ufs_quota.c revision 1.59
1 /* $NetBSD: ufs_quota.c,v 1.59 2008/03/21 21:55:01 ad Exp $ */ 2 3 /* 4 * Copyright (c) 1982, 1986, 1990, 1993, 1995 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Robert Elz at The University of Melbourne. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * @(#)ufs_quota.c 8.5 (Berkeley) 5/20/95 35 */ 36 37 #include <sys/cdefs.h> 38 __KERNEL_RCSID(0, "$NetBSD: ufs_quota.c,v 1.59 2008/03/21 21:55:01 ad Exp $"); 39 40 #include <sys/param.h> 41 #include <sys/kernel.h> 42 #include <sys/systm.h> 43 #include <sys/namei.h> 44 #include <sys/malloc.h> 45 #include <sys/file.h> 46 #include <sys/proc.h> 47 #include <sys/vnode.h> 48 #include <sys/mount.h> 49 #include <sys/kauth.h> 50 51 #include <ufs/ufs/quota.h> 52 #include <ufs/ufs/inode.h> 53 #include <ufs/ufs/ufsmount.h> 54 #include <ufs/ufs/ufs_extern.h> 55 56 /* 57 * The following structure records disk usage for a user or group on a 58 * filesystem. There is one allocated for each quota that exists on any 59 * filesystem for the current user or group. A cache is kept of recently 60 * used entries. 61 * Field markings and the corresponding locks: 62 * h: dqlock 63 * d: dq_interlock 64 * 65 * Lock order is: dq_interlock -> dqlock 66 * dq_interlock -> dqvp 67 */ 68 struct dquot { 69 LIST_ENTRY(dquot) dq_hash; /* h: hash list */ 70 u_int16_t dq_flags; /* d: flags, see below */ 71 u_int16_t dq_type; /* d: quota type of this dquot */ 72 u_int32_t dq_cnt; /* h: count of active references */ 73 u_int32_t dq_id; /* d: identifier this applies to */ 74 struct ufsmount *dq_ump; /* d: filesystem this is taken from */ 75 kmutex_t dq_interlock; /* d: lock this dquot */ 76 struct dqblk dq_dqb; /* d: actual usage & quotas */ 77 }; 78 /* 79 * Flag values. 80 */ 81 #define DQ_MOD 0x04 /* this quota modified since read */ 82 #define DQ_FAKE 0x08 /* no limits here, just usage */ 83 #define DQ_BLKS 0x10 /* has been warned about blk limit */ 84 #define DQ_INODS 0x20 /* has been warned about inode limit */ 85 /* 86 * Shorthand notation. 87 */ 88 #define dq_bhardlimit dq_dqb.dqb_bhardlimit 89 #define dq_bsoftlimit dq_dqb.dqb_bsoftlimit 90 #define dq_curblocks dq_dqb.dqb_curblocks 91 #define dq_ihardlimit dq_dqb.dqb_ihardlimit 92 #define dq_isoftlimit dq_dqb.dqb_isoftlimit 93 #define dq_curinodes dq_dqb.dqb_curinodes 94 #define dq_btime dq_dqb.dqb_btime 95 #define dq_itime dq_dqb.dqb_itime 96 /* 97 * If the system has never checked for a quota for this file, then it is 98 * set to NODQUOT. Once a write attempt is made the inode pointer is set 99 * to reference a dquot structure. 100 */ 101 #define NODQUOT NULL 102 103 static int chkdqchg(struct inode *, int64_t, kauth_cred_t, int); 104 static int chkiqchg(struct inode *, int32_t, kauth_cred_t, int); 105 #ifdef DIAGNOSTIC 106 static void dqflush(struct vnode *); 107 #endif 108 static int dqget(struct vnode *, u_long, struct ufsmount *, int, 109 struct dquot **); 110 static void dqref(struct dquot *); 111 static void dqrele(struct vnode *, struct dquot *); 112 static int dqsync(struct vnode *, struct dquot *); 113 114 static kmutex_t dqlock; 115 static kcondvar_t dqcv; 116 /* 117 * Quota name to error message mapping. 118 */ 119 static const char *quotatypes[] = INITQFNAMES; 120 121 /* 122 * Set up the quotas for an inode. 123 * 124 * This routine completely defines the semantics of quotas. 125 * If other criterion want to be used to establish quotas, the 126 * MAXQUOTAS value in quotas.h should be increased, and the 127 * additional dquots set up here. 128 */ 129 int 130 getinoquota(struct inode *ip) 131 { 132 struct ufsmount *ump = ip->i_ump; 133 struct vnode *vp = ITOV(ip); 134 int i, error; 135 u_int32_t ino_ids[MAXQUOTAS]; 136 137 /* 138 * To avoid deadlocks never update quotas for quota files 139 * on the same file system 140 */ 141 for (i = 0; i < MAXQUOTAS; i++) 142 if (ITOV(ip) == ump->um_quotas[i]) 143 return 0; 144 145 ino_ids[USRQUOTA] = ip->i_uid; 146 ino_ids[GRPQUOTA] = ip->i_gid; 147 for (i = 0; i < MAXQUOTAS; i++) { 148 /* 149 * If the file id changed the quota needs update. 150 */ 151 if (ip->i_dquot[i] != NODQUOT && 152 ip->i_dquot[i]->dq_id != ino_ids[i]) { 153 dqrele(ITOV(ip), ip->i_dquot[i]); 154 ip->i_dquot[i] = NODQUOT; 155 } 156 /* 157 * Set up the quota based on file id. 158 * EINVAL means that quotas are not enabled. 159 */ 160 if (ip->i_dquot[i] == NODQUOT && 161 (error = dqget(vp, ino_ids[i], ump, i, &ip->i_dquot[i])) && 162 error != EINVAL) 163 return (error); 164 } 165 return 0; 166 } 167 168 /* 169 * Initialize the quota fields of an inode. 170 */ 171 void 172 ufsquota_init(struct inode *ip) 173 { 174 int i; 175 176 for (i = 0; i < MAXQUOTAS; i++) 177 ip->i_dquot[i] = NODQUOT; 178 } 179 180 /* 181 * Release the quota fields from an inode. 182 */ 183 void 184 ufsquota_free(struct inode *ip) 185 { 186 int i; 187 188 for (i = 0; i < MAXQUOTAS; i++) { 189 dqrele(ITOV(ip), ip->i_dquot[i]); 190 ip->i_dquot[i] = NODQUOT; 191 } 192 } 193 194 /* 195 * Update disk usage, and take corrective action. 196 */ 197 int 198 chkdq(struct inode *ip, int64_t change, kauth_cred_t cred, int flags) 199 { 200 struct dquot *dq; 201 int i; 202 int ncurblocks, error; 203 204 if ((error = getinoquota(ip)) != 0) 205 return error; 206 if (change == 0) 207 return (0); 208 if (change < 0) { 209 for (i = 0; i < MAXQUOTAS; i++) { 210 if ((dq = ip->i_dquot[i]) == NODQUOT) 211 continue; 212 mutex_enter(&dq->dq_interlock); 213 ncurblocks = dq->dq_curblocks + change; 214 if (ncurblocks >= 0) 215 dq->dq_curblocks = ncurblocks; 216 else 217 dq->dq_curblocks = 0; 218 dq->dq_flags &= ~DQ_BLKS; 219 dq->dq_flags |= DQ_MOD; 220 mutex_exit(&dq->dq_interlock); 221 } 222 return (0); 223 } 224 if ((flags & FORCE) == 0 && 225 kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL) != 0) { 226 for (i = 0; i < MAXQUOTAS; i++) { 227 if ((dq = ip->i_dquot[i]) == NODQUOT) 228 continue; 229 mutex_enter(&dq->dq_interlock); 230 error = chkdqchg(ip, change, cred, i); 231 mutex_exit(&dq->dq_interlock); 232 if (error != 0) 233 return (error); 234 } 235 } 236 for (i = 0; i < MAXQUOTAS; i++) { 237 if ((dq = ip->i_dquot[i]) == NODQUOT) 238 continue; 239 mutex_enter(&dq->dq_interlock); 240 dq->dq_curblocks += change; 241 dq->dq_flags |= DQ_MOD; 242 mutex_exit(&dq->dq_interlock); 243 } 244 return (0); 245 } 246 247 /* 248 * Check for a valid change to a users allocation. 249 * Issue an error message if appropriate. 250 */ 251 static int 252 chkdqchg(struct inode *ip, int64_t change, kauth_cred_t cred, int type) 253 { 254 struct dquot *dq = ip->i_dquot[type]; 255 long ncurblocks = dq->dq_curblocks + change; 256 257 KASSERT(mutex_owned(&dq->dq_interlock)); 258 /* 259 * If user would exceed their hard limit, disallow space allocation. 260 */ 261 if (ncurblocks >= dq->dq_bhardlimit && dq->dq_bhardlimit) { 262 if ((dq->dq_flags & DQ_BLKS) == 0 && 263 ip->i_uid == kauth_cred_geteuid(cred)) { 264 uprintf("\n%s: write failed, %s disk limit reached\n", 265 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 266 quotatypes[type]); 267 dq->dq_flags |= DQ_BLKS; 268 } 269 return (EDQUOT); 270 } 271 /* 272 * If user is over their soft limit for too long, disallow space 273 * allocation. Reset time limit as they cross their soft limit. 274 */ 275 if (ncurblocks >= dq->dq_bsoftlimit && dq->dq_bsoftlimit) { 276 if (dq->dq_curblocks < dq->dq_bsoftlimit) { 277 dq->dq_btime = time_second + ip->i_ump->um_btime[type]; 278 if (ip->i_uid == kauth_cred_geteuid(cred)) 279 uprintf("\n%s: warning, %s %s\n", 280 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 281 quotatypes[type], "disk quota exceeded"); 282 return (0); 283 } 284 if (time_second > dq->dq_btime) { 285 if ((dq->dq_flags & DQ_BLKS) == 0 && 286 ip->i_uid == kauth_cred_geteuid(cred)) { 287 uprintf("\n%s: write failed, %s %s\n", 288 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 289 quotatypes[type], 290 "disk quota exceeded for too long"); 291 dq->dq_flags |= DQ_BLKS; 292 } 293 return (EDQUOT); 294 } 295 } 296 return (0); 297 } 298 299 /* 300 * Check the inode limit, applying corrective action. 301 */ 302 int 303 chkiq(struct inode *ip, int32_t change, kauth_cred_t cred, int flags) 304 { 305 struct dquot *dq; 306 int i; 307 int ncurinodes, error; 308 309 if ((error = getinoquota(ip)) != 0) 310 return error; 311 if (change == 0) 312 return (0); 313 if (change < 0) { 314 for (i = 0; i < MAXQUOTAS; i++) { 315 if ((dq = ip->i_dquot[i]) == NODQUOT) 316 continue; 317 mutex_enter(&dq->dq_interlock); 318 ncurinodes = dq->dq_curinodes + change; 319 if (ncurinodes >= 0) 320 dq->dq_curinodes = ncurinodes; 321 else 322 dq->dq_curinodes = 0; 323 dq->dq_flags &= ~DQ_INODS; 324 dq->dq_flags |= DQ_MOD; 325 mutex_exit(&dq->dq_interlock); 326 } 327 return (0); 328 } 329 if ((flags & FORCE) == 0 && kauth_authorize_generic(cred, 330 KAUTH_GENERIC_ISSUSER, NULL) != 0) { 331 for (i = 0; i < MAXQUOTAS; i++) { 332 if ((dq = ip->i_dquot[i]) == NODQUOT) 333 continue; 334 mutex_enter(&dq->dq_interlock); 335 error = chkiqchg(ip, change, cred, i); 336 mutex_exit(&dq->dq_interlock); 337 if (error != 0) 338 return (error); 339 } 340 } 341 for (i = 0; i < MAXQUOTAS; i++) { 342 if ((dq = ip->i_dquot[i]) == NODQUOT) 343 continue; 344 mutex_enter(&dq->dq_interlock); 345 dq->dq_curinodes += change; 346 dq->dq_flags |= DQ_MOD; 347 mutex_exit(&dq->dq_interlock); 348 } 349 return (0); 350 } 351 352 /* 353 * Check for a valid change to a users allocation. 354 * Issue an error message if appropriate. 355 */ 356 static int 357 chkiqchg(struct inode *ip, int32_t change, kauth_cred_t cred, int type) 358 { 359 struct dquot *dq = ip->i_dquot[type]; 360 long ncurinodes = dq->dq_curinodes + change; 361 362 KASSERT(mutex_owned(&dq->dq_interlock)); 363 /* 364 * If user would exceed their hard limit, disallow inode allocation. 365 */ 366 if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) { 367 if ((dq->dq_flags & DQ_INODS) == 0 && 368 ip->i_uid == kauth_cred_geteuid(cred)) { 369 uprintf("\n%s: write failed, %s inode limit reached\n", 370 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 371 quotatypes[type]); 372 dq->dq_flags |= DQ_INODS; 373 } 374 return (EDQUOT); 375 } 376 /* 377 * If user is over their soft limit for too long, disallow inode 378 * allocation. Reset time limit as they cross their soft limit. 379 */ 380 if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) { 381 if (dq->dq_curinodes < dq->dq_isoftlimit) { 382 dq->dq_itime = time_second + ip->i_ump->um_itime[type]; 383 if (ip->i_uid == kauth_cred_geteuid(cred)) 384 uprintf("\n%s: warning, %s %s\n", 385 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 386 quotatypes[type], "inode quota exceeded"); 387 return (0); 388 } 389 if (time_second > dq->dq_itime) { 390 if ((dq->dq_flags & DQ_INODS) == 0 && 391 ip->i_uid == kauth_cred_geteuid(cred)) { 392 uprintf("\n%s: write failed, %s %s\n", 393 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 394 quotatypes[type], 395 "inode quota exceeded for too long"); 396 dq->dq_flags |= DQ_INODS; 397 } 398 return (EDQUOT); 399 } 400 } 401 return (0); 402 } 403 404 /* 405 * Code to process quotactl commands. 406 */ 407 408 /* 409 * Q_QUOTAON - set up a quota file for a particular file system. 410 */ 411 int 412 quotaon(struct lwp *l, struct mount *mp, int type, void *fname) 413 { 414 struct ufsmount *ump = VFSTOUFS(mp); 415 struct vnode *vp, **vpp, *mvp; 416 struct dquot *dq; 417 int error; 418 struct nameidata nd; 419 420 vpp = &ump->um_quotas[type]; 421 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, fname); 422 if ((error = vn_open(&nd, FREAD|FWRITE, 0)) != 0) 423 return (error); 424 vp = nd.ni_vp; 425 VOP_UNLOCK(vp, 0); 426 if (vp->v_type != VREG) { 427 (void) vn_close(vp, FREAD|FWRITE, l->l_cred); 428 return (EACCES); 429 } 430 if (*vpp != vp) 431 quotaoff(l, mp, type); 432 mutex_enter(&dqlock); 433 while ((ump->um_qflags[type] & (QTF_CLOSING | QTF_OPENING)) != 0) 434 cv_wait(&dqcv, &dqlock); 435 ump->um_qflags[type] |= QTF_OPENING; 436 mutex_exit(&dqlock); 437 mp->mnt_flag |= MNT_QUOTA; 438 vp->v_vflag |= VV_SYSTEM; /* XXXSMP */ 439 *vpp = vp; 440 /* 441 * Save the credential of the process that turned on quotas. 442 * Set up the time limits for this quota. 443 */ 444 kauth_cred_hold(l->l_cred); 445 ump->um_cred[type] = l->l_cred; 446 ump->um_btime[type] = MAX_DQ_TIME; 447 ump->um_itime[type] = MAX_IQ_TIME; 448 if (dqget(NULLVP, 0, ump, type, &dq) == 0) { 449 if (dq->dq_btime > 0) 450 ump->um_btime[type] = dq->dq_btime; 451 if (dq->dq_itime > 0) 452 ump->um_itime[type] = dq->dq_itime; 453 dqrele(NULLVP, dq); 454 } 455 /* Allocate a marker vnode. */ 456 if ((mvp = vnalloc(mp)) == NULL) { 457 error = ENOMEM; 458 goto out; 459 } 460 /* 461 * Search vnodes associated with this mount point, 462 * adding references to quota file being opened. 463 * NB: only need to add dquot's for inodes being modified. 464 */ 465 mutex_enter(&mntvnode_lock); 466 again: 467 for (vp = TAILQ_FIRST(&mp->mnt_vnodelist); vp; vp = vunmark(mvp)) { 468 vmark(mvp, vp); 469 mutex_enter(&vp->v_interlock); 470 if (vp->v_mount != mp || vismarker(vp) || 471 vp->v_type == VNON || vp->v_writecount == 0 || 472 (vp->v_iflag & VI_CLEAN) != 0) { 473 mutex_exit(&vp->v_interlock); 474 continue; 475 } 476 mutex_exit(&mntvnode_lock); 477 if (vget(vp, LK_EXCLUSIVE | LK_INTERLOCK)) { 478 mutex_enter(&mntvnode_lock); 479 (void)vunmark(mvp); 480 goto again; 481 } 482 if ((error = getinoquota(VTOI(vp))) != 0) { 483 vput(vp); 484 mutex_enter(&mntvnode_lock); 485 (void)vunmark(mvp); 486 break; 487 } 488 vput(vp); 489 mutex_enter(&mntvnode_lock); 490 } 491 mutex_exit(&mntvnode_lock); 492 vnfree(mvp); 493 out: 494 mutex_enter(&dqlock); 495 ump->um_qflags[type] &= ~QTF_OPENING; 496 cv_broadcast(&dqcv); 497 mutex_exit(&dqlock); 498 if (error) 499 quotaoff(l, mp, type); 500 return (error); 501 } 502 503 /* 504 * Q_QUOTAOFF - turn off disk quotas for a filesystem. 505 */ 506 int 507 quotaoff(struct lwp *l, struct mount *mp, int type) 508 { 509 struct vnode *vp; 510 struct vnode *qvp, *mvp; 511 struct ufsmount *ump = VFSTOUFS(mp); 512 struct dquot *dq; 513 struct inode *ip; 514 kauth_cred_t cred; 515 int i, error; 516 517 /* Allocate a marker vnode. */ 518 if ((mvp = vnalloc(mp)) == NULL) 519 return ENOMEM; 520 521 mutex_enter(&dqlock); 522 while ((ump->um_qflags[type] & (QTF_CLOSING | QTF_OPENING)) != 0) 523 cv_wait(&dqcv, &dqlock); 524 if ((qvp = ump->um_quotas[type]) == NULLVP) { 525 mutex_exit(&dqlock); 526 vnfree(mvp); 527 return (0); 528 } 529 ump->um_qflags[type] |= QTF_CLOSING; 530 mutex_exit(&dqlock); 531 /* 532 * Search vnodes associated with this mount point, 533 * deleting any references to quota file being closed. 534 */ 535 mutex_enter(&mntvnode_lock); 536 again: 537 for (vp = TAILQ_FIRST(&mp->mnt_vnodelist); vp; vp = vunmark(mvp)) { 538 vmark(mvp, vp); 539 mutex_enter(&vp->v_interlock); 540 if (vp->v_mount != mp || vismarker(vp) || vp->v_type == VNON || 541 (vp->v_iflag & VI_CLEAN) != 0) { 542 mutex_exit(&vp->v_interlock); 543 continue; 544 } 545 mutex_exit(&mntvnode_lock); 546 if (vget(vp, LK_EXCLUSIVE | LK_INTERLOCK)) { 547 mutex_enter(&mntvnode_lock); 548 (void)vunmark(mvp); 549 goto again; 550 } 551 ip = VTOI(vp); 552 dq = ip->i_dquot[type]; 553 ip->i_dquot[type] = NODQUOT; 554 dqrele(vp, dq); 555 vput(vp); 556 mutex_enter(&mntvnode_lock); 557 } 558 mutex_exit(&mntvnode_lock); 559 #ifdef DIAGNOSTIC 560 dqflush(qvp); 561 #endif 562 qvp->v_vflag &= ~VV_SYSTEM; 563 error = vn_close(qvp, FREAD|FWRITE, l->l_cred); 564 mutex_enter(&dqlock); 565 ump->um_quotas[type] = NULLVP; 566 cred = ump->um_cred[type]; 567 ump->um_cred[type] = NOCRED; 568 for (i = 0; i < MAXQUOTAS; i++) 569 if (ump->um_quotas[i] != NULLVP) 570 break; 571 ump->um_qflags[type] &= ~QTF_CLOSING; 572 cv_broadcast(&dqcv); 573 mutex_exit(&dqlock); 574 kauth_cred_free(cred); 575 if (i == MAXQUOTAS) 576 mp->mnt_flag &= ~MNT_QUOTA; 577 return (error); 578 } 579 580 /* 581 * Q_GETQUOTA - return current values in a dqblk structure. 582 */ 583 int 584 getquota(struct mount *mp, u_long id, int type, void *addr) 585 { 586 struct dquot *dq; 587 int error; 588 589 if ((error = dqget(NULLVP, id, VFSTOUFS(mp), type, &dq)) != 0) 590 return (error); 591 error = copyout((void *)&dq->dq_dqb, addr, sizeof (struct dqblk)); 592 dqrele(NULLVP, dq); 593 return (error); 594 } 595 596 /* 597 * Q_SETQUOTA - assign an entire dqblk structure. 598 */ 599 int 600 setquota(struct mount *mp, u_long id, int type, void *addr) 601 { 602 struct dquot *dq; 603 struct dquot *ndq; 604 struct ufsmount *ump = VFSTOUFS(mp); 605 struct dqblk newlim; 606 int error; 607 608 error = copyin(addr, (void *)&newlim, sizeof (struct dqblk)); 609 if (error) 610 return (error); 611 if ((error = dqget(NULLVP, id, ump, type, &ndq)) != 0) 612 return (error); 613 dq = ndq; 614 mutex_enter(&dq->dq_interlock); 615 /* 616 * Copy all but the current values. 617 * Reset time limit if previously had no soft limit or were 618 * under it, but now have a soft limit and are over it. 619 */ 620 newlim.dqb_curblocks = dq->dq_curblocks; 621 newlim.dqb_curinodes = dq->dq_curinodes; 622 if (dq->dq_id != 0) { 623 newlim.dqb_btime = dq->dq_btime; 624 newlim.dqb_itime = dq->dq_itime; 625 } 626 if (newlim.dqb_bsoftlimit && 627 dq->dq_curblocks >= newlim.dqb_bsoftlimit && 628 (dq->dq_bsoftlimit == 0 || dq->dq_curblocks < dq->dq_bsoftlimit)) 629 newlim.dqb_btime = time_second + ump->um_btime[type]; 630 if (newlim.dqb_isoftlimit && 631 dq->dq_curinodes >= newlim.dqb_isoftlimit && 632 (dq->dq_isoftlimit == 0 || dq->dq_curinodes < dq->dq_isoftlimit)) 633 newlim.dqb_itime = time_second + ump->um_itime[type]; 634 dq->dq_dqb = newlim; 635 if (dq->dq_curblocks < dq->dq_bsoftlimit) 636 dq->dq_flags &= ~DQ_BLKS; 637 if (dq->dq_curinodes < dq->dq_isoftlimit) 638 dq->dq_flags &= ~DQ_INODS; 639 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 && 640 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0) 641 dq->dq_flags |= DQ_FAKE; 642 else 643 dq->dq_flags &= ~DQ_FAKE; 644 dq->dq_flags |= DQ_MOD; 645 mutex_exit(&dq->dq_interlock); 646 dqrele(NULLVP, dq); 647 return (0); 648 } 649 650 /* 651 * Q_SETUSE - set current inode and block usage. 652 */ 653 int 654 setuse(struct mount *mp, u_long id, int type, void *addr) 655 { 656 struct dquot *dq; 657 struct ufsmount *ump = VFSTOUFS(mp); 658 struct dquot *ndq; 659 struct dqblk usage; 660 int error; 661 662 error = copyin(addr, (void *)&usage, sizeof (struct dqblk)); 663 if (error) 664 return (error); 665 if ((error = dqget(NULLVP, id, ump, type, &ndq)) != 0) 666 return (error); 667 dq = ndq; 668 mutex_enter(&dq->dq_interlock); 669 /* 670 * Reset time limit if have a soft limit and were 671 * previously under it, but are now over it. 672 */ 673 if (dq->dq_bsoftlimit && dq->dq_curblocks < dq->dq_bsoftlimit && 674 usage.dqb_curblocks >= dq->dq_bsoftlimit) 675 dq->dq_btime = time_second + ump->um_btime[type]; 676 if (dq->dq_isoftlimit && dq->dq_curinodes < dq->dq_isoftlimit && 677 usage.dqb_curinodes >= dq->dq_isoftlimit) 678 dq->dq_itime = time_second + ump->um_itime[type]; 679 dq->dq_curblocks = usage.dqb_curblocks; 680 dq->dq_curinodes = usage.dqb_curinodes; 681 if (dq->dq_curblocks < dq->dq_bsoftlimit) 682 dq->dq_flags &= ~DQ_BLKS; 683 if (dq->dq_curinodes < dq->dq_isoftlimit) 684 dq->dq_flags &= ~DQ_INODS; 685 dq->dq_flags |= DQ_MOD; 686 mutex_exit(&dq->dq_interlock); 687 dqrele(NULLVP, dq); 688 return (0); 689 } 690 691 /* 692 * Q_SYNC - sync quota files to disk. 693 */ 694 int 695 qsync(struct mount *mp) 696 { 697 struct ufsmount *ump = VFSTOUFS(mp); 698 struct vnode *vp, *mvp; 699 struct dquot *dq; 700 int i, error; 701 702 /* 703 * Check if the mount point has any quotas. 704 * If not, simply return. 705 */ 706 for (i = 0; i < MAXQUOTAS; i++) 707 if (ump->um_quotas[i] != NULLVP) 708 break; 709 if (i == MAXQUOTAS) 710 return (0); 711 712 /* Allocate a marker vnode. */ 713 if ((mvp = vnalloc(mp)) == NULL) 714 return (ENOMEM); 715 716 /* 717 * Search vnodes associated with this mount point, 718 * synchronizing any modified dquot structures. 719 */ 720 mutex_enter(&mntvnode_lock); 721 again: 722 for (vp = TAILQ_FIRST(&mp->mnt_vnodelist); vp; vp = vunmark(mvp)) { 723 vmark(mvp, vp); 724 mutex_enter(&vp->v_interlock); 725 if (vp->v_mount != mp || vismarker(vp) || vp->v_type == VNON || 726 (vp->v_iflag & VI_CLEAN) != 0) { 727 mutex_exit(&vp->v_interlock); 728 continue; 729 } 730 mutex_exit(&mntvnode_lock); 731 error = vget(vp, LK_EXCLUSIVE | LK_NOWAIT | LK_INTERLOCK); 732 if (error) { 733 mutex_enter(&mntvnode_lock); 734 if (error == ENOENT) { 735 (void)vunmark(mvp); 736 goto again; 737 } 738 continue; 739 } 740 for (i = 0; i < MAXQUOTAS; i++) { 741 dq = VTOI(vp)->i_dquot[i]; 742 if (dq == NODQUOT) 743 continue; 744 mutex_enter(&dq->dq_interlock); 745 if (dq->dq_flags & DQ_MOD) 746 dqsync(vp, dq); 747 mutex_exit(&dq->dq_interlock); 748 } 749 vput(vp); 750 mutex_enter(&mntvnode_lock); 751 } 752 mutex_exit(&mntvnode_lock); 753 vnfree(mvp); 754 return (0); 755 } 756 757 /* 758 * Code pertaining to management of the in-core dquot data structures. 759 */ 760 #define DQHASH(dqvp, id) \ 761 (((((long)(dqvp)) >> 8) + id) & dqhash) 762 static LIST_HEAD(dqhashhead, dquot) *dqhashtbl; 763 static u_long dqhash; 764 static pool_cache_t dquot_cache; 765 766 MALLOC_JUSTDEFINE(M_DQUOT, "UFS quota", "UFS quota entries"); 767 768 /* 769 * Initialize the quota system. 770 */ 771 void 772 dqinit(void) 773 { 774 775 mutex_init(&dqlock, MUTEX_DEFAULT, IPL_NONE); 776 cv_init(&dqcv, "quota"); 777 malloc_type_attach(M_DQUOT); 778 dqhashtbl = 779 hashinit(desiredvnodes, HASH_LIST, M_DQUOT, M_WAITOK, &dqhash); 780 dquot_cache = pool_cache_init(sizeof(struct dquot), 0, 0, 0, "ufsdq", 781 NULL, IPL_NONE, NULL, NULL, NULL); 782 } 783 784 void 785 dqreinit(void) 786 { 787 struct dquot *dq; 788 struct dqhashhead *oldhash, *hash; 789 struct vnode *dqvp; 790 u_long oldmask, mask, hashval; 791 int i; 792 793 hash = hashinit(desiredvnodes, HASH_LIST, M_DQUOT, M_WAITOK, &mask); 794 mutex_enter(&dqlock); 795 oldhash = dqhashtbl; 796 oldmask = dqhash; 797 dqhashtbl = hash; 798 dqhash = mask; 799 for (i = 0; i <= oldmask; i++) { 800 while ((dq = LIST_FIRST(&oldhash[i])) != NULL) { 801 dqvp = dq->dq_ump->um_quotas[dq->dq_type]; 802 LIST_REMOVE(dq, dq_hash); 803 hashval = DQHASH(dqvp, dq->dq_id); 804 LIST_INSERT_HEAD(&dqhashtbl[hashval], dq, dq_hash); 805 } 806 } 807 mutex_exit(&dqlock); 808 hashdone(oldhash, M_DQUOT); 809 } 810 811 /* 812 * Free resources held by quota system. 813 */ 814 void 815 dqdone(void) 816 { 817 818 pool_cache_destroy(dquot_cache); 819 hashdone(dqhashtbl, M_DQUOT); 820 malloc_type_detach(M_DQUOT); 821 cv_destroy(&dqcv); 822 mutex_destroy(&dqlock); 823 } 824 825 /* 826 * Obtain a dquot structure for the specified identifier and quota file 827 * reading the information from the file if necessary. 828 */ 829 static int 830 dqget(struct vnode *vp, u_long id, struct ufsmount *ump, int type, 831 struct dquot **dqp) 832 { 833 struct dquot *dq, *ndq; 834 struct dqhashhead *dqh; 835 struct vnode *dqvp; 836 struct iovec aiov; 837 struct uio auio; 838 int error; 839 840 /* Lock to see an up to date value for QTF_CLOSING. */ 841 mutex_enter(&dqlock); 842 dqvp = ump->um_quotas[type]; 843 if (dqvp == NULLVP || (ump->um_qflags[type] & QTF_CLOSING)) { 844 mutex_exit(&dqlock); 845 *dqp = NODQUOT; 846 return (EINVAL); 847 } 848 KASSERT(dqvp != vp); 849 /* 850 * Check the cache first. 851 */ 852 dqh = &dqhashtbl[DQHASH(dqvp, id)]; 853 LIST_FOREACH(dq, dqh, dq_hash) { 854 if (dq->dq_id != id || 855 dq->dq_ump->um_quotas[dq->dq_type] != dqvp) 856 continue; 857 KASSERT(dq->dq_cnt > 0); 858 dqref(dq); 859 mutex_exit(&dqlock); 860 *dqp = dq; 861 return (0); 862 } 863 /* 864 * Not in cache, allocate a new one. 865 */ 866 mutex_exit(&dqlock); 867 ndq = pool_cache_get(dquot_cache, PR_WAITOK); 868 /* 869 * Initialize the contents of the dquot structure. 870 */ 871 memset((char *)ndq, 0, sizeof *ndq); 872 ndq->dq_flags = 0; 873 ndq->dq_id = id; 874 ndq->dq_ump = ump; 875 ndq->dq_type = type; 876 mutex_init(&ndq->dq_interlock, MUTEX_DEFAULT, IPL_NONE); 877 mutex_enter(&dqlock); 878 dqh = &dqhashtbl[DQHASH(dqvp, id)]; 879 LIST_FOREACH(dq, dqh, dq_hash) { 880 if (dq->dq_id != id || 881 dq->dq_ump->um_quotas[dq->dq_type] != dqvp) 882 continue; 883 /* 884 * Another thread beat us allocating this dquot. 885 */ 886 KASSERT(dq->dq_cnt > 0); 887 dqref(dq); 888 mutex_exit(&dqlock); 889 pool_cache_put(dquot_cache, ndq); 890 *dqp = dq; 891 return 0; 892 } 893 dq = ndq; 894 LIST_INSERT_HEAD(dqh, dq, dq_hash); 895 dqref(dq); 896 mutex_enter(&dq->dq_interlock); 897 mutex_exit(&dqlock); 898 vn_lock(dqvp, LK_EXCLUSIVE | LK_RETRY); 899 auio.uio_iov = &aiov; 900 auio.uio_iovcnt = 1; 901 aiov.iov_base = (void *)&dq->dq_dqb; 902 aiov.iov_len = sizeof (struct dqblk); 903 auio.uio_resid = sizeof (struct dqblk); 904 auio.uio_offset = (off_t)(id * sizeof (struct dqblk)); 905 auio.uio_rw = UIO_READ; 906 UIO_SETUP_SYSSPACE(&auio); 907 error = VOP_READ(dqvp, &auio, 0, ump->um_cred[type]); 908 if (auio.uio_resid == sizeof(struct dqblk) && error == 0) 909 memset((void *)&dq->dq_dqb, 0, sizeof(struct dqblk)); 910 VOP_UNLOCK(dqvp, 0); 911 /* 912 * I/O error in reading quota file, release 913 * quota structure and reflect problem to caller. 914 */ 915 if (error) { 916 mutex_enter(&dqlock); 917 LIST_REMOVE(dq, dq_hash); 918 mutex_exit(&dqlock); 919 mutex_exit(&dq->dq_interlock); 920 dqrele(vp, dq); 921 *dqp = NODQUOT; 922 return (error); 923 } 924 /* 925 * Check for no limit to enforce. 926 * Initialize time values if necessary. 927 */ 928 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 && 929 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0) 930 dq->dq_flags |= DQ_FAKE; 931 if (dq->dq_id != 0) { 932 if (dq->dq_btime == 0) 933 dq->dq_btime = time_second + ump->um_btime[type]; 934 if (dq->dq_itime == 0) 935 dq->dq_itime = time_second + ump->um_itime[type]; 936 } 937 mutex_exit(&dq->dq_interlock); 938 *dqp = dq; 939 return (0); 940 } 941 942 /* 943 * Obtain a reference to a dquot. 944 */ 945 static void 946 dqref(struct dquot *dq) 947 { 948 949 KASSERT(mutex_owned(&dqlock)); 950 dq->dq_cnt++; 951 KASSERT(dq->dq_cnt > 0); 952 } 953 954 /* 955 * Release a reference to a dquot. 956 */ 957 static void 958 dqrele(struct vnode *vp, struct dquot *dq) 959 { 960 961 if (dq == NODQUOT) 962 return; 963 mutex_enter(&dq->dq_interlock); 964 for (;;) { 965 mutex_enter(&dqlock); 966 if (dq->dq_cnt > 1) { 967 dq->dq_cnt--; 968 mutex_exit(&dqlock); 969 mutex_exit(&dq->dq_interlock); 970 return; 971 } 972 if ((dq->dq_flags & DQ_MOD) == 0) 973 break; 974 mutex_exit(&dqlock); 975 (void) dqsync(vp, dq); 976 } 977 KASSERT(dq->dq_cnt == 1 && (dq->dq_flags & DQ_MOD) == 0); 978 LIST_REMOVE(dq, dq_hash); 979 mutex_exit(&dqlock); 980 mutex_exit(&dq->dq_interlock); 981 mutex_destroy(&dq->dq_interlock); 982 pool_cache_put(dquot_cache, dq); 983 } 984 985 /* 986 * Update the disk quota in the quota file. 987 */ 988 static int 989 dqsync(struct vnode *vp, struct dquot *dq) 990 { 991 struct vnode *dqvp; 992 struct iovec aiov; 993 struct uio auio; 994 int error; 995 996 if (dq == NODQUOT) 997 panic("dqsync: dquot"); 998 KASSERT(mutex_owned(&dq->dq_interlock)); 999 if ((dq->dq_flags & DQ_MOD) == 0) 1000 return (0); 1001 if ((dqvp = dq->dq_ump->um_quotas[dq->dq_type]) == NULLVP) 1002 panic("dqsync: file"); 1003 KASSERT(dqvp != vp); 1004 vn_lock(dqvp, LK_EXCLUSIVE | LK_RETRY); 1005 auio.uio_iov = &aiov; 1006 auio.uio_iovcnt = 1; 1007 aiov.iov_base = (void *)&dq->dq_dqb; 1008 aiov.iov_len = sizeof (struct dqblk); 1009 auio.uio_resid = sizeof (struct dqblk); 1010 auio.uio_offset = (off_t)(dq->dq_id * sizeof (struct dqblk)); 1011 auio.uio_rw = UIO_WRITE; 1012 UIO_SETUP_SYSSPACE(&auio); 1013 error = VOP_WRITE(dqvp, &auio, 0, dq->dq_ump->um_cred[dq->dq_type]); 1014 if (auio.uio_resid && error == 0) 1015 error = EIO; 1016 dq->dq_flags &= ~DQ_MOD; 1017 VOP_UNLOCK(dqvp, 0); 1018 return (error); 1019 } 1020 1021 #ifdef DIAGNOSTIC 1022 /* 1023 * Check the hash chains for stray dquot's. 1024 */ 1025 static void 1026 dqflush(struct vnode *vp) 1027 { 1028 struct dquot *dq; 1029 int i; 1030 1031 mutex_enter(&dqlock); 1032 for (i = 0; i <= dqhash; i++) 1033 LIST_FOREACH(dq, &dqhashtbl[i], dq_hash) 1034 KASSERT(dq->dq_ump->um_quotas[dq->dq_type] != vp); 1035 mutex_exit(&dqlock); 1036 } 1037 #endif 1038
Indexes created Mon Oct 13 05:10:05 GMT 2025