1 /* 2 * Copyright (c) 2000-2005 Silicon Graphics, Inc. 3 * All Rights Reserved. 4 * 5 * This program is free software; you can redistribute it and/or 6 * modify it under the terms of the GNU General Public License as 7 * published by the Free Software Foundation. 8 * 9 * This program is distributed in the hope that it would be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write the Free Software Foundation, 16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 17 */ 18 19 #include <linux/capability.h> 20 21 #include "xfs.h" 22 #include "xfs_fs.h" 23 #include "xfs_bit.h" 24 #include "xfs_log.h" 25 #include "xfs_inum.h" 26 #include "xfs_trans.h" 27 #include "xfs_sb.h" 28 #include "xfs_ag.h" 29 #include "xfs_alloc.h" 30 #include "xfs_quota.h" 31 #include "xfs_mount.h" 32 #include "xfs_bmap_btree.h" 33 #include "xfs_inode.h" 34 #include "xfs_itable.h" 35 #include "xfs_bmap.h" 36 #include "xfs_rtalloc.h" 37 #include "xfs_error.h" 38 #include "xfs_attr.h" 39 #include "xfs_buf_item.h" 40 #include "xfs_utils.h" 41 #include "xfs_qm.h" 42 #include "xfs_trace.h" 43 44 STATIC int xfs_qm_log_quotaoff(xfs_mount_t *, xfs_qoff_logitem_t **, uint); 45 STATIC int xfs_qm_log_quotaoff_end(xfs_mount_t *, xfs_qoff_logitem_t *, 46 uint); 47 STATIC uint xfs_qm_export_flags(uint); 48 STATIC uint xfs_qm_export_qtype_flags(uint); 49 STATIC void xfs_qm_export_dquot(xfs_mount_t *, xfs_disk_dquot_t *, 50 fs_disk_quota_t *); 51 52 53 /* 54 * Turn off quota accounting and/or enforcement for all udquots and/or 55 * gdquots. Called only at unmount time. 56 * 57 * This assumes that there are no dquots of this file system cached 58 * incore, and modifies the ondisk dquot directly. Therefore, for example, 59 * it is an error to call this twice, without purging the cache. 60 */ 61 int 62 xfs_qm_scall_quotaoff( 63 xfs_mount_t *mp, 64 uint flags) 65 { 66 struct xfs_quotainfo *q = mp->m_quotainfo; 67 uint dqtype; 68 int error; 69 uint inactivate_flags; 70 xfs_qoff_logitem_t *qoffstart; 71 int nculprits; 72 73 /* 74 * No file system can have quotas enabled on disk but not in core. 75 * Note that quota utilities (like quotaoff) _expect_ 76 * errno == EEXIST here. 77 */ 78 if ((mp->m_qflags & flags) == 0) 79 return XFS_ERROR(EEXIST); 80 error = 0; 81 82 flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD); 83 84 /* 85 * We don't want to deal with two quotaoffs messing up each other, 86 * so we're going to serialize it. quotaoff isn't exactly a performance 87 * critical thing. 88 * If quotaoff, then we must be dealing with the root filesystem. 89 */ 90 ASSERT(q); 91 mutex_lock(&q->qi_quotaofflock); 92 93 /* 94 * If we're just turning off quota enforcement, change mp and go. 95 */ 96 if ((flags & XFS_ALL_QUOTA_ACCT) == 0) { 97 mp->m_qflags &= ~(flags); 98 99 spin_lock(&mp->m_sb_lock); 100 mp->m_sb.sb_qflags = mp->m_qflags; 101 spin_unlock(&mp->m_sb_lock); 102 mutex_unlock(&q->qi_quotaofflock); 103 104 /* XXX what to do if error ? Revert back to old vals incore ? */ 105 error = xfs_qm_write_sb_changes(mp, XFS_SB_QFLAGS); 106 return (error); 107 } 108 109 dqtype = 0; 110 inactivate_flags = 0; 111 /* 112 * If accounting is off, we must turn enforcement off, clear the 113 * quota 'CHKD' certificate to make it known that we have to 114 * do a quotacheck the next time this quota is turned on. 115 */ 116 if (flags & XFS_UQUOTA_ACCT) { 117 dqtype |= XFS_QMOPT_UQUOTA; 118 flags |= (XFS_UQUOTA_CHKD | XFS_UQUOTA_ENFD); 119 inactivate_flags |= XFS_UQUOTA_ACTIVE; 120 } 121 if (flags & XFS_GQUOTA_ACCT) { 122 dqtype |= XFS_QMOPT_GQUOTA; 123 flags |= (XFS_OQUOTA_CHKD | XFS_OQUOTA_ENFD); 124 inactivate_flags |= XFS_GQUOTA_ACTIVE; 125 } else if (flags & XFS_PQUOTA_ACCT) { 126 dqtype |= XFS_QMOPT_PQUOTA; 127 flags |= (XFS_OQUOTA_CHKD | XFS_OQUOTA_ENFD); 128 inactivate_flags |= XFS_PQUOTA_ACTIVE; 129 } 130 131 /* 132 * Nothing to do? Don't complain. This happens when we're just 133 * turning off quota enforcement. 134 */ 135 if ((mp->m_qflags & flags) == 0) 136 goto out_unlock; 137 138 /* 139 * Write the LI_QUOTAOFF log record, and do SB changes atomically, 140 * and synchronously. If we fail to write, we should abort the 141 * operation as it cannot be recovered safely if we crash. 142 */ 143 error = xfs_qm_log_quotaoff(mp, &qoffstart, flags); 144 if (error) 145 goto out_unlock; 146 147 /* 148 * Next we clear the XFS_MOUNT_*DQ_ACTIVE bit(s) in the mount struct 149 * to take care of the race between dqget and quotaoff. We don't take 150 * any special locks to reset these bits. All processes need to check 151 * these bits *after* taking inode lock(s) to see if the particular 152 * quota type is in the process of being turned off. If *ACTIVE, it is 153 * guaranteed that all dquot structures and all quotainode ptrs will all 154 * stay valid as long as that inode is kept locked. 155 * 156 * There is no turning back after this. 157 */ 158 mp->m_qflags &= ~inactivate_flags; 159 160 /* 161 * Give back all the dquot reference(s) held by inodes. 162 * Here we go thru every single incore inode in this file system, and 163 * do a dqrele on the i_udquot/i_gdquot that it may have. 164 * Essentially, as long as somebody has an inode locked, this guarantees 165 * that quotas will not be turned off. This is handy because in a 166 * transaction once we lock the inode(s) and check for quotaon, we can 167 * depend on the quota inodes (and other things) being valid as long as 168 * we keep the lock(s). 169 */ 170 xfs_qm_dqrele_all_inodes(mp, flags); 171 172 /* 173 * Next we make the changes in the quota flag in the mount struct. 174 * This isn't protected by a particular lock directly, because we 175 * don't want to take a mrlock every time we depend on quotas being on. 176 */ 177 mp->m_qflags &= ~(flags); 178 179 /* 180 * Go through all the dquots of this file system and purge them, 181 * according to what was turned off. We may not be able to get rid 182 * of all dquots, because dquots can have temporary references that 183 * are not attached to inodes. eg. xfs_setattr, xfs_create. 184 * So, if we couldn't purge all the dquots from the filesystem, 185 * we can't get rid of the incore data structures. 186 */ 187 while ((nculprits = xfs_qm_dqpurge_all(mp, dqtype))) 188 delay(10 * nculprits); 189 190 /* 191 * Transactions that had started before ACTIVE state bit was cleared 192 * could have logged many dquots, so they'd have higher LSNs than 193 * the first QUOTAOFF log record does. If we happen to crash when 194 * the tail of the log has gone past the QUOTAOFF record, but 195 * before the last dquot modification, those dquots __will__ 196 * recover, and that's not good. 197 * 198 * So, we have QUOTAOFF start and end logitems; the start 199 * logitem won't get overwritten until the end logitem appears... 200 */ 201 error = xfs_qm_log_quotaoff_end(mp, qoffstart, flags); 202 if (error) { 203 /* We're screwed now. Shutdown is the only option. */ 204 xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_INCORE); 205 goto out_unlock; 206 } 207 208 /* 209 * If quotas is completely disabled, close shop. 210 */ 211 if (((flags & XFS_MOUNT_QUOTA_ALL) == XFS_MOUNT_QUOTA_SET1) || 212 ((flags & XFS_MOUNT_QUOTA_ALL) == XFS_MOUNT_QUOTA_SET2)) { 213 mutex_unlock(&q->qi_quotaofflock); 214 xfs_qm_destroy_quotainfo(mp); 215 return (0); 216 } 217 218 /* 219 * Release our quotainode references if we don't need them anymore. 220 */ 221 if ((dqtype & XFS_QMOPT_UQUOTA) && q->qi_uquotaip) { 222 IRELE(q->qi_uquotaip); 223 q->qi_uquotaip = NULL; 224 } 225 if ((dqtype & (XFS_QMOPT_GQUOTA|XFS_QMOPT_PQUOTA)) && q->qi_gquotaip) { 226 IRELE(q->qi_gquotaip); 227 q->qi_gquotaip = NULL; 228 } 229 230 out_unlock: 231 mutex_unlock(&q->qi_quotaofflock); 232 return error; 233 } 234 235 STATIC int 236 xfs_qm_scall_trunc_qfile( 237 struct xfs_mount *mp, 238 xfs_ino_t ino) 239 { 240 struct xfs_inode *ip; 241 struct xfs_trans *tp; 242 int error; 243 244 if (ino == NULLFSINO) 245 return 0; 246 247 error = xfs_iget(mp, NULL, ino, 0, 0, &ip); 248 if (error) 249 return error; 250 251 xfs_ilock(ip, XFS_IOLOCK_EXCL); 252 253 tp = xfs_trans_alloc(mp, XFS_TRANS_TRUNCATE_FILE); 254 error = xfs_trans_reserve(tp, 0, XFS_ITRUNCATE_LOG_RES(mp), 0, 255 XFS_TRANS_PERM_LOG_RES, 256 XFS_ITRUNCATE_LOG_COUNT); 257 if (error) { 258 xfs_trans_cancel(tp, 0); 259 xfs_iunlock(ip, XFS_IOLOCK_EXCL); 260 goto out_put; 261 } 262 263 xfs_ilock(ip, XFS_ILOCK_EXCL); 264 xfs_trans_ijoin(tp, ip, 0); 265 266 error = xfs_itruncate_data(&tp, ip, 0); 267 if (error) { 268 xfs_trans_cancel(tp, XFS_TRANS_RELEASE_LOG_RES | 269 XFS_TRANS_ABORT); 270 goto out_unlock; 271 } 272 273 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_MOD | XFS_ICHGTIME_CHG); 274 error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES); 275 276 out_unlock: 277 xfs_iunlock(ip, XFS_ILOCK_EXCL | XFS_IOLOCK_EXCL); 278 out_put: 279 IRELE(ip); 280 return error; 281 } 282 283 int 284 xfs_qm_scall_trunc_qfiles( 285 xfs_mount_t *mp, 286 uint flags) 287 { 288 int error = 0, error2 = 0; 289 290 if (!xfs_sb_version_hasquota(&mp->m_sb) || flags == 0) { 291 xfs_debug(mp, "%s: flags=%x m_qflags=%x\n", 292 __func__, flags, mp->m_qflags); 293 return XFS_ERROR(EINVAL); 294 } 295 296 if (flags & XFS_DQ_USER) 297 error = xfs_qm_scall_trunc_qfile(mp, mp->m_sb.sb_uquotino); 298 if (flags & (XFS_DQ_GROUP|XFS_DQ_PROJ)) 299 error2 = xfs_qm_scall_trunc_qfile(mp, mp->m_sb.sb_gquotino); 300 301 return error ? error : error2; 302 } 303 304 /* 305 * Switch on (a given) quota enforcement for a filesystem. This takes 306 * effect immediately. 307 * (Switching on quota accounting must be done at mount time.) 308 */ 309 int 310 xfs_qm_scall_quotaon( 311 xfs_mount_t *mp, 312 uint flags) 313 { 314 int error; 315 uint qf; 316 __int64_t sbflags; 317 318 flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD); 319 /* 320 * Switching on quota accounting must be done at mount time. 321 */ 322 flags &= ~(XFS_ALL_QUOTA_ACCT); 323 324 sbflags = 0; 325 326 if (flags == 0) { 327 xfs_debug(mp, "%s: zero flags, m_qflags=%x\n", 328 __func__, mp->m_qflags); 329 return XFS_ERROR(EINVAL); 330 } 331 332 /* No fs can turn on quotas with a delayed effect */ 333 ASSERT((flags & XFS_ALL_QUOTA_ACCT) == 0); 334 335 /* 336 * Can't enforce without accounting. We check the superblock 337 * qflags here instead of m_qflags because rootfs can have 338 * quota acct on ondisk without m_qflags' knowing. 339 */ 340 if (((flags & XFS_UQUOTA_ACCT) == 0 && 341 (mp->m_sb.sb_qflags & XFS_UQUOTA_ACCT) == 0 && 342 (flags & XFS_UQUOTA_ENFD)) 343 || 344 ((flags & XFS_PQUOTA_ACCT) == 0 && 345 (mp->m_sb.sb_qflags & XFS_PQUOTA_ACCT) == 0 && 346 (flags & XFS_GQUOTA_ACCT) == 0 && 347 (mp->m_sb.sb_qflags & XFS_GQUOTA_ACCT) == 0 && 348 (flags & XFS_OQUOTA_ENFD))) { 349 xfs_debug(mp, 350 "%s: Can't enforce without acct, flags=%x sbflags=%x\n", 351 __func__, flags, mp->m_sb.sb_qflags); 352 return XFS_ERROR(EINVAL); 353 } 354 /* 355 * If everything's up to-date incore, then don't waste time. 356 */ 357 if ((mp->m_qflags & flags) == flags) 358 return XFS_ERROR(EEXIST); 359 360 /* 361 * Change sb_qflags on disk but not incore mp->qflags 362 * if this is the root filesystem. 363 */ 364 spin_lock(&mp->m_sb_lock); 365 qf = mp->m_sb.sb_qflags; 366 mp->m_sb.sb_qflags = qf | flags; 367 spin_unlock(&mp->m_sb_lock); 368 369 /* 370 * There's nothing to change if it's the same. 371 */ 372 if ((qf & flags) == flags && sbflags == 0) 373 return XFS_ERROR(EEXIST); 374 sbflags |= XFS_SB_QFLAGS; 375 376 if ((error = xfs_qm_write_sb_changes(mp, sbflags))) 377 return (error); 378 /* 379 * If we aren't trying to switch on quota enforcement, we are done. 380 */ 381 if (((mp->m_sb.sb_qflags & XFS_UQUOTA_ACCT) != 382 (mp->m_qflags & XFS_UQUOTA_ACCT)) || 383 ((mp->m_sb.sb_qflags & XFS_PQUOTA_ACCT) != 384 (mp->m_qflags & XFS_PQUOTA_ACCT)) || 385 ((mp->m_sb.sb_qflags & XFS_GQUOTA_ACCT) != 386 (mp->m_qflags & XFS_GQUOTA_ACCT)) || 387 (flags & XFS_ALL_QUOTA_ENFD) == 0) 388 return (0); 389 390 if (! XFS_IS_QUOTA_RUNNING(mp)) 391 return XFS_ERROR(ESRCH); 392 393 /* 394 * Switch on quota enforcement in core. 395 */ 396 mutex_lock(&mp->m_quotainfo->qi_quotaofflock); 397 mp->m_qflags |= (flags & XFS_ALL_QUOTA_ENFD); 398 mutex_unlock(&mp->m_quotainfo->qi_quotaofflock); 399 400 return (0); 401 } 402 403 404 /* 405 * Return quota status information, such as uquota-off, enforcements, etc. 406 */ 407 int 408 xfs_qm_scall_getqstat( 409 struct xfs_mount *mp, 410 struct fs_quota_stat *out) 411 { 412 struct xfs_quotainfo *q = mp->m_quotainfo; 413 struct xfs_inode *uip, *gip; 414 boolean_t tempuqip, tempgqip; 415 416 uip = gip = NULL; 417 tempuqip = tempgqip = B_FALSE; 418 memset(out, 0, sizeof(fs_quota_stat_t)); 419 420 out->qs_version = FS_QSTAT_VERSION; 421 if (!xfs_sb_version_hasquota(&mp->m_sb)) { 422 out->qs_uquota.qfs_ino = NULLFSINO; 423 out->qs_gquota.qfs_ino = NULLFSINO; 424 return (0); 425 } 426 out->qs_flags = (__uint16_t) xfs_qm_export_flags(mp->m_qflags & 427 (XFS_ALL_QUOTA_ACCT| 428 XFS_ALL_QUOTA_ENFD)); 429 out->qs_pad = 0; 430 out->qs_uquota.qfs_ino = mp->m_sb.sb_uquotino; 431 out->qs_gquota.qfs_ino = mp->m_sb.sb_gquotino; 432 433 if (q) { 434 uip = q->qi_uquotaip; 435 gip = q->qi_gquotaip; 436 } 437 if (!uip && mp->m_sb.sb_uquotino != NULLFSINO) { 438 if (xfs_iget(mp, NULL, mp->m_sb.sb_uquotino, 439 0, 0, &uip) == 0) 440 tempuqip = B_TRUE; 441 } 442 if (!gip && mp->m_sb.sb_gquotino != NULLFSINO) { 443 if (xfs_iget(mp, NULL, mp->m_sb.sb_gquotino, 444 0, 0, &gip) == 0) 445 tempgqip = B_TRUE; 446 } 447 if (uip) { 448 out->qs_uquota.qfs_nblks = uip->i_d.di_nblocks; 449 out->qs_uquota.qfs_nextents = uip->i_d.di_nextents; 450 if (tempuqip) 451 IRELE(uip); 452 } 453 if (gip) { 454 out->qs_gquota.qfs_nblks = gip->i_d.di_nblocks; 455 out->qs_gquota.qfs_nextents = gip->i_d.di_nextents; 456 if (tempgqip) 457 IRELE(gip); 458 } 459 if (q) { 460 out->qs_incoredqs = q->qi_dquots; 461 out->qs_btimelimit = q->qi_btimelimit; 462 out->qs_itimelimit = q->qi_itimelimit; 463 out->qs_rtbtimelimit = q->qi_rtbtimelimit; 464 out->qs_bwarnlimit = q->qi_bwarnlimit; 465 out->qs_iwarnlimit = q->qi_iwarnlimit; 466 } 467 return 0; 468 } 469 470 #define XFS_DQ_MASK \ 471 (FS_DQ_LIMIT_MASK | FS_DQ_TIMER_MASK | FS_DQ_WARNS_MASK) 472 473 /* 474 * Adjust quota limits, and start/stop timers accordingly. 475 */ 476 int 477 xfs_qm_scall_setqlim( 478 xfs_mount_t *mp, 479 xfs_dqid_t id, 480 uint type, 481 fs_disk_quota_t *newlim) 482 { 483 struct xfs_quotainfo *q = mp->m_quotainfo; 484 xfs_disk_dquot_t *ddq; 485 xfs_dquot_t *dqp; 486 xfs_trans_t *tp; 487 int error; 488 xfs_qcnt_t hard, soft; 489 490 if (newlim->d_fieldmask & ~XFS_DQ_MASK) 491 return EINVAL; 492 if ((newlim->d_fieldmask & XFS_DQ_MASK) == 0) 493 return 0; 494 495 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_SETQLIM); 496 if ((error = xfs_trans_reserve(tp, 0, sizeof(xfs_disk_dquot_t) + 128, 497 0, 0, XFS_DEFAULT_LOG_COUNT))) { 498 xfs_trans_cancel(tp, 0); 499 return (error); 500 } 501 502 /* 503 * We don't want to race with a quotaoff so take the quotaoff lock. 504 * (We don't hold an inode lock, so there's nothing else to stop 505 * a quotaoff from happening). (XXXThis doesn't currently happen 506 * because we take the vfslock before calling xfs_qm_sysent). 507 */ 508 mutex_lock(&q->qi_quotaofflock); 509 510 /* 511 * Get the dquot (locked), and join it to the transaction. 512 * Allocate the dquot if this doesn't exist. 513 */ 514 if ((error = xfs_qm_dqget(mp, NULL, id, type, XFS_QMOPT_DQALLOC, &dqp))) { 515 xfs_trans_cancel(tp, XFS_TRANS_ABORT); 516 ASSERT(error != ENOENT); 517 goto out_unlock; 518 } 519 xfs_trans_dqjoin(tp, dqp); 520 ddq = &dqp->q_core; 521 522 /* 523 * Make sure that hardlimits are >= soft limits before changing. 524 */ 525 hard = (newlim->d_fieldmask & FS_DQ_BHARD) ? 526 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_blk_hardlimit) : 527 be64_to_cpu(ddq->d_blk_hardlimit); 528 soft = (newlim->d_fieldmask & FS_DQ_BSOFT) ? 529 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_blk_softlimit) : 530 be64_to_cpu(ddq->d_blk_softlimit); 531 if (hard == 0 || hard >= soft) { 532 ddq->d_blk_hardlimit = cpu_to_be64(hard); 533 ddq->d_blk_softlimit = cpu_to_be64(soft); 534 if (id == 0) { 535 q->qi_bhardlimit = hard; 536 q->qi_bsoftlimit = soft; 537 } 538 } else { 539 xfs_debug(mp, "blkhard %Ld < blksoft %Ld\n", hard, soft); 540 } 541 hard = (newlim->d_fieldmask & FS_DQ_RTBHARD) ? 542 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_rtb_hardlimit) : 543 be64_to_cpu(ddq->d_rtb_hardlimit); 544 soft = (newlim->d_fieldmask & FS_DQ_RTBSOFT) ? 545 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_rtb_softlimit) : 546 be64_to_cpu(ddq->d_rtb_softlimit); 547 if (hard == 0 || hard >= soft) { 548 ddq->d_rtb_hardlimit = cpu_to_be64(hard); 549 ddq->d_rtb_softlimit = cpu_to_be64(soft); 550 if (id == 0) { 551 q->qi_rtbhardlimit = hard; 552 q->qi_rtbsoftlimit = soft; 553 } 554 } else { 555 xfs_debug(mp, "rtbhard %Ld < rtbsoft %Ld\n", hard, soft); 556 } 557 558 hard = (newlim->d_fieldmask & FS_DQ_IHARD) ? 559 (xfs_qcnt_t) newlim->d_ino_hardlimit : 560 be64_to_cpu(ddq->d_ino_hardlimit); 561 soft = (newlim->d_fieldmask & FS_DQ_ISOFT) ? 562 (xfs_qcnt_t) newlim->d_ino_softlimit : 563 be64_to_cpu(ddq->d_ino_softlimit); 564 if (hard == 0 || hard >= soft) { 565 ddq->d_ino_hardlimit = cpu_to_be64(hard); 566 ddq->d_ino_softlimit = cpu_to_be64(soft); 567 if (id == 0) { 568 q->qi_ihardlimit = hard; 569 q->qi_isoftlimit = soft; 570 } 571 } else { 572 xfs_debug(mp, "ihard %Ld < isoft %Ld\n", hard, soft); 573 } 574 575 /* 576 * Update warnings counter(s) if requested 577 */ 578 if (newlim->d_fieldmask & FS_DQ_BWARNS) 579 ddq->d_bwarns = cpu_to_be16(newlim->d_bwarns); 580 if (newlim->d_fieldmask & FS_DQ_IWARNS) 581 ddq->d_iwarns = cpu_to_be16(newlim->d_iwarns); 582 if (newlim->d_fieldmask & FS_DQ_RTBWARNS) 583 ddq->d_rtbwarns = cpu_to_be16(newlim->d_rtbwarns); 584 585 if (id == 0) { 586 /* 587 * Timelimits for the super user set the relative time 588 * the other users can be over quota for this file system. 589 * If it is zero a default is used. Ditto for the default 590 * soft and hard limit values (already done, above), and 591 * for warnings. 592 */ 593 if (newlim->d_fieldmask & FS_DQ_BTIMER) { 594 q->qi_btimelimit = newlim->d_btimer; 595 ddq->d_btimer = cpu_to_be32(newlim->d_btimer); 596 } 597 if (newlim->d_fieldmask & FS_DQ_ITIMER) { 598 q->qi_itimelimit = newlim->d_itimer; 599 ddq->d_itimer = cpu_to_be32(newlim->d_itimer); 600 } 601 if (newlim->d_fieldmask & FS_DQ_RTBTIMER) { 602 q->qi_rtbtimelimit = newlim->d_rtbtimer; 603 ddq->d_rtbtimer = cpu_to_be32(newlim->d_rtbtimer); 604 } 605 if (newlim->d_fieldmask & FS_DQ_BWARNS) 606 q->qi_bwarnlimit = newlim->d_bwarns; 607 if (newlim->d_fieldmask & FS_DQ_IWARNS) 608 q->qi_iwarnlimit = newlim->d_iwarns; 609 if (newlim->d_fieldmask & FS_DQ_RTBWARNS) 610 q->qi_rtbwarnlimit = newlim->d_rtbwarns; 611 } else { 612 /* 613 * If the user is now over quota, start the timelimit. 614 * The user will not be 'warned'. 615 * Note that we keep the timers ticking, whether enforcement 616 * is on or off. We don't really want to bother with iterating 617 * over all ondisk dquots and turning the timers on/off. 618 */ 619 xfs_qm_adjust_dqtimers(mp, ddq); 620 } 621 dqp->dq_flags |= XFS_DQ_DIRTY; 622 xfs_trans_log_dquot(tp, dqp); 623 624 error = xfs_trans_commit(tp, 0); 625 xfs_qm_dqrele(dqp); 626 627 out_unlock: 628 mutex_unlock(&q->qi_quotaofflock); 629 return error; 630 } 631 632 int 633 xfs_qm_scall_getquota( 634 xfs_mount_t *mp, 635 xfs_dqid_t id, 636 uint type, 637 fs_disk_quota_t *out) 638 { 639 xfs_dquot_t *dqp; 640 int error; 641 642 /* 643 * Try to get the dquot. We don't want it allocated on disk, so 644 * we aren't passing the XFS_QMOPT_DOALLOC flag. If it doesn't 645 * exist, we'll get ENOENT back. 646 */ 647 if ((error = xfs_qm_dqget(mp, NULL, id, type, 0, &dqp))) { 648 return (error); 649 } 650 651 /* 652 * If everything's NULL, this dquot doesn't quite exist as far as 653 * our utility programs are concerned. 654 */ 655 if (XFS_IS_DQUOT_UNINITIALIZED(dqp)) { 656 xfs_qm_dqput(dqp); 657 return XFS_ERROR(ENOENT); 658 } 659 /* 660 * Convert the disk dquot to the exportable format 661 */ 662 xfs_qm_export_dquot(mp, &dqp->q_core, out); 663 xfs_qm_dqput(dqp); 664 return (error ? XFS_ERROR(EFAULT) : 0); 665 } 666 667 668 STATIC int 669 xfs_qm_log_quotaoff_end( 670 xfs_mount_t *mp, 671 xfs_qoff_logitem_t *startqoff, 672 uint flags) 673 { 674 xfs_trans_t *tp; 675 int error; 676 xfs_qoff_logitem_t *qoffi; 677 678 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QUOTAOFF_END); 679 680 if ((error = xfs_trans_reserve(tp, 0, sizeof(xfs_qoff_logitem_t) * 2, 681 0, 0, XFS_DEFAULT_LOG_COUNT))) { 682 xfs_trans_cancel(tp, 0); 683 return (error); 684 } 685 686 qoffi = xfs_trans_get_qoff_item(tp, startqoff, 687 flags & XFS_ALL_QUOTA_ACCT); 688 xfs_trans_log_quotaoff_item(tp, qoffi); 689 690 /* 691 * We have to make sure that the transaction is secure on disk before we 692 * return and actually stop quota accounting. So, make it synchronous. 693 * We don't care about quotoff's performance. 694 */ 695 xfs_trans_set_sync(tp); 696 error = xfs_trans_commit(tp, 0); 697 return (error); 698 } 699 700 701 STATIC int 702 xfs_qm_log_quotaoff( 703 xfs_mount_t *mp, 704 xfs_qoff_logitem_t **qoffstartp, 705 uint flags) 706 { 707 xfs_trans_t *tp; 708 int error; 709 xfs_qoff_logitem_t *qoffi=NULL; 710 uint oldsbqflag=0; 711 712 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QUOTAOFF); 713 if ((error = xfs_trans_reserve(tp, 0, 714 sizeof(xfs_qoff_logitem_t) * 2 + 715 mp->m_sb.sb_sectsize + 128, 716 0, 717 0, 718 XFS_DEFAULT_LOG_COUNT))) { 719 goto error0; 720 } 721 722 qoffi = xfs_trans_get_qoff_item(tp, NULL, flags & XFS_ALL_QUOTA_ACCT); 723 xfs_trans_log_quotaoff_item(tp, qoffi); 724 725 spin_lock(&mp->m_sb_lock); 726 oldsbqflag = mp->m_sb.sb_qflags; 727 mp->m_sb.sb_qflags = (mp->m_qflags & ~(flags)) & XFS_MOUNT_QUOTA_ALL; 728 spin_unlock(&mp->m_sb_lock); 729 730 xfs_mod_sb(tp, XFS_SB_QFLAGS); 731 732 /* 733 * We have to make sure that the transaction is secure on disk before we 734 * return and actually stop quota accounting. So, make it synchronous. 735 * We don't care about quotoff's performance. 736 */ 737 xfs_trans_set_sync(tp); 738 error = xfs_trans_commit(tp, 0); 739 740 error0: 741 if (error) { 742 xfs_trans_cancel(tp, 0); 743 /* 744 * No one else is modifying sb_qflags, so this is OK. 745 * We still hold the quotaofflock. 746 */ 747 spin_lock(&mp->m_sb_lock); 748 mp->m_sb.sb_qflags = oldsbqflag; 749 spin_unlock(&mp->m_sb_lock); 750 } 751 *qoffstartp = qoffi; 752 return (error); 753 } 754 755 756 /* 757 * Translate an internal style on-disk-dquot to the exportable format. 758 * The main differences are that the counters/limits are all in Basic 759 * Blocks (BBs) instead of the internal FSBs, and all on-disk data has 760 * to be converted to the native endianness. 761 */ 762 STATIC void 763 xfs_qm_export_dquot( 764 xfs_mount_t *mp, 765 xfs_disk_dquot_t *src, 766 struct fs_disk_quota *dst) 767 { 768 memset(dst, 0, sizeof(*dst)); 769 dst->d_version = FS_DQUOT_VERSION; /* different from src->d_version */ 770 dst->d_flags = xfs_qm_export_qtype_flags(src->d_flags); 771 dst->d_id = be32_to_cpu(src->d_id); 772 dst->d_blk_hardlimit = 773 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_blk_hardlimit)); 774 dst->d_blk_softlimit = 775 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_blk_softlimit)); 776 dst->d_ino_hardlimit = be64_to_cpu(src->d_ino_hardlimit); 777 dst->d_ino_softlimit = be64_to_cpu(src->d_ino_softlimit); 778 dst->d_bcount = XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_bcount)); 779 dst->d_icount = be64_to_cpu(src->d_icount); 780 dst->d_btimer = be32_to_cpu(src->d_btimer); 781 dst->d_itimer = be32_to_cpu(src->d_itimer); 782 dst->d_iwarns = be16_to_cpu(src->d_iwarns); 783 dst->d_bwarns = be16_to_cpu(src->d_bwarns); 784 dst->d_rtb_hardlimit = 785 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_rtb_hardlimit)); 786 dst->d_rtb_softlimit = 787 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_rtb_softlimit)); 788 dst->d_rtbcount = XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_rtbcount)); 789 dst->d_rtbtimer = be32_to_cpu(src->d_rtbtimer); 790 dst->d_rtbwarns = be16_to_cpu(src->d_rtbwarns); 791 792 /* 793 * Internally, we don't reset all the timers when quota enforcement 794 * gets turned off. No need to confuse the user level code, 795 * so return zeroes in that case. 796 */ 797 if ((!XFS_IS_UQUOTA_ENFORCED(mp) && src->d_flags == XFS_DQ_USER) || 798 (!XFS_IS_OQUOTA_ENFORCED(mp) && 799 (src->d_flags & (XFS_DQ_PROJ | XFS_DQ_GROUP)))) { 800 dst->d_btimer = 0; 801 dst->d_itimer = 0; 802 dst->d_rtbtimer = 0; 803 } 804 805 #ifdef DEBUG 806 if (((XFS_IS_UQUOTA_ENFORCED(mp) && dst->d_flags == FS_USER_QUOTA) || 807 (XFS_IS_OQUOTA_ENFORCED(mp) && 808 (dst->d_flags & (FS_PROJ_QUOTA | FS_GROUP_QUOTA)))) && 809 dst->d_id != 0) { 810 if (((int) dst->d_bcount >= (int) dst->d_blk_softlimit) && 811 (dst->d_blk_softlimit > 0)) { 812 ASSERT(dst->d_btimer != 0); 813 } 814 if (((int) dst->d_icount >= (int) dst->d_ino_softlimit) && 815 (dst->d_ino_softlimit > 0)) { 816 ASSERT(dst->d_itimer != 0); 817 } 818 } 819 #endif 820 } 821 822 STATIC uint 823 xfs_qm_export_qtype_flags( 824 uint flags) 825 { 826 /* 827 * Can't be more than one, or none. 828 */ 829 ASSERT((flags & (FS_PROJ_QUOTA | FS_USER_QUOTA)) != 830 (FS_PROJ_QUOTA | FS_USER_QUOTA)); 831 ASSERT((flags & (FS_PROJ_QUOTA | FS_GROUP_QUOTA)) != 832 (FS_PROJ_QUOTA | FS_GROUP_QUOTA)); 833 ASSERT((flags & (FS_USER_QUOTA | FS_GROUP_QUOTA)) != 834 (FS_USER_QUOTA | FS_GROUP_QUOTA)); 835 ASSERT((flags & (FS_PROJ_QUOTA|FS_USER_QUOTA|FS_GROUP_QUOTA)) != 0); 836 837 return (flags & XFS_DQ_USER) ? 838 FS_USER_QUOTA : (flags & XFS_DQ_PROJ) ? 839 FS_PROJ_QUOTA : FS_GROUP_QUOTA; 840 } 841 842 STATIC uint 843 xfs_qm_export_flags( 844 uint flags) 845 { 846 uint uflags; 847 848 uflags = 0; 849 if (flags & XFS_UQUOTA_ACCT) 850 uflags |= FS_QUOTA_UDQ_ACCT; 851 if (flags & XFS_PQUOTA_ACCT) 852 uflags |= FS_QUOTA_PDQ_ACCT; 853 if (flags & XFS_GQUOTA_ACCT) 854 uflags |= FS_QUOTA_GDQ_ACCT; 855 if (flags & XFS_UQUOTA_ENFD) 856 uflags |= FS_QUOTA_UDQ_ENFD; 857 if (flags & (XFS_OQUOTA_ENFD)) { 858 uflags |= (flags & XFS_GQUOTA_ACCT) ? 859 FS_QUOTA_GDQ_ENFD : FS_QUOTA_PDQ_ENFD; 860 } 861 return (uflags); 862 } 863 864 865 STATIC int 866 xfs_dqrele_inode( 867 struct xfs_inode *ip, 868 struct xfs_perag *pag, 869 int flags) 870 { 871 /* skip quota inodes */ 872 if (ip == ip->i_mount->m_quotainfo->qi_uquotaip || 873 ip == ip->i_mount->m_quotainfo->qi_gquotaip) { 874 ASSERT(ip->i_udquot == NULL); 875 ASSERT(ip->i_gdquot == NULL); 876 return 0; 877 } 878 879 xfs_ilock(ip, XFS_ILOCK_EXCL); 880 if ((flags & XFS_UQUOTA_ACCT) && ip->i_udquot) { 881 xfs_qm_dqrele(ip->i_udquot); 882 ip->i_udquot = NULL; 883 } 884 if (flags & (XFS_PQUOTA_ACCT|XFS_GQUOTA_ACCT) && ip->i_gdquot) { 885 xfs_qm_dqrele(ip->i_gdquot); 886 ip->i_gdquot = NULL; 887 } 888 xfs_iunlock(ip, XFS_ILOCK_EXCL); 889 return 0; 890 } 891 892 893 /* 894 * Go thru all the inodes in the file system, releasing their dquots. 895 * 896 * Note that the mount structure gets modified to indicate that quotas are off 897 * AFTER this, in the case of quotaoff. 898 */ 899 void 900 xfs_qm_dqrele_all_inodes( 901 struct xfs_mount *mp, 902 uint flags) 903 { 904 ASSERT(mp->m_quotainfo); 905 xfs_inode_ag_iterator(mp, xfs_dqrele_inode, flags); 906 } 907