Loading...
1/*
2 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3 * All Rights Reserved.
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18#include "xfs.h"
19#include "xfs_fs.h"
20#include "xfs_bit.h"
21#include "xfs_log.h"
22#include "xfs_inum.h"
23#include "xfs_trans.h"
24#include "xfs_sb.h"
25#include "xfs_ag.h"
26#include "xfs_alloc.h"
27#include "xfs_quota.h"
28#include "xfs_mount.h"
29#include "xfs_bmap_btree.h"
30#include "xfs_ialloc_btree.h"
31#include "xfs_dinode.h"
32#include "xfs_inode.h"
33#include "xfs_ialloc.h"
34#include "xfs_itable.h"
35#include "xfs_rtalloc.h"
36#include "xfs_error.h"
37#include "xfs_bmap.h"
38#include "xfs_attr.h"
39#include "xfs_buf_item.h"
40#include "xfs_trans_space.h"
41#include "xfs_utils.h"
42#include "xfs_qm.h"
43#include "xfs_trace.h"
44
45/*
46 * The global quota manager. There is only one of these for the entire
47 * system, _not_ one per file system. XQM keeps track of the overall
48 * quota functionality, including maintaining the freelist and hash
49 * tables of dquots.
50 */
51struct mutex xfs_Gqm_lock;
52struct xfs_qm *xfs_Gqm;
53uint ndquot;
54
55kmem_zone_t *qm_dqzone;
56kmem_zone_t *qm_dqtrxzone;
57
58STATIC void xfs_qm_list_init(xfs_dqlist_t *, char *, int);
59STATIC void xfs_qm_list_destroy(xfs_dqlist_t *);
60
61STATIC int xfs_qm_init_quotainos(xfs_mount_t *);
62STATIC int xfs_qm_init_quotainfo(xfs_mount_t *);
63STATIC int xfs_qm_shake(struct shrinker *, struct shrink_control *);
64
65static struct shrinker xfs_qm_shaker = {
66 .shrink = xfs_qm_shake,
67 .seeks = DEFAULT_SEEKS,
68};
69
70/*
71 * Initialize the XQM structure.
72 * Note that there is not one quota manager per file system.
73 */
74STATIC struct xfs_qm *
75xfs_Gqm_init(void)
76{
77 xfs_dqhash_t *udqhash, *gdqhash;
78 xfs_qm_t *xqm;
79 size_t hsize;
80 uint i;
81
82 /*
83 * Initialize the dquot hash tables.
84 */
85 udqhash = kmem_zalloc_greedy(&hsize,
86 XFS_QM_HASHSIZE_LOW * sizeof(xfs_dqhash_t),
87 XFS_QM_HASHSIZE_HIGH * sizeof(xfs_dqhash_t));
88 if (!udqhash)
89 goto out;
90
91 gdqhash = kmem_zalloc_large(hsize);
92 if (!gdqhash)
93 goto out_free_udqhash;
94
95 hsize /= sizeof(xfs_dqhash_t);
96 ndquot = hsize << 8;
97
98 xqm = kmem_zalloc(sizeof(xfs_qm_t), KM_SLEEP);
99 xqm->qm_dqhashmask = hsize - 1;
100 xqm->qm_usr_dqhtable = udqhash;
101 xqm->qm_grp_dqhtable = gdqhash;
102 ASSERT(xqm->qm_usr_dqhtable != NULL);
103 ASSERT(xqm->qm_grp_dqhtable != NULL);
104
105 for (i = 0; i < hsize; i++) {
106 xfs_qm_list_init(&(xqm->qm_usr_dqhtable[i]), "uxdqh", i);
107 xfs_qm_list_init(&(xqm->qm_grp_dqhtable[i]), "gxdqh", i);
108 }
109
110 /*
111 * Freelist of all dquots of all file systems
112 */
113 INIT_LIST_HEAD(&xqm->qm_dqfrlist);
114 xqm->qm_dqfrlist_cnt = 0;
115 mutex_init(&xqm->qm_dqfrlist_lock);
116
117 /*
118 * dquot zone. we register our own low-memory callback.
119 */
120 if (!qm_dqzone) {
121 xqm->qm_dqzone = kmem_zone_init(sizeof(xfs_dquot_t),
122 "xfs_dquots");
123 qm_dqzone = xqm->qm_dqzone;
124 } else
125 xqm->qm_dqzone = qm_dqzone;
126
127 register_shrinker(&xfs_qm_shaker);
128
129 /*
130 * The t_dqinfo portion of transactions.
131 */
132 if (!qm_dqtrxzone) {
133 xqm->qm_dqtrxzone = kmem_zone_init(sizeof(xfs_dquot_acct_t),
134 "xfs_dqtrx");
135 qm_dqtrxzone = xqm->qm_dqtrxzone;
136 } else
137 xqm->qm_dqtrxzone = qm_dqtrxzone;
138
139 atomic_set(&xqm->qm_totaldquots, 0);
140 xqm->qm_dqfree_ratio = XFS_QM_DQFREE_RATIO;
141 xqm->qm_nrefs = 0;
142 return xqm;
143
144 out_free_udqhash:
145 kmem_free_large(udqhash);
146 out:
147 return NULL;
148}
149
150/*
151 * Destroy the global quota manager when its reference count goes to zero.
152 */
153STATIC void
154xfs_qm_destroy(
155 struct xfs_qm *xqm)
156{
157 struct xfs_dquot *dqp, *n;
158 int hsize, i;
159
160 ASSERT(xqm != NULL);
161 ASSERT(xqm->qm_nrefs == 0);
162 unregister_shrinker(&xfs_qm_shaker);
163 hsize = xqm->qm_dqhashmask + 1;
164 for (i = 0; i < hsize; i++) {
165 xfs_qm_list_destroy(&(xqm->qm_usr_dqhtable[i]));
166 xfs_qm_list_destroy(&(xqm->qm_grp_dqhtable[i]));
167 }
168 kmem_free_large(xqm->qm_usr_dqhtable);
169 kmem_free_large(xqm->qm_grp_dqhtable);
170 xqm->qm_usr_dqhtable = NULL;
171 xqm->qm_grp_dqhtable = NULL;
172 xqm->qm_dqhashmask = 0;
173
174 /* frlist cleanup */
175 mutex_lock(&xqm->qm_dqfrlist_lock);
176 list_for_each_entry_safe(dqp, n, &xqm->qm_dqfrlist, q_freelist) {
177 xfs_dqlock(dqp);
178 list_del_init(&dqp->q_freelist);
179 xfs_Gqm->qm_dqfrlist_cnt--;
180 xfs_dqunlock(dqp);
181 xfs_qm_dqdestroy(dqp);
182 }
183 mutex_unlock(&xqm->qm_dqfrlist_lock);
184 mutex_destroy(&xqm->qm_dqfrlist_lock);
185 kmem_free(xqm);
186}
187
188/*
189 * Called at mount time to let XQM know that another file system is
190 * starting quotas. This isn't crucial information as the individual mount
191 * structures are pretty independent, but it helps the XQM keep a
192 * global view of what's going on.
193 */
194/* ARGSUSED */
195STATIC int
196xfs_qm_hold_quotafs_ref(
197 struct xfs_mount *mp)
198{
199 /*
200 * Need to lock the xfs_Gqm structure for things like this. For example,
201 * the structure could disappear between the entry to this routine and
202 * a HOLD operation if not locked.
203 */
204 mutex_lock(&xfs_Gqm_lock);
205
206 if (!xfs_Gqm) {
207 xfs_Gqm = xfs_Gqm_init();
208 if (!xfs_Gqm) {
209 mutex_unlock(&xfs_Gqm_lock);
210 return ENOMEM;
211 }
212 }
213
214 /*
215 * We can keep a list of all filesystems with quotas mounted for
216 * debugging and statistical purposes, but ...
217 * Just take a reference and get out.
218 */
219 xfs_Gqm->qm_nrefs++;
220 mutex_unlock(&xfs_Gqm_lock);
221
222 return 0;
223}
224
225
226/*
227 * Release the reference that a filesystem took at mount time,
228 * so that we know when we need to destroy the entire quota manager.
229 */
230/* ARGSUSED */
231STATIC void
232xfs_qm_rele_quotafs_ref(
233 struct xfs_mount *mp)
234{
235 xfs_dquot_t *dqp, *n;
236
237 ASSERT(xfs_Gqm);
238 ASSERT(xfs_Gqm->qm_nrefs > 0);
239
240 /*
241 * Go thru the freelist and destroy all inactive dquots.
242 */
243 mutex_lock(&xfs_Gqm->qm_dqfrlist_lock);
244
245 list_for_each_entry_safe(dqp, n, &xfs_Gqm->qm_dqfrlist, q_freelist) {
246 xfs_dqlock(dqp);
247 if (dqp->dq_flags & XFS_DQ_INACTIVE) {
248 ASSERT(dqp->q_mount == NULL);
249 ASSERT(! XFS_DQ_IS_DIRTY(dqp));
250 ASSERT(list_empty(&dqp->q_hashlist));
251 ASSERT(list_empty(&dqp->q_mplist));
252 list_del_init(&dqp->q_freelist);
253 xfs_Gqm->qm_dqfrlist_cnt--;
254 xfs_dqunlock(dqp);
255 xfs_qm_dqdestroy(dqp);
256 } else {
257 xfs_dqunlock(dqp);
258 }
259 }
260 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
261
262 /*
263 * Destroy the entire XQM. If somebody mounts with quotaon, this'll
264 * be restarted.
265 */
266 mutex_lock(&xfs_Gqm_lock);
267 if (--xfs_Gqm->qm_nrefs == 0) {
268 xfs_qm_destroy(xfs_Gqm);
269 xfs_Gqm = NULL;
270 }
271 mutex_unlock(&xfs_Gqm_lock);
272}
273
274/*
275 * Just destroy the quotainfo structure.
276 */
277void
278xfs_qm_unmount(
279 struct xfs_mount *mp)
280{
281 if (mp->m_quotainfo) {
282 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL);
283 xfs_qm_destroy_quotainfo(mp);
284 }
285}
286
287
288/*
289 * This is called from xfs_mountfs to start quotas and initialize all
290 * necessary data structures like quotainfo. This is also responsible for
291 * running a quotacheck as necessary. We are guaranteed that the superblock
292 * is consistently read in at this point.
293 *
294 * If we fail here, the mount will continue with quota turned off. We don't
295 * need to inidicate success or failure at all.
296 */
297void
298xfs_qm_mount_quotas(
299 xfs_mount_t *mp)
300{
301 int error = 0;
302 uint sbf;
303
304 /*
305 * If quotas on realtime volumes is not supported, we disable
306 * quotas immediately.
307 */
308 if (mp->m_sb.sb_rextents) {
309 xfs_notice(mp, "Cannot turn on quotas for realtime filesystem");
310 mp->m_qflags = 0;
311 goto write_changes;
312 }
313
314 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
315
316 /*
317 * Allocate the quotainfo structure inside the mount struct, and
318 * create quotainode(s), and change/rev superblock if necessary.
319 */
320 error = xfs_qm_init_quotainfo(mp);
321 if (error) {
322 /*
323 * We must turn off quotas.
324 */
325 ASSERT(mp->m_quotainfo == NULL);
326 mp->m_qflags = 0;
327 goto write_changes;
328 }
329 /*
330 * If any of the quotas are not consistent, do a quotacheck.
331 */
332 if (XFS_QM_NEED_QUOTACHECK(mp)) {
333 error = xfs_qm_quotacheck(mp);
334 if (error) {
335 /* Quotacheck failed and disabled quotas. */
336 return;
337 }
338 }
339 /*
340 * If one type of quotas is off, then it will lose its
341 * quotachecked status, since we won't be doing accounting for
342 * that type anymore.
343 */
344 if (!XFS_IS_UQUOTA_ON(mp))
345 mp->m_qflags &= ~XFS_UQUOTA_CHKD;
346 if (!(XFS_IS_GQUOTA_ON(mp) || XFS_IS_PQUOTA_ON(mp)))
347 mp->m_qflags &= ~XFS_OQUOTA_CHKD;
348
349 write_changes:
350 /*
351 * We actually don't have to acquire the m_sb_lock at all.
352 * This can only be called from mount, and that's single threaded. XXX
353 */
354 spin_lock(&mp->m_sb_lock);
355 sbf = mp->m_sb.sb_qflags;
356 mp->m_sb.sb_qflags = mp->m_qflags & XFS_MOUNT_QUOTA_ALL;
357 spin_unlock(&mp->m_sb_lock);
358
359 if (sbf != (mp->m_qflags & XFS_MOUNT_QUOTA_ALL)) {
360 if (xfs_qm_write_sb_changes(mp, XFS_SB_QFLAGS)) {
361 /*
362 * We could only have been turning quotas off.
363 * We aren't in very good shape actually because
364 * the incore structures are convinced that quotas are
365 * off, but the on disk superblock doesn't know that !
366 */
367 ASSERT(!(XFS_IS_QUOTA_RUNNING(mp)));
368 xfs_alert(mp, "%s: Superblock update failed!",
369 __func__);
370 }
371 }
372
373 if (error) {
374 xfs_warn(mp, "Failed to initialize disk quotas.");
375 return;
376 }
377}
378
379/*
380 * Called from the vfsops layer.
381 */
382void
383xfs_qm_unmount_quotas(
384 xfs_mount_t *mp)
385{
386 /*
387 * Release the dquots that root inode, et al might be holding,
388 * before we flush quotas and blow away the quotainfo structure.
389 */
390 ASSERT(mp->m_rootip);
391 xfs_qm_dqdetach(mp->m_rootip);
392 if (mp->m_rbmip)
393 xfs_qm_dqdetach(mp->m_rbmip);
394 if (mp->m_rsumip)
395 xfs_qm_dqdetach(mp->m_rsumip);
396
397 /*
398 * Release the quota inodes.
399 */
400 if (mp->m_quotainfo) {
401 if (mp->m_quotainfo->qi_uquotaip) {
402 IRELE(mp->m_quotainfo->qi_uquotaip);
403 mp->m_quotainfo->qi_uquotaip = NULL;
404 }
405 if (mp->m_quotainfo->qi_gquotaip) {
406 IRELE(mp->m_quotainfo->qi_gquotaip);
407 mp->m_quotainfo->qi_gquotaip = NULL;
408 }
409 }
410}
411
412/*
413 * Flush all dquots of the given file system to disk. The dquots are
414 * _not_ purged from memory here, just their data written to disk.
415 */
416STATIC int
417xfs_qm_dqflush_all(
418 struct xfs_mount *mp,
419 int sync_mode)
420{
421 struct xfs_quotainfo *q = mp->m_quotainfo;
422 int recl;
423 struct xfs_dquot *dqp;
424 int error;
425
426 if (!q)
427 return 0;
428again:
429 mutex_lock(&q->qi_dqlist_lock);
430 list_for_each_entry(dqp, &q->qi_dqlist, q_mplist) {
431 xfs_dqlock(dqp);
432 if (! XFS_DQ_IS_DIRTY(dqp)) {
433 xfs_dqunlock(dqp);
434 continue;
435 }
436
437 /* XXX a sentinel would be better */
438 recl = q->qi_dqreclaims;
439 if (!xfs_dqflock_nowait(dqp)) {
440 /*
441 * If we can't grab the flush lock then check
442 * to see if the dquot has been flushed delayed
443 * write. If so, grab its buffer and send it
444 * out immediately. We'll be able to acquire
445 * the flush lock when the I/O completes.
446 */
447 xfs_qm_dqflock_pushbuf_wait(dqp);
448 }
449 /*
450 * Let go of the mplist lock. We don't want to hold it
451 * across a disk write.
452 */
453 mutex_unlock(&q->qi_dqlist_lock);
454 error = xfs_qm_dqflush(dqp, sync_mode);
455 xfs_dqunlock(dqp);
456 if (error)
457 return error;
458
459 mutex_lock(&q->qi_dqlist_lock);
460 if (recl != q->qi_dqreclaims) {
461 mutex_unlock(&q->qi_dqlist_lock);
462 /* XXX restart limit */
463 goto again;
464 }
465 }
466
467 mutex_unlock(&q->qi_dqlist_lock);
468 /* return ! busy */
469 return 0;
470}
471/*
472 * Release the group dquot pointers the user dquots may be
473 * carrying around as a hint. mplist is locked on entry and exit.
474 */
475STATIC void
476xfs_qm_detach_gdquots(
477 struct xfs_mount *mp)
478{
479 struct xfs_quotainfo *q = mp->m_quotainfo;
480 struct xfs_dquot *dqp, *gdqp;
481 int nrecl;
482
483 again:
484 ASSERT(mutex_is_locked(&q->qi_dqlist_lock));
485 list_for_each_entry(dqp, &q->qi_dqlist, q_mplist) {
486 xfs_dqlock(dqp);
487 if ((gdqp = dqp->q_gdquot)) {
488 xfs_dqlock(gdqp);
489 dqp->q_gdquot = NULL;
490 }
491 xfs_dqunlock(dqp);
492
493 if (gdqp) {
494 /*
495 * Can't hold the mplist lock across a dqput.
496 * XXXmust convert to marker based iterations here.
497 */
498 nrecl = q->qi_dqreclaims;
499 mutex_unlock(&q->qi_dqlist_lock);
500 xfs_qm_dqput(gdqp);
501
502 mutex_lock(&q->qi_dqlist_lock);
503 if (nrecl != q->qi_dqreclaims)
504 goto again;
505 }
506 }
507}
508
509/*
510 * Go through all the incore dquots of this file system and take them
511 * off the mplist and hashlist, if the dquot type matches the dqtype
512 * parameter. This is used when turning off quota accounting for
513 * users and/or groups, as well as when the filesystem is unmounting.
514 */
515STATIC int
516xfs_qm_dqpurge_int(
517 struct xfs_mount *mp,
518 uint flags)
519{
520 struct xfs_quotainfo *q = mp->m_quotainfo;
521 struct xfs_dquot *dqp, *n;
522 uint dqtype;
523 int nrecl;
524 int nmisses;
525
526 if (!q)
527 return 0;
528
529 dqtype = (flags & XFS_QMOPT_UQUOTA) ? XFS_DQ_USER : 0;
530 dqtype |= (flags & XFS_QMOPT_PQUOTA) ? XFS_DQ_PROJ : 0;
531 dqtype |= (flags & XFS_QMOPT_GQUOTA) ? XFS_DQ_GROUP : 0;
532
533 mutex_lock(&q->qi_dqlist_lock);
534
535 /*
536 * In the first pass through all incore dquots of this filesystem,
537 * we release the group dquot pointers the user dquots may be
538 * carrying around as a hint. We need to do this irrespective of
539 * what's being turned off.
540 */
541 xfs_qm_detach_gdquots(mp);
542
543 again:
544 nmisses = 0;
545 ASSERT(mutex_is_locked(&q->qi_dqlist_lock));
546 /*
547 * Try to get rid of all of the unwanted dquots. The idea is to
548 * get them off mplist and hashlist, but leave them on freelist.
549 */
550 list_for_each_entry_safe(dqp, n, &q->qi_dqlist, q_mplist) {
551 /*
552 * It's OK to look at the type without taking dqlock here.
553 * We're holding the mplist lock here, and that's needed for
554 * a dqreclaim.
555 */
556 if ((dqp->dq_flags & dqtype) == 0)
557 continue;
558
559 if (!mutex_trylock(&dqp->q_hash->qh_lock)) {
560 nrecl = q->qi_dqreclaims;
561 mutex_unlock(&q->qi_dqlist_lock);
562 mutex_lock(&dqp->q_hash->qh_lock);
563 mutex_lock(&q->qi_dqlist_lock);
564
565 /*
566 * XXXTheoretically, we can get into a very long
567 * ping pong game here.
568 * No one can be adding dquots to the mplist at
569 * this point, but somebody might be taking things off.
570 */
571 if (nrecl != q->qi_dqreclaims) {
572 mutex_unlock(&dqp->q_hash->qh_lock);
573 goto again;
574 }
575 }
576
577 /*
578 * Take the dquot off the mplist and hashlist. It may remain on
579 * freelist in INACTIVE state.
580 */
581 nmisses += xfs_qm_dqpurge(dqp);
582 }
583 mutex_unlock(&q->qi_dqlist_lock);
584 return nmisses;
585}
586
587int
588xfs_qm_dqpurge_all(
589 xfs_mount_t *mp,
590 uint flags)
591{
592 int ndquots;
593
594 /*
595 * Purge the dquot cache.
596 * None of the dquots should really be busy at this point.
597 */
598 if (mp->m_quotainfo) {
599 while ((ndquots = xfs_qm_dqpurge_int(mp, flags))) {
600 delay(ndquots * 10);
601 }
602 }
603 return 0;
604}
605
606STATIC int
607xfs_qm_dqattach_one(
608 xfs_inode_t *ip,
609 xfs_dqid_t id,
610 uint type,
611 uint doalloc,
612 xfs_dquot_t *udqhint, /* hint */
613 xfs_dquot_t **IO_idqpp)
614{
615 xfs_dquot_t *dqp;
616 int error;
617
618 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
619 error = 0;
620
621 /*
622 * See if we already have it in the inode itself. IO_idqpp is
623 * &i_udquot or &i_gdquot. This made the code look weird, but
624 * made the logic a lot simpler.
625 */
626 dqp = *IO_idqpp;
627 if (dqp) {
628 trace_xfs_dqattach_found(dqp);
629 return 0;
630 }
631
632 /*
633 * udqhint is the i_udquot field in inode, and is non-NULL only
634 * when the type arg is group/project. Its purpose is to save a
635 * lookup by dqid (xfs_qm_dqget) by caching a group dquot inside
636 * the user dquot.
637 */
638 if (udqhint) {
639 ASSERT(type == XFS_DQ_GROUP || type == XFS_DQ_PROJ);
640 xfs_dqlock(udqhint);
641
642 /*
643 * No need to take dqlock to look at the id.
644 *
645 * The ID can't change until it gets reclaimed, and it won't
646 * be reclaimed as long as we have a ref from inode and we
647 * hold the ilock.
648 */
649 dqp = udqhint->q_gdquot;
650 if (dqp && be32_to_cpu(dqp->q_core.d_id) == id) {
651 xfs_dqlock(dqp);
652 XFS_DQHOLD(dqp);
653 ASSERT(*IO_idqpp == NULL);
654 *IO_idqpp = dqp;
655
656 xfs_dqunlock(dqp);
657 xfs_dqunlock(udqhint);
658 return 0;
659 }
660
661 /*
662 * We can't hold a dquot lock when we call the dqget code.
663 * We'll deadlock in no time, because of (not conforming to)
664 * lock ordering - the inodelock comes before any dquot lock,
665 * and we may drop and reacquire the ilock in xfs_qm_dqget().
666 */
667 xfs_dqunlock(udqhint);
668 }
669
670 /*
671 * Find the dquot from somewhere. This bumps the
672 * reference count of dquot and returns it locked.
673 * This can return ENOENT if dquot didn't exist on
674 * disk and we didn't ask it to allocate;
675 * ESRCH if quotas got turned off suddenly.
676 */
677 error = xfs_qm_dqget(ip->i_mount, ip, id, type, XFS_QMOPT_DOWARN, &dqp);
678 if (error)
679 return error;
680
681 trace_xfs_dqattach_get(dqp);
682
683 /*
684 * dqget may have dropped and re-acquired the ilock, but it guarantees
685 * that the dquot returned is the one that should go in the inode.
686 */
687 *IO_idqpp = dqp;
688 xfs_dqunlock(dqp);
689 return 0;
690}
691
692
693/*
694 * Given a udquot and gdquot, attach a ptr to the group dquot in the
695 * udquot as a hint for future lookups. The idea sounds simple, but the
696 * execution isn't, because the udquot might have a group dquot attached
697 * already and getting rid of that gets us into lock ordering constraints.
698 * The process is complicated more by the fact that the dquots may or may not
699 * be locked on entry.
700 */
701STATIC void
702xfs_qm_dqattach_grouphint(
703 xfs_dquot_t *udq,
704 xfs_dquot_t *gdq)
705{
706 xfs_dquot_t *tmp;
707
708 xfs_dqlock(udq);
709
710 if ((tmp = udq->q_gdquot)) {
711 if (tmp == gdq) {
712 xfs_dqunlock(udq);
713 return;
714 }
715
716 udq->q_gdquot = NULL;
717 /*
718 * We can't keep any dqlocks when calling dqrele,
719 * because the freelist lock comes before dqlocks.
720 */
721 xfs_dqunlock(udq);
722 /*
723 * we took a hard reference once upon a time in dqget,
724 * so give it back when the udquot no longer points at it
725 * dqput() does the unlocking of the dquot.
726 */
727 xfs_qm_dqrele(tmp);
728
729 xfs_dqlock(udq);
730 xfs_dqlock(gdq);
731
732 } else {
733 ASSERT(XFS_DQ_IS_LOCKED(udq));
734 xfs_dqlock(gdq);
735 }
736
737 ASSERT(XFS_DQ_IS_LOCKED(udq));
738 ASSERT(XFS_DQ_IS_LOCKED(gdq));
739 /*
740 * Somebody could have attached a gdquot here,
741 * when we dropped the uqlock. If so, just do nothing.
742 */
743 if (udq->q_gdquot == NULL) {
744 XFS_DQHOLD(gdq);
745 udq->q_gdquot = gdq;
746 }
747
748 xfs_dqunlock(gdq);
749 xfs_dqunlock(udq);
750}
751
752
753/*
754 * Given a locked inode, attach dquot(s) to it, taking U/G/P-QUOTAON
755 * into account.
756 * If XFS_QMOPT_DQALLOC, the dquot(s) will be allocated if needed.
757 * Inode may get unlocked and relocked in here, and the caller must deal with
758 * the consequences.
759 */
760int
761xfs_qm_dqattach_locked(
762 xfs_inode_t *ip,
763 uint flags)
764{
765 xfs_mount_t *mp = ip->i_mount;
766 uint nquotas = 0;
767 int error = 0;
768
769 if (!XFS_IS_QUOTA_RUNNING(mp) ||
770 !XFS_IS_QUOTA_ON(mp) ||
771 !XFS_NOT_DQATTACHED(mp, ip) ||
772 ip->i_ino == mp->m_sb.sb_uquotino ||
773 ip->i_ino == mp->m_sb.sb_gquotino)
774 return 0;
775
776 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
777
778 if (XFS_IS_UQUOTA_ON(mp)) {
779 error = xfs_qm_dqattach_one(ip, ip->i_d.di_uid, XFS_DQ_USER,
780 flags & XFS_QMOPT_DQALLOC,
781 NULL, &ip->i_udquot);
782 if (error)
783 goto done;
784 nquotas++;
785 }
786
787 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
788 if (XFS_IS_OQUOTA_ON(mp)) {
789 error = XFS_IS_GQUOTA_ON(mp) ?
790 xfs_qm_dqattach_one(ip, ip->i_d.di_gid, XFS_DQ_GROUP,
791 flags & XFS_QMOPT_DQALLOC,
792 ip->i_udquot, &ip->i_gdquot) :
793 xfs_qm_dqattach_one(ip, xfs_get_projid(ip), XFS_DQ_PROJ,
794 flags & XFS_QMOPT_DQALLOC,
795 ip->i_udquot, &ip->i_gdquot);
796 /*
797 * Don't worry about the udquot that we may have
798 * attached above. It'll get detached, if not already.
799 */
800 if (error)
801 goto done;
802 nquotas++;
803 }
804
805 /*
806 * Attach this group quota to the user quota as a hint.
807 * This WON'T, in general, result in a thrash.
808 */
809 if (nquotas == 2) {
810 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
811 ASSERT(ip->i_udquot);
812 ASSERT(ip->i_gdquot);
813
814 /*
815 * We may or may not have the i_udquot locked at this point,
816 * but this check is OK since we don't depend on the i_gdquot to
817 * be accurate 100% all the time. It is just a hint, and this
818 * will succeed in general.
819 */
820 if (ip->i_udquot->q_gdquot == ip->i_gdquot)
821 goto done;
822 /*
823 * Attach i_gdquot to the gdquot hint inside the i_udquot.
824 */
825 xfs_qm_dqattach_grouphint(ip->i_udquot, ip->i_gdquot);
826 }
827
828 done:
829#ifdef DEBUG
830 if (!error) {
831 if (XFS_IS_UQUOTA_ON(mp))
832 ASSERT(ip->i_udquot);
833 if (XFS_IS_OQUOTA_ON(mp))
834 ASSERT(ip->i_gdquot);
835 }
836 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
837#endif
838 return error;
839}
840
841int
842xfs_qm_dqattach(
843 struct xfs_inode *ip,
844 uint flags)
845{
846 int error;
847
848 xfs_ilock(ip, XFS_ILOCK_EXCL);
849 error = xfs_qm_dqattach_locked(ip, flags);
850 xfs_iunlock(ip, XFS_ILOCK_EXCL);
851
852 return error;
853}
854
855/*
856 * Release dquots (and their references) if any.
857 * The inode should be locked EXCL except when this's called by
858 * xfs_ireclaim.
859 */
860void
861xfs_qm_dqdetach(
862 xfs_inode_t *ip)
863{
864 if (!(ip->i_udquot || ip->i_gdquot))
865 return;
866
867 trace_xfs_dquot_dqdetach(ip);
868
869 ASSERT(ip->i_ino != ip->i_mount->m_sb.sb_uquotino);
870 ASSERT(ip->i_ino != ip->i_mount->m_sb.sb_gquotino);
871 if (ip->i_udquot) {
872 xfs_qm_dqrele(ip->i_udquot);
873 ip->i_udquot = NULL;
874 }
875 if (ip->i_gdquot) {
876 xfs_qm_dqrele(ip->i_gdquot);
877 ip->i_gdquot = NULL;
878 }
879}
880
881int
882xfs_qm_sync(
883 struct xfs_mount *mp,
884 int flags)
885{
886 struct xfs_quotainfo *q = mp->m_quotainfo;
887 int recl, restarts;
888 struct xfs_dquot *dqp;
889 int error;
890
891 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
892 return 0;
893
894 restarts = 0;
895
896 again:
897 mutex_lock(&q->qi_dqlist_lock);
898 /*
899 * dqpurge_all() also takes the mplist lock and iterate thru all dquots
900 * in quotaoff. However, if the QUOTA_ACTIVE bits are not cleared
901 * when we have the mplist lock, we know that dquots will be consistent
902 * as long as we have it locked.
903 */
904 if (!XFS_IS_QUOTA_ON(mp)) {
905 mutex_unlock(&q->qi_dqlist_lock);
906 return 0;
907 }
908 ASSERT(mutex_is_locked(&q->qi_dqlist_lock));
909 list_for_each_entry(dqp, &q->qi_dqlist, q_mplist) {
910 /*
911 * If this is vfs_sync calling, then skip the dquots that
912 * don't 'seem' to be dirty. ie. don't acquire dqlock.
913 * This is very similar to what xfs_sync does with inodes.
914 */
915 if (flags & SYNC_TRYLOCK) {
916 if (!XFS_DQ_IS_DIRTY(dqp))
917 continue;
918 if (!xfs_qm_dqlock_nowait(dqp))
919 continue;
920 } else {
921 xfs_dqlock(dqp);
922 }
923
924 /*
925 * Now, find out for sure if this dquot is dirty or not.
926 */
927 if (! XFS_DQ_IS_DIRTY(dqp)) {
928 xfs_dqunlock(dqp);
929 continue;
930 }
931
932 /* XXX a sentinel would be better */
933 recl = q->qi_dqreclaims;
934 if (!xfs_dqflock_nowait(dqp)) {
935 if (flags & SYNC_TRYLOCK) {
936 xfs_dqunlock(dqp);
937 continue;
938 }
939 /*
940 * If we can't grab the flush lock then if the caller
941 * really wanted us to give this our best shot, so
942 * see if we can give a push to the buffer before we wait
943 * on the flush lock. At this point, we know that
944 * even though the dquot is being flushed,
945 * it has (new) dirty data.
946 */
947 xfs_qm_dqflock_pushbuf_wait(dqp);
948 }
949 /*
950 * Let go of the mplist lock. We don't want to hold it
951 * across a disk write
952 */
953 mutex_unlock(&q->qi_dqlist_lock);
954 error = xfs_qm_dqflush(dqp, flags);
955 xfs_dqunlock(dqp);
956 if (error && XFS_FORCED_SHUTDOWN(mp))
957 return 0; /* Need to prevent umount failure */
958 else if (error)
959 return error;
960
961 mutex_lock(&q->qi_dqlist_lock);
962 if (recl != q->qi_dqreclaims) {
963 if (++restarts >= XFS_QM_SYNC_MAX_RESTARTS)
964 break;
965
966 mutex_unlock(&q->qi_dqlist_lock);
967 goto again;
968 }
969 }
970
971 mutex_unlock(&q->qi_dqlist_lock);
972 return 0;
973}
974
975/*
976 * The hash chains and the mplist use the same xfs_dqhash structure as
977 * their list head, but we can take the mplist qh_lock and one of the
978 * hash qh_locks at the same time without any problem as they aren't
979 * related.
980 */
981static struct lock_class_key xfs_quota_mplist_class;
982
983/*
984 * This initializes all the quota information that's kept in the
985 * mount structure
986 */
987STATIC int
988xfs_qm_init_quotainfo(
989 xfs_mount_t *mp)
990{
991 xfs_quotainfo_t *qinf;
992 int error;
993 xfs_dquot_t *dqp;
994
995 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
996
997 /*
998 * Tell XQM that we exist as soon as possible.
999 */
1000 if ((error = xfs_qm_hold_quotafs_ref(mp))) {
1001 return error;
1002 }
1003
1004 qinf = mp->m_quotainfo = kmem_zalloc(sizeof(xfs_quotainfo_t), KM_SLEEP);
1005
1006 /*
1007 * See if quotainodes are setup, and if not, allocate them,
1008 * and change the superblock accordingly.
1009 */
1010 if ((error = xfs_qm_init_quotainos(mp))) {
1011 kmem_free(qinf);
1012 mp->m_quotainfo = NULL;
1013 return error;
1014 }
1015
1016 INIT_LIST_HEAD(&qinf->qi_dqlist);
1017 mutex_init(&qinf->qi_dqlist_lock);
1018 lockdep_set_class(&qinf->qi_dqlist_lock, &xfs_quota_mplist_class);
1019
1020 qinf->qi_dqreclaims = 0;
1021
1022 /* mutex used to serialize quotaoffs */
1023 mutex_init(&qinf->qi_quotaofflock);
1024
1025 /* Precalc some constants */
1026 qinf->qi_dqchunklen = XFS_FSB_TO_BB(mp, XFS_DQUOT_CLUSTER_SIZE_FSB);
1027 ASSERT(qinf->qi_dqchunklen);
1028 qinf->qi_dqperchunk = BBTOB(qinf->qi_dqchunklen);
1029 do_div(qinf->qi_dqperchunk, sizeof(xfs_dqblk_t));
1030
1031 mp->m_qflags |= (mp->m_sb.sb_qflags & XFS_ALL_QUOTA_CHKD);
1032
1033 /*
1034 * We try to get the limits from the superuser's limits fields.
1035 * This is quite hacky, but it is standard quota practice.
1036 * We look at the USR dquot with id == 0 first, but if user quotas
1037 * are not enabled we goto the GRP dquot with id == 0.
1038 * We don't really care to keep separate default limits for user
1039 * and group quotas, at least not at this point.
1040 */
1041 error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)0,
1042 XFS_IS_UQUOTA_RUNNING(mp) ? XFS_DQ_USER :
1043 (XFS_IS_GQUOTA_RUNNING(mp) ? XFS_DQ_GROUP :
1044 XFS_DQ_PROJ),
1045 XFS_QMOPT_DQSUSER|XFS_QMOPT_DOWARN,
1046 &dqp);
1047 if (! error) {
1048 xfs_disk_dquot_t *ddqp = &dqp->q_core;
1049
1050 /*
1051 * The warnings and timers set the grace period given to
1052 * a user or group before he or she can not perform any
1053 * more writing. If it is zero, a default is used.
1054 */
1055 qinf->qi_btimelimit = ddqp->d_btimer ?
1056 be32_to_cpu(ddqp->d_btimer) : XFS_QM_BTIMELIMIT;
1057 qinf->qi_itimelimit = ddqp->d_itimer ?
1058 be32_to_cpu(ddqp->d_itimer) : XFS_QM_ITIMELIMIT;
1059 qinf->qi_rtbtimelimit = ddqp->d_rtbtimer ?
1060 be32_to_cpu(ddqp->d_rtbtimer) : XFS_QM_RTBTIMELIMIT;
1061 qinf->qi_bwarnlimit = ddqp->d_bwarns ?
1062 be16_to_cpu(ddqp->d_bwarns) : XFS_QM_BWARNLIMIT;
1063 qinf->qi_iwarnlimit = ddqp->d_iwarns ?
1064 be16_to_cpu(ddqp->d_iwarns) : XFS_QM_IWARNLIMIT;
1065 qinf->qi_rtbwarnlimit = ddqp->d_rtbwarns ?
1066 be16_to_cpu(ddqp->d_rtbwarns) : XFS_QM_RTBWARNLIMIT;
1067 qinf->qi_bhardlimit = be64_to_cpu(ddqp->d_blk_hardlimit);
1068 qinf->qi_bsoftlimit = be64_to_cpu(ddqp->d_blk_softlimit);
1069 qinf->qi_ihardlimit = be64_to_cpu(ddqp->d_ino_hardlimit);
1070 qinf->qi_isoftlimit = be64_to_cpu(ddqp->d_ino_softlimit);
1071 qinf->qi_rtbhardlimit = be64_to_cpu(ddqp->d_rtb_hardlimit);
1072 qinf->qi_rtbsoftlimit = be64_to_cpu(ddqp->d_rtb_softlimit);
1073
1074 /*
1075 * We sent the XFS_QMOPT_DQSUSER flag to dqget because
1076 * we don't want this dquot cached. We haven't done a
1077 * quotacheck yet, and quotacheck doesn't like incore dquots.
1078 */
1079 xfs_qm_dqdestroy(dqp);
1080 } else {
1081 qinf->qi_btimelimit = XFS_QM_BTIMELIMIT;
1082 qinf->qi_itimelimit = XFS_QM_ITIMELIMIT;
1083 qinf->qi_rtbtimelimit = XFS_QM_RTBTIMELIMIT;
1084 qinf->qi_bwarnlimit = XFS_QM_BWARNLIMIT;
1085 qinf->qi_iwarnlimit = XFS_QM_IWARNLIMIT;
1086 qinf->qi_rtbwarnlimit = XFS_QM_RTBWARNLIMIT;
1087 }
1088
1089 return 0;
1090}
1091
1092
1093/*
1094 * Gets called when unmounting a filesystem or when all quotas get
1095 * turned off.
1096 * This purges the quota inodes, destroys locks and frees itself.
1097 */
1098void
1099xfs_qm_destroy_quotainfo(
1100 xfs_mount_t *mp)
1101{
1102 xfs_quotainfo_t *qi;
1103
1104 qi = mp->m_quotainfo;
1105 ASSERT(qi != NULL);
1106 ASSERT(xfs_Gqm != NULL);
1107
1108 /*
1109 * Release the reference that XQM kept, so that we know
1110 * when the XQM structure should be freed. We cannot assume
1111 * that xfs_Gqm is non-null after this point.
1112 */
1113 xfs_qm_rele_quotafs_ref(mp);
1114
1115 ASSERT(list_empty(&qi->qi_dqlist));
1116 mutex_destroy(&qi->qi_dqlist_lock);
1117
1118 if (qi->qi_uquotaip) {
1119 IRELE(qi->qi_uquotaip);
1120 qi->qi_uquotaip = NULL; /* paranoia */
1121 }
1122 if (qi->qi_gquotaip) {
1123 IRELE(qi->qi_gquotaip);
1124 qi->qi_gquotaip = NULL;
1125 }
1126 mutex_destroy(&qi->qi_quotaofflock);
1127 kmem_free(qi);
1128 mp->m_quotainfo = NULL;
1129}
1130
1131
1132
1133/* ------------------- PRIVATE STATIC FUNCTIONS ----------------------- */
1134
1135/* ARGSUSED */
1136STATIC void
1137xfs_qm_list_init(
1138 xfs_dqlist_t *list,
1139 char *str,
1140 int n)
1141{
1142 mutex_init(&list->qh_lock);
1143 INIT_LIST_HEAD(&list->qh_list);
1144 list->qh_version = 0;
1145 list->qh_nelems = 0;
1146}
1147
1148STATIC void
1149xfs_qm_list_destroy(
1150 xfs_dqlist_t *list)
1151{
1152 mutex_destroy(&(list->qh_lock));
1153}
1154
1155/*
1156 * Create an inode and return with a reference already taken, but unlocked
1157 * This is how we create quota inodes
1158 */
1159STATIC int
1160xfs_qm_qino_alloc(
1161 xfs_mount_t *mp,
1162 xfs_inode_t **ip,
1163 __int64_t sbfields,
1164 uint flags)
1165{
1166 xfs_trans_t *tp;
1167 int error;
1168 int committed;
1169
1170 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QINOCREATE);
1171 if ((error = xfs_trans_reserve(tp,
1172 XFS_QM_QINOCREATE_SPACE_RES(mp),
1173 XFS_CREATE_LOG_RES(mp), 0,
1174 XFS_TRANS_PERM_LOG_RES,
1175 XFS_CREATE_LOG_COUNT))) {
1176 xfs_trans_cancel(tp, 0);
1177 return error;
1178 }
1179
1180 error = xfs_dir_ialloc(&tp, NULL, S_IFREG, 1, 0, 0, 1, ip, &committed);
1181 if (error) {
1182 xfs_trans_cancel(tp, XFS_TRANS_RELEASE_LOG_RES |
1183 XFS_TRANS_ABORT);
1184 return error;
1185 }
1186
1187 /*
1188 * Make the changes in the superblock, and log those too.
1189 * sbfields arg may contain fields other than *QUOTINO;
1190 * VERSIONNUM for example.
1191 */
1192 spin_lock(&mp->m_sb_lock);
1193 if (flags & XFS_QMOPT_SBVERSION) {
1194 ASSERT(!xfs_sb_version_hasquota(&mp->m_sb));
1195 ASSERT((sbfields & (XFS_SB_VERSIONNUM | XFS_SB_UQUOTINO |
1196 XFS_SB_GQUOTINO | XFS_SB_QFLAGS)) ==
1197 (XFS_SB_VERSIONNUM | XFS_SB_UQUOTINO |
1198 XFS_SB_GQUOTINO | XFS_SB_QFLAGS));
1199
1200 xfs_sb_version_addquota(&mp->m_sb);
1201 mp->m_sb.sb_uquotino = NULLFSINO;
1202 mp->m_sb.sb_gquotino = NULLFSINO;
1203
1204 /* qflags will get updated _after_ quotacheck */
1205 mp->m_sb.sb_qflags = 0;
1206 }
1207 if (flags & XFS_QMOPT_UQUOTA)
1208 mp->m_sb.sb_uquotino = (*ip)->i_ino;
1209 else
1210 mp->m_sb.sb_gquotino = (*ip)->i_ino;
1211 spin_unlock(&mp->m_sb_lock);
1212 xfs_mod_sb(tp, sbfields);
1213
1214 if ((error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES))) {
1215 xfs_alert(mp, "%s failed (error %d)!", __func__, error);
1216 return error;
1217 }
1218 return 0;
1219}
1220
1221
1222STATIC void
1223xfs_qm_reset_dqcounts(
1224 xfs_mount_t *mp,
1225 xfs_buf_t *bp,
1226 xfs_dqid_t id,
1227 uint type)
1228{
1229 xfs_disk_dquot_t *ddq;
1230 int j;
1231
1232 trace_xfs_reset_dqcounts(bp, _RET_IP_);
1233
1234 /*
1235 * Reset all counters and timers. They'll be
1236 * started afresh by xfs_qm_quotacheck.
1237 */
1238#ifdef DEBUG
1239 j = XFS_FSB_TO_B(mp, XFS_DQUOT_CLUSTER_SIZE_FSB);
1240 do_div(j, sizeof(xfs_dqblk_t));
1241 ASSERT(mp->m_quotainfo->qi_dqperchunk == j);
1242#endif
1243 ddq = bp->b_addr;
1244 for (j = 0; j < mp->m_quotainfo->qi_dqperchunk; j++) {
1245 /*
1246 * Do a sanity check, and if needed, repair the dqblk. Don't
1247 * output any warnings because it's perfectly possible to
1248 * find uninitialised dquot blks. See comment in xfs_qm_dqcheck.
1249 */
1250 (void) xfs_qm_dqcheck(mp, ddq, id+j, type, XFS_QMOPT_DQREPAIR,
1251 "xfs_quotacheck");
1252 ddq->d_bcount = 0;
1253 ddq->d_icount = 0;
1254 ddq->d_rtbcount = 0;
1255 ddq->d_btimer = 0;
1256 ddq->d_itimer = 0;
1257 ddq->d_rtbtimer = 0;
1258 ddq->d_bwarns = 0;
1259 ddq->d_iwarns = 0;
1260 ddq->d_rtbwarns = 0;
1261 ddq = (xfs_disk_dquot_t *) ((xfs_dqblk_t *)ddq + 1);
1262 }
1263}
1264
1265STATIC int
1266xfs_qm_dqiter_bufs(
1267 xfs_mount_t *mp,
1268 xfs_dqid_t firstid,
1269 xfs_fsblock_t bno,
1270 xfs_filblks_t blkcnt,
1271 uint flags)
1272{
1273 xfs_buf_t *bp;
1274 int error;
1275 int type;
1276
1277 ASSERT(blkcnt > 0);
1278 type = flags & XFS_QMOPT_UQUOTA ? XFS_DQ_USER :
1279 (flags & XFS_QMOPT_PQUOTA ? XFS_DQ_PROJ : XFS_DQ_GROUP);
1280 error = 0;
1281
1282 /*
1283 * Blkcnt arg can be a very big number, and might even be
1284 * larger than the log itself. So, we have to break it up into
1285 * manageable-sized transactions.
1286 * Note that we don't start a permanent transaction here; we might
1287 * not be able to get a log reservation for the whole thing up front,
1288 * and we don't really care to either, because we just discard
1289 * everything if we were to crash in the middle of this loop.
1290 */
1291 while (blkcnt--) {
1292 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp,
1293 XFS_FSB_TO_DADDR(mp, bno),
1294 mp->m_quotainfo->qi_dqchunklen, 0, &bp);
1295 if (error)
1296 break;
1297
1298 xfs_qm_reset_dqcounts(mp, bp, firstid, type);
1299 xfs_bdwrite(mp, bp);
1300 /*
1301 * goto the next block.
1302 */
1303 bno++;
1304 firstid += mp->m_quotainfo->qi_dqperchunk;
1305 }
1306 return error;
1307}
1308
1309/*
1310 * Iterate over all allocated USR/GRP/PRJ dquots in the system, calling a
1311 * caller supplied function for every chunk of dquots that we find.
1312 */
1313STATIC int
1314xfs_qm_dqiterate(
1315 xfs_mount_t *mp,
1316 xfs_inode_t *qip,
1317 uint flags)
1318{
1319 xfs_bmbt_irec_t *map;
1320 int i, nmaps; /* number of map entries */
1321 int error; /* return value */
1322 xfs_fileoff_t lblkno;
1323 xfs_filblks_t maxlblkcnt;
1324 xfs_dqid_t firstid;
1325 xfs_fsblock_t rablkno;
1326 xfs_filblks_t rablkcnt;
1327
1328 error = 0;
1329 /*
1330 * This looks racy, but we can't keep an inode lock across a
1331 * trans_reserve. But, this gets called during quotacheck, and that
1332 * happens only at mount time which is single threaded.
1333 */
1334 if (qip->i_d.di_nblocks == 0)
1335 return 0;
1336
1337 map = kmem_alloc(XFS_DQITER_MAP_SIZE * sizeof(*map), KM_SLEEP);
1338
1339 lblkno = 0;
1340 maxlblkcnt = XFS_B_TO_FSB(mp, (xfs_ufsize_t)XFS_MAXIOFFSET(mp));
1341 do {
1342 nmaps = XFS_DQITER_MAP_SIZE;
1343 /*
1344 * We aren't changing the inode itself. Just changing
1345 * some of its data. No new blocks are added here, and
1346 * the inode is never added to the transaction.
1347 */
1348 xfs_ilock(qip, XFS_ILOCK_SHARED);
1349 error = xfs_bmapi(NULL, qip, lblkno,
1350 maxlblkcnt - lblkno,
1351 XFS_BMAPI_METADATA,
1352 NULL,
1353 0, map, &nmaps, NULL);
1354 xfs_iunlock(qip, XFS_ILOCK_SHARED);
1355 if (error)
1356 break;
1357
1358 ASSERT(nmaps <= XFS_DQITER_MAP_SIZE);
1359 for (i = 0; i < nmaps; i++) {
1360 ASSERT(map[i].br_startblock != DELAYSTARTBLOCK);
1361 ASSERT(map[i].br_blockcount);
1362
1363
1364 lblkno += map[i].br_blockcount;
1365
1366 if (map[i].br_startblock == HOLESTARTBLOCK)
1367 continue;
1368
1369 firstid = (xfs_dqid_t) map[i].br_startoff *
1370 mp->m_quotainfo->qi_dqperchunk;
1371 /*
1372 * Do a read-ahead on the next extent.
1373 */
1374 if ((i+1 < nmaps) &&
1375 (map[i+1].br_startblock != HOLESTARTBLOCK)) {
1376 rablkcnt = map[i+1].br_blockcount;
1377 rablkno = map[i+1].br_startblock;
1378 while (rablkcnt--) {
1379 xfs_buf_readahead(mp->m_ddev_targp,
1380 XFS_FSB_TO_DADDR(mp, rablkno),
1381 mp->m_quotainfo->qi_dqchunklen);
1382 rablkno++;
1383 }
1384 }
1385 /*
1386 * Iterate thru all the blks in the extent and
1387 * reset the counters of all the dquots inside them.
1388 */
1389 if ((error = xfs_qm_dqiter_bufs(mp,
1390 firstid,
1391 map[i].br_startblock,
1392 map[i].br_blockcount,
1393 flags))) {
1394 break;
1395 }
1396 }
1397
1398 if (error)
1399 break;
1400 } while (nmaps > 0);
1401
1402 kmem_free(map);
1403
1404 return error;
1405}
1406
1407/*
1408 * Called by dqusage_adjust in doing a quotacheck.
1409 *
1410 * Given the inode, and a dquot id this updates both the incore dqout as well
1411 * as the buffer copy. This is so that once the quotacheck is done, we can
1412 * just log all the buffers, as opposed to logging numerous updates to
1413 * individual dquots.
1414 */
1415STATIC int
1416xfs_qm_quotacheck_dqadjust(
1417 struct xfs_inode *ip,
1418 xfs_dqid_t id,
1419 uint type,
1420 xfs_qcnt_t nblks,
1421 xfs_qcnt_t rtblks)
1422{
1423 struct xfs_mount *mp = ip->i_mount;
1424 struct xfs_dquot *dqp;
1425 int error;
1426
1427 error = xfs_qm_dqget(mp, ip, id, type,
1428 XFS_QMOPT_DQALLOC | XFS_QMOPT_DOWARN, &dqp);
1429 if (error) {
1430 /*
1431 * Shouldn't be able to turn off quotas here.
1432 */
1433 ASSERT(error != ESRCH);
1434 ASSERT(error != ENOENT);
1435 return error;
1436 }
1437
1438 trace_xfs_dqadjust(dqp);
1439
1440 /*
1441 * Adjust the inode count and the block count to reflect this inode's
1442 * resource usage.
1443 */
1444 be64_add_cpu(&dqp->q_core.d_icount, 1);
1445 dqp->q_res_icount++;
1446 if (nblks) {
1447 be64_add_cpu(&dqp->q_core.d_bcount, nblks);
1448 dqp->q_res_bcount += nblks;
1449 }
1450 if (rtblks) {
1451 be64_add_cpu(&dqp->q_core.d_rtbcount, rtblks);
1452 dqp->q_res_rtbcount += rtblks;
1453 }
1454
1455 /*
1456 * Set default limits, adjust timers (since we changed usages)
1457 *
1458 * There are no timers for the default values set in the root dquot.
1459 */
1460 if (dqp->q_core.d_id) {
1461 xfs_qm_adjust_dqlimits(mp, &dqp->q_core);
1462 xfs_qm_adjust_dqtimers(mp, &dqp->q_core);
1463 }
1464
1465 dqp->dq_flags |= XFS_DQ_DIRTY;
1466 xfs_qm_dqput(dqp);
1467 return 0;
1468}
1469
1470STATIC int
1471xfs_qm_get_rtblks(
1472 xfs_inode_t *ip,
1473 xfs_qcnt_t *O_rtblks)
1474{
1475 xfs_filblks_t rtblks; /* total rt blks */
1476 xfs_extnum_t idx; /* extent record index */
1477 xfs_ifork_t *ifp; /* inode fork pointer */
1478 xfs_extnum_t nextents; /* number of extent entries */
1479 int error;
1480
1481 ASSERT(XFS_IS_REALTIME_INODE(ip));
1482 ifp = XFS_IFORK_PTR(ip, XFS_DATA_FORK);
1483 if (!(ifp->if_flags & XFS_IFEXTENTS)) {
1484 if ((error = xfs_iread_extents(NULL, ip, XFS_DATA_FORK)))
1485 return error;
1486 }
1487 rtblks = 0;
1488 nextents = ifp->if_bytes / (uint)sizeof(xfs_bmbt_rec_t);
1489 for (idx = 0; idx < nextents; idx++)
1490 rtblks += xfs_bmbt_get_blockcount(xfs_iext_get_ext(ifp, idx));
1491 *O_rtblks = (xfs_qcnt_t)rtblks;
1492 return 0;
1493}
1494
1495/*
1496 * callback routine supplied to bulkstat(). Given an inumber, find its
1497 * dquots and update them to account for resources taken by that inode.
1498 */
1499/* ARGSUSED */
1500STATIC int
1501xfs_qm_dqusage_adjust(
1502 xfs_mount_t *mp, /* mount point for filesystem */
1503 xfs_ino_t ino, /* inode number to get data for */
1504 void __user *buffer, /* not used */
1505 int ubsize, /* not used */
1506 int *ubused, /* not used */
1507 int *res) /* result code value */
1508{
1509 xfs_inode_t *ip;
1510 xfs_qcnt_t nblks, rtblks = 0;
1511 int error;
1512
1513 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1514
1515 /*
1516 * rootino must have its resources accounted for, not so with the quota
1517 * inodes.
1518 */
1519 if (ino == mp->m_sb.sb_uquotino || ino == mp->m_sb.sb_gquotino) {
1520 *res = BULKSTAT_RV_NOTHING;
1521 return XFS_ERROR(EINVAL);
1522 }
1523
1524 /*
1525 * We don't _need_ to take the ilock EXCL. However, the xfs_qm_dqget
1526 * interface expects the inode to be exclusively locked because that's
1527 * the case in all other instances. It's OK that we do this because
1528 * quotacheck is done only at mount time.
1529 */
1530 error = xfs_iget(mp, NULL, ino, 0, XFS_ILOCK_EXCL, &ip);
1531 if (error) {
1532 *res = BULKSTAT_RV_NOTHING;
1533 return error;
1534 }
1535
1536 ASSERT(ip->i_delayed_blks == 0);
1537
1538 if (XFS_IS_REALTIME_INODE(ip)) {
1539 /*
1540 * Walk thru the extent list and count the realtime blocks.
1541 */
1542 error = xfs_qm_get_rtblks(ip, &rtblks);
1543 if (error)
1544 goto error0;
1545 }
1546
1547 nblks = (xfs_qcnt_t)ip->i_d.di_nblocks - rtblks;
1548
1549 /*
1550 * Add the (disk blocks and inode) resources occupied by this
1551 * inode to its dquots. We do this adjustment in the incore dquot,
1552 * and also copy the changes to its buffer.
1553 * We don't care about putting these changes in a transaction
1554 * envelope because if we crash in the middle of a 'quotacheck'
1555 * we have to start from the beginning anyway.
1556 * Once we're done, we'll log all the dquot bufs.
1557 *
1558 * The *QUOTA_ON checks below may look pretty racy, but quotachecks
1559 * and quotaoffs don't race. (Quotachecks happen at mount time only).
1560 */
1561 if (XFS_IS_UQUOTA_ON(mp)) {
1562 error = xfs_qm_quotacheck_dqadjust(ip, ip->i_d.di_uid,
1563 XFS_DQ_USER, nblks, rtblks);
1564 if (error)
1565 goto error0;
1566 }
1567
1568 if (XFS_IS_GQUOTA_ON(mp)) {
1569 error = xfs_qm_quotacheck_dqadjust(ip, ip->i_d.di_gid,
1570 XFS_DQ_GROUP, nblks, rtblks);
1571 if (error)
1572 goto error0;
1573 }
1574
1575 if (XFS_IS_PQUOTA_ON(mp)) {
1576 error = xfs_qm_quotacheck_dqadjust(ip, xfs_get_projid(ip),
1577 XFS_DQ_PROJ, nblks, rtblks);
1578 if (error)
1579 goto error0;
1580 }
1581
1582 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1583 IRELE(ip);
1584 *res = BULKSTAT_RV_DIDONE;
1585 return 0;
1586
1587error0:
1588 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1589 IRELE(ip);
1590 *res = BULKSTAT_RV_GIVEUP;
1591 return error;
1592}
1593
1594/*
1595 * Walk thru all the filesystem inodes and construct a consistent view
1596 * of the disk quota world. If the quotacheck fails, disable quotas.
1597 */
1598int
1599xfs_qm_quotacheck(
1600 xfs_mount_t *mp)
1601{
1602 int done, count, error;
1603 xfs_ino_t lastino;
1604 size_t structsz;
1605 xfs_inode_t *uip, *gip;
1606 uint flags;
1607
1608 count = INT_MAX;
1609 structsz = 1;
1610 lastino = 0;
1611 flags = 0;
1612
1613 ASSERT(mp->m_quotainfo->qi_uquotaip || mp->m_quotainfo->qi_gquotaip);
1614 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1615
1616 /*
1617 * There should be no cached dquots. The (simplistic) quotacheck
1618 * algorithm doesn't like that.
1619 */
1620 ASSERT(list_empty(&mp->m_quotainfo->qi_dqlist));
1621
1622 xfs_notice(mp, "Quotacheck needed: Please wait.");
1623
1624 /*
1625 * First we go thru all the dquots on disk, USR and GRP/PRJ, and reset
1626 * their counters to zero. We need a clean slate.
1627 * We don't log our changes till later.
1628 */
1629 uip = mp->m_quotainfo->qi_uquotaip;
1630 if (uip) {
1631 error = xfs_qm_dqiterate(mp, uip, XFS_QMOPT_UQUOTA);
1632 if (error)
1633 goto error_return;
1634 flags |= XFS_UQUOTA_CHKD;
1635 }
1636
1637 gip = mp->m_quotainfo->qi_gquotaip;
1638 if (gip) {
1639 error = xfs_qm_dqiterate(mp, gip, XFS_IS_GQUOTA_ON(mp) ?
1640 XFS_QMOPT_GQUOTA : XFS_QMOPT_PQUOTA);
1641 if (error)
1642 goto error_return;
1643 flags |= XFS_OQUOTA_CHKD;
1644 }
1645
1646 do {
1647 /*
1648 * Iterate thru all the inodes in the file system,
1649 * adjusting the corresponding dquot counters in core.
1650 */
1651 error = xfs_bulkstat(mp, &lastino, &count,
1652 xfs_qm_dqusage_adjust,
1653 structsz, NULL, &done);
1654 if (error)
1655 break;
1656
1657 } while (!done);
1658
1659 /*
1660 * We've made all the changes that we need to make incore.
1661 * Flush them down to disk buffers if everything was updated
1662 * successfully.
1663 */
1664 if (!error)
1665 error = xfs_qm_dqflush_all(mp, 0);
1666
1667 /*
1668 * We can get this error if we couldn't do a dquot allocation inside
1669 * xfs_qm_dqusage_adjust (via bulkstat). We don't care about the
1670 * dirty dquots that might be cached, we just want to get rid of them
1671 * and turn quotaoff. The dquots won't be attached to any of the inodes
1672 * at this point (because we intentionally didn't in dqget_noattach).
1673 */
1674 if (error) {
1675 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL);
1676 goto error_return;
1677 }
1678
1679 /*
1680 * We didn't log anything, because if we crashed, we'll have to
1681 * start the quotacheck from scratch anyway. However, we must make
1682 * sure that our dquot changes are secure before we put the
1683 * quotacheck'd stamp on the superblock. So, here we do a synchronous
1684 * flush.
1685 */
1686 XFS_bflush(mp->m_ddev_targp);
1687
1688 /*
1689 * If one type of quotas is off, then it will lose its
1690 * quotachecked status, since we won't be doing accounting for
1691 * that type anymore.
1692 */
1693 mp->m_qflags &= ~(XFS_OQUOTA_CHKD | XFS_UQUOTA_CHKD);
1694 mp->m_qflags |= flags;
1695
1696 error_return:
1697 if (error) {
1698 xfs_warn(mp,
1699 "Quotacheck: Unsuccessful (Error %d): Disabling quotas.",
1700 error);
1701 /*
1702 * We must turn off quotas.
1703 */
1704 ASSERT(mp->m_quotainfo != NULL);
1705 ASSERT(xfs_Gqm != NULL);
1706 xfs_qm_destroy_quotainfo(mp);
1707 if (xfs_mount_reset_sbqflags(mp)) {
1708 xfs_warn(mp,
1709 "Quotacheck: Failed to reset quota flags.");
1710 }
1711 } else
1712 xfs_notice(mp, "Quotacheck: Done.");
1713 return (error);
1714}
1715
1716/*
1717 * This is called after the superblock has been read in and we're ready to
1718 * iget the quota inodes.
1719 */
1720STATIC int
1721xfs_qm_init_quotainos(
1722 xfs_mount_t *mp)
1723{
1724 xfs_inode_t *uip, *gip;
1725 int error;
1726 __int64_t sbflags;
1727 uint flags;
1728
1729 ASSERT(mp->m_quotainfo);
1730 uip = gip = NULL;
1731 sbflags = 0;
1732 flags = 0;
1733
1734 /*
1735 * Get the uquota and gquota inodes
1736 */
1737 if (xfs_sb_version_hasquota(&mp->m_sb)) {
1738 if (XFS_IS_UQUOTA_ON(mp) &&
1739 mp->m_sb.sb_uquotino != NULLFSINO) {
1740 ASSERT(mp->m_sb.sb_uquotino > 0);
1741 if ((error = xfs_iget(mp, NULL, mp->m_sb.sb_uquotino,
1742 0, 0, &uip)))
1743 return XFS_ERROR(error);
1744 }
1745 if (XFS_IS_OQUOTA_ON(mp) &&
1746 mp->m_sb.sb_gquotino != NULLFSINO) {
1747 ASSERT(mp->m_sb.sb_gquotino > 0);
1748 if ((error = xfs_iget(mp, NULL, mp->m_sb.sb_gquotino,
1749 0, 0, &gip))) {
1750 if (uip)
1751 IRELE(uip);
1752 return XFS_ERROR(error);
1753 }
1754 }
1755 } else {
1756 flags |= XFS_QMOPT_SBVERSION;
1757 sbflags |= (XFS_SB_VERSIONNUM | XFS_SB_UQUOTINO |
1758 XFS_SB_GQUOTINO | XFS_SB_QFLAGS);
1759 }
1760
1761 /*
1762 * Create the two inodes, if they don't exist already. The changes
1763 * made above will get added to a transaction and logged in one of
1764 * the qino_alloc calls below. If the device is readonly,
1765 * temporarily switch to read-write to do this.
1766 */
1767 if (XFS_IS_UQUOTA_ON(mp) && uip == NULL) {
1768 if ((error = xfs_qm_qino_alloc(mp, &uip,
1769 sbflags | XFS_SB_UQUOTINO,
1770 flags | XFS_QMOPT_UQUOTA)))
1771 return XFS_ERROR(error);
1772
1773 flags &= ~XFS_QMOPT_SBVERSION;
1774 }
1775 if (XFS_IS_OQUOTA_ON(mp) && gip == NULL) {
1776 flags |= (XFS_IS_GQUOTA_ON(mp) ?
1777 XFS_QMOPT_GQUOTA : XFS_QMOPT_PQUOTA);
1778 error = xfs_qm_qino_alloc(mp, &gip,
1779 sbflags | XFS_SB_GQUOTINO, flags);
1780 if (error) {
1781 if (uip)
1782 IRELE(uip);
1783
1784 return XFS_ERROR(error);
1785 }
1786 }
1787
1788 mp->m_quotainfo->qi_uquotaip = uip;
1789 mp->m_quotainfo->qi_gquotaip = gip;
1790
1791 return 0;
1792}
1793
1794
1795
1796/*
1797 * Just pop the least recently used dquot off the freelist and
1798 * recycle it. The returned dquot is locked.
1799 */
1800STATIC xfs_dquot_t *
1801xfs_qm_dqreclaim_one(void)
1802{
1803 xfs_dquot_t *dqpout;
1804 xfs_dquot_t *dqp;
1805 int restarts;
1806 int startagain;
1807
1808 restarts = 0;
1809 dqpout = NULL;
1810
1811 /* lockorder: hashchainlock, freelistlock, mplistlock, dqlock, dqflock */
1812again:
1813 startagain = 0;
1814 mutex_lock(&xfs_Gqm->qm_dqfrlist_lock);
1815
1816 list_for_each_entry(dqp, &xfs_Gqm->qm_dqfrlist, q_freelist) {
1817 struct xfs_mount *mp = dqp->q_mount;
1818 xfs_dqlock(dqp);
1819
1820 /*
1821 * We are racing with dqlookup here. Naturally we don't
1822 * want to reclaim a dquot that lookup wants. We release the
1823 * freelist lock and start over, so that lookup will grab
1824 * both the dquot and the freelistlock.
1825 */
1826 if (dqp->dq_flags & XFS_DQ_WANT) {
1827 ASSERT(! (dqp->dq_flags & XFS_DQ_INACTIVE));
1828
1829 trace_xfs_dqreclaim_want(dqp);
1830 XQM_STATS_INC(xqmstats.xs_qm_dqwants);
1831 restarts++;
1832 startagain = 1;
1833 goto dqunlock;
1834 }
1835
1836 /*
1837 * If the dquot is inactive, we are assured that it is
1838 * not on the mplist or the hashlist, and that makes our
1839 * life easier.
1840 */
1841 if (dqp->dq_flags & XFS_DQ_INACTIVE) {
1842 ASSERT(mp == NULL);
1843 ASSERT(! XFS_DQ_IS_DIRTY(dqp));
1844 ASSERT(list_empty(&dqp->q_hashlist));
1845 ASSERT(list_empty(&dqp->q_mplist));
1846 list_del_init(&dqp->q_freelist);
1847 xfs_Gqm->qm_dqfrlist_cnt--;
1848 dqpout = dqp;
1849 XQM_STATS_INC(xqmstats.xs_qm_dqinact_reclaims);
1850 goto dqunlock;
1851 }
1852
1853 ASSERT(dqp->q_hash);
1854 ASSERT(!list_empty(&dqp->q_mplist));
1855
1856 /*
1857 * Try to grab the flush lock. If this dquot is in the process
1858 * of getting flushed to disk, we don't want to reclaim it.
1859 */
1860 if (!xfs_dqflock_nowait(dqp))
1861 goto dqunlock;
1862
1863 /*
1864 * We have the flush lock so we know that this is not in the
1865 * process of being flushed. So, if this is dirty, flush it
1866 * DELWRI so that we don't get a freelist infested with
1867 * dirty dquots.
1868 */
1869 if (XFS_DQ_IS_DIRTY(dqp)) {
1870 int error;
1871
1872 trace_xfs_dqreclaim_dirty(dqp);
1873
1874 /*
1875 * We flush it delayed write, so don't bother
1876 * releasing the freelist lock.
1877 */
1878 error = xfs_qm_dqflush(dqp, 0);
1879 if (error) {
1880 xfs_warn(mp, "%s: dquot %p flush failed",
1881 __func__, dqp);
1882 }
1883 goto dqunlock;
1884 }
1885
1886 /*
1887 * We're trying to get the hashlock out of order. This races
1888 * with dqlookup; so, we giveup and goto the next dquot if
1889 * we couldn't get the hashlock. This way, we won't starve
1890 * a dqlookup process that holds the hashlock that is
1891 * waiting for the freelist lock.
1892 */
1893 if (!mutex_trylock(&dqp->q_hash->qh_lock)) {
1894 restarts++;
1895 goto dqfunlock;
1896 }
1897
1898 /*
1899 * This races with dquot allocation code as well as dqflush_all
1900 * and reclaim code. So, if we failed to grab the mplist lock,
1901 * giveup everything and start over.
1902 */
1903 if (!mutex_trylock(&mp->m_quotainfo->qi_dqlist_lock)) {
1904 restarts++;
1905 startagain = 1;
1906 goto qhunlock;
1907 }
1908
1909 ASSERT(dqp->q_nrefs == 0);
1910 list_del_init(&dqp->q_mplist);
1911 mp->m_quotainfo->qi_dquots--;
1912 mp->m_quotainfo->qi_dqreclaims++;
1913 list_del_init(&dqp->q_hashlist);
1914 dqp->q_hash->qh_version++;
1915 list_del_init(&dqp->q_freelist);
1916 xfs_Gqm->qm_dqfrlist_cnt--;
1917 dqpout = dqp;
1918 mutex_unlock(&mp->m_quotainfo->qi_dqlist_lock);
1919qhunlock:
1920 mutex_unlock(&dqp->q_hash->qh_lock);
1921dqfunlock:
1922 xfs_dqfunlock(dqp);
1923dqunlock:
1924 xfs_dqunlock(dqp);
1925 if (dqpout)
1926 break;
1927 if (restarts >= XFS_QM_RECLAIM_MAX_RESTARTS)
1928 break;
1929 if (startagain) {
1930 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1931 goto again;
1932 }
1933 }
1934 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1935 return dqpout;
1936}
1937
1938/*
1939 * Traverse the freelist of dquots and attempt to reclaim a maximum of
1940 * 'howmany' dquots. This operation races with dqlookup(), and attempts to
1941 * favor the lookup function ...
1942 */
1943STATIC int
1944xfs_qm_shake_freelist(
1945 int howmany)
1946{
1947 int nreclaimed = 0;
1948 xfs_dquot_t *dqp;
1949
1950 if (howmany <= 0)
1951 return 0;
1952
1953 while (nreclaimed < howmany) {
1954 dqp = xfs_qm_dqreclaim_one();
1955 if (!dqp)
1956 return nreclaimed;
1957 xfs_qm_dqdestroy(dqp);
1958 nreclaimed++;
1959 }
1960 return nreclaimed;
1961}
1962
1963/*
1964 * The kmem_shake interface is invoked when memory is running low.
1965 */
1966/* ARGSUSED */
1967STATIC int
1968xfs_qm_shake(
1969 struct shrinker *shrink,
1970 struct shrink_control *sc)
1971{
1972 int ndqused, nfree, n;
1973 gfp_t gfp_mask = sc->gfp_mask;
1974
1975 if (!kmem_shake_allow(gfp_mask))
1976 return 0;
1977 if (!xfs_Gqm)
1978 return 0;
1979
1980 nfree = xfs_Gqm->qm_dqfrlist_cnt; /* free dquots */
1981 /* incore dquots in all f/s's */
1982 ndqused = atomic_read(&xfs_Gqm->qm_totaldquots) - nfree;
1983
1984 ASSERT(ndqused >= 0);
1985
1986 if (nfree <= ndqused && nfree < ndquot)
1987 return 0;
1988
1989 ndqused *= xfs_Gqm->qm_dqfree_ratio; /* target # of free dquots */
1990 n = nfree - ndqused - ndquot; /* # over target */
1991
1992 return xfs_qm_shake_freelist(MAX(nfree, n));
1993}
1994
1995
1996/*------------------------------------------------------------------*/
1997
1998/*
1999 * Return a new incore dquot. Depending on the number of
2000 * dquots in the system, we either allocate a new one on the kernel heap,
2001 * or reclaim a free one.
2002 * Return value is B_TRUE if we allocated a new dquot, B_FALSE if we managed
2003 * to reclaim an existing one from the freelist.
2004 */
2005boolean_t
2006xfs_qm_dqalloc_incore(
2007 xfs_dquot_t **O_dqpp)
2008{
2009 xfs_dquot_t *dqp;
2010
2011 /*
2012 * Check against high water mark to see if we want to pop
2013 * a nincompoop dquot off the freelist.
2014 */
2015 if (atomic_read(&xfs_Gqm->qm_totaldquots) >= ndquot) {
2016 /*
2017 * Try to recycle a dquot from the freelist.
2018 */
2019 if ((dqp = xfs_qm_dqreclaim_one())) {
2020 XQM_STATS_INC(xqmstats.xs_qm_dqreclaims);
2021 /*
2022 * Just zero the core here. The rest will get
2023 * reinitialized by caller. XXX we shouldn't even
2024 * do this zero ...
2025 */
2026 memset(&dqp->q_core, 0, sizeof(dqp->q_core));
2027 *O_dqpp = dqp;
2028 return B_FALSE;
2029 }
2030 XQM_STATS_INC(xqmstats.xs_qm_dqreclaim_misses);
2031 }
2032
2033 /*
2034 * Allocate a brand new dquot on the kernel heap and return it
2035 * to the caller to initialize.
2036 */
2037 ASSERT(xfs_Gqm->qm_dqzone != NULL);
2038 *O_dqpp = kmem_zone_zalloc(xfs_Gqm->qm_dqzone, KM_SLEEP);
2039 atomic_inc(&xfs_Gqm->qm_totaldquots);
2040
2041 return B_TRUE;
2042}
2043
2044
2045/*
2046 * Start a transaction and write the incore superblock changes to
2047 * disk. flags parameter indicates which fields have changed.
2048 */
2049int
2050xfs_qm_write_sb_changes(
2051 xfs_mount_t *mp,
2052 __int64_t flags)
2053{
2054 xfs_trans_t *tp;
2055 int error;
2056
2057 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_SBCHANGE);
2058 if ((error = xfs_trans_reserve(tp, 0,
2059 mp->m_sb.sb_sectsize + 128, 0,
2060 0,
2061 XFS_DEFAULT_LOG_COUNT))) {
2062 xfs_trans_cancel(tp, 0);
2063 return error;
2064 }
2065
2066 xfs_mod_sb(tp, flags);
2067 error = xfs_trans_commit(tp, 0);
2068
2069 return error;
2070}
2071
2072
2073/* --------------- utility functions for vnodeops ---------------- */
2074
2075
2076/*
2077 * Given an inode, a uid, gid and prid make sure that we have
2078 * allocated relevant dquot(s) on disk, and that we won't exceed inode
2079 * quotas by creating this file.
2080 * This also attaches dquot(s) to the given inode after locking it,
2081 * and returns the dquots corresponding to the uid and/or gid.
2082 *
2083 * in : inode (unlocked)
2084 * out : udquot, gdquot with references taken and unlocked
2085 */
2086int
2087xfs_qm_vop_dqalloc(
2088 struct xfs_inode *ip,
2089 uid_t uid,
2090 gid_t gid,
2091 prid_t prid,
2092 uint flags,
2093 struct xfs_dquot **O_udqpp,
2094 struct xfs_dquot **O_gdqpp)
2095{
2096 struct xfs_mount *mp = ip->i_mount;
2097 struct xfs_dquot *uq, *gq;
2098 int error;
2099 uint lockflags;
2100
2101 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
2102 return 0;
2103
2104 lockflags = XFS_ILOCK_EXCL;
2105 xfs_ilock(ip, lockflags);
2106
2107 if ((flags & XFS_QMOPT_INHERIT) && XFS_INHERIT_GID(ip))
2108 gid = ip->i_d.di_gid;
2109
2110 /*
2111 * Attach the dquot(s) to this inode, doing a dquot allocation
2112 * if necessary. The dquot(s) will not be locked.
2113 */
2114 if (XFS_NOT_DQATTACHED(mp, ip)) {
2115 error = xfs_qm_dqattach_locked(ip, XFS_QMOPT_DQALLOC);
2116 if (error) {
2117 xfs_iunlock(ip, lockflags);
2118 return error;
2119 }
2120 }
2121
2122 uq = gq = NULL;
2123 if ((flags & XFS_QMOPT_UQUOTA) && XFS_IS_UQUOTA_ON(mp)) {
2124 if (ip->i_d.di_uid != uid) {
2125 /*
2126 * What we need is the dquot that has this uid, and
2127 * if we send the inode to dqget, the uid of the inode
2128 * takes priority over what's sent in the uid argument.
2129 * We must unlock inode here before calling dqget if
2130 * we're not sending the inode, because otherwise
2131 * we'll deadlock by doing trans_reserve while
2132 * holding ilock.
2133 */
2134 xfs_iunlock(ip, lockflags);
2135 if ((error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t) uid,
2136 XFS_DQ_USER,
2137 XFS_QMOPT_DQALLOC |
2138 XFS_QMOPT_DOWARN,
2139 &uq))) {
2140 ASSERT(error != ENOENT);
2141 return error;
2142 }
2143 /*
2144 * Get the ilock in the right order.
2145 */
2146 xfs_dqunlock(uq);
2147 lockflags = XFS_ILOCK_SHARED;
2148 xfs_ilock(ip, lockflags);
2149 } else {
2150 /*
2151 * Take an extra reference, because we'll return
2152 * this to caller
2153 */
2154 ASSERT(ip->i_udquot);
2155 uq = ip->i_udquot;
2156 xfs_dqlock(uq);
2157 XFS_DQHOLD(uq);
2158 xfs_dqunlock(uq);
2159 }
2160 }
2161 if ((flags & XFS_QMOPT_GQUOTA) && XFS_IS_GQUOTA_ON(mp)) {
2162 if (ip->i_d.di_gid != gid) {
2163 xfs_iunlock(ip, lockflags);
2164 if ((error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)gid,
2165 XFS_DQ_GROUP,
2166 XFS_QMOPT_DQALLOC |
2167 XFS_QMOPT_DOWARN,
2168 &gq))) {
2169 if (uq)
2170 xfs_qm_dqrele(uq);
2171 ASSERT(error != ENOENT);
2172 return error;
2173 }
2174 xfs_dqunlock(gq);
2175 lockflags = XFS_ILOCK_SHARED;
2176 xfs_ilock(ip, lockflags);
2177 } else {
2178 ASSERT(ip->i_gdquot);
2179 gq = ip->i_gdquot;
2180 xfs_dqlock(gq);
2181 XFS_DQHOLD(gq);
2182 xfs_dqunlock(gq);
2183 }
2184 } else if ((flags & XFS_QMOPT_PQUOTA) && XFS_IS_PQUOTA_ON(mp)) {
2185 if (xfs_get_projid(ip) != prid) {
2186 xfs_iunlock(ip, lockflags);
2187 if ((error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)prid,
2188 XFS_DQ_PROJ,
2189 XFS_QMOPT_DQALLOC |
2190 XFS_QMOPT_DOWARN,
2191 &gq))) {
2192 if (uq)
2193 xfs_qm_dqrele(uq);
2194 ASSERT(error != ENOENT);
2195 return (error);
2196 }
2197 xfs_dqunlock(gq);
2198 lockflags = XFS_ILOCK_SHARED;
2199 xfs_ilock(ip, lockflags);
2200 } else {
2201 ASSERT(ip->i_gdquot);
2202 gq = ip->i_gdquot;
2203 xfs_dqlock(gq);
2204 XFS_DQHOLD(gq);
2205 xfs_dqunlock(gq);
2206 }
2207 }
2208 if (uq)
2209 trace_xfs_dquot_dqalloc(ip);
2210
2211 xfs_iunlock(ip, lockflags);
2212 if (O_udqpp)
2213 *O_udqpp = uq;
2214 else if (uq)
2215 xfs_qm_dqrele(uq);
2216 if (O_gdqpp)
2217 *O_gdqpp = gq;
2218 else if (gq)
2219 xfs_qm_dqrele(gq);
2220 return 0;
2221}
2222
2223/*
2224 * Actually transfer ownership, and do dquot modifications.
2225 * These were already reserved.
2226 */
2227xfs_dquot_t *
2228xfs_qm_vop_chown(
2229 xfs_trans_t *tp,
2230 xfs_inode_t *ip,
2231 xfs_dquot_t **IO_olddq,
2232 xfs_dquot_t *newdq)
2233{
2234 xfs_dquot_t *prevdq;
2235 uint bfield = XFS_IS_REALTIME_INODE(ip) ?
2236 XFS_TRANS_DQ_RTBCOUNT : XFS_TRANS_DQ_BCOUNT;
2237
2238
2239 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
2240 ASSERT(XFS_IS_QUOTA_RUNNING(ip->i_mount));
2241
2242 /* old dquot */
2243 prevdq = *IO_olddq;
2244 ASSERT(prevdq);
2245 ASSERT(prevdq != newdq);
2246
2247 xfs_trans_mod_dquot(tp, prevdq, bfield, -(ip->i_d.di_nblocks));
2248 xfs_trans_mod_dquot(tp, prevdq, XFS_TRANS_DQ_ICOUNT, -1);
2249
2250 /* the sparkling new dquot */
2251 xfs_trans_mod_dquot(tp, newdq, bfield, ip->i_d.di_nblocks);
2252 xfs_trans_mod_dquot(tp, newdq, XFS_TRANS_DQ_ICOUNT, 1);
2253
2254 /*
2255 * Take an extra reference, because the inode
2256 * is going to keep this dquot pointer even
2257 * after the trans_commit.
2258 */
2259 xfs_dqlock(newdq);
2260 XFS_DQHOLD(newdq);
2261 xfs_dqunlock(newdq);
2262 *IO_olddq = newdq;
2263
2264 return prevdq;
2265}
2266
2267/*
2268 * Quota reservations for setattr(AT_UID|AT_GID|AT_PROJID).
2269 */
2270int
2271xfs_qm_vop_chown_reserve(
2272 xfs_trans_t *tp,
2273 xfs_inode_t *ip,
2274 xfs_dquot_t *udqp,
2275 xfs_dquot_t *gdqp,
2276 uint flags)
2277{
2278 xfs_mount_t *mp = ip->i_mount;
2279 uint delblks, blkflags, prjflags = 0;
2280 xfs_dquot_t *unresudq, *unresgdq, *delblksudq, *delblksgdq;
2281 int error;
2282
2283
2284 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL|XFS_ILOCK_SHARED));
2285 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
2286
2287 delblks = ip->i_delayed_blks;
2288 delblksudq = delblksgdq = unresudq = unresgdq = NULL;
2289 blkflags = XFS_IS_REALTIME_INODE(ip) ?
2290 XFS_QMOPT_RES_RTBLKS : XFS_QMOPT_RES_REGBLKS;
2291
2292 if (XFS_IS_UQUOTA_ON(mp) && udqp &&
2293 ip->i_d.di_uid != (uid_t)be32_to_cpu(udqp->q_core.d_id)) {
2294 delblksudq = udqp;
2295 /*
2296 * If there are delayed allocation blocks, then we have to
2297 * unreserve those from the old dquot, and add them to the
2298 * new dquot.
2299 */
2300 if (delblks) {
2301 ASSERT(ip->i_udquot);
2302 unresudq = ip->i_udquot;
2303 }
2304 }
2305 if (XFS_IS_OQUOTA_ON(ip->i_mount) && gdqp) {
2306 if (XFS_IS_PQUOTA_ON(ip->i_mount) &&
2307 xfs_get_projid(ip) != be32_to_cpu(gdqp->q_core.d_id))
2308 prjflags = XFS_QMOPT_ENOSPC;
2309
2310 if (prjflags ||
2311 (XFS_IS_GQUOTA_ON(ip->i_mount) &&
2312 ip->i_d.di_gid != be32_to_cpu(gdqp->q_core.d_id))) {
2313 delblksgdq = gdqp;
2314 if (delblks) {
2315 ASSERT(ip->i_gdquot);
2316 unresgdq = ip->i_gdquot;
2317 }
2318 }
2319 }
2320
2321 if ((error = xfs_trans_reserve_quota_bydquots(tp, ip->i_mount,
2322 delblksudq, delblksgdq, ip->i_d.di_nblocks, 1,
2323 flags | blkflags | prjflags)))
2324 return (error);
2325
2326 /*
2327 * Do the delayed blks reservations/unreservations now. Since, these
2328 * are done without the help of a transaction, if a reservation fails
2329 * its previous reservations won't be automatically undone by trans
2330 * code. So, we have to do it manually here.
2331 */
2332 if (delblks) {
2333 /*
2334 * Do the reservations first. Unreservation can't fail.
2335 */
2336 ASSERT(delblksudq || delblksgdq);
2337 ASSERT(unresudq || unresgdq);
2338 if ((error = xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount,
2339 delblksudq, delblksgdq, (xfs_qcnt_t)delblks, 0,
2340 flags | blkflags | prjflags)))
2341 return (error);
2342 xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount,
2343 unresudq, unresgdq, -((xfs_qcnt_t)delblks), 0,
2344 blkflags);
2345 }
2346
2347 return (0);
2348}
2349
2350int
2351xfs_qm_vop_rename_dqattach(
2352 struct xfs_inode **i_tab)
2353{
2354 struct xfs_mount *mp = i_tab[0]->i_mount;
2355 int i;
2356
2357 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
2358 return 0;
2359
2360 for (i = 0; (i < 4 && i_tab[i]); i++) {
2361 struct xfs_inode *ip = i_tab[i];
2362 int error;
2363
2364 /*
2365 * Watch out for duplicate entries in the table.
2366 */
2367 if (i == 0 || ip != i_tab[i-1]) {
2368 if (XFS_NOT_DQATTACHED(mp, ip)) {
2369 error = xfs_qm_dqattach(ip, 0);
2370 if (error)
2371 return error;
2372 }
2373 }
2374 }
2375 return 0;
2376}
2377
2378void
2379xfs_qm_vop_create_dqattach(
2380 struct xfs_trans *tp,
2381 struct xfs_inode *ip,
2382 struct xfs_dquot *udqp,
2383 struct xfs_dquot *gdqp)
2384{
2385 struct xfs_mount *mp = tp->t_mountp;
2386
2387 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
2388 return;
2389
2390 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
2391 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
2392
2393 if (udqp) {
2394 xfs_dqlock(udqp);
2395 XFS_DQHOLD(udqp);
2396 xfs_dqunlock(udqp);
2397 ASSERT(ip->i_udquot == NULL);
2398 ip->i_udquot = udqp;
2399 ASSERT(XFS_IS_UQUOTA_ON(mp));
2400 ASSERT(ip->i_d.di_uid == be32_to_cpu(udqp->q_core.d_id));
2401 xfs_trans_mod_dquot(tp, udqp, XFS_TRANS_DQ_ICOUNT, 1);
2402 }
2403 if (gdqp) {
2404 xfs_dqlock(gdqp);
2405 XFS_DQHOLD(gdqp);
2406 xfs_dqunlock(gdqp);
2407 ASSERT(ip->i_gdquot == NULL);
2408 ip->i_gdquot = gdqp;
2409 ASSERT(XFS_IS_OQUOTA_ON(mp));
2410 ASSERT((XFS_IS_GQUOTA_ON(mp) ?
2411 ip->i_d.di_gid : xfs_get_projid(ip)) ==
2412 be32_to_cpu(gdqp->q_core.d_id));
2413 xfs_trans_mod_dquot(tp, gdqp, XFS_TRANS_DQ_ICOUNT, 1);
2414 }
2415}
2416
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
4 * All Rights Reserved.
5 */
6#include "xfs.h"
7#include "xfs_fs.h"
8#include "xfs_shared.h"
9#include "xfs_format.h"
10#include "xfs_log_format.h"
11#include "xfs_trans_resv.h"
12#include "xfs_bit.h"
13#include "xfs_sb.h"
14#include "xfs_mount.h"
15#include "xfs_inode.h"
16#include "xfs_iwalk.h"
17#include "xfs_quota.h"
18#include "xfs_bmap.h"
19#include "xfs_bmap_util.h"
20#include "xfs_trans.h"
21#include "xfs_trans_space.h"
22#include "xfs_qm.h"
23#include "xfs_trace.h"
24#include "xfs_icache.h"
25
26/*
27 * The global quota manager. There is only one of these for the entire
28 * system, _not_ one per file system. XQM keeps track of the overall
29 * quota functionality, including maintaining the freelist and hash
30 * tables of dquots.
31 */
32STATIC int xfs_qm_init_quotainos(xfs_mount_t *);
33STATIC int xfs_qm_init_quotainfo(xfs_mount_t *);
34
35STATIC void xfs_qm_destroy_quotainos(xfs_quotainfo_t *qi);
36STATIC void xfs_qm_dqfree_one(struct xfs_dquot *dqp);
37/*
38 * We use the batch lookup interface to iterate over the dquots as it
39 * currently is the only interface into the radix tree code that allows
40 * fuzzy lookups instead of exact matches. Holding the lock over multiple
41 * operations is fine as all callers are used either during mount/umount
42 * or quotaoff.
43 */
44#define XFS_DQ_LOOKUP_BATCH 32
45
46STATIC int
47xfs_qm_dquot_walk(
48 struct xfs_mount *mp,
49 int type,
50 int (*execute)(struct xfs_dquot *dqp, void *data),
51 void *data)
52{
53 struct xfs_quotainfo *qi = mp->m_quotainfo;
54 struct radix_tree_root *tree = xfs_dquot_tree(qi, type);
55 uint32_t next_index;
56 int last_error = 0;
57 int skipped;
58 int nr_found;
59
60restart:
61 skipped = 0;
62 next_index = 0;
63 nr_found = 0;
64
65 while (1) {
66 struct xfs_dquot *batch[XFS_DQ_LOOKUP_BATCH];
67 int error = 0;
68 int i;
69
70 mutex_lock(&qi->qi_tree_lock);
71 nr_found = radix_tree_gang_lookup(tree, (void **)batch,
72 next_index, XFS_DQ_LOOKUP_BATCH);
73 if (!nr_found) {
74 mutex_unlock(&qi->qi_tree_lock);
75 break;
76 }
77
78 for (i = 0; i < nr_found; i++) {
79 struct xfs_dquot *dqp = batch[i];
80
81 next_index = be32_to_cpu(dqp->q_core.d_id) + 1;
82
83 error = execute(batch[i], data);
84 if (error == -EAGAIN) {
85 skipped++;
86 continue;
87 }
88 if (error && last_error != -EFSCORRUPTED)
89 last_error = error;
90 }
91
92 mutex_unlock(&qi->qi_tree_lock);
93
94 /* bail out if the filesystem is corrupted. */
95 if (last_error == -EFSCORRUPTED) {
96 skipped = 0;
97 break;
98 }
99 /* we're done if id overflows back to zero */
100 if (!next_index)
101 break;
102 }
103
104 if (skipped) {
105 delay(1);
106 goto restart;
107 }
108
109 return last_error;
110}
111
112
113/*
114 * Purge a dquot from all tracking data structures and free it.
115 */
116STATIC int
117xfs_qm_dqpurge(
118 struct xfs_dquot *dqp,
119 void *data)
120{
121 struct xfs_mount *mp = dqp->q_mount;
122 struct xfs_quotainfo *qi = mp->m_quotainfo;
123
124 xfs_dqlock(dqp);
125 if ((dqp->dq_flags & XFS_DQ_FREEING) || dqp->q_nrefs != 0) {
126 xfs_dqunlock(dqp);
127 return -EAGAIN;
128 }
129
130 dqp->dq_flags |= XFS_DQ_FREEING;
131
132 xfs_dqflock(dqp);
133
134 /*
135 * If we are turning this type of quotas off, we don't care
136 * about the dirty metadata sitting in this dquot. OTOH, if
137 * we're unmounting, we do care, so we flush it and wait.
138 */
139 if (XFS_DQ_IS_DIRTY(dqp)) {
140 struct xfs_buf *bp = NULL;
141 int error;
142
143 /*
144 * We don't care about getting disk errors here. We need
145 * to purge this dquot anyway, so we go ahead regardless.
146 */
147 error = xfs_qm_dqflush(dqp, &bp);
148 if (!error) {
149 error = xfs_bwrite(bp);
150 xfs_buf_relse(bp);
151 }
152 xfs_dqflock(dqp);
153 }
154
155 ASSERT(atomic_read(&dqp->q_pincount) == 0);
156 ASSERT(XFS_FORCED_SHUTDOWN(mp) ||
157 !test_bit(XFS_LI_IN_AIL, &dqp->q_logitem.qli_item.li_flags));
158
159 xfs_dqfunlock(dqp);
160 xfs_dqunlock(dqp);
161
162 radix_tree_delete(xfs_dquot_tree(qi, dqp->q_core.d_flags),
163 be32_to_cpu(dqp->q_core.d_id));
164 qi->qi_dquots--;
165
166 /*
167 * We move dquots to the freelist as soon as their reference count
168 * hits zero, so it really should be on the freelist here.
169 */
170 ASSERT(!list_empty(&dqp->q_lru));
171 list_lru_del(&qi->qi_lru, &dqp->q_lru);
172 XFS_STATS_DEC(mp, xs_qm_dquot_unused);
173
174 xfs_qm_dqdestroy(dqp);
175 return 0;
176}
177
178/*
179 * Purge the dquot cache.
180 */
181void
182xfs_qm_dqpurge_all(
183 struct xfs_mount *mp,
184 uint flags)
185{
186 if (flags & XFS_QMOPT_UQUOTA)
187 xfs_qm_dquot_walk(mp, XFS_DQ_USER, xfs_qm_dqpurge, NULL);
188 if (flags & XFS_QMOPT_GQUOTA)
189 xfs_qm_dquot_walk(mp, XFS_DQ_GROUP, xfs_qm_dqpurge, NULL);
190 if (flags & XFS_QMOPT_PQUOTA)
191 xfs_qm_dquot_walk(mp, XFS_DQ_PROJ, xfs_qm_dqpurge, NULL);
192}
193
194/*
195 * Just destroy the quotainfo structure.
196 */
197void
198xfs_qm_unmount(
199 struct xfs_mount *mp)
200{
201 if (mp->m_quotainfo) {
202 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL);
203 xfs_qm_destroy_quotainfo(mp);
204 }
205}
206
207/*
208 * Called from the vfsops layer.
209 */
210void
211xfs_qm_unmount_quotas(
212 xfs_mount_t *mp)
213{
214 /*
215 * Release the dquots that root inode, et al might be holding,
216 * before we flush quotas and blow away the quotainfo structure.
217 */
218 ASSERT(mp->m_rootip);
219 xfs_qm_dqdetach(mp->m_rootip);
220 if (mp->m_rbmip)
221 xfs_qm_dqdetach(mp->m_rbmip);
222 if (mp->m_rsumip)
223 xfs_qm_dqdetach(mp->m_rsumip);
224
225 /*
226 * Release the quota inodes.
227 */
228 if (mp->m_quotainfo) {
229 if (mp->m_quotainfo->qi_uquotaip) {
230 xfs_irele(mp->m_quotainfo->qi_uquotaip);
231 mp->m_quotainfo->qi_uquotaip = NULL;
232 }
233 if (mp->m_quotainfo->qi_gquotaip) {
234 xfs_irele(mp->m_quotainfo->qi_gquotaip);
235 mp->m_quotainfo->qi_gquotaip = NULL;
236 }
237 if (mp->m_quotainfo->qi_pquotaip) {
238 xfs_irele(mp->m_quotainfo->qi_pquotaip);
239 mp->m_quotainfo->qi_pquotaip = NULL;
240 }
241 }
242}
243
244STATIC int
245xfs_qm_dqattach_one(
246 xfs_inode_t *ip,
247 xfs_dqid_t id,
248 uint type,
249 bool doalloc,
250 xfs_dquot_t **IO_idqpp)
251{
252 xfs_dquot_t *dqp;
253 int error;
254
255 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
256 error = 0;
257
258 /*
259 * See if we already have it in the inode itself. IO_idqpp is &i_udquot
260 * or &i_gdquot. This made the code look weird, but made the logic a lot
261 * simpler.
262 */
263 dqp = *IO_idqpp;
264 if (dqp) {
265 trace_xfs_dqattach_found(dqp);
266 return 0;
267 }
268
269 /*
270 * Find the dquot from somewhere. This bumps the reference count of
271 * dquot and returns it locked. This can return ENOENT if dquot didn't
272 * exist on disk and we didn't ask it to allocate; ESRCH if quotas got
273 * turned off suddenly.
274 */
275 error = xfs_qm_dqget_inode(ip, type, doalloc, &dqp);
276 if (error)
277 return error;
278
279 trace_xfs_dqattach_get(dqp);
280
281 /*
282 * dqget may have dropped and re-acquired the ilock, but it guarantees
283 * that the dquot returned is the one that should go in the inode.
284 */
285 *IO_idqpp = dqp;
286 xfs_dqunlock(dqp);
287 return 0;
288}
289
290static bool
291xfs_qm_need_dqattach(
292 struct xfs_inode *ip)
293{
294 struct xfs_mount *mp = ip->i_mount;
295
296 if (!XFS_IS_QUOTA_RUNNING(mp))
297 return false;
298 if (!XFS_IS_QUOTA_ON(mp))
299 return false;
300 if (!XFS_NOT_DQATTACHED(mp, ip))
301 return false;
302 if (xfs_is_quota_inode(&mp->m_sb, ip->i_ino))
303 return false;
304 return true;
305}
306
307/*
308 * Given a locked inode, attach dquot(s) to it, taking U/G/P-QUOTAON
309 * into account.
310 * If @doalloc is true, the dquot(s) will be allocated if needed.
311 * Inode may get unlocked and relocked in here, and the caller must deal with
312 * the consequences.
313 */
314int
315xfs_qm_dqattach_locked(
316 xfs_inode_t *ip,
317 bool doalloc)
318{
319 xfs_mount_t *mp = ip->i_mount;
320 int error = 0;
321
322 if (!xfs_qm_need_dqattach(ip))
323 return 0;
324
325 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
326
327 if (XFS_IS_UQUOTA_ON(mp) && !ip->i_udquot) {
328 error = xfs_qm_dqattach_one(ip, ip->i_d.di_uid, XFS_DQ_USER,
329 doalloc, &ip->i_udquot);
330 if (error)
331 goto done;
332 ASSERT(ip->i_udquot);
333 }
334
335 if (XFS_IS_GQUOTA_ON(mp) && !ip->i_gdquot) {
336 error = xfs_qm_dqattach_one(ip, ip->i_d.di_gid, XFS_DQ_GROUP,
337 doalloc, &ip->i_gdquot);
338 if (error)
339 goto done;
340 ASSERT(ip->i_gdquot);
341 }
342
343 if (XFS_IS_PQUOTA_ON(mp) && !ip->i_pdquot) {
344 error = xfs_qm_dqattach_one(ip, xfs_get_projid(ip), XFS_DQ_PROJ,
345 doalloc, &ip->i_pdquot);
346 if (error)
347 goto done;
348 ASSERT(ip->i_pdquot);
349 }
350
351done:
352 /*
353 * Don't worry about the dquots that we may have attached before any
354 * error - they'll get detached later if it has not already been done.
355 */
356 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
357 return error;
358}
359
360int
361xfs_qm_dqattach(
362 struct xfs_inode *ip)
363{
364 int error;
365
366 if (!xfs_qm_need_dqattach(ip))
367 return 0;
368
369 xfs_ilock(ip, XFS_ILOCK_EXCL);
370 error = xfs_qm_dqattach_locked(ip, false);
371 xfs_iunlock(ip, XFS_ILOCK_EXCL);
372
373 return error;
374}
375
376/*
377 * Release dquots (and their references) if any.
378 * The inode should be locked EXCL except when this's called by
379 * xfs_ireclaim.
380 */
381void
382xfs_qm_dqdetach(
383 xfs_inode_t *ip)
384{
385 if (!(ip->i_udquot || ip->i_gdquot || ip->i_pdquot))
386 return;
387
388 trace_xfs_dquot_dqdetach(ip);
389
390 ASSERT(!xfs_is_quota_inode(&ip->i_mount->m_sb, ip->i_ino));
391 if (ip->i_udquot) {
392 xfs_qm_dqrele(ip->i_udquot);
393 ip->i_udquot = NULL;
394 }
395 if (ip->i_gdquot) {
396 xfs_qm_dqrele(ip->i_gdquot);
397 ip->i_gdquot = NULL;
398 }
399 if (ip->i_pdquot) {
400 xfs_qm_dqrele(ip->i_pdquot);
401 ip->i_pdquot = NULL;
402 }
403}
404
405struct xfs_qm_isolate {
406 struct list_head buffers;
407 struct list_head dispose;
408};
409
410static enum lru_status
411xfs_qm_dquot_isolate(
412 struct list_head *item,
413 struct list_lru_one *lru,
414 spinlock_t *lru_lock,
415 void *arg)
416 __releases(lru_lock) __acquires(lru_lock)
417{
418 struct xfs_dquot *dqp = container_of(item,
419 struct xfs_dquot, q_lru);
420 struct xfs_qm_isolate *isol = arg;
421
422 if (!xfs_dqlock_nowait(dqp))
423 goto out_miss_busy;
424
425 /*
426 * This dquot has acquired a reference in the meantime remove it from
427 * the freelist and try again.
428 */
429 if (dqp->q_nrefs) {
430 xfs_dqunlock(dqp);
431 XFS_STATS_INC(dqp->q_mount, xs_qm_dqwants);
432
433 trace_xfs_dqreclaim_want(dqp);
434 list_lru_isolate(lru, &dqp->q_lru);
435 XFS_STATS_DEC(dqp->q_mount, xs_qm_dquot_unused);
436 return LRU_REMOVED;
437 }
438
439 /*
440 * If the dquot is dirty, flush it. If it's already being flushed, just
441 * skip it so there is time for the IO to complete before we try to
442 * reclaim it again on the next LRU pass.
443 */
444 if (!xfs_dqflock_nowait(dqp)) {
445 xfs_dqunlock(dqp);
446 goto out_miss_busy;
447 }
448
449 if (XFS_DQ_IS_DIRTY(dqp)) {
450 struct xfs_buf *bp = NULL;
451 int error;
452
453 trace_xfs_dqreclaim_dirty(dqp);
454
455 /* we have to drop the LRU lock to flush the dquot */
456 spin_unlock(lru_lock);
457
458 error = xfs_qm_dqflush(dqp, &bp);
459 if (error)
460 goto out_unlock_dirty;
461
462 xfs_buf_delwri_queue(bp, &isol->buffers);
463 xfs_buf_relse(bp);
464 goto out_unlock_dirty;
465 }
466 xfs_dqfunlock(dqp);
467
468 /*
469 * Prevent lookups now that we are past the point of no return.
470 */
471 dqp->dq_flags |= XFS_DQ_FREEING;
472 xfs_dqunlock(dqp);
473
474 ASSERT(dqp->q_nrefs == 0);
475 list_lru_isolate_move(lru, &dqp->q_lru, &isol->dispose);
476 XFS_STATS_DEC(dqp->q_mount, xs_qm_dquot_unused);
477 trace_xfs_dqreclaim_done(dqp);
478 XFS_STATS_INC(dqp->q_mount, xs_qm_dqreclaims);
479 return LRU_REMOVED;
480
481out_miss_busy:
482 trace_xfs_dqreclaim_busy(dqp);
483 XFS_STATS_INC(dqp->q_mount, xs_qm_dqreclaim_misses);
484 return LRU_SKIP;
485
486out_unlock_dirty:
487 trace_xfs_dqreclaim_busy(dqp);
488 XFS_STATS_INC(dqp->q_mount, xs_qm_dqreclaim_misses);
489 xfs_dqunlock(dqp);
490 spin_lock(lru_lock);
491 return LRU_RETRY;
492}
493
494static unsigned long
495xfs_qm_shrink_scan(
496 struct shrinker *shrink,
497 struct shrink_control *sc)
498{
499 struct xfs_quotainfo *qi = container_of(shrink,
500 struct xfs_quotainfo, qi_shrinker);
501 struct xfs_qm_isolate isol;
502 unsigned long freed;
503 int error;
504
505 if ((sc->gfp_mask & (__GFP_FS|__GFP_DIRECT_RECLAIM)) != (__GFP_FS|__GFP_DIRECT_RECLAIM))
506 return 0;
507
508 INIT_LIST_HEAD(&isol.buffers);
509 INIT_LIST_HEAD(&isol.dispose);
510
511 freed = list_lru_shrink_walk(&qi->qi_lru, sc,
512 xfs_qm_dquot_isolate, &isol);
513
514 error = xfs_buf_delwri_submit(&isol.buffers);
515 if (error)
516 xfs_warn(NULL, "%s: dquot reclaim failed", __func__);
517
518 while (!list_empty(&isol.dispose)) {
519 struct xfs_dquot *dqp;
520
521 dqp = list_first_entry(&isol.dispose, struct xfs_dquot, q_lru);
522 list_del_init(&dqp->q_lru);
523 xfs_qm_dqfree_one(dqp);
524 }
525
526 return freed;
527}
528
529static unsigned long
530xfs_qm_shrink_count(
531 struct shrinker *shrink,
532 struct shrink_control *sc)
533{
534 struct xfs_quotainfo *qi = container_of(shrink,
535 struct xfs_quotainfo, qi_shrinker);
536
537 return list_lru_shrink_count(&qi->qi_lru, sc);
538}
539
540STATIC void
541xfs_qm_set_defquota(
542 xfs_mount_t *mp,
543 uint type,
544 xfs_quotainfo_t *qinf)
545{
546 xfs_dquot_t *dqp;
547 struct xfs_def_quota *defq;
548 struct xfs_disk_dquot *ddqp;
549 int error;
550
551 error = xfs_qm_dqget_uncached(mp, 0, type, &dqp);
552 if (error)
553 return;
554
555 ddqp = &dqp->q_core;
556 defq = xfs_get_defquota(dqp, qinf);
557
558 /*
559 * Timers and warnings have been already set, let's just set the
560 * default limits for this quota type
561 */
562 defq->bhardlimit = be64_to_cpu(ddqp->d_blk_hardlimit);
563 defq->bsoftlimit = be64_to_cpu(ddqp->d_blk_softlimit);
564 defq->ihardlimit = be64_to_cpu(ddqp->d_ino_hardlimit);
565 defq->isoftlimit = be64_to_cpu(ddqp->d_ino_softlimit);
566 defq->rtbhardlimit = be64_to_cpu(ddqp->d_rtb_hardlimit);
567 defq->rtbsoftlimit = be64_to_cpu(ddqp->d_rtb_softlimit);
568 xfs_qm_dqdestroy(dqp);
569}
570
571/* Initialize quota time limits from the root dquot. */
572static void
573xfs_qm_init_timelimits(
574 struct xfs_mount *mp,
575 struct xfs_quotainfo *qinf)
576{
577 struct xfs_disk_dquot *ddqp;
578 struct xfs_dquot *dqp;
579 uint type;
580 int error;
581
582 qinf->qi_btimelimit = XFS_QM_BTIMELIMIT;
583 qinf->qi_itimelimit = XFS_QM_ITIMELIMIT;
584 qinf->qi_rtbtimelimit = XFS_QM_RTBTIMELIMIT;
585 qinf->qi_bwarnlimit = XFS_QM_BWARNLIMIT;
586 qinf->qi_iwarnlimit = XFS_QM_IWARNLIMIT;
587 qinf->qi_rtbwarnlimit = XFS_QM_RTBWARNLIMIT;
588
589 /*
590 * We try to get the limits from the superuser's limits fields.
591 * This is quite hacky, but it is standard quota practice.
592 *
593 * Since we may not have done a quotacheck by this point, just read
594 * the dquot without attaching it to any hashtables or lists.
595 *
596 * Timers and warnings are globally set by the first timer found in
597 * user/group/proj quota types, otherwise a default value is used.
598 * This should be split into different fields per quota type.
599 */
600 if (XFS_IS_UQUOTA_RUNNING(mp))
601 type = XFS_DQ_USER;
602 else if (XFS_IS_GQUOTA_RUNNING(mp))
603 type = XFS_DQ_GROUP;
604 else
605 type = XFS_DQ_PROJ;
606 error = xfs_qm_dqget_uncached(mp, 0, type, &dqp);
607 if (error)
608 return;
609
610 ddqp = &dqp->q_core;
611 /*
612 * The warnings and timers set the grace period given to
613 * a user or group before he or she can not perform any
614 * more writing. If it is zero, a default is used.
615 */
616 if (ddqp->d_btimer)
617 qinf->qi_btimelimit = be32_to_cpu(ddqp->d_btimer);
618 if (ddqp->d_itimer)
619 qinf->qi_itimelimit = be32_to_cpu(ddqp->d_itimer);
620 if (ddqp->d_rtbtimer)
621 qinf->qi_rtbtimelimit = be32_to_cpu(ddqp->d_rtbtimer);
622 if (ddqp->d_bwarns)
623 qinf->qi_bwarnlimit = be16_to_cpu(ddqp->d_bwarns);
624 if (ddqp->d_iwarns)
625 qinf->qi_iwarnlimit = be16_to_cpu(ddqp->d_iwarns);
626 if (ddqp->d_rtbwarns)
627 qinf->qi_rtbwarnlimit = be16_to_cpu(ddqp->d_rtbwarns);
628
629 xfs_qm_dqdestroy(dqp);
630}
631
632/*
633 * This initializes all the quota information that's kept in the
634 * mount structure
635 */
636STATIC int
637xfs_qm_init_quotainfo(
638 struct xfs_mount *mp)
639{
640 struct xfs_quotainfo *qinf;
641 int error;
642
643 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
644
645 qinf = mp->m_quotainfo = kmem_zalloc(sizeof(xfs_quotainfo_t), 0);
646
647 error = list_lru_init(&qinf->qi_lru);
648 if (error)
649 goto out_free_qinf;
650
651 /*
652 * See if quotainodes are setup, and if not, allocate them,
653 * and change the superblock accordingly.
654 */
655 error = xfs_qm_init_quotainos(mp);
656 if (error)
657 goto out_free_lru;
658
659 INIT_RADIX_TREE(&qinf->qi_uquota_tree, GFP_NOFS);
660 INIT_RADIX_TREE(&qinf->qi_gquota_tree, GFP_NOFS);
661 INIT_RADIX_TREE(&qinf->qi_pquota_tree, GFP_NOFS);
662 mutex_init(&qinf->qi_tree_lock);
663
664 /* mutex used to serialize quotaoffs */
665 mutex_init(&qinf->qi_quotaofflock);
666
667 /* Precalc some constants */
668 qinf->qi_dqchunklen = XFS_FSB_TO_BB(mp, XFS_DQUOT_CLUSTER_SIZE_FSB);
669 qinf->qi_dqperchunk = xfs_calc_dquots_per_chunk(qinf->qi_dqchunklen);
670
671 mp->m_qflags |= (mp->m_sb.sb_qflags & XFS_ALL_QUOTA_CHKD);
672
673 xfs_qm_init_timelimits(mp, qinf);
674
675 if (XFS_IS_UQUOTA_RUNNING(mp))
676 xfs_qm_set_defquota(mp, XFS_DQ_USER, qinf);
677 if (XFS_IS_GQUOTA_RUNNING(mp))
678 xfs_qm_set_defquota(mp, XFS_DQ_GROUP, qinf);
679 if (XFS_IS_PQUOTA_RUNNING(mp))
680 xfs_qm_set_defquota(mp, XFS_DQ_PROJ, qinf);
681
682 qinf->qi_shrinker.count_objects = xfs_qm_shrink_count;
683 qinf->qi_shrinker.scan_objects = xfs_qm_shrink_scan;
684 qinf->qi_shrinker.seeks = DEFAULT_SEEKS;
685 qinf->qi_shrinker.flags = SHRINKER_NUMA_AWARE;
686
687 error = register_shrinker(&qinf->qi_shrinker);
688 if (error)
689 goto out_free_inos;
690
691 return 0;
692
693out_free_inos:
694 mutex_destroy(&qinf->qi_quotaofflock);
695 mutex_destroy(&qinf->qi_tree_lock);
696 xfs_qm_destroy_quotainos(qinf);
697out_free_lru:
698 list_lru_destroy(&qinf->qi_lru);
699out_free_qinf:
700 kmem_free(qinf);
701 mp->m_quotainfo = NULL;
702 return error;
703}
704
705/*
706 * Gets called when unmounting a filesystem or when all quotas get
707 * turned off.
708 * This purges the quota inodes, destroys locks and frees itself.
709 */
710void
711xfs_qm_destroy_quotainfo(
712 xfs_mount_t *mp)
713{
714 xfs_quotainfo_t *qi;
715
716 qi = mp->m_quotainfo;
717 ASSERT(qi != NULL);
718
719 unregister_shrinker(&qi->qi_shrinker);
720 list_lru_destroy(&qi->qi_lru);
721 xfs_qm_destroy_quotainos(qi);
722 mutex_destroy(&qi->qi_tree_lock);
723 mutex_destroy(&qi->qi_quotaofflock);
724 kmem_free(qi);
725 mp->m_quotainfo = NULL;
726}
727
728/*
729 * Create an inode and return with a reference already taken, but unlocked
730 * This is how we create quota inodes
731 */
732STATIC int
733xfs_qm_qino_alloc(
734 xfs_mount_t *mp,
735 xfs_inode_t **ip,
736 uint flags)
737{
738 xfs_trans_t *tp;
739 int error;
740 bool need_alloc = true;
741
742 *ip = NULL;
743 /*
744 * With superblock that doesn't have separate pquotino, we
745 * share an inode between gquota and pquota. If the on-disk
746 * superblock has GQUOTA and the filesystem is now mounted
747 * with PQUOTA, just use sb_gquotino for sb_pquotino and
748 * vice-versa.
749 */
750 if (!xfs_sb_version_has_pquotino(&mp->m_sb) &&
751 (flags & (XFS_QMOPT_PQUOTA|XFS_QMOPT_GQUOTA))) {
752 xfs_ino_t ino = NULLFSINO;
753
754 if ((flags & XFS_QMOPT_PQUOTA) &&
755 (mp->m_sb.sb_gquotino != NULLFSINO)) {
756 ino = mp->m_sb.sb_gquotino;
757 ASSERT(mp->m_sb.sb_pquotino == NULLFSINO);
758 } else if ((flags & XFS_QMOPT_GQUOTA) &&
759 (mp->m_sb.sb_pquotino != NULLFSINO)) {
760 ino = mp->m_sb.sb_pquotino;
761 ASSERT(mp->m_sb.sb_gquotino == NULLFSINO);
762 }
763 if (ino != NULLFSINO) {
764 error = xfs_iget(mp, NULL, ino, 0, 0, ip);
765 if (error)
766 return error;
767 mp->m_sb.sb_gquotino = NULLFSINO;
768 mp->m_sb.sb_pquotino = NULLFSINO;
769 need_alloc = false;
770 }
771 }
772
773 error = xfs_trans_alloc(mp, &M_RES(mp)->tr_create,
774 XFS_QM_QINOCREATE_SPACE_RES(mp), 0, 0, &tp);
775 if (error)
776 return error;
777
778 if (need_alloc) {
779 error = xfs_dir_ialloc(&tp, NULL, S_IFREG, 1, 0, 0, ip);
780 if (error) {
781 xfs_trans_cancel(tp);
782 return error;
783 }
784 }
785
786 /*
787 * Make the changes in the superblock, and log those too.
788 * sbfields arg may contain fields other than *QUOTINO;
789 * VERSIONNUM for example.
790 */
791 spin_lock(&mp->m_sb_lock);
792 if (flags & XFS_QMOPT_SBVERSION) {
793 ASSERT(!xfs_sb_version_hasquota(&mp->m_sb));
794
795 xfs_sb_version_addquota(&mp->m_sb);
796 mp->m_sb.sb_uquotino = NULLFSINO;
797 mp->m_sb.sb_gquotino = NULLFSINO;
798 mp->m_sb.sb_pquotino = NULLFSINO;
799
800 /* qflags will get updated fully _after_ quotacheck */
801 mp->m_sb.sb_qflags = mp->m_qflags & XFS_ALL_QUOTA_ACCT;
802 }
803 if (flags & XFS_QMOPT_UQUOTA)
804 mp->m_sb.sb_uquotino = (*ip)->i_ino;
805 else if (flags & XFS_QMOPT_GQUOTA)
806 mp->m_sb.sb_gquotino = (*ip)->i_ino;
807 else
808 mp->m_sb.sb_pquotino = (*ip)->i_ino;
809 spin_unlock(&mp->m_sb_lock);
810 xfs_log_sb(tp);
811
812 error = xfs_trans_commit(tp);
813 if (error) {
814 ASSERT(XFS_FORCED_SHUTDOWN(mp));
815 xfs_alert(mp, "%s failed (error %d)!", __func__, error);
816 }
817 if (need_alloc)
818 xfs_finish_inode_setup(*ip);
819 return error;
820}
821
822
823STATIC void
824xfs_qm_reset_dqcounts(
825 xfs_mount_t *mp,
826 xfs_buf_t *bp,
827 xfs_dqid_t id,
828 uint type)
829{
830 struct xfs_dqblk *dqb;
831 int j;
832 xfs_failaddr_t fa;
833
834 trace_xfs_reset_dqcounts(bp, _RET_IP_);
835
836 /*
837 * Reset all counters and timers. They'll be
838 * started afresh by xfs_qm_quotacheck.
839 */
840#ifdef DEBUG
841 j = (int)XFS_FSB_TO_B(mp, XFS_DQUOT_CLUSTER_SIZE_FSB) /
842 sizeof(xfs_dqblk_t);
843 ASSERT(mp->m_quotainfo->qi_dqperchunk == j);
844#endif
845 dqb = bp->b_addr;
846 for (j = 0; j < mp->m_quotainfo->qi_dqperchunk; j++) {
847 struct xfs_disk_dquot *ddq;
848
849 ddq = (struct xfs_disk_dquot *)&dqb[j];
850
851 /*
852 * Do a sanity check, and if needed, repair the dqblk. Don't
853 * output any warnings because it's perfectly possible to
854 * find uninitialised dquot blks. See comment in
855 * xfs_dquot_verify.
856 */
857 fa = xfs_dqblk_verify(mp, &dqb[j], id + j, type);
858 if (fa)
859 xfs_dqblk_repair(mp, &dqb[j], id + j, type);
860
861 /*
862 * Reset type in case we are reusing group quota file for
863 * project quotas or vice versa
864 */
865 ddq->d_flags = type;
866 ddq->d_bcount = 0;
867 ddq->d_icount = 0;
868 ddq->d_rtbcount = 0;
869 ddq->d_btimer = 0;
870 ddq->d_itimer = 0;
871 ddq->d_rtbtimer = 0;
872 ddq->d_bwarns = 0;
873 ddq->d_iwarns = 0;
874 ddq->d_rtbwarns = 0;
875
876 if (xfs_sb_version_hascrc(&mp->m_sb)) {
877 xfs_update_cksum((char *)&dqb[j],
878 sizeof(struct xfs_dqblk),
879 XFS_DQUOT_CRC_OFF);
880 }
881 }
882}
883
884STATIC int
885xfs_qm_reset_dqcounts_all(
886 struct xfs_mount *mp,
887 xfs_dqid_t firstid,
888 xfs_fsblock_t bno,
889 xfs_filblks_t blkcnt,
890 uint flags,
891 struct list_head *buffer_list)
892{
893 struct xfs_buf *bp;
894 int error;
895 int type;
896
897 ASSERT(blkcnt > 0);
898 type = flags & XFS_QMOPT_UQUOTA ? XFS_DQ_USER :
899 (flags & XFS_QMOPT_PQUOTA ? XFS_DQ_PROJ : XFS_DQ_GROUP);
900 error = 0;
901
902 /*
903 * Blkcnt arg can be a very big number, and might even be
904 * larger than the log itself. So, we have to break it up into
905 * manageable-sized transactions.
906 * Note that we don't start a permanent transaction here; we might
907 * not be able to get a log reservation for the whole thing up front,
908 * and we don't really care to either, because we just discard
909 * everything if we were to crash in the middle of this loop.
910 */
911 while (blkcnt--) {
912 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp,
913 XFS_FSB_TO_DADDR(mp, bno),
914 mp->m_quotainfo->qi_dqchunklen, 0, &bp,
915 &xfs_dquot_buf_ops);
916
917 /*
918 * CRC and validation errors will return a EFSCORRUPTED here. If
919 * this occurs, re-read without CRC validation so that we can
920 * repair the damage via xfs_qm_reset_dqcounts(). This process
921 * will leave a trace in the log indicating corruption has
922 * been detected.
923 */
924 if (error == -EFSCORRUPTED) {
925 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp,
926 XFS_FSB_TO_DADDR(mp, bno),
927 mp->m_quotainfo->qi_dqchunklen, 0, &bp,
928 NULL);
929 }
930
931 if (error)
932 break;
933
934 /*
935 * A corrupt buffer might not have a verifier attached, so
936 * make sure we have the correct one attached before writeback
937 * occurs.
938 */
939 bp->b_ops = &xfs_dquot_buf_ops;
940 xfs_qm_reset_dqcounts(mp, bp, firstid, type);
941 xfs_buf_delwri_queue(bp, buffer_list);
942 xfs_buf_relse(bp);
943
944 /* goto the next block. */
945 bno++;
946 firstid += mp->m_quotainfo->qi_dqperchunk;
947 }
948
949 return error;
950}
951
952/*
953 * Iterate over all allocated dquot blocks in this quota inode, zeroing all
954 * counters for every chunk of dquots that we find.
955 */
956STATIC int
957xfs_qm_reset_dqcounts_buf(
958 struct xfs_mount *mp,
959 struct xfs_inode *qip,
960 uint flags,
961 struct list_head *buffer_list)
962{
963 struct xfs_bmbt_irec *map;
964 int i, nmaps; /* number of map entries */
965 int error; /* return value */
966 xfs_fileoff_t lblkno;
967 xfs_filblks_t maxlblkcnt;
968 xfs_dqid_t firstid;
969 xfs_fsblock_t rablkno;
970 xfs_filblks_t rablkcnt;
971
972 error = 0;
973 /*
974 * This looks racy, but we can't keep an inode lock across a
975 * trans_reserve. But, this gets called during quotacheck, and that
976 * happens only at mount time which is single threaded.
977 */
978 if (qip->i_d.di_nblocks == 0)
979 return 0;
980
981 map = kmem_alloc(XFS_DQITER_MAP_SIZE * sizeof(*map), 0);
982
983 lblkno = 0;
984 maxlblkcnt = XFS_B_TO_FSB(mp, mp->m_super->s_maxbytes);
985 do {
986 uint lock_mode;
987
988 nmaps = XFS_DQITER_MAP_SIZE;
989 /*
990 * We aren't changing the inode itself. Just changing
991 * some of its data. No new blocks are added here, and
992 * the inode is never added to the transaction.
993 */
994 lock_mode = xfs_ilock_data_map_shared(qip);
995 error = xfs_bmapi_read(qip, lblkno, maxlblkcnt - lblkno,
996 map, &nmaps, 0);
997 xfs_iunlock(qip, lock_mode);
998 if (error)
999 break;
1000
1001 ASSERT(nmaps <= XFS_DQITER_MAP_SIZE);
1002 for (i = 0; i < nmaps; i++) {
1003 ASSERT(map[i].br_startblock != DELAYSTARTBLOCK);
1004 ASSERT(map[i].br_blockcount);
1005
1006
1007 lblkno += map[i].br_blockcount;
1008
1009 if (map[i].br_startblock == HOLESTARTBLOCK)
1010 continue;
1011
1012 firstid = (xfs_dqid_t) map[i].br_startoff *
1013 mp->m_quotainfo->qi_dqperchunk;
1014 /*
1015 * Do a read-ahead on the next extent.
1016 */
1017 if ((i+1 < nmaps) &&
1018 (map[i+1].br_startblock != HOLESTARTBLOCK)) {
1019 rablkcnt = map[i+1].br_blockcount;
1020 rablkno = map[i+1].br_startblock;
1021 while (rablkcnt--) {
1022 xfs_buf_readahead(mp->m_ddev_targp,
1023 XFS_FSB_TO_DADDR(mp, rablkno),
1024 mp->m_quotainfo->qi_dqchunklen,
1025 &xfs_dquot_buf_ops);
1026 rablkno++;
1027 }
1028 }
1029 /*
1030 * Iterate thru all the blks in the extent and
1031 * reset the counters of all the dquots inside them.
1032 */
1033 error = xfs_qm_reset_dqcounts_all(mp, firstid,
1034 map[i].br_startblock,
1035 map[i].br_blockcount,
1036 flags, buffer_list);
1037 if (error)
1038 goto out;
1039 }
1040 } while (nmaps > 0);
1041
1042out:
1043 kmem_free(map);
1044 return error;
1045}
1046
1047/*
1048 * Called by dqusage_adjust in doing a quotacheck.
1049 *
1050 * Given the inode, and a dquot id this updates both the incore dqout as well
1051 * as the buffer copy. This is so that once the quotacheck is done, we can
1052 * just log all the buffers, as opposed to logging numerous updates to
1053 * individual dquots.
1054 */
1055STATIC int
1056xfs_qm_quotacheck_dqadjust(
1057 struct xfs_inode *ip,
1058 uint type,
1059 xfs_qcnt_t nblks,
1060 xfs_qcnt_t rtblks)
1061{
1062 struct xfs_mount *mp = ip->i_mount;
1063 struct xfs_dquot *dqp;
1064 xfs_dqid_t id;
1065 int error;
1066
1067 id = xfs_qm_id_for_quotatype(ip, type);
1068 error = xfs_qm_dqget(mp, id, type, true, &dqp);
1069 if (error) {
1070 /*
1071 * Shouldn't be able to turn off quotas here.
1072 */
1073 ASSERT(error != -ESRCH);
1074 ASSERT(error != -ENOENT);
1075 return error;
1076 }
1077
1078 trace_xfs_dqadjust(dqp);
1079
1080 /*
1081 * Adjust the inode count and the block count to reflect this inode's
1082 * resource usage.
1083 */
1084 be64_add_cpu(&dqp->q_core.d_icount, 1);
1085 dqp->q_res_icount++;
1086 if (nblks) {
1087 be64_add_cpu(&dqp->q_core.d_bcount, nblks);
1088 dqp->q_res_bcount += nblks;
1089 }
1090 if (rtblks) {
1091 be64_add_cpu(&dqp->q_core.d_rtbcount, rtblks);
1092 dqp->q_res_rtbcount += rtblks;
1093 }
1094
1095 /*
1096 * Set default limits, adjust timers (since we changed usages)
1097 *
1098 * There are no timers for the default values set in the root dquot.
1099 */
1100 if (dqp->q_core.d_id) {
1101 xfs_qm_adjust_dqlimits(mp, dqp);
1102 xfs_qm_adjust_dqtimers(mp, &dqp->q_core);
1103 }
1104
1105 dqp->dq_flags |= XFS_DQ_DIRTY;
1106 xfs_qm_dqput(dqp);
1107 return 0;
1108}
1109
1110/*
1111 * callback routine supplied to bulkstat(). Given an inumber, find its
1112 * dquots and update them to account for resources taken by that inode.
1113 */
1114/* ARGSUSED */
1115STATIC int
1116xfs_qm_dqusage_adjust(
1117 struct xfs_mount *mp,
1118 struct xfs_trans *tp,
1119 xfs_ino_t ino,
1120 void *data)
1121{
1122 struct xfs_inode *ip;
1123 xfs_qcnt_t nblks;
1124 xfs_filblks_t rtblks = 0; /* total rt blks */
1125 int error;
1126
1127 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1128
1129 /*
1130 * rootino must have its resources accounted for, not so with the quota
1131 * inodes.
1132 */
1133 if (xfs_is_quota_inode(&mp->m_sb, ino))
1134 return 0;
1135
1136 /*
1137 * We don't _need_ to take the ilock EXCL here because quotacheck runs
1138 * at mount time and therefore nobody will be racing chown/chproj.
1139 */
1140 error = xfs_iget(mp, tp, ino, XFS_IGET_DONTCACHE, 0, &ip);
1141 if (error == -EINVAL || error == -ENOENT)
1142 return 0;
1143 if (error)
1144 return error;
1145
1146 ASSERT(ip->i_delayed_blks == 0);
1147
1148 if (XFS_IS_REALTIME_INODE(ip)) {
1149 struct xfs_ifork *ifp = XFS_IFORK_PTR(ip, XFS_DATA_FORK);
1150
1151 if (!(ifp->if_flags & XFS_IFEXTENTS)) {
1152 error = xfs_iread_extents(tp, ip, XFS_DATA_FORK);
1153 if (error)
1154 goto error0;
1155 }
1156
1157 xfs_bmap_count_leaves(ifp, &rtblks);
1158 }
1159
1160 nblks = (xfs_qcnt_t)ip->i_d.di_nblocks - rtblks;
1161
1162 /*
1163 * Add the (disk blocks and inode) resources occupied by this
1164 * inode to its dquots. We do this adjustment in the incore dquot,
1165 * and also copy the changes to its buffer.
1166 * We don't care about putting these changes in a transaction
1167 * envelope because if we crash in the middle of a 'quotacheck'
1168 * we have to start from the beginning anyway.
1169 * Once we're done, we'll log all the dquot bufs.
1170 *
1171 * The *QUOTA_ON checks below may look pretty racy, but quotachecks
1172 * and quotaoffs don't race. (Quotachecks happen at mount time only).
1173 */
1174 if (XFS_IS_UQUOTA_ON(mp)) {
1175 error = xfs_qm_quotacheck_dqadjust(ip, XFS_DQ_USER, nblks,
1176 rtblks);
1177 if (error)
1178 goto error0;
1179 }
1180
1181 if (XFS_IS_GQUOTA_ON(mp)) {
1182 error = xfs_qm_quotacheck_dqadjust(ip, XFS_DQ_GROUP, nblks,
1183 rtblks);
1184 if (error)
1185 goto error0;
1186 }
1187
1188 if (XFS_IS_PQUOTA_ON(mp)) {
1189 error = xfs_qm_quotacheck_dqadjust(ip, XFS_DQ_PROJ, nblks,
1190 rtblks);
1191 if (error)
1192 goto error0;
1193 }
1194
1195error0:
1196 xfs_irele(ip);
1197 return error;
1198}
1199
1200STATIC int
1201xfs_qm_flush_one(
1202 struct xfs_dquot *dqp,
1203 void *data)
1204{
1205 struct xfs_mount *mp = dqp->q_mount;
1206 struct list_head *buffer_list = data;
1207 struct xfs_buf *bp = NULL;
1208 int error = 0;
1209
1210 xfs_dqlock(dqp);
1211 if (dqp->dq_flags & XFS_DQ_FREEING)
1212 goto out_unlock;
1213 if (!XFS_DQ_IS_DIRTY(dqp))
1214 goto out_unlock;
1215
1216 /*
1217 * The only way the dquot is already flush locked by the time quotacheck
1218 * gets here is if reclaim flushed it before the dqadjust walk dirtied
1219 * it for the final time. Quotacheck collects all dquot bufs in the
1220 * local delwri queue before dquots are dirtied, so reclaim can't have
1221 * possibly queued it for I/O. The only way out is to push the buffer to
1222 * cycle the flush lock.
1223 */
1224 if (!xfs_dqflock_nowait(dqp)) {
1225 /* buf is pinned in-core by delwri list */
1226 bp = xfs_buf_incore(mp->m_ddev_targp, dqp->q_blkno,
1227 mp->m_quotainfo->qi_dqchunklen, 0);
1228 if (!bp) {
1229 error = -EINVAL;
1230 goto out_unlock;
1231 }
1232 xfs_buf_unlock(bp);
1233
1234 xfs_buf_delwri_pushbuf(bp, buffer_list);
1235 xfs_buf_rele(bp);
1236
1237 error = -EAGAIN;
1238 goto out_unlock;
1239 }
1240
1241 error = xfs_qm_dqflush(dqp, &bp);
1242 if (error)
1243 goto out_unlock;
1244
1245 xfs_buf_delwri_queue(bp, buffer_list);
1246 xfs_buf_relse(bp);
1247out_unlock:
1248 xfs_dqunlock(dqp);
1249 return error;
1250}
1251
1252/*
1253 * Walk thru all the filesystem inodes and construct a consistent view
1254 * of the disk quota world. If the quotacheck fails, disable quotas.
1255 */
1256STATIC int
1257xfs_qm_quotacheck(
1258 xfs_mount_t *mp)
1259{
1260 int error, error2;
1261 uint flags;
1262 LIST_HEAD (buffer_list);
1263 struct xfs_inode *uip = mp->m_quotainfo->qi_uquotaip;
1264 struct xfs_inode *gip = mp->m_quotainfo->qi_gquotaip;
1265 struct xfs_inode *pip = mp->m_quotainfo->qi_pquotaip;
1266
1267 flags = 0;
1268
1269 ASSERT(uip || gip || pip);
1270 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1271
1272 xfs_notice(mp, "Quotacheck needed: Please wait.");
1273
1274 /*
1275 * First we go thru all the dquots on disk, USR and GRP/PRJ, and reset
1276 * their counters to zero. We need a clean slate.
1277 * We don't log our changes till later.
1278 */
1279 if (uip) {
1280 error = xfs_qm_reset_dqcounts_buf(mp, uip, XFS_QMOPT_UQUOTA,
1281 &buffer_list);
1282 if (error)
1283 goto error_return;
1284 flags |= XFS_UQUOTA_CHKD;
1285 }
1286
1287 if (gip) {
1288 error = xfs_qm_reset_dqcounts_buf(mp, gip, XFS_QMOPT_GQUOTA,
1289 &buffer_list);
1290 if (error)
1291 goto error_return;
1292 flags |= XFS_GQUOTA_CHKD;
1293 }
1294
1295 if (pip) {
1296 error = xfs_qm_reset_dqcounts_buf(mp, pip, XFS_QMOPT_PQUOTA,
1297 &buffer_list);
1298 if (error)
1299 goto error_return;
1300 flags |= XFS_PQUOTA_CHKD;
1301 }
1302
1303 error = xfs_iwalk_threaded(mp, 0, 0, xfs_qm_dqusage_adjust, 0, true,
1304 NULL);
1305 if (error)
1306 goto error_return;
1307
1308 /*
1309 * We've made all the changes that we need to make incore. Flush them
1310 * down to disk buffers if everything was updated successfully.
1311 */
1312 if (XFS_IS_UQUOTA_ON(mp)) {
1313 error = xfs_qm_dquot_walk(mp, XFS_DQ_USER, xfs_qm_flush_one,
1314 &buffer_list);
1315 }
1316 if (XFS_IS_GQUOTA_ON(mp)) {
1317 error2 = xfs_qm_dquot_walk(mp, XFS_DQ_GROUP, xfs_qm_flush_one,
1318 &buffer_list);
1319 if (!error)
1320 error = error2;
1321 }
1322 if (XFS_IS_PQUOTA_ON(mp)) {
1323 error2 = xfs_qm_dquot_walk(mp, XFS_DQ_PROJ, xfs_qm_flush_one,
1324 &buffer_list);
1325 if (!error)
1326 error = error2;
1327 }
1328
1329 error2 = xfs_buf_delwri_submit(&buffer_list);
1330 if (!error)
1331 error = error2;
1332
1333 /*
1334 * We can get this error if we couldn't do a dquot allocation inside
1335 * xfs_qm_dqusage_adjust (via bulkstat). We don't care about the
1336 * dirty dquots that might be cached, we just want to get rid of them
1337 * and turn quotaoff. The dquots won't be attached to any of the inodes
1338 * at this point (because we intentionally didn't in dqget_noattach).
1339 */
1340 if (error) {
1341 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL);
1342 goto error_return;
1343 }
1344
1345 /*
1346 * If one type of quotas is off, then it will lose its
1347 * quotachecked status, since we won't be doing accounting for
1348 * that type anymore.
1349 */
1350 mp->m_qflags &= ~XFS_ALL_QUOTA_CHKD;
1351 mp->m_qflags |= flags;
1352
1353 error_return:
1354 xfs_buf_delwri_cancel(&buffer_list);
1355
1356 if (error) {
1357 xfs_warn(mp,
1358 "Quotacheck: Unsuccessful (Error %d): Disabling quotas.",
1359 error);
1360 /*
1361 * We must turn off quotas.
1362 */
1363 ASSERT(mp->m_quotainfo != NULL);
1364 xfs_qm_destroy_quotainfo(mp);
1365 if (xfs_mount_reset_sbqflags(mp)) {
1366 xfs_warn(mp,
1367 "Quotacheck: Failed to reset quota flags.");
1368 }
1369 } else
1370 xfs_notice(mp, "Quotacheck: Done.");
1371 return error;
1372}
1373
1374/*
1375 * This is called from xfs_mountfs to start quotas and initialize all
1376 * necessary data structures like quotainfo. This is also responsible for
1377 * running a quotacheck as necessary. We are guaranteed that the superblock
1378 * is consistently read in at this point.
1379 *
1380 * If we fail here, the mount will continue with quota turned off. We don't
1381 * need to inidicate success or failure at all.
1382 */
1383void
1384xfs_qm_mount_quotas(
1385 struct xfs_mount *mp)
1386{
1387 int error = 0;
1388 uint sbf;
1389
1390 /*
1391 * If quotas on realtime volumes is not supported, we disable
1392 * quotas immediately.
1393 */
1394 if (mp->m_sb.sb_rextents) {
1395 xfs_notice(mp, "Cannot turn on quotas for realtime filesystem");
1396 mp->m_qflags = 0;
1397 goto write_changes;
1398 }
1399
1400 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1401
1402 /*
1403 * Allocate the quotainfo structure inside the mount struct, and
1404 * create quotainode(s), and change/rev superblock if necessary.
1405 */
1406 error = xfs_qm_init_quotainfo(mp);
1407 if (error) {
1408 /*
1409 * We must turn off quotas.
1410 */
1411 ASSERT(mp->m_quotainfo == NULL);
1412 mp->m_qflags = 0;
1413 goto write_changes;
1414 }
1415 /*
1416 * If any of the quotas are not consistent, do a quotacheck.
1417 */
1418 if (XFS_QM_NEED_QUOTACHECK(mp)) {
1419 error = xfs_qm_quotacheck(mp);
1420 if (error) {
1421 /* Quotacheck failed and disabled quotas. */
1422 return;
1423 }
1424 }
1425 /*
1426 * If one type of quotas is off, then it will lose its
1427 * quotachecked status, since we won't be doing accounting for
1428 * that type anymore.
1429 */
1430 if (!XFS_IS_UQUOTA_ON(mp))
1431 mp->m_qflags &= ~XFS_UQUOTA_CHKD;
1432 if (!XFS_IS_GQUOTA_ON(mp))
1433 mp->m_qflags &= ~XFS_GQUOTA_CHKD;
1434 if (!XFS_IS_PQUOTA_ON(mp))
1435 mp->m_qflags &= ~XFS_PQUOTA_CHKD;
1436
1437 write_changes:
1438 /*
1439 * We actually don't have to acquire the m_sb_lock at all.
1440 * This can only be called from mount, and that's single threaded. XXX
1441 */
1442 spin_lock(&mp->m_sb_lock);
1443 sbf = mp->m_sb.sb_qflags;
1444 mp->m_sb.sb_qflags = mp->m_qflags & XFS_MOUNT_QUOTA_ALL;
1445 spin_unlock(&mp->m_sb_lock);
1446
1447 if (sbf != (mp->m_qflags & XFS_MOUNT_QUOTA_ALL)) {
1448 if (xfs_sync_sb(mp, false)) {
1449 /*
1450 * We could only have been turning quotas off.
1451 * We aren't in very good shape actually because
1452 * the incore structures are convinced that quotas are
1453 * off, but the on disk superblock doesn't know that !
1454 */
1455 ASSERT(!(XFS_IS_QUOTA_RUNNING(mp)));
1456 xfs_alert(mp, "%s: Superblock update failed!",
1457 __func__);
1458 }
1459 }
1460
1461 if (error) {
1462 xfs_warn(mp, "Failed to initialize disk quotas.");
1463 return;
1464 }
1465}
1466
1467/*
1468 * This is called after the superblock has been read in and we're ready to
1469 * iget the quota inodes.
1470 */
1471STATIC int
1472xfs_qm_init_quotainos(
1473 xfs_mount_t *mp)
1474{
1475 struct xfs_inode *uip = NULL;
1476 struct xfs_inode *gip = NULL;
1477 struct xfs_inode *pip = NULL;
1478 int error;
1479 uint flags = 0;
1480
1481 ASSERT(mp->m_quotainfo);
1482
1483 /*
1484 * Get the uquota and gquota inodes
1485 */
1486 if (xfs_sb_version_hasquota(&mp->m_sb)) {
1487 if (XFS_IS_UQUOTA_ON(mp) &&
1488 mp->m_sb.sb_uquotino != NULLFSINO) {
1489 ASSERT(mp->m_sb.sb_uquotino > 0);
1490 error = xfs_iget(mp, NULL, mp->m_sb.sb_uquotino,
1491 0, 0, &uip);
1492 if (error)
1493 return error;
1494 }
1495 if (XFS_IS_GQUOTA_ON(mp) &&
1496 mp->m_sb.sb_gquotino != NULLFSINO) {
1497 ASSERT(mp->m_sb.sb_gquotino > 0);
1498 error = xfs_iget(mp, NULL, mp->m_sb.sb_gquotino,
1499 0, 0, &gip);
1500 if (error)
1501 goto error_rele;
1502 }
1503 if (XFS_IS_PQUOTA_ON(mp) &&
1504 mp->m_sb.sb_pquotino != NULLFSINO) {
1505 ASSERT(mp->m_sb.sb_pquotino > 0);
1506 error = xfs_iget(mp, NULL, mp->m_sb.sb_pquotino,
1507 0, 0, &pip);
1508 if (error)
1509 goto error_rele;
1510 }
1511 } else {
1512 flags |= XFS_QMOPT_SBVERSION;
1513 }
1514
1515 /*
1516 * Create the three inodes, if they don't exist already. The changes
1517 * made above will get added to a transaction and logged in one of
1518 * the qino_alloc calls below. If the device is readonly,
1519 * temporarily switch to read-write to do this.
1520 */
1521 if (XFS_IS_UQUOTA_ON(mp) && uip == NULL) {
1522 error = xfs_qm_qino_alloc(mp, &uip,
1523 flags | XFS_QMOPT_UQUOTA);
1524 if (error)
1525 goto error_rele;
1526
1527 flags &= ~XFS_QMOPT_SBVERSION;
1528 }
1529 if (XFS_IS_GQUOTA_ON(mp) && gip == NULL) {
1530 error = xfs_qm_qino_alloc(mp, &gip,
1531 flags | XFS_QMOPT_GQUOTA);
1532 if (error)
1533 goto error_rele;
1534
1535 flags &= ~XFS_QMOPT_SBVERSION;
1536 }
1537 if (XFS_IS_PQUOTA_ON(mp) && pip == NULL) {
1538 error = xfs_qm_qino_alloc(mp, &pip,
1539 flags | XFS_QMOPT_PQUOTA);
1540 if (error)
1541 goto error_rele;
1542 }
1543
1544 mp->m_quotainfo->qi_uquotaip = uip;
1545 mp->m_quotainfo->qi_gquotaip = gip;
1546 mp->m_quotainfo->qi_pquotaip = pip;
1547
1548 return 0;
1549
1550error_rele:
1551 if (uip)
1552 xfs_irele(uip);
1553 if (gip)
1554 xfs_irele(gip);
1555 if (pip)
1556 xfs_irele(pip);
1557 return error;
1558}
1559
1560STATIC void
1561xfs_qm_destroy_quotainos(
1562 xfs_quotainfo_t *qi)
1563{
1564 if (qi->qi_uquotaip) {
1565 xfs_irele(qi->qi_uquotaip);
1566 qi->qi_uquotaip = NULL; /* paranoia */
1567 }
1568 if (qi->qi_gquotaip) {
1569 xfs_irele(qi->qi_gquotaip);
1570 qi->qi_gquotaip = NULL;
1571 }
1572 if (qi->qi_pquotaip) {
1573 xfs_irele(qi->qi_pquotaip);
1574 qi->qi_pquotaip = NULL;
1575 }
1576}
1577
1578STATIC void
1579xfs_qm_dqfree_one(
1580 struct xfs_dquot *dqp)
1581{
1582 struct xfs_mount *mp = dqp->q_mount;
1583 struct xfs_quotainfo *qi = mp->m_quotainfo;
1584
1585 mutex_lock(&qi->qi_tree_lock);
1586 radix_tree_delete(xfs_dquot_tree(qi, dqp->q_core.d_flags),
1587 be32_to_cpu(dqp->q_core.d_id));
1588
1589 qi->qi_dquots--;
1590 mutex_unlock(&qi->qi_tree_lock);
1591
1592 xfs_qm_dqdestroy(dqp);
1593}
1594
1595/* --------------- utility functions for vnodeops ---------------- */
1596
1597
1598/*
1599 * Given an inode, a uid, gid and prid make sure that we have
1600 * allocated relevant dquot(s) on disk, and that we won't exceed inode
1601 * quotas by creating this file.
1602 * This also attaches dquot(s) to the given inode after locking it,
1603 * and returns the dquots corresponding to the uid and/or gid.
1604 *
1605 * in : inode (unlocked)
1606 * out : udquot, gdquot with references taken and unlocked
1607 */
1608int
1609xfs_qm_vop_dqalloc(
1610 struct xfs_inode *ip,
1611 xfs_dqid_t uid,
1612 xfs_dqid_t gid,
1613 prid_t prid,
1614 uint flags,
1615 struct xfs_dquot **O_udqpp,
1616 struct xfs_dquot **O_gdqpp,
1617 struct xfs_dquot **O_pdqpp)
1618{
1619 struct xfs_mount *mp = ip->i_mount;
1620 struct xfs_dquot *uq = NULL;
1621 struct xfs_dquot *gq = NULL;
1622 struct xfs_dquot *pq = NULL;
1623 int error;
1624 uint lockflags;
1625
1626 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
1627 return 0;
1628
1629 lockflags = XFS_ILOCK_EXCL;
1630 xfs_ilock(ip, lockflags);
1631
1632 if ((flags & XFS_QMOPT_INHERIT) && XFS_INHERIT_GID(ip))
1633 gid = ip->i_d.di_gid;
1634
1635 /*
1636 * Attach the dquot(s) to this inode, doing a dquot allocation
1637 * if necessary. The dquot(s) will not be locked.
1638 */
1639 if (XFS_NOT_DQATTACHED(mp, ip)) {
1640 error = xfs_qm_dqattach_locked(ip, true);
1641 if (error) {
1642 xfs_iunlock(ip, lockflags);
1643 return error;
1644 }
1645 }
1646
1647 if ((flags & XFS_QMOPT_UQUOTA) && XFS_IS_UQUOTA_ON(mp)) {
1648 if (ip->i_d.di_uid != uid) {
1649 /*
1650 * What we need is the dquot that has this uid, and
1651 * if we send the inode to dqget, the uid of the inode
1652 * takes priority over what's sent in the uid argument.
1653 * We must unlock inode here before calling dqget if
1654 * we're not sending the inode, because otherwise
1655 * we'll deadlock by doing trans_reserve while
1656 * holding ilock.
1657 */
1658 xfs_iunlock(ip, lockflags);
1659 error = xfs_qm_dqget(mp, uid, XFS_DQ_USER, true, &uq);
1660 if (error) {
1661 ASSERT(error != -ENOENT);
1662 return error;
1663 }
1664 /*
1665 * Get the ilock in the right order.
1666 */
1667 xfs_dqunlock(uq);
1668 lockflags = XFS_ILOCK_SHARED;
1669 xfs_ilock(ip, lockflags);
1670 } else {
1671 /*
1672 * Take an extra reference, because we'll return
1673 * this to caller
1674 */
1675 ASSERT(ip->i_udquot);
1676 uq = xfs_qm_dqhold(ip->i_udquot);
1677 }
1678 }
1679 if ((flags & XFS_QMOPT_GQUOTA) && XFS_IS_GQUOTA_ON(mp)) {
1680 if (ip->i_d.di_gid != gid) {
1681 xfs_iunlock(ip, lockflags);
1682 error = xfs_qm_dqget(mp, gid, XFS_DQ_GROUP, true, &gq);
1683 if (error) {
1684 ASSERT(error != -ENOENT);
1685 goto error_rele;
1686 }
1687 xfs_dqunlock(gq);
1688 lockflags = XFS_ILOCK_SHARED;
1689 xfs_ilock(ip, lockflags);
1690 } else {
1691 ASSERT(ip->i_gdquot);
1692 gq = xfs_qm_dqhold(ip->i_gdquot);
1693 }
1694 }
1695 if ((flags & XFS_QMOPT_PQUOTA) && XFS_IS_PQUOTA_ON(mp)) {
1696 if (xfs_get_projid(ip) != prid) {
1697 xfs_iunlock(ip, lockflags);
1698 error = xfs_qm_dqget(mp, (xfs_dqid_t)prid, XFS_DQ_PROJ,
1699 true, &pq);
1700 if (error) {
1701 ASSERT(error != -ENOENT);
1702 goto error_rele;
1703 }
1704 xfs_dqunlock(pq);
1705 lockflags = XFS_ILOCK_SHARED;
1706 xfs_ilock(ip, lockflags);
1707 } else {
1708 ASSERT(ip->i_pdquot);
1709 pq = xfs_qm_dqhold(ip->i_pdquot);
1710 }
1711 }
1712 if (uq)
1713 trace_xfs_dquot_dqalloc(ip);
1714
1715 xfs_iunlock(ip, lockflags);
1716 if (O_udqpp)
1717 *O_udqpp = uq;
1718 else
1719 xfs_qm_dqrele(uq);
1720 if (O_gdqpp)
1721 *O_gdqpp = gq;
1722 else
1723 xfs_qm_dqrele(gq);
1724 if (O_pdqpp)
1725 *O_pdqpp = pq;
1726 else
1727 xfs_qm_dqrele(pq);
1728 return 0;
1729
1730error_rele:
1731 xfs_qm_dqrele(gq);
1732 xfs_qm_dqrele(uq);
1733 return error;
1734}
1735
1736/*
1737 * Actually transfer ownership, and do dquot modifications.
1738 * These were already reserved.
1739 */
1740xfs_dquot_t *
1741xfs_qm_vop_chown(
1742 xfs_trans_t *tp,
1743 xfs_inode_t *ip,
1744 xfs_dquot_t **IO_olddq,
1745 xfs_dquot_t *newdq)
1746{
1747 xfs_dquot_t *prevdq;
1748 uint bfield = XFS_IS_REALTIME_INODE(ip) ?
1749 XFS_TRANS_DQ_RTBCOUNT : XFS_TRANS_DQ_BCOUNT;
1750
1751
1752 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
1753 ASSERT(XFS_IS_QUOTA_RUNNING(ip->i_mount));
1754
1755 /* old dquot */
1756 prevdq = *IO_olddq;
1757 ASSERT(prevdq);
1758 ASSERT(prevdq != newdq);
1759
1760 xfs_trans_mod_dquot(tp, prevdq, bfield, -(ip->i_d.di_nblocks));
1761 xfs_trans_mod_dquot(tp, prevdq, XFS_TRANS_DQ_ICOUNT, -1);
1762
1763 /* the sparkling new dquot */
1764 xfs_trans_mod_dquot(tp, newdq, bfield, ip->i_d.di_nblocks);
1765 xfs_trans_mod_dquot(tp, newdq, XFS_TRANS_DQ_ICOUNT, 1);
1766
1767 /*
1768 * Take an extra reference, because the inode is going to keep
1769 * this dquot pointer even after the trans_commit.
1770 */
1771 *IO_olddq = xfs_qm_dqhold(newdq);
1772
1773 return prevdq;
1774}
1775
1776/*
1777 * Quota reservations for setattr(AT_UID|AT_GID|AT_PROJID).
1778 */
1779int
1780xfs_qm_vop_chown_reserve(
1781 struct xfs_trans *tp,
1782 struct xfs_inode *ip,
1783 struct xfs_dquot *udqp,
1784 struct xfs_dquot *gdqp,
1785 struct xfs_dquot *pdqp,
1786 uint flags)
1787{
1788 struct xfs_mount *mp = ip->i_mount;
1789 uint64_t delblks;
1790 unsigned int blkflags, prjflags = 0;
1791 struct xfs_dquot *udq_unres = NULL;
1792 struct xfs_dquot *gdq_unres = NULL;
1793 struct xfs_dquot *pdq_unres = NULL;
1794 struct xfs_dquot *udq_delblks = NULL;
1795 struct xfs_dquot *gdq_delblks = NULL;
1796 struct xfs_dquot *pdq_delblks = NULL;
1797 int error;
1798
1799
1800 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL|XFS_ILOCK_SHARED));
1801 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1802
1803 delblks = ip->i_delayed_blks;
1804 blkflags = XFS_IS_REALTIME_INODE(ip) ?
1805 XFS_QMOPT_RES_RTBLKS : XFS_QMOPT_RES_REGBLKS;
1806
1807 if (XFS_IS_UQUOTA_ON(mp) && udqp &&
1808 ip->i_d.di_uid != be32_to_cpu(udqp->q_core.d_id)) {
1809 udq_delblks = udqp;
1810 /*
1811 * If there are delayed allocation blocks, then we have to
1812 * unreserve those from the old dquot, and add them to the
1813 * new dquot.
1814 */
1815 if (delblks) {
1816 ASSERT(ip->i_udquot);
1817 udq_unres = ip->i_udquot;
1818 }
1819 }
1820 if (XFS_IS_GQUOTA_ON(ip->i_mount) && gdqp &&
1821 ip->i_d.di_gid != be32_to_cpu(gdqp->q_core.d_id)) {
1822 gdq_delblks = gdqp;
1823 if (delblks) {
1824 ASSERT(ip->i_gdquot);
1825 gdq_unres = ip->i_gdquot;
1826 }
1827 }
1828
1829 if (XFS_IS_PQUOTA_ON(ip->i_mount) && pdqp &&
1830 xfs_get_projid(ip) != be32_to_cpu(pdqp->q_core.d_id)) {
1831 prjflags = XFS_QMOPT_ENOSPC;
1832 pdq_delblks = pdqp;
1833 if (delblks) {
1834 ASSERT(ip->i_pdquot);
1835 pdq_unres = ip->i_pdquot;
1836 }
1837 }
1838
1839 error = xfs_trans_reserve_quota_bydquots(tp, ip->i_mount,
1840 udq_delblks, gdq_delblks, pdq_delblks,
1841 ip->i_d.di_nblocks, 1,
1842 flags | blkflags | prjflags);
1843 if (error)
1844 return error;
1845
1846 /*
1847 * Do the delayed blks reservations/unreservations now. Since, these
1848 * are done without the help of a transaction, if a reservation fails
1849 * its previous reservations won't be automatically undone by trans
1850 * code. So, we have to do it manually here.
1851 */
1852 if (delblks) {
1853 /*
1854 * Do the reservations first. Unreservation can't fail.
1855 */
1856 ASSERT(udq_delblks || gdq_delblks || pdq_delblks);
1857 ASSERT(udq_unres || gdq_unres || pdq_unres);
1858 error = xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount,
1859 udq_delblks, gdq_delblks, pdq_delblks,
1860 (xfs_qcnt_t)delblks, 0,
1861 flags | blkflags | prjflags);
1862 if (error)
1863 return error;
1864 xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount,
1865 udq_unres, gdq_unres, pdq_unres,
1866 -((xfs_qcnt_t)delblks), 0, blkflags);
1867 }
1868
1869 return 0;
1870}
1871
1872int
1873xfs_qm_vop_rename_dqattach(
1874 struct xfs_inode **i_tab)
1875{
1876 struct xfs_mount *mp = i_tab[0]->i_mount;
1877 int i;
1878
1879 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
1880 return 0;
1881
1882 for (i = 0; (i < 4 && i_tab[i]); i++) {
1883 struct xfs_inode *ip = i_tab[i];
1884 int error;
1885
1886 /*
1887 * Watch out for duplicate entries in the table.
1888 */
1889 if (i == 0 || ip != i_tab[i-1]) {
1890 if (XFS_NOT_DQATTACHED(mp, ip)) {
1891 error = xfs_qm_dqattach(ip);
1892 if (error)
1893 return error;
1894 }
1895 }
1896 }
1897 return 0;
1898}
1899
1900void
1901xfs_qm_vop_create_dqattach(
1902 struct xfs_trans *tp,
1903 struct xfs_inode *ip,
1904 struct xfs_dquot *udqp,
1905 struct xfs_dquot *gdqp,
1906 struct xfs_dquot *pdqp)
1907{
1908 struct xfs_mount *mp = tp->t_mountp;
1909
1910 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
1911 return;
1912
1913 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
1914 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1915
1916 if (udqp && XFS_IS_UQUOTA_ON(mp)) {
1917 ASSERT(ip->i_udquot == NULL);
1918 ASSERT(ip->i_d.di_uid == be32_to_cpu(udqp->q_core.d_id));
1919
1920 ip->i_udquot = xfs_qm_dqhold(udqp);
1921 xfs_trans_mod_dquot(tp, udqp, XFS_TRANS_DQ_ICOUNT, 1);
1922 }
1923 if (gdqp && XFS_IS_GQUOTA_ON(mp)) {
1924 ASSERT(ip->i_gdquot == NULL);
1925 ASSERT(ip->i_d.di_gid == be32_to_cpu(gdqp->q_core.d_id));
1926 ip->i_gdquot = xfs_qm_dqhold(gdqp);
1927 xfs_trans_mod_dquot(tp, gdqp, XFS_TRANS_DQ_ICOUNT, 1);
1928 }
1929 if (pdqp && XFS_IS_PQUOTA_ON(mp)) {
1930 ASSERT(ip->i_pdquot == NULL);
1931 ASSERT(xfs_get_projid(ip) == be32_to_cpu(pdqp->q_core.d_id));
1932
1933 ip->i_pdquot = xfs_qm_dqhold(pdqp);
1934 xfs_trans_mod_dquot(tp, pdqp, XFS_TRANS_DQ_ICOUNT, 1);
1935 }
1936}
1937