Avoid beyond bounds copy while caching ACL
[zen-stable.git] / fs / xfs / xfs_qm_syscalls.c
blob711a86e39ff046d302a5ff14695882b65bcb3e25
1 /*
2 * Copyright (c) 2000-2005 Silicon Graphics, Inc.
3 * All Rights Reserved.
5 * This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License as
7 * published by the Free Software Foundation.
9 * This program is distributed in the hope that it would be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write the Free Software Foundation,
16 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 #include <linux/capability.h>
21 #include "xfs.h"
22 #include "xfs_fs.h"
23 #include "xfs_bit.h"
24 #include "xfs_log.h"
25 #include "xfs_inum.h"
26 #include "xfs_trans.h"
27 #include "xfs_sb.h"
28 #include "xfs_ag.h"
29 #include "xfs_alloc.h"
30 #include "xfs_quota.h"
31 #include "xfs_mount.h"
32 #include "xfs_bmap_btree.h"
33 #include "xfs_inode.h"
34 #include "xfs_inode_item.h"
35 #include "xfs_itable.h"
36 #include "xfs_bmap.h"
37 #include "xfs_rtalloc.h"
38 #include "xfs_error.h"
39 #include "xfs_attr.h"
40 #include "xfs_buf_item.h"
41 #include "xfs_utils.h"
42 #include "xfs_qm.h"
43 #include "xfs_trace.h"
45 STATIC int xfs_qm_log_quotaoff(xfs_mount_t *, xfs_qoff_logitem_t **, uint);
46 STATIC int xfs_qm_log_quotaoff_end(xfs_mount_t *, xfs_qoff_logitem_t *,
47 uint);
48 STATIC uint xfs_qm_export_flags(uint);
49 STATIC uint xfs_qm_export_qtype_flags(uint);
50 STATIC void xfs_qm_export_dquot(xfs_mount_t *, xfs_disk_dquot_t *,
51 fs_disk_quota_t *);
55 * Turn off quota accounting and/or enforcement for all udquots and/or
56 * gdquots. Called only at unmount time.
58 * This assumes that there are no dquots of this file system cached
59 * incore, and modifies the ondisk dquot directly. Therefore, for example,
60 * it is an error to call this twice, without purging the cache.
62 int
63 xfs_qm_scall_quotaoff(
64 xfs_mount_t *mp,
65 uint flags)
67 struct xfs_quotainfo *q = mp->m_quotainfo;
68 uint dqtype;
69 int error;
70 uint inactivate_flags;
71 xfs_qoff_logitem_t *qoffstart;
72 int nculprits;
75 * No file system can have quotas enabled on disk but not in core.
76 * Note that quota utilities (like quotaoff) _expect_
77 * errno == EEXIST here.
79 if ((mp->m_qflags & flags) == 0)
80 return XFS_ERROR(EEXIST);
81 error = 0;
83 flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD);
86 * We don't want to deal with two quotaoffs messing up each other,
87 * so we're going to serialize it. quotaoff isn't exactly a performance
88 * critical thing.
89 * If quotaoff, then we must be dealing with the root filesystem.
91 ASSERT(q);
92 mutex_lock(&q->qi_quotaofflock);
95 * If we're just turning off quota enforcement, change mp and go.
97 if ((flags & XFS_ALL_QUOTA_ACCT) == 0) {
98 mp->m_qflags &= ~(flags);
100 spin_lock(&mp->m_sb_lock);
101 mp->m_sb.sb_qflags = mp->m_qflags;
102 spin_unlock(&mp->m_sb_lock);
103 mutex_unlock(&q->qi_quotaofflock);
105 /* XXX what to do if error ? Revert back to old vals incore ? */
106 error = xfs_qm_write_sb_changes(mp, XFS_SB_QFLAGS);
107 return (error);
110 dqtype = 0;
111 inactivate_flags = 0;
113 * If accounting is off, we must turn enforcement off, clear the
114 * quota 'CHKD' certificate to make it known that we have to
115 * do a quotacheck the next time this quota is turned on.
117 if (flags & XFS_UQUOTA_ACCT) {
118 dqtype |= XFS_QMOPT_UQUOTA;
119 flags |= (XFS_UQUOTA_CHKD | XFS_UQUOTA_ENFD);
120 inactivate_flags |= XFS_UQUOTA_ACTIVE;
122 if (flags & XFS_GQUOTA_ACCT) {
123 dqtype |= XFS_QMOPT_GQUOTA;
124 flags |= (XFS_OQUOTA_CHKD | XFS_OQUOTA_ENFD);
125 inactivate_flags |= XFS_GQUOTA_ACTIVE;
126 } else if (flags & XFS_PQUOTA_ACCT) {
127 dqtype |= XFS_QMOPT_PQUOTA;
128 flags |= (XFS_OQUOTA_CHKD | XFS_OQUOTA_ENFD);
129 inactivate_flags |= XFS_PQUOTA_ACTIVE;
133 * Nothing to do? Don't complain. This happens when we're just
134 * turning off quota enforcement.
136 if ((mp->m_qflags & flags) == 0)
137 goto out_unlock;
140 * Write the LI_QUOTAOFF log record, and do SB changes atomically,
141 * and synchronously. If we fail to write, we should abort the
142 * operation as it cannot be recovered safely if we crash.
144 error = xfs_qm_log_quotaoff(mp, &qoffstart, flags);
145 if (error)
146 goto out_unlock;
149 * Next we clear the XFS_MOUNT_*DQ_ACTIVE bit(s) in the mount struct
150 * to take care of the race between dqget and quotaoff. We don't take
151 * any special locks to reset these bits. All processes need to check
152 * these bits *after* taking inode lock(s) to see if the particular
153 * quota type is in the process of being turned off. If *ACTIVE, it is
154 * guaranteed that all dquot structures and all quotainode ptrs will all
155 * stay valid as long as that inode is kept locked.
157 * There is no turning back after this.
159 mp->m_qflags &= ~inactivate_flags;
162 * Give back all the dquot reference(s) held by inodes.
163 * Here we go thru every single incore inode in this file system, and
164 * do a dqrele on the i_udquot/i_gdquot that it may have.
165 * Essentially, as long as somebody has an inode locked, this guarantees
166 * that quotas will not be turned off. This is handy because in a
167 * transaction once we lock the inode(s) and check for quotaon, we can
168 * depend on the quota inodes (and other things) being valid as long as
169 * we keep the lock(s).
171 xfs_qm_dqrele_all_inodes(mp, flags);
174 * Next we make the changes in the quota flag in the mount struct.
175 * This isn't protected by a particular lock directly, because we
176 * don't want to take a mrlock every time we depend on quotas being on.
178 mp->m_qflags &= ~(flags);
181 * Go through all the dquots of this file system and purge them,
182 * according to what was turned off. We may not be able to get rid
183 * of all dquots, because dquots can have temporary references that
184 * are not attached to inodes. eg. xfs_setattr, xfs_create.
185 * So, if we couldn't purge all the dquots from the filesystem,
186 * we can't get rid of the incore data structures.
188 while ((nculprits = xfs_qm_dqpurge_all(mp, dqtype)))
189 delay(10 * nculprits);
192 * Transactions that had started before ACTIVE state bit was cleared
193 * could have logged many dquots, so they'd have higher LSNs than
194 * the first QUOTAOFF log record does. If we happen to crash when
195 * the tail of the log has gone past the QUOTAOFF record, but
196 * before the last dquot modification, those dquots __will__
197 * recover, and that's not good.
199 * So, we have QUOTAOFF start and end logitems; the start
200 * logitem won't get overwritten until the end logitem appears...
202 error = xfs_qm_log_quotaoff_end(mp, qoffstart, flags);
203 if (error) {
204 /* We're screwed now. Shutdown is the only option. */
205 xfs_force_shutdown(mp, SHUTDOWN_CORRUPT_INCORE);
206 goto out_unlock;
210 * If quotas is completely disabled, close shop.
212 if (((flags & XFS_MOUNT_QUOTA_ALL) == XFS_MOUNT_QUOTA_SET1) ||
213 ((flags & XFS_MOUNT_QUOTA_ALL) == XFS_MOUNT_QUOTA_SET2)) {
214 mutex_unlock(&q->qi_quotaofflock);
215 xfs_qm_destroy_quotainfo(mp);
216 return (0);
220 * Release our quotainode references if we don't need them anymore.
222 if ((dqtype & XFS_QMOPT_UQUOTA) && q->qi_uquotaip) {
223 IRELE(q->qi_uquotaip);
224 q->qi_uquotaip = NULL;
226 if ((dqtype & (XFS_QMOPT_GQUOTA|XFS_QMOPT_PQUOTA)) && q->qi_gquotaip) {
227 IRELE(q->qi_gquotaip);
228 q->qi_gquotaip = NULL;
231 out_unlock:
232 mutex_unlock(&q->qi_quotaofflock);
233 return error;
236 STATIC int
237 xfs_qm_scall_trunc_qfile(
238 struct xfs_mount *mp,
239 xfs_ino_t ino)
241 struct xfs_inode *ip;
242 struct xfs_trans *tp;
243 int error;
245 if (ino == NULLFSINO)
246 return 0;
248 error = xfs_iget(mp, NULL, ino, 0, 0, &ip);
249 if (error)
250 return error;
252 xfs_ilock(ip, XFS_IOLOCK_EXCL);
254 tp = xfs_trans_alloc(mp, XFS_TRANS_TRUNCATE_FILE);
255 error = xfs_trans_reserve(tp, 0, XFS_ITRUNCATE_LOG_RES(mp), 0,
256 XFS_TRANS_PERM_LOG_RES,
257 XFS_ITRUNCATE_LOG_COUNT);
258 if (error) {
259 xfs_trans_cancel(tp, 0);
260 xfs_iunlock(ip, XFS_IOLOCK_EXCL);
261 goto out_put;
264 xfs_ilock(ip, XFS_ILOCK_EXCL);
265 xfs_trans_ijoin(tp, ip, 0);
267 ip->i_d.di_size = 0;
268 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
270 error = xfs_itruncate_extents(&tp, ip, XFS_DATA_FORK, 0);
271 if (error) {
272 xfs_trans_cancel(tp, XFS_TRANS_RELEASE_LOG_RES |
273 XFS_TRANS_ABORT);
274 goto out_unlock;
277 ASSERT(ip->i_d.di_nextents == 0);
279 xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_MOD | XFS_ICHGTIME_CHG);
280 error = xfs_trans_commit(tp, XFS_TRANS_RELEASE_LOG_RES);
282 out_unlock:
283 xfs_iunlock(ip, XFS_ILOCK_EXCL | XFS_IOLOCK_EXCL);
284 out_put:
285 IRELE(ip);
286 return error;
290 xfs_qm_scall_trunc_qfiles(
291 xfs_mount_t *mp,
292 uint flags)
294 int error = 0, error2 = 0;
296 if (!xfs_sb_version_hasquota(&mp->m_sb) || flags == 0) {
297 xfs_debug(mp, "%s: flags=%x m_qflags=%x\n",
298 __func__, flags, mp->m_qflags);
299 return XFS_ERROR(EINVAL);
302 if (flags & XFS_DQ_USER)
303 error = xfs_qm_scall_trunc_qfile(mp, mp->m_sb.sb_uquotino);
304 if (flags & (XFS_DQ_GROUP|XFS_DQ_PROJ))
305 error2 = xfs_qm_scall_trunc_qfile(mp, mp->m_sb.sb_gquotino);
307 return error ? error : error2;
311 * Switch on (a given) quota enforcement for a filesystem. This takes
312 * effect immediately.
313 * (Switching on quota accounting must be done at mount time.)
316 xfs_qm_scall_quotaon(
317 xfs_mount_t *mp,
318 uint flags)
320 int error;
321 uint qf;
322 __int64_t sbflags;
324 flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD);
326 * Switching on quota accounting must be done at mount time.
328 flags &= ~(XFS_ALL_QUOTA_ACCT);
330 sbflags = 0;
332 if (flags == 0) {
333 xfs_debug(mp, "%s: zero flags, m_qflags=%x\n",
334 __func__, mp->m_qflags);
335 return XFS_ERROR(EINVAL);
338 /* No fs can turn on quotas with a delayed effect */
339 ASSERT((flags & XFS_ALL_QUOTA_ACCT) == 0);
342 * Can't enforce without accounting. We check the superblock
343 * qflags here instead of m_qflags because rootfs can have
344 * quota acct on ondisk without m_qflags' knowing.
346 if (((flags & XFS_UQUOTA_ACCT) == 0 &&
347 (mp->m_sb.sb_qflags & XFS_UQUOTA_ACCT) == 0 &&
348 (flags & XFS_UQUOTA_ENFD))
350 ((flags & XFS_PQUOTA_ACCT) == 0 &&
351 (mp->m_sb.sb_qflags & XFS_PQUOTA_ACCT) == 0 &&
352 (flags & XFS_GQUOTA_ACCT) == 0 &&
353 (mp->m_sb.sb_qflags & XFS_GQUOTA_ACCT) == 0 &&
354 (flags & XFS_OQUOTA_ENFD))) {
355 xfs_debug(mp,
356 "%s: Can't enforce without acct, flags=%x sbflags=%x\n",
357 __func__, flags, mp->m_sb.sb_qflags);
358 return XFS_ERROR(EINVAL);
361 * If everything's up to-date incore, then don't waste time.
363 if ((mp->m_qflags & flags) == flags)
364 return XFS_ERROR(EEXIST);
367 * Change sb_qflags on disk but not incore mp->qflags
368 * if this is the root filesystem.
370 spin_lock(&mp->m_sb_lock);
371 qf = mp->m_sb.sb_qflags;
372 mp->m_sb.sb_qflags = qf | flags;
373 spin_unlock(&mp->m_sb_lock);
376 * There's nothing to change if it's the same.
378 if ((qf & flags) == flags && sbflags == 0)
379 return XFS_ERROR(EEXIST);
380 sbflags |= XFS_SB_QFLAGS;
382 if ((error = xfs_qm_write_sb_changes(mp, sbflags)))
383 return (error);
385 * If we aren't trying to switch on quota enforcement, we are done.
387 if (((mp->m_sb.sb_qflags & XFS_UQUOTA_ACCT) !=
388 (mp->m_qflags & XFS_UQUOTA_ACCT)) ||
389 ((mp->m_sb.sb_qflags & XFS_PQUOTA_ACCT) !=
390 (mp->m_qflags & XFS_PQUOTA_ACCT)) ||
391 ((mp->m_sb.sb_qflags & XFS_GQUOTA_ACCT) !=
392 (mp->m_qflags & XFS_GQUOTA_ACCT)) ||
393 (flags & XFS_ALL_QUOTA_ENFD) == 0)
394 return (0);
396 if (! XFS_IS_QUOTA_RUNNING(mp))
397 return XFS_ERROR(ESRCH);
400 * Switch on quota enforcement in core.
402 mutex_lock(&mp->m_quotainfo->qi_quotaofflock);
403 mp->m_qflags |= (flags & XFS_ALL_QUOTA_ENFD);
404 mutex_unlock(&mp->m_quotainfo->qi_quotaofflock);
406 return (0);
411 * Return quota status information, such as uquota-off, enforcements, etc.
414 xfs_qm_scall_getqstat(
415 struct xfs_mount *mp,
416 struct fs_quota_stat *out)
418 struct xfs_quotainfo *q = mp->m_quotainfo;
419 struct xfs_inode *uip, *gip;
420 boolean_t tempuqip, tempgqip;
422 uip = gip = NULL;
423 tempuqip = tempgqip = B_FALSE;
424 memset(out, 0, sizeof(fs_quota_stat_t));
426 out->qs_version = FS_QSTAT_VERSION;
427 if (!xfs_sb_version_hasquota(&mp->m_sb)) {
428 out->qs_uquota.qfs_ino = NULLFSINO;
429 out->qs_gquota.qfs_ino = NULLFSINO;
430 return (0);
432 out->qs_flags = (__uint16_t) xfs_qm_export_flags(mp->m_qflags &
433 (XFS_ALL_QUOTA_ACCT|
434 XFS_ALL_QUOTA_ENFD));
435 out->qs_pad = 0;
436 out->qs_uquota.qfs_ino = mp->m_sb.sb_uquotino;
437 out->qs_gquota.qfs_ino = mp->m_sb.sb_gquotino;
439 if (q) {
440 uip = q->qi_uquotaip;
441 gip = q->qi_gquotaip;
443 if (!uip && mp->m_sb.sb_uquotino != NULLFSINO) {
444 if (xfs_iget(mp, NULL, mp->m_sb.sb_uquotino,
445 0, 0, &uip) == 0)
446 tempuqip = B_TRUE;
448 if (!gip && mp->m_sb.sb_gquotino != NULLFSINO) {
449 if (xfs_iget(mp, NULL, mp->m_sb.sb_gquotino,
450 0, 0, &gip) == 0)
451 tempgqip = B_TRUE;
453 if (uip) {
454 out->qs_uquota.qfs_nblks = uip->i_d.di_nblocks;
455 out->qs_uquota.qfs_nextents = uip->i_d.di_nextents;
456 if (tempuqip)
457 IRELE(uip);
459 if (gip) {
460 out->qs_gquota.qfs_nblks = gip->i_d.di_nblocks;
461 out->qs_gquota.qfs_nextents = gip->i_d.di_nextents;
462 if (tempgqip)
463 IRELE(gip);
465 if (q) {
466 out->qs_incoredqs = q->qi_dquots;
467 out->qs_btimelimit = q->qi_btimelimit;
468 out->qs_itimelimit = q->qi_itimelimit;
469 out->qs_rtbtimelimit = q->qi_rtbtimelimit;
470 out->qs_bwarnlimit = q->qi_bwarnlimit;
471 out->qs_iwarnlimit = q->qi_iwarnlimit;
473 return 0;
476 #define XFS_DQ_MASK \
477 (FS_DQ_LIMIT_MASK | FS_DQ_TIMER_MASK | FS_DQ_WARNS_MASK)
480 * Adjust quota limits, and start/stop timers accordingly.
483 xfs_qm_scall_setqlim(
484 xfs_mount_t *mp,
485 xfs_dqid_t id,
486 uint type,
487 fs_disk_quota_t *newlim)
489 struct xfs_quotainfo *q = mp->m_quotainfo;
490 xfs_disk_dquot_t *ddq;
491 xfs_dquot_t *dqp;
492 xfs_trans_t *tp;
493 int error;
494 xfs_qcnt_t hard, soft;
496 if (newlim->d_fieldmask & ~XFS_DQ_MASK)
497 return EINVAL;
498 if ((newlim->d_fieldmask & XFS_DQ_MASK) == 0)
499 return 0;
501 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_SETQLIM);
502 if ((error = xfs_trans_reserve(tp, 0, sizeof(xfs_disk_dquot_t) + 128,
503 0, 0, XFS_DEFAULT_LOG_COUNT))) {
504 xfs_trans_cancel(tp, 0);
505 return (error);
509 * We don't want to race with a quotaoff so take the quotaoff lock.
510 * (We don't hold an inode lock, so there's nothing else to stop
511 * a quotaoff from happening). (XXXThis doesn't currently happen
512 * because we take the vfslock before calling xfs_qm_sysent).
514 mutex_lock(&q->qi_quotaofflock);
517 * Get the dquot (locked), and join it to the transaction.
518 * Allocate the dquot if this doesn't exist.
520 if ((error = xfs_qm_dqget(mp, NULL, id, type, XFS_QMOPT_DQALLOC, &dqp))) {
521 xfs_trans_cancel(tp, XFS_TRANS_ABORT);
522 ASSERT(error != ENOENT);
523 goto out_unlock;
525 xfs_trans_dqjoin(tp, dqp);
526 ddq = &dqp->q_core;
529 * Make sure that hardlimits are >= soft limits before changing.
531 hard = (newlim->d_fieldmask & FS_DQ_BHARD) ?
532 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_blk_hardlimit) :
533 be64_to_cpu(ddq->d_blk_hardlimit);
534 soft = (newlim->d_fieldmask & FS_DQ_BSOFT) ?
535 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_blk_softlimit) :
536 be64_to_cpu(ddq->d_blk_softlimit);
537 if (hard == 0 || hard >= soft) {
538 ddq->d_blk_hardlimit = cpu_to_be64(hard);
539 ddq->d_blk_softlimit = cpu_to_be64(soft);
540 if (id == 0) {
541 q->qi_bhardlimit = hard;
542 q->qi_bsoftlimit = soft;
544 } else {
545 xfs_debug(mp, "blkhard %Ld < blksoft %Ld\n", hard, soft);
547 hard = (newlim->d_fieldmask & FS_DQ_RTBHARD) ?
548 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_rtb_hardlimit) :
549 be64_to_cpu(ddq->d_rtb_hardlimit);
550 soft = (newlim->d_fieldmask & FS_DQ_RTBSOFT) ?
551 (xfs_qcnt_t) XFS_BB_TO_FSB(mp, newlim->d_rtb_softlimit) :
552 be64_to_cpu(ddq->d_rtb_softlimit);
553 if (hard == 0 || hard >= soft) {
554 ddq->d_rtb_hardlimit = cpu_to_be64(hard);
555 ddq->d_rtb_softlimit = cpu_to_be64(soft);
556 if (id == 0) {
557 q->qi_rtbhardlimit = hard;
558 q->qi_rtbsoftlimit = soft;
560 } else {
561 xfs_debug(mp, "rtbhard %Ld < rtbsoft %Ld\n", hard, soft);
564 hard = (newlim->d_fieldmask & FS_DQ_IHARD) ?
565 (xfs_qcnt_t) newlim->d_ino_hardlimit :
566 be64_to_cpu(ddq->d_ino_hardlimit);
567 soft = (newlim->d_fieldmask & FS_DQ_ISOFT) ?
568 (xfs_qcnt_t) newlim->d_ino_softlimit :
569 be64_to_cpu(ddq->d_ino_softlimit);
570 if (hard == 0 || hard >= soft) {
571 ddq->d_ino_hardlimit = cpu_to_be64(hard);
572 ddq->d_ino_softlimit = cpu_to_be64(soft);
573 if (id == 0) {
574 q->qi_ihardlimit = hard;
575 q->qi_isoftlimit = soft;
577 } else {
578 xfs_debug(mp, "ihard %Ld < isoft %Ld\n", hard, soft);
582 * Update warnings counter(s) if requested
584 if (newlim->d_fieldmask & FS_DQ_BWARNS)
585 ddq->d_bwarns = cpu_to_be16(newlim->d_bwarns);
586 if (newlim->d_fieldmask & FS_DQ_IWARNS)
587 ddq->d_iwarns = cpu_to_be16(newlim->d_iwarns);
588 if (newlim->d_fieldmask & FS_DQ_RTBWARNS)
589 ddq->d_rtbwarns = cpu_to_be16(newlim->d_rtbwarns);
591 if (id == 0) {
593 * Timelimits for the super user set the relative time
594 * the other users can be over quota for this file system.
595 * If it is zero a default is used. Ditto for the default
596 * soft and hard limit values (already done, above), and
597 * for warnings.
599 if (newlim->d_fieldmask & FS_DQ_BTIMER) {
600 q->qi_btimelimit = newlim->d_btimer;
601 ddq->d_btimer = cpu_to_be32(newlim->d_btimer);
603 if (newlim->d_fieldmask & FS_DQ_ITIMER) {
604 q->qi_itimelimit = newlim->d_itimer;
605 ddq->d_itimer = cpu_to_be32(newlim->d_itimer);
607 if (newlim->d_fieldmask & FS_DQ_RTBTIMER) {
608 q->qi_rtbtimelimit = newlim->d_rtbtimer;
609 ddq->d_rtbtimer = cpu_to_be32(newlim->d_rtbtimer);
611 if (newlim->d_fieldmask & FS_DQ_BWARNS)
612 q->qi_bwarnlimit = newlim->d_bwarns;
613 if (newlim->d_fieldmask & FS_DQ_IWARNS)
614 q->qi_iwarnlimit = newlim->d_iwarns;
615 if (newlim->d_fieldmask & FS_DQ_RTBWARNS)
616 q->qi_rtbwarnlimit = newlim->d_rtbwarns;
617 } else {
619 * If the user is now over quota, start the timelimit.
620 * The user will not be 'warned'.
621 * Note that we keep the timers ticking, whether enforcement
622 * is on or off. We don't really want to bother with iterating
623 * over all ondisk dquots and turning the timers on/off.
625 xfs_qm_adjust_dqtimers(mp, ddq);
627 dqp->dq_flags |= XFS_DQ_DIRTY;
628 xfs_trans_log_dquot(tp, dqp);
630 error = xfs_trans_commit(tp, 0);
631 xfs_qm_dqrele(dqp);
633 out_unlock:
634 mutex_unlock(&q->qi_quotaofflock);
635 return error;
639 xfs_qm_scall_getquota(
640 xfs_mount_t *mp,
641 xfs_dqid_t id,
642 uint type,
643 fs_disk_quota_t *out)
645 xfs_dquot_t *dqp;
646 int error;
649 * Try to get the dquot. We don't want it allocated on disk, so
650 * we aren't passing the XFS_QMOPT_DOALLOC flag. If it doesn't
651 * exist, we'll get ENOENT back.
653 if ((error = xfs_qm_dqget(mp, NULL, id, type, 0, &dqp))) {
654 return (error);
658 * If everything's NULL, this dquot doesn't quite exist as far as
659 * our utility programs are concerned.
661 if (XFS_IS_DQUOT_UNINITIALIZED(dqp)) {
662 xfs_qm_dqput(dqp);
663 return XFS_ERROR(ENOENT);
666 * Convert the disk dquot to the exportable format
668 xfs_qm_export_dquot(mp, &dqp->q_core, out);
669 xfs_qm_dqput(dqp);
670 return (error ? XFS_ERROR(EFAULT) : 0);
674 STATIC int
675 xfs_qm_log_quotaoff_end(
676 xfs_mount_t *mp,
677 xfs_qoff_logitem_t *startqoff,
678 uint flags)
680 xfs_trans_t *tp;
681 int error;
682 xfs_qoff_logitem_t *qoffi;
684 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QUOTAOFF_END);
686 if ((error = xfs_trans_reserve(tp, 0, sizeof(xfs_qoff_logitem_t) * 2,
687 0, 0, XFS_DEFAULT_LOG_COUNT))) {
688 xfs_trans_cancel(tp, 0);
689 return (error);
692 qoffi = xfs_trans_get_qoff_item(tp, startqoff,
693 flags & XFS_ALL_QUOTA_ACCT);
694 xfs_trans_log_quotaoff_item(tp, qoffi);
697 * We have to make sure that the transaction is secure on disk before we
698 * return and actually stop quota accounting. So, make it synchronous.
699 * We don't care about quotoff's performance.
701 xfs_trans_set_sync(tp);
702 error = xfs_trans_commit(tp, 0);
703 return (error);
707 STATIC int
708 xfs_qm_log_quotaoff(
709 xfs_mount_t *mp,
710 xfs_qoff_logitem_t **qoffstartp,
711 uint flags)
713 xfs_trans_t *tp;
714 int error;
715 xfs_qoff_logitem_t *qoffi=NULL;
716 uint oldsbqflag=0;
718 tp = xfs_trans_alloc(mp, XFS_TRANS_QM_QUOTAOFF);
719 if ((error = xfs_trans_reserve(tp, 0,
720 sizeof(xfs_qoff_logitem_t) * 2 +
721 mp->m_sb.sb_sectsize + 128,
724 XFS_DEFAULT_LOG_COUNT))) {
725 goto error0;
728 qoffi = xfs_trans_get_qoff_item(tp, NULL, flags & XFS_ALL_QUOTA_ACCT);
729 xfs_trans_log_quotaoff_item(tp, qoffi);
731 spin_lock(&mp->m_sb_lock);
732 oldsbqflag = mp->m_sb.sb_qflags;
733 mp->m_sb.sb_qflags = (mp->m_qflags & ~(flags)) & XFS_MOUNT_QUOTA_ALL;
734 spin_unlock(&mp->m_sb_lock);
736 xfs_mod_sb(tp, XFS_SB_QFLAGS);
739 * We have to make sure that the transaction is secure on disk before we
740 * return and actually stop quota accounting. So, make it synchronous.
741 * We don't care about quotoff's performance.
743 xfs_trans_set_sync(tp);
744 error = xfs_trans_commit(tp, 0);
746 error0:
747 if (error) {
748 xfs_trans_cancel(tp, 0);
750 * No one else is modifying sb_qflags, so this is OK.
751 * We still hold the quotaofflock.
753 spin_lock(&mp->m_sb_lock);
754 mp->m_sb.sb_qflags = oldsbqflag;
755 spin_unlock(&mp->m_sb_lock);
757 *qoffstartp = qoffi;
758 return (error);
763 * Translate an internal style on-disk-dquot to the exportable format.
764 * The main differences are that the counters/limits are all in Basic
765 * Blocks (BBs) instead of the internal FSBs, and all on-disk data has
766 * to be converted to the native endianness.
768 STATIC void
769 xfs_qm_export_dquot(
770 xfs_mount_t *mp,
771 xfs_disk_dquot_t *src,
772 struct fs_disk_quota *dst)
774 memset(dst, 0, sizeof(*dst));
775 dst->d_version = FS_DQUOT_VERSION; /* different from src->d_version */
776 dst->d_flags = xfs_qm_export_qtype_flags(src->d_flags);
777 dst->d_id = be32_to_cpu(src->d_id);
778 dst->d_blk_hardlimit =
779 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_blk_hardlimit));
780 dst->d_blk_softlimit =
781 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_blk_softlimit));
782 dst->d_ino_hardlimit = be64_to_cpu(src->d_ino_hardlimit);
783 dst->d_ino_softlimit = be64_to_cpu(src->d_ino_softlimit);
784 dst->d_bcount = XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_bcount));
785 dst->d_icount = be64_to_cpu(src->d_icount);
786 dst->d_btimer = be32_to_cpu(src->d_btimer);
787 dst->d_itimer = be32_to_cpu(src->d_itimer);
788 dst->d_iwarns = be16_to_cpu(src->d_iwarns);
789 dst->d_bwarns = be16_to_cpu(src->d_bwarns);
790 dst->d_rtb_hardlimit =
791 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_rtb_hardlimit));
792 dst->d_rtb_softlimit =
793 XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_rtb_softlimit));
794 dst->d_rtbcount = XFS_FSB_TO_BB(mp, be64_to_cpu(src->d_rtbcount));
795 dst->d_rtbtimer = be32_to_cpu(src->d_rtbtimer);
796 dst->d_rtbwarns = be16_to_cpu(src->d_rtbwarns);
799 * Internally, we don't reset all the timers when quota enforcement
800 * gets turned off. No need to confuse the user level code,
801 * so return zeroes in that case.
803 if ((!XFS_IS_UQUOTA_ENFORCED(mp) && src->d_flags == XFS_DQ_USER) ||
804 (!XFS_IS_OQUOTA_ENFORCED(mp) &&
805 (src->d_flags & (XFS_DQ_PROJ | XFS_DQ_GROUP)))) {
806 dst->d_btimer = 0;
807 dst->d_itimer = 0;
808 dst->d_rtbtimer = 0;
811 #ifdef DEBUG
812 if (((XFS_IS_UQUOTA_ENFORCED(mp) && dst->d_flags == FS_USER_QUOTA) ||
813 (XFS_IS_OQUOTA_ENFORCED(mp) &&
814 (dst->d_flags & (FS_PROJ_QUOTA | FS_GROUP_QUOTA)))) &&
815 dst->d_id != 0) {
816 if (((int) dst->d_bcount > (int) dst->d_blk_softlimit) &&
817 (dst->d_blk_softlimit > 0)) {
818 ASSERT(dst->d_btimer != 0);
820 if (((int) dst->d_icount > (int) dst->d_ino_softlimit) &&
821 (dst->d_ino_softlimit > 0)) {
822 ASSERT(dst->d_itimer != 0);
825 #endif
828 STATIC uint
829 xfs_qm_export_qtype_flags(
830 uint flags)
833 * Can't be more than one, or none.
835 ASSERT((flags & (FS_PROJ_QUOTA | FS_USER_QUOTA)) !=
836 (FS_PROJ_QUOTA | FS_USER_QUOTA));
837 ASSERT((flags & (FS_PROJ_QUOTA | FS_GROUP_QUOTA)) !=
838 (FS_PROJ_QUOTA | FS_GROUP_QUOTA));
839 ASSERT((flags & (FS_USER_QUOTA | FS_GROUP_QUOTA)) !=
840 (FS_USER_QUOTA | FS_GROUP_QUOTA));
841 ASSERT((flags & (FS_PROJ_QUOTA|FS_USER_QUOTA|FS_GROUP_QUOTA)) != 0);
843 return (flags & XFS_DQ_USER) ?
844 FS_USER_QUOTA : (flags & XFS_DQ_PROJ) ?
845 FS_PROJ_QUOTA : FS_GROUP_QUOTA;
848 STATIC uint
849 xfs_qm_export_flags(
850 uint flags)
852 uint uflags;
854 uflags = 0;
855 if (flags & XFS_UQUOTA_ACCT)
856 uflags |= FS_QUOTA_UDQ_ACCT;
857 if (flags & XFS_PQUOTA_ACCT)
858 uflags |= FS_QUOTA_PDQ_ACCT;
859 if (flags & XFS_GQUOTA_ACCT)
860 uflags |= FS_QUOTA_GDQ_ACCT;
861 if (flags & XFS_UQUOTA_ENFD)
862 uflags |= FS_QUOTA_UDQ_ENFD;
863 if (flags & (XFS_OQUOTA_ENFD)) {
864 uflags |= (flags & XFS_GQUOTA_ACCT) ?
865 FS_QUOTA_GDQ_ENFD : FS_QUOTA_PDQ_ENFD;
867 return (uflags);
871 STATIC int
872 xfs_dqrele_inode(
873 struct xfs_inode *ip,
874 struct xfs_perag *pag,
875 int flags)
877 /* skip quota inodes */
878 if (ip == ip->i_mount->m_quotainfo->qi_uquotaip ||
879 ip == ip->i_mount->m_quotainfo->qi_gquotaip) {
880 ASSERT(ip->i_udquot == NULL);
881 ASSERT(ip->i_gdquot == NULL);
882 return 0;
885 xfs_ilock(ip, XFS_ILOCK_EXCL);
886 if ((flags & XFS_UQUOTA_ACCT) && ip->i_udquot) {
887 xfs_qm_dqrele(ip->i_udquot);
888 ip->i_udquot = NULL;
890 if (flags & (XFS_PQUOTA_ACCT|XFS_GQUOTA_ACCT) && ip->i_gdquot) {
891 xfs_qm_dqrele(ip->i_gdquot);
892 ip->i_gdquot = NULL;
894 xfs_iunlock(ip, XFS_ILOCK_EXCL);
895 return 0;
900 * Go thru all the inodes in the file system, releasing their dquots.
902 * Note that the mount structure gets modified to indicate that quotas are off
903 * AFTER this, in the case of quotaoff.
905 void
906 xfs_qm_dqrele_all_inodes(
907 struct xfs_mount *mp,
908 uint flags)
910 ASSERT(mp->m_quotainfo);
911 xfs_inode_ag_iterator(mp, xfs_dqrele_inode, flags);