[PATCH] UFS: inode->i_sem is not released in error path
[linux-2.6/verdex.git] / fs / quota.c
blob612e04db4b939189721f35182c2dd1793804ae89
1 /*
2 * Quota code necessary even when VFS quota support is not compiled
3 * into the kernel. The interesting stuff is over in dquot.c, here
4 * we have symbols for initial quotactl(2) handling, the sysctl(2)
5 * variables, etc - things needed even when quota support disabled.
6 */
8 #include <linux/fs.h>
9 #include <linux/namei.h>
10 #include <linux/slab.h>
11 #include <asm/current.h>
12 #include <asm/uaccess.h>
13 #include <linux/kernel.h>
14 #include <linux/smp_lock.h>
15 #include <linux/security.h>
16 #include <linux/syscalls.h>
17 #include <linux/buffer_head.h>
18 #include <linux/quotaops.h>
20 /* Check validity of generic quotactl commands */
21 static int generic_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t id)
23 if (type >= MAXQUOTAS)
24 return -EINVAL;
25 if (!sb && cmd != Q_SYNC)
26 return -ENODEV;
27 /* Is operation supported? */
28 if (sb && !sb->s_qcop)
29 return -ENOSYS;
31 switch (cmd) {
32 case Q_GETFMT:
33 break;
34 case Q_QUOTAON:
35 if (!sb->s_qcop->quota_on)
36 return -ENOSYS;
37 break;
38 case Q_QUOTAOFF:
39 if (!sb->s_qcop->quota_off)
40 return -ENOSYS;
41 break;
42 case Q_SETINFO:
43 if (!sb->s_qcop->set_info)
44 return -ENOSYS;
45 break;
46 case Q_GETINFO:
47 if (!sb->s_qcop->get_info)
48 return -ENOSYS;
49 break;
50 case Q_SETQUOTA:
51 if (!sb->s_qcop->set_dqblk)
52 return -ENOSYS;
53 break;
54 case Q_GETQUOTA:
55 if (!sb->s_qcop->get_dqblk)
56 return -ENOSYS;
57 break;
58 case Q_SYNC:
59 if (sb && !sb->s_qcop->quota_sync)
60 return -ENOSYS;
61 break;
62 default:
63 return -EINVAL;
66 /* Is quota turned on for commands which need it? */
67 switch (cmd) {
68 case Q_GETFMT:
69 case Q_GETINFO:
70 case Q_QUOTAOFF:
71 case Q_SETINFO:
72 case Q_SETQUOTA:
73 case Q_GETQUOTA:
74 /* This is just informative test so we are satisfied without a lock */
75 if (!sb_has_quota_enabled(sb, type))
76 return -ESRCH;
79 /* Check privileges */
80 if (cmd == Q_GETQUOTA) {
81 if (((type == USRQUOTA && current->euid != id) ||
82 (type == GRPQUOTA && !in_egroup_p(id))) &&
83 !capable(CAP_SYS_ADMIN))
84 return -EPERM;
86 else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO)
87 if (!capable(CAP_SYS_ADMIN))
88 return -EPERM;
90 return 0;
93 /* Check validity of XFS Quota Manager commands */
94 static int xqm_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t id)
96 if (type >= XQM_MAXQUOTAS)
97 return -EINVAL;
98 if (!sb)
99 return -ENODEV;
100 if (!sb->s_qcop)
101 return -ENOSYS;
103 switch (cmd) {
104 case Q_XQUOTAON:
105 case Q_XQUOTAOFF:
106 case Q_XQUOTARM:
107 if (!sb->s_qcop->set_xstate)
108 return -ENOSYS;
109 break;
110 case Q_XGETQSTAT:
111 if (!sb->s_qcop->get_xstate)
112 return -ENOSYS;
113 break;
114 case Q_XSETQLIM:
115 if (!sb->s_qcop->set_xquota)
116 return -ENOSYS;
117 break;
118 case Q_XGETQUOTA:
119 if (!sb->s_qcop->get_xquota)
120 return -ENOSYS;
121 break;
122 case Q_XQUOTASYNC:
123 if (!sb->s_qcop->quota_sync)
124 return -ENOSYS;
125 break;
126 default:
127 return -EINVAL;
130 /* Check privileges */
131 if (cmd == Q_XGETQUOTA) {
132 if (((type == XQM_USRQUOTA && current->euid != id) ||
133 (type == XQM_GRPQUOTA && !in_egroup_p(id))) &&
134 !capable(CAP_SYS_ADMIN))
135 return -EPERM;
136 } else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) {
137 if (!capable(CAP_SYS_ADMIN))
138 return -EPERM;
141 return 0;
144 static int check_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t id)
146 int error;
148 if (XQM_COMMAND(cmd))
149 error = xqm_quotactl_valid(sb, type, cmd, id);
150 else
151 error = generic_quotactl_valid(sb, type, cmd, id);
152 if (!error)
153 error = security_quotactl(cmd, type, id, sb);
154 return error;
157 static void quota_sync_sb(struct super_block *sb, int type)
159 int cnt;
160 struct inode *discard[MAXQUOTAS];
162 sb->s_qcop->quota_sync(sb, type);
163 /* This is not very clever (and fast) but currently I don't know about
164 * any other simple way of getting quota data to disk and we must get
165 * them there for userspace to be visible... */
166 if (sb->s_op->sync_fs)
167 sb->s_op->sync_fs(sb, 1);
168 sync_blockdev(sb->s_bdev);
170 /* Now when everything is written we can discard the pagecache so
171 * that userspace sees the changes. We need i_sem and so we could
172 * not do it inside dqonoff_sem. Moreover we need to be carefull
173 * about races with quotaoff() (that is the reason why we have own
174 * reference to inode). */
175 down(&sb_dqopt(sb)->dqonoff_sem);
176 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
177 discard[cnt] = NULL;
178 if (type != -1 && cnt != type)
179 continue;
180 if (!sb_has_quota_enabled(sb, cnt))
181 continue;
182 discard[cnt] = igrab(sb_dqopt(sb)->files[cnt]);
184 up(&sb_dqopt(sb)->dqonoff_sem);
185 for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
186 if (discard[cnt]) {
187 down(&discard[cnt]->i_sem);
188 truncate_inode_pages(&discard[cnt]->i_data, 0);
189 up(&discard[cnt]->i_sem);
190 iput(discard[cnt]);
195 void sync_dquots(struct super_block *sb, int type)
197 int cnt, dirty;
199 if (sb) {
200 if (sb->s_qcop->quota_sync)
201 quota_sync_sb(sb, type);
202 return;
205 spin_lock(&sb_lock);
206 restart:
207 list_for_each_entry(sb, &super_blocks, s_list) {
208 /* This test just improves performance so it needn't be reliable... */
209 for (cnt = 0, dirty = 0; cnt < MAXQUOTAS; cnt++)
210 if ((type == cnt || type == -1) && sb_has_quota_enabled(sb, cnt)
211 && info_any_dirty(&sb_dqopt(sb)->info[cnt]))
212 dirty = 1;
213 if (!dirty)
214 continue;
215 sb->s_count++;
216 spin_unlock(&sb_lock);
217 down_read(&sb->s_umount);
218 if (sb->s_root && sb->s_qcop->quota_sync)
219 quota_sync_sb(sb, type);
220 up_read(&sb->s_umount);
221 spin_lock(&sb_lock);
222 if (__put_super_and_need_restart(sb))
223 goto restart;
225 spin_unlock(&sb_lock);
228 /* Copy parameters and call proper function */
229 static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, void __user *addr)
231 int ret;
233 switch (cmd) {
234 case Q_QUOTAON: {
235 char *pathname;
237 if (IS_ERR(pathname = getname(addr)))
238 return PTR_ERR(pathname);
239 ret = sb->s_qcop->quota_on(sb, type, id, pathname);
240 putname(pathname);
241 return ret;
243 case Q_QUOTAOFF:
244 return sb->s_qcop->quota_off(sb, type);
246 case Q_GETFMT: {
247 __u32 fmt;
249 down_read(&sb_dqopt(sb)->dqptr_sem);
250 if (!sb_has_quota_enabled(sb, type)) {
251 up_read(&sb_dqopt(sb)->dqptr_sem);
252 return -ESRCH;
254 fmt = sb_dqopt(sb)->info[type].dqi_format->qf_fmt_id;
255 up_read(&sb_dqopt(sb)->dqptr_sem);
256 if (copy_to_user(addr, &fmt, sizeof(fmt)))
257 return -EFAULT;
258 return 0;
260 case Q_GETINFO: {
261 struct if_dqinfo info;
263 if ((ret = sb->s_qcop->get_info(sb, type, &info)))
264 return ret;
265 if (copy_to_user(addr, &info, sizeof(info)))
266 return -EFAULT;
267 return 0;
269 case Q_SETINFO: {
270 struct if_dqinfo info;
272 if (copy_from_user(&info, addr, sizeof(info)))
273 return -EFAULT;
274 return sb->s_qcop->set_info(sb, type, &info);
276 case Q_GETQUOTA: {
277 struct if_dqblk idq;
279 if ((ret = sb->s_qcop->get_dqblk(sb, type, id, &idq)))
280 return ret;
281 if (copy_to_user(addr, &idq, sizeof(idq)))
282 return -EFAULT;
283 return 0;
285 case Q_SETQUOTA: {
286 struct if_dqblk idq;
288 if (copy_from_user(&idq, addr, sizeof(idq)))
289 return -EFAULT;
290 return sb->s_qcop->set_dqblk(sb, type, id, &idq);
292 case Q_SYNC:
293 sync_dquots(sb, type);
294 return 0;
296 case Q_XQUOTAON:
297 case Q_XQUOTAOFF:
298 case Q_XQUOTARM: {
299 __u32 flags;
301 if (copy_from_user(&flags, addr, sizeof(flags)))
302 return -EFAULT;
303 return sb->s_qcop->set_xstate(sb, flags, cmd);
305 case Q_XGETQSTAT: {
306 struct fs_quota_stat fqs;
308 if ((ret = sb->s_qcop->get_xstate(sb, &fqs)))
309 return ret;
310 if (copy_to_user(addr, &fqs, sizeof(fqs)))
311 return -EFAULT;
312 return 0;
314 case Q_XSETQLIM: {
315 struct fs_disk_quota fdq;
317 if (copy_from_user(&fdq, addr, sizeof(fdq)))
318 return -EFAULT;
319 return sb->s_qcop->set_xquota(sb, type, id, &fdq);
321 case Q_XGETQUOTA: {
322 struct fs_disk_quota fdq;
324 if ((ret = sb->s_qcop->get_xquota(sb, type, id, &fdq)))
325 return ret;
326 if (copy_to_user(addr, &fdq, sizeof(fdq)))
327 return -EFAULT;
328 return 0;
330 case Q_XQUOTASYNC:
331 return sb->s_qcop->quota_sync(sb, type);
332 /* We never reach here unless validity check is broken */
333 default:
334 BUG();
336 return 0;
340 * This is the system call interface. This communicates with
341 * the user-level programs. Currently this only supports diskquota
342 * calls. Maybe we need to add the process quotas etc. in the future,
343 * but we probably should use rlimits for that.
345 asmlinkage long sys_quotactl(unsigned int cmd, const char __user *special, qid_t id, void __user *addr)
347 uint cmds, type;
348 struct super_block *sb = NULL;
349 struct block_device *bdev;
350 char *tmp;
351 int ret;
353 cmds = cmd >> SUBCMDSHIFT;
354 type = cmd & SUBCMDMASK;
356 if (cmds != Q_SYNC || special) {
357 tmp = getname(special);
358 if (IS_ERR(tmp))
359 return PTR_ERR(tmp);
360 bdev = lookup_bdev(tmp);
361 putname(tmp);
362 if (IS_ERR(bdev))
363 return PTR_ERR(bdev);
364 sb = get_super(bdev);
365 bdput(bdev);
366 if (!sb)
367 return -ENODEV;
370 ret = check_quotactl_valid(sb, type, cmds, id);
371 if (ret >= 0)
372 ret = do_quotactl(sb, type, cmds, id, addr);
373 if (sb)
374 drop_super(sb);
376 return ret;