quota2.c revision 1.6.32.1
1 /* $NetBSD: quota2.c,v 1.6.32.1 2019/06/10 22:05:33 christos Exp $ */ 2 /*- 3 * Copyright (c) 2010 Manuel Bouyer 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 16 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 17 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 18 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 19 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 * POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include <sys/param.h> 29 #include <sys/time.h> 30 31 #include <ufs/ufs/dinode.h> 32 #include <ufs/ffs/fs.h> 33 #include <ufs/ffs/ffs_extern.h> 34 #include <ufs/ufs/ufs_bswap.h> 35 36 #include <err.h> 37 #include <string.h> 38 #include <stdlib.h> 39 #include <ufs/ufs/quota2.h> 40 41 #include "fsutil.h" 42 #include "fsck.h" 43 #include "extern.h" 44 #include "exitvalues.h" 45 46 static char **quotamap; 47 48 void 49 quota2_create_inode(struct fs *fs, int type) 50 { 51 ino_t ino; 52 struct bufarea *bp; 53 union dinode *dp; 54 55 ino = allocino(0, IFREG); 56 dp = ginode(ino); 57 DIP_SET(dp, nlink, iswap16(1)); 58 inodirty(); 59 60 if (readblk(dp, 0, &bp) != sblock->fs_bsize || 61 bp->b_errs != 0) { 62 freeino(ino); 63 return; 64 } 65 quota2_create_blk0(sblock->fs_bsize, bp->b_un.b_buf, 66 q2h_hash_shift, type, needswap); 67 dirty(bp); 68 bp->b_flags &= ~B_INUSE; 69 sblock->fs_quotafile[type] = ino; 70 sbdirty(); 71 return; 72 } 73 74 int 75 quota2_alloc_quota(union dinode * dp, struct bufarea *hbp, 76 uid_t uid, uint64_t u_b, uint64_t u_i) 77 { 78 struct bufarea *bp; 79 struct quota2_header *q2h = (void *)hbp->b_un.b_buf; 80 struct quota2_entry *q2e; 81 uint64_t off; 82 uint64_t baseoff; 83 84 off = iswap64(q2h->q2h_free); 85 if (off == 0) { 86 baseoff = iswap64(DIP(dp, size)); 87 if ((bp = expandfile(dp)) == NULL) { 88 pfatal("SORRY, CAN'T EXPAND QUOTA INODE\n"); 89 markclean = 0; 90 return (0); 91 } 92 quota2_addfreeq2e(q2h, bp->b_un.b_buf, baseoff, 93 sblock->fs_bsize, needswap); 94 dirty(bp); 95 bp->b_flags &= ~B_INUSE; 96 off = iswap64(q2h->q2h_free); 97 if (off == 0) 98 errexit("INTERNAL ERROR: " 99 "addfreeq2e didn't fill free list\n"); 100 } 101 if (off < (uint64_t)sblock->fs_bsize) { 102 /* in the header block */ 103 bp = hbp; 104 } else { 105 if (readblk(dp, off, &bp) != sblock->fs_bsize || 106 bp->b_errs != 0) { 107 pwarn("CAN'T READ QUOTA BLOCK\n"); 108 return FSCK_EXIT_CHECK_FAILED; 109 } 110 } 111 q2e = (void *)((caddr_t)(bp->b_un.b_buf) + 112 (off % sblock->fs_bsize)); 113 /* remove from free list */ 114 q2h->q2h_free = q2e->q2e_next; 115 116 memcpy(q2e, &q2h->q2h_defentry, sizeof(*q2e)); 117 q2e->q2e_uid = iswap32(uid); 118 q2e->q2e_val[QL_BLOCK].q2v_cur = iswap64(u_b); 119 q2e->q2e_val[QL_FILE].q2v_cur = iswap64(u_i); 120 /* insert in hash list */ 121 q2e->q2e_next = q2h->q2h_entries[uid & q2h_hash_mask]; 122 q2h->q2h_entries[uid & q2h_hash_mask] = iswap64(off); 123 dirty(bp); 124 dirty(hbp); 125 126 if (bp != hbp) 127 bp->b_flags &= ~B_INUSE; 128 return 0; 129 } 130 131 /* walk a quota entry list, calling the callback for each entry */ 132 static int quota2_walk_list(union dinode *, struct bufarea *, uint64_t *, 133 void *, int (*func)(uint64_t *, struct quota2_entry *, uint64_t, void *)); 134 /* flags used by callbacks return */ 135 #define Q2WL_ABORT 0x01 136 #define Q2WL_DIRTY 0x02 137 138 static int 139 quota2_walk_list(union dinode *dp, struct bufarea *hbp, uint64_t *offp, void *a, 140 int (*func)(uint64_t *, struct quota2_entry *, uint64_t, void *)) 141 { 142 daddr_t off = iswap64(*offp); 143 struct bufarea *bp, *obp = hbp; 144 int ret; 145 struct quota2_entry *q2e; 146 147 while (off != 0) { 148 if (off < sblock->fs_bsize) { 149 /* in the header block */ 150 bp = hbp; 151 } else { 152 if (readblk(dp, off, &bp) != sblock->fs_bsize || 153 bp->b_errs != 0) { 154 pwarn("CAN'T READ QUOTA BLOCK"); 155 return FSCK_EXIT_CHECK_FAILED; 156 } 157 } 158 q2e = (void *)((caddr_t)(bp->b_un.b_buf) + 159 (off % sblock->fs_bsize)); 160 ret = (*func)(offp, q2e, off, a); 161 if (ret & Q2WL_DIRTY) 162 dirty(bp); 163 if (ret & Q2WL_ABORT) 164 return FSCK_EXIT_CHECK_FAILED; 165 if ((uint64_t)off != iswap64(*offp)) { 166 /* callback changed parent's pointer, redo */ 167 dirty(obp); 168 off = iswap64(*offp); 169 if (bp != hbp && bp != obp) 170 bp->b_flags &= ~B_INUSE; 171 } else { 172 /* parent if now current */ 173 if (obp != bp && obp != hbp) 174 obp->b_flags &= ~B_INUSE; 175 obp = bp; 176 offp = &(q2e->q2e_next); 177 off = iswap64(*offp); 178 } 179 } 180 if (obp != hbp) 181 obp->b_flags &= ~B_INUSE; 182 return 0; 183 } 184 185 static int quota2_list_check(uint64_t *, struct quota2_entry *, uint64_t, 186 void *); 187 static int 188 quota2_list_check(uint64_t *offp, struct quota2_entry *q2e, uint64_t off, 189 void *v) 190 { 191 int *hash = v; 192 const int quota2_hash_size = 1 << q2h_hash_shift; 193 const int quota2_full_header_size = sizeof(struct quota2_header) + 194 sizeof(uint64_t) * quota2_hash_size; 195 uint64_t blk = off / sblock->fs_bsize; 196 uint64_t boff = off % sblock->fs_bsize; 197 int qidx = off2qindex((blk == 0) ? quota2_full_header_size : 0, boff); 198 199 /* check that we're not already in a list */ 200 if (!isset(quotamap[blk], qidx)) { 201 pwarn("DUPLICATE QUOTA ENTRY"); 202 } else { 203 clrbit(quotamap[blk], qidx); 204 /* check that we're in the right hash entry */ 205 if (*hash < 0) 206 return 0; 207 if ((uint32_t)*hash == (iswap32(q2e->q2e_uid) & q2h_hash_mask)) 208 return 0; 209 210 pwarn("QUOTA uid %d IN WRONG HASH LIST %d", 211 iswap32(q2e->q2e_uid), *hash); 212 /* 213 * remove from list, but keep the bit so 214 * it'll be added back to the free list 215 */ 216 setbit(quotamap[blk], qidx); 217 } 218 219 if (preen) 220 printf(" (FIXED)\n"); 221 else if (!reply("FIX")) { 222 markclean = 0; 223 return 0; 224 } 225 /* remove this entry from the list */ 226 *offp = q2e->q2e_next; 227 q2e->q2e_next = 0; 228 return Q2WL_DIRTY; 229 } 230 231 int 232 quota2_check_inode(int type) 233 { 234 const char *strtype = (type == USRQUOTA) ? "user" : "group"; 235 const char *capstrtype = (type == USRQUOTA) ? "USER" : "GROUP"; 236 237 struct bufarea *bp, *hbp; 238 union dinode *dp; 239 struct quota2_header *q2h; 240 struct quota2_entry *q2e; 241 int freei = 0; 242 int mode; 243 daddr_t off; 244 int nq2e, nq2map, i, j, ret; 245 uint64_t /* blocks, e_blocks, */ filesize; 246 247 const int quota2_hash_size = 1 << q2h_hash_shift; 248 const int quota2_full_header_size = sizeof(struct quota2_header) + 249 sizeof(q2h->q2h_entries[0]) * quota2_hash_size; 250 251 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(type)) == 0) 252 return 0; 253 if (sblock->fs_quotafile[type] != 0) { 254 struct inostat *info; 255 256 info = inoinfo(sblock->fs_quotafile[type]); 257 switch(info->ino_state) { 258 case FSTATE: 259 break; 260 case DSTATE: 261 freei = 1; 262 /* FALLTHROUGH */ 263 case DFOUND: 264 pwarn("%s QUOTA INODE %" PRIu64 " IS A DIRECTORY", 265 capstrtype, sblock->fs_quotafile[type]); 266 goto clear; 267 case USTATE: 268 case DCLEAR: 269 case FCLEAR: 270 pwarn("UNALLOCATED %s QUOTA INODE %" PRIu64, 271 capstrtype, sblock->fs_quotafile[type]); 272 goto clear; 273 default: 274 pfatal("INTERNAL ERROR: wrong quota inode %" PRIu64 275 " type %d\n", sblock->fs_quotafile[type], 276 info->ino_state); 277 exit(FSCK_EXIT_CHECK_FAILED); 278 } 279 dp = ginode(sblock->fs_quotafile[type]); 280 mode = iswap16(DIP(dp, mode)) & IFMT; 281 switch(mode) { 282 case IFREG: 283 break; 284 default: 285 pwarn("WRONG TYPE %d for %s QUOTA INODE %" PRIu64, 286 mode, capstrtype, sblock->fs_quotafile[type]); 287 freei = 1; 288 goto clear; 289 } 290 #if 0 291 blocks = is_ufs2 ? iswap64(dp->dp2.di_blocks) : 292 iswap32(dp->dp1.di_blocks); 293 filesize = iswap64(DIP(dp, size)); 294 e_blocks = btodb(filesize); 295 if (btodb(filesize) != blocks) { 296 pwarn("%s QUOTA INODE %" PRIu64 " HAS EMPTY BLOCKS", 297 capstrtype, sblock->fs_quotafile[type]); 298 freei = 1; 299 goto clear; 300 } 301 #endif 302 if (readblk(dp, 0, &hbp) != sblock->fs_bsize || 303 hbp->b_errs != 0) { 304 freeino(sblock->fs_quotafile[type]); 305 sblock->fs_quotafile[type] = 0; 306 goto alloc; 307 } 308 q2h = (void *)hbp->b_un.b_buf; 309 if (q2h->q2h_magic_number != iswap32(Q2_HEAD_MAGIC) || 310 q2h->q2h_type != type || 311 q2h->q2h_hash_shift != q2h_hash_shift || 312 q2h->q2h_hash_size != iswap16(quota2_hash_size)) { 313 pwarn("CORRUPTED %s QUOTA INODE %" PRIu64, capstrtype, 314 sblock->fs_quotafile[type]); 315 freei = 1; 316 hbp->b_flags &= ~B_INUSE; 317 clear: 318 if (preen) 319 printf(" (CLEARED)\n"); 320 else { 321 if (!reply("CLEAR")) { 322 markclean = 0; 323 return FSCK_EXIT_CHECK_FAILED; 324 } 325 } 326 if (freei) 327 freeino(sblock->fs_quotafile[type]); 328 sblock->fs_quotafile[type] = 0; 329 } 330 } 331 alloc: 332 if (sblock->fs_quotafile[type] == 0) { 333 pwarn("NO %s QUOTA INODE", capstrtype); 334 if (preen) 335 printf(" (CREATED)\n"); 336 else { 337 if (!reply("CREATE")) { 338 markclean = 0; 339 return FSCK_EXIT_CHECK_FAILED; 340 } 341 } 342 quota2_create_inode(sblock, type); 343 } 344 345 dp = ginode(sblock->fs_quotafile[type]); 346 if (readblk(dp, 0, &hbp) != sblock->fs_bsize || 347 hbp->b_errs != 0) { 348 pfatal("can't re-read %s quota header\n", strtype); 349 exit(FSCK_EXIT_CHECK_FAILED); 350 } 351 q2h = (void *)hbp->b_un.b_buf; 352 filesize = iswap64(DIP(dp, size)); 353 nq2map = filesize / sblock->fs_bsize; 354 quotamap = malloc(sizeof(*quotamap) * nq2map); 355 /* map for full blocks */ 356 for (i = 0; i < nq2map; i++) { 357 nq2e = (sblock->fs_bsize - 358 ((i == 0) ? quota2_full_header_size : 0)) / sizeof(*q2e); 359 quotamap[i] = calloc(roundup(howmany(nq2e, NBBY), 360 sizeof(int16_t)), sizeof(char)); 361 for (j = 0; j < nq2e; j++) 362 setbit(quotamap[i], j); 363 } 364 365 /* check that all entries are in the lists (and only once) */ 366 i = -1; 367 ret = quota2_walk_list(dp, hbp, &q2h->q2h_free, &i, quota2_list_check); 368 if (ret) 369 return ret; 370 for (i = 0; i < quota2_hash_size; i++) { 371 ret = quota2_walk_list(dp, hbp, &q2h->q2h_entries[i], &i, 372 quota2_list_check); 373 if (ret) 374 return ret; 375 } 376 for (i = 0; i < nq2map; i++) { 377 nq2e = (sblock->fs_bsize - 378 ((i == 0) ? quota2_full_header_size : 0)) / sizeof(*q2e); 379 for (j = 0; j < nq2e; j++) { 380 if (!isset(quotamap[i], j)) 381 continue; 382 pwarn("QUOTA ENTRY NOT IN LIST"); 383 if (preen) 384 printf(" (FIXED)\n"); 385 else if (!reply("FIX")) { 386 markclean = 0; 387 break; 388 } 389 off = qindex2off( 390 (i == 0) ? quota2_full_header_size : 0, j); 391 if (i == 0) 392 bp = hbp; 393 else { 394 if (readblk(dp, i * sblock->fs_bsize, &bp) 395 != sblock->fs_bsize || bp->b_errs != 0) { 396 pfatal("can't read %s quota entry\n", 397 strtype); 398 break; 399 } 400 } 401 q2e = (void *)((caddr_t)(bp->b_un.b_buf) + off); 402 q2e->q2e_next = q2h->q2h_free; 403 q2h->q2h_free = iswap64(off + i * sblock->fs_bsize); 404 dirty(bp); 405 dirty(hbp); 406 if (bp != hbp) 407 bp->b_flags &= ~B_INUSE; 408 } 409 } 410 hbp->b_flags &= ~B_INUSE; 411 return 0; 412 } 413 414 /* compare/update on-disk usages to what we computed */ 415 416 struct qcheck_arg { 417 const char *capstrtype; 418 struct uquot_hash *uquot_hash; 419 }; 420 421 static int quota2_list_qcheck(uint64_t *, struct quota2_entry *, uint64_t, 422 void *); 423 static int 424 quota2_list_qcheck(uint64_t *offp, struct quota2_entry *q2e, uint64_t off, 425 void *v) 426 { 427 uid_t uid = iswap32(q2e->q2e_uid); 428 struct qcheck_arg *a = v; 429 struct uquot *uq; 430 struct uquot uq_null; 431 432 memset(&uq_null, 0, sizeof(uq_null)); 433 434 uq = find_uquot(a->uquot_hash, uid, 0); 435 436 if (uq == NULL) 437 uq = &uq_null; 438 else 439 remove_uquot(a->uquot_hash, uq); 440 441 if (iswap64(q2e->q2e_val[QL_BLOCK].q2v_cur) == uq->uq_b && 442 iswap64(q2e->q2e_val[QL_FILE].q2v_cur) == uq->uq_i) 443 return 0; 444 pwarn("%s QUOTA MISMATCH FOR ID %d: %" PRIu64 "/%" PRIu64 " SHOULD BE " 445 "%" PRIu64 "/%" PRIu64, a->capstrtype, uid, 446 iswap64(q2e->q2e_val[QL_BLOCK].q2v_cur), 447 iswap64(q2e->q2e_val[QL_FILE].q2v_cur), uq->uq_b, uq->uq_i); 448 if (preen) { 449 printf(" (FIXED)\n"); 450 } else if (!reply("FIX")) { 451 markclean = 0; 452 return 0; 453 } 454 q2e->q2e_val[QL_BLOCK].q2v_cur = iswap64(uq->uq_b); 455 q2e->q2e_val[QL_FILE].q2v_cur = iswap64(uq->uq_i); 456 return Q2WL_DIRTY; 457 } 458 459 int 460 quota2_check_usage(int type) 461 { 462 const char *strtype = (type == USRQUOTA) ? "user" : "group"; 463 const char *capstrtype = (type == USRQUOTA) ? "USER" : "GROUP"; 464 465 struct bufarea *hbp; 466 union dinode *dp; 467 struct quota2_header *q2h; 468 struct qcheck_arg a; 469 int i, ret; 470 const int quota2_hash_size = 1 << q2h_hash_shift; 471 472 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(type)) == 0) 473 return 0; 474 475 a.capstrtype = capstrtype; 476 a.uquot_hash = 477 (type == USRQUOTA) ? uquot_user_hash : uquot_group_hash; 478 dp = ginode(sblock->fs_quotafile[type]); 479 if (readblk(dp, 0, &hbp) != sblock->fs_bsize || 480 hbp->b_errs != 0) { 481 pfatal("can't re-read %s quota header\n", strtype); 482 exit(FSCK_EXIT_CHECK_FAILED); 483 } 484 q2h = (void *)hbp->b_un.b_buf; 485 for (i = 0; i < quota2_hash_size; i++) { 486 ret = quota2_walk_list(dp, hbp, &q2h->q2h_entries[i], &a, 487 quota2_list_qcheck); 488 if (ret) 489 return ret; 490 } 491 492 for (i = 0; i < quota2_hash_size; i++) { 493 struct uquot *uq; 494 SLIST_FOREACH(uq, &a.uquot_hash[i], uq_entries) { 495 pwarn("%s QUOTA MISMATCH FOR ID %d: 0/0" 496 " SHOULD BE %" PRIu64 "/%" PRIu64, capstrtype, 497 uq->uq_uid, uq->uq_b, uq->uq_i); 498 if (preen) { 499 printf(" (ALLOCATED)\n"); 500 } else if (!reply("ALLOC")) { 501 markclean = 0; 502 return 0; 503 } 504 ret = quota2_alloc_quota(dp, hbp, 505 uq->uq_uid, uq->uq_b, uq->uq_i); 506 if (ret) 507 return ret; 508 } 509 } 510 hbp->b_flags &= ~B_INUSE; 511 return 0; 512 } 513 514 /* 515 * check if a quota check needs to be run, regardless of the clean flag 516 */ 517 int 518 quota2_check_doquota(void) 519 { 520 int retval = 1; 521 522 if ((sblock->fs_flags & FS_DOQUOTA2) == 0) 523 return 1; 524 if (sblock->fs_quota_magic != Q2_HEAD_MAGIC) { 525 pfatal("Invalid quota magic number\n"); 526 if (preen) 527 return 0; 528 if (reply("CONTINUE") == 0) { 529 exit(FSCK_EXIT_CHECK_FAILED); 530 } 531 return 0; 532 } 533 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(USRQUOTA)) && 534 sblock->fs_quotafile[USRQUOTA] == 0) { 535 pwarn("no user quota inode\n"); 536 retval = 0; 537 } 538 if ((sblock->fs_quota_flags & FS_Q2_DO_TYPE(GRPQUOTA)) && 539 sblock->fs_quotafile[GRPQUOTA] == 0) { 540 pwarn("no group quota inode\n"); 541 retval = 0; 542 } 543 if (preen) 544 return retval; 545 if (!retval) { 546 if (reply("CONTINUE") == 0) { 547 exit(FSCK_EXIT_CHECK_FAILED); 548 } 549 return 0; 550 } 551 return 1; 552 } 553
Indexes created Mon Oct 20 20:10:13 GMT 2025