2 * Implementation of the diskquota system for the LINUX operating system. QUOTA
3 * is implemented using the BSD system call interface as the means of
4 * communication with the user level. This file contains the generic routines
5 * called by the different filesystems on allocation of an inode or block.
6 * These routines take care of the administration needed to have a consistent
7 * diskquota tracking system. The ideas of both user and group quotas are based
8 * on the Melbourne quota system as used on BSD derived systems. The internal
9 * implementation is based on one of the several variants of the LINUX
10 * inode-subsystem with added complexity of the diskquota system.
12 * Version: $Id: dquot.c,v 6.3 1996/11/17 18:35:34 mvw Exp mvw $
14 * Author: Marco van Wieringen <mvw@planets.elm.net>
16 * Fixes: Dmitry Gorodchanin <pgmdsg@ibi.com>, 11 Feb 96
18 * Revised list management to avoid races
19 * -- Bill Hawes, <whawes@star.net>, 9/98
21 * Fixed races in dquot_transfer(), dqget() and dquot_alloc_...().
22 * As the consequence the locking was moved from dquot_decr_...(),
23 * dquot_incr_...() to calling functions.
24 * invalidate_dquots() now writes modified dquots.
25 * Serialized quota_off() and quota_on() for mount point.
26 * Fixed a few bugs in grow_dquots().
27 * Fixed deadlock in write_dquot() - we no longer account quotas on
29 * remove_dquot_ref() moved to inode.c - it now traverses through inodes
30 * add_dquot_ref() restarts after blocking
31 * Added check for bogus uid and fixed check for group in quotactl.
32 * Jan Kara, <jack@suse.cz>, sponsored by SuSE CR, 10-11/99
34 * Used struct list_head instead of own list struct
35 * Invalidation of referenced dquots is no longer possible
36 * Improved free_dquots list management
37 * Quota and i_blocks are now updated in one place to avoid races
38 * Warnings are now delayed so we won't block in critical section
39 * Write updated not to require dquot lock
40 * Jan Kara, <jack@suse.cz>, 9/2000
42 * Added dynamic quota structure allocation
43 * Jan Kara <jack@suse.cz> 12/2000
45 * Rewritten quota interface. Implemented new quota format and
46 * formats registering.
47 * Jan Kara, <jack@suse.cz>, 2001,2002
50 * Jan Kara, <jack@suse.cz>, 10/2002
52 * Added journalled quota support, fix lock inversion problems
53 * Jan Kara, <jack@suse.cz>, 2003,2004
55 * (C) Copyright 1994 - 1997 Marco van Wieringen
58 #include <linux/errno.h>
59 #include <linux/kernel.h>
61 #include <linux/mount.h>
63 #include <linux/time.h>
64 #include <linux/types.h>
65 #include <linux/string.h>
66 #include <linux/fcntl.h>
67 #include <linux/stat.h>
68 #include <linux/tty.h>
69 #include <linux/file.h>
70 #include <linux/slab.h>
71 #include <linux/sysctl.h>
72 #include <linux/init.h>
73 #include <linux/module.h>
74 #include <linux/proc_fs.h>
75 #include <linux/security.h>
76 #include <linux/kmod.h>
77 #include <linux/namei.h>
78 #include <linux/buffer_head.h>
79 #include <linux/capability.h>
80 #include <linux/quotaops.h>
81 #include <linux/writeback.h> /* for inode_lock, oddly enough.. */
82 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
83 #include <net/netlink.h>
84 #include <net/genetlink.h>
87 #include <asm/uaccess.h>
89 #define __DQUOT_PARANOIA
92 * There are two quota SMP locks. dq_list_lock protects all lists with quotas
93 * and quota formats and also dqstats structure containing statistics about the
94 * lists. dq_data_lock protects data from dq_dqb and also mem_dqinfo structures
95 * and also guards consistency of dquot->dq_dqb with inode->i_blocks, i_bytes.
96 * i_blocks and i_bytes updates itself are guarded by i_lock acquired directly
97 * in inode_add_bytes() and inode_sub_bytes().
99 * The spinlock ordering is hence: dq_data_lock > dq_list_lock > i_lock
101 * Note that some things (eg. sb pointer, type, id) doesn't change during
102 * the life of the dquot structure and so needn't to be protected by a lock
104 * Any operation working on dquots via inode pointers must hold dqptr_sem. If
105 * operation is just reading pointers from inode (or not using them at all) the
106 * read lock is enough. If pointers are altered function must hold write lock
107 * (these locking rules also apply for S_NOQUOTA flag in the inode - note that
108 * for altering the flag i_mutex is also needed). If operation is holding
109 * reference to dquot in other way (e.g. quotactl ops) it must be guarded by
111 * This locking assures that:
112 * a) update/access to dquot pointers in inode is serialized
113 * b) everyone is guarded against invalidate_dquots()
115 * Each dquot has its dq_lock mutex. Locked dquots might not be referenced
116 * from inodes (dquot_alloc_space() and such don't check the dq_lock).
117 * Currently dquot is locked only when it is being read to memory (or space for
118 * it is being allocated) on the first dqget() and when it is being released on
119 * the last dqput(). The allocation and release oparations are serialized by
120 * the dq_lock and by checking the use count in dquot_release(). Write
121 * operations on dquots don't hold dq_lock as they copy data under dq_data_lock
122 * spinlock to internal buffers before writing.
124 * Lock ordering (including related VFS locks) is the following:
125 * i_mutex > dqonoff_sem > journal_lock > dqptr_sem > dquot->dq_lock >
127 * i_mutex on quota files is special (it's below dqio_mutex)
130 static DEFINE_SPINLOCK(dq_list_lock);
131 DEFINE_SPINLOCK(dq_data_lock);
133 static char *quotatypes[] = INITQFNAMES;
134 static struct quota_format_type *quota_formats; /* List of registered formats */
135 static struct quota_module_name module_names[] = INIT_QUOTA_MODULE_NAMES;
137 /* SLAB cache for dquot structures */
138 static struct kmem_cache *dquot_cachep;
140 int register_quota_format(struct quota_format_type *fmt)
142 spin_lock(&dq_list_lock);
143 fmt->qf_next = quota_formats;
145 spin_unlock(&dq_list_lock);
149 void unregister_quota_format(struct quota_format_type *fmt)
151 struct quota_format_type **actqf;
153 spin_lock(&dq_list_lock);
154 for (actqf = "a_formats; *actqf && *actqf != fmt; actqf = &(*actqf)->qf_next);
156 *actqf = (*actqf)->qf_next;
157 spin_unlock(&dq_list_lock);
160 static struct quota_format_type *find_quota_format(int id)
162 struct quota_format_type *actqf;
164 spin_lock(&dq_list_lock);
165 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id; actqf = actqf->qf_next);
166 if (!actqf || !try_module_get(actqf->qf_owner)) {
169 spin_unlock(&dq_list_lock);
171 for (qm = 0; module_names[qm].qm_fmt_id && module_names[qm].qm_fmt_id != id; qm++);
172 if (!module_names[qm].qm_fmt_id || request_module(module_names[qm].qm_mod_name))
175 spin_lock(&dq_list_lock);
176 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id; actqf = actqf->qf_next);
177 if (actqf && !try_module_get(actqf->qf_owner))
180 spin_unlock(&dq_list_lock);
184 static void put_quota_format(struct quota_format_type *fmt)
186 module_put(fmt->qf_owner);
190 * Dquot List Management:
191 * The quota code uses three lists for dquot management: the inuse_list,
192 * free_dquots, and dquot_hash[] array. A single dquot structure may be
193 * on all three lists, depending on its current state.
195 * All dquots are placed to the end of inuse_list when first created, and this
196 * list is used for invalidate operation, which must look at every dquot.
198 * Unused dquots (dq_count == 0) are added to the free_dquots list when freed,
199 * and this list is searched whenever we need an available dquot. Dquots are
200 * removed from the list as soon as they are used again, and
201 * dqstats.free_dquots gives the number of dquots on the list. When
202 * dquot is invalidated it's completely released from memory.
204 * Dquots with a specific identity (device, type and id) are placed on
205 * one of the dquot_hash[] hash chains. The provides an efficient search
206 * mechanism to locate a specific dquot.
209 static LIST_HEAD(inuse_list);
210 static LIST_HEAD(free_dquots);
211 static unsigned int dq_hash_bits, dq_hash_mask;
212 static struct hlist_head *dquot_hash;
214 struct dqstats dqstats;
216 static void dqput(struct dquot *dquot);
218 static inline unsigned int
219 hashfn(const struct super_block *sb, unsigned int id, int type)
223 tmp = (((unsigned long)sb>>L1_CACHE_SHIFT) ^ id) * (MAXQUOTAS - type);
224 return (tmp + (tmp >> dq_hash_bits)) & dq_hash_mask;
228 * Following list functions expect dq_list_lock to be held
230 static inline void insert_dquot_hash(struct dquot *dquot)
232 struct hlist_head *head = dquot_hash + hashfn(dquot->dq_sb, dquot->dq_id, dquot->dq_type);
233 hlist_add_head(&dquot->dq_hash, head);
236 static inline void remove_dquot_hash(struct dquot *dquot)
238 hlist_del_init(&dquot->dq_hash);
241 static inline struct dquot *find_dquot(unsigned int hashent, struct super_block *sb, unsigned int id, int type)
243 struct hlist_node *node;
246 hlist_for_each (node, dquot_hash+hashent) {
247 dquot = hlist_entry(node, struct dquot, dq_hash);
248 if (dquot->dq_sb == sb && dquot->dq_id == id && dquot->dq_type == type)
254 /* Add a dquot to the tail of the free list */
255 static inline void put_dquot_last(struct dquot *dquot)
257 list_add_tail(&dquot->dq_free, &free_dquots);
258 dqstats.free_dquots++;
261 static inline void remove_free_dquot(struct dquot *dquot)
263 if (list_empty(&dquot->dq_free))
265 list_del_init(&dquot->dq_free);
266 dqstats.free_dquots--;
269 static inline void put_inuse(struct dquot *dquot)
271 /* We add to the back of inuse list so we don't have to restart
272 * when traversing this list and we block */
273 list_add_tail(&dquot->dq_inuse, &inuse_list);
274 dqstats.allocated_dquots++;
277 static inline void remove_inuse(struct dquot *dquot)
279 dqstats.allocated_dquots--;
280 list_del(&dquot->dq_inuse);
283 * End of list functions needing dq_list_lock
286 static void wait_on_dquot(struct dquot *dquot)
288 mutex_lock(&dquot->dq_lock);
289 mutex_unlock(&dquot->dq_lock);
292 static inline int dquot_dirty(struct dquot *dquot)
294 return test_bit(DQ_MOD_B, &dquot->dq_flags);
297 static inline int mark_dquot_dirty(struct dquot *dquot)
299 return dquot->dq_sb->dq_op->mark_dirty(dquot);
302 int dquot_mark_dquot_dirty(struct dquot *dquot)
304 spin_lock(&dq_list_lock);
305 if (!test_and_set_bit(DQ_MOD_B, &dquot->dq_flags))
306 list_add(&dquot->dq_dirty, &sb_dqopt(dquot->dq_sb)->
307 info[dquot->dq_type].dqi_dirty_list);
308 spin_unlock(&dq_list_lock);
312 /* This function needs dq_list_lock */
313 static inline int clear_dquot_dirty(struct dquot *dquot)
315 if (!test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags))
317 list_del_init(&dquot->dq_dirty);
321 void mark_info_dirty(struct super_block *sb, int type)
323 set_bit(DQF_INFO_DIRTY_B, &sb_dqopt(sb)->info[type].dqi_flags);
325 EXPORT_SYMBOL(mark_info_dirty);
328 * Read dquot from disk and alloc space for it
331 int dquot_acquire(struct dquot *dquot)
333 int ret = 0, ret2 = 0;
334 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
336 mutex_lock(&dquot->dq_lock);
337 mutex_lock(&dqopt->dqio_mutex);
338 if (!test_bit(DQ_READ_B, &dquot->dq_flags))
339 ret = dqopt->ops[dquot->dq_type]->read_dqblk(dquot);
342 set_bit(DQ_READ_B, &dquot->dq_flags);
343 /* Instantiate dquot if needed */
344 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && !dquot->dq_off) {
345 ret = dqopt->ops[dquot->dq_type]->commit_dqblk(dquot);
346 /* Write the info if needed */
347 if (info_dirty(&dqopt->info[dquot->dq_type]))
348 ret2 = dqopt->ops[dquot->dq_type]->write_file_info(dquot->dq_sb, dquot->dq_type);
356 set_bit(DQ_ACTIVE_B, &dquot->dq_flags);
358 mutex_unlock(&dqopt->dqio_mutex);
359 mutex_unlock(&dquot->dq_lock);
364 * Write dquot to disk
366 int dquot_commit(struct dquot *dquot)
368 int ret = 0, ret2 = 0;
369 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
371 mutex_lock(&dqopt->dqio_mutex);
372 spin_lock(&dq_list_lock);
373 if (!clear_dquot_dirty(dquot)) {
374 spin_unlock(&dq_list_lock);
377 spin_unlock(&dq_list_lock);
378 /* Inactive dquot can be only if there was error during read/init
379 * => we have better not writing it */
380 if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
381 ret = dqopt->ops[dquot->dq_type]->commit_dqblk(dquot);
382 if (info_dirty(&dqopt->info[dquot->dq_type]))
383 ret2 = dqopt->ops[dquot->dq_type]->write_file_info(dquot->dq_sb, dquot->dq_type);
388 mutex_unlock(&dqopt->dqio_mutex);
395 int dquot_release(struct dquot *dquot)
397 int ret = 0, ret2 = 0;
398 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
400 mutex_lock(&dquot->dq_lock);
401 /* Check whether we are not racing with some other dqget() */
402 if (atomic_read(&dquot->dq_count) > 1)
404 mutex_lock(&dqopt->dqio_mutex);
405 if (dqopt->ops[dquot->dq_type]->release_dqblk) {
406 ret = dqopt->ops[dquot->dq_type]->release_dqblk(dquot);
408 if (info_dirty(&dqopt->info[dquot->dq_type]))
409 ret2 = dqopt->ops[dquot->dq_type]->write_file_info(dquot->dq_sb, dquot->dq_type);
413 clear_bit(DQ_ACTIVE_B, &dquot->dq_flags);
414 mutex_unlock(&dqopt->dqio_mutex);
416 mutex_unlock(&dquot->dq_lock);
420 /* Invalidate all dquots on the list. Note that this function is called after
421 * quota is disabled and pointers from inodes removed so there cannot be new
422 * quota users. There can still be some users of quotas due to inodes being
423 * just deleted or pruned by prune_icache() (those are not attached to any
424 * list). We have to wait for such users.
426 static void invalidate_dquots(struct super_block *sb, int type)
428 struct dquot *dquot, *tmp;
431 spin_lock(&dq_list_lock);
432 list_for_each_entry_safe(dquot, tmp, &inuse_list, dq_inuse) {
433 if (dquot->dq_sb != sb)
435 if (dquot->dq_type != type)
437 /* Wait for dquot users */
438 if (atomic_read(&dquot->dq_count)) {
441 atomic_inc(&dquot->dq_count);
442 prepare_to_wait(&dquot->dq_wait_unused, &wait,
443 TASK_UNINTERRUPTIBLE);
444 spin_unlock(&dq_list_lock);
445 /* Once dqput() wakes us up, we know it's time to free
447 * IMPORTANT: we rely on the fact that there is always
448 * at most one process waiting for dquot to free.
449 * Otherwise dq_count would be > 1 and we would never
452 if (atomic_read(&dquot->dq_count) > 1)
454 finish_wait(&dquot->dq_wait_unused, &wait);
456 /* At this moment dquot() need not exist (it could be
457 * reclaimed by prune_dqcache(). Hence we must
462 * Quota now has no users and it has been written on last
465 remove_dquot_hash(dquot);
466 remove_free_dquot(dquot);
468 kmem_cache_free(dquot_cachep, dquot);
470 spin_unlock(&dq_list_lock);
473 int vfs_quota_sync(struct super_block *sb, int type)
475 struct list_head *dirty;
477 struct quota_info *dqopt = sb_dqopt(sb);
480 mutex_lock(&dqopt->dqonoff_mutex);
481 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
482 if (type != -1 && cnt != type)
484 if (!sb_has_quota_enabled(sb, cnt))
486 spin_lock(&dq_list_lock);
487 dirty = &dqopt->info[cnt].dqi_dirty_list;
488 while (!list_empty(dirty)) {
489 dquot = list_first_entry(dirty, struct dquot, dq_dirty);
490 /* Dirty and inactive can be only bad dquot... */
491 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
492 clear_dquot_dirty(dquot);
495 /* Now we have active dquot from which someone is
496 * holding reference so we can safely just increase
498 atomic_inc(&dquot->dq_count);
500 spin_unlock(&dq_list_lock);
501 sb->dq_op->write_dquot(dquot);
503 spin_lock(&dq_list_lock);
505 spin_unlock(&dq_list_lock);
508 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
509 if ((cnt == type || type == -1) && sb_has_quota_enabled(sb, cnt)
510 && info_dirty(&dqopt->info[cnt]))
511 sb->dq_op->write_info(sb, cnt);
512 spin_lock(&dq_list_lock);
514 spin_unlock(&dq_list_lock);
515 mutex_unlock(&dqopt->dqonoff_mutex);
520 /* Free unused dquots from cache */
521 static void prune_dqcache(int count)
523 struct list_head *head;
526 head = free_dquots.prev;
527 while (head != &free_dquots && count) {
528 dquot = list_entry(head, struct dquot, dq_free);
529 remove_dquot_hash(dquot);
530 remove_free_dquot(dquot);
532 kmem_cache_free(dquot_cachep, dquot);
534 head = free_dquots.prev;
539 * This is called from kswapd when we think we need some
543 static int shrink_dqcache_memory(int nr, gfp_t gfp_mask)
546 spin_lock(&dq_list_lock);
548 spin_unlock(&dq_list_lock);
550 return (dqstats.free_dquots / 100) * sysctl_vfs_cache_pressure;
553 static struct shrinker dqcache_shrinker = {
554 .shrink = shrink_dqcache_memory,
555 .seeks = DEFAULT_SEEKS,
559 * Put reference to dquot
560 * NOTE: If you change this function please check whether dqput_blocks() works right...
561 * MUST be called with either dqptr_sem or dqonoff_mutex held
563 static void dqput(struct dquot *dquot)
569 #ifdef __DQUOT_PARANOIA
570 if (!atomic_read(&dquot->dq_count)) {
571 printk("VFS: dqput: trying to free free dquot\n");
572 printk("VFS: device %s, dquot of %s %d\n",
574 quotatypes[dquot->dq_type],
580 spin_lock(&dq_list_lock);
582 spin_unlock(&dq_list_lock);
584 spin_lock(&dq_list_lock);
585 if (atomic_read(&dquot->dq_count) > 1) {
586 /* We have more than one user... nothing to do */
587 atomic_dec(&dquot->dq_count);
588 /* Releasing dquot during quotaoff phase? */
589 if (!sb_has_quota_enabled(dquot->dq_sb, dquot->dq_type) &&
590 atomic_read(&dquot->dq_count) == 1)
591 wake_up(&dquot->dq_wait_unused);
592 spin_unlock(&dq_list_lock);
595 /* Need to release dquot? */
596 if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && dquot_dirty(dquot)) {
597 spin_unlock(&dq_list_lock);
598 /* Commit dquot before releasing */
599 ret = dquot->dq_sb->dq_op->write_dquot(dquot);
601 printk(KERN_ERR "VFS: cannot write quota structure on "
602 "device %s (error %d). Quota may get out of "
603 "sync!\n", dquot->dq_sb->s_id, ret);
605 * We clear dirty bit anyway, so that we avoid
608 spin_lock(&dq_list_lock);
609 clear_dquot_dirty(dquot);
610 spin_unlock(&dq_list_lock);
614 /* Clear flag in case dquot was inactive (something bad happened) */
615 clear_dquot_dirty(dquot);
616 if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
617 spin_unlock(&dq_list_lock);
618 dquot->dq_sb->dq_op->release_dquot(dquot);
621 atomic_dec(&dquot->dq_count);
622 #ifdef __DQUOT_PARANOIA
624 BUG_ON(!list_empty(&dquot->dq_free));
626 put_dquot_last(dquot);
627 spin_unlock(&dq_list_lock);
630 static struct dquot *get_empty_dquot(struct super_block *sb, int type)
634 dquot = kmem_cache_zalloc(dquot_cachep, GFP_NOFS);
638 mutex_init(&dquot->dq_lock);
639 INIT_LIST_HEAD(&dquot->dq_free);
640 INIT_LIST_HEAD(&dquot->dq_inuse);
641 INIT_HLIST_NODE(&dquot->dq_hash);
642 INIT_LIST_HEAD(&dquot->dq_dirty);
643 init_waitqueue_head(&dquot->dq_wait_unused);
645 dquot->dq_type = type;
646 atomic_set(&dquot->dq_count, 1);
652 * Get reference to dquot
653 * MUST be called with either dqptr_sem or dqonoff_mutex held
655 static struct dquot *dqget(struct super_block *sb, unsigned int id, int type)
657 unsigned int hashent = hashfn(sb, id, type);
658 struct dquot *dquot, *empty = NODQUOT;
660 if (!sb_has_quota_enabled(sb, type))
663 spin_lock(&dq_list_lock);
664 if ((dquot = find_dquot(hashent, sb, id, type)) == NODQUOT) {
665 if (empty == NODQUOT) {
666 spin_unlock(&dq_list_lock);
667 if ((empty = get_empty_dquot(sb, type)) == NODQUOT)
668 schedule(); /* Try to wait for a moment... */
673 /* all dquots go on the inuse_list */
675 /* hash it first so it can be found */
676 insert_dquot_hash(dquot);
678 spin_unlock(&dq_list_lock);
680 if (!atomic_read(&dquot->dq_count))
681 remove_free_dquot(dquot);
682 atomic_inc(&dquot->dq_count);
683 dqstats.cache_hits++;
685 spin_unlock(&dq_list_lock);
687 kmem_cache_free(dquot_cachep, empty);
689 /* Wait for dq_lock - after this we know that either dquot_release() is already
690 * finished or it will be canceled due to dq_count > 1 test */
691 wait_on_dquot(dquot);
692 /* Read the dquot and instantiate it (everything done only if needed) */
693 if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && sb->dq_op->acquire_dquot(dquot) < 0) {
697 #ifdef __DQUOT_PARANOIA
698 BUG_ON(!dquot->dq_sb); /* Has somebody invalidated entry under us? */
704 static int dqinit_needed(struct inode *inode, int type)
708 if (IS_NOQUOTA(inode))
711 return inode->i_dquot[type] == NODQUOT;
712 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
713 if (inode->i_dquot[cnt] == NODQUOT)
718 /* This routine is guarded by dqonoff_mutex mutex */
719 static void add_dquot_ref(struct super_block *sb, int type)
721 struct inode *inode, *old_inode = NULL;
723 spin_lock(&inode_lock);
724 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
725 if (!atomic_read(&inode->i_writecount))
727 if (!dqinit_needed(inode, type))
729 if (inode->i_state & (I_FREEING|I_WILL_FREE))
733 spin_unlock(&inode_lock);
736 sb->dq_op->initialize(inode, type);
737 /* We hold a reference to 'inode' so it couldn't have been
738 * removed from s_inodes list while we dropped the inode_lock.
739 * We cannot iput the inode now as we can be holding the last
740 * reference and we cannot iput it under inode_lock. So we
741 * keep the reference and iput it later. */
743 spin_lock(&inode_lock);
745 spin_unlock(&inode_lock);
749 /* Return 0 if dqput() won't block (note that 1 doesn't necessarily mean blocking) */
750 static inline int dqput_blocks(struct dquot *dquot)
752 if (atomic_read(&dquot->dq_count) <= 1)
757 /* Remove references to dquots from inode - add dquot to list for freeing if needed */
758 /* We can't race with anybody because we hold dqptr_sem for writing... */
759 static int remove_inode_dquot_ref(struct inode *inode, int type,
760 struct list_head *tofree_head)
762 struct dquot *dquot = inode->i_dquot[type];
764 inode->i_dquot[type] = NODQUOT;
765 if (dquot != NODQUOT) {
766 if (dqput_blocks(dquot)) {
767 #ifdef __DQUOT_PARANOIA
768 if (atomic_read(&dquot->dq_count) != 1)
769 printk(KERN_WARNING "VFS: Adding dquot with dq_count %d to dispose list.\n", atomic_read(&dquot->dq_count));
771 spin_lock(&dq_list_lock);
772 list_add(&dquot->dq_free, tofree_head); /* As dquot must have currently users it can't be on the free list... */
773 spin_unlock(&dq_list_lock);
777 dqput(dquot); /* We have guaranteed we won't block */
782 /* Free list of dquots - called from inode.c */
783 /* dquots are removed from inodes, no new references can be got so we are the only ones holding reference */
784 static void put_dquot_list(struct list_head *tofree_head)
786 struct list_head *act_head;
789 act_head = tofree_head->next;
790 /* So now we have dquots on the list... Just free them */
791 while (act_head != tofree_head) {
792 dquot = list_entry(act_head, struct dquot, dq_free);
793 act_head = act_head->next;
794 list_del_init(&dquot->dq_free); /* Remove dquot from the list so we won't have problems... */
799 static void remove_dquot_ref(struct super_block *sb, int type,
800 struct list_head *tofree_head)
804 spin_lock(&inode_lock);
805 list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
806 if (!IS_NOQUOTA(inode))
807 remove_inode_dquot_ref(inode, type, tofree_head);
809 spin_unlock(&inode_lock);
812 /* Gather all references from inodes and drop them */
813 static void drop_dquot_ref(struct super_block *sb, int type)
815 LIST_HEAD(tofree_head);
818 down_write(&sb_dqopt(sb)->dqptr_sem);
819 remove_dquot_ref(sb, type, &tofree_head);
820 up_write(&sb_dqopt(sb)->dqptr_sem);
821 put_dquot_list(&tofree_head);
825 static inline void dquot_incr_inodes(struct dquot *dquot, unsigned long number)
827 dquot->dq_dqb.dqb_curinodes += number;
830 static inline void dquot_incr_space(struct dquot *dquot, qsize_t number)
832 dquot->dq_dqb.dqb_curspace += number;
835 static inline void dquot_decr_inodes(struct dquot *dquot, unsigned long number)
837 if (dquot->dq_dqb.dqb_curinodes > number)
838 dquot->dq_dqb.dqb_curinodes -= number;
840 dquot->dq_dqb.dqb_curinodes = 0;
841 if (dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit)
842 dquot->dq_dqb.dqb_itime = (time_t) 0;
843 clear_bit(DQ_INODES_B, &dquot->dq_flags);
846 static inline void dquot_decr_space(struct dquot *dquot, qsize_t number)
848 if (dquot->dq_dqb.dqb_curspace > number)
849 dquot->dq_dqb.dqb_curspace -= number;
851 dquot->dq_dqb.dqb_curspace = 0;
852 if (toqb(dquot->dq_dqb.dqb_curspace) <= dquot->dq_dqb.dqb_bsoftlimit)
853 dquot->dq_dqb.dqb_btime = (time_t) 0;
854 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
857 static int warning_issued(struct dquot *dquot, const int warntype)
859 int flag = (warntype == QUOTA_NL_BHARDWARN ||
860 warntype == QUOTA_NL_BSOFTLONGWARN) ? DQ_BLKS_B :
861 ((warntype == QUOTA_NL_IHARDWARN ||
862 warntype == QUOTA_NL_ISOFTLONGWARN) ? DQ_INODES_B : 0);
866 return test_and_set_bit(flag, &dquot->dq_flags);
869 #ifdef CONFIG_PRINT_QUOTA_WARNING
870 static int flag_print_warnings = 1;
872 static inline int need_print_warning(struct dquot *dquot)
874 if (!flag_print_warnings)
877 switch (dquot->dq_type) {
879 return current->fsuid == dquot->dq_id;
881 return in_group_p(dquot->dq_id);
886 /* Print warning to user which exceeded quota */
887 static void print_warning(struct dquot *dquot, const int warntype)
890 struct tty_struct *tty;
892 if (!need_print_warning(dquot))
895 mutex_lock(&tty_mutex);
896 tty = get_current_tty();
899 tty_write_message(tty, dquot->dq_sb->s_id);
900 if (warntype == QUOTA_NL_ISOFTWARN || warntype == QUOTA_NL_BSOFTWARN)
901 tty_write_message(tty, ": warning, ");
903 tty_write_message(tty, ": write failed, ");
904 tty_write_message(tty, quotatypes[dquot->dq_type]);
906 case QUOTA_NL_IHARDWARN:
907 msg = " file limit reached.\r\n";
909 case QUOTA_NL_ISOFTLONGWARN:
910 msg = " file quota exceeded too long.\r\n";
912 case QUOTA_NL_ISOFTWARN:
913 msg = " file quota exceeded.\r\n";
915 case QUOTA_NL_BHARDWARN:
916 msg = " block limit reached.\r\n";
918 case QUOTA_NL_BSOFTLONGWARN:
919 msg = " block quota exceeded too long.\r\n";
921 case QUOTA_NL_BSOFTWARN:
922 msg = " block quota exceeded.\r\n";
925 tty_write_message(tty, msg);
927 mutex_unlock(&tty_mutex);
931 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
933 /* Netlink family structure for quota */
934 static struct genl_family quota_genl_family = {
935 .id = GENL_ID_GENERATE,
939 .maxattr = QUOTA_NL_A_MAX,
942 /* Send warning to userspace about user which exceeded quota */
943 static void send_warning(const struct dquot *dquot, const char warntype)
949 int msg_size = 4 * nla_total_size(sizeof(u32)) +
950 2 * nla_total_size(sizeof(u64));
952 /* We have to allocate using GFP_NOFS as we are called from a
953 * filesystem performing write and thus further recursion into
954 * the fs to free some data could cause deadlocks. */
955 skb = genlmsg_new(msg_size, GFP_NOFS);
958 "VFS: Not enough memory to send quota warning.\n");
961 msg_head = genlmsg_put(skb, 0, atomic_add_return(1, &seq),
962 "a_genl_family, 0, QUOTA_NL_C_WARNING);
965 "VFS: Cannot store netlink header in quota warning.\n");
968 ret = nla_put_u32(skb, QUOTA_NL_A_QTYPE, dquot->dq_type);
971 ret = nla_put_u64(skb, QUOTA_NL_A_EXCESS_ID, dquot->dq_id);
974 ret = nla_put_u32(skb, QUOTA_NL_A_WARNING, warntype);
977 ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MAJOR,
978 MAJOR(dquot->dq_sb->s_dev));
981 ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MINOR,
982 MINOR(dquot->dq_sb->s_dev));
985 ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, current->user->uid);
988 genlmsg_end(skb, msg_head);
990 ret = genlmsg_multicast(skb, 0, quota_genl_family.id, GFP_NOFS);
991 if (ret < 0 && ret != -ESRCH)
993 "VFS: Failed to send notification message: %d\n", ret);
996 printk(KERN_ERR "VFS: Not enough space to compose quota message!\n");
1002 static inline void flush_warnings(struct dquot * const *dquots, char *warntype)
1006 for (i = 0; i < MAXQUOTAS; i++)
1007 if (dquots[i] != NODQUOT && warntype[i] != QUOTA_NL_NOWARN &&
1008 !warning_issued(dquots[i], warntype[i])) {
1009 #ifdef CONFIG_PRINT_QUOTA_WARNING
1010 print_warning(dquots[i], warntype[i]);
1012 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
1013 send_warning(dquots[i], warntype[i]);
1018 static inline char ignore_hardlimit(struct dquot *dquot)
1020 struct mem_dqinfo *info = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_type];
1022 return capable(CAP_SYS_RESOURCE) &&
1023 (info->dqi_format->qf_fmt_id != QFMT_VFS_OLD || !(info->dqi_flags & V1_DQF_RSQUASH));
1026 /* needs dq_data_lock */
1027 static int check_idq(struct dquot *dquot, ulong inodes, char *warntype)
1029 *warntype = QUOTA_NL_NOWARN;
1030 if (inodes <= 0 || test_bit(DQ_FAKE_B, &dquot->dq_flags))
1033 if (dquot->dq_dqb.dqb_ihardlimit &&
1034 (dquot->dq_dqb.dqb_curinodes + inodes) > dquot->dq_dqb.dqb_ihardlimit &&
1035 !ignore_hardlimit(dquot)) {
1036 *warntype = QUOTA_NL_IHARDWARN;
1040 if (dquot->dq_dqb.dqb_isoftlimit &&
1041 (dquot->dq_dqb.dqb_curinodes + inodes) > dquot->dq_dqb.dqb_isoftlimit &&
1042 dquot->dq_dqb.dqb_itime && get_seconds() >= dquot->dq_dqb.dqb_itime &&
1043 !ignore_hardlimit(dquot)) {
1044 *warntype = QUOTA_NL_ISOFTLONGWARN;
1048 if (dquot->dq_dqb.dqb_isoftlimit &&
1049 (dquot->dq_dqb.dqb_curinodes + inodes) > dquot->dq_dqb.dqb_isoftlimit &&
1050 dquot->dq_dqb.dqb_itime == 0) {
1051 *warntype = QUOTA_NL_ISOFTWARN;
1052 dquot->dq_dqb.dqb_itime = get_seconds() + sb_dqopt(dquot->dq_sb)->info[dquot->dq_type].dqi_igrace;
1058 /* needs dq_data_lock */
1059 static int check_bdq(struct dquot *dquot, qsize_t space, int prealloc, char *warntype)
1061 *warntype = QUOTA_NL_NOWARN;
1062 if (space <= 0 || test_bit(DQ_FAKE_B, &dquot->dq_flags))
1065 if (dquot->dq_dqb.dqb_bhardlimit &&
1066 toqb(dquot->dq_dqb.dqb_curspace + space) > dquot->dq_dqb.dqb_bhardlimit &&
1067 !ignore_hardlimit(dquot)) {
1069 *warntype = QUOTA_NL_BHARDWARN;
1073 if (dquot->dq_dqb.dqb_bsoftlimit &&
1074 toqb(dquot->dq_dqb.dqb_curspace + space) > dquot->dq_dqb.dqb_bsoftlimit &&
1075 dquot->dq_dqb.dqb_btime && get_seconds() >= dquot->dq_dqb.dqb_btime &&
1076 !ignore_hardlimit(dquot)) {
1078 *warntype = QUOTA_NL_BSOFTLONGWARN;
1082 if (dquot->dq_dqb.dqb_bsoftlimit &&
1083 toqb(dquot->dq_dqb.dqb_curspace + space) > dquot->dq_dqb.dqb_bsoftlimit &&
1084 dquot->dq_dqb.dqb_btime == 0) {
1086 *warntype = QUOTA_NL_BSOFTWARN;
1087 dquot->dq_dqb.dqb_btime = get_seconds() + sb_dqopt(dquot->dq_sb)->info[dquot->dq_type].dqi_bgrace;
1091 * We don't allow preallocation to exceed softlimit so exceeding will
1101 * Initialize quota pointers in inode
1102 * Transaction must be started at entry
1104 int dquot_initialize(struct inode *inode, int type)
1106 unsigned int id = 0;
1109 /* First test before acquiring mutex - solves deadlocks when we
1110 * re-enter the quota code and are already holding the mutex */
1111 if (IS_NOQUOTA(inode))
1113 down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1114 /* Having dqptr_sem we know NOQUOTA flags can't be altered... */
1115 if (IS_NOQUOTA(inode))
1117 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1118 if (type != -1 && cnt != type)
1120 if (inode->i_dquot[cnt] == NODQUOT) {
1129 inode->i_dquot[cnt] = dqget(inode->i_sb, id, cnt);
1133 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1138 * Release all quotas referenced by inode
1139 * Transaction must be started at an entry
1141 int dquot_drop(struct inode *inode)
1145 down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1146 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1147 if (inode->i_dquot[cnt] != NODQUOT) {
1148 dqput(inode->i_dquot[cnt]);
1149 inode->i_dquot[cnt] = NODQUOT;
1152 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1157 * Following four functions update i_blocks+i_bytes fields and
1158 * quota information (together with appropriate checks)
1159 * NOTE: We absolutely rely on the fact that caller dirties
1160 * the inode (usually macros in quotaops.h care about this) and
1161 * holds a handle for the current transaction so that dquot write and
1162 * inode write go into the same transaction.
1166 * This operation can block, but only after everything is updated
1168 int dquot_alloc_space(struct inode *inode, qsize_t number, int warn)
1170 int cnt, ret = NO_QUOTA;
1171 char warntype[MAXQUOTAS];
1173 /* First test before acquiring mutex - solves deadlocks when we
1174 * re-enter the quota code and are already holding the mutex */
1175 if (IS_NOQUOTA(inode)) {
1177 inode_add_bytes(inode, number);
1180 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1181 warntype[cnt] = QUOTA_NL_NOWARN;
1183 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1184 if (IS_NOQUOTA(inode)) { /* Now we can do reliable test... */
1185 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1188 spin_lock(&dq_data_lock);
1189 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1190 if (inode->i_dquot[cnt] == NODQUOT)
1192 if (check_bdq(inode->i_dquot[cnt], number, warn, warntype+cnt) == NO_QUOTA)
1195 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1196 if (inode->i_dquot[cnt] == NODQUOT)
1198 dquot_incr_space(inode->i_dquot[cnt], number);
1200 inode_add_bytes(inode, number);
1203 spin_unlock(&dq_data_lock);
1204 if (ret == QUOTA_OK)
1205 /* Dirtify all the dquots - this can block when journalling */
1206 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1207 if (inode->i_dquot[cnt])
1208 mark_dquot_dirty(inode->i_dquot[cnt]);
1209 flush_warnings(inode->i_dquot, warntype);
1210 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1215 * This operation can block, but only after everything is updated
1217 int dquot_alloc_inode(const struct inode *inode, unsigned long number)
1219 int cnt, ret = NO_QUOTA;
1220 char warntype[MAXQUOTAS];
1222 /* First test before acquiring mutex - solves deadlocks when we
1223 * re-enter the quota code and are already holding the mutex */
1224 if (IS_NOQUOTA(inode))
1226 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1227 warntype[cnt] = QUOTA_NL_NOWARN;
1228 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1229 if (IS_NOQUOTA(inode)) {
1230 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1233 spin_lock(&dq_data_lock);
1234 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1235 if (inode->i_dquot[cnt] == NODQUOT)
1237 if (check_idq(inode->i_dquot[cnt], number, warntype+cnt) == NO_QUOTA)
1241 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1242 if (inode->i_dquot[cnt] == NODQUOT)
1244 dquot_incr_inodes(inode->i_dquot[cnt], number);
1248 spin_unlock(&dq_data_lock);
1249 if (ret == QUOTA_OK)
1250 /* Dirtify all the dquots - this can block when journalling */
1251 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1252 if (inode->i_dquot[cnt])
1253 mark_dquot_dirty(inode->i_dquot[cnt]);
1254 flush_warnings(inode->i_dquot, warntype);
1255 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1260 * This operation can block, but only after everything is updated
1262 int dquot_free_space(struct inode *inode, qsize_t number)
1266 /* First test before acquiring mutex - solves deadlocks when we
1267 * re-enter the quota code and are already holding the mutex */
1268 if (IS_NOQUOTA(inode)) {
1270 inode_sub_bytes(inode, number);
1273 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1274 /* Now recheck reliably when holding dqptr_sem */
1275 if (IS_NOQUOTA(inode)) {
1276 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1279 spin_lock(&dq_data_lock);
1280 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1281 if (inode->i_dquot[cnt] == NODQUOT)
1283 dquot_decr_space(inode->i_dquot[cnt], number);
1285 inode_sub_bytes(inode, number);
1286 spin_unlock(&dq_data_lock);
1287 /* Dirtify all the dquots - this can block when journalling */
1288 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1289 if (inode->i_dquot[cnt])
1290 mark_dquot_dirty(inode->i_dquot[cnt]);
1291 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1296 * This operation can block, but only after everything is updated
1298 int dquot_free_inode(const struct inode *inode, unsigned long number)
1302 /* First test before acquiring mutex - solves deadlocks when we
1303 * re-enter the quota code and are already holding the mutex */
1304 if (IS_NOQUOTA(inode))
1306 down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1307 /* Now recheck reliably when holding dqptr_sem */
1308 if (IS_NOQUOTA(inode)) {
1309 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1312 spin_lock(&dq_data_lock);
1313 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1314 if (inode->i_dquot[cnt] == NODQUOT)
1316 dquot_decr_inodes(inode->i_dquot[cnt], number);
1318 spin_unlock(&dq_data_lock);
1319 /* Dirtify all the dquots - this can block when journalling */
1320 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1321 if (inode->i_dquot[cnt])
1322 mark_dquot_dirty(inode->i_dquot[cnt]);
1323 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1328 * Transfer the number of inode and blocks from one diskquota to an other.
1330 * This operation can block, but only after everything is updated
1331 * A transaction must be started when entering this function.
1333 int dquot_transfer(struct inode *inode, struct iattr *iattr)
1336 struct dquot *transfer_from[MAXQUOTAS];
1337 struct dquot *transfer_to[MAXQUOTAS];
1338 int cnt, ret = NO_QUOTA, chuid = (iattr->ia_valid & ATTR_UID) && inode->i_uid != iattr->ia_uid,
1339 chgid = (iattr->ia_valid & ATTR_GID) && inode->i_gid != iattr->ia_gid;
1340 char warntype[MAXQUOTAS];
1342 /* First test before acquiring mutex - solves deadlocks when we
1343 * re-enter the quota code and are already holding the mutex */
1344 if (IS_NOQUOTA(inode))
1346 /* Clear the arrays */
1347 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1348 transfer_to[cnt] = transfer_from[cnt] = NODQUOT;
1349 warntype[cnt] = QUOTA_NL_NOWARN;
1351 down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1352 /* Now recheck reliably when holding dqptr_sem */
1353 if (IS_NOQUOTA(inode)) { /* File without quota accounting? */
1354 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1357 /* First build the transfer_to list - here we can block on
1358 * reading/instantiating of dquots. We know that the transaction for
1359 * us was already started so we don't violate lock ranking here */
1360 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1365 transfer_to[cnt] = dqget(inode->i_sb, iattr->ia_uid, cnt);
1370 transfer_to[cnt] = dqget(inode->i_sb, iattr->ia_gid, cnt);
1374 spin_lock(&dq_data_lock);
1375 space = inode_get_bytes(inode);
1376 /* Build the transfer_from list and check the limits */
1377 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1378 if (transfer_to[cnt] == NODQUOT)
1380 transfer_from[cnt] = inode->i_dquot[cnt];
1381 if (check_idq(transfer_to[cnt], 1, warntype+cnt) == NO_QUOTA ||
1382 check_bdq(transfer_to[cnt], space, 0, warntype+cnt) == NO_QUOTA)
1387 * Finally perform the needed transfer from transfer_from to transfer_to
1389 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1391 * Skip changes for same uid or gid or for turned off quota-type.
1393 if (transfer_to[cnt] == NODQUOT)
1396 /* Due to IO error we might not have transfer_from[] structure */
1397 if (transfer_from[cnt]) {
1398 dquot_decr_inodes(transfer_from[cnt], 1);
1399 dquot_decr_space(transfer_from[cnt], space);
1402 dquot_incr_inodes(transfer_to[cnt], 1);
1403 dquot_incr_space(transfer_to[cnt], space);
1405 inode->i_dquot[cnt] = transfer_to[cnt];
1409 spin_unlock(&dq_data_lock);
1410 /* Dirtify all the dquots - this can block when journalling */
1411 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1412 if (transfer_from[cnt])
1413 mark_dquot_dirty(transfer_from[cnt]);
1414 if (transfer_to[cnt])
1415 mark_dquot_dirty(transfer_to[cnt]);
1417 flush_warnings(transfer_to, warntype);
1419 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1420 if (ret == QUOTA_OK && transfer_from[cnt] != NODQUOT)
1421 dqput(transfer_from[cnt]);
1422 if (ret == NO_QUOTA && transfer_to[cnt] != NODQUOT)
1423 dqput(transfer_to[cnt]);
1425 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1430 * Write info of quota file to disk
1432 int dquot_commit_info(struct super_block *sb, int type)
1435 struct quota_info *dqopt = sb_dqopt(sb);
1437 mutex_lock(&dqopt->dqio_mutex);
1438 ret = dqopt->ops[type]->write_file_info(sb, type);
1439 mutex_unlock(&dqopt->dqio_mutex);
1444 * Definitions of diskquota operations.
1446 struct dquot_operations dquot_operations = {
1447 .initialize = dquot_initialize,
1449 .alloc_space = dquot_alloc_space,
1450 .alloc_inode = dquot_alloc_inode,
1451 .free_space = dquot_free_space,
1452 .free_inode = dquot_free_inode,
1453 .transfer = dquot_transfer,
1454 .write_dquot = dquot_commit,
1455 .acquire_dquot = dquot_acquire,
1456 .release_dquot = dquot_release,
1457 .mark_dirty = dquot_mark_dquot_dirty,
1458 .write_info = dquot_commit_info
1461 static inline void set_enable_flags(struct quota_info *dqopt, int type)
1465 dqopt->flags |= DQUOT_USR_ENABLED;
1466 dqopt->flags &= ~DQUOT_USR_SUSPENDED;
1469 dqopt->flags |= DQUOT_GRP_ENABLED;
1470 dqopt->flags &= ~DQUOT_GRP_SUSPENDED;
1475 static inline void reset_enable_flags(struct quota_info *dqopt, int type,
1480 dqopt->flags &= ~DQUOT_USR_ENABLED;
1482 dqopt->flags |= DQUOT_USR_SUSPENDED;
1484 dqopt->flags &= ~DQUOT_USR_SUSPENDED;
1487 dqopt->flags &= ~DQUOT_GRP_ENABLED;
1489 dqopt->flags |= DQUOT_GRP_SUSPENDED;
1491 dqopt->flags &= ~DQUOT_GRP_SUSPENDED;
1498 * Turn quota off on a device. type == -1 ==> quotaoff for all types (umount)
1500 int vfs_quota_off(struct super_block *sb, int type, int remount)
1503 struct quota_info *dqopt = sb_dqopt(sb);
1504 struct inode *toputinode[MAXQUOTAS];
1506 /* We need to serialize quota_off() for device */
1507 mutex_lock(&dqopt->dqonoff_mutex);
1510 * Skip everything if there's nothing to do. We have to do this because
1511 * sometimes we are called when fill_super() failed and calling
1512 * sync_fs() in such cases does no good.
1514 if (!sb_any_quota_enabled(sb) && !sb_any_quota_suspended(sb)) {
1515 mutex_unlock(&dqopt->dqonoff_mutex);
1518 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1519 toputinode[cnt] = NULL;
1520 if (type != -1 && cnt != type)
1522 /* If we keep inodes of quota files after remount and quotaoff
1523 * is called, drop kept inodes. */
1524 if (!remount && sb_has_quota_suspended(sb, cnt)) {
1525 iput(dqopt->files[cnt]);
1526 dqopt->files[cnt] = NULL;
1527 reset_enable_flags(dqopt, cnt, 0);
1530 if (!sb_has_quota_enabled(sb, cnt))
1532 reset_enable_flags(dqopt, cnt, remount);
1534 /* Note: these are blocking operations */
1535 drop_dquot_ref(sb, cnt);
1536 invalidate_dquots(sb, cnt);
1538 * Now all dquots should be invalidated, all writes done so we should be only
1539 * users of the info. No locks needed.
1541 if (info_dirty(&dqopt->info[cnt]))
1542 sb->dq_op->write_info(sb, cnt);
1543 if (dqopt->ops[cnt]->free_file_info)
1544 dqopt->ops[cnt]->free_file_info(sb, cnt);
1545 put_quota_format(dqopt->info[cnt].dqi_format);
1547 toputinode[cnt] = dqopt->files[cnt];
1549 dqopt->files[cnt] = NULL;
1550 dqopt->info[cnt].dqi_flags = 0;
1551 dqopt->info[cnt].dqi_igrace = 0;
1552 dqopt->info[cnt].dqi_bgrace = 0;
1553 dqopt->ops[cnt] = NULL;
1555 mutex_unlock(&dqopt->dqonoff_mutex);
1556 /* Sync the superblock so that buffers with quota data are written to
1557 * disk (and so userspace sees correct data afterwards). */
1558 if (sb->s_op->sync_fs)
1559 sb->s_op->sync_fs(sb, 1);
1560 sync_blockdev(sb->s_bdev);
1561 /* Now the quota files are just ordinary files and we can set the
1562 * inode flags back. Moreover we discard the pagecache so that
1563 * userspace sees the writes we did bypassing the pagecache. We
1564 * must also discard the blockdev buffers so that we see the
1565 * changes done by userspace on the next quotaon() */
1566 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1567 if (toputinode[cnt]) {
1568 mutex_lock(&dqopt->dqonoff_mutex);
1569 /* If quota was reenabled in the meantime, we have
1571 if (!sb_has_quota_enabled(sb, cnt)) {
1572 mutex_lock_nested(&toputinode[cnt]->i_mutex, I_MUTEX_QUOTA);
1573 toputinode[cnt]->i_flags &= ~(S_IMMUTABLE |
1574 S_NOATIME | S_NOQUOTA);
1575 truncate_inode_pages(&toputinode[cnt]->i_data, 0);
1576 mutex_unlock(&toputinode[cnt]->i_mutex);
1577 mark_inode_dirty(toputinode[cnt]);
1579 mutex_unlock(&dqopt->dqonoff_mutex);
1580 /* On remount RO, we keep the inode pointer so that we
1581 * can reenable quota on the subsequent remount RW.
1582 * But we have better not keep inode pointer when there
1583 * is pending delete on the quota file... */
1585 iput(toputinode[cnt]);
1586 else if (!toputinode[cnt]->i_nlink)
1590 invalidate_bdev(sb->s_bdev);
1595 * Turn quotas on on a device
1598 /* Helper function when we already have the inode */
1599 static int vfs_quota_on_inode(struct inode *inode, int type, int format_id)
1601 struct quota_format_type *fmt = find_quota_format(format_id);
1602 struct super_block *sb = inode->i_sb;
1603 struct quota_info *dqopt = sb_dqopt(sb);
1609 if (!S_ISREG(inode->i_mode)) {
1613 if (IS_RDONLY(inode)) {
1617 if (!sb->s_op->quota_write || !sb->s_op->quota_read) {
1622 /* As we bypass the pagecache we must now flush the inode so that
1623 * we see all the changes from userspace... */
1624 write_inode_now(inode, 1);
1625 /* And now flush the block cache so that kernel sees the changes */
1626 invalidate_bdev(sb->s_bdev);
1627 mutex_lock(&inode->i_mutex);
1628 mutex_lock(&dqopt->dqonoff_mutex);
1629 if (sb_has_quota_enabled(sb, type) ||
1630 sb_has_quota_suspended(sb, type)) {
1634 /* We don't want quota and atime on quota files (deadlocks possible)
1635 * Also nobody should write to the file - we use special IO operations
1636 * which ignore the immutable bit. */
1637 down_write(&dqopt->dqptr_sem);
1638 oldflags = inode->i_flags & (S_NOATIME | S_IMMUTABLE | S_NOQUOTA);
1639 inode->i_flags |= S_NOQUOTA | S_NOATIME | S_IMMUTABLE;
1640 up_write(&dqopt->dqptr_sem);
1641 sb->dq_op->drop(inode);
1644 dqopt->files[type] = igrab(inode);
1645 if (!dqopt->files[type])
1648 if (!fmt->qf_ops->check_quota_file(sb, type))
1651 dqopt->ops[type] = fmt->qf_ops;
1652 dqopt->info[type].dqi_format = fmt;
1653 dqopt->info[type].dqi_fmt_id = format_id;
1654 INIT_LIST_HEAD(&dqopt->info[type].dqi_dirty_list);
1655 mutex_lock(&dqopt->dqio_mutex);
1656 if ((error = dqopt->ops[type]->read_file_info(sb, type)) < 0) {
1657 mutex_unlock(&dqopt->dqio_mutex);
1660 mutex_unlock(&dqopt->dqio_mutex);
1661 mutex_unlock(&inode->i_mutex);
1662 set_enable_flags(dqopt, type);
1664 add_dquot_ref(sb, type);
1665 mutex_unlock(&dqopt->dqonoff_mutex);
1670 dqopt->files[type] = NULL;
1673 mutex_unlock(&dqopt->dqonoff_mutex);
1674 if (oldflags != -1) {
1675 down_write(&dqopt->dqptr_sem);
1676 /* Set the flags back (in the case of accidental quotaon()
1677 * on a wrong file we don't want to mess up the flags) */
1678 inode->i_flags &= ~(S_NOATIME | S_NOQUOTA | S_IMMUTABLE);
1679 inode->i_flags |= oldflags;
1680 up_write(&dqopt->dqptr_sem);
1682 mutex_unlock(&inode->i_mutex);
1684 put_quota_format(fmt);
1689 /* Reenable quotas on remount RW */
1690 static int vfs_quota_on_remount(struct super_block *sb, int type)
1692 struct quota_info *dqopt = sb_dqopt(sb);
1693 struct inode *inode;
1696 mutex_lock(&dqopt->dqonoff_mutex);
1697 if (!sb_has_quota_suspended(sb, type)) {
1698 mutex_unlock(&dqopt->dqonoff_mutex);
1701 BUG_ON(sb_has_quota_enabled(sb, type));
1703 inode = dqopt->files[type];
1704 dqopt->files[type] = NULL;
1705 reset_enable_flags(dqopt, type, 0);
1706 mutex_unlock(&dqopt->dqonoff_mutex);
1708 ret = vfs_quota_on_inode(inode, type, dqopt->info[type].dqi_fmt_id);
1714 /* Actual function called from quotactl() */
1715 int vfs_quota_on(struct super_block *sb, int type, int format_id, char *path,
1718 struct nameidata nd;
1722 return vfs_quota_on_remount(sb, type);
1724 error = path_lookup(path, LOOKUP_FOLLOW, &nd);
1727 error = security_quota_on(nd.path.dentry);
1730 /* Quota file not on the same filesystem? */
1731 if (nd.path.mnt->mnt_sb != sb)
1734 error = vfs_quota_on_inode(nd.path.dentry->d_inode, type,
1742 * This function is used when filesystem needs to initialize quotas
1743 * during mount time.
1745 int vfs_quota_on_mount(struct super_block *sb, char *qf_name,
1746 int format_id, int type)
1748 struct dentry *dentry;
1751 dentry = lookup_one_len(qf_name, sb->s_root, strlen(qf_name));
1753 return PTR_ERR(dentry);
1755 if (!dentry->d_inode) {
1760 error = security_quota_on(dentry);
1762 error = vfs_quota_on_inode(dentry->d_inode, type, format_id);
1769 /* Generic routine for getting common part of quota structure */
1770 static void do_get_dqblk(struct dquot *dquot, struct if_dqblk *di)
1772 struct mem_dqblk *dm = &dquot->dq_dqb;
1774 spin_lock(&dq_data_lock);
1775 di->dqb_bhardlimit = dm->dqb_bhardlimit;
1776 di->dqb_bsoftlimit = dm->dqb_bsoftlimit;
1777 di->dqb_curspace = dm->dqb_curspace;
1778 di->dqb_ihardlimit = dm->dqb_ihardlimit;
1779 di->dqb_isoftlimit = dm->dqb_isoftlimit;
1780 di->dqb_curinodes = dm->dqb_curinodes;
1781 di->dqb_btime = dm->dqb_btime;
1782 di->dqb_itime = dm->dqb_itime;
1783 di->dqb_valid = QIF_ALL;
1784 spin_unlock(&dq_data_lock);
1787 int vfs_get_dqblk(struct super_block *sb, int type, qid_t id, struct if_dqblk *di)
1789 struct dquot *dquot;
1791 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1792 if (!(dquot = dqget(sb, id, type))) {
1793 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1796 do_get_dqblk(dquot, di);
1798 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1802 /* Generic routine for setting common part of quota structure */
1803 static int do_set_dqblk(struct dquot *dquot, struct if_dqblk *di)
1805 struct mem_dqblk *dm = &dquot->dq_dqb;
1806 int check_blim = 0, check_ilim = 0;
1807 struct mem_dqinfo *dqi = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_type];
1809 if ((di->dqb_valid & QIF_BLIMITS &&
1810 (di->dqb_bhardlimit > dqi->dqi_maxblimit ||
1811 di->dqb_bsoftlimit > dqi->dqi_maxblimit)) ||
1812 (di->dqb_valid & QIF_ILIMITS &&
1813 (di->dqb_ihardlimit > dqi->dqi_maxilimit ||
1814 di->dqb_isoftlimit > dqi->dqi_maxilimit)))
1817 spin_lock(&dq_data_lock);
1818 if (di->dqb_valid & QIF_SPACE) {
1819 dm->dqb_curspace = di->dqb_curspace;
1822 if (di->dqb_valid & QIF_BLIMITS) {
1823 dm->dqb_bsoftlimit = di->dqb_bsoftlimit;
1824 dm->dqb_bhardlimit = di->dqb_bhardlimit;
1827 if (di->dqb_valid & QIF_INODES) {
1828 dm->dqb_curinodes = di->dqb_curinodes;
1831 if (di->dqb_valid & QIF_ILIMITS) {
1832 dm->dqb_isoftlimit = di->dqb_isoftlimit;
1833 dm->dqb_ihardlimit = di->dqb_ihardlimit;
1836 if (di->dqb_valid & QIF_BTIME)
1837 dm->dqb_btime = di->dqb_btime;
1838 if (di->dqb_valid & QIF_ITIME)
1839 dm->dqb_itime = di->dqb_itime;
1842 if (!dm->dqb_bsoftlimit || toqb(dm->dqb_curspace) < dm->dqb_bsoftlimit) {
1844 clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1846 else if (!(di->dqb_valid & QIF_BTIME)) /* Set grace only if user hasn't provided his own... */
1847 dm->dqb_btime = get_seconds() + dqi->dqi_bgrace;
1850 if (!dm->dqb_isoftlimit || dm->dqb_curinodes < dm->dqb_isoftlimit) {
1852 clear_bit(DQ_INODES_B, &dquot->dq_flags);
1854 else if (!(di->dqb_valid & QIF_ITIME)) /* Set grace only if user hasn't provided his own... */
1855 dm->dqb_itime = get_seconds() + dqi->dqi_igrace;
1857 if (dm->dqb_bhardlimit || dm->dqb_bsoftlimit || dm->dqb_ihardlimit || dm->dqb_isoftlimit)
1858 clear_bit(DQ_FAKE_B, &dquot->dq_flags);
1860 set_bit(DQ_FAKE_B, &dquot->dq_flags);
1861 spin_unlock(&dq_data_lock);
1862 mark_dquot_dirty(dquot);
1867 int vfs_set_dqblk(struct super_block *sb, int type, qid_t id, struct if_dqblk *di)
1869 struct dquot *dquot;
1872 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1873 if (!(dquot = dqget(sb, id, type))) {
1874 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1877 rc = do_set_dqblk(dquot, di);
1879 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1883 /* Generic routine for getting common part of quota file information */
1884 int vfs_get_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii)
1886 struct mem_dqinfo *mi;
1888 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1889 if (!sb_has_quota_enabled(sb, type)) {
1890 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1893 mi = sb_dqopt(sb)->info + type;
1894 spin_lock(&dq_data_lock);
1895 ii->dqi_bgrace = mi->dqi_bgrace;
1896 ii->dqi_igrace = mi->dqi_igrace;
1897 ii->dqi_flags = mi->dqi_flags & DQF_MASK;
1898 ii->dqi_valid = IIF_ALL;
1899 spin_unlock(&dq_data_lock);
1900 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1904 /* Generic routine for setting common part of quota file information */
1905 int vfs_set_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii)
1907 struct mem_dqinfo *mi;
1909 mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1910 if (!sb_has_quota_enabled(sb, type)) {
1911 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1914 mi = sb_dqopt(sb)->info + type;
1915 spin_lock(&dq_data_lock);
1916 if (ii->dqi_valid & IIF_BGRACE)
1917 mi->dqi_bgrace = ii->dqi_bgrace;
1918 if (ii->dqi_valid & IIF_IGRACE)
1919 mi->dqi_igrace = ii->dqi_igrace;
1920 if (ii->dqi_valid & IIF_FLAGS)
1921 mi->dqi_flags = (mi->dqi_flags & ~DQF_MASK) | (ii->dqi_flags & DQF_MASK);
1922 spin_unlock(&dq_data_lock);
1923 mark_info_dirty(sb, type);
1924 /* Force write to disk */
1925 sb->dq_op->write_info(sb, type);
1926 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1930 struct quotactl_ops vfs_quotactl_ops = {
1931 .quota_on = vfs_quota_on,
1932 .quota_off = vfs_quota_off,
1933 .quota_sync = vfs_quota_sync,
1934 .get_info = vfs_get_dqinfo,
1935 .set_info = vfs_set_dqinfo,
1936 .get_dqblk = vfs_get_dqblk,
1937 .set_dqblk = vfs_set_dqblk
1940 static ctl_table fs_dqstats_table[] = {
1942 .ctl_name = FS_DQ_LOOKUPS,
1943 .procname = "lookups",
1944 .data = &dqstats.lookups,
1945 .maxlen = sizeof(int),
1947 .proc_handler = &proc_dointvec,
1950 .ctl_name = FS_DQ_DROPS,
1951 .procname = "drops",
1952 .data = &dqstats.drops,
1953 .maxlen = sizeof(int),
1955 .proc_handler = &proc_dointvec,
1958 .ctl_name = FS_DQ_READS,
1959 .procname = "reads",
1960 .data = &dqstats.reads,
1961 .maxlen = sizeof(int),
1963 .proc_handler = &proc_dointvec,
1966 .ctl_name = FS_DQ_WRITES,
1967 .procname = "writes",
1968 .data = &dqstats.writes,
1969 .maxlen = sizeof(int),
1971 .proc_handler = &proc_dointvec,
1974 .ctl_name = FS_DQ_CACHE_HITS,
1975 .procname = "cache_hits",
1976 .data = &dqstats.cache_hits,
1977 .maxlen = sizeof(int),
1979 .proc_handler = &proc_dointvec,
1982 .ctl_name = FS_DQ_ALLOCATED,
1983 .procname = "allocated_dquots",
1984 .data = &dqstats.allocated_dquots,
1985 .maxlen = sizeof(int),
1987 .proc_handler = &proc_dointvec,
1990 .ctl_name = FS_DQ_FREE,
1991 .procname = "free_dquots",
1992 .data = &dqstats.free_dquots,
1993 .maxlen = sizeof(int),
1995 .proc_handler = &proc_dointvec,
1998 .ctl_name = FS_DQ_SYNCS,
1999 .procname = "syncs",
2000 .data = &dqstats.syncs,
2001 .maxlen = sizeof(int),
2003 .proc_handler = &proc_dointvec,
2005 #ifdef CONFIG_PRINT_QUOTA_WARNING
2007 .ctl_name = FS_DQ_WARNINGS,
2008 .procname = "warnings",
2009 .data = &flag_print_warnings,
2010 .maxlen = sizeof(int),
2012 .proc_handler = &proc_dointvec,
2018 static ctl_table fs_table[] = {
2020 .ctl_name = FS_DQSTATS,
2021 .procname = "quota",
2023 .child = fs_dqstats_table,
2028 static ctl_table sys_table[] = {
2038 static int __init dquot_init(void)
2041 unsigned long nr_hash, order;
2043 printk(KERN_NOTICE "VFS: Disk quotas %s\n", __DQUOT_VERSION__);
2045 register_sysctl_table(sys_table);
2047 dquot_cachep = kmem_cache_create("dquot",
2048 sizeof(struct dquot), sizeof(unsigned long) * 4,
2049 (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT|
2050 SLAB_MEM_SPREAD|SLAB_PANIC),
2054 dquot_hash = (struct hlist_head *)__get_free_pages(GFP_ATOMIC, order);
2056 panic("Cannot create dquot hash table");
2058 /* Find power-of-two hlist_heads which can fit into allocation */
2059 nr_hash = (1UL << order) * PAGE_SIZE / sizeof(struct hlist_head);
2063 } while (nr_hash >> dq_hash_bits);
2066 nr_hash = 1UL << dq_hash_bits;
2067 dq_hash_mask = nr_hash - 1;
2068 for (i = 0; i < nr_hash; i++)
2069 INIT_HLIST_HEAD(dquot_hash + i);
2071 printk("Dquot-cache hash table entries: %ld (order %ld, %ld bytes)\n",
2072 nr_hash, order, (PAGE_SIZE << order));
2074 register_shrinker(&dqcache_shrinker);
2076 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
2077 if (genl_register_family("a_genl_family) != 0)
2078 printk(KERN_ERR "VFS: Failed to create quota netlink interface.\n");
2083 module_init(dquot_init);
2085 EXPORT_SYMBOL(register_quota_format);
2086 EXPORT_SYMBOL(unregister_quota_format);
2087 EXPORT_SYMBOL(dqstats);
2088 EXPORT_SYMBOL(dq_data_lock);
2089 EXPORT_SYMBOL(vfs_quota_on);
2090 EXPORT_SYMBOL(vfs_quota_on_mount);
2091 EXPORT_SYMBOL(vfs_quota_off);
2092 EXPORT_SYMBOL(vfs_quota_sync);
2093 EXPORT_SYMBOL(vfs_get_dqinfo);
2094 EXPORT_SYMBOL(vfs_set_dqinfo);
2095 EXPORT_SYMBOL(vfs_get_dqblk);
2096 EXPORT_SYMBOL(vfs_set_dqblk);
2097 EXPORT_SYMBOL(dquot_commit);
2098 EXPORT_SYMBOL(dquot_commit_info);
2099 EXPORT_SYMBOL(dquot_acquire);
2100 EXPORT_SYMBOL(dquot_release);
2101 EXPORT_SYMBOL(dquot_mark_dquot_dirty);
2102 EXPORT_SYMBOL(dquot_initialize);
2103 EXPORT_SYMBOL(dquot_drop);
2104 EXPORT_SYMBOL(dquot_alloc_space);
2105 EXPORT_SYMBOL(dquot_alloc_inode);
2106 EXPORT_SYMBOL(dquot_free_space);
2107 EXPORT_SYMBOL(dquot_free_inode);
2108 EXPORT_SYMBOL(dquot_transfer);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob