1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Implementation of the diskquota system for the LINUX operating system. QUOTA
4 * is implemented using the BSD system call interface as the means of
5 * communication with the user level. This file contains the generic routines
6 * called by the different filesystems on allocation of an inode or block.
7 * These routines take care of the administration needed to have a consistent
8 * diskquota tracking system. The ideas of both user and group quotas are based
9 * on the Melbourne quota system as used on BSD derived systems. The internal
10 * implementation is based on one of the several variants of the LINUX
11 * inode-subsystem with added complexity of the diskquota system.
12 *
13 * Author: Marco van Wieringen <mvw@planets.elm.net>
14 *
15 * Fixes: Dmitry Gorodchanin <pgmdsg@ibi.com>, 11 Feb 96
16 *
17 * Revised list management to avoid races
18 * -- Bill Hawes, <whawes@star.net>, 9/98
19 *
20 * Fixed races in dquot_transfer(), dqget() and dquot_alloc_...().
21 * As the consequence the locking was moved from dquot_decr_...(),
22 * dquot_incr_...() to calling functions.
23 * invalidate_dquots() now writes modified dquots.
24 * Serialized quota_off() and quota_on() for mount point.
25 * Fixed a few bugs in grow_dquots().
26 * Fixed deadlock in write_dquot() - we no longer account quotas on
27 * quota files
28 * remove_dquot_ref() moved to inode.c - it now traverses through inodes
29 * add_dquot_ref() restarts after blocking
30 * Added check for bogus uid and fixed check for group in quotactl.
31 * Jan Kara, <jack@suse.cz>, sponsored by SuSE CR, 10-11/99
32 *
33 * Used struct list_head instead of own list struct
34 * Invalidation of referenced dquots is no longer possible
35 * Improved free_dquots list management
36 * Quota and i_blocks are now updated in one place to avoid races
37 * Warnings are now delayed so we won't block in critical section
38 * Write updated not to require dquot lock
39 * Jan Kara, <jack@suse.cz>, 9/2000
40 *
41 * Added dynamic quota structure allocation
42 * Jan Kara <jack@suse.cz> 12/2000
43 *
44 * Rewritten quota interface. Implemented new quota format and
45 * formats registering.
46 * Jan Kara, <jack@suse.cz>, 2001,2002
47 *
48 * New SMP locking.
49 * Jan Kara, <jack@suse.cz>, 10/2002
50 *
51 * Added journalled quota support, fix lock inversion problems
52 * Jan Kara, <jack@suse.cz>, 2003,2004
53 *
54 * (C) Copyright 1994 - 1997 Marco van Wieringen
55 */
56
57 #include <linux/errno.h>
58 #include <linux/kernel.h>
59 #include <linux/fs.h>
60 #include <linux/mount.h>
61 #include <linux/mm.h>
62 #include <linux/time.h>
63 #include <linux/types.h>
64 #include <linux/string.h>
65 #include <linux/fcntl.h>
66 #include <linux/stat.h>
67 #include <linux/tty.h>
68 #include <linux/file.h>
69 #include <linux/slab.h>
70 #include <linux/sysctl.h>
71 #include <linux/init.h>
72 #include <linux/module.h>
73 #include <linux/proc_fs.h>
74 #include <linux/security.h>
75 #include <linux/sched.h>
76 #include <linux/cred.h>
77 #include <linux/kmod.h>
78 #include <linux/namei.h>
79 #include <linux/capability.h>
80 #include <linux/quotaops.h>
81 #include "../internal.h" /* ugh */
82
83 #include <linux/uaccess.h>
84
85 /*
86 * There are five quota SMP locks:
87 * * dq_list_lock protects all lists with quotas and quota formats.
88 * * dquot->dq_dqb_lock protects data from dq_dqb
89 * * inode->i_lock protects inode->i_blocks, i_bytes and also guards
90 * consistency of dquot->dq_dqb with inode->i_blocks, i_bytes so that
91 * dquot_transfer() can stabilize amount it transfers
92 * * dq_data_lock protects mem_dqinfo structures and modifications of dquot
93 * pointers in the inode
94 * * dq_state_lock protects modifications of quota state (on quotaon and
95 * quotaoff) and readers who care about latest values take it as well.
96 *
97 * The spinlock ordering is hence:
98 * dq_data_lock > dq_list_lock > i_lock > dquot->dq_dqb_lock,
99 * dq_list_lock > dq_state_lock
100 *
101 * Note that some things (eg. sb pointer, type, id) doesn't change during
102 * the life of the dquot structure and so needn't to be protected by a lock
103 *
104 * Operation accessing dquots via inode pointers are protected by dquot_srcu.
105 * Operation of reading pointer needs srcu_read_lock(&dquot_srcu), and
106 * synchronize_srcu(&dquot_srcu) is called after clearing pointers from
107 * inode and before dropping dquot references to avoid use of dquots after
108 * they are freed. dq_data_lock is used to serialize the pointer setting and
109 * clearing operations.
110 * Special care needs to be taken about S_NOQUOTA inode flag (marking that
111 * inode is a quota file). Functions adding pointers from inode to dquots have
112 * to check this flag under dq_data_lock and then (if S_NOQUOTA is not set) they
113 * have to do all pointer modifications before dropping dq_data_lock. This makes
114 * sure they cannot race with quotaon which first sets S_NOQUOTA flag and
115 * then drops all pointers to dquots from an inode.
116 *
117 * Each dquot has its dq_lock mutex. Dquot is locked when it is being read to
118 * memory (or space for it is being allocated) on the first dqget(), when it is
119 * being written out, and when it is being released on the last dqput(). The
120 * allocation and release operations are serialized by the dq_lock and by
121 * checking the use count in dquot_release().
122 *
123 * Lock ordering (including related VFS locks) is the following:
124 * s_umount > i_mutex > journal_lock > dquot->dq_lock > dqio_sem
125 */
126
127 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_list_lock);
128 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_state_lock);
129 __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_data_lock);
130 EXPORT_SYMBOL(dq_data_lock);
131 DEFINE_STATIC_SRCU(dquot_srcu);
132
133 static DECLARE_WAIT_QUEUE_HEAD(dquot_ref_wq);
134
__quota_error(struct super_block * sb,const char * func,const char * fmt,...)135 void __quota_error(struct super_block *sb, const char *func,
136 const char *fmt, ...)
137 {
138 if (printk_ratelimit()) {
139 va_list args;
140 struct va_format vaf;
141
142 va_start(args, fmt);
143
144 vaf.fmt = fmt;
145 vaf.va = &args;
146
147 printk(KERN_ERR "Quota error (device %s): %s: %pV\n",
148 sb->s_id, func, &vaf);
149
150 va_end(args);
151 }
152 }
153 EXPORT_SYMBOL(__quota_error);
154
155 #if defined(CONFIG_QUOTA_DEBUG) || defined(CONFIG_PRINT_QUOTA_WARNING)
156 static char *quotatypes[] = INITQFNAMES;
157 #endif
158 static struct quota_format_type *quota_formats; /* List of registered formats */
159 static struct quota_module_name module_names[] = INIT_QUOTA_MODULE_NAMES;
160
161 /* SLAB cache for dquot structures */
162 static struct kmem_cache *dquot_cachep;
163
register_quota_format(struct quota_format_type * fmt)164 int register_quota_format(struct quota_format_type *fmt)
165 {
166 spin_lock(&dq_list_lock);
167 fmt->qf_next = quota_formats;
168 quota_formats = fmt;
169 spin_unlock(&dq_list_lock);
170 return 0;
171 }
172 EXPORT_SYMBOL(register_quota_format);
173
unregister_quota_format(struct quota_format_type * fmt)174 void unregister_quota_format(struct quota_format_type *fmt)
175 {
176 struct quota_format_type **actqf;
177
178 spin_lock(&dq_list_lock);
179 for (actqf = "a_formats; *actqf && *actqf != fmt;
180 actqf = &(*actqf)->qf_next)
181 ;
182 if (*actqf)
183 *actqf = (*actqf)->qf_next;
184 spin_unlock(&dq_list_lock);
185 }
186 EXPORT_SYMBOL(unregister_quota_format);
187
find_quota_format(int id)188 static struct quota_format_type *find_quota_format(int id)
189 {
190 struct quota_format_type *actqf;
191
192 spin_lock(&dq_list_lock);
193 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id;
194 actqf = actqf->qf_next)
195 ;
196 if (!actqf || !try_module_get(actqf->qf_owner)) {
197 int qm;
198
199 spin_unlock(&dq_list_lock);
200
201 for (qm = 0; module_names[qm].qm_fmt_id &&
202 module_names[qm].qm_fmt_id != id; qm++)
203 ;
204 if (!module_names[qm].qm_fmt_id ||
205 request_module(module_names[qm].qm_mod_name))
206 return NULL;
207
208 spin_lock(&dq_list_lock);
209 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id;
210 actqf = actqf->qf_next)
211 ;
212 if (actqf && !try_module_get(actqf->qf_owner))
213 actqf = NULL;
214 }
215 spin_unlock(&dq_list_lock);
216 return actqf;
217 }
218
put_quota_format(struct quota_format_type * fmt)219 static void put_quota_format(struct quota_format_type *fmt)
220 {
221 module_put(fmt->qf_owner);
222 }
223
224 /*
225 * Dquot List Management:
226 * The quota code uses five lists for dquot management: the inuse_list,
227 * releasing_dquots, free_dquots, dqi_dirty_list, and dquot_hash[] array.
228 * A single dquot structure may be on some of those lists, depending on
229 * its current state.
230 *
231 * All dquots are placed to the end of inuse_list when first created, and this
232 * list is used for invalidate operation, which must look at every dquot.
233 *
234 * When the last reference of a dquot will be dropped, the dquot will be
235 * added to releasing_dquots. We'd then queue work item which would call
236 * synchronize_srcu() and after that perform the final cleanup of all the
237 * dquots on the list. Both releasing_dquots and free_dquots use the
238 * dq_free list_head in the dquot struct. When a dquot is removed from
239 * releasing_dquots, a reference count is always subtracted, and if
240 * dq_count == 0 at that point, the dquot will be added to the free_dquots.
241 *
242 * Unused dquots (dq_count == 0) are added to the free_dquots list when freed,
243 * and this list is searched whenever we need an available dquot. Dquots are
244 * removed from the list as soon as they are used again, and
245 * dqstats.free_dquots gives the number of dquots on the list. When
246 * dquot is invalidated it's completely released from memory.
247 *
248 * Dirty dquots are added to the dqi_dirty_list of quota_info when mark
249 * dirtied, and this list is searched when writing dirty dquots back to
250 * quota file. Note that some filesystems do dirty dquot tracking on their
251 * own (e.g. in a journal) and thus don't use dqi_dirty_list.
252 *
253 * Dquots with a specific identity (device, type and id) are placed on
254 * one of the dquot_hash[] hash chains. The provides an efficient search
255 * mechanism to locate a specific dquot.
256 */
257
258 static LIST_HEAD(inuse_list);
259 static LIST_HEAD(free_dquots);
260 static LIST_HEAD(releasing_dquots);
261 static unsigned int dq_hash_bits, dq_hash_mask;
262 static struct hlist_head *dquot_hash;
263
264 struct dqstats dqstats;
265 EXPORT_SYMBOL(dqstats);
266
267 static qsize_t inode_get_rsv_space(struct inode *inode);
268 static qsize_t __inode_get_rsv_space(struct inode *inode);
269 static int __dquot_initialize(struct inode *inode, int type);
270
271 static void quota_release_workfn(struct work_struct *work);
272 static DECLARE_DELAYED_WORK(quota_release_work, quota_release_workfn);
273
274 static inline unsigned int
hashfn(const struct super_block * sb,struct kqid qid)275 hashfn(const struct super_block *sb, struct kqid qid)
276 {
277 unsigned int id = from_kqid(&init_user_ns, qid);
278 int type = qid.type;
279 unsigned long tmp;
280
281 tmp = (((unsigned long)sb>>L1_CACHE_SHIFT) ^ id) * (MAXQUOTAS - type);
282 return (tmp + (tmp >> dq_hash_bits)) & dq_hash_mask;
283 }
284
285 /*
286 * Following list functions expect dq_list_lock to be held
287 */
insert_dquot_hash(struct dquot * dquot)288 static inline void insert_dquot_hash(struct dquot *dquot)
289 {
290 struct hlist_head *head;
291 head = dquot_hash + hashfn(dquot->dq_sb, dquot->dq_id);
292 hlist_add_head(&dquot->dq_hash, head);
293 }
294
remove_dquot_hash(struct dquot * dquot)295 static inline void remove_dquot_hash(struct dquot *dquot)
296 {
297 hlist_del_init(&dquot->dq_hash);
298 }
299
find_dquot(unsigned int hashent,struct super_block * sb,struct kqid qid)300 static struct dquot *find_dquot(unsigned int hashent, struct super_block *sb,
301 struct kqid qid)
302 {
303 struct hlist_node *node;
304 struct dquot *dquot;
305
306 hlist_for_each (node, dquot_hash+hashent) {
307 dquot = hlist_entry(node, struct dquot, dq_hash);
308 if (dquot->dq_sb == sb && qid_eq(dquot->dq_id, qid))
309 return dquot;
310 }
311 return NULL;
312 }
313
314 /* Add a dquot to the tail of the free list */
put_dquot_last(struct dquot * dquot)315 static inline void put_dquot_last(struct dquot *dquot)
316 {
317 list_add_tail(&dquot->dq_free, &free_dquots);
318 dqstats_inc(DQST_FREE_DQUOTS);
319 }
320
put_releasing_dquots(struct dquot * dquot)321 static inline void put_releasing_dquots(struct dquot *dquot)
322 {
323 list_add_tail(&dquot->dq_free, &releasing_dquots);
324 }
325
remove_free_dquot(struct dquot * dquot)326 static inline void remove_free_dquot(struct dquot *dquot)
327 {
328 if (list_empty(&dquot->dq_free))
329 return;
330 list_del_init(&dquot->dq_free);
331 if (!atomic_read(&dquot->dq_count))
332 dqstats_dec(DQST_FREE_DQUOTS);
333 }
334
put_inuse(struct dquot * dquot)335 static inline void put_inuse(struct dquot *dquot)
336 {
337 /* We add to the back of inuse list so we don't have to restart
338 * when traversing this list and we block */
339 list_add_tail(&dquot->dq_inuse, &inuse_list);
340 dqstats_inc(DQST_ALLOC_DQUOTS);
341 }
342
remove_inuse(struct dquot * dquot)343 static inline void remove_inuse(struct dquot *dquot)
344 {
345 dqstats_dec(DQST_ALLOC_DQUOTS);
346 list_del(&dquot->dq_inuse);
347 }
348 /*
349 * End of list functions needing dq_list_lock
350 */
351
wait_on_dquot(struct dquot * dquot)352 static void wait_on_dquot(struct dquot *dquot)
353 {
354 mutex_lock(&dquot->dq_lock);
355 mutex_unlock(&dquot->dq_lock);
356 }
357
dquot_active(struct dquot * dquot)358 static inline int dquot_active(struct dquot *dquot)
359 {
360 return test_bit(DQ_ACTIVE_B, &dquot->dq_flags);
361 }
362
dquot_dirty(struct dquot * dquot)363 static inline int dquot_dirty(struct dquot *dquot)
364 {
365 return test_bit(DQ_MOD_B, &dquot->dq_flags);
366 }
367
mark_dquot_dirty(struct dquot * dquot)368 static inline int mark_dquot_dirty(struct dquot *dquot)
369 {
370 return dquot->dq_sb->dq_op->mark_dirty(dquot);
371 }
372
373 /* Mark dquot dirty in atomic manner, and return it's old dirty flag state */
dquot_mark_dquot_dirty(struct dquot * dquot)374 int dquot_mark_dquot_dirty(struct dquot *dquot)
375 {
376 int ret = 1;
377
378 if (!dquot_active(dquot))
379 return 0;
380
381 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NOLIST_DIRTY)
382 return test_and_set_bit(DQ_MOD_B, &dquot->dq_flags);
383
384 /* If quota is dirty already, we don't have to acquire dq_list_lock */
385 if (dquot_dirty(dquot))
386 return 1;
387
388 spin_lock(&dq_list_lock);
389 if (!test_and_set_bit(DQ_MOD_B, &dquot->dq_flags)) {
390 list_add(&dquot->dq_dirty, &sb_dqopt(dquot->dq_sb)->
391 info[dquot->dq_id.type].dqi_dirty_list);
392 ret = 0;
393 }
394 spin_unlock(&dq_list_lock);
395 return ret;
396 }
397 EXPORT_SYMBOL(dquot_mark_dquot_dirty);
398
399 /* Dirtify all the dquots - this can block when journalling */
mark_all_dquot_dirty(struct dquot * const * dquot)400 static inline int mark_all_dquot_dirty(struct dquot * const *dquot)
401 {
402 int ret, err, cnt;
403
404 ret = err = 0;
405 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
406 if (dquot[cnt])
407 /* Even in case of error we have to continue */
408 ret = mark_dquot_dirty(dquot[cnt]);
409 if (!err)
410 err = ret;
411 }
412 return err;
413 }
414
dqput_all(struct dquot ** dquot)415 static inline void dqput_all(struct dquot **dquot)
416 {
417 unsigned int cnt;
418
419 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
420 dqput(dquot[cnt]);
421 }
422
clear_dquot_dirty(struct dquot * dquot)423 static inline int clear_dquot_dirty(struct dquot *dquot)
424 {
425 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NOLIST_DIRTY)
426 return test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags);
427
428 spin_lock(&dq_list_lock);
429 if (!test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags)) {
430 spin_unlock(&dq_list_lock);
431 return 0;
432 }
433 list_del_init(&dquot->dq_dirty);
434 spin_unlock(&dq_list_lock);
435 return 1;
436 }
437
mark_info_dirty(struct super_block * sb,int type)438 void mark_info_dirty(struct super_block *sb, int type)
439 {
440 spin_lock(&dq_data_lock);
441 sb_dqopt(sb)->info[type].dqi_flags |= DQF_INFO_DIRTY;
442 spin_unlock(&dq_data_lock);
443 }
444 EXPORT_SYMBOL(mark_info_dirty);
445
446 /*
447 * Read dquot from disk and alloc space for it
448 */
449
dquot_acquire(struct dquot * dquot)450 int dquot_acquire(struct dquot *dquot)
451 {
452 int ret = 0, ret2 = 0;
453 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
454
455 mutex_lock(&dquot->dq_lock);
456 if (!test_bit(DQ_READ_B, &dquot->dq_flags))
457 ret = dqopt->ops[dquot->dq_id.type]->read_dqblk(dquot);
458 if (ret < 0)
459 goto out_iolock;
460 /* Make sure flags update is visible after dquot has been filled */
461 smp_mb__before_atomic();
462 set_bit(DQ_READ_B, &dquot->dq_flags);
463 /* Instantiate dquot if needed */
464 if (!dquot_active(dquot) && !dquot->dq_off) {
465 ret = dqopt->ops[dquot->dq_id.type]->commit_dqblk(dquot);
466 /* Write the info if needed */
467 if (info_dirty(&dqopt->info[dquot->dq_id.type])) {
468 ret2 = dqopt->ops[dquot->dq_id.type]->write_file_info(
469 dquot->dq_sb, dquot->dq_id.type);
470 }
471 if (ret < 0)
472 goto out_iolock;
473 if (ret2 < 0) {
474 ret = ret2;
475 goto out_iolock;
476 }
477 }
478 /*
479 * Make sure flags update is visible after on-disk struct has been
480 * allocated. Paired with smp_rmb() in dqget().
481 */
482 smp_mb__before_atomic();
483 set_bit(DQ_ACTIVE_B, &dquot->dq_flags);
484 out_iolock:
485 mutex_unlock(&dquot->dq_lock);
486 return ret;
487 }
488 EXPORT_SYMBOL(dquot_acquire);
489
490 /*
491 * Write dquot to disk
492 */
dquot_commit(struct dquot * dquot)493 int dquot_commit(struct dquot *dquot)
494 {
495 int ret = 0;
496 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
497
498 mutex_lock(&dquot->dq_lock);
499 if (!clear_dquot_dirty(dquot))
500 goto out_lock;
501 /* Inactive dquot can be only if there was error during read/init
502 * => we have better not writing it */
503 if (dquot_active(dquot))
504 ret = dqopt->ops[dquot->dq_id.type]->commit_dqblk(dquot);
505 else
506 ret = -EIO;
507 out_lock:
508 mutex_unlock(&dquot->dq_lock);
509 return ret;
510 }
511 EXPORT_SYMBOL(dquot_commit);
512
513 /*
514 * Release dquot
515 */
dquot_release(struct dquot * dquot)516 int dquot_release(struct dquot *dquot)
517 {
518 int ret = 0, ret2 = 0;
519 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
520
521 mutex_lock(&dquot->dq_lock);
522 /* Check whether we are not racing with some other dqget() */
523 if (dquot_is_busy(dquot))
524 goto out_dqlock;
525 if (dqopt->ops[dquot->dq_id.type]->release_dqblk) {
526 ret = dqopt->ops[dquot->dq_id.type]->release_dqblk(dquot);
527 /* Write the info */
528 if (info_dirty(&dqopt->info[dquot->dq_id.type])) {
529 ret2 = dqopt->ops[dquot->dq_id.type]->write_file_info(
530 dquot->dq_sb, dquot->dq_id.type);
531 }
532 if (ret >= 0)
533 ret = ret2;
534 }
535 clear_bit(DQ_ACTIVE_B, &dquot->dq_flags);
536 out_dqlock:
537 mutex_unlock(&dquot->dq_lock);
538 return ret;
539 }
540 EXPORT_SYMBOL(dquot_release);
541
dquot_destroy(struct dquot * dquot)542 void dquot_destroy(struct dquot *dquot)
543 {
544 kmem_cache_free(dquot_cachep, dquot);
545 }
546 EXPORT_SYMBOL(dquot_destroy);
547
do_destroy_dquot(struct dquot * dquot)548 static inline void do_destroy_dquot(struct dquot *dquot)
549 {
550 dquot->dq_sb->dq_op->destroy_dquot(dquot);
551 }
552
553 /* Invalidate all dquots on the list. Note that this function is called after
554 * quota is disabled and pointers from inodes removed so there cannot be new
555 * quota users. There can still be some users of quotas due to inodes being
556 * just deleted or pruned by prune_icache() (those are not attached to any
557 * list) or parallel quotactl call. We have to wait for such users.
558 */
invalidate_dquots(struct super_block * sb,int type)559 static void invalidate_dquots(struct super_block *sb, int type)
560 {
561 struct dquot *dquot, *tmp;
562
563 restart:
564 flush_delayed_work("a_release_work);
565
566 spin_lock(&dq_list_lock);
567 list_for_each_entry_safe(dquot, tmp, &inuse_list, dq_inuse) {
568 if (dquot->dq_sb != sb)
569 continue;
570 if (dquot->dq_id.type != type)
571 continue;
572 /* Wait for dquot users */
573 if (atomic_read(&dquot->dq_count)) {
574 /* dquot in releasing_dquots, flush and retry */
575 if (!list_empty(&dquot->dq_free)) {
576 spin_unlock(&dq_list_lock);
577 goto restart;
578 }
579
580 atomic_inc(&dquot->dq_count);
581 spin_unlock(&dq_list_lock);
582 /*
583 * Once dqput() wakes us up, we know it's time to free
584 * the dquot.
585 * IMPORTANT: we rely on the fact that there is always
586 * at most one process waiting for dquot to free.
587 * Otherwise dq_count would be > 1 and we would never
588 * wake up.
589 */
590 wait_event(dquot_ref_wq,
591 atomic_read(&dquot->dq_count) == 1);
592 dqput(dquot);
593 /* At this moment dquot() need not exist (it could be
594 * reclaimed by prune_dqcache(). Hence we must
595 * restart. */
596 goto restart;
597 }
598 /*
599 * Quota now has no users and it has been written on last
600 * dqput()
601 */
602 remove_dquot_hash(dquot);
603 remove_free_dquot(dquot);
604 remove_inuse(dquot);
605 do_destroy_dquot(dquot);
606 }
607 spin_unlock(&dq_list_lock);
608 }
609
610 /* Call callback for every active dquot on given filesystem */
dquot_scan_active(struct super_block * sb,int (* fn)(struct dquot * dquot,unsigned long priv),unsigned long priv)611 int dquot_scan_active(struct super_block *sb,
612 int (*fn)(struct dquot *dquot, unsigned long priv),
613 unsigned long priv)
614 {
615 struct dquot *dquot, *old_dquot = NULL;
616 int ret = 0;
617
618 WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount));
619
620 spin_lock(&dq_list_lock);
621 list_for_each_entry(dquot, &inuse_list, dq_inuse) {
622 if (!dquot_active(dquot))
623 continue;
624 if (dquot->dq_sb != sb)
625 continue;
626 /* Now we have active dquot so we can just increase use count */
627 atomic_inc(&dquot->dq_count);
628 spin_unlock(&dq_list_lock);
629 dqput(old_dquot);
630 old_dquot = dquot;
631 /*
632 * ->release_dquot() can be racing with us. Our reference
633 * protects us from new calls to it so just wait for any
634 * outstanding call and recheck the DQ_ACTIVE_B after that.
635 */
636 wait_on_dquot(dquot);
637 if (dquot_active(dquot)) {
638 ret = fn(dquot, priv);
639 if (ret < 0)
640 goto out;
641 }
642 spin_lock(&dq_list_lock);
643 /* We are safe to continue now because our dquot could not
644 * be moved out of the inuse list while we hold the reference */
645 }
646 spin_unlock(&dq_list_lock);
647 out:
648 dqput(old_dquot);
649 return ret;
650 }
651 EXPORT_SYMBOL(dquot_scan_active);
652
dquot_write_dquot(struct dquot * dquot)653 static inline int dquot_write_dquot(struct dquot *dquot)
654 {
655 int ret = dquot->dq_sb->dq_op->write_dquot(dquot);
656 if (ret < 0) {
657 quota_error(dquot->dq_sb, "Can't write quota structure "
658 "(error %d). Quota may get out of sync!", ret);
659 /* Clear dirty bit anyway to avoid infinite loop. */
660 clear_dquot_dirty(dquot);
661 }
662 return ret;
663 }
664
665 /* Write all dquot structures to quota files */
dquot_writeback_dquots(struct super_block * sb,int type)666 int dquot_writeback_dquots(struct super_block *sb, int type)
667 {
668 struct list_head dirty;
669 struct dquot *dquot;
670 struct quota_info *dqopt = sb_dqopt(sb);
671 int cnt;
672 int err, ret = 0;
673
674 WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount));
675
676 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
677 if (type != -1 && cnt != type)
678 continue;
679 if (!sb_has_quota_active(sb, cnt))
680 continue;
681 spin_lock(&dq_list_lock);
682 /* Move list away to avoid livelock. */
683 list_replace_init(&dqopt->info[cnt].dqi_dirty_list, &dirty);
684 while (!list_empty(&dirty)) {
685 dquot = list_first_entry(&dirty, struct dquot,
686 dq_dirty);
687
688 WARN_ON(!dquot_active(dquot));
689
690 /* Now we have active dquot from which someone is
691 * holding reference so we can safely just increase
692 * use count */
693 dqgrab(dquot);
694 spin_unlock(&dq_list_lock);
695 err = dquot_write_dquot(dquot);
696 if (err && !ret)
697 ret = err;
698 dqput(dquot);
699 spin_lock(&dq_list_lock);
700 }
701 spin_unlock(&dq_list_lock);
702 }
703
704 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
705 if ((cnt == type || type == -1) && sb_has_quota_active(sb, cnt)
706 && info_dirty(&dqopt->info[cnt]))
707 sb->dq_op->write_info(sb, cnt);
708 dqstats_inc(DQST_SYNCS);
709
710 return ret;
711 }
712 EXPORT_SYMBOL(dquot_writeback_dquots);
713
714 /* Write all dquot structures to disk and make them visible from userspace */
dquot_quota_sync(struct super_block * sb,int type)715 int dquot_quota_sync(struct super_block *sb, int type)
716 {
717 struct quota_info *dqopt = sb_dqopt(sb);
718 int cnt;
719 int ret;
720
721 ret = dquot_writeback_dquots(sb, type);
722 if (ret)
723 return ret;
724 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
725 return 0;
726
727 /* This is not very clever (and fast) but currently I don't know about
728 * any other simple way of getting quota data to disk and we must get
729 * them there for userspace to be visible... */
730 if (sb->s_op->sync_fs) {
731 ret = sb->s_op->sync_fs(sb, 1);
732 if (ret)
733 return ret;
734 }
735 ret = sync_blockdev(sb->s_bdev);
736 if (ret)
737 return ret;
738
739 /*
740 * Now when everything is written we can discard the pagecache so
741 * that userspace sees the changes.
742 */
743 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
744 if (type != -1 && cnt != type)
745 continue;
746 if (!sb_has_quota_active(sb, cnt))
747 continue;
748 inode_lock(dqopt->files[cnt]);
749 truncate_inode_pages(&dqopt->files[cnt]->i_data, 0);
750 inode_unlock(dqopt->files[cnt]);
751 }
752
753 return 0;
754 }
755 EXPORT_SYMBOL(dquot_quota_sync);
756
757 static unsigned long
dqcache_shrink_scan(struct shrinker * shrink,struct shrink_control * sc)758 dqcache_shrink_scan(struct shrinker *shrink, struct shrink_control *sc)
759 {
760 struct dquot *dquot;
761 unsigned long freed = 0;
762
763 spin_lock(&dq_list_lock);
764 while (!list_empty(&free_dquots) && sc->nr_to_scan) {
765 dquot = list_first_entry(&free_dquots, struct dquot, dq_free);
766 remove_dquot_hash(dquot);
767 remove_free_dquot(dquot);
768 remove_inuse(dquot);
769 do_destroy_dquot(dquot);
770 sc->nr_to_scan--;
771 freed++;
772 }
773 spin_unlock(&dq_list_lock);
774 return freed;
775 }
776
777 static unsigned long
dqcache_shrink_count(struct shrinker * shrink,struct shrink_control * sc)778 dqcache_shrink_count(struct shrinker *shrink, struct shrink_control *sc)
779 {
780 return vfs_pressure_ratio(
781 percpu_counter_read_positive(&dqstats.counter[DQST_FREE_DQUOTS]));
782 }
783
784 static struct shrinker dqcache_shrinker = {
785 .count_objects = dqcache_shrink_count,
786 .scan_objects = dqcache_shrink_scan,
787 .seeks = DEFAULT_SEEKS,
788 };
789
790 /*
791 * Safely release dquot and put reference to dquot.
792 */
quota_release_workfn(struct work_struct * work)793 static void quota_release_workfn(struct work_struct *work)
794 {
795 struct dquot *dquot;
796 struct list_head rls_head;
797
798 spin_lock(&dq_list_lock);
799 /* Exchange the list head to avoid livelock. */
800 list_replace_init(&releasing_dquots, &rls_head);
801 spin_unlock(&dq_list_lock);
802
803 restart:
804 synchronize_srcu(&dquot_srcu);
805 spin_lock(&dq_list_lock);
806 while (!list_empty(&rls_head)) {
807 dquot = list_first_entry(&rls_head, struct dquot, dq_free);
808 /* Dquot got used again? */
809 if (atomic_read(&dquot->dq_count) > 1) {
810 remove_free_dquot(dquot);
811 atomic_dec(&dquot->dq_count);
812 continue;
813 }
814 if (dquot_dirty(dquot)) {
815 spin_unlock(&dq_list_lock);
816 /* Commit dquot before releasing */
817 dquot_write_dquot(dquot);
818 goto restart;
819 }
820 if (dquot_active(dquot)) {
821 spin_unlock(&dq_list_lock);
822 dquot->dq_sb->dq_op->release_dquot(dquot);
823 goto restart;
824 }
825 /* Dquot is inactive and clean, now move it to free list */
826 remove_free_dquot(dquot);
827 atomic_dec(&dquot->dq_count);
828 put_dquot_last(dquot);
829 }
830 spin_unlock(&dq_list_lock);
831 }
832
833 /*
834 * Put reference to dquot
835 */
dqput(struct dquot * dquot)836 void dqput(struct dquot *dquot)
837 {
838 if (!dquot)
839 return;
840 #ifdef CONFIG_QUOTA_DEBUG
841 if (!atomic_read(&dquot->dq_count)) {
842 quota_error(dquot->dq_sb, "trying to free free dquot of %s %d",
843 quotatypes[dquot->dq_id.type],
844 from_kqid(&init_user_ns, dquot->dq_id));
845 BUG();
846 }
847 #endif
848 dqstats_inc(DQST_DROPS);
849
850 spin_lock(&dq_list_lock);
851 if (atomic_read(&dquot->dq_count) > 1) {
852 /* We have more than one user... nothing to do */
853 atomic_dec(&dquot->dq_count);
854 /* Releasing dquot during quotaoff phase? */
855 if (!sb_has_quota_active(dquot->dq_sb, dquot->dq_id.type) &&
856 atomic_read(&dquot->dq_count) == 1)
857 wake_up(&dquot_ref_wq);
858 spin_unlock(&dq_list_lock);
859 return;
860 }
861
862 /* Need to release dquot? */
863 #ifdef CONFIG_QUOTA_DEBUG
864 /* sanity check */
865 BUG_ON(!list_empty(&dquot->dq_free));
866 #endif
867 put_releasing_dquots(dquot);
868 spin_unlock(&dq_list_lock);
869 queue_delayed_work(system_unbound_wq, "a_release_work, 1);
870 }
871 EXPORT_SYMBOL(dqput);
872
dquot_alloc(struct super_block * sb,int type)873 struct dquot *dquot_alloc(struct super_block *sb, int type)
874 {
875 return kmem_cache_zalloc(dquot_cachep, GFP_NOFS);
876 }
877 EXPORT_SYMBOL(dquot_alloc);
878
get_empty_dquot(struct super_block * sb,int type)879 static struct dquot *get_empty_dquot(struct super_block *sb, int type)
880 {
881 struct dquot *dquot;
882
883 dquot = sb->dq_op->alloc_dquot(sb, type);
884 if(!dquot)
885 return NULL;
886
887 mutex_init(&dquot->dq_lock);
888 INIT_LIST_HEAD(&dquot->dq_free);
889 INIT_LIST_HEAD(&dquot->dq_inuse);
890 INIT_HLIST_NODE(&dquot->dq_hash);
891 INIT_LIST_HEAD(&dquot->dq_dirty);
892 dquot->dq_sb = sb;
893 dquot->dq_id = make_kqid_invalid(type);
894 atomic_set(&dquot->dq_count, 1);
895 spin_lock_init(&dquot->dq_dqb_lock);
896
897 return dquot;
898 }
899
900 /*
901 * Get reference to dquot
902 *
903 * Locking is slightly tricky here. We are guarded from parallel quotaoff()
904 * destroying our dquot by:
905 * a) checking for quota flags under dq_list_lock and
906 * b) getting a reference to dquot before we release dq_list_lock
907 */
dqget(struct super_block * sb,struct kqid qid)908 struct dquot *dqget(struct super_block *sb, struct kqid qid)
909 {
910 unsigned int hashent = hashfn(sb, qid);
911 struct dquot *dquot, *empty = NULL;
912
913 if (!qid_has_mapping(sb->s_user_ns, qid))
914 return ERR_PTR(-EINVAL);
915
916 if (!sb_has_quota_active(sb, qid.type))
917 return ERR_PTR(-ESRCH);
918 we_slept:
919 spin_lock(&dq_list_lock);
920 spin_lock(&dq_state_lock);
921 if (!sb_has_quota_active(sb, qid.type)) {
922 spin_unlock(&dq_state_lock);
923 spin_unlock(&dq_list_lock);
924 dquot = ERR_PTR(-ESRCH);
925 goto out;
926 }
927 spin_unlock(&dq_state_lock);
928
929 dquot = find_dquot(hashent, sb, qid);
930 if (!dquot) {
931 if (!empty) {
932 spin_unlock(&dq_list_lock);
933 empty = get_empty_dquot(sb, qid.type);
934 if (!empty)
935 schedule(); /* Try to wait for a moment... */
936 goto we_slept;
937 }
938 dquot = empty;
939 empty = NULL;
940 dquot->dq_id = qid;
941 /* all dquots go on the inuse_list */
942 put_inuse(dquot);
943 /* hash it first so it can be found */
944 insert_dquot_hash(dquot);
945 spin_unlock(&dq_list_lock);
946 dqstats_inc(DQST_LOOKUPS);
947 } else {
948 if (!atomic_read(&dquot->dq_count))
949 remove_free_dquot(dquot);
950 atomic_inc(&dquot->dq_count);
951 spin_unlock(&dq_list_lock);
952 dqstats_inc(DQST_CACHE_HITS);
953 dqstats_inc(DQST_LOOKUPS);
954 }
955 /* Wait for dq_lock - after this we know that either dquot_release() is
956 * already finished or it will be canceled due to dq_count > 1 test */
957 wait_on_dquot(dquot);
958 /* Read the dquot / allocate space in quota file */
959 if (!dquot_active(dquot)) {
960 int err;
961
962 err = sb->dq_op->acquire_dquot(dquot);
963 if (err < 0) {
964 dqput(dquot);
965 dquot = ERR_PTR(err);
966 goto out;
967 }
968 }
969 /*
970 * Make sure following reads see filled structure - paired with
971 * smp_mb__before_atomic() in dquot_acquire().
972 */
973 smp_rmb();
974 #ifdef CONFIG_QUOTA_DEBUG
975 BUG_ON(!dquot->dq_sb); /* Has somebody invalidated entry under us? */
976 #endif
977 out:
978 if (empty)
979 do_destroy_dquot(empty);
980
981 return dquot;
982 }
983 EXPORT_SYMBOL(dqget);
984
i_dquot(struct inode * inode)985 static inline struct dquot **i_dquot(struct inode *inode)
986 {
987 return inode->i_sb->s_op->get_dquots(inode);
988 }
989
dqinit_needed(struct inode * inode,int type)990 static int dqinit_needed(struct inode *inode, int type)
991 {
992 struct dquot * const *dquots;
993 int cnt;
994
995 if (IS_NOQUOTA(inode))
996 return 0;
997
998 dquots = i_dquot(inode);
999 if (type != -1)
1000 return !dquots[type];
1001 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1002 if (!dquots[cnt])
1003 return 1;
1004 return 0;
1005 }
1006
1007 /* This routine is guarded by s_umount semaphore */
add_dquot_ref(struct super_block * sb,int type)1008 static int add_dquot_ref(struct super_block *sb, int type)
1009 {
1010 struct inode *inode, *old_inode = NULL;
1011 #ifdef CONFIG_QUOTA_DEBUG
1012 int reserved = 0;
1013 #endif
1014 int err = 0;
1015
1016 spin_lock(&sb->s_inode_list_lock);
1017 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
1018 spin_lock(&inode->i_lock);
1019 if ((inode->i_state & (I_FREEING|I_WILL_FREE|I_NEW)) ||
1020 !atomic_read(&inode->i_writecount) ||
1021 !dqinit_needed(inode, type)) {
1022 spin_unlock(&inode->i_lock);
1023 continue;
1024 }
1025 __iget(inode);
1026 spin_unlock(&inode->i_lock);
1027 spin_unlock(&sb->s_inode_list_lock);
1028
1029 #ifdef CONFIG_QUOTA_DEBUG
1030 if (unlikely(inode_get_rsv_space(inode) > 0))
1031 reserved = 1;
1032 #endif
1033 iput(old_inode);
1034 err = __dquot_initialize(inode, type);
1035 if (err) {
1036 iput(inode);
1037 goto out;
1038 }
1039
1040 /*
1041 * We hold a reference to 'inode' so it couldn't have been
1042 * removed from s_inodes list while we dropped the
1043 * s_inode_list_lock. We cannot iput the inode now as we can be
1044 * holding the last reference and we cannot iput it under
1045 * s_inode_list_lock. So we keep the reference and iput it
1046 * later.
1047 */
1048 old_inode = inode;
1049 cond_resched();
1050 spin_lock(&sb->s_inode_list_lock);
1051 }
1052 spin_unlock(&sb->s_inode_list_lock);
1053 iput(old_inode);
1054 out:
1055 #ifdef CONFIG_QUOTA_DEBUG
1056 if (reserved) {
1057 quota_error(sb, "Writes happened before quota was turned on "
1058 "thus quota information is probably inconsistent. "
1059 "Please run quotacheck(8)");
1060 }
1061 #endif
1062 return err;
1063 }
1064
1065 /*
1066 * Remove references to dquots from inode and add dquot to list for freeing
1067 * if we have the last reference to dquot
1068 */
remove_inode_dquot_ref(struct inode * inode,int type,struct list_head * tofree_head)1069 static void remove_inode_dquot_ref(struct inode *inode, int type,
1070 struct list_head *tofree_head)
1071 {
1072 struct dquot **dquots = i_dquot(inode);
1073 struct dquot *dquot = dquots[type];
1074
1075 if (!dquot)
1076 return;
1077
1078 dquots[type] = NULL;
1079 if (list_empty(&dquot->dq_free)) {
1080 /*
1081 * The inode still has reference to dquot so it can't be in the
1082 * free list
1083 */
1084 spin_lock(&dq_list_lock);
1085 list_add(&dquot->dq_free, tofree_head);
1086 spin_unlock(&dq_list_lock);
1087 } else {
1088 /*
1089 * Dquot is already in a list to put so we won't drop the last
1090 * reference here.
1091 */
1092 dqput(dquot);
1093 }
1094 }
1095
1096 /*
1097 * Free list of dquots
1098 * Dquots are removed from inodes and no new references can be got so we are
1099 * the only ones holding reference
1100 */
put_dquot_list(struct list_head * tofree_head)1101 static void put_dquot_list(struct list_head *tofree_head)
1102 {
1103 struct list_head *act_head;
1104 struct dquot *dquot;
1105
1106 act_head = tofree_head->next;
1107 while (act_head != tofree_head) {
1108 dquot = list_entry(act_head, struct dquot, dq_free);
1109 act_head = act_head->next;
1110 /* Remove dquot from the list so we won't have problems... */
1111 list_del_init(&dquot->dq_free);
1112 dqput(dquot);
1113 }
1114 }
1115
remove_dquot_ref(struct super_block * sb,int type,struct list_head * tofree_head)1116 static void remove_dquot_ref(struct super_block *sb, int type,
1117 struct list_head *tofree_head)
1118 {
1119 struct inode *inode;
1120 int reserved = 0;
1121
1122 spin_lock(&sb->s_inode_list_lock);
1123 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
1124 /*
1125 * We have to scan also I_NEW inodes because they can already
1126 * have quota pointer initialized. Luckily, we need to touch
1127 * only quota pointers and these have separate locking
1128 * (dq_data_lock).
1129 */
1130 spin_lock(&dq_data_lock);
1131 if (!IS_NOQUOTA(inode)) {
1132 if (unlikely(inode_get_rsv_space(inode) > 0))
1133 reserved = 1;
1134 remove_inode_dquot_ref(inode, type, tofree_head);
1135 }
1136 spin_unlock(&dq_data_lock);
1137 }
1138 spin_unlock(&sb->s_inode_list_lock);
1139 #ifdef CONFIG_QUOTA_DEBUG
1140 if (reserved) {
1141 printk(KERN_WARNING "VFS (%s): Writes happened after quota"
1142 " was disabled thus quota information is probably "
1143 "inconsistent. Please run quotacheck(8).\n", sb->s_id);
1144 }
1145 #endif
1146 }
1147
1148 /* Gather all references from inodes and drop them */
drop_dquot_ref(struct super_block * sb,int type)1149 static void drop_dquot_ref(struct super_block *sb, int type)
1150 {
1151 LIST_HEAD(tofree_head);
1152
1153 if (sb->dq_op) {
1154 remove_dquot_ref(sb, type, &tofree_head);
1155 synchronize_srcu(&dquot_srcu);
1156 put_dquot_list(&tofree_head);
1157 }
1158 }
1159
1160 static inline
dquot_free_reserved_space(struct dquot * dquot,qsize_t number)1161 void dquot_free_reserved_space(struct dquot *dquot, qsize_t number)
1162 {
1163 if (dquot->dq_dqb.dqb_rsvspace >= number)
1164 dquot->dq_dqb.dqb_rsvspace -= number;
1165 else {
1166 WARN_ON_ONCE(1);
1167 dquot->dq_dqb.dqb_rsvspace = 0;
1168 }
1169 if (dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace <=
1170 dquot->dq_dqb.dqb_bsoftlimit)
1171 dquot->dq_dqb.dqb_btime = (time64_t) 0;
1172 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1173 }
1174
dquot_decr_inodes(struct dquot * dquot,qsize_t number)1175 static void dquot_decr_inodes(struct dquot *dquot, qsize_t number)
1176 {
1177 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NEGATIVE_USAGE ||
1178 dquot->dq_dqb.dqb_curinodes >= number)
1179 dquot->dq_dqb.dqb_curinodes -= number;
1180 else
1181 dquot->dq_dqb.dqb_curinodes = 0;
1182 if (dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit)
1183 dquot->dq_dqb.dqb_itime = (time64_t) 0;
1184 clear_bit(DQ_INODES_B, &dquot->dq_flags);
1185 }
1186
dquot_decr_space(struct dquot * dquot,qsize_t number)1187 static void dquot_decr_space(struct dquot *dquot, qsize_t number)
1188 {
1189 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NEGATIVE_USAGE ||
1190 dquot->dq_dqb.dqb_curspace >= number)
1191 dquot->dq_dqb.dqb_curspace -= number;
1192 else
1193 dquot->dq_dqb.dqb_curspace = 0;
1194 if (dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace <=
1195 dquot->dq_dqb.dqb_bsoftlimit)
1196 dquot->dq_dqb.dqb_btime = (time64_t) 0;
1197 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1198 }
1199
1200 struct dquot_warn {
1201 struct super_block *w_sb;
1202 struct kqid w_dq_id;
1203 short w_type;
1204 };
1205
warning_issued(struct dquot * dquot,const int warntype)1206 static int warning_issued(struct dquot *dquot, const int warntype)
1207 {
1208 int flag = (warntype == QUOTA_NL_BHARDWARN ||
1209 warntype == QUOTA_NL_BSOFTLONGWARN) ? DQ_BLKS_B :
1210 ((warntype == QUOTA_NL_IHARDWARN ||
1211 warntype == QUOTA_NL_ISOFTLONGWARN) ? DQ_INODES_B : 0);
1212
1213 if (!flag)
1214 return 0;
1215 return test_and_set_bit(flag, &dquot->dq_flags);
1216 }
1217
1218 #ifdef CONFIG_PRINT_QUOTA_WARNING
1219 static int flag_print_warnings = 1;
1220
need_print_warning(struct dquot_warn * warn)1221 static int need_print_warning(struct dquot_warn *warn)
1222 {
1223 if (!flag_print_warnings)
1224 return 0;
1225
1226 switch (warn->w_dq_id.type) {
1227 case USRQUOTA:
1228 return uid_eq(current_fsuid(), warn->w_dq_id.uid);
1229 case GRPQUOTA:
1230 return in_group_p(warn->w_dq_id.gid);
1231 case PRJQUOTA:
1232 return 1;
1233 }
1234 return 0;
1235 }
1236
1237 /* Print warning to user which exceeded quota */
print_warning(struct dquot_warn * warn)1238 static void print_warning(struct dquot_warn *warn)
1239 {
1240 char *msg = NULL;
1241 struct tty_struct *tty;
1242 int warntype = warn->w_type;
1243
1244 if (warntype == QUOTA_NL_IHARDBELOW ||
1245 warntype == QUOTA_NL_ISOFTBELOW ||
1246 warntype == QUOTA_NL_BHARDBELOW ||
1247 warntype == QUOTA_NL_BSOFTBELOW || !need_print_warning(warn))
1248 return;
1249
1250 tty = get_current_tty();
1251 if (!tty)
1252 return;
1253 tty_write_message(tty, warn->w_sb->s_id);
1254 if (warntype == QUOTA_NL_ISOFTWARN || warntype == QUOTA_NL_BSOFTWARN)
1255 tty_write_message(tty, ": warning, ");
1256 else
1257 tty_write_message(tty, ": write failed, ");
1258 tty_write_message(tty, quotatypes[warn->w_dq_id.type]);
1259 switch (warntype) {
1260 case QUOTA_NL_IHARDWARN:
1261 msg = " file limit reached.\r\n";
1262 break;
1263 case QUOTA_NL_ISOFTLONGWARN:
1264 msg = " file quota exceeded too long.\r\n";
1265 break;
1266 case QUOTA_NL_ISOFTWARN:
1267 msg = " file quota exceeded.\r\n";
1268 break;
1269 case QUOTA_NL_BHARDWARN:
1270 msg = " block limit reached.\r\n";
1271 break;
1272 case QUOTA_NL_BSOFTLONGWARN:
1273 msg = " block quota exceeded too long.\r\n";
1274 break;
1275 case QUOTA_NL_BSOFTWARN:
1276 msg = " block quota exceeded.\r\n";
1277 break;
1278 }
1279 tty_write_message(tty, msg);
1280 tty_kref_put(tty);
1281 }
1282 #endif
1283
prepare_warning(struct dquot_warn * warn,struct dquot * dquot,int warntype)1284 static void prepare_warning(struct dquot_warn *warn, struct dquot *dquot,
1285 int warntype)
1286 {
1287 if (warning_issued(dquot, warntype))
1288 return;
1289 warn->w_type = warntype;
1290 warn->w_sb = dquot->dq_sb;
1291 warn->w_dq_id = dquot->dq_id;
1292 }
1293
1294 /*
1295 * Write warnings to the console and send warning messages over netlink.
1296 *
1297 * Note that this function can call into tty and networking code.
1298 */
flush_warnings(struct dquot_warn * warn)1299 static void flush_warnings(struct dquot_warn *warn)
1300 {
1301 int i;
1302
1303 for (i = 0; i < MAXQUOTAS; i++) {
1304 if (warn[i].w_type == QUOTA_NL_NOWARN)
1305 continue;
1306 #ifdef CONFIG_PRINT_QUOTA_WARNING
1307 print_warning(&warn[i]);
1308 #endif
1309 quota_send_warning(warn[i].w_dq_id,
1310 warn[i].w_sb->s_dev, warn[i].w_type);
1311 }
1312 }
1313
ignore_hardlimit(struct dquot * dquot)1314 static int ignore_hardlimit(struct dquot *dquot)
1315 {
1316 struct mem_dqinfo *info = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
1317
1318 return capable(CAP_SYS_RESOURCE) &&
1319 (info->dqi_format->qf_fmt_id != QFMT_VFS_OLD ||
1320 !(info->dqi_flags & DQF_ROOT_SQUASH));
1321 }
1322
dquot_add_inodes(struct dquot * dquot,qsize_t inodes,struct dquot_warn * warn)1323 static int dquot_add_inodes(struct dquot *dquot, qsize_t inodes,
1324 struct dquot_warn *warn)
1325 {
1326 qsize_t newinodes;
1327 int ret = 0;
1328
1329 spin_lock(&dquot->dq_dqb_lock);
1330 newinodes = dquot->dq_dqb.dqb_curinodes + inodes;
1331 if (!sb_has_quota_limits_enabled(dquot->dq_sb, dquot->dq_id.type) ||
1332 test_bit(DQ_FAKE_B, &dquot->dq_flags))
1333 goto add;
1334
1335 if (dquot->dq_dqb.dqb_ihardlimit &&
1336 newinodes > dquot->dq_dqb.dqb_ihardlimit &&
1337 !ignore_hardlimit(dquot)) {
1338 prepare_warning(warn, dquot, QUOTA_NL_IHARDWARN);
1339 ret = -EDQUOT;
1340 goto out;
1341 }
1342
1343 if (dquot->dq_dqb.dqb_isoftlimit &&
1344 newinodes > dquot->dq_dqb.dqb_isoftlimit &&
1345 dquot->dq_dqb.dqb_itime &&
1346 ktime_get_real_seconds() >= dquot->dq_dqb.dqb_itime &&
1347 !ignore_hardlimit(dquot)) {
1348 prepare_warning(warn, dquot, QUOTA_NL_ISOFTLONGWARN);
1349 ret = -EDQUOT;
1350 goto out;
1351 }
1352
1353 if (dquot->dq_dqb.dqb_isoftlimit &&
1354 newinodes > dquot->dq_dqb.dqb_isoftlimit &&
1355 dquot->dq_dqb.dqb_itime == 0) {
1356 prepare_warning(warn, dquot, QUOTA_NL_ISOFTWARN);
1357 dquot->dq_dqb.dqb_itime = ktime_get_real_seconds() +
1358 sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type].dqi_igrace;
1359 }
1360 add:
1361 dquot->dq_dqb.dqb_curinodes = newinodes;
1362
1363 out:
1364 spin_unlock(&dquot->dq_dqb_lock);
1365 return ret;
1366 }
1367
dquot_add_space(struct dquot * dquot,qsize_t space,qsize_t rsv_space,unsigned int flags,struct dquot_warn * warn)1368 static int dquot_add_space(struct dquot *dquot, qsize_t space,
1369 qsize_t rsv_space, unsigned int flags,
1370 struct dquot_warn *warn)
1371 {
1372 qsize_t tspace;
1373 struct super_block *sb = dquot->dq_sb;
1374 int ret = 0;
1375
1376 spin_lock(&dquot->dq_dqb_lock);
1377 if (!sb_has_quota_limits_enabled(sb, dquot->dq_id.type) ||
1378 test_bit(DQ_FAKE_B, &dquot->dq_flags))
1379 goto finish;
1380
1381 tspace = dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace
1382 + space + rsv_space;
1383
1384 if (dquot->dq_dqb.dqb_bhardlimit &&
1385 tspace > dquot->dq_dqb.dqb_bhardlimit &&
1386 !ignore_hardlimit(dquot)) {
1387 if (flags & DQUOT_SPACE_WARN)
1388 prepare_warning(warn, dquot, QUOTA_NL_BHARDWARN);
1389 ret = -EDQUOT;
1390 goto finish;
1391 }
1392
1393 if (dquot->dq_dqb.dqb_bsoftlimit &&
1394 tspace > dquot->dq_dqb.dqb_bsoftlimit &&
1395 dquot->dq_dqb.dqb_btime &&
1396 ktime_get_real_seconds() >= dquot->dq_dqb.dqb_btime &&
1397 !ignore_hardlimit(dquot)) {
1398 if (flags & DQUOT_SPACE_WARN)
1399 prepare_warning(warn, dquot, QUOTA_NL_BSOFTLONGWARN);
1400 ret = -EDQUOT;
1401 goto finish;
1402 }
1403
1404 if (dquot->dq_dqb.dqb_bsoftlimit &&
1405 tspace > dquot->dq_dqb.dqb_bsoftlimit &&
1406 dquot->dq_dqb.dqb_btime == 0) {
1407 if (flags & DQUOT_SPACE_WARN) {
1408 prepare_warning(warn, dquot, QUOTA_NL_BSOFTWARN);
1409 dquot->dq_dqb.dqb_btime = ktime_get_real_seconds() +
1410 sb_dqopt(sb)->info[dquot->dq_id.type].dqi_bgrace;
1411 } else {
1412 /*
1413 * We don't allow preallocation to exceed softlimit so exceeding will
1414 * be always printed
1415 */
1416 ret = -EDQUOT;
1417 goto finish;
1418 }
1419 }
1420 finish:
1421 /*
1422 * We have to be careful and go through warning generation & grace time
1423 * setting even if DQUOT_SPACE_NOFAIL is set. That's why we check it
1424 * only here...
1425 */
1426 if (flags & DQUOT_SPACE_NOFAIL)
1427 ret = 0;
1428 if (!ret) {
1429 dquot->dq_dqb.dqb_rsvspace += rsv_space;
1430 dquot->dq_dqb.dqb_curspace += space;
1431 }
1432 spin_unlock(&dquot->dq_dqb_lock);
1433 return ret;
1434 }
1435
info_idq_free(struct dquot * dquot,qsize_t inodes)1436 static int info_idq_free(struct dquot *dquot, qsize_t inodes)
1437 {
1438 qsize_t newinodes;
1439
1440 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1441 dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit ||
1442 !sb_has_quota_limits_enabled(dquot->dq_sb, dquot->dq_id.type))
1443 return QUOTA_NL_NOWARN;
1444
1445 newinodes = dquot->dq_dqb.dqb_curinodes - inodes;
1446 if (newinodes <= dquot->dq_dqb.dqb_isoftlimit)
1447 return QUOTA_NL_ISOFTBELOW;
1448 if (dquot->dq_dqb.dqb_curinodes >= dquot->dq_dqb.dqb_ihardlimit &&
1449 newinodes < dquot->dq_dqb.dqb_ihardlimit)
1450 return QUOTA_NL_IHARDBELOW;
1451 return QUOTA_NL_NOWARN;
1452 }
1453
info_bdq_free(struct dquot * dquot,qsize_t space)1454 static int info_bdq_free(struct dquot *dquot, qsize_t space)
1455 {
1456 qsize_t tspace;
1457
1458 tspace = dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace;
1459
1460 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1461 tspace <= dquot->dq_dqb.dqb_bsoftlimit)
1462 return QUOTA_NL_NOWARN;
1463
1464 if (tspace - space <= dquot->dq_dqb.dqb_bsoftlimit)
1465 return QUOTA_NL_BSOFTBELOW;
1466 if (tspace >= dquot->dq_dqb.dqb_bhardlimit &&
1467 tspace - space < dquot->dq_dqb.dqb_bhardlimit)
1468 return QUOTA_NL_BHARDBELOW;
1469 return QUOTA_NL_NOWARN;
1470 }
1471
inode_quota_active(const struct inode * inode)1472 static int inode_quota_active(const struct inode *inode)
1473 {
1474 struct super_block *sb = inode->i_sb;
1475
1476 if (IS_NOQUOTA(inode))
1477 return 0;
1478 return sb_any_quota_loaded(sb) & ~sb_any_quota_suspended(sb);
1479 }
1480
1481 /*
1482 * Initialize quota pointers in inode
1483 *
1484 * It is better to call this function outside of any transaction as it
1485 * might need a lot of space in journal for dquot structure allocation.
1486 */
__dquot_initialize(struct inode * inode,int type)1487 static int __dquot_initialize(struct inode *inode, int type)
1488 {
1489 int cnt, init_needed = 0;
1490 struct dquot **dquots, *got[MAXQUOTAS] = {};
1491 struct super_block *sb = inode->i_sb;
1492 qsize_t rsv;
1493 int ret = 0;
1494
1495 if (!inode_quota_active(inode))
1496 return 0;
1497
1498 dquots = i_dquot(inode);
1499
1500 /* First get references to structures we might need. */
1501 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1502 struct kqid qid;
1503 kprojid_t projid;
1504 int rc;
1505 struct dquot *dquot;
1506
1507 if (type != -1 && cnt != type)
1508 continue;
1509 /*
1510 * The i_dquot should have been initialized in most cases,
1511 * we check it without locking here to avoid unnecessary
1512 * dqget()/dqput() calls.
1513 */
1514 if (dquots[cnt])
1515 continue;
1516
1517 if (!sb_has_quota_active(sb, cnt))
1518 continue;
1519
1520 init_needed = 1;
1521
1522 switch (cnt) {
1523 case USRQUOTA:
1524 qid = make_kqid_uid(inode->i_uid);
1525 break;
1526 case GRPQUOTA:
1527 qid = make_kqid_gid(inode->i_gid);
1528 break;
1529 case PRJQUOTA:
1530 rc = inode->i_sb->dq_op->get_projid(inode, &projid);
1531 if (rc)
1532 continue;
1533 qid = make_kqid_projid(projid);
1534 break;
1535 }
1536 dquot = dqget(sb, qid);
1537 if (IS_ERR(dquot)) {
1538 /* We raced with somebody turning quotas off... */
1539 if (PTR_ERR(dquot) != -ESRCH) {
1540 ret = PTR_ERR(dquot);
1541 goto out_put;
1542 }
1543 dquot = NULL;
1544 }
1545 got[cnt] = dquot;
1546 }
1547
1548 /* All required i_dquot has been initialized */
1549 if (!init_needed)
1550 return 0;
1551
1552 spin_lock(&dq_data_lock);
1553 if (IS_NOQUOTA(inode))
1554 goto out_lock;
1555 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1556 if (type != -1 && cnt != type)
1557 continue;
1558 /* Avoid races with quotaoff() */
1559 if (!sb_has_quota_active(sb, cnt))
1560 continue;
1561 /* We could race with quotaon or dqget() could have failed */
1562 if (!got[cnt])
1563 continue;
1564 if (!dquots[cnt]) {
1565 dquots[cnt] = got[cnt];
1566 got[cnt] = NULL;
1567 /*
1568 * Make quota reservation system happy if someone
1569 * did a write before quota was turned on
1570 */
1571 rsv = inode_get_rsv_space(inode);
1572 if (unlikely(rsv)) {
1573 spin_lock(&inode->i_lock);
1574 /* Get reservation again under proper lock */
1575 rsv = __inode_get_rsv_space(inode);
1576 spin_lock(&dquots[cnt]->dq_dqb_lock);
1577 dquots[cnt]->dq_dqb.dqb_rsvspace += rsv;
1578 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1579 spin_unlock(&inode->i_lock);
1580 }
1581 }
1582 }
1583 out_lock:
1584 spin_unlock(&dq_data_lock);
1585 out_put:
1586 /* Drop unused references */
1587 dqput_all(got);
1588
1589 return ret;
1590 }
1591
dquot_initialize(struct inode * inode)1592 int dquot_initialize(struct inode *inode)
1593 {
1594 return __dquot_initialize(inode, -1);
1595 }
1596 EXPORT_SYMBOL(dquot_initialize);
1597
dquot_initialize_needed(struct inode * inode)1598 bool dquot_initialize_needed(struct inode *inode)
1599 {
1600 struct dquot **dquots;
1601 int i;
1602
1603 if (!inode_quota_active(inode))
1604 return false;
1605
1606 dquots = i_dquot(inode);
1607 for (i = 0; i < MAXQUOTAS; i++)
1608 if (!dquots[i] && sb_has_quota_active(inode->i_sb, i))
1609 return true;
1610 return false;
1611 }
1612 EXPORT_SYMBOL(dquot_initialize_needed);
1613
1614 /*
1615 * Release all quotas referenced by inode.
1616 *
1617 * This function only be called on inode free or converting
1618 * a file to quota file, no other users for the i_dquot in
1619 * both cases, so we needn't call synchronize_srcu() after
1620 * clearing i_dquot.
1621 */
__dquot_drop(struct inode * inode)1622 static void __dquot_drop(struct inode *inode)
1623 {
1624 int cnt;
1625 struct dquot **dquots = i_dquot(inode);
1626 struct dquot *put[MAXQUOTAS];
1627
1628 spin_lock(&dq_data_lock);
1629 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1630 put[cnt] = dquots[cnt];
1631 dquots[cnt] = NULL;
1632 }
1633 spin_unlock(&dq_data_lock);
1634 dqput_all(put);
1635 }
1636
dquot_drop(struct inode * inode)1637 void dquot_drop(struct inode *inode)
1638 {
1639 struct dquot * const *dquots;
1640 int cnt;
1641
1642 if (IS_NOQUOTA(inode))
1643 return;
1644
1645 /*
1646 * Test before calling to rule out calls from proc and such
1647 * where we are not allowed to block. Note that this is
1648 * actually reliable test even without the lock - the caller
1649 * must assure that nobody can come after the DQUOT_DROP and
1650 * add quota pointers back anyway.
1651 */
1652 dquots = i_dquot(inode);
1653 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1654 if (dquots[cnt])
1655 break;
1656 }
1657
1658 if (cnt < MAXQUOTAS)
1659 __dquot_drop(inode);
1660 }
1661 EXPORT_SYMBOL(dquot_drop);
1662
1663 /*
1664 * inode_reserved_space is managed internally by quota, and protected by
1665 * i_lock similar to i_blocks+i_bytes.
1666 */
inode_reserved_space(struct inode * inode)1667 static qsize_t *inode_reserved_space(struct inode * inode)
1668 {
1669 /* Filesystem must explicitly define it's own method in order to use
1670 * quota reservation interface */
1671 BUG_ON(!inode->i_sb->dq_op->get_reserved_space);
1672 return inode->i_sb->dq_op->get_reserved_space(inode);
1673 }
1674
__inode_get_rsv_space(struct inode * inode)1675 static qsize_t __inode_get_rsv_space(struct inode *inode)
1676 {
1677 if (!inode->i_sb->dq_op->get_reserved_space)
1678 return 0;
1679 return *inode_reserved_space(inode);
1680 }
1681
inode_get_rsv_space(struct inode * inode)1682 static qsize_t inode_get_rsv_space(struct inode *inode)
1683 {
1684 qsize_t ret;
1685
1686 if (!inode->i_sb->dq_op->get_reserved_space)
1687 return 0;
1688 spin_lock(&inode->i_lock);
1689 ret = __inode_get_rsv_space(inode);
1690 spin_unlock(&inode->i_lock);
1691 return ret;
1692 }
1693
1694 /*
1695 * This functions updates i_blocks+i_bytes fields and quota information
1696 * (together with appropriate checks).
1697 *
1698 * NOTE: We absolutely rely on the fact that caller dirties the inode
1699 * (usually helpers in quotaops.h care about this) and holds a handle for
1700 * the current transaction so that dquot write and inode write go into the
1701 * same transaction.
1702 */
1703
1704 /*
1705 * This operation can block, but only after everything is updated
1706 */
__dquot_alloc_space(struct inode * inode,qsize_t number,int flags)1707 int __dquot_alloc_space(struct inode *inode, qsize_t number, int flags)
1708 {
1709 int cnt, ret = 0, index;
1710 struct dquot_warn warn[MAXQUOTAS];
1711 int reserve = flags & DQUOT_SPACE_RESERVE;
1712 struct dquot **dquots;
1713
1714 if (!inode_quota_active(inode)) {
1715 if (reserve) {
1716 spin_lock(&inode->i_lock);
1717 *inode_reserved_space(inode) += number;
1718 spin_unlock(&inode->i_lock);
1719 } else {
1720 inode_add_bytes(inode, number);
1721 }
1722 goto out;
1723 }
1724
1725 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1726 warn[cnt].w_type = QUOTA_NL_NOWARN;
1727
1728 dquots = i_dquot(inode);
1729 index = srcu_read_lock(&dquot_srcu);
1730 spin_lock(&inode->i_lock);
1731 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1732 if (!dquots[cnt])
1733 continue;
1734 if (flags & DQUOT_SPACE_RESERVE) {
1735 ret = dquot_add_space(dquots[cnt], 0, number, flags,
1736 &warn[cnt]);
1737 } else {
1738 ret = dquot_add_space(dquots[cnt], number, 0, flags,
1739 &warn[cnt]);
1740 }
1741 if (ret) {
1742 /* Back out changes we already did */
1743 for (cnt--; cnt >= 0; cnt--) {
1744 if (!dquots[cnt])
1745 continue;
1746 spin_lock(&dquots[cnt]->dq_dqb_lock);
1747 if (flags & DQUOT_SPACE_RESERVE) {
1748 dquots[cnt]->dq_dqb.dqb_rsvspace -=
1749 number;
1750 } else {
1751 dquots[cnt]->dq_dqb.dqb_curspace -=
1752 number;
1753 }
1754 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1755 }
1756 spin_unlock(&inode->i_lock);
1757 goto out_flush_warn;
1758 }
1759 }
1760 if (reserve)
1761 *inode_reserved_space(inode) += number;
1762 else
1763 __inode_add_bytes(inode, number);
1764 spin_unlock(&inode->i_lock);
1765
1766 if (reserve)
1767 goto out_flush_warn;
1768 mark_all_dquot_dirty(dquots);
1769 out_flush_warn:
1770 srcu_read_unlock(&dquot_srcu, index);
1771 flush_warnings(warn);
1772 out:
1773 return ret;
1774 }
1775 EXPORT_SYMBOL(__dquot_alloc_space);
1776
1777 /*
1778 * This operation can block, but only after everything is updated
1779 */
dquot_alloc_inode(struct inode * inode)1780 int dquot_alloc_inode(struct inode *inode)
1781 {
1782 int cnt, ret = 0, index;
1783 struct dquot_warn warn[MAXQUOTAS];
1784 struct dquot * const *dquots;
1785
1786 if (!inode_quota_active(inode))
1787 return 0;
1788 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1789 warn[cnt].w_type = QUOTA_NL_NOWARN;
1790
1791 dquots = i_dquot(inode);
1792 index = srcu_read_lock(&dquot_srcu);
1793 spin_lock(&inode->i_lock);
1794 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1795 if (!dquots[cnt])
1796 continue;
1797 ret = dquot_add_inodes(dquots[cnt], 1, &warn[cnt]);
1798 if (ret) {
1799 for (cnt--; cnt >= 0; cnt--) {
1800 if (!dquots[cnt])
1801 continue;
1802 /* Back out changes we already did */
1803 spin_lock(&dquots[cnt]->dq_dqb_lock);
1804 dquots[cnt]->dq_dqb.dqb_curinodes--;
1805 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1806 }
1807 goto warn_put_all;
1808 }
1809 }
1810
1811 warn_put_all:
1812 spin_unlock(&inode->i_lock);
1813 if (ret == 0)
1814 mark_all_dquot_dirty(dquots);
1815 srcu_read_unlock(&dquot_srcu, index);
1816 flush_warnings(warn);
1817 return ret;
1818 }
1819 EXPORT_SYMBOL(dquot_alloc_inode);
1820
1821 /*
1822 * Convert in-memory reserved quotas to real consumed quotas
1823 */
dquot_claim_space_nodirty(struct inode * inode,qsize_t number)1824 int dquot_claim_space_nodirty(struct inode *inode, qsize_t number)
1825 {
1826 struct dquot **dquots;
1827 int cnt, index;
1828
1829 if (!inode_quota_active(inode)) {
1830 spin_lock(&inode->i_lock);
1831 *inode_reserved_space(inode) -= number;
1832 __inode_add_bytes(inode, number);
1833 spin_unlock(&inode->i_lock);
1834 return 0;
1835 }
1836
1837 dquots = i_dquot(inode);
1838 index = srcu_read_lock(&dquot_srcu);
1839 spin_lock(&inode->i_lock);
1840 /* Claim reserved quotas to allocated quotas */
1841 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1842 if (dquots[cnt]) {
1843 struct dquot *dquot = dquots[cnt];
1844
1845 spin_lock(&dquot->dq_dqb_lock);
1846 if (WARN_ON_ONCE(dquot->dq_dqb.dqb_rsvspace < number))
1847 number = dquot->dq_dqb.dqb_rsvspace;
1848 dquot->dq_dqb.dqb_curspace += number;
1849 dquot->dq_dqb.dqb_rsvspace -= number;
1850 spin_unlock(&dquot->dq_dqb_lock);
1851 }
1852 }
1853 /* Update inode bytes */
1854 *inode_reserved_space(inode) -= number;
1855 __inode_add_bytes(inode, number);
1856 spin_unlock(&inode->i_lock);
1857 mark_all_dquot_dirty(dquots);
1858 srcu_read_unlock(&dquot_srcu, index);
1859 return 0;
1860 }
1861 EXPORT_SYMBOL(dquot_claim_space_nodirty);
1862
1863 /*
1864 * Convert allocated space back to in-memory reserved quotas
1865 */
dquot_reclaim_space_nodirty(struct inode * inode,qsize_t number)1866 void dquot_reclaim_space_nodirty(struct inode *inode, qsize_t number)
1867 {
1868 struct dquot **dquots;
1869 int cnt, index;
1870
1871 if (!inode_quota_active(inode)) {
1872 spin_lock(&inode->i_lock);
1873 *inode_reserved_space(inode) += number;
1874 __inode_sub_bytes(inode, number);
1875 spin_unlock(&inode->i_lock);
1876 return;
1877 }
1878
1879 dquots = i_dquot(inode);
1880 index = srcu_read_lock(&dquot_srcu);
1881 spin_lock(&inode->i_lock);
1882 /* Claim reserved quotas to allocated quotas */
1883 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1884 if (dquots[cnt]) {
1885 struct dquot *dquot = dquots[cnt];
1886
1887 spin_lock(&dquot->dq_dqb_lock);
1888 if (WARN_ON_ONCE(dquot->dq_dqb.dqb_curspace < number))
1889 number = dquot->dq_dqb.dqb_curspace;
1890 dquot->dq_dqb.dqb_rsvspace += number;
1891 dquot->dq_dqb.dqb_curspace -= number;
1892 spin_unlock(&dquot->dq_dqb_lock);
1893 }
1894 }
1895 /* Update inode bytes */
1896 *inode_reserved_space(inode) += number;
1897 __inode_sub_bytes(inode, number);
1898 spin_unlock(&inode->i_lock);
1899 mark_all_dquot_dirty(dquots);
1900 srcu_read_unlock(&dquot_srcu, index);
1901 return;
1902 }
1903 EXPORT_SYMBOL(dquot_reclaim_space_nodirty);
1904
1905 /*
1906 * This operation can block, but only after everything is updated
1907 */
__dquot_free_space(struct inode * inode,qsize_t number,int flags)1908 void __dquot_free_space(struct inode *inode, qsize_t number, int flags)
1909 {
1910 unsigned int cnt;
1911 struct dquot_warn warn[MAXQUOTAS];
1912 struct dquot **dquots;
1913 int reserve = flags & DQUOT_SPACE_RESERVE, index;
1914
1915 if (!inode_quota_active(inode)) {
1916 if (reserve) {
1917 spin_lock(&inode->i_lock);
1918 *inode_reserved_space(inode) -= number;
1919 spin_unlock(&inode->i_lock);
1920 } else {
1921 inode_sub_bytes(inode, number);
1922 }
1923 return;
1924 }
1925
1926 dquots = i_dquot(inode);
1927 index = srcu_read_lock(&dquot_srcu);
1928 spin_lock(&inode->i_lock);
1929 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1930 int wtype;
1931
1932 warn[cnt].w_type = QUOTA_NL_NOWARN;
1933 if (!dquots[cnt])
1934 continue;
1935 spin_lock(&dquots[cnt]->dq_dqb_lock);
1936 wtype = info_bdq_free(dquots[cnt], number);
1937 if (wtype != QUOTA_NL_NOWARN)
1938 prepare_warning(&warn[cnt], dquots[cnt], wtype);
1939 if (reserve)
1940 dquot_free_reserved_space(dquots[cnt], number);
1941 else
1942 dquot_decr_space(dquots[cnt], number);
1943 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1944 }
1945 if (reserve)
1946 *inode_reserved_space(inode) -= number;
1947 else
1948 __inode_sub_bytes(inode, number);
1949 spin_unlock(&inode->i_lock);
1950
1951 if (reserve)
1952 goto out_unlock;
1953 mark_all_dquot_dirty(dquots);
1954 out_unlock:
1955 srcu_read_unlock(&dquot_srcu, index);
1956 flush_warnings(warn);
1957 }
1958 EXPORT_SYMBOL(__dquot_free_space);
1959
1960 /*
1961 * This operation can block, but only after everything is updated
1962 */
dquot_free_inode(struct inode * inode)1963 void dquot_free_inode(struct inode *inode)
1964 {
1965 unsigned int cnt;
1966 struct dquot_warn warn[MAXQUOTAS];
1967 struct dquot * const *dquots;
1968 int index;
1969
1970 if (!inode_quota_active(inode))
1971 return;
1972
1973 dquots = i_dquot(inode);
1974 index = srcu_read_lock(&dquot_srcu);
1975 spin_lock(&inode->i_lock);
1976 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1977 int wtype;
1978
1979 warn[cnt].w_type = QUOTA_NL_NOWARN;
1980 if (!dquots[cnt])
1981 continue;
1982 spin_lock(&dquots[cnt]->dq_dqb_lock);
1983 wtype = info_idq_free(dquots[cnt], 1);
1984 if (wtype != QUOTA_NL_NOWARN)
1985 prepare_warning(&warn[cnt], dquots[cnt], wtype);
1986 dquot_decr_inodes(dquots[cnt], 1);
1987 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1988 }
1989 spin_unlock(&inode->i_lock);
1990 mark_all_dquot_dirty(dquots);
1991 srcu_read_unlock(&dquot_srcu, index);
1992 flush_warnings(warn);
1993 }
1994 EXPORT_SYMBOL(dquot_free_inode);
1995
1996 /*
1997 * Transfer the number of inode and blocks from one diskquota to an other.
1998 * On success, dquot references in transfer_to are consumed and references
1999 * to original dquots that need to be released are placed there. On failure,
2000 * references are kept untouched.
2001 *
2002 * This operation can block, but only after everything is updated
2003 * A transaction must be started when entering this function.
2004 *
2005 * We are holding reference on transfer_from & transfer_to, no need to
2006 * protect them by srcu_read_lock().
2007 */
__dquot_transfer(struct inode * inode,struct dquot ** transfer_to)2008 int __dquot_transfer(struct inode *inode, struct dquot **transfer_to)
2009 {
2010 qsize_t cur_space;
2011 qsize_t rsv_space = 0;
2012 qsize_t inode_usage = 1;
2013 struct dquot *transfer_from[MAXQUOTAS] = {};
2014 int cnt, ret = 0;
2015 char is_valid[MAXQUOTAS] = {};
2016 struct dquot_warn warn_to[MAXQUOTAS];
2017 struct dquot_warn warn_from_inodes[MAXQUOTAS];
2018 struct dquot_warn warn_from_space[MAXQUOTAS];
2019
2020 if (IS_NOQUOTA(inode))
2021 return 0;
2022
2023 if (inode->i_sb->dq_op->get_inode_usage) {
2024 ret = inode->i_sb->dq_op->get_inode_usage(inode, &inode_usage);
2025 if (ret)
2026 return ret;
2027 }
2028
2029 /* Initialize the arrays */
2030 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2031 warn_to[cnt].w_type = QUOTA_NL_NOWARN;
2032 warn_from_inodes[cnt].w_type = QUOTA_NL_NOWARN;
2033 warn_from_space[cnt].w_type = QUOTA_NL_NOWARN;
2034 }
2035
2036 spin_lock(&dq_data_lock);
2037 spin_lock(&inode->i_lock);
2038 if (IS_NOQUOTA(inode)) { /* File without quota accounting? */
2039 spin_unlock(&inode->i_lock);
2040 spin_unlock(&dq_data_lock);
2041 return 0;
2042 }
2043 cur_space = __inode_get_bytes(inode);
2044 rsv_space = __inode_get_rsv_space(inode);
2045 /*
2046 * Build the transfer_from list, check limits, and update usage in
2047 * the target structures.
2048 */
2049 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2050 /*
2051 * Skip changes for same uid or gid or for turned off quota-type.
2052 */
2053 if (!transfer_to[cnt])
2054 continue;
2055 /* Avoid races with quotaoff() */
2056 if (!sb_has_quota_active(inode->i_sb, cnt))
2057 continue;
2058 is_valid[cnt] = 1;
2059 transfer_from[cnt] = i_dquot(inode)[cnt];
2060 ret = dquot_add_inodes(transfer_to[cnt], inode_usage,
2061 &warn_to[cnt]);
2062 if (ret)
2063 goto over_quota;
2064 ret = dquot_add_space(transfer_to[cnt], cur_space, rsv_space,
2065 DQUOT_SPACE_WARN, &warn_to[cnt]);
2066 if (ret) {
2067 spin_lock(&transfer_to[cnt]->dq_dqb_lock);
2068 dquot_decr_inodes(transfer_to[cnt], inode_usage);
2069 spin_unlock(&transfer_to[cnt]->dq_dqb_lock);
2070 goto over_quota;
2071 }
2072 }
2073
2074 /* Decrease usage for source structures and update quota pointers */
2075 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2076 if (!is_valid[cnt])
2077 continue;
2078 /* Due to IO error we might not have transfer_from[] structure */
2079 if (transfer_from[cnt]) {
2080 int wtype;
2081
2082 spin_lock(&transfer_from[cnt]->dq_dqb_lock);
2083 wtype = info_idq_free(transfer_from[cnt], inode_usage);
2084 if (wtype != QUOTA_NL_NOWARN)
2085 prepare_warning(&warn_from_inodes[cnt],
2086 transfer_from[cnt], wtype);
2087 wtype = info_bdq_free(transfer_from[cnt],
2088 cur_space + rsv_space);
2089 if (wtype != QUOTA_NL_NOWARN)
2090 prepare_warning(&warn_from_space[cnt],
2091 transfer_from[cnt], wtype);
2092 dquot_decr_inodes(transfer_from[cnt], inode_usage);
2093 dquot_decr_space(transfer_from[cnt], cur_space);
2094 dquot_free_reserved_space(transfer_from[cnt],
2095 rsv_space);
2096 spin_unlock(&transfer_from[cnt]->dq_dqb_lock);
2097 }
2098 i_dquot(inode)[cnt] = transfer_to[cnt];
2099 }
2100 spin_unlock(&inode->i_lock);
2101 spin_unlock(&dq_data_lock);
2102
2103 mark_all_dquot_dirty(transfer_from);
2104 mark_all_dquot_dirty(transfer_to);
2105 flush_warnings(warn_to);
2106 flush_warnings(warn_from_inodes);
2107 flush_warnings(warn_from_space);
2108 /* Pass back references to put */
2109 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2110 if (is_valid[cnt])
2111 transfer_to[cnt] = transfer_from[cnt];
2112 return 0;
2113 over_quota:
2114 /* Back out changes we already did */
2115 for (cnt--; cnt >= 0; cnt--) {
2116 if (!is_valid[cnt])
2117 continue;
2118 spin_lock(&transfer_to[cnt]->dq_dqb_lock);
2119 dquot_decr_inodes(transfer_to[cnt], inode_usage);
2120 dquot_decr_space(transfer_to[cnt], cur_space);
2121 dquot_free_reserved_space(transfer_to[cnt], rsv_space);
2122 spin_unlock(&transfer_to[cnt]->dq_dqb_lock);
2123 }
2124 spin_unlock(&inode->i_lock);
2125 spin_unlock(&dq_data_lock);
2126 flush_warnings(warn_to);
2127 return ret;
2128 }
2129 EXPORT_SYMBOL(__dquot_transfer);
2130
2131 /* Wrapper for transferring ownership of an inode for uid/gid only
2132 * Called from FSXXX_setattr()
2133 */
dquot_transfer(struct inode * inode,struct iattr * iattr)2134 int dquot_transfer(struct inode *inode, struct iattr *iattr)
2135 {
2136 struct dquot *transfer_to[MAXQUOTAS] = {};
2137 struct dquot *dquot;
2138 struct super_block *sb = inode->i_sb;
2139 int ret;
2140
2141 if (!inode_quota_active(inode))
2142 return 0;
2143
2144 if (iattr->ia_valid & ATTR_UID && !uid_eq(iattr->ia_uid, inode->i_uid)){
2145 dquot = dqget(sb, make_kqid_uid(iattr->ia_uid));
2146 if (IS_ERR(dquot)) {
2147 if (PTR_ERR(dquot) != -ESRCH) {
2148 ret = PTR_ERR(dquot);
2149 goto out_put;
2150 }
2151 dquot = NULL;
2152 }
2153 transfer_to[USRQUOTA] = dquot;
2154 }
2155 if (iattr->ia_valid & ATTR_GID && !gid_eq(iattr->ia_gid, inode->i_gid)){
2156 dquot = dqget(sb, make_kqid_gid(iattr->ia_gid));
2157 if (IS_ERR(dquot)) {
2158 if (PTR_ERR(dquot) != -ESRCH) {
2159 ret = PTR_ERR(dquot);
2160 goto out_put;
2161 }
2162 dquot = NULL;
2163 }
2164 transfer_to[GRPQUOTA] = dquot;
2165 }
2166 ret = __dquot_transfer(inode, transfer_to);
2167 out_put:
2168 dqput_all(transfer_to);
2169 return ret;
2170 }
2171 EXPORT_SYMBOL(dquot_transfer);
2172
2173 /*
2174 * Write info of quota file to disk
2175 */
dquot_commit_info(struct super_block * sb,int type)2176 int dquot_commit_info(struct super_block *sb, int type)
2177 {
2178 struct quota_info *dqopt = sb_dqopt(sb);
2179
2180 return dqopt->ops[type]->write_file_info(sb, type);
2181 }
2182 EXPORT_SYMBOL(dquot_commit_info);
2183
dquot_get_next_id(struct super_block * sb,struct kqid * qid)2184 int dquot_get_next_id(struct super_block *sb, struct kqid *qid)
2185 {
2186 struct quota_info *dqopt = sb_dqopt(sb);
2187
2188 if (!sb_has_quota_active(sb, qid->type))
2189 return -ESRCH;
2190 if (!dqopt->ops[qid->type]->get_next_id)
2191 return -ENOSYS;
2192 return dqopt->ops[qid->type]->get_next_id(sb, qid);
2193 }
2194 EXPORT_SYMBOL(dquot_get_next_id);
2195
2196 /*
2197 * Definitions of diskquota operations.
2198 */
2199 const struct dquot_operations dquot_operations = {
2200 .write_dquot = dquot_commit,
2201 .acquire_dquot = dquot_acquire,
2202 .release_dquot = dquot_release,
2203 .mark_dirty = dquot_mark_dquot_dirty,
2204 .write_info = dquot_commit_info,
2205 .alloc_dquot = dquot_alloc,
2206 .destroy_dquot = dquot_destroy,
2207 .get_next_id = dquot_get_next_id,
2208 };
2209 EXPORT_SYMBOL(dquot_operations);
2210
2211 /*
2212 * Generic helper for ->open on filesystems supporting disk quotas.
2213 */
dquot_file_open(struct inode * inode,struct file * file)2214 int dquot_file_open(struct inode *inode, struct file *file)
2215 {
2216 int error;
2217
2218 error = generic_file_open(inode, file);
2219 if (!error && (file->f_mode & FMODE_WRITE))
2220 error = dquot_initialize(inode);
2221 return error;
2222 }
2223 EXPORT_SYMBOL(dquot_file_open);
2224
2225 /*
2226 * Turn quota off on a device. type == -1 ==> quotaoff for all types (umount)
2227 */
dquot_disable(struct super_block * sb,int type,unsigned int flags)2228 int dquot_disable(struct super_block *sb, int type, unsigned int flags)
2229 {
2230 int cnt, ret = 0;
2231 struct quota_info *dqopt = sb_dqopt(sb);
2232 struct inode *toputinode[MAXQUOTAS];
2233
2234 /* s_umount should be held in exclusive mode */
2235 if (WARN_ON_ONCE(down_read_trylock(&sb->s_umount)))
2236 up_read(&sb->s_umount);
2237
2238 /* Cannot turn off usage accounting without turning off limits, or
2239 * suspend quotas and simultaneously turn quotas off. */
2240 if ((flags & DQUOT_USAGE_ENABLED && !(flags & DQUOT_LIMITS_ENABLED))
2241 || (flags & DQUOT_SUSPENDED && flags & (DQUOT_LIMITS_ENABLED |
2242 DQUOT_USAGE_ENABLED)))
2243 return -EINVAL;
2244
2245 /*
2246 * Skip everything if there's nothing to do. We have to do this because
2247 * sometimes we are called when fill_super() failed and calling
2248 * sync_fs() in such cases does no good.
2249 */
2250 if (!sb_any_quota_loaded(sb))
2251 return 0;
2252
2253 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2254 toputinode[cnt] = NULL;
2255 if (type != -1 && cnt != type)
2256 continue;
2257 if (!sb_has_quota_loaded(sb, cnt))
2258 continue;
2259
2260 if (flags & DQUOT_SUSPENDED) {
2261 spin_lock(&dq_state_lock);
2262 dqopt->flags |=
2263 dquot_state_flag(DQUOT_SUSPENDED, cnt);
2264 spin_unlock(&dq_state_lock);
2265 } else {
2266 spin_lock(&dq_state_lock);
2267 dqopt->flags &= ~dquot_state_flag(flags, cnt);
2268 /* Turning off suspended quotas? */
2269 if (!sb_has_quota_loaded(sb, cnt) &&
2270 sb_has_quota_suspended(sb, cnt)) {
2271 dqopt->flags &= ~dquot_state_flag(
2272 DQUOT_SUSPENDED, cnt);
2273 spin_unlock(&dq_state_lock);
2274 iput(dqopt->files[cnt]);
2275 dqopt->files[cnt] = NULL;
2276 continue;
2277 }
2278 spin_unlock(&dq_state_lock);
2279 }
2280
2281 /* We still have to keep quota loaded? */
2282 if (sb_has_quota_loaded(sb, cnt) && !(flags & DQUOT_SUSPENDED))
2283 continue;
2284
2285 /* Note: these are blocking operations */
2286 drop_dquot_ref(sb, cnt);
2287 invalidate_dquots(sb, cnt);
2288 /*
2289 * Now all dquots should be invalidated, all writes done so we
2290 * should be only users of the info. No locks needed.
2291 */
2292 if (info_dirty(&dqopt->info[cnt]))
2293 sb->dq_op->write_info(sb, cnt);
2294 if (dqopt->ops[cnt]->free_file_info)
2295 dqopt->ops[cnt]->free_file_info(sb, cnt);
2296 put_quota_format(dqopt->info[cnt].dqi_format);
2297
2298 toputinode[cnt] = dqopt->files[cnt];
2299 if (!sb_has_quota_loaded(sb, cnt))
2300 dqopt->files[cnt] = NULL;
2301 dqopt->info[cnt].dqi_flags = 0;
2302 dqopt->info[cnt].dqi_igrace = 0;
2303 dqopt->info[cnt].dqi_bgrace = 0;
2304 dqopt->ops[cnt] = NULL;
2305 }
2306
2307 /* Skip syncing and setting flags if quota files are hidden */
2308 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
2309 goto put_inodes;
2310
2311 /* Sync the superblock so that buffers with quota data are written to
2312 * disk (and so userspace sees correct data afterwards). */
2313 if (sb->s_op->sync_fs)
2314 sb->s_op->sync_fs(sb, 1);
2315 sync_blockdev(sb->s_bdev);
2316 /* Now the quota files are just ordinary files and we can set the
2317 * inode flags back. Moreover we discard the pagecache so that
2318 * userspace sees the writes we did bypassing the pagecache. We
2319 * must also discard the blockdev buffers so that we see the
2320 * changes done by userspace on the next quotaon() */
2321 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2322 /* This can happen when suspending quotas on remount-ro... */
2323 if (toputinode[cnt] && !sb_has_quota_loaded(sb, cnt)) {
2324 inode_lock(toputinode[cnt]);
2325 toputinode[cnt]->i_flags &= ~S_NOQUOTA;
2326 truncate_inode_pages(&toputinode[cnt]->i_data, 0);
2327 inode_unlock(toputinode[cnt]);
2328 mark_inode_dirty_sync(toputinode[cnt]);
2329 }
2330 if (sb->s_bdev)
2331 invalidate_bdev(sb->s_bdev);
2332 put_inodes:
2333 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2334 if (toputinode[cnt]) {
2335 /* On remount RO, we keep the inode pointer so that we
2336 * can reenable quota on the subsequent remount RW. We
2337 * have to check 'flags' variable and not use sb_has_
2338 * function because another quotaon / quotaoff could
2339 * change global state before we got here. We refuse
2340 * to suspend quotas when there is pending delete on
2341 * the quota file... */
2342 if (!(flags & DQUOT_SUSPENDED))
2343 iput(toputinode[cnt]);
2344 else if (!toputinode[cnt]->i_nlink)
2345 ret = -EBUSY;
2346 }
2347 return ret;
2348 }
2349 EXPORT_SYMBOL(dquot_disable);
2350
dquot_quota_off(struct super_block * sb,int type)2351 int dquot_quota_off(struct super_block *sb, int type)
2352 {
2353 return dquot_disable(sb, type,
2354 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2355 }
2356 EXPORT_SYMBOL(dquot_quota_off);
2357
2358 /*
2359 * Turn quotas on on a device
2360 */
2361
vfs_setup_quota_inode(struct inode * inode,int type)2362 static int vfs_setup_quota_inode(struct inode *inode, int type)
2363 {
2364 struct super_block *sb = inode->i_sb;
2365 struct quota_info *dqopt = sb_dqopt(sb);
2366
2367 if (is_bad_inode(inode))
2368 return -EUCLEAN;
2369 if (!S_ISREG(inode->i_mode))
2370 return -EACCES;
2371 if (IS_RDONLY(inode))
2372 return -EROFS;
2373 if (sb_has_quota_loaded(sb, type))
2374 return -EBUSY;
2375
2376 dqopt->files[type] = igrab(inode);
2377 if (!dqopt->files[type])
2378 return -EIO;
2379 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2380 /* We don't want quota and atime on quota files (deadlocks
2381 * possible) Also nobody should write to the file - we use
2382 * special IO operations which ignore the immutable bit. */
2383 inode_lock(inode);
2384 inode->i_flags |= S_NOQUOTA;
2385 inode_unlock(inode);
2386 /*
2387 * When S_NOQUOTA is set, remove dquot references as no more
2388 * references can be added
2389 */
2390 __dquot_drop(inode);
2391 }
2392 return 0;
2393 }
2394
vfs_cleanup_quota_inode(struct super_block * sb,int type)2395 static void vfs_cleanup_quota_inode(struct super_block *sb, int type)
2396 {
2397 struct quota_info *dqopt = sb_dqopt(sb);
2398 struct inode *inode = dqopt->files[type];
2399
2400 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2401 inode_lock(inode);
2402 inode->i_flags &= ~S_NOQUOTA;
2403 inode_unlock(inode);
2404 }
2405 dqopt->files[type] = NULL;
2406 iput(inode);
2407 }
2408
dquot_load_quota_sb(struct super_block * sb,int type,int format_id,unsigned int flags)2409 int dquot_load_quota_sb(struct super_block *sb, int type, int format_id,
2410 unsigned int flags)
2411 {
2412 struct quota_format_type *fmt = find_quota_format(format_id);
2413 struct quota_info *dqopt = sb_dqopt(sb);
2414 int error;
2415
2416 if (!fmt)
2417 return -ESRCH;
2418 if (!sb->s_op->quota_write || !sb->s_op->quota_read ||
2419 (type == PRJQUOTA && sb->dq_op->get_projid == NULL)) {
2420 error = -EINVAL;
2421 goto out_fmt;
2422 }
2423 /* Filesystems outside of init_user_ns not yet supported */
2424 if (sb->s_user_ns != &init_user_ns) {
2425 error = -EINVAL;
2426 goto out_fmt;
2427 }
2428 /* Usage always has to be set... */
2429 if (!(flags & DQUOT_USAGE_ENABLED)) {
2430 error = -EINVAL;
2431 goto out_fmt;
2432 }
2433 if (sb_has_quota_loaded(sb, type)) {
2434 error = -EBUSY;
2435 goto out_fmt;
2436 }
2437
2438 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2439 /* As we bypass the pagecache we must now flush all the
2440 * dirty data and invalidate caches so that kernel sees
2441 * changes from userspace. It is not enough to just flush
2442 * the quota file since if blocksize < pagesize, invalidation
2443 * of the cache could fail because of other unrelated dirty
2444 * data */
2445 sync_filesystem(sb);
2446 invalidate_bdev(sb->s_bdev);
2447 }
2448
2449 error = -EINVAL;
2450 if (!fmt->qf_ops->check_quota_file(sb, type))
2451 goto out_fmt;
2452
2453 dqopt->ops[type] = fmt->qf_ops;
2454 dqopt->info[type].dqi_format = fmt;
2455 dqopt->info[type].dqi_fmt_id = format_id;
2456 INIT_LIST_HEAD(&dqopt->info[type].dqi_dirty_list);
2457 error = dqopt->ops[type]->read_file_info(sb, type);
2458 if (error < 0)
2459 goto out_fmt;
2460 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE) {
2461 spin_lock(&dq_data_lock);
2462 dqopt->info[type].dqi_flags |= DQF_SYS_FILE;
2463 spin_unlock(&dq_data_lock);
2464 }
2465 spin_lock(&dq_state_lock);
2466 dqopt->flags |= dquot_state_flag(flags, type);
2467 spin_unlock(&dq_state_lock);
2468
2469 error = add_dquot_ref(sb, type);
2470 if (error)
2471 dquot_disable(sb, type,
2472 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2473
2474 return error;
2475 out_fmt:
2476 put_quota_format(fmt);
2477
2478 return error;
2479 }
2480 EXPORT_SYMBOL(dquot_load_quota_sb);
2481
2482 /*
2483 * Helper function to turn quotas on when we already have the inode of
2484 * quota file and no quota information is loaded.
2485 */
vfs_load_quota_inode(struct inode * inode,int type,int format_id,unsigned int flags)2486 static int vfs_load_quota_inode(struct inode *inode, int type, int format_id,
2487 unsigned int flags)
2488 {
2489 int err;
2490
2491 err = vfs_setup_quota_inode(inode, type);
2492 if (err < 0)
2493 return err;
2494 err = dquot_load_quota_sb(inode->i_sb, type, format_id, flags);
2495 if (err < 0)
2496 vfs_cleanup_quota_inode(inode->i_sb, type);
2497 return err;
2498 }
2499
2500 /* Reenable quotas on remount RW */
dquot_resume(struct super_block * sb,int type)2501 int dquot_resume(struct super_block *sb, int type)
2502 {
2503 struct quota_info *dqopt = sb_dqopt(sb);
2504 struct inode *inode;
2505 int ret = 0, cnt;
2506 unsigned int flags;
2507
2508 /* s_umount should be held in exclusive mode */
2509 if (WARN_ON_ONCE(down_read_trylock(&sb->s_umount)))
2510 up_read(&sb->s_umount);
2511
2512 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2513 if (type != -1 && cnt != type)
2514 continue;
2515 if (!sb_has_quota_suspended(sb, cnt))
2516 continue;
2517
2518 inode = dqopt->files[cnt];
2519 dqopt->files[cnt] = NULL;
2520 spin_lock(&dq_state_lock);
2521 flags = dqopt->flags & dquot_state_flag(DQUOT_USAGE_ENABLED |
2522 DQUOT_LIMITS_ENABLED,
2523 cnt);
2524 dqopt->flags &= ~dquot_state_flag(DQUOT_STATE_FLAGS, cnt);
2525 spin_unlock(&dq_state_lock);
2526
2527 flags = dquot_generic_flag(flags, cnt);
2528 ret = vfs_load_quota_inode(inode, cnt,
2529 dqopt->info[cnt].dqi_fmt_id, flags);
2530 iput(inode);
2531 }
2532
2533 return ret;
2534 }
2535 EXPORT_SYMBOL(dquot_resume);
2536
dquot_quota_on(struct super_block * sb,int type,int format_id,const struct path * path)2537 int dquot_quota_on(struct super_block *sb, int type, int format_id,
2538 const struct path *path)
2539 {
2540 int error = security_quota_on(path->dentry);
2541 if (error)
2542 return error;
2543 /* Quota file not on the same filesystem? */
2544 if (path->dentry->d_sb != sb)
2545 error = -EXDEV;
2546 else
2547 error = vfs_load_quota_inode(d_inode(path->dentry), type,
2548 format_id, DQUOT_USAGE_ENABLED |
2549 DQUOT_LIMITS_ENABLED);
2550 return error;
2551 }
2552 EXPORT_SYMBOL(dquot_quota_on);
2553
2554 /*
2555 * More powerful function for turning on quotas allowing setting
2556 * of individual quota flags
2557 */
dquot_enable(struct inode * inode,int type,int format_id,unsigned int flags)2558 int dquot_enable(struct inode *inode, int type, int format_id,
2559 unsigned int flags)
2560 {
2561 struct super_block *sb = inode->i_sb;
2562
2563 /* Just unsuspend quotas? */
2564 BUG_ON(flags & DQUOT_SUSPENDED);
2565 /* s_umount should be held in exclusive mode */
2566 if (WARN_ON_ONCE(down_read_trylock(&sb->s_umount)))
2567 up_read(&sb->s_umount);
2568
2569 if (!flags)
2570 return 0;
2571 /* Just updating flags needed? */
2572 if (sb_has_quota_loaded(sb, type)) {
2573 if (flags & DQUOT_USAGE_ENABLED &&
2574 sb_has_quota_usage_enabled(sb, type))
2575 return -EBUSY;
2576 if (flags & DQUOT_LIMITS_ENABLED &&
2577 sb_has_quota_limits_enabled(sb, type))
2578 return -EBUSY;
2579 spin_lock(&dq_state_lock);
2580 sb_dqopt(sb)->flags |= dquot_state_flag(flags, type);
2581 spin_unlock(&dq_state_lock);
2582 return 0;
2583 }
2584
2585 return vfs_load_quota_inode(inode, type, format_id, flags);
2586 }
2587 EXPORT_SYMBOL(dquot_enable);
2588
2589 /*
2590 * This function is used when filesystem needs to initialize quotas
2591 * during mount time.
2592 */
dquot_quota_on_mount(struct super_block * sb,char * qf_name,int format_id,int type)2593 int dquot_quota_on_mount(struct super_block *sb, char *qf_name,
2594 int format_id, int type)
2595 {
2596 struct dentry *dentry;
2597 int error;
2598
2599 dentry = lookup_positive_unlocked(qf_name, sb->s_root, strlen(qf_name));
2600 if (IS_ERR(dentry))
2601 return PTR_ERR(dentry);
2602
2603 error = security_quota_on(dentry);
2604 if (!error)
2605 error = vfs_load_quota_inode(d_inode(dentry), type, format_id,
2606 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2607
2608 dput(dentry);
2609 return error;
2610 }
2611 EXPORT_SYMBOL(dquot_quota_on_mount);
2612
dquot_quota_enable(struct super_block * sb,unsigned int flags)2613 static int dquot_quota_enable(struct super_block *sb, unsigned int flags)
2614 {
2615 int ret;
2616 int type;
2617 struct quota_info *dqopt = sb_dqopt(sb);
2618
2619 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE))
2620 return -ENOSYS;
2621 /* Accounting cannot be turned on while fs is mounted */
2622 flags &= ~(FS_QUOTA_UDQ_ACCT | FS_QUOTA_GDQ_ACCT | FS_QUOTA_PDQ_ACCT);
2623 if (!flags)
2624 return -EINVAL;
2625 for (type = 0; type < MAXQUOTAS; type++) {
2626 if (!(flags & qtype_enforce_flag(type)))
2627 continue;
2628 /* Can't enforce without accounting */
2629 if (!sb_has_quota_usage_enabled(sb, type))
2630 return -EINVAL;
2631 ret = dquot_enable(dqopt->files[type], type,
2632 dqopt->info[type].dqi_fmt_id,
2633 DQUOT_LIMITS_ENABLED);
2634 if (ret < 0)
2635 goto out_err;
2636 }
2637 return 0;
2638 out_err:
2639 /* Backout enforcement enablement we already did */
2640 for (type--; type >= 0; type--) {
2641 if (flags & qtype_enforce_flag(type))
2642 dquot_disable(sb, type, DQUOT_LIMITS_ENABLED);
2643 }
2644 /* Error code translation for better compatibility with XFS */
2645 if (ret == -EBUSY)
2646 ret = -EEXIST;
2647 return ret;
2648 }
2649
dquot_quota_disable(struct super_block * sb,unsigned int flags)2650 static int dquot_quota_disable(struct super_block *sb, unsigned int flags)
2651 {
2652 int ret;
2653 int type;
2654 struct quota_info *dqopt = sb_dqopt(sb);
2655
2656 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE))
2657 return -ENOSYS;
2658 /*
2659 * We don't support turning off accounting via quotactl. In principle
2660 * quota infrastructure can do this but filesystems don't expect
2661 * userspace to be able to do it.
2662 */
2663 if (flags &
2664 (FS_QUOTA_UDQ_ACCT | FS_QUOTA_GDQ_ACCT | FS_QUOTA_PDQ_ACCT))
2665 return -EOPNOTSUPP;
2666
2667 /* Filter out limits not enabled */
2668 for (type = 0; type < MAXQUOTAS; type++)
2669 if (!sb_has_quota_limits_enabled(sb, type))
2670 flags &= ~qtype_enforce_flag(type);
2671 /* Nothing left? */
2672 if (!flags)
2673 return -EEXIST;
2674 for (type = 0; type < MAXQUOTAS; type++) {
2675 if (flags & qtype_enforce_flag(type)) {
2676 ret = dquot_disable(sb, type, DQUOT_LIMITS_ENABLED);
2677 if (ret < 0)
2678 goto out_err;
2679 }
2680 }
2681 return 0;
2682 out_err:
2683 /* Backout enforcement disabling we already did */
2684 for (type--; type >= 0; type--) {
2685 if (flags & qtype_enforce_flag(type))
2686 dquot_enable(dqopt->files[type], type,
2687 dqopt->info[type].dqi_fmt_id,
2688 DQUOT_LIMITS_ENABLED);
2689 }
2690 return ret;
2691 }
2692
2693 /* Generic routine for getting common part of quota structure */
do_get_dqblk(struct dquot * dquot,struct qc_dqblk * di)2694 static void do_get_dqblk(struct dquot *dquot, struct qc_dqblk *di)
2695 {
2696 struct mem_dqblk *dm = &dquot->dq_dqb;
2697
2698 memset(di, 0, sizeof(*di));
2699 spin_lock(&dquot->dq_dqb_lock);
2700 di->d_spc_hardlimit = dm->dqb_bhardlimit;
2701 di->d_spc_softlimit = dm->dqb_bsoftlimit;
2702 di->d_ino_hardlimit = dm->dqb_ihardlimit;
2703 di->d_ino_softlimit = dm->dqb_isoftlimit;
2704 di->d_space = dm->dqb_curspace + dm->dqb_rsvspace;
2705 di->d_ino_count = dm->dqb_curinodes;
2706 di->d_spc_timer = dm->dqb_btime;
2707 di->d_ino_timer = dm->dqb_itime;
2708 spin_unlock(&dquot->dq_dqb_lock);
2709 }
2710
dquot_get_dqblk(struct super_block * sb,struct kqid qid,struct qc_dqblk * di)2711 int dquot_get_dqblk(struct super_block *sb, struct kqid qid,
2712 struct qc_dqblk *di)
2713 {
2714 struct dquot *dquot;
2715
2716 dquot = dqget(sb, qid);
2717 if (IS_ERR(dquot))
2718 return PTR_ERR(dquot);
2719 do_get_dqblk(dquot, di);
2720 dqput(dquot);
2721
2722 return 0;
2723 }
2724 EXPORT_SYMBOL(dquot_get_dqblk);
2725
dquot_get_next_dqblk(struct super_block * sb,struct kqid * qid,struct qc_dqblk * di)2726 int dquot_get_next_dqblk(struct super_block *sb, struct kqid *qid,
2727 struct qc_dqblk *di)
2728 {
2729 struct dquot *dquot;
2730 int err;
2731
2732 if (!sb->dq_op->get_next_id)
2733 return -ENOSYS;
2734 err = sb->dq_op->get_next_id(sb, qid);
2735 if (err < 0)
2736 return err;
2737 dquot = dqget(sb, *qid);
2738 if (IS_ERR(dquot))
2739 return PTR_ERR(dquot);
2740 do_get_dqblk(dquot, di);
2741 dqput(dquot);
2742
2743 return 0;
2744 }
2745 EXPORT_SYMBOL(dquot_get_next_dqblk);
2746
2747 #define VFS_QC_MASK \
2748 (QC_SPACE | QC_SPC_SOFT | QC_SPC_HARD | \
2749 QC_INO_COUNT | QC_INO_SOFT | QC_INO_HARD | \
2750 QC_SPC_TIMER | QC_INO_TIMER)
2751
2752 /* Generic routine for setting common part of quota structure */
do_set_dqblk(struct dquot * dquot,struct qc_dqblk * di)2753 static int do_set_dqblk(struct dquot *dquot, struct qc_dqblk *di)
2754 {
2755 struct mem_dqblk *dm = &dquot->dq_dqb;
2756 int check_blim = 0, check_ilim = 0;
2757 struct mem_dqinfo *dqi = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
2758
2759 if (di->d_fieldmask & ~VFS_QC_MASK)
2760 return -EINVAL;
2761
2762 if (((di->d_fieldmask & QC_SPC_SOFT) &&
2763 di->d_spc_softlimit > dqi->dqi_max_spc_limit) ||
2764 ((di->d_fieldmask & QC_SPC_HARD) &&
2765 di->d_spc_hardlimit > dqi->dqi_max_spc_limit) ||
2766 ((di->d_fieldmask & QC_INO_SOFT) &&
2767 (di->d_ino_softlimit > dqi->dqi_max_ino_limit)) ||
2768 ((di->d_fieldmask & QC_INO_HARD) &&
2769 (di->d_ino_hardlimit > dqi->dqi_max_ino_limit)))
2770 return -ERANGE;
2771
2772 spin_lock(&dquot->dq_dqb_lock);
2773 if (di->d_fieldmask & QC_SPACE) {
2774 dm->dqb_curspace = di->d_space - dm->dqb_rsvspace;
2775 check_blim = 1;
2776 set_bit(DQ_LASTSET_B + QIF_SPACE_B, &dquot->dq_flags);
2777 }
2778
2779 if (di->d_fieldmask & QC_SPC_SOFT)
2780 dm->dqb_bsoftlimit = di->d_spc_softlimit;
2781 if (di->d_fieldmask & QC_SPC_HARD)
2782 dm->dqb_bhardlimit = di->d_spc_hardlimit;
2783 if (di->d_fieldmask & (QC_SPC_SOFT | QC_SPC_HARD)) {
2784 check_blim = 1;
2785 set_bit(DQ_LASTSET_B + QIF_BLIMITS_B, &dquot->dq_flags);
2786 }
2787
2788 if (di->d_fieldmask & QC_INO_COUNT) {
2789 dm->dqb_curinodes = di->d_ino_count;
2790 check_ilim = 1;
2791 set_bit(DQ_LASTSET_B + QIF_INODES_B, &dquot->dq_flags);
2792 }
2793
2794 if (di->d_fieldmask & QC_INO_SOFT)
2795 dm->dqb_isoftlimit = di->d_ino_softlimit;
2796 if (di->d_fieldmask & QC_INO_HARD)
2797 dm->dqb_ihardlimit = di->d_ino_hardlimit;
2798 if (di->d_fieldmask & (QC_INO_SOFT | QC_INO_HARD)) {
2799 check_ilim = 1;
2800 set_bit(DQ_LASTSET_B + QIF_ILIMITS_B, &dquot->dq_flags);
2801 }
2802
2803 if (di->d_fieldmask & QC_SPC_TIMER) {
2804 dm->dqb_btime = di->d_spc_timer;
2805 check_blim = 1;
2806 set_bit(DQ_LASTSET_B + QIF_BTIME_B, &dquot->dq_flags);
2807 }
2808
2809 if (di->d_fieldmask & QC_INO_TIMER) {
2810 dm->dqb_itime = di->d_ino_timer;
2811 check_ilim = 1;
2812 set_bit(DQ_LASTSET_B + QIF_ITIME_B, &dquot->dq_flags);
2813 }
2814
2815 if (check_blim) {
2816 if (!dm->dqb_bsoftlimit ||
2817 dm->dqb_curspace + dm->dqb_rsvspace < dm->dqb_bsoftlimit) {
2818 dm->dqb_btime = 0;
2819 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
2820 } else if (!(di->d_fieldmask & QC_SPC_TIMER))
2821 /* Set grace only if user hasn't provided his own... */
2822 dm->dqb_btime = ktime_get_real_seconds() + dqi->dqi_bgrace;
2823 }
2824 if (check_ilim) {
2825 if (!dm->dqb_isoftlimit ||
2826 dm->dqb_curinodes < dm->dqb_isoftlimit) {
2827 dm->dqb_itime = 0;
2828 clear_bit(DQ_INODES_B, &dquot->dq_flags);
2829 } else if (!(di->d_fieldmask & QC_INO_TIMER))
2830 /* Set grace only if user hasn't provided his own... */
2831 dm->dqb_itime = ktime_get_real_seconds() + dqi->dqi_igrace;
2832 }
2833 if (dm->dqb_bhardlimit || dm->dqb_bsoftlimit || dm->dqb_ihardlimit ||
2834 dm->dqb_isoftlimit)
2835 clear_bit(DQ_FAKE_B, &dquot->dq_flags);
2836 else
2837 set_bit(DQ_FAKE_B, &dquot->dq_flags);
2838 spin_unlock(&dquot->dq_dqb_lock);
2839 mark_dquot_dirty(dquot);
2840
2841 return 0;
2842 }
2843
dquot_set_dqblk(struct super_block * sb,struct kqid qid,struct qc_dqblk * di)2844 int dquot_set_dqblk(struct super_block *sb, struct kqid qid,
2845 struct qc_dqblk *di)
2846 {
2847 struct dquot *dquot;
2848 int rc;
2849
2850 dquot = dqget(sb, qid);
2851 if (IS_ERR(dquot)) {
2852 rc = PTR_ERR(dquot);
2853 goto out;
2854 }
2855 rc = do_set_dqblk(dquot, di);
2856 dqput(dquot);
2857 out:
2858 return rc;
2859 }
2860 EXPORT_SYMBOL(dquot_set_dqblk);
2861
2862 /* Generic routine for getting common part of quota file information */
dquot_get_state(struct super_block * sb,struct qc_state * state)2863 int dquot_get_state(struct super_block *sb, struct qc_state *state)
2864 {
2865 struct mem_dqinfo *mi;
2866 struct qc_type_state *tstate;
2867 struct quota_info *dqopt = sb_dqopt(sb);
2868 int type;
2869
2870 memset(state, 0, sizeof(*state));
2871 for (type = 0; type < MAXQUOTAS; type++) {
2872 if (!sb_has_quota_active(sb, type))
2873 continue;
2874 tstate = state->s_state + type;
2875 mi = sb_dqopt(sb)->info + type;
2876 tstate->flags = QCI_ACCT_ENABLED;
2877 spin_lock(&dq_data_lock);
2878 if (mi->dqi_flags & DQF_SYS_FILE)
2879 tstate->flags |= QCI_SYSFILE;
2880 if (mi->dqi_flags & DQF_ROOT_SQUASH)
2881 tstate->flags |= QCI_ROOT_SQUASH;
2882 if (sb_has_quota_limits_enabled(sb, type))
2883 tstate->flags |= QCI_LIMITS_ENFORCED;
2884 tstate->spc_timelimit = mi->dqi_bgrace;
2885 tstate->ino_timelimit = mi->dqi_igrace;
2886 tstate->ino = dqopt->files[type]->i_ino;
2887 tstate->blocks = dqopt->files[type]->i_blocks;
2888 tstate->nextents = 1; /* We don't know... */
2889 spin_unlock(&dq_data_lock);
2890 }
2891 return 0;
2892 }
2893 EXPORT_SYMBOL(dquot_get_state);
2894
2895 /* Generic routine for setting common part of quota file information */
dquot_set_dqinfo(struct super_block * sb,int type,struct qc_info * ii)2896 int dquot_set_dqinfo(struct super_block *sb, int type, struct qc_info *ii)
2897 {
2898 struct mem_dqinfo *mi;
2899 int err = 0;
2900
2901 if ((ii->i_fieldmask & QC_WARNS_MASK) ||
2902 (ii->i_fieldmask & QC_RT_SPC_TIMER))
2903 return -EINVAL;
2904 if (!sb_has_quota_active(sb, type))
2905 return -ESRCH;
2906 mi = sb_dqopt(sb)->info + type;
2907 if (ii->i_fieldmask & QC_FLAGS) {
2908 if ((ii->i_flags & QCI_ROOT_SQUASH &&
2909 mi->dqi_format->qf_fmt_id != QFMT_VFS_OLD))
2910 return -EINVAL;
2911 }
2912 spin_lock(&dq_data_lock);
2913 if (ii->i_fieldmask & QC_SPC_TIMER)
2914 mi->dqi_bgrace = ii->i_spc_timelimit;
2915 if (ii->i_fieldmask & QC_INO_TIMER)
2916 mi->dqi_igrace = ii->i_ino_timelimit;
2917 if (ii->i_fieldmask & QC_FLAGS) {
2918 if (ii->i_flags & QCI_ROOT_SQUASH)
2919 mi->dqi_flags |= DQF_ROOT_SQUASH;
2920 else
2921 mi->dqi_flags &= ~DQF_ROOT_SQUASH;
2922 }
2923 spin_unlock(&dq_data_lock);
2924 mark_info_dirty(sb, type);
2925 /* Force write to disk */
2926 sb->dq_op->write_info(sb, type);
2927 return err;
2928 }
2929 EXPORT_SYMBOL(dquot_set_dqinfo);
2930
2931 const struct quotactl_ops dquot_quotactl_sysfile_ops = {
2932 .quota_enable = dquot_quota_enable,
2933 .quota_disable = dquot_quota_disable,
2934 .quota_sync = dquot_quota_sync,
2935 .get_state = dquot_get_state,
2936 .set_info = dquot_set_dqinfo,
2937 .get_dqblk = dquot_get_dqblk,
2938 .get_nextdqblk = dquot_get_next_dqblk,
2939 .set_dqblk = dquot_set_dqblk
2940 };
2941 EXPORT_SYMBOL(dquot_quotactl_sysfile_ops);
2942
do_proc_dqstats(struct ctl_table * table,int write,void __user * buffer,size_t * lenp,loff_t * ppos)2943 static int do_proc_dqstats(struct ctl_table *table, int write,
2944 void __user *buffer, size_t *lenp, loff_t *ppos)
2945 {
2946 unsigned int type = (unsigned long *)table->data - dqstats.stat;
2947 s64 value = percpu_counter_sum(&dqstats.counter[type]);
2948
2949 /* Filter negative values for non-monotonic counters */
2950 if (value < 0 && (type == DQST_ALLOC_DQUOTS ||
2951 type == DQST_FREE_DQUOTS))
2952 value = 0;
2953
2954 /* Update global table */
2955 dqstats.stat[type] = value;
2956 return proc_doulongvec_minmax(table, write, buffer, lenp, ppos);
2957 }
2958
2959 static struct ctl_table fs_dqstats_table[] = {
2960 {
2961 .procname = "lookups",
2962 .data = &dqstats.stat[DQST_LOOKUPS],
2963 .maxlen = sizeof(unsigned long),
2964 .mode = 0444,
2965 .proc_handler = do_proc_dqstats,
2966 },
2967 {
2968 .procname = "drops",
2969 .data = &dqstats.stat[DQST_DROPS],
2970 .maxlen = sizeof(unsigned long),
2971 .mode = 0444,
2972 .proc_handler = do_proc_dqstats,
2973 },
2974 {
2975 .procname = "reads",
2976 .data = &dqstats.stat[DQST_READS],
2977 .maxlen = sizeof(unsigned long),
2978 .mode = 0444,
2979 .proc_handler = do_proc_dqstats,
2980 },
2981 {
2982 .procname = "writes",
2983 .data = &dqstats.stat[DQST_WRITES],
2984 .maxlen = sizeof(unsigned long),
2985 .mode = 0444,
2986 .proc_handler = do_proc_dqstats,
2987 },
2988 {
2989 .procname = "cache_hits",
2990 .data = &dqstats.stat[DQST_CACHE_HITS],
2991 .maxlen = sizeof(unsigned long),
2992 .mode = 0444,
2993 .proc_handler = do_proc_dqstats,
2994 },
2995 {
2996 .procname = "allocated_dquots",
2997 .data = &dqstats.stat[DQST_ALLOC_DQUOTS],
2998 .maxlen = sizeof(unsigned long),
2999 .mode = 0444,
3000 .proc_handler = do_proc_dqstats,
3001 },
3002 {
3003 .procname = "free_dquots",
3004 .data = &dqstats.stat[DQST_FREE_DQUOTS],
3005 .maxlen = sizeof(unsigned long),
3006 .mode = 0444,
3007 .proc_handler = do_proc_dqstats,
3008 },
3009 {
3010 .procname = "syncs",
3011 .data = &dqstats.stat[DQST_SYNCS],
3012 .maxlen = sizeof(unsigned long),
3013 .mode = 0444,
3014 .proc_handler = do_proc_dqstats,
3015 },
3016 #ifdef CONFIG_PRINT_QUOTA_WARNING
3017 {
3018 .procname = "warnings",
3019 .data = &flag_print_warnings,
3020 .maxlen = sizeof(int),
3021 .mode = 0644,
3022 .proc_handler = proc_dointvec,
3023 },
3024 #endif
3025 { },
3026 };
3027
3028 static struct ctl_table fs_table[] = {
3029 {
3030 .procname = "quota",
3031 .mode = 0555,
3032 .child = fs_dqstats_table,
3033 },
3034 { },
3035 };
3036
3037 static struct ctl_table sys_table[] = {
3038 {
3039 .procname = "fs",
3040 .mode = 0555,
3041 .child = fs_table,
3042 },
3043 { },
3044 };
3045
dquot_init(void)3046 static int __init dquot_init(void)
3047 {
3048 int i, ret;
3049 unsigned long nr_hash, order;
3050
3051 printk(KERN_NOTICE "VFS: Disk quotas %s\n", __DQUOT_VERSION__);
3052
3053 register_sysctl_table(sys_table);
3054
3055 dquot_cachep = kmem_cache_create("dquot",
3056 sizeof(struct dquot), sizeof(unsigned long) * 4,
3057 (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT|
3058 SLAB_MEM_SPREAD|SLAB_PANIC),
3059 NULL);
3060
3061 order = 0;
3062 dquot_hash = (struct hlist_head *)__get_free_pages(GFP_KERNEL, order);
3063 if (!dquot_hash)
3064 panic("Cannot create dquot hash table");
3065
3066 for (i = 0; i < _DQST_DQSTAT_LAST; i++) {
3067 ret = percpu_counter_init(&dqstats.counter[i], 0, GFP_KERNEL);
3068 if (ret)
3069 panic("Cannot create dquot stat counters");
3070 }
3071
3072 /* Find power-of-two hlist_heads which can fit into allocation */
3073 nr_hash = (1UL << order) * PAGE_SIZE / sizeof(struct hlist_head);
3074 dq_hash_bits = 0;
3075 do {
3076 dq_hash_bits++;
3077 } while (nr_hash >> dq_hash_bits);
3078 dq_hash_bits--;
3079
3080 nr_hash = 1UL << dq_hash_bits;
3081 dq_hash_mask = nr_hash - 1;
3082 for (i = 0; i < nr_hash; i++)
3083 INIT_HLIST_HEAD(dquot_hash + i);
3084
3085 pr_info("VFS: Dquot-cache hash table entries: %ld (order %ld,"
3086 " %ld bytes)\n", nr_hash, order, (PAGE_SIZE << order));
3087
3088 if (register_shrinker(&dqcache_shrinker))
3089 panic("Cannot register dquot shrinker");
3090
3091 return 0;
3092 }
3093 fs_initcall(dquot_init);
3094