* Copyright (c) 1982, 1986, 1990 Regents of the University of California.
* This code is derived from software contributed to Berkeley by
* Robert Elz at The University of Melbourne.
* %sccs.include.redist.c%
* @(#)ufs_quota.c 7.6 (Berkeley) %G%
#include "../ufs/quota.h"
#include "../ufs/inode.h"
#include "../ufs/ufsmount.h"
* Quota name to error message mapping.
static char *quotatypes
[] = INITQFNAMES
;
* Set up the quotas for an inode.
* This routine completely defines the semantics of quotas.
* If other criterion want to be used to establish quotas, the
* MAXQUOTAS value in quotas.h should be increased, and the
* additional dquots set up here.
register struct inode
*ip
;
struct vnode
*vp
= ITOV(ip
);
ump
= VFSTOUFS(vp
->v_mount
);
* Set up the user quota based on file uid.
* EINVAL means that quotas are not enabled.
if (ip
->i_dquot
[USRQUOTA
] == NODQUOT
&&
dqget(vp
, ip
->i_uid
, ump
, USRQUOTA
, &ip
->i_dquot
[USRQUOTA
])) &&
* Set up the group quota based on file gid.
* EINVAL means that quotas are not enabled.
if (ip
->i_dquot
[GRPQUOTA
] == NODQUOT
&&
dqget(vp
, ip
->i_gid
, ump
, GRPQUOTA
, &ip
->i_dquot
[GRPQUOTA
])) &&
* Update disk usage, and take corrective action.
chkdq(ip
, change
, cred
, flags
)
register struct inode
*ip
;
register struct dquot
*dq
;
if ((flags
& CHOWN
) == 0)
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if ((dq
= ip
->i_dquot
[i
]) == NODQUOT
)
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+1);
ncurblocks
= dq
->dq_curblocks
+ change
;
dq
->dq_curblocks
= ncurblocks
;
dq
->dq_flags
&= ~DQ_BLKS
;
if ((flags
& FORCE
) == 0 && cred
->cr_uid
!= 0) {
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if ((dq
= ip
->i_dquot
[i
]) == NODQUOT
)
if (error
= chkdqchg(ip
, change
, cred
, i
))
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if ((dq
= ip
->i_dquot
[i
]) == NODQUOT
)
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+1);
dq
->dq_curblocks
+= change
;
* Check for a valid change to a users allocation.
* Issue an error message if appropriate.
chkdqchg(ip
, change
, cred
, type
)
register struct dquot
*dq
= ip
->i_dquot
[type
];
long ncurblocks
= dq
->dq_curblocks
+ change
;
* If user would exceed their hard limit, disallow space allocation.
if (ncurblocks
>= dq
->dq_bhardlimit
&& dq
->dq_bhardlimit
) {
if ((dq
->dq_flags
& DQ_BLKS
) == 0 &&
ip
->i_uid
== cred
->cr_uid
) {
uprintf("\n%s: write failed, %s disk limit reached\n",
ip
->i_fs
->fs_fsmnt
, quotatypes
[type
]);
* If user is over their soft limit for too long, disallow space
* allocation. Reset time limit as they cross their soft limit.
if (ncurblocks
>= dq
->dq_bsoftlimit
&& dq
->dq_bsoftlimit
) {
if (dq
->dq_curblocks
< dq
->dq_bsoftlimit
) {
dq
->dq_btime
= time
.tv_sec
+
VFSTOUFS(ITOV(ip
)->v_mount
)->um_btime
[type
];
if (ip
->i_uid
== cred
->cr_uid
)
uprintf("\n%s: warning, %s %s\n",
ip
->i_fs
->fs_fsmnt
, quotatypes
[type
],
if (time
.tv_sec
> dq
->dq_btime
) {
if ((dq
->dq_flags
& DQ_BLKS
) == 0 &&
ip
->i_uid
== cred
->cr_uid
) {
uprintf("\n%s: write failed, %s %s\n",
ip
->i_fs
->fs_fsmnt
, quotatypes
[type
],
"disk quota exceeded too long");
* Check the inode limit, applying corrective action.
chkiq(ip
, change
, cred
, flags
)
register struct inode
*ip
;
register struct dquot
*dq
;
if ((flags
& CHOWN
) == 0)
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if ((dq
= ip
->i_dquot
[i
]) == NODQUOT
)
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+1);
ncurinodes
= dq
->dq_curinodes
+ change
;
dq
->dq_curinodes
= ncurinodes
;
dq
->dq_flags
&= ~DQ_INODS
;
if ((flags
& FORCE
) == 0 && cred
->cr_uid
!= 0) {
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if ((dq
= ip
->i_dquot
[i
]) == NODQUOT
)
if (error
= chkiqchg(ip
, change
, cred
, i
))
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if ((dq
= ip
->i_dquot
[i
]) == NODQUOT
)
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+1);
dq
->dq_curinodes
+= change
;
* Check for a valid change to a users allocation.
* Issue an error message if appropriate.
chkiqchg(ip
, change
, cred
, type
)
register struct dquot
*dq
= ip
->i_dquot
[type
];
long ncurinodes
= dq
->dq_curinodes
+ change
;
* If user would exceed their hard limit, disallow inode allocation.
if (ncurinodes
>= dq
->dq_ihardlimit
&& dq
->dq_ihardlimit
) {
if ((dq
->dq_flags
& DQ_INODS
) == 0 &&
ip
->i_uid
== cred
->cr_uid
) {
uprintf("\n%s: write failed, %s inode limit reached\n",
ip
->i_fs
->fs_fsmnt
, quotatypes
[type
]);
dq
->dq_flags
|= DQ_INODS
;
* If user is over their soft limit for too long, disallow inode
* allocation. Reset time limit as they cross their soft limit.
if (ncurinodes
>= dq
->dq_isoftlimit
&& dq
->dq_isoftlimit
) {
if (dq
->dq_curinodes
< dq
->dq_isoftlimit
) {
dq
->dq_itime
= time
.tv_sec
+
VFSTOUFS(ITOV(ip
)->v_mount
)->um_itime
[type
];
if (ip
->i_uid
== cred
->cr_uid
)
uprintf("\n%s: warning, %s %s\n",
ip
->i_fs
->fs_fsmnt
, quotatypes
[type
],
if (time
.tv_sec
> dq
->dq_itime
) {
if ((dq
->dq_flags
& DQ_INODS
) == 0 &&
ip
->i_uid
== cred
->cr_uid
) {
uprintf("\n%s: write failed, %s %s\n",
ip
->i_fs
->fs_fsmnt
, quotatypes
[type
],
"inode quota exceeded too long");
dq
->dq_flags
|= DQ_INODS
;
* On filesystems with quotas enabled,
* it is an error for a file to change size and not
* to have a dquot structure associated with it.
register struct inode
*ip
;
struct ufsmount
*ump
= VFSTOUFS(ITOV(ip
)->v_mount
);
for (i
= 0; i
< MAXQUOTAS
; i
++) {
if (ump
->um_quotas
[i
] == NULLVP
||
(ump
->um_qflags
[i
] & (QTF_OPENING
|QTF_CLOSING
)))
if (ip
->i_dquot
[i
] == NODQUOT
) {
vprint("chkdquot: missing dquot", ITOV(ip
));
* Code to process quotactl commands.
* Q_QUOTAON - set up a quota file for a particular file system.
quotaon(ndp
, mp
, type
, fname
)
register struct nameidata
*ndp
;
register struct ufsmount
*ump
= VFSTOUFS(mp
);
register struct vnode
*vp
, **vpp
;
vpp
= &ump
->um_quotas
[type
];
ndp
->ni_segflg
= UIO_USERSPACE
;
if (error
= vn_open(ndp
, FREAD
|FWRITE
, 0))
if (vp
->v_type
!= VREG
) {
ump
->um_qflags
[type
] |= QTF_OPENING
;
mp
->mnt_flag
|= MNT_QUOTA
;
* Save the credential of the process that turned on quotas.
* Set up the time limits for this quota.
ump
->um_cred
[type
] = ndp
->ni_cred
;
ump
->um_btime
[type
] = MAX_DQ_TIME
;
ump
->um_itime
[type
] = MAX_IQ_TIME
;
if (dqget(NULLVP
, 0, ump
, type
, &dq
) == 0) {
ump
->um_btime
[type
] = dq
->dq_btime
;
ump
->um_itime
[type
] = dq
->dq_itime
;
* Search vnodes associated with this mount point,
* adding references to quota file being opened.
* NB: only need to add dquot's for inodes being modified;
* vp->v_usecount == 0 below should use vp->v_writecnt == 0.
for (vp
= mp
->mnt_mounth
; vp
; vp
= nextvp
) {
if (error
= getinoquota(VTOI(vp
))) {
if (vp
->v_mountf
!= nextvp
|| vp
->v_mount
!= mp
)
ump
->um_qflags
[type
] &= ~QTF_OPENING
;
* Q_QUOTAOFF - turn off disk quotas for a filesystem.
register struct vnode
*vp
;
struct vnode
*qvp
, *nextvp
;
struct ufsmount
*ump
= VFSTOUFS(mp
);
register struct dquot
*dq
;
register struct inode
*ip
;
if ((mp
->mnt_flag
& MNT_MPBUSY
) == 0)
panic("quotaoff: not busy");
if ((qvp
= ump
->um_quotas
[type
]) == NULLVP
)
ump
->um_qflags
[type
] |= QTF_CLOSING
;
* Search vnodes associated with this mount point,
* deleting any references to quota file being closed.
for (vp
= mp
->mnt_mounth
; vp
; vp
= nextvp
) {
ip
->i_dquot
[type
] = NODQUOT
;
if (vp
->v_mountf
!= nextvp
|| vp
->v_mount
!= mp
)
ump
->um_quotas
[type
] = NULLVP
;
crfree(ump
->um_cred
[type
]);
ump
->um_cred
[type
] = NOCRED
;
ump
->um_qflags
[type
] &= ~QTF_CLOSING
;
for (type
= 0; type
< MAXQUOTAS
; type
++)
if (ump
->um_quotas
[type
] != NULLVP
)
mp
->mnt_flag
&= ~MNT_QUOTA
;
* Q_GETQUOTA - return current values in a dqblk structure.
getquota(mp
, id
, type
, addr
)
if (error
= dqget(NULLVP
, id
, VFSTOUFS(mp
), type
, &dq
))
error
= copyout((caddr_t
)&dq
->dq_dqb
, addr
, sizeof (struct dqblk
));
* Q_SETQUOTA - assign an entire dqblk structure.
setquota(mp
, id
, type
, addr
)
register struct dquot
*dq
;
struct ufsmount
*ump
= VFSTOUFS(mp
);
if (error
= copyin(addr
, (caddr_t
)&newlim
, sizeof (struct dqblk
)))
if (error
= dqget(NULLVP
, id
, ump
, type
, &ndq
))
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+1);
* Copy all but the current values.
* Reset time limit if previously had no soft limit or were
* under it, but now have a soft limit and are over it.
newlim
.dqb_curblocks
= dq
->dq_curblocks
;
newlim
.dqb_curinodes
= dq
->dq_curinodes
;
newlim
.dqb_btime
= dq
->dq_btime
;
newlim
.dqb_itime
= dq
->dq_itime
;
if (newlim
.dqb_bsoftlimit
&&
dq
->dq_curblocks
>= newlim
.dqb_bsoftlimit
&&
(dq
->dq_bsoftlimit
== 0 || dq
->dq_curblocks
< dq
->dq_bsoftlimit
))
newlim
.dqb_btime
= time
.tv_sec
+ ump
->um_btime
[type
];
if (newlim
.dqb_isoftlimit
&&
dq
->dq_curinodes
>= newlim
.dqb_isoftlimit
&&
(dq
->dq_isoftlimit
== 0 || dq
->dq_curinodes
< dq
->dq_isoftlimit
))
newlim
.dqb_itime
= time
.tv_sec
+ ump
->um_itime
[type
];
if (dq
->dq_curblocks
< dq
->dq_bsoftlimit
)
dq
->dq_flags
&= ~DQ_BLKS
;
if (dq
->dq_curinodes
< dq
->dq_isoftlimit
)
dq
->dq_flags
&= ~DQ_INODS
;
if (dq
->dq_isoftlimit
== 0 && dq
->dq_bsoftlimit
== 0 &&
dq
->dq_ihardlimit
== 0 && dq
->dq_bhardlimit
== 0)
dq
->dq_flags
&= ~DQ_FAKE
;
* Q_SETUSE - set current inode and block usage.
setuse(mp
, id
, type
, addr
)
register struct dquot
*dq
;
struct ufsmount
*ump
= VFSTOUFS(mp
);
if (error
= copyin(addr
, (caddr_t
)&usage
, sizeof (struct dqblk
)))
if (error
= dqget(NULLVP
, id
, ump
, type
, &ndq
))
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+1);
* Reset time limit if have a soft limit and were
* previously under it, but are now over it.
if (dq
->dq_bsoftlimit
&& dq
->dq_curblocks
< dq
->dq_bsoftlimit
&&
usage
.dqb_curblocks
>= dq
->dq_bsoftlimit
)
dq
->dq_btime
= time
.tv_sec
+ ump
->um_btime
[type
];
if (dq
->dq_isoftlimit
&& dq
->dq_curinodes
< dq
->dq_isoftlimit
&&
usage
.dqb_curinodes
>= dq
->dq_isoftlimit
)
dq
->dq_itime
= time
.tv_sec
+ ump
->um_itime
[type
];
dq
->dq_curblocks
= usage
.dqb_curblocks
;
dq
->dq_curinodes
= usage
.dqb_curinodes
;
if (dq
->dq_curblocks
< dq
->dq_bsoftlimit
)
dq
->dq_flags
&= ~DQ_BLKS
;
if (dq
->dq_curinodes
< dq
->dq_isoftlimit
)
dq
->dq_flags
&= ~DQ_INODS
;
* Q_SYNC - sync quota files to disk.
struct ufsmount
*ump
= VFSTOUFS(mp
);
register struct vnode
*vp
, *nextvp
;
register struct dquot
*dq
;
* Search vnodes associated with this mount point,
* synchronizing any modified dquot structures.
if ((mp
->mnt_flag
& MNT_MPBUSY
) == 0)
panic("qsync: not busy");
for (vp
= mp
->mnt_mounth
; vp
; vp
= nextvp
) {
for (i
= 0; i
< MAXQUOTAS
; i
++) {
dq
= VTOI(vp
)->i_dquot
[i
];
if (dq
!= NODQUOT
&& (dq
->dq_flags
& DQ_MOD
))
if (vp
->v_mountf
!= nextvp
|| vp
->v_mount
!= mp
)
* Code pertaining to management of the in-core dquot data structures.
* Dquot cache - hash chain headers.
union dqhead
*dqh_head
[2];
struct dquot
*dqh_chain
[2];
#define dqh_forw dqh_chain[0]
#define dqh_back dqh_chain[1]
#define DQUOTINC 5 /* minimum free dquots desired */
struct dquot
*dqfreel
, **dqback
= &dqfreel
;
long numdquot
, desireddquot
= DQUOTINC
;
* Initialize the quota system.
register union dqhead
*dhp
;
register long dqhashsize
;
dqhashsize
= roundup((desiredvnodes
+ 1) * sizeof *dhp
/ 2,
dqhashtbl
= (union dqhead
*)malloc(dqhashsize
, M_DQUOT
, M_WAITOK
);
for (dqhash
= 1; dqhash
<= dqhashsize
/ sizeof *dhp
; dqhash
<<= 1)
dqhash
= (dqhash
>> 1) - 1;
for (dhp
= &dqhashtbl
[dqhash
]; dhp
>= dqhashtbl
; dhp
--) {
* Obtain a dquot structure for the specified identifier and quota file
* reading the information from the file if necessary.
dqget(vp
, id
, ump
, type
, dqp
)
register struct ufsmount
*ump
;
register struct dquot
*dq
;
register union dqhead
*dh
;
register struct dquot
*dp
;
register struct vnode
*dqvp
;
dqvp
= ump
->um_quotas
[type
];
if (dqvp
== NULLVP
|| (ump
->um_qflags
[type
] & QTF_CLOSING
)) {
dh
= &dqhashtbl
[((((int)(dqvp
)) >> 8) + id
) & dqhash
];
for (dq
= dh
->dqh_forw
; dq
!= (struct dquot
*)dh
; dq
= dq
->dq_forw
) {
dq
->dq_ump
->um_quotas
[dq
->dq_type
] != dqvp
)
* Cache hit with no references. Take
* the structure off the free list.
dp
->dq_freeb
= dq
->dq_freeb
;
* Not in cache, allocate a new one.
if (dqfreel
== NODQUOT
&& numdquot
< MAXQUOTAS
* desiredvnodes
)
desireddquot
+= DQUOTINC
;
if (numdquot
< desireddquot
) {
dq
= (struct dquot
*)malloc(sizeof *dq
, M_DQUOT
, M_WAITOK
);
bzero((char *)dq
, sizeof *dq
);
if ((dq
= dqfreel
) == NULL
) {
if (dq
->dq_cnt
|| (dq
->dq_flags
& DQ_MOD
))
panic("free dquot isn't");
if ((dp
= dq
->dq_freef
) != NODQUOT
)
* Initialize the contents of the dquot structure.
aiov
.iov_base
= (caddr_t
)&dq
->dq_dqb
;
aiov
.iov_len
= sizeof (struct dqblk
);
auio
.uio_resid
= sizeof (struct dqblk
);
auio
.uio_offset
= (off_t
)(id
* sizeof (struct dqblk
));
auio
.uio_segflg
= UIO_SYSSPACE
;
error
= VOP_READ(dqvp
, &auio
, 0, ump
->um_cred
[type
]);
if (auio
.uio_resid
== sizeof(struct dqblk
) && error
== 0)
bzero((caddr_t
)&dq
->dq_dqb
, sizeof(struct dqblk
));
if (dq
->dq_flags
& DQ_WANT
)
* I/O error in reading quota file, release
* quota structure and reflect problem to caller.
dq
->dq_forw
= dq
; /* on a private, unfindable hash list */
* Check for no limit to enforce.
* Initialize time values if necessary.
if (dq
->dq_isoftlimit
== 0 && dq
->dq_bsoftlimit
== 0 &&
dq
->dq_ihardlimit
== 0 && dq
->dq_bhardlimit
== 0)
dq
->dq_btime
= time
.tv_sec
+ ump
->um_btime
[type
];
dq
->dq_itime
= time
.tv_sec
+ ump
->um_itime
[type
];
* Obtain a reference to a dquot.
* Release a reference to a dquot.
register struct dquot
*dq
;
if (dq
->dq_flags
& DQ_MOD
)
if (dqfreel
!= NODQUOT
) {
* Update the disk quota in the quota file.
register struct dquot
*dq
;
if ((dq
->dq_flags
& DQ_MOD
) == 0)
if ((dqvp
= dq
->dq_ump
->um_quotas
[dq
->dq_type
]) == NULLVP
)
while (dq
->dq_flags
& DQ_LOCK
) {
sleep((caddr_t
)dq
, PINOD
+2);
if ((dq
->dq_flags
& DQ_MOD
) == 0) {
aiov
.iov_base
= (caddr_t
)&dq
->dq_dqb
;
aiov
.iov_len
= sizeof (struct dqblk
);
auio
.uio_resid
= sizeof (struct dqblk
);
auio
.uio_offset
= (off_t
)(dq
->dq_id
* sizeof (struct dqblk
));
auio
.uio_segflg
= UIO_SYSSPACE
;
error
= VOP_WRITE(dqvp
, &auio
, 0, dq
->dq_ump
->um_cred
[dq
->dq_type
]);
if (auio
.uio_resid
&& error
== 0)
if (dq
->dq_flags
& DQ_WANT
)
dq
->dq_flags
&= ~(DQ_MOD
|DQ_LOCK
|DQ_WANT
);
* Flush all entries from the cache for a particular vnode.
register struct vnode
*vp
;
register union dqhead
*dh
;
register struct dquot
*dq
, *nextdq
;
* Move all dquot's that used to refer to this quota
* file off their hash chains (they will eventually
* fall off the head of the free list and be re-used).
for (dh
= &dqhashtbl
[dqhash
]; dh
>= dqhashtbl
; dh
--) {
for (dq
= dh
->dqh_forw
; dq
!= (struct dquot
*)dh
; dq
= nextdq
) {
if (dq
->dq_ump
->um_quotas
[dq
->dq_type
] != vp
)
panic("dqflush: stray dquot");
dq
->dq_ump
= (struct ufsmount
*)0;