ufs_quota.c revision 1.68
1 /* $NetBSD: ufs_quota.c,v 1.68 2010/11/19 06:44:47 dholland Exp $ */ 2 3 /* 4 * Copyright (c) 1982, 1986, 1990, 1993, 1995 5 * The Regents of the University of California. All rights reserved. 6 * 7 * This code is derived from software contributed to Berkeley by 8 * Robert Elz at The University of Melbourne. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its contributors 19 * may be used to endorse or promote products derived from this software 20 * without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 * 34 * @(#)ufs_quota.c 8.5 (Berkeley) 5/20/95 35 */ 36 37 #include <sys/cdefs.h> 38 __KERNEL_RCSID(0, "$NetBSD: ufs_quota.c,v 1.68 2010/11/19 06:44:47 dholland Exp $"); 39 40 #include <sys/param.h> 41 #include <sys/kernel.h> 42 #include <sys/systm.h> 43 #include <sys/namei.h> 44 #include <sys/file.h> 45 #include <sys/proc.h> 46 #include <sys/vnode.h> 47 #include <sys/mount.h> 48 #include <sys/kauth.h> 49 50 #include <ufs/ufs/quota.h> 51 #include <ufs/ufs/inode.h> 52 #include <ufs/ufs/ufsmount.h> 53 #include <ufs/ufs/ufs_extern.h> 54 55 /* 56 * The following structure records disk usage for a user or group on a 57 * filesystem. There is one allocated for each quota that exists on any 58 * filesystem for the current user or group. A cache is kept of recently 59 * used entries. 60 * Field markings and the corresponding locks: 61 * h: dqlock 62 * d: dq_interlock 63 * 64 * Lock order is: dq_interlock -> dqlock 65 * dq_interlock -> dqvp 66 */ 67 struct dquot { 68 LIST_ENTRY(dquot) dq_hash; /* h: hash list */ 69 u_int16_t dq_flags; /* d: flags, see below */ 70 u_int16_t dq_type; /* d: quota type of this dquot */ 71 u_int32_t dq_cnt; /* h: count of active references */ 72 u_int32_t dq_id; /* d: identifier this applies to */ 73 struct ufsmount *dq_ump; /* d: filesystem this is taken from */ 74 kmutex_t dq_interlock; /* d: lock this dquot */ 75 struct dqblk dq_dqb; /* d: actual usage & quotas */ 76 }; 77 /* 78 * Flag values. 79 */ 80 #define DQ_MOD 0x04 /* this quota modified since read */ 81 #define DQ_FAKE 0x08 /* no limits here, just usage */ 82 #define DQ_BLKS 0x10 /* has been warned about blk limit */ 83 #define DQ_INODS 0x20 /* has been warned about inode limit */ 84 /* 85 * Shorthand notation. 86 */ 87 #define dq_bhardlimit dq_dqb.dqb_bhardlimit 88 #define dq_bsoftlimit dq_dqb.dqb_bsoftlimit 89 #define dq_curblocks dq_dqb.dqb_curblocks 90 #define dq_ihardlimit dq_dqb.dqb_ihardlimit 91 #define dq_isoftlimit dq_dqb.dqb_isoftlimit 92 #define dq_curinodes dq_dqb.dqb_curinodes 93 #define dq_btime dq_dqb.dqb_btime 94 #define dq_itime dq_dqb.dqb_itime 95 /* 96 * If the system has never checked for a quota for this file, then it is 97 * set to NODQUOT. Once a write attempt is made the inode pointer is set 98 * to reference a dquot structure. 99 */ 100 #define NODQUOT NULL 101 102 static int chkdqchg(struct inode *, int64_t, kauth_cred_t, int); 103 static int chkiqchg(struct inode *, int32_t, kauth_cred_t, int); 104 #ifdef DIAGNOSTIC 105 static void dqflush(struct vnode *); 106 #endif 107 static int dqget(struct vnode *, u_long, struct ufsmount *, int, 108 struct dquot **); 109 static void dqref(struct dquot *); 110 static void dqrele(struct vnode *, struct dquot *); 111 static int dqsync(struct vnode *, struct dquot *); 112 113 static kmutex_t dqlock; 114 static kcondvar_t dqcv; 115 /* 116 * Quota name to error message mapping. 117 */ 118 static const char *quotatypes[] = INITQFNAMES; 119 120 /* 121 * Set up the quotas for an inode. 122 * 123 * This routine completely defines the semantics of quotas. 124 * If other criterion want to be used to establish quotas, the 125 * MAXQUOTAS value in quotas.h should be increased, and the 126 * additional dquots set up here. 127 */ 128 int 129 getinoquota(struct inode *ip) 130 { 131 struct ufsmount *ump = ip->i_ump; 132 struct vnode *vp = ITOV(ip); 133 int i, error; 134 u_int32_t ino_ids[MAXQUOTAS]; 135 136 /* 137 * To avoid deadlocks never update quotas for quota files 138 * on the same file system 139 */ 140 for (i = 0; i < MAXQUOTAS; i++) 141 if (ITOV(ip) == ump->um_quotas[i]) 142 return 0; 143 144 ino_ids[USRQUOTA] = ip->i_uid; 145 ino_ids[GRPQUOTA] = ip->i_gid; 146 for (i = 0; i < MAXQUOTAS; i++) { 147 /* 148 * If the file id changed the quota needs update. 149 */ 150 if (ip->i_dquot[i] != NODQUOT && 151 ip->i_dquot[i]->dq_id != ino_ids[i]) { 152 dqrele(ITOV(ip), ip->i_dquot[i]); 153 ip->i_dquot[i] = NODQUOT; 154 } 155 /* 156 * Set up the quota based on file id. 157 * EINVAL means that quotas are not enabled. 158 */ 159 if (ip->i_dquot[i] == NODQUOT && 160 (error = dqget(vp, ino_ids[i], ump, i, &ip->i_dquot[i])) && 161 error != EINVAL) 162 return (error); 163 } 164 return 0; 165 } 166 167 /* 168 * Initialize the quota fields of an inode. 169 */ 170 void 171 ufsquota_init(struct inode *ip) 172 { 173 int i; 174 175 for (i = 0; i < MAXQUOTAS; i++) 176 ip->i_dquot[i] = NODQUOT; 177 } 178 179 /* 180 * Release the quota fields from an inode. 181 */ 182 void 183 ufsquota_free(struct inode *ip) 184 { 185 int i; 186 187 for (i = 0; i < MAXQUOTAS; i++) { 188 dqrele(ITOV(ip), ip->i_dquot[i]); 189 ip->i_dquot[i] = NODQUOT; 190 } 191 } 192 193 /* 194 * Update disk usage, and take corrective action. 195 */ 196 int 197 chkdq(struct inode *ip, int64_t change, kauth_cred_t cred, int flags) 198 { 199 struct dquot *dq; 200 int i; 201 int ncurblocks, error; 202 203 if ((error = getinoquota(ip)) != 0) 204 return error; 205 if (change == 0) 206 return (0); 207 if (change < 0) { 208 for (i = 0; i < MAXQUOTAS; i++) { 209 if ((dq = ip->i_dquot[i]) == NODQUOT) 210 continue; 211 mutex_enter(&dq->dq_interlock); 212 ncurblocks = dq->dq_curblocks + change; 213 if (ncurblocks >= 0) 214 dq->dq_curblocks = ncurblocks; 215 else 216 dq->dq_curblocks = 0; 217 dq->dq_flags &= ~DQ_BLKS; 218 dq->dq_flags |= DQ_MOD; 219 mutex_exit(&dq->dq_interlock); 220 } 221 return (0); 222 } 223 if ((flags & FORCE) == 0 && 224 kauth_authorize_system(cred, KAUTH_SYSTEM_FS_QUOTA, 225 KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT, NULL, NULL, NULL) != 0) { 226 for (i = 0; i < MAXQUOTAS; i++) { 227 if ((dq = ip->i_dquot[i]) == NODQUOT) 228 continue; 229 mutex_enter(&dq->dq_interlock); 230 error = chkdqchg(ip, change, cred, i); 231 mutex_exit(&dq->dq_interlock); 232 if (error != 0) 233 return (error); 234 } 235 } 236 for (i = 0; i < MAXQUOTAS; i++) { 237 if ((dq = ip->i_dquot[i]) == NODQUOT) 238 continue; 239 mutex_enter(&dq->dq_interlock); 240 dq->dq_curblocks += change; 241 dq->dq_flags |= DQ_MOD; 242 mutex_exit(&dq->dq_interlock); 243 } 244 return (0); 245 } 246 247 /* 248 * Check for a valid change to a users allocation. 249 * Issue an error message if appropriate. 250 */ 251 static int 252 chkdqchg(struct inode *ip, int64_t change, kauth_cred_t cred, int type) 253 { 254 struct dquot *dq = ip->i_dquot[type]; 255 long ncurblocks = dq->dq_curblocks + change; 256 257 KASSERT(mutex_owned(&dq->dq_interlock)); 258 /* 259 * If user would exceed their hard limit, disallow space allocation. 260 */ 261 if (ncurblocks >= dq->dq_bhardlimit && dq->dq_bhardlimit) { 262 if ((dq->dq_flags & DQ_BLKS) == 0 && 263 ip->i_uid == kauth_cred_geteuid(cred)) { 264 uprintf("\n%s: write failed, %s disk limit reached\n", 265 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 266 quotatypes[type]); 267 dq->dq_flags |= DQ_BLKS; 268 } 269 return (EDQUOT); 270 } 271 /* 272 * If user is over their soft limit for too long, disallow space 273 * allocation. Reset time limit as they cross their soft limit. 274 */ 275 if (ncurblocks >= dq->dq_bsoftlimit && dq->dq_bsoftlimit) { 276 if (dq->dq_curblocks < dq->dq_bsoftlimit) { 277 dq->dq_btime = time_second + ip->i_ump->um_btime[type]; 278 if (ip->i_uid == kauth_cred_geteuid(cred)) 279 uprintf("\n%s: warning, %s %s\n", 280 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 281 quotatypes[type], "disk quota exceeded"); 282 return (0); 283 } 284 if (time_second > dq->dq_btime) { 285 if ((dq->dq_flags & DQ_BLKS) == 0 && 286 ip->i_uid == kauth_cred_geteuid(cred)) { 287 uprintf("\n%s: write failed, %s %s\n", 288 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 289 quotatypes[type], 290 "disk quota exceeded for too long"); 291 dq->dq_flags |= DQ_BLKS; 292 } 293 return (EDQUOT); 294 } 295 } 296 return (0); 297 } 298 299 /* 300 * Check the inode limit, applying corrective action. 301 */ 302 int 303 chkiq(struct inode *ip, int32_t change, kauth_cred_t cred, int flags) 304 { 305 struct dquot *dq; 306 int i; 307 int ncurinodes, error; 308 309 if ((error = getinoquota(ip)) != 0) 310 return error; 311 if (change == 0) 312 return (0); 313 if (change < 0) { 314 for (i = 0; i < MAXQUOTAS; i++) { 315 if ((dq = ip->i_dquot[i]) == NODQUOT) 316 continue; 317 mutex_enter(&dq->dq_interlock); 318 ncurinodes = dq->dq_curinodes + change; 319 if (ncurinodes >= 0) 320 dq->dq_curinodes = ncurinodes; 321 else 322 dq->dq_curinodes = 0; 323 dq->dq_flags &= ~DQ_INODS; 324 dq->dq_flags |= DQ_MOD; 325 mutex_exit(&dq->dq_interlock); 326 } 327 return (0); 328 } 329 if ((flags & FORCE) == 0 && kauth_authorize_system(cred, 330 KAUTH_SYSTEM_FS_QUOTA, KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT, NULL, 331 NULL, NULL) != 0) { 332 for (i = 0; i < MAXQUOTAS; i++) { 333 if ((dq = ip->i_dquot[i]) == NODQUOT) 334 continue; 335 mutex_enter(&dq->dq_interlock); 336 error = chkiqchg(ip, change, cred, i); 337 mutex_exit(&dq->dq_interlock); 338 if (error != 0) 339 return (error); 340 } 341 } 342 for (i = 0; i < MAXQUOTAS; i++) { 343 if ((dq = ip->i_dquot[i]) == NODQUOT) 344 continue; 345 mutex_enter(&dq->dq_interlock); 346 dq->dq_curinodes += change; 347 dq->dq_flags |= DQ_MOD; 348 mutex_exit(&dq->dq_interlock); 349 } 350 return (0); 351 } 352 353 /* 354 * Check for a valid change to a users allocation. 355 * Issue an error message if appropriate. 356 */ 357 static int 358 chkiqchg(struct inode *ip, int32_t change, kauth_cred_t cred, int type) 359 { 360 struct dquot *dq = ip->i_dquot[type]; 361 long ncurinodes = dq->dq_curinodes + change; 362 363 KASSERT(mutex_owned(&dq->dq_interlock)); 364 /* 365 * If user would exceed their hard limit, disallow inode allocation. 366 */ 367 if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) { 368 if ((dq->dq_flags & DQ_INODS) == 0 && 369 ip->i_uid == kauth_cred_geteuid(cred)) { 370 uprintf("\n%s: write failed, %s inode limit reached\n", 371 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 372 quotatypes[type]); 373 dq->dq_flags |= DQ_INODS; 374 } 375 return (EDQUOT); 376 } 377 /* 378 * If user is over their soft limit for too long, disallow inode 379 * allocation. Reset time limit as they cross their soft limit. 380 */ 381 if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) { 382 if (dq->dq_curinodes < dq->dq_isoftlimit) { 383 dq->dq_itime = time_second + ip->i_ump->um_itime[type]; 384 if (ip->i_uid == kauth_cred_geteuid(cred)) 385 uprintf("\n%s: warning, %s %s\n", 386 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 387 quotatypes[type], "inode quota exceeded"); 388 return (0); 389 } 390 if (time_second > dq->dq_itime) { 391 if ((dq->dq_flags & DQ_INODS) == 0 && 392 ip->i_uid == kauth_cred_geteuid(cred)) { 393 uprintf("\n%s: write failed, %s %s\n", 394 ITOV(ip)->v_mount->mnt_stat.f_mntonname, 395 quotatypes[type], 396 "inode quota exceeded for too long"); 397 dq->dq_flags |= DQ_INODS; 398 } 399 return (EDQUOT); 400 } 401 } 402 return (0); 403 } 404 405 /* 406 * Code to process quotactl commands. 407 */ 408 409 /* 410 * Q_QUOTAON - set up a quota file for a particular file system. 411 */ 412 int 413 quotaon(struct lwp *l, struct mount *mp, int type, void *fname) 414 { 415 struct ufsmount *ump = VFSTOUFS(mp); 416 struct vnode *vp, **vpp, *mvp; 417 struct dquot *dq; 418 int error; 419 struct pathbuf *pb; 420 struct nameidata nd; 421 422 /* XXX XXX XXX */ 423 if (mp->mnt_wapbl != NULL) { 424 printf("%s: quotas cannot yet be used with -o log\n", 425 mp->mnt_stat.f_mntonname); 426 return (EOPNOTSUPP); 427 } 428 429 vpp = &ump->um_quotas[type]; 430 431 error = pathbuf_copyin(fname, &pb); 432 if (error) { 433 return error; 434 } 435 NDINIT(&nd, LOOKUP, FOLLOW, pb); 436 if ((error = vn_open(&nd, FREAD|FWRITE, 0)) != 0) { 437 pathbuf_destroy(pb); 438 return error; 439 } 440 vp = nd.ni_vp; 441 pathbuf_destroy(pb); 442 443 VOP_UNLOCK(vp); 444 if (vp->v_type != VREG) { 445 (void) vn_close(vp, FREAD|FWRITE, l->l_cred); 446 return (EACCES); 447 } 448 if (*vpp != vp) 449 quotaoff(l, mp, type); 450 mutex_enter(&dqlock); 451 while ((ump->um_qflags[type] & (QTF_CLOSING | QTF_OPENING)) != 0) 452 cv_wait(&dqcv, &dqlock); 453 ump->um_qflags[type] |= QTF_OPENING; 454 mutex_exit(&dqlock); 455 mp->mnt_flag |= MNT_QUOTA; 456 vp->v_vflag |= VV_SYSTEM; /* XXXSMP */ 457 *vpp = vp; 458 /* 459 * Save the credential of the process that turned on quotas. 460 * Set up the time limits for this quota. 461 */ 462 kauth_cred_hold(l->l_cred); 463 ump->um_cred[type] = l->l_cred; 464 ump->um_btime[type] = MAX_DQ_TIME; 465 ump->um_itime[type] = MAX_IQ_TIME; 466 if (dqget(NULLVP, 0, ump, type, &dq) == 0) { 467 if (dq->dq_btime > 0) 468 ump->um_btime[type] = dq->dq_btime; 469 if (dq->dq_itime > 0) 470 ump->um_itime[type] = dq->dq_itime; 471 dqrele(NULLVP, dq); 472 } 473 /* Allocate a marker vnode. */ 474 if ((mvp = vnalloc(mp)) == NULL) { 475 error = ENOMEM; 476 goto out; 477 } 478 /* 479 * Search vnodes associated with this mount point, 480 * adding references to quota file being opened. 481 * NB: only need to add dquot's for inodes being modified. 482 */ 483 mutex_enter(&mntvnode_lock); 484 again: 485 for (vp = TAILQ_FIRST(&mp->mnt_vnodelist); vp; vp = vunmark(mvp)) { 486 vmark(mvp, vp); 487 mutex_enter(&vp->v_interlock); 488 if (VTOI(vp) == NULL || vp->v_mount != mp || vismarker(vp) || 489 vp->v_type == VNON || vp->v_writecount == 0 || 490 (vp->v_iflag & (VI_XLOCK | VI_CLEAN)) != 0) { 491 mutex_exit(&vp->v_interlock); 492 continue; 493 } 494 mutex_exit(&mntvnode_lock); 495 if (vget(vp, LK_EXCLUSIVE)) { 496 mutex_enter(&mntvnode_lock); 497 (void)vunmark(mvp); 498 goto again; 499 } 500 if ((error = getinoquota(VTOI(vp))) != 0) { 501 vput(vp); 502 mutex_enter(&mntvnode_lock); 503 (void)vunmark(mvp); 504 break; 505 } 506 vput(vp); 507 mutex_enter(&mntvnode_lock); 508 } 509 mutex_exit(&mntvnode_lock); 510 vnfree(mvp); 511 out: 512 mutex_enter(&dqlock); 513 ump->um_qflags[type] &= ~QTF_OPENING; 514 cv_broadcast(&dqcv); 515 mutex_exit(&dqlock); 516 if (error) 517 quotaoff(l, mp, type); 518 return (error); 519 } 520 521 /* 522 * Q_QUOTAOFF - turn off disk quotas for a filesystem. 523 */ 524 int 525 quotaoff(struct lwp *l, struct mount *mp, int type) 526 { 527 struct vnode *vp; 528 struct vnode *qvp, *mvp; 529 struct ufsmount *ump = VFSTOUFS(mp); 530 struct dquot *dq; 531 struct inode *ip; 532 kauth_cred_t cred; 533 int i, error; 534 535 /* Allocate a marker vnode. */ 536 if ((mvp = vnalloc(mp)) == NULL) 537 return ENOMEM; 538 539 mutex_enter(&dqlock); 540 while ((ump->um_qflags[type] & (QTF_CLOSING | QTF_OPENING)) != 0) 541 cv_wait(&dqcv, &dqlock); 542 if ((qvp = ump->um_quotas[type]) == NULLVP) { 543 mutex_exit(&dqlock); 544 vnfree(mvp); 545 return (0); 546 } 547 ump->um_qflags[type] |= QTF_CLOSING; 548 mutex_exit(&dqlock); 549 /* 550 * Search vnodes associated with this mount point, 551 * deleting any references to quota file being closed. 552 */ 553 mutex_enter(&mntvnode_lock); 554 again: 555 for (vp = TAILQ_FIRST(&mp->mnt_vnodelist); vp; vp = vunmark(mvp)) { 556 vmark(mvp, vp); 557 mutex_enter(&vp->v_interlock); 558 if (VTOI(vp) == NULL || vp->v_mount != mp || vismarker(vp) || 559 vp->v_type == VNON || 560 (vp->v_iflag & (VI_XLOCK | VI_CLEAN)) != 0) { 561 mutex_exit(&vp->v_interlock); 562 continue; 563 } 564 mutex_exit(&mntvnode_lock); 565 if (vget(vp, LK_EXCLUSIVE)) { 566 mutex_enter(&mntvnode_lock); 567 (void)vunmark(mvp); 568 goto again; 569 } 570 ip = VTOI(vp); 571 dq = ip->i_dquot[type]; 572 ip->i_dquot[type] = NODQUOT; 573 dqrele(vp, dq); 574 vput(vp); 575 mutex_enter(&mntvnode_lock); 576 } 577 mutex_exit(&mntvnode_lock); 578 #ifdef DIAGNOSTIC 579 dqflush(qvp); 580 #endif 581 qvp->v_vflag &= ~VV_SYSTEM; 582 error = vn_close(qvp, FREAD|FWRITE, l->l_cred); 583 mutex_enter(&dqlock); 584 ump->um_quotas[type] = NULLVP; 585 cred = ump->um_cred[type]; 586 ump->um_cred[type] = NOCRED; 587 for (i = 0; i < MAXQUOTAS; i++) 588 if (ump->um_quotas[i] != NULLVP) 589 break; 590 ump->um_qflags[type] &= ~QTF_CLOSING; 591 cv_broadcast(&dqcv); 592 mutex_exit(&dqlock); 593 kauth_cred_free(cred); 594 if (i == MAXQUOTAS) 595 mp->mnt_flag &= ~MNT_QUOTA; 596 return (error); 597 } 598 599 /* 600 * Q_GETQUOTA - return current values in a dqblk structure. 601 */ 602 int 603 getquota(struct mount *mp, u_long id, int type, void *addr) 604 { 605 struct dquot *dq; 606 int error; 607 608 if ((error = dqget(NULLVP, id, VFSTOUFS(mp), type, &dq)) != 0) 609 return (error); 610 error = copyout((void *)&dq->dq_dqb, addr, sizeof (struct dqblk)); 611 dqrele(NULLVP, dq); 612 return (error); 613 } 614 615 /* 616 * Q_SETQUOTA - assign an entire dqblk structure. 617 */ 618 int 619 setquota(struct mount *mp, u_long id, int type, void *addr) 620 { 621 struct dquot *dq; 622 struct dquot *ndq; 623 struct ufsmount *ump = VFSTOUFS(mp); 624 struct dqblk newlim; 625 int error; 626 627 error = copyin(addr, (void *)&newlim, sizeof (struct dqblk)); 628 if (error) 629 return (error); 630 if ((error = dqget(NULLVP, id, ump, type, &ndq)) != 0) 631 return (error); 632 dq = ndq; 633 mutex_enter(&dq->dq_interlock); 634 /* 635 * Copy all but the current values. 636 * Reset time limit if previously had no soft limit or were 637 * under it, but now have a soft limit and are over it. 638 */ 639 newlim.dqb_curblocks = dq->dq_curblocks; 640 newlim.dqb_curinodes = dq->dq_curinodes; 641 if (dq->dq_id != 0) { 642 newlim.dqb_btime = dq->dq_btime; 643 newlim.dqb_itime = dq->dq_itime; 644 } 645 if (newlim.dqb_bsoftlimit && 646 dq->dq_curblocks >= newlim.dqb_bsoftlimit && 647 (dq->dq_bsoftlimit == 0 || dq->dq_curblocks < dq->dq_bsoftlimit)) 648 newlim.dqb_btime = time_second + ump->um_btime[type]; 649 if (newlim.dqb_isoftlimit && 650 dq->dq_curinodes >= newlim.dqb_isoftlimit && 651 (dq->dq_isoftlimit == 0 || dq->dq_curinodes < dq->dq_isoftlimit)) 652 newlim.dqb_itime = time_second + ump->um_itime[type]; 653 dq->dq_dqb = newlim; 654 if (dq->dq_curblocks < dq->dq_bsoftlimit) 655 dq->dq_flags &= ~DQ_BLKS; 656 if (dq->dq_curinodes < dq->dq_isoftlimit) 657 dq->dq_flags &= ~DQ_INODS; 658 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 && 659 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0) 660 dq->dq_flags |= DQ_FAKE; 661 else 662 dq->dq_flags &= ~DQ_FAKE; 663 dq->dq_flags |= DQ_MOD; 664 mutex_exit(&dq->dq_interlock); 665 dqrele(NULLVP, dq); 666 return (0); 667 } 668 669 /* 670 * Q_SETUSE - set current inode and block usage. 671 */ 672 int 673 setuse(struct mount *mp, u_long id, int type, void *addr) 674 { 675 struct dquot *dq; 676 struct ufsmount *ump = VFSTOUFS(mp); 677 struct dquot *ndq; 678 struct dqblk usage; 679 int error; 680 681 error = copyin(addr, (void *)&usage, sizeof (struct dqblk)); 682 if (error) 683 return (error); 684 if ((error = dqget(NULLVP, id, ump, type, &ndq)) != 0) 685 return (error); 686 dq = ndq; 687 mutex_enter(&dq->dq_interlock); 688 /* 689 * Reset time limit if have a soft limit and were 690 * previously under it, but are now over it. 691 */ 692 if (dq->dq_bsoftlimit && dq->dq_curblocks < dq->dq_bsoftlimit && 693 usage.dqb_curblocks >= dq->dq_bsoftlimit) 694 dq->dq_btime = time_second + ump->um_btime[type]; 695 if (dq->dq_isoftlimit && dq->dq_curinodes < dq->dq_isoftlimit && 696 usage.dqb_curinodes >= dq->dq_isoftlimit) 697 dq->dq_itime = time_second + ump->um_itime[type]; 698 dq->dq_curblocks = usage.dqb_curblocks; 699 dq->dq_curinodes = usage.dqb_curinodes; 700 if (dq->dq_curblocks < dq->dq_bsoftlimit) 701 dq->dq_flags &= ~DQ_BLKS; 702 if (dq->dq_curinodes < dq->dq_isoftlimit) 703 dq->dq_flags &= ~DQ_INODS; 704 dq->dq_flags |= DQ_MOD; 705 mutex_exit(&dq->dq_interlock); 706 dqrele(NULLVP, dq); 707 return (0); 708 } 709 710 /* 711 * Q_SYNC - sync quota files to disk. 712 */ 713 int 714 qsync(struct mount *mp) 715 { 716 struct ufsmount *ump = VFSTOUFS(mp); 717 struct vnode *vp, *mvp; 718 struct dquot *dq; 719 int i, error; 720 721 /* 722 * Check if the mount point has any quotas. 723 * If not, simply return. 724 */ 725 for (i = 0; i < MAXQUOTAS; i++) 726 if (ump->um_quotas[i] != NULLVP) 727 break; 728 if (i == MAXQUOTAS) 729 return (0); 730 731 /* Allocate a marker vnode. */ 732 if ((mvp = vnalloc(mp)) == NULL) 733 return (ENOMEM); 734 735 /* 736 * Search vnodes associated with this mount point, 737 * synchronizing any modified dquot structures. 738 */ 739 mutex_enter(&mntvnode_lock); 740 again: 741 for (vp = TAILQ_FIRST(&mp->mnt_vnodelist); vp; vp = vunmark(mvp)) { 742 vmark(mvp, vp); 743 mutex_enter(&vp->v_interlock); 744 if (VTOI(vp) == NULL || vp->v_mount != mp || vismarker(vp) || 745 vp->v_type == VNON || 746 (vp->v_iflag & (VI_XLOCK | VI_CLEAN)) != 0) { 747 mutex_exit(&vp->v_interlock); 748 continue; 749 } 750 mutex_exit(&mntvnode_lock); 751 error = vget(vp, LK_EXCLUSIVE | LK_NOWAIT); 752 if (error) { 753 mutex_enter(&mntvnode_lock); 754 if (error == ENOENT) { 755 (void)vunmark(mvp); 756 goto again; 757 } 758 continue; 759 } 760 for (i = 0; i < MAXQUOTAS; i++) { 761 dq = VTOI(vp)->i_dquot[i]; 762 if (dq == NODQUOT) 763 continue; 764 mutex_enter(&dq->dq_interlock); 765 if (dq->dq_flags & DQ_MOD) 766 dqsync(vp, dq); 767 mutex_exit(&dq->dq_interlock); 768 } 769 vput(vp); 770 mutex_enter(&mntvnode_lock); 771 } 772 mutex_exit(&mntvnode_lock); 773 vnfree(mvp); 774 return (0); 775 } 776 777 /* 778 * Code pertaining to management of the in-core dquot data structures. 779 */ 780 #define DQHASH(dqvp, id) \ 781 (((((long)(dqvp)) >> 8) + id) & dqhash) 782 static LIST_HEAD(dqhashhead, dquot) *dqhashtbl; 783 static u_long dqhash; 784 static pool_cache_t dquot_cache; 785 786 /* 787 * Initialize the quota system. 788 */ 789 void 790 dqinit(void) 791 { 792 793 mutex_init(&dqlock, MUTEX_DEFAULT, IPL_NONE); 794 cv_init(&dqcv, "quota"); 795 dqhashtbl = hashinit(desiredvnodes, HASH_LIST, true, &dqhash); 796 dquot_cache = pool_cache_init(sizeof(struct dquot), 0, 0, 0, "ufsdq", 797 NULL, IPL_NONE, NULL, NULL, NULL); 798 } 799 800 void 801 dqreinit(void) 802 { 803 struct dquot *dq; 804 struct dqhashhead *oldhash, *hash; 805 struct vnode *dqvp; 806 u_long oldmask, mask, hashval; 807 int i; 808 809 hash = hashinit(desiredvnodes, HASH_LIST, true, &mask); 810 mutex_enter(&dqlock); 811 oldhash = dqhashtbl; 812 oldmask = dqhash; 813 dqhashtbl = hash; 814 dqhash = mask; 815 for (i = 0; i <= oldmask; i++) { 816 while ((dq = LIST_FIRST(&oldhash[i])) != NULL) { 817 dqvp = dq->dq_ump->um_quotas[dq->dq_type]; 818 LIST_REMOVE(dq, dq_hash); 819 hashval = DQHASH(dqvp, dq->dq_id); 820 LIST_INSERT_HEAD(&dqhashtbl[hashval], dq, dq_hash); 821 } 822 } 823 mutex_exit(&dqlock); 824 hashdone(oldhash, HASH_LIST, oldmask); 825 } 826 827 /* 828 * Free resources held by quota system. 829 */ 830 void 831 dqdone(void) 832 { 833 834 pool_cache_destroy(dquot_cache); 835 hashdone(dqhashtbl, HASH_LIST, dqhash); 836 cv_destroy(&dqcv); 837 mutex_destroy(&dqlock); 838 } 839 840 /* 841 * Obtain a dquot structure for the specified identifier and quota file 842 * reading the information from the file if necessary. 843 */ 844 static int 845 dqget(struct vnode *vp, u_long id, struct ufsmount *ump, int type, 846 struct dquot **dqp) 847 { 848 struct dquot *dq, *ndq; 849 struct dqhashhead *dqh; 850 struct vnode *dqvp; 851 struct iovec aiov; 852 struct uio auio; 853 int error; 854 855 /* Lock to see an up to date value for QTF_CLOSING. */ 856 mutex_enter(&dqlock); 857 dqvp = ump->um_quotas[type]; 858 if (dqvp == NULLVP || (ump->um_qflags[type] & QTF_CLOSING)) { 859 mutex_exit(&dqlock); 860 *dqp = NODQUOT; 861 return (EINVAL); 862 } 863 KASSERT(dqvp != vp); 864 /* 865 * Check the cache first. 866 */ 867 dqh = &dqhashtbl[DQHASH(dqvp, id)]; 868 LIST_FOREACH(dq, dqh, dq_hash) { 869 if (dq->dq_id != id || 870 dq->dq_ump->um_quotas[dq->dq_type] != dqvp) 871 continue; 872 KASSERT(dq->dq_cnt > 0); 873 dqref(dq); 874 mutex_exit(&dqlock); 875 *dqp = dq; 876 return (0); 877 } 878 /* 879 * Not in cache, allocate a new one. 880 */ 881 mutex_exit(&dqlock); 882 ndq = pool_cache_get(dquot_cache, PR_WAITOK); 883 /* 884 * Initialize the contents of the dquot structure. 885 */ 886 memset((char *)ndq, 0, sizeof *ndq); 887 ndq->dq_flags = 0; 888 ndq->dq_id = id; 889 ndq->dq_ump = ump; 890 ndq->dq_type = type; 891 mutex_init(&ndq->dq_interlock, MUTEX_DEFAULT, IPL_NONE); 892 mutex_enter(&dqlock); 893 dqh = &dqhashtbl[DQHASH(dqvp, id)]; 894 LIST_FOREACH(dq, dqh, dq_hash) { 895 if (dq->dq_id != id || 896 dq->dq_ump->um_quotas[dq->dq_type] != dqvp) 897 continue; 898 /* 899 * Another thread beat us allocating this dquot. 900 */ 901 KASSERT(dq->dq_cnt > 0); 902 dqref(dq); 903 mutex_exit(&dqlock); 904 mutex_destroy(&ndq->dq_interlock); 905 pool_cache_put(dquot_cache, ndq); 906 *dqp = dq; 907 return 0; 908 } 909 dq = ndq; 910 LIST_INSERT_HEAD(dqh, dq, dq_hash); 911 dqref(dq); 912 mutex_enter(&dq->dq_interlock); 913 mutex_exit(&dqlock); 914 vn_lock(dqvp, LK_EXCLUSIVE | LK_RETRY); 915 auio.uio_iov = &aiov; 916 auio.uio_iovcnt = 1; 917 aiov.iov_base = (void *)&dq->dq_dqb; 918 aiov.iov_len = sizeof (struct dqblk); 919 auio.uio_resid = sizeof (struct dqblk); 920 auio.uio_offset = (off_t)(id * sizeof (struct dqblk)); 921 auio.uio_rw = UIO_READ; 922 UIO_SETUP_SYSSPACE(&auio); 923 error = VOP_READ(dqvp, &auio, 0, ump->um_cred[type]); 924 if (auio.uio_resid == sizeof(struct dqblk) && error == 0) 925 memset((void *)&dq->dq_dqb, 0, sizeof(struct dqblk)); 926 VOP_UNLOCK(dqvp); 927 /* 928 * I/O error in reading quota file, release 929 * quota structure and reflect problem to caller. 930 */ 931 if (error) { 932 mutex_enter(&dqlock); 933 LIST_REMOVE(dq, dq_hash); 934 mutex_exit(&dqlock); 935 mutex_exit(&dq->dq_interlock); 936 dqrele(vp, dq); 937 *dqp = NODQUOT; 938 return (error); 939 } 940 /* 941 * Check for no limit to enforce. 942 * Initialize time values if necessary. 943 */ 944 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 && 945 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0) 946 dq->dq_flags |= DQ_FAKE; 947 if (dq->dq_id != 0) { 948 if (dq->dq_btime == 0) 949 dq->dq_btime = time_second + ump->um_btime[type]; 950 if (dq->dq_itime == 0) 951 dq->dq_itime = time_second + ump->um_itime[type]; 952 } 953 mutex_exit(&dq->dq_interlock); 954 *dqp = dq; 955 return (0); 956 } 957 958 /* 959 * Obtain a reference to a dquot. 960 */ 961 static void 962 dqref(struct dquot *dq) 963 { 964 965 KASSERT(mutex_owned(&dqlock)); 966 dq->dq_cnt++; 967 KASSERT(dq->dq_cnt > 0); 968 } 969 970 /* 971 * Release a reference to a dquot. 972 */ 973 static void 974 dqrele(struct vnode *vp, struct dquot *dq) 975 { 976 977 if (dq == NODQUOT) 978 return; 979 mutex_enter(&dq->dq_interlock); 980 for (;;) { 981 mutex_enter(&dqlock); 982 if (dq->dq_cnt > 1) { 983 dq->dq_cnt--; 984 mutex_exit(&dqlock); 985 mutex_exit(&dq->dq_interlock); 986 return; 987 } 988 if ((dq->dq_flags & DQ_MOD) == 0) 989 break; 990 mutex_exit(&dqlock); 991 (void) dqsync(vp, dq); 992 } 993 KASSERT(dq->dq_cnt == 1 && (dq->dq_flags & DQ_MOD) == 0); 994 LIST_REMOVE(dq, dq_hash); 995 mutex_exit(&dqlock); 996 mutex_exit(&dq->dq_interlock); 997 mutex_destroy(&dq->dq_interlock); 998 pool_cache_put(dquot_cache, dq); 999 } 1000 1001 /* 1002 * Update the disk quota in the quota file. 1003 */ 1004 static int 1005 dqsync(struct vnode *vp, struct dquot *dq) 1006 { 1007 struct vnode *dqvp; 1008 struct iovec aiov; 1009 struct uio auio; 1010 int error; 1011 1012 if (dq == NODQUOT) 1013 panic("dqsync: dquot"); 1014 KASSERT(mutex_owned(&dq->dq_interlock)); 1015 if ((dq->dq_flags & DQ_MOD) == 0) 1016 return (0); 1017 if ((dqvp = dq->dq_ump->um_quotas[dq->dq_type]) == NULLVP) 1018 panic("dqsync: file"); 1019 KASSERT(dqvp != vp); 1020 vn_lock(dqvp, LK_EXCLUSIVE | LK_RETRY); 1021 auio.uio_iov = &aiov; 1022 auio.uio_iovcnt = 1; 1023 aiov.iov_base = (void *)&dq->dq_dqb; 1024 aiov.iov_len = sizeof (struct dqblk); 1025 auio.uio_resid = sizeof (struct dqblk); 1026 auio.uio_offset = (off_t)(dq->dq_id * sizeof (struct dqblk)); 1027 auio.uio_rw = UIO_WRITE; 1028 UIO_SETUP_SYSSPACE(&auio); 1029 error = VOP_WRITE(dqvp, &auio, 0, dq->dq_ump->um_cred[dq->dq_type]); 1030 if (auio.uio_resid && error == 0) 1031 error = EIO; 1032 dq->dq_flags &= ~DQ_MOD; 1033 VOP_UNLOCK(dqvp); 1034 return (error); 1035 } 1036 1037 #ifdef DIAGNOSTIC 1038 /* 1039 * Check the hash chains for stray dquot's. 1040 */ 1041 static void 1042 dqflush(struct vnode *vp) 1043 { 1044 struct dquot *dq; 1045 int i; 1046 1047 mutex_enter(&dqlock); 1048 for (i = 0; i <= dqhash; i++) 1049 LIST_FOREACH(dq, &dqhashtbl[i], dq_hash) 1050 KASSERT(dq->dq_ump->um_quotas[dq->dq_type] != vp); 1051 mutex_exit(&dqlock); 1052 } 1053 #endif 1054
Indexes created Sun Oct 12 20:09:57 GMT 2025