quota2.c revision 1.2
1 /* $NetBSD: quota2.c,v 1.2 2011/03/06 17:08:16 bouyer Exp $ */ 2 /*- 3 * Copyright (c) 2010 Manuel Bouyer 4 * All rights reserved. 5 * This software is distributed under the following condiions 6 * compliant with the NetBSD foundation policy. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 19 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 20 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 21 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 #include <sys/param.h> 31 #include <sys/time.h> 32 33 #include <ufs/ufs/dinode.h> 34 #include <ufs/ffs/fs.h> 35 #include <ufs/ffs/ffs_extern.h> 36 #include <ufs/ufs/ufs_bswap.h> 37 38 #include <err.h> 39 #include <string.h> 40 #include <malloc.h> 41 #include <ufs/ufs/quota2.h> 42 43 #include "fsutil.h" 44 #include "fsck.h" 45 #include "extern.h" 46 #include "exitvalues.h" 47 48 static char **quotamap; 49 50 void 51 quota2_create_inode(struct fs *fs, int type) 52 { 53 ino_t ino; 54 struct bufarea *bp; 55 union dinode *dp; 56 57 ino = allocino(0, IFREG); 58 dp = ginode(ino); 59 DIP_SET(dp, nlink, iswap16(1)); 60 inodirty(); 61 62 if (readblk(dp, 0, &bp) != sblock->fs_bsize || 63 bp->b_errs != 0) { 64 freeino(ino); 65 return; 66 } 67 quota2_create_blk0(sblock->fs_bsize, bp->b_un.b_buf, 68 q2h_hash_shift, type, needswap); 69 dirty(bp); 70 bp->b_flags &= ~B_INUSE; 71 sblock->fs_quotafile[type] = ino; 72 sbdirty(); 73 return; 74 } 75 76 int 77 quota2_alloc_quota(union dinode * dp, struct bufarea *hbp, 78 uid_t uid, uint64_t u_b, uint64_t u_i) 79 { 80 struct bufarea *bp; 81 struct quota2_header *q2h = (void *)hbp->b_un.b_buf; 82 struct quota2_entry *q2e; 83 uint64_t off; 84 uint64_t baseoff; 85 86 off = iswap64(q2h->q2h_free); 87 if (off == 0) { 88 baseoff = iswap64(DIP(dp, size)); 89 if ((bp = expandfile(dp)) == NULL) { 90 pfatal("SORRY, CAN'T EXPAND QUOTA INODE\n"); 91 markclean = 0; 92 return (0); 93 } 94 quota2_addfreeq2e(q2h, bp->b_un.b_buf, baseoff, 95 sblock->fs_bsize, needswap); 96 dirty(bp); 97 bp->b_flags &= ~B_INUSE; 98 off = iswap64(q2h->q2h_free); 99 if (off == 0) 100 errexit("INTERNAL ERROR: " 101 "addfreeq2e didn't fill free list\n"); 102 } 103 if (off < sblock->fs_bsize) { 104 /* in the header block */ 105 bp = hbp; 106 } else { 107 if (readblk(dp, off, &bp) != sblock->fs_bsize || 108 bp->b_errs != 0) { 109 pwarn("CAN'T READ QUOTA BLOCK\n"); 110 return FSCK_EXIT_CHECK_FAILED; 111 } 112 } 113 q2e = (void *)((caddr_t)(bp->b_un.b_buf) + 114 (off % sblock->fs_bsize)); 115 /* remove from free list */ 116 q2h->q2h_free = q2e->q2e_next; 117 118 memcpy(q2e, &q2h->q2h_defentry, sizeof(*q2e)); 119 q2e->q2e_uid = iswap32(uid); 120 q2e->q2e_val[QL_BLOCK].q2v_cur = iswap64(u_b); 121 q2e->q2e_val[QL_FILE].q2v_cur = iswap64(u_i); 122 /* insert in hash list */ 123 q2e->q2e_next = q2h->q2h_entries[uid & q2h_hash_mask]; 124 q2h->q2h_entries[uid & q2h_hash_mask] = iswap64(off); 125 dirty(bp); 126 dirty(hbp); 127 128 if (bp != hbp) 129 bp->b_flags &= ~B_INUSE; 130 return 0; 131 } 132 133 /* walk a quota entry list, calling the callback for each entry */ 134 static int quota2_walk_list(union dinode *, struct bufarea *, uint64_t *, 135 void *, int (*func)(uint64_t *, struct quota2_entry *, uint64_t, void *)); 136 /* flags used by callbacks return */ 137 #define Q2WL_ABORT 0x01 138 #define Q2WL_DIRTY 0x02 139 140 static int 141 quota2_walk_list(union dinode *dp, struct bufarea *hbp, uint64_t *offp, void *a, 142 int (*func)(uint64_t *, struct quota2_entry *, uint64_t, void *)) 143 { 144 daddr_t off = iswap64(*offp); 145 struct bufarea *bp, *obp = hbp; 146 int ret; 147 struct quota2_entry *q2e; 148 149 while (off != 0) { 150 if (off < sblock->fs_bsize) { 151 /* in the header block */ 152 bp = hbp; 153 } else { 154 if (readblk(dp, off, &bp) != sblock->fs_bsize || 155 bp->b_errs != 0) { 156 pwarn("CAN'T READ QUOTA BLOCK"); 157 return FSCK_EXIT_CHECK_FAILED; 158 } 159 } 160 q2e = (void *)((caddr_t)(bp->b_un.b_buf) + 161 (off % sblock->fs_bsize)); 162 ret = (*func)(offp, q2e, off, a); 163 if (ret & Q2WL_DIRTY) 164 dirty(bp); 165 if (ret & Q2WL_ABORT) 166 return FSCK_EXIT_CHECK_FAILED; 167 if (off != iswap64(*offp)) { 168 /* callback changed parent's pointer, redo */ 169 dirty(obp); 170 off = iswap64(*offp); 171 if (bp != hbp && bp != obp) 172 bp->b_flags &= ~B_INUSE; 173 } else { 174 /* parent if now current */ 175 if (obp != bp && obp != hbp) 176 obp->b_flags &= ~B_INUSE; 177 obp = bp; 178 offp = &(q2e->q2e_next); 179 off = iswap64(*offp); 180 } 181 } 182 if (obp != hbp) 183 obp->b_flags &= ~B_INUSE; 184 return 0; 185 } 186 187 static int quota2_list_check(uint64_t *, struct quota2_entry *, uint64_t, 188 void *); 189 static int 190 quota2_list_check(uint64_t *offp, struct quota2_entry *q2e, uint64_t off, 191 void *v) 192 { 193 int *hash = v; 194 const int quota2_hash_size = 1 << q2h_hash_shift; 195 const int quota2_full_header_size = sizeof(struct quota2_header) + 196 sizeof(uint64_t) * quota2_hash_size; 197 uint64_t blk = off / sblock->fs_bsize; 198 uint64_t boff = off % sblock->fs_bsize; 199 int qidx = off2qindex((blk == 0) ? quota2_full_header_size : 0, boff); 200 201 /* check that we're not already in a list */ 202 if (!isset(quotamap[blk], qidx)) { 203 pwarn("DUPLICATE QUOTA ENTRY"); 204 } else { 205 clrbit(quotamap[blk], qidx); 206 /* check that we're in the right hash entry */ 207 if (*hash < 0) 208 return 0; 209 if (*hash == (iswap32(q2e->q2e_uid) & q2h_hash_mask)) 210 return 0; 211 212 pwarn("QUOTA uid %d IN WRONG HASH LIST %d", 213 iswap32(q2e->q2e_uid), *hash); 214 /* 215 * remove from list, but keep the bit so 216 * it'll be added back to the free list 217 */ 218 setbit(quotamap[blk], qidx); 219 } 220 221 if (preen) 222 printf(" (FIXED)\n"); 223 else if (!reply("FIX")) { 224 markclean = 0; 225 return 0; 226 } 227 /* remove this entry from the list */ 228 *offp = q2e->q2e_next; 229 q2e->q2e_next = 0; 230 return Q2WL_DIRTY; 231 } 232 233 int 234 quota2_check_inode(int type) 235 { 236 const char *strtype = (type == USRQUOTA) ? "user" : "group"; 237 const char *capstrtype = (type == USRQUOTA) ? "USER" : "GROUP"; 238 239 struct bufarea *bp, *hbp; 240 union dinode *dp; 241 struct quota2_header *q2h; 242 struct quota2_entry *q2e; 243 int freei = 0; 244 int mode; 245 daddr_t off; 246 int nq2e, nq2map, i, j, ret; 247 uint64_t /* blocks, e_blocks, */ filesize; 248 249 const int quota2_hash_size = 1 << q2h_hash_shift; 250 const int quota2_full_header_size = sizeof(struct quota2_header) + 251 sizeof(q2h->q2h_entries[0]) * quota2_hash_size; 252 253 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(type)) == 0) 254 return 0; 255 if (sblock->fs_quotafile[type] != 0) { 256 struct inostat *info; 257 258 info = inoinfo(sblock->fs_quotafile[type]); 259 switch(info->ino_state) { 260 case FSTATE: 261 break; 262 case DSTATE: 263 freei = 1; 264 case DFOUND: 265 pwarn("%s QUOTA INODE %" PRIu64 " IS A DIRECTORY", 266 capstrtype, sblock->fs_quotafile[type]); 267 goto clear; 268 case USTATE: 269 case DCLEAR: 270 case FCLEAR: 271 pwarn("UNALLOCATED %s QUOTA INODE %" PRIu64, 272 capstrtype, sblock->fs_quotafile[type]); 273 goto clear; 274 default: 275 pfatal("INTERNAL ERROR: wrong quota inode %" PRIu64 276 " type %d\n", sblock->fs_quotafile[type], 277 info->ino_state); 278 exit(FSCK_EXIT_CHECK_FAILED); 279 } 280 dp = ginode(sblock->fs_quotafile[type]); 281 mode = iswap16(DIP(dp, mode)) & IFMT; 282 switch(mode) { 283 case IFREG: 284 break; 285 default: 286 pwarn("WRONG TYPE %d for %s QUOTA INODE %" PRIu64, 287 mode, capstrtype, sblock->fs_quotafile[type]); 288 freei = 1; 289 goto clear; 290 } 291 #if 0 292 blocks = is_ufs2 ? iswap64(dp->dp2.di_blocks) : 293 iswap32(dp->dp1.di_blocks); 294 filesize = iswap64(DIP(dp, size)); 295 e_blocks = btodb(filesize); 296 if (btodb(filesize) != blocks) { 297 pwarn("%s QUOTA INODE %" PRIu64 " HAS EMPTY BLOCKS", 298 capstrtype, sblock->fs_quotafile[type]); 299 freei = 1; 300 goto clear; 301 } 302 #endif 303 if (readblk(dp, 0, &hbp) != sblock->fs_bsize || 304 hbp->b_errs != 0) { 305 freeino(sblock->fs_quotafile[type]); 306 sblock->fs_quotafile[type] = 0; 307 goto alloc; 308 } 309 q2h = (void *)hbp->b_un.b_buf; 310 if (q2h->q2h_magic_number != iswap32(Q2_HEAD_MAGIC) || 311 q2h->q2h_type != type || 312 q2h->q2h_hash_shift != q2h_hash_shift || 313 q2h->q2h_hash_size != iswap16(quota2_hash_size)) { 314 pwarn("CORRUPTED %s QUOTA INODE %" PRIu64, capstrtype, 315 sblock->fs_quotafile[type]); 316 freei = 1; 317 hbp->b_flags &= ~B_INUSE; 318 clear: 319 if (preen) 320 printf(" (CLEARED)\n"); 321 else { 322 if (!reply("CLEAR")) { 323 markclean = 0; 324 return FSCK_EXIT_CHECK_FAILED; 325 } 326 } 327 if (freei) 328 freeino(sblock->fs_quotafile[type]); 329 sblock->fs_quotafile[type] = 0; 330 } 331 } 332 alloc: 333 if (sblock->fs_quotafile[type] == 0) { 334 pwarn("NO %s QUOTA INODE", capstrtype); 335 if (preen) 336 printf(" (CREATED)\n"); 337 else { 338 if (!reply("CREATE")) { 339 markclean = 0; 340 return FSCK_EXIT_CHECK_FAILED; 341 } 342 } 343 quota2_create_inode(sblock, type); 344 } 345 346 dp = ginode(sblock->fs_quotafile[type]); 347 if (readblk(dp, 0, &hbp) != sblock->fs_bsize || 348 hbp->b_errs != 0) { 349 pfatal("can't re-read %s quota header\n", strtype); 350 exit(FSCK_EXIT_CHECK_FAILED); 351 } 352 q2h = (void *)hbp->b_un.b_buf; 353 filesize = iswap64(DIP(dp, size)); 354 nq2map = filesize / sblock->fs_bsize; 355 quotamap = malloc(sizeof(*quotamap) * nq2map); 356 /* map for full blocks */ 357 for (i = 0; i < nq2map; i++) { 358 nq2e = (sblock->fs_bsize - 359 ((i == 0) ? quota2_full_header_size : 0)) / sizeof(*q2e); 360 quotamap[i] = calloc(roundup(howmany(nq2e, NBBY), 361 sizeof(int16_t)), sizeof(char)); 362 for (j = 0; j < nq2e; j++) 363 setbit(quotamap[i], j); 364 } 365 366 /* check that all entries are in the lists (and only once) */ 367 i = -1; 368 ret = quota2_walk_list(dp, hbp, &q2h->q2h_free, &i, quota2_list_check); 369 if (ret) 370 return ret; 371 for (i = 0; i < quota2_hash_size; i++) { 372 ret = quota2_walk_list(dp, hbp, &q2h->q2h_entries[i], &i, 373 quota2_list_check); 374 if (ret) 375 return ret; 376 } 377 for (i = 0; i < nq2map; i++) { 378 nq2e = (sblock->fs_bsize - 379 ((i == 0) ? quota2_full_header_size : 0)) / sizeof(*q2e); 380 for (j = 0; j < nq2e; j++) { 381 if (!isset(quotamap[i], j)) 382 continue; 383 pwarn("QUOTA ENTRY NOT IN LIST"); 384 if (preen) 385 printf(" (FIXED)\n"); 386 else if (!reply("FIX")) { 387 markclean = 0; 388 break; 389 } 390 off = qindex2off( 391 (i == 0) ? quota2_full_header_size : 0, j); 392 if (i == 0) 393 bp = hbp; 394 else { 395 if (readblk(dp, i * sblock->fs_bsize, &bp) 396 != sblock->fs_bsize || bp->b_errs != 0) { 397 pfatal("can't read %s quota entry\n", 398 strtype); 399 break; 400 } 401 } 402 q2e = (void *)((caddr_t)(bp->b_un.b_buf) + off); 403 q2e->q2e_next = q2h->q2h_free; 404 q2h->q2h_free = iswap64(off + i * sblock->fs_bsize); 405 dirty(bp); 406 dirty(hbp); 407 if (bp != hbp) 408 bp->b_flags &= ~B_INUSE; 409 } 410 } 411 hbp->b_flags &= ~B_INUSE; 412 return 0; 413 } 414 415 /* compare/update on-disk usages to what we computed */ 416 417 struct qcheck_arg { 418 const char *capstrtype; 419 struct uquot_hash *uquot_hash; 420 }; 421 422 static int quota2_list_qcheck(uint64_t *, struct quota2_entry *, uint64_t, 423 void *); 424 static int 425 quota2_list_qcheck(uint64_t *offp, struct quota2_entry *q2e, uint64_t off, 426 void *v) 427 { 428 uid_t uid = iswap32(q2e->q2e_uid); 429 struct qcheck_arg *a = v; 430 struct uquot *uq; 431 struct uquot uq_null; 432 433 memset(&uq_null, 0, sizeof(uq_null)); 434 435 uq = find_uquot(a->uquot_hash, uid, 0); 436 437 if (uq == NULL) 438 uq = &uq_null; 439 else 440 remove_uquot(a->uquot_hash, uq); 441 442 if (iswap64(q2e->q2e_val[QL_BLOCK].q2v_cur) == uq->uq_b && 443 iswap64(q2e->q2e_val[QL_FILE].q2v_cur) == uq->uq_i) 444 return 0; 445 pwarn("%s QUOTA MISMATCH FOR ID %d: %" PRIu64 "/%" PRIu64 " SHOULD BE " 446 "%" PRIu64 "/%" PRIu64, a->capstrtype, uid, 447 iswap64(q2e->q2e_val[QL_BLOCK].q2v_cur), 448 iswap64(q2e->q2e_val[QL_FILE].q2v_cur), uq->uq_b, uq->uq_i); 449 if (preen) { 450 printf(" (FIXED)\n"); 451 } else if (!reply("FIX")) { 452 markclean = 0; 453 return 0; 454 } 455 q2e->q2e_val[QL_BLOCK].q2v_cur = iswap64(uq->uq_b); 456 q2e->q2e_val[QL_FILE].q2v_cur = iswap64(uq->uq_i); 457 return Q2WL_DIRTY; 458 } 459 460 int 461 quota2_check_usage(int type) 462 { 463 const char *strtype = (type == USRQUOTA) ? "user" : "group"; 464 const char *capstrtype = (type == USRQUOTA) ? "USER" : "GROUP"; 465 466 struct bufarea *hbp; 467 union dinode *dp; 468 struct quota2_header *q2h; 469 struct qcheck_arg a; 470 int i, ret; 471 const int quota2_hash_size = 1 << q2h_hash_shift; 472 473 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(type)) == 0) 474 return 0; 475 476 a.capstrtype = capstrtype; 477 a.uquot_hash = 478 (type == USRQUOTA) ? uquot_user_hash : uquot_group_hash; 479 dp = ginode(sblock->fs_quotafile[type]); 480 if (readblk(dp, 0, &hbp) != sblock->fs_bsize || 481 hbp->b_errs != 0) { 482 pfatal("can't re-read %s quota header\n", strtype); 483 exit(FSCK_EXIT_CHECK_FAILED); 484 } 485 q2h = (void *)hbp->b_un.b_buf; 486 for (i = 0; i < quota2_hash_size; i++) { 487 ret = quota2_walk_list(dp, hbp, &q2h->q2h_entries[i], &a, 488 quota2_list_qcheck); 489 if (ret) 490 return ret; 491 } 492 493 for (i = 0; i < quota2_hash_size; i++) { 494 struct uquot *uq; 495 SLIST_FOREACH(uq, &a.uquot_hash[i], uq_entries) { 496 pwarn("%s QUOTA MISMATCH FOR ID %d: 0/0" 497 " SHOULD BE %" PRIu64 "/%" PRIu64, capstrtype, 498 uq->uq_uid, uq->uq_b, uq->uq_i); 499 if (preen) { 500 printf(" (ALLOCATED)\n"); 501 } else if (!reply("ALLOC")) { 502 markclean = 0; 503 return 0; 504 } 505 ret = quota2_alloc_quota(dp, hbp, 506 uq->uq_uid, uq->uq_b, uq->uq_i); 507 if (ret) 508 return ret; 509 } 510 } 511 hbp->b_flags &= ~B_INUSE; 512 return 0; 513 } 514 515 /* 516 * check if a quota check needs to be run, regardless of the clean flag 517 */ 518 int 519 quota2_check_doquota() 520 { 521 int retval = 1; 522 523 if ((sblock->fs_flags & FS_DOQUOTA2) == 0) 524 return 1; 525 if (sblock->fs_quota_magic != Q2_HEAD_MAGIC) { 526 pfatal("Invalid quota magic number\n"); 527 if (preen) 528 return 0; 529 if (reply("CONTINUE") == 0) { 530 exit(FSCK_EXIT_CHECK_FAILED); 531 } 532 return 0; 533 } 534 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(USRQUOTA)) && 535 sblock->fs_quotafile[USRQUOTA] == 0) { 536 pwarn("no user quota inode\n"); 537 retval = 0; 538 } 539 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(GRPQUOTA)) && 540 sblock->fs_quotafile[GRPQUOTA] == 0) { 541 pwarn("no group quota inode\n"); 542 retval = 0; 543 } 544 if (preen) 545 return retval; 546 if (!retval) { 547 if (reply("CONTINUE") == 0) { 548 exit(FSCK_EXIT_CHECK_FAILED); 549 } 550 return 0; 551 } 552 return 1; 553 } 554
Indexes created Sat Sep 27 22:09:54 GMT 2025