QUOTA_RUNNING(mp)); 1803 1804 delblks = ip->i_delayed_blks; 1805 blkflags = XFS_IS_REALTIME_INODE(ip) ? 1806 XFS_QMOPT_RES_RTBLKS : XFS_QMOPT_RES_REGBLKS; 1807 1808 if (XFS_IS_UQUOTA_ON(mp) && udqp && 1809 ip->i_d.di_uid != be32_to_cpu(udqp->q_core.d_id)) { 1810 udq_delblks = udqp; 1811 /* 1812 * If there are delayed allocation blocks, then we have to 1813 * unreserve those from the old dquot, and add them to the 1814 * new dquot. 1815 */ 1816 if (delblks) { 1817 ASSERT(ip->i_udquot); 1818 udq_unres = ip->i_udquot; 1819 } 1820 } 1821 if (XFS_IS_GQUOTA_ON(ip->i_mount) && gdqp && 1822 ip->i_d.di_gid != be32_to_cpu(gdqp->q_core.d_id)) { 1823 gdq_delblks = gdqp; 1824 if (delblks) { 1825 ASSERT(ip->i_gdquot); 1826 gdq_unres = ip->i_gdquot; 1827 } 1828 } 1829 1830 if (XFS_IS_PQUOTA_ON(ip->i_mount) && pdqp && 1831 xfs_get_projid(ip) != be32_to_cpu(pdqp->q_core.d_id)) { 1832 prjflags = XFS_QMOPT_ENOSPC; 1833 pdq_delblks = pdqp; 1834 if (delblks) { 1835 ASSERT(ip->i_pdquot); 1836 pdq_unres = ip->i_pdquot; 1837 } 1838 } 1839 1840 error = xfs_trans_reserve_quota_bydquots(tp, ip->i_mount, 1841 udq_delblks, gdq_delblks, pdq_delblks, 1842 ip->i_d.di_nblocks, 1, 1843 flags | blkflags | prjflags); 1844 if (error) 1845 return error; 1846 1847 /* 1848 * Do the delayed blks reservations/unreservations now. Since, these 1849 * are done without the help of a transaction, if a reservation fails 1850 * its previous reservations won't be automatically undone by trans 1851 * code. So, we have to do it manually here. 1852 */ 1853 if (delblks) { 1854 /* 1855 * Do the reservations first. Unreservation can't fail. 1856 */ 1857 ASSERT(udq_delblks || gdq_delblks || pdq_delblks); 1858 ASSERT(udq_unres || gdq_unres || pdq_unres); 1859 error = xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount, 1860 udq_delblks, gdq_delblks, pdq_delblks, 1861 (xfs_qcnt_t)delblks, 0, 1862 flags | blkflags | prjflags); 1863 if (error) 1864 return error; 1865 xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount, 1866 udq_unres, gdq_unres, pdq_unres, 1867 -((xfs_qcnt_t)delblks), 0, blkflags); 1868 } 1869 1870 return 0; 1871 } 1872 1873 int 1874 xfs_qm_vop_rename_dqattach( 1875 struct xfs_inode **i_tab) 1876 { 1877 struct xfs_mount *mp = i_tab[0]->i_mount; 1878 int i; 1879 1880 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp)) 1881 return 0; 1882 1883 for (i = 0; (i < 4 && i_tab[i]); i++) { 1884 struct xfs_inode *ip = i_tab[i]; 1885 int error; 1886 1887 /* 1888 * Watch out for duplicate entries in the table. 1889 */ 1890 if (i == 0 || ip != i_tab[i-1]) { 1891 if (XFS_NOT_DQATTACHED(mp, ip)) { 1892 error = xfs_qm_dqattach(ip, 0); 1893 if (error) 1894 return error; 1895 } 1896 } 1897 } 1898 return 0; 1899 } 1900 1901 void 1902 xfs_qm_vop_create_dqattach( 1903 struct xfs_trans *tp, 1904 struct xfs_inode *ip, 1905 struct xfs_dquot *udqp, 1906 struct xfs_dquot *gdqp, 1907 struct xfs_dquot *pdqp) 1908 { 1909 struct xfs_mount *mp = tp->t_mountp; 1910 1911 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp)) 1912 return; 1913 1914 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL)); 1915 ASSERT(XFS_IS_QUOTA_RUNNING(mp)); 1916 1917 if (udqp && XFS_IS_UQUOTA_ON(mp)) { 1918 ASSERT(ip->i_udquot == NULL); 1919 ASSERT(ip->i_d.di_uid == be32_to_cpu(udqp->q_core.d_id)); 1920 1921 ip->i_udquot = xfs_qm_dqhold(udqp); 1922 xfs_trans_mod_dquot(tp, udqp, XFS_TRANS_DQ_ICOUNT, 1); 1923 } 1924 if (gdqp && XFS_IS_GQUOTA_ON(mp)) { 1925 ASSERT(ip->i_gdquot == NULL); 1926 ASSERT(ip->i_d.di_gid == be32_to_cpu(gdqp->q_core.d_id)); 1927 ip->i_gdquot = xfs_qm_dqhold(gdqp); 1928 xfs_trans_mod_dquot(tp, gdqp, XFS_TRANS_DQ_ICOUNT, 1); 1929 } 1930 if (pdqp && XFS_IS_PQUOTA_ON(mp)) { 1931 ASSERT(ip->i_pdquot == NULL); 1932 ASSERT(xfs_get_projid(ip) == be32_to_cpu(pdqp->q_core.d_id)); 1933 1934 ip->i_pdquot = xfs_qm_dqhold(pdqp); 1935 xfs_trans_mod_dquot(tp, pdqp, XFS_TRANS_DQ_ICOUNT, 1); 1936 } 1937 } 1938 1939