1 /*
2 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3 * All Rights Reserved.
4 *
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 #include "xfs.h"
19 #include "xfs_fs.h"
20 #include "xfs_bit.h"
21 #include "xfs_log.h"
22 #include "xfs_inum.h"
23 #include "xfs_trans.h"
24 #include "xfs_sb.h"
25 #include "xfs_ag.h"
26 #include "xfs_alloc.h"
27 #include "xfs_quota.h"
28 #include "xfs_mount.h"
29 #include "xfs_bmap_btree.h"
30 #include "xfs_ialloc_btree.h"
31 #include "xfs_dinode.h"
32 #include "xfs_inode.h"
33 #include "xfs_ialloc.h"
34 #include "xfs_itable.h"
35 #include "xfs_rtalloc.h"
36 #include "xfs_error.h"
37 #include "xfs_bmap.h"
38 #include "xfs_attr.h"
39 #include "xfs_buf_item.h"
40 #include "xfs_trans_space.h"
41 #include "xfs_utils.h"
42 #include "xfs_qm.h"
43 #include "xfs_trace.h"
44
45 /*
46 * The global quota manager. There is only one of these for the entire
47 * system, _not_ one per file system. XQM keeps track of the overall
48 * quota functionality, including maintaining the freelist and hash
49 * tables of dquots.
50 */
51 struct mutex xfs_Gqm_lock;
52 struct xfs_qm *xfs_Gqm;
53 uint ndquot;
54
55 kmem_zone_t *qm_dqzone;
56 kmem_zone_t *qm_dqtrxzone;
57
58 STATIC void xfs_qm_list_init(xfs_dqlist_t *, char *, int);
59 STATIC void xfs_qm_list_destroy(xfs_dqlist_t *);
60
61 STATIC int xfs_qm_init_quotainos(xfs_mount_t *);
62 STATIC int xfs_qm_init_quotainfo(xfs_mount_t *);
63 STATIC int xfs_qm_shake(struct shrinker *, int, gfp_t);
64
65 static struct shrinker xfs_qm_shaker = {
66 .shrink = xfs_qm_shake,
67 .seeks = DEFAULT_SEEKS,
68 };
69
70 #ifdef DEBUG
71 extern struct mutex qcheck_lock;
72 #endif
73
74 #ifdef QUOTADEBUG
75 static void
xfs_qm_dquot_list_print(struct xfs_mount * mp)76 xfs_qm_dquot_list_print(
77 struct xfs_mount *mp)
78 {
79 xfs_dquot_t *dqp;
80 int i = 0;
81
82 list_for_each_entry(dqp, &mp->m_quotainfo->qi_dqlist_lock, qi_mplist) {
83 xfs_debug(mp, " %d. \"%d (%s)\" "
84 "bcnt = %lld, icnt = %lld, refs = %d",
85 i++, be32_to_cpu(dqp->q_core.d_id),
86 DQFLAGTO_TYPESTR(dqp),
87 (long long)be64_to_cpu(dqp->q_core.d_bcount),
88 (long long)be64_to_cpu(dqp->q_core.d_icount),
89 dqp->q_nrefs);
90 }
91 }
92 #else
xfs_qm_dquot_list_print(struct xfs_mount * mp)93 static void xfs_qm_dquot_list_print(struct xfs_mount *mp) { }
94 #endif
95
96 /*
97 * Initialize the XQM structure.
98 * Note that there is not one quota manager per file system.
99 */
100 STATIC struct xfs_qm *
xfs_Gqm_init(void)101 xfs_Gqm_init(void)
102 {
103 xfs_dqhash_t *udqhash, *gdqhash;
104 xfs_qm_t *xqm;
105 size_t hsize;
106 uint i;
107
108 /*
109 * Initialize the dquot hash tables.
110 */
111 udqhash = kmem_zalloc_greedy(&hsize,
112 XFS_QM_HASHSIZE_LOW * sizeof(xfs_dqhash_t),
113 XFS_QM_HASHSIZE_HIGH * sizeof(xfs_dqhash_t));
114 if (!udqhash)
115 goto out;
116
117 gdqhash = kmem_zalloc_large(hsize);
118 if (!gdqhash)
119 goto out_free_udqhash;
120
121 hsize /= sizeof(xfs_dqhash_t);
122 ndquot = hsize << 8;
123
124 xqm = kmem_zalloc(sizeof(xfs_qm_t), KM_SLEEP);
125 xqm->qm_dqhashmask = hsize - 1;
126 xqm->qm_usr_dqhtable = udqhash;
127 xqm->qm_grp_dqhtable = gdqhash;
128 ASSERT(xqm->qm_usr_dqhtable != NULL);
129 ASSERT(xqm->qm_grp_dqhtable != NULL);
130
131 for (i = 0; i < hsize; i++) {
132 xfs_qm_list_init(&(xqm->qm_usr_dqhtable[i]), "uxdqh", i);
133 xfs_qm_list_init(&(xqm->qm_grp_dqhtable[i]), "gxdqh", i);
134 }
135
136 /*
137 * Freelist of all dquots of all file systems
138 */
139 INIT_LIST_HEAD(&xqm->qm_dqfrlist);
140 xqm->qm_dqfrlist_cnt = 0;
141 mutex_init(&xqm->qm_dqfrlist_lock);
142
143 /*
144 * dquot zone. we register our own low-memory callback.
145 */
146 if (!qm_dqzone) {
147 xqm->qm_dqzone = kmem_zone_init(sizeof(xfs_dquot_t),
148 "xfs_dquots");
149 qm_dqzone = xqm->qm_dqzone;
150 } else
151 xqm->qm_dqzone = qm_dqzone;
152
153 register_shrinker(&xfs_qm_shaker);
154
155 /*
156 * The t_dqinfo portion of transactions.
157 */
158 if (!qm_dqtrxzone) {
159 xqm->qm_dqtrxzone = kmem_zone_init(sizeof(xfs_dquot_acct_t),
160 "xfs_dqtrx");
161 qm_dqtrxzone = xqm->qm_dqtrxzone;
162 } else
163 xqm->qm_dqtrxzone = qm_dqtrxzone;
164
165 atomic_set(&xqm->qm_totaldquots, 0);
166 xqm->qm_dqfree_ratio = XFS_QM_DQFREE_RATIO;
167 xqm->qm_nrefs = 0;
168 #ifdef DEBUG
169 mutex_init(&qcheck_lock);
170 #endif
171 return xqm;
172
173 out_free_udqhash:
174 kmem_free_large(udqhash);
175 out:
176 return NULL;
177 }
178
179 /*
180 * Destroy the global quota manager when its reference count goes to zero.
181 */
182 STATIC void
xfs_qm_destroy(struct xfs_qm * xqm)183 xfs_qm_destroy(
184 struct xfs_qm *xqm)
185 {
186 struct xfs_dquot *dqp, *n;
187 int hsize, i;
188
189 ASSERT(xqm != NULL);
190 ASSERT(xqm->qm_nrefs == 0);
191 unregister_shrinker(&xfs_qm_shaker);
192 hsize = xqm->qm_dqhashmask + 1;
193 for (i = 0; i < hsize; i++) {
194 xfs_qm_list_destroy(&(xqm->qm_usr_dqhtable[i]));
195 xfs_qm_list_destroy(&(xqm->qm_grp_dqhtable[i]));
196 }
197 kmem_free_large(xqm->qm_usr_dqhtable);
198 kmem_free_large(xqm->qm_grp_dqhtable);
199 xqm->qm_usr_dqhtable = NULL;
200 xqm->qm_grp_dqhtable = NULL;
201 xqm->qm_dqhashmask = 0;
202
203 /* frlist cleanup */
204 mutex_lock(&xqm->qm_dqfrlist_lock);
205 list_for_each_entry_safe(dqp, n, &xqm->qm_dqfrlist, q_freelist) {
206 xfs_dqlock(dqp);
207 #ifdef QUOTADEBUG
208 xfs_debug(dqp->q_mount, "FREELIST destroy 0x%p", dqp);
209 #endif
210 list_del_init(&dqp->q_freelist);
211 xfs_Gqm->qm_dqfrlist_cnt--;
212 xfs_dqunlock(dqp);
213 xfs_qm_dqdestroy(dqp);
214 }
215 mutex_unlock(&xqm->qm_dqfrlist_lock);
216 mutex_destroy(&xqm->qm_dqfrlist_lock);
217 #ifdef DEBUG
218 mutex_destroy(&qcheck_lock);
219 #endif
220 kmem_free(xqm);
221 }
222
223 /*
224 * Called at mount time to let XQM know that another file system is
225 * starting quotas. This isn't crucial information as the individual mount
226 * structures are pretty independent, but it helps the XQM keep a
227 * global view of what's going on.
228 */
229 /* ARGSUSED */
230 STATIC int
xfs_qm_hold_quotafs_ref(struct xfs_mount * mp)231 xfs_qm_hold_quotafs_ref(
232 struct xfs_mount *mp)
233 {
234 /*
235 * Need to lock the xfs_Gqm structure for things like this. For example,
236 * the structure could disappear between the entry to this routine and
237 * a HOLD operation if not locked.
238 */
239 mutex_lock(&xfs_Gqm_lock);
240
241 if (!xfs_Gqm) {
242 xfs_Gqm = xfs_Gqm_init();
243 if (!xfs_Gqm) {
244 mutex_unlock(&xfs_Gqm_lock);
245 return ENOMEM;
246 }
247 }
248
249 /*
250 * We can keep a list of all filesystems with quotas mounted for
251 * debugging and statistical purposes, but ...
252 * Just take a reference and get out.
253 */
254 xfs_Gqm->qm_nrefs++;
255 mutex_unlock(&xfs_Gqm_lock);
256
257 return 0;
258 }
259
260
261 /*
262 * Release the reference that a filesystem took at mount time,
263 * so that we know when we need to destroy the entire quota manager.
264 */
265 /* ARGSUSED */
266 STATIC void
xfs_qm_rele_quotafs_ref(struct xfs_mount * mp)267 xfs_qm_rele_quotafs_ref(
268 struct xfs_mount *mp)
269 {
270 xfs_dquot_t *dqp, *n;
271
272 ASSERT(xfs_Gqm);
273 ASSERT(xfs_Gqm->qm_nrefs > 0);
274
275 /*
276 * Go thru the freelist and destroy all inactive dquots.
277 */
278 mutex_lock(&xfs_Gqm->qm_dqfrlist_lock);
279
280 list_for_each_entry_safe(dqp, n, &xfs_Gqm->qm_dqfrlist, q_freelist) {
281 xfs_dqlock(dqp);
282 if (dqp->dq_flags & XFS_DQ_INACTIVE) {
283 ASSERT(dqp->q_mount == NULL);
284 ASSERT(! XFS_DQ_IS_DIRTY(dqp));
285 ASSERT(list_empty(&dqp->q_hashlist));
286 ASSERT(list_empty(&dqp->q_mplist));
287 list_del_init(&dqp->q_freelist);
288 xfs_Gqm->qm_dqfrlist_cnt--;
289 xfs_dqunlock(dqp);
290 xfs_qm_dqdestroy(dqp);
291 } else {
292 xfs_dqunlock(dqp);
293 }
294 }
295 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
296
297 /*
298 * Destroy the entire XQM. If somebody mounts with quotaon, this'll
299 * be restarted.
300 */
301 mutex_lock(&xfs_Gqm_lock);
302 if (--xfs_Gqm->qm_nrefs == 0) {
303 xfs_qm_destroy(xfs_Gqm);
304 xfs_Gqm = NULL;
305 }
306 mutex_unlock(&xfs_Gqm_lock);
307 }
308
309 /*
310 * Just destroy the quotainfo structure.
311 */
312 void
xfs_qm_unmount(struct xfs_mount * mp)313 xfs_qm_unmount(
314 struct xfs_mount *mp)
315 {
316 if (mp->m_quotainfo) {
317 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL);
318 xfs_qm_destroy_quotainfo(mp);
319 }
320 }
321
322
323 /*
324 * This is called from xfs_mountfs to start quotas and initialize all
325 * necessary data structures like quotainfo. This is also responsible for
326 * running a quotacheck as necessary. We are guaranteed that the superblock
327 * is consistently read in at this point.
328 *
329 * If we fail here, the mount will continue with quota turned off. We don't
330 * need to inidicate success or failure at all.
331 */
332 void
xfs_qm_mount_quotas(xfs_mount_t * mp)333 xfs_qm_mount_quotas(
334 xfs_mount_t *mp)
335 {
336 int error = 0;
337 uint sbf;
338
339 /*
340 * If quotas on realtime volumes is not supported, we disable
341 * quotas immediately.
342 */
343 if (mp->m_sb.sb_rextents) {
344 xfs_notice(mp, "Cannot turn on quotas for realtime filesystem");
345 mp->m_qflags = 0;
346 goto write_changes;
347 }
348
349 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
350
351 /*
352 * Allocate the quotainfo structure inside the mount struct, and
353 * create quotainode(s), and change/rev superblock if necessary.
354 */
355 error = xfs_qm_init_quotainfo(mp);
356 if (error) {
357 /*
358 * We must turn off quotas.
359 */
360 ASSERT(mp->m_quotainfo == NULL);
361 mp->m_qflags = 0;
362 goto write_changes;
363 }
364 /*
365 * If any of the quotas are not consistent, do a quotacheck.
366 */
367 if (XFS_QM_NEED_QUOTACHECK(mp)) {
368 error = xfs_qm_quotacheck(mp);
369 if (error) {
370 /* Quotacheck failed and disabled quotas. */
371 return;
372 }
373 }
374 /*
375 * If one type of quotas is off, then it will lose its
376 * quotachecked status, since we won't be doing accounting for
377 * that type anymore.
378 */
379 if (!XFS_IS_UQUOTA_ON(mp))
380 mp->m_qflags &= ~XFS_UQUOTA_CHKD;
381 if (!(XFS_IS_GQUOTA_ON(mp) || XFS_IS_PQUOTA_ON(mp)))
382 mp->m_qflags &= ~XFS_OQUOTA_CHKD;
383
384 write_changes:
385 /*
386 * We actually don't have to acquire the m_sb_lock at all.
387 * This can only be called from mount, and that's single threaded. XXX
388 */
389 spin_lock(&mp->m_sb_lock);
390 sbf = mp->m_sb.sb_qflags;
391 mp->m_sb.sb_qflags = mp->m_qflags & XFS_MOUNT_QUOTA_ALL;
392 spin_unlock(&mp->m_sb_lock);
393
394 if (sbf != (mp->m_qflags & XFS_MOUNT_QUOTA_ALL)) {
395 if (xfs_qm_write_sb_changes(mp, XFS_SB_QFLAGS)) {
396 /*
397 * We could only have been turning quotas off.
398 * We aren't in very good shape actually because
399 * the incore structures are convinced that quotas are
400 * off, but the on disk superblock doesn't know that !
401 */
402 ASSERT(!(XFS_IS_QUOTA_RUNNING(mp)));
403 xfs_alert(mp, "%s: Superblock update failed!",
404 __func__);
405 }
406 }
407
408 if (error) {
409 xfs_warn(mp, "Failed to initialize disk quotas.");
410 return;
411 }
412
413 #ifdef QUOTADEBUG
414 if (XFS_IS_QUOTA_ON(mp))
415 xfs_qm_internalqcheck(mp);
416 #endif
417 }
418
419 /*
420 * Called from the vfsops layer.
421 */
422 void
xfs_qm_unmount_quotas(xfs_mount_t * mp)423 xfs_qm_unmount_quotas(
424 xfs_mount_t *mp)
425 {
426 /*
427 * Release the dquots that root inode, et al might be holding,
428 * before we flush quotas and blow away the quotainfo structure.
429 */
430 ASSERT(mp->m_rootip);
431 xfs_qm_dqdetach(mp->m_rootip);
432 if (mp->m_rbmip)
433 xfs_qm_dqdetach(mp->m_rbmip);
434 if (mp->m_rsumip)
435 xfs_qm_dqdetach(mp->m_rsumip);
436
437 /*
438 * Release the quota inodes.
439 */
440 if (mp->m_quotainfo) {
441 if (mp->m_quotainfo->qi_uquotaip) {
442 IRELE(mp->m_quotainfo->qi_uquotaip);
443 mp->m_quotainfo->qi_uquotaip = NULL;
444 }
445 if (mp->m_quotainfo->qi_gquotaip) {
446 IRELE(mp->m_quotainfo->qi_gquotaip);
447 mp->m_quotainfo->qi_gquotaip = NULL;
448 }
449 }
450 }
451
452 /*
453 * Flush all dquots of the given file system to disk. The dquots are
454 * _not_ purged from memory here, just their data written to disk.
455 */
456 STATIC int
xfs_qm_dqflush_all(struct xfs_mount * mp,int sync_mode)457 xfs_qm_dqflush_all(
458 struct xfs_mount *mp,
459 int sync_mode)
460 {
461 struct xfs_quotainfo *q = mp->m_quotainfo;
462 int recl;
463 struct xfs_dquot *dqp;
464 int error;
465
466 if (!q)
467 return 0;
468 again:
469 mutex_lock(&q->qi_dqlist_lock);
470 list_for_each_entry(dqp, &q->qi_dqlist, q_mplist) {
471 xfs_dqlock(dqp);
472 if (! XFS_DQ_IS_DIRTY(dqp)) {
473 xfs_dqunlock(dqp);
474 continue;
475 }
476
477 /* XXX a sentinel would be better */
478 recl = q->qi_dqreclaims;
479 if (!xfs_dqflock_nowait(dqp)) {
480 /*
481 * If we can't grab the flush lock then check
482 * to see if the dquot has been flushed delayed
483 * write. If so, grab its buffer and send it
484 * out immediately. We'll be able to acquire
485 * the flush lock when the I/O completes.
486 */
487 xfs_qm_dqflock_pushbuf_wait(dqp);
488 }
489 /*
490 * Let go of the mplist lock. We don't want to hold it
491 * across a disk write.
492 */
493 mutex_unlock(&q->qi_dqlist_lock);
494 error = xfs_qm_dqflush(dqp, sync_mode);
495 xfs_dqunlock(dqp);
496 if (error)
497 return error;
498
499 mutex_lock(&q->qi_dqlist_lock);
500 if (recl != q->qi_dqreclaims) {
501 mutex_unlock(&q->qi_dqlist_lock);
502 /* XXX restart limit */
503 goto again;
504 }
505 }
506
507 mutex_unlock(&q->qi_dqlist_lock);
508 /* return ! busy */
509 return 0;
510 }
511 /*
512 * Release the group dquot pointers the user dquots may be
513 * carrying around as a hint. mplist is locked on entry and exit.
514 */
515 STATIC void
xfs_qm_detach_gdquots(struct xfs_mount * mp)516 xfs_qm_detach_gdquots(
517 struct xfs_mount *mp)
518 {
519 struct xfs_quotainfo *q = mp->m_quotainfo;
520 struct xfs_dquot *dqp, *gdqp;
521 int nrecl;
522
523 again:
524 ASSERT(mutex_is_locked(&q->qi_dqlist_lock));
525 list_for_each_entry(dqp, &q->qi_dqlist, q_mplist) {
526 xfs_dqlock(dqp);
527 if ((gdqp = dqp->q_gdquot)) {
528 xfs_dqlock(gdqp);
529 dqp->q_gdquot = NULL;
530 }
531 xfs_dqunlock(dqp);
532
533 if (gdqp) {
534 /*
535 * Can't hold the mplist lock across a dqput.
536 * XXXmust convert to marker based iterations here.
537 */
538 nrecl = q->qi_dqreclaims;
539 mutex_unlock(&q->qi_dqlist_lock);
540 xfs_qm_dqput(gdqp);
541
542 mutex_lock(&q->qi_dqlist_lock);
543 if (nrecl != q->qi_dqreclaims)
544 goto again;
545 }
546 }
547 }
548
549 /*
550 * Go through all the incore dquots of this file system and take them
551 * off the mplist and hashlist, if the dquot type matches the dqtype
552 * parameter. This is used when turning off quota accounting for
553 * users and/or groups, as well as when the filesystem is unmounting.
554 */
555 STATIC int
xfs_qm_dqpurge_int(struct xfs_mount * mp,uint flags)556 xfs_qm_dqpurge_int(
557 struct xfs_mount *mp,
558 uint flags)
559 {
560 struct xfs_quotainfo *q = mp->m_quotainfo;
561 struct xfs_dquot *dqp, *n;
562 uint dqtype;
563 int nrecl;
564 int nmisses;
565
566 if (!q)
567 return 0;
568
569 dqtype = (flags & XFS_QMOPT_UQUOTA) ? XFS_DQ_USER : 0;
570 dqtype |= (flags & XFS_QMOPT_PQUOTA) ? XFS_DQ_PROJ : 0;
571 dqtype |= (flags & XFS_QMOPT_GQUOTA) ? XFS_DQ_GROUP : 0;
572
573 mutex_lock(&q->qi_dqlist_lock);
574
575 /*
576 * In the first pass through all incore dquots of this filesystem,
577 * we release the group dquot pointers the user dquots may be
578 * carrying around as a hint. We need to do this irrespective of
579 * what's being turned off.
580 */
581 xfs_qm_detach_gdquots(mp);
582
583 again:
584 nmisses = 0;
585 ASSERT(mutex_is_locked(&q->qi_dqlist_lock));
586 /*
587 * Try to get rid of all of the unwanted dquots. The idea is to
588 * get them off mplist and hashlist, but leave them on freelist.
589 */
590 list_for_each_entry_safe(dqp, n, &q->qi_dqlist, q_mplist) {
591 /*
592 * It's OK to look at the type without taking dqlock here.
593 * We're holding the mplist lock here, and that's needed for
594 * a dqreclaim.
595 */
596 if ((dqp->dq_flags & dqtype) == 0)
597 continue;
598
599 if (!mutex_trylock(&dqp->q_hash->qh_lock)) {
600 nrecl = q->qi_dqreclaims;
601 mutex_unlock(&q->qi_dqlist_lock);
602 mutex_lock(&dqp->q_hash->qh_lock);
603 mutex_lock(&q->qi_dqlist_lock);
604
605 /*
606 * XXXTheoretically, we can get into a very long
607 * ping pong game here.
608 * No one can be adding dquots to the mplist at
609 * this point, but somebody might be taking things off.
610 */
611 if (nrecl != q->qi_dqreclaims) {
612 mutex_unlock(&dqp->q_hash->qh_lock);
613 goto again;
614 }
615 }
616
617 /*
618 * Take the dquot off the mplist and hashlist. It may remain on
619 * freelist in INACTIVE state.
620 */
621 nmisses += xfs_qm_dqpurge(dqp);
622 }
623 mutex_unlock(&q->qi_dqlist_lock);
624 return nmisses;
625 }
626
627 int
xfs_qm_dqpurge_all(xfs_mount_t * mp,uint flags)628 xfs_qm_dqpurge_all(
629 xfs_mount_t *mp,
630 uint flags)
631 {
632 int ndquots;
633
634 /*
635 * Purge the dquot cache.
636 * None of the dquots should really be busy at this point.
637 */
638 if (mp->m_quotainfo) {
639 while ((ndquots = xfs_qm_dqpurge_int(mp, flags))) {
640 delay(ndquots * 10);
641 }
642 }
643 return 0;
644 }
645
646 STATIC int
xfs_qm_dqattach_one(xfs_inode_t * ip,xfs_dqid_t id,uint type,uint doalloc,xfs_dquot_t * udqhint,xfs_dquot_t ** IO_idqpp)647 xfs_qm_dqattach_one(
648 xfs_inode_t *ip,
649 xfs_dqid_t id,
650 uint type,
651 uint doalloc,
652 xfs_dquot_t *udqhint, /* hint */
653 xfs_dquot_t **IO_idqpp)
654 {
655 xfs_dquot_t *dqp;
656 int error;
657
658 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
659 error = 0;
660
661 /*
662 * See if we already have it in the inode itself. IO_idqpp is
663 * &i_udquot or &i_gdquot. This made the code look weird, but
664 * made the logic a lot simpler.
665 */
666 dqp = *IO_idqpp;
667 if (dqp) {
668 trace_xfs_dqattach_found(dqp);
669 return 0;
670 }
671
672 /*
673 * udqhint is the i_udquot field in inode, and is non-NULL only
674 * when the type arg is group/project. Its purpose is to save a
675 * lookup by dqid (xfs_qm_dqget) by caching a group dquot inside
676 * the user dquot.
677 */
678 if (udqhint) {
679 ASSERT(type == XFS_DQ_GROUP || type == XFS_DQ_PROJ);
680 xfs_dqlock(udqhint);
681
682 /*
683 * No need to take dqlock to look at the id.
684 *
685 * The ID can't change until it gets reclaimed, and it won't
686 * be reclaimed as long as we have a ref from inode and we
687 * hold the ilock.
688 */
689 dqp = udqhint->q_gdquot;
690 if (dqp && be32_to_cpu(dqp->q_core.d_id) == id) {
691 xfs_dqlock(dqp);
692 XFS_DQHOLD(dqp);
693 ASSERT(*IO_idqpp == NULL);
694 *IO_idqpp = dqp;
695
696 xfs_dqunlock(dqp);
697 xfs_dqunlock(udqhint);
698 return 0;
699 }
700
701 /*
702 * We can't hold a dquot lock when we call the dqget code.
703 * We'll deadlock in no time, because of (not conforming to)
704 * lock ordering - the inodelock comes before any dquot lock,
705 * and we may drop and reacquire the ilock in xfs_qm_dqget().
706 */
707 xfs_dqunlock(udqhint);
708 }
709
710 /*
711 * Find the dquot from somewhere. This bumps the
712 * reference count of dquot and returns it locked.
713 * This can return ENOENT if dquot didn't exist on
714 * disk and we didn't ask it to allocate;
715 * ESRCH if quotas got turned off suddenly.
716 */
717 error = xfs_qm_dqget(ip->i_mount, ip, id, type, XFS_QMOPT_DOWARN, &dqp);
718 if (error)
719 return error;
720
721 trace_xfs_dqattach_get(dqp);
722
723 /*
724 * dqget may have dropped and re-acquired the ilock, but it guarantees
725 * that the dquot returned is the one that should go in the inode.
726 */
727 *IO_idqpp = dqp;
728 xfs_dqunlock(dqp);
729 return 0;
730 }
731
732
733 /*
734 * Given a udquot and gdquot, attach a ptr to the group dquot in the
735 * udquot as a hint for future lookups. The idea sounds simple, but the
736 * execution isn't, because the udquot might have a group dquot attached
737 * already and getting rid of that gets us into lock ordering constraints.
738 * The process is complicated more by the fact that the dquots may or may not
739 * be locked on entry.
740 */
741 STATIC void
xfs_qm_dqattach_grouphint(xfs_dquot_t * udq,xfs_dquot_t * gdq)742 xfs_qm_dqattach_grouphint(
743 xfs_dquot_t *udq,
744 xfs_dquot_t *gdq)
745 {
746 xfs_dquot_t *tmp;
747
748 xfs_dqlock(udq);
749
750 if ((tmp = udq->q_gdquot)) {
751 if (tmp == gdq) {
752 xfs_dqunlock(udq);
753 return;
754 }
755
756 udq->q_gdquot = NULL;
757 /*
758 * We can't keep any dqlocks when calling dqrele,
759 * because the freelist lock comes before dqlocks.
760 */
761 xfs_dqunlock(udq);
762 /*
763 * we took a hard reference once upon a time in dqget,
764 * so give it back when the udquot no longer points at it
765 * dqput() does the unlocking of the dquot.
766 */
767 xfs_qm_dqrele(tmp);
768
769 xfs_dqlock(udq);
770 xfs_dqlock(gdq);
771
772 } else {
773 ASSERT(XFS_DQ_IS_LOCKED(udq));
774 xfs_dqlock(gdq);
775 }
776
777 ASSERT(XFS_DQ_IS_LOCKED(udq));
778 ASSERT(XFS_DQ_IS_LOCKED(gdq));
779 /*
780 * Somebody could have attached a gdquot here,
781 * when we dropped the uqlock. If so, just do nothing.
782 */
783 if (udq->q_gdquot == NULL) {
784 XFS_DQHOLD(gdq);
785 udq->q_gdquot = gdq;
786 }
787
788 xfs_dqunlock(gdq);
789 xfs_dqunlock(udq);
790 }
791
792
793 /*
794 * Given a locked inode, attach dquot(s) to it, taking U/G/P-QUOTAON
795 * into account.
796 * If XFS_QMOPT_DQALLOC, the dquot(s) will be allocated if needed.
797 * Inode may get unlocked and relocked in here, and the caller must deal with
798 * the consequences.
799 */
800 int
xfs_qm_dqattach_locked(xfs_inode_t * ip,uint flags)801 xfs_qm_dqattach_locked(
802 xfs_inode_t *ip,
803 uint flags)
804 {
805 xfs_mount_t *mp = ip->i_mount;
806 uint nquotas = 0;
807 int error = 0;
808
809 if (!XFS_IS_QUOTA_RUNNING(mp) ||
810 !XFS_IS_QUOTA_ON(mp) ||
811 !XFS_NOT_DQATTACHED(mp, ip) ||
812 ip->i_ino == mp->m_sb.sb_uquotino ||
813 ip->i_ino == mp->m_sb.sb_gquotino)
814 return 0;
815
816 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
817
818 if (XFS_IS_UQUOTA_ON(mp)) {
819 error = xfs_qm_dqattach_one(ip, ip->i_d.di_uid, XFS_DQ_USER,
820 flags & XFS_QMOPT_DQALLOC,
821 NULL, &ip->i_udquot);
822 if (error)
823 goto done;
824 nquotas++;
825 }
826
827 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
828 if (XFS_IS_OQUOTA_ON(mp)) {
829 error = XFS_IS_GQUOTA_ON(mp) ?
830 xfs_qm_dqattach_one(ip, ip->i_d.di_gid, XFS_DQ_GROUP,
831 flags & XFS_QMOPT_DQALLOC,
832 ip->i_udquot, &ip->i_gdquot) :
833 xfs_qm_dqattach_one(ip, xfs_get_projid(ip), XFS_DQ_PROJ,
834 flags & XFS_QMOPT_DQALLOC,
835 ip->i_udquot, &ip->i_gdquot);
836 /*
837 * Don't worry about the udquot that we may have
838 * attached above. It'll get detached, if not already.
839 */
840 if (error)
841 goto done;
842 nquotas++;
843 }
844
845 /*
846 * Attach this group quota to the user quota as a hint.
847 * This WON'T, in general, result in a thrash.
848 */
849 if (nquotas == 2) {
850 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
851 ASSERT(ip->i_udquot);
852 ASSERT(ip->i_gdquot);
853
854 /*
855 * We may or may not have the i_udquot locked at this point,
856 * but this check is OK since we don't depend on the i_gdquot to
857 * be accurate 100% all the time. It is just a hint, and this
858 * will succeed in general.
859 */
860 if (ip->i_udquot->q_gdquot == ip->i_gdquot)
861 goto done;
862 /*
863 * Attach i_gdquot to the gdquot hint inside the i_udquot.
864 */
865 xfs_qm_dqattach_grouphint(ip->i_udquot, ip->i_gdquot);
866 }
867
868 done:
869 #ifdef QUOTADEBUG
870 if (! error) {
871 if (XFS_IS_UQUOTA_ON(mp))
872 ASSERT(ip->i_udquot);
873 if (XFS_IS_OQUOTA_ON(mp))
874 ASSERT(ip->i_gdquot);
875 }
876 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
877 #endif
878 return error;
879 }
880
881 int
xfs_qm_dqattach(struct xfs_inode * ip,uint flags)882 xfs_qm_dqattach(
883 struct xfs_inode *ip,
884 uint flags)
885 {
886 int error;
887
888 xfs_ilock(ip, XFS_ILOCK_EXCL);
889 error = xfs_qm_dqattach_locked(ip, flags);
890 xfs_iunlock(ip, XFS_ILOCK_EXCL);
891
892 return error;
893 }
894
895 /*
896 * Release dquots (and their references) if any.
897 * The inode should be locked EXCL except when this's called by
898 * xfs_ireclaim.
899 */
900 void
xfs_qm_dqdetach(xfs_inode_t * ip)901 xfs_qm_dqdetach(
902 xfs_inode_t *ip)
903 {
904 if (!(ip->i_udquot || ip->i_gdquot))
905 return;
906
907 trace_xfs_dquot_dqdetach(ip);
908
909 ASSERT(ip->i_ino != ip->i_mount->m_sb.sb_uquotino);
910 ASSERT(ip->i_ino != ip->i_mount->m_sb.sb_gquotino);
911 if (ip->i_udquot) {
912 xfs_qm_dqrele(ip->i_udquot);
913 ip->i_udquot = NULL;
914 }
915 if (ip->i_gdquot) {
916 xfs_qm_dqrele(ip->i_gdquot);
917 ip->i_gdquot = NULL;
918 }
919 }
920
921 int
xfs_qm_sync(struct xfs_mount * mp,int flags)922 xfs_qm_sync(
923 struct xfs_mount *mp,
924 int flags)
925 {
926 struct xfs_quotainfo *q = mp->m_quotainfo;
927 int recl, restarts;
928 struct xfs_dquot *dqp;
929 int error;
930
931 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
932 return 0;
933
934 restarts = 0;
935
936 again:
937 mutex_lock(&q->qi_dqlist_lock);
938 /*
939 * dqpurge_all() also takes the mplist lock and iterate thru all dquots
940 * in quotaoff. However, if the QUOTA_ACTIVE bits are not cleared
941 * when we have the mplist lock, we know that dquots will be consistent
942 * as long as we have it locked.
943 */
944 if (!XFS_IS_QUOTA_ON(mp)) {
945 mutex_unlock(&q->qi_dqlist_lock);
946 return 0;
947 }
948 ASSERT(mutex_is_locked(&q->qi_dqlist_lock));
949 list_for_each_entry(dqp, &q->qi_dqlist, q_mplist) {
950 /*
951 * If this is vfs_sync calling, then skip the dquots that
952 * don't 'seem' to be dirty. ie. don't acquire dqlock.
953 * This is very similar to what xfs_sync does with inodes.
954 */
955 if (flags & SYNC_TRYLOCK) {
956 if (!XFS_DQ_IS_DIRTY(dqp))
957 continue;
958 if (!xfs_qm_dqlock_nowait(dqp))
959 continue;
960 } else {
961 xfs_dqlock(dqp);
962 }
963
964 /*
965 * Now, find out for sure if this dquot is dirty or not.
966 */
967 if (! XFS_DQ_IS_DIRTY(dqp)) {
968 xfs_dqunlock(dqp);
969 continue;
970 }
971
972 /* XXX a sentinel would be better */
973 recl = q->qi_dqreclaims;
974 if (!xfs_dqflock_nowait(dqp)) {
975 if (flags & SYNC_TRYLOCK) {
976 xfs_dqunlock(dqp);
977 continue;
978 }
979 /*
980 * If we can't grab the flush lock then if the caller
981 * really wanted us to give this our best shot, so
982 * see if we can give a push to the buffer before we wait
983 * on the flush lock. At this point, we know that
984 * even though the dquot is being flushed,
985 * it has (new) dirty data.
986 */
987 xfs_qm_dqflock_pushbuf_wait(dqp);
988 }
989 /*
990 * Let go of the mplist lock. We don't want to hold it
991 * across a disk write
992 */
993 mutex_unlock(&q->qi_dqlist_lock);
994 error = xfs_qm_dqflush(dqp, flags);
995 xfs_dqunlock(dqp);
996 if (error && XFS_FORCED_SHUTDOWN(mp))
997 return 0; /* Need to prevent umount failure */
998 else if (error)
999 return error;
1000
1001 mutex_lock(&q->qi_dqlist_lock);
1002 if (recl != q->qi_dqreclaims) {
1003 if (++restarts >= XFS_QM_SYNC_MAX_RESTARTS)
1004 break;
1005
1006 mutex_unlock(&q->qi_dqlist_lock);
1007 goto again;
1008 }
1009 }
1010
1011 mutex_unlock(&q->qi_dqlist_lock);
1012 return 0;
1013 }
1014
1015 /*
1016 * The hash chains and the mplist use the same xfs_dqhash structure as
1017 * their list head, but we can take the mplist qh_lock and one of the
1018 * hash qh_locks at the same time without any problem as they aren't
1019 * related.
1020 */
1021 static struct lock_class_key xfs_quota_mplist_class;
1022
1023 /*
1024 * This initializes all the quota information that's kept in the
1025 * mount structure
1026 */
1027 STATIC int
xfs_qm_init_quotainfo(xfs_mount_t * mp)1028 xfs_qm_init_quotainfo(
1029 xfs_mount_t *mp)
1030 {
1031 xfs_quotainfo_t *qinf;
1032 int error;
1033 xfs_dquot_t *dqp;
1034
1035 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1036
1037 /*
1038 * Tell XQM that we exist as soon as possible.
1039 */
1040 if ((error = xfs_qm_hold_quotafs_ref(mp))) {
1041 return error;
1042 }
1043
1044 qinf = mp->m_quotainfo = kmem_zalloc(sizeof(xfs_quotainfo_t), KM_SLEEP);
1045
1046 /*
1047 * See if quotainodes are setup, and if not, allocate them,
1048 * and change the superblock accordingly.
1049 */
1050 if ((error = xfs_qm_init_quotainos(mp))) {
1051 kmem_free(qinf);
1052 mp->m_quotainfo = NULL;
1053 return error;
1054 }
1055
1056 INIT_LIST_HEAD(&qinf->qi_dqlist);
1057 mutex_init(&qinf->qi_dqlist_lock);
1058 lockdep_set_class(&qinf->qi_dqlist_lock, &xfs_quota_mplist_class);
1059
1060 qinf->qi_dqreclaims = 0;
1061
1062 /* mutex used to serialize quotaoffs */
1063 mutex_init(&qinf->qi_quotaofflock);
1064
1065 /* Precalc some constants */
1066 qinf->qi_dqchunklen = XFS_FSB_TO_BB(mp, XFS_DQUOT_CLUSTER_SIZE_FSB);
1067 ASSERT(qinf->qi_dqchunklen);
1068 qinf->qi_dqperchunk = BBTOB(qinf->qi_dqchunklen);
1069 do_div(qinf->qi_dqperchunk, sizeof(xfs_dqblk_t));
1070
1071 mp->m_qflags |= (mp->m_sb.sb_qflags & XFS_ALL_QUOTA_CHKD);
1072
1073 /*
1074 * We try to get the limits from the superuser's limits fields.
1075 * This is quite hacky, but it is standard quota practice.
1076 * We look at the USR dquot with id == 0 first, but if user quotas
1077 * are not enabled we goto the GRP dquot with id == 0.
1078 * We don't really care to keep separate default limits for user
1079 * and group quotas, at least not at this point.
1080 */
1081 error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)0,
1082 XFS_IS_UQUOTA_RUNNING(mp) ? XFS_DQ_USER :
1083 (XFS_IS_GQUOTA_RUNNING(mp) ? XFS_DQ_GROUP :
1084 XFS_DQ_PROJ),
1085 XFS_QMOPT_DQSUSER|XFS_QMOPT_DOWARN,
1086 &dqp);
1087 if (! error) {
1088 xfs_disk_dquot_t *ddqp = &dqp->q_core;
1089
1090 /*
1091 * The warnings and timers set the grace period given to
1092 * a user or group before he or she can not perform any
1093 * more writing. If it is zero, a default is used.
1094 */
1095 qinf->qi_btimelimit = ddqp->d_btimer ?
1096 be32_to_cpu(ddqp->d_btimer) : XFS_QM_BTIMELIMIT;
1097 qinf->qi_itimelimit = ddqp->d_itimer ?
1098 be32_to_cpu(ddqp->d_itimer) : XFS_QM_ITIMELIMIT;
1099 qinf->qi_rtbtimelimit = ddqp->d_rtbtimer ?
1100 be32_to_cpu(ddqp->d_rtbtimer) : XFS_QM_RTBTIMELIMIT;
1101 qinf->qi_bwarnlimit = ddqp->d_bwarns ?
1102 be16_to_cpu(ddqp->d_bwarns) : XFS_QM_BWARNLIMIT;
1103 qinf->qi_iwarnlimit = ddqp->d_iwarns ?
1104 be16_to_cpu(ddqp->d_iwarns) : XFS_QM_IWARNLIMIT;
1105 qinf->qi_rtbwarnlimit = ddqp->d_rtbwarns ?
1106 be16_to_cpu(ddqp->d_rtbwarns) : XFS_QM_RTBWARNLIMIT;
1107 qinf->qi_bhardlimit = be64_to_cpu(ddqp->d_blk_hardlimit);
1108 qinf->qi_bsoftlimit = be64_to_cpu(ddqp->d_blk_softlimit);
1109 qinf->qi_ihardlimit = be64_to_cpu(ddqp->d_ino_hardlimit);
1110 qinf->qi_isoftlimit = be64_to_cpu(ddqp->d_ino_softlimit);
1111 qinf->qi_rtbhardlimit = be64_to_cpu(ddqp->d_rtb_hardlimit);
1112 qinf->qi_rtbsoftlimit = be64_to_cpu(ddqp->d_rtb_softlimit);
1113
1114 /*
1115 * We sent the XFS_QMOPT_DQSUSER flag to dqget because
1116 * we don't want this dquot cached. We haven't done a
1117 * quotacheck yet, and quotacheck doesn't like incore dquots.
1118 */
1119 xfs_qm_dqdestroy(dqp);
1120 } else {
1121 qinf->qi_btimelimit = XFS_QM_BTIMELIMIT;
1122 qinf->qi_itimelimit = XFS_QM_ITIMELIMIT;
1123 qinf->qi_rtbtimelimit = XFS_QM_RTBTIMELIMIT;
1124 qinf->qi_bwarnlimit = XFS_QM_BWARNLIMIT;
1125 qinf->qi_iwarnlimit = XFS_QM_IWARNLIMIT;
1126 qinf->qi_rtbwarnlimit = XFS_QM_RTBWARNLIMIT;
1127 }
1128
1129 return 0;
1130 }
1131
1132
1133 /*
1134 * Gets called when unmounting a filesystem or when all quotas get
1135 * turned off.
1136 * This purges the quota inodes, destroys locks and frees itself.
1137 */
1138 void
xfs_qm_destroy_quotainfo(xfs_mount_t * mp)1139 xfs_qm_destroy_quotainfo(
1140 xfs_mount_t *mp)
1141 {
1142 xfs_quotainfo_t *qi;
1143
1144 qi = mp->m_quotainfo;
1145 ASSERT(qi != NULL);
1146 ASSERT(xfs_Gqm != NULL);
1147
1148 /*
1149 * Release the reference that XQM kept, so that we know
1150 * when the XQM structure should be freed. We cannot assume
1151 * that xfs_Gqm is non-null after this point.
1152 */
1153 xfs_qm_rele_quotafs_ref(mp);
1154
1155 ASSERT(list_empty(&qi->qi_dqlist));
1156 mutex_destroy(&qi->qi_dqlist_lock);
1157
1158 if (qi->qi_uquotaip) {
1159 IRELE(qi->qi_uquotaip);
1160 qi->qi_uquotaip = NULL; /* paranoia */
1161 }
1162 if (qi->qi_gquotaip) {
1163 IRELE(qi->qi_gquotaip);
1164 qi->qi_gquotaip = NULL;
1165 }
1166 mutex_destroy(&qi->qi_quotaofflock);
1167 kmem_free(qi);
1168 mp->m_quotainfo = NULL;
1169 }
1170
1171
1172
1173 /* ------------------- PRIVATE STATIC FUNCTIONS ----------------------- */
1174
1175 /* ARGSUSED */
1176 STATIC void
xfs_qm_list_init(xfs_dqlist_t * list,char * str,int n)1177 xfs_qm_list_init(
1178 xfs_dqlist_t *list,
1179 char *str,
1180 int n)
1181 {
1182 mutex_init(&list->qh_lock);
1183 INIT_LIST_HEAD(&list->qh_list);
1184 list->qh_version = 0;
1185 list->qh_nelems = 0;
1186 }
1187
1188 STATIC void
xfs_qm_list_destroy(xfs_dqlist_t * list)1189 xfs_qm_list_destroy(
1190 xfs_dqlist_t *list)
1191 {
1192 mutex_destroy(&(list->qh_lock));
1193 }
1194
1195 /*
1196 * Create an inode and return with a reference already taken, but unlocked
1197 * This is how we create quota inodes
1198 */
1199 STATIC int
xfs_qm_qino_alloc(xfs_mount_t * mp,xfs_inode_t ** ip,__int64_t sbfields,uint flags)1200 xfs_qm_qino_alloc(
1201 xfs_mount_t *mp,
1202 xfs_inode_t **ip,
1203 __int64_t sbfields,
1204 uint flags)
1205 {
1206 xfs_trans_t *tp;
1207 int error;
1208 int committed;
1209
1210 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QINOCREATE);
1211 if ((error = xfs_trans_reserve(tp,
1212 XFS_QM_QINOCREATE_SPACE_RES(mp),
1213 XFS_CREATE_LOG_RES(mp), 0,
1214 XFS_TRANS_PERM_LOG_RES,
1215 XFS_CREATE_LOG_COUNT))) {
1216 xfs_trans_cancel(tp, 0);
1217 return error;
1218 }
1219
1220 error = xfs_dir_ialloc(&tp, NULL, S_IFREG, 1, 0, 0, 1, ip, &committed);
1221 if (error) {
1222 xfs_trans_cancel(tp, XFS_TRANS_RELEASE_LOG_RES |
1223 XFS_TRANS_ABORT);
1224 return error;
1225 }
1226
1227 /*
1228 * Make the changes in the superblock, and log those too.
1229 * sbfields arg may contain fields other than *QUOTINO;
1230 * VERSIONNUM for example.
1231 */
1232 spin_lock(&mp->m_sb_lock);
1233 if (flags & XFS_QMOPT_SBVERSION) {
1234 ASSERT(!xfs_sb_version_hasquota(&mp->m_sb));
1235 ASSERT((sbfields & (XFS_SB_VERSIONNUM | XFS_SB_UQUOTINO |
1236 XFS_SB_GQUOTINO | XFS_SB_QFLAGS)) ==
1237 (XFS_SB_VERSIONNUM | XFS_SB_UQUOTINO |
1238 XFS_SB_GQUOTINO | XFS_SB_QFLAGS));
1239
1240 xfs_sb_version_addquota(&mp->m_sb);
1241 mp->m_sb.sb_uquotino = NULLFSINO;
1242 mp->m_sb.sb_gquotino = NULLFSINO;
1243
1244 /* qflags will get updated _after_ quotacheck */
1245 mp->m_sb.sb_qflags = 0;
1246 }
1247 if (flags & XFS_QMOPT_UQUOTA)
1248 mp->m_sb.sb_uquotino = (*ip)->i_ino;
1249 else
1250 mp->m_sb.sb_gquotino = (*ip)->i_ino;
1251 spin_unlock(&mp->m_sb_lock);
1252 xfs_mod_sb(tp, sbfields);
1253
1254 if ((error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES))) {
1255 xfs_alert(mp, "%s failed (error %d)!", __func__, error);
1256 return error;
1257 }
1258 return 0;
1259 }
1260
1261
1262 STATIC void
xfs_qm_reset_dqcounts(xfs_mount_t * mp,xfs_buf_t * bp,xfs_dqid_t id,uint type)1263 xfs_qm_reset_dqcounts(
1264 xfs_mount_t *mp,
1265 xfs_buf_t *bp,
1266 xfs_dqid_t id,
1267 uint type)
1268 {
1269 xfs_disk_dquot_t *ddq;
1270 int j;
1271
1272 trace_xfs_reset_dqcounts(bp, _RET_IP_);
1273
1274 /*
1275 * Reset all counters and timers. They'll be
1276 * started afresh by xfs_qm_quotacheck.
1277 */
1278 #ifdef DEBUG
1279 j = XFS_FSB_TO_B(mp, XFS_DQUOT_CLUSTER_SIZE_FSB);
1280 do_div(j, sizeof(xfs_dqblk_t));
1281 ASSERT(mp->m_quotainfo->qi_dqperchunk == j);
1282 #endif
1283 ddq = (xfs_disk_dquot_t *)XFS_BUF_PTR(bp);
1284 for (j = 0; j < mp->m_quotainfo->qi_dqperchunk; j++) {
1285 /*
1286 * Do a sanity check, and if needed, repair the dqblk. Don't
1287 * output any warnings because it's perfectly possible to
1288 * find uninitialised dquot blks. See comment in xfs_qm_dqcheck.
1289 */
1290 (void) xfs_qm_dqcheck(mp, ddq, id+j, type, XFS_QMOPT_DQREPAIR,
1291 "xfs_quotacheck");
1292 ddq->d_bcount = 0;
1293 ddq->d_icount = 0;
1294 ddq->d_rtbcount = 0;
1295 ddq->d_btimer = 0;
1296 ddq->d_itimer = 0;
1297 ddq->d_rtbtimer = 0;
1298 ddq->d_bwarns = 0;
1299 ddq->d_iwarns = 0;
1300 ddq->d_rtbwarns = 0;
1301 ddq = (xfs_disk_dquot_t *) ((xfs_dqblk_t *)ddq + 1);
1302 }
1303 }
1304
1305 STATIC int
xfs_qm_dqiter_bufs(xfs_mount_t * mp,xfs_dqid_t firstid,xfs_fsblock_t bno,xfs_filblks_t blkcnt,uint flags)1306 xfs_qm_dqiter_bufs(
1307 xfs_mount_t *mp,
1308 xfs_dqid_t firstid,
1309 xfs_fsblock_t bno,
1310 xfs_filblks_t blkcnt,
1311 uint flags)
1312 {
1313 xfs_buf_t *bp;
1314 int error;
1315 int type;
1316
1317 ASSERT(blkcnt > 0);
1318 type = flags & XFS_QMOPT_UQUOTA ? XFS_DQ_USER :
1319 (flags & XFS_QMOPT_PQUOTA ? XFS_DQ_PROJ : XFS_DQ_GROUP);
1320 error = 0;
1321
1322 /*
1323 * Blkcnt arg can be a very big number, and might even be
1324 * larger than the log itself. So, we have to break it up into
1325 * manageable-sized transactions.
1326 * Note that we don't start a permanent transaction here; we might
1327 * not be able to get a log reservation for the whole thing up front,
1328 * and we don't really care to either, because we just discard
1329 * everything if we were to crash in the middle of this loop.
1330 */
1331 while (blkcnt--) {
1332 error = xfs_trans_read_buf(mp, NULL, mp->m_ddev_targp,
1333 XFS_FSB_TO_DADDR(mp, bno),
1334 mp->m_quotainfo->qi_dqchunklen, 0, &bp);
1335 if (error)
1336 break;
1337
1338 xfs_qm_reset_dqcounts(mp, bp, firstid, type);
1339 xfs_bdwrite(mp, bp);
1340 /*
1341 * goto the next block.
1342 */
1343 bno++;
1344 firstid += mp->m_quotainfo->qi_dqperchunk;
1345 }
1346 return error;
1347 }
1348
1349 /*
1350 * Iterate over all allocated USR/GRP/PRJ dquots in the system, calling a
1351 * caller supplied function for every chunk of dquots that we find.
1352 */
1353 STATIC int
xfs_qm_dqiterate(xfs_mount_t * mp,xfs_inode_t * qip,uint flags)1354 xfs_qm_dqiterate(
1355 xfs_mount_t *mp,
1356 xfs_inode_t *qip,
1357 uint flags)
1358 {
1359 xfs_bmbt_irec_t *map;
1360 int i, nmaps; /* number of map entries */
1361 int error; /* return value */
1362 xfs_fileoff_t lblkno;
1363 xfs_filblks_t maxlblkcnt;
1364 xfs_dqid_t firstid;
1365 xfs_fsblock_t rablkno;
1366 xfs_filblks_t rablkcnt;
1367
1368 error = 0;
1369 /*
1370 * This looks racy, but we can't keep an inode lock across a
1371 * trans_reserve. But, this gets called during quotacheck, and that
1372 * happens only at mount time which is single threaded.
1373 */
1374 if (qip->i_d.di_nblocks == 0)
1375 return 0;
1376
1377 map = kmem_alloc(XFS_DQITER_MAP_SIZE * sizeof(*map), KM_SLEEP);
1378
1379 lblkno = 0;
1380 maxlblkcnt = XFS_B_TO_FSB(mp, (xfs_ufsize_t)XFS_MAXIOFFSET(mp));
1381 do {
1382 nmaps = XFS_DQITER_MAP_SIZE;
1383 /*
1384 * We aren't changing the inode itself. Just changing
1385 * some of its data. No new blocks are added here, and
1386 * the inode is never added to the transaction.
1387 */
1388 xfs_ilock(qip, XFS_ILOCK_SHARED);
1389 error = xfs_bmapi(NULL, qip, lblkno,
1390 maxlblkcnt - lblkno,
1391 XFS_BMAPI_METADATA,
1392 NULL,
1393 0, map, &nmaps, NULL);
1394 xfs_iunlock(qip, XFS_ILOCK_SHARED);
1395 if (error)
1396 break;
1397
1398 ASSERT(nmaps <= XFS_DQITER_MAP_SIZE);
1399 for (i = 0; i < nmaps; i++) {
1400 ASSERT(map[i].br_startblock != DELAYSTARTBLOCK);
1401 ASSERT(map[i].br_blockcount);
1402
1403
1404 lblkno += map[i].br_blockcount;
1405
1406 if (map[i].br_startblock == HOLESTARTBLOCK)
1407 continue;
1408
1409 firstid = (xfs_dqid_t) map[i].br_startoff *
1410 mp->m_quotainfo->qi_dqperchunk;
1411 /*
1412 * Do a read-ahead on the next extent.
1413 */
1414 if ((i+1 < nmaps) &&
1415 (map[i+1].br_startblock != HOLESTARTBLOCK)) {
1416 rablkcnt = map[i+1].br_blockcount;
1417 rablkno = map[i+1].br_startblock;
1418 while (rablkcnt--) {
1419 xfs_buf_readahead(mp->m_ddev_targp,
1420 XFS_FSB_TO_DADDR(mp, rablkno),
1421 mp->m_quotainfo->qi_dqchunklen);
1422 rablkno++;
1423 }
1424 }
1425 /*
1426 * Iterate thru all the blks in the extent and
1427 * reset the counters of all the dquots inside them.
1428 */
1429 if ((error = xfs_qm_dqiter_bufs(mp,
1430 firstid,
1431 map[i].br_startblock,
1432 map[i].br_blockcount,
1433 flags))) {
1434 break;
1435 }
1436 }
1437
1438 if (error)
1439 break;
1440 } while (nmaps > 0);
1441
1442 kmem_free(map);
1443
1444 return error;
1445 }
1446
1447 /*
1448 * Called by dqusage_adjust in doing a quotacheck.
1449 *
1450 * Given the inode, and a dquot id this updates both the incore dqout as well
1451 * as the buffer copy. This is so that once the quotacheck is done, we can
1452 * just log all the buffers, as opposed to logging numerous updates to
1453 * individual dquots.
1454 */
1455 STATIC int
xfs_qm_quotacheck_dqadjust(struct xfs_inode * ip,xfs_dqid_t id,uint type,xfs_qcnt_t nblks,xfs_qcnt_t rtblks)1456 xfs_qm_quotacheck_dqadjust(
1457 struct xfs_inode *ip,
1458 xfs_dqid_t id,
1459 uint type,
1460 xfs_qcnt_t nblks,
1461 xfs_qcnt_t rtblks)
1462 {
1463 struct xfs_mount *mp = ip->i_mount;
1464 struct xfs_dquot *dqp;
1465 int error;
1466
1467 error = xfs_qm_dqget(mp, ip, id, type,
1468 XFS_QMOPT_DQALLOC | XFS_QMOPT_DOWARN, &dqp);
1469 if (error) {
1470 /*
1471 * Shouldn't be able to turn off quotas here.
1472 */
1473 ASSERT(error != ESRCH);
1474 ASSERT(error != ENOENT);
1475 return error;
1476 }
1477
1478 trace_xfs_dqadjust(dqp);
1479
1480 /*
1481 * Adjust the inode count and the block count to reflect this inode's
1482 * resource usage.
1483 */
1484 be64_add_cpu(&dqp->q_core.d_icount, 1);
1485 dqp->q_res_icount++;
1486 if (nblks) {
1487 be64_add_cpu(&dqp->q_core.d_bcount, nblks);
1488 dqp->q_res_bcount += nblks;
1489 }
1490 if (rtblks) {
1491 be64_add_cpu(&dqp->q_core.d_rtbcount, rtblks);
1492 dqp->q_res_rtbcount += rtblks;
1493 }
1494
1495 /*
1496 * Set default limits, adjust timers (since we changed usages)
1497 *
1498 * There are no timers for the default values set in the root dquot.
1499 */
1500 if (dqp->q_core.d_id) {
1501 xfs_qm_adjust_dqlimits(mp, &dqp->q_core);
1502 xfs_qm_adjust_dqtimers(mp, &dqp->q_core);
1503 }
1504
1505 dqp->dq_flags |= XFS_DQ_DIRTY;
1506 xfs_qm_dqput(dqp);
1507 return 0;
1508 }
1509
1510 STATIC int
xfs_qm_get_rtblks(xfs_inode_t * ip,xfs_qcnt_t * O_rtblks)1511 xfs_qm_get_rtblks(
1512 xfs_inode_t *ip,
1513 xfs_qcnt_t *O_rtblks)
1514 {
1515 xfs_filblks_t rtblks; /* total rt blks */
1516 xfs_extnum_t idx; /* extent record index */
1517 xfs_ifork_t *ifp; /* inode fork pointer */
1518 xfs_extnum_t nextents; /* number of extent entries */
1519 int error;
1520
1521 ASSERT(XFS_IS_REALTIME_INODE(ip));
1522 ifp = XFS_IFORK_PTR(ip, XFS_DATA_FORK);
1523 if (!(ifp->if_flags & XFS_IFEXTENTS)) {
1524 if ((error = xfs_iread_extents(NULL, ip, XFS_DATA_FORK)))
1525 return error;
1526 }
1527 rtblks = 0;
1528 nextents = ifp->if_bytes / (uint)sizeof(xfs_bmbt_rec_t);
1529 for (idx = 0; idx < nextents; idx++)
1530 rtblks += xfs_bmbt_get_blockcount(xfs_iext_get_ext(ifp, idx));
1531 *O_rtblks = (xfs_qcnt_t)rtblks;
1532 return 0;
1533 }
1534
1535 /*
1536 * callback routine supplied to bulkstat(). Given an inumber, find its
1537 * dquots and update them to account for resources taken by that inode.
1538 */
1539 /* ARGSUSED */
1540 STATIC int
xfs_qm_dqusage_adjust(xfs_mount_t * mp,xfs_ino_t ino,void __user * buffer,int ubsize,int * ubused,int * res)1541 xfs_qm_dqusage_adjust(
1542 xfs_mount_t *mp, /* mount point for filesystem */
1543 xfs_ino_t ino, /* inode number to get data for */
1544 void __user *buffer, /* not used */
1545 int ubsize, /* not used */
1546 int *ubused, /* not used */
1547 int *res) /* result code value */
1548 {
1549 xfs_inode_t *ip;
1550 xfs_qcnt_t nblks, rtblks = 0;
1551 int error;
1552
1553 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1554
1555 /*
1556 * rootino must have its resources accounted for, not so with the quota
1557 * inodes.
1558 */
1559 if (ino == mp->m_sb.sb_uquotino || ino == mp->m_sb.sb_gquotino) {
1560 *res = BULKSTAT_RV_NOTHING;
1561 return XFS_ERROR(EINVAL);
1562 }
1563
1564 /*
1565 * We don't _need_ to take the ilock EXCL. However, the xfs_qm_dqget
1566 * interface expects the inode to be exclusively locked because that's
1567 * the case in all other instances. It's OK that we do this because
1568 * quotacheck is done only at mount time.
1569 */
1570 error = xfs_iget(mp, NULL, ino, 0, XFS_ILOCK_EXCL, &ip);
1571 if (error) {
1572 *res = BULKSTAT_RV_NOTHING;
1573 return error;
1574 }
1575
1576 ASSERT(ip->i_delayed_blks == 0);
1577
1578 if (XFS_IS_REALTIME_INODE(ip)) {
1579 /*
1580 * Walk thru the extent list and count the realtime blocks.
1581 */
1582 error = xfs_qm_get_rtblks(ip, &rtblks);
1583 if (error)
1584 goto error0;
1585 }
1586
1587 nblks = (xfs_qcnt_t)ip->i_d.di_nblocks - rtblks;
1588
1589 /*
1590 * Add the (disk blocks and inode) resources occupied by this
1591 * inode to its dquots. We do this adjustment in the incore dquot,
1592 * and also copy the changes to its buffer.
1593 * We don't care about putting these changes in a transaction
1594 * envelope because if we crash in the middle of a 'quotacheck'
1595 * we have to start from the beginning anyway.
1596 * Once we're done, we'll log all the dquot bufs.
1597 *
1598 * The *QUOTA_ON checks below may look pretty racy, but quotachecks
1599 * and quotaoffs don't race. (Quotachecks happen at mount time only).
1600 */
1601 if (XFS_IS_UQUOTA_ON(mp)) {
1602 error = xfs_qm_quotacheck_dqadjust(ip, ip->i_d.di_uid,
1603 XFS_DQ_USER, nblks, rtblks);
1604 if (error)
1605 goto error0;
1606 }
1607
1608 if (XFS_IS_GQUOTA_ON(mp)) {
1609 error = xfs_qm_quotacheck_dqadjust(ip, ip->i_d.di_gid,
1610 XFS_DQ_GROUP, nblks, rtblks);
1611 if (error)
1612 goto error0;
1613 }
1614
1615 if (XFS_IS_PQUOTA_ON(mp)) {
1616 error = xfs_qm_quotacheck_dqadjust(ip, xfs_get_projid(ip),
1617 XFS_DQ_PROJ, nblks, rtblks);
1618 if (error)
1619 goto error0;
1620 }
1621
1622 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1623 IRELE(ip);
1624 *res = BULKSTAT_RV_DIDONE;
1625 return 0;
1626
1627 error0:
1628 xfs_iunlock(ip, XFS_ILOCK_EXCL);
1629 IRELE(ip);
1630 *res = BULKSTAT_RV_GIVEUP;
1631 return error;
1632 }
1633
1634 /*
1635 * Walk thru all the filesystem inodes and construct a consistent view
1636 * of the disk quota world. If the quotacheck fails, disable quotas.
1637 */
1638 int
xfs_qm_quotacheck(xfs_mount_t * mp)1639 xfs_qm_quotacheck(
1640 xfs_mount_t *mp)
1641 {
1642 int done, count, error;
1643 xfs_ino_t lastino;
1644 size_t structsz;
1645 xfs_inode_t *uip, *gip;
1646 uint flags;
1647
1648 count = INT_MAX;
1649 structsz = 1;
1650 lastino = 0;
1651 flags = 0;
1652
1653 ASSERT(mp->m_quotainfo->qi_uquotaip || mp->m_quotainfo->qi_gquotaip);
1654 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
1655
1656 /*
1657 * There should be no cached dquots. The (simplistic) quotacheck
1658 * algorithm doesn't like that.
1659 */
1660 ASSERT(list_empty(&mp->m_quotainfo->qi_dqlist));
1661
1662 xfs_notice(mp, "Quotacheck needed: Please wait.");
1663
1664 /*
1665 * First we go thru all the dquots on disk, USR and GRP/PRJ, and reset
1666 * their counters to zero. We need a clean slate.
1667 * We don't log our changes till later.
1668 */
1669 uip = mp->m_quotainfo->qi_uquotaip;
1670 if (uip) {
1671 error = xfs_qm_dqiterate(mp, uip, XFS_QMOPT_UQUOTA);
1672 if (error)
1673 goto error_return;
1674 flags |= XFS_UQUOTA_CHKD;
1675 }
1676
1677 gip = mp->m_quotainfo->qi_gquotaip;
1678 if (gip) {
1679 error = xfs_qm_dqiterate(mp, gip, XFS_IS_GQUOTA_ON(mp) ?
1680 XFS_QMOPT_GQUOTA : XFS_QMOPT_PQUOTA);
1681 if (error)
1682 goto error_return;
1683 flags |= XFS_OQUOTA_CHKD;
1684 }
1685
1686 do {
1687 /*
1688 * Iterate thru all the inodes in the file system,
1689 * adjusting the corresponding dquot counters in core.
1690 */
1691 error = xfs_bulkstat(mp, &lastino, &count,
1692 xfs_qm_dqusage_adjust,
1693 structsz, NULL, &done);
1694 if (error)
1695 break;
1696
1697 } while (!done);
1698
1699 /*
1700 * We've made all the changes that we need to make incore.
1701 * Flush them down to disk buffers if everything was updated
1702 * successfully.
1703 */
1704 if (!error)
1705 error = xfs_qm_dqflush_all(mp, 0);
1706
1707 /*
1708 * We can get this error if we couldn't do a dquot allocation inside
1709 * xfs_qm_dqusage_adjust (via bulkstat). We don't care about the
1710 * dirty dquots that might be cached, we just want to get rid of them
1711 * and turn quotaoff. The dquots won't be attached to any of the inodes
1712 * at this point (because we intentionally didn't in dqget_noattach).
1713 */
1714 if (error) {
1715 xfs_qm_dqpurge_all(mp, XFS_QMOPT_QUOTALL);
1716 goto error_return;
1717 }
1718
1719 /*
1720 * We didn't log anything, because if we crashed, we'll have to
1721 * start the quotacheck from scratch anyway. However, we must make
1722 * sure that our dquot changes are secure before we put the
1723 * quotacheck'd stamp on the superblock. So, here we do a synchronous
1724 * flush.
1725 */
1726 XFS_bflush(mp->m_ddev_targp);
1727
1728 /*
1729 * If one type of quotas is off, then it will lose its
1730 * quotachecked status, since we won't be doing accounting for
1731 * that type anymore.
1732 */
1733 mp->m_qflags &= ~(XFS_OQUOTA_CHKD | XFS_UQUOTA_CHKD);
1734 mp->m_qflags |= flags;
1735
1736 xfs_qm_dquot_list_print(mp);
1737
1738 error_return:
1739 if (error) {
1740 xfs_warn(mp,
1741 "Quotacheck: Unsuccessful (Error %d): Disabling quotas.",
1742 error);
1743 /*
1744 * We must turn off quotas.
1745 */
1746 ASSERT(mp->m_quotainfo != NULL);
1747 ASSERT(xfs_Gqm != NULL);
1748 xfs_qm_destroy_quotainfo(mp);
1749 if (xfs_mount_reset_sbqflags(mp)) {
1750 xfs_warn(mp,
1751 "Quotacheck: Failed to reset quota flags.");
1752 }
1753 } else
1754 xfs_notice(mp, "Quotacheck: Done.");
1755 return (error);
1756 }
1757
1758 /*
1759 * This is called after the superblock has been read in and we're ready to
1760 * iget the quota inodes.
1761 */
1762 STATIC int
xfs_qm_init_quotainos(xfs_mount_t * mp)1763 xfs_qm_init_quotainos(
1764 xfs_mount_t *mp)
1765 {
1766 xfs_inode_t *uip, *gip;
1767 int error;
1768 __int64_t sbflags;
1769 uint flags;
1770
1771 ASSERT(mp->m_quotainfo);
1772 uip = gip = NULL;
1773 sbflags = 0;
1774 flags = 0;
1775
1776 /*
1777 * Get the uquota and gquota inodes
1778 */
1779 if (xfs_sb_version_hasquota(&mp->m_sb)) {
1780 if (XFS_IS_UQUOTA_ON(mp) &&
1781 mp->m_sb.sb_uquotino != NULLFSINO) {
1782 ASSERT(mp->m_sb.sb_uquotino > 0);
1783 if ((error = xfs_iget(mp, NULL, mp->m_sb.sb_uquotino,
1784 0, 0, &uip)))
1785 return XFS_ERROR(error);
1786 }
1787 if (XFS_IS_OQUOTA_ON(mp) &&
1788 mp->m_sb.sb_gquotino != NULLFSINO) {
1789 ASSERT(mp->m_sb.sb_gquotino > 0);
1790 if ((error = xfs_iget(mp, NULL, mp->m_sb.sb_gquotino,
1791 0, 0, &gip))) {
1792 if (uip)
1793 IRELE(uip);
1794 return XFS_ERROR(error);
1795 }
1796 }
1797 } else {
1798 flags |= XFS_QMOPT_SBVERSION;
1799 sbflags |= (XFS_SB_VERSIONNUM | XFS_SB_UQUOTINO |
1800 XFS_SB_GQUOTINO | XFS_SB_QFLAGS);
1801 }
1802
1803 /*
1804 * Create the two inodes, if they don't exist already. The changes
1805 * made above will get added to a transaction and logged in one of
1806 * the qino_alloc calls below. If the device is readonly,
1807 * temporarily switch to read-write to do this.
1808 */
1809 if (XFS_IS_UQUOTA_ON(mp) && uip == NULL) {
1810 if ((error = xfs_qm_qino_alloc(mp, &uip,
1811 sbflags | XFS_SB_UQUOTINO,
1812 flags | XFS_QMOPT_UQUOTA)))
1813 return XFS_ERROR(error);
1814
1815 flags &= ~XFS_QMOPT_SBVERSION;
1816 }
1817 if (XFS_IS_OQUOTA_ON(mp) && gip == NULL) {
1818 flags |= (XFS_IS_GQUOTA_ON(mp) ?
1819 XFS_QMOPT_GQUOTA : XFS_QMOPT_PQUOTA);
1820 error = xfs_qm_qino_alloc(mp, &gip,
1821 sbflags | XFS_SB_GQUOTINO, flags);
1822 if (error) {
1823 if (uip)
1824 IRELE(uip);
1825
1826 return XFS_ERROR(error);
1827 }
1828 }
1829
1830 mp->m_quotainfo->qi_uquotaip = uip;
1831 mp->m_quotainfo->qi_gquotaip = gip;
1832
1833 return 0;
1834 }
1835
1836
1837
1838 /*
1839 * Just pop the least recently used dquot off the freelist and
1840 * recycle it. The returned dquot is locked.
1841 */
1842 STATIC xfs_dquot_t *
xfs_qm_dqreclaim_one(void)1843 xfs_qm_dqreclaim_one(void)
1844 {
1845 xfs_dquot_t *dqpout;
1846 xfs_dquot_t *dqp;
1847 int restarts;
1848 int startagain;
1849
1850 restarts = 0;
1851 dqpout = NULL;
1852
1853 /* lockorder: hashchainlock, freelistlock, mplistlock, dqlock, dqflock */
1854 again:
1855 startagain = 0;
1856 mutex_lock(&xfs_Gqm->qm_dqfrlist_lock);
1857
1858 list_for_each_entry(dqp, &xfs_Gqm->qm_dqfrlist, q_freelist) {
1859 struct xfs_mount *mp = dqp->q_mount;
1860 xfs_dqlock(dqp);
1861
1862 /*
1863 * We are racing with dqlookup here. Naturally we don't
1864 * want to reclaim a dquot that lookup wants. We release the
1865 * freelist lock and start over, so that lookup will grab
1866 * both the dquot and the freelistlock.
1867 */
1868 if (dqp->dq_flags & XFS_DQ_WANT) {
1869 ASSERT(! (dqp->dq_flags & XFS_DQ_INACTIVE));
1870
1871 trace_xfs_dqreclaim_want(dqp);
1872 XQM_STATS_INC(xqmstats.xs_qm_dqwants);
1873 restarts++;
1874 startagain = 1;
1875 goto dqunlock;
1876 }
1877
1878 /*
1879 * If the dquot is inactive, we are assured that it is
1880 * not on the mplist or the hashlist, and that makes our
1881 * life easier.
1882 */
1883 if (dqp->dq_flags & XFS_DQ_INACTIVE) {
1884 ASSERT(mp == NULL);
1885 ASSERT(! XFS_DQ_IS_DIRTY(dqp));
1886 ASSERT(list_empty(&dqp->q_hashlist));
1887 ASSERT(list_empty(&dqp->q_mplist));
1888 list_del_init(&dqp->q_freelist);
1889 xfs_Gqm->qm_dqfrlist_cnt--;
1890 dqpout = dqp;
1891 XQM_STATS_INC(xqmstats.xs_qm_dqinact_reclaims);
1892 goto dqunlock;
1893 }
1894
1895 ASSERT(dqp->q_hash);
1896 ASSERT(!list_empty(&dqp->q_mplist));
1897
1898 /*
1899 * Try to grab the flush lock. If this dquot is in the process
1900 * of getting flushed to disk, we don't want to reclaim it.
1901 */
1902 if (!xfs_dqflock_nowait(dqp))
1903 goto dqunlock;
1904
1905 /*
1906 * We have the flush lock so we know that this is not in the
1907 * process of being flushed. So, if this is dirty, flush it
1908 * DELWRI so that we don't get a freelist infested with
1909 * dirty dquots.
1910 */
1911 if (XFS_DQ_IS_DIRTY(dqp)) {
1912 int error;
1913
1914 trace_xfs_dqreclaim_dirty(dqp);
1915
1916 /*
1917 * We flush it delayed write, so don't bother
1918 * releasing the freelist lock.
1919 */
1920 error = xfs_qm_dqflush(dqp, 0);
1921 if (error) {
1922 xfs_warn(mp, "%s: dquot %p flush failed",
1923 __func__, dqp);
1924 }
1925 goto dqunlock;
1926 }
1927
1928 /*
1929 * We're trying to get the hashlock out of order. This races
1930 * with dqlookup; so, we giveup and goto the next dquot if
1931 * we couldn't get the hashlock. This way, we won't starve
1932 * a dqlookup process that holds the hashlock that is
1933 * waiting for the freelist lock.
1934 */
1935 if (!mutex_trylock(&dqp->q_hash->qh_lock)) {
1936 restarts++;
1937 goto dqfunlock;
1938 }
1939
1940 /*
1941 * This races with dquot allocation code as well as dqflush_all
1942 * and reclaim code. So, if we failed to grab the mplist lock,
1943 * giveup everything and start over.
1944 */
1945 if (!mutex_trylock(&mp->m_quotainfo->qi_dqlist_lock)) {
1946 restarts++;
1947 startagain = 1;
1948 goto qhunlock;
1949 }
1950
1951 ASSERT(dqp->q_nrefs == 0);
1952 list_del_init(&dqp->q_mplist);
1953 mp->m_quotainfo->qi_dquots--;
1954 mp->m_quotainfo->qi_dqreclaims++;
1955 list_del_init(&dqp->q_hashlist);
1956 dqp->q_hash->qh_version++;
1957 list_del_init(&dqp->q_freelist);
1958 xfs_Gqm->qm_dqfrlist_cnt--;
1959 dqpout = dqp;
1960 mutex_unlock(&mp->m_quotainfo->qi_dqlist_lock);
1961 qhunlock:
1962 mutex_unlock(&dqp->q_hash->qh_lock);
1963 dqfunlock:
1964 xfs_dqfunlock(dqp);
1965 dqunlock:
1966 xfs_dqunlock(dqp);
1967 if (dqpout)
1968 break;
1969 if (restarts >= XFS_QM_RECLAIM_MAX_RESTARTS)
1970 break;
1971 if (startagain) {
1972 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1973 goto again;
1974 }
1975 }
1976 mutex_unlock(&xfs_Gqm->qm_dqfrlist_lock);
1977 return dqpout;
1978 }
1979
1980 /*
1981 * Traverse the freelist of dquots and attempt to reclaim a maximum of
1982 * 'howmany' dquots. This operation races with dqlookup(), and attempts to
1983 * favor the lookup function ...
1984 */
1985 STATIC int
xfs_qm_shake_freelist(int howmany)1986 xfs_qm_shake_freelist(
1987 int howmany)
1988 {
1989 int nreclaimed = 0;
1990 xfs_dquot_t *dqp;
1991
1992 if (howmany <= 0)
1993 return 0;
1994
1995 while (nreclaimed < howmany) {
1996 dqp = xfs_qm_dqreclaim_one();
1997 if (!dqp)
1998 return nreclaimed;
1999 xfs_qm_dqdestroy(dqp);
2000 nreclaimed++;
2001 }
2002 return nreclaimed;
2003 }
2004
2005 /*
2006 * The kmem_shake interface is invoked when memory is running low.
2007 */
2008 /* ARGSUSED */
2009 STATIC int
xfs_qm_shake(struct shrinker * shrink,int nr_to_scan,gfp_t gfp_mask)2010 xfs_qm_shake(
2011 struct shrinker *shrink,
2012 int nr_to_scan,
2013 gfp_t gfp_mask)
2014 {
2015 int ndqused, nfree, n;
2016
2017 if (!kmem_shake_allow(gfp_mask))
2018 return 0;
2019 if (!xfs_Gqm)
2020 return 0;
2021
2022 nfree = xfs_Gqm->qm_dqfrlist_cnt; /* free dquots */
2023 /* incore dquots in all f/s's */
2024 ndqused = atomic_read(&xfs_Gqm->qm_totaldquots) - nfree;
2025
2026 ASSERT(ndqused >= 0);
2027
2028 if (nfree <= ndqused && nfree < ndquot)
2029 return 0;
2030
2031 ndqused *= xfs_Gqm->qm_dqfree_ratio; /* target # of free dquots */
2032 n = nfree - ndqused - ndquot; /* # over target */
2033
2034 return xfs_qm_shake_freelist(MAX(nfree, n));
2035 }
2036
2037
2038 /*------------------------------------------------------------------*/
2039
2040 /*
2041 * Return a new incore dquot. Depending on the number of
2042 * dquots in the system, we either allocate a new one on the kernel heap,
2043 * or reclaim a free one.
2044 * Return value is B_TRUE if we allocated a new dquot, B_FALSE if we managed
2045 * to reclaim an existing one from the freelist.
2046 */
2047 boolean_t
xfs_qm_dqalloc_incore(xfs_dquot_t ** O_dqpp)2048 xfs_qm_dqalloc_incore(
2049 xfs_dquot_t **O_dqpp)
2050 {
2051 xfs_dquot_t *dqp;
2052
2053 /*
2054 * Check against high water mark to see if we want to pop
2055 * a nincompoop dquot off the freelist.
2056 */
2057 if (atomic_read(&xfs_Gqm->qm_totaldquots) >= ndquot) {
2058 /*
2059 * Try to recycle a dquot from the freelist.
2060 */
2061 if ((dqp = xfs_qm_dqreclaim_one())) {
2062 XQM_STATS_INC(xqmstats.xs_qm_dqreclaims);
2063 /*
2064 * Just zero the core here. The rest will get
2065 * reinitialized by caller. XXX we shouldn't even
2066 * do this zero ...
2067 */
2068 memset(&dqp->q_core, 0, sizeof(dqp->q_core));
2069 *O_dqpp = dqp;
2070 return B_FALSE;
2071 }
2072 XQM_STATS_INC(xqmstats.xs_qm_dqreclaim_misses);
2073 }
2074
2075 /*
2076 * Allocate a brand new dquot on the kernel heap and return it
2077 * to the caller to initialize.
2078 */
2079 ASSERT(xfs_Gqm->qm_dqzone != NULL);
2080 *O_dqpp = kmem_zone_zalloc(xfs_Gqm->qm_dqzone, KM_SLEEP);
2081 atomic_inc(&xfs_Gqm->qm_totaldquots);
2082
2083 return B_TRUE;
2084 }
2085
2086
2087 /*
2088 * Start a transaction and write the incore superblock changes to
2089 * disk. flags parameter indicates which fields have changed.
2090 */
2091 int
xfs_qm_write_sb_changes(xfs_mount_t * mp,__int64_t flags)2092 xfs_qm_write_sb_changes(
2093 xfs_mount_t *mp,
2094 __int64_t flags)
2095 {
2096 xfs_trans_t *tp;
2097 int error;
2098
2099 #ifdef QUOTADEBUG
2100 xfs_notice(mp, "Writing superblock quota changes");
2101 #endif
2102 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_SBCHANGE);
2103 if ((error = xfs_trans_reserve(tp, 0,
2104 mp->m_sb.sb_sectsize + 128, 0,
2105 0,
2106 XFS_DEFAULT_LOG_COUNT))) {
2107 xfs_trans_cancel(tp, 0);
2108 return error;
2109 }
2110
2111 xfs_mod_sb(tp, flags);
2112 error = xfs_trans_commit(tp, 0);
2113
2114 return error;
2115 }
2116
2117
2118 /* --------------- utility functions for vnodeops ---------------- */
2119
2120
2121 /*
2122 * Given an inode, a uid, gid and prid make sure that we have
2123 * allocated relevant dquot(s) on disk, and that we won't exceed inode
2124 * quotas by creating this file.
2125 * This also attaches dquot(s) to the given inode after locking it,
2126 * and returns the dquots corresponding to the uid and/or gid.
2127 *
2128 * in : inode (unlocked)
2129 * out : udquot, gdquot with references taken and unlocked
2130 */
2131 int
xfs_qm_vop_dqalloc(struct xfs_inode * ip,uid_t uid,gid_t gid,prid_t prid,uint flags,struct xfs_dquot ** O_udqpp,struct xfs_dquot ** O_gdqpp)2132 xfs_qm_vop_dqalloc(
2133 struct xfs_inode *ip,
2134 uid_t uid,
2135 gid_t gid,
2136 prid_t prid,
2137 uint flags,
2138 struct xfs_dquot **O_udqpp,
2139 struct xfs_dquot **O_gdqpp)
2140 {
2141 struct xfs_mount *mp = ip->i_mount;
2142 struct xfs_dquot *uq, *gq;
2143 int error;
2144 uint lockflags;
2145
2146 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
2147 return 0;
2148
2149 lockflags = XFS_ILOCK_EXCL;
2150 xfs_ilock(ip, lockflags);
2151
2152 if ((flags & XFS_QMOPT_INHERIT) && XFS_INHERIT_GID(ip))
2153 gid = ip->i_d.di_gid;
2154
2155 /*
2156 * Attach the dquot(s) to this inode, doing a dquot allocation
2157 * if necessary. The dquot(s) will not be locked.
2158 */
2159 if (XFS_NOT_DQATTACHED(mp, ip)) {
2160 error = xfs_qm_dqattach_locked(ip, XFS_QMOPT_DQALLOC);
2161 if (error) {
2162 xfs_iunlock(ip, lockflags);
2163 return error;
2164 }
2165 }
2166
2167 uq = gq = NULL;
2168 if ((flags & XFS_QMOPT_UQUOTA) && XFS_IS_UQUOTA_ON(mp)) {
2169 if (ip->i_d.di_uid != uid) {
2170 /*
2171 * What we need is the dquot that has this uid, and
2172 * if we send the inode to dqget, the uid of the inode
2173 * takes priority over what's sent in the uid argument.
2174 * We must unlock inode here before calling dqget if
2175 * we're not sending the inode, because otherwise
2176 * we'll deadlock by doing trans_reserve while
2177 * holding ilock.
2178 */
2179 xfs_iunlock(ip, lockflags);
2180 if ((error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t) uid,
2181 XFS_DQ_USER,
2182 XFS_QMOPT_DQALLOC |
2183 XFS_QMOPT_DOWARN,
2184 &uq))) {
2185 ASSERT(error != ENOENT);
2186 return error;
2187 }
2188 /*
2189 * Get the ilock in the right order.
2190 */
2191 xfs_dqunlock(uq);
2192 lockflags = XFS_ILOCK_SHARED;
2193 xfs_ilock(ip, lockflags);
2194 } else {
2195 /*
2196 * Take an extra reference, because we'll return
2197 * this to caller
2198 */
2199 ASSERT(ip->i_udquot);
2200 uq = ip->i_udquot;
2201 xfs_dqlock(uq);
2202 XFS_DQHOLD(uq);
2203 xfs_dqunlock(uq);
2204 }
2205 }
2206 if ((flags & XFS_QMOPT_GQUOTA) && XFS_IS_GQUOTA_ON(mp)) {
2207 if (ip->i_d.di_gid != gid) {
2208 xfs_iunlock(ip, lockflags);
2209 if ((error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)gid,
2210 XFS_DQ_GROUP,
2211 XFS_QMOPT_DQALLOC |
2212 XFS_QMOPT_DOWARN,
2213 &gq))) {
2214 if (uq)
2215 xfs_qm_dqrele(uq);
2216 ASSERT(error != ENOENT);
2217 return error;
2218 }
2219 xfs_dqunlock(gq);
2220 lockflags = XFS_ILOCK_SHARED;
2221 xfs_ilock(ip, lockflags);
2222 } else {
2223 ASSERT(ip->i_gdquot);
2224 gq = ip->i_gdquot;
2225 xfs_dqlock(gq);
2226 XFS_DQHOLD(gq);
2227 xfs_dqunlock(gq);
2228 }
2229 } else if ((flags & XFS_QMOPT_PQUOTA) && XFS_IS_PQUOTA_ON(mp)) {
2230 if (xfs_get_projid(ip) != prid) {
2231 xfs_iunlock(ip, lockflags);
2232 if ((error = xfs_qm_dqget(mp, NULL, (xfs_dqid_t)prid,
2233 XFS_DQ_PROJ,
2234 XFS_QMOPT_DQALLOC |
2235 XFS_QMOPT_DOWARN,
2236 &gq))) {
2237 if (uq)
2238 xfs_qm_dqrele(uq);
2239 ASSERT(error != ENOENT);
2240 return (error);
2241 }
2242 xfs_dqunlock(gq);
2243 lockflags = XFS_ILOCK_SHARED;
2244 xfs_ilock(ip, lockflags);
2245 } else {
2246 ASSERT(ip->i_gdquot);
2247 gq = ip->i_gdquot;
2248 xfs_dqlock(gq);
2249 XFS_DQHOLD(gq);
2250 xfs_dqunlock(gq);
2251 }
2252 }
2253 if (uq)
2254 trace_xfs_dquot_dqalloc(ip);
2255
2256 xfs_iunlock(ip, lockflags);
2257 if (O_udqpp)
2258 *O_udqpp = uq;
2259 else if (uq)
2260 xfs_qm_dqrele(uq);
2261 if (O_gdqpp)
2262 *O_gdqpp = gq;
2263 else if (gq)
2264 xfs_qm_dqrele(gq);
2265 return 0;
2266 }
2267
2268 /*
2269 * Actually transfer ownership, and do dquot modifications.
2270 * These were already reserved.
2271 */
2272 xfs_dquot_t *
xfs_qm_vop_chown(xfs_trans_t * tp,xfs_inode_t * ip,xfs_dquot_t ** IO_olddq,xfs_dquot_t * newdq)2273 xfs_qm_vop_chown(
2274 xfs_trans_t *tp,
2275 xfs_inode_t *ip,
2276 xfs_dquot_t **IO_olddq,
2277 xfs_dquot_t *newdq)
2278 {
2279 xfs_dquot_t *prevdq;
2280 uint bfield = XFS_IS_REALTIME_INODE(ip) ?
2281 XFS_TRANS_DQ_RTBCOUNT : XFS_TRANS_DQ_BCOUNT;
2282
2283
2284 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
2285 ASSERT(XFS_IS_QUOTA_RUNNING(ip->i_mount));
2286
2287 /* old dquot */
2288 prevdq = *IO_olddq;
2289 ASSERT(prevdq);
2290 ASSERT(prevdq != newdq);
2291
2292 xfs_trans_mod_dquot(tp, prevdq, bfield, -(ip->i_d.di_nblocks));
2293 xfs_trans_mod_dquot(tp, prevdq, XFS_TRANS_DQ_ICOUNT, -1);
2294
2295 /* the sparkling new dquot */
2296 xfs_trans_mod_dquot(tp, newdq, bfield, ip->i_d.di_nblocks);
2297 xfs_trans_mod_dquot(tp, newdq, XFS_TRANS_DQ_ICOUNT, 1);
2298
2299 /*
2300 * Take an extra reference, because the inode
2301 * is going to keep this dquot pointer even
2302 * after the trans_commit.
2303 */
2304 xfs_dqlock(newdq);
2305 XFS_DQHOLD(newdq);
2306 xfs_dqunlock(newdq);
2307 *IO_olddq = newdq;
2308
2309 return prevdq;
2310 }
2311
2312 /*
2313 * Quota reservations for setattr(AT_UID|AT_GID|AT_PROJID).
2314 */
2315 int
xfs_qm_vop_chown_reserve(xfs_trans_t * tp,xfs_inode_t * ip,xfs_dquot_t * udqp,xfs_dquot_t * gdqp,uint flags)2316 xfs_qm_vop_chown_reserve(
2317 xfs_trans_t *tp,
2318 xfs_inode_t *ip,
2319 xfs_dquot_t *udqp,
2320 xfs_dquot_t *gdqp,
2321 uint flags)
2322 {
2323 xfs_mount_t *mp = ip->i_mount;
2324 uint delblks, blkflags, prjflags = 0;
2325 xfs_dquot_t *unresudq, *unresgdq, *delblksudq, *delblksgdq;
2326 int error;
2327
2328
2329 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL|XFS_ILOCK_SHARED));
2330 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
2331
2332 delblks = ip->i_delayed_blks;
2333 delblksudq = delblksgdq = unresudq = unresgdq = NULL;
2334 blkflags = XFS_IS_REALTIME_INODE(ip) ?
2335 XFS_QMOPT_RES_RTBLKS : XFS_QMOPT_RES_REGBLKS;
2336
2337 if (XFS_IS_UQUOTA_ON(mp) && udqp &&
2338 ip->i_d.di_uid != (uid_t)be32_to_cpu(udqp->q_core.d_id)) {
2339 delblksudq = udqp;
2340 /*
2341 * If there are delayed allocation blocks, then we have to
2342 * unreserve those from the old dquot, and add them to the
2343 * new dquot.
2344 */
2345 if (delblks) {
2346 ASSERT(ip->i_udquot);
2347 unresudq = ip->i_udquot;
2348 }
2349 }
2350 if (XFS_IS_OQUOTA_ON(ip->i_mount) && gdqp) {
2351 if (XFS_IS_PQUOTA_ON(ip->i_mount) &&
2352 xfs_get_projid(ip) != be32_to_cpu(gdqp->q_core.d_id))
2353 prjflags = XFS_QMOPT_ENOSPC;
2354
2355 if (prjflags ||
2356 (XFS_IS_GQUOTA_ON(ip->i_mount) &&
2357 ip->i_d.di_gid != be32_to_cpu(gdqp->q_core.d_id))) {
2358 delblksgdq = gdqp;
2359 if (delblks) {
2360 ASSERT(ip->i_gdquot);
2361 unresgdq = ip->i_gdquot;
2362 }
2363 }
2364 }
2365
2366 if ((error = xfs_trans_reserve_quota_bydquots(tp, ip->i_mount,
2367 delblksudq, delblksgdq, ip->i_d.di_nblocks, 1,
2368 flags | blkflags | prjflags)))
2369 return (error);
2370
2371 /*
2372 * Do the delayed blks reservations/unreservations now. Since, these
2373 * are done without the help of a transaction, if a reservation fails
2374 * its previous reservations won't be automatically undone by trans
2375 * code. So, we have to do it manually here.
2376 */
2377 if (delblks) {
2378 /*
2379 * Do the reservations first. Unreservation can't fail.
2380 */
2381 ASSERT(delblksudq || delblksgdq);
2382 ASSERT(unresudq || unresgdq);
2383 if ((error = xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount,
2384 delblksudq, delblksgdq, (xfs_qcnt_t)delblks, 0,
2385 flags | blkflags | prjflags)))
2386 return (error);
2387 xfs_trans_reserve_quota_bydquots(NULL, ip->i_mount,
2388 unresudq, unresgdq, -((xfs_qcnt_t)delblks), 0,
2389 blkflags);
2390 }
2391
2392 return (0);
2393 }
2394
2395 int
xfs_qm_vop_rename_dqattach(struct xfs_inode ** i_tab)2396 xfs_qm_vop_rename_dqattach(
2397 struct xfs_inode **i_tab)
2398 {
2399 struct xfs_mount *mp = i_tab[0]->i_mount;
2400 int i;
2401
2402 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
2403 return 0;
2404
2405 for (i = 0; (i < 4 && i_tab[i]); i++) {
2406 struct xfs_inode *ip = i_tab[i];
2407 int error;
2408
2409 /*
2410 * Watch out for duplicate entries in the table.
2411 */
2412 if (i == 0 || ip != i_tab[i-1]) {
2413 if (XFS_NOT_DQATTACHED(mp, ip)) {
2414 error = xfs_qm_dqattach(ip, 0);
2415 if (error)
2416 return error;
2417 }
2418 }
2419 }
2420 return 0;
2421 }
2422
2423 void
xfs_qm_vop_create_dqattach(struct xfs_trans * tp,struct xfs_inode * ip,struct xfs_dquot * udqp,struct xfs_dquot * gdqp)2424 xfs_qm_vop_create_dqattach(
2425 struct xfs_trans *tp,
2426 struct xfs_inode *ip,
2427 struct xfs_dquot *udqp,
2428 struct xfs_dquot *gdqp)
2429 {
2430 struct xfs_mount *mp = tp->t_mountp;
2431
2432 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
2433 return;
2434
2435 ASSERT(xfs_isilocked(ip, XFS_ILOCK_EXCL));
2436 ASSERT(XFS_IS_QUOTA_RUNNING(mp));
2437
2438 if (udqp) {
2439 xfs_dqlock(udqp);
2440 XFS_DQHOLD(udqp);
2441 xfs_dqunlock(udqp);
2442 ASSERT(ip->i_udquot == NULL);
2443 ip->i_udquot = udqp;
2444 ASSERT(XFS_IS_UQUOTA_ON(mp));
2445 ASSERT(ip->i_d.di_uid == be32_to_cpu(udqp->q_core.d_id));
2446 xfs_trans_mod_dquot(tp, udqp, XFS_TRANS_DQ_ICOUNT, 1);
2447 }
2448 if (gdqp) {
2449 xfs_dqlock(gdqp);
2450 XFS_DQHOLD(gdqp);
2451 xfs_dqunlock(gdqp);
2452 ASSERT(ip->i_gdquot == NULL);
2453 ip->i_gdquot = gdqp;
2454 ASSERT(XFS_IS_OQUOTA_ON(mp));
2455 ASSERT((XFS_IS_GQUOTA_ON(mp) ?
2456 ip->i_d.di_gid : xfs_get_projid(ip)) ==
2457 be32_to_cpu(gdqp->q_core.d_id));
2458 xfs_trans_mod_dquot(tp, gdqp, XFS_TRANS_DQ_ICOUNT, 1);
2459 }
2460 }
2461
2462