search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
perf intel-pt: Factor out intel_pt_8b_tsc()
[linux/fpc-iii.git] / fs / xfs / scrub / quota.c
blob5dfe2b5924db4f41243a9ebca0d747a28a5c6820
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (C) 2017 Oracle. All Rights Reserved.
4 * Author: Darrick J. Wong <darrick.wong@oracle.com>
5 */
6 #include "xfs.h"
7 #include "xfs_fs.h"
8 #include "xfs_shared.h"
9 #include "xfs_format.h"
10 #include "xfs_trans_resv.h"
11 #include "xfs_mount.h"
12 #include "xfs_defer.h"
13 #include "xfs_btree.h"
14 #include "xfs_bit.h"
15 #include "xfs_log_format.h"
16 #include "xfs_trans.h"
17 #include "xfs_sb.h"
18 #include "xfs_inode.h"
19 #include "xfs_inode_fork.h"
20 #include "xfs_alloc.h"
21 #include "xfs_bmap.h"
22 #include "xfs_quota.h"
23 #include "xfs_qm.h"
24 #include "xfs_dquot.h"
25 #include "xfs_dquot_item.h"
26 #include "scrub/xfs_scrub.h"
27 #include "scrub/scrub.h"
28 #include "scrub/common.h"
29 #include "scrub/trace.h"
30
31 /* Convert a scrub type code to a DQ flag, or return 0 if error. */
32 static inline uint
33 xchk_quota_to_dqtype(
34 struct xfs_scrub *sc)
35 {
36 switch (sc->sm->sm_type) {
37 case XFS_SCRUB_TYPE_UQUOTA:
38 return XFS_DQ_USER;
39 case XFS_SCRUB_TYPE_GQUOTA:
40 return XFS_DQ_GROUP;
41 case XFS_SCRUB_TYPE_PQUOTA:
42 return XFS_DQ_PROJ;
43 default:
44 return 0;
45 }
46 }
47
48 /* Set us up to scrub a quota. */
49 int
50 xchk_setup_quota(
51 struct xfs_scrub *sc,
52 struct xfs_inode *ip)
53 {
54 uint dqtype;
55 int error;
56
57 if (!XFS_IS_QUOTA_RUNNING(sc->mp) || !XFS_IS_QUOTA_ON(sc->mp))
58 return -ENOENT;
59
60 dqtype = xchk_quota_to_dqtype(sc);
61 if (dqtype == 0)
62 return -EINVAL;
63 sc->flags |= XCHK_HAS_QUOTAOFFLOCK;
64 mutex_lock(&sc->mp->m_quotainfo->qi_quotaofflock);
65 if (!xfs_this_quota_on(sc->mp, dqtype))
66 return -ENOENT;
67 error = xchk_setup_fs(sc, ip);
68 if (error)
69 return error;
70 sc->ip = xfs_quota_inode(sc->mp, dqtype);
71 xfs_ilock(sc->ip, XFS_ILOCK_EXCL);
72 sc->ilock_flags = XFS_ILOCK_EXCL;
73 return 0;
74 }
75
76 /* Quotas. */
77
78 struct xchk_quota_info {
79 struct xfs_scrub *sc;
80 xfs_dqid_t last_id;
81 };
82
83 /* Scrub the fields in an individual quota item. */
84 STATIC int
85 xchk_quota_item(
86 struct xfs_dquot *dq,
87 uint dqtype,
88 void *priv)
89 {
90 struct xchk_quota_info *sqi = priv;
91 struct xfs_scrub *sc = sqi->sc;
92 struct xfs_mount *mp = sc->mp;
93 struct xfs_disk_dquot *d = &dq->q_core;
94 struct xfs_quotainfo *qi = mp->m_quotainfo;
95 xfs_fileoff_t offset;
96 unsigned long long bsoft;
97 unsigned long long isoft;
98 unsigned long long rsoft;
99 unsigned long long bhard;
100 unsigned long long ihard;
101 unsigned long long rhard;
102 unsigned long long bcount;
103 unsigned long long icount;
104 unsigned long long rcount;
105 xfs_ino_t fs_icount;
106 xfs_dqid_t id = be32_to_cpu(d->d_id);
107
108 /*
109 * Except for the root dquot, the actual dquot we got must either have
110 * the same or higher id as we saw before.
111 */
112 offset = id / qi->qi_dqperchunk;
113 if (id && id <= sqi->last_id)
114 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
115
116 sqi->last_id = id;
117
118 /* Did we get the dquot type we wanted? */
119 if (dqtype != (d->d_flags & XFS_DQ_ALLTYPES))
120 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
121
122 if (d->d_pad0 != cpu_to_be32(0) || d->d_pad != cpu_to_be16(0))
123 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
124
125 /* Check the limits. */
126 bhard = be64_to_cpu(d->d_blk_hardlimit);
127 ihard = be64_to_cpu(d->d_ino_hardlimit);
128 rhard = be64_to_cpu(d->d_rtb_hardlimit);
129
130 bsoft = be64_to_cpu(d->d_blk_softlimit);
131 isoft = be64_to_cpu(d->d_ino_softlimit);
132 rsoft = be64_to_cpu(d->d_rtb_softlimit);
133
134 /*
135 * Warn if the hard limits are larger than the fs.
136 * Administrators can do this, though in production this seems
137 * suspect, which is why we flag it for review.
138 *
139 * Complain about corruption if the soft limit is greater than
140 * the hard limit.
141 */
142 if (bhard > mp->m_sb.sb_dblocks)
143 xchk_fblock_set_warning(sc, XFS_DATA_FORK, offset);
144 if (bsoft > bhard)
145 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
146
147 if (ihard > mp->m_maxicount)
148 xchk_fblock_set_warning(sc, XFS_DATA_FORK, offset);
149 if (isoft > ihard)
150 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
151
152 if (rhard > mp->m_sb.sb_rblocks)
153 xchk_fblock_set_warning(sc, XFS_DATA_FORK, offset);
154 if (rsoft > rhard)
155 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
156
157 /* Check the resource counts. */
158 bcount = be64_to_cpu(d->d_bcount);
159 icount = be64_to_cpu(d->d_icount);
160 rcount = be64_to_cpu(d->d_rtbcount);
161 fs_icount = percpu_counter_sum(&mp->m_icount);
162
163 /*
164 * Check that usage doesn't exceed physical limits. However, on
165 * a reflink filesystem we're allowed to exceed physical space
166 * if there are no quota limits.
167 */
168 if (xfs_sb_version_hasreflink(&mp->m_sb)) {
169 if (mp->m_sb.sb_dblocks < bcount)
170 xchk_fblock_set_warning(sc, XFS_DATA_FORK,
171 offset);
172 } else {
173 if (mp->m_sb.sb_dblocks < bcount)
174 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK,
175 offset);
176 }
177 if (icount > fs_icount || rcount > mp->m_sb.sb_rblocks)
178 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK, offset);
179
180 /*
181 * We can violate the hard limits if the admin suddenly sets a
182 * lower limit than the actual usage. However, we flag it for
183 * admin review.
184 */
185 if (id != 0 && bhard != 0 && bcount > bhard)
186 xchk_fblock_set_warning(sc, XFS_DATA_FORK, offset);
187 if (id != 0 && ihard != 0 && icount > ihard)
188 xchk_fblock_set_warning(sc, XFS_DATA_FORK, offset);
189 if (id != 0 && rhard != 0 && rcount > rhard)
190 xchk_fblock_set_warning(sc, XFS_DATA_FORK, offset);
191
192 return 0;
193 }
194
195 /* Check the quota's data fork. */
196 STATIC int
197 xchk_quota_data_fork(
198 struct xfs_scrub *sc)
199 {
200 struct xfs_bmbt_irec irec = { 0 };
201 struct xfs_iext_cursor icur;
202 struct xfs_quotainfo *qi = sc->mp->m_quotainfo;
203 struct xfs_ifork *ifp;
204 xfs_fileoff_t max_dqid_off;
205 int error = 0;
206
207 /* Invoke the fork scrubber. */
208 error = xchk_metadata_inode_forks(sc);
209 if (error || (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT))
210 return error;
211
212 /* Check for data fork problems that apply only to quota files. */
213 max_dqid_off = ((xfs_dqid_t)-1) / qi->qi_dqperchunk;
214 ifp = XFS_IFORK_PTR(sc->ip, XFS_DATA_FORK);
215 for_each_xfs_iext(ifp, &icur, &irec) {
216 if (xchk_should_terminate(sc, &error))
217 break;
218 /*
219 * delalloc extents or blocks mapped above the highest
220 * quota id shouldn't happen.
221 */
222 if (isnullstartblock(irec.br_startblock) ||
223 irec.br_startoff > max_dqid_off ||
224 irec.br_startoff + irec.br_blockcount - 1 > max_dqid_off) {
225 xchk_fblock_set_corrupt(sc, XFS_DATA_FORK,
226 irec.br_startoff);
227 break;
228 }
229 }
230
231 return error;
232 }
233
234 /* Scrub all of a quota type's items. */
235 int
236 xchk_quota(
237 struct xfs_scrub *sc)
238 {
239 struct xchk_quota_info sqi;
240 struct xfs_mount *mp = sc->mp;
241 struct xfs_quotainfo *qi = mp->m_quotainfo;
242 uint dqtype;
243 int error = 0;
244
245 dqtype = xchk_quota_to_dqtype(sc);
246
247 /* Look for problem extents. */
248 error = xchk_quota_data_fork(sc);
249 if (error)
250 goto out;
251 if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)
252 goto out;
253
254 /*
255 * Check all the quota items. Now that we've checked the quota inode
256 * data fork we have to drop ILOCK_EXCL to use the regular dquot
257 * functions.
258 */
259 xfs_iunlock(sc->ip, sc->ilock_flags);
260 sc->ilock_flags = 0;
261 sqi.sc = sc;
262 sqi.last_id = 0;
263 error = xfs_qm_dqiterate(mp, dqtype, xchk_quota_item, &sqi);
264 sc->ilock_flags = XFS_ILOCK_EXCL;
265 xfs_ilock(sc->ip, sc->ilock_flags);
266 if (!xchk_fblock_process_error(sc, XFS_DATA_FORK,
267 sqi.last_id * qi->qi_dqperchunk, &error))
268 goto out;
269
270 out:
271 return error;
272 }
Linux with added FPC-III support