2 * Copyright (c) 1982, 1986, 1990, 1993, 1995
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Robert Elz at The University of Melbourne.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#)ufs_quota.c 8.5 (Berkeley) 5/20/95
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
40 #include <sys/param.h>
41 #include <sys/systm.h>
42 #include <sys/fcntl.h>
43 #include <sys/kernel.h>
45 #include <sys/malloc.h>
46 #include <sys/mount.h>
47 #include <sys/mutex.h>
48 #include <sys/namei.h>
51 #include <sys/socket.h>
53 #include <sys/sysctl.h>
54 #include <sys/vnode.h>
56 #include <ufs/ufs/extattr.h>
57 #include <ufs/ufs/quota.h>
58 #include <ufs/ufs/inode.h>
59 #include <ufs/ufs/ufsmount.h>
60 #include <ufs/ufs/ufs_extern.h>
62 static int unprivileged_get_quota = 0;
63 SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_get_quota, CTLFLAG_RW,
64 &unprivileged_get_quota, 0,
65 "Unprivileged processes may retrieve quotas for other uids and gids");
67 static MALLOC_DEFINE(M_DQUOT, "ufs_quota", "UFS quota entries");
70 * Quota name to error message mapping.
72 static char *quotatypes[] = INITQFNAMES;
74 static int chkdqchg(struct inode *, ufs2_daddr_t, struct ucred *, int);
75 static int chkiqchg(struct inode *, int, struct ucred *, int);
76 static int dqget(struct vnode *,
77 u_long, struct ufsmount *, int, struct dquot **);
78 static int dqsync(struct vnode *, struct dquot *);
79 static void dqflush(struct vnode *);
82 static void dqref(struct dquot *);
83 static void chkdquot(struct inode *);
87 * Set up the quotas for an inode.
89 * This routine completely defines the semantics of quotas.
90 * If other criterion want to be used to establish quotas, the
91 * MAXQUOTAS value in quotas.h should be increased, and the
92 * additional dquots set up here.
105 * Disk quotas must be turned off for system files. Currently
106 * snapshot and quota files.
108 if ((vp->v_vflag & VV_SYSTEM) != 0)
111 * XXX: Turn off quotas for files with a negative UID or GID.
112 * This prevents the creation of 100GB+ quota files.
114 if ((int)ip->i_uid < 0 || (int)ip->i_gid < 0)
116 ump = VFSTOUFS(vp->v_mount);
118 * Set up the user quota based on file uid.
119 * EINVAL means that quotas are not enabled.
121 if (ip->i_dquot[USRQUOTA] == NODQUOT &&
123 dqget(vp, ip->i_uid, ump, USRQUOTA, &ip->i_dquot[USRQUOTA])) &&
127 * Set up the group quota based on file gid.
128 * EINVAL means that quotas are not enabled.
130 if (ip->i_dquot[GRPQUOTA] == NODQUOT &&
132 dqget(vp, ip->i_gid, ump, GRPQUOTA, &ip->i_dquot[GRPQUOTA])) &&
139 * Update disk usage, and take corrective action.
142 chkdq(ip, change, cred, flags)
149 ufs2_daddr_t ncurblocks;
150 struct vnode *vp = ITOV(ip);
154 * Disk quotas must be turned off for system files. Currently
155 * snapshot and quota files.
157 if ((vp->v_vflag & VV_SYSTEM) != 0)
160 * XXX: Turn off quotas for files with a negative UID or GID.
161 * This prevents the creation of 100GB+ quota files.
163 if ((int)ip->i_uid < 0 || (int)ip->i_gid < 0)
166 if ((flags & CHOWN) == 0)
172 for (i = 0; i < MAXQUOTAS; i++) {
173 if ((dq = ip->i_dquot[i]) == NODQUOT)
175 while (dq->dq_flags & DQ_LOCK) {
176 dq->dq_flags |= DQ_WANT;
177 (void) tsleep(dq, PINOD+1, "chkdq1", 0);
179 ncurblocks = dq->dq_curblocks + change;
181 dq->dq_curblocks = ncurblocks;
183 dq->dq_curblocks = 0;
184 dq->dq_flags &= ~DQ_BLKS;
185 dq->dq_flags |= DQ_MOD;
189 if ((flags & FORCE) == 0 && priv_check_cred(cred,
190 PRIV_VFS_EXCEEDQUOTA, 0)) {
191 for (i = 0; i < MAXQUOTAS; i++) {
192 if ((dq = ip->i_dquot[i]) == NODQUOT)
194 error = chkdqchg(ip, change, cred, i);
199 for (i = 0; i < MAXQUOTAS; i++) {
200 if ((dq = ip->i_dquot[i]) == NODQUOT)
202 while (dq->dq_flags & DQ_LOCK) {
203 dq->dq_flags |= DQ_WANT;
204 (void) tsleep(dq, PINOD+1, "chkdq2", 0);
206 /* Reset timer when crossing soft limit */
207 if (dq->dq_curblocks + change >= dq->dq_bsoftlimit &&
208 dq->dq_curblocks < dq->dq_bsoftlimit)
209 dq->dq_btime = time_second +
210 VFSTOUFS(ITOV(ip)->v_mount)->um_btime[i];
211 dq->dq_curblocks += change;
212 dq->dq_flags |= DQ_MOD;
218 * Check for a valid change to a users allocation.
219 * Issue an error message if appropriate.
222 chkdqchg(ip, change, cred, type)
228 struct dquot *dq = ip->i_dquot[type];
229 ufs2_daddr_t ncurblocks = dq->dq_curblocks + change;
232 * If user would exceed their hard limit, disallow space allocation.
234 if (ncurblocks >= dq->dq_bhardlimit && dq->dq_bhardlimit) {
235 if ((dq->dq_flags & DQ_BLKS) == 0 &&
236 ip->i_uid == cred->cr_uid) {
237 uprintf("\n%s: write failed, %s disk limit reached\n",
238 ITOV(ip)->v_mount->mnt_stat.f_mntonname,
240 dq->dq_flags |= DQ_BLKS;
245 * If user is over their soft limit for too long, disallow space
246 * allocation. Reset time limit as they cross their soft limit.
248 if (ncurblocks >= dq->dq_bsoftlimit && dq->dq_bsoftlimit) {
249 if (dq->dq_curblocks < dq->dq_bsoftlimit) {
250 dq->dq_btime = time_second +
251 VFSTOUFS(ITOV(ip)->v_mount)->um_btime[type];
252 if (ip->i_uid == cred->cr_uid)
253 uprintf("\n%s: warning, %s %s\n",
254 ITOV(ip)->v_mount->mnt_stat.f_mntonname,
255 quotatypes[type], "disk quota exceeded");
258 if (time_second > dq->dq_btime) {
259 if ((dq->dq_flags & DQ_BLKS) == 0 &&
260 ip->i_uid == cred->cr_uid) {
261 uprintf("\n%s: write failed, %s %s\n",
262 ITOV(ip)->v_mount->mnt_stat.f_mntonname,
264 "disk quota exceeded for too long");
265 dq->dq_flags |= DQ_BLKS;
274 * Check the inode limit, applying corrective action.
277 chkiq(ip, change, cred, flags)
288 if ((flags & CHOWN) == 0)
294 for (i = 0; i < MAXQUOTAS; i++) {
295 if ((dq = ip->i_dquot[i]) == NODQUOT)
297 while (dq->dq_flags & DQ_LOCK) {
298 dq->dq_flags |= DQ_WANT;
299 (void) tsleep(dq, PINOD+1, "chkiq1", 0);
301 ncurinodes = dq->dq_curinodes + change;
302 /* XXX: ncurinodes is unsigned */
303 if (dq->dq_curinodes != 0 && ncurinodes >= 0)
304 dq->dq_curinodes = ncurinodes;
306 dq->dq_curinodes = 0;
307 dq->dq_flags &= ~DQ_INODS;
308 dq->dq_flags |= DQ_MOD;
312 if ((flags & FORCE) == 0 && priv_check_cred(cred,
313 PRIV_VFS_EXCEEDQUOTA, 0)) {
314 for (i = 0; i < MAXQUOTAS; i++) {
315 if ((dq = ip->i_dquot[i]) == NODQUOT)
317 error = chkiqchg(ip, change, cred, i);
322 for (i = 0; i < MAXQUOTAS; i++) {
323 if ((dq = ip->i_dquot[i]) == NODQUOT)
325 while (dq->dq_flags & DQ_LOCK) {
326 dq->dq_flags |= DQ_WANT;
327 (void) tsleep(dq, PINOD+1, "chkiq2", 0);
329 /* Reset timer when crossing soft limit */
330 if (dq->dq_curinodes + change >= dq->dq_isoftlimit &&
331 dq->dq_curinodes < dq->dq_isoftlimit)
332 dq->dq_itime = time_second +
333 VFSTOUFS(ITOV(ip)->v_mount)->um_itime[i];
334 dq->dq_curinodes += change;
335 dq->dq_flags |= DQ_MOD;
341 * Check for a valid change to a users allocation.
342 * Issue an error message if appropriate.
345 chkiqchg(ip, change, cred, type)
351 struct dquot *dq = ip->i_dquot[type];
352 ino_t ncurinodes = dq->dq_curinodes + change;
355 * If user would exceed their hard limit, disallow inode allocation.
357 if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) {
358 if ((dq->dq_flags & DQ_INODS) == 0 &&
359 ip->i_uid == cred->cr_uid) {
360 uprintf("\n%s: write failed, %s inode limit reached\n",
361 ITOV(ip)->v_mount->mnt_stat.f_mntonname,
363 dq->dq_flags |= DQ_INODS;
368 * If user is over their soft limit for too long, disallow inode
369 * allocation. Reset time limit as they cross their soft limit.
371 if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) {
372 if (dq->dq_curinodes < dq->dq_isoftlimit) {
373 dq->dq_itime = time_second +
374 VFSTOUFS(ITOV(ip)->v_mount)->um_itime[type];
375 if (ip->i_uid == cred->cr_uid)
376 uprintf("\n%s: warning, %s %s\n",
377 ITOV(ip)->v_mount->mnt_stat.f_mntonname,
378 quotatypes[type], "inode quota exceeded");
381 if (time_second > dq->dq_itime) {
382 if ((dq->dq_flags & DQ_INODS) == 0 &&
383 ip->i_uid == cred->cr_uid) {
384 uprintf("\n%s: write failed, %s %s\n",
385 ITOV(ip)->v_mount->mnt_stat.f_mntonname,
387 "inode quota exceeded for too long");
388 dq->dq_flags |= DQ_INODS;
398 * On filesystems with quotas enabled, it is an error for a file to change
399 * size and not to have a dquot structure associated with it.
405 struct ufsmount *ump = VFSTOUFS(ITOV(ip)->v_mount);
406 struct vnode *vp = ITOV(ip);
410 * Disk quotas must be turned off for system files. Currently
411 * these are snapshots and quota files.
413 if ((vp->v_vflag & VV_SYSTEM) != 0)
416 * XXX: Turn off quotas for files with a negative UID or GID.
417 * This prevents the creation of 100GB+ quota files.
419 if ((int)ip->i_uid < 0 || (int)ip->i_gid < 0)
421 for (i = 0; i < MAXQUOTAS; i++) {
422 if (ump->um_quotas[i] == NULLVP ||
423 (ump->um_qflags[i] & (QTF_OPENING|QTF_CLOSING)))
425 if (ip->i_dquot[i] == NODQUOT) {
426 vprint("chkdquot: missing dquot", ITOV(ip));
427 panic("chkdquot: missing dquot");
434 * Code to process quotactl commands.
438 * Q_QUOTAON - set up a quota file for a particular filesystem.
441 quotaon(td, mp, type, fname)
447 struct ufsmount *ump;
448 struct vnode *vp, **vpp;
454 error = priv_check_cred(td->td_ucred, PRIV_UFS_QUOTAON, 0);
459 vpp = &ump->um_quotas[type];
460 NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, fname, td);
461 flags = FREAD | FWRITE;
462 error = vn_open(&nd, &flags, 0, -1);
465 NDFREE(&nd, NDF_ONLY_PNBUF);
467 VOP_UNLOCK(vp, 0, td);
468 if (vp->v_type != VREG) {
469 (void) vn_close(vp, FREAD|FWRITE, td->td_ucred, td);
473 quotaoff(td, mp, type);
474 ump->um_qflags[type] |= QTF_OPENING;
476 mp->mnt_flag |= MNT_QUOTA;
478 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
479 vp->v_vflag |= VV_SYSTEM;
480 VOP_UNLOCK(vp, 0, td);
483 * Save the credential of the process that turned on quotas.
484 * Set up the time limits for this quota.
486 ump->um_cred[type] = crhold(td->td_ucred);
487 ump->um_btime[type] = MAX_DQ_TIME;
488 ump->um_itime[type] = MAX_IQ_TIME;
489 if (dqget(NULLVP, 0, ump, type, &dq) == 0) {
490 if (dq->dq_btime > 0)
491 ump->um_btime[type] = dq->dq_btime;
492 if (dq->dq_itime > 0)
493 ump->um_itime[type] = dq->dq_itime;
497 * Search vnodes associated with this mount point,
498 * adding references to quota file being opened.
499 * NB: only need to add dquot's for inodes being modified.
503 MNT_VNODE_FOREACH(vp, mp, mvp) {
506 if (vget(vp, LK_EXCLUSIVE | LK_INTERLOCK, td)) {
508 MNT_VNODE_FOREACH_ABORT_ILOCKED(mp, mvp);
511 if (vp->v_type == VNON || vp->v_writecount == 0) {
512 VOP_UNLOCK(vp, 0, td);
517 error = getinoquota(VTOI(vp));
518 VOP_UNLOCK(vp, 0, td);
522 MNT_VNODE_FOREACH_ABORT_ILOCKED(mp, mvp);
527 ump->um_qflags[type] &= ~QTF_OPENING;
529 quotaoff(td, mp, type);
534 * Q_QUOTAOFF - turn off disk quotas for a filesystem.
537 quotaoff(td, mp, type)
543 struct vnode *qvp, *mvp;
544 struct ufsmount *ump;
549 error = priv_check_cred(td->td_ucred, PRIV_UFS_QUOTAOFF, 0);
554 if ((qvp = ump->um_quotas[type]) == NULLVP)
556 ump->um_qflags[type] |= QTF_CLOSING;
558 * Search vnodes associated with this mount point,
559 * deleting any references to quota file being closed.
563 MNT_VNODE_FOREACH(vp, mp, mvp) {
566 if (vp->v_type == VNON) {
571 if (vget(vp, LK_EXCLUSIVE | LK_INTERLOCK, td)) {
573 MNT_VNODE_FOREACH_ABORT_ILOCKED(mp, mvp);
577 dq = ip->i_dquot[type];
578 ip->i_dquot[type] = NODQUOT;
580 VOP_UNLOCK(vp, 0, td);
586 vn_lock(qvp, LK_EXCLUSIVE | LK_RETRY, td);
587 qvp->v_vflag &= ~VV_SYSTEM;
588 VOP_UNLOCK(qvp, 0, td);
589 error = vn_close(qvp, FREAD|FWRITE, td->td_ucred, td);
590 ump->um_quotas[type] = NULLVP;
591 crfree(ump->um_cred[type]);
592 ump->um_cred[type] = NOCRED;
593 ump->um_qflags[type] &= ~QTF_CLOSING;
594 for (type = 0; type < MAXQUOTAS; type++)
595 if (ump->um_quotas[type] != NULLVP)
597 if (type == MAXQUOTAS) {
599 mp->mnt_flag &= ~MNT_QUOTA;
606 * Q_GETQUOTA - return current values in a dqblk structure.
609 getquota(td, mp, id, type, addr)
621 if ((td->td_ucred->cr_uid != id) && !unprivileged_get_quota) {
622 error = priv_check_cred(td->td_ucred,
623 PRIV_VFS_GETQUOTA, SUSER_ALLOWJAIL);
630 if (!groupmember(id, td->td_ucred) &&
631 !unprivileged_get_quota) {
632 error = priv_check_cred(td->td_ucred,
633 PRIV_VFS_GETQUOTA, SUSER_ALLOWJAIL);
643 error = dqget(NULLVP, id, VFSTOUFS(mp), type, &dq);
646 error = copyout(&dq->dq_dqb, addr, sizeof (struct dqblk));
652 * Q_SETQUOTA - assign an entire dqblk structure.
655 setquota(td, mp, id, type, addr)
664 struct ufsmount *ump;
668 error = priv_check_cred(td->td_ucred, PRIV_VFS_SETQUOTA,
674 error = copyin(addr, &newlim, sizeof (struct dqblk));
677 error = dqget(NULLVP, id, ump, type, &ndq);
681 while (dq->dq_flags & DQ_LOCK) {
682 dq->dq_flags |= DQ_WANT;
683 (void) tsleep(dq, PINOD+1, "setqta", 0);
686 * Copy all but the current values.
687 * Reset time limit if previously had no soft limit or were
688 * under it, but now have a soft limit and are over it.
690 newlim.dqb_curblocks = dq->dq_curblocks;
691 newlim.dqb_curinodes = dq->dq_curinodes;
692 if (dq->dq_id != 0) {
693 newlim.dqb_btime = dq->dq_btime;
694 newlim.dqb_itime = dq->dq_itime;
696 if (newlim.dqb_bsoftlimit &&
697 dq->dq_curblocks >= newlim.dqb_bsoftlimit &&
698 (dq->dq_bsoftlimit == 0 || dq->dq_curblocks < dq->dq_bsoftlimit))
699 newlim.dqb_btime = time_second + ump->um_btime[type];
700 if (newlim.dqb_isoftlimit &&
701 dq->dq_curinodes >= newlim.dqb_isoftlimit &&
702 (dq->dq_isoftlimit == 0 || dq->dq_curinodes < dq->dq_isoftlimit))
703 newlim.dqb_itime = time_second + ump->um_itime[type];
705 if (dq->dq_curblocks < dq->dq_bsoftlimit)
706 dq->dq_flags &= ~DQ_BLKS;
707 if (dq->dq_curinodes < dq->dq_isoftlimit)
708 dq->dq_flags &= ~DQ_INODS;
709 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 &&
710 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0)
711 dq->dq_flags |= DQ_FAKE;
713 dq->dq_flags &= ~DQ_FAKE;
714 dq->dq_flags |= DQ_MOD;
720 * Q_SETUSE - set current inode and block usage.
723 setuse(td, mp, id, type, addr)
731 struct ufsmount *ump;
736 error = priv_check_cred(td->td_ucred, PRIV_UFS_SETUSE, 0);
741 error = copyin(addr, &usage, sizeof (struct dqblk));
744 error = dqget(NULLVP, id, ump, type, &ndq);
748 while (dq->dq_flags & DQ_LOCK) {
749 dq->dq_flags |= DQ_WANT;
750 (void) tsleep(dq, PINOD+1, "setuse", 0);
753 * Reset time limit if have a soft limit and were
754 * previously under it, but are now over it.
756 if (dq->dq_bsoftlimit && dq->dq_curblocks < dq->dq_bsoftlimit &&
757 usage.dqb_curblocks >= dq->dq_bsoftlimit)
758 dq->dq_btime = time_second + ump->um_btime[type];
759 if (dq->dq_isoftlimit && dq->dq_curinodes < dq->dq_isoftlimit &&
760 usage.dqb_curinodes >= dq->dq_isoftlimit)
761 dq->dq_itime = time_second + ump->um_itime[type];
762 dq->dq_curblocks = usage.dqb_curblocks;
763 dq->dq_curinodes = usage.dqb_curinodes;
764 if (dq->dq_curblocks < dq->dq_bsoftlimit)
765 dq->dq_flags &= ~DQ_BLKS;
766 if (dq->dq_curinodes < dq->dq_isoftlimit)
767 dq->dq_flags &= ~DQ_INODS;
768 dq->dq_flags |= DQ_MOD;
774 * Q_SYNC - sync quota files to disk.
780 struct ufsmount *ump = VFSTOUFS(mp);
781 struct thread *td = curthread; /* XXX */
782 struct vnode *vp, *mvp;
787 * Check if the mount point has any quotas.
788 * If not, simply return.
790 for (i = 0; i < MAXQUOTAS; i++)
791 if (ump->um_quotas[i] != NULLVP)
796 * Search vnodes associated with this mount point,
797 * synchronizing any modified dquot structures.
801 MNT_VNODE_FOREACH(vp, mp, mvp) {
804 if (vp->v_type == VNON) {
809 error = vget(vp, LK_EXCLUSIVE | LK_INTERLOCK, td);
812 if (error == ENOENT) {
813 MNT_VNODE_FOREACH_ABORT_ILOCKED(mp, mvp);
818 for (i = 0; i < MAXQUOTAS; i++) {
819 dq = VTOI(vp)->i_dquot[i];
820 if (dq != NODQUOT && (dq->dq_flags & DQ_MOD))
831 * Code pertaining to management of the in-core dquot data structures.
833 #define DQHASH(dqvp, id) \
834 (&dqhashtbl[((((intptr_t)(dqvp)) >> 8) + id) & dqhash])
835 static LIST_HEAD(dqhash, dquot) *dqhashtbl;
836 static u_long dqhash;
841 #define DQUOTINC 5 /* minimum free dquots desired */
842 static TAILQ_HEAD(dqfreelist, dquot) dqfreelist;
843 static long numdquot, desireddquot = DQUOTINC;
846 * Initialize the quota system.
852 dqhashtbl = hashinit(desiredvnodes, M_DQUOT, &dqhash);
853 TAILQ_INIT(&dqfreelist);
857 * Shut down the quota system.
864 hashdestroy(dqhashtbl, M_DQUOT, dqhash);
865 while ((dq = TAILQ_FIRST(&dqfreelist)) != NULL) {
866 TAILQ_REMOVE(&dqfreelist, dq, dq_freelist);
872 * Obtain a dquot structure for the specified identifier and quota file
873 * reading the information from the file if necessary.
876 dqget(vp, id, ump, type, dqp)
879 struct ufsmount *ump;
883 struct thread *td = curthread; /* XXX */
891 /* XXX: Disallow negative id values to prevent the
892 * creation of 100GB+ quota data files.
896 dqvp = ump->um_quotas[type];
897 if (dqvp == NULLVP || (ump->um_qflags[type] & QTF_CLOSING)) {
902 * Check the cache first.
904 dqh = DQHASH(dqvp, id);
905 LIST_FOREACH(dq, dqh, dq_hash) {
906 if (dq->dq_id != id ||
907 dq->dq_ump->um_quotas[dq->dq_type] != dqvp)
910 * Cache hit with no references. Take
911 * the structure off the free list.
914 TAILQ_REMOVE(&dqfreelist, dq, dq_freelist);
920 * Not in cache, allocate a new one.
922 if (TAILQ_FIRST(&dqfreelist) == NODQUOT &&
923 numdquot < MAXQUOTAS * desiredvnodes)
924 desireddquot += DQUOTINC;
925 if (numdquot < desireddquot) {
926 dq = (struct dquot *)malloc(sizeof *dq, M_DQUOT,
930 if ((dq = TAILQ_FIRST(&dqfreelist)) == NULL) {
935 if (dq->dq_cnt || (dq->dq_flags & DQ_MOD))
936 panic("dqget: free dquot isn't");
937 TAILQ_REMOVE(&dqfreelist, dq, dq_freelist);
938 if (dq->dq_ump != NULL)
939 LIST_REMOVE(dq, dq_hash);
942 * Initialize the contents of the dquot structure.
945 vn_lock(dqvp, LK_EXCLUSIVE | LK_RETRY, td);
946 LIST_INSERT_HEAD(dqh, dq, dq_hash);
948 dq->dq_flags = DQ_LOCK;
952 auio.uio_iov = &aiov;
954 aiov.iov_base = &dq->dq_dqb;
955 aiov.iov_len = sizeof (struct dqblk);
956 auio.uio_resid = sizeof (struct dqblk);
957 auio.uio_offset = (off_t)id * sizeof (struct dqblk);
958 auio.uio_segflg = UIO_SYSSPACE;
959 auio.uio_rw = UIO_READ;
960 auio.uio_td = (struct thread *)0;
961 error = VOP_READ(dqvp, &auio, 0, ump->um_cred[type]);
962 if (auio.uio_resid == sizeof(struct dqblk) && error == 0)
963 bzero(&dq->dq_dqb, sizeof(struct dqblk));
965 VOP_UNLOCK(dqvp, 0, td);
966 if (dq->dq_flags & DQ_WANT)
970 * I/O error in reading quota file, release
971 * quota structure and reflect problem to caller.
974 LIST_REMOVE(dq, dq_hash);
980 * Check for no limit to enforce.
981 * Initialize time values if necessary.
983 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 &&
984 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0)
985 dq->dq_flags |= DQ_FAKE;
986 if (dq->dq_id != 0) {
987 if (dq->dq_btime == 0) {
988 dq->dq_btime = time_second + ump->um_btime[type];
989 if (dq->dq_bsoftlimit &&
990 dq->dq_curblocks >= dq->dq_bsoftlimit)
991 dq->dq_flags |= DQ_MOD;
993 if (dq->dq_itime == 0) {
994 dq->dq_itime = time_second + ump->um_itime[type];
995 if (dq->dq_isoftlimit &&
996 dq->dq_curinodes >= dq->dq_isoftlimit)
997 dq->dq_flags |= DQ_MOD;
1006 * Obtain a reference to a dquot.
1018 * Release a reference to a dquot.
1028 if (dq->dq_cnt > 1) {
1032 if (dq->dq_flags & DQ_MOD)
1033 (void) dqsync(vp, dq);
1034 if (--dq->dq_cnt > 0)
1036 TAILQ_INSERT_TAIL(&dqfreelist, dq, dq_freelist);
1040 * Update the disk quota in the quota file.
1047 struct thread *td = curthread; /* XXX */
1056 panic("dqsync: dquot");
1057 if ((dq->dq_flags & DQ_MOD) == 0)
1059 if ((dqvp = dq->dq_ump->um_quotas[dq->dq_type]) == NULLVP)
1060 panic("dqsync: file");
1061 (void) vn_start_secondary_write(dqvp, &mp, V_WAIT);
1063 vn_lock(dqvp, LK_EXCLUSIVE | LK_RETRY, td);
1064 while (dq->dq_flags & DQ_LOCK) {
1065 dq->dq_flags |= DQ_WANT;
1066 (void) tsleep(dq, PINOD+2, "dqsync", 0);
1067 if ((dq->dq_flags & DQ_MOD) == 0) {
1069 VOP_UNLOCK(dqvp, 0, td);
1070 vn_finished_secondary_write(mp);
1074 dq->dq_flags |= DQ_LOCK;
1075 auio.uio_iov = &aiov;
1076 auio.uio_iovcnt = 1;
1077 aiov.iov_base = &dq->dq_dqb;
1078 aiov.iov_len = sizeof (struct dqblk);
1079 auio.uio_resid = sizeof (struct dqblk);
1080 auio.uio_offset = (off_t)dq->dq_id * sizeof (struct dqblk);
1081 auio.uio_segflg = UIO_SYSSPACE;
1082 auio.uio_rw = UIO_WRITE;
1083 auio.uio_td = (struct thread *)0;
1084 error = VOP_WRITE(dqvp, &auio, 0, dq->dq_ump->um_cred[dq->dq_type]);
1085 if (auio.uio_resid && error == 0)
1087 if (dq->dq_flags & DQ_WANT)
1089 dq->dq_flags &= ~(DQ_MOD|DQ_LOCK|DQ_WANT);
1091 VOP_UNLOCK(dqvp, 0, td);
1092 vn_finished_secondary_write(mp);
1097 * Flush all entries from the cache for a particular vnode.
1103 struct dquot *dq, *nextdq;
1107 * Move all dquot's that used to refer to this quota
1108 * file off their hash chains (they will eventually
1109 * fall off the head of the free list and be re-used).
1111 for (dqh = &dqhashtbl[dqhash]; dqh >= dqhashtbl; dqh--) {
1112 for (dq = LIST_FIRST(dqh); dq; dq = nextdq) {
1113 nextdq = LIST_NEXT(dq, dq_hash);
1114 if (dq->dq_ump->um_quotas[dq->dq_type] != vp)
1117 panic("dqflush: stray dquot");
1118 LIST_REMOVE(dq, dq_hash);
1119 dq->dq_ump = (struct ufsmount *)0;