1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Implementation of the diskquota system for the LINUX operating system. QUOTA
4 * is implemented using the BSD system call interface as the means of
5 * communication with the user level. This file contains the generic routines
6 * called by the different filesystems on allocation of an inode or block.
7 * These routines take care of the administration needed to have a consistent
8 * diskquota tracking system. The ideas of both user and group quotas are based
9 * on the Melbourne quota system as used on BSD derived systems. The internal
10 * implementation is based on one of the several variants of the LINUX
11 * inode-subsystem with added complexity of the diskquota system.
12 *
13 * Author: Marco van Wieringen <mvw@planets.elm.net>
14 *
15 * Fixes: Dmitry Gorodchanin <pgmdsg@ibi.com>, 11 Feb 96
16 *
17 * Revised list management to avoid races
18 * -- Bill Hawes, <whawes@star.net>, 9/98
19 *
20 * Fixed races in dquot_transfer(), dqget() and dquot_alloc_...().
21 * As the consequence the locking was moved from dquot_decr_...(),
22 * dquot_incr_...() to calling functions.
23 * invalidate_dquots() now writes modified dquots.
24 * Serialized quota_off() and quota_on() for mount point.
25 * Fixed a few bugs in grow_dquots().
26 * Fixed deadlock in write_dquot() - we no longer account quotas on
27 * quota files
28 * remove_dquot_ref() moved to inode.c - it now traverses through inodes
29 * add_dquot_ref() restarts after blocking
30 * Added check for bogus uid and fixed check for group in quotactl.
31 * Jan Kara, <jack@suse.cz>, sponsored by SuSE CR, 10-11/99
32 *
33 * Used struct list_head instead of own list struct
34 * Invalidation of referenced dquots is no longer possible
35 * Improved free_dquots list management
36 * Quota and i_blocks are now updated in one place to avoid races
37 * Warnings are now delayed so we won't block in critical section
38 * Write updated not to require dquot lock
39 * Jan Kara, <jack@suse.cz>, 9/2000
40 *
41 * Added dynamic quota structure allocation
42 * Jan Kara <jack@suse.cz> 12/2000
43 *
44 * Rewritten quota interface. Implemented new quota format and
45 * formats registering.
46 * Jan Kara, <jack@suse.cz>, 2001,2002
47 *
48 * New SMP locking.
49 * Jan Kara, <jack@suse.cz>, 10/2002
50 *
51 * Added journalled quota support, fix lock inversion problems
52 * Jan Kara, <jack@suse.cz>, 2003,2004
53 *
54 * (C) Copyright 1994 - 1997 Marco van Wieringen
55 */
56
57 #include <linux/errno.h>
58 #include <linux/kernel.h>
59 #include <linux/fs.h>
60 #include <linux/mount.h>
61 #include <linux/mm.h>
62 #include <linux/time.h>
63 #include <linux/types.h>
64 #include <linux/string.h>
65 #include <linux/fcntl.h>
66 #include <linux/stat.h>
67 #include <linux/tty.h>
68 #include <linux/file.h>
69 #include <linux/slab.h>
70 #include <linux/sysctl.h>
71 #include <linux/init.h>
72 #include <linux/module.h>
73 #include <linux/proc_fs.h>
74 #include <linux/security.h>
75 #include <linux/sched.h>
76 #include <linux/cred.h>
77 #include <linux/kmod.h>
78 #include <linux/namei.h>
79 #include <linux/capability.h>
80 #include <linux/quotaops.h>
81 #include <linux/blkdev.h>
82 #include <linux/sched/mm.h>
83 #include "../internal.h" /* ugh */
84
85 #include <linux/uaccess.h>
86
87 /*
88 * There are five quota SMP locks:
89 * * dq_list_lock protects all lists with quotas and quota formats.
90 * * dquot->dq_dqb_lock protects data from dq_dqb
91 * * inode->i_lock protects inode->i_blocks, i_bytes and also guards
92 * consistency of dquot->dq_dqb with inode->i_blocks, i_bytes so that
93 * dquot_transfer() can stabilize amount it transfers
94 * * dq_data_lock protects mem_dqinfo structures and modifications of dquot
95 * pointers in the inode
96 * * dq_state_lock protects modifications of quota state (on quotaon and
97 * quotaoff) and readers who care about latest values take it as well.
98 *
99 * The spinlock ordering is hence:
100 * dq_data_lock > dq_list_lock > i_lock > dquot->dq_dqb_lock,
101 * dq_list_lock > dq_state_lock
102 *
103 * Note that some things (eg. sb pointer, type, id) doesn't change during
104 * the life of the dquot structure and so needn't to be protected by a lock
105 *
106 * Operation accessing dquots via inode pointers are protected by dquot_srcu.
107 * Operation of reading pointer needs srcu_read_lock(&dquot_srcu), and
108 * synchronize_srcu(&dquot_srcu) is called after clearing pointers from
109 * inode and before dropping dquot references to avoid use of dquots after
110 * they are freed. dq_data_lock is used to serialize the pointer setting and
111 * clearing operations.
112 * Special care needs to be taken about S_NOQUOTA inode flag (marking that
113 * inode is a quota file). Functions adding pointers from inode to dquots have
114 * to check this flag under dq_data_lock and then (if S_NOQUOTA is not set) they
115 * have to do all pointer modifications before dropping dq_data_lock. This makes
116 * sure they cannot race with quotaon which first sets S_NOQUOTA flag and
117 * then drops all pointers to dquots from an inode.
118 *
119 * Each dquot has its dq_lock mutex. Dquot is locked when it is being read to
120 * memory (or space for it is being allocated) on the first dqget(), when it is
121 * being written out, and when it is being released on the last dqput(). The
122 * allocation and release operations are serialized by the dq_lock and by
123 * checking the use count in dquot_release().
124 *
125 * Lock ordering (including related VFS locks) is the following:
126 * s_umount > i_mutex > journal_lock > dquot->dq_lock > dqio_sem
127 */
128
129 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_list_lock);
130 static __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_state_lock);
131 __cacheline_aligned_in_smp DEFINE_SPINLOCK(dq_data_lock);
132 EXPORT_SYMBOL(dq_data_lock);
133 DEFINE_STATIC_SRCU(dquot_srcu);
134
135 static DECLARE_WAIT_QUEUE_HEAD(dquot_ref_wq);
136
__quota_error(struct super_block * sb,const char * func,const char * fmt,...)137 void __quota_error(struct super_block *sb, const char *func,
138 const char *fmt, ...)
139 {
140 if (printk_ratelimit()) {
141 va_list args;
142 struct va_format vaf;
143
144 va_start(args, fmt);
145
146 vaf.fmt = fmt;
147 vaf.va = &args;
148
149 printk(KERN_ERR "Quota error (device %s): %s: %pV\n",
150 sb->s_id, func, &vaf);
151
152 va_end(args);
153 }
154 }
155 EXPORT_SYMBOL(__quota_error);
156
157 #if defined(CONFIG_QUOTA_DEBUG) || defined(CONFIG_PRINT_QUOTA_WARNING)
158 static char *quotatypes[] = INITQFNAMES;
159 #endif
160 static struct quota_format_type *quota_formats; /* List of registered formats */
161 static struct quota_module_name module_names[] = INIT_QUOTA_MODULE_NAMES;
162
163 /* SLAB cache for dquot structures */
164 static struct kmem_cache *dquot_cachep;
165
register_quota_format(struct quota_format_type * fmt)166 int register_quota_format(struct quota_format_type *fmt)
167 {
168 spin_lock(&dq_list_lock);
169 fmt->qf_next = quota_formats;
170 quota_formats = fmt;
171 spin_unlock(&dq_list_lock);
172 return 0;
173 }
174 EXPORT_SYMBOL(register_quota_format);
175
unregister_quota_format(struct quota_format_type * fmt)176 void unregister_quota_format(struct quota_format_type *fmt)
177 {
178 struct quota_format_type **actqf;
179
180 spin_lock(&dq_list_lock);
181 for (actqf = "a_formats; *actqf && *actqf != fmt;
182 actqf = &(*actqf)->qf_next)
183 ;
184 if (*actqf)
185 *actqf = (*actqf)->qf_next;
186 spin_unlock(&dq_list_lock);
187 }
188 EXPORT_SYMBOL(unregister_quota_format);
189
find_quota_format(int id)190 static struct quota_format_type *find_quota_format(int id)
191 {
192 struct quota_format_type *actqf;
193
194 spin_lock(&dq_list_lock);
195 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id;
196 actqf = actqf->qf_next)
197 ;
198 if (!actqf || !try_module_get(actqf->qf_owner)) {
199 int qm;
200
201 spin_unlock(&dq_list_lock);
202
203 for (qm = 0; module_names[qm].qm_fmt_id &&
204 module_names[qm].qm_fmt_id != id; qm++)
205 ;
206 if (!module_names[qm].qm_fmt_id ||
207 request_module(module_names[qm].qm_mod_name))
208 return NULL;
209
210 spin_lock(&dq_list_lock);
211 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id;
212 actqf = actqf->qf_next)
213 ;
214 if (actqf && !try_module_get(actqf->qf_owner))
215 actqf = NULL;
216 }
217 spin_unlock(&dq_list_lock);
218 return actqf;
219 }
220
put_quota_format(struct quota_format_type * fmt)221 static void put_quota_format(struct quota_format_type *fmt)
222 {
223 module_put(fmt->qf_owner);
224 }
225
226 /*
227 * Dquot List Management:
228 * The quota code uses five lists for dquot management: the inuse_list,
229 * releasing_dquots, free_dquots, dqi_dirty_list, and dquot_hash[] array.
230 * A single dquot structure may be on some of those lists, depending on
231 * its current state.
232 *
233 * All dquots are placed to the end of inuse_list when first created, and this
234 * list is used for invalidate operation, which must look at every dquot.
235 *
236 * When the last reference of a dquot is dropped, the dquot is added to
237 * releasing_dquots. We'll then queue work item which will call
238 * synchronize_srcu() and after that perform the final cleanup of all the
239 * dquots on the list. Each cleaned up dquot is moved to free_dquots list.
240 * Both releasing_dquots and free_dquots use the dq_free list_head in the dquot
241 * struct.
242 *
243 * Unused and cleaned up dquots are in the free_dquots list and this list is
244 * searched whenever we need an available dquot. Dquots are removed from the
245 * list as soon as they are used again and dqstats.free_dquots gives the number
246 * of dquots on the list. When dquot is invalidated it's completely released
247 * from memory.
248 *
249 * Dirty dquots are added to the dqi_dirty_list of quota_info when mark
250 * dirtied, and this list is searched when writing dirty dquots back to
251 * quota file. Note that some filesystems do dirty dquot tracking on their
252 * own (e.g. in a journal) and thus don't use dqi_dirty_list.
253 *
254 * Dquots with a specific identity (device, type and id) are placed on
255 * one of the dquot_hash[] hash chains. The provides an efficient search
256 * mechanism to locate a specific dquot.
257 */
258
259 static LIST_HEAD(inuse_list);
260 static LIST_HEAD(free_dquots);
261 static LIST_HEAD(releasing_dquots);
262 static unsigned int dq_hash_bits, dq_hash_mask;
263 static struct hlist_head *dquot_hash;
264
265 struct dqstats dqstats;
266 EXPORT_SYMBOL(dqstats);
267
268 static qsize_t inode_get_rsv_space(struct inode *inode);
269 static qsize_t __inode_get_rsv_space(struct inode *inode);
270 static int __dquot_initialize(struct inode *inode, int type);
271
272 static void quota_release_workfn(struct work_struct *work);
273 static DECLARE_DELAYED_WORK(quota_release_work, quota_release_workfn);
274
275 static inline unsigned int
hashfn(const struct super_block * sb,struct kqid qid)276 hashfn(const struct super_block *sb, struct kqid qid)
277 {
278 unsigned int id = from_kqid(&init_user_ns, qid);
279 int type = qid.type;
280 unsigned long tmp;
281
282 tmp = (((unsigned long)sb>>L1_CACHE_SHIFT) ^ id) * (MAXQUOTAS - type);
283 return (tmp + (tmp >> dq_hash_bits)) & dq_hash_mask;
284 }
285
286 /*
287 * Following list functions expect dq_list_lock to be held
288 */
insert_dquot_hash(struct dquot * dquot)289 static inline void insert_dquot_hash(struct dquot *dquot)
290 {
291 struct hlist_head *head;
292 head = dquot_hash + hashfn(dquot->dq_sb, dquot->dq_id);
293 hlist_add_head(&dquot->dq_hash, head);
294 }
295
remove_dquot_hash(struct dquot * dquot)296 static inline void remove_dquot_hash(struct dquot *dquot)
297 {
298 hlist_del_init(&dquot->dq_hash);
299 }
300
find_dquot(unsigned int hashent,struct super_block * sb,struct kqid qid)301 static struct dquot *find_dquot(unsigned int hashent, struct super_block *sb,
302 struct kqid qid)
303 {
304 struct dquot *dquot;
305
306 hlist_for_each_entry(dquot, dquot_hash+hashent, dq_hash)
307 if (dquot->dq_sb == sb && qid_eq(dquot->dq_id, qid))
308 return dquot;
309
310 return NULL;
311 }
312
313 /* Add a dquot to the tail of the free list */
put_dquot_last(struct dquot * dquot)314 static inline void put_dquot_last(struct dquot *dquot)
315 {
316 list_add_tail(&dquot->dq_free, &free_dquots);
317 dqstats_inc(DQST_FREE_DQUOTS);
318 }
319
put_releasing_dquots(struct dquot * dquot)320 static inline void put_releasing_dquots(struct dquot *dquot)
321 {
322 list_add_tail(&dquot->dq_free, &releasing_dquots);
323 set_bit(DQ_RELEASING_B, &dquot->dq_flags);
324 }
325
remove_free_dquot(struct dquot * dquot)326 static inline void remove_free_dquot(struct dquot *dquot)
327 {
328 if (list_empty(&dquot->dq_free))
329 return;
330 list_del_init(&dquot->dq_free);
331 if (!test_bit(DQ_RELEASING_B, &dquot->dq_flags))
332 dqstats_dec(DQST_FREE_DQUOTS);
333 else
334 clear_bit(DQ_RELEASING_B, &dquot->dq_flags);
335 }
336
put_inuse(struct dquot * dquot)337 static inline void put_inuse(struct dquot *dquot)
338 {
339 /* We add to the back of inuse list so we don't have to restart
340 * when traversing this list and we block */
341 list_add_tail(&dquot->dq_inuse, &inuse_list);
342 dqstats_inc(DQST_ALLOC_DQUOTS);
343 }
344
remove_inuse(struct dquot * dquot)345 static inline void remove_inuse(struct dquot *dquot)
346 {
347 dqstats_dec(DQST_ALLOC_DQUOTS);
348 list_del(&dquot->dq_inuse);
349 }
350 /*
351 * End of list functions needing dq_list_lock
352 */
353
wait_on_dquot(struct dquot * dquot)354 static void wait_on_dquot(struct dquot *dquot)
355 {
356 mutex_lock(&dquot->dq_lock);
357 mutex_unlock(&dquot->dq_lock);
358 }
359
dquot_active(struct dquot * dquot)360 static inline int dquot_active(struct dquot *dquot)
361 {
362 return test_bit(DQ_ACTIVE_B, &dquot->dq_flags);
363 }
364
dquot_dirty(struct dquot * dquot)365 static inline int dquot_dirty(struct dquot *dquot)
366 {
367 return test_bit(DQ_MOD_B, &dquot->dq_flags);
368 }
369
mark_dquot_dirty(struct dquot * dquot)370 static inline int mark_dquot_dirty(struct dquot *dquot)
371 {
372 return dquot->dq_sb->dq_op->mark_dirty(dquot);
373 }
374
375 /* Mark dquot dirty in atomic manner, and return it's old dirty flag state */
dquot_mark_dquot_dirty(struct dquot * dquot)376 int dquot_mark_dquot_dirty(struct dquot *dquot)
377 {
378 int ret = 1;
379
380 if (!dquot_active(dquot))
381 return 0;
382
383 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NOLIST_DIRTY)
384 return test_and_set_bit(DQ_MOD_B, &dquot->dq_flags);
385
386 /* If quota is dirty already, we don't have to acquire dq_list_lock */
387 if (dquot_dirty(dquot))
388 return 1;
389
390 spin_lock(&dq_list_lock);
391 if (!test_and_set_bit(DQ_MOD_B, &dquot->dq_flags)) {
392 list_add(&dquot->dq_dirty, &sb_dqopt(dquot->dq_sb)->
393 info[dquot->dq_id.type].dqi_dirty_list);
394 ret = 0;
395 }
396 spin_unlock(&dq_list_lock);
397 return ret;
398 }
399 EXPORT_SYMBOL(dquot_mark_dquot_dirty);
400
401 /* Dirtify all the dquots - this can block when journalling */
mark_all_dquot_dirty(struct dquot * const * dquot)402 static inline int mark_all_dquot_dirty(struct dquot * const *dquot)
403 {
404 int ret, err, cnt;
405
406 ret = err = 0;
407 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
408 if (dquot[cnt])
409 /* Even in case of error we have to continue */
410 ret = mark_dquot_dirty(dquot[cnt]);
411 if (!err)
412 err = ret;
413 }
414 return err;
415 }
416
dqput_all(struct dquot ** dquot)417 static inline void dqput_all(struct dquot **dquot)
418 {
419 unsigned int cnt;
420
421 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
422 dqput(dquot[cnt]);
423 }
424
clear_dquot_dirty(struct dquot * dquot)425 static inline int clear_dquot_dirty(struct dquot *dquot)
426 {
427 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NOLIST_DIRTY)
428 return test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags);
429
430 spin_lock(&dq_list_lock);
431 if (!test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags)) {
432 spin_unlock(&dq_list_lock);
433 return 0;
434 }
435 list_del_init(&dquot->dq_dirty);
436 spin_unlock(&dq_list_lock);
437 return 1;
438 }
439
mark_info_dirty(struct super_block * sb,int type)440 void mark_info_dirty(struct super_block *sb, int type)
441 {
442 spin_lock(&dq_data_lock);
443 sb_dqopt(sb)->info[type].dqi_flags |= DQF_INFO_DIRTY;
444 spin_unlock(&dq_data_lock);
445 }
446 EXPORT_SYMBOL(mark_info_dirty);
447
448 /*
449 * Read dquot from disk and alloc space for it
450 */
451
dquot_acquire(struct dquot * dquot)452 int dquot_acquire(struct dquot *dquot)
453 {
454 int ret = 0, ret2 = 0;
455 unsigned int memalloc;
456 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
457
458 mutex_lock(&dquot->dq_lock);
459 memalloc = memalloc_nofs_save();
460 if (!test_bit(DQ_READ_B, &dquot->dq_flags)) {
461 ret = dqopt->ops[dquot->dq_id.type]->read_dqblk(dquot);
462 if (ret < 0)
463 goto out_iolock;
464 }
465 /* Make sure flags update is visible after dquot has been filled */
466 smp_mb__before_atomic();
467 set_bit(DQ_READ_B, &dquot->dq_flags);
468 /* Instantiate dquot if needed */
469 if (!dquot_active(dquot) && !dquot->dq_off) {
470 ret = dqopt->ops[dquot->dq_id.type]->commit_dqblk(dquot);
471 /* Write the info if needed */
472 if (info_dirty(&dqopt->info[dquot->dq_id.type])) {
473 ret2 = dqopt->ops[dquot->dq_id.type]->write_file_info(
474 dquot->dq_sb, dquot->dq_id.type);
475 }
476 if (ret < 0)
477 goto out_iolock;
478 if (ret2 < 0) {
479 ret = ret2;
480 goto out_iolock;
481 }
482 }
483 /*
484 * Make sure flags update is visible after on-disk struct has been
485 * allocated. Paired with smp_rmb() in dqget().
486 */
487 smp_mb__before_atomic();
488 set_bit(DQ_ACTIVE_B, &dquot->dq_flags);
489 out_iolock:
490 memalloc_nofs_restore(memalloc);
491 mutex_unlock(&dquot->dq_lock);
492 return ret;
493 }
494 EXPORT_SYMBOL(dquot_acquire);
495
496 /*
497 * Write dquot to disk
498 */
dquot_commit(struct dquot * dquot)499 int dquot_commit(struct dquot *dquot)
500 {
501 int ret = 0;
502 unsigned int memalloc;
503 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
504
505 mutex_lock(&dquot->dq_lock);
506 memalloc = memalloc_nofs_save();
507 if (!clear_dquot_dirty(dquot))
508 goto out_lock;
509 /* Inactive dquot can be only if there was error during read/init
510 * => we have better not writing it */
511 if (dquot_active(dquot))
512 ret = dqopt->ops[dquot->dq_id.type]->commit_dqblk(dquot);
513 else
514 ret = -EIO;
515 out_lock:
516 memalloc_nofs_restore(memalloc);
517 mutex_unlock(&dquot->dq_lock);
518 return ret;
519 }
520 EXPORT_SYMBOL(dquot_commit);
521
522 /*
523 * Release dquot
524 */
dquot_release(struct dquot * dquot)525 int dquot_release(struct dquot *dquot)
526 {
527 int ret = 0, ret2 = 0;
528 unsigned int memalloc;
529 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
530
531 mutex_lock(&dquot->dq_lock);
532 memalloc = memalloc_nofs_save();
533 /* Check whether we are not racing with some other dqget() */
534 if (dquot_is_busy(dquot))
535 goto out_dqlock;
536 if (dqopt->ops[dquot->dq_id.type]->release_dqblk) {
537 ret = dqopt->ops[dquot->dq_id.type]->release_dqblk(dquot);
538 /* Write the info */
539 if (info_dirty(&dqopt->info[dquot->dq_id.type])) {
540 ret2 = dqopt->ops[dquot->dq_id.type]->write_file_info(
541 dquot->dq_sb, dquot->dq_id.type);
542 }
543 if (ret >= 0)
544 ret = ret2;
545 }
546 clear_bit(DQ_ACTIVE_B, &dquot->dq_flags);
547 out_dqlock:
548 memalloc_nofs_restore(memalloc);
549 mutex_unlock(&dquot->dq_lock);
550 return ret;
551 }
552 EXPORT_SYMBOL(dquot_release);
553
dquot_destroy(struct dquot * dquot)554 void dquot_destroy(struct dquot *dquot)
555 {
556 kmem_cache_free(dquot_cachep, dquot);
557 }
558 EXPORT_SYMBOL(dquot_destroy);
559
do_destroy_dquot(struct dquot * dquot)560 static inline void do_destroy_dquot(struct dquot *dquot)
561 {
562 dquot->dq_sb->dq_op->destroy_dquot(dquot);
563 }
564
565 /* Invalidate all dquots on the list. Note that this function is called after
566 * quota is disabled and pointers from inodes removed so there cannot be new
567 * quota users. There can still be some users of quotas due to inodes being
568 * just deleted or pruned by prune_icache() (those are not attached to any
569 * list) or parallel quotactl call. We have to wait for such users.
570 */
invalidate_dquots(struct super_block * sb,int type)571 static void invalidate_dquots(struct super_block *sb, int type)
572 {
573 struct dquot *dquot, *tmp;
574
575 restart:
576 flush_delayed_work("a_release_work);
577
578 spin_lock(&dq_list_lock);
579 list_for_each_entry_safe(dquot, tmp, &inuse_list, dq_inuse) {
580 if (dquot->dq_sb != sb)
581 continue;
582 if (dquot->dq_id.type != type)
583 continue;
584 /* Wait for dquot users */
585 if (atomic_read(&dquot->dq_count)) {
586 atomic_inc(&dquot->dq_count);
587 spin_unlock(&dq_list_lock);
588 /*
589 * Once dqput() wakes us up, we know it's time to free
590 * the dquot.
591 * IMPORTANT: we rely on the fact that there is always
592 * at most one process waiting for dquot to free.
593 * Otherwise dq_count would be > 1 and we would never
594 * wake up.
595 */
596 wait_event(dquot_ref_wq,
597 atomic_read(&dquot->dq_count) == 1);
598 dqput(dquot);
599 /* At this moment dquot() need not exist (it could be
600 * reclaimed by prune_dqcache(). Hence we must
601 * restart. */
602 goto restart;
603 }
604 /*
605 * The last user already dropped its reference but dquot didn't
606 * get fully cleaned up yet. Restart the scan which flushes the
607 * work cleaning up released dquots.
608 */
609 if (test_bit(DQ_RELEASING_B, &dquot->dq_flags)) {
610 spin_unlock(&dq_list_lock);
611 goto restart;
612 }
613 /*
614 * Quota now has no users and it has been written on last
615 * dqput()
616 */
617 remove_dquot_hash(dquot);
618 remove_free_dquot(dquot);
619 remove_inuse(dquot);
620 do_destroy_dquot(dquot);
621 }
622 spin_unlock(&dq_list_lock);
623 }
624
625 /* Call callback for every active dquot on given filesystem */
dquot_scan_active(struct super_block * sb,int (* fn)(struct dquot * dquot,unsigned long priv),unsigned long priv)626 int dquot_scan_active(struct super_block *sb,
627 int (*fn)(struct dquot *dquot, unsigned long priv),
628 unsigned long priv)
629 {
630 struct dquot *dquot, *old_dquot = NULL;
631 int ret = 0;
632
633 WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount));
634
635 spin_lock(&dq_list_lock);
636 list_for_each_entry(dquot, &inuse_list, dq_inuse) {
637 if (!dquot_active(dquot))
638 continue;
639 if (dquot->dq_sb != sb)
640 continue;
641 /* Now we have active dquot so we can just increase use count */
642 atomic_inc(&dquot->dq_count);
643 spin_unlock(&dq_list_lock);
644 dqput(old_dquot);
645 old_dquot = dquot;
646 /*
647 * ->release_dquot() can be racing with us. Our reference
648 * protects us from new calls to it so just wait for any
649 * outstanding call and recheck the DQ_ACTIVE_B after that.
650 */
651 wait_on_dquot(dquot);
652 if (dquot_active(dquot)) {
653 ret = fn(dquot, priv);
654 if (ret < 0)
655 goto out;
656 }
657 spin_lock(&dq_list_lock);
658 /* We are safe to continue now because our dquot could not
659 * be moved out of the inuse list while we hold the reference */
660 }
661 spin_unlock(&dq_list_lock);
662 out:
663 dqput(old_dquot);
664 return ret;
665 }
666 EXPORT_SYMBOL(dquot_scan_active);
667
dquot_write_dquot(struct dquot * dquot)668 static inline int dquot_write_dquot(struct dquot *dquot)
669 {
670 int ret = dquot->dq_sb->dq_op->write_dquot(dquot);
671 if (ret < 0) {
672 quota_error(dquot->dq_sb, "Can't write quota structure "
673 "(error %d). Quota may get out of sync!", ret);
674 /* Clear dirty bit anyway to avoid infinite loop. */
675 clear_dquot_dirty(dquot);
676 }
677 return ret;
678 }
679
680 /* Write all dquot structures to quota files */
dquot_writeback_dquots(struct super_block * sb,int type)681 int dquot_writeback_dquots(struct super_block *sb, int type)
682 {
683 struct list_head dirty;
684 struct dquot *dquot;
685 struct quota_info *dqopt = sb_dqopt(sb);
686 int cnt;
687 int err, ret = 0;
688
689 WARN_ON_ONCE(!rwsem_is_locked(&sb->s_umount));
690
691 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
692 if (type != -1 && cnt != type)
693 continue;
694 if (!sb_has_quota_active(sb, cnt))
695 continue;
696 spin_lock(&dq_list_lock);
697 /* Move list away to avoid livelock. */
698 list_replace_init(&dqopt->info[cnt].dqi_dirty_list, &dirty);
699 while (!list_empty(&dirty)) {
700 dquot = list_first_entry(&dirty, struct dquot,
701 dq_dirty);
702
703 WARN_ON(!dquot_active(dquot));
704 /* If the dquot is releasing we should not touch it */
705 if (test_bit(DQ_RELEASING_B, &dquot->dq_flags)) {
706 spin_unlock(&dq_list_lock);
707 flush_delayed_work("a_release_work);
708 spin_lock(&dq_list_lock);
709 continue;
710 }
711
712 /* Now we have active dquot from which someone is
713 * holding reference so we can safely just increase
714 * use count */
715 dqgrab(dquot);
716 spin_unlock(&dq_list_lock);
717 err = dquot_write_dquot(dquot);
718 if (err && !ret)
719 ret = err;
720 dqput(dquot);
721 spin_lock(&dq_list_lock);
722 }
723 spin_unlock(&dq_list_lock);
724 }
725
726 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
727 if ((cnt == type || type == -1) && sb_has_quota_active(sb, cnt)
728 && info_dirty(&dqopt->info[cnt]))
729 sb->dq_op->write_info(sb, cnt);
730 dqstats_inc(DQST_SYNCS);
731
732 return ret;
733 }
734 EXPORT_SYMBOL(dquot_writeback_dquots);
735
736 /* Write all dquot structures to disk and make them visible from userspace */
dquot_quota_sync(struct super_block * sb,int type)737 int dquot_quota_sync(struct super_block *sb, int type)
738 {
739 struct quota_info *dqopt = sb_dqopt(sb);
740 int cnt;
741 int ret;
742
743 ret = dquot_writeback_dquots(sb, type);
744 if (ret)
745 return ret;
746 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
747 return 0;
748
749 /* This is not very clever (and fast) but currently I don't know about
750 * any other simple way of getting quota data to disk and we must get
751 * them there for userspace to be visible... */
752 if (sb->s_op->sync_fs) {
753 ret = sb->s_op->sync_fs(sb, 1);
754 if (ret)
755 return ret;
756 }
757 ret = sync_blockdev(sb->s_bdev);
758 if (ret)
759 return ret;
760
761 /*
762 * Now when everything is written we can discard the pagecache so
763 * that userspace sees the changes.
764 */
765 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
766 if (type != -1 && cnt != type)
767 continue;
768 if (!sb_has_quota_active(sb, cnt))
769 continue;
770 inode_lock(dqopt->files[cnt]);
771 truncate_inode_pages(&dqopt->files[cnt]->i_data, 0);
772 inode_unlock(dqopt->files[cnt]);
773 }
774
775 return 0;
776 }
777 EXPORT_SYMBOL(dquot_quota_sync);
778
779 static unsigned long
dqcache_shrink_scan(struct shrinker * shrink,struct shrink_control * sc)780 dqcache_shrink_scan(struct shrinker *shrink, struct shrink_control *sc)
781 {
782 struct dquot *dquot;
783 unsigned long freed = 0;
784
785 spin_lock(&dq_list_lock);
786 while (!list_empty(&free_dquots) && sc->nr_to_scan) {
787 dquot = list_first_entry(&free_dquots, struct dquot, dq_free);
788 remove_dquot_hash(dquot);
789 remove_free_dquot(dquot);
790 remove_inuse(dquot);
791 do_destroy_dquot(dquot);
792 sc->nr_to_scan--;
793 freed++;
794 }
795 spin_unlock(&dq_list_lock);
796 return freed;
797 }
798
799 static unsigned long
dqcache_shrink_count(struct shrinker * shrink,struct shrink_control * sc)800 dqcache_shrink_count(struct shrinker *shrink, struct shrink_control *sc)
801 {
802 return vfs_pressure_ratio(
803 percpu_counter_read_positive(&dqstats.counter[DQST_FREE_DQUOTS]));
804 }
805
806 static struct shrinker dqcache_shrinker = {
807 .count_objects = dqcache_shrink_count,
808 .scan_objects = dqcache_shrink_scan,
809 .seeks = DEFAULT_SEEKS,
810 };
811
812 /*
813 * Safely release dquot and put reference to dquot.
814 */
quota_release_workfn(struct work_struct * work)815 static void quota_release_workfn(struct work_struct *work)
816 {
817 struct dquot *dquot;
818 struct list_head rls_head;
819
820 spin_lock(&dq_list_lock);
821 /* Exchange the list head to avoid livelock. */
822 list_replace_init(&releasing_dquots, &rls_head);
823 spin_unlock(&dq_list_lock);
824 synchronize_srcu(&dquot_srcu);
825
826 restart:
827 spin_lock(&dq_list_lock);
828 while (!list_empty(&rls_head)) {
829 dquot = list_first_entry(&rls_head, struct dquot, dq_free);
830 WARN_ON_ONCE(atomic_read(&dquot->dq_count));
831 /*
832 * Note that DQ_RELEASING_B protects us from racing with
833 * invalidate_dquots() calls so we are safe to work with the
834 * dquot even after we drop dq_list_lock.
835 */
836 if (dquot_dirty(dquot)) {
837 spin_unlock(&dq_list_lock);
838 /* Commit dquot before releasing */
839 dquot_write_dquot(dquot);
840 goto restart;
841 }
842 if (dquot_active(dquot)) {
843 spin_unlock(&dq_list_lock);
844 dquot->dq_sb->dq_op->release_dquot(dquot);
845 goto restart;
846 }
847 /* Dquot is inactive and clean, now move it to free list */
848 remove_free_dquot(dquot);
849 put_dquot_last(dquot);
850 }
851 spin_unlock(&dq_list_lock);
852 }
853
854 /*
855 * Put reference to dquot
856 */
dqput(struct dquot * dquot)857 void dqput(struct dquot *dquot)
858 {
859 if (!dquot)
860 return;
861 #ifdef CONFIG_QUOTA_DEBUG
862 if (!atomic_read(&dquot->dq_count)) {
863 quota_error(dquot->dq_sb, "trying to free free dquot of %s %d",
864 quotatypes[dquot->dq_id.type],
865 from_kqid(&init_user_ns, dquot->dq_id));
866 BUG();
867 }
868 #endif
869 dqstats_inc(DQST_DROPS);
870
871 spin_lock(&dq_list_lock);
872 if (atomic_read(&dquot->dq_count) > 1) {
873 /* We have more than one user... nothing to do */
874 atomic_dec(&dquot->dq_count);
875 /* Releasing dquot during quotaoff phase? */
876 if (!sb_has_quota_active(dquot->dq_sb, dquot->dq_id.type) &&
877 atomic_read(&dquot->dq_count) == 1)
878 wake_up(&dquot_ref_wq);
879 spin_unlock(&dq_list_lock);
880 return;
881 }
882
883 /* Need to release dquot? */
884 #ifdef CONFIG_QUOTA_DEBUG
885 /* sanity check */
886 BUG_ON(!list_empty(&dquot->dq_free));
887 #endif
888 put_releasing_dquots(dquot);
889 atomic_dec(&dquot->dq_count);
890 spin_unlock(&dq_list_lock);
891 queue_delayed_work(system_unbound_wq, "a_release_work, 1);
892 }
893 EXPORT_SYMBOL(dqput);
894
dquot_alloc(struct super_block * sb,int type)895 struct dquot *dquot_alloc(struct super_block *sb, int type)
896 {
897 return kmem_cache_zalloc(dquot_cachep, GFP_NOFS);
898 }
899 EXPORT_SYMBOL(dquot_alloc);
900
get_empty_dquot(struct super_block * sb,int type)901 static struct dquot *get_empty_dquot(struct super_block *sb, int type)
902 {
903 struct dquot *dquot;
904
905 dquot = sb->dq_op->alloc_dquot(sb, type);
906 if(!dquot)
907 return NULL;
908
909 mutex_init(&dquot->dq_lock);
910 INIT_LIST_HEAD(&dquot->dq_free);
911 INIT_LIST_HEAD(&dquot->dq_inuse);
912 INIT_HLIST_NODE(&dquot->dq_hash);
913 INIT_LIST_HEAD(&dquot->dq_dirty);
914 dquot->dq_sb = sb;
915 dquot->dq_id = make_kqid_invalid(type);
916 atomic_set(&dquot->dq_count, 1);
917 spin_lock_init(&dquot->dq_dqb_lock);
918
919 return dquot;
920 }
921
922 /*
923 * Get reference to dquot
924 *
925 * Locking is slightly tricky here. We are guarded from parallel quotaoff()
926 * destroying our dquot by:
927 * a) checking for quota flags under dq_list_lock and
928 * b) getting a reference to dquot before we release dq_list_lock
929 */
dqget(struct super_block * sb,struct kqid qid)930 struct dquot *dqget(struct super_block *sb, struct kqid qid)
931 {
932 unsigned int hashent = hashfn(sb, qid);
933 struct dquot *dquot, *empty = NULL;
934
935 if (!qid_has_mapping(sb->s_user_ns, qid))
936 return ERR_PTR(-EINVAL);
937
938 if (!sb_has_quota_active(sb, qid.type))
939 return ERR_PTR(-ESRCH);
940 we_slept:
941 spin_lock(&dq_list_lock);
942 spin_lock(&dq_state_lock);
943 if (!sb_has_quota_active(sb, qid.type)) {
944 spin_unlock(&dq_state_lock);
945 spin_unlock(&dq_list_lock);
946 dquot = ERR_PTR(-ESRCH);
947 goto out;
948 }
949 spin_unlock(&dq_state_lock);
950
951 dquot = find_dquot(hashent, sb, qid);
952 if (!dquot) {
953 if (!empty) {
954 spin_unlock(&dq_list_lock);
955 empty = get_empty_dquot(sb, qid.type);
956 if (!empty)
957 schedule(); /* Try to wait for a moment... */
958 goto we_slept;
959 }
960 dquot = empty;
961 empty = NULL;
962 dquot->dq_id = qid;
963 /* all dquots go on the inuse_list */
964 put_inuse(dquot);
965 /* hash it first so it can be found */
966 insert_dquot_hash(dquot);
967 spin_unlock(&dq_list_lock);
968 dqstats_inc(DQST_LOOKUPS);
969 } else {
970 if (!atomic_read(&dquot->dq_count))
971 remove_free_dquot(dquot);
972 atomic_inc(&dquot->dq_count);
973 spin_unlock(&dq_list_lock);
974 dqstats_inc(DQST_CACHE_HITS);
975 dqstats_inc(DQST_LOOKUPS);
976 }
977 /* Wait for dq_lock - after this we know that either dquot_release() is
978 * already finished or it will be canceled due to dq_count > 0 test */
979 wait_on_dquot(dquot);
980 /* Read the dquot / allocate space in quota file */
981 if (!dquot_active(dquot)) {
982 int err;
983
984 err = sb->dq_op->acquire_dquot(dquot);
985 if (err < 0) {
986 dqput(dquot);
987 dquot = ERR_PTR(err);
988 goto out;
989 }
990 }
991 /*
992 * Make sure following reads see filled structure - paired with
993 * smp_mb__before_atomic() in dquot_acquire().
994 */
995 smp_rmb();
996 #ifdef CONFIG_QUOTA_DEBUG
997 BUG_ON(!dquot->dq_sb); /* Has somebody invalidated entry under us? */
998 #endif
999 out:
1000 if (empty)
1001 do_destroy_dquot(empty);
1002
1003 return dquot;
1004 }
1005 EXPORT_SYMBOL(dqget);
1006
i_dquot(struct inode * inode)1007 static inline struct dquot **i_dquot(struct inode *inode)
1008 {
1009 return inode->i_sb->s_op->get_dquots(inode);
1010 }
1011
dqinit_needed(struct inode * inode,int type)1012 static int dqinit_needed(struct inode *inode, int type)
1013 {
1014 struct dquot * const *dquots;
1015 int cnt;
1016
1017 if (IS_NOQUOTA(inode))
1018 return 0;
1019
1020 dquots = i_dquot(inode);
1021 if (type != -1)
1022 return !dquots[type];
1023 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1024 if (!dquots[cnt])
1025 return 1;
1026 return 0;
1027 }
1028
1029 /* This routine is guarded by s_umount semaphore */
add_dquot_ref(struct super_block * sb,int type)1030 static int add_dquot_ref(struct super_block *sb, int type)
1031 {
1032 struct inode *inode, *old_inode = NULL;
1033 #ifdef CONFIG_QUOTA_DEBUG
1034 int reserved = 0;
1035 #endif
1036 int err = 0;
1037
1038 spin_lock(&sb->s_inode_list_lock);
1039 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
1040 spin_lock(&inode->i_lock);
1041 if ((inode->i_state & (I_FREEING|I_WILL_FREE|I_NEW)) ||
1042 !atomic_read(&inode->i_writecount) ||
1043 !dqinit_needed(inode, type)) {
1044 spin_unlock(&inode->i_lock);
1045 continue;
1046 }
1047 __iget(inode);
1048 spin_unlock(&inode->i_lock);
1049 spin_unlock(&sb->s_inode_list_lock);
1050
1051 #ifdef CONFIG_QUOTA_DEBUG
1052 if (unlikely(inode_get_rsv_space(inode) > 0))
1053 reserved = 1;
1054 #endif
1055 iput(old_inode);
1056 err = __dquot_initialize(inode, type);
1057 if (err) {
1058 iput(inode);
1059 goto out;
1060 }
1061
1062 /*
1063 * We hold a reference to 'inode' so it couldn't have been
1064 * removed from s_inodes list while we dropped the
1065 * s_inode_list_lock. We cannot iput the inode now as we can be
1066 * holding the last reference and we cannot iput it under
1067 * s_inode_list_lock. So we keep the reference and iput it
1068 * later.
1069 */
1070 old_inode = inode;
1071 cond_resched();
1072 spin_lock(&sb->s_inode_list_lock);
1073 }
1074 spin_unlock(&sb->s_inode_list_lock);
1075 iput(old_inode);
1076 out:
1077 #ifdef CONFIG_QUOTA_DEBUG
1078 if (reserved) {
1079 quota_error(sb, "Writes happened before quota was turned on "
1080 "thus quota information is probably inconsistent. "
1081 "Please run quotacheck(8)");
1082 }
1083 #endif
1084 return err;
1085 }
1086
remove_dquot_ref(struct super_block * sb,int type)1087 static void remove_dquot_ref(struct super_block *sb, int type)
1088 {
1089 struct inode *inode;
1090 #ifdef CONFIG_QUOTA_DEBUG
1091 int reserved = 0;
1092 #endif
1093
1094 spin_lock(&sb->s_inode_list_lock);
1095 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
1096 /*
1097 * We have to scan also I_NEW inodes because they can already
1098 * have quota pointer initialized. Luckily, we need to touch
1099 * only quota pointers and these have separate locking
1100 * (dq_data_lock).
1101 */
1102 spin_lock(&dq_data_lock);
1103 if (!IS_NOQUOTA(inode)) {
1104 struct dquot **dquots = i_dquot(inode);
1105 struct dquot *dquot = dquots[type];
1106
1107 #ifdef CONFIG_QUOTA_DEBUG
1108 if (unlikely(inode_get_rsv_space(inode) > 0))
1109 reserved = 1;
1110 #endif
1111 dquots[type] = NULL;
1112 if (dquot)
1113 dqput(dquot);
1114 }
1115 spin_unlock(&dq_data_lock);
1116 }
1117 spin_unlock(&sb->s_inode_list_lock);
1118 #ifdef CONFIG_QUOTA_DEBUG
1119 if (reserved) {
1120 printk(KERN_WARNING "VFS (%s): Writes happened after quota"
1121 " was disabled thus quota information is probably "
1122 "inconsistent. Please run quotacheck(8).\n", sb->s_id);
1123 }
1124 #endif
1125 }
1126
1127 /* Gather all references from inodes and drop them */
drop_dquot_ref(struct super_block * sb,int type)1128 static void drop_dquot_ref(struct super_block *sb, int type)
1129 {
1130 if (sb->dq_op)
1131 remove_dquot_ref(sb, type);
1132 }
1133
1134 static inline
dquot_free_reserved_space(struct dquot * dquot,qsize_t number)1135 void dquot_free_reserved_space(struct dquot *dquot, qsize_t number)
1136 {
1137 if (dquot->dq_dqb.dqb_rsvspace >= number)
1138 dquot->dq_dqb.dqb_rsvspace -= number;
1139 else {
1140 WARN_ON_ONCE(1);
1141 dquot->dq_dqb.dqb_rsvspace = 0;
1142 }
1143 if (dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace <=
1144 dquot->dq_dqb.dqb_bsoftlimit)
1145 dquot->dq_dqb.dqb_btime = (time64_t) 0;
1146 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1147 }
1148
dquot_decr_inodes(struct dquot * dquot,qsize_t number)1149 static void dquot_decr_inodes(struct dquot *dquot, qsize_t number)
1150 {
1151 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NEGATIVE_USAGE ||
1152 dquot->dq_dqb.dqb_curinodes >= number)
1153 dquot->dq_dqb.dqb_curinodes -= number;
1154 else
1155 dquot->dq_dqb.dqb_curinodes = 0;
1156 if (dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit)
1157 dquot->dq_dqb.dqb_itime = (time64_t) 0;
1158 clear_bit(DQ_INODES_B, &dquot->dq_flags);
1159 }
1160
dquot_decr_space(struct dquot * dquot,qsize_t number)1161 static void dquot_decr_space(struct dquot *dquot, qsize_t number)
1162 {
1163 if (sb_dqopt(dquot->dq_sb)->flags & DQUOT_NEGATIVE_USAGE ||
1164 dquot->dq_dqb.dqb_curspace >= number)
1165 dquot->dq_dqb.dqb_curspace -= number;
1166 else
1167 dquot->dq_dqb.dqb_curspace = 0;
1168 if (dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace <=
1169 dquot->dq_dqb.dqb_bsoftlimit)
1170 dquot->dq_dqb.dqb_btime = (time64_t) 0;
1171 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1172 }
1173
1174 struct dquot_warn {
1175 struct super_block *w_sb;
1176 struct kqid w_dq_id;
1177 short w_type;
1178 };
1179
warning_issued(struct dquot * dquot,const int warntype)1180 static int warning_issued(struct dquot *dquot, const int warntype)
1181 {
1182 int flag = (warntype == QUOTA_NL_BHARDWARN ||
1183 warntype == QUOTA_NL_BSOFTLONGWARN) ? DQ_BLKS_B :
1184 ((warntype == QUOTA_NL_IHARDWARN ||
1185 warntype == QUOTA_NL_ISOFTLONGWARN) ? DQ_INODES_B : 0);
1186
1187 if (!flag)
1188 return 0;
1189 return test_and_set_bit(flag, &dquot->dq_flags);
1190 }
1191
1192 #ifdef CONFIG_PRINT_QUOTA_WARNING
1193 static int flag_print_warnings = 1;
1194
need_print_warning(struct dquot_warn * warn)1195 static int need_print_warning(struct dquot_warn *warn)
1196 {
1197 if (!flag_print_warnings)
1198 return 0;
1199
1200 switch (warn->w_dq_id.type) {
1201 case USRQUOTA:
1202 return uid_eq(current_fsuid(), warn->w_dq_id.uid);
1203 case GRPQUOTA:
1204 return in_group_p(warn->w_dq_id.gid);
1205 case PRJQUOTA:
1206 return 1;
1207 }
1208 return 0;
1209 }
1210
1211 /* Print warning to user which exceeded quota */
print_warning(struct dquot_warn * warn)1212 static void print_warning(struct dquot_warn *warn)
1213 {
1214 char *msg = NULL;
1215 struct tty_struct *tty;
1216 int warntype = warn->w_type;
1217
1218 if (warntype == QUOTA_NL_IHARDBELOW ||
1219 warntype == QUOTA_NL_ISOFTBELOW ||
1220 warntype == QUOTA_NL_BHARDBELOW ||
1221 warntype == QUOTA_NL_BSOFTBELOW || !need_print_warning(warn))
1222 return;
1223
1224 tty = get_current_tty();
1225 if (!tty)
1226 return;
1227 tty_write_message(tty, warn->w_sb->s_id);
1228 if (warntype == QUOTA_NL_ISOFTWARN || warntype == QUOTA_NL_BSOFTWARN)
1229 tty_write_message(tty, ": warning, ");
1230 else
1231 tty_write_message(tty, ": write failed, ");
1232 tty_write_message(tty, quotatypes[warn->w_dq_id.type]);
1233 switch (warntype) {
1234 case QUOTA_NL_IHARDWARN:
1235 msg = " file limit reached.\r\n";
1236 break;
1237 case QUOTA_NL_ISOFTLONGWARN:
1238 msg = " file quota exceeded too long.\r\n";
1239 break;
1240 case QUOTA_NL_ISOFTWARN:
1241 msg = " file quota exceeded.\r\n";
1242 break;
1243 case QUOTA_NL_BHARDWARN:
1244 msg = " block limit reached.\r\n";
1245 break;
1246 case QUOTA_NL_BSOFTLONGWARN:
1247 msg = " block quota exceeded too long.\r\n";
1248 break;
1249 case QUOTA_NL_BSOFTWARN:
1250 msg = " block quota exceeded.\r\n";
1251 break;
1252 }
1253 tty_write_message(tty, msg);
1254 tty_kref_put(tty);
1255 }
1256 #endif
1257
prepare_warning(struct dquot_warn * warn,struct dquot * dquot,int warntype)1258 static void prepare_warning(struct dquot_warn *warn, struct dquot *dquot,
1259 int warntype)
1260 {
1261 if (warning_issued(dquot, warntype))
1262 return;
1263 warn->w_type = warntype;
1264 warn->w_sb = dquot->dq_sb;
1265 warn->w_dq_id = dquot->dq_id;
1266 }
1267
1268 /*
1269 * Write warnings to the console and send warning messages over netlink.
1270 *
1271 * Note that this function can call into tty and networking code.
1272 */
flush_warnings(struct dquot_warn * warn)1273 static void flush_warnings(struct dquot_warn *warn)
1274 {
1275 int i;
1276
1277 for (i = 0; i < MAXQUOTAS; i++) {
1278 if (warn[i].w_type == QUOTA_NL_NOWARN)
1279 continue;
1280 #ifdef CONFIG_PRINT_QUOTA_WARNING
1281 print_warning(&warn[i]);
1282 #endif
1283 quota_send_warning(warn[i].w_dq_id,
1284 warn[i].w_sb->s_dev, warn[i].w_type);
1285 }
1286 }
1287
ignore_hardlimit(struct dquot * dquot)1288 static int ignore_hardlimit(struct dquot *dquot)
1289 {
1290 struct mem_dqinfo *info = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
1291
1292 return capable(CAP_SYS_RESOURCE) &&
1293 (info->dqi_format->qf_fmt_id != QFMT_VFS_OLD ||
1294 !(info->dqi_flags & DQF_ROOT_SQUASH));
1295 }
1296
dquot_add_inodes(struct dquot * dquot,qsize_t inodes,struct dquot_warn * warn)1297 static int dquot_add_inodes(struct dquot *dquot, qsize_t inodes,
1298 struct dquot_warn *warn)
1299 {
1300 qsize_t newinodes;
1301 int ret = 0;
1302
1303 spin_lock(&dquot->dq_dqb_lock);
1304 newinodes = dquot->dq_dqb.dqb_curinodes + inodes;
1305 if (!sb_has_quota_limits_enabled(dquot->dq_sb, dquot->dq_id.type) ||
1306 test_bit(DQ_FAKE_B, &dquot->dq_flags))
1307 goto add;
1308
1309 if (dquot->dq_dqb.dqb_ihardlimit &&
1310 newinodes > dquot->dq_dqb.dqb_ihardlimit &&
1311 !ignore_hardlimit(dquot)) {
1312 prepare_warning(warn, dquot, QUOTA_NL_IHARDWARN);
1313 ret = -EDQUOT;
1314 goto out;
1315 }
1316
1317 if (dquot->dq_dqb.dqb_isoftlimit &&
1318 newinodes > dquot->dq_dqb.dqb_isoftlimit &&
1319 dquot->dq_dqb.dqb_itime &&
1320 ktime_get_real_seconds() >= dquot->dq_dqb.dqb_itime &&
1321 !ignore_hardlimit(dquot)) {
1322 prepare_warning(warn, dquot, QUOTA_NL_ISOFTLONGWARN);
1323 ret = -EDQUOT;
1324 goto out;
1325 }
1326
1327 if (dquot->dq_dqb.dqb_isoftlimit &&
1328 newinodes > dquot->dq_dqb.dqb_isoftlimit &&
1329 dquot->dq_dqb.dqb_itime == 0) {
1330 prepare_warning(warn, dquot, QUOTA_NL_ISOFTWARN);
1331 dquot->dq_dqb.dqb_itime = ktime_get_real_seconds() +
1332 sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type].dqi_igrace;
1333 }
1334 add:
1335 dquot->dq_dqb.dqb_curinodes = newinodes;
1336
1337 out:
1338 spin_unlock(&dquot->dq_dqb_lock);
1339 return ret;
1340 }
1341
dquot_add_space(struct dquot * dquot,qsize_t space,qsize_t rsv_space,unsigned int flags,struct dquot_warn * warn)1342 static int dquot_add_space(struct dquot *dquot, qsize_t space,
1343 qsize_t rsv_space, unsigned int flags,
1344 struct dquot_warn *warn)
1345 {
1346 qsize_t tspace;
1347 struct super_block *sb = dquot->dq_sb;
1348 int ret = 0;
1349
1350 spin_lock(&dquot->dq_dqb_lock);
1351 if (!sb_has_quota_limits_enabled(sb, dquot->dq_id.type) ||
1352 test_bit(DQ_FAKE_B, &dquot->dq_flags))
1353 goto finish;
1354
1355 tspace = dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace
1356 + space + rsv_space;
1357
1358 if (dquot->dq_dqb.dqb_bhardlimit &&
1359 tspace > dquot->dq_dqb.dqb_bhardlimit &&
1360 !ignore_hardlimit(dquot)) {
1361 if (flags & DQUOT_SPACE_WARN)
1362 prepare_warning(warn, dquot, QUOTA_NL_BHARDWARN);
1363 ret = -EDQUOT;
1364 goto finish;
1365 }
1366
1367 if (dquot->dq_dqb.dqb_bsoftlimit &&
1368 tspace > dquot->dq_dqb.dqb_bsoftlimit &&
1369 dquot->dq_dqb.dqb_btime &&
1370 ktime_get_real_seconds() >= dquot->dq_dqb.dqb_btime &&
1371 !ignore_hardlimit(dquot)) {
1372 if (flags & DQUOT_SPACE_WARN)
1373 prepare_warning(warn, dquot, QUOTA_NL_BSOFTLONGWARN);
1374 ret = -EDQUOT;
1375 goto finish;
1376 }
1377
1378 if (dquot->dq_dqb.dqb_bsoftlimit &&
1379 tspace > dquot->dq_dqb.dqb_bsoftlimit &&
1380 dquot->dq_dqb.dqb_btime == 0) {
1381 if (flags & DQUOT_SPACE_WARN) {
1382 prepare_warning(warn, dquot, QUOTA_NL_BSOFTWARN);
1383 dquot->dq_dqb.dqb_btime = ktime_get_real_seconds() +
1384 sb_dqopt(sb)->info[dquot->dq_id.type].dqi_bgrace;
1385 } else {
1386 /*
1387 * We don't allow preallocation to exceed softlimit so exceeding will
1388 * be always printed
1389 */
1390 ret = -EDQUOT;
1391 goto finish;
1392 }
1393 }
1394 finish:
1395 /*
1396 * We have to be careful and go through warning generation & grace time
1397 * setting even if DQUOT_SPACE_NOFAIL is set. That's why we check it
1398 * only here...
1399 */
1400 if (flags & DQUOT_SPACE_NOFAIL)
1401 ret = 0;
1402 if (!ret) {
1403 dquot->dq_dqb.dqb_rsvspace += rsv_space;
1404 dquot->dq_dqb.dqb_curspace += space;
1405 }
1406 spin_unlock(&dquot->dq_dqb_lock);
1407 return ret;
1408 }
1409
info_idq_free(struct dquot * dquot,qsize_t inodes)1410 static int info_idq_free(struct dquot *dquot, qsize_t inodes)
1411 {
1412 qsize_t newinodes;
1413
1414 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1415 dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit ||
1416 !sb_has_quota_limits_enabled(dquot->dq_sb, dquot->dq_id.type))
1417 return QUOTA_NL_NOWARN;
1418
1419 newinodes = dquot->dq_dqb.dqb_curinodes - inodes;
1420 if (newinodes <= dquot->dq_dqb.dqb_isoftlimit)
1421 return QUOTA_NL_ISOFTBELOW;
1422 if (dquot->dq_dqb.dqb_curinodes >= dquot->dq_dqb.dqb_ihardlimit &&
1423 newinodes < dquot->dq_dqb.dqb_ihardlimit)
1424 return QUOTA_NL_IHARDBELOW;
1425 return QUOTA_NL_NOWARN;
1426 }
1427
info_bdq_free(struct dquot * dquot,qsize_t space)1428 static int info_bdq_free(struct dquot *dquot, qsize_t space)
1429 {
1430 qsize_t tspace;
1431
1432 tspace = dquot->dq_dqb.dqb_curspace + dquot->dq_dqb.dqb_rsvspace;
1433
1434 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1435 tspace <= dquot->dq_dqb.dqb_bsoftlimit)
1436 return QUOTA_NL_NOWARN;
1437
1438 if (tspace - space <= dquot->dq_dqb.dqb_bsoftlimit)
1439 return QUOTA_NL_BSOFTBELOW;
1440 if (tspace >= dquot->dq_dqb.dqb_bhardlimit &&
1441 tspace - space < dquot->dq_dqb.dqb_bhardlimit)
1442 return QUOTA_NL_BHARDBELOW;
1443 return QUOTA_NL_NOWARN;
1444 }
1445
inode_quota_active(const struct inode * inode)1446 static int inode_quota_active(const struct inode *inode)
1447 {
1448 struct super_block *sb = inode->i_sb;
1449
1450 if (IS_NOQUOTA(inode))
1451 return 0;
1452 return sb_any_quota_loaded(sb) & ~sb_any_quota_suspended(sb);
1453 }
1454
1455 /*
1456 * Initialize quota pointers in inode
1457 *
1458 * It is better to call this function outside of any transaction as it
1459 * might need a lot of space in journal for dquot structure allocation.
1460 */
__dquot_initialize(struct inode * inode,int type)1461 static int __dquot_initialize(struct inode *inode, int type)
1462 {
1463 int cnt, init_needed = 0;
1464 struct dquot **dquots, *got[MAXQUOTAS] = {};
1465 struct super_block *sb = inode->i_sb;
1466 qsize_t rsv;
1467 int ret = 0;
1468
1469 if (!inode_quota_active(inode))
1470 return 0;
1471
1472 dquots = i_dquot(inode);
1473
1474 /* First get references to structures we might need. */
1475 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1476 struct kqid qid;
1477 kprojid_t projid;
1478 int rc;
1479 struct dquot *dquot;
1480
1481 if (type != -1 && cnt != type)
1482 continue;
1483 /*
1484 * The i_dquot should have been initialized in most cases,
1485 * we check it without locking here to avoid unnecessary
1486 * dqget()/dqput() calls.
1487 */
1488 if (dquots[cnt])
1489 continue;
1490
1491 if (!sb_has_quota_active(sb, cnt))
1492 continue;
1493
1494 init_needed = 1;
1495
1496 switch (cnt) {
1497 case USRQUOTA:
1498 qid = make_kqid_uid(inode->i_uid);
1499 break;
1500 case GRPQUOTA:
1501 qid = make_kqid_gid(inode->i_gid);
1502 break;
1503 case PRJQUOTA:
1504 rc = inode->i_sb->dq_op->get_projid(inode, &projid);
1505 if (rc)
1506 continue;
1507 qid = make_kqid_projid(projid);
1508 break;
1509 }
1510 dquot = dqget(sb, qid);
1511 if (IS_ERR(dquot)) {
1512 /* We raced with somebody turning quotas off... */
1513 if (PTR_ERR(dquot) != -ESRCH) {
1514 ret = PTR_ERR(dquot);
1515 goto out_put;
1516 }
1517 dquot = NULL;
1518 }
1519 got[cnt] = dquot;
1520 }
1521
1522 /* All required i_dquot has been initialized */
1523 if (!init_needed)
1524 return 0;
1525
1526 spin_lock(&dq_data_lock);
1527 if (IS_NOQUOTA(inode))
1528 goto out_lock;
1529 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1530 if (type != -1 && cnt != type)
1531 continue;
1532 /* Avoid races with quotaoff() */
1533 if (!sb_has_quota_active(sb, cnt))
1534 continue;
1535 /* We could race with quotaon or dqget() could have failed */
1536 if (!got[cnt])
1537 continue;
1538 if (!dquots[cnt]) {
1539 dquots[cnt] = got[cnt];
1540 got[cnt] = NULL;
1541 /*
1542 * Make quota reservation system happy if someone
1543 * did a write before quota was turned on
1544 */
1545 rsv = inode_get_rsv_space(inode);
1546 if (unlikely(rsv)) {
1547 spin_lock(&inode->i_lock);
1548 /* Get reservation again under proper lock */
1549 rsv = __inode_get_rsv_space(inode);
1550 spin_lock(&dquots[cnt]->dq_dqb_lock);
1551 dquots[cnt]->dq_dqb.dqb_rsvspace += rsv;
1552 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1553 spin_unlock(&inode->i_lock);
1554 }
1555 }
1556 }
1557 out_lock:
1558 spin_unlock(&dq_data_lock);
1559 out_put:
1560 /* Drop unused references */
1561 dqput_all(got);
1562
1563 return ret;
1564 }
1565
dquot_initialize(struct inode * inode)1566 int dquot_initialize(struct inode *inode)
1567 {
1568 return __dquot_initialize(inode, -1);
1569 }
1570 EXPORT_SYMBOL(dquot_initialize);
1571
dquot_initialize_needed(struct inode * inode)1572 bool dquot_initialize_needed(struct inode *inode)
1573 {
1574 struct dquot **dquots;
1575 int i;
1576
1577 if (!inode_quota_active(inode))
1578 return false;
1579
1580 dquots = i_dquot(inode);
1581 for (i = 0; i < MAXQUOTAS; i++)
1582 if (!dquots[i] && sb_has_quota_active(inode->i_sb, i))
1583 return true;
1584 return false;
1585 }
1586 EXPORT_SYMBOL(dquot_initialize_needed);
1587
1588 /*
1589 * Release all quotas referenced by inode.
1590 *
1591 * This function only be called on inode free or converting
1592 * a file to quota file, no other users for the i_dquot in
1593 * both cases, so we needn't call synchronize_srcu() after
1594 * clearing i_dquot.
1595 */
__dquot_drop(struct inode * inode)1596 static void __dquot_drop(struct inode *inode)
1597 {
1598 int cnt;
1599 struct dquot **dquots = i_dquot(inode);
1600 struct dquot *put[MAXQUOTAS];
1601
1602 spin_lock(&dq_data_lock);
1603 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1604 put[cnt] = dquots[cnt];
1605 dquots[cnt] = NULL;
1606 }
1607 spin_unlock(&dq_data_lock);
1608 dqput_all(put);
1609 }
1610
dquot_drop(struct inode * inode)1611 void dquot_drop(struct inode *inode)
1612 {
1613 struct dquot * const *dquots;
1614 int cnt;
1615
1616 if (IS_NOQUOTA(inode))
1617 return;
1618
1619 /*
1620 * Test before calling to rule out calls from proc and such
1621 * where we are not allowed to block. Note that this is
1622 * actually reliable test even without the lock - the caller
1623 * must assure that nobody can come after the DQUOT_DROP and
1624 * add quota pointers back anyway.
1625 */
1626 dquots = i_dquot(inode);
1627 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1628 if (dquots[cnt])
1629 break;
1630 }
1631
1632 if (cnt < MAXQUOTAS)
1633 __dquot_drop(inode);
1634 }
1635 EXPORT_SYMBOL(dquot_drop);
1636
1637 /*
1638 * inode_reserved_space is managed internally by quota, and protected by
1639 * i_lock similar to i_blocks+i_bytes.
1640 */
inode_reserved_space(struct inode * inode)1641 static qsize_t *inode_reserved_space(struct inode * inode)
1642 {
1643 /* Filesystem must explicitly define it's own method in order to use
1644 * quota reservation interface */
1645 BUG_ON(!inode->i_sb->dq_op->get_reserved_space);
1646 return inode->i_sb->dq_op->get_reserved_space(inode);
1647 }
1648
__inode_get_rsv_space(struct inode * inode)1649 static qsize_t __inode_get_rsv_space(struct inode *inode)
1650 {
1651 if (!inode->i_sb->dq_op->get_reserved_space)
1652 return 0;
1653 return *inode_reserved_space(inode);
1654 }
1655
inode_get_rsv_space(struct inode * inode)1656 static qsize_t inode_get_rsv_space(struct inode *inode)
1657 {
1658 qsize_t ret;
1659
1660 if (!inode->i_sb->dq_op->get_reserved_space)
1661 return 0;
1662 spin_lock(&inode->i_lock);
1663 ret = __inode_get_rsv_space(inode);
1664 spin_unlock(&inode->i_lock);
1665 return ret;
1666 }
1667
1668 /*
1669 * This functions updates i_blocks+i_bytes fields and quota information
1670 * (together with appropriate checks).
1671 *
1672 * NOTE: We absolutely rely on the fact that caller dirties the inode
1673 * (usually helpers in quotaops.h care about this) and holds a handle for
1674 * the current transaction so that dquot write and inode write go into the
1675 * same transaction.
1676 */
1677
1678 /*
1679 * This operation can block, but only after everything is updated
1680 */
__dquot_alloc_space(struct inode * inode,qsize_t number,int flags)1681 int __dquot_alloc_space(struct inode *inode, qsize_t number, int flags)
1682 {
1683 int cnt, ret = 0, index;
1684 struct dquot_warn warn[MAXQUOTAS];
1685 int reserve = flags & DQUOT_SPACE_RESERVE;
1686 struct dquot **dquots;
1687
1688 if (!inode_quota_active(inode)) {
1689 if (reserve) {
1690 spin_lock(&inode->i_lock);
1691 *inode_reserved_space(inode) += number;
1692 spin_unlock(&inode->i_lock);
1693 } else {
1694 inode_add_bytes(inode, number);
1695 }
1696 goto out;
1697 }
1698
1699 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1700 warn[cnt].w_type = QUOTA_NL_NOWARN;
1701
1702 dquots = i_dquot(inode);
1703 index = srcu_read_lock(&dquot_srcu);
1704 spin_lock(&inode->i_lock);
1705 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1706 if (!dquots[cnt])
1707 continue;
1708 if (reserve) {
1709 ret = dquot_add_space(dquots[cnt], 0, number, flags,
1710 &warn[cnt]);
1711 } else {
1712 ret = dquot_add_space(dquots[cnt], number, 0, flags,
1713 &warn[cnt]);
1714 }
1715 if (ret) {
1716 /* Back out changes we already did */
1717 for (cnt--; cnt >= 0; cnt--) {
1718 if (!dquots[cnt])
1719 continue;
1720 spin_lock(&dquots[cnt]->dq_dqb_lock);
1721 if (reserve)
1722 dquot_free_reserved_space(dquots[cnt],
1723 number);
1724 else
1725 dquot_decr_space(dquots[cnt], number);
1726 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1727 }
1728 spin_unlock(&inode->i_lock);
1729 goto out_flush_warn;
1730 }
1731 }
1732 if (reserve)
1733 *inode_reserved_space(inode) += number;
1734 else
1735 __inode_add_bytes(inode, number);
1736 spin_unlock(&inode->i_lock);
1737
1738 if (reserve)
1739 goto out_flush_warn;
1740 mark_all_dquot_dirty(dquots);
1741 out_flush_warn:
1742 srcu_read_unlock(&dquot_srcu, index);
1743 flush_warnings(warn);
1744 out:
1745 return ret;
1746 }
1747 EXPORT_SYMBOL(__dquot_alloc_space);
1748
1749 /*
1750 * This operation can block, but only after everything is updated
1751 */
dquot_alloc_inode(struct inode * inode)1752 int dquot_alloc_inode(struct inode *inode)
1753 {
1754 int cnt, ret = 0, index;
1755 struct dquot_warn warn[MAXQUOTAS];
1756 struct dquot * const *dquots;
1757
1758 if (!inode_quota_active(inode))
1759 return 0;
1760 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1761 warn[cnt].w_type = QUOTA_NL_NOWARN;
1762
1763 dquots = i_dquot(inode);
1764 index = srcu_read_lock(&dquot_srcu);
1765 spin_lock(&inode->i_lock);
1766 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1767 if (!dquots[cnt])
1768 continue;
1769 ret = dquot_add_inodes(dquots[cnt], 1, &warn[cnt]);
1770 if (ret) {
1771 for (cnt--; cnt >= 0; cnt--) {
1772 if (!dquots[cnt])
1773 continue;
1774 /* Back out changes we already did */
1775 spin_lock(&dquots[cnt]->dq_dqb_lock);
1776 dquot_decr_inodes(dquots[cnt], 1);
1777 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1778 }
1779 goto warn_put_all;
1780 }
1781 }
1782
1783 warn_put_all:
1784 spin_unlock(&inode->i_lock);
1785 if (ret == 0)
1786 mark_all_dquot_dirty(dquots);
1787 srcu_read_unlock(&dquot_srcu, index);
1788 flush_warnings(warn);
1789 return ret;
1790 }
1791 EXPORT_SYMBOL(dquot_alloc_inode);
1792
1793 /*
1794 * Convert in-memory reserved quotas to real consumed quotas
1795 */
dquot_claim_space_nodirty(struct inode * inode,qsize_t number)1796 int dquot_claim_space_nodirty(struct inode *inode, qsize_t number)
1797 {
1798 struct dquot **dquots;
1799 int cnt, index;
1800
1801 if (!inode_quota_active(inode)) {
1802 spin_lock(&inode->i_lock);
1803 *inode_reserved_space(inode) -= number;
1804 __inode_add_bytes(inode, number);
1805 spin_unlock(&inode->i_lock);
1806 return 0;
1807 }
1808
1809 dquots = i_dquot(inode);
1810 index = srcu_read_lock(&dquot_srcu);
1811 spin_lock(&inode->i_lock);
1812 /* Claim reserved quotas to allocated quotas */
1813 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1814 if (dquots[cnt]) {
1815 struct dquot *dquot = dquots[cnt];
1816
1817 spin_lock(&dquot->dq_dqb_lock);
1818 if (WARN_ON_ONCE(dquot->dq_dqb.dqb_rsvspace < number))
1819 number = dquot->dq_dqb.dqb_rsvspace;
1820 dquot->dq_dqb.dqb_curspace += number;
1821 dquot->dq_dqb.dqb_rsvspace -= number;
1822 spin_unlock(&dquot->dq_dqb_lock);
1823 }
1824 }
1825 /* Update inode bytes */
1826 *inode_reserved_space(inode) -= number;
1827 __inode_add_bytes(inode, number);
1828 spin_unlock(&inode->i_lock);
1829 mark_all_dquot_dirty(dquots);
1830 srcu_read_unlock(&dquot_srcu, index);
1831 return 0;
1832 }
1833 EXPORT_SYMBOL(dquot_claim_space_nodirty);
1834
1835 /*
1836 * Convert allocated space back to in-memory reserved quotas
1837 */
dquot_reclaim_space_nodirty(struct inode * inode,qsize_t number)1838 void dquot_reclaim_space_nodirty(struct inode *inode, qsize_t number)
1839 {
1840 struct dquot **dquots;
1841 int cnt, index;
1842
1843 if (!inode_quota_active(inode)) {
1844 spin_lock(&inode->i_lock);
1845 *inode_reserved_space(inode) += number;
1846 __inode_sub_bytes(inode, number);
1847 spin_unlock(&inode->i_lock);
1848 return;
1849 }
1850
1851 dquots = i_dquot(inode);
1852 index = srcu_read_lock(&dquot_srcu);
1853 spin_lock(&inode->i_lock);
1854 /* Claim reserved quotas to allocated quotas */
1855 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1856 if (dquots[cnt]) {
1857 struct dquot *dquot = dquots[cnt];
1858
1859 spin_lock(&dquot->dq_dqb_lock);
1860 if (WARN_ON_ONCE(dquot->dq_dqb.dqb_curspace < number))
1861 number = dquot->dq_dqb.dqb_curspace;
1862 dquot->dq_dqb.dqb_rsvspace += number;
1863 dquot->dq_dqb.dqb_curspace -= number;
1864 spin_unlock(&dquot->dq_dqb_lock);
1865 }
1866 }
1867 /* Update inode bytes */
1868 *inode_reserved_space(inode) += number;
1869 __inode_sub_bytes(inode, number);
1870 spin_unlock(&inode->i_lock);
1871 mark_all_dquot_dirty(dquots);
1872 srcu_read_unlock(&dquot_srcu, index);
1873 return;
1874 }
1875 EXPORT_SYMBOL(dquot_reclaim_space_nodirty);
1876
1877 /*
1878 * This operation can block, but only after everything is updated
1879 */
__dquot_free_space(struct inode * inode,qsize_t number,int flags)1880 void __dquot_free_space(struct inode *inode, qsize_t number, int flags)
1881 {
1882 unsigned int cnt;
1883 struct dquot_warn warn[MAXQUOTAS];
1884 struct dquot **dquots;
1885 int reserve = flags & DQUOT_SPACE_RESERVE, index;
1886
1887 if (!inode_quota_active(inode)) {
1888 if (reserve) {
1889 spin_lock(&inode->i_lock);
1890 *inode_reserved_space(inode) -= number;
1891 spin_unlock(&inode->i_lock);
1892 } else {
1893 inode_sub_bytes(inode, number);
1894 }
1895 return;
1896 }
1897
1898 dquots = i_dquot(inode);
1899 index = srcu_read_lock(&dquot_srcu);
1900 spin_lock(&inode->i_lock);
1901 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1902 int wtype;
1903
1904 warn[cnt].w_type = QUOTA_NL_NOWARN;
1905 if (!dquots[cnt])
1906 continue;
1907 spin_lock(&dquots[cnt]->dq_dqb_lock);
1908 wtype = info_bdq_free(dquots[cnt], number);
1909 if (wtype != QUOTA_NL_NOWARN)
1910 prepare_warning(&warn[cnt], dquots[cnt], wtype);
1911 if (reserve)
1912 dquot_free_reserved_space(dquots[cnt], number);
1913 else
1914 dquot_decr_space(dquots[cnt], number);
1915 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1916 }
1917 if (reserve)
1918 *inode_reserved_space(inode) -= number;
1919 else
1920 __inode_sub_bytes(inode, number);
1921 spin_unlock(&inode->i_lock);
1922
1923 if (reserve)
1924 goto out_unlock;
1925 mark_all_dquot_dirty(dquots);
1926 out_unlock:
1927 srcu_read_unlock(&dquot_srcu, index);
1928 flush_warnings(warn);
1929 }
1930 EXPORT_SYMBOL(__dquot_free_space);
1931
1932 /*
1933 * This operation can block, but only after everything is updated
1934 */
dquot_free_inode(struct inode * inode)1935 void dquot_free_inode(struct inode *inode)
1936 {
1937 unsigned int cnt;
1938 struct dquot_warn warn[MAXQUOTAS];
1939 struct dquot * const *dquots;
1940 int index;
1941
1942 if (!inode_quota_active(inode))
1943 return;
1944
1945 dquots = i_dquot(inode);
1946 index = srcu_read_lock(&dquot_srcu);
1947 spin_lock(&inode->i_lock);
1948 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1949 int wtype;
1950
1951 warn[cnt].w_type = QUOTA_NL_NOWARN;
1952 if (!dquots[cnt])
1953 continue;
1954 spin_lock(&dquots[cnt]->dq_dqb_lock);
1955 wtype = info_idq_free(dquots[cnt], 1);
1956 if (wtype != QUOTA_NL_NOWARN)
1957 prepare_warning(&warn[cnt], dquots[cnt], wtype);
1958 dquot_decr_inodes(dquots[cnt], 1);
1959 spin_unlock(&dquots[cnt]->dq_dqb_lock);
1960 }
1961 spin_unlock(&inode->i_lock);
1962 mark_all_dquot_dirty(dquots);
1963 srcu_read_unlock(&dquot_srcu, index);
1964 flush_warnings(warn);
1965 }
1966 EXPORT_SYMBOL(dquot_free_inode);
1967
1968 /*
1969 * Transfer the number of inode and blocks from one diskquota to an other.
1970 * On success, dquot references in transfer_to are consumed and references
1971 * to original dquots that need to be released are placed there. On failure,
1972 * references are kept untouched.
1973 *
1974 * This operation can block, but only after everything is updated
1975 * A transaction must be started when entering this function.
1976 *
1977 * We are holding reference on transfer_from & transfer_to, no need to
1978 * protect them by srcu_read_lock().
1979 */
__dquot_transfer(struct inode * inode,struct dquot ** transfer_to)1980 int __dquot_transfer(struct inode *inode, struct dquot **transfer_to)
1981 {
1982 qsize_t cur_space;
1983 qsize_t rsv_space = 0;
1984 qsize_t inode_usage = 1;
1985 struct dquot *transfer_from[MAXQUOTAS] = {};
1986 int cnt, ret = 0;
1987 char is_valid[MAXQUOTAS] = {};
1988 struct dquot_warn warn_to[MAXQUOTAS];
1989 struct dquot_warn warn_from_inodes[MAXQUOTAS];
1990 struct dquot_warn warn_from_space[MAXQUOTAS];
1991
1992 if (IS_NOQUOTA(inode))
1993 return 0;
1994
1995 if (inode->i_sb->dq_op->get_inode_usage) {
1996 ret = inode->i_sb->dq_op->get_inode_usage(inode, &inode_usage);
1997 if (ret)
1998 return ret;
1999 }
2000
2001 /* Initialize the arrays */
2002 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2003 warn_to[cnt].w_type = QUOTA_NL_NOWARN;
2004 warn_from_inodes[cnt].w_type = QUOTA_NL_NOWARN;
2005 warn_from_space[cnt].w_type = QUOTA_NL_NOWARN;
2006 }
2007
2008 spin_lock(&dq_data_lock);
2009 spin_lock(&inode->i_lock);
2010 if (IS_NOQUOTA(inode)) { /* File without quota accounting? */
2011 spin_unlock(&inode->i_lock);
2012 spin_unlock(&dq_data_lock);
2013 return 0;
2014 }
2015 cur_space = __inode_get_bytes(inode);
2016 rsv_space = __inode_get_rsv_space(inode);
2017 /*
2018 * Build the transfer_from list, check limits, and update usage in
2019 * the target structures.
2020 */
2021 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2022 /*
2023 * Skip changes for same uid or gid or for turned off quota-type.
2024 */
2025 if (!transfer_to[cnt])
2026 continue;
2027 /* Avoid races with quotaoff() */
2028 if (!sb_has_quota_active(inode->i_sb, cnt))
2029 continue;
2030 is_valid[cnt] = 1;
2031 transfer_from[cnt] = i_dquot(inode)[cnt];
2032 ret = dquot_add_inodes(transfer_to[cnt], inode_usage,
2033 &warn_to[cnt]);
2034 if (ret)
2035 goto over_quota;
2036 ret = dquot_add_space(transfer_to[cnt], cur_space, rsv_space,
2037 DQUOT_SPACE_WARN, &warn_to[cnt]);
2038 if (ret) {
2039 spin_lock(&transfer_to[cnt]->dq_dqb_lock);
2040 dquot_decr_inodes(transfer_to[cnt], inode_usage);
2041 spin_unlock(&transfer_to[cnt]->dq_dqb_lock);
2042 goto over_quota;
2043 }
2044 }
2045
2046 /* Decrease usage for source structures and update quota pointers */
2047 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2048 if (!is_valid[cnt])
2049 continue;
2050 /* Due to IO error we might not have transfer_from[] structure */
2051 if (transfer_from[cnt]) {
2052 int wtype;
2053
2054 spin_lock(&transfer_from[cnt]->dq_dqb_lock);
2055 wtype = info_idq_free(transfer_from[cnt], inode_usage);
2056 if (wtype != QUOTA_NL_NOWARN)
2057 prepare_warning(&warn_from_inodes[cnt],
2058 transfer_from[cnt], wtype);
2059 wtype = info_bdq_free(transfer_from[cnt],
2060 cur_space + rsv_space);
2061 if (wtype != QUOTA_NL_NOWARN)
2062 prepare_warning(&warn_from_space[cnt],
2063 transfer_from[cnt], wtype);
2064 dquot_decr_inodes(transfer_from[cnt], inode_usage);
2065 dquot_decr_space(transfer_from[cnt], cur_space);
2066 dquot_free_reserved_space(transfer_from[cnt],
2067 rsv_space);
2068 spin_unlock(&transfer_from[cnt]->dq_dqb_lock);
2069 }
2070 i_dquot(inode)[cnt] = transfer_to[cnt];
2071 }
2072 spin_unlock(&inode->i_lock);
2073 spin_unlock(&dq_data_lock);
2074
2075 mark_all_dquot_dirty(transfer_from);
2076 mark_all_dquot_dirty(transfer_to);
2077 flush_warnings(warn_to);
2078 flush_warnings(warn_from_inodes);
2079 flush_warnings(warn_from_space);
2080 /* Pass back references to put */
2081 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2082 if (is_valid[cnt])
2083 transfer_to[cnt] = transfer_from[cnt];
2084 return 0;
2085 over_quota:
2086 /* Back out changes we already did */
2087 for (cnt--; cnt >= 0; cnt--) {
2088 if (!is_valid[cnt])
2089 continue;
2090 spin_lock(&transfer_to[cnt]->dq_dqb_lock);
2091 dquot_decr_inodes(transfer_to[cnt], inode_usage);
2092 dquot_decr_space(transfer_to[cnt], cur_space);
2093 dquot_free_reserved_space(transfer_to[cnt], rsv_space);
2094 spin_unlock(&transfer_to[cnt]->dq_dqb_lock);
2095 }
2096 spin_unlock(&inode->i_lock);
2097 spin_unlock(&dq_data_lock);
2098 flush_warnings(warn_to);
2099 return ret;
2100 }
2101 EXPORT_SYMBOL(__dquot_transfer);
2102
2103 /* Wrapper for transferring ownership of an inode for uid/gid only
2104 * Called from FSXXX_setattr()
2105 */
dquot_transfer(struct mnt_idmap * idmap,struct inode * inode,struct iattr * iattr)2106 int dquot_transfer(struct mnt_idmap *idmap, struct inode *inode,
2107 struct iattr *iattr)
2108 {
2109 struct dquot *transfer_to[MAXQUOTAS] = {};
2110 struct dquot *dquot;
2111 struct super_block *sb = inode->i_sb;
2112 int ret;
2113
2114 if (!inode_quota_active(inode))
2115 return 0;
2116
2117 if (i_uid_needs_update(idmap, iattr, inode)) {
2118 kuid_t kuid = from_vfsuid(idmap, i_user_ns(inode),
2119 iattr->ia_vfsuid);
2120
2121 dquot = dqget(sb, make_kqid_uid(kuid));
2122 if (IS_ERR(dquot)) {
2123 if (PTR_ERR(dquot) != -ESRCH) {
2124 ret = PTR_ERR(dquot);
2125 goto out_put;
2126 }
2127 dquot = NULL;
2128 }
2129 transfer_to[USRQUOTA] = dquot;
2130 }
2131 if (i_gid_needs_update(idmap, iattr, inode)) {
2132 kgid_t kgid = from_vfsgid(idmap, i_user_ns(inode),
2133 iattr->ia_vfsgid);
2134
2135 dquot = dqget(sb, make_kqid_gid(kgid));
2136 if (IS_ERR(dquot)) {
2137 if (PTR_ERR(dquot) != -ESRCH) {
2138 ret = PTR_ERR(dquot);
2139 goto out_put;
2140 }
2141 dquot = NULL;
2142 }
2143 transfer_to[GRPQUOTA] = dquot;
2144 }
2145 ret = __dquot_transfer(inode, transfer_to);
2146 out_put:
2147 dqput_all(transfer_to);
2148 return ret;
2149 }
2150 EXPORT_SYMBOL(dquot_transfer);
2151
2152 /*
2153 * Write info of quota file to disk
2154 */
dquot_commit_info(struct super_block * sb,int type)2155 int dquot_commit_info(struct super_block *sb, int type)
2156 {
2157 struct quota_info *dqopt = sb_dqopt(sb);
2158
2159 return dqopt->ops[type]->write_file_info(sb, type);
2160 }
2161 EXPORT_SYMBOL(dquot_commit_info);
2162
dquot_get_next_id(struct super_block * sb,struct kqid * qid)2163 int dquot_get_next_id(struct super_block *sb, struct kqid *qid)
2164 {
2165 struct quota_info *dqopt = sb_dqopt(sb);
2166
2167 if (!sb_has_quota_active(sb, qid->type))
2168 return -ESRCH;
2169 if (!dqopt->ops[qid->type]->get_next_id)
2170 return -ENOSYS;
2171 return dqopt->ops[qid->type]->get_next_id(sb, qid);
2172 }
2173 EXPORT_SYMBOL(dquot_get_next_id);
2174
2175 /*
2176 * Definitions of diskquota operations.
2177 */
2178 const struct dquot_operations dquot_operations = {
2179 .write_dquot = dquot_commit,
2180 .acquire_dquot = dquot_acquire,
2181 .release_dquot = dquot_release,
2182 .mark_dirty = dquot_mark_dquot_dirty,
2183 .write_info = dquot_commit_info,
2184 .alloc_dquot = dquot_alloc,
2185 .destroy_dquot = dquot_destroy,
2186 .get_next_id = dquot_get_next_id,
2187 };
2188 EXPORT_SYMBOL(dquot_operations);
2189
2190 /*
2191 * Generic helper for ->open on filesystems supporting disk quotas.
2192 */
dquot_file_open(struct inode * inode,struct file * file)2193 int dquot_file_open(struct inode *inode, struct file *file)
2194 {
2195 int error;
2196
2197 error = generic_file_open(inode, file);
2198 if (!error && (file->f_mode & FMODE_WRITE))
2199 error = dquot_initialize(inode);
2200 return error;
2201 }
2202 EXPORT_SYMBOL(dquot_file_open);
2203
vfs_cleanup_quota_inode(struct super_block * sb,int type)2204 static void vfs_cleanup_quota_inode(struct super_block *sb, int type)
2205 {
2206 struct quota_info *dqopt = sb_dqopt(sb);
2207 struct inode *inode = dqopt->files[type];
2208
2209 if (!inode)
2210 return;
2211 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2212 inode_lock(inode);
2213 inode->i_flags &= ~S_NOQUOTA;
2214 inode_unlock(inode);
2215 }
2216 dqopt->files[type] = NULL;
2217 iput(inode);
2218 }
2219
2220 /*
2221 * Turn quota off on a device. type == -1 ==> quotaoff for all types (umount)
2222 */
dquot_disable(struct super_block * sb,int type,unsigned int flags)2223 int dquot_disable(struct super_block *sb, int type, unsigned int flags)
2224 {
2225 int cnt;
2226 struct quota_info *dqopt = sb_dqopt(sb);
2227
2228 /* s_umount should be held in exclusive mode */
2229 if (WARN_ON_ONCE(down_read_trylock(&sb->s_umount)))
2230 up_read(&sb->s_umount);
2231
2232 /* Cannot turn off usage accounting without turning off limits, or
2233 * suspend quotas and simultaneously turn quotas off. */
2234 if ((flags & DQUOT_USAGE_ENABLED && !(flags & DQUOT_LIMITS_ENABLED))
2235 || (flags & DQUOT_SUSPENDED && flags & (DQUOT_LIMITS_ENABLED |
2236 DQUOT_USAGE_ENABLED)))
2237 return -EINVAL;
2238
2239 /*
2240 * Skip everything if there's nothing to do. We have to do this because
2241 * sometimes we are called when fill_super() failed and calling
2242 * sync_fs() in such cases does no good.
2243 */
2244 if (!sb_any_quota_loaded(sb))
2245 return 0;
2246
2247 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2248 if (type != -1 && cnt != type)
2249 continue;
2250 if (!sb_has_quota_loaded(sb, cnt))
2251 continue;
2252
2253 if (flags & DQUOT_SUSPENDED) {
2254 spin_lock(&dq_state_lock);
2255 dqopt->flags |=
2256 dquot_state_flag(DQUOT_SUSPENDED, cnt);
2257 spin_unlock(&dq_state_lock);
2258 } else {
2259 spin_lock(&dq_state_lock);
2260 dqopt->flags &= ~dquot_state_flag(flags, cnt);
2261 /* Turning off suspended quotas? */
2262 if (!sb_has_quota_loaded(sb, cnt) &&
2263 sb_has_quota_suspended(sb, cnt)) {
2264 dqopt->flags &= ~dquot_state_flag(
2265 DQUOT_SUSPENDED, cnt);
2266 spin_unlock(&dq_state_lock);
2267 vfs_cleanup_quota_inode(sb, cnt);
2268 continue;
2269 }
2270 spin_unlock(&dq_state_lock);
2271 }
2272
2273 /* We still have to keep quota loaded? */
2274 if (sb_has_quota_loaded(sb, cnt) && !(flags & DQUOT_SUSPENDED))
2275 continue;
2276
2277 /* Note: these are blocking operations */
2278 drop_dquot_ref(sb, cnt);
2279 invalidate_dquots(sb, cnt);
2280 /*
2281 * Now all dquots should be invalidated, all writes done so we
2282 * should be only users of the info. No locks needed.
2283 */
2284 if (info_dirty(&dqopt->info[cnt]))
2285 sb->dq_op->write_info(sb, cnt);
2286 if (dqopt->ops[cnt]->free_file_info)
2287 dqopt->ops[cnt]->free_file_info(sb, cnt);
2288 put_quota_format(dqopt->info[cnt].dqi_format);
2289 dqopt->info[cnt].dqi_flags = 0;
2290 dqopt->info[cnt].dqi_igrace = 0;
2291 dqopt->info[cnt].dqi_bgrace = 0;
2292 dqopt->ops[cnt] = NULL;
2293 }
2294
2295 /* Skip syncing and setting flags if quota files are hidden */
2296 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE)
2297 goto put_inodes;
2298
2299 /* Sync the superblock so that buffers with quota data are written to
2300 * disk (and so userspace sees correct data afterwards). */
2301 if (sb->s_op->sync_fs)
2302 sb->s_op->sync_fs(sb, 1);
2303 sync_blockdev(sb->s_bdev);
2304 /* Now the quota files are just ordinary files and we can set the
2305 * inode flags back. Moreover we discard the pagecache so that
2306 * userspace sees the writes we did bypassing the pagecache. We
2307 * must also discard the blockdev buffers so that we see the
2308 * changes done by userspace on the next quotaon() */
2309 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2310 if (!sb_has_quota_loaded(sb, cnt) && dqopt->files[cnt]) {
2311 inode_lock(dqopt->files[cnt]);
2312 truncate_inode_pages(&dqopt->files[cnt]->i_data, 0);
2313 inode_unlock(dqopt->files[cnt]);
2314 }
2315 if (sb->s_bdev)
2316 invalidate_bdev(sb->s_bdev);
2317 put_inodes:
2318 /* We are done when suspending quotas */
2319 if (flags & DQUOT_SUSPENDED)
2320 return 0;
2321
2322 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
2323 if (!sb_has_quota_loaded(sb, cnt))
2324 vfs_cleanup_quota_inode(sb, cnt);
2325 return 0;
2326 }
2327 EXPORT_SYMBOL(dquot_disable);
2328
dquot_quota_off(struct super_block * sb,int type)2329 int dquot_quota_off(struct super_block *sb, int type)
2330 {
2331 return dquot_disable(sb, type,
2332 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2333 }
2334 EXPORT_SYMBOL(dquot_quota_off);
2335
2336 /*
2337 * Turn quotas on on a device
2338 */
2339
vfs_setup_quota_inode(struct inode * inode,int type)2340 static int vfs_setup_quota_inode(struct inode *inode, int type)
2341 {
2342 struct super_block *sb = inode->i_sb;
2343 struct quota_info *dqopt = sb_dqopt(sb);
2344
2345 if (is_bad_inode(inode))
2346 return -EUCLEAN;
2347 if (!S_ISREG(inode->i_mode))
2348 return -EACCES;
2349 if (IS_RDONLY(inode))
2350 return -EROFS;
2351 if (sb_has_quota_loaded(sb, type))
2352 return -EBUSY;
2353
2354 /*
2355 * Quota files should never be encrypted. They should be thought of as
2356 * filesystem metadata, not user data. New-style internal quota files
2357 * cannot be encrypted by users anyway, but old-style external quota
2358 * files could potentially be incorrectly created in an encrypted
2359 * directory, hence this explicit check. Some reasons why encrypted
2360 * quota files don't work include: (1) some filesystems that support
2361 * encryption don't handle it in their quota_read and quota_write, and
2362 * (2) cleaning up encrypted quota files at unmount would need special
2363 * consideration, as quota files are cleaned up later than user files.
2364 */
2365 if (IS_ENCRYPTED(inode))
2366 return -EINVAL;
2367
2368 dqopt->files[type] = igrab(inode);
2369 if (!dqopt->files[type])
2370 return -EIO;
2371 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2372 /* We don't want quota and atime on quota files (deadlocks
2373 * possible) Also nobody should write to the file - we use
2374 * special IO operations which ignore the immutable bit. */
2375 inode_lock(inode);
2376 inode->i_flags |= S_NOQUOTA;
2377 inode_unlock(inode);
2378 /*
2379 * When S_NOQUOTA is set, remove dquot references as no more
2380 * references can be added
2381 */
2382 __dquot_drop(inode);
2383 }
2384 return 0;
2385 }
2386
dquot_load_quota_sb(struct super_block * sb,int type,int format_id,unsigned int flags)2387 int dquot_load_quota_sb(struct super_block *sb, int type, int format_id,
2388 unsigned int flags)
2389 {
2390 struct quota_format_type *fmt = find_quota_format(format_id);
2391 struct quota_info *dqopt = sb_dqopt(sb);
2392 int error;
2393
2394 lockdep_assert_held_write(&sb->s_umount);
2395
2396 /* Just unsuspend quotas? */
2397 BUG_ON(flags & DQUOT_SUSPENDED);
2398
2399 if (!fmt)
2400 return -ESRCH;
2401 if (!sb->dq_op || !sb->s_qcop ||
2402 (type == PRJQUOTA && sb->dq_op->get_projid == NULL)) {
2403 error = -EINVAL;
2404 goto out_fmt;
2405 }
2406 /* Filesystems outside of init_user_ns not yet supported */
2407 if (sb->s_user_ns != &init_user_ns) {
2408 error = -EINVAL;
2409 goto out_fmt;
2410 }
2411 /* Usage always has to be set... */
2412 if (!(flags & DQUOT_USAGE_ENABLED)) {
2413 error = -EINVAL;
2414 goto out_fmt;
2415 }
2416 if (sb_has_quota_loaded(sb, type)) {
2417 error = -EBUSY;
2418 goto out_fmt;
2419 }
2420
2421 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE)) {
2422 /* As we bypass the pagecache we must now flush all the
2423 * dirty data and invalidate caches so that kernel sees
2424 * changes from userspace. It is not enough to just flush
2425 * the quota file since if blocksize < pagesize, invalidation
2426 * of the cache could fail because of other unrelated dirty
2427 * data */
2428 sync_filesystem(sb);
2429 invalidate_bdev(sb->s_bdev);
2430 }
2431
2432 error = -EINVAL;
2433 if (!fmt->qf_ops->check_quota_file(sb, type))
2434 goto out_fmt;
2435
2436 dqopt->ops[type] = fmt->qf_ops;
2437 dqopt->info[type].dqi_format = fmt;
2438 dqopt->info[type].dqi_fmt_id = format_id;
2439 INIT_LIST_HEAD(&dqopt->info[type].dqi_dirty_list);
2440 error = dqopt->ops[type]->read_file_info(sb, type);
2441 if (error < 0)
2442 goto out_fmt;
2443 if (dqopt->flags & DQUOT_QUOTA_SYS_FILE) {
2444 spin_lock(&dq_data_lock);
2445 dqopt->info[type].dqi_flags |= DQF_SYS_FILE;
2446 spin_unlock(&dq_data_lock);
2447 }
2448 spin_lock(&dq_state_lock);
2449 dqopt->flags |= dquot_state_flag(flags, type);
2450 spin_unlock(&dq_state_lock);
2451
2452 error = add_dquot_ref(sb, type);
2453 if (error)
2454 dquot_disable(sb, type,
2455 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2456
2457 return error;
2458 out_fmt:
2459 put_quota_format(fmt);
2460
2461 return error;
2462 }
2463 EXPORT_SYMBOL(dquot_load_quota_sb);
2464
2465 /*
2466 * More powerful function for turning on quotas on given quota inode allowing
2467 * setting of individual quota flags
2468 */
dquot_load_quota_inode(struct inode * inode,int type,int format_id,unsigned int flags)2469 int dquot_load_quota_inode(struct inode *inode, int type, int format_id,
2470 unsigned int flags)
2471 {
2472 int err;
2473
2474 err = vfs_setup_quota_inode(inode, type);
2475 if (err < 0)
2476 return err;
2477 err = dquot_load_quota_sb(inode->i_sb, type, format_id, flags);
2478 if (err < 0)
2479 vfs_cleanup_quota_inode(inode->i_sb, type);
2480 return err;
2481 }
2482 EXPORT_SYMBOL(dquot_load_quota_inode);
2483
2484 /* Reenable quotas on remount RW */
dquot_resume(struct super_block * sb,int type)2485 int dquot_resume(struct super_block *sb, int type)
2486 {
2487 struct quota_info *dqopt = sb_dqopt(sb);
2488 int ret = 0, cnt;
2489 unsigned int flags;
2490
2491 /* s_umount should be held in exclusive mode */
2492 if (WARN_ON_ONCE(down_read_trylock(&sb->s_umount)))
2493 up_read(&sb->s_umount);
2494
2495 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
2496 if (type != -1 && cnt != type)
2497 continue;
2498 if (!sb_has_quota_suspended(sb, cnt))
2499 continue;
2500
2501 spin_lock(&dq_state_lock);
2502 flags = dqopt->flags & dquot_state_flag(DQUOT_USAGE_ENABLED |
2503 DQUOT_LIMITS_ENABLED,
2504 cnt);
2505 dqopt->flags &= ~dquot_state_flag(DQUOT_STATE_FLAGS, cnt);
2506 spin_unlock(&dq_state_lock);
2507
2508 flags = dquot_generic_flag(flags, cnt);
2509 ret = dquot_load_quota_sb(sb, cnt, dqopt->info[cnt].dqi_fmt_id,
2510 flags);
2511 if (ret < 0)
2512 vfs_cleanup_quota_inode(sb, cnt);
2513 }
2514
2515 return ret;
2516 }
2517 EXPORT_SYMBOL(dquot_resume);
2518
dquot_quota_on(struct super_block * sb,int type,int format_id,const struct path * path)2519 int dquot_quota_on(struct super_block *sb, int type, int format_id,
2520 const struct path *path)
2521 {
2522 int error = security_quota_on(path->dentry);
2523 if (error)
2524 return error;
2525 /* Quota file not on the same filesystem? */
2526 if (path->dentry->d_sb != sb)
2527 error = -EXDEV;
2528 else
2529 error = dquot_load_quota_inode(d_inode(path->dentry), type,
2530 format_id, DQUOT_USAGE_ENABLED |
2531 DQUOT_LIMITS_ENABLED);
2532 return error;
2533 }
2534 EXPORT_SYMBOL(dquot_quota_on);
2535
2536 /*
2537 * This function is used when filesystem needs to initialize quotas
2538 * during mount time.
2539 */
dquot_quota_on_mount(struct super_block * sb,char * qf_name,int format_id,int type)2540 int dquot_quota_on_mount(struct super_block *sb, char *qf_name,
2541 int format_id, int type)
2542 {
2543 struct dentry *dentry;
2544 int error;
2545
2546 dentry = lookup_positive_unlocked(qf_name, sb->s_root, strlen(qf_name));
2547 if (IS_ERR(dentry))
2548 return PTR_ERR(dentry);
2549
2550 error = security_quota_on(dentry);
2551 if (!error)
2552 error = dquot_load_quota_inode(d_inode(dentry), type, format_id,
2553 DQUOT_USAGE_ENABLED | DQUOT_LIMITS_ENABLED);
2554
2555 dput(dentry);
2556 return error;
2557 }
2558 EXPORT_SYMBOL(dquot_quota_on_mount);
2559
dquot_quota_enable(struct super_block * sb,unsigned int flags)2560 static int dquot_quota_enable(struct super_block *sb, unsigned int flags)
2561 {
2562 int ret;
2563 int type;
2564 struct quota_info *dqopt = sb_dqopt(sb);
2565
2566 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE))
2567 return -ENOSYS;
2568 /* Accounting cannot be turned on while fs is mounted */
2569 flags &= ~(FS_QUOTA_UDQ_ACCT | FS_QUOTA_GDQ_ACCT | FS_QUOTA_PDQ_ACCT);
2570 if (!flags)
2571 return -EINVAL;
2572 for (type = 0; type < MAXQUOTAS; type++) {
2573 if (!(flags & qtype_enforce_flag(type)))
2574 continue;
2575 /* Can't enforce without accounting */
2576 if (!sb_has_quota_usage_enabled(sb, type)) {
2577 ret = -EINVAL;
2578 goto out_err;
2579 }
2580 if (sb_has_quota_limits_enabled(sb, type)) {
2581 ret = -EBUSY;
2582 goto out_err;
2583 }
2584 spin_lock(&dq_state_lock);
2585 dqopt->flags |= dquot_state_flag(DQUOT_LIMITS_ENABLED, type);
2586 spin_unlock(&dq_state_lock);
2587 }
2588 return 0;
2589 out_err:
2590 /* Backout enforcement enablement we already did */
2591 for (type--; type >= 0; type--) {
2592 if (flags & qtype_enforce_flag(type))
2593 dquot_disable(sb, type, DQUOT_LIMITS_ENABLED);
2594 }
2595 /* Error code translation for better compatibility with XFS */
2596 if (ret == -EBUSY)
2597 ret = -EEXIST;
2598 return ret;
2599 }
2600
dquot_quota_disable(struct super_block * sb,unsigned int flags)2601 static int dquot_quota_disable(struct super_block *sb, unsigned int flags)
2602 {
2603 int ret;
2604 int type;
2605 struct quota_info *dqopt = sb_dqopt(sb);
2606
2607 if (!(dqopt->flags & DQUOT_QUOTA_SYS_FILE))
2608 return -ENOSYS;
2609 /*
2610 * We don't support turning off accounting via quotactl. In principle
2611 * quota infrastructure can do this but filesystems don't expect
2612 * userspace to be able to do it.
2613 */
2614 if (flags &
2615 (FS_QUOTA_UDQ_ACCT | FS_QUOTA_GDQ_ACCT | FS_QUOTA_PDQ_ACCT))
2616 return -EOPNOTSUPP;
2617
2618 /* Filter out limits not enabled */
2619 for (type = 0; type < MAXQUOTAS; type++)
2620 if (!sb_has_quota_limits_enabled(sb, type))
2621 flags &= ~qtype_enforce_flag(type);
2622 /* Nothing left? */
2623 if (!flags)
2624 return -EEXIST;
2625 for (type = 0; type < MAXQUOTAS; type++) {
2626 if (flags & qtype_enforce_flag(type)) {
2627 ret = dquot_disable(sb, type, DQUOT_LIMITS_ENABLED);
2628 if (ret < 0)
2629 goto out_err;
2630 }
2631 }
2632 return 0;
2633 out_err:
2634 /* Backout enforcement disabling we already did */
2635 for (type--; type >= 0; type--) {
2636 if (flags & qtype_enforce_flag(type)) {
2637 spin_lock(&dq_state_lock);
2638 dqopt->flags |=
2639 dquot_state_flag(DQUOT_LIMITS_ENABLED, type);
2640 spin_unlock(&dq_state_lock);
2641 }
2642 }
2643 return ret;
2644 }
2645
2646 /* Generic routine for getting common part of quota structure */
do_get_dqblk(struct dquot * dquot,struct qc_dqblk * di)2647 static void do_get_dqblk(struct dquot *dquot, struct qc_dqblk *di)
2648 {
2649 struct mem_dqblk *dm = &dquot->dq_dqb;
2650
2651 memset(di, 0, sizeof(*di));
2652 spin_lock(&dquot->dq_dqb_lock);
2653 di->d_spc_hardlimit = dm->dqb_bhardlimit;
2654 di->d_spc_softlimit = dm->dqb_bsoftlimit;
2655 di->d_ino_hardlimit = dm->dqb_ihardlimit;
2656 di->d_ino_softlimit = dm->dqb_isoftlimit;
2657 di->d_space = dm->dqb_curspace + dm->dqb_rsvspace;
2658 di->d_ino_count = dm->dqb_curinodes;
2659 di->d_spc_timer = dm->dqb_btime;
2660 di->d_ino_timer = dm->dqb_itime;
2661 spin_unlock(&dquot->dq_dqb_lock);
2662 }
2663
dquot_get_dqblk(struct super_block * sb,struct kqid qid,struct qc_dqblk * di)2664 int dquot_get_dqblk(struct super_block *sb, struct kqid qid,
2665 struct qc_dqblk *di)
2666 {
2667 struct dquot *dquot;
2668
2669 dquot = dqget(sb, qid);
2670 if (IS_ERR(dquot))
2671 return PTR_ERR(dquot);
2672 do_get_dqblk(dquot, di);
2673 dqput(dquot);
2674
2675 return 0;
2676 }
2677 EXPORT_SYMBOL(dquot_get_dqblk);
2678
dquot_get_next_dqblk(struct super_block * sb,struct kqid * qid,struct qc_dqblk * di)2679 int dquot_get_next_dqblk(struct super_block *sb, struct kqid *qid,
2680 struct qc_dqblk *di)
2681 {
2682 struct dquot *dquot;
2683 int err;
2684
2685 if (!sb->dq_op->get_next_id)
2686 return -ENOSYS;
2687 err = sb->dq_op->get_next_id(sb, qid);
2688 if (err < 0)
2689 return err;
2690 dquot = dqget(sb, *qid);
2691 if (IS_ERR(dquot))
2692 return PTR_ERR(dquot);
2693 do_get_dqblk(dquot, di);
2694 dqput(dquot);
2695
2696 return 0;
2697 }
2698 EXPORT_SYMBOL(dquot_get_next_dqblk);
2699
2700 #define VFS_QC_MASK \
2701 (QC_SPACE | QC_SPC_SOFT | QC_SPC_HARD | \
2702 QC_INO_COUNT | QC_INO_SOFT | QC_INO_HARD | \
2703 QC_SPC_TIMER | QC_INO_TIMER)
2704
2705 /* Generic routine for setting common part of quota structure */
do_set_dqblk(struct dquot * dquot,struct qc_dqblk * di)2706 static int do_set_dqblk(struct dquot *dquot, struct qc_dqblk *di)
2707 {
2708 struct mem_dqblk *dm = &dquot->dq_dqb;
2709 int check_blim = 0, check_ilim = 0;
2710 struct mem_dqinfo *dqi = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_id.type];
2711
2712 if (di->d_fieldmask & ~VFS_QC_MASK)
2713 return -EINVAL;
2714
2715 if (((di->d_fieldmask & QC_SPC_SOFT) &&
2716 di->d_spc_softlimit > dqi->dqi_max_spc_limit) ||
2717 ((di->d_fieldmask & QC_SPC_HARD) &&
2718 di->d_spc_hardlimit > dqi->dqi_max_spc_limit) ||
2719 ((di->d_fieldmask & QC_INO_SOFT) &&
2720 (di->d_ino_softlimit > dqi->dqi_max_ino_limit)) ||
2721 ((di->d_fieldmask & QC_INO_HARD) &&
2722 (di->d_ino_hardlimit > dqi->dqi_max_ino_limit)))
2723 return -ERANGE;
2724
2725 spin_lock(&dquot->dq_dqb_lock);
2726 if (di->d_fieldmask & QC_SPACE) {
2727 dm->dqb_curspace = di->d_space - dm->dqb_rsvspace;
2728 check_blim = 1;
2729 set_bit(DQ_LASTSET_B + QIF_SPACE_B, &dquot->dq_flags);
2730 }
2731
2732 if (di->d_fieldmask & QC_SPC_SOFT)
2733 dm->dqb_bsoftlimit = di->d_spc_softlimit;
2734 if (di->d_fieldmask & QC_SPC_HARD)
2735 dm->dqb_bhardlimit = di->d_spc_hardlimit;
2736 if (di->d_fieldmask & (QC_SPC_SOFT | QC_SPC_HARD)) {
2737 check_blim = 1;
2738 set_bit(DQ_LASTSET_B + QIF_BLIMITS_B, &dquot->dq_flags);
2739 }
2740
2741 if (di->d_fieldmask & QC_INO_COUNT) {
2742 dm->dqb_curinodes = di->d_ino_count;
2743 check_ilim = 1;
2744 set_bit(DQ_LASTSET_B + QIF_INODES_B, &dquot->dq_flags);
2745 }
2746
2747 if (di->d_fieldmask & QC_INO_SOFT)
2748 dm->dqb_isoftlimit = di->d_ino_softlimit;
2749 if (di->d_fieldmask & QC_INO_HARD)
2750 dm->dqb_ihardlimit = di->d_ino_hardlimit;
2751 if (di->d_fieldmask & (QC_INO_SOFT | QC_INO_HARD)) {
2752 check_ilim = 1;
2753 set_bit(DQ_LASTSET_B + QIF_ILIMITS_B, &dquot->dq_flags);
2754 }
2755
2756 if (di->d_fieldmask & QC_SPC_TIMER) {
2757 dm->dqb_btime = di->d_spc_timer;
2758 check_blim = 1;
2759 set_bit(DQ_LASTSET_B + QIF_BTIME_B, &dquot->dq_flags);
2760 }
2761
2762 if (di->d_fieldmask & QC_INO_TIMER) {
2763 dm->dqb_itime = di->d_ino_timer;
2764 check_ilim = 1;
2765 set_bit(DQ_LASTSET_B + QIF_ITIME_B, &dquot->dq_flags);
2766 }
2767
2768 if (check_blim) {
2769 if (!dm->dqb_bsoftlimit ||
2770 dm->dqb_curspace + dm->dqb_rsvspace <= dm->dqb_bsoftlimit) {
2771 dm->dqb_btime = 0;
2772 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
2773 } else if (!(di->d_fieldmask & QC_SPC_TIMER))
2774 /* Set grace only if user hasn't provided his own... */
2775 dm->dqb_btime = ktime_get_real_seconds() + dqi->dqi_bgrace;
2776 }
2777 if (check_ilim) {
2778 if (!dm->dqb_isoftlimit ||
2779 dm->dqb_curinodes <= dm->dqb_isoftlimit) {
2780 dm->dqb_itime = 0;
2781 clear_bit(DQ_INODES_B, &dquot->dq_flags);
2782 } else if (!(di->d_fieldmask & QC_INO_TIMER))
2783 /* Set grace only if user hasn't provided his own... */
2784 dm->dqb_itime = ktime_get_real_seconds() + dqi->dqi_igrace;
2785 }
2786 if (dm->dqb_bhardlimit || dm->dqb_bsoftlimit || dm->dqb_ihardlimit ||
2787 dm->dqb_isoftlimit)
2788 clear_bit(DQ_FAKE_B, &dquot->dq_flags);
2789 else
2790 set_bit(DQ_FAKE_B, &dquot->dq_flags);
2791 spin_unlock(&dquot->dq_dqb_lock);
2792 mark_dquot_dirty(dquot);
2793
2794 return 0;
2795 }
2796
dquot_set_dqblk(struct super_block * sb,struct kqid qid,struct qc_dqblk * di)2797 int dquot_set_dqblk(struct super_block *sb, struct kqid qid,
2798 struct qc_dqblk *di)
2799 {
2800 struct dquot *dquot;
2801 int rc;
2802
2803 dquot = dqget(sb, qid);
2804 if (IS_ERR(dquot)) {
2805 rc = PTR_ERR(dquot);
2806 goto out;
2807 }
2808 rc = do_set_dqblk(dquot, di);
2809 dqput(dquot);
2810 out:
2811 return rc;
2812 }
2813 EXPORT_SYMBOL(dquot_set_dqblk);
2814
2815 /* Generic routine for getting common part of quota file information */
dquot_get_state(struct super_block * sb,struct qc_state * state)2816 int dquot_get_state(struct super_block *sb, struct qc_state *state)
2817 {
2818 struct mem_dqinfo *mi;
2819 struct qc_type_state *tstate;
2820 struct quota_info *dqopt = sb_dqopt(sb);
2821 int type;
2822
2823 memset(state, 0, sizeof(*state));
2824 for (type = 0; type < MAXQUOTAS; type++) {
2825 if (!sb_has_quota_active(sb, type))
2826 continue;
2827 tstate = state->s_state + type;
2828 mi = sb_dqopt(sb)->info + type;
2829 tstate->flags = QCI_ACCT_ENABLED;
2830 spin_lock(&dq_data_lock);
2831 if (mi->dqi_flags & DQF_SYS_FILE)
2832 tstate->flags |= QCI_SYSFILE;
2833 if (mi->dqi_flags & DQF_ROOT_SQUASH)
2834 tstate->flags |= QCI_ROOT_SQUASH;
2835 if (sb_has_quota_limits_enabled(sb, type))
2836 tstate->flags |= QCI_LIMITS_ENFORCED;
2837 tstate->spc_timelimit = mi->dqi_bgrace;
2838 tstate->ino_timelimit = mi->dqi_igrace;
2839 if (dqopt->files[type]) {
2840 tstate->ino = dqopt->files[type]->i_ino;
2841 tstate->blocks = dqopt->files[type]->i_blocks;
2842 }
2843 tstate->nextents = 1; /* We don't know... */
2844 spin_unlock(&dq_data_lock);
2845 }
2846 return 0;
2847 }
2848 EXPORT_SYMBOL(dquot_get_state);
2849
2850 /* Generic routine for setting common part of quota file information */
dquot_set_dqinfo(struct super_block * sb,int type,struct qc_info * ii)2851 int dquot_set_dqinfo(struct super_block *sb, int type, struct qc_info *ii)
2852 {
2853 struct mem_dqinfo *mi;
2854
2855 if ((ii->i_fieldmask & QC_WARNS_MASK) ||
2856 (ii->i_fieldmask & QC_RT_SPC_TIMER))
2857 return -EINVAL;
2858 if (!sb_has_quota_active(sb, type))
2859 return -ESRCH;
2860 mi = sb_dqopt(sb)->info + type;
2861 if (ii->i_fieldmask & QC_FLAGS) {
2862 if ((ii->i_flags & QCI_ROOT_SQUASH &&
2863 mi->dqi_format->qf_fmt_id != QFMT_VFS_OLD))
2864 return -EINVAL;
2865 }
2866 spin_lock(&dq_data_lock);
2867 if (ii->i_fieldmask & QC_SPC_TIMER)
2868 mi->dqi_bgrace = ii->i_spc_timelimit;
2869 if (ii->i_fieldmask & QC_INO_TIMER)
2870 mi->dqi_igrace = ii->i_ino_timelimit;
2871 if (ii->i_fieldmask & QC_FLAGS) {
2872 if (ii->i_flags & QCI_ROOT_SQUASH)
2873 mi->dqi_flags |= DQF_ROOT_SQUASH;
2874 else
2875 mi->dqi_flags &= ~DQF_ROOT_SQUASH;
2876 }
2877 spin_unlock(&dq_data_lock);
2878 mark_info_dirty(sb, type);
2879 /* Force write to disk */
2880 return sb->dq_op->write_info(sb, type);
2881 }
2882 EXPORT_SYMBOL(dquot_set_dqinfo);
2883
2884 const struct quotactl_ops dquot_quotactl_sysfile_ops = {
2885 .quota_enable = dquot_quota_enable,
2886 .quota_disable = dquot_quota_disable,
2887 .quota_sync = dquot_quota_sync,
2888 .get_state = dquot_get_state,
2889 .set_info = dquot_set_dqinfo,
2890 .get_dqblk = dquot_get_dqblk,
2891 .get_nextdqblk = dquot_get_next_dqblk,
2892 .set_dqblk = dquot_set_dqblk
2893 };
2894 EXPORT_SYMBOL(dquot_quotactl_sysfile_ops);
2895
do_proc_dqstats(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)2896 static int do_proc_dqstats(struct ctl_table *table, int write,
2897 void *buffer, size_t *lenp, loff_t *ppos)
2898 {
2899 unsigned int type = (unsigned long *)table->data - dqstats.stat;
2900 s64 value = percpu_counter_sum(&dqstats.counter[type]);
2901
2902 /* Filter negative values for non-monotonic counters */
2903 if (value < 0 && (type == DQST_ALLOC_DQUOTS ||
2904 type == DQST_FREE_DQUOTS))
2905 value = 0;
2906
2907 /* Update global table */
2908 dqstats.stat[type] = value;
2909 return proc_doulongvec_minmax(table, write, buffer, lenp, ppos);
2910 }
2911
2912 static struct ctl_table fs_dqstats_table[] = {
2913 {
2914 .procname = "lookups",
2915 .data = &dqstats.stat[DQST_LOOKUPS],
2916 .maxlen = sizeof(unsigned long),
2917 .mode = 0444,
2918 .proc_handler = do_proc_dqstats,
2919 },
2920 {
2921 .procname = "drops",
2922 .data = &dqstats.stat[DQST_DROPS],
2923 .maxlen = sizeof(unsigned long),
2924 .mode = 0444,
2925 .proc_handler = do_proc_dqstats,
2926 },
2927 {
2928 .procname = "reads",
2929 .data = &dqstats.stat[DQST_READS],
2930 .maxlen = sizeof(unsigned long),
2931 .mode = 0444,
2932 .proc_handler = do_proc_dqstats,
2933 },
2934 {
2935 .procname = "writes",
2936 .data = &dqstats.stat[DQST_WRITES],
2937 .maxlen = sizeof(unsigned long),
2938 .mode = 0444,
2939 .proc_handler = do_proc_dqstats,
2940 },
2941 {
2942 .procname = "cache_hits",
2943 .data = &dqstats.stat[DQST_CACHE_HITS],
2944 .maxlen = sizeof(unsigned long),
2945 .mode = 0444,
2946 .proc_handler = do_proc_dqstats,
2947 },
2948 {
2949 .procname = "allocated_dquots",
2950 .data = &dqstats.stat[DQST_ALLOC_DQUOTS],
2951 .maxlen = sizeof(unsigned long),
2952 .mode = 0444,
2953 .proc_handler = do_proc_dqstats,
2954 },
2955 {
2956 .procname = "free_dquots",
2957 .data = &dqstats.stat[DQST_FREE_DQUOTS],
2958 .maxlen = sizeof(unsigned long),
2959 .mode = 0444,
2960 .proc_handler = do_proc_dqstats,
2961 },
2962 {
2963 .procname = "syncs",
2964 .data = &dqstats.stat[DQST_SYNCS],
2965 .maxlen = sizeof(unsigned long),
2966 .mode = 0444,
2967 .proc_handler = do_proc_dqstats,
2968 },
2969 #ifdef CONFIG_PRINT_QUOTA_WARNING
2970 {
2971 .procname = "warnings",
2972 .data = &flag_print_warnings,
2973 .maxlen = sizeof(int),
2974 .mode = 0644,
2975 .proc_handler = proc_dointvec,
2976 },
2977 #endif
2978 { },
2979 };
2980
dquot_init(void)2981 static int __init dquot_init(void)
2982 {
2983 int i, ret;
2984 unsigned long nr_hash, order;
2985
2986 printk(KERN_NOTICE "VFS: Disk quotas %s\n", __DQUOT_VERSION__);
2987
2988 register_sysctl_init("fs/quota", fs_dqstats_table);
2989
2990 dquot_cachep = kmem_cache_create("dquot",
2991 sizeof(struct dquot), sizeof(unsigned long) * 4,
2992 (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT|
2993 SLAB_MEM_SPREAD|SLAB_PANIC),
2994 NULL);
2995
2996 order = 0;
2997 dquot_hash = (struct hlist_head *)__get_free_pages(GFP_KERNEL, order);
2998 if (!dquot_hash)
2999 panic("Cannot create dquot hash table");
3000
3001 for (i = 0; i < _DQST_DQSTAT_LAST; i++) {
3002 ret = percpu_counter_init(&dqstats.counter[i], 0, GFP_KERNEL);
3003 if (ret)
3004 panic("Cannot create dquot stat counters");
3005 }
3006
3007 /* Find power-of-two hlist_heads which can fit into allocation */
3008 nr_hash = (1UL << order) * PAGE_SIZE / sizeof(struct hlist_head);
3009 dq_hash_bits = ilog2(nr_hash);
3010
3011 nr_hash = 1UL << dq_hash_bits;
3012 dq_hash_mask = nr_hash - 1;
3013 for (i = 0; i < nr_hash; i++)
3014 INIT_HLIST_HEAD(dquot_hash + i);
3015
3016 pr_info("VFS: Dquot-cache hash table entries: %ld (order %ld,"
3017 " %ld bytes)\n", nr_hash, order, (PAGE_SIZE << order));
3018
3019 if (register_shrinker(&dqcache_shrinker, "dquota-cache"))
3020 panic("Cannot register dquot shrinker");
3021
3022 return 0;
3023 }
3024 fs_initcall(dquot_init);
3025