search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'xtensa-20180225' of git://github.com/jcmvbkbc/linux-xtensa
[cris-mirror.git] / fs / xfs / scrub / quota.c
blob51daa4ae2627af7b4f8988ecf423d0680b9f519a
1 /*
2 * Copyright (C) 2017 Oracle. All Rights Reserved.
3 *
4 * Author: Darrick J. Wong <darrick.wong@oracle.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it would be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
19 */
20 #include "xfs.h"
21 #include "xfs_fs.h"
22 #include "xfs_shared.h"
23 #include "xfs_format.h"
24 #include "xfs_trans_resv.h"
25 #include "xfs_mount.h"
26 #include "xfs_defer.h"
27 #include "xfs_btree.h"
28 #include "xfs_bit.h"
29 #include "xfs_log_format.h"
30 #include "xfs_trans.h"
31 #include "xfs_sb.h"
32 #include "xfs_inode.h"
33 #include "xfs_inode_fork.h"
34 #include "xfs_alloc.h"
35 #include "xfs_bmap.h"
36 #include "xfs_quota.h"
37 #include "xfs_qm.h"
38 #include "xfs_dquot.h"
39 #include "xfs_dquot_item.h"
40 #include "scrub/xfs_scrub.h"
41 #include "scrub/scrub.h"
42 #include "scrub/common.h"
43 #include "scrub/trace.h"
44
45 /* Convert a scrub type code to a DQ flag, or return 0 if error. */
46 static inline uint
47 xfs_scrub_quota_to_dqtype(
48 struct xfs_scrub_context *sc)
49 {
50 switch (sc->sm->sm_type) {
51 case XFS_SCRUB_TYPE_UQUOTA:
52 return XFS_DQ_USER;
53 case XFS_SCRUB_TYPE_GQUOTA:
54 return XFS_DQ_GROUP;
55 case XFS_SCRUB_TYPE_PQUOTA:
56 return XFS_DQ_PROJ;
57 default:
58 return 0;
59 }
60 }
61
62 /* Set us up to scrub a quota. */
63 int
64 xfs_scrub_setup_quota(
65 struct xfs_scrub_context *sc,
66 struct xfs_inode *ip)
67 {
68 uint dqtype;
69
70 dqtype = xfs_scrub_quota_to_dqtype(sc);
71 if (dqtype == 0)
72 return -EINVAL;
73 if (!xfs_this_quota_on(sc->mp, dqtype))
74 return -ENOENT;
75 return 0;
76 }
77
78 /* Quotas. */
79
80 /* Scrub the fields in an individual quota item. */
81 STATIC void
82 xfs_scrub_quota_item(
83 struct xfs_scrub_context *sc,
84 uint dqtype,
85 struct xfs_dquot *dq,
86 xfs_dqid_t id)
87 {
88 struct xfs_mount *mp = sc->mp;
89 struct xfs_disk_dquot *d = &dq->q_core;
90 struct xfs_quotainfo *qi = mp->m_quotainfo;
91 xfs_fileoff_t offset;
92 unsigned long long bsoft;
93 unsigned long long isoft;
94 unsigned long long rsoft;
95 unsigned long long bhard;
96 unsigned long long ihard;
97 unsigned long long rhard;
98 unsigned long long bcount;
99 unsigned long long icount;
100 unsigned long long rcount;
101 xfs_ino_t fs_icount;
102
103 offset = id / qi->qi_dqperchunk;
104
105 /*
106 * We fed $id and DQNEXT into the xfs_qm_dqget call, which means
107 * that the actual dquot we got must either have the same id or
108 * the next higher id.
109 */
110 if (id > be32_to_cpu(d->d_id))
111 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
112
113 /* Did we get the dquot type we wanted? */
114 if (dqtype != (d->d_flags & XFS_DQ_ALLTYPES))
115 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
116
117 if (d->d_pad0 != cpu_to_be32(0) || d->d_pad != cpu_to_be16(0))
118 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
119
120 /* Check the limits. */
121 bhard = be64_to_cpu(d->d_blk_hardlimit);
122 ihard = be64_to_cpu(d->d_ino_hardlimit);
123 rhard = be64_to_cpu(d->d_rtb_hardlimit);
124
125 bsoft = be64_to_cpu(d->d_blk_softlimit);
126 isoft = be64_to_cpu(d->d_ino_softlimit);
127 rsoft = be64_to_cpu(d->d_rtb_softlimit);
128
129 /*
130 * Warn if the hard limits are larger than the fs.
131 * Administrators can do this, though in production this seems
132 * suspect, which is why we flag it for review.
133 *
134 * Complain about corruption if the soft limit is greater than
135 * the hard limit.
136 */
137 if (bhard > mp->m_sb.sb_dblocks)
138 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK, offset);
139 if (bsoft > bhard)
140 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
141
142 if (ihard > mp->m_maxicount)
143 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK, offset);
144 if (isoft > ihard)
145 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
146
147 if (rhard > mp->m_sb.sb_rblocks)
148 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK, offset);
149 if (rsoft > rhard)
150 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
151
152 /* Check the resource counts. */
153 bcount = be64_to_cpu(d->d_bcount);
154 icount = be64_to_cpu(d->d_icount);
155 rcount = be64_to_cpu(d->d_rtbcount);
156 fs_icount = percpu_counter_sum(&mp->m_icount);
157
158 /*
159 * Check that usage doesn't exceed physical limits. However, on
160 * a reflink filesystem we're allowed to exceed physical space
161 * if there are no quota limits.
162 */
163 if (xfs_sb_version_hasreflink(&mp->m_sb)) {
164 if (mp->m_sb.sb_dblocks < bcount)
165 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK,
166 offset);
167 } else {
168 if (mp->m_sb.sb_dblocks < bcount)
169 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK,
170 offset);
171 }
172 if (icount > fs_icount || rcount > mp->m_sb.sb_rblocks)
173 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
174
175 /*
176 * We can violate the hard limits if the admin suddenly sets a
177 * lower limit than the actual usage. However, we flag it for
178 * admin review.
179 */
180 if (id != 0 && bhard != 0 && bcount > bhard)
181 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK, offset);
182 if (id != 0 && ihard != 0 && icount > ihard)
183 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK, offset);
184 if (id != 0 && rhard != 0 && rcount > rhard)
185 xfs_scrub_fblock_set_warning(sc, XFS_DATA_FORK, offset);
186 }
187
188 /* Scrub all of a quota type's items. */
189 int
190 xfs_scrub_quota(
191 struct xfs_scrub_context *sc)
192 {
193 struct xfs_bmbt_irec irec = { 0 };
194 struct xfs_mount *mp = sc->mp;
195 struct xfs_inode *ip;
196 struct xfs_quotainfo *qi = mp->m_quotainfo;
197 struct xfs_dquot *dq;
198 xfs_fileoff_t max_dqid_off;
199 xfs_fileoff_t off = 0;
200 xfs_dqid_t id = 0;
201 uint dqtype;
202 int nimaps;
203 int error = 0;
204
205 if (!XFS_IS_QUOTA_RUNNING(mp) || !XFS_IS_QUOTA_ON(mp))
206 return -ENOENT;
207
208 mutex_lock(&qi->qi_quotaofflock);
209 dqtype = xfs_scrub_quota_to_dqtype(sc);
210 if (!xfs_this_quota_on(sc->mp, dqtype)) {
211 error = -ENOENT;
212 goto out_unlock_quota;
213 }
214
215 /* Attach to the quota inode and set sc->ip so that reporting works. */
216 ip = xfs_quota_inode(sc->mp, dqtype);
217 sc->ip = ip;
218
219 /* Look for problem extents. */
220 xfs_ilock(ip, XFS_ILOCK_EXCL);
221 if (ip->i_d.di_flags & XFS_DIFLAG_REALTIME) {
222 xfs_scrub_ino_set_corrupt(sc, sc->ip->i_ino, NULL);
223 goto out_unlock_inode;
224 }
225 max_dqid_off = ((xfs_dqid_t)-1) / qi->qi_dqperchunk;
226 while (1) {
227 if (xfs_scrub_should_terminate(sc, &error))
228 break;
229
230 off = irec.br_startoff + irec.br_blockcount;
231 nimaps = 1;
232 error = xfs_bmapi_read(ip, off, -1, &irec, &nimaps,
233 XFS_BMAPI_ENTIRE);
234 if (!xfs_scrub_fblock_process_error(sc, XFS_DATA_FORK, off,
235 &error))
236 goto out_unlock_inode;
237 if (!nimaps)
238 break;
239 if (irec.br_startblock == HOLESTARTBLOCK)
240 continue;
241
242 /* Check the extent record doesn't point to crap. */
243 if (irec.br_startblock + irec.br_blockcount <=
244 irec.br_startblock)
245 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK,
246 irec.br_startoff);
247 if (!xfs_verify_fsbno(mp, irec.br_startblock) ||
248 !xfs_verify_fsbno(mp, irec.br_startblock +
249 irec.br_blockcount - 1))
250 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK,
251 irec.br_startoff);
252
253 /*
254 * Unwritten extents or blocks mapped above the highest
255 * quota id shouldn't happen.
256 */
257 if (isnullstartblock(irec.br_startblock) ||
258 irec.br_startoff > max_dqid_off ||
259 irec.br_startoff + irec.br_blockcount > max_dqid_off + 1)
260 xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, off);
261 }
262 xfs_iunlock(ip, XFS_ILOCK_EXCL);
263 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
264 goto out;
265
266 /* Check all the quota items. */
267 while (id < ((xfs_dqid_t)-1ULL)) {
268 if (xfs_scrub_should_terminate(sc, &error))
269 break;
270
271 error = xfs_qm_dqget(mp, NULL, id, dqtype, XFS_QMOPT_DQNEXT,
272 &dq);
273 if (error == -ENOENT)
274 break;
275 if (!xfs_scrub_fblock_process_error(sc, XFS_DATA_FORK,
276 id * qi->qi_dqperchunk, &error))
277 break;
278
279 xfs_scrub_quota_item(sc, dqtype, dq, id);
280
281 id = be32_to_cpu(dq->q_core.d_id) + 1;
282 xfs_qm_dqput(dq);
283 if (!id)
284 break;
285 }
286
287 out:
288 /* We set sc->ip earlier, so make sure we clear it now. */
289 sc->ip = NULL;
290 out_unlock_quota:
291 mutex_unlock(&qi->qi_quotaofflock);
292 return error;
293
294 out_unlock_inode:
295 xfs_iunlock(ip, XFS_ILOCK_EXCL);
296 goto out;
297 }
CRIS linux kernel tree