1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * In memory quota format relies on quota infrastructure to store dquot
4 * information for us. While conventional quota formats for file systems
5 * with persistent storage can load quota information into dquot from the
6 * storage on-demand and hence quota dquot shrinker can free any dquot
7 * that is not currently being used, it must be avoided here. Otherwise we
8 * can lose valuable information, user provided limits, because there is
9 * no persistent storage to load the information from afterwards.
10 *
11 * One information that in-memory quota format needs to keep track of is
12 * a sorted list of ids for each quota type. This is done by utilizing
13 * an rb tree which root is stored in mem_dqinfo->dqi_priv for each quota
14 * type.
15 *
16 * This format can be used to support quota on file system without persistent
17 * storage such as tmpfs.
18 *
19 * Author: Lukas Czerner <lczerner@redhat.com>
20 * Carlos Maiolino <cmaiolino@redhat.com>
21 *
22 * Copyright (C) 2023 Red Hat, Inc.
23 */
24 #include <linux/errno.h>
25 #include <linux/fs.h>
26 #include <linux/mount.h>
27 #include <linux/kernel.h>
28 #include <linux/init.h>
29 #include <linux/module.h>
30 #include <linux/slab.h>
31 #include <linux/rbtree.h>
32 #include <linux/shmem_fs.h>
33
34 #include <linux/quotaops.h>
35 #include <linux/quota.h>
36
37 #ifdef CONFIG_TMPFS_QUOTA
38
39 /*
40 * The following constants define the amount of time given a user
41 * before the soft limits are treated as hard limits (usually resulting
42 * in an allocation failure). The timer is started when the user crosses
43 * their soft limit, it is reset when they go below their soft limit.
44 */
45 #define SHMEM_MAX_IQ_TIME 604800 /* (7*24*60*60) 1 week */
46 #define SHMEM_MAX_DQ_TIME 604800 /* (7*24*60*60) 1 week */
47
48 struct quota_id {
49 struct rb_node node;
50 qid_t id;
51 qsize_t bhardlimit;
52 qsize_t bsoftlimit;
53 qsize_t ihardlimit;
54 qsize_t isoftlimit;
55 };
56
shmem_check_quota_file(struct super_block * sb,int type)57 static int shmem_check_quota_file(struct super_block *sb, int type)
58 {
59 /* There is no real quota file, nothing to do */
60 return 1;
61 }
62
63 /*
64 * There is no real quota file. Just allocate rb_root for quota ids and
65 * set limits
66 */
shmem_read_file_info(struct super_block * sb,int type)67 static int shmem_read_file_info(struct super_block *sb, int type)
68 {
69 struct quota_info *dqopt = sb_dqopt(sb);
70 struct mem_dqinfo *info = &dqopt->info[type];
71
72 info->dqi_priv = kzalloc(sizeof(struct rb_root), GFP_NOFS);
73 if (!info->dqi_priv)
74 return -ENOMEM;
75
76 info->dqi_max_spc_limit = SHMEM_QUOTA_MAX_SPC_LIMIT;
77 info->dqi_max_ino_limit = SHMEM_QUOTA_MAX_INO_LIMIT;
78
79 info->dqi_bgrace = SHMEM_MAX_DQ_TIME;
80 info->dqi_igrace = SHMEM_MAX_IQ_TIME;
81 info->dqi_flags = 0;
82
83 return 0;
84 }
85
shmem_write_file_info(struct super_block * sb,int type)86 static int shmem_write_file_info(struct super_block *sb, int type)
87 {
88 /* There is no real quota file, nothing to do */
89 return 0;
90 }
91
92 /*
93 * Free all the quota_id entries in the rb tree and rb_root.
94 */
shmem_free_file_info(struct super_block * sb,int type)95 static int shmem_free_file_info(struct super_block *sb, int type)
96 {
97 struct mem_dqinfo *info = &sb_dqopt(sb)->info[type];
98 struct rb_root *root = info->dqi_priv;
99 struct quota_id *entry;
100 struct rb_node *node;
101
102 info->dqi_priv = NULL;
103 node = rb_first(root);
104 while (node) {
105 entry = rb_entry(node, struct quota_id, node);
106 node = rb_next(&entry->node);
107
108 rb_erase(&entry->node, root);
109 kfree(entry);
110 }
111
112 kfree(root);
113 return 0;
114 }
115
shmem_get_next_id(struct super_block * sb,struct kqid * qid)116 static int shmem_get_next_id(struct super_block *sb, struct kqid *qid)
117 {
118 struct mem_dqinfo *info = sb_dqinfo(sb, qid->type);
119 struct rb_node *node;
120 qid_t id = from_kqid(&init_user_ns, *qid);
121 struct quota_info *dqopt = sb_dqopt(sb);
122 struct quota_id *entry = NULL;
123 int ret = 0;
124
125 if (!sb_has_quota_active(sb, qid->type))
126 return -ESRCH;
127
128 down_read(&dqopt->dqio_sem);
129 node = ((struct rb_root *)info->dqi_priv)->rb_node;
130 while (node) {
131 entry = rb_entry(node, struct quota_id, node);
132
133 if (id < entry->id)
134 node = node->rb_left;
135 else if (id > entry->id)
136 node = node->rb_right;
137 else
138 goto got_next_id;
139 }
140
141 if (!entry) {
142 ret = -ENOENT;
143 goto out_unlock;
144 }
145
146 if (id > entry->id) {
147 node = rb_next(&entry->node);
148 if (!node) {
149 ret = -ENOENT;
150 goto out_unlock;
151 }
152 entry = rb_entry(node, struct quota_id, node);
153 }
154
155 got_next_id:
156 *qid = make_kqid(&init_user_ns, qid->type, entry->id);
157 out_unlock:
158 up_read(&dqopt->dqio_sem);
159 return ret;
160 }
161
162 /*
163 * Load dquot with limits from existing entry, or create the new entry if
164 * it does not exist.
165 */
shmem_acquire_dquot(struct dquot * dquot)166 static int shmem_acquire_dquot(struct dquot *dquot)
167 {
168 struct mem_dqinfo *info = sb_dqinfo(dquot->dq_sb, dquot->dq_id.type);
169 struct rb_node **n;
170 struct shmem_sb_info *sbinfo = dquot->dq_sb->s_fs_info;
171 struct rb_node *parent = NULL, *new_node = NULL;
172 struct quota_id *new_entry, *entry;
173 qid_t id = from_kqid(&init_user_ns, dquot->dq_id);
174 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
175 int ret = 0;
176
177 mutex_lock(&dquot->dq_lock);
178
179 down_write(&dqopt->dqio_sem);
180 n = &((struct rb_root *)info->dqi_priv)->rb_node;
181
182 while (*n) {
183 parent = *n;
184 entry = rb_entry(parent, struct quota_id, node);
185
186 if (id < entry->id)
187 n = &(*n)->rb_left;
188 else if (id > entry->id)
189 n = &(*n)->rb_right;
190 else
191 goto found;
192 }
193
194 /* We don't have entry for this id yet, create it */
195 new_entry = kzalloc(sizeof(struct quota_id), GFP_NOFS);
196 if (!new_entry) {
197 ret = -ENOMEM;
198 goto out_unlock;
199 }
200
201 new_entry->id = id;
202 if (dquot->dq_id.type == USRQUOTA) {
203 new_entry->bhardlimit = sbinfo->qlimits.usrquota_bhardlimit;
204 new_entry->ihardlimit = sbinfo->qlimits.usrquota_ihardlimit;
205 } else if (dquot->dq_id.type == GRPQUOTA) {
206 new_entry->bhardlimit = sbinfo->qlimits.grpquota_bhardlimit;
207 new_entry->ihardlimit = sbinfo->qlimits.grpquota_ihardlimit;
208 }
209
210 new_node = &new_entry->node;
211 rb_link_node(new_node, parent, n);
212 rb_insert_color(new_node, (struct rb_root *)info->dqi_priv);
213 entry = new_entry;
214
215 found:
216 /* Load the stored limits from the tree */
217 spin_lock(&dquot->dq_dqb_lock);
218 dquot->dq_dqb.dqb_bhardlimit = entry->bhardlimit;
219 dquot->dq_dqb.dqb_bsoftlimit = entry->bsoftlimit;
220 dquot->dq_dqb.dqb_ihardlimit = entry->ihardlimit;
221 dquot->dq_dqb.dqb_isoftlimit = entry->isoftlimit;
222
223 if (!dquot->dq_dqb.dqb_bhardlimit &&
224 !dquot->dq_dqb.dqb_bsoftlimit &&
225 !dquot->dq_dqb.dqb_ihardlimit &&
226 !dquot->dq_dqb.dqb_isoftlimit)
227 set_bit(DQ_FAKE_B, &dquot->dq_flags);
228 spin_unlock(&dquot->dq_dqb_lock);
229
230 /* Make sure flags update is visible after dquot has been filled */
231 smp_mb__before_atomic();
232 set_bit(DQ_ACTIVE_B, &dquot->dq_flags);
233 out_unlock:
234 up_write(&dqopt->dqio_sem);
235 mutex_unlock(&dquot->dq_lock);
236 return ret;
237 }
238
shmem_is_empty_dquot(struct dquot * dquot)239 static bool shmem_is_empty_dquot(struct dquot *dquot)
240 {
241 struct shmem_sb_info *sbinfo = dquot->dq_sb->s_fs_info;
242 qsize_t bhardlimit;
243 qsize_t ihardlimit;
244
245 if (dquot->dq_id.type == USRQUOTA) {
246 bhardlimit = sbinfo->qlimits.usrquota_bhardlimit;
247 ihardlimit = sbinfo->qlimits.usrquota_ihardlimit;
248 } else if (dquot->dq_id.type == GRPQUOTA) {
249 bhardlimit = sbinfo->qlimits.grpquota_bhardlimit;
250 ihardlimit = sbinfo->qlimits.grpquota_ihardlimit;
251 }
252
253 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
254 (dquot->dq_dqb.dqb_curspace == 0 &&
255 dquot->dq_dqb.dqb_curinodes == 0 &&
256 dquot->dq_dqb.dqb_bhardlimit == bhardlimit &&
257 dquot->dq_dqb.dqb_ihardlimit == ihardlimit))
258 return true;
259
260 return false;
261 }
262 /*
263 * Store limits from dquot in the tree unless it's fake. If it is fake
264 * remove the id from the tree since there is no useful information in
265 * there.
266 */
shmem_release_dquot(struct dquot * dquot)267 static int shmem_release_dquot(struct dquot *dquot)
268 {
269 struct mem_dqinfo *info = sb_dqinfo(dquot->dq_sb, dquot->dq_id.type);
270 struct rb_node *node;
271 qid_t id = from_kqid(&init_user_ns, dquot->dq_id);
272 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
273 struct quota_id *entry = NULL;
274
275 mutex_lock(&dquot->dq_lock);
276 /* Check whether we are not racing with some other dqget() */
277 if (dquot_is_busy(dquot))
278 goto out_dqlock;
279
280 down_write(&dqopt->dqio_sem);
281 node = ((struct rb_root *)info->dqi_priv)->rb_node;
282 while (node) {
283 entry = rb_entry(node, struct quota_id, node);
284
285 if (id < entry->id)
286 node = node->rb_left;
287 else if (id > entry->id)
288 node = node->rb_right;
289 else
290 goto found;
291 }
292
293 /* We should always find the entry in the rb tree */
294 WARN_ONCE(1, "quota id %u from dquot %p, not in rb tree!\n", id, dquot);
295 up_write(&dqopt->dqio_sem);
296 mutex_unlock(&dquot->dq_lock);
297 return -ENOENT;
298
299 found:
300 if (shmem_is_empty_dquot(dquot)) {
301 /* Remove entry from the tree */
302 rb_erase(&entry->node, info->dqi_priv);
303 kfree(entry);
304 } else {
305 /* Store the limits in the tree */
306 spin_lock(&dquot->dq_dqb_lock);
307 entry->bhardlimit = dquot->dq_dqb.dqb_bhardlimit;
308 entry->bsoftlimit = dquot->dq_dqb.dqb_bsoftlimit;
309 entry->ihardlimit = dquot->dq_dqb.dqb_ihardlimit;
310 entry->isoftlimit = dquot->dq_dqb.dqb_isoftlimit;
311 spin_unlock(&dquot->dq_dqb_lock);
312 }
313
314 clear_bit(DQ_ACTIVE_B, &dquot->dq_flags);
315 up_write(&dqopt->dqio_sem);
316
317 out_dqlock:
318 mutex_unlock(&dquot->dq_lock);
319 return 0;
320 }
321
shmem_mark_dquot_dirty(struct dquot * dquot)322 static int shmem_mark_dquot_dirty(struct dquot *dquot)
323 {
324 return 0;
325 }
326
shmem_dquot_write_info(struct super_block * sb,int type)327 static int shmem_dquot_write_info(struct super_block *sb, int type)
328 {
329 return 0;
330 }
331
332 static const struct quota_format_ops shmem_format_ops = {
333 .check_quota_file = shmem_check_quota_file,
334 .read_file_info = shmem_read_file_info,
335 .write_file_info = shmem_write_file_info,
336 .free_file_info = shmem_free_file_info,
337 };
338
339 struct quota_format_type shmem_quota_format = {
340 .qf_fmt_id = QFMT_SHMEM,
341 .qf_ops = &shmem_format_ops,
342 .qf_owner = THIS_MODULE
343 };
344
345 const struct dquot_operations shmem_quota_operations = {
346 .acquire_dquot = shmem_acquire_dquot,
347 .release_dquot = shmem_release_dquot,
348 .alloc_dquot = dquot_alloc,
349 .destroy_dquot = dquot_destroy,
350 .write_info = shmem_dquot_write_info,
351 .mark_dirty = shmem_mark_dquot_dirty,
352 .get_next_id = shmem_get_next_id,
353 };
354 #endif /* CONFIG_TMPFS_QUOTA */
355