#
b9a1a7f4 |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Push dqio_sem down to ->release_dqblk()
Push down acquisition of dqio_sem into ->release_dqblk() callback. It will allow quota formats to decide whether they need it or not.
Reviewed-by: And
quota: Push dqio_sem down to ->release_dqblk()
Push down acquisition of dqio_sem into ->release_dqblk() callback. It will allow quota formats to decide whether they need it or not.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
8fc32c2b |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Push dqio_sem down to ->write_dqblk()
Push down acquisition of dqio_sem into ->write_dqblk() callback. It will allow quota formats to decide whether they need it or not.
Reviewed-by: Andreas
quota: Push dqio_sem down to ->write_dqblk()
Push down acquisition of dqio_sem into ->write_dqblk() callback. It will allow quota formats to decide whether they need it or not.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
e342e38d |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Push dqio_sem down to ->read_dqblk()
Push down acquisition of dqio_sem into ->read_dqblk() callback. It will allow quota formats to decide whether they need it or not.
Reviewed-by: Andreas D
quota: Push dqio_sem down to ->read_dqblk()
Push down acquisition of dqio_sem into ->read_dqblk() callback. It will allow quota formats to decide whether they need it or not.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
5e8cb9b6 |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Protect dquot writeout with dq_lock
Currently dquot writeout is only protected by dqio_sem held for writing. As we transition to a finer grained locking we will use dquot->dq_lock instead. So
quota: Protect dquot writeout with dq_lock
Currently dquot writeout is only protected by dqio_sem held for writing. As we transition to a finer grained locking we will use dquot->dq_lock instead. So acquire it in dquot_commit() and move dqio_sem just around ->commit_dqblk() call as it is still needed to serialize quota file changes.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
d6ab3661 |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Acquire dqio_sem for reading in vfs_load_quota_inode()
vfs_load_quota_inode() needs dqio_sem only for reading. In fact dqio_sem is not needed there at all since the function can be called onl
quota: Acquire dqio_sem for reading in vfs_load_quota_inode()
vfs_load_quota_inode() needs dqio_sem only for reading. In fact dqio_sem is not needed there at all since the function can be called only during quota on when quota file cannot be modified but let's leave the protection there since it is logical and the path is in no way performance critical.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
0cff9151 |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Acquire dqio_sem for reading in dquot_get_next_id()
dquot_get_next_id() needs dqio_sem only for reading to protect against racing with modification of quota file structure.
Reviewed-by: Andr
quota: Acquire dqio_sem for reading in dquot_get_next_id()
dquot_get_next_id() needs dqio_sem only for reading to protect against racing with modification of quota file structure.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
62676838 |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Do more fine-grained locking in dquot_acquire()
We need dqio_sem held just for reading when calling ->read_dqblk() in dquot_acquire(). Also dqio_sem is not needed when setting DQ_READ_B and D
quota: Do more fine-grained locking in dquot_acquire()
We need dqio_sem held just for reading when calling ->read_dqblk() in dquot_acquire(). Also dqio_sem is not needed when setting DQ_READ_B and DQ_ACTIVE_B as concurrent reads and dquot activations are serialized by dq_lock. So acquire and release dqio_sem closer to the place where it is needed. This reduces lock hold time and will make locking changes easier.
Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
bc8230ee |
| 08-Jun-2017 |
Jan Kara <jack@suse.cz> |
quota: Convert dqio_mutex to rwsem
Convert dqio_mutex to rwsem and call it dqio_sem. No functional changes yet.
Signed-off-by: Jan Kara <jack@suse.cz>
|
#
41e327b5 |
| 07-Aug-2017 |
zhangyi (F) <yi.zhang@huawei.com> |
quota: correct space limit check
Currently we compare total space (curspace + rsvspace) with space limit in quota-tools when setting grace time and also in check_bdq(), but we missing rsvspace in so
quota: correct space limit check
Currently we compare total space (curspace + rsvspace) with space limit in quota-tools when setting grace time and also in check_bdq(), but we missing rsvspace in somewhere else, correct them. This patch also fix incorrect zero dqb_btime and grace time updating failure when we use rsvspace(e.g. ext4 dalloc feature).
Signed-off-by: zhangyi (F) <yi.zhang@huawei.com> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
7a9ca53a |
| 22-Jun-2017 |
Tahsin Erdogan <tahsin@google.com> |
quota: add get_inode_usage callback to transfer multi-inode charges
Ext4 ea_inode feature allows storing xattr values in external inodes to be able to store values that are bigger than a block in si
quota: add get_inode_usage callback to transfer multi-inode charges
Ext4 ea_inode feature allows storing xattr values in external inodes to be able to store values that are bigger than a block in size. Ext4 also has deduplication support for these type of inodes. With deduplication, the actual storage waste is eliminated but the users of such inodes are still charged full quota for the inodes as if there was no sharing happening in the background.
This design requires ext4 to manually charge the users because the inodes are shared.
An implication of this is that, if someone calls chown on a file that has such references we need to transfer the quota for the file and xattr inodes. Current dquot_transfer() function implicitly transfers one inode charge. With ea_inode feature, we would like to transfer multiple inode charges.
Add get_inode_usage callback which can interrogate the total number of inodes that were charged for a given inode.
[ Applied fix from Colin King to make sure the 'ret' variable is initialized on the successful return path. Detected by CoverityScan, CID#1446616 ("Uninitialized scalar variable") --tytso]
Signed-off-by: Tahsin Erdogan <tahsin@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Jan Kara <jack@suse.cz>
show more ...
|
#
b8cb5a54 |
| 24-May-2017 |
Tahsin Erdogan <tahsin@google.com> |
ext4: fix quota charging for shared xattr blocks
ext4_xattr_block_set() calls dquot_alloc_block() to charge for an xattr block when new references are made. However if dquot_initialize() hasn't been
ext4: fix quota charging for shared xattr blocks
ext4_xattr_block_set() calls dquot_alloc_block() to charge for an xattr block when new references are made. However if dquot_initialize() hasn't been called on an inode, request for charging is effectively ignored because ext4_inode_info->i_dquot is not initialized yet.
Add dquot_initialize() to call paths that lead to ext4_xattr_block_set().
Signed-off-by: Tahsin Erdogan <tahsin@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jan Kara <jack@suse.cz>
show more ...
|
#
139c279f |
| 12-Apr-2017 |
Jan Kara <jack@suse.cz> |
quota: Remove dquot_quotactl_ops
Nobody uses them anymore.
Signed-off-by: Jan Kara <jack@suse.cz>
|
#
aad6cde9 |
| 11-Apr-2017 |
Jan Kara <jack@suse.cz> |
quota: Stop setting IMMUTABLE and NOATIME flags on quota files
Currently we set IMMUTABLE and NOATIME flags on quota files to stop userspace from messing with them. Now that all filesystems set thes
quota: Stop setting IMMUTABLE and NOATIME flags on quota files
Currently we set IMMUTABLE and NOATIME flags on quota files to stop userspace from messing with them. Now that all filesystems set these flags in their quota_on handlers, we can stop setting the flags in generic quota code. This will allow filesystems to stop copying i_flags to their on-disk flags on various occasions.
Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
5b825c3a |
| 02-Feb-2017 |
Ingo Molnar <mingo@kernel.org> |
sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h>
Add #include <linux/cred.h> dependencies to all .c files rely on sched.h doing that for them.
Note that even if the co
sched/headers: Prepare to remove <linux/cred.h> inclusion from <linux/sched.h>
Add #include <linux/cred.h> dependencies to all .c files rely on sched.h doing that for them.
Note that even if the count where we need to add extra headers seems high, it's still a net win, because <linux/sched.h> is included in over 2,200 files ...
Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
show more ...
|
#
2700e606 |
| 19-Dec-2016 |
Jan Kara <jack@suse.cz> |
quota: Fix bogus warning in dquot_disable()
dquot_disable() was warning when sb_has_quota_loaded() was true when invalidating page cache for quota files. The thinking behind this warning was that we
quota: Fix bogus warning in dquot_disable()
dquot_disable() was warning when sb_has_quota_loaded() was true when invalidating page cache for quota files. The thinking behind this warning was that we must have raced with somebody else turning quotas on and this should not happen because all places modifying quota state must hold s_umount exclusively now. However sb_has_quota_loaded() can be also true at this point when we are just suspending quotas on remount read-only. Just restore the behavior to situation before commit c3b004460d77 ("quota: Remove dqonoff_mutex") which introduced the warning.
The code in dquot_disable() can be further simplified with the new locking of quota state changes however let's leave that to a separate commit that can get more testing exposure.
Fixes: c3b004460d77bf3f980d877be539016f2df4df12 Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
8c54ca9c |
| 20-Nov-2016 |
Al Viro <viro@zeniv.linux.org.uk> |
quota: constify struct path in quota_on
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
#
c3b00446 |
| 23-Nov-2016 |
Jan Kara <jack@suse.cz> |
quota: Remove dqonoff_mutex
The only places that were grabbing dqonoff_mutex are functions turning quotas on and off and these are properly serialized using s_umount semaphore. Remove dqonoff_mutex.
quota: Remove dqonoff_mutex
The only places that were grabbing dqonoff_mutex are functions turning quotas on and off and these are properly serialized using s_umount semaphore. Remove dqonoff_mutex.
Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
ee1ac541 |
| 23-Nov-2016 |
Jan Kara <jack@suse.cz> |
quota: Remove dqonoff_mutex from dquot_scan_active()
All callers of dquot_scan_active() now hold s_umount so we can rely on that lock to protect us against quota state changes.
Signed-off-by: Jan K
quota: Remove dqonoff_mutex from dquot_scan_active()
All callers of dquot_scan_active() now hold s_umount so we can rely on that lock to protect us against quota state changes.
Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
9d1ccbe7 |
| 23-Nov-2016 |
Jan Kara <jack@suse.cz> |
quota: Use s_umount protection for quota operations
Writeback quota is protected by s_umount semaphore held for reading because every writeback must be protected by that lock (grabbed either by the
quota: Use s_umount protection for quota operations
Writeback quota is protected by s_umount semaphore held for reading because every writeback must be protected by that lock (grabbed either by the generic writeback code or by quotactl handler). Getting next available ID in quota file, querying quota state, setting quota information, getting quota format are all quotactl operations protected by s_umount semaphore held for reading grabbed in quotactl handler.
This also fixes lockdep splat about possible deadlock during filesystem freezing where sync_filesystem() is called with page-faults already blocked but sync_filesystem() calls into dquot_writeback_dquots() which grabs dqonoff_mutex which ranks above i_mutex (vfs_load_quota_inode() grabs i_mutex under dqonoff_mutex) which clearly ranks below page fault freeze protection (e.g. via mmap_sem dependencies). The reported problem is not a real deadlock possibility since during quota on we check whether filesystem freezing is not in progress but still it is good to have this fixed.
Reported-by: Ted Tso <tytso@mit.edu> Reported-by: Eric Whitney <enwlinux@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
7d6cd73d |
| 23-Nov-2016 |
Jan Kara <jack@suse.cz> |
quota: Hold s_umount in exclusive mode when enabling / disabling quotas
Currently we hold s_umount semaphore only in shared mode when enabling or disabling quotas and use dqonoff_mutex for serializi
quota: Hold s_umount in exclusive mode when enabling / disabling quotas
Currently we hold s_umount semaphore only in shared mode when enabling or disabling quotas and use dqonoff_mutex for serializing quota state changes on a filesystem and also quota state changes with other places depending on current quota state. Using dedicated mutex for this causes possible deadlocks during filesystem freezing (see following commit for details) so we transition to using s_umount semaphore for the necessary synchronization whose lock ordering is properly handled by the filesystem freezing code. As a start grab s_umount in exclusive mode when enabling / disabling quotas.
Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
5c004828 |
| 05-Jul-2016 |
Eric W. Biederman <ebiederm@xmission.com> |
dquot: For now explicitly don't support filesystems outside of init_user_ns
Mostly supporting filesystems outside of init_user_ns is s/&init_usre_ns/dquot->dq_sb->s_user_ns/. An actual need for sup
dquot: For now explicitly don't support filesystems outside of init_user_ns
Mostly supporting filesystems outside of init_user_ns is s/&init_usre_ns/dquot->dq_sb->s_user_ns/. An actual need for supporting quotas on filesystems outside of s_user_ns is quite a ways away and to be done responsibily needs an audit on what can happen with hostile quota files. Until that audit is complete don't attempt to support quota files on filesystems outside of s_user_ns.
Cc: Jan Kara <jack@suse.cz> Acked-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
show more ...
|
#
d49d3762 |
| 30-Jun-2016 |
Eric W. Biederman <ebiederm@xmission.com> |
quota: Ensure qids map to the filesystem
Introduce the helper qid_has_mapping and use it to ensure that the quota system only considers qids that map to the filesystems s_user_ns.
In practice for q
quota: Ensure qids map to the filesystem
Introduce the helper qid_has_mapping and use it to ensure that the quota system only considers qids that map to the filesystems s_user_ns.
In practice for quota supporting filesystems today this is the exact same check as qid_valid. As only 0xffffffff aka (qid_t)-1 does not map into init_user_ns.
Replace the qid_valid calls with qid_has_mapping as values come in from userspace. This is harmless today and it prepares the quota system to work on filesystems with quotas but mounted by unprivileged users.
Call qid_has_mapping from dqget. This ensures the passed in qid has a prepresentation on the underlying filesystem. Previously this was unnecessary as filesystesm never had qids that could not map. With the introduction of filesystems outside of s_user_ns this will not remain true.
All of this ensures the quota code never has to deal with qids that don't map to the underlying filesystem.
Cc: Jan Kara <jack@suse.cz> Acked-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
show more ...
|
#
e008bb61 |
| 17-Jun-2016 |
Arnd Bergmann <arnd@arndb.de> |
quota: use time64_t internally
The quota subsystem has two formats, the old v1 format using architecture specific time_t values on the on-disk format, while the v2 format (introduced in Linux 2.5.16
quota: use time64_t internally
The quota subsystem has two formats, the old v1 format using architecture specific time_t values on the on-disk format, while the v2 format (introduced in Linux 2.5.16 and 2.4.22) uses fixed 64-bit little-endian.
While there is no future for the v1 format beyond y2038, the v2 format is almost there on 32-bit architectures, as both the user interface and the on-disk format use 64-bit timestamps, just not the time_t inbetween.
This changes the internal representation to use time64_t, which will end up doing the right thing everywhere for v2 format.
Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
17e8a893 |
| 29-Mar-2016 |
Jan Kara <jack@suse.cz> |
quota: Handle Q_GETNEXTQUOTA when quota is disabled
Currently we oopsed when Q_GETNEXTQUOTA got called when quota was disabled. Properly check whether quota is enabled for the filesystem before call
quota: Handle Q_GETNEXTQUOTA when quota is disabled
Currently we oopsed when Q_GETNEXTQUOTA got called when quota was disabled. Properly check whether quota is enabled for the filesystem before calling into quota format handler.
Reported-by: Ted Tso <tytso@mit.edu> Signed-off-by: Jan Kara <jack@suse.cz>
show more ...
|
#
e12a4e8a |
| 07-Mar-2016 |
Al Viro <viro@zeniv.linux.org.uk> |
quota: use lookup_one_len_unlocked()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|